lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 12 Apr 2018 13:28:30 -0700
From:   Matthew Wilcox <>
To:     Andres Freund <>
Cc:     "Theodore Y. Ts'o" <>,
        Dave Chinner <>,
        Jeff Layton <>,
        Andreas Dilger <>,,
        Ext4 Developers List <>,
        Linux FS Devel <>,
        "Joshua D. Drake" <>
Subject: Re: fsync() errors is unsafe and risks data loss

On Thu, Apr 12, 2018 at 01:13:22PM -0700, Andres Freund wrote:
> I think a per-file or even per-blockdev/fs error state that'd be
> returned by fsync() would be more than sufficient.

Ah; this was my suggestion to Jeff on IRC.  That we add a per-superblock
wb_err and then allow syncfs() to return it.  So you'd open an fd on
a directory (for example), and call syncfs() which would return -EIO
or -ENOSPC if either of those conditions had occurred since you opened
the fd.

>  I don't see that
> that'd realistically would trigger OOM or the inability to unmount a
> filesystem.

Ted's referring to the current state of affairs where the writeback error
is held in the inode; if we can't evict the inode because it's holding
the error indicator, that can send us OOM.  If instead we transfer the
error indicator to the superblock, then there's no problem.

Powered by blists - more mailing lists