[Pkg-samba-maint] Bug#483507: mount.cifs: brl option does not produce documented semantics for fcntl(F_SETLK)

Thu May 29 22:12:53 UTC 2008

On Thu 2008-05-29 01:12:23 -0400, Daniel Kahn Gillmor wrote:

> Attached is the test program that displays this behavior.  It should
> fail with "write lock failed: Permission denied" when used on a file
> on a CIFS mount, and it has succeeded quietly on every other
> filesystem i've tried.

In particular, the test program even succeeds (with the exception of
NFSv3) on non-cifs filesystems mounted with the "mand" option, and
with files whose mode was set with chmod g+s,g-x, which i believe is
the documented way to turn on mandatory locking [0].

here's it working on a tmpfs mounted with mand:

[0 dkg at squeak ~]$ grep mnt /proc/mounts 
/root/foo /mnt tmpfs rw,mand 0 0
[0 dkg at squeak ~]$ echo -n a  > /mnt/foo
[0 dkg at squeak ~]$ chmod g+s,g-x /mnt/foo
[0 dkg at squeak ~]$ ls -la /mnt/foo 
-rw-r-Sr-- 1 dkg dkg 1 2008-05-29 15:56 /mnt/foo
[0 dkg at squeak ~]$ ~/src/cmrg/test/testlocking/testlocking /mnt/foo 
[0 dkg at squeak ~]$ 

and here's an ext3 fs mounted with mand:

[0 dkg at squeak ~]$ grep mnt /proc/mounts 
/dev/mapper/squeak0-tester /mnt ext3 rw,mand,data=ordered 0 0
[0 dkg at squeak ~]$ echo -n a  > /mnt/foo
[0 dkg at squeak ~]$ chmod g+s,g-x /mnt/foo
[0 dkg at squeak ~]$ ls -la /mnt/foo 
-rw-r-Sr-- 1 dkg dkg 1 2008-05-29 15:59 /mnt/foo
[0 dkg at squeak ~]$ ~/src/cmrg/test/testlocking/testlocking /mnt/foo 
[0 dkg at squeak ~]$ 

and vfat (i couldn't set the group setuid bit on vfat, but the test
program still worked):

[0 dkg at squeak ~]$ grep mnt /proc/mounts 
/dev/mapper/squeak0-tester /mnt vfat rw,mand,uid=1000,gid=1000,fmask=0033,dmask=0022,codepage=cp437,iocharset=iso8859-1 0 0
[0 dkg at squeak ~]$ echo -n a  > /mnt/foo
[0 dkg at squeak ~]$ chmod g+s,g-x /mnt/foo
chmod: changing permissions of `/mnt/foo': Operation not permitted
[1 dkg at squeak ~]$ ~/src/cmrg/test/testlocking/testlocking /mnt/foo 
[0 dkg at squeak ~]$ 

and xfs with mand:

[0 dkg at squeak ~]$ grep mnt /proc/mounts 
/dev/mapper/squeak0-tester /mnt xfs rw,mand,ikeep,noquota 0 0
[0 dkg at squeak ~]$ echo -n a  > /mnt/foo
[0 dkg at squeak ~]$ chmod g+s,g-x /mnt/foo
[0 dkg at squeak ~]$ ls -la /mnt/foo 
-rw-r-Sr-- 1 dkg dkg 1 2008-05-29 16:07 /mnt/foo
[0 dkg at squeak ~]$ ~/src/cmrg/test/testlocking/testlocking /mnt/foo 
[0 dkg at squeak ~]$ 

However, on NFSv3 (exported from an up-to-date etch nfs-kernel-server
with (rw,subtree_check), and mounted with all kinds of different
options (with and without mand), my little test program continually
fails *at the read lock* stage if the file is mode g+s,g-x:

[0 dkg at squeak ~]$ grep mnt /proc/mounts 
bob:/srv/dmz /mnt nfs rw,vers=3,rsize=32768,wsize=32768,hard,nointr,proto=tcp,timeo=600,retrans=2,sec=sys,addr=192.168.2.99 0 0
[0 dkg at squeak ~]$ ls -la  /mnt/foo
-rw-r--r-- 1 dkg dkg 1 2008-05-29 17:04 /mnt/foo
[0 dkg at squeak ~]$ ~/src/cmrg/test/testlocking/testlocking /mnt/foo 
[0 dkg at squeak ~]$ chmod g+x /mnt/foo
[0 dkg at squeak ~]$ ~/src/cmrg/test/testlocking/testlocking /mnt/foo 
[0 dkg at squeak ~]$ chmod g+s /mnt/foo
[0 dkg at squeak ~]$ ~/src/cmrg/test/testlocking/testlocking /mnt/foo 
[0 dkg at squeak ~]$ chmod g-x /mnt/foo
[0 dkg at squeak ~]$ ~/src/cmrg/test/testlocking/testlocking /mnt/foo 
read lock failed: No locks available
[1 dkg at squeak ~]$ 

so, interestingly, the nfs client appears to think that the mode bits
alone are sufficient to indicate mandatory (as opposed to advisory)
locking, and it apparently knows that NFSv3 is incapable of providing
mandatory locks.

At any rate, the behavior of cifs with the brl option is clearly
divergent from the behavior of the other filesystems.

          --dkg

[0] from fcntl(2):

       To  make use of mandatory locks, mandatory locking must be enabled both
       on the file system that contains the file to be locked, and on the file
       itself.   Mandatory  locking  is enabled on a file system using the "-o
       mand" option to mount(8), or the MS_MANDLOCK flag for mount(2).  Manda-
       tory locking is enabled on a file by disabling group execute permission
       on the file and enabling the set-group-ID permission bit (see  chmod(1)
       and chmod(2)).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 826 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20080529/17099351/attachment.pgp 