| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 3 Apr 2009 00:46:17 +0100 From: Matthew Garrett <mjg59@...f.ucam.org> To: david@...g.hm Cc: Theodore Tso <tytso@....edu>, Sitsofe Wheeler <sitsofe@...oo.com>, "Andreas T.Auer" <andreas.t.auer_lkml_73537@...us.ath.cx>, Alberto Gonzalez <info@...bu.es>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org> Subject: Re: Ext4 and the "30 second window of death" On Thu, Apr 02, 2009 at 11:44:20AM -0700, david@...g.hm wrote: > On Thu, 2 Apr 2009, Matthew Garrett wrote: > >The solution to "fsync() causes disk spinups" isn't "ignore fsync()". > >It's "ensure that applications only use fsync() when they really need > >it", which requires us to also be able to say "fsync() should not be > >required to ensure that events occur in order". > > ignore the issue of order on the local disk for the moment. > > what should an application do to make sure it's data isn't lost? fsync(). > however, some (many, most??) users would probably be willing to loose a > little e-mail to gain a significant increase in battery life on their > laptops. Then they shouldn't use a mail client that fsync()s. > today they have no choice (other than picking a mail client that doesn't > try to protect it's local data) > > with the proposed addition to laptop mode (delaying fsync until the disk > is awake), the user (or more precisely the admin) gains the ability to > define this trade-off rather than depending on the application developers > all doing this right. No. Ignoring fsync() makes it difficult for an application to inappropriately spin up a disk - but it also makes it *impossible* for an application to save data that it genuinely needs to. Doing this in kernel means that you have no granularity. You ignore the inappropriate fsync()s, but you also ignore the ones that are vitally important. I've no objection to the kernel supporting this functionality, but it should be /proc/sys/vm/fuck-my-data-harder rather than /proc/sys/vm/laptop-mode. Power management is a tradeoff. Sometimes providing correct functionality costs more than providing incorrect functionality. In general we strive to carry on providing applications the behaviour they expect even if it costs us more power - the alternative leads to users disabling power management functionality because they can't trust it. Throwing data away isn't an acceptable tradeoff for an extra three minutes of battery life for most users. -- Matthew Garrett | mjg59@...f.ucam.org -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists