1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. 24 * Copyright (c) 2013 by Delphix. All rights reserved. 25 */ 26 27 #include <sys/zfs_context.h> 28 #include <sys/spa.h> 29 #include <sys/vdev_impl.h> 30 #include <sys/zio.h> 31 #include <sys/zio_checksum.h> 32 #include <sys/fs/zfs.h> 33 #include <sys/fm/fs/zfs.h> 34 35 /* 36 * Virtual device vector for RAID-Z. 37 * 38 * This vdev supports single, double, and triple parity. For single parity, 39 * we use a simple XOR of all the data columns. For double or triple parity, 40 * we use a special case of Reed-Solomon coding. This extends the 41 * technique described in "The mathematics of RAID-6" by H. Peter Anvin by 42 * drawing on the system described in "A Tutorial on Reed-Solomon Coding for 43 * Fault-Tolerance in RAID-like Systems" by James S. Plank on which the 44 * former is also based. The latter is designed to provide higher performance 45 * for writes. 46 * 47 * Note that the Plank paper claimed to support arbitrary N+M, but was then 48 * amended six years later identifying a critical flaw that invalidates its 49 * claims. Nevertheless, the technique can be adapted to work for up to 50 * triple parity. For additional parity, the amendment "Note: Correction to 51 * the 1997 Tutorial on Reed-Solomon Coding" by James S. Plank and Ying Ding 52 * is viable, but the additional complexity means that write performance will 53 * suffer. 54 * 55 * All of the methods above operate on a Galois field, defined over the 56 * integers mod 2^N. In our case we choose N=8 for GF(8) so that all elements 57 * can be expressed with a single byte. Briefly, the operations on the 58 * field are defined as follows: 59 * 60 * o addition (+) is represented by a bitwise XOR 61 * o subtraction (-) is therefore identical to addition: A + B = A - B 62 * o multiplication of A by 2 is defined by the following bitwise expression: 63 * (A * 2)_7 = A_6 64 * (A * 2)_6 = A_5 65 * (A * 2)_5 = A_4 66 * (A * 2)_4 = A_3 + A_7 67 * (A * 2)_3 = A_2 + A_7 68 * (A * 2)_2 = A_1 + A_7 69 * (A * 2)_1 = A_0 70 * (A * 2)_0 = A_7 71 * 72 * In C, multiplying by 2 is therefore ((a << 1) ^ ((a & 0x80) ? 0x1d : 0)). 73 * As an aside, this multiplication is derived from the error correcting 74 * primitive polynomial x^8 + x^4 + x^3 + x^2 + 1. 75 * 76 * Observe that any number in the field (except for 0) can be expressed as a 77 * power of 2 -- a generator for the field. We store a table of the powers of 78 * 2 and logs base 2 for quick look ups, and exploit the fact that A * B can 79 * be rewritten as 2^(log_2(A) + log_2(B)) (where '+' is normal addition rather 80 * than field addition). The inverse of a field element A (A^-1) is therefore 81 * A ^ (255 - 1) = A^254. 82 * 83 * The up-to-three parity columns, P, Q, R over several data columns, 84 * D_0, ... D_n-1, can be expressed by field operations: 85 * 86 * P = D_0 + D_1 + ... + D_n-2 + D_n-1 87 * Q = 2^n-1 * D_0 + 2^n-2 * D_1 + ... + 2^1 * D_n-2 + 2^0 * D_n-1 88 * = ((...((D_0) * 2 + D_1) * 2 + ...) * 2 + D_n-2) * 2 + D_n-1 89 * R = 4^n-1 * D_0 + 4^n-2 * D_1 + ... + 4^1 * D_n-2 + 4^0 * D_n-1 90 * = ((...((D_0) * 4 + D_1) * 4 + ...) * 4 + D_n-2) * 4 + D_n-1 91 * 92 * We chose 1, 2, and 4 as our generators because 1 corresponds to the trival 93 * XOR operation, and 2 and 4 can be computed quickly and generate linearly- 94 * independent coefficients. (There are no additional coefficients that have 95 * this property which is why the uncorrected Plank method breaks down.) 96 * 97 * See the reconstruction code below for how P, Q and R can used individually 98 * or in concert to recover missing data columns. 99 */ 100 101 typedef struct raidz_col { 102 uint64_t rc_devidx; /* child device index for I/O */ 103 uint64_t rc_offset; /* device offset */ 104 uint64_t rc_size; /* I/O size */ 105 void *rc_data; /* I/O data */ 106 void *rc_gdata; /* used to store the "good" version */ 107 int rc_error; /* I/O error for this device */ 108 uint8_t rc_tried; /* Did we attempt this I/O column? */ 109 uint8_t rc_skipped; /* Did we skip this I/O column? */ 110 } raidz_col_t; 111 112 typedef struct raidz_map { 113 uint64_t rm_cols; /* Regular column count */ 114 uint64_t rm_scols; /* Count including skipped columns */ 115 uint64_t rm_bigcols; /* Number of oversized columns */ 116 uint64_t rm_asize; /* Actual total I/O size */ 117 uint64_t rm_missingdata; /* Count of missing data devices */ 118 uint64_t rm_missingparity; /* Count of missing parity devices */ 119 uint64_t rm_firstdatacol; /* First data column/parity count */ 120 uint64_t rm_nskip; /* Skipped sectors for padding */ 121 uint64_t rm_skipstart; /* Column index of padding start */ 122 void *rm_datacopy; /* rm_asize-buffer of copied data */ 123 uintptr_t rm_reports; /* # of referencing checksum reports */ 124 uint8_t rm_freed; /* map no longer has referencing ZIO */ 125 uint8_t rm_ecksuminjected; /* checksum error was injected */ 126 raidz_col_t rm_col[1]; /* Flexible array of I/O columns */ 127 } raidz_map_t; 128 129 #define VDEV_RAIDZ_P 0 130 #define VDEV_RAIDZ_Q 1 131 #define VDEV_RAIDZ_R 2 132 133 #define VDEV_RAIDZ_MUL_2(x) (((x) << 1) ^ (((x) & 0x80) ? 0x1d : 0)) 134 #define VDEV_RAIDZ_MUL_4(x) (VDEV_RAIDZ_MUL_2(VDEV_RAIDZ_MUL_2(x))) 135 136 /* 137 * We provide a mechanism to perform the field multiplication operation on a 138 * 64-bit value all at once rather than a byte at a time. This works by 139 * creating a mask from the top bit in each byte and using that to 140 * conditionally apply the XOR of 0x1d. 141 */ 142 #define VDEV_RAIDZ_64MUL_2(x, mask) \ 143 { \ 144 (mask) = (x) & 0x8080808080808080ULL; \ 145 (mask) = ((mask) << 1) - ((mask) >> 7); \ 146 (x) = (((x) << 1) & 0xfefefefefefefefeULL) ^ \ 147 ((mask) & 0x1d1d1d1d1d1d1d1d); \ 148 } 149 150 #define VDEV_RAIDZ_64MUL_4(x, mask) \ 151 { \ 152 VDEV_RAIDZ_64MUL_2((x), mask); \ 153 VDEV_RAIDZ_64MUL_2((x), mask); \ 154 } 155 156 /* 157 * Force reconstruction to use the general purpose method. 158 */ 159 int vdev_raidz_default_to_general; 160 161 /* 162 * These two tables represent powers and logs of 2 in the Galois field defined 163 * above. These values were computed by repeatedly multiplying by 2 as above. 164 */ 165 static const uint8_t vdev_raidz_pow2[256] = { 166 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 167 0x1d, 0x3a, 0x74, 0xe8, 0xcd, 0x87, 0x13, 0x26, 168 0x4c, 0x98, 0x2d, 0x5a, 0xb4, 0x75, 0xea, 0xc9, 169 0x8f, 0x03, 0x06, 0x0c, 0x18, 0x30, 0x60, 0xc0, 170 0x9d, 0x27, 0x4e, 0x9c, 0x25, 0x4a, 0x94, 0x35, 171 0x6a, 0xd4, 0xb5, 0x77, 0xee, 0xc1, 0x9f, 0x23, 172 0x46, 0x8c, 0x05, 0x0a, 0x14, 0x28, 0x50, 0xa0, 173 0x5d, 0xba, 0x69, 0xd2, 0xb9, 0x6f, 0xde, 0xa1, 174 0x5f, 0xbe, 0x61, 0xc2, 0x99, 0x2f, 0x5e, 0xbc, 175 0x65, 0xca, 0x89, 0x0f, 0x1e, 0x3c, 0x78, 0xf0, 176 0xfd, 0xe7, 0xd3, 0xbb, 0x6b, 0xd6, 0xb1, 0x7f, 177 0xfe, 0xe1, 0xdf, 0xa3, 0x5b, 0xb6, 0x71, 0xe2, 178 0xd9, 0xaf, 0x43, 0x86, 0x11, 0x22, 0x44, 0x88, 179 0x0d, 0x1a, 0x34, 0x68, 0xd0, 0xbd, 0x67, 0xce, 180 0x81, 0x1f, 0x3e, 0x7c, 0xf8, 0xed, 0xc7, 0x93, 181 0x3b, 0x76, 0xec, 0xc5, 0x97, 0x33, 0x66, 0xcc, 182 0x85, 0x17, 0x2e, 0x5c, 0xb8, 0x6d, 0xda, 0xa9, 183 0x4f, 0x9e, 0x21, 0x42, 0x84, 0x15, 0x2a, 0x54, 184 0xa8, 0x4d, 0x9a, 0x29, 0x52, 0xa4, 0x55, 0xaa, 185 0x49, 0x92, 0x39, 0x72, 0xe4, 0xd5, 0xb7, 0x73, 186 0xe6, 0xd1, 0xbf, 0x63, 0xc6, 0x91, 0x3f, 0x7e, 187 0xfc, 0xe5, 0xd7, 0xb3, 0x7b, 0xf6, 0xf1, 0xff, 188 0xe3, 0xdb, 0xab, 0x4b, 0x96, 0x31, 0x62, 0xc4, 189 0x95, 0x37, 0x6e, 0xdc, 0xa5, 0x57, 0xae, 0x41, 190 0x82, 0x19, 0x32, 0x64, 0xc8, 0x8d, 0x07, 0x0e, 191 0x1c, 0x38, 0x70, 0xe0, 0xdd, 0xa7, 0x53, 0xa6, 192 0x51, 0xa2, 0x59, 0xb2, 0x79, 0xf2, 0xf9, 0xef, 193 0xc3, 0x9b, 0x2b, 0x56, 0xac, 0x45, 0x8a, 0x09, 194 0x12, 0x24, 0x48, 0x90, 0x3d, 0x7a, 0xf4, 0xf5, 195 0xf7, 0xf3, 0xfb, 0xeb, 0xcb, 0x8b, 0x0b, 0x16, 196 0x2c, 0x58, 0xb0, 0x7d, 0xfa, 0xe9, 0xcf, 0x83, 197 0x1b, 0x36, 0x6c, 0xd8, 0xad, 0x47, 0x8e, 0x01 198 }; 199 static const uint8_t vdev_raidz_log2[256] = { 200 0x00, 0x00, 0x01, 0x19, 0x02, 0x32, 0x1a, 0xc6, 201 0x03, 0xdf, 0x33, 0xee, 0x1b, 0x68, 0xc7, 0x4b, 202 0x04, 0x64, 0xe0, 0x0e, 0x34, 0x8d, 0xef, 0x81, 203 0x1c, 0xc1, 0x69, 0xf8, 0xc8, 0x08, 0x4c, 0x71, 204 0x05, 0x8a, 0x65, 0x2f, 0xe1, 0x24, 0x0f, 0x21, 205 0x35, 0x93, 0x8e, 0xda, 0xf0, 0x12, 0x82, 0x45, 206 0x1d, 0xb5, 0xc2, 0x7d, 0x6a, 0x27, 0xf9, 0xb9, 207 0xc9, 0x9a, 0x09, 0x78, 0x4d, 0xe4, 0x72, 0xa6, 208 0x06, 0xbf, 0x8b, 0x62, 0x66, 0xdd, 0x30, 0xfd, 209 0xe2, 0x98, 0x25, 0xb3, 0x10, 0x91, 0x22, 0x88, 210 0x36, 0xd0, 0x94, 0xce, 0x8f, 0x96, 0xdb, 0xbd, 211 0xf1, 0xd2, 0x13, 0x5c, 0x83, 0x38, 0x46, 0x40, 212 0x1e, 0x42, 0xb6, 0xa3, 0xc3, 0x48, 0x7e, 0x6e, 213 0x6b, 0x3a, 0x28, 0x54, 0xfa, 0x85, 0xba, 0x3d, 214 0xca, 0x5e, 0x9b, 0x9f, 0x0a, 0x15, 0x79, 0x2b, 215 0x4e, 0xd4, 0xe5, 0xac, 0x73, 0xf3, 0xa7, 0x57, 216 0x07, 0x70, 0xc0, 0xf7, 0x8c, 0x80, 0x63, 0x0d, 217 0x67, 0x4a, 0xde, 0xed, 0x31, 0xc5, 0xfe, 0x18, 218 0xe3, 0xa5, 0x99, 0x77, 0x26, 0xb8, 0xb4, 0x7c, 219 0x11, 0x44, 0x92, 0xd9, 0x23, 0x20, 0x89, 0x2e, 220 0x37, 0x3f, 0xd1, 0x5b, 0x95, 0xbc, 0xcf, 0xcd, 221 0x90, 0x87, 0x97, 0xb2, 0xdc, 0xfc, 0xbe, 0x61, 222 0xf2, 0x56, 0xd3, 0xab, 0x14, 0x2a, 0x5d, 0x9e, 223 0x84, 0x3c, 0x39, 0x53, 0x47, 0x6d, 0x41, 0xa2, 224 0x1f, 0x2d, 0x43, 0xd8, 0xb7, 0x7b, 0xa4, 0x76, 225 0xc4, 0x17, 0x49, 0xec, 0x7f, 0x0c, 0x6f, 0xf6, 226 0x6c, 0xa1, 0x3b, 0x52, 0x29, 0x9d, 0x55, 0xaa, 227 0xfb, 0x60, 0x86, 0xb1, 0xbb, 0xcc, 0x3e, 0x5a, 228 0xcb, 0x59, 0x5f, 0xb0, 0x9c, 0xa9, 0xa0, 0x51, 229 0x0b, 0xf5, 0x16, 0xeb, 0x7a, 0x75, 0x2c, 0xd7, 230 0x4f, 0xae, 0xd5, 0xe9, 0xe6, 0xe7, 0xad, 0xe8, 231 0x74, 0xd6, 0xf4, 0xea, 0xa8, 0x50, 0x58, 0xaf, 232 }; 233 234 static void vdev_raidz_generate_parity(raidz_map_t *rm); 235 236 /* 237 * Multiply a given number by 2 raised to the given power. 238 */ 239 static uint8_t 240 vdev_raidz_exp2(uint_t a, int exp) 241 { 242 if (a == 0) 243 return (0); 244 245 ASSERT(exp >= 0); 246 ASSERT(vdev_raidz_log2[a] > 0 || a == 1); 247 248 exp += vdev_raidz_log2[a]; 249 if (exp > 255) 250 exp -= 255; 251 252 return (vdev_raidz_pow2[exp]); 253 } 254 255 static void 256 vdev_raidz_map_free(raidz_map_t *rm) 257 { 258 int c; 259 size_t size; 260 261 for (c = 0; c < rm->rm_firstdatacol; c++) { 262 zio_buf_free(rm->rm_col[c].rc_data, rm->rm_col[c].rc_size); 263 264 if (rm->rm_col[c].rc_gdata != NULL) 265 zio_buf_free(rm->rm_col[c].rc_gdata, 266 rm->rm_col[c].rc_size); 267 } 268 269 size = 0; 270 for (c = rm->rm_firstdatacol; c < rm->rm_cols; c++) 271 size += rm->rm_col[c].rc_size; 272 273 if (rm->rm_datacopy != NULL) 274 zio_buf_free(rm->rm_datacopy, size); 275 276 kmem_free(rm, offsetof(raidz_map_t, rm_col[rm->rm_scols])); 277 } 278 279 static void 280 vdev_raidz_map_free_vsd(zio_t *zio) 281 { 282 raidz_map_t *rm = zio->io_vsd; 283 284 ASSERT0(rm->rm_freed); 285 rm->rm_freed = 1; 286 287 if (rm->rm_reports == 0) 288 vdev_raidz_map_free(rm); 289 } 290 291 /*ARGSUSED*/ 292 static void 293 vdev_raidz_cksum_free(void *arg, size_t ignored) 294 { 295 raidz_map_t *rm = arg; 296 297 ASSERT3U(rm->rm_reports, >, 0); 298 299 if (--rm->rm_reports == 0 && rm->rm_freed != 0) 300 vdev_raidz_map_free(rm); 301 } 302 303 static void 304 vdev_raidz_cksum_finish(zio_cksum_report_t *zcr, const void *good_data) 305 { 306 raidz_map_t *rm = zcr->zcr_cbdata; 307 size_t c = zcr->zcr_cbinfo; 308 size_t x; 309 310 const char *good = NULL; 311 const char *bad = rm->rm_col[c].rc_data; 312 313 if (good_data == NULL) { 314 zfs_ereport_finish_checksum(zcr, NULL, NULL, B_FALSE); 315 return; 316 } 317 318 if (c < rm->rm_firstdatacol) { 319 /* 320 * The first time through, calculate the parity blocks for 321 * the good data (this relies on the fact that the good 322 * data never changes for a given logical ZIO) 323 */ 324 if (rm->rm_col[0].rc_gdata == NULL) { 325 char *bad_parity[VDEV_RAIDZ_MAXPARITY]; 326 char *buf; 327 328 /* 329 * Set up the rm_col[]s to generate the parity for 330 * good_data, first saving the parity bufs and 331 * replacing them with buffers to hold the result. 332 */ 333 for (x = 0; x < rm->rm_firstdatacol; x++) { 334 bad_parity[x] = rm->rm_col[x].rc_data; 335 rm->rm_col[x].rc_data = rm->rm_col[x].rc_gdata = 336 zio_buf_alloc(rm->rm_col[x].rc_size); 337 } 338 339 /* fill in the data columns from good_data */ 340 buf = (char *)good_data; 341 for (; x < rm->rm_cols; x++) { 342 rm->rm_col[x].rc_data = buf; 343 buf += rm->rm_col[x].rc_size; 344 } 345 346 /* 347 * Construct the parity from the good data. 348 */ 349 vdev_raidz_generate_parity(rm); 350 351 /* restore everything back to its original state */ 352 for (x = 0; x < rm->rm_firstdatacol; x++) 353 rm->rm_col[x].rc_data = bad_parity[x]; 354 355 buf = rm->rm_datacopy; 356 for (x = rm->rm_firstdatacol; x < rm->rm_cols; x++) { 357 rm->rm_col[x].rc_data = buf; 358 buf += rm->rm_col[x].rc_size; 359 } 360 } 361 362 ASSERT3P(rm->rm_col[c].rc_gdata, !=, NULL); 363 good = rm->rm_col[c].rc_gdata; 364 } else { 365 /* adjust good_data to point at the start of our column */ 366 good = good_data; 367 368 for (x = rm->rm_firstdatacol; x < c; x++) 369 good += rm->rm_col[x].rc_size; 370 } 371 372 /* we drop the ereport if it ends up that the data was good */ 373 zfs_ereport_finish_checksum(zcr, good, bad, B_TRUE); 374 } 375 376 /* 377 * Invoked indirectly by zfs_ereport_start_checksum(), called 378 * below when our read operation fails completely. The main point 379 * is to keep a copy of everything we read from disk, so that at 380 * vdev_raidz_cksum_finish() time we can compare it with the good data. 381 */ 382 static void 383 vdev_raidz_cksum_report(zio_t *zio, zio_cksum_report_t *zcr, void *arg) 384 { 385 size_t c = (size_t)(uintptr_t)arg; 386 caddr_t buf; 387 388 raidz_map_t *rm = zio->io_vsd; 389 size_t size; 390 391 /* set up the report and bump the refcount */ 392 zcr->zcr_cbdata = rm; 393 zcr->zcr_cbinfo = c; 394 zcr->zcr_finish = vdev_raidz_cksum_finish; 395 zcr->zcr_free = vdev_raidz_cksum_free; 396 397 rm->rm_reports++; 398 ASSERT3U(rm->rm_reports, >, 0); 399 400 if (rm->rm_datacopy != NULL) 401 return; 402 403 /* 404 * It's the first time we're called for this raidz_map_t, so we need 405 * to copy the data aside; there's no guarantee that our zio's buffer 406 * won't be re-used for something else. 407 * 408 * Our parity data is already in separate buffers, so there's no need 409 * to copy them. 410 */ 411 412 size = 0; 413 for (c = rm->rm_firstdatacol; c < rm->rm_cols; c++) 414 size += rm->rm_col[c].rc_size; 415 416 buf = rm->rm_datacopy = zio_buf_alloc(size); 417 418 for (c = rm->rm_firstdatacol; c < rm->rm_cols; c++) { 419 raidz_col_t *col = &rm->rm_col[c]; 420 421 bcopy(col->rc_data, buf, col->rc_size); 422 col->rc_data = buf; 423 424 buf += col->rc_size; 425 } 426 ASSERT3P(buf - (caddr_t)rm->rm_datacopy, ==, size); 427 } 428 429 static const zio_vsd_ops_t vdev_raidz_vsd_ops = { 430 vdev_raidz_map_free_vsd, 431 vdev_raidz_cksum_report 432 }; 433 434 /* 435 * Divides the IO evenly across all child vdevs; usually, dcols is 436 * the number of children in the target vdev. 437 */ 438 static raidz_map_t * 439 vdev_raidz_map_alloc(zio_t *zio, uint64_t unit_shift, uint64_t dcols, 440 uint64_t nparity) 441 { 442 raidz_map_t *rm; 443 /* The starting RAIDZ (parent) vdev sector of the block. */ 444 uint64_t b = zio->io_offset >> unit_shift; 445 /* The zio's size in units of the vdev's minimum sector size. */ 446 uint64_t s = zio->io_size >> unit_shift; 447 /* The first column for this stripe. */ 448 uint64_t f = b % dcols; 449 /* The starting byte offset on each child vdev. */ 450 uint64_t o = (b / dcols) << unit_shift; 451 uint64_t q, r, c, bc, col, acols, scols, coff, devidx, asize, tot; 452 453 /* 454 * "Quotient": The number of data sectors for this stripe on all but 455 * the "big column" child vdevs that also contain "remainder" data. 456 */ 457 q = s / (dcols - nparity); 458 459 /* 460 * "Remainder": The number of partial stripe data sectors in this I/O. 461 * This will add a sector to some, but not all, child vdevs. 462 */ 463 r = s - q * (dcols - nparity); 464 465 /* The number of "big columns" - those which contain remainder data. */ 466 bc = (r == 0 ? 0 : r + nparity); 467 468 /* 469 * The total number of data and parity sectors associated with 470 * this I/O. 471 */ 472 tot = s + nparity * (q + (r == 0 ? 0 : 1)); 473 474 /* acols: The columns that will be accessed. */ 475 /* scols: The columns that will be accessed or skipped. */ 476 if (q == 0) { 477 /* Our I/O request doesn't span all child vdevs. */ 478 acols = bc; 479 scols = MIN(dcols, roundup(bc, nparity + 1)); 480 } else { 481 acols = dcols; 482 scols = dcols; 483 } 484 485 ASSERT3U(acols, <=, scols); 486 487 rm = kmem_alloc(offsetof(raidz_map_t, rm_col[scols]), KM_SLEEP); 488 489 rm->rm_cols = acols; 490 rm->rm_scols = scols; 491 rm->rm_bigcols = bc; 492 rm->rm_skipstart = bc; 493 rm->rm_missingdata = 0; 494 rm->rm_missingparity = 0; 495 rm->rm_firstdatacol = nparity; 496 rm->rm_datacopy = NULL; 497 rm->rm_reports = 0; 498 rm->rm_freed = 0; 499 rm->rm_ecksuminjected = 0; 500 501 asize = 0; 502 503 for (c = 0; c < scols; c++) { 504 col = f + c; 505 coff = o; 506 if (col >= dcols) { 507 col -= dcols; 508 coff += 1ULL << unit_shift; 509 } 510 rm->rm_col[c].rc_devidx = col; 511 rm->rm_col[c].rc_offset = coff; 512 rm->rm_col[c].rc_data = NULL; 513 rm->rm_col[c].rc_gdata = NULL; 514 rm->rm_col[c].rc_error = 0; 515 rm->rm_col[c].rc_tried = 0; 516 rm->rm_col[c].rc_skipped = 0; 517 518 if (c >= acols) 519 rm->rm_col[c].rc_size = 0; 520 else if (c < bc) 521 rm->rm_col[c].rc_size = (q + 1) << unit_shift; 522 else 523 rm->rm_col[c].rc_size = q << unit_shift; 524 525 asize += rm->rm_col[c].rc_size; 526 } 527 528 ASSERT3U(asize, ==, tot << unit_shift); 529 rm->rm_asize = roundup(asize, (nparity + 1) << unit_shift); 530 rm->rm_nskip = roundup(tot, nparity + 1) - tot; 531 ASSERT3U(rm->rm_asize - asize, ==, rm->rm_nskip << unit_shift); 532 ASSERT3U(rm->rm_nskip, <=, nparity); 533 534 for (c = 0; c < rm->rm_firstdatacol; c++) 535 rm->rm_col[c].rc_data = zio_buf_alloc(rm->rm_col[c].rc_size); 536 537 rm->rm_col[c].rc_data = zio->io_data; 538 539 for (c = c + 1; c < acols; c++) 540 rm->rm_col[c].rc_data = (char *)rm->rm_col[c - 1].rc_data + 541 rm->rm_col[c - 1].rc_size; 542 543 /* 544 * If all data stored spans all columns, there's a danger that parity 545 * will always be on the same device and, since parity isn't read 546 * during normal operation, that that device's I/O bandwidth won't be 547 * used effectively. We therefore switch the parity every 1MB. 548 * 549 * ... at least that was, ostensibly, the theory. As a practical 550 * matter unless we juggle the parity between all devices evenly, we 551 * won't see any benefit. Further, occasional writes that aren't a 552 * multiple of the LCM of the number of children and the minimum 553 * stripe width are sufficient to avoid pessimal behavior. 554 * Unfortunately, this decision created an implicit on-disk format 555 * requirement that we need to support for all eternity, but only 556 * for single-parity RAID-Z. 557 * 558 * If we intend to skip a sector in the zeroth column for padding 559 * we must make sure to note this swap. We will never intend to 560 * skip the first column since at least one data and one parity 561 * column must appear in each row. 562 */ 563 ASSERT(rm->rm_cols >= 2); 564 ASSERT(rm->rm_col[0].rc_size == rm->rm_col[1].rc_size); 565 566 if (rm->rm_firstdatacol == 1 && (zio->io_offset & (1ULL << 20))) { 567 devidx = rm->rm_col[0].rc_devidx; 568 o = rm->rm_col[0].rc_offset; 569 rm->rm_col[0].rc_devidx = rm->rm_col[1].rc_devidx; 570 rm->rm_col[0].rc_offset = rm->rm_col[1].rc_offset; 571 rm->rm_col[1].rc_devidx = devidx; 572 rm->rm_col[1].rc_offset = o; 573 574 if (rm->rm_skipstart == 0) 575 rm->rm_skipstart = 1; 576 } 577 578 zio->io_vsd = rm; 579 zio->io_vsd_ops = &vdev_raidz_vsd_ops; 580 return (rm); 581 } 582 583 static void 584 vdev_raidz_generate_parity_p(raidz_map_t *rm) 585 { 586 uint64_t *p, *src, pcount, ccount, i; 587 int c; 588 589 pcount = rm->rm_col[VDEV_RAIDZ_P].rc_size / sizeof (src[0]); 590 591 for (c = rm->rm_firstdatacol; c < rm->rm_cols; c++) { 592 src = rm->rm_col[c].rc_data; 593 p = rm->rm_col[VDEV_RAIDZ_P].rc_data; 594 ccount = rm->rm_col[c].rc_size / sizeof (src[0]); 595 596 if (c == rm->rm_firstdatacol) { 597 ASSERT(ccount == pcount); 598 for (i = 0; i < ccount; i++, src++, p++) { 599 *p = *src; 600 } 601 } else { 602 ASSERT(ccount <= pcount); 603 for (i = 0; i < ccount; i++, src++, p++) { 604 *p ^= *src; 605 } 606 } 607 } 608 } 609 610 static void 611 vdev_raidz_generate_parity_pq(raidz_map_t *rm) 612 { 613 uint64_t *p, *q, *src, pcnt, ccnt, mask, i; 614 int c; 615 616 pcnt = rm->rm_col[VDEV_RAIDZ_P].rc_size / sizeof (src[0]); 617 ASSERT(rm->rm_col[VDEV_RAIDZ_P].rc_size == 618 rm->rm_col[VDEV_RAIDZ_Q].rc_size); 619 620 for (c = rm->rm_firstdatacol; c < rm->rm_cols; c++) { 621 src = rm->rm_col[c].rc_data; 622 p = rm->rm_col[VDEV_RAIDZ_P].rc_data; 623 q = rm->rm_col[VDEV_RAIDZ_Q].rc_data; 624 625 ccnt = rm->rm_col[c].rc_size / sizeof (src[0]); 626 627 if (c == rm->rm_firstdatacol) { 628 ASSERT(ccnt == pcnt || ccnt == 0); 629 for (i = 0; i < ccnt; i++, src++, p++, q++) { 630 *p = *src; 631 *q = *src; 632 } 633 for (; i < pcnt; i++, src++, p++, q++) { 634 *p = 0; 635 *q = 0; 636 } 637 } else { 638 ASSERT(ccnt <= pcnt); 639 640 /* 641 * Apply the algorithm described above by multiplying 642 * the previous result and adding in the new value. 643 */ 644 for (i = 0; i < ccnt; i++, src++, p++, q++) { 645 *p ^= *src; 646 647 VDEV_RAIDZ_64MUL_2(*q, mask); 648 *q ^= *src; 649 } 650 651 /* 652 * Treat short columns as though they are full of 0s. 653 * Note that there's therefore nothing needed for P. 654 */ 655 for (; i < pcnt; i++, q++) { 656 VDEV_RAIDZ_64MUL_2(*q, mask); 657 } 658 } 659 } 660 } 661 662 static void 663 vdev_raidz_generate_parity_pqr(raidz_map_t *rm) 664 { 665 uint64_t *p, *q, *r, *src, pcnt, ccnt, mask, i; 666 int c; 667 668 pcnt = rm->rm_col[VDEV_RAIDZ_P].rc_size / sizeof (src[0]); 669 ASSERT(rm->rm_col[VDEV_RAIDZ_P].rc_size == 670 rm->rm_col[VDEV_RAIDZ_Q].rc_size); 671 ASSERT(rm->rm_col[VDEV_RAIDZ_P].rc_size == 672 rm->rm_col[VDEV_RAIDZ_R].rc_size); 673 674 for (c = rm->rm_firstdatacol; c < rm->rm_cols; c++) { 675 src = rm->rm_col[c].rc_data; 676 p = rm->rm_col[VDEV_RAIDZ_P].rc_data; 677 q = rm->rm_col[VDEV_RAIDZ_Q].rc_data; 678 r = rm->rm_col[VDEV_RAIDZ_R].rc_data; 679 680 ccnt = rm->rm_col[c].rc_size / sizeof (src[0]); 681 682 if (c == rm->rm_firstdatacol) { 683 ASSERT(ccnt == pcnt || ccnt == 0); 684 for (i = 0; i < ccnt; i++, src++, p++, q++, r++) { 685 *p = *src; 686 *q = *src; 687 *r = *src; 688 } 689 for (; i < pcnt; i++, src++, p++, q++, r++) { 690 *p = 0; 691 *q = 0; 692 *r = 0; 693 } 694 } else { 695 ASSERT(ccnt <= pcnt); 696 697 /* 698 * Apply the algorithm described above by multiplying 699 * the previous result and adding in the new value. 700 */ 701 for (i = 0; i < ccnt; i++, src++, p++, q++, r++) { 702 *p ^= *src; 703 704 VDEV_RAIDZ_64MUL_2(*q, mask); 705 *q ^= *src; 706 707 VDEV_RAIDZ_64MUL_4(*r, mask); 708 *r ^= *src; 709 } 710 711 /* 712 * Treat short columns as though they are full of 0s. 713 * Note that there's therefore nothing needed for P. 714 */ 715 for (; i < pcnt; i++, q++, r++) { 716 VDEV_RAIDZ_64MUL_2(*q, mask); 717 VDEV_RAIDZ_64MUL_4(*r, mask); 718 } 719 } 720 } 721 } 722 723 /* 724 * Generate RAID parity in the first virtual columns according to the number of 725 * parity columns available. 726 */ 727 static void 728 vdev_raidz_generate_parity(raidz_map_t *rm) 729 { 730 switch (rm->rm_firstdatacol) { 731 case 1: 732 vdev_raidz_generate_parity_p(rm); 733 break; 734 case 2: 735 vdev_raidz_generate_parity_pq(rm); 736 break; 737 case 3: 738 vdev_raidz_generate_parity_pqr(rm); 739 break; 740 default: 741 cmn_err(CE_PANIC, "invalid RAID-Z configuration"); 742 } 743 } 744 745 static int 746 vdev_raidz_reconstruct_p(raidz_map_t *rm, int *tgts, int ntgts) 747 { 748 uint64_t *dst, *src, xcount, ccount, count, i; 749 int x = tgts[0]; 750 int c; 751 752 ASSERT(ntgts == 1); 753 ASSERT(x >= rm->rm_firstdatacol); 754 ASSERT(x < rm->rm_cols); 755 756 xcount = rm->rm_col[x].rc_size / sizeof (src[0]); 757 ASSERT(xcount <= rm->rm_col[VDEV_RAIDZ_P].rc_size / sizeof (src[0])); 758 ASSERT(xcount > 0); 759 760 src = rm->rm_col[VDEV_RAIDZ_P].rc_data; 761 dst = rm->rm_col[x].rc_data; 762 for (i = 0; i < xcount; i++, dst++, src++) { 763 *dst = *src; 764 } 765 766 for (c = rm->rm_firstdatacol; c < rm->rm_cols; c++) { 767 src = rm->rm_col[c].rc_data; 768 dst = rm->rm_col[x].rc_data; 769 770 if (c == x) 771 continue; 772 773 ccount = rm->rm_col[c].rc_size / sizeof (src[0]); 774 count = MIN(ccount, xcount); 775 776 for (i = 0; i < count; i++, dst++, src++) { 777 *dst ^= *src; 778 } 779 } 780 781 return (1 << VDEV_RAIDZ_P); 782 } 783 784 static int 785 vdev_raidz_reconstruct_q(raidz_map_t *rm, int *tgts, int ntgts) 786 { 787 uint64_t *dst, *src, xcount, ccount, count, mask, i; 788 uint8_t *b; 789 int x = tgts[0]; 790 int c, j, exp; 791 792 ASSERT(ntgts == 1); 793 794 xcount = rm->rm_col[x].rc_size / sizeof (src[0]); 795 ASSERT(xcount <= rm->rm_col[VDEV_RAIDZ_Q].rc_size / sizeof (src[0])); 796 797 for (c = rm->rm_firstdatacol; c < rm->rm_cols; c++) { 798 src = rm->rm_col[c].rc_data; 799 dst = rm->rm_col[x].rc_data; 800 801 if (c == x) 802 ccount = 0; 803 else 804 ccount = rm->rm_col[c].rc_size / sizeof (src[0]); 805 806 count = MIN(ccount, xcount); 807 808 if (c == rm->rm_firstdatacol) { 809 for (i = 0; i < count; i++, dst++, src++) { 810 *dst = *src; 811 } 812 for (; i < xcount; i++, dst++) { 813 *dst = 0; 814 } 815 816 } else { 817 for (i = 0; i < count; i++, dst++, src++) { 818 VDEV_RAIDZ_64MUL_2(*dst, mask); 819 *dst ^= *src; 820 } 821 822 for (; i < xcount; i++, dst++) { 823 VDEV_RAIDZ_64MUL_2(*dst, mask); 824 } 825 } 826 } 827 828 src = rm->rm_col[VDEV_RAIDZ_Q].rc_data; 829 dst = rm->rm_col[x].rc_data; 830 exp = 255 - (rm->rm_cols - 1 - x); 831 832 for (i = 0; i < xcount; i++, dst++, src++) { 833 *dst ^= *src; 834 for (j = 0, b = (uint8_t *)dst; j < 8; j++, b++) { 835 *b = vdev_raidz_exp2(*b, exp); 836 } 837 } 838 839 return (1 << VDEV_RAIDZ_Q); 840 } 841 842 static int 843 vdev_raidz_reconstruct_pq(raidz_map_t *rm, int *tgts, int ntgts) 844 { 845 uint8_t *p, *q, *pxy, *qxy, *xd, *yd, tmp, a, b, aexp, bexp; 846 void *pdata, *qdata; 847 uint64_t xsize, ysize, i; 848 int x = tgts[0]; 849 int y = tgts[1]; 850 851 ASSERT(ntgts == 2); 852 ASSERT(x < y); 853 ASSERT(x >= rm->rm_firstdatacol); 854 ASSERT(y < rm->rm_cols); 855 856 ASSERT(rm->rm_col[x].rc_size >= rm->rm_col[y].rc_size); 857 858 /* 859 * Move the parity data aside -- we're going to compute parity as 860 * though columns x and y were full of zeros -- Pxy and Qxy. We want to 861 * reuse the parity generation mechanism without trashing the actual 862 * parity so we make those columns appear to be full of zeros by 863 * setting their lengths to zero. 864 */ 865 pdata = rm->rm_col[VDEV_RAIDZ_P].rc_data; 866 qdata = rm->rm_col[VDEV_RAIDZ_Q].rc_data; 867 xsize = rm->rm_col[x].rc_size; 868 ysize = rm->rm_col[y].rc_size; 869 870 rm->rm_col[VDEV_RAIDZ_P].rc_data = 871 zio_buf_alloc(rm->rm_col[VDEV_RAIDZ_P].rc_size); 872 rm->rm_col[VDEV_RAIDZ_Q].rc_data = 873 zio_buf_alloc(rm->rm_col[VDEV_RAIDZ_Q].rc_size); 874 rm->rm_col[x].rc_size = 0; 875 rm->rm_col[y].rc_size = 0; 876 877 vdev_raidz_generate_parity_pq(rm); 878 879 rm->rm_col[x].rc_size = xsize; 880 rm->rm_col[y].rc_size = ysize; 881 882 p = pdata; 883 q = qdata; 884 pxy = rm->rm_col[VDEV_RAIDZ_P].rc_data; 885 qxy = rm->rm_col[VDEV_RAIDZ_Q].rc_data; 886 xd = rm->rm_col[x].rc_data; 887 yd = rm->rm_col[y].rc_data; 888 889 /* 890 * We now have: 891 * Pxy = P + D_x + D_y 892 * Qxy = Q + 2^(ndevs - 1 - x) * D_x + 2^(ndevs - 1 - y) * D_y 893 * 894 * We can then solve for D_x: 895 * D_x = A * (P + Pxy) + B * (Q + Qxy) 896 * where 897 * A = 2^(x - y) * (2^(x - y) + 1)^-1 898 * B = 2^(ndevs - 1 - x) * (2^(x - y) + 1)^-1 899 * 900 * With D_x in hand, we can easily solve for D_y: 901 * D_y = P + Pxy + D_x 902 */ 903 904 a = vdev_raidz_pow2[255 + x - y]; 905 b = vdev_raidz_pow2[255 - (rm->rm_cols - 1 - x)]; 906 tmp = 255 - vdev_raidz_log2[a ^ 1]; 907 908 aexp = vdev_raidz_log2[vdev_raidz_exp2(a, tmp)]; 909 bexp = vdev_raidz_log2[vdev_raidz_exp2(b, tmp)]; 910 911 for (i = 0; i < xsize; i++, p++, q++, pxy++, qxy++, xd++, yd++) { 912 *xd = vdev_raidz_exp2(*p ^ *pxy, aexp) ^ 913 vdev_raidz_exp2(*q ^ *qxy, bexp); 914 915 if (i < ysize) 916 *yd = *p ^ *pxy ^ *xd; 917 } 918 919 zio_buf_free(rm->rm_col[VDEV_RAIDZ_P].rc_data, 920 rm->rm_col[VDEV_RAIDZ_P].rc_size); 921 zio_buf_free(rm->rm_col[VDEV_RAIDZ_Q].rc_data, 922 rm->rm_col[VDEV_RAIDZ_Q].rc_size); 923 924 /* 925 * Restore the saved parity data. 926 */ 927 rm->rm_col[VDEV_RAIDZ_P].rc_data = pdata; 928 rm->rm_col[VDEV_RAIDZ_Q].rc_data = qdata; 929 930 return ((1 << VDEV_RAIDZ_P) | (1 << VDEV_RAIDZ_Q)); 931 } 932 933 /* BEGIN CSTYLED */ 934 /* 935 * In the general case of reconstruction, we must solve the system of linear 936 * equations defined by the coeffecients used to generate parity as well as 937 * the contents of the data and parity disks. This can be expressed with 938 * vectors for the original data (D) and the actual data (d) and parity (p) 939 * and a matrix composed of the identity matrix (I) and a dispersal matrix (V): 940 * 941 * __ __ __ __ 942 * | | __ __ | p_0 | 943 * | V | | D_0 | | p_m-1 | 944 * | | x | : | = | d_0 | 945 * | I | | D_n-1 | | : | 946 * | | ~~ ~~ | d_n-1 | 947 * ~~ ~~ ~~ ~~ 948 * 949 * I is simply a square identity matrix of size n, and V is a vandermonde 950 * matrix defined by the coeffecients we chose for the various parity columns 951 * (1, 2, 4). Note that these values were chosen both for simplicity, speedy 952 * computation as well as linear separability. 953 * 954 * __ __ __ __ 955 * | 1 .. 1 1 1 | | p_0 | 956 * | 2^n-1 .. 4 2 1 | __ __ | : | 957 * | 4^n-1 .. 16 4 1 | | D_0 | | p_m-1 | 958 * | 1 .. 0 0 0 | | D_1 | | d_0 | 959 * | 0 .. 0 0 0 | x | D_2 | = | d_1 | 960 * | : : : : | | : | | d_2 | 961 * | 0 .. 1 0 0 | | D_n-1 | | : | 962 * | 0 .. 0 1 0 | ~~ ~~ | : | 963 * | 0 .. 0 0 1 | | d_n-1 | 964 * ~~ ~~ ~~ ~~ 965 * 966 * Note that I, V, d, and p are known. To compute D, we must invert the 967 * matrix and use the known data and parity values to reconstruct the unknown 968 * data values. We begin by removing the rows in V|I and d|p that correspond 969 * to failed or missing columns; we then make V|I square (n x n) and d|p 970 * sized n by removing rows corresponding to unused parity from the bottom up 971 * to generate (V|I)' and (d|p)'. We can then generate the inverse of (V|I)' 972 * using Gauss-Jordan elimination. In the example below we use m=3 parity 973 * columns, n=8 data columns, with errors in d_1, d_2, and p_1: 974 * __ __ 975 * | 1 1 1 1 1 1 1 1 | 976 * | 128 64 32 16 8 4 2 1 | <-----+-+-- missing disks 977 * | 19 205 116 29 64 16 4 1 | / / 978 * | 1 0 0 0 0 0 0 0 | / / 979 * | 0 1 0 0 0 0 0 0 | <--' / 980 * (V|I) = | 0 0 1 0 0 0 0 0 | <---' 981 * | 0 0 0 1 0 0 0 0 | 982 * | 0 0 0 0 1 0 0 0 | 983 * | 0 0 0 0 0 1 0 0 | 984 * | 0 0 0 0 0 0 1 0 | 985 * | 0 0 0 0 0 0 0 1 | 986 * ~~ ~~ 987 * __ __ 988 * | 1 1 1 1 1 1 1 1 | 989 * | 128 64 32 16 8 4 2 1 | 990 * | 19 205 116 29 64 16 4 1 | 991 * | 1 0 0 0 0 0 0 0 | 992 * | 0 1 0 0 0 0 0 0 | 993 * (V|I)' = | 0 0 1 0 0 0 0 0 | 994 * | 0 0 0 1 0 0 0 0 | 995 * | 0 0 0 0 1 0 0 0 | 996 * | 0 0 0 0 0 1 0 0 | 997 * | 0 0 0 0 0 0 1 0 | 998 * | 0 0 0 0 0 0 0 1 | 999 * ~~ ~~ 1000 * 1001 * Here we employ Gauss-Jordan elimination to find the inverse of (V|I)'. We 1002 * have carefully chosen the seed values 1, 2, and 4 to ensure that this 1003 * matrix is not singular. 1004 * __ __ 1005 * | 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 | 1006 * | 19 205 116 29 64 16 4 1 0 1 0 0 0 0 0 0 | 1007 * | 1 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 | 1008 * | 0 0 0 1 0 0 0 0 0 0 0 1 0 0 0 0 | 1009 * | 0 0 0 0 1 0 0 0 0 0 0 0 1 0 0 0 | 1010 * | 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 0 | 1011 * | 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 | 1012 * | 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 | 1013 * ~~ ~~ 1014 * __ __ 1015 * | 1 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 | 1016 * | 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 | 1017 * | 19 205 116 29 64 16 4 1 0 1 0 0 0 0 0 0 | 1018 * | 0 0 0 1 0 0 0 0 0 0 0 1 0 0 0 0 | 1019 * | 0 0 0 0 1 0 0 0 0 0 0 0 1 0 0 0 | 1020 * | 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 0 | 1021 * | 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 | 1022 * | 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 | 1023 * ~~ ~~ 1024 * __ __ 1025 * | 1 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 | 1026 * | 0 1 1 0 0 0 0 0 1 0 1 1 1 1 1 1 | 1027 * | 0 205 116 0 0 0 0 0 0 1 19 29 64 16 4 1 | 1028 * | 0 0 0 1 0 0 0 0 0 0 0 1 0 0 0 0 | 1029 * | 0 0 0 0 1 0 0 0 0 0 0 0 1 0 0 0 | 1030 * | 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 0 | 1031 * | 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 | 1032 * | 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 | 1033 * ~~ ~~ 1034 * __ __ 1035 * | 1 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 | 1036 * | 0 1 1 0 0 0 0 0 1 0 1 1 1 1 1 1 | 1037 * | 0 0 185 0 0 0 0 0 205 1 222 208 141 221 201 204 | 1038 * | 0 0 0 1 0 0 0 0 0 0 0 1 0 0 0 0 | 1039 * | 0 0 0 0 1 0 0 0 0 0 0 0 1 0 0 0 | 1040 * | 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 0 | 1041 * | 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 | 1042 * | 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 | 1043 * ~~ ~~ 1044 * __ __ 1045 * | 1 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 | 1046 * | 0 1 1 0 0 0 0 0 1 0 1 1 1 1 1 1 | 1047 * | 0 0 1 0 0 0 0 0 166 100 4 40 158 168 216 209 | 1048 * | 0 0 0 1 0 0 0 0 0 0 0 1 0 0 0 0 | 1049 * | 0 0 0 0 1 0 0 0 0 0 0 0 1 0 0 0 | 1050 * | 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 0 | 1051 * | 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 | 1052 * | 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 | 1053 * ~~ ~~ 1054 * __ __ 1055 * | 1 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 | 1056 * | 0 1 0 0 0 0 0 0 167 100 5 41 159 169 217 208 | 1057 * | 0 0 1 0 0 0 0 0 166 100 4 40 158 168 216 209 | 1058 * | 0 0 0 1 0 0 0 0 0 0 0 1 0 0 0 0 | 1059 * | 0 0 0 0 1 0 0 0 0 0 0 0 1 0 0 0 | 1060 * | 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 0 | 1061 * | 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 | 1062 * | 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 | 1063 * ~~ ~~ 1064 * __ __ 1065 * | 0 0 1 0 0 0 0 0 | 1066 * | 167 100 5 41 159 169 217 208 | 1067 * | 166 100 4 40 158 168 216 209 | 1068 * (V|I)'^-1 = | 0 0 0 1 0 0 0 0 | 1069 * | 0 0 0 0 1 0 0 0 | 1070 * | 0 0 0 0 0 1 0 0 | 1071 * | 0 0 0 0 0 0 1 0 | 1072 * | 0 0 0 0 0 0 0 1 | 1073 * ~~ ~~ 1074 * 1075 * We can then simply compute D = (V|I)'^-1 x (d|p)' to discover the values 1076 * of the missing data. 1077 * 1078 * As is apparent from the example above, the only non-trivial rows in the 1079 * inverse matrix correspond to the data disks that we're trying to 1080 * reconstruct. Indeed, those are the only rows we need as the others would 1081 * only be useful for reconstructing data known or assumed to be valid. For 1082 * that reason, we only build the coefficients in the rows that correspond to 1083 * targeted columns. 1084 */ 1085 /* END CSTYLED */ 1086 1087 static void 1088 vdev_raidz_matrix_init(raidz_map_t *rm, int n, int nmap, int *map, 1089 uint8_t **rows) 1090 { 1091 int i, j; 1092 int pow; 1093 1094 ASSERT(n == rm->rm_cols - rm->rm_firstdatacol); 1095 1096 /* 1097 * Fill in the missing rows of interest. 1098 */ 1099 for (i = 0; i < nmap; i++) { 1100 ASSERT3S(0, <=, map[i]); 1101 ASSERT3S(map[i], <=, 2); 1102 1103 pow = map[i] * n; 1104 if (pow > 255) 1105 pow -= 255; 1106 ASSERT(pow <= 255); 1107 1108 for (j = 0; j < n; j++) { 1109 pow -= map[i]; 1110 if (pow < 0) 1111 pow += 255; 1112 rows[i][j] = vdev_raidz_pow2[pow]; 1113 } 1114 } 1115 } 1116 1117 static void 1118 vdev_raidz_matrix_invert(raidz_map_t *rm, int n, int nmissing, int *missing, 1119 uint8_t **rows, uint8_t **invrows, const uint8_t *used) 1120 { 1121 int i, j, ii, jj; 1122 uint8_t log; 1123 1124 /* 1125 * Assert that the first nmissing entries from the array of used 1126 * columns correspond to parity columns and that subsequent entries 1127 * correspond to data columns. 1128 */ 1129 for (i = 0; i < nmissing; i++) { 1130 ASSERT3S(used[i], <, rm->rm_firstdatacol); 1131 } 1132 for (; i < n; i++) { 1133 ASSERT3S(used[i], >=, rm->rm_firstdatacol); 1134 } 1135 1136 /* 1137 * First initialize the storage where we'll compute the inverse rows. 1138 */ 1139 for (i = 0; i < nmissing; i++) { 1140 for (j = 0; j < n; j++) { 1141 invrows[i][j] = (i == j) ? 1 : 0; 1142 } 1143 } 1144 1145 /* 1146 * Subtract all trivial rows from the rows of consequence. 1147 */ 1148 for (i = 0; i < nmissing; i++) { 1149 for (j = nmissing; j < n; j++) { 1150 ASSERT3U(used[j], >=, rm->rm_firstdatacol); 1151 jj = used[j] - rm->rm_firstdatacol; 1152 ASSERT3S(jj, <, n); 1153 invrows[i][j] = rows[i][jj]; 1154 rows[i][jj] = 0; 1155 } 1156 } 1157 1158 /* 1159 * For each of the rows of interest, we must normalize it and subtract 1160 * a multiple of it from the other rows. 1161 */ 1162 for (i = 0; i < nmissing; i++) { 1163 for (j = 0; j < missing[i]; j++) { 1164 ASSERT0(rows[i][j]); 1165 } 1166 ASSERT3U(rows[i][missing[i]], !=, 0); 1167 1168 /* 1169 * Compute the inverse of the first element and multiply each 1170 * element in the row by that value. 1171 */ 1172 log = 255 - vdev_raidz_log2[rows[i][missing[i]]]; 1173 1174 for (j = 0; j < n; j++) { 1175 rows[i][j] = vdev_raidz_exp2(rows[i][j], log); 1176 invrows[i][j] = vdev_raidz_exp2(invrows[i][j], log); 1177 } 1178 1179 for (ii = 0; ii < nmissing; ii++) { 1180 if (i == ii) 1181 continue; 1182 1183 ASSERT3U(rows[ii][missing[i]], !=, 0); 1184 1185 log = vdev_raidz_log2[rows[ii][missing[i]]]; 1186 1187 for (j = 0; j < n; j++) { 1188 rows[ii][j] ^= 1189 vdev_raidz_exp2(rows[i][j], log); 1190 invrows[ii][j] ^= 1191 vdev_raidz_exp2(invrows[i][j], log); 1192 } 1193 } 1194 } 1195 1196 /* 1197 * Verify that the data that is left in the rows are properly part of 1198 * an identity matrix. 1199 */ 1200 for (i = 0; i < nmissing; i++) { 1201 for (j = 0; j < n; j++) { 1202 if (j == missing[i]) { 1203 ASSERT3U(rows[i][j], ==, 1); 1204 } else { 1205 ASSERT0(rows[i][j]); 1206 } 1207 } 1208 } 1209 } 1210 1211 static void 1212 vdev_raidz_matrix_reconstruct(raidz_map_t *rm, int n, int nmissing, 1213 int *missing, uint8_t **invrows, const uint8_t *used) 1214 { 1215 int i, j, x, cc, c; 1216 uint8_t *src; 1217 uint64_t ccount; 1218 uint8_t *dst[VDEV_RAIDZ_MAXPARITY]; 1219 uint64_t dcount[VDEV_RAIDZ_MAXPARITY]; 1220 uint8_t log = 0; 1221 uint8_t val; 1222 int ll; 1223 uint8_t *invlog[VDEV_RAIDZ_MAXPARITY]; 1224 uint8_t *p, *pp; 1225 size_t psize; 1226 1227 psize = sizeof (invlog[0][0]) * n * nmissing; 1228 p = kmem_alloc(psize, KM_SLEEP); 1229 1230 for (pp = p, i = 0; i < nmissing; i++) { 1231 invlog[i] = pp; 1232 pp += n; 1233 } 1234 1235 for (i = 0; i < nmissing; i++) { 1236 for (j = 0; j < n; j++) { 1237 ASSERT3U(invrows[i][j], !=, 0); 1238 invlog[i][j] = vdev_raidz_log2[invrows[i][j]]; 1239 } 1240 } 1241 1242 for (i = 0; i < n; i++) { 1243 c = used[i]; 1244 ASSERT3U(c, <, rm->rm_cols); 1245 1246 src = rm->rm_col[c].rc_data; 1247 ccount = rm->rm_col[c].rc_size; 1248 for (j = 0; j < nmissing; j++) { 1249 cc = missing[j] + rm->rm_firstdatacol; 1250 ASSERT3U(cc, >=, rm->rm_firstdatacol); 1251 ASSERT3U(cc, <, rm->rm_cols); 1252 ASSERT3U(cc, !=, c); 1253 1254 dst[j] = rm->rm_col[cc].rc_data; 1255 dcount[j] = rm->rm_col[cc].rc_size; 1256 } 1257 1258 ASSERT(ccount >= rm->rm_col[missing[0]].rc_size || i > 0); 1259 1260 for (x = 0; x < ccount; x++, src++) { 1261 if (*src != 0) 1262 log = vdev_raidz_log2[*src]; 1263 1264 for (cc = 0; cc < nmissing; cc++) { 1265 if (x >= dcount[cc]) 1266 continue; 1267 1268 if (*src == 0) { 1269 val = 0; 1270 } else { 1271 if ((ll = log + invlog[cc][i]) >= 255) 1272 ll -= 255; 1273 val = vdev_raidz_pow2[ll]; 1274 } 1275 1276 if (i == 0) 1277 dst[cc][x] = val; 1278 else 1279 dst[cc][x] ^= val; 1280 } 1281 } 1282 } 1283 1284 kmem_free(p, psize); 1285 } 1286 1287 static int 1288 vdev_raidz_reconstruct_general(raidz_map_t *rm, int *tgts, int ntgts) 1289 { 1290 int n, i, c, t, tt; 1291 int nmissing_rows; 1292 int missing_rows[VDEV_RAIDZ_MAXPARITY]; 1293 int parity_map[VDEV_RAIDZ_MAXPARITY]; 1294 1295 uint8_t *p, *pp; 1296 size_t psize; 1297 1298 uint8_t *rows[VDEV_RAIDZ_MAXPARITY]; 1299 uint8_t *invrows[VDEV_RAIDZ_MAXPARITY]; 1300 uint8_t *used; 1301 1302 int code = 0; 1303 1304 1305 n = rm->rm_cols - rm->rm_firstdatacol; 1306 1307 /* 1308 * Figure out which data columns are missing. 1309 */ 1310 nmissing_rows = 0; 1311 for (t = 0; t < ntgts; t++) { 1312 if (tgts[t] >= rm->rm_firstdatacol) { 1313 missing_rows[nmissing_rows++] = 1314 tgts[t] - rm->rm_firstdatacol; 1315 } 1316 } 1317 1318 /* 1319 * Figure out which parity columns to use to help generate the missing 1320 * data columns. 1321 */ 1322 for (tt = 0, c = 0, i = 0; i < nmissing_rows; c++) { 1323 ASSERT(tt < ntgts); 1324 ASSERT(c < rm->rm_firstdatacol); 1325 1326 /* 1327 * Skip any targeted parity columns. 1328 */ 1329 if (c == tgts[tt]) { 1330 tt++; 1331 continue; 1332 } 1333 1334 code |= 1 << c; 1335 1336 parity_map[i] = c; 1337 i++; 1338 } 1339 1340 ASSERT(code != 0); 1341 ASSERT3U(code, <, 1 << VDEV_RAIDZ_MAXPARITY); 1342 1343 psize = (sizeof (rows[0][0]) + sizeof (invrows[0][0])) * 1344 nmissing_rows * n + sizeof (used[0]) * n; 1345 p = kmem_alloc(psize, KM_SLEEP); 1346 1347 for (pp = p, i = 0; i < nmissing_rows; i++) { 1348 rows[i] = pp; 1349 pp += n; 1350 invrows[i] = pp; 1351 pp += n; 1352 } 1353 used = pp; 1354 1355 for (i = 0; i < nmissing_rows; i++) { 1356 used[i] = parity_map[i]; 1357 } 1358 1359 for (tt = 0, c = rm->rm_firstdatacol; c < rm->rm_cols; c++) { 1360 if (tt < nmissing_rows && 1361 c == missing_rows[tt] + rm->rm_firstdatacol) { 1362 tt++; 1363 continue; 1364 } 1365 1366 ASSERT3S(i, <, n); 1367 used[i] = c; 1368 i++; 1369 } 1370 1371 /* 1372 * Initialize the interesting rows of the matrix. 1373 */ 1374 vdev_raidz_matrix_init(rm, n, nmissing_rows, parity_map, rows); 1375 1376 /* 1377 * Invert the matrix. 1378 */ 1379 vdev_raidz_matrix_invert(rm, n, nmissing_rows, missing_rows, rows, 1380 invrows, used); 1381 1382 /* 1383 * Reconstruct the missing data using the generated matrix. 1384 */ 1385 vdev_raidz_matrix_reconstruct(rm, n, nmissing_rows, missing_rows, 1386 invrows, used); 1387 1388 kmem_free(p, psize); 1389 1390 return (code); 1391 } 1392 1393 static int 1394 vdev_raidz_reconstruct(raidz_map_t *rm, int *t, int nt) 1395 { 1396 int tgts[VDEV_RAIDZ_MAXPARITY], *dt; 1397 int ntgts; 1398 int i, c; 1399 int code; 1400 int nbadparity, nbaddata; 1401 int parity_valid[VDEV_RAIDZ_MAXPARITY]; 1402 1403 /* 1404 * The tgts list must already be sorted. 1405 */ 1406 for (i = 1; i < nt; i++) { 1407 ASSERT(t[i] > t[i - 1]); 1408 } 1409 1410 nbadparity = rm->rm_firstdatacol; 1411 nbaddata = rm->rm_cols - nbadparity; 1412 ntgts = 0; 1413 for (i = 0, c = 0; c < rm->rm_cols; c++) { 1414 if (c < rm->rm_firstdatacol) 1415 parity_valid[c] = B_FALSE; 1416 1417 if (i < nt && c == t[i]) { 1418 tgts[ntgts++] = c; 1419 i++; 1420 } else if (rm->rm_col[c].rc_error != 0) { 1421 tgts[ntgts++] = c; 1422 } else if (c >= rm->rm_firstdatacol) { 1423 nbaddata--; 1424 } else { 1425 parity_valid[c] = B_TRUE; 1426 nbadparity--; 1427 } 1428 } 1429 1430 ASSERT(ntgts >= nt); 1431 ASSERT(nbaddata >= 0); 1432 ASSERT(nbaddata + nbadparity == ntgts); 1433 1434 dt = &tgts[nbadparity]; 1435 1436 /* 1437 * See if we can use any of our optimized reconstruction routines. 1438 */ 1439 if (!vdev_raidz_default_to_general) { 1440 switch (nbaddata) { 1441 case 1: 1442 if (parity_valid[VDEV_RAIDZ_P]) 1443 return (vdev_raidz_reconstruct_p(rm, dt, 1)); 1444 1445 ASSERT(rm->rm_firstdatacol > 1); 1446 1447 if (parity_valid[VDEV_RAIDZ_Q]) 1448 return (vdev_raidz_reconstruct_q(rm, dt, 1)); 1449 1450 ASSERT(rm->rm_firstdatacol > 2); 1451 break; 1452 1453 case 2: 1454 ASSERT(rm->rm_firstdatacol > 1); 1455 1456 if (parity_valid[VDEV_RAIDZ_P] && 1457 parity_valid[VDEV_RAIDZ_Q]) 1458 return (vdev_raidz_reconstruct_pq(rm, dt, 2)); 1459 1460 ASSERT(rm->rm_firstdatacol > 2); 1461 1462 break; 1463 } 1464 } 1465 1466 code = vdev_raidz_reconstruct_general(rm, tgts, ntgts); 1467 ASSERT(code < (1 << VDEV_RAIDZ_MAXPARITY)); 1468 ASSERT(code > 0); 1469 return (code); 1470 } 1471 1472 static int 1473 vdev_raidz_open(vdev_t *vd, uint64_t *asize, uint64_t *max_asize, 1474 uint64_t *ashift) 1475 { 1476 vdev_t *cvd; 1477 uint64_t nparity = vd->vdev_nparity; 1478 int c; 1479 int lasterror = 0; 1480 int numerrors = 0; 1481 1482 ASSERT(nparity > 0); 1483 1484 if (nparity > VDEV_RAIDZ_MAXPARITY || 1485 vd->vdev_children < nparity + 1) { 1486 vd->vdev_stat.vs_aux = VDEV_AUX_BAD_LABEL; 1487 return (SET_ERROR(EINVAL)); 1488 } 1489 1490 vdev_open_children(vd); 1491 1492 for (c = 0; c < vd->vdev_children; c++) { 1493 cvd = vd->vdev_child[c]; 1494 1495 if (cvd->vdev_open_error != 0) { 1496 lasterror = cvd->vdev_open_error; 1497 numerrors++; 1498 continue; 1499 } 1500 1501 *asize = MIN(*asize - 1, cvd->vdev_asize - 1) + 1; 1502 *max_asize = MIN(*max_asize - 1, cvd->vdev_max_asize - 1) + 1; 1503 *ashift = MAX(*ashift, cvd->vdev_ashift); 1504 } 1505 1506 *asize *= vd->vdev_children; 1507 *max_asize *= vd->vdev_children; 1508 1509 if (numerrors > nparity) { 1510 vd->vdev_stat.vs_aux = VDEV_AUX_NO_REPLICAS; 1511 return (lasterror); 1512 } 1513 1514 return (0); 1515 } 1516 1517 static void 1518 vdev_raidz_close(vdev_t *vd) 1519 { 1520 int c; 1521 1522 for (c = 0; c < vd->vdev_children; c++) 1523 vdev_close(vd->vdev_child[c]); 1524 } 1525 1526 static uint64_t 1527 vdev_raidz_asize(vdev_t *vd, uint64_t psize) 1528 { 1529 uint64_t asize; 1530 uint64_t ashift = vd->vdev_top->vdev_ashift; 1531 uint64_t cols = vd->vdev_children; 1532 uint64_t nparity = vd->vdev_nparity; 1533 1534 asize = ((psize - 1) >> ashift) + 1; 1535 asize += nparity * ((asize + cols - nparity - 1) / (cols - nparity)); 1536 asize = roundup(asize, nparity + 1) << ashift; 1537 1538 return (asize); 1539 } 1540 1541 static void 1542 vdev_raidz_child_done(zio_t *zio) 1543 { 1544 raidz_col_t *rc = zio->io_private; 1545 1546 rc->rc_error = zio->io_error; 1547 rc->rc_tried = 1; 1548 rc->rc_skipped = 0; 1549 } 1550 1551 /* 1552 * Start an IO operation on a RAIDZ VDev 1553 * 1554 * Outline: 1555 * - For write operations: 1556 * 1. Generate the parity data 1557 * 2. Create child zio write operations to each column's vdev, for both 1558 * data and parity. 1559 * 3. If the column skips any sectors for padding, create optional dummy 1560 * write zio children for those areas to improve aggregation continuity. 1561 * - For read operations: 1562 * 1. Create child zio read operations to each data column's vdev to read 1563 * the range of data required for zio. 1564 * 2. If this is a scrub or resilver operation, or if any of the data 1565 * vdevs have had errors, then create zio read operations to the parity 1566 * columns' VDevs as well. 1567 */ 1568 static int 1569 vdev_raidz_io_start(zio_t *zio) 1570 { 1571 vdev_t *vd = zio->io_vd; 1572 vdev_t *tvd = vd->vdev_top; 1573 vdev_t *cvd; 1574 raidz_map_t *rm; 1575 raidz_col_t *rc; 1576 int c, i; 1577 1578 rm = vdev_raidz_map_alloc(zio, tvd->vdev_ashift, vd->vdev_children, 1579 vd->vdev_nparity); 1580 1581 ASSERT3U(rm->rm_asize, ==, vdev_psize_to_asize(vd, zio->io_size)); 1582 1583 if (zio->io_type == ZIO_TYPE_WRITE) { 1584 vdev_raidz_generate_parity(rm); 1585 1586 for (c = 0; c < rm->rm_cols; c++) { 1587 rc = &rm->rm_col[c]; 1588 cvd = vd->vdev_child[rc->rc_devidx]; 1589 zio_nowait(zio_vdev_child_io(zio, NULL, cvd, 1590 rc->rc_offset, rc->rc_data, rc->rc_size, 1591 zio->io_type, zio->io_priority, 0, 1592 vdev_raidz_child_done, rc)); 1593 } 1594 1595 /* 1596 * Generate optional I/Os for any skipped sectors to improve 1597 * aggregation contiguity. 1598 */ 1599 for (c = rm->rm_skipstart, i = 0; i < rm->rm_nskip; c++, i++) { 1600 ASSERT(c <= rm->rm_scols); 1601 if (c == rm->rm_scols) 1602 c = 0; 1603 rc = &rm->rm_col[c]; 1604 cvd = vd->vdev_child[rc->rc_devidx]; 1605 zio_nowait(zio_vdev_child_io(zio, NULL, cvd, 1606 rc->rc_offset + rc->rc_size, NULL, 1607 1 << tvd->vdev_ashift, 1608 zio->io_type, zio->io_priority, 1609 ZIO_FLAG_NODATA | ZIO_FLAG_OPTIONAL, NULL, NULL)); 1610 } 1611 1612 return (ZIO_PIPELINE_CONTINUE); 1613 } 1614 1615 ASSERT(zio->io_type == ZIO_TYPE_READ); 1616 1617 /* 1618 * Iterate over the columns in reverse order so that we hit the parity 1619 * last -- any errors along the way will force us to read the parity. 1620 */ 1621 for (c = rm->rm_cols - 1; c >= 0; c--) { 1622 rc = &rm->rm_col[c]; 1623 cvd = vd->vdev_child[rc->rc_devidx]; 1624 if (!vdev_readable(cvd)) { 1625 if (c >= rm->rm_firstdatacol) 1626 rm->rm_missingdata++; 1627 else 1628 rm->rm_missingparity++; 1629 rc->rc_error = SET_ERROR(ENXIO); 1630 rc->rc_tried = 1; /* don't even try */ 1631 rc->rc_skipped = 1; 1632 continue; 1633 } 1634 if (vdev_dtl_contains(cvd, DTL_MISSING, zio->io_txg, 1)) { 1635 if (c >= rm->rm_firstdatacol) 1636 rm->rm_missingdata++; 1637 else 1638 rm->rm_missingparity++; 1639 rc->rc_error = SET_ERROR(ESTALE); 1640 rc->rc_skipped = 1; 1641 continue; 1642 } 1643 if (c >= rm->rm_firstdatacol || rm->rm_missingdata > 0 || 1644 (zio->io_flags & (ZIO_FLAG_SCRUB | ZIO_FLAG_RESILVER))) { 1645 zio_nowait(zio_vdev_child_io(zio, NULL, cvd, 1646 rc->rc_offset, rc->rc_data, rc->rc_size, 1647 zio->io_type, zio->io_priority, 0, 1648 vdev_raidz_child_done, rc)); 1649 } 1650 } 1651 1652 return (ZIO_PIPELINE_CONTINUE); 1653 } 1654 1655 1656 /* 1657 * Report a checksum error for a child of a RAID-Z device. 1658 */ 1659 static void 1660 raidz_checksum_error(zio_t *zio, raidz_col_t *rc, void *bad_data) 1661 { 1662 vdev_t *vd = zio->io_vd->vdev_child[rc->rc_devidx]; 1663 1664 if (!(zio->io_flags & ZIO_FLAG_SPECULATIVE)) { 1665 zio_bad_cksum_t zbc; 1666 raidz_map_t *rm = zio->io_vsd; 1667 1668 mutex_enter(&vd->vdev_stat_lock); 1669 vd->vdev_stat.vs_checksum_errors++; 1670 mutex_exit(&vd->vdev_stat_lock); 1671 1672 zbc.zbc_has_cksum = 0; 1673 zbc.zbc_injected = rm->rm_ecksuminjected; 1674 1675 zfs_ereport_post_checksum(zio->io_spa, vd, zio, 1676 rc->rc_offset, rc->rc_size, rc->rc_data, bad_data, 1677 &zbc); 1678 } 1679 } 1680 1681 /* 1682 * We keep track of whether or not there were any injected errors, so that 1683 * any ereports we generate can note it. 1684 */ 1685 static int 1686 raidz_checksum_verify(zio_t *zio) 1687 { 1688 zio_bad_cksum_t zbc; 1689 raidz_map_t *rm = zio->io_vsd; 1690 1691 int ret = zio_checksum_error(zio, &zbc); 1692 if (ret != 0 && zbc.zbc_injected != 0) 1693 rm->rm_ecksuminjected = 1; 1694 1695 return (ret); 1696 } 1697 1698 /* 1699 * Generate the parity from the data columns. If we tried and were able to 1700 * read the parity without error, verify that the generated parity matches the 1701 * data we read. If it doesn't, we fire off a checksum error. Return the 1702 * number such failures. 1703 */ 1704 static int 1705 raidz_parity_verify(zio_t *zio, raidz_map_t *rm) 1706 { 1707 void *orig[VDEV_RAIDZ_MAXPARITY]; 1708 int c, ret = 0; 1709 raidz_col_t *rc; 1710 1711 for (c = 0; c < rm->rm_firstdatacol; c++) { 1712 rc = &rm->rm_col[c]; 1713 if (!rc->rc_tried || rc->rc_error != 0) 1714 continue; 1715 orig[c] = zio_buf_alloc(rc->rc_size); 1716 bcopy(rc->rc_data, orig[c], rc->rc_size); 1717 } 1718 1719 vdev_raidz_generate_parity(rm); 1720 1721 for (c = 0; c < rm->rm_firstdatacol; c++) { 1722 rc = &rm->rm_col[c]; 1723 if (!rc->rc_tried || rc->rc_error != 0) 1724 continue; 1725 if (bcmp(orig[c], rc->rc_data, rc->rc_size) != 0) { 1726 raidz_checksum_error(zio, rc, orig[c]); 1727 rc->rc_error = SET_ERROR(ECKSUM); 1728 ret++; 1729 } 1730 zio_buf_free(orig[c], rc->rc_size); 1731 } 1732 1733 return (ret); 1734 } 1735 1736 /* 1737 * Keep statistics on all the ways that we used parity to correct data. 1738 */ 1739 static uint64_t raidz_corrected[1 << VDEV_RAIDZ_MAXPARITY]; 1740 1741 static int 1742 vdev_raidz_worst_error(raidz_map_t *rm) 1743 { 1744 int error = 0; 1745 1746 for (int c = 0; c < rm->rm_cols; c++) 1747 error = zio_worst_error(error, rm->rm_col[c].rc_error); 1748 1749 return (error); 1750 } 1751 1752 /* 1753 * Iterate over all combinations of bad data and attempt a reconstruction. 1754 * Note that the algorithm below is non-optimal because it doesn't take into 1755 * account how reconstruction is actually performed. For example, with 1756 * triple-parity RAID-Z the reconstruction procedure is the same if column 4 1757 * is targeted as invalid as if columns 1 and 4 are targeted since in both 1758 * cases we'd only use parity information in column 0. 1759 */ 1760 static int 1761 vdev_raidz_combrec(zio_t *zio, int total_errors, int data_errors) 1762 { 1763 raidz_map_t *rm = zio->io_vsd; 1764 raidz_col_t *rc; 1765 void *orig[VDEV_RAIDZ_MAXPARITY]; 1766 int tstore[VDEV_RAIDZ_MAXPARITY + 2]; 1767 int *tgts = &tstore[1]; 1768 int current, next, i, c, n; 1769 int code, ret = 0; 1770 1771 ASSERT(total_errors < rm->rm_firstdatacol); 1772 1773 /* 1774 * This simplifies one edge condition. 1775 */ 1776 tgts[-1] = -1; 1777 1778 for (n = 1; n <= rm->rm_firstdatacol - total_errors; n++) { 1779 /* 1780 * Initialize the targets array by finding the first n columns 1781 * that contain no error. 1782 * 1783 * If there were no data errors, we need to ensure that we're 1784 * always explicitly attempting to reconstruct at least one 1785 * data column. To do this, we simply push the highest target 1786 * up into the data columns. 1787 */ 1788 for (c = 0, i = 0; i < n; i++) { 1789 if (i == n - 1 && data_errors == 0 && 1790 c < rm->rm_firstdatacol) { 1791 c = rm->rm_firstdatacol; 1792 } 1793 1794 while (rm->rm_col[c].rc_error != 0) { 1795 c++; 1796 ASSERT3S(c, <, rm->rm_cols); 1797 } 1798 1799 tgts[i] = c++; 1800 } 1801 1802 /* 1803 * Setting tgts[n] simplifies the other edge condition. 1804 */ 1805 tgts[n] = rm->rm_cols; 1806 1807 /* 1808 * These buffers were allocated in previous iterations. 1809 */ 1810 for (i = 0; i < n - 1; i++) { 1811 ASSERT(orig[i] != NULL); 1812 } 1813 1814 orig[n - 1] = zio_buf_alloc(rm->rm_col[0].rc_size); 1815 1816 current = 0; 1817 next = tgts[current]; 1818 1819 while (current != n) { 1820 tgts[current] = next; 1821 current = 0; 1822 1823 /* 1824 * Save off the original data that we're going to 1825 * attempt to reconstruct. 1826 */ 1827 for (i = 0; i < n; i++) { 1828 ASSERT(orig[i] != NULL); 1829 c = tgts[i]; 1830 ASSERT3S(c, >=, 0); 1831 ASSERT3S(c, <, rm->rm_cols); 1832 rc = &rm->rm_col[c]; 1833 bcopy(rc->rc_data, orig[i], rc->rc_size); 1834 } 1835 1836 /* 1837 * Attempt a reconstruction and exit the outer loop on 1838 * success. 1839 */ 1840 code = vdev_raidz_reconstruct(rm, tgts, n); 1841 if (raidz_checksum_verify(zio) == 0) { 1842 atomic_inc_64(&raidz_corrected[code]); 1843 1844 for (i = 0; i < n; i++) { 1845 c = tgts[i]; 1846 rc = &rm->rm_col[c]; 1847 ASSERT(rc->rc_error == 0); 1848 if (rc->rc_tried) 1849 raidz_checksum_error(zio, rc, 1850 orig[i]); 1851 rc->rc_error = SET_ERROR(ECKSUM); 1852 } 1853 1854 ret = code; 1855 goto done; 1856 } 1857 1858 /* 1859 * Restore the original data. 1860 */ 1861 for (i = 0; i < n; i++) { 1862 c = tgts[i]; 1863 rc = &rm->rm_col[c]; 1864 bcopy(orig[i], rc->rc_data, rc->rc_size); 1865 } 1866 1867 do { 1868 /* 1869 * Find the next valid column after the current 1870 * position.. 1871 */ 1872 for (next = tgts[current] + 1; 1873 next < rm->rm_cols && 1874 rm->rm_col[next].rc_error != 0; next++) 1875 continue; 1876 1877 ASSERT(next <= tgts[current + 1]); 1878 1879 /* 1880 * If that spot is available, we're done here. 1881 */ 1882 if (next != tgts[current + 1]) 1883 break; 1884 1885 /* 1886 * Otherwise, find the next valid column after 1887 * the previous position. 1888 */ 1889 for (c = tgts[current - 1] + 1; 1890 rm->rm_col[c].rc_error != 0; c++) 1891 continue; 1892 1893 tgts[current] = c; 1894 current++; 1895 1896 } while (current != n); 1897 } 1898 } 1899 n--; 1900 done: 1901 for (i = 0; i < n; i++) { 1902 zio_buf_free(orig[i], rm->rm_col[0].rc_size); 1903 } 1904 1905 return (ret); 1906 } 1907 1908 /* 1909 * Complete an IO operation on a RAIDZ VDev 1910 * 1911 * Outline: 1912 * - For write operations: 1913 * 1. Check for errors on the child IOs. 1914 * 2. Return, setting an error code if too few child VDevs were written 1915 * to reconstruct the data later. Note that partial writes are 1916 * considered successful if they can be reconstructed at all. 1917 * - For read operations: 1918 * 1. Check for errors on the child IOs. 1919 * 2. If data errors occurred: 1920 * a. Try to reassemble the data from the parity available. 1921 * b. If we haven't yet read the parity drives, read them now. 1922 * c. If all parity drives have been read but the data still doesn't 1923 * reassemble with a correct checksum, then try combinatorial 1924 * reconstruction. 1925 * d. If that doesn't work, return an error. 1926 * 3. If there were unexpected errors or this is a resilver operation, 1927 * rewrite the vdevs that had errors. 1928 */ 1929 static void 1930 vdev_raidz_io_done(zio_t *zio) 1931 { 1932 vdev_t *vd = zio->io_vd; 1933 vdev_t *cvd; 1934 raidz_map_t *rm = zio->io_vsd; 1935 raidz_col_t *rc; 1936 int unexpected_errors = 0; 1937 int parity_errors = 0; 1938 int parity_untried = 0; 1939 int data_errors = 0; 1940 int total_errors = 0; 1941 int n, c; 1942 int tgts[VDEV_RAIDZ_MAXPARITY]; 1943 int code; 1944 1945 ASSERT(zio->io_bp != NULL); /* XXX need to add code to enforce this */ 1946 1947 ASSERT(rm->rm_missingparity <= rm->rm_firstdatacol); 1948 ASSERT(rm->rm_missingdata <= rm->rm_cols - rm->rm_firstdatacol); 1949 1950 for (c = 0; c < rm->rm_cols; c++) { 1951 rc = &rm->rm_col[c]; 1952 1953 if (rc->rc_error) { 1954 ASSERT(rc->rc_error != ECKSUM); /* child has no bp */ 1955 1956 if (c < rm->rm_firstdatacol) 1957 parity_errors++; 1958 else 1959 data_errors++; 1960 1961 if (!rc->rc_skipped) 1962 unexpected_errors++; 1963 1964 total_errors++; 1965 } else if (c < rm->rm_firstdatacol && !rc->rc_tried) { 1966 parity_untried++; 1967 } 1968 } 1969 1970 if (zio->io_type == ZIO_TYPE_WRITE) { 1971 /* 1972 * XXX -- for now, treat partial writes as a success. 1973 * (If we couldn't write enough columns to reconstruct 1974 * the data, the I/O failed. Otherwise, good enough.) 1975 * 1976 * Now that we support write reallocation, it would be better 1977 * to treat partial failure as real failure unless there are 1978 * no non-degraded top-level vdevs left, and not update DTLs 1979 * if we intend to reallocate. 1980 */ 1981 /* XXPOLICY */ 1982 if (total_errors > rm->rm_firstdatacol) 1983 zio->io_error = vdev_raidz_worst_error(rm); 1984 1985 return; 1986 } 1987 1988 ASSERT(zio->io_type == ZIO_TYPE_READ); 1989 /* 1990 * There are three potential phases for a read: 1991 * 1. produce valid data from the columns read 1992 * 2. read all disks and try again 1993 * 3. perform combinatorial reconstruction 1994 * 1995 * Each phase is progressively both more expensive and less likely to 1996 * occur. If we encounter more errors than we can repair or all phases 1997 * fail, we have no choice but to return an error. 1998 */ 1999 2000 /* 2001 * If the number of errors we saw was correctable -- less than or equal 2002 * to the number of parity disks read -- attempt to produce data that 2003 * has a valid checksum. Naturally, this case applies in the absence of 2004 * any errors. 2005 */ 2006 if (total_errors <= rm->rm_firstdatacol - parity_untried) { 2007 if (data_errors == 0) { 2008 if (raidz_checksum_verify(zio) == 0) { 2009 /* 2010 * If we read parity information (unnecessarily 2011 * as it happens since no reconstruction was 2012 * needed) regenerate and verify the parity. 2013 * We also regenerate parity when resilvering 2014 * so we can write it out to the failed device 2015 * later. 2016 */ 2017 if (parity_errors + parity_untried < 2018 rm->rm_firstdatacol || 2019 (zio->io_flags & ZIO_FLAG_RESILVER)) { 2020 n = raidz_parity_verify(zio, rm); 2021 unexpected_errors += n; 2022 ASSERT(parity_errors + n <= 2023 rm->rm_firstdatacol); 2024 } 2025 goto done; 2026 } 2027 } else { 2028 /* 2029 * We either attempt to read all the parity columns or 2030 * none of them. If we didn't try to read parity, we 2031 * wouldn't be here in the correctable case. There must 2032 * also have been fewer parity errors than parity 2033 * columns or, again, we wouldn't be in this code path. 2034 */ 2035 ASSERT(parity_untried == 0); 2036 ASSERT(parity_errors < rm->rm_firstdatacol); 2037 2038 /* 2039 * Identify the data columns that reported an error. 2040 */ 2041 n = 0; 2042 for (c = rm->rm_firstdatacol; c < rm->rm_cols; c++) { 2043 rc = &rm->rm_col[c]; 2044 if (rc->rc_error != 0) { 2045 ASSERT(n < VDEV_RAIDZ_MAXPARITY); 2046 tgts[n++] = c; 2047 } 2048 } 2049 2050 ASSERT(rm->rm_firstdatacol >= n); 2051 2052 code = vdev_raidz_reconstruct(rm, tgts, n); 2053 2054 if (raidz_checksum_verify(zio) == 0) { 2055 atomic_inc_64(&raidz_corrected[code]); 2056 2057 /* 2058 * If we read more parity disks than were used 2059 * for reconstruction, confirm that the other 2060 * parity disks produced correct data. This 2061 * routine is suboptimal in that it regenerates 2062 * the parity that we already used in addition 2063 * to the parity that we're attempting to 2064 * verify, but this should be a relatively 2065 * uncommon case, and can be optimized if it 2066 * becomes a problem. Note that we regenerate 2067 * parity when resilvering so we can write it 2068 * out to failed devices later. 2069 */ 2070 if (parity_errors < rm->rm_firstdatacol - n || 2071 (zio->io_flags & ZIO_FLAG_RESILVER)) { 2072 n = raidz_parity_verify(zio, rm); 2073 unexpected_errors += n; 2074 ASSERT(parity_errors + n <= 2075 rm->rm_firstdatacol); 2076 } 2077 2078 goto done; 2079 } 2080 } 2081 } 2082 2083 /* 2084 * This isn't a typical situation -- either we got a read error or 2085 * a child silently returned bad data. Read every block so we can 2086 * try again with as much data and parity as we can track down. If 2087 * we've already been through once before, all children will be marked 2088 * as tried so we'll proceed to combinatorial reconstruction. 2089 */ 2090 unexpected_errors = 1; 2091 rm->rm_missingdata = 0; 2092 rm->rm_missingparity = 0; 2093 2094 for (c = 0; c < rm->rm_cols; c++) { 2095 if (rm->rm_col[c].rc_tried) 2096 continue; 2097 2098 zio_vdev_io_redone(zio); 2099 do { 2100 rc = &rm->rm_col[c]; 2101 if (rc->rc_tried) 2102 continue; 2103 zio_nowait(zio_vdev_child_io(zio, NULL, 2104 vd->vdev_child[rc->rc_devidx], 2105 rc->rc_offset, rc->rc_data, rc->rc_size, 2106 zio->io_type, zio->io_priority, 0, 2107 vdev_raidz_child_done, rc)); 2108 } while (++c < rm->rm_cols); 2109 2110 return; 2111 } 2112 2113 /* 2114 * At this point we've attempted to reconstruct the data given the 2115 * errors we detected, and we've attempted to read all columns. There 2116 * must, therefore, be one or more additional problems -- silent errors 2117 * resulting in invalid data rather than explicit I/O errors resulting 2118 * in absent data. We check if there is enough additional data to 2119 * possibly reconstruct the data and then perform combinatorial 2120 * reconstruction over all possible combinations. If that fails, 2121 * we're cooked. 2122 */ 2123 if (total_errors > rm->rm_firstdatacol) { 2124 zio->io_error = vdev_raidz_worst_error(rm); 2125 2126 } else if (total_errors < rm->rm_firstdatacol && 2127 (code = vdev_raidz_combrec(zio, total_errors, data_errors)) != 0) { 2128 /* 2129 * If we didn't use all the available parity for the 2130 * combinatorial reconstruction, verify that the remaining 2131 * parity is correct. 2132 */ 2133 if (code != (1 << rm->rm_firstdatacol) - 1) 2134 (void) raidz_parity_verify(zio, rm); 2135 } else { 2136 /* 2137 * We're here because either: 2138 * 2139 * total_errors == rm_first_datacol, or 2140 * vdev_raidz_combrec() failed 2141 * 2142 * In either case, there is enough bad data to prevent 2143 * reconstruction. 2144 * 2145 * Start checksum ereports for all children which haven't 2146 * failed, and the IO wasn't speculative. 2147 */ 2148 zio->io_error = SET_ERROR(ECKSUM); 2149 2150 if (!(zio->io_flags & ZIO_FLAG_SPECULATIVE)) { 2151 for (c = 0; c < rm->rm_cols; c++) { 2152 rc = &rm->rm_col[c]; 2153 if (rc->rc_error == 0) { 2154 zio_bad_cksum_t zbc; 2155 zbc.zbc_has_cksum = 0; 2156 zbc.zbc_injected = 2157 rm->rm_ecksuminjected; 2158 2159 zfs_ereport_start_checksum( 2160 zio->io_spa, 2161 vd->vdev_child[rc->rc_devidx], 2162 zio, rc->rc_offset, rc->rc_size, 2163 (void *)(uintptr_t)c, &zbc); 2164 } 2165 } 2166 } 2167 } 2168 2169 done: 2170 zio_checksum_verified(zio); 2171 2172 if (zio->io_error == 0 && spa_writeable(zio->io_spa) && 2173 (unexpected_errors || (zio->io_flags & ZIO_FLAG_RESILVER))) { 2174 /* 2175 * Use the good data we have in hand to repair damaged children. 2176 */ 2177 for (c = 0; c < rm->rm_cols; c++) { 2178 rc = &rm->rm_col[c]; 2179 cvd = vd->vdev_child[rc->rc_devidx]; 2180 2181 if (rc->rc_error == 0) 2182 continue; 2183 2184 zio_nowait(zio_vdev_child_io(zio, NULL, cvd, 2185 rc->rc_offset, rc->rc_data, rc->rc_size, 2186 ZIO_TYPE_WRITE, zio->io_priority, 2187 ZIO_FLAG_IO_REPAIR | (unexpected_errors ? 2188 ZIO_FLAG_SELF_HEAL : 0), NULL, NULL)); 2189 } 2190 } 2191 } 2192 2193 static void 2194 vdev_raidz_state_change(vdev_t *vd, int faulted, int degraded) 2195 { 2196 if (faulted > vd->vdev_nparity) 2197 vdev_set_state(vd, B_FALSE, VDEV_STATE_CANT_OPEN, 2198 VDEV_AUX_NO_REPLICAS); 2199 else if (degraded + faulted != 0) 2200 vdev_set_state(vd, B_FALSE, VDEV_STATE_DEGRADED, VDEV_AUX_NONE); 2201 else 2202 vdev_set_state(vd, B_FALSE, VDEV_STATE_HEALTHY, VDEV_AUX_NONE); 2203 } 2204 2205 vdev_ops_t vdev_raidz_ops = { 2206 vdev_raidz_open, 2207 vdev_raidz_close, 2208 vdev_raidz_asize, 2209 vdev_raidz_io_start, 2210 vdev_raidz_io_done, 2211 vdev_raidz_state_change, 2212 NULL, 2213 NULL, 2214 VDEV_TYPE_RAIDZ, /* name of this vdev type */ 2215 B_FALSE /* not a leaf vdev */ 2216 }; 2217