Commit f08b6c73 authored by Theodore Ts'o's avatar Theodore Ts'o Committed by Ben Hutchings

ext4: add lockdep annotations for i_data_sem

commit daf647d2 upstream.

With the internal Quota feature, mke2fs creates empty quota inodes and
quota usage tracking is enabled as soon as the file system is mounted.
Since quotacheck is no longer preallocating all of the blocks in the
quota inode that are likely needed to be written to, we are now seeing
a lockdep false positive caused by needing to allocate a quota block
from inside ext4_map_blocks(), while holding i_data_sem for a data
inode.  This results in this complaint:

  Possible unsafe locking scenario:

        CPU0                    CPU1
        ----                    ----
   lock(&ei->i_data_sem);
                                lock(&s->s_dquot.dqio_mutex);
                                lock(&ei->i_data_sem);
   lock(&s->s_dquot.dqio_mutex);

Google-Bug-Id: 27907753
Signed-off-by: default avatarTheodore Ts'o <tytso@mit.edu>
Signed-off-by: default avatarBen Hutchings <ben@decadent.org.uk>
parent 057358a0
...@@ -849,6 +849,29 @@ do { \ ...@@ -849,6 +849,29 @@ do { \
#include "extents_status.h" #include "extents_status.h"
/*
* Lock subclasses for i_data_sem in the ext4_inode_info structure.
*
* These are needed to avoid lockdep false positives when we need to
* allocate blocks to the quota inode during ext4_map_blocks(), while
* holding i_data_sem for a normal (non-quota) inode. Since we don't
* do quota tracking for the quota inode, this avoids deadlock (as
* well as infinite recursion, since it isn't turtles all the way
* down...)
*
* I_DATA_SEM_NORMAL - Used for most inodes
* I_DATA_SEM_OTHER - Used by move_inode.c for the second normal inode
* where the second inode has larger inode number
* than the first
* I_DATA_SEM_QUOTA - Used for quota inodes only
*/
enum {
I_DATA_SEM_NORMAL = 0,
I_DATA_SEM_OTHER,
I_DATA_SEM_QUOTA,
};
/* /*
* fourth extended file system inode data in memory * fourth extended file system inode data in memory
*/ */
......
...@@ -154,10 +154,10 @@ ext4_double_down_write_data_sem(struct inode *first, struct inode *second) ...@@ -154,10 +154,10 @@ ext4_double_down_write_data_sem(struct inode *first, struct inode *second)
{ {
if (first < second) { if (first < second) {
down_write(&EXT4_I(first)->i_data_sem); down_write(&EXT4_I(first)->i_data_sem);
down_write_nested(&EXT4_I(second)->i_data_sem, SINGLE_DEPTH_NESTING); down_write_nested(&EXT4_I(second)->i_data_sem, I_DATA_SEM_OTHER);
} else { } else {
down_write(&EXT4_I(second)->i_data_sem); down_write(&EXT4_I(second)->i_data_sem);
down_write_nested(&EXT4_I(first)->i_data_sem, SINGLE_DEPTH_NESTING); down_write_nested(&EXT4_I(first)->i_data_sem, I_DATA_SEM_OTHER);
} }
} }
...@@ -1124,6 +1124,13 @@ mext_check_arguments(struct inode *orig_inode, ...@@ -1124,6 +1124,13 @@ mext_check_arguments(struct inode *orig_inode,
return -EINVAL; return -EINVAL;
} }
if (IS_NOQUOTA(orig_inode) || IS_NOQUOTA(donor_inode)) {
ext4_debug("ext4 move extent: The argument files should "
"not be quota files [ino:orig %lu, donor %lu]\n",
orig_inode->i_ino, donor_inode->i_ino);
return -EBUSY;
}
/* Ext4 move extent supports only extent based file */ /* Ext4 move extent supports only extent based file */
if (!(ext4_test_inode_flag(orig_inode, EXT4_INODE_EXTENTS))) { if (!(ext4_test_inode_flag(orig_inode, EXT4_INODE_EXTENTS))) {
ext4_debug("ext4 move extent: orig file is not extents " ext4_debug("ext4 move extent: orig file is not extents "
......
...@@ -5160,6 +5160,20 @@ static int ext4_quota_on_mount(struct super_block *sb, int type) ...@@ -5160,6 +5160,20 @@ static int ext4_quota_on_mount(struct super_block *sb, int type)
EXT4_SB(sb)->s_jquota_fmt, type); EXT4_SB(sb)->s_jquota_fmt, type);
} }
static void lockdep_set_quota_inode(struct inode *inode, int subclass)
{
struct ext4_inode_info *ei = EXT4_I(inode);
/* The first argument of lockdep_set_subclass has to be
* *exactly* the same as the argument to init_rwsem() --- in
* this case, in init_once() --- or lockdep gets unhappy
* because the name of the lock is set using the
* stringification of the argument to init_rwsem().
*/
(void) ei; /* shut up clang warning if !CONFIG_LOCKDEP */
lockdep_set_subclass(&ei->i_data_sem, subclass);
}
/* /*
* Standard function to be called on quota_on * Standard function to be called on quota_on
*/ */
...@@ -5199,8 +5213,12 @@ static int ext4_quota_on(struct super_block *sb, int type, int format_id, ...@@ -5199,8 +5213,12 @@ static int ext4_quota_on(struct super_block *sb, int type, int format_id,
if (err) if (err)
return err; return err;
} }
lockdep_set_quota_inode(path->dentry->d_inode, I_DATA_SEM_QUOTA);
return dquot_quota_on(sb, type, format_id, path); err = dquot_quota_on(sb, type, format_id, path);
if (err)
lockdep_set_quota_inode(path->dentry->d_inode,
I_DATA_SEM_NORMAL);
return err;
} }
static int ext4_quota_enable(struct super_block *sb, int type, int format_id, static int ext4_quota_enable(struct super_block *sb, int type, int format_id,
...@@ -5226,8 +5244,11 @@ static int ext4_quota_enable(struct super_block *sb, int type, int format_id, ...@@ -5226,8 +5244,11 @@ static int ext4_quota_enable(struct super_block *sb, int type, int format_id,
/* Don't account quota for quota files to avoid recursion */ /* Don't account quota for quota files to avoid recursion */
qf_inode->i_flags |= S_NOQUOTA; qf_inode->i_flags |= S_NOQUOTA;
lockdep_set_quota_inode(qf_inode, I_DATA_SEM_QUOTA);
err = dquot_enable(qf_inode, type, format_id, flags); err = dquot_enable(qf_inode, type, format_id, flags);
iput(qf_inode); iput(qf_inode);
if (err)
lockdep_set_quota_inode(qf_inode, I_DATA_SEM_NORMAL);
return err; return err;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment