Re: ext4 features
From: Ric Wheeler
Date: Thu Jul 06 2006 - 13:26:54 EST
Krzysztof Halasa wrote:
Ric Wheeler <ric@xxxxxxx> writes:
Having a checksum (or even a digital signature on a file) that lets us
detect corruption is very useful since, in many cases, it allows us to
flag the file as corrupt before it gets used.
We can't have that. Sector/block/etc. checksums - yes.
I certainly don't object to sector and block checksums, but they do
require a specially formatted disk or high end array (which my employer
would be happy to sell you ;-)).
If you record a per sector or FS block level checksum in user space, you
have to keep in mind the sheer size of today's commodity disks and the
amount of space that would consume - it would be much more efficient to
store one such signature per file. Where you put those
checksums/signatures and when you look at them/update them/validate them
can cause lots of headaches.
A checksum, signature, hash etc. of the whole file would require
actually reading the whole file. It can be done by tripwire or
backup, and even by fsck, but not by the filesystem in normal
operation.
There was some talk about this at the file system mini-summit.
Clearly, you would not want to compute (and continually update) the
checksum/signature on an actively written file.
It might be useful to compute at close time (or when you set a special
attr, etc). We could also special case sequentially written files
(storing & updating the partial signature as we go, but that could be a
bit iffy).
The key is to keep the signature/checksum with the file - tripwire and
backup programs could do this (and even store it their own extended
attribute), but I think that it is more generically useful than that.
If you care enough about the data integrity of a file, having this kind
of optional validation on any open would be very useful.
ric
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/