From mboxrd@z Thu Jan 1 00:00:00 1970 From: ebiederm@xmission.com (Eric W. Biederman) Subject: Re: [RFC][PATCH 8/9] vfs: Implement generic revoked file operations Date: Sun, 12 Apr 2009 16:06:34 -0700 Message-ID: References: <20090412185659.GE4394@shareable.org> <20090412210256.GK4394@shareable.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Andrew Morton , linux-kernel@vger.kernel.org, linux-pci@vger.kernel.org, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, Al Viro , Hugh Dickins , Tejun Heo , Alexey Dobriyan , Linus Torvalds , Alan Cox , Greg Kroah-Hartman To: Jamie Lokier Return-path: Received: from out02.mta.xmission.com ([166.70.13.232]:34817 "EHLO out02.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752156AbZDLXGo (ORCPT ); Sun, 12 Apr 2009 19:06:44 -0400 In-Reply-To: <20090412210256.GK4394@shareable.org> (Jamie Lokier's message of "Sun\, 12 Apr 2009 22\:02\:56 +0100") Sender: linux-fsdevel-owner@vger.kernel.org List-ID: Jamie Lokier writes: > Eric W. Biederman wrote: >> I just thought about that some more and I am not convinced. >> >> In general the current return values from proc after an I/O operation >> are suspect. seek returns -EINVAL instead of -EIO. poll returns >> DEFAULT_POLLMASK (which doesn't set POLLERR). So I am not convinced >> that the existing proc return values on error are correct, and they >> are recent additions so the historical precedent is not especially >> large. >> >> EOF does give the impression that you have read all of the data from >> the /proc file, and that is in fact the case. There is no more >> data coming from that proc file. >> >> That the data is stale is well know. >> >> That the data is not atomic, anything that spans more than a single >> read is not atomic. >> >> So I don't see what returning EIO adds to the equation. Perhaps >> that your fragile user space string parser may break? >> >> EOF gives a clear indication the application should stop reading >> the data, because there is no more. >> >> EIO only says that the was a problem. >> >> I don't know of anything that depends on the rmmod behavior either >> way. But if we can get away with it I would like to use something >> that is generally useful instead of something that only makes >> sense in the context of proc. > > I'm not thinking of proc, really. More thinking of applications: EOF > effectively means "whole file read without error - now do the next thing". > > If a filesystem file is revoked (umount -f), you definitely want to > stop that Makefile which is copying a file from the unmounted > filesystem to a target file. Otherwise you get inconsistent states > which can only occur as a result of this umount -f, something > Makefiles should never have to care about. > > rmmod behaviour is not something any app should see normally. > Unexpected behaviour when files are oddly truncated (despite never > being written that way) is not "fragile user space". So whatever it > returns, it should be some error code, imho. Well I just took a look at NetBSD 4.0.1 and it appears they agree with you. Plus I'm starting to feel a lot better about the linux manual pages, as the revoke(2) man pages from the BSDs describe different error codes than the implementation, and they fail to mention revoke appears to work on ordinary files as well. If the file is not a tty EIO is returned from read. opens return ENXIO writes return EIO ioctl returns EBADF close returns 0 Operations that just lookup the vnode simply return EBADF. I don't know if that is perfectly correct for the linux case. EBADF usually means the file descriptor specified isn't open. Eric