Btrfs: use insert_inode_locked4 for inode creation

Btrfs was inserting inodes into the hash table before we had fully set the inode up on disk. This leaves us open to rare races that allow two different inodes in memory for the same [root, inode] pair. This patch fixes things by using insert_inode_locked4 to insert an I_NEW inode and unlock_new_inode when we're ready for the rest of the kernel to use the inode. It also makes sure to init the operations pointers on the inode before going into the error handling paths. Signed-off-by: Chris Mason <clm@fb.com> Reported-by: Al Viro <viro@zeniv.linux.org.uk>
author: Chris Mason <clm@fb.com> 2014-09-08 16:08:51 -0400
committer: Chris Mason <clm@fb.com> 2014-09-08 16:56:45 -0400
commit: b0d5d10f41a0f1cd839408dd94427f2db3553bca (patch)
tree: 0245a9bf559bfab38f9a2812d3aebb252a81cebb /fs
parent: 49dae1bc1c665817e434d01eefaa11967f618243 (diff)
1 files changed, 109 insertions, 67 deletions
diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c
index 88823f4ca451..214b936bdd3d 100644
--- a/fs/btrfs/inode.c
+++ b/fs/btrfs/inode.c
@@ -5634,6 +5634,17 @@ int btrfs_set_inode_index(struct inode *dir, u64 *index)
        return ret;
 }
+static int btrfs_insert_inode_locked(struct inode *inode)
+{
+        struct btrfs_iget_args args;
+        args.location = &BTRFS_I(inode)->location;
+        args.root = BTRFS_I(inode)->root;
+        return insert_inode_locked4(inode,
+                   btrfs_inode_hash(inode->i_ino, BTRFS_I(inode)->root),
+                   btrfs_find_actor, &args);
+}
 static struct inode *btrfs_new_inode(struct btrfs_trans_handle *trans,
                                     struct btrfs_root *root,
                                     struct inode *dir,
@@ -5726,10 +5737,19 @@ static struct inode *btrfs_new_inode(struct btrfs_trans_handle *trans,
                sizes[1] = name_len + sizeof(*ref);
        }
+        location = &BTRFS_I(inode)->location;
+        location->objectid = objectid;
+        location->offset = 0;
+        btrfs_set_key_type(location, BTRFS_INODE_ITEM_KEY);
+        ret = btrfs_insert_inode_locked(inode);
+        if (ret < 0)
+                goto fail;
        path->leave_spinning = 1;
        ret = btrfs_insert_empty_items(trans, root, path, key, sizes, nitems);
        if (ret != 0)
-                goto fail;
+                goto fail_unlock;
        inode_init_owner(inode, dir, mode);
        inode_set_bytes(inode, 0);
@@ -5752,11 +5772,6 @@ static struct inode *btrfs_new_inode(struct btrfs_trans_handle *trans,
        btrfs_mark_buffer_dirty(path->nodes[0]);
        btrfs_free_path(path);
-        location = &BTRFS_I(inode)->location;
-        location->objectid = objectid;
-        location->offset = 0;
-        btrfs_set_key_type(location, BTRFS_INODE_ITEM_KEY);
        btrfs_inherit_iflags(inode, dir);
        if (S_ISREG(mode)) {
@@ -5767,7 +5782,6 @@ static struct inode *btrfs_new_inode(struct btrfs_trans_handle *trans,
                                BTRFS_INODE_NODATASUM;
        }
-        btrfs_insert_inode_hash(inode);
        inode_tree_add(inode);
        trace_btrfs_inode_new(inode);
@@ -5782,6 +5796,9 @@ static struct inode *btrfs_new_inode(struct btrfs_trans_handle *trans,
                          btrfs_ino(inode), root->root_key.objectid, ret);
        return inode;
+fail_unlock:
+        unlock_new_inode(inode);
 fail:
        if (dir && name)
                BTRFS_I(dir)->index_cnt--;
@@ -5916,28 +5933,28 @@ static int btrfs_mknod(struct inode *dir, struct dentry *dentry,
                goto out_unlock;
        }
-        err = btrfs_init_inode_security(trans, inode, dir, &dentry->d_name);
-        if (err) {
-                drop_inode = 1;
-                goto out_unlock;
-        }
        /*
        * If the active LSM wants to access the inode during
        * d_instantiate it needs these. Smack checks to see
        * if the filesystem supports xattrs by looking at the
        * ops vector.
        */
        inode->i_op = &btrfs_special_inode_operations;
-        err = btrfs_add_nondir(trans, dir, dentry, inode, 0, index);
+        init_special_inode(inode, inode->i_mode, rdev);
+        err = btrfs_init_inode_security(trans, inode, dir, &dentry->d_name);
        if (err)
-                drop_inode = 1;
+                goto out_unlock_inode;
-        else {
-                init_special_inode(inode, inode->i_mode, rdev);
+        err = btrfs_add_nondir(trans, dir, dentry, inode, 0, index);
+        if (err) {
+                goto out_unlock_inode;
+        } else {
                btrfs_update_inode(trans, root, inode);
+                unlock_new_inode(inode);
                d_instantiate(dentry, inode);
        }
 out_unlock:
        btrfs_end_transaction(trans, root);
        btrfs_balance_delayed_items(root);
@@ -5947,6 +5964,12 @@ out_unlock:
                iput(inode);
        }
        return err;
+out_unlock_inode:
+        drop_inode = 1;
+        unlock_new_inode(inode);
+        goto out_unlock;
 }
 static int btrfs_create(struct inode *dir, struct dentry *dentry,
@@ -5981,15 +6004,6 @@ static int btrfs_create(struct inode *dir, struct dentry *dentry,
                goto out_unlock;
        }
        drop_inode_on_err = 1;
-        err = btrfs_init_inode_security(trans, inode, dir, &dentry->d_name);
-        if (err)
-                goto out_unlock;
-        err = btrfs_update_inode(trans, root, inode);
-        if (err)
-                goto out_unlock;
        /*
        * If the active LSM wants to access the inode during
        * d_instantiate it needs these. Smack checks to see
@@ -5998,14 +6012,23 @@ static int btrfs_create(struct inode *dir, struct dentry *dentry,
        */
        inode->i_fop = &btrfs_file_operations;
        inode->i_op = &btrfs_file_inode_operations;
+        inode->i_mapping->a_ops = &btrfs_aops;
+        inode->i_mapping->backing_dev_info = &root->fs_info->bdi;
+        err = btrfs_init_inode_security(trans, inode, dir, &dentry->d_name);
+        if (err)
+                goto out_unlock_inode;
+        err = btrfs_update_inode(trans, root, inode);
+        if (err)
+                goto out_unlock_inode;
        err = btrfs_add_nondir(trans, dir, dentry, inode, 0, index);
        if (err)
-                goto out_unlock;
+                goto out_unlock_inode;
-        inode->i_mapping->a_ops = &btrfs_aops;
-        inode->i_mapping->backing_dev_info = &root->fs_info->bdi;
        BTRFS_I(inode)->io_tree.ops = &btrfs_extent_io_ops;
+        unlock_new_inode(inode);
        d_instantiate(dentry, inode);
 out_unlock:
@@ -6017,6 +6040,11 @@ out_unlock:
        btrfs_balance_delayed_items(root);
        btrfs_btree_balance_dirty(root);
        return err;
+out_unlock_inode:
+        unlock_new_inode(inode);
+        goto out_unlock;
 }
 static int btrfs_link(struct dentry *old_dentry, struct inode *dir,
@@ -6124,25 +6152,30 @@ static int btrfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
        }
        drop_on_err = 1;
+        /* these must be set before we unlock the inode */
+        inode->i_op = &btrfs_dir_inode_operations;
+        inode->i_fop = &btrfs_dir_file_operations;
        err = btrfs_init_inode_security(trans, inode, dir, &dentry->d_name);
        if (err)
-                goto out_fail;
+                goto out_fail_inode;
-        inode->i_op = &btrfs_dir_inode_operations;
-        inode->i_fop = &btrfs_dir_file_operations;
        btrfs_i_size_write(inode, 0);
        err = btrfs_update_inode(trans, root, inode);
        if (err)
-                goto out_fail;
+                goto out_fail_inode;
        err = btrfs_add_link(trans, dir, inode, dentry->d_name.name,
                             dentry->d_name.len, 0, index);
        if (err)
-                goto out_fail;
+                goto out_fail_inode;
        d_instantiate(dentry, inode);
+        /*
+         * mkdir is special.  We're unlocking after we call d_instantiate
+         * to avoid a race with nfsd calling d_instantiate.
+         */
+        unlock_new_inode(inode);
        drop_on_err = 0;
 out_fail:
@@ -6152,6 +6185,10 @@ out_fail:
        btrfs_balance_delayed_items(root);
        btrfs_btree_balance_dirty(root);
        return err;
+out_fail_inode:
+        unlock_new_inode(inode);
+        goto out_fail;
 }
 /* helper for btfs_get_extent.  Given an existing extent in the tree,
@@ -8107,6 +8144,7 @@ int btrfs_create_subvol_root(struct btrfs_trans_handle *trans,
        set_nlink(inode, 1);
        btrfs_i_size_write(inode, 0);
+        unlock_new_inode(inode);
        err = btrfs_subvol_inherit_props(trans, new_root, parent_root);
        if (err)
@@ -8757,12 +8795,6 @@ static int btrfs_symlink(struct inode *dir, struct dentry *dentry,
                goto out_unlock;
        }
-        err = btrfs_init_inode_security(trans, inode, dir, &dentry->d_name);
-        if (err) {
-                drop_inode = 1;
-                goto out_unlock;
-        }
        /*
        * If the active LSM wants to access the inode during
        * d_instantiate it needs these. Smack checks to see
@@ -8771,23 +8803,22 @@ static int btrfs_symlink(struct inode *dir, struct dentry *dentry,
        */
        inode->i_fop = &btrfs_file_operations;
        inode->i_op = &btrfs_file_inode_operations;
+        inode->i_mapping->a_ops = &btrfs_aops;
+        inode->i_mapping->backing_dev_info = &root->fs_info->bdi;
+        BTRFS_I(inode)->io_tree.ops = &btrfs_extent_io_ops;
+        err = btrfs_init_inode_security(trans, inode, dir, &dentry->d_name);
+        if (err)
+                goto out_unlock_inode;
        err = btrfs_add_nondir(trans, dir, dentry, inode, 0, index);
        if (err)
-                drop_inode = 1;
+                goto out_unlock_inode;
-        else {
-                inode->i_mapping->a_ops = &btrfs_aops;
-                inode->i_mapping->backing_dev_info = &root->fs_info->bdi;
-                BTRFS_I(inode)->io_tree.ops = &btrfs_extent_io_ops;
-        }
-        if (drop_inode)
-                goto out_unlock;
        path = btrfs_alloc_path();
        if (!path) {
                err = -ENOMEM;
-                drop_inode = 1;
+                goto out_unlock_inode;
-                goto out_unlock;
        }
        key.objectid = btrfs_ino(inode);
        key.offset = 0;
@@ -8796,9 +8827,8 @@ static int btrfs_symlink(struct inode *dir, struct dentry *dentry,
        err = btrfs_insert_empty_item(trans, root, path, &key,
                                      datasize);
        if (err) {
-                drop_inode = 1;
                btrfs_free_path(path);
-                goto out_unlock;
+                goto out_unlock_inode;
        }
        leaf = path->nodes[0];
        ei = btrfs_item_ptr(leaf, path->slots[0],
@@ -8822,12 +8852,15 @@ static int btrfs_symlink(struct inode *dir, struct dentry *dentry,
        inode_set_bytes(inode, name_len);
        btrfs_i_size_write(inode, name_len);
        err = btrfs_update_inode(trans, root, inode);
-        if (err)
+        if (err) {
                drop_inode = 1;
+                goto out_unlock_inode;
+        }
+        unlock_new_inode(inode);
+        d_instantiate(dentry, inode);
 out_unlock:
-        if (!err)
-                d_instantiate(dentry, inode);
        btrfs_end_transaction(trans, root);
        if (drop_inode) {
                inode_dec_link_count(inode);
@@ -8835,6 +8868,11 @@ out_unlock:
        }
        btrfs_btree_balance_dirty(root);
        return err;
+out_unlock_inode:
+        drop_inode = 1;
+        unlock_new_inode(inode);
+        goto out_unlock;
 }
 static int __btrfs_prealloc_file_range(struct inode *inode, int mode,
@@ -9018,14 +9056,6 @@ static int btrfs_tmpfile(struct inode *dir, struct dentry *dentry, umode_t mode)
                goto out;
        }
-        ret = btrfs_init_inode_security(trans, inode, dir, NULL);
-        if (ret)
-                goto out;
-        ret = btrfs_update_inode(trans, root, inode);
-        if (ret)
-                goto out;
        inode->i_fop = &btrfs_file_operations;
        inode->i_op = &btrfs_file_inode_operations;
@@ -9033,9 +9063,16 @@ static int btrfs_tmpfile(struct inode *dir, struct dentry *dentry, umode_t mode)
        inode->i_mapping->backing_dev_info = &root->fs_info->bdi;
        BTRFS_I(inode)->io_tree.ops = &btrfs_extent_io_ops;
+        ret = btrfs_init_inode_security(trans, inode, dir, NULL);
+        if (ret)
+                goto out_inode;
+        ret = btrfs_update_inode(trans, root, inode);
+        if (ret)
+                goto out_inode;
        ret = btrfs_orphan_add(trans, inode);
        if (ret)
-                goto out;
+                goto out_inode;
        /*
         * We set number of links to 0 in btrfs_new_inode(), and here we set
@@ -9045,6 +9082,7 @@ static int btrfs_tmpfile(struct inode *dir, struct dentry *dentry, umode_t mode)
         *    d_tmpfile() -> inode_dec_link_count() -> drop_nlink()
         */
        set_nlink(inode, 1);
+        unlock_new_inode(inode);
        d_tmpfile(dentry, inode);
        mark_inode_dirty(inode);
@@ -9054,8 +9092,12 @@ out:
                iput(inode);
        btrfs_balance_delayed_items(root);
        btrfs_btree_balance_dirty(root);
        return ret;
+out_inode:
+        unlock_new_inode(inode);
+        goto out;
 }
 static const struct inode_operations btrfs_dir_inode_operations = {
author	Chris Mason <clm@fb.com>	2014-09-08 16:08:51 -0400
committer	Chris Mason <clm@fb.com>	2014-09-08 16:56:45 -0400
commit	b0d5d10f41a0f1cd839408dd94427f2db3553bca (patch)
tree	0245a9bf559bfab38f9a2812d3aebb252a81cebb /fs
parent	49dae1bc1c665817e434d01eefaa11967f618243 (diff)

diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c index 88823f4ca451..214b936bdd3d 100644 --- a/fs/btrfs/inode.c +++ b/fs/btrfs/inode.c
@@ -5634,6 +5634,17 @@ int btrfs_set_inode_index(struct inode dir, u64 index)
5634	return ret;	5634	return ret;
5635	}	5635	}
5636		5636
		5637	static int btrfs_insert_inode_locked(struct inode *inode)
		5638	{
		5639	struct btrfs_iget_args args;
		5640	args.location = &BTRFS_I(inode)->location;
		5641	args.root = BTRFS_I(inode)->root;
		5642
		5643	return insert_inode_locked4(inode,
		5644	btrfs_inode_hash(inode->i_ino, BTRFS_I(inode)->root),
		5645	btrfs_find_actor, &args);
		5646	}
		5647
5637	static struct inode btrfs_new_inode(struct btrfs_trans_handle trans,	5648	static struct inode btrfs_new_inode(struct btrfs_trans_handle trans,
5638	struct btrfs_root *root,	5649	struct btrfs_root *root,
5639	struct inode *dir,	5650	struct inode *dir,
@@ -5726,10 +5737,19 @@ static struct inode btrfs_new_inode(struct btrfs_trans_handle trans,
5726	sizes[1] = name_len + sizeof(*ref);	5737	sizes[1] = name_len + sizeof(*ref);
5727	}	5738	}
5728		5739
		5740	location = &BTRFS_I(inode)->location;
		5741	location->objectid = objectid;
		5742	location->offset = 0;
		5743	btrfs_set_key_type(location, BTRFS_INODE_ITEM_KEY);
		5744
		5745	ret = btrfs_insert_inode_locked(inode);
		5746	if (ret < 0)
		5747	goto fail;
		5748
5729	path->leave_spinning = 1;	5749	path->leave_spinning = 1;
5730	ret = btrfs_insert_empty_items(trans, root, path, key, sizes, nitems);	5750	ret = btrfs_insert_empty_items(trans, root, path, key, sizes, nitems);
5731	if (ret != 0)	5751	if (ret != 0)
5732	goto fail;	5752	goto fail_unlock;
5733		5753
5734	inode_init_owner(inode, dir, mode);	5754	inode_init_owner(inode, dir, mode);
5735	inode_set_bytes(inode, 0);	5755	inode_set_bytes(inode, 0);
@@ -5752,11 +5772,6 @@ static struct inode btrfs_new_inode(struct btrfs_trans_handle trans,
5752	btrfs_mark_buffer_dirty(path->nodes[0]);	5772	btrfs_mark_buffer_dirty(path->nodes[0]);
5753	btrfs_free_path(path);	5773	btrfs_free_path(path);
5754		5774
5755	location = &BTRFS_I(inode)->location;
5756	location->objectid = objectid;
5757	location->offset = 0;
5758	btrfs_set_key_type(location, BTRFS_INODE_ITEM_KEY);
5759
5760	btrfs_inherit_iflags(inode, dir);	5775	btrfs_inherit_iflags(inode, dir);
5761		5776
5762	if (S_ISREG(mode)) {	5777	if (S_ISREG(mode)) {
@@ -5767,7 +5782,6 @@ static struct inode btrfs_new_inode(struct btrfs_trans_handle trans,
5767	BTRFS_INODE_NODATASUM;	5782	BTRFS_INODE_NODATASUM;
5768	}	5783	}
5769		5784
5770	btrfs_insert_inode_hash(inode);
5771	inode_tree_add(inode);	5785	inode_tree_add(inode);
5772		5786
5773	trace_btrfs_inode_new(inode);	5787	trace_btrfs_inode_new(inode);
@@ -5782,6 +5796,9 @@ static struct inode btrfs_new_inode(struct btrfs_trans_handle trans,
5782	btrfs_ino(inode), root->root_key.objectid, ret);	5796	btrfs_ino(inode), root->root_key.objectid, ret);
5783		5797
5784	return inode;	5798	return inode;
		5799
		5800	fail_unlock:
		5801	unlock_new_inode(inode);
5785	fail:	5802	fail:
5786	if (dir && name)	5803	if (dir && name)
5787	BTRFS_I(dir)->index_cnt--;	5804	BTRFS_I(dir)->index_cnt--;
@@ -5916,28 +5933,28 @@ static int btrfs_mknod(struct inode dir, struct dentry dentry,
5916	goto out_unlock;	5933	goto out_unlock;
5917	}	5934	}
5918		5935
5919	err = btrfs_init_inode_security(trans, inode, dir, &dentry->d_name);
5920	if (err) {
5921	drop_inode = 1;
5922	goto out_unlock;
5923	}
5924
5925	/*	5936	/*
5926	* If the active LSM wants to access the inode during	5937	* If the active LSM wants to access the inode during
5927	* d_instantiate it needs these. Smack checks to see	5938	* d_instantiate it needs these. Smack checks to see
5928	* if the filesystem supports xattrs by looking at the	5939	* if the filesystem supports xattrs by looking at the
5929	* ops vector.	5940	* ops vector.
5930	*/	5941	*/
5931
5932	inode->i_op = &btrfs_special_inode_operations;	5942	inode->i_op = &btrfs_special_inode_operations;
5933	err = btrfs_add_nondir(trans, dir, dentry, inode, 0, index);	5943	init_special_inode(inode, inode->i_mode, rdev);
		5944
		5945	err = btrfs_init_inode_security(trans, inode, dir, &dentry->d_name);
5934	if (err)	5946	if (err)
5935	drop_inode = 1;	5947	goto out_unlock_inode;
5936	else {	5948
5937	init_special_inode(inode, inode->i_mode, rdev);	5949	err = btrfs_add_nondir(trans, dir, dentry, inode, 0, index);
		5950	if (err) {
		5951	goto out_unlock_inode;
		5952	} else {
5938	btrfs_update_inode(trans, root, inode);	5953	btrfs_update_inode(trans, root, inode);
		5954	unlock_new_inode(inode);
5939	d_instantiate(dentry, inode);	5955	d_instantiate(dentry, inode);
5940	}	5956	}
		5957
5941	out_unlock:	5958	out_unlock:
5942	btrfs_end_transaction(trans, root);	5959	btrfs_end_transaction(trans, root);
5943	btrfs_balance_delayed_items(root);	5960	btrfs_balance_delayed_items(root);
@@ -5947,6 +5964,12 @@ out_unlock:
5947	iput(inode);	5964	iput(inode);
5948	}	5965	}
5949	return err;	5966	return err;
		5967
		5968	out_unlock_inode:
		5969	drop_inode = 1;
		5970	unlock_new_inode(inode);
		5971	goto out_unlock;
		5972
5950	}	5973	}
5951		5974
5952	static int btrfs_create(struct inode dir, struct dentry dentry,	5975	static int btrfs_create(struct inode dir, struct dentry dentry,
@@ -5981,15 +6004,6 @@ static int btrfs_create(struct inode dir, struct dentry dentry,
5981	goto out_unlock;	6004	goto out_unlock;
5982	}	6005	}
5983	drop_inode_on_err = 1;	6006	drop_inode_on_err = 1;
5984
5985	err = btrfs_init_inode_security(trans, inode, dir, &dentry->d_name);
5986	if (err)
5987	goto out_unlock;
5988
5989	err = btrfs_update_inode(trans, root, inode);
5990	if (err)
5991	goto out_unlock;
5992
5993	/*	6007	/*
5994	* If the active LSM wants to access the inode during	6008	* If the active LSM wants to access the inode during
5995	* d_instantiate it needs these. Smack checks to see	6009	* d_instantiate it needs these. Smack checks to see
@@ -5998,14 +6012,23 @@ static int btrfs_create(struct inode dir, struct dentry dentry,
5998	*/	6012	*/
5999	inode->i_fop = &btrfs_file_operations;	6013	inode->i_fop = &btrfs_file_operations;
6000	inode->i_op = &btrfs_file_inode_operations;	6014	inode->i_op = &btrfs_file_inode_operations;
		6015	inode->i_mapping->a_ops = &btrfs_aops;
		6016	inode->i_mapping->backing_dev_info = &root->fs_info->bdi;
		6017
		6018	err = btrfs_init_inode_security(trans, inode, dir, &dentry->d_name);
		6019	if (err)
		6020	goto out_unlock_inode;
		6021
		6022	err = btrfs_update_inode(trans, root, inode);
		6023	if (err)
		6024	goto out_unlock_inode;
6001		6025
6002	err = btrfs_add_nondir(trans, dir, dentry, inode, 0, index);	6026	err = btrfs_add_nondir(trans, dir, dentry, inode, 0, index);
6003	if (err)	6027	if (err)
6004	goto out_unlock;	6028	goto out_unlock_inode;
6005		6029
6006	inode->i_mapping->a_ops = &btrfs_aops;
6007	inode->i_mapping->backing_dev_info = &root->fs_info->bdi;
6008	BTRFS_I(inode)->io_tree.ops = &btrfs_extent_io_ops;	6030	BTRFS_I(inode)->io_tree.ops = &btrfs_extent_io_ops;
		6031	unlock_new_inode(inode);
6009	d_instantiate(dentry, inode);	6032	d_instantiate(dentry, inode);
6010		6033
6011	out_unlock:	6034	out_unlock:
@@ -6017,6 +6040,11 @@ out_unlock:
6017	btrfs_balance_delayed_items(root);	6040	btrfs_balance_delayed_items(root);
6018	btrfs_btree_balance_dirty(root);	6041	btrfs_btree_balance_dirty(root);
6019	return err;	6042	return err;
		6043
		6044	out_unlock_inode:
		6045	unlock_new_inode(inode);
		6046	goto out_unlock;
		6047
6020	}	6048	}
6021		6049
6022	static int btrfs_link(struct dentry old_dentry, struct inode dir,	6050	static int btrfs_link(struct dentry old_dentry, struct inode dir,
@@ -6124,25 +6152,30 @@ static int btrfs_mkdir(struct inode dir, struct dentry dentry, umode_t mode)
6124	}	6152	}
6125		6153
6126	drop_on_err = 1;	6154	drop_on_err = 1;
		6155	/* these must be set before we unlock the inode */
		6156	inode->i_op = &btrfs_dir_inode_operations;
		6157	inode->i_fop = &btrfs_dir_file_operations;
6127		6158
6128	err = btrfs_init_inode_security(trans, inode, dir, &dentry->d_name);	6159	err = btrfs_init_inode_security(trans, inode, dir, &dentry->d_name);
6129	if (err)	6160	if (err)
6130	goto out_fail;	6161	goto out_fail_inode;
6131
6132	inode->i_op = &btrfs_dir_inode_operations;
6133	inode->i_fop = &btrfs_dir_file_operations;
6134		6162
6135	btrfs_i_size_write(inode, 0);	6163	btrfs_i_size_write(inode, 0);
6136	err = btrfs_update_inode(trans, root, inode);	6164	err = btrfs_update_inode(trans, root, inode);
6137	if (err)	6165	if (err)
6138	goto out_fail;	6166	goto out_fail_inode;
6139		6167
6140	err = btrfs_add_link(trans, dir, inode, dentry->d_name.name,	6168	err = btrfs_add_link(trans, dir, inode, dentry->d_name.name,
6141	dentry->d_name.len, 0, index);	6169	dentry->d_name.len, 0, index);
6142	if (err)	6170	if (err)
6143	goto out_fail;	6171	goto out_fail_inode;
6144		6172
6145	d_instantiate(dentry, inode);	6173	d_instantiate(dentry, inode);
		6174	/*
		6175	* mkdir is special. We're unlocking after we call d_instantiate
		6176	* to avoid a race with nfsd calling d_instantiate.
		6177	*/
		6178	unlock_new_inode(inode);
6146	drop_on_err = 0;	6179	drop_on_err = 0;
6147		6180
6148	out_fail:	6181	out_fail:
@@ -6152,6 +6185,10 @@ out_fail:
6152	btrfs_balance_delayed_items(root);	6185	btrfs_balance_delayed_items(root);
6153	btrfs_btree_balance_dirty(root);	6186	btrfs_btree_balance_dirty(root);
6154	return err;	6187	return err;
		6188
		6189	out_fail_inode:
		6190	unlock_new_inode(inode);
		6191	goto out_fail;
6155	}	6192	}
6156		6193
6157	/* helper for btfs_get_extent. Given an existing extent in the tree,	6194	/* helper for btfs_get_extent. Given an existing extent in the tree,
@@ -8107,6 +8144,7 @@ int btrfs_create_subvol_root(struct btrfs_trans_handle *trans,
8107		8144
8108	set_nlink(inode, 1);	8145	set_nlink(inode, 1);
8109	btrfs_i_size_write(inode, 0);	8146	btrfs_i_size_write(inode, 0);
		8147	unlock_new_inode(inode);
8110		8148
8111	err = btrfs_subvol_inherit_props(trans, new_root, parent_root);	8149	err = btrfs_subvol_inherit_props(trans, new_root, parent_root);
8112	if (err)	8150	if (err)
@@ -8757,12 +8795,6 @@ static int btrfs_symlink(struct inode dir, struct dentry dentry,
8757	goto out_unlock;	8795	goto out_unlock;
8758	}	8796	}
8759		8797
8760	err = btrfs_init_inode_security(trans, inode, dir, &dentry->d_name);
8761	if (err) {
8762	drop_inode = 1;
8763	goto out_unlock;
8764	}
8765
8766	/*	8798	/*
8767	* If the active LSM wants to access the inode during	8799	* If the active LSM wants to access the inode during
8768	* d_instantiate it needs these. Smack checks to see	8800	* d_instantiate it needs these. Smack checks to see
@@ -8771,23 +8803,22 @@ static int btrfs_symlink(struct inode dir, struct dentry dentry,
8771	*/	8803	*/
8772	inode->i_fop = &btrfs_file_operations;	8804	inode->i_fop = &btrfs_file_operations;
8773	inode->i_op = &btrfs_file_inode_operations;	8805	inode->i_op = &btrfs_file_inode_operations;
		8806	inode->i_mapping->a_ops = &btrfs_aops;
		8807	inode->i_mapping->backing_dev_info = &root->fs_info->bdi;
		8808	BTRFS_I(inode)->io_tree.ops = &btrfs_extent_io_ops;
		8809
		8810	err = btrfs_init_inode_security(trans, inode, dir, &dentry->d_name);
		8811	if (err)
		8812	goto out_unlock_inode;
8774		8813
8775	err = btrfs_add_nondir(trans, dir, dentry, inode, 0, index);	8814	err = btrfs_add_nondir(trans, dir, dentry, inode, 0, index);
8776	if (err)	8815	if (err)
8777	drop_inode = 1;	8816	goto out_unlock_inode;
8778	else {
8779	inode->i_mapping->a_ops = &btrfs_aops;
8780	inode->i_mapping->backing_dev_info = &root->fs_info->bdi;
8781	BTRFS_I(inode)->io_tree.ops = &btrfs_extent_io_ops;
8782	}
8783	if (drop_inode)
8784	goto out_unlock;
8785		8817
8786	path = btrfs_alloc_path();	8818	path = btrfs_alloc_path();
8787	if (!path) {	8819	if (!path) {
8788	err = -ENOMEM;	8820	err = -ENOMEM;
8789	drop_inode = 1;	8821	goto out_unlock_inode;
8790	goto out_unlock;
8791	}	8822	}
8792	key.objectid = btrfs_ino(inode);	8823	key.objectid = btrfs_ino(inode);
8793	key.offset = 0;	8824	key.offset = 0;
@@ -8796,9 +8827,8 @@ static int btrfs_symlink(struct inode dir, struct dentry dentry,
8796	err = btrfs_insert_empty_item(trans, root, path, &key,	8827	err = btrfs_insert_empty_item(trans, root, path, &key,
8797	datasize);	8828	datasize);
8798	if (err) {	8829	if (err) {
8799	drop_inode = 1;
8800	btrfs_free_path(path);	8830	btrfs_free_path(path);
8801	goto out_unlock;	8831	goto out_unlock_inode;
8802	}	8832	}
8803	leaf = path->nodes[0];	8833	leaf = path->nodes[0];
8804	ei = btrfs_item_ptr(leaf, path->slots[0],	8834	ei = btrfs_item_ptr(leaf, path->slots[0],
@@ -8822,12 +8852,15 @@ static int btrfs_symlink(struct inode dir, struct dentry dentry,
8822	inode_set_bytes(inode, name_len);	8852	inode_set_bytes(inode, name_len);
8823	btrfs_i_size_write(inode, name_len);	8853	btrfs_i_size_write(inode, name_len);
8824	err = btrfs_update_inode(trans, root, inode);	8854	err = btrfs_update_inode(trans, root, inode);
8825	if (err)	8855	if (err) {
8826	drop_inode = 1;	8856	drop_inode = 1;
		8857	goto out_unlock_inode;
		8858	}
		8859
		8860	unlock_new_inode(inode);
		8861	d_instantiate(dentry, inode);
8827		8862
8828	out_unlock:	8863	out_unlock:
8829	if (!err)
8830	d_instantiate(dentry, inode);
8831	btrfs_end_transaction(trans, root);	8864	btrfs_end_transaction(trans, root);
8832	if (drop_inode) {	8865	if (drop_inode) {
8833	inode_dec_link_count(inode);	8866	inode_dec_link_count(inode);
@@ -8835,6 +8868,11 @@ out_unlock:
8835	}	8868	}
8836	btrfs_btree_balance_dirty(root);	8869	btrfs_btree_balance_dirty(root);
8837	return err;	8870	return err;
		8871
		8872	out_unlock_inode:
		8873	drop_inode = 1;
		8874	unlock_new_inode(inode);
		8875	goto out_unlock;
8838	}	8876	}
8839		8877
8840	static int __btrfs_prealloc_file_range(struct inode *inode, int mode,	8878	static int __btrfs_prealloc_file_range(struct inode *inode, int mode,
@@ -9018,14 +9056,6 @@ static int btrfs_tmpfile(struct inode dir, struct dentry dentry, umode_t mode)
9018	goto out;	9056	goto out;
9019	}	9057	}
9020		9058
9021	ret = btrfs_init_inode_security(trans, inode, dir, NULL);
9022	if (ret)
9023	goto out;
9024
9025	ret = btrfs_update_inode(trans, root, inode);
9026	if (ret)
9027	goto out;
9028
9029	inode->i_fop = &btrfs_file_operations;	9059	inode->i_fop = &btrfs_file_operations;
9030	inode->i_op = &btrfs_file_inode_operations;	9060	inode->i_op = &btrfs_file_inode_operations;
9031		9061
@@ -9033,9 +9063,16 @@ static int btrfs_tmpfile(struct inode dir, struct dentry dentry, umode_t mode)
9033	inode->i_mapping->backing_dev_info = &root->fs_info->bdi;	9063	inode->i_mapping->backing_dev_info = &root->fs_info->bdi;
9034	BTRFS_I(inode)->io_tree.ops = &btrfs_extent_io_ops;	9064	BTRFS_I(inode)->io_tree.ops = &btrfs_extent_io_ops;
9035		9065
		9066	ret = btrfs_init_inode_security(trans, inode, dir, NULL);
		9067	if (ret)
		9068	goto out_inode;
		9069
		9070	ret = btrfs_update_inode(trans, root, inode);
		9071	if (ret)
		9072	goto out_inode;
9036	ret = btrfs_orphan_add(trans, inode);	9073	ret = btrfs_orphan_add(trans, inode);
9037	if (ret)	9074	if (ret)
9038	goto out;	9075	goto out_inode;
9039		9076
9040	/*	9077	/*
9041	* We set number of links to 0 in btrfs_new_inode(), and here we set	9078	* We set number of links to 0 in btrfs_new_inode(), and here we set
@@ -9045,6 +9082,7 @@ static int btrfs_tmpfile(struct inode dir, struct dentry dentry, umode_t mode)
9045	* d_tmpfile() -> inode_dec_link_count() -> drop_nlink()	9082	* d_tmpfile() -> inode_dec_link_count() -> drop_nlink()
9046	*/	9083	*/
9047	set_nlink(inode, 1);	9084	set_nlink(inode, 1);
		9085	unlock_new_inode(inode);
9048	d_tmpfile(dentry, inode);	9086	d_tmpfile(dentry, inode);
9049	mark_inode_dirty(inode);	9087	mark_inode_dirty(inode);
9050		9088
@@ -9054,8 +9092,12 @@ out:
9054	iput(inode);	9092	iput(inode);
9055	btrfs_balance_delayed_items(root);	9093	btrfs_balance_delayed_items(root);
9056	btrfs_btree_balance_dirty(root);	9094	btrfs_btree_balance_dirty(root);
9057
9058	return ret;	9095	return ret;
		9096
		9097	out_inode:
		9098	unlock_new_inode(inode);
		9099	goto out;
		9100
9059	}	9101	}
9060		9102
9061	static const struct inode_operations btrfs_dir_inode_operations = {	9103	static const struct inode_operations btrfs_dir_inode_operations = {