| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 16 Jun 2008 21:22:11 +0200 From: Jan Kara <jack@...e.cz> To: Eric Sandeen <sandeen@...hat.com> Cc: Andreas Dilger <adilger@....com>, "Aneesh Kumar K.V" <aneesh.kumar@...ux.vnet.ibm.com>, cmm@...ibm.com, tytso@....edu, linux-ext4@...r.kernel.org Subject: Re: [RFC] ext4: Semantics of delalloc,data=ordered On Mon 16-06-08 13:58:57, Eric Sandeen wrote: > Andreas Dilger wrote: > > On Jun 16, 2008 17:05 +0200, Jan Kara wrote: > >> First, I'd like to see some short comment on what semantics > >> delalloc,data=ordered is going to have. At least I can imagine at least > >> two sensible approaches: > >> 1) All we guarantee is that user is not going to see uninitialized data. > >> We send writes to disk (and allocate blocks) whenever it fits our needs > >> (usually when pdflush finds them). > >> 2) We guarantee that when transaction commits, your data is on disk - > >> i.e., we allocate actual blocks on transaction commit. > >> > >> Both these possibilities have their pros and cons. Most importantly, > >> 1) gives better disk layout while 2) gives higher consistency > >> guarantees. Note that with 1), it can under some circumstances happen, > >> that after a crash you see block 1 and 3 of your 3-block-write on disk, > >> while block 2 is still a hole. 1) is easy to implement (you mostly did > >> it below), 2) is harder. I think there should be broader consensus on > >> what the semantics should be (changed subject to catch more attention ;). > > > > IMHO, the semantic should be (1) and not (2). Applications don't understand > > "when the transaction commits" so it doesn't provide any useful guarantee > > to userspace, and if they actually need the data on disk (e.g. MTA) then > > they need to call fsync to ensure this. > > > > While I agree it is theoretically possible to have the "hole in data > > where there shouldn't be one" scenario, in real life these blocks would be > > allocated together by delalloc+mballoc and this situation should not happen. > > I'm not sure that's true; filling in holes is not that uncommon. > > But, I'm not sure that it actually leads to a problem, as the metadata > gets "created" for the hole-fill-in only when the block actually gets > allocated right? From filesystem point of view everything is correct. Just application may get confused that only a (non-continuous) subset of it's write made it to disk. This didn't use to happen before in data=ordered mode. Honza -- Jan Kara <jack@...e.cz> SUSE Labs, CR -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists