lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 12 Apr 2018 14:31:10 -0700 From: Matthew Wilcox <willy@...radead.org> To: Jeff Layton <jlayton@...hat.com> Cc: Andres Freund <andres@...razel.de>, "Theodore Y. Ts'o" <tytso@....edu>, Dave Chinner <david@...morbit.com>, Andreas Dilger <adilger@...ger.ca>, 20180410184356.GD3563@...nk.org, Ext4 Developers List <linux-ext4@...r.kernel.org>, Linux FS Devel <linux-fsdevel@...r.kernel.org>, "Joshua D. Drake" <jd@...mandprompt.com> Subject: Re: fsync() errors is unsafe and risks data loss On Thu, Apr 12, 2018 at 05:14:54PM -0400, Jeff Layton wrote: > On Thu, 2018-04-12 at 13:28 -0700, Matthew Wilcox wrote: > > On Thu, Apr 12, 2018 at 01:13:22PM -0700, Andres Freund wrote: > > > I think a per-file or even per-blockdev/fs error state that'd be > > > returned by fsync() would be more than sufficient. > > > > Ah; this was my suggestion to Jeff on IRC. That we add a per- > > superblock > > wb_err and then allow syncfs() to return it. So you'd open an fd on > > a directory (for example), and call syncfs() which would return -EIO > > or -ENOSPC if either of those conditions had occurred since you > > opened > > the fd. > > Not a bad idea and shouldn't be too costly. mapping_set_error could > flag the superblock one before or after the one in the mapping. > > We'd need to define what happens if you interleave fsync and syncfs > calls on the same inode though. How do we handle file->f_wb_err in that > case? Would we need a second field in struct file to act as the per-sb > error cursor? Ooh. I hadn't thought that through. Bleh. I don't want to add a field to struct file for this uncommon case. Maybe O_PATH could be used for this? It gets you a file descriptor on a particular filesystem, so syncfs() is defined, but it can't report a writeback error. So if you open something O_PATH, you can use the file's f_wb_err for the mapping's error cursor.
Powered by blists - more mailing lists