Re: [RFC] ext3 freeze feature

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Theodore Tso <tytso@MIT.EDU>
To: Takashi Sato <t-sato@yk.jp.nec.com>,
	linux-ext4@vger.kernel.org, linux-fsdevel@vger.kernel.org,
	linux-kernel@vger.kernel.org
Subject: Re: [RFC] ext3 freeze feature
Date: Fri, 25 Jan 2008 08:33:29 -0500	[thread overview]
Message-ID: <20080125133329.GB8184@mit.edu> (raw)
In-Reply-To: <20080125121851.GA3361@dmon-lap.sw.ru>

On Fri, Jan 25, 2008 at 03:18:51PM +0300, Dmitri Monakhov wrote:
> First of all Linux already have at least one open-source(dm-snap),
> and several commercial snapshot solutions. 

Yes, but it requires that the filesystem be stored under LVM.  Unlike
what EVMS v1 allowed us to do, we can't currently take a snapshot of a
bare block device.  This patch could potentially be useful for systems
which aren't using LVM, however....

> You have to realize what delay between 1-3 stages have to be minimal.
> for example dm-snap perform it only for explicit journal flushing.
> From my experience if delay is more than 4-5 seconds whole system becomes
> unstable.

That's the problem.  You can't afford to freeze for very long.

What you *could* do is to start putting processes to sleep if they
attempt to write to the frozen filesystem, and then detect the
deadlock case where the process holding the file descriptor used to
freeze the filesystem gets frozen because it attempted to write to the
filesystem --- at which point it gets some kind of signal (which
defaults to killing the process), and the filesystem is unfrozen and
as part of the unfreeze you wake up all of the processes that were put
to sleep for touching the frozen filesystem.

The other approach would be to say, "oh well, the freeze ioctl is
inherently dangerous, and root is allowed to himself in the foot, so
who cares".  :-)

But it was this concern which is why ext3 never exported freeze
functionality to userspace, even though other commercial filesystems
do support this.  It wasn't that it wasn't considered, but the concern
about whether or not it was sufficiently safe to make available.

And I do agree that we probably should just implement this in
filesystem independent way, in which case all of the filesystems that
support this already have super_operations functions
write_super_lockfs() and unlockfs().

So if this is done using a new system call, there should be no
filesystem-specific changes needed, and all filesystems which support
those super_operations method functions would be able to provide this
functionality to the new system call.

      	      	     	    		      	 - Ted

P.S.  Oh yeah, it should be noted that freezing at the filesystem
layer does *not* guarantee that changes to the block device aren't
happening via mmap()'ed files.  The LVM needs to freeze writes the
block device level if it wants to guarantee a completely stable
snapshot image.  So the proposed patch doens't quite give you those
guarantees, if that was the intended goal.

next prev parent reply	other threads:[~2008-01-25 13:33 UTC|newest]

Thread overview: 30+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-01-25 10:59 [RFC] ext3 freeze feature Takashi Sato
2008-01-25 11:17 ` Pekka Enberg
2008-01-25 12:42   ` Takashi Sato
2008-01-26  5:17     ` David Chinner
2008-01-26 19:10     ` Christoph Hellwig
2008-01-25 12:18 ` Dmitri Monakhov
2008-01-25 13:33   ` Theodore Tso [this message]
2008-01-25 16:34     ` Eric Sandeen
2008-01-25 16:42       ` Theodore Tso
2008-02-02 13:52         ` Pavel Machek
2008-01-28 13:13     ` Takashi Sato
2008-02-01  3:03       ` Kazuto Miyoshi
2008-01-31  8:53     ` Daniel Phillips
2008-02-07  1:05     ` Takashi Sato
2008-02-08 10:48     ` Takashi Sato
2008-02-08 13:26       ` Andreas Dilger
2008-02-08 14:59         ` Christoph Hellwig
2008-02-15 11:51           ` Takashi Sato
2008-02-15 14:24             ` Eric Sandeen
2008-02-19 11:27               ` t-sato
2008-02-26  8:20                 ` [RFC] ext3 freeze feature ver 0.2 Takashi Sato
2008-02-26 16:39                   ` Eric Sandeen
2008-02-26 17:08                     ` Andreas Dilger
2008-02-27  8:31                       ` Takashi Sato
2008-03-07  9:13                 ` [RFC] freeze feature ver 1.0 Takashi Sato
2008-02-16 13:25             ` [RFC] ext3 freeze feature Christoph Hellwig
2008-02-13  8:23     ` Takashi Sato
2008-01-26  5:35 ` David Chinner
2008-01-26  5:39   ` David Chinner
2008-01-28 13:07   ` Takashi Sato

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20080125133329.GB8184@mit.edu \
    --to=tytso@mit.edu \
    --cc=linux-ext4@vger.kernel.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=t-sato@yk.jp.nec.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox