Bug 838609 - guestmount + fusermount allows a race condition when unmounting and immediately using the disk image
guestmount + fusermount allows a race condition when unmounting and immediate...
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: libguestfs (Show other bugs)
6.3
x86_64 Linux
unspecified Severity high
: rc
: ---
Assigned To: Richard W.M. Jones
Virtualization Bugs
:
Depends On: 838592
Blocks: 835466
  Show dependency treegraph
 
Reported: 2012-07-09 11:17 EDT by Richard W.M. Jones
Modified: 2013-02-21 03:38 EST (History)
8 users (show)

See Also:
Fixed In Version: libguestfs-1.16.30-2.el6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 838592
Environment:
Last Closed: 2013-02-21 03:38:33 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Richard W.M. Jones 2012-07-09 11:17:54 EDT
+++ This bug was initially created as a clone of Bug #838592 +++

The current design of guestmount allows a race condition when
unmounting a disk image:

  guestmount -a disk.img -i /mnt
  # copy things into /mnt
  fusermount -u /mnt
  # immediately try to use 'disk.img' <-- UNSAFE

The problem is that guestmount cleanup happens asynchronously
after fusermount has returned.  It is not safe to use 'disk.img'
until guestmount has exited, but there is no simple way to tell
when it has exited.

Suggest adding 'guestmount --pid-file=...' option so that a
PID file can be written, and then programs can wait for the PID
to exit after the fusermount.

Also we should document this.

--- Additional comment from pbrady@redhat.com on 2012-07-09 10:44:37 EDT ---

The same issue is referenced here:
http://code.google.com/p/s3ql/issues/detail?id=159
which in turn references this thread on the subject from 2006:
http://thread.gmane.org/gmane.comp.file-systems.fuse.devel/3903
And another case from 2008:
http://permalink.gmane.org/gmane.comp.file-systems.fuse.devel/6502

So it's been on the TODO list for 6 years.

--- Additional comment from rjones@redhat.com on 2012-07-09 11:14:46 EDT ---

Patches posted:

https://www.redhat.com/archives/libguestfs/2012-July/msg00027.html

Only patches 1, 3 and 4 are really relevant to this bug.
Patch 2 is a doc fix in a related part of the man page.
Comment 2 Mohua Li 2012-11-08 03:50:47 EST
the time might quite short, after fusermount return, and before guestmount finished cleanup, so not quite easy to reproduce, any suggestion for this, Rich?
Comment 3 Richard W.M. Jones 2012-11-08 03:58:52 EST
I think you just need to check that RHEL 6.4 guestmount
has the --pid-file option.

The race condition has *not* been fixed (and cannot be fixed).
The fix is for callers -- OpenStack in this case -- to use
the guestmount --pid-file option.

$ guestmount --version
guestmount 1.16.32rhel=6,release=3.el6
$ guestmount --pid-file
guestmount: option '--pid-file' requires an argument
Try `guestmount --help' for more information.
Comment 4 Richard W.M. Jones 2012-11-08 04:01:25 EST
.. and check that --pid-file actually writes a PID file!
Comment 5 Mohua Li 2012-11-08 06:48:56 EST
[root@station2 tmp]# guestmount --version
guestmount 1.16.32rhel=6,release=3.el6


the solution is "Suggest adding 'guestmount --pid-file=...' option so that a
PID file can be written, and then programs can wait for the PID
to exit after the fusermount."

[root@station2 tmp]# guestmount --pid-file pid  -a RHEL-Server-5.9-32-pv.raw -i test 
[root@station2 tmp]# cat pid
6043

so other program could get the pid from file, and wait for the $pid process to exit, to avoid the race condition,
Comment 7 errata-xmlrpc 2013-02-21 03:38:33 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-0324.html

Note You need to log in before you can comment on or make changes to this bug.