lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20190528131356.GB19149@mit.edu>
Date:   Tue, 28 May 2019 09:13:56 -0400
From:   "Theodore Ts'o" <tytso@....edu>
To:     Sahitya Tummala <stummala@...eaurora.org>
Cc:     Andreas Dilger <adilger.kernel@...ger.ca>,
        linux-ext4@...r.kernel.org
Subject: Re: fsync_mode mount option for ext4

On Tue, May 28, 2019 at 09:18:30AM +0530, Sahitya Tummala wrote:
> 
> Yes, but fsync_mode=nobarrier is little different than
> a general nobarrier option. The fsync_mode=nobarrier is
> only controlling the flush policy for fsync() path, unlike
> the nobarrier mount option which is applicable at all
> places in the filesystem.

What are you really trying to accomplish with fsync_mode=nobarrier?
And when does that distinction have a difference?

What sort of guarantees are you trying to offer, given a particular
hardware and software design?

I gather that fsync_mode=nobarrier means one of two things:

  * "screw you, application writer; your data consistency means nothing to me",

OR

  * "we have sufficient guarantees --- e.g., UPS/battery protection to
    guarantee that even if we lose AC mains, or the user press and holds
    the power button for eight seconds, we will give storage devices a
    sufficient grace period to write everything to persistent storage.  We
    also have the appropriate hardware to warn of an impending low-battery
    shutdown and software to perform a graceful shutdown in that eventuality."

If it's the latter, then nobarrier works just as well --- even better.

If it's the former, *why* is it considered a good thing to ignore the
requests of userspace?  And without any hardware assurances to provide
a backstop against power drop, do you care or not care about file
system consistency?

Why do you want the distinction between fsymc_mode=nobarrier and
nobarrier?  When would this distinction be considered a good thing?

	    	       	    		   - Ted

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ