lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.64.1111301136360.5759@hs20-bc2-1.build.redhat.com>
Date:	Wed, 30 Nov 2011 11:53:40 -0500 (EST)
From:	Mikulas Patocka <mpatocka@...hat.com>
To:	Alasdair G Kergon <agk@...hat.com>
cc:	Jan Kara <jack@...e.cz>, esandeen@...hat.com,
	linux-kernel@...r.kernel.org, dm-devel@...hat.com,
	linux-fsdevel@...r.kernel.org,
	Christopher Chaltain <christopher.chaltain@...onical.com>,
	Valerie Aurora <val@...consulting.com>
Subject: Re: [dm-devel] [PATCH] deadlock with suspend and quotas



On Wed, 30 Nov 2011, Alasdair G Kergon wrote:

> On Tue, Nov 29, 2011 at 11:19:01AM +0100, Jan Kara wrote:
> > So I believe the consensus was that we should not block sync or flusher

Well, I think that not blocking sync actually doesn't help at all.

Suppose at first that you have a perfectly-barriered filesystem --- that 
is filesystem, that contains barriers around all code paths that could 
possibly create dirty data. In this case it is impossible to have dirty 
data while the filesystem is suspended. --- In this case you can call 
sync on suspened filesystem as much as you like, sync never finds ady 
dirty data, consequently it never tries to write anything and it can't 
deadlock. So skipping sync has no effect.

Suppose as a second case that you have imperfectly-barriered filesystem 
--- that means there exists a code path that creates dirty data while the 
filesystem is suspended. In this case if you skip sync, you are violating 
sync semantics, because the application can create dirty data while 
suspended, call sync while still suspended and assume that the dirty data 
was written.

So --- in case 1 skipping sync has no effect and in case 2 you trade one 
bug for another --- you avoid deadlock and you introduce violations of 
sync semantics.

Mikulas

> Consensus where?
> 
> > thread on frozen filesystem. Firstly, it's kind of ugly from user
> > perspective (you cannot sync filesystems on your system while one
> > filesystem is frozen???), secondly, in case of flusher thread it has some
> > serious implications if there are more filesystems on the same device - you
> > would effectively stop any writeback to the device possibly hanging the
> > whole system due to dirty limit being exceeded. So at least in these two
> > cases we should just ignore frozen filesystem.
> 
> The sync only needs to block on a particular fs if there is data to flush.
> 
> A sync that originated in a way that can only be independent of any
> application that is changing the fs may skip that fs if it is frozen.
> 
> It's the user's responsibility only to freeze filesystems for very brief
> periods of time if they are still being changed.
> 
> ?
>  
> Alasdair
> 
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ