| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 13 Feb 2009 00:07:26 -0600 From: Eric Sandeen <sandeen@...hat.com> To: Fernando Luis Vázquez Cao <fernando@....ntt.co.jp> CC: Jan Kara <jack@...e.cz>, Theodore Tso <tytso@....EDU>, Alan Cox <alan@...rguk.ukuu.org.uk>, Pavel Machek <pavel@...e.cz>, kernel list <linux-kernel@...r.kernel.org>, Jens Axboe <jens.axboe@...cle.com>, fernando@....ac.jp, Ric Wheeler <rwheeler@...hat.com> Subject: Re: vfs: Add MS_FLUSHONFSYNC mount flag Fernando Luis Vázquez Cao wrote: > On Thu, 2009-02-12 at 15:30 -0600, Eric Sandeen wrote: >> Jan Kara wrote: >>> On Thu 12-02-09 11:13:37, Eric Sandeen wrote: >> ... >> >>>> Also that way if you have 8 partitions on a battery-backed blockdev, you >>>> can tune it once, instead of needing to mount all 8 filesystems with the >>>> new option. >>> Yes, but OTOH we should give sysadmin a possibility to enable / disable >>> it on just some partitions. I don't see a reasonable use for that but people >>> tend to do strange things ;) and here isn't probably a strong reason to not >>> allow them. >>> >>> Honza >> But nobody has asked for that, have they? So why offer it up a this point? >> >> They could use LD_PRELOAD to make fsync a no-op if they really don't >> care for it, I guess... though that's not easily per-fs either. >> >> But do we really want to go out of our way to enable people to >> short-circuit data integrity paths and then file bugs when their files >> go missing? :) > > Well, it is just a matter of using safe defaults. IMHO, a scenario where > the administrator wants to optimize writes to a certain partition and > _explicitly_ clears MS_FLUSHONFSYNC on that superblock is not completely > unreasonable. One case is "this device is safe with a write cache and flush is not necessary for data consistency" - that's the per-bdev setting. The other case is "I don't really care and I just want to go faster" - that's the per-mount setting. I'd be much more likely to support the first case, as it's needed for maximum performance w/o sacrificing correctness, when properly used. The latter case is really only for cutting corners and giving people more rope than they need to hang themselves. >> (I guess the blockdev tunable is similarly dangerous, but it more >> clearly meets the explicit need (writecache-safe devices)) > > If distributions use sane defaults and we document the mount option or > bdev tunable properly I guess it might make sense to allow system > administrators to shoot themselves in the foot. > > (By the way, in this patch-set a patch for mount(8) is included.) ... one of the advantages of making it a bdev tunable is that you don't have to mess with mount(8) :) -Eric -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists