freeze_bdev: don't deactivate successfully frozen MS_RDONLY sb

Thanks Thomas and Christoph for testing and review. I removed 'smp_wmb()' before up_write from the previous patch, since up_write() should have necessary ordering constraints. (I.e. the change of s_frozen is visible to others after up_write) I'm quite sure the change is harmless but if you are uncomfortable with Tested-by/Reviewed-by on the modified patch, please remove them. If MS_RDONLY, freeze_bdev should just up_write(s_umount) instead of deactivate_locked_super(). Also, keep sb->s_frozen consistent so that remount can check the frozen state. Otherwise a crash reported here can happen: http://lkml.org/lkml/2010/1/16/37 http://lkml.org/lkml/2010/1/28/53 This patch should be applied for 2.6.32 stable series, too. Reviewed-by: Christoph Hellwig <hch@lst.de> Tested-by: Thomas Backlund <tmb@mandriva.org> Signed-off-by: Jun'ichi Nomura <j-nomura@ce.jp.nec.com> Cc: stable@kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

freeze_bdev: don't deactivate successfully frozen MS_RDONLY sb
Thanks Thomas and Christoph for testing and review. I removed 'smp_wmb()' before up_write from the previous patch, since up_write() should have necessary ordering constraints. (I.e. the change of s_frozen is visible to others after up_write) I'm quite sure the change is harmless but if you are uncomfortable with Tested-by/Reviewed-by on the modified patch, please remove them. If MS_RDONLY, freeze_bdev should just up_write(s_umount) instead of deactivate_locked_super(). Also, keep sb->s_frozen consistent so that remount can check the frozen state. Otherwise a crash reported here can happen: http://lkml.org/lkml/2010/1/16/37 http://lkml.org/lkml/2010/1/28/53 This patch should be applied for 2.6.32 stable series, too. Reviewed-by: Christoph Hellwig <hch@lst.de> Tested-by: Thomas Backlund <tmb@mandriva.org> Signed-off-by: Jun'ichi Nomura <j-nomura@ce.jp.nec.com> Cc: stable@kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Jun'ichi Nomura · Al Viro
1 parent 8dd5ca532c
Showing 1 changed file with 4 additions and 3 deletions Side-by-side Diff
fs/block_dev.c
@@ -246,7 +246,8 @@
 	if (!sb)
 		goto out;
 	if (sb->s_flags & MS_RDONLY) {
-		deactivate_locked_super(sb);
+		sb->s_frozen = SB_FREEZE_TRANS;
+		up_write(&sb->s_umount);
 		mutex_unlock(&bdev->bd_fsfreeze_mutex);
 		return sb;
 	}
@@ -307,7 +308,7 @@
 	BUG_ON(sb->s_bdev != bdev);
 	down_write(&sb->s_umount);
 	if (sb->s_flags & MS_RDONLY)
-		goto out_deactivate;
+		goto out_unfrozen;
  
 	if (sb->s_op->unfreeze_fs) {
 		error = sb->s_op->unfreeze_fs(sb);
  
@@ -321,11 +322,11 @@
 		}
 	}
  
+out_unfrozen:
 	sb->s_frozen = SB_UNFROZEN;
 	smp_wmb();
 	wake_up(&sb->s_wait_unfrozen);
  
-out_deactivate:
 	if (sb)
 		deactivate_locked_super(sb);
 out_unlock:
...	...	@@ -246,7 +246,8 @@
246	246	if (!sb)
247	247	goto out;
248	248	if (sb->s_flags & MS_RDONLY) {
249		- deactivate_locked_super(sb);
	249	+ sb->s_frozen = SB_FREEZE_TRANS;
	250	+ up_write(&sb->s_umount);
250	251	mutex_unlock(&bdev->bd_fsfreeze_mutex);
251	252	return sb;
252	253	}
...	...	@@ -307,7 +308,7 @@
307	308	BUG_ON(sb->s_bdev != bdev);
308	309	down_write(&sb->s_umount);
309	310	if (sb->s_flags & MS_RDONLY)
310		- goto out_deactivate;
	311	+ goto out_unfrozen;
311	312
312	313	if (sb->s_op->unfreeze_fs) {
313	314	error = sb->s_op->unfreeze_fs(sb);
314	315
...	...	@@ -321,11 +322,11 @@
321	322	}
322	323	}
323	324
	325	+out_unfrozen:
324	326	sb->s_frozen = SB_UNFROZEN;
325	327	smp_wmb();
326	328	wake_up(&sb->s_wait_unfrozen);
327	329
328		-out_deactivate:
329	330	if (sb)
330	331	deactivate_locked_super(sb);
331	332	out_unlock: