]> git.ipfire.org Git - thirdparty/linux.git/commitdiff
ovl: narrow locking in ovl_whiteout()
authorNeilBrown <neil@brown.name>
Wed, 16 Jul 2025 00:44:29 +0000 (10:44 +1000)
committerChristian Brauner <brauner@kernel.org>
Fri, 18 Jul 2025 09:10:42 +0000 (11:10 +0200)
ovl_whiteout() relies on the workdir i_rwsem to provide exclusive access
to ofs->whiteout which it manipulates.  Rather than depending on this,
add a new mutex, "whiteout_lock" to explicitly provide the required
locking.  Use guard(mutex) for this so that we can return without
needing to explicitly unlock.

Then take the lock on workdir only when needed - to lookup the temp name
and to do the whiteout or link.

Signed-off-by: NeilBrown <neil@brown.name>
Link: https://lore.kernel.org/20250716004725.1206467-19-neil@brown.name
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Christian Brauner <brauner@kernel.org>
fs/overlayfs/dir.c
fs/overlayfs/ovl_entry.h
fs/overlayfs/params.c

index 6a70faeee6fad2b2be05563b85ce5b87b891fef3..7eb806a4e5f8d4a387a53eb2d9b1297846c1046f 100644 (file)
@@ -84,41 +84,45 @@ static struct dentry *ovl_whiteout(struct ovl_fs *ofs)
        struct dentry *workdir = ofs->workdir;
        struct inode *wdir = workdir->d_inode;
 
-       inode_lock_nested(wdir, I_MUTEX_PARENT);
+       guard(mutex)(&ofs->whiteout_lock);
+
        if (!ofs->whiteout) {
+               inode_lock_nested(wdir, I_MUTEX_PARENT);
                whiteout = ovl_lookup_temp(ofs, workdir);
-               if (IS_ERR(whiteout))
-                       goto out;
-
-               err = ovl_do_whiteout(ofs, wdir, whiteout);
-               if (err) {
-                       dput(whiteout);
-                       whiteout = ERR_PTR(err);
-                       goto out;
+               if (!IS_ERR(whiteout)) {
+                       err = ovl_do_whiteout(ofs, wdir, whiteout);
+                       if (err) {
+                               dput(whiteout);
+                               whiteout = ERR_PTR(err);
+                       }
                }
+               inode_unlock(wdir);
+               if (IS_ERR(whiteout))
+                       return whiteout;
                ofs->whiteout = whiteout;
        }
 
        if (!ofs->no_shared_whiteout) {
+               inode_lock_nested(wdir, I_MUTEX_PARENT);
                whiteout = ovl_lookup_temp(ofs, workdir);
-               if (IS_ERR(whiteout))
-                       goto out;
-
-               err = ovl_do_link(ofs, ofs->whiteout, wdir, whiteout);
-               if (!err)
-                       goto out;
-
-               if (err != -EMLINK) {
+               if (!IS_ERR(whiteout)) {
+                       err = ovl_do_link(ofs, ofs->whiteout, wdir, whiteout);
+                       if (err) {
+                               dput(whiteout);
+                               whiteout = ERR_PTR(err);
+                       }
+               }
+               inode_unlock(wdir);
+               if (!IS_ERR(whiteout))
+                       return whiteout;
+               if (PTR_ERR(whiteout) != -EMLINK) {
                        pr_warn("Failed to link whiteout - disabling whiteout inode sharing(nlink=%u, err=%i)\n",
                                ofs->whiteout->d_inode->i_nlink, err);
                        ofs->no_shared_whiteout = true;
                }
-               dput(whiteout);
        }
        whiteout = ofs->whiteout;
        ofs->whiteout = NULL;
-out:
-       inode_unlock(wdir);
        return whiteout;
 }
 
index afb7762f873f66c72cc5aa795a51ab22c15106dc..4c1bae935ced274f93a0d23fe10d34455e226ec4 100644 (file)
@@ -88,6 +88,7 @@ struct ovl_fs {
        /* Shared whiteout cache */
        struct dentry *whiteout;
        bool no_shared_whiteout;
+       struct mutex whiteout_lock;
        /* r/o snapshot of upperdir sb's only taken on volatile mounts */
        errseq_t errseq;
 };
index 2b9b31524c38d4c0b0765a54429ff484169175ff..f4e7fff909ac49e2f8c58a76273426c1158a7472 100644 (file)
@@ -795,6 +795,8 @@ int ovl_init_fs_context(struct fs_context *fc)
        fc->s_fs_info           = ofs;
        fc->fs_private          = ctx;
        fc->ops                 = &ovl_context_ops;
+
+       mutex_init(&ofs->whiteout_lock);
        return 0;
 
 out_err: