fusefs: support FUSE_IOCTL #1470
Conversation
tests/sys/fs/fusefs/ioctl.cc
Outdated
| * Copyright (c) 2019 The FreeBSD Foundation | ||
| * | ||
| * Portions of this software was developed by BFF Storage Systems, LLC under | ||
| * sponsorship from the FreeBSD Foundation. |
There was a problem hiding this comment.
You should update this copy/pasted copyright section.
There was a problem hiding this comment.
I've updated the copyright year, and removed the "sponsored by" lines.
Speaking of which, I wonder if it's the correct way to transfer copyright to the FreeBSD Foundation.
Some projects require contributors to sign off a DCO for that, however, I didn't see anything like that
in the wikis.
There was a problem hiding this comment.
We don't expect or require copyright assignment. We do encourage Signed-off-by on contributions via GitHub -- from CONTRIBUTING.md:
- Commits should include one or more
Signed-off-by:lines with full name and email address certifying Developer Certificate of Origin.
There was a problem hiding this comment.
(That said, if there is a reason you do not want to be the copyright holder I can discuss that separately.)
CismonX
force-pushed
the
feat/fusefs-ioctl
branch
from
cf075af to
56769ac
Compare
None that I'm aware of. However, one of my work-in-progress hobby projects (which is a pseudo filesystem for managing web browser bookmarks) requires ioctl for some of its major features. I'd like to make it work on FreeBSD, otherwise it would be Linux-only (which is inconvenient for myself, since I'm primarily using FreeBSD for daily work and entertainment). |
|
Recently I came across two FUSE filesystems that implement One of them is bindfs. When launched with the However, it only works for the ioctls that do not require copying extra data between kernel and user address space, since FUSE servers are not allowed to perform "unrestricted ioctl". Another is ntfs-3g. The only supported ioctl is Although there is currently no Note: For the TRIM feature, ntfs-3g server requires |
That's certainly an interesting use case.
That wouldn't work very well, because few to no FreeBSD applications will use FITRIM. A far better option would be for ntfs-3g to switch from libfuse2 to libfuse3. Then it could use the native FUSE_FALLOCATE request for hole-punching. |
tests/sys/fs/fusefs/ioctl.cc
Outdated
| /*- | ||
| * SPDX-License-Identifier: BSD-2-Clause | ||
| * | ||
| * Copyright (c) 2024 The FreeBSD Foundation |
There was a problem hiding this comment.
As emaste said, no copyright assignment is expected. Better to put your own name on this line.
sys/fs/fuse/fuse_vnops.c
Outdated
| return (ENOTTY); | ||
| flags |= FUSE_IOCTL_DIR; | ||
| } | ||
| #ifndef __LP64__ |
There was a problem hiding this comment.
The correct symbol to check is COMPAT_FREEBSD32. And why ifndef instead of ifdef?
| fii->in_size = insize; | ||
| fii->out_size = outsize; | ||
| if (insize > 0) | ||
| memcpy((char *)fii + sizeof(*fii), arg, insize); |
There was a problem hiding this comment.
Is this copy coming from userspace? If so you should use copying instead of memcpy.
There was a problem hiding this comment.
sys_ioctl() does all the copyin()/copyout(), and arg is guaranteed to be pointing to a kernel space buffer (except for IOC_VOID).
| err = EIO; | ||
| goto out; | ||
| } | ||
| memcpy(arg, (char *)fio + sizeof(*fio), realoutsize); |
There was a problem hiding this comment.
Similarly, this must be copyout if arg points to userspace.
sys/fs/fuse/fuse_vnops.c
Outdated
| uint32_t outsize = 0; | ||
| int err; | ||
|
|
||
| err = fuse_filehandle_get_anyflags(vp, &fufh, cred, td->td_proc->p_pid); |
There was a problem hiding this comment.
Should this be fuse_filehandle_getrw instead?
There was a problem hiding this comment.
I believe this is not necessary, since kern_ioctl() already checks whether the file is opened for reading or writing.
There was a problem hiding this comment.
That's true for all good fuse file systems. But one (anti-, IMHO) feature of the fuse protocol is that the file system itself can choose to take responsibility for permission checks on open(). That's why fuse file handles exist. So we need to be careful to get a file handle of the correct type.
There was a problem hiding this comment.
I don't quite get it here. Which type of file handle are we expecting?
For example, if a process opens a file twice, one with O_RDONLY, the other with O_WRONLY, the two file handles are equally eligible to be selected. The only thing a FUSE client can do is arbitrarily choose one and pass it to the server, since it has no idea which open flags a specific ioctl may require.
There was a problem hiding this comment.
I took a closer look at the VFS. vn_ioctl() does set ap->a_fflag.
My mistake here.
However, it seems that it should be fuse_filehandle_get()
instead of fuse_filehandle_getrw().
Patch updated. Please let me know if there are more problems.
CismonX
force-pushed
the
feat/fusefs-ioctl
branch
from
56769ac to
a570e7f
Compare
|
Patch updated with the following changes:
Also removed the bogus "XXX" comment lines - The |
| @@ -1115,7 +1114,7 @@ fuse_internal_send_init(struct fuse_data *data, struct thread *td) | |||
| * FUSE_MAX_PAGES: not yet implemented | |||
| */ | |||
| fiii->flags = FUSE_ASYNC_READ | FUSE_POSIX_LOCKS | FUSE_EXPORT_SUPPORT | |||
| | FUSE_BIG_WRITES | FUSE_WRITEBACK_CACHE | |||
| | FUSE_BIG_WRITES | FUSE_HAS_IOCTL_DIR | FUSE_WRITEBACK_CACHE | |||
There was a problem hiding this comment.
I think we also need to check for FUSE_HAS_IOCTL_DIR during fuse_internal_init_callback. If not present, then we should return ENOTTY whenever a user tries to use an ioctl on a directory.
There was a problem hiding this comment.
That would make it incompatible with the Linux FUSE implementation, since FUSE_HAS_IOCTL_DIR is only meant to indicate whether the kernel supports this feature. If the server sets this flag, it should be ignored.
Also see this patch: #1509
| /*- | ||
| * SPDX-License-Identifier: BSD-2-Clause | ||
| * | ||
| * Copyright (c) 2024 CismonX <[email protected]> |
There was a problem hiding this comment.
Is CismonX your legal name? An alias cannot own a copyright.
There was a problem hiding this comment.
Legally they can. Pseudonyms are explicitly allowed. The project strongly prefers a legal entity, though.
There was a problem hiding this comment.
Well, "CismonX" is an alias I've been using for ~10 years,
and always associated with this email, thus it is more
identifiable than my real name, since I rarely use that online.
Personally, I'm not against disclosing my legal name, however,
that would be multibyte characters - you certainly do not want
that in the source files and commit messages.
Meanwhile, using something that pronounces like my real name
does not make it more "legal" than an alias.
Signed-off-by: CismonX <[email protected]>
Signed-off-by: CismonX <[email protected]>
Signed-off-by: CismonX <[email protected]>
CismonX
force-pushed
the
feat/fusefs-ioctl
branch
from
a570e7f to
761741e
Compare
No description provided.