• Steven Whitehouse's avatar
    GFS2: Fix inode deallocation race · 044b9414
    Steven Whitehouse authored
    This area of the code has always been a bit delicate due to the
    subtleties of lock ordering. The problem is that for "normal"
    alloc/dealloc, we always grab the inode locks first and the rgrp lock
    later.
    
    In order to ensure no races in looking up the unlinked, but still
    allocated inodes, we need to hold the rgrp lock when we do the lookup,
    which means that we can't take the inode glock.
    
    The solution is to borrow the technique already used by NFS to solve
    what is essentially the same problem (given an inode number, look up
    the inode carefully, checking that it really is in the expected
    state).
    
    We cannot do that directly from the allocation code (lock ordering
    again) so we give the job to the pre-existing delete workqueue and
    carry on with the allocation as normal.
    
    If we find there is no space, we do a journal flush (required anyway
    if space from a deallocation is to be released) which should block
    against the pending deallocations, so we should always get the space
    back.
    Signed-off-by: default avatarSteven Whitehouse <swhiteho@redhat.com>
    044b9414
export.c 4.95 KB