From owner-freebsd-hackers  Fri Feb 21 15:36:17 2003
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 5BD5437B405; Fri, 21 Feb 2003 15:36:15 -0800 (PST)
Received: from rwcrmhc52.attbi.com (rwcrmhc52.attbi.com [216.148.227.88])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id B90C843FDD; Fri, 21 Feb 2003 15:36:13 -0800 (PST)
	(envelope-from julian@elischer.org)
Received: from interjet.elischer.org (12-232-168-4.client.attbi.com[12.232.168.4])
          by rwcrmhc52.attbi.com (rwcrmhc52) with ESMTP
          id <20030221233612052001knr2e>; Fri, 21 Feb 2003 23:36:13 +0000
Received: from localhost (localhost.elischer.org [127.0.0.1])
	by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id PAA53193;
	Fri, 21 Feb 2003 15:36:10 -0800 (PST)
Date: Fri, 21 Feb 2003 15:36:09 -0800 (PST)
From: Julian Elischer <julian@elischer.org>
To: Terry Lambert <tlambert2@mindspring.com>
Cc: Yevgeniy Aleynikov <eugenea@infospace.com>,
	Kirk McKusick <mckusick@beastie.mckusick.com>,
	Matt Dillon <dillon@earth.backplane.com>,
	Ian Dowse <iedowse@maths.tcd.ie>, peter@FreeBSD.ORG,
	ache@FreeBSD.ORG, Ken Pizzini <kenp@infospace.com>,
	hackers@FreeBSD.ORG, security-officer@FreeBSD.ORG,
	nectar@FreeBSD.ORG, jedgar@FreeBSD.ORG, rwatson@FreeBSD.ORG,
	imp@FreeBSD.ORG, security-team@FreeBSD.ORG, wes@FreeBSD.ORG,
	guido@FreeBSD.ORG
Subject: Re: bleh. Re: ufs_rename panic
In-Reply-To: <3E56B589.2E15F3C3@mindspring.com>
Message-ID: <Pine.BSF.4.21.0302211534490.51164-100000@InterJet.elischer.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG



On Fri, 21 Feb 2003, Terry Lambert wrote:

> Yevgeniy Aleynikov wrote:
> > As pointed by Ken - we do have alot of file renames (qmail).
> > But 2-nd solution, directory-only rename serialization, probably won't
> > affect performance as much.
> > 
> > But i believe it's not only us who's gonna have problem when exploit
> > code will be known by everybody sooner or later....
> 
> Dan's non-atomicity assumption on renames is incorrect.
> 
> Even if it's were correct, it's possible to recover fully following
> a failure, because metadata updates are ordered (there is a real
> synchronization between dependent operations).
> 
> I think that a workaround would be to comment the directory fsync()
> code out of qmail, which apparently thinks it's running on extfs
> or an async mounted FFS.

If you don't want to lose mail then qmail needs to do a fsync after it
does the rename.


> 
> -- Terry
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-hackers" in the body of the message
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message