ext3 default compile time option should be changed from writeback to ordered
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
High
|
Surbhi Palande | ||
Karmic |
Fix Released
|
High
|
Surbhi Palande | ||
Lucid |
Fix Released
|
High
|
Surbhi Palande |
Bug Description
SRU Justification:
Impact: The default writeback mode for ext3 changed implicitly in Karmic without notice. The new default is supposed to be faster (though it seems not that much) but also can cause more likely data corruption when the system crashes.
Fix: Change back the default mode to "ordered" which was used before, is used for Lucid too and is recommended by fs developers anyway.
Testcase: cat /proc/mounts should show ext3 filesystems with data=ordered (if no special intervention was done to change that).
---
Imagine A and B to be the steps of a journaling operation.
data = ordered mode
A) Write data to FS on disk
B) Write metadata to journal
For data = writeback mode
the above steps - A) and B) could switch order.
So you could have the following:
A) write meta data to journal first and then
B) write data to FS on disk
OR
A) write data to FS on disk first and then
B) write metadata to journal.
(since the order is not guranteed in data=writeback mode)
Now imagine a reboot/crash/kernel lockup occurring in between steps A and B
A)
CRASH
B) cannot take place because of the crash.
Now look at data = ordered mode. Since data is always first written to disk before writing the metadata, you always have the most current data on disk. Hence data = ordered gurantees that you will never have stale data on disk.
Whereas for data=writeback mode, when the metadata is written first and you crash before writing the data to fs, this is what happens:
You have stale data, but updated metadata. So what can now happen is, you still read old data and this could be
a security threat (since the user does not expect this behavior) .
However, such a threat does not exist in data=ordered mode. Hence the default mount time option should rightly be data=ordered instead of data = writeback. Change the compile time option accordingly to reflect this change.
Changed in linux-source-2.6.15 (Ubuntu): | |
status: | New → In Progress |
importance: | Undecided → High |
assignee: | nobody → Surbhi Palande (csurbhi) |
description: | updated |
affects: | linux-source-2.6.15 (Ubuntu) → ubuntu |
visibility: | private → public |
description: | updated |
description: | updated |
affects: | Ubuntu Karmic → linux (Ubuntu Karmic) |
This was released in 2.6.32-12.16 for Lucid but unfortuanatly the commit was marked to be ignored so this bug didn't get closed by the janitor:
commit 1182c7174e28445 83451fac2fd9013 543b095adf
Author: Surbhi Palande <email address hidden>
Date: Thu Jan 21 01:05:32 2010 +0000
UBUNTU: [Config] ext3 defaults to ordered mode
BugLink: http:// bugs.launchpad. net/bugs/ 510067
Ignore: yes
To prevent a security threat of older data being inadvertently exposed, the EXT3_DEFAULTS_ TO_ORDERED to
default mount option of ext3 should be ordered instead of writeback. This
patch enables the compile time option CONFIG_
ensure that an ext3 fs mounts with the data=ordered mode.
Signed-off-by: Surbhi Palande <email address hidden>
Signed-off-by: Andy Whitcroft <email address hidden>