On Tue, Oct 15, 2019 at 09:10:04AM -0400, Theodore Y. Ts'o wrote: > On Tue, Oct 15, 2019 at 01:01:02AM -0700, Christoph Hellwig wrote: > > On Mon, Oct 14, 2019 at 03:09:48PM -0500, Eric Sandeen wrote: > > > We're in agreement here. ;) I only worry about implementing things like this > > > which sound like guarantees, but aren't, and end up encouraging bad behavior > > > or promoting misconceptions. > > > > > > More and more, I think we should reconsider Darrick's "bootfs" (ext2 by another > > > name, but with extra-sync-iness) proposal... > > > > Having a separate simple file system for the boot loader makes a lot of > > sense. Note that vfat of EFI is the best choice, but at least it is > > something. SysV Unix from the 90s actually had a special file system just > > for that, and fs/bfs/ in Linux supports that. So this isn't really a new > > thing either. > > Did you mean to say "vfaat of EFI isn't the best choice"? > > If we were going to be doing something like "bootfs", what sort of > semantics would be sufficient? Is doing an implied fsync() on every > close(2) enough, or do we need to do something even more conservative? I'm assuming you'd also want to make sure the journal checkpoints as part of fsync, right? Aside from being an April Fools joke, bootfs[1] does implement the semantics I needed to fix all the complaining about grub being broken. 8-) Granted there's also the systemd bootloader spec[2] which says FAT{16,32}... [1] https://lore.kernel.org/linux-fsdevel/20190401070001.GJ1173@magnolia/ [2] https://systemd.io/BOOT_LOADER_SPECIFICATION.html --D > - Ted