In message <767CA61C-4FAD-11D9-B39E-000A957650EC@shagadelic.org>, Jason Thorpe 
writes:
>
>--Apple-Mail-10-372990471
>Content-Transfer-Encoding: 7bit
>Content-Type: text/plain; charset=US-ASCII; format=flowed
>
>
>On Dec 16, 2004, at 10:35 AM, Steven M. Bellovin wrote:
>
>> But under what conditions should higher layers set this flag?
>
>Consider the case of a journaling file system.
>
>Writes to the journal itself would be issued with FUA set.
>
>As buffers described by the journal are flushed to disk, the journal 
>might decide it's time to advance the journal's "producer" pointer 
>(journal replay being the "consumer").  Before it does that, it would 
>issue a synchronize-cache command to the disk to ensure that all of 
>that data is, in fact, on disk.  Then it would update the producer 
>pointer.
>
>Those are a couple of examples, anyway.
>

Examples are fine; the trick is to figure out the right answer(s) for 
the important cases, notably FFS.  (You're quite correct that in 
generaly, *two* synchronize requests are required for each critical 
block -- one to make sure that everything ahead of it is flushed, and 
one to ensure that the critical block itself is written immediately.

The other question, of course, is what this will do to performance.  
I've often argued that it's pointless to do the wrong thing quickly, 
but people should at least know the tradeoffs.

I'm agnostic about exactly how the information is sent to the driver; I 
don't know the code details nearly well enough.  I am concerned about 
the architectural question.

		--Steve Bellovin, http://www.research.att.com/~smb