From owner-freebsd-bugs@freebsd.org Tue Nov 17 08:39:21 2015 Return-Path: Delivered-To: freebsd-bugs@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8F8DEA2E43D for ; Tue, 17 Nov 2015 08:39:21 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 748D913DD for ; Tue, 17 Nov 2015 08:39:21 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id tAH8dLCK084235 for ; Tue, 17 Nov 2015 08:39:21 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 204622] [zfs] [patch] Improve 'zpool labelclear' command Date: Tue, 17 Nov 2015 08:39:21 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.0-CURRENT X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: ganael.laplanche@corp.ovh.com X-Bugzilla-Status: New X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-bugs@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status keywords bug_severity priority component assigned_to reporter attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Nov 2015 08:39:21 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=204622 Bug ID: 204622 Summary: [zfs] [patch] Improve 'zpool labelclear' command Product: Base System Version: 11.0-CURRENT Hardware: Any OS: Any Status: New Keywords: patch Severity: Affects Some People Priority: --- Component: kern Assignee: freebsd-bugs@FreeBSD.org Reporter: ganael.laplanche@corp.ovh.com Keywords: patch Created attachment 163238 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=163238&action=edit Patch for 10.2 Hi, Here is a proposal to improve the "zpool labelclear" command. Currently, this command blindly overwrites both the 2 first and last labels of a disk (i.e. 2 x 256 kB at the beginning and end of a disk). This can lead to tricky situations where labels are still seen while another filesystem has taken place over the original zpool. In such a case, still being able to import the zpool can lead to destroying the filesystem that has been created over the pool. Here is a simple example : # zpool create test ada1 [... work ...] # zpool export test then, one decides to re-format the drive (without clearing the labels, damn!) : # newfs /dev/ada1 # mount /dev/ada1 /mnt # touch /mnt/foo # umount /mnt Unfortunately, ZFS labels are still there as newfs did not overwrite them : # zpool import pool: test id: 17834878187816880903 state: ONLINE action: The pool can be imported using its name or numeric identifier. config: test ONLINE ada1 ONLINE If we import/export the pool, labels a re-written and the UFS filesystem is broken : # zpool import test # zpool export test # mount /dev/ada1 /mnt mount: /dev/ada1: Invalid argument To minimize the risks of overwriting important data, I have looked for a way to invalidate a label by writing the *minimal* amount of data. I have found a simple way to invalidate a whole label by just modifying 1 byte: setting an invalid encoding for its nvlist is enough to make it considered as broken and ignored. The attached patch adds a -m (minimal) option to the 'labelclear' command that exploits this hack. With this option, we are now able to clear labels (to avoid a future import/export) without breaking a UFS filesystem : (after having unmounted UFS mountpoint /mnt) # zpool labelclear -m -f /dev/ada1 # zpool import # mount /dev/ada1 /mnt # ls /mnt .snap foo Of course, if the 4 bytes (4 * 1 byte) which are overwritten here are important for the new filesystem, it will be broken too. Anyway, erasing 4 bytes will always be less risky than erasing 4 * 256 kB! There are other situations where one would like to clear beginning or ending labels only ; the patch adds two options for that purpose : -b (beginning) and -e (ending). It also adds the ability to invalidate a single label using the -i (index) option. Here is an example with a msdosfs filesystem : # zpool create test ada1 # zpool export test # newfs_msdos /dev/ada1 # mount -t msdosfs -o large /dev/ada1 /mnt # touch /mnt/foo # umount /mnt # zdb -l /dev/ada1 -------------------------------------------- LABEL 0 -------------------------------------------- failed to unpack label 0 -------------------------------------------- LABEL 1 -------------------------------------------- failed to unpack label 1 -------------------------------------------- LABEL 2 -------------------------------------------- version: 5000 name: 'test' [...] -------------------------------------------- LABEL 3 -------------------------------------------- version: 5000 name: 'test' [...] Ending labels remain valid : # zpool import pool: test id: 693883832785598877 state: ONLINE action: The pool can be imported using its name or numeric identifier. config: test ONLINE ada1 ONLINE If we import that filesystem, we will be breaking our msdosfs. To invalidate those two ending labels (only) without breaking our filesystem, we can safely perform the following : # zpool labelclear -e -m -f /dev/ada1 # zpool import # mount -t msdosfs -o large /dev/ada1 /mnt # ls /mnt foo Finally, the original command did a blind invalidation, without even trying to check that there is a valid label to erase. I have added a '-c' (check) option that tries to validate a label before doing anything on the disk. It will exit if no label is detected, avoiding to erase important data. This feature will try to unpack the pool configuration (nvlist) to see if it is valid or not ; this should be enough in most cases : # zpool create test ada1 # zpool export test # zpool labelclear -c -f /dev/ada1 # zpool labelclear -c -f /dev/ada1 Label clear failed on vdev /dev/ada1 Here, the second call did nothing as the label has already been invalidated. Find attached two patches: one for 10.2 and another one for -CURRENT (r290928). It keeps full compatibility with the zpool command interface, as well as libzfs and libnvpair ABIs. I am submitting this patch here as it's been developped and tested on FreeBSD, please tell me if it would be better posted on Illumos Gate. Best regards, Ganael. -- You are receiving this mail because: You are the assignee for the bug.