Vivek Goyal
2019-Sep-05  19:48 UTC
[PATCH 00/18] virtiofs: Fix various races and cleanups round 1
Hi,
Michael Tsirkin pointed out issues w.r.t various locking related TODO
items and races w.r.t device removal. 
In this first round of cleanups, I have taken care of most pressing
issues.
These patches apply on top of following.
git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git#virtiofs-v4
I have tested these patches with mount/umount and device removal using
qemu monitor. For example.
virsh qemu-monitor-command --hmp vm9-f28 device_del myvirtiofs
Now a mounted device can be removed and file system will return errors
-ENOTCONN and one can unmount it.
Miklos, if you are fine with the patches, I am fine if you fold these
all into existing patch. I kept them separate so that review is easier.
Any feedback or comments are welcome.
Thanks
Vivek
Vivek Goyal (18):
  virtiofs: Remove request from processing list before calling end
  virtiofs: Check whether hiprio queue is connected at submission time
  virtiofs: Pass fsvq instead of vq as parameter to
    virtio_fs_enqueue_req
  virtiofs: Check connected state for VQ_REQUEST queue as well
  Maintain count of in flight requests for VQ_REQUEST queue
  virtiofs: ->remove should not clean virtiofs fuse devices
  virtiofs: Stop virtiofs queues when device is being removed
  virtiofs: Drain all pending requests during ->remove time
  virtiofs: Add an helper to start all the queues
  virtiofs: Do not use device managed mem for virtio_fs and virtio_fs_vq
  virtiofs: stop and drain queues after sending DESTROY
  virtiofs: Use virtio_fs_free_devs() in error path
  virtiofs: Do not access virtqueue in request submission path
  virtiofs: Add a fuse_iqueue operation to put() reference
  virtiofs: Make virtio_fs object refcounted
  virtiofs: Use virtio_fs_mutex for races w.r.t ->remove and mount path
  virtiofs: Remove TODO to quiesce/end_requests
  virtiofs: Remove TODO item from virtio_fs_free_devs()
 fs/fuse/fuse_i.h    |   5 +
 fs/fuse/inode.c     |   6 +
 fs/fuse/virtio_fs.c | 259 ++++++++++++++++++++++++++++++++------------
 3 files changed, 198 insertions(+), 72 deletions(-)
-- 
2.20.1
Vivek Goyal
2019-Sep-05  19:48 UTC
[PATCH 01/18] virtiofs: Remove request from processing list before calling end
In error path we are calling fuse_request_end() but we need to clear
FR_SENT bit as well as remove request from processing queue. Otherwise
fuse_request_end() triggers a warning as well as other issues show up.
Signed-off-by: Vivek Goyal <vgoyal at redhat.com>
---
 fs/fuse/virtio_fs.c | 4 ++++
 1 file changed, 4 insertions(+)
diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c
index 197e79e536f9..a708ccb65662 100644
--- a/fs/fuse/virtio_fs.c
+++ b/fs/fuse/virtio_fs.c
@@ -826,6 +826,10 @@ __releases(fiq->waitq.lock)
 		}
 		req->out.h.error = ret;
 		pr_err("virtio-fs: virtio_fs_enqueue_req() failed %d\n", ret);
+		spin_lock(&fpq->lock);
+		clear_bit(FR_SENT, &req->flags);
+		list_del_init(&req->list);
+		spin_unlock(&fpq->lock);
 		fuse_request_end(fc, req);
 		return;
 	}
-- 
2.20.1
Vivek Goyal
2019-Sep-05  19:48 UTC
[PATCH 02/18] virtiofs: Check whether hiprio queue is connected at submission time
For hiprio queue (forget requests), we are keeping a state in queue whether
queue is connected or not. If queue is not connected, do not try to submit
request and return error instead.
As of now, we are checking for this state only in path where worker tries
to submit forget after first attempt failed. Check this state even in
the path when request is being submitted first time.
Signed-off-by: Vivek Goyal <vgoyal at redhat.com>
---
 fs/fuse/virtio_fs.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c
index a708ccb65662..e9497b565dd8 100644
--- a/fs/fuse/virtio_fs.c
+++ b/fs/fuse/virtio_fs.c
@@ -577,9 +577,16 @@ __releases(fiq->waitq.lock)
 	sg_init_one(&sg, forget, sizeof(*forget));
 
 	/* Enqueue the request */
+	spin_lock(&fsvq->lock);
+
+	if (!fsvq->connected) {
+		kfree(forget);
+		spin_unlock(&fsvq->lock);
+		goto out;
+	}
+
 	vq = fsvq->vq;
 	dev_dbg(&vq->vdev->dev, "%s\n", __func__);
-	spin_lock(&fsvq->lock);
 
 	ret = virtqueue_add_sgs(vq, sgs, 1, 0, forget, GFP_ATOMIC);
 	if (ret < 0) {
-- 
2.20.1
Vivek Goyal
2019-Sep-05  19:48 UTC
[PATCH 03/18] virtiofs: Pass fsvq instead of vq as parameter to virtio_fs_enqueue_req
Pass fsvq instead of vq as parameter to virtio_fs_enqueue_req(). We will
retrieve vq from fsvq under spin lock.
Later in the patch series we will retrieve vq only if fsvq is still connected
other vq might have been cleaned up by device ->remove code and we will
return error.
Signed-off-by: Vivek Goyal <vgoyal at redhat.com>
---
 fs/fuse/virtio_fs.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c
index e9497b565dd8..9d30530e3ca9 100644
--- a/fs/fuse/virtio_fs.c
+++ b/fs/fuse/virtio_fs.c
@@ -698,14 +698,15 @@ static unsigned int sg_init_fuse_args(struct scatterlist
*sg,
 }
 
 /* Add a request to a virtqueue and kick the device */
-static int virtio_fs_enqueue_req(struct virtqueue *vq, struct fuse_req *req)
+static int virtio_fs_enqueue_req(struct virtio_fs_vq *fsvq,
+				 struct fuse_req *req)
 {
 	/* requests need at least 4 elements */
 	struct scatterlist *stack_sgs[6];
 	struct scatterlist stack_sg[ARRAY_SIZE(stack_sgs)];
 	struct scatterlist **sgs = stack_sgs;
 	struct scatterlist *sg = stack_sg;
-	struct virtio_fs_vq *fsvq;
+	struct virtqueue *vq;
 	unsigned int argbuf_used = 0;
 	unsigned int out_sgs = 0;
 	unsigned int in_sgs = 0;
@@ -752,9 +753,9 @@ static int virtio_fs_enqueue_req(struct virtqueue *vq,
struct fuse_req *req)
 	for (i = 0; i < total_sgs; i++)
 		sgs[i] = &sg[i];
 
-	fsvq = vq_to_fsvq(vq);
 	spin_lock(&fsvq->lock);
 
+	vq = fsvq->vq;
 	ret = virtqueue_add_sgs(vq, sgs, out_sgs, in_sgs, req, GFP_ATOMIC);
 	if (ret < 0) {
 		/* TODO handle full virtqueue */
@@ -824,7 +825,7 @@ __releases(fiq->waitq.lock)
 	/* TODO check for FR_INTERRUPTED? */
 
 retry:
-	ret = virtio_fs_enqueue_req(fs->vqs[queue_id].vq, req);
+	ret = virtio_fs_enqueue_req(&fs->vqs[queue_id], req);
 	if (ret < 0) {
 		if (ret == -ENOMEM || ret == -ENOSPC) {
 			/* Virtqueue full. Retry submission */
-- 
2.20.1
Vivek Goyal
2019-Sep-05  19:48 UTC
[PATCH 04/18] virtiofs: Check connected state for VQ_REQUEST queue as well
Right now we are checking ->connected state only for VQ_HIPRIO. Now we want
to make use of this method for all queues. So check it for VQ_REQUEST as
well.
This will be helpful if device has been removed and virtqueue is gone. In
that case ->connected will be false and request can't be submitted
anymore
and user space will see error -ENOTCONN.
Signed-off-by: Vivek Goyal <vgoyal at redhat.com>
---
 fs/fuse/virtio_fs.c | 6 ++++++
 1 file changed, 6 insertions(+)
diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c
index 9d30530e3ca9..c46dd4d284d6 100644
--- a/fs/fuse/virtio_fs.c
+++ b/fs/fuse/virtio_fs.c
@@ -755,6 +755,12 @@ static int virtio_fs_enqueue_req(struct virtio_fs_vq *fsvq,
 
 	spin_lock(&fsvq->lock);
 
+	if (!fsvq->connected) {
+		spin_unlock(&fsvq->lock);
+		ret = -ENOTCONN;
+		goto out;
+	}
+
 	vq = fsvq->vq;
 	ret = virtqueue_add_sgs(vq, sgs, out_sgs, in_sgs, req, GFP_ATOMIC);
 	if (ret < 0) {
-- 
2.20.1
Vivek Goyal
2019-Sep-05  19:48 UTC
[PATCH 05/18] Maintain count of in flight requests for VQ_REQUEST queue
As of now we maintain this count only for VQ_HIPRIO. Maintain it for VQ_REQUEST as well so that later it can be used to drain VQ_REQUEST queue. Signed-off-by: Vivek Goyal <vgoyal at redhat.com> --- fs/fuse/virtio_fs.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c index c46dd4d284d6..5df97dfee37d 100644 --- a/fs/fuse/virtio_fs.c +++ b/fs/fuse/virtio_fs.c @@ -360,6 +360,9 @@ static void virtio_fs_requests_done_work(struct work_struct *work) spin_unlock(&fpq->lock); fuse_request_end(fc, req); + spin_lock(&fsvq->lock); + fsvq->in_flight--; + spin_unlock(&fsvq->lock); } } @@ -769,6 +772,7 @@ static int virtio_fs_enqueue_req(struct virtio_fs_vq *fsvq, goto out; } + fsvq->in_flight++; notify = virtqueue_kick_prepare(vq); spin_unlock(&fsvq->lock); -- 2.20.1
Vivek Goyal
2019-Sep-05  19:48 UTC
[PATCH 06/18] virtiofs: ->remove should not clean virtiofs fuse devices
We maintain a fuse device per virt queue. This fuse devices are allocated
and installed during mount time and should be cleaned up when super block
is going away. Device removal should not clean it. Device removal should
stop queues and virtuques can go away.
Signed-off-by: Vivek Goyal <vgoyal at redhat.com>
---
 fs/fuse/virtio_fs.c | 2 --
 1 file changed, 2 deletions(-)
diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c
index 5df97dfee37d..f68a25ca9e9d 100644
--- a/fs/fuse/virtio_fs.c
+++ b/fs/fuse/virtio_fs.c
@@ -497,8 +497,6 @@ static void virtio_fs_remove(struct virtio_device *vdev)
 {
 	struct virtio_fs *fs = vdev->priv;
 
-	virtio_fs_free_devs(fs);
-
 	vdev->config->reset(vdev);
 	virtio_fs_cleanup_vqs(vdev, fs);
 
-- 
2.20.1
Vivek Goyal
2019-Sep-05  19:48 UTC
[PATCH 07/18] virtiofs: Stop virtiofs queues when device is being removed
Stop all the virt queues when device is going away. This will ensure that
no new requests are submitted to virtqueue and and request will end with
error -ENOTCONN.
Signed-off-by: Vivek Goyal <vgoyal at redhat.com>
---
 fs/fuse/virtio_fs.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c
index f68a25ca9e9d..90e7b2f345e5 100644
--- a/fs/fuse/virtio_fs.c
+++ b/fs/fuse/virtio_fs.c
@@ -493,10 +493,24 @@ static int virtio_fs_probe(struct virtio_device *vdev)
 	return ret;
 }
 
+static void virtio_fs_stop_all_queues(struct virtio_fs *fs)
+{
+	struct virtio_fs_vq *fsvq;
+	int i;
+
+	for (i = 0; i < fs->nvqs; i++) {
+		fsvq = &fs->vqs[i];
+		spin_lock(&fsvq->lock);
+		fsvq->connected = false;
+		spin_unlock(&fsvq->lock);
+	}
+}
+
 static void virtio_fs_remove(struct virtio_device *vdev)
 {
 	struct virtio_fs *fs = vdev->priv;
 
+	virtio_fs_stop_all_queues(fs);
 	vdev->config->reset(vdev);
 	virtio_fs_cleanup_vqs(vdev, fs);
 
-- 
2.20.1
Vivek Goyal
2019-Sep-05  19:48 UTC
[PATCH 08/18] virtiofs: Drain all pending requests during ->remove time
When device is going away, drain all pending requests.
Signed-off-by: Vivek Goyal <vgoyal at redhat.com>
---
 fs/fuse/virtio_fs.c | 83 ++++++++++++++++++++++++++++-----------------
 1 file changed, 51 insertions(+), 32 deletions(-)
diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c
index 90e7b2f345e5..d5730a50b303 100644
--- a/fs/fuse/virtio_fs.c
+++ b/fs/fuse/virtio_fs.c
@@ -63,6 +63,55 @@ static inline struct fuse_pqueue *vq_to_fpq(struct virtqueue
*vq)
 	return &vq_to_fsvq(vq)->fud->pq;
 }
 
+static void virtio_fs_drain_queue(struct virtio_fs_vq *fsvq)
+{
+	WARN_ON(fsvq->in_flight < 0);
+
+	/* Wait for in flight requests to finish.*/
+	while (1) {
+		spin_lock(&fsvq->lock);
+		if (!fsvq->in_flight) {
+			spin_unlock(&fsvq->lock);
+			break;
+		}
+		spin_unlock(&fsvq->lock);
+		usleep_range(1000, 2000);
+	}
+
+	flush_work(&fsvq->done_work);
+	flush_delayed_work(&fsvq->dispatch_work);
+}
+
+static inline void drain_hiprio_queued_reqs(struct virtio_fs_vq *fsvq)
+{
+	struct virtio_fs_forget *forget;
+
+	spin_lock(&fsvq->lock);
+	while (1) {
+		forget = list_first_entry_or_null(&fsvq->queued_reqs,
+						struct virtio_fs_forget, list);
+		if (!forget)
+			break;
+		list_del(&forget->list);
+		kfree(forget);
+	}
+	spin_unlock(&fsvq->lock);
+}
+
+static void virtio_fs_drain_all_queues(struct virtio_fs *fs)
+{
+	struct virtio_fs_vq *fsvq;
+	int i;
+
+	for (i = 0; i < fs->nvqs; i++) {
+		fsvq = &fs->vqs[i];
+		if (i == VQ_HIPRIO)
+			drain_hiprio_queued_reqs(fsvq);
+
+		virtio_fs_drain_queue(fsvq);
+	}
+}
+
 /* Add a new instance to the list or return -EEXIST if tag name exists*/
 static int virtio_fs_add_instance(struct virtio_fs *fs)
 {
@@ -511,6 +560,7 @@ static void virtio_fs_remove(struct virtio_device *vdev)
 	struct virtio_fs *fs = vdev->priv;
 
 	virtio_fs_stop_all_queues(fs);
+	virtio_fs_drain_all_queues(fs);
 	vdev->config->reset(vdev);
 	virtio_fs_cleanup_vqs(vdev, fs);
 
@@ -865,37 +915,6 @@ __releases(fiq->waitq.lock)
 	}
 }
 
-static void virtio_fs_flush_hiprio_queue(struct virtio_fs_vq *fsvq)
-{
-	struct virtio_fs_forget *forget;
-
-	WARN_ON(fsvq->in_flight < 0);
-
-	/* Go through pending forget requests and free them */
-	spin_lock(&fsvq->lock);
-	while (1) {
-		forget = list_first_entry_or_null(&fsvq->queued_reqs,
-					struct virtio_fs_forget, list);
-		if (!forget)
-			break;
-		list_del(&forget->list);
-		kfree(forget);
-	}
-
-	spin_unlock(&fsvq->lock);
-
-	/* Wait for in flight requests to finish.*/
-	while (1) {
-		spin_lock(&fsvq->lock);
-		if (!fsvq->in_flight) {
-			spin_unlock(&fsvq->lock);
-			break;
-		}
-		spin_unlock(&fsvq->lock);
-		usleep_range(1000, 2000);
-	}
-}
-
 const static struct fuse_iqueue_ops virtio_fs_fiq_ops = {
 	.wake_forget_and_unlock		= virtio_fs_wake_forget_and_unlock,
 	.wake_interrupt_and_unlock	= virtio_fs_wake_interrupt_and_unlock,
@@ -988,7 +1007,7 @@ static void virtio_kill_sb(struct super_block *sb)
 	spin_lock(&fsvq->lock);
 	fsvq->connected = false;
 	spin_unlock(&fsvq->lock);
-	virtio_fs_flush_hiprio_queue(fsvq);
+	virtio_fs_drain_all_queues(vfs);
 
 	fuse_kill_sb_anon(sb);
 	virtio_fs_free_devs(vfs);
-- 
2.20.1
Vivek Goyal
2019-Sep-05  19:48 UTC
[PATCH 09/18] virtiofs: Add an helper to start all the queues
This just marks are the queues are connected and ready to accept the
request.
Signed-off-by: Vivek Goyal <vgoyal at redhat.com>
---
 fs/fuse/virtio_fs.c | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)
diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c
index d5730a50b303..f2936daca39c 100644
--- a/fs/fuse/virtio_fs.c
+++ b/fs/fuse/virtio_fs.c
@@ -112,6 +112,19 @@ static void virtio_fs_drain_all_queues(struct virtio_fs
*fs)
 	}
 }
 
+static void virtio_fs_start_all_queues(struct virtio_fs *fs)
+{
+	struct virtio_fs_vq *fsvq;
+	int i;
+
+	for (i = 0; i < fs->nvqs; i++) {
+		fsvq = &fs->vqs[i];
+		spin_lock(&fsvq->lock);
+		fsvq->connected = true;
+		spin_unlock(&fsvq->lock);
+	}
+}
+
 /* Add a new instance to the list or return -EEXIST if tag name exists*/
 static int virtio_fs_add_instance(struct virtio_fs *fs)
 {
@@ -483,10 +496,10 @@ static int virtio_fs_setup_vqs(struct virtio_device *vdev,
 	if (ret < 0)
 		goto out;
 
-	for (i = 0; i < fs->nvqs; i++) {
+	for (i = 0; i < fs->nvqs; i++)
 		fs->vqs[i].vq = vqs[i];
-		fs->vqs[i].connected = true;
-	}
+
+	virtio_fs_start_all_queues(fs);
 out:
 	kfree(names);
 	kfree(callbacks);
-- 
2.20.1
Vivek Goyal
2019-Sep-05  19:48 UTC
[PATCH 10/18] virtiofs: Do not use device managed mem for virtio_fs and virtio_fs_vq
These data structures should go away when virtio_fs object is going away. When deivce is going away, we need to just make sure virtqueues can go away and after that none of the code accesses vq and all the requests get error. So allocate memory for virtio_fs and virtio_fs_vq normally and free it at right time. This patch still frees up memory during device remove time. A later patch will make virtio_fs object reference counted and this memory will be freed when last reference to object is dropped. Signed-off-by: Vivek Goyal <vgoyal at redhat.com> --- fs/fuse/virtio_fs.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c index f2936daca39c..1ea0f889e804 100644 --- a/fs/fuse/virtio_fs.c +++ b/fs/fuse/virtio_fs.c @@ -446,7 +446,7 @@ static int virtio_fs_setup_vqs(struct virtio_device *vdev, vq_callback_t **callbacks; const char **names; unsigned int i; - int ret; + int ret = 0; virtio_cread(vdev, struct virtio_fs_config, num_queues, &fs->num_queues); @@ -454,9 +454,7 @@ static int virtio_fs_setup_vqs(struct virtio_device *vdev, return -EINVAL; fs->nvqs = 1 + fs->num_queues; - - fs->vqs = devm_kcalloc(&vdev->dev, fs->nvqs, - sizeof(fs->vqs[VQ_HIPRIO]), GFP_KERNEL); + fs->vqs = kcalloc(fs->nvqs, sizeof(fs->vqs[VQ_HIPRIO]), GFP_KERNEL); if (!fs->vqs) return -ENOMEM; @@ -504,6 +502,8 @@ static int virtio_fs_setup_vqs(struct virtio_device *vdev, kfree(names); kfree(callbacks); kfree(vqs); + if (ret) + kfree(fs->vqs); return ret; } @@ -519,7 +519,7 @@ static int virtio_fs_probe(struct virtio_device *vdev) struct virtio_fs *fs; int ret; - fs = devm_kzalloc(&vdev->dev, sizeof(*fs), GFP_KERNEL); + fs = kzalloc(sizeof(*fs), GFP_KERNEL); if (!fs) return -ENOMEM; vdev->priv = fs; @@ -552,6 +552,7 @@ static int virtio_fs_probe(struct virtio_device *vdev) out: vdev->priv = NULL; + kfree(fs); return ret; } @@ -582,6 +583,8 @@ static void virtio_fs_remove(struct virtio_device *vdev) mutex_unlock(&virtio_fs_mutex); vdev->priv = NULL; + kfree(fs->vqs); + kfree(fs); } #ifdef CONFIG_PM_SLEEP -- 2.20.1
Vivek Goyal
2019-Sep-05  19:48 UTC
[PATCH 11/18] virtiofs: stop and drain queues after sending DESTROY
During virtio_kill_sb() we first stop forget queue and drain it and then call fuse_kill_sb_anon(). This will result in sending DESTROY request to fuse server. Once finished, stop all the queues and drain one more time just to be sure and then free up the devices. Given drain queues will call flush_work() on various workers, remove this logic from virtio_free_devs(). Signed-off-by: Vivek Goyal <vgoyal at redhat.com> --- fs/fuse/virtio_fs.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c index 1ea0f889e804..a76bd5a04521 100644 --- a/fs/fuse/virtio_fs.c +++ b/fs/fuse/virtio_fs.c @@ -180,9 +180,6 @@ static void virtio_fs_free_devs(struct virtio_fs *fs) if (!fsvq->fud) continue; - flush_work(&fsvq->done_work); - flush_delayed_work(&fsvq->dispatch_work); - /* TODO need to quiesce/end_requests/decrement dev_count */ fuse_dev_free(fsvq->fud); fsvq->fud = NULL; @@ -994,6 +991,8 @@ static int virtio_fs_fill_super(struct super_block *sb) atomic_inc(&fc->dev_count); } + /* Previous unmount will stop all queues. Start these again */ + virtio_fs_start_all_queues(fs); fuse_send_init(fc, init_req); return 0; @@ -1026,6 +1025,12 @@ static void virtio_kill_sb(struct super_block *sb) virtio_fs_drain_all_queues(vfs); fuse_kill_sb_anon(sb); + + /* fuse_kill_sb_anon() must have sent destroy. Stop all queues + * and drain one more time and free fuse devices. + */ + virtio_fs_stop_all_queues(vfs); + virtio_fs_drain_all_queues(vfs); virtio_fs_free_devs(vfs); } -- 2.20.1
Vivek Goyal
2019-Sep-05  19:48 UTC
[PATCH 12/18] virtiofs: Use virtio_fs_free_devs() in error path
We already have an helper to cleanup fuse devices. Use that instead of duplicating the code. Signed-off-by: Vivek Goyal <vgoyal at redhat.com> --- fs/fuse/virtio_fs.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c index a76bd5a04521..40259368a6bd 100644 --- a/fs/fuse/virtio_fs.c +++ b/fs/fuse/virtio_fs.c @@ -999,8 +999,7 @@ static int virtio_fs_fill_super(struct super_block *sb) err_free_init_req: fuse_request_free(init_req); err_free_fuse_devs: - for (i = 0; i < fs->nvqs; i++) - fuse_dev_free(fs->vqs[i].fud); + virtio_fs_free_devs(fs); err: return err; } -- 2.20.1
Vivek Goyal
2019-Sep-05  19:48 UTC
[PATCH 13/18] virtiofs: Do not access virtqueue in request submission path
In request submission path it is possible that virtqueue is already gone
due to driver->remove(). So do not access it in dev_dbg(). Use pr_debug()
instead.
If virtuqueue is gone, this will result in NULL pointer deference.
Signed-off-by: Vivek Goyal <vgoyal at redhat.com>
---
 fs/fuse/virtio_fs.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c
index 40259368a6bd..01bbf2c0e144 100644
--- a/fs/fuse/virtio_fs.c
+++ b/fs/fuse/virtio_fs.c
@@ -888,10 +888,10 @@ __releases(fiq->waitq.lock)
 	fs = fiq->priv;
 	fc = fs->vqs[queue_id].fud->fc;
 
-	dev_dbg(&fs->vqs[queue_id].vq->vdev->dev,
-		"%s: opcode %u unique %#llx nodeid %#llx in.len %u out.len %u\n",
-		__func__, req->in.h.opcode, req->in.h.unique, req->in.h.nodeid,
-		req->in.h.len, fuse_len_args(req->out.numargs, req->out.args));
+	pr_debug("%s: opcode %u unique %#llx nodeid %#llx in.len %u out.len
%u"
+		 "\n", __func__, req->in.h.opcode, req->in.h.unique,
+		 req->in.h.nodeid, req->in.h.len,
+		 fuse_len_args(req->out.numargs, req->out.args));
 
 	fpq = &fs->vqs[queue_id].fud->pq;
 	spin_lock(&fpq->lock);
-- 
2.20.1
Vivek Goyal
2019-Sep-05  19:48 UTC
[PATCH 14/18] virtiofs: Add a fuse_iqueue operation to put() reference
Soon I will make virtio_fs object reference counted, where reference will
be taken by device as well as by fuse_conn
(fuse_conn->fuse_iqueue->fiq_priv).
When fuse_connection is going away, it should put its reference on virtio_fs
object.
So add a fuse_iqueue method which can be used to call into virtio_fs to
put the reference on the object (fiq_priv).
Signed-off-by: Vivek Goyal <vgoyal at redhat.com>
---
 fs/fuse/fuse_i.h | 5 +++++
 fs/fuse/inode.c  | 6 ++++++
 2 files changed, 11 insertions(+)
diff --git a/fs/fuse/fuse_i.h b/fs/fuse/fuse_i.h
index 85e2dcad68c1..04e2c000d63f 100644
--- a/fs/fuse/fuse_i.h
+++ b/fs/fuse/fuse_i.h
@@ -479,6 +479,11 @@ struct fuse_iqueue_ops {
 	 */
 	void (*wake_pending_and_unlock)(struct fuse_iqueue *fiq)
 		__releases(fiq->waitq.lock);
+
+	/**
+	 * Put a reference on fiq_priv.
+	 */
+	void (*put)(struct fuse_iqueue *fiq);
 };
 
 /** /dev/fuse input queue operations */
diff --git a/fs/fuse/inode.c b/fs/fuse/inode.c
index 7fa0dcc6f565..70a433bdf01f 100644
--- a/fs/fuse/inode.c
+++ b/fs/fuse/inode.c
@@ -631,8 +631,14 @@ EXPORT_SYMBOL_GPL(fuse_conn_init);
 void fuse_conn_put(struct fuse_conn *fc)
 {
 	if (refcount_dec_and_test(&fc->count)) {
+		struct fuse_iqueue *fiq = &fc->iq;
+
 		if (fc->destroy_req)
 			fuse_request_free(fc->destroy_req);
+		if (fiq->priv && fiq->ops->put) {
+			fiq->ops->put(fiq);
+			fiq->priv = NULL;
+		}
 		put_pid_ns(fc->pid_ns);
 		put_user_ns(fc->user_ns);
 		fc->release(fc);
-- 
2.20.1
Vivek Goyal
2019-Sep-05  19:48 UTC
[PATCH 15/18] virtiofs: Make virtio_fs object refcounted
This object is used both by fuse_connection as well virt device. So make
this object reference counted and that makes it easy to define life cycle
of the object.
Now deivce can be removed while filesystem is still mounted. This will
cleanup all the virtqueues but virtio_fs object will still be around and
will be cleaned when filesystem is unmounted and sb/fc drops its reference.
Removing a device also stops all virt queues and any new reuqest gets
error -ENOTCONN. All existing in flight requests are drained before
->remove returns.
Signed-off-by: Vivek Goyal <vgoyal at redhat.com>
---
 fs/fuse/virtio_fs.c | 52 +++++++++++++++++++++++++++++++++++++--------
 1 file changed, 43 insertions(+), 9 deletions(-)
diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c
index 01bbf2c0e144..29ec2f5bbbe2 100644
--- a/fs/fuse/virtio_fs.c
+++ b/fs/fuse/virtio_fs.c
@@ -37,6 +37,7 @@ struct virtio_fs_vq {
 
 /* A virtio-fs device instance */
 struct virtio_fs {
+	struct kref refcount;
 	struct list_head list;    /* on virtio_fs_instances */
 	char *tag;
 	struct virtio_fs_vq *vqs;
@@ -63,6 +64,27 @@ static inline struct fuse_pqueue *vq_to_fpq(struct virtqueue
*vq)
 	return &vq_to_fsvq(vq)->fud->pq;
 }
 
+static void release_virtiofs_obj(struct kref *ref)
+{
+	struct virtio_fs *vfs = container_of(ref, struct virtio_fs, refcount);
+
+	kfree(vfs->vqs);
+	kfree(vfs);
+}
+
+static void virtiofs_put(struct virtio_fs *fs)
+{
+	mutex_lock(&virtio_fs_mutex);
+	kref_put(&fs->refcount, release_virtiofs_obj);
+	mutex_unlock(&virtio_fs_mutex);
+}
+
+static void virtio_fs_put(struct fuse_iqueue *fiq)
+{
+	struct virtio_fs *vfs = fiq->priv;
+	virtiofs_put(vfs);
+}
+
 static void virtio_fs_drain_queue(struct virtio_fs_vq *fsvq)
 {
 	WARN_ON(fsvq->in_flight < 0);
@@ -156,8 +178,10 @@ static struct virtio_fs *virtio_fs_find_instance(const char
*tag)
 	mutex_lock(&virtio_fs_mutex);
 
 	list_for_each_entry(fs, &virtio_fs_instances, list) {
-		if (strcmp(fs->tag, tag) == 0)
+		if (strcmp(fs->tag, tag) == 0) {
+			kref_get(&fs->refcount);
 			goto found;
+		}
 	}
 
 	fs = NULL; /* not found */
@@ -519,6 +543,7 @@ static int virtio_fs_probe(struct virtio_device *vdev)
 	fs = kzalloc(sizeof(*fs), GFP_KERNEL);
 	if (!fs)
 		return -ENOMEM;
+	kref_init(&fs->refcount);
 	vdev->priv = fs;
 
 	ret = virtio_fs_read_tag(vdev, fs);
@@ -570,18 +595,18 @@ static void virtio_fs_remove(struct virtio_device *vdev)
 {
 	struct virtio_fs *fs = vdev->priv;
 
+	mutex_lock(&virtio_fs_mutex);
+	list_del_init(&fs->list);
+	mutex_unlock(&virtio_fs_mutex);
+
 	virtio_fs_stop_all_queues(fs);
 	virtio_fs_drain_all_queues(fs);
 	vdev->config->reset(vdev);
 	virtio_fs_cleanup_vqs(vdev, fs);
 
-	mutex_lock(&virtio_fs_mutex);
-	list_del(&fs->list);
-	mutex_unlock(&virtio_fs_mutex);
-
 	vdev->priv = NULL;
-	kfree(fs->vqs);
-	kfree(fs);
+	/* Put device reference on virtio_fs object */
+	virtiofs_put(fs);
 }
 
 #ifdef CONFIG_PM_SLEEP
@@ -932,6 +957,7 @@ const static struct fuse_iqueue_ops virtio_fs_fiq_ops = {
 	.wake_forget_and_unlock		= virtio_fs_wake_forget_and_unlock,
 	.wake_interrupt_and_unlock	= virtio_fs_wake_interrupt_and_unlock,
 	.wake_pending_and_unlock	= virtio_fs_wake_pending_and_unlock,
+	.put				= virtio_fs_put,
 };
 
 static int virtio_fs_fill_super(struct super_block *sb)
@@ -1026,7 +1052,9 @@ static void virtio_kill_sb(struct super_block *sb)
 	fuse_kill_sb_anon(sb);
 
 	/* fuse_kill_sb_anon() must have sent destroy. Stop all queues
-	 * and drain one more time and free fuse devices.
+	 * and drain one more time and free fuse devices. Freeing fuse
+	 * devices will drop their reference on fuse_conn and that in
+	 * turn will drop its reference on virtio_fs object.
 	 */
 	virtio_fs_stop_all_queues(vfs);
 	virtio_fs_drain_all_queues(vfs);
@@ -1060,6 +1088,10 @@ static int virtio_fs_get_tree(struct fs_context *fsc)
 	struct fuse_conn *fc;
 	int err;
 
+	/* This gets a reference on virtio_fs object. This ptr gets installed
+	 * in fc->iq->priv. Once fuse_conn is going away, it calls ->put()
+	 * to drop the reference to this object.
+	 */
 	fs = virtio_fs_find_instance(fsc->source);
 	if (!fs) {
 		pr_info("virtio-fs: tag <%s> not found\n", fsc->source);
@@ -1067,8 +1099,10 @@ static int virtio_fs_get_tree(struct fs_context *fsc)
 	}
 
 	fc = kzalloc(sizeof(struct fuse_conn), GFP_KERNEL);
-	if (!fc)
+	if (!fc) {
+		virtiofs_put(fs);
 		return -ENOMEM;
+	}
 
 	fuse_conn_init(fc, get_user_ns(current_user_ns()), &virtio_fs_fiq_ops,
 		       fs);
-- 
2.20.1
Vivek Goyal
2019-Sep-05  19:48 UTC
[PATCH 16/18] virtiofs: Use virtio_fs_mutex for races w.r.t ->remove and mount path
It is possible that a mount is in progress and device is being removed at
the same time. Use virtio_fs_mutex to avoid races.
This also takes care of bunch of races and removes some TODO items.
Signed-off-by: Vivek Goyal <vgoyal at redhat.com>
---
 fs/fuse/virtio_fs.c | 32 ++++++++++++++++++++++----------
 1 file changed, 22 insertions(+), 10 deletions(-)
diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c
index 29ec2f5bbbe2..c483482185b6 100644
--- a/fs/fuse/virtio_fs.c
+++ b/fs/fuse/virtio_fs.c
@@ -13,7 +13,9 @@
 #include <linux/highmem.h>
 #include "fuse_i.h"
 
-/* List of virtio-fs device instances and a lock for the list */
+/* List of virtio-fs device instances and a lock for the list. Also provides
+ * mutual exclusion in device removal and mounting path
+ */
 static DEFINE_MUTEX(virtio_fs_mutex);
 static LIST_HEAD(virtio_fs_instances);
 
@@ -72,17 +74,19 @@ static void release_virtiofs_obj(struct kref *ref)
 	kfree(vfs);
 }
 
+/* Make sure virtiofs_mutex is held */
 static void virtiofs_put(struct virtio_fs *fs)
 {
-	mutex_lock(&virtio_fs_mutex);
 	kref_put(&fs->refcount, release_virtiofs_obj);
-	mutex_unlock(&virtio_fs_mutex);
 }
 
 static void virtio_fs_put(struct fuse_iqueue *fiq)
 {
 	struct virtio_fs *vfs = fiq->priv;
+
+	mutex_lock(&virtio_fs_mutex);
 	virtiofs_put(vfs);
+	mutex_unlock(&virtio_fs_mutex);
 }
 
 static void virtio_fs_drain_queue(struct virtio_fs_vq *fsvq)
@@ -596,9 +600,8 @@ static void virtio_fs_remove(struct virtio_device *vdev)
 	struct virtio_fs *fs = vdev->priv;
 
 	mutex_lock(&virtio_fs_mutex);
+	/* This device is going away. No one should get new reference */
 	list_del_init(&fs->list);
-	mutex_unlock(&virtio_fs_mutex);
-
 	virtio_fs_stop_all_queues(fs);
 	virtio_fs_drain_all_queues(fs);
 	vdev->config->reset(vdev);
@@ -607,6 +610,7 @@ static void virtio_fs_remove(struct virtio_device *vdev)
 	vdev->priv = NULL;
 	/* Put device reference on virtio_fs object */
 	virtiofs_put(fs);
+	mutex_unlock(&virtio_fs_mutex);
 }
 
 #ifdef CONFIG_PM_SLEEP
@@ -978,10 +982,15 @@ static int virtio_fs_fill_super(struct super_block *sb)
 		.no_force_umount = true,
 	};
 
-	/* TODO lock */
-	if (fs->vqs[VQ_REQUEST].fud) {
-		pr_err("virtio-fs: device already in use\n");
-		err = -EBUSY;
+	mutex_lock(&virtio_fs_mutex);
+
+	/* After holding mutex, make sure virtiofs device is still there.
+	 * Though we are holding a refernce to it, drive ->remove might
+	 * still have cleaned up virtual queues. In that case bail out.
+	 */
+	err = -EINVAL;
+	if (list_empty(&fs->list)) {
+		pr_info("virtio-fs: tag <%s> not found\n", fs->tag);
 		goto err;
 	}
 
@@ -1007,7 +1016,6 @@ static int virtio_fs_fill_super(struct super_block *sb)
 
 	fc = fs->vqs[VQ_REQUEST].fud->fc;
 
-	/* TODO take fuse_mutex around this loop? */
 	for (i = 0; i < fs->nvqs; i++) {
 		struct virtio_fs_vq *fsvq = &fs->vqs[i];
 
@@ -1020,6 +1028,7 @@ static int virtio_fs_fill_super(struct super_block *sb)
 	/* Previous unmount will stop all queues. Start these again */
 	virtio_fs_start_all_queues(fs);
 	fuse_send_init(fc, init_req);
+	mutex_unlock(&virtio_fs_mutex);
 	return 0;
 
 err_free_init_req:
@@ -1027,6 +1036,7 @@ static int virtio_fs_fill_super(struct super_block *sb)
 err_free_fuse_devs:
 	virtio_fs_free_devs(fs);
 err:
+	mutex_unlock(&virtio_fs_mutex);
 	return err;
 }
 
@@ -1100,7 +1110,9 @@ static int virtio_fs_get_tree(struct fs_context *fsc)
 
 	fc = kzalloc(sizeof(struct fuse_conn), GFP_KERNEL);
 	if (!fc) {
+		mutex_lock(&virtio_fs_mutex);
 		virtiofs_put(fs);
+		mutex_unlock(&virtio_fs_mutex);
 		return -ENOMEM;
 	}
 
-- 
2.20.1
Vivek Goyal
2019-Sep-05  19:48 UTC
[PATCH 17/18] virtiofs: Remove TODO to quiesce/end_requests
We now stop queues and drain all the pending requests from all virtqueues. So this is not a TODO anymore. Got rid of incrementing fc->dev_count as well. It did not seem meaningful for virtio_fs. Signed-off-by: Vivek Goyal <vgoyal at redhat.com> --- fs/fuse/virtio_fs.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c index c483482185b6..eadaea6eb8e2 100644 --- a/fs/fuse/virtio_fs.c +++ b/fs/fuse/virtio_fs.c @@ -208,7 +208,6 @@ static void virtio_fs_free_devs(struct virtio_fs *fs) if (!fsvq->fud) continue; - /* TODO need to quiesce/end_requests/decrement dev_count */ fuse_dev_free(fsvq->fud); fsvq->fud = NULL; } @@ -1022,7 +1021,6 @@ static int virtio_fs_fill_super(struct super_block *sb) if (i == VQ_REQUEST) continue; /* already initialized */ fuse_dev_install(fsvq->fud, fc); - atomic_inc(&fc->dev_count); } /* Previous unmount will stop all queues. Start these again */ -- 2.20.1
Vivek Goyal
2019-Sep-05  19:48 UTC
[PATCH 18/18] virtiofs: Remove TODO item from virtio_fs_free_devs()
virtio_fs_free_devs() is now called from ->kill_sb(). By this time
all device queues have been quiesced. I am assuming that while
->kill_sb() is in progress, another mount instance will wait for
it to finish (sb->s_umount mutex provides mutual exclusion).
W.r.t ->remove path, we should be fine as we are not touching vdev
or virtqueues. And we have reference on virtio_fs object, so we know
rest of the data structures are valid.
So I can't see the need of any additional locking yet.
Signed-off-by: Vivek Goyal <vgoyal at redhat.com>
---
 fs/fuse/virtio_fs.c | 2 --
 1 file changed, 2 deletions(-)
diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c
index eadaea6eb8e2..61aa3eba7b22 100644
--- a/fs/fuse/virtio_fs.c
+++ b/fs/fuse/virtio_fs.c
@@ -200,8 +200,6 @@ static void virtio_fs_free_devs(struct virtio_fs *fs)
 {
 	unsigned int i;
 
-	/* TODO lock */
-
 	for (i = 0; i < fs->nvqs; i++) {
 		struct virtio_fs_vq *fsvq = &fs->vqs[i];
 
-- 
2.20.1
Stefan Hajnoczi
2019-Sep-06  10:40 UTC
[PATCH 01/18] virtiofs: Remove request from processing list before calling end
On Thu, Sep 05, 2019 at 03:48:42PM -0400, Vivek Goyal wrote:> In error path we are calling fuse_request_end() but we need to clear > FR_SENT bit as well as remove request from processing queue. Otherwise > fuse_request_end() triggers a warning as well as other issues show up. > > Signed-off-by: Vivek Goyal <vgoyal at redhat.com> > --- > fs/fuse/virtio_fs.c | 4 ++++ > 1 file changed, 4 insertions(+)Reviewed-by: Stefan Hajnoczi <stefanha at redhat.com> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: <http://lists.linuxfoundation.org/pipermail/virtualization/attachments/20190906/56b00acb/attachment.sig>
Stefan Hajnoczi
2019-Sep-06  10:43 UTC
[PATCH 02/18] virtiofs: Check whether hiprio queue is connected at submission time
On Thu, Sep 05, 2019 at 03:48:43PM -0400, Vivek Goyal wrote:> For hiprio queue (forget requests), we are keeping a state in queue whether > queue is connected or not. If queue is not connected, do not try to submit > request and return error instead. > > As of now, we are checking for this state only in path where worker tries > to submit forget after first attempt failed. Check this state even in > the path when request is being submitted first time. > > Signed-off-by: Vivek Goyal <vgoyal at redhat.com> > --- > fs/fuse/virtio_fs.c | 9 ++++++++- > 1 file changed, 8 insertions(+), 1 deletion(-)Reviewed-by: Stefan Hajnoczi <stefanha at redhat.com> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: <http://lists.linuxfoundation.org/pipermail/virtualization/attachments/20190906/ce1f1c37/attachment.sig>
Stefan Hajnoczi
2019-Sep-06  10:44 UTC
[PATCH 03/18] virtiofs: Pass fsvq instead of vq as parameter to virtio_fs_enqueue_req
On Thu, Sep 05, 2019 at 03:48:44PM -0400, Vivek Goyal wrote:> Pass fsvq instead of vq as parameter to virtio_fs_enqueue_req(). We will > retrieve vq from fsvq under spin lock. > > Later in the patch series we will retrieve vq only if fsvq is still connected > other vq might have been cleaned up by device ->remove code and we will > return error. > > Signed-off-by: Vivek Goyal <vgoyal at redhat.com> > --- > fs/fuse/virtio_fs.c | 9 +++++---- > 1 file changed, 5 insertions(+), 4 deletions(-)Reviewed-by: Stefan Hajnoczi <stefanha at redhat.com> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: <http://lists.linuxfoundation.org/pipermail/virtualization/attachments/20190906/e72af76b/attachment.sig>
Stefan Hajnoczi
2019-Sep-06  10:45 UTC
[PATCH 04/18] virtiofs: Check connected state for VQ_REQUEST queue as well
On Thu, Sep 05, 2019 at 03:48:45PM -0400, Vivek Goyal wrote:> Right now we are checking ->connected state only for VQ_HIPRIO. Now we want > to make use of this method for all queues. So check it for VQ_REQUEST as > well. > > This will be helpful if device has been removed and virtqueue is gone. In > that case ->connected will be false and request can't be submitted anymore > and user space will see error -ENOTCONN. > > Signed-off-by: Vivek Goyal <vgoyal at redhat.com> > --- > fs/fuse/virtio_fs.c | 6 ++++++ > 1 file changed, 6 insertions(+)Reviewed-by: Stefan Hajnoczi <stefanha at redhat.com> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: <http://lists.linuxfoundation.org/pipermail/virtualization/attachments/20190906/99934427/attachment.sig>
Stefan Hajnoczi
2019-Sep-06  10:46 UTC
[PATCH 05/18] Maintain count of in flight requests for VQ_REQUEST queue
On Thu, Sep 05, 2019 at 03:48:46PM -0400, Vivek Goyal wrote:> As of now we maintain this count only for VQ_HIPRIO. Maintain it for > VQ_REQUEST as well so that later it can be used to drain VQ_REQUEST > queue. > > Signed-off-by: Vivek Goyal <vgoyal at redhat.com> > --- > fs/fuse/virtio_fs.c | 4 ++++ > 1 file changed, 4 insertions(+)Reviewed-by: Stefan Hajnoczi <stefanha at redhat.com> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: <http://lists.linuxfoundation.org/pipermail/virtualization/attachments/20190906/99b9b1a3/attachment.sig>
Stefan Hajnoczi
2019-Sep-06  10:47 UTC
[PATCH 06/18] virtiofs: ->remove should not clean virtiofs fuse devices
On Thu, Sep 05, 2019 at 03:48:47PM -0400, Vivek Goyal wrote:> We maintain a fuse device per virt queue. This fuse devices are allocated > and installed during mount time and should be cleaned up when super block > is going away. Device removal should not clean it. Device removal should > stop queues and virtuques can go away. > > Signed-off-by: Vivek Goyal <vgoyal at redhat.com> > --- > fs/fuse/virtio_fs.c | 2 -- > 1 file changed, 2 deletions(-)Reviewed-by: Stefan Hajnoczi <stefanha at redhat.com> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: <http://lists.linuxfoundation.org/pipermail/virtualization/attachments/20190906/69e61ce2/attachment-0001.sig>
Stefan Hajnoczi
2019-Sep-06  10:47 UTC
[PATCH 07/18] virtiofs: Stop virtiofs queues when device is being removed
On Thu, Sep 05, 2019 at 03:48:48PM -0400, Vivek Goyal wrote:> Stop all the virt queues when device is going away. This will ensure that > no new requests are submitted to virtqueue and and request will end with > error -ENOTCONN. > > Signed-off-by: Vivek Goyal <vgoyal at redhat.com> > --- > fs/fuse/virtio_fs.c | 14 ++++++++++++++ > 1 file changed, 14 insertions(+)Reviewed-by: Stefan Hajnoczi <stefanha at redhat.com> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: <http://lists.linuxfoundation.org/pipermail/virtualization/attachments/20190906/3b961768/attachment.sig>
Stefan Hajnoczi
2019-Sep-06  10:52 UTC
[PATCH 08/18] virtiofs: Drain all pending requests during ->remove time
On Thu, Sep 05, 2019 at 03:48:49PM -0400, Vivek Goyal wrote:> +static void virtio_fs_drain_queue(struct virtio_fs_vq *fsvq) > +{ > + WARN_ON(fsvq->in_flight < 0); > + > + /* Wait for in flight requests to finish.*/ > + while (1) { > + spin_lock(&fsvq->lock); > + if (!fsvq->in_flight) { > + spin_unlock(&fsvq->lock); > + break; > + } > + spin_unlock(&fsvq->lock); > + usleep_range(1000, 2000); > + }I think all contexts that call this allow sleeping so we could avoid usleep here. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: <http://lists.linuxfoundation.org/pipermail/virtualization/attachments/20190906/68e571eb/attachment.sig>
Stefan Hajnoczi
2019-Sep-06  10:54 UTC
[PATCH 09/18] virtiofs: Add an helper to start all the queues
On Thu, Sep 05, 2019 at 03:48:50PM -0400, Vivek Goyal wrote:> This just marks are the queues are connected and ready to accept the > request. > > Signed-off-by: Vivek Goyal <vgoyal at redhat.com> > --- > fs/fuse/virtio_fs.c | 19 ++++++++++++++++--- > 1 file changed, 16 insertions(+), 3 deletions(-)Reviewed-by: Stefan Hajnoczi <stefanha at redhat.com> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: <http://lists.linuxfoundation.org/pipermail/virtualization/attachments/20190906/009b44d6/attachment.sig>
Stefan Hajnoczi
2019-Sep-06  10:56 UTC
[PATCH 10/18] virtiofs: Do not use device managed mem for virtio_fs and virtio_fs_vq
On Thu, Sep 05, 2019 at 03:48:51PM -0400, Vivek Goyal wrote:> These data structures should go away when virtio_fs object is going away. > When deivce is going away, we need to just make sure virtqueues can go > away and after that none of the code accesses vq and all the requests > get error. > > So allocate memory for virtio_fs and virtio_fs_vq normally and free it > at right time. > > This patch still frees up memory during device remove time. A later patch > will make virtio_fs object reference counted and this memory will be > freed when last reference to object is dropped. > > Signed-off-by: Vivek Goyal <vgoyal at redhat.com> > --- > fs/fuse/virtio_fs.c | 13 ++++++++----- > 1 file changed, 8 insertions(+), 5 deletions(-)Reviewed-by: Stefan Hajnoczi <stefanha at redhat.com> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: <http://lists.linuxfoundation.org/pipermail/virtualization/attachments/20190906/ee44eded/attachment.sig>
Stefan Hajnoczi
2019-Sep-06  11:50 UTC
[PATCH 11/18] virtiofs: stop and drain queues after sending DESTROY
On Thu, Sep 05, 2019 at 03:48:52PM -0400, Vivek Goyal wrote:> During virtio_kill_sb() we first stop forget queue and drain it and then > call fuse_kill_sb_anon(). This will result in sending DESTROY request to > fuse server. Once finished, stop all the queues and drain one more time > just to be sure and then free up the devices. > > Given drain queues will call flush_work() on various workers, remove this > logic from virtio_free_devs(). > > Signed-off-by: Vivek Goyal <vgoyal at redhat.com> > --- > fs/fuse/virtio_fs.c | 11 ++++++++--- > 1 file changed, 8 insertions(+), 3 deletions(-)Reviewed-by: Stefan Hajnoczi <stefanha at redhat.com> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: <http://lists.linuxfoundation.org/pipermail/virtualization/attachments/20190906/4295714c/attachment.sig>
Stefan Hajnoczi
2019-Sep-06  11:51 UTC
[PATCH 12/18] virtiofs: Use virtio_fs_free_devs() in error path
On Thu, Sep 05, 2019 at 03:48:53PM -0400, Vivek Goyal wrote:> We already have an helper to cleanup fuse devices. Use that instead of > duplicating the code. > > Signed-off-by: Vivek Goyal <vgoyal at redhat.com> > --- > fs/fuse/virtio_fs.c | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-)Reviewed-by: Stefan Hajnoczi <stefanha at redhat.com> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: <http://lists.linuxfoundation.org/pipermail/virtualization/attachments/20190906/9c1baf38/attachment.sig>
Stefan Hajnoczi
2019-Sep-06  11:52 UTC
[PATCH 13/18] virtiofs: Do not access virtqueue in request submission path
On Thu, Sep 05, 2019 at 03:48:54PM -0400, Vivek Goyal wrote:> In request submission path it is possible that virtqueue is already gone > due to driver->remove(). So do not access it in dev_dbg(). Use pr_debug() > instead. > > If virtuqueue is gone, this will result in NULL pointer deference. > > Signed-off-by: Vivek Goyal <vgoyal at redhat.com> > --- > fs/fuse/virtio_fs.c | 8 ++++---- > 1 file changed, 4 insertions(+), 4 deletions(-)Reviewed-by: Stefan Hajnoczi <stefanha at redhat.com> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: <http://lists.linuxfoundation.org/pipermail/virtualization/attachments/20190906/00cc90ff/attachment.sig>
Stefan Hajnoczi
2019-Sep-06  12:00 UTC
[PATCH 14/18] virtiofs: Add a fuse_iqueue operation to put() reference
On Thu, Sep 05, 2019 at 03:48:55PM -0400, Vivek Goyal wrote:> diff --git a/fs/fuse/fuse_i.h b/fs/fuse/fuse_i.h > index 85e2dcad68c1..04e2c000d63f 100644 > --- a/fs/fuse/fuse_i.h > +++ b/fs/fuse/fuse_i.h > @@ -479,6 +479,11 @@ struct fuse_iqueue_ops { > */ > void (*wake_pending_and_unlock)(struct fuse_iqueue *fiq) > __releases(fiq->waitq.lock); > + > + /** > + * Put a reference on fiq_priv.I'm a bit confused about fiq->priv's role in this. The callback takes struct fuse_iqueue *fiq as the argument, not void *priv, so it could theoretically do more than just release priv. I think one of the following would be clearer: /** * Drop a reference to fiq->priv. */ void (*put_priv)(void *priv); Or: /** * Clean up when fuse_iqueue is destroyed. */ void (*release)(struct fuse_iqueue *fiq); In the second case fuse_conn_put() shouldn't check fiq->priv. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: <http://lists.linuxfoundation.org/pipermail/virtualization/attachments/20190906/ded43aaa/attachment.sig>
Stefan Hajnoczi
2019-Sep-06  12:03 UTC
[PATCH 15/18] virtiofs: Make virtio_fs object refcounted
On Thu, Sep 05, 2019 at 03:48:56PM -0400, Vivek Goyal wrote:> This object is used both by fuse_connection as well virt device. So make > this object reference counted and that makes it easy to define life cycle > of the object. > > Now deivce can be removed while filesystem is still mounted. This will > cleanup all the virtqueues but virtio_fs object will still be around and > will be cleaned when filesystem is unmounted and sb/fc drops its reference. > > Removing a device also stops all virt queues and any new reuqest gets > error -ENOTCONN. All existing in flight requests are drained before > ->remove returns. > > Signed-off-by: Vivek Goyal <vgoyal at redhat.com> > --- > fs/fuse/virtio_fs.c | 52 +++++++++++++++++++++++++++++++++++++-------- > 1 file changed, 43 insertions(+), 9 deletions(-) > > diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c > index 01bbf2c0e144..29ec2f5bbbe2 100644 > --- a/fs/fuse/virtio_fs.c > +++ b/fs/fuse/virtio_fs.c > @@ -37,6 +37,7 @@ struct virtio_fs_vq { > > /* A virtio-fs device instance */ > struct virtio_fs { > + struct kref refcount; > struct list_head list; /* on virtio_fs_instances */ > char *tag; > struct virtio_fs_vq *vqs; > @@ -63,6 +64,27 @@ static inline struct fuse_pqueue *vq_to_fpq(struct virtqueue *vq) > return &vq_to_fsvq(vq)->fud->pq; > } > > +static void release_virtiofs_obj(struct kref *ref) > +{ > + struct virtio_fs *vfs = container_of(ref, struct virtio_fs, refcount); > + > + kfree(vfs->vqs); > + kfree(vfs); > +} > + > +static void virtiofs_put(struct virtio_fs *fs)Why do the two function names above contain "virtiofs" instead of "virtio_fs"? I'm not sure if this is intentional and is supposed to mean something, but it's confusing.> +{ > + mutex_lock(&virtio_fs_mutex); > + kref_put(&fs->refcount, release_virtiofs_obj); > + mutex_unlock(&virtio_fs_mutex); > +} > + > +static void virtio_fs_put(struct fuse_iqueue *fiq)Minor issue: this function name is confusingly similar to virtiofs_put(). Please rename to virtio_fs_fiq_put(). -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: <http://lists.linuxfoundation.org/pipermail/virtualization/attachments/20190906/5c6bdb1e/attachment.sig>
Stefan Hajnoczi
2019-Sep-06  12:05 UTC
[PATCH 16/18] virtiofs: Use virtio_fs_mutex for races w.r.t ->remove and mount path
On Thu, Sep 05, 2019 at 03:48:57PM -0400, Vivek Goyal wrote:> It is possible that a mount is in progress and device is being removed at > the same time. Use virtio_fs_mutex to avoid races. > > This also takes care of bunch of races and removes some TODO items. > > Signed-off-by: Vivek Goyal <vgoyal at redhat.com> > --- > fs/fuse/virtio_fs.c | 32 ++++++++++++++++++++++---------- > 1 file changed, 22 insertions(+), 10 deletions(-)Let's move to a per-device mutex in the future. That way a single device that fails to drain/complete requests will not hang all other virtio-fs instances. This is fine for now. Reviewed-by: Stefan Hajnoczi <stefanha at redhat.com> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: <http://lists.linuxfoundation.org/pipermail/virtualization/attachments/20190906/5320670d/attachment.sig>
Stefan Hajnoczi
2019-Sep-06  12:06 UTC
[PATCH 17/18] virtiofs: Remove TODO to quiesce/end_requests
On Thu, Sep 05, 2019 at 03:48:58PM -0400, Vivek Goyal wrote:> We now stop queues and drain all the pending requests from all virtqueues. > So this is not a TODO anymore. > > Got rid of incrementing fc->dev_count as well. It did not seem meaningful > for virtio_fs. > > Signed-off-by: Vivek Goyal <vgoyal at redhat.com> > --- > fs/fuse/virtio_fs.c | 2 -- > 1 file changed, 2 deletions(-)Reviewed-by: Stefan Hajnoczi <stefanha at redhat.com> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: <http://lists.linuxfoundation.org/pipermail/virtualization/attachments/20190906/8721b5fc/attachment.sig>
Stefan Hajnoczi
2019-Sep-06  12:06 UTC
[PATCH 18/18] virtiofs: Remove TODO item from virtio_fs_free_devs()
On Thu, Sep 05, 2019 at 03:48:59PM -0400, Vivek Goyal wrote:> virtio_fs_free_devs() is now called from ->kill_sb(). By this time > all device queues have been quiesced. I am assuming that while > ->kill_sb() is in progress, another mount instance will wait for > it to finish (sb->s_umount mutex provides mutual exclusion). > > W.r.t ->remove path, we should be fine as we are not touching vdev > or virtqueues. And we have reference on virtio_fs object, so we know > rest of the data structures are valid. > > So I can't see the need of any additional locking yet. > > Signed-off-by: Vivek Goyal <vgoyal at redhat.com> > --- > fs/fuse/virtio_fs.c | 2 -- > 1 file changed, 2 deletions(-)Reviewed-by: Stefan Hajnoczi <stefanha at redhat.com> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: <http://lists.linuxfoundation.org/pipermail/virtualization/attachments/20190906/9a35fa32/attachment.sig>
Michael S. Tsirkin
2019-Sep-06  13:37 UTC
[PATCH 00/18] virtiofs: Fix various races and cleanups round 1
On Thu, Sep 05, 2019 at 03:48:41PM -0400, Vivek Goyal wrote:> Hi, > > Michael Tsirkin pointed out issues w.r.t various locking related TODO > items and races w.r.t device removal. > > In this first round of cleanups, I have taken care of most pressing > issues. > > These patches apply on top of following. > > git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git#virtiofs-v4 > > I have tested these patches with mount/umount and device removal using > qemu monitor. For example. > > virsh qemu-monitor-command --hmp vm9-f28 device_del myvirtiofs > > Now a mounted device can be removed and file system will return errors > -ENOTCONN and one can unmount it. > > Miklos, if you are fine with the patches, I am fine if you fold these > all into existing patch. I kept them separate so that review is easier. > > Any feedback or comments are welcome. > > Thanks > Vivek >Another version of a patch with fixes all rolled in would also be nice.> Vivek Goyal (18): > virtiofs: Remove request from processing list before calling end > virtiofs: Check whether hiprio queue is connected at submission time > virtiofs: Pass fsvq instead of vq as parameter to > virtio_fs_enqueue_req > virtiofs: Check connected state for VQ_REQUEST queue as well > Maintain count of in flight requests for VQ_REQUEST queue > virtiofs: ->remove should not clean virtiofs fuse devices > virtiofs: Stop virtiofs queues when device is being removed > virtiofs: Drain all pending requests during ->remove time > virtiofs: Add an helper to start all the queues > virtiofs: Do not use device managed mem for virtio_fs and virtio_fs_vq > virtiofs: stop and drain queues after sending DESTROY > virtiofs: Use virtio_fs_free_devs() in error path > virtiofs: Do not access virtqueue in request submission path > virtiofs: Add a fuse_iqueue operation to put() reference > virtiofs: Make virtio_fs object refcounted > virtiofs: Use virtio_fs_mutex for races w.r.t ->remove and mount path > virtiofs: Remove TODO to quiesce/end_requests > virtiofs: Remove TODO item from virtio_fs_free_devs() > > fs/fuse/fuse_i.h | 5 + > fs/fuse/inode.c | 6 + > fs/fuse/virtio_fs.c | 259 ++++++++++++++++++++++++++++++++------------ > 3 files changed, 198 insertions(+), 72 deletions(-) > > -- > 2.20.1
Vivek Goyal
2019-Sep-09  15:35 UTC
[Virtio-fs] [PATCH 15/18] virtiofs: Make virtio_fs object refcounted
On Sun, Sep 08, 2019 at 07:10:03PM +0800, piaojun wrote:> > > On 2019/9/6 3:48, Vivek Goyal wrote: > > This object is used both by fuse_connection as well virt device. So make > > this object reference counted and that makes it easy to define life cycle > > of the object. > > > > Now deivce can be removed while filesystem is still mounted. This will > > cleanup all the virtqueues but virtio_fs object will still be around and > > will be cleaned when filesystem is unmounted and sb/fc drops its reference. > > > > Removing a device also stops all virt queues and any new reuqest gets > > error -ENOTCONN. All existing in flight requests are drained before > > ->remove returns. > > > > Signed-off-by: Vivek Goyal <vgoyal at redhat.com> > > --- > > fs/fuse/virtio_fs.c | 52 +++++++++++++++++++++++++++++++++++++-------- > > 1 file changed, 43 insertions(+), 9 deletions(-) > > > > diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c > > index 01bbf2c0e144..29ec2f5bbbe2 100644 > > --- a/fs/fuse/virtio_fs.c > > +++ b/fs/fuse/virtio_fs.c > > @@ -37,6 +37,7 @@ struct virtio_fs_vq { > > > > /* A virtio-fs device instance */ > > struct virtio_fs { > > + struct kref refcount; > > struct list_head list; /* on virtio_fs_instances */ > > char *tag; > > struct virtio_fs_vq *vqs; > > @@ -63,6 +64,27 @@ static inline struct fuse_pqueue *vq_to_fpq(struct virtqueue *vq) > > return &vq_to_fsvq(vq)->fud->pq; > > } > > > > +static void release_virtiofs_obj(struct kref *ref) > > +{ > > + struct virtio_fs *vfs = container_of(ref, struct virtio_fs, refcount); > > + > > + kfree(vfs->vqs); > > + kfree(vfs); > > +} > > + > > +static void virtio_fs_put(struct virtio_fs *fs) > > +{ > > + mutex_lock(&virtio_fs_mutex); > > + kref_put(&fs->refcount, release_virtiofs_obj); > > + mutex_unlock(&virtio_fs_mutex); > > +} > > + > > +static void virtio_fs_put(struct fuse_iqueue *fiq) > > +{ > > + struct virtio_fs *vfs = fiq->priv; > > + virtiofs_put(vfs); > > +} > > It's a little confusing that virtiofs_put() looks like virtiofs_put(), > and could we use __virtio_fs_put to replace virtio_fs_put?Fixed this in follow up patch I posted. https://www.redhat.com/archives/virtio-fs/2019-September/msg00091.html Vivek
Reasonably Related Threads
- [PATCH 15/18] virtiofs: Make virtio_fs object refcounted
- [PATCH 00/18] virtiofs: Fix various races and cleanups round 1
- [PATCH 16/18] virtiofs: Use virtio_fs_mutex for races w.r.t ->remove and mount path
- [PATCH 16/18] virtiofs: Use virtio_fs_mutex for races w.r.t ->remove and mount path
- [PATCH 15/18] virtiofs: Make virtio_fs object refcounted