Question on how smbd handles signals (possible bug)
tvrtko.ursulin at sophos.com
tvrtko.ursulin at sophos.com
Tue Sep 23 17:09:15 GMT 2008
Volker Lendecke <Volker.Lendecke at SerNet.DE> wrote on 23/09/2008 17:58:00:
> On Tue, Sep 23, 2008 at 05:35:49PM +0100, tvrtko.ursulin at sophos.com
wrote:
> > We were looking at a problem one of our customers had when running
> > on-access anti-malware protection on their Samba server. The issue is
that
> > sometimes creating a file fails leaving a zero-sized file behind.
> >
> > Initial analysis leads us to think that signals handlers smbd sets up
> > should be either created with SA_RESTART or EINTR from open should be
> > correctly handled by retrying the operation. Otherwise if a signal is
> > delivered while smbd is executing an open system call EINTR will cause
the
> > operation to fail as can be seen from the strace log below.
> >
> > 6219 write(21, " calling open_file with flags=0x2 flags2=0x40
> > mode=0764\n", 57) = 57
> > 6219 open("ppt28.tmp", O_RDWR|O_CREAT|O_LARGEFILE, 0764) = ?
ERESTARTSYS
> > (To be restarted)
> > 6219 --- SIGRT_4 (Real-time signal 2) @ 0 (0) ---
> > 6219 write(26, "\1", 1) = 1
> > 6219 rt_sigreturn(0xbfffef00) = -1 EINTR (Interrupted system
> > call)
> > 6219 write(21, " fd_open: name ppt28.tmp, flags = 0102 mode = 0764,
fd =
> > -1. Interrupted system call\n", 86) = 86
> > 6219 write(21, " Error opening file ppt28.tmp (Interrupted system
call)
> > (local_flags=66) (flags=66)\n", 85) = 85
> >
> > Earlier in the strace we see:
> >
> > 6219 rt_sigaction(SIGRT_4, {0x82444d0, [], SA_SIGINFO}, NULL, 8) = 0
>
> We don't expect this right now because this should never
> happen on a disk. Thus your modified kernel violates the
> standard behaviour. You should talk to the vendor of that
> kernel to fix it to comply with Posix.
Are you 100% sure about this? I wasn't so I went to read about it and
found at least that you can make open block if you set a lease on the
file. Man page for fcntl (on modern Linux at least) describes this in the
'Leases' section. It says that an open (and truncate) can be blocked until
the process holding a lease on that file releases it. If a signal arrives
at that point EINTR is documented to happen.
> Nevertheless, does the attached patch help?
I'll have a look when I get access to the attachment.
Thanks,
Tvrtko
Sophos Plc, The Pentagon, Abingdon Science Park, Abingdon,
OX14 3YP, United Kingdom.
Company Reg No 2096520. VAT Reg No GB 348 3873 20.
More information about the samba-technical
mailing list