On 9/7/23 00:58, Sebastian Hasler wrote:
While reviewing the implementation of __fh_to_dentry (in the CephFS
client), I noticed a possible race condition.
Linux has a syscall linkat(2) which allows, given an open file
descriptor, to create a link for the file. So an inode that is
unlinked can become linked.
Now the problem: The line ((inode->i_nlink == 0) &&
!__ceph_is_file_opened(ci)) performs two checks. If, in between those
checks, the file goes from the unlinked and open state to the linked
and closed state, then we return -ESTALE even though the inode is
linked. I don't think this is the intended behavior. I guess this
(going from unlinked and open to linked and closed) can happen when a
concurrent process calls linkat() and then close().
Hi Sebastian,
Thanks for your reporting.
int linkat(int olddirfd, const char *oldpath, int newdirfd, const char
*newpath, int flags);
BTW, for "an open file descripter", do you mean "olddirfd" ? Because
"olddirfd" is a dir's open file descripter, how is that possible it can
become linked again ?
Correct me if I'm misreading it.
Thanks
- Xiubo
