Received: by 2002:a05:6a10:1d13:0:0:0:0 with SMTP id pp19csp1720482pxb; Fri, 27 Aug 2021 16:10:36 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwHgS0wdgz7aIH4veeHWfIGI8hoZz/zcCiYwHlFz7bAoSst2SIaEp24InzEG3eC/Ijy67ea X-Received: by 2002:a92:ce03:: with SMTP id b3mr8130776ilo.267.1630105836619; Fri, 27 Aug 2021 16:10:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1630105836; cv=none; d=google.com; s=arc-20160816; b=ghAJVltK4+0OpMb3JnHPVMWANTdZZSDy+57XjUHx9kQ5H5quj1LFBMMkovKhYwtpAS +4ibKMW0rZh9mfXJ6oANlYLyR7TjqhQaA+k8ezjUaQP4aWcN6chvAtLQwNI2zp4LGy8q FTb4zysDmCyyLf6ysuvKN5UUKItF2xNXPzrXq89A66PCGx2TIHIHZot9PGIiys+YSyop voH9FEJ6GXJrFaSzTqiN53wTlFArbSXIWGSzSZQi7SdvtlHuVck9Ce36l9l8oqRlAdkK bEKtjO4F3xsIhu3SKypUBvVR5t0Kz/eoAMrDy92kBtgpTU5oECS91HRaxQDvvfxtJwkr vwXQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:message-id:date:references:in-reply-to:subject :cc:to:from:mime-version:content-transfer-encoding:dkim-signature :dkim-signature; bh=WYbq1NneIVkLuIYGBZZdCrJ1kTQXpgMd3oOVJl3BDig=; b=YXr9G2QGfZhudZC98zoq7LP+Aom4EHm6RCM8eHQ1hOPeNAjyk7v5atUiOtMEC8lzVm NF6bbYRcA/FR8L2AFXg8LedvFjH21MhevHqfPkV49hVuPGoxu79z8Nkur6rnR/+iRXxH h87DxAg90tttsSJCU700MN4Jb5MdkPyuD6SQMnnb/G4DX/fy2C3udOWVtn8+k9Np8qcw olKP9vwusfxVtcCh6wuBzoiAitfeaOkAdCmHDWRxRGM3NGDnKWR4/a+Z7l8pPfCVPIy1 74RJTpSYwwe7WU5e6qoFBhmya7S/5sIppfqzd7dLt/qSvY5TRP0KV3kkLzO9ptcF9BoG FCpw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=MmbN7fxY; dkim=neutral (no key) header.i=@suse.de header.s=susede2_ed25519; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id l18si7152837ilc.72.2021.08.27.16.10.23; Fri, 27 Aug 2021 16:10:36 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=MmbN7fxY; dkim=neutral (no key) header.i=@suse.de header.s=susede2_ed25519; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232386AbhH0XLM (ORCPT + 99 others); Fri, 27 Aug 2021 19:11:12 -0400 Received: from smtp-out2.suse.de ([195.135.220.29]:33124 "EHLO smtp-out2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232252AbhH0XLL (ORCPT ); Fri, 27 Aug 2021 19:11:11 -0400 Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id E422B1FF4C; Fri, 27 Aug 2021 23:10:20 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1630105820; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=WYbq1NneIVkLuIYGBZZdCrJ1kTQXpgMd3oOVJl3BDig=; b=MmbN7fxYOCZu26ad7DTGliARr83akIVsKI0v7+5Ri5atGldJWx7NLhRENUYlIWBQvbCK+6 FQv3AvFf3fR+NWypVMWOit5l/XOQWEtcmIYlMrTJ96gAIV14TIv2Al3uiGk4XXtP0r3bqp JoHeSIbnPeKLwNvcIFKTB6eebJ1X8wc= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1630105820; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=WYbq1NneIVkLuIYGBZZdCrJ1kTQXpgMd3oOVJl3BDig=; b=ZxdYj19DO/3coBHKotZV75i5Tm9O7H6FQCwZ78geKqVS28ZeHmaxElrAGSifSdXA1Kk6OY ptTW5wH+heLuocDQ== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 3F16E13D7D; Fri, 27 Aug 2021 23:10:17 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id 6rQRO9lwKWFpJgAAMHmgww (envelope-from ); Fri, 27 Aug 2021 23:10:17 +0000 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit MIME-Version: 1.0 From: "NeilBrown" To: "Christoph Hellwig" Cc: "Darrick J. Wong" , "Christoph Hellwig" , "David Howells" , torvalds@linux-foundation.org, trond.myklebust@primarydata.com, linux-nfs@vger.kernel.org, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] Don't block writes to swap-files with ETXTBSY. In-reply-to: <20210827151644.GB19199@lst.de> References: <162993585927.7591.10174443410031404560@noble.neil.brown.name>, <20210827151644.GB19199@lst.de> Date: Sat, 28 Aug 2021 09:10:15 +1000 Message-id: <163010581548.7591.7557563272768619093@noble.neil.brown.name> Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org On Sat, 28 Aug 2021, Christoph Hellwig wrote: > On Thu, Aug 26, 2021 at 09:57:39AM +1000, NeilBrown wrote: > > > > Commit dc617f29dbe5 ("vfs: don't allow writes to swap files") > > broke swap-over-NFS as it introduced an ETXTBSY error when NFS tries to > > swap-out using ->direct_IO(). > > > > There is no sound justification for this error. File permissions are > > sufficient to stop non-root users from writing to a swap file, and root > > must always be cautious not to do anything dangerous. > > > > These checks effectively provide a mandatory write lock on swap, and > > mandatory locks are not supported in Linux. > > > > So remove all the checks that return ETXTBSY when attempts are made to > > write to swap. > > Swap files are not just any files and do need a mandatory write lock > as they are part of the kernel VM and writing to them will mess up > the kernel badly. David Howells actually has sent various patches > to fix swap over NFS in the last weeks. > > There are lots of different things root can do which will mess up the kernel badly. The backing-store can still be changed through some other means. Do you have a particular threat or risk scenario other than "root might get careless"? Yes, I've seen David's patches. I posted this one because I think the original patch which broke swap-over-NFS was not just unfortunate, but wrong. Permissions are how we protect files, not ETXTBSY. NeilBrown