Re: Flames over -- Re: Which is simpler?

[Phillip Susi]

Kyle Moffett wrote:
> How is swapping USB devices while suspended unreasonable?  Come to 
> think of it, I did it inadvertently about 15 minutes ago with my PowerBook

Because you can not go yanking devices out from under the kernel without 
it's knowledge or consent.  This is no more acceptable than ejecting a 
floppy without first unmounting it; the only difference is that the 
floppy drive doesn't erroneously inform the kernel that you have done 
this simply because you suspend. 

> (while booted into Mac OS).  I had a USB key that I was copying a file 
> to for someone.  After shutting the lid, I unplugged mouse, USB key, 
> and power block.  About 30 minutes later I had somebody else with a 
> key who wanted to give me a file.  I had the key plugged in before the 
> laptop was finished waking up from sleep.  Now, I don't know for 
> certain that neither key had a serial number, but the two I have here 
> in my hand certainly don't, and I could _easily_ see somebody swapping 
> USB keys not knowing that they're "not supposed to do that" and 
> getting massive data corruption when the filesystem reads and writes 
> pages from a completely different block device.

Then they shot themselves in the foot.  That is no different than 
switching mounted floppies while suspended, or removing a mounted IDE 
hard drive while suspended, so they get what they deserve. 

> Did you read what I wrote?  People don't generally expect to randomly 
> plug and unplug SCSI drives whenever they feel like it.  They _do_ 
> expect to randomly plug and unplug USB drives, mice, keyboards, 
> tablets, network adapters, etc, because _everything_ supports such 
> random plugging.

No, they don't.  Users do not expect ( or should not and are told not to 
by admins ) to be able to yank out their usb memory stick while it is 
mounted.  They are told to always unmount first.  If they fail to do so, 
then they get what they asked for.  It doesn't matter if the disk is 
SCSI or USB; you don't go yanking it out without unmounting it first, or 
you will loose data. 

> Creating an extremely odd and hard to predict failure mode (when you 
> reconnect USB devices while suspended on hardware that doesn't support 
> proper USB suspend) with a high probability of causing data corruption 
> or crashes is wrong.  Especially since you could easily teach users 
> that "You need to eject USB things before you sleep the computer _or_ 
> just fix the kernel to do it for you.  That's probably something we 
> should be doing for all network filesystems anyways.

Users are already told to eject/unmount the media before removing it.  
If they fail to do that, it doesn't matter if the system is suspended or 
not; they broke the drive when they yanked it out while mounted.  As for 
fixing the kernel to unmount it for you, that is not always possible; 
take the root on usb case. 

Maybe it does make sense to have hibernation scripts unmount removable 
media for the common silly user who can't remember to unmount disks 
before ejecting/unplugging them, but you should be able to suspend a 
system with its root on a usb disk and not have the kernel panic for no 
good reason when it resumes. 


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/