On Sat, Apr 30, 2022 at 3:48 PM Jason A. Donenfeld <ja...@zx2c4.com> wrote: > On Sat, Apr 30, 2022 at 3:12 PM Denys Vlasenko <vda.li...@googlemail.com> > wrote: > > > @@ -190,6 +192,8 @@ int seedrng_main(int argc UNUSED_PARAM, char *argv[]) > > > if (mkdir(seed_dir, 0700) < 0 && errno != EEXIST) > > > bb_perror_msg_and_die("can't %s seed directory", > > > "create"); > > > dfd = open(seed_dir, O_DIRECTORY | O_RDONLY); > > > + /* The flock() here is absolutely necessary, as the consistency > > > of this > > > + * program breaks down with concurrent uses. */ > > > if (dfd < 0 || flock(dfd, LOCK_EX) < 0) > > > bb_perror_msg_and_die("can't %s seed directory", "lock"); > > > > The locking is notoriously not reliable across networked filesystems, > > and people often find more reliable ways to ensure safety wrt concurrency. > > > > E.g. renaming the file before use (rename is atomic even on NFS). > > > > Or, for example, what if we open /var/lib/seedrng/seed.credit, > > then try to unlink it. if unlink fails with ENOENT, this means we have > > a concurrent user. Thus, we bail out with an error message. > > Would this work? > > No, because a concurrent user might have replaced seed.credit at just > the wrong moment: > > readfile() > readfile() > unlink() = success > createnewseed() > unlink() = success
I see. Thank you. _______________________________________________ busybox mailing list busybox@busybox.net http://lists.busybox.net/mailman/listinfo/busybox