From: Miklos Szeredi <miklos@szeredi.hu>
To: Tycho Andersen <tycho@tycho.pizza>
Cc: Eric Biederman <ebiederm@xmission.com>,
"Serge E. Hallyn" <serge@hallyn.com>,
linux-kernel@vger.kernel.org, fuse-devel@lists.sourceforge.net
Subject: Re: [PATCH v2] fuse: In fuse_flush only wait if someone wants the return code
Date: Fri, 30 Sep 2022 15:35:16 +0200 [thread overview]
Message-ID: <CAJfpegtcHW8AwjfjDSm8Y7OXbesrw=ZpX-CMujJ=1Zz_Ly2FdQ@mail.gmail.com> (raw)
In-Reply-To: <20220929163944.195913-1-tycho@tycho.pizza>
On Thu, 29 Sept 2022 at 18:40, Tycho Andersen <tycho@tycho.pizza> wrote:
>
> If a fuse filesystem is mounted inside a container, there is a problem
> during pid namespace destruction. The scenario is:
>
> 1. task (a thread in the fuse server, with a fuse file open) starts
> exiting, does exit_signals(), goes into fuse_flush() -> wait
Can't the same happen through
fuse_flush -> fuse_sync_writes -> fuse_set_nowrite -> wait
?
> 2. fuse daemon gets killed, tries to wake everyone up
> 3. task from 1 is stuck because complete_signal() doesn't wake it up, since
> it has PF_EXITING.
>
> The result is that the thread will never be woken up, and pid namespace
> destruction will block indefinitely.
>
> To add insult to injury, nobody is waiting for these return codes, since
> the pid namespace is being destroyed.
>
> To fix this, let's not block on flush operations when the current task has
> PF_EXITING.
>
> This does change the semantics slightly: the wait here is for posix locks
> to be unlocked, so the task will exit before things are unlocked. To quote
> Miklos: https://lore.kernel.org/all/CAJfpegsTmiO-sKaBLgoVT4WxDXBkRES=HF1YmQN1ES7gfJEJ+w@mail.gmail.com/
>
> > "remote" posix locks are almost never used due to problems like this,
> > so I think it's safe to do this.
>
> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
> Signed-off-by: Tycho Andersen <tycho@tycho.pizza>
> Link: https://lore.kernel.org/all/YrShFXRLtRt6T%2Fj+@risky/
> ---
> v2: drop the fuse_flush_async() function and just re-use the already
> prepared args; add a description of the problem+note about posix locks
> ---
> fs/fuse/file.c | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 50 insertions(+)
>
> diff --git a/fs/fuse/file.c b/fs/fuse/file.c
> index 05caa2b9272e..20bbe3e1afc7 100644
> --- a/fs/fuse/file.c
> +++ b/fs/fuse/file.c
> @@ -464,6 +464,34 @@ static void fuse_sync_writes(struct inode *inode)
> fuse_release_nowrite(inode);
> }
>
> +struct fuse_flush_args {
> + struct fuse_args args;
> + struct fuse_flush_in inarg;
> + struct inode *inode;
> + struct fuse_file *ff;
> +};
> +
> +static void fuse_flush_end(struct fuse_mount *fm, struct fuse_args *args, int err)
> +{
> + struct fuse_flush_args *fa = container_of(args, typeof(*fa), args);
> +
> + if (err == -ENOSYS) {
> + fm->fc->no_flush = 1;
> + err = 0;
> + }
> +
> + /*
> + * In memory i_blocks is not maintained by fuse, if writeback cache is
> + * enabled, i_blocks from cached attr may not be accurate.
> + */
> + if (!err && fm->fc->writeback_cache)
> + fuse_invalidate_attr_mask(fa->inode, STATX_BLOCKS);
This is still duplicating code, can you please create a helper?
Thanks,
Miklos
next prev parent reply other threads:[~2022-09-30 13:35 UTC|newest]
Thread overview: 61+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-23 17:21 strange interaction between fuse + pidns Tycho Andersen
2022-06-23 21:55 ` Vivek Goyal
2022-06-23 23:41 ` Tycho Andersen
2022-06-24 17:36 ` Vivek Goyal
2022-07-11 10:35 ` Miklos Szeredi
2022-07-11 13:59 ` Miklos Szeredi
2022-07-11 20:25 ` Tycho Andersen
2022-07-11 21:37 ` Eric W. Biederman
2022-07-11 22:53 ` Tycho Andersen
2022-07-11 23:06 ` Eric W. Biederman
2022-07-12 13:43 ` Tycho Andersen
2022-07-12 14:34 ` Eric W. Biederman
2022-07-12 15:14 ` Tycho Andersen
2022-07-13 17:53 ` [PATCH] sched: __fatal_signal_pending() should also check PF_EXITING Tycho Andersen
2022-07-20 15:03 ` Serge E. Hallyn
2022-07-20 20:58 ` Tycho Andersen
2022-07-21 1:54 ` Serge E. Hallyn
2022-07-27 15:44 ` Tycho Andersen
2022-07-27 16:32 ` Eric W. Biederman
2022-07-27 17:55 ` Tycho Andersen
2022-07-28 18:48 ` Eric W. Biederman
2022-07-27 17:55 ` Oleg Nesterov
2022-07-27 18:18 ` Tycho Andersen
2022-07-27 19:19 ` Oleg Nesterov
2022-07-27 19:40 ` Tycho Andersen
2022-07-28 9:12 ` Oleg Nesterov
2022-07-28 21:20 ` Tycho Andersen
2022-07-29 5:04 ` Eric W. Biederman
2022-07-29 13:50 ` Tycho Andersen
2022-07-29 16:15 ` Eric W. Biederman
2022-07-29 16:48 ` Tycho Andersen
2022-07-29 17:40 ` [RFC][PATCH] fuse: In fuse_flush only wait if someone wants the return code Eric W. Biederman
2022-07-29 20:47 ` Oleg Nesterov
2022-07-30 0:15 ` Al Viro
2022-07-30 5:10 ` [RFC][PATCH v2] " Eric W. Biederman
2022-08-01 15:16 ` Tycho Andersen
2022-08-02 12:50 ` Miklos Szeredi
2022-08-15 13:59 ` Tycho Andersen
2022-08-15 17:55 ` Serge E. Hallyn
2022-09-01 14:06 ` [PATCH] " Tycho Andersen
2022-09-19 15:03 ` Tycho Andersen
2022-09-20 18:02 ` Serge E. Hallyn
2022-09-26 14:17 ` Tycho Andersen
2022-09-27 9:46 ` Miklos Szeredi
2022-09-29 14:05 ` [fuse-devel] " Stef Bon
2022-09-29 16:39 ` [PATCH v2] " Tycho Andersen
2022-09-30 13:35 ` Miklos Szeredi [this message]
2022-09-30 14:01 ` Tycho Andersen
2022-09-30 14:41 ` Miklos Szeredi
2022-09-30 16:09 ` Tycho Andersen
2022-10-26 9:01 ` Miklos Szeredi
2022-11-14 16:02 ` [PATCH v3] " Tycho Andersen
2022-11-28 15:00 ` Tycho Andersen
2022-12-08 14:26 ` Miklos Szeredi
2022-12-08 17:49 ` Tycho Andersen
2022-12-19 19:16 ` Tycho Andersen
2023-01-03 14:51 ` Tycho Andersen
2023-01-05 15:15 ` Serge E. Hallyn
2023-01-26 14:12 ` Miklos Szeredi
2022-09-30 19:47 ` [PATCH] " Serge E. Hallyn
2022-09-19 15:46 ` [RFC][PATCH v2] " Eric W. Biederman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAJfpegtcHW8AwjfjDSm8Y7OXbesrw=ZpX-CMujJ=1Zz_Ly2FdQ@mail.gmail.com' \
--to=miklos@szeredi.hu \
--cc=ebiederm@xmission.com \
--cc=fuse-devel@lists.sourceforge.net \
--cc=linux-kernel@vger.kernel.org \
--cc=serge@hallyn.com \
--cc=tycho@tycho.pizza \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).