e4e6d85ea4
In the OstreeRepoFinderAvahi implementation, ostree_avahi_service_build_repo_finder_result() is where the DNS-SD records are processed and turned into OstreeRepoFinderResult objects. Each result object is supposed to have a hash table mapping refs to checksums, so this is accomplished by first adding a placeholder (a ref mapping to a NULL checksum) for each ref matched by the bloom filter, and later filling in the checksums using the remote's summary file, which happens in get_checksums(). The problem is that there's no guarantee all the checksums will be resolved (non-NULL), so the ostree_repo_finder_result_new() call then hits an assertion failure in is_valid_collection_ref_map() leading to a crash (in the case that one or more refs had NULL checksums). There are at least two situations where the ref checksum might not be found in the peer remote's summary file: 1) The bloom filter match was a false positive. This is going to happen sometimes by design. 2) The peer remote's summary is out of sync with its DNS-SD records. This shouldn't normally happen but it's still good to be robust to the possibility; in Endless OS nothing guarantees the atomicity of updating the summary and DNS-SD records. This commit changes libostree to be robust to the possibility of refs missing from the peer remote's summary, by removing any that still have a NULL checksum associated with them after the summary has been fetched and processed. The other OstreeRepoFinder implementations don't have this issue because they use summary files directly and therefore always have access to the checksum. Closes: #1717 Approved by: pwithnall |
||
|---|---|---|
| .. | ||
| README-gpg | ||
| README.md | ||
| bupsplit.c | ||
| bupsplit.h | ||
| libostree-devel.sym | ||
| libostree-released.sym | ||
| ostree-1.pc.in | ||
| ostree-async-progress.c | ||
| ostree-async-progress.h | ||
| ostree-autocleanups.h | ||
| ostree-bloom-private.h | ||
| ostree-bloom.c | ||
| ostree-bootconfig-parser.c | ||
| ostree-bootconfig-parser.h | ||
| ostree-bootloader-grub2.c | ||
| ostree-bootloader-grub2.h | ||
| ostree-bootloader-syslinux.c | ||
| ostree-bootloader-syslinux.h | ||
| ostree-bootloader-uboot.c | ||
| ostree-bootloader-uboot.h | ||
| ostree-bootloader.c | ||
| ostree-bootloader.h | ||
| ostree-chain-input-stream.c | ||
| ostree-chain-input-stream.h | ||
| ostree-checksum-input-stream.c | ||
| ostree-checksum-input-stream.h | ||
| ostree-cmdprivate.c | ||
| ostree-cmdprivate.h | ||
| ostree-core-private.h | ||
| ostree-core.c | ||
| ostree-core.h | ||
| ostree-deployment-private.h | ||
| ostree-deployment.c | ||
| ostree-deployment.h | ||
| ostree-diff.c | ||
| ostree-diff.h | ||
| ostree-dummy-enumtypes.c | ||
| ostree-dummy-enumtypes.h | ||
| ostree-enumtypes.c.template | ||
| ostree-enumtypes.h.template | ||
| ostree-fetcher-curl.c | ||
| ostree-fetcher-soup.c | ||
| ostree-fetcher-uri.c | ||
| ostree-fetcher-util.c | ||
| ostree-fetcher-util.h | ||
| ostree-fetcher.h | ||
| ostree-gpg-verifier.c | ||
| ostree-gpg-verifier.h | ||
| ostree-gpg-verify-result-private.h | ||
| ostree-gpg-verify-result.c | ||
| ostree-gpg-verify-result.h | ||
| ostree-impl-system-generator.c | ||
| ostree-kernel-args.c | ||
| ostree-kernel-args.h | ||
| ostree-libarchive-input-stream.c | ||
| ostree-libarchive-input-stream.h | ||
| ostree-libarchive-private.h | ||
| ostree-linuxfsutil.c | ||
| ostree-linuxfsutil.h | ||
| ostree-lzma-common.c | ||
| ostree-lzma-common.h | ||
| ostree-lzma-compressor.c | ||
| ostree-lzma-compressor.h | ||
| ostree-lzma-decompressor.c | ||
| ostree-lzma-decompressor.h | ||
| ostree-metalink.c | ||
| ostree-metalink.h | ||
| ostree-mutable-tree.c | ||
| ostree-mutable-tree.h | ||
| ostree-ref.c | ||
| ostree-ref.h | ||
| ostree-remote-private.h | ||
| ostree-remote.c | ||
| ostree-remote.h | ||
| ostree-repo-checkout.c | ||
| ostree-repo-commit.c | ||
| ostree-repo-deprecated.h | ||
| ostree-repo-file-enumerator.c | ||
| ostree-repo-file-enumerator.h | ||
| ostree-repo-file.c | ||
| ostree-repo-file.h | ||
| ostree-repo-finder-avahi-parser.c | ||
| ostree-repo-finder-avahi-private.h | ||
| ostree-repo-finder-avahi.c | ||
| ostree-repo-finder-avahi.h | ||
| ostree-repo-finder-config.c | ||
| ostree-repo-finder-config.h | ||
| ostree-repo-finder-mount.c | ||
| ostree-repo-finder-mount.h | ||
| ostree-repo-finder-override.c | ||
| ostree-repo-finder-override.h | ||
| ostree-repo-finder.c | ||
| ostree-repo-finder.h | ||
| ostree-repo-libarchive.c | ||
| ostree-repo-private.h | ||
| ostree-repo-prune.c | ||
| ostree-repo-pull-private.h | ||
| ostree-repo-pull.c | ||
| ostree-repo-refs.c | ||
| ostree-repo-static-delta-compilation-analysis.c | ||
| ostree-repo-static-delta-compilation.c | ||
| ostree-repo-static-delta-core.c | ||
| ostree-repo-static-delta-private.h | ||
| ostree-repo-static-delta-processing.c | ||
| ostree-repo-traverse.c | ||
| ostree-repo.c | ||
| ostree-repo.h | ||
| ostree-rollsum.c | ||
| ostree-rollsum.h | ||
| ostree-sepolicy-private.h | ||
| ostree-sepolicy.c | ||
| ostree-sepolicy.h | ||
| ostree-soup-form.c | ||
| ostree-soup-uri.c | ||
| ostree-soup-uri.h | ||
| ostree-sysroot-cleanup.c | ||
| ostree-sysroot-deploy.c | ||
| ostree-sysroot-private.h | ||
| ostree-sysroot-upgrader.c | ||
| ostree-sysroot-upgrader.h | ||
| ostree-sysroot.c | ||
| ostree-sysroot.h | ||
| ostree-tls-cert-interaction.c | ||
| ostree-tls-cert-interaction.h | ||
| ostree-types.h | ||
| ostree-varint.c | ||
| ostree-varint.h | ||
| ostree-version.h.in | ||
| ostree.h | ||
README.md
Repository design
At the heart of OSTree is the repository. It's very similar to git, with the idea of content-addressed storage. However, OSTree is designed to store operating system binaries, not source code. There are several consequences to this. The key difference as compared to git is that the OSTree definition of "content" includes key Unix metadata such as owner uid/gid, as well as all extended attributes.
Essentially OSTree is designed so that if two files have the same OSTree checksum, it's safe to replace them with a hard link. This fundamental design means that an OSTree repository imposes negligible overhead. In contrast, a git repository stores copies of zlib-compressed data.
Key differences versus git
- As mentioned above, extended attributes and owner uid/gid are versioned
- Optimized for Unix hardlinks between repository and checkout
- SHA256 instead of SHA1
- Support for empty directories
Binary files
While this is still in planning, I plan to heavily optimize OSTree for versioning ELF operating systems. In industry jargon, this would be "content-aware storage".
Trimming history
OSTree will also be optimized to trim intermediate history; in theory one can regenerate binaries from corresponding (git) source code, so we don't need to keep all possible builds over time.
MILESTONE 1
- Basic pack files (like git)
MILESTONE 2
- Store checksums as ay
- Drop version/metadata from tree/dirmeta objects
- Add index size to superindex, pack size to index
- So pull can calculate how much we need to download
- Split pack files into metadata/data
- pull: Extract all we can from each packfile one at a time, then delete it
- Restructure repository so that links can be generated as a cache; i.e. objects/raw, pack files are now the canonical
- For files, checksum combination of metadata variant + raw data
- i.e. there is only OSTREE_OBJECT_TYPE_FILE (again)
MILESTONE 3
- Drop archive/raw distinction - archive repositories always generate packfiles per commit
- Include git packv4 ideas:
- metadata packfiles have string dictionary (tree filenames and checksums)
- data packfiles match up similar objects
- Rolling checksums for partitioning large files? Kernel debuginfo
- Improved pack clustering
- file fingerprinting?
- ELF-x86 aware deltas
Related work in storage
git: http://git-scm.com/ Venti: http://plan9.bell-labs.com/magic/man2html/6/venti Elephant FS: http://www.hpl.hp.com/personal/Alistair_Veitch/papers/elephant-hotos/index.html
Compression
xdelta: http://xdelta.org/ Bsdiff: http://www.daemonology.net/bsdiff/ xz: http://tukaani.org/xz/