Every FUSE operation has a unique value in its header. As the name implies, these values are supposed to be unique among all outstanding operations. And sine FUSE_INTERRUPT is asynchronous and racy, it is desirable that the unique values be unique among all operations that are "close in time". But in our module, they aren't always unique. We inadvertently reuse them during fsync, readdir, LISTXATTR, and WRITE. The problem can be easily demonstrated like this: cd /usr/tests/sys/fs/fusefs > ./xattr --gtest_filter=Listxattr.user -vv Note: Google Test filter = Listxattr.user [==========] Running 1 test from 1 test case. [----------] Global test environment set-up. [----------] 1 test from Listxattr [ RUN ] Listxattr.user ACCESS ino= 1 uid= 1000 gid= 1000 pid= 848 unique=2 len=48 buflen=48 mask=0x1 LOOKUP ino= 1 uid= 1000 gid= 1000 pid= 848 unique=3 len=54 buflen=54 some_file.txt LISTXATTR ino=42 uid= 1000 gid= 1000 pid= 848 unique=4 len=48 buflen=48 size=0 LISTXATTR ino=42 uid= 1000 gid= 1000 pid= 848 unique=4 len=48 buflen=48 size=28 [ OK ] Listxattr.user (3 ms) [----------] 1 test from Listxattr (3 ms total) [----------] Global test environment tear-down [==========] 1 test from 1 test case ran. (3 ms total) [ PASSED ] 1 test. We should ensure that the value is regenerated during fdisp_refresh_vp().
A commit references this bug: Author: tcberner Date: Mon Mar 9 18:47:27 UTC 2020 New revision: 528119 URL: https://svnweb.freebsd.org/changeset/ports/528119 Log: security/amavisd-milter: Update to 1.7.0 PR: 244686 Submitted by: Petr Rehor <rx@rx.cz> (maintainer) Changes: head/security/amavisd-milter/Makefile head/security/amavisd-milter/distinfo head/security/amavisd-milter/pkg-message
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=5403f2c163f7e3d1adb9431d216f88d57cf9d74b commit 5403f2c163f7e3d1adb9431d216f88d57cf9d74b Author: Alan Somers <asomers@FreeBSD.org> AuthorDate: 2021-06-18 00:04:59 +0000 Commit: Alan Somers <asomers@FreeBSD.org> CommitDate: 2021-06-19 20:45:29 +0000 fusefs: ensure that FUSE ops' headers' unique values are actually unique Every FUSE operation has a unique value in its header. As the name implies, these values are supposed to be unique among all outstanding operations. And since FUSE_INTERRUPT is asynchronous and racy, it is desirable that the unique values be unique among all operations that are "close in time". Ensure that they are actually unique by incrementing them whenever we reuse a fuse_dispatcher object, for example during fsync, write, and listextattr. PR: 244686 MFC after: 2 weeks Reviewed by: pfg Differential Revision: https://reviews.freebsd.org/D30810 sys/fs/fuse/fuse_ipc.c | 34 ++++++++++++++-------------------- tests/sys/fs/fusefs/mockfs.cc | 9 +++++++++ tests/sys/fs/fusefs/mockfs.hh | 3 +++ 3 files changed, 26 insertions(+), 20 deletions(-)
A commit in branch stable/13 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=27d55441668afdab219c1f464df3ff035ff5d96c commit 27d55441668afdab219c1f464df3ff035ff5d96c Author: Alan Somers <asomers@FreeBSD.org> AuthorDate: 2021-06-18 00:04:59 +0000 Commit: Alan Somers <asomers@FreeBSD.org> CommitDate: 2021-07-04 00:05:13 +0000 fusefs: ensure that FUSE ops' headers' unique values are actually unique Every FUSE operation has a unique value in its header. As the name implies, these values are supposed to be unique among all outstanding operations. And since FUSE_INTERRUPT is asynchronous and racy, it is desirable that the unique values be unique among all operations that are "close in time". Ensure that they are actually unique by incrementing them whenever we reuse a fuse_dispatcher object, for example during fsync, write, and listextattr. PR: 244686 Reviewed by: pfg Differential Revision: https://reviews.freebsd.org/D30810 (cherry picked from commit 5403f2c163f7e3d1adb9431d216f88d57cf9d74b) sys/fs/fuse/fuse_ipc.c | 34 ++++++++++++++-------------------- tests/sys/fs/fusefs/mockfs.cc | 9 +++++++++ tests/sys/fs/fusefs/mockfs.hh | 3 +++ 3 files changed, 26 insertions(+), 20 deletions(-)
A commit in branch stable/12 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=46138f337bd803f6546d0eae8b9b0f3879ca3224 commit 46138f337bd803f6546d0eae8b9b0f3879ca3224 Author: Alan Somers <asomers@FreeBSD.org> AuthorDate: 2021-06-18 00:04:59 +0000 Commit: Alan Somers <asomers@FreeBSD.org> CommitDate: 2021-07-27 17:15:40 +0000 fusefs: ensure that FUSE ops' headers' unique values are actually unique Every FUSE operation has a unique value in its header. As the name implies, these values are supposed to be unique among all outstanding operations. And since FUSE_INTERRUPT is asynchronous and racy, it is desirable that the unique values be unique among all operations that are "close in time". Ensure that they are actually unique by incrementing them whenever we reuse a fuse_dispatcher object, for example during fsync, write, and listextattr. PR: 244686 Reviewed by: pfg Differential Revision: https://reviews.freebsd.org/D30810 (cherry picked from commit 5403f2c163f7e3d1adb9431d216f88d57cf9d74b) sys/fs/fuse/fuse_ipc.c | 34 ++++++++++++++-------------------- tests/sys/fs/fusefs/mockfs.cc | 9 +++++++++ tests/sys/fs/fusefs/mockfs.hh | 3 +++ 3 files changed, 26 insertions(+), 20 deletions(-)