From: Alessio Balsini <balsini@android.com>
To: Peng Tao <bergwolf@gmail.com>
Cc: Alessio Balsini <balsini@android.com>,
Miklos Szeredi <miklos@szeredi.hu>,
Akilesh Kailash <akailash@google.com>,
Amir Goldstein <amir73il@gmail.com>,
Antonio SJ Musumeci <trapexit@spawn.link>,
David Anderson <dvander@google.com>,
Giuseppe Scrivano <gscrivan@redhat.com>,
Jann Horn <jannh@google.com>, Jens Axboe <axboe@kernel.dk>,
Martijn Coenen <maco@android.com>,
Palmer Dabbelt <palmer@dabbelt.com>,
Paul Lawrence <paullawrence@google.com>,
Stefano Duo <duostefano93@gmail.com>,
Zimuzo Ezeozue <zezeozue@google.com>,
fuse-devel@lists.sourceforge.net, kernel-team@android.com,
"linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH V10 2/5] fuse: Passthrough initialization and release
Date: Wed, 16 Dec 2020 16:46:44 +0000 [thread overview]
Message-ID: <X9o59AFDwfBvVK4u@google.com> (raw)
In-Reply-To: <CA+a=Yy6S9spMLr9BqyO1qvU52iAAXU3i9eVtb81SnrzjkCwO5Q@mail.gmail.com>
Hi Tao,
On Sat, Nov 28, 2020 at 09:57:31AM +0800, Peng Tao wrote:
> On Fri, Nov 27, 2020 at 9:41 PM Alessio Balsini <balsini@android.com> wrote:
> >
> > Hi Peng,
> >
> > Thanks for the heads up!
> >
> > On Thu, Nov 26, 2020 at 09:33:34PM +0800, Peng Tao wrote:
> > > On Tue, Oct 27, 2020 at 12:19 AM Alessio Balsini <balsini@android.com> wrote:
> > > > [...]
> > > > int fuse_passthrough_setup(struct fuse_conn *fc, struct fuse_file *ff,
> > > > struct fuse_open_out *openarg)
> > > > {
> > > > - return -EINVAL;
> > > > + struct inode *passthrough_inode;
> > > > + struct super_block *passthrough_sb;
> > > > + struct fuse_passthrough *passthrough;
> > > > + int passthrough_fh = openarg->passthrough_fh;
> > > > +
> > > > + if (!fc->passthrough)
> > > > + return -EPERM;
> > > > +
> > > > + /* Default case, passthrough is not requested */
> > > > + if (passthrough_fh <= 0)
> > > > + return -EINVAL;
> > > > +
> > > > + spin_lock(&fc->passthrough_req_lock);
> > > > + passthrough = idr_remove(&fc->passthrough_req, passthrough_fh);
> > > > + spin_unlock(&fc->passthrough_req_lock);
> > > > +
> > > > + if (!passthrough)
> > > > + return -EINVAL;
> > > > +
> > > > + passthrough_inode = file_inode(passthrough->filp);
> > > > + passthrough_sb = passthrough_inode->i_sb;
> > > > + if (passthrough_sb->s_stack_depth >= FILESYSTEM_MAX_STACK_DEPTH) {
> > > Hi Alessio,
> > >
> > > passthrough_sb is the underlying filesystem superblock, right? It
> > > seems to prevent fuse passthrough fs from stacking on another fully
> > > stacked file system, instead of preventing other file systems from
> > > stacking on this fuse passthrough file system. Am I misunderstanding
> > > it?
> >
> > Correct, this checks the stacking depth on the lower filesystem.
> > This is an intended behavior to avoid the stacking of multiple FUSE
> > passthrough filesystems, and works because when a FUSE connection has
> > the passthrough feature activated, the file system updates its
> > s_stack_depth to FILESYSTEM_MAX_STACK_DEPTH in process_init_reply()
> > (PATCH 1/5), avoiding further stacking.
> >
> > Do you see issues with that?
> I'm considering a use case where a fuse passthrough file system is
> stacked on top of an overlayfs and/or an ecryptfs. The underlying
> s_stack_depth FILESYSTEM_MAX_STACK_DEPTH is rejected here so it is
> possible to have an overlayfs or an ecryptfs underneath but not both
> (with current FILESYSTEM_MAX_STACK_DEPTH being 2). How about changing
> passthrough fuse sb s_stack_depth to FILESYSTEM_MAX_STACK_DEPTH + 1 in
> PATCH 1/5, and allow passthrough_sb->s_stack_depth to be
> FILESYSTEM_MAX_STACK_DEPTH here? So that existing kernel stacking file
> system setups can all work as the underlying file system, while the
> stacking of multiple FUSE passthrough filesystems is still blocked.
>
Sounds like a good idea, I'll think about it a bit more and if
everything's all right I'll post the new patchset.
> >
> > What I'm now thinking is that fuse_passthrough_open would probably be a
> > better place for this check, so that the ioctl() would fail and the user
> > space daemon may decide to skip passthrough and use legacy FUSE access
> > for that file (or, at least, be aware that something went wrong).
> >
> +1, fuse_passthrough_open seems to be a better place for the check.
>
> > A more aggressive approach would be instead to move the stacking depth
> > check to fuse_fill_super_common, where we can update s_stack_depth to
> > lower-fs depth+1 and fail if passthrough is active and s_stack_depth is
> > greater than FILESYSTEM_MAX_STACK_DEPTH.
> >
> The lower layer files/directories might actually spread on different
> file systems. I'm not sure if s_stack_depth check is still possible at
> mount time. Even if we can calculate the substree s_stack_depth, it is
> still more flexible to determine on a per inode basis, right?
>
> Cheers,
> Tao
> --
> Into Sth. Rich & Strange
Fair enough. The per-inode check is definitely the right way to proceed.
Thanks a lot for you feedback!
Alessio
next prev parent reply other threads:[~2020-12-16 16:47 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-26 12:50 [PATCH V10 0/5] fuse: Add support for passthrough read/write Alessio Balsini
2020-10-26 12:50 ` [PATCH V10 1/5] fuse: Definitions and ioctl() for passthrough Alessio Balsini
2020-10-26 12:50 ` [PATCH V10 2/5] fuse: Passthrough initialization and release Alessio Balsini
2020-11-26 13:33 ` Peng Tao
2020-11-27 13:41 ` Alessio Balsini
2020-11-28 1:57 ` Peng Tao
2020-12-16 16:46 ` Alessio Balsini [this message]
[not found] ` <3bf58b6f-c7eb-7baa-384d-ae0830d8bceb@tcl.com>
2020-12-16 16:55 ` Alessio Balsini
2020-10-26 12:50 ` [PATCH V10 3/5] fuse: Introduce synchronous read and write for passthrough Alessio Balsini
2020-10-26 12:50 ` [PATCH V10 4/5] fuse: Handle asynchronous read and write in passthrough Alessio Balsini
2020-10-26 12:50 ` [PATCH V10 5/5] fuse: Use daemon creds in passthrough mode Alessio Balsini
2020-11-28 2:10 ` [PATCH V10 0/5] fuse: Add support for passthrough read/write Peng Tao
2020-11-30 11:08 ` Alessio Balsini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=X9o59AFDwfBvVK4u@google.com \
--to=balsini@android.com \
--cc=akailash@google.com \
--cc=amir73il@gmail.com \
--cc=axboe@kernel.dk \
--cc=bergwolf@gmail.com \
--cc=duostefano93@gmail.com \
--cc=dvander@google.com \
--cc=fuse-devel@lists.sourceforge.net \
--cc=gscrivan@redhat.com \
--cc=jannh@google.com \
--cc=kernel-team@android.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=maco@android.com \
--cc=miklos@szeredi.hu \
--cc=palmer@dabbelt.com \
--cc=paullawrence@google.com \
--cc=trapexit@spawn.link \
--cc=zezeozue@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.