| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250512011927.2809400-1-yukuai1@huaweicloud.com>
Date: Mon, 12 May 2025 09:19:08 +0800
From: Yu Kuai <yukuai1@...weicloud.com>
To: hch@....de,
xni@...hat.com,
colyli@...nel.org,
agk@...hat.com,
snitzer@...nel.org,
mpatocka@...hat.com,
song@...nel.org,
yukuai3@...wei.com
Cc: linux-kernel@...r.kernel.org,
dm-devel@...ts.linux.dev,
linux-raid@...r.kernel.org,
yukuai1@...weicloud.com,
yi.zhang@...wei.com,
yangerkun@...wei.com,
johnny.chenyi@...wei.com
Subject: [PATCH RFC md-6.16 v3 00/19] md: introduce a new lockless bitmap
From: Yu Kuai <yukuai3@...wei.com>
changes in v3:
- reimplement bitmap IO;
- support skipping unwritten blocks for recovery;
- support lazy initial recover for raid5;
- many other changes.
#### Background
Redundant data is used to enhance data fault tolerance, and the storage
method for redundant data vary depending on the RAID levels. And it's
important to maintain the consistency of redundant data.
Bitmap is used to record which data blocks have been synchronized and which
ones need to be resynchronized or recovered. Each bit in the bitmap
represents a segment of data in the array. When a bit is set, it indicates
that the multiple redundant copies of that data segment may not be
consistent. Data synchronization can be performed based on the bitmap after
power failure or readding a disk. If there is no bitmap, a full disk
synchronization is required.
#### Key Features
- IO fastpath is lockless, if user issues lots of write IO to the same
bitmap bit in a short time, only the first write have additional overhead
to update bitmap bit, no additional overhead for the following writes;
- support only resync or recover written data, means in the case creating
new array or replacing with a new disk, there is no need to do a full disk
resync/recovery;
#### Key Concept
##### State Machine
Each bit is one byte, contain 6 difference state, see llbitmap_state. And
there are total 8 differenct actions, see llbitmap_action, can change state:
llbitmap state machine: transitions between states
| | Startwrite | Startsync | Endsync | Abortsync| Reload | Daemon | Discard | Stale |
| --------- | ---------- | --------- | ------- | ------- | -------- | ------ | --------- | --------- |
| Unwritten | Dirty | x | x | x | x | x | x | x |
| Clean | Dirty | x | x | x | x | x | Unwritten | NeedSync |
| Dirty | x | x | x | x | NeedSync | Clean | Unwritten | NeedSync |
| NeedSync | x | Syncing | x | x | x | x | Unwritten | x |
| Syncing | x | Syncing | Dirty | NeedSync | NeedSync | x | Unwritten | NeedSync |
Typical scenarios:
1) Create new array
All bits will be set to Unwritten by default, if --assume-clean is set,
All bits will be set to Clean instead.
2) write data, raid1/raid10 have full copy of data, while raid456 doesn't and
rely on xor data
2.1) write new data to raid1/raid10:
Unwritten --StartWrite--> Dirty
2.2) write new data to raid456:
Unwritten --StartWrite--> NeedSync
Because the initial recover for raid456 is skipped, the xor data is not build
yet, the bit must set to NeedSync first and after lazy initial recover is
finished, the bit will finially set to Dirty(see 4.1 and 4.4);
2.3) cover write
Clean --StartWrite--> Dirty
3) daemon, if the array is not degraded:
Dirty --Daemon--> Clean
For degraded array, the Dirty bit will never be cleared, prevent full disk
recovery while readding a removed disk.
4) discard
{Clean, Dirty, NeedSync, Syncing} --Discard--> Unwritten
5) resync and recover
5.1) common process
NeedSync --Startsync--> Syncing --Endsync--> Dirty --Daemon--> Clean
5.2) resync after power failure
Dirty --Reload--> NeedSync
5.3) recover while replacing with a new disk
By default, the old bitmap framework will recover all data, and llbitmap
implement this by a new helper llbitmap_skip_sync_blocks:
skip recover for bits other than dirty or clean;
5.4) lazy initial recover for raid5:
By default, the old bitmap framework will only allow new recover when there
are spares(new disk), a new recovery flag MD_RECOVERY_LAZY_RECOVER is add
to perform raid456 lazy recover for set bits(from 2.2).
##### Bitmap IO
##### Chunksize
The default bitmap size is 128k, incluing 1k bitmap super block, and
the default size of segment of data in the array each bit(chunksize) is 64k,
and chunksize will adjust to twice the old size each time if the total number
bits is not less than 127k.(see llbitmap_init)
##### READ
While creating bitmap, all pages will be allocated and read for llbitmap,
there won't be read afterwards
##### WRITE
WRITE IO is divided into logical_block_size of the array, the dirty state
of each block is tracked independently, for example:
each page is 4k, contain 8 blocks; each block is 512 bytes contain 512 bit;
| page0 | page1 | ... | page 31 |
| |
| \-----------------------\
| |
| block0 | block1 | ... | block 8|
| |
| \-----------------\
| |
| bit0 | bit1 | ... | bit511 |
>From IO path, if one bit is changed to Dirty or NeedSync, the corresponding
block will be marked dirty, such block must write first before the IO is
issued. This behaviour will affect IO performance, to reduce the impact, if
multiple bits are changed in the same block in a short time, all bits in this
block will be changed to Dirty/NeedSync, so that there won't be any overhead
until daemon clears dirty bits.
##### Dirty Bits syncronization
IO fast path will set bits to dirty, and those dirty bits will be cleared
by daemon after IO is done. llbitmap_barrier is used to synchronize between
IO path and daemon;
IO path:
1) try to grab a reference, if succeed, set expire time after 5s and return;
2) if failed to grab a reference, wait for daemon to finish clearing dirty
bits;
Daemon(Daemon will be waken up every daemon_sleep seconds):
For each page:
1) check if page expired, if not skip this page; for expired page:
2) suspend the page and wait for inflight write IO to be done;
3) change dirty page to clean;
4) resume the page;
Noted:
1) user must apply the following mdadm patch, and then llbitmap can be
enabled by --bitmap=lockless
https://lore.kernel.org/all/20250509101411.2093911-1-yukuai1@huaweicloud.com/
2) following branch for review or test:
https://git.kernel.org/pub/scm/linux/kernel/git/yukuai/linux.git/log/?h=yukuai/md-6.16
Yu Kuai (19):
md/md-bitmap: add {start, end}_discard in bitmap_operations
md: support discard for bitmap ops
md/md-bitmap: remove parameter slot from bitmap_create()
md: add a new sysfs api bitmap_version
md: delay registration of bitmap_ops until creating bitmap
md: add a new parameter 'offset' to md_super_write()
md/md-bitmap: add a new helper skip_sync_blocks() in bitmap_operations
md/md-bitmap: add a new helper blocks_synced() in bitmap_operations
md: add a new recovery_flag MD_RECOVERY_LAZY_RECOVER
md/md-llbitmap: add data structure definition and comments
md/md-llbitmap: implement bitmap IO
md/md-llbitmap: implement bit state machine
md/md-llbitmap: implement APIs for page level dirty bits
synchronization
md/md-llbitmap: implement APIs to mange bitmap lifetime
md/md-llbitmap: implement APIs to dirty bits and clear bits
md/md-llbitmap: implement APIs for sync_thread
md/md-llbitmap: implement all bitmap operations
md/md-llbitmap: implement sysfs APIs
md/md-llbitmap: add Kconfig
drivers/md/Kconfig | 12 +
drivers/md/Makefile | 1 +
drivers/md/md-bitmap.c | 9 +-
drivers/md/md-bitmap.h | 25 +-
drivers/md/md-llbitmap.c | 1465 ++++++++++++++++++++++++++++++++++++++
drivers/md/md.c | 221 ++++--
drivers/md/md.h | 8 +-
drivers/md/raid5.c | 6 +
8 files changed, 1700 insertions(+), 47 deletions(-)
create mode 100644 drivers/md/md-llbitmap.c
--
2.39.2
Powered by blists - more mailing lists