1. 27 7月, 2008 2 次提交
    • A
      [PATCH] fix MAY_CHDIR/MAY_ACCESS/LOOKUP_ACCESS mess · a110343f
      Al Viro 提交于
      * MAY_CHDIR is redundant - it's an equivalent of MAY_ACCESS
      * MAY_ACCESS on fuse should affect only the last step of pathname resolution
      * fchdir() and chroot() should pass MAY_ACCESS, for the same reason why
        chdir() needs that.
      * now that we pass MAY_ACCESS explicitly in all cases, LOOKUP_ACCESS can be
        removed; it has no business being in nameidata.
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      a110343f
    • A
      [PATCH] sanitize ->permission() prototype · e6305c43
      Al Viro 提交于
      * kill nameidata * argument; map the 3 bits in ->flags anybody cares
        about to new MAY_... ones and pass with the mask.
      * kill redundant gfs2_iop_permission()
      * sanitize ecryptfs_permission()
      * fix remaining places where ->permission() instances might barf on new
        MAY_... found in mask.
      
      The obvious next target in that direction is permission(9)
      
      folded fix for nfs_permission() breakage from Miklos Szeredi <mszeredi@suse.cz>
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      e6305c43
  2. 26 7月, 2008 3 次提交
  3. 30 4月, 2008 2 次提交
    • M
      fuse: update file size on short read · 5c5c5e51
      Miklos Szeredi 提交于
      If the READ request returned a short count, then either
      
        - cached size is incorrect
        - filesystem is buggy, as short reads are only allowed on EOF
      
      So assume that the size is wrong and refresh it, so that cached read() doesn't
      zero fill the missing chunk.
      Signed-off-by: NMiklos Szeredi <mszeredi@suse.cz>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      5c5c5e51
    • M
      fuse: support writable mmap · 3be5a52b
      Miklos Szeredi 提交于
      Quoting Linus (3 years ago, FUSE inclusion discussions):
      
        "User-space filesystems are hard to get right. I'd claim that they
         are almost impossible, unless you limit them somehow (shared
         writable mappings are the nastiest part - if you don't have those,
         you can reasonably limit your problems by limiting the number of
         dirty pages you accept through normal "write()" calls)."
      
      Instead of attempting the impossible, I've just waited for the dirty page
      accounting infrastructure to materialize (thanks to Peter Zijlstra and
      others).  This nicely solved the biggest problem: limiting the number of pages
      used for write caching.
      
      Some small details remained, however, which this largish patch attempts to
      address.  It provides a page writeback implementation for fuse, which is
      completely safe against VM related deadlocks.  Performance may not be very
      good for certain usage patterns, but generally it should be acceptable.
      
      It has been tested extensively with fsx-linux and bash-shared-mapping.
      
      Fuse page writeback design
      --------------------------
      
      fuse_writepage() allocates a new temporary page with GFP_NOFS|__GFP_HIGHMEM.
      It copies the contents of the original page, and queues a WRITE request to the
      userspace filesystem using this temp page.
      
      The writeback is finished instantly from the MM's point of view: the page is
      removed from the radix trees, and the PageDirty and PageWriteback flags are
      cleared.
      
      For the duration of the actual write, the NR_WRITEBACK_TEMP counter is
      incremented.  The per-bdi writeback count is not decremented until the actual
      write completes.
      
      On dirtying the page, fuse waits for a previous write to finish before
      proceeding.  This makes sure, there can only be one temporary page used at a
      time for one cached page.
      
      This approach is wasteful in both memory and CPU bandwidth, so why is this
      complication needed?
      
      The basic problem is that there can be no guarantee about the time in which
      the userspace filesystem will complete a write.  It may be buggy or even
      malicious, and fail to complete WRITE requests.  We don't want unrelated parts
      of the system to grind to a halt in such cases.
      
      Also a filesystem may need additional resources (particularly memory) to
      complete a WRITE request.  There's a great danger of a deadlock if that
      allocation may wait for the writepage to finish.
      
      Currently there are several cases where the kernel can block on page
      writeback:
      
        - allocation order is larger than PAGE_ALLOC_COSTLY_ORDER
        - page migration
        - throttle_vm_writeout (through NR_WRITEBACK)
        - sync(2)
      
      Of course in some cases (fsync, msync) we explicitly want to allow blocking.
      So for these cases new code has to be added to fuse, since the VM is not
      tracking writeback pages for us any more.
      
      As an extra safetly measure, the maximum dirty ratio allocated to a single
      fuse filesystem is set to 1% by default.  This way one (or several) buggy or
      malicious fuse filesystems cannot slow down the rest of the system by hogging
      dirty memory.
      
      With appropriate privileges, this limit can be raised through
      '/sys/class/bdi/<bdi>/max_ratio'.
      Signed-off-by: NMiklos Szeredi <mszeredi@suse.cz>
      Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      3be5a52b
  4. 24 2月, 2008 1 次提交
  5. 08 2月, 2008 1 次提交
  6. 07 2月, 2008 1 次提交
  7. 30 11月, 2007 4 次提交
  8. 19 10月, 2007 8 次提交
  9. 17 10月, 2007 5 次提交
  10. 24 5月, 2007 1 次提交
  11. 09 4月, 2007 1 次提交
  12. 13 2月, 2007 1 次提交
  13. 09 12月, 2006 1 次提交
  14. 08 12月, 2006 2 次提交
  15. 26 11月, 2006 1 次提交
    • M
      [PATCH] fuse: fix Oops in lookup · 2d51013e
      Miklos Szeredi 提交于
      Fix bug in certain error paths of lookup routines.  The request object was
      reused for sending FORGET, which is illegal.  This bug could cause an Oops
      in 2.6.18.  In earlier versions it might silently corrupt memory, but this
      is very unlikely.
      
      These error paths are never triggered by libfuse, so this wasn't noticed
      even with the 2.6.18 kernel, only with a filesystem using the raw kernel
      interface.
      
      Thanks to Russ Cox for the bug report and test filesystem.
      Signed-off-by: NMiklos Szeredi <miklos@szeredi.hu>
      Cc: <stable@kernel.org>
      Signed-off-by: NAndrew Morton <akpm@osdl.org>
      Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      2d51013e
  16. 17 10月, 2006 4 次提交
    • M
      [PATCH] fuse: fix dereferencing dentry parent · e956edd0
      Miklos Szeredi 提交于
      There's no locking for ->d_revalidate, so fuse_dentry_revalidate() should use
      dget_parent() instead of simply dereferencing ->d_parent.
      
      Due to topology changes in the directory tree the parent could become negative
      or be destroyed while being used.  There hasn't been any reports about this
      yet.
      Signed-off-by: NMiklos Szeredi <miklos@szeredi.hu>
      Signed-off-by: NAndrew Morton <akpm@osdl.org>
      Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      e956edd0
    • M
      [PATCH] fuse: fix handling of moved directory · d2a85164
      Miklos Szeredi 提交于
      Fuse considered it an error (EIO) if lookup returned a directory inode, to
      which a dentry already refered.  This is because directory aliases are not
      allowed.
      
      But in a network filesystem this could happen legitimately, if a directory is
      moved on a remote client.  This patch attempts to relax the restriction by
      trying to first evict the offending alias from the cache.  If this fails, it
      still returns an error (EBUSY).
      
      A rarer situation is if an mkdir races with an indenpendent lookup, which
      finds the newly created directory already moved.  In this situation the mkdir
      should return success, but that would be incorrect, since the dentry cannot be
      instantiated, so return EBUSY.
      
      Previously checking for a directory alias and instantiation of the dentry
      weren't done atomically in lookup/mkdir, hence two such calls racing with each
      other could create aliased directories.  To prevent this introduce a new
      per-connection mutex: fuse_conn->inst_mutex, which is taken for instantiations
      with a directory inode.
      Signed-off-by: NMiklos Szeredi <miklos@szeredi.hu>
      Signed-off-by: NAndrew Morton <akpm@osdl.org>
      Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      d2a85164
    • M
      [PATCH] fuse: locking fix for nlookup · 8da5ff23
      Miklos Szeredi 提交于
      An inode could be returned by independent parallel lookups, in this case an
      update of the lookup counter could be lost resulting in a memory leak in
      userspace.
      Signed-off-by: NMiklos Szeredi <miklos@szeredi.hu>
      Signed-off-by: NAndrew Morton <akpm@osdl.org>
      Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      8da5ff23
    • M
      [PATCH] fuse: fix hang on SMP · 9ffbb916
      Miklos Szeredi 提交于
      Fuse didn't always call i_size_write() with i_mutex held which caused rare
      hangs on SMP/32bit.  This bug has been present since fuse-2.2, well before
      being merged into mainline.
      
      The simplest solution is to protect i_size_write() with the per-connection
      spinlock.  Using i_mutex for this purpose would require some restructuring of
      the code and I'm not even sure it's always safe to acquire i_mutex in all
      places i_size needs to be set.
      
      Since most of vmtruncate is already duplicated for other reasons, duplicate
      the remaining part as well, making all i_size_write() calls internal to fuse.
      
      Using i_size_write() was unnecessary in fuse_init_inode(), since this function
      is only called on a newly created locked inode.
      
      Reported by a few people over the years, but special thanks to Dana Henriksen
      who was persistent enough in helping me debug it.
      Signed-off-by: NMiklos Szeredi <miklos@szeredi.hu>
      Signed-off-by: NAndrew Morton <akpm@osdl.org>
      Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      9ffbb916
  17. 01 10月, 2006 1 次提交
  18. 30 9月, 2006 1 次提交