lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20260115072032.402-1-luochunsheng@ustc.edu>
Date: Thu, 15 Jan 2026 15:20:29 +0800
From: Chunsheng Luo <luochunsheng@...c.edu>
To: miklos@...redi.hu
Cc: linux-fsdevel@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	Chunsheng Luo <luochunsheng@...c.edu>
Subject: [RFC 0/2] fuse/passthrough: simplify daemon crash recovery

To simplify FUSE daemon crash recovery and reduce performance overhead,
passthrough backing_id information is not persisted. However, this
approach introduces two challenges after daemon restart:

1. Non-persistent backing_ids prevent proper resource cleanup, leading
   to resource leaks.
2. New backing_ids allocated for the same FUSE file cause -EIO errors
   due to strict fuse_backing validation in
   fuse_inode_uncached_io_start(), even when accessing the same
   backing file. This persists until all previously opened files are
   closed.

There are common scenarios where reusing the cached fuse_inode->fb is
safe:

Scenario 1: The same backing file (with identical inode) is
            re-registered after recovery.
Scenario 2: In a read-only FUSE filesystem, the backing file may be
            cleaned up and re-downloaded (resulting in a different
            inode, but identical content).

Proposed Solution:

1. Enhance fuse_dev_ioctl_backing_close() to support closing all
   backing_ids at once, enabling comprehensive resource cleanup after
   restart.

2. Introduce the FOPEN_PASSTHROUGH_INODE_CACHE flag. When set during
   fuse_open(), the kernel prioritizes reusing the existing
   fuse_backing cached in fuse_inode, falling back to the
   backing_id-associated fb only if the cache is empty.

I'd appreciate any feedback on whether there are better approaches or
potential improvements to this solution.

Thanks.
---
Chunsheng Luo (2):
  fuse: add close all in passthrough backing close for crash recovery
  fuse: Add new flag to reuse the backing file of fuse_inode

 fs/fuse/backing.c         | 14 ++++++++++++++
 fs/fuse/dev.c             |  5 +++++
 fs/fuse/fuse_i.h          |  1 +
 fs/fuse/iomode.c          |  2 +-
 fs/fuse/passthrough.c     | 11 +++++++++++
 include/uapi/linux/fuse.h |  2 ++
 6 files changed, 34 insertions(+), 1 deletion(-)

-- 
2.43.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ