| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 8 Jul 2020 18:11:52 +0100
From: Matthew Wilcox <willy@...radead.org>
To: Christoph Hellwig <hch@....de>
Cc: Dave Chinner <david@...morbit.com>,
Goldwyn Rodrigues <rgoldwyn@...e.de>,
linux-fsdevel@...r.kernel.org, linux-btrfs@...r.kernel.org,
fdmanana@...il.com, dsterba@...e.cz, darrick.wong@...cle.com,
cluster-devel@...hat.com, linux-ext4@...r.kernel.org,
linux-xfs@...r.kernel.org
Subject: Re: always fall back to buffered I/O after invalidation failures,
was: Re: [PATCH 2/6] iomap: IOMAP_DIO_RWF_NO_STALE_PAGECACHE return if page
invalidation fails
On Wed, Jul 08, 2020 at 06:54:12PM +0200, Christoph Hellwig wrote:
> On Wed, Jul 08, 2020 at 02:54:37PM +0100, Matthew Wilcox wrote:
> > Direct I/O isn't deterministic though. If the file isn't shared, then
> > it works great, but as soon as you get mixed buffered and direct I/O,
> > everything is already terrible. Direct I/Os perform pagecache lookups
> > already, but instead of using the data that we found in the cache, we
> > (if it's dirty) write it back, wait for the write to complete, remove
> > the page from the pagecache and then perform another I/O to get the data
> > that we just wrote out! And then the app that's using buffered I/O has
> > to read it back in again.
>
> Mostly agreed. That being said I suspect invalidating clean cache
> might still be a good idea. The original idea was mostly on how
> to deal with invalidation failures of any kind, but falling back for
> any kind of dirty cache also makes at least some sense.
That's certainly the btrfs problem that needs to be solved, but I think
it's all part of the directio misdesign.
> > I have had an objection raised off-list. In a scenario with a block
> > device shared between two systems and an application which does direct
> > I/O, everything is normally fine. If one of the systems uses tar to
> > back up the contents of the block device then the application on that
> > system will no longer see the writes from the other system because
> > there's nothing to invalidate the pagecache on the first system.
>
> Err, WTF? If someone access shared block devices with random
> applications all bets are off anyway.
That doesn't mean that customers don't do it. It is, of course, not
recommended, but we suspect people do it anyway. Because it does
work, unfortunately. I'd be open to making this exact situation
deterministically not work (eg disallowing mixing O_DIRECT and
non-O_DIRECT openers of block devices), but making it suddenly
non-deterministically give you old data is a non-starter.
> > Unfortunately, this is in direct conflict with the performance
> > problem caused by some little arsewipe deciding to do:
> >
> > $ while true; do dd if=/lib/x86_64-linux-gnu/libc-2.30.so iflag=direct of=/dev/null; done
> >
> > ... doesn't hurt me because my root filesystem is on ext4 which doesn't
> > purge the cache. But anything using iomap gets all the pages for libc
> > kicked out of the cache, and that's a lot of fun.
>
> ext4 uses iomap..
I happen to be running an older kernel that doesn't on this laptop ;-)
Powered by blists - more mailing lists