[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20070316032624.c6db84fc.akpm@linux-foundation.org>
Date: Fri, 16 Mar 2007 03:26:24 -0800
From: Andrew Morton <akpm@...ux-foundation.org>
To: "Pekka Enberg" <penberg@...helsinki.fi>
Cc: linux-kernel@...r.kernel.org, hch@...radead.org,
alan@...rguk.ukuu.org.uk
Subject: Re: [PATCH 2/5] revoke: core code
On Fri, 16 Mar 2007 08:44:46 +0200 "Pekka Enberg" <penberg@...helsinki.fi> wrote:
> On 3/16/07, Andrew Morton <akpm@...ux-foundation.org> wrote:
> > Why is this code using invalidate_inode_pages2()? That function keeps on
> > breaking, has ill-defined semantics and will probably change in the future.
> >
> > Exactly what semantics are you looking for here, and why?
>
> What the comment says "make pending reads fail." When revoking an
> inode, we need to make sure there are no pending I/O that will
> complete after revocation and thus leak information.
hm, let's define "pending".
I assume that any future callers to sys_read() will reliably do the right
thing at this stage, so we are concerned with threads which are presently
partway through a read from this inode?
If that's not accurate then please describe with some detail exactly what
semantics you're looking for here.
If it _is_ accurate then hm, tricky. It all rather depends upon how the
relevant filesystem implements reading (and writing?). Which is why you
made it a file_operation, fair enough.
But even for ext2 and ext3 (please keep ext4 in sync with ext3 changes,
btw), if some process is partway through a big page_cache_readahead()
operation then a concurrent invalidate_inode_pages2() call won't worry it
at all: the pagecache will be reinstantiated and do_generic_mapping_read()
will proceed to copy that pagecache out to the user after the revoke() has
returned. I think.
I'm afraid I havent paid any attention to this revoke proposal before, I
don't understand the usecases nor the implementation details so things
which are implicitly-obvious-to-you must be explained to me. But others
will benefit from that explanation too ;) What, exactly, are we trying to do
with the already-opened files and the currently-in-progress syscalls?
(A concurrent direct-io read might be a problem too?)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists