Received: by 2002:a05:6a10:f3d0:0:0:0:0 with SMTP id a16csp5711197pxv; Wed, 7 Jul 2021 09:58:46 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxRANrmwtlhoIiuvpP437N2EB/vaE57dVNpZWZ+CpAh/+ZMjcuheEFVUxzv7634bt+9iJsy X-Received: by 2002:a92:7c11:: with SMTP id x17mr17649646ilc.224.1625677126515; Wed, 07 Jul 2021 09:58:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1625677126; cv=none; d=google.com; s=arc-20160816; b=QUNxUWpbW+huWWXsCWrpRm5AEsVKv0OiEx5buc+n8cz6o8bJiEpC1gOv1F9FZ98aCm JwR8lSkFu+ySPdkjunkbIn0/OL6TAC/jlZ0YUFgMC4Yx95gWuisjceOUvBdBDwE1IPxn lgr3f5U6bhuLiWLpFCJTjI28lMuvPJ0EIm+kNKtp9UEv7wvJmuDpnrYlbUsiAFJNXT+P TW4PZpfZ9r8ta+1O3Yr+6T9v/ghw2MHpQUphsM4tMMsQDsQz1KS3TW/EuZIzFV8fl/WE Rp291B6okzh6ChkIb7YO7bPZZhQwjlUCxMxaXgH7GbAP9GXsHdAgNOdnBEFRzs+t/zzL Xkkg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=QBLMTjT5rw8LxCy3+J2XGzf1QlVDKpVFmCEVl9I265g=; b=BaWFudz7XFOdfn0yHbFxEcBtSG04X0xXZxl7OnTG2weLh4Jj7hairksIWtOxyTc8n+ Ji/uHPMo7rpPUXG0eek+QU3nr02SU+3KdhKHF0qT3xa7HtguVAPfBN06f4JS00hP/dWC 4JKsK3XMbfruvCTIFkcvJdO71UxdhLAQOVnmoBIkqAjbzEemfI4Lob6cbvwkd6NSlAYR ItQopSmlHNqSbK+23JU+eqq52TffSdJrJq+wBrhiJ6Z5S6m27rtfgHUQtq6RNgNLMwVr xaxARNcNoFAih7hfWeFJFYLZZCsk9wmvJj1Vmwb2Q8OZHHou9IfJZnEK01HfrkpoofhR LIYg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h5si25059111iol.44.2021.07.07.09.58.33; Wed, 07 Jul 2021 09:58:46 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230382AbhGGRBF (ORCPT + 99 others); Wed, 7 Jul 2021 13:01:05 -0400 Received: from outgoing-auth-1.mit.edu ([18.9.28.11]:50852 "EHLO outgoing.mit.edu" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S230376AbhGGRBE (ORCPT ); Wed, 7 Jul 2021 13:01:04 -0400 Received: from cwcc.thunk.org (pool-72-74-133-215.bstnma.fios.verizon.net [72.74.133.215]) (authenticated bits=0) (User authenticated as tytso@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 167Gw96L029559 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 7 Jul 2021 12:58:10 -0400 Received: by cwcc.thunk.org (Postfix, from userid 15806) id CA98E15C3CC6; Wed, 7 Jul 2021 12:58:09 -0400 (EDT) Date: Wed, 7 Jul 2021 12:58:09 -0400 From: "Theodore Ts'o" To: Christoph Hellwig Cc: leah.rumancik@gmail.com, linux-ext4@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, linux-block@vger.kernel.org, linux-scsi@vger.kernel.org, linux-nvme@lists.infradead.org Subject: Re: [PATCH] ext4: fix EXT4_IOC_CHECKPOINT Message-ID: References: <20210707085644.3041867-1-hch@lst.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20210707085644.3041867-1-hch@lst.de> Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org On Wed, Jul 07, 2021 at 10:56:44AM +0200, Christoph Hellwig wrote: > Issuing a discard for any kind of "contention deletion SLO" is highly > dangerous as discard as defined by Linux (as well the underlying NVMe, > SCSI, ATA, eMMC and virtio primitivies) are defined to not guarantee > erasing of data but just allow optional and nondeterministic reclamation > of space. Instead issuing write zeroes is the only think to perform > such an operation. Remove the highly dangerous and misleading discard > mode for EXT4_IOC_CHECKPOINT and only support the write zeroes based > on, and clean up the resulting mess including the dry run mode. A discard is not "dangerous"; how it behaves is simply not necessarily guaranteed by the standards specification. The userspace which uses the ioctl simply needs to know how a particular block device might react when it is given a discard. I'll note that there is a similar issue with "WRITE SAME" or "ZEROOUT. A WRITE SAME might take a fraction of a second --- or it might take days --- depending on how the storage device is implemented. It is similarly unspecified by the various standards specification. Hence, userspace needs to know something about the block device before deciding whether or not it would be good idea to issue a "WRITE SAME" operation for large number of blocks. This is why the API is implemented in terms of what command will be issued to the block device, and not what the semantic meaning is for that particular command. That's up to the userspace application to know out of band, and we should be able to give the privileged application the freedom to decide which command makes the most amount of sense. - Ted