On Wed, Aug 27, 2025 at 05:18:23PM +0200, Miklos Szeredi wrote: > On Wed, 27 Aug 2025 at 00:07, Joanne Koong <joannelkoong@xxxxxxxxx> wrote: > > > Isn't the sync() in fuse right now gated by fc->sync_fs (which is only > > set to true for virtiofsd)? I don't see where FUSE_SETATTR or > > FUSE_FSYNC get sent in the sync() path to untrusted servers. > > Hmm, it's through sync_inodes_one_sb() that fuse_write_inode() could > get called, which then would trigger a FUSE_SETATTR. <nod> So SETATTR is a theoretical DoS vector, but that's already a property of most filesystems that write to an off-cpu device such as a disk or another computer. ;) > Does anyone know how useful sync() is in practice? I guess most > applications have switched to syncfs() which is more specific. Well old greybeards such as myself reboot busted systems with $ sync $ sync $ sync <sysrq-b> because that's what you'd type after "startx &" fscked up the display. It's 2025 and ... that still happens. :( Debian codesearch shows a few thousand hits for sync(), some of which are in things like LibreOffice. > In any case, I don't remember a complaint about sync(2) ignoring fuse > filesystems. Well sync() will poke all the fuse filesystems, right? --D > Thanks, > Miklos
