Re: USB memory stick hotswap problems

From: Matthew Dillon <dillon_at_apollo.backplane.com>
Date: Sat, 25 Sep 2004 22:59:09 -0700 (PDT)
:> Can't usbd (or better yet, usbd.conf) be modified or changed in some way
:> to automatically handle the unmounting of any existing filesystems that
:> match the device which is mounted?
:>
:> Seems like we're eventually going to need this to make hot-swappable USB
:> devices more friendly.  I understand why you must unmount a device
:> before SCSI CAM gets disconnected from it, but it just seems that this
:> should be a job for usbd.
:
:The problem is that once the device is removed it's too late :(
:
:One possibility would be to add a facility to mark all the data for a certa=
:in=20
:device to be non-critical so it will throw it away when it tries to flush i=
:t=20
:and fails instead of panicing.

    It's a fairly simple matter to make the I/O requests fail, CAM is actually
    quite good at that.  But preventing filesystem panics requires a lot
    more work.  Three things must be done:

    * The filesystem has to be able to error-out gracefully when read I/O's
      fail.

    * A mechanism for handling write errors, in particular synchronous
      write errors, is needed.  Generally speaking the buffer cache must
      retain the (dirty) data, which it actually mostly does already,
      and the filesystem has to be able to proceed with the operation
      despite the write error in order to get to a stable point where it
      can either error out or complete the op.

    * The buffer flushing code has to be made aware of a dead backing 
      device and do the right thing with the dirty buffers when the
      filesystem is forcefully unmounted.

    I did some work on the buffer cache dirty data issue a while back, a few
    years ago, so the buffer cache already deals with write errors somewhat,
    but more work is needed.

						-Matt
Received on Sun Sep 26 2004 - 03:59:10 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:13 UTC