From: Greg Banks <gnb@melbourne.sgi.com>
To: David Chinner <dgc@sgi.com>
Cc: xfs-dev <xfs-dev@sgi.com>, xfs-oss <xfs@oss.sgi.com>
Subject: Re: [PATCH] Don't initialise new inode generation numbers to zero V2
Date: Tue, 22 Apr 2008 14:05:47 +1000 [thread overview]
Message-ID: <480D641B.8060301@melbourne.sgi.com> (raw)
In-Reply-To: <20080422015806.GU108924158@sgi.com>
David Chinner wrote:
> Don't initialise new inode generation numbers to zero
>
> When we allocation new inode chunks, we initialise the generation
> numbers to zero. This works fine until we delete a chunk and then
> reallocate it, resulting in the same inode numbers but with a
> reset generation count. This can result in inode/generation
> pairs of different inodes occurring relatively close together.
>
> Given that the inode/gen pair makes up the "unique" portion of
> an NFS filehandle on XFS, this can result in file handles cached
> on clients being seen on the wire from the server but refer to
> a different file. This causes .... issues for NFS clients.
>
> Hence we need a unique generation number initialisation for
> each inode to prevent reuse of a small portion of the generation
> number space. Make this initialiser per-allocation group so
> that it is not a single point of contention in the filesystem,
> and increment it on every allocation within an AG to reduce the
> chance that a generation number is reused for a given inode number
> if the inode chunk is deleted and reallocated immediately
> afterwards.
>
> Version 2:
> o remove persistent per-AGI agi_newinogen field and replace with
> randomly generated 32 bit number for each new cluster. This prevents
> NFS clients from potentially guessing what the next generation
> number is going to be.
>
I'm confused, why would an NFS client be trying to guess the generation
number? AFAICS the important thing is to ensure that the (inode,gen)
tuple isn't reused for a long time to prevent accidental filehandle
identity issues on clients; whether the gen is predictable or not
doesn't matter at all. You could just as well use a 32 bit hash of the
nanosecond-precision timestamp when the inode cluster is first
allocated. This patch seems to me to be draining entropy from the
random bit pool, which is needed for important things on the network,
for little benefit.
--
Greg Banks, P.Engineer, SGI Australian Software Group.
The cake is *not* a lie.
I don't speak for SGI.
next prev parent reply other threads:[~2008-04-22 4:06 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-04-22 1:58 [PATCH] Don't initialise new inode generation numbers to zero V2 David Chinner
2008-04-22 4:05 ` Greg Banks [this message]
2008-04-22 5:04 ` David Chinner
2008-04-25 8:57 ` Christoph Hellwig
2008-04-28 3:11 ` David Chinner
2008-04-28 5:59 ` Christoph Hellwig
2008-04-28 6:20 ` David Chinner
2008-04-28 6:25 ` Christoph Hellwig
2008-04-28 3:24 ` Greg Banks
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=480D641B.8060301@melbourne.sgi.com \
--to=gnb@melbourne.sgi.com \
--cc=dgc@sgi.com \
--cc=xfs-dev@sgi.com \
--cc=xfs@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox