Re: [PATCH 0/3] PM, vfs: use filesystem freezing instead of kthread freezer

From: Rafael J. Wysocki
Date: Tue Nov 03 2015 - 16:33:27 EST

Next message: David Miller: "Re: [GIT PULL] parisc architecture updates for v4.3"
Previous message: kbuild test robot: "Re: [PATCH 09/13] Move bp_type_idx to kernel/event/hw_breakpoint.c"
In reply to: Jan Kara: "Re: [PATCH 0/3] PM, vfs: use filesystem freezing instead of kthread freezer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

On Tue, Nov 3, 2015 at 10:31 AM, Jan Kara <jack@xxxxxxx> wrote:
> On Tue 03-11-15 11:10:53, Dave Chinner wrote:
>> On Mon, Nov 02, 2015 at 03:43:07AM +0100, Rafael J. Wysocki wrote:
>> > I guess it may also helps to address the case when a device is removed from a
>> > suspended system, written to on another system in the meantime and inserted
>> > back into the (still suspended) original system which then is resumed. Today
>> > this is an almost guaranteed data corruption scenario, but if the filesystem in
>> > question is properly frozen during suspend, the driver should be able to detect
>> > superblock changes during unfreeze.
>>
>> Never going to work. There is no guarantee that a write to a
>> filesystem by a third party device is going to change the superblock
>> (or any metadata in the rest of the filesystem) in any detectable
>> way. Hence freezing filesystems will not prevent Bad Things
>> Happening if you do this while your system is suspended.
>
> Agreed, we should never advertise something like this works. OTOH the truth
> is that e.g. in ext4 case a simple check in ext4_unfreeze() could catch 90%
> of cases where user shot himself in the foot like this (i.e., ext4 driver
> will update write time in superblock if it gets mounted somewhere else and
> we can check whether that didn't change in ext4_unfreeze()) and refuse to
> touch the filesystem... It is not 100% reliable since user could have used
> e.g. debuge2fs to arbitrarily modify the filesystem but in such cases they
> have to know what they are doing anyway.

Well, my idea was to use this for sanity checking. I guess that
sanity checks here don't really hurt, do they? And if they fail,
perhaps we can just avoid touching the fs again for safety reasons?

Thanks,
Rafael
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: David Miller: "Re: [GIT PULL] parisc architecture updates for v4.3"
Previous message: kbuild test robot: "Re: [PATCH 09/13] Move bp_type_idx to kernel/event/hw_breakpoint.c"
In reply to: Jan Kara: "Re: [PATCH 0/3] PM, vfs: use filesystem freezing instead of kthread freezer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]