Bug #21025
closedracy is_mounted() checks in libcephfs
0%
Description
libcephfs.cc has a bunch of is_mounted checks like this in it:
extern "C" int ceph_statfs(struct ceph_mount_info *cmount, const char *path, struct statvfs *stbuf) { if (!cmount->is_mounted()) return -ENOTCONN; return cmount->get_client()->statfs(path, stbuf, cmount->default_perms); }
These checks are done outside of any mutex. It's possible other calls could race with a call to ceph_unmount(). A (e.g.) ceph_statfs call could pass the is_mounted check and then end up blocked on the client_lock while ceph_umount is running. That could give very unreliable results (or possibly even crash, depending on what the call does).
Note that we will still need some sort of check in the wrappers in libcephfs.cc. We need to be able to validate that the ceph_mount_info->client pointer is valid.
All of this is should also help enable delegation support for cephfs. We'll need to be able to handle applications that don't give back their delegations in time by forcibly unmounting them. In order to do that though, we need to move the mounted checks inside the client_lock to deal with potential races conditions.
Updated by Jeff Layton over 6 years ago
- Subject changed from racy "mounted" checks in libcephfs to racy is_mounted() checks in libcephfs
Updated by Jeff Layton over 6 years ago
PR is here:
Updated by Patrick Donnelly over 6 years ago
- Category set to Correctness/Safety
- Status changed from Resolved to Pending Backport
- Source set to Development
- Backport set to luminous
Updated by Nathan Cutler over 6 years ago
- Copied to Backport #21359: luminous: racy is_mounted() checks in libcephfs added
Updated by Nathan Cutler about 6 years ago
- Status changed from Pending Backport to Resolved