[PATCH#3] fake data io module for samba

Christof Schmitt cs at samba.org
Fri Dec 26 12:41:32 MST 2014


On Mon, Nov 17, 2014 at 12:15:10PM +0100, Peter Somogyi wrote:
> > > Hi Jeremy,
> > > 
> > > I've added the memset to 0 now and retested the whole patch again.
> > > 
> > > Pls do a +1 or let me know further doubts.
> > 
> > +1 from me (probably with some slight tidying
> > up of the English in the man page). Ping me
> > if you want to see that now.
> 
> Jeremy, feel free to fix its English as you wish without asking me, as it 
> doesn't change the functional sense you don't need my acknowledgement 
> anymore.
> I can incorporate into next patch if you send.
> 
> > About the question when to activate it, i am not quite sure. I guess the
> > options would be, having it built always, having it not built by
> > default, or having it only in the developer build. Every option has its
> > pros and cons. I usually like the idea that code is always built to
> > detect problems automatically, but we should prevent users from
> > accidentally introducing problems with it.
> > 
> > Christof
> 
> I think we need it packaged, there are people (I know at least 1) who 
> wants to try it but won't take the effort when it needs a recompile.
> Due to my experience, adding the configure option 
> "--with-shared-modules=..." already necessary to have it built.
> 
> I'm fine with the warning addition (is level 0 enough?).
> 
> Volker, can I prepare a next patch with a warning?

One more thought on this:

I think it is beneficial to always build code to avoid compile breakage
and to package it, so that it is easily accessible. The risk here is
that someone might enable this module without knowing that it will
destroy the data. What about adding the warning as discussed, but also
require an additional config option to be set, that makes it explicit
that the module is enabled for a share?

e.g. check that option in a connect function like in other vfs module
(e.g. vfs_gpfs)

vfs_fake_io_connect()
{
	...
	config->destroy_data = lp_parm_bool(SNUM(handle->conn), "fake_io",
				"destroy data", false);
	if (config->destroy_data) {
		DEBUG(0, ("WARNING: fake_io module enabled on share %s!"
			"Data is being discarded, do not use for production data!"));
	}
	...
}

and then check that option in the read and write codepaths.

static ssize_t vfs_fake_io_pread(vfs_handle_struct *handle, files_struct *fsp,
                            void *data, size_t n, off_t offset)
{
	...
	if (!config->destroy_data) {
		return SMB_VFS_NEXT_PREAD(handle, fsp, data, n, offset)
	}

	memset(data, 0, n);
	return n;
}

Having a user explicitly set "fake_io:destroy data" to "yes", should be
a sufficient warning.

For shares with async i/o enabled, you probably also need to intercept the
async calls (pread_send, pwrite_send).

Christof


More information about the samba-technical mailing list