On Mon, May 2, 2022 at 11:53 AM Martin K. Petersen <martin.petersen@xxxxxxxxxx> wrote: > > > Gabriel, > > > Cc'ing Khazhy since Google might have some applications for this to > > filter IOs based on the blocks being accessed, in the context of > > safeguarding specific regions from accidental overwrites / application > > error. Yeah, we have a few potential use cases for something like this - one is interested in filtering based on issuing user. A separate use case would be filtering based on regions - for this I do wonder how appropriate something like eBPF would be, especially if we wanted the filters to have some guarantees of existing so long as the data we're protecting exists. > > We've been working in this area too. It possible to write BPF filters to > protect block ranges using should_fail_bio(). It'd be nice to have a "proper" api vs. ALLOW_ERROR_INJECTION, which feels more debug-y and has the drawback of CONFIG_FUNCTION_ERROR_INJECTION being all-or-nothing
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
