| Message ID | 20210621235722.304689-1-jlayton@kernel.org |
|---|---|
| State | New |
| Headers | show |
| Series | [v2] ceph: fix error handling in ceph_atomic_open and ceph_lookup | expand |
On Tue, Jun 22, 2021 at 1:57 AM Jeff Layton <jlayton@kernel.org> wrote: > > Commit aa60cfc3f7ee broke the error handling in these functions such > that they don't handle non-ENOENT errors from ceph_mdsc_do_request > properly. > > Move the checking of -ENOENT out of ceph_handle_snapdir and into the > callers, and if we get a different error, return it immediately. > > Fixes: aa60cfc3f7ee ("ceph: don't use d_add in ceph_handle_snapdir") > Signed-off-by: Jeff Layton <jlayton@kernel.org> > --- > fs/ceph/dir.c | 22 ++++++++++++---------- > fs/ceph/file.c | 14 ++++++++------ > fs/ceph/super.h | 2 +- > 3 files changed, 21 insertions(+), 17 deletions(-) > > This one fixes the bug that Ilya spotted in ceph_atomic_open. Also, > there is no need to test IS_ERR(dentry) unless we called > ceph_handle_snapdir. Finally, it's probably best not to pass > ceph_finish_lookup an ERR_PTR as a dentry. Reinstate the res pointer and > only reset the dentry pointer if it's valid. > > diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c > index 5624fae7a603..e78da771ec96 100644 > --- a/fs/ceph/dir.c > +++ b/fs/ceph/dir.c > @@ -668,14 +668,13 @@ static loff_t ceph_dir_llseek(struct file *file, loff_t offset, int whence) > * Handle lookups for the hidden .snap directory. > */ > struct dentry *ceph_handle_snapdir(struct ceph_mds_request *req, > - struct dentry *dentry, int err) > + struct dentry *dentry) > { > struct ceph_fs_client *fsc = ceph_sb_to_client(dentry->d_sb); > struct inode *parent = d_inode(dentry->d_parent); /* we hold i_mutex */ > > /* .snap dir? */ > - if (err == -ENOENT && > - ceph_snap(parent) == CEPH_NOSNAP && > + if (ceph_snap(parent) == CEPH_NOSNAP && > strcmp(dentry->d_name.name, fsc->mount_options->snapdir_name) == 0) { > struct dentry *res; > struct inode *inode = ceph_get_snapdir(parent); > @@ -742,7 +741,6 @@ static struct dentry *ceph_lookup(struct inode *dir, struct dentry *dentry, > struct ceph_fs_client *fsc = ceph_sb_to_client(dir->i_sb); > struct ceph_mds_client *mdsc = ceph_sb_to_mdsc(dir->i_sb); > struct ceph_mds_request *req; > - struct dentry *res; > int op; > int mask; > int err; > @@ -793,12 +791,16 @@ static struct dentry *ceph_lookup(struct inode *dir, struct dentry *dentry, > req->r_parent = dir; > set_bit(CEPH_MDS_R_PARENT_LOCKED, &req->r_req_flags); > err = ceph_mdsc_do_request(mdsc, NULL, req); > - res = ceph_handle_snapdir(req, dentry, err); > - if (IS_ERR(res)) { > - err = PTR_ERR(res); > - } else { > - dentry = res; > - err = 0; > + if (err == -ENOENT) { > + struct dentry *res; > + > + res = ceph_handle_snapdir(req, dentry); Stray space here, fixed in the branch. > + if (IS_ERR(res)) { > + err = PTR_ERR(res); > + } else { > + dentry = res; > + err = 0; > + } > } > dentry = ceph_finish_lookup(req, dentry, err); > ceph_mdsc_put_request(req); /* will dput(dentry) */ > diff --git a/fs/ceph/file.c b/fs/ceph/file.c > index 7aa20d50a231..7c08f864694f 100644 > --- a/fs/ceph/file.c > +++ b/fs/ceph/file.c > @@ -739,14 +739,16 @@ int ceph_atomic_open(struct inode *dir, struct dentry *dentry, > err = ceph_mdsc_do_request(mdsc, > (flags & (O_CREAT|O_TRUNC)) ? dir : NULL, > req); > - dentry = ceph_handle_snapdir(req, dentry, err); > - if (IS_ERR(dentry)) { > - err = PTR_ERR(dentry); > - goto out_req; > + if (err == -ENOENT) { > + dentry = ceph_handle_snapdir(req, dentry); > + if (IS_ERR(dentry)) { > + err = PTR_ERR(dentry); > + goto out_req; > + } > + err = 0; > } > - err = 0; > > - if ((flags & O_CREAT) && !req->r_reply_info.head->is_dentry) > + if (!err && (flags & O_CREAT) && !req->r_reply_info.head->is_dentry) > err = ceph_handle_notrace_create(dir, dentry); > > if (d_in_lookup(dentry)) { I must admit that I don't understand the code that follows. For example, if ceph_handle_notrace_create() returns ENOENT, is it supposed to be resolved by ceph_finish_lookup()? Because if it gets resolved, err is not reset and we still jump to out_req, possibly leaving some dentry references behind. It appears to be an older bug though. This fix for dealing with ceph_mdsc_do_request() errors seems correct, but I really think this code needs massaging to disentangle handling of special cases from actual errors. Reviewed-by: Ilya Dryomov <idryomov@gmail.com> Thanks, Ilya
On Tue, 2021-06-22 at 14:09 +0200, Ilya Dryomov wrote: > On Tue, Jun 22, 2021 at 1:57 AM Jeff Layton <jlayton@kernel.org> wrote: > > > > Commit aa60cfc3f7ee broke the error handling in these functions such > > that they don't handle non-ENOENT errors from ceph_mdsc_do_request > > properly. > > > > Move the checking of -ENOENT out of ceph_handle_snapdir and into the > > callers, and if we get a different error, return it immediately. > > > > Fixes: aa60cfc3f7ee ("ceph: don't use d_add in ceph_handle_snapdir") > > Signed-off-by: Jeff Layton <jlayton@kernel.org> > > --- > > fs/ceph/dir.c | 22 ++++++++++++---------- > > fs/ceph/file.c | 14 ++++++++------ > > fs/ceph/super.h | 2 +- > > 3 files changed, 21 insertions(+), 17 deletions(-) > > > > This one fixes the bug that Ilya spotted in ceph_atomic_open. Also, > > there is no need to test IS_ERR(dentry) unless we called > > ceph_handle_snapdir. Finally, it's probably best not to pass > > ceph_finish_lookup an ERR_PTR as a dentry. Reinstate the res pointer and > > only reset the dentry pointer if it's valid. > > > > diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c > > index 5624fae7a603..e78da771ec96 100644 > > --- a/fs/ceph/dir.c > > +++ b/fs/ceph/dir.c > > @@ -668,14 +668,13 @@ static loff_t ceph_dir_llseek(struct file *file, loff_t offset, int whence) > > * Handle lookups for the hidden .snap directory. > > */ > > struct dentry *ceph_handle_snapdir(struct ceph_mds_request *req, > > - struct dentry *dentry, int err) > > + struct dentry *dentry) > > { > > struct ceph_fs_client *fsc = ceph_sb_to_client(dentry->d_sb); > > struct inode *parent = d_inode(dentry->d_parent); /* we hold i_mutex */ > > > > /* .snap dir? */ > > - if (err == -ENOENT && > > - ceph_snap(parent) == CEPH_NOSNAP && > > + if (ceph_snap(parent) == CEPH_NOSNAP && > > strcmp(dentry->d_name.name, fsc->mount_options->snapdir_name) == 0) { > > struct dentry *res; > > struct inode *inode = ceph_get_snapdir(parent); > > @@ -742,7 +741,6 @@ static struct dentry *ceph_lookup(struct inode *dir, struct dentry *dentry, > > struct ceph_fs_client *fsc = ceph_sb_to_client(dir->i_sb); > > struct ceph_mds_client *mdsc = ceph_sb_to_mdsc(dir->i_sb); > > struct ceph_mds_request *req; > > - struct dentry *res; > > int op; > > int mask; > > int err; > > @@ -793,12 +791,16 @@ static struct dentry *ceph_lookup(struct inode *dir, struct dentry *dentry, > > req->r_parent = dir; > > set_bit(CEPH_MDS_R_PARENT_LOCKED, &req->r_req_flags); > > err = ceph_mdsc_do_request(mdsc, NULL, req); > > - res = ceph_handle_snapdir(req, dentry, err); > > - if (IS_ERR(res)) { > > - err = PTR_ERR(res); > > - } else { > > - dentry = res; > > - err = 0; > > + if (err == -ENOENT) { > > + struct dentry *res; > > + > > + res = ceph_handle_snapdir(req, dentry); > > Stray space here, fixed in the branch. > Thanks! > > + if (IS_ERR(res)) { > > + err = PTR_ERR(res); > > + } else { > > + dentry = res; > > + err = 0; > > + } > > } > > dentry = ceph_finish_lookup(req, dentry, err); > > ceph_mdsc_put_request(req); /* will dput(dentry) */ > > diff --git a/fs/ceph/file.c b/fs/ceph/file.c > > index 7aa20d50a231..7c08f864694f 100644 > > --- a/fs/ceph/file.c > > +++ b/fs/ceph/file.c > > @@ -739,14 +739,16 @@ int ceph_atomic_open(struct inode *dir, struct dentry *dentry, > > err = ceph_mdsc_do_request(mdsc, > > (flags & (O_CREAT|O_TRUNC)) ? dir : NULL, > > req); > > - dentry = ceph_handle_snapdir(req, dentry, err); > > - if (IS_ERR(dentry)) { > > - err = PTR_ERR(dentry); > > - goto out_req; > > + if (err == -ENOENT) { > > + dentry = ceph_handle_snapdir(req, dentry); > > + if (IS_ERR(dentry)) { > > + err = PTR_ERR(dentry); > > + goto out_req; > > + } > > + err = 0; > > } > > - err = 0; > > > > - if ((flags & O_CREAT) && !req->r_reply_info.head->is_dentry) > > + if (!err && (flags & O_CREAT) && !req->r_reply_info.head->is_dentry) > > err = ceph_handle_notrace_create(dir, dentry); > > > > if (d_in_lookup(dentry)) { > > I must admit that I don't understand the code that follows. For > example, if ceph_handle_notrace_create() returns ENOENT, is it supposed > to be resolved by ceph_finish_lookup()? Because if it gets resolved, > err is not reset and we still jump to out_req, possibly leaving some > dentry references behind. It appears to be an older bug though. > Yes. A lot of this code is unclear. > This fix for dealing with ceph_mdsc_do_request() errors seems correct, > but I really think this code needs massaging to disentangle handling of > special cases from actual errors. > > Reviewed-by: Ilya Dryomov <idryomov@gmail.com> > Thanks and I agree. This code really is a giant hairball. I really hate the way it weaves "err" through several functions and lets them deal with it. That alone makes this so very difficult to follow. I intend to follow up with some more cleanup in this area, but I haven't had the time to spend on it yet. In the meantime, if anyone else wants to submit patches to do this cleanup, I'm happy to review them... -- Jeff Layton <jlayton@kernel.org>
diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c index 5624fae7a603..e78da771ec96 100644 --- a/fs/ceph/dir.c +++ b/fs/ceph/dir.c @@ -668,14 +668,13 @@ static loff_t ceph_dir_llseek(struct file *file, loff_t offset, int whence) * Handle lookups for the hidden .snap directory. */ struct dentry *ceph_handle_snapdir(struct ceph_mds_request *req, - struct dentry *dentry, int err) + struct dentry *dentry) { struct ceph_fs_client *fsc = ceph_sb_to_client(dentry->d_sb); struct inode *parent = d_inode(dentry->d_parent); /* we hold i_mutex */ /* .snap dir? */ - if (err == -ENOENT && - ceph_snap(parent) == CEPH_NOSNAP && + if (ceph_snap(parent) == CEPH_NOSNAP && strcmp(dentry->d_name.name, fsc->mount_options->snapdir_name) == 0) { struct dentry *res; struct inode *inode = ceph_get_snapdir(parent); @@ -742,7 +741,6 @@ static struct dentry *ceph_lookup(struct inode *dir, struct dentry *dentry, struct ceph_fs_client *fsc = ceph_sb_to_client(dir->i_sb); struct ceph_mds_client *mdsc = ceph_sb_to_mdsc(dir->i_sb); struct ceph_mds_request *req; - struct dentry *res; int op; int mask; int err; @@ -793,12 +791,16 @@ static struct dentry *ceph_lookup(struct inode *dir, struct dentry *dentry, req->r_parent = dir; set_bit(CEPH_MDS_R_PARENT_LOCKED, &req->r_req_flags); err = ceph_mdsc_do_request(mdsc, NULL, req); - res = ceph_handle_snapdir(req, dentry, err); - if (IS_ERR(res)) { - err = PTR_ERR(res); - } else { - dentry = res; - err = 0; + if (err == -ENOENT) { + struct dentry *res; + + res = ceph_handle_snapdir(req, dentry); + if (IS_ERR(res)) { + err = PTR_ERR(res); + } else { + dentry = res; + err = 0; + } } dentry = ceph_finish_lookup(req, dentry, err); ceph_mdsc_put_request(req); /* will dput(dentry) */ diff --git a/fs/ceph/file.c b/fs/ceph/file.c index 7aa20d50a231..7c08f864694f 100644 --- a/fs/ceph/file.c +++ b/fs/ceph/file.c @@ -739,14 +739,16 @@ int ceph_atomic_open(struct inode *dir, struct dentry *dentry, err = ceph_mdsc_do_request(mdsc, (flags & (O_CREAT|O_TRUNC)) ? dir : NULL, req); - dentry = ceph_handle_snapdir(req, dentry, err); - if (IS_ERR(dentry)) { - err = PTR_ERR(dentry); - goto out_req; + if (err == -ENOENT) { + dentry = ceph_handle_snapdir(req, dentry); + if (IS_ERR(dentry)) { + err = PTR_ERR(dentry); + goto out_req; + } + err = 0; } - err = 0; - if ((flags & O_CREAT) && !req->r_reply_info.head->is_dentry) + if (!err && (flags & O_CREAT) && !req->r_reply_info.head->is_dentry) err = ceph_handle_notrace_create(dir, dentry); if (d_in_lookup(dentry)) { diff --git a/fs/ceph/super.h b/fs/ceph/super.h index 12d30153e4ca..31f0be9120dd 100644 --- a/fs/ceph/super.h +++ b/fs/ceph/super.h @@ -1217,7 +1217,7 @@ extern const struct dentry_operations ceph_dentry_ops; extern loff_t ceph_make_fpos(unsigned high, unsigned off, bool hash_order); extern int ceph_handle_notrace_create(struct inode *dir, struct dentry *dentry); extern struct dentry *ceph_handle_snapdir(struct ceph_mds_request *req, - struct dentry *dentry, int err); + struct dentry *dentry); extern struct dentry *ceph_finish_lookup(struct ceph_mds_request *req, struct dentry *dentry, int err);
Commit aa60cfc3f7ee broke the error handling in these functions such that they don't handle non-ENOENT errors from ceph_mdsc_do_request properly. Move the checking of -ENOENT out of ceph_handle_snapdir and into the callers, and if we get a different error, return it immediately. Fixes: aa60cfc3f7ee ("ceph: don't use d_add in ceph_handle_snapdir") Signed-off-by: Jeff Layton <jlayton@kernel.org> --- fs/ceph/dir.c | 22 ++++++++++++---------- fs/ceph/file.c | 14 ++++++++------ fs/ceph/super.h | 2 +- 3 files changed, 21 insertions(+), 17 deletions(-) This one fixes the bug that Ilya spotted in ceph_atomic_open. Also, there is no need to test IS_ERR(dentry) unless we called ceph_handle_snapdir. Finally, it's probably best not to pass ceph_finish_lookup an ERR_PTR as a dentry. Reinstate the res pointer and only reset the dentry pointer if it's valid.