From: Ian Kelling <ian@iankelling.org>
To: Hugo Mills <hugo@carfax.org.uk>
Cc: linux-btrfs@vger.kernel.org
Subject: Re: Could receive allow updating an existing subvolume?
Date: Tue, 08 Nov 2016 15:15:34 -0800 [thread overview]
Message-ID: <1478646934.2753701.781728689.373545C7@webmail.messagingengine.com> (raw)
In-Reply-To: <20161108230057.GQ16645@carfax.org.uk>
On Tue, Nov 8, 2016, at 03:00 PM, Hugo Mills wrote:
> On Tue, Nov 08, 2016 at 02:48:56PM -0800, Ian Kelling wrote:
> > It seems to be an artificially imposed limitation which hurts which
> > hurts its usefulness. Let me know if this makes sense. If so, perhaps it
> > can be implemented eventually. It seems a bit obvious but I couldn't
> > find any existing discussion of it.
>
> It's not artificial -- it's ensuring safety of operation.
No, it doesn't ensure the subvolume is not modified, so it IS
artificial. I can still set the subvolume to rw before or probably
during the send and modify a file and mess things up.
>
> If the sender sends an incremental stream, that assumes an *exact*
> subvol state on the receiving side. If the subvol on the receiving
> side is modified, then the receive can fail.
No. The reading program never needs to have access to rw files if it's
reading from a read-only mountpoint while the subvolume is rw and
mounted as such elsewhere. And a reading program does not magically risk
writes.
>
> So, the assumption is that the reference subvol on the receiving
> side (equivalent to the -p subvol on the sending side) hasn't been
> changed since it was received. The same assumption applies to the -p
> subvol on the sending side.
>
> Now, receive is a fully userspace tool, so it would have to set the
> subvol to RW, then update it, then set it to RO. The subvol risks
> being modified by other processes during that window -- *particularly*
> if it's actively being read by those other processes.
No. The reading program never needs to have access to rw files if it's
reading from a read-only mountpoint while the subvolume is rw and
mounted as such elsewhere. And a reading program does not magically risk
writes.
>
> Note that this is still an issue with the current situation, but
> the expectation is that nothing's going to be actively reading that
> location at the time the receive is running. But, if something does go
> wrong with the receive, it's possible to abort and restart the
> process. If you're modifying an existing subvol, there's no
> recoverability if something goes wrong halfway through.
No. You could recover using the snapshot that I mentioned.
> Hugo.
So my question still stands.
next prev parent reply other threads:[~2016-11-08 23:15 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-08 22:48 Could receive allow updating an existing subvolume? Ian Kelling
2016-11-08 23:00 ` Hugo Mills
2016-11-08 23:15 ` Ian Kelling [this message]
2016-11-08 23:17 ` Ian Kelling
2016-11-09 12:26 ` Austin S. Hemmelgarn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1478646934.2753701.781728689.373545C7@webmail.messagingengine.com \
--to=ian@iankelling.org \
--cc=hugo@carfax.org.uk \
--cc=linux-btrfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).