Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-15557

CryptoInputStream can't handle concurrent access; inconsistent with HDFS



    • Improvement
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 3.2.0
    • None
    • fs
    • None


      In general, the non-positional read APIs for streams in Hadoop Common are meant to be used by only a single thread at a time. It would not make much sense to have concurrent multi-threaded access to seek+read because they modify the stream's file position. Multi-threaded access on input streams can be done using positional read APIs. Multi-threaded access on output streams probably never makes sense.

      In the case of DFSInputStream, the positional read APIs are marked synchronized, so that even when misused, no strange exceptions are thrown. The results are just somewhat undefined in that it's hard for a thread to know which position was read from. However, when running on an encrypted file system, the results are much worse: since CryptoInputStream's read methods are not marked synchronized, the caller can get strange ByteBuffer exceptions or even a JVM crash due to concurrent use and free of underlying OpenSSL Cipher buffers.

      The crypto stream wrappers should be made more resilient to such misuse, for example by:
      (a) making the read methods safer by making them synchronized (so they have the same behavior as DFSInputStream)
      (b) trying to detect concurrent access to these methods and throwing ConcurrentModificationException so that the user is alerted to their probable misuse.


        Issue Links



              Unassigned Unassigned
              tlipcon Todd Lipcon
              0 Vote for this issue
              10 Start watching this issue