| blob | 8630593ec964b059ce0178c85ad2638f5ea74203 |
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
22 /*
23 * Copyright (c) 1992, 2010, Oracle and/or its affiliates. All rights reserved.
24 */
26 #include <sys/param.h>
27 #include <sys/systm.h>
28 #include <sys/conf.h>
29 #include <sys/file.h>
30 #include <sys/user.h>
31 #include <sys/uio.h>
32 #include <sys/t_lock.h>
33 #include <sys/buf.h>
34 #include <sys/dkio.h>
35 #include <sys/vtoc.h>
36 #include <sys/kmem.h>
37 #include <vm/page.h>
38 #include <sys/cmn_err.h>
39 #include <sys/sysmacros.h>
40 #include <sys/types.h>
41 #include <sys/mkdev.h>
42 #include <sys/stat.h>
43 #include <sys/open.h>
44 #include <sys/disp.h>
45 #include <sys/lvm/md_mirror.h>
46 #include <sys/modctl.h>
47 #include <sys/ddi.h>
48 #include <sys/sunddi.h>
49 #include <sys/debug.h>
50 #include <sys/callb.h>
52 #include <sys/sysevent/eventdefs.h>
53 #include <sys/sysevent/svm.h>
54 #include <sys/lvm/mdmn_commd.h>
74 #ifdef DEBUG
76 #endif
78 /*
79 * Tunable resync thread timeout. This is used as the time interval for updating
80 * the resync progress to the mddb. This allows restartable resyncs to be
81 * continued across a system reboot.
82 * Default is to update the resync progress every 5 minutes.
83 */
86 /*
87 * Settable mirror resync buffer size. Specified in 512 byte
88 * blocks. This is set to MD_DEF_RESYNC_BUF_SIZE by default.
89 */
92 /*
93 * Tunables for dirty region processing when
94 * closing down a mirror.
95 *
96 * Dirty region processing during close of a
97 * mirror is basically monitoring the state
98 * of the resync region bitmaps and the number
99 * of outstanding i/o's per submirror to
100 * determine that there are no more dirty
101 * regions left over.
102 *
103 * The approach taken is a retry logic over
104 * md_mirror_rr_cleans iterations to monitor
105 * the progress.
106 *
107 * There are two methods of polling the progress
108 * on dirty bitmap processing: busy-waits and
109 * non-busy-waits.
110 *
111 * Busy-waits are used at the beginning to
112 * determine the final state as quick as
113 * possible; md_mirror_rr_polls defines the
114 * number of busy-waits.
115 *
116 * In case the number of busy-waits got exhausted
117 * with dirty regions left over, the retry logic
118 * switches over to non-busy-waits, thus giving
119 * relief to an obviously heavily loaded system.
120 * The timeout value is defined by the tunable
121 * md_mirror_rr_sleep_timo in seconds.
122 *
123 * The number of non-busy-waits is given by:
124 * md_mirror_rr_cleans - md_mirror_rr_polls.
125 *
126 * The values were found by testing on a
127 * 'typical' system and may require tuning
128 * to meet specific customer's requirements.
129 */
135 /*
136 * The value is not #defined because it will be computed
137 * in the future.
138 */
141 /*
142 * mirror_generate_rr_bitmap:
143 * -------------------
144 * Generate a compressed bitmap md_mn_msg_rr_clean_t for the given clean
145 * bitmap associated with mirror 'un'
146 *
147 * Input:
148 * un - mirror unit to get bitmap data from
149 * *msgp - location to return newly allocated md_mn_msg_rr_clean_t
150 * *activep- location to return # of active i/os
151 *
152 * Returns:
153 * 1 => dirty bits cleared from un_dirty_bm and DRL flush required
154 * *msgp contains bitmap of to-be-cleared bits
155 * 0 => no bits cleared
156 * *msgp == NULL
157 */
158 static int
161 {
165 /* Skip any initial 0s. */
166 retry_dirty_scan:
170 /*
171 * Handle case where NO bits are set in PERNODE_DIRTY but the
172 * un_dirty_bm[] map does have entries set (after a 1st resync)
173 */
177 ;
185 }
186 }
188 /* how much to fit into this message */
190 MDMN_MSG_RR_CLEAN_DATA_MAX_BYTES);
193 KM_SLEEP);
204 }
207 }
211 }
213 /*
214 * Handle the case where a resync has completed and we still
215 * have the un_dirty_bm[] entries marked as dirty (these are
216 * the most recent DRL re-read from the replica). They need
217 * to be cleared from our un_dirty_bm[] but they will not have
218 * corresponding un_pernode_dirty[] entries set unless (and
219 * until) further write()s have been issued to the area.
220 * This handles the case where only the un_dirty_bm[] entry is
221 * set. Without this we'd not clear this region until a local
222 * write is issued to the affected area.
223 */
230 }
231 /*
232 * Now we've got a flagged pernode_dirty, _or_ a clean
233 * bitmap entry to process. Update the bitmap to flush
234 * the REGION_DIRTY / GOING_CLEAN bits when we send the
235 * cross-cluster message.
236 */
237 cleared_dirty++;
240 /*
241 * Not marked as active in the pernode bitmap, so skip
242 * any update to this. We just increment the 0 count
243 * and adjust the active count by any outstanding
244 * un_pernode_dirty_sum[] entries. This means we don't
245 * leave the mirror permanently dirty.
246 */
248 }
249 }
253 }
256 }
258 /*
259 * There are three paths into here:
260 *
261 * md_daemon -> check_resync_regions -> prr
262 * mirror_internal_close -> mirror_process_unit_resync -> prr
263 * mirror_set_capability -> mirror_process_unit_resync -> prr
264 *
265 * The first one is a kernel daemon, the other two result from system calls.
266 * Thus, only the first case needs to deal with kernel CPR activity. This
267 * is indicated by the cprinfop being non-NULL for kernel daemon calls, and
268 * NULL for system call paths.
269 */
270 static int
272 {
275 /* Number of reasons why we can not proceed shutting down the mirror. */
283 md_mn_nodeid_t owner_node;
285 /*
286 * We drop the readerlock here to assist lock ordering with
287 * update_resync. Once we have the un_rrp_inflight_mx, we
288 * can re-acquire it.
289 */
292 /*
293 * Resync region processing must be single threaded. We can't use
294 * un_resync_mx for this purpose since this mutex gets released
295 * when blocking on un_resync_cv.
296 */
311 /*
312 * Transmit the 'to-be-cleared' bitmap to all cluster nodes.
313 * Receipt of the message will cause the mirror owner to
314 * update the on-disk DRL.
315 */
319 /* release readerlock before sending message */
325 }
335 }
337 /* reacquire readerlock after message */
342 /* if commd is gone, no point in printing a message */
349 }
352 /*
353 * If ownership changed while we were sending, we probably
354 * sent the message to the wrong node. Leave fixing that for
355 * the next cycle.
356 */
360 }
362 /*
363 * Now that we've sent the message, clear them from the
364 * pernode_dirty arrays. These are ONLY cleared on a
365 * successful send, and failure has no impact.
366 */
372 RW_READER);
379 un);
380 }
382 cleared_dirty++;
385 }
386 }
387 }
391 }
397 }
399 static int
401 {
404 /* Number of reasons why we can not proceed shutting down the mirror. */
412 /*
413 * We drop the readerlock here to assist lock ordering with
414 * update_resync. Once we have the un_rrp_inflight_mx, we
415 * can re-acquire it.
416 */
419 /*
420 * Resync region processing must be single threaded. We can't use
421 * un_resync_mx for this purpose since this mutex gets released
422 * when blocking on un_resync_cv.
423 */
436 RW_READER);
440 /*
441 * Clear the bits from the pernode_dirty arrays.
442 * If that results in any being cleared from the
443 * un_dirty_bm, commit it.
444 */
452 un)) {
456 }
458 cleared_dirty++;
461 }
462 }
463 }
465 }
476 active++;
478 }
482 active++;
484 }
487 cleared_dirty++;
488 }
489 }
500 active++;
502 }
503 }
509 }
511 static int
513 {
515 /*
516 * For a mirror we can only update the on-disk resync-record if we
517 * currently own the mirror. If we are called and there is no owner we
518 * bail out before scanning the outstanding_writes[] array.
519 * NOTE: we only need to check here (before scanning the array) as we
520 * are called with the readerlock held. This means that a change
521 * of ownership away from us will block until this resync check
522 * has completed.
523 */
531 }
532 }
534 /*
535 * Function that is callable from other modules to provide
536 * ability to cleanup dirty region bitmap on demand. Used
537 * on last close of a unit to avoid massive device resyncs
538 * when coming back after rolling large amounts of data to
539 * a mirror (e.g. at umount with logging).
540 */
542 void
544 {
549 cleans++;
554 }
556 /*
557 * We did not make it with md_mirror_rr_polls
558 * iterations. Give the system relief and
559 * switch over to non-busy-wait.
560 */
562 }
563 }
564 }
566 static void
568 {
572 callb_cpr_t cprinfo;
582 /*
583 * Register this resync thread with the CPR mechanism. This
584 * allows us to detect when the system is suspended and so
585 * keep track of the RPC failure condition.
586 */
593 /*
594 * Do not clean up resync regions if it is an ABR
595 * mirror, or if a submirror is offline (we will use the resync
596 * region to resync when back online) or if there is only one
597 * submirror.
598 */
602 /* Remove this thread from the CPR callback table. */
606 }
612 /* Remove this thread from the CPR callback table. */
615 }
619 /* We are done */
623 }
625 static void
627 {
634 }
639 else
643 }
645 void
647 {
656 }
658 static void
660 {
671 changed++;
672 }
676 changed++;
677 }
678 }
683 }
684 }
686 static void
688 {
689 mddb_recstatus_t status;
695 }
702 }
707 }
709 static int
711 {
712 diskaddr_t tb;
716 mddb_recid_t recid;
719 mddb_type_t typ1;
720 set_t setno;
730 }
745 }
747 }
767 }
771 }
773 int
775 {
803 /*
804 * If a MN diskset and snarfing and this node is not the
805 * master, do not delete any records on snarf of the
806 * mirror records (create_unit_resync deletes records).
807 *
808 * Master node should have already handled this case.
809 */
812 #ifdef DEBUG
816 #endif
818 }
821 }
832 /*
833 * Allocate pernode bitmap for this node. All other nodes' maps will
834 * be created 'on-the-fly' in the ioctl message handler
835 */
842 KM_SLEEP);
843 }
845 /*
846 * Allocate taskq to process deferred (due to locking) RR_CLEAN
847 * requests.
848 */
851 }
856 /*
857 * Only mark mirror which has an associated DRL as requiring a resync.
858 * For ABR mirrors we need not set the resync record bitmap up.
859 */
868 syncable++;
869 }
870 }
888 MD_PRV_PENDCOM);
889 }
890 }
891 }
893 }
895 /*
896 * resync_kill_pending:
897 * -------------------
898 * Determine if the resync thread has been requested to terminate.
899 * Block if MD_RI_BLOCK or MD_RI_BLOCK_OWNER is set in un->un_rs_thread_flags.
900 * MD_RI_BLOCK is only set as a result of a user-initiated ioctl via metasync.
901 * MD_RI_BLOCK_OWNER is set by the ownership change of a multi-node mirror.
902 *
903 * Returns:
904 * 0 Kill not pending
905 * 1 Kill requested (set MD_UN_RESYNC_CANCEL in un->c.un_status)
906 *
907 * Note: this routine may block
908 * the writerlock for <ui> will be dropped and reacquired if <mx_type>
909 * is set to MD_WRITER_HELD.
910 * the readerlock for <ui> will be dropped and reacquired if <mx_type>
911 * is set to MD_READER_HELD.
912 */
913 static int
917 uint_t mx_type)
918 {
921 /* Ensure that we don't block with any mutex held */
926 }
932 }
933 /* Determine if we've been asked to abort or shutdown gracefully */
939 }
942 /* Reacquire mutex if dropped on entry */
947 }
949 }
951 /*
952 * resync_read_buffer:
953 * ------------------
954 * Issue the resync source read for the specified start block and size.
955 * This will cause the mirror strategy routine to issue a write-after-read
956 * once this request completes successfully.
957 * If 'flag_err' is set we expect to see a write error flagged in the b_error
958 * field of the buffer created for this i/o request. If clear we do not expect
959 * to see the error flagged for write failures.
960 * Read failures will always set the B_ERROR bit which will stop the resync
961 * immediately.
962 */
963 static int
965 {
989 }
992 }
994 /*
995 * send_mn_resync_done_message
996 *
997 * At the end of a resync, send a message to all nodes to indicate that
998 * the resync is complete. The argument, flags, has the following values
999 *
1000 * RESYNC_ERR - if an error occurred that terminated the resync
1001 * CLEAR_OPT_NOT_DONE - Just need to clear the OPT_NOT_DONE flag
1002 *
1003 * unit writerlock set on entry
1004 * Only send the message if the thread is not marked as shutting down:
1005 * [un_rs_thread_flags & MD_RI_SHUTDOWN] or being killed:
1006 * [un->c.un_status & MD_UN_RESYNC_CANCEL]
1007 * or if there has been an error that terminated the resync:
1008 * flags & RESYNC_ERR
1009 *
1010 */
1011 static void
1014 int flags
1015 )
1016 {
1018 set_t setno;
1027 /*
1028 * Only send the message if this resync thread is still active. This
1029 * handles the case where ownership changes to different nodes during
1030 * a resync can cause multiple spurious resync_done messages to occur
1031 * when the resync completes. This happens because only one node is
1032 * the resync owner but other nodes will have their resync_unit thread
1033 * blocked in 'resync_kill_pending'
1034 */
1041 /*
1042 * Always send a message if we've encountered an error that terminated
1043 * the resync.
1044 */
1049 #ifdef DEBUG
1054 }
1057 }
1059 #ifdef DEBUG
1063 }
1064 #endif
1079 smrd_msg:
1089 /* if the node hasn't yet joined, it's Ok. */
1093 /* If we're shutting down already, pause things here. */
1097 }
1098 /*
1099 * commd is now available again. Retry the message once.
1100 * If this fails we panic as the system is in an
1101 * unexpected state.
1102 */
1105 }
1107 }
1110 }
1112 /*
1113 * send_mn_resync_next_message
1114 *
1115 * Sent a message to all nodes indicating the next region to be resynced.
1116 * The message contains the region to be resynced and the current position in
1117 * the resync as denoted by un_rs_resync_done and un_rs_resync_2_do.
1118 * On entry the unit readerlock is held.
1119 */
1120 static void
1123 diskaddr_t currentblk,
1125 int flags
1126 )
1127 {
1129 set_t setno;
1139 #ifdef DEBUG
1145 }
1146 #endif
1157 /*
1158 * Copy current submirror state and flags into message. This provides
1159 * a means of keeping all nodes that are currently active in the cluster
1160 * synchronised with regards to their submirror state settings. If we
1161 * did not pass this information here, the only time every node gets
1162 * submirror state updated is at the end of a resync phase. This can be
1163 * a significant amount of time for large metadevices.
1164 */
1169 }
1174 smrn_msg:
1186 /* If we're shutting down already, pause things here. */
1190 }
1191 /*
1192 * commd is now available again. Retry the message once.
1193 * If this fails we panic as the system is in an
1194 * unexpected state.
1195 */
1198 }
1200 }
1205 /* Allocate previous overlap reference if needed */
1218 }
1222 }
1224 static int
1227 diskaddr_t currentblk,
1228 diskaddr_t stopbefore,
1229 uint_t type,
1230 int flags
1231 )
1232 {
1235 set_t setno;
1236 diskaddr_t newstop;
1237 diskaddr_t rs_startblk;
1238 uint_t rs_type;
1253 /*
1254 * Split the block up into units of MD_DEF_RESYNC_BLK_SZ and
1255 * if a MN device and sendflag is set, send a RESYNC_MESSAGE
1256 * to all nodes.
1257 */
1264 flags1);
1267 /* check to see if we've been asked to terminate */
1271 /*
1272 * Check to see if another node has completed this
1273 * block, if so either the type or the resync region
1274 * will have changed. If the resync type has changed,
1275 * just exit.
1276 * If the resync region has changed, reset currentblk
1277 * to the start of the current resync region and
1278 * continue.
1279 */
1283 rs_startblk) {
1284 currentblk =
1287 }
1288 }
1297 /* resync_read_buffer releases/grabs a new lock */
1301 /* check to see if we've been asked to terminate */
1306 /*
1307 * Check to see if another node has completed
1308 * this block, see above
1309 */
1313 rs_startblk)
1314 currentblk =
1316 }
1317 }
1318 }
1320 }
1322 static void
1324 {
1326 minor_t mnum;
1333 sm_state_t state;
1335 set_t setno;
1337 uint_t old_rs_done;
1346 /*
1347 * We aren't marked as needing a resync so for multi-node
1348 * sets we flag the completion so that all nodes see the same
1349 * metadevice state. This is a problem when a new node joins
1350 * an existing set as it has to perform a 'metasync -r' and
1351 * we have to step through all of the resync phases. If we
1352 * don't do this the nodes that were already in the set will
1353 * have the metadevices marked as 'Okay' but the joining node
1354 * will have 'Needs Maintenance' which is unclearable.
1355 */
1358 }
1360 }
1362 /*
1363 * No need for optimized resync if ABR set, clear rs_type and flags
1364 * and exit
1365 */
1370 }
1378 /* For MN sets, resync NOTIFY is done when processing resync messages */
1382 }
1385 /* check to see if we've been asked to terminate */
1389 }
1390 /*
1391 * Check that we are still performing an optimized
1392 * resync. If not, another node must have completed it
1393 * so we have no more work to do.
1394 */
1399 }
1400 /*
1401 * If rs_resync_done is non-zero, we must be completing an optimized
1402 * resync that has already been partially done on another node.
1403 * Therefore clear the bits in resync_bm for the resync regions
1404 * already done. If resync_startbl is zero, calculate 2_do.
1405 */
1415 }
1427 /* resync_read_blk_range releases/grabs a new lock */
1433 }
1435 /*
1436 * Check that we are still performing an optimized
1437 * resync. If not, another node must have completed it
1438 * so we have no more work to do.
1439 */
1444 }
1446 /*
1447 * If resync_done has increased, we must have
1448 * blocked in resync_read_blk_range while another node
1449 * continued with the resync. Therefore clear resync_bm
1450 * for the blocks that have been resynced on another
1451 * node and update rr to the next RR to be done.
1452 */
1456 un);
1466 cnt++;
1470 }
1472 /* Check to see if we've completed the resync cleanly */
1476 /*
1477 * Check that we haven't exceeded un_rs_resync_2_do. If
1478 * we have we've completed the resync.
1479 */
1482 }
1483 }
1487 /*
1488 * If MN set send message to all nodes to indicate resync
1489 * phase is complete. The processing of the message will update the
1490 * mirror state
1491 */
1509 }
1512 }
1513 }
1515 /* For MN sets, resync NOTIFY is done when processing resync messages */
1523 }
1524 }
1525 }
1527 /*
1528 * recalc_resync_done
1529 *
1530 * This function deals with a change in value of un_rs_resync_2_do in a
1531 * component resync. This may change if we are restarting a component
1532 * resync on a single node having rebooted with a different value of
1533 * md_resync_bufsz or if we are running in a multi-node with nodes having
1534 * different values of md_resync_bufsz.
1535 * If there is a change in un_rs_resync_2_do, we need to recalculate
1536 * the value of un_rs_resync_done given the new value for resync_2_do.
1537 * We have to calculate a new value for resync_done to be either
1538 * if un_resync_startbl is set, (un_resync_startbl - initblock)/(blksize + skip)
1539 * or if it is not set, we need to calculate it from un_rs_resync_done,
1540 * (un_rs_resync_done/un_rs_resync_2_do) * resync_2_do
1541 * In addition we need to deal with the overflow case by using a factor to
1542 * prevent overflow
1543 */
1545 static void
1548 {
1549 diskaddr_t x;
1552 /*
1553 * If resync_2_do has not yet been calculated, no need to modify
1554 * resync_done
1555 */
1558 }
1561 /*
1562 * If un_rs_startbl is set, another node must have already started
1563 * this resync and hence we can calculate resync_done from
1564 * resync_startbl
1565 */
1570 }
1571 /*
1572 * un_resync_startbl is not set so we must calculate it from
1573 * un_rs_resync_done.
1574 * If the larger of the two values of resync_2_do is greater than 32
1575 * bits, calculate a factor to divide by to ensure that we don't
1576 * overflow 64 bits when calculating the new value for resync_done
1577 */
1579 resync_2_do;
1583 }
1588 }
1590 static void
1592 {
1594 minor_t mnum;
1598 u_longlong_t skip;
1599 u_longlong_t size;
1600 u_longlong_t blk_size;
1601 diskaddr_t initblock;
1602 diskaddr_t block;
1606 set_t setno;
1610 diskaddr_t old_rs_done;
1612 diskaddr_t resync_2_do;
1626 }
1631 }
1639 count++;
1641 }
1646 /*
1647 * If part way through a resync, un_rs_resync_done/un_rs_resync_2_do
1648 * gives the proportion of the resync that has already been done.
1649 * If un_rs_copysize has changed since this previous partial resync,
1650 * either because this node has been rebooted with a different value
1651 * for md_resync_bufsz or because another node with a different value
1652 * for md_resync_bufsz performed the previous resync, we need to
1653 * recalculate un_rs_resync_done as a proportion of our value of
1654 * resync_2_do.
1655 */
1658 /*
1659 * For MN mirrors we need to send a message to all nodes indicating
1660 * the next region to be resynced. For a component resync, the size of
1661 * the contiguous region that is processed by resync_read_blk_range()
1662 * may be small if there is the interleave size.
1663 * Therefore, rather than sending the message within
1664 * resync_read_blk_range(), we will send a message every
1665 * MD_DEF_RESYNC_BLK_SZ blocks. Calculate the frequency in terms of
1666 * the number of blocks. Then, if we are restarting a resync, round
1667 * un_rs_resync_done down to the previous resync region boundary. This
1668 * ensures that we send a RESYNC_NEXT message before resyncing any
1669 * blocks
1670 */
1675 }
1676 /*
1677 * un_rs_resync_done is the number of ('size' + 'skip') increments
1678 * already resynced from the base 'block'
1679 * un_rs_resync_2_do is the number of iterations in
1680 * this component resync.
1681 */
1689 /* For MN sets, resync NOTIFY is done when processing resync messages */
1693 }
1696 /* check to see if we've been asked to terminate */
1700 }
1701 /*
1702 * Check that we are still performing the same component
1703 * resync. If not, another node must have completed it
1704 * so we have no more work to do.
1705 */
1710 }
1711 /*
1712 * Adjust resync_done, resync_2_do, start of resync area and count to
1713 * skip already resync'd data. We need to recalculate resync_done as
1714 * we have dropped the unit lock above and may have lost ownership to
1715 * another node, with a different resync buffer size and it may have
1716 * sent us new values of resync_done and resync_2_do based on its
1717 * resync buffer size
1718 */
1727 /*
1728 * For MN mirrors send a message to the other nodes. This
1729 * message includes the size of the region that must be blocked
1730 * for all writes
1731 */
1738 /*
1739 * check to see if we've been asked to
1740 * terminate
1741 */
1745 MD_UN_RESYNC_CANCEL) {
1748 }
1749 }
1751 /*
1752 * Check that we are still performing the same
1753 * component resync. If not, another node must
1754 * have completed it so we have no more work to
1755 * do. Also reset count to remaining resync as
1756 * we may have lost ownership in in
1757 * send_mn_resync_next_message while another
1758 * node continued with the resync and
1759 * incremented resync_done.
1760 */
1765 }
1766 /*
1767 * recalculate resync_done, resync_2_do
1768 * We need to recalculate resync_done as
1769 * we have dropped the unit lock in
1770 * send_mn_resync_next_message above and may
1771 * have lost ownership to another node, with a
1772 * different resync buffer size and it may have
1773 * sent us new values of resync_done and
1774 * resync_2_do based on its resync buffer size
1775 */
1781 /*
1782 * Adjust start of resync area to skip already
1783 * resync'd data
1784 */
1788 }
1789 }
1793 /* resync_read_blk_range releases/grabs a new lock */
1799 }
1800 /*
1801 * If we are no longer resyncing this component, return as
1802 * another node has progressed the resync.
1803 */
1808 }
1810 /*
1811 * recalculate resync_done, resync_2_do. We need to recalculate
1812 * resync_done as we have dropped the unit lock in
1813 * resync_read_blk_range above and may have lost ownership to
1814 * another node, with a different resync buffer size and it may
1815 * have sent us new values of resync_done and resync_2_do based
1816 * on its resync buffer size
1817 */
1821 /*
1822 * Reset count to remaining resync as we may have blocked in
1823 * resync_read_blk_range while another node continued
1824 * with the resync and incremented resync_done. Also adjust
1825 * start of resync area to skip already resync'd data.
1826 */
1831 /*
1832 * If we are picking up from another node, we retry the last
1833 * block otherwise step on to the next block
1834 */
1838 count--;
1839 }
1847 }
1849 /* Check to see if we've completed the resync cleanly */
1852 }
1857 /*
1858 * If MN set send message to all nodes to indicate resync
1859 * phase is complete. The processing of the message will update the
1860 * mirror state
1861 */
1870 else
1871 /*
1872 * As we don't transmit the changes,
1873 * no need to drop the lock.
1874 */
1877 }
1879 /* For MN sets, resync NOTIFY is done when processing resync messages */
1887 }
1889 }
1890 }
1892 static void
1894 {
1896 minor_t mnum;
1900 diskaddr_t chunk;
1901 diskaddr_t curblk;
1904 set_t setno;
1914 /*
1915 * If the submirror_index is non-zero, we are continuing a resync
1916 * so restart resync from last submirror marked as being resynced.
1917 */
1928 }
1929 }
1936 }
1937 }
1941 }
1943 /*
1944 * If we've only got one component we can fail on a resync write
1945 * if an error is encountered. This stops an unnecessary read of the
1946 * whole mirror on a target write error.
1947 */
1957 /* For MN sets, resync NOTIFY is done when processing resync messages */
1961 }
1966 /* check to see if we've been asked to terminate */
1970 }
1971 /*
1972 * Check that we are still performing the same submirror
1973 * resync. If not, another node must have completed it
1974 * so we have no more work to do.
1975 */
1980 }
1982 /* if > 1TB mirror, increase percent done granularity */
1985 else
1989 /*
1990 * If a MN set, round the chunk size up to a multiple of
1991 * MD_DEF_RESYNC_BLK_SZ
1992 */
1998 }
1999 /*
2000 * Handle restartable resyncs that continue from where the previous
2001 * resync left off. The new resync range is from un_rs_resync_done ..
2002 * un_rs_resync_2_do
2003 */
2009 }
2011 diskaddr_t rs_done;
2018 /* resync_read_blk_range releases/grabs a new lock */
2024 }
2026 /*
2027 * If we are no longer executing a submirror resync, return
2028 * as another node has completed the submirror resync.
2029 */
2034 }
2035 /*
2036 * If resync_done has changed, we must have blocked
2037 * in resync_read_blk_range while another node
2038 * continued with the resync so restart from resync_done.
2039 */
2045 }
2053 cnt++;
2057 }
2059 /* Check to see if we've completed the resync cleanly */
2062 }
2066 /*
2067 * If MN set send message to all nodes to indicate resync
2068 * phase is complete. The processing of the message will update the
2069 * mirror state
2070 */
2079 }
2082 }
2084 /* For MN sets, resync NOTIFY is done when processing resync messages */
2092 }
2093 }
2094 }
2096 static void
2098 {
2105 /*
2106 * Handle the case where we are picking up a partially complete
2107 * component resync. In this case un_rs_type contains the submirror
2108 * and component index of where we should restart the resync.
2109 */
2115 MD_WRITER_HELD))
2117 /*
2118 * If we have no current resync, contine to scan submirror and
2119 * components. If the resync has moved on to another component,
2120 * restart it and if the resync is no longer a component
2121 * resync, just exit
2122 */
2127 }
2128 /* Now continue scanning _all_ submirrors and components */
2140 /* Bail out if we've been asked to abort/shutdown */
2142 MD_WRITER_HELD))
2144 /*
2145 * Now check if another node has continued with the
2146 * resync, if we are no longer in component resync,
2147 * exit, otherwise update to the current component - 1
2148 * so that the next call of check_comp_4 resync() will
2149 * resync the current component.
2150 */
2160 }
2161 }
2162 }
2163 }
2165 static void
2167 {
2185 }
2186 }
2187 }
2189 /*
2190 * resync_progress_thread:
2191 * ----------------------
2192 * Thread started on first resync of a unit which simply blocks until woken up
2193 * by a cv_signal, and then updates the mddb for the mirror unit record. This
2194 * saves the resync progress information (un_rs_resync_done, un_rs_resync_2_do)
2195 * so that an aborted resync can be continued after an intervening reboot.
2196 */
2197 static void
2199 {
2211 /*
2212 * Commit mirror unit if we're the Master node in a multi-node
2213 * environment
2214 */
2219 }
2220 }
2222 }
2224 /*
2225 * resync_progress:
2226 * ---------------
2227 * Timeout handler for updating the progress of the resync thread.
2228 * Simply wake up the resync progress daemon which will then mirror_commit() the
2229 * unit structure to the mddb. This snapshots the current progress of the resync
2230 */
2231 static void
2233 {
2236 uint_t active;
2242 /* schedule the next timeout if the resync is still marked active */
2249 md_mirror_resync_update_intvl));
2250 }
2251 }
2253 /*
2254 * resync_unit:
2255 * -----------
2256 * Resync thread which drives all forms of resync (optimized, component,
2257 * submirror). Must handle thread suspension and kill to allow multi-node
2258 * resync to run without undue ownership changes.
2259 *
2260 * For a MN set, the reync mechanism is as follows:
2261 *
2262 * When a resync is started, either via metattach, metaonline, metareplace,
2263 * metasync or by a hotspare kicking in, a message is sent to all nodes, which
2264 * calls mirror_resync_thread. If there is currently no mirror owner, the
2265 * master node sends a CHOOSE_OWNER message to the handler on the master. This
2266 * chooses a mirror owner and sends a CHANGE_OWNER message requesting the
2267 * selected node to become the owner.
2268 * If this node is not the owner it sets itself to block in resync_kill_pending
2269 * and if there is no owner all nodes will block until the chosen owner is
2270 * selected, in which case it will unblock itself. So, on entry to this
2271 * function only one node will continue past resync_kill_pending().
2272 * Once the resync thread is started, it basically cycles through the optimized,
2273 * component and submirrors resyncs until there is no more work to do.
2274 *
2275 * For an ABR mirror, once a mirror owner is chosen it will complete the resync
2276 * unless the nodes dies in which case a new owner will be chosen and it will
2277 * have to complete the resync from the point at which the previous owner died.
2278 * To do this we broadcast a RESYNC_NEXT message before each region to be
2279 * resynced and this message contains the address and length of the region
2280 * being resynced and the current progress through the resync. The size of
2281 * this region is MD_DEF_RESYNC_BLK_SZ blocks. It is larger than the resync
2282 * block size to limit the amount of inter node traffic. The RESYNC_NEXT
2283 * message also indicates to all other nodes that all writes to this block
2284 * must be blocked until the next RESYNC_NEXT message is received. This ensures
2285 * that no node can write to a block that is being resynced. For all MN
2286 * mirrors we also block the whole resync region on the resync owner node so
2287 * that all writes to the resync region are blocked on all nodes. There is a
2288 * difference here between a MN set and a regular set in that for a MN set
2289 * we protect the mirror from writes to the current resync block by blocking
2290 * a larger region. For a regular set we just block writes to the current
2291 * resync block.
2292 *
2293 * For a non-ABR mirror the same RESYNC_NEXT message is sent with an
2294 * additional purpose. In this case, there is only one mirror owner at a time
2295 * and rather than continually switching ownership between the chosen mirror
2296 * owner and the node that is writing to the mirror, we move the resync to the
2297 * mirror owner. When we swich ownership, we block the old owner and unblock
2298 * the resync thread on the new owner. To enable the new owner to continue the
2299 * resync, all nodes need to have the latest resync status, Then, following each
2300 * resync write, we check to see if the resync state has changed and if it
2301 * has this must be because we have lost ownership to another node(s) for a
2302 * period and then have become owner again later in the resync process. If we
2303 * are still dealing with the same resync, we just adjust addresses and counts
2304 * and then continue. If the resync has moved on to a different type, for
2305 * example from an optimized to a submirror resync, we move on to process the
2306 * resync described by rs_type and continue from the position described by
2307 * resync_done and resync_startbl.
2308 *
2309 * Note that for non-ABR mirrors it is possible for a write to be made on a
2310 * non resync-owner node without a change of ownership. This is the case when
2311 * the mirror has a soft part created on it and a write in ABR mode is made
2312 * to that soft part. Therefore we still need to block writes to the resync
2313 * region on all nodes.
2314 *
2315 * Sending the latest resync state to all nodes also enables them to continue
2316 * a resync in the event that the mirror owner dies. If a mirror owner for
2317 * a non-ABR mirror has died, there will be dirty resync regions. Therefore,
2318 * regardless of whether another type of resync was in progress, we must first
2319 * do an optimized resync to clean up the dirty regions before continuing
2320 * with the interrupted resync.
2321 *
2322 * The resync status is held in the unit structure
2323 * On disk
2324 * un_rs_resync_done The number of contiguous resyc blocks done so far
2325 * un_rs_resync_2_do The total number of contiguous resync blocks
2326 * un_rs_type The resync type (inc submirror and component numbers)
2327 * In core
2328 * un_resync_startbl The address of the current resync block being processed
2329 *
2330 * In the event that the whole cluster fails we need to just use
2331 * un_rs_resync_done to restart the resync and to ensure that this is
2332 * periodically written to disk, we have a thread which writes the record
2333 * to disk every 5 minutes. As the granularity of un_rs_resync_done is
2334 * usually coarse ( for an optimized resync 1001 is the max value) there is
2335 * little point in writing this more frequently.
2336 */
2337 static void
2339 {
2355 resync_restart:
2356 #ifdef DEBUG
2359 #endif
2360 /*
2361 * increment the mirror resync count
2362 */
2372 /*
2373 * Don't allow buffer size to fall outside the
2374 * range 0 < bufsize <= md_max_xfer_bufsz.
2375 */
2379 }
2386 /*
2387 * Register this resync thread with the CPR mechanism. This
2388 * allows us to detect when the system is suspended and so
2389 * keep track of the RPC failure condition.
2390 */
2397 /*
2398 * If this is the first resync following the initial
2399 * snarf (MD_RESYNC_NOT_DONE still set) and we've
2400 * been started outside a reconfig step (e.g. by being
2401 * added to an existing set) we need to query the
2402 * existing submirror state for this mirror.
2403 * The set_status flags will have MD_MN_SET_MIR_STATE_RC
2404 * set if we've been through a step4 reconfig, so only
2405 * query the master if this isn't (yet) set. In this
2406 * case we must continue the resync thread as there is
2407 * not guaranteed to be a currently running resync on
2408 * any of the other nodes. Worst case is that we will
2409 * initiate an ownership change to this node and then
2410 * find that there is no resync to perform. However, we
2411 * will then have correct status across the cluster.
2412 */
2415 MD_SET_MN_MIR_STATE_RC)) {
2418 #ifdef DEBUG
2425 "sm[%d] state=%4x"
2429 }
2430 }
2431 #endif
2432 }
2433 }
2435 }
2436 /*
2437 * For MN set, if we have an owner, then start the resync on it.
2438 * If there is no owner the master must send a message to
2439 * choose the owner. This message will contain the current
2440 * resync count and it will only be sent to the master, where
2441 * the resync count will be used to choose the next node to
2442 * perform a resync, by cycling through the nodes in the set.
2443 * The message handler will then send a CHANGE_OWNER message to
2444 * all nodes, and on receipt of that message, the chosen owner
2445 * will issue a SET_OWNER ioctl to become the owner. This ioctl
2446 * will be requested to spawn a thread to issue the
2447 * REQUEST_OWNER message to become the owner which avoids the
2448 * need for concurrent ioctl requests.
2449 * After sending the message, we will block waiting for one
2450 * of the nodes to become the owner and start the resync
2451 */
2453 /*
2454 * There is no owner, block and then the master will
2455 * choose the owner. Only perform this if 'block_resync'
2456 * is set.
2457 */
2462 }
2467 }
2469 /* There is an owner, block if we are not it */
2474 }
2475 }
2476 }
2477 /*
2478 * Start a timeout chain to update the resync progress to the mddb.
2479 * This will run every md_mirror_resync_update_intvl minutes and allows
2480 * a resync to be continued over a reboot.
2481 */
2486 /*
2487 * Handle resync restart from the last logged position. The contents
2488 * of un_rs_resync_2_do and un_rs_resync_done are dependent on the
2489 * type of resync that was in progress.
2490 */
2501 }
2502 /* Allocate a resync message, if required */
2506 }
2508 }
2510 /* Check to see if we've been requested to block/kill */
2513 }
2517 /*
2518 * Always perform an optimized resync first as this will bring
2519 * the mirror into an available state in the shortest time.
2520 * If we are resuming an interrupted resync, other than an
2521 * optimized resync, we save the type and amount done so that
2522 * we can resume the appropriate resync after the optimized
2523 * resync has completed.
2524 */
2531 }
2533 /*
2534 * If we are continuing a resync that is not an
2535 * OPTIMIZED one, then we start from the beginning when
2536 * doing this optimized resync
2537 */
2542 }
2544 /* Check to see if we've been requested to block/kill */
2547 }
2549 /*
2550 * If another node has moved the resync on, we must
2551 * restart the correct resync
2552 */
2559 }
2561 /*
2562 * Restore previous resync progress or move onto a
2563 * component resync.
2564 */
2575 }
2579 /* Check to see if we've been requested to block/kill */
2582 }
2584 /*
2585 * If we have moved on from a component resync, another
2586 * node must have completed it and started a submirror
2587 * resync, so leave the resync state alone. For non
2588 * multi-node sets we move onto the submirror resync.
2589 */
2596 }
2602 }
2603 }
2606 /* Check to see if we've been requested to block/kill */
2609 }
2611 /*
2612 * If we have moved on from a submirror resync, another
2613 * node must have completed it and started a different
2614 * resync, so leave the resync state alone
2615 */
2621 }
2623 /* If non-MN mirror, reinitialize state */
2628 }
2629 }
2636 bail_out:
2637 #ifdef DEBUG
2641 #endif
2649 /*
2650 * For MN Set, send a RESYNC_FINISH if this node completed the resync.
2651 * There is no need to grow unit here, it will be done in the
2652 * handler for the RESYNC_FINISH message together with resetting
2653 * MD_UN_RESYNC_ACTIVE.
2654 */
2657 /*
2658 * Normal resync completion. Issue a RESYNC_FINISH
2659 * message if we're part of a multi-node set.
2660 */
2676 smrf_msg:
2691 /* If we're shutting down, pause things here. */
2695 }
2696 /*
2697 * commd is now available again. Retry
2698 * the message once. If this fails we
2699 * panic as the system is in an
2700 * unexpected state.
2701 */
2704 }
2707 }
2710 }
2711 /*
2712 * If the resync has been cancelled, clear flags, reset owner
2713 * for ABR mirror and release the resync region parent
2714 * structure.
2715 */
2720 /* Resync finished, if ABR set owner to NULL */
2724 }
2727 MD_UN_RESYNC_ACTIVE);
2730 /* Remove previous overlap resync region */
2733 /*
2734 * Release the overlap range reference
2735 */
2738 ps);
2739 }
2740 }
2742 /*
2743 * Release resync message buffer. This will be reallocated on
2744 * the next invocation of the resync_unit thread.
2745 */
2749 }
2751 /* For non-MN sets deal with any pending grows */
2757 }
2758 }
2759 }
2766 /*
2767 * Stop the resync progress thread.
2768 */
2772 }
2774 /*
2775 * Calling mirror_internal_close() makes further reference to un / ui
2776 * dangerous. If we are the only consumer of the mirror it is possible
2777 * for a metaclear to be processed after completion of the m_i_c()
2778 * routine. As we need to handle the case where another resync has been
2779 * scheduled for the mirror, we raise the open count on the device
2780 * which protects against the close / metaclear / lock => panic scenario
2781 */
2785 /*
2786 * deccrement the mirror resync count
2787 */
2792 /*
2793 * Remove the thread reference as we're about to exit. This allows a
2794 * subsequent mirror_resync_unit() to start a new thread.
2795 * If RESYNC_ACTIVE is set, mirror_resync_unit() must have been
2796 * called to start a new resync, so reopen the mirror and go back to
2797 * the start.
2798 */
2807 /* Release the reference grabbed above */
2811 }
2816 }
2820 /*
2821 * Check for hotspares once we've cleared the resync thread reference.
2822 * If there are any errored units a poke_hotspares() will result in
2823 * a call to mirror_resync_unit() which we need to allow to start.
2824 */
2827 /*
2828 * Remove this thread from the CPR callback table.
2829 */
2833 }
2835 /*
2836 * Remove the extra reference to the unit we generated above. After
2837 * this call it is *unsafe* to reference either ui or un as they may
2838 * no longer be allocated.
2839 */
2843 }
2845 /*
2846 * mirror_resync_unit:
2847 * ------------------
2848 * Start a resync for the given mirror metadevice. Save the resync thread ID in
2849 * un->un_rs_thread for later manipulation.
2850 *
2851 * Returns:
2852 * 0 Success
2853 * !=0 Error
2854 */
2855 /*ARGSUSED*/
2856 int
2858 minor_t mnum,
2861 IOLOCK *lockp
2862 )
2863 {
2875 }
2880 }
2882 /*
2883 * Check to see if we're attempting to start a resync while one is
2884 * already running.
2885 */
2888 /*
2889 * Ensure RESYNC_ACTIVE set, it may not be if the resync thread
2890 * is in the process of terminating, setting the flag will
2891 * cause the resync thread to return to the beginning
2892 */
2898 }
2901 }
2907 else
2910 /* Start the resync progress thread off */
2915 /*
2916 * We have to store the thread ID in the unit structure so do not
2917 * drop writerlock until the thread is active. This means resync_unit
2918 * may spin on its first md_unit_readerlock(), but deadlock won't occur.
2919 */
2931 }
2939 }
2940 }
2943 }
2945 /*
2946 * mirror_ioctl_resync:
2947 * -------------------
2948 * Called as a result of an MD_IOCSETSYNC ioctl. Either start, block, unblock
2949 * or kill the resync thread associated with the specified unit.
2950 * Can return with locks held since mdioctl will free any locks
2951 * that are marked in lock->l_flags.
2952 *
2953 * Returns:
2954 * 0 Success
2955 * !=0 Error Code
2956 */
2957 int
2960 IOLOCK *lock
2961 )
2962 {
2965 uint_t bits;
2969 kt_did_t tid;
2977 }
2979 /* RD_LOCK flag grabs the md_ioctl_readerlock */
2984 }
2987 }
2990 }
2992 /*
2993 * Determine the action to take based on the ri_flags field:
2994 * MD_RI_BLOCK: Block current resync thread
2995 * MD_RI_UNBLOCK: Unblock resync thread
2996 * MD_RI_KILL: Abort resync thread
2997 * MD_RI_RESYNC_FORCE_MNSTART: Directly start resync thread
2998 * without using rpc.mdcommd messages.
2999 * any other: Start resync thread
3000 */
3004 /* Halt resync thread by setting flag in un_rs_flags */
3007 }
3014 /*
3015 * Restart resync thread by clearing flag in un_rs_flags and
3016 * cv_signal'ing the blocked thread.
3017 */
3020 }
3028 /* Abort resync thread. */
3031 }
3046 }
3047 }
3049 }
3061 }
3065 /*
3066 * If we are resyncing a mirror in a MN set and the rpc.mdcommd
3067 * can be used, we do not start the resync at this point.
3068 * Instead, the metasync command that issued the ioctl
3069 * will send a RESYNC_STARTING message to start the resync thread. The
3070 * reason we do it this way is to ensure that the metasync ioctl is
3071 * executed on all nodes before the resync thread is started.
3072 *
3073 * If a MN set and the MD_RI_RESYNC_FORCE_MNSTART flag is set, then
3074 * don't use rpc.mdcommd, but just start the resync thread. This
3075 * flag is set on a node when it is being added to a diskset
3076 * so that the resync threads are started on the newly added node.
3077 */
3083 }
3084 }
3086 int
3089 {
3100 md_mn_nodeid_t owner_node;
3106 /*
3107 * Check to see if we have a un_pernode_dirty_bm[] entry allocated. If
3108 * not, allocate it and then fill the [start..end] entries.
3109 * Update un_pernode_dirty_sum if we've gone 0->1.
3110 * Update un_dirty_bm if the corresponding entries are clear.
3111 */
3117 }
3132 }
3140 }
3146 }
3148 /*
3149 * If we have dirty regions to commit, send a
3150 * message to the owning node so that the
3151 * in-core bitmap gets updated appropriately.
3152 * TODO: make this a kmem_cache pool to improve
3153 * alloc/free performance ???
3154 */
3156 KM_SLEEP);
3158 KM_SLEEP);
3160 resend_mmrr:
3168 /* release readerlock before sending message */
3176 /* reaquire readerlock on message completion */
3179 /* if the message send failed, note it, and pass an error back up */
3181 /* if commd is gone, no point in printing a message */
3187 }
3189 /*
3190 * if the owner changed while we were sending the message, and it's
3191 * not us, the new mirror owner won't yet have done the right thing
3192 * with our data. Let him know. If we became the owner, we'll
3193 * deal with that differently below. Note that receiving a message
3194 * about another node twice won't hurt anything.
3195 */
3204 /*
3205 * If we became the owner changed while we were sending the message,
3206 * we have dirty bits in the un_pernode_bm that aren't yet reflected
3207 * in the un_dirty_bm, as it was re-read from disk, and our bits
3208 * are also not reflected in the on-disk DRL. Fix that now.
3209 */
3224 }
3232 }
3234 int
3237 {
3248 /*
3249 * Check to see if we have a un_pernode_dirty_bm[] entry allocated. If
3250 * not, allocate it and then fill the [start..end] entries.
3251 * Update un_pernode_dirty_sum if we've gone 0->1.
3252 * Update un_dirty_bm if the corresponding entries are clear.
3253 */
3260 }
3262 }
3279 }
3285 }
3293 }
3299 }
3311 }
3312 }
3318 }
3327 }
3339 }
3344 }
3352 }
3356 }
3358 int
3361 {
3369 source_node));
3370 }
3371 }
3373 int
3375 {
3385 mddb_type_t typ1;
3395 }
3435 KM_SLEEP);
3437 /*
3438 * Now translate the old records into the new
3439 * records
3440 */
3442 /*
3443 * only bring forward the
3444 * outstanding write counters and the dirty bits and also
3445 * the pernode_summary counts
3446 */
3454 }
3459 /*
3460 * Copy all non-zero un_pernode_dirty_bm[] arrays to new versions
3461 */
3474 }
3476 }
3478 }
3480 /* Save the old record id */
3483 /* Update the mirror unit struct */
3490 /*
3491 * NOTE: The reason there are distinct calls to mddb_commitrec_wrapper
3492 * instead of using mddb_commitrecs_wrapper, is that you cannot
3493 * atomically commit optimized records.
3494 */
3499 }
3501 /* lockp can be NULL for !MN diksets */
3502 int
3504 {
3512 mddb_type_t typ1;
3539 /* Copy the old bm over the new bm */
3542 /*
3543 * Create new bigger incore arrays, copy, and free old ones:
3544 * un_goingdirty_bm
3545 * un_goingclean_bm
3546 * un_resync_bm
3547 * un_outstanding_writes
3548 * un_pernode_dirty_sum
3549 * un_pernode_dirty_bm[]
3550 */
3578 old_nregions);
3580 }
3589 old_bm_size);
3591 }
3593 }
3595 /* Save the old record id */
3598 /* Update the mirror unit struct */
3603 /*
3604 * NOTE: The reason there are distinct calls to mddb_commitrec_wrapper
3605 * instead of using mddb_commitrecs_wrapper, is that you cannot
3606 * atomically commit optimized records.
3607 */
3612 }
3614 /*
3615 * mirror_copy_rr:
3616 * --------------
3617 * Combine the dirty record bitmap with the in-core resync bitmap. This allows
3618 * us to carry a resync over an ownership change.
3619 */
3620 void
3622 {
3627 }
3629 /*
3630 * mirror_set_dirty_rr:
3631 * -------------------
3632 * Set the pernode_dirty_bm[node] entries and un_dirty_bm[] if appropriate.
3633 * For the owning node (DRL/mirror owner) update the on-disk RR if needed.
3634 * Called on every clean->dirty transition for the originating writer node.
3635 * Note: only the non-owning nodes will initiate this message and it is only
3636 * the owning node that has to process it.
3637 */
3638 int
3640 {
3655 }
3657 /* Must have _NO_ ioctl lock set if we update the RR on-disk */
3662 }
3665 }
3668 }
3671 }
3673 /*
3674 * Only process this message if we're the owner of the mirror.
3675 */
3678 }
3683 orignode));
3684 }
3686 /*
3687 * mirror_clean_rr_bits:
3688 * --------------------
3689 * Clear the pernode_dirty_bm[node] entries which are passed in the bitmap
3690 * Once _all_ references are removed (pernode_dirty_count[x] == 0) this region
3691 * is 'cleanable' and will get flushed out by clearing un_dirty_bm[] on all
3692 * nodes. Callable from ioctl / interrupt / whatever context.
3693 * un_resync_mx is held on entry.
3694 */
3695 static void
3698 {
3701 uint_t cleared_bits;
3717 }
3719 cleared_bits++;
3722 }
3723 }
3724 }
3727 /*
3728 * We can only be called iff we are the mirror owner, however
3729 * as this is a (potentially) decoupled routine the ownership
3730 * may have moved from us by the time we get to execute the
3731 * bit clearing. Hence we still need to check for being the
3732 * owner before flushing the DRL to the replica.
3733 */
3738 }
3739 }
3740 }
3742 /*
3743 * mirror_drl_task:
3744 * ---------------
3745 * Service routine for clearing the DRL bits on a deferred MD_MN_RR_CLEAN call
3746 * We need to obtain exclusive access to the un_resync_cv and then clear the
3747 * necessary bits.
3748 * On completion, we must also free the passed in argument as it is allocated
3749 * at the end of the ioctl handler and won't be freed on completion.
3750 */
3751 static void
3753 {
3772 }
3777 }
3779 /*
3780 * mirror_set_clean_rr:
3781 * -------------------
3782 * Clear the pernode_dirty_bm[node] entries which are passed in the bitmap
3783 * Once _all_ references are removed (pernode_dirty_count[x] == 0) this region
3784 * is 'cleanable' and will get flushed out by clearing un_dirty_bm[] on all
3785 * nodes.
3786 *
3787 * Only the mirror-owner need process this message as it is the only RR updater.
3788 * Non-owner nodes issue this request, but as we have no point-to-point message
3789 * support we will receive the message on all nodes.
3790 */
3791 int
3793 {
3808 }
3810 /* Must have _NO_ ioctl lock set if we update the RR on-disk */
3815 }
3818 }
3821 }
3823 /*
3824 * Check to see if we're the mirror owner. If not, there's nothing
3825 * for us to to.
3826 */
3829 }
3831 /*
3832 * Process the to-be-cleaned bitmap. We need to update the pernode_dirty
3833 * bits and pernode_dirty_sum[n], and if, and only if, the sum goes 0
3834 * we can then mark the un_dirty_bm entry as GOINGCLEAN. Alternatively
3835 * we can just defer this cleaning until the next process_resync_regions
3836 * timeout.
3837 */
3842 }
3845 /*
3846 * See if we can simply clear the un_dirty_bm[] entries. If we're not
3847 * the issuing node _and_ we aren't in the process of marking/clearing
3848 * the RR bitmaps, we can simply update the bits as needed.
3849 * If we're the owning node and _not_ the issuing node, we should also
3850 * sync the RR if we clear any bits in it.
3851 */
3861 }
3862 }
3865 /*
3866 * If we couldn't clear the bits, due to DRL update from m_m_r_r / p_r_r
3867 * we must schedule a blocking call to update the DRL on this node.
3868 * As we're invoked from an ioctl we are going to have the original data
3869 * disappear (kmem_free) once we return. So, copy the data into a new
3870 * structure and let the taskq routine release it on completion.
3871 */
3883 }
3884 }
3887 }