Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp2780619pxb; Fri, 12 Feb 2021 00:41:31 -0800 (PST) X-Google-Smtp-Source: ABdhPJyxPQiU+OKPZHPyPIZmzHstFoLGYVdvbWxmMmmstERL2bsokpKU93EOyxKZClnkOit4ivU8 X-Received: by 2002:a17:906:b4a:: with SMTP id v10mr1916826ejg.382.1613119291074; Fri, 12 Feb 2021 00:41:31 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1613119291; cv=none; d=google.com; s=arc-20160816; b=VKp/1y+8SdCqMuibcbX3Jr58Nb9wr763R1qihhXLgvw/dTusfa5i1Bq/BdXE5Uosao VKfB+iKwfxm/tjKrnWRTHkXwYteuuNmNIKN26973pySkthGFJ3jBzaLGqFwM8MLtoj3g FmFZJ8/zUGcXrTCY9ZeshqFDKXuSVhUxNJVmrqsqH8RzyFizEAYvCuQ/We9IUxWHDHaZ mYYCT2msBCkGLVrtGPsFSY3grjmRMaSIzJPs971hzDu4kFMa8exNN3pwNLGB9pYeQ2W4 DJ2rn2wiREWUDNptTjHrLTr3fOcyGoCaDdB7tj9CWmFRGT7T+dHaw02+41tmZuBR2Pg3 X7sw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=kIIhyC3yC+o2RCwBVzutAuSxJt+TpotLQmTYQpQVk+U=; b=XfkVWsKlOAarUgBdeRPtZk5sbvYJMTBr5/I4PZK3QeJSh8iy2VLYzjYI8MF0MXXilA F5kVbEx8nXjXkPGdrCcL28UEFSlCpxeseZbw12pJkSxFxz5EmugB9g9Hys8ydMDMJ/Vu r2XCLWMIm86o6grwC3dEkTH1nwZr0PBzYlVxYJr0E4wwQBzlWf4r4N0C5qWV8dmS89Tq 3hT0UeR+/QID6HINNu6fgvnw8eREbyFXbOkau8ZB1V1jeJPQaHlhB3l5F3NYi4T8lRt/ cVvm8TJybs1WzHeg3h/6yG/Morz/L1hLIwLRtEMeY6HwksaxQO11gGS+n1YA7b0IIlvS EcjA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=x1aGPghi; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id i20si841804edg.156.2021.02.12.00.41.07; Fri, 12 Feb 2021 00:41:31 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=x1aGPghi; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230176AbhBLIit (ORCPT + 99 others); Fri, 12 Feb 2021 03:38:49 -0500 Received: from mail.kernel.org ([198.145.29.99]:51932 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229690AbhBLIim (ORCPT ); Fri, 12 Feb 2021 03:38:42 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id 0037E64E56; Fri, 12 Feb 2021 08:37:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1613119077; bh=WwD8KDyLd8nubUCGLTXumCtXSFt4j2g3yg3qsZbiPRY=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=x1aGPghi3zHWlS5k6ZGXgagybwHjJmCu5f3Aa7ZfjEbp/LqvLM6weIsFlbfEpJavX ukWrwgpogba+FBpTAnuZlyI9iViyHaMa8iiKUE5KUqLxKGB4+QCs9WwVRqfBfbzAGf UZ2+q1Tb9pIxjovLOP5uMYx0jfEkpmaYr5PiXNAo= Date: Fri, 12 Feb 2021 09:37:54 +0100 From: Greg KH To: Nicolas Boichat Cc: "Darrick J . Wong" , Alexander Viro , Ian Lance Taylor , Luis Lozano , Dave Chinner , linux-fsdevel@vger.kernel.org, lkml Subject: Re: [PATCH 1/6] fs: Add flag to file_system_type to indicate content is generated Message-ID: References: <20210212044405.4120619-1-drinkcat@chromium.org> <20210212124354.1.I7084a6235fbcc522b674a6b1db64e4aff8170485@changeid> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Feb 12, 2021 at 04:20:17PM +0800, Nicolas Boichat wrote: > On Fri, Feb 12, 2021 at 3:46 PM Greg KH wrote: > > > > On Fri, Feb 12, 2021 at 12:44:00PM +0800, Nicolas Boichat wrote: > > > Filesystems such as procfs and sysfs generate their content at > > > runtime. This implies the file sizes do not usually match the > > > amount of data that can be read from the file, and that seeking > > > may not work as intended. > > > > > > This will be useful to disallow copy_file_range with input files > > > from such filesystems. > > > > > > Signed-off-by: Nicolas Boichat > > > --- > > > I first thought of adding a new field to struct file_operations, > > > but that doesn't quite scale as every single file creation > > > operation would need to be modified. > > > > Even so, you missed a load of filesystems in the kernel with this patch > > series, what makes the ones you did mark here different from the > > "internal" filesystems that you did not? > > Which ones did I miss? (apart from configfs, see the conversation on > patch 6/6). Anyway, hopefully auditing all filesystems is an order of > magnitude easier task, and easier to maintain in the longer run ,-) Are you going to be the one to add this to each new filesystem that is added to the kernel? I see filesystems in drivers/char/mem.c and drivers/infiniband/hw/qib/qib_fs.c and drivers/misc/ibmasm/ibmasmfs.c and loads of other driver-specific filesystems. Do all of those "just work" somehow? > > This feels wrong, why is userspace suddenly breaking? What changed in > > the kernel that caused this? Procfs has been around for a _very_ long > > time :) > > Some of this is covered in the cover letter 0/6. To expand a bit: > copy_file_range has only supported cross-filesystem copies since 5.3 > [1], before that the kernel would return EXDEV and userspace > application would fall back to a read/write based copy. After 5.3, > copy_file_range copies no data as it thinks the input file is empty. So older kernels work fine with this system call on procfs, but newer ones do not? If so, that's a regression that should be fixed in the original area, but should not require a new filesystem flag for every individual one out there. That way lies madness and constant auditing that I do not see anyone signing up for for the next 20 years, right? > [1] I think it makes little sense to try to use copy_file_range > between 2 files in /proc, but technically, I think that has been > broken since copy_file_range fallback to do_splice_direct was > introduced (eac70053a141 ("vfs: Add vfs_copy_file_range() support for > pagecache copies", ~4.4). Why are people trying to use copy_file_range on simple /proc and /sys files in the first place? They can not seek (well most can not), so that feels like a "oh look, a new syscall, let's use it everywhere!" problem that userspace should not do. thanks, greg k-h