lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 22 Feb 2010 14:44:24 +0900
From:	Toshiyuki Okajima <toshi.okajima@...fujitsu.com>
To:	tytso@....edu
CC:	Jan Kara <jack@...e.cz>, akpm@...ux-foundation.org,
	adilger@....com, linux-ext4@...r.kernel.org
Subject: Re: [RFC] do you want jbd2 interface of ext3?

Hi Ted,
sorry for my late response.

tytso@....edu wrote:
 > On Wed, Feb 17, 2010 at 05:36:00PM +0900, Toshiyuki Okajima wrote:
 > > >
 > > > The reason that I wanted to change the journaling interface into jbd2 were:
 > > > - the most of my customers use linux for Mission Critical (M.C.).
 > > > - M.C. users want the filesystems which have more integrity for their data.
 > > > - I think we should not recommend ext4 to M.C. users because
 > > >   for M.C. users, ext4 is still unstable filesystem.
 > > >   Therefore I want to let M.C. users use ext3 for the present.
 > > > - it is not easy to maintain both jbd and jbd2, so
 > > >   I thought it was easy to solve it by unifying the journaling interfaces
 > > >   into ext4.
 >
 > But if they are mission critical users, why would they be willing to
 > accept changes to the jbd2 layer, and the necessary changes to ext3 so
 > it can use jbd2?  Any time you add changes, you will be causing a
 > certain amount of instability and risk.  So the question is, what are
 > your users willing to tolerate?
 >
 > Some important questions to ask:
 >
 > 1) Is the problem psychological?  i.e., is the problem that it is
 > *called* ext4?  After all, ext4 is derived from ext3, so if they are
 > willing to accept new features backported into ext3 (i.e., journal
 > checksums) and the risks associated with making changes to add new
 > features, why are they not willing to accept ext4?
I guess some important basic functions, delayed allocation and quota
seems to be still unstable. At least, if these functions may work
incorrectly, M.C. users cannot use it.

 > 2) If it is a question of risk, how many changes are they willing to
 > accept?  I will note that if you don't enable extents, and disable
 > delayed allocation, you can significantly decrease the risk of using
 > ext4.  (Essentially at that point the only major change is the block
 > allocation code and the changes to use jbd2.)
I think M.C. users don't accept ext4 easily because the basic body of ext4
is a little different from ext3 even if the features of delalloc and extents
are unused.
(For example, ext4 has the multi block allocation feature, but ext3 doesn't
have.)

---
Besides, even if we use ext3 and encounter some troubles by ext3/jbd module,
we can avoid these troubles by using ext2 module during repairing
these troubles. (Because ext3 filesystem can mount as ext2 filesystem by ext2
module.)
But even if we use ext4 with "extents" feature and encounter some troubles
by ext4/jbd2 module, we cannot avoid these troubles by ext2/ext3 modules
because ext3 (or ext2) cannot work "extents" feature. Therefore I think
M.C. users demand that the quality of ext4 is the same as ext3 level or
higher.
---

 >
 > 3) How much testing do you need to do before it would be considered
 > acceptable for your Mission Critical users?  Or is it a matter of time
 > to allow other users to be the "guinea pigs"?   :-)
 >
I think I also have to test the ext4 features (delalloc, quota, mballoc
and so on).
It may cost about half a year or a year ...

 > > > OK. I see.
 > > > (ext3 is already stable filesystem, so, we should not change
 > > >  ext3 drastically.)
 >
 > Well, certainly, *any* change is going to risk destablizing the file
 > system.  Isn't that the argument why you are concerned about whether
 > ext4 is ready for your M.C. users?  One of the reasons why we forked
 > jbd2 from jbd was precisely because of these sorts of concerned.  So
 > if you switch ext3 to use jbd2, would that not increase the risk to
 > your M.C. users?
Of course, M.C. users don't want unstable filesystems.
So, M.C. users don't use ext3 with jbd2 at once even if ext3 with jbd2
is achieved.
But they are sure to want filesystems which have enough integrity features. 

Therefore, at first, I was to try to add the journaling interface jbd2
with jbd interface left.
(But I think M.C. users want to use ext4 in the future because ext4 is:
  - max filesystem size is much bigger than ext3
  - I/O performance is superior to ext3 with delayed allocation and multi block
     allocation.
  - and other features which ext3 doesn't have fascinate M.C. users.)

By this change, I thought ext3 and ext4 would mutually achieve a good effect:
  - [ext3] jbd2 component can get stable earlier because ext3 joins the jbd2
           users, then developers of jbd2 increase.
  - [ext3] as the result, if jbd2 becomes enough quality, M.C. users can use
           jbd2 interface of ext3.
  - [ext4] as the result, if jbd2 becomes enough quality, ext4 becomes better
           quality.
  - [ext4] at last, if ext4 becomes enough quality, M.C. users can use ext4.

But, I will stop trying to implement jbd2 interface of ext3
because I understand the policy which keeps ext3 stable with ext3 & jbd.

Best Regards,
Toshiyuki Okajima

--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ