LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for February 16, 2012

Book review: Open Advice

Linux support for ARM big.LITTLE

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Better than POSIX?

Better than POSIX?

Posted Mar 17, 2009 17:33 UTC (Tue) by forbdonut (subscriber, #21577)
Parent article: Better than POSIX?

I don't understand one point. We keep saying that ext3 had an "implicit
guarantee" that data blocks will hit the disk before meta-data. I don't
understand why that's "implicit." It seems like the definition of data=ordered
mode says exactly that?

In particular, what does data=ordered mode actually mean in ext4 with delayed
allocation?

This mode is more of data=pseudo-writeback i.e. it's some new writeback mode
that ext3 didn't have.

It's feels like the suggested alloc-on-commit mode should be called
data=ordered.

Am I missing something?? Thanks!

(Log in to post comments)

Better than POSIX?

Posted Mar 18, 2009 0:26 UTC (Wed) by brugolsky (✭ supporter ✭, #28) [Link]

Since Ted has emphasized that data=ordered is about security, not integrity, I think the point is that as long as blocks have not been allocated, there is no risk of exposure of stale data. Hence the security guarantee of ext4 data=ordered is equivalent to the security guarantee in ext3.

But frankly, since the dawn of ext3 in the 2.2.x kernel series, I've always considered the fact that it didn't leave garbage files around on my laptop (with its dodgy IDE chipset) to be its major benefit. And I never really seriously considered using the other journalling filesystems that only preserve meta-data integrity. So I am unhappy with the choice of names for the options. I'd rather that the default be "data=delayed", and "data=ordered" refer to the allocate-on-commit behavior.

Better than POSIX?

Posted Mar 18, 2009 22:18 UTC (Wed) by forbdonut (subscriber, #21577) [Link]

I don't completely buy Ted's "data=ordered is only for security argument". In particular the documentation (in man pages / kernel docs / even the **ext4 docs** themselves) make no mention of security.

data=ordered isn't advertised as a security feature. It's claims to make data ordered with associated meta-data.

Better than POSIX?

Posted Mar 27, 2009 6:00 UTC (Fri) by Duncan (guest, #6647) [Link]

FWIW, you (and I) and Linus agree. This whole thing has come up yet again
in in one of the 2.6.29 announcement reply subthreads, and Linus calls the
failure to honor data=ordered (thus implying that in Linus opinion, it WAS
a failure to honor it, no matter what various others say about it being
about security only and that it was thus honored) "idiotic" in one reply,
and in another reply says the essentially the same thing using a different
choice description.

BTW, it's worth noting that to long time observers, Linus and thus the
LKML in general has at least three definite levels of "idiotic". Yes,
this is "idiotic", but Linus hasn't yet advanced to calling it
the "smoking crack" level of "idiotic" that he has been known to resort to
in other instances. OTOH, this would seem to be beyond the "brown paper
bag" level of "idiotic", so called because that's what the person making
the mistake wants to wear since he's now embarrassed to be seen in public.
The "brown paper bag" level of "idiotic" is the level that once aware, the
person who made the mistake owns up to it and does NOT defend, but
rather "resorts to the brown paper bag", and in fact, many such "brown
bag" level of mistakes are discovered and fixed by the person that made
them in the first place. This is beyond that since the person making
the "mistake" has been and continues to defend it as "correct", thus
reaching at minimum the "idiotic" level.

Anyway, based on Linus own posts to the post-2.6.29-announcement thread,
one gets the strong impression that somewhere along the line, Linus would
love to get a patch that makes data=ordered mean just that once again,
that delayed allocation or no delayed allocation, if data=ordered, the
data will be written before the metadata that covers it. Personally, I'd
suggest the current default then be christened "data=screwed", altho
data=delayed or some such is the more likely "acceptable" alternative.

Duncan

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds