4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
22 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
27 * Copyright (c) 2012, 2015 by Delphix. All rights reserved.
30 #include <sys/zfs_context.h>
32 #include <sys/spa_impl.h>
33 #include <sys/dsl_pool.h>
34 #include <sys/dsl_scan.h>
35 #include <sys/vdev_impl.h>
38 #include <sys/fs/zfs.h>
41 * Virtual device vector for mirroring.
44 typedef struct mirror_child
{
50 uint8_t mc_speculative
;
53 typedef struct mirror_map
{
58 mirror_child_t mm_child
[1];
61 int vdev_mirror_shift
= 21;
64 vdev_mirror_map_free(zio_t
*zio
)
66 mirror_map_t
*mm
= zio
->io_vsd
;
68 kmem_free(mm
, offsetof(mirror_map_t
, mm_child
[mm
->mm_children
]));
71 static const zio_vsd_ops_t vdev_mirror_vsd_ops
= {
73 zio_vsd_default_cksum_report
77 vdev_mirror_map_alloc(zio_t
*zio
)
79 mirror_map_t
*mm
= NULL
;
81 vdev_t
*vd
= zio
->io_vd
;
85 dva_t
*dva
= zio
->io_bp
->blk_dva
;
86 spa_t
*spa
= zio
->io_spa
;
88 c
= BP_GET_NDVAS(zio
->io_bp
);
90 mm
= kmem_zalloc(offsetof(mirror_map_t
, mm_child
[c
]), KM_SLEEP
);
92 mm
->mm_resilvering
= B_FALSE
;
93 mm
->mm_preferred
= spa_get_random(c
);
97 * Check the other, lower-index DVAs to see if they're on
98 * the same vdev as the child we picked. If they are, use
99 * them since they are likely to have been allocated from
100 * the primary metaslab in use at the time, and hence are
101 * more likely to have locality with single-copy data.
103 for (c
= mm
->mm_preferred
, d
= c
- 1; d
>= 0; d
--) {
104 if (DVA_GET_VDEV(&dva
[d
]) == DVA_GET_VDEV(&dva
[c
]))
105 mm
->mm_preferred
= d
;
108 for (c
= 0; c
< mm
->mm_children
; c
++) {
109 mc
= &mm
->mm_child
[c
];
111 mc
->mc_vd
= vdev_lookup_top(spa
, DVA_GET_VDEV(&dva
[c
]));
112 mc
->mc_offset
= DVA_GET_OFFSET(&dva
[c
]);
117 c
= vd
->vdev_children
;
119 mm
= kmem_zalloc(offsetof(mirror_map_t
, mm_child
[c
]), KM_SLEEP
);
122 * If we are resilvering, then we should handle scrub reads
123 * differently; we shouldn't issue them to the resilvering
124 * device because it might not have those blocks.
126 * We are resilvering iff:
127 * 1) We are a replacing vdev (ie our name is "replacing-1" or
128 * "spare-1" or something like that), and
129 * 2) The pool is currently being resilvered.
131 * We cannot simply check vd->vdev_resilver_txg, because it's
132 * not set in this path.
134 * Nor can we just check our vdev_ops; there are cases (such as
135 * when a user types "zpool replace pool odev spare_dev" and
136 * spare_dev is in the spare list, or when a spare device is
137 * automatically used to replace a DEGRADED device) when
138 * resilvering is complete but both the original vdev and the
139 * spare vdev remain in the pool. That behavior is intentional.
140 * It helps implement the policy that a spare should be
141 * automatically removed from the pool after the user replaces
142 * the device that originally failed.
144 replacing
= (vd
->vdev_ops
== &vdev_replacing_ops
||
145 vd
->vdev_ops
== &vdev_spare_ops
);
147 * If a spa load is in progress, then spa_dsl_pool may be
148 * uninitialized. But we shouldn't be resilvering during a spa
152 (spa_load_state(vd
->vdev_spa
) == SPA_LOAD_NONE
) &&
153 dsl_scan_resilvering(vd
->vdev_spa
->spa_dsl_pool
)) {
154 mm
->mm_resilvering
= B_TRUE
;
156 mm
->mm_resilvering
= B_FALSE
;
159 mm
->mm_preferred
= mm
->mm_resilvering
? 0 :
160 (zio
->io_offset
>> vdev_mirror_shift
) % c
;
161 mm
->mm_root
= B_FALSE
;
163 for (c
= 0; c
< mm
->mm_children
; c
++) {
164 mc
= &mm
->mm_child
[c
];
165 mc
->mc_vd
= vd
->vdev_child
[c
];
166 mc
->mc_offset
= zio
->io_offset
;
171 zio
->io_vsd_ops
= &vdev_mirror_vsd_ops
;
176 vdev_mirror_open(vdev_t
*vd
, uint64_t *asize
, uint64_t *max_asize
,
182 if (vd
->vdev_children
== 0) {
183 vd
->vdev_stat
.vs_aux
= VDEV_AUX_BAD_LABEL
;
184 return (SET_ERROR(EINVAL
));
187 vdev_open_children(vd
);
189 for (int c
= 0; c
< vd
->vdev_children
; c
++) {
190 vdev_t
*cvd
= vd
->vdev_child
[c
];
192 if (cvd
->vdev_open_error
) {
193 lasterror
= cvd
->vdev_open_error
;
198 *asize
= MIN(*asize
- 1, cvd
->vdev_asize
- 1) + 1;
199 *max_asize
= MIN(*max_asize
- 1, cvd
->vdev_max_asize
- 1) + 1;
200 *ashift
= MAX(*ashift
, cvd
->vdev_ashift
);
203 if (numerrors
== vd
->vdev_children
) {
204 vd
->vdev_stat
.vs_aux
= VDEV_AUX_NO_REPLICAS
;
212 vdev_mirror_close(vdev_t
*vd
)
214 for (int c
= 0; c
< vd
->vdev_children
; c
++)
215 vdev_close(vd
->vdev_child
[c
]);
219 vdev_mirror_child_done(zio_t
*zio
)
221 mirror_child_t
*mc
= zio
->io_private
;
223 mc
->mc_error
= zio
->io_error
;
229 vdev_mirror_scrub_done(zio_t
*zio
)
231 mirror_child_t
*mc
= zio
->io_private
;
233 if (zio
->io_error
== 0) {
235 zio_link_t
*zl
= NULL
;
237 mutex_enter(&zio
->io_lock
);
238 while ((pio
= zio_walk_parents(zio
, &zl
)) != NULL
) {
239 mutex_enter(&pio
->io_lock
);
240 ASSERT3U(zio
->io_size
, >=, pio
->io_size
);
241 abd_copy(pio
->io_abd
, zio
->io_abd
, pio
->io_size
);
242 mutex_exit(&pio
->io_lock
);
244 mutex_exit(&zio
->io_lock
);
246 abd_free(zio
->io_abd
);
248 mc
->mc_error
= zio
->io_error
;
254 * Try to find a child whose DTL doesn't contain the block we want to read.
255 * If we can't, try the read on any vdev we haven't already tried.
258 vdev_mirror_child_select(zio_t
*zio
)
260 mirror_map_t
*mm
= zio
->io_vsd
;
262 uint64_t txg
= zio
->io_txg
;
265 ASSERT(zio
->io_bp
== NULL
|| BP_PHYSICAL_BIRTH(zio
->io_bp
) == txg
);
268 * Try to find a child whose DTL doesn't contain the block to read.
269 * If a child is known to be completely inaccessible (indicated by
270 * vdev_readable() returning B_FALSE), don't even try.
272 for (i
= 0, c
= mm
->mm_preferred
; i
< mm
->mm_children
; i
++, c
++) {
273 if (c
>= mm
->mm_children
)
275 mc
= &mm
->mm_child
[c
];
276 if (mc
->mc_tried
|| mc
->mc_skipped
)
278 if (!vdev_readable(mc
->mc_vd
)) {
279 mc
->mc_error
= SET_ERROR(ENXIO
);
280 mc
->mc_tried
= 1; /* don't even try */
284 if (!vdev_dtl_contains(mc
->mc_vd
, DTL_MISSING
, txg
, 1))
286 mc
->mc_error
= SET_ERROR(ESTALE
);
288 mc
->mc_speculative
= 1;
292 * Every device is either missing or has this txg in its DTL.
293 * Look for any child we haven't already tried before giving up.
295 for (c
= 0; c
< mm
->mm_children
; c
++)
296 if (!mm
->mm_child
[c
].mc_tried
)
300 * Every child failed. There's no place left to look.
306 vdev_mirror_io_start(zio_t
*zio
)
312 mm
= vdev_mirror_map_alloc(zio
);
314 if (zio
->io_type
== ZIO_TYPE_READ
) {
315 if ((zio
->io_flags
& ZIO_FLAG_SCRUB
) && !mm
->mm_resilvering
) {
317 * For scrubbing reads we need to allocate a read
318 * buffer for each child and issue reads to all
319 * children. If any child succeeds, it will copy its
320 * data into zio->io_data in vdev_mirror_scrub_done.
322 for (c
= 0; c
< mm
->mm_children
; c
++) {
323 mc
= &mm
->mm_child
[c
];
324 zio_nowait(zio_vdev_child_io(zio
, zio
->io_bp
,
325 mc
->mc_vd
, mc
->mc_offset
,
326 abd_alloc_sametype(zio
->io_abd
,
327 zio
->io_size
), zio
->io_size
,
328 zio
->io_type
, zio
->io_priority
, 0,
329 vdev_mirror_scrub_done
, mc
));
335 * For normal reads just pick one child.
337 c
= vdev_mirror_child_select(zio
);
340 ASSERT(zio
->io_type
== ZIO_TYPE_WRITE
);
343 * Writes go to all children.
346 children
= mm
->mm_children
;
350 mc
= &mm
->mm_child
[c
];
351 zio_nowait(zio_vdev_child_io(zio
, zio
->io_bp
,
352 mc
->mc_vd
, mc
->mc_offset
, zio
->io_abd
, zio
->io_size
,
353 zio
->io_type
, zio
->io_priority
, 0,
354 vdev_mirror_child_done
, mc
));
362 vdev_mirror_worst_error(mirror_map_t
*mm
)
364 int error
[2] = { 0, 0 };
366 for (int c
= 0; c
< mm
->mm_children
; c
++) {
367 mirror_child_t
*mc
= &mm
->mm_child
[c
];
368 int s
= mc
->mc_speculative
;
369 error
[s
] = zio_worst_error(error
[s
], mc
->mc_error
);
372 return (error
[0] ? error
[0] : error
[1]);
376 vdev_mirror_io_done(zio_t
*zio
)
378 mirror_map_t
*mm
= zio
->io_vsd
;
382 int unexpected_errors
= 0;
384 for (c
= 0; c
< mm
->mm_children
; c
++) {
385 mc
= &mm
->mm_child
[c
];
390 } else if (mc
->mc_tried
) {
395 if (zio
->io_type
== ZIO_TYPE_WRITE
) {
397 * XXX -- for now, treat partial writes as success.
399 * Now that we support write reallocation, it would be better
400 * to treat partial failure as real failure unless there are
401 * no non-degraded top-level vdevs left, and not update DTLs
402 * if we intend to reallocate.
405 if (good_copies
!= mm
->mm_children
) {
407 * Always require at least one good copy.
409 * For ditto blocks (io_vd == NULL), require
410 * all copies to be good.
412 * XXX -- for replacing vdevs, there's no great answer.
413 * If the old device is really dead, we may not even
414 * be able to access it -- so we only want to
415 * require good writes to the new device. But if
416 * the new device turns out to be flaky, we want
417 * to be able to detach it -- which requires all
418 * writes to the old device to have succeeded.
420 if (good_copies
== 0 || zio
->io_vd
== NULL
)
421 zio
->io_error
= vdev_mirror_worst_error(mm
);
426 ASSERT(zio
->io_type
== ZIO_TYPE_READ
);
429 * If we don't have a good copy yet, keep trying other children.
432 if (good_copies
== 0 && (c
= vdev_mirror_child_select(zio
)) != -1) {
433 ASSERT(c
>= 0 && c
< mm
->mm_children
);
434 mc
= &mm
->mm_child
[c
];
435 zio_vdev_io_redone(zio
);
436 zio_nowait(zio_vdev_child_io(zio
, zio
->io_bp
,
437 mc
->mc_vd
, mc
->mc_offset
, zio
->io_abd
, zio
->io_size
,
438 ZIO_TYPE_READ
, zio
->io_priority
, 0,
439 vdev_mirror_child_done
, mc
));
444 if (good_copies
== 0) {
445 zio
->io_error
= vdev_mirror_worst_error(mm
);
446 ASSERT(zio
->io_error
!= 0);
449 if (good_copies
&& spa_writeable(zio
->io_spa
) &&
450 (unexpected_errors
||
451 (zio
->io_flags
& ZIO_FLAG_RESILVER
) ||
452 ((zio
->io_flags
& ZIO_FLAG_SCRUB
) && mm
->mm_resilvering
))) {
454 * Use the good data we have in hand to repair damaged children.
456 for (c
= 0; c
< mm
->mm_children
; c
++) {
458 * Don't rewrite known good children.
459 * Not only is it unnecessary, it could
460 * actually be harmful: if the system lost
461 * power while rewriting the only good copy,
462 * there would be no good copies left!
464 mc
= &mm
->mm_child
[c
];
466 if (mc
->mc_error
== 0) {
469 if (!(zio
->io_flags
& ZIO_FLAG_SCRUB
) &&
470 !vdev_dtl_contains(mc
->mc_vd
, DTL_PARTIAL
,
473 mc
->mc_error
= SET_ERROR(ESTALE
);
476 zio_nowait(zio_vdev_child_io(zio
, zio
->io_bp
,
477 mc
->mc_vd
, mc
->mc_offset
,
478 zio
->io_abd
, zio
->io_size
,
479 ZIO_TYPE_WRITE
, ZIO_PRIORITY_ASYNC_WRITE
,
480 ZIO_FLAG_IO_REPAIR
| (unexpected_errors
?
481 ZIO_FLAG_SELF_HEAL
: 0), NULL
, NULL
));
487 vdev_mirror_state_change(vdev_t
*vd
, int faulted
, int degraded
)
489 if (faulted
== vd
->vdev_children
)
490 vdev_set_state(vd
, B_FALSE
, VDEV_STATE_CANT_OPEN
,
491 VDEV_AUX_NO_REPLICAS
);
492 else if (degraded
+ faulted
!= 0)
493 vdev_set_state(vd
, B_FALSE
, VDEV_STATE_DEGRADED
, VDEV_AUX_NONE
);
495 vdev_set_state(vd
, B_FALSE
, VDEV_STATE_HEALTHY
, VDEV_AUX_NONE
);
498 vdev_ops_t vdev_mirror_ops
= {
502 vdev_mirror_io_start
,
504 vdev_mirror_state_change
,
507 VDEV_TYPE_MIRROR
, /* name of this vdev type */
508 B_FALSE
/* not a leaf vdev */
511 vdev_ops_t vdev_replacing_ops
= {
515 vdev_mirror_io_start
,
517 vdev_mirror_state_change
,
520 VDEV_TYPE_REPLACING
, /* name of this vdev type */
521 B_FALSE
/* not a leaf vdev */
524 vdev_ops_t vdev_spare_ops
= {
528 vdev_mirror_io_start
,
530 vdev_mirror_state_change
,
533 VDEV_TYPE_SPARE
, /* name of this vdev type */
534 B_FALSE
/* not a leaf vdev */