WO2024148865A1 - Secure storage method, apparatus and device, and non-volatile readable storage medium - Google Patents

Abstract

The present application relates to the technical field of storage, and discloses a secure storage method, apparatus and device, and a non-volatile readable storage medium, which are applicable to a disk array card. The method comprises: acquiring an input/output write request sent by the host side; controlling an array controller to, according to the input/output request, read a first address parameter in a target log, and acquiring old target data and old verification data from a disk array card according to the first address parameter, the target log being used for recording the situation in which the array controller performs verification updating; performing XOR operation on the old target data and the old verification data, obtaining a first XOR result, and storing the first XOR result in a corresponding hard disk of the disk array card, so that complete old target data and old verification data may be recovered according to the first XOR result in case of storage abnormality. According to the present application, the "write hole" problem may be solved while maintaining high system IO performance, and data security and user experience of the disk array card may be improved without increasing hardware costs.

Description

A secure storage method, device, equipment and non-volatile readable storage medium

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims priority to a Chinese patent application filed with the China Patent Office on January 9, 2023, with application number 202310025601.7 and application name “A secure storage method, device, equipment and storage medium”, all contents of which are incorporated by reference in this application.

Technical Field

The present application relates to the field of storage technology, and in particular to a secure storage method, device, equipment and non-volatile readable storage medium.

Background technique

The "write hole" problem is a difficult problem of RAID (Redundant Array of Independent Disks), especially for soft RAID solutions. If you want to pursue the ultimate data security, then the IO (Input/Output) performance will be greatly reduced, for example, the PPL (Partial Parity LockLog) method of Linux's MDRAID. Generally speaking, only the hard RAID solution can solve the "write hole" problem while maintaining high system IO performance. Generally speaking, when a storage anomaly occurs while writing to a storage device managed by RAID (RAID1/5/6), there is a certain probability that the "write hole" problem will occur. According to the time when the storage device fails, the "write hole" problem scenario can be divided into: hard disk failure occurs after the anomaly, hard disk failure occurs during the anomaly and recovery process, and hard disk failure occurs before the anomaly. Before, during, or after the anomaly, if the "write hole" cannot be properly handled, it will cause permanent data loss.

In view of the above three "write hole" problem scenarios, two strategies are adopted in the existing technology. One is to use non-volatile memory NVRAM (Non-Volatile Random Access Memory) as a write cache to achieve the purpose of atomic write operation, and the other is to use the design concept of the file system's Journal to realize the atomic processing of write requests. The first method requires increasing the hardware resources of NVRAM, and the storage resources of NVRAM are limited. The second log method seems perfect, but multiple reading and writing of the underlying file system will seriously affect performance.

Therefore, the above technical problems need to be solved by those skilled in the art urgently.

Summary of the invention

In view of this, the purpose of this application is to provide a secure storage method, device, equipment and non-volatile readable storage medium, which can solve the "write hole" problem while maintaining high system IO performance, and improve the data security and user experience of the disk array card without increasing hardware costs. The optional solutions are as follows:

A first aspect of the present application provides a secure storage method, which is applied to a disk array card, comprising:

Get the input and output write request sent by the host side;

The array controller is controlled to read the first address parameter in the target log according to the input/output request, and obtain the old target data and the old verification data from the disk array card according to the first address parameter; wherein, The target log is used to record the verification and update status of the array controller;

An XOR operation is performed on the old target data and the old verification data to obtain a first XOR result and the first XOR result is stored in a corresponding hard disk of the disk array card, so that the complete old target data and the old verification data can be restored according to the first XOR result when a storage abnormality occurs.

Optionally, after storing the first XOR result in a corresponding hard disk of the disk array card, the method further includes:

Acquire new target data corresponding to the old target data from the host side according to the input/output write request, and obtain new verification data according to the new target data, the old target data and the old verification data;

The new target data and the new verification data are stored in the corresponding hard disk of the disk array card to ensure the consistency of data and verification when the storage is normal.

Optionally, after storing the new target data and the new verification data in the corresponding hard disk of the disk array card, the method further includes:

Get new parameter values and use the new parameter values to overwrite the parameters in the target log.

Optionally, obtaining new target data corresponding to old target data from the host side according to the input/output write request includes:

The array controller is controlled to read the second address parameter in the target log according to the input/output request, and obtain new target data from the memory on the host side according to the second address parameter.

Optionally, after acquiring new target data from the memory on the host side according to the second address parameter, the method further includes:

Move the new target data to the memory of the disk array card;

Accordingly, new verification data is obtained according to the new target data, the old target data and the old verification data, including:

In the memory of the disk array card, an XOR operation is performed on the old target data and the new target data to obtain a second XOR result, and an XOR operation is performed on the second XOR result and the old verification data to obtain a third XOR result;

The third XOR result is used as new verification data.

Optionally, obtaining old target data and old verification data from a disk array card according to the first address parameter includes:

Move old target data and old verification data to the memory of the disk array card;

Accordingly, performing an XOR operation on the old target data and the old verification data to obtain a first XOR result includes:

An XOR operation is performed on the old target data and the old verification data in the memory of the disk array card to obtain a first XOR result.

Optionally, storing the first XOR result to a corresponding hard disk of the disk array card includes:

The first XOR result is stored in the atomic parity update area of the check disk of the disk array card storing the old check data, so that when a storage abnormality occurs, the first XOR result is read from the atomic parity update area and the complete old target data and old check data are restored according to the first XOR result.

Optionally, obtaining old target data and old verification data from a disk array card according to the first address parameter includes:

If the disk array card includes multiple check disks, old target data and multiple old check data are obtained from the disk array card according to the first address parameter; wherein one check disk stores one check data;

Accordingly, performing an XOR operation on the old target data and the old verification data to obtain a first XOR result and storing the first XOR result in a corresponding hard disk of the disk array card includes:

XOR operations are performed on the old target data and each old verification data to obtain multiple first XOR results, and each first XOR result is stored in the atomic parity update area of the corresponding verification disk, so that when a storage abnormality occurs, each first XOR result is read from each atomic parity update area and the corresponding old target data and old verification data are restored according to each first XOR result.

Optionally, restoring the complete old target data and old verification data according to the first XOR result includes:

Read the state parameters in the target log; wherein the state parameters are the state definitions for verification updates;

A target recovery algorithm is determined according to the state parameters, so as to execute the recovery process using the target recovery algorithm.

Optionally, there is a corresponding relationship between the state parameter and the recovery algorithm;

Accordingly, a target recovery algorithm is determined according to the state parameters, including:

The target recovery algorithm is determined according to the corresponding relationship between the state parameters and the recovery algorithm.

Optionally, the recovery algorithm includes a block segmentation recovery algorithm and a Galois field algorithm.

Optionally, a target recovery algorithm is used to perform the recovery process, including:

The slot parameters and control block parameters in the target log are read; the slot parameters represent the location of the atomic parity update area of the check disk, and the control block parameters determine the current data page chain where the data block is located and locate the data cache area of the current data page chain.

The target recovery algorithm is used to read the first XOR result from the atomic parity update area according to the slot parameter, and the recovery process is executed through the control block parameter function pointer.

Optionally, before obtaining the input/output write request sent by the host side, the following steps are further included:

Get the array creation command sent by the host side;

The array controller is controlled to initialize and assign values to the parameters in the target log according to the array creation instruction.

Optionally, the array creation instruction is a command line parameter for creating an array sent by a user through a host side.

Optionally, after obtaining the array creation instruction sent by the host side, the following steps are further included:

The driver that controls the disk array card firmware layer parses the command line parameters and transparently transmits the parsed parameters to the array controller, so that the array controller initializes and assigns values to the parameters in the target log according to the parsed parameters.

Optionally, before restoring the complete old target data and the old verification data according to the first XOR result, the method further includes:

Whether the disk array card has abnormal power failure is detected by timer polling. If abnormal power failure is detected, the storage is determined to be abnormal.

Optionally, the target log is stored in a non-volatile random access memory or a memory protected from power failure.

A second aspect of the present application provides a secure storage device, applied to a disk array card, comprising:

A request acquisition module is configured to acquire an input/output write request sent by a host side;

The first reading module is configured to control the array controller to read the target log according to the input and output request. The target log is used to read the first address parameter of the array controller, and obtain the old target data and the old verification data from the disk array card according to the first address parameter; wherein the target log is used to record the verification update of the array controller;

The first operation and recovery module is configured to perform an XOR operation on the old target data and the old verification data to obtain a first XOR result and store the first XOR result in a corresponding hard disk of the disk array card, so as to restore the complete old target data and the old verification data according to the first XOR result when a storage abnormality occurs.

A third aspect of the present application provides an electronic device, comprising a processor and a memory; wherein the memory is configured to store a computer program, and the computer program is loaded and executed by the processor to implement the aforementioned secure storage method.

The fourth aspect of the present application provides a computer non-volatile readable storage medium, in which computer executable instructions are stored. When the computer executable instructions are loaded and executed by a processor, the aforementioned secure storage method is implemented.

In the present application, the input/output write request sent by the host side is first obtained; then the array controller is controlled to read the first address parameter in the target log according to the input/output request, and the old target data and the old verification data are obtained from the disk array card according to the first address parameter; wherein the target log is used to record the verification and update of the array controller; finally, the old target data and the old verification data are XORed to obtain the first XOR result and the first XOR result is stored in the corresponding hard disk of the disk array card, so that the complete old target data and the old verification data can be restored according to the first XOR result when the storage is abnormal. It can be seen that the present application introduces the concept of the target log, which is used to record the verification and update of the array controller. When performing storage update, the old target data and the old verification data are obtained according to the parameters in the target log, so as to generate an XOR result, which is used to restore the data when the storage is abnormal, thereby solving the "write hole" problem while continuing to maintain a high system IO performance, and improving the data security and user experience of the disk array card without increasing the hardware cost.

BRIEF DESCRIPTION OF THE DRAWINGS

In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings required for use in the embodiments or the description of the prior art will be briefly introduced below. Obviously, the drawings described below are merely embodiments of the present application. For ordinary technicians in this field, other drawings can be obtained based on the provided drawings without paying any creative work.

FIG1 is a flow chart of a secure storage method provided by the present application;

FIG2 is an example diagram of an optional PUFP format definition provided by the present application;

FIG3 is a schematic diagram of an optional secure storage method provided by the present application;

FIG4 is a flow chart of an optional secure storage method provided by the present application;

FIG5 is a scenario analysis diagram of a write process "write hole" problem in RAID5 provided by the present application;

FIG6 is a detailed example diagram of a RAID5 write hole protection provided by the present application;

FIG. 7 is an example diagram of the “inlineXoR” operation in FIG. 6 provided by the present application;

FIG8 is a detailed example diagram of write hole protection of RAID6 provided by the present application;

FIG9 is a schematic diagram of the structure of a secure storage device provided by the present application;

FIG10 is a structural diagram of a secure storage electronic device provided in the present application.

Detailed ways

The following will be combined with the drawings in the embodiments of the present application to clearly and completely describe the technical solutions in the embodiments of the present application. Obviously, the described embodiments are only part of the embodiments of the present application, not all of the embodiments. Based on the embodiments in the present application, all other embodiments obtained by ordinary technicians in this field without creative work are within the scope of protection of this application.

There are generally two strategies for solving the "write hole" problem. One is to use non-volatile memory NVRAM as a write cache to achieve the purpose of atomic write operations, and the other is to use the design concept of the file system's Journal (log) to achieve atomic processing of write requests. The first method requires increasing the hardware resources of NVRAM, and the storage resources of NVRAM are limited. While the second log method seems perfect, multiple reads and writes to the underlying file system will seriously affect performance. In response to the above technical defects, the present application provides a secure storage solution, introducing the concept of a target log, which is used to record the verification and update of the array controller. When performing storage updates, the old target data and the old verification data are obtained according to the parameters in the target log, so as to generate an XOR result, which is used to restore data when storage is abnormal, thereby solving the "write hole" problem while continuing to maintain a high system IO performance, and improving the data security and user experience of the disk array card without increasing hardware costs.

FIG1 is a flow chart of a secure storage method provided in an embodiment of the present application. Referring to FIG1 , the secure storage method is applied to a disk array card, and includes:

S11: Obtain the input/output write request sent by the host side.

In this embodiment, the disk array card first obtains the input and output write request sent by the host side. The disk array card is a RAID card, which is composed of multiple storage arrays (RAID arrays), array controllers (RAID card controllers), CPUs, memory and other components. The storage array is composed of multiple SSD disks. The RAID card composed of SSD disks has the advantage of faster read and write performance than the RAID card composed of HDD disks.

The most basic requirement for write hole protection is that "data covered by the RAID protection capability will never be lost". Specifically, in a stripe affected by a "write hole", the data can be simply divided into two categories. One category is the data units that are directly overwritten by this IO, while other data units are not directly overwritten, but during the update process of other data and check data in the same stripe, the stripe potentially loses the protection of these data. Based on this, this embodiment defines two write hole protection levels, namely DPC and WRA. Among them, data parity consistency DPC (Data-Parity Consistency) ensures the consistency of data and checksum, which is the bottom line and fundamentally guarantees the protection of the second type of data mentioned above; WRA (Write Atomic), based on DPC, can further ensure the atomicity of data operations for the first type of data mentioned above, that is, the storage unit contains either complete old data before writing or complete new data, and there is no intermediate uncertain state.

S12: Control the array controller to read the first address parameter in the target log according to the input/output request, and obtain old target data and old verification data from the disk array card according to the first address parameter; wherein the target log is used to record verification and update status of the array controller.

In this embodiment, the array controller is controlled to read the first address parameter in the target log according to the input and output request, and obtain the old target data and the old verification data from the disk array card according to the first address parameter; wherein the target log is used to record the verification update of the array controller. The setting of the target log here is a hardware-based write hole protection method proposed in this embodiment, also known as PUFP (Parity The PUFP mechanism is a write-hole protection mechanism. As the name implies, the content of the target log PUFP is a log that records the verification (stripe) updates performed by the RAID card controller chip. There is a one-to-one correspondence between PUFP and the "Exclusive Lock" activated in the PSL engine. Whenever a write update of a stripe is successfully locked, a PUFP unit is allocated at the same time to track and record the update of the verification. The initialization is performed by the RAID card engine at the beginning of the allocation (16B write). The size of a PUFP is 16 bytes or 32 bytes (PUFP+), and the format content is shown in Figure 2. PUFP is generally stored in non-volatile random access memory (non-volatile NVRAM) or in memory protected by storage anomalies. During normal operation, only overwrite write operations will be performed on PUFP.

Optionally, the old target data and old verification data are moved to the memory of the disk array card. The first address parameter is the startLBA parameter, which indicates the starting LBA (38 bits, covering 1PB data storage space) in the current namespace and is written once when the RAID card is initialized. The physical address of the corresponding hard disk in the RAID card is located by the startLBA parameter. After the location is completed, the old target data D is read to the local DDR of the RAID card. Similarly, the old verification data P is read from the corresponding hard disk to the local DDR of the RAID card.

S13: performing an XOR operation on the old target data and the old verification data to obtain a first XOR result and storing the first XOR result in a corresponding hard disk of the disk array card, so as to restore the complete old target data and the old verification data according to the first XOR result when a storage abnormality occurs.

In this embodiment, an XOR operation is performed on the old target data and the old verification data to obtain a first XOR result and the first XOR result is stored in the corresponding hard disk of the disk array card, so that the complete old target data and the old verification data can be restored according to the first XOR result when a storage abnormality occurs. Optionally, an XOR operation is performed on the old target data and the old verification data in the memory of the disk array card to obtain the first XOR result. That is, pplP is obtained by XORing the old verification data P and the old target data D, and pplP is the basis for data recovery.

It should be noted that at this time, the new data needs to be written to the disk. When no storage anomalies occur, the data can be written to the disk normally. That is, it is also necessary to obtain new target data corresponding to the old target data from the host side according to the input and output write request, and obtain new verification data according to the new target data, the old target data and the old verification data. Optionally, the control array controller reads the second address parameter in the target log according to the input and output request, and obtains the new target data from the memory on the host side according to the second address parameter. The second address parameters here are the two parameters logicDeviceID and nsID, where the logicDeviceID parameter represents the logical disk location ID within the RAID group, which is used to identify the hard disk processed by the current write operation, and the nsID parameter is the Namespace ID, which is written once when the RAID card is initialized.

Then, the new target data is moved to the memory of the disk array card, and the old target data and the new target data are XORed in the memory of the disk array card to obtain the second XOR result, and the second XOR result and the old verification data are XORed to obtain the third XOR result, and finally the third XOR result is used as the new verification data. That is, the new target data D' and the old target data D are XORed to obtain ΔD, and then the new verification data P' is XORed by ΔD and P. The new target data and the new verification data are stored in the corresponding hard disk of the disk array card to ensure data and verification consistency when the storage is normal. D', P', and pplP are all written to the corresponding hard disk. After that, the new parameter value is obtained and the new parameter value is used to overwrite the parameter in the target log.

It can be seen that the embodiment of the present application first obtains the input/output write request sent by the host side; then controls the array controller to read the first address parameter in the target log according to the input/output request, and The address parameters are used to obtain the old target data and the old verification data from the disk array card; wherein the target log is used to record the verification update of the array controller; finally, the old target data and the old verification data are XORed to obtain the first XOR result and the first XOR result is stored in the corresponding hard disk of the disk array card, so that the complete old target data and the old verification data can be restored according to the first XOR result when the storage is abnormal. The embodiment of the present application introduces the concept of a target log, which is used to record the verification update of the array controller. When performing storage updates, the old target data and the old verification data are obtained according to the parameters in the target log, so as to generate an XOR result. This XOR result is used to restore data when the storage is abnormal, thereby solving the "write hole" problem while continuing to maintain a high system IO performance, and improving the data security and user experience of the disk array card without increasing the hardware cost.

FIG3 is a flow chart of an optional secure storage method provided in an embodiment of the present application. Referring to FIG3 , the secure storage method is applied to a disk array card, including:

S21: Obtain the input/output write request sent by the host side.

In this embodiment, regarding the specific process of the above step S21, reference may be made to the corresponding content disclosed in the above embodiments, and no further details will be given here.

S22: Control the array controller to read the first address parameter in the target log according to the input/output request.

S23: If the disk array card includes multiple check disks, obtain old target data and multiple old check data from the disk array card according to the first address parameter; wherein one check disk stores one check data.

S24: Perform XOR operations on the old target data and each old verification data to obtain multiple first XOR results, and store each first XOR result in the atomic parity update area of the corresponding verification disk, so that when a storage abnormality occurs, each first XOR result is read from each atomic parity update area and the corresponding old target data and old verification data are restored according to each first XOR result.

In this embodiment, if the disk array card includes multiple check disks, old target data and multiple old check data are obtained from the disk array card according to the first address parameter; wherein one check disk stores one check data. This situation is mainly for disk arrays such as RAID6 and the like that have multiple check disks, and RAID6 includes a P check disk and a Q check disk.

At this time, the old target data and each old check data are XORed to obtain multiple first XOR results and each first XOR result is stored in the atomic parity update area of the corresponding check disk, so that when a storage abnormality occurs, each first XOR result is read from each atomic parity update area and the corresponding old target data and old check data are restored according to each first XOR result. For RAID6, two first XOR results, pplP and pplQ, will be obtained. pplP and pplQ need to be written to the P check disk and Q check disk respectively. When the data is restored, pplP and pplQ are read from the P check disk and Q check disk.

It should be noted here that the first XOR result is mainly stored in the atomic parity update area of the check disk, also known as the APU (atomic parity update) area, which is a protection measure taken by the RAID array for the check data generated by the write request. The purpose is to ensure that the consistency of the stripe is restored after a storage system abnormality occurs. Its content includes the RAID stripe address, data, and check. It can be seen that this embodiment proposes to use the PUFP mechanism and integrate the APU mechanism into the PUFP mechanism.

In this embodiment, when performing data recovery, the data recovery process is mainly started based on the pplP data. Optionally, the state parameters in the target log are read first; wherein the state parameters are the state definition of the check update. Then the target recovery algorithm is determined based on the state parameters to execute the recovery process using the target recovery algorithm. The state parameter here is the pufpState parameter, which is mainly the state definition of PUFP and is the main basis for selecting the recovery algorithm during abnormal recovery. There is a corresponding relationship between the state parameter and the recovery algorithm, and the target recovery algorithm is mainly determined based on the corresponding relationship between the state parameter and the recovery algorithm. The recovery algorithms here include block segmentation recovery algorithm and Galois field algorithm. Then the slot parameters and control block parameters in the target log are read; wherein the slot parameter is the apuCode parameter, which characterizes the position of the atomic parity update area of the check disk, and the control block parameter is the pslCbHandle parameter, which is used to determine the current data page chain where the data block is located and locate the data cache area of the current data page chain. It can be understood that to use the APU area for write hole protection, it is necessary to specify an APU slot and record it in the apuCode parameter, which is written once when the RAID card is initialized. The CB handle of the CB corresponding to the PUFP is recorded in the pslCbHandle parameter, and through this CB handle, the CP chain to which it belongs can be found, the data cache area of the current CP chain can be located, and it can be used for write hole protection recovery and problem tracking and debugging after power failure. Among them, CP (control page) controls a complete IO, CB (control block) performs IO or background tasks in stripes, and CB is the data structure that controls the IO or background task. On this basis, the target recovery algorithm is used to read the first XOR result from the atomic parity update area according to the slot parameters, and the recovery process is executed through the control block parameter function pointer.

FIG4 is a flow chart of an optional secure storage method provided in an embodiment of the present application. Referring to FIG4 , the secure storage method is applied to a disk array card, including:

S31: Obtaining an array creation instruction sent by the host side; wherein the array creation instruction is a command line parameter for creating an array sent by the user through the host side.

S32: The driver program of the firmware layer of the disk array card is controlled to parse the command line parameters, and transparently transmit the parsed parameters to the array controller, so that the array controller initializes and assigns values to the parameters in the target log according to the parsed parameters.

In this embodiment, the array creation instruction sent by the host side is obtained; wherein the array creation instruction is the command line parameters for creating the array sent by the user through the host side. Then, the array controller is controlled to initialize and assign values to the parameters in the target log according to the array creation instruction. That is, the pufpState, logicDeviceID, nsID, apuCode, dataLength, startLBA, pslCbHandle, dataStructureEntry and other parameters defined in Figure 2 are initialized and assigned values. Optionally, the driver of the firmware layer of the control disk array card parses the command line parameters and transmits the parsed parameters to the array controller so that the array controller initializes and assigns values to the parameters in the target log according to the parsed parameters.

S33: Obtain the input/output write request sent by the host side.

S34: Control the array controller to read the first address parameter in the target log according to the input/output request, and obtain old target data and old verification data from the disk array card according to the first address parameter; wherein the target log is used to record verification and update status of the array controller.

S35: Perform an XOR operation on the old target data and the old verification data to obtain a first XOR result and convert the result into the second XOR result. The XOR result is stored in the corresponding hard disk of the disk array card.

In this embodiment, for the specific process of the above steps S33 to S35, reference may be made to the corresponding contents disclosed in the above embodiments, which will not be repeated here.

S36: Detecting whether the disk array card has abnormal power failure by means of timer rotation training. If it is detected that the disk array card has abnormal power failure, it is determined that the storage is abnormal.

S37: When a storage exception occurs, the complete old target data and the old verification data are restored according to the first XOR result.

In this embodiment, the disk array card is tested for abnormal power failure by means of timer rotation. If abnormal power failure is detected, the storage is determined to be abnormal. At this time, the complete old target data and old verification data are restored according to the first XOR result. That is, the storage abnormality is power failure, and the "write hole" at this time can be defined as: abnormal shutdown (accidental power failure) + unfinished write operation + storage device failure.

Taking the write process in RAID5 in Figure 5 as an example, the "write hole" problem scenarios are divided into the following three types: (1) The hard disk failure occurs after the power is off. At this time, the system is in the "write-through" WT mode (for write IO events, when the write IO data is written to the storage medium of the RAID card, it responds to the HOST). The host sends a 4KB write IO to disk 1. Then, according to the RAID5 "RMW" process, when the system executes step 3 "putting new D1 data on disk" or step 5 "putting new verification data P on disk", if an unexpected power outage occurs, since it cannot be determined whether the write operation is completed, the data and verification on the stripe will not be consistent. If the system cannot identify/record the stripes affected by the "accidental power outage" and process them, it will lose the ability to protect the data in the stripe. If an unexpected disk drop occurs later , the wrong data will be recovered, but the original data will be permanently lost; (2) The hard disk failure occurs during the power failure and recovery process. At this time, the system is in the "write-through" WT mode. The host sends a 4KB write IO to disk 1. Then, according to the RAID5 "RMW" process, when the system executes step 3 "putting new D1 data on disk" or step 5 "putting new verification data P on disk", if an unexpected power failure occurs and before all affected stripes are resynchronized after power is turned on again, if data disk 2 is damaged, the data on disk 2 on the stripe cannot be recovered and is permanently lost; (3) The hard disk failure occurs before the power failure. At this time, the system is in the "write-through" WT mode, and disk 2 is already in a failed state. The entire RAID group is in an "exposed" state. At this time, the background task may be reconstructing disk 2. At this time, the host sends a 4KB write IO to disk 1. If an unexpected power failure occurs at any time between the time when the system starts executing step 3 "writing the new D1 data to disk" and completing step 5 "writing the new verification data P to disk", the data on disk 2 in the stripe cannot be recovered and is permanently lost.

This embodiment introduces the "write hole" protection process in detail for RAID5 and RAID6 respectively.

Figure 6 shows a detailed example diagram of RAID5 write hole protection, and Figure 7 shows the corresponding "inlineXoR" operation example diagram in Figure 6. Step 1: The RAID card receives the task of creating a RAID5 array issued by the user through the host; Step 2: The driver of the RAID card firmware layer parses the command parameters for creating a RAID5 array issued by the user, and passes the parameters to the RAID card controller; Step 3: The RAID card controller initializes and assigns the pufpState (PUFP status), logicDeviceID, nsID, apuCode, dataLength, startLBA, and pslCbHandle mentioned above according to the parsed command line parameters and dataStructureEntry and other parameters; Step 4: After the RAID card receives the IO write request sent by the host, the RAID card controller retrieves the specific address data of the DDR in the host according to the logicDeviceID and nsID parameters, and moves the retrieved host DDR data D' to the local DDR of the RAID card, where the amount of data moved is determined by dataLength; Step 5: Use the startLBA parameter to locate the physical address of the corresponding hard disk in the RAID card. After the location is completed, read the old data D to the local DDR of the RAID card. Similarly, read the old verification data P from the corresponding hard disk to the local DDR of the RAID card; Step 6: XOR the old verification data P and the old data D to obtain pplP, and According to the XOR operation of D' and the old data D, ΔD is obtained, and then the new verification data P' is obtained by the XOR operation of ΔD and P; Step 7: The new data D' is written to the corresponding hard disk, the new verification data P' is written to the corresponding hard disk, and the pplP is written to the APU area of the P disk in the RAID5 array; Step 8: During the process of writing to the disk in the seventh step, the timer is regularly rotated to check whether there is an unexpected power outage. If there is no unexpected power outage, the resources are released after all the data in the seventh step are written to the disk; if there is an unexpected power outage, the ninth step is executed; Step 9: If an unexpected power outage occurs, the data recovery process is started according to the pplP data, and the recovery algorithm is selected according to the pufpState parameter, including the block segmentation element recovery algorithm and the Galois field algorithm. Since the recovery algorithm does not belong to the content of this application, it will not be described here. After selecting the recovery algorithm, read the partial checksum of the old data backup in the APU area (i.e., pplP) according to the apuCode parameter, and then start the recovery process through the pslCbHandle function pointer. Step 10: After data recovery is complete, release resources and end the process.

FIG8 shows a detailed example diagram of write hole protection for RAID6. Step 1: The RAID card receives the task of creating a RAID6 array issued by the user through the host; Step 2: The driver of the RAID card firmware layer parses the command parameters for creating a RAID6 array issued by the user, and transmits the parameters to the RAID card controller; Step 3: The RAID card controller initializes and assigns the pufpState (PUFP status), logicDeviceID, nsID, apuCode, dataLength, startLBA, pslCbHandle, and dataStructureEntry parameters mentioned above according to the parsed command line parameters; Step 4: After the RAID card receives the IO write request sent by the host, the RAID card controller retrieves the specific address data of the DDR in the host according to the logicDeviceID and nsID parameters, and moves the retrieved host DDR data D' to the local DDR of the RAID card, where the amount of data moved is determined by the dataLength; Step 5: The physical address of the corresponding hard disk in the RAID card is located by the startLBA parameter. After the location is completed, the old data D is read to the local DDR of the RAID card. Similarly, the old verification data P is read from the corresponding hard disk to RA The local DDR of the ID card reads the old verification data Q from the corresponding hard disk to the local DDR of the RAID card; the sixth step: the old verification data P and the old data D are XORed to obtain pplP, the old verification data Q and the old data D are XORed to obtain pplQ, the data D' and the old data D are XORed to obtain ΔD, and then the new verification data P' is XORed by ΔD and P, and then the new verification data Q' is XORed by ΔD and Q; the seventh step: the new data D' is written to the corresponding hard disk, the new verification data P' is written to the corresponding hard disk, and the pplP is written to the APU area of the P disk in the RAID6 array. Write pplQ to the APU area of the Q disk in the RAID6 array; Step 8: During the process of writing to disk in step 7, the timer will periodically check whether there is an unexpected power outage. If there is no unexpected power outage, the resources will be released after all the data in step 7 is written to disk; if there is an unexpected power outage, execute step 9; Step 9: In the event of an unexpected power outage, start the data recovery process based on the pplP and pplQ data, and select the recovery algorithm based on the pufpState parameter. Specifically, there are block segmentation element recovery algorithm and Galois field algorithm, etc. Since the recovery algorithm does not belong to the content of this application, it will not be described here. Choose a good recovery algorithm Then, according to the apuCode parameter, read the partial checksum of the old data backed up in the APU area (ie, pplP and pplQ data), and then start the recovery process through the pslCbHandle function pointer; Step 10: After the data recovery is completed, release the resources and end the process.

As shown in FIG. 9 , the embodiment of the present application further discloses a secure storage device, which is applied to a disk array card and includes:

The request acquisition module 11 is configured to acquire the input/output write request sent by the host side;

The first reading module 12 is configured to control the array controller to read the first address parameter in the target log according to the input and output request, and obtain the old target data and the old verification data from the disk array card according to the first address parameter; wherein the target log is used to record the verification update situation of the array controller;

The first operation and recovery module 13 is configured to perform an XOR operation on the old target data and the old verification data to obtain a first XOR result and store the first XOR result in a corresponding hard disk of the disk array card, so as to recover the complete old target data and the old verification data according to the first XOR result when a storage abnormality occurs.

It can be seen that the embodiment of the present application first obtains the input and output write request sent by the host side; then controls the array controller to read the first address parameter in the target log according to the input and output request, and obtains the old target data and the old verification data from the disk array card according to the first address parameter; wherein the target log is used to record the verification and update of the array controller; finally, the old target data and the old verification data are XORed to obtain the first XOR result and the first XOR result is stored in the corresponding hard disk of the disk array card, so that the complete old target data and the old verification data can be restored according to the first XOR result when the storage is abnormal. The embodiment of the present application introduces the concept of a target log, which is used to record the verification and update of the array controller. When performing storage updates, the old target data and the old verification data are obtained according to the parameters in the target log, so as to generate an XOR result, which is used to restore data when the storage is abnormal, thereby solving the "write hole" problem while continuing to maintain a high system IO performance, and improving the data security and user experience of the disk array card without increasing the hardware cost.

In some optional embodiments, the secure storage device further includes:

A second reading module is configured to obtain new target data corresponding to the old target data from the host side according to the input and output write request, and obtain new verification data according to the new target data, the old target data and the old verification data;

The disk placement module is configured to store the new target data and the new verification data in the corresponding hard disk of the disk array card, so as to ensure the consistency of data and verification when the storage is normal;

An overwrite module is configured to obtain a new parameter value and overwrite the parameter in the target log with the new parameter value;

A moving module is configured to move new target data to the memory of the disk array card;

An instruction acquisition module is configured to acquire an array creation instruction issued by a host side;

The initialization and assignment module is configured to control the array controller to perform initialization and assignment operations on the parameters in the target log according to the array creation instruction;

The polling module is configured to detect whether an abnormal power failure occurs to the disk array card by means of a timer polling method. If an abnormal power failure occurs to the disk array card, it is determined that the storage is abnormal.

In some optional embodiments, the second reading module includes:

a reading unit configured to control the array controller to read the second address parameter in the target log according to the input/output request, and to obtain new target data from the memory on the host side according to the second address parameter;

The XOR unit is configured to perform an XOR operation on the old target data and the new target data in the memory of the disk array card to obtain a second XOR result, and perform an XOR operation on the second XOR result and the old verification data to obtain a third XOR result; and use the third XOR result as the new verification data.

In some optional embodiments, the first reading module 12 is configured to move the old target data and the old verification data to the memory of the disk array card.

In some optional embodiments, the first operation and recovery module 13 is configured to perform an XOR operation on the old target data and the old verification data in the memory of the disk array card to obtain a first XOR result.

In some optional embodiments, the first operation and recovery module 13 is further configured to store the first XOR result in the atomic parity update area of the check disk of the disk array card storing the old check data, so that when a storage abnormality occurs, the first XOR result is read from the atomic parity update area and the complete old target data and old check data are recovered according to the first XOR result.

In some optional embodiments, the first reading module 12 is further configured to obtain old target data and multiple old verification data from the disk array card according to the first address parameter if the disk array card includes multiple verification disks; wherein one verification data is stored on one verification disk.

In some optional embodiments, the first operation and recovery module 13 is further configured to perform XOR operations on the old target data and each old verification data to obtain multiple first XOR results and store each first XOR result in the atomic parity update area of the corresponding verification disk, so that when a storage abnormality occurs, each first XOR result is read from each atomic parity update area and the corresponding old target data and old verification data are recovered according to each first XOR result.

Optionally, an embodiment of the present application further provides an electronic device. Fig. 10 is a structural diagram of an electronic device 20 according to an exemplary embodiment, and the content in the diagram cannot be regarded as any limitation on the scope of use of the present application.

FIG10 is a schematic diagram of the structure of an electronic device 20 provided in an embodiment of the present application. The electronic device 20 may include: at least one processor 21, at least one memory 22, a power supply 23, a communication interface 24, an input/output interface 25, and a communication bus 26. The memory 22 is configured to store a computer program, which is loaded and executed by the processor 21 to implement the relevant steps in the secure storage method disclosed in any of the aforementioned embodiments.

In this embodiment, the power supply 23 is configured to provide working voltage for each hardware device on the electronic device 20; the communication interface 24 can create a data transmission channel between the electronic device 20 and the external device, and the communication protocol it follows is any communication protocol that can be applied to the technical solution of the present application, and is not specifically limited here; the input and output interface 25 is configured to obtain external input data or output data to the outside world, and its specific interface type can be selected according to specific application needs, and is not specifically limited here.

In addition, the memory 22 as a carrier for storing resources may be a read-only memory, a random access memory, a disk or an optical disk, etc. The resources stored thereon may include an operating system 221, a computer program 222 and Data 223, etc., can be stored in a temporary or permanent manner.

The operating system 221 is configured to manage and control the hardware devices and computer programs 222 on the electronic device 20 to realize the operation and processing of the massive data 223 in the memory 22 by the processor 21, which can be Windows Server, Netware, Unix, Linux, etc. In addition to including a computer program that can be used to complete the secure storage method performed by the electronic device 20 disclosed in any of the aforementioned embodiments, the computer program 222 can further include a computer program that can be used to complete other specific tasks. The data 223 can include the request data collected by the electronic device 20.

Optionally, an embodiment of the present application further discloses a non-volatile readable storage medium, in which a computer program is stored. When the computer program is loaded and executed by a processor, the steps of the secure storage method disclosed in any of the aforementioned embodiments are implemented.

In this specification, each embodiment is described in a progressive manner, and each embodiment focuses on the differences from other embodiments. The same or similar parts between the embodiments can be referred to each other. For the device disclosed in the embodiment, since it corresponds to the method disclosed in the embodiment, the description is relatively simple, and the relevant parts can be referred to the method part.

Finally, it should be noted that, in this article, relational terms such as first and second, etc. are only used to distinguish one entity or operation from another entity or operation, and do not necessarily require or imply any such actual relationship or order between these entities or operations. Moreover, the terms "include", "comprise" or any other variants thereof are intended to cover non-exclusive inclusion, so that a process, method, article or device including a series of elements includes not only those elements, but also other elements not explicitly listed, or also includes elements inherent to such process, method, article or device. In the absence of further restrictions, the elements defined by the statement "comprise a ..." do not exclude the presence of other identical elements in the process, method, article or device including the elements.

The above is a detailed introduction to the secure storage method, device, equipment and non-volatile readable storage medium provided by the present application. Specific examples are used in this article to illustrate the principles and implementation methods of the present application. The description of the above embodiments is only used to help understand the method of the present application and its core idea; at the same time, for general technical personnel in this field, according to the idea of the present application, there will be changes in the specific implementation method and application scope. In summary, the content of this specification should not be understood as a limitation on the present application.

Claims (20)

A secure storage method, characterized in that it is applied to a disk array card, comprising: Get the input and output write request sent by the host side; Controlling the array controller to read the first address parameter in the target log according to the input/output request, and obtaining old target data and old verification data from the disk array card according to the first address parameter; wherein the target log is used to record the verification and update status of the array controller; An XOR operation is performed on the old target data and the old verification data to obtain a first XOR result, and the first XOR result is stored in a corresponding hard disk of the disk array card, so that the complete old target data and the old verification data can be restored according to the first XOR result when a storage abnormality occurs. The secure storage method according to claim 1, characterized in that after storing the first XOR result in the corresponding hard disk of the disk array card, it also includes: Acquire new target data corresponding to the old target data from the host side according to the input/output write request, and obtain new verification data according to the new target data, the old target data and the old verification data; The new target data and the new verification data are stored in the corresponding hard disk of the disk array card, so as to ensure the consistency of data and verification when the storage is normal. The secure storage method according to claim 2, characterized in that after storing the new target data and the new verification data in the corresponding hard disk of the disk array card, it also includes: A new parameter value is obtained and the parameter in the target log is overwritten with the new parameter value. The secure storage method according to claim 2, wherein the step of obtaining new target data corresponding to the old target data from the host side according to the input/output write request comprises: The array controller is controlled to read the second address parameter in the target log according to the input/output request, and obtain the new target data from the memory on the host side according to the second address parameter. The secure storage method according to claim 4, characterized in that after acquiring the new target data from the memory of the host side according to the second address parameter, it also includes: Moving the new target data to the memory of the disk array card; Correspondingly, obtaining new verification data according to the new target data, the old target data and the old verification data includes: Performing an XOR operation on the old target data and the new target data in the memory of the disk array card to obtain a second XOR result, and performing an XOR operation on the second XOR result and the old verification data to obtain a third XOR result; The third XOR result is used as the new verification data. The secure storage method according to claim 5, wherein the step of obtaining old target data and old verification data from the disk array card according to the first address parameter comprises: Moving the old target data and the old verification data to the memory of the disk array card; Correspondingly, performing an XOR operation on the old target data and the old verification data to obtain a first XOR result includes: An XOR operation is performed on the old target data and the old verification data in the memory of the disk array card to obtain the first XOR result. The secure storage method according to claim 1, wherein storing the first XOR result in a corresponding hard disk of the disk array card comprises: The first XOR result is stored in the atomic parity update area of the check disk of the disk array card storing the old check data, so that when a storage abnormality occurs, the first XOR result is read from the atomic parity update area and the complete old target data and the old check data are restored according to the first XOR result. The secure storage method according to claim 7, wherein the step of obtaining old target data and old verification data from the disk array card according to the first address parameter comprises: If the disk array card includes multiple check disks, the old target data and the multiple old check data are obtained from the disk array card according to the first address parameter; wherein one check disk stores one check data; Correspondingly, performing an XOR operation on the old target data and the old verification data to obtain a first XOR result and storing the first XOR result in a corresponding hard disk of the disk array card includes: Perform XOR operations on the old target data and each of the old verification data to obtain multiple first XOR results, and store each of the first XOR results in the atomic parity update area of the corresponding verification disk, so that when a storage abnormality occurs, each of the first XOR results can be read from each of the atomic parity update areas and the corresponding old target data and the old verification data can be restored according to each of the first XOR results. The secure storage method according to claim 7, wherein the step of restoring the complete old target data and the old verification data according to the first XOR result comprises: Reading the state parameters in the target log; wherein the state parameters are the state definitions for verification updates; A target recovery algorithm is determined according to the state parameters, so as to execute a recovery process using the target recovery algorithm. The secure storage method according to claim 9, characterized in that there is a corresponding relationship between the state parameter and the recovery algorithm; Accordingly, determining a target recovery algorithm according to the state parameters includes: The target recovery algorithm is determined according to the corresponding relationship between the state parameters and the recovery algorithm. The secure storage method according to claim 9 is characterized in that the recovery algorithm includes a block segmentation recovery algorithm and a Galois field algorithm. The secure storage method according to claim 9, wherein the step of executing the recovery process using the target recovery algorithm comprises: Read the slot parameters and control block parameters in the target log; wherein the slot The parameter represents the position of the atomic parity update area of the check disk, and the control block parameter is used to determine the current data page chain where the data block is located and to locate the data cache area of the current data page chain. The target recovery algorithm is used to read the first XOR result from the atomic parity update area according to the slot parameter, and a recovery process is executed through a control block parameter function pointer. The secure storage method according to claim 1, characterized in that before obtaining the input/output write request sent by the host side, it also includes: Obtaining an array creation instruction issued by the host side; The array controller is controlled to initialize and assign values to the parameters in the target log according to the array creation instruction. The secure storage method according to claim 13, wherein the array creation instruction is a command line parameter for creating an array issued by the user through the host side. The secure storage method according to claim 14, characterized in that after obtaining the array creation instruction issued by the host side, it also includes: The driver program of the firmware layer of the disk array card is controlled to parse the command line parameters and transparently transmit the parsed parameters to the array controller, so that the array controller initializes and assigns values to the parameters in the target log according to the parsed parameters. The secure storage method according to any one of claims 1 to 15, characterized in that before restoring the complete old target data and the old verification data according to the first XOR result, it also includes: Whether the disk array card has abnormal power failure is detected by means of timer polling. If it is detected that the disk array card has abnormal power failure, it is determined that the storage is abnormal. The secure storage method according to claim 16, wherein the target log is stored in a non-volatile random access memory or a memory protected from power failure. A secure storage device, characterized in that it is applied to a disk array card, comprising: A request acquisition module is configured to acquire an input/output write request sent by a host side; A first reading module is configured to control the array controller to read a first address parameter in a target log according to the input/output request, and obtain old target data and old verification data from the disk array card according to the first address parameter; wherein the target log is used to record the verification update status of the array controller; The first operation and recovery module is configured to perform an XOR operation on the old target data and the old verification data to obtain a first XOR result and store the first XOR result in a corresponding hard disk of the disk array card, so as to restore the complete old target data and the old verification data according to the first XOR result when a storage abnormality occurs. An electronic device, characterized in that the electronic device includes a processor and a memory; wherein the memory is configured to store a computer program, and the computer program is loaded and executed by the processor to implement the secure storage method as described in any one of claims 1 to 17. A computer non-volatile readable storage medium, characterized in that it is used to store computer executable instructions, and when the computer executable instructions are loaded and executed by a processor, the secure storage method according to any one of claims 1 to 17 is implemented.