On Oct 29, 2011, at 2:09 PM, J. Bruce Fields wrote: > On Sat, Oct 29, 2011 at 01:58:02PM -0400, Chuck Lever wrote: >> >> On Oct 29, 2011, at 1:55 PM, J. Bruce Fields wrote: >> >>> On Sat, Oct 29, 2011 at 01:47:55PM -0400, Chuck Lever wrote: >>>> >>>> On Oct 29, 2011, at 6:16 AM, Christoph Hellwig wrote: >>>> >>>>> This function should probably grow a check for S_NOSEC instead of >>>>> hitting the filesystems with an xattr read for every lookup. >>>> >>>> It doesn't perform the xattr read on _every_ lookup, but only when the object has a special set of permission bits. >>>> >>>> But actually, it probably doesn't need that 'type" attribute check at all. It should delegate that check to mountd. I assume many of those upcalls would hit in the export cache anyway? >>> >>> You're suggesting doing an upcall on every path that passes the mode-bit >>> checks? >>> >>> You'd end up populating the export cache with every path that passes >>> the mode-bit checks. I don't think that's a good idea. >> >> You just finished telling us that the mode bit checks would prevent doing an attribute read too often. Again, how often do we think there will be directories with no execute bits set and the sticky bit set? I think that's going to be exceptionally rare. > > Yeah, probably so, but if there's a pathological case where we're wrong > then I think excessive xattr reads will be less annoying than excessive > upcalls and export cache entries. If we find a pathological case, we should fix it. Basically I'd like the kernel check to be as simple as possible not only because it should be fast, but also so that user space can implement junctions flexibly, especially in the early days when we are still unsure of how these need to work. I think we are better off being flexible to start, and restricting only if we have to. Or to put it another way, user space, and not the kernel, should arbitrate policy. The semantics of junctions is a policy, at least for now. And lastly, right now, I expect that nearly 100% of the time the mode bit test and the xattr test will either both succeed or both fail. That suggests one of them is redundant. > And in the cached case: I doubt a lookup in the export cache is really > faster than a read of a cached xattr. But I don't know. However either case should hit in memory if the path being looked up is hot. I suspect the mode bit test plus the kernel's export cache should shield mountd from an excessive number of upcalls. -- Chuck Lever chuck[dot]lever[at]oracle[dot]com -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html