Re: XFS: how to NOT null files on fsck?

From: Anton Ertl
Date: Tue Jul 13 2004 - 04:39:06 EST

Next message: Andrew Morton: "Re: [linux-audio-dev] Re: [announce] [patch] Voluntary KernelPreemption Patch"
Previous message: Takashi Iwai: "Re: [linux-audio-dev] Re: [announce] [patch] Voluntary Kernel Preemption Patch"
In reply to: Chris Wedgwood: "Re: XFS: how to NOT null files on fsck?"
Next in thread: Chris Wedgwood: "Re: XFS: how to NOT null files on fsck?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Chris Wedgwood wrote:
>
> On Tue, Jul 13, 2004 at 07:25:29AM +0000, Anton Ertl wrote:
>
> > A secure FS must ensure that other people's deleted data does not
> > end up in the file. AFAIK FSs don't record owners for free blocks,
> > so they can only ensure this by zeroing the blocks.
>
> How can free blocks have an owner? They wouldn't be free then.

It would be the former owner of the block.

> > So I doubt that you will see any different behaviour from an FS that
> > keeps only meta-data consistent and writes meta-data before data.
>
> You do, some fs' will return stale data.

Stale data yes, but probably not stale data from blocks that were
formerly free (or the file system is insecure).

> > It's too hard to fix the applications, since there is no easy way to
> > test that they are really fixed.
>
> No, it's not hard to fix the applications and it's easy to tell if
> they are fixed.

So, how do you tell?

> > Also, the number of applications is much higher than the number of
> > file systems.
>
> You don't fix all applications, only ones where data is critical and
> their handling of it is poor. MTAs like postfix don't have a problem
> for example, they are generally written well.

Where is data not critical? I had such a problem even with a
widely-used application like GNU Emacs (many years ago, may be fixed
now), casting doubt on your claim that fixing the application is easy.

> > The file system should provide something that I call in-order
> > semantics, i.e., that the disk state always represents an existing
> > (possibly old) logical state of the FS, not some state that never
> > existed, or some existing state with missing data.
>
> ext3 and reiserfs have what amounts to this as an option right now.
> It has some performance implications but I'm told works great.

You mean ext3 data=journal? The last I heard about it was that it was
broken.

ext3 data=ordered will probably also work better in most cases than an
FS with eager meta-data updates (like, apparently, XFS), but I don't
think it guarantees in-order semantics.

- anton
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrew Morton: "Re: [linux-audio-dev] Re: [announce] [patch] Voluntary KernelPreemption Patch"
Previous message: Takashi Iwai: "Re: [linux-audio-dev] Re: [announce] [patch] Voluntary Kernel Preemption Patch"
In reply to: Chris Wedgwood: "Re: XFS: how to NOT null files on fsck?"
Next in thread: Chris Wedgwood: "Re: XFS: how to NOT null files on fsck?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]