lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAOQ4uxgSc7hK1=GuUajzG1Z+ks6gzFFX+EtuBMULOk0s85zi3A@mail.gmail.com>
Date:   Sun, 21 Jun 2020 09:00:01 +0300
From:   Amir Goldstein <amir73il@...il.com>
To:     Matthew Wilcox <willy@...radead.org>
Cc:     linux-fsdevel <linux-fsdevel@...r.kernel.org>,
        Linux MM <linux-mm@...ck.org>,
        Andreas Gruenbacher <agruenba@...hat.com>,
        linux-kernel <linux-kernel@...r.kernel.org>,
        linux-xfs <linux-xfs@...r.kernel.org>,
        Dave Chinner <david@...morbit.com>, Jan Kara <jack@...e.cz>
Subject: Re: [RFC] Bypass filesystems for reading cached pages

[CC: Dave Chinner, Jan Kara, xfs]

On Sat, Jun 20, 2020 at 10:15 PM Matthew Wilcox <willy@...radead.org> wrote:
>
> On Sat, Jun 20, 2020 at 09:19:37AM +0300, Amir Goldstein wrote:
> > On Fri, Jun 19, 2020 at 6:52 PM Matthew Wilcox <willy@...radead.org> wrote:
> > > This patch lifts the IOCB_CACHED idea expressed by Andreas to the VFS.
> > > The advantage of this patch is that we can avoid taking any filesystem
> > > lock, as long as the pages being accessed are in the cache (and we don't
> > > need to readahead any pages into the cache).  We also avoid an indirect
> > > function call in these cases.
> >
> > XFS is taking i_rwsem lock in read_iter() for a surprising reason:
> > https://lore.kernel.org/linux-xfs/CAOQ4uxjpqDQP2AKA8Hrt4jDC65cTo4QdYDOKFE-C3cLxBBa6pQ@mail.gmail.com/
> > In that post I claim that ocfs2 and cifs also do some work in read_iter().
> > I didn't go back to check what, but it sounds like cache coherence among
> > nodes.
>
> That's out of date.  Here's POSIX-2017:
>
> https://pubs.opengroup.org/onlinepubs/9699919799/functions/read.html
>
>   "I/O is intended to be atomic to ordinary files and pipes and
>   FIFOs. Atomic means that all the bytes from a single operation that
>   started out together end up together, without interleaving from other
>   I/O operations. It is a known attribute of terminals that this is not
>   honored, and terminals are explicitly (and implicitly permanently)
>   excepted, making the behavior unspecified. The behavior for other
>   device types is also left unspecified, but the wording is intended to
>   imply that future standards might choose to specify atomicity (or not)."
>
> That _doesn't_ say "a read cannot observe a write in progress".  It says
> "Two writes cannot interleave".  Indeed, further down in that section, it says:
>
>   "Earlier versions of this standard allowed two very different behaviors
>   with regard to the handling of interrupts. In order to minimize the
>   resulting confusion, it was decided that POSIX.1-2017 should support
>   only one of these behaviors. Historical practice on AT&T-derived systems
>   was to have read() and write() return -1 and set errno to [EINTR] when
>   interrupted after some, but not all, of the data requested had been
>   transferred. However, the US Department of Commerce FIPS 151-1 and FIPS
>   151-2 require the historical BSD behavior, in which read() and write()
>   return the number of bytes actually transferred before the interrupt. If
>   -1 is returned when any data is transferred, it is difficult to recover
>   from the error on a seekable device and impossible on a non-seekable
>   device. Most new implementations support this behavior. The behavior
>   required by POSIX.1-2017 is to return the number of bytes transferred."
>
> That explicitly allows for a write to be interrupted by a signal and
> later resumed, allowing a read to observe a half-complete write.
>

Tell that to Dave Chinner (cc). I too, find it surprising that XFS developers
choose to "not regress" a behavior that is XFS specific and there is no
proof or even clues of any application that could rely on such behavior.
While the price that is being paid by all real world applications that do
mixed random rw workload is very much real and very much significant.

The original discussion on the original post quickly steered towards the
behavior change of rwsem [1], which you Matthew also participated in.
The reason for taking the rwsem lock in the first place was never seriously
challenged.

I posted a followup patch that fixes the performance issue without breaking
the "atomic rw" behavior [2] by calling generic_file_read_iter() once without
i_rwsem to pre-populate the page cache.
Dave had some technical concerns about this patch, regarding racing
with truncate_pagecache_range(), which later led to a fix by Jan Kara to
solve a readahead(2) vs. hole punch race [3].

At the time, Jan Kara wrote [3]:
"...other filesystems need similar protections but e.g. in case of ext4 it isn't
so simple without seriously regressing mixed rw workload performance so
I'm pushing just xfs fix at this moment which is simple."

And w.r.t solving the race without taking i_rwsem:
"...So I have an idea how it could be solved: Change calling convention for
->readpage() so that it gets called without page locked and take
i_mmap_sem there (and in ->readpages()) to protect from the race..."

My question to both Jan and Matthew is - does the new aops ->readahead()
API make things any better in that regard?
Will it make it easier for us to address the readahead vs. hole punch race
without having to take i_rwsem before readahead()?

Thanks,
Amir.

[1] https://lore.kernel.org/linux-xfs/20190325154731.GT1183@magnolia/
[2] https://lore.kernel.org/linux-xfs/20190404165737.30889-1-amir73il@gmail.com/
[3] https://lore.kernel.org/linux-xfs/20200120165830.GB28285@quack2.suse.cz/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ