From: ebiederm@xmission.com (Eric W. Biederman)
To: Al Viro <viro@ZenIV.linux.org.uk>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
Miklos Szeredi <miklos@szeredi.hu>,
Maxim Patlasov <mpatlasov@parallels.com>,
Anand Avati <avati@gluster.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Michael j Theall <mtheall@us.ibm.com>,
fuse-devel <fuse-devel@lists.sourceforge.net>,
linux-fsdevel@vger.kernel.org
Subject: Re: [PATCH 0/5] fuse: handle release synchronously (v4)
Date: Sat, 18 Oct 2014 15:44:13 -0700 [thread overview]
Message-ID: <87a94t577m.fsf@x220.int.ebiederm.org> (raw)
In-Reply-To: <20141018182241.GE7996@ZenIV.linux.org.uk> (Al Viro's message of "Sat, 18 Oct 2014 19:22:41 +0100")
Al Viro <viro@ZenIV.linux.org.uk> writes:
> On Sat, Oct 18, 2014 at 08:40:05AM -0700, Linus Torvalds wrote:
>> On Sat, Oct 18, 2014 at 8:35 AM, Linus Torvalds
>> <torvalds@linux-foundation.org> wrote:
>> >
>> > Look around for AIO. Look around for the loop driver. Look around for
>> > a number of things that do "fget()" and that you completely ignored.
>>
>> .. actually, there are more instances of "get_file()" than of
>> "fget()", the aio one just happened to be the latter form. Lots and
>> lots of ways to get ahold of a file descriptor that keeps it open past
>> the "last close".
>
> FWIW, procfs patch touches a very annoying issue: ->show_fdinfo() being
> blocking. I would really like to get rid of that particular get_file()
> and even more so - of get_files_struct() in there.
>
> I certainly agree that anyone who expects that close() means the end of IO
> is completely misguided. Mappings don't disappear on close(), neither does
> a descriptor returned by dup(), or one that child got over fork(),
> or something sent over in SCM_RIGHTS datagram, or, as you suggested, made
> backing store for /dev/loop, etc.
>
> What's more, in the example given upthread, somebody might've spotted that
> file in /proc/<pid>/fd/* and *opened* it. At which point umount would
> have to fail with EBUSY. And the same lsof(8) might've done just that.
>
> It's not a matter of correctness or security, especially since somebody who
> could do that, could've stopped your process, PTRACE_POKEd a fairly short
> series of syscalls that would connect to AF_UNIX socket, send the file
> over to them and clean after itself, then single-stepped through all of that,
> restored the original state and resumed your process.
>
> It is a QoI matter, though. And get_files_struct() in there is a lot more
> annoying than get_file()/fput(). Suppose you catch the process during
> exit(). All of a sudden, read from /proc/<pid>/fdinfo/<n> ends up doing
> shitloads of filp_close(). It would be nice to avoid that.
>
> Folks, how much pain would it be to make ->show_fdinfo() non-blocking?
I took a quick look and there are a couple of instances in tun,
eventpoll, and fanotify/inotify that take a spinlock while traversing
the data that needs to be printed.
So it would take a good hard stare at those pieces of code to understand
the locking, and potentially rewrite those routines.
The only one I am particularly familiar with tun did not look
fundamentally hard to change but it also isn't something I would
casually do either, as it would be easy to introduce nasty races by
accident.
Eric
prev parent reply other threads:[~2014-10-18 22:44 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-25 12:05 [PATCH 0/5] fuse: handle release synchronously (v4) Maxim Patlasov
2014-09-25 12:05 ` [PATCH 1/5] fuse: add FOPEN_SYNC_RELEASE flag to ff->open_flags Maxim Patlasov
2014-09-25 12:05 ` [PATCH 2/5] fuse: cosmetic rework of fuse_send_readpages Maxim Patlasov
2014-09-25 12:06 ` [PATCH 3/5] fuse: wait for end of IO on release Maxim Patlasov
2014-09-25 12:06 ` [PATCH 4/5] fuse: add mount option to disable synchronous release Maxim Patlasov
2014-09-25 12:07 ` [PATCH 5/5] fuse: enable close_wait " Maxim Patlasov
2014-09-26 15:28 ` [PATCH 0/5] fuse: handle release synchronously (v4) Miklos Szeredi
2014-09-30 3:15 ` Miklos Szeredi
2014-09-30 3:55 ` Linus Torvalds
[not found] ` <CAFboF2yhGyjk4e_CHQV5b2WvB-QhsWNyHvFiFG_OM_=3-KArLQ@mail.gmail.com>
2014-09-30 7:43 ` Miklos Szeredi
2014-09-30 18:22 ` Linus Torvalds
2014-09-30 19:04 ` Linus Torvalds
2014-09-30 19:19 ` Miklos Szeredi
2014-09-30 20:44 ` Linus Torvalds
2014-10-01 3:47 ` Miklos Szeredi
2014-10-01 11:28 ` Maxim Patlasov
2014-10-09 8:14 ` Miklos Szeredi
2014-10-16 10:31 ` Maxim Patlasov
2014-10-16 13:43 ` Miklos Szeredi
2014-10-16 13:54 ` Linus Torvalds
2014-10-17 8:55 ` Miklos Szeredi
2014-10-18 15:35 ` Linus Torvalds
2014-10-18 15:40 ` Linus Torvalds
2014-10-18 18:01 ` Miklos Szeredi
2014-10-18 18:24 ` Al Viro
2014-10-18 18:45 ` Al Viro
2014-10-18 18:38 ` Linus Torvalds
2014-10-18 18:22 ` Al Viro
2014-10-18 22:44 ` Eric W. Biederman [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87a94t577m.fsf@x220.int.ebiederm.org \
--to=ebiederm@xmission.com \
--cc=avati@gluster.org \
--cc=fuse-devel@lists.sourceforge.net \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=miklos@szeredi.hu \
--cc=mpatlasov@parallels.com \
--cc=mtheall@us.ibm.com \
--cc=torvalds@linux-foundation.org \
--cc=viro@ZenIV.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.