| Message ID | 20230109051823.480289-9-willy@infradead.org |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:4e01:0:0:0:0:0 with SMTP id p1csp1984782wrt;
Sun, 8 Jan 2023 21:19:16 -0800 (PST)
X-Google-Smtp-Source:
AMrXdXtw5f67qSNi9HE8IaO3WYb5KJLYsF76ErqMdBw1VHAE/Bqr19lA+Tmq/K8O/qB3lxM+vePq
X-Received: by 2002:a17:90a:af91:b0:219:de9b:f397 with SMTP id
w17-20020a17090aaf9100b00219de9bf397mr67588423pjq.3.1673241556554;
Sun, 08 Jan 2023 21:19:16 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1673241556; cv=none;
d=google.com; s=arc-20160816;
b=z/8j5oGwvAxV9UwYXHMD4sgcP53J5RZQz5dGeq4tbyfpwJ4ZWpALFtzMZk7EvLEKtw
51O9YxZOLWtQvUH9Is/VOakjiUtj77YnjXu57RI3s/BYBEqQegerXLfQYZJWhv8Z2XKF
BeIQxbS0pantiHnTqxg/nEAzjLY/pa/DAZQDea7phPNvvvFQsjyph2y32wKHi4thPJTq
FRhpOHIs+4jcIbjkgy1CyXfri5VkyHqfhJVEuzgVuJYilnryFpjyh86AYcod3TgKxIHE
5JgPbLXtYtgA3NBeZh4vEBJHI/NhT2B3IoDuZqCxAdFXOzTL//Uj1NCST9ruBgDO5vev
DNOg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:to:content-transfer-encoding:mime-version
:references:in-reply-to:message-id:date:subject:cc:from
:dkim-signature;
bh=UvH9ycUllkHxgh2ZsVpQIK1Y6EVpAeDrvEMZLSZxFIM=;
b=CvNx0oExZL0wiT/glfvTLvsNvdIk1nJ1m9fPZDzjnjk8Dq+WCyoemtS9/hfIrODFyB
CCWCchdrrwSvVCU2X7aBaUh9Gv7vHKqtvu801sOtI7iHHGIyZ4AT06+hQKDp5A18ZUh+
cAb/mO1Kl2L5MgG4uGOhuAfDSMTjdokI/mumL/A2ZkfKSyamopUNAc/jqRO+b4kMKomW
MJoi0AcaphpyNS4hpR/6oAD8IyTL26YgoTz+pmL3hY7KVYYN2RhdNR7W+kZh2e3yRzUW
PTpl4L6+A6ryWy4KZxd5CpRmLvI5e40CCkm5EbNroW4pqPDanD3j+tHTqr7Jq1hWujAz
0ObQ==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=fail header.i=@infradead.org header.s=casper.20170209
header.b=LbvKlGSO;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
bc22-20020a656d96000000b004ad990a963asi6678437pgb.648.2023.01.08.21.19.04;
Sun, 08 Jan 2023 21:19:16 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=fail header.i=@infradead.org header.s=casper.20170209
header.b=LbvKlGSO;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S236358AbjAIFSi (ORCPT <rfc822;jian.xie.xdx@gmail.com>
+ 99 others); Mon, 9 Jan 2023 00:18:38 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53582 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S229622AbjAIFSS (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Mon, 9 Jan 2023 00:18:18 -0500
Received: from casper.infradead.org (casper.infradead.org
[IPv6:2001:8b0:10b:1236::1])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8E2D1D2C8;
Sun, 8 Jan 2023 21:18:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=infradead.org; s=casper.20170209;
h=Content-Transfer-Encoding:MIME-Version:
References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:
Content-Type:Content-ID:Content-Description;
bh=UvH9ycUllkHxgh2ZsVpQIK1Y6EVpAeDrvEMZLSZxFIM=;
b=LbvKlGSOOBJGYKzPTxzwC51OUM
4pi+Lu0AKUj5674G9a9HGH2avOJVNKMzAho+9kZg1BLmoaQWZGFapak9qevcs5vCNX4cowDhjDTMy
fecc/Mp4vTjQxDqsMnH/5D+7oIUueYz/KbNAPa3cSljyAFyidWyyb6gUZ0lx9YaUaNCpo18r76syB
DIIOJfRRf+AcFziAPXk8JB5K4EdITspdaBq+l84JN1RdFBkFF+cD7zAqa1vPwm8jweofhVKpcmaFM
i137t3ozQkjZdDD9Vrt8EYXLDGZ808AQNdtpYA+unsLNTlfaq9tJjcQ3MUy87+YUWevUMEmHHRCjb
WlbLNRRA==;
Received: from willy by casper.infradead.org with local (Exim 4.94.2 #2 (Red
Hat Linux))
id 1pEkYD-0020xJ-SI; Mon, 09 Jan 2023 05:18:25 +0000
From: "Matthew Wilcox (Oracle)" <willy@infradead.org>
Cc: "Matthew Wilcox (Oracle)" <willy@infradead.org>,
Jeff Layton <jlayton@redhat.com>,
linux-fsdevel@vger.kernel.org, linux-mm@kvack.org,
linux-kernel@vger.kernel.org, Christoph Hellwig <hch@lst.de>
Subject: [PATCH 08/11] cifs: Remove call to filemap_check_wb_err()
Date: Mon, 9 Jan 2023 05:18:20 +0000
Message-Id: <20230109051823.480289-9-willy@infradead.org>
X-Mailer: git-send-email 2.37.1
In-Reply-To: <20230109051823.480289-1-willy@infradead.org>
References: <20230109051823.480289-1-willy@infradead.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE,
SPF_NONE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
To: unlisted-recipients:; (no To-header on input)
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1754520938327781031?=
X-GMAIL-MSGID: =?utf-8?q?1754520938327781031?=
|
| Series |
Remove AS_EIO and AS_ENOSPC
|
|
Commit Message
Matthew Wilcox
Jan. 9, 2023, 5:18 a.m. UTC
filemap_write_and_wait() now calls filemap_check_wb_err(), so we cannot
glean any additional information by calling it ourselves. It may also
be misleading as it will pick up on any errors since the beginning of
time which may well be since before this program opened the file.
Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org>
---
fs/cifs/file.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
Comments
On Mon, 2023-01-09 at 05:18 +0000, Matthew Wilcox (Oracle) wrote: > filemap_write_and_wait() now calls filemap_check_wb_err(), so we cannot > glean any additional information by calling it ourselves. It may also > be misleading as it will pick up on any errors since the beginning of > time which may well be since before this program opened the file. > > Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org> > --- > fs/cifs/file.c | 8 +++----- > 1 file changed, 3 insertions(+), 5 deletions(-) > > diff --git a/fs/cifs/file.c b/fs/cifs/file.c > index 22dfc1f8b4f1..7e7ee26cf77d 100644 > --- a/fs/cifs/file.c > +++ b/fs/cifs/file.c > @@ -3042,14 +3042,12 @@ int cifs_flush(struct file *file, fl_owner_t id) > int rc = 0; > > if (file->f_mode & FMODE_WRITE) > - rc = filemap_write_and_wait(inode->i_mapping); > + rc = filemap_write_and_wait(file->f_mapping); If we're calling ->flush, then the file is being closed. Should this just be? rc = file_write_and_wait(file); It's not like we need to worry about corrupting ->f_wb_err at that point. > > cifs_dbg(FYI, "Flush inode %p file %p rc %d\n", inode, file rc); > - if (rc) { > - /* get more nuanced writeback errors */ > - rc = filemap_check_wb_err(file->f_mapping, 0); > + if (rc) > trace_cifs_flush_err(inode->i_ino, rc); > - } > + > return rc; > } >
On Mon, Jan 09, 2023 at 09:42:36AM -0500, Jeff Layton wrote: > On Mon, 2023-01-09 at 05:18 +0000, Matthew Wilcox (Oracle) wrote: > > filemap_write_and_wait() now calls filemap_check_wb_err(), so we cannot > > glean any additional information by calling it ourselves. It may also > > be misleading as it will pick up on any errors since the beginning of > > time which may well be since before this program opened the file. > > > > Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org> > > --- > > fs/cifs/file.c | 8 +++----- > > 1 file changed, 3 insertions(+), 5 deletions(-) > > > > diff --git a/fs/cifs/file.c b/fs/cifs/file.c > > index 22dfc1f8b4f1..7e7ee26cf77d 100644 > > --- a/fs/cifs/file.c > > +++ b/fs/cifs/file.c > > @@ -3042,14 +3042,12 @@ int cifs_flush(struct file *file, fl_owner_t id) > > int rc = 0; > > > > if (file->f_mode & FMODE_WRITE) > > - rc = filemap_write_and_wait(inode->i_mapping); > > + rc = filemap_write_and_wait(file->f_mapping); > > If we're calling ->flush, then the file is being closed. Should this > just be? > rc = file_write_and_wait(file); > > It's not like we need to worry about corrupting ->f_wb_err at that > point. Yes, I think you're right, and then this is a standalone patch that can go in this cycle, perhaps.
On Mon, 2023-01-09 at 09:42 -0500, Jeff Layton wrote: > On Mon, 2023-01-09 at 05:18 +0000, Matthew Wilcox (Oracle) wrote: > > filemap_write_and_wait() now calls filemap_check_wb_err(), so we cannot > > glean any additional information by calling it ourselves. It may also > > be misleading as it will pick up on any errors since the beginning of > > time which may well be since before this program opened the file. > > > > Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org> > > --- > > fs/cifs/file.c | 8 +++----- > > 1 file changed, 3 insertions(+), 5 deletions(-) > > > > diff --git a/fs/cifs/file.c b/fs/cifs/file.c > > index 22dfc1f8b4f1..7e7ee26cf77d 100644 > > --- a/fs/cifs/file.c > > +++ b/fs/cifs/file.c > > @@ -3042,14 +3042,12 @@ int cifs_flush(struct file *file, fl_owner_t id) > > int rc = 0; > > > > if (file->f_mode & FMODE_WRITE) > > - rc = filemap_write_and_wait(inode->i_mapping); > > + rc = filemap_write_and_wait(file->f_mapping); > > If we're calling ->flush, then the file is being closed. Should this > just be? > rc = file_write_and_wait(file); > > It's not like we need to worry about corrupting ->f_wb_err at that > point. > OTOH, I suppose it is possible for there to be racing fsync syscall with a filp_close, and in that case advancing the f_wb_err might be a bad idea, particularly since a lot of places ignore the return from filp_close. It's probably best to _not_ advance the f_wb_err on ->flush calls. That said...wonder if we ought to consider making filp_close and ->flush void return functions. There's no POSIX requirement to flush all of the data on close(), so an application really shouldn't rely on seeing writeback errors returned there since it's not reliable. If you care about writeback errors, you have to call fsync -- full stop. > > > > cifs_dbg(FYI, "Flush inode %p file %p rc %d\n", inode, file rc); > > - if (rc) { > > - /* get more nuanced writeback errors */ > > - rc = filemap_check_wb_err(file->f_mapping, 0); > > + if (rc) > > trace_cifs_flush_err(inode->i_ino, rc); > > - } > > + > > return rc; > > } > > >
On Mon, Jan 09, 2023 at 10:14:12AM -0500, Jeff Layton wrote: > On Mon, 2023-01-09 at 09:42 -0500, Jeff Layton wrote: > > On Mon, 2023-01-09 at 05:18 +0000, Matthew Wilcox (Oracle) wrote: > > > filemap_write_and_wait() now calls filemap_check_wb_err(), so we cannot > > > glean any additional information by calling it ourselves. It may also > > > be misleading as it will pick up on any errors since the beginning of > > > time which may well be since before this program opened the file. > > > > > > Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org> > > > --- > > > fs/cifs/file.c | 8 +++----- > > > 1 file changed, 3 insertions(+), 5 deletions(-) > > > > > > diff --git a/fs/cifs/file.c b/fs/cifs/file.c > > > index 22dfc1f8b4f1..7e7ee26cf77d 100644 > > > --- a/fs/cifs/file.c > > > +++ b/fs/cifs/file.c > > > @@ -3042,14 +3042,12 @@ int cifs_flush(struct file *file, fl_owner_t id) > > > int rc = 0; > > > > > > if (file->f_mode & FMODE_WRITE) > > > - rc = filemap_write_and_wait(inode->i_mapping); > > > + rc = filemap_write_and_wait(file->f_mapping); > > > > If we're calling ->flush, then the file is being closed. Should this > > just be? > > rc = file_write_and_wait(file); > > > > It's not like we need to worry about corrupting ->f_wb_err at that > > point. > > > > OTOH, I suppose it is possible for there to be racing fsync syscall with > a filp_close, and in that case advancing the f_wb_err might be a bad > idea, particularly since a lot of places ignore the return from > filp_close. It's probably best to _not_ advance the f_wb_err on ->flush > calls. There's only so much we can do to protect an application from itself. If it's racing an fsync() against close(), it might get an EBADF from fsync(), or end up fsyncing entirely the wrong file due to a close(); open(); associating the fd with a different file. > That said...wonder if we ought to consider making filp_close and ->flush > void return functions. There's no POSIX requirement to flush all of the > data on close(), so an application really shouldn't rely on seeing > writeback errors returned there since it's not reliable. > > If you care about writeback errors, you have to call fsync -- full stop. Yes, most filesystems do not writeback dirty data on close(). Applications can't depend on that behaviour. Interestingly, if you read https://pubs.opengroup.org/onlinepubs/9699919799/functions/close.html really carefully, it says: If an I/O error occurred while reading from or writing to the file system during close(), it may return -1 with errno set to [EIO]; if this error is returned, the state of fildes is unspecified. So if we return an error, userspace doesn't know if this fd is still open or not! This feels like poor underspecification on POSIX's part (and probably stems from a historical unwillingness to declare any vendor's implementation as "not Unix").
On Mon, 2023-01-09 at 15:30 +0000, Matthew Wilcox wrote: > On Mon, Jan 09, 2023 at 10:14:12AM -0500, Jeff Layton wrote: > > On Mon, 2023-01-09 at 09:42 -0500, Jeff Layton wrote: > > > On Mon, 2023-01-09 at 05:18 +0000, Matthew Wilcox (Oracle) wrote: > > > > filemap_write_and_wait() now calls filemap_check_wb_err(), so we cannot > > > > glean any additional information by calling it ourselves. It may also > > > > be misleading as it will pick up on any errors since the beginning of > > > > time which may well be since before this program opened the file. > > > > > > > > Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org> > > > > --- > > > > fs/cifs/file.c | 8 +++----- > > > > 1 file changed, 3 insertions(+), 5 deletions(-) > > > > > > > > diff --git a/fs/cifs/file.c b/fs/cifs/file.c > > > > index 22dfc1f8b4f1..7e7ee26cf77d 100644 > > > > --- a/fs/cifs/file.c > > > > +++ b/fs/cifs/file.c > > > > @@ -3042,14 +3042,12 @@ int cifs_flush(struct file *file, fl_owner_t id) > > > > int rc = 0; > > > > > > > > if (file->f_mode & FMODE_WRITE) > > > > - rc = filemap_write_and_wait(inode->i_mapping); > > > > + rc = filemap_write_and_wait(file->f_mapping); > > > > > > If we're calling ->flush, then the file is being closed. Should this > > > just be? > > > rc = file_write_and_wait(file); > > > > > > It's not like we need to worry about corrupting ->f_wb_err at that > > > point. > > > > > > > OTOH, I suppose it is possible for there to be racing fsync syscall with > > a filp_close, and in that case advancing the f_wb_err might be a bad > > idea, particularly since a lot of places ignore the return from > > filp_close. It's probably best to _not_ advance the f_wb_err on ->flush > > calls. > > There's only so much we can do to protect an application from itself. > If it's racing an fsync() against close(), it might get an EBADF from > fsync(), or end up fsyncing entirely the wrong file due to a close(); > open(); associating the fd with a different file. > close() is not the worry, as it does return the error from ->flush. It's the other callers of filp_close that concern me. A lot of those are dealing with special "internal" struct files, but not all of them. There's no benefit to advancing f_wb_err in ->flush, so I think we ought to just avoid it. I think we don't even want to mark it SEEN in that case either, so filemap_check_wb_err ought to be fine. > > That said...wonder if we ought to consider making filp_close and ->flush > > void return functions. There's no POSIX requirement to flush all of the > > data on close(), so an application really shouldn't rely on seeing > > writeback errors returned there since it's not reliable. > > > > If you care about writeback errors, you have to call fsync -- full stop. > > Yes, most filesystems do not writeback dirty data on close(). > Applications can't depend on that behaviour. Interestingly, if you read > https://pubs.opengroup.org/onlinepubs/9699919799/functions/close.html > really carefully, it says: > > If an I/O error occurred while reading from or writing to the file > system during close(), it may return -1 with errno set to [EIO]; > if this error is returned, the state of fildes is unspecified. > > So if we return an error, userspace doesn't know if this fd is still > open or not! This feels like poor underspecification on POSIX's part > (and probably stems from a historical unwillingness to declare any > vendor's implementation as "not Unix"). > It's a mess. On Linux we even tear down the fd on EINTR and EAGAIN, so retrying a close() on failure will always get you a EBADF. The only sane thing for userland to do is to just ignore errors on close (aside from maybe EBADF).
diff --git a/fs/cifs/file.c b/fs/cifs/file.c index 22dfc1f8b4f1..7e7ee26cf77d 100644 --- a/fs/cifs/file.c +++ b/fs/cifs/file.c @@ -3042,14 +3042,12 @@ int cifs_flush(struct file *file, fl_owner_t id) int rc = 0; if (file->f_mode & FMODE_WRITE) - rc = filemap_write_and_wait(inode->i_mapping); + rc = filemap_write_and_wait(file->f_mapping); cifs_dbg(FYI, "Flush inode %p file %p rc %d\n", inode, file, rc); - if (rc) { - /* get more nuanced writeback errors */ - rc = filemap_check_wb_err(file->f_mapping, 0); + if (rc) trace_cifs_flush_err(inode->i_ino, rc); - } + return rc; }