4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
23 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Copyright (c) 2013, 2015 by Delphix. All rights reserved.
25 * Copyright (c) 2016 Intel Corporation.
26 * Copyright 2016 Igor Kozhukhov <ikozhukhov@gmail.com>.
30 * Functions to convert between a list of vdevs and an nvlist representing the
31 * configuration. Each entry in the list can be one of:
34 * disk=(path=..., devid=...)
43 * While the underlying implementation supports it, group vdevs cannot contain
44 * other group vdevs. All userland verification of devices is contained within
45 * this file. If successful, the nvlist returned can be passed directly to the
46 * kernel; we've done as much verification as possible in userland.
48 * Hot spares are a special case, and passed down as an array of disk vdevs, at
49 * the same level as the root of the vdev tree.
51 * The only function exported by this file is 'make_root_vdev'. The
52 * function performs several passes:
54 * 1. Construct the vdev specification. Performs syntax validation and
55 * makes sure each device is valid.
56 * 2. Check for devices in use. Using libblkid to make sure that no
57 * devices are also in use. Some can be overridden using the 'force'
58 * flag, others cannot.
59 * 3. Check for replication errors if the 'force' flag is not specified.
60 * validates that the replication level is consistent across the
62 * 4. Call libzfs to label any whole disks with an EFI label.
71 #include <libnvpair.h>
74 #include <scsi/scsi.h>
79 #include <sys/efi_partition.h>
82 #include <sys/mntent.h>
83 #include <uuid/uuid.h>
84 #include <blkid/blkid.h>
85 #include "zpool_util.h"
86 #include <sys/zfs_context.h>
89 * For any given vdev specification, we can have multiple errors. The
90 * vdev_error() function keeps track of whether we have seen an error yet, and
91 * prints out a header if its the first error we've seen.
96 typedef struct vdev_disk_db_entry
100 } vdev_disk_db_entry_t;
103 * Database of block devices that lie about physical sector sizes. The
104 * identification string must be precisely 24 characters to avoid false
107 static vdev_disk_db_entry_t vdev_disk_database[] = {
108 {"ATA ADATA SSD S396 3", 8192},
109 {"ATA APPLE SSD SM128E", 8192},
110 {"ATA APPLE SSD SM256E", 8192},
111 {"ATA APPLE SSD SM512E", 8192},
112 {"ATA APPLE SSD SM768E", 8192},
113 {"ATA C400-MTFDDAC064M", 8192},
114 {"ATA C400-MTFDDAC128M", 8192},
115 {"ATA C400-MTFDDAC256M", 8192},
116 {"ATA C400-MTFDDAC512M", 8192},
117 {"ATA Corsair Force 3 ", 8192},
118 {"ATA Corsair Force GS", 8192},
119 {"ATA INTEL SSDSA2CT04", 8192},
120 {"ATA INTEL SSDSA2BZ10", 8192},
121 {"ATA INTEL SSDSA2BZ20", 8192},
122 {"ATA INTEL SSDSA2BZ30", 8192},
123 {"ATA INTEL SSDSA2CW04", 8192},
124 {"ATA INTEL SSDSA2CW08", 8192},
125 {"ATA INTEL SSDSA2CW12", 8192},
126 {"ATA INTEL SSDSA2CW16", 8192},
127 {"ATA INTEL SSDSA2CW30", 8192},
128 {"ATA INTEL SSDSA2CW60", 8192},
129 {"ATA INTEL SSDSC2CT06", 8192},
130 {"ATA INTEL SSDSC2CT12", 8192},
131 {"ATA INTEL SSDSC2CT18", 8192},
132 {"ATA INTEL SSDSC2CT24", 8192},
133 {"ATA INTEL SSDSC2CW06", 8192},
134 {"ATA INTEL SSDSC2CW12", 8192},
135 {"ATA INTEL SSDSC2CW18", 8192},
136 {"ATA INTEL SSDSC2CW24", 8192},
137 {"ATA INTEL SSDSC2CW48", 8192},
138 {"ATA KINGSTON SH100S3", 8192},
139 {"ATA KINGSTON SH103S3", 8192},
140 {"ATA M4-CT064M4SSD2 ", 8192},
141 {"ATA M4-CT128M4SSD2 ", 8192},
142 {"ATA M4-CT256M4SSD2 ", 8192},
143 {"ATA M4-CT512M4SSD2 ", 8192},
144 {"ATA OCZ-AGILITY2 ", 8192},
145 {"ATA OCZ-AGILITY3 ", 8192},
146 {"ATA OCZ-VERTEX2 3.5 ", 8192},
147 {"ATA OCZ-VERTEX3 ", 8192},
148 {"ATA OCZ-VERTEX3 LT ", 8192},
149 {"ATA OCZ-VERTEX3 MI ", 8192},
150 {"ATA OCZ-VERTEX4 ", 8192},
151 {"ATA SAMSUNG MZ7WD120", 8192},
152 {"ATA SAMSUNG MZ7WD240", 8192},
153 {"ATA SAMSUNG MZ7WD480", 8192},
154 {"ATA SAMSUNG MZ7WD960", 8192},
155 {"ATA SAMSUNG SSD 830 ", 8192},
156 {"ATA Samsung SSD 840 ", 8192},
157 {"ATA SanDisk SSD U100", 8192},
158 {"ATA TOSHIBA THNSNH06", 8192},
159 {"ATA TOSHIBA THNSNH12", 8192},
160 {"ATA TOSHIBA THNSNH25", 8192},
161 {"ATA TOSHIBA THNSNH51", 8192},
162 {"ATA APPLE SSD TS064C", 4096},
163 {"ATA APPLE SSD TS128C", 4096},
164 {"ATA APPLE SSD TS256C", 4096},
165 {"ATA APPLE SSD TS512C", 4096},
166 {"ATA INTEL SSDSA2M040", 4096},
167 {"ATA INTEL SSDSA2M080", 4096},
168 {"ATA INTEL SSDSA2M160", 4096},
169 {"ATA INTEL SSDSC2MH12", 4096},
170 {"ATA INTEL SSDSC2MH25", 4096},
171 {"ATA OCZ CORE_SSD ", 4096},
172 {"ATA OCZ-VERTEX ", 4096},
173 {"ATA SAMSUNG MCCOE32G", 4096},
174 {"ATA SAMSUNG MCCOE64G", 4096},
175 {"ATA SAMSUNG SSD PM80", 4096},
176 /* Flash drives optimized for 4KB IOs on larger pages */
177 {"ATA INTEL SSDSC2BA10", 4096},
178 {"ATA INTEL SSDSC2BA20", 4096},
179 {"ATA INTEL SSDSC2BA40", 4096},
180 {"ATA INTEL SSDSC2BA80", 4096},
181 {"ATA INTEL SSDSC2BB08", 4096},
182 {"ATA INTEL SSDSC2BB12", 4096},
183 {"ATA INTEL SSDSC2BB16", 4096},
184 {"ATA INTEL SSDSC2BB24", 4096},
185 {"ATA INTEL SSDSC2BB30", 4096},
186 {"ATA INTEL SSDSC2BB40", 4096},
187 {"ATA INTEL SSDSC2BB48", 4096},
188 {"ATA INTEL SSDSC2BB60", 4096},
189 {"ATA INTEL SSDSC2BB80", 4096},
190 {"ATA INTEL SSDSC2BW24", 4096},
191 {"ATA INTEL SSDSC2BW48", 4096},
192 {"ATA INTEL SSDSC2BP24", 4096},
193 {"ATA INTEL SSDSC2BP48", 4096},
194 {"NA SmrtStorSDLKAE9W", 4096},
195 {"NVMe Amazon EC2 NVMe ", 4096},
196 /* Imported from Open Solaris */
197 {"ATA MARVELL SD88SA02", 4096},
198 /* Advanced format Hard drives */
199 {"ATA Hitachi HDS5C303", 4096},
200 {"ATA SAMSUNG HD204UI ", 4096},
201 {"ATA ST2000DL004 HD20", 4096},
202 {"ATA WDC WD10EARS-00M", 4096},
203 {"ATA WDC WD10EARS-00S", 4096},
204 {"ATA WDC WD10EARS-00Z", 4096},
205 {"ATA WDC WD15EARS-00M", 4096},
206 {"ATA WDC WD15EARS-00S", 4096},
207 {"ATA WDC WD15EARS-00Z", 4096},
208 {"ATA WDC WD20EARS-00M", 4096},
209 {"ATA WDC WD20EARS-00S", 4096},
210 {"ATA WDC WD20EARS-00Z", 4096},
211 {"ATA WDC WD1600BEVT-0", 4096},
212 {"ATA WDC WD2500BEVT-0", 4096},
213 {"ATA WDC WD3200BEVT-0", 4096},
214 {"ATA WDC WD5000BEVT-0", 4096},
215 /* Virtual disks: Assume zvols with default volblocksize */
217 {"ATA QEMU HARDDISK ", 8192},
218 {"IET VIRTUAL-DISK ", 8192},
219 {"OI COMSTAR ", 8192},
220 {"SUN COMSTAR ", 8192},
221 {"NETAPP LUN ", 8192},
225 static const int vdev_disk_database_size =
226 sizeof (vdev_disk_database) / sizeof (vdev_disk_database[0]);
228 #define INQ_REPLY_LEN 96
229 #define INQ_CMD_LEN 6
232 check_sector_size_database(char *path, int *sector_size)
234 unsigned char inq_buff[INQ_REPLY_LEN];
235 unsigned char sense_buffer[32];
236 unsigned char inq_cmd_blk[INQ_CMD_LEN] =
237 {INQUIRY, 0, 0, 0, INQ_REPLY_LEN, 0};
243 /* Prepare INQUIRY command */
244 memset(&io_hdr, 0, sizeof (sg_io_hdr_t));
245 io_hdr.interface_id = 'S';
246 io_hdr.cmd_len = sizeof (inq_cmd_blk);
247 io_hdr.mx_sb_len = sizeof (sense_buffer);
248 io_hdr.dxfer_direction = SG_DXFER_FROM_DEV;
249 io_hdr.dxfer_len = INQ_REPLY_LEN;
250 io_hdr.dxferp = inq_buff;
251 io_hdr.cmdp = inq_cmd_blk;
252 io_hdr.sbp = sense_buffer;
253 io_hdr.timeout = 10; /* 10 milliseconds is ample time */
255 if ((fd = open(path, O_RDONLY|O_DIRECT)) < 0)
258 error = ioctl(fd, SG_IO, (unsigned long) &io_hdr);
265 if ((io_hdr.info & SG_INFO_OK_MASK) != SG_INFO_OK)
268 for (i = 0; i < vdev_disk_database_size; i++) {
269 if (memcmp(inq_buff + 8, vdev_disk_database[i].id, 24))
272 *sector_size = vdev_disk_database[i].sector_size;
281 vdev_error(const char *fmt, ...)
286 (void) fprintf(stderr, gettext("invalid vdev specification\n"));
288 (void) fprintf(stderr, gettext("use '-f' to override "
289 "the following errors:\n"));
291 (void) fprintf(stderr, gettext("the following errors "
292 "must be manually repaired:\n"));
297 (void) vfprintf(stderr, fmt, ap);
302 * Check that a file is valid. All we can do in this case is check that it's
303 * not in use by another pool, and not in use by swap.
306 check_file(const char *file, boolean_t force, boolean_t isspare)
314 if ((fd = open(file, O_RDONLY)) < 0)
317 if (zpool_in_use(g_zfs, fd, &state, &name, &inuse) == 0 && inuse) {
321 case POOL_STATE_ACTIVE:
322 desc = gettext("active");
325 case POOL_STATE_EXPORTED:
326 desc = gettext("exported");
329 case POOL_STATE_POTENTIALLY_ACTIVE:
330 desc = gettext("potentially active");
334 desc = gettext("unknown");
339 * Allow hot spares to be shared between pools.
341 if (state == POOL_STATE_SPARE && isspare) {
347 if (state == POOL_STATE_ACTIVE ||
348 state == POOL_STATE_SPARE || !force) {
350 case POOL_STATE_SPARE:
351 vdev_error(gettext("%s is reserved as a hot "
352 "spare for pool %s\n"), file, name);
355 vdev_error(gettext("%s is part of %s pool "
356 "'%s'\n"), file, desc, name);
370 check_slice(const char *path, blkid_cache cache, int force, boolean_t isspare)
375 /* No valid type detected device is safe to use */
376 value = blkid_get_tag_value(cache, "TYPE", path);
381 * If libblkid detects a ZFS device, we check the device
382 * using check_file() to see if it's safe. The one safe
383 * case is a spare device shared between multiple pools.
385 if (strcmp(value, "zfs_member") == 0) {
386 err = check_file(path, force, isspare);
392 vdev_error(gettext("%s contains a filesystem of "
393 "type '%s'\n"), path, value);
403 * Validate that a disk including all partitions are safe to use.
405 * For EFI labeled disks this can done relatively easily with the libefi
406 * library. The partition numbers are extracted from the label and used
407 * to generate the expected /dev/ paths. Each partition can then be
408 * checked for conflicts.
410 * For non-EFI labeled disks (MBR/EBR/etc) the same process is possible
411 * but due to the lack of a readily available libraries this scanning is
412 * not implemented. Instead only the device path as given is checked.
415 check_disk(const char *path, blkid_cache cache, int force,
416 boolean_t isspare, boolean_t iswholedisk)
419 char slice_path[MAXPATHLEN];
424 return (check_slice(path, cache, force, isspare));
426 if ((fd = open(path, O_RDONLY|O_DIRECT|O_EXCL)) < 0) {
427 char *value = blkid_get_tag_value(cache, "TYPE", path);
428 (void) fprintf(stderr, gettext("%s is in use and contains "
429 "a %s filesystem.\n"), path, value ? value : "unknown");
434 * Expected to fail for non-EFI labled disks. Just check the device
435 * as given and do not attempt to detect and scan partitions.
437 err = efi_alloc_and_read(fd, &vtoc);
440 return (check_slice(path, cache, force, isspare));
444 * The primary efi partition label is damaged however the secondary
445 * label at the end of the device is intact. Rather than use this
446 * label we should play it safe and treat this as a non efi device.
448 if (vtoc->efi_flags & EFI_GPT_PRIMARY_CORRUPT) {
453 /* Partitions will now be created using the backup */
456 vdev_error(gettext("%s contains a corrupt primary "
457 "EFI label.\n"), path);
462 for (i = 0; i < vtoc->efi_nparts; i++) {
464 if (vtoc->efi_parts[i].p_tag == V_UNASSIGNED ||
465 uuid_is_null((uchar_t *)&vtoc->efi_parts[i].p_guid))
468 if (strncmp(path, UDISK_ROOT, strlen(UDISK_ROOT)) == 0)
469 (void) snprintf(slice_path, sizeof (slice_path),
470 "%s%s%d", path, "-part", i+1);
472 (void) snprintf(slice_path, sizeof (slice_path),
473 "%s%s%d", path, isdigit(path[strlen(path)-1]) ?
476 err = check_slice(slice_path, cache, force, isspare);
488 check_device(const char *path, boolean_t force,
489 boolean_t isspare, boolean_t iswholedisk)
494 error = blkid_get_cache(&cache, NULL);
496 (void) fprintf(stderr, gettext("unable to access the blkid "
501 error = check_disk(path, cache, force, isspare, iswholedisk);
502 blkid_put_cache(cache);
508 * This may be a shorthand device path or it could be total gibberish.
509 * Check to see if it is a known device available in zfs_vdev_paths.
510 * As part of this check, see if we've been given an entire disk
511 * (minus the slice number).
514 is_shorthand_path(const char *arg, char *path, size_t path_size,
515 struct stat64 *statbuf, boolean_t *wholedisk)
519 error = zfs_resolve_shortname(arg, path, path_size);
521 *wholedisk = zfs_dev_is_whole_disk(path);
522 if (*wholedisk || (stat64(path, statbuf) == 0))
526 strlcpy(path, arg, path_size);
527 memset(statbuf, 0, sizeof (*statbuf));
528 *wholedisk = B_FALSE;
534 * Determine if the given path is a hot spare within the given configuration.
535 * If no configuration is given we rely solely on the label.
538 is_spare(nvlist_t *config, const char *path)
544 uint64_t guid, spareguid;
550 if ((fd = open(path, O_RDONLY)) < 0)
553 if (zpool_in_use(g_zfs, fd, &state, &name, &inuse) != 0 ||
555 state != POOL_STATE_SPARE ||
556 zpool_read_label(fd, &label, NULL) != 0) {
564 if (config == NULL) {
569 verify(nvlist_lookup_uint64(label, ZPOOL_CONFIG_GUID, &guid) == 0);
572 verify(nvlist_lookup_nvlist(config, ZPOOL_CONFIG_VDEV_TREE,
574 if (nvlist_lookup_nvlist_array(nvroot, ZPOOL_CONFIG_SPARES,
575 &spares, &nspares) == 0) {
576 for (i = 0; i < nspares; i++) {
577 verify(nvlist_lookup_uint64(spares[i],
578 ZPOOL_CONFIG_GUID, &spareguid) == 0);
579 if (spareguid == guid)
588 * Create a leaf vdev. Determine if this is a file or a device. If it's a
589 * device, fill in the device id to make a complete nvlist. Valid forms for a
592 * /dev/xxx Complete disk path
593 * /xxx Full path to file
594 * xxx Shorthand for <zfs_vdev_paths>/xxx
597 make_leaf_vdev(nvlist_t *props, const char *arg, uint64_t is_log)
599 char path[MAXPATHLEN];
600 struct stat64 statbuf;
601 nvlist_t *vdev = NULL;
603 boolean_t wholedisk = B_FALSE;
608 * Determine what type of vdev this is, and put the full path into
609 * 'path'. We detect whether this is a device of file afterwards by
610 * checking the st_mode of the file.
614 * Complete device or file path. Exact type is determined by
615 * examining the file descriptor afterwards. Symbolic links
616 * are resolved to their real paths to determine whole disk
617 * and S_ISBLK/S_ISREG type checks. However, we are careful
618 * to store the given path as ZPOOL_CONFIG_PATH to ensure we
619 * can leverage udev's persistent device labels.
621 if (realpath(arg, path) == NULL) {
622 (void) fprintf(stderr,
623 gettext("cannot resolve path '%s'\n"), arg);
627 wholedisk = zfs_dev_is_whole_disk(path);
628 if (!wholedisk && (stat64(path, &statbuf) != 0)) {
629 (void) fprintf(stderr,
630 gettext("cannot open '%s': %s\n"),
631 path, strerror(errno));
635 /* After whole disk check restore original passed path */
636 strlcpy(path, arg, sizeof (path));
638 err = is_shorthand_path(arg, path, sizeof (path),
639 &statbuf, &wholedisk);
642 * If we got ENOENT, then the user gave us
643 * gibberish, so try to direct them with a
644 * reasonable error message. Otherwise,
645 * regurgitate strerror() since it's the best we
649 (void) fprintf(stderr,
650 gettext("cannot open '%s': no such "
651 "device in %s\n"), arg, DISK_ROOT);
652 (void) fprintf(stderr,
653 gettext("must be a full path or "
654 "shorthand device name\n"));
657 (void) fprintf(stderr,
658 gettext("cannot open '%s': %s\n"),
659 path, strerror(errno));
666 * Determine whether this is a device or a file.
668 if (wholedisk || S_ISBLK(statbuf.st_mode)) {
669 type = VDEV_TYPE_DISK;
670 } else if (S_ISREG(statbuf.st_mode)) {
671 type = VDEV_TYPE_FILE;
673 (void) fprintf(stderr, gettext("cannot use '%s': must be a "
674 "block device or regular file\n"), path);
679 * Finally, we have the complete device or file, and we know that it is
680 * acceptable to use. Construct the nvlist to describe this vdev. All
681 * vdevs have a 'path' element, and devices also have a 'devid' element.
683 verify(nvlist_alloc(&vdev, NV_UNIQUE_NAME, 0) == 0);
684 verify(nvlist_add_string(vdev, ZPOOL_CONFIG_PATH, path) == 0);
685 verify(nvlist_add_string(vdev, ZPOOL_CONFIG_TYPE, type) == 0);
686 verify(nvlist_add_uint64(vdev, ZPOOL_CONFIG_IS_LOG, is_log) == 0);
687 if (strcmp(type, VDEV_TYPE_DISK) == 0)
688 verify(nvlist_add_uint64(vdev, ZPOOL_CONFIG_WHOLE_DISK,
689 (uint64_t)wholedisk) == 0);
692 * Override defaults if custom properties are provided.
697 if (nvlist_lookup_string(props,
698 zpool_prop_to_name(ZPOOL_PROP_ASHIFT), &value) == 0) {
699 if (zfs_nicestrtonum(NULL, value, &ashift) != 0) {
700 (void) fprintf(stderr,
701 gettext("ashift must be a number.\n"));
705 (ashift < ASHIFT_MIN || ashift > ASHIFT_MAX)) {
706 (void) fprintf(stderr,
707 gettext("invalid 'ashift=%" PRIu64 "' "
708 "property: only values between %" PRId32 " "
709 "and %" PRId32 " are allowed.\n"),
710 ashift, ASHIFT_MIN, ASHIFT_MAX);
717 * If the device is known to incorrectly report its physical sector
718 * size explicitly provide the known correct value.
723 if (check_sector_size_database(path, §or_size) == B_TRUE)
724 ashift = highbit64(sector_size) - 1;
728 (void) nvlist_add_uint64(vdev, ZPOOL_CONFIG_ASHIFT, ashift);
734 * Go through and verify the replication level of the pool is consistent.
735 * Performs the following checks:
737 * For the new spec, verifies that devices in mirrors and raidz are the
740 * If the current configuration already has inconsistent replication
741 * levels, ignore any other potential problems in the new spec.
743 * Otherwise, make sure that the current spec (if there is one) and the new
744 * spec have consistent replication levels.
746 typedef struct replication_level {
748 uint64_t zprl_children;
749 uint64_t zprl_parity;
750 } replication_level_t;
752 #define ZPOOL_FUZZ (16 * 1024 * 1024)
755 is_raidz_mirror(replication_level_t *a, replication_level_t *b,
756 replication_level_t **raidz, replication_level_t **mirror)
758 if (strcmp(a->zprl_type, "raidz") == 0 &&
759 strcmp(b->zprl_type, "mirror") == 0) {
768 * Given a list of toplevel vdevs, return the current replication level. If
769 * the config is inconsistent, then NULL is returned. If 'fatal' is set, then
770 * an error message will be displayed for each self-inconsistent vdev.
772 static replication_level_t *
773 get_replication(nvlist_t *nvroot, boolean_t fatal)
781 replication_level_t lastrep = {0};
782 replication_level_t rep;
783 replication_level_t *ret;
784 replication_level_t *raidz, *mirror;
785 boolean_t dontreport;
787 ret = safe_malloc(sizeof (replication_level_t));
789 verify(nvlist_lookup_nvlist_array(nvroot, ZPOOL_CONFIG_CHILDREN,
790 &top, &toplevels) == 0);
792 for (t = 0; t < toplevels; t++) {
793 uint64_t is_log = B_FALSE;
798 * For separate logs we ignore the top level vdev replication
801 (void) nvlist_lookup_uint64(nv, ZPOOL_CONFIG_IS_LOG, &is_log);
805 /* Ignore holes introduced by removing aux devices */
806 verify(nvlist_lookup_string(nv, ZPOOL_CONFIG_TYPE, &type) == 0);
807 if (strcmp(type, VDEV_TYPE_HOLE) == 0)
810 if (nvlist_lookup_nvlist_array(nv, ZPOOL_CONFIG_CHILDREN,
811 &child, &children) != 0) {
813 * This is a 'file' or 'disk' vdev.
815 rep.zprl_type = type;
816 rep.zprl_children = 1;
822 * This is a mirror or RAID-Z vdev. Go through and make
823 * sure the contents are all the same (files vs. disks),
824 * keeping track of the number of elements in the
827 * We also check that the size of each vdev (if it can
828 * be determined) is the same.
830 rep.zprl_type = type;
831 rep.zprl_children = 0;
833 if (strcmp(type, VDEV_TYPE_RAIDZ) == 0) {
834 verify(nvlist_lookup_uint64(nv,
835 ZPOOL_CONFIG_NPARITY,
836 &rep.zprl_parity) == 0);
837 assert(rep.zprl_parity != 0);
843 * The 'dontreport' variable indicates that we've
844 * already reported an error for this spec, so don't
845 * bother doing it again.
850 for (c = 0; c < children; c++) {
851 nvlist_t *cnv = child[c];
853 struct stat64 statbuf;
854 uint64_t size = -1ULL;
860 verify(nvlist_lookup_string(cnv,
861 ZPOOL_CONFIG_TYPE, &childtype) == 0);
864 * If this is a replacing or spare vdev, then
865 * get the real first child of the vdev: do this
866 * in a loop because replacing and spare vdevs
869 while (strcmp(childtype,
870 VDEV_TYPE_REPLACING) == 0 ||
871 strcmp(childtype, VDEV_TYPE_SPARE) == 0) {
875 verify(nvlist_lookup_nvlist_array(cnv,
876 ZPOOL_CONFIG_CHILDREN, &rchild,
878 assert(rchildren == 2);
881 verify(nvlist_lookup_string(cnv,
886 verify(nvlist_lookup_string(cnv,
887 ZPOOL_CONFIG_PATH, &path) == 0);
890 * If we have a raidz/mirror that combines disks
891 * with files, report it as an error.
893 if (!dontreport && type != NULL &&
894 strcmp(type, childtype) != 0) {
900 "mismatched replication "
901 "level: %s contains both "
902 "files and devices\n"),
910 * According to stat(2), the value of 'st_size'
911 * is undefined for block devices and character
912 * devices. But there is no effective way to
913 * determine the real size in userland.
915 * Instead, we'll take advantage of an
916 * implementation detail of spec_size(). If the
917 * device is currently open, then we (should)
918 * return a valid size.
920 * If we still don't get a valid size (indicated
921 * by a size of 0 or MAXOFFSET_T), then ignore
922 * this device altogether.
924 if ((fd = open(path, O_RDONLY)) >= 0) {
925 err = fstat64_blk(fd, &statbuf);
928 err = stat64(path, &statbuf);
932 statbuf.st_size == 0 ||
933 statbuf.st_size == MAXOFFSET_T)
936 size = statbuf.st_size;
939 * Also make sure that devices and
940 * slices have a consistent size. If
941 * they differ by a significant amount
942 * (~16MB) then report an error.
945 (vdev_size != -1ULL &&
946 (labs(size - vdev_size) >
953 "%s contains devices of "
954 "different sizes\n"),
967 * At this point, we have the replication of the last toplevel
968 * vdev in 'rep'. Compare it to 'lastrep' to see if its
971 if (lastrep.zprl_type != NULL) {
972 if (is_raidz_mirror(&lastrep, &rep, &raidz, &mirror) ||
973 is_raidz_mirror(&rep, &lastrep, &raidz, &mirror)) {
975 * Accepted raidz and mirror when they can
976 * handle the same number of disk failures.
978 if (raidz->zprl_parity !=
979 mirror->zprl_children - 1) {
985 "mismatched replication "
987 "%s and %s vdevs with "
988 "different redundancy, "
989 "%llu vs. %llu (%llu-way) "
994 mirror->zprl_children - 1,
995 mirror->zprl_children);
999 } else if (strcmp(lastrep.zprl_type, rep.zprl_type) !=
1006 "mismatched replication level: "
1007 "both %s and %s vdevs are "
1009 lastrep.zprl_type, rep.zprl_type);
1012 } else if (lastrep.zprl_parity != rep.zprl_parity) {
1018 "mismatched replication level: "
1019 "both %llu and %llu device parity "
1020 "%s vdevs are present\n"),
1021 lastrep.zprl_parity,
1026 } else if (lastrep.zprl_children != rep.zprl_children) {
1032 "mismatched replication level: "
1033 "both %llu-way and %llu-way %s "
1034 "vdevs are present\n"),
1035 lastrep.zprl_children,
1052 * Check the replication level of the vdev spec against the current pool. Calls
1053 * get_replication() to make sure the new spec is self-consistent. If the pool
1054 * has a consistent replication level, then we ignore any errors. Otherwise,
1055 * report any difference between the two.
1058 check_replication(nvlist_t *config, nvlist_t *newroot)
1062 replication_level_t *current = NULL, *new;
1063 replication_level_t *raidz, *mirror;
1067 * If we have a current pool configuration, check to see if it's
1068 * self-consistent. If not, simply return success.
1070 if (config != NULL) {
1073 verify(nvlist_lookup_nvlist(config, ZPOOL_CONFIG_VDEV_TREE,
1075 if ((current = get_replication(nvroot, B_FALSE)) == NULL)
1079 * for spares there may be no children, and therefore no
1080 * replication level to check
1082 if ((nvlist_lookup_nvlist_array(newroot, ZPOOL_CONFIG_CHILDREN,
1083 &child, &children) != 0) || (children == 0)) {
1089 * If all we have is logs then there's no replication level to check.
1091 if (num_logs(newroot) == children) {
1097 * Get the replication level of the new vdev spec, reporting any
1098 * inconsistencies found.
1100 if ((new = get_replication(newroot, B_TRUE)) == NULL) {
1106 * Check to see if the new vdev spec matches the replication level of
1110 if (current != NULL) {
1111 if (is_raidz_mirror(current, new, &raidz, &mirror) ||
1112 is_raidz_mirror(new, current, &raidz, &mirror)) {
1113 if (raidz->zprl_parity != mirror->zprl_children - 1) {
1115 "mismatched replication level: pool and "
1116 "new vdev with different redundancy, %s "
1117 "and %s vdevs, %llu vs. %llu (%llu-way)\n"),
1121 mirror->zprl_children - 1,
1122 mirror->zprl_children);
1125 } else if (strcmp(current->zprl_type, new->zprl_type) != 0) {
1127 "mismatched replication level: pool uses %s "
1128 "and new vdev is %s\n"),
1129 current->zprl_type, new->zprl_type);
1131 } else if (current->zprl_parity != new->zprl_parity) {
1133 "mismatched replication level: pool uses %llu "
1134 "device parity and new vdev uses %llu\n"),
1135 current->zprl_parity, new->zprl_parity);
1137 } else if (current->zprl_children != new->zprl_children) {
1139 "mismatched replication level: pool uses %llu-way "
1140 "%s and new vdev uses %llu-way %s\n"),
1141 current->zprl_children, current->zprl_type,
1142 new->zprl_children, new->zprl_type);
1148 if (current != NULL)
1155 zero_label(char *path)
1157 const int size = 4096;
1161 if ((fd = open(path, O_WRONLY|O_EXCL)) < 0) {
1162 (void) fprintf(stderr, gettext("cannot open '%s': %s\n"),
1163 path, strerror(errno));
1167 memset(buf, 0, size);
1168 err = write(fd, buf, size);
1169 (void) fdatasync(fd);
1173 (void) fprintf(stderr, gettext("cannot zero first %d bytes "
1174 "of '%s': %s\n"), size, path, strerror(errno));
1179 (void) fprintf(stderr, gettext("could only zero %d/%d bytes "
1180 "of '%s'\n"), err, size, path);
1188 * Go through and find any whole disks in the vdev specification, labelling them
1189 * as appropriate. When constructing the vdev spec, we were unable to open this
1190 * device in order to provide a devid. Now that we have labelled the disk and
1191 * know that slice 0 is valid, we can construct the devid now.
1193 * If the disk was already labeled with an EFI label, we will have gotten the
1194 * devid already (because we were able to open the whole disk). Otherwise, we
1195 * need to get the devid after we label the disk.
1198 make_disks(zpool_handle_t *zhp, nvlist_t *nv)
1203 char devpath[MAXPATHLEN];
1204 char udevpath[MAXPATHLEN];
1206 struct stat64 statbuf;
1207 int is_exclusive = 0;
1211 verify(nvlist_lookup_string(nv, ZPOOL_CONFIG_TYPE, &type) == 0);
1213 if (nvlist_lookup_nvlist_array(nv, ZPOOL_CONFIG_CHILDREN,
1214 &child, &children) != 0) {
1216 if (strcmp(type, VDEV_TYPE_DISK) != 0)
1220 * We have a disk device. If this is a whole disk write
1221 * out the efi partition table, otherwise write zero's to
1222 * the first 4k of the partition. This is to ensure that
1223 * libblkid will not misidentify the partition due to a
1224 * magic value left by the previous filesystem.
1226 verify(!nvlist_lookup_string(nv, ZPOOL_CONFIG_PATH, &path));
1227 verify(!nvlist_lookup_uint64(nv, ZPOOL_CONFIG_WHOLE_DISK,
1232 * Update device id string for mpath nodes (Linux only)
1234 if (is_mpath_whole_disk(path))
1235 update_vdev_config_dev_strs(nv);
1237 if (!is_spare(NULL, path))
1238 (void) zero_label(path);
1242 if (realpath(path, devpath) == NULL) {
1244 (void) fprintf(stderr,
1245 gettext("cannot resolve path '%s'\n"), path);
1250 * Remove any previously existing symlink from a udev path to
1251 * the device before labeling the disk. This ensures that
1252 * only newly created links are used. Otherwise there is a
1253 * window between when udev deletes and recreates the link
1254 * during which access attempts will fail with ENOENT.
1256 strlcpy(udevpath, path, MAXPATHLEN);
1257 (void) zfs_append_partition(udevpath, MAXPATHLEN);
1259 fd = open(devpath, O_RDWR|O_EXCL);
1268 * If the partition exists, contains a valid spare label,
1269 * and is opened exclusively there is no need to partition
1270 * it. Hot spares have already been partitioned and are
1271 * held open exclusively by the kernel as a safety measure.
1273 * If the provided path is for a /dev/disk/ device its
1274 * symbolic link will be removed, partition table created,
1275 * and then block until udev creates the new link.
1277 if (!is_exclusive || !is_spare(NULL, udevpath)) {
1278 char *devnode = strrchr(devpath, '/') + 1;
1280 ret = strncmp(udevpath, UDISK_ROOT, strlen(UDISK_ROOT));
1282 ret = lstat64(udevpath, &statbuf);
1283 if (ret == 0 && S_ISLNK(statbuf.st_mode))
1284 (void) unlink(udevpath);
1288 * When labeling a pool the raw device node name
1289 * is provided as it appears under /dev/.
1291 if (zpool_label_disk(g_zfs, zhp, devnode) == -1)
1295 * Wait for udev to signal the device is available
1296 * by the provided path.
1298 ret = zpool_label_disk_wait(udevpath, DISK_LABEL_WAIT);
1300 (void) fprintf(stderr,
1301 gettext("missing link: %s was "
1302 "partitioned but %s is missing\n"),
1307 ret = zero_label(udevpath);
1313 * Update the path to refer to the partition. The presence of
1314 * the 'whole_disk' field indicates to the CLI that we should
1315 * chop off the partition number when displaying the device in
1318 verify(nvlist_add_string(nv, ZPOOL_CONFIG_PATH, udevpath) == 0);
1321 * Update device id strings for whole disks (Linux only)
1323 update_vdev_config_dev_strs(nv);
1328 for (c = 0; c < children; c++)
1329 if ((ret = make_disks(zhp, child[c])) != 0)
1332 if (nvlist_lookup_nvlist_array(nv, ZPOOL_CONFIG_SPARES,
1333 &child, &children) == 0)
1334 for (c = 0; c < children; c++)
1335 if ((ret = make_disks(zhp, child[c])) != 0)
1338 if (nvlist_lookup_nvlist_array(nv, ZPOOL_CONFIG_L2CACHE,
1339 &child, &children) == 0)
1340 for (c = 0; c < children; c++)
1341 if ((ret = make_disks(zhp, child[c])) != 0)
1348 * Go through and find any devices that are in use. We rely on libdiskmgt for
1349 * the majority of this task.
1352 is_device_in_use(nvlist_t *config, nvlist_t *nv, boolean_t force,
1353 boolean_t replacing, boolean_t isspare)
1359 char buf[MAXPATHLEN];
1360 uint64_t wholedisk = B_FALSE;
1361 boolean_t anyinuse = B_FALSE;
1363 verify(nvlist_lookup_string(nv, ZPOOL_CONFIG_TYPE, &type) == 0);
1365 if (nvlist_lookup_nvlist_array(nv, ZPOOL_CONFIG_CHILDREN,
1366 &child, &children) != 0) {
1368 verify(!nvlist_lookup_string(nv, ZPOOL_CONFIG_PATH, &path));
1369 if (strcmp(type, VDEV_TYPE_DISK) == 0)
1370 verify(!nvlist_lookup_uint64(nv,
1371 ZPOOL_CONFIG_WHOLE_DISK, &wholedisk));
1374 * As a generic check, we look to see if this is a replace of a
1375 * hot spare within the same pool. If so, we allow it
1376 * regardless of what libblkid or zpool_in_use() says.
1379 (void) strlcpy(buf, path, sizeof (buf));
1381 ret = zfs_append_partition(buf, sizeof (buf));
1386 if (is_spare(config, buf))
1390 if (strcmp(type, VDEV_TYPE_DISK) == 0)
1391 ret = check_device(path, force, isspare, wholedisk);
1393 else if (strcmp(type, VDEV_TYPE_FILE) == 0)
1394 ret = check_file(path, force, isspare);
1399 for (c = 0; c < children; c++)
1400 if (is_device_in_use(config, child[c], force, replacing,
1404 if (nvlist_lookup_nvlist_array(nv, ZPOOL_CONFIG_SPARES,
1405 &child, &children) == 0)
1406 for (c = 0; c < children; c++)
1407 if (is_device_in_use(config, child[c], force, replacing,
1411 if (nvlist_lookup_nvlist_array(nv, ZPOOL_CONFIG_L2CACHE,
1412 &child, &children) == 0)
1413 for (c = 0; c < children; c++)
1414 if (is_device_in_use(config, child[c], force, replacing,
1422 is_grouping(const char *type, int *mindev, int *maxdev)
1424 if (strncmp(type, "raidz", 5) == 0) {
1425 const char *p = type + 5;
1431 } else if (*p == '0') {
1432 return (NULL); /* no zero prefixes allowed */
1435 nparity = strtol(p, &end, 10);
1436 if (errno != 0 || nparity < 1 || nparity >= 255 ||
1442 *mindev = nparity + 1;
1445 return (VDEV_TYPE_RAIDZ);
1451 if (strcmp(type, "mirror") == 0) {
1454 return (VDEV_TYPE_MIRROR);
1457 if (strcmp(type, "spare") == 0) {
1460 return (VDEV_TYPE_SPARE);
1463 if (strcmp(type, "log") == 0) {
1466 return (VDEV_TYPE_LOG);
1469 if (strcmp(type, "cache") == 0) {
1472 return (VDEV_TYPE_L2CACHE);
1479 * Construct a syntactically valid vdev specification,
1480 * and ensure that all devices and files exist and can be opened.
1481 * Note: we don't bother freeing anything in the error paths
1482 * because the program is just going to exit anyway.
1485 construct_spec(nvlist_t *props, int argc, char **argv)
1487 nvlist_t *nvroot, *nv, **top, **spares, **l2cache;
1488 int t, toplevels, mindev, maxdev, nspares, nlogs, nl2cache;
1491 boolean_t seen_logs;
1501 seen_logs = B_FALSE;
1508 * If it's a mirror or raidz, the subsequent arguments are
1509 * its leaves -- until we encounter the next mirror or raidz.
1511 if ((type = is_grouping(argv[0], &mindev, &maxdev)) != NULL) {
1512 nvlist_t **child = NULL;
1513 int c, children = 0;
1515 if (strcmp(type, VDEV_TYPE_SPARE) == 0) {
1516 if (spares != NULL) {
1517 (void) fprintf(stderr,
1518 gettext("invalid vdev "
1519 "specification: 'spare' can be "
1520 "specified only once\n"));
1526 if (strcmp(type, VDEV_TYPE_LOG) == 0) {
1528 (void) fprintf(stderr,
1529 gettext("invalid vdev "
1530 "specification: 'log' can be "
1531 "specified only once\n"));
1539 * A log is not a real grouping device.
1540 * We just set is_log and continue.
1545 if (strcmp(type, VDEV_TYPE_L2CACHE) == 0) {
1546 if (l2cache != NULL) {
1547 (void) fprintf(stderr,
1548 gettext("invalid vdev "
1549 "specification: 'cache' can be "
1550 "specified only once\n"));
1557 if (strcmp(type, VDEV_TYPE_MIRROR) != 0) {
1558 (void) fprintf(stderr,
1559 gettext("invalid vdev "
1560 "specification: unsupported 'log' "
1561 "device: %s\n"), type);
1567 for (c = 1; c < argc; c++) {
1568 if (is_grouping(argv[c], NULL, NULL) != NULL)
1571 child = realloc(child,
1572 children * sizeof (nvlist_t *));
1575 if ((nv = make_leaf_vdev(props, argv[c],
1576 B_FALSE)) == NULL) {
1577 for (c = 0; c < children - 1; c++)
1578 nvlist_free(child[c]);
1583 child[children - 1] = nv;
1586 if (children < mindev) {
1587 (void) fprintf(stderr, gettext("invalid vdev "
1588 "specification: %s requires at least %d "
1589 "devices\n"), argv[0], mindev);
1590 for (c = 0; c < children; c++)
1591 nvlist_free(child[c]);
1596 if (children > maxdev) {
1597 (void) fprintf(stderr, gettext("invalid vdev "
1598 "specification: %s supports no more than "
1599 "%d devices\n"), argv[0], maxdev);
1600 for (c = 0; c < children; c++)
1601 nvlist_free(child[c]);
1609 if (strcmp(type, VDEV_TYPE_SPARE) == 0) {
1613 } else if (strcmp(type, VDEV_TYPE_L2CACHE) == 0) {
1615 nl2cache = children;
1618 verify(nvlist_alloc(&nv, NV_UNIQUE_NAME,
1620 verify(nvlist_add_string(nv, ZPOOL_CONFIG_TYPE,
1622 verify(nvlist_add_uint64(nv,
1623 ZPOOL_CONFIG_IS_LOG, is_log) == 0);
1624 if (strcmp(type, VDEV_TYPE_RAIDZ) == 0) {
1625 verify(nvlist_add_uint64(nv,
1626 ZPOOL_CONFIG_NPARITY,
1629 verify(nvlist_add_nvlist_array(nv,
1630 ZPOOL_CONFIG_CHILDREN, child,
1633 for (c = 0; c < children; c++)
1634 nvlist_free(child[c]);
1639 * We have a device. Pass off to make_leaf_vdev() to
1640 * construct the appropriate nvlist describing the vdev.
1642 if ((nv = make_leaf_vdev(props, argv[0],
1653 top = realloc(top, toplevels * sizeof (nvlist_t *));
1656 top[toplevels - 1] = nv;
1659 if (toplevels == 0 && nspares == 0 && nl2cache == 0) {
1660 (void) fprintf(stderr, gettext("invalid vdev "
1661 "specification: at least one toplevel vdev must be "
1666 if (seen_logs && nlogs == 0) {
1667 (void) fprintf(stderr, gettext("invalid vdev specification: "
1668 "log requires at least 1 device\n"));
1673 * Finally, create nvroot and add all top-level vdevs to it.
1675 verify(nvlist_alloc(&nvroot, NV_UNIQUE_NAME, 0) == 0);
1676 verify(nvlist_add_string(nvroot, ZPOOL_CONFIG_TYPE,
1677 VDEV_TYPE_ROOT) == 0);
1678 verify(nvlist_add_nvlist_array(nvroot, ZPOOL_CONFIG_CHILDREN,
1679 top, toplevels) == 0);
1681 verify(nvlist_add_nvlist_array(nvroot, ZPOOL_CONFIG_SPARES,
1682 spares, nspares) == 0);
1684 verify(nvlist_add_nvlist_array(nvroot, ZPOOL_CONFIG_L2CACHE,
1685 l2cache, nl2cache) == 0);
1688 for (t = 0; t < toplevels; t++)
1689 nvlist_free(top[t]);
1690 for (t = 0; t < nspares; t++)
1691 nvlist_free(spares[t]);
1692 for (t = 0; t < nl2cache; t++)
1693 nvlist_free(l2cache[t]);
1703 split_mirror_vdev(zpool_handle_t *zhp, char *newname, nvlist_t *props,
1704 splitflags_t flags, int argc, char **argv)
1706 nvlist_t *newroot = NULL, **child;
1710 if ((newroot = construct_spec(props, argc, argv)) == NULL) {
1711 (void) fprintf(stderr, gettext("Unable to build a "
1712 "pool from the specified devices\n"));
1716 if (!flags.dryrun && make_disks(zhp, newroot) != 0) {
1717 nvlist_free(newroot);
1721 /* avoid any tricks in the spec */
1722 verify(nvlist_lookup_nvlist_array(newroot,
1723 ZPOOL_CONFIG_CHILDREN, &child, &children) == 0);
1724 for (c = 0; c < children; c++) {
1729 verify(nvlist_lookup_string(child[c],
1730 ZPOOL_CONFIG_PATH, &path) == 0);
1731 if ((type = is_grouping(path, &min, &max)) != NULL) {
1732 (void) fprintf(stderr, gettext("Cannot use "
1733 "'%s' as a device for splitting\n"), type);
1734 nvlist_free(newroot);
1740 if (zpool_vdev_split(zhp, newname, &newroot, props, flags) != 0) {
1741 nvlist_free(newroot);
1749 * Get and validate the contents of the given vdev specification. This ensures
1750 * that the nvlist returned is well-formed, that all the devices exist, and that
1751 * they are not currently in use by any other known consumer. The 'poolconfig'
1752 * parameter is the current configuration of the pool when adding devices
1753 * existing pool, and is used to perform additional checks, such as changing the
1754 * replication level of the pool. It can be 'NULL' to indicate that this is a
1755 * new pool. The 'force' flag controls whether devices should be forcefully
1756 * added, even if they appear in use.
1759 make_root_vdev(zpool_handle_t *zhp, nvlist_t *props, int force, int check_rep,
1760 boolean_t replacing, boolean_t dryrun, int argc, char **argv)
1763 nvlist_t *poolconfig = NULL;
1767 * Construct the vdev specification. If this is successful, we know
1768 * that we have a valid specification, and that all devices can be
1771 if ((newroot = construct_spec(props, argc, argv)) == NULL)
1774 if (zhp && ((poolconfig = zpool_get_config(zhp, NULL)) == NULL)) {
1775 nvlist_free(newroot);
1780 * Validate each device to make sure that its not shared with another
1781 * subsystem. We do this even if 'force' is set, because there are some
1782 * uses (such as a dedicated dump device) that even '-f' cannot
1785 if (is_device_in_use(poolconfig, newroot, force, replacing, B_FALSE)) {
1786 nvlist_free(newroot);
1791 * Check the replication level of the given vdevs and report any errors
1792 * found. We include the existing pool spec, if any, as we need to
1793 * catch changes against the existing replication level.
1795 if (check_rep && check_replication(poolconfig, newroot) != 0) {
1796 nvlist_free(newroot);
1801 * Run through the vdev specification and label any whole disks found.
1803 if (!dryrun && make_disks(zhp, newroot) != 0) {
1804 nvlist_free(newroot);
projects / FreeBSD / FreeBSD.git / blob