From: "J. Bruce Fields" <bfields@fieldses.org>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: linux-nfs@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-kernel@vger.kernel.org, Al Viro <viro@zeniv.linux.org.uk>
Subject: Re: nfsd changes for 3.5
Date: Thu, 31 May 2012 16:53:00 -0400 [thread overview]
Message-ID: <20120531205300.GG25955@fieldses.org> (raw)
In-Reply-To: <CA+55aFyuHz5Vn8G_kpKgnSStX0s125gwwQij2KXmnhfwaajhkg@mail.gmail.com>
On Thu, May 31, 2012 at 01:17:26PM -0700, Linus Torvalds wrote:
> On Thu, May 31, 2012 at 1:01 PM, J. Bruce Fields <bfields@fieldses.org> wrote:
> >
> > Right. By default it's 90 seconds before we'll give up on the client.
>
> So a slightly buggy client can basically DoS the server by getting a
> delegation and then crashing or something. Everybody else that tries
> to read that directory (not that file) will be dead in the water.
> Definitely not good.
>
> > I hate that too, and originally tried to avoid it with something like:
> >
> > retry:
> > acquire locks
> > lookup inode
> > ret = try_to_break_deleg(inode);
> > if (ret)
> > drop locks
> > really_break_deleg(inode);
> > goto retry;
> > ... do the real work ...
> > drop locks
> >
> > I felt like I was making already complicated code logic like rename's
> > even harder to follow.
>
> I do think it's the only thing we can reasonably do.
OK, I can give that another try. Al, does that sound like the more
sensible choice to you?
Uh, that means ditching some work in my public git tree. Which I
haven't rebased in years. So, a stupid process question; would you
rather I:
- continue to be strict about rebasing and apply a bunch of
reverts?
- ditch it and start over?
#1 looks like a mess to me, so I guess #2's my default. Probably nobody
will notice but me.
> I'd love to have
> some kind of per-dentry lock for unlink/rename, but we don't.
> Long-term, we really do need to do something about the directory
> locking, though, because it's also a huge problem for readdir()
> concurrency. Or at least it used to be (samba in particular). Making
> it an rwsem might help readdir a tiny amount, but I suspect people
> actually depend on the mutex in readdir right now.
Al called this all "highly non-trivial":
http://marc.info/?l=linux-fsdevel&m=132726495726326&w=2
I don't know who'd have the cycles.
--b.
>
> > And those operations don't really know the inode till they acquire the
> > locks, so in pathological cases that could continue forever.
>
> I suspect at some point you just have to say "screw it".
next prev parent reply other threads:[~2012-05-31 20:53 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-05-31 18:24 nfsd changes for 3.5 J. Bruce Fields
2012-05-31 18:24 ` J. Bruce Fields
2012-05-31 18:58 ` Linus Torvalds
2012-05-31 18:58 ` Linus Torvalds
2012-05-31 20:01 ` J. Bruce Fields
2012-05-31 20:01 ` J. Bruce Fields
2012-05-31 20:17 ` Linus Torvalds
2012-05-31 20:17 ` Linus Torvalds
2012-05-31 20:53 ` J. Bruce Fields [this message]
2012-05-31 22:14 ` Linus Torvalds
2012-05-31 22:14 ` Linus Torvalds
2012-06-01 0:56 ` J. Bruce Fields
2012-06-01 11:17 ` J. Bruce Fields
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120531205300.GG25955@fieldses.org \
--to=bfields@fieldses.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.