mkdir-dup test flapping
jra at samba.org
Fri Mar 11 00:49:48 UTC 2016
On Fri, Mar 11, 2016 at 01:37:17PM +1300, Andrew Bartlett wrote:
> Isn't there still a race between whatever code first calls stat() and
> fills in smb_dname->st and the fstat() in vfs_stat_fsp()?
> The directory could have been crated by the time we enter this
> function, but not be chowned() until just before vfs_stat_fsp().
There's always the possibility of a race with 2 clients
talking to different smbd's.
The code is trying to ensure that after it's done
an open(dname, O_DIRECTORY) that the handle is
pointing to the same file stat that came into
the function - to make sure no one did a directory
rename or rmdir/mkdir in between.
We need that so fsp->file_id is correct (and
we can detect if the underlying dir changed).
fsp is passed into the fd_open() -> open()
so we need it to match (a VFS module might
use it). Chicken and egg problem.
> Is there anything that checking the file ownership (rather than
> checking the IS_DIR and dev/inode) is protecting? Why do we stat()
> this twice in any case?
Actually, checking the file ownership - probably
not. The actual open itself is safe enough as underlying
file system perms protect us. I remember having check_same_stat()
already around so re-used it. check_same_dev_ino() is
almost certainly safe enough and is used inside
open_file_ntcreate() in the same place.
More information about the samba-technical