vdev.c revision cbd2b15e3db624e8f01d31cd7199b03652153ffd
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2008 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#include <sys/zfs_context.h>
#include <sys/spa_impl.h>
#include <sys/vdev_impl.h>
#include <sys/uberblock_impl.h>
#include <sys/metaslab.h>
#include <sys/metaslab_impl.h>
#include <sys/space_map.h>
/*
* Virtual device management.
*/
static vdev_ops_t *vdev_ops_table[] = {
};
int zfs_scrub_limit = 10;
/*
* Given a vdev type, return the appropriate ops vector.
*/
static vdev_ops_t *
vdev_getops(const char *type)
{
break;
return (ops);
}
/*
* Default asize function: return the MAX of psize with the asize of
* all children. This is what's used by anything other than RAID-Z.
*/
{
uint64_t c;
for (c = 0; c < vd->vdev_children; c++) {
}
return (asize);
}
/*
* Get the replaceable or attachable device size.
* If the parent is a mirror or raidz, the replaceable size is the minimum
* psize of all its children. For the rest, just return our own psize.
*
* e.g.
* psize rsize
* root - -
* disk1 20g 20g
* disk2 40g 20g
* disk3 80g 80g
*/
{
/*
* If our parent is NULL or the root, just return our own psize.
*/
return (vd->vdev_psize);
rsize = 0;
for (c = 0; c < pvd->vdev_children; c++) {
}
return (rsize);
}
vdev_t *
{
}
return (NULL);
}
vdev_t *
{
int c;
return (vd);
for (c = 0; c < vd->vdev_children; c++)
NULL)
return (mvd);
return (NULL);
}
void
{
return;
}
/*
* Walk up all ancestors to update guid sum.
*/
}
void
{
int c;
return;
for (c = 0; c < pvd->vdev_children; c++)
if (pvd->vdev_child[c])
break;
if (c == pvd->vdev_children) {
pvd->vdev_children = 0;
}
/*
* Walk up all ancestors to update guid sum.
*/
}
/*
* Remove any holes in the child array.
*/
void
{
int newc, c;
if (pvd->vdev_child[c])
newc++;
}
}
}
/*
* Allocate and minimally initialize a vdev_t.
*/
static vdev_t *
{
}
if (guid == 0) {
/*
* The root vdev's guid will also be the pool guid,
* which must be unique among all pools.
*/
} else {
/*
* Any other vdev's guid must be unique within the pool.
*/
while (guid == 0 ||
}
}
return (vd);
}
/*
* Allocate a new vdev. The 'alloctype' is used to control whether we are
* creating a new vdev or loading an existing one - the behavior is slightly
* different for each case.
*/
int
int alloctype)
{
char *type;
return (EINVAL);
return (EINVAL);
/*
* If this is a load, get the vdev guid from the nvlist.
* Otherwise, vdev_alloc_common() will generate one for us.
*/
if (alloctype == VDEV_ALLOC_LOAD) {
return (EINVAL);
return (EINVAL);
} else if (alloctype == VDEV_ALLOC_SPARE) {
return (EINVAL);
} else if (alloctype == VDEV_ALLOC_L2CACHE) {
return (EINVAL);
}
/*
* The first allocated vdev must be of type 'root'.
*/
return (EINVAL);
/*
* Determine whether we're a log vdev.
*/
islog = 0;
return (ENOTSUP);
/*
* Set the nparity property for RAID-Z vdevs.
*/
nparity = -1ULL;
if (ops == &vdev_raidz_ops) {
&nparity) == 0) {
/*
* Currently, we can only support 2 parity devices.
*/
return (EINVAL);
/*
* Older versions can only support 1 parity device.
*/
if (nparity == 2 &&
return (ENOTSUP);
} else {
/*
* We require the parity to be specified for SPAs that
* support multiple parity levels.
*/
return (EINVAL);
/*
* Otherwise, we default to 1 parity device for RAID-Z.
*/
nparity = 1;
}
} else {
nparity = 0;
}
&vd->vdev_physpath) == 0)
/*
* Set the whole_disk property. If it's not specified, leave the value
* as -1.
*/
&vd->vdev_wholedisk) != 0)
/*
* Look for the 'not present' flag. This will only be set if the device
* was not present at the time of import.
*/
if (!spa->spa_import_faulted)
&vd->vdev_not_present);
/*
* Get the alignment requirement.
*/
/*
* If we're a top-level vdev, try to load the allocation parameters.
*/
&vd->vdev_ms_array);
&vd->vdev_ms_shift);
&vd->vdev_asize);
}
/*
* If we're a leaf vdev, try to load the DTL object and other state.
*/
if (alloctype == VDEV_ALLOC_LOAD) {
&vd->vdev_unspare);
}
&vd->vdev_offline);
/*
* When importing a pool, we want to ignore the persistent fault
* state, as the diagnosis made on another system may not be
* valid in the current context.
*/
&vd->vdev_faulted);
&vd->vdev_degraded);
&vd->vdev_removed);
}
}
/*
* Add ourselves to the parent's list of children.
*/
return (0);
}
void
{
int c;
/*
* vdev_free() implies closing the vdev first. This is simpler than
* trying to ensure complicated semantics for all callers.
*/
vdev_close(vd);
/*
* Free all children.
*/
for (c = 0; c < vd->vdev_children; c++)
/*
* Discard allocation state.
*/
/*
* Remove this vdev from its parent's child list.
*/
/*
* Clean up vdev structure.
*/
if (vd->vdev_devid)
if (vd->vdev_physpath)
if (vd->vdev_isspare)
if (vd->vdev_isl2cache)
}
/*
* Transfer top-level vdev state from svd to tvd.
*/
static void
{
int t;
svd->vdev_ms_array = 0;
svd->vdev_ms_shift = 0;
svd->vdev_ms_count = 0;
for (t = 0; t < TXG_SIZE; t++) {
}
}
}
svd->vdev_deflate_ratio = 0;
svd->vdev_islog = 0;
}
static void
{
int c;
return;
for (c = 0; c < vd->vdev_children; c++)
}
/*
*/
vdev_t *
{
return (mvd);
}
/*
*/
void
{
/*
* If cvd will replace mvd as a top-level vdev, preserve mvd's guid.
* Otherwise, we could have detached an offline device, and when we
* go to import the pool we'll think we have two top-level vdevs,
* instead of a different version of the same top-level vdev.
*/
}
int
{
uint64_t m;
metaslab_t **mspp;
int error;
return (0);
if (vd->vdev_islog)
else
if (oldc != 0) {
}
space_map_obj_t smo = { 0, 0, 0 };
if (txg == 0) {
if (error)
return (error);
if (object != 0) {
if (error)
return (error);
}
}
}
return (0);
}
void
{
uint64_t m;
for (m = 0; m < count; m++)
}
}
typedef struct vdev_probe_stats {
int vps_flags;
static void
{
} else {
}
if (vdev_readable(vd) &&
} else {
}
}
}
/*
* Determine whether this device is accessible by reading and writing
* to several known locations: the pad regions of each vdev label
* but the first (which we leave alone in case it contains a VTOC).
*/
zio_t *
{
/*
* vdev_cant_read and vdev_cant_write can only transition
* from TRUE to FALSE when we have the SCL_ZIO lock as writer;
* otherwise they can only transition from FALSE to TRUE.
* This ensures that any zio looking at these values can
* assume that failures persist for the life of the I/O.
* That's important because when a device has intermittent
* connectivity problems, we want to ensure that they're
* ascribed to the device (ENXIO) and not the zio (EIO).
*
* Since we hold SCL_ZIO as writer here, clear both values
* so the probe can reevaluate from first principles.
*/
}
for (int l = 1; l < VDEV_LABELS; l++) {
}
return (zio);
}
/*
* Prepare a virtual device for access.
*/
int
{
int error;
int c;
return (ENXIO);
} else if (vd->vdev_offline) {
return (ENXIO);
}
if (zio_injection_enabled && error == 0)
if (error) {
if (vd->vdev_removed &&
return (error);
}
if (vd->vdev_degraded) {
} else {
}
for (c = 0; c < vd->vdev_children; c++)
break;
}
if (vd->vdev_children == 0) {
if (osize < SPA_MINDEVSIZE) {
return (EOVERFLOW);
}
} else {
return (EOVERFLOW);
}
psize = 0;
}
if (vd->vdev_asize == 0) {
/*
* This is the first-ever open, so use the computed values.
* For testing purposes, a higher ashift can be requested.
*/
} else {
/*
* Make sure the alignment requirement hasn't increased.
*/
return (EINVAL);
}
/*
* Make sure the device hasn't shrunk.
*/
return (EINVAL);
}
/*
* If all children are healthy and the asize has increased,
* then we've experienced dynamic LUN growth.
*/
}
}
/*
* Ensure we can issue some IO before declaring the
* vdev open for business.
*/
return (error);
}
/*
* If this is a top-level vdev, compute the raidz-deflation
* ratio. Note, we hard-code in 128k (1<<17) because it is the
* current "typical" blocksize. Even if SPA_MAXBLOCKSIZE
* changes, this algorithm must never change, or we will
* inconsistently account for existing bp's.
*/
}
/*
* If a leaf vdev has a DTL, and seems healthy, then kick off a
* resilver. But don't do this if we are doing a reopen for a
* scrub, since this would just restart the scrub we are already
* doing.
*/
}
return (0);
}
/*
* Called once the vdevs are all opened, this routine validates the label
* contents. This needs to be done before vdev_load() so that we don't
*
* This function will only return failure if one of the vdevs indicates that it
* has since been destroyed or exported. This is only possible if
* /etc/zfs/zpool.cache was readonly at the time. Otherwise, the vdev state
* will be updated but the function will return 0.
*/
int
{
int c;
for (c = 0; c < vd->vdev_children; c++)
return (EBADF);
/*
* If the device has already failed, or was marked offline, don't do
* any further validation. Otherwise, label I/O will fail and we will
* overwrite the previous state.
*/
return (0);
}
return (0);
}
/*
* If this vdev just became a top-level vdev because its
* sibling was detached, it will have adopted the parent's
* vdev guid -- but the label may or may not be on disk yet.
* Fortunately, either version of the label will have the
* same top guid, so if we're a top-level vdev, we can
* safely compare to that instead.
*/
&guid) != 0 ||
&top_guid) != 0 ||
return (0);
}
&state) != 0) {
return (0);
}
return (EBADF);
/*
* If we were able to open and validate a vdev that was
* previously marked permanently unavailable, clear that state
* now.
*/
if (vd->vdev_not_present)
vd->vdev_not_present = 0;
}
return (0);
}
/*
* Close a virtual device.
*/
void
{
/*
* We record the previous state before we close it, so that if we are
* doing a reopen(), we don't generate FMA ereports if we notice that
* it's still faulted.
*/
if (vd->vdev_offline)
else
}
void
{
vdev_close(vd);
/*
* Call vdev_validate() here to make sure we have the same device.
* Otherwise, a device with an invalid label could be successfully
* opened in response to vdev_reopen().
*/
(void) vdev_validate_aux(vd);
!l2arc_vdev_present(vd)) {
}
} else {
(void) vdev_validate(vd);
}
/*
* Reassess parent vdev's health.
*/
}
int
{
int error;
/*
* Normally, partial opens (e.g. of a mirror) are allowed.
* For a create, however, we want to fail the request if
* there are any components we can't open.
*/
vdev_close(vd);
}
/*
* Recursively initialize all labels.
*/
VDEV_LABEL_REPLACE : VDEV_LABEL_CREATE)) != 0) {
vdev_close(vd);
return (error);
}
return (0);
}
/*
* The is the latter half of vdev_create(). It is distinct because it
* involves initiating transactions in order to do metaslab creation.
* For creation, we want to try to create all vdevs at once and then undo it
* if anything fails; this is much harder if we have pending transactions.
*/
void
{
/*
* Aim for roughly 200 metaslabs per vdev.
*/
/*
* Initialize the vdev's metaslabs. This can't fail because
* there's nothing to read when creating all new metaslabs.
*/
}
void
{
if (flags & VDD_METASLAB)
}
void
{
}
int
{
int dirty;
/*
* Quick test without the lock -- covers the common case that
* there are no dirty time segments.
*/
return (0);
return (dirty);
}
/*
* Reassess DTLs after a config change or scrub completion.
*/
void
{
int c;
if (vd->vdev_children == 0) {
if (scrub_txg != 0 &&
/* XXX should check scrub_done? */
/*
* We completed a scrub up to scrub_txg. If we
* did it without rebooting, then the scrub dtl
* will be valid, so excise the old region and
* fold in the scrub dtl. Otherwise, leave the
* dtl as-is if there was an error.
*/
}
if (scrub_done)
if (txg != 0)
return;
}
/*
* Make sure the DTLs are always correct under the scrub lock.
*/
for (c = 0; c < vd->vdev_children; c++) {
}
}
static int
{
int error;
if (smo->smo_object == 0)
return (0);
return (error);
return (error);
}
void
{
if (vd->vdev_detached) {
if (smo->smo_object != 0) {
smo->smo_object = 0;
}
return;
}
if (smo->smo_object == 0) {
}
&smlock);
mutex_exit(&smlock);
}
/*
* Determine if resilver is needed, and if so the txg range.
*/
{
if (vd->vdev_children == 0) {
}
} else {
int c;
for (c = 0; c < vd->vdev_children; c++) {
}
}
}
}
return (needed);
}
void
{
int c;
/*
* Recursively load all children.
*/
for (c = 0; c < vd->vdev_children; c++)
/*
* If this is a top-level vdev, initialize its metaslabs.
*/
vdev_metaslab_init(vd, 0) != 0))
/*
* If this is a leaf vdev, load its DTL.
*/
}
/*
* The special vdev case is used for hot spares and l2cache devices. Its
* sole purpose it to set the vdev state for the associated vdev. To do this,
* we make sure that we can open the underlying device, then try to read the
* label, and make sure that the label is sane and that it hasn't been
* repurposed to another pool.
*/
int
{
if (!vdev_readable(vd))
return (0);
return (-1);
}
version > SPA_VERSION ||
return (-1);
}
/*
* We don't actually check the pool state here. If it's in fact in
* use by another pool, we update this fact on the fly when requested.
*/
return (0);
}
void
{
}
void
{
}
}
}
{
}
/*
* Mark the given vdev faulted. A faulted vdev behaves as if the device could
* not be opened, and no I/O is attempted.
*/
int
{
/*
* Faulted state takes precedence over degraded.
*/
/*
* If marking the vdev as faulted cause the top-level vdev to become
* unavailable, then back off and simply mark the vdev as degraded
* instead.
*/
/*
* If we reopen the device and it's not dead, only then do we
* mark it degraded.
*/
if (vdev_readable(vd)) {
}
}
}
/*
* Mark the given vdev degraded. A degraded vdev is purely an indication to the
* user that something is wrong. The vdev continues to operate as normal as far
* as I/O is concerned.
*/
int
{
/*
* If the vdev is already faulted, then don't do anything.
*/
if (!vdev_is_dead(vd))
}
/*
* Online the given vdev. If 'unspare' is set, it implies two things. First,
* any attached spare device should be detached when the device finishes
* resilvering. Second, the online should be treated like a 'test' online case,
* so no FMA events are generated if the device fails to open.
*/
int
{
if (newstate)
if ((flags & ZFS_ONLINE_UNSPARE) &&
return (0);
}
int
{
/*
* If the device isn't already offline, try to offline it.
*/
if (!vd->vdev_offline) {
/*
* If this device's top-level vdev has a non-empty DTL,
* don't allow the device to be offlined.
*
* XXX -- make this more precise by allowing the offline
* as long as the remaining devices don't have any DTL holes.
*/
/*
* Offline this device and reopen its top-level vdev.
* If this action results in the top-level vdev becoming
* unusable, undo it and fail the request.
*/
}
}
}
/*
* Clear the error counts associated with this vdev. Unlike vdev_online() and
* vdev_offline(), we assume the spa config is locked. We also clear all
* children. If 'vd' is NULL, then the user wants to clear all vdevs.
*/
void
{
for (int c = 0; c < vd->vdev_children; c++)
/*
* If we're in the FAULTED state or have experienced failed I/O, then
* clear the persistent state and attempt to reopen the device. We
* also mark the vdev config dirty, so that the new faulted state is
* written out to disk.
*/
}
}
{
}
{
}
{
}
{
return (B_FALSE);
return (!vd->vdev_cant_read);
return (!vd->vdev_cant_write);
return (B_TRUE);
}
/*
* Get statistics for the given vdev.
*/
void
{
/*
* If we're getting stats on the root vdev, aggregate the I/O counts
* over all top-level vdevs (i.e. the direct children of the root).
*/
for (int c = 0; c < rvd->vdev_children; c++) {
for (int t = 0; t < ZIO_TYPES; t++) {
}
}
}
}
void
{
}
void
{
/*
* If this i/o is a gang leader, it didn't do any actual work.
*/
if (zio->io_gang_tree)
return;
/*
* If this is a root i/o, don't count it -- we've already
* counted the top-level vdevs, and vdev_get_stats() will
* aggregate them when asked. This reduces contention on
* the root vdev_stat_lock and implicitly handles blocks
* that compress away to holes, for which there is no i/o.
* (Holes never create vdev children, so all the counters
* remain zero, which is what we want.)
*
* Note: this only applies to successful i/o (io_error == 0)
* because unlike i/o counts, errors are not additive.
* When reading a ditto block, for example, failure of
* one top-level vdev does not imply a root-level error.
*/
return;
if (!(flags & ZIO_FLAG_IO_BYPASS)) {
}
if (flags & ZIO_FLAG_IO_REPAIR) {
if (flags & ZIO_FLAG_SCRUB_THREAD)
else
}
return;
}
if (flags & ZIO_FLAG_SPECULATIVE)
return;
if (type == ZIO_TYPE_READ) {
vs->vs_checksum_errors++;
else
vs->vs_read_errors++;
}
if (type == ZIO_TYPE_WRITE)
vs->vs_write_errors++;
if (flags & ZIO_FLAG_SCRUB_THREAD) {
}
if (!(flags & ZIO_FLAG_IO_REPAIR)) {
return;
}
}
}
void
{
int c;
for (c = 0; c < vd->vdev_children; c++)
if (type == POOL_SCRUB_NONE) {
/*
* Update completion and end time. Leave everything else alone
* so we can report what happened during the previous scrub.
*/
} else {
vs->vs_scrub_complete = 0;
vs->vs_scrub_examined = 0;
vs->vs_scrub_repaired = 0;
vs->vs_scrub_end = 0;
}
}
/*
* Update the in-core space usage stats for this vdev and the root vdev.
*/
void
{
/*
* Apply the inverse of the psize-to-asize (ie. RAID-Z) space-expansion
* factor. We must calculate this here and not at the root vdev
* because the root vdev's psize-to-asize is simply the max of its
* childrens', thus not accurate enough for us.
*/
if (update_root) {
/*
* Don't count non-normal (e.g. intent log) space as part of
* the pool's capacity.
*/
return;
}
}
/*
* Mark a top-level vdev's config as dirty, placing it on the dirty list
* so that it will be written out next time the vdev configuration is synced.
* If the root vdev is specified (vdev_top == NULL), dirty all top-level vdevs.
*/
void
{
int c;
/*
* If this is an aux vdev (as with l2cache devices), then we update the
* vdev config manually and set the sync flag.
*/
break;
}
/*
* We're being removed. There's nothing more to do.
*/
return;
}
/*
* Setting the nvlist in the middle if the array is a little
* sketchy, but it will work.
*/
nvlist_free(aux[c]);
return;
}
/*
* The dirty list is protected by the SCL_CONFIG lock. The caller
* must either hold SCL_CONFIG as writer, or must be the sync thread
* (which holds SCL_CONFIG as reader). There's only one sync thread,
* so this is sufficient to ensure mutual exclusion.
*/
for (c = 0; c < rvd->vdev_children; c++)
} else {
}
}
void
{
}
/*
* Mark a top-level vdev's state as dirty, so that the next pass of
* spa_sync() can convert this into vdev_config_dirty(). We distinguish
* the state changes from larger config changes because they require
* much less locking, and are often needed for administrative actions.
*/
void
{
/*
* The state list is protected by the SCL_STATE lock. The caller
* must either hold SCL_STATE as writer, or must be the sync thread
* (which holds SCL_STATE as reader). There's only one sync thread,
* so this is sufficient to ensure mutual exclusion.
*/
}
void
{
}
/*
* Propagate vdev state up from children to parent.
*/
void
{
int corrupted = 0;
int c;
if (vd->vdev_children > 0) {
for (c = 0; c < vd->vdev_children; c++) {
if (!vdev_readable(child) ||
/*
* Root special: if there is a top-level log
* device, treat the root vdev as if it were
* degraded.
*/
degraded++;
else
faulted++;
degraded++;
}
corrupted++;
}
/*
* Root special: if there is a top-level vdev that cannot be
* opened due to corrupted metadata, then propagate the root
* vdev's aux state as 'corrupt' rather than 'insufficient
* replicas'.
*/
}
if (vd->vdev_parent)
}
/*
* Set a vdev's state. If this is during an open, we don't update the parent
* state, because we're in the process of opening children depth-first.
* Otherwise, we propagate the change to the parent.
*
* If this routine places a device in a faulted state, an appropriate ereport is
* generated.
*/
void
{
return;
}
/*
* If we are setting the vdev state to anything but an open state, then
* always close the underlying device. Otherwise, we keep accessible
* but invalid devices open forever. We don't call vdev_close() itself,
* because that implies some extra checks (offline, etc) that we don't
* want here. This is limited to leaf devices, because otherwise
* closing the device will affect other children.
*/
if (vd->vdev_removed &&
state == VDEV_STATE_CANT_OPEN &&
/*
* If the previous state is set to VDEV_STATE_REMOVED, then this
* device was previously marked removed and someone attempted to
* reopen it. If this failed due to a nonexistent device, then
* keep the device in the REMOVED state. We also let this be if
* it is one of our special test online cases, which is only
* attempting to online the device and shouldn't generate an FMA
* fault.
*/
} else if (state == VDEV_STATE_REMOVED) {
/*
* Indicate to the ZFS DE that this device has been removed, and
* any recent errors should be ignored.
*/
} else if (state == VDEV_STATE_CANT_OPEN) {
/*
* If we fail to open a vdev during an import, we mark it as
* "not available", which signifies that it was never there to
* begin with. Failure to open such a device is not considered
* an error.
*/
!spa->spa_import_faulted &&
/*
* Post the appropriate ereport. If the 'prevstate' field is
* set to something other than VDEV_STATE_UNKNOWN, it indicates
* that this is part of a vdev_reopen(). In this case, we don't
* want to post the ereport if the device was already in the
* CANT_OPEN state beforehand.
*
* If the 'checkremove' flag is set, then this is an attempt to
* online the device in response to an insertion event. If we
* hit this case, then we have detected an insertion event for a
* faulted or offline device that wasn't in the removed state.
* In this scenario, we don't post an ereport because we are
* about to replace the device, or attempt an online with
* vdev_forcefault, which will generate the fault for us.
*/
const char *class;
switch (aux) {
case VDEV_AUX_OPEN_FAILED:
break;
case VDEV_AUX_CORRUPT_DATA:
break;
case VDEV_AUX_NO_REPLICAS:
break;
case VDEV_AUX_BAD_GUID_SUM:
break;
case VDEV_AUX_TOO_SMALL:
break;
case VDEV_AUX_BAD_LABEL:
break;
case VDEV_AUX_IO_FAILURE:
break;
default:
}
}
/* Erase any notion of persistent removed state */
} else {
}
if (!isopen)
}
/*
* Check the vdev configuration to ensure that it's capable of supporting
* a root pool. Currently, we do not support RAID-Z or partial configuration.
* In addition, only a single top-level vdev is allowed and none of the leaves
* can be wholedisks.
*/
{
int c;
return (B_FALSE);
return (B_FALSE);
}
return (B_FALSE);
}
for (c = 0; c < vd->vdev_children; c++) {
return (B_FALSE);
}
return (B_TRUE);
}