hashfile: allow skipping the hash function

The hashfile API is useful for generating files that include a trailing
hash of the file's contents up to that point. Using such a hash is
helpful for verifying the file for corruption-at-rest, such as a faulty
drive causing flipped bits.

Git's index file includes this trailing hash, so it uses a 'struct
hashfile' to handle the I/O to the file. This was very convenient to
allow using the hashfile methods during these operations.

However, hashing the file contents during write comes at a performance
penalty. It's slower to hash the bytes on their way to the disk than
without that step. This problem is made worse by the replacement of
hardware-accelerated SHA1 computations with the software-based sha1dc
computation.

This write cost is significant, and the checksum capability is likely
not worth that cost for such a short-lived file. The index is rewritten
frequently and the only time the checksum is checked is during 'git
fsck'. Thus, it would be helpful to allow a user to opt-out of the hash
computation.

We first need to allow Git to opt-out of the hash computation in the
hashfile API. The buffered writes of the API are still helpful, so it
makes sense to make the change here.

Introduce a new 'skip_hash' option to 'struct hashfile'. When set, the
update_fn and final_fn members of the_hash_algo are skipped. When
finalizing the hashfile, the trailing hash is replaced with the null
hash.

This use of a trailing null hash would be desireable in either case,
since we do not want to special case a file format to have a different
length depending on whether it was hashed or not. When the final bytes
of a file are all zero, we can infer that it was written without
hashing, and thus that verification is not available as a check for file
consistency. This also means that we could easily toggle hashing for any
file format we desire.

A version of this patch has existed in the microsoft/git fork since
2017 [1] (the linked commit was rebased in 2018, but the original dates
back to January 2017). Here, the change to make the index use this fast
path is delayed until a later change.

[1] 21fed2d914

Co-authored-by: Kevin Willford <kewillf@microsoft.com>
Signed-off-by: Kevin Willford <kewillf@microsoft.com>
Signed-off-by: Derrick Stolee <derrickstolee@github.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Derrick Stolee 2023-01-06 16:31:53 +00:00 committed by Junio C Hamano
parent c48035d29b
commit 1687150b5d
2 changed files with 18 additions and 3 deletions

View File

@ -45,7 +45,8 @@ void hashflush(struct hashfile *f)
unsigned offset = f->offset; unsigned offset = f->offset;
if (offset) { if (offset) {
the_hash_algo->update_fn(&f->ctx, f->buffer, offset); if (!f->skip_hash)
the_hash_algo->update_fn(&f->ctx, f->buffer, offset);
flush(f, f->buffer, offset); flush(f, f->buffer, offset);
f->offset = 0; f->offset = 0;
} }
@ -64,7 +65,12 @@ int finalize_hashfile(struct hashfile *f, unsigned char *result,
int fd; int fd;
hashflush(f); hashflush(f);
the_hash_algo->final_fn(f->buffer, &f->ctx);
if (f->skip_hash)
hashclr(f->buffer);
else
the_hash_algo->final_fn(f->buffer, &f->ctx);
if (result) if (result)
hashcpy(result, f->buffer); hashcpy(result, f->buffer);
if (flags & CSUM_HASH_IN_STREAM) if (flags & CSUM_HASH_IN_STREAM)
@ -108,7 +114,8 @@ void hashwrite(struct hashfile *f, const void *buf, unsigned int count)
* the hashfile's buffer. In this block, * the hashfile's buffer. In this block,
* f->offset is necessarily zero. * f->offset is necessarily zero.
*/ */
the_hash_algo->update_fn(&f->ctx, buf, nr); if (!f->skip_hash)
the_hash_algo->update_fn(&f->ctx, buf, nr);
flush(f, buf, nr); flush(f, buf, nr);
} else { } else {
/* /*
@ -153,6 +160,7 @@ static struct hashfile *hashfd_internal(int fd, const char *name,
f->tp = tp; f->tp = tp;
f->name = name; f->name = name;
f->do_crc = 0; f->do_crc = 0;
f->skip_hash = 0;
the_hash_algo->init_fn(&f->ctx); the_hash_algo->init_fn(&f->ctx);
f->buffer_len = buffer_len; f->buffer_len = buffer_len;

View File

@ -20,6 +20,13 @@ struct hashfile {
size_t buffer_len; size_t buffer_len;
unsigned char *buffer; unsigned char *buffer;
unsigned char *check_buffer; unsigned char *check_buffer;
/**
* If non-zero, skip_hash indicates that we should
* not actually compute the hash for this hashfile and
* instead only use it as a buffered write.
*/
int skip_hash;
}; };
/* Checkpoint */ /* Checkpoint */