[
https://issues.apache.org/jira/browse/HDDS-1664?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Bharat Viswanadham updated HDDS-1664:
-------------------------------------
Description:
In OpenKey, we first check bucket exists/volume exists then acquire lock.
There might be a case, like where we have checked for bucket, volume exists,
then there is in parallel a delete bucket operation acquired lock and deleted
bucket after our checks are done in openKey. Then once delete Bucket is done,
we release lock, and openKey acquires bucket lock, we might create an openKey
in a deleted bucket. If security is enabled, we might see NPE also for this.
I think we should check for bucket,volume exists once after acquiring the lock.
Let me know if any other suggestions.
OpenKey.java:
Line 452:
OmBucketInfo bucketInfo = getBucketInfo(volumeName, bucketName);
encInfo = getFileEncryptionInfo(bucketInfo);
Line 2015:
private FileEncryptionInfo getFileEncryptionInfo(OmBucketInfo bucketInfo)
throws IOException {
FileEncryptionInfo encInfo = null;
BucketEncryptionKeyInfo ezInfo = bucketInfo.getEncryptionKeyInfo();
was:
In OpenKey, we first check bucket exists/volume exists then acquire lock.
There might be a case, like where we have checked for bucket, volume exists,
then there is in parallel a delete bucket operation acquired lock and deleted
bucket after our checks are done in openKey. Then once delete Bucket is done,
we release lock, and openKey acquires bucket lock, we might create an openKey
in a deleted bucket. If security is enabled, we might see NPE also for this.
I think we should check for bucket,volume exists once after acquiring the lock.
OpenKey.java:
Line 452:
OmBucketInfo bucketInfo = getBucketInfo(volumeName, bucketName);
encInfo = getFileEncryptionInfo(bucketInfo);
Line 2015:
private FileEncryptionInfo getFileEncryptionInfo(OmBucketInfo bucketInfo)
throws IOException {
FileEncryptionInfo encInfo = null;
BucketEncryptionKeyInfo ezInfo = bucketInfo.getEncryptionKeyInfo();
> OpenKey logic issue
> -------------------
>
> Key: HDDS-1664
> URL: https://issues.apache.org/jira/browse/HDDS-1664
> Project: Hadoop Distributed Data Store
> Issue Type: Bug
> Reporter: Bharat Viswanadham
> Assignee: Bharat Viswanadham
> Priority: Major
>
> In OpenKey, we first check bucket exists/volume exists then acquire lock.
> There might be a case, like where we have checked for bucket, volume exists,
> then there is in parallel a delete bucket operation acquired lock and deleted
> bucket after our checks are done in openKey. Then once delete Bucket is done,
> we release lock, and openKey acquires bucket lock, we might create an openKey
> in a deleted bucket. If security is enabled, we might see NPE also for this.
>
> I think we should check for bucket,volume exists once after acquiring the
> lock. Let me know if any other suggestions.
> OpenKey.java:
> Line 452:
> OmBucketInfo bucketInfo = getBucketInfo(volumeName, bucketName);
> encInfo = getFileEncryptionInfo(bucketInfo);
>
> Line 2015:
> private FileEncryptionInfo getFileEncryptionInfo(OmBucketInfo bucketInfo)
> throws IOException {
> FileEncryptionInfo encInfo = null;
> BucketEncryptionKeyInfo ezInfo = bucketInfo.getEncryptionKeyInfo();
>
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
