From patchwork Wed Jan 24 12:31:34 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick Steinhardt X-Patchwork-Id: 13529166 Received: from wout1-smtp.messagingengine.com (wout1-smtp.messagingengine.com [64.147.123.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 411A76D1DE for ; Wed, 24 Jan 2024 12:31:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=64.147.123.24 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706099500; cv=none; b=WevoGQbQ7YF4/aO3YfBba1Kgp8XfxeFcjYpB+6rK1C3glBbrmKcw2wh4RRdRCq/DeKWLBkgT7gPpRfxMf2gGGubMyVHuzaIfljkFjBnLpwmbAUNb3csBy/EMzbFqECLMUwqQptmAtm7lj/nSlNwCjDKBj1GllgQo2jalXN1UXr0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706099500; c=relaxed/simple; bh=7ETwRw9WNE9+2vbjAsQ1SRmFm9aGpI6XH54nH2xOuU4=; h=Date:From:To:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=qlscNxGUrMfUPD4VQ/OTmdkew6gWFQOJ8NdZqI4Sl+Yl3VqEQQfX7FZOUDt/5Vx2HDIgyGqcyJkvSLHrP571T/8JUCz3189zmDNre6B3z2G/1z6IHYR7mr72HY536mp1KdemE5UUR1t9Q4bWcxbPO84kMGuIOdmJR/t1+JlOU+w= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=pks.im; spf=pass smtp.mailfrom=pks.im; dkim=pass (2048-bit key) header.d=pks.im header.i=@pks.im header.b=fjGpikNm; dkim=pass (2048-bit key) header.d=messagingengine.com header.i=@messagingengine.com header.b=bEzBGEMR; arc=none smtp.client-ip=64.147.123.24 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=pks.im Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=pks.im Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=pks.im header.i=@pks.im header.b="fjGpikNm"; dkim=pass (2048-bit key) header.d=messagingengine.com header.i=@messagingengine.com header.b="bEzBGEMR" Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailout.west.internal (Postfix) with ESMTP id 605683200AFA for ; Wed, 24 Jan 2024 07:31:37 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute2.internal (MEProxy); Wed, 24 Jan 2024 07:31:37 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pks.im; h=cc :content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:subject :subject:to:to; s=fm3; t=1706099496; x=1706185896; bh=cpQ12u7knP ht4+6H24dsb2zZb3GcNo0CKFSIydIioKg=; b=fjGpikNmoxM93YZ/Ykg07yTjGA KsFeza3vNEpENyYK61DdyY1bfrGJ2K+DAPq66WC6391RoE+mkZjIh5FWOIg9wQ9C PELt+QFiEcHOKOMfUptesNJiR6d2XgeWonS2b+SSUo2uxPBcVdY5AiIMPo2pvNuQ 8e6UaI65JnYU5bqJctrHkDt+LXnwg8OxwM7s5iRgGCoPxI4pSYDVoOsHzMQdRtbi RbmG+MDh5fOxr7H18VxeDKLBKU8/isdec1h/a7Xb+b548jz2rG3kO+9u5nwlLWv2 ysDHccpXXWeeqEzh5ncLkyWi91WvMqackzzIGWeinHVvNptoC+SIZgVsEVVA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; t=1706099496; x=1706185896; bh=cpQ12u7knPht4+6H24dsb2zZb3Gc No0CKFSIydIioKg=; b=bEzBGEMRRn85JjYZObGP7vBichAHDPx8ChwmD213tuRv laicxlFzSxbVFoZgAIDFMtBHVvHzWaRbvLGfmmU+TZE7NEJroSqydAIva7hN7DRD i0RlKbRs4qw60r+uUSq+trt3uZArxc1lqEgrmAZPiEHxqbv+cWdFQ8DxJbRomXn0 J3NFjOjAO4XhoCkvuLBLjX8il34QPoBkxHi6gGpzs7fgGZoTIqQ10my0Ny0VuOD3 3XL2DW9Z380QDd1hr2ENeUUG4DJTJ9iLYwocUEeps2xvPUMlUU+woImXeygnn+6R PG8eqFR5aeSqpC/v2Qk/zSeBpVJr80n02ApsTp+5eQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrvdeluddgfeelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpeffhffvuffkfhggtggujgesghdtre ertddtvdenucfhrhhomheprfgrthhrihgtkhcuufhtvghinhhhrghrughtuceophhssehp khhsrdhimheqnecuggftrfgrthhtvghrnhepheeghfdtfeeuffehkefgffduleffjedthf dvjeektdfhhedvlefgtefgvdettdfhnecuvehluhhsthgvrhfuihiivgeptdenucfrrghr rghmpehmrghilhhfrhhomhepphhssehpkhhsrdhimh X-ME-Proxy: Feedback-ID: i197146af:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA for ; Wed, 24 Jan 2024 07:31:36 -0500 (EST) Received: by vm-mail (OpenSMTPD) with ESMTPSA id d4f57f8c (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO) for ; Wed, 24 Jan 2024 12:28:30 +0000 (UTC) Date: Wed, 24 Jan 2024 13:31:34 +0100 From: Patrick Steinhardt To: git@vger.kernel.org Subject: [PATCH 1/2] reftable/stack: use fchmod(3P) to set permissions Message-ID: <4b8d76789b41c6540878810ee2312c49b199026e.1706099090.git.ps@pks.im> References: Precedence: bulk X-Mailing-List: git@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: We use chmod(3P) to modify permissions of "tables.list" locks as well as temporary new tables we're writing. In all of these cases we do have a file descriptor readily available though. So instead of using chmod(3P) we can use fchmod(3P), which should both be more efficient while also avoiding a potential race where we change permissions of the wrong file in case it was swapped out after we have created it. Refactor the code to do so. Signed-off-by: Patrick Steinhardt --- reftable/stack.c | 29 ++++++++++++++--------------- 1 file changed, 14 insertions(+), 15 deletions(-) diff --git a/reftable/stack.c b/reftable/stack.c index 7ffeb3ee10..c6e4dc4b2b 100644 --- a/reftable/stack.c +++ b/reftable/stack.c @@ -467,11 +467,11 @@ static int reftable_stack_init_addition(struct reftable_addition *add, } goto done; } - if (st->config.default_permissions) { - if (chmod(add->lock_file->filename.buf, st->config.default_permissions) < 0) { - err = REFTABLE_IO_ERROR; - goto done; - } + if (st->config.default_permissions && + fchmod(get_tempfile_fd(add->lock_file), + st->config.default_permissions) < 0) { + err = REFTABLE_IO_ERROR; + goto done; } err = stack_uptodate(st); @@ -633,12 +633,12 @@ int reftable_addition_add(struct reftable_addition *add, err = REFTABLE_IO_ERROR; goto done; } - if (add->stack->config.default_permissions) { - if (chmod(temp_tab_file_name.buf, add->stack->config.default_permissions)) { - err = REFTABLE_IO_ERROR; - goto done; - } + if (add->stack->config.default_permissions && + fchmod(tab_fd, add->stack->config.default_permissions) < 0) { + err = REFTABLE_IO_ERROR; + goto done; } + wr = reftable_new_writer(reftable_fd_write, &tab_fd, &add->stack->config); err = write_table(wr, arg); @@ -967,11 +967,10 @@ static int stack_compact_range(struct reftable_stack *st, int first, int last, goto done; } have_lock = 1; - if (st->config.default_permissions) { - if (chmod(lock_file_name.buf, st->config.default_permissions) < 0) { - err = REFTABLE_IO_ERROR; - goto done; - } + if (st->config.default_permissions && + fchmod(lock_file_fd, st->config.default_permissions) < 0) { + err = REFTABLE_IO_ERROR; + goto done; } format_name(&new_table_name, st->readers[first]->min_update_index, From patchwork Wed Jan 24 12:31:41 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick Steinhardt X-Patchwork-Id: 13529167 Received: from wout1-smtp.messagingengine.com (wout1-smtp.messagingengine.com [64.147.123.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 46A316E2C9 for ; Wed, 24 Jan 2024 12:31:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=64.147.123.24 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706099506; cv=none; b=hoMKFyvHlS3behZOhPhCfrraBRavjln5R5/LAT4uqoYE8J6Lu9fTJ4+9+tV3cN3VUPIUFxYwFgE0MS41mpIpQR5BjBurp1vfIqgvAXMJXr26y7AWmvXtG8T+hRIpRMm42qFYBolO2nf6VKo7gwwvREyVxITbw5su1MCWNjWrWjQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706099506; c=relaxed/simple; bh=ZYl6rOFwiyVcXmVHa/WPtRFnbzM7EwkPFgLkutKDqWg=; h=Date:From:To:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=vAyNXclhwgjZr9T1/bc4GVeHIMRaTL/9wptpaN9maZ+nfDuql296AKW7bKbVZjTc7Kxm/LVu1PZnV/yGP7kkUgh85F7DOS5uhoT3TOqD0GOyFqonI9KDsmtJIjsC60IhpMXLv7HZVJufpJshQnyA9kdyMG5HE8/A5t1g+eI5vZU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=pks.im; spf=pass smtp.mailfrom=pks.im; dkim=pass (2048-bit key) header.d=pks.im header.i=@pks.im header.b=fbsk871Q; dkim=pass (2048-bit key) header.d=messagingengine.com header.i=@messagingengine.com header.b=PEBHEy1C; arc=none smtp.client-ip=64.147.123.24 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=pks.im Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=pks.im Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=pks.im header.i=@pks.im header.b="fbsk871Q"; dkim=pass (2048-bit key) header.d=messagingengine.com header.i=@messagingengine.com header.b="PEBHEy1C" Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.west.internal (Postfix) with ESMTP id 035323200B05 for ; Wed, 24 Jan 2024 07:31:43 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Wed, 24 Jan 2024 07:31:44 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pks.im; h=cc :content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:subject :subject:to:to; s=fm3; t=1706099503; x=1706185903; bh=pA2GQV2EXS 8oDUKryKfkR99t59ozY1mdz5CBDDCUsxs=; b=fbsk871Qlca+xESw7qG0pOMD67 d/1As9ENiDLtHbTC1BNBCbE1/nmI5MEujBlhspj045KrKrTMaDb12IAtQwJK0j4l UUtuwYJW5XxDLssUQKfCbLmEqDW1sLz5qjpCTOLTCd2Mt1MwkiA88XoFKgSH6dkh wplJ8W5PVlDy2sOoa9YumRPd0dcqpLbGtHjNbNq5z788n2UP1SYa7T9CyyU67DcZ 64coiWKuKbatp1kjyBvIcfGByZVCE8palHNmZkcuzjgHPbuODWnXCfJWW8r+vmKP TP8FAEoBq4/ebX5z33hKWnyOQrlIk3e/Zpirw2vAk3eZprWZQoGefbUQNpZg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; t=1706099503; x=1706185903; bh=pA2GQV2EXS8oDUKryKfkR99t59oz Y1mdz5CBDDCUsxs=; b=PEBHEy1ChL06XvzqkliIW8srDHgAQzarhs3HMf7NmkVz vIoHopwFwhMZ4lnSpMZI6EJAzJc+AA+q+xrhlprA2PvHbettF7DoMSvb9PFwuBrH 6kG6q6B8rF9dZx8F/cnjFr3UZelyZCY/ZilYN0pcsKCff2Q+XZ+U0p01WDwAJ1Yb sZrazdLenqoxmD9Iwl8BSonKWwPCleTDI7plNtlS4J+O4wlbUs7Ke+GZQuaw8ZJh gkPaNQGA771K4lacIz6diEUXGb4+tCPxhEbEMfu/Q/GWHG5bkuNmvdZFRWNalfSh ONCGKjNm2g9OMyfAXYi8epnE6l/Vtb7I7CQfTTLUcA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrvdeluddgfeekucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpeffhffvuffkfhggtggujgesghdtre ertddtvdenucfhrhhomheprfgrthhrihgtkhcuufhtvghinhhhrghrughtuceophhssehp khhsrdhimheqnecuggftrfgrthhtvghrnhepheeghfdtfeeuffehkefgffduleffjedthf dvjeektdfhhedvlefgtefgvdettdfhnecuvehluhhsthgvrhfuihiivgeptdenucfrrghr rghmpehmrghilhhfrhhomhepphhssehpkhhsrdhimh X-ME-Proxy: Feedback-ID: i197146af:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA for ; Wed, 24 Jan 2024 07:31:42 -0500 (EST) Received: by vm-mail (OpenSMTPD) with ESMTPSA id 9844f6e6 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO) for ; Wed, 24 Jan 2024 12:28:36 +0000 (UTC) Date: Wed, 24 Jan 2024 13:31:41 +0100 From: Patrick Steinhardt To: git@vger.kernel.org Subject: [PATCH 2/2] reftable/stack: adjust permissions of compacted tables Message-ID: References: Precedence: bulk X-Mailing-List: git@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: When creating a new compacted table from a range of preexisting ones we don't set the default permissions on the resulting table when specified by the user. This has the effect that the "core.sharedRepository" config will not be honored correctly. Fix this bug and add a test to catch this issue. Signed-off-by: Patrick Steinhardt --- reftable/stack.c | 6 ++++++ reftable/stack_test.c | 25 +++++++++++++++++++++++-- 2 files changed, 29 insertions(+), 2 deletions(-) diff --git a/reftable/stack.c b/reftable/stack.c index c6e4dc4b2b..27cc586460 100644 --- a/reftable/stack.c +++ b/reftable/stack.c @@ -731,6 +731,12 @@ static int stack_compact_locked(struct reftable_stack *st, int first, int last, strbuf_addstr(temp_tab, ".temp.XXXXXX"); tab_fd = mkstemp(temp_tab->buf); + if (st->config.default_permissions && + fchmod(tab_fd, st->config.default_permissions) < 0) { + err = REFTABLE_IO_ERROR; + goto done; + } + wr = reftable_new_writer(reftable_fd_write, &tab_fd, &st->config); err = stack_write_compact(st, wr, first, last, config); diff --git a/reftable/stack_test.c b/reftable/stack_test.c index 289e902146..2e7d1768b7 100644 --- a/reftable/stack_test.c +++ b/reftable/stack_test.c @@ -443,15 +443,16 @@ static void test_reftable_stack_add(void) int err = 0; struct reftable_write_options cfg = { .exact_log_message = 1, + .default_permissions = 0660, }; struct reftable_stack *st = NULL; char *dir = get_tmp_dir(__LINE__); - struct reftable_ref_record refs[2] = { { NULL } }; struct reftable_log_record logs[2] = { { NULL } }; + struct strbuf scratch = STRBUF_INIT; + struct stat stat_result; int N = ARRAY_SIZE(refs); - err = reftable_new_stack(&st, dir, cfg); EXPECT_ERR(err); st->disable_auto_compact = 1; @@ -509,12 +510,32 @@ static void test_reftable_stack_add(void) reftable_log_record_release(&dest); } +#ifndef GIT_WINDOWS_NATIVE + strbuf_addstr(&scratch, dir); + strbuf_addstr(&scratch, "/tables.list"); + err = stat(scratch.buf, &stat_result); + EXPECT(!err); + EXPECT((stat_result.st_mode & 0777) == cfg.default_permissions); + + strbuf_reset(&scratch); + strbuf_addstr(&scratch, dir); + strbuf_addstr(&scratch, "/"); + /* do not try at home; not an external API for reftable. */ + strbuf_addstr(&scratch, st->readers[0]->name); + err = stat(scratch.buf, &stat_result); + EXPECT(!err); + EXPECT((stat_result.st_mode & 0777) == cfg.default_permissions); +#else + (void) stat_result; +#endif + /* cleanup */ reftable_stack_destroy(st); for (i = 0; i < N; i++) { reftable_ref_record_release(&refs[i]); reftable_log_record_release(&logs[i]); } + strbuf_release(&scratch); clear_dir(dir); }