[PATCH 1/2] reftable/stack: use fchmod(3P) to set permissions

Patrick Steinhardt <ps@xxxxxx> · Wed, 24 Jan 2024 13:31:34 +0100

We use chmod(3P) to modify permissions of "tables.list" locks as well as
temporary new tables we're writing. In all of these cases we do have a
file descriptor readily available though. So instead of using chmod(3P)
we can use fchmod(3P), which should both be more efficient while also
avoiding a potential race where we change permissions of the wrong file
in case it was swapped out after we have created it.

Refactor the code to do so.

Signed-off-by: Patrick Steinhardt <ps@xxxxxx>
---
 reftable/stack.c | 29 ++++++++++++++---------------
 1 file changed, 14 insertions(+), 15 deletions(-)

diff --git a/reftable/stack.c b/reftable/stack.c
index 7ffeb3ee10..c6e4dc4b2b 100644
--- a/reftable/stack.c
+++ b/reftable/stack.c
@@ -467,11 +467,11 @@ static int reftable_stack_init_addition(struct reftable_addition *add,
 		}
 		goto done;
 	}
-	if (st->config.default_permissions) {
-		if (chmod(add->lock_file->filename.buf, st->config.default_permissions) < 0) {
-			err = REFTABLE_IO_ERROR;
-			goto done;
-		}
+	if (st->config.default_permissions &&
+	    fchmod(get_tempfile_fd(add->lock_file),
+		   st->config.default_permissions) < 0) {
+		err = REFTABLE_IO_ERROR;
+		goto done;
 	}
 
 	err = stack_uptodate(st);
@@ -633,12 +633,12 @@ int reftable_addition_add(struct reftable_addition *add,
 		err = REFTABLE_IO_ERROR;
 		goto done;
 	}
-	if (add->stack->config.default_permissions) {
-		if (chmod(temp_tab_file_name.buf, add->stack->config.default_permissions)) {
-			err = REFTABLE_IO_ERROR;
-			goto done;
-		}
+	if (add->stack->config.default_permissions &&
+	    fchmod(tab_fd, add->stack->config.default_permissions) < 0) {
+		err = REFTABLE_IO_ERROR;
+		goto done;
 	}
+
 	wr = reftable_new_writer(reftable_fd_write, &tab_fd,
 				 &add->stack->config);
 	err = write_table(wr, arg);
@@ -967,11 +967,10 @@ static int stack_compact_range(struct reftable_stack *st, int first, int last,
 		goto done;
 	}
 	have_lock = 1;
-	if (st->config.default_permissions) {
-		if (chmod(lock_file_name.buf, st->config.default_permissions) < 0) {
-			err = REFTABLE_IO_ERROR;
-			goto done;
-		}
+	if (st->config.default_permissions &&
+	    fchmod(lock_file_fd, st->config.default_permissions) < 0) {
+		err = REFTABLE_IO_ERROR;
+		goto done;
 	}
 
 	format_name(&new_table_name, st->readers[first]->min_update_index,
-- 
2.43.GIT

Attachment:
signature.asc

Description: PGP signature




