lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20170619123614.GA20405@quack2.suse.cz>
Date:   Mon, 19 Jun 2017 14:36:14 +0200
From:   Jan Kara <jack@...e.cz>
To:     Tahsin Erdogan <tahsin@...gle.com>
Cc:     Jan Kara <jack@...e.cz>, Jan Kara <jack@...e.com>,
        Theodore Ts'o <tytso@....edu>,
        Andreas Dilger <adilger.kernel@...ger.ca>,
        Dave Kleikamp <shaggy@...nel.org>,
        Alexander Viro <viro@...iv.linux.org.uk>,
        Mark Fasheh <mfasheh@...sity.com>,
        Joel Becker <jlbec@...lplan.org>, Jens Axboe <axboe@...com>,
        Deepa Dinamani <deepa.kernel@...il.com>,
        Mike Christie <mchristi@...hat.com>,
        Fabian Frederick <fabf@...net.be>, linux-ext4@...r.kernel.org,
        linux-kernel@...r.kernel.org, jfs-discussion@...ts.sourceforge.net,
        linux-fsdevel@...r.kernel.org, ocfs2-devel@....oracle.com,
        reiserfs-devel@...r.kernel.org
Subject: Re: [PATCH 28/28] quota: add extra inode count to dquot transfer
 functions

On Mon 19-06-17 04:46:00, Tahsin Erdogan wrote:
> >> I tried that approach by adding a "int get_inode_usage(struct inode
> >> *inode, qsize_t *usage)" callback to dquot_operations. Unfortunately,
> >> ext4 code that calculates the number of internal inodes
> >> (ext4_xattr_inode_count()) is subject to failures so the callback has
> >> to be able to report errors. And, that itself is problematic because
> >> we can't afford to have errors in dquot_free_inode(). If you have
> >> thoughts about how to address this please let me know.
> >
> > Well, you can just make dquot_free_inode() return error. Now most callers
> > won't be able to do much with an error from dquot_free_inode() but that's
> > the case also for other things during inode deletion - just handle it as
> > other fatal failures during inode freeing.
> >
> I just checked dquot_free_inode() to see whether it calls anything
> that could fail. It calls mark_all_dquot_dirty() and ignores the
> return code from it. I would like to follow the same for the
> get_inode_usage() as the only use case for get_inode_usage() (ext4)
> should not fail at inode free time.
> 
> Basically, I want to avoid changing return type from void to int
> because it would create a new responsibility for the filesystem
> implementations who do not know how to deal with it.

Heh, this "pushing of responsibility" looks like a silly game. If an error
can happen in a function, it is better to report it as far as easily
possible (unless we can cleanly handle it which we cannot here). I'm guilty
of making dquot_free_inode() ignore errors from mark_all_dquot_dirty() and
in retrospect it would have been better if these were propagated to the
caller as well. And eventually we can fix this if we decide we care enough.
I'm completely fine with just returning an error from dquot_free_inode()
and ignore it in all the callers except for ext4. Then filesystems which
care enough can try to handle the error. That way we at least don't
increase the design debt from the past.

								Honza
-- 
Jan Kara <jack@...e.com>
SUSE Labs, CR

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ