OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/fs/xfs
History
Dave Chinner fe2429b096 xfs: fix buffer lookup race on allocation failure 
When memory allocation fails to add the page array or tht epages to
a buffer during xfs_buf_get(), the buffer is left in the cache in a
partially initialised state. There is enough state left for the next
lookup on that buffer to find the buffer, and for the buffer to then
be used without finishing the initialisation.  As a result, when an
attempt to do IO on the buffer occurs, it fails with EIO because
there are no pages attached to the buffer.

We cannot remove the buffer from the cache immediately and free it,
because there may already be a racing lookup that is blocked on the
buffer lock. Hence the moment we unlock the buffer to then free it,
the other user is woken and we have a use-after-free situation.

To avoid this race condition altogether, allocate the pages for the
buffer before we insert it into the cache.  This then means that we
don't have an allocation  failure case to deal after the buffer is
already present in the cache, and hence avoid the problem
altogether.  In most cases we won't have racing inserts for the same
buffer, and so won't increase the memory pressure allocation before
insertion may entail.

Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Mark Tinguely <tinguely@sgi.com>
Signed-off-by: Ben Myers <bpm@sgi.com>
 		2012-05-14 16:20:41 -05:00
..
Kconfig
Makefile xfs: use common code for quota statistics 2012-03-14 11:09:06 -05:00
kmem.c xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
kmem.h xfs: use a normal shrinker for the dquot freelist 2012-02-10 12:38:09 -06:00
mrlock.h xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
time.h xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
uuid.c xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
uuid.h xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
xfs.h xfs: don't expect xfs headers to be in subdirectories 2011-08-12 13:57:55 -05:00
xfs_acl.c xfs: fix acl count validation in xfs_acl_from_disk() 2011-12-16 15:17:42 -06:00
xfs_acl.h xfs: Fix build breakage in xfs_iops.c when CONFIG_FS_POSIX_ACL is not set 2011-08-01 02:35:04 -04:00
xfs_ag.h xfs: Remove the macro XFS_BUF_PTR 2011-07-25 15:03:13 -05:00
xfs_alloc.c xfs: fix fstrim offset calculations 2012-03-27 16:07:03 -05:00
xfs_alloc.h xfs: fix fstrim offset calculations 2012-03-27 16:07:03 -05:00
xfs_alloc_btree.c xfs: remove leftovers of the old btree tracing code 2011-07-13 13:43:50 +02:00
xfs_alloc_btree.h
xfs_aops.c xfs: Use preallocation for inodes with extsz hints 2012-05-14 16:20:40 -05:00
xfs_aops.h xfs: log file size updates at I/O completion time 2012-03-13 16:30:49 -05:00
xfs_attr.c xfs: add lots of attribute trace points 2012-03-27 17:18:21 -05:00
xfs_attr.h
xfs_attr_leaf.c xfs: add lots of attribute trace points 2012-03-27 17:18:21 -05:00
xfs_attr_leaf.h
xfs_attr_sf.h
xfs_bit.c
xfs_bit.h
xfs_bmap.c xfs: don't assert on delalloc regions beyond EOF 2012-05-14 16:20:38 -05:00
xfs_bmap.h xfs: cleanup xfs_bmap.h 2011-10-11 21:15:07 -05:00
xfs_bmap_btree.c xfs: remove leftovers of the old btree tracing code 2011-07-13 13:43:50 +02:00
xfs_bmap_btree.h
xfs_btree.c xfs: remove XFS_BUF_SET_VTYPE and XFS_BUF_SET_VTYPE_REF 2011-10-11 21:15:09 -05:00
xfs_btree.h xfs: Remove the macro XFS_BUF_PTR 2011-07-25 15:03:13 -05:00
xfs_buf.c xfs: fix buffer lookup race on allocation failure 2012-05-14 16:20:41 -05:00
xfs_buf.h xfs: on-stack delayed write buffer lists 2012-05-14 16:20:31 -05:00
xfs_buf_item.c xfs: pass shutdown method into xfs_trans_ail_delete_bulk 2012-05-14 16:20:33 -05:00
xfs_buf_item.h
xfs_da_btree.c xfs: add lots of attribute trace points 2012-03-27 17:18:21 -05:00
xfs_da_btree.h xfs: remove the dead XFS_DABUF_DEBUG code 2011-07-13 13:43:50 +02:00
xfs_dfrag.c xfs: split in-core and on-disk inode log item fields 2012-03-13 17:08:17 -05:00
xfs_dfrag.h
xfs_dinode.h xfs: Remove the macro XFS_BUF_PTR 2011-07-25 15:03:13 -05:00
xfs_dir2.c xfs: get rid of open-coded S_ISREG(), etc. 2011-07-26 15:05:16 -04:00
xfs_dir2.h xfs: reshuffle dir2 headers 2011-07-13 13:43:48 +02:00
xfs_dir2_block.c xfs: clean up minor sparse warnings 2012-03-14 13:21:17 -05:00
xfs_dir2_data.c xfs: reshuffle dir2 headers 2011-07-13 13:43:48 +02:00
xfs_dir2_format.h xfs: cleanup struct xfs_dir2_free 2011-07-13 13:43:48 +02:00
xfs_dir2_leaf.c xfs: introduce xfs_bmapi_read() 2011-10-11 21:15:03 -05:00
xfs_dir2_node.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2011-07-25 13:56:39 -07:00
xfs_dir2_priv.h xfs: reshuffle dir2 headers 2011-07-13 13:43:48 +02:00
xfs_dir2_sf.c xfs: reshuffle dir2 headers 2011-07-13 13:43:48 +02:00
xfs_discard.c xfs: fix fstrim offset calculations 2012-03-27 16:07:03 -05:00
xfs_discard.h xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
xfs_dquot.c xfs: pass shutdown method into xfs_trans_ail_delete_bulk 2012-05-14 16:20:33 -05:00
xfs_dquot.h xfs: on-stack delayed write buffer lists 2012-05-14 16:20:31 -05:00
xfs_dquot_item.c xfs: pass shutdown method into xfs_trans_ail_delete_bulk 2012-05-14 16:20:33 -05:00
xfs_dquot_item.h xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
xfs_error.c xfs: Convert remaining cmn_err() callers to new API 2011-03-07 10:08:35 +11:00
xfs_error.h xfs: kill support/debug.[ch] 2011-03-07 10:09:35 +11:00
xfs_export.c xfs: fix nfs export of 64-bit inodes numbers on 32-bit kernels 2011-12-06 10:46:23 -06:00
xfs_export.h xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
xfs_extfree_item.c xfs: pass shutdown method into xfs_trans_ail_delete_bulk 2012-05-14 16:20:33 -05:00
xfs_extfree_item.h xfs: Pull EFI/EFD handling out from under the AIL lock 2010-12-20 11:59:49 +11:00
xfs_file.c xfs: push the ilock into xfs_zero_eof 2012-05-14 16:20:20 -05:00
xfs_filestream.c xfs: rename allocation range fields in struct xfs_bmalloca 2011-10-11 21:15:06 -05:00
xfs_filestream.h
xfs_fs.h xfs: consolidate & clarify mount sanity checks 2011-07-08 11:32:51 -05:00
xfs_fs_subr.c xfs: remove the i_size field in struct xfs_inode 2012-01-17 15:08:53 -06:00
xfs_fsops.c xfs: Check the return value of xfs_buf_get() 2011-10-11 21:15:01 -05:00
xfs_fsops.h xfs: ensure log covering transactions are synchronous 2011-01-11 20:28:17 -06:00
xfs_globals.c xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
xfs_ialloc.c xfs: propagate umode_t 2012-01-03 22:55:00 -05:00
xfs_ialloc.h xfs: propagate umode_t 2012-01-03 22:55:00 -05:00
xfs_ialloc_btree.c xfs: remove leftovers of the old btree tracing code 2011-07-13 13:43:50 +02:00
xfs_ialloc_btree.h
xfs_iget.c xfs: remove log item from AIL in xfs_iflush after a shutdown 2012-05-14 16:20:25 -05:00
xfs_inode.c xfs: pass shutdown method into xfs_trans_ail_delete_bulk 2012-05-14 16:20:33 -05:00
xfs_inode.h xfs: on-stack delayed write buffer lists 2012-05-14 16:20:31 -05:00
xfs_inode_item.c xfs: pass shutdown method into xfs_trans_ail_delete_bulk 2012-05-14 16:20:33 -05:00
xfs_inode_item.h xfs: pass shutdown method into xfs_trans_ail_delete_bulk 2012-05-14 16:20:33 -05:00
xfs_inum.h xfs: cleanup shortform directory inode number handling 2011-07-08 14:35:03 +02:00
xfs_ioctl.c xfs: Fix open flag handling in open_by_handle code 2012-03-22 15:56:52 -05:00
xfs_ioctl.h xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
xfs_ioctl32.c xfs: clean up minor sparse warnings 2012-03-14 13:21:17 -05:00
xfs_ioctl32.h xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
xfs_iomap.c xfs: limit specualtive delalloc to maxioffset 2012-05-14 16:20:39 -05:00
xfs_iomap.h
xfs_iops.c xfs: push the ilock into xfs_zero_eof 2012-05-14 16:20:20 -05:00
xfs_iops.h xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
xfs_itable.c xfs: don't cache inodes read through bulkstat 2012-03-26 17:19:08 -05:00
xfs_itable.h
xfs_linux.h xfs: revert to using a kthread for AIL pushing 2011-10-11 11:02:49 -05:00
xfs_log.c xfs: allow assigning the tail lsn with the AIL lock held 2012-05-14 16:20:26 -05:00
xfs_log.h xfs: allow assigning the tail lsn with the AIL lock held 2012-05-14 16:20:26 -05:00
xfs_log_cil.c xfs: Do background CIL flushes via a workqueue 2012-05-14 16:20:34 -05:00
xfs_log_priv.h xfs: Do background CIL flushes via a workqueue 2012-05-14 16:20:34 -05:00
xfs_log_recover.c xfs: prevent needless mount warning causing test failures 2012-05-14 16:20:37 -05:00
xfs_log_recover.h
xfs_message.c xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
xfs_message.h treewide: use __printf not __attribute__((format(printf,...))) 2011-10-31 17:30:54 -07:00
xfs_mount.c xfs: implement freezing by emptying the AIL 2012-05-14 16:20:27 -05:00
xfs_mount.h xfs: Do background CIL flushes via a workqueue 2012-05-14 16:20:34 -05:00
xfs_mru_cache.c xfs: convert to alloc_workqueue() 2011-02-01 11:42:43 +01:00
xfs_mru_cache.h
xfs_qm.c xfs: on-stack delayed write buffer lists 2012-05-14 16:20:31 -05:00
xfs_qm.h xfs: remove the global xfs_Gqm structure 2012-03-14 12:06:32 -05:00
xfs_qm_bhv.c xfs: remove the global xfs_Gqm structure 2012-03-14 12:06:32 -05:00
xfs_qm_syscalls.c xfs: remove the per-filesystem list of dquots 2012-03-14 11:53:34 -05:00
xfs_quota.h Define new macro XFS_ALL_QUOTA_ACTIVE and simply some usage 2012-02-03 11:32:20 -06:00
xfs_quota_priv.h xfs: use per-filesystem radix trees for dquot lookup 2012-03-14 11:09:06 -05:00
xfs_quotaops.c xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
xfs_rename.c vfs: check i_nlink limits in vfs_{mkdir,rename_dir,link} 2012-03-20 21:29:32 -04:00
xfs_rtalloc.c xfs: fix deadlock in xfs_rtfree_extent 2012-03-22 15:31:06 -05:00
xfs_rtalloc.h xfs: Remove the macro XFS_BUF_PTR 2011-07-25 15:03:13 -05:00
xfs_rw.c xfs: clean up xfs_ioerror_alert 2011-10-11 21:15:10 -05:00
xfs_rw.h xfs: clean up xfs_ioerror_alert 2011-10-11 21:15:10 -05:00
xfs_sb.h xfs: kill the unused XFS_BB_FSB_OFFSET macro 2012-02-02 17:08:04 -06:00
xfs_stats.c xfs: use common code for quota statistics 2012-03-14 11:09:06 -05:00
xfs_stats.h xfs: use common code for quota statistics 2012-03-14 11:09:06 -05:00
xfs_super.c xfs: Do background CIL flushes via a workqueue 2012-05-14 16:20:34 -05:00
xfs_super.h xfs: remove the global xfs_Gqm structure 2012-03-14 12:06:32 -05:00
xfs_sync.c xfs: pass shutdown method into xfs_trans_ail_delete_bulk 2012-05-14 16:20:33 -05:00
xfs_sync.h xfs: log timestamp updates 2012-03-13 17:01:15 -05:00
xfs_sysctl.c xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
xfs_sysctl.h xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
xfs_trace.c xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
xfs_trace.h xfs: on-stack delayed write buffer lists 2012-05-14 16:20:31 -05:00
xfs_trans.c xfs: split and cleanup xfs_log_reserve 2012-02-22 22:37:04 -06:00
xfs_trans.h xfs: on-stack delayed write buffer lists 2012-05-14 16:20:31 -05:00
xfs_trans_ail.c xfs: pass shutdown method into xfs_trans_ail_delete_bulk 2012-05-14 16:20:33 -05:00
xfs_trans_buf.c xfs: on-stack delayed write buffer lists 2012-05-14 16:20:31 -05:00
xfs_trans_dquot.c xfs: remove the global xfs_Gqm structure 2012-03-14 12:06:32 -05:00
xfs_trans_extfree.c xfs: Pull EFI/EFD handling out from under the AIL lock 2010-12-20 11:59:49 +11:00
xfs_trans_inode.c xfs: split in-core and on-disk inode log item fields 2012-03-13 17:08:17 -05:00
xfs_trans_priv.h xfs: pass shutdown method into xfs_trans_ail_delete_bulk 2012-05-14 16:20:33 -05:00
xfs_trans_space.h
xfs_types.h xfs: exact busy extent tracking 2011-04-28 13:18:04 -05:00
xfs_utils.c vfs: check i_nlink limits in vfs_{mkdir,rename_dir,link} 2012-03-20 21:29:32 -04:00
xfs_utils.h xfs: propagate umode_t 2012-01-03 22:55:00 -05:00
xfs_vnode.h xfs: remove remaining scraps of struct xfs_iomap 2012-03-15 13:40:16 -05:00
xfs_vnodeops.c vfs: check i_nlink limits in vfs_{mkdir,rename_dir,link} 2012-03-20 21:29:32 -04:00
xfs_vnodeops.h xfs: remove remaining scraps of struct xfs_iomap 2012-03-15 13:40:16 -05:00
xfs_xattr.c xfs: remove subdirectories 2011-08-12 16:21:35 -05:00