Re: Re: [patch] cgd

To: "Roland C. Dowdeswell" <elric%imrryr.org@localhost>
Subject: Re: Re: [patch] cgd
From: Pawel Jakub Dawidek <pjd%FreeBSD.org@localhost>
Date: Fri, 10 Dec 2010 20:09:39 +0100

On Thu, Dec 02, 2010 at 01:37:01PM +0000, Roland C. Dowdeswell wrote:
> Hmmm, this scheme does ensure that you do not lose data with half writes
> but I am not sure that it preserves the atomicity of sector writes.  That
> is, if I write a sector to the disk then if I suffer a crash the entire
> sector should be written or none of the sector should be written.
> 
> IIRC, directory and inode manipulation on FFS relies on sector
> writes being atomic and if the atomicity of sector writes is
> compromised then a crash can leave the filesystem in an inconsistent
> state.
> 
> Looking it up: page 247 of ``The Design and Implementation of the
> 4.4BSD Operating System'' states:
> 
>       Directories are allocated in units called chunks; ...  The
>       size of a chunk is chosen such that each allocation can be
>       transferred to disk in a single operation; the ability to
>       change a directory in a single operation makes directory
>       updates atomic.
> 
> If we look at the data structure defined on that page and the next,
> we can see that if a single chunk update is split into two separate
> operations and only one of them succeeds then the file system could
> be left in an inconsistent state[1].
> 
> I didn't look at the inode section in detail but I would imagine
> that you could derive similar such [or worse] inconsistencies with
> partial inode writes.

That is interesting. I use GELI with 4kB sector (even without
authentication) and never saw such an issue nor heard about one.
I'm not saying the risk is not there, I guess it is just very small,
which makes it acceptable. The similar problem is that we turn on write
cache on disks automatically. This could also lead to SU inconsistencies
that are impossible to recover from, but they also don't occur very
often (if at all).

All in all regular UFS is not the only option. Both ZFS and UFS+gjournal
don't depend on such atomicity.

-- 
Pawel Jakub Dawidek                       http://www.wheelsystems.com
pjd%FreeBSD.org@localhost                           http://www.FreeBSD.org
FreeBSD committer                         Am I Evil? Yes, I Am!

Attachment: pgpEpRpdeQsCo.pgp
Description: PGP signature

References:
- Re: [patch] cgd
  - From: Roland C. Dowdeswell
- Re: Re: [patch] cgd
  - From: Taylor R Campbell
- Re: Re: [patch] cgd
  - From: Roland C. Dowdeswell
- Re: Re: [patch] cgd
  - From: Pawel Jakub Dawidek
- Re: Re: [patch] cgd
  - From: Roland C. Dowdeswell

Prev by Date: Re: Re: [patch] cgd
Next by Date: Patch: rework kernel random number subsystem
Previous by Thread: Re: Re: [patch] cgd
Next by Thread: Re: [patch] cgd
Indexes:

Home | Main Index | Thread Index | Old Index