Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 1c8c601a authored by Jeff Layton's avatar Jeff Layton Committed by Al Viro
Browse files

locks: protect most of the file_lock handling with i_lock 



Having a global lock that protects all of this code is a clear
scalability problem. Instead of doing that, move most of the code to be
protected by the i_lock instead. The exceptions are the global lists
that the ->fl_link sits on, and the ->fl_block list.

->fl_link is what connects these structures to the
global lists, so we must ensure that we hold those locks when iterating
over or updating these lists.

Furthermore, sound deadlock detection requires that we hold the
blocked_list state steady while checking for loops. We also must ensure
that the search and update to the list are atomic.

For the checking and insertion side of the blocked_list, push the
acquisition of the global lock into __posix_lock_file and ensure that
checking and update of the  blocked_list is done without dropping the
lock in between.

On the removal side, when waking up blocked lock waiters, take the
global lock before walking the blocked list and dequeue the waiters from
the global list prior to removal from the fl_block list.

With this, deadlock detection should be race free while we minimize
excessive file_lock_lock thrashing.

Finally, in order to avoid a lock inversion problem when handling
/proc/locks output we must ensure that manipulations of the fl_block
list are also protected by the file_lock_lock.

Signed-off-by: default avatarJeff Layton <jlayton@redhat.com>
Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
parent 88974691

Documentation/filesystems/Locking

+14 −7
Original line number Diff line number Diff line
@@ -342,7 +342,7 @@ prototypes: 




locking rules:

			file_lock_lock	may block

			inode->i_lock	may block

fl_copy_lock:		yes		no

fl_release_private:	maybe		no
@@ -355,12 +355,19 @@ prototypes: 
	int (*lm_change)(struct file_lock **, int);



locking rules:

			file_lock_lock	may block

lm_compare_owner:	yes		no

lm_notify:		yes		no

lm_grant:		no		no

lm_break:		yes		no

lm_change		yes		no



			inode->i_lock	file_lock_lock	may block

lm_compare_owner:	yes[1]		maybe		no

lm_notify:		yes		yes		no

lm_grant:		no		no		no

lm_break:		yes		no		no

lm_change		yes		no		no



[1]:	->lm_compare_owner is generally called with *an* inode->i_lock held. It

may not be the i_lock of the inode for either file_lock being compared! This is

the case with deadlock detection, since the code has to chase down the owners

of locks that may be entirely unrelated to the one on which the lock is being

acquired. When doing a search for deadlocks, the file_lock_lock is also held.



--------------------------- buffer_head -----------------------------------

prototypes:

fs/afs/flock.c

+4 −3
Original line number Diff line number Diff line
@@ -252,7 +252,8 @@ static void afs_defer_unlock(struct afs_vnode *vnode, struct key *key) 
 */

static int afs_do_setlk(struct file *file, struct file_lock *fl)

{

	struct afs_vnode *vnode = AFS_FS_I(file->f_mapping->host);

	struct inode *inode = file_inode(file);

	struct afs_vnode *vnode = AFS_FS_I(inode);

	afs_lock_type_t type;

	struct key *key = file->private_data;

	int ret;
@@ -273,7 +274,7 @@ static int afs_do_setlk(struct file *file, struct file_lock *fl) 


	type = (fl->fl_type == F_RDLCK) ? AFS_LOCK_READ : AFS_LOCK_WRITE;



	lock_flocks();

	spin_lock(&inode->i_lock);



	/* make sure we've got a callback on this file and that our view of the

	 * data version is up to date */
@@ -420,7 +421,7 @@ static int afs_do_setlk(struct file *file, struct file_lock *fl) 
	afs_vnode_fetch_status(vnode, NULL, key);



error:

	unlock_flocks();

	spin_unlock(&inode->i_lock);

	_leave(" = %d", ret);

	return ret;

fs/ceph/locks.c

+1 −1
Original line number Diff line number Diff line
@@ -192,7 +192,7 @@ void ceph_count_locks(struct inode *inode, int *fcntl_count, int *flock_count) 


/**

 * Encode the flock and fcntl locks for the given inode into the ceph_filelock

 * array. Must be called with lock_flocks() already held.

 * array. Must be called with inode->i_lock already held.

 * If we encounter more of a specific lock type than expected, return -ENOSPC.

 */

int ceph_encode_locks_to_buffer(struct inode *inode,

fs/ceph/mds_client.c

+4 −4
Original line number Diff line number Diff line
@@ -2481,20 +2481,20 @@ static int encode_caps_cb(struct inode *inode, struct ceph_cap *cap, 
		struct ceph_filelock *flocks;



encode_again:

		lock_flocks();

		spin_lock(&inode->i_lock);

		ceph_count_locks(inode, &num_fcntl_locks, &num_flock_locks);

		unlock_flocks();

		spin_unlock(&inode->i_lock);

		flocks = kmalloc((num_fcntl_locks+num_flock_locks) *

				 sizeof(struct ceph_filelock), GFP_NOFS);

		if (!flocks) {

			err = -ENOMEM;

			goto out_free;

		}

		lock_flocks();

		spin_lock(&inode->i_lock);

		err = ceph_encode_locks_to_buffer(inode, flocks,

						  num_fcntl_locks,

						  num_flock_locks);

		unlock_flocks();

		spin_unlock(&inode->i_lock);

		if (err) {

			kfree(flocks);

			if (err == -ENOSPC)

fs/cifs/cifsfs.c

+1 −1
Original line number Diff line number Diff line
@@ -765,7 +765,7 @@ static loff_t cifs_llseek(struct file *file, loff_t offset, int whence) 


static int cifs_setlease(struct file *file, long arg, struct file_lock **lease)

{

	/* note that this is called by vfs setlease with lock_flocks held

	/* note that this is called by vfs setlease with i_lock held

	   to protect *lease from going away */

	struct inode *inode = file_inode(file);

	struct cifsFileInfo *cfile = file->private_data;