After the FUSE daemon crashes, the fuse mount point becomes inaccessible.
In some production environments, a watchdog daemon is used to preserve
the FUSE connection's file descriptor (fd). When the FUSE daemon crashes,
a new FUSE daemon is started and takes over the fd from the watchdog
daemon, allowing it to continue providing services.
However, if any inflight requests are lost during the crash, the user
process becomes stuck as it does not receive any replies.
To resolve this issue, this patchset introduces a new notification type
that enable resending these pending requests to the FUSE daemon again,
allowing the stuck user process to recover.
When using the resend API, FUSE daemon needs to ensure avoidance of
processing duplicate non-idempotent requests to prevent potential
consistency issues. The high bit of the fuse request id is utilized for
indicating the resend request.
---
v2->v3:
- use notification instead of sysfs API to trigger resend
- simplify FUSE_REQ_ID_MASK related code
- rename some related macro names
v1->v2:
- remove flush sysfs API in the original mail
- add using high bit of request ID for indicating resend requests
- add wakeup in fuse_resend_pqueue()
Zhao Chen (2):
fuse: Introduce a new notification type for resend pending requests
fuse: Use the high bit of request ID for indicating resend requests
fs/fuse/dev.c | 69 ++++++++++++++++++++++++++++++++++++++-
fs/fuse/inode.c | 3 +-
include/uapi/linux/fuse.h | 12 +++++++
3 files changed, 82 insertions(+), 2 deletions(-)