From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id E776BC71135 for ; Thu, 29 Aug 2024 09:37:42 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6855F6B009B; Thu, 29 Aug 2024 05:37:42 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 60E246B00B0; Thu, 29 Aug 2024 05:37:42 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 45FB56B00B1; Thu, 29 Aug 2024 05:37:42 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 258F36B009B for ; Thu, 29 Aug 2024 05:37:42 -0400 (EDT) Received: from smtpin04.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id BA8ED160BCD for ; Thu, 29 Aug 2024 09:37:41 +0000 (UTC) X-FDA: 82504780722.04.1A795F3 Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.223.131]) by imf30.hostedemail.com (Postfix) with ESMTP id 882F68001D for ; Thu, 29 Aug 2024 09:37:39 +0000 (UTC) Authentication-Results: imf30.hostedemail.com; dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=oZA7TE1Y; dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b=omYsbTru; dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=oZA7TE1Y; dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b=omYsbTru; spf=pass (imf30.hostedemail.com: domain of jack@suse.cz designates 195.135.223.131 as permitted sender) smtp.mailfrom=jack@suse.cz; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1724924172; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=9drsSD5YJCouaKbMktVv8j8L/jfLbn2xhxC8kz8aIlA=; b=Rp8chH1YC4MWyUC20EI9QWIck+kHURN+vBi7p4KRTl2J4v2U/e+wAGXAngV6edCrhCLJkU gX7c3AKSDYUCgBi5dh0jOY2Ha5sqv0IZR2jffMuvlwlEkpYqJt2QENfjaEDZnb2P/PPhbX V+YXSL2r37rjtIAlDy9IMwQG9SpZ6QE= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1724924172; a=rsa-sha256; cv=none; b=y+hYkkbuLoh6V/1JxfhP8r/TmCv9HAptZPcKswOnZxAsSxNvIJ4+aAiFKcrl6L2JsgWRJG R78KBi7TB5SoC4WOFS1u1ZGVd/eG6HJvIuS7VAWw1sbQMNu/7BvWQe+Mp54mWVXrZ0pLDD BVu1WVS7Zy2ZY0nLIzoi+/R3BSZEiT4= ARC-Authentication-Results: i=1; imf30.hostedemail.com; dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=oZA7TE1Y; dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b=omYsbTru; dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=oZA7TE1Y; dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b=omYsbTru; spf=pass (imf30.hostedemail.com: domain of jack@suse.cz designates 195.135.223.131 as permitted sender) smtp.mailfrom=jack@suse.cz; dmarc=none Received: from imap1.dmz-prg2.suse.org (unknown [10.150.64.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id A96861FD10; Thu, 29 Aug 2024 09:37:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1724924257; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=9drsSD5YJCouaKbMktVv8j8L/jfLbn2xhxC8kz8aIlA=; b=oZA7TE1YY5nXJkOW40ResvG1zmb/IW9l1Un+zYjR3jFgF8bAb4CmVb5rgCbKvq6f3F6B9t wkWrt94DdDP8F8cISWAzIhdgU0H5qilivSM/mg5PhR7XNVsn0DjIjVaCWV8cPMIbWFMevR 5WQoH/LX8r8mnbi/Gu/6yMwhc/qK2jk= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1724924257; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=9drsSD5YJCouaKbMktVv8j8L/jfLbn2xhxC8kz8aIlA=; b=omYsbTruGNB64Af8UELCpSc6wli2TCeYGq4FBAGp4l0h8cQEra7bIXuQ+tJp6Ce3AzQ04h XcnOQUSpT1gg2sAA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1724924257; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=9drsSD5YJCouaKbMktVv8j8L/jfLbn2xhxC8kz8aIlA=; b=oZA7TE1YY5nXJkOW40ResvG1zmb/IW9l1Un+zYjR3jFgF8bAb4CmVb5rgCbKvq6f3F6B9t wkWrt94DdDP8F8cISWAzIhdgU0H5qilivSM/mg5PhR7XNVsn0DjIjVaCWV8cPMIbWFMevR 5WQoH/LX8r8mnbi/Gu/6yMwhc/qK2jk= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1724924257; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=9drsSD5YJCouaKbMktVv8j8L/jfLbn2xhxC8kz8aIlA=; b=omYsbTruGNB64Af8UELCpSc6wli2TCeYGq4FBAGp4l0h8cQEra7bIXuQ+tJp6Ce3AzQ04h XcnOQUSpT1gg2sAA== Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id 9D86C13408; Thu, 29 Aug 2024 09:37:37 +0000 (UTC) Received: from dovecot-director2.suse.de ([2a07:de40:b281:106:10:150:64:167]) by imap1.dmz-prg2.suse.org with ESMTPSA id llhxJmFB0Gb6dAAAD6G6ig (envelope-from ); Thu, 29 Aug 2024 09:37:37 +0000 Received: by quack3.suse.cz (Postfix, from userid 1000) id 5969EA0965; Thu, 29 Aug 2024 11:37:33 +0200 (CEST) Date: Thu, 29 Aug 2024 11:37:33 +0200 From: Jan Kara To: Michal Hocko Cc: Andrew Morton , Christoph Hellwig , Yafang Shao , Kent Overstreet , jack@suse.cz, Christian Brauner , Alexander Viro , Paul Moore , James Morris , "Serge E. Hallyn" , linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-bcachefs@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, Michal Hocko Subject: Re: [PATCH 1/2] bcachefs: do not use PF_MEMALLOC_NORECLAIM Message-ID: <20240829093733.njnlsyexwknyosxe@quack3> References: <20240826085347.1152675-1-mhocko@kernel.org> <20240826085347.1152675-2-mhocko@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240826085347.1152675-2-mhocko@kernel.org> X-Rspamd-Queue-Id: 882F68001D X-Stat-Signature: btdna74gkwujqu3whastczz5osx4k58w X-Rspamd-Server: rspam09 X-Rspam-User: X-HE-Tag: 1724924259-956708 X-HE-Meta: U2FsdGVkX1/7TslTUp2WCPYhUdjHMMZJJdRZrRKXyZZNPmy2Wcg/s2ZKAHeMkIAjS0kafFo/2Tn0L+cw101vIcfKxcIl+TK3cH26GSCh1LNvcRWOuzSTv1Gz7TcV/LFX0MlqRcj+uqgUKFDSzgItEEvtZymDOhDuPBY8vNjnZBGPcQKcXlQ4lvBzkf9MuTuux8qwI8XRCO4NJUc5mn+Fl4+xZILWvcDS/AZVGhNEw0R2oaSDKixn+SSrVKR8tjUJXoegiRH7LmBPJyxJQVP2dWcI4dzn7E+5x3tTTSPTTRQ3A12KkHCbrQGBaz1eDCi5mKALYS50X+QYJfZ4vM59Z8uUrqE0MLcAPhdSOrFO3fcULAMTXeEtuzp9rJymO38YwDa0qcyP/j56JDcVy09KWDFbH5TKdKg0gWAU7vE6bsmjhRsRWLT0ieGQFrytHuNWE7oTftclCRJuV0OS9JpDceJobnrntsppWRknNoE5PpRNjsbNZxl7Rb5ySU01d9Vn9AorKUKsjEVdLauC5i7f3ZZuRaVcZi3dz2sjINQG8BTiFTVq+YBvQkw67YbecRkq/OtCOKDPx5TXtiMNb1vlr4k5Ws5Zk7H6x1Zaaad43UNdHQTa6v6gA9idKI4lNBiaVSz138aEDRQCcqC6tpJ7QwsqT+mK0bCVUdGTiyW9uIpasgdOBH3CmogXdTX2W82GN9RKCAqXv1lQm+MhdOpSkXejt5gEB+w7tAR5F4Y4wfCGpt1VywzBhSpR6jgB2nV37aiFLjyAaZ4S9otLxzV9uaIROiWusgF9pDgGvyatYNkdSWqALg2lBMm7/u77fxFNjAMb2M5aJgQ0j+AAoSy1k1oDWSftnOHl29jZ0XptlUycKHupuxXTZQ0IG3preZAr5klMaAtRytyM/rUGnGBmEFRTrDEnqRCo2vL+01vQpGKSOnBFhx7GoxApJYJqg+b80v4hhPCHym9oG23VnU6 nldezvJk lS5avRJbo/QLz/oxWf4EdO53dbLR1u0Yok8e+38sp/2MyGcVyCeDXZCrqnOjFfdp5en4K8N9nvaqzaKkmO9U2pN58EfKqGv4J4iQpU1LZEv3GYvTP8mkC5zbI7VhGzOpIjByTbh8nLGdXYRiNQlKzOx+p4Dx01+O9zia9N+QklFd8cHtrNMtn4Jr+RmgP/2dtUezh9NPHJX4JoYNMjUsou2Z3myVUICoA/qz6jhyTajnvn0Lbhlx1E5MjvemE3i0/QfDXxUyO/iL6BaA8wY6LSydd8pDHXC6Du4/xym+9Dgy+4AyBPG3dYudhZt07p3ljnqXSRU/S/fiUTMN6QhgtGNEeCjfxAqcSLjKISnUKGQFksgSwypQv2HTdQuxyze0fCMlSzWbxGxo+O6hA3FFikYHcCqcav3h56ZnJ+fuT5vi1RLvRdj8l38wbEI69larTMxSpJfVvcubgrzfW7PjodCT86w== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon 26-08-24 10:47:12, Michal Hocko wrote: > From: Michal Hocko > > bch2_new_inode relies on PF_MEMALLOC_NORECLAIM to try to allocate a new > inode to achieve GFP_NOWAIT semantic while holding locks. If this > allocation fails it will drop locks and use GFP_NOFS allocation context. > > We would like to drop PF_MEMALLOC_NORECLAIM because it is really > dangerous to use if the caller doesn't control the full call chain with > this flag set. E.g. if any of the function down the chain needed > GFP_NOFAIL request the PF_MEMALLOC_NORECLAIM would override this and > cause unexpected failure. > > While this is not the case in this particular case using the scoped gfp > semantic is not really needed bacause we can easily pus the allocation > context down the chain without too much clutter. > > Acked-by: Christoph Hellwig > Signed-off-by: Michal Hocko For the VFS changes feel free to add: Reviewed-by: Jan Kara Honza > --- > fs/bcachefs/fs.c | 14 ++++++-------- > fs/inode.c | 6 +++--- > include/linux/fs.h | 7 ++++++- > include/linux/lsm_hooks.h | 2 +- > include/linux/security.h | 4 ++-- > security/security.c | 8 ++++---- > 6 files changed, 22 insertions(+), 19 deletions(-) > > diff --git a/fs/bcachefs/fs.c b/fs/bcachefs/fs.c > index 15fc41e63b6c..7a55167b9133 100644 > --- a/fs/bcachefs/fs.c > +++ b/fs/bcachefs/fs.c > @@ -231,9 +231,9 @@ static struct inode *bch2_alloc_inode(struct super_block *sb) > BUG(); > } > > -static struct bch_inode_info *__bch2_new_inode(struct bch_fs *c) > +static struct bch_inode_info *__bch2_new_inode(struct bch_fs *c, gfp_t gfp) > { > - struct bch_inode_info *inode = kmem_cache_alloc(bch2_inode_cache, GFP_NOFS); > + struct bch_inode_info *inode = kmem_cache_alloc(bch2_inode_cache, gfp); > if (!inode) > return NULL; > > @@ -245,7 +245,7 @@ static struct bch_inode_info *__bch2_new_inode(struct bch_fs *c) > mutex_init(&inode->ei_quota_lock); > memset(&inode->ei_devs_need_flush, 0, sizeof(inode->ei_devs_need_flush)); > > - if (unlikely(inode_init_always(c->vfs_sb, &inode->v))) { > + if (unlikely(inode_init_always_gfp(c->vfs_sb, &inode->v), gfp)) { > kmem_cache_free(bch2_inode_cache, inode); > return NULL; > } > @@ -258,12 +258,10 @@ static struct bch_inode_info *__bch2_new_inode(struct bch_fs *c) > */ > static struct bch_inode_info *bch2_new_inode(struct btree_trans *trans) > { > - struct bch_inode_info *inode = > - memalloc_flags_do(PF_MEMALLOC_NORECLAIM|PF_MEMALLOC_NOWARN, > - __bch2_new_inode(trans->c)); > + struct bch_inode_info *inode = __bch2_new_inode(trans->c, GFP_NOWARN | GFP_NOWAIT); > > if (unlikely(!inode)) { > - int ret = drop_locks_do(trans, (inode = __bch2_new_inode(trans->c)) ? 0 : -ENOMEM); > + int ret = drop_locks_do(trans, (inode = __bch2_new_inode(trans->c, GFP_NOFS)) ? 0 : -ENOMEM); > if (ret && inode) { > __destroy_inode(&inode->v); > kmem_cache_free(bch2_inode_cache, inode); > @@ -328,7 +326,7 @@ __bch2_create(struct mnt_idmap *idmap, > if (ret) > return ERR_PTR(ret); > #endif > - inode = __bch2_new_inode(c); > + inode = __bch2_new_inode(c, GFP_NOFS); > if (unlikely(!inode)) { > inode = ERR_PTR(-ENOMEM); > goto err; > diff --git a/fs/inode.c b/fs/inode.c > index 86670941884b..95fd67a6cac3 100644 > --- a/fs/inode.c > +++ b/fs/inode.c > @@ -153,7 +153,7 @@ static int no_open(struct inode *inode, struct file *file) > * These are initializations that need to be done on every inode > * allocation as the fields are not initialised by slab allocation. > */ > -int inode_init_always(struct super_block *sb, struct inode *inode) > +int inode_init_always(struct super_block *sb, struct inode *inode, gfp_t gfp) > { > static const struct inode_operations empty_iops; > static const struct file_operations no_open_fops = {.open = no_open}; > @@ -230,14 +230,14 @@ int inode_init_always(struct super_block *sb, struct inode *inode) > #endif > inode->i_flctx = NULL; > > - if (unlikely(security_inode_alloc(inode))) > + if (unlikely(security_inode_alloc(inode, gfp))) > return -ENOMEM; > > this_cpu_inc(nr_inodes); > > return 0; > } > -EXPORT_SYMBOL(inode_init_always); > +EXPORT_SYMBOL(inode_init_always_gfp); > > void free_inode_nonrcu(struct inode *inode) > { > diff --git a/include/linux/fs.h b/include/linux/fs.h > index fd34b5755c0b..d46ca71a7855 100644 > --- a/include/linux/fs.h > +++ b/include/linux/fs.h > @@ -3027,7 +3027,12 @@ extern loff_t default_llseek(struct file *file, loff_t offset, int whence); > > extern loff_t vfs_llseek(struct file *file, loff_t offset, int whence); > > -extern int inode_init_always(struct super_block *, struct inode *); > +extern int inode_init_always_gfp(struct super_block *, struct inode *, gfp_t); > +static inline int inode_init_always(struct super_block *sb, struct inode *inode) > +{ > + return inode_init_always_gfp(sb, inode, GFP_NOFS); > +} > + > extern void inode_init_once(struct inode *); > extern void address_space_init_once(struct address_space *mapping); > extern struct inode * igrab(struct inode *); > diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h > index a2ade0ffe9e7..b08472d64765 100644 > --- a/include/linux/lsm_hooks.h > +++ b/include/linux/lsm_hooks.h > @@ -150,6 +150,6 @@ extern struct lsm_info __start_early_lsm_info[], __end_early_lsm_info[]; > __used __section(".early_lsm_info.init") \ > __aligned(sizeof(unsigned long)) > > -extern int lsm_inode_alloc(struct inode *inode); > +extern int lsm_inode_alloc(struct inode *inode, gfp_t gfp); > > #endif /* ! __LINUX_LSM_HOOKS_H */ > diff --git a/include/linux/security.h b/include/linux/security.h > index 1390f1efb4f0..7c6b9b038a0d 100644 > --- a/include/linux/security.h > +++ b/include/linux/security.h > @@ -336,7 +336,7 @@ int security_dentry_create_files_as(struct dentry *dentry, int mode, > struct cred *new); > int security_path_notify(const struct path *path, u64 mask, > unsigned int obj_type); > -int security_inode_alloc(struct inode *inode); > +int security_inode_alloc(struct inode *inode, gfp_t gfp); > void security_inode_free(struct inode *inode); > int security_inode_init_security(struct inode *inode, struct inode *dir, > const struct qstr *qstr, > @@ -769,7 +769,7 @@ static inline int security_path_notify(const struct path *path, u64 mask, > return 0; > } > > -static inline int security_inode_alloc(struct inode *inode) > +static inline int security_inode_alloc(struct inode *inode, gfp_t gfp) > { > return 0; > } > diff --git a/security/security.c b/security/security.c > index 8cee5b6c6e6d..3581262da5ee 100644 > --- a/security/security.c > +++ b/security/security.c > @@ -660,14 +660,14 @@ static int lsm_file_alloc(struct file *file) > * > * Returns 0, or -ENOMEM if memory can't be allocated. > */ > -int lsm_inode_alloc(struct inode *inode) > +int lsm_inode_alloc(struct inode *inode, gfp_t gfp) > { > if (!lsm_inode_cache) { > inode->i_security = NULL; > return 0; > } > > - inode->i_security = kmem_cache_zalloc(lsm_inode_cache, GFP_NOFS); > + inode->i_security = kmem_cache_zalloc(lsm_inode_cache, gfp); > if (inode->i_security == NULL) > return -ENOMEM; > return 0; > @@ -1582,9 +1582,9 @@ int security_path_notify(const struct path *path, u64 mask, > * > * Return: Return 0 if operation was successful. > */ > -int security_inode_alloc(struct inode *inode) > +int security_inode_alloc(struct inode *inode, gfp_t gfp) > { > - int rc = lsm_inode_alloc(inode); > + int rc = lsm_inode_alloc(inode, gfp); > > if (unlikely(rc)) > return rc; > -- > 2.46.0 > -- Jan Kara SUSE Labs, CR