Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available

[RFC][PATCH 0/6] Enhanced file stat system call · David Howells <dhowells@redhat.com> · 2016-04-29
[PATCH 1/6] statx: Add a system call to make enhanced file info available · David Howells <dhowells@redhat.com> · 2016-04-29
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · Andreas Dilger <hidden> · 2016-05-02
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · David Howells <dhowells@redhat.com> · 2016-05-03
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · Dave Chinner <david@fromorbit.com> · 2016-05-04
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · NeilBrown <hidden> · 2016-05-05
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · Jeff Layton <hidden> · 2016-05-05
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · David Howells <dhowells@redhat.com> · 2016-05-05
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · Dave Chinner <david@fromorbit.com> · 2016-05-06
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · J. Bruce Fields <hidden> · 2016-05-06
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · J. Bruce Fields <hidden> · 2016-05-06
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · Dave Chinner <david@fromorbit.com> · 2016-05-09
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · J. Bruce Fields <hidden> · 2016-05-09
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · NeilBrown <hidden> · 2016-05-04
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · Christoph Hellwig <hch@infradead.org> · 2016-05-08
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · Jeff Layton <hidden> · 2016-05-09
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · Christoph Hellwig <hch@infradead.org> · 2016-05-10
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · Jeff Layton <hidden> · 2016-05-10
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · David Howells <dhowells@redhat.com> · 2016-05-09
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · David Howells <dhowells@redhat.com> · 2016-05-09
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · Trond Myklebust <hidden> · 2016-05-09
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · Christoph Hellwig <hch@infradead.org> · 2016-05-10
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · David Howells <dhowells@redhat.com> · 2016-05-10
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · Christoph Hellwig <hch@infradead.org> · 2016-05-12
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · Arnd Bergmann <arnd@arndb.de> · 2016-05-13
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · David Howells <dhowells@redhat.com> · 2016-05-18
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · Christoph Hellwig <hch@infradead.org> · 2016-05-23
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · David Howells <dhowells@redhat.com> · 2016-05-23
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · David Howells <dhowells@redhat.com> · 2016-05-09
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · Christoph Hellwig <hch@infradead.org> · 2016-05-10
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · David Howells <dhowells@redhat.com> · 2016-05-10
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · Christoph Hellwig <hch@infradead.org> · 2016-05-12
Re: [PATCH 1/6] statx: Add a system call to make enhanced file info available · David Howells <dhowells@redhat.com> · 2016-05-09
[PATCH 2/6] statx: AFS: Return enhanced file attributes · David Howells <dhowells@redhat.com> · 2016-04-29
[PATCH 3/6] statx: Ext4: Return enhanced file attributes · David Howells <dhowells@redhat.com> · 2016-04-29
Re: [PATCH 3/6] statx: Ext4: Return enhanced file attributes · Andreas Dilger <hidden> · 2016-05-02
Re: [PATCH 3/6] statx: Ext4: Return enhanced file attributes · David Howells <dhowells@redhat.com> · 2016-05-03
Re: [PATCH 3/6] statx: Ext4: Return enhanced file attributes · Christoph Hellwig <hch@infradead.org> · 2016-05-08
[PATCH 4/6] statx: NFS: Return enhanced file attributes · David Howells <dhowells@redhat.com> · 2016-04-29
Re: [PATCH 4/6] statx: NFS: Return enhanced file attributes · Andreas Dilger <hidden> · 2016-05-02
[PATCH 5/6] statx: Make windows attributes available for CIFS, NTFS and FAT to use · David Howells <dhowells@redhat.com> · 2016-04-29
Re: [PATCH 5/6] statx: Make windows attributes available for CIFS, NTFS and FAT to use · Andreas Dilger <hidden> · 2016-05-02
Re: [PATCH 5/6] statx: Make windows attributes available for CIFS, NTFS and FAT to use · David Howells <dhowells@redhat.com> · 2016-05-03
Re: [PATCH 5/6] statx: Make windows attributes available for CIFS, NTFS and FAT to use · Steve French <smfrench@gmail.com> · 2016-10-03
Re: [PATCH 5/6] statx: Make windows attributes available for CIFS, NTFS and FAT to use · Christoph Hellwig <hch@infradead.org> · 2016-05-08
[PATCH 6/6] statx: CIFS: Return enhanced attributes · David Howells <dhowells@redhat.com> · 2016-04-29
Re: [RFC][PATCH 0/6] Enhanced file stat system call · Jeff Layton <hidden> · 2016-04-30
Re: [RFC][PATCH 0/6] Enhanced file stat system call · Arnd Bergmann <arnd@arndb.de> · 2016-05-04
Re: [RFC][PATCH 0/6] Enhanced file stat system call · Steve French <smfrench@gmail.com> · 2016-05-05
Re: [RFC][PATCH 0/6] Enhanced file stat system call · Steve French <smfrench@gmail.com> · 2016-05-06
Re: [RFC][PATCH 0/6] Enhanced file stat system call · Arnd Bergmann <arnd@arndb.de> · 2016-05-09
Re: [RFC][PATCH 0/6] Enhanced file stat system call · Richard Sharpe <hidden> · 2016-05-13
Re: [RFC][PATCH 0/6] Enhanced file stat system call · Arnd Bergmann <arnd@arndb.de> · 2016-05-13

From: Dave Chinner <david@fromorbit.com>
Date: 2016-05-09 01:45:43
Also in: linux-fsdevel, linux-nfs, lkml

[ OT, but I'll reply anyway :P ]

On Fri, May 06, 2016 at 02:29:23PM -0400, J. Bruce Fields wrote:

On Thu, May 05, 2016 at 08:56:02AM +1000, Dave Chinner wrote:

quoted

In the latest XFS filesystem format, we randomise the generation
value during every inode allocation to make it hard to guess the
handle of adjacent inodes from an existing ino+gen pair, or even
from life time to life time of the same inode.

The one thing I wonder about is whether that increases the probability
of a filehandle collision (where you accidentally generate the same
filehandle for two different files).

Not possible - inode number is still different between the two
files. i.e. ino+gen makes the handle unique, not gen.

If the generation number is a 32-bit counter per inode number (is that
actually the way filesystems work?), then it takes 2^32 reuses of the
inode number to hit the same filehandle.

4 billion unlink/create operations that hit the same inode number
are going to take some time. I suspect someone will notice the load
generated by an attmept to brute force this sort of thing ;)

If you choose it randomly then
you expect a collision after about 2^16 reuses.

I'm pretty sure that a random search will need to, on average,
search half the keyspace before a match is found (i.e. 2^31
attempts, not 2^16).

quoted

     If the caller didn't ask for them, then they may be approximated.  For
     example, NFS won't waste any time updating them from the server, unless
     as a byproduct of updating something requested.

I would suggest that exposing them from the NFS server is something
we most definitely don't want to do because they are the only thing
that keeps remote users from guessing filehandles with ease....

The first line of defense is not to depend on unguessable filehandles.
(Don't export sudirectories unless you're willing to export the whole
filesystem; and don't depend on directory permissions to keep children
secret.)

Defense in depth also says "don't make it easy to guess filehandles"
because not everyone knows this is a problem. In many cases, users
may not even know what consitutes a "filesystem" because their NFS
server appliance only defines "exports". The underlying
implementation may, in fact, be "everything exported from a single
filesystem" and so the user has no choice in the matter....


Dave.
-- 
Dave Chinner
david@fromorbit.com

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help