[v6,00/11] xfs: widen timestamps to deal with y2038

Message ID	159901538766.548109.8040337941204954344.stgit@magnolia (mailing list archive)
Headers	show Return-Path: <SRS0=53rf=CL=vger.kernel.org=linux-xfs-owner@kernel.org> Subject: [PATCH v6 00/11] xfs: widen timestamps to deal with y2038 From: "Darrick J. Wong" <darrick.wong@oracle.com> To: darrick.wong@oracle.com, david@fromorbit.com, hch@infradead.org Cc: Christoph Hellwig <hch@lst.de>, Gao Xiang <hsiangkao@redhat.com>, Amir Goldstein <amir73il@gmail.com>, Allison Collins <allison.henderson@oracle.com>, linux-xfs@vger.kernel.org, amir73il@gmail.com, sandeen@sandeen.net Date: Tue, 01 Sep 2020 19:56:27 -0700 Message-ID: <159901538766.548109.8040337941204954344.stgit@magnolia> User-Agent: StGit/0.19 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Sender: linux-xfs-owner@vger.kernel.org Precedence: bulk
Series	xfs: widen timestamps to deal with y2038 \| expand [v6,00/11] xfs: widen timestamps to deal with y2038 [01/11] xfs: explicitly define inode timestamp range [02/11] xfs: refactor quota expiration timer modification [03/11] xfs: refactor default quota grace period setting code [04/11] xfs: refactor quota timestamp coding [05/11] xfs: move xfs_log_dinode_to_disk to the log recovery code [06/11] xfs: redefine xfs_timestamp_t [07/11] xfs: redefine xfs_ictimestamp_t [08/11] xfs: widen ondisk inode timestamps to deal with y2038+ [09/11] xfs: widen ondisk quota expiration timestamps to handle y2038+ [10/11] xfs: trace timestamp limits [11/11] xfs: enable big timestamps

Message ID

159901538766.548109.8040337941204954344.stgit@magnolia (mailing list archive)

Headers

Subject: [PATCH v6 00/11] xfs: widen timestamps to deal with y2038
From: "Darrick J. Wong" <darrick.wong@oracle.com>
To: darrick.wong@oracle.com, david@fromorbit.com, hch@infradead.org
Cc: Christoph Hellwig <hch@lst.de>, Gao Xiang <hsiangkao@redhat.com>,
        Amir Goldstein <amir73il@gmail.com>,
        Allison Collins <allison.henderson@oracle.com>,
        linux-xfs@vger.kernel.org, amir73il@gmail.com, sandeen@sandeen.net
Date: Tue, 01 Sep 2020 19:56:27 -0700
Message-ID: <159901538766.548109.8040337941204954344.stgit@magnolia>
User-Agent: StGit/0.19
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Sender: linux-xfs-owner@vger.kernel.org
Precedence: bulk

Series

xfs: widen timestamps to deal with y2038 | expand

Message

Darrick J. Wong Sept. 2, 2020, 2:56 a.m. UTC

Hi all,

This series performs some refactoring of our timestamp and inode
encoding functions, then retrofits the timestamp union to handle
timestamps as a 64-bit nanosecond counter.  Next, it adds bit shifting
to the non-root dquot timer fields to boost their effective size to 34
bits.  These two changes enable correct time handling on XFS through the
year 2486.

On a current V5 filesystem, inodes timestamps are a signed 32-bit
seconds counter, with 0 being the Unix epoch.  Quota timers are an
unsigned 32-bit seconds counter, with 0 also being the Unix epoch.

This means that inode timestamps can range from:
-(2^31-1) (13 Dec 1901) through (2^31-1) (19 Jan 2038).

And quota timers can range from:
0 (1 Jan 1970) through (2^32-1) (7 Feb 2106).

With the bigtime encoding turned on, inode timestamps are an unsigned
64-bit nanoseconds counter, with 0 being the 1901 epoch.  Quota timers
are a 34-bit unsigned second counter right shifted two bits, with 0
being the Unix epoch, and capped at the maximum inode timestamp value.

This means that inode timestamps can range from:
0 (13 Dec 1901) through (2^64-1 / 1e9) (2 Jul 2486)

Quota timers could theoretically range from:
0 (1 Jan 1970) through (((2^34-1) + (2^31-1)) & ~3) (16 Jun 2582).

But with the capping in place, the quota timers maximum is:
max((2^64-1 / 1e9) - (2^31-1), (((2^34-1) + (2^31-1)) & ~3) (2 Jul 2486).

v2: rebase to 5.9, having landed the quota refactoring
v3: various suggestions by Amir and Dave
v4: drop the timestamp unions, add "is bigtime?" predicates everywhere
v5: reintroduce timestamp unions as *legacy* timestamp unions
v6: minor stylistic changes

If you're going to start using this mess, you probably ought to just
pull from my git trees, which are linked below.

This is an extraordinary way to destroy everything.  Enjoy!
Comments and questions are, as always, welcome.

--D

kernel git tree:
https://git.kernel.org/cgit/linux/kernel/git/djwong/xfs-linux.git/log/?h=bigtime

xfsprogs git tree:
https://git.kernel.org/cgit/linux/kernel/git/djwong/xfsprogs-dev.git/log/?h=bigtime

fstests git tree:
https://git.kernel.org/cgit/linux/kernel/git/djwong/xfstests-dev.git/log/?h=bigtime
---
 fs/xfs/libxfs/xfs_dquot_buf.c   |   35 +++++++
 fs/xfs/libxfs/xfs_format.h      |  190 ++++++++++++++++++++++++++++++++++++++-
 fs/xfs/libxfs/xfs_fs.h          |    1 
 fs/xfs/libxfs/xfs_ialloc.c      |    4 +
 fs/xfs/libxfs/xfs_inode_buf.c   |  130 +++++++++++++--------------
 fs/xfs/libxfs/xfs_inode_buf.h   |   15 +++
 fs/xfs/libxfs/xfs_log_format.h  |    7 +
 fs/xfs/libxfs/xfs_quota_defs.h  |    8 +-
 fs/xfs/libxfs/xfs_sb.c          |    2 
 fs/xfs/libxfs/xfs_shared.h      |    3 +
 fs/xfs/libxfs/xfs_trans_inode.c |   11 ++
 fs/xfs/scrub/inode.c            |   31 +++++-
 fs/xfs/xfs_dquot.c              |   52 +++++++++--
 fs/xfs/xfs_dquot.h              |    3 +
 fs/xfs/xfs_inode.c              |    4 -
 fs/xfs/xfs_inode.h              |    5 +
 fs/xfs/xfs_inode_item.c         |   34 +++++--
 fs/xfs/xfs_inode_item_recover.c |   76 ++++++++++++++++
 fs/xfs/xfs_ioctl.c              |    3 -
 fs/xfs/xfs_ondisk.h             |   24 +++++
 fs/xfs/xfs_qm.c                 |   13 +++
 fs/xfs/xfs_qm.h                 |    4 +
 fs/xfs/xfs_qm_syscalls.c        |   18 ++--
 fs/xfs/xfs_super.c              |   14 ++-
 fs/xfs/xfs_trace.h              |   26 +++++
 fs/xfs/xfs_trans_dquot.c        |    6 +
 26 files changed, 602 insertions(+), 117 deletions(-)

Comments

Dave Chinner Sept. 6, 2020, 9:43 p.m. UTC | #1

On Tue, Sep 01, 2020 at 07:56:27PM -0700, Darrick J. Wong wrote:
> Hi all,
> 
> This series performs some refactoring of our timestamp and inode
> encoding functions, then retrofits the timestamp union to handle
> timestamps as a 64-bit nanosecond counter.  Next, it adds bit shifting
> to the non-root dquot timer fields to boost their effective size to 34
> bits.  These two changes enable correct time handling on XFS through the
> year 2486.
> 
> On a current V5 filesystem, inodes timestamps are a signed 32-bit
> seconds counter, with 0 being the Unix epoch.  Quota timers are an
> unsigned 32-bit seconds counter, with 0 also being the Unix epoch.
> 
> This means that inode timestamps can range from:
> -(2^31-1) (13 Dec 1901) through (2^31-1) (19 Jan 2038).
> 
> And quota timers can range from:
> 0 (1 Jan 1970) through (2^32-1) (7 Feb 2106).
> 
> With the bigtime encoding turned on, inode timestamps are an unsigned
> 64-bit nanoseconds counter, with 0 being the 1901 epoch.  Quota timers
> are a 34-bit unsigned second counter right shifted two bits, with 0
> being the Unix epoch, and capped at the maximum inode timestamp value.
> 
> This means that inode timestamps can range from:
> 0 (13 Dec 1901) through (2^64-1 / 1e9) (2 Jul 2486)
> 
> Quota timers could theoretically range from:
> 0 (1 Jan 1970) through (((2^34-1) + (2^31-1)) & ~3) (16 Jun 2582).
> 
> But with the capping in place, the quota timers maximum is:
> max((2^64-1 / 1e9) - (2^31-1), (((2^34-1) + (2^31-1)) & ~3) (2 Jul 2486).
> 
> v2: rebase to 5.9, having landed the quota refactoring
> v3: various suggestions by Amir and Dave
> v4: drop the timestamp unions, add "is bigtime?" predicates everywhere
> v5: reintroduce timestamp unions as *legacy* timestamp unions
> v6: minor stylistic changes
> 
> If you're going to start using this mess, you probably ought to just
> pull from my git trees, which are linked below.
> 
> This is an extraordinary way to destroy everything.  Enjoy!
> Comments and questions are, as always, welcome.

The whole series looks good to me now.

Reviewed-by: Dave Chinner <dchinner@redhat.com>