From: Marco Stornelli <marco.stornelli@gmail.com>
To: Jamie Lokier <jamie@shareable.org>
Cc: Linux Embedded <linux-embedded@vger.kernel.org>,
Linux Kernel <linux-kernel@vger.kernel.org>,
Linux FS Devel <linux-fsdevel@vger.kernel.org>,
Daniel Walker <dwalker@soe.ucsc.edu>
Subject: Re: [PATCH 00/14] Pramfs: Persistent and protected ram filesystem
Date: Thu, 25 Jun 2009 08:44:28 +0200 [thread overview]
Message-ID: <2ea1731b0906242344x5c8a6e58t5f82377be3d73411@mail.gmail.com> (raw)
In-Reply-To: <20090624174140.GH14121@shareable.org>
2009/6/24 Jamie Lokier <jamie@shareable.org>:
> Marco wrote:
>> > Second question: what happens if the system crashing _during_ a write
>> > to a file. Does it mean that file will fail it's checksum when it's
>> > read at the next boot?
>> >
>> > Maybe files aren't so important. What about when you write a file,
>> > and then rename it over an existing file to replace it. (E.g. a
>> > config file), and the system crashes _during_ the rename? At the next
>> > boot, is it guaranteed to see either the old or the new file, or can
>> > the directory be corrupt / fail it's checksum?
>>
>> First of all I have to explain better the current policy: the checksum
>> works at inode and superblock level and currently there isn't a recovery
>> function as the journaling. About the superblock it's easy to use a
>> redundant policy to be more robust.
>
> To be honest, superblock robustness is less of a concern. The real
> concern is losing file or directory contents, so it can't be used to
> store persistent configuration data, only debugging logs.
>
>> About the inode, at the moment when the checksum doesn't match the
>> inode it's marked as bad calling the function make_bad_inode().
>
> Let's see if I understand right.
>
> If it lose power when writing to a file, after boot the file is likely
> to be marked bad and so return -EIO instead of any file contents?
Depends on the checksum. If you lose power before the checksum update
of the inode
you'll have a bad inode and then an -EIO at the next access.
>
> If it loses power when doing atomic rename (to replace config files,
> for example), it's likely that the whole /pramfs/configs/ directory
> will be corrupt, because the rename is writing to the directory inode,
> so you lose access to all names in that directory?
>
> That sounds like it can't be used for persistent configuration data.
It's true from this point of view currently there is a lack for this
and it needs a bit of effort to resolve this problem.
From this point of view I'd like to point out that I know that there
was some aspects to study in a deeper way, so I'll need
of more then one review :) but since this fs has been abandoned since
2004 and it hadn't ever reviewed, it was important
to do a serious review with the kernel community to understand all the
problems.
>
> If a directory is marked as bad, or a file-inode in it is marked bad,
> can you even rmdir it to clean up and start again?
>
You can start again always. You can remount the fs with the init
option and then you'll have a new fs.
Marco
next prev parent reply other threads:[~2009-06-25 6:44 UTC|newest]
Thread overview: 53+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-06-13 13:20 [PATCH 00/14] Pramfs: Persistent and protected ram filesystem Marco
2009-06-13 13:41 ` Daniel Walker
2009-06-13 15:59 ` Jamie Lokier
2009-06-14 7:15 ` Marco
2009-06-14 11:08 ` Artem Bityutskiy
2009-06-15 15:51 ` Bryan Henderson
2009-06-15 17:42 ` Marco
2009-06-14 11:46 ` Jamie Lokier
2009-06-14 16:04 ` Marco
2009-06-16 15:07 ` Jamie Lokier
2009-06-16 19:15 ` Marco
2009-06-24 17:41 ` Jamie Lokier
2009-06-25 6:44 ` Marco Stornelli [this message]
2009-06-26 11:30 ` Jamie Lokier
2009-06-26 16:56 ` Marco
2009-06-24 14:21 ` Pavel Machek
2009-06-21 6:40 ` Pavel Machek
2009-06-21 17:34 ` Marco
2009-06-21 20:52 ` Pavel Machek
2009-06-22 6:33 ` Marco Stornelli
2009-06-22 17:20 ` Pavel Machek
2009-06-22 17:31 ` Tim Bird
2009-06-22 17:37 ` Pavel Machek
2009-06-22 18:07 ` Marco
2009-06-22 20:40 ` Henrique de Moraes Holschuh
2009-06-22 20:40 ` Pavel Machek
2009-06-22 21:50 ` Tim Bird
2009-06-22 21:57 ` Pavel Machek
2009-06-22 22:38 ` Pavel Machek
2009-06-22 23:26 ` Chris Friesen
2009-06-23 1:42 ` David VomLehn
2009-06-23 18:07 ` Marco
2009-06-23 18:29 ` Pavel Machek
2009-06-24 17:47 ` Jamie Lokier
2009-06-25 6:32 ` Marco Stornelli
2009-06-22 18:55 ` Tim Bird
2009-06-22 21:02 ` Pavel Machek
2009-06-22 22:02 ` Tim Bird
2009-06-22 18:08 ` Marco
2009-06-15 17:15 ` Tim Bird
2009-06-15 17:44 ` Marco
2009-06-15 17:58 ` Tim Bird
2009-06-17 18:32 ` Chris Friesen
2009-06-18 6:35 ` Marco Stornelli
[not found] <4a4254e2.09c5660a.109d.46f8@mx.google.com>
2009-06-24 16:49 ` Marco
2009-06-24 17:38 ` Marco
2009-06-24 17:59 ` Pavel Machek
2009-06-25 6:30 ` Marco Stornelli
2009-06-28 8:59 ` Pavel Machek
2009-06-28 16:44 ` Marco Stornelli
2009-06-28 17:33 ` Marco Stornelli
2009-07-09 23:42 ` Pavel Machek
2009-06-24 17:46 ` Pavel Machek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2ea1731b0906242344x5c8a6e58t5f82377be3d73411@mail.gmail.com \
--to=marco.stornelli@gmail.com \
--cc=dwalker@soe.ucsc.edu \
--cc=jamie@shareable.org \
--cc=linux-embedded@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).