Received: by 2002:ad5:4acb:0:0:0:0:0 with SMTP id n11csp2903325imw; Sun, 17 Jul 2022 20:23:27 -0700 (PDT) X-Google-Smtp-Source: AGRyM1u6mzWz8iodN3qxTd9wjEPGg66NRMevU7m0yrkc4C5K/sbunb/CbQMDNkygLmbbT38PNwzY X-Received: by 2002:a17:90b:4c47:b0:1f0:3cc7:b55f with SMTP id np7-20020a17090b4c4700b001f03cc7b55fmr34585872pjb.180.1658114607100; Sun, 17 Jul 2022 20:23:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1658114607; cv=none; d=google.com; s=arc-20160816; b=KHScxNRPzCUgC0+jGKnGMXI4HCkFBXWjaYPUkJQjOCgUgdiLXsrWc5o3RPIkSZVPh1 2Jr5UE9hER5gVFqVZqwZPWKbOwd1BctA+tsn11qZyzt5CvEvtPf1e1qXoSoGkTCvBT4I f5MFZGLFcXtzYlHQJOyx3TzjTxtLQQRjjTikHzZROl/nGnnQKQ7Eg31C0s5K4Ka5dojt 4Ir9CkwIJ7jtbFRINVjNhCLJd/7Puh5J6KfAf3KmL6AM2e++wuAufBVnMNEn803Pn9nm 5bg0f4HLZ/O7tKvF87SDrR6CRkwPL32ldKDMlSWxL4w/nB0L74mMlYFjuFlSYdjaKZeR KgPQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:message-id:date:references:in-reply-to:subject :cc:to:from:mime-version:content-transfer-encoding:dkim-signature :dkim-signature; bh=798hgegU7Pgev28UDU7W/+ikbeFdPUq5dnJVjLGQz7A=; b=uYmIOc334qoO9PNEJAGI5XtycPx/ElzJQWpih74qRBj3HxNwSBCaU7ewv+bTZSnTDT I4GYgRDYnU7aYACX25/VZ10pYplrXyMLUWffREIhYR6L30fT2Vp/RM2o9yzujASsh+2W DDZKgwnbuRIZ+9KYFRHYaS8lnG1dJWmw3+JIKFsULuuSI4q3hiLe1DV1v/wIlmyEOOnt nZ4OkKqIMP9h/E2mzF9YTf4Q1SulFDIJQp1yVRAM9eomy7T5akOdIR7WONFi33x0H/I4 w1aLBSxyNQ2pq0Gd6x5RgUKYJlBnRigcomeLRodJRX+zq9qRhMV1q2TKj08u+P/s9O1k J63A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=dCAKnTd3; dkim=neutral (no key) header.i=@suse.de header.s=susede2_ed25519 header.b=hy2PfENm; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id q6-20020aa79606000000b0052551b26480si13605875pfg.99.2022.07.17.20.22.59; Sun, 17 Jul 2022 20:23:27 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=dCAKnTd3; dkim=neutral (no key) header.i=@suse.de header.s=susede2_ed25519 header.b=hy2PfENm; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230131AbiGRDVu (ORCPT + 99 others); Sun, 17 Jul 2022 23:21:50 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51702 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229482AbiGRDVu (ORCPT ); Sun, 17 Jul 2022 23:21:50 -0400 Received: from smtp-out1.suse.de (smtp-out1.suse.de [IPv6:2001:67c:2178:6::1c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 23CD110FC4 for ; Sun, 17 Jul 2022 20:21:49 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id ECF553399C; Mon, 18 Jul 2022 03:21:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1658114506; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=798hgegU7Pgev28UDU7W/+ikbeFdPUq5dnJVjLGQz7A=; b=dCAKnTd3SD9nwA983jiI3OKnGLf9KU6oRT/gNoFmqg1e1aUrJAc9+/PyrP1wUb7XDUcXJ2 woPj6cIWusaJBxiup8hXfXKCmUKo+e7//awRbW7kdxtsZIUlFtWbB54z9SByPLI/RGdJ0R vmC6vROnBOWXTLv50hRwE8ow7sE8IGI= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1658114506; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=798hgegU7Pgev28UDU7W/+ikbeFdPUq5dnJVjLGQz7A=; b=hy2PfENmxl2IFiUiWMTjitoORygxj374DgtyjhUpGE3PsUzdh8AL+2FFIoROy+Fgs0FT8I E1/FMIgyDB+EAxBA== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id C48EF13A83; Mon, 18 Jul 2022 03:21:45 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id KNWyHsnR1GJcJQAAMHmgww (envelope-from ); Mon, 18 Jul 2022 03:21:45 +0000 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit MIME-Version: 1.0 From: "NeilBrown" To: "Jeff Layton" Cc: chuck.lever@oracle.com, linux-nfs@vger.kernel.org Subject: Re: [PATCH 0/2] nfsd: close potential race between open and delegation In-reply-to: References: <20220714200434.161818-1-jlayton@kernel.org>, <165784314214.25184.13511971308364755291@noble.neil.brown.name>, Date: Mon, 18 Jul 2022 13:21:42 +1000 Message-id: <165811450205.25184.16800980627192339653@noble.neil.brown.name> X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org On Fri, 15 Jul 2022, Jeff Layton wrote: > On Fri, 2022-07-15 at 09:59 +1000, NeilBrown wrote: > > > however... > > 2/ Do we really need to lock the parent? If a rename or unlink happens > > after the lease was taken, the lease will be broken. So > > take lease. > > repeat lookup (locklessly) > > Check if lease has been broken > > Should provide all you need. > > > > You don't *need* to lock the directory to open an existing file and > > with my pending parallel-updates patch set, you only need a shared > > lock on the directory to create a file. So I'd rather not be locking > > the directory at all to get a delegation > > > > Yeah, we probably don't need to lock the dir. That said, after your > patch series we already hold the i_rwsem on the parent at this point so > lookup_one_len is fine in this instance. But the only reason we hold i_rwsem at this point is to prevent renames in the "opened existing file" case. The "created new file" case holds it as well just be be consistent with the first case. If we "vet" the dentry, then we don't need the lock any more. We can then simplify nfsd_lookup_dentry() to always assume the dir is not locked - so the "locked" arg can go, and nfsd_lookup() can lose the "lock" arg and always return with the directory unlocked. I'm tempted to add your patch to the front of my series. The inconsistency in locking can be fix by unlocking the directory before we get even close to handing out a delegation - so the delegation never sees a locked directory. But right now I have a cold and don't trust myself to think clearly enough to create code worth posting. Hopefully I'll be thinking more clearly later in the week. While I'm here ... is "vet" a good word? The meaning is appropriate, but I wonder if it would cause our friends for whom English isn't their first language to stumble. There are about 5 uses in the kernel at present. Would validate or verify be better? Even though they are longer.. Thanks, NeilBrown