diff options
author | David Howells <dhowells@redhat.com> | 2017-11-13 16:59:50 +0000 |
---|---|---|
committer | David Howells <dhowells@redhat.com> | 2017-11-17 10:06:13 +0000 |
commit | 0fafdc9f888b42499001b7ca9d9f371c0b2932f4 (patch) | |
tree | 188f5a33b0a043704c0a080519581ce1cf4f4083 /fs/afs/security.c | |
parent | cf9b0772f2e410645fece13b749bd56505b998b8 (diff) |
afs: Fix file locking
Fix the AFS file locking whereby the use of the big kernel lock (which
could be slept with) was replaced by a spinlock (which couldn't). The
problem is that the AFS code was doing stuff inside the critical section
that might call schedule(), so this is a broken transformation.
Fix this by the following means:
(1) Use a state machine with a proper state that can only be changed under
the spinlock rather than using a collection of bit flags.
(2) Cache the key used for the lock and the lock type in the afs_vnode
struct so that the manager work function doesn't have to refer to a
file_lock struct that's been dequeued. This makes signal handling
safer.
(4) Move the unlock from afs_do_unlk() to afs_fl_release_private() which
means that unlock is achieved in other circumstances too.
(5) Unlock the file on the server before taking the next conflicting lock.
Also change:
(1) Check the permits on a file before actually trying the lock.
(2) fsync the file before effecting an explicit unlock operation. We
don't fsync if the lock is erased otherwise as we might not be in a
context where we can actually do that.
Further fixes:
(1) Fixed-fileserver address rotation is made to work. It's only used by
the locking functions, so couldn't be tested before.
Fixes: 72f98e72551f ("locks: turn lock_flocks into a spinlock")
Signed-off-by: David Howells <dhowells@redhat.com>
cc: jlayton@redhat.com
Diffstat (limited to 'fs/afs/security.c')
-rw-r--r-- | fs/afs/security.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/fs/afs/security.c b/fs/afs/security.c index 46a881a4d08f..2b00097101b3 100644 --- a/fs/afs/security.c +++ b/fs/afs/security.c @@ -284,8 +284,8 @@ someone_else_changed_it: * permitted to be accessed with this authorisation, and if so, what access it * is granted */ -static int afs_check_permit(struct afs_vnode *vnode, struct key *key, - afs_access_t *_access) +int afs_check_permit(struct afs_vnode *vnode, struct key *key, + afs_access_t *_access) { struct afs_permits *permits; bool valid = false; |