Skip to content

Commit

Permalink
ovl: fix lockdep warning for async write
Browse files Browse the repository at this point in the history 
ANBZ: torvalds#223

commit c853680 upstream.

Lockdep reports "WARNING: lock held when returning to user space!" due to
async write holding freeze lock over the write.  Apparently aio.c already
deals with this by lying to lockdep about the state of the lock.

Do the same here.  No need to check for S_IFREG() here since these file ops
are regular-only.

Reported-by: syzbot+9331a354f4f624a52a55@syzkaller.appspotmail.com
Fixes: 2406a30 ("ovl: implement async IO routines")
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
[joe: move file_start_write() down into sync/async branches]
Signed-off-by: Joseph Qi <joseph.qi@linux.alibaba.com>
Reviewed-by: Gao Xiang <hsiangkao@linux.alibaba.com>
Reviewed-by: Xiaoguang Wang <xiaoguang.wang@linux.alibaba.com>
  • Loading branch information
@josephhz
Miklos Szeredi authored and josephhz committed Dec 29, 2021
1 parent d59db5f commit 25a41e9
Showing 1 changed file with 8 additions and 2 deletions.
10 changes: 8 additions & 2 deletions fs/overlayfs/file.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -252,6 +252,9 @@ static void ovl_aio_cleanup_handler(struct ovl_aio_req *aio_req)
if (iocb->ki_flags & IOCB_WRITE) {
struct inode *inode = file_inode(orig_iocb->ki_filp);

/* Actually acquired in ovl_write_iter() */
__sb_writers_acquired(file_inode(iocb->ki_filp)->i_sb,
SB_FREEZE_WRITE);
file_end_write(iocb->ki_filp);
ovl_copyattr(ovl_inode_real(inode), inode);
}
Expand Down Expand Up @@ -342,8 +345,8 @@ static ssize_t ovl_write_iter(struct kiocb *iocb, struct iov_iter *iter)
ifl &= ~(IOCB_DSYNC | IOCB_SYNC);

old_cred = ovl_override_creds(file_inode(file)->i_sb);
file_start_write(real.file);
if (is_sync_kiocb(iocb)) {
file_start_write(real.file);
ret = vfs_iter_write(real.file, iter, &iocb->ki_pos,
ovl_iocb_to_rwf(ifl));
file_end_write(real.file);
Expand All @@ -355,11 +358,14 @@ static ssize_t ovl_write_iter(struct kiocb *iocb, struct iov_iter *iter)
GFP_NOFS);
if (!aio_req) {
ret = -ENOMEM;
file_end_write(real.file);
fdput(real);
goto out_revert;
}

file_start_write(real.file);
/* Pacify lockdep, same trick as done in aio_write() */
__sb_writers_release(file_inode(real.file)->i_sb,
SB_FREEZE_WRITE);
aio_req->fd = real;
aio_req->orig_iocb = iocb;
kiocb_clone(&aio_req->iocb, iocb, real.file);
Expand Down

0 comments on commit 25a41e9

Please sign in to comment.