| blob | 59785d670e9d0309c1d39826674c8523f70947cd |
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
22 /*
23 * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 */
27 #include <sys/param.h>
28 #include <sys/systm.h>
29 #include <sys/conf.h>
30 #include <sys/file.h>
31 #include <sys/user.h>
32 #include <sys/uio.h>
33 #include <sys/t_lock.h>
34 #include <sys/buf.h>
35 #include <sys/dkio.h>
36 #include <sys/vtoc.h>
37 #include <sys/kmem.h>
38 #include <vm/page.h>
39 #include <sys/cmn_err.h>
40 #include <sys/sysmacros.h>
41 #include <sys/types.h>
42 #include <sys/mkdev.h>
43 #include <sys/stat.h>
44 #include <sys/open.h>
45 #include <sys/disp.h>
46 #include <sys/lvm/md_mirror.h>
47 #include <sys/modctl.h>
48 #include <sys/ddi.h>
49 #include <sys/sunddi.h>
50 #include <sys/debug.h>
51 #include <sys/callb.h>
53 #include <sys/sysevent/eventdefs.h>
54 #include <sys/sysevent/svm.h>
55 #include <sys/lvm/mdmn_commd.h>
75 #ifdef DEBUG
77 #endif
79 /*
80 * Tunable resync thread timeout. This is used as the time interval for updating
81 * the resync progress to the mddb. This allows restartable resyncs to be
82 * continued across a system reboot.
83 * Default is to update the resync progress every 5 minutes.
84 */
87 /*
88 * Settable mirror resync buffer size. Specified in 512 byte
89 * blocks. This is set to MD_DEF_RESYNC_BUF_SIZE by default.
90 */
93 /*
94 * Tunables for dirty region processing when
95 * closing down a mirror.
96 *
97 * Dirty region processing during close of a
98 * mirror is basically monitoring the state
99 * of the resync region bitmaps and the number
100 * of outstanding i/o's per submirror to
101 * determine that there are no more dirty
102 * regions left over.
103 *
104 * The approach taken is a retry logic over
105 * md_mirror_rr_cleans iterations to monitor
106 * the progress.
107 *
108 * There are two methods of polling the progress
109 * on dirty bitmap processing: busy-waits and
110 * non-busy-waits.
111 *
112 * Busy-waits are used at the beginning to
113 * determine the final state as quick as
114 * possible; md_mirror_rr_polls defines the
115 * number of busy-waits.
116 *
117 * In case the number of busy-waits got exhausted
118 * with dirty regions left over, the retry logic
119 * switches over to non-busy-waits, thus giving
120 * relief to an obviously heavily loaded system.
121 * The timeout value is defined by the tunable
122 * md_mirror_rr_sleep_timo in seconds.
123 *
124 * The number of non-busy-waits is given by:
125 * md_mirror_rr_cleans - md_mirror_rr_polls.
126 *
127 * The values were found by testing on a
128 * 'typical' system and may require tuning
129 * to meet specific customer's requirements.
130 */
136 /*
137 * The value is not #defined because it will be computed
138 * in the future.
139 */
142 /*
143 * mirror_generate_rr_bitmap:
144 * -------------------
145 * Generate a compressed bitmap md_mn_msg_rr_clean_t for the given clean
146 * bitmap associated with mirror 'un'
147 *
148 * Input:
149 * un - mirror unit to get bitmap data from
150 * *msgp - location to return newly allocated md_mn_msg_rr_clean_t
151 * *activep- location to return # of active i/os
152 *
153 * Returns:
154 * 1 => dirty bits cleared from un_dirty_bm and DRL flush required
155 * *msgp contains bitmap of to-be-cleared bits
156 * 0 => no bits cleared
157 * *msgp == NULL
158 */
159 static int
162 {
166 /* Skip any initial 0s. */
167 retry_dirty_scan:
171 /*
172 * Handle case where NO bits are set in PERNODE_DIRTY but the
173 * un_dirty_bm[] map does have entries set (after a 1st resync)
174 */
178 ;
186 }
187 }
189 /* how much to fit into this message */
191 MDMN_MSG_RR_CLEAN_DATA_MAX_BYTES);
194 KM_SLEEP);
205 }
208 }
212 }
214 /*
215 * Handle the case where a resync has completed and we still
216 * have the un_dirty_bm[] entries marked as dirty (these are
217 * the most recent DRL re-read from the replica). They need
218 * to be cleared from our un_dirty_bm[] but they will not have
219 * corresponding un_pernode_dirty[] entries set unless (and
220 * until) further write()s have been issued to the area.
221 * This handles the case where only the un_dirty_bm[] entry is
222 * set. Without this we'd not clear this region until a local
223 * write is issued to the affected area.
224 */
231 }
232 /*
233 * Now we've got a flagged pernode_dirty, _or_ a clean
234 * bitmap entry to process. Update the bitmap to flush
235 * the REGION_DIRTY / GOING_CLEAN bits when we send the
236 * cross-cluster message.
237 */
238 cleared_dirty++;
241 /*
242 * Not marked as active in the pernode bitmap, so skip
243 * any update to this. We just increment the 0 count
244 * and adjust the active count by any outstanding
245 * un_pernode_dirty_sum[] entries. This means we don't
246 * leave the mirror permanently dirty.
247 */
249 }
250 }
254 }
257 }
259 /*
260 * There are three paths into here:
261 *
262 * md_daemon -> check_resync_regions -> prr
263 * mirror_internal_close -> mirror_process_unit_resync -> prr
264 * mirror_set_capability -> mirror_process_unit_resync -> prr
265 *
266 * The first one is a kernel daemon, the other two result from system calls.
267 * Thus, only the first case needs to deal with kernel CPR activity. This
268 * is indicated by the cprinfop being non-NULL for kernel daemon calls, and
269 * NULL for system call paths.
270 */
271 static int
273 {
276 /* Number of reasons why we can not proceed shutting down the mirror. */
284 md_mn_nodeid_t owner_node;
286 /*
287 * We drop the readerlock here to assist lock ordering with
288 * update_resync. Once we have the un_rrp_inflight_mx, we
289 * can re-acquire it.
290 */
293 /*
294 * Resync region processing must be single threaded. We can't use
295 * un_resync_mx for this purpose since this mutex gets released
296 * when blocking on un_resync_cv.
297 */
312 /*
313 * Transmit the 'to-be-cleared' bitmap to all cluster nodes.
314 * Receipt of the message will cause the mirror owner to
315 * update the on-disk DRL.
316 */
320 /* release readerlock before sending message */
326 }
336 }
338 /* reacquire readerlock after message */
343 /* if commd is gone, no point in printing a message */
350 }
353 /*
354 * If ownership changed while we were sending, we probably
355 * sent the message to the wrong node. Leave fixing that for
356 * the next cycle.
357 */
361 }
363 /*
364 * Now that we've sent the message, clear them from the
365 * pernode_dirty arrays. These are ONLY cleared on a
366 * successful send, and failure has no impact.
367 */
373 RW_READER);
380 un);
381 }
383 cleared_dirty++;
386 }
387 }
388 }
392 }
398 }
400 static int
402 {
405 /* Number of reasons why we can not proceed shutting down the mirror. */
413 /*
414 * We drop the readerlock here to assist lock ordering with
415 * update_resync. Once we have the un_rrp_inflight_mx, we
416 * can re-acquire it.
417 */
420 /*
421 * Resync region processing must be single threaded. We can't use
422 * un_resync_mx for this purpose since this mutex gets released
423 * when blocking on un_resync_cv.
424 */
437 RW_READER);
441 /*
442 * Clear the bits from the pernode_dirty arrays.
443 * If that results in any being cleared from the
444 * un_dirty_bm, commit it.
445 */
453 un)) {
457 }
459 cleared_dirty++;
462 }
463 }
464 }
466 }
477 active++;
479 }
483 active++;
485 }
488 cleared_dirty++;
489 }
490 }
501 active++;
503 }
504 }
510 }
512 static int
514 {
516 /*
517 * For a mirror we can only update the on-disk resync-record if we
518 * currently own the mirror. If we are called and there is no owner we
519 * bail out before scanning the outstanding_writes[] array.
520 * NOTE: we only need to check here (before scanning the array) as we
521 * are called with the readerlock held. This means that a change
522 * of ownership away from us will block until this resync check
523 * has completed.
524 */
532 }
533 }
535 /*
536 * Function that is callable from other modules to provide
537 * ability to cleanup dirty region bitmap on demand. Used
538 * on last close of a unit to avoid massive device resyncs
539 * when coming back after rolling large amounts of data to
540 * a mirror (e.g. at umount with logging).
541 */
543 void
545 {
550 cleans++;
555 }
557 /*
558 * We did not make it with md_mirror_rr_polls
559 * iterations. Give the system relief and
560 * switch over to non-busy-wait.
561 */
563 }
564 }
565 }
567 static void
569 {
573 callb_cpr_t cprinfo;
583 /*
584 * Register this resync thread with the CPR mechanism. This
585 * allows us to detect when the system is suspended and so
586 * keep track of the RPC failure condition.
587 */
594 /*
595 * Do not clean up resync regions if it is an ABR
596 * mirror, or if a submirror is offline (we will use the resync
597 * region to resync when back online) or if there is only one
598 * submirror.
599 */
604 }
610 /* Remove this thread from the CPR callback table. */
613 }
617 /* We are done */
621 }
623 static void
625 {
632 }
637 else
641 }
643 void
645 {
654 }
656 static void
658 {
669 changed++;
670 }
674 changed++;
675 }
676 }
681 }
682 }
684 static void
686 {
687 mddb_recstatus_t status;
693 }
700 }
705 }
707 static int
709 {
710 diskaddr_t tb;
714 mddb_recid_t recid;
717 mddb_type_t typ1;
718 set_t setno;
728 }
743 }
745 }
765 }
769 }
771 int
773 {
801 /*
802 * If a MN diskset and snarfing and this node is not the
803 * master, do not delete any records on snarf of the
804 * mirror records (create_unit_resync deletes records).
805 *
806 * Master node should have already handled this case.
807 */
810 #ifdef DEBUG
814 #endif
816 }
819 }
830 /*
831 * Allocate pernode bitmap for this node. All other nodes' maps will
832 * be created 'on-the-fly' in the ioctl message handler
833 */
840 KM_SLEEP);
841 }
843 /*
844 * Allocate taskq to process deferred (due to locking) RR_CLEAN
845 * requests.
846 */
849 }
854 /*
855 * Only mark mirror which has an associated DRL as requiring a resync.
856 * For ABR mirrors we need not set the resync record bitmap up.
857 */
866 syncable++;
867 }
868 }
886 MD_PRV_PENDCOM);
887 }
888 }
889 }
891 }
893 /*
894 * resync_kill_pending:
895 * -------------------
896 * Determine if the resync thread has been requested to terminate.
897 * Block if MD_RI_BLOCK or MD_RI_BLOCK_OWNER is set in un->un_rs_thread_flags.
898 * MD_RI_BLOCK is only set as a result of a user-initiated ioctl via metasync.
899 * MD_RI_BLOCK_OWNER is set by the ownership change of a multi-node mirror.
900 *
901 * Returns:
902 * 0 Kill not pending
903 * 1 Kill requested (set MD_UN_RESYNC_CANCEL in un->c.un_status)
904 *
905 * Note: this routine may block
906 * the writerlock for <ui> will be dropped and reacquired if <mx_type>
907 * is set to MD_WRITER_HELD.
908 * the readerlock for <ui> will be dropped and reacquired if <mx_type>
909 * is set to MD_READER_HELD.
910 */
911 static int
915 uint_t mx_type)
916 {
919 /* Ensure that we don't block with any mutex held */
924 }
930 }
931 /* Determine if we've been asked to abort or shutdown gracefully */
937 }
940 /* Reacquire mutex if dropped on entry */
945 }
947 }
949 /*
950 * resync_read_buffer:
951 * ------------------
952 * Issue the resync source read for the specified start block and size.
953 * This will cause the mirror strategy routine to issue a write-after-read
954 * once this request completes successfully.
955 * If 'flag_err' is set we expect to see a write error flagged in the b_error
956 * field of the buffer created for this i/o request. If clear we do not expect
957 * to see the error flagged for write failures.
958 * Read failures will always set the B_ERROR bit which will stop the resync
959 * immediately.
960 */
961 static int
963 {
987 }
990 }
992 /*
993 * send_mn_resync_done_message
994 *
995 * At the end of a resync, send a message to all nodes to indicate that
996 * the resync is complete. The argument, flags, has the following values
997 *
998 * RESYNC_ERR - if an error occurred that terminated the resync
999 * CLEAR_OPT_NOT_DONE - Just need to clear the OPT_NOT_DONE flag
1000 *
1001 * unit writerlock set on entry
1002 * Only send the message if the thread is not marked as shutting down:
1003 * [un_rs_thread_flags & MD_RI_SHUTDOWN] or being killed:
1004 * [un->c.un_status & MD_UN_RESYNC_CANCEL]
1005 * or if there has been an error that terminated the resync:
1006 * flags & RESYNC_ERR
1007 *
1008 */
1009 static void
1012 int flags
1013 )
1014 {
1016 set_t setno;
1024 /*
1025 * Only send the message if this resync thread is still active. This
1026 * handles the case where ownership changes to different nodes during
1027 * a resync can cause multiple spurious resync_done messages to occur
1028 * when the resync completes. This happens because only one node is
1029 * the resync owner but other nodes will have their resync_unit thread
1030 * blocked in 'resync_kill_pending'
1031 */
1038 /*
1039 * Always send a message if we've encountered an error that terminated
1040 * the resync.
1041 */
1046 #ifdef DEBUG
1051 }
1054 }
1056 #ifdef DEBUG
1060 }
1061 #endif
1085 /* if the node hasn't yet joined, it's Ok. */
1089 /* If we're shutting down already, pause things here. */
1093 }
1094 }
1096 }
1099 }
1101 /*
1102 * send_mn_resync_next_message
1103 *
1104 * Sent a message to all nodes indicating the next region to be resynced.
1105 * The message contains the region to be resynced and the current position in
1106 * the resync as denoted by un_rs_resync_done and un_rs_resync_2_do.
1107 * On entry the unit readerlock is held.
1108 */
1109 static void
1112 diskaddr_t currentblk,
1114 int flags
1115 )
1116 {
1118 set_t setno;
1127 #ifdef DEBUG
1133 }
1134 #endif
1145 /*
1146 * Copy current submirror state and flags into message. This provides
1147 * a means of keeping all nodes that are currently active in the cluster
1148 * synchronised with regards to their submirror state settings. If we
1149 * did not pass this information here, the only time every node gets
1150 * submirror state updated is at the end of a resync phase. This can be
1151 * a significant amount of time for large metadevices.
1152 */
1157 }
1173 /* If we're shutting down already, pause things here. */
1177 }
1178 }
1180 }
1185 /* Allocate previous overlap reference if needed */
1198 }
1202 }
1204 static int
1207 diskaddr_t currentblk,
1208 diskaddr_t stopbefore,
1209 uint_t type,
1210 int flags
1211 )
1212 {
1215 set_t setno;
1216 diskaddr_t newstop;
1217 diskaddr_t rs_startblk;
1218 uint_t rs_type;
1233 /*
1234 * Split the block up into units of MD_DEF_RESYNC_BLK_SZ and
1235 * if a MN device and sendflag is set, send a RESYNC_MESSAGE
1236 * to all nodes.
1237 */
1244 flags1);
1247 /* check to see if we've been asked to terminate */
1251 /*
1252 * Check to see if another node has completed this
1253 * block, if so either the type or the resync region
1254 * will have changed. If the resync type has changed,
1255 * just exit.
1256 * If the resync region has changed, reset currentblk
1257 * to the start of the current resync region and
1258 * continue.
1259 */
1263 rs_startblk) {
1264 currentblk =
1267 }
1268 }
1277 /* resync_read_buffer releases/grabs a new lock */
1281 /* check to see if we've been asked to terminate */
1286 /*
1287 * Check to see if another node has completed
1288 * this block, see above
1289 */
1293 rs_startblk)
1294 currentblk =
1296 }
1297 }
1298 }
1300 }
1302 static void
1304 {
1306 minor_t mnum;
1313 sm_state_t state;
1315 set_t setno;
1317 uint_t old_rs_done;
1326 /*
1327 * We aren't marked as needing a resync so for multi-node
1328 * sets we flag the completion so that all nodes see the same
1329 * metadevice state. This is a problem when a new node joins
1330 * an existing set as it has to perform a 'metasync -r' and
1331 * we have to step through all of the resync phases. If we
1332 * don't do this the nodes that were already in the set will
1333 * have the metadevices marked as 'Okay' but the joining node
1334 * will have 'Needs Maintenance' which is unclearable.
1335 */
1338 }
1340 }
1342 /*
1343 * No need for optimized resync if ABR set, clear rs_type and flags
1344 * and exit
1345 */
1350 }
1358 /* For MN sets, resync NOTIFY is done when processing resync messages */
1362 }
1365 /* check to see if we've been asked to terminate */
1369 }
1370 /*
1371 * Check that we are still performing an optimized
1372 * resync. If not, another node must have completed it
1373 * so we have no more work to do.
1374 */
1379 }
1380 /*
1381 * If rs_resync_done is non-zero, we must be completing an optimized
1382 * resync that has already been partially done on another node.
1383 * Therefore clear the bits in resync_bm for the resync regions
1384 * already done. If resync_startbl is zero, calculate 2_do.
1385 */
1395 }
1407 /* resync_read_blk_range releases/grabs a new lock */
1413 }
1415 /*
1416 * Check that we are still performing an optimized
1417 * resync. If not, another node must have completed it
1418 * so we have no more work to do.
1419 */
1424 }
1426 /*
1427 * If resync_done has increased, we must have
1428 * blocked in resync_read_blk_range while another node
1429 * continued with the resync. Therefore clear resync_bm
1430 * for the blocks that have been resynced on another
1431 * node and update rr to the next RR to be done.
1432 */
1436 un);
1446 cnt++;
1450 }
1452 /* Check to see if we've completed the resync cleanly */
1456 /*
1457 * Check that we haven't exceeded un_rs_resync_2_do. If
1458 * we have we've completed the resync.
1459 */
1462 }
1463 }
1467 /*
1468 * If MN set send message to all nodes to indicate resync
1469 * phase is complete. The processing of the message will update the
1470 * mirror state
1471 */
1489 }
1492 }
1493 }
1495 /* For MN sets, resync NOTIFY is done when processing resync messages */
1503 }
1504 }
1505 }
1507 /*
1508 * recalc_resync_done
1509 *
1510 * This function deals with a change in value of un_rs_resync_2_do in a
1511 * component resync. This may change if we are restarting a component
1512 * resync on a single node having rebooted with a different value of
1513 * md_resync_bufsz or if we are running in a multi-node with nodes having
1514 * different values of md_resync_bufsz.
1515 * If there is a change in un_rs_resync_2_do, we need to recalculate
1516 * the value of un_rs_resync_done given the new value for resync_2_do.
1517 * We have to calculate a new value for resync_done to be either
1518 * if un_resync_startbl is set, (un_resync_startbl - initblock)/(blksize + skip)
1519 * or if it is not set, we need to calculate it from un_rs_resync_done,
1520 * (un_rs_resync_done/un_rs_resync_2_do) * resync_2_do
1521 * In addition we need to deal with the overflow case by using a factor to
1522 * prevent overflow
1523 */
1525 static void
1528 {
1529 diskaddr_t x;
1532 /*
1533 * If resync_2_do has not yet been calculated, no need to modify
1534 * resync_done
1535 */
1538 }
1541 /*
1542 * If un_rs_startbl is set, another node must have already started
1543 * this resync and hence we can calculate resync_done from
1544 * resync_startbl
1545 */
1550 }
1551 /*
1552 * un_resync_startbl is not set so we must calculate it from
1553 * un_rs_resync_done.
1554 * If the larger of the two values of resync_2_do is greater than 32
1555 * bits, calculate a factor to divide by to ensure that we don't
1556 * overflow 64 bits when calculating the new value for resync_done
1557 */
1559 resync_2_do;
1563 }
1568 }
1570 static void
1572 {
1574 minor_t mnum;
1578 u_longlong_t skip;
1579 u_longlong_t size;
1580 u_longlong_t blk_size;
1581 diskaddr_t initblock;
1582 diskaddr_t block;
1586 set_t setno;
1590 diskaddr_t old_rs_done;
1592 diskaddr_t resync_2_do;
1606 }
1611 }
1619 count++;
1621 }
1626 /*
1627 * If part way through a resync, un_rs_resync_done/un_rs_resync_2_do
1628 * gives the proportion of the resync that has already been done.
1629 * If un_rs_copysize has changed since this previous partial resync,
1630 * either because this node has been rebooted with a different value
1631 * for md_resync_bufsz or because another node with a different value
1632 * for md_resync_bufsz performed the previous resync, we need to
1633 * recalculate un_rs_resync_done as a proportion of our value of
1634 * resync_2_do.
1635 */
1638 /*
1639 * For MN mirrors we need to send a message to all nodes indicating
1640 * the next region to be resynced. For a component resync, the size of
1641 * the contiguous region that is processed by resync_read_blk_range()
1642 * may be small if there is the interleave size.
1643 * Therefore, rather than sending the message within
1644 * resync_read_blk_range(), we will send a message every
1645 * MD_DEF_RESYNC_BLK_SZ blocks. Calculate the frequency in terms of
1646 * the number of blocks. Then, if we are restarting a resync, round
1647 * un_rs_resync_done down to the previous resync region boundary. This
1648 * ensures that we send a RESYNC_NEXT message before resyncing any
1649 * blocks
1650 */
1655 }
1656 /*
1657 * un_rs_resync_done is the number of ('size' + 'skip') increments
1658 * already resynced from the base 'block'
1659 * un_rs_resync_2_do is the number of iterations in
1660 * this component resync.
1661 */
1669 /* For MN sets, resync NOTIFY is done when processing resync messages */
1673 }
1676 /* check to see if we've been asked to terminate */
1680 }
1681 /*
1682 * Check that we are still performing the same component
1683 * resync. If not, another node must have completed it
1684 * so we have no more work to do.
1685 */
1690 }
1691 /*
1692 * Adjust resync_done, resync_2_do, start of resync area and count to
1693 * skip already resync'd data. We need to recalculate resync_done as
1694 * we have dropped the unit lock above and may have lost ownership to
1695 * another node, with a different resync buffer size and it may have
1696 * sent us new values of resync_done and resync_2_do based on its
1697 * resync buffer size
1698 */
1707 /*
1708 * For MN mirrors send a message to the other nodes. This
1709 * message includes the size of the region that must be blocked
1710 * for all writes
1711 */
1718 /*
1719 * check to see if we've been asked to
1720 * terminate
1721 */
1725 MD_UN_RESYNC_CANCEL) {
1728 }
1729 }
1731 /*
1732 * Check that we are still performing the same
1733 * component resync. If not, another node must
1734 * have completed it so we have no more work to
1735 * do. Also reset count to remaining resync as
1736 * we may have lost ownership in in
1737 * send_mn_resync_next_message while another
1738 * node continued with the resync and
1739 * incremented resync_done.
1740 */
1745 }
1746 /*
1747 * recalculate resync_done, resync_2_do
1748 * We need to recalculate resync_done as
1749 * we have dropped the unit lock in
1750 * send_mn_resync_next_message above and may
1751 * have lost ownership to another node, with a
1752 * different resync buffer size and it may have
1753 * sent us new values of resync_done and
1754 * resync_2_do based on its resync buffer size
1755 */
1761 /*
1762 * Adjust start of resync area to skip already
1763 * resync'd data
1764 */
1768 }
1769 }
1773 /* resync_read_blk_range releases/grabs a new lock */
1779 }
1780 /*
1781 * If we are no longer resyncing this component, return as
1782 * another node has progressed the resync.
1783 */
1788 }
1790 /*
1791 * recalculate resync_done, resync_2_do. We need to recalculate
1792 * resync_done as we have dropped the unit lock in
1793 * resync_read_blk_range above and may have lost ownership to
1794 * another node, with a different resync buffer size and it may
1795 * have sent us new values of resync_done and resync_2_do based
1796 * on its resync buffer size
1797 */
1801 /*
1802 * Reset count to remaining resync as we may have blocked in
1803 * resync_read_blk_range while another node continued
1804 * with the resync and incremented resync_done. Also adjust
1805 * start of resync area to skip already resync'd data.
1806 */
1811 /*
1812 * If we are picking up from another node, we retry the last
1813 * block otherwise step on to the next block
1814 */
1818 count--;
1819 }
1827 }
1829 /* Check to see if we've completed the resync cleanly */
1832 }
1837 /*
1838 * If MN set send message to all nodes to indicate resync
1839 * phase is complete. The processing of the message will update the
1840 * mirror state
1841 */
1850 else
1851 /*
1852 * As we don't transmit the changes,
1853 * no need to drop the lock.
1854 */
1857 }
1859 /* For MN sets, resync NOTIFY is done when processing resync messages */
1867 }
1869 }
1870 }
1872 static void
1874 {
1876 minor_t mnum;
1880 diskaddr_t chunk;
1881 diskaddr_t curblk;
1884 set_t setno;
1894 /*
1895 * If the submirror_index is non-zero, we are continuing a resync
1896 * so restart resync from last submirror marked as being resynced.
1897 */
1908 }
1909 }
1916 }
1917 }
1921 }
1923 /*
1924 * If we've only got one component we can fail on a resync write
1925 * if an error is encountered. This stops an unnecessary read of the
1926 * whole mirror on a target write error.
1927 */
1937 /* For MN sets, resync NOTIFY is done when processing resync messages */
1941 }
1946 /* check to see if we've been asked to terminate */
1950 }
1951 /*
1952 * Check that we are still performing the same submirror
1953 * resync. If not, another node must have completed it
1954 * so we have no more work to do.
1955 */
1960 }
1962 /* if > 1TB mirror, increase percent done granularity */
1965 else
1969 /*
1970 * If a MN set, round the chunk size up to a multiple of
1971 * MD_DEF_RESYNC_BLK_SZ
1972 */
1978 }
1979 /*
1980 * Handle restartable resyncs that continue from where the previous
1981 * resync left off. The new resync range is from un_rs_resync_done ..
1982 * un_rs_resync_2_do
1983 */
1989 }
1991 diskaddr_t rs_done;
1998 /* resync_read_blk_range releases/grabs a new lock */
2004 }
2006 /*
2007 * If we are no longer executing a submirror resync, return
2008 * as another node has completed the submirror resync.
2009 */
2014 }
2015 /*
2016 * If resync_done has changed, we must have blocked
2017 * in resync_read_blk_range while another node
2018 * continued with the resync so restart from resync_done.
2019 */
2025 }
2033 cnt++;
2037 }
2039 /* Check to see if we've completed the resync cleanly */
2042 }
2046 /*
2047 * If MN set send message to all nodes to indicate resync
2048 * phase is complete. The processing of the message will update the
2049 * mirror state
2050 */
2059 }
2062 }
2064 /* For MN sets, resync NOTIFY is done when processing resync messages */
2072 }
2073 }
2074 }
2076 static void
2078 {
2085 /*
2086 * Handle the case where we are picking up a partially complete
2087 * component resync. In this case un_rs_type contains the submirror
2088 * and component index of where we should restart the resync.
2089 */
2095 MD_WRITER_HELD))
2097 /*
2098 * If we have no current resync, contine to scan submirror and
2099 * components. If the resync has moved on to another component,
2100 * restart it and if the resync is no longer a component
2101 * resync, just exit
2102 */
2107 }
2108 /* Now continue scanning _all_ submirrors and components */
2120 /* Bail out if we've been asked to abort/shutdown */
2122 MD_WRITER_HELD))
2124 /*
2125 * Now check if another node has continued with the
2126 * resync, if we are no longer in component resync,
2127 * exit, otherwise update to the current component - 1
2128 * so that the next call of check_comp_4 resync() will
2129 * resync the current component.
2130 */
2140 }
2141 }
2142 }
2143 }
2145 static void
2147 {
2165 }
2166 }
2167 }
2169 /*
2170 * resync_progress_thread:
2171 * ----------------------
2172 * Thread started on first resync of a unit which simply blocks until woken up
2173 * by a cv_signal, and then updates the mddb for the mirror unit record. This
2174 * saves the resync progress information (un_rs_resync_done, un_rs_resync_2_do)
2175 * so that an aborted resync can be continued after an intervening reboot.
2176 */
2177 static void
2179 {
2191 /*
2192 * Commit mirror unit if we're the Master node in a multi-node
2193 * environment
2194 */
2199 }
2200 }
2202 }
2204 /*
2205 * resync_progress:
2206 * ---------------
2207 * Timeout handler for updating the progress of the resync thread.
2208 * Simply wake up the resync progress daemon which will then mirror_commit() the
2209 * unit structure to the mddb. This snapshots the current progress of the resync
2210 */
2211 static void
2213 {
2216 uint_t active;
2222 /* schedule the next timeout if the resync is still marked active */
2229 md_mirror_resync_update_intvl));
2230 }
2231 }
2233 /*
2234 * resync_unit:
2235 * -----------
2236 * Resync thread which drives all forms of resync (optimized, component,
2237 * submirror). Must handle thread suspension and kill to allow multi-node
2238 * resync to run without undue ownership changes.
2239 *
2240 * For a MN set, the reync mechanism is as follows:
2241 *
2242 * When a resync is started, either via metattach, metaonline, metareplace,
2243 * metasync or by a hotspare kicking in, a message is sent to all nodes, which
2244 * calls mirror_resync_thread. If there is currently no mirror owner, the
2245 * master node sends a CHOOSE_OWNER message to the handler on the master. This
2246 * chooses a mirror owner and sends a CHANGE_OWNER message requesting the
2247 * selected node to become the owner.
2248 * If this node is not the owner it sets itself to block in resync_kill_pending
2249 * and if there is no owner all nodes will block until the chosen owner is
2250 * selected, in which case it will unblock itself. So, on entry to this
2251 * function only one node will continue past resync_kill_pending().
2252 * Once the resync thread is started, it basically cycles through the optimized,
2253 * component and submirrors resyncs until there is no more work to do.
2254 *
2255 * For an ABR mirror, once a mirror owner is chosen it will complete the resync
2256 * unless the nodes dies in which case a new owner will be chosen and it will
2257 * have to complete the resync from the point at which the previous owner died.
2258 * To do this we broadcast a RESYNC_NEXT message before each region to be
2259 * resynced and this message contains the address and length of the region
2260 * being resynced and the current progress through the resync. The size of
2261 * this region is MD_DEF_RESYNC_BLK_SZ blocks. It is larger than the resync
2262 * block size to limit the amount of inter node traffic. The RESYNC_NEXT
2263 * message also indicates to all other nodes that all writes to this block
2264 * must be blocked until the next RESYNC_NEXT message is received. This ensures
2265 * that no node can write to a block that is being resynced. For all MN
2266 * mirrors we also block the whole resync region on the resync owner node so
2267 * that all writes to the resync region are blocked on all nodes. There is a
2268 * difference here between a MN set and a regular set in that for a MN set
2269 * we protect the mirror from writes to the current resync block by blocking
2270 * a larger region. For a regular set we just block writes to the current
2271 * resync block.
2272 *
2273 * For a non-ABR mirror the same RESYNC_NEXT message is sent with an
2274 * additional purpose. In this case, there is only one mirror owner at a time
2275 * and rather than continually switching ownership between the chosen mirror
2276 * owner and the node that is writing to the mirror, we move the resync to the
2277 * mirror owner. When we swich ownership, we block the old owner and unblock
2278 * the resync thread on the new owner. To enable the new owner to continue the
2279 * resync, all nodes need to have the latest resync status, Then, following each
2280 * resync write, we check to see if the resync state has changed and if it
2281 * has this must be because we have lost ownership to another node(s) for a
2282 * period and then have become owner again later in the resync process. If we
2283 * are still dealing with the same resync, we just adjust addresses and counts
2284 * and then continue. If the resync has moved on to a different type, for
2285 * example from an optimized to a submirror resync, we move on to process the
2286 * resync described by rs_type and continue from the position described by
2287 * resync_done and resync_startbl.
2288 *
2289 * Note that for non-ABR mirrors it is possible for a write to be made on a
2290 * non resync-owner node without a change of ownership. This is the case when
2291 * the mirror has a soft part created on it and a write in ABR mode is made
2292 * to that soft part. Therefore we still need to block writes to the resync
2293 * region on all nodes.
2294 *
2295 * Sending the latest resync state to all nodes also enables them to continue
2296 * a resync in the event that the mirror owner dies. If a mirror owner for
2297 * a non-ABR mirror has died, there will be dirty resync regions. Therefore,
2298 * regardless of whether another type of resync was in progress, we must first
2299 * do an optimized resync to clean up the dirty regions before continuing
2300 * with the interrupted resync.
2301 *
2302 * The resync status is held in the unit structure
2303 * On disk
2304 * un_rs_resync_done The number of contiguous resyc blocks done so far
2305 * un_rs_resync_2_do The total number of contiguous resync blocks
2306 * un_rs_type The resync type (inc submirror and component numbers)
2307 * In core
2308 * un_resync_startbl The address of the current resync block being processed
2309 *
2310 * In the event that the whole cluster fails we need to just use
2311 * un_rs_resync_done to restart the resync and to ensure that this is
2312 * periodically written to disk, we have a thread which writes the record
2313 * to disk every 5 minutes. As the granularity of un_rs_resync_done is
2314 * usually coarse ( for an optimized resync 1001 is the max value) there is
2315 * little point in writing this more frequently.
2316 */
2317 static void
2319 {
2334 resync_restart:
2335 #ifdef DEBUG
2338 #endif
2339 /*
2340 * increment the mirror resync count
2341 */
2351 /*
2352 * Don't allow buffer size to fall outside the
2353 * range 0 < bufsize <= md_max_xfer_bufsz.
2354 */
2358 }
2365 /*
2366 * Register this resync thread with the CPR mechanism. This
2367 * allows us to detect when the system is suspended and so
2368 * keep track of the RPC failure condition.
2369 */
2376 /*
2377 * If this is the first resync following the initial
2378 * snarf (MD_RESYNC_NOT_DONE still set) and we've
2379 * been started outside a reconfig step (e.g. by being
2380 * added to an existing set) we need to query the
2381 * existing submirror state for this mirror.
2382 * The set_status flags will have MD_MN_SET_MIR_STATE_RC
2383 * set if we've been through a step4 reconfig, so only
2384 * query the master if this isn't (yet) set. In this
2385 * case we must continue the resync thread as there is
2386 * not guaranteed to be a currently running resync on
2387 * any of the other nodes. Worst case is that we will
2388 * initiate an ownership change to this node and then
2389 * find that there is no resync to perform. However, we
2390 * will then have correct status across the cluster.
2391 */
2394 MD_SET_MN_MIR_STATE_RC)) {
2397 #ifdef DEBUG
2404 "sm[%d] state=%4x"
2408 }
2409 }
2410 #endif
2411 }
2412 }
2414 }
2415 /*
2416 * For MN set, if we have an owner, then start the resync on it.
2417 * If there is no owner the master must send a message to
2418 * choose the owner. This message will contain the current
2419 * resync count and it will only be sent to the master, where
2420 * the resync count will be used to choose the next node to
2421 * perform a resync, by cycling through the nodes in the set.
2422 * The message handler will then send a CHANGE_OWNER message to
2423 * all nodes, and on receipt of that message, the chosen owner
2424 * will issue a SET_OWNER ioctl to become the owner. This ioctl
2425 * will be requested to spawn a thread to issue the
2426 * REQUEST_OWNER message to become the owner which avoids the
2427 * need for concurrent ioctl requests.
2428 * After sending the message, we will block waiting for one
2429 * of the nodes to become the owner and start the resync
2430 */
2432 /*
2433 * There is no owner, block and then the master will
2434 * choose the owner. Only perform this if 'block_resync'
2435 * is set.
2436 */
2441 }
2446 }
2448 /* There is an owner, block if we are not it */
2453 }
2454 }
2455 }
2456 /*
2457 * Start a timeout chain to update the resync progress to the mddb.
2458 * This will run every md_mirror_resync_update_intvl minutes and allows
2459 * a resync to be continued over a reboot.
2460 */
2465 /*
2466 * Handle resync restart from the last logged position. The contents
2467 * of un_rs_resync_2_do and un_rs_resync_done are dependent on the
2468 * type of resync that was in progress.
2469 */
2480 }
2481 /* Allocate a resync message, if required */
2485 }
2487 }
2489 /* Check to see if we've been requested to block/kill */
2492 }
2496 /*
2497 * Always perform an optimized resync first as this will bring
2498 * the mirror into an available state in the shortest time.
2499 * If we are resuming an interrupted resync, other than an
2500 * optimized resync, we save the type and amount done so that
2501 * we can resume the appropriate resync after the optimized
2502 * resync has completed.
2503 */
2510 }
2512 /*
2513 * If we are continuing a resync that is not an
2514 * OPTIMIZED one, then we start from the beginning when
2515 * doing this optimized resync
2516 */
2521 }
2523 /* Check to see if we've been requested to block/kill */
2526 }
2528 /*
2529 * If another node has moved the resync on, we must
2530 * restart the correct resync
2531 */
2538 }
2540 /*
2541 * Restore previous resync progress or move onto a
2542 * component resync.
2543 */
2554 }
2558 /* Check to see if we've been requested to block/kill */
2561 }
2563 /*
2564 * If we have moved on from a component resync, another
2565 * node must have completed it and started a submirror
2566 * resync, so leave the resync state alone. For non
2567 * multi-node sets we move onto the submirror resync.
2568 */
2575 }
2581 }
2582 }
2585 /* Check to see if we've been requested to block/kill */
2588 }
2590 /*
2591 * If we have moved on from a submirror resync, another
2592 * node must have completed it and started a different
2593 * resync, so leave the resync state alone
2594 */
2600 }
2602 /* If non-MN mirror, reinitialize state */
2607 }
2608 }
2615 bail_out:
2616 #ifdef DEBUG
2620 #endif
2628 /*
2629 * For MN Set, send a RESYNC_FINISH if this node completed the resync.
2630 * There is no need to grow unit here, it will be done in the
2631 * handler for the RESYNC_FINISH message together with resetting
2632 * MD_UN_RESYNC_ACTIVE.
2633 */
2636 /*
2637 * Normal resync completion. Issue a RESYNC_FINISH
2638 * message if we're part of a multi-node set.
2639 */
2669 /* If we're shutting down, pause things here. */
2673 }
2674 }
2677 }
2680 }
2681 /*
2682 * If the resync has been cancelled, clear flags, reset owner
2683 * for ABR mirror and release the resync region parent
2684 * structure.
2685 */
2690 /* Resync finished, if ABR set owner to NULL */
2694 }
2697 MD_UN_RESYNC_ACTIVE);
2700 /* Remove previous overlap resync region */
2703 /*
2704 * Release the overlap range reference
2705 */
2708 ps);
2709 }
2710 }
2712 /*
2713 * Release resync message buffer. This will be reallocated on
2714 * the next invocation of the resync_unit thread.
2715 */
2719 }
2721 /* For non-MN sets deal with any pending grows */
2727 }
2728 }
2729 }
2736 /*
2737 * Stop the resync progress thread.
2738 */
2742 }
2744 /*
2745 * Calling mirror_internal_close() makes further reference to un / ui
2746 * dangerous. If we are the only consumer of the mirror it is possible
2747 * for a metaclear to be processed after completion of the m_i_c()
2748 * routine. As we need to handle the case where another resync has been
2749 * scheduled for the mirror, we raise the open count on the device
2750 * which protects against the close / metaclear / lock => panic scenario
2751 */
2755 /*
2756 * deccrement the mirror resync count
2757 */
2762 /*
2763 * Remove the thread reference as we're about to exit. This allows a
2764 * subsequent mirror_resync_unit() to start a new thread.
2765 * If RESYNC_ACTIVE is set, mirror_resync_unit() must have been
2766 * called to start a new resync, so reopen the mirror and go back to
2767 * the start.
2768 */
2777 /* Release the reference grabbed above */
2781 }
2786 }
2790 /*
2791 * Check for hotspares once we've cleared the resync thread reference.
2792 * If there are any errored units a poke_hotspares() will result in
2793 * a call to mirror_resync_unit() which we need to allow to start.
2794 */
2797 /*
2798 * Remove this thread from the CPR callback table.
2799 */
2803 }
2805 /*
2806 * Remove the extra reference to the unit we generated above. After
2807 * this call it is *unsafe* to reference either ui or un as they may
2808 * no longer be allocated.
2809 */
2813 }
2815 /*
2816 * mirror_resync_unit:
2817 * ------------------
2818 * Start a resync for the given mirror metadevice. Save the resync thread ID in
2819 * un->un_rs_thread for later manipulation.
2820 *
2821 * Returns:
2822 * 0 Success
2823 * !=0 Error
2824 */
2825 /*ARGSUSED*/
2826 int
2828 minor_t mnum,
2831 IOLOCK *lockp
2832 )
2833 {
2845 }
2850 }
2852 /*
2853 * Check to see if we're attempting to start a resync while one is
2854 * already running.
2855 */
2858 /*
2859 * Ensure RESYNC_ACTIVE set, it may not be if the resync thread
2860 * is in the process of terminating, setting the flag will
2861 * cause the resync thread to return to the beginning
2862 */
2868 }
2871 }
2877 else
2880 /* Start the resync progress thread off */
2885 /*
2886 * We have to store the thread ID in the unit structure so do not
2887 * drop writerlock until the thread is active. This means resync_unit
2888 * may spin on its first md_unit_readerlock(), but deadlock won't occur.
2889 */
2901 }
2909 }
2910 }
2913 }
2915 /*
2916 * mirror_ioctl_resync:
2917 * -------------------
2918 * Called as a result of an MD_IOCSETSYNC ioctl. Either start, block, unblock
2919 * or kill the resync thread associated with the specified unit.
2920 * Can return with locks held since mdioctl will free any locks
2921 * that are marked in lock->l_flags.
2922 *
2923 * Returns:
2924 * 0 Success
2925 * !=0 Error Code
2926 */
2927 int
2930 IOLOCK *lock
2931 )
2932 {
2935 uint_t bits;
2939 kt_did_t tid;
2947 }
2949 /* RD_LOCK flag grabs the md_ioctl_readerlock */
2954 }
2957 }
2960 }
2962 /*
2963 * Determine the action to take based on the ri_flags field:
2964 * MD_RI_BLOCK: Block current resync thread
2965 * MD_RI_UNBLOCK: Unblock resync thread
2966 * MD_RI_KILL: Abort resync thread
2967 * MD_RI_RESYNC_FORCE_MNSTART: Directly start resync thread
2968 * without using rpc.mdcommd messages.
2969 * any other: Start resync thread
2970 */
2974 /* Halt resync thread by setting flag in un_rs_flags */
2977 }
2984 /*
2985 * Restart resync thread by clearing flag in un_rs_flags and
2986 * cv_signal'ing the blocked thread.
2987 */
2990 }
2998 /* Abort resync thread. */
3001 }
3016 }
3017 }
3019 }
3031 }
3035 /*
3036 * If we are resyncing a mirror in a MN set and the rpc.mdcommd
3037 * can be used, we do not start the resync at this point.
3038 * Instead, the metasync command that issued the ioctl
3039 * will send a RESYNC_STARTING message to start the resync thread. The
3040 * reason we do it this way is to ensure that the metasync ioctl is
3041 * executed on all nodes before the resync thread is started.
3042 *
3043 * If a MN set and the MD_RI_RESYNC_FORCE_MNSTART flag is set, then
3044 * don't use rpc.mdcommd, but just start the resync thread. This
3045 * flag is set on a node when it is being added to a diskset
3046 * so that the resync threads are started on the newly added node.
3047 */
3053 }
3054 }
3056 int
3059 {
3070 md_mn_nodeid_t owner_node;
3076 /*
3077 * Check to see if we have a un_pernode_dirty_bm[] entry allocated. If
3078 * not, allocate it and then fill the [start..end] entries.
3079 * Update un_pernode_dirty_sum if we've gone 0->1.
3080 * Update un_dirty_bm if the corresponding entries are clear.
3081 */
3087 }
3102 }
3110 }
3116 }
3118 /*
3119 * If we have dirty regions to commit, send a
3120 * message to the owning node so that the
3121 * in-core bitmap gets updated appropriately.
3122 * TODO: make this a kmem_cache pool to improve
3123 * alloc/free performance ???
3124 */
3126 KM_SLEEP);
3128 KM_SLEEP);
3130 resend_mmrr:
3138 /* release readerlock before sending message */
3146 /* reaquire readerlock on message completion */
3149 /* if the message send failed, note it, and pass an error back up */
3151 /* if commd is gone, no point in printing a message */
3157 }
3159 /*
3160 * if the owner changed while we were sending the message, and it's
3161 * not us, the new mirror owner won't yet have done the right thing
3162 * with our data. Let him know. If we became the owner, we'll
3163 * deal with that differently below. Note that receiving a message
3164 * about another node twice won't hurt anything.
3165 */
3174 /*
3175 * If we became the owner changed while we were sending the message,
3176 * we have dirty bits in the un_pernode_bm that aren't yet reflected
3177 * in the un_dirty_bm, as it was re-read from disk, and our bits
3178 * are also not reflected in the on-disk DRL. Fix that now.
3179 */
3194 }
3202 }
3204 int
3207 {
3218 /*
3219 * Check to see if we have a un_pernode_dirty_bm[] entry allocated. If
3220 * not, allocate it and then fill the [start..end] entries.
3221 * Update un_pernode_dirty_sum if we've gone 0->1.
3222 * Update un_dirty_bm if the corresponding entries are clear.
3223 */
3230 }
3232 }
3249 }
3255 }
3263 }
3269 }
3281 }
3282 }
3288 }
3297 }
3309 }
3314 }
3322 }
3326 }
3328 int
3331 {
3339 source_node));
3340 }
3341 }
3343 int
3345 {
3355 mddb_type_t typ1;
3365 }
3405 KM_SLEEP);
3407 /*
3408 * Now translate the old records into the new
3409 * records
3410 */
3412 /*
3413 * only bring forward the
3414 * outstanding write counters and the dirty bits and also
3415 * the pernode_summary counts
3416 */
3424 }
3429 /*
3430 * Copy all non-zero un_pernode_dirty_bm[] arrays to new versions
3431 */
3444 }
3446 }
3448 }
3450 /* Save the old record id */
3453 /* Update the mirror unit struct */
3460 /*
3461 * NOTE: The reason there are distinct calls to mddb_commitrec_wrapper
3462 * instead of using mddb_commitrecs_wrapper, is that you cannot
3463 * atomically commit optimized records.
3464 */
3469 }
3471 /* lockp can be NULL for !MN diksets */
3472 int
3474 {
3482 mddb_type_t typ1;
3509 /* Copy the old bm over the new bm */
3512 /*
3513 * Create new bigger incore arrays, copy, and free old ones:
3514 * un_goingdirty_bm
3515 * un_goingclean_bm
3516 * un_resync_bm
3517 * un_outstanding_writes
3518 * un_pernode_dirty_sum
3519 * un_pernode_dirty_bm[]
3520 */
3548 old_nregions);
3550 }
3559 old_bm_size);
3561 }
3563 }
3565 /* Save the old record id */
3568 /* Update the mirror unit struct */
3573 /*
3574 * NOTE: The reason there are distinct calls to mddb_commitrec_wrapper
3575 * instead of using mddb_commitrecs_wrapper, is that you cannot
3576 * atomically commit optimized records.
3577 */
3582 }
3584 /*
3585 * mirror_copy_rr:
3586 * --------------
3587 * Combine the dirty record bitmap with the in-core resync bitmap. This allows
3588 * us to carry a resync over an ownership change.
3589 */
3590 void
3592 {
3597 }
3599 /*
3600 * mirror_set_dirty_rr:
3601 * -------------------
3602 * Set the pernode_dirty_bm[node] entries and un_dirty_bm[] if appropriate.
3603 * For the owning node (DRL/mirror owner) update the on-disk RR if needed.
3604 * Called on every clean->dirty transition for the originating writer node.
3605 * Note: only the non-owning nodes will initiate this message and it is only
3606 * the owning node that has to process it.
3607 */
3608 int
3610 {
3625 }
3627 /* Must have _NO_ ioctl lock set if we update the RR on-disk */
3632 }
3635 }
3638 }
3641 }
3643 /*
3644 * Only process this message if we're the owner of the mirror.
3645 */
3648 }
3653 orignode));
3654 }
3656 /*
3657 * mirror_clean_rr_bits:
3658 * --------------------
3659 * Clear the pernode_dirty_bm[node] entries which are passed in the bitmap
3660 * Once _all_ references are removed (pernode_dirty_count[x] == 0) this region
3661 * is 'cleanable' and will get flushed out by clearing un_dirty_bm[] on all
3662 * nodes. Callable from ioctl / interrupt / whatever context.
3663 * un_resync_mx is held on entry.
3664 */
3665 static void
3668 {
3671 uint_t cleared_bits;
3687 }
3689 cleared_bits++;
3692 }
3693 }
3694 }
3697 /*
3698 * We can only be called iff we are the mirror owner, however
3699 * as this is a (potentially) decoupled routine the ownership
3700 * may have moved from us by the time we get to execute the
3701 * bit clearing. Hence we still need to check for being the
3702 * owner before flushing the DRL to the replica.
3703 */
3708 }
3709 }
3710 }
3712 /*
3713 * mirror_drl_task:
3714 * ---------------
3715 * Service routine for clearing the DRL bits on a deferred MD_MN_RR_CLEAN call
3716 * We need to obtain exclusive access to the un_resync_cv and then clear the
3717 * necessary bits.
3718 * On completion, we must also free the passed in argument as it is allocated
3719 * at the end of the ioctl handler and won't be freed on completion.
3720 */
3721 static void
3723 {
3742 }
3747 }
3749 /*
3750 * mirror_set_clean_rr:
3751 * -------------------
3752 * Clear the pernode_dirty_bm[node] entries which are passed in the bitmap
3753 * Once _all_ references are removed (pernode_dirty_count[x] == 0) this region
3754 * is 'cleanable' and will get flushed out by clearing un_dirty_bm[] on all
3755 * nodes.
3756 *
3757 * Only the mirror-owner need process this message as it is the only RR updater.
3758 * Non-owner nodes issue this request, but as we have no point-to-point message
3759 * support we will receive the message on all nodes.
3760 */
3761 int
3763 {
3778 }
3780 /* Must have _NO_ ioctl lock set if we update the RR on-disk */
3785 }
3788 }
3791 }
3793 /*
3794 * Check to see if we're the mirror owner. If not, there's nothing
3795 * for us to to.
3796 */
3799 }
3801 /*
3802 * Process the to-be-cleaned bitmap. We need to update the pernode_dirty
3803 * bits and pernode_dirty_sum[n], and if, and only if, the sum goes 0
3804 * we can then mark the un_dirty_bm entry as GOINGCLEAN. Alternatively
3805 * we can just defer this cleaning until the next process_resync_regions
3806 * timeout.
3807 */
3812 }
3815 /*
3816 * See if we can simply clear the un_dirty_bm[] entries. If we're not
3817 * the issuing node _and_ we aren't in the process of marking/clearing
3818 * the RR bitmaps, we can simply update the bits as needed.
3819 * If we're the owning node and _not_ the issuing node, we should also
3820 * sync the RR if we clear any bits in it.
3821 */
3831 }
3832 }
3835 /*
3836 * If we couldn't clear the bits, due to DRL update from m_m_r_r / p_r_r
3837 * we must schedule a blocking call to update the DRL on this node.
3838 * As we're invoked from an ioctl we are going to have the original data
3839 * disappear (kmem_free) once we return. So, copy the data into a new
3840 * structure and let the taskq routine release it on completion.
3841 */
3853 }
3854 }
3857 }