xref: /illumos-gate/usr/src/uts/common/fs/zfs/vdev_mirror.c (revision 8c69cc8fbe729fa7b091e901c4b50508ccc6bb33)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 /*
27  * Copyright (c) 2012, 2015 by Delphix. All rights reserved.
28  */
29 
30 #include <sys/zfs_context.h>
31 #include <sys/spa.h>
32 #include <sys/spa_impl.h>
33 #include <sys/dsl_pool.h>
34 #include <sys/dsl_scan.h>
35 #include <sys/vdev_impl.h>
36 #include <sys/zio.h>
37 #include <sys/abd.h>
38 #include <sys/fs/zfs.h>
39 
40 /*
41  * Virtual device vector for mirroring.
42  */
43 
44 typedef struct mirror_child {
45 	vdev_t		*mc_vd;
46 	uint64_t	mc_offset;
47 	int		mc_error;
48 	uint8_t		mc_tried;
49 	uint8_t		mc_skipped;
50 	uint8_t		mc_speculative;
51 } mirror_child_t;
52 
53 typedef struct mirror_map {
54 	int		mm_children;
55 	int		mm_resilvering;
56 	int		mm_preferred;
57 	int		mm_root;
58 	mirror_child_t	mm_child[1];
59 } mirror_map_t;
60 
61 int vdev_mirror_shift = 21;
62 
63 static void
64 vdev_mirror_map_free(zio_t *zio)
65 {
66 	mirror_map_t *mm = zio->io_vsd;
67 
68 	kmem_free(mm, offsetof(mirror_map_t, mm_child[mm->mm_children]));
69 }
70 
71 static const zio_vsd_ops_t vdev_mirror_vsd_ops = {
72 	vdev_mirror_map_free,
73 	zio_vsd_default_cksum_report
74 };
75 
76 static mirror_map_t *
77 vdev_mirror_map_alloc(zio_t *zio)
78 {
79 	mirror_map_t *mm = NULL;
80 	mirror_child_t *mc;
81 	vdev_t *vd = zio->io_vd;
82 	int c, d;
83 
84 	if (vd == NULL) {
85 		dva_t *dva = zio->io_bp->blk_dva;
86 		spa_t *spa = zio->io_spa;
87 
88 		c = BP_GET_NDVAS(zio->io_bp);
89 
90 		mm = kmem_zalloc(offsetof(mirror_map_t, mm_child[c]), KM_SLEEP);
91 		mm->mm_children = c;
92 		mm->mm_resilvering = B_FALSE;
93 		mm->mm_preferred = spa_get_random(c);
94 		mm->mm_root = B_TRUE;
95 
96 		/*
97 		 * Check the other, lower-index DVAs to see if they're on
98 		 * the same vdev as the child we picked.  If they are, use
99 		 * them since they are likely to have been allocated from
100 		 * the primary metaslab in use at the time, and hence are
101 		 * more likely to have locality with single-copy data.
102 		 */
103 		for (c = mm->mm_preferred, d = c - 1; d >= 0; d--) {
104 			if (DVA_GET_VDEV(&dva[d]) == DVA_GET_VDEV(&dva[c]))
105 				mm->mm_preferred = d;
106 		}
107 
108 		for (c = 0; c < mm->mm_children; c++) {
109 			mc = &mm->mm_child[c];
110 
111 			mc->mc_vd = vdev_lookup_top(spa, DVA_GET_VDEV(&dva[c]));
112 			mc->mc_offset = DVA_GET_OFFSET(&dva[c]);
113 		}
114 	} else {
115 		int replacing;
116 
117 		c = vd->vdev_children;
118 
119 		mm = kmem_zalloc(offsetof(mirror_map_t, mm_child[c]), KM_SLEEP);
120 		mm->mm_children = c;
121 		/*
122 		 * If we are resilvering, then we should handle scrub reads
123 		 * differently; we shouldn't issue them to the resilvering
124 		 * device because it might not have those blocks.
125 		 *
126 		 * We are resilvering iff:
127 		 * 1) We are a replacing vdev (ie our name is "replacing-1" or
128 		 *    "spare-1" or something like that), and
129 		 * 2) The pool is currently being resilvered.
130 		 *
131 		 * We cannot simply check vd->vdev_resilver_txg, because it's
132 		 * not set in this path.
133 		 *
134 		 * Nor can we just check our vdev_ops; there are cases (such as
135 		 * when a user types "zpool replace pool odev spare_dev" and
136 		 * spare_dev is in the spare list, or when a spare device is
137 		 * automatically used to replace a DEGRADED device) when
138 		 * resilvering is complete but both the original vdev and the
139 		 * spare vdev remain in the pool.  That behavior is intentional.
140 		 * It helps implement the policy that a spare should be
141 		 * automatically removed from the pool after the user replaces
142 		 * the device that originally failed.
143 		 */
144 		replacing = (vd->vdev_ops == &vdev_replacing_ops ||
145 		    vd->vdev_ops == &vdev_spare_ops);
146 		/*
147 		 * If a spa load is in progress, then spa_dsl_pool may be
148 		 * uninitialized.  But we shouldn't be resilvering during a spa
149 		 * load anyway.
150 		 */
151 		if (replacing &&
152 		    (spa_load_state(vd->vdev_spa) == SPA_LOAD_NONE) &&
153 		    dsl_scan_resilvering(vd->vdev_spa->spa_dsl_pool)) {
154 			mm->mm_resilvering = B_TRUE;
155 		} else {
156 			mm->mm_resilvering = B_FALSE;
157 		}
158 
159 		mm->mm_preferred = mm->mm_resilvering ? 0 :
160 		    (zio->io_offset >> vdev_mirror_shift) % c;
161 		mm->mm_root = B_FALSE;
162 
163 		for (c = 0; c < mm->mm_children; c++) {
164 			mc = &mm->mm_child[c];
165 			mc->mc_vd = vd->vdev_child[c];
166 			mc->mc_offset = zio->io_offset;
167 		}
168 	}
169 
170 	zio->io_vsd = mm;
171 	zio->io_vsd_ops = &vdev_mirror_vsd_ops;
172 	return (mm);
173 }
174 
175 static int
176 vdev_mirror_open(vdev_t *vd, uint64_t *asize, uint64_t *max_asize,
177     uint64_t *ashift)
178 {
179 	int numerrors = 0;
180 	int lasterror = 0;
181 
182 	if (vd->vdev_children == 0) {
183 		vd->vdev_stat.vs_aux = VDEV_AUX_BAD_LABEL;
184 		return (SET_ERROR(EINVAL));
185 	}
186 
187 	vdev_open_children(vd);
188 
189 	for (int c = 0; c < vd->vdev_children; c++) {
190 		vdev_t *cvd = vd->vdev_child[c];
191 
192 		if (cvd->vdev_open_error) {
193 			lasterror = cvd->vdev_open_error;
194 			numerrors++;
195 			continue;
196 		}
197 
198 		*asize = MIN(*asize - 1, cvd->vdev_asize - 1) + 1;
199 		*max_asize = MIN(*max_asize - 1, cvd->vdev_max_asize - 1) + 1;
200 		*ashift = MAX(*ashift, cvd->vdev_ashift);
201 	}
202 
203 	if (numerrors == vd->vdev_children) {
204 		vd->vdev_stat.vs_aux = VDEV_AUX_NO_REPLICAS;
205 		return (lasterror);
206 	}
207 
208 	return (0);
209 }
210 
211 static void
212 vdev_mirror_close(vdev_t *vd)
213 {
214 	for (int c = 0; c < vd->vdev_children; c++)
215 		vdev_close(vd->vdev_child[c]);
216 }
217 
218 static void
219 vdev_mirror_child_done(zio_t *zio)
220 {
221 	mirror_child_t *mc = zio->io_private;
222 
223 	mc->mc_error = zio->io_error;
224 	mc->mc_tried = 1;
225 	mc->mc_skipped = 0;
226 }
227 
228 static void
229 vdev_mirror_scrub_done(zio_t *zio)
230 {
231 	mirror_child_t *mc = zio->io_private;
232 
233 	if (zio->io_error == 0) {
234 		zio_t *pio;
235 		zio_link_t *zl = NULL;
236 
237 		mutex_enter(&zio->io_lock);
238 		while ((pio = zio_walk_parents(zio, &zl)) != NULL) {
239 			mutex_enter(&pio->io_lock);
240 			ASSERT3U(zio->io_size, >=, pio->io_size);
241 			abd_copy(pio->io_abd, zio->io_abd, pio->io_size);
242 			mutex_exit(&pio->io_lock);
243 		}
244 		mutex_exit(&zio->io_lock);
245 	}
246 	abd_free(zio->io_abd);
247 
248 	mc->mc_error = zio->io_error;
249 	mc->mc_tried = 1;
250 	mc->mc_skipped = 0;
251 }
252 
253 /*
254  * Try to find a child whose DTL doesn't contain the block we want to read.
255  * If we can't, try the read on any vdev we haven't already tried.
256  */
257 static int
258 vdev_mirror_child_select(zio_t *zio)
259 {
260 	mirror_map_t *mm = zio->io_vsd;
261 	mirror_child_t *mc;
262 	uint64_t txg = zio->io_txg;
263 	int i, c;
264 
265 	ASSERT(zio->io_bp == NULL || BP_PHYSICAL_BIRTH(zio->io_bp) == txg);
266 
267 	/*
268 	 * Try to find a child whose DTL doesn't contain the block to read.
269 	 * If a child is known to be completely inaccessible (indicated by
270 	 * vdev_readable() returning B_FALSE), don't even try.
271 	 */
272 	for (i = 0, c = mm->mm_preferred; i < mm->mm_children; i++, c++) {
273 		if (c >= mm->mm_children)
274 			c = 0;
275 		mc = &mm->mm_child[c];
276 		if (mc->mc_tried || mc->mc_skipped)
277 			continue;
278 		if (!vdev_readable(mc->mc_vd)) {
279 			mc->mc_error = SET_ERROR(ENXIO);
280 			mc->mc_tried = 1;	/* don't even try */
281 			mc->mc_skipped = 1;
282 			continue;
283 		}
284 		if (!vdev_dtl_contains(mc->mc_vd, DTL_MISSING, txg, 1))
285 			return (c);
286 		mc->mc_error = SET_ERROR(ESTALE);
287 		mc->mc_skipped = 1;
288 		mc->mc_speculative = 1;
289 	}
290 
291 	/*
292 	 * Every device is either missing or has this txg in its DTL.
293 	 * Look for any child we haven't already tried before giving up.
294 	 */
295 	for (c = 0; c < mm->mm_children; c++)
296 		if (!mm->mm_child[c].mc_tried)
297 			return (c);
298 
299 	/*
300 	 * Every child failed.  There's no place left to look.
301 	 */
302 	return (-1);
303 }
304 
305 static void
306 vdev_mirror_io_start(zio_t *zio)
307 {
308 	mirror_map_t *mm;
309 	mirror_child_t *mc;
310 	int c, children;
311 
312 	mm = vdev_mirror_map_alloc(zio);
313 
314 	if (zio->io_type == ZIO_TYPE_READ) {
315 		if ((zio->io_flags & ZIO_FLAG_SCRUB) && !mm->mm_resilvering) {
316 			/*
317 			 * For scrubbing reads we need to allocate a read
318 			 * buffer for each child and issue reads to all
319 			 * children.  If any child succeeds, it will copy its
320 			 * data into zio->io_data in vdev_mirror_scrub_done.
321 			 */
322 			for (c = 0; c < mm->mm_children; c++) {
323 				mc = &mm->mm_child[c];
324 				zio_nowait(zio_vdev_child_io(zio, zio->io_bp,
325 				    mc->mc_vd, mc->mc_offset,
326 				    abd_alloc_sametype(zio->io_abd,
327 				    zio->io_size), zio->io_size,
328 				    zio->io_type, zio->io_priority, 0,
329 				    vdev_mirror_scrub_done, mc));
330 			}
331 			zio_execute(zio);
332 			return;
333 		}
334 		/*
335 		 * For normal reads just pick one child.
336 		 */
337 		c = vdev_mirror_child_select(zio);
338 		children = (c >= 0);
339 	} else {
340 		ASSERT(zio->io_type == ZIO_TYPE_WRITE);
341 
342 		/*
343 		 * Writes go to all children.
344 		 */
345 		c = 0;
346 		children = mm->mm_children;
347 	}
348 
349 	while (children--) {
350 		mc = &mm->mm_child[c];
351 		zio_nowait(zio_vdev_child_io(zio, zio->io_bp,
352 		    mc->mc_vd, mc->mc_offset, zio->io_abd, zio->io_size,
353 		    zio->io_type, zio->io_priority, 0,
354 		    vdev_mirror_child_done, mc));
355 		c++;
356 	}
357 
358 	zio_execute(zio);
359 }
360 
361 static int
362 vdev_mirror_worst_error(mirror_map_t *mm)
363 {
364 	int error[2] = { 0, 0 };
365 
366 	for (int c = 0; c < mm->mm_children; c++) {
367 		mirror_child_t *mc = &mm->mm_child[c];
368 		int s = mc->mc_speculative;
369 		error[s] = zio_worst_error(error[s], mc->mc_error);
370 	}
371 
372 	return (error[0] ? error[0] : error[1]);
373 }
374 
375 static void
376 vdev_mirror_io_done(zio_t *zio)
377 {
378 	mirror_map_t *mm = zio->io_vsd;
379 	mirror_child_t *mc;
380 	int c;
381 	int good_copies = 0;
382 	int unexpected_errors = 0;
383 
384 	for (c = 0; c < mm->mm_children; c++) {
385 		mc = &mm->mm_child[c];
386 
387 		if (mc->mc_error) {
388 			if (!mc->mc_skipped)
389 				unexpected_errors++;
390 		} else if (mc->mc_tried) {
391 			good_copies++;
392 		}
393 	}
394 
395 	if (zio->io_type == ZIO_TYPE_WRITE) {
396 		/*
397 		 * XXX -- for now, treat partial writes as success.
398 		 *
399 		 * Now that we support write reallocation, it would be better
400 		 * to treat partial failure as real failure unless there are
401 		 * no non-degraded top-level vdevs left, and not update DTLs
402 		 * if we intend to reallocate.
403 		 */
404 		/* XXPOLICY */
405 		if (good_copies != mm->mm_children) {
406 			/*
407 			 * Always require at least one good copy.
408 			 *
409 			 * For ditto blocks (io_vd == NULL), require
410 			 * all copies to be good.
411 			 *
412 			 * XXX -- for replacing vdevs, there's no great answer.
413 			 * If the old device is really dead, we may not even
414 			 * be able to access it -- so we only want to
415 			 * require good writes to the new device.  But if
416 			 * the new device turns out to be flaky, we want
417 			 * to be able to detach it -- which requires all
418 			 * writes to the old device to have succeeded.
419 			 */
420 			if (good_copies == 0 || zio->io_vd == NULL)
421 				zio->io_error = vdev_mirror_worst_error(mm);
422 		}
423 		return;
424 	}
425 
426 	ASSERT(zio->io_type == ZIO_TYPE_READ);
427 
428 	/*
429 	 * If we don't have a good copy yet, keep trying other children.
430 	 */
431 	/* XXPOLICY */
432 	if (good_copies == 0 && (c = vdev_mirror_child_select(zio)) != -1) {
433 		ASSERT(c >= 0 && c < mm->mm_children);
434 		mc = &mm->mm_child[c];
435 		zio_vdev_io_redone(zio);
436 		zio_nowait(zio_vdev_child_io(zio, zio->io_bp,
437 		    mc->mc_vd, mc->mc_offset, zio->io_abd, zio->io_size,
438 		    ZIO_TYPE_READ, zio->io_priority, 0,
439 		    vdev_mirror_child_done, mc));
440 		return;
441 	}
442 
443 	/* XXPOLICY */
444 	if (good_copies == 0) {
445 		zio->io_error = vdev_mirror_worst_error(mm);
446 		ASSERT(zio->io_error != 0);
447 	}
448 
449 	if (good_copies && spa_writeable(zio->io_spa) &&
450 	    (unexpected_errors ||
451 	    (zio->io_flags & ZIO_FLAG_RESILVER) ||
452 	    ((zio->io_flags & ZIO_FLAG_SCRUB) && mm->mm_resilvering))) {
453 		/*
454 		 * Use the good data we have in hand to repair damaged children.
455 		 */
456 		for (c = 0; c < mm->mm_children; c++) {
457 			/*
458 			 * Don't rewrite known good children.
459 			 * Not only is it unnecessary, it could
460 			 * actually be harmful: if the system lost
461 			 * power while rewriting the only good copy,
462 			 * there would be no good copies left!
463 			 */
464 			mc = &mm->mm_child[c];
465 
466 			if (mc->mc_error == 0) {
467 				if (mc->mc_tried)
468 					continue;
469 				if (!(zio->io_flags & ZIO_FLAG_SCRUB) &&
470 				    !vdev_dtl_contains(mc->mc_vd, DTL_PARTIAL,
471 				    zio->io_txg, 1))
472 					continue;
473 				mc->mc_error = SET_ERROR(ESTALE);
474 			}
475 
476 			zio_nowait(zio_vdev_child_io(zio, zio->io_bp,
477 			    mc->mc_vd, mc->mc_offset,
478 			    zio->io_abd, zio->io_size,
479 			    ZIO_TYPE_WRITE, ZIO_PRIORITY_ASYNC_WRITE,
480 			    ZIO_FLAG_IO_REPAIR | (unexpected_errors ?
481 			    ZIO_FLAG_SELF_HEAL : 0), NULL, NULL));
482 		}
483 	}
484 }
485 
486 static void
487 vdev_mirror_state_change(vdev_t *vd, int faulted, int degraded)
488 {
489 	if (faulted == vd->vdev_children)
490 		vdev_set_state(vd, B_FALSE, VDEV_STATE_CANT_OPEN,
491 		    VDEV_AUX_NO_REPLICAS);
492 	else if (degraded + faulted != 0)
493 		vdev_set_state(vd, B_FALSE, VDEV_STATE_DEGRADED, VDEV_AUX_NONE);
494 	else
495 		vdev_set_state(vd, B_FALSE, VDEV_STATE_HEALTHY, VDEV_AUX_NONE);
496 }
497 
498 vdev_ops_t vdev_mirror_ops = {
499 	vdev_mirror_open,
500 	vdev_mirror_close,
501 	vdev_default_asize,
502 	vdev_mirror_io_start,
503 	vdev_mirror_io_done,
504 	vdev_mirror_state_change,
505 	NULL,
506 	NULL,
507 	VDEV_TYPE_MIRROR,	/* name of this vdev type */
508 	B_FALSE			/* not a leaf vdev */
509 };
510 
511 vdev_ops_t vdev_replacing_ops = {
512 	vdev_mirror_open,
513 	vdev_mirror_close,
514 	vdev_default_asize,
515 	vdev_mirror_io_start,
516 	vdev_mirror_io_done,
517 	vdev_mirror_state_change,
518 	NULL,
519 	NULL,
520 	VDEV_TYPE_REPLACING,	/* name of this vdev type */
521 	B_FALSE			/* not a leaf vdev */
522 };
523 
524 vdev_ops_t vdev_spare_ops = {
525 	vdev_mirror_open,
526 	vdev_mirror_close,
527 	vdev_default_asize,
528 	vdev_mirror_io_start,
529 	vdev_mirror_io_done,
530 	vdev_mirror_state_change,
531 	NULL,
532 	NULL,
533 	VDEV_TYPE_SPARE,	/* name of this vdev type */
534 	B_FALSE			/* not a leaf vdev */
535 };
536