From: Vladimir Davydov <vdavydov@parallels.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>,
Boris Ostrovsky <boris.ostrovsky@oracle.com>,
David Vrabel <david.vrabel@citrix.com>,
Mark Fasheh <mfasheh@suse.com>, Joel Becker <jlbec@evilplan.org>,
Stefan Hengelein <ilendir@googlemail.com>,
Florian Schmaus <fschmaus@gmail.com>,
Andor Daam <andor.daam@googlemail.com>,
Dan Magenheimer <dan.magenheimer@oracle.com>,
Bob Liu <lliubbo@gmail.com>,
linux-mm@kvack.org, linux-kernel@vger.kernel.org
Subject: [PATCH 3/4] cleancache: forbid overriding cleancache_ops
Date: Sun, 22 Feb 2015 21:31:54 +0300 [thread overview]
Message-ID: <244ef7841dfd25697164049432e0a54b3b938b19.1424628280.git.vdavydov@parallels.com> (raw)
In-Reply-To: <cover.1424628280.git.vdavydov@parallels.com>
Currently, cleancache_register_ops returns the previous value of
cleancache_ops to allow chaining. However, chaining, as it is
implemented now, is extremely dangerous due to possible pool id
collisions. Suppose, a new cleancache driver is registered after the
previous one assigned an id to a super block. If the new driver assigns
the same id to another super block, which is perfectly possible, we will
have two different filesystems using the same id. No matter if the new
driver implements chaining or not, we are likely to get data corruption
with such a configuration eventually.
This patch therefore disables the ability to override cleancache_ops
altogether as potentially dangerous. If there is already cleancache
driver registered, all further calls to cleancache_register_ops will
return EBUSY. Since no user of cleancache implements chaining, we only
need to make minor changes to the code outside the cleancache core.
Signed-off-by: Vladimir Davydov <vdavydov@parallels.com>
---
Documentation/vm/cleancache.txt | 4 +---
drivers/xen/tmem.c | 16 +++++++++-------
include/linux/cleancache.h | 3 +--
mm/cleancache.c | 12 +++++++-----
4 files changed, 18 insertions(+), 17 deletions(-)
diff --git a/Documentation/vm/cleancache.txt b/Documentation/vm/cleancache.txt
index 01d76282444e..e4b49df7a048 100644
--- a/Documentation/vm/cleancache.txt
+++ b/Documentation/vm/cleancache.txt
@@ -28,9 +28,7 @@ IMPLEMENTATION OVERVIEW
A cleancache "backend" that provides transcendent memory registers itself
to the kernel's cleancache "frontend" by calling cleancache_register_ops,
passing a pointer to a cleancache_ops structure with funcs set appropriately.
-Note that cleancache_register_ops returns the previous settings so that
-chaining can be performed if desired. The functions provided must conform to
-certain semantics as follows:
+The functions provided must conform to certain semantics as follows:
Most important, cleancache is "ephemeral". Pages which are copied into
cleancache have an indefinite lifetime which is completely unknowable
diff --git a/drivers/xen/tmem.c b/drivers/xen/tmem.c
index 8a65423bc696..8529e535459e 100644
--- a/drivers/xen/tmem.c
+++ b/drivers/xen/tmem.c
@@ -397,13 +397,15 @@ static int __init xen_tmem_init(void)
#ifdef CONFIG_CLEANCACHE
BUG_ON(sizeof(struct cleancache_filekey) != sizeof(struct tmem_oid));
if (tmem_enabled && cleancache) {
- char *s = "";
- struct cleancache_ops *old_ops =
- cleancache_register_ops(&tmem_cleancache_ops);
- if (old_ops)
- s = " (WARNING: cleancache_ops overridden)";
- pr_info("cleancache enabled, RAM provided by Xen Transcendent Memory%s\n",
- s);
+ int err;
+
+ err = cleancache_register_ops(&tmem_cleancache_ops);
+ if (err)
+ pr_warn("xen-tmem: failed to enable cleancache: %d\n",
+ err);
+ else
+ pr_info("cleancache enabled, RAM provided by "
+ "Xen Transcendent Memory\n");
}
#endif
#ifdef CONFIG_XEN_SELFBALLOONING
diff --git a/include/linux/cleancache.h b/include/linux/cleancache.h
index 29657d1c83fb..b23611f43cfb 100644
--- a/include/linux/cleancache.h
+++ b/include/linux/cleancache.h
@@ -33,8 +33,7 @@ struct cleancache_ops {
void (*invalidate_fs)(int);
};
-extern struct cleancache_ops *
- cleancache_register_ops(struct cleancache_ops *ops);
+extern int cleancache_register_ops(struct cleancache_ops *ops);
extern void __cleancache_init_fs(struct super_block *);
extern void __cleancache_init_shared_fs(struct super_block *);
extern int __cleancache_get_page(struct page *);
diff --git a/mm/cleancache.c b/mm/cleancache.c
index 532495f2e4f4..aa10f9a3bc88 100644
--- a/mm/cleancache.c
+++ b/mm/cleancache.c
@@ -106,15 +106,17 @@ static DEFINE_MUTEX(poolid_mutex);
*/
/*
- * Register operations for cleancache, returning previous thus allowing
- * detection of multiple backends and possible nesting.
+ * Register operations for cleancache. Returns 0 on success.
*/
-struct cleancache_ops *cleancache_register_ops(struct cleancache_ops *ops)
+int cleancache_register_ops(struct cleancache_ops *ops)
{
- struct cleancache_ops *old = cleancache_ops;
int i;
mutex_lock(&poolid_mutex);
+ if (cleancache_ops) {
+ mutex_unlock(&poolid_mutex);
+ return -EBUSY;
+ }
for (i = 0; i < MAX_INITIALIZABLE_FS; i++) {
if (fs_poolid_map[i] == FS_NO_BACKEND)
fs_poolid_map[i] = ops->init_fs(PAGE_SIZE);
@@ -130,7 +132,7 @@ struct cleancache_ops *cleancache_register_ops(struct cleancache_ops *ops)
barrier();
cleancache_ops = ops;
mutex_unlock(&poolid_mutex);
- return old;
+ return 0;
}
EXPORT_SYMBOL(cleancache_register_ops);
--
1.7.10.4
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2015-02-22 18:32 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-02-22 18:31 [PATCH 0/4] cleancache: remove limit on the number of cleancache enabled filesystems Vladimir Davydov
2015-02-22 18:31 ` [PATCH 1/4] ocfs2: copy fs uuid to superblock Vladimir Davydov
2015-02-22 18:31 ` [PATCH 2/4] cleancache: zap uuid arg of cleancache_init_shared_fs Vladimir Davydov
2015-02-22 18:31 ` Vladimir Davydov [this message]
2015-02-22 18:31 ` [PATCH 4/4] cleancache: remove limit on the number of cleancache enabled filesystems Vladimir Davydov
2015-02-23 10:31 ` Vladimir Davydov
2015-02-23 16:12 ` [PATCH 0/4] " Konrad Rzeszutek Wilk
2015-02-24 10:34 ` Vladimir Davydov
2015-03-04 21:22 ` Konrad Rzeszutek Wilk
2015-03-05 16:46 ` Vladimir Davydov
2015-03-06 15:14 ` Konrad Rzeszutek Wilk
2015-03-06 16:01 ` Vladimir Davydov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=244ef7841dfd25697164049432e0a54b3b938b19.1424628280.git.vdavydov@parallels.com \
--to=vdavydov@parallels.com \
--cc=akpm@linux-foundation.org \
--cc=andor.daam@googlemail.com \
--cc=boris.ostrovsky@oracle.com \
--cc=dan.magenheimer@oracle.com \
--cc=david.vrabel@citrix.com \
--cc=fschmaus@gmail.com \
--cc=ilendir@googlemail.com \
--cc=jlbec@evilplan.org \
--cc=konrad.wilk@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lliubbo@gmail.com \
--cc=mfasheh@suse.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox