lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 20 Jun 2011 16:41:50 +0200 From: Jan Kara <jack@...e.cz> To: Wang Shaoyan <stufever@...il.com> Cc: Jan Kara <jack@...e.cz>, linux-ext4@...r.kernel.org, Wang Shaoyan <wangshaoyan.pt@...bao.com>, Ted Tso <tytso@....edu> Subject: Re: [PATCH] ext4: Set file system to read-only by I/O error threshold On Mon 20-06-11 22:12:48, Wang Shaoyan wrote: > Thanks for your reply! > 2011/6/20 Jan Kara <jack@...e.cz>: > > > Hum, if I understand your problem right, you should just mount the > > filesystem with errors=remount-ro and you will get the behavior you need. > > Or what is insufficient on that solution? Your patch surely provides more > > flexibility but is that really needed? > > > > 1.There are more than ten hard disks in each of our production > machine, so it is not right for > making the whole system panic, only based on one error in one harddisk. > 2.There may be multiple tasks which access the same hard drive at the > same time, so it is > not ideal for changing the system to readonly, only based on one error > in one task, > while other task may be killed. > > That's why we have a relaxed restrictions, only when the error counter > is grower than our > threshold, we change fs to readonly or panic. > When a system has a dozen hard drives, each hard drive is running > several tasks on time, > this feature is a real demand. OK, but then your changelog is just misleading because your need for the feature has nothing to do with different error behavior in ext4 nojournal mode as far as I understand. So please describe your real needs in the changelog as you described them above... That being said I'm not sure such policies like when to remount fs read-only belong to the kernel. It would seem more appropriate to me to somehow propagate information about all IO errors to user space and have some monitoring daemon (be it Hadoop or Nagios or whatever people use) handle remounting the filesystem and marking the disk as offline. But this is just my opinion and I don't want to block this feature. It's more a suggestion for other people... Honza -- Jan Kara <jack@...e.cz> SUSE Labs, CR -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists