lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Mon, 16 Jun 2008 21:22:11 +0200
From:	Jan Kara <jack@...e.cz>
To:	Eric Sandeen <sandeen@...hat.com>
Cc:	Andreas Dilger <adilger@....com>,
	"Aneesh Kumar K.V" <aneesh.kumar@...ux.vnet.ibm.com>,
	cmm@...ibm.com, tytso@....edu, linux-ext4@...r.kernel.org
Subject: Re: [RFC] ext4: Semantics of delalloc,data=ordered

On Mon 16-06-08 13:58:57, Eric Sandeen wrote:
> Andreas Dilger wrote:
> > On Jun 16, 2008  17:05 +0200, Jan Kara wrote:
> >>   First, I'd like to see some short comment on what semantics
> >> delalloc,data=ordered is going to have. At least I can imagine at least
> >> two sensible approaches:
> >>   1) All we guarantee is that user is not going to see uninitialized data.
> >> We send writes to disk (and allocate blocks) whenever it fits our needs
> >> (usually when pdflush finds them).
> >>   2) We guarantee that when transaction commits, your data is on disk -
> >> i.e., we allocate actual blocks on transaction commit.
> >>
> >>   Both these possibilities have their pros and cons. Most importantly,
> >> 1) gives better disk layout while 2) gives higher consistency
> >> guarantees. Note that with 1), it can under some circumstances happen,
> >> that after a crash you see block 1 and 3 of your 3-block-write on disk,
> >> while block 2 is still a hole. 1) is easy to implement (you mostly did
> >> it below), 2) is harder. I think there should be broader consensus on
> >> what the semantics should be (changed subject to catch more attention ;).
> > 
> > IMHO, the semantic should be (1) and not (2).  Applications don't understand
> > "when the transaction commits" so it doesn't provide any useful guarantee
> > to userspace, and if they actually need the data on disk (e.g. MTA) then
> > they need to call fsync to ensure this.
> > 
> > While I agree it is theoretically possible to have the "hole in data
> > where there shouldn't be one" scenario, in real life these blocks would be
> > allocated together by delalloc+mballoc and this situation should not happen.
> 
> I'm not sure that's true; filling in holes is not that uncommon.
> 
> But, I'm not sure that it actually leads to a problem, as the metadata
> gets "created" for the hole-fill-in only when the block actually gets
> allocated right?
  From filesystem point of view everything is correct. Just application may
get confused that only a (non-continuous) subset of it's write made it to
disk. This didn't use to happen before in data=ordered mode.

									Honza
-- 
Jan Kara <jack@...e.cz>
SUSE Labs, CR
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists