Re: [PATCH v2 09/11] fuse: file: limit splice_read to virtiofs

From: Miklos Szeredi
Date: Wed Jan 10 2024 - 08:43:25 EST

Next message: Suzuki K Poulose: "Re: [RFC] Support for Arm CCA VMs on Linux"
Previous message: Andri Yngvason: "Re: [PATCH 5/7] drm/uAPI: Add "preferred color format" drm property as setting for userspace"
Next in thread: Ahelenia Ziemiańska: "Re: [PATCH v2 09/11] fuse: file: limit splice_read to virtiofs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 21 Dec 2023 at 04:09, Ahelenia Ziemiańska
<nabijaczleweli@xxxxxxxxxxxxxxxxxx> wrote:
>
> Potentially-blocking splice_reads are allowed for normal filesystems
> like NFS because they're blessed by root.
>
> FUSE is commonly used suid-root, and allows anyone to trivially create
> a file that, when spliced from, will just sleep forever with the pipe
> lock held.
>
> The only way IPC to the fusing process could be avoided is if
> !(ff->open_flags & FOPEN_DIRECT_IO) and the range was already cached
> and we weren't past the end. Just refuse it.

How is this not going to cause regressions out there?

We need to find an alternative to refusing splice, since this is not
going to fly, IMO.

Thanks,
Miklos

Next message: Suzuki K Poulose: "Re: [RFC] Support for Arm CCA VMs on Linux"
Previous message: Andri Yngvason: "Re: [PATCH 5/7] drm/uAPI: Add "preferred color format" drm property as setting for userspace"
Next in thread: Ahelenia Ziemiańska: "Re: [PATCH v2 09/11] fuse: file: limit splice_read to virtiofs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]