GBDE and write_sector-shutdown-write_keys race.
Pawel Jakub Dawidek
pjd at FreeBSD.org
Tue Mar 15 00:10:42 PST 2005
Hi.
If you, guys, remember this issue, I think I found a way to fix it.
Now, there can be a race like this:
write sector data
<- power failure here
write new sector keys
My idea is to not use entire sector for 128bit AES keys, instead, we can
save keys and sector mapping there (I'll explain it later).
For every zone we need to leave one spare sector.
If we have a write request algorithm is as follows:
1. Generate new key for this sector.
2. Write sector data into spare sector in a zone.
3. Write sector key and update mapping.
Point number three is operates on the same sector, so we can assume its
atomic.
The sectors mapping looks like this (let's assume we have 4 sectors in zone
and 1 spare sector):
Real In-zone
sector sector
number number
1 -> 1
2 -> 2
3 -> 3
4 -> 4
(sector 5 is the spare sector)
After writting to sector 3 we have:
1 -> 1
2 -> 2
3 -> 5
4 -> 4
(sector 3 is now the spare sector)
After writing to sector 1 we have:
1 -> 3
2 -> 2
3 -> 5
4 -> 4
(sector 1 is now the spare sector)
This thing will decrease number of sectors in zone, because we need to
put mappings there, so we are losing some space. We also need a per-zone
spare sector, so it reduces space again, but it gives as reliability.
--
Pawel Jakub Dawidek http://www.wheel.pl
pjd at FreeBSD.org http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-geom/attachments/20050315/83bb52e7/attachment.bin
More information about the freebsd-geom
mailing list