| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 7 Feb 2017 14:52:47 -0500 From: Theodore Ts'o <tytso@....edu> To: Andreas Dilger <adilger@...ger.ca> Cc: Ext4 Developers List <linux-ext4@...r.kernel.org> Subject: Re: [PATCH 6/7] ext4: add shutdown bit and check for it On Mon, Feb 06, 2017 at 12:51:46PM -0700, Andreas Dilger wrote: > On Feb 5, 2017, at 12:34 AM, Theodore Ts'o <tytso@....edu> wrote: > > > > Add a shutdown bit that will cause ext4 processing to fail immediately > > with EIO. > > Does it make sense to combine the checks for "shutdown", "abort", and > "read-only" into a single check, instead of sprinkling separate checks > throughout the code? It seems like many of the places where > ext4_forced_shutdown() is checked should also be checking for read-only > and abort, even if they aren't today. I've thought about that. At the moment forced_shutdown will actually return errors for some read-only operations as well --- for example, we immediately return an error in ext4_file_open() and ext4_file_mmap(). And I had considered adding it to some additional read operations (e.g., readpage, readpages, etc.) on the theory that if we know the block device should be treated as dead, maybe we should add shortcut error returns for them as well. (Especially since the SCSI layer and error handling have historically not necessarily gone together well like chocolate and peanut butter. :-) So I decided to keep the shutdown and implementation of errors=remount-ro separate for now, but it is a good question for us to consider. - Ted
Powered by blists - more mailing lists