From nobody Tue Jan 13 01:50:41 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4dqsfN1zMpz6N9VJ for ; Tue, 13 Jan 2026 01:51:08 +0000 (UTC) (envelope-from rick.macklem@gmail.com) Received: from mail-ed1-x52e.google.com (mail-ed1-x52e.google.com [IPv6:2a00:1450:4864:20::52e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4dqsfM0SbMz4Gnq for ; Tue, 13 Jan 2026 01:51:02 +0000 (UTC) (envelope-from rick.macklem@gmail.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20230601 header.b=Ab2QFXPO; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of rick.macklem@gmail.com designates 2a00:1450:4864:20::52e as permitted sender) smtp.mailfrom=rick.macklem@gmail.com Received: by mail-ed1-x52e.google.com with SMTP id 4fb4d7f45d1cf-64b9b0b4d5dso14767037a12.1 for ; Mon, 12 Jan 2026 17:51:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1768269054; x=1768873854; darn=freebsd.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=KqiXvsRsPB5+EOI3qXbJXn3K53oxYhFpDyl7hYyPhXg=; b=Ab2QFXPOhkxPK4iBjrGQnEYvFxj6sx9xWyY+2EDISJ71vliwXbe1CQ9AwUiSXrTlIx CRBIS13gkm7BxKOrkwSIATkR4iL3icBdDV1Bch0F4aR35RMSk54/4FgKkE0SuqdRTwqh 5QVZAs+fOQvESdtbX6Vq75nlQJO/SQ8iDkeukMQsycc8faXNpmx6IktxPm2giZDtkwTk rgDWK0kO1L3Pl6Vm9wIe37CxU82QDt57NwqJaZ6SfrbtgfJCCUgbNmftF4aesxton7SP MgphxkJlyD7AOXb4ZEZYv6NCS6VgGWfEvNpqu04kml2KLe1JyvsLpPVfKgqrkzM5pcJt wuAA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768269054; x=1768873854; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=KqiXvsRsPB5+EOI3qXbJXn3K53oxYhFpDyl7hYyPhXg=; b=DsNfQqy0/2GnV5pD+Hd/UBY1S6cUMtZfvpE3lrtYX7IAByPEJ53mGbdWDljJ8v4uEG SNSiyXWHBmy7q0DPbL8xudCDN0J6/He9ix4k4/8fe83F6zgAHN1kvs1AXfN5pbH45/+R 02s3zc5Hu9eqh9hSTAlVSsdlQoil1abXCPSiRiSUEtw37B+hY7xkCLDmiBRobacZz3wo J7F8wwHsTRLDAtuJENPrbwxtXM1rIc5A529ZppsrPlHeyLEMQDDPVhvMIsk4REHyCSD8 myVE4Zfo1TpeFLMlVyBcpbRl0k5whhpScjgJ2Wi6KnYKDpNxMpepLPQuqNkQYxxqEyUt HTQw== X-Forwarded-Encrypted: i=1; AJvYcCUMlZ/3zC8Z2EaIile9WGVOOI/ylXauU2cOnyxeTRBvR45+3Mi/cs8DBOHn22/MgVYASataBpmMiJ+g+1gUHk2Gk+sW@freebsd.org X-Gm-Message-State: AOJu0YyOpRrHLPKFT8zOo18ehqdzcCHDKid7Kf1H5n2qIlg9I8XMNxgW dURQklyzbOvSmtHngYxNggcRTAeTXsPW+ereljuilb+NrHCtpoeio+uYBV0LPl/iuaZtBHQ0Drt jTG/xMaD/PZTEh3l8rPq2874kAA2NSg== X-Gm-Gg: AY/fxX7EMKHkcgD406nH9FR7Ed2pkVQfk+ei+PJK4L1kn9BKTaUSlP8NHDhDoqWzKZn FnQm0TFtpUDHGpJdRP6E3UEAIrs/GTz0iM82nCATsLmW97Mq2bYuq9xojnQo8OXxNxKeXZ9DTEs BIOLMRKUAR8OCAekqiCqgBEciFfF/5VCmbqMo1Os0C3qK4cTH8Wx0bb7oDNVYb4O+BBYiXVKXI4 drLVEeX/sJRFH9F0zPkPafiUQWfqS/QVc7wT5GxDZjnJcgA1uRcF66CsbNsuB8B8HKGaCfGmx4G LY2pi1l675ZCqeoh5LeflwEVZrCesqn5jzzaQ5I= X-Google-Smtp-Source: AGHT+IFKdD9+y+kLpXqYIpX68F7d+ALIpq933H/2Y9M+oqyc6kOseBC2OQH0mrtVDJV9RA0NRK77W9ylRP4GPrD7X30= X-Received: by 2002:a05:6402:1e90:b0:64c:e9b6:14bb with SMTP id 4fb4d7f45d1cf-65097e6e36emr18821101a12.28.1768269053811; Mon, 12 Jan 2026 17:50:53 -0800 (PST) List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 References: <69604cd7.3aebd.7fdcb739@gitrepo.freebsd.org> In-Reply-To: From: Rick Macklem Date: Mon, 12 Jan 2026 17:50:41 -0800 X-Gm-Features: AZwV_QgdwX2qT98ojFw5S0LCG9g1IzlVpXojNfhStmR-rd24CRpf4bRhrSGhjxk Message-ID: Subject: Re: git: a6d57f312f18 - main - nfsd: Fix handling of hidden/system during Open/Create To: Benjamin Kaduk Cc: Benjamin Kaduk , Rick Macklem , src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.99 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.99)[-0.994]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36:c]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20230601]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; TAGGED_FROM(0.00)[]; ARC_NA(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; FREEMAIL_ENVFROM(0.00)[gmail.com]; TO_DN_SOME(0.00)[]; FREEMAIL_CC(0.00)[gmail.com,freebsd.org]; MIME_TRACE(0.00)[0:+]; FROM_HAS_DN(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::52e:from]; PREVIOUSLY_DELIVERED(0.00)[dev-commits-src-all@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; MID_RHS_MATCH_FROMTLD(0.00)[]; MISSING_XM_UA(0.00)[]; MLMMJ_DEST(0.00)[dev-commits-src-all@freebsd.org]; RCVD_COUNT_ONE(0.00)[1]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; RCPT_COUNT_FIVE(0.00)[6] X-Rspamd-Queue-Id: 4dqsfM0SbMz4Gnq On Fri, Jan 9, 2026 at 3:47=E2=80=AFPM Rick Macklem wrote: > > On Fri, Jan 9, 2026 at 3:42=E2=80=AFPM Benjamin Kaduk wro= te: > > > > On Fri, Jan 09, 2026 at 03:04:33PM -0800, Rick Macklem wrote: > > > On Fri, Jan 9, 2026 at 11:56=E2=80=AFAM Benjamin Kaduk wrote: > > > > > > > > On Thu, Jan 8, 2026 at 4:33=E2=80=AFPM Rick Macklem wrote: > > > >> > > > >> The branch main has been updated by rmacklem: > > > >> > > > >> URL: https://cgit.FreeBSD.org/src/commit/?id=3Da6d57f312f18bbeeda8= a34e99d0a662b0db9a190 > > > >> > > > >> commit a6d57f312f18bbeeda8a34e99d0a662b0db9a190 > > > >> Author: Rick Macklem > > > >> AuthorDate: 2026-01-08 16:27:32 +0000 > > > >> Commit: Rick Macklem > > > >> CommitDate: 2026-01-08 16:27:32 +0000 > > > >> > > > >> nfsd: Fix handling of hidden/system during Open/Create > > > >> > > > >> When an NFSv4.n client specifies settings for the archive, > > > >> hidden and/or system attributes during a Open/Create, the > > > >> Open/Create fails for ZFS. This is caused by ZFS doing > > > >> a secpolicy_xvattr() call, which fails for non-root. > > > >> If this check is bypassed, ZFS panics. > > > >> > > > >> This patch resolves the problem by disabling va_flags > > > >> for the VOP_CREATE() call in the NFSv4.n server and > > > >> then setting the flags with a subsequent VOP_SETATTR(). > > > >> > > > > > > > > The diff doesn't really include enough context to tell -- does this= introduce a race window where a file that's supposed to be hidden and/or s= ystem is visible without that attribute from a different process? > > > I believe that the answer is no. > > > > > > VOP_CREATE() returns the new file's vnode exclusively locked > > > and the update via VOP_SETATTR() happens before the vnode > > > lock is released. > > > > I expected/hoped that that was the case, but just couldn't tell from th= e > > diff itself. > I suppose I should have said that "if there is a race, it is in the FreeB= SD > OpenZFS port and I would consider that a bug". > I am not ZFS guy. Oh, and I forgot to mention "assuming the server doesn't reboot while the RPC is in progress". (The reboot while the RPC is in progress might be handled by ZFS if it was properly patched, but I'm not conversant with the ZFS code and do not understand the details of how the ZIL is used.) rick > > rick > > > > > Thanks! > > > > -Ben