1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) Sistina Software, Inc. 1997-2003 All rights reserved. 4 * Copyright 2004-2011 Red Hat, Inc. 5 */ 6 7 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 8 9 #include <linux/fs.h> 10 #include <linux/dlm.h> 11 #include <linux/slab.h> 12 #include <linux/types.h> 13 #include <linux/delay.h> 14 #include <linux/gfs2_ondisk.h> 15 #include <linux/sched/signal.h> 16 17 #include "incore.h" 18 #include "glock.h" 19 #include "glops.h" 20 #include "recovery.h" 21 #include "util.h" 22 #include "sys.h" 23 #include "trace_gfs2.h" 24 25 /** 26 * gfs2_update_stats - Update time based stats 27 * @s: The stats to update (local or global) 28 * @index: The index inside @s 29 * @sample: New data to include 30 */ 31 static inline void gfs2_update_stats(struct gfs2_lkstats *s, unsigned index, 32 s64 sample) 33 { 34 /* 35 * @delta is the difference between the current rtt sample and the 36 * running average srtt. We add 1/8 of that to the srtt in order to 37 * update the current srtt estimate. The variance estimate is a bit 38 * more complicated. We subtract the current variance estimate from 39 * the abs value of the @delta and add 1/4 of that to the running 40 * total. That's equivalent to 3/4 of the current variance 41 * estimate plus 1/4 of the abs of @delta. 42 * 43 * Note that the index points at the array entry containing the 44 * smoothed mean value, and the variance is always in the following 45 * entry 46 * 47 * Reference: TCP/IP Illustrated, vol 2, p. 831,832 48 * All times are in units of integer nanoseconds. Unlike the TCP/IP 49 * case, they are not scaled fixed point. 50 */ 51 52 s64 delta = sample - s->stats[index]; 53 s->stats[index] += (delta >> 3); 54 index++; 55 s->stats[index] += (s64)(abs(delta) - s->stats[index]) >> 2; 56 } 57 58 /** 59 * gfs2_update_reply_times - Update locking statistics 60 * @gl: The glock to update 61 * @blocking: The operation may have been blocking 62 * 63 * This assumes that gl->gl_dstamp has been set earlier. 64 * 65 * The rtt (lock round trip time) is an estimate of the time 66 * taken to perform a dlm lock request. We update it on each 67 * reply from the dlm. 68 * 69 * The blocking flag is set on the glock for all dlm requests 70 * which may potentially block due to lock requests from other nodes. 71 * DLM requests where the current lock state is exclusive, the 72 * requested state is null (or unlocked) or where the TRY or 73 * TRY_1CB flags are set are classified as non-blocking. All 74 * other DLM requests are counted as (potentially) blocking. 75 */ 76 static inline void gfs2_update_reply_times(struct gfs2_glock *gl, 77 bool blocking) 78 { 79 struct gfs2_pcpu_lkstats *lks; 80 const unsigned gltype = gl->gl_name.ln_type; 81 unsigned index = blocking ? GFS2_LKS_SRTTB : GFS2_LKS_SRTT; 82 s64 rtt; 83 84 preempt_disable(); 85 rtt = ktime_to_ns(ktime_sub(ktime_get_real(), gl->gl_dstamp)); 86 lks = this_cpu_ptr(gl->gl_name.ln_sbd->sd_lkstats); 87 gfs2_update_stats(&gl->gl_stats, index, rtt); /* Local */ 88 gfs2_update_stats(&lks->lkstats[gltype], index, rtt); /* Global */ 89 preempt_enable(); 90 91 trace_gfs2_glock_lock_time(gl, rtt); 92 } 93 94 /** 95 * gfs2_update_request_times - Update locking statistics 96 * @gl: The glock to update 97 * 98 * The irt (lock inter-request times) measures the average time 99 * between requests to the dlm. It is updated immediately before 100 * each dlm call. 101 */ 102 103 static inline void gfs2_update_request_times(struct gfs2_glock *gl) 104 { 105 struct gfs2_pcpu_lkstats *lks; 106 const unsigned gltype = gl->gl_name.ln_type; 107 ktime_t dstamp; 108 s64 irt; 109 110 preempt_disable(); 111 dstamp = gl->gl_dstamp; 112 gl->gl_dstamp = ktime_get_real(); 113 irt = ktime_to_ns(ktime_sub(gl->gl_dstamp, dstamp)); 114 lks = this_cpu_ptr(gl->gl_name.ln_sbd->sd_lkstats); 115 gfs2_update_stats(&gl->gl_stats, GFS2_LKS_SIRT, irt); /* Local */ 116 gfs2_update_stats(&lks->lkstats[gltype], GFS2_LKS_SIRT, irt); /* Global */ 117 preempt_enable(); 118 } 119 120 static void gdlm_ast(void *arg) 121 { 122 struct gfs2_glock *gl = arg; 123 bool blocking; 124 unsigned ret; 125 126 blocking = test_bit(GLF_BLOCKING, &gl->gl_flags); 127 gfs2_update_reply_times(gl, blocking); 128 clear_bit(GLF_BLOCKING, &gl->gl_flags); 129 130 /* If the glock is dead, we only react to a dlm_unlock() reply. */ 131 if (__lockref_is_dead(&gl->gl_lockref) && 132 gl->gl_lksb.sb_status != -DLM_EUNLOCK) 133 return; 134 135 BUG_ON(gl->gl_lksb.sb_flags & DLM_SBF_DEMOTED); 136 137 if ((gl->gl_lksb.sb_flags & DLM_SBF_VALNOTVALID) && gl->gl_lksb.sb_lvbptr) 138 memset(gl->gl_lksb.sb_lvbptr, 0, GDLM_LVB_SIZE); 139 140 switch (gl->gl_lksb.sb_status) { 141 case -DLM_EUNLOCK: /* Unlocked, so glock can be freed */ 142 if (gl->gl_ops->go_unlocked) 143 gl->gl_ops->go_unlocked(gl); 144 gfs2_glock_free(gl); 145 return; 146 case -DLM_ECANCEL: /* Cancel while getting lock */ 147 ret = LM_OUT_CANCELED; 148 goto out; 149 case -EAGAIN: /* Try lock fails */ 150 ret = LM_OUT_TRY_AGAIN; 151 goto out; 152 case -EDEADLK: /* Deadlock detected */ 153 ret = LM_OUT_DEADLOCK; 154 goto out; 155 case -ETIMEDOUT: /* Canceled due to timeout */ 156 ret = LM_OUT_ERROR; 157 goto out; 158 case 0: /* Success */ 159 break; 160 default: /* Something unexpected */ 161 BUG(); 162 } 163 164 ret = gl->gl_req; 165 166 /* 167 * The GLF_INITIAL flag is initially set for new glocks. Upon the 168 * first successful new (non-conversion) request, we clear this flag to 169 * indicate that a DLM lock exists and that gl->gl_lksb.sb_lkid is the 170 * identifier to use for identifying it. 171 * 172 * Any failed initial requests do not create a DLM lock, so we ignore 173 * the gl->gl_lksb.sb_lkid values that come with such requests. 174 */ 175 176 clear_bit(GLF_INITIAL, &gl->gl_flags); 177 gfs2_glock_complete(gl, ret); 178 return; 179 out: 180 if (test_bit(GLF_INITIAL, &gl->gl_flags)) 181 gl->gl_lksb.sb_lkid = 0; 182 gfs2_glock_complete(gl, ret); 183 } 184 185 static void gdlm_bast(void *arg, int mode) 186 { 187 struct gfs2_glock *gl = arg; 188 189 if (__lockref_is_dead(&gl->gl_lockref)) 190 return; 191 192 switch (mode) { 193 case DLM_LOCK_EX: 194 gfs2_glock_cb(gl, LM_ST_UNLOCKED); 195 break; 196 case DLM_LOCK_CW: 197 gfs2_glock_cb(gl, LM_ST_DEFERRED); 198 break; 199 case DLM_LOCK_PR: 200 gfs2_glock_cb(gl, LM_ST_SHARED); 201 break; 202 default: 203 fs_err(gl->gl_name.ln_sbd, "unknown bast mode %d\n", mode); 204 BUG(); 205 } 206 } 207 208 /* convert gfs lock-state to dlm lock-mode */ 209 210 static int make_mode(struct gfs2_sbd *sdp, const unsigned int lmstate) 211 { 212 switch (lmstate) { 213 case LM_ST_UNLOCKED: 214 return DLM_LOCK_NL; 215 case LM_ST_EXCLUSIVE: 216 return DLM_LOCK_EX; 217 case LM_ST_DEFERRED: 218 return DLM_LOCK_CW; 219 case LM_ST_SHARED: 220 return DLM_LOCK_PR; 221 } 222 fs_err(sdp, "unknown LM state %d\n", lmstate); 223 BUG(); 224 return -1; 225 } 226 227 /* Taken from fs/dlm/lock.c. */ 228 229 static bool middle_conversion(int cur, int req) 230 { 231 return (cur == DLM_LOCK_PR && req == DLM_LOCK_CW) || 232 (cur == DLM_LOCK_CW && req == DLM_LOCK_PR); 233 } 234 235 static bool down_conversion(int cur, int req) 236 { 237 return !middle_conversion(cur, req) && req < cur; 238 } 239 240 static u32 make_flags(struct gfs2_glock *gl, const unsigned int gfs_flags, 241 const int req, bool blocking) 242 { 243 u32 lkf = 0; 244 245 if (gl->gl_lksb.sb_lvbptr) 246 lkf |= DLM_LKF_VALBLK; 247 248 if (gfs_flags & LM_FLAG_TRY) 249 lkf |= DLM_LKF_NOQUEUE; 250 251 if (gfs_flags & LM_FLAG_TRY_1CB) { 252 lkf |= DLM_LKF_NOQUEUE; 253 lkf |= DLM_LKF_NOQUEUEBAST; 254 } 255 256 if (!test_bit(GLF_INITIAL, &gl->gl_flags)) { 257 lkf |= DLM_LKF_CONVERT; 258 259 /* 260 * The DLM_LKF_QUECVT flag needs to be set for "first come, 261 * first served" semantics, but it must only be set for 262 * "upward" lock conversions or else DLM will reject the 263 * request as invalid. 264 */ 265 if (blocking) 266 lkf |= DLM_LKF_QUECVT; 267 } 268 269 return lkf; 270 } 271 272 static void gfs2_reverse_hex(char *c, u64 value) 273 { 274 *c = '0'; 275 while (value) { 276 *c-- = hex_asc[value & 0x0f]; 277 value >>= 4; 278 } 279 } 280 281 static int gdlm_lock(struct gfs2_glock *gl, unsigned int req_state, 282 unsigned int flags) 283 { 284 struct lm_lockstruct *ls = &gl->gl_name.ln_sbd->sd_lockstruct; 285 bool blocking; 286 int cur, req; 287 u32 lkf; 288 char strname[GDLM_STRNAME_BYTES] = ""; 289 int error; 290 291 gl->gl_req = req_state; 292 cur = make_mode(gl->gl_name.ln_sbd, gl->gl_state); 293 req = make_mode(gl->gl_name.ln_sbd, req_state); 294 blocking = !down_conversion(cur, req) && 295 !(flags & (LM_FLAG_TRY|LM_FLAG_TRY_1CB)); 296 lkf = make_flags(gl, flags, req, blocking); 297 if (blocking) 298 set_bit(GLF_BLOCKING, &gl->gl_flags); 299 gfs2_glstats_inc(gl, GFS2_LKS_DCOUNT); 300 gfs2_sbstats_inc(gl, GFS2_LKS_DCOUNT); 301 if (test_bit(GLF_INITIAL, &gl->gl_flags)) { 302 memset(strname, ' ', GDLM_STRNAME_BYTES - 1); 303 strname[GDLM_STRNAME_BYTES - 1] = '\0'; 304 gfs2_reverse_hex(strname + 7, gl->gl_name.ln_type); 305 gfs2_reverse_hex(strname + 23, gl->gl_name.ln_number); 306 gl->gl_dstamp = ktime_get_real(); 307 } else { 308 gfs2_update_request_times(gl); 309 } 310 /* 311 * Submit the actual lock request. 312 */ 313 314 again: 315 down_read(&ls->ls_sem); 316 error = -ENODEV; 317 if (likely(ls->ls_dlm != NULL)) { 318 error = dlm_lock(ls->ls_dlm, req, &gl->gl_lksb, lkf, strname, 319 GDLM_STRNAME_BYTES - 1, 0, gdlm_ast, gl, gdlm_bast); 320 } 321 up_read(&ls->ls_sem); 322 if (error == -EBUSY) { 323 msleep(20); 324 goto again; 325 } 326 return error; 327 } 328 329 static void gdlm_put_lock(struct gfs2_glock *gl) 330 { 331 struct gfs2_sbd *sdp = gl->gl_name.ln_sbd; 332 struct lm_lockstruct *ls = &sdp->sd_lockstruct; 333 uint32_t flags = 0; 334 int error; 335 336 BUG_ON(!__lockref_is_dead(&gl->gl_lockref)); 337 338 if (test_bit(GLF_INITIAL, &gl->gl_flags)) { 339 gfs2_glock_free(gl); 340 return; 341 } 342 343 gfs2_glstats_inc(gl, GFS2_LKS_DCOUNT); 344 gfs2_sbstats_inc(gl, GFS2_LKS_DCOUNT); 345 gfs2_update_request_times(gl); 346 347 /* 348 * When the lockspace is released, all remaining glocks will be 349 * unlocked automatically. This is more efficient than unlocking them 350 * individually, but when the lock is held in DLM_LOCK_EX or 351 * DLM_LOCK_PW mode, the lock value block (LVB) would be lost. 352 */ 353 354 if (test_bit(SDF_SKIP_DLM_UNLOCK, &sdp->sd_flags) && 355 (!gl->gl_lksb.sb_lvbptr || gl->gl_state != LM_ST_EXCLUSIVE)) { 356 gfs2_glock_free_later(gl); 357 return; 358 } 359 360 if (gl->gl_lksb.sb_lvbptr) 361 flags |= DLM_LKF_VALBLK; 362 363 again: 364 down_read(&ls->ls_sem); 365 error = -ENODEV; 366 if (likely(ls->ls_dlm != NULL)) { 367 error = dlm_unlock(ls->ls_dlm, gl->gl_lksb.sb_lkid, flags, 368 NULL, gl); 369 } 370 up_read(&ls->ls_sem); 371 if (error == -EBUSY) { 372 msleep(20); 373 goto again; 374 } 375 376 if (error == -ENODEV) { 377 gfs2_glock_free(gl); 378 return; 379 } 380 381 if (error) { 382 fs_err(sdp, "gdlm_unlock %x,%llx err=%d\n", 383 gl->gl_name.ln_type, 384 (unsigned long long)gl->gl_name.ln_number, error); 385 } 386 } 387 388 static void gdlm_cancel(struct gfs2_glock *gl) 389 { 390 struct lm_lockstruct *ls = &gl->gl_name.ln_sbd->sd_lockstruct; 391 392 down_read(&ls->ls_sem); 393 if (likely(ls->ls_dlm != NULL)) { 394 dlm_unlock(ls->ls_dlm, gl->gl_lksb.sb_lkid, DLM_LKF_CANCEL, NULL, gl); 395 } 396 up_read(&ls->ls_sem); 397 } 398 399 /* 400 * dlm/gfs2 recovery coordination using dlm_recover callbacks 401 * 402 * 0. gfs2 checks for another cluster node withdraw, needing journal replay 403 * 1. dlm_controld sees lockspace members change 404 * 2. dlm_controld blocks dlm-kernel locking activity 405 * 3. dlm_controld within dlm-kernel notifies gfs2 (recover_prep) 406 * 4. dlm_controld starts and finishes its own user level recovery 407 * 5. dlm_controld starts dlm-kernel dlm_recoverd to do kernel recovery 408 * 6. dlm_recoverd notifies gfs2 of failed nodes (recover_slot) 409 * 7. dlm_recoverd does its own lock recovery 410 * 8. dlm_recoverd unblocks dlm-kernel locking activity 411 * 9. dlm_recoverd notifies gfs2 when done (recover_done with new generation) 412 * 10. gfs2_control updates control_lock lvb with new generation and jid bits 413 * 11. gfs2_control enqueues journals for gfs2_recover to recover (maybe none) 414 * 12. gfs2_recover dequeues and recovers journals of failed nodes 415 * 13. gfs2_recover provides recovery results to gfs2_control (recovery_result) 416 * 14. gfs2_control updates control_lock lvb jid bits for recovered journals 417 * 15. gfs2_control unblocks normal locking when all journals are recovered 418 * 419 * - failures during recovery 420 * 421 * recover_prep() may set BLOCK_LOCKS (step 3) again before gfs2_control 422 * clears BLOCK_LOCKS (step 15), e.g. another node fails while still 423 * recovering for a prior failure. gfs2_control needs a way to detect 424 * this so it can leave BLOCK_LOCKS set in step 15. This is managed using 425 * the recover_block and recover_start values. 426 * 427 * recover_done() provides a new lockspace generation number each time it 428 * is called (step 9). This generation number is saved as recover_start. 429 * When recover_prep() is called, it sets BLOCK_LOCKS and sets 430 * recover_block = recover_start. So, while recover_block is equal to 431 * recover_start, BLOCK_LOCKS should remain set. (recover_spin must 432 * be held around the BLOCK_LOCKS/recover_block/recover_start logic.) 433 * 434 * - more specific gfs2 steps in sequence above 435 * 436 * 3. recover_prep sets BLOCK_LOCKS and sets recover_block = recover_start 437 * 6. recover_slot records any failed jids (maybe none) 438 * 9. recover_done sets recover_start = new generation number 439 * 10. gfs2_control sets control_lock lvb = new gen + bits for failed jids 440 * 12. gfs2_recover does journal recoveries for failed jids identified above 441 * 14. gfs2_control clears control_lock lvb bits for recovered jids 442 * 15. gfs2_control checks if recover_block == recover_start (step 3 occured 443 * again) then do nothing, otherwise if recover_start > recover_block 444 * then clear BLOCK_LOCKS. 445 * 446 * - parallel recovery steps across all nodes 447 * 448 * All nodes attempt to update the control_lock lvb with the new generation 449 * number and jid bits, but only the first to get the control_lock EX will 450 * do so; others will see that it's already done (lvb already contains new 451 * generation number.) 452 * 453 * . All nodes get the same recover_prep/recover_slot/recover_done callbacks 454 * . All nodes attempt to set control_lock lvb gen + bits for the new gen 455 * . One node gets control_lock first and writes the lvb, others see it's done 456 * . All nodes attempt to recover jids for which they see control_lock bits set 457 * . One node succeeds for a jid, and that one clears the jid bit in the lvb 458 * . All nodes will eventually see all lvb bits clear and unblock locks 459 * 460 * - is there a problem with clearing an lvb bit that should be set 461 * and missing a journal recovery? 462 * 463 * 1. jid fails 464 * 2. lvb bit set for step 1 465 * 3. jid recovered for step 1 466 * 4. jid taken again (new mount) 467 * 5. jid fails (for step 4) 468 * 6. lvb bit set for step 5 (will already be set) 469 * 7. lvb bit cleared for step 3 470 * 471 * This is not a problem because the failure in step 5 does not 472 * require recovery, because the mount in step 4 could not have 473 * progressed far enough to unblock locks and access the fs. The 474 * control_mount() function waits for all recoveries to be complete 475 * for the latest lockspace generation before ever unblocking locks 476 * and returning. The mount in step 4 waits until the recovery in 477 * step 1 is done. 478 * 479 * - special case of first mounter: first node to mount the fs 480 * 481 * The first node to mount a gfs2 fs needs to check all the journals 482 * and recover any that need recovery before other nodes are allowed 483 * to mount the fs. (Others may begin mounting, but they must wait 484 * for the first mounter to be done before taking locks on the fs 485 * or accessing the fs.) This has two parts: 486 * 487 * 1. The mounted_lock tells a node it's the first to mount the fs. 488 * Each node holds the mounted_lock in PR while it's mounted. 489 * Each node tries to acquire the mounted_lock in EX when it mounts. 490 * If a node is granted the mounted_lock EX it means there are no 491 * other mounted nodes (no PR locks exist), and it is the first mounter. 492 * The mounted_lock is demoted to PR when first recovery is done, so 493 * others will fail to get an EX lock, but will get a PR lock. 494 * 495 * 2. The control_lock blocks others in control_mount() while the first 496 * mounter is doing first mount recovery of all journals. 497 * A mounting node needs to acquire control_lock in EX mode before 498 * it can proceed. The first mounter holds control_lock in EX while doing 499 * the first mount recovery, blocking mounts from other nodes, then demotes 500 * control_lock to NL when it's done (others_may_mount/first_done), 501 * allowing other nodes to continue mounting. 502 * 503 * first mounter: 504 * control_lock EX/NOQUEUE success 505 * mounted_lock EX/NOQUEUE success (no other PR, so no other mounters) 506 * set first=1 507 * do first mounter recovery 508 * mounted_lock EX->PR 509 * control_lock EX->NL, write lvb generation 510 * 511 * other mounter: 512 * control_lock EX/NOQUEUE success (if fail -EAGAIN, retry) 513 * mounted_lock EX/NOQUEUE fail -EAGAIN (expected due to other mounters PR) 514 * mounted_lock PR/NOQUEUE success 515 * read lvb generation 516 * control_lock EX->NL 517 * set first=0 518 * 519 * - mount during recovery 520 * 521 * If a node mounts while others are doing recovery (not first mounter), 522 * the mounting node will get its initial recover_done() callback without 523 * having seen any previous failures/callbacks. 524 * 525 * It must wait for all recoveries preceding its mount to be finished 526 * before it unblocks locks. It does this by repeating the "other mounter" 527 * steps above until the lvb generation number is >= its mount generation 528 * number (from initial recover_done) and all lvb bits are clear. 529 * 530 * - control_lock lvb format 531 * 532 * 4 bytes generation number: the latest dlm lockspace generation number 533 * from recover_done callback. Indicates the jid bitmap has been updated 534 * to reflect all slot failures through that generation. 535 * 4 bytes unused. 536 * GDLM_LVB_SIZE-8 bytes of jid bit map. If bit N is set, it indicates 537 * that jid N needs recovery. 538 */ 539 540 #define JID_BITMAP_OFFSET 8 /* 4 byte generation number + 4 byte unused */ 541 542 static void control_lvb_read(struct lm_lockstruct *ls, uint32_t *lvb_gen, 543 char *lvb_bits) 544 { 545 __le32 gen; 546 memcpy(lvb_bits, ls->ls_control_lvb, GDLM_LVB_SIZE); 547 memcpy(&gen, lvb_bits, sizeof(__le32)); 548 *lvb_gen = le32_to_cpu(gen); 549 } 550 551 static void control_lvb_write(struct lm_lockstruct *ls, uint32_t lvb_gen, 552 char *lvb_bits) 553 { 554 __le32 gen; 555 memcpy(ls->ls_control_lvb, lvb_bits, GDLM_LVB_SIZE); 556 gen = cpu_to_le32(lvb_gen); 557 memcpy(ls->ls_control_lvb, &gen, sizeof(__le32)); 558 } 559 560 static int all_jid_bits_clear(char *lvb) 561 { 562 return !memchr_inv(lvb + JID_BITMAP_OFFSET, 0, 563 GDLM_LVB_SIZE - JID_BITMAP_OFFSET); 564 } 565 566 static void sync_wait_cb(void *arg) 567 { 568 struct lm_lockstruct *ls = arg; 569 complete(&ls->ls_sync_wait); 570 } 571 572 static int sync_unlock(struct gfs2_sbd *sdp, struct dlm_lksb *lksb, char *name) 573 { 574 struct lm_lockstruct *ls = &sdp->sd_lockstruct; 575 int error; 576 577 down_read(&ls->ls_sem); 578 error = -ENODEV; 579 if (likely(ls->ls_dlm != NULL)) 580 error = dlm_unlock(ls->ls_dlm, lksb->sb_lkid, 0, lksb, ls); 581 up_read(&ls->ls_sem); 582 if (error) { 583 fs_err(sdp, "%s lkid %x error %d\n", 584 name, lksb->sb_lkid, error); 585 return error; 586 } 587 588 wait_for_completion(&ls->ls_sync_wait); 589 590 if (lksb->sb_status != -DLM_EUNLOCK) { 591 fs_err(sdp, "%s lkid %x status %d\n", 592 name, lksb->sb_lkid, lksb->sb_status); 593 return -1; 594 } 595 return 0; 596 } 597 598 static int sync_lock(struct gfs2_sbd *sdp, int mode, uint32_t flags, 599 unsigned int num, struct dlm_lksb *lksb, char *name) 600 { 601 struct lm_lockstruct *ls = &sdp->sd_lockstruct; 602 char strname[GDLM_STRNAME_BYTES]; 603 int error, status; 604 605 memset(strname, 0, GDLM_STRNAME_BYTES); 606 snprintf(strname, GDLM_STRNAME_BYTES, "%8x%16x", LM_TYPE_NONDISK, num); 607 608 down_read(&ls->ls_sem); 609 error = -ENODEV; 610 if (likely(ls->ls_dlm != NULL)) { 611 error = dlm_lock(ls->ls_dlm, mode, lksb, flags, 612 strname, GDLM_STRNAME_BYTES - 1, 613 0, sync_wait_cb, ls, NULL); 614 } 615 up_read(&ls->ls_sem); 616 if (error) { 617 fs_err(sdp, "%s lkid %x flags %x mode %d error %d\n", 618 name, lksb->sb_lkid, flags, mode, error); 619 return error; 620 } 621 622 wait_for_completion(&ls->ls_sync_wait); 623 624 status = lksb->sb_status; 625 626 if (status && status != -EAGAIN) { 627 fs_err(sdp, "%s lkid %x flags %x mode %d status %d\n", 628 name, lksb->sb_lkid, flags, mode, status); 629 } 630 631 return status; 632 } 633 634 static int mounted_unlock(struct gfs2_sbd *sdp) 635 { 636 struct lm_lockstruct *ls = &sdp->sd_lockstruct; 637 return sync_unlock(sdp, &ls->ls_mounted_lksb, "mounted_lock"); 638 } 639 640 static int mounted_lock(struct gfs2_sbd *sdp, int mode, uint32_t flags) 641 { 642 struct lm_lockstruct *ls = &sdp->sd_lockstruct; 643 return sync_lock(sdp, mode, flags, GFS2_MOUNTED_LOCK, 644 &ls->ls_mounted_lksb, "mounted_lock"); 645 } 646 647 static int control_unlock(struct gfs2_sbd *sdp) 648 { 649 struct lm_lockstruct *ls = &sdp->sd_lockstruct; 650 return sync_unlock(sdp, &ls->ls_control_lksb, "control_lock"); 651 } 652 653 static int control_lock(struct gfs2_sbd *sdp, int mode, uint32_t flags) 654 { 655 struct lm_lockstruct *ls = &sdp->sd_lockstruct; 656 return sync_lock(sdp, mode, flags, GFS2_CONTROL_LOCK, 657 &ls->ls_control_lksb, "control_lock"); 658 } 659 660 /** 661 * remote_withdraw - react to a node withdrawing from the file system 662 * @sdp: The superblock 663 */ 664 static void remote_withdraw(struct gfs2_sbd *sdp) 665 { 666 struct gfs2_jdesc *jd; 667 int ret = 0, count = 0; 668 669 list_for_each_entry(jd, &sdp->sd_jindex_list, jd_list) { 670 if (jd->jd_jid == sdp->sd_lockstruct.ls_jid) 671 continue; 672 ret = gfs2_recover_journal(jd, true); 673 if (ret) 674 break; 675 count++; 676 } 677 678 /* Now drop the additional reference we acquired */ 679 fs_err(sdp, "Journals checked: %d, ret = %d.\n", count, ret); 680 } 681 682 static void gfs2_control_func(struct work_struct *work) 683 { 684 struct gfs2_sbd *sdp = container_of(work, struct gfs2_sbd, sd_control_work.work); 685 struct lm_lockstruct *ls = &sdp->sd_lockstruct; 686 uint32_t block_gen, start_gen, lvb_gen, flags; 687 int recover_set = 0; 688 int write_lvb = 0; 689 int recover_size; 690 int i, error; 691 692 /* First check for other nodes that may have done a withdraw. */ 693 if (test_bit(SDF_REMOTE_WITHDRAW, &sdp->sd_flags)) { 694 remote_withdraw(sdp); 695 clear_bit(SDF_REMOTE_WITHDRAW, &sdp->sd_flags); 696 return; 697 } 698 699 spin_lock(&ls->ls_recover_spin); 700 /* 701 * No MOUNT_DONE means we're still mounting; control_mount() 702 * will set this flag, after which this thread will take over 703 * all further clearing of BLOCK_LOCKS. 704 * 705 * FIRST_MOUNT means this node is doing first mounter recovery, 706 * for which recovery control is handled by 707 * control_mount()/control_first_done(), not this thread. 708 */ 709 if (!test_bit(DFL_MOUNT_DONE, &ls->ls_recover_flags) || 710 test_bit(DFL_FIRST_MOUNT, &ls->ls_recover_flags)) { 711 spin_unlock(&ls->ls_recover_spin); 712 return; 713 } 714 block_gen = ls->ls_recover_block; 715 start_gen = ls->ls_recover_start; 716 spin_unlock(&ls->ls_recover_spin); 717 718 /* 719 * Equal block_gen and start_gen implies we are between 720 * recover_prep and recover_done callbacks, which means 721 * dlm recovery is in progress and dlm locking is blocked. 722 * There's no point trying to do any work until recover_done. 723 */ 724 725 if (block_gen == start_gen) 726 return; 727 728 /* 729 * Propagate recover_submit[] and recover_result[] to lvb: 730 * dlm_recoverd adds to recover_submit[] jids needing recovery 731 * gfs2_recover adds to recover_result[] journal recovery results 732 * 733 * set lvb bit for jids in recover_submit[] if the lvb has not 734 * yet been updated for the generation of the failure 735 * 736 * clear lvb bit for jids in recover_result[] if the result of 737 * the journal recovery is SUCCESS 738 */ 739 740 error = control_lock(sdp, DLM_LOCK_EX, DLM_LKF_CONVERT|DLM_LKF_VALBLK); 741 if (error) { 742 fs_err(sdp, "control lock EX error %d\n", error); 743 return; 744 } 745 746 control_lvb_read(ls, &lvb_gen, ls->ls_lvb_bits); 747 748 spin_lock(&ls->ls_recover_spin); 749 if (block_gen != ls->ls_recover_block || 750 start_gen != ls->ls_recover_start) { 751 fs_info(sdp, "recover generation %u block1 %u %u\n", 752 start_gen, block_gen, ls->ls_recover_block); 753 spin_unlock(&ls->ls_recover_spin); 754 control_lock(sdp, DLM_LOCK_NL, DLM_LKF_CONVERT); 755 return; 756 } 757 758 recover_size = ls->ls_recover_size; 759 760 if (lvb_gen <= start_gen) { 761 /* 762 * Clear lvb bits for jids we've successfully recovered. 763 * Because all nodes attempt to recover failed journals, 764 * a journal can be recovered multiple times successfully 765 * in succession. Only the first will really do recovery, 766 * the others find it clean, but still report a successful 767 * recovery. So, another node may have already recovered 768 * the jid and cleared the lvb bit for it. 769 */ 770 for (i = 0; i < recover_size; i++) { 771 if (ls->ls_recover_result[i] != LM_RD_SUCCESS) 772 continue; 773 774 ls->ls_recover_result[i] = 0; 775 776 if (!test_bit_le(i, ls->ls_lvb_bits + JID_BITMAP_OFFSET)) 777 continue; 778 779 __clear_bit_le(i, ls->ls_lvb_bits + JID_BITMAP_OFFSET); 780 write_lvb = 1; 781 } 782 } 783 784 if (lvb_gen == start_gen) { 785 /* 786 * Failed slots before start_gen are already set in lvb. 787 */ 788 for (i = 0; i < recover_size; i++) { 789 if (!ls->ls_recover_submit[i]) 790 continue; 791 if (ls->ls_recover_submit[i] < lvb_gen) 792 ls->ls_recover_submit[i] = 0; 793 } 794 } else if (lvb_gen < start_gen) { 795 /* 796 * Failed slots before start_gen are not yet set in lvb. 797 */ 798 for (i = 0; i < recover_size; i++) { 799 if (!ls->ls_recover_submit[i]) 800 continue; 801 if (ls->ls_recover_submit[i] < start_gen) { 802 ls->ls_recover_submit[i] = 0; 803 __set_bit_le(i, ls->ls_lvb_bits + JID_BITMAP_OFFSET); 804 } 805 } 806 /* even if there are no bits to set, we need to write the 807 latest generation to the lvb */ 808 write_lvb = 1; 809 } else { 810 /* 811 * we should be getting a recover_done() for lvb_gen soon 812 */ 813 } 814 spin_unlock(&ls->ls_recover_spin); 815 816 if (write_lvb) { 817 control_lvb_write(ls, start_gen, ls->ls_lvb_bits); 818 flags = DLM_LKF_CONVERT | DLM_LKF_VALBLK; 819 } else { 820 flags = DLM_LKF_CONVERT; 821 } 822 823 error = control_lock(sdp, DLM_LOCK_NL, flags); 824 if (error) { 825 fs_err(sdp, "control lock NL error %d\n", error); 826 return; 827 } 828 829 /* 830 * Everyone will see jid bits set in the lvb, run gfs2_recover_set(), 831 * and clear a jid bit in the lvb if the recovery is a success. 832 * Eventually all journals will be recovered, all jid bits will 833 * be cleared in the lvb, and everyone will clear BLOCK_LOCKS. 834 */ 835 836 for (i = 0; i < recover_size; i++) { 837 if (test_bit_le(i, ls->ls_lvb_bits + JID_BITMAP_OFFSET)) { 838 fs_info(sdp, "recover generation %u jid %d\n", 839 start_gen, i); 840 gfs2_recover_set(sdp, i); 841 recover_set++; 842 } 843 } 844 if (recover_set) 845 return; 846 847 /* 848 * No more jid bits set in lvb, all recovery is done, unblock locks 849 * (unless a new recover_prep callback has occured blocking locks 850 * again while working above) 851 */ 852 853 spin_lock(&ls->ls_recover_spin); 854 if (ls->ls_recover_block == block_gen && 855 ls->ls_recover_start == start_gen) { 856 clear_bit(DFL_BLOCK_LOCKS, &ls->ls_recover_flags); 857 spin_unlock(&ls->ls_recover_spin); 858 fs_info(sdp, "recover generation %u done\n", start_gen); 859 gfs2_glock_thaw(sdp); 860 } else { 861 fs_info(sdp, "recover generation %u block2 %u %u\n", 862 start_gen, block_gen, ls->ls_recover_block); 863 spin_unlock(&ls->ls_recover_spin); 864 } 865 } 866 867 static int control_mount(struct gfs2_sbd *sdp) 868 { 869 struct lm_lockstruct *ls = &sdp->sd_lockstruct; 870 uint32_t start_gen, block_gen, mount_gen, lvb_gen; 871 int mounted_mode; 872 int retries = 0; 873 int error; 874 875 memset(&ls->ls_mounted_lksb, 0, sizeof(struct dlm_lksb)); 876 memset(&ls->ls_control_lksb, 0, sizeof(struct dlm_lksb)); 877 memset(&ls->ls_control_lvb, 0, GDLM_LVB_SIZE); 878 ls->ls_control_lksb.sb_lvbptr = ls->ls_control_lvb; 879 init_completion(&ls->ls_sync_wait); 880 881 set_bit(DFL_BLOCK_LOCKS, &ls->ls_recover_flags); 882 883 error = control_lock(sdp, DLM_LOCK_NL, DLM_LKF_VALBLK); 884 if (error) { 885 fs_err(sdp, "control_mount control_lock NL error %d\n", error); 886 return error; 887 } 888 889 error = mounted_lock(sdp, DLM_LOCK_NL, 0); 890 if (error) { 891 fs_err(sdp, "control_mount mounted_lock NL error %d\n", error); 892 control_unlock(sdp); 893 return error; 894 } 895 mounted_mode = DLM_LOCK_NL; 896 897 restart: 898 if (retries++ && signal_pending(current)) { 899 error = -EINTR; 900 goto fail; 901 } 902 903 /* 904 * We always start with both locks in NL. control_lock is 905 * demoted to NL below so we don't need to do it here. 906 */ 907 908 if (mounted_mode != DLM_LOCK_NL) { 909 error = mounted_lock(sdp, DLM_LOCK_NL, DLM_LKF_CONVERT); 910 if (error) 911 goto fail; 912 mounted_mode = DLM_LOCK_NL; 913 } 914 915 /* 916 * Other nodes need to do some work in dlm recovery and gfs2_control 917 * before the recover_done and control_lock will be ready for us below. 918 * A delay here is not required but often avoids having to retry. 919 */ 920 921 msleep_interruptible(500); 922 923 /* 924 * Acquire control_lock in EX and mounted_lock in either EX or PR. 925 * control_lock lvb keeps track of any pending journal recoveries. 926 * mounted_lock indicates if any other nodes have the fs mounted. 927 */ 928 929 error = control_lock(sdp, DLM_LOCK_EX, DLM_LKF_CONVERT|DLM_LKF_NOQUEUE|DLM_LKF_VALBLK); 930 if (error == -EAGAIN) { 931 goto restart; 932 } else if (error) { 933 fs_err(sdp, "control_mount control_lock EX error %d\n", error); 934 goto fail; 935 } 936 937 /** 938 * If we're a spectator, we don't want to take the lock in EX because 939 * we cannot do the first-mount responsibility it implies: recovery. 940 */ 941 if (sdp->sd_args.ar_spectator) 942 goto locks_done; 943 944 error = mounted_lock(sdp, DLM_LOCK_EX, DLM_LKF_CONVERT|DLM_LKF_NOQUEUE); 945 if (!error) { 946 mounted_mode = DLM_LOCK_EX; 947 goto locks_done; 948 } else if (error != -EAGAIN) { 949 fs_err(sdp, "control_mount mounted_lock EX error %d\n", error); 950 goto fail; 951 } 952 953 error = mounted_lock(sdp, DLM_LOCK_PR, DLM_LKF_CONVERT|DLM_LKF_NOQUEUE); 954 if (!error) { 955 mounted_mode = DLM_LOCK_PR; 956 goto locks_done; 957 } else { 958 /* not even -EAGAIN should happen here */ 959 fs_err(sdp, "control_mount mounted_lock PR error %d\n", error); 960 goto fail; 961 } 962 963 locks_done: 964 /* 965 * If we got both locks above in EX, then we're the first mounter. 966 * If not, then we need to wait for the control_lock lvb to be 967 * updated by other mounted nodes to reflect our mount generation. 968 * 969 * In simple first mounter cases, first mounter will see zero lvb_gen, 970 * but in cases where all existing nodes leave/fail before mounting 971 * nodes finish control_mount, then all nodes will be mounting and 972 * lvb_gen will be non-zero. 973 */ 974 975 control_lvb_read(ls, &lvb_gen, ls->ls_lvb_bits); 976 977 if (lvb_gen == 0xFFFFFFFF) { 978 /* special value to force mount attempts to fail */ 979 fs_err(sdp, "control_mount control_lock disabled\n"); 980 error = -EINVAL; 981 goto fail; 982 } 983 984 if (mounted_mode == DLM_LOCK_EX) { 985 /* first mounter, keep both EX while doing first recovery */ 986 spin_lock(&ls->ls_recover_spin); 987 clear_bit(DFL_BLOCK_LOCKS, &ls->ls_recover_flags); 988 set_bit(DFL_MOUNT_DONE, &ls->ls_recover_flags); 989 set_bit(DFL_FIRST_MOUNT, &ls->ls_recover_flags); 990 spin_unlock(&ls->ls_recover_spin); 991 fs_info(sdp, "first mounter control generation %u\n", lvb_gen); 992 return 0; 993 } 994 995 error = control_lock(sdp, DLM_LOCK_NL, DLM_LKF_CONVERT); 996 if (error) 997 goto fail; 998 999 /* 1000 * We are not first mounter, now we need to wait for the control_lock 1001 * lvb generation to be >= the generation from our first recover_done 1002 * and all lvb bits to be clear (no pending journal recoveries.) 1003 */ 1004 1005 if (!all_jid_bits_clear(ls->ls_lvb_bits)) { 1006 /* journals need recovery, wait until all are clear */ 1007 fs_info(sdp, "control_mount wait for journal recovery\n"); 1008 goto restart; 1009 } 1010 1011 spin_lock(&ls->ls_recover_spin); 1012 block_gen = ls->ls_recover_block; 1013 start_gen = ls->ls_recover_start; 1014 mount_gen = ls->ls_recover_mount; 1015 1016 if (lvb_gen < mount_gen) { 1017 /* wait for mounted nodes to update control_lock lvb to our 1018 generation, which might include new recovery bits set */ 1019 if (sdp->sd_args.ar_spectator) { 1020 fs_info(sdp, "Recovery is required. Waiting for a " 1021 "non-spectator to mount.\n"); 1022 spin_unlock(&ls->ls_recover_spin); 1023 msleep_interruptible(1000); 1024 } else { 1025 fs_info(sdp, "control_mount wait1 block %u start %u " 1026 "mount %u lvb %u flags %lx\n", block_gen, 1027 start_gen, mount_gen, lvb_gen, 1028 ls->ls_recover_flags); 1029 spin_unlock(&ls->ls_recover_spin); 1030 } 1031 goto restart; 1032 } 1033 1034 if (lvb_gen != start_gen) { 1035 /* wait for mounted nodes to update control_lock lvb to the 1036 latest recovery generation */ 1037 fs_info(sdp, "control_mount wait2 block %u start %u mount %u " 1038 "lvb %u flags %lx\n", block_gen, start_gen, mount_gen, 1039 lvb_gen, ls->ls_recover_flags); 1040 spin_unlock(&ls->ls_recover_spin); 1041 goto restart; 1042 } 1043 1044 if (block_gen == start_gen) { 1045 /* dlm recovery in progress, wait for it to finish */ 1046 fs_info(sdp, "control_mount wait3 block %u start %u mount %u " 1047 "lvb %u flags %lx\n", block_gen, start_gen, mount_gen, 1048 lvb_gen, ls->ls_recover_flags); 1049 spin_unlock(&ls->ls_recover_spin); 1050 goto restart; 1051 } 1052 1053 clear_bit(DFL_BLOCK_LOCKS, &ls->ls_recover_flags); 1054 set_bit(DFL_MOUNT_DONE, &ls->ls_recover_flags); 1055 memset(ls->ls_recover_submit, 0, ls->ls_recover_size*sizeof(uint32_t)); 1056 memset(ls->ls_recover_result, 0, ls->ls_recover_size*sizeof(uint32_t)); 1057 spin_unlock(&ls->ls_recover_spin); 1058 return 0; 1059 1060 fail: 1061 mounted_unlock(sdp); 1062 control_unlock(sdp); 1063 return error; 1064 } 1065 1066 static int control_first_done(struct gfs2_sbd *sdp) 1067 { 1068 struct lm_lockstruct *ls = &sdp->sd_lockstruct; 1069 uint32_t start_gen, block_gen; 1070 int error; 1071 1072 restart: 1073 spin_lock(&ls->ls_recover_spin); 1074 start_gen = ls->ls_recover_start; 1075 block_gen = ls->ls_recover_block; 1076 1077 if (test_bit(DFL_BLOCK_LOCKS, &ls->ls_recover_flags) || 1078 !test_bit(DFL_MOUNT_DONE, &ls->ls_recover_flags) || 1079 !test_bit(DFL_FIRST_MOUNT, &ls->ls_recover_flags)) { 1080 /* sanity check, should not happen */ 1081 fs_err(sdp, "control_first_done start %u block %u flags %lx\n", 1082 start_gen, block_gen, ls->ls_recover_flags); 1083 spin_unlock(&ls->ls_recover_spin); 1084 control_unlock(sdp); 1085 return -1; 1086 } 1087 1088 if (start_gen == block_gen) { 1089 /* 1090 * Wait for the end of a dlm recovery cycle to switch from 1091 * first mounter recovery. We can ignore any recover_slot 1092 * callbacks between the recover_prep and next recover_done 1093 * because we are still the first mounter and any failed nodes 1094 * have not fully mounted, so they don't need recovery. 1095 */ 1096 spin_unlock(&ls->ls_recover_spin); 1097 fs_info(sdp, "control_first_done wait gen %u\n", start_gen); 1098 1099 wait_on_bit(&ls->ls_recover_flags, DFL_DLM_RECOVERY, 1100 TASK_UNINTERRUPTIBLE); 1101 goto restart; 1102 } 1103 1104 clear_bit(DFL_FIRST_MOUNT, &ls->ls_recover_flags); 1105 set_bit(DFL_FIRST_MOUNT_DONE, &ls->ls_recover_flags); 1106 memset(ls->ls_recover_submit, 0, ls->ls_recover_size*sizeof(uint32_t)); 1107 memset(ls->ls_recover_result, 0, ls->ls_recover_size*sizeof(uint32_t)); 1108 spin_unlock(&ls->ls_recover_spin); 1109 1110 memset(ls->ls_lvb_bits, 0, GDLM_LVB_SIZE); 1111 control_lvb_write(ls, start_gen, ls->ls_lvb_bits); 1112 1113 error = mounted_lock(sdp, DLM_LOCK_PR, DLM_LKF_CONVERT); 1114 if (error) 1115 fs_err(sdp, "control_first_done mounted PR error %d\n", error); 1116 1117 error = control_lock(sdp, DLM_LOCK_NL, DLM_LKF_CONVERT|DLM_LKF_VALBLK); 1118 if (error) 1119 fs_err(sdp, "control_first_done control NL error %d\n", error); 1120 1121 return error; 1122 } 1123 1124 /* 1125 * Expand static jid arrays if necessary (by increments of RECOVER_SIZE_INC) 1126 * to accommodate the largest slot number. (NB dlm slot numbers start at 1, 1127 * gfs2 jids start at 0, so jid = slot - 1) 1128 */ 1129 1130 #define RECOVER_SIZE_INC 16 1131 1132 static int set_recover_size(struct gfs2_sbd *sdp, struct dlm_slot *slots, 1133 int num_slots) 1134 { 1135 struct lm_lockstruct *ls = &sdp->sd_lockstruct; 1136 uint32_t *submit = NULL; 1137 uint32_t *result = NULL; 1138 uint32_t old_size, new_size; 1139 int i, max_jid; 1140 1141 if (!ls->ls_lvb_bits) { 1142 ls->ls_lvb_bits = kzalloc(GDLM_LVB_SIZE, GFP_NOFS); 1143 if (!ls->ls_lvb_bits) 1144 return -ENOMEM; 1145 } 1146 1147 max_jid = 0; 1148 for (i = 0; i < num_slots; i++) { 1149 if (max_jid < slots[i].slot - 1) 1150 max_jid = slots[i].slot - 1; 1151 } 1152 1153 old_size = ls->ls_recover_size; 1154 new_size = old_size; 1155 while (new_size < max_jid + 1) 1156 new_size += RECOVER_SIZE_INC; 1157 if (new_size == old_size) 1158 return 0; 1159 1160 submit = kcalloc(new_size, sizeof(uint32_t), GFP_NOFS); 1161 result = kcalloc(new_size, sizeof(uint32_t), GFP_NOFS); 1162 if (!submit || !result) { 1163 kfree(submit); 1164 kfree(result); 1165 return -ENOMEM; 1166 } 1167 1168 spin_lock(&ls->ls_recover_spin); 1169 memcpy(submit, ls->ls_recover_submit, old_size * sizeof(uint32_t)); 1170 memcpy(result, ls->ls_recover_result, old_size * sizeof(uint32_t)); 1171 kfree(ls->ls_recover_submit); 1172 kfree(ls->ls_recover_result); 1173 ls->ls_recover_submit = submit; 1174 ls->ls_recover_result = result; 1175 ls->ls_recover_size = new_size; 1176 spin_unlock(&ls->ls_recover_spin); 1177 return 0; 1178 } 1179 1180 static void free_recover_size(struct lm_lockstruct *ls) 1181 { 1182 kfree(ls->ls_lvb_bits); 1183 kfree(ls->ls_recover_submit); 1184 kfree(ls->ls_recover_result); 1185 ls->ls_recover_submit = NULL; 1186 ls->ls_recover_result = NULL; 1187 ls->ls_recover_size = 0; 1188 ls->ls_lvb_bits = NULL; 1189 } 1190 1191 /* dlm calls before it does lock recovery */ 1192 1193 static void gdlm_recover_prep(void *arg) 1194 { 1195 struct gfs2_sbd *sdp = arg; 1196 struct lm_lockstruct *ls = &sdp->sd_lockstruct; 1197 1198 if (gfs2_withdrawing_or_withdrawn(sdp)) { 1199 fs_err(sdp, "recover_prep ignored due to withdraw.\n"); 1200 return; 1201 } 1202 spin_lock(&ls->ls_recover_spin); 1203 ls->ls_recover_block = ls->ls_recover_start; 1204 set_bit(DFL_DLM_RECOVERY, &ls->ls_recover_flags); 1205 1206 if (!test_bit(DFL_MOUNT_DONE, &ls->ls_recover_flags) || 1207 test_bit(DFL_FIRST_MOUNT, &ls->ls_recover_flags)) { 1208 spin_unlock(&ls->ls_recover_spin); 1209 return; 1210 } 1211 set_bit(DFL_BLOCK_LOCKS, &ls->ls_recover_flags); 1212 spin_unlock(&ls->ls_recover_spin); 1213 } 1214 1215 /* dlm calls after recover_prep has been completed on all lockspace members; 1216 identifies slot/jid of failed member */ 1217 1218 static void gdlm_recover_slot(void *arg, struct dlm_slot *slot) 1219 { 1220 struct gfs2_sbd *sdp = arg; 1221 struct lm_lockstruct *ls = &sdp->sd_lockstruct; 1222 int jid = slot->slot - 1; 1223 1224 if (gfs2_withdrawing_or_withdrawn(sdp)) { 1225 fs_err(sdp, "recover_slot jid %d ignored due to withdraw.\n", 1226 jid); 1227 return; 1228 } 1229 spin_lock(&ls->ls_recover_spin); 1230 if (ls->ls_recover_size < jid + 1) { 1231 fs_err(sdp, "recover_slot jid %d gen %u short size %d\n", 1232 jid, ls->ls_recover_block, ls->ls_recover_size); 1233 spin_unlock(&ls->ls_recover_spin); 1234 return; 1235 } 1236 1237 if (ls->ls_recover_submit[jid]) { 1238 fs_info(sdp, "recover_slot jid %d gen %u prev %u\n", 1239 jid, ls->ls_recover_block, ls->ls_recover_submit[jid]); 1240 } 1241 ls->ls_recover_submit[jid] = ls->ls_recover_block; 1242 spin_unlock(&ls->ls_recover_spin); 1243 } 1244 1245 /* dlm calls after recover_slot and after it completes lock recovery */ 1246 1247 static void gdlm_recover_done(void *arg, struct dlm_slot *slots, int num_slots, 1248 int our_slot, uint32_t generation) 1249 { 1250 struct gfs2_sbd *sdp = arg; 1251 struct lm_lockstruct *ls = &sdp->sd_lockstruct; 1252 1253 if (gfs2_withdrawing_or_withdrawn(sdp)) { 1254 fs_err(sdp, "recover_done ignored due to withdraw.\n"); 1255 return; 1256 } 1257 /* ensure the ls jid arrays are large enough */ 1258 set_recover_size(sdp, slots, num_slots); 1259 1260 spin_lock(&ls->ls_recover_spin); 1261 ls->ls_recover_start = generation; 1262 1263 if (!ls->ls_recover_mount) { 1264 ls->ls_recover_mount = generation; 1265 ls->ls_jid = our_slot - 1; 1266 } 1267 1268 if (!test_bit(DFL_UNMOUNT, &ls->ls_recover_flags)) 1269 queue_delayed_work(gfs2_control_wq, &sdp->sd_control_work, 0); 1270 1271 clear_bit(DFL_DLM_RECOVERY, &ls->ls_recover_flags); 1272 smp_mb__after_atomic(); 1273 wake_up_bit(&ls->ls_recover_flags, DFL_DLM_RECOVERY); 1274 spin_unlock(&ls->ls_recover_spin); 1275 } 1276 1277 /* gfs2_recover thread has a journal recovery result */ 1278 1279 static void gdlm_recovery_result(struct gfs2_sbd *sdp, unsigned int jid, 1280 unsigned int result) 1281 { 1282 struct lm_lockstruct *ls = &sdp->sd_lockstruct; 1283 1284 if (gfs2_withdrawing_or_withdrawn(sdp)) { 1285 fs_err(sdp, "recovery_result jid %d ignored due to withdraw.\n", 1286 jid); 1287 return; 1288 } 1289 if (test_bit(DFL_NO_DLM_OPS, &ls->ls_recover_flags)) 1290 return; 1291 1292 /* don't care about the recovery of own journal during mount */ 1293 if (jid == ls->ls_jid) 1294 return; 1295 1296 spin_lock(&ls->ls_recover_spin); 1297 if (test_bit(DFL_FIRST_MOUNT, &ls->ls_recover_flags)) { 1298 spin_unlock(&ls->ls_recover_spin); 1299 return; 1300 } 1301 if (ls->ls_recover_size < jid + 1) { 1302 fs_err(sdp, "recovery_result jid %d short size %d\n", 1303 jid, ls->ls_recover_size); 1304 spin_unlock(&ls->ls_recover_spin); 1305 return; 1306 } 1307 1308 fs_info(sdp, "recover jid %d result %s\n", jid, 1309 result == LM_RD_GAVEUP ? "busy" : "success"); 1310 1311 ls->ls_recover_result[jid] = result; 1312 1313 /* GAVEUP means another node is recovering the journal; delay our 1314 next attempt to recover it, to give the other node a chance to 1315 finish before trying again */ 1316 1317 if (!test_bit(DFL_UNMOUNT, &ls->ls_recover_flags)) 1318 queue_delayed_work(gfs2_control_wq, &sdp->sd_control_work, 1319 result == LM_RD_GAVEUP ? HZ : 0); 1320 spin_unlock(&ls->ls_recover_spin); 1321 } 1322 1323 static const struct dlm_lockspace_ops gdlm_lockspace_ops = { 1324 .recover_prep = gdlm_recover_prep, 1325 .recover_slot = gdlm_recover_slot, 1326 .recover_done = gdlm_recover_done, 1327 }; 1328 1329 static int gdlm_mount(struct gfs2_sbd *sdp, const char *table) 1330 { 1331 struct lm_lockstruct *ls = &sdp->sd_lockstruct; 1332 char cluster[GFS2_LOCKNAME_LEN]; 1333 const char *fsname; 1334 uint32_t flags; 1335 int error, ops_result; 1336 1337 /* 1338 * initialize everything 1339 */ 1340 1341 INIT_DELAYED_WORK(&sdp->sd_control_work, gfs2_control_func); 1342 ls->ls_dlm = NULL; 1343 spin_lock_init(&ls->ls_recover_spin); 1344 ls->ls_recover_flags = 0; 1345 ls->ls_recover_mount = 0; 1346 ls->ls_recover_start = 0; 1347 ls->ls_recover_block = 0; 1348 ls->ls_recover_size = 0; 1349 ls->ls_recover_submit = NULL; 1350 ls->ls_recover_result = NULL; 1351 ls->ls_lvb_bits = NULL; 1352 1353 error = set_recover_size(sdp, NULL, 0); 1354 if (error) 1355 goto fail; 1356 1357 /* 1358 * prepare dlm_new_lockspace args 1359 */ 1360 1361 fsname = strchr(table, ':'); 1362 if (!fsname) { 1363 fs_info(sdp, "no fsname found\n"); 1364 error = -EINVAL; 1365 goto fail_free; 1366 } 1367 memset(cluster, 0, sizeof(cluster)); 1368 memcpy(cluster, table, strlen(table) - strlen(fsname)); 1369 fsname++; 1370 1371 flags = DLM_LSFL_NEWEXCL; 1372 1373 /* 1374 * create/join lockspace 1375 */ 1376 1377 init_rwsem(&ls->ls_sem); 1378 error = dlm_new_lockspace(fsname, cluster, flags, GDLM_LVB_SIZE, 1379 &gdlm_lockspace_ops, sdp, &ops_result, 1380 &ls->ls_dlm); 1381 if (error) { 1382 fs_err(sdp, "dlm_new_lockspace error %d\n", error); 1383 goto fail_free; 1384 } 1385 1386 if (ops_result < 0) { 1387 /* 1388 * dlm does not support ops callbacks, 1389 * old dlm_controld/gfs_controld are used, try without ops. 1390 */ 1391 fs_info(sdp, "dlm lockspace ops not used\n"); 1392 free_recover_size(ls); 1393 set_bit(DFL_NO_DLM_OPS, &ls->ls_recover_flags); 1394 return 0; 1395 } 1396 1397 if (!test_bit(SDF_NOJOURNALID, &sdp->sd_flags)) { 1398 fs_err(sdp, "dlm lockspace ops disallow jid preset\n"); 1399 error = -EINVAL; 1400 goto fail_release; 1401 } 1402 1403 /* 1404 * control_mount() uses control_lock to determine first mounter, 1405 * and for later mounts, waits for any recoveries to be cleared. 1406 */ 1407 1408 error = control_mount(sdp); 1409 if (error) { 1410 fs_err(sdp, "mount control error %d\n", error); 1411 goto fail_release; 1412 } 1413 1414 ls->ls_first = !!test_bit(DFL_FIRST_MOUNT, &ls->ls_recover_flags); 1415 clear_bit(SDF_NOJOURNALID, &sdp->sd_flags); 1416 smp_mb__after_atomic(); 1417 wake_up_bit(&sdp->sd_flags, SDF_NOJOURNALID); 1418 return 0; 1419 1420 fail_release: 1421 dlm_release_lockspace(ls->ls_dlm, DLM_RELEASE_NORMAL); 1422 fail_free: 1423 free_recover_size(ls); 1424 fail: 1425 return error; 1426 } 1427 1428 static void gdlm_first_done(struct gfs2_sbd *sdp) 1429 { 1430 struct lm_lockstruct *ls = &sdp->sd_lockstruct; 1431 int error; 1432 1433 if (test_bit(DFL_NO_DLM_OPS, &ls->ls_recover_flags)) 1434 return; 1435 1436 error = control_first_done(sdp); 1437 if (error) 1438 fs_err(sdp, "mount first_done error %d\n", error); 1439 } 1440 1441 static void gdlm_unmount(struct gfs2_sbd *sdp) 1442 { 1443 struct lm_lockstruct *ls = &sdp->sd_lockstruct; 1444 1445 if (test_bit(DFL_NO_DLM_OPS, &ls->ls_recover_flags)) 1446 goto release; 1447 1448 /* wait for gfs2_control_wq to be done with this mount */ 1449 1450 spin_lock(&ls->ls_recover_spin); 1451 set_bit(DFL_UNMOUNT, &ls->ls_recover_flags); 1452 spin_unlock(&ls->ls_recover_spin); 1453 flush_delayed_work(&sdp->sd_control_work); 1454 1455 /* mounted_lock and control_lock will be purged in dlm recovery */ 1456 release: 1457 down_write(&ls->ls_sem); 1458 if (ls->ls_dlm) { 1459 dlm_release_lockspace(ls->ls_dlm, DLM_RELEASE_NORMAL); 1460 ls->ls_dlm = NULL; 1461 } 1462 up_write(&ls->ls_sem); 1463 1464 free_recover_size(ls); 1465 } 1466 1467 static const match_table_t dlm_tokens = { 1468 { Opt_jid, "jid=%d"}, 1469 { Opt_id, "id=%d"}, 1470 { Opt_first, "first=%d"}, 1471 { Opt_nodir, "nodir=%d"}, 1472 { Opt_err, NULL }, 1473 }; 1474 1475 const struct lm_lockops gfs2_dlm_ops = { 1476 .lm_proto_name = "lock_dlm", 1477 .lm_mount = gdlm_mount, 1478 .lm_first_done = gdlm_first_done, 1479 .lm_recovery_result = gdlm_recovery_result, 1480 .lm_unmount = gdlm_unmount, 1481 .lm_put_lock = gdlm_put_lock, 1482 .lm_lock = gdlm_lock, 1483 .lm_cancel = gdlm_cancel, 1484 .lm_tokens = &dlm_tokens, 1485 }; 1486 1487