Re: synchronous AF_LOCAL connect

public inbox for linux-nfs@vger.kernel.org
 help / color / mirror / Atom feed

From: Chuck Lever <chuck.lever@oracle.com>
To: "Myklebust, Trond" <Trond.Myklebust@netapp.com>
Cc: "J. Bruce Fields" <bfields@fieldses.org>,
	"linux-nfs@vger.kernel.org" <linux-nfs@vger.kernel.org>,
	"simo@redhat.com" <simo@redhat.com>
Subject: Re: synchronous AF_LOCAL connect
Date: Wed, 20 Feb 2013 12:39:38 -0500	[thread overview]
Message-ID: <07128F08-BE73-401E-B765-710F43A60558@oracle.com> (raw)
In-Reply-To: <4FA345DA4F4AE44899BD2B03EEEC2FA9235D7E49@SACEXCMBX04-PRD.hq.netapp.com>


On Feb 20, 2013, at 12:27 PM, "Myklebust, Trond" <Trond.Myklebust@netapp.com> wrote:

> On Wed, 2013-02-20 at 12:04 -0500, Chuck Lever wrote:
> 
>> Yes, but AF_LOCAL is supposed to be a generic transport for RPC.  This is not a feature we just made up, it's actually a well-defined API that exists on other platforms (it's even specified in RFCs).  Right now I would hesitate to restrict the use of AF_LOCAL upcalls to only synchronous contexts, because eventually we may want to use the transport in asynchronous contexts.
> 
> The whole problem is that it is a piss-poorly defined feature in an
> asynchronous kernel context.
> 
> Sockets carry around a well defined net namespace context that allow
> them to resolve IP addresses. However they carry none of the file
> namespace context information that is required to make sense of AF_LOCAL
> "addresses".

I recognize this problem, but I fail to see how it is connected to asynchronicity in general.  The issue seems to be specifically how rpciod implements asynchronicity.

> IOW we have 3 options:
> 
>     1. Drop AF_LOCAL support altogether
>     2. Add file namespace context to the RPC or socket layers
>     3. Drop asynchronous support, so that we have a reliable
>        userspace-defined context.
> 
> 1) involves a user space api change, which will bring down the iron fist
> of the Finn.

The problem with 1) is that rpcbind uses a special feature of AF_LOCAL to protect registrations from being removed by a malicious or ignorant registrant.  That's why I added AF_LOCAL.  Somehow we would have to replace that feature.

> 2) involves cooperation from the VFS and socket folks which doesn't seem
> to be happening.

Yep, I'm aware of that.

> so that leaves (3), which is perfectly doable since we do _not_ want to
> expose the rpc layer to anything outside the kernel. It's not intended
> as a generic libtirpc...

I hoped for a better alternative, but I see that folks do not have the patience for that.  ;-)

> 
>> If we were to go with using a synchronous connect, however, I think there should be some kind of safety check to make sure the xs connect function is not being invoked from an asynchronous context.  This is a restriction that does not exist for other transports supported by the kernel RPC client, so it should be underscored in the code.
> 
> void xs_connect_local(struct rpc_task *task)
> {
> 	if (RPC_IS_ASYNC(task))
> 		rpc_exit(task, -ENOTCONN);
> .....
> }
> 
> ...done.

That's what I had in mind.  I might even add a WARN_ON_ONCE().

-- 
Chuck Lever
chuck[dot]lever[at]oracle[dot]com

next prev parent reply	other threads:[~2013-02-20 17:39 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-02-18 22:54 synchronous AF_LOCAL connect J. Bruce Fields
2013-02-20 15:47 ` J. Bruce Fields
2013-02-20 15:56   ` Chuck Lever
2013-02-20 16:03     ` J. Bruce Fields
2013-02-20 16:20       ` Chuck Lever
2013-02-20 16:34         ` J. Bruce Fields
2013-02-20 17:04           ` Chuck Lever
2013-02-20 17:27             ` Myklebust, Trond
2013-02-20 17:32               ` Simo Sorce
2013-02-20 23:03                 ` J. Bruce Fields
2013-02-21 16:21                   ` J. Bruce Fields
2013-02-21 16:27                     ` Chuck Lever
2013-02-21 16:30                       ` J. Bruce Fields
2013-02-21 16:39                     ` J. Bruce Fields
2013-02-20 17:39               ` Chuck Lever [this message]
2013-02-20 18:02                 ` Myklebust, Trond

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=07128F08-BE73-401E-B765-710F43A60558@oracle.com \
    --to=chuck.lever@oracle.com \
    --cc=Trond.Myklebust@netapp.com \
    --cc=bfields@fieldses.org \
    --cc=linux-nfs@vger.kernel.org \
    --cc=simo@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox