Received: by 2002:a05:6a10:1d13:0:0:0:0 with SMTP id pp19csp697386pxb; Wed, 18 Aug 2021 11:54:20 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwKreezcPY1G9WyY6eQdDgWSse1Hwl7ooagKrYKW3dNCBhl/5izVwtrNTcNjQBbbVSLVVvu X-Received: by 2002:a5e:9e44:: with SMTP id j4mr8050000ioq.171.1629312860540; Wed, 18 Aug 2021 11:54:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1629312860; cv=none; d=google.com; s=arc-20160816; b=kLxwYmDXfLpehjKa1apEsfGvki017x1cQRi5htafD7+5YpZbuR44KFCAUmddbmolLb hoBBLnMh+RPlbDfIMNgNJvK+xxZQmTMxjtejmpqcvU7JBwWtngxt7qs+wWoGctojffTg f8xU1iBsks/iGigm6lQZd7CAG0jpjInI6eUOezufJkCWK9aJYtoZJh/WxnpsgHK4XCpF SF/Ndtio7ukD+FGH5Rhz4yRY7TwFKqJ7t4NyWvsYzOVZFMd3lMEe/fU6ifeTGs+ilWSJ +UHB9jA03iA3Vhkp6hk7kGWoe/4NHA0FN8QBvKxSKd3zSkElRBSQkZKMkWrALtimIOnl RFxQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=VVLIclKpwLs/EllaJbXfDnAEhIbk0tUG6YwA3fwwsCM=; b=FObhHIUqBRKkltuN/O4AhbDXbvmPzWbdv1Y7IAUPyiDMLtbMC4Hj6xzEbvBQG252+h tzu8LBAH9oXRATVHc2GMOrGG5PiguETNC7zYQE28+xAiNB1HUx+t1qbTfR7n8YoGpYjL bMBBLGE112l5wPL53RO22rdz4MjIf5dCOjug8Xqsc0GIoADfTdJt7x2hDEJsI0zFSKTF 4jQSVr/nZVT7XTL0aTRERvQQnpXvbKmjYW27z4PwZySGtSaCSxyWpJAiEWRZsx9mio1y Hnw4iqJofDFv2Rpu77vPxrnpsrKJgCa2bU89GApk5VL9X32yzzRJJPZGbMnp3+ASkTSP cFiQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=temperror (no key for signature) header.i=@szeredi.hu header.s=google header.b=VjlI5vzQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id f8si540701ilu.107.2021.08.18.11.54.08; Wed, 18 Aug 2021 11:54:20 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=temperror (no key for signature) header.i=@szeredi.hu header.s=google header.b=VjlI5vzQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229965AbhHRSx5 (ORCPT + 99 others); Wed, 18 Aug 2021 14:53:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55678 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229952AbhHRSxz (ORCPT ); Wed, 18 Aug 2021 14:53:55 -0400 Received: from mail-ua1-x935.google.com (mail-ua1-x935.google.com [IPv6:2607:f8b0:4864:20::935]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A74F3C0613D9 for ; Wed, 18 Aug 2021 11:53:20 -0700 (PDT) Received: by mail-ua1-x935.google.com with SMTP id x19so1428497uat.2 for ; Wed, 18 Aug 2021 11:53:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=szeredi.hu; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=VVLIclKpwLs/EllaJbXfDnAEhIbk0tUG6YwA3fwwsCM=; b=VjlI5vzQcP68jcedrwYoawmC/G17u6wAsVnk2VtuJccgIigT3lKCeDhz2qPLg4HV8i sFM1WZNVUbOUTdV9g/SYBPp6518FCH7aaj4RxhvJs0KRHb8kRR8F952Ls1EKsBhMOR7r vjO308Z+rRostL8ZJjuA23xq8hm4Oi5M9W6uo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=VVLIclKpwLs/EllaJbXfDnAEhIbk0tUG6YwA3fwwsCM=; b=uni2w33NqIa40T37PyAqvJIGMXbMoUMf3NYeYUss3Pl+dBz2k3Sp52Y98269Vi1MbT o6HNtQXA56lR8M1WK2jMhtq6qGjt7JmWyQzfYrZAlGDPSM8Zr1E8I6OoV9SsmeosQHd2 cydTAtlXrSU1rIWIWrZwqXpLIyQqYfJnqtUnlFDqjYErGagvCKfbqBBxbEy/pICLUAMk D8vfAHTZLDABquLLuFesncoYR+XVksj8eBDABFgL/oZB/PWpvYEk82YrNHuvpCo7KNo0 JddrIYaaZAxLUuQkkl1ih1xC+pGO16AXmH3mF+ptcr2rQhz79X1KyuQXxzKMIN/lV2dk HwtQ== X-Gm-Message-State: AOAM5304SNhxrAQSVnJWBU0nxbVHAf/n2TW2oDfgeRzdo4UZeVadhwpq AajxMvPo4HPZAxSFQfOGGQ00dvxx9DQDcxd2+Yztdg== X-Received: by 2002:ab0:3a8f:: with SMTP id r15mr8238862uaw.13.1629312799709; Wed, 18 Aug 2021 11:53:19 -0700 (PDT) MIME-Version: 1.0 References: <20210818133400.830078-1-mszeredi@redhat.com> <20210818133400.830078-3-mszeredi@redhat.com> In-Reply-To: From: Miklos Szeredi Date: Wed, 18 Aug 2021 20:53:08 +0200 Message-ID: Subject: Re: [PATCH v2 2/2] ovl: enable RCU'd ->get_acl() To: Linus Torvalds Cc: Miklos Szeredi , Al Viro , overlayfs , linux-fsdevel , Linux Kernel Mailing List , Andreas Gruenbacher , garyhuang Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 18 Aug 2021 at 20:34, Linus Torvalds wrote: > > On Wed, Aug 18, 2021 at 6:34 AM Miklos Szeredi wrote: > > > > struct posix_acl *get_cached_acl_rcu(struct inode *inode, int type) > > { > > - return rcu_dereference(*acl_by_type(inode, type)); > > + struct posix_acl *acl = rcu_dereference(*acl_by_type(inode, type)); > > + > > + if (acl == ACL_DONT_CACHE) > > + acl = inode->i_op->get_acl(inode, type, LOOKUP_RCU); > > + > > + return acl; > > } > > What? No. > > You just made get_cached_acl_rcu() return ERR_PTR(-EINVAL) for most filesystems. > > So now you've changed the behavior of get_cached_acl_rcu() ENTIRELY. > > It used to return either > (a) the ACL > (b) NULL > (c) ACL_DONT_CACHE/ACL_NOT_CACHED > > but now you've changed that (c) case to "ACL_NOT_CACHED or random error value". > > You can't just mix these kinds of entirely different return values like that. > > So no, this is not at all acceptable. > > I would suggest: > > (a) make the first patch actually test explicitly for LOOKUP_RCU, so > that it's clear to the filesystems what is going on. > > So instead of that pattern of > > if (flags) > return ERR_PTR(-EINVAL); > > I'd suggest using > > if (flags & LOOKUP_RCU) > return ERR_PTR(-ECHILD); Okay. > > so that it actually matches what lookup does for the "I can't do > this under RCU", and so that any reader of the code understands what > "flags" is all about. > > And then > > (b) make the get_cached_acl_rcu() case handle errors _properly_ > instead of mixing the special ACL cache markers with error returns. > > So instead of > > if (acl == ACL_DONT_CACHE) > acl = inode->i_op->get_acl(inode, type, LOOKUP_RCU); > > maybe something more along the lines of > > if (acl == ACL_DONT_CACHE) { > struct posix_acl *lookup_acl; > lookup_acl = inode->i_op->get_acl(inode, type, LOOKUP_RCU); > if (!IS_ERR(lookup_acl)) > acl = lookup_acl; > } > > or whatever. Yes, that's better. Just to explain why my version was not actually buggy: ACL_DONT_CACHE is only used in overlayfs and not in any other filesystem, so ->get_acl(... LOOKUP_RCU) not returning an error was implicit in the implementation. But your version makes that error handling explicit, which is definitely an improvement. > > I disagree with Al that a "bool" would be better. I think LOOKUP_RCU > is good documentation, and consistent with lookup, but it really needs > to be *consistent*. Thus that > > if (flags & LOOKUP_RCU) > return ERR_PTR(-ECHILD); > > pattern, not some "test underscibed flags, return -EINVAL" pattern > that looks entirely nonsensical. Al suggested: if (rcu) return ERR_PTR(-ECHILD); which is also good documentation. It also makes sure that "flags" is not overloaded with other functionality (which was the reason for the defensive "if any flag set return error" pattern). Thanks, Miklos