| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20121122084713.69e5b1fc@notabene.brown>
Date: Thu, 22 Nov 2012 08:47:13 +1100
From: NeilBrown <neilb@...e.de>
To: Jan Kara <jack@...e.cz>
Cc: "Darrick J. Wong" <darrick.wong@...cle.com>, axboe@...nel.dk,
lucho@...kov.net, ericvh@...il.com, tytso@....edu,
rminnich@...dia.gov, viro@...iv.linux.org.uk,
martin.petersen@...cle.com, david@...morbit.com,
linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
adilger.kernel@...ger.ca, bharrosh@...asas.com, jlayton@...ba.org,
v9fs-developer@...ts.sourceforge.net, linux-ext4@...r.kernel.org
Subject: Re: [PATCH 4/4] ext3: Warn if mounting rw on a disk requiring
stable page writes
On Wed, 21 Nov 2012 22:33:33 +0100 Jan Kara <jack@...e.cz> wrote:
> On Wed 21-11-12 13:13:19, Darrick J. Wong wrote:
> > On Wed, Nov 21, 2012 at 03:15:43AM +0100, Jan Kara wrote:
> > > On Tue 20-11-12 18:00:56, Darrick J. Wong wrote:
> > > > ext3 doesn't properly isolate pages from changes during writeback. Since the
> > > > recommended fix is to use ext4, for now we'll just print a warning if the user
> > > > tries to mount in write mode.
> > > >
> > > > Signed-off-by: Darrick J. Wong <darrick.wong@...cle.com>
> > > > ---
> > > > fs/ext3/super.c | 8 ++++++++
> > > > 1 file changed, 8 insertions(+)
> > > >
> > > >
> > > > diff --git a/fs/ext3/super.c b/fs/ext3/super.c
> > > > index 5366393..5b3725d 100644
> > > > --- a/fs/ext3/super.c
> > > > +++ b/fs/ext3/super.c
> > > > @@ -1325,6 +1325,14 @@ static int ext3_setup_super(struct super_block *sb, struct ext3_super_block *es,
> > > > "forcing read-only mode");
> > > > res = MS_RDONLY;
> > > > }
> > > > + if (!read_only &&
> > > > + queue_requires_stable_pages(bdev_get_queue(sb->s_bdev))) {
> > > > + ext3_msg(sb, KERN_ERR,
> > > > + "error: ext3 cannot safely write data to a disk "
> > > > + "requiring stable pages writes; forcing read-only "
> > > > + "mode. Upgrading to ext4 is recommended.");
> > > > + res = MS_RDONLY;
> > > > + }
> > > > if (read_only)
> > > > return res;
> > > > if (!(sbi->s_mount_state & EXT3_VALID_FS))
> > > Why this? ext3 should be fixed by your change to
> > > filemap_page_mkwrite()... Or does testing show otherwise?
> >
> > Yes, it's still broken even with this new set of changes. Now that I think
> > about it a little more, I recall that writeback mode was actually fine, so this
> > is a little harsh.
> >
> > Hm... looking at the ordered code a little more, it looks like
> > ext3_ordered_write_end is calling journal_dirty_data_fn, which (I guess?) tries
> > to write mapped buffers back through the journal? Taking it out seems to fix
> > ordered mode, though I have a suspicion that it might very well break ordered
> > mode too.
> Oh, right. kjournald writing buffers directly (without setting
> PageWriteback) will break things. So please, change warning to:
>
> /*
> * In data=ordered mode, kjournald writes buffers without setting
> * PageWriteback bit thus generic code does not properly wait for
> * writeback of those buffers to finish.
> */
> if (!read_only &&
> test_opt(sb, DATA_FLAGS) == EXT3_MOUNT_ORDERED_DATA &&
> queue_requires_stable_pages(bdev_get_queue(sb->s_bdev))) {
> ext3_msg(sb, KERN_ERR,
> "error: data=ordered mode does not support stable "
> "page writes required by the disk; forcing read-only "
> "mode. Upgrading to ext4 is recommended.");
> res = MS_RDONLY;
> }
>
> then you need a similar check in ext3_remount() so that filesystem cannot
> be remounted read-write.
>
> Honza
Given this restriction, there is no way that I can change md/raid5 to set the
"stable pages" flag and stop copying pages into the stripe-cache. ext3 on
raid5 will be much too common to allow this breakage.
I would really like to be able to say "I prefer stable pages, but they aren't
a requirement as long as I know which is which" ....
NeilBrown
Download attachment "signature.asc" of type "application/pgp-signature" (829 bytes)
Powered by blists - more mailing lists