lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <174786678835.1385354.17591732684085988440.stgit@frogsfrogsfrogs> Date: Wed, 21 May 2025 15:47:12 -0700 From: "Darrick J. Wong" <djwong@...nel.org> To: tytso@....edu Cc: linux-ext4@...r.kernel.org Subject: [PATCH 08/10] fuse2fs: improve error handling behaviors From: Darrick J. Wong <djwong@...nel.org> Make the behavior of fuse2fs on filesystem errors consistent with what the kernel driver does. Sort of. We can't panic the kernel, but we can abort the server, which leaves a dead mount. Signed-off-by: "Darrick J. Wong" <djwong@...nel.org> --- misc/fuse2fs.c | 41 ++++++++++++++++++++++++++++++++++++++--- 1 file changed, 38 insertions(+), 3 deletions(-) diff --git a/misc/fuse2fs.c b/misc/fuse2fs.c index 2d4b9c8f51264e..7f9f230f37ed2b 100644 --- a/misc/fuse2fs.c +++ b/misc/fuse2fs.c @@ -152,7 +152,7 @@ struct fuse2fs { uint8_t ro; uint8_t debug; uint8_t no_default_opts; - uint8_t panic_on_error; + uint8_t errors_behavior; /* actually an enum */ uint8_t minixdf; uint8_t fakeroot; uint8_t alloc_all_blocks; @@ -841,6 +841,9 @@ _("Mounting read-only without recovering journal.")); err_printf(ff, "%s\n", _("Orphans detected; running e2fsck is recommended.")); + if (!ff->errors_behavior) + ff->errors_behavior = fs->super->s_errors; + return 0; } @@ -4488,6 +4491,7 @@ enum { FUSE2FS_HELPFULL, FUSE2FS_CACHE_SIZE, FUSE2FS_DIRSYNC, + FUSE2FS_ERRORS_BEHAVIOR, }; #define FUSE2FS_OPT(t, p, v) { t, offsetof(struct fuse2fs, p), v } @@ -4495,7 +4499,6 @@ enum { static struct fuse_opt fuse2fs_opts[] = { FUSE2FS_OPT("ro", ro, 1), FUSE2FS_OPT("rw", ro, 0), - FUSE2FS_OPT("errors=panic", panic_on_error, 1), FUSE2FS_OPT("minixdf", minixdf, 1), FUSE2FS_OPT("bsddf", minixdf, 0), FUSE2FS_OPT("fakeroot", fakeroot, 1), @@ -4514,6 +4517,7 @@ static struct fuse_opt fuse2fs_opts[] = { FUSE_OPT_KEY("nodelalloc", FUSE2FS_IGNORED), FUSE_OPT_KEY("cache_size=%s", FUSE2FS_CACHE_SIZE), FUSE_OPT_KEY("dirsync", FUSE2FS_DIRSYNC), + FUSE_OPT_KEY("errors=%s", FUSE2FS_ERRORS_BEHAVIOR), FUSE_OPT_KEY("-V", FUSE2FS_VERSION), FUSE_OPT_KEY("--version", FUSE2FS_VERSION), @@ -4548,6 +4552,21 @@ static int fuse2fs_opt_proc(void *data, const char *arg, return -1; } + /* do not pass through to libfuse */ + return 0; + case FUSE2FS_ERRORS_BEHAVIOR: + if (strcmp(arg + 7, "continue") == 0) + ff->errors_behavior = EXT2_ERRORS_CONTINUE; + else if (strcmp(arg + 7, "remount-ro") == 0) + ff->errors_behavior = EXT2_ERRORS_RO; + else if (strcmp(arg + 7, "panic") == 0) + ff->errors_behavior = EXT2_ERRORS_PANIC; + else { + fprintf(stderr, "%s: %s\n", arg, + _("unknown errors behavior.")); + return -1; + } + /* do not pass through to libfuse */ return 0; case FUSE2FS_IGNORED: @@ -4574,6 +4593,8 @@ static int fuse2fs_opt_proc(void *data, const char *arg, " allow_others,default_permissions,suid,dev\n" " -o directio use O_DIRECT to read and write the disk\n" " -o cache_size=N[KMG] use a disk cache of this size\n" + " -o errors= behavior when an error is encountered:\n" + " continue|remount-ro|panic\n" "\n", outargs->argv[0]); if (key == FUSE2FS_HELPFULL) { @@ -4962,8 +4983,22 @@ static int __translate_error(ext2_filsys fs, ext2_ino_t ino, errcode_t err, fs->super->s_error_count++; ext2fs_mark_super_dirty(fs); ext2fs_flush(fs); - if (ff->panic_on_error) + switch (ff->errors_behavior) { + case EXT2_ERRORS_CONTINUE: + err_printf(ff, "%s\n", + _("Continuing after errors; is this a good idea?.")); + break; + case EXT2_ERRORS_RO: + err_printf(ff, "%s\n", + _("Remounting read-only due to errors.")); + fs->flags &= ~EXT2_FLAG_RW; + break; + case EXT2_ERRORS_PANIC: + err_printf(ff, "%s\n", + _("Aborting filesystem mount due to errors.")); abort(); + break; + } return ret; }
Powered by blists - more mailing lists