From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from [140.186.70.92] (port=33165 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1P9Hlm-0006Uw-IK
	for Qemu-devel@nongnu.org; Fri, 22 Oct 2010 09:34:55 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <kwolf@redhat.com>) id 1P9Hlk-0000gT-W6
	for Qemu-devel@nongnu.org; Fri, 22 Oct 2010 09:34:54 -0400
Received: from mx1.redhat.com ([209.132.183.28]:1025)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <kwolf@redhat.com>) id 1P9Hlk-0000g9-ND
	for Qemu-devel@nongnu.org; Fri, 22 Oct 2010 09:34:52 -0400
Message-ID: <4CC19322.7050205@redhat.com>
Date: Fri, 22 Oct 2010 15:35:30 +0200
From: Kevin Wolf <kwolf@redhat.com>
MIME-Version: 1.0
Subject: Re: [Qemu-devel] bdrv_flush for qemu block drivers nbd,
	rbd and sheepdog
References: <4CC04920.8040902@redhat.com> <4CC05744.1060204@codemonkey.ws>
	<1287689572.2724.0.camel@Quad> <4CC14B60.7090900@redhat.com>
	<4CC18A89.1060802@codemonkey.ws>
In-Reply-To: <4CC18A89.1060802@codemonkey.ws>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Anthony Liguori <anthony@codemonkey.ws>
Cc: Laurent Vivier <Laurent@vivier.eu>, Qemu-devel@nongnu.org

Am 22.10.2010 14:58, schrieb Anthony Liguori:
> On 10/22/2010 03:29 AM, Kevin Wolf wrote:
>>> I agree.
>>>      
>> Of course, as Laurent said a while ago, there is no specification for
>> NBD, so it's hard to say what the intended semantics is.
>>
>> However, I did have a look at the nbdserver code and it looks as if it
>> implements something similar to writethrough (namely fsync after each
>> write) only if configured this way on the server side. qemu-nbd defaults
>> to writethrough, but can be configured to use cache=none. So with either
>> server qemu as a client can't tell whether the data is safe on disk or not.
>>
>> In my book this is a strong argument for refusing to open nbd
>> connections with anything but cache=unsafe.
>>    
> 
> On a physical system, if you don't have a battery backed disk and you 
> enable the WC on your disk, then even with cache=writethrough we're unsafe.

I don't think that's right. O_SYNC should guarantee that the volatile
disk cache is flushed.

> Likewise, if you mount your filesystem with barrier=0, QEMU is unsafe.

Yeah, if you do something equivalent to cache=unsafe on a lower layer,
then qemu can't do much about it. Maybe you can apply the same argument
to NBD, even though it's unsafe by default.

> QEMU can't guarantee safety.  The underlying storage needs to be 
> configured correctly.  As long as we're not introducing caching within 
> QEMU, I don't think we should assume we're unsafe.
> 
> Do we have any place where we can add docs on a per-block format basis?  
> It would be good to at least mention for each block device how the 
> backing storage needed to be configured for safety.

docs/block-protocols.txt?

Kevin