Received: by 10.223.185.116 with SMTP id b49csp2284769wrg; Thu, 22 Feb 2018 11:06:46 -0800 (PST) X-Google-Smtp-Source: AH8x226w9C8ay1qKcobwLRSSoUTH8R+bWa6Mtmp33QX9olyEjycxgXw52KNkRg9lXvRGt6ImDeKL X-Received: by 10.101.92.136 with SMTP id a8mr6436219pgt.446.1519326406852; Thu, 22 Feb 2018 11:06:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519326406; cv=none; d=google.com; s=arc-20160816; b=Hv8KbetMNNE2urcitz4gxcDCKC8Mccknw8P5rFF+yyFBaS6gItpsIHQZLg98ONzmtr gaMMdBIc0RZv8bJY+Tr0vwUR9ngM3BOqShuCrJ5r1ZPced1qxSG+itTp4SCqR7AFlybn RK8rsfPiPLFN+5CKh8xcOWdYpPHqN2OwDIfIODzmMRG14txfDY62pUq1MYUehHxAoDa5 oGvF+y2lozTpHRJgKUHFvtoR7P/GFxMS1hGX5uY332biAP8zOG/mhsN07uqpdtcml7Fk 77MEkNOmYGfaAzBbId9h3kL416Dkoo5vARXjl5NO2fue7LeDFtQhToQVyeylcoNnnNIk fuow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:subject:mime-version:user-agent :message-id:in-reply-to:date:references:cc:to:from :arc-authentication-results; bh=aIiTZbw2gOP5lMcuaXfz7Drmrl1QddXAdr2JG/o5yZM=; b=XgSOelAjfT+9IAXmolw38olYPN7IbDNa7yMsto24pjtis8PxSp4bwLfeaGCSGxcJLP bxfsvbGn3ONtumtAJtvTxhatoXU7sstldD0o8JqmdyFAbFERqR3VlO9w2PrSCzSh4llD IA+VZu849hQ75LBd/rEgFBNdXw1A9svHM/CX2JmVo8RHP3dUGoPepRgsVmjsDA4HEZpG h9qPmsN/2cRPGpaKvH67IJ/wIqHUi+Bl/erc3yf1N7L2NyOi2Dc7Fpkg7uOL51jf20Uv Skamk1yvZt3jlUmuUx6ycivalphvFd46u17CKzk/AzvHWccnCfr2+9S1llVV4zeE41Im k0MQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w9-v6si462708plz.12.2018.02.22.11.06.32; Thu, 22 Feb 2018 11:06:46 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751401AbeBVTFT (ORCPT + 99 others); Thu, 22 Feb 2018 14:05:19 -0500 Received: from out02.mta.xmission.com ([166.70.13.232]:51609 "EHLO out02.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750821AbeBVTFR (ORCPT ); Thu, 22 Feb 2018 14:05:17 -0500 Received: from in02.mta.xmission.com ([166.70.13.52]) by out02.mta.xmission.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.87) (envelope-from ) id 1eowB9-0001jG-Kd; Thu, 22 Feb 2018 12:05:15 -0700 Received: from 174-19-85-160.omah.qwest.net ([174.19.85.160] helo=x220.xmission.com) by in02.mta.xmission.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.87) (envelope-from ) id 1eowAu-00005s-5B; Thu, 22 Feb 2018 12:05:15 -0700 From: ebiederm@xmission.com (Eric W. Biederman) To: Miklos Szeredi Cc: lkml , Linux Containers , linux-fsdevel , Alban Crequy , Seth Forshee , Sargun Dhillon , Dongsu Park , "Serge E. Hallyn" References: <878tbmf5vl.fsf@xmission.com> <20180221202908.17258-1-ebiederm@xmission.com> Date: Thu, 22 Feb 2018 13:04:32 -0600 In-Reply-To: (Miklos Szeredi's message of "Thu, 22 Feb 2018 11:13:36 +0100") Message-ID: <87fu5s7sn3.fsf@xmission.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-XM-SPF: eid=1eowAu-00005s-5B;;;mid=<87fu5s7sn3.fsf@xmission.com>;;;hst=in02.mta.xmission.com;;;ip=174.19.85.160;;;frm=ebiederm@xmission.com;;;spf=neutral X-XM-AID: U2FsdGVkX18LdLkw7Z6Z3tJ2ZJBQc1BVD39acSEkk1U= X-SA-Exim-Connect-IP: 174.19.85.160 X-SA-Exim-Mail-From: ebiederm@xmission.com X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on sa07.xmission.com X-Spam-Level: * X-Spam-Status: No, score=1.0 required=8.0 tests=ALL_TRUSTED,BAYES_50, DCC_CHECK_NEGATIVE,TVD_RCVD_IP,T_TM2_M_HEADER_IN_MSG,T_TooManySym_01, XMGappySubj_01,XMSubLong autolearn=disabled version=3.4.1 X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP * 0.0 TVD_RCVD_IP Message was received from an IP address * 0.5 XMGappySubj_01 Very gappy subject * 0.7 XMSubLong Long Subject * 0.0 T_TM2_M_HEADER_IN_MSG BODY: No description available. * 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% * [score: 0.4994] * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC * [sa07 1397; Body=1 Fuz1=1 Fuz2=1] * 0.0 T_TooManySym_01 4+ unique symbols in subject X-Spam-DCC: XMission; sa07 1397; Body=1 Fuz1=1 Fuz2=1 X-Spam-Combo: *;Miklos Szeredi X-Spam-Relay-Country: X-Spam-Timing: total 15034 ms - load_scoreonly_sql: 0.12 (0.0%), signal_user_changed: 9 (0.1%), b_tie_ro: 7 (0.0%), parse: 1.13 (0.0%), extract_message_metadata: 13 (0.1%), get_uri_detail_list: 1.67 (0.0%), tests_pri_-1000: 5 (0.0%), compile_eval: 41 (0.3%), tests_pri_-950: 1.90 (0.0%), tests_pri_-900: 1.72 (0.0%), tests_pri_-400: 28 (0.2%), check_bayes: 26 (0.2%), b_tokenize: 7 (0.0%), b_tok_get_all: 8 (0.1%), b_comp_prob: 2.2 (0.0%), b_tok_touch_all: 5 (0.0%), b_finish: 1.01 (0.0%), tests_pri_0: 323 (2.2%), check_dkim_signature: 0.65 (0.0%), check_dkim_adsp: 8 (0.1%), tests_pri_500: 14647 (97.4%), poll_dns_idle: 14637 (97.4%), rewrite_mail: 0.00 (0.0%) Subject: Re: [PATCH v6 1/5] fuse: Remove the buggy retranslation of pids in fuse_dev_do_read X-Spam-Flag: No X-SA-Exim-Version: 4.2.1 (built Thu, 05 May 2016 13:38:54 -0600) X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Miklos Szeredi writes: > On Wed, Feb 21, 2018 at 9:29 PM, Eric W. Biederman > wrote: >> At the point of fuse_dev_do_read the user space process that initiated the >> action on the fuse filesystem may no longer exist. The process have been >> killed or may have fired an asynchronous request and exited. >> >> If the initial process has exited the code "pid_vnr(find_pid_ns(in->h.pid, >> fc->pid_ns)" will either return a pid of 0, or in the unlikely event that >> the pid has been reallocated it can return practically any pid. Any pid is >> possible as the pid allocator allocates pid numbers in different pid >> namespaces independently. >> >> The only way to make translation in fuse_dev_do_read reliable is to call >> get_pid in fuse_req_init_context, and pid_vnr followed by put_pid in >> fuse_dev_do_read. That reference counting in other contexts has been shown >> to bounce cache lines between processors and in general be slow. So that is >> not desirable. >> >> The only known user of running the fuse server in a different pid namespace >> from the filesystem does not care what the pids are in the fuse messages >> so removing this code should not matter. > > Shouldn't we at least zero out the pid in that case? This is an explicit case of passing a file descriptor between pid namespaces. So I think there are plenty of buyer be ware signs out. So I don't know if there are any real world advantages of zeroing the pid. I can see a case for using the pid namespace of the opener of /dev/fuse instead of the pid namespace of the mounter of the fuse filesystem. Although in practice I would be surprised if they were different. I am very leary about caring during a read operation. Caring about the current processes during read/write tends to break caching, is error prone as the need for this patch demonstrates, and is generally likely to be slower than not caring. So yes we can zero the pid. I don't think it is wise to zero the pid unless we zero the pid in fuse_req_init_context. Eric