Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ff55333f authored by David Sterba's avatar David Sterba Committed by Greg Kroah-Hartman
Browse files

btrfs: scrub: move scrub_setup_ctx allocation out of device_list_mutex 



[ Upstream commit 0e94c4f45d14cf89d1f40c91b0a8517e791672a7 ]

The scrub context is allocated with GFP_KERNEL and called from
btrfs_scrub_dev under the fs_info::device_list_mutex. This is not safe
regarding reclaim that could try to flush filesystem data in order to
get the memory. And the device_list_mutex is held during superblock
commit, so this would cause a lockup.

Move the alocation and initialization before any changes that require
the mutex.

Signed-off-by: default avatarDavid Sterba <dsterba@suse.com>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
parent 8ba3169d

fs/btrfs/scrub.c

+18 −12
Original line number Diff line number Diff line
@@ -3837,13 +3837,18 @@ int btrfs_scrub_dev(struct btrfs_fs_info *fs_info, u64 devid, u64 start, 
		return -EINVAL;

	}



	/* Allocate outside of device_list_mutex */

	sctx = scrub_setup_ctx(fs_info, is_dev_replace);

	if (IS_ERR(sctx))

		return PTR_ERR(sctx);



	mutex_lock(&fs_info->fs_devices->device_list_mutex);

	dev = btrfs_find_device(fs_info, devid, NULL, NULL);

	if (!dev || (test_bit(BTRFS_DEV_STATE_MISSING, &dev->dev_state) &&

		     !is_dev_replace)) {

		mutex_unlock(&fs_info->fs_devices->device_list_mutex);

		return -ENODEV;

		ret = -ENODEV;

		goto out_free_ctx;

	}



	if (!is_dev_replace && !readonly &&
@@ -3851,7 +3856,8 @@ int btrfs_scrub_dev(struct btrfs_fs_info *fs_info, u64 devid, u64 start, 
		mutex_unlock(&fs_info->fs_devices->device_list_mutex);

		btrfs_err_in_rcu(fs_info, "scrub: device %s is not writable",

				rcu_str_deref(dev->name));

		return -EROFS;

		ret = -EROFS;

		goto out_free_ctx;

	}



	mutex_lock(&fs_info->scrub_lock);
@@ -3859,7 +3865,8 @@ int btrfs_scrub_dev(struct btrfs_fs_info *fs_info, u64 devid, u64 start, 
	    test_bit(BTRFS_DEV_STATE_REPLACE_TGT, &dev->dev_state)) {

		mutex_unlock(&fs_info->scrub_lock);

		mutex_unlock(&fs_info->fs_devices->device_list_mutex);

		return -EIO;

		ret = -EIO;

		goto out_free_ctx;

	}



	btrfs_dev_replace_read_lock(&fs_info->dev_replace);
@@ -3869,7 +3876,8 @@ int btrfs_scrub_dev(struct btrfs_fs_info *fs_info, u64 devid, u64 start, 
		btrfs_dev_replace_read_unlock(&fs_info->dev_replace);

		mutex_unlock(&fs_info->scrub_lock);

		mutex_unlock(&fs_info->fs_devices->device_list_mutex);

		return -EINPROGRESS;

		ret = -EINPROGRESS;

		goto out_free_ctx;

	}

	btrfs_dev_replace_read_unlock(&fs_info->dev_replace);
@@ -3877,16 +3885,9 @@ int btrfs_scrub_dev(struct btrfs_fs_info *fs_info, u64 devid, u64 start, 
	if (ret) {

		mutex_unlock(&fs_info->scrub_lock);

		mutex_unlock(&fs_info->fs_devices->device_list_mutex);

		return ret;

		goto out_free_ctx;

	}



	sctx = scrub_setup_ctx(fs_info, is_dev_replace);

	if (IS_ERR(sctx)) {

		mutex_unlock(&fs_info->scrub_lock);

		mutex_unlock(&fs_info->fs_devices->device_list_mutex);

		scrub_workers_put(fs_info);

		return PTR_ERR(sctx);

	}

	sctx->readonly = readonly;

	dev->scrub_ctx = sctx;

	mutex_unlock(&fs_info->fs_devices->device_list_mutex);
@@ -3939,6 +3940,11 @@ int btrfs_scrub_dev(struct btrfs_fs_info *fs_info, u64 devid, u64 start, 


	scrub_put_ctx(sctx);



	return ret;



out_free_ctx:

	scrub_free_ctx(sctx);



	return ret;

}