| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 13 Jan 2007 15:07:06 -0500 From: Bill Davidsen <davidsen@....com> To: Linus Torvalds <torvalds@...l.org> CC: Chris Mason <chris.mason@...cle.com>, dean gaudet <dean@...tic.org>, Viktor <vvp01@...ox.ru>, Aubrey <aubreylee@...il.com>, Hua Zhong <hzhong@...il.com>, Hugh Dickins <hugh@...itas.com>, linux-kernel@...r.kernel.org, hch@...radead.org, kenneth.w.chen@...el.com, akpm@...l.org Subject: Re: O_DIRECT question Linus Torvalds wrote: > > On Sat, 13 Jan 2007, Michael Tokarev wrote: >> (No, really - this load isn't entirely synthetic. It's a typical database >> workload - random I/O all over, on a large file. If it can, it combines >> several I/Os into one, by requesting more than a single block at a time, >> but overall it is random.) > > My point is that you can get basically ALL THE SAME GOOD BEHAVIOUR without > having all the BAD behaviour that O_DIRECT adds. > > For example, just the requirement that O_DIRECT can never create a file > mapping, and can never interact with ftruncate would actually make > O_DIRECT a lot more palatable to me. Together with just the requirement > that an O_DIRECT open would literally disallow any non-O_DIRECT accesses, > and flush the page cache entirely, would make all the aliases go away. > > At that point, O_DIRECT would be a way of saying "we're going to do > uncached accesses to this pre-allocated file". Which is a half-way > sensible thing to do. But it's not necessary, it would break existing programs, would be incompatible with other o/s like AIX, BSD, Solaris. And it doesn't provide the legitimate use for O_DIRECT in avoiding cache pollution when writing a LARGE file. > > But what O_DIRECT does right now is _not_ really sensible, and the > O_DIRECT propeller-heads seem to have some problem even admitting that > there _is_ a problem, because they don't care. You say that as if it were a failing. Currently if you mix access via O_DIRECT and non-DIRECT you can get unexpected results. You can screw yourself, mangle your data, or have no problems at all if you avoid trying to access the same bytes in multiple ways. There are lots of ways to get or write stale data, not all involve O_DIRECT in any way, and the people actually using O_DIRECT now are managing very well. I don't regard it as a system failing that I am allowed to shoot myself in the foot, it's one of the benefits of Linux over Windows. Using O_DIRECT now is like being your own lawyer, room for both creativity and serious error. But what's there appears portable, which is important as well. I do have one thought, WRT reading uninitialized disk data. I would hope that sparse files are handled right, and that when doing a write with O_DIRECT the metadata is not updated until the write is done. > > A lot of DB people seem to simply not care about security or anything > else.anything else. I'm trying to tell you that quoting numbers is > pointless, when simply the CORRECTNESS of O_DIRECT is very much in doubt. The guiding POSIX standard appears dead, and major DB programs which work on Linux run on AIX, Solaris, and BSD. That sounds like a good level of compatibility. I'm not sure what more correctness you would want beyond a proposed standard and common practice. It's tricky to use, like many other neat features. I xonfess I have abused O_DIRECT by opening a file with O_DIRECT, fdopen()ing it for C, supplying my own large aligned buffer, and using that with an otherwise unmodified large program which uses fprintf(). That worked on all of the major UNIX variants as well. -- bill davidsen <davidsen@....com> CTO TMR Associates, Inc Doing interesting things with small computers since 1979 - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists