On Thu, 14 Sep 2000, Jan Kara wrote:
> > > of blocks after notify_change() once more all the quota will be counted
> > > properly. The only problem is that quota can be exceeded this way. We have to check
> >
> > Nope. You've just shifted the race window (and inverted the
> > effect) - think what happens if you've got new allocations after the UID
> > change but before the return from notify_change().
> Quota will be still acounted to old user - it's independent of i_uid contents -
> so when we switch pointers to dquot structures and move allocated space without
> blocking there shouldn't be problem...
You still have a window when i_blocks is out of sync with
dquot. If your nice, non-blocking, etc. switch happens in that window - we
are toast, right? It means that we can't change i_blocks before dquot -
currently dquot_{alloc,free}_block() can block. Now, consider the
following:
dquot_transfer()
....
switched
dqput() ****BLOCKED
dquot_alloc_block()
dqduplicate()
dquot_lock() **** BLOCKED
dquot_unlock()
dqput()
....
finished
....
updated the thing *** WINDOW OPENED
dquot_unlock()
dqput() **** BLOCKED
another dquot_transfer()
....
switched
....
finished
finished
updated i_blocks *** WINDOW CLOSED
The second switch happens in the window. QED.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Sep 15 2000 - 21:00:23 EST