Lines Matching refs:the
5 protect against data corruption. However, the detection of the
7 after the data was written. At that point the original data that the
10 The solution is to ensure that the disk is actually storing what the
11 application meant it to. Recent additions to both the SCSI family
17 ensures the individual sectors are written in the right order. And
18 for some protection schemes also that the I/O is written to the right
24 between adjacent nodes in the I/O path. The interesting thing about
25 DIF and the other integrity extensions is that the protection format
26 is well defined and every node in the I/O path can verify the
27 integrity of the I/O and reject it if corruption is detected. This
28 allows not only corruption prevention but also isolation of the point
34 As written, the protocol extensions only protect the path between
36 allow the operating system to interact with the integrity metadata
38 the protection information to be transferred to and from their
44 transferred between the controller and target. The T13 proposal is
49 encouraged them to allow separation of the data and integrity metadata
52 The controller will interleave the buffers on write and split them on
53 read. This means that Linux can DMA the data buffers to and from
54 host memory without changes to the page cache.
56 Also, the 16-bit CRC checksum mandated by both the SCSI and SATA specs
60 lighter-weight checksum to be used when interfacing with the operating
61 system. Emulex, for instance, supports the TCP/IP checksum instead.
62 The IP checksum received from the OS is converted to the 16-bit CRC
63 when writing and vice versa. This allows the integrity metadata to be
64 generated by Linux or the application at very low cost (comparable to
67 The IP checksum is weaker than the CRC in terms of detecting bit
68 errors. However, the strength is really in the separation of the data
69 buffers and the integrity metadata. These two distinct buffers must
72 The separation of the data and integrity metadata buffers as well as
73 the choice in checksums is referred to as the Data Integrity
74 Extensions. As these extensions are outside the scope of the protocol
76 them within the Storage Networking Industry Association.
85 The advantage to the integrity extensions in SCSI and SATA is that
86 they enable us to protect the entire path from application to storage
87 device. However, at the same time this is also the biggest
88 disadvantage. It means that the protection information must be in a
89 format that can be understood by the disk.
91 Generally Linux/POSIX applications are agnostic to the intricacies of
92 the storage devices they are accessing. The virtual filesystem switch
93 and the block layer make things like hardware sector size and
94 transport protocols completely transparent to the application.
96 However, this level of detail is required when preparing the
97 protection information to send to a disk. Consequently, the very
103 from the application. As far as the application (and to some extent
104 the kernel) is concerned, the integrity metadata is opaque information
105 that's attached to the I/O.
107 The current implementation allows the block layer to automatically
108 generate the protection information for any I/O. Eventually the
109 intent is to move the integrity metadata calculation to userspace for
110 user data. Metadata and other I/O that originates within the kernel
111 will still use the automatic generation interface.
114 16-bit value. The owner of this tag space is the owner of the block
115 device. I.e. the filesystem in most cases. The filesystem can use
116 this extra space to tag sectors as they see fit. Because the tag
117 space is limited, the block interface allows tagging bigger chunks by
122 access to manipulate the tags from user space. A passthrough
133 pointer to a struct bip which contains the bio integrity payload.
135 containing the integrity metadata and the required housekeeping
139 calling bio_integrity_alloc(bio). This will allocate and attach the
140 bip to the bio.
145 bio_free() will automatically free the bip.
150 Because the format of the protection data is tied to the physical
153 with the block layer using blk_integrity_register().
156 the protection data, as well as getting and setting application tags.
158 merging and splitting the integrity metadata.
163 will require extra work due to the application tag.
171 The normal filesystem is unaware that the underlying block device
173 be automatically generated by the block layer at submit_bio() time
174 in case of a WRITE. A READ request will cause the I/O integrity
177 IMD generation and verification can be toggled using the
191 attached. It can also use the application tag space if this is
192 supported by the block device.
197 To generate IMD for WRITE and to set up buffers for READ, the
200 Prior to calling this function, the bio data direction and start
201 sector must be set, and the bio should have all data pages
202 added. It is up to the caller to ensure that the bio does not
212 are capable of transferring IMD from user space can use the
218 Allocates the bio integrity payload and hangs it off of the bio.
220 stored in the integrity bio_vec list (similar to bio_alloc()).
230 the integrity metadata in the pages must be in a format
231 understood by the target device with the notable exception that
232 the sector numbers will be remapped as the request traverses the
233 I/O stack. This implies that the pages added using this call
234 will be modified during I/O! The first reference tag in the
238 there is room in the bip bio_vec array (nr_pages).
240 Upon completion of a READ operation, the attached pages will
241 contain the integrity metadata received from the storage device.
242 It is up to the receiver to process them and verify data
249 To enable integrity exchange on a block device the gendisk must be
254 The blk_integrity struct is a template and should contain the
266 part of the userland API so chose it carefully and never change
272 'verify_fn' verifies that the data buffer matches the integrity
275 'tuple_size' must be set to match the size of the integrity
280 0 depending on the value of the Control Mode Page ATO bit.