Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp6483771pxb; Wed, 17 Feb 2021 05:56:39 -0800 (PST) X-Google-Smtp-Source: ABdhPJzcC9GFCJ1XGWYmQvj3kSIle8FZQeXtO8aRMxYMaB/bUM4IOWUqvGgEsoP50XyZo1zSCuPA X-Received: by 2002:a05:6402:4391:: with SMTP id o17mr26443390edc.196.1613570199344; Wed, 17 Feb 2021 05:56:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1613570199; cv=none; d=google.com; s=arc-20160816; b=xBK4/tYyUQSrKiYrjQ5cp2VM4kbqEh7UpCErVBF9aM04IFW9CUYkmaJoOWxlQGM2Ts +VjLuLGeTSVC00ymmTDLTqjojjdUSRzSj/iP3XggdtMqrEjRZzlFTlm7jEVB/+v/XFD5 /6Fni00loVMBTnCk98QQ9oVBbpA+E5bVETafYQ+o9RID0seISTExkfgbtVOCP9F+rUBB 3vMkoUb3xVcKdWNxgAh2jgPD2iSKyPfzPn1ipwHQz0yU5l6TCPeaJRXBm7YMBcTt4+gn awQ1mPKUzCJaxSR+NuPSf/LLEXtCp+b6vSqpo8D6tljSC5Ef9z4VHVBuKR/LOD0A1OK6 oeIg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=u+NUZmqND6e9uR8Dv61QZBANqr635nV/1yFHKoBJdPc=; b=fPXMtGUTp7+LEu9LU+KZqNjpQ/13AThq0lrcEnEV1a9h/CeYH+3G/wfGuM5NNMIPji lLLaHEooi4ld3EYyaX56w7pMLpouacIp3kIHcF8W31wYpedPPPynLPeKIBFZkQZI9AS9 yvjVfv223buZCT1eVLAA74+Y+GFUTvRPHuOtfqD/dNJMXScyM+4epnWULcy3GoOnfGBO f9T5EsJ5BoPeqJP6D/Wn1UAdvSD8L4xEJ0juizkzL7EMu06kVWplAvZbah6AQE7Bo24E XFiXXn6sjgM9nuPYD5bSVwrOSXbBw3MfPml8MVBUwcDVU4Mn8Ph7WqmrXzUyTF+bDib/ QfKA== ARC-Authentication-Results: i=1; mx.google.com; dkim=temperror (no key for signature) header.i=@szeredi.hu header.s=google header.b=H168oDr6; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id 88si1418195edr.198.2021.02.17.05.56.00; Wed, 17 Feb 2021 05:56:39 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=temperror (no key for signature) header.i=@szeredi.hu header.s=google header.b=H168oDr6; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233116AbhBQNxI (ORCPT + 99 others); Wed, 17 Feb 2021 08:53:08 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40486 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231724AbhBQNxC (ORCPT ); Wed, 17 Feb 2021 08:53:02 -0500 Received: from mail-vs1-xe32.google.com (mail-vs1-xe32.google.com [IPv6:2607:f8b0:4864:20::e32]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 37355C061574 for ; Wed, 17 Feb 2021 05:52:21 -0800 (PST) Received: by mail-vs1-xe32.google.com with SMTP id u7so6572876vsp.12 for ; Wed, 17 Feb 2021 05:52:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=szeredi.hu; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=u+NUZmqND6e9uR8Dv61QZBANqr635nV/1yFHKoBJdPc=; b=H168oDr6znL1bAzdishVNjYkiWvxyqpqsiOnK+ewzHVgzgedu0DD2TTJs05k3ZbQdI qrvJK+fjAB6lDeFFHVi4vJug9Xm9X/OuO/tZmYGfz+L1bUKqdrdHyqmgALamrqq6OV96 gFpPipanZTrQM5tKNYZyzew6g/eghVCL6JfM4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=u+NUZmqND6e9uR8Dv61QZBANqr635nV/1yFHKoBJdPc=; b=hNyE7fN9LCYAHRbAvNDwqqEoGZl8S7Ukb2qjCl+6cNdU2cN6jM7K0EFnNd383m8ihR pZswL6f+Da89sPBDmU2WifU5gu9dwhd1tPxe2UAti+chfQf+fWdOREZT2YrPUx4Yfvqn HwGVnJ6yQwg6dXsuO/10H497Z+9W/FI+zl1pfK5hgGiqTnY/UnFRXS+hehcT/96lgzvl S/igDDfE2twT38R/xbgCFYVWzeQoCb8LEOJ7s7f2g1yx8P2WTAOuty2l0T/Iy1FP8Y4M pMliREFI/b4cWCMnrHtWzeEowpRilFEp+KBhf+xpGlz5UM9c487xHRGsPX03jK9Gs5hR UVgg== X-Gm-Message-State: AOAM530Rn+E7I5900SAB29Xm/lcfemOD+vmcLBlGWJh2TF08p1JW/Zhl D9x7U7xBY9nNHS7nbWu1qaXDXM4QU4uJ17e2E9Y/9g== X-Received: by 2002:a67:a404:: with SMTP id n4mr1250550vse.0.1613569940285; Wed, 17 Feb 2021 05:52:20 -0800 (PST) MIME-Version: 1.0 References: <20210125153057.3623715-1-balsini@android.com> <20210125153057.3623715-5-balsini@android.com> In-Reply-To: <20210125153057.3623715-5-balsini@android.com> From: Miklos Szeredi Date: Wed, 17 Feb 2021 14:52:09 +0100 Message-ID: Subject: Re: [PATCH RESEND V12 4/8] fuse: Passthrough initialization and release To: Alessio Balsini Cc: Akilesh Kailash , Amir Goldstein , Antonio SJ Musumeci , David Anderson , Giuseppe Scrivano , Jann Horn , Jens Axboe , Martijn Coenen , Palmer Dabbelt , Paul Lawrence , Peng Tao , Stefano Duo , Zimuzo Ezeozue , wuyan , fuse-devel , kernel-team , linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jan 25, 2021 at 4:31 PM Alessio Balsini wrote: > > Implement the FUSE passthrough ioctl that associates the lower > (passthrough) file system file with the fuse_file. > > The file descriptor passed to the ioctl by the FUSE daemon is used to > access the relative file pointer, that will be copied to the fuse_file > data structure to consolidate the link between the FUSE and lower file > system. > > To enable the passthrough mode, user space triggers the > FUSE_DEV_IOC_PASSTHROUGH_OPEN ioctl and, if the call succeeds, receives > back an identifier that will be used at open/create response time in the > fuse_open_out field to associate the FUSE file to the lower file system > file. > The value returned by the ioctl to user space can be: > - > 0: success, the identifier can be used as part of an open/create > reply. > - <= 0: an error occurred. > The value 0 represents an error to preserve backward compatibility: the > fuse_open_out field that is used to pass the passthrough_fh back to the > kernel uses the same bits that were previously as struct padding, and is > commonly zero-initialized (e.g., in the libfuse implementation). > Removing 0 from the correct values fixes the ambiguity between the case > in which 0 corresponds to a real passthrough_fh, a missing > implementation of FUSE passthrough or a request for a normal FUSE file, > simplifying the user space implementation. > > For the passthrough mode to be successfully activated, the lower file > system file must implement both read_iter and write_iter file > operations. This extra check avoids special pseudo files to be targeted > for this feature. > Passthrough comes with another limitation: no further file system > stacking is allowed for those FUSE file systems using passthrough. > > Signed-off-by: Alessio Balsini > --- > fs/fuse/inode.c | 5 +++ > fs/fuse/passthrough.c | 87 ++++++++++++++++++++++++++++++++++++++++++- > 2 files changed, 90 insertions(+), 2 deletions(-) > > diff --git a/fs/fuse/inode.c b/fs/fuse/inode.c > index a1104d5abb70..7ebc398fbacb 100644 > --- a/fs/fuse/inode.c > +++ b/fs/fuse/inode.c > @@ -1133,6 +1133,11 @@ EXPORT_SYMBOL_GPL(fuse_send_init); > > static int free_fuse_passthrough(int id, void *p, void *data) > { > + struct fuse_passthrough *passthrough = (struct fuse_passthrough *)p; > + > + fuse_passthrough_release(passthrough); > + kfree(p); > + > return 0; > } > > diff --git a/fs/fuse/passthrough.c b/fs/fuse/passthrough.c > index 594060c654f8..cf993e83803e 100644 > --- a/fs/fuse/passthrough.c > +++ b/fs/fuse/passthrough.c > @@ -3,19 +3,102 @@ > #include "fuse_i.h" > > #include > +#include > > int fuse_passthrough_open(struct fuse_dev *fud, > struct fuse_passthrough_out *pto) > { > - return -EINVAL; > + int res; > + struct file *passthrough_filp; > + struct fuse_conn *fc = fud->fc; > + struct inode *passthrough_inode; > + struct super_block *passthrough_sb; > + struct fuse_passthrough *passthrough; > + > + if (!fc->passthrough) > + return -EPERM; > + > + /* This field is reserved for future implementation */ > + if (pto->len != 0) > + return -EINVAL; > + > + passthrough_filp = fget(pto->fd); > + if (!passthrough_filp) { > + pr_err("FUSE: invalid file descriptor for passthrough.\n"); > + return -EBADF; > + } > + > + if (!passthrough_filp->f_op->read_iter || > + !passthrough_filp->f_op->write_iter) { > + pr_err("FUSE: passthrough file misses file operations.\n"); > + res = -EBADF; > + goto err_free_file; > + } > + > + passthrough_inode = file_inode(passthrough_filp); > + passthrough_sb = passthrough_inode->i_sb; > + if (passthrough_sb->s_stack_depth >= FILESYSTEM_MAX_STACK_DEPTH) { > + pr_err("FUSE: fs stacking depth exceeded for passthrough\n"); No need to print an error to the logs, this can be a perfectly normal occurrence. However I'd try to find a more unique error value than EINVAL so that the fuse server can interpret this as "not your fault, but can't support passthrough on this file". E.g. EOPNOTSUPP. > + res = -EINVAL; > + goto err_free_file; > + } > + > + passthrough = kmalloc(sizeof(struct fuse_passthrough), GFP_KERNEL); > + if (!passthrough) { > + res = -ENOMEM; > + goto err_free_file; > + } > + > + passthrough->filp = passthrough_filp; > + > + idr_preload(GFP_KERNEL); > + spin_lock(&fc->passthrough_req_lock); Should be okay to use fc->lock, since neither adding nor removing the passthrough ID should be a heavily used operation, and querying the mapping is lockless. Thanks, Miklos