lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 30 Mar 2009 22:17:32 +0200
From:	Jens Axboe <jens.axboe@...cle.com>
To:	Linus Torvalds <torvalds@...ux-foundation.org>
Cc:	Fernando Luis Vázquez Cao 
	<fernando@....ntt.co.jp>, Jeff Garzik <jeff@...zik.org>,
	Christoph Hellwig <hch@...radead.org>,
	Theodore Tso <tytso@....edu>, Ingo Molnar <mingo@...e.hu>,
	Alan Cox <alan@...rguk.ukuu.org.uk>,
	Arjan van de Ven <arjan@...radead.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Peter Zijlstra <a.p.zijlstra@...llo.nl>,
	Nick Piggin <npiggin@...e.de>, David Rees <drees76@...il.com>,
	Jesper Krogh <jesper@...gh.cc>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	chris.mason@...cle.com, david@...morbit.com, tj@...nel.org
Subject: Re: [PATCH 1/7] block: Add block_flush_device()

On Mon, Mar 30 2009, Linus Torvalds wrote:
> 
> 
> On Mon, 30 Mar 2009, Jens Axboe wrote:
> > 
> > Sorry, I just don't see much point to doing it this way instead. So now
> > the fs will have to check a queue bit after it has issued the flush, how
> > is that any better than having the 'error' returned directly?
> 
> No.
> 
> Now the fs SHOULD NEVER CHECK AT ALL.
> 
> Either it did the ordering, or the FS cannot do anything about it. 
> 
> That's the point. EOPNOTSUPP is n ot a useful error message. You can't 
> _do_ anything about it.

My point is that some file systems may or may not have different paths
or optimizations depending on whether barriers are enabled and working
or not. Apparently that's just reiserfs and Chris says we can remove it,
so it is probably a moot point.

And that is for the barrier write btw, NOT blkdev_issue_flush(). For the
latter it obviously doesn't matter if you return -EOPNOTSUPP or not, as
long as you warn. And before you yell on, please read on below...

> > > Sure, the device may or may not re-order things, but since the caller 
> > > can't know, and can't really do a thing about it _anyway_, you're just 
> > > better off not even confusing anybody.
> > 
> > I'd call that a pretty reckless approach to data integrity, honestly.
> 
> It has _nothing_ to do with 'reckless'. It has everything to do with 'you 
> can't do anything about it'.

No, but you better damn well inform of such a discovery!

> > You HAVE to issue an error in this case.
> 
> No. Returning an error just means that now the box is useless. Nobody can 
> do anything about it. Not the admin, not the driver writer, not anybody. 

What, that's nonsense. The admin can certainly check whether it's an
issue or not, and he should. That's different from handling it in the
kernel or in the application, but you have to inform about it. I
honestly cannot fathom why you don't think that is important.

> Ok, so a device didn't support flushing. We don't know why, we don't know 
> if it needed it, we simply don't know. There's nothing to do. But 
> returning an error to user mode is unacceptable, because that will result 
> in everything just -failing-. 
> 
> And total failure is much worse than "we don't know whether the thing 
> serialized".

That is not what I meant with returning it to the user. My point was
that you have to notify that the error occured, which means putting a
printk() (or whatever) in that blkdev_issue_flush(). I guess most of the
miscommunication stems from this, I don't want -EOPNOTSUPP returned to
user space, but I want some notification that tells the admin that this
device doesn't support flushes. And if the file systems use the same
path for barrier or no barriers, then it's perfectly fine to have them
share the very same "flush doesn't work bit" and the same single warning
that we don't know whether ordering is preserved on this device or not.

IOW, what I'm advocating is just a simple:

@@
        if (err == -EOPNOTSUPP) {
+               if (!is_queue_noflush(q)) {
+                       warn();
                        set_queue_noflush(q);
                }
        }

change to the pseudo-patch you posted.

-- 
Jens Axboe

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ