mirror of
https://github.com/torvalds/linux.git
synced 2024-12-15 07:33:56 +00:00
1558182f65
This fixes: ============================================= [ INFO: possible recursive locking detected ] 2.6.27-rc5-00283-g70bb089 #68 --------------------------------------------- touch/6855 is trying to acquire lock: (&info->bfs_lock){--..}, at: [<c02262f5>] bfs_delete_inode+0x9e/0x18c but task is already holding lock: (&info->bfs_lock){--..}, at: [<c0226c00>] bfs_create+0x45/0x187 other info that might help us debug this: 2 locks held by touch/6855: #0: (&type->i_mutex_dir_key#5){--..}, at: [<c018ad13>] do_filp_open+0x10b/0x62f #1: (&info->bfs_lock){--..}, at: [<c0226c00>] bfs_create+0x45/0x187 stack backtrace: Pid: 6855, comm: touch Not tainted 2.6.27-rc5-00283-g70bb089 #68 [<c013e769>] validate_chain+0x458/0x9f4 [<c013bece>] ? trace_hardirqs_off+0xb/0xd [<c013f36b>] __lock_acquire+0x666/0x6e0 [<c013f440>] lock_acquire+0x5b/0x77 [<c02262f5>] ? bfs_delete_inode+0x9e/0x18c [<c06aab74>] mutex_lock_nested+0xbc/0x234 [<c02262f5>] ? bfs_delete_inode+0x9e/0x18c [<c02262f5>] ? bfs_delete_inode+0x9e/0x18c [<c02262f5>] bfs_delete_inode+0x9e/0x18c [<c0226257>] ? bfs_delete_inode+0x0/0x18c [<c01925e1>] generic_delete_inode+0x94/0xfe [<c019265d>] generic_drop_inode+0x12/0x12f [<c0191b7e>] iput+0x4b/0x4e [<c0226d1e>] bfs_create+0x163/0x187 [<c0188b42>] vfs_create+0xa6/0x114 [<c018adb5>] do_filp_open+0x1ad/0x62f [<c0107cdc>] ? native_sched_clock+0x82/0x96 [<c06ac309>] ? _spin_unlock+0x27/0x3c [<c019379e>] ? alloc_fd+0xbf/0xc9 [<c06ae2f4>] ? sub_preempt_count+0x9d/0xab [<c019379e>] ? alloc_fd+0xbf/0xc9 [<c0180391>] do_sys_open+0x42/0xb8 [<c041d564>] ? trace_hardirqs_on_thunk+0xc/0x10 [<c0180449>] sys_open+0x1e/0x26 [<c01038bd>] sysenter_do_call+0x12/0x31 ======================= The problem is that we don't unlock the bfs->lock mutex before calling iput (we do in the other cases). Signed-off-by: Eric Sesterhenn <snakebyte@gmx.de> Cc: Tigran Aivazian <tigran@aivazian.fsnet.co.uk> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
377 lines
8.9 KiB
C
377 lines
8.9 KiB
C
/*
|
|
* fs/bfs/dir.c
|
|
* BFS directory operations.
|
|
* Copyright (C) 1999,2000 Tigran Aivazian <tigran@veritas.com>
|
|
* Made endianness-clean by Andrew Stribblehill <ads@wompom.org> 2005
|
|
*/
|
|
|
|
#include <linux/time.h>
|
|
#include <linux/string.h>
|
|
#include <linux/fs.h>
|
|
#include <linux/smp_lock.h>
|
|
#include <linux/buffer_head.h>
|
|
#include <linux/sched.h>
|
|
#include "bfs.h"
|
|
|
|
#undef DEBUG
|
|
|
|
#ifdef DEBUG
|
|
#define dprintf(x...) printf(x)
|
|
#else
|
|
#define dprintf(x...)
|
|
#endif
|
|
|
|
static int bfs_add_entry(struct inode *dir, const unsigned char *name,
|
|
int namelen, int ino);
|
|
static struct buffer_head *bfs_find_entry(struct inode *dir,
|
|
const unsigned char *name, int namelen,
|
|
struct bfs_dirent **res_dir);
|
|
|
|
static int bfs_readdir(struct file *f, void *dirent, filldir_t filldir)
|
|
{
|
|
struct inode *dir = f->f_path.dentry->d_inode;
|
|
struct buffer_head *bh;
|
|
struct bfs_dirent *de;
|
|
struct bfs_sb_info *info = BFS_SB(dir->i_sb);
|
|
unsigned int offset;
|
|
int block;
|
|
|
|
mutex_lock(&info->bfs_lock);
|
|
|
|
if (f->f_pos & (BFS_DIRENT_SIZE - 1)) {
|
|
printf("Bad f_pos=%08lx for %s:%08lx\n",
|
|
(unsigned long)f->f_pos,
|
|
dir->i_sb->s_id, dir->i_ino);
|
|
mutex_unlock(&info->bfs_lock);
|
|
return -EBADF;
|
|
}
|
|
|
|
while (f->f_pos < dir->i_size) {
|
|
offset = f->f_pos & (BFS_BSIZE - 1);
|
|
block = BFS_I(dir)->i_sblock + (f->f_pos >> BFS_BSIZE_BITS);
|
|
bh = sb_bread(dir->i_sb, block);
|
|
if (!bh) {
|
|
f->f_pos += BFS_BSIZE - offset;
|
|
continue;
|
|
}
|
|
do {
|
|
de = (struct bfs_dirent *)(bh->b_data + offset);
|
|
if (de->ino) {
|
|
int size = strnlen(de->name, BFS_NAMELEN);
|
|
if (filldir(dirent, de->name, size, f->f_pos,
|
|
le16_to_cpu(de->ino),
|
|
DT_UNKNOWN) < 0) {
|
|
brelse(bh);
|
|
mutex_unlock(&info->bfs_lock);
|
|
return 0;
|
|
}
|
|
}
|
|
offset += BFS_DIRENT_SIZE;
|
|
f->f_pos += BFS_DIRENT_SIZE;
|
|
} while ((offset < BFS_BSIZE) && (f->f_pos < dir->i_size));
|
|
brelse(bh);
|
|
}
|
|
|
|
mutex_unlock(&info->bfs_lock);
|
|
return 0;
|
|
}
|
|
|
|
const struct file_operations bfs_dir_operations = {
|
|
.read = generic_read_dir,
|
|
.readdir = bfs_readdir,
|
|
.fsync = file_fsync,
|
|
};
|
|
|
|
extern void dump_imap(const char *, struct super_block *);
|
|
|
|
static int bfs_create(struct inode *dir, struct dentry *dentry, int mode,
|
|
struct nameidata *nd)
|
|
{
|
|
int err;
|
|
struct inode *inode;
|
|
struct super_block *s = dir->i_sb;
|
|
struct bfs_sb_info *info = BFS_SB(s);
|
|
unsigned long ino;
|
|
|
|
inode = new_inode(s);
|
|
if (!inode)
|
|
return -ENOSPC;
|
|
mutex_lock(&info->bfs_lock);
|
|
ino = find_first_zero_bit(info->si_imap, info->si_lasti);
|
|
if (ino > info->si_lasti) {
|
|
mutex_unlock(&info->bfs_lock);
|
|
iput(inode);
|
|
return -ENOSPC;
|
|
}
|
|
set_bit(ino, info->si_imap);
|
|
info->si_freei--;
|
|
inode->i_uid = current->fsuid;
|
|
inode->i_gid = (dir->i_mode & S_ISGID) ? dir->i_gid : current->fsgid;
|
|
inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME_SEC;
|
|
inode->i_blocks = 0;
|
|
inode->i_op = &bfs_file_inops;
|
|
inode->i_fop = &bfs_file_operations;
|
|
inode->i_mapping->a_ops = &bfs_aops;
|
|
inode->i_mode = mode;
|
|
inode->i_ino = ino;
|
|
BFS_I(inode)->i_dsk_ino = ino;
|
|
BFS_I(inode)->i_sblock = 0;
|
|
BFS_I(inode)->i_eblock = 0;
|
|
insert_inode_hash(inode);
|
|
mark_inode_dirty(inode);
|
|
dump_imap("create", s);
|
|
|
|
err = bfs_add_entry(dir, dentry->d_name.name, dentry->d_name.len,
|
|
inode->i_ino);
|
|
if (err) {
|
|
inode_dec_link_count(inode);
|
|
mutex_unlock(&info->bfs_lock);
|
|
iput(inode);
|
|
return err;
|
|
}
|
|
mutex_unlock(&info->bfs_lock);
|
|
d_instantiate(dentry, inode);
|
|
return 0;
|
|
}
|
|
|
|
static struct dentry *bfs_lookup(struct inode *dir, struct dentry *dentry,
|
|
struct nameidata *nd)
|
|
{
|
|
struct inode *inode = NULL;
|
|
struct buffer_head *bh;
|
|
struct bfs_dirent *de;
|
|
struct bfs_sb_info *info = BFS_SB(dir->i_sb);
|
|
|
|
if (dentry->d_name.len > BFS_NAMELEN)
|
|
return ERR_PTR(-ENAMETOOLONG);
|
|
|
|
mutex_lock(&info->bfs_lock);
|
|
bh = bfs_find_entry(dir, dentry->d_name.name, dentry->d_name.len, &de);
|
|
if (bh) {
|
|
unsigned long ino = (unsigned long)le16_to_cpu(de->ino);
|
|
brelse(bh);
|
|
inode = bfs_iget(dir->i_sb, ino);
|
|
if (IS_ERR(inode)) {
|
|
mutex_unlock(&info->bfs_lock);
|
|
return ERR_CAST(inode);
|
|
}
|
|
}
|
|
mutex_unlock(&info->bfs_lock);
|
|
d_add(dentry, inode);
|
|
return NULL;
|
|
}
|
|
|
|
static int bfs_link(struct dentry *old, struct inode *dir,
|
|
struct dentry *new)
|
|
{
|
|
struct inode *inode = old->d_inode;
|
|
struct bfs_sb_info *info = BFS_SB(inode->i_sb);
|
|
int err;
|
|
|
|
mutex_lock(&info->bfs_lock);
|
|
err = bfs_add_entry(dir, new->d_name.name, new->d_name.len,
|
|
inode->i_ino);
|
|
if (err) {
|
|
mutex_unlock(&info->bfs_lock);
|
|
return err;
|
|
}
|
|
inc_nlink(inode);
|
|
inode->i_ctime = CURRENT_TIME_SEC;
|
|
mark_inode_dirty(inode);
|
|
atomic_inc(&inode->i_count);
|
|
d_instantiate(new, inode);
|
|
mutex_unlock(&info->bfs_lock);
|
|
return 0;
|
|
}
|
|
|
|
static int bfs_unlink(struct inode *dir, struct dentry *dentry)
|
|
{
|
|
int error = -ENOENT;
|
|
struct inode *inode = dentry->d_inode;
|
|
struct buffer_head *bh;
|
|
struct bfs_dirent *de;
|
|
struct bfs_sb_info *info = BFS_SB(inode->i_sb);
|
|
|
|
mutex_lock(&info->bfs_lock);
|
|
bh = bfs_find_entry(dir, dentry->d_name.name, dentry->d_name.len, &de);
|
|
if (!bh || (le16_to_cpu(de->ino) != inode->i_ino))
|
|
goto out_brelse;
|
|
|
|
if (!inode->i_nlink) {
|
|
printf("unlinking non-existent file %s:%lu (nlink=%d)\n",
|
|
inode->i_sb->s_id, inode->i_ino,
|
|
inode->i_nlink);
|
|
inode->i_nlink = 1;
|
|
}
|
|
de->ino = 0;
|
|
mark_buffer_dirty(bh);
|
|
dir->i_ctime = dir->i_mtime = CURRENT_TIME_SEC;
|
|
mark_inode_dirty(dir);
|
|
inode->i_ctime = dir->i_ctime;
|
|
inode_dec_link_count(inode);
|
|
error = 0;
|
|
|
|
out_brelse:
|
|
brelse(bh);
|
|
mutex_unlock(&info->bfs_lock);
|
|
return error;
|
|
}
|
|
|
|
static int bfs_rename(struct inode *old_dir, struct dentry *old_dentry,
|
|
struct inode *new_dir, struct dentry *new_dentry)
|
|
{
|
|
struct inode *old_inode, *new_inode;
|
|
struct buffer_head *old_bh, *new_bh;
|
|
struct bfs_dirent *old_de, *new_de;
|
|
struct bfs_sb_info *info;
|
|
int error = -ENOENT;
|
|
|
|
old_bh = new_bh = NULL;
|
|
old_inode = old_dentry->d_inode;
|
|
if (S_ISDIR(old_inode->i_mode))
|
|
return -EINVAL;
|
|
|
|
info = BFS_SB(old_inode->i_sb);
|
|
|
|
mutex_lock(&info->bfs_lock);
|
|
old_bh = bfs_find_entry(old_dir,
|
|
old_dentry->d_name.name,
|
|
old_dentry->d_name.len, &old_de);
|
|
|
|
if (!old_bh || (le16_to_cpu(old_de->ino) != old_inode->i_ino))
|
|
goto end_rename;
|
|
|
|
error = -EPERM;
|
|
new_inode = new_dentry->d_inode;
|
|
new_bh = bfs_find_entry(new_dir,
|
|
new_dentry->d_name.name,
|
|
new_dentry->d_name.len, &new_de);
|
|
|
|
if (new_bh && !new_inode) {
|
|
brelse(new_bh);
|
|
new_bh = NULL;
|
|
}
|
|
if (!new_bh) {
|
|
error = bfs_add_entry(new_dir,
|
|
new_dentry->d_name.name,
|
|
new_dentry->d_name.len,
|
|
old_inode->i_ino);
|
|
if (error)
|
|
goto end_rename;
|
|
}
|
|
old_de->ino = 0;
|
|
old_dir->i_ctime = old_dir->i_mtime = CURRENT_TIME_SEC;
|
|
mark_inode_dirty(old_dir);
|
|
if (new_inode) {
|
|
new_inode->i_ctime = CURRENT_TIME_SEC;
|
|
inode_dec_link_count(new_inode);
|
|
}
|
|
mark_buffer_dirty(old_bh);
|
|
error = 0;
|
|
|
|
end_rename:
|
|
mutex_unlock(&info->bfs_lock);
|
|
brelse(old_bh);
|
|
brelse(new_bh);
|
|
return error;
|
|
}
|
|
|
|
const struct inode_operations bfs_dir_inops = {
|
|
.create = bfs_create,
|
|
.lookup = bfs_lookup,
|
|
.link = bfs_link,
|
|
.unlink = bfs_unlink,
|
|
.rename = bfs_rename,
|
|
};
|
|
|
|
static int bfs_add_entry(struct inode *dir, const unsigned char *name,
|
|
int namelen, int ino)
|
|
{
|
|
struct buffer_head *bh;
|
|
struct bfs_dirent *de;
|
|
int block, sblock, eblock, off, pos;
|
|
int i;
|
|
|
|
dprintf("name=%s, namelen=%d\n", name, namelen);
|
|
|
|
if (!namelen)
|
|
return -ENOENT;
|
|
if (namelen > BFS_NAMELEN)
|
|
return -ENAMETOOLONG;
|
|
|
|
sblock = BFS_I(dir)->i_sblock;
|
|
eblock = BFS_I(dir)->i_eblock;
|
|
for (block = sblock; block <= eblock; block++) {
|
|
bh = sb_bread(dir->i_sb, block);
|
|
if (!bh)
|
|
return -ENOSPC;
|
|
for (off = 0; off < BFS_BSIZE; off += BFS_DIRENT_SIZE) {
|
|
de = (struct bfs_dirent *)(bh->b_data + off);
|
|
if (!de->ino) {
|
|
pos = (block - sblock) * BFS_BSIZE + off;
|
|
if (pos >= dir->i_size) {
|
|
dir->i_size += BFS_DIRENT_SIZE;
|
|
dir->i_ctime = CURRENT_TIME_SEC;
|
|
}
|
|
dir->i_mtime = CURRENT_TIME_SEC;
|
|
mark_inode_dirty(dir);
|
|
de->ino = cpu_to_le16((u16)ino);
|
|
for (i = 0; i < BFS_NAMELEN; i++)
|
|
de->name[i] =
|
|
(i < namelen) ? name[i] : 0;
|
|
mark_buffer_dirty(bh);
|
|
brelse(bh);
|
|
return 0;
|
|
}
|
|
}
|
|
brelse(bh);
|
|
}
|
|
return -ENOSPC;
|
|
}
|
|
|
|
static inline int bfs_namecmp(int len, const unsigned char *name,
|
|
const char *buffer)
|
|
{
|
|
if ((len < BFS_NAMELEN) && buffer[len])
|
|
return 0;
|
|
return !memcmp(name, buffer, len);
|
|
}
|
|
|
|
static struct buffer_head *bfs_find_entry(struct inode *dir,
|
|
const unsigned char *name, int namelen,
|
|
struct bfs_dirent **res_dir)
|
|
{
|
|
unsigned long block = 0, offset = 0;
|
|
struct buffer_head *bh = NULL;
|
|
struct bfs_dirent *de;
|
|
|
|
*res_dir = NULL;
|
|
if (namelen > BFS_NAMELEN)
|
|
return NULL;
|
|
|
|
while (block * BFS_BSIZE + offset < dir->i_size) {
|
|
if (!bh) {
|
|
bh = sb_bread(dir->i_sb, BFS_I(dir)->i_sblock + block);
|
|
if (!bh) {
|
|
block++;
|
|
continue;
|
|
}
|
|
}
|
|
de = (struct bfs_dirent *)(bh->b_data + offset);
|
|
offset += BFS_DIRENT_SIZE;
|
|
if (le16_to_cpu(de->ino) &&
|
|
bfs_namecmp(namelen, name, de->name)) {
|
|
*res_dir = de;
|
|
return bh;
|
|
}
|
|
if (offset < bh->b_size)
|
|
continue;
|
|
brelse(bh);
|
|
bh = NULL;
|
|
offset = 0;
|
|
block++;
|
|
}
|
|
brelse(bh);
|
|
return NULL;
|
|
}
|