<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux.git/fs/9p, branch v5.11</title>
<subtitle>Linux kernel source tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/'/>
<entry>
<title>Merge tag '9p-for-5.11-rc1' of git://github.com/martinetd/linux</title>
<updated>2020-12-21T18:28:02+00:00</updated>
<author>
<name>Linus Torvalds</name>
<email>torvalds@linux-foundation.org</email>
</author>
<published>2020-12-21T18:28:02+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=70990afa34fbac03ade78e2ad0ccd418acecfc04'/>
<id>70990afa34fbac03ade78e2ad0ccd418acecfc04</id>
<content type='text'>
Pull 9p update from Dominique Martinet:

 - fix long-standing limitation on open-unlink-fop pattern

 - add refcount to p9_fid (fixes the above and will allow for more
   cleanups and simplifications in the future)

* tag '9p-for-5.11-rc1' of git://github.com/martinetd/linux:
  9p: Remove unnecessary IS_ERR() check
  9p: Uninitialized variable in v9fs_writeback_fid()
  9p: Fix writeback fid incorrectly being attached to dentry
  9p: apply review requests for fid refcounting
  9p: add refcount to p9_fid struct
  fs/9p: search open fids first
  fs/9p: track open fids
  fs/9p: fix create-unlink-getattr idiom
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Pull 9p update from Dominique Martinet:

 - fix long-standing limitation on open-unlink-fop pattern

 - add refcount to p9_fid (fixes the above and will allow for more
   cleanups and simplifications in the future)

* tag '9p-for-5.11-rc1' of git://github.com/martinetd/linux:
  9p: Remove unnecessary IS_ERR() check
  9p: Uninitialized variable in v9fs_writeback_fid()
  9p: Fix writeback fid incorrectly being attached to dentry
  9p: apply review requests for fid refcounting
  9p: add refcount to p9_fid struct
  fs/9p: search open fids first
  fs/9p: track open fids
  fs/9p: fix create-unlink-getattr idiom
</pre>
</div>
</content>
</entry>
<entry>
<title>fs: 9p: add generic splice_write file operation</title>
<updated>2020-12-01T20:40:47+00:00</updated>
<author>
<name>Dominique Martinet</name>
<email>asmadeus@codewreck.org</email>
</author>
<published>2020-12-01T15:09:37+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=960f4f8a4e60da610af73c1264673f71f5a36efd'/>
<id>960f4f8a4e60da610af73c1264673f71f5a36efd</id>
<content type='text'>
The default splice operations got removed recently, add it back to 9p
with iter_file_splice_write like many other filesystems do.

Link: http://lkml.kernel.org/r/1606837496-21717-1-git-send-email-asmadeus@codewreck.org
Fixes: 36e2c7421f02 ("fs: don't allow splice read/write without explicit ops")
Signed-off-by: Dominique Martinet &lt;asmadeus@codewreck.org&gt;
Acked-by: Toke Høiland-Jørgensen &lt;toke@redhat.com&gt;
Reviewed-by: Christoph Hellwig &lt;hch@lst.de&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The default splice operations got removed recently, add it back to 9p
with iter_file_splice_write like many other filesystems do.

Link: http://lkml.kernel.org/r/1606837496-21717-1-git-send-email-asmadeus@codewreck.org
Fixes: 36e2c7421f02 ("fs: don't allow splice read/write without explicit ops")
Signed-off-by: Dominique Martinet &lt;asmadeus@codewreck.org&gt;
Acked-by: Toke Høiland-Jørgensen &lt;toke@redhat.com&gt;
Reviewed-by: Christoph Hellwig &lt;hch@lst.de&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>fs: 9p: add generic splice_read file operations</title>
<updated>2020-12-01T16:53:49+00:00</updated>
<author>
<name>Toke Høiland-Jørgensen</name>
<email>toke@redhat.com</email>
</author>
<published>2020-12-01T13:54:09+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=cf03f316ad20dac16b5adae3f6dedd7d188c7f65'/>
<id>cf03f316ad20dac16b5adae3f6dedd7d188c7f65</id>
<content type='text'>
The v9fs file operations were missing the splice_read operations, which
breaks sendfile() of files on such a filesystem. I discovered this while
trying to load an eBPF program using iproute2 inside a 'virtme' environment
which uses 9pfs for the virtual file system. iproute2 relies on sendfile()
with an AF_ALG socket to hash files, which was erroring out in the virtual
environment.

Since generic_file_splice_read() seems to just implement splice_read in
terms of the read_iter operation, I simply added the generic implementation
to the file operations, which fixed the error I was seeing. A quick grep
indicates that this is what most other file systems do as well.

Link: http://lkml.kernel.org/r/20201201135409.55510-1-toke@redhat.com
Fixes: 36e2c7421f02 ("fs: don't allow splice read/write without explicit ops")
Signed-off-by: Toke Høiland-Jørgensen &lt;toke@redhat.com&gt;
Signed-off-by: Dominique Martinet &lt;asmadeus@codewreck.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The v9fs file operations were missing the splice_read operations, which
breaks sendfile() of files on such a filesystem. I discovered this while
trying to load an eBPF program using iproute2 inside a 'virtme' environment
which uses 9pfs for the virtual file system. iproute2 relies on sendfile()
with an AF_ALG socket to hash files, which was erroring out in the virtual
environment.

Since generic_file_splice_read() seems to just implement splice_read in
terms of the read_iter operation, I simply added the generic implementation
to the file operations, which fixed the error I was seeing. A quick grep
indicates that this is what most other file systems do as well.

Link: http://lkml.kernel.org/r/20201201135409.55510-1-toke@redhat.com
Fixes: 36e2c7421f02 ("fs: don't allow splice read/write without explicit ops")
Signed-off-by: Toke Høiland-Jørgensen &lt;toke@redhat.com&gt;
Signed-off-by: Dominique Martinet &lt;asmadeus@codewreck.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>9p: Remove unnecessary IS_ERR() check</title>
<updated>2020-12-01T07:19:02+00:00</updated>
<author>
<name>Dan Carpenter</name>
<email>dan.carpenter@oracle.com</email>
</author>
<published>2020-12-01T07:04:34+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=cfd1d0f524a87b7d6d14b41a14fa4cbe522cf8cc'/>
<id>cfd1d0f524a87b7d6d14b41a14fa4cbe522cf8cc</id>
<content type='text'>
The "fid" variable can't be an error pointer so there is no need to
check.  The code is slightly cleaner if we move the increment before
the break and remove the NULL check as well.

Signed-off-by: Dan Carpenter &lt;dan.carpenter@oracle.com&gt;
Signed-off-by: Dominique Martinet &lt;asmadeus@codewreck.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The "fid" variable can't be an error pointer so there is no need to
check.  The code is slightly cleaner if we move the increment before
the break and remove the NULL check as well.

Signed-off-by: Dan Carpenter &lt;dan.carpenter@oracle.com&gt;
Signed-off-by: Dominique Martinet &lt;asmadeus@codewreck.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>9p: Uninitialized variable in v9fs_writeback_fid()</title>
<updated>2020-12-01T07:18:57+00:00</updated>
<author>
<name>Dan Carpenter</name>
<email>dan.carpenter@oracle.com</email>
</author>
<published>2020-12-01T07:04:12+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=dfd375864ac1e2ee60ed2d61820697ac01642f80'/>
<id>dfd375864ac1e2ee60ed2d61820697ac01642f80</id>
<content type='text'>
If v9fs_fid_lookup_with_uid() fails then "fid" is not initialized.

The v9fs_fid_lookup_with_uid() can't return NULL.  If it returns an
error pointer then we can still pass that to clone_fid() and it will
return the error pointer back again.

Fixes: 6636b6dcc3db ("9p: add refcount to p9_fid struct")
Signed-off-by: Dan Carpenter &lt;dan.carpenter@oracle.com&gt;
Signed-off-by: Dominique Martinet &lt;asmadeus@codewreck.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
If v9fs_fid_lookup_with_uid() fails then "fid" is not initialized.

The v9fs_fid_lookup_with_uid() can't return NULL.  If it returns an
error pointer then we can still pass that to clone_fid() and it will
return the error pointer back again.

Fixes: 6636b6dcc3db ("9p: add refcount to p9_fid struct")
Signed-off-by: Dan Carpenter &lt;dan.carpenter@oracle.com&gt;
Signed-off-by: Dominique Martinet &lt;asmadeus@codewreck.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>9p: Fix writeback fid incorrectly being attached to dentry</title>
<updated>2020-11-19T16:22:28+00:00</updated>
<author>
<name>Dominique Martinet</name>
<email>asmadeus@codewreck.org</email>
</author>
<published>2020-11-19T14:11:04+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=5bfe97d7382b5c1ec351c59a878e742c9fd73d38'/>
<id>5bfe97d7382b5c1ec351c59a878e742c9fd73d38</id>
<content type='text'>
v9fs_dir_release needs fid-&gt;ilist to have been initialized for filp's
fid, not the inode's writeback fid's.

With refcounting this can be improved on later but this appears to fix
null deref issues.

Link: http://lkml.kernel.org/r/1605802012-31133-3-git-send-email-asmadeus@codewreck.org
Fixes: 6636b6dcc3db ("fs/9p: track open fids")
Signed-off-by: Dominique Martinet &lt;asmadeus@codewreck.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
v9fs_dir_release needs fid-&gt;ilist to have been initialized for filp's
fid, not the inode's writeback fid's.

With refcounting this can be improved on later but this appears to fix
null deref issues.

Link: http://lkml.kernel.org/r/1605802012-31133-3-git-send-email-asmadeus@codewreck.org
Fixes: 6636b6dcc3db ("fs/9p: track open fids")
Signed-off-by: Dominique Martinet &lt;asmadeus@codewreck.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>9p: apply review requests for fid refcounting</title>
<updated>2020-11-19T16:21:34+00:00</updated>
<author>
<name>Dominique Martinet</name>
<email>asmadeus@codewreck.org</email>
</author>
<published>2020-11-03T08:35:57+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=ff5e72ebef41068789c93b0666cebde80cc8bd8c'/>
<id>ff5e72ebef41068789c93b0666cebde80cc8bd8c</id>
<content type='text'>
Fix style issues in parent commit ("apply review requests for fid
refcounting"), no functional change.

Link: http://lkml.kernel.org/r/1605802012-31133-2-git-send-email-asmadeus@codewreck.org
Fixes: 6636b6dcc3db ("9p: add refcount to p9_fid struct")
Signed-off-by: Dominique Martinet &lt;asmadeus@codewreck.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Fix style issues in parent commit ("apply review requests for fid
refcounting"), no functional change.

Link: http://lkml.kernel.org/r/1605802012-31133-2-git-send-email-asmadeus@codewreck.org
Fixes: 6636b6dcc3db ("9p: add refcount to p9_fid struct")
Signed-off-by: Dominique Martinet &lt;asmadeus@codewreck.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>9p: add refcount to p9_fid struct</title>
<updated>2020-11-19T16:20:39+00:00</updated>
<author>
<name>Jianyong Wu</name>
<email>jianyong.wu@arm.com</email>
</author>
<published>2020-09-23T14:11:46+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=6636b6dcc3db2258cd0585b8078c1c225c4b6dde'/>
<id>6636b6dcc3db2258cd0585b8078c1c225c4b6dde</id>
<content type='text'>
Fix race issue in fid contention.

Eric's and Greg's patch offer a mechanism to fix open-unlink-f*syscall
bug in 9p. But there is race issue in fid parallel accesses.
As Greg's patch stores all of fids from opened files into according inode,
so all the lookup fid ops can retrieve fid from inode preferentially. But
there is no mechanism to handle the fid contention issue. For example,
there are two threads get the same fid in the same time and one of them
clunk the fid before the other thread ready to discard the fid. In this
scenario, it will lead to some fatal problems, even kernel core dump.

I introduce a mechanism to fix this race issue. A counter field introduced
into p9_fid struct to store the reference counter to the fid. When a fid
is allocated from the inode or dentry, the counter will increase, and
will decrease at the end of its occupation. It is guaranteed that the
fid won't be clunked before the reference counter go down to 0, then
we can avoid the clunked fid to be used.

tests:
race issue test from the old test case:
for file in {01..50}; do touch f.${file}; done
seq 1 1000 | xargs -n 1 -P 50 -I{} cat f.* &gt; /dev/null

open-unlink-f*syscall test:
I have tested for f*syscall include: ftruncate fstat fchown fchmod faccessat.

Link: http://lkml.kernel.org/r/20200923141146.90046-5-jianyong.wu@arm.com
Fixes: 478ba09edc1f ("fs/9p: search open fids first")
Signed-off-by: Jianyong Wu &lt;jianyong.wu@arm.com&gt;
Signed-off-by: Dominique Martinet &lt;asmadeus@codewreck.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Fix race issue in fid contention.

Eric's and Greg's patch offer a mechanism to fix open-unlink-f*syscall
bug in 9p. But there is race issue in fid parallel accesses.
As Greg's patch stores all of fids from opened files into according inode,
so all the lookup fid ops can retrieve fid from inode preferentially. But
there is no mechanism to handle the fid contention issue. For example,
there are two threads get the same fid in the same time and one of them
clunk the fid before the other thread ready to discard the fid. In this
scenario, it will lead to some fatal problems, even kernel core dump.

I introduce a mechanism to fix this race issue. A counter field introduced
into p9_fid struct to store the reference counter to the fid. When a fid
is allocated from the inode or dentry, the counter will increase, and
will decrease at the end of its occupation. It is guaranteed that the
fid won't be clunked before the reference counter go down to 0, then
we can avoid the clunked fid to be used.

tests:
race issue test from the old test case:
for file in {01..50}; do touch f.${file}; done
seq 1 1000 | xargs -n 1 -P 50 -I{} cat f.* &gt; /dev/null

open-unlink-f*syscall test:
I have tested for f*syscall include: ftruncate fstat fchown fchmod faccessat.

Link: http://lkml.kernel.org/r/20200923141146.90046-5-jianyong.wu@arm.com
Fixes: 478ba09edc1f ("fs/9p: search open fids first")
Signed-off-by: Jianyong Wu &lt;jianyong.wu@arm.com&gt;
Signed-off-by: Dominique Martinet &lt;asmadeus@codewreck.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>fs/9p: search open fids first</title>
<updated>2020-11-03T08:29:56+00:00</updated>
<author>
<name>Greg Kurz</name>
<email>groug@kaod.org</email>
</author>
<published>2020-09-23T14:11:45+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=478ba09edc1f2f2ee27180a06150cb2d1a686f9c'/>
<id>478ba09edc1f2f2ee27180a06150cb2d1a686f9c</id>
<content type='text'>
A previous patch fixed the "create-unlink-getattr" idiom: if getattr is
called on an unlinked file, we try to find an open fid attached to the
corresponding inode.

We have a similar issue with file permissions and setattr:

open("./test.txt", O_RDWR|O_CREAT, 0666) = 4
chmod("./test.txt", 0)                  = 0
truncate("./test.txt", 0)               = -1 EACCES (Permission denied)
ftruncate(4, 0)                         = -1 EACCES (Permission denied)

The failure is expected with truncate() but not with ftruncate().

This happens because the lookup code does find a matching fid in the
dentry list. Unfortunately, this is not an open fid and the server
will be forced to rely on the path name, rather than on an open file
descriptor. This is the case in QEMU: the setattr operation will use
truncate() and fail because of bad write permissions.

This patch changes the logic in the lookup code, so that we consider
open fids first. It gives a chance to the server to match this open
fid to an open file descriptor and use ftruncate() instead of truncate().
This does not change the current behaviour for truncate() and other
path name based syscalls, since file permissions are checked earlier
in the VFS layer.

With this patch, we get:

open("./test.txt", O_RDWR|O_CREAT, 0666) = 4
chmod("./test.txt", 0)                  = 0
truncate("./test.txt", 0)               = -1 EACCES (Permission denied)
ftruncate(4, 0)                         = 0

Link: http://lkml.kernel.org/r/20200923141146.90046-4-jianyong.wu@arm.com
Signed-off-by: Greg Kurz &lt;groug@kaod.org&gt;
Signed-off-by: Jianyong Wu &lt;jianyong.wu@arm.com&gt;
Signed-off-by: Dominique Martinet &lt;asmadeus@codewreck.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
A previous patch fixed the "create-unlink-getattr" idiom: if getattr is
called on an unlinked file, we try to find an open fid attached to the
corresponding inode.

We have a similar issue with file permissions and setattr:

open("./test.txt", O_RDWR|O_CREAT, 0666) = 4
chmod("./test.txt", 0)                  = 0
truncate("./test.txt", 0)               = -1 EACCES (Permission denied)
ftruncate(4, 0)                         = -1 EACCES (Permission denied)

The failure is expected with truncate() but not with ftruncate().

This happens because the lookup code does find a matching fid in the
dentry list. Unfortunately, this is not an open fid and the server
will be forced to rely on the path name, rather than on an open file
descriptor. This is the case in QEMU: the setattr operation will use
truncate() and fail because of bad write permissions.

This patch changes the logic in the lookup code, so that we consider
open fids first. It gives a chance to the server to match this open
fid to an open file descriptor and use ftruncate() instead of truncate().
This does not change the current behaviour for truncate() and other
path name based syscalls, since file permissions are checked earlier
in the VFS layer.

With this patch, we get:

open("./test.txt", O_RDWR|O_CREAT, 0666) = 4
chmod("./test.txt", 0)                  = 0
truncate("./test.txt", 0)               = -1 EACCES (Permission denied)
ftruncate(4, 0)                         = 0

Link: http://lkml.kernel.org/r/20200923141146.90046-4-jianyong.wu@arm.com
Signed-off-by: Greg Kurz &lt;groug@kaod.org&gt;
Signed-off-by: Jianyong Wu &lt;jianyong.wu@arm.com&gt;
Signed-off-by: Dominique Martinet &lt;asmadeus@codewreck.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>fs/9p: track open fids</title>
<updated>2020-11-03T08:29:46+00:00</updated>
<author>
<name>Greg Kurz</name>
<email>gkurz@linux.vnet.ibm.com</email>
</author>
<published>2020-09-23T14:11:44+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=987a64850996db22bbcf2c1d0a051446a343fa2c'/>
<id>987a64850996db22bbcf2c1d0a051446a343fa2c</id>
<content type='text'>
This patch adds accounting of open fids in a list hanging off the i_private
field of the corresponding inode. This allows faster lookups compared to
searching the full 9p client list.

The lookup code is modified accordingly.

Link: http://lkml.kernel.org/r/20200923141146.90046-3-jianyong.wu@arm.com
Signed-off-by: Greg Kurz &lt;gkurz@linux.vnet.ibm.com&gt;
Signed-off-by: Jianyong Wu &lt;jianyong.wu@arm.com&gt;
Signed-off-by: Dominique Martinet &lt;asmadeus@codewreck.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
This patch adds accounting of open fids in a list hanging off the i_private
field of the corresponding inode. This allows faster lookups compared to
searching the full 9p client list.

The lookup code is modified accordingly.

Link: http://lkml.kernel.org/r/20200923141146.90046-3-jianyong.wu@arm.com
Signed-off-by: Greg Kurz &lt;gkurz@linux.vnet.ibm.com&gt;
Signed-off-by: Jianyong Wu &lt;jianyong.wu@arm.com&gt;
Signed-off-by: Dominique Martinet &lt;asmadeus@codewreck.org&gt;
</pre>
</div>
</content>
</entry>
</feed>
