sd-bus: deal with cookie overruns #11818

poettering · 2019-02-25T10:09:41Z

Apparently this happens IRL. Let's carefully deal with issues like this:
when we overrun, let's not go back to zero but instead leave the highest
cookie bit set. We use that as indication that we are in "overrun
territory", and then are particularly careful with checking cookies,
i.e. that they haven't been used for still outstanding replies yet. This
should retain the quick cookie generation behaviour we used to have, but
permits dealing with overruns.

Replaces: #11804

Apparently this happens IRL. Let's carefully deal with issues like this: when we overrun, let's not go back to zero but instead leave the highest cookie bit set. We use that as indication that we are in "overrun territory", and then are particularly careful with checking cookies, i.e. that they haven't been used for still outstanding replies yet. This should retain the quick cookie generation behaviour we used to have, but permits dealing with overruns. Replaces: systemd#11804 Fixes: systemd#11809

keszybz · 2019-02-26T07:44:33Z

src/libsystemd/sd-bus/sd-bus.c

+                                goto good;
+
+                        new_cookie = cookie_inc(new_cookie);
+                }


Hmm, so if get to the for loop, new_cookie must be COOKIE_CYCLED, and it is never increased again. So this is an "infinite" loop, in the sense that we'll always do full 2**31 iterations.

Can we please have a unittest for this?

no, it goes like this:

1 → 2 → 3 → … → CC-2 → CC-1 → CC → CC+1 → CC+2 → … → UM-2 → UM-1 → UM ↑ ↓ ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ←

Were CC is COOKIE_CYCLED is 2^31 and UM is UINT32_MAX-1, i.e. 2^32-1

Indeed. I misunderstood the code.

So this looks OK, and I think we can merge it. A test would still be very welcome.
Maybe also add your comment above as a comment in the code.

keszybz · 2019-02-28T12:43:04Z

src/libsystemd/sd-bus/sd-bus.c

+                                goto good;
+
+                        new_cookie = cookie_inc(new_cookie);
+                }


Indeed. I misunderstood the code.

So this looks OK, and I think we can merge it. A test would still be very welcome.
Maybe also add your comment above as a comment in the code.

poettering added the sd-bus label Feb 25, 2019

poettering mentioned this pull request Feb 25, 2019

Fix to the sd_bus->cookie as dbus1 serial number overflow issue #11804

Closed

poettering force-pushed the bus-cookie-overrun branch from 98516a7 to 3ff71f0 Compare February 25, 2019 10:23

keszybz requested changes Feb 26, 2019

View reviewed changes

keszybz added the reviewed/needs-rework 🔨 PR has been reviewed and needs another round of reworks label Feb 26, 2019

poettering added the downstream/rhel Tracking bugs for RHEL label Feb 27, 2019

keszybz approved these changes Feb 28, 2019

View reviewed changes

keszybz removed the reviewed/needs-rework 🔨 PR has been reviewed and needs another round of reworks label Feb 28, 2019

keszybz merged commit 1f82f5b into systemd:master Feb 28, 2019

sixijun mentioned this pull request Mar 28, 2019

sd-bus: deal with cookie overruns lnykryn/systemd-rhel#320

Closed

sd-bus: deal with cookie overruns #11818

sd-bus: deal with cookie overruns #11818

poettering commented Feb 25, 2019

keszybz Feb 26, 2019

poettering Feb 26, 2019 •

edited

keszybz Feb 28, 2019

keszybz Feb 28, 2019

sd-bus: deal with cookie overruns #11818

sd-bus: deal with cookie overruns #11818

Conversation

poettering commented Feb 25, 2019

keszybz Feb 26, 2019

Choose a reason for hiding this comment

poettering Feb 26, 2019 • edited

Choose a reason for hiding this comment

keszybz Feb 28, 2019

Choose a reason for hiding this comment

keszybz Feb 28, 2019

Choose a reason for hiding this comment

poettering Feb 26, 2019 •

edited