Received: by 2002:a05:6a11:4021:0:0:0:0 with SMTP id ky33csp349273pxb; Wed, 15 Sep 2021 03:38:04 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxreTTEbcg5i8adjT3Jm51l6Q0sdgMloD5blnafqV9MRCFHDBdgw3wvjHv5GL4Q/cWtiarl X-Received: by 2002:a05:6512:1029:: with SMTP id r9mr17327981lfr.688.1631702284182; Wed, 15 Sep 2021 03:38:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1631702284; cv=none; d=google.com; s=arc-20160816; b=jh1eJQDKgT1zi/UjZ6HzgU4OzERfiInfIInjtvUOGXLeJcWxWT4aQIUG5mqTY25HSE lvpT0rG6ZOa2SIIwl8IcsKqu1idDPydqgQjwWuTnXaOup6HXELHrHPonGCEkYH0m2t7Z tkfklI4nN1pWF8Yz1yJBGrxyvaVILuTLah1eZ2t+5ceNz+BMNM5h63en6JSRnDMXOSZY 6K92PsFjbdzv5DKcvLWYO24gaJFT+fZioCugNsf0Kb/JI9D3F9FaFm893/5EuEuIpAAv AGYN1iwc61qijyQ+zhoVLvwn3ZQF5e4ow/AfnmWiamWoYwwuk5h3PtiohpDs8RFKRJpF VH1Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature:dkim-signature; bh=OBqVQGnFWgtPG9Q+UphQmLlXVL6BaYYUbmftNzq04iQ=; b=S+wIcJTgGxNAYBLiw6avRRmIfdlznHdJ3cbcOH4yRIH9IDiRmYtsx9vqmVMpv61+rE KtuB+PXGAaUXSAFGbIm+CBZBN8GSvb7VOP0SFsRoSbhiMr7V56bLmMWVFW1jFKo7K424 pLp1JPwn5mOv+ZtLY0NR1nfjF/bQVcqW6mMsZYoEZLUjKhk5zZgekgSex2LCVbCkgoX5 5IBpnPaKPe9BXo8tE7cn1W1Il7778xUxy5ItYETY2Tm9Uv4ew2+Z4eJrFgC8TUJop2ca ba6jLcMk2FRt3EyrHmqS2FJgZz9R0LMrYANwKFglXGnWdxoKEca/NW48kSTNmugUdkud x8cg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.cz header.s=susede2_rsa header.b=vCIxgPTi; dkim=neutral (no key) header.i=@suse.cz; spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id x26si15870001lfu.69.2021.09.15.03.37.08; Wed, 15 Sep 2021 03:38:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.cz header.s=susede2_rsa header.b=vCIxgPTi; dkim=neutral (no key) header.i=@suse.cz; spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232290AbhIOKdC (ORCPT + 99 others); Wed, 15 Sep 2021 06:33:02 -0400 Received: from smtp-out2.suse.de ([195.135.220.29]:35732 "EHLO smtp-out2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232286AbhIOKdC (ORCPT ); Wed, 15 Sep 2021 06:33:02 -0400 Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by smtp-out2.suse.de (Postfix) with ESMTP id 8A0E11FE50; Wed, 15 Sep 2021 10:31:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1631701902; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=OBqVQGnFWgtPG9Q+UphQmLlXVL6BaYYUbmftNzq04iQ=; b=vCIxgPTi6OMDqQ1ajFPPws6U/nEaOZXbNreE5vLj0ORZVg9SGJK5j03eyv1Pm/qcwe8Lul zUSA36no50k4583wA4oRhu13+NFroEoBYuq2Ymiujc9Cj8pkGoJdk9VkNNBNFavQhvy8eK jqk/KMIUfFBs0odiRg8c66j8c+i81Z8= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1631701902; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=OBqVQGnFWgtPG9Q+UphQmLlXVL6BaYYUbmftNzq04iQ=; b=e/WnNShqk62O0dQZnZD9WPguIsQYzduDCgskdnNv9m/4hbEBfdiHXgi+hGDxnaudXKibAb jiWMOVYTfo8QVvCQ== Received: from quack2.suse.cz (unknown [10.100.224.230]) by relay2.suse.de (Postfix) with ESMTP id 6D872A3B90; Wed, 15 Sep 2021 10:31:42 +0000 (UTC) Received: by quack2.suse.cz (Postfix, from userid 1000) id 02FF31E4318; Wed, 15 Sep 2021 12:31:40 +0200 (CEST) Date: Wed, 15 Sep 2021 12:31:40 +0200 From: Jan Kara To: Amir Goldstein Cc: Gabriel Krisman Bertazi , Jan Kara , Jan Kara , Linux API , Ext4 , linux-fsdevel , Khazhismel Kumykov , David Howells , Dave Chinner , Theodore Tso , "Darrick J. Wong" , Matthew Bobrowski , kernel@collabora.com Subject: Re: [PATCH v6 15/21] fanotify: Preallocate per superblock mark error event Message-ID: <20210915103140.GA6166@quack2.suse.cz> References: <20210812214010.3197279-1-krisman@collabora.com> <20210812214010.3197279-16-krisman@collabora.com> <20210816155758.GF30215@quack2.suse.cz> <877dg6rbtn.fsf@collabora.com> <87a6kusmar.fsf@collabora.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org On Fri 03-09-21 07:16:33, Amir Goldstein wrote: > On Fri, Sep 3, 2021 at 12:24 AM Gabriel Krisman Bertazi > wrote: > > Actually, I don't think this will work for insertion unless we keep a > > bounce buffer for the file_handle, because we need to keep the > > group->notification_lock to ensure the fee doesn't go away with the mark > > (since it is not yet enqueued) but, as discussed before, we don't want > > to hold that lock when generating the FH. > > > > I think the correct way is to have some sort of refcount of the error > > event slot. We could use err_count for that and change the suggestion > > above to: > > > > if (mark->flags & FANOTIFY_MARK_FLAG_SB_MARK) { > > struct fanotify_sb_mark *fa_mark = FANOTIFY_SB_MARK(mark); > > > > spin_lock(&group->notification_lock); > > if (fa_mark->fee_slot) { > > if (!fee->err_count) { > > kfree(fa_mark->fee_slot); > > fa_mark->fee_slot = NULL; > > } else { > > fa_mark->fee_slot->mark_alive = 0; > > } > > } > > spin_unlock(&group->notification_lock); > > } > > > > And insertion would look like this: > > > > static int fanotify_handle_error_event(....) { > > > > spin_lock(&group->notification_lock); > > > > if (!mark->fee || (mark->fee->err_count++) { > > spin_unlock(&group->notification_lock); > > return 0; > > } > > > > spin_unlock(&group->notification_lock); > > > > mark->fee->fae.type = FANOTIFY_EVENT_TYPE_FS_ERROR; > > > > /* ... Write report data to error event ... */ > > > > fanotify_encode_fh(&fee->object_fh, fanotify_encode_fh_len(inode), > > NULL, 0); > > > > fsnotify_add_event(group, &fee->fae.fse, NULL); > > } > > > > Unless you think this is too hack-ish. > > > > To be fair, I think it is hack-ish. > > Actually, I wouldn't mind the hack-ish-ness if it would simplify things, > but I do not see how this is the case here. > I still cannot wrap my head around the semantics, which is a big red light. > First of all a suggestion should start with the lifetime rules: > - Possible states > - State transition rules > > Speaking for myself, I simply cannot review a proposal without these > documented rules. Hum, getting back up to speed on this after vacation is tough which suggests maybe we've indeed overengineered this :) So let's try to simplify things. > > I would add a proper refcount_t > > to the error event, and let the mark own a reference to it, which is > > dropped when the mark goes away. Enqueue and Dequeue will acquire and > > drop references, respectively. In this case, err_count is not > > overloaded. > > > > Will it work? > > Maybe, I still don't see the full picture, but if this can get us to a state > where error events handling is simpler then it's a good idea. > Saving the space of refcount_t in error event struct is not important at all. > > But if Jan's option #1 (mempool) brings us to less special casing > of enqueue/dequeue of error events, then I think that would be > my preference. Yes, I think mempools would result in a simpler code overall (the complexity of recycling events would be handled by mempool for us). Maybe we would not even need to play tricks with mempool resizing? We could just make sure it has couple of events reserved and if it ever happens that mempool_alloc() cannot give us any event, we'd report queue overflow (like we already do for other event types if that happens). I think we could require that callers generating error events are in a context where GFP_NOFS allocation is OK - this should be achievable target for filesystems and allocation failures should be rare with such mask. Honza -- Jan Kara SUSE Labs, CR