[LSF/MM/BPF TOPIC] FUSE servers restartability

public inbox for linux-fsdevel@vger.kernel.org
 help / color / mirror / Atom feed

* [LSF/MM/BPF TOPIC] FUSE servers restartability
@ 2026-01-23 11:16 Luis Henriques
  0 siblings, 0 replies; only message in thread
From: Luis Henriques @ 2026-01-23 11:16 UTC (permalink / raw)
  To: lsf-pc, linux-fsdevel
  Cc: Miklos Szeredi, Amir Goldstein, Bernd Schubert, Horst Birthelmer,
	Joanne Koong, Darrick J. Wong

Hi all,

I would like to propose the user-space FUSE servers restartability topic
for discussion in the next LSF/MM/BPF Summit.  I'm sure there are several
scenarios where restarting a FUSE server without the need for an
unmount/mount cycle is desirable, but the first two that always come to my
mind are:

1) Software bugs: there's a crash in the FUSE server (or in libfuse) and
   we want to be able to restart the server without applications that have
   open files in the file system to notice it.

2) Software upgrades: there is a new version of the FUSE server (or
   libfuse) available and we want to do the upgrade without any downtime.

Over the years, there have been a few threads in the mailing-lists about
this topic, the most recent one started by myself[1].  This thread
triggered the work on the FUSE_LOOKUP_HANDLE operation implementation[2],
which is currently work-in-progress.

What I would like to bring to LSF/MM/BPF, besides any extra details still
open regarding the FUSE_LOOKUP_HANDLE implementation, is what else could
be done in the kernel that would ease the implementation of a user-space
server that could be restarted.

There are two obvious things that would be helpful to have:

  - The implementation of a NOTIFY_RESEND_LOOKUPS operation, which would
    allow FUSE servers to request the kernel to resend all cached inodes
    after the restart.  This new operation could probably be merged into
    the existing NOTIFY_RESEND, by setting a flag in the request, for
    example.

  - The implementation of a NOTIFY_RESEND_INIT operation to request the
    kernel to resend the FUSE parameters that have been negotiated during
    INIT.  Or maybe it would be interesting to have a NOTIFY_REINIT
    instead, so that the FUSE server could actually modify the parameters
    initially negotiated.  This could be useful, for example, when doing a
    server upgrade that would support different features.

There's also the ability of keeping the /dev/fuse file descriptor open
across the server restart.  We could add some helpers for that in libfuse,
but since this is mostly a solved problem if we use systemd file
descriptor store[3], this is a low-priority topic and probably not worth
discussing it.

Hopefully this topic will allow to identify other potential issues and/or
ideas for improving the ability to restart FUSE servers.

[1] https://lore.kernel.org/all/8734afp0ct.fsf@igalia.com
[2] https://lore.kernel.org/all/20251212181254.59365-1-luis@igalia.com
[3] https://systemd.io/FILE_DESCRIPTOR_STORE/

Cheers,
-- 
Luís

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2026-01-23 11:16 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-01-23 11:16 [LSF/MM/BPF TOPIC] FUSE servers restartability Luis Henriques

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox