lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.LFD.2.00.1405061339470.2255@localhost.localdomain>
Date:	Tue, 6 May 2014 14:50:39 +0200 (CEST)
From:	Lukáš Czerner <lczerner@...hat.com>
To:	"Darrick J. Wong" <darrick.wong@...cle.com>
cc:	tytso@....edu, linux-ext4@...r.kernel.org
Subject: Re: [PATCH 37/37] ext5: define new subtype to add features and reduce
 testing complexity

On Mon, 5 May 2014, Darrick J. Wong wrote:

> Date: Mon, 5 May 2014 18:33:17 -0700
> From: Darrick J. Wong <darrick.wong@...cle.com>
> To: Lukáš Czerner <lczerner@...hat.com>
> Cc: tytso@....edu, linux-ext4@...r.kernel.org
> Subject: Re: [PATCH 37/37] ext5: define new subtype to add features and reduce
>      testing complexity
> 
> On Fri, May 02, 2014 at 11:45:25AM +0200, Lukáš Czerner wrote:
> > On Thu, 1 May 2014, Darrick J. Wong wrote:
> > 
> > > Date: Thu, 01 May 2014 16:16:29 -0700
> > > From: Darrick J. Wong <darrick.wong@...cle.com>
> > > To: tytso@....edu, darrick.wong@...cle.com
> > > Cc: linux-ext4@...r.kernel.org
> > > Subject: [PATCH 37/37] ext5: define new subtype to add features and reduce
> > >     testing complexity
> > > 
> > > This patch defines ext5 as a set of required feature flags and mount
> > > options, for the purpose of spreading new features to freshly
> > > formatted filesystems and reducing the testing matrix by disabling
> > > nearly all mount options.  The patch uses the s_minor_rev_level field
> > > to indicate the existence of ext5, and switch on feature/mount option
> > > enforcement in the kernel.
> > > 
> > > The required feature set is:
> > > ^resize_inode,dirindex,ext_attr,sparse_super2,filetype,meta_bg,extents,
> > > ^flex_bg,64bit,inline_data,sparse_super,huge_file,large_file,dir_nlink,
> > > extra_isize,metadata_csum
> > > 
> > > The required mount options are:
> > > acl,block_validity,user_xattr,journal_checksum
> > > 
> > > All other mount options are no longer functional.
> > > 
> > > The 'ext4' type remains unchanged, for people who require mount
> > > options or a different feature set.  I don't intend to fork any code;
> > > I'm just painting a bigger target (for testing).
> > 
> > This is definitely NACK by me. I do not like this and there are
> > several reasons why.
> > 
> > First of all the name. Given the history of ext file system we tend
> > to increase then number with the new version of file system. However
> > you're saying that this is just for testing features ... in that
> > case it does not make any sense to call it ext5, but not just that
> > it's stupid to call it ext5 especially since we might actually want
> > to release ext5 in the future and this would be really confusing for
> > everybody involved.
> 
> I should have been clearer about my aim for "ext5" -- I want to define
> ext5 to be "ext4 + some new features - some mount options", and then
> work on stabilizing those features.  Historically, we've defined each
> extN to be ext(N-1) + more features, and that's what I'm doing here
> too.  ext5 would be a real release, with new features and fewer mount
> options.  The comment about reducing testing was merely a reflection
> upon the side effects of locking down some of the feature flags and
> mount options.
> 
> I don't think it's a good idea to change what features you get with
> 'mke2fs -T ext4' since that hasn't changed since ~2008 or so.
> 
> Maybe I should have called it ext5dev and killed off ext4dev.
> 
> > I've been trying to get rid of the ext4dev bits and pieces
> > more-or-less successfully and you're adding new type once again. We
> > might start the discussion whether to revive ext4dev for this kind
> > of thing but I am not really convinced that this is the right way to
> > go either.
> > 
> > What about just simply using mkefs.conf to specify the feature set
> > we want and use that ? It's simple enough and it should work. We
> > could also extend the configuration to be able to set default
> > mount options and such if that's not possible. I just do not understand
> > why to introduce new file system type if that's just for testing
> > ext4 features.
> 
> Well, yes, I could just create a new fs_types stanza in mke2fs.conf.
> I wanted to put a little more teeth in that and actually have the
> kernel and e2fsck be able to check that a FS has been declared as
> 'ext5' and that all the required bits are really there, hence the
> ability to set s_minor_rev_level.  I'm not really married to going
> that far, though.
> 
> (There's already an interface for specifying some of the default mount
> options in the superblock; that was sufficient for me.)

"ext5 would be a real release"

This is the most important information that was somewhat hidden in
the original post. If that's the case we should have the discussion
whether we want to release ext5 in reasonably near future.


Let's see what are the difference between ext4 feature wise:

 + 64bit
 + meta_bg
 + sparse_super2
 + inline_data
 + metadata_csum
 - resize_inode

64bit - This is something I've proposed enabling by default for ext4
	already
	(http://www.spinics.net/lists/linux-ext4/msg42294.html) as
	this is a logical step and not really a huge change.
	This also implies disabling resize_inode.

meta_bg - Just makes group descriptors to be spread across the file
	system. It has been around for some time and I am not sure
	why this is not a default already. It should also increase
	the limit of the file system size but I am not sure whether
	this is still true with flex_bg ?
	This does not work together with resize_inode but that's
	true for 64bit as well. So I think that this should be
	default on ext4 or do we have any concerns about this one ?
	Not a big change anyway.

sparse_super2 -
	Limits the number of backup superblocks even more than
	sparse_super. This generally does not bring anything
	useful. It allows us to have more flexible layout for a
	specialized devices such as SMR. I do not thin there is a
	reason for this to be a default, but we can use it on those
	specialized devices which should be determined at mkfs time.
	On the other hand this is really small change to the format
	and I would not strongly object against this being the
	default, but it does not bring us anything on itself.

inline_data -
	I think that this is only really useful if we're using
	bigalloc feature, or if we have really big inodes, otherwise
	it does not bring anything useful. I do not think we want
	this as a default but rather having it enabled at mkfs time
	simultaneously with bigalloc and possibly with big inodes.

metadata_csum -
	That's the biggest feature, which is the most significant
	from the user perspective and changes the behaviour of the
	file system. Eventually yes, I think that this should be
	enabled by default because indeed we're in the business of
	keeping user data safe. However is this a reason to release
	a new file system ? I definitely do not think so.

Please correct me if I forgot about something.

So my conclusion is that it's not at all worth releasing a new file
system for this set of feature where only one of which is actually
more significant.

Yes, if we were to change the file system format significantly, like
let's say get rid of bitmaps and replace it with b-trees following a
huge change in the allocator, then I think it would be worthwhile to
make this big step and start with a new file system.

As fat as mount options are concerned I do not think there is
anything significant either. And releasing a new file system just to
get rid of the mount options does not seem like a best approach
either :)

Thanks!
-Lukas

Powered by blists - more mailing lists