From: "Pali Rohár" <pali.rohar@gmail.com>
To: linux-fsdevel@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Subject: Race-free unlinking of directory entries
Date: Wed, 20 Dec 2017 20:18:44 +0100 [thread overview]
Message-ID: <20171220191844.wnb3bgkpreg2tjia@pali> (raw)
Hi!
Linux kernel currently does not provide any race-free way for calling
unlink() syscall on file entry which points to opened file descriptor.
On the other hand Linux kernel already provides race-free way for
creating file entry by linkat() syscall with AT_EMPTY_PATH or
AT_SYMLINK_FOLLOW flags. unlinkat() does not.
There was already discussion about unlink issue in bugzilla:
https://bugzilla.kernel.org/show_bug.cgi?id=93441
Because file descriptor describes inode number which can be stored in
more directories as hard links, there is a proposed funlinkat() syscall
with following API:
int funlinkat(int fd, int dirfd, const char *pathname, int flags);
It should atomically check if file descriptor fd and pathname (according
to dirfd) are same, and if then just unlinkat(dirfd, pathname, flags).
If are not same, throw error.
What userspace application basically needs:
Open file, test it stat (or probably content) and based on test result
decide if file needs to be removed or not.
Or delete a file behind a file descriptor opened with O_PATH.
Both cases are currently not possible without introducing race condition
between open/stat and unlink. Between those two calls, some other
process can exchange files.
--
Pali Rohár
pali.rohar@gmail.com
next reply other threads:[~2017-12-20 19:18 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-12-20 19:18 Pali Rohár [this message]
2018-04-09 7:42 ` Race-free unlinking of directory entries Pali Rohár
2018-04-09 9:59 ` Christoph Hellwig
2018-04-09 10:10 ` Pali Rohár
2018-04-09 10:24 ` Christoph Hellwig
2018-04-09 10:35 ` Pali Rohár
2018-10-01 20:26 ` Pali Rohár
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171220191844.wnb3bgkpreg2tjia@pali \
--to=pali.rohar@gmail.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).