From mboxrd@z Thu Jan 1 00:00:00 1970 From: Anton Altaparmakov Subject: Re: Expected getdents behaviour Date: Thu, 15 Sep 2005 21:50:19 +0100 (BST) Message-ID: References: Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Cc: Theodore Ts'o , Akshat Aranya , linux-fsdevel@vger.kernel.org Return-path: Received: from ppsw-7.csi.cam.ac.uk ([131.111.8.137]:25523 "EHLO ppsw-7.csi.cam.ac.uk") by vger.kernel.org with ESMTP id S1161014AbVIOUud (ORCPT ); Thu, 15 Sep 2005 16:50:33 -0400 To: Bryan Henderson In-Reply-To: Sender: linux-fsdevel-owner@vger.kernel.org List-Id: linux-fsdevel.vger.kernel.org On Thu, 15 Sep 2005, Bryan Henderson wrote: > Since others have opined differently, I'd like to add my voice to Ted's > and say his explanation is exactly my understanding too; I couldn't have > said it any better, right down to the part of cursing our reality. > > We hate to admit that this is the requirement of directory positions, > because it's so hard to implement, but it's what is expected. When I > explain the directory positioning requirement (which actually shows up in > lots of places in software design besides filesystem directories), I > always say the ideal is to think of the directory position as a white card > within a deck of playing cards. When you say "tell me about the next > card," you get the card directly on top of the white card and that card > then moves under the white card. People can insert and delete cards all > around the white card, but the sequence is still well defined. > > In actuality, it's acceptable to fall short of that ideal and ignore some > or all insertions or deletions that happened after a pass started, and > many implementations do. But what you'd have a really hard time getting > accepted is returning the same entry twice or skipping an entry that was > always there, as someone steps through the directory. That may be so but AFAICS it is impossible to implement without causing a user triggerable OOM/DOS when you have a filesystem where directory entries are static but are a B tree for example. The problem comes from the fact that there is no way to tell for how long that white card is valid to use your analogy. You would have to create one the first time you see a readdir() from a particular file descriptor on the directory. But when are you free to get rid of it? There is no way to tell. When the directory is closed I hear you say, but what if it never gets closed because the user is malicious? Best regards, Anton -- Anton Altaparmakov (replace at with @) Unix Support, Computing Service, University of Cambridge, CB2 3QH, UK Linux NTFS maintainer / IRC: #ntfs on irc.freenode.net WWW: http://linux-ntfs.sf.net/ & http://www-stu.christs.cam.ac.uk/~aia21/