ick Macklem Date: Mon, 12 Jan 2026 17:50:41 -0800 X-Gm-Features: AZwV_QgdwX2qT98ojFw5S0LCG9g1IzlVpXojNfhStmR-rd24CRpf4bRhrSGhjxk Message-ID: Subject: Re: git: a6d57f312f18 - main - nfsd: Fix handling of hidden/system during Open/Create To: Benjamin Kaduk Cc: Benjamin Kaduk , Rick Macklem , src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.99 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.99)[-0.994]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20230601]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; TAGGED_FROM(0.00)[]; ARC_NA(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; FREEMAIL_ENVFROM(0.00)[gmail.com]; TO_DN_SOME(0.00)[]; FREEMAIL_CC(0.00)[gmail.com,freebsd.org]; MIME_TRACE(0.00)[0:+]; FROM_HAS_DN(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::52c:from]; PREVIOUSLY_DELIVERED(0.00)[dev-commits-src-main@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; MID_RHS_MATCH_FROMTLD(0.00)[]; MISSING_XM_UA(0.00)[]; MLMMJ_DEST(0.00)[dev-commits-src-main@freebsd.org]; RCVD_COUNT_ONE(0.00)[1]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; RCPT_COUNT_FIVE(0.00)[6] X-Rspamd-Queue-Id: 4dqsfG0S2wz4Gfq On Fri, Jan 9, 2026 at 3:47=E2=80=AFPM Rick Macklem wrote: > > On Fri, Jan 9, 2026 at 3:42=E2=80=AFPM Benjamin Kaduk wro= te: > > > > On Fri, Jan 09, 2026 at 03:04:33PM -0800, Rick Macklem wrote: > > > On Fri, Jan 9, 2026 at 11:56=E2=80=AFAM Benjamin Kaduk wrote: > > > > > > > > On Thu, Jan 8, 2026 at 4:33=E2=80=AFPM Rick Macklem wrote: > > > >> > > > >> The branch main has been updated by rmacklem: > > > >> > > > >> URL: https://cgit.FreeBSD.org/src/commit/?id=3Da6d57f312f18bbeeda8= a34e99d0a662b0db9a190 > > > >> > > > >> commit a6d57f312f18bbeeda8a34e99d0a662b0db9a190 > > > >> Author: Rick Macklem > > > >> AuthorDate: 2026-01-08 16:27:32 +0000 > > > >> Commit: Rick Macklem > > > >> CommitDate: 2026-01-08 16:27:32 +0000 > > > >> > > > >> nfsd: Fix handling of hidden/system during Open/Create > > > >> > > > >> When an NFSv4.n client specifies settings for the archive, > > > >> hidden and/or system attributes during a Open/Create, the > > > >> Open/Create fails for ZFS. This is caused by ZFS doing > > > >> a secpolicy_xvattr() call, which fails for non-root. > > > >> If this check is bypassed, ZFS panics. > > > >> > > > >> This patch resolves the problem by disabling va_flags > > > >> for the VOP_CREATE() call in the NFSv4.n server and > > > >> then setting the flags with a subsequent VOP_SETATTR(). > > > >> > > > > > > > > The diff doesn't really include enough context to tell -- does this= introduce a race window where a file that's supposed to be hidden and/or s= ystem is visible without that attribute from a different process? > > > I believe that the answer is no. > > > > > > VOP_CREATE() returns the new file's vnode exclusively locked > > > and the update via VOP_SETATTR() happens before the vnode > > > lock is released. > > > > I expected/hoped that that was the case, but just couldn't tell from th= e > > diff itself. > I suppose I should have said that "if there is a race, it is in the FreeB= SD > OpenZFS port and I would consider that a bug". > I am not ZFS guy. Oh, and I forgot to mention "assuming the server doesn't reboot while the RPC is in progress". (The reboot while the RPC is in progress might be handled by ZFS if it was properly patched, but I'm not conversant with the ZFS code and do not understand the details of how the ZIL is used.) rick > > rick > > > > > Thanks! > > > > -Ben