From: "Rafael J. Wysocki" <rafael@kernel.org>
To: Jan Kara <jack@suse.cz>
Cc: Dave Chinner <david@fromorbit.com>,
"Rafael J. Wysocki" <rjw@rjwysocki.net>,
Jiri Kosina <jikos@kernel.org>,
Alan Stern <stern@rowland.harvard.edu>,
Pavel Machek <pavel@ucw.cz>,
"Rafael J. Wysocki" <rafael.j.wysocki@intel.com>,
Christoph Hellwig <hch@lst.de>,
Linus Torvalds <torvalds@linux-foundation.org>,
Al Viro <viro@zeniv.linux.org.uk>, Tejun Heo <tj@kernel.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
linux-fsdevel@vger.kernel.org,
"linux-pm@vger.kernel.org" <linux-pm@vger.kernel.org>
Subject: Re: [PATCH 0/3] PM, vfs: use filesystem freezing instead of kthread freezer
Date: Tue, 3 Nov 2015 22:33:21 +0100 [thread overview]
Message-ID: <CAJZ5v0iamJrZ5FtX8PuiAhH9yLdGapmYq40HBHtQ7QGRUEPooA@mail.gmail.com> (raw)
In-Reply-To: <20151103093133.GB4063@quack.suse.cz>
Hi,
On Tue, Nov 3, 2015 at 10:31 AM, Jan Kara <jack@suse.cz> wrote:
> On Tue 03-11-15 11:10:53, Dave Chinner wrote:
>> On Mon, Nov 02, 2015 at 03:43:07AM +0100, Rafael J. Wysocki wrote:
>> > I guess it may also helps to address the case when a device is removed from a
>> > suspended system, written to on another system in the meantime and inserted
>> > back into the (still suspended) original system which then is resumed. Today
>> > this is an almost guaranteed data corruption scenario, but if the filesystem in
>> > question is properly frozen during suspend, the driver should be able to detect
>> > superblock changes during unfreeze.
>>
>> Never going to work. There is no guarantee that a write to a
>> filesystem by a third party device is going to change the superblock
>> (or any metadata in the rest of the filesystem) in any detectable
>> way. Hence freezing filesystems will not prevent Bad Things
>> Happening if you do this while your system is suspended.
>
> Agreed, we should never advertise something like this works. OTOH the truth
> is that e.g. in ext4 case a simple check in ext4_unfreeze() could catch 90%
> of cases where user shot himself in the foot like this (i.e., ext4 driver
> will update write time in superblock if it gets mounted somewhere else and
> we can check whether that didn't change in ext4_unfreeze()) and refuse to
> touch the filesystem... It is not 100% reliable since user could have used
> e.g. debuge2fs to arbitrarily modify the filesystem but in such cases they
> have to know what they are doing anyway.
Well, my idea was to use this for sanity checking. I guess that
sanity checks here don't really hurt, do they? And if they fail,
perhaps we can just avoid touching the fs again for safety reasons?
Thanks,
Rafael
next prev parent reply other threads:[~2015-11-03 21:33 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-10-30 13:47 [PATCH 0/3] PM, vfs: use filesystem freezing instead of kthread freezer Jiri Kosina
2015-10-30 13:47 ` [PATCH 1/3] power, vfs: move away from PF_KTHREAD freezing in favor of fs freezing Jiri Kosina
2015-10-30 14:04 ` kbuild test robot
2015-10-31 8:55 ` Oliver Neukum
2015-11-02 3:01 ` Neil Brown
2015-11-02 7:54 ` yalin wang
2015-11-02 11:05 ` Jiri Kosina
2015-10-30 13:47 ` [PATCH 2/3] freezer: get rid of the kthread freezer Jiri Kosina
2015-10-30 14:08 ` kbuild test robot
2015-10-30 14:12 ` kbuild test robot
2015-10-30 13:48 ` [PATCH 3/3] freezer: warn if anyone is trying to use freezer on kthreads Jiri Kosina
2015-10-30 15:29 ` [PATCH 0/3] PM, vfs: use filesystem freezing instead of kthread freezer Alan Stern
2015-10-30 17:44 ` Pavel Machek
2015-10-30 19:40 ` Jiri Kosina
2015-10-30 20:41 ` Alan Stern
2015-10-30 21:17 ` Jiri Kosina
2015-10-31 3:15 ` Rafael J. Wysocki
2015-10-31 8:19 ` Jiri Kosina
2015-11-02 2:43 ` Rafael J. Wysocki
2015-11-02 10:45 ` Jiri Kosina
2015-11-02 11:00 ` Oliver Neukum
2015-11-02 15:18 ` Alan Stern
2015-11-03 0:10 ` Dave Chinner
2015-11-03 4:06 ` Rafael J. Wysocki
2015-11-03 9:31 ` Jan Kara
2015-11-03 21:33 ` Rafael J. Wysocki [this message]
2015-10-31 16:01 ` Alan Stern
2015-10-31 15:56 ` Alan Stern
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAJZ5v0iamJrZ5FtX8PuiAhH9yLdGapmYq40HBHtQ7QGRUEPooA@mail.gmail.com \
--to=rafael@kernel.org \
--cc=david@fromorbit.com \
--cc=hch@lst.de \
--cc=jack@suse.cz \
--cc=jikos@kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pm@vger.kernel.org \
--cc=pavel@ucw.cz \
--cc=rafael.j.wysocki@intel.com \
--cc=rjw@rjwysocki.net \
--cc=stern@rowland.harvard.edu \
--cc=tj@kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).