| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 21 Jan 2009 14:03:22 -0800 From: Joel Becker <Joel.Becker@...cle.com> To: Jan Kara <jack@...e.cz> Cc: linux-fsdevel@...r.kernel.org, linux-ext4@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org>, Theodore Tso <tytso@....EDU> Subject: Re: [RFC] [PATCH] vfs: Call filesystem callback when backing device caches should be flushed On Wed, Jan 21, 2009 at 01:55:37PM +0100, Jan Kara wrote: > On Tue 20-01-09 15:16:48, Joel Becker wrote: > > On Tue, Jan 20, 2009 at 05:05:27PM +0100, Jan Kara wrote: > > > we noted in our testing that ext2 (and it seems some other filesystems as > > > well) don't flush disk's write caches on cases like fsync() or changing > > > DIRSYNC directory. This is my attempt to solve the problem in a generic way > > > by calling a filesystem callback from VFS at appropriate place as Andrew > > > suggested. For ext2 what I did is enough (it just then fills in > > > block_flush_device() as .flush_device callback) and I think it could be > > > fine for other filesystems as well. > > > > The only question I have is why this would be optional. It > > would seem that this would be the preferred default behavior for all > > block filesystems. We have the backing_dev_info and a way to override > > the default if a filesystem needs something special. > The reason why I've decided for NOP to be the default is that filesystems > doing proper journalling with barriers should not need this (as the barrier > in the transaction commit already does the job for them). So these would > have to override the operation to NOP which seems a bit silly. Also virtual > filesystems without backing device would have to override this to NOP. You make a fair point about journaling filesystems - except, of course, that they don't really use barriers; mount defaults or device-mapper often preclude them. So people with 'incorrect' barrier configurations get no fsync() safety. Regarding "filesystems without a backing device", that's why I said "we have backing_dev_info". We can tell what the backing device is; we should be able to determine that no flush is needed without modifying those filesystems. > Finally, I prefer maintainers of the filesystems themselves to decide > whether their filesystem needs flushing and thus knowingly impose this > performance penalty on them... I understand what you're thinking here, but that way defaults to an unsafe fsync(). Thus you're causing broken behavior in the hopes that maintainers pay enough attention to fix the behavior. Joel -- Life's Little Instruction Book #274 "Leave everything a little better than you found it." Joel Becker Principal Software Developer Oracle E-mail: joel.becker@...cle.com Phone: (650) 506-8127 -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists