Krzysztof Wojcik [Wed, 23 Mar 2011 23:15:01 +0000 (10:15 +1100)]
FIX: imsm: Do not change serial if disk failed
This patch rollback one change connected with mdadm-OROM
compatibility:
adding ':0' at the end of disk serial number if disk is
detected as failed.
Current mdadm's implementation does not distinguish two
cases when disk is marked as failed:
1. If disk is really failed- disconnected, broken
2. Just marked as failed by mdadm- using "-f" option
Second case is not yet fully handled and compatible with
IMSM standard.
Changing serial number of existing, operational disk causes
problems in "thunderdome" and "load_super" functions that use
serial numbers to disks comparisons and searching.
The change must be recalled until full support will be
developed.
Signed-off-by: Krzysztof Wojcik <krzysztof.wojcik@intel.com> Signed-off-by: NeilBrown <neilb@suse.de>
Krzysztof Wojcik [Wed, 23 Mar 2011 23:11:58 +0000 (10:11 +1100)]
FIX: Tests: raid0->raid10 without degradation
raid0->raid10 transition needs at least 2 spare devices.
After level changing to raid10 recovery is triggered on
failed (missing) disks. At the end of recovery process
we have fully operational (not degraded) raid10 array.
Initialy there was possibility to migrate raid0->raid10
without recovery triggering (it results degraded raid10).
Now it is not possible.
This patch adapt tests to new mdadm's behavior.
Signed-off-by: Krzysztof Wojcik <krzysztof.wojcik@intel.com> Signed-off-by: NeilBrown <neilb@suse.de>
Krzysztof Wojcik [Wed, 23 Mar 2011 15:04:20 +0000 (16:04 +0100)]
FIX: imsm: Rebuild does not start on second failed disk
Problem:
If we have an array with two failed disks and the array is in degraded
state (now it is possible only for raid10 with 2 degraded mirrors) and
we have two spare devices in the container, recovery process should be
triggered on booth failed disks. It does not.
Recovery is triggered only for first failed disk.
Second failed disk remains unchanged although the spare drive exists
in the container and is ready to recovery.
Root cause:
mdmon does not check if the array is degraded after recovery of first
drive is completed.
Resolution:
Check if current number of disks in the array equals target number of disks.
If not, trigger degradation check and then recovery process.
Signed-off-by: Krzysztof Wojcik <krzysztof.wojcik@intel.com> Signed-off-by: NeilBrown <neilb@suse.de>
NeilBrown [Wed, 23 Mar 2011 04:42:24 +0000 (15:42 +1100)]
--stop: separate 'is busy' test for 'did it stop properly'.
Stopping an md array requires that there is no other user of it.
However with udev and udisks and such there can be transient other
users of md devices which can interfere with stopping the array.
If there is a transient users, we really want "mdadm --stop" to wait a
little while and retry.
However if the array is genuinely in-use (e.g. mounted), then we
don't want to wait at all - we want to fail immediately.
So before trying to stop, re-open device with O_EXCL. If this fails
then the device is probably in use, so give up.
If it succeeds, but a subsequent STOP_ARRAY fails, then it is possibly
a transient failure, so try again for a few seconds.
NeilBrown [Wed, 23 Mar 2011 00:07:27 +0000 (11:07 +1100)]
Assemble: improve efficacy of -Af in assembling degraded dirty arrays.
If a degraded dirty array has some superblocks which are clean and
others that are dirty, and the dirty ones are newer by precisely '1'
in the event count, then the current code to force the array to be
clean will not work.
We need to make sure to find a superblock with most recent event count
and force that one to be 'clean'.
Reported-by: A J Wyborny <ajwyborny@gmail.com> Signed-off-by: NeilBrown <neilb@suse.de>
Labun, Marcin [Wed, 23 Mar 2011 01:05:53 +0000 (12:05 +1100)]
super-intel: enable loading metadata from non-IMSM compliant disks
Honor ignore_hw_compat to load metadata from disk attached to non-IMSM
controller or when there are no IMSM OROM/EFI capabilities.
Used only for guessing and examining metadata format.
Signed-off-by: Marcin Labun <marcin.labun@intel.com> Signed-off-by: NeilBrown <neilb@suse.de>
Labun, Marcin [Wed, 23 Mar 2011 01:04:46 +0000 (12:04 +1100)]
examine: allows to examine a disk metadata on non-metadata compliant systems
Allow for loading metadata from disk attached to non-metadata compliant
system. Affects mdadm --examine and guess_super.
Added ignore_hw_compat in supertype to pass information to load_super
handler. If ignore_hw_compat is set the handler should load metadata
also from disks that do not comply with metadata requirements (i.e. disk is not
attached to native controller, etc).
Signed-off-by: Marcin Labun <marcin.labun@intel.com> Signed-off-by: NeilBrown <neilb@suse.de>
NeilBrown [Tue, 22 Mar 2011 03:47:55 +0000 (14:47 +1100)]
Monitor: handle v.quick removal of devices better.
If a device fails and then is removed before Monitor sees
the failure, GET_DISK_INFO returns nothing so Monitor relies
on mdstat info where '_' is incorrectly interpreted as 'a spare'.
We should treat '_' as 'removed' - that is safer.
Without this, a v.quick fail+remove gets reported as 'Failed' then
'SpareActive'.
NeilBrown [Wed, 23 Mar 2011 00:07:27 +0000 (11:07 +1100)]
Assemble: improve efficacy of -Af in assembling degraded dirty arrays.
If a degraded dirty array has some superblocks which are clean and
others that are dirty, and the dirty ones are newer by precisely '1'
in the event count, then the current code to force the array to be
clean will not work.
We need to make sure to find a superblock with most recent event count
and force that one to be 'clean'.
Reported-by: A J Wyborny <ajwyborny@gmail.com> Signed-off-by: NeilBrown <neilb@suse.de>
NeilBrown [Tue, 22 Mar 2011 06:23:17 +0000 (17:23 +1100)]
mdmon: Stop keeping track of RAID0 (and LINEAR) arrays.
Tracking RAID0 arrays doesn't really work. There is no need,
and there are some sysfs files which won't exist when the array
appears and then won't be opened when the level is changed.
So simply ignore RAID0 and LINEAR arrays - don't add them when they
appear and if an array we are monitoring turns into one of these,
discard it promptly.
NeilBrown [Tue, 22 Mar 2011 05:10:22 +0000 (16:10 +1100)]
mdmon: don't wait for O_EXCL when shutting down.
If mdmon is shutting down because there are no devices
left to look at, then don't wait 5 seconds for an O_EXCL open,
and that can block progress of --grow.
NeilBrown [Tue, 22 Mar 2011 03:52:37 +0000 (14:52 +1100)]
mdmon: allow manage_member to cope with ->container becoming NULL.
As monitor() can set ->container to NULL, we need to be careful
about dereferencing it.
So take a copy in manage_member, return if it is NULL, and only
use the copy.
NeilBrown [Tue, 22 Mar 2011 03:52:36 +0000 (14:52 +1100)]
Grow: increase raid_disks before adding specific spares.
When we add spared that have been targeted at a specific slot,
we need raid_disks to be bigger than the slot number.
But currently we don't increase raid_disks until after we add
these spares.
So introduce an early increase of raid_disks to allow the spares
to be added.
NeilBrown [Tue, 22 Mar 2011 03:47:55 +0000 (14:47 +1100)]
Monitor: handle v.quick removal of devices better.
If a device fails and then is removed before Monitor sees
the failure, GET_DISK_INFO returns nothing so Monitor relies
on mdstat info where '_' is incorrectly interpreted as 'a spare'.
We should treat '_' as 'removed' - that is safer.
Without this, a v.quick fail+remove gets reported as 'Failed' then
'SpareActive'.
NeilBrown [Mon, 21 Mar 2011 23:09:30 +0000 (10:09 +1100)]
test: call "udevadm settle" after stopping array.
If we don't do this, then the unlink from /dev might happen
after the next step in the test creates something in /dev,
and device names seem to go missing.
please find attached a patch, to mdadm-3.2 base, including
a standalone versione of the raid-6 check.
This is basically a re-working (and hopefully improvement)
of the already implemented check in "restripe.c".
I splitted the check function into "collect" and "stats",
so that the second one could be easily replaced.
The API is also simplified.
The command line option are reduced, since we only level
is raid-6, but the ":offset" option is included.
The output reports the block/stripe rotation, P/Q errors
and the possible HDD (or unknown).
BTW, the patch applies also to the already patched "restripe.c",
including the last ":offset" patch (which is not yet in git).
Other item is that due to "sysfs.c" linking (see below) the
"Makefile" needed some changes, I hope this is not a problem.
Next steps (TODO list you like) would be:
1) Add the "sysfs.c" code in order to retrieve the HDDs info
from the MD device. It is already linked, together with the
whole (mdadm) universe, since it seems it cannot leave alone.
I'll need some advice or hint on how to do use it. I checked
"sysfs.c", but before I dig deep into it maybe better to
have some advice (maybe just one function call will do it).
2) Add the suspend lo/hi control. Fellow John Robinson was
suggesting to look into "Grow.c", which I did, but I guess
the same story as 1) is valid: better to have some hint on
where to look before wasting time.
3) Add a repair option (future). This should have different
levels, like "all", "disk", "stripe". That is, fix everything
(more or less like "repair"), fix only if a disk is clearly
having problems, fix each stripe which has clearly a problem
(but maybe different stripes may belong to different HDDs).
So, for the point 1) and 2) would be nice to have some more
detail on where to look what. Point 3) we will discuss later.
Krzysztof Wojcik [Fri, 18 Mar 2011 01:42:17 +0000 (12:42 +1100)]
Retry writing 'inactive' state during stopping array
Issue observed:
Sporadicaly stopping arrays using "mdadm -Ss" command does not succeded.
Cause:
Writting "inactive" to the array state not succeded- array is busy
(accessed by udev, blkid etc.)
Resolution:
If writing 'inactive' fails, wait and retry again (because it is possibly
a transient failure)
Signed-off-by: Krzysztof Wojcik <krzysztof.wojcik@intel.com> Signed-off-by: NeilBrown <neilb@suse.de>
Adam Kwolek [Fri, 18 Mar 2011 01:32:16 +0000 (12:32 +1100)]
FIX: ping_monitor() usage causes memory leaks
When for ping_monitor() input devnum2devname() is used,
received string pointer should be passed to free() for memory release.
It is not made in several places. This use case should have function
to avoid memory leak.
Signed-off-by: Adam Kwolek <adam.kwolek@intel.com> Signed-off-by: NeilBrown <neilb@suse.de>
NeilBrown [Fri, 18 Mar 2011 01:31:45 +0000 (12:31 +1100)]
Manage: fix the mess I made in earlier patch.
When I separated the 'native metadata' case more cleanly from the
"external metadata" case for adding a drive, I left some 'external'
code in the 'native' case, and didn't copy it to the 'external' case.
When - in the external case - we add to super, we much check for
mdmon first, so we know whether to do the metadata update ourselves
or not, then afterwards call either flush_metadata_updates (to send
to mdmon) or sync_metadata (to do it directly).
Reported-by: Adam Kwolek <adam.kwolek@intel.com> Signed-off-by: NeilBrown <neilb@suse.de>
NeilBrown [Thu, 17 Mar 2011 02:35:10 +0000 (13:35 +1100)]
--stop: separate 'is busy' test for 'did it stop properly'.
Stopping an md array requires that there is no other user of it.
However with udev and udisks and such there can be transient other
users of md devices which can interfere with stopping the array.
If there is a transient users, we really want "mdadm --stop" to wait a
little while and retry.
However if the array is genuinely in-use (e.g. mounted), then we
don't want to wait at all - we want to fail immediately.
So before trying to stop, re-open device with O_EXCL. If this fails
then the device is probably in use, so give up.
If it succeeds, but a subsequent STOP_ARRAY fails, then it is possibly
a transient failure, so try again for a few seconds.
NeilBrown [Tue, 15 Mar 2011 05:31:20 +0000 (16:31 +1100)]
Fix regression when using 'grow' to add a bitmap.
When we allowed a devlist to accompany some --grow modes - but not
--bitmap - we made --bitmap always fail, in stead of fail of a device
was given to add.
As 'devs_found' includes the md device, we need to compare against
'1'.
Labun, Marcin [Tue, 15 Mar 2011 04:09:31 +0000 (15:09 +1100)]
IMSM: Fix problem in mdmon monitor of using removed disk in imsm container.
Manager thread shall pass the information to monitor thread (mdmon)
that some devices are removed from container. Otherwise, monitor
(mdmon) might use such devices (spares) to rebuild the array that has
gone degraded.
This problem happens for imsm containers, since a list of the
container disks is maintained in intel_super structure. When array
goes degraded, the list is searched to find a spare disks to start
rebuild. Without this fix the rebuild could be stared on the spare
device that was a member of the container, but has been removed from
it.
New super type function handler has been introduced to prepare
metadata format specific information about removed devices.
int (*remove_from_super)(struct supertype *st, mdu_disk_info_t *dinfo)
The message prepared in remove_from_super is later processed by
process_update handler in monitor thread.
Signed-off-by: Marcin Labun <marcin.labun@intel.com> Signed-off-by: NeilBrown <neilb@suse.de>
NeilBrown [Tue, 15 Mar 2011 04:09:24 +0000 (15:09 +1100)]
DDF Allow a RAID1 to be 'partially optimal'.
If a RAID1 is meant to have more than 2 device and while it doesn't
have that many, it still has more than 1, then according to the
DDF spec it is "partially optional" rather than "degraded"
So make that so.
NeilBrown [Tue, 15 Mar 2011 04:02:49 +0000 (15:02 +1100)]
ddf: remove failed devices that are no longer in use.
The DDF spec requires we have a phys disk record for every physically
attached device. But it isn't clear what that means in the case
of soft raid in a general purpose Linux computer.
So remove phys disk records for any failed device that is not
active in any array.
NeilBrown [Tue, 15 Mar 2011 03:51:12 +0000 (14:51 +1100)]
managemon: Don't do spare assignment while any updates are pending.
Spare assignment requires full knowledge of array state. A pending
update might modify that state (such as a pending spare assignment)
so don't try while there are updates pending.
NeilBrown [Tue, 15 Mar 2011 03:48:20 +0000 (14:48 +1100)]
Manage/external: for external metadata, add_to_super needs lock on container.
add_to_super could use information from the current superblock (ddf
does), so add_to_super for external metadata should be called with
the O_EXCL lock held on the container to ensure the update is complete
before any other process tries to make any changes (like adding
another device to array).
Adam Kwolek [Mon, 14 Mar 2011 14:09:29 +0000 (15:09 +0100)]
imsm: FIX: existing backup file fails unit tests
During normal test execution, backup file is deleted after test execution.
If test is interrupted/broken, backup file can remain for next run.
When backup file exists before unit test run, suits 12 and 13 fails.
To avoid this remove backup file before grow is executed.
Signed-off-by: Adam Kwolek <adam.kwolek@intel.com> Signed-off-by: NeilBrown <neilb@suse.de>
Krzysztof Wojcik [Mon, 14 Mar 2011 07:21:21 +0000 (18:21 +1100)]
Warn the user about too small array size
If single-disk RAID0 or RAID1 array is created, user may preserve data on
disk. If array given size covers all partitions on disk, all data will be
available on created array. If array size is too small (not covers
all partitions), data will be not accessible.
This patch introduces warning message during array creation if given size
is too small. User may interrupt creation process to avoid data loss.
Signed-off-by: Krzysztof Wojcik <krzysztof.wojcik@intel.com> Signed-off-by: NeilBrown <neilb@suse.de>
Labun, Marcin [Mon, 14 Mar 2011 07:18:46 +0000 (18:18 +1100)]
platfrom_intel: find OROM based on Intel AHCI and SAS driver device id
We use PCI device id exposed by AHCI and ISCU drivers (SAS controller)
to find OROM version table.
In this way there is no need to maintain AHCI and ISCU device id list
in mdadm. The consequence is that the OROM properties can be found by mdadm when AHCI or
SAS drivers are loaded in the system.
Signed-off-by: Marcin Labun <marcin.labun@intel.com> Signed-off-by: NeilBrown <neilb@suse.de>
Adam Kwolek [Mon, 14 Mar 2011 07:17:53 +0000 (18:17 +1100)]
imsm: FIX: Store checkpoint in per disk units
While last_checkpoint is counter in per disk units, checkpoints
should be stored in the same manner.
Restoring from checkpoint should should recalculate checkpoint in to
array position (reshape_progress).
Signed-off-by: Adam Kwolek <adam.kwolek@intel.com> Signed-off-by: NeilBrown <neilb@suse.de>
Adam Kwolek [Mon, 14 Mar 2011 07:17:52 +0000 (18:17 +1100)]
FIX: Last_checkpoint has to be initialized in per disk units
last_checkpoint is variable that tracks sync_complete sysfs entry.
sync_complete is per disk counter, so initializing during starting from checkpoint
has to have this in mind and convert reshape position properly.
Signed-off-by: Adam Kwolek <adam.kwolek@intel.com> Signed-off-by: NeilBrown <neilb@suse.de>
Adam Kwolek [Thu, 10 Mar 2011 14:05:54 +0000 (15:05 +0100)]
FIX: Last checkpoint is not initialized on reshape restart
When reshape is restarted and active array in mdmon is being initialized,
mdmon has to know last checkpoint, otherwise reshape will be restarted
form '0' position.
mdadm when reshaped array is assembled stores reshape_position in sysfs
and runs mdmon. Initialize last_checkpoint in active array structure
to value present in sysfs for reshaped array start.
Signed-off-by: Adam Kwolek <adam.kwolek@intel.com> Signed-off-by: NeilBrown <neilb@suse.de>
Adam Kwolek [Thu, 10 Mar 2011 07:30:42 +0000 (08:30 +0100)]
FIX: Unfreeze array on success only
Unfreeze array on success only.
rv is initialized by restart variable so we have 2 cases.
1. regular reshape start
rv == restart == 0
this means that real error (returned by reshape) can cause leaving container frozen
If array is not touched by reshape it can be unfrozen
2. During reshape restart even untouched array under reshape is left unfrozen,
If reshape is started do not unfreeze array on error also.
This allows user for array repair action
(mdmon will not change array state).
Signed-off-by: Adam Kwolek <adam.kwolek@intel.com> Signed-off-by: NeilBrown <neilb@suse.de>
NeilBrown [Mon, 22 Nov 2010 08:35:25 +0000 (19:35 +1100)]
Manage: be more careful about --add attempts.
If an --add is requested and a re-add looks promising but fails or
cannot possibly succeed, then don't try the add. This avoids
inadvertently turning devices into spares when an array is failed but
the devices seem to actually work.
NeilBrown [Tue, 30 Nov 2010 05:34:25 +0000 (16:34 +1100)]
Grow: give useful message when adding bitmap gives EBUSY.
If adding a bitmap fails with EBUSY, then it is because the array is
currently resyncing/recovering/reshaping.
As this is non-obvious, give a message explaining the fact.
NeilBrown [Wed, 1 Dec 2010 03:51:27 +0000 (14:51 +1100)]
Create/grow: improve checks on number of devices.
Check on upper limit of number of devices was in the wrong place.
Result was could not create array with more than 27 devices without
explicitly setting metadata, even though default metadata allows more.
Fixed, and also perform check when growing an array.
Krzysztof Wojcik [Thu, 10 Mar 2011 06:07:04 +0000 (17:07 +1100)]
FIX: Reset disk state if disk is missing
If we can't read actual disk state, it shoud be initiated
to 0.
Overwise it may be out of date value resulting false action
later in code (e.g. set disk to improper state).
Signed-off-by: Krzysztof Wojcik <krzysztof.wojcik@intel.com> Signed-off-by: NeilBrown <neilb@suse.de>
NeilBrown [Thu, 10 Mar 2011 00:41:21 +0000 (11:41 +1100)]
dev_open should always open read-only.
When opening an array to manipulate it we never need to write to the
array and sometimes it might be read-only so the open for write will
fail.
So always open read-only.
Reported-by: Adam Kwolek <adam.kwolek@intel.com> Signed-off-by: NeilBrown <neilb@suse.de>
NeilBrown [Thu, 10 Mar 2011 04:59:24 +0000 (15:59 +1100)]
Grow: allow monitor thread to exit when there is nothing more to do.
When an array using native metadata is increasing in size, we don't
need to keep monitoring it after the initial 'critical section'.
So detect that case.
If a final level-change is still needed mdadm will wait for that,
otherwise it will simply exit.
NeilBrown [Thu, 10 Mar 2011 04:05:23 +0000 (15:05 +1100)]
Grow: support reshape of RAID0 arrays.
This is done via conversion to RAID4 and back.
To grow the array, extra devices will be needed which cannot
already be present as spares - so allow a list of new devices
to be included in grow request which changed the number of devices.
NeilBrown [Thu, 10 Mar 2011 03:53:30 +0000 (14:53 +1100)]
Make find_intel_hba_capability less verbose.
mdadm has a convention in some areas of passing a device name
if error messages about it are interesting, or NULL if not.
Follow this convention with find_intel_hba_capability so that it
doesn't complain when not appropriate - and so that it doesn't
have to go and find a device name that it wasn't given.
Labun, Marcin [Thu, 10 Mar 2011 00:52:15 +0000 (11:52 +1100)]
imsm: introduce SAS controller support in imsm metadata handler
OROM/EFI capabilities are retrieved based on disk's controller type.
1/ alloc_super no longer retrieves OROM capabilities
2/ find_imsm_capability replaces find_imsm_orom
3/ new function find_intel_hba_capability gets disk's HBA and relevant
capability
Signed-off-by: Marcin Labun <marcin.labun@intel.com> Signed-off-by: NeilBrown <neilb@suse.de>
Labun, Marcin [Thu, 10 Mar 2011 00:50:57 +0000 (11:50 +1100)]
imsm: verify that component disks are attached to the same type of HBA
compare_super_imsm verifies that the component disks use the same type of HBA
in platform dependent environment. Otherwise print-out error message and block
the action.
Signed-off-by: Marcin Labun <marcin.labun@intel.com> Signed-off-by: NeilBrown <neilb@suse.de>
Labun, Marcin [Thu, 10 Mar 2011 00:45:35 +0000 (11:45 +1100)]
read platform capabilities from EFI
If operating system is installed using efi, IMSM platform capabilities are
not available via option ROM, but are stored as efi variables. New
mechanism has been introduced to obtain capabilities by variables.