lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1aeecde587672ed4e9932e7cf4c62291308f37a6.camel@hammerspace.com>
Date:   Wed, 24 Aug 2022 00:11:17 +0000
From:   Trond Myklebust <trondmy@...merspace.com>
To:     "david@...morbit.com" <david@...morbit.com>,
        "neilb@...e.de" <neilb@...e.de>
CC:     "zohar@...ux.ibm.com" <zohar@...ux.ibm.com>,
        "linux-ext4@...r.kernel.org" <linux-ext4@...r.kernel.org>,
        "linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>,
        "linux-integrity@...r.kernel.org" <linux-integrity@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux-xfs@...r.kernel.org" <linux-xfs@...r.kernel.org>,
        "jlayton@...nel.org" <jlayton@...nel.org>,
        "linux-nfs@...r.kernel.org" <linux-nfs@...r.kernel.org>
Subject: Re: [PATCH] iversion: update comments with info about atime updates

On Wed, 2022-08-24 at 09:42 +1000, NeilBrown wrote:
> On Wed, 24 Aug 2022, Dave Chinner wrote:
> > On Wed, Aug 24, 2022 at 08:24:47AM +1000, NeilBrown wrote:
> > > On Tue, 23 Aug 2022, Jeff Layton wrote:
> > > > On Tue, 2022-08-23 at 21:38 +1000, NeilBrown wrote:
> > > > > On Tue, 23 Aug 2022, Jeff Layton wrote:
> > > > > > So, we can refer to that and simply say:
> > > > > > 
> > > > > > "If the function updates the mtime or ctime on the inode,
> > > > > > then the
> > > > > > i_version should be incremented. If only the atime is being
> > > > > > updated,
> > > > > > then the i_version should not be incremented. The exception
> > > > > > to this rule
> > > > > > is explicit atime updates via utimes() or similar
> > > > > > mechanism, which
> > > > > > should result in the i_version being incremented."
> > > > > 
> > > > > Is that exception needed?  utimes() updates ctime.
> > > > > 
> > > > > https://man7.org/linux/man-pages/man2/utimes.2.html
> > > > > 
> > > > > doesn't say that, but
> > > > > 
> > > > > https://pubs.opengroup.org/onlinepubs/007904875/functions/utimes.html
> > > > > 
> > > > > does, as does the code.
> > > > > 
> > > > 
> > > > Oh, good point! I think we can leave that out. Even better!
> > > 
> > > Further, implicit mtime updates (file_update_time()) also update
> > > ctime.
> > > So all you need is
> > >    If the function updates the ctime, then i_version should be
> > >    incremented.
> > > 
> > > and I have to ask - why not just use the ctime?  Why have another
> > > number
> > > that is parallel?
> > > 
> > > Timestamps are updated at HZ (ktime_get_course) which is at most
> > > every
> > > millisecond.
> > 
> > Kernel time, and therefore timestamps, can go backwards.
> 
> Yes, and when that happens you get to keep both halves...
> 
> For NFSv4 I really don't think that matters.  If it happened every
> day,
> that might be a problem.  Even if it happens as a consequence of
> normal
> operations it might be a problem.  But it can only happen if
> something
> goes wrong.
> 
> Mostly, NFSv4 only needs to changeid to change.  If the kernel time
> goes
> backwards it is possible that a changeid will repeat, though
> unlikely.
> It is even possible that a client will see the first and second
> instances of that repeat, and assume there is no change in between -
> but
> that is astronomically unlikely.  "touch"ing the file or remounting
> will
> fix that.
> 
> When a write delegation is in force (which Linux doesn't currently
> offer
> and no-one seems to care about, but maybe one day), the client is
> allowed to update the changeid, and when the delegation is returned,
> the
> server is supposed to ensure the new changeid is at least the last
> one
> assigned by the client.  This is the only reason that it is defined
> as
> being monotonic (rather than just "non-repeating") - so the client
> and
> server can change it in the same way.
> 

Sort of... Monotonicity of the change id is not a requirement, even for
that case.

The exact NFSv4 requirement is that if the server uses a callback to
ask the client for the file attribute information, then the client is
supposed to bump the server-supplied change id value by 1 unit if it is
caching writes. The intention is simply to ensure that there is a
notification mechanism to allow the server to know that writes are
being cached (Note: I've no idea why we didn't just add a separate flag
for that in the callback reply).

> So while kernel time going backwards is theoretically less than
> ideal,
> it is not practically a problem.
> 

I agree with that. As long as this results in few collisions, so that
value uniqueness is guaranteed then applications (NFS or other) will
have a way to determine if the filesystem object has changed since they
last looked at it.

IOW: I'm not saying this is the perfect way to implement an
application-visible change attribute, but it would be a massive
improvement over ctime, and might be a practical way to go about it.

-- 
Trond Myklebust
Linux NFS client maintainer, Hammerspace
trond.myklebust@...merspace.com


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ