[Devel] [PATCH RHEL7 COMMIT] ploop: Fix race between .prepare_merge and .submit_alloc

Mon, 01 Apr 2019 05:05:11 -0700 

The commit is pushed to "branch-rh7-3.10.0-957.10.1.vz7.85.x-ovz" and will 
appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-957.10.1.vz7.85.7
------>
commit 82c8b74a4a99d705be295da09d7fa578f85dbef5
Author: Kirill Tkhai <[email protected]>
Date:   Fri Mar 29 11:47:41 2019 +0300

    ploop: Fix race between .prepare_merge and .submit_alloc
    
    submit_alloc may change alloc_head in parallel,
    and this may lead to data corruption, when we
    read inode size before submit_alloc and update
    the size after submit_alloc.
    
    Signed-off-by: Kirill Tkhai <[email protected]>
---
 drivers/block/ploop/dev.c        | 5 +++++
 drivers/block/ploop/fmt_ploop1.c | 4 ++++
 2 files changed, 9 insertions(+)

diff --git a/drivers/block/ploop/dev.c b/drivers/block/ploop/dev.c
index 1d2167552b26..131ec72b1a1e 100644
--- a/drivers/block/ploop/dev.c
+++ b/drivers/block/ploop/dev.c
@@ -3782,6 +3782,11 @@ static void ploop_merge_cleanup(struct ploop_device * 
plo,
        ploop_relax(plo);
 }
 
+/*
+ * Calls format and io callbacks. Should not be called
+ * in quiesce state, since it may enter quiesce state
+ * itself (in fmt_prepare_merge callback).
+ */
 static int ploop_prepare_merge(struct ploop_delta *next,
                               struct ploop_snapdata *sd)
 {
diff --git a/drivers/block/ploop/fmt_ploop1.c b/drivers/block/ploop/fmt_ploop1.c
index 4a4aa6bf7ae2..59ba493db9ec 100644
--- a/drivers/block/ploop/fmt_ploop1.c
+++ b/drivers/block/ploop/fmt_ploop1.c
@@ -379,6 +379,7 @@ ploop1_prepare_merge(struct ploop_delta * delta, struct 
ploop_snapdata * sd)
        int err;
        struct ploop_pvd_header *vh;
        struct ploop1_private * ph = delta->priv;
+       struct ploop_device *plo = delta->plo;
 
        vh = (struct ploop_pvd_header *)page_address(ph->dyn_page);
 
@@ -389,9 +390,12 @@ ploop1_prepare_merge(struct ploop_delta * delta, struct 
ploop_snapdata * sd)
        if (pvd_header_is_disk_in_use(vh))
                return -EBUSY;
 
+       /* Close race with submit_alloc */
+       ploop_quiesce(plo);
        ph->alloc_head = delta->io.ops->i_size_read(&delta->io) >>
                         (delta->io.plo->cluster_log + 9);
        delta->io.alloc_head = ph->alloc_head;
+       ploop_relax(plo);
 
        return 0;
 }

_______________________________________________
Devel mailing list
[email protected]
https://lists.openvz.org/mailman/listinfo/devel

Reply via email to