From: Anton Altaparmakov <aia21@cam.ac.uk>
To: Bryan Henderson <hbryan@us.ibm.com>
Cc: Theodore Ts'o <tytso@mit.edu>,
Akshat Aranya <aaranya@cs.sunysb.edu>,
linux-fsdevel@vger.kernel.org
Subject: Re: Expected getdents behaviour
Date: Thu, 15 Sep 2005 21:50:19 +0100 (BST) [thread overview]
Message-ID: <Pine.LNX.4.60.0509152146510.21782@hermes-1.csi.cam.ac.uk> (raw)
In-Reply-To: <OF8750384F.83368BFF-ON8825707D.005AFD85-8825707D.005CB38E@us.ibm.com>
On Thu, 15 Sep 2005, Bryan Henderson wrote:
> Since others have opined differently, I'd like to add my voice to Ted's
> and say his explanation is exactly my understanding too; I couldn't have
> said it any better, right down to the part of cursing our reality.
>
> We hate to admit that this is the requirement of directory positions,
> because it's so hard to implement, but it's what is expected. When I
> explain the directory positioning requirement (which actually shows up in
> lots of places in software design besides filesystem directories), I
> always say the ideal is to think of the directory position as a white card
> within a deck of playing cards. When you say "tell me about the next
> card," you get the card directly on top of the white card and that card
> then moves under the white card. People can insert and delete cards all
> around the white card, but the sequence is still well defined.
>
> In actuality, it's acceptable to fall short of that ideal and ignore some
> or all insertions or deletions that happened after a pass started, and
> many implementations do. But what you'd have a really hard time getting
> accepted is returning the same entry twice or skipping an entry that was
> always there, as someone steps through the directory.
That may be so but AFAICS it is impossible to implement without causing a
user triggerable OOM/DOS when you have a filesystem where directory
entries are static but are a B tree for example. The problem comes from
the fact that there is no way to tell for how long that white card is
valid to use your analogy. You would have to create one the first time
you see a readdir() from a particular file descriptor on the directory.
But when are you free to get rid of it? There is no way to tell. When
the directory is closed I hear you say, but what if it never gets closed
because the user is malicious?
Best regards,
Anton
--
Anton Altaparmakov <aia21 at cam.ac.uk> (replace at with @)
Unix Support, Computing Service, University of Cambridge, CB2 3QH, UK
Linux NTFS maintainer / IRC: #ntfs on irc.freenode.net
WWW: http://linux-ntfs.sf.net/ & http://www-stu.christs.cam.ac.uk/~aia21/
next prev parent reply other threads:[~2005-09-15 20:50 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-09-15 13:57 Expected getdents behaviour Akshat Aranya
2005-09-15 14:03 ` Peter Staubach
2005-09-15 14:07 ` Anton Altaparmakov
2005-09-15 14:12 ` Anton Altaparmakov
2005-09-15 14:45 ` Miklos Szeredi
2005-09-15 15:17 ` Anton Altaparmakov
2005-09-15 16:41 ` Jan Blunck
2005-09-15 17:46 ` Jörn Engel
2005-09-15 18:19 ` Theodore Ts'o
2005-09-15 21:04 ` Anton Altaparmakov
2005-09-16 7:50 ` Nikita Danilov
2005-09-15 21:47 ` Jörn Engel
2005-09-16 7:29 ` Nikita Danilov
2005-09-16 11:58 ` Theodore Ts'o
2005-09-15 21:00 ` Anton Altaparmakov
2005-09-15 21:15 ` Charles P. Wright
2005-09-15 21:19 ` Anton Altaparmakov
2005-09-15 20:28 ` Anton Altaparmakov
2005-09-15 16:51 ` Miklos Szeredi
2005-09-15 21:17 ` Anton Altaparmakov
2005-09-15 15:51 ` Theodore Ts'o
2005-09-15 16:52 ` Bryan Henderson
2005-09-15 16:57 ` Jeremy Allison
2005-09-15 20:51 ` Anton Altaparmakov
2005-09-15 20:50 ` Anton Altaparmakov [this message]
2005-09-15 23:41 ` Bryan Henderson
2005-09-15 20:25 ` Anton Altaparmakov
2005-09-16 3:39 ` Theodore Ts'o
2005-09-16 11:57 ` Dave Kleikamp
2005-09-15 18:08 ` Nikita Danilov
2005-09-16 11:23 ` Miklos Szeredi
2005-09-16 1:28 ` tridge
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Pine.LNX.4.60.0509152146510.21782@hermes-1.csi.cam.ac.uk \
--to=aia21@cam.ac.uk \
--cc=aaranya@cs.sunysb.edu \
--cc=hbryan@us.ibm.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).