From: Al Viro <viro@ZenIV.linux.org.uk>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Dave Chinner <david@fromorbit.com>, CAI Qian <caiqian@redhat.com>,
linux-xfs <linux-xfs@vger.kernel.org>,
xfs@oss.sgi.com, Jens Axboe <axboe@kernel.dk>,
Nick Piggin <npiggin@gmail.com>,
linux-fsdevel <linux-fsdevel@vger.kernel.org>
Subject: [PATCH 04/12] splice: lift pipe_lock out of splice_to_pipe()
Date: Sat, 24 Sep 2016 04:59:51 +0100 [thread overview]
Message-ID: <20160924035951.GN2356@ZenIV.linux.org.uk> (raw)
In-Reply-To: <CA+55aFyr-X_6FcWkSXBUcxV0p1BUZw8d=46wawv2x+8y7f8YcQ@mail.gmail.com>
* splice_to_pipe() stops at pipe overflow and does *not* take pipe_lock
* ->splice_read() instances do the same
* vmsplice_to_pipe() and do_splice() (ultimate callers of splice_to_pipe())
arrange for waiting, looping, etc. themselves.
That should make pipe_lock the outermost one.
Unfortunately, existing rules for the amount passed by vmsplice_to_pipe()
and do_splice() are quite ugly _and_ userland code can be easily broken
by changing those. It's not even "no more than the maximal capacity of
this pipe" - it's "once we'd fed pipe->nr_buffers pages into the pipe,
leave instead of waiting".
Considering how poorly these rules are documented, let's try "wait for some
space to appear, unless given SPLICE_F_NONBLOCK, then push into pipe
and if we run into overflow, we are done".
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
---
fs/fuse/dev.c | 2 -
fs/splice.c | 138 +++++++++++++++++++++++++++-------------------------------
2 files changed, 63 insertions(+), 77 deletions(-)
diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c
index a94d2ed..eaf56c6 100644
--- a/fs/fuse/dev.c
+++ b/fs/fuse/dev.c
@@ -1364,7 +1364,6 @@ static ssize_t fuse_dev_splice_read(struct file *in, loff_t *ppos,
goto out;
ret = 0;
- pipe_lock(pipe);
if (!pipe->readers) {
send_sig(SIGPIPE, current, 0);
@@ -1400,7 +1399,6 @@ static ssize_t fuse_dev_splice_read(struct file *in, loff_t *ppos,
}
out_unlock:
- pipe_unlock(pipe);
if (do_wakeup) {
smp_mb();
diff --git a/fs/splice.c b/fs/splice.c
index 31c52e0..02daa61 100644
--- a/fs/splice.c
+++ b/fs/splice.c
@@ -183,79 +183,41 @@ ssize_t splice_to_pipe(struct pipe_inode_info *pipe,
struct splice_pipe_desc *spd)
{
unsigned int spd_pages = spd->nr_pages;
- int ret, do_wakeup, page_nr;
+ int ret = 0, page_nr = 0;
if (!spd_pages)
return 0;
- ret = 0;
- do_wakeup = 0;
- page_nr = 0;
-
- pipe_lock(pipe);
-
- for (;;) {
- if (!pipe->readers) {
- send_sig(SIGPIPE, current, 0);
- if (!ret)
- ret = -EPIPE;
- break;
- }
-
- if (pipe->nrbufs < pipe->buffers) {
- int newbuf = (pipe->curbuf + pipe->nrbufs) & (pipe->buffers - 1);
- struct pipe_buffer *buf = pipe->bufs + newbuf;
-
- buf->page = spd->pages[page_nr];
- buf->offset = spd->partial[page_nr].offset;
- buf->len = spd->partial[page_nr].len;
- buf->private = spd->partial[page_nr].private;
- buf->ops = spd->ops;
- if (spd->flags & SPLICE_F_GIFT)
- buf->flags |= PIPE_BUF_FLAG_GIFT;
-
- pipe->nrbufs++;
- page_nr++;
- ret += buf->len;
-
- if (pipe->files)
- do_wakeup = 1;
+ if (unlikely(!pipe->readers)) {
+ send_sig(SIGPIPE, current, 0);
+ ret = -EPIPE;
+ goto out;
+ }
- if (!--spd->nr_pages)
- break;
- if (pipe->nrbufs < pipe->buffers)
- continue;
+ while (pipe->nrbufs < pipe->buffers) {
+ int newbuf = (pipe->curbuf + pipe->nrbufs) & (pipe->buffers - 1);
+ struct pipe_buffer *buf = pipe->bufs + newbuf;
- break;
- }
+ buf->page = spd->pages[page_nr];
+ buf->offset = spd->partial[page_nr].offset;
+ buf->len = spd->partial[page_nr].len;
+ buf->private = spd->partial[page_nr].private;
+ buf->ops = spd->ops;
+ if (spd->flags & SPLICE_F_GIFT)
+ buf->flags |= PIPE_BUF_FLAG_GIFT;
- if (spd->flags & SPLICE_F_NONBLOCK) {
- if (!ret)
- ret = -EAGAIN;
- break;
- }
+ pipe->nrbufs++;
+ page_nr++;
+ ret += buf->len;
- if (signal_pending(current)) {
- if (!ret)
- ret = -ERESTARTSYS;
+ if (!--spd->nr_pages)
break;
- }
-
- if (do_wakeup) {
- wakeup_pipe_readers(pipe);
- do_wakeup = 0;
- }
-
- pipe->waiting_writers++;
- pipe_wait(pipe);
- pipe->waiting_writers--;
}
- pipe_unlock(pipe);
-
- if (do_wakeup)
- wakeup_pipe_readers(pipe);
+ if (!ret)
+ ret = -EAGAIN;
+out:
while (page_nr < spd_pages)
spd->spd_release(spd, page_nr++);
@@ -1339,6 +1301,20 @@ long do_splice_direct(struct file *in, loff_t *ppos, struct file *out,
}
EXPORT_SYMBOL(do_splice_direct);
+static int wait_for_space(struct pipe_inode_info *pipe, unsigned flags)
+{
+ while (pipe->nrbufs == pipe->buffers) {
+ if (flags & SPLICE_F_NONBLOCK)
+ return -EAGAIN;
+ if (signal_pending(current))
+ return -ERESTARTSYS;
+ pipe->waiting_writers++;
+ pipe_wait(pipe);
+ pipe->waiting_writers--;
+ }
+ return 0;
+}
+
static int splice_pipe_to_pipe(struct pipe_inode_info *ipipe,
struct pipe_inode_info *opipe,
size_t len, unsigned int flags);
@@ -1421,8 +1397,13 @@ static long do_splice(struct file *in, loff_t __user *off_in,
offset = in->f_pos;
}
- ret = do_splice_to(in, &offset, opipe, len, flags);
-
+ pipe_lock(opipe);
+ ret = wait_for_space(opipe, flags);
+ if (!ret)
+ ret = do_splice_to(in, &offset, opipe, len, flags);
+ pipe_unlock(opipe);
+ if (ret > 0)
+ wakeup_pipe_readers(opipe);
if (!off_in)
in->f_pos = offset;
else if (copy_to_user(off_in, &offset, sizeof(loff_t)))
@@ -1434,22 +1415,23 @@ static long do_splice(struct file *in, loff_t __user *off_in,
return -EINVAL;
}
-static int get_iovec_page_array(struct iov_iter *from,
+static int get_iovec_page_array(const struct iov_iter *from,
struct page **pages,
struct partial_page *partial,
unsigned int pipe_buffers)
{
+ struct iov_iter i = *from;
int buffers = 0;
- while (iov_iter_count(from)) {
+ while (iov_iter_count(&i)) {
ssize_t copied;
size_t start;
- copied = iov_iter_get_pages(from, pages + buffers, ~0UL,
+ copied = iov_iter_get_pages(&i, pages + buffers, ~0UL,
pipe_buffers - buffers, &start);
if (copied <= 0)
return buffers ? buffers : copied;
- iov_iter_advance(from, copied);
+ iov_iter_advance(&i, copied);
while (copied) {
int size = min_t(int, copied, PAGE_SIZE - start);
partial[buffers].offset = start;
@@ -1546,14 +1528,20 @@ static long vmsplice_to_pipe(struct file *file, const struct iovec __user *uiov,
return -ENOMEM;
}
- spd.nr_pages = get_iovec_page_array(&from, spd.pages,
- spd.partial,
- spd.nr_pages_max);
- if (spd.nr_pages <= 0)
- ret = spd.nr_pages;
- else
- ret = splice_to_pipe(pipe, &spd);
-
+ pipe_lock(pipe);
+ ret = wait_for_space(pipe, flags);
+ if (!ret) {
+ spd.nr_pages = get_iovec_page_array(&from, spd.pages,
+ spd.partial,
+ spd.nr_pages_max);
+ if (spd.nr_pages <= 0)
+ ret = spd.nr_pages;
+ else
+ ret = splice_to_pipe(pipe, &spd);
+ pipe_unlock(pipe);
+ if (ret > 0)
+ wakeup_pipe_readers(pipe);
+ }
splice_shrink_spd(&spd);
kfree(iov);
return ret;
--
2.9.3
next prev parent reply other threads:[~2016-09-24 3:59 UTC|newest]
Thread overview: 151+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <723420070.1340881.1472835555274.JavaMail.zimbra@redhat.com>
[not found] ` <1832555471.1341372.1472835736236.JavaMail.zimbra@redhat.com>
2016-09-03 0:39 ` xfs_file_splice_read: possible circular locking dependency detected Dave Chinner
2016-09-03 0:57 ` Linus Torvalds
2016-09-03 1:45 ` Al Viro
2016-09-06 23:59 ` Dave Chinner
2016-09-08 20:35 ` Al Viro
2016-09-06 21:53 ` CAI Qian
2016-09-06 23:34 ` Dave Chinner
2016-09-08 15:29 ` CAI Qian
2016-09-08 17:56 ` Al Viro
2016-09-08 18:12 ` Linus Torvalds
2016-09-08 18:18 ` Linus Torvalds
2016-09-08 20:44 ` Al Viro
2016-09-08 20:57 ` Al Viro
2016-09-08 21:23 ` Al Viro
2016-09-08 21:38 ` Dave Chinner
2016-09-08 23:55 ` Al Viro
2016-09-09 1:53 ` Dave Chinner
2016-09-09 2:22 ` Linus Torvalds
2016-09-09 2:26 ` Linus Torvalds
2016-09-09 2:34 ` Al Viro
2016-09-09 2:50 ` Linus Torvalds
2016-09-09 22:19 ` Al Viro
2016-09-10 2:06 ` Linus Torvalds
2016-09-14 3:16 ` Al Viro
2016-09-14 3:39 ` Nicholas Piggin
2016-09-14 4:01 ` Linus Torvalds
2016-09-18 5:33 ` Al Viro
2016-09-19 3:08 ` Nicholas Piggin
2016-09-19 6:11 ` Al Viro
2016-09-19 7:26 ` Nicholas Piggin
2016-09-14 3:49 ` Linus Torvalds
2016-09-14 4:26 ` Al Viro
2016-09-17 8:20 ` Al Viro
2016-09-17 19:00 ` Al Viro
2016-09-17 20:15 ` Linus Torvalds
2016-09-18 19:31 ` skb_splice_bits() and large chunks in pipe (was " Al Viro
2016-09-18 20:12 ` Linus Torvalds
2016-09-18 22:31 ` Al Viro
2016-09-19 0:18 ` Linus Torvalds
2016-09-19 0:22 ` Al Viro
2016-09-20 9:51 ` Herbert Xu
2016-09-23 19:00 ` [RFC][CFT] splice_read reworked Al Viro
2016-09-23 19:01 ` [PATCH 01/11] fix memory leaks in tracing_buffers_splice_read() Al Viro
2016-09-23 19:02 ` [PATCH 02/11] splice_to_pipe(): don't open-code wakeup_pipe_readers() Al Viro
2016-09-23 19:02 ` [PATCH 03/11] splice: switch get_iovec_page_array() to iov_iter Al Viro
2016-09-23 19:02 ` Al Viro
2016-09-23 19:03 ` [PATCH 04/11] splice: lift pipe_lock out of splice_to_pipe() Al Viro
2016-09-23 19:45 ` Linus Torvalds
2016-09-23 20:10 ` Al Viro
2016-09-23 20:36 ` Linus Torvalds
2016-09-24 3:59 ` Al Viro
2016-09-24 17:29 ` Al Viro
2016-09-27 15:38 ` Nicholas Piggin
2016-09-27 15:53 ` Chuck Lever
2016-09-27 15:53 ` Chuck Lever
2016-09-24 3:59 ` Al Viro [this message]
2016-09-26 13:35 ` [PATCH 04/12] " Miklos Szeredi
2016-09-26 13:35 ` Miklos Szeredi
2016-09-27 4:14 ` Al Viro
2016-09-27 4:14 ` Al Viro
2016-12-17 19:54 ` Andreas Schwab
2016-12-18 19:28 ` Linus Torvalds
2016-12-18 19:57 ` Andreas Schwab
2016-12-18 20:12 ` Al Viro
2016-12-18 20:30 ` Al Viro
2016-12-18 22:10 ` Linus Torvalds
2016-12-18 22:18 ` Al Viro
2016-12-18 22:22 ` Linus Torvalds
2016-12-18 22:49 ` Andreas Schwab
2016-12-21 18:56 ` Andreas Schwab
2016-12-21 19:12 ` Linus Torvalds
2016-09-24 4:00 ` [PATCH 06/12] new helper: add_to_pipe() Al Viro
2016-09-26 13:49 ` Miklos Szeredi
2016-09-24 4:01 ` [PATCH 10/12] new iov_iter flavour: pipe-backed Al Viro
2016-09-29 20:53 ` Miklos Szeredi
2016-09-29 22:50 ` Al Viro
2016-09-29 22:50 ` Al Viro
2016-09-30 7:30 ` Miklos Szeredi
2016-10-03 3:34 ` [RFC] O_DIRECT vs EFAULT (was Re: [PATCH 10/12] new iov_iter flavour: pipe-backed) Al Viro
2016-10-03 17:07 ` Linus Torvalds
2016-10-03 18:54 ` Al Viro
2016-09-24 4:01 ` [PATCH 11/12] switch generic_file_splice_read() to use of ->read_iter() Al Viro
2016-09-24 4:02 ` [PATCH 12/12] switch default_file_splice_read() to use of pipe-backed iov_iter Al Viro
2016-09-23 19:03 ` [PATCH 05/11] skb_splice_bits(): get rid of callback Al Viro
2016-09-23 19:03 ` Al Viro
2016-09-23 19:04 ` [PATCH 06/11] new helper: add_to_pipe() Al Viro
2016-09-23 19:04 ` [PATCH 07/11] fuse_dev_splice_read(): switch to add_to_pipe() Al Viro
2016-09-23 19:06 ` [PATCH 08/11] cifs: don't use memcpy() to copy struct iov_iter Al Viro
2016-09-23 19:08 ` [PATCH 09/11] fuse_ioctl_copy_user(): don't open-code copy_page_{to,from}_iter() Al Viro
2016-09-26 9:31 ` Miklos Szeredi
2016-09-23 19:09 ` [PATCH 10/11] new iov_iter flavour: pipe-backed Al Viro
2016-09-23 19:10 ` [PATCH 11/11] switch generic_file_splice_read() to use of ->read_iter() Al Viro
2016-09-30 13:32 ` [RFC][CFT] splice_read reworked CAI Qian
2016-09-30 17:42 ` CAI Qian
2016-09-30 18:33 ` CAI Qian
2016-09-30 18:33 ` CAI Qian
2016-10-03 1:37 ` Al Viro
2016-10-03 17:49 ` CAI Qian
2016-10-04 17:39 ` local DoS - systemd hang or timeout (WAS: Re: [RFC][CFT] splice_read reworked) CAI Qian
2016-10-04 21:42 ` tj
2016-10-05 14:09 ` CAI Qian
2016-10-05 15:30 ` tj
2016-10-05 15:54 ` CAI Qian
2016-10-05 18:57 ` CAI Qian
2016-10-05 20:05 ` Al Viro
2016-10-06 12:20 ` CAI Qian
2016-10-06 12:25 ` CAI Qian
2016-10-06 16:11 ` CAI Qian
2016-10-06 17:00 ` Linus Torvalds
2016-10-06 18:12 ` CAI Qian
2016-10-07 9:57 ` Dave Chinner
2016-10-07 15:25 ` Linus Torvalds
2016-10-07 7:08 ` Jan Kara
2016-10-07 14:43 ` CAI Qian
2016-10-07 15:27 ` CAI Qian
2016-10-07 18:56 ` CAI Qian
2016-10-09 21:54 ` Dave Chinner
2016-10-10 14:10 ` CAI Qian
2016-10-10 20:14 ` CAI Qian
2016-10-10 21:57 ` Dave Chinner
2016-10-12 19:50 ` [bisected] " CAI Qian
2016-10-12 20:59 ` Dave Chinner
2016-10-13 16:25 ` CAI Qian
2016-10-13 20:49 ` Dave Chinner
2016-10-13 20:56 ` CAI Qian
2016-10-09 21:51 ` Dave Chinner
2016-10-21 15:38 ` [4.9-rc1+] overlayfs lockdep CAI Qian
2016-10-24 12:57 ` Miklos Szeredi
2016-10-07 9:27 ` local DoS - systemd hang or timeout (WAS: Re: [RFC][CFT] splice_read reworked) Dave Chinner
2016-10-27 12:52 ` local DoS - systemd hang or timeout with cgroup traces CAI Qian
2016-10-03 1:42 ` [RFC][CFT] splice_read reworked Al Viro
2016-10-03 14:06 ` CAI Qian
2016-10-03 15:20 ` CAI Qian
2016-10-03 21:12 ` Dave Chinner
2016-10-04 13:57 ` CAI Qian
2016-10-03 20:32 ` CAI Qian
2016-10-03 20:35 ` Al Viro
2016-10-04 13:29 ` CAI Qian
2016-10-04 14:28 ` Al Viro
2016-10-04 16:21 ` CAI Qian
2016-10-04 20:12 ` Al Viro
2016-10-05 14:30 ` CAI Qian
2016-10-05 16:07 ` Al Viro
2016-09-09 2:31 ` xfs_file_splice_read: possible circular locking dependency detected Al Viro
2016-09-09 2:39 ` Linus Torvalds
2016-09-09 2:26 ` Al Viro
2016-09-09 2:19 ` Al Viro
2016-09-08 18:01 ` Linus Torvalds
2016-09-08 20:39 ` CAI Qian
2016-09-08 21:19 ` Dave Chinner
2016-09-08 21:30 ` Al Viro
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160924035951.GN2356@ZenIV.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=axboe@kernel.dk \
--cc=caiqian@redhat.com \
--cc=david@fromorbit.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-xfs@vger.kernel.org \
--cc=npiggin@gmail.com \
--cc=torvalds@linux-foundation.org \
--cc=xfs@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.