| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 24 Aug 2021 12:53:24 -0400
From: Gabriel Krisman Bertazi <krisman@...labora.com>
To: Jan Kara <jack@...e.cz>
Cc: "Darrick J. Wong" <djwong@...nel.org>, amir73il@...il.com,
jack@...e.com, linux-api@...r.kernel.org,
linux-ext4@...r.kernel.org, linux-fsdevel@...r.kernel.org,
khazhy@...gle.com, dhowells@...hat.com, david@...morbit.com,
tytso@....edu, repnop@...gle.com, kernel@...labora.com
Subject: Re: [PATCH v6 18/21] fanotify: Emit generic error info type for
error event
Jan Kara <jack@...e.cz> writes:
> On Mon 16-08-21 14:41:03, Darrick J. Wong wrote:
>> On Thu, Aug 12, 2021 at 05:40:07PM -0400, Gabriel Krisman Bertazi wrote:
>> > The Error info type is a record sent to users on FAN_FS_ERROR events
>> > documenting the type of error. It also carries an error count,
>> > documenting how many errors were observed since the last reporting.
>> >
>> > Signed-off-by: Gabriel Krisman Bertazi <krisman@...labora.com>
>> >
>> > ---
>> > Changes since v5:
>> > - Move error code here
>> > ---
>> > fs/notify/fanotify/fanotify.c | 1 +
>> > fs/notify/fanotify/fanotify.h | 1 +
>> > fs/notify/fanotify/fanotify_user.c | 36 ++++++++++++++++++++++++++++++
>> > include/uapi/linux/fanotify.h | 7 ++++++
>> > 4 files changed, 45 insertions(+)
>>
>> <snip>
>>
>> > diff --git a/include/uapi/linux/fanotify.h b/include/uapi/linux/fanotify.h
>> > index 16402037fc7a..80040a92e9d9 100644
>> > --- a/include/uapi/linux/fanotify.h
>> > +++ b/include/uapi/linux/fanotify.h
>> > @@ -124,6 +124,7 @@ struct fanotify_event_metadata {
>> > #define FAN_EVENT_INFO_TYPE_FID 1
>> > #define FAN_EVENT_INFO_TYPE_DFID_NAME 2
>> > #define FAN_EVENT_INFO_TYPE_DFID 3
>> > +#define FAN_EVENT_INFO_TYPE_ERROR 4
>> >
>> > /* Variable length info record following event metadata */
>> > struct fanotify_event_info_header {
>> > @@ -149,6 +150,12 @@ struct fanotify_event_info_fid {
>> > unsigned char handle[0];
>> > };
>> >
>> > +struct fanotify_event_info_error {
>> > + struct fanotify_event_info_header hdr;
>> > + __s32 error;
>> > + __u32 error_count;
>> > +};
>>
>> My apologies for not having time to review this patchset since it was
>> redesigned to use fanotify. Someday it would be helpful to be able to
>> export more detailed error reports from XFS, but as I'm not ready to
>> move forward and write that today, I'll try to avoid derailling this at
>> the last minute.
>
> I think we are not quite there and tweaking the passed structure is easy
> enough so no worries. Eventually, passing some filesystem-specific blob
> together with the event was the plan AFAIR. You're right now is a good
> moment to think how exactly we want that passed.
>
>> Eventually, XFS might want to be able to report errors in file data,
>> file metadata, allocation group metadata, and whole-filesystem metadata.
>> Userspace can already gather reports from XFS about corruptions reported
>> by the online fsck code (see xfs_health.c).
>
> Yes, although note that the current plan is that we currently have only one
> error event queue, others are just added to error_count until the event is
> fetched by userspace (on the grounds that the first error is usually the
> most meaningful, the others are usually just cascading problems). But I'm
> not sure if this scheme would be suitable for online fsck usecase since we
> may discard even valid independent errors this way.
>
>> I /think/ we could subclass the file error structure that you've
>> provided like so:
>>
>> struct fanotify_event_info_xfs_filesystem_error {
>> struct fanotify_event_info_error base;
>>
>> __u32 magic; /* 0x58465342 to identify xfs */
>> __u32 type; /* quotas, realtime bitmap, etc. */
>> };
>>
>> struct fanotify_event_info_xfs_perag_error {
>> struct fanotify_event_info_error base;
>>
>> __u32 magic; /* 0x58465342 to identify xfs */
>> __u32 type; /* agf, agi, agfl, bno btree, ino btree, etc. */
>> __u32 agno; /* allocation group number */
>> };
>>
>> struct fanotify_event_info_xfs_file_error {
>> struct fanotify_event_info_error base;
>>
>> __u32 magic; /* 0x58465342 to identify xfs */
>> __u32 type; /* extent map, dir, attr, etc. */
>> __u64 offset; /* file data offset, if applicable */
>> __u64 length; /* file data length, if applicable */
>> };
>>
>> (A real XFS implementation might have one structure with the type code
>> providing for a tagged union or something; I split it into three
>> separate structs here to avoid confusing things.)
>
> The structure of fanotify event as passed to userspace generally is:
>
> struct fanotify_event_metadata {
> __u32 event_len;
> __u8 vers;
> __u8 reserved;
> __u16 metadata_len;
> __aligned_u64 mask;
> __s32 fd;
> __s32 pid;
> };
>
> If event_len is > sizeof(struct fanotify_event_metadata), userspace is
> expected to look for struct fanotify_event_info_header after struct
> fanotify_event_metadata. struct fanotify_event_info_header looks like:
>
> struct fanotify_event_info_header {
> __u8 info_type;
> __u8 pad;
> __u16 len;
> };
>
> Again if the end of this info (defined by 'len') is smaller than
> 'event_len', there is next header with next payload of data. So for example
> error event will have:
>
> struct fanotify_event_metadata
> struct fanotify_event_info_error
> struct fanotify_event_info_fid
>
> Now either we could add fs specific blob into fanotify_event_info_error
> (but then it would be good to add 'magic' to fanotify_event_info_error now
> and define that if 'len' is larger, fs-specific blob follows after fixed
> data) or we can add another info type FAN_EVENT_INFO_TYPE_ERROR_FS_DATA
> (i.e., attach another structure into the event) which would contain the
> 'magic' and then blob of data. I don't have strong preference.
In the v1 of this patchset [1] I implemented the later option, a new
info type that the filesystem could provide as a blob. It was dropped
by Amir's request to leave it out of the discussion at that moment. Should I
ressucitate it for the next iteration? I believe it would attend to XFS needs.
[1] https://lwn.net/ml/linux-fsdevel/20210426184201.4177978-12-krisman@collabora.com/
--
Gabriel Krisman Bertazi
Powered by blists - more mailing lists