summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2026-06-15fuse: set ff->flock only on successZhang Tianci
If FUSE_SETLK fails (e.g., due to EWOULDBLOCK), we shall not set FUSE_RELEASE_FLOCK_UNLOCK in fuse_file_release(). Reported-by: Li Yichao <liyichao.1@bytedance.com> Signed-off-by: Zhang Tianci <zhangtianci.1997@bytedance.com> Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: clean up interrupt readingJoanne Koong
Clean up interrupt reading logic. Remove passing the pointer to the fuse request as an arg and make the header initializations more readable. Signed-off-by: Joanne Koong <joannelkoong@gmail.com> Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: remove stray newline in fuse_dev_do_read()Joanne Koong
Remove stray newline that shouldn't be there. Signed-off-by: Joanne Koong <joannelkoong@gmail.com> Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: use READ_ONCE in fuse_chan_num_background()Li Wang
fuse_chan_num_background() is called without holding fch->bg_lock (for example from fuse_writepages() to compare against fc->congestion_threshold), while fch->num_background is updated under bg_lock in dev.c and dev_uring.c. This is the same locked-write/lockless-read pattern already used for max_background in fuse_chan_max_background(). Use READ_ONCE() on the read side so that: - The compiler does not cache or coalesce loads of a value that may change concurrently on another CPU. - Prevent KCSAN from reporting an unexpected race. Signed-off-by: Li Wang <liwang@kylinos.cn> Fixes: 670d21c6e17f ("fuse: remove reliance on bdi congestion") Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: dax: Move long delayed work on system_dfl_long_wqMarco Crivellari
Currently the code enqueue work items using {queue|mod}_delayed_work(), using system_long_wq. This workqueue should be used when long works are expected and it is a per-cpu workqueue. The function(s) end up calling __queue_delayed_work(), which set a global timer that could fire anywhere, enqueuing the work where the timer fired. Unbound works could benefit from scheduler task placement, to optimize performance and power consumption. Long work shouldn't stick to a single CPU. Recently, a new unbound workqueue specific for long running work has been added: c116737e972e ("workqueue: Add system_dfl_long_wq for long unbound works") Since the workqueue work doesn't rely on per-cpu variables, there is no obvious reason that justify the use of a per-cpu workqueue. So change system_long_wq with system_dfl_long_wq so that the work may benefit from scheduler task placement. Signed-off-by: Marco Crivellari <marco.crivellari@suse.com> Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: add fuse_request_sent tracepointAmir Goldstein
This new tracepoint complements fuse_request_send (enqueue) and fuse_request_end (completion). It fires after the request has been successfully copied to the daemon's buffer, just before the daemon can start to process it. fuse_request_sent does not fire if the copy of the request fails. It also does not fire for NOTIFY_REPLY, which fires the _end tracepoint at the end of copy. This is needed for tools tracking the in-flight state of user initiated fuse requests. Signed-off-by: Amir Goldstein <amir73il@gmail.com> Reviewed-by: Joanne Koong <joannelkoong@gmail.com> Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: Add SPDX ID lines to some filesTim Bird
Some fuse source files are missing SPDX-License-Identifier lines. Add appropriate IDs to these files, and remove old license references from the headers. Signed-off-by: Tim Bird <tim.bird@sony.com> Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: use QSTR() instead of QSTR_INIT() in fuse_get_dentryThorsten Blum
Drop the hard-coded length argument and use the simpler QSTR(). Inline the code and drop the local variable. Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev> Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: convert page array allocation to kcalloc()William Theesfeld
fuse_get_user_pages() allocates the temporary pages[] array used by iov_iter_extract_pages() with the open-coded kzalloc(n * sizeof(*p), ...) form. max_pages is derived from the inbound iov_iter and is not bounded at compile time, so the multiplication can overflow on sufficiently large iter counts; the resulting too-small allocation would then be written past by iov_iter_extract_pages(). Switch to kcalloc(), which carries the same zero-on-allocation semantics and adds the standard size_mul overflow check. No functional change for non-overflow inputs. Signed-off-by: William Theesfeld <william@theesfeld.net> Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: use current creds for backing filesGuoHan Zhao
FUSE backing files only need a stable snapshot of the current credentials for later backing-file I/O. prepare_creds() allocates a mutable copy and can fail, but this code never modifies or commits the result. Use get_current_cred() instead and store it as a const pointer. This matches the rest of the backing-file helpers and avoids an unnecessary allocation and failure path. Signed-off-by: GuoHan Zhao <zhaoguohan@kylinos.cn> Reviewed-by: Amir Goldstein <amir73il@gmail.com> Acked-by: Christian Brauner <brauner@kernel.org> Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: expand MAINTAINERS with subsystem info, update mailing listMiklos Szeredi
- Bernd and Joanne are maintainers for fuse-uring - Amir is maintainer for passthrough - mailing list is now officially <fuse-devel@lists.linux.dev> - change status of fuse-core to be "Supported" Reviewed-by: Bernd Schubert <bernd@bsbernd.com> Reviewed-by: Joanne Koong <joannelkoong@gmail.com> Reviewed-by: Amir Goldstein <amir73il@gmail.com> Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: remove redundant buffer size checks for interrupt and forget requestsJoanne Koong
In fuse_dev_do_read(), there is already logic that ensures the buffer is a minimum of at least FUSE_MIN_READ_BUFFER (8k) bytes. This makes the buffer size checks for interrupt and forget requests redundant as sizeof(struct fuse_in_header) + sizeof(struct fuse_interrupt_in) and sizeof(struct fuse_in_header) + sizeof(struct fuse_forget_in) are both less than FUSE_MIN_READ_BUFFER. We can get rid of these checks. Signed-off-by: Joanne Koong <joannelkoong@gmail.com> Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: drop redundant check in fuse_sync_bucket_alloc()Li Wang
kzalloc_obj with __GFP_NOFAIL is documented to never return failure, and checking for NULL is redundant (__GFP_NOFAIL in gfp_types.h). Signed-off-by: Li Wang <liwang@kylinos.cn> Reviewed-by: Joanne Koong <joannelkoong@gmail.com> Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: reduce attributes invalidated on directory changeKonrad Sztyber
When the contents of a directory is modified, some of its attributes may also change, so they need to be invalidated. But this isn't the case for every attribute. For instance, unlinking or creating a file doesn't change the uid/gid of its parent directory. This can cause unnecessary FUSE_GETATTRs to be sent to user-space. For example, fuse_permission() checks if mode, uid, and gid are valid and will issue a FUSE_GETATTR if they're not, which results in an extra FUSE_GETATTR request for every FUSE_UNLINK when removing files in the same directory. Signed-off-by: Konrad Sztyber <ksztyber@nvidia.com> Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: drop redundant err assignment in fuse_create_open()Li Wang
In fuse_create_open(), err is initialized to -ENOMEM immediately before the fuse_alloc_forget() NULL check. If forget allocation fails, it branches to out_err with that value. If it succeeds, it falls through without modifying err, so err is still -ENOMEM at the point where fuse_file_alloc() is called. The second err = -ENOMEM before fuse_file_alloc() therefore is redundant. Signed-off-by: Li Wang <liwang@kylinos.cn> Reviewed-by: Joanne Koong <joannelkoong@gmail.com> Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: fuse_i.h: clean up kernel-doc commentsRandy Dunlap
Convert many comments to kernel-doc format to eliminate around 20 kernel-doc warnings like these: Warning: fs/fuse/fuse_i.h:374 This comment starts with '/**', but isn't a kernel-doc comment. Refer to Documentation/doc-guide/kernel-doc.rst * A Fuse connection. Warning: fs/fuse/fuse_i.h:817 This comment starts with '/**', but isn't a kernel-doc comment. Refer to Documentation/doc-guide/kernel-doc.rst * Get a filled in inode Warning: fs/fuse/fuse_i.h:859 This comment starts with '/**', but isn't a kernel-doc comment. Refer to Documentation/doc-guide/kernel-doc.rst * Send RELEASE or RELEASEDIR request and more like this. Also add struct member and function parameter descriptions to avoid these warnings: Warning: fs/fuse/fuse_i.h:1071 struct member 'epoch_work' not described in 'fuse_conn' Warning: fs/fuse/fuse_i.h:1071 struct member 'rcu' not described in 'fuse_conn' Warning: fs/fuse/fuse_i.h:1423 function parameter 'fc' not described in 'fuse_reverse_inval_inode' Warning: fs/fuse/fuse_i.h:1423 function parameter 'nodeid' not described in 'fuse_reverse_inval_inode' Warning: fs/fuse/fuse_i.h:1423 function parameter 'offset' not described in 'fuse_reverse_inval_inode' Warning: fs/fuse/fuse_i.h:1423 function parameter 'len' not described in 'fuse_reverse_inval_inode' Warning: fs/fuse/fuse_i.h:1436 function parameter 'fc' not described in 'fuse_reverse_inval_entry' Warning: fs/fuse/fuse_i.h:1436 function parameter 'parent_nodeid' not described in 'fuse_reverse_inval_entry' Warning: fs/fuse/fuse_i.h:1436 function parameter 'child_nodeid' not described in 'fuse_reverse_inval_entry' Warning: fs/fuse/fuse_i.h:1436 function parameter 'name' not described in 'fuse_reverse_inval_entry' Warning: fs/fuse/fuse_i.h:1436 function parameter 'flags' not described in 'fuse_reverse_inval_entry' Convert struct fuse_file, struct fuse_submount_lookup, struct fuse_inode, and struct fuse_conn to kernel-doc. Convert these to plain comments: Warning: fs/fuse/fuse_i.h:1423 expecting prototype for File(). Prototype was for fuse_reverse_inval_inode() instead Warning: fs/fuse/fuse_i.h:1436 expecting prototype for File(). Prototype was for fuse_reverse_inval_entry() instead Change some "/**" to "/*" since they are not kernel-doc comments. The changes above fix most kernel-doc warnings in this file but these warnings are not fixed and still remain: Warning: fs/fuse/fuse_i.h:1428 No description found for return value of 'fuse_fill_super_common' Warning: fs/fuse/fuse_i.h:1455 No description found for return value of 'fuse_ctl_add_conn' Binary build output is the same before and after these changes. Signed-off-by: Randy Dunlap <rdunlap@infradead.org> Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: fuse_dev_i.h: clean up kernel-doc warningsRandy Dunlap
Change some "/**" to "/*" since they are not kernel-doc comments: Warning: fs/fuse/fuse_dev_i.h:25 This comment starts with '/**', but isn't a kernel-doc comment. Refer to Documentation/doc-guide/kernel-doc.rst * Request flags Warning: fs/fuse/fuse_dev_i.h:58 This comment starts with '/**', but isn't a kernel-doc comment. Refer to Documentation/doc-guide/kernel-doc.rst * A request to the client Warning: fs/fuse/fuse_dev_i.h:117 This comment starts with '/**', but isn't a kernel-doc comment. Refer to Documentation/doc-guide/kernel-doc.rst * Input queue callbacks Warning: fs/fuse/fuse_dev_i.h:289 This comment starts with '/**', but isn't a kernel-doc comment. Refer to Documentation/doc-guide/kernel-doc.rst * Fuse device instance and more like this. Convert enum fuse_req_flag to kernel-doc format. Convert struct fuse_req, struct fuse_iqueue_ops, and struct fuse_dev to kernel-doc format. These warnings remain: Warning: fs/fuse/fuse_dev_i.h:115 struct member 'ring_entry' not described in 'fuse_req' Warning: fs/fuse/fuse_dev_i.h:115 struct member 'ring_queue' not described in 'fuse_req' Binary build output is the same before and after these changes. Signed-off-by: Randy Dunlap <rdunlap@infradead.org> Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse-uring: drop kernel-doc notation for a commentRandy Dunlap
Use regular C comment syntax for a non-kernel-doc comment to avoid a kernel-doc warning: Warning: fs/fuse/dev_uring_i.h:104 This comment starts with '/**', but isn't a kernel-doc comment. * Describes if uring is for communication and holds alls the data needed Binary build output is the same before and after this change. Signed-off-by: Randy Dunlap <rdunlap@infradead.org> Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: simplify fuse_dev_ioctl_clone()Miklos Szeredi
Don't need to check if the new device file is already initialized, since fuse_dev_install_with_pq() will do that anyway. Make fuse_dev_install_with_pq() return a boolean value indicating success so that fuse_dev_ioctl_clone() can return an error in case of failure. Move aborting the connection (setting fc->connected to zero) to fuse_dev_install(), because it is not needed when the clone ioctl fails. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: alloc pqueue before installing fch in fuse_devMiklos Szeredi
Prior to this patchset, fuse_dev (containing fuse_pqueue) was allocated on mount. But now fuse_dev is allocated when opening /dev/fuse, even though the queues are not needed at that time. Delay allocation of the pqueue (4k worth of list_head) just before mounting or cloning a device. Various distributions (e.g. Debian/Fedora) configure /dev/fuse as world writable, so the pqueue allocation should be deferred to a privileged operation (mount) to prevent unprivileged userspace from consuming pinned kernel memory. [Li Wang: fix kernel NULL pointer dereference in fuse_uring_add_to_pq()] [Fix race in fuse_dev_release()] Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: remove #include "fuse_i.h" from dev.c and dev_uring.cMiklos Szeredi
Move a couple of function declarations from fuse_i.h to dev.h and fuse_dev_i.h. Add fuse_conn_get_id() helper that retrieves the connection ID (s_dev) from fuse_conn. With the exception of cuse.c, virtio_fs.c and trace.c source files now either include fuse_i.h or fuse_dev_i/dev_uring_i.h but not both. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: change ring->fc to ring->chanMiklos Szeredi
Store pointer to struct fuse_chan instead of struct fuse_conn in fuse_ring. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: remove fuse_mutex protection from fuse_dev_ioctl_sync_init()Miklos Szeredi
In normal use ioctl(FUSE_DEV_IOC_SYNC_INIT) comes before the mount() or fsconfig() syscalls, they are executed strictly serially. If ioctl and mount are performed in parallel, the behavior is nondeterministic. Removing the mutex does not change this. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: set params in fuse_chan_set_initialized()Miklos Szeredi
Set minor, max_write and max_pages in the fuse_chan. These match the same fields in fuse_conn but are needed in both layers. [Dongyang Jin: Pointers should use NULL instead of explicit '0'] Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: create notify.cMiklos Szeredi
Move FUSE_NOTIFY_* handling into a separate source file. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: create poll.cMiklos Szeredi
Move f_op->poll related functions to the new source file. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: change fud->fc to fud->chanMiklos Szeredi
Store pointer to struct fuse_chan instead of struct fuse_conn in fuse_dev. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: split out filesystem part of request sendingMiklos Szeredi
Create a new source file: req.c and add the request sending entry functions: __fuse_simple_request() fuse_simple_background() fuse_simple_notify_reply() Introduce transport layer sending functions that are called by the respective fs layer function: fuse_chan_send() fuse_chan_send_bg() fuse_chan_send_notify_reply() Move calculation of request header fields uid, gid and pid from fuse_get_req() and fuse_force_creads() to a new helper: fuse_fill_creds(). These fileds are now passed to the transport layer via struct fuse_args. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: change req->fm to req->chanMiklos Szeredi
Store a struct fuse_chan pointer in fuse_req instead of a struct fuse_mount pointer. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: remove fm arg of args->end callbackMiklos Szeredi
Only used by FUSE_INIT and CUSE_INIT, these can store the relevant pointer in their structs derived from fuse_args. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: split off fuse_args and related definitions into a separate headerMiklos Szeredi
This is going to be used by both layers (transport and filesystem) Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: abort related layering cleanupMiklos Szeredi
- rename fuse_abort_conn() to fuse_chan_abort(), pass fuse_chan pointer instead of fuse_conn - pass an abort_with_err argument that tells fuse_dev_(read|write) to return with ECONNABORTED instead of ENODEV - move fc->aborted to fch->abort_with_err - rename fuse_wait_aborted() to fuse_chan_wait_aborted() Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: remove #include "fuse_i.h" from "req_timeout.c"Miklos Szeredi
Just need to move fuse_abort_conn(). Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: remove #include "fuse_i.h" from "dev_uring_i.h"Miklos Szeredi
Start getting rid of fs layer stuff from transport layer files. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: move fuse_dev_waitq to dev.cMiklos Szeredi
Move wake_up_all(&fuse_dev_waitq) into fuse_dev_install() where it logically belongs. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: move forget related struct and helpersMiklos Szeredi
Move: - struct fuse_forget_link to fuse_dev_i.h - fuse_alloc_forget() to dev.c/dev.h Rename: - fuse_queue_forget -> fuse_chan_queue_forget Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: don't access transport layer structs directly from the fs layerMiklos Szeredi
Add helpers (get and set functions mainly) that cleanly separate the layers. Remove #include "fuse_dev_i.h" from: - inode.c - file.c - control.c Remove #include "dev_uring_i.h" from inode.c. [Li Wang: drop redundant initializer in process_init_limits()] Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: move struct fuse_req and related to fuse_dev_i.hMiklos Szeredi
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: move request timeout to fuse_chanMiklos Szeredi
Move: - timeout Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: add back pointer from fuse_chan to fuse_connMiklos Szeredi
Will be needed by callbacks from the transport layer to the fs layer. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: split off fch->lock from fc->lockMiklos Szeredi
And document which members they protect. end_polls() is called with both, outer fch->lock is probably unnecessary, but doesn't hurt for now. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: move interrupt related members to fuse_chanMiklos Szeredi
Move: - no_interrupt Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: move io_uring related members to fuse_chanMiklos Szeredi
Move: - io_uring - ring Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: move request blocking related members to fuse_chanMiklos Szeredi
Move: - initialized - blocked - blocked_waitq - connected - num_waiting Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: move background queuing related members to fuse_chanMiklos Szeredi
Move: - max_background - num_background - active_background - bg_queue - bg_lock Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: move 'devices' member from fuse_conn to fuse_chanMiklos Szeredi
This belongs in the transport layer. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: move fuse_dev and fuse_pqueue to dev.cMiklos Szeredi
Move function definitions to dev.c, struct definitions to fuse_dev_i.h. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: move fuse_iqueue to fuse_chanMiklos Szeredi
Move the 'fiq' member from fuse_conn to fuse_chan. Move iqueue related structure definitions and function declarations from "fuse_i.h" to "fuse_dev_i.h". Add a fuse_dev_chan_new() helper, that returns a fuse_chan initialized with the fuse_dev_fiq_ops. Add a fuse_chan_release() function, that calls fiq->ops->release(). Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: add struct fuse_chanMiklos Szeredi
The goal is to separate transport layer stuff out from struct fuse_conn, leaving just the filesystem related members. Add a new object referenced from fuse_conn. This patch just implements the allocation and freeing of this object. Following patches will move transport related members from fuse_conn to fuse_chan. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2026-06-15fuse: move request timeout code to a new source fileMiklos Szeredi
This marks the first step in cleanly separating the transport layer from the filesystem layer. Add "dev.h", which will contain the interface definition for the transport layer. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>