Commit 5a4dd003 authored by Omar Sandoval's avatar Omar Sandoval Committed by Luis Henriques

btrfs: unlock i_mutex after attempting to delete subvolume during send

commit 909e26dc upstream.

Whenever the check for a send in progress introduced in commit
521e0546 (btrfs: protect snapshots from deleting during send) is
hit, we return without unlocking inode->i_mutex. This is easy to see
with lockdep enabled:

[  +0.000059] ================================================
[  +0.000028] [ BUG: lock held when returning to user space! ]
[  +0.000029] 4.0.0-rc5-00096-g3c435c1e #93 Not tainted
[  +0.000026] ------------------------------------------------
[  +0.000029] btrfs/211 is leaving the kernel with locks still held!
[  +0.000029] 1 lock held by btrfs/211:
[  +0.000023]  #0:  (&type->i_mutex_dir_key){+.+.+.}, at: [<ffffffff8135b8df>] btrfs_ioctl_snap_destroy+0x2df/0x7a0

Make sure we unlock it in the error path.
Reviewed-by: default avatarFilipe Manana <fdmanana@suse.com>
Reviewed-by: default avatarDavid Sterba <dsterba@suse.cz>
Signed-off-by: default avatarOmar Sandoval <osandov@osandov.com>
Signed-off-by: default avatarChris Mason <clm@fb.com>
Signed-off-by: default avatarLuis Henriques <luis.henriques@canonical.com>
parent 44ac5963
...@@ -2451,7 +2451,7 @@ static noinline int btrfs_ioctl_snap_destroy(struct file *file, ...@@ -2451,7 +2451,7 @@ static noinline int btrfs_ioctl_snap_destroy(struct file *file,
"Attempt to delete subvolume %llu during send", "Attempt to delete subvolume %llu during send",
dest->root_key.objectid); dest->root_key.objectid);
err = -EPERM; err = -EPERM;
goto out_dput; goto out_unlock_inode;
} }
err = d_invalidate(dentry); err = d_invalidate(dentry);
...@@ -2549,6 +2549,7 @@ static noinline int btrfs_ioctl_snap_destroy(struct file *file, ...@@ -2549,6 +2549,7 @@ static noinline int btrfs_ioctl_snap_destroy(struct file *file,
root_flags & ~BTRFS_ROOT_SUBVOL_DEAD); root_flags & ~BTRFS_ROOT_SUBVOL_DEAD);
spin_unlock(&dest->root_item_lock); spin_unlock(&dest->root_item_lock);
} }
out_unlock_inode:
mutex_unlock(&inode->i_mutex); mutex_unlock(&inode->i_mutex);
if (!err) { if (!err) {
shrink_dcache_sb(root->fs_info->sb); shrink_dcache_sb(root->fs_info->sb);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment