diff options
| author | Abhi Das <adas@redhat.com> | 2015-04-08 10:03:56 -0400 |
|---|---|---|
| committer | Bob Peterson <rpeterso@redhat.com> | 2015-04-08 10:31:18 -0400 |
| commit | 30133177957dca9a3e2a37b720f891d3225a92a1 (patch) | |
| tree | 67c0d0b540759a64ab10d84a222e5ef6a2c6671d /fs | |
| parent | 7b4ddfa7c9523a19fca30830f8b426964d359da2 (diff) | |
gfs2: fix quota refresh race in do_glock()
quotad periodically syncs in-memory quotas to the ondisk quota file
and sets the QDF_REFRESH flag so that a subsequent read of a synced
quota is re-read from disk.
gfs2_quota_lock() checks for this flag and sets a 'force' bit to
force re-read from disk if requested. However, there is a race
condition here. It is possible for gfs2_quota_lock() to find the
QDF_REFRESH flag unset (i.e force=0) and quotad comes in immediately
after and syncs the relevant quota and sets the QDF_REFRESH flag.
gfs2_quota_lock() resumes with force=0 and uses the stale in-memory
quota usage values that result in miscalculations.
This patch fixes this race by moving the check for the QDF_REFRESH
flag check further out into the gfs2_quota_lock() process, i.e, in
do_glock(), under the protection of the quota glock.
Signed-off-by: Abhi Das <adas@redhat.com>
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Acked-by: Steven Whitehouse <swhiteho@redhat.com>
Diffstat (limited to 'fs')
| -rw-r--r-- | fs/gfs2/quota.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/fs/gfs2/quota.c b/fs/gfs2/quota.c index 55614685a31c..5c27e48aa76f 100644 --- a/fs/gfs2/quota.c +++ b/fs/gfs2/quota.c | |||
| @@ -923,6 +923,9 @@ restart: | |||
| 923 | if (error) | 923 | if (error) |
| 924 | return error; | 924 | return error; |
| 925 | 925 | ||
| 926 | if (test_and_clear_bit(QDF_REFRESH, &qd->qd_flags)) | ||
| 927 | force_refresh = FORCE; | ||
| 928 | |||
| 926 | qd->qd_qb = *(struct gfs2_quota_lvb *)qd->qd_gl->gl_lksb.sb_lvbptr; | 929 | qd->qd_qb = *(struct gfs2_quota_lvb *)qd->qd_gl->gl_lksb.sb_lvbptr; |
| 927 | 930 | ||
| 928 | if (force_refresh || qd->qd_qb.qb_magic != cpu_to_be32(GFS2_MAGIC)) { | 931 | if (force_refresh || qd->qd_qb.qb_magic != cpu_to_be32(GFS2_MAGIC)) { |
| @@ -974,11 +977,8 @@ int gfs2_quota_lock(struct gfs2_inode *ip, kuid_t uid, kgid_t gid) | |||
| 974 | sizeof(struct gfs2_quota_data *), sort_qd, NULL); | 977 | sizeof(struct gfs2_quota_data *), sort_qd, NULL); |
| 975 | 978 | ||
| 976 | for (x = 0; x < ip->i_res->rs_qa_qd_num; x++) { | 979 | for (x = 0; x < ip->i_res->rs_qa_qd_num; x++) { |
| 977 | int force = NO_FORCE; | ||
| 978 | qd = ip->i_res->rs_qa_qd[x]; | 980 | qd = ip->i_res->rs_qa_qd[x]; |
| 979 | if (test_and_clear_bit(QDF_REFRESH, &qd->qd_flags)) | 981 | error = do_glock(qd, NO_FORCE, &ip->i_res->rs_qa_qd_ghs[x]); |
| 980 | force = FORCE; | ||
| 981 | error = do_glock(qd, force, &ip->i_res->rs_qa_qd_ghs[x]); | ||
| 982 | if (error) | 982 | if (error) |
| 983 | break; | 983 | break; |
| 984 | } | 984 | } |