Page MenuHomeFreeBSD

fusefs: avoid cache corruption with buggy fuse servers
ClosedPublic

Authored by asomers on Mar 10 2020, 4:00 AM.

Details

Summary

fusefs: avoid cache corruption with buggy fuse servers

The FUSE protocol allows the client (kernel) to cache a file's size, if the
server (userspace daemon) allows it. A well-behaved daemon obviously should
not change a file's size while a client has it cached. But a buggy daemon
might. If the kernel ever detects that that has happened, then it should
invalidate the entire cache for that file. Previously, we would not only
cache stale data, but in the case of a file extension while we had the size
cached, we accidentally extended the cache with zeros.

Reported by: Ben RUBSON <ben.rubson@gmx.com>

Test Plan

Tests added

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

I'm not familiar with GoogleTest/C++ and didn't look at that bit.

sys/fs/fuse/fuse_internal.c
914 ↗(On Diff #69347)

I would probably be even more explicit "this fuse fileserver is buggy and must be mounted with -o direct_io" or something like that. We're very much papering over possible corruption here and it is easy for it to go undetected if a file is not extended or truncated.

sys/fs/fuse/fuse_node.h
137 ↗(On Diff #69347)

style(9) static inline bool on its own line.

asomers marked 2 inline comments as done.

Make a warning message scarier, and fix a style nit

This revision is now accepted and ready to land.Mar 11 2020, 4:18 AM

Thanks for such a speedy review!