Re: ext4 features

From: Ric Wheeler
Date: Thu Jul 06 2006 - 13:26:54 EST


Krzysztof Halasa wrote:

Ric Wheeler <ric@xxxxxxx> writes:



Having a checksum (or even a digital signature on a file) that lets us
detect corruption is very useful since, in many cases, it allows us to
flag the file as corrupt before it gets used.



We can't have that. Sector/block/etc. checksums - yes.


I certainly don't object to sector and block checksums, but they do require a specially formatted disk or high end array (which my employer would be happy to sell you ;-)).

If you record a per sector or FS block level checksum in user space, you have to keep in mind the sheer size of today's commodity disks and the amount of space that would consume - it would be much more efficient to store one such signature per file. Where you put those checksums/signatures and when you look at them/update them/validate them can cause lots of headaches.

A checksum, signature, hash etc. of the whole file would require
actually reading the whole file. It can be done by tripwire or
backup, and even by fsck, but not by the filesystem in normal
operation.


There was some talk about this at the file system mini-summit. Clearly, you would not want to compute (and continually update) the checksum/signature on an actively written file.

It might be useful to compute at close time (or when you set a special attr, etc). We could also special case sequentially written files (storing & updating the partial signature as we go, but that could be a bit iffy).

The key is to keep the signature/checksum with the file - tripwire and backup programs could do this (and even store it their own extended attribute), but I think that it is more generically useful than that.

If you care enough about the data integrity of a file, having this kind of optional validation on any open would be very useful.

ric


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/