From: Steve Dickson <SteveD@redhat.com>
To: Olaf Kirch <olaf.kirch@oracle.com>
Cc: Neil Brown <neilb@suse.de>, Christoph Hellwig <hch@infradead.org>,
Matthias Koenig <mkoenig@novell.com>,
nfs@lists.sourceforge.net,
Javier Fern?ndez-Sanguino Pe?a <jfs@computer.org>,
anibal@debian.org
Subject: Re: Portmap - was Re: Does mountd/statd really need to listen on a privileged port??
Date: Fri, 04 May 2007 14:52:58 -0400 [thread overview]
Message-ID: <463B810A.7030500@RedHat.com> (raw)
In-Reply-To: <200704270820.19718.olaf.kirch@oracle.com>
The following commits are on:
git://git.infradead.org/~steved/libtirpc.git
Olaf Kirch wrote:
>>> - it seems that tirpc unconditionally requires rpcbind,
>>> even for applications that still use pmap_set and
>>> friends. In the interest of a smooth transition, applications
>>> using the old interface should be able to expect the
>>> old behavior.
>> I not understanding your point... all the pmap_xxx routine are
>> supported, taking the same arguments and return same value.
>> Internally they definitely do things differently, which should
>> not be a problem...so where are you seeing the potential
>> transition problems?
>
> It means you cannot run a binary linked against tirpc
> on a host that runs portmap but no rpcbind. E.g.
> pmap_set will simply fail if it can't connect to
> rpcbind via AF_LOCAL. I think any replacement for
> libc's sunrpc code should continue to work in a
> portmap environment.
I'm still working on this... but I am wondering why this
would be important.. why look back?
>
>>> - tirpc does truly bizarre things, eg in clnt_raw.c
>>> it declares a local variable, and then acquires
>>> a mutex to check this local variable for NULL:
>>>
>>> mutex_lock(&clntraw_lock);
>>> if (clp == NULL) {
>>> mutex_unlock(&clntraw_lock);
>>> return (RPC_FAILED);
>>> }
>>> mutex_unlock(&clntraw_lock);
>> Look again... clp is pointing to global data... so locks
>> are needed...
>
> Yes, clp is *pointing* at global data, so the data it
> points at may change. But this pointer itself is
> a variable on your local stack which is not even
> visible to any other thread; so it can't change.
>
> I assume this was once meant to protect access
> to the clntraw_private pointer, which is a global
> variable and could do with some mutex protection,
> and I guess at some point the code looked like this:
>
> mutex_lock()
> clp = clntraw_private;
> if (clp == NULL) {
> unlock and fail
> }
>
> and some misguided soul probably moved the
> pointer assignment out of the protected region
> so that the code now looks the way it does.
> This needs fixing.
commit 419d35db75ab8bd8f79c424f529a6c2f7c4f5fa7
Author: Steve Dickson <steved@redhat.com>
Date: Fri May 4 09:27:00 2007 -0400
Fixed mutex locking problem in clnt_raw.c. One should grab the
clntraw_lock before accessing at clntraw_private, not after.
Signed-off-by: Steve Dickson <steved@redhat.com>
>
>>> - glibc switched to poll(), whereas tirpc still uses
>>> select with all its limitations
>> educate me... why is using poll() better than select()?
>
> fd_set has a limit on the max file descriptor it can
> accomodate (1024 I think). poll does not. So if you use
> that code in apps that have files with descriptors > 1024
> you will start clobbering heap or stack memory.
>
> Under the hood, they're all the same - glibc's select
> will call sys_poll.
still looking into this... I need to port to some applications
to test this out...
>
>>> - in tirpc, clnt_sperror uses snprintf to avoid buffer overflows,
>>> but gets it all wrong wrt the return value of snprintf.
>> hmm... how is:
>> i = snprintf(str, len, "; errno = %s", strerror(e.re_errno));
>> if (i > 0) {
>> str += i;
>> len -= i;
>> }
>> wrong? looks reasonable to me... what am I missing?
>
> snprintf returns the number of characters it *would* have
> printed if the buffer size had been sufficient. It does not
> return the number of characters actually printed, which is
> what this code seems to assume. So if the buffer is
> too small, you end up with str pointing beyond the end of
> the buffer, and len a huge unsigned value. That is decidedly
> not what you want :-)
commit a3a3a4e5157932c254200e3b31a78739f5878071
Author: Steve Dickson <steved@redhat.com>
Date: Fri May 4 11:27:43 2007 -0400
Ignore the return value of snprintf() and use strlen() instead
to bump the pointer in clnt_sperror()
Also removed calls to assert(), not needed.
Signed-off-by: Steve Dickson <steved@redhat.com>
>>> - tirpc bindresvport is IPv6 aware, but has a bug: if the
>>> caller passes a sockaddr with sin_port/sin6_port set,
>>> the routine will actually bind to htons(port).
>> I must be missing something... in the AF_INET6: the port is set
>> to sin6->sin6_port; which will be the first port that is tried... right?
>> and that is bad?
>
> It uses htons alright, but it forgot the ntohs
>
> switch (af) {
> case AF_INET:
> sin = (struct sockaddr_in *)sa;
> salen = sizeof(struct sockaddr_in);
> port = sin->sin_port; /* <--- needs ntohs */
> ...
> *portp = htons(port++);
commit 83cb8b02f87fe6fd7bbd903e4825f7cb38e59ec4
Author: Steve Dickson <steved@redhat.com>
Date: Fri May 4 12:19:27 2007 -0400
A couple ntohs() were needed in bindresvport_sa()
Signed-off-by: Steve Dickson <steved@redhat.com>
>
> Two more things:
>
> - tirpc does a getenv("NETNAME") which should probably be
> secure_getenv().
Cound not find where secure_getenv() is defined and it didn't
seem to be used in any of the glibc code, but getenv() is...
>
> - in libc, clntudp_call uses the IP_RECVERR feature of the
> Linux kernel, so it gets notified of ICMP errors (like
> port_unreach). The TIRPC code does not, so the
> application will never see any error and has to wait
> for a timeout instead.
commit 40ab0c28e995786d5844bd490a31b788ecabf546
Author: Steve Dickson <steved@redhat.com>
Date: Fri May 4 14:26:56 2007 -0400
Added IP_RECVERR processing with to clnt_dg_call() so
application will see errors instead of timing out
Signed-off-by: Steve Dickson <steved@redhat.com>
>
> That's where we disagree :-) I think ripping out the glibc
> code and replacing it will cause a lot of maintenance for
> the distros.
Don't worry... that glibc code is going anywhere... but
when IPv6 supported is need, I'm hopeful the Linux version
of libtirpc will be an option...
steved.
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
NFS maillist - NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs
next prev parent reply other threads:[~2007-05-04 18:52 UTC|newest]
Thread overview: 82+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-04-12 22:05 Does mountd/statd really need to listen on a privileged port?? Neil Brown
2007-04-13 0:05 ` Trond Myklebust
2007-04-16 1:03 ` Neil Brown
2007-04-13 0:55 ` Mike Frysinger
2007-04-13 1:09 ` Mike Frysinger
2007-04-13 1:39 ` Neil Brown
2007-04-13 2:04 ` Mike Frysinger
2007-04-17 10:14 ` Olaf Kirch
2007-04-17 11:12 ` Mike Frysinger
2007-04-16 18:13 ` Steve Dickson
2007-04-17 10:08 ` Olaf Kirch
2007-04-17 11:21 ` Mike Frysinger
2007-04-17 11:32 ` Olaf Kirch
2007-04-18 7:14 ` Neil Brown
2007-04-19 0:46 ` Neil Brown
2007-04-19 1:21 ` Javier Fernández-Sanguino Peña
2007-04-20 3:04 ` Portmap - was " Neil Brown
2007-04-20 6:49 ` Olaf Kirch
2007-04-20 8:02 ` Neil Brown
2007-04-20 13:27 ` Olaf Kirch
2007-04-20 19:18 ` Steve Dickson
2007-04-23 4:03 ` Neil Brown
2007-04-23 6:31 ` Neil Brown
2007-04-23 13:43 ` Steve Dickson
2007-04-24 0:56 ` Neil Brown
2007-04-24 17:13 ` Steve Dickson
2007-04-23 13:28 ` Steve Dickson
2007-04-23 23:09 ` Neil Brown
2007-04-24 6:43 ` Olaf Kirch
2007-04-24 7:24 ` Neil Brown
2007-04-24 15:15 ` Talpey, Thomas
2007-04-24 15:31 ` Talpey, Thomas
2007-04-24 7:08 ` Olaf Kirch
2007-04-24 15:10 ` Steve Dickson
2007-04-24 16:10 ` Christoph Hellwig
2007-04-24 17:04 ` Steve Dickson
2007-04-24 17:17 ` Christoph Hellwig
2007-04-24 17:52 ` Steve Dickson
2007-04-24 19:09 ` Peter Åstrand
2007-04-24 20:26 ` Steve Dickson
2007-04-24 20:36 ` Peter Staubach
2007-04-25 11:56 ` Olaf Kirch
2007-04-25 15:44 ` Peter Staubach
2007-04-25 20:14 ` Olaf Kirch
2007-04-26 6:32 ` Neil Brown
2007-04-26 8:59 ` Olaf Kirch
2007-04-26 13:03 ` Peter Staubach
2007-05-02 4:22 ` Ian Kent
2007-04-27 15:07 ` Olaf Kirch
2007-04-27 15:18 ` Christoph Hellwig
2007-04-27 17:07 ` Olaf Kirch
2007-04-29 23:32 ` Steve Dickson
2007-04-26 7:52 ` Aurélien Charbon
2007-04-25 8:57 ` Peter Åstrand
2007-04-25 8:56 ` Olaf Kirch
2007-04-25 9:58 ` Christoph Hellwig
2007-04-25 13:22 ` Steve Dickson
2007-04-25 14:10 ` Olaf Kirch
2007-04-25 14:42 ` Christoph Hellwig
2007-04-26 14:30 ` Peter Åstrand
2007-04-25 14:37 ` Christoph Hellwig
2007-04-25 13:39 ` Steve Dickson
2007-04-26 22:22 ` Steve Dickson
2007-04-27 2:22 ` J. Bruce Fields
2007-04-27 6:20 ` Olaf Kirch
2007-04-27 14:01 ` Peter Staubach
2007-04-27 14:09 ` Christoph Hellwig
2007-04-27 14:21 ` Peter Staubach
2007-04-27 14:37 ` Christoph Hellwig
2007-04-29 23:39 ` Steve Dickson
2007-04-27 16:49 ` Olaf Kirch
2007-04-27 17:06 ` Peter Staubach
2007-04-27 17:04 ` Olaf Kirch
2007-04-27 17:34 ` Peter Staubach
2007-05-04 18:52 ` Steve Dickson [this message]
2007-04-24 14:38 ` Steve Dickson
2007-04-19 15:15 ` Steve Dickson
2007-04-19 15:21 ` J. Bruce Fields
2007-04-19 15:42 ` Steve Dickson
2007-04-19 15:50 ` J. Bruce Fields
2007-04-19 16:36 ` Steve Dickson
2007-04-19 22:50 ` Anibal Monsalve Salazar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=463B810A.7030500@RedHat.com \
--to=steved@redhat.com \
--cc=anibal@debian.org \
--cc=hch@infradead.org \
--cc=jfs@computer.org \
--cc=mkoenig@novell.com \
--cc=neilb@suse.de \
--cc=nfs@lists.sourceforge.net \
--cc=olaf.kirch@oracle.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox