vfs: partially sanitize i_state zeroing on inode creation

new_inode used to have the following:
	spin_lock(&inode_lock);
	inodes_stat.nr_inodes++;
	list_add(&inode->i_list, &inode_in_use);
	list_add(&inode->i_sb_list, &sb->s_inodes);
	inode->i_ino = ++last_ino;
	inode->i_state = 0;
	spin_unlock(&inode_lock);

over time things disappeared, got moved around or got replaced (global
inode lock with a per-inode lock), eventually this got reduced to:
	spin_lock(&inode->i_lock);
	inode->i_state = 0;
	spin_unlock(&inode->i_lock);

But the lock acquire here does not synchronize against anyone.

Additionally iget5_locked performs i_state = 0 assignment without any
locks to begin with, the two combined look confusing at best.

It looks like the current state is a leftover which was not cleaned up.

Ideally it would be an invariant that i_state == 0 to begin with, but
achieving that would require dealing with all filesystem alloc handlers
one by one.

In the meantime drop the misleading locking and move i_state zeroing to
inode_init_always so that others don't need to deal with it by hand.

Signed-off-by: Mateusz Guzik <mjguzik@gmail.com>
Link: https://lore.kernel.org/r/20240611120626.513952-3-mjguzik@gmail.com
Reviewed-by: Jan Kara <jack@suse.cz>
Signed-off-by: Christian Brauner <brauner@kernel.org>

diff --git a/fs/inode.c b/fs/inode.c
index 8c57cea7bbbb6b3ed5a83e7a7b09df326b4b55ea..ad7844ca92f9bc0b2d20e64ce5ae2780ea3fd85c 100644 (file)
--- a/fs/inode.c
+++ b/fs/inode.c
@@ -162,6 +162,7 @@ int inode_init_always(struct super_block *sb, struct inode *inode)
        inode->i_sb = sb;
        inode->i_blkbits = sb->s_blocksize_bits;
        inode->i_flags = 0;
+       inode->i_state = 0;
        atomic64_set(&inode->i_sequence, 0);
        atomic_set(&inode->i_count, 1);
        inode->i_op = &empty_iops;
@@ -231,6 +232,7 @@ int inode_init_always(struct super_block *sb, struct inode *inode)
 
        if (unlikely(security_inode_alloc(inode)))
                return -ENOMEM;
+
        this_cpu_inc(nr_inodes);
 
        return 0;
@@ -1023,14 +1025,7 @@ EXPORT_SYMBOL(get_next_ino);
  */
 struct inode *new_inode_pseudo(struct super_block *sb)
 {
-       struct inode *inode = alloc_inode(sb);
-
-       if (inode) {
-               spin_lock(&inode->i_lock);
-               inode->i_state = 0;
-               spin_unlock(&inode->i_lock);
-       }
-       return inode;
+       return alloc_inode(sb);
 }
 
 /**
@@ -1254,7 +1249,6 @@ struct inode *iget5_locked(struct super_block *sb, unsigned long hashval,
                struct inode *new = alloc_inode(sb);
 
                if (new) {
-                       new->i_state = 0;
                        inode = inode_insert5(new, hashval, test, set, data);
                        if (unlikely(inode != new))
                                destroy_inode(new);
@@ -1297,7 +1291,6 @@ again:
 
        new = alloc_inode(sb);
        if (new) {
-               new->i_state = 0;
                inode = inode_insert5(new, hashval, test, set, data);
                if (unlikely(inode != new))
                        destroy_inode(new);