linux-fsdevel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Al Viro <viro@zeniv.linux.org.uk>
To: Boaz Harrosh <boaz@plexistor.com>
Cc: "Kai Mäkisara (Kolumbus)" <kai.makisara@kolumbus.fi>,
	"Christoph Hellwig" <hch@lst.de>,
	linux-fsdevel@vger.kernel.org,
	"Octavian Purdila" <octavian.purdila@intel.com>,
	"Pantelis Antoniou" <pantelis.antoniou@konsulko.com>,
	"Linus Torvalds" <torvalds@linux-foundation.org>,
	linux-scsi@vger.kernel.org
Subject: Re: [RFC] Re: broken userland ABI in configfs binary attributes
Date: Thu, 29 Aug 2019 23:22:58 +0100	[thread overview]
Message-ID: <20190829222258.GA16625@ZenIV.linux.org.uk> (raw)
In-Reply-To: <20190827172734.GS1131@ZenIV.linux.org.uk>

On Tue, Aug 27, 2019 at 06:27:35PM +0100, Al Viro wrote:

> Most of them are actually pure bollocks - "it can never happen, but if it does,
> let's return -EWHATEVER to feel better".  Some are crap like -EINTR, which is
> also bollocks - for one thing, process might've been closing files precisely
> because it's been hit by SIGKILL.  For another, it's a destructor.  It won't
> be retried by the caller - there's nothing called for that object afterwards.
> What you don't do in it won't be done at all.
> 
> And some are "commit on final close" kind of thing, both with the hardware
> errors and parsing errors.

FWIW, here's the picture for fs/*: 6 instances.

afs_release():
	 calls vfs_fsync() if file had been opened for write, tries to pass
	the return value to caller.  Job for ->flush(), AFAICS.

coda_psdev_release():
	returns -1 in situation impossible after successful ->open().
	Can't happen without memory corruption.

configfs_release_bin_file():
	discussed upthread

dlm device_close():
	returns -ENOENT if dlm_find_lockspace_local(proc->lockspace) fails.
No idea if that can happen.

reiserfs_file_release():
	tries to return an error if it can't free preallocated blocks.

xfs_release():
	similar to the previous case.

In kernel/*: ftrace_graph_release() might return -ENOMEM.  No idea whether it's
actually possible.

In net/*: none

In sound/*: 4 instances.

snd_pcm_oss_release():
        if (snd_BUG_ON(!substream))
                return -ENXIO;
	IOW, whine in impossible case.

snd_pcm_release():
	ditto.

sq_release():
        if (file->f_mode & FMODE_WRITE) {
                if (write_sq.busy)
                        rc = sq_fsync();
	subsequently returns rc; sq_fsync() can return an error, both on timeout
	and in case of interrupted wait.

snd_hwdep_release():
	passes the return value of hwdep ->release() method; two of those
	can return an error.   snd_asihpi_hpi_release() is, AFAICS, impossible,
	unless you manage to flip this module_param(enable_hpi_hwdep, bool, 0644);
	off after opening a file.  And snd_usX2Y_hwdep_pcm_release() calls
	usX2Y_pcms_busy_check() and passes its return value out.  No idea
	whether that can be triggered.


In other words, the real mess is hidden in drivers/*...

  parent reply	other threads:[~2019-08-29 22:23 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-08-26  2:48 broken userland ABI in configfs binary attributes Al Viro
2019-08-26 16:29 ` [RFC] " Al Viro
2019-08-26 18:20   ` Matthew Wilcox
2019-08-26 19:28     ` Al Viro
2019-08-27  8:51       ` Miklos Szeredi
2019-08-27 11:58         ` Al Viro
2019-08-27 12:21           ` Miklos Szeredi
2019-08-27 12:53             ` Al Viro
2019-08-31  8:32       ` Christoph Hellwig
2019-08-31 13:35         ` Al Viro
2019-08-31 14:44           ` Christoph Hellwig
2019-08-31 15:58             ` Al Viro
2019-08-26 18:34   ` "Kai Mäkisara (Kolumbus)"
2019-08-26 19:32     ` Al Viro
2019-08-27 15:01       ` Boaz Harrosh
2019-08-27 17:27         ` Al Viro
2019-08-27 17:59           ` Boaz Harrosh
2019-08-29 22:22           ` Al Viro [this message]
2019-08-29 23:32             ` Al Viro
2019-08-30  4:10             ` Dave Chinner
2019-08-30  4:44               ` Al Viro
2019-08-31  8:28                 ` Christoph Hellwig

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190829222258.GA16625@ZenIV.linux.org.uk \
    --to=viro@zeniv.linux.org.uk \
    --cc=boaz@plexistor.com \
    --cc=hch@lst.de \
    --cc=kai.makisara@kolumbus.fi \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-scsi@vger.kernel.org \
    --cc=octavian.purdila@intel.com \
    --cc=pantelis.antoniou@konsulko.com \
    --cc=torvalds@linux-foundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).