[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [dm-devel] [PATCH] Just inform and dont warn w hen DM_DEV_REMOVE is tried on a open device



On Tuesday 20 April 2010 13:30:18 Milan Broz wrote:
> On 04/20/2010 09:16 AM, Nikanth Karthikesan wrote:
> > Dont warn when DM_DEV_REMOVE ioctl is tried on a open device.
> >
> > On openSUSE when cryptsetup and udev interact, cryptsetup sometimes tries
> > to remove a dm device currently opened by blkid, which is not a serious
> > issue to print a kernel warning. The application should retry if -EBUSY
> > is returned. So let us make it an informational message instead.
> >
> > -		DMWARN("unable to remove open device %s", hc->name);
> > +		DMINFO("unable to remove open device %s", hc->name);
> 
> NAK.
> 
> Firstly, it is security problem if someone from udev rules tries to open
> temporary-cryptsetup device, it contains only private key material.
> 

Okay.

> Secondly, it must be solved on application level and not paper kernel using
> patches which hides errors.
> 

Agreed, it must be solved in the application level.

/me wonders whether this is an error worth a warning from kernel? Returning 
-EBUSY seems enough. May be a KERN_INFO message... But yes rest of DM prints 
warnings for these kind of events.

> FYI there is already patch in upstream cryptsetup which uses udev cookie
>  mechanism. It still cannot solve artificial change events (which causes
>  scan from rules randomly), but should help here. (will be in cryptsetup
>  1.1.1)
> 

Oh, ok. Thanks for the pointer.

Thanks
Nikanth


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]