[dm-devel] [PATCH] dm-verity: Add error handling modes for corrupted blocks
Sami Tolvanen
samitolvanen at google.com
Wed Mar 18 13:24:53 UTC 2015
On Tue, Mar 17, 2015 at 02:03:58PM -0400, Vivek Goyal wrote:
> Without knowing too much of detail, asking kernel to restart because one
> block was corrupt sounds little drastic.
I agree, it's drastic, but in our use case it's necessary, because we have
critical system data on a verified partition. Depending on which blocks are
corrupted, the system may no longer be functional at this point.
> If you are sending user space events, why not let user space initiate the
> start and manage policy in user space.
We already manage policy in user space by determining in which mode dm-verity
will start. Restarting from user space is possible, but it would rely on the
uevent being reliably processed and the daemon responsible for restarting the
device not being blocked by the lack of access to corrupted data. We find
restarting from the dm-verity driver to be more reliable.
Sami
More information about the dm-devel
mailing list