►
From YouTube: February 2022 OpenZFS Leadership Meeting
Description
Agenda: Block Reference Table; Encryption bugs; Blake3 checksum.
https://docs.google.com/document/d/1w2jv2XVYFmBVvG1EGf-9A5HBVsjAYoLIFZAnWHhV-BM/edit#
A
A
B
B
Okay,
so
just
a
reminder,
brt
is
a
block.
Reference
table
is
in
some
way
similar
to
dedupe.
It
allows
to
manually
clone
specific,
given
blocks
it's
similar
to
reflect
from
linux
basically,
and
we
can
clone
individual
blocks
or
we
can
clone
whole
files,
but
the
idea
is
that
we
only
create
block
pointers
that
will
point
at
existing
data.
B
B
B
B
B
B
I
implemented
fclone
range
system
call
for
now,
because
the
going
code
itself
allows
to
clone
blocks,
but
the
cisco
I
implemented
initially
allowed
only
to
clo
clone
entire
files,
because
that
would
be
probably
the
most
common
use
case,
but
I
also
added
because
it
was
simply
easy
to
do
f.
Clone
range,
cisco
that
allows
to
clone
any
sets
of
blocks
even
within
the
same
file
as
long
as
the
ranges
don't
overlap.
B
B
This
cloning
blocks
is
a
bit
different
than
all
the
other
system
calls
and
operations
because
we
can
have
source
and
destination
files
in
different
data
sets.
So
for
zeal.
I
didn't
wanted
to
reference
data
set
that
it's,
maybe
I
don't
know
not
yet
available
for
some
reason,
or
so
I
didn't
wanted
to
use
file
ids
from
different
data
sets,
so
I
had
to
implement
replay
totally
different.
B
B
Apart
from
that,
I
think
some
tests
tests
would
be
nice
to
have
so.
I
would
appreciate
if
someone
pointed
at
the
right
direction,
how
we
could
test
that
or,
if
there's
any
similar,
maybe
how
the
duplication
is
tested
now.
So
maybe
I
could
work
on
something
similar
and
there
is
also
one
more
item
I'm
thinking
about
implementing,
because
now
the
the
block
reference
table
is
a
single
large
table
and
the
key
into
the
table
is
vdf
id
and
offset.
B
B
So
we
have
24
bytes
of
data
right,
16,
16
bytes
for
the
key
and
eight
bytes
for
for
the
data
and
so
30
33
of
this
repeats
almost
in
every
entry.
So
it's
probably
not
a
huge
space
savings,
but
it
just
bothers
me
that
we
are
repeating
everything,
so
I'm
just
considering
to
splitting
brt
per
vdf.
So
we
we
won't.
B
B
Not
really
so
not
sure
if
I
mentioned
that
in
the
past,
but
one
of
the
big
problems
was
that
when
we
free
a
block
we
have
to
reference,
we
have
to
look
at
the
brt
table
because
we
don't
have
like
specific
special
bit.
As
for
the
duplication
for
the
duplication,
you
only
consult
the
the
table
when
the
bit
is
set
for
brt.
B
B
B
B
A
B
A
Yeah,
you
could
do
that
and
then
like
either
use
those
bits
for
the
ref.
There
might
not
be
enough
bits
there
to
use
for
the
ref
count,
but
you
could
like
use
those
in
case
the
ref
count
overflows
the
32
bits,
or
maybe
the
refcon
is
16
bits,
plus
the
height
plus
the
bits
that
you
have
left
over
in
the
offset.
You
know
something
like
that
to
squeeze
it
as
squeeze
as
much
as
you
can
to
fit
it
to
fit
stuff
into
memory.
B
A
A
B
I
was
actually
surprised
with
the
calculations,
but
for
me,
even
one
gigabyte
was
like
very
small,
because
normally,
when
you
clone
a
file,
you
probably
want
to
clone
pretty
large
file
right.
Okay,
so
one
gigabyte
file
is
not
that
big
and
the
whole
file
should
should
be
should
fit
into
a
single
range,
because.
A
Yeah,
I
guess
I
was
thinking
that
people
might
use
it
to
clone
like
a
bunch
of
smaller
files.
Like
you
know,
I
it's
not
just
like
my
one
disk
image,
but
you
know
once
this
is
available
and
easy
to
use.
People
might
be
like.
Oh,
like
I'm
gonna,
cp
r.
All
of
my
photos
that
are
each
like
a
couple.
Megabytes
and
cp
is
just
you
know
using
your
brt
under
the
table
to
not
have
to
actually
copy
the
data.
A
B
What
you're
saying,
but
just
to
put
it
into
perspective,
like
we
can
have
one
megabyte
record
size
right
and
with
this
space
optimization,
let's
say
we
have
16
so
for
those
blocks
that
are
one
megabyte
and
for
ranges
that
are
one
megabyte.
It's
a
matter
of
like
if
it's.
If
this
range
table
takes
eight
megabytes
for
one
terabyte
or
if
brt
takes
like
16
megs
per
and
one
terabyte.
A
B
A
A
B
B
A
C
A
D
B
B
B
A
And
for
the
logging
that
you
mentioned,
I
assume,
like
the
the
overall
clone
operation,
might
be
like,
including
some
giant
file
and
are
you
I
assume
you're
like
splitting,
that
into
smaller
log
records,
where
it's
like
just
like,
when
you
do
a
huge
write
system,
call
we
split
it
into
like
one
mag
or
something
log
records.
Are
you
doing
something
similar
where
it's
like?
B
B
E
B
E
B
B
B
F
B
F
B
C
B
C
G
C
B
A
B
B
Yes,
for
freebsd,
there
is
nothing
like
that
as
far
as
I
know
so
we
will
need
to.
We
will
still
need
to
work
on
the
tools
to
to
be
able
to
to
use
that,
although
I
was
also
wondering-
and
maybe
you
guys
have
an
opinion-
that
about
implementing
some
kind
of
like
demon
that
can
work
in
the
background
and
find
stuff
that
can
be
deduplicated,
of
course,
with
snapshots.
B
So
the
idea
for
me
was
that
the
demon
would
walk
through
file
systems
and
just
read
blog
pointers
and
checksums.
So
it
should
be
much
faster
than
reading
all
the
data.
So
we
would
need
an
interface
for
that
as
well
and
and
then,
when
we
find
when
we
find
duplications
in
the
in
the
data,
then
we
we
could
use
brt
to
clone
like
older
block
to
the
to
the
newer
one,
and
even
if
we
have
snapshot
the
other
block
would
stay.
B
Yeah
well,
the
demon
would
be
nice
because
I
think
that
there
are
some
systems
already
that
use
offline
duplication
like
that
that
when
the
machine
is
like
less
busy,
the
demon
would
just
start
and
walk
and
try
to
find
what
can
be
duplicated
and
especially
if
we
will
came
up
with
the
interface
that
can
read
only
block
pointers.
So
this
should
be
much
much
quicker
than
just
reading
all
the
data
and
and
based
on
the
checksums.
B
If
it's
not
secure
check,
something
will,
of
course
compare
the
data
as
well,
but
if
it's,
but
still
so
so,
this
demon
could
be
really
like,
quick
and
also
if,
if
we
can
also
came
up
with
interface,
that
allows
us
to
to
swap
blocks
without,
even
because,
of
course,
we
are
working
on
a
live
file
system.
So
the
file
can
be
in
the
middle
of
changes,
so
it
would
be
also
nice
to
be
able
to
swap
blocks
to
have
a
mechanism
to
swap
blocks
like
atomically.
B
B
B
A
Thanks
thanks
christian
for
taking
notes,
I
see
you
typing
in
there
in
the
doc
next.
Should
we
talk
about
encryption?
Bugs
is
rich
here
I
don't
see
your
name.
He
said
he
might
not
be
able
to
make
it.
Is
there
anyone
else
working
on
this?
I
would
like
to
speak
to
the
summary
of
what's
going
on
with
encryption
bugs
here.
H
H
That
was
a
problem
mainly
when
ross
sending
snapshots
to
a
target
and
then
trying
to
send
them
back
to
the
originating
file
system.
That
was
not
possible
because
of
the
user
accounting
being
present.
So
we
decided
to
work
around
that
by
actually
resetting
the
flag
in
the
hospice
of
the
of
the
file
system
and.
A
H
H
There
was
a
second
one
that
it's
not
mentioned.
It
manifested
as
a
as
an
error,
an
unclear
error
when
again
rose
ending
and
receiving
snapshots,
but
it
was
actually
so
that
was,
I
think,
issue
12
720,
so
12
720,
where
it
manifested
during
gross
ending.
But
the
issue
was
only
because
the
encryption
code
path
was
changed,
was
checking
for
discrepancies
between
the
denode
bonus
length
and
the
denote
spill
pointer
flag,
so
actually
in
very
early
releases
of
open
zfs.
H
So
I
went
ahead
and
filed
a
pull
request.
This
is
13014,
so
13,
000,
0
14.,
where
we
actually,
when
we
encounter
such
body,
denotes
whose
bonus
length
is
actually
greater
than
the
predicted
one
when
accounting
also
for
the
denote
spill
pointer
flag.
We
report
an
error
and
this
is
done
during
normal
raw
receiving
and
also
during
scrubbing.
H
A
H
H
As
I
said,
it's
I
think
it's.
This
is
only
a
draft
pr.
He
he
he
actually
is
going
over
the
locking
to
see
where,
if,
if,
if
something
can
be,
if
the
the
backing
bypassed
with
manipulating
the
locking,
but
I'm
not
sure
that
we
actually
know
that
the
problem
is
there,
it
can
also
be
a
problem
in
the
in
the
r
code,
but
with
with
the
rest
count
accounting.
A
A
D
D
D
That's
that's
the
micro
benchmarking
like
it's
done
for
fletcher,
it's
the
same
meaning
and
for
a
1k
block
for
4k,
16k
and
so
on
and
up
to
four
megabyte
block
and
then
the
throughput
in
megabytes
per
second
cool.
I
even
implemented
a
char
tool,
I've
written
with
this,
but
but
it's
not
still
requested.
I
would
open
this
when
plague
is
in
and
then
I
would
also
do
some
stuff,
then
some
different
implementations
for
avx
and
and
then
generic
and
shiny
instructions
and
so
on.
D
Just
the
like
three,
that's
just
the
break
three
stuff
and
the
benchmarking
of
of
is
it
implementation
of
the
benchmarking
zooming
and
then
in
a
later
pull
request.
I
would
also
maybe
add
for
for
sure,
and
maybe
also
screen,
assembler
stuff
and
then
also
some
benchmarking
and
then
the
fastest
implementation
is
chosen
when
the
module
is
inserted.
D
A
See,
and
is
your
does
your
pr
include
the
like
the
avx
versions
of
blake,
three
okay
cool
yeah?
I
mean
those
numbers
like
great.
I
mean
it's
way
beyond.
You
know.
The
avx
512
is
like
what
like
four
three
times
faster
than
e
dot
r
and
like
10
times
faster
than
shot.
So
that's
that's
really
impressive.
D
D
D
E
A
E
So
black
three,
that
is
it.
I
think
that
is
the
definition
of
a
cryptographic,
checksum
and
blake.
Three
was
a
contender
in
the
shark
contest
by
a
quite
renowned
cryptographer.
I
can
ask
someone
who
is
like
doing
a
phd
in
cryptography
to
weigh
in
on
this.
He
is
also
a
previous
opencfs
contributor,
so
I
don't
know
he
has
some
domain
knowledge.
I
think
that's
I
can
reach
out
to
him.
H
B
A
I
think
we
use
it
for
an
operate
detection
and
it's
obviously
much
much
stronger
than
fletcher.
So
you
know
if,
if,
if
we
weren't
going
to
use
it
for
d
dupe,
then
it
seems
like
the
bar
is
already
met.
I
guess
the
question
is
like:
are
there?
Are
there
any
concerns
about?
You
know
unknown
vulnerabilities
that
might
make
it
not
appropriate
for
dido.
A
Well,
with
an
operate,
you
don't
really
have
to
be
concerned
about
an
attacker.
It's
only
like
accidental
matches
that
we
have
to
worry
about,
because
you
know,
if
you
can,
if
you
can
write
to
that
location,
then
obviously
you
can
write
whatever
you
want,
and
so
you
know
we
weren't
really
concerned
with
the
case
where,
like
an
attacker,
can
control
what's
written
but
then,
like
not,
you
know
we
were
all
really
worried
about.
A
B
A
B
Because
so
yeah
it's,
it's
definitely
different
different,
like
level
of
threat,
but
but
it's
also
important
like
you,
you
definitely
don't
want
to
leave
like
a
vulnerable
binary
only
because
the
updated
binary
have
the
same
checksum.
So
we
definitely
don't
want
this
to
be
accidental,
that
it's
possible
to
generate
something
similar
because,
like
I
also
give,
I
give
this
example.
A
Yeah,
I
think
we're
we're
almost
moving
to
the
end
of
the
time.
I
have
a
meeting
right
after
this,
so
why
don't
we
go
on
to?
Well,
I
guess,
let's
conclude
this
by
figuring
out
like
what
are
the
next
steps
needed
to
get
this
integrated?
I
think
one
of
them
is
to
have
this
person
who's
working
on
their
phd
in
cryptography,
to
take
a
look
at
it
and
and
just
tell
us
if
they
think,
based
on
kind
of
the
consensus
of
cryptographers.
A
G
D
A
A
I
I
G
Dataset
to
a
namespace
on
linux
and
basically
implementing
something
similar
to
what
freebsd
can
do
with
jails
or
alumos
with
zones
right
that
one's
been
sitting
there
a
while.
I
think
the
only
thing
you
know
there's
some
idea.
We
wanted
to
somehow
take
a
reference
to
the
name
space,
but
there
doesn't
seem
to
be
an
api
for
that.