tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

kernel / Documentation / filesystems / zonefs.txt
at v5.6-rc7 404 lines 20 kB view raw
1ZoneFS - Zone filesystem for Zoned block devices 2 3Introduction 4============ 5 6zonefs is a very simple file system exposing each zone of a zoned block device 7as a file. Unlike a regular POSIX-compliant file system with native zoned block 8device support (e.g. f2fs), zonefs does not hide the sequential write 9constraint of zoned block devices to the user. Files representing sequential 10write zones of the device must be written sequentially starting from the end 11of the file (append only writes). 12 13As such, zonefs is in essence closer to a raw block device access interface 14than to a full-featured POSIX file system. The goal of zonefs is to simplify 15the implementation of zoned block device support in applications by replacing 16raw block device file accesses with a richer file API, avoiding relying on 17direct block device file ioctls which may be more obscure to developers. One 18example of this approach is the implementation of LSM (log-structured merge) 19tree structures (such as used in RocksDB and LevelDB) on zoned block devices 20by allowing SSTables to be stored in a zone file similarly to a regular file 21system rather than as a range of sectors of the entire disk. The introduction 22of the higher level construct "one file is one zone" can help reducing the 23amount of changes needed in the application as well as introducing support for 24different application programming languages. 25 26Zoned block devices 27------------------- 28 29Zoned storage devices belong to a class of storage devices with an address 30space that is divided into zones. A zone is a group of consecutive LBAs and all 31zones are contiguous (there are no LBA gaps). Zones may have different types. 32* Conventional zones: there are no access constraints to LBAs belonging to 33 conventional zones. Any read or write access can be executed, similarly to a 34 regular block device. 35* Sequential zones: these zones accept random reads but must be written 36 sequentially. Each sequential zone has a write pointer maintained by the 37 device that keeps track of the mandatory start LBA position of the next write 38 to the device. As a result of this write constraint, LBAs in a sequential zone 39 cannot be overwritten. Sequential zones must first be erased using a special 40 command (zone reset) before rewriting. 41 42Zoned storage devices can be implemented using various recording and media 43technologies. The most common form of zoned storage today uses the SCSI Zoned 44Block Commands (ZBC) and Zoned ATA Commands (ZAC) interfaces on Shingled 45Magnetic Recording (SMR) HDDs. 46 47Solid State Disks (SSD) storage devices can also implement a zoned interface 48to, for instance, reduce internal write amplification due to garbage collection. 49The NVMe Zoned NameSpace (ZNS) is a technical proposal of the NVMe standard 50committee aiming at adding a zoned storage interface to the NVMe protocol. 51 52Zonefs Overview 53=============== 54 55Zonefs exposes the zones of a zoned block device as files. The files 56representing zones are grouped by zone type, which are themselves represented 57by sub-directories. This file structure is built entirely using zone information 58provided by the device and so does not require any complex on-disk metadata 59structure. 60 61On-disk metadata 62---------------- 63 64zonefs on-disk metadata is reduced to an immutable super block which 65persistently stores a magic number and optional feature flags and values. On 66mount, zonefs uses blkdev_report_zones() to obtain the device zone configuration 67and populates the mount point with a static file tree solely based on this 68information. File sizes come from the device zone type and write pointer 69position managed by the device itself. 70 71The super block is always written on disk at sector 0. The first zone of the 72device storing the super block is never exposed as a zone file by zonefs. If 73the zone containing the super block is a sequential zone, the mkzonefs format 74tool always "finishes" the zone, that is, it transitions the zone to a full 75state to make it read-only, preventing any data write. 76 77Zone type sub-directories 78------------------------- 79 80Files representing zones of the same type are grouped together under the same 81sub-directory automatically created on mount. 82 83For conventional zones, the sub-directory "cnv" is used. This directory is 84however created if and only if the device has usable conventional zones. If 85the device only has a single conventional zone at sector 0, the zone will not 86be exposed as a file as it will be used to store the zonefs super block. For 87such devices, the "cnv" sub-directory will not be created. 88 89For sequential write zones, the sub-directory "seq" is used. 90 91These two directories are the only directories that exist in zonefs. Users 92cannot create other directories and cannot rename nor delete the "cnv" and 93"seq" sub-directories. 94 95The size of the directories indicated by the st_size field of struct stat, 96obtained with the stat() or fstat() system calls, indicates the number of files 97existing under the directory. 98 99Zone files 100---------- 101 102Zone files are named using the number of the zone they represent within the set 103of zones of a particular type. That is, both the "cnv" and "seq" directories 104contain files named "0", "1", "2", ... The file numbers also represent 105increasing zone start sector on the device. 106 107All read and write operations to zone files are not allowed beyond the file 108maximum size, that is, beyond the zone size. Any access exceeding the zone 109size is failed with the -EFBIG error. 110 111Creating, deleting, renaming or modifying any attribute of files and 112sub-directories is not allowed. 113 114The number of blocks of a file as reported by stat() and fstat() indicates the 115size of the file zone, or in other words, the maximum file size. 116 117Conventional zone files 118----------------------- 119 120The size of conventional zone files is fixed to the size of the zone they 121represent. Conventional zone files cannot be truncated. 122 123These files can be randomly read and written using any type of I/O operation: 124buffered I/Os, direct I/Os, memory mapped I/Os (mmap), etc. There are no I/O 125constraint for these files beyond the file size limit mentioned above. 126 127Sequential zone files 128--------------------- 129 130The size of sequential zone files grouped in the "seq" sub-directory represents 131the file's zone write pointer position relative to the zone start sector. 132 133Sequential zone files can only be written sequentially, starting from the file 134end, that is, write operations can only be append writes. Zonefs makes no 135attempt at accepting random writes and will fail any write request that has a 136start offset not corresponding to the end of the file, or to the end of the last 137write issued and still in-flight (for asynchronous I/O operations). 138 139Since dirty page writeback by the page cache does not guarantee a sequential 140write pattern, zonefs prevents buffered writes and writeable shared mappings 141on sequential files. Only direct I/O writes are accepted for these files. 142zonefs relies on the sequential delivery of write I/O requests to the device 143implemented by the block layer elevator. An elevator implementing the sequential 144write feature for zoned block device (ELEVATOR_F_ZBD_SEQ_WRITE elevator feature) 145must be used. This type of elevator (e.g. mq-deadline) is set by default 146for zoned block devices on device initialization. 147 148There are no restrictions on the type of I/O used for read operations in 149sequential zone files. Buffered I/Os, direct I/Os and shared read mappings are 150all accepted. 151 152Truncating sequential zone files is allowed only down to 0, in which case, the 153zone is reset to rewind the file zone write pointer position to the start of 154the zone, or up to the zone size, in which case the file's zone is transitioned 155to the FULL state (finish zone operation). 156 157Format options 158-------------- 159 160Several optional features of zonefs can be enabled at format time. 161* Conventional zone aggregation: ranges of contiguous conventional zones can be 162 aggregated into a single larger file instead of the default one file per zone. 163* File ownership: The owner UID and GID of zone files is by default 0 (root) 164 but can be changed to any valid UID/GID. 165* File access permissions: the default 640 access permissions can be changed. 166 167IO error handling 168----------------- 169 170Zoned block devices may fail I/O requests for reasons similar to regular block 171devices, e.g. due to bad sectors. However, in addition to such known I/O 172failure pattern, the standards governing zoned block devices behavior define 173additional conditions that result in I/O errors. 174 175* A zone may transition to the read-only condition (BLK_ZONE_COND_READONLY): 176 While the data already written in the zone is still readable, the zone can 177 no longer be written. No user action on the zone (zone management command or 178 read/write access) can change the zone condition back to a normal read/write 179 state. While the reasons for the device to transition a zone to read-only 180 state are not defined by the standards, a typical cause for such transition 181 would be a defective write head on an HDD (all zones under this head are 182 changed to read-only). 183 184* A zone may transition to the offline condition (BLK_ZONE_COND_OFFLINE): 185 An offline zone cannot be read nor written. No user action can transition an 186 offline zone back to an operational good state. Similarly to zone read-only 187 transitions, the reasons for a drive to transition a zone to the offline 188 condition are undefined. A typical cause would be a defective read-write head 189 on an HDD causing all zones on the platter under the broken head to be 190 inaccessible. 191 192* Unaligned write errors: These errors result from the host issuing write 193 requests with a start sector that does not correspond to a zone write pointer 194 position when the write request is executed by the device. Even though zonefs 195 enforces sequential file write for sequential zones, unaligned write errors 196 may still happen in the case of a partial failure of a very large direct I/O 197 operation split into multiple BIOs/requests or asynchronous I/O operations. 198 If one of the write request within the set of sequential write requests 199 issued to the device fails, all write requests queued after it will 200 become unaligned and fail. 201 202* Delayed write errors: similarly to regular block devices, if the device side 203 write cache is enabled, write errors may occur in ranges of previously 204 completed writes when the device write cache is flushed, e.g. on fsync(). 205 Similarly to the previous immediate unaligned write error case, delayed write 206 errors can propagate through a stream of cached sequential data for a zone 207 causing all data to be dropped after the sector that caused the error. 208 209All I/O errors detected by zonefs are notified to the user with an error code 210return for the system call that triggered or detected the error. The recovery 211actions taken by zonefs in response to I/O errors depend on the I/O type (read 212vs write) and on the reason for the error (bad sector, unaligned writes or zone 213condition change). 214 215* For read I/O errors, zonefs does not execute any particular recovery action, 216 but only if the file zone is still in a good condition and there is no 217 inconsistency between the file inode size and its zone write pointer position. 218 If a problem is detected, I/O error recovery is executed (see below table). 219 220* For write I/O errors, zonefs I/O error recovery is always executed. 221 222* A zone condition change to read-only or offline also always triggers zonefs 223 I/O error recovery. 224 225Zonefs minimal I/O error recovery may change a file size and file access 226permissions. 227 228* File size changes: 229 Immediate or delayed write errors in a sequential zone file may cause the file 230 inode size to be inconsistent with the amount of data successfully written in 231 the file zone. For instance, the partial failure of a multi-BIO large write 232 operation will cause the zone write pointer to advance partially, even though 233 the entire write operation will be reported as failed to the user. In such 234 case, the file inode size must be advanced to reflect the zone write pointer 235 change and eventually allow the user to restart writing at the end of the 236 file. 237 A file size may also be reduced to reflect a delayed write error detected on 238 fsync(): in this case, the amount of data effectively written in the zone may 239 be less than originally indicated by the file inode size. After such I/O 240 error, zonefs always fixes the file inode size to reflect the amount of data 241 persistently stored in the file zone. 242 243* Access permission changes: 244 A zone condition change to read-only is indicated with a change in the file 245 access permissions to render the file read-only. This disables changes to the 246 file attributes and data modification. For offline zones, all permissions 247 (read and write) to the file are disabled. 248 249Further action taken by zonefs I/O error recovery can be controlled by the user 250with the "errors=xxx" mount option. The table below summarizes the result of 251zonefs I/O error processing depending on the mount option and on the zone 252conditions. 253 254 +--------------+-----------+-----------------------------------------+ 255 | | | Post error state | 256 | "errors=xxx" | device | access permissions | 257 | mount | zone | file file device zone | 258 | option | condition | size read write read write | 259 +--------------+-----------+-----------------------------------------+ 260 | | good | fixed yes no yes yes | 261 | remount-ro | read-only | fixed yes no yes no | 262 | (default) | offline | 0 no no no no | 263 +--------------+-----------+-----------------------------------------+ 264 | | good | fixed yes no yes yes | 265 | zone-ro | read-only | fixed yes no yes no | 266 | | offline | 0 no no no no | 267 +--------------+-----------+-----------------------------------------+ 268 | | good | 0 no no yes yes | 269 | zone-offline | read-only | 0 no no yes no | 270 | | offline | 0 no no no no | 271 +--------------+-----------+-----------------------------------------+ 272 | | good | fixed yes yes yes yes | 273 | repair | read-only | fixed yes no yes no | 274 | | offline | 0 no no no no | 275 +--------------+-----------+-----------------------------------------+ 276 277Further notes: 278* The "errors=remount-ro" mount option is the default behavior of zonefs I/O 279 error processing if no errors mount option is specified. 280* With the "errors=remount-ro" mount option, the change of the file access 281 permissions to read-only applies to all files. The file system is remounted 282 read-only. 283* Access permission and file size changes due to the device transitioning zones 284 to the offline condition are permanent. Remounting or reformatting the device 285 with mkfs.zonefs (mkzonefs) will not change back offline zone files to a good 286 state. 287* File access permission changes to read-only due to the device transitioning 288 zones to the read-only condition are permanent. Remounting or reformatting 289 the device will not re-enable file write access. 290* File access permission changes implied by the remount-ro, zone-ro and 291 zone-offline mount options are temporary for zones in a good condition. 292 Unmounting and remounting the file system will restore the previous default 293 (format time values) access rights to the files affected. 294* The repair mount option triggers only the minimal set of I/O error recovery 295 actions, that is, file size fixes for zones in a good condition. Zones 296 indicated as being read-only or offline by the device still imply changes to 297 the zone file access permissions as noted in the table above. 298 299Mount options 300------------- 301 302zonefs define the "errors=<behavior>" mount option to allow the user to specify 303zonefs behavior in response to I/O errors, inode size inconsistencies or zone 304condition changes. The defined behaviors are as follow: 305* remount-ro (default) 306* zone-ro 307* zone-offline 308* repair 309 310The I/O error actions defined for each behavior are detailed in the previous 311section. 312 313Zonefs User Space Tools 314======================= 315 316The mkzonefs tool is used to format zoned block devices for use with zonefs. 317This tool is available on Github at: 318 319https://github.com/damien-lemoal/zonefs-tools 320 321zonefs-tools also includes a test suite which can be run against any zoned 322block device, including null_blk block device created with zoned mode. 323 324Examples 325-------- 326 327The following formats a 15TB host-managed SMR HDD with 256 MB zones 328with the conventional zones aggregation feature enabled. 329 330# mkzonefs -o aggr_cnv /dev/sdX 331# mount -t zonefs /dev/sdX /mnt 332# ls -l /mnt/ 333total 0 334dr-xr-xr-x 2 root root 1 Nov 25 13:23 cnv 335dr-xr-xr-x 2 root root 55356 Nov 25 13:23 seq 336 337The size of the zone files sub-directories indicate the number of files 338existing for each type of zones. In this example, there is only one 339conventional zone file (all conventional zones are aggregated under a single 340file). 341 342# ls -l /mnt/cnv 343total 137101312 344-rw-r----- 1 root root 140391743488 Nov 25 13:23 0 345 346This aggregated conventional zone file can be used as a regular file. 347 348# mkfs.ext4 /mnt/cnv/0 349# mount -o loop /mnt/cnv/0 /data 350 351The "seq" sub-directory grouping files for sequential write zones has in this 352example 55356 zones. 353 354# ls -lv /mnt/seq 355total 14511243264 356-rw-r----- 1 root root 0 Nov 25 13:23 0 357-rw-r----- 1 root root 0 Nov 25 13:23 1 358-rw-r----- 1 root root 0 Nov 25 13:23 2 359... 360-rw-r----- 1 root root 0 Nov 25 13:23 55354 361-rw-r----- 1 root root 0 Nov 25 13:23 55355 362 363For sequential write zone files, the file size changes as data is appended at 364the end of the file, similarly to any regular file system. 365 366# dd if=/dev/zero of=/mnt/seq/0 bs=4096 count=1 conv=notrunc oflag=direct 3671+0 records in 3681+0 records out 3694096 bytes (4.1 kB, 4.0 KiB) copied, 0.00044121 s, 9.3 MB/s 370 371# ls -l /mnt/seq/0 372-rw-r----- 1 root root 4096 Nov 25 13:23 /mnt/seq/0 373 374The written file can be truncated to the zone size, preventing any further 375write operation. 376 377# truncate -s 268435456 /mnt/seq/0 378# ls -l /mnt/seq/0 379-rw-r----- 1 root root 268435456 Nov 25 13:49 /mnt/seq/0 380 381Truncation to 0 size allows freeing the file zone storage space and restart 382append-writes to the file. 383 384# truncate -s 0 /mnt/seq/0 385# ls -l /mnt/seq/0 386-rw-r----- 1 root root 0 Nov 25 13:49 /mnt/seq/0 387 388Since files are statically mapped to zones on the disk, the number of blocks of 389a file as reported by stat() and fstat() indicates the size of the file zone. 390 391# stat /mnt/seq/0 392 File: /mnt/seq/0 393 Size: 0 Blocks: 524288 IO Block: 4096 regular empty file 394Device: 870h/2160d Inode: 50431 Links: 1 395Access: (0640/-rw-r-----) Uid: ( 0/ root) Gid: ( 0/ root) 396Access: 2019-11-25 13:23:57.048971997 +0900 397Modify: 2019-11-25 13:52:25.553805765 +0900 398Change: 2019-11-25 13:52:25.553805765 +0900 399 Birth: - 400 401The number of blocks of the file ("Blocks") in units of 512B blocks gives the 402maximum file size of 524288 * 512 B = 256 MB, corresponding to the device zone 403size in this example. Of note is that the "IO block" field always indicates the 404minimum I/O size for writes and corresponds to the device physical sector size.