| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20260119083750.2055-1-luochunsheng@ustc.edu>
Date: Mon, 19 Jan 2026 16:37:47 +0800
From: Chunsheng Luo <luochunsheng@...c.edu>
To: miklos@...redi.hu
Cc: amir73il@...il.com,
linux-fsdevel@...r.kernel.org,
linux-kernel@...r.kernel.org,
Chunsheng Luo <luochunsheng@...c.edu>
Subject: [PATCH v3 0/2] fuse: improve crash recovery for backing files
Hello maintainers and community,
This v3 series addresses crash recovery issues for FUSE daemons
with passthrough support, following up on the previous RFC
discussion [1].
Problem Summary
===============
To simplify FUSE daemon crash recovery and reduce performance
overhead, passthrough backing_id information is not persisted.
However, this design choice introduces two issues when the daemon
restarts:
1. Non-persistent backing_ids prevent proper resource cleanup during
daemon restart, potentially causing resource leaks.
2. New backing_ids allocated for the same backing file trigger -EBUSY
errors due to strict pointer validation in
fuse_inode_uncached_io_start(), even though the backing inodes
are identical.
Changes from v2
===============
Based on Amir Goldstein's review feedback, this v3 series updates:
Patch 1/2: "fuse: add ioctl to cleanup all backing files"
- Changed backing_files_map to RCU-protected pointer for safe concurrent
access, using rcu_replace_pointer() instead of swap().
- Added synchronize_rcu() to prevent use-after-free with in-flight lookups.
- Made fuse_backing_files_init() return int to handle allocation failures.
Patch 2/2: "fuse: Relax backing file validation to compare backing inodes"
- No changes from v2.
Changes from RFC v1 [2]
=======================
v2 series implemented:
- Replaced magic -1 value with dedicated FUSE_DEV_IOC_BACKING_CLOSE_ALL
ioctl for comprehensive cleanup during daemon restart.
- Dropped FOPEN_PASSTHROUGH_INODE_CACHE flag approach.
- Modified fuse_inode_uncached_io_start() to compare backing inodes
instead of fuse_backing pointers, allowing safe reuse of identical
backing files after recovery.
Testing
=======
The patches have been tested with FUSE daemon crash and recovery
scenarios on kernel 6.19.0-rc4, successfully resolving the -EIO
errors and backing file resource leaks.
This approach maintains the simplicity of non-persistent backing_ids
while ensuring proper recovery semantics and thread safety.
Thank you for your review and guidance.
[1] https://lore.kernel.org/linux-fsdevel/20260115072032.402-1-luochunsheng@ustc.edu/
[2] https://lore.kernel.org/linux-fsdevel/20260116142845.422-1-luochunsheng@ustc.edu/T/#t
Chunsheng Luo (2):
fuse: add ioctl to cleanup all backing files
fuse: Relax backing file validation to compare backing inodes
fs/fuse/backing.c | 76 +++++++++++++++++++++++++++++++++++----
fs/fuse/dev.c | 16 +++++++++
fs/fuse/fuse_i.h | 5 +--
fs/fuse/inode.c | 11 +++---
fs/fuse/iomode.c | 2 +-
include/uapi/linux/fuse.h | 1 +
6 files changed, 95 insertions(+), 16 deletions(-)
--
2.41.0
Powered by blists - more mailing lists