lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 24 Aug 2022 09:42:18 +1000
From:   "NeilBrown" <neilb@...e.de>
To:     "Dave Chinner" <david@...morbit.com>
Cc:     "Jeff Layton" <jlayton@...nel.org>,
        "Mimi Zohar" <zohar@...ux.ibm.com>, linux-fsdevel@...r.kernel.org,
        linux-kernel@...r.kernel.org, linux-integrity@...r.kernel.org,
        linux-nfs@...r.kernel.org, linux-xfs@...r.kernel.org,
        linux-ext4@...r.kernel.org,
        "Trond Myklebust" <trondmy@...merspace.com>
Subject: Re: [PATCH] iversion: update comments with info about atime updates

On Wed, 24 Aug 2022, Dave Chinner wrote:
> On Wed, Aug 24, 2022 at 08:24:47AM +1000, NeilBrown wrote:
> > On Tue, 23 Aug 2022, Jeff Layton wrote:
> > > On Tue, 2022-08-23 at 21:38 +1000, NeilBrown wrote:
> > > > On Tue, 23 Aug 2022, Jeff Layton wrote:
> > > > > So, we can refer to that and simply say:
> > > > > 
> > > > > "If the function updates the mtime or ctime on the inode, then the
> > > > > i_version should be incremented. If only the atime is being updated,
> > > > > then the i_version should not be incremented. The exception to this rule
> > > > > is explicit atime updates via utimes() or similar mechanism, which
> > > > > should result in the i_version being incremented."
> > > > 
> > > > Is that exception needed?  utimes() updates ctime.
> > > > 
> > > > https://man7.org/linux/man-pages/man2/utimes.2.html
> > > > 
> > > > doesn't say that, but
> > > > 
> > > > https://pubs.opengroup.org/onlinepubs/007904875/functions/utimes.html
> > > > 
> > > > does, as does the code.
> > > > 
> > > 
> > > Oh, good point! I think we can leave that out. Even better!
> > 
> > Further, implicit mtime updates (file_update_time()) also update ctime.
> > So all you need is
> >    If the function updates the ctime, then i_version should be
> >    incremented.
> > 
> > and I have to ask - why not just use the ctime?  Why have another number
> > that is parallel?
> > 
> > Timestamps are updated at HZ (ktime_get_course) which is at most every
> > millisecond.
> 
> Kernel time, and therefore timestamps, can go backwards.

Yes, and when that happens you get to keep both halves...

For NFSv4 I really don't think that matters.  If it happened every day,
that might be a problem.  Even if it happens as a consequence of normal
operations it might be a problem.  But it can only happen if something
goes wrong.

Mostly, NFSv4 only needs to changeid to change.  If the kernel time goes
backwards it is possible that a changeid will repeat, though unlikely.
It is even possible that a client will see the first and second
instances of that repeat, and assume there is no change in between - but
that is astronomically unlikely.  "touch"ing the file or remounting will
fix that.

When a write delegation is in force (which Linux doesn't currently offer
and no-one seems to care about, but maybe one day), the client is
allowed to update the changeid, and when the delegation is returned, the
server is supposed to ensure the new changeid is at least the last one
assigned by the client.  This is the only reason that it is defined as
being monotonic (rather than just "non-repeating") - so the client and
server can change it in the same way.

So while kernel time going backwards is theoretically less than ideal,
it is not practically a problem.

NeilBrown

Powered by blists - more mailing lists