| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 27 Oct 2012 18:16:26 -0400 From: Theodore Ts'o <tytso@....edu> To: "Luck, Tony" <tony.luck@...el.com> Cc: Naoya Horiguchi <n-horiguchi@...jp.nec.com>, "Kleen, Andi" <andi.kleen@...el.com>, "Wu, Fengguang" <fengguang.wu@...el.com>, Andrew Morton <akpm@...ux-foundation.org>, Jan Kara <jack@...e.cz>, Jun'ichi Nomura <j-nomura@...jp.nec.com>, Akira Fujita <a-fujita@...jp.nec.com>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "linux-mm@...ck.org" <linux-mm@...ck.org>, "linux-ext4@...r.kernel.org" <linux-ext4@...r.kernel.org> Subject: Re: [PATCH 2/3] ext4: introduce ext4_error_remove_page On Fri, Oct 26, 2012 at 10:24:23PM +0000, Luck, Tony wrote: > > Well, we could set a new attribute bit on the file which indicates > > that the file has been corrupted, and this could cause any attempts to > > open the file to return some error until the bit has been cleared. > > That sounds a lot better than renaming/moving the file. What I would recommend is adding a #define FS_CORRUPTED_FL 0x01000000 /* File is corrupted */ ... and which could be accessed and cleared via the lsattr and chattr programs. > > Application programs could also get very confused when any attempt to > > open or read from a file suddenly returned some new error code (EIO, > > or should we designate a new errno code for this purpose, so there is > > a better indication of what the heck was going on?) > > EIO sounds wrong ... but it is perhaps the best of the existing codes. Adding > a new one is also challenging too. I think we really need a different error code from EIO; it's already horribly overloaded already, and if this is new behavior when the customers get confused and call up the distribution help desk, they won't thank us if we further overload EIO. This is abusing one of the System V stream errno's, but no one else is using it: #define EADV 68 /* Advertise error */ I note that we've already added a new error code: #define EHWPOISON 133 /* Memory page has hardware error */ ... although the glibc shipping with Debian testing hasn't been taught what it is, so strerror(EHWPOISON) returns "Unknown error 133". We could simply allow open(2) and stat(2) return this error, although I wonder if we're just better off defining a new error code. > 18 years ago Intel rather famously attempted to sell users on the > idea that a rare divide error that sometimes gave the wrong answer > could be ignored. Before my time at Intel, but it is still burned > into the corporate psyche that customers really don't like to get > the wrong answers from their computers. ... and yet, people are generally not willing to pay the few extra dollars for ECC memory, such that even if I want ECC for a laptop or a desktop machine, it's generally not available without paying $$$$ for a server-class motherboard. :-( The lesson I'd take from that incident is that customers really hate it when it's trivial to reproduce the error, especially using the something as simple and universal as the Windows Calculator application. Anyway, that's neither here nor there. Perhaps it's enough to simply log an error with a sufficient level of severity that it gets saved in log files, at least for now. - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists