lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Thu, 5 Jun 2008 10:29:48 -0400
From:	Theodore Tso <tytso@....edu>
To:	Hidehiro Kawai <hidehiro.kawai.ez@...achi.com>
Cc:	Jan Kara <jack@...e.cz>, Andrew Morton <akpm@...ux-foundation.org>,
	sct@...hat.com, adilger@....com, linux-kernel@...r.kernel.org,
	linux-ext4@...r.kernel.org, jbacik@...hat.com, cmm@...ibm.com,
	yumiko.sugita.yf@...achi.com, satoshi.oshima.fk@...achi.com
Subject: Re: [PATCH 1/5] jbd: strictly check for write errors on data
	buffers

On Thu, Jun 05, 2008 at 08:33:27PM +0900, Hidehiro Kawai wrote:
> 
> My patch doesn't change the policy.  JBD aborts the journal when
> it detects I/O error in file data since 2.6.11.  Perhaps this patch:
> http://marc.info/?l=linux-kernel&m=110483888632225
> I just added missing error checkings.
> 

Looking at the code paths touched by patch you referenced, you are
correct.  And Andrew even signed off on it.  :-)

But if someone was only examining the patch, it wasn't obvious that
the journal was getting aborted when the JBD layer was forcing buffers
from t_sync_datalist to disk.  So I suspect the change went in without
proper consideration of the net effect.  You just called it out
explicitly in the subject line, which caused Andrew to ask some good
questions; questions that weren't asked in 2005.

> I agree.  I understood that there is a case where we don't want to
> make the fs read-only when writing file data failed.  OTOH there are
> people who want to make the fs read-only to avoid the damage from
> expanding.  Introducing the tunable would be better.
> I'm going to send a patch to make this behavior tunable if some of you
> agree on this way.

Note that doing this right may be tricky, since in the case where we
aren't aborting the journal, we need to set the appropriate flags in
the page cache so that when the user calls fsync() or close(), that
they get the EIO error.

						- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists