UBIFS robustness questions
Adrian Hunter
adrian.hunter at nokia.com
Fri Jul 24 02:43:37 EDT 2009
Charles Manning wrote:
> This is probably documented somewhere but I could not find it...
>
> What operations in UBIFS are robust to power failure and which are not?
Only sync operations guarantee that changes have reached the flash.
There are all the usual ways to sync:
fsync/fdatasync a file/directory
open a file as synchronous
mark a file with the sync flag
sync the filesystem
mount the file system as synchronous
> I know for example that writing a file into flash does not mean it has been
> completely written to flash until after a sync, but what about other
> operations such as mv?
After mv, the containing directory must be sync'd to be sure the change reaches the
flash. But rename is atomic so there will always be either the old
naming or the new naming
> The reasonn I'm asking this is that I want to be able to "hot-swap" a
> directory of files without losing any file state.
Should be no problem if you sync correctly.
> What I'm considerings doing is something like:
>
> Start with ~/runtime having a sane set of files
>
> untar etc into ~/updated
> sync
> mv ~/updated ~/run-time
> sync
>
> What is unacceptable is that, at any time, a power failure/reboot results in
> ~/runtime having a non-sane set of files.
>
> * Does the above sequence look safe?
Yes
> * Is the second sync required?
It is required to guarantee that the mv has reached the flash at that
point in time i.e. power loss before the second sync => same as if mv
was not done
More information about the linux-mtd
mailing list