Commit ad1858d7 authored by Dave Chinner's avatar Dave Chinner Committed by Ben Myers

xfs: rework remote attr CRCs

Note: this changes the on-disk remote attribute format. I assert
that this is OK to do as CRCs are marked experimental and the first
kernel it is included in has not yet reached release yet. Further,
the userspace utilities are still evolving and so anyone using this
stuff right now is a developer or tester using volatile filesystems
for testing this feature. Hence changing the format right now to
save longer term pain is the right thing to do.

The fundamental change is to move from a header per extent in the
attribute to a header per filesytem block in the attribute. This
means there are more header blocks and the parsing of the attribute
data is slightly more complex, but it has the advantage that we
always know the size of the attribute on disk based on the length of
the data it contains.

This is where the header-per-extent method has problems. We don't
know the size of the attribute on disk without first knowing how
many extents are used to hold it. And we can't tell from a
mapping lookup, either, because remote attributes can be allocated
contiguously with other attribute blocks and so there is no obvious
way of determining the actual size of the atribute on disk short of
walking and mapping buffers.

The problem with this approach is that if we map a buffer
incorrectly (e.g. we make the last buffer for the attribute data too
long), we then get buffer cache lookup failure when we map it
correctly. i.e. we get a size mismatch on lookup. This is not
necessarily fatal, but it's a cache coherency problem that can lead
to returning the wrong data to userspace or writing the wrong data
to disk. And debug kernels will assert fail if this occurs.

I found lots of niggly little problems trying to fix this issue on a
4k block size filesystem, finally getting it to pass with lots of
fixes. The thing is, 1024 byte filesystems still failed, and it was
getting really complex handling all the corner cases that were
showing up. And there were clearly more that I hadn't found yet.

It is complex, fragile code, and if we don't fix it now, it will be
complex, fragile code forever more.

Hence the simple fix is to add a header to each filesystem block.
This gives us the same relationship between the attribute data
length and the number of blocks on disk as we have without CRCs -
it's a linear mapping and doesn't require us to guess anything. It
is simple to implement, too - the remote block count calculated at
lookup time can be used by the remote attribute set/get/remove code
without modification for both CRC and non-CRC filesystems. The world
becomes sane again.

Because the copy-in and copy-out now need to iterate over each
filesystem block, I moved them into helper functions so we separate
the block mapping and buffer manupulations from the attribute data
and CRC header manipulations. The code becomes much clearer as a
result, and it is a lot easier to understand and debug. It also
appears to be much more robust - once it worked on 4k block size
filesystems, it has worked without failure on 1k block size
filesystems, too.
Signed-off-by: default avatarDave Chinner <dchinner@redhat.com>
Reviewed-by: default avatarBen Myers <bpm@sgi.com>
Signed-off-by: default avatarBen Myers <bpm@sgi.com>
parent d4c712bc
...@@ -1412,7 +1412,7 @@ xfs_attr3_leaf_add_work( ...@@ -1412,7 +1412,7 @@ xfs_attr3_leaf_add_work(
name_rmt->valuelen = 0; name_rmt->valuelen = 0;
name_rmt->valueblk = 0; name_rmt->valueblk = 0;
args->rmtblkno = 1; args->rmtblkno = 1;
args->rmtblkcnt = XFS_B_TO_FSB(mp, args->valuelen); args->rmtblkcnt = xfs_attr3_rmt_blocks(mp, args->valuelen);
} }
xfs_trans_log_buf(args->trans, bp, xfs_trans_log_buf(args->trans, bp,
XFS_DA_LOGRANGE(leaf, xfs_attr3_leaf_name(leaf, args->index), XFS_DA_LOGRANGE(leaf, xfs_attr3_leaf_name(leaf, args->index),
...@@ -2354,8 +2354,9 @@ xfs_attr3_leaf_lookup_int( ...@@ -2354,8 +2354,9 @@ xfs_attr3_leaf_lookup_int(
args->index = probe; args->index = probe;
args->valuelen = be32_to_cpu(name_rmt->valuelen); args->valuelen = be32_to_cpu(name_rmt->valuelen);
args->rmtblkno = be32_to_cpu(name_rmt->valueblk); args->rmtblkno = be32_to_cpu(name_rmt->valueblk);
args->rmtblkcnt = XFS_B_TO_FSB(args->dp->i_mount, args->rmtblkcnt = xfs_attr3_rmt_blocks(
args->valuelen); args->dp->i_mount,
args->valuelen);
return XFS_ERROR(EEXIST); return XFS_ERROR(EEXIST);
} }
} }
...@@ -2406,7 +2407,8 @@ xfs_attr3_leaf_getvalue( ...@@ -2406,7 +2407,8 @@ xfs_attr3_leaf_getvalue(
ASSERT(memcmp(args->name, name_rmt->name, args->namelen) == 0); ASSERT(memcmp(args->name, name_rmt->name, args->namelen) == 0);
valuelen = be32_to_cpu(name_rmt->valuelen); valuelen = be32_to_cpu(name_rmt->valuelen);
args->rmtblkno = be32_to_cpu(name_rmt->valueblk); args->rmtblkno = be32_to_cpu(name_rmt->valueblk);
args->rmtblkcnt = XFS_B_TO_FSB(args->dp->i_mount, valuelen); args->rmtblkcnt = xfs_attr3_rmt_blocks(args->dp->i_mount,
valuelen);
if (args->flags & ATTR_KERNOVAL) { if (args->flags & ATTR_KERNOVAL) {
args->valuelen = valuelen; args->valuelen = valuelen;
return 0; return 0;
...@@ -2732,7 +2734,8 @@ xfs_attr3_leaf_list_int( ...@@ -2732,7 +2734,8 @@ xfs_attr3_leaf_list_int(
args.valuelen = valuelen; args.valuelen = valuelen;
args.value = kmem_alloc(valuelen, KM_SLEEP | KM_NOFS); args.value = kmem_alloc(valuelen, KM_SLEEP | KM_NOFS);
args.rmtblkno = be32_to_cpu(name_rmt->valueblk); args.rmtblkno = be32_to_cpu(name_rmt->valueblk);
args.rmtblkcnt = XFS_B_TO_FSB(args.dp->i_mount, valuelen); args.rmtblkcnt = xfs_attr3_rmt_blocks(
args.dp->i_mount, valuelen);
retval = xfs_attr_rmtval_get(&args); retval = xfs_attr_rmtval_get(&args);
if (retval) if (retval)
return retval; return retval;
......
This diff is collapsed.
...@@ -20,6 +20,14 @@ ...@@ -20,6 +20,14 @@
#define XFS_ATTR3_RMT_MAGIC 0x5841524d /* XARM */ #define XFS_ATTR3_RMT_MAGIC 0x5841524d /* XARM */
/*
* There is one of these headers per filesystem block in a remote attribute.
* This is done to ensure there is a 1:1 mapping between the attribute value
* length and the number of blocks needed to store the attribute. This makes the
* verification of a buffer a little more complex, but greatly simplifies the
* allocation, reading and writing of these attributes as we don't have to guess
* the number of blocks needed to store the attribute data.
*/
struct xfs_attr3_rmt_hdr { struct xfs_attr3_rmt_hdr {
__be32 rm_magic; __be32 rm_magic;
__be32 rm_offset; __be32 rm_offset;
...@@ -39,6 +47,8 @@ struct xfs_attr3_rmt_hdr { ...@@ -39,6 +47,8 @@ struct xfs_attr3_rmt_hdr {
extern const struct xfs_buf_ops xfs_attr3_rmt_buf_ops; extern const struct xfs_buf_ops xfs_attr3_rmt_buf_ops;
int xfs_attr3_rmt_blocks(struct xfs_mount *mp, int attrlen);
int xfs_attr_rmtval_get(struct xfs_da_args *args); int xfs_attr_rmtval_get(struct xfs_da_args *args);
int xfs_attr_rmtval_set(struct xfs_da_args *args); int xfs_attr_rmtval_set(struct xfs_da_args *args);
int xfs_attr_rmtval_remove(struct xfs_da_args *args); int xfs_attr_rmtval_remove(struct xfs_da_args *args);
......
...@@ -513,6 +513,7 @@ _xfs_buf_find( ...@@ -513,6 +513,7 @@ _xfs_buf_find(
xfs_alert(btp->bt_mount, xfs_alert(btp->bt_mount,
"%s: Block out of range: block 0x%llx, EOFS 0x%llx ", "%s: Block out of range: block 0x%llx, EOFS 0x%llx ",
__func__, blkno, eofs); __func__, blkno, eofs);
WARN_ON(1);
return NULL; return NULL;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment