From: Omar Sandoval <osandov@osandov.com>
To: Al Viro <viro@zeniv.linux.org.uk>
Cc: Trond Myklebust <trondmy@hammerspace.com>,
"amir73il@gmail.com" <amir73il@gmail.com>,
"dhowells@redhat.com" <dhowells@redhat.com>,
"lsf-pc@lists.linux-foundation.org"
<lsf-pc@lists.linux-foundation.org>, "hch@lst.de" <hch@lst.de>,
"miklos@szeredi.hu" <miklos@szeredi.hu>,
"linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>
Subject: Re: [LSF/MM/BPF TOPIC] Allowing linkat() to replace the destination
Date: Fri, 17 Jan 2020 17:17:34 -0800 [thread overview]
Message-ID: <20200118011734.GD295250@vader> (raw)
In-Reply-To: <20200118004738.GQ8904@ZenIV.linux.org.uk>
On Sat, Jan 18, 2020 at 12:47:38AM +0000, Al Viro wrote:
> On Fri, Jan 17, 2020 at 03:54:44PM -0800, Omar Sandoval wrote:
>
> > > 3) permission checks need to be specified
> >
> > I believe the only difference here vs standard linkat is that newpath
> > must not be immutable or append-only?
>
> I would bloody hope not - at the very least you want sticky bit on parent
> to have effect, same as with rename()/rmdir()/unlink()...
Right, I should've reread may_delete(). I'll document that, too.
> > > references to pathconf, Cthulhu and other equally delightful entities
> > > are not really welcome.
> >
> > EOPNOTSUPP is probably the most helpful.
>
> Umm... What would you feed it, though? You need to get past your
> "links to the same file, do nothing" escape...
I think what you're getting at is that we can make this easier by
failing linkat AT_REPLACE very early if the filesystem doesn't have a
->link_replace(). Namely, if the filesystem doesn't support AT_REPLACE
but we still allow the "same file" or "newpath doesn't exist" cases to
succeed, then feature detection gets annoying.
As long as that's right, then applications can do the usual "try the new
feature or fall back" pattern that they do for fallocate modes and such.
> > Based on my previous attempt at it [1], it's not too bad.
>
> + error = may_delete(dir, new_dentry, d_is_dir(old_dentry));
>
> Why bother with d_is_dir(), when you are going to reject directories
> anyway?
>
> + if (dir->i_op->link)
> + error = dir->i_op->link(old_dentry, dir, new_dentry);
> + else
> + error = dir->i_op->link2(old_dentry, dir, new_dentry, flags);
> + if (error)
> + goto out;
> +
>
> No. This is completely wrong; just make it ->link_replace() and be done
> with that; no extra arguments and *always* the same conditions wrt
> positive/negative. One of the reasons why ->rename() tends to be
> ugly (and a source of quite a few bugs over years) are those "if
> target is positive/if target is negative" scattered over the instances.
>
> Make the choice conditional upon the positivity of target.
Yup, you already convinced me that ->link_replace() is better in your
last email.
> And you don't need to reproduce every quirk of rename() error values.
> Really. Unless you really intend to have userland do a loop of
> linkat(2) attempts (a-la mkstemp(3)), followed by rename(2) for
> fallback...
Understood, thanks. I'll get this all cleaned up and resent next week.
next prev parent reply other threads:[~2020-01-18 1:17 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-17 12:49 [LSF/MM/BPF TOPIC] Allowing linkat() to replace the destination David Howells
2020-01-17 14:33 ` Trond Myklebust
2020-01-17 15:46 ` Al Viro
2020-01-17 16:12 ` Trond Myklebust
2020-01-17 16:48 ` Al Viro
2020-01-17 16:36 ` Omar Sandoval
2020-01-17 16:59 ` Al Viro
2020-01-17 17:28 ` Omar Sandoval
2020-01-17 18:17 ` Al Viro
2020-01-17 20:22 ` Omar Sandoval
2020-01-17 22:22 ` Al Viro
2020-01-17 23:54 ` Omar Sandoval
2020-01-18 0:47 ` Al Viro
2020-01-18 1:17 ` Omar Sandoval [this message]
2020-01-18 2:20 ` Al Viro
2020-01-21 23:05 ` Omar Sandoval
2020-01-22 6:57 ` Amir Goldstein
2020-01-22 22:10 ` Omar Sandoval
2020-01-23 3:47 ` Al Viro
2020-01-23 7:16 ` Dave Chinner
2020-01-23 7:47 ` Amir Goldstein
2020-01-24 21:25 ` Dave Chinner
2020-01-31 5:24 ` Darrick J. Wong
2020-01-31 5:29 ` hch
2020-01-31 7:00 ` Amir Goldstein
2020-01-31 20:33 ` Omar Sandoval
2020-01-31 21:55 ` Amir Goldstein
2020-01-28 1:27 ` Omar Sandoval
2020-01-28 14:35 ` David Howells
2020-01-31 5:31 ` hch
2020-01-31 8:04 ` David Howells
2020-01-31 8:56 ` Amir Goldstein
2020-01-22 9:53 ` David Howells
2020-01-17 14:47 ` David Howells
2020-01-17 14:56 ` Trond Myklebust
2020-01-17 16:01 ` Al Viro
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200118011734.GD295250@vader \
--to=osandov@osandov.com \
--cc=amir73il@gmail.com \
--cc=dhowells@redhat.com \
--cc=hch@lst.de \
--cc=linux-fsdevel@vger.kernel.org \
--cc=lsf-pc@lists.linux-foundation.org \
--cc=miklos@szeredi.hu \
--cc=trondmy@hammerspace.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).