From owner-freebsd-fs@freebsd.org  Sun Jun 23 00:02:50 2019
Return-Path: <owner-freebsd-fs@freebsd.org>
Delivered-To: freebsd-fs@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 360DF15BE181
 for <freebsd-fs@mailman.ysv.freebsd.org>; Sun, 23 Jun 2019 00:02:50 +0000 (UTC)
 (envelope-from sef@kithrup.com)
Received: from kithrup.com (kithrup.com [96.79.110.97])
 by mx1.freebsd.org (Postfix) with ESMTP id 109C06BF9B
 for <freebsd-fs@freebsd.org>; Sun, 23 Jun 2019 00:02:48 +0000 (UTC)
 (envelope-from sef@kithrup.com)
Received: by kithrup.com (Postfix, from userid 1001)
 id B239E14C36; Sat, 22 Jun 2019 17:02:47 -0700 (PDT)
To: rmacklem@uoguelph.ca
Subject: Re: RFC: What should a copy_file_range(2) syscall do by default?
Cc: freebsd-fs@freebsd.org
Message-Id: <20190623000247.B239E14C36@kithrup.com>
Date: Sat, 22 Jun 2019 17:02:47 -0700 (PDT)
From: Sean Eric Fagan <sef@kithrup.com>
X-Rspamd-Queue-Id: 109C06BF9B
X-Spamd-Bar: ---
Authentication-Results: mx1.freebsd.org;
 spf=pass (mx1.freebsd.org: domain of sef@kithrup.com designates 96.79.110.97
 as permitted sender) smtp.mailfrom=sef@kithrup.com
X-Spamd-Result: default: False [-3.40 / 15.00]; ARC_NA(0.00)[];
 FAKE_REPLY(1.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.997,0];
 FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+a];
 NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain];
 MIME_TRACE(0.00)[0:+]; TO_DN_NONE(0.00)[];
 DMARC_NA(0.00)[kithrup.com]; TO_MATCH_ENVRCPT_SOME(0.00)[];
 MX_GOOD(-0.01)[cached: earth.kithrup.com];
 RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-0.99)[-0.994,0];
 IP_SCORE(-2.20)[ip: (-7.33), ipnet: 96.64.0.0/11(-3.64), asn: 7922(0.03),
 country: US(-0.06)]; RCVD_NO_TLS_LAST(0.10)[];
 FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[];
 SUBJECT_ENDS_QUESTION(1.00)[];
 ASN(0.00)[asn:7922, ipnet:96.64.0.0/11, country:US];
 MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2]
X-BeenThere: freebsd-fs@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Filesystems <freebsd-fs.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-fs>,
 <mailto:freebsd-fs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-fs/>
List-Post: <mailto:freebsd-fs@freebsd.org>
List-Help: <mailto:freebsd-fs-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-fs>,
 <mailto:freebsd-fs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 23 Jun 2019 00:02:50 -0000

>>Alan mentioned locking, which does buy you something, but it also means
>>*locking the file while it is being copied*.  Which, for large files, is not
>>so great.  I also don't think you can call any large copy atomic, unless
>>you're using a signle transaction for the entire copy.
>I tried posting w.r.t. atomicity and didn't get a lot of responses.
>However, although
>kib@ didn't exactly say it should be the case, he did point out that FreeBSD has
>traditionally ensured atomicity of file updates for syscalls and felt
>that was a good
>thing. As such, I've done the range locking of both files and created
>new primitives
>to do that while avoiding deadlock.

If the source file is locked, then it's easy to create a DOS against editing
by anyone who can read the file.