diff options
| author | David Chinner <dgc@sgi.com> | 2006-11-11 02:05:00 -0500 |
|---|---|---|
| committer | Tim Shimmin <tes@sgi.com> | 2006-11-11 02:05:00 -0500 |
| commit | 4c60658e0f4e253cf275f12b7c76bf128515a774 (patch) | |
| tree | 72d591ce30b7bcc8e08b20aa325ac4360921f028 /fs/xfs/xfs_iget.c | |
| parent | 7a18c386078eaf17ae54595f66c0d64d9c1cb29c (diff) | |
[XFS] Prevent a deadlock when xfslogd unpins inodes.
The previous fixes for the use after free in xfs_iunpin left a nasty log
deadlock when xfslogd unpinned the inode and dropped the last reference to
the inode. the ->clear_inode() method can issue transactions, and if the
log was full, the transaction could push on the log and get stuck trying
to push the inode it was currently unpinning.
To fix this, we provide xfs_iunpin a guarantee that it will always have a
valid xfs_inode <-> linux inode link or a particular flag will be set on
the inode. We then use log forces during lookup to ensure transactions are
completed before we recycle the inode. This ensures that xfs_iunpin will
never use the linux inode after it is being freed, and any lookup on an
inode on the reclaim list will wait until it is safe to attach a new linux
inode to the xfs inode.
SGI-PV: 956832
SGI-Modid: xfs-linux-melb:xfs-kern:27359a
Signed-off-by: David Chinner <dgc@sgi.com>
Signed-off-by: Shailendra Tripathi <stripathi@agami.com>
Signed-off-by: Takenori Nagano <t-nagano@ah.jp.nec.com>
Signed-off-by: Tim Shimmin <tes@sgi.com>
Diffstat (limited to 'fs/xfs/xfs_iget.c')
| -rw-r--r-- | fs/xfs/xfs_iget.c | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/fs/xfs/xfs_iget.c b/fs/xfs/xfs_iget.c index 4b0c1881d6d5..c1c89dac19cc 100644 --- a/fs/xfs/xfs_iget.c +++ b/fs/xfs/xfs_iget.c | |||
| @@ -237,6 +237,36 @@ again: | |||
| 237 | 237 | ||
| 238 | goto again; | 238 | goto again; |
| 239 | } | 239 | } |
| 240 | ASSERT(xfs_iflags_test(ip, XFS_IRECLAIMABLE)); | ||
| 241 | |||
| 242 | /* | ||
| 243 | * If lookup is racing with unlink, then we | ||
| 244 | * should return an error immediately so we | ||
| 245 | * don't remove it from the reclaim list and | ||
| 246 | * potentially leak the inode. | ||
| 247 | */ | ||
| 248 | if ((ip->i_d.di_mode == 0) && | ||
| 249 | !(flags & XFS_IGET_CREATE)) { | ||
| 250 | read_unlock(&ih->ih_lock); | ||
| 251 | return ENOENT; | ||
| 252 | } | ||
| 253 | |||
| 254 | /* | ||
| 255 | * There may be transactions sitting in the | ||
| 256 | * incore log buffers or being flushed to disk | ||
| 257 | * at this time. We can't clear the | ||
| 258 | * XFS_IRECLAIMABLE flag until these | ||
| 259 | * transactions have hit the disk, otherwise we | ||
| 260 | * will void the guarantee the flag provides | ||
| 261 | * xfs_iunpin() | ||
| 262 | */ | ||
| 263 | if (xfs_ipincount(ip)) { | ||
| 264 | read_unlock(&ih->ih_lock); | ||
| 265 | xfs_log_force(mp, 0, | ||
| 266 | XFS_LOG_FORCE|XFS_LOG_SYNC); | ||
| 267 | XFS_STATS_INC(xs_ig_frecycle); | ||
| 268 | goto again; | ||
| 269 | } | ||
| 240 | 270 | ||
| 241 | vn_trace_exit(vp, "xfs_iget.alloc", | 271 | vn_trace_exit(vp, "xfs_iget.alloc", |
| 242 | (inst_t *)__return_address); | 272 | (inst_t *)__return_address); |