lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20191121175418.GI4262@mit.edu>
Date:   Thu, 21 Nov 2019 12:54:18 -0500
From:   "Theodore Y. Ts'o" <tytso@....edu>
To:     Rich Felker <dalias@...c.org>
Cc:     Florian Weimer <fw@...eb.enyo.de>, linux-fsdevel@...r.kernel.org,
        musl@...ts.openwall.com, linux-kernel@...r.kernel.org,
        linux-nfs@...r.kernel.org, linux-cifs@...r.kernel.org
Subject: Re: [musl] getdents64 lost direntries with SMB/NFS and buffer size <
 unknown threshold

On Wed, Nov 20, 2019 at 03:59:13PM -0500, Rich Felker wrote:
> 
> POSIX only allows both behaviors (showing or not showing) the entry
> that was deleted. It does not allow deletion of one entry to cause
> other entries not to be seen.

Agreed, but POSIX requires this of *readdir*.  POSIX says nothing
about getdents64(2), which is Linux's internal implementation which is
exposed to a libc.

So we would need to see what is exactly going on at the interfaces
between the VFS and libc, the nfs client code and the VFS, the nfs
client code and the nfs server, and possibly the behavior of the nfs
server.

First of all.... you can't reproduce this on anything other than with
NFS, correct?  That is, does it show up if you are using ext4, xfs,
btrfs, etc.?

Secondly, have you tried this on more than one NFS server
implementation?

Finally, can you capture strace logs and tcpdump logs of the
communication between the NFS client and server code?

> > But many file systems simply provide not the necessary on-disk data
> > structures which are need to ensure stable iteration in the face of
> > modification of the directory.  There are hacks, of course, such as
> > compacting the on-disk directory only on file creation, which solves
> > the file removal case.

Oh, that's not the worst of it.  You have to do a lot more if the file
system needs to support telldir/seekdir, and if you want to export the
file system over NFS.  If you are using anything other than a linear
linked list implementation for your directory, you have to really turn
sommersaults to make sure things work (and work efficiently) in the
face of, say, node splits of you are using some kind of tree structure
for your directory.

Most file systems do get this right, at least if they hope to be
safely able to be exportable via NFS, or via CIFS using Samba.

       	       	  	     	      	 - Ted

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ