1 /* Blue Sky: File Systems in the Cloud
3 * Copyright (C) 2009 The Regents of the University of California
4 * Written by Michael Vrable <mvrable@cs.ucsd.edu>
14 #include "bluesky-private.h"
16 // Rough size limit for a log segment. This is not a firm limit and there are
17 // no absolute guarantees on the size of a log segment.
18 #define CLOUDLOG_SEGMENT_SIZE (4 << 20)
20 BlueSkyCloudID bluesky_cloudlog_new_id()
23 bluesky_crypt_random_bytes((uint8_t *)&id.bytes, sizeof(id));
27 gchar *bluesky_cloudlog_id_to_string(BlueSkyCloudID id)
29 char buf[sizeof(BlueSkyCloudID) * 2 + 1];
32 for (int i = 0; i < sizeof(BlueSkyCloudID); i++) {
33 sprintf(&buf[2*i], "%02x", (uint8_t)(id.bytes[i]));
39 BlueSkyCloudID bluesky_cloudlog_id_from_string(const gchar *idstr)
42 memset(&id, 0, sizeof(id));
43 for (int i = 0; i < 2*sizeof(BlueSkyCloudID); i++) {
46 g_warning("Short cloud id: %s\n", idstr);
50 if (c >= '0' && c <= '9')
52 else if (c >= 'a' && c <= 'f')
55 g_warning("Bad character in cloud id: %s\n", idstr);
56 id.bytes[i / 2] += val << (i % 2 ? 0 : 4);
61 gboolean bluesky_cloudlog_equal(gconstpointer a, gconstpointer b)
63 BlueSkyCloudID *id1 = (BlueSkyCloudID *)a, *id2 = (BlueSkyCloudID *)b;
65 return memcmp(id1, id2, sizeof(BlueSkyCloudID)) == 0;
68 guint bluesky_cloudlog_hash(gconstpointer a)
70 BlueSkyCloudID *id = (BlueSkyCloudID *)a;
72 // Assume that bits in the ID are randomly chosen so that any subset of the
73 // bits can be used as a hash key.
74 return *(guint *)(&id->bytes);
77 /* Formatting of cloud log segments. This handles grouping items together
78 * before writing a batch to the cloud, handling indirection through items like
79 * the inode map, etc. */
81 BlueSkyCloudLog *bluesky_cloudlog_new(BlueSkyFS *fs, const BlueSkyCloudID *id)
83 BlueSkyCloudLog *log = g_new0(BlueSkyCloudLog, 1);
85 log->lock = g_mutex_new();
86 log->cond = g_cond_new();
88 log->type = LOGTYPE_UNKNOWN;
90 memcpy(&log->id, id, sizeof(BlueSkyCloudID));
92 log->id = bluesky_cloudlog_new_id();
93 log->links = g_array_new(FALSE, TRUE, sizeof(BlueSkyCloudLog *));
94 g_atomic_int_set(&log->refcount, 1);
99 /* Helper function for updating memory usage statistics for a filesystem (the
100 * cache_log_* variables). This will increment (type=1) or decrement (type=-1)
101 * the counter associated with the current state of the cloud log item. The
102 * item should be locked or otherwise protected from concurrent access. */
103 void bluesky_cloudlog_stats_update(BlueSkyCloudLog *log, int type)
105 BlueSkyFS *fs = log->fs;
107 if (log->location_flags & CLOUDLOG_CLOUD) {
108 g_atomic_int_add(&fs->cache_log_cloud, type);
109 } else if (log->location_flags & CLOUDLOG_JOURNAL) {
110 g_atomic_int_add(&fs->cache_log_journal, type);
111 } else if (log->pending_write & CLOUDLOG_JOURNAL) {
112 g_atomic_int_add(&fs->cache_log_journal, type);
113 } else if (log->data != NULL) {
114 g_atomic_int_add(&fs->cache_log_dirty, type);
118 /* The reference held by the hash table does not count towards the reference
119 * count. When a new object is created, it initially has a reference count of
120 * 1 for the creator, and similarly fetching an item from the hash table will
121 * also create a reference. If the reference count drops to zero,
122 * bluesky_cloudlog_unref attempts to remove the object from the hash
123 * table--but there is a potential race since another thread might read the
124 * object from the hash table at the same time. So an object with a reference
125 * count of zero may still be resurrected, in which case we need to abort the
126 * destruction. Once the object is gone from the hash table, and if the
127 * reference count is still zero, it can actually be deleted. */
128 void bluesky_cloudlog_ref(BlueSkyCloudLog *log)
133 g_atomic_int_inc(&log->refcount);
136 void bluesky_cloudlog_unref(BlueSkyCloudLog *log)
141 if (g_atomic_int_dec_and_test(&log->refcount)) {
142 BlueSkyFS *fs = log->fs;
144 g_mutex_lock(fs->lock);
145 if (g_atomic_int_get(&log->refcount) > 0) {
146 g_mutex_unlock(fs->lock);
150 if (!g_hash_table_remove(fs->locations, &log->id)) {
152 g_warning("Could not find and remove cloud log item from hash table!");
154 g_mutex_unlock(fs->lock);
156 bluesky_cloudlog_stats_update(log, -1);
157 log->type = LOGTYPE_INVALID;
158 g_mutex_free(log->lock);
159 g_cond_free(log->cond);
160 for (int i = 0; i < log->links->len; i++) {
161 BlueSkyCloudLog *c = g_array_index(log->links,
162 BlueSkyCloudLog *, i);
163 bluesky_cloudlog_unref(c);
165 g_array_unref(log->links);
166 bluesky_string_unref(log->data);
171 /* For locking reasons cloudlog unrefs may sometimes need to be performed in
172 * the future. We launch a thread for handling these delayed unreference
174 static gpointer cloudlog_unref_thread(gpointer q)
176 GAsyncQueue *queue = (GAsyncQueue *)q;
179 BlueSkyCloudLog *item = (BlueSkyCloudLog *)g_async_queue_pop(queue);
180 bluesky_cloudlog_unref(item);
186 void bluesky_cloudlog_unref_delayed(BlueSkyCloudLog *log)
189 g_async_queue_push(log->fs->unref_queue, log);
192 void bluesky_cloudlog_threads_init(BlueSkyFS *fs)
194 fs->unref_queue = g_async_queue_new();
195 g_thread_create(cloudlog_unref_thread, fs->unref_queue, FALSE, NULL);
198 /* Erase the information contained within the in-memory cloud log
199 * representation. This does not free up the item itself, but frees the data
200 * and references to other log items and resets the type back to unknown. If
201 * the object was written out to persistent storage, all state about it can be
202 * recovered by loading the object back in. The object must be locked before
203 * calling this function. */
204 void bluesky_cloudlog_erase(BlueSkyCloudLog *log)
206 g_assert(log->data_lock_count == 0);
208 if (log->type == LOGTYPE_UNKNOWN)
211 log->type = LOGTYPE_UNKNOWN;
213 bluesky_string_unref(log->data);
215 log->data_lock_count = 0;
217 for (int i = 0; i < log->links->len; i++) {
218 BlueSkyCloudLog *c = g_array_index(log->links,
219 BlueSkyCloudLog *, i);
220 bluesky_cloudlog_unref(c);
222 g_array_unref(log->links);
223 log->links = g_array_new(FALSE, TRUE, sizeof(BlueSkyCloudLog *));
226 /* Start a write of the object to the local log. */
227 void bluesky_cloudlog_sync(BlueSkyCloudLog *log)
229 bluesky_log_item_submit(log, log->fs->log);
232 /* Add the given entry to the global hash table containing cloud log entries.
233 * Takes ownership of the caller's reference. */
234 void bluesky_cloudlog_insert_locked(BlueSkyCloudLog *log)
236 g_hash_table_insert(log->fs->locations, &log->id, log);
239 void bluesky_cloudlog_insert(BlueSkyCloudLog *log)
241 g_mutex_lock(log->fs->lock);
242 bluesky_cloudlog_insert_locked(log);
243 g_mutex_unlock(log->fs->lock);
246 /* Look up the cloud log entry for the given ID. If create is TRUE and the
247 * item does not exist, create a special pending entry that can later be filled
248 * in when the real item is loaded. The returned item has a reference held.
249 * As a special case, if a null ID is provided then NULL is returned. */
250 BlueSkyCloudLog *bluesky_cloudlog_get(BlueSkyFS *fs, BlueSkyCloudID id)
252 static BlueSkyCloudID id0 = {{0}};
254 if (memcmp(&id, &id0, sizeof(BlueSkyCloudID)) == 0)
257 g_mutex_lock(fs->lock);
258 BlueSkyCloudLog *item;
259 item = g_hash_table_lookup(fs->locations, &id);
261 item = bluesky_cloudlog_new(fs, &id);
262 bluesky_cloudlog_stats_update(item, 1);
263 bluesky_cloudlog_insert_locked(item);
265 bluesky_cloudlog_ref(item);
267 g_mutex_unlock(fs->lock);
271 /* Ensure that a cloud log item is loaded in memory, and if not read it in.
272 * TODO: Make asynchronous, and make this also fetch from the cloud. Right now
273 * we only read from the log. Log item must be locked. */
274 void bluesky_cloudlog_fetch(BlueSkyCloudLog *log)
276 if (log->data != NULL)
279 /* There are actually two cases: a full deserialization if we have not ever
280 * read the object before, and a partial deserialization where the metadata
281 * is already in memory and we just need to remap the data. If the object
282 * type has not yet been set, we'll need to read and parse the metadata.
283 * Once that is done, we can fall through the case of remapping the data
285 if (log->type == LOGTYPE_UNKNOWN) {
286 BlueSkyRCStr *raw = bluesky_log_map_object(log, FALSE);
287 g_assert(raw != NULL);
288 bluesky_deserialize_cloudlog(log, raw->data, raw->len);
289 bluesky_string_unref(raw);
292 /* At this point all metadata should be available and we need only remap
293 * the object data. */
294 log->data = bluesky_log_map_object(log, TRUE);
296 if (log->data == NULL) {
297 g_error("Unable to fetch cloudlog entry!");
300 g_cond_broadcast(log->cond);
303 BlueSkyCloudPointer bluesky_cloudlog_serialize(BlueSkyCloudLog *log,
306 BlueSkyCloudLogState *state = fs->log_state;
308 if ((log->location_flags | log->pending_write) & CLOUDLOG_CLOUD) {
309 return log->location;
312 for (int i = 0; i < log->links->len; i++) {
313 BlueSkyCloudLog *ref = g_array_index(log->links,
314 BlueSkyCloudLog *, i);
316 bluesky_cloudlog_serialize(ref, fs);
319 g_mutex_lock(log->lock);
320 bluesky_cloudlog_fetch(log);
321 g_assert(log->data != NULL);
323 bluesky_cloudlog_stats_update(log, -1);
325 GString *data1 = g_string_new("");
326 GString *data2 = g_string_new("");
327 GString *data3 = g_string_new("");
328 bluesky_serialize_cloudlog(log, data1, data2, data3);
330 log->location = state->location;
331 log->location.offset = state->data->len;
332 log->data_size = data1->len;
334 struct cloudlog_header header;
335 memcpy(header.magic, CLOUDLOG_MAGIC, 4);
336 memset(header.crypt_auth, sizeof(header.crypt_auth), 0);
337 memset(header.crypt_iv, sizeof(header.crypt_iv), 0);
338 header.type = log->type + '0';
339 header.size1 = GUINT32_TO_LE(data1->len);
340 header.size2 = GUINT32_TO_LE(data2->len);
341 header.size3 = GUINT32_TO_LE(data3->len);
343 header.inum = GUINT64_TO_LE(log->inum);
345 g_string_append_len(state->data, (const char *)&header, sizeof(header));
346 g_string_append_len(state->data, data1->str, data1->len);
347 g_string_append_len(state->data, data2->str, data2->len);
348 g_string_append_len(state->data, data3->str, data3->len);
350 log->location.size = state->data->len - log->location.offset;
352 g_string_free(data1, TRUE);
353 g_string_free(data2, TRUE);
354 g_string_free(data3, TRUE);
356 /* If the object we flushed was an inode, update the inode map. */
357 if (log->type == LOGTYPE_INODE) {
358 g_mutex_lock(fs->lock);
359 InodeMapEntry *entry = bluesky_inode_map_lookup(fs->inode_map,
361 bluesky_cloudlog_unref_delayed(entry->item);
363 bluesky_cloudlog_ref(entry->item);
364 g_mutex_unlock(fs->lock);
367 /* TODO: We should mark the objects as committed on the cloud until the
368 * data is flushed and acknowledged. */
369 log->pending_write |= CLOUDLOG_CLOUD;
370 bluesky_cloudlog_stats_update(log, 1);
371 state->writeback_list = g_slist_prepend(state->writeback_list, log);
372 bluesky_cloudlog_ref(log);
373 g_mutex_unlock(log->lock);
375 if (state->data->len > CLOUDLOG_SEGMENT_SIZE)
376 bluesky_cloudlog_flush(fs);
378 return log->location;
381 static void cloudlog_flush_complete(BlueSkyStoreAsync *async,
382 SerializedRecord *record)
384 g_print("Write of %s to cloud complete, status = %d\n",
385 async->key, async->result);
387 g_mutex_lock(record->lock);
388 if (async->result >= 0) {
389 while (record->items != NULL) {
390 BlueSkyCloudLog *item = (BlueSkyCloudLog *)record->items->data;
391 g_mutex_lock(item->lock);
392 bluesky_cloudlog_stats_update(item, -1);
393 item->pending_write &= ~CLOUDLOG_CLOUD;
394 item->location_flags |= CLOUDLOG_CLOUD;
395 bluesky_cloudlog_stats_update(item, 1);
396 g_mutex_unlock(item->lock);
397 bluesky_cloudlog_unref(item);
399 record->items = g_slist_delete_link(record->items, record->items);
402 bluesky_string_unref(record->data);
404 g_slist_free(record->items);
405 record->items = NULL;
406 record->complete = TRUE;
407 g_cond_broadcast(record->cond);
409 g_print("Write should be resubmitted...\n");
411 BlueSkyStoreAsync *async2 = bluesky_store_async_new(async->store);
412 async2->op = STORE_OP_PUT;
413 async2->key = g_strdup(async->key);
414 async2->data = record->data;
415 bluesky_string_ref(record->data);
416 bluesky_store_async_submit(async2);
417 bluesky_store_async_add_notifier(async2,
418 (GFunc)cloudlog_flush_complete,
420 bluesky_store_async_unref(async2);
422 g_mutex_unlock(record->lock);
425 /* Finish up a partially-written cloud log segment and flush it to storage. */
426 void bluesky_cloudlog_flush(BlueSkyFS *fs)
428 BlueSkyCloudLogState *state = fs->log_state;
429 if (state->data == NULL || state->data->len == 0)
432 /* TODO: Append some type of commit record to the log segment? */
434 g_print("Serializing %zd bytes of data to cloud\n", state->data->len);
435 SerializedRecord *record = g_new0(SerializedRecord, 1);
436 bluesky_cloudlog_encrypt(state->data, fs->keys);
437 record->data = bluesky_string_new_from_gstring(state->data);
438 record->items = state->writeback_list;
439 record->lock = g_mutex_new();
440 record->cond = g_cond_new();
441 state->writeback_list = NULL;
443 BlueSkyStoreAsync *async = bluesky_store_async_new(fs->store);
444 async->op = STORE_OP_PUT;
445 async->key = g_strdup_printf("log-%08d-%08d",
446 state->location.directory,
447 state->location.sequence);
448 async->data = record->data;
449 bluesky_string_ref(record->data);
450 bluesky_store_async_submit(async);
451 bluesky_store_async_add_notifier(async,
452 (GFunc)cloudlog_flush_complete,
454 bluesky_store_async_unref(async);
456 state->pending_segments = g_list_prepend(state->pending_segments, record);
458 state->location.sequence++;
459 state->location.offset = 0;
460 state->data = g_string_new("");
463 /* Make an encryption pass over a cloud log segment to encrypt private data in
465 void bluesky_cloudlog_encrypt(GString *segment, BlueSkyCryptKeys *keys)
467 char *data = segment->str;
468 size_t remaining_size = segment->len;
470 while (remaining_size >= sizeof(struct cloudlog_header)) {
471 struct cloudlog_header *header = (struct cloudlog_header *)data;
472 size_t item_size = sizeof(struct cloudlog_header)
473 + GUINT32_FROM_LE(header->size1)
474 + GUINT32_FROM_LE(header->size2)
475 + GUINT32_FROM_LE(header->size3);
476 if (item_size > remaining_size)
478 bluesky_crypt_block_encrypt(data, item_size, keys);
481 remaining_size -= item_size;
485 /* Make an decryption pass over a cloud log segment to decrypt items which were
486 * encrypted. Also computes a list of all offsets which at which valid
487 * cloud log items are found and adds those offsets to items (if non-NULL). */
488 void bluesky_cloudlog_decrypt(char *segment, size_t len,
489 BlueSkyCryptKeys *keys,
490 BlueSkyRangeset *items)
492 char *data = segment;
493 size_t remaining_size = len;
496 while (remaining_size >= sizeof(struct cloudlog_header)) {
497 struct cloudlog_header *header = (struct cloudlog_header *)data;
498 size_t item_size = sizeof(struct cloudlog_header)
499 + GUINT32_FROM_LE(header->size1)
500 + GUINT32_FROM_LE(header->size2)
501 + GUINT32_FROM_LE(header->size3);
502 if (item_size > remaining_size)
504 if (bluesky_crypt_block_decrypt(data, item_size, keys)) {
506 g_print(" data item at %zx\n", offset);
507 bluesky_rangeset_insert(items, offset, item_size,
508 GINT_TO_POINTER(TRUE));
511 g_warning("Unauthenticated data at offset %zd", offset);
513 bluesky_rangeset_insert(items, offset, item_size,
514 GINT_TO_POINTER(TRUE));
520 remaining_size -= item_size;