1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2010 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 /* 27 * Copyright (c) 2012, 2018 by Delphix. All rights reserved. 28 */ 29 30 #include <sys/zfs_context.h> 31 #include <sys/spa.h> 32 #include <sys/spa_impl.h> 33 #include <sys/dsl_pool.h> 34 #include <sys/dsl_scan.h> 35 #include <sys/vdev_impl.h> 36 #include <sys/zio.h> 37 #include <sys/abd.h> 38 #include <sys/fs/zfs.h> 39 40 /* 41 * Virtual device vector for mirroring. 42 */ 43 44 typedef struct mirror_child { 45 vdev_t *mc_vd; 46 uint64_t mc_offset; 47 int mc_error; 48 uint8_t mc_tried; 49 uint8_t mc_skipped; 50 uint8_t mc_speculative; 51 } mirror_child_t; 52 53 typedef struct mirror_map { 54 int mm_children; 55 int mm_resilvering; 56 int mm_preferred; 57 int mm_root; 58 mirror_child_t mm_child[1]; 59 } mirror_map_t; 60 61 int vdev_mirror_shift = 21; 62 63 static void 64 vdev_mirror_map_free(zio_t *zio) 65 { 66 mirror_map_t *mm = zio->io_vsd; 67 68 kmem_free(mm, offsetof(mirror_map_t, mm_child[mm->mm_children])); 69 } 70 71 static const zio_vsd_ops_t vdev_mirror_vsd_ops = { 72 vdev_mirror_map_free, 73 zio_vsd_default_cksum_report 74 }; 75 76 static mirror_map_t * 77 vdev_mirror_map_alloc(zio_t *zio) 78 { 79 mirror_map_t *mm = NULL; 80 mirror_child_t *mc; 81 vdev_t *vd = zio->io_vd; 82 int c, d; 83 84 if (vd == NULL) { 85 dva_t *dva = zio->io_bp->blk_dva; 86 spa_t *spa = zio->io_spa; 87 dva_t dva_copy[SPA_DVAS_PER_BP]; 88 89 c = BP_GET_NDVAS(zio->io_bp); 90 91 /* 92 * If we do not trust the pool config, some DVAs might be 93 * invalid or point to vdevs that do not exist. We skip them. 94 */ 95 if (!spa_trust_config(spa)) { 96 ASSERT3U(zio->io_type, ==, ZIO_TYPE_READ); 97 int j = 0; 98 for (int i = 0; i < c; i++) { 99 if (zfs_dva_valid(spa, &dva[i], zio->io_bp)) 100 dva_copy[j++] = dva[i]; 101 } 102 if (j == 0) { 103 zio->io_vsd = NULL; 104 zio->io_error = ENXIO; 105 return (NULL); 106 } 107 if (j < c) { 108 dva = dva_copy; 109 c = j; 110 } 111 } 112 113 mm = kmem_zalloc(offsetof(mirror_map_t, mm_child[c]), KM_SLEEP); 114 mm->mm_children = c; 115 mm->mm_resilvering = B_FALSE; 116 mm->mm_preferred = spa_get_random(c); 117 mm->mm_root = B_TRUE; 118 119 /* 120 * Check the other, lower-index DVAs to see if they're on 121 * the same vdev as the child we picked. If they are, use 122 * them since they are likely to have been allocated from 123 * the primary metaslab in use at the time, and hence are 124 * more likely to have locality with single-copy data. 125 */ 126 for (c = mm->mm_preferred, d = c - 1; d >= 0; d--) { 127 if (DVA_GET_VDEV(&dva[d]) == DVA_GET_VDEV(&dva[c])) 128 mm->mm_preferred = d; 129 } 130 131 for (c = 0; c < mm->mm_children; c++) { 132 mc = &mm->mm_child[c]; 133 134 mc->mc_vd = vdev_lookup_top(spa, DVA_GET_VDEV(&dva[c])); 135 mc->mc_offset = DVA_GET_OFFSET(&dva[c]); 136 } 137 } else { 138 int replacing; 139 140 c = vd->vdev_children; 141 142 mm = kmem_zalloc(offsetof(mirror_map_t, mm_child[c]), KM_SLEEP); 143 mm->mm_children = c; 144 /* 145 * If we are resilvering, then we should handle scrub reads 146 * differently; we shouldn't issue them to the resilvering 147 * device because it might not have those blocks. 148 * 149 * We are resilvering iff: 150 * 1) We are a replacing vdev (ie our name is "replacing-1" or 151 * "spare-1" or something like that), and 152 * 2) The pool is currently being resilvered. 153 * 154 * We cannot simply check vd->vdev_resilver_txg, because it's 155 * not set in this path. 156 * 157 * Nor can we just check our vdev_ops; there are cases (such as 158 * when a user types "zpool replace pool odev spare_dev" and 159 * spare_dev is in the spare list, or when a spare device is 160 * automatically used to replace a DEGRADED device) when 161 * resilvering is complete but both the original vdev and the 162 * spare vdev remain in the pool. That behavior is intentional. 163 * It helps implement the policy that a spare should be 164 * automatically removed from the pool after the user replaces 165 * the device that originally failed. 166 */ 167 replacing = (vd->vdev_ops == &vdev_replacing_ops || 168 vd->vdev_ops == &vdev_spare_ops); 169 /* 170 * If a spa load is in progress, then spa_dsl_pool may be 171 * uninitialized. But we shouldn't be resilvering during a spa 172 * load anyway. 173 */ 174 if (replacing && 175 (spa_load_state(vd->vdev_spa) == SPA_LOAD_NONE) && 176 dsl_scan_resilvering(vd->vdev_spa->spa_dsl_pool)) { 177 mm->mm_resilvering = B_TRUE; 178 } else { 179 mm->mm_resilvering = B_FALSE; 180 } 181 182 mm->mm_preferred = mm->mm_resilvering ? 0 : 183 (zio->io_offset >> vdev_mirror_shift) % c; 184 mm->mm_root = B_FALSE; 185 186 for (c = 0; c < mm->mm_children; c++) { 187 mc = &mm->mm_child[c]; 188 mc->mc_vd = vd->vdev_child[c]; 189 mc->mc_offset = zio->io_offset; 190 } 191 } 192 193 zio->io_vsd = mm; 194 zio->io_vsd_ops = &vdev_mirror_vsd_ops; 195 return (mm); 196 } 197 198 static int 199 vdev_mirror_open(vdev_t *vd, uint64_t *asize, uint64_t *max_asize, 200 uint64_t *ashift) 201 { 202 int numerrors = 0; 203 int lasterror = 0; 204 205 if (vd->vdev_children == 0) { 206 vd->vdev_stat.vs_aux = VDEV_AUX_BAD_LABEL; 207 return (SET_ERROR(EINVAL)); 208 } 209 210 vdev_open_children(vd); 211 212 for (int c = 0; c < vd->vdev_children; c++) { 213 vdev_t *cvd = vd->vdev_child[c]; 214 215 if (cvd->vdev_open_error) { 216 lasterror = cvd->vdev_open_error; 217 numerrors++; 218 continue; 219 } 220 221 *asize = MIN(*asize - 1, cvd->vdev_asize - 1) + 1; 222 *max_asize = MIN(*max_asize - 1, cvd->vdev_max_asize - 1) + 1; 223 *ashift = MAX(*ashift, cvd->vdev_ashift); 224 } 225 226 if (numerrors == vd->vdev_children) { 227 if (vdev_children_are_offline(vd)) 228 vd->vdev_stat.vs_aux = VDEV_AUX_CHILDREN_OFFLINE; 229 else 230 vd->vdev_stat.vs_aux = VDEV_AUX_NO_REPLICAS; 231 return (lasterror); 232 } 233 234 return (0); 235 } 236 237 static void 238 vdev_mirror_close(vdev_t *vd) 239 { 240 for (int c = 0; c < vd->vdev_children; c++) 241 vdev_close(vd->vdev_child[c]); 242 } 243 244 static void 245 vdev_mirror_child_done(zio_t *zio) 246 { 247 mirror_child_t *mc = zio->io_private; 248 249 mc->mc_error = zio->io_error; 250 mc->mc_tried = 1; 251 mc->mc_skipped = 0; 252 } 253 254 static void 255 vdev_mirror_scrub_done(zio_t *zio) 256 { 257 mirror_child_t *mc = zio->io_private; 258 259 if (zio->io_error == 0) { 260 zio_t *pio; 261 zio_link_t *zl = NULL; 262 263 mutex_enter(&zio->io_lock); 264 while ((pio = zio_walk_parents(zio, &zl)) != NULL) { 265 mutex_enter(&pio->io_lock); 266 ASSERT3U(zio->io_size, >=, pio->io_size); 267 abd_copy(pio->io_abd, zio->io_abd, pio->io_size); 268 mutex_exit(&pio->io_lock); 269 } 270 mutex_exit(&zio->io_lock); 271 } 272 abd_free(zio->io_abd); 273 274 mc->mc_error = zio->io_error; 275 mc->mc_tried = 1; 276 mc->mc_skipped = 0; 277 } 278 279 /* 280 * Try to find a child whose DTL doesn't contain the block we want to read. 281 * If we can't, try the read on any vdev we haven't already tried. 282 */ 283 static int 284 vdev_mirror_child_select(zio_t *zio) 285 { 286 mirror_map_t *mm = zio->io_vsd; 287 mirror_child_t *mc; 288 uint64_t txg = zio->io_txg; 289 int i, c; 290 291 ASSERT(zio->io_bp == NULL || BP_PHYSICAL_BIRTH(zio->io_bp) == txg); 292 293 /* 294 * Try to find a child whose DTL doesn't contain the block to read. 295 * If a child is known to be completely inaccessible (indicated by 296 * vdev_readable() returning B_FALSE), don't even try. 297 */ 298 for (i = 0, c = mm->mm_preferred; i < mm->mm_children; i++, c++) { 299 if (c >= mm->mm_children) 300 c = 0; 301 mc = &mm->mm_child[c]; 302 if (mc->mc_tried || mc->mc_skipped) 303 continue; 304 if (!vdev_readable(mc->mc_vd)) { 305 mc->mc_error = SET_ERROR(ENXIO); 306 mc->mc_tried = 1; /* don't even try */ 307 mc->mc_skipped = 1; 308 continue; 309 } 310 if (!vdev_dtl_contains(mc->mc_vd, DTL_MISSING, txg, 1)) 311 return (c); 312 mc->mc_error = SET_ERROR(ESTALE); 313 mc->mc_skipped = 1; 314 mc->mc_speculative = 1; 315 } 316 317 /* 318 * Every device is either missing or has this txg in its DTL. 319 * Look for any child we haven't already tried before giving up. 320 */ 321 for (c = 0; c < mm->mm_children; c++) 322 if (!mm->mm_child[c].mc_tried) 323 return (c); 324 325 /* 326 * Every child failed. There's no place left to look. 327 */ 328 return (-1); 329 } 330 331 static void 332 vdev_mirror_io_start(zio_t *zio) 333 { 334 mirror_map_t *mm; 335 mirror_child_t *mc; 336 int c, children; 337 338 mm = vdev_mirror_map_alloc(zio); 339 340 if (mm == NULL) { 341 ASSERT(!spa_trust_config(zio->io_spa)); 342 ASSERT(zio->io_type == ZIO_TYPE_READ); 343 zio_execute(zio); 344 return; 345 } 346 347 if (zio->io_type == ZIO_TYPE_READ) { 348 if (zio->io_bp != NULL && 349 (zio->io_flags & ZIO_FLAG_SCRUB) && !mm->mm_resilvering) { 350 /* 351 * For scrubbing reads (if we can verify the 352 * checksum here, as indicated by io_bp being 353 * non-NULL) we need to allocate a read buffer for 354 * each child and issue reads to all children. If 355 * any child succeeds, it will copy its data into 356 * zio->io_data in vdev_mirror_scrub_done. 357 */ 358 for (c = 0; c < mm->mm_children; c++) { 359 mc = &mm->mm_child[c]; 360 zio_nowait(zio_vdev_child_io(zio, zio->io_bp, 361 mc->mc_vd, mc->mc_offset, 362 abd_alloc_sametype(zio->io_abd, 363 zio->io_size), zio->io_size, 364 zio->io_type, zio->io_priority, 0, 365 vdev_mirror_scrub_done, mc)); 366 } 367 zio_execute(zio); 368 return; 369 } 370 /* 371 * For normal reads just pick one child. 372 */ 373 c = vdev_mirror_child_select(zio); 374 children = (c >= 0); 375 } else { 376 ASSERT(zio->io_type == ZIO_TYPE_WRITE); 377 378 /* 379 * Writes go to all children. 380 */ 381 c = 0; 382 children = mm->mm_children; 383 } 384 385 while (children--) { 386 mc = &mm->mm_child[c]; 387 zio_nowait(zio_vdev_child_io(zio, zio->io_bp, 388 mc->mc_vd, mc->mc_offset, zio->io_abd, zio->io_size, 389 zio->io_type, zio->io_priority, 0, 390 vdev_mirror_child_done, mc)); 391 c++; 392 } 393 394 zio_execute(zio); 395 } 396 397 static int 398 vdev_mirror_worst_error(mirror_map_t *mm) 399 { 400 int error[2] = { 0, 0 }; 401 402 for (int c = 0; c < mm->mm_children; c++) { 403 mirror_child_t *mc = &mm->mm_child[c]; 404 int s = mc->mc_speculative; 405 error[s] = zio_worst_error(error[s], mc->mc_error); 406 } 407 408 return (error[0] ? error[0] : error[1]); 409 } 410 411 static void 412 vdev_mirror_io_done(zio_t *zio) 413 { 414 mirror_map_t *mm = zio->io_vsd; 415 mirror_child_t *mc; 416 int c; 417 int good_copies = 0; 418 int unexpected_errors = 0; 419 420 if (mm == NULL) 421 return; 422 423 for (c = 0; c < mm->mm_children; c++) { 424 mc = &mm->mm_child[c]; 425 426 if (mc->mc_error) { 427 if (!mc->mc_skipped) 428 unexpected_errors++; 429 } else if (mc->mc_tried) { 430 good_copies++; 431 } 432 } 433 434 if (zio->io_type == ZIO_TYPE_WRITE) { 435 /* 436 * XXX -- for now, treat partial writes as success. 437 * 438 * Now that we support write reallocation, it would be better 439 * to treat partial failure as real failure unless there are 440 * no non-degraded top-level vdevs left, and not update DTLs 441 * if we intend to reallocate. 442 */ 443 /* XXPOLICY */ 444 if (good_copies != mm->mm_children) { 445 /* 446 * Always require at least one good copy. 447 * 448 * For ditto blocks (io_vd == NULL), require 449 * all copies to be good. 450 * 451 * XXX -- for replacing vdevs, there's no great answer. 452 * If the old device is really dead, we may not even 453 * be able to access it -- so we only want to 454 * require good writes to the new device. But if 455 * the new device turns out to be flaky, we want 456 * to be able to detach it -- which requires all 457 * writes to the old device to have succeeded. 458 */ 459 if (good_copies == 0 || zio->io_vd == NULL) 460 zio->io_error = vdev_mirror_worst_error(mm); 461 } 462 return; 463 } 464 465 ASSERT(zio->io_type == ZIO_TYPE_READ); 466 467 /* 468 * If we don't have a good copy yet, keep trying other children. 469 */ 470 /* XXPOLICY */ 471 if (good_copies == 0 && (c = vdev_mirror_child_select(zio)) != -1) { 472 ASSERT(c >= 0 && c < mm->mm_children); 473 mc = &mm->mm_child[c]; 474 zio_vdev_io_redone(zio); 475 zio_nowait(zio_vdev_child_io(zio, zio->io_bp, 476 mc->mc_vd, mc->mc_offset, zio->io_abd, zio->io_size, 477 ZIO_TYPE_READ, zio->io_priority, 0, 478 vdev_mirror_child_done, mc)); 479 return; 480 } 481 482 /* XXPOLICY */ 483 if (good_copies == 0) { 484 zio->io_error = vdev_mirror_worst_error(mm); 485 ASSERT(zio->io_error != 0); 486 } 487 488 if (good_copies && spa_writeable(zio->io_spa) && 489 (unexpected_errors || 490 (zio->io_flags & ZIO_FLAG_RESILVER) || 491 ((zio->io_flags & ZIO_FLAG_SCRUB) && mm->mm_resilvering))) { 492 /* 493 * Use the good data we have in hand to repair damaged children. 494 */ 495 for (c = 0; c < mm->mm_children; c++) { 496 /* 497 * Don't rewrite known good children. 498 * Not only is it unnecessary, it could 499 * actually be harmful: if the system lost 500 * power while rewriting the only good copy, 501 * there would be no good copies left! 502 */ 503 mc = &mm->mm_child[c]; 504 505 if (mc->mc_error == 0) { 506 if (mc->mc_tried) 507 continue; 508 /* 509 * We didn't try this child. We need to 510 * repair it if: 511 * 1. it's a scrub (in which case we have 512 * tried everything that was healthy) 513 * - or - 514 * 2. it's an indirect vdev (in which case 515 * it could point to any other vdev, which 516 * might have a bad DTL) 517 * - or - 518 * 3. the DTL indicates that this data is 519 * missing from this vdev 520 */ 521 if (!(zio->io_flags & ZIO_FLAG_SCRUB) && 522 mc->mc_vd->vdev_ops != &vdev_indirect_ops && 523 !vdev_dtl_contains(mc->mc_vd, DTL_PARTIAL, 524 zio->io_txg, 1)) 525 continue; 526 mc->mc_error = SET_ERROR(ESTALE); 527 } 528 529 zio_nowait(zio_vdev_child_io(zio, zio->io_bp, 530 mc->mc_vd, mc->mc_offset, 531 zio->io_abd, zio->io_size, 532 ZIO_TYPE_WRITE, ZIO_PRIORITY_ASYNC_WRITE, 533 ZIO_FLAG_IO_REPAIR | (unexpected_errors ? 534 ZIO_FLAG_SELF_HEAL : 0), NULL, NULL)); 535 } 536 } 537 } 538 539 static void 540 vdev_mirror_state_change(vdev_t *vd, int faulted, int degraded) 541 { 542 if (faulted == vd->vdev_children) { 543 if (vdev_children_are_offline(vd)) { 544 vdev_set_state(vd, B_FALSE, VDEV_STATE_OFFLINE, 545 VDEV_AUX_CHILDREN_OFFLINE); 546 } else { 547 vdev_set_state(vd, B_FALSE, VDEV_STATE_CANT_OPEN, 548 VDEV_AUX_NO_REPLICAS); 549 } 550 } else if (degraded + faulted != 0) { 551 vdev_set_state(vd, B_FALSE, VDEV_STATE_DEGRADED, VDEV_AUX_NONE); 552 } else { 553 vdev_set_state(vd, B_FALSE, VDEV_STATE_HEALTHY, VDEV_AUX_NONE); 554 } 555 } 556 557 vdev_ops_t vdev_mirror_ops = { 558 vdev_mirror_open, 559 vdev_mirror_close, 560 vdev_default_asize, 561 vdev_mirror_io_start, 562 vdev_mirror_io_done, 563 vdev_mirror_state_change, 564 NULL, 565 NULL, 566 NULL, 567 vdev_default_xlate, 568 VDEV_TYPE_MIRROR, /* name of this vdev type */ 569 B_FALSE /* not a leaf vdev */ 570 }; 571 572 vdev_ops_t vdev_replacing_ops = { 573 vdev_mirror_open, 574 vdev_mirror_close, 575 vdev_default_asize, 576 vdev_mirror_io_start, 577 vdev_mirror_io_done, 578 vdev_mirror_state_change, 579 NULL, 580 NULL, 581 NULL, 582 vdev_default_xlate, 583 VDEV_TYPE_REPLACING, /* name of this vdev type */ 584 B_FALSE /* not a leaf vdev */ 585 }; 586 587 vdev_ops_t vdev_spare_ops = { 588 vdev_mirror_open, 589 vdev_mirror_close, 590 vdev_default_asize, 591 vdev_mirror_io_start, 592 vdev_mirror_io_done, 593 vdev_mirror_state_change, 594 NULL, 595 NULL, 596 NULL, 597 vdev_default_xlate, 598 VDEV_TYPE_SPARE, /* name of this vdev type */ 599 B_FALSE /* not a leaf vdev */ 600 }; 601