[Bug 577031] Re: Empty file creation corruption on CIFS filesystem

Nuno Lucas ntlucas at gmail.com
Mon May 10 22:51:43 UTC 2010 

apport information

** Tags added: apport-collected

** Description changed:

  This bug applies to 2.6.32 mainstream kernel.
  Kernel bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=15925
  I'm adding this bug here because I tested with Ubuntu 10.04 so I know it also affects it.
  
  I'm checking the "security vulnerability" box because it can result in
  leaked file contents from removed files, but I'm no security expert so I
  may be wrong.
  
  The text on that bugzilla entry follows:
  
  --------------------------------
  
  There is a bad regression of the CIFS driver on 2.6.32 kernels (tested
  2.6.32.11, 2.6.32.12 and Ubuntu 10.04 LTS 2.6.32-22-generic).
  
  The version of the server doesn't seem to matter (tested 2.6.27, 2.6.32 and
  Ubuntu 8.04 LTS 2.6.24-27-generic), as long as the client is 2.6.32-something.
  
  Empty files created on the server become non-empty (with the contents of some
  earlier written file) when read by the client. This happens when using lockf()
  and without using it.
  
  The following bash script shows the problem:
  
  -----------< test-cifs.sh >------------------------
  #!/bin/bash
  
  while [ 1 ];
  do
      rnd=$(( $RANDOM % 2 + 1 ))
      if [ -f $rnd ]; then
          v=$( cat $rnd  )
          if [ -n "$v" -a "$v" != "$rnd" ]; then
              echo "ERROR!!! rnd=$rnd val=$v"
              exit -1
          fi
          rm -f $rnd
      else
          touch $rnd
          echo $rnd > $rnd
      fi
  done
  -----------< test-cifs.sh >------------------------
  
  When this script runs both on the server and on the client on the same shared
  directory, after a few seconds (sometimes almost right away), the client will
  exit with the error.
  
  In a nutshell, the script creates a random (1 or 2) empty file if it doesn't
  exist, else makes sure it's content are either empty or the same as the file
  name. After the check removes the file.
  
  The script running on the server will never fail, as expected, but the client
  will sometimes see the file with the wrong contents.
  
  This only occurs when the client is running 2.6.32 (.11-12 or the Ubuntu 10.04
  one). Any other kernel version I tested will work as expected.
  
  A workaround we found for this problem is to never delete the file, just
  truncate it's size to zero. In this way the problem doesn't show.
  
  Replacing the 'rm -f $rnd' with 'echo -n "" > $rnd', is the script equivalent
  of this workaround.
  
  I haven't tested 2.6.33 yet because we will have to work with 2.6.32 for the
  time being, so it's not a solution for me.
  
  I'm available for any further information.
+ --- 
+ AlsaVersion: Advanced Linux Sound Architecture Driver Version 1.0.21.
+ AplayDevices:
+  **** List of PLAYBACK Hardware Devices ****
+  card 0: Intel [HDA Intel], device 0: ALC269 Analog [ALC269 Analog]
+    Subdevices: 1/1
+    Subdevice #0: subdevice #0
+ Architecture: i386
+ ArecordDevices:
+  **** List of CAPTURE Hardware Devices ****
+  card 0: Intel [HDA Intel], device 0: ALC269 Analog [ALC269 Analog]
+    Subdevices: 1/1
+    Subdevice #0: subdevice #0
+ AudioDevicesInUse:
+  USER        PID ACCESS COMMAND
+  /dev/snd/controlC0:  lucas      1227 F.... pulseaudio
+ CRDA: Error: [Errno 2] No such file or directory
+ Card0.Amixer.info:
+  Card hw:0 'Intel'/'HDA Intel at 0xf7eb8000 irq 16'
+    Mixer name	: 'Realtek ALC269'
+    Components	: 'HDA:10ec0269,1043834a,00100004'
+    Controls      : 12
+    Simple ctrls  : 7
+ DistroRelease: Ubuntu 10.04
+ HibernationDevice: RESUME=UUID=13e381ff-38f3-4280-9fc0-2c8e8df0ece8
+ InstallationMedia: Ubuntu 9.10 "Karmic Koala" - Release i386 (20091028.5)
+ MachineType: ASUSTeK Computer INC. 1000HE
+ Package: linux (not installed)
+ ProcCmdLine: BOOT_IMAGE=/boot/vmlinuz-2.6.32-22-generic root=UUID=5932f02c-dae7-458d-9c70-e9531fd95401 ro quiet splash
+ ProcEnviron:
+  PATH=(custom, user)
+  LANG=en_US.utf8
+  SHELL=/bin/bash
+ ProcVersionSignature: Ubuntu 2.6.32-22.33-generic 2.6.32.11+drm33.2
+ Regression: Yes
+ RelatedPackageVersions: linux-firmware 1.34
+ Reproducible: Yes
+ StagingDrivers: rt2860sta
+ Tags: lucid filesystem regression-release needs-upstream-testing staging
+ Title: [STAGING]
+ Uname: Linux 2.6.32-22-generic i686
+ UserGroups: adm admin cdrom dialout lpadmin plugdev sambashare
+ dmi.bios.date: 07/23/2009
+ dmi.bios.vendor: American Megatrends Inc.
+ dmi.bios.version: 1002
+ dmi.board.asset.tag: To Be Filled By O.E.M.
+ dmi.board.name: 1000HE
+ dmi.board.vendor: ASUSTeK Computer INC.
+ dmi.board.version: x.xx
+ dmi.chassis.asset.tag: 0x00000000
+ dmi.chassis.type: 10
+ dmi.chassis.vendor: ASUSTek Computer INC.
+ dmi.chassis.version: x.x
+ dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr1002:bd07/23/2009:svnASUSTeKComputerINC.:pn1000HE:pvrx.x:rvnASUSTeKComputerINC.:rn1000HE:rvrx.xx:cvnASUSTekComputerINC.:ct10:cvrx.x:
+ dmi.product.name: 1000HE
+ dmi.product.version: x.x
+ dmi.sys.vendor: ASUSTeK Computer INC.

** Attachment added: "AlsaDevices.txt"
   http://launchpadlibrarian.net/48241010/AlsaDevices.txt

-- 
Empty file creation corruption on CIFS filesystem
https://bugs.launchpad.net/bugs/577031
You received this bug notification because you are a member of Kernel
Bugs, which is subscribed to linux in ubuntu.

More information about the kernel-bugs mailing list