1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 */
25
26 /*
27 * Copyright (c) 2012, 2015 by Delphix. All rights reserved.
28 */
29
30 #include <sys/zfs_context.h>
31 #include <sys/spa.h>
32 #include <sys/spa_impl.h>
33 #include <sys/dsl_pool.h>
34 #include <sys/dsl_scan.h>
35 #include <sys/vdev_impl.h>
36 #include <sys/zio.h>
37 #include <sys/abd.h>
38 #include <sys/fs/zfs.h>
39
40 /*
41 * Virtual device vector for mirroring.
42 */
43
44 typedef struct mirror_child {
45 vdev_t *mc_vd;
46 uint64_t mc_offset;
47 int mc_error;
48 uint8_t mc_tried;
49 uint8_t mc_skipped;
50 uint8_t mc_speculative;
51 } mirror_child_t;
52
53 typedef struct mirror_map {
54 int mm_children;
55 int mm_resilvering;
56 int mm_preferred;
57 int mm_root;
58 mirror_child_t mm_child[1];
59 } mirror_map_t;
60
61 int vdev_mirror_shift = 21;
62
63 static void
64 vdev_mirror_map_free(zio_t *zio)
65 {
66 mirror_map_t *mm = zio->io_vsd;
67
68 kmem_free(mm, offsetof(mirror_map_t, mm_child[mm->mm_children]));
69 }
70
71 static const zio_vsd_ops_t vdev_mirror_vsd_ops = {
72 vdev_mirror_map_free,
73 zio_vsd_default_cksum_report
74 };
75
76 static mirror_map_t *
77 vdev_mirror_map_alloc(zio_t *zio)
78 {
79 mirror_map_t *mm = NULL;
80 mirror_child_t *mc;
81 vdev_t *vd = zio->io_vd;
82 int c, d;
83
84 if (vd == NULL) {
85 dva_t *dva = zio->io_bp->blk_dva;
86 spa_t *spa = zio->io_spa;
87 dva_t dva_copy[SPA_DVAS_PER_BP];
88
89 c = BP_GET_NDVAS(zio->io_bp);
90
91 /*
92 * If we do not trust the pool config, some DVAs might be
93 * invalid or point to vdevs that do not exist. We skip them.
94 */
95 if (!spa_trust_config(spa)) {
96 ASSERT3U(zio->io_type, ==, ZIO_TYPE_READ);
97 int j = 0;
98 for (int i = 0; i < c; i++) {
99 if (zfs_dva_valid(spa, &dva[i], zio->io_bp))
100 dva_copy[j++] = dva[i];
101 }
102 if (j == 0) {
103 zio->io_vsd = NULL;
104 zio->io_error = ENXIO;
105 return (NULL);
106 }
107 if (j < c) {
108 dva = dva_copy;
109 c = j;
110 }
111 }
112
113 mm = kmem_zalloc(offsetof(mirror_map_t, mm_child[c]), KM_SLEEP);
114 mm->mm_children = c;
115 mm->mm_resilvering = B_FALSE;
116 mm->mm_preferred = spa_get_random(c);
117 mm->mm_root = B_TRUE;
118
119 /*
120 * Check the other, lower-index DVAs to see if they're on
121 * the same vdev as the child we picked. If they are, use
122 * them since they are likely to have been allocated from
123 * the primary metaslab in use at the time, and hence are
124 * more likely to have locality with single-copy data.
125 */
126 for (c = mm->mm_preferred, d = c - 1; d >= 0; d--) {
127 if (DVA_GET_VDEV(&dva[d]) == DVA_GET_VDEV(&dva[c]))
128 mm->mm_preferred = d;
129 }
130
131 for (c = 0; c < mm->mm_children; c++) {
132 mc = &mm->mm_child[c];
133
134 mc->mc_vd = vdev_lookup_top(spa, DVA_GET_VDEV(&dva[c]));
135 mc->mc_offset = DVA_GET_OFFSET(&dva[c]);
136 }
137 } else {
138 int replacing;
139
140 c = vd->vdev_children;
141
142 mm = kmem_zalloc(offsetof(mirror_map_t, mm_child[c]), KM_SLEEP);
143 mm->mm_children = c;
144 /*
145 * If we are resilvering, then we should handle scrub reads
146 * differently; we shouldn't issue them to the resilvering
147 * device because it might not have those blocks.
148 *
149 * We are resilvering iff:
150 * 1) We are a replacing vdev (ie our name is "replacing-1" or
151 * "spare-1" or something like that), and
152 * 2) The pool is currently being resilvered.
153 *
154 * We cannot simply check vd->vdev_resilver_txg, because it's
155 * not set in this path.
156 *
157 * Nor can we just check our vdev_ops; there are cases (such as
158 * when a user types "zpool replace pool odev spare_dev" and
159 * spare_dev is in the spare list, or when a spare device is
160 * automatically used to replace a DEGRADED device) when
161 * resilvering is complete but both the original vdev and the
162 * spare vdev remain in the pool. That behavior is intentional.
163 * It helps implement the policy that a spare should be
164 * automatically removed from the pool after the user replaces
165 * the device that originally failed.
166 */
167 replacing = (vd->vdev_ops == &vdev_replacing_ops ||
168 vd->vdev_ops == &vdev_spare_ops);
169 /*
170 * If a spa load is in progress, then spa_dsl_pool may be
171 * uninitialized. But we shouldn't be resilvering during a spa
172 * load anyway.
173 */
174 if (replacing &&
175 (spa_load_state(vd->vdev_spa) == SPA_LOAD_NONE) &&
176 dsl_scan_resilvering(vd->vdev_spa->spa_dsl_pool)) {
177 mm->mm_resilvering = B_TRUE;
178 } else {
179 mm->mm_resilvering = B_FALSE;
180 }
181
182 mm->mm_preferred = mm->mm_resilvering ? 0 :
183 (zio->io_offset >> vdev_mirror_shift) % c;
184 mm->mm_root = B_FALSE;
185
186 for (c = 0; c < mm->mm_children; c++) {
187 mc = &mm->mm_child[c];
188 mc->mc_vd = vd->vdev_child[c];
189 mc->mc_offset = zio->io_offset;
190 }
191 }
192
193 zio->io_vsd = mm;
194 zio->io_vsd_ops = &vdev_mirror_vsd_ops;
195 return (mm);
196 }
197
198 static int
199 vdev_mirror_open(vdev_t *vd, uint64_t *asize, uint64_t *max_asize,
200 uint64_t *ashift)
201 {
202 int numerrors = 0;
203 int lasterror = 0;
204
205 if (vd->vdev_children == 0) {
206 vd->vdev_stat.vs_aux = VDEV_AUX_BAD_LABEL;
207 return (SET_ERROR(EINVAL));
208 }
209
210 vdev_open_children(vd);
211
212 for (int c = 0; c < vd->vdev_children; c++) {
213 vdev_t *cvd = vd->vdev_child[c];
214
215 if (cvd->vdev_open_error) {
216 lasterror = cvd->vdev_open_error;
217 numerrors++;
218 continue;
219 }
220
221 *asize = MIN(*asize - 1, cvd->vdev_asize - 1) + 1;
222 *max_asize = MIN(*max_asize - 1, cvd->vdev_max_asize - 1) + 1;
223 *ashift = MAX(*ashift, cvd->vdev_ashift);
224 }
225
226 if (numerrors == vd->vdev_children) {
227 if (vdev_children_are_offline(vd))
228 vd->vdev_stat.vs_aux = VDEV_AUX_CHILDREN_OFFLINE;
229 else
230 vd->vdev_stat.vs_aux = VDEV_AUX_NO_REPLICAS;
231 return (lasterror);
232 }
233
234 return (0);
235 }
236
237 static void
238 vdev_mirror_close(vdev_t *vd)
239 {
240 for (int c = 0; c < vd->vdev_children; c++)
241 vdev_close(vd->vdev_child[c]);
242 }
243
244 static void
245 vdev_mirror_child_done(zio_t *zio)
246 {
247 mirror_child_t *mc = zio->io_private;
248
249 mc->mc_error = zio->io_error;
250 mc->mc_tried = 1;
251 mc->mc_skipped = 0;
252 }
253
254 static void
255 vdev_mirror_scrub_done(zio_t *zio)
256 {
257 mirror_child_t *mc = zio->io_private;
258
259 if (zio->io_error == 0) {
260 zio_t *pio;
261 zio_link_t *zl = NULL;
262
263 mutex_enter(&zio->io_lock);
264 while ((pio = zio_walk_parents(zio, &zl)) != NULL) {
265 mutex_enter(&pio->io_lock);
266 ASSERT3U(zio->io_size, >=, pio->io_size);
267 abd_copy(pio->io_abd, zio->io_abd, pio->io_size);
268 mutex_exit(&pio->io_lock);
269 }
270 mutex_exit(&zio->io_lock);
271 }
272 abd_free(zio->io_abd);
273
274 mc->mc_error = zio->io_error;
275 mc->mc_tried = 1;
276 mc->mc_skipped = 0;
277 }
278
279 /*
280 * Try to find a child whose DTL doesn't contain the block we want to read.
281 * If we can't, try the read on any vdev we haven't already tried.
282 */
283 static int
284 vdev_mirror_child_select(zio_t *zio)
285 {
286 mirror_map_t *mm = zio->io_vsd;
287 mirror_child_t *mc;
288 uint64_t txg = zio->io_txg;
289 int i, c;
290
291 ASSERT(zio->io_bp == NULL || BP_PHYSICAL_BIRTH(zio->io_bp) == txg);
292
293 /*
294 * Try to find a child whose DTL doesn't contain the block to read.
295 * If a child is known to be completely inaccessible (indicated by
296 * vdev_readable() returning B_FALSE), don't even try.
297 */
298 for (i = 0, c = mm->mm_preferred; i < mm->mm_children; i++, c++) {
299 if (c >= mm->mm_children)
300 c = 0;
301 mc = &mm->mm_child[c];
302 if (mc->mc_tried || mc->mc_skipped)
303 continue;
304 if (!vdev_readable(mc->mc_vd)) {
305 mc->mc_error = SET_ERROR(ENXIO);
306 mc->mc_tried = 1; /* don't even try */
307 mc->mc_skipped = 1;
308 continue;
309 }
310 if (!vdev_dtl_contains(mc->mc_vd, DTL_MISSING, txg, 1))
311 return (c);
312 mc->mc_error = SET_ERROR(ESTALE);
313 mc->mc_skipped = 1;
314 mc->mc_speculative = 1;
315 }
316
317 /*
318 * Every device is either missing or has this txg in its DTL.
319 * Look for any child we haven't already tried before giving up.
320 */
321 for (c = 0; c < mm->mm_children; c++)
322 if (!mm->mm_child[c].mc_tried)
323 return (c);
324
325 /*
326 * Every child failed. There's no place left to look.
327 */
328 return (-1);
329 }
330
331 static void
332 vdev_mirror_io_start(zio_t *zio)
333 {
334 mirror_map_t *mm;
335 mirror_child_t *mc;
336 int c, children;
337
338 mm = vdev_mirror_map_alloc(zio);
339
340 if (mm == NULL) {
341 ASSERT(!spa_trust_config(zio->io_spa));
342 ASSERT(zio->io_type == ZIO_TYPE_READ);
343 zio_execute(zio);
344 return;
345 }
346
347 if (zio->io_type == ZIO_TYPE_READ) {
348 if ((zio->io_flags & ZIO_FLAG_SCRUB) && !mm->mm_resilvering) {
349 /*
350 * For scrubbing reads we need to allocate a read
351 * buffer for each child and issue reads to all
352 * children. If any child succeeds, it will copy its
353 * data into zio->io_data in vdev_mirror_scrub_done.
354 */
355 for (c = 0; c < mm->mm_children; c++) {
356 mc = &mm->mm_child[c];
357 zio_nowait(zio_vdev_child_io(zio, zio->io_bp,
358 mc->mc_vd, mc->mc_offset,
359 abd_alloc_sametype(zio->io_abd,
360 zio->io_size), zio->io_size,
361 zio->io_type, zio->io_priority, 0,
362 vdev_mirror_scrub_done, mc));
363 }
364 zio_execute(zio);
365 return;
366 }
367 /*
368 * For normal reads just pick one child.
369 */
370 c = vdev_mirror_child_select(zio);
371 children = (c >= 0);
372 } else {
373 ASSERT(zio->io_type == ZIO_TYPE_WRITE);
374
375 /*
376 * Writes go to all children.
377 */
378 c = 0;
379 children = mm->mm_children;
380 }
381
382 while (children--) {
383 mc = &mm->mm_child[c];
384 zio_nowait(zio_vdev_child_io(zio, zio->io_bp,
385 mc->mc_vd, mc->mc_offset, zio->io_abd, zio->io_size,
386 zio->io_type, zio->io_priority, 0,
387 vdev_mirror_child_done, mc));
388 c++;
389 }
390
391 zio_execute(zio);
392 }
393
394 static int
395 vdev_mirror_worst_error(mirror_map_t *mm)
396 {
397 int error[2] = { 0, 0 };
398
399 for (int c = 0; c < mm->mm_children; c++) {
400 mirror_child_t *mc = &mm->mm_child[c];
401 int s = mc->mc_speculative;
402 error[s] = zio_worst_error(error[s], mc->mc_error);
403 }
404
405 return (error[0] ? error[0] : error[1]);
406 }
407
408 static void
409 vdev_mirror_io_done(zio_t *zio)
410 {
411 mirror_map_t *mm = zio->io_vsd;
412 mirror_child_t *mc;
413 int c;
414 int good_copies = 0;
415 int unexpected_errors = 0;
416
417 if (mm == NULL)
418 return;
419
420 for (c = 0; c < mm->mm_children; c++) {
421 mc = &mm->mm_child[c];
422
423 if (mc->mc_error) {
424 if (!mc->mc_skipped)
425 unexpected_errors++;
426 } else if (mc->mc_tried) {
427 good_copies++;
428 }
429 }
430
431 if (zio->io_type == ZIO_TYPE_WRITE) {
432 /*
433 * XXX -- for now, treat partial writes as success.
434 *
435 * Now that we support write reallocation, it would be better
436 * to treat partial failure as real failure unless there are
437 * no non-degraded top-level vdevs left, and not update DTLs
438 * if we intend to reallocate.
439 */
440 /* XXPOLICY */
441 if (good_copies != mm->mm_children) {
442 /*
443 * Always require at least one good copy.
444 *
445 * For ditto blocks (io_vd == NULL), require
446 * all copies to be good.
447 *
448 * XXX -- for replacing vdevs, there's no great answer.
449 * If the old device is really dead, we may not even
450 * be able to access it -- so we only want to
451 * require good writes to the new device. But if
452 * the new device turns out to be flaky, we want
453 * to be able to detach it -- which requires all
454 * writes to the old device to have succeeded.
455 */
456 if (good_copies == 0 || zio->io_vd == NULL)
457 zio->io_error = vdev_mirror_worst_error(mm);
458 }
459 return;
460 }
461
462 ASSERT(zio->io_type == ZIO_TYPE_READ);
463
464 /*
465 * If we don't have a good copy yet, keep trying other children.
466 */
467 /* XXPOLICY */
468 if (good_copies == 0 && (c = vdev_mirror_child_select(zio)) != -1) {
469 ASSERT(c >= 0 && c < mm->mm_children);
470 mc = &mm->mm_child[c];
471 zio_vdev_io_redone(zio);
472 zio_nowait(zio_vdev_child_io(zio, zio->io_bp,
473 mc->mc_vd, mc->mc_offset, zio->io_abd, zio->io_size,
474 ZIO_TYPE_READ, zio->io_priority, 0,
475 vdev_mirror_child_done, mc));
476 return;
477 }
478
479 /* XXPOLICY */
480 if (good_copies == 0) {
481 zio->io_error = vdev_mirror_worst_error(mm);
482 ASSERT(zio->io_error != 0);
483 }
484
485 if (good_copies && spa_writeable(zio->io_spa) &&
486 (unexpected_errors ||
487 (zio->io_flags & ZIO_FLAG_RESILVER) ||
488 ((zio->io_flags & ZIO_FLAG_SCRUB) && mm->mm_resilvering))) {
489 /*
490 * Use the good data we have in hand to repair damaged children.
491 */
492 for (c = 0; c < mm->mm_children; c++) {
493 /*
494 * Don't rewrite known good children.
495 * Not only is it unnecessary, it could
496 * actually be harmful: if the system lost
497 * power while rewriting the only good copy,
498 * there would be no good copies left!
499 */
500 mc = &mm->mm_child[c];
501
502 if (mc->mc_error == 0) {
503 if (mc->mc_tried)
504 continue;
505 if (!(zio->io_flags & ZIO_FLAG_SCRUB) &&
506 !vdev_dtl_contains(mc->mc_vd, DTL_PARTIAL,
507 zio->io_txg, 1))
508 continue;
509 mc->mc_error = SET_ERROR(ESTALE);
510 }
511
512 zio_nowait(zio_vdev_child_io(zio, zio->io_bp,
513 mc->mc_vd, mc->mc_offset,
514 zio->io_abd, zio->io_size,
515 ZIO_TYPE_WRITE, ZIO_PRIORITY_ASYNC_WRITE,
516 ZIO_FLAG_IO_REPAIR | (unexpected_errors ?
517 ZIO_FLAG_SELF_HEAL : 0), NULL, NULL));
518 }
519 }
520 }
521
522 static void
523 vdev_mirror_state_change(vdev_t *vd, int faulted, int degraded)
524 {
525 if (faulted == vd->vdev_children) {
526 if (vdev_children_are_offline(vd)) {
527 vdev_set_state(vd, B_FALSE, VDEV_STATE_OFFLINE,
528 VDEV_AUX_CHILDREN_OFFLINE);
529 } else {
530 vdev_set_state(vd, B_FALSE, VDEV_STATE_CANT_OPEN,
531 VDEV_AUX_NO_REPLICAS);
532 }
533 } else if (degraded + faulted != 0) {
534 vdev_set_state(vd, B_FALSE, VDEV_STATE_DEGRADED, VDEV_AUX_NONE);
535 } else {
536 vdev_set_state(vd, B_FALSE, VDEV_STATE_HEALTHY, VDEV_AUX_NONE);
537 }
538 }
539
540 vdev_ops_t vdev_mirror_ops = {
541 vdev_mirror_open,
542 vdev_mirror_close,
543 vdev_default_asize,
544 vdev_mirror_io_start,
545 vdev_mirror_io_done,
546 vdev_mirror_state_change,
547 NULL,
548 NULL,
549 NULL,
550 VDEV_TYPE_MIRROR, /* name of this vdev type */
551 B_FALSE /* not a leaf vdev */
552 };
553
554 vdev_ops_t vdev_replacing_ops = {
555 vdev_mirror_open,
556 vdev_mirror_close,
557 vdev_default_asize,
558 vdev_mirror_io_start,
559 vdev_mirror_io_done,
560 vdev_mirror_state_change,
561 NULL,
562 NULL,
563 NULL,
564 VDEV_TYPE_REPLACING, /* name of this vdev type */
565 B_FALSE /* not a leaf vdev */
566 };
567
568 vdev_ops_t vdev_spare_ops = {
569 vdev_mirror_open,
570 vdev_mirror_close,
571 vdev_default_asize,
572 vdev_mirror_io_start,
573 vdev_mirror_io_done,
574 vdev_mirror_state_change,
575 NULL,
576 NULL,
577 NULL,
578 VDEV_TYPE_SPARE, /* name of this vdev type */
579 B_FALSE /* not a leaf vdev */
580 };