[Lustre-devel] client-side reply handling

Eric Barton eeb at sun.com
Fri Dec 4 03:07:42 PST 2009

> On 2009-12-03, at 08:00, Eric Barton wrote:
> > Edited from IRC...
> >>
> >> <Liang> eeb_: do you mean, we can be 100% sure it's safe to unpack
> >>        in-place only when the buffer is unlinked? so it is better
> >>        to unregister reply buffer before calling into
> >>        after_reply()->unpack_reply()?
> >
> > Yes, I think so.  While the reply buffer remains attached, it's
> > possible to overwrite it at any time.  This could happen if...
> >
> > a) The server is buggy or malign
> Let's hope we never have to worry about malicious server nodes...

We do.

> > b) The request is re-sent and the same reply matchbits are used,
> >   which is what I think happens currently for non-bulk reqs.
> In theory, the reply to the re-sent request should be identical due
> to reply reconstruction, so it shouldn't matter if it happens to
> overwrite the same buffer.

We're at the mercy of the sender here.  The only robust option is never
to interpret volatile buffers.

More information about the lustre-devel mailing list