From: Milan Broz <mbroz@redhat.com>
To: device-mapper development <dm-devel@redhat.com>
Cc: Nikanth Karthikesan <knikanth@suse.de>,
Alasdair G Kergon <agk@redhat.com>,
Stefan Assmann <s.assmann@gmx.de>
Subject: Re: [PATCH] Just inform and dont warn when DM_DEV_REMOVE is tried on a open device
Date: Tue, 20 Apr 2010 10:00:18 +0200 [thread overview]
Message-ID: <4BCD5F12.7080107@redhat.com> (raw)
In-Reply-To: <201004201246.58828.knikanth@suse.de>
On 04/20/2010 09:16 AM, Nikanth Karthikesan wrote:
> Dont warn when DM_DEV_REMOVE ioctl is tried on a open device.
>
> On openSUSE when cryptsetup and udev interact, cryptsetup sometimes tries to
> remove a dm device currently opened by blkid, which is not a serious issue to
> print a kernel warning. The application should retry if -EBUSY is returned. So
> let us make it an informational message instead.
> - DMWARN("unable to remove open device %s", hc->name);
> + DMINFO("unable to remove open device %s", hc->name);
NAK.
Firstly, it is security problem if someone from udev rules tries to open
temporary-cryptsetup device, it contains only private key material.
Secondly, it must be solved on application level and not paper kernel using
patches which hides errors.
FYI there is already patch in upstream cryptsetup which uses udev cookie mechanism.
It still cannot solve artificial change events (which causes scan from rules randomly),
but should help here. (will be in cryptsetup 1.1.1)
Milan
next prev parent reply other threads:[~2010-04-20 8:00 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-04-20 7:16 [PATCH] Just inform and dont warn when DM_DEV_REMOVE is tried on a open device Nikanth Karthikesan
2010-04-20 8:00 ` Milan Broz [this message]
2010-04-20 8:43 ` Nikanth Karthikesan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4BCD5F12.7080107@redhat.com \
--to=mbroz@redhat.com \
--cc=agk@redhat.com \
--cc=dm-devel@redhat.com \
--cc=knikanth@suse.de \
--cc=s.assmann@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.