Re: [PATCH RFC 06/24] vfs: break parent dir delegations in open(..., O_CREAT) codepath

From: Jeff Layton
Date: Sun Mar 17 2024 - 08:23:52 EST


On Sun, 2024-03-17 at 00:19 +0000, Al Viro wrote:
> On Fri, Mar 15, 2024 at 12:52:57PM -0400, Jeff Layton wrote:
> > In order to add directory delegation support, we need to break
> > delegations on the parent whenever there is going to be a change in the
> > directory.
> >
> > Add a delegated_inode parameter to lookup_open and have it break the
> > delegation. Then, open_last_lookups can wait for the delegation break
> > and retry the call to lookup_open once it's done.
>
> > @@ -3490,6 +3490,11 @@ static struct dentry *lookup_open(struct nameidata *nd, struct file *file,
>
> Wait a sec - are you going to do anything to the atomic_open side of things?
>
>

Hmm good point. I was thinking that all of the filesystems that had
atomic_open didn't support leases. I'm wrong though -- there are some
that currently do:

9p: It's a network filesystem, and I don't think it has any sort of
asynchronous notification or delegation-like object, does it? It might
be best though to just make it call simple_nosetlease.

fuse: fuse allows leases today. I doubt we can get away with turning
that off now. There probably ought to be a way for the userland driver
to opt-in or out of allowing built-in lease support maybe a flag or
something?

ntfs3: IDGI. Why does ntfs3 (which is a local filesystem, unless I'm
mistaken) have an atomic_open? Shouldn't lookup+open be fine, like with
most local filesystems?

vboxsf: Probably the same situation as 9p. Can we just disable leases?

I'll spin up a patchset soon to add proper setlease handlers to all of
the above. Then we can then guard against allowing generic_setlease on
filesystems by default on filesystems with an atomic_open handler.

Another (maybe better) idea might be to require filesystems to specify a
setlease handler if they want them enabled. We could just set the
existing local filesystems to generic_setlease. That would make lease
support a strictly opt-in thing, which is probably the best idea for
avoiding surprises with them.

>
> > /* Negative dentry, just create the file */
> > if (!dentry->d_inode && (open_flag & O_CREAT)) {
> > + /* but break the directory lease first! */
> > + error = try_break_deleg(dir_inode, delegated_inode);
> > + if (error)
> > + goto out_dput;

--
Jeff Layton <jlayton@xxxxxxxxxx>