2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* CDDL HEADER START
|
|
|
|
*
|
|
|
|
* The contents of this file are subject to the terms of the
|
|
|
|
* Common Development and Distribution License (the "License").
|
|
|
|
* You may not use this file except in compliance with the License.
|
|
|
|
*
|
|
|
|
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
|
2022-07-12 00:16:13 +03:00
|
|
|
* or https://opensource.org/licenses/CDDL-1.0.
|
2008-11-20 23:01:55 +03:00
|
|
|
* See the License for the specific language governing permissions
|
|
|
|
* and limitations under the License.
|
|
|
|
*
|
|
|
|
* When distributing Covered Code, include this CDDL HEADER in each
|
|
|
|
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
|
|
|
|
* If applicable, add the following below this CDDL HEADER, with the
|
|
|
|
* fields enclosed by brackets "[]" replaced with your own identifying
|
|
|
|
* information: Portions Copyright [yyyy] [name of copyright owner]
|
|
|
|
*
|
|
|
|
* CDDL HEADER END
|
|
|
|
*/
|
|
|
|
/*
|
2010-08-27 01:24:34 +04:00
|
|
|
* Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
|
2012-09-14 00:25:15 +04:00
|
|
|
* Copyright (c) 2012 Cyril Plisko. All rights reserved.
|
2017-08-29 19:00:28 +03:00
|
|
|
* Copyright (c) 2013, 2017 by Delphix. All rights reserved.
|
2023-03-10 22:59:53 +03:00
|
|
|
* Copyright (c) 2021, 2022 by Pawel Jakub Dawidek
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
|
|
|
|
|
|
|
#include <sys/types.h>
|
|
|
|
#include <sys/param.h>
|
|
|
|
#include <sys/sysmacros.h>
|
|
|
|
#include <sys/cmn_err.h>
|
|
|
|
#include <sys/kmem.h>
|
|
|
|
#include <sys/thread.h>
|
|
|
|
#include <sys/file.h>
|
|
|
|
#include <sys/fcntl.h>
|
|
|
|
#include <sys/vfs.h>
|
|
|
|
#include <sys/fs/zfs.h>
|
|
|
|
#include <sys/zfs_znode.h>
|
|
|
|
#include <sys/zfs_dir.h>
|
|
|
|
#include <sys/zfs_acl.h>
|
|
|
|
#include <sys/zfs_fuid.h>
|
2011-03-01 23:24:09 +03:00
|
|
|
#include <sys/zfs_vnops.h>
|
2008-11-20 23:01:55 +03:00
|
|
|
#include <sys/spa.h>
|
|
|
|
#include <sys/zil.h>
|
|
|
|
#include <sys/byteorder.h>
|
|
|
|
#include <sys/stat.h>
|
|
|
|
#include <sys/acl.h>
|
|
|
|
#include <sys/atomic.h>
|
|
|
|
#include <sys/cred.h>
|
2011-03-01 23:24:09 +03:00
|
|
|
#include <sys/zpl.h>
|
log xattr=sa create/remove/update to ZIL
As such, there are no specific synchronous semantics defined for
the xattrs. But for xattr=on, it does log to ZIL and zil_commit() is
done, if sync=always is set on dataset. This provides sync semantics
for xattr=on with sync=always set on dataset.
For the xattr=sa implementation, it doesn't log to ZIL, so, even with
sync=always, xattrs are not guaranteed to be synced before xattr call
returns to caller. So, xattr can be lost if system crash happens, before
txg carrying xattr transaction is synced.
This change adds xattr=sa logging to ZIL on xattr create/remove/update
and xattrs are synced to ZIL (zil_commit() done) for sync=always.
This makes xattr=sa behavior similar to xattr=on.
Implementation notes:
The actual logging is fairly straight-forward and does not warrant
additional explanation.
However, it has been 14 years since we last added new TX types
to the ZIL [1], hence this is the first time we do it after the
introduction of zpool features. Therefore, here is an overview of the
feature activation and deactivation workflow:
1. The feature must be enabled. Otherwise, we don't log the new
record type. This ensures compatibility with older software.
2. The feature is activated per-dataset, since the ZIL is per-dataset.
3. If the feature is enabled and dataset is not for zvol, any append to
the ZIL chain will activate the feature for the dataset. Likewise
for starting a new ZIL chain.
4. A dataset that doesn't have a ZIL chain has the feature deactivated.
We ensure (3) by activating on the first zil_commit() after the feature
was enabled. Since activating the features requires waiting for txg
sync, the first zil_commit() after enabling the feature will be slower
than usual. The downside is that this is really a conservative
approximation: even if we never append a 'TX_SETSAXATTR' to the ZIL
chain, we pay the penalty for feature activation. The upside is that the
user is in control of when we pay the penalty, i.e., upon enabling the
feature.
We ensure (4) by hooking into zil_sync(), where ZIL destroy actually
happens.
One more piece on feature activation, since it's spread across
multiple functions:
zil_commit()
zil_process_commit_list()
if lwb == NULL // first zil_commit since zil_open
zil_create()
if no log block pointer in ZIL header:
if feature enabled and not active:
// CASE 1
enable, COALESCE txg wait with dmu_tx that allocated the
log block
else // log block was allocated earlier than this zil_open
if feature enabled and not active:
// CASE 2
enable, EXPLICIT txg wait
else // already have an in-DRAM LWB
if feature enabled and not active:
// this happens when we enable the feature after zil_create
// CASE 3
enable, EXPLICIT txg wait
[1] https://github.com/illumos/illumos-gate/commit/da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0
Reviewed-by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Christian Schwarz <christian.schwarz@nutanix.com>
Reviewed-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz>
Reviewed-by: Ryan Moeller <freqlabs@FreeBSD.org>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Jitendra Patidar <jitendra.patidar@nutanix.com>
Closes #8768
Closes #9078
2022-02-23 00:06:43 +03:00
|
|
|
#include <sys/dmu_objset.h>
|
|
|
|
#include <sys/zfeature.h>
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2019-12-16 20:49:05 +03:00
|
|
|
/*
|
|
|
|
* NB: FreeBSD expects to be able to do vnode locking in lookup and
|
|
|
|
* hold the locks across all subsequent VOPs until vput is called.
|
|
|
|
* This means that its zfs vnops routines can't do any internal locking.
|
|
|
|
* In order to have the same contract as the Linux vnops there would
|
|
|
|
* needed to be duplicate locked vnops. If the vnops were used more widely
|
|
|
|
* in common code this would likely be preferable. However, currently
|
|
|
|
* this is the only file where this is the case.
|
|
|
|
*/
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* Functions to replay ZFS intent log (ZIL) records
|
|
|
|
* The functions are called through a function vector (zfs_replay_vector)
|
|
|
|
* which is indexed by the transaction type.
|
|
|
|
*/
|
|
|
|
|
|
|
|
static void
|
2011-03-01 23:24:09 +03:00
|
|
|
zfs_init_vattr(vattr_t *vap, uint64_t mask, uint64_t mode,
|
2017-01-12 20:42:11 +03:00
|
|
|
uint64_t uid, uint64_t gid, uint64_t rdev, uint64_t nodeid)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2022-02-25 16:26:54 +03:00
|
|
|
memset(vap, 0, sizeof (*vap));
|
2011-03-01 23:24:09 +03:00
|
|
|
vap->va_mask = (uint_t)mask;
|
|
|
|
vap->va_mode = mode;
|
2021-07-27 02:38:06 +03:00
|
|
|
#if defined(__FreeBSD__) || defined(__APPLE__)
|
2020-01-23 04:55:56 +03:00
|
|
|
vap->va_type = IFTOVT(mode);
|
|
|
|
#endif
|
2011-03-01 23:24:09 +03:00
|
|
|
vap->va_uid = (uid_t)(IS_EPHEMERAL(uid)) ? -1 : uid;
|
|
|
|
vap->va_gid = (gid_t)(IS_EPHEMERAL(gid)) ? -1 : gid;
|
2019-12-13 18:54:10 +03:00
|
|
|
vap->va_rdev = zfs_cmpldev(rdev);
|
2011-03-01 23:24:09 +03:00
|
|
|
vap->va_nodeid = nodeid;
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
2017-10-27 22:46:35 +03:00
|
|
|
zfs_replay_error(void *arg1, void *arg2, boolean_t byteswap)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2022-02-16 04:38:43 +03:00
|
|
|
(void) arg1, (void) arg2, (void) byteswap;
|
2013-03-08 22:41:28 +04:00
|
|
|
return (SET_ERROR(ENOTSUP));
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
zfs_replay_xvattr(lr_attr_t *lrattr, xvattr_t *xvap)
|
|
|
|
{
|
|
|
|
xoptattr_t *xoap = NULL;
|
|
|
|
uint64_t *attrs;
|
|
|
|
uint64_t *crtime;
|
|
|
|
uint32_t *bitmap;
|
|
|
|
void *scanstamp;
|
|
|
|
int i;
|
|
|
|
|
2011-03-01 23:24:09 +03:00
|
|
|
xvap->xva_vattr.va_mask |= ATTR_XVATTR;
|
2008-11-20 23:01:55 +03:00
|
|
|
if ((xoap = xva_getxoptattr(xvap)) == NULL) {
|
2011-03-01 23:24:09 +03:00
|
|
|
xvap->xva_vattr.va_mask &= ~ATTR_XVATTR; /* shouldn't happen */
|
2008-11-20 23:01:55 +03:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
ASSERT(lrattr->lr_attr_masksize == xvap->xva_mapsize);
|
|
|
|
|
|
|
|
bitmap = &lrattr->lr_attr_bitmap;
|
|
|
|
for (i = 0; i != lrattr->lr_attr_masksize; i++, bitmap++)
|
|
|
|
xvap->xva_reqattrmap[i] = *bitmap;
|
|
|
|
|
|
|
|
attrs = (uint64_t *)(lrattr + lrattr->lr_attr_masksize - 1);
|
|
|
|
crtime = attrs + 1;
|
|
|
|
scanstamp = (caddr_t)(crtime + 2);
|
|
|
|
|
|
|
|
if (XVA_ISSET_REQ(xvap, XAT_HIDDEN))
|
|
|
|
xoap->xoa_hidden = ((*attrs & XAT0_HIDDEN) != 0);
|
|
|
|
if (XVA_ISSET_REQ(xvap, XAT_SYSTEM))
|
|
|
|
xoap->xoa_system = ((*attrs & XAT0_SYSTEM) != 0);
|
|
|
|
if (XVA_ISSET_REQ(xvap, XAT_ARCHIVE))
|
|
|
|
xoap->xoa_archive = ((*attrs & XAT0_ARCHIVE) != 0);
|
|
|
|
if (XVA_ISSET_REQ(xvap, XAT_READONLY))
|
|
|
|
xoap->xoa_readonly = ((*attrs & XAT0_READONLY) != 0);
|
|
|
|
if (XVA_ISSET_REQ(xvap, XAT_IMMUTABLE))
|
|
|
|
xoap->xoa_immutable = ((*attrs & XAT0_IMMUTABLE) != 0);
|
|
|
|
if (XVA_ISSET_REQ(xvap, XAT_NOUNLINK))
|
|
|
|
xoap->xoa_nounlink = ((*attrs & XAT0_NOUNLINK) != 0);
|
|
|
|
if (XVA_ISSET_REQ(xvap, XAT_APPENDONLY))
|
|
|
|
xoap->xoa_appendonly = ((*attrs & XAT0_APPENDONLY) != 0);
|
|
|
|
if (XVA_ISSET_REQ(xvap, XAT_NODUMP))
|
|
|
|
xoap->xoa_nodump = ((*attrs & XAT0_NODUMP) != 0);
|
|
|
|
if (XVA_ISSET_REQ(xvap, XAT_OPAQUE))
|
|
|
|
xoap->xoa_opaque = ((*attrs & XAT0_OPAQUE) != 0);
|
|
|
|
if (XVA_ISSET_REQ(xvap, XAT_AV_MODIFIED))
|
|
|
|
xoap->xoa_av_modified = ((*attrs & XAT0_AV_MODIFIED) != 0);
|
|
|
|
if (XVA_ISSET_REQ(xvap, XAT_AV_QUARANTINED))
|
|
|
|
xoap->xoa_av_quarantined =
|
|
|
|
((*attrs & XAT0_AV_QUARANTINED) != 0);
|
|
|
|
if (XVA_ISSET_REQ(xvap, XAT_CREATETIME))
|
|
|
|
ZFS_TIME_DECODE(&xoap->xoa_createtime, crtime);
|
2018-02-14 01:54:54 +03:00
|
|
|
if (XVA_ISSET_REQ(xvap, XAT_AV_SCANSTAMP)) {
|
|
|
|
ASSERT(!XVA_ISSET_REQ(xvap, XAT_PROJID));
|
|
|
|
|
2022-02-25 16:26:54 +03:00
|
|
|
memcpy(xoap->xoa_av_scanstamp, scanstamp, AV_SCANSTAMP_SZ);
|
2018-02-14 01:54:54 +03:00
|
|
|
} else if (XVA_ISSET_REQ(xvap, XAT_PROJID)) {
|
|
|
|
/*
|
|
|
|
* XAT_PROJID and XAT_AV_SCANSTAMP will never be valid
|
|
|
|
* at the same time, so we can share the same space.
|
|
|
|
*/
|
2022-02-25 16:26:54 +03:00
|
|
|
memcpy(&xoap->xoa_projid, scanstamp, sizeof (uint64_t));
|
2018-02-14 01:54:54 +03:00
|
|
|
}
|
2010-05-29 00:45:14 +04:00
|
|
|
if (XVA_ISSET_REQ(xvap, XAT_REPARSE))
|
|
|
|
xoap->xoa_reparse = ((*attrs & XAT0_REPARSE) != 0);
|
2010-08-27 01:24:34 +04:00
|
|
|
if (XVA_ISSET_REQ(xvap, XAT_OFFLINE))
|
|
|
|
xoap->xoa_offline = ((*attrs & XAT0_OFFLINE) != 0);
|
|
|
|
if (XVA_ISSET_REQ(xvap, XAT_SPARSE))
|
|
|
|
xoap->xoa_sparse = ((*attrs & XAT0_SPARSE) != 0);
|
2018-02-14 01:54:54 +03:00
|
|
|
if (XVA_ISSET_REQ(xvap, XAT_PROJINHERIT))
|
|
|
|
xoap->xoa_projinherit = ((*attrs & XAT0_PROJINHERIT) != 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
zfs_replay_domain_cnt(uint64_t uid, uint64_t gid)
|
|
|
|
{
|
|
|
|
uint64_t uid_idx;
|
|
|
|
uint64_t gid_idx;
|
|
|
|
int domcnt = 0;
|
|
|
|
|
|
|
|
uid_idx = FUID_INDEX(uid);
|
|
|
|
gid_idx = FUID_INDEX(gid);
|
|
|
|
if (uid_idx)
|
|
|
|
domcnt++;
|
|
|
|
if (gid_idx > 0 && gid_idx != uid_idx)
|
|
|
|
domcnt++;
|
|
|
|
|
|
|
|
return (domcnt);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void *
|
|
|
|
zfs_replay_fuid_domain_common(zfs_fuid_info_t *fuid_infop, void *start,
|
|
|
|
int domcnt)
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
|
|
|
for (i = 0; i != domcnt; i++) {
|
|
|
|
fuid_infop->z_domain_table[i] = start;
|
|
|
|
start = (caddr_t)start + strlen(start) + 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
return (start);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Set the uid/gid in the fuid_info structure.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
zfs_replay_fuid_ugid(zfs_fuid_info_t *fuid_infop, uint64_t uid, uint64_t gid)
|
|
|
|
{
|
|
|
|
/*
|
|
|
|
* If owner or group are log specific FUIDs then slurp up
|
|
|
|
* domain information and build zfs_fuid_info_t
|
|
|
|
*/
|
|
|
|
if (IS_EPHEMERAL(uid))
|
|
|
|
fuid_infop->z_fuid_owner = uid;
|
|
|
|
|
|
|
|
if (IS_EPHEMERAL(gid))
|
|
|
|
fuid_infop->z_fuid_group = gid;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Load fuid domains into fuid_info_t
|
|
|
|
*/
|
|
|
|
static zfs_fuid_info_t *
|
|
|
|
zfs_replay_fuid_domain(void *buf, void **end, uint64_t uid, uint64_t gid)
|
|
|
|
{
|
|
|
|
int domcnt;
|
|
|
|
|
|
|
|
zfs_fuid_info_t *fuid_infop;
|
|
|
|
|
|
|
|
fuid_infop = zfs_fuid_info_alloc();
|
|
|
|
|
|
|
|
domcnt = zfs_replay_domain_cnt(uid, gid);
|
|
|
|
|
|
|
|
if (domcnt == 0)
|
|
|
|
return (fuid_infop);
|
|
|
|
|
|
|
|
fuid_infop->z_domain_table =
|
2016-09-22 04:09:00 +03:00
|
|
|
kmem_zalloc(domcnt * sizeof (char *), KM_SLEEP);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
zfs_replay_fuid_ugid(fuid_infop, uid, gid);
|
|
|
|
|
|
|
|
fuid_infop->z_domain_cnt = domcnt;
|
|
|
|
*end = zfs_replay_fuid_domain_common(fuid_infop, buf, domcnt);
|
|
|
|
return (fuid_infop);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* load zfs_fuid_t's and fuid_domains into fuid_info_t
|
|
|
|
*/
|
|
|
|
static zfs_fuid_info_t *
|
|
|
|
zfs_replay_fuids(void *start, void **end, int idcnt, int domcnt, uint64_t uid,
|
|
|
|
uint64_t gid)
|
|
|
|
{
|
|
|
|
uint64_t *log_fuid = (uint64_t *)start;
|
|
|
|
zfs_fuid_info_t *fuid_infop;
|
|
|
|
int i;
|
|
|
|
|
|
|
|
fuid_infop = zfs_fuid_info_alloc();
|
|
|
|
fuid_infop->z_domain_cnt = domcnt;
|
|
|
|
|
|
|
|
fuid_infop->z_domain_table =
|
2016-09-22 04:09:00 +03:00
|
|
|
kmem_zalloc(domcnt * sizeof (char *), KM_SLEEP);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
for (i = 0; i != idcnt; i++) {
|
|
|
|
zfs_fuid_t *zfuid;
|
|
|
|
|
|
|
|
zfuid = kmem_alloc(sizeof (zfs_fuid_t), KM_SLEEP);
|
|
|
|
zfuid->z_logfuid = *log_fuid;
|
|
|
|
zfuid->z_id = -1;
|
|
|
|
zfuid->z_domidx = 0;
|
|
|
|
list_insert_tail(&fuid_infop->z_fuids, zfuid);
|
|
|
|
log_fuid++;
|
|
|
|
}
|
|
|
|
|
|
|
|
zfs_replay_fuid_ugid(fuid_infop, uid, gid);
|
|
|
|
|
|
|
|
*end = zfs_replay_fuid_domain_common(fuid_infop, log_fuid, domcnt);
|
|
|
|
return (fuid_infop);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
zfs_replay_swap_attrs(lr_attr_t *lrattr)
|
|
|
|
{
|
|
|
|
/* swap the lr_attr structure */
|
|
|
|
byteswap_uint32_array(lrattr, sizeof (*lrattr));
|
|
|
|
/* swap the bitmap */
|
|
|
|
byteswap_uint32_array(lrattr + 1, (lrattr->lr_attr_masksize - 1) *
|
|
|
|
sizeof (uint32_t));
|
|
|
|
/* swap the attributes, create time + 64 bit word for attributes */
|
|
|
|
byteswap_uint64_array((caddr_t)(lrattr + 1) + (sizeof (uint32_t) *
|
|
|
|
(lrattr->lr_attr_masksize - 1)), 3 * sizeof (uint64_t));
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Replay file create with optional ACL, xvattr information as well
|
|
|
|
* as option FUID information.
|
|
|
|
*/
|
|
|
|
static int
|
2017-10-27 22:46:35 +03:00
|
|
|
zfs_replay_create_acl(void *arg1, void *arg2, boolean_t byteswap)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2017-10-27 22:46:35 +03:00
|
|
|
zfsvfs_t *zfsvfs = arg1;
|
|
|
|
lr_acl_create_t *lracl = arg2;
|
2024-09-27 19:18:11 +03:00
|
|
|
_lr_create_t *lr = &lracl->lr_create;
|
2008-11-20 23:01:55 +03:00
|
|
|
char *name = NULL; /* location determined later */
|
|
|
|
znode_t *dzp;
|
2019-12-11 22:53:57 +03:00
|
|
|
znode_t *zp;
|
2008-11-20 23:01:55 +03:00
|
|
|
xvattr_t xva;
|
2011-02-08 22:33:08 +03:00
|
|
|
int vflg = 0;
|
2011-03-01 23:24:09 +03:00
|
|
|
vsecattr_t vsec = { 0 };
|
2008-11-20 23:01:55 +03:00
|
|
|
lr_attr_t *lrattr;
|
2024-09-27 19:18:11 +03:00
|
|
|
uint8_t *aclstart;
|
|
|
|
uint8_t *fuidstart;
|
2008-11-20 23:01:55 +03:00
|
|
|
size_t xvatlen = 0;
|
|
|
|
uint64_t txtype;
|
Implement large_dnode pool feature
Justification
-------------
This feature adds support for variable length dnodes. Our motivation is
to eliminate the overhead associated with using spill blocks. Spill
blocks are used to store system attribute data (i.e. file metadata) that
does not fit in the dnode's bonus buffer. By allowing a larger bonus
buffer area the use of a spill block can be avoided. Spill blocks
potentially incur an additional read I/O for every dnode in a dnode
block. As a worst case example, reading 32 dnodes from a 16k dnode block
and all of the spill blocks could issue 33 separate reads. Now suppose
those dnodes have size 1024 and therefore don't need spill blocks. Then
the worst case number of blocks read is reduced to from 33 to two--one
per dnode block. In practice spill blocks may tend to be co-located on
disk with the dnode blocks so the reduction in I/O would not be this
drastic. In a badly fragmented pool, however, the improvement could be
significant.
ZFS-on-Linux systems that make heavy use of extended attributes would
benefit from this feature. In particular, ZFS-on-Linux supports the
xattr=sa dataset property which allows file extended attribute data
to be stored in the dnode bonus buffer as an alternative to the
traditional directory-based format. Workloads such as SELinux and the
Lustre distributed filesystem often store enough xattr data to force
spill bocks when xattr=sa is in effect. Large dnodes may therefore
provide a performance benefit to such systems.
Other use cases that may benefit from this feature include files with
large ACLs and symbolic links with long target names. Furthermore,
this feature may be desirable on other platforms in case future
applications or features are developed that could make use of a
larger bonus buffer area.
Implementation
--------------
The size of a dnode may be a multiple of 512 bytes up to the size of
a dnode block (currently 16384 bytes). A dn_extra_slots field was
added to the current on-disk dnode_phys_t structure to describe the
size of the physical dnode on disk. The 8 bits for this field were
taken from the zero filled dn_pad2 field. The field represents how
many "extra" dnode_phys_t slots a dnode consumes in its dnode block.
This convention results in a value of 0 for 512 byte dnodes which
preserves on-disk format compatibility with older software.
Similarly, the in-memory dnode_t structure has a new dn_num_slots field
to represent the total number of dnode_phys_t slots consumed on disk.
Thus dn->dn_num_slots is 1 greater than the corresponding
dnp->dn_extra_slots. This difference in convention was adopted
because, unlike on-disk structures, backward compatibility is not a
concern for in-memory objects, so we used a more natural way to
represent size for a dnode_t.
The default size for newly created dnodes is determined by the value of
a new "dnodesize" dataset property. By default the property is set to
"legacy" which is compatible with older software. Setting the property
to "auto" will allow the filesystem to choose the most suitable dnode
size. Currently this just sets the default dnode size to 1k, but future
code improvements could dynamically choose a size based on observed
workload patterns. Dnodes of varying sizes can coexist within the same
dataset and even within the same dnode block. For example, to enable
automatically-sized dnodes, run
# zfs set dnodesize=auto tank/fish
The user can also specify literal values for the dnodesize property.
These are currently limited to powers of two from 1k to 16k. The
power-of-2 limitation is only for simplicity of the user interface.
Internally the implementation can handle any multiple of 512 up to 16k,
and consumers of the DMU API can specify any legal dnode value.
The size of a new dnode is determined at object allocation time and
stored as a new field in the znode in-memory structure. New DMU
interfaces are added to allow the consumer to specify the dnode size
that a newly allocated object should use. Existing interfaces are
unchanged to avoid having to update every call site and to preserve
compatibility with external consumers such as Lustre. The new
interfaces names are given below. The versions of these functions that
don't take a dnodesize parameter now just call the _dnsize() versions
with a dnodesize of 0, which means use the legacy dnode size.
New DMU interfaces:
dmu_object_alloc_dnsize()
dmu_object_claim_dnsize()
dmu_object_reclaim_dnsize()
New ZAP interfaces:
zap_create_dnsize()
zap_create_norm_dnsize()
zap_create_flags_dnsize()
zap_create_claim_norm_dnsize()
zap_create_link_dnsize()
The constant DN_MAX_BONUSLEN is renamed to DN_OLD_MAX_BONUSLEN. The
spa_maxdnodesize() function should be used to determine the maximum
bonus length for a pool.
These are a few noteworthy changes to key functions:
* The prototype for dnode_hold_impl() now takes a "slots" parameter.
When the DNODE_MUST_BE_FREE flag is set, this parameter is used to
ensure the hole at the specified object offset is large enough to
hold the dnode being created. The slots parameter is also used
to ensure a dnode does not span multiple dnode blocks. In both of
these cases, if a failure occurs, ENOSPC is returned. Keep in mind,
these failure cases are only possible when using DNODE_MUST_BE_FREE.
If the DNODE_MUST_BE_ALLOCATED flag is set, "slots" must be 0.
dnode_hold_impl() will check if the requested dnode is already
consumed as an extra dnode slot by an large dnode, in which case
it returns ENOENT.
* The function dmu_object_alloc() advances to the next dnode block
if dnode_hold_impl() returns an error for a requested object.
This is because the beginning of the next dnode block is the only
location it can safely assume to either be a hole or a valid
starting point for a dnode.
* dnode_next_offset_level() and other functions that iterate
through dnode blocks may no longer use a simple array indexing
scheme. These now use the current dnode's dn_num_slots field to
advance to the next dnode in the block. This is to ensure we
properly skip the current dnode's bonus area and don't interpret it
as a valid dnode.
zdb
---
The zdb command was updated to display a dnode's size under the
"dnsize" column when the object is dumped.
For ZIL create log records, zdb will now display the slot count for
the object.
ztest
-----
Ztest chooses a random dnodesize for every newly created object. The
random distribution is more heavily weighted toward small dnodes to
better simulate real-world datasets.
Unused bonus buffer space is filled with non-zero values computed from
the object number, dataset id, offset, and generation number. This
helps ensure that the dnode traversal code properly skips the interior
regions of large dnodes, and that these interior regions are not
overwritten by data belonging to other dnodes. A new test visits each
object in a dataset. It verifies that the actual dnode size matches what
was stored in the ztest block tag when it was created. It also verifies
that the unused bonus buffer space is filled with the expected data
patterns.
ZFS Test Suite
--------------
Added six new large dnode-specific tests, and integrated the dnodesize
property into existing tests for zfs allow and send/recv.
Send/Receive
------------
ZFS send streams for datasets containing large dnodes cannot be received
on pools that don't support the large_dnode feature. A send stream with
large dnodes sets a DMU_BACKUP_FEATURE_LARGE_DNODE flag which will be
unrecognized by an incompatible receiving pool so that the zfs receive
will fail gracefully.
While not implemented here, it may be possible to generate a
backward-compatible send stream from a dataset containing large
dnodes. The implementation may be tricky, however, because the send
object record for a large dnode would need to be resized to a 512
byte dnode, possibly kicking in a spill block in the process. This
means we would need to construct a new SA layout and possibly
register it in the SA layout object. The SA layout is normally just
sent as an ordinary object record. But if we are constructing new
layouts while generating the send stream we'd have to build the SA
layout object dynamically and send it at the end of the stream.
For sending and receiving between pools that do support large dnodes,
the drr_object send record type is extended with a new field to store
the dnode slot count. This field was repurposed from unused padding
in the structure.
ZIL Replay
----------
The dnode slot count is stored in the uppermost 8 bits of the lr_foid
field. The bits were unused as the object id is currently capped at
48 bits.
Resizing Dnodes
---------------
It should be possible to resize a dnode when it is dirtied if the
current dnodesize dataset property differs from the dnode's size, but
this functionality is not currently implemented. Clearly a dnode can
only grow if there are sufficient contiguous unused slots in the
dnode block, but it should always be possible to shrink a dnode.
Growing dnodes may be useful to reduce fragmentation in a pool with
many spill blocks in use. Shrinking dnodes may be useful to allow
sending a dataset to a pool that doesn't support the large_dnode
feature.
Feature Reference Counting
--------------------------
The reference count for the large_dnode pool feature tracks the
number of datasets that have ever contained a dnode of size larger
than 512 bytes. The first time a large dnode is created in a dataset
the dataset is converted to an extensible dataset. This is a one-way
operation and the only way to decrement the feature count is to
destroy the dataset, even if the dataset no longer contains any large
dnodes. The complexity of reference counting on a per-dnode basis was
too high, so we chose to track it on a per-dataset basis similarly to
the large_block feature.
Signed-off-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #3542
2016-03-17 04:25:34 +03:00
|
|
|
uint64_t objid;
|
|
|
|
uint64_t dnodesize;
|
2008-11-20 23:01:55 +03:00
|
|
|
int error;
|
|
|
|
|
2023-11-29 00:35:14 +03:00
|
|
|
ASSERT3U(lr->lr_common.lrc_reclen, >=, sizeof (*lracl));
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
txtype = (lr->lr_common.lrc_txtype & ~TX_CI);
|
2008-11-20 23:01:55 +03:00
|
|
|
if (byteswap) {
|
|
|
|
byteswap_uint64_array(lracl, sizeof (*lracl));
|
|
|
|
if (txtype == TX_CREATE_ACL_ATTR ||
|
|
|
|
txtype == TX_MKDIR_ACL_ATTR) {
|
2024-09-27 19:18:11 +03:00
|
|
|
lrattr = (lr_attr_t *)&lracl->lr_data[0];
|
2008-11-20 23:01:55 +03:00
|
|
|
zfs_replay_swap_attrs(lrattr);
|
|
|
|
xvatlen = ZIL_XVAT_SIZE(lrattr->lr_attr_masksize);
|
|
|
|
}
|
|
|
|
|
2024-09-27 19:18:11 +03:00
|
|
|
aclstart = &lracl->lr_data[xvatlen];
|
2008-11-20 23:01:55 +03:00
|
|
|
zfs_ace_byteswap(aclstart, lracl->lr_acl_bytes, B_FALSE);
|
2024-09-27 19:18:11 +03:00
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/* swap fuids */
|
|
|
|
if (lracl->lr_fuidcnt) {
|
2024-09-27 19:18:11 +03:00
|
|
|
byteswap_uint64_array(
|
|
|
|
&aclstart[ZIL_ACE_LENGTH(lracl->lr_acl_bytes)],
|
2008-11-20 23:01:55 +03:00
|
|
|
lracl->lr_fuidcnt * sizeof (uint64_t));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if ((error = zfs_zget(zfsvfs, lr->lr_doid, &dzp)) != 0)
|
2008-11-20 23:01:55 +03:00
|
|
|
return (error);
|
|
|
|
|
Implement large_dnode pool feature
Justification
-------------
This feature adds support for variable length dnodes. Our motivation is
to eliminate the overhead associated with using spill blocks. Spill
blocks are used to store system attribute data (i.e. file metadata) that
does not fit in the dnode's bonus buffer. By allowing a larger bonus
buffer area the use of a spill block can be avoided. Spill blocks
potentially incur an additional read I/O for every dnode in a dnode
block. As a worst case example, reading 32 dnodes from a 16k dnode block
and all of the spill blocks could issue 33 separate reads. Now suppose
those dnodes have size 1024 and therefore don't need spill blocks. Then
the worst case number of blocks read is reduced to from 33 to two--one
per dnode block. In practice spill blocks may tend to be co-located on
disk with the dnode blocks so the reduction in I/O would not be this
drastic. In a badly fragmented pool, however, the improvement could be
significant.
ZFS-on-Linux systems that make heavy use of extended attributes would
benefit from this feature. In particular, ZFS-on-Linux supports the
xattr=sa dataset property which allows file extended attribute data
to be stored in the dnode bonus buffer as an alternative to the
traditional directory-based format. Workloads such as SELinux and the
Lustre distributed filesystem often store enough xattr data to force
spill bocks when xattr=sa is in effect. Large dnodes may therefore
provide a performance benefit to such systems.
Other use cases that may benefit from this feature include files with
large ACLs and symbolic links with long target names. Furthermore,
this feature may be desirable on other platforms in case future
applications or features are developed that could make use of a
larger bonus buffer area.
Implementation
--------------
The size of a dnode may be a multiple of 512 bytes up to the size of
a dnode block (currently 16384 bytes). A dn_extra_slots field was
added to the current on-disk dnode_phys_t structure to describe the
size of the physical dnode on disk. The 8 bits for this field were
taken from the zero filled dn_pad2 field. The field represents how
many "extra" dnode_phys_t slots a dnode consumes in its dnode block.
This convention results in a value of 0 for 512 byte dnodes which
preserves on-disk format compatibility with older software.
Similarly, the in-memory dnode_t structure has a new dn_num_slots field
to represent the total number of dnode_phys_t slots consumed on disk.
Thus dn->dn_num_slots is 1 greater than the corresponding
dnp->dn_extra_slots. This difference in convention was adopted
because, unlike on-disk structures, backward compatibility is not a
concern for in-memory objects, so we used a more natural way to
represent size for a dnode_t.
The default size for newly created dnodes is determined by the value of
a new "dnodesize" dataset property. By default the property is set to
"legacy" which is compatible with older software. Setting the property
to "auto" will allow the filesystem to choose the most suitable dnode
size. Currently this just sets the default dnode size to 1k, but future
code improvements could dynamically choose a size based on observed
workload patterns. Dnodes of varying sizes can coexist within the same
dataset and even within the same dnode block. For example, to enable
automatically-sized dnodes, run
# zfs set dnodesize=auto tank/fish
The user can also specify literal values for the dnodesize property.
These are currently limited to powers of two from 1k to 16k. The
power-of-2 limitation is only for simplicity of the user interface.
Internally the implementation can handle any multiple of 512 up to 16k,
and consumers of the DMU API can specify any legal dnode value.
The size of a new dnode is determined at object allocation time and
stored as a new field in the znode in-memory structure. New DMU
interfaces are added to allow the consumer to specify the dnode size
that a newly allocated object should use. Existing interfaces are
unchanged to avoid having to update every call site and to preserve
compatibility with external consumers such as Lustre. The new
interfaces names are given below. The versions of these functions that
don't take a dnodesize parameter now just call the _dnsize() versions
with a dnodesize of 0, which means use the legacy dnode size.
New DMU interfaces:
dmu_object_alloc_dnsize()
dmu_object_claim_dnsize()
dmu_object_reclaim_dnsize()
New ZAP interfaces:
zap_create_dnsize()
zap_create_norm_dnsize()
zap_create_flags_dnsize()
zap_create_claim_norm_dnsize()
zap_create_link_dnsize()
The constant DN_MAX_BONUSLEN is renamed to DN_OLD_MAX_BONUSLEN. The
spa_maxdnodesize() function should be used to determine the maximum
bonus length for a pool.
These are a few noteworthy changes to key functions:
* The prototype for dnode_hold_impl() now takes a "slots" parameter.
When the DNODE_MUST_BE_FREE flag is set, this parameter is used to
ensure the hole at the specified object offset is large enough to
hold the dnode being created. The slots parameter is also used
to ensure a dnode does not span multiple dnode blocks. In both of
these cases, if a failure occurs, ENOSPC is returned. Keep in mind,
these failure cases are only possible when using DNODE_MUST_BE_FREE.
If the DNODE_MUST_BE_ALLOCATED flag is set, "slots" must be 0.
dnode_hold_impl() will check if the requested dnode is already
consumed as an extra dnode slot by an large dnode, in which case
it returns ENOENT.
* The function dmu_object_alloc() advances to the next dnode block
if dnode_hold_impl() returns an error for a requested object.
This is because the beginning of the next dnode block is the only
location it can safely assume to either be a hole or a valid
starting point for a dnode.
* dnode_next_offset_level() and other functions that iterate
through dnode blocks may no longer use a simple array indexing
scheme. These now use the current dnode's dn_num_slots field to
advance to the next dnode in the block. This is to ensure we
properly skip the current dnode's bonus area and don't interpret it
as a valid dnode.
zdb
---
The zdb command was updated to display a dnode's size under the
"dnsize" column when the object is dumped.
For ZIL create log records, zdb will now display the slot count for
the object.
ztest
-----
Ztest chooses a random dnodesize for every newly created object. The
random distribution is more heavily weighted toward small dnodes to
better simulate real-world datasets.
Unused bonus buffer space is filled with non-zero values computed from
the object number, dataset id, offset, and generation number. This
helps ensure that the dnode traversal code properly skips the interior
regions of large dnodes, and that these interior regions are not
overwritten by data belonging to other dnodes. A new test visits each
object in a dataset. It verifies that the actual dnode size matches what
was stored in the ztest block tag when it was created. It also verifies
that the unused bonus buffer space is filled with the expected data
patterns.
ZFS Test Suite
--------------
Added six new large dnode-specific tests, and integrated the dnodesize
property into existing tests for zfs allow and send/recv.
Send/Receive
------------
ZFS send streams for datasets containing large dnodes cannot be received
on pools that don't support the large_dnode feature. A send stream with
large dnodes sets a DMU_BACKUP_FEATURE_LARGE_DNODE flag which will be
unrecognized by an incompatible receiving pool so that the zfs receive
will fail gracefully.
While not implemented here, it may be possible to generate a
backward-compatible send stream from a dataset containing large
dnodes. The implementation may be tricky, however, because the send
object record for a large dnode would need to be resized to a 512
byte dnode, possibly kicking in a spill block in the process. This
means we would need to construct a new SA layout and possibly
register it in the SA layout object. The SA layout is normally just
sent as an ordinary object record. But if we are constructing new
layouts while generating the send stream we'd have to build the SA
layout object dynamically and send it at the end of the stream.
For sending and receiving between pools that do support large dnodes,
the drr_object send record type is extended with a new field to store
the dnode slot count. This field was repurposed from unused padding
in the structure.
ZIL Replay
----------
The dnode slot count is stored in the uppermost 8 bits of the lr_foid
field. The bits were unused as the object id is currently capped at
48 bits.
Resizing Dnodes
---------------
It should be possible to resize a dnode when it is dirtied if the
current dnodesize dataset property differs from the dnode's size, but
this functionality is not currently implemented. Clearly a dnode can
only grow if there are sufficient contiguous unused slots in the
dnode block, but it should always be possible to shrink a dnode.
Growing dnodes may be useful to reduce fragmentation in a pool with
many spill blocks in use. Shrinking dnodes may be useful to allow
sending a dataset to a pool that doesn't support the large_dnode
feature.
Feature Reference Counting
--------------------------
The reference count for the large_dnode pool feature tracks the
number of datasets that have ever contained a dnode of size larger
than 512 bytes. The first time a large dnode is created in a dataset
the dataset is converted to an extensible dataset. This is a one-way
operation and the only way to decrement the feature count is to
destroy the dataset, even if the dataset no longer contains any large
dnodes. The complexity of reference counting on a per-dnode basis was
too high, so we chose to track it on a per-dataset basis similarly to
the large_block feature.
Signed-off-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #3542
2016-03-17 04:25:34 +03:00
|
|
|
objid = LR_FOID_GET_OBJ(lr->lr_foid);
|
|
|
|
dnodesize = LR_FOID_GET_SLOTS(lr->lr_foid) << DNODE_SHIFT;
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
xva_init(&xva);
|
2011-03-03 22:29:15 +03:00
|
|
|
zfs_init_vattr(&xva.xva_vattr, ATTR_MODE | ATTR_UID | ATTR_GID,
|
Implement large_dnode pool feature
Justification
-------------
This feature adds support for variable length dnodes. Our motivation is
to eliminate the overhead associated with using spill blocks. Spill
blocks are used to store system attribute data (i.e. file metadata) that
does not fit in the dnode's bonus buffer. By allowing a larger bonus
buffer area the use of a spill block can be avoided. Spill blocks
potentially incur an additional read I/O for every dnode in a dnode
block. As a worst case example, reading 32 dnodes from a 16k dnode block
and all of the spill blocks could issue 33 separate reads. Now suppose
those dnodes have size 1024 and therefore don't need spill blocks. Then
the worst case number of blocks read is reduced to from 33 to two--one
per dnode block. In practice spill blocks may tend to be co-located on
disk with the dnode blocks so the reduction in I/O would not be this
drastic. In a badly fragmented pool, however, the improvement could be
significant.
ZFS-on-Linux systems that make heavy use of extended attributes would
benefit from this feature. In particular, ZFS-on-Linux supports the
xattr=sa dataset property which allows file extended attribute data
to be stored in the dnode bonus buffer as an alternative to the
traditional directory-based format. Workloads such as SELinux and the
Lustre distributed filesystem often store enough xattr data to force
spill bocks when xattr=sa is in effect. Large dnodes may therefore
provide a performance benefit to such systems.
Other use cases that may benefit from this feature include files with
large ACLs and symbolic links with long target names. Furthermore,
this feature may be desirable on other platforms in case future
applications or features are developed that could make use of a
larger bonus buffer area.
Implementation
--------------
The size of a dnode may be a multiple of 512 bytes up to the size of
a dnode block (currently 16384 bytes). A dn_extra_slots field was
added to the current on-disk dnode_phys_t structure to describe the
size of the physical dnode on disk. The 8 bits for this field were
taken from the zero filled dn_pad2 field. The field represents how
many "extra" dnode_phys_t slots a dnode consumes in its dnode block.
This convention results in a value of 0 for 512 byte dnodes which
preserves on-disk format compatibility with older software.
Similarly, the in-memory dnode_t structure has a new dn_num_slots field
to represent the total number of dnode_phys_t slots consumed on disk.
Thus dn->dn_num_slots is 1 greater than the corresponding
dnp->dn_extra_slots. This difference in convention was adopted
because, unlike on-disk structures, backward compatibility is not a
concern for in-memory objects, so we used a more natural way to
represent size for a dnode_t.
The default size for newly created dnodes is determined by the value of
a new "dnodesize" dataset property. By default the property is set to
"legacy" which is compatible with older software. Setting the property
to "auto" will allow the filesystem to choose the most suitable dnode
size. Currently this just sets the default dnode size to 1k, but future
code improvements could dynamically choose a size based on observed
workload patterns. Dnodes of varying sizes can coexist within the same
dataset and even within the same dnode block. For example, to enable
automatically-sized dnodes, run
# zfs set dnodesize=auto tank/fish
The user can also specify literal values for the dnodesize property.
These are currently limited to powers of two from 1k to 16k. The
power-of-2 limitation is only for simplicity of the user interface.
Internally the implementation can handle any multiple of 512 up to 16k,
and consumers of the DMU API can specify any legal dnode value.
The size of a new dnode is determined at object allocation time and
stored as a new field in the znode in-memory structure. New DMU
interfaces are added to allow the consumer to specify the dnode size
that a newly allocated object should use. Existing interfaces are
unchanged to avoid having to update every call site and to preserve
compatibility with external consumers such as Lustre. The new
interfaces names are given below. The versions of these functions that
don't take a dnodesize parameter now just call the _dnsize() versions
with a dnodesize of 0, which means use the legacy dnode size.
New DMU interfaces:
dmu_object_alloc_dnsize()
dmu_object_claim_dnsize()
dmu_object_reclaim_dnsize()
New ZAP interfaces:
zap_create_dnsize()
zap_create_norm_dnsize()
zap_create_flags_dnsize()
zap_create_claim_norm_dnsize()
zap_create_link_dnsize()
The constant DN_MAX_BONUSLEN is renamed to DN_OLD_MAX_BONUSLEN. The
spa_maxdnodesize() function should be used to determine the maximum
bonus length for a pool.
These are a few noteworthy changes to key functions:
* The prototype for dnode_hold_impl() now takes a "slots" parameter.
When the DNODE_MUST_BE_FREE flag is set, this parameter is used to
ensure the hole at the specified object offset is large enough to
hold the dnode being created. The slots parameter is also used
to ensure a dnode does not span multiple dnode blocks. In both of
these cases, if a failure occurs, ENOSPC is returned. Keep in mind,
these failure cases are only possible when using DNODE_MUST_BE_FREE.
If the DNODE_MUST_BE_ALLOCATED flag is set, "slots" must be 0.
dnode_hold_impl() will check if the requested dnode is already
consumed as an extra dnode slot by an large dnode, in which case
it returns ENOENT.
* The function dmu_object_alloc() advances to the next dnode block
if dnode_hold_impl() returns an error for a requested object.
This is because the beginning of the next dnode block is the only
location it can safely assume to either be a hole or a valid
starting point for a dnode.
* dnode_next_offset_level() and other functions that iterate
through dnode blocks may no longer use a simple array indexing
scheme. These now use the current dnode's dn_num_slots field to
advance to the next dnode in the block. This is to ensure we
properly skip the current dnode's bonus area and don't interpret it
as a valid dnode.
zdb
---
The zdb command was updated to display a dnode's size under the
"dnsize" column when the object is dumped.
For ZIL create log records, zdb will now display the slot count for
the object.
ztest
-----
Ztest chooses a random dnodesize for every newly created object. The
random distribution is more heavily weighted toward small dnodes to
better simulate real-world datasets.
Unused bonus buffer space is filled with non-zero values computed from
the object number, dataset id, offset, and generation number. This
helps ensure that the dnode traversal code properly skips the interior
regions of large dnodes, and that these interior regions are not
overwritten by data belonging to other dnodes. A new test visits each
object in a dataset. It verifies that the actual dnode size matches what
was stored in the ztest block tag when it was created. It also verifies
that the unused bonus buffer space is filled with the expected data
patterns.
ZFS Test Suite
--------------
Added six new large dnode-specific tests, and integrated the dnodesize
property into existing tests for zfs allow and send/recv.
Send/Receive
------------
ZFS send streams for datasets containing large dnodes cannot be received
on pools that don't support the large_dnode feature. A send stream with
large dnodes sets a DMU_BACKUP_FEATURE_LARGE_DNODE flag which will be
unrecognized by an incompatible receiving pool so that the zfs receive
will fail gracefully.
While not implemented here, it may be possible to generate a
backward-compatible send stream from a dataset containing large
dnodes. The implementation may be tricky, however, because the send
object record for a large dnode would need to be resized to a 512
byte dnode, possibly kicking in a spill block in the process. This
means we would need to construct a new SA layout and possibly
register it in the SA layout object. The SA layout is normally just
sent as an ordinary object record. But if we are constructing new
layouts while generating the send stream we'd have to build the SA
layout object dynamically and send it at the end of the stream.
For sending and receiving between pools that do support large dnodes,
the drr_object send record type is extended with a new field to store
the dnode slot count. This field was repurposed from unused padding
in the structure.
ZIL Replay
----------
The dnode slot count is stored in the uppermost 8 bits of the lr_foid
field. The bits were unused as the object id is currently capped at
48 bits.
Resizing Dnodes
---------------
It should be possible to resize a dnode when it is dirtied if the
current dnodesize dataset property differs from the dnode's size, but
this functionality is not currently implemented. Clearly a dnode can
only grow if there are sufficient contiguous unused slots in the
dnode block, but it should always be possible to shrink a dnode.
Growing dnodes may be useful to reduce fragmentation in a pool with
many spill blocks in use. Shrinking dnodes may be useful to allow
sending a dataset to a pool that doesn't support the large_dnode
feature.
Feature Reference Counting
--------------------------
The reference count for the large_dnode pool feature tracks the
number of datasets that have ever contained a dnode of size larger
than 512 bytes. The first time a large dnode is created in a dataset
the dataset is converted to an extensible dataset. This is a one-way
operation and the only way to decrement the feature count is to
destroy the dataset, even if the dataset no longer contains any large
dnodes. The complexity of reference counting on a per-dnode basis was
too high, so we chose to track it on a per-dataset basis similarly to
the large_block feature.
Signed-off-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #3542
2016-03-17 04:25:34 +03:00
|
|
|
lr->lr_mode, lr->lr_uid, lr->lr_gid, lr->lr_rdev, objid);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* All forms of zfs create (create, mkdir, mkxattrdir, symlink)
|
|
|
|
* eventually end up in zfs_mknode(), which assigns the object's
|
Implement large_dnode pool feature
Justification
-------------
This feature adds support for variable length dnodes. Our motivation is
to eliminate the overhead associated with using spill blocks. Spill
blocks are used to store system attribute data (i.e. file metadata) that
does not fit in the dnode's bonus buffer. By allowing a larger bonus
buffer area the use of a spill block can be avoided. Spill blocks
potentially incur an additional read I/O for every dnode in a dnode
block. As a worst case example, reading 32 dnodes from a 16k dnode block
and all of the spill blocks could issue 33 separate reads. Now suppose
those dnodes have size 1024 and therefore don't need spill blocks. Then
the worst case number of blocks read is reduced to from 33 to two--one
per dnode block. In practice spill blocks may tend to be co-located on
disk with the dnode blocks so the reduction in I/O would not be this
drastic. In a badly fragmented pool, however, the improvement could be
significant.
ZFS-on-Linux systems that make heavy use of extended attributes would
benefit from this feature. In particular, ZFS-on-Linux supports the
xattr=sa dataset property which allows file extended attribute data
to be stored in the dnode bonus buffer as an alternative to the
traditional directory-based format. Workloads such as SELinux and the
Lustre distributed filesystem often store enough xattr data to force
spill bocks when xattr=sa is in effect. Large dnodes may therefore
provide a performance benefit to such systems.
Other use cases that may benefit from this feature include files with
large ACLs and symbolic links with long target names. Furthermore,
this feature may be desirable on other platforms in case future
applications or features are developed that could make use of a
larger bonus buffer area.
Implementation
--------------
The size of a dnode may be a multiple of 512 bytes up to the size of
a dnode block (currently 16384 bytes). A dn_extra_slots field was
added to the current on-disk dnode_phys_t structure to describe the
size of the physical dnode on disk. The 8 bits for this field were
taken from the zero filled dn_pad2 field. The field represents how
many "extra" dnode_phys_t slots a dnode consumes in its dnode block.
This convention results in a value of 0 for 512 byte dnodes which
preserves on-disk format compatibility with older software.
Similarly, the in-memory dnode_t structure has a new dn_num_slots field
to represent the total number of dnode_phys_t slots consumed on disk.
Thus dn->dn_num_slots is 1 greater than the corresponding
dnp->dn_extra_slots. This difference in convention was adopted
because, unlike on-disk structures, backward compatibility is not a
concern for in-memory objects, so we used a more natural way to
represent size for a dnode_t.
The default size for newly created dnodes is determined by the value of
a new "dnodesize" dataset property. By default the property is set to
"legacy" which is compatible with older software. Setting the property
to "auto" will allow the filesystem to choose the most suitable dnode
size. Currently this just sets the default dnode size to 1k, but future
code improvements could dynamically choose a size based on observed
workload patterns. Dnodes of varying sizes can coexist within the same
dataset and even within the same dnode block. For example, to enable
automatically-sized dnodes, run
# zfs set dnodesize=auto tank/fish
The user can also specify literal values for the dnodesize property.
These are currently limited to powers of two from 1k to 16k. The
power-of-2 limitation is only for simplicity of the user interface.
Internally the implementation can handle any multiple of 512 up to 16k,
and consumers of the DMU API can specify any legal dnode value.
The size of a new dnode is determined at object allocation time and
stored as a new field in the znode in-memory structure. New DMU
interfaces are added to allow the consumer to specify the dnode size
that a newly allocated object should use. Existing interfaces are
unchanged to avoid having to update every call site and to preserve
compatibility with external consumers such as Lustre. The new
interfaces names are given below. The versions of these functions that
don't take a dnodesize parameter now just call the _dnsize() versions
with a dnodesize of 0, which means use the legacy dnode size.
New DMU interfaces:
dmu_object_alloc_dnsize()
dmu_object_claim_dnsize()
dmu_object_reclaim_dnsize()
New ZAP interfaces:
zap_create_dnsize()
zap_create_norm_dnsize()
zap_create_flags_dnsize()
zap_create_claim_norm_dnsize()
zap_create_link_dnsize()
The constant DN_MAX_BONUSLEN is renamed to DN_OLD_MAX_BONUSLEN. The
spa_maxdnodesize() function should be used to determine the maximum
bonus length for a pool.
These are a few noteworthy changes to key functions:
* The prototype for dnode_hold_impl() now takes a "slots" parameter.
When the DNODE_MUST_BE_FREE flag is set, this parameter is used to
ensure the hole at the specified object offset is large enough to
hold the dnode being created. The slots parameter is also used
to ensure a dnode does not span multiple dnode blocks. In both of
these cases, if a failure occurs, ENOSPC is returned. Keep in mind,
these failure cases are only possible when using DNODE_MUST_BE_FREE.
If the DNODE_MUST_BE_ALLOCATED flag is set, "slots" must be 0.
dnode_hold_impl() will check if the requested dnode is already
consumed as an extra dnode slot by an large dnode, in which case
it returns ENOENT.
* The function dmu_object_alloc() advances to the next dnode block
if dnode_hold_impl() returns an error for a requested object.
This is because the beginning of the next dnode block is the only
location it can safely assume to either be a hole or a valid
starting point for a dnode.
* dnode_next_offset_level() and other functions that iterate
through dnode blocks may no longer use a simple array indexing
scheme. These now use the current dnode's dn_num_slots field to
advance to the next dnode in the block. This is to ensure we
properly skip the current dnode's bonus area and don't interpret it
as a valid dnode.
zdb
---
The zdb command was updated to display a dnode's size under the
"dnsize" column when the object is dumped.
For ZIL create log records, zdb will now display the slot count for
the object.
ztest
-----
Ztest chooses a random dnodesize for every newly created object. The
random distribution is more heavily weighted toward small dnodes to
better simulate real-world datasets.
Unused bonus buffer space is filled with non-zero values computed from
the object number, dataset id, offset, and generation number. This
helps ensure that the dnode traversal code properly skips the interior
regions of large dnodes, and that these interior regions are not
overwritten by data belonging to other dnodes. A new test visits each
object in a dataset. It verifies that the actual dnode size matches what
was stored in the ztest block tag when it was created. It also verifies
that the unused bonus buffer space is filled with the expected data
patterns.
ZFS Test Suite
--------------
Added six new large dnode-specific tests, and integrated the dnodesize
property into existing tests for zfs allow and send/recv.
Send/Receive
------------
ZFS send streams for datasets containing large dnodes cannot be received
on pools that don't support the large_dnode feature. A send stream with
large dnodes sets a DMU_BACKUP_FEATURE_LARGE_DNODE flag which will be
unrecognized by an incompatible receiving pool so that the zfs receive
will fail gracefully.
While not implemented here, it may be possible to generate a
backward-compatible send stream from a dataset containing large
dnodes. The implementation may be tricky, however, because the send
object record for a large dnode would need to be resized to a 512
byte dnode, possibly kicking in a spill block in the process. This
means we would need to construct a new SA layout and possibly
register it in the SA layout object. The SA layout is normally just
sent as an ordinary object record. But if we are constructing new
layouts while generating the send stream we'd have to build the SA
layout object dynamically and send it at the end of the stream.
For sending and receiving between pools that do support large dnodes,
the drr_object send record type is extended with a new field to store
the dnode slot count. This field was repurposed from unused padding
in the structure.
ZIL Replay
----------
The dnode slot count is stored in the uppermost 8 bits of the lr_foid
field. The bits were unused as the object id is currently capped at
48 bits.
Resizing Dnodes
---------------
It should be possible to resize a dnode when it is dirtied if the
current dnodesize dataset property differs from the dnode's size, but
this functionality is not currently implemented. Clearly a dnode can
only grow if there are sufficient contiguous unused slots in the
dnode block, but it should always be possible to shrink a dnode.
Growing dnodes may be useful to reduce fragmentation in a pool with
many spill blocks in use. Shrinking dnodes may be useful to allow
sending a dataset to a pool that doesn't support the large_dnode
feature.
Feature Reference Counting
--------------------------
The reference count for the large_dnode pool feature tracks the
number of datasets that have ever contained a dnode of size larger
than 512 bytes. The first time a large dnode is created in a dataset
the dataset is converted to an extensible dataset. This is a one-way
operation and the only way to decrement the feature count is to
destroy the dataset, even if the dataset no longer contains any large
dnodes. The complexity of reference counting on a per-dnode basis was
too high, so we chose to track it on a per-dataset basis similarly to
the large_block feature.
Signed-off-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #3542
2016-03-17 04:25:34 +03:00
|
|
|
* creation time, generation number, and dnode size. The generic
|
|
|
|
* zfs_create() has no concept of these attributes, so we smuggle
|
|
|
|
* the values inside the vattr's otherwise unused va_ctime,
|
|
|
|
* va_nblocks, and va_fsid fields.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
|
|
|
ZFS_TIME_DECODE(&xva.xva_vattr.va_ctime, lr->lr_crtime);
|
|
|
|
xva.xva_vattr.va_nblocks = lr->lr_gen;
|
Implement large_dnode pool feature
Justification
-------------
This feature adds support for variable length dnodes. Our motivation is
to eliminate the overhead associated with using spill blocks. Spill
blocks are used to store system attribute data (i.e. file metadata) that
does not fit in the dnode's bonus buffer. By allowing a larger bonus
buffer area the use of a spill block can be avoided. Spill blocks
potentially incur an additional read I/O for every dnode in a dnode
block. As a worst case example, reading 32 dnodes from a 16k dnode block
and all of the spill blocks could issue 33 separate reads. Now suppose
those dnodes have size 1024 and therefore don't need spill blocks. Then
the worst case number of blocks read is reduced to from 33 to two--one
per dnode block. In practice spill blocks may tend to be co-located on
disk with the dnode blocks so the reduction in I/O would not be this
drastic. In a badly fragmented pool, however, the improvement could be
significant.
ZFS-on-Linux systems that make heavy use of extended attributes would
benefit from this feature. In particular, ZFS-on-Linux supports the
xattr=sa dataset property which allows file extended attribute data
to be stored in the dnode bonus buffer as an alternative to the
traditional directory-based format. Workloads such as SELinux and the
Lustre distributed filesystem often store enough xattr data to force
spill bocks when xattr=sa is in effect. Large dnodes may therefore
provide a performance benefit to such systems.
Other use cases that may benefit from this feature include files with
large ACLs and symbolic links with long target names. Furthermore,
this feature may be desirable on other platforms in case future
applications or features are developed that could make use of a
larger bonus buffer area.
Implementation
--------------
The size of a dnode may be a multiple of 512 bytes up to the size of
a dnode block (currently 16384 bytes). A dn_extra_slots field was
added to the current on-disk dnode_phys_t structure to describe the
size of the physical dnode on disk. The 8 bits for this field were
taken from the zero filled dn_pad2 field. The field represents how
many "extra" dnode_phys_t slots a dnode consumes in its dnode block.
This convention results in a value of 0 for 512 byte dnodes which
preserves on-disk format compatibility with older software.
Similarly, the in-memory dnode_t structure has a new dn_num_slots field
to represent the total number of dnode_phys_t slots consumed on disk.
Thus dn->dn_num_slots is 1 greater than the corresponding
dnp->dn_extra_slots. This difference in convention was adopted
because, unlike on-disk structures, backward compatibility is not a
concern for in-memory objects, so we used a more natural way to
represent size for a dnode_t.
The default size for newly created dnodes is determined by the value of
a new "dnodesize" dataset property. By default the property is set to
"legacy" which is compatible with older software. Setting the property
to "auto" will allow the filesystem to choose the most suitable dnode
size. Currently this just sets the default dnode size to 1k, but future
code improvements could dynamically choose a size based on observed
workload patterns. Dnodes of varying sizes can coexist within the same
dataset and even within the same dnode block. For example, to enable
automatically-sized dnodes, run
# zfs set dnodesize=auto tank/fish
The user can also specify literal values for the dnodesize property.
These are currently limited to powers of two from 1k to 16k. The
power-of-2 limitation is only for simplicity of the user interface.
Internally the implementation can handle any multiple of 512 up to 16k,
and consumers of the DMU API can specify any legal dnode value.
The size of a new dnode is determined at object allocation time and
stored as a new field in the znode in-memory structure. New DMU
interfaces are added to allow the consumer to specify the dnode size
that a newly allocated object should use. Existing interfaces are
unchanged to avoid having to update every call site and to preserve
compatibility with external consumers such as Lustre. The new
interfaces names are given below. The versions of these functions that
don't take a dnodesize parameter now just call the _dnsize() versions
with a dnodesize of 0, which means use the legacy dnode size.
New DMU interfaces:
dmu_object_alloc_dnsize()
dmu_object_claim_dnsize()
dmu_object_reclaim_dnsize()
New ZAP interfaces:
zap_create_dnsize()
zap_create_norm_dnsize()
zap_create_flags_dnsize()
zap_create_claim_norm_dnsize()
zap_create_link_dnsize()
The constant DN_MAX_BONUSLEN is renamed to DN_OLD_MAX_BONUSLEN. The
spa_maxdnodesize() function should be used to determine the maximum
bonus length for a pool.
These are a few noteworthy changes to key functions:
* The prototype for dnode_hold_impl() now takes a "slots" parameter.
When the DNODE_MUST_BE_FREE flag is set, this parameter is used to
ensure the hole at the specified object offset is large enough to
hold the dnode being created. The slots parameter is also used
to ensure a dnode does not span multiple dnode blocks. In both of
these cases, if a failure occurs, ENOSPC is returned. Keep in mind,
these failure cases are only possible when using DNODE_MUST_BE_FREE.
If the DNODE_MUST_BE_ALLOCATED flag is set, "slots" must be 0.
dnode_hold_impl() will check if the requested dnode is already
consumed as an extra dnode slot by an large dnode, in which case
it returns ENOENT.
* The function dmu_object_alloc() advances to the next dnode block
if dnode_hold_impl() returns an error for a requested object.
This is because the beginning of the next dnode block is the only
location it can safely assume to either be a hole or a valid
starting point for a dnode.
* dnode_next_offset_level() and other functions that iterate
through dnode blocks may no longer use a simple array indexing
scheme. These now use the current dnode's dn_num_slots field to
advance to the next dnode in the block. This is to ensure we
properly skip the current dnode's bonus area and don't interpret it
as a valid dnode.
zdb
---
The zdb command was updated to display a dnode's size under the
"dnsize" column when the object is dumped.
For ZIL create log records, zdb will now display the slot count for
the object.
ztest
-----
Ztest chooses a random dnodesize for every newly created object. The
random distribution is more heavily weighted toward small dnodes to
better simulate real-world datasets.
Unused bonus buffer space is filled with non-zero values computed from
the object number, dataset id, offset, and generation number. This
helps ensure that the dnode traversal code properly skips the interior
regions of large dnodes, and that these interior regions are not
overwritten by data belonging to other dnodes. A new test visits each
object in a dataset. It verifies that the actual dnode size matches what
was stored in the ztest block tag when it was created. It also verifies
that the unused bonus buffer space is filled with the expected data
patterns.
ZFS Test Suite
--------------
Added six new large dnode-specific tests, and integrated the dnodesize
property into existing tests for zfs allow and send/recv.
Send/Receive
------------
ZFS send streams for datasets containing large dnodes cannot be received
on pools that don't support the large_dnode feature. A send stream with
large dnodes sets a DMU_BACKUP_FEATURE_LARGE_DNODE flag which will be
unrecognized by an incompatible receiving pool so that the zfs receive
will fail gracefully.
While not implemented here, it may be possible to generate a
backward-compatible send stream from a dataset containing large
dnodes. The implementation may be tricky, however, because the send
object record for a large dnode would need to be resized to a 512
byte dnode, possibly kicking in a spill block in the process. This
means we would need to construct a new SA layout and possibly
register it in the SA layout object. The SA layout is normally just
sent as an ordinary object record. But if we are constructing new
layouts while generating the send stream we'd have to build the SA
layout object dynamically and send it at the end of the stream.
For sending and receiving between pools that do support large dnodes,
the drr_object send record type is extended with a new field to store
the dnode slot count. This field was repurposed from unused padding
in the structure.
ZIL Replay
----------
The dnode slot count is stored in the uppermost 8 bits of the lr_foid
field. The bits were unused as the object id is currently capped at
48 bits.
Resizing Dnodes
---------------
It should be possible to resize a dnode when it is dirtied if the
current dnodesize dataset property differs from the dnode's size, but
this functionality is not currently implemented. Clearly a dnode can
only grow if there are sufficient contiguous unused slots in the
dnode block, but it should always be possible to shrink a dnode.
Growing dnodes may be useful to reduce fragmentation in a pool with
many spill blocks in use. Shrinking dnodes may be useful to allow
sending a dataset to a pool that doesn't support the large_dnode
feature.
Feature Reference Counting
--------------------------
The reference count for the large_dnode pool feature tracks the
number of datasets that have ever contained a dnode of size larger
than 512 bytes. The first time a large dnode is created in a dataset
the dataset is converted to an extensible dataset. This is a one-way
operation and the only way to decrement the feature count is to
destroy the dataset, even if the dataset no longer contains any large
dnodes. The complexity of reference counting on a per-dnode basis was
too high, so we chose to track it on a per-dataset basis similarly to
the large_block feature.
Signed-off-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #3542
2016-03-17 04:25:34 +03:00
|
|
|
xva.xva_vattr.va_fsid = dnodesize;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2019-08-28 20:42:02 +03:00
|
|
|
error = dnode_try_claim(zfsvfs->z_os, objid, dnodesize >> DNODE_SHIFT);
|
|
|
|
if (error)
|
2008-11-20 23:01:55 +03:00
|
|
|
goto bail;
|
|
|
|
|
|
|
|
if (lr->lr_common.lrc_txtype & TX_CI)
|
|
|
|
vflg |= FIGNORECASE;
|
2010-05-29 00:45:14 +04:00
|
|
|
switch (txtype) {
|
2008-11-20 23:01:55 +03:00
|
|
|
case TX_CREATE_ACL:
|
2024-09-27 19:18:11 +03:00
|
|
|
aclstart = &lracl->lr_data[0];
|
|
|
|
fuidstart = &aclstart[ZIL_ACE_LENGTH(lracl->lr_acl_bytes)];
|
2017-03-08 03:21:37 +03:00
|
|
|
zfsvfs->z_fuid_replay = zfs_replay_fuids(fuidstart,
|
2008-11-20 23:01:55 +03:00
|
|
|
(void *)&name, lracl->lr_fuidcnt, lracl->lr_domcnt,
|
|
|
|
lr->lr_uid, lr->lr_gid);
|
2022-02-15 19:58:59 +03:00
|
|
|
zfs_fallthrough;
|
2008-11-20 23:01:55 +03:00
|
|
|
case TX_CREATE_ACL_ATTR:
|
|
|
|
if (name == NULL) {
|
2024-09-27 19:18:11 +03:00
|
|
|
lrattr = (lr_attr_t *)&lracl->lr_data[0];
|
2008-11-20 23:01:55 +03:00
|
|
|
xvatlen = ZIL_XVAT_SIZE(lrattr->lr_attr_masksize);
|
2011-03-01 23:24:09 +03:00
|
|
|
xva.xva_vattr.va_mask |= ATTR_XVATTR;
|
2008-11-20 23:01:55 +03:00
|
|
|
zfs_replay_xvattr(lrattr, &xva);
|
|
|
|
}
|
|
|
|
vsec.vsa_mask = VSA_ACE | VSA_ACE_ACLFLAGS;
|
2024-09-27 19:18:11 +03:00
|
|
|
vsec.vsa_aclentp = &lracl->lr_data[xvatlen];
|
2008-11-20 23:01:55 +03:00
|
|
|
vsec.vsa_aclcnt = lracl->lr_aclcnt;
|
|
|
|
vsec.vsa_aclentsz = lracl->lr_acl_bytes;
|
|
|
|
vsec.vsa_aclflags = lracl->lr_acl_flags;
|
2017-03-08 03:21:37 +03:00
|
|
|
if (zfsvfs->z_fuid_replay == NULL) {
|
2024-09-27 19:18:11 +03:00
|
|
|
fuidstart = &lracl->lr_data[xvatlen +
|
|
|
|
ZIL_ACE_LENGTH(lracl->lr_acl_bytes)];
|
2017-03-08 03:21:37 +03:00
|
|
|
zfsvfs->z_fuid_replay =
|
2008-11-20 23:01:55 +03:00
|
|
|
zfs_replay_fuids(fuidstart,
|
|
|
|
(void *)&name, lracl->lr_fuidcnt, lracl->lr_domcnt,
|
|
|
|
lr->lr_uid, lr->lr_gid);
|
|
|
|
}
|
|
|
|
|
2022-11-08 21:28:56 +03:00
|
|
|
#if defined(__linux__)
|
|
|
|
error = zfs_create(dzp, name, &xva.xva_vattr,
|
2023-04-11 00:15:36 +03:00
|
|
|
0, 0, &zp, kcred, vflg, &vsec, zfs_init_idmap);
|
2022-11-08 21:28:56 +03:00
|
|
|
#else
|
2019-12-11 22:53:57 +03:00
|
|
|
error = zfs_create(dzp, name, &xva.xva_vattr,
|
2022-10-19 21:17:09 +03:00
|
|
|
0, 0, &zp, kcred, vflg, &vsec, NULL);
|
2022-11-08 21:28:56 +03:00
|
|
|
#endif
|
2008-11-20 23:01:55 +03:00
|
|
|
break;
|
|
|
|
case TX_MKDIR_ACL:
|
2024-09-27 19:18:11 +03:00
|
|
|
aclstart = &lracl->lr_data[0];
|
|
|
|
fuidstart = &aclstart[ZIL_ACE_LENGTH(lracl->lr_acl_bytes)];
|
2017-03-08 03:21:37 +03:00
|
|
|
zfsvfs->z_fuid_replay = zfs_replay_fuids(fuidstart,
|
2008-11-20 23:01:55 +03:00
|
|
|
(void *)&name, lracl->lr_fuidcnt, lracl->lr_domcnt,
|
|
|
|
lr->lr_uid, lr->lr_gid);
|
2022-02-15 19:58:59 +03:00
|
|
|
zfs_fallthrough;
|
2008-11-20 23:01:55 +03:00
|
|
|
case TX_MKDIR_ACL_ATTR:
|
|
|
|
if (name == NULL) {
|
|
|
|
lrattr = (lr_attr_t *)(caddr_t)(lracl + 1);
|
|
|
|
xvatlen = ZIL_XVAT_SIZE(lrattr->lr_attr_masksize);
|
|
|
|
zfs_replay_xvattr(lrattr, &xva);
|
|
|
|
}
|
|
|
|
vsec.vsa_mask = VSA_ACE | VSA_ACE_ACLFLAGS;
|
2024-09-27 19:18:11 +03:00
|
|
|
vsec.vsa_aclentp = &lracl->lr_data[xvatlen];
|
2008-11-20 23:01:55 +03:00
|
|
|
vsec.vsa_aclcnt = lracl->lr_aclcnt;
|
|
|
|
vsec.vsa_aclentsz = lracl->lr_acl_bytes;
|
|
|
|
vsec.vsa_aclflags = lracl->lr_acl_flags;
|
2017-03-08 03:21:37 +03:00
|
|
|
if (zfsvfs->z_fuid_replay == NULL) {
|
2024-09-27 19:18:11 +03:00
|
|
|
fuidstart = &lracl->lr_data[xvatlen +
|
|
|
|
ZIL_ACE_LENGTH(lracl->lr_acl_bytes)];
|
2017-03-08 03:21:37 +03:00
|
|
|
zfsvfs->z_fuid_replay =
|
2008-11-20 23:01:55 +03:00
|
|
|
zfs_replay_fuids(fuidstart,
|
|
|
|
(void *)&name, lracl->lr_fuidcnt, lracl->lr_domcnt,
|
|
|
|
lr->lr_uid, lr->lr_gid);
|
|
|
|
}
|
2022-11-08 21:28:56 +03:00
|
|
|
#if defined(__linux__)
|
|
|
|
error = zfs_mkdir(dzp, name, &xva.xva_vattr,
|
2023-04-11 00:15:36 +03:00
|
|
|
&zp, kcred, vflg, &vsec, zfs_init_idmap);
|
2022-11-08 21:28:56 +03:00
|
|
|
#else
|
2019-12-11 22:53:57 +03:00
|
|
|
error = zfs_mkdir(dzp, name, &xva.xva_vattr,
|
2022-10-19 21:17:09 +03:00
|
|
|
&zp, kcred, vflg, &vsec, NULL);
|
2022-11-08 21:28:56 +03:00
|
|
|
#endif
|
2008-11-20 23:01:55 +03:00
|
|
|
break;
|
|
|
|
default:
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(ENOTSUP);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
bail:
|
2020-01-23 04:55:56 +03:00
|
|
|
if (error == 0 && zp != NULL) {
|
|
|
|
#ifdef __FreeBSD__
|
2024-08-06 02:56:45 +03:00
|
|
|
VOP_UNLOCK(ZTOV(zp));
|
2020-01-23 04:55:56 +03:00
|
|
|
#endif
|
2019-12-11 22:53:57 +03:00
|
|
|
zrele(zp);
|
2020-01-23 04:55:56 +03:00
|
|
|
}
|
2019-12-11 22:53:57 +03:00
|
|
|
zrele(dzp);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if (zfsvfs->z_fuid_replay)
|
|
|
|
zfs_fuid_info_free(zfsvfs->z_fuid_replay);
|
|
|
|
zfsvfs->z_fuid_replay = NULL;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
2017-10-27 22:46:35 +03:00
|
|
|
zfs_replay_create(void *arg1, void *arg2, boolean_t byteswap)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2017-10-27 22:46:35 +03:00
|
|
|
zfsvfs_t *zfsvfs = arg1;
|
2024-09-27 19:18:11 +03:00
|
|
|
lr_create_t *lrc = arg2;
|
|
|
|
_lr_create_t *lr = &lrc->lr_create;
|
2008-11-20 23:01:55 +03:00
|
|
|
char *name = NULL; /* location determined later */
|
|
|
|
char *link; /* symlink content follows name */
|
|
|
|
znode_t *dzp;
|
2019-12-11 22:53:57 +03:00
|
|
|
znode_t *zp = NULL;
|
2008-11-20 23:01:55 +03:00
|
|
|
xvattr_t xva;
|
|
|
|
int vflg = 0;
|
|
|
|
lr_attr_t *lrattr;
|
2011-02-08 22:33:08 +03:00
|
|
|
void *start;
|
2011-03-01 23:24:09 +03:00
|
|
|
size_t xvatlen;
|
2008-11-20 23:01:55 +03:00
|
|
|
uint64_t txtype;
|
Implement large_dnode pool feature
Justification
-------------
This feature adds support for variable length dnodes. Our motivation is
to eliminate the overhead associated with using spill blocks. Spill
blocks are used to store system attribute data (i.e. file metadata) that
does not fit in the dnode's bonus buffer. By allowing a larger bonus
buffer area the use of a spill block can be avoided. Spill blocks
potentially incur an additional read I/O for every dnode in a dnode
block. As a worst case example, reading 32 dnodes from a 16k dnode block
and all of the spill blocks could issue 33 separate reads. Now suppose
those dnodes have size 1024 and therefore don't need spill blocks. Then
the worst case number of blocks read is reduced to from 33 to two--one
per dnode block. In practice spill blocks may tend to be co-located on
disk with the dnode blocks so the reduction in I/O would not be this
drastic. In a badly fragmented pool, however, the improvement could be
significant.
ZFS-on-Linux systems that make heavy use of extended attributes would
benefit from this feature. In particular, ZFS-on-Linux supports the
xattr=sa dataset property which allows file extended attribute data
to be stored in the dnode bonus buffer as an alternative to the
traditional directory-based format. Workloads such as SELinux and the
Lustre distributed filesystem often store enough xattr data to force
spill bocks when xattr=sa is in effect. Large dnodes may therefore
provide a performance benefit to such systems.
Other use cases that may benefit from this feature include files with
large ACLs and symbolic links with long target names. Furthermore,
this feature may be desirable on other platforms in case future
applications or features are developed that could make use of a
larger bonus buffer area.
Implementation
--------------
The size of a dnode may be a multiple of 512 bytes up to the size of
a dnode block (currently 16384 bytes). A dn_extra_slots field was
added to the current on-disk dnode_phys_t structure to describe the
size of the physical dnode on disk. The 8 bits for this field were
taken from the zero filled dn_pad2 field. The field represents how
many "extra" dnode_phys_t slots a dnode consumes in its dnode block.
This convention results in a value of 0 for 512 byte dnodes which
preserves on-disk format compatibility with older software.
Similarly, the in-memory dnode_t structure has a new dn_num_slots field
to represent the total number of dnode_phys_t slots consumed on disk.
Thus dn->dn_num_slots is 1 greater than the corresponding
dnp->dn_extra_slots. This difference in convention was adopted
because, unlike on-disk structures, backward compatibility is not a
concern for in-memory objects, so we used a more natural way to
represent size for a dnode_t.
The default size for newly created dnodes is determined by the value of
a new "dnodesize" dataset property. By default the property is set to
"legacy" which is compatible with older software. Setting the property
to "auto" will allow the filesystem to choose the most suitable dnode
size. Currently this just sets the default dnode size to 1k, but future
code improvements could dynamically choose a size based on observed
workload patterns. Dnodes of varying sizes can coexist within the same
dataset and even within the same dnode block. For example, to enable
automatically-sized dnodes, run
# zfs set dnodesize=auto tank/fish
The user can also specify literal values for the dnodesize property.
These are currently limited to powers of two from 1k to 16k. The
power-of-2 limitation is only for simplicity of the user interface.
Internally the implementation can handle any multiple of 512 up to 16k,
and consumers of the DMU API can specify any legal dnode value.
The size of a new dnode is determined at object allocation time and
stored as a new field in the znode in-memory structure. New DMU
interfaces are added to allow the consumer to specify the dnode size
that a newly allocated object should use. Existing interfaces are
unchanged to avoid having to update every call site and to preserve
compatibility with external consumers such as Lustre. The new
interfaces names are given below. The versions of these functions that
don't take a dnodesize parameter now just call the _dnsize() versions
with a dnodesize of 0, which means use the legacy dnode size.
New DMU interfaces:
dmu_object_alloc_dnsize()
dmu_object_claim_dnsize()
dmu_object_reclaim_dnsize()
New ZAP interfaces:
zap_create_dnsize()
zap_create_norm_dnsize()
zap_create_flags_dnsize()
zap_create_claim_norm_dnsize()
zap_create_link_dnsize()
The constant DN_MAX_BONUSLEN is renamed to DN_OLD_MAX_BONUSLEN. The
spa_maxdnodesize() function should be used to determine the maximum
bonus length for a pool.
These are a few noteworthy changes to key functions:
* The prototype for dnode_hold_impl() now takes a "slots" parameter.
When the DNODE_MUST_BE_FREE flag is set, this parameter is used to
ensure the hole at the specified object offset is large enough to
hold the dnode being created. The slots parameter is also used
to ensure a dnode does not span multiple dnode blocks. In both of
these cases, if a failure occurs, ENOSPC is returned. Keep in mind,
these failure cases are only possible when using DNODE_MUST_BE_FREE.
If the DNODE_MUST_BE_ALLOCATED flag is set, "slots" must be 0.
dnode_hold_impl() will check if the requested dnode is already
consumed as an extra dnode slot by an large dnode, in which case
it returns ENOENT.
* The function dmu_object_alloc() advances to the next dnode block
if dnode_hold_impl() returns an error for a requested object.
This is because the beginning of the next dnode block is the only
location it can safely assume to either be a hole or a valid
starting point for a dnode.
* dnode_next_offset_level() and other functions that iterate
through dnode blocks may no longer use a simple array indexing
scheme. These now use the current dnode's dn_num_slots field to
advance to the next dnode in the block. This is to ensure we
properly skip the current dnode's bonus area and don't interpret it
as a valid dnode.
zdb
---
The zdb command was updated to display a dnode's size under the
"dnsize" column when the object is dumped.
For ZIL create log records, zdb will now display the slot count for
the object.
ztest
-----
Ztest chooses a random dnodesize for every newly created object. The
random distribution is more heavily weighted toward small dnodes to
better simulate real-world datasets.
Unused bonus buffer space is filled with non-zero values computed from
the object number, dataset id, offset, and generation number. This
helps ensure that the dnode traversal code properly skips the interior
regions of large dnodes, and that these interior regions are not
overwritten by data belonging to other dnodes. A new test visits each
object in a dataset. It verifies that the actual dnode size matches what
was stored in the ztest block tag when it was created. It also verifies
that the unused bonus buffer space is filled with the expected data
patterns.
ZFS Test Suite
--------------
Added six new large dnode-specific tests, and integrated the dnodesize
property into existing tests for zfs allow and send/recv.
Send/Receive
------------
ZFS send streams for datasets containing large dnodes cannot be received
on pools that don't support the large_dnode feature. A send stream with
large dnodes sets a DMU_BACKUP_FEATURE_LARGE_DNODE flag which will be
unrecognized by an incompatible receiving pool so that the zfs receive
will fail gracefully.
While not implemented here, it may be possible to generate a
backward-compatible send stream from a dataset containing large
dnodes. The implementation may be tricky, however, because the send
object record for a large dnode would need to be resized to a 512
byte dnode, possibly kicking in a spill block in the process. This
means we would need to construct a new SA layout and possibly
register it in the SA layout object. The SA layout is normally just
sent as an ordinary object record. But if we are constructing new
layouts while generating the send stream we'd have to build the SA
layout object dynamically and send it at the end of the stream.
For sending and receiving between pools that do support large dnodes,
the drr_object send record type is extended with a new field to store
the dnode slot count. This field was repurposed from unused padding
in the structure.
ZIL Replay
----------
The dnode slot count is stored in the uppermost 8 bits of the lr_foid
field. The bits were unused as the object id is currently capped at
48 bits.
Resizing Dnodes
---------------
It should be possible to resize a dnode when it is dirtied if the
current dnodesize dataset property differs from the dnode's size, but
this functionality is not currently implemented. Clearly a dnode can
only grow if there are sufficient contiguous unused slots in the
dnode block, but it should always be possible to shrink a dnode.
Growing dnodes may be useful to reduce fragmentation in a pool with
many spill blocks in use. Shrinking dnodes may be useful to allow
sending a dataset to a pool that doesn't support the large_dnode
feature.
Feature Reference Counting
--------------------------
The reference count for the large_dnode pool feature tracks the
number of datasets that have ever contained a dnode of size larger
than 512 bytes. The first time a large dnode is created in a dataset
the dataset is converted to an extensible dataset. This is a one-way
operation and the only way to decrement the feature count is to
destroy the dataset, even if the dataset no longer contains any large
dnodes. The complexity of reference counting on a per-dnode basis was
too high, so we chose to track it on a per-dataset basis similarly to
the large_block feature.
Signed-off-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #3542
2016-03-17 04:25:34 +03:00
|
|
|
uint64_t objid;
|
|
|
|
uint64_t dnodesize;
|
2008-11-20 23:01:55 +03:00
|
|
|
int error;
|
|
|
|
|
2023-11-29 00:35:14 +03:00
|
|
|
ASSERT3U(lr->lr_common.lrc_reclen, >, sizeof (*lr));
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
txtype = (lr->lr_common.lrc_txtype & ~TX_CI);
|
2008-11-20 23:01:55 +03:00
|
|
|
if (byteswap) {
|
2024-09-27 19:18:11 +03:00
|
|
|
byteswap_uint64_array(lrc, sizeof (*lrc));
|
2008-11-20 23:01:55 +03:00
|
|
|
if (txtype == TX_CREATE_ATTR || txtype == TX_MKDIR_ATTR)
|
2024-09-27 19:18:11 +03:00
|
|
|
zfs_replay_swap_attrs((lr_attr_t *)&lrc->lr_data[0]);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if ((error = zfs_zget(zfsvfs, lr->lr_doid, &dzp)) != 0)
|
2008-11-20 23:01:55 +03:00
|
|
|
return (error);
|
|
|
|
|
Implement large_dnode pool feature
Justification
-------------
This feature adds support for variable length dnodes. Our motivation is
to eliminate the overhead associated with using spill blocks. Spill
blocks are used to store system attribute data (i.e. file metadata) that
does not fit in the dnode's bonus buffer. By allowing a larger bonus
buffer area the use of a spill block can be avoided. Spill blocks
potentially incur an additional read I/O for every dnode in a dnode
block. As a worst case example, reading 32 dnodes from a 16k dnode block
and all of the spill blocks could issue 33 separate reads. Now suppose
those dnodes have size 1024 and therefore don't need spill blocks. Then
the worst case number of blocks read is reduced to from 33 to two--one
per dnode block. In practice spill blocks may tend to be co-located on
disk with the dnode blocks so the reduction in I/O would not be this
drastic. In a badly fragmented pool, however, the improvement could be
significant.
ZFS-on-Linux systems that make heavy use of extended attributes would
benefit from this feature. In particular, ZFS-on-Linux supports the
xattr=sa dataset property which allows file extended attribute data
to be stored in the dnode bonus buffer as an alternative to the
traditional directory-based format. Workloads such as SELinux and the
Lustre distributed filesystem often store enough xattr data to force
spill bocks when xattr=sa is in effect. Large dnodes may therefore
provide a performance benefit to such systems.
Other use cases that may benefit from this feature include files with
large ACLs and symbolic links with long target names. Furthermore,
this feature may be desirable on other platforms in case future
applications or features are developed that could make use of a
larger bonus buffer area.
Implementation
--------------
The size of a dnode may be a multiple of 512 bytes up to the size of
a dnode block (currently 16384 bytes). A dn_extra_slots field was
added to the current on-disk dnode_phys_t structure to describe the
size of the physical dnode on disk. The 8 bits for this field were
taken from the zero filled dn_pad2 field. The field represents how
many "extra" dnode_phys_t slots a dnode consumes in its dnode block.
This convention results in a value of 0 for 512 byte dnodes which
preserves on-disk format compatibility with older software.
Similarly, the in-memory dnode_t structure has a new dn_num_slots field
to represent the total number of dnode_phys_t slots consumed on disk.
Thus dn->dn_num_slots is 1 greater than the corresponding
dnp->dn_extra_slots. This difference in convention was adopted
because, unlike on-disk structures, backward compatibility is not a
concern for in-memory objects, so we used a more natural way to
represent size for a dnode_t.
The default size for newly created dnodes is determined by the value of
a new "dnodesize" dataset property. By default the property is set to
"legacy" which is compatible with older software. Setting the property
to "auto" will allow the filesystem to choose the most suitable dnode
size. Currently this just sets the default dnode size to 1k, but future
code improvements could dynamically choose a size based on observed
workload patterns. Dnodes of varying sizes can coexist within the same
dataset and even within the same dnode block. For example, to enable
automatically-sized dnodes, run
# zfs set dnodesize=auto tank/fish
The user can also specify literal values for the dnodesize property.
These are currently limited to powers of two from 1k to 16k. The
power-of-2 limitation is only for simplicity of the user interface.
Internally the implementation can handle any multiple of 512 up to 16k,
and consumers of the DMU API can specify any legal dnode value.
The size of a new dnode is determined at object allocation time and
stored as a new field in the znode in-memory structure. New DMU
interfaces are added to allow the consumer to specify the dnode size
that a newly allocated object should use. Existing interfaces are
unchanged to avoid having to update every call site and to preserve
compatibility with external consumers such as Lustre. The new
interfaces names are given below. The versions of these functions that
don't take a dnodesize parameter now just call the _dnsize() versions
with a dnodesize of 0, which means use the legacy dnode size.
New DMU interfaces:
dmu_object_alloc_dnsize()
dmu_object_claim_dnsize()
dmu_object_reclaim_dnsize()
New ZAP interfaces:
zap_create_dnsize()
zap_create_norm_dnsize()
zap_create_flags_dnsize()
zap_create_claim_norm_dnsize()
zap_create_link_dnsize()
The constant DN_MAX_BONUSLEN is renamed to DN_OLD_MAX_BONUSLEN. The
spa_maxdnodesize() function should be used to determine the maximum
bonus length for a pool.
These are a few noteworthy changes to key functions:
* The prototype for dnode_hold_impl() now takes a "slots" parameter.
When the DNODE_MUST_BE_FREE flag is set, this parameter is used to
ensure the hole at the specified object offset is large enough to
hold the dnode being created. The slots parameter is also used
to ensure a dnode does not span multiple dnode blocks. In both of
these cases, if a failure occurs, ENOSPC is returned. Keep in mind,
these failure cases are only possible when using DNODE_MUST_BE_FREE.
If the DNODE_MUST_BE_ALLOCATED flag is set, "slots" must be 0.
dnode_hold_impl() will check if the requested dnode is already
consumed as an extra dnode slot by an large dnode, in which case
it returns ENOENT.
* The function dmu_object_alloc() advances to the next dnode block
if dnode_hold_impl() returns an error for a requested object.
This is because the beginning of the next dnode block is the only
location it can safely assume to either be a hole or a valid
starting point for a dnode.
* dnode_next_offset_level() and other functions that iterate
through dnode blocks may no longer use a simple array indexing
scheme. These now use the current dnode's dn_num_slots field to
advance to the next dnode in the block. This is to ensure we
properly skip the current dnode's bonus area and don't interpret it
as a valid dnode.
zdb
---
The zdb command was updated to display a dnode's size under the
"dnsize" column when the object is dumped.
For ZIL create log records, zdb will now display the slot count for
the object.
ztest
-----
Ztest chooses a random dnodesize for every newly created object. The
random distribution is more heavily weighted toward small dnodes to
better simulate real-world datasets.
Unused bonus buffer space is filled with non-zero values computed from
the object number, dataset id, offset, and generation number. This
helps ensure that the dnode traversal code properly skips the interior
regions of large dnodes, and that these interior regions are not
overwritten by data belonging to other dnodes. A new test visits each
object in a dataset. It verifies that the actual dnode size matches what
was stored in the ztest block tag when it was created. It also verifies
that the unused bonus buffer space is filled with the expected data
patterns.
ZFS Test Suite
--------------
Added six new large dnode-specific tests, and integrated the dnodesize
property into existing tests for zfs allow and send/recv.
Send/Receive
------------
ZFS send streams for datasets containing large dnodes cannot be received
on pools that don't support the large_dnode feature. A send stream with
large dnodes sets a DMU_BACKUP_FEATURE_LARGE_DNODE flag which will be
unrecognized by an incompatible receiving pool so that the zfs receive
will fail gracefully.
While not implemented here, it may be possible to generate a
backward-compatible send stream from a dataset containing large
dnodes. The implementation may be tricky, however, because the send
object record for a large dnode would need to be resized to a 512
byte dnode, possibly kicking in a spill block in the process. This
means we would need to construct a new SA layout and possibly
register it in the SA layout object. The SA layout is normally just
sent as an ordinary object record. But if we are constructing new
layouts while generating the send stream we'd have to build the SA
layout object dynamically and send it at the end of the stream.
For sending and receiving between pools that do support large dnodes,
the drr_object send record type is extended with a new field to store
the dnode slot count. This field was repurposed from unused padding
in the structure.
ZIL Replay
----------
The dnode slot count is stored in the uppermost 8 bits of the lr_foid
field. The bits were unused as the object id is currently capped at
48 bits.
Resizing Dnodes
---------------
It should be possible to resize a dnode when it is dirtied if the
current dnodesize dataset property differs from the dnode's size, but
this functionality is not currently implemented. Clearly a dnode can
only grow if there are sufficient contiguous unused slots in the
dnode block, but it should always be possible to shrink a dnode.
Growing dnodes may be useful to reduce fragmentation in a pool with
many spill blocks in use. Shrinking dnodes may be useful to allow
sending a dataset to a pool that doesn't support the large_dnode
feature.
Feature Reference Counting
--------------------------
The reference count for the large_dnode pool feature tracks the
number of datasets that have ever contained a dnode of size larger
than 512 bytes. The first time a large dnode is created in a dataset
the dataset is converted to an extensible dataset. This is a one-way
operation and the only way to decrement the feature count is to
destroy the dataset, even if the dataset no longer contains any large
dnodes. The complexity of reference counting on a per-dnode basis was
too high, so we chose to track it on a per-dataset basis similarly to
the large_block feature.
Signed-off-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #3542
2016-03-17 04:25:34 +03:00
|
|
|
objid = LR_FOID_GET_OBJ(lr->lr_foid);
|
|
|
|
dnodesize = LR_FOID_GET_SLOTS(lr->lr_foid) << DNODE_SHIFT;
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
xva_init(&xva);
|
2011-03-03 22:29:15 +03:00
|
|
|
zfs_init_vattr(&xva.xva_vattr, ATTR_MODE | ATTR_UID | ATTR_GID,
|
Implement large_dnode pool feature
Justification
-------------
This feature adds support for variable length dnodes. Our motivation is
to eliminate the overhead associated with using spill blocks. Spill
blocks are used to store system attribute data (i.e. file metadata) that
does not fit in the dnode's bonus buffer. By allowing a larger bonus
buffer area the use of a spill block can be avoided. Spill blocks
potentially incur an additional read I/O for every dnode in a dnode
block. As a worst case example, reading 32 dnodes from a 16k dnode block
and all of the spill blocks could issue 33 separate reads. Now suppose
those dnodes have size 1024 and therefore don't need spill blocks. Then
the worst case number of blocks read is reduced to from 33 to two--one
per dnode block. In practice spill blocks may tend to be co-located on
disk with the dnode blocks so the reduction in I/O would not be this
drastic. In a badly fragmented pool, however, the improvement could be
significant.
ZFS-on-Linux systems that make heavy use of extended attributes would
benefit from this feature. In particular, ZFS-on-Linux supports the
xattr=sa dataset property which allows file extended attribute data
to be stored in the dnode bonus buffer as an alternative to the
traditional directory-based format. Workloads such as SELinux and the
Lustre distributed filesystem often store enough xattr data to force
spill bocks when xattr=sa is in effect. Large dnodes may therefore
provide a performance benefit to such systems.
Other use cases that may benefit from this feature include files with
large ACLs and symbolic links with long target names. Furthermore,
this feature may be desirable on other platforms in case future
applications or features are developed that could make use of a
larger bonus buffer area.
Implementation
--------------
The size of a dnode may be a multiple of 512 bytes up to the size of
a dnode block (currently 16384 bytes). A dn_extra_slots field was
added to the current on-disk dnode_phys_t structure to describe the
size of the physical dnode on disk. The 8 bits for this field were
taken from the zero filled dn_pad2 field. The field represents how
many "extra" dnode_phys_t slots a dnode consumes in its dnode block.
This convention results in a value of 0 for 512 byte dnodes which
preserves on-disk format compatibility with older software.
Similarly, the in-memory dnode_t structure has a new dn_num_slots field
to represent the total number of dnode_phys_t slots consumed on disk.
Thus dn->dn_num_slots is 1 greater than the corresponding
dnp->dn_extra_slots. This difference in convention was adopted
because, unlike on-disk structures, backward compatibility is not a
concern for in-memory objects, so we used a more natural way to
represent size for a dnode_t.
The default size for newly created dnodes is determined by the value of
a new "dnodesize" dataset property. By default the property is set to
"legacy" which is compatible with older software. Setting the property
to "auto" will allow the filesystem to choose the most suitable dnode
size. Currently this just sets the default dnode size to 1k, but future
code improvements could dynamically choose a size based on observed
workload patterns. Dnodes of varying sizes can coexist within the same
dataset and even within the same dnode block. For example, to enable
automatically-sized dnodes, run
# zfs set dnodesize=auto tank/fish
The user can also specify literal values for the dnodesize property.
These are currently limited to powers of two from 1k to 16k. The
power-of-2 limitation is only for simplicity of the user interface.
Internally the implementation can handle any multiple of 512 up to 16k,
and consumers of the DMU API can specify any legal dnode value.
The size of a new dnode is determined at object allocation time and
stored as a new field in the znode in-memory structure. New DMU
interfaces are added to allow the consumer to specify the dnode size
that a newly allocated object should use. Existing interfaces are
unchanged to avoid having to update every call site and to preserve
compatibility with external consumers such as Lustre. The new
interfaces names are given below. The versions of these functions that
don't take a dnodesize parameter now just call the _dnsize() versions
with a dnodesize of 0, which means use the legacy dnode size.
New DMU interfaces:
dmu_object_alloc_dnsize()
dmu_object_claim_dnsize()
dmu_object_reclaim_dnsize()
New ZAP interfaces:
zap_create_dnsize()
zap_create_norm_dnsize()
zap_create_flags_dnsize()
zap_create_claim_norm_dnsize()
zap_create_link_dnsize()
The constant DN_MAX_BONUSLEN is renamed to DN_OLD_MAX_BONUSLEN. The
spa_maxdnodesize() function should be used to determine the maximum
bonus length for a pool.
These are a few noteworthy changes to key functions:
* The prototype for dnode_hold_impl() now takes a "slots" parameter.
When the DNODE_MUST_BE_FREE flag is set, this parameter is used to
ensure the hole at the specified object offset is large enough to
hold the dnode being created. The slots parameter is also used
to ensure a dnode does not span multiple dnode blocks. In both of
these cases, if a failure occurs, ENOSPC is returned. Keep in mind,
these failure cases are only possible when using DNODE_MUST_BE_FREE.
If the DNODE_MUST_BE_ALLOCATED flag is set, "slots" must be 0.
dnode_hold_impl() will check if the requested dnode is already
consumed as an extra dnode slot by an large dnode, in which case
it returns ENOENT.
* The function dmu_object_alloc() advances to the next dnode block
if dnode_hold_impl() returns an error for a requested object.
This is because the beginning of the next dnode block is the only
location it can safely assume to either be a hole or a valid
starting point for a dnode.
* dnode_next_offset_level() and other functions that iterate
through dnode blocks may no longer use a simple array indexing
scheme. These now use the current dnode's dn_num_slots field to
advance to the next dnode in the block. This is to ensure we
properly skip the current dnode's bonus area and don't interpret it
as a valid dnode.
zdb
---
The zdb command was updated to display a dnode's size under the
"dnsize" column when the object is dumped.
For ZIL create log records, zdb will now display the slot count for
the object.
ztest
-----
Ztest chooses a random dnodesize for every newly created object. The
random distribution is more heavily weighted toward small dnodes to
better simulate real-world datasets.
Unused bonus buffer space is filled with non-zero values computed from
the object number, dataset id, offset, and generation number. This
helps ensure that the dnode traversal code properly skips the interior
regions of large dnodes, and that these interior regions are not
overwritten by data belonging to other dnodes. A new test visits each
object in a dataset. It verifies that the actual dnode size matches what
was stored in the ztest block tag when it was created. It also verifies
that the unused bonus buffer space is filled with the expected data
patterns.
ZFS Test Suite
--------------
Added six new large dnode-specific tests, and integrated the dnodesize
property into existing tests for zfs allow and send/recv.
Send/Receive
------------
ZFS send streams for datasets containing large dnodes cannot be received
on pools that don't support the large_dnode feature. A send stream with
large dnodes sets a DMU_BACKUP_FEATURE_LARGE_DNODE flag which will be
unrecognized by an incompatible receiving pool so that the zfs receive
will fail gracefully.
While not implemented here, it may be possible to generate a
backward-compatible send stream from a dataset containing large
dnodes. The implementation may be tricky, however, because the send
object record for a large dnode would need to be resized to a 512
byte dnode, possibly kicking in a spill block in the process. This
means we would need to construct a new SA layout and possibly
register it in the SA layout object. The SA layout is normally just
sent as an ordinary object record. But if we are constructing new
layouts while generating the send stream we'd have to build the SA
layout object dynamically and send it at the end of the stream.
For sending and receiving between pools that do support large dnodes,
the drr_object send record type is extended with a new field to store
the dnode slot count. This field was repurposed from unused padding
in the structure.
ZIL Replay
----------
The dnode slot count is stored in the uppermost 8 bits of the lr_foid
field. The bits were unused as the object id is currently capped at
48 bits.
Resizing Dnodes
---------------
It should be possible to resize a dnode when it is dirtied if the
current dnodesize dataset property differs from the dnode's size, but
this functionality is not currently implemented. Clearly a dnode can
only grow if there are sufficient contiguous unused slots in the
dnode block, but it should always be possible to shrink a dnode.
Growing dnodes may be useful to reduce fragmentation in a pool with
many spill blocks in use. Shrinking dnodes may be useful to allow
sending a dataset to a pool that doesn't support the large_dnode
feature.
Feature Reference Counting
--------------------------
The reference count for the large_dnode pool feature tracks the
number of datasets that have ever contained a dnode of size larger
than 512 bytes. The first time a large dnode is created in a dataset
the dataset is converted to an extensible dataset. This is a one-way
operation and the only way to decrement the feature count is to
destroy the dataset, even if the dataset no longer contains any large
dnodes. The complexity of reference counting on a per-dnode basis was
too high, so we chose to track it on a per-dataset basis similarly to
the large_block feature.
Signed-off-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #3542
2016-03-17 04:25:34 +03:00
|
|
|
lr->lr_mode, lr->lr_uid, lr->lr_gid, lr->lr_rdev, objid);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* All forms of zfs create (create, mkdir, mkxattrdir, symlink)
|
|
|
|
* eventually end up in zfs_mknode(), which assigns the object's
|
Implement large_dnode pool feature
Justification
-------------
This feature adds support for variable length dnodes. Our motivation is
to eliminate the overhead associated with using spill blocks. Spill
blocks are used to store system attribute data (i.e. file metadata) that
does not fit in the dnode's bonus buffer. By allowing a larger bonus
buffer area the use of a spill block can be avoided. Spill blocks
potentially incur an additional read I/O for every dnode in a dnode
block. As a worst case example, reading 32 dnodes from a 16k dnode block
and all of the spill blocks could issue 33 separate reads. Now suppose
those dnodes have size 1024 and therefore don't need spill blocks. Then
the worst case number of blocks read is reduced to from 33 to two--one
per dnode block. In practice spill blocks may tend to be co-located on
disk with the dnode blocks so the reduction in I/O would not be this
drastic. In a badly fragmented pool, however, the improvement could be
significant.
ZFS-on-Linux systems that make heavy use of extended attributes would
benefit from this feature. In particular, ZFS-on-Linux supports the
xattr=sa dataset property which allows file extended attribute data
to be stored in the dnode bonus buffer as an alternative to the
traditional directory-based format. Workloads such as SELinux and the
Lustre distributed filesystem often store enough xattr data to force
spill bocks when xattr=sa is in effect. Large dnodes may therefore
provide a performance benefit to such systems.
Other use cases that may benefit from this feature include files with
large ACLs and symbolic links with long target names. Furthermore,
this feature may be desirable on other platforms in case future
applications or features are developed that could make use of a
larger bonus buffer area.
Implementation
--------------
The size of a dnode may be a multiple of 512 bytes up to the size of
a dnode block (currently 16384 bytes). A dn_extra_slots field was
added to the current on-disk dnode_phys_t structure to describe the
size of the physical dnode on disk. The 8 bits for this field were
taken from the zero filled dn_pad2 field. The field represents how
many "extra" dnode_phys_t slots a dnode consumes in its dnode block.
This convention results in a value of 0 for 512 byte dnodes which
preserves on-disk format compatibility with older software.
Similarly, the in-memory dnode_t structure has a new dn_num_slots field
to represent the total number of dnode_phys_t slots consumed on disk.
Thus dn->dn_num_slots is 1 greater than the corresponding
dnp->dn_extra_slots. This difference in convention was adopted
because, unlike on-disk structures, backward compatibility is not a
concern for in-memory objects, so we used a more natural way to
represent size for a dnode_t.
The default size for newly created dnodes is determined by the value of
a new "dnodesize" dataset property. By default the property is set to
"legacy" which is compatible with older software. Setting the property
to "auto" will allow the filesystem to choose the most suitable dnode
size. Currently this just sets the default dnode size to 1k, but future
code improvements could dynamically choose a size based on observed
workload patterns. Dnodes of varying sizes can coexist within the same
dataset and even within the same dnode block. For example, to enable
automatically-sized dnodes, run
# zfs set dnodesize=auto tank/fish
The user can also specify literal values for the dnodesize property.
These are currently limited to powers of two from 1k to 16k. The
power-of-2 limitation is only for simplicity of the user interface.
Internally the implementation can handle any multiple of 512 up to 16k,
and consumers of the DMU API can specify any legal dnode value.
The size of a new dnode is determined at object allocation time and
stored as a new field in the znode in-memory structure. New DMU
interfaces are added to allow the consumer to specify the dnode size
that a newly allocated object should use. Existing interfaces are
unchanged to avoid having to update every call site and to preserve
compatibility with external consumers such as Lustre. The new
interfaces names are given below. The versions of these functions that
don't take a dnodesize parameter now just call the _dnsize() versions
with a dnodesize of 0, which means use the legacy dnode size.
New DMU interfaces:
dmu_object_alloc_dnsize()
dmu_object_claim_dnsize()
dmu_object_reclaim_dnsize()
New ZAP interfaces:
zap_create_dnsize()
zap_create_norm_dnsize()
zap_create_flags_dnsize()
zap_create_claim_norm_dnsize()
zap_create_link_dnsize()
The constant DN_MAX_BONUSLEN is renamed to DN_OLD_MAX_BONUSLEN. The
spa_maxdnodesize() function should be used to determine the maximum
bonus length for a pool.
These are a few noteworthy changes to key functions:
* The prototype for dnode_hold_impl() now takes a "slots" parameter.
When the DNODE_MUST_BE_FREE flag is set, this parameter is used to
ensure the hole at the specified object offset is large enough to
hold the dnode being created. The slots parameter is also used
to ensure a dnode does not span multiple dnode blocks. In both of
these cases, if a failure occurs, ENOSPC is returned. Keep in mind,
these failure cases are only possible when using DNODE_MUST_BE_FREE.
If the DNODE_MUST_BE_ALLOCATED flag is set, "slots" must be 0.
dnode_hold_impl() will check if the requested dnode is already
consumed as an extra dnode slot by an large dnode, in which case
it returns ENOENT.
* The function dmu_object_alloc() advances to the next dnode block
if dnode_hold_impl() returns an error for a requested object.
This is because the beginning of the next dnode block is the only
location it can safely assume to either be a hole or a valid
starting point for a dnode.
* dnode_next_offset_level() and other functions that iterate
through dnode blocks may no longer use a simple array indexing
scheme. These now use the current dnode's dn_num_slots field to
advance to the next dnode in the block. This is to ensure we
properly skip the current dnode's bonus area and don't interpret it
as a valid dnode.
zdb
---
The zdb command was updated to display a dnode's size under the
"dnsize" column when the object is dumped.
For ZIL create log records, zdb will now display the slot count for
the object.
ztest
-----
Ztest chooses a random dnodesize for every newly created object. The
random distribution is more heavily weighted toward small dnodes to
better simulate real-world datasets.
Unused bonus buffer space is filled with non-zero values computed from
the object number, dataset id, offset, and generation number. This
helps ensure that the dnode traversal code properly skips the interior
regions of large dnodes, and that these interior regions are not
overwritten by data belonging to other dnodes. A new test visits each
object in a dataset. It verifies that the actual dnode size matches what
was stored in the ztest block tag when it was created. It also verifies
that the unused bonus buffer space is filled with the expected data
patterns.
ZFS Test Suite
--------------
Added six new large dnode-specific tests, and integrated the dnodesize
property into existing tests for zfs allow and send/recv.
Send/Receive
------------
ZFS send streams for datasets containing large dnodes cannot be received
on pools that don't support the large_dnode feature. A send stream with
large dnodes sets a DMU_BACKUP_FEATURE_LARGE_DNODE flag which will be
unrecognized by an incompatible receiving pool so that the zfs receive
will fail gracefully.
While not implemented here, it may be possible to generate a
backward-compatible send stream from a dataset containing large
dnodes. The implementation may be tricky, however, because the send
object record for a large dnode would need to be resized to a 512
byte dnode, possibly kicking in a spill block in the process. This
means we would need to construct a new SA layout and possibly
register it in the SA layout object. The SA layout is normally just
sent as an ordinary object record. But if we are constructing new
layouts while generating the send stream we'd have to build the SA
layout object dynamically and send it at the end of the stream.
For sending and receiving between pools that do support large dnodes,
the drr_object send record type is extended with a new field to store
the dnode slot count. This field was repurposed from unused padding
in the structure.
ZIL Replay
----------
The dnode slot count is stored in the uppermost 8 bits of the lr_foid
field. The bits were unused as the object id is currently capped at
48 bits.
Resizing Dnodes
---------------
It should be possible to resize a dnode when it is dirtied if the
current dnodesize dataset property differs from the dnode's size, but
this functionality is not currently implemented. Clearly a dnode can
only grow if there are sufficient contiguous unused slots in the
dnode block, but it should always be possible to shrink a dnode.
Growing dnodes may be useful to reduce fragmentation in a pool with
many spill blocks in use. Shrinking dnodes may be useful to allow
sending a dataset to a pool that doesn't support the large_dnode
feature.
Feature Reference Counting
--------------------------
The reference count for the large_dnode pool feature tracks the
number of datasets that have ever contained a dnode of size larger
than 512 bytes. The first time a large dnode is created in a dataset
the dataset is converted to an extensible dataset. This is a one-way
operation and the only way to decrement the feature count is to
destroy the dataset, even if the dataset no longer contains any large
dnodes. The complexity of reference counting on a per-dnode basis was
too high, so we chose to track it on a per-dataset basis similarly to
the large_block feature.
Signed-off-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #3542
2016-03-17 04:25:34 +03:00
|
|
|
* creation time, generation number, and dnode slot count. The
|
|
|
|
* generic zfs_create() has no concept of these attributes, so
|
2017-08-29 19:00:28 +03:00
|
|
|
* we smuggle the values inside the vattr's otherwise unused
|
|
|
|
* va_ctime, va_nblocks, and va_fsid fields.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
|
|
|
ZFS_TIME_DECODE(&xva.xva_vattr.va_ctime, lr->lr_crtime);
|
|
|
|
xva.xva_vattr.va_nblocks = lr->lr_gen;
|
Implement large_dnode pool feature
Justification
-------------
This feature adds support for variable length dnodes. Our motivation is
to eliminate the overhead associated with using spill blocks. Spill
blocks are used to store system attribute data (i.e. file metadata) that
does not fit in the dnode's bonus buffer. By allowing a larger bonus
buffer area the use of a spill block can be avoided. Spill blocks
potentially incur an additional read I/O for every dnode in a dnode
block. As a worst case example, reading 32 dnodes from a 16k dnode block
and all of the spill blocks could issue 33 separate reads. Now suppose
those dnodes have size 1024 and therefore don't need spill blocks. Then
the worst case number of blocks read is reduced to from 33 to two--one
per dnode block. In practice spill blocks may tend to be co-located on
disk with the dnode blocks so the reduction in I/O would not be this
drastic. In a badly fragmented pool, however, the improvement could be
significant.
ZFS-on-Linux systems that make heavy use of extended attributes would
benefit from this feature. In particular, ZFS-on-Linux supports the
xattr=sa dataset property which allows file extended attribute data
to be stored in the dnode bonus buffer as an alternative to the
traditional directory-based format. Workloads such as SELinux and the
Lustre distributed filesystem often store enough xattr data to force
spill bocks when xattr=sa is in effect. Large dnodes may therefore
provide a performance benefit to such systems.
Other use cases that may benefit from this feature include files with
large ACLs and symbolic links with long target names. Furthermore,
this feature may be desirable on other platforms in case future
applications or features are developed that could make use of a
larger bonus buffer area.
Implementation
--------------
The size of a dnode may be a multiple of 512 bytes up to the size of
a dnode block (currently 16384 bytes). A dn_extra_slots field was
added to the current on-disk dnode_phys_t structure to describe the
size of the physical dnode on disk. The 8 bits for this field were
taken from the zero filled dn_pad2 field. The field represents how
many "extra" dnode_phys_t slots a dnode consumes in its dnode block.
This convention results in a value of 0 for 512 byte dnodes which
preserves on-disk format compatibility with older software.
Similarly, the in-memory dnode_t structure has a new dn_num_slots field
to represent the total number of dnode_phys_t slots consumed on disk.
Thus dn->dn_num_slots is 1 greater than the corresponding
dnp->dn_extra_slots. This difference in convention was adopted
because, unlike on-disk structures, backward compatibility is not a
concern for in-memory objects, so we used a more natural way to
represent size for a dnode_t.
The default size for newly created dnodes is determined by the value of
a new "dnodesize" dataset property. By default the property is set to
"legacy" which is compatible with older software. Setting the property
to "auto" will allow the filesystem to choose the most suitable dnode
size. Currently this just sets the default dnode size to 1k, but future
code improvements could dynamically choose a size based on observed
workload patterns. Dnodes of varying sizes can coexist within the same
dataset and even within the same dnode block. For example, to enable
automatically-sized dnodes, run
# zfs set dnodesize=auto tank/fish
The user can also specify literal values for the dnodesize property.
These are currently limited to powers of two from 1k to 16k. The
power-of-2 limitation is only for simplicity of the user interface.
Internally the implementation can handle any multiple of 512 up to 16k,
and consumers of the DMU API can specify any legal dnode value.
The size of a new dnode is determined at object allocation time and
stored as a new field in the znode in-memory structure. New DMU
interfaces are added to allow the consumer to specify the dnode size
that a newly allocated object should use. Existing interfaces are
unchanged to avoid having to update every call site and to preserve
compatibility with external consumers such as Lustre. The new
interfaces names are given below. The versions of these functions that
don't take a dnodesize parameter now just call the _dnsize() versions
with a dnodesize of 0, which means use the legacy dnode size.
New DMU interfaces:
dmu_object_alloc_dnsize()
dmu_object_claim_dnsize()
dmu_object_reclaim_dnsize()
New ZAP interfaces:
zap_create_dnsize()
zap_create_norm_dnsize()
zap_create_flags_dnsize()
zap_create_claim_norm_dnsize()
zap_create_link_dnsize()
The constant DN_MAX_BONUSLEN is renamed to DN_OLD_MAX_BONUSLEN. The
spa_maxdnodesize() function should be used to determine the maximum
bonus length for a pool.
These are a few noteworthy changes to key functions:
* The prototype for dnode_hold_impl() now takes a "slots" parameter.
When the DNODE_MUST_BE_FREE flag is set, this parameter is used to
ensure the hole at the specified object offset is large enough to
hold the dnode being created. The slots parameter is also used
to ensure a dnode does not span multiple dnode blocks. In both of
these cases, if a failure occurs, ENOSPC is returned. Keep in mind,
these failure cases are only possible when using DNODE_MUST_BE_FREE.
If the DNODE_MUST_BE_ALLOCATED flag is set, "slots" must be 0.
dnode_hold_impl() will check if the requested dnode is already
consumed as an extra dnode slot by an large dnode, in which case
it returns ENOENT.
* The function dmu_object_alloc() advances to the next dnode block
if dnode_hold_impl() returns an error for a requested object.
This is because the beginning of the next dnode block is the only
location it can safely assume to either be a hole or a valid
starting point for a dnode.
* dnode_next_offset_level() and other functions that iterate
through dnode blocks may no longer use a simple array indexing
scheme. These now use the current dnode's dn_num_slots field to
advance to the next dnode in the block. This is to ensure we
properly skip the current dnode's bonus area and don't interpret it
as a valid dnode.
zdb
---
The zdb command was updated to display a dnode's size under the
"dnsize" column when the object is dumped.
For ZIL create log records, zdb will now display the slot count for
the object.
ztest
-----
Ztest chooses a random dnodesize for every newly created object. The
random distribution is more heavily weighted toward small dnodes to
better simulate real-world datasets.
Unused bonus buffer space is filled with non-zero values computed from
the object number, dataset id, offset, and generation number. This
helps ensure that the dnode traversal code properly skips the interior
regions of large dnodes, and that these interior regions are not
overwritten by data belonging to other dnodes. A new test visits each
object in a dataset. It verifies that the actual dnode size matches what
was stored in the ztest block tag when it was created. It also verifies
that the unused bonus buffer space is filled with the expected data
patterns.
ZFS Test Suite
--------------
Added six new large dnode-specific tests, and integrated the dnodesize
property into existing tests for zfs allow and send/recv.
Send/Receive
------------
ZFS send streams for datasets containing large dnodes cannot be received
on pools that don't support the large_dnode feature. A send stream with
large dnodes sets a DMU_BACKUP_FEATURE_LARGE_DNODE flag which will be
unrecognized by an incompatible receiving pool so that the zfs receive
will fail gracefully.
While not implemented here, it may be possible to generate a
backward-compatible send stream from a dataset containing large
dnodes. The implementation may be tricky, however, because the send
object record for a large dnode would need to be resized to a 512
byte dnode, possibly kicking in a spill block in the process. This
means we would need to construct a new SA layout and possibly
register it in the SA layout object. The SA layout is normally just
sent as an ordinary object record. But if we are constructing new
layouts while generating the send stream we'd have to build the SA
layout object dynamically and send it at the end of the stream.
For sending and receiving between pools that do support large dnodes,
the drr_object send record type is extended with a new field to store
the dnode slot count. This field was repurposed from unused padding
in the structure.
ZIL Replay
----------
The dnode slot count is stored in the uppermost 8 bits of the lr_foid
field. The bits were unused as the object id is currently capped at
48 bits.
Resizing Dnodes
---------------
It should be possible to resize a dnode when it is dirtied if the
current dnodesize dataset property differs from the dnode's size, but
this functionality is not currently implemented. Clearly a dnode can
only grow if there are sufficient contiguous unused slots in the
dnode block, but it should always be possible to shrink a dnode.
Growing dnodes may be useful to reduce fragmentation in a pool with
many spill blocks in use. Shrinking dnodes may be useful to allow
sending a dataset to a pool that doesn't support the large_dnode
feature.
Feature Reference Counting
--------------------------
The reference count for the large_dnode pool feature tracks the
number of datasets that have ever contained a dnode of size larger
than 512 bytes. The first time a large dnode is created in a dataset
the dataset is converted to an extensible dataset. This is a one-way
operation and the only way to decrement the feature count is to
destroy the dataset, even if the dataset no longer contains any large
dnodes. The complexity of reference counting on a per-dnode basis was
too high, so we chose to track it on a per-dataset basis similarly to
the large_block feature.
Signed-off-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #3542
2016-03-17 04:25:34 +03:00
|
|
|
xva.xva_vattr.va_fsid = dnodesize;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2019-08-28 20:42:02 +03:00
|
|
|
error = dnode_try_claim(zfsvfs->z_os, objid, dnodesize >> DNODE_SHIFT);
|
|
|
|
if (error)
|
2008-11-20 23:01:55 +03:00
|
|
|
goto out;
|
|
|
|
|
|
|
|
if (lr->lr_common.lrc_txtype & TX_CI)
|
|
|
|
vflg |= FIGNORECASE;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Symlinks don't have fuid info, and CIFS never creates
|
|
|
|
* symlinks.
|
|
|
|
*
|
|
|
|
* The _ATTR versions will grab the fuid info in their subcases.
|
|
|
|
*/
|
2023-02-14 22:05:41 +03:00
|
|
|
if (txtype != TX_SYMLINK &&
|
|
|
|
txtype != TX_MKDIR_ATTR &&
|
|
|
|
txtype != TX_CREATE_ATTR) {
|
2024-09-27 19:18:11 +03:00
|
|
|
start = (void *)&lrc->lr_data[0];
|
2017-03-08 03:21:37 +03:00
|
|
|
zfsvfs->z_fuid_replay =
|
2008-11-20 23:01:55 +03:00
|
|
|
zfs_replay_fuid_domain(start, &start,
|
|
|
|
lr->lr_uid, lr->lr_gid);
|
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
switch (txtype) {
|
2008-11-20 23:01:55 +03:00
|
|
|
case TX_CREATE_ATTR:
|
2024-09-27 19:18:11 +03:00
|
|
|
lrattr = (lr_attr_t *)&lrc->lr_data[0];
|
2008-11-20 23:01:55 +03:00
|
|
|
xvatlen = ZIL_XVAT_SIZE(lrattr->lr_attr_masksize);
|
2024-09-27 19:18:11 +03:00
|
|
|
zfs_replay_xvattr(lrattr, &xva);
|
|
|
|
start = (void *)&lrc->lr_data[xvatlen];
|
2017-03-08 03:21:37 +03:00
|
|
|
zfsvfs->z_fuid_replay =
|
2008-11-20 23:01:55 +03:00
|
|
|
zfs_replay_fuid_domain(start, &start,
|
|
|
|
lr->lr_uid, lr->lr_gid);
|
|
|
|
name = (char *)start;
|
2022-02-15 19:58:59 +03:00
|
|
|
zfs_fallthrough;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
case TX_CREATE:
|
|
|
|
if (name == NULL)
|
|
|
|
name = (char *)start;
|
|
|
|
|
2022-11-08 21:28:56 +03:00
|
|
|
#if defined(__linux__)
|
|
|
|
error = zfs_create(dzp, name, &xva.xva_vattr,
|
2023-04-11 00:15:36 +03:00
|
|
|
0, 0, &zp, kcred, vflg, NULL, zfs_init_idmap);
|
2022-11-08 21:28:56 +03:00
|
|
|
#else
|
2019-12-11 22:53:57 +03:00
|
|
|
error = zfs_create(dzp, name, &xva.xva_vattr,
|
2022-10-19 21:17:09 +03:00
|
|
|
0, 0, &zp, kcred, vflg, NULL, NULL);
|
2022-11-08 21:28:56 +03:00
|
|
|
#endif
|
2008-11-20 23:01:55 +03:00
|
|
|
break;
|
|
|
|
case TX_MKDIR_ATTR:
|
2024-09-27 19:18:11 +03:00
|
|
|
lrattr = (lr_attr_t *)&lrc->lr_data[0];
|
2008-11-20 23:01:55 +03:00
|
|
|
xvatlen = ZIL_XVAT_SIZE(lrattr->lr_attr_masksize);
|
2024-09-27 19:18:11 +03:00
|
|
|
zfs_replay_xvattr(lrattr, &xva);
|
|
|
|
start = &lrc->lr_data[xvatlen];
|
2017-03-08 03:21:37 +03:00
|
|
|
zfsvfs->z_fuid_replay =
|
2008-11-20 23:01:55 +03:00
|
|
|
zfs_replay_fuid_domain(start, &start,
|
|
|
|
lr->lr_uid, lr->lr_gid);
|
|
|
|
name = (char *)start;
|
2022-02-15 19:58:59 +03:00
|
|
|
zfs_fallthrough;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
case TX_MKDIR:
|
|
|
|
if (name == NULL)
|
2024-09-27 19:18:11 +03:00
|
|
|
name = (char *)&lrc->lr_data[0];
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2022-11-08 21:28:56 +03:00
|
|
|
#if defined(__linux__)
|
|
|
|
error = zfs_mkdir(dzp, name, &xva.xva_vattr,
|
2023-04-11 00:15:36 +03:00
|
|
|
&zp, kcred, vflg, NULL, zfs_init_idmap);
|
2022-11-08 21:28:56 +03:00
|
|
|
#else
|
2019-12-11 22:53:57 +03:00
|
|
|
error = zfs_mkdir(dzp, name, &xva.xva_vattr,
|
2022-10-19 21:17:09 +03:00
|
|
|
&zp, kcred, vflg, NULL, NULL);
|
2022-11-08 21:28:56 +03:00
|
|
|
#endif
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
break;
|
|
|
|
case TX_MKXATTR:
|
2019-12-11 22:53:57 +03:00
|
|
|
error = zfs_make_xattrdir(dzp, &xva.xva_vattr, &zp, kcred);
|
2008-11-20 23:01:55 +03:00
|
|
|
break;
|
|
|
|
case TX_SYMLINK:
|
2024-09-27 19:18:11 +03:00
|
|
|
name = &lrc->lr_data[0];
|
|
|
|
link = &lrc->lr_data[strlen(name) + 1];
|
2022-11-08 21:28:56 +03:00
|
|
|
#if defined(__linux__)
|
|
|
|
error = zfs_symlink(dzp, name, &xva.xva_vattr,
|
2023-04-11 00:15:36 +03:00
|
|
|
link, &zp, kcred, vflg, zfs_init_idmap);
|
2022-11-08 21:28:56 +03:00
|
|
|
#else
|
2019-12-11 22:53:57 +03:00
|
|
|
error = zfs_symlink(dzp, name, &xva.xva_vattr,
|
2022-10-19 21:17:09 +03:00
|
|
|
link, &zp, kcred, vflg, NULL);
|
2022-11-08 21:28:56 +03:00
|
|
|
#endif
|
2008-11-20 23:01:55 +03:00
|
|
|
break;
|
|
|
|
default:
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(ENOTSUP);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2020-01-23 04:55:56 +03:00
|
|
|
out:
|
|
|
|
if (error == 0 && zp != NULL) {
|
2019-12-13 18:54:10 +03:00
|
|
|
#ifdef __FreeBSD__
|
2024-08-06 02:56:45 +03:00
|
|
|
VOP_UNLOCK(ZTOV(zp));
|
2019-12-13 18:54:10 +03:00
|
|
|
#endif
|
2019-12-11 22:53:57 +03:00
|
|
|
zrele(zp);
|
2020-01-23 04:55:56 +03:00
|
|
|
}
|
2019-12-11 22:53:57 +03:00
|
|
|
zrele(dzp);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if (zfsvfs->z_fuid_replay)
|
|
|
|
zfs_fuid_info_free(zfsvfs->z_fuid_replay);
|
|
|
|
zfsvfs->z_fuid_replay = NULL;
|
2008-11-20 23:01:55 +03:00
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
2017-10-27 22:46:35 +03:00
|
|
|
zfs_replay_remove(void *arg1, void *arg2, boolean_t byteswap)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2017-10-27 22:46:35 +03:00
|
|
|
zfsvfs_t *zfsvfs = arg1;
|
|
|
|
lr_remove_t *lr = arg2;
|
2024-09-27 19:18:11 +03:00
|
|
|
char *name = (char *)&lr->lr_data[0]; /* name follows lr_remove_t */
|
2008-11-20 23:01:55 +03:00
|
|
|
znode_t *dzp;
|
|
|
|
int error;
|
|
|
|
int vflg = 0;
|
|
|
|
|
2023-11-29 00:35:14 +03:00
|
|
|
ASSERT3U(lr->lr_common.lrc_reclen, >, sizeof (*lr));
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
if (byteswap)
|
|
|
|
byteswap_uint64_array(lr, sizeof (*lr));
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if ((error = zfs_zget(zfsvfs, lr->lr_doid, &dzp)) != 0)
|
2008-11-20 23:01:55 +03:00
|
|
|
return (error);
|
|
|
|
|
|
|
|
if (lr->lr_common.lrc_txtype & TX_CI)
|
|
|
|
vflg |= FIGNORECASE;
|
|
|
|
|
|
|
|
switch ((int)lr->lr_common.lrc_txtype) {
|
|
|
|
case TX_REMOVE:
|
2019-12-11 22:53:57 +03:00
|
|
|
error = zfs_remove(dzp, name, kcred, vflg);
|
2008-11-20 23:01:55 +03:00
|
|
|
break;
|
|
|
|
case TX_RMDIR:
|
2019-12-11 22:53:57 +03:00
|
|
|
error = zfs_rmdir(dzp, name, NULL, kcred, vflg);
|
2008-11-20 23:01:55 +03:00
|
|
|
break;
|
|
|
|
default:
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(ENOTSUP);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2019-12-11 22:53:57 +03:00
|
|
|
zrele(dzp);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
2017-10-27 22:46:35 +03:00
|
|
|
zfs_replay_link(void *arg1, void *arg2, boolean_t byteswap)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2017-10-27 22:46:35 +03:00
|
|
|
zfsvfs_t *zfsvfs = arg1;
|
|
|
|
lr_link_t *lr = arg2;
|
2024-09-27 19:18:11 +03:00
|
|
|
char *name = &lr->lr_data[0]; /* name follows lr_link_t */
|
2008-11-20 23:01:55 +03:00
|
|
|
znode_t *dzp, *zp;
|
|
|
|
int error;
|
2011-03-01 23:24:09 +03:00
|
|
|
int vflg = 0;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2023-11-29 00:35:14 +03:00
|
|
|
ASSERT3U(lr->lr_common.lrc_reclen, >, sizeof (*lr));
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
if (byteswap)
|
|
|
|
byteswap_uint64_array(lr, sizeof (*lr));
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if ((error = zfs_zget(zfsvfs, lr->lr_doid, &dzp)) != 0)
|
2008-11-20 23:01:55 +03:00
|
|
|
return (error);
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if ((error = zfs_zget(zfsvfs, lr->lr_link_obj, &zp)) != 0) {
|
2019-12-11 22:53:57 +03:00
|
|
|
zrele(dzp);
|
2008-11-20 23:01:55 +03:00
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (lr->lr_common.lrc_txtype & TX_CI)
|
|
|
|
vflg |= FIGNORECASE;
|
|
|
|
|
2019-12-11 22:53:57 +03:00
|
|
|
error = zfs_link(dzp, zp, name, kcred, vflg);
|
|
|
|
zrele(zp);
|
|
|
|
zrele(dzp);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
2024-09-27 19:18:11 +03:00
|
|
|
do_zfs_replay_rename(zfsvfs_t *zfsvfs, _lr_rename_t *lr, char *sname,
|
2019-06-22 03:35:11 +03:00
|
|
|
char *tname, uint64_t rflags, vattr_t *wo_vap)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
|
|
|
znode_t *sdzp, *tdzp;
|
2019-06-22 03:35:11 +03:00
|
|
|
int error, vflg = 0;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2019-06-22 03:35:11 +03:00
|
|
|
/* Only Linux currently supports RENAME_* flags. */
|
|
|
|
#ifdef __linux__
|
|
|
|
VERIFY0(rflags & ~(RENAME_EXCHANGE | RENAME_WHITEOUT));
|
|
|
|
|
|
|
|
/* wo_vap must be non-NULL iff. we're doing RENAME_WHITEOUT */
|
|
|
|
VERIFY_EQUIV(rflags & RENAME_WHITEOUT, wo_vap != NULL);
|
|
|
|
#else
|
|
|
|
VERIFY0(rflags);
|
|
|
|
#endif
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if ((error = zfs_zget(zfsvfs, lr->lr_sdoid, &sdzp)) != 0)
|
2008-11-20 23:01:55 +03:00
|
|
|
return (error);
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if ((error = zfs_zget(zfsvfs, lr->lr_tdoid, &tdzp)) != 0) {
|
2019-12-11 22:53:57 +03:00
|
|
|
zrele(sdzp);
|
2008-11-20 23:01:55 +03:00
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (lr->lr_common.lrc_txtype & TX_CI)
|
|
|
|
vflg |= FIGNORECASE;
|
|
|
|
|
2022-11-08 21:28:56 +03:00
|
|
|
#if defined(__linux__)
|
|
|
|
error = zfs_rename(sdzp, sname, tdzp, tname, kcred, vflg, rflags,
|
2023-04-11 00:15:36 +03:00
|
|
|
wo_vap, zfs_init_idmap);
|
2022-11-08 21:28:56 +03:00
|
|
|
#else
|
2019-06-22 03:35:11 +03:00
|
|
|
error = zfs_rename(sdzp, sname, tdzp, tname, kcred, vflg, rflags,
|
|
|
|
wo_vap, NULL);
|
2022-11-08 21:28:56 +03:00
|
|
|
#endif
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2019-12-11 22:53:57 +03:00
|
|
|
zrele(tdzp);
|
|
|
|
zrele(sdzp);
|
2008-11-20 23:01:55 +03:00
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
2019-06-22 03:35:11 +03:00
|
|
|
static int
|
|
|
|
zfs_replay_rename(void *arg1, void *arg2, boolean_t byteswap)
|
|
|
|
{
|
|
|
|
zfsvfs_t *zfsvfs = arg1;
|
2024-09-27 19:18:11 +03:00
|
|
|
lr_rename_t *lrr = arg2;
|
|
|
|
_lr_rename_t *lr = &lrr->lr_rename;
|
2023-11-29 00:35:14 +03:00
|
|
|
|
|
|
|
ASSERT3U(lr->lr_common.lrc_reclen, >, sizeof (*lr));
|
2019-06-22 03:35:11 +03:00
|
|
|
|
|
|
|
if (byteswap)
|
2024-09-27 19:18:11 +03:00
|
|
|
byteswap_uint64_array(lrr, sizeof (*lrr));
|
2019-06-22 03:35:11 +03:00
|
|
|
|
2024-09-27 19:18:11 +03:00
|
|
|
/* sname and tname follow lr_rename_t */
|
|
|
|
char *sname = (char *)&lrr->lr_data[0];
|
|
|
|
char *tname = (char *)&lrr->lr_data[strlen(sname)+1];
|
2019-06-22 03:35:11 +03:00
|
|
|
return (do_zfs_replay_rename(zfsvfs, lr, sname, tname, 0, NULL));
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
zfs_replay_rename_exchange(void *arg1, void *arg2, boolean_t byteswap)
|
|
|
|
{
|
|
|
|
#ifdef __linux__
|
|
|
|
zfsvfs_t *zfsvfs = arg1;
|
2024-09-27 19:18:11 +03:00
|
|
|
lr_rename_t *lrr = arg2;
|
|
|
|
_lr_rename_t *lr = &lrr->lr_rename;
|
2023-11-29 00:35:14 +03:00
|
|
|
|
|
|
|
ASSERT3U(lr->lr_common.lrc_reclen, >, sizeof (*lr));
|
2019-06-22 03:35:11 +03:00
|
|
|
|
|
|
|
if (byteswap)
|
2024-09-27 19:18:11 +03:00
|
|
|
byteswap_uint64_array(lrr, sizeof (*lrr));
|
2019-06-22 03:35:11 +03:00
|
|
|
|
2024-09-27 19:18:11 +03:00
|
|
|
/* sname and tname follow lr_rename_t */
|
|
|
|
char *sname = (char *)&lrr->lr_data[0];
|
|
|
|
char *tname = (char *)&lrr->lr_data[strlen(sname)+1];
|
2019-06-22 03:35:11 +03:00
|
|
|
return (do_zfs_replay_rename(zfsvfs, lr, sname, tname, RENAME_EXCHANGE,
|
|
|
|
NULL));
|
|
|
|
#else
|
|
|
|
return (SET_ERROR(ENOTSUP));
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
zfs_replay_rename_whiteout(void *arg1, void *arg2, boolean_t byteswap)
|
|
|
|
{
|
|
|
|
#ifdef __linux__
|
|
|
|
zfsvfs_t *zfsvfs = arg1;
|
2024-09-27 19:18:11 +03:00
|
|
|
lr_rename_whiteout_t *lrrw = arg2;
|
|
|
|
_lr_rename_t *lr = &lrrw->lr_rename;
|
2019-06-22 03:35:11 +03:00
|
|
|
int error;
|
|
|
|
/* For the whiteout file. */
|
|
|
|
xvattr_t xva;
|
|
|
|
uint64_t objid;
|
|
|
|
uint64_t dnodesize;
|
|
|
|
|
2024-09-27 19:18:11 +03:00
|
|
|
ASSERT3U(lr->lr_common.lrc_reclen, >, sizeof (*lr));
|
2023-11-29 00:35:14 +03:00
|
|
|
|
2019-06-22 03:35:11 +03:00
|
|
|
if (byteswap)
|
2024-09-27 19:18:11 +03:00
|
|
|
byteswap_uint64_array(lrrw, sizeof (*lrrw));
|
2019-06-22 03:35:11 +03:00
|
|
|
|
2024-09-27 19:18:11 +03:00
|
|
|
objid = LR_FOID_GET_OBJ(lrrw->lr_wfoid);
|
|
|
|
dnodesize = LR_FOID_GET_SLOTS(lrrw->lr_wfoid) << DNODE_SHIFT;
|
2019-06-22 03:35:11 +03:00
|
|
|
|
|
|
|
xva_init(&xva);
|
|
|
|
zfs_init_vattr(&xva.xva_vattr, ATTR_MODE | ATTR_UID | ATTR_GID,
|
2024-09-27 19:18:11 +03:00
|
|
|
lrrw->lr_wmode, lrrw->lr_wuid, lrrw->lr_wgid, lrrw->lr_wrdev,
|
|
|
|
objid);
|
2019-06-22 03:35:11 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* As with TX_CREATE, RENAME_WHITEOUT ends up in zfs_mknode(), which
|
|
|
|
* assigns the object's creation time, generation number, and dnode
|
|
|
|
* slot count. The generic zfs_rename() has no concept of these
|
|
|
|
* attributes, so we smuggle the values inside the vattr's otherwise
|
|
|
|
* unused va_ctime, va_nblocks, and va_fsid fields.
|
|
|
|
*/
|
2024-09-27 19:18:11 +03:00
|
|
|
ZFS_TIME_DECODE(&xva.xva_vattr.va_ctime, lrrw->lr_wcrtime);
|
|
|
|
xva.xva_vattr.va_nblocks = lrrw->lr_wgen;
|
2019-06-22 03:35:11 +03:00
|
|
|
xva.xva_vattr.va_fsid = dnodesize;
|
|
|
|
|
|
|
|
error = dnode_try_claim(zfsvfs->z_os, objid, dnodesize >> DNODE_SHIFT);
|
|
|
|
if (error)
|
|
|
|
return (error);
|
|
|
|
|
2023-11-29 00:35:14 +03:00
|
|
|
/* sname and tname follow lr_rename_whiteout_t */
|
2024-09-27 19:18:11 +03:00
|
|
|
char *sname = (char *)&lrrw->lr_data[0];
|
|
|
|
char *tname = (char *)&lrrw->lr_data[strlen(sname)+1];
|
|
|
|
return (do_zfs_replay_rename(zfsvfs, lr, sname, tname,
|
2019-06-22 03:35:11 +03:00
|
|
|
RENAME_WHITEOUT, &xva.xva_vattr));
|
|
|
|
#else
|
|
|
|
return (SET_ERROR(ENOTSUP));
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
static int
|
2017-10-27 22:46:35 +03:00
|
|
|
zfs_replay_write(void *arg1, void *arg2, boolean_t byteswap)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2017-10-27 22:46:35 +03:00
|
|
|
zfsvfs_t *zfsvfs = arg1;
|
|
|
|
lr_write_t *lr = arg2;
|
2024-09-27 19:18:11 +03:00
|
|
|
char *data = &lr->lr_data[0]; /* data follows lr_write_t */
|
2008-11-20 23:01:55 +03:00
|
|
|
znode_t *zp;
|
2019-12-13 18:54:10 +03:00
|
|
|
int error;
|
2010-08-27 01:24:34 +04:00
|
|
|
uint64_t eod, offset, length;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2023-11-29 00:35:14 +03:00
|
|
|
ASSERT3U(lr->lr_common.lrc_reclen, >=, sizeof (*lr));
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
if (byteswap)
|
|
|
|
byteswap_uint64_array(lr, sizeof (*lr));
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if ((error = zfs_zget(zfsvfs, lr->lr_foid, &zp)) != 0) {
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* As we can log writes out of order, it's possible the
|
|
|
|
* file has been removed. In this case just drop the write
|
|
|
|
* and return success.
|
|
|
|
*/
|
|
|
|
if (error == ENOENT)
|
|
|
|
error = 0;
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
offset = lr->lr_offset;
|
|
|
|
length = lr->lr_length;
|
2010-08-27 01:24:34 +04:00
|
|
|
eod = offset + length; /* end of data for this write */
|
2010-05-29 00:45:14 +04:00
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
/*
|
|
|
|
* This may be a write from a dmu_sync() for a whole block,
|
|
|
|
* and may extend beyond the current end of the file.
|
|
|
|
* We can't just replay what was written for this TX_WRITE as
|
|
|
|
* a future TX_WRITE2 may extend the eof and the data for that
|
|
|
|
* write needs to be there. So we write the whole block and
|
|
|
|
* reduce the eof. This needs to be done within the single dmu
|
|
|
|
* transaction created within vn_rdwr -> zfs_write. So a possible
|
2017-03-08 03:21:37 +03:00
|
|
|
* new end of file is passed through in zfsvfs->z_replay_eof
|
2010-08-27 01:24:34 +04:00
|
|
|
*/
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
zfsvfs->z_replay_eof = 0; /* 0 means don't change end of file */
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
/* If it's a dmu_sync() block, write the whole block */
|
|
|
|
if (lr->lr_common.lrc_reclen == sizeof (lr_write_t)) {
|
|
|
|
uint64_t blocksize = BP_GET_LSIZE(&lr->lr_blkptr);
|
|
|
|
if (length < blocksize) {
|
|
|
|
offset -= offset % blocksize;
|
|
|
|
length = blocksize;
|
|
|
|
}
|
2010-08-27 01:24:34 +04:00
|
|
|
if (zp->z_size < eod)
|
2017-03-08 03:21:37 +03:00
|
|
|
zfsvfs->z_replay_eof = eod;
|
2010-05-29 00:45:14 +04:00
|
|
|
}
|
2019-12-13 18:54:10 +03:00
|
|
|
error = zfs_write_simple(zp, data, length, offset, NULL);
|
2019-12-11 22:53:57 +03:00
|
|
|
zrele(zp);
|
2017-03-08 03:21:37 +03:00
|
|
|
zfsvfs->z_replay_eof = 0; /* safety */
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* TX_WRITE2 are only generated when dmu_sync() returns EALREADY
|
|
|
|
* meaning the pool block is already being synced. So now that we always write
|
|
|
|
* out full blocks, all we have to do is expand the eof if
|
|
|
|
* the file is grown.
|
|
|
|
*/
|
|
|
|
static int
|
2017-10-27 22:46:35 +03:00
|
|
|
zfs_replay_write2(void *arg1, void *arg2, boolean_t byteswap)
|
2010-05-29 00:45:14 +04:00
|
|
|
{
|
2017-10-27 22:46:35 +03:00
|
|
|
zfsvfs_t *zfsvfs = arg1;
|
|
|
|
lr_write_t *lr = arg2;
|
2010-05-29 00:45:14 +04:00
|
|
|
znode_t *zp;
|
|
|
|
int error;
|
|
|
|
uint64_t end;
|
|
|
|
|
2023-11-29 00:35:14 +03:00
|
|
|
ASSERT3U(lr->lr_common.lrc_reclen, >=, sizeof (*lr));
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
if (byteswap)
|
|
|
|
byteswap_uint64_array(lr, sizeof (*lr));
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if ((error = zfs_zget(zfsvfs, lr->lr_foid, &zp)) != 0)
|
2010-05-29 00:45:14 +04:00
|
|
|
return (error);
|
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
top:
|
2010-05-29 00:45:14 +04:00
|
|
|
end = lr->lr_offset + lr->lr_length;
|
|
|
|
if (end > zp->z_size) {
|
2017-03-08 03:21:37 +03:00
|
|
|
dmu_tx_t *tx = dmu_tx_create(zfsvfs->z_os);
|
2010-08-27 01:24:34 +04:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
zp->z_size = end;
|
2010-08-27 01:24:34 +04:00
|
|
|
dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
|
|
|
|
error = dmu_tx_assign(tx, TXG_WAIT);
|
|
|
|
if (error) {
|
2019-12-11 22:53:57 +03:00
|
|
|
zrele(zp);
|
2010-08-27 01:24:34 +04:00
|
|
|
if (error == ERESTART) {
|
|
|
|
dmu_tx_wait(tx);
|
|
|
|
dmu_tx_abort(tx);
|
|
|
|
goto top;
|
|
|
|
}
|
|
|
|
dmu_tx_abort(tx);
|
|
|
|
return (error);
|
|
|
|
}
|
2017-03-08 03:21:37 +03:00
|
|
|
(void) sa_update(zp->z_sa_hdl, SA_ZPL_SIZE(zfsvfs),
|
2010-08-27 01:24:34 +04:00
|
|
|
(void *)&zp->z_size, sizeof (uint64_t), tx);
|
|
|
|
|
|
|
|
/* Ensure the replayed seq is updated */
|
2017-03-08 03:21:37 +03:00
|
|
|
(void) zil_replaying(zfsvfs->z_log, tx);
|
2010-08-27 01:24:34 +04:00
|
|
|
|
|
|
|
dmu_tx_commit(tx);
|
2010-05-29 00:45:14 +04:00
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2019-12-11 22:53:57 +03:00
|
|
|
zrele(zp);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
2017-10-27 22:46:35 +03:00
|
|
|
zfs_replay_truncate(void *arg1, void *arg2, boolean_t byteswap)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2017-10-27 22:46:35 +03:00
|
|
|
zfsvfs_t *zfsvfs = arg1;
|
|
|
|
lr_truncate_t *lr = arg2;
|
2008-11-20 23:01:55 +03:00
|
|
|
znode_t *zp;
|
2022-02-25 16:26:54 +03:00
|
|
|
flock64_t fl = {0};
|
2008-11-20 23:01:55 +03:00
|
|
|
int error;
|
|
|
|
|
2023-11-29 00:35:14 +03:00
|
|
|
ASSERT3U(lr->lr_common.lrc_reclen, >=, sizeof (*lr));
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
if (byteswap)
|
|
|
|
byteswap_uint64_array(lr, sizeof (*lr));
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if ((error = zfs_zget(zfsvfs, lr->lr_foid, &zp)) != 0)
|
2008-11-20 23:01:55 +03:00
|
|
|
return (error);
|
|
|
|
|
|
|
|
fl.l_type = F_WRLCK;
|
2019-04-25 20:17:28 +03:00
|
|
|
fl.l_whence = SEEK_SET;
|
2008-11-20 23:01:55 +03:00
|
|
|
fl.l_start = lr->lr_offset;
|
|
|
|
fl.l_len = lr->lr_length;
|
|
|
|
|
2019-12-11 22:53:57 +03:00
|
|
|
error = zfs_space(zp, F_FREESP, &fl, O_RDWR | O_LARGEFILE,
|
2011-02-08 22:33:08 +03:00
|
|
|
lr->lr_offset, kcred);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2019-12-11 22:53:57 +03:00
|
|
|
zrele(zp);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
2017-10-27 22:46:35 +03:00
|
|
|
zfs_replay_setattr(void *arg1, void *arg2, boolean_t byteswap)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2017-10-27 22:46:35 +03:00
|
|
|
zfsvfs_t *zfsvfs = arg1;
|
|
|
|
lr_setattr_t *lr = arg2;
|
2008-11-20 23:01:55 +03:00
|
|
|
znode_t *zp;
|
|
|
|
xvattr_t xva;
|
2011-03-01 23:24:09 +03:00
|
|
|
vattr_t *vap = &xva.xva_vattr;
|
2008-11-20 23:01:55 +03:00
|
|
|
int error;
|
|
|
|
void *start;
|
|
|
|
|
2023-11-29 00:35:14 +03:00
|
|
|
ASSERT3U(lr->lr_common.lrc_reclen, >=, sizeof (*lr));
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
xva_init(&xva);
|
|
|
|
if (byteswap) {
|
|
|
|
byteswap_uint64_array(lr, sizeof (*lr));
|
|
|
|
|
2011-03-01 23:24:09 +03:00
|
|
|
if ((lr->lr_mask & ATTR_XVATTR) &&
|
2017-03-08 03:21:37 +03:00
|
|
|
zfsvfs->z_version >= ZPL_VERSION_INITIAL)
|
2024-09-27 19:18:11 +03:00
|
|
|
zfs_replay_swap_attrs((lr_attr_t *)&lr->lr_data[0]);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if ((error = zfs_zget(zfsvfs, lr->lr_foid, &zp)) != 0)
|
2008-11-20 23:01:55 +03:00
|
|
|
return (error);
|
|
|
|
|
2011-03-01 23:24:09 +03:00
|
|
|
zfs_init_vattr(vap, lr->lr_mask, lr->lr_mode,
|
|
|
|
lr->lr_uid, lr->lr_gid, 0, lr->lr_foid);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2011-03-01 23:24:09 +03:00
|
|
|
vap->va_size = lr->lr_size;
|
|
|
|
ZFS_TIME_DECODE(&vap->va_atime, lr->lr_atime);
|
|
|
|
ZFS_TIME_DECODE(&vap->va_mtime, lr->lr_mtime);
|
2016-09-12 22:35:56 +03:00
|
|
|
gethrestime(&vap->va_ctime);
|
|
|
|
vap->va_mask |= ATTR_CTIME;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Fill in xvattr_t portions if necessary.
|
|
|
|
*/
|
|
|
|
|
2024-09-27 19:18:11 +03:00
|
|
|
start = (void *)&lr->lr_data[0];
|
2011-03-01 23:24:09 +03:00
|
|
|
if (vap->va_mask & ATTR_XVATTR) {
|
2008-11-20 23:01:55 +03:00
|
|
|
zfs_replay_xvattr((lr_attr_t *)start, &xva);
|
2024-09-27 19:18:11 +03:00
|
|
|
start = &lr->lr_data[
|
|
|
|
ZIL_XVAT_SIZE(((lr_attr_t *)start)->lr_attr_masksize)];
|
2008-11-20 23:01:55 +03:00
|
|
|
} else
|
2011-03-01 23:24:09 +03:00
|
|
|
xva.xva_vattr.va_mask &= ~ATTR_XVATTR;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
zfsvfs->z_fuid_replay = zfs_replay_fuid_domain(start, &start,
|
2008-11-20 23:01:55 +03:00
|
|
|
lr->lr_uid, lr->lr_gid);
|
|
|
|
|
2022-11-08 21:28:56 +03:00
|
|
|
#if defined(__linux__)
|
2023-04-11 00:15:36 +03:00
|
|
|
error = zfs_setattr(zp, vap, 0, kcred, zfs_init_idmap);
|
2022-11-08 21:28:56 +03:00
|
|
|
#else
|
2022-10-19 21:17:09 +03:00
|
|
|
error = zfs_setattr(zp, vap, 0, kcred, NULL);
|
2022-11-08 21:28:56 +03:00
|
|
|
#endif
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
zfs_fuid_info_free(zfsvfs->z_fuid_replay);
|
|
|
|
zfsvfs->z_fuid_replay = NULL;
|
2019-12-11 22:53:57 +03:00
|
|
|
zrele(zp);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
log xattr=sa create/remove/update to ZIL
As such, there are no specific synchronous semantics defined for
the xattrs. But for xattr=on, it does log to ZIL and zil_commit() is
done, if sync=always is set on dataset. This provides sync semantics
for xattr=on with sync=always set on dataset.
For the xattr=sa implementation, it doesn't log to ZIL, so, even with
sync=always, xattrs are not guaranteed to be synced before xattr call
returns to caller. So, xattr can be lost if system crash happens, before
txg carrying xattr transaction is synced.
This change adds xattr=sa logging to ZIL on xattr create/remove/update
and xattrs are synced to ZIL (zil_commit() done) for sync=always.
This makes xattr=sa behavior similar to xattr=on.
Implementation notes:
The actual logging is fairly straight-forward and does not warrant
additional explanation.
However, it has been 14 years since we last added new TX types
to the ZIL [1], hence this is the first time we do it after the
introduction of zpool features. Therefore, here is an overview of the
feature activation and deactivation workflow:
1. The feature must be enabled. Otherwise, we don't log the new
record type. This ensures compatibility with older software.
2. The feature is activated per-dataset, since the ZIL is per-dataset.
3. If the feature is enabled and dataset is not for zvol, any append to
the ZIL chain will activate the feature for the dataset. Likewise
for starting a new ZIL chain.
4. A dataset that doesn't have a ZIL chain has the feature deactivated.
We ensure (3) by activating on the first zil_commit() after the feature
was enabled. Since activating the features requires waiting for txg
sync, the first zil_commit() after enabling the feature will be slower
than usual. The downside is that this is really a conservative
approximation: even if we never append a 'TX_SETSAXATTR' to the ZIL
chain, we pay the penalty for feature activation. The upside is that the
user is in control of when we pay the penalty, i.e., upon enabling the
feature.
We ensure (4) by hooking into zil_sync(), where ZIL destroy actually
happens.
One more piece on feature activation, since it's spread across
multiple functions:
zil_commit()
zil_process_commit_list()
if lwb == NULL // first zil_commit since zil_open
zil_create()
if no log block pointer in ZIL header:
if feature enabled and not active:
// CASE 1
enable, COALESCE txg wait with dmu_tx that allocated the
log block
else // log block was allocated earlier than this zil_open
if feature enabled and not active:
// CASE 2
enable, EXPLICIT txg wait
else // already have an in-DRAM LWB
if feature enabled and not active:
// this happens when we enable the feature after zil_create
// CASE 3
enable, EXPLICIT txg wait
[1] https://github.com/illumos/illumos-gate/commit/da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0
Reviewed-by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Christian Schwarz <christian.schwarz@nutanix.com>
Reviewed-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz>
Reviewed-by: Ryan Moeller <freqlabs@FreeBSD.org>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Jitendra Patidar <jitendra.patidar@nutanix.com>
Closes #8768
Closes #9078
2022-02-23 00:06:43 +03:00
|
|
|
static int
|
|
|
|
zfs_replay_setsaxattr(void *arg1, void *arg2, boolean_t byteswap)
|
|
|
|
{
|
|
|
|
zfsvfs_t *zfsvfs = arg1;
|
|
|
|
lr_setsaxattr_t *lr = arg2;
|
|
|
|
znode_t *zp;
|
|
|
|
nvlist_t *nvl;
|
|
|
|
size_t sa_size;
|
|
|
|
char *name;
|
|
|
|
char *value;
|
|
|
|
size_t size;
|
|
|
|
int error = 0;
|
|
|
|
|
2023-11-29 00:35:14 +03:00
|
|
|
ASSERT3U(lr->lr_common.lrc_reclen, >=, sizeof (*lr));
|
|
|
|
ASSERT3U(lr->lr_common.lrc_reclen, >, sizeof (*lr) + lr->lr_size);
|
|
|
|
|
log xattr=sa create/remove/update to ZIL
As such, there are no specific synchronous semantics defined for
the xattrs. But for xattr=on, it does log to ZIL and zil_commit() is
done, if sync=always is set on dataset. This provides sync semantics
for xattr=on with sync=always set on dataset.
For the xattr=sa implementation, it doesn't log to ZIL, so, even with
sync=always, xattrs are not guaranteed to be synced before xattr call
returns to caller. So, xattr can be lost if system crash happens, before
txg carrying xattr transaction is synced.
This change adds xattr=sa logging to ZIL on xattr create/remove/update
and xattrs are synced to ZIL (zil_commit() done) for sync=always.
This makes xattr=sa behavior similar to xattr=on.
Implementation notes:
The actual logging is fairly straight-forward and does not warrant
additional explanation.
However, it has been 14 years since we last added new TX types
to the ZIL [1], hence this is the first time we do it after the
introduction of zpool features. Therefore, here is an overview of the
feature activation and deactivation workflow:
1. The feature must be enabled. Otherwise, we don't log the new
record type. This ensures compatibility with older software.
2. The feature is activated per-dataset, since the ZIL is per-dataset.
3. If the feature is enabled and dataset is not for zvol, any append to
the ZIL chain will activate the feature for the dataset. Likewise
for starting a new ZIL chain.
4. A dataset that doesn't have a ZIL chain has the feature deactivated.
We ensure (3) by activating on the first zil_commit() after the feature
was enabled. Since activating the features requires waiting for txg
sync, the first zil_commit() after enabling the feature will be slower
than usual. The downside is that this is really a conservative
approximation: even if we never append a 'TX_SETSAXATTR' to the ZIL
chain, we pay the penalty for feature activation. The upside is that the
user is in control of when we pay the penalty, i.e., upon enabling the
feature.
We ensure (4) by hooking into zil_sync(), where ZIL destroy actually
happens.
One more piece on feature activation, since it's spread across
multiple functions:
zil_commit()
zil_process_commit_list()
if lwb == NULL // first zil_commit since zil_open
zil_create()
if no log block pointer in ZIL header:
if feature enabled and not active:
// CASE 1
enable, COALESCE txg wait with dmu_tx that allocated the
log block
else // log block was allocated earlier than this zil_open
if feature enabled and not active:
// CASE 2
enable, EXPLICIT txg wait
else // already have an in-DRAM LWB
if feature enabled and not active:
// this happens when we enable the feature after zil_create
// CASE 3
enable, EXPLICIT txg wait
[1] https://github.com/illumos/illumos-gate/commit/da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0
Reviewed-by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Christian Schwarz <christian.schwarz@nutanix.com>
Reviewed-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz>
Reviewed-by: Ryan Moeller <freqlabs@FreeBSD.org>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Jitendra Patidar <jitendra.patidar@nutanix.com>
Closes #8768
Closes #9078
2022-02-23 00:06:43 +03:00
|
|
|
ASSERT(spa_feature_is_active(zfsvfs->z_os->os_spa,
|
|
|
|
SPA_FEATURE_ZILSAXATTR));
|
|
|
|
if (byteswap)
|
|
|
|
byteswap_uint64_array(lr, sizeof (*lr));
|
|
|
|
|
|
|
|
if ((error = zfs_zget(zfsvfs, lr->lr_foid, &zp)) != 0)
|
|
|
|
return (error);
|
|
|
|
|
|
|
|
rw_enter(&zp->z_xattr_lock, RW_WRITER);
|
|
|
|
mutex_enter(&zp->z_lock);
|
|
|
|
if (zp->z_xattr_cached == NULL)
|
|
|
|
error = zfs_sa_get_xattr(zp);
|
|
|
|
mutex_exit(&zp->z_lock);
|
|
|
|
|
|
|
|
if (error)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
ASSERT(zp->z_xattr_cached);
|
|
|
|
nvl = zp->z_xattr_cached;
|
|
|
|
|
|
|
|
/* Get xattr name, value and size from log record */
|
|
|
|
size = lr->lr_size;
|
2024-09-27 19:18:11 +03:00
|
|
|
name = (char *)&lr->lr_data[0];
|
log xattr=sa create/remove/update to ZIL
As such, there are no specific synchronous semantics defined for
the xattrs. But for xattr=on, it does log to ZIL and zil_commit() is
done, if sync=always is set on dataset. This provides sync semantics
for xattr=on with sync=always set on dataset.
For the xattr=sa implementation, it doesn't log to ZIL, so, even with
sync=always, xattrs are not guaranteed to be synced before xattr call
returns to caller. So, xattr can be lost if system crash happens, before
txg carrying xattr transaction is synced.
This change adds xattr=sa logging to ZIL on xattr create/remove/update
and xattrs are synced to ZIL (zil_commit() done) for sync=always.
This makes xattr=sa behavior similar to xattr=on.
Implementation notes:
The actual logging is fairly straight-forward and does not warrant
additional explanation.
However, it has been 14 years since we last added new TX types
to the ZIL [1], hence this is the first time we do it after the
introduction of zpool features. Therefore, here is an overview of the
feature activation and deactivation workflow:
1. The feature must be enabled. Otherwise, we don't log the new
record type. This ensures compatibility with older software.
2. The feature is activated per-dataset, since the ZIL is per-dataset.
3. If the feature is enabled and dataset is not for zvol, any append to
the ZIL chain will activate the feature for the dataset. Likewise
for starting a new ZIL chain.
4. A dataset that doesn't have a ZIL chain has the feature deactivated.
We ensure (3) by activating on the first zil_commit() after the feature
was enabled. Since activating the features requires waiting for txg
sync, the first zil_commit() after enabling the feature will be slower
than usual. The downside is that this is really a conservative
approximation: even if we never append a 'TX_SETSAXATTR' to the ZIL
chain, we pay the penalty for feature activation. The upside is that the
user is in control of when we pay the penalty, i.e., upon enabling the
feature.
We ensure (4) by hooking into zil_sync(), where ZIL destroy actually
happens.
One more piece on feature activation, since it's spread across
multiple functions:
zil_commit()
zil_process_commit_list()
if lwb == NULL // first zil_commit since zil_open
zil_create()
if no log block pointer in ZIL header:
if feature enabled and not active:
// CASE 1
enable, COALESCE txg wait with dmu_tx that allocated the
log block
else // log block was allocated earlier than this zil_open
if feature enabled and not active:
// CASE 2
enable, EXPLICIT txg wait
else // already have an in-DRAM LWB
if feature enabled and not active:
// this happens when we enable the feature after zil_create
// CASE 3
enable, EXPLICIT txg wait
[1] https://github.com/illumos/illumos-gate/commit/da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0
Reviewed-by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Christian Schwarz <christian.schwarz@nutanix.com>
Reviewed-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz>
Reviewed-by: Ryan Moeller <freqlabs@FreeBSD.org>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Jitendra Patidar <jitendra.patidar@nutanix.com>
Closes #8768
Closes #9078
2022-02-23 00:06:43 +03:00
|
|
|
if (size == 0) {
|
|
|
|
value = NULL;
|
|
|
|
error = nvlist_remove(nvl, name, DATA_TYPE_BYTE_ARRAY);
|
|
|
|
} else {
|
2024-09-27 19:18:11 +03:00
|
|
|
value = &lr->lr_data[strlen(name) + 1];
|
log xattr=sa create/remove/update to ZIL
As such, there are no specific synchronous semantics defined for
the xattrs. But for xattr=on, it does log to ZIL and zil_commit() is
done, if sync=always is set on dataset. This provides sync semantics
for xattr=on with sync=always set on dataset.
For the xattr=sa implementation, it doesn't log to ZIL, so, even with
sync=always, xattrs are not guaranteed to be synced before xattr call
returns to caller. So, xattr can be lost if system crash happens, before
txg carrying xattr transaction is synced.
This change adds xattr=sa logging to ZIL on xattr create/remove/update
and xattrs are synced to ZIL (zil_commit() done) for sync=always.
This makes xattr=sa behavior similar to xattr=on.
Implementation notes:
The actual logging is fairly straight-forward and does not warrant
additional explanation.
However, it has been 14 years since we last added new TX types
to the ZIL [1], hence this is the first time we do it after the
introduction of zpool features. Therefore, here is an overview of the
feature activation and deactivation workflow:
1. The feature must be enabled. Otherwise, we don't log the new
record type. This ensures compatibility with older software.
2. The feature is activated per-dataset, since the ZIL is per-dataset.
3. If the feature is enabled and dataset is not for zvol, any append to
the ZIL chain will activate the feature for the dataset. Likewise
for starting a new ZIL chain.
4. A dataset that doesn't have a ZIL chain has the feature deactivated.
We ensure (3) by activating on the first zil_commit() after the feature
was enabled. Since activating the features requires waiting for txg
sync, the first zil_commit() after enabling the feature will be slower
than usual. The downside is that this is really a conservative
approximation: even if we never append a 'TX_SETSAXATTR' to the ZIL
chain, we pay the penalty for feature activation. The upside is that the
user is in control of when we pay the penalty, i.e., upon enabling the
feature.
We ensure (4) by hooking into zil_sync(), where ZIL destroy actually
happens.
One more piece on feature activation, since it's spread across
multiple functions:
zil_commit()
zil_process_commit_list()
if lwb == NULL // first zil_commit since zil_open
zil_create()
if no log block pointer in ZIL header:
if feature enabled and not active:
// CASE 1
enable, COALESCE txg wait with dmu_tx that allocated the
log block
else // log block was allocated earlier than this zil_open
if feature enabled and not active:
// CASE 2
enable, EXPLICIT txg wait
else // already have an in-DRAM LWB
if feature enabled and not active:
// this happens when we enable the feature after zil_create
// CASE 3
enable, EXPLICIT txg wait
[1] https://github.com/illumos/illumos-gate/commit/da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0
Reviewed-by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Christian Schwarz <christian.schwarz@nutanix.com>
Reviewed-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz>
Reviewed-by: Ryan Moeller <freqlabs@FreeBSD.org>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Jitendra Patidar <jitendra.patidar@nutanix.com>
Closes #8768
Closes #9078
2022-02-23 00:06:43 +03:00
|
|
|
/* Limited to 32k to keep nvpair memory allocations small */
|
|
|
|
if (size > DXATTR_MAX_ENTRY_SIZE) {
|
|
|
|
error = SET_ERROR(EFBIG);
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Prevent the DXATTR SA from consuming the entire SA region */
|
|
|
|
error = nvlist_size(nvl, &sa_size, NV_ENCODE_XDR);
|
|
|
|
if (error)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
if (sa_size > DXATTR_MAX_SA_SIZE) {
|
|
|
|
error = SET_ERROR(EFBIG);
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
error = nvlist_add_byte_array(nvl, name, (uchar_t *)value,
|
|
|
|
size);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Update the SA for additions, modifications, and removals. On
|
|
|
|
* error drop the inconsistent cached version of the nvlist, it
|
|
|
|
* will be reconstructed from the ARC when next accessed.
|
|
|
|
*/
|
|
|
|
if (error == 0)
|
|
|
|
error = zfs_sa_set_xattr(zp, name, value, size);
|
|
|
|
|
|
|
|
if (error) {
|
|
|
|
nvlist_free(nvl);
|
|
|
|
zp->z_xattr_cached = NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
out:
|
|
|
|
rw_exit(&zp->z_xattr_lock);
|
|
|
|
zrele(zp);
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
static int
|
2017-10-27 22:46:35 +03:00
|
|
|
zfs_replay_acl_v0(void *arg1, void *arg2, boolean_t byteswap)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2017-10-27 22:46:35 +03:00
|
|
|
zfsvfs_t *zfsvfs = arg1;
|
|
|
|
lr_acl_v0_t *lr = arg2;
|
2024-09-27 19:18:11 +03:00
|
|
|
ace_t *ace = (ace_t *)&lr->lr_data[0];
|
2022-02-25 16:26:54 +03:00
|
|
|
vsecattr_t vsa = {0};
|
2008-11-20 23:01:55 +03:00
|
|
|
znode_t *zp;
|
|
|
|
int error;
|
|
|
|
|
2023-11-29 00:35:14 +03:00
|
|
|
ASSERT3U(lr->lr_common.lrc_reclen, >=, sizeof (*lr));
|
|
|
|
ASSERT3U(lr->lr_common.lrc_reclen, >=, sizeof (*lr) +
|
|
|
|
sizeof (ace_t) * lr->lr_aclcnt);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
if (byteswap) {
|
|
|
|
byteswap_uint64_array(lr, sizeof (*lr));
|
|
|
|
zfs_oldace_byteswap(ace, lr->lr_aclcnt);
|
|
|
|
}
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if ((error = zfs_zget(zfsvfs, lr->lr_foid, &zp)) != 0)
|
2008-11-20 23:01:55 +03:00
|
|
|
return (error);
|
|
|
|
|
|
|
|
vsa.vsa_mask = VSA_ACE | VSA_ACECNT;
|
|
|
|
vsa.vsa_aclcnt = lr->lr_aclcnt;
|
2008-12-03 23:09:06 +03:00
|
|
|
vsa.vsa_aclentsz = sizeof (ace_t) * vsa.vsa_aclcnt;
|
|
|
|
vsa.vsa_aclflags = 0;
|
2008-11-20 23:01:55 +03:00
|
|
|
vsa.vsa_aclentp = ace;
|
|
|
|
|
2019-12-11 22:53:57 +03:00
|
|
|
error = zfs_setsecattr(zp, &vsa, 0, kcred);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2019-12-11 22:53:57 +03:00
|
|
|
zrele(zp);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Replaying ACLs is complicated by FUID support.
|
|
|
|
* The log record may contain some optional data
|
|
|
|
* to be used for replaying FUID's. These pieces
|
|
|
|
* are the actual FUIDs that were created initially.
|
|
|
|
* The FUID table index may no longer be valid and
|
|
|
|
* during zfs_create() a new index may be assigned.
|
|
|
|
* Because of this the log will contain the original
|
2017-01-03 20:31:18 +03:00
|
|
|
* domain+rid in order to create a new FUID.
|
2008-11-20 23:01:55 +03:00
|
|
|
*
|
|
|
|
* The individual ACEs may contain an ephemeral uid/gid which is no
|
|
|
|
* longer valid and will need to be replaced with an actual FUID.
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
static int
|
2017-10-27 22:46:35 +03:00
|
|
|
zfs_replay_acl(void *arg1, void *arg2, boolean_t byteswap)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2017-10-27 22:46:35 +03:00
|
|
|
zfsvfs_t *zfsvfs = arg1;
|
|
|
|
lr_acl_t *lr = arg2;
|
2024-09-27 19:18:11 +03:00
|
|
|
ace_t *ace = (ace_t *)&lr->lr_data[0];
|
2022-02-25 16:26:54 +03:00
|
|
|
vsecattr_t vsa = {0};
|
2008-11-20 23:01:55 +03:00
|
|
|
znode_t *zp;
|
|
|
|
int error;
|
|
|
|
|
2023-11-29 00:35:14 +03:00
|
|
|
ASSERT3U(lr->lr_common.lrc_reclen, >=, sizeof (*lr));
|
|
|
|
ASSERT3U(lr->lr_common.lrc_reclen, >=, sizeof (*lr) + lr->lr_acl_bytes);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
if (byteswap) {
|
|
|
|
byteswap_uint64_array(lr, sizeof (*lr));
|
|
|
|
zfs_ace_byteswap(ace, lr->lr_acl_bytes, B_FALSE);
|
|
|
|
if (lr->lr_fuidcnt) {
|
2024-09-27 19:18:11 +03:00
|
|
|
byteswap_uint64_array(&lr->lr_data[
|
|
|
|
ZIL_ACE_LENGTH(lr->lr_acl_bytes)],
|
2008-11-20 23:01:55 +03:00
|
|
|
lr->lr_fuidcnt * sizeof (uint64_t));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if ((error = zfs_zget(zfsvfs, lr->lr_foid, &zp)) != 0)
|
2008-11-20 23:01:55 +03:00
|
|
|
return (error);
|
|
|
|
|
|
|
|
vsa.vsa_mask = VSA_ACE | VSA_ACECNT | VSA_ACE_ACLFLAGS;
|
|
|
|
vsa.vsa_aclcnt = lr->lr_aclcnt;
|
|
|
|
vsa.vsa_aclentp = ace;
|
|
|
|
vsa.vsa_aclentsz = lr->lr_acl_bytes;
|
|
|
|
vsa.vsa_aclflags = lr->lr_acl_flags;
|
|
|
|
|
|
|
|
if (lr->lr_fuidcnt) {
|
2024-09-27 19:18:11 +03:00
|
|
|
void *fuidstart = &lr->lr_data[
|
|
|
|
ZIL_ACE_LENGTH(lr->lr_acl_bytes)];
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
zfsvfs->z_fuid_replay =
|
2008-11-20 23:01:55 +03:00
|
|
|
zfs_replay_fuids(fuidstart, &fuidstart,
|
|
|
|
lr->lr_fuidcnt, lr->lr_domcnt, 0, 0);
|
|
|
|
}
|
|
|
|
|
2019-12-11 22:53:57 +03:00
|
|
|
error = zfs_setsecattr(zp, &vsa, 0, kcred);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if (zfsvfs->z_fuid_replay)
|
|
|
|
zfs_fuid_info_free(zfsvfs->z_fuid_replay);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
zfsvfs->z_fuid_replay = NULL;
|
2019-12-11 22:53:57 +03:00
|
|
|
zrele(zp);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
2023-03-10 22:59:53 +03:00
|
|
|
static int
|
|
|
|
zfs_replay_clone_range(void *arg1, void *arg2, boolean_t byteswap)
|
|
|
|
{
|
|
|
|
zfsvfs_t *zfsvfs = arg1;
|
|
|
|
lr_clone_range_t *lr = arg2;
|
|
|
|
znode_t *zp;
|
|
|
|
int error;
|
|
|
|
|
2023-11-29 00:35:14 +03:00
|
|
|
ASSERT3U(lr->lr_common.lrc_reclen, >=, sizeof (*lr));
|
|
|
|
ASSERT3U(lr->lr_common.lrc_reclen, >=, offsetof(lr_clone_range_t,
|
|
|
|
lr_bps[lr->lr_nbps]));
|
|
|
|
|
2023-03-10 22:59:53 +03:00
|
|
|
if (byteswap)
|
|
|
|
byteswap_uint64_array(lr, sizeof (*lr));
|
|
|
|
|
|
|
|
if ((error = zfs_zget(zfsvfs, lr->lr_foid, &zp)) != 0) {
|
|
|
|
/*
|
|
|
|
* Clones can be logged out of order, so don't be surprised if
|
|
|
|
* the file is gone - just return success.
|
|
|
|
*/
|
|
|
|
if (error == ENOENT)
|
|
|
|
error = 0;
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
|
|
|
error = zfs_clone_range_replay(zp, lr->lr_offset, lr->lr_length,
|
|
|
|
lr->lr_blksz, lr->lr_bps, lr->lr_nbps);
|
|
|
|
|
|
|
|
zrele(zp);
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* Callback vectors for replaying records
|
|
|
|
*/
|
2022-01-15 02:37:55 +03:00
|
|
|
zil_replay_func_t *const zfs_replay_vector[TX_MAX_TYPE] = {
|
2017-10-27 22:46:35 +03:00
|
|
|
zfs_replay_error, /* no such type */
|
|
|
|
zfs_replay_create, /* TX_CREATE */
|
|
|
|
zfs_replay_create, /* TX_MKDIR */
|
|
|
|
zfs_replay_create, /* TX_MKXATTR */
|
|
|
|
zfs_replay_create, /* TX_SYMLINK */
|
|
|
|
zfs_replay_remove, /* TX_REMOVE */
|
|
|
|
zfs_replay_remove, /* TX_RMDIR */
|
|
|
|
zfs_replay_link, /* TX_LINK */
|
|
|
|
zfs_replay_rename, /* TX_RENAME */
|
|
|
|
zfs_replay_write, /* TX_WRITE */
|
|
|
|
zfs_replay_truncate, /* TX_TRUNCATE */
|
|
|
|
zfs_replay_setattr, /* TX_SETATTR */
|
|
|
|
zfs_replay_acl_v0, /* TX_ACL_V0 */
|
|
|
|
zfs_replay_acl, /* TX_ACL */
|
|
|
|
zfs_replay_create_acl, /* TX_CREATE_ACL */
|
|
|
|
zfs_replay_create, /* TX_CREATE_ATTR */
|
|
|
|
zfs_replay_create_acl, /* TX_CREATE_ACL_ATTR */
|
|
|
|
zfs_replay_create_acl, /* TX_MKDIR_ACL */
|
|
|
|
zfs_replay_create, /* TX_MKDIR_ATTR */
|
|
|
|
zfs_replay_create_acl, /* TX_MKDIR_ACL_ATTR */
|
|
|
|
zfs_replay_write2, /* TX_WRITE2 */
|
log xattr=sa create/remove/update to ZIL
As such, there are no specific synchronous semantics defined for
the xattrs. But for xattr=on, it does log to ZIL and zil_commit() is
done, if sync=always is set on dataset. This provides sync semantics
for xattr=on with sync=always set on dataset.
For the xattr=sa implementation, it doesn't log to ZIL, so, even with
sync=always, xattrs are not guaranteed to be synced before xattr call
returns to caller. So, xattr can be lost if system crash happens, before
txg carrying xattr transaction is synced.
This change adds xattr=sa logging to ZIL on xattr create/remove/update
and xattrs are synced to ZIL (zil_commit() done) for sync=always.
This makes xattr=sa behavior similar to xattr=on.
Implementation notes:
The actual logging is fairly straight-forward and does not warrant
additional explanation.
However, it has been 14 years since we last added new TX types
to the ZIL [1], hence this is the first time we do it after the
introduction of zpool features. Therefore, here is an overview of the
feature activation and deactivation workflow:
1. The feature must be enabled. Otherwise, we don't log the new
record type. This ensures compatibility with older software.
2. The feature is activated per-dataset, since the ZIL is per-dataset.
3. If the feature is enabled and dataset is not for zvol, any append to
the ZIL chain will activate the feature for the dataset. Likewise
for starting a new ZIL chain.
4. A dataset that doesn't have a ZIL chain has the feature deactivated.
We ensure (3) by activating on the first zil_commit() after the feature
was enabled. Since activating the features requires waiting for txg
sync, the first zil_commit() after enabling the feature will be slower
than usual. The downside is that this is really a conservative
approximation: even if we never append a 'TX_SETSAXATTR' to the ZIL
chain, we pay the penalty for feature activation. The upside is that the
user is in control of when we pay the penalty, i.e., upon enabling the
feature.
We ensure (4) by hooking into zil_sync(), where ZIL destroy actually
happens.
One more piece on feature activation, since it's spread across
multiple functions:
zil_commit()
zil_process_commit_list()
if lwb == NULL // first zil_commit since zil_open
zil_create()
if no log block pointer in ZIL header:
if feature enabled and not active:
// CASE 1
enable, COALESCE txg wait with dmu_tx that allocated the
log block
else // log block was allocated earlier than this zil_open
if feature enabled and not active:
// CASE 2
enable, EXPLICIT txg wait
else // already have an in-DRAM LWB
if feature enabled and not active:
// this happens when we enable the feature after zil_create
// CASE 3
enable, EXPLICIT txg wait
[1] https://github.com/illumos/illumos-gate/commit/da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0
Reviewed-by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Christian Schwarz <christian.schwarz@nutanix.com>
Reviewed-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz>
Reviewed-by: Ryan Moeller <freqlabs@FreeBSD.org>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Jitendra Patidar <jitendra.patidar@nutanix.com>
Closes #8768
Closes #9078
2022-02-23 00:06:43 +03:00
|
|
|
zfs_replay_setsaxattr, /* TX_SETSAXATTR */
|
2019-06-22 03:35:11 +03:00
|
|
|
zfs_replay_rename_exchange, /* TX_RENAME_EXCHANGE */
|
|
|
|
zfs_replay_rename_whiteout, /* TX_RENAME_WHITEOUT */
|
2023-03-10 22:59:53 +03:00
|
|
|
zfs_replay_clone_range, /* TX_CLONE_RANGE */
|
2008-11-20 23:01:55 +03:00
|
|
|
};
|