mbox series

[v2,0/5] New rescue mount options

Message ID cover.1601318001.git.josef@toxicpanda.com (mailing list archive)
Headers show
Series New rescue mount options | expand

Message

Josef Bacik Sept. 28, 2020, 6:34 p.m. UTC 
v1->v2:
- Add Qu's reviewed-bys.
- Addressed the comment about dev extent verification for ignorebadroots.

Hello,

This is the next version of my rescue=all patches, this time broken up in to a
few discrete patches, with some cleanups as well.  I have a PR for the xfstest
that exercises these options, it can be found here

  https://github.com/btrfs/fstests/pull/35

This is the same idea as the previous versions, except I've made a mechanical
change.  Instead we have rescue=ignorebadroots, which ignores any global roots
that we may not be able to read.  We will still fail to mount if thinks like the
chunk root or the tree root are corrupt, but this will allow us to mount read
only if the extent root or csum root are completely hosed.

I've added a new patch this go around, rescue=ignoredatacsums.  Somebody had
indicated that they would prefer that the original rescue=all allowed us to
continue to read csums if the root was still intact.  In order to handle that
usecase that's what you get with rescue=ignorebadroots, however if your csum
tree is corrupt in the middle of the tree you could still end up with problems.
Thus we have rescue=ignoredatacsums which will completely disable the csum tree
as well.

And finally we have rescue=all, which simply enables ignoredatacsums,
ignorebadroots, and notreelogreplay.  We need an easy catch-all option for
distros to fallback on to get users the highest probability of being able to
recover their data, so we will use rescue=all to turn on all the fanciest rescue
options that we have, and then use the discrete options for more fine grained
recovery.  Thanks,

Josef

Josef Bacik (5):
  btrfs: unify the ro checking for mount options
  btrfs: push the NODATASUM check into btrfs_lookup_bio_sums
  btrfs: introduce rescue=ignorebadroots
  btrfs: introduce rescue=ignoredatacsums
  btrfs: introduce rescue=all

 fs/btrfs/block-group.c | 48 +++++++++++++++++++++++++++
 fs/btrfs/block-rsv.c   |  8 +++++
 fs/btrfs/compression.c | 17 ++++------
 fs/btrfs/ctree.h       |  2 ++
 fs/btrfs/disk-io.c     | 74 +++++++++++++++++++++++++++---------------
 fs/btrfs/file-item.c   |  4 +++
 fs/btrfs/inode.c       | 18 +++++++---
 fs/btrfs/super.c       | 49 ++++++++++++++++++++++++----
 fs/btrfs/volumes.c     | 13 ++++++++
 9 files changed, 185 insertions(+), 48 deletions(-)

Comments

David Sterba Sept. 29, 2020, 3:06 p.m. UTC | #1 
On Mon, Sep 28, 2020 at 02:34:52PM -0400, Josef Bacik wrote:
> And finally we have rescue=all, which simply enables ignoredatacsums,
> ignorebadroots, and notreelogreplay.  We need an easy catch-all option for
> distros to fallback on to get users the highest probability of being able to
> recover their data, so we will use rescue=all to turn on all the fanciest rescue
> options that we have, and then use the discrete options for more fine grained
> recovery.  Thanks,
> 
> Josef
> 
> Josef Bacik (5):
>   btrfs: unify the ro checking for mount options
>   btrfs: push the NODATASUM check into btrfs_lookup_bio_sums
>   btrfs: introduce rescue=ignorebadroots
>   btrfs: introduce rescue=ignoredatacsums
>   btrfs: introduce rescue=all

About the naming, the option names are quite clear but long to type. We
could have shorter aliases, eg. 'ibadroots', where 'i' is short for
'ignore'.

For completeness, we may also want to the negated options or add an
operator that will drop the bit, like

	mount -o rescue=all:^ignoredatacsums
	mount -o rescue=all,rescue=^ignoredatacsums