13 Dec, 2019
2 commits
-
commit 8aab336b14c115c6bf1d4baeb9247e41ed9ce6de upstream.
Make sure filesystem is not returning a bogus number of bytes written.
Fixes: ea9b9907b82a ("fuse: implement perform_write")
Cc: # v2.6.26
Signed-off-by: Miklos Szeredi
Signed-off-by: Greg Kroah-Hartman -
commit f1ebdeffc6f325e30e0ddb9f7a70f1370fa4b851 upstream.
exit_aio() is sometimes stuck in wait_for_completion() after aio is issued
with direct IO and the task receives a signal.The reason is failure to call ->ki_complete() due to a leaked reference to
fuse_io_priv. This happens in fuse_async_req_send() if
fuse_simple_background() returns an error (e.g. -EINTR).In this case the error value is propagated via io->err, so return success
to not confuse callers.This issue is tracked as a virtio-fs issue:
https://gitlab.com/virtio-fs/qemu/issues/14Reported-by: Masayoshi Mizuma
Fixes: 45ac96ed7c36 ("fuse: convert direct_io to simple api")
Cc: # v5.4
Signed-off-by: Miklos Szeredi
Signed-off-by: Greg Kroah-Hartman
23 Oct, 2019
2 commits
-
Currently fuse_writepages_fill() calls get_fuse_inode() few times with
the same argument.Signed-off-by: Vasily Averin
Signed-off-by: Miklos Szeredi -
Make sure cached writes are not reordered around open(..., O_TRUNC), with
the obvious wrong results.Fixes: 4d99ff8f12eb ("fuse: Turn writeback cache on")
Cc: # v3.15+
Signed-off-by: Miklos Szeredi
24 Sep, 2019
2 commits
-
account per-file, dentry, and inode data
blockdev/superblock and temporary per-request data was left alone, as
this usually isn't accountedReviewed-by: Shakeel Butt
Signed-off-by: Khazhismel Kumykov
Signed-off-by: Miklos Szeredi -
unlock_page() was missing in case of an already in-flight write against the
same page.Signed-off-by: Vasily Averin
Fixes: ff17be086477 ("fuse: writepage: skip already in flight")
Cc: # v3.13
Signed-off-by: Miklos Szeredi
10 Sep, 2019
15 commits
-
Page arrays are not allocated together with the request anymore. Get rid
of the dead codeSigned-off-by: Miklos Szeredi
-
Since we cannot reserve the request structure up-front, make sure that the
request allocation doesn't fail using __GFP_NOFAIL.Signed-off-by: Miklos Szeredi
-
Derive fuse_writepage_args from fuse_io_args.
Sending the request is tricky since it was done with fi->lock held, hence
we must either use atomic allocation or release the lock. Both are
possible so try atomic first and if it fails, release the lock and do the
regular allocation with GFP_NOFS and __GFP_NOFAIL. Both flags are
necessary for correct operation.Move the page realloc function from dev.c to file.c and convert to using
fuse_writepage_args.The last caller of fuse_write_fill() is gone, so get rid of it.
Signed-off-by: Miklos Szeredi
-
The old fuse_read_fill() helper can be deleted, now that the last user is
gone.The fuse_io_args struct is moved to fuse_i.h so it can be shared between
readdir/read code.Signed-off-by: Miklos Szeredi
-
Need to extend fuse_io_args with 'attr_ver' and 'ff' members, that take the
functionality of the same named members in fuse_req.fuse_short_read() can now take struct fuse_args_pages.
Signed-off-by: Miklos Szeredi
-
Change of semantics in fuse_async_req_send/fuse_send_(read|write): these
can now return error, in which case the 'end' callback isn't called, so the
fuse_io_args object needs to be freed.Added verification that the return value is sane (less than or equal to the
requested read/write size).Signed-off-by: Miklos Szeredi
-
Extract a fuse_write_flags() helper that converts ki_flags relevant write
to open flags.The other parts of fuse_send_write() aren't used in the
fuse_perform_write() case.Signed-off-by: Miklos Szeredi
-
Derive fuse_io_args from struct fuse_args_pages. This will be used for
both synchronous and asynchronous read/write requests.Signed-off-by: Miklos Szeredi
-
This will allow the use of this function when converting to the simple api
(which doesn't use fuse_req).Signed-off-by: Miklos Szeredi
-
fuse_simple_request() is converted to return length of last (instead of
single) out arg, since FUSE_IOCTL_OUT has two out args, the second of which
is variable length.Signed-off-by: Miklos Szeredi
-
fuse_req_pages_alloc() is moved to file.c, since its internal use by the
device code will eventually be removed.Rename to fuse_pages_alloc() to signify that it's not only usable for
fuse_req page array.Signed-off-by: Miklos Szeredi
-
We can use the "force" flag to make sure the DESTROY request is always sent
to userspace. So no need to keep it allocated during the lifetime of the
filesystem.Signed-off-by: Miklos Szeredi
-
Add 'force' to fuse_args and use fuse_get_req_nofail_nopages() to allocate
the request in that case.Signed-off-by: Miklos Szeredi
-
Instead of complex games with a reserved request, just use __GFP_NOFAIL.
Both calers (flush, readdir) guarantee that connection was already
initialized, so no need to wait for fc->initialized.Also remove unneeded clearing of FR_BACKGROUND flag.
Signed-off-by: Miklos Szeredi
-
...to make future expansion simpler. The hiearachical structure is a
historical thing that does not serve any practical purpose.The generated code is excatly the same before and after the patch.
Signed-off-by: Miklos Szeredi
02 Sep, 2019
1 commit
-
fuse_wait_on_page_writeback() always returns zero and nobody cares.
Let's make it void.Signed-off-by: Maxim Patlasov
Signed-off-by: Vasily Averin
Signed-off-by: Miklos Szeredi
10 Jun, 2019
3 commits
-
Like ->write_iter(), we update mtime and strip setuid of dst file before
copy and like ->read_iter(), we update atime of src file after copy.Signed-off-by: Amir Goldstein
Acked-by: Miklos Szeredi
Reviewed-by: Darrick J. Wong
Signed-off-by: Darrick J. Wong -
We want to enable cross-filesystem copy_file_range functionality
where possible, so push the "same superblock only" checks down to
the individual filesystem callouts so they can make their own
decisions about cross-superblock copy offload and fallack to
generic_copy_file_range() for cross-superblock copy.[Amir] We do not call ->remap_file_range() in case the files are not
on the same sb and do not call ->copy_file_range() in case the files
do not belong to the same filesystem driver.This changes behavior of the copy_file_range(2) syscall, which will
now allow cross filesystem in-kernel copy. CIFS already supports
cross-superblock copy, between two shares to the same server. This
functionality will now be available via the copy_file_range(2) syscall.Cc: Steve French
Signed-off-by: Dave Chinner
Signed-off-by: Amir Goldstein
Reviewed-by: Darrick J. Wong
Signed-off-by: Darrick J. Wong -
Now that we have generic_copy_file_range(), remove it as a fallback
case when offloads fail. This puts the responsibility for executing
fallbacks on the filesystems that implement ->copy_file_range and
allows us to add operational validity checks to
generic_copy_file_range().Rework vfs_copy_file_range() to call a new do_copy_file_range()
helper to execute the copying callout, and move calls to
generic_file_copy_range() into filesystem methods where they
currently return failures.[Amir] overlayfs is not responsible of executing the fallback.
It is the responsibility of the underlying filesystem.Signed-off-by: Dave Chinner
Signed-off-by: Amir Goldstein
Reviewed-by: Darrick J. Wong
Signed-off-by: Darrick J. Wong
28 May, 2019
2 commits
-
The fuse_writeback_range() helper flushes dirty data to the userspace
filesystem.When the function returns, the WRITE requests for the data in the given
range have all been completed. This is not equivalent to fsync() on the
given range, since the userspace filesystem may not yet have the data on
stable storage.Signed-off-by: Miklos Szeredi
-
Prior to sending COPY_FILE_RANGE to userspace filesystem, we must flush all
dirty pages in both the source and destination files.This patch adds the missing flush of the source file.
Tested on libfuse-3.5.0 with:
libfuse/example/passthrough_ll /mnt/fuse/ -o writeback
libfuse/test/test_syscalls /mnt/fuse/tmp/testFixes: 88bc7d5097a1 ("fuse: add support for copy_file_range()")
Cc: # v4.20
Signed-off-by: Miklos Szeredi
27 May, 2019
2 commits
-
In the FOPEN_DIRECT_IO case the write path doesn't call file_remove_privs()
and that means setuid bit is not cleared if unpriviliged user writes to a
file with setuid bit set.pjdfstest chmod test 12.t tests this and fails.
Fix this by adding a flag to the FUSE_WRITE message that requests clearing
privileges on the given file. This needsThis better than just calling fuse_remove_privs(), because the attributes
may not be up to date, so in that case a write may miss clearing the
privileges.Test case:
$ passthrough_ll /mnt/pasthrough-mnt -o default_permissions,allow_other,cache=never
$ mkdir /mnt/pasthrough-mnt/testdir
$ cd /mnt/pasthrough-mnt/testdir
$ prove -rv pjdfstests/tests/chmod/12.tReported-by: Vivek Goyal
Signed-off-by: Miklos Szeredi
Tested-by: Vivek Goyal -
Do the proper cleanup in case the size check fails.
Tested with xfstests:generic/228
Reported-by: kbuild test robot
Reported-by: Dan Carpenter
Fixes: 0cbade024ba5 ("fuse: honor RLIMIT_FSIZE in fuse_file_fallocate")
Cc: Liu Bo
Cc: # v3.5
Signed-off-by: Miklos Szeredi
24 Apr, 2019
5 commits
-
Currently, a CUSE server running on a 64-bit kernel can tell when an ioctl
request comes from a process running a 32-bit ABI, but cannot tell whether
the requesting process is using legacy IA32 emulation or x32 ABI. In
particular, the server does not know the size of the client process's
`time_t` type.For 64-bit kernels, the `FUSE_IOCTL_COMPAT` and `FUSE_IOCTL_32BIT` flags
are currently set in the ioctl input request (`struct fuse_ioctl_in` member
`flags`) for a 32-bit requesting process. This patch defines a new flag
`FUSE_IOCTL_COMPAT_X32` and sets it if the 32-bit requesting process is
using the x32 ABI. This allows the server process to distinguish between
requests coming from client processes using IA32 emulation or the x32 ABI
and so infer the size of the client process's `time_t` type and any other
IA32/x32 differences.Signed-off-by: Ian Abbott
Signed-off-by: Miklos Szeredi -
The FUSE_FSYNC_DATASYNC flag was introduced by commit b6aeadeda22a
("[PATCH] FUSE - file operations") as a magic number. No new values have
been added to fsync_flags since.Signed-off-by: Alan Somers
Signed-off-by: Miklos Szeredi -
Starting from commit 9c225f2655e3 ("vfs: atomic f_pos accesses as per
POSIX") files opened even via nonseekable_open gate read and write via lock
and do not allow them to be run simultaneously. This can create read vs
write deadlock if a filesystem is trying to implement a socket-like file
which is intended to be simultaneously used for both read and write from
filesystem client. See commit 10dce8af3422 ("fs: stream_open - opener for
stream-like files so that read and write can run simultaneously without
deadlock") for details and e.g. commit 581d21a2d02a ("xenbus: fix deadlock
on writes to /proc/xen/xenbus") for a similar deadlock example on
/proc/xen/xenbus.To avoid such deadlock it was tempting to adjust fuse_finish_open to use
stream_open instead of nonseekable_open on just FOPEN_NONSEEKABLE flags,
but grepping through Debian codesearch shows users of FOPEN_NONSEEKABLE,
and in particular GVFS which actually uses offset in its read and write
handlershttps://codesearch.debian.net/search?q=-%3Enonseekable+%3D
https://gitlab.gnome.org/GNOME/gvfs/blob/1.40.0-6-gcbc54396/client/gvfsfusedaemon.c#L1080
https://gitlab.gnome.org/GNOME/gvfs/blob/1.40.0-6-gcbc54396/client/gvfsfusedaemon.c#L1247-1346
https://gitlab.gnome.org/GNOME/gvfs/blob/1.40.0-6-gcbc54396/client/gvfsfusedaemon.c#L1399-1481so if we would do such a change it will break a real user.
Add another flag (FOPEN_STREAM) for filesystem servers to indicate that the
opened handler is having stream-like semantics; does not use file position
and thus the kernel is free to issue simultaneous read and write request on
opened file handle.This patch together with stream_open() should be added to stable kernels
starting from v3.14+. This will allow to patch OSSPD and other FUSE
filesystems that provide stream-like files to return FOPEN_STREAM |
FOPEN_NONSEEKABLE in open handler and this way avoid the deadlock on all
kernel versions. This should work because fuse_finish_open ignores unknown
open flags returned from a filesystem and so passing FOPEN_STREAM to a
kernel that is not aware of this flag cannot hurt. In turn the kernel that
is not aware of FOPEN_STREAM will be < v3.14 where just FOPEN_NONSEEKABLE
is sufficient to implement streams without read vs write deadlock.Cc: stable@vger.kernel.org # v3.14+
Signed-off-by: Kirill Smelkov
Signed-off-by: Miklos Szeredi -
fstests generic/228 reported this failure that fuse fallocate does not
honor what 'ulimit -f' has set.This adds the necessary inode_newsize_ok() check.
Signed-off-by: Liu Bo
Fixes: 05ba1f082300 ("fuse: add FALLOCATE operation")
Cc: # v3.5
Signed-off-by: Miklos Szeredi -
Writepage requests were cropped to i_size & 0xffffffff, which meant that
mmaped writes to any file larger than 4G might be silently discarded.Fix by storing the file size in a properly sized variable (loff_t instead
of size_t).Reported-by: Antonio SJ Musumeci
Fixes: 6eaf4782eb09 ("fuse: writepages: crop secondary requests")
Cc: # v3.13
Signed-off-by: Miklos Szeredi
13 Feb, 2019
6 commits
-
If a filesystem returns ENOSYS from opendir and thus opts out of
opendir and releasedir requests, it almost certainly would also like
readdir results cached. Default open_flags to FOPEN_KEEP_CACHE and
FOPEN_CACHE_DIR in that case.With this patch, I've measured recursive directory enumeration across
large FUSE mounts to be faster than native mounts.Signed-off-by: Chad Austin
Signed-off-by: Miklos Szeredi -
Allow filesystems to return ENOSYS from opendir, preventing the kernel from
sending opendir and releasedir messages in the future. This avoids
userspace transitions when filesystems don't need to keep track of state
per directory handle.A new capability flag, FUSE_NO_OPENDIR_SUPPORT, parallels
FUSE_NO_OPEN_SUPPORT, indicating the new semantics for returning ENOSYS
from opendir.Signed-off-by: Chad Austin
Signed-off-by: Miklos Szeredi -
Bad inode checks were done done in various places, and move them into
fuse_file_{read|write}_iter().Signed-off-by: Miklos Szeredi
-
This is cleanup, as well as allowing switching between I/O modes while the
file is open in the future.Signed-off-by: Miklos Szeredi
-
Nothing preventing copy_file_range to work on files opened with
FOPEN_DIRECT_IO.Fixes: 88bc7d5097a1 ("fuse: add support for copy_file_range()")
Signed-off-by: Miklos Szeredi -
The default splice implementation is grossly inefficient and the iter based
ones work just fine, so use those instead. I've measured an 8x speedup for
splice write (with len = 128k).Signed-off-by: Miklos Szeredi
