Implement support for remote locks (!4) · Merge requests · virtio-fs / virtiofsd

The source project of this merge request has been removed.

Sergio Lopez requested to merge (removed):posix_lock into main Dec 22, 2020

Locks can either be managed locally by the guest kernel, or remotely by the virtio-fs daemon. The latter option is more expensive, but allows those locks to be visible outside the guest, a critical feature if multiple actors (guests or other applications running on the host) intend to access the same files using locking semantics.

This commit implements support for remote locks, both POSIX locks and flock, adding the command line flag "remote-locks" to allow users to configure the desired behavior from either "disabled" (the default option), "enabled-safe" and "enabled-unsafe".

The reason for having two different "enabled" options, one "safe" and another "unsafe", is because some locking operations are blocking, meaning the thread servicing the request will be kept busy until the lock is released. Thus, a malicious application running in the guest may starve the virtio-fs daemon by issuing a number of blocking lock operations.

The "safe" variant allows all locking operations, except the ones that may be blocking, returning ENOTSUP for them, while the "unsafe" one allows all operations with no exceptions.

Signed-off-by: Sergio Lopez slp@redhat.com

Implement support for remote locks

Merge request reports