lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20251128-vfs-directory-delegations-v619-07cf59ad4cf2@brauner>
Date: Fri, 28 Nov 2025 17:48:23 +0100
From: Christian Brauner <brauner@...nel.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Christian Brauner <brauner@...nel.org>,
	linux-fsdevel@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: [GIT PULL 12/17 for v6.19] vfs directory delegations

Hey Linus,

/* Summary */
This contains the work for cecall-only directory delegations for knfsd.

Add support for simple, recallable-only directory delegations. This was
decided at the fall NFS Bakeathon where the NFS client and server
maintainers discussed how to merge directory delegation support.

The approach starts with recallable-only delegations for several reasons:

1. RFC8881 has gaps that are being addressed in RFC8881bis. In particular,
  it requires directory position information for CB_NOTIFY callbacks,
  which is difficult to implement properly under Linux. The spec is being
  extended to allow that information to be omitted.

2. Client-side support for CB_NOTIFY still lags. The client side involves
  heuristics about when to request a delegation.

3. Early indication shows simple, recallable-only delegations can help
  performance. Anna Schumaker mentioned seeing a multi-minute speedup in
  xfstests runs with them enabled.

With these changes, userspace can also request a read lease on a
directory that will be recalled on conflicting accesses. This may be
useful for applications like Samba. Users can disable leases altogether
via the fs.leases-enable sysctl if needed.

VFS Changes

- Dedicated Type for Delegations

  Introduce struct delegated_inode to track inodes that may have delegations
  that need to be broken. This replaces the previous approach of passing
  raw inode pointers through the delegation breaking code paths, providing
  better type safety and clearer semantics for the delegation machinery.

- Break parent directory delegations in open(..., O_CREAT) codepath

- Allow mkdir to wait for delegation break on parent

- Allow rmdir to wait for delegation break on parent

- Add try_break_deleg calls for parents to vfs_link(), vfs_rename(),
  and vfs_unlink()

- Make vfs_create(), vfs_mknod(), and vfs_symlink() break delegations
  on parent directory

- Clean up argument list for vfs_create()

- Expose delegation support to userland

Filelock Changes

- Make lease_alloc() take a flags argument

- Rework the __break_lease API to use flags

- Add struct delegated_inode

- Push the S_ISREG check down to ->setlease handlers

  - Lift the ban on directory leases in generic_setlease

NFSD Changes

- Allow filecache to hold S_IFDIR files

- Allow DELEGRETURN on directories

- Wire up GET_DIR_DELEGATION handling

Fixes

- Fix kernel-doc warnings in __fcntl_getlease
- Add needed headers for new struct delegation definition

/* Testing */

gcc (Debian 14.2.0-19) 14.2.0
Debian clang version 19.1.7 (3+b1)

No build failures or warnings were observed.

/* Conflicts */

Merge conflicts with mainline
=============================

No known conflicts.

Merge conflicts with other trees
================================

[1] https://lore.kernel.org/linux-next/20251117073452.2c9b0190@canb.auug.org.au

The following changes since commit 3a8660878839faadb4f1a6dd72c3179c1df56787:

  Linux 6.18-rc1 (2025-10-12 13:42:36 -0700)

are available in the Git repository at:

  git@...olite.kernel.org:pub/scm/linux/kernel/git/vfs/vfs tags/vfs-6.19-rc1.directory.delegations

for you to fetch changes up to 4be9e04ebf75a5c4478c1c6295e2122e5dc98f5f:

  vfs: add needed headers for new struct delegation definition (2025-11-28 10:55:34 +0100)

Please consider pulling these changes from the signed vfs-6.19-rc1.directory.delegations tag.

Thanks!
Christian

----------------------------------------------------------------
vfs-6.19-rc1.directory.delegations

----------------------------------------------------------------
Christian Brauner (1):
      Merge patch series "vfs: recall-only directory delegations for knfsd"

Jeff Layton (18):
      filelock: make lease_alloc() take a flags argument
      filelock: rework the __break_lease API to use flags
      filelock: add struct delegated_inode
      filelock: push the S_ISREG check down to ->setlease handlers
      vfs: add try_break_deleg calls for parents to vfs_{link,rename,unlink}
      vfs: allow mkdir to wait for delegation break on parent
      vfs: allow rmdir to wait for delegation break on parent
      vfs: break parent dir delegations in open(..., O_CREAT) codepath
      vfs: clean up argument list for vfs_create()
      vfs: make vfs_create break delegations on parent directory
      vfs: make vfs_mknod break delegations on parent directory
      vfs: make vfs_symlink break delegations on parent dir
      filelock: lift the ban on directory leases in generic_setlease
      nfsd: allow filecache to hold S_IFDIR files
      nfsd: allow DELEGRETURN on directories
      nfsd: wire up GET_DIR_DELEGATION handling
      vfs: expose delegation support to userland
      vfs: add needed headers for new struct delegation definition

Randy Dunlap (1):
      filelock: __fcntl_getlease: fix kernel-doc warnings

 drivers/base/devtmpfs.c    |   6 +-
 fs/attr.c                  |   2 +-
 fs/cachefiles/namei.c      |   2 +-
 fs/ecryptfs/inode.c        |  11 ++-
 fs/fcntl.c                 |  13 ++++
 fs/fuse/dir.c              |   1 +
 fs/init.c                  |   6 +-
 fs/locks.c                 | 103 ++++++++++++++++++++--------
 fs/namei.c                 | 162 +++++++++++++++++++++++++++++++++------------
 fs/nfs/nfs4file.c          |   2 +
 fs/nfsd/filecache.c        |  57 ++++++++++++----
 fs/nfsd/filecache.h        |   2 +
 fs/nfsd/nfs3proc.c         |   2 +-
 fs/nfsd/nfs4proc.c         |  22 +++++-
 fs/nfsd/nfs4recover.c      |   6 +-
 fs/nfsd/nfs4state.c        | 103 +++++++++++++++++++++++++++-
 fs/nfsd/state.h            |   5 ++
 fs/nfsd/vfs.c              |  16 ++---
 fs/nfsd/vfs.h              |   2 +-
 fs/open.c                  |  12 ++--
 fs/overlayfs/overlayfs.h   |  10 +--
 fs/posix_acl.c             |   8 +--
 fs/smb/client/cifsfs.c     |   3 +
 fs/smb/server/vfs.c        |   9 ++-
 fs/utimes.c                |   4 +-
 fs/xattr.c                 |  12 ++--
 fs/xfs/scrub/orphanage.c   |   2 +-
 include/linux/filelock.h   |  98 +++++++++++++++++++++------
 include/linux/fs.h         |  24 ++++---
 include/linux/xattr.h      |   4 +-
 include/uapi/linux/fcntl.h |  16 +++++
 net/unix/af_unix.c         |   2 +-
 32 files changed, 550 insertions(+), 177 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ