| Message ID | 20171117020753.36947-1-yuchao0@huawei.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Fri 17-11-17 10:07:53, Chao Yu wrote: > In commit 6184fc0b8dd7 ("quota: Propagate error from ->acquire_dquot()"), > we have propagated error from __dquot_initialize to caller, but we forgot > to handle such error in add_dquot_ref(), so, currently, during quota > accounting information initialization flow, if we failed for some of > inodes, we just ignore such error, and do account for others, which is > not a good implementation. > > In this patch, we choose to let user be aware of such error, so after > turning on quota successfully, we can make sure all inodes disk usage > can be accounted, which will be more reasonable. Thanks for the patch! One comment below: > @@ -2371,10 +2377,18 @@ static int vfs_load_quota_inode(struct inode *inode, int type, int format_id, > dqopt->flags |= dquot_state_flag(flags, type); > spin_unlock(&dq_state_lock); > > - add_dquot_ref(sb, type); > + error = add_dquot_ref(sb, type); > + if (error) > + goto out_dquot_flags; > > return 0; > - > +out_dquot_flags: > + spin_lock(&dq_data_lock); > + dqopt->info[type].dqi_flags &= ~DQF_SYS_FILE; > + spin_unlock(&dq_data_lock); > + spin_lock(&dq_state_lock); > + dqopt->flags &= ~(dquot_state_flag(flags, type)); > + spin_unlock(&dq_state_lock); > out_file_init: > dqopt->files[type] = NULL; > iput(inode); This bail out path is not correct. You have to go through full quota off at this point (dquot_disable() function) as some inodes had already quotas initialized and can be using them... Honza
On 2017/11/21 21:18, Jan Kara wrote: > On Fri 17-11-17 10:07:53, Chao Yu wrote: >> In commit 6184fc0b8dd7 ("quota: Propagate error from ->acquire_dquot()"), >> we have propagated error from __dquot_initialize to caller, but we forgot >> to handle such error in add_dquot_ref(), so, currently, during quota >> accounting information initialization flow, if we failed for some of >> inodes, we just ignore such error, and do account for others, which is >> not a good implementation. >> >> In this patch, we choose to let user be aware of such error, so after >> turning on quota successfully, we can make sure all inodes disk usage >> can be accounted, which will be more reasonable. > > Thanks for the patch! One comment below: > >> @@ -2371,10 +2377,18 @@ static int vfs_load_quota_inode(struct inode *inode, int type, int format_id, >> dqopt->flags |= dquot_state_flag(flags, type); >> spin_unlock(&dq_state_lock); >> >> - add_dquot_ref(sb, type); >> + error = add_dquot_ref(sb, type); >> + if (error) >> + goto out_dquot_flags; >> >> return 0; >> - >> +out_dquot_flags: >> + spin_lock(&dq_data_lock); >> + dqopt->info[type].dqi_flags &= ~DQF_SYS_FILE; >> + spin_unlock(&dq_data_lock); >> + spin_lock(&dq_state_lock); >> + dqopt->flags &= ~(dquot_state_flag(flags, type)); >> + spin_unlock(&dq_state_lock); >> out_file_init: >> dqopt->files[type] = NULL; >> iput(inode); > > This bail out path is not correct. You have to go through full quota off at > this point (dquot_disable() function) as some inodes had already quotas > initialized and can be using them... Yes, you're right, have updated in v2, please help to check that. Thanks, > > Honza >
diff --git a/fs/quota/dquot.c b/fs/quota/dquot.c index 52ad15192e72..b898ed243c05 100644 --- a/fs/quota/dquot.c +++ b/fs/quota/dquot.c @@ -933,12 +933,13 @@ static int dqinit_needed(struct inode *inode, int type) } /* This routine is guarded by s_umount semaphore */ -static void add_dquot_ref(struct super_block *sb, int type) +static int add_dquot_ref(struct super_block *sb, int type) { struct inode *inode, *old_inode = NULL; #ifdef CONFIG_QUOTA_DEBUG int reserved = 0; #endif + int err = 0; spin_lock(&sb->s_inode_list_lock); list_for_each_entry(inode, &sb->s_inodes, i_sb_list) { @@ -958,7 +959,11 @@ static void add_dquot_ref(struct super_block *sb, int type) reserved = 1; #endif iput(old_inode); - __dquot_initialize(inode, type); + err = __dquot_initialize(inode, type); + if (err) { + iput(inode); + goto out; + } /* * We hold a reference to 'inode' so it couldn't have been @@ -973,7 +978,7 @@ static void add_dquot_ref(struct super_block *sb, int type) } spin_unlock(&sb->s_inode_list_lock); iput(old_inode); - +out: #ifdef CONFIG_QUOTA_DEBUG if (reserved) { quota_error(sb, "Writes happened before quota was turned on " @@ -981,6 +986,7 @@ static void add_dquot_ref(struct super_block *sb, int type) "Please run quotacheck(8)"); } #endif + return err; } /* @@ -2371,10 +2377,18 @@ static int vfs_load_quota_inode(struct inode *inode, int type, int format_id, dqopt->flags |= dquot_state_flag(flags, type); spin_unlock(&dq_state_lock); - add_dquot_ref(sb, type); + error = add_dquot_ref(sb, type); + if (error) + goto out_dquot_flags; return 0; - +out_dquot_flags: + spin_lock(&dq_data_lock); + dqopt->info[type].dqi_flags &= ~DQF_SYS_FILE; + spin_unlock(&dq_data_lock); + spin_lock(&dq_state_lock); + dqopt->flags &= ~(dquot_state_flag(flags, type)); + spin_unlock(&dq_state_lock); out_file_init: dqopt->files[type] = NULL; iput(inode);
In commit 6184fc0b8dd7 ("quota: Propagate error from ->acquire_dquot()"), we have propagated error from __dquot_initialize to caller, but we forgot to handle such error in add_dquot_ref(), so, currently, during quota accounting information initialization flow, if we failed for some of inodes, we just ignore such error, and do account for others, which is not a good implementation. In this patch, we choose to let user be aware of such error, so after turning on quota successfully, we can make sure all inodes disk usage can be accounted, which will be more reasonable. Suggested-by: Jan Kara <jack@suse.cz> Signed-off-by: Chao Yu <yuchao0@huawei.com> --- fs/quota/dquot.c | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-)