Bug 120622

Summary: Default isize of 256 bytes is too small for SE Linux
Product: [Fedora] Fedora Reporter: Russell Coker <russell>
Component: xfsprogsAssignee: Jeff Garzik <jgarzik>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: esandeen, igeorgex, laroche, peterm, redhat-bugzilla, stewart
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-07-05 13:18:43 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 196599    
Attachments:
Description Flags
Patch to provide this functionality. none

Description Russell Coker 2004-04-12 11:46:34 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (compatible; Konqueror/3.2; Linux) (KHTML, like Gecko)

Description of problem:
The "mkfs.xfs" command is used with no parameters other than the device name will default to an Inode size of 256 bytes.  This is too small for the "security.selinux" xattr, so if you use SE Linux on such a file system then every active Inode will have a separate block allocated for it's SE Linux context!  This means a disk space waste of 4K * number of active Inodes.

I expect that a fairly typical server install of Fedora Core 2 will have close to 200,000 files, which would involve 200,000*4K == 800M of disk space wasted!  I have heard reports of up to 5G of disk space disappearing when SE Linux is installed on an XFS system because of this.

When the Inodes are bigger XFS can use the space for other things as well, directory entries apparently can usefully use it and very large files will gain some performance through less indirection.

I discussed this matter with some SGI employees who are involved with XFS development, they agree that with the focus that is being put on SE Linux in Fedora the correct default for the Inode size is 512 bytes.  They are also considering making it the default for their mkfs release (although this is something that will take a significant amount of time to change).

Note that merely instructing SE Linux users to use 512 byte Inodes is not sufficient as there will be people who decide to convert a system to SE Linux at some later time.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
.

Additional info:
Comment 1 Stewart Smith 2004-08-11 12:55:06 UTC 
Workaround: Tell the installer not to format the partition you're
going to install onto, switch to a virtual terminal and do something
similar to the following:

mkfs.xfs -i size=512 /dev/hda5

this will set the inode size to 512 bytes, and should be enough for
SELinux to perform well. Ideally, there'd be a configuration in the
installer to manually set FS parameters (such as log and inode size).

Am currently doing an install like this of FC3t1.

Have reported a bug for Anaconda, related to allowing customisation of
mkfs parameters:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=129644
Comment 2 Russell Coker 2006-03-27 04:56:21 UTC 
Regardless of the Anaconda issue, I believe that the default should be 512 
bytes. 
 
Note that this will also improve performance for recent versions of Samba, 
ACLs, and user XATTRs.
Comment 3 Robert Scheck 2006-04-04 06:52:25 UTC 
Russell, can you please have a look whether the default in xfsprogs 2.7.11-1 
changed in the meantime?
Comment 4 Russell Coker 2006-04-04 07:25:48 UTC 
It hasn't changed.  I've spoken to some of the XFS developers about this (they 
are based in Melbourne so I meet them periodically).  As of our last 
conversation they reported that it would be difficult for them to get such a 
change included and suggested that I get the distributions to include patches 
instead.
Comment 5 Russell Coker 2006-04-07 11:46:14 UTC 
Created attachment 127452 [details]
Patch to provide this functionality.

The attached patch gives a default Inode size of 512 bytes.  This will
significantly improve performance for SE Linux machines (default install) and
for Samba servers.
Comment 6 Robert Scheck 2006-06-25 17:12:11 UTC 
Looks like Jeff isn't xfsprogs maintainer any longer or he unfortunately doesn't 
use Bugzilla. Florian, could you apply Russell's patch for the next xfsprogs 
rebuild, please?
Comment 7 Jeremy Katz 2006-07-05 13:18:43 UTC 
Committed
Comment 8 Justin Conover 2006-12-03 17:00:20 UTC 
Does Committed mean that it is 512 by default?

# mkfs.xfs /dev/appsvg/vmwarelv 
meta-data=/dev/appsvg/vmwarelv   isize=256    agcount=16, agsize=327680 blks
         =                       sectsz=512   attr=0
data     =                       bsize=4096   blocks=5242880, imaxpct=25
         =                       sunit=0      swidth=0 blks, unwritten=1
naming   =version 2              bsize=4096  
log      =internal log           bsize=4096   blocks=2560, version=1
         =                       sectsz=512   sunit=0 blks
realtime =none                   extsz=65536  blocks=0, rtextents=0
[root@echelon opt]# cat /etc/redhat-release 
Fedora Core release 6 (Zod)


According to that it is still 256 on FC6?
Comment 9 Justin Conover 2006-12-03 17:02:06 UTC 
# mkfs.xfs -i size=512 /dev/appsvg/vmwarelv -f
meta-data=/dev/appsvg/vmwarelv   isize=512    agcount=16, agsize=327680 blks
         =                       sectsz=512   attr=0
data     =                       bsize=4096   blocks=5242880, imaxpct=25
         =                       sunit=0      swidth=0 blks, unwritten=1
naming   =version 2              bsize=4096  
log      =internal log           bsize=4096   blocks=2560, version=1
         =                       sectsz=512   sunit=0 blks
realtime =none                   extsz=65536  blocks=0, rtextents=0
Comment 10 Eric Sandeen 2007-09-08 06:23:54 UTC 
Just a note, anaconda is now using "attr2" for installs from FC6 and beyond, so
space is more efficiently shared between extents & attributes in the inode. 
With that, selinux & attrs should still be pretty efficient in 256 bytes,
without the extra space overhead of the larger inodes, and the 512-byte default
patch has been removed.  Note that attr2 is still not the default in mkfs.xfs,
though - it can be set at mkfs or mount time.