diff mbox

[09/12] locks: helper functions for delegation breaking

Message ID 1372882356-14168-10-git-send-email-bfields@redhat.com (mailing list archive)
State New, archived
Headers show

Commit Message

Bruce Fields July 3, 2013, 8:12 p.m. UTC 
From: "J. Bruce Fields" <bfields@redhat.com>

We'll need the same logic for rename and link.

Signed-off-by: J. Bruce Fields <bfields@redhat.com>
---
 fs/namei.c         |   13 +++----------
 include/linux/fs.h |   33 +++++++++++++++++++++++++++++++--
 2 files changed, 34 insertions(+), 12 deletions(-)

Comments

Jeff Layton July 9, 2013, 1:09 p.m. UTC | #1 
On Wed,  3 Jul 2013 16:12:33 -0400
"J. Bruce Fields" <bfields@redhat.com> wrote:

> From: "J. Bruce Fields" <bfields@redhat.com>
> 
> We'll need the same logic for rename and link.
> 
> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
> ---
>  fs/namei.c         |   13 +++----------
>  include/linux/fs.h |   33 +++++++++++++++++++++++++++++++--
>  2 files changed, 34 insertions(+), 12 deletions(-)
> 
> diff --git a/fs/namei.c b/fs/namei.c
> index cba3db1..a9d4031 100644
> --- a/fs/namei.c
> +++ b/fs/namei.c
> @@ -3401,14 +3401,9 @@ int vfs_unlink(struct inode *dir, struct dentry *dentry, struct inode **delegate
>  	else {
>  		error = security_inode_unlink(dir, dentry);
>  		if (!error) {
> -			error = break_deleg(target, O_WRONLY|O_NONBLOCK);
> -			if (error) {
> -				if (error == -EWOULDBLOCK && delegated_inode) {
> -					*delegated_inode = target;
> -					ihold(target);
> -				}
> +			error = try_break_deleg(target, delegated_inode);
> +			if (error)
>  				goto out;
> -			}
>  			error = dir->i_op->unlink(dir, dentry);
>  			if (!error)
>  				dont_mount(dentry);
> @@ -3478,9 +3473,7 @@ exit2:
>  		iput(inode);	/* truncate the inode here */
>  	inode = NULL;
>  	if (delegated_inode) {
> -		error = break_deleg(delegated_inode, O_WRONLY);
> -		iput(delegated_inode);
> -		delegated_inode = NULL;
> +		error = break_deleg_wait(&delegated_inode);
>  		if (!error)
>  			goto retry_deleg;
>  	}
> diff --git a/include/linux/fs.h b/include/linux/fs.h
> index f951588..c37e463 100644
> --- a/include/linux/fs.h
> +++ b/include/linux/fs.h
> @@ -1894,6 +1894,9 @@ extern bool our_mnt(struct vfsmount *mnt);
>  
>  extern int current_umask(void);
>  
> +extern void ihold(struct inode * inode);
> +extern void iput(struct inode *);
> +
>  /* /sys/fs */
>  extern struct kobject *fs_kobj;
>  
> @@ -1962,6 +1965,28 @@ static inline int break_deleg(struct inode *inode, unsigned int mode)
>  	return 0;
>  }
>  
> +static inline int try_break_deleg(struct inode *inode, struct inode **delegated_inode)
> +{
> +	int ret;
> +
> +	ret = break_deleg(inode, O_WRONLY|O_NONBLOCK);
> +	if (ret == -EWOULDBLOCK && delegated_inode) {
> +		*delegated_inode = inode;
> +		ihold(inode);
> +	}
> +	return ret;
> +}
> +
> +static inline int break_deleg_wait(struct inode **delegated_inode)
> +{
> +	int ret;
> +
> +	ret = break_deleg(*delegated_inode, O_WRONLY);
> +	iput(*delegated_inode);
> +	*delegated_inode = NULL;
> +	return ret;
> +}
> +
>  #else /* !CONFIG_FILE_LOCKING */
>  static inline int locks_mandatory_locked(struct inode *inode)
>  {
> @@ -2005,6 +2030,12 @@ static inline int break_deleg(struct inode *inode, unsigned int mode)
>  {
>  	return 0;
>  }
> +
> +static inline int try_break_deleg(struct inode *inode, struct delegated_inode **inode)
> +{
> +	return 0;
> +}
> +
>  #endif /* CONFIG_FILE_LOCKING */
>  
>  /* fs/open.c */
> @@ -2335,8 +2366,6 @@ extern loff_t vfs_llseek(struct file *file, loff_t offset, int whence);
>  extern int inode_init_always(struct super_block *, struct inode *);
>  extern void inode_init_once(struct inode *);
>  extern void address_space_init_once(struct address_space *mapping);
> -extern void ihold(struct inode * inode);
> -extern void iput(struct inode *);
>  extern struct inode * igrab(struct inode *);
>  extern ino_t iunique(struct super_block *, ino_t);
>  extern int inode_needs_sync(struct inode *inode);

Nice cleanup. Might be reasonable to reorder or merge this patch with
the previous one to reduce "churn" in vfs_unlink.

Acked-by: Jeff Layton <jlayton@redhat.com>
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Jeff Layton July 9, 2013, 1:23 p.m. UTC | #2 
On Wed,  3 Jul 2013 16:12:33 -0400
"J. Bruce Fields" <bfields@redhat.com> wrote:

> From: "J. Bruce Fields" <bfields@redhat.com>
> 
> We'll need the same logic for rename and link.
> 
> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
> ---
>  fs/namei.c         |   13 +++----------
>  include/linux/fs.h |   33 +++++++++++++++++++++++++++++++--
>  2 files changed, 34 insertions(+), 12 deletions(-)
> 
> diff --git a/fs/namei.c b/fs/namei.c
> index cba3db1..a9d4031 100644
> --- a/fs/namei.c
> +++ b/fs/namei.c
> @@ -3401,14 +3401,9 @@ int vfs_unlink(struct inode *dir, struct dentry *dentry, struct inode **delegate
>  	else {
>  		error = security_inode_unlink(dir, dentry);
>  		if (!error) {
> -			error = break_deleg(target, O_WRONLY|O_NONBLOCK);
> -			if (error) {
> -				if (error == -EWOULDBLOCK && delegated_inode) {
> -					*delegated_inode = target;
> -					ihold(target);
> -				}
> +			error = try_break_deleg(target, delegated_inode);
> +			if (error)
>  				goto out;
> -			}
>  			error = dir->i_op->unlink(dir, dentry);
>  			if (!error)
>  				dont_mount(dentry);
> @@ -3478,9 +3473,7 @@ exit2:
>  		iput(inode);	/* truncate the inode here */
>  	inode = NULL;
>  	if (delegated_inode) {
> -		error = break_deleg(delegated_inode, O_WRONLY);
> -		iput(delegated_inode);
> -		delegated_inode = NULL;
> +		error = break_deleg_wait(&delegated_inode);
>  		if (!error)
>  			goto retry_deleg;
>  	}
> diff --git a/include/linux/fs.h b/include/linux/fs.h
> index f951588..c37e463 100644
> --- a/include/linux/fs.h
> +++ b/include/linux/fs.h
> @@ -1894,6 +1894,9 @@ extern bool our_mnt(struct vfsmount *mnt);
>  
>  extern int current_umask(void);
>  
> +extern void ihold(struct inode * inode);
> +extern void iput(struct inode *);
> +
>  /* /sys/fs */
>  extern struct kobject *fs_kobj;
>  
> @@ -1962,6 +1965,28 @@ static inline int break_deleg(struct inode *inode, unsigned int mode)
>  	return 0;
>  }
>  
> +static inline int try_break_deleg(struct inode *inode, struct inode **delegated_inode)
> +{
> +	int ret;
> +
> +	ret = break_deleg(inode, O_WRONLY|O_NONBLOCK);
> +	if (ret == -EWOULDBLOCK && delegated_inode) {
> +		*delegated_inode = inode;
> +		ihold(inode);
> +	}
> +	return ret;
> +}
> +

Actually, now that I look...

Suppose a vfs_unlink caller passes in a NULL delegated_inode pointer.
He'll get back a -EWOULDBLOCK here if there's a delegation on it.
Presumably he'll just treat that as a hard error and the delegation
would never get broken. Is that expected?

> +static inline int break_deleg_wait(struct inode **delegated_inode)
> +{
> +	int ret;
> +
> +	ret = break_deleg(*delegated_inode, O_WRONLY);
> +	iput(*delegated_inode);
> +	*delegated_inode = NULL;
> +	return ret;
> +}
> +
>  #else /* !CONFIG_FILE_LOCKING */
>  static inline int locks_mandatory_locked(struct inode *inode)
>  {
> @@ -2005,6 +2030,12 @@ static inline int break_deleg(struct inode *inode, unsigned int mode)
>  {
>  	return 0;
>  }
> +
> +static inline int try_break_deleg(struct inode *inode, struct delegated_inode **inode)
> +{
> +	return 0;
> +}
> +
>  #endif /* CONFIG_FILE_LOCKING */
>  
>  /* fs/open.c */
> @@ -2335,8 +2366,6 @@ extern loff_t vfs_llseek(struct file *file, loff_t offset, int whence);
>  extern int inode_init_always(struct super_block *, struct inode *);
>  extern void inode_init_once(struct inode *);
>  extern void address_space_init_once(struct address_space *mapping);
> -extern void ihold(struct inode * inode);
> -extern void iput(struct inode *);
>  extern struct inode * igrab(struct inode *);
>  extern ino_t iunique(struct super_block *, ino_t);
>  extern int inode_needs_sync(struct inode *inode);
Bruce Fields July 9, 2013, 7:31 p.m. UTC | #3 
On Tue, Jul 09, 2013 at 09:09:52AM -0400, Jeff Layton wrote:
> On Wed,  3 Jul 2013 16:12:33 -0400
> "J. Bruce Fields" <bfields@redhat.com> wrote:
> 
> > From: "J. Bruce Fields" <bfields@redhat.com>
> > 
> > We'll need the same logic for rename and link.
> > 
> > Signed-off-by: J. Bruce Fields <bfields@redhat.com>
> > ---
> >  fs/namei.c         |   13 +++----------
> >  include/linux/fs.h |   33 +++++++++++++++++++++++++++++++--
> >  2 files changed, 34 insertions(+), 12 deletions(-)
> > 
> > diff --git a/fs/namei.c b/fs/namei.c
> > index cba3db1..a9d4031 100644
> > --- a/fs/namei.c
> > +++ b/fs/namei.c
> > @@ -3401,14 +3401,9 @@ int vfs_unlink(struct inode *dir, struct dentry *dentry, struct inode **delegate
> >  	else {
> >  		error = security_inode_unlink(dir, dentry);
> >  		if (!error) {
> > -			error = break_deleg(target, O_WRONLY|O_NONBLOCK);
> > -			if (error) {
> > -				if (error == -EWOULDBLOCK && delegated_inode) {
> > -					*delegated_inode = target;
> > -					ihold(target);
> > -				}
> > +			error = try_break_deleg(target, delegated_inode);
> > +			if (error)
> >  				goto out;
> > -			}
> >  			error = dir->i_op->unlink(dir, dentry);
> >  			if (!error)
> >  				dont_mount(dentry);
> > @@ -3478,9 +3473,7 @@ exit2:
> >  		iput(inode);	/* truncate the inode here */
> >  	inode = NULL;
> >  	if (delegated_inode) {
> > -		error = break_deleg(delegated_inode, O_WRONLY);
> > -		iput(delegated_inode);
> > -		delegated_inode = NULL;
> > +		error = break_deleg_wait(&delegated_inode);
> >  		if (!error)
> >  			goto retry_deleg;
> >  	}
> > diff --git a/include/linux/fs.h b/include/linux/fs.h
> > index f951588..c37e463 100644
> > --- a/include/linux/fs.h
> > +++ b/include/linux/fs.h
> > @@ -1894,6 +1894,9 @@ extern bool our_mnt(struct vfsmount *mnt);
> >  
> >  extern int current_umask(void);
> >  
> > +extern void ihold(struct inode * inode);
> > +extern void iput(struct inode *);
> > +
> >  /* /sys/fs */
> >  extern struct kobject *fs_kobj;
> >  
> > @@ -1962,6 +1965,28 @@ static inline int break_deleg(struct inode *inode, unsigned int mode)
> >  	return 0;
> >  }
> >  
> > +static inline int try_break_deleg(struct inode *inode, struct inode **delegated_inode)
> > +{
> > +	int ret;
> > +
> > +	ret = break_deleg(inode, O_WRONLY|O_NONBLOCK);
> > +	if (ret == -EWOULDBLOCK && delegated_inode) {
> > +		*delegated_inode = inode;
> > +		ihold(inode);
> > +	}
> > +	return ret;
> > +}
> > +
> > +static inline int break_deleg_wait(struct inode **delegated_inode)
> > +{
> > +	int ret;
> > +
> > +	ret = break_deleg(*delegated_inode, O_WRONLY);
> > +	iput(*delegated_inode);
> > +	*delegated_inode = NULL;
> > +	return ret;
> > +}
> > +
> >  #else /* !CONFIG_FILE_LOCKING */
> >  static inline int locks_mandatory_locked(struct inode *inode)
> >  {
> > @@ -2005,6 +2030,12 @@ static inline int break_deleg(struct inode *inode, unsigned int mode)
> >  {
> >  	return 0;
> >  }
> > +
> > +static inline int try_break_deleg(struct inode *inode, struct delegated_inode **inode)
> > +{
> > +	return 0;
> > +}
> > +
> >  #endif /* CONFIG_FILE_LOCKING */
> >  
> >  /* fs/open.c */
> > @@ -2335,8 +2366,6 @@ extern loff_t vfs_llseek(struct file *file, loff_t offset, int whence);
> >  extern int inode_init_always(struct super_block *, struct inode *);
> >  extern void inode_init_once(struct inode *);
> >  extern void address_space_init_once(struct address_space *mapping);
> > -extern void ihold(struct inode * inode);
> > -extern void iput(struct inode *);
> >  extern struct inode * igrab(struct inode *);
> >  extern ino_t iunique(struct super_block *, ino_t);
> >  extern int inode_needs_sync(struct inode *inode);
> 
> Nice cleanup. Might be reasonable to reorder or merge this patch with
> the previous one to reduce "churn" in vfs_unlink.

That's how I first did it then I thought "eh, there's a way I could make
this patch a little smaller...".   Seemed like it might be a tad easier
to review this way.  Up to you.

--b.

> 
> Acked-by: Jeff Layton <jlayton@redhat.com>
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Jeff Layton July 9, 2013, 7:37 p.m. UTC | #4 
On Tue, 9 Jul 2013 15:31:25 -0400
"J. Bruce Fields" <bfields@redhat.com> wrote:

> On Tue, Jul 09, 2013 at 09:09:52AM -0400, Jeff Layton wrote:
> > On Wed,  3 Jul 2013 16:12:33 -0400
> > "J. Bruce Fields" <bfields@redhat.com> wrote:
> > 
> > > From: "J. Bruce Fields" <bfields@redhat.com>
> > > 
> > > We'll need the same logic for rename and link.
> > > 
> > > Signed-off-by: J. Bruce Fields <bfields@redhat.com>
> > > ---
> > >  fs/namei.c         |   13 +++----------
> > >  include/linux/fs.h |   33 +++++++++++++++++++++++++++++++--
> > >  2 files changed, 34 insertions(+), 12 deletions(-)
> > > 
> > > diff --git a/fs/namei.c b/fs/namei.c
> > > index cba3db1..a9d4031 100644
> > > --- a/fs/namei.c
> > > +++ b/fs/namei.c
> > > @@ -3401,14 +3401,9 @@ int vfs_unlink(struct inode *dir, struct dentry *dentry, struct inode **delegate
> > >  	else {
> > >  		error = security_inode_unlink(dir, dentry);
> > >  		if (!error) {
> > > -			error = break_deleg(target, O_WRONLY|O_NONBLOCK);
> > > -			if (error) {
> > > -				if (error == -EWOULDBLOCK && delegated_inode) {
> > > -					*delegated_inode = target;
> > > -					ihold(target);
> > > -				}
> > > +			error = try_break_deleg(target, delegated_inode);
> > > +			if (error)
> > >  				goto out;
> > > -			}
> > >  			error = dir->i_op->unlink(dir, dentry);
> > >  			if (!error)
> > >  				dont_mount(dentry);
> > > @@ -3478,9 +3473,7 @@ exit2:
> > >  		iput(inode);	/* truncate the inode here */
> > >  	inode = NULL;
> > >  	if (delegated_inode) {
> > > -		error = break_deleg(delegated_inode, O_WRONLY);
> > > -		iput(delegated_inode);
> > > -		delegated_inode = NULL;
> > > +		error = break_deleg_wait(&delegated_inode);
> > >  		if (!error)
> > >  			goto retry_deleg;
> > >  	}
> > > diff --git a/include/linux/fs.h b/include/linux/fs.h
> > > index f951588..c37e463 100644
> > > --- a/include/linux/fs.h
> > > +++ b/include/linux/fs.h
> > > @@ -1894,6 +1894,9 @@ extern bool our_mnt(struct vfsmount *mnt);
> > >  
> > >  extern int current_umask(void);
> > >  
> > > +extern void ihold(struct inode * inode);
> > > +extern void iput(struct inode *);
> > > +
> > >  /* /sys/fs */
> > >  extern struct kobject *fs_kobj;
> > >  
> > > @@ -1962,6 +1965,28 @@ static inline int break_deleg(struct inode *inode, unsigned int mode)
> > >  	return 0;
> > >  }
> > >  
> > > +static inline int try_break_deleg(struct inode *inode, struct inode **delegated_inode)
> > > +{
> > > +	int ret;
> > > +
> > > +	ret = break_deleg(inode, O_WRONLY|O_NONBLOCK);
> > > +	if (ret == -EWOULDBLOCK && delegated_inode) {
> > > +		*delegated_inode = inode;
> > > +		ihold(inode);
> > > +	}
> > > +	return ret;
> > > +}
> > > +
> > > +static inline int break_deleg_wait(struct inode **delegated_inode)
> > > +{
> > > +	int ret;
> > > +
> > > +	ret = break_deleg(*delegated_inode, O_WRONLY);
> > > +	iput(*delegated_inode);
> > > +	*delegated_inode = NULL;
> > > +	return ret;
> > > +}
> > > +
> > >  #else /* !CONFIG_FILE_LOCKING */
> > >  static inline int locks_mandatory_locked(struct inode *inode)
> > >  {
> > > @@ -2005,6 +2030,12 @@ static inline int break_deleg(struct inode *inode, unsigned int mode)
> > >  {
> > >  	return 0;
> > >  }
> > > +
> > > +static inline int try_break_deleg(struct inode *inode, struct delegated_inode **inode)
> > > +{
> > > +	return 0;
> > > +}
> > > +
> > >  #endif /* CONFIG_FILE_LOCKING */
> > >  
> > >  /* fs/open.c */
> > > @@ -2335,8 +2366,6 @@ extern loff_t vfs_llseek(struct file *file, loff_t offset, int whence);
> > >  extern int inode_init_always(struct super_block *, struct inode *);
> > >  extern void inode_init_once(struct inode *);
> > >  extern void address_space_init_once(struct address_space *mapping);
> > > -extern void ihold(struct inode * inode);
> > > -extern void iput(struct inode *);
> > >  extern struct inode * igrab(struct inode *);
> > >  extern ino_t iunique(struct super_block *, ino_t);
> > >  extern int inode_needs_sync(struct inode *inode);
> > 
> > Nice cleanup. Might be reasonable to reorder or merge this patch with
> > the previous one to reduce "churn" in vfs_unlink.
> 
> That's how I first did it then I thought "eh, there's a way I could make
> this patch a little smaller...".   Seemed like it might be a tad easier
> to review this way.  Up to you.
> 

Reordering it would still keep it granular. Maybe introduce the helpers
first and then add patches that make the callers use them?

But that's just me being picky -- the patches look reasonable either
way...
Bruce Fields July 9, 2013, 7:38 p.m. UTC | #5 
On Tue, Jul 09, 2013 at 09:23:10AM -0400, Jeff Layton wrote:
> On Wed,  3 Jul 2013 16:12:33 -0400
> "J. Bruce Fields" <bfields@redhat.com> wrote:
> 
> > From: "J. Bruce Fields" <bfields@redhat.com>
> > 
> > We'll need the same logic for rename and link.
> > 
> > Signed-off-by: J. Bruce Fields <bfields@redhat.com>
> > ---
> >  fs/namei.c         |   13 +++----------
> >  include/linux/fs.h |   33 +++++++++++++++++++++++++++++++--
> >  2 files changed, 34 insertions(+), 12 deletions(-)
> > 
> > diff --git a/fs/namei.c b/fs/namei.c
> > index cba3db1..a9d4031 100644
> > --- a/fs/namei.c
> > +++ b/fs/namei.c
> > @@ -3401,14 +3401,9 @@ int vfs_unlink(struct inode *dir, struct dentry *dentry, struct inode **delegate
> >  	else {
> >  		error = security_inode_unlink(dir, dentry);
> >  		if (!error) {
> > -			error = break_deleg(target, O_WRONLY|O_NONBLOCK);
> > -			if (error) {
> > -				if (error == -EWOULDBLOCK && delegated_inode) {
> > -					*delegated_inode = target;
> > -					ihold(target);
> > -				}
> > +			error = try_break_deleg(target, delegated_inode);
> > +			if (error)
> >  				goto out;
> > -			}
> >  			error = dir->i_op->unlink(dir, dentry);
> >  			if (!error)
> >  				dont_mount(dentry);
> > @@ -3478,9 +3473,7 @@ exit2:
> >  		iput(inode);	/* truncate the inode here */
> >  	inode = NULL;
> >  	if (delegated_inode) {
> > -		error = break_deleg(delegated_inode, O_WRONLY);
> > -		iput(delegated_inode);
> > -		delegated_inode = NULL;
> > +		error = break_deleg_wait(&delegated_inode);
> >  		if (!error)
> >  			goto retry_deleg;
> >  	}
> > diff --git a/include/linux/fs.h b/include/linux/fs.h
> > index f951588..c37e463 100644
> > --- a/include/linux/fs.h
> > +++ b/include/linux/fs.h
> > @@ -1894,6 +1894,9 @@ extern bool our_mnt(struct vfsmount *mnt);
> >  
> >  extern int current_umask(void);
> >  
> > +extern void ihold(struct inode * inode);
> > +extern void iput(struct inode *);
> > +
> >  /* /sys/fs */
> >  extern struct kobject *fs_kobj;
> >  
> > @@ -1962,6 +1965,28 @@ static inline int break_deleg(struct inode *inode, unsigned int mode)
> >  	return 0;
> >  }
> >  
> > +static inline int try_break_deleg(struct inode *inode, struct inode **delegated_inode)
> > +{
> > +	int ret;
> > +
> > +	ret = break_deleg(inode, O_WRONLY|O_NONBLOCK);
> > +	if (ret == -EWOULDBLOCK && delegated_inode) {
> > +		*delegated_inode = inode;
> > +		ihold(inode);
> > +	}
> > +	return ret;
> > +}
> > +
> 
> Actually, now that I look...
> 
> Suppose a vfs_unlink caller passes in a NULL delegated_inode pointer.
> He'll get back a -EWOULDBLOCK here if there's a delegation on it.
> Presumably he'll just treat that as a hard error and the delegation
> would never get broken. Is that expected?

Yes.

The callers that pass in NULL are callers who should really never
encounter a write delegation.  E.g. it might happen if you exported a
filesystem that you're also stacking ecryptfs on top of (assuming that's
possible).  Maybe I'm missing something, but that looks pointless.
Erroring out seems a safe way to handle it.

It wouldn't be a problem to convert more of those callers to do the same
retry loop, it just seems better to avoid the extra spaghetti to support
what looks like a nutty use case.

--b.
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Jeff Layton July 9, 2013, 8:28 p.m. UTC | #6 
On Tue, 9 Jul 2013 15:38:36 -0400
"J. Bruce Fields" <bfields@redhat.com> wrote:

> On Tue, Jul 09, 2013 at 09:23:10AM -0400, Jeff Layton wrote:
> > On Wed,  3 Jul 2013 16:12:33 -0400
> > "J. Bruce Fields" <bfields@redhat.com> wrote:
> > 
> > > From: "J. Bruce Fields" <bfields@redhat.com>
> > > 
> > > We'll need the same logic for rename and link.
> > > 
> > > Signed-off-by: J. Bruce Fields <bfields@redhat.com>
> > > ---
> > >  fs/namei.c         |   13 +++----------
> > >  include/linux/fs.h |   33 +++++++++++++++++++++++++++++++--
> > >  2 files changed, 34 insertions(+), 12 deletions(-)
> > > 
> > > diff --git a/fs/namei.c b/fs/namei.c
> > > index cba3db1..a9d4031 100644
> > > --- a/fs/namei.c
> > > +++ b/fs/namei.c
> > > @@ -3401,14 +3401,9 @@ int vfs_unlink(struct inode *dir, struct dentry *dentry, struct inode **delegate
> > >  	else {
> > >  		error = security_inode_unlink(dir, dentry);
> > >  		if (!error) {
> > > -			error = break_deleg(target, O_WRONLY|O_NONBLOCK);
> > > -			if (error) {
> > > -				if (error == -EWOULDBLOCK && delegated_inode) {
> > > -					*delegated_inode = target;
> > > -					ihold(target);
> > > -				}
> > > +			error = try_break_deleg(target, delegated_inode);
> > > +			if (error)
> > >  				goto out;
> > > -			}
> > >  			error = dir->i_op->unlink(dir, dentry);
> > >  			if (!error)
> > >  				dont_mount(dentry);
> > > @@ -3478,9 +3473,7 @@ exit2:
> > >  		iput(inode);	/* truncate the inode here */
> > >  	inode = NULL;
> > >  	if (delegated_inode) {
> > > -		error = break_deleg(delegated_inode, O_WRONLY);
> > > -		iput(delegated_inode);
> > > -		delegated_inode = NULL;
> > > +		error = break_deleg_wait(&delegated_inode);
> > >  		if (!error)
> > >  			goto retry_deleg;
> > >  	}
> > > diff --git a/include/linux/fs.h b/include/linux/fs.h
> > > index f951588..c37e463 100644
> > > --- a/include/linux/fs.h
> > > +++ b/include/linux/fs.h
> > > @@ -1894,6 +1894,9 @@ extern bool our_mnt(struct vfsmount *mnt);
> > >  
> > >  extern int current_umask(void);
> > >  
> > > +extern void ihold(struct inode * inode);
> > > +extern void iput(struct inode *);
> > > +
> > >  /* /sys/fs */
> > >  extern struct kobject *fs_kobj;
> > >  
> > > @@ -1962,6 +1965,28 @@ static inline int break_deleg(struct inode *inode, unsigned int mode)
> > >  	return 0;
> > >  }
> > >  
> > > +static inline int try_break_deleg(struct inode *inode, struct inode **delegated_inode)
> > > +{
> > > +	int ret;
> > > +
> > > +	ret = break_deleg(inode, O_WRONLY|O_NONBLOCK);
> > > +	if (ret == -EWOULDBLOCK && delegated_inode) {
> > > +		*delegated_inode = inode;
> > > +		ihold(inode);
> > > +	}
> > > +	return ret;
> > > +}
> > > +
> > 
> > Actually, now that I look...
> > 
> > Suppose a vfs_unlink caller passes in a NULL delegated_inode pointer.
> > He'll get back a -EWOULDBLOCK here if there's a delegation on it.
> > Presumably he'll just treat that as a hard error and the delegation
> > would never get broken. Is that expected?
> 
> Yes.
> 
> The callers that pass in NULL are callers who should really never
> encounter a write delegation.  E.g. it might happen if you exported a
> filesystem that you're also stacking ecryptfs on top of (assuming that's
> possible).  Maybe I'm missing something, but that looks pointless.
> Erroring out seems a safe way to handle it.
> 
> It wouldn't be a problem to convert more of those callers to do the same
> retry loop, it just seems better to avoid the extra spaghetti to support
> what looks like a nutty use case.
> 
> --b.

Ok, thanks for clarifying that. I agree that those others are nutty
use-cases, at least for now. If someone were to ever allow setting of
FL_DELEGs from userland though they'll probably need to contend with
them.
diff mbox

Patch

diff --git a/fs/namei.c b/fs/namei.c
index cba3db1..a9d4031 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -3401,14 +3401,9 @@  int vfs_unlink(struct inode *dir, struct dentry *dentry, struct inode **delegate
 	else {
 		error = security_inode_unlink(dir, dentry);
 		if (!error) {
-			error = break_deleg(target, O_WRONLY|O_NONBLOCK);
-			if (error) {
-				if (error == -EWOULDBLOCK && delegated_inode) {
-					*delegated_inode = target;
-					ihold(target);
-				}
+			error = try_break_deleg(target, delegated_inode);
+			if (error)
 				goto out;
-			}
 			error = dir->i_op->unlink(dir, dentry);
 			if (!error)
 				dont_mount(dentry);
@@ -3478,9 +3473,7 @@  exit2:
 		iput(inode);	/* truncate the inode here */
 	inode = NULL;
 	if (delegated_inode) {
-		error = break_deleg(delegated_inode, O_WRONLY);
-		iput(delegated_inode);
-		delegated_inode = NULL;
+		error = break_deleg_wait(&delegated_inode);
 		if (!error)
 			goto retry_deleg;
 	}
diff --git a/include/linux/fs.h b/include/linux/fs.h
index f951588..c37e463 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -1894,6 +1894,9 @@  extern bool our_mnt(struct vfsmount *mnt);
 
 extern int current_umask(void);
 
+extern void ihold(struct inode * inode);
+extern void iput(struct inode *);
+
 /* /sys/fs */
 extern struct kobject *fs_kobj;
 
@@ -1962,6 +1965,28 @@  static inline int break_deleg(struct inode *inode, unsigned int mode)
 	return 0;
 }
 
+static inline int try_break_deleg(struct inode *inode, struct inode **delegated_inode)
+{
+	int ret;
+
+	ret = break_deleg(inode, O_WRONLY|O_NONBLOCK);
+	if (ret == -EWOULDBLOCK && delegated_inode) {
+		*delegated_inode = inode;
+		ihold(inode);
+	}
+	return ret;
+}
+
+static inline int break_deleg_wait(struct inode **delegated_inode)
+{
+	int ret;
+
+	ret = break_deleg(*delegated_inode, O_WRONLY);
+	iput(*delegated_inode);
+	*delegated_inode = NULL;
+	return ret;
+}
+
 #else /* !CONFIG_FILE_LOCKING */
 static inline int locks_mandatory_locked(struct inode *inode)
 {
@@ -2005,6 +2030,12 @@  static inline int break_deleg(struct inode *inode, unsigned int mode)
 {
 	return 0;
 }
+
+static inline int try_break_deleg(struct inode *inode, struct delegated_inode **inode)
+{
+	return 0;
+}
+
 #endif /* CONFIG_FILE_LOCKING */
 
 /* fs/open.c */
@@ -2335,8 +2366,6 @@  extern loff_t vfs_llseek(struct file *file, loff_t offset, int whence);
 extern int inode_init_always(struct super_block *, struct inode *);
 extern void inode_init_once(struct inode *);
 extern void address_space_init_once(struct address_space *mapping);
-extern void ihold(struct inode * inode);
-extern void iput(struct inode *);
 extern struct inode * igrab(struct inode *);
 extern ino_t iunique(struct super_block *, ino_t);
 extern int inode_needs_sync(struct inode *inode);