►
From YouTube: December 2021 OpenZFS Leadership Meeting
Description
Agenda: ZFS Interface for Accelerators; Native encryption; https://docs.google.com/document/d/1w2jv2XVYFmBVvG1EGf-9A5HBVsjAYoLIFZAnWHhV-BM/edit#
A
A
First
one
we
were
just
discussing
so
folks
who
attend
regularly,
may
not
benefit
from
this
much,
but
there's
a
lot
of
people
who
can't
attend
or
attend
sporadically
and
the
meeting
notes
are
really
useful
to
them
to
see
what
was
discussed
and
and
decide.
You
know
when
they
need
to
go,
look
and
read,
watch
the
video
for
the
details
of
something
that
was
interesting
thanks
a
lot
to
seraphim
for
taking
those
notes
for
the
past
several
years.
A
I
think,
and
he
needs
a
little
break-
he's
been
at
it
for
quite
a
while.
So
we're
looking
for
volunteers
and
thanks
to
christian
for
volunteering
to
do
to
do
that.
That's
much
appreciated
and
I'll
send
out
those
meeting
notes.
Folks,
don't
haven't
seen
them
already.
I
send
them
out
to
the
mailing
list
developer
mailing
list
after
the
after
the
meeting.
A
C
C
C
The
motivating
reason
for
why
we,
this
work
exists,
can
be
summarized
by
this
graph
graciously
provided
by
brian
atkinson.
At
the
lab
we
like
to
run
ray
z2
z,
pools
with
compression
and
tracfoning
enabled.
Specifically,
we
like
to
run
gzip
as
our
compression
algorithm
on
this
graph.
You
can
see
that
with
no
compression
we
get
about
eight
and
a
half
gigs,
a
second
of
throughput
across
a
large
number
of
io
threads,
targeting
a
single
file
and
slightly
under
that
line.
We
have
lv4
compression,
which
is
about
at
a
7.5
gigs
a
second.
C
C
C
Fortunately,
there
are
devices
called
computational
storage
devices,
storage
devices
and
confidential
terminal
storage
processors
which
are
currently
being
developed.
They
have
hardware
implementations
of
operations
such
as
compression
and
checksuming,
and
erasure
coding,
which
happen
to
be
to
overlap
incredibly
well
with
the
features
that
vss
provides,
which
makes
vfs
an
ideal
candidate
for
offloading
operations.
C
C
So
here
is
a
diagram
of
the
right
pipeline,
with
the
i8
enabled
at
the
top
is
a
highly
simplified
diagram
of
the
cio
right
pipeline
on
the
left.
We
get
a
cio
plus,
it's
abd.
We
send
it
to
compress
do
a
bunch
of
checks.
Do
it
transform
push,
I
think
with
and
then
pass
the
compressed
data
to
check
something
raise
z,
the
v
does
disk
or
video
file
code
to
issue
the
I
o
and.
C
The
function,
the
the
zfs
shim
layer
will
see,
hey
via
is
enabled
easy.
Ia
compression
is
enabled
this
data
is
not
offloaded.
So
let's
offload
the
data
onto
the
off
the
hardware
accelerator
and
compress
it.
So
when
this
data
is
offloaded,
the
via
interface
returns,
a
handle
for
for
zfs
to
keep
track
of
this
handle
will
be
stored
in
the
abd
as
a
void
star.
So
so
it's
opaque
and
vfs
has
no
idea
what
it
is
and
can't
do
very
much
with
it
except
pass
it
around.
C
C
C
So
just
during
normal
operations,
data
will
never
be
brought
back
into
memory
other
than
minor
stuff
like
return
codes
or
checksums,
because
checksums
are
needed
in
block
pointers,
but
in
general
data
will
that
the
actual
data
in
the
abds
will
never
return
to
to
memory.
So
there
will
not
be
a
cost
of
constantly
transferring
data
back
and
forth
between
or
on
the
pcie
bus.
C
However,
there
are
errors
in
in
the
operation,
for
instance,
he
passed
in
it.
He
passed.
The
data
is
passed
into
the
checksum
function
when
you
have
request
flexure
for
and
this
hardware
accelerator
for
some
reason
doesn't
support,
flexure
4,
then,
yes,
the
data
will
be
passed
back
into
memory
and
then
offloaded
later.
But
hopefully
this
is
not
a
normal
occurrence,
so
you
shouldn't
incur
that
cost
too
often.
A
This
is
really
cool.
Can
I
ask
a
question
about
that?
Previous
slide
sure.
So
it
looks
like
in
the
diagram
here
like
the
the
xeo.
The
zio
pipeline
is
still
the
thing.
That's
like
driving
this,
so
every
stage
of
the
pipeline
is
still
executed
like
normally
and
then
it's
just
passing
this
hand
like
after
the
compression.
A
A
Correct,
okay
and
and
how
integrated
is
this
with
the
abd
stuff
like,
for
example,
let's
say
that
we
add
some
other
stage
in
here
into
the
pipeline
that
needs
to
process
the
data,
and
maybe
it
needs
to
process
it
on
the
main
host
cpu
by
by
like
just
like
calling
the
abd
you
know,
iterate
or
abd
copy
kind
of
functions.
Is
that
gonna
is
the
abd
code
then
going
to
know
that,
oh,
like
I
have
this
zia
handle?
B
C
A
Cool
yeah,
I
guess
my
main
concern
is
just
like.
Like
you
know,
the
normal
case
is
going
to
be
like
not
having
this
external
processing
unit
and
we
want
to
make
sure
that
we
don't
like
break
the
use
of
the
external
processing
unit
by
like
adding
something
that
you
weren't
thinking
about
into
the
ziya
pipeline.
A
And
so
it
would
be
nice
if
there
was
a
way
to
for
the
like
at
the
zio
layer
to
have
some
kind
of
error
checking
or
something
to
make
sure
that
the
data
like
if
there
is
a
handle,
then
you
know
and
you're
trying
to
get
the
data.
Then
you
have
actually
like
copied
it
back.
Like
have
some
assertion
that
you
know
you
you
already
copied
it
back
or
or
some
way
of
checking
that
you
know
what
I
mean.
A
E
C
A
C
D
E
A
Yeah,
I'm
sorry,
I
don't
want
to
like
rattle
too
much
on
this
it,
but
maybe
just
take
the
high
level
point
that,
like
let's
find
ways
that
we
like
this
sounds
really
cool.
It
sounds
like
you've
integrated
it
really
slickly
with
the
zio
pipeline
at
a
high
level.
That's
just
additionally
think
about
like
how
we
can
add
safeguards
to
make
sure
that
we
don't
you
know
accidentally
get
confused
about
where
the
data
is
and
then
you
know
operate
on
still
data
or
something
because
of
that.
D
F
C
A
Very
very
cool
and
very
tricky
just
background
info,
how
like
the
razer
reconstruction
is
non-trivial
and
non-standard.
How
is
this
like?
A
is
this
data
processing
unit
like
an
fpga
that
you've
like
programmed
to
know
how
to
do
the
recon,
like
that
raid
z,
math
stuff
in
parallel,
or
how
does
that
even
work.
G
A
A
A
A
Okay,
oh
that's
cool
yeah.
I
mean
that
that
math,
it's
not
like
it's,
certainly
not
impossible.
I
mean,
I
know
that
it's
like
vectorized
routines
have
been
written
for
a
bunch
of
different.
You
know
vector
instruction
sets
to
accelerate
the
raid
z
reconstruction,
which
is
you
know,
pretty
complicated,
especially
when
you
get
to
raid
z3.
C
Cool
so
right,
so
the
original
plan
was
to
write
this
shim
and
then
have
it
link
into
an
existing
bit
of
glue
code
for
that
talks
between
accelerators
and
the
via
shim.
Unfortunately,
that
was
just
not
a
good
design.
It
worked
to
get
me
started,
but
it
wasn't
extensible,
for
instance,
if
we
want
to
if
we
have
multiple
accelerators
and
we
want
to
switch
between
them,
we
couldn't
just
do
that
by
linking
vfs
directly
to
the
accelerated
glue
code.
C
Instead,
we
created
the
data
processing
unit
services,
module
which
acts
as
a
registry.
For
then
vendors
implement
what
we
call
providers,
which
is
the
glue
code
that
talks
to
their
accelerators,
which
allows
us
to
turn
accelerators,
often
on
from
or
switch
between
them
or
or
any
number
of
other
operations.
That.
A
C
A
C
A
D
A
A
A
A
I
like
this.
This
is
very
interesting
to
me,
but
it's
not
really
in
my
like
personal
use
case,
so
I'd
definitely
be
interested
to
hear
from
other
folks
about
both
technical
like
how
this
would
work,
and
also
like,
is
this
interesting
to
you,
and
I
imagine
people
might
be
curious
about
like
how
they
could
get
their
hands
on
these
fancy
accelerator
boards.
F
Might
be
a
question
about
like
the
the
memory
model,
so
the
idea
is
every
like
all
the
accelerators
will
be
attached
to
pci
express
there.
There's
no
idea
for
like
tighter
co-processors,
which
have
appeared
in
more
recent
arm
processors,
for
example.
There
are
like
arm
processors
with
pretty
tightly
integrated,
fpgas
and
so
on.
That
could
be
used.
C
A
A
But
you
could
imagine
like
maybe
that
you
know
maybe
the
like
handle
is
just
like.
Oh,
the
handle
is
just
like
a
pointer
to
main
memory
and
the
copying
to
and
from
the
handle
is
just
like
here's,
the
pointer.
So
it
seems
like
the
general
thing
that's
being
designed
here,
would
probably
work
just
fine
for
a
more
tightly
coupled
accelerator.
F
Yeah
I
mean
like
if
I
in
the
product
interpreted
the
first
slide
correctly
then
or
one
of
the
first
slides,
then
the
idea
was
to
directly
copy
like
tell
the
nvme
device
copy
from
the
accelerator
onto
the
nvme
device
as
possible.
In
that
case
like
we
have
to
make
sure
that
it's
dm
a
copyable
memory
on
the
outside
and
so
on.
A
few
implications
there,
but
in
general
yeah,
should
be
flexible
enough.
G
E
E
Just
one
other
comment:
I
know
with
the
qat
there
was
a
maybe
a
minor
issue
with
gzip.
In
that
the
way
they
implemented,
it
meant
that
the
same
block
compressed
with
the
cpu
would
have
a
different
checksum
than
the
block
compressed
by
qat
like
it
was
decompress
compatible,
but
it
wasn't
actually
bite
for
byte
the
same
as
if
you
would
compress
it
on
the
cpu.
They
used
a
like
a
slightly
different
table
for
for
the
gzip
that
resulted
in
it.
C
A
A
A
A
A
Yeah,
I
think
that's
a
great
question.
I
see
on
the
slide.
That's
up
now.
You
have
something
called
a
software
provider,
I'm
hoping
that.
Maybe
that's
like
you
know
something
that
could
that
can
be
a
provider
that
hooks
into
this
interface
but
is
implemented
in
software
and
doesn't
require
any
special
hardware.
F
C
F
G
E
D
Yeah
that
way,
it
would
be
nice
if,
like
if
this
becomes
kind
of
a
generic
framework
that-
and
we
do
have
something
like
a
software
provider
or
a
test
framework
or
something.
Then
we
like
get
rid
of
qat,
bring
it
into
this
framework
and
and
then
provide
ourselves
some
protection
there
and
and
consumers
of
that
protection.
A
Yeah
I
mean
I
I
could
imagine
that
this
becomes
like
like
there
is
no
non-dp
usm.
Now
usm
is
just
like
that's
the
interface
for
doing
you
know
doing
like
bulk
operations
on
data
and
all
the
current
software
implementations
move
to
the
other
side
of
that
api
as
part
of
the
software
provider,
and
then
it
and
then
all
that
you
have
is
a
switch.
That's
like
oh,
like
are
software
providers
operating
in
place,
or
are
software
operators
gonna
like
be
copied
out
to
another
buffer
for
testing
purposes?.
A
Yeah,
I
think
that
getting
it
like
accepted
upstream,
if,
if
there
were,
if
the
only
use
case
of
this
was
if
you're
a
special
entity
that
can
purchase
this
special
hardware,
then
you
can
use
a
special
thing.
Then
I
think
that
it
would
be
a
hard
sell
to
get
it
integrated
upstream,
but
if,
if
either
you
can
like
hook
into
software
providers
hook
into
the
qat,
that's
generally
available-
or
if
this
special
hardware
is
you
know
is-
is
purchasable
by
other
entities.
A
C
H
A
A
F
So,
as
I
understand
it,
this
dp
usm
will
be
a
separate
linux.
Kernel,
module
and
cfs
would
just
use
the
exported
interface
of
it.
Just
like
any
other
file
system
would
use
it
like.
Will
this
dp
usm
do
any
kind
of
resource
multiplexing,
or
will
it
expose
like
like
what?
What
will
the
interface
look
like
for
zfs?
F
A
E
Well,
like
I
know,
I
think,
with
qat.
It
only
made
sense
if
your
buffers
were
big
enough.
So
if
you
were
trying
to
check
some
only
for
8k
the
overhead
of
copying
out
to
pcie
and
back
wasn't
worth
it.
But
if
you
were
check
something
128k,
then
it
was,
and
it
might
make
sense
to
be
able
to
decide
which
ones
to
offload
and
which
one's
not
to
on
some
threshold.
A
Cool
thanks
a
lot
for
this
presentation,
jason.
I
really
appreciate
you
like
coming
and
bringing
these
ideas
to
the
the
team
and
and
getting
the
feedback
early
on,
and
you
know
and
engaging
with
the
community.
I
think
that
you
know
there'll
be
a
lot
less
surprises
later
on.
You
know
when,
when
you
want
to
get
it
integrated
so
right
next
steps.
Could
you
send
this
a
link
to
your
slides
to
me
just
so
that
we
can.
A
I
don't
have
this
online,
can
I
just
email
it
yeah
yeah.
You
can
just
email,
a
pd,
any
email,
a
pdf
or
a
powerpoint
or
whatever
to
me
and
then
I'll.
I
can
put
it
up
just
as
part
of
our
meeting
notes,
okay
and
then
yeah,
I
mean
feel
free
like
when
you
make
progress
on
this
and
you
have
more
questions.
You
know
feel
free
to
come
back
to
this
meeting
and
and
have
another
discussion
or
open
a
pull
request
whenever
you're
ready.
A
A
G
So
it
turns
out
encryption
has
bugs
surprise.
I
know
it's
shocking
right,
but
it
I
I
went
through.
I
can
share
the
spreadsheet
I
produced.
I
went
through
all
the
bugs
tagged
encryption
and
I
gave
them
a
first
pass
and
it
turns
out
that
they
all
fall
into
one
of
like
three
categories:
more
or
less
there's
a
couple
of
outliers,
but
broadly
the
big
one
is.
G
G
G
I've
been
looking
into
this
for
a
bit.
I
have
had
some
trouble
reproducing
it
on
anything,
that's
useful.
For
some
reason,
I've
only
been
able
to
reproduce
it
on
random,
not
x86
architectures.
All
the
reporters
are
from
x86
architectures,
but
you
know
I
have
a
zfs
test
suite
loop.
That
will
do
it
inside
of
a
day
on.
G
So
you
know
software
very
annoying,
but
all
right,
I
should
have
led.
I
mostly
came
here
to
ask
for
like
if
anyone
would
be
willing
to
spend
a
bit
of
time
and
offer
insight,
because
I
am
not
at
all
familiar
with
this
code.
I
have
tried
reading
it,
but
it's
somewhat
difficult
to
run
down
what
might
be
going
wrong
and
the
bugs
at
least
yeah,
the
all
the
bugs
that
I'm
looking
at
seem
to
go
back
to
when
encryption
was
first
integrated,
like
the
one
I'm
talking
about
right
now.
G
G
G
A
G
G
G
G
A
I
think
this
is
a
great
opportunity
for
like
someone
or
some
company,
that's
using
encryption
to
you,
know,
step
up
and
be
a
leader
in
this
area
like
it's
hard
for
me
personally,
like
I
know
a
little
bit
about
encryption
and
and
probably
more
than
I
would
like
to
about
d
nodes
and
center
receive.
But
you
know
I
have
a
lot
of
other
stuff
to
do
and
I
don't
and
like
I
don't
use
encryption
at
my
job,
so
there's
probably
other
people
who
are
using
encryption
at
their
jobs.
G
G
F
G
F
G
A
G
G
Less
memory
I
did
because
it
does
seem
to
be
related
to
free
memory
on
one
vm.
I
have
it
only
reproduces
right
before
the
kernel
proceeds
to
permanently
scream
and
yell,
because
it
has
run
out
of
memory
for
higher
order
allocations,
but
I
have
reduced
the
amount
of
ram
on
the
vms,
and
linux
has
a
nice
flag
on
real
hardware
that
you
can
say.
I
have
this
much
ram.
G
A
G
D
G
I
G
A
G
Reproducing
it
on
freebsd,
I
think
all
of
the
ones
I've
seen
reproduce
it
are
on
linux.
Well,
that's
not
entirely
true
right.
I
mentioned
all
the
ones
that
I
was
discussing
before
on
linux,
but
I
did
mention
the
person
or
the
the
people
reproducing
something
that
looks
very
similar
on
lumos
for
the
one
where
the
buffer
gets
the
wrong
ref
count.
G
J
G
J
G
A
We're
almost
out
of
time
for
the
meeting,
but
thanks
a
lot
for
bringing
this
up
rich.
I
think
you
know,
in
the
absence
of
anybody
like
picking
standing
up
to
to
really
take
ownership
of
this.
I
think
we
should
continue
to
bring
this
up
at
future
meetings
just
to
to
continue
advertising
this
opportunity
for
for
more
engagement,
yeah
exactly-
and
you
know,
to
make
folks
aware
of
of
you-
know
the
work
that
you're
doing
and
and
that
people
are
still
hitting
this.
A
E
So
I
just
keep
track
of
a
pool
wide.
What's
the
you
know
worst
minimum
allocation
size
for
any
v
dev
in
this
pool
and
uses
that
value,
and
it
changes
the
math
to
round
up
to
the
nearest
that
many
sectors,
rather
than
just
straight
up,
multiplying
the
logical
size
by
the
worst
case
right,
because
if
you
end
up
meeting,
you
know
seven
sectors
and
the
raid
zed's
gonna
bump
that
to
10
you
don't
actually
want
to
multiply
the
size
by
10.
You
want
to
round
it
up
to
the
next
10.
E
H
H
For
I
don't
know,
people
that
may
not
remember
corrupt
corrective
receive
enables
us
to
heal
permanent
data,
corruption
using
the
consent
file
or
something
and
there's
a
talk,
that's
linked
in
the
pr
for
more
context
on
this.
You
can
go,
listen
to
it
and
watch
it,
but
yeah
any
help
in
moving
this
forward
or
or
anybody
that
wants
to
review.
It
is
appreciated.
A
A
I
guess
it
gets
hit
enough.
Where
did
hook
doesn't
want
to
hide
it
yeah,
I
think
yeah
I
don't
know,
I
think
it
might
just
be
like.
Oh
you
know
when
there's
more
than,
however
many
comments,
I
just
it's
just
like
you
get
the
first
three
and
then
you
the
last
seven
and
anything
in
the
middle
is
just
like.