Index
Home
About
Blog
From: Linus Torvalds <torvalds@linux-foundation.org>
Newsgroups: fa.linux.kernel
Subject: Re: [PATCH -v6 2/2] Updating ctime and mtime for memory-mapped
Date: Fri, 18 Jan 2008 19:37:51 UTC
Message-ID: <fa.RdU9NFU3pfvL7tTCyTM9Qd4TDO4@ifi.uio.no>
On Fri, 18 Jan 2008, Miklos Szeredi wrote:
>
> What I'm saying is that the times could be left un-updated for a long
> time if program doesn't do munmap() or msync(MS_SYNC) for a long time.
Sure.
But in those circumstances, the programmer cannot depend on the mtime
*anyway* (because there is no synchronization), so what's the downside?
Let's face it, there's exactly three possible solutions:
- the insane one: trap EVERY SINGLE instruction that does a write to the
page, and update mtime each and every time.
This one is so obviously STUPID that it's not even worth discussing
further, except to say that "yes, there is an 'exact' algorithm, but
no, we are never EVER going to use it".
- the non-exact solutions that don't give you mtime updates every time
a write to the page happens, but give *some* guarantees for things that
will update it.
This is the one I think we can do, and the only things a programmer can
impact using it is "msync()" and "munmap()", since no other operations
really have any thing to do with it in a programmer-visible way (ie a
normal "sync" operation may happen in the background and has no
progam-relevant timing information)
Other things *may* or may not update mtime (some filesystems - take
most networked one as an example - will *always* update mtime on the
server on writeback, so we cannot ever guarantee that nothing but
msync/munmap does so), but at least we'll have a minimum set of things
that people can depend on.
- the "we don't care at all solutions".
mmap(MAP_WRITE) doesn't really update times reliably after the write
has happened (but might do it *before* - maybe the mmap() itself does).
Those are the three choices, I think. We currently approximate #3. We
*can* do #2 (and there are various flavors of it). And even *aiming* for
#1 is totally insane and stupid.
Linus
From: Linus Torvalds <torvalds@linux-foundation.org>
Newsgroups: fa.linux.kernel
Subject: Re: [PATCH -v6 2/2] Updating ctime and mtime for memory-mapped
Date: Fri, 18 Jan 2008 22:49:17 UTC
Message-ID: <fa.b4sfEGHyq9g9LV/aMBC27WcO2vw@ifi.uio.no>
On Fri, 18 Jan 2008, Ingo Oeser wrote:
>
> Can we get "if the write to the page hits the disk, the mtime has hit the disk
> already no less than SOME_GRANULARITY before"?
>
> That is very important for computer forensics. Esp. in saving your ass!
>
> Ok, now back again to making that fast :-)
I certainly don't mind it if we have some tighter guarantees, but what I'd
want is:
- keep it simple. Let's face it, Linux has never ever given those
guarantees before, and it's not as if anybody has really cared. Even
now, the issue seems to be more about paper standards conformance than
anything else.
- I get worried about people playing around with the dirty bit in
particular. We have had some really rather nasty bugs here. Most of
which are totally impossible to trigger under normal loads (for
example the old random-access utorrent writable mmap issue from about
a year ago).
So these two issues - the big red danger signs flashing in my brain,
coupled with the fact that no application has apparently ever really
noticed in the last 15 years - just makes it a case where I'd like each
step of the way to be obvious and simple and no larger than really
absolutely necessary.
Linus
Index
Home
About
Blog