Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 20 Jun 2002 14:07:57 +1000 (EST)
From:      Bruce Evans <bde@zeta.org.au>
To:        Matt Dillon <dillon@FreeBSD.org>
Cc:        cvs-committers@FreeBSD.org, <cvs-all@FreeBSD.org>
Subject:   Re: cvs commit: src/sys/ufs/ufs ufs_readwrite.c
Message-ID:  <20020620135555.R11071-100000@gamplex.bde.org>
In-Reply-To: <200206190939.g5J9dfc51512@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Wed, 19 Jun 2002, Matt Dillon wrote:

> dillon      2002/06/19 02:39:41 PDT
>
>   Modified files:
>     sys/ufs/ufs          ufs_readwrite.c
>   Log:
>   In rev 1.72 a situation related to write/mmap was fixed which could result
>   in a user process gaining visibility into the 'old' contents of a filesystem
>   block.  There were two cases:  (1) when uiomove() fails (user process issues
>   illegal write), and (2) when uiomove() overlaps a mmap() of the same file at
>   the same offset (fault -> recursive buffer I/O reads contents of old block).

I fixed (1) in FreeBSD-1 by always backing out the write in the EFAULT case:

%%%
Index: ufs_vnops.c
===================================================================
RCS file: /home/ncvs/src1/sys/ufs/ufs_vnops.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -2 -r1.2 -r1.3
--- ufs_vnops.c	22 Jul 1993 16:58:16 -0000	1.2
+++ ufs_vnops.c	27 Jul 1993 10:53:29 -0000	1.3
@@ -607,5 +607,5 @@
 			ip->i_mode &= ~(ISUID|ISGID);
 	} while (error == 0 && uio->uio_resid > 0 && n != 0);
-	if (error && (ioflag & IO_UNIT)) {
+	if (error == EFAULT || error && (ioflag & IO_UNIT)) {
 		(void) itrunc(ip, osize, ioflag & IO_SYNC);
 		uio->uio_offset -= resid - uio->uio_resid;
%%%

but this is barely needed in FreeBSD-2 because IO_UNIT is set for regular
in vn_write().  (IO_UNIT is a rather bogus flag.  I haven't found any cases
where not setting it is correct.  It's main function was apparently to give
atomic writes, but that function has been broken by splitting up the writes
external (e.g., to break atomic writing of ktrace records), leaving only
its secondary function of (completely) backing out of failed write(2)'s to
regular files so that broken writers aren't confused by short writes.)

At least some of these these bugs are still present in at least some
filesysterms that were cloned from ffs.

Bruce


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020620135555.R11071-100000>