Re: [PATCH] mmc: add module parameter to set whether cards areassumed removable

[Pierre Ossman]

On Tue, 17 Nov 2009 08:53:00 +0100
Stefan Richter <stefanr@xxxxxxxxxxxxxxxxx> wrote:

> Ben Hutchings wrote:
> > In general, it is not possible to tell whether a card present in an MMC
> > slot after resume is the same that was there before suspend.
> 
> That's true for virtually all storage devices, not just MMC.
> 
> > So there are two possible behaviours, each of which will cause data
> > loss in some cases:
> > 
> > CONFIG_MMC_UNSAFE_RESUME=n (default): Cards are assumed to be removed
> > during suspend.  Any filesystem on them must be unmounted before
> > suspend; otherwise, buffered writes will be lost.
> > 
> > CONFIG_MMC_UNSAFE_RESUME=y: Cards are assumed to remain present during
> > suspend.  They must not be swapped during suspend; otherwise, buffered
> > writes will be flushed to the wrong card.
> > 
> > Currently the choice is made at compile time and this allows that to be
> > overridden at module load time.
> 
> Can't the kernel flush the write buffer at suspend time, so that you can
> remove this choice for good?

I'm afraid that's insufficient. What it would need to do is to is
flush everything (to make sure what's on disk matches what's in
memory), but also read back the filesystem on resume to verify that
nothing else modified it (i.e. making sure what's on disk still matches
what's in memory).

Another way of putting it is that the kernel needs to umount/mount
around suspend in a way that's transparent to users of the filesystem.

Until we have such a system in place then everything will be hacks
which only shift around the problem.

Rgds
-- 
     -- Pierre Ossman

  WARNING: This correspondence is being monitored by FRA, a
  Swedish intelligence agency. Make sure your server uses
  encryption for SMTP traffic and consider using PGP for
  end-to-end encryption.

Attachment: signature.asc
Description: PGP signature