#include <sys/statvfs.h>
#include <fcntl.h>
#include <stddef.h>
-#include <sys/xattr.h>
+#include <linux/fs.h>
+#include "btrfs-util.h"
#include "journal-def.h"
#include "journal-file.h"
#include "journal-authenticate.h"
/* How much to increase the journal file size at once each time we allocate something new. */
#define FILE_SIZE_INCREASE (8ULL*1024ULL*1024ULL) /* 8MB */
+/* Reread fstat() of the file for detecting deletions at least this often */
+#define LAST_STAT_REFRESH_USEC (5*USEC_PER_SEC)
+
+/* The mmap context to use for the header we pick as one above the last defined typed */
+#define CONTEXT_HEADER _OBJECT_TYPE_MAX
+
static int journal_file_set_online(JournalFile *f) {
assert(f);
if (!(f->fd >= 0 && f->header))
return -EINVAL;
+ if (mmap_cache_got_sigbus(f->mmap, f->fd))
+ return -EIO;
+
switch(f->header->state) {
case STATE_ONLINE:
return 0;
fsync(f->fd);
+ if (mmap_cache_got_sigbus(f->mmap, f->fd))
+ return -EIO;
+
f->header->state = STATE_OFFLINE;
+ if (mmap_cache_got_sigbus(f->mmap, f->fd))
+ return -EIO;
+
fsync(f->fd);
return 0;
journal_file_append_tag(f);
#endif
- /* Sync everything to disk, before we mark the file offline */
+ journal_file_set_offline(f);
+
if (f->mmap && f->fd >= 0)
mmap_cache_close_fd(f->mmap, f->fd);
- journal_file_set_offline(f);
+ if (f->fd >= 0 && f->defrag_on_close) {
- if (f->header)
- munmap(f->header, PAGE_ALIGN(sizeof(Header)));
+ /* Be friendly to btrfs: turn COW back on again now,
+ * and defragment the file. We won't write to the file
+ * ever again, hence remove all fragmentation, and
+ * reenable all the good bits COW usually provides
+ * (such as data checksumming). */
+
+ (void) chattr_fd(f->fd, false, FS_NOCOW_FL);
+ (void) btrfs_defrag_fd(f->fd);
+ }
safe_close(f->fd);
free(f->path);
}
static int journal_file_refresh_header(JournalFile *f) {
- int r;
sd_id128_t boot_id;
+ int r;
assert(f);
f->header->boot_id = boot_id;
- journal_file_set_online(f);
+ r = journal_file_set_online(f);
/* Sync the online state to disk */
fsync(f->fd);
- return 0;
+ return r;
}
static int journal_file_verify_header(JournalFile *f) {
return 0;
}
+static int journal_file_fstat(JournalFile *f) {
+ assert(f);
+ assert(f->fd >= 0);
+
+ if (fstat(f->fd, &f->last_stat) < 0)
+ return -errno;
+
+ f->last_stat_usec = now(CLOCK_MONOTONIC);
+
+ /* Refuse appending to files that are already deleted */
+ if (f->last_stat.st_nlink <= 0)
+ return -EIDRM;
+
+ return 0;
+}
+
static int journal_file_allocate(JournalFile *f, uint64_t offset, uint64_t size) {
uint64_t old_size, new_size;
int r;
* for sure, since we always call posix_fallocate()
* ourselves */
+ if (mmap_cache_got_sigbus(f->mmap, f->fd))
+ return -EIO;
+
old_size =
le64toh(f->header->header_size) +
le64toh(f->header->arena_size);
if (new_size < le64toh(f->header->header_size))
new_size = le64toh(f->header->header_size);
- if (new_size <= old_size)
- return 0;
+ if (new_size <= old_size) {
+
+ /* We already pre-allocated enough space, but before
+ * we write to it, let's check with fstat() if the
+ * file got deleted, in order make sure we don't throw
+ * away the data immediately. Don't check fstat() for
+ * all writes though, but only once ever 10s. */
+
+ if (f->last_stat_usec + LAST_STAT_REFRESH_USEC > now(CLOCK_MONOTONIC))
+ return 0;
+
+ return journal_file_fstat(f);
+ }
+
+ /* Allocate more space. */
if (f->metrics.max_size > 0 && new_size > f->metrics.max_size)
return -E2BIG;
if (r != 0)
return -r;
- if (fstat(f->fd, &f->last_stat) < 0)
- return -errno;
-
f->header->arena_size = htole64(new_size - le64toh(f->header->header_size));
- return 0;
+ return journal_file_fstat(f);
}
static unsigned type_to_context(ObjectType type) {
/* One context for each type, plus one catch-all for the rest */
assert_cc(_OBJECT_TYPE_MAX <= MMAP_CACHE_MAX_CONTEXTS);
+ assert_cc(CONTEXT_HEADER < MMAP_CACHE_MAX_CONTEXTS);
return type > OBJECT_UNUSED && type < _OBJECT_TYPE_MAX ? type : 0;
}
static int journal_file_move_to(JournalFile *f, ObjectType type, bool keep_always, uint64_t offset, uint64_t size, void **ret) {
+ int r;
+
assert(f);
assert(ret);
/* Hmm, out of range? Let's refresh the fstat() data
* first, before we trust that check. */
- if (fstat(f->fd, &f->last_stat) < 0 ||
- offset + size > (uint64_t) f->last_stat.st_size)
+ r = journal_file_fstat(f);
+ if (r < 0)
+ return r;
+
+ if (offset + size > (uint64_t) f->last_stat.st_size)
return -EADDRNOTAVAIL;
}
uint64_t offset,
uint64_t hash) {
- uint64_t p, h;
+ uint64_t p, h, m;
int r;
assert(f);
if (o->object.type != OBJECT_FIELD)
return -EINVAL;
- /* This might alter the window we are looking at */
+ m = le64toh(f->header->field_hash_table_size) / sizeof(HashItem);
+ if (m <= 0)
+ return -EBADMSG;
+ /* This might alter the window we are looking at */
o->field.next_hash_offset = o->field.head_data_offset = 0;
- h = hash % (le64toh(f->header->field_hash_table_size) / sizeof(HashItem));
+ h = hash % m;
p = le64toh(f->field_hash_table[h].tail_hash_offset);
if (p == 0)
f->field_hash_table[h].head_hash_offset = htole64(offset);
uint64_t offset,
uint64_t hash) {
- uint64_t p, h;
+ uint64_t p, h, m;
int r;
assert(f);
if (o->object.type != OBJECT_DATA)
return -EINVAL;
- /* This might alter the window we are looking at */
+ m = le64toh(f->header->data_hash_table_size) / sizeof(HashItem);
+ if (m <= 0)
+ return -EBADMSG;
+ /* This might alter the window we are looking at */
o->data.next_hash_offset = o->data.next_field_offset = 0;
o->data.entry_offset = o->data.entry_array_offset = 0;
o->data.n_entries = 0;
- h = hash % (le64toh(f->header->data_hash_table_size) / sizeof(HashItem));
+ h = hash % m;
p = le64toh(f->data_hash_table[h].tail_hash_offset);
if (p == 0)
/* Only entry in the hash table is easy */
const void *field, uint64_t size, uint64_t hash,
Object **ret, uint64_t *offset) {
- uint64_t p, osize, h;
+ uint64_t p, osize, h, m;
int r;
assert(f);
osize = offsetof(Object, field.payload) + size;
- if (f->header->field_hash_table_size == 0)
+ m = le64toh(f->header->field_hash_table_size) / sizeof(HashItem);
+
+ if (m <= 0)
return -EBADMSG;
- h = hash % (le64toh(f->header->field_hash_table_size) / sizeof(HashItem));
+ h = hash % m;
p = le64toh(f->field_hash_table[h].head_hash_offset);
while (p > 0) {
const void *data, uint64_t size, uint64_t hash,
Object **ret, uint64_t *offset) {
- uint64_t p, osize, h;
+ uint64_t p, osize, h, m;
int r;
assert(f);
osize = offsetof(Object, data.payload) + size;
- if (f->header->data_hash_table_size == 0)
+ m = le64toh(f->header->data_hash_table_size) / sizeof(HashItem);
+ if (m <= 0)
return -EBADMSG;
- h = hash % (le64toh(f->header->data_hash_table_size) / sizeof(HashItem));
+ h = hash % m;
p = le64toh(f->data_hash_table[h].head_hash_offset);
while (p > 0) {
r = journal_file_append_entry_internal(f, ts, xor_hash, items, n_iovec, seqnum, ret, offset);
+ /* If the memory mapping triggered a SIGBUS then we return an
+ * IO error and ignore the error code passed down to us, since
+ * it is very likely just an effect of a nullified replacement
+ * mapping page */
+
+ if (mmap_cache_got_sigbus(f->mmap, f->fd))
+ r = -EIO;
+
journal_file_post_change(f);
return r;
return 1;
}
-
static int generic_array_bisect_plus_one(
JournalFile *f,
uint64_t extra,
f->current_xor_hash = le64toh(o->entry.xor_hash);
}
+int journal_file_compare_locations(JournalFile *af, JournalFile *bf) {
+ assert(af);
+ assert(bf);
+ assert(af->location_type == LOCATION_SEEK);
+ assert(bf->location_type == LOCATION_SEEK);
+
+ /* If contents and timestamps match, these entries are
+ * identical, even if the seqnum does not match */
+ if (sd_id128_equal(af->current_boot_id, bf->current_boot_id) &&
+ af->current_monotonic == bf->current_monotonic &&
+ af->current_realtime == bf->current_realtime &&
+ af->current_xor_hash == bf->current_xor_hash)
+ return 0;
+
+ if (sd_id128_equal(af->header->seqnum_id, bf->header->seqnum_id)) {
+
+ /* If this is from the same seqnum source, compare
+ * seqnums */
+ if (af->current_seqnum < bf->current_seqnum)
+ return -1;
+ if (af->current_seqnum > bf->current_seqnum)
+ return 1;
+
+ /* Wow! This is weird, different data but the same
+ * seqnums? Something is borked, but let's make the
+ * best of it and compare by time. */
+ }
+
+ if (sd_id128_equal(af->current_boot_id, bf->current_boot_id)) {
+
+ /* If the boot id matches, compare monotonic time */
+ if (af->current_monotonic < bf->current_monotonic)
+ return -1;
+ if (af->current_monotonic > bf->current_monotonic)
+ return 1;
+ }
+
+ /* Otherwise, compare UTC time */
+ if (af->current_realtime < bf->current_realtime)
+ return -1;
+ if (af->current_realtime > bf->current_realtime)
+ return 1;
+
+ /* Finally, compare by contents */
+ if (af->current_xor_hash < bf->current_xor_hash)
+ return -1;
+ if (af->current_xor_hash > bf->current_xor_hash)
+ return 1;
+
+ return 0;
+}
+
int journal_file_next_entry(
JournalFile *f,
- Object *o, uint64_t p,
+ uint64_t p,
direction_t direction,
Object **ret, uint64_t *offset) {
int r;
assert(f);
- assert(p > 0 || !o);
n = le64toh(f->header->n_entries);
if (n <= 0)
return 0;
- if (!o)
+ if (p == 0)
i = direction == DIRECTION_DOWN ? 0 : n - 1;
else {
- if (o->object.type != OBJECT_ENTRY)
- return -EINVAL;
-
r = generic_array_bisect(f,
le64toh(f->header->entry_array_offset),
le64toh(f->header->n_entries),
JournalFile *template,
JournalFile **ret) {
+ bool newly_created = false;
JournalFile *f;
+ void *h;
int r;
- bool newly_created = false;
assert(fname);
assert(ret);
goto fail;
}
- if (fstat(f->fd, &f->last_stat) < 0) {
- r = -errno;
+ r = journal_file_fstat(f);
+ if (r < 0)
goto fail;
- }
if (f->last_stat.st_size == 0 && f->writable) {
- uint64_t crtime;
+
+ /* Before we write anything, turn off COW logic. Given
+ * our write pattern that is quite unfriendly to COW
+ * file systems this should greatly improve
+ * performance on COW file systems, such as btrfs, at
+ * the expense of data integrity features (which
+ * shouldn't be too bad, given that we do our own
+ * checksumming). */
+ r = chattr_fd(f->fd, true, FS_NOCOW_FL);
+ if (r < 0)
+ log_warning_errno(errno, "Failed to set file attributes: %m");
/* Let's attach the creation time to the journal file,
* so that the vacuuming code knows the age of this
* attributes are not supported we'll just skip this,
* and rely solely on mtime/atime/ctime of the file. */
- crtime = htole64((uint64_t) now(CLOCK_REALTIME));
- fsetxattr(f->fd, "user.crtime_usec", &crtime, sizeof(crtime), XATTR_CREATE);
+ fd_setcrtime(f->fd, 0);
#ifdef HAVE_GCRYPT
/* Try to load the FSPRG state, and if we can't, then
if (r < 0)
goto fail;
- if (fstat(f->fd, &f->last_stat) < 0) {
- r = -errno;
+ r = journal_file_fstat(f);
+ if (r < 0)
goto fail;
- }
newly_created = true;
}
goto fail;
}
- f->header = mmap(NULL, PAGE_ALIGN(sizeof(Header)), prot_from_flags(flags), MAP_SHARED, f->fd, 0);
- if (f->header == MAP_FAILED) {
- f->header = NULL;
+ r = mmap_cache_get(f->mmap, f->fd, f->prot, CONTEXT_HEADER, true, 0, PAGE_ALIGN(sizeof(Header)), &f->last_stat, &h);
+ if (r < 0) {
r = -errno;
goto fail;
}
+ f->header = h;
+
if (!newly_created) {
r = journal_file_verify_header(f);
if (r < 0)
if (r < 0)
goto fail;
+ if (mmap_cache_got_sigbus(f->mmap, f->fd)) {
+ r = -EIO;
+ goto fail;
+ }
+
*ret = f;
return 0;
fail:
+ if (f->fd >= 0 && mmap_cache_got_sigbus(f->mmap, f->fd))
+ r = -EIO;
+
journal_file_close(f);
return r;
if (r < 0)
return -ENOMEM;
+ /* Try to rename the file to the archived version. If the file
+ * already was deleted, we'll get ENOENT, let's ignore that
+ * case. */
r = rename(old_file->path, p);
- if (r < 0)
+ if (r < 0 && errno != ENOENT)
return -errno;
old_file->header->state = STATE_ARCHIVED;
+ /* Currently, btrfs is not very good with out write patterns
+ * and fragments heavily. Let's defrag our journal files when
+ * we archive them */
+ old_file->defrag_on_close = true;
+
r = journal_file_open(old_file->path, old_file->flags, old_file->mode, compress, seal, NULL, old_file->mmap, old_file, &new_file);
journal_file_close(old_file);
r != -EHOSTDOWN && /* other machine */
r != -EPROTONOSUPPORT && /* incompatible feature */
r != -EBUSY && /* unclean shutdown */
- r != -ESHUTDOWN /* already archived */)
+ r != -ESHUTDOWN && /* already archived */
+ r != -EIO && /* IO error, including SIGBUS on mmap */
+ r != -EIDRM /* File has been deleted */)
return r;
if ((flags & O_ACCMODE) == O_RDONLY)
if (r < 0)
return -errno;
+ /* btrfs doesn't cope well with our write pattern and
+ * fragments heavily. Let's defrag all files we rotate */
+
+ (void) chattr_path(p, false, FS_NOCOW_FL);
+ (void) btrfs_defrag(p);
+
log_warning("File %s corrupted or uncleanly shut down, renaming and replacing.", fname);
return journal_file_open(fname, flags, mode, compress, seal,
return r;
}
- return journal_file_append_entry_internal(to, &ts, xor_hash, items, n, seqnum, ret, offset);
+ r = journal_file_append_entry_internal(to, &ts, xor_hash, items, n, seqnum, ret, offset);
+
+ if (mmap_cache_got_sigbus(to->mmap, to->fd))
+ return -EIO;
+
+ return r;
}
void journal_default_metrics(JournalMetrics *m, int fd) {