01 Nov, 2011
1 commit
-
Introduce DM_TARGET_IMMUTABLE to indicate that the target type cannot be mixed
with any other target type, and once loaded into a device, it cannot be
replaced with a table containing a different type.The thin provisioning pool device will use this.
Signed-off-by: Alasdair G Kergon
02 Aug, 2011
4 commits
-
Exactly one of name, uuid or device must be specified when referencing
an existing device. This removes the ambiguity (risking the wrong
device being updated) if two conflicting parameters were specified.
Previously one parameter got used and any others were ignored silently.Signed-off-by: Mikulas Patocka
Signed-off-by: Alasdair G Kergon -
Move logic to find device based on major/minor number to a separate
function __get_dev_cell (similar to __get_uuid_cell and __get_name_cell).
This makes the function __find_device_hash_cell more straightforward.Signed-off-by: Mikulas Patocka
Signed-off-by: Alasdair G Kergon -
Move parameter filling from find_device to __find_device_hash_cell.
This patch causes ioctls using __find_device_hash_cell
(DM_DEV_REMOVE_CMD, DM_DEV_SUSPEND_CMD - resume, DM_TABLE_CLEAR_CMD)
to return device parameters, bringing them into line with the other
ioctls.Signed-off-by: Mikulas Patocka
Signed-off-by: Alasdair G Kergon -
Detect invalid empty messages in core dm instead of requiring every target to
check this.Signed-off-by: Alasdair G Kergon
24 Mar, 2011
2 commits
-
Add DM_SECURE_DATA_FLAG which userspace can use to ensure
that all buffers allocated for dm-ioctl are wiped
immediately after use.The user buffer is wiped as well (we do not want to keep
and return sensitive data back to userspace if the flag is set).Wiping is useful for cryptsetup to ensure that the key
is present in memory only in defined places and only
for the time needed.(For crypt, key can be present in table during load or table
status, wait and message commands).Signed-off-by: Milan Broz
Signed-off-by: Alasdair G Kergon -
Prepare code for implementing buffer wipe flag.
No functional change in this patch.Signed-off-by: Milan Broz
Acked-by: Mike Snitzer
Signed-off-by: Alasdair G Kergon
14 Jan, 2011
2 commits
-
The device-mapper should not send warning messages to syslog
if a device is not found. This can be done by userspace
according to the returned dm-ioctl error code.So move these messages to debug level and use rate limiting
to not flood syslog.Signed-off-by: Milan Broz
Signed-off-by: Alasdair G Kergon -
Allow the uuid of a mapped device to be set after device creation.
Previously the uuid (which is optional) could only be set by
DM_DEV_CREATE. If no uuid was supplied it could not be set later.Sometimes it's necessary to create the device before the uuid is known,
and in such cases the uuid must be filled in after the creation.This patch extends DM_DEV_RENAME to accept a uuid accompanied by
a new flag DM_UUID_FLAG. This can only be done once and if no
uuid was previously supplied. It cannot be used to change an
existing uuid.DM_VERSION_MINOR is also bumped to 19 to indicate this interface
extension is available.Signed-off-by: Peter Jones
Signed-off-by: Jonathan Brassow
Signed-off-by: Alasdair G Kergon
15 Oct, 2010
1 commit
-
All file_operations should get a .llseek operation so we can make
nonseekable_open the default for future file operations without a
.llseek pointer.The three cases that we can automatically detect are no_llseek, seq_lseek
and default_llseek. For cases where we can we can automatically prove that
the file offset is always ignored, we use noop_llseek, which maintains
the current behavior of not returning an error from a seek.New drivers should normally not use noop_llseek but instead use no_llseek
and call nonseekable_open at open time. Existing drivers can be converted
to do the same when the maintainer knows for certain that no user code
relies on calling seek on the device file.The generated code is often incorrectly indented and right now contains
comments that clarify for each added line why a specific variant was
chosen. In the version that gets submitted upstream, the comments will
be gone and I will manually fix the indentation, because there does not
seem to be a way to do that using coccinelle.Some amount of new code is currently sitting in linux-next that should get
the same modifications, which I will do at the end of the merge window.Many thanks to Julia Lawall for helping me learn to write a semantic
patch that does all this.===== begin semantic patch =====
// This adds an llseek= method to all file operations,
// as a preparation for making no_llseek the default.
//
// The rules are
// - use no_llseek explicitly if we do nonseekable_open
// - use seq_lseek for sequential files
// - use default_llseek if we know we access f_pos
// - use noop_llseek if we know we don't access f_pos,
// but we still want to allow users to call lseek
//
@ open1 exists @
identifier nested_open;
@@
nested_open(...)
{}
@ open exists@
identifier open_f;
identifier i, f;
identifier open1.nested_open;
@@
int open_f(struct inode *i, struct file *f)
{}
@ read disable optional_qualifier exists @
identifier read_f;
identifier f, p, s, off;
type ssize_t, size_t, loff_t;
expression E;
identifier func;
@@
ssize_t read_f(struct file *f, char *p, size_t s, loff_t *off)
{}
@ read_no_fpos disable optional_qualifier exists @
identifier read_f;
identifier f, p, s, off;
type ssize_t, size_t, loff_t;
@@
ssize_t read_f(struct file *f, char *p, size_t s, loff_t *off)
{
... when != off
}@ write @
identifier write_f;
identifier f, p, s, off;
type ssize_t, size_t, loff_t;
expression E;
identifier func;
@@
ssize_t write_f(struct file *f, const char *p, size_t s, loff_t *off)
{}
@ write_no_fpos @
identifier write_f;
identifier f, p, s, off;
type ssize_t, size_t, loff_t;
@@
ssize_t write_f(struct file *f, const char *p, size_t s, loff_t *off)
{
... when != off
}@ fops0 @
identifier fops;
@@
struct file_operations fops = {
...
};@ has_llseek depends on fops0 @
identifier fops0.fops;
identifier llseek_f;
@@
struct file_operations fops = {
...
.llseek = llseek_f,
...
};@ has_read depends on fops0 @
identifier fops0.fops;
identifier read_f;
@@
struct file_operations fops = {
...
.read = read_f,
...
};@ has_write depends on fops0 @
identifier fops0.fops;
identifier write_f;
@@
struct file_operations fops = {
...
.write = write_f,
...
};@ has_open depends on fops0 @
identifier fops0.fops;
identifier open_f;
@@
struct file_operations fops = {
...
.open = open_f,
...
};// use no_llseek if we call nonseekable_open
////////////////////////////////////////////
@ nonseekable1 depends on !has_llseek && has_open @
identifier fops0.fops;
identifier nso ~= "nonseekable_open";
@@
struct file_operations fops = {
... .open = nso, ...
+.llseek = no_llseek, /* nonseekable */
};@ nonseekable2 depends on !has_llseek @
identifier fops0.fops;
identifier open.open_f;
@@
struct file_operations fops = {
... .open = open_f, ...
+.llseek = no_llseek, /* open uses nonseekable */
};// use seq_lseek for sequential files
/////////////////////////////////////
@ seq depends on !has_llseek @
identifier fops0.fops;
identifier sr ~= "seq_read";
@@
struct file_operations fops = {
... .read = sr, ...
+.llseek = seq_lseek, /* we have seq_read */
};// use default_llseek if there is a readdir
///////////////////////////////////////////
@ fops1 depends on !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
identifier fops0.fops;
identifier readdir_e;
@@
// any other fop is used that changes pos
struct file_operations fops = {
... .readdir = readdir_e, ...
+.llseek = default_llseek, /* readdir is present */
};// use default_llseek if at least one of read/write touches f_pos
/////////////////////////////////////////////////////////////////
@ fops2 depends on !fops1 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
identifier fops0.fops;
identifier read.read_f;
@@
// read fops use offset
struct file_operations fops = {
... .read = read_f, ...
+.llseek = default_llseek, /* read accesses f_pos */
};@ fops3 depends on !fops1 && !fops2 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
identifier fops0.fops;
identifier write.write_f;
@@
// write fops use offset
struct file_operations fops = {
... .write = write_f, ...
+ .llseek = default_llseek, /* write accesses f_pos */
};// Use noop_llseek if neither read nor write accesses f_pos
///////////////////////////////////////////////////////////@ fops4 depends on !fops1 && !fops2 && !fops3 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
identifier fops0.fops;
identifier read_no_fpos.read_f;
identifier write_no_fpos.write_f;
@@
// write fops use offset
struct file_operations fops = {
...
.write = write_f,
.read = read_f,
...
+.llseek = noop_llseek, /* read and write both use no f_pos */
};@ depends on has_write && !has_read && !fops1 && !fops2 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
identifier fops0.fops;
identifier write_no_fpos.write_f;
@@
struct file_operations fops = {
... .write = write_f, ...
+.llseek = noop_llseek, /* write uses no f_pos */
};@ depends on has_read && !has_write && !fops1 && !fops2 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
identifier fops0.fops;
identifier read_no_fpos.read_f;
@@
struct file_operations fops = {
... .read = read_f, ...
+.llseek = noop_llseek, /* read uses no f_pos */
};@ depends on !has_read && !has_write && !fops1 && !fops2 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
identifier fops0.fops;
@@
struct file_operations fops = {
...
+.llseek = noop_llseek, /* no read or write fn */
};
===== End semantic patch =====Signed-off-by: Arnd Bergmann
Cc: Julia Lawall
Cc: Christoph Hellwig
12 Aug, 2010
10 commits
-
Add devname:mapper/control and MAPPER_CTRL_MINOR module alias
to support dm-mod module autoloading.Signed-off-by: Kay Sievers
Signed-off-by: Peter Rajnoha
Signed-off-by: Alasdair G Kergon -
This change unifies the various checks and finalization that occurs on a
table prior to use. By doing so, it allows table construction without
traversing the dm-ioctl interface.Signed-off-by: Will Drewry
Signed-off-by: Alasdair G Kergon -
Change bio-based mapped devices no longer to have a fully initialized
request_queue (request_fn, elevator, etc). This means bio-based DM
devices no longer register elevator sysfs attributes ('iosched/' tree
or 'scheduler' other than "none").In contrast, a request-based DM device will continue to have a full
request_queue and will register elevator sysfs attributes. Therefore
a user can determine a DM device's type by checking if elevator sysfs
attributes exist.First allocate a minimalist request_queue structure for a DM device
(needed for both bio and request-based DM).Initialization of a full request_queue is deferred until it is known
that the DM device is request-based, at the end of the table load
sequence.Factor DM device's request_queue initialization:
- common to both request-based and bio-based into dm_init_md_queue().
- specific to request-based into dm_init_request_based_queue().The md->type_lock mutex is used to protect md->queue, in addition to
md->type, during table_load().A DM device's first table_load will establish the immutable md->type.
But md->queue initialization, based on md->type, may fail at that time
(because blk_init_allocated_queue cannot allocate memory). Therefore
any subsequent table_load must (re)try dm_setup_md_queue independently of
establishing md->type.Signed-off-by: Mike Snitzer
Acked-by: Kiyoshi Ueda
Signed-off-by: Alasdair G Kergon -
Determine whether a mapped device is bio-based or request-based when
loading its first (inactive) table and don't allow that to be changed
later.This patch performs different device initialisation in each of the two
cases. (We don't think it's necessary to add code to support changing
between the two types.)Allowed md->type transitions:
DM_TYPE_NONE to DM_TYPE_BIO_BASED
DM_TYPE_NONE to DM_TYPE_REQUEST_BASEDWe now prevent table_load from replacing the inactive table with a
conflicting type of table even after an explicit table_clear.Introduce 'type_lock' into the struct mapped_device to protect md->type
and to prepare for the next patch that will change the queue
initialization and allocate memory while md->type_lock is held.Signed-off-by: Mike Snitzer
Acked-by: Kiyoshi Ueda
Signed-off-by: Alasdair G Kergondrivers/md/dm-ioctl.c | 15 +++++++++++++++
drivers/md/dm.c | 37 ++++++++++++++++++++++++++++++-------
drivers/md/dm.h | 5 +++++
include/linux/dm-ioctl.h | 4 ++--
4 files changed, 52 insertions(+), 9 deletions(-) -
The dm control device does not implement read/write, so it has no use for
seeking. Using no_llseek prevents falling back to default_llseek, which
requires the BKL.Signed-off-by: Arnd Bergmann
Signed-off-by: Frederic Weisbecker
Signed-off-by: Andrew Morton
Signed-off-by: Alasdair G Kergon -
This patch separates the device deletion code from dm_put()
to make sure the deletion happens in the process context.By this patch, device deletion always occurs in an ioctl (process)
context and dm_put() can be called in interrupt context.
As a result, the request-based dm's bad dm_put() usage pointed out
by Mikulas below disappears.
http://marc.info/?l=dm-devel&m=126699981019735&w=2Without this patch, I confirmed there is a case to crash the system:
dm_put() => dm_table_destroy() => vfree() => BUG_ON(in_interrupt())Some more backgrounds and details:
In request-based dm, a device opener can remove a mapped_device
while the last request is still completing, because bios in the last
request complete first and then the device opener can close and remove
the mapped_device before the last request completes:
CPU0 CPU1
=================================================================
<>
blk_end_request_all(clone_rq)
blk_update_request(clone_rq)
bio_endio(clone_bio) == end_clone_bio
blk_update_request(orig_rq)
bio_endio(orig_bio)
<>
dm_blk_close()
dev_remove()
dm_put(md)
<>
blk_finish_request(clone_rq)
....
dm_end_request(clone_rq)
free_rq_clone(clone_rq)
blk_end_request_all(orig_rq)
rq_completed(md)So request-based dm used dm_get()/dm_put() to hold md for each I/O
until its request completion handling is fully done.
However, the final dm_put() can call the device deletion code which
must not be run in interrupt context and may cause kernel panic.To solve the problem, this patch moves the device deletion code,
dm_destroy(), to predetermined places that is actually deleting
the mapped_device in ioctl (process) context, and changes dm_put()
just to decrement the reference count of the mapped_device.
By this change, dm_put() can be used in any context and the symmetric
model below is introduced:
dm_create(): create a mapped_device
dm_destroy(): destroy a mapped_device
dm_get(): increment the reference count of a mapped_device
dm_put(): decrement the reference count of a mapped_devicedm_destroy() waits for all references of the mapped_device to disappear,
then deletes the mapped_device.dm_destroy() uses active waiting with msleep(1), since deleting
the mapped_device isn't performance-critical task.
And since at this point, nobody opens the mapped_device and no new
reference will be taken, the pending counts are just for racing
completing activity and will eventually decrease to zero.For the unlikely case of the forced module unload, dm_destroy_immediate(),
which doesn't wait and forcibly deletes the mapped_device, is also
introduced and used in dm_hash_remove_all(). Otherwise, "rmmod -f"
may be stuck and never return.
And now, because the mapped_device is deleted at this point, subsequent
accesses to the mapped_device may cause NULL pointer references.Cc: stable@kernel.org
Signed-off-by: Kiyoshi Ueda
Signed-off-by: Jun'ichi Nomura
Signed-off-by: Alasdair G Kergon -
This patch changes dm_hash_remove_all() to release _hash_lock when
removing a device. After removing the device, dm_hash_remove_all()
takes _hash_lock and searches the hash from scratch again.This patch is a preparation for the next patch, which changes device
deletion code to wait for md reference to be 0. Without this patch,
the wait in the next patch may cause AB-BA deadlock:
CPU0 CPU1
-----------------------------------------------------------------------
dm_hash_remove_all()
down_write(_hash_lock)
table_status()
md = find_device()
dm_get(md)
holders>
dm_get_live_or_inactive_table()
dm_get_inactive_table()
down_write(_hash_lock)
holders to be 0>Signed-off-by: Kiyoshi Ueda
Signed-off-by: Jun'ichi Nomura
Cc: stable@kernel.org
Signed-off-by: Alasdair G Kergon -
All the dm ioctls that generate uevents set the DM_UEVENT_GENERATED flag so
that userspace knows whether or not to wait for a uevent to be processed
before continuing,The dm rename ioctl sets this flag but was not structured to return it
to userspace. This patch restructures the rename ioctl processing to
behave like the other ioctls that return data and so fix this.Signed-off-by: Peter Rajnoha
Signed-off-by: Alasdair G Kergon -
__dev_status() cannot fail so make it void and simplify callers.
Signed-off-by: Alasdair G Kergon
-
Remove useless __dev_status call while processing an ioctl that sets up
device geometry and target message. The data is not returned to
userspace so there is no point collecting it and in the case of
target_message it is collected before processing the message so if it
did return it might be stale.Signed-off-by: Peter Rajnoha
Signed-off-by: Alasdair G Kergon
06 Mar, 2010
2 commits
-
Set a new DM_UEVENT_GENERATED_FLAG when returning from ioctls to
indicate that a uevent was actually generated. This tells the userspace
caller that it may need to wait for the event to be processed.Signed-off-by: Peter Rajnoha
Signed-off-by: Alasdair G Kergon -
Only issue a uevent on a resume if the state of the device changed,
i.e. if it was suspended and/or its table was replaced.Signed-off-by: Dave Wysochanski
Signed-off-by: Mike Snitzer
Cc: stable@kernel.org
Signed-off-by: Alasdair G Kergon
11 Dec, 2009
7 commits
-
This patch renames dm_suspended() to dm_suspended_md() and
keeps it internal to dm.
No functional change.Signed-off-by: Kiyoshi Ueda
Signed-off-by: Jun'ichi Nomura
Cc: Mike Anderson
Signed-off-by: Alasdair G Kergon -
When swapping a new table into place, retain the old table until
its replacement is in place.An old check for an empty table is removed because this is enforced
in populate_table().__unbind() becomes redundant when followed by __bind().
Signed-off-by: Alasdair G Kergon
-
Add the flag DM_QUERY_INACTIVE_TABLE_FLAG to the ioctls to return
infomation about the loaded-but-not-yet-active table instead of the live
table. Prior to this patch it was impossible to obtain this information
until the device had been 'resumed'.Userspace dmsetup and libdevmapper support the flag as of version 1.02.40.
e.g. dmsetup info --inactive vg1-lv1Signed-off-by: Mike Snitzer
Signed-off-by: Alasdair G Kergon -
Once we begin deleting a device, prevent any further messages being sent
to targets of its table (to avoid races).Signed-off-by: Mike Anderson
Signed-off-by: Alasdair G Kergon -
Rename dm_get_table to dm_get_live_table.
Signed-off-by: Alasdair G Kergon
-
strlcpy() will always null terminate the string.
The code should already guarantee this as the last bytes are already
NULs and the string lengths were restricted before being stored in
hc. Removing the '-1' becomes necessary so strlcpy() doesn't
lose the last character of a maximum-length string.
- agkSigned-off-by: Roel Kluin
Signed-off-by: Andrew Morton
Signed-off-by: Alasdair G Kergon -
Fix a reported deadlock if there are still unprocessed multipath events
on a device that is being removed._hash_lock is held during dev_remove while trying to send the
outstanding events. Sending the events requests the _hash_lock
again in dm_copy_name_and_uuid.This patch introduces a separate lock around regions that modify the
link to the hash table (dm_set_mdptr) or the name or uuid so that
dm_copy_name_and_uuid no longer needs _hash_lock.Additionally, dm_copy_name_and_uuid can only be called if md exists
so we can drop the dm_get() and dm_put() which can lead to a BUG()
while md is being freed.The deadlock:
#0 [ffff8106298dfb48] schedule at ffffffff80063035
#1 [ffff8106298dfc20] __down_read at ffffffff8006475d
#2 [ffff8106298dfc60] dm_copy_name_and_uuid at ffffffff8824f740
#3 [ffff8106298dfc90] dm_send_uevents at ffffffff88252685
#4 [ffff8106298dfcd0] event_callback at ffffffff8824c678
#5 [ffff8106298dfd00] dm_table_event at ffffffff8824dd01
#6 [ffff8106298dfd10] __hash_remove at ffffffff882507ad
#7 [ffff8106298dfd30] dev_remove at ffffffff88250865
#8 [ffff8106298dfd60] ctl_ioctl at ffffffff88250d80
#9 [ffff8106298dfee0] do_ioctl at ffffffff800418c4
#10 [ffff8106298dff00] vfs_ioctl at ffffffff8002fab9
#11 [ffff8106298dff40] sys_ioctl at ffffffff8004bdaf
#12 [ffff8106298dff80] tracesys at ffffffff8005d28d (via system_call)Cc: stable@kernel.org
Reported-by: guy keren
Signed-off-by: Mikulas Patocka
Signed-off-by: Alasdair G Kergon
20 Sep, 2009
1 commit
-
This allows subsytems to provide devtmpfs with non-default permissions
for the device node. Instead of the default mode of 0600, null, zero,
random, urandom, full, tty, ptmx now have a mode of 0666, which allows
non-privileged processes to access standard device nodes in case no
other userspace process applies the expected permissions.This also fixes a wrong assignment in pktcdvd and a checkpatch.pl complain.
Signed-off-by: Kay Sievers
Signed-off-by: Greg Kroah-Hartman
22 Jun, 2009
2 commits
-
This patch enables request-based dm.
o Request-based dm and bio-based dm coexist, since there are
some target drivers which are more fitting to bio-based dm.
Also, there are other bio-based devices in the kernel
(e.g. md, loop).
Since bio-based device can't receive struct request,
there are some limitations on device stacking between
bio-based and request-based.type of underlying device
bio-based request-based
----------------------------------------------
bio-based OK OK
request-based -- OKThe device type is recognized by the queue flag in the kernel,
so dm follows that.o The type of a dm device is decided at the first table binding time.
Once the type of a dm device is decided, the type can't be changed.o Mempool allocations are deferred to at the table loading time, since
mempools for request-based dm are different from those for bio-based
dm and needed mempool type is fixed by the type of table.o Currently, request-based dm supports only tables that have a single
target. To support multiple targets, we need to support request
splitting or prevent bio/request from spanning multiple targets.
The former needs lots of changes in the block layer, and the latter
needs that all target drivers support merge() function.
Both will take a time.Signed-off-by: Kiyoshi Ueda
Signed-off-by: Jun'ichi Nomura
Signed-off-by: Alasdair G Kergon -
Add support for passing a 32 bit "cookie" into the kernel with the
DM_SUSPEND, DM_DEV_RENAME and DM_DEV_REMOVE ioctls. The (unsigned)
value of this cookie is returned to userspace alongside the uevents
issued by these ioctls in the variable DM_COOKIE.This means the userspace process issuing these ioctls can be notified
by udev after udev has completed any actions triggered.To minimise the interface extension, we pass the cookie into the
kernel in the event_nr field which is otherwise unused when calling
these ioctls. Incrementing the version number allows userspace to
determine in advance whether or not the kernel supports the cookie.
If the kernel does support this but userspace does not, there should
be no impact as the new variable will just get ignored.Signed-off-by: Milan Broz
Signed-off-by: Alasdair G Kergon
16 Jun, 2009
1 commit
-
This adds support for misc devices to report their requested nodename to
userspace. It also updates a number of misc drivers to provide the
needed subdirectory and device name to be used for them.Signed-off-by: Kay Sievers
Signed-off-by: Jan Blunck
Signed-off-by: Greg Kroah-Hartman
09 Apr, 2009
1 commit
-
This patch provides support for data integrity passthrough in the device
mapper.- If one or more component devices support integrity an integrity
profile is preallocated for the DM device.- If all component devices have compatible profiles the DM device is
flagged as capable.- Handle integrity metadata when splitting and cloning bios.
Signed-off-by: Martin K. Petersen
Signed-off-by: Alasdair G Kergon
17 Mar, 2009
2 commits
-
Fix an error introduced in dm-table-rework-reference-counting.patch.
When there is failure after table initialization, we need to use
dm_table_destroy, not dm_table_put, to free the table.dm_table_put may be used only after dm_table_get.
Cc: Kiyoshi Ueda
Signed-off-by: Mikulas Patocka
Reviewed-by: Jonathan Brassow
Reviewed-by: Alasdair G Kergon
Signed-off-by: Alasdair G Kergon -
When renaming a mapped device validate the length of the new name.
The rename ioctl accepted any correctly-terminated string enclosed
within the data passed from userspace. The other ioctls enforce a
size limit of DM_NAME_LEN. If the name is changed and becomes longer
than that, the device can no longer be addressed by name.Fix it by properly checking for device name length (including
terminating zero).Cc: stable@kernel.org
Signed-off-by: Milan Broz
Reviewed-by: Jonathan Brassow
Reviewed-by: Alasdair G Kergon
Signed-off-by: Alasdair G Kergon
06 Jan, 2009
2 commits
-
Rework table reference counting.
The existing code uses a reference counter. When the last reference is
dropped and the counter reaches zero, the table destructor is called.
Table reference counters are acquired/released from upcalls from other
kernel code (dm_any_congested, dm_merge_bvec, dm_unplug_all).
If the reference counter reaches zero in one of the upcalls, the table
destructor is called from almost random kernel code.This leads to various problems:
* dm_any_congested being called under a spinlock, which calls the
destructor, which calls some sleeping function.
* the destructor attempting to take a lock that is already taken by the
same process.
* stale reference from some other kernel code keeps the table
constructed, which keeps some devices open, even after successful
return from "dmsetup remove". This can confuse lvm and prevent closing
of underlying devices or reusing device minor numbers.The patch changes reference counting so that the table destructor can be
called only at predetermined places.The table has always exactly one reference from either mapped_device->map
or hash_cell->new_map. After this patch, this reference is not counted
in table->holders. A pair of dm_create_table/dm_destroy_table functions
is used for table creation/destruction.Temporary references from the other code increase table->holders. A pair
of dm_table_get/dm_table_put functions is used to manipulate it.When the table is about to be destroyed, we wait for table->holders to
reach 0. Then, we call the table destructor. We use active waiting with
msleep(1), because the situation happens rarely (to one user in 5 years)
and removing the device isn't performance-critical task: the user doesn't
care if it takes one tick more or not.This way, the destructor is called only at specific points
(dm_table_destroy function) and the above problems associated with lazy
destruction can't happen.Finally remove the temporary protection added to dm_any_congested().
Signed-off-by: Mikulas Patocka
Signed-off-by: Alasdair G Kergon -
Allow NULL buffer in dm_copy_name_and_uuid if you only want to return one of
the fields.(Required by a following patch that adds these fields to sysfs.)
Signed-off-by: Milan Broz
Reviewed-by: Alasdair G Kergon
Signed-off-by: Alasdair G Kergon
21 Oct, 2008
1 commit
-
Signed-off-by: Al Viro
11 Oct, 2008
1 commit
-
* git://git.kernel.org/pub/scm/linux/kernel/git/agk/linux-2.6-dm:
dm: detect lost queue
dm: publish dm_vcalloc
dm: publish dm_table_unplug_all
dm: publish dm_get_mapinfo
dm: export struct dm_dev
dm crypt: avoid unnecessary wait when splitting bio
dm crypt: tidy ctx pending
dm crypt: fix async inc_pending
dm crypt: move dec_pending on error into write_io_submit
dm crypt: remove inc_pending from write_io_submit
dm crypt: tidy write loop pending
dm crypt: tidy crypt alloc
dm crypt: tidy inc pending
dm exception store: use chunk_t for_areas
dm exception store: introduce area_location function
dm raid1: kcopyd should stop on error if errors handled
dm mpath: remove is_active from struct dm_path
dm mpath: use more error codesFixed up trivial conflict in drivers/md/dm-mpath.c manually.
