lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 04 Nov 2008 15:17:14 -0500
From:	Trond Myklebust <trond.myklebust@....uio.no>
To:	Jeff Layton <jlayton@...hat.com>
Cc:	Andrew Morton <akpm@...ux-foundation.org>,
	linux-nfs@...r.kernel.org, linux-kernel@...r.kernel.org,
	hch@...radead.org
Subject: Re: [PATCH] lockd: convert reclaimer thread to kthread interface

On Tue, 2008-11-04 at 14:46 -0500, Jeff Layton wrote:
> On Tue, 04 Nov 2008 14:26:21 -0500
> Trond Myklebust <trond.myklebust@....uio.no> wrote:
> 
> > On Tue, 2008-11-04 at 13:42 -0500, Jeff Layton wrote:
> > > While we're on the subject of signals...
> > > 
> > > Do you have any thoughts/objections to just making the reclaimer thread
> > > ignore them altogether? That would simplify the code a bit.
> > 
> > How does the administrator then get out of the situation where the
> > server dies (permanently) in the middle of a reclaim?
> > 
> 
> Erm...Reboot? :)
> 
> Ok, I'm convinced. I suppose that's a good enough argument for
> continuing to allow SIGKILL. I guess the only change we need to make to
> this patch for now is to remove the "memory leak" comment (unless there
> is a leak and I'm just not seeing it).

Hold on... I'm not saying that I'm absolutely wedded to the idea of
SIGKILL. I'm just stating the reason for allowing it in the first place.

All booting NLM servers will have a finite grace period during which
lock recovery is allowed, so it is obvious that retrying each RPC call
forever is not a good solution. The questions are then "How long do you
wait before giving up?" and "What do you do after timing out?".

One solution may be to let the administrator set a time-out via a
sysctl, and then set a policy for how to deal with the failure. A
reasonable set of possible policies may be to either retry recovery at a
later time, or to wait for a new reboot notification from the server, or
at some point to start sending out SIGLOST to the applications...

Cheers
  Trond

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ