Implement splice-read for overlayfs by passing the request down a layer
rather than going through generic_file_splice_read() which is going to be
changed to assume that ->read_folio() is present on buffered files.
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Christoph Hellwig <hch@lst.de>
cc: Jens Axboe <axboe@kernel.dk>
cc: Al Viro <viro@zeniv.linux.org.uk>
cc: John Hubbard <jhubbard@nvidia.com>
cc: David Hildenbrand <david@redhat.com>
cc: Matthew Wilcox <willy@infradead.org>
cc: Miklos Szeredi <miklos@szeredi.hu>
cc: linux-unionfs@vger.kernel.org
cc: linux-block@vger.kernel.org
cc: linux-fsdevel@vger.kernel.org
cc: linux-mm@kvack.org
---
fs/overlayfs/file.c | 36 +++++++++++++++++++++++++++++++++++-
1 file changed, 35 insertions(+), 1 deletion(-)
diff --git a/fs/overlayfs/file.c b/fs/overlayfs/file.c
index c9d0c362c7ef..267b61df6fcd 100644
--- a/fs/overlayfs/file.c
+++ b/fs/overlayfs/file.c
@@ -419,6 +419,40 @@ static ssize_t ovl_write_iter(struct kiocb *iocb, struct iov_iter *iter)
return ret;
}
+static ssize_t ovl_splice_read(struct file *in, loff_t *ppos,
+ struct pipe_inode_info *pipe, size_t len,
+ unsigned int flags)
+{
+ const struct cred *old_cred;
+ struct fd real;
+ ssize_t ret;
+
+ ret = ovl_real_fdget(in, &real);
+ if (ret)
+ return ret;
+
+ ret = -EINVAL;
+ if (in->f_flags & O_DIRECT &&
+ !(real.file->f_mode & FMODE_CAN_ODIRECT))
+ goto out_fdput;
+ if (!real.file->f_op->splice_read)
+ goto out_fdput;
+
+ ret = rw_verify_area(READ, in, ppos, len);
+ if (unlikely(ret < 0))
+ return ret;
+
+ old_cred = ovl_override_creds(file_inode(in)->i_sb);
+ ret = real.file->f_op->splice_read(real.file, ppos, pipe, len, flags);
+
+ revert_creds(old_cred);
+ ovl_file_accessed(in);
+out_fdput:
+ fdput(real);
+
+ return ret;
+}
+
/*
* Calling iter_file_splice_write() directly from overlay's f_op may deadlock
* due to lock order inversion between pipe->mutex in iter_file_splice_write()
@@ -695,7 +729,7 @@ const struct file_operations ovl_file_operations = {
.fallocate = ovl_fallocate,
.fadvise = ovl_fadvise,
.flush = ovl_flush,
- .splice_read = generic_file_splice_read,
+ .splice_read = ovl_splice_read,
.splice_write = ovl_splice_write,
.copy_file_range = ovl_copy_file_range,On Tue, 14 Feb 2023 at 18:14, David Howells <dhowells@redhat.com> wrote:
>
> Implement splice-read for overlayfs by passing the request down a layer
> rather than going through generic_file_splice_read() which is going to be
> changed to assume that ->read_folio() is present on buffered files.
>
> Signed-off-by: David Howells <dhowells@redhat.com>
> cc: Christoph Hellwig <hch@lst.de>
> cc: Jens Axboe <axboe@kernel.dk>
> cc: Al Viro <viro@zeniv.linux.org.uk>
> cc: John Hubbard <jhubbard@nvidia.com>
> cc: David Hildenbrand <david@redhat.com>
> cc: Matthew Wilcox <willy@infradead.org>
> cc: Miklos Szeredi <miklos@szeredi.hu>
> cc: linux-unionfs@vger.kernel.org
> cc: linux-block@vger.kernel.org
> cc: linux-fsdevel@vger.kernel.org
> cc: linux-mm@kvack.org
> ---
> fs/overlayfs/file.c | 36 +++++++++++++++++++++++++++++++++++-
> 1 file changed, 35 insertions(+), 1 deletion(-)
>
> diff --git a/fs/overlayfs/file.c b/fs/overlayfs/file.c
> index c9d0c362c7ef..267b61df6fcd 100644
> --- a/fs/overlayfs/file.c
> +++ b/fs/overlayfs/file.c
> @@ -419,6 +419,40 @@ static ssize_t ovl_write_iter(struct kiocb *iocb, struct iov_iter *iter)
> return ret;
> }
>
> +static ssize_t ovl_splice_read(struct file *in, loff_t *ppos,
> + struct pipe_inode_info *pipe, size_t len,
> + unsigned int flags)
> +{
> + const struct cred *old_cred;
> + struct fd real;
> + ssize_t ret;
> +
> + ret = ovl_real_fdget(in, &real);
> + if (ret)
> + return ret;
> +
> + ret = -EINVAL;
> + if (in->f_flags & O_DIRECT &&
> + !(real.file->f_mode & FMODE_CAN_ODIRECT))
> + goto out_fdput;
This is unnecessary, as it was already done in ovl_real_fdget() ->
ovl_real_fdget_meta() -> ovl_change_flags().
> + if (!real.file->f_op->splice_read)
> + goto out_fdput;
> +
> + ret = rw_verify_area(READ, in, ppos, len);
Should be on real.file.
> + if (unlikely(ret < 0))
> + return ret;
Leaks fd.
> +
> + old_cred = ovl_override_creds(file_inode(in)->i_sb);
> + ret = real.file->f_op->splice_read(real.file, ppos, pipe, len, flags);
> +
> + revert_creds(old_cred);
> + ovl_file_accessed(in);
> +out_fdput:
> + fdput(real);
> +
> + return ret;
> +}
> +
> /*
> * Calling iter_file_splice_write() directly from overlay's f_op may deadlock
> * due to lock order inversion between pipe->mutex in iter_file_splice_write()
> @@ -695,7 +729,7 @@ const struct file_operations ovl_file_operations = {
> .fallocate = ovl_fallocate,
> .fadvise = ovl_fadvise,
> .flush = ovl_flush,
> - .splice_read = generic_file_splice_read,
> + .splice_read = ovl_splice_read,
> .splice_write = ovl_splice_write,
>
> .copy_file_range = ovl_copy_file_range,
>
Miklos Szeredi <miklos@szeredi.hu> wrote: > > + ret = -EINVAL; > > + if (in->f_flags & O_DIRECT && > > + !(real.file->f_mode & FMODE_CAN_ODIRECT)) > > + goto out_fdput; > > This is unnecessary, as it was already done in ovl_real_fdget() -> > ovl_real_fdget_meta() -> ovl_change_flags(). Does that mean ovl_read_iter() and ovl_write_iter() shouldn't be doing it, then? David
On Wed, 15 Feb 2023 at 16:04, David Howells <dhowells@redhat.com> wrote: > > Miklos Szeredi <miklos@szeredi.hu> wrote: > > > > + ret = -EINVAL; > > > + if (in->f_flags & O_DIRECT && > > > + !(real.file->f_mode & FMODE_CAN_ODIRECT)) > > > + goto out_fdput; > > > > This is unnecessary, as it was already done in ovl_real_fdget() -> > > ovl_real_fdget_meta() -> ovl_change_flags(). > > Does that mean ovl_read_iter() and ovl_write_iter() shouldn't be doing it, > then? That's a different thing, because ovl_*_iter() are checking on ki->flags, not f_flags. Thanks, Miklos
How about the attached then?
David
---
overlayfs: Implement splice-read
Implement splice-read for overlayfs by passing the request down a layer
rather than going through generic_file_splice_read() which is going to be
changed to assume that ->read_folio() is present on buffered files.
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Christoph Hellwig <hch@lst.de>
cc: Jens Axboe <axboe@kernel.dk>
cc: Al Viro <viro@zeniv.linux.org.uk>
cc: John Hubbard <jhubbard@nvidia.com>
cc: David Hildenbrand <david@redhat.com>
cc: Matthew Wilcox <willy@infradead.org>
cc: Miklos Szeredi <miklos@szeredi.hu>
cc: linux-unionfs@vger.kernel.org
cc: linux-block@vger.kernel.org
cc: linux-fsdevel@vger.kernel.org
cc: linux-mm@kvack.org
---
Notes:
ver #15)
- Remove redundant FMODE_CAN_ODIRECT check on real file.
- Do rw_verify_area() on the real file, not the overlay file.
- Fix a file leak.
fs/overlayfs/file.c | 33 ++++++++++++++++++++++++++++++++-
1 file changed, 32 insertions(+), 1 deletion(-)
diff --git a/fs/overlayfs/file.c b/fs/overlayfs/file.c
index c9d0c362c7ef..72a545da51a2 100644
--- a/fs/overlayfs/file.c
+++ b/fs/overlayfs/file.c
@@ -419,6 +419,37 @@ static ssize_t ovl_write_iter(struct kiocb *iocb, struct iov_iter *iter)
return ret;
}
+static ssize_t ovl_splice_read(struct file *in, loff_t *ppos,
+ struct pipe_inode_info *pipe, size_t len,
+ unsigned int flags)
+{
+ const struct cred *old_cred;
+ struct fd real;
+ ssize_t ret;
+
+ ret = ovl_real_fdget(in, &real);
+ if (ret)
+ return ret;
+
+ ret = -EINVAL;
+ if (!real.file->f_op->splice_read)
+ goto out_fdput;
+
+ ret = rw_verify_area(READ, real.file, ppos, len);
+ if (unlikely(ret < 0))
+ goto out_fdput;
+
+ old_cred = ovl_override_creds(file_inode(in)->i_sb);
+ ret = real.file->f_op->splice_read(real.file, ppos, pipe, len, flags);
+
+ revert_creds(old_cred);
+ ovl_file_accessed(in);
+out_fdput:
+ fdput(real);
+
+ return ret;
+}
+
/*
* Calling iter_file_splice_write() directly from overlay's f_op may deadlock
* due to lock order inversion between pipe->mutex in iter_file_splice_write()
@@ -695,7 +726,7 @@ const struct file_operations ovl_file_operations = {
.fallocate = ovl_fallocate,
.fadvise = ovl_fadvise,
.flush = ovl_flush,
- .splice_read = generic_file_splice_read,
+ .splice_read = ovl_splice_read,
.splice_write = ovl_splice_write,
.copy_file_range = ovl_copy_file_range,On Wed, 15 Feb 2023 at 16:41, David Howells <dhowells@redhat.com> wrote: > > How about the attached then? > > David > --- > overlayfs: Implement splice-read > > Implement splice-read for overlayfs by passing the request down a layer > rather than going through generic_file_splice_read() which is going to be > changed to assume that ->read_folio() is present on buffered files. Looks good. One more suggestion: add a vfs_splice() helper and use that from do_splice_to() as well. Thanks, Miklos
Miklos Szeredi <miklos@szeredi.hu> wrote: > Looks good. Can I put that down as an Acked-by? Thanks, David
On Wed, Feb 15, 2023 at 04:50:04PM +0100, Miklos Szeredi wrote: > Looks good. One more suggestion: add a vfs_splice() helper and use > that from do_splice_to() as well. I really hate call_read_iter() etc. Please don't perpetuate that pattern.
On Wed, 15 Feb 2023 at 16:53, Matthew Wilcox <willy@infradead.org> wrote: > > On Wed, Feb 15, 2023 at 04:50:04PM +0100, Miklos Szeredi wrote: > > Looks good. One more suggestion: add a vfs_splice() helper and use > > that from do_splice_to() as well. > > I really hate call_read_iter() etc. Please don't perpetuate that > pattern. I didn't suggest call_splice_read(). vfs_splice_read() would have the rw_verify_area() as well as the check for non-null ->splice_read(). Doing it that way from the start would have prevented two of the bugs that David introduced in the first version. Thanks, Miklos
On Wed, Feb 15, 2023 at 03:53:23PM +0000, Matthew Wilcox wrote: > On Wed, Feb 15, 2023 at 04:50:04PM +0100, Miklos Szeredi wrote: > > Looks good. One more suggestion: add a vfs_splice() helper and use > > that from do_splice_to() as well. > > I really hate call_read_iter() etc. Please don't perpetuate that > pattern. I think it's time to kill it. I'll prepare a patch for it.
© 2016 - 2024 Red Hat, Inc.