Re: [fuse-devel] fuse low level cache (was flag_nullpath_ok)

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hi

[I had a problem at first try, sorry if this is sent twice]

Jean-Pierre André wrote:
> Hi Miklos,
>
> Miklos Szeredi wrote:
>   
>> On Wed, 19 Aug 2009, Jean-Pierre André wrote:
>>   
>>     
>>> Just note that, currently, fuse has no option to check
>>> the Posix ACLs (though a patch was recently posted
>>> here to that aim), and you have to check them in the
>>> file system.... which generally implies to check access
>>> to the parent directory, and which you cannot do with
>>> the low level API because you have no information
>>> about which parent directory was used to access the file
>>> (when a file is linked into several parent directories).
>>>     
>>>       
>> Oh, you *can* do that with the low level api, just need to check
>> permissions in the .lookup() method.
>>   
>>     
>
> There still is something I cannot get right with fuse
> cacheing enabled. Consider the following, where
> mkdir and chmod both return the current stat with
> a timeout of one second :
>
> chmod 755 trydir
> rm -rf trydir
> mkdir trydir
> echo file > trydir/file
> ls -li trydir/file    
> chmod 000 trydir
> chmod 444 trydir/file
> ls -li trydir/file
>   

The above is sometimes bad formatted for unknown
reason, trying again :

chmod 755 trydir
rm -rf trydir
mkdir trydir
echo file > trydir/file
ls -li trydir/file
chmod 000 trydir
chmod 444 trydir/file
ls -li trydir/file

> I get the following result :
>
> 293 -rw-rw-r-- 1 linux linux 5 2009-08-25 17:50 trydir/file
> 293 -r--r--r-- 1 linux linux 5 2009-08-25 17:50 trydir/file
>
> Which shows the last chmod has been accepted
> though just after one denying access.
>
> Analyzing fuse calls, I see that no lookup is issued
> between the two chmod, and I tend to believe the
> state returned by the chmod on the dir is not used
> to decide over the access for the second chmod, the
> state resulting from mkdir being used instead until
> its timeout elapses.
I can now confirm the diagnosis : when checking
whether is directory is searchable (in lookup)
with cacheing enabled, fuse only checks the
directory entry timeout, without checking whether
a chmod/chown/setfacl has changed the permissions
on the directory in the meantime.

As I do not know of any way to cancel the directory
cache in chmod/chown/setfacl, I had to get fuse
to check the attributes time out to decide whether
a new lookup has to be done.

Appended is the patch for that, which relies on
chmod/chown/setfacl to return with a null timeout
(at least when they impact a directory), to force
a new lookup the next time the directory is accessed.
Actually for setfacl, the file system cannot return
the updated stat, so something more has to be done
within fuse, and probably also in the kernel module.

With the patch I get the expected result :

78 -rw-rw-r-- 1 linux linux 5 2009-08-28 09:47 trydir/file
chmod: cannot access `trydir/file': Permission denied
ls: cannot access trydir/file: Permission denied

The patch is a "quick and dirty" one, and I would
really appreciate comments.

Regards

Jean-Pierre