From: Jan Kara Date: Tue, 15 Apr 2008 21:34:43 +0000 (-0700) Subject: vfs: fix possible deadlock in ext2, ext3, ext4 when using xattrs X-Git-Tag: v2.6.25~12 X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=335e92e8a515420bd47a6b0f01cb9a206c0ed6e4;p=linux-2.6 vfs: fix possible deadlock in ext2, ext3, ext4 when using xattrs mb_cache_entry_alloc() was allocating cache entries with GFP_KERNEL. But filesystems are calling this function while holding xattr_sem so possible recursion into the fs violates locking ordering of xattr_sem and transaction start / i_mutex for ext2-4. Change mb_cache_entry_alloc() so that filesystems can specify desired gfp mask and use GFP_NOFS from all of them. Signed-off-by: Jan Kara Reported-by: Dave Jones Cc: Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/fs/ext2/xattr.c b/fs/ext2/xattr.c index 3e8683dbb1..a99d46f3b2 100644 --- a/fs/ext2/xattr.c +++ b/fs/ext2/xattr.c @@ -835,7 +835,7 @@ ext2_xattr_cache_insert(struct buffer_head *bh) struct mb_cache_entry *ce; int error; - ce = mb_cache_entry_alloc(ext2_xattr_cache); + ce = mb_cache_entry_alloc(ext2_xattr_cache, GFP_NOFS); if (!ce) return -ENOMEM; error = mb_cache_entry_insert(ce, bh->b_bdev, bh->b_blocknr, &hash); diff --git a/fs/ext3/xattr.c b/fs/ext3/xattr.c index a6ea4d6a8b..42856541e9 100644 --- a/fs/ext3/xattr.c +++ b/fs/ext3/xattr.c @@ -1126,7 +1126,7 @@ ext3_xattr_cache_insert(struct buffer_head *bh) struct mb_cache_entry *ce; int error; - ce = mb_cache_entry_alloc(ext3_xattr_cache); + ce = mb_cache_entry_alloc(ext3_xattr_cache, GFP_NOFS); if (!ce) { ea_bdebug(bh, "out of memory"); return; diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index d7962139c0..e9054c1c7d 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -1386,7 +1386,7 @@ ext4_xattr_cache_insert(struct buffer_head *bh) struct mb_cache_entry *ce; int error; - ce = mb_cache_entry_alloc(ext4_xattr_cache); + ce = mb_cache_entry_alloc(ext4_xattr_cache, GFP_NOFS); if (!ce) { ea_bdebug(bh, "out of memory"); return; diff --git a/fs/mbcache.c b/fs/mbcache.c index eb31b73e7d..ec88ff3d04 100644 --- a/fs/mbcache.c +++ b/fs/mbcache.c @@ -399,11 +399,11 @@ mb_cache_destroy(struct mb_cache *cache) * if no more memory was available. */ struct mb_cache_entry * -mb_cache_entry_alloc(struct mb_cache *cache) +mb_cache_entry_alloc(struct mb_cache *cache, gfp_t gfp_flags) { struct mb_cache_entry *ce; - ce = kmem_cache_alloc(cache->c_entry_cache, GFP_KERNEL); + ce = kmem_cache_alloc(cache->c_entry_cache, gfp_flags); if (ce) { atomic_inc(&cache->c_entry_count); INIT_LIST_HEAD(&ce->e_lru_list); diff --git a/include/linux/mbcache.h b/include/linux/mbcache.h index 99e044b4ef..a09b84e4fd 100644 --- a/include/linux/mbcache.h +++ b/include/linux/mbcache.h @@ -34,7 +34,7 @@ void mb_cache_destroy(struct mb_cache *); /* Functions on cache entries */ -struct mb_cache_entry *mb_cache_entry_alloc(struct mb_cache *); +struct mb_cache_entry *mb_cache_entry_alloc(struct mb_cache *, gfp_t); int mb_cache_entry_insert(struct mb_cache_entry *, struct block_device *, sector_t, unsigned int[]); void mb_cache_entry_release(struct mb_cache_entry *);