From: Jeff Layton <jlayton@kernel.org>
To: Xiubo Li <xiubli@redhat.com>, ceph-devel@vger.kernel.org
Cc: lhenriques@suse.de, linux-fsdevel@vger.kernel.org,
linux-fscrypt@vger.kernel.org, dhowells@redhat.com
Subject: Re: [RFC PATCH v7 05/24] ceph: preallocate inode for ops that may create one
Date: Wed, 07 Jul 2021 08:05:09 -0400 [thread overview]
Message-ID: <dc1145b9cf18cc0996d9e47d69ebbc51294c93d9.camel@kernel.org> (raw)
In-Reply-To: <83dcbc5c-7a87-b6cd-b364-2ca4aa5bd440@redhat.com>
On Wed, 2021-07-07 at 11:37 +0800, Xiubo Li wrote:
> On 6/25/21 9:58 PM, Jeff Layton wrote:
> > When creating a new inode, we need to determine the crypto context
> > before we can transmit the RPC. The fscrypt API has a routine for getting
> > a crypto context before a create occurs, but it requires an inode.
> >
> > Change the ceph code to preallocate an inode in advance of a create of
> > any sort (open(), mknod(), symlink(), etc). Move the existing code that
> > generates the ACL and SELinux blobs into this routine since that's
> > mostly common across all the different codepaths.
> >
> > In most cases, we just want to allow ceph_fill_trace to use that inode
> > after the reply comes in, so add a new field to the MDS request for it
> > (r_new_inode).
> >
> > The async create codepath is a bit different though. In that case, we
> > want to hash the inode in advance of the RPC so that it can be used
> > before the reply comes in. If the call subsequently fails with
> > -EJUKEBOX, then just put the references and clean up the as_ctx. Note
> > that with this change, we now need to regenerate the as_ctx when this
> > occurs, but it's quite rare for it to happen.
> >
> > Signed-off-by: Jeff Layton <jlayton@kernel.org>
> > ---
> > fs/ceph/dir.c | 70 ++++++++++++++++++++-----------------
> > fs/ceph/file.c | 62 ++++++++++++++++++++-------------
> > fs/ceph/inode.c | 82 ++++++++++++++++++++++++++++++++++++++++----
> > fs/ceph/mds_client.c | 3 +-
> > fs/ceph/mds_client.h | 1 +
> > fs/ceph/super.h | 7 +++-
> > 6 files changed, 160 insertions(+), 65 deletions(-)
> >
> [...]
>
> > diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c
> > index eb562e259347..f62785e4dbcb 100644
> > --- a/fs/ceph/inode.c
> > +++ b/fs/ceph/inode.c
> > @@ -52,17 +52,85 @@ static int ceph_set_ino_cb(struct inode *inode, void *data)
> > return 0;
> > }
> >
> > -struct inode *ceph_get_inode(struct super_block *sb, struct ceph_vino vino)
> > +/**
> > + * ceph_new_inode - allocate a new inode in advance of an expected create
> > + * @dir: parent directory for new inode
> > + * @dentry: dentry that may eventually point to new inode
> > + * @mode: mode of new inode
> > + * @as_ctx: pointer to inherited security context
> > + *
> > + * Allocate a new inode in advance of an operation to create a new inode.
> > + * This allocates the inode and sets up the acl_sec_ctx with appropriate
> > + * info for the new inode.
> > + *
> > + * Returns a pointer to the new inode or an ERR_PTR.
> > + */
> > +struct inode *ceph_new_inode(struct inode *dir, struct dentry *dentry,
> > + umode_t *mode, struct ceph_acl_sec_ctx *as_ctx)
> > +{
> > + int err;
> > + struct inode *inode;
> > +
> > + inode = new_inode_pseudo(dir->i_sb);
> > + if (!inode)
> > + return ERR_PTR(-ENOMEM);
> > +
> > + if (!S_ISLNK(*mode)) {
> > + err = ceph_pre_init_acls(dir, mode, as_ctx);
> > + if (err < 0)
> > + goto out_err;
> > + }
> > +
> > + err = ceph_security_init_secctx(dentry, *mode, as_ctx);
> > + if (err < 0)
> > + goto out_err;
> > +
> > + inode->i_state = 0;
> > + inode->i_mode = *mode;
> > + return inode;
> > +out_err:
> > + iput(inode);
> > + return ERR_PTR(err);
> > +}
> > +
> > +void ceph_as_ctx_to_req(struct ceph_mds_request *req, struct ceph_acl_sec_ctx *as_ctx)
> > +{
> > + if (as_ctx->pagelist) {
> > + req->r_pagelist = as_ctx->pagelist;
> > + as_ctx->pagelist = NULL;
> > + }
> > +}
> > +
> > +/**
> > + * ceph_get_inode - find or create/hash a new inode
> > + * @sb: superblock to search and allocate in
> > + * @vino: vino to search for
> > + * @newino: optional new inode to insert if one isn't found (may be NULL)
> > + *
> > + * Search for or insert a new inode into the hash for the given vino, and return a
> > + * reference to it. If new is non-NULL, its reference is consumed.
> > + */
> > +struct inode *ceph_get_inode(struct super_block *sb, struct ceph_vino vino, struct inode *newino)
> > {
> > struct inode *inode;
> >
> > if (ceph_vino_is_reserved(vino))
> > return ERR_PTR(-EREMOTEIO);
> >
> > - inode = iget5_locked(sb, (unsigned long)vino.ino, ceph_ino_compare,
> > - ceph_set_ino_cb, &vino);
> > - if (!inode)
> > + if (newino) {
> > + inode = inode_insert5(newino, (unsigned long)vino.ino, ceph_ino_compare,
> > + ceph_set_ino_cb, &vino);
> > + if (inode != newino)
> > + iput(newino);
> > + } else {
> > + inode = iget5_locked(sb, (unsigned long)vino.ino, ceph_ino_compare,
> > + ceph_set_ino_cb, &vino);
> > + }
> > +
> > + if (!inode) {
> > + dout("No inode found for %llx.%llx\n", vino.ino, vino.snap);
> > return ERR_PTR(-ENOMEM);
> > + }
> >
> > dout("get_inode on %llu=%llx.%llx got %p new %d\n", ceph_present_inode(inode),
> > ceph_vinop(inode), inode, !!(inode->i_state & I_NEW));
> > @@ -78,7 +146,7 @@ struct inode *ceph_get_snapdir(struct inode *parent)
> > .ino = ceph_ino(parent),
> > .snap = CEPH_SNAPDIR,
> > };
> > - struct inode *inode = ceph_get_inode(parent->i_sb, vino);
> > + struct inode *inode = ceph_get_inode(parent->i_sb, vino, NULL);
> > struct ceph_inode_info *ci = ceph_inode(inode);
> >
> > if (IS_ERR(inode))
>
> Should we always check this just before using it before 'struct
> ceph_inode_info *ci = ceph_inode(inode);' ?
>
> But it seems the 'ceph_inode()' won't introduce any issue here.
>
> Thanks,
>
Yeah, it's just doing pointer math. If it turns out to be an error,
it'll exit before it ever dereferences "ci".
> > @@ -1546,7 +1614,7 @@ static int readdir_prepopulate_inodes_only(struct ceph_mds_request *req,
> > vino.ino = le64_to_cpu(rde->inode.in->ino);
> > vino.snap = le64_to_cpu(rde->inode.in->snapid);
> >
> > - in = ceph_get_inode(req->r_dentry->d_sb, vino);
> > + in = ceph_get_inode(req->r_dentry->d_sb, vino, NULL);
> > if (IS_ERR(in)) {
> > err = PTR_ERR(in);
> > dout("new_inode badness got %d\n", err);
> > @@ -1748,7 +1816,7 @@ int ceph_readdir_prepopulate(struct ceph_mds_request *req,
> > if (d_really_is_positive(dn)) {
> > in = d_inode(dn);
> > } else {
> > - in = ceph_get_inode(parent->d_sb, tvino);
> > + in = ceph_get_inode(parent->d_sb, tvino, NULL);
> > if (IS_ERR(in)) {
> > dout("new_inode badness\n");
> > d_drop(dn);
> [...]
>
--
Jeff Layton <jlayton@kernel.org>
next prev parent reply other threads:[~2021-07-07 12:05 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-25 13:58 [RFC PATCH v7 00/24] ceph+fscrypt: context, filename and symlink support Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 01/24] vfs: export new_inode_pseudo Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 02/24] fscrypt: export fscrypt_base64_encode and fscrypt_base64_decode Jeff Layton
2021-07-11 17:40 ` Eric Biggers
2021-07-12 11:55 ` Jeff Layton
2021-07-12 14:22 ` Eric Biggers
2021-07-12 14:32 ` Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 03/24] fscrypt: export fscrypt_fname_encrypt and fscrypt_fname_encrypted_size Jeff Layton
2021-07-11 17:43 ` Eric Biggers
2021-06-25 13:58 ` [RFC PATCH v7 04/24] fscrypt: add fscrypt_context_for_new_inode Jeff Layton
2021-07-11 17:44 ` Eric Biggers
2021-06-25 13:58 ` [RFC PATCH v7 05/24] ceph: preallocate inode for ops that may create one Jeff Layton
2021-07-07 3:37 ` Xiubo Li
2021-07-07 12:05 ` Jeff Layton [this message]
2021-06-25 13:58 ` [RFC PATCH v7 06/24] ceph: parse new fscrypt_auth and fscrypt_file fields in inode traces Jeff Layton
2021-07-07 3:53 ` Xiubo Li
2021-07-07 12:09 ` Jeff Layton
2021-07-07 12:46 ` Xiubo Li
2021-07-07 10:47 ` Luis Henriques
2021-07-07 11:19 ` Xiubo Li
2021-07-07 12:19 ` Jeff Layton
2021-07-07 14:32 ` Luis Henriques
2021-07-07 14:56 ` Luis Henriques
2021-07-08 2:56 ` Xiubo Li
2021-07-08 11:26 ` Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 07/24] ceph: add fscrypt_* handling to caps.c Jeff Layton
2021-07-07 7:20 ` Xiubo Li
2021-07-07 12:02 ` Jeff Layton
2021-07-07 12:47 ` Xiubo Li
2021-07-11 23:00 ` Eric Biggers
2021-07-12 13:22 ` Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 08/24] ceph: add ability to set fscrypt_auth via setattr Jeff Layton
2021-07-07 8:11 ` Xiubo Li
2021-07-07 12:10 ` Jeff Layton
2021-07-07 10:47 ` Luis Henriques
2021-07-07 12:25 ` Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 09/24] ceph: crypto context handling for ceph Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 10/24] ceph: implement -o test_dummy_encryption mount option Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 11/24] ceph: add routine to create fscrypt context prior to RPC Jeff Layton
2021-07-07 10:48 ` Luis Henriques
2021-07-07 12:29 ` Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 12/24] ceph: add fscrypt ioctls Jeff Layton
2021-07-08 7:30 ` Xiubo Li
2021-07-08 11:26 ` Jeff Layton
2021-07-08 11:32 ` Xiubo Li
2021-06-25 13:58 ` [RFC PATCH v7 13/24] ceph: decode alternate_name in lease info Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 14/24] ceph: make ceph_msdc_build_path use ref-walk Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 15/24] ceph: add encrypted fname handling to ceph_mdsc_build_path Jeff Layton
2021-07-11 22:53 ` Eric Biggers
2021-07-12 12:36 ` Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 16/24] ceph: send altname in MClientRequest Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 17/24] ceph: properly set DCACHE_NOKEY_NAME flag in lookup Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 18/24] ceph: make d_revalidate call fscrypt revalidator for encrypted dentries Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 19/24] ceph: add helpers for converting names for userland presentation Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 20/24] ceph: add fscrypt support to ceph_fill_trace Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 21/24] ceph: add support to readdir for encrypted filenames Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 22/24] ceph: create symlinks with encrypted and base64-encoded targets Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 23/24] ceph: make ceph_get_name decrypt filenames Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 24/24] ceph: add a new ceph.fscrypt.auth vxattr Jeff Layton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=dc1145b9cf18cc0996d9e47d69ebbc51294c93d9.camel@kernel.org \
--to=jlayton@kernel.org \
--cc=ceph-devel@vger.kernel.org \
--cc=dhowells@redhat.com \
--cc=lhenriques@suse.de \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=xiubli@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).