cfg: Reimplement vswitchd config file locking reliably.
The lock file protocol used until now for the vswitchd configuration file
was intended for use with serial devices that are not opened very often
and stay open for a relatively long time (typically minutes or hours).
This protocol contains possible (though probably unimportant) races, e.g.
between one locker reading the contents of the lock file and another
writing to it; if the reader saw a write of a partial PID then it could
think that an nonexistent process owned it and thereby delete it. It is
probably possible to fix this race, by writing to a temporary file
and link()ing the temporary file to the lock file.
Also, cfg_unlock() had a race in its unlock order: the lock file should be
unlinked before it is closed; otherwise another process could race in and
unlink and replace the lock file, and then when the unlocking process
resumes it would unlink the other process's still-active lock file.
But the serial lock file protocol has other problems for our purposes, at
least:
* It is rather complicated, which makes it more difficult to implement
in other languages (such as Python, which the interface-reconfigure
script should be doing itself).
* There is no way to wait for the lock to become available without
polling.
This commit replaces the serial lock file protocol by one that does not
have any of these shortcomings. The primary difference is that it uses a
single long-lived lock file, to which the kernel's blocking F_SETLKW fcntl
operation can be applied, instead of a series of short-lived lock files,
for which there is no way to wait.
projects / openvswitch / commit