Jianchun Xu created RANGER-4506:
-----------------------------------
Summary: Illegal read lock usage in getMetadata/getKeyVersion
Key: RANGER-4506
URL: https://issues.apache.org/jira/browse/RANGER-4506
Project: Ranger
Issue Type: Bug
Components: kms
Reporter: Jianchun Xu
RangerKeyStoreProvider illegally writes to key store under Read lock. This
happens in both getMetadata and getKeyVersion.
E.g. in following getKeyVersion, under Read lock, the code calls
`dbStore.engineLoad(null, masterKey)` which reloads all the keys. Since
multiple threads can hold the Read lock, multiple threads can enter and reload
all the keys. Thus the 2nd `dbStore.engineContainsAlias(versionName)` test and
following `dbStore.engineGetDecryptedZoneKeyByte(versionName)` can both get
wrong result if another threads is reloading keys.
[https://github.com/apache/ranger/blob/master/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java#L331]
{code:java}
@Override
public KeyVersion getKeyVersion(String versionName) throws IOException {
if (logger.isDebugEnabled()) {
logger.debug("==> getKeyVersion({})", versionName);
}
KeyVersion ret = null;
try (AutoClosableReadLock ignored = new AutoClosableReadLock(lock)) {
if (keyVaultEnabled) {
try {
boolean versionNameExists =
dbStore.engineContainsAlias(versionName);
if (!versionNameExists) {
dbStore.engineLoad(null, masterKey);
versionNameExists =
dbStore.engineContainsAlias(versionName);
}
if (versionNameExists) {
byte[] decryptKeyByte;
try {
decryptKeyByte =
dbStore.engineGetDecryptedZoneKeyByte(versionName);
{code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
