On Wed, Oct 23, 2019 at 11:21 PM Richard Weinberger <richard.weinberger@xxxxxxxxx> wrote: > > On Wed, Oct 23, 2019 at 7:16 PM Pali Rohár <pali.rohar@xxxxxxxxx> wrote: > > On Wednesday 23 October 2019 16:21:19 Chris Murphy wrote: > > > On Wed, Oct 23, 2019 at 1:50 PM Pali Rohár <pali.rohar@xxxxxxxxx> wrote: > > > > I do not think that kernel guarantee for any filesystem that rename > > > > operation would be atomic on underlying disk storage. > > > > > > > > But somebody else should confirm it. > > > > > > I don't know either or how to confirm it. > > > > Somebody who is watching linuxfs-devel and has deep knowledge in this > > area... could provide more information. > > This is filesystem specific. > For example on UBIFS we make sure that the rename operation is atomic. > Changing multiple directory entries is one journal commit, so either it happened > completely or not at all. > On JFFS2, on the other hand, rename can degrade to a hard link. > > I'd go so far and claim that any modern Linux filesystem guarantees > that rename is atomic. Any atomicity that depends on journal commits cannot be considered to have atomicity in a boot context, because bootloaders don't do journal replay. It's completely ignored. If a journal is present, is it appropriate to consider it a separate and optional part of the file system? I don't know for sure but I can pretty much guess any of the bootloader upstreams would say: we are not file system experts, if file system developers consider the journal inseparable from the file system, and that journal replay is non-optional when indicated that it should be performed, then we welcome patches from file system developers to add such support in bootladers X, Y, and Z. And having already asked about bootloaders doing journal replay on XFS list, and maybe a while ago on ext4 list (I forget) that was sorta taken as a bit of comedy. Like, how would that work? And it'd inevitably lead to a fork in journal replay code. Possibly more than one to account for the different bootloader limitations and memory handling differences, etc. So it's not very realistic. Probably. And more realistic if they aren't separable is, if you care about atomic guarantees for things related to bootloading, don't use journaled file systems. Proscribed. Which is why this thread exists to see what can be done about FAT since it's really the only file system we have to be able to boot from. --- Chris Murphy -- Chris Murphy
