lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 12 Mar 2008 16:59:03 +0100
From:	Matthias Koenig <mkoenig@...e.de>
To:	Dave Kleikamp <shaggy@...ux.vnet.ibm.com>
Cc:	"Theodore Ts'o" <tytso@....edu>, ludwig.nussel@...e.de,
	linux-ext4@...r.kernel.org
Subject: Re: [PATCH] [RFC] New fsck option to ignore device-mapper crypto devices

Dave Kleikamp <shaggy@...ux.vnet.ibm.com> writes:

> I don't understand the question.  If the fs_passno field is zero, fsck
> isn't even going to try to check the filesystem, so having no device is
> no problem.

Agreed, in case of zero there is no problem.

>> How should we specify that we want these filesystems to be checked or not 
>> at a later time in the boot process after the crypto devices have been
>> set up?
>
> This is why I asked if fsck was being run with the -A flag in step d.
> If it's not, then I'm not clear on why fs_passno has anything to do with
> it.  Is there some script that looks at this field in /etc/fstab for
> step d?

Right, fsck -A is *not* called in step d and the fs_passno is in
principle unrelated to this.
There is a boot script for setting up, fscking and mounting the 
crypto devices. As the crypto fileystems are supposed to be defined in
/etc/fstab looking at fs_passno by the script to find out if the
filesystem should be checked or not seems reasonable to me.

> If that's the case, then I suggest a more general solution.  Either some
> special value for fs_passno that defers the fsck for a later pass, or a
> simplified version of your proposed patch without the crypto-specific
> part.

1. Do we agree that fstab fs_passno could be used besides fsck -A by a 
   separate script to decide if a filesystem (that could not be checked 
   in the fsck -A phase) should be checked?

2. If yes, what would be a proper way?

   a) special value for fs_passno?
      I don't know if this is reasonable, we already have a "nofail"
      mount option. We can already call fsck with something like
      (assuming crypto devices being tagged with the nofail option)
      fsck -A -t noopts=nofail 
      So giving either a special fs_passno value or an additional option 
      seems to be the same: one has to put an additional value into fstab.

   b) a general "ignore if device does not exist" option?
      Still I am not sure if we really *generally* want to ignore
      devices which are not available at fsck -A phase. The behaviour
      of fsck to fail in this case is probably on purpose?

Note, the whole discussion applies to crypto filesystems living in a
container file. Encrypted block devices can be set up earlier so they
could be checked in the normal fsck -A stage (Suse currently does not
do this, but I am planning to change this).
So, since the issue will remain only for file containers, it might be not
worth adding a new option for fsck. But it would be nice have the
fsck behaviour on non-existent device failure clarified.

Thanks,
Matthias
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ