diff mbox series

[v16,03/13] overlayfs: Implement splice-read

Message ID 20230308143754.1976726-4-dhowells@redhat.com (mailing list archive)
State New, archived
Headers show
Series splice, block: Use page pinning and kill ITER_PIPE | expand

Commit Message

David Howells March 8, 2023, 2:37 p.m. UTC 
Implement splice-read for overlayfs by passing the request down a layer
rather than going through generic_file_splice_read() which is going to be
changed to assume that ->read_folio() is present on buffered files.

Signed-off-by: David Howells <dhowells@redhat.com>
cc: Christoph Hellwig <hch@lst.de>
cc: Jens Axboe <axboe@kernel.dk>
cc: Al Viro <viro@zeniv.linux.org.uk>
cc: John Hubbard <jhubbard@nvidia.com>
cc: David Hildenbrand <david@redhat.com>
cc: Matthew Wilcox <willy@infradead.org>
cc: Miklos Szeredi <miklos@szeredi.hu>
cc: linux-unionfs@vger.kernel.org
cc: linux-block@vger.kernel.org
cc: linux-fsdevel@vger.kernel.org
cc: linux-mm@kvack.org
---

Notes:
    ver #15)
     - Remove redundant FMODE_CAN_ODIRECT check on real file.
     - Do rw_verify_area() on the real file, not the overlay file.
     - Fix a file leak.

 fs/overlayfs/file.c | 33 ++++++++++++++++++++++++++++++++-
 1 file changed, 32 insertions(+), 1 deletion(-)

Comments

Miklos Szeredi March 8, 2023, 3:33 p.m. UTC | #1 
On Wed, 8 Mar 2023 at 15:38, David Howells <dhowells@redhat.com> wrote:
>
> Implement splice-read for overlayfs by passing the request down a layer
> rather than going through generic_file_splice_read() which is going to be
> changed to assume that ->read_folio() is present on buffered files.
>
> Signed-off-by: David Howells <dhowells@redhat.com>
> cc: Christoph Hellwig <hch@lst.de>
> cc: Jens Axboe <axboe@kernel.dk>
> cc: Al Viro <viro@zeniv.linux.org.uk>
> cc: John Hubbard <jhubbard@nvidia.com>
> cc: David Hildenbrand <david@redhat.com>
> cc: Matthew Wilcox <willy@infradead.org>
> cc: Miklos Szeredi <miklos@szeredi.hu>
> cc: linux-unionfs@vger.kernel.org
> cc: linux-block@vger.kernel.org
> cc: linux-fsdevel@vger.kernel.org
> cc: linux-mm@kvack.org
> ---
>
> Notes:
>     ver #15)
>      - Remove redundant FMODE_CAN_ODIRECT check on real file.
>      - Do rw_verify_area() on the real file, not the overlay file.
>      - Fix a file leak.
>
>  fs/overlayfs/file.c | 33 ++++++++++++++++++++++++++++++++-
>  1 file changed, 32 insertions(+), 1 deletion(-)
>
> diff --git a/fs/overlayfs/file.c b/fs/overlayfs/file.c
> index 7c04f033aadd..a12919e9ccba 100644
> --- a/fs/overlayfs/file.c
> +++ b/fs/overlayfs/file.c
> @@ -419,6 +419,37 @@ static ssize_t ovl_write_iter(struct kiocb *iocb, struct iov_iter *iter)
>         return ret;
>  }
>
> +static ssize_t ovl_splice_read(struct file *in, loff_t *ppos,
> +                              struct pipe_inode_info *pipe, size_t len,
> +                              unsigned int flags)
> +{
> +       const struct cred *old_cred;
> +       struct fd real;
> +       ssize_t ret;
> +
> +       ret = ovl_real_fdget(in, &real);
> +       if (ret)
> +               return ret;
> +
> +       ret = -EINVAL;
> +       if (!real.file->f_op->splice_read)
> +               goto out_fdput;
> +
> +       ret = rw_verify_area(READ, real.file, ppos, len);
> +       if (unlikely(ret < 0))
> +               goto out_fdput;
> +
> +       old_cred = ovl_override_creds(file_inode(in)->i_sb);
> +       ret = real.file->f_op->splice_read(real.file, ppos, pipe, len, flags);

I don't think you replied to my suggestion of using a helper here.
E.g. it could be as simple as exporting do_splice_to(), or renaming it
to vfs_splice_read() to be more readable.  It would remove the
boilerplate and be more robust if any changes are done to the splice
reading code.

Thanks,
Miklos
David Howells March 8, 2023, 3:54 p.m. UTC | #2 
Miklos Szeredi <miklos@szeredi.hu> wrote:

> > +       ret = -EINVAL;
> > +       if (!real.file->f_op->splice_read)
> > +               goto out_fdput;
> > +
> > +       ret = rw_verify_area(READ, real.file, ppos, len);
> > +       if (unlikely(ret < 0))
> > +               goto out_fdput;
> > +
> > +       old_cred = ovl_override_creds(file_inode(in)->i_sb);
> > +       ret = real.file->f_op->splice_read(real.file, ppos, pipe, len, flags);
> 
> I don't think you replied to my suggestion of using a helper here.
> E.g. it could be as simple as exporting do_splice_to(), or renaming it
> to vfs_splice_read() to be more readable.  It would remove the
> boilerplate and be more robust if any changes are done to the splice
> reading code.

Using do_splice_to() as a helper is probably a good idea, though both Willy
and Christoph seem to dislike it.

The pipe occupancy check has already been done, so I'm not sure if it should
be repeated - though it probably wouldn't hurt.

David
Christoph Hellwig March 8, 2023, 3:56 p.m. UTC | #3 
On Wed, Mar 08, 2023 at 03:54:36PM +0000, David Howells wrote:
> Using do_splice_to() as a helper is probably a good idea, though both Willy
> and Christoph seem to dislike it.

That's not true.  What I'm fundamentlly against is pointless wrappers
like the call_* that add no value.  do_splice_to adds useful checks,
so if properly named and documented, I'm absolutely in favour.
David Howells March 8, 2023, 4:04 p.m. UTC | #4 
Christoph Hellwig <hch@lst.de> wrote:

> On Wed, Mar 08, 2023 at 03:54:36PM +0000, David Howells wrote:
> > Using do_splice_to() as a helper is probably a good idea, though both Willy
> > and Christoph seem to dislike it.
> 
> That's not true.  What I'm fundamentlly against is pointless wrappers
> like the call_* that add no value.  do_splice_to adds useful checks,
> so if properly named and documented, I'm absolutely in favour.

Fair enough.  Rename to vfs_splice_read() okay with you?

David
Christoph Hellwig March 9, 2023, 9:29 a.m. UTC | #5 
On Wed, Mar 08, 2023 at 04:04:39PM +0000, David Howells wrote:
> Christoph Hellwig <hch@lst.de> wrote:
> 
> > On Wed, Mar 08, 2023 at 03:54:36PM +0000, David Howells wrote:
> > > Using do_splice_to() as a helper is probably a good idea, though both Willy
> > > and Christoph seem to dislike it.
> > 
> > That's not true.  What I'm fundamentlly against is pointless wrappers
> > like the call_* that add no value.  do_splice_to adds useful checks,
> > so if properly named and documented, I'm absolutely in favour.
> 
> Fair enough.  Rename to vfs_splice_read() okay with you?

Yes.
diff mbox series

Patch

diff --git a/fs/overlayfs/file.c b/fs/overlayfs/file.c
index 7c04f033aadd..a12919e9ccba 100644
--- a/fs/overlayfs/file.c
+++ b/fs/overlayfs/file.c
@@ -419,6 +419,37 @@  static ssize_t ovl_write_iter(struct kiocb *iocb, struct iov_iter *iter)
 	return ret;
 }
 
+static ssize_t ovl_splice_read(struct file *in, loff_t *ppos,
+			       struct pipe_inode_info *pipe, size_t len,
+			       unsigned int flags)
+{
+	const struct cred *old_cred;
+	struct fd real;
+	ssize_t ret;
+
+	ret = ovl_real_fdget(in, &real);
+	if (ret)
+		return ret;
+
+	ret = -EINVAL;
+	if (!real.file->f_op->splice_read)
+		goto out_fdput;
+
+	ret = rw_verify_area(READ, real.file, ppos, len);
+	if (unlikely(ret < 0))
+		goto out_fdput;
+
+	old_cred = ovl_override_creds(file_inode(in)->i_sb);
+	ret = real.file->f_op->splice_read(real.file, ppos, pipe, len, flags);
+
+	revert_creds(old_cred);
+	ovl_file_accessed(in);
+out_fdput:
+	fdput(real);
+
+	return ret;
+}
+
 /*
  * Calling iter_file_splice_write() directly from overlay's f_op may deadlock
  * due to lock order inversion between pipe->mutex in iter_file_splice_write()
@@ -695,7 +726,7 @@  const struct file_operations ovl_file_operations = {
 	.fallocate	= ovl_fallocate,
 	.fadvise	= ovl_fadvise,
 	.flush		= ovl_flush,
-	.splice_read    = generic_file_splice_read,
+	.splice_read    = ovl_splice_read,
 	.splice_write   = ovl_splice_write,
 
 	.copy_file_range	= ovl_copy_file_range,