Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp427894yba; Wed, 24 Apr 2019 03:51:15 -0700 (PDT) X-Google-Smtp-Source: APXvYqy7BrSqgpSpKjWiR5w4ZekpJcbA7QGioAo1V4RyDTqjXDU1GL2qoJoqKwHjXxRrXCCBSf78 X-Received: by 2002:a63:f012:: with SMTP id k18mr30692018pgh.433.1556103075870; Wed, 24 Apr 2019 03:51:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1556103075; cv=none; d=google.com; s=arc-20160816; b=exJ6VKPSffV5V+ousTz1khodTyzi31fm+zU4ZY6lybLaK+qkLIi0DwsUVKqk9/CUUN 0AeOcSBmLV0I6c3mL1moeXwZnakiXIE7laS/7WHtED1g9gaeFAE185wCAtNMVZn/20nU pLSEVdsSiNn5b19vV/b98Gp+NOo/lv6sKLcNEsB/brE9TIPXNUPQ6RcaqJKYHt/B+9HW mRUA+DT2lisI7FQ+slTp12QTBORI3aOsCeVOGyY9jPe+xSxF4pdAW29L4BIiQY99BvPS fvz16xn8/iiekgngVcVLEdR48WTBvOw5DVhi9t6IwlvQYsYErPj/sZaPk+SqjbWQBudb QBtw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=P/RmtPqUFWsBAvuBo3FUv0MSPV82C2xBBc4X67jiyXw=; b=ybTiYS1dTXmg968WdN/4Yzc2EMEqlt1mMxJNhyzyRULeYsMrnzDfx0rC2uwaIkIOQw Q579b+IwHebPZO55uhv/UwWM6URvAQkl72uZhOJ7xvj7b9yJE+kLBFOT1dBBYdMPw1lE WtsRns1OaqU4chSkDnl3QFmkwPBRgtLavkPVAfAL2pOsQCH4/DqZIV2yMuqMCD887G1W k96GK9KTukdlO+aqXniTRh1yKCqRP6AIX0idWvpYNhNOVE3CYyNZcrbPR96avS4r3iSl nlBsOycDnkiPirPVe0ZH2xxkYxiVWigGg4SLAc0T2jBc4G7nAzzH+hecvFVZiguo1Fhz vyHw== ARC-Authentication-Results: i=1; mx.google.com; dkim=temperror (no key for signature) header.i=@szeredi.hu header.s=google header.b=HolPvSPE; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id bc4si18347355plb.246.2019.04.24.03.51.00; Wed, 24 Apr 2019 03:51:15 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=temperror (no key for signature) header.i=@szeredi.hu header.s=google header.b=HolPvSPE; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728869AbfDXKst (ORCPT + 99 others); Wed, 24 Apr 2019 06:48:49 -0400 Received: from mail-it1-f194.google.com ([209.85.166.194]:38259 "EHLO mail-it1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726831AbfDXKss (ORCPT ); Wed, 24 Apr 2019 06:48:48 -0400 Received: by mail-it1-f194.google.com with SMTP id q19so5393349itk.3 for ; Wed, 24 Apr 2019 03:48:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=szeredi.hu; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=P/RmtPqUFWsBAvuBo3FUv0MSPV82C2xBBc4X67jiyXw=; b=HolPvSPEUTfrdjPhSINOjKvLflcaXPi/GzsKlKr+6VUWMIC2XSfh2YtB/7MXyWQoPt Y0EYJi9J4oo6Pmqm9VBIiASuhBlh4BHOa7cYbApICwwD0d5L9RJ2rpyQp7B7qevpH1p+ uT4dayTDutnNSjLmZqWSVxo+XCwopB2r1lNPk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=P/RmtPqUFWsBAvuBo3FUv0MSPV82C2xBBc4X67jiyXw=; b=I3BN6Ws4pYiFQj861XX5u7+3BUHVdYDDJHQ1+meG+vS1LeBgfl2jsJhKtqYhaY5QiY J/dlc9i6HcFMmaSbQjThdNuH302B09VJggGdhUe/aH3Pc3ZxCnZpYYPKJpxvr9oo6Cof gMhLD4yCgJF6Q9B49bL2yDQc3oPy00+MiNYWC0BijdGbx+BNp1RYDix+6gWEQBLtr4VN d7F1brCKBrw2ylOXx+zkohT5ut0BbgXkYlCubkhApPemL9kyRJpQXuPwYJrJfTkJYxNm zenLP01ulVlmFzC0G/g1riaFIcK8QWw+Z+8/QJSCcUosJzd7Ydrbwv+aqxj1fv4SKtY1 Sdmg== X-Gm-Message-State: APjAAAWz05UAULZeXfQSuNlXtaycp7q4agasHkgA2zIz2n9hgu3YUed4 EACEKTB77MctbIA5TEmDFjZ21nwZC/IPa/NfPzMz2w== X-Received: by 2002:a24:1312:: with SMTP id 18mr5458911itz.121.1556102927958; Wed, 24 Apr 2019 03:48:47 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Miklos Szeredi Date: Wed, 24 Apr 2019 12:48:36 +0200 Message-ID: Subject: Re: [RESEND4, PATCH 2/2] fuse: require /dev/fuse reads to have enough buffer capacity as negotiated To: Kirill Smelkov Cc: Miklos Szeredi , Han-Wen Nienhuys , Jakob Unterwurzacher , Kirill Tkhai , Andrew Morton , linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, fuse-devel Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Mar 27, 2019 at 11:44 AM Kirill Smelkov wrote: > > A FUSE filesystem server queues /dev/fuse sys_read calls to get > filesystem requests to handle. It does not know in advance what would be > that request as it can be anything that client issues - LOOKUP, READ, > WRITE, ... Many requests are short and retrieve data from the > filesystem. However WRITE and NOTIFY_REPLY write data into filesystem. > > Before getting into operation phase, FUSE filesystem server and kernel > client negotiate what should be the maximum write size the client will > ever issue. After negotiation the contract in between server/client is > that the filesystem server then should queue /dev/fuse sys_read calls with > enough buffer capacity to receive any client request - WRITE in > particular, while FUSE client should not, in particular, send WRITE > requests with > negotiated max_write payload. FUSE client in kernel and > libfuse historically reserve 4K for request header. This way the > contract is that filesystem server should queue sys_reads with > 4K+max_write buffer. > > If the filesystem server does not follow this contract, what can happen > is that fuse_dev_do_read will see that request size is > buffer size, > and then it will return EIO to client who issued the request but won't > indicate in any way that there is a problem to filesystem server. > This can be hard to diagnose because for some requests, e.g. for > NOTIFY_REPLY which mimics WRITE, there is no client thread that is > waiting for request completion and that EIO goes nowhere, while on > filesystem server side things look like the kernel is not replying back > after successful NOTIFY_RETRIEVE request made by the server. > > -> We can make the problem easy to diagnose if we indicate via error > return to filesystem server when it is violating the contract. > This should not practically cause problems because if a filesystem > server is using shorter buffer, writes to it were already very likely to > cause EIO, and if the filesystem is read-only it should be too following > 8K minimum buffer size (= either FUSE_MIN_READ_BUFFER, see 1d3d752b47, > or = 4K + min(max_write)=4k cared to be so by process_init_reply). > > Please see [1] for context where the problem of stuck filesystem was hit > for real (because kernel client was incorrectly sending more than > max_write data with NOTIFY_REPLY; see also previous patch), how the > situation was traced and for more involving patch that did not make it > into the tree. > > [1] https://marc.info/?l=linux-fsdevel&m=155057023600853&w=2 Applied. Thanks, Miklos