From: Qu Wenruo <quwenruo@cn.fujitsu.com>
To: Eric Sandeen <sandeen@redhat.com>,
fsdevel <linux-fsdevel@vger.kernel.org>,
btrfs <linux-btrfs@vger.kernel.org>, <kzak@redhat.com>
Cc: <linux-ext4@vger.kernel.org>, <xfs@oss.sgi.com>
Subject: Re: Ideas on unified real-ro mount option across all filesystems
Date: Fri, 18 Dec 2015 09:29:16 +0800 [thread overview]
Message-ID: <5673616C.1040706@cn.fujitsu.com> (raw)
In-Reply-To: <567228EF.80007@redhat.com>
Eric Sandeen wrote on 2015/12/16 21:15 -0600:
> <xfs list address fixed>
>
> On 12/16/15 7:41 PM, Qu Wenruo wrote:
>> Hi,
>>
>> In a recent btrfs patch, it is going to add a mount option to disable
>> log replay for btrfs, just like "norecovery" for ext4/xfs.
>>
>> But in the discussion on the mount option name and use case, it seems
>> better to have an unified and fs independent mount option alias for
>> real RO mount
>>
>> Reasons:
>> 1) Some file system may have already used [no]"recovery" mount option
>> In fact, btrfs has already used "recovery" mount option.
>> Using "norecovery" mount option will be quite confusing for btrfs.
>
> Too bad btrfs picked those semantics when "norecovery" has existed on
> other filesystems for quite some time with a different meaning... :(
>
>> 2) More straight forward mount option
>> Currently, to get real RO mount, for ext4/xfs, user must use -o
>> ro,norecovery.
>> Just ro won't ensure real RO, and norecovery can't be used alone.
>> If we have a simple alias, it would be much better for user to use.
>> (it maybe done just in user space mount)
>
> mount(8) simply says:
>
> ro Mount the filesystem read-only.
>
> and mount(2) is no more illustrative:
>
> MS_RDONLY
> Mount file system read-only.
>
> kernel code is no help, either:
>
> #define MS_RDONLY 1 /* Mount read-only */
>
> They say nothing about what, exactly, "read-only" means. But since at least
> the early ext3 days, it means that you cannot write through the filesystem, not
> that the filesystem will leave the block device unmodified when it mounts.
>
> I have always interpreted it as simply "no user changes to the filesystem,"
> and that is clearly what the vfs does with the flag...
>
>> Not to mention some fs (yeah, btrfs again) doesn't have "norecovery"
>> but "nologreplay".
>
> well, again, btrfs picked unfortunate semantics, given the precedent set
> by other filesystems.
>
> f2fs, ext4, gfs2, nilfs2, and xfs all support "norecovery" - xfs since
> forever, ext4 & f2fs since 2009, etc.
I understand it's btrfs' fault.
Considering how many filesystems are already using "norecovery", it is
almost a standard.
Not sure if it's possible to change the "recovery" mount option to other
name for btrfs, but it seems using "norecovery" would be the best solution.
>
>> 3) A lot of user even don't now mount ro can still modify device
>> Yes, I didn't know this point until I checked the log replay code of
>> btrfs.
>> Adding such mount option alias may raise some attention of users.
>
> Given that nothing in the documentation implies that the block device itself
> must remain unchanged on a read-only mount, I don't see any problem which
> needs fixing. MS_RDONLY rejects user IO; that's all.
And thanks for the info provided by Karel, it's clear that at least
mount(8) itself already has explain on what ro will do and what it won't do.
Thanks,
Qu
>
> If you want to be sure your block device rejects all IO for forensics or
> what have you, I'd suggest # blockdev --setro /dev/whatever prior to mount,
> and take it out of the filesystem's control. Or better yet, making an
> image and not touching the original.
>
> -Eric
>
>> Any ideas about this?
>
>
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
>
WARNING: multiple messages have this Message-ID (diff)
From: Qu Wenruo <quwenruo@cn.fujitsu.com>
To: Eric Sandeen <sandeen@redhat.com>,
fsdevel <linux-fsdevel@vger.kernel.org>,
btrfs <linux-btrfs@vger.kernel.org>, <kzak@redhat.com>
Cc: linux-ext4@vger.kernel.org, xfs@oss.sgi.com
Subject: Re: Ideas on unified real-ro mount option across all filesystems
Date: Fri, 18 Dec 2015 09:29:16 +0800 [thread overview]
Message-ID: <5673616C.1040706@cn.fujitsu.com> (raw)
In-Reply-To: <567228EF.80007@redhat.com>
Eric Sandeen wrote on 2015/12/16 21:15 -0600:
> <xfs list address fixed>
>
> On 12/16/15 7:41 PM, Qu Wenruo wrote:
>> Hi,
>>
>> In a recent btrfs patch, it is going to add a mount option to disable
>> log replay for btrfs, just like "norecovery" for ext4/xfs.
>>
>> But in the discussion on the mount option name and use case, it seems
>> better to have an unified and fs independent mount option alias for
>> real RO mount
>>
>> Reasons:
>> 1) Some file system may have already used [no]"recovery" mount option
>> In fact, btrfs has already used "recovery" mount option.
>> Using "norecovery" mount option will be quite confusing for btrfs.
>
> Too bad btrfs picked those semantics when "norecovery" has existed on
> other filesystems for quite some time with a different meaning... :(
>
>> 2) More straight forward mount option
>> Currently, to get real RO mount, for ext4/xfs, user must use -o
>> ro,norecovery.
>> Just ro won't ensure real RO, and norecovery can't be used alone.
>> If we have a simple alias, it would be much better for user to use.
>> (it maybe done just in user space mount)
>
> mount(8) simply says:
>
> ro Mount the filesystem read-only.
>
> and mount(2) is no more illustrative:
>
> MS_RDONLY
> Mount file system read-only.
>
> kernel code is no help, either:
>
> #define MS_RDONLY 1 /* Mount read-only */
>
> They say nothing about what, exactly, "read-only" means. But since at least
> the early ext3 days, it means that you cannot write through the filesystem, not
> that the filesystem will leave the block device unmodified when it mounts.
>
> I have always interpreted it as simply "no user changes to the filesystem,"
> and that is clearly what the vfs does with the flag...
>
>> Not to mention some fs (yeah, btrfs again) doesn't have "norecovery"
>> but "nologreplay".
>
> well, again, btrfs picked unfortunate semantics, given the precedent set
> by other filesystems.
>
> f2fs, ext4, gfs2, nilfs2, and xfs all support "norecovery" - xfs since
> forever, ext4 & f2fs since 2009, etc.
I understand it's btrfs' fault.
Considering how many filesystems are already using "norecovery", it is
almost a standard.
Not sure if it's possible to change the "recovery" mount option to other
name for btrfs, but it seems using "norecovery" would be the best solution.
>
>> 3) A lot of user even don't now mount ro can still modify device
>> Yes, I didn't know this point until I checked the log replay code of
>> btrfs.
>> Adding such mount option alias may raise some attention of users.
>
> Given that nothing in the documentation implies that the block device itself
> must remain unchanged on a read-only mount, I don't see any problem which
> needs fixing. MS_RDONLY rejects user IO; that's all.
And thanks for the info provided by Karel, it's clear that at least
mount(8) itself already has explain on what ro will do and what it won't do.
Thanks,
Qu
>
> If you want to be sure your block device rejects all IO for forensics or
> what have you, I'd suggest # blockdev --setro /dev/whatever prior to mount,
> and take it out of the filesystem's control. Or better yet, making an
> image and not touching the original.
>
> -Eric
>
>> Any ideas about this?
>
>
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
>
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
WARNING: multiple messages have this Message-ID (diff)
From: Qu Wenruo <quwenruo@cn.fujitsu.com>
To: Eric Sandeen <sandeen@redhat.com>,
fsdevel <linux-fsdevel@vger.kernel.org>,
btrfs <linux-btrfs@vger.kernel.org>,
kzak@redhat.com
Cc: linux-ext4@vger.kernel.org, xfs@oss.sgi.com
Subject: Re: Ideas on unified real-ro mount option across all filesystems
Date: Fri, 18 Dec 2015 09:29:16 +0800 [thread overview]
Message-ID: <5673616C.1040706@cn.fujitsu.com> (raw)
In-Reply-To: <567228EF.80007@redhat.com>
Eric Sandeen wrote on 2015/12/16 21:15 -0600:
> <xfs list address fixed>
>
> On 12/16/15 7:41 PM, Qu Wenruo wrote:
>> Hi,
>>
>> In a recent btrfs patch, it is going to add a mount option to disable
>> log replay for btrfs, just like "norecovery" for ext4/xfs.
>>
>> But in the discussion on the mount option name and use case, it seems
>> better to have an unified and fs independent mount option alias for
>> real RO mount
>>
>> Reasons:
>> 1) Some file system may have already used [no]"recovery" mount option
>> In fact, btrfs has already used "recovery" mount option.
>> Using "norecovery" mount option will be quite confusing for btrfs.
>
> Too bad btrfs picked those semantics when "norecovery" has existed on
> other filesystems for quite some time with a different meaning... :(
>
>> 2) More straight forward mount option
>> Currently, to get real RO mount, for ext4/xfs, user must use -o
>> ro,norecovery.
>> Just ro won't ensure real RO, and norecovery can't be used alone.
>> If we have a simple alias, it would be much better for user to use.
>> (it maybe done just in user space mount)
>
> mount(8) simply says:
>
> ro Mount the filesystem read-only.
>
> and mount(2) is no more illustrative:
>
> MS_RDONLY
> Mount file system read-only.
>
> kernel code is no help, either:
>
> #define MS_RDONLY 1 /* Mount read-only */
>
> They say nothing about what, exactly, "read-only" means. But since at least
> the early ext3 days, it means that you cannot write through the filesystem, not
> that the filesystem will leave the block device unmodified when it mounts.
>
> I have always interpreted it as simply "no user changes to the filesystem,"
> and that is clearly what the vfs does with the flag...
>
>> Not to mention some fs (yeah, btrfs again) doesn't have "norecovery"
>> but "nologreplay".
>
> well, again, btrfs picked unfortunate semantics, given the precedent set
> by other filesystems.
>
> f2fs, ext4, gfs2, nilfs2, and xfs all support "norecovery" - xfs since
> forever, ext4 & f2fs since 2009, etc.
I understand it's btrfs' fault.
Considering how many filesystems are already using "norecovery", it is
almost a standard.
Not sure if it's possible to change the "recovery" mount option to other
name for btrfs, but it seems using "norecovery" would be the best solution.
>
>> 3) A lot of user even don't now mount ro can still modify device
>> Yes, I didn't know this point until I checked the log replay code of
>> btrfs.
>> Adding such mount option alias may raise some attention of users.
>
> Given that nothing in the documentation implies that the block device itself
> must remain unchanged on a read-only mount, I don't see any problem which
> needs fixing. MS_RDONLY rejects user IO; that's all.
And thanks for the info provided by Karel, it's clear that at least
mount(8) itself already has explain on what ro will do and what it won't do.
Thanks,
Qu
>
> If you want to be sure your block device rejects all IO for forensics or
> what have you, I'd suggest # blockdev --setro /dev/whatever prior to mount,
> and take it out of the filesystem's control. Or better yet, making an
> image and not touching the original.
>
> -Eric
>
>> Any ideas about this?
>
>
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
>
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
next prev parent reply other threads:[~2015-12-18 1:29 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-17 1:41 Ideas on unified real-ro mount option across all filesystems Qu Wenruo
2015-12-17 1:58 ` Qu Wenruo
2015-12-17 3:15 ` Eric Sandeen
2015-12-17 3:15 ` Eric Sandeen
2015-12-17 3:26 ` Darrick J. Wong
2015-12-17 3:26 ` Darrick J. Wong
2015-12-17 14:35 ` Carlos E. R.
2015-12-17 14:58 ` Carlos E. R.
2015-12-17 14:08 ` Karel Zak
2015-12-17 14:08 ` Karel Zak
2015-12-18 1:29 ` Qu Wenruo [this message]
2015-12-18 1:29 ` Qu Wenruo
2015-12-18 1:29 ` Qu Wenruo
2015-12-18 2:01 ` Christoph Anton Mitterer
2015-12-18 2:01 ` Christoph Anton Mitterer
2015-12-18 2:51 ` Eric Sandeen
2015-12-18 2:51 ` Eric Sandeen
2015-12-18 4:20 ` Christoph Anton Mitterer
2015-12-18 4:20 ` Christoph Anton Mitterer
2015-12-22 1:32 ` Kai Krakow
2015-12-22 1:32 ` Kai Krakow
2015-12-22 1:32 ` Kai Krakow
2015-12-22 12:41 ` Austin S. Hemmelgarn
2015-12-23 23:22 ` Stewart Smith
2015-12-23 23:22 ` Stewart Smith
2015-12-26 22:53 ` Dave Chinner
2015-12-26 22:53 ` Dave Chinner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5673616C.1040706@cn.fujitsu.com \
--to=quwenruo@cn.fujitsu.com \
--cc=kzak@redhat.com \
--cc=linux-btrfs@vger.kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=sandeen@redhat.com \
--cc=xfs@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.