[PATCH] g10: Fix a race condition initially creating trustdb
NIIBE Yutaka
gniibe at fsij.org
Wed May 20 02:19:03 CEST 2015
On 05/19/2015 08:01 PM, NIIBE Yutaka wrote:
> This is a fix for the issue 1675:
> https://bugs.gnupg.org/gnupg/issue1675
Sorry, the fix of mine is in-mature, there is still a race between
initial creators (two processes could try to create initial
trustdb.gpg, as checking by access(2) is done with no lock). I'll
post updated version, soon.
> I read through the code for trustdb.gpg. If I read the code
> correctly, it implements mutual exclusions between write accesses to
> trustdb.gpg, but there are still races between:
>
> * writing to trustdb.gpg
>
> * reading from trustdb.gpg
When writing this message, I assumed that write(2) could be non-atomic
(depending on the file system), when the access is at the boundary of
block size. In this (wrong) theory, read(2) from another process
would see inconsistent data. (Since TRUST_RECORD_LEN=40, I had a
concern. If its size were 32 or 64, I had not.)
I checked POSIX and it seems the atomicity is guaranteed:
http://pubs.opengroup.org/onlinepubs/9699919799/functions/write.html
So, I don't need to care.
But, at least with ext4 in 2011, we had a issue:
http://thread.gmane.org/gmane.comp.file-systems.ext4/24425
--
More information about the Gnupg-devel
mailing list