From: "J. Bruce Fields" <bfields@redhat.com>
To: Andreas Gruenbacher <agruenba@redhat.com>
Cc: Chuck Lever <chuck.lever@oracle.com>,
Trond Myklebust <trond.myklebust@primarydata.com>,
Anna Schumaker <schumakeranna@gmail.com>,
Linux NFS Mailing List <linux-nfs@vger.kernel.org>,
Dros Adamson <dros@primarydata.com>,
Weston Andros Adamson <dros@netapp.com>
Subject: Re: [PATCH 6/6] NFSv4: allow getacl rpc to allocate pages on demand
Date: Thu, 23 Feb 2017 15:20:26 -0500 [thread overview]
Message-ID: <20170223202025.GI9417@parsley.fieldses.org> (raw)
In-Reply-To: <CAHc6FU5WxqOOvr-qGeO3gjykiyFyZGPf2W5VJiTGkcR0AiyP5g@mail.gmail.com>
On Thu, Feb 23, 2017 at 11:28:46AM +0100, Andreas Gruenbacher wrote:
> On Wed, Feb 22, 2017 at 2:53 AM, J. Bruce Fields <bfields@redhat.com> wrote:
> > On Tue, Feb 21, 2017 at 10:45:35PM +0100, Andreas Gruenbacher wrote:
> >> On Tue, Feb 21, 2017 at 10:37 PM, J. Bruce Fields <bfields@redhat.com> wrote:
> >> > On Tue, Feb 21, 2017 at 10:21:05PM +0100, Andreas Gruenbacher wrote:
> >> >> On Tue, Feb 21, 2017 at 7:46 PM, Chuck Lever <chuck.lever@oracle.com> wrote:
> >> >> > Hi Andreas-
> >> >> >
> >> >> >
> >> >> >> On Feb 20, 2017, at 4:31 PM, Andreas Gruenbacher <agruenba@redhat.com> wrote:
> >> >> >>
> >> >> >> On Mon, Feb 20, 2017 at 6:15 PM, J. Bruce Fields <bfields@redhat.com> wrote:
> >> >> >>> On Mon, Feb 20, 2017 at 11:42:31AM -0500, Chuck Lever wrote:
> >> >> >>>>
> >> >> >>>>> On Feb 20, 2017, at 11:09 AM, J. Bruce Fields <bfields@redhat.com> wrote:
> >> >> >>>>>
> >> >> >>>>> On Sun, Feb 19, 2017 at 02:29:03PM -0500, Chuck Lever wrote:
> >> >> >>>>>>
> >> >> >>>>>>> On Feb 18, 2017, at 9:07 PM, J. Bruce Fields <bfields@redhat.com> wrote:
> >> >> >>>>>>>
> >> >> >>>>>>> From: Weston Andros Adamson <dros@netapp.com>
> >> >> >>>>>>>
> >> >> >>>>>>> Instead of preallocating pags, allow xdr_partial_copy_from_skb() to
> >> >> >>>>>>> allocate whatever pages we need on demand. This is what the NFSv3 ACL
> >> >> >>>>>>> code does.
> >> >> >>>>>>
> >> >> >>>>>> The patch description does not explain why this change is
> >> >> >>>>>> being done.
> >> >> >>>>>
> >> >> >>>>> The only justification I see is avoiding allocating pages unnecessarily.
> >> >> >>>>
> >> >> >>>> That makes sense. Is there a real world workload that has seen
> >> >> >>>> a negative effect?
> >> >> >>>>
> >> >> >>>>
> >> >> >>>>> Without this patch, for each getacl, we allocate 17 pages (if I'm
> >> >> >>>>> calculating correctly) and probably rarely use most of them.
> >> >> >>>>>
> >> >> >>>>> In the v3 case I think it's 7 pages instead of 17.
> >> >> >>>>
> >> >> >>>> I would have guessed 9. Out of curiosity, is there a reason
> >> >> >>>> documented for these size limits?
> >> >> >>>
> >> >> >>>
> >> >> >>> In the v4 case:
> >> >> >>>
> >> >> >>> #define NFS4ACL_MAXPAGES DIV_ROUND_UP(XATTR_SIZE_MAX, PAGE_SIZE)
> >> >> >>>
> >> >> >>> And I believe XATTR_SIZE_MAX is a global maximum on the size of any
> >> >> >>> extend attribute value.
> >> >> >>
> >> >> >> XATTR_SIZE_MAX is the maximum size of an extended attribute. NFSv4
> >> >> >> ACLs are passed through unchanged in "system.nfs4_acl".
> >> >> >
> >> >> > "Extended attribute" means this is a Linux-specific limit?
> >> >>
> >> >> Yes.
> >> >>
> >> >> > Is there anything that prevents a non-Linux system from constructing
> >> >> > or returning an ACL that is larger than that?
> >> >>
> >> >> No.
> >> >
> >> > In the >=v4.1 case there are session limits, but they'll typically be
> >> > less. In the 4.0 case I think there's no explicit limit at all. In
> >> > practice I bet other systems are similar to Linux in that the assume
> >> > peers won't send rpc replies or requests larger than about the
> >> > maximum-sized read or write. But again that'll usually be a higher
> >> > limit than our ACL limit.
> >> >
> >> >> > What happens on a Linux client when a server returns an ACL that does
> >> >> > not fit in this allotment?
> >> >>
> >> >> I would hope an error, but I haven't tested it.
> >> >
> >> > I haven't tested either, but it looks to me like the rpc layer receives
> >> > a truncated request, the xdr decoding recognizes that it's truncated,
> >> > and the result is an -ERANGE.
> >> >
> >> > Looking now I think that my "NFSv4: simplify getacl decoding" changes
> >> > that to an -EIO. More importantly, it makes that an EIO even when the
> >> > calling application was only asking for the length, not the actual ACL
> >> > data. I'll fix that.
> >>
> >> Just be careful not to return a length from getxattr(path, name, NULL,
> >> 0) that will cause getxattr(path, name, buffer, size) to fail with
> >> ERANGE, please. Otherwise, user space might get very confused.
> >
> > Ugh, OK. So there could be userspace code that does something like
> >
> > while (getxattr(path, name, buf, size) == -ERANGE) {
> > /* oops, must have raced with a size change */
> > size = getxattr(path, name, NULL, 0);
> > buf = realloc(buf, size);
> > }
> >
> > and you'd consider that a kernel bug not a userspace bug?
>
> It would at least provoke errors if the above loop (with an additional
> check for size == -1) didn't terminate, so I'd like to avoid that. I
> see now that there is botched code in fs/xattr.c that tries to prevent
> that, so I'll try to fix that so that file systems won't have to
> bother.
Having seen your patch on fs-devel.... OK, so after that point, we can
choose in NFS to either to return -E2BIG ourselves or to return success
with the large length and let fs/xattr convert to -E2BIG if necessary.
Thanks, that makes sense.
> > I suspect that can happen both before and after my changes.
> >
> > So what do we want for that case? Just -EIO?
>
> getxattr and listxattr are trying to cast that kind of error to
> -E2BIG, which seems okay.
Got it, thanks.
--b.
next prev parent reply other threads:[~2017-02-23 20:20 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-17 16:44 [PATCH 0/3] getacl fixes J. Bruce Fields
2017-02-17 16:44 ` [PATCH 1/3] nfsd4: fix getacl head length estimation J. Bruce Fields
2017-02-17 16:44 ` [PATCH 2/3] NFSv4: fix getacl ERANGE for some ACL buffer sizes J. Bruce Fields
2017-02-17 16:44 ` [PATCH 3/3] nfsd4: simplify getacl decoding J. Bruce Fields
2017-02-17 19:15 ` kbuild test robot
2017-02-17 19:33 ` J. Bruce Fields
2017-02-17 19:35 ` kbuild test robot
2017-02-17 19:35 ` [PATCH] nfsd4: fix ifnullfree.cocci warnings kbuild test robot
2017-02-17 19:34 ` J. Bruce Fields
2017-02-17 20:36 ` [PATCH 0/3] getacl fixes Chuck Lever
2017-02-17 20:52 ` J. Bruce Fields
2017-02-17 21:21 ` Chuck Lever
2017-02-19 2:07 ` [PATCH 0/6] getacl fixes V2 J. Bruce Fields
2017-02-19 2:07 ` [PATCH 1/6] NFSv4: fix getacl head length estimation J. Bruce Fields
2017-02-20 13:19 ` Kinglong Mee
2017-02-20 15:50 ` J. Bruce Fields
2017-02-20 20:27 ` [PATCH] " J. Bruce Fields
2017-02-19 2:07 ` [PATCH 2/6] NFSv4: fix getacl ERANGE for some ACL buffer sizes J. Bruce Fields
2017-02-21 19:46 ` Weston Andros Adamson
2017-02-22 22:36 ` J. Bruce Fields
2017-02-23 14:55 ` Anna Schumaker
2017-02-23 19:43 ` J. Bruce Fields
2017-02-23 19:53 ` [PATCH 1/2] NFSv4: fix getacl head length estimation J. Bruce Fields
2017-02-23 19:54 ` [PATCH 2/2] NFSv4: fix getacl ERANGE for some ACL buffer sizes J. Bruce Fields
2017-02-23 21:54 ` Anna Schumaker
2017-02-19 2:07 ` [PATCH 3/6] NFSv4: minor acl caching policy documentation J. Bruce Fields
2017-02-19 2:07 ` [PATCH 4/6] NFSv4: minor getacl cleanup J. Bruce Fields
2017-02-20 22:38 ` Andreas Gruenbacher
2017-02-19 2:07 ` [PATCH 5/6] NFSv4: simplify getacl decoding J. Bruce Fields
2017-02-20 22:30 ` Andreas Gruenbacher
2017-02-19 2:07 ` [PATCH 6/6] NFSv4: allow getacl rpc to allocate pages on demand J. Bruce Fields
2017-02-19 19:29 ` Chuck Lever
2017-02-20 16:09 ` J. Bruce Fields
2017-02-20 16:42 ` Chuck Lever
2017-02-20 17:15 ` J. Bruce Fields
2017-02-20 21:31 ` Andreas Gruenbacher
2017-02-21 18:46 ` Chuck Lever
2017-02-21 21:21 ` Andreas Gruenbacher
2017-02-21 21:37 ` J. Bruce Fields
2017-02-21 21:45 ` Andreas Gruenbacher
2017-02-22 1:53 ` J. Bruce Fields
2017-02-23 10:28 ` Andreas Gruenbacher
2017-02-23 20:20 ` J. Bruce Fields [this message]
2017-02-20 22:38 ` Andreas Gruenbacher
2017-02-21 18:35 ` J. Bruce Fields
2017-02-21 19:45 ` Weston Andros Adamson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170223202025.GI9417@parsley.fieldses.org \
--to=bfields@redhat.com \
--cc=agruenba@redhat.com \
--cc=chuck.lever@oracle.com \
--cc=dros@netapp.com \
--cc=dros@primarydata.com \
--cc=linux-nfs@vger.kernel.org \
--cc=schumakeranna@gmail.com \
--cc=trond.myklebust@primarydata.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).