From: ebiederm@xmission.com (Eric W. Biederman)
To: Tejun Heo <tj@kernel.org>
Cc: "Ted Ts'o" <tytso@mit.edu>,
Alan Stern <stern@rowland.harvard.edu>,
Kernel development list <linux-kernel@vger.kernel.org>,
Greg Kroah-Hartman <gregkh@suse.de>,
Kay Sievers <kay.sievers@vrfy.org>
Subject: Re: Revoking filesystems [was Re: Sysfs attributes racing with unregistration]
Date: Thu, 05 Jan 2012 12:43:11 -0800 [thread overview]
Message-ID: <m1d3axc23k.fsf@fess.ebiederm.org> (raw)
In-Reply-To: <20120105183602.GE18486@google.com> (Tejun Heo's message of "Thu, 5 Jan 2012 10:36:02 -0800")
Tejun Heo <tj@kernel.org> writes:
> Hello, Ted.
>
> On Thu, Jan 05, 2012 at 01:27:52PM -0500, Ted Ts'o wrote:
>> So it's really more of a filesystem force-umount method. I could
>> imagine that this could also be used to extend the functionality of
>> umount(2) so that the MNT_FORCE flag could be used with non-NFS file
>> systems as well as NFS file systems.
>
> I think these are two separate mechanisms. Filesystems need to be
> able to handle IO errors no matter what and underlying device going
> away is the same situation. There's no reason to mix that with force
> unmount. That's a separate feature and whether to force unmount
> filesystem on device removal or permanent failure is a policy decision
> which belongs to userland - ie. if such behavior is desired, it should
> be implemented via udev/udisk instead of hard coded logic in kernel.
>
> I don't know enough to decide whether such forced unmount is a useful
> feature tho. It can be neat for development but is there any real
> necessity for the feature?
>
>> [1] Interesting question: do we convert an mmap region to an anonymous
>> region and perhaps notify the user out of band this has happened? Or
>> do we just make the mapping disappear and nuke the process with a SEGV
>> if it attempts to access it?
>
> FWIW, I vote for SIGBUS similarly to the way we handle mmap
> vs. truncate.
Agreed. SIGBUS is documented as the mapping exists but the backing
store has gone away, which seems to describe hotunplug very well.
Additionally we already do this for sysfs and it works well.
So it appears that on a hotunplug it is desirable to wake all poll
waiters of a filesystem, invalidate all mmaps, and probably notify
all inotify watchers. And in general scream to userspace that the
filesystem is gone leave it alone.
That does require a notification from the block device going away
to the filesystem. Tejun is there an existing mechanism that we
can plug into or do we need to implement something new?
Ted we can scream that the filesystem is going away without freeing
all of the filesystem data structures. To userspace there would
effectively be no difference but internal to the kernel it should
allows to skip the expensive logic of tracking every time a filesystem
method is invoked, allowing us to not penalize the fast path.
If I don't have to provide a zero cost ability to track which filesystem
methods are active at any given time I think I can whip up something
that is usable in a couple of days.
Eric
next prev parent reply other threads:[~2012-01-05 20:41 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-01-04 16:52 Sysfs attributes racing with unregistration Alan Stern
2012-01-04 17:18 ` Tejun Heo
2012-01-04 18:13 ` Eric W. Biederman
2012-01-04 19:41 ` Alan Stern
2012-01-05 3:07 ` Eric W. Biederman
2012-01-05 15:13 ` Revoking filesystems [was Re: Sysfs attributes racing with unregistration] Alan Stern
2012-01-05 15:32 ` Tejun Heo
2012-01-05 16:03 ` Eric W. Biederman
2012-01-05 16:44 ` Tejun Heo
2012-01-05 16:47 ` Alan Stern
2012-01-05 17:11 ` Tejun Heo
2012-01-05 18:27 ` Ted Ts'o
2012-01-05 18:36 ` Tejun Heo
2012-01-05 19:28 ` Ted Ts'o
2012-01-05 20:52 ` Tejun Heo
2012-01-06 6:25 ` Alexander E. Patrakov
2012-01-07 21:01 ` Revoking filesystems [was Re: Sysfs attributes racing withunregistration] Milton Miller
2012-01-05 20:43 ` Eric W. Biederman [this message]
2012-01-05 20:55 ` Revoking filesystems [was Re: Sysfs attributes racing with unregistration] Tejun Heo
2012-01-05 18:38 ` Christoph Hellwig
2012-01-05 15:52 ` Eric W. Biederman
2013-01-14 15:11 ` watchdog code anish kumar
2012-01-05 18:18 ` Revoking filesystems [was Re: Sysfs attributes racing with unregistration] Greg KH
2012-01-04 18:13 ` Sysfs attributes racing with unregistration Alan Stern
2012-01-04 18:20 ` Tejun Heo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m1d3axc23k.fsf@fess.ebiederm.org \
--to=ebiederm@xmission.com \
--cc=gregkh@suse.de \
--cc=kay.sievers@vrfy.org \
--cc=linux-kernel@vger.kernel.org \
--cc=stern@rowland.harvard.edu \
--cc=tj@kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.