diff options
| author | Raghavendra Bhat <raghavendra@redhat.com> | 2019-03-11 12:16:50 -0400 |
|---|---|---|
| committer | Kotresh HR <khiremat@redhat.com> | 2019-04-25 05:19:41 +0000 |
| commit | 647e2d3a9fbe36f2fbf062feda53b7cb6aa4830b (patch) | |
| tree | 345e4894e312d9290c066417467202cc32a74f22 /xlators/features/bit-rot/src/bitd | |
| parent | 8d51cb05d9745643f2dfaa6ef35938db9d2d47f6 (diff) | |
features/bit-rot: Unconditionally sign the files during oneshot crawl
Currently bit-rot feature has an issue with disabling and reenabling it
on the same volume. Consider enabling bit-rot detection which goes on to
crawl and sign all the files present in the volume. Then some files are
modified and the bit-rot daemon goes on to sign the modified files with
the correct signature. Now, disable bit-rot feature. While, signing and
scrubbing are not happening, previous checksums of the files continue to
exist as extended attributes. Now, if some files with checksum xattrs get
modified, they are not signed with new signature as the feature is off.
At this point, if the feature is enabled again, the bit rot daemon will
go and sign those files which does not have any bit-rot specific xattrs
(i.e. those files which were created after bit-rot was disabled). Whereas
the files with bit-rot xattrs wont get signed with proper new checksum.
At this point if scrubber runs, it finds the on disk checksum and the actual
checksum of the file to be different (because the file got modified) and
marks the file as corrupted.
FIX:
The fix is to unconditionally sign the files when the bit-rot daemon
comes up (instead of skipping the files with bit-rot xattrs).
Change-Id: Iadfb47dd39f7e2e77f22d549a4a07a385284f4f5
fixes: bz#1700078
Signed-off-by: Raghavendra Bhat <raghavendra@redhat.com>
Diffstat (limited to 'xlators/features/bit-rot/src/bitd')
| -rw-r--r-- | xlators/features/bit-rot/src/bitd/bit-rot.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/xlators/features/bit-rot/src/bitd/bit-rot.c b/xlators/features/bit-rot/src/bitd/bit-rot.c index 7b1c5dcdab6..49528eabf71 100644 --- a/xlators/features/bit-rot/src/bitd/bit-rot.c +++ b/xlators/features/bit-rot/src/bitd/bit-rot.c @@ -973,6 +973,7 @@ bitd_oneshot_crawl(xlator_t *subvol, gf_dirent_t *entry, loc_t *parent, int32_t ret = -1; inode_t *linked_inode = NULL; gf_boolean_t need_signing = _gf_false; + gf_boolean_t need_reopen = _gf_true; GF_VALIDATE_OR_GOTO("bit-rot", subvol, out); GF_VALIDATE_OR_GOTO("bit-rot", data, out); @@ -1046,6 +1047,18 @@ bitd_oneshot_crawl(xlator_t *subvol, gf_dirent_t *entry, loc_t *parent, uuid_utoa(linked_inode->gfid)); } else { need_signing = br_check_object_need_sign(this, xattr, child); + + /* + * If we are here means, bitrot daemon has started. Is it just + * a simple restart of the daemon or is it started because the + * feature is enabled is something hard to determine. Hence, + * if need_signing is false (because bit-rot version and signature + * are present), then still go ahead and sign it. + */ + if (!need_signing) { + need_signing = _gf_true; + need_reopen = _gf_true; + } } if (!need_signing) @@ -1054,7 +1067,7 @@ bitd_oneshot_crawl(xlator_t *subvol, gf_dirent_t *entry, loc_t *parent, gf_msg(this->name, GF_LOG_INFO, 0, BRB_MSG_TRIGGER_SIGN, "Triggering signing for %s [GFID: %s | Brick: %s]", loc.path, uuid_utoa(linked_inode->gfid), child->brick_path); - br_trigger_sign(this, child, linked_inode, &loc, _gf_true); + br_trigger_sign(this, child, linked_inode, &loc, need_reopen); ret = 0; |