4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
23 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Copyright (c) 2011, 2018 by Delphix. All rights reserved.
25 * Copyright (c) 2015, Nexenta Systems, Inc. All rights reserved.
26 * Copyright (c) 2013 Martin Matuska <mm@FreeBSD.org>. All rights reserved.
27 * Copyright (c) 2014 Spectra Logic Corporation, All rights reserved.
28 * Copyright 2013 Saso Kiselkov. All rights reserved.
29 * Copyright (c) 2014 Integros [integros.com]
30 * Copyright 2016 Toomas Soome <tsoome@me.com>
31 * Copyright 2018 Joyent, Inc.
32 * Copyright (c) 2017 Datto Inc.
33 * Copyright 2018 OmniOS Community Edition (OmniOSce) Association.
37 * SPA: Storage Pool Allocator
39 * This file contains all the routines used when modifying on-disk SPA state.
40 * This includes opening, importing, destroying, exporting a pool, and syncing a
44 #include <sys/zfs_context.h>
45 #include <sys/fm/fs/zfs.h>
46 #include <sys/spa_impl.h>
48 #include <sys/zio_checksum.h>
50 #include <sys/dmu_tx.h>
54 #include <sys/vdev_impl.h>
55 #include <sys/vdev_removal.h>
56 #include <sys/vdev_indirect_mapping.h>
57 #include <sys/vdev_indirect_births.h>
58 #include <sys/vdev_initialize.h>
59 #include <sys/metaslab.h>
60 #include <sys/metaslab_impl.h>
61 #include <sys/uberblock_impl.h>
64 #include <sys/bpobj.h>
65 #include <sys/dmu_traverse.h>
66 #include <sys/dmu_objset.h>
67 #include <sys/unique.h>
68 #include <sys/dsl_pool.h>
69 #include <sys/dsl_dataset.h>
70 #include <sys/dsl_dir.h>
71 #include <sys/dsl_prop.h>
72 #include <sys/dsl_synctask.h>
73 #include <sys/fs/zfs.h>
75 #include <sys/callb.h>
76 #include <sys/spa_boot.h>
77 #include <sys/zfs_ioctl.h>
78 #include <sys/dsl_scan.h>
79 #include <sys/dmu_send.h>
80 #include <sys/dsl_destroy.h>
81 #include <sys/dsl_userhold.h>
82 #include <sys/zfeature.h>
84 #include <sys/trim_map.h>
88 #include <sys/callb.h>
89 #include <sys/cpupart.h>
94 #include "zfs_comutil.h"
96 /* Check hostid on import? */
97 static int check_hostid = 1;
100 * The interval, in seconds, at which failed configuration cache file writes
103 int zfs_ccw_retry_interval = 300;
105 SYSCTL_DECL(_vfs_zfs);
106 SYSCTL_INT(_vfs_zfs, OID_AUTO, check_hostid, CTLFLAG_RWTUN, &check_hostid, 0,
107 "Check hostid on import?");
108 TUNABLE_INT("vfs.zfs.ccw_retry_interval", &zfs_ccw_retry_interval);
109 SYSCTL_INT(_vfs_zfs, OID_AUTO, ccw_retry_interval, CTLFLAG_RW,
110 &zfs_ccw_retry_interval, 0,
111 "Configuration cache file write, retry after failure, interval (seconds)");
113 typedef enum zti_modes {
114 ZTI_MODE_FIXED, /* value is # of threads (min 1) */
115 ZTI_MODE_BATCH, /* cpu-intensive; value is ignored */
116 ZTI_MODE_NULL, /* don't create a taskq */
120 #define ZTI_P(n, q) { ZTI_MODE_FIXED, (n), (q) }
121 #define ZTI_BATCH { ZTI_MODE_BATCH, 0, 1 }
122 #define ZTI_NULL { ZTI_MODE_NULL, 0, 0 }
124 #define ZTI_N(n) ZTI_P(n, 1)
125 #define ZTI_ONE ZTI_N(1)
127 typedef struct zio_taskq_info {
128 zti_modes_t zti_mode;
133 static const char *const zio_taskq_types[ZIO_TASKQ_TYPES] = {
134 "issue", "issue_high", "intr", "intr_high"
138 * This table defines the taskq settings for each ZFS I/O type. When
139 * initializing a pool, we use this table to create an appropriately sized
140 * taskq. Some operations are low volume and therefore have a small, static
141 * number of threads assigned to their taskqs using the ZTI_N(#) or ZTI_ONE
142 * macros. Other operations process a large amount of data; the ZTI_BATCH
143 * macro causes us to create a taskq oriented for throughput. Some operations
144 * are so high frequency and short-lived that the taskq itself can become a a
145 * point of lock contention. The ZTI_P(#, #) macro indicates that we need an
146 * additional degree of parallelism specified by the number of threads per-
147 * taskq and the number of taskqs; when dispatching an event in this case, the
148 * particular taskq is chosen at random.
150 * The different taskq priorities are to handle the different contexts (issue
151 * and interrupt) and then to reserve threads for ZIO_PRIORITY_NOW I/Os that
152 * need to be handled with minimum delay.
154 const zio_taskq_info_t zio_taskqs[ZIO_TYPES][ZIO_TASKQ_TYPES] = {
155 /* ISSUE ISSUE_HIGH INTR INTR_HIGH */
156 { ZTI_ONE, ZTI_NULL, ZTI_ONE, ZTI_NULL }, /* NULL */
157 { ZTI_N(8), ZTI_NULL, ZTI_P(12, 8), ZTI_NULL }, /* READ */
158 { ZTI_BATCH, ZTI_N(5), ZTI_N(8), ZTI_N(5) }, /* WRITE */
159 { ZTI_P(12, 8), ZTI_NULL, ZTI_ONE, ZTI_NULL }, /* FREE */
160 { ZTI_ONE, ZTI_NULL, ZTI_ONE, ZTI_NULL }, /* CLAIM */
161 { ZTI_ONE, ZTI_NULL, ZTI_ONE, ZTI_NULL }, /* IOCTL */
164 static void spa_sync_version(void *arg, dmu_tx_t *tx);
165 static void spa_sync_props(void *arg, dmu_tx_t *tx);
166 static boolean_t spa_has_active_shared_spare(spa_t *spa);
167 static int spa_load_impl(spa_t *spa, spa_import_type_t type, char **ereport);
168 static void spa_vdev_resilver_done(spa_t *spa);
170 uint_t zio_taskq_batch_pct = 75; /* 1 thread per cpu in pset */
172 id_t zio_taskq_psrset_bind = PS_NONE;
175 boolean_t zio_taskq_sysdc = B_TRUE; /* use SDC scheduling class */
176 uint_t zio_taskq_basedc = 80; /* base duty cycle */
182 boolean_t spa_create_process = B_TRUE; /* no process ==> no sysdc */
184 extern int zfs_sync_pass_deferred_free;
187 * Report any spa_load_verify errors found, but do not fail spa_load.
188 * This is used by zdb to analyze non-idle pools.
190 boolean_t spa_load_verify_dryrun = B_FALSE;
193 * This (illegal) pool name is used when temporarily importing a spa_t in order
194 * to get the vdev stats associated with the imported devices.
196 #define TRYIMPORT_NAME "$import"
199 * For debugging purposes: print out vdev tree during pool import.
201 int spa_load_print_vdev_tree = B_FALSE;
204 * A non-zero value for zfs_max_missing_tvds means that we allow importing
205 * pools with missing top-level vdevs. This is strictly intended for advanced
206 * pool recovery cases since missing data is almost inevitable. Pools with
207 * missing devices can only be imported read-only for safety reasons, and their
208 * fail-mode will be automatically set to "continue".
210 * With 1 missing vdev we should be able to import the pool and mount all
211 * datasets. User data that was not modified after the missing device has been
212 * added should be recoverable. This means that snapshots created prior to the
213 * addition of that device should be completely intact.
215 * With 2 missing vdevs, some datasets may fail to mount since there are
216 * dataset statistics that are stored as regular metadata. Some data might be
217 * recoverable if those vdevs were added recently.
219 * With 3 or more missing vdevs, the pool is severely damaged and MOS entries
220 * may be missing entirely. Chances of data recovery are very low. Note that
221 * there are also risks of performing an inadvertent rewind as we might be
222 * missing all the vdevs with the latest uberblocks.
224 uint64_t zfs_max_missing_tvds = 0;
227 * The parameters below are similar to zfs_max_missing_tvds but are only
228 * intended for a preliminary open of the pool with an untrusted config which
229 * might be incomplete or out-dated.
231 * We are more tolerant for pools opened from a cachefile since we could have
232 * an out-dated cachefile where a device removal was not registered.
233 * We could have set the limit arbitrarily high but in the case where devices
234 * are really missing we would want to return the proper error codes; we chose
235 * SPA_DVAS_PER_BP - 1 so that some copies of the MOS would still be available
236 * and we get a chance to retrieve the trusted config.
238 uint64_t zfs_max_missing_tvds_cachefile = SPA_DVAS_PER_BP - 1;
241 * In the case where config was assembled by scanning device paths (/dev/dsks
242 * by default) we are less tolerant since all the existing devices should have
243 * been detected and we want spa_load to return the right error codes.
245 uint64_t zfs_max_missing_tvds_scan = 0;
248 SYSCTL_DECL(_vfs_zfs_zio);
249 SYSCTL_INT(_vfs_zfs_zio, OID_AUTO, taskq_batch_pct, CTLFLAG_RDTUN,
250 &zio_taskq_batch_pct, 0,
251 "Percentage of CPUs to run an IO worker thread");
252 SYSCTL_INT(_vfs_zfs, OID_AUTO, spa_load_print_vdev_tree, CTLFLAG_RWTUN,
253 &spa_load_print_vdev_tree, 0,
254 "print out vdev tree during pool import");
255 SYSCTL_UQUAD(_vfs_zfs, OID_AUTO, max_missing_tvds, CTLFLAG_RWTUN,
256 &zfs_max_missing_tvds, 0,
257 "allow importing pools with missing top-level vdevs");
258 SYSCTL_UQUAD(_vfs_zfs, OID_AUTO, max_missing_tvds_cachefile, CTLFLAG_RWTUN,
259 &zfs_max_missing_tvds_cachefile, 0,
260 "allow importing pools with missing top-level vdevs in cache file");
261 SYSCTL_UQUAD(_vfs_zfs, OID_AUTO, max_missing_tvds_scan, CTLFLAG_RWTUN,
262 &zfs_max_missing_tvds_scan, 0,
263 "allow importing pools with missing top-level vdevs during scan");
266 * Debugging aid that pauses spa_sync() towards the end.
268 boolean_t zfs_pause_spa_sync = B_FALSE;
271 * ==========================================================================
272 * SPA properties routines
273 * ==========================================================================
277 * Add a (source=src, propname=propval) list to an nvlist.
280 spa_prop_add_list(nvlist_t *nvl, zpool_prop_t prop, char *strval,
281 uint64_t intval, zprop_source_t src)
283 const char *propname = zpool_prop_to_name(prop);
286 VERIFY(nvlist_alloc(&propval, NV_UNIQUE_NAME, KM_SLEEP) == 0);
287 VERIFY(nvlist_add_uint64(propval, ZPROP_SOURCE, src) == 0);
290 VERIFY(nvlist_add_string(propval, ZPROP_VALUE, strval) == 0);
292 VERIFY(nvlist_add_uint64(propval, ZPROP_VALUE, intval) == 0);
294 VERIFY(nvlist_add_nvlist(nvl, propname, propval) == 0);
295 nvlist_free(propval);
299 * Get property values from the spa configuration.
302 spa_prop_get_config(spa_t *spa, nvlist_t **nvp)
304 vdev_t *rvd = spa->spa_root_vdev;
305 dsl_pool_t *pool = spa->spa_dsl_pool;
306 uint64_t size, alloc, cap, version;
307 zprop_source_t src = ZPROP_SRC_NONE;
308 spa_config_dirent_t *dp;
309 metaslab_class_t *mc = spa_normal_class(spa);
311 ASSERT(MUTEX_HELD(&spa->spa_props_lock));
314 alloc = metaslab_class_get_alloc(spa_normal_class(spa));
315 size = metaslab_class_get_space(spa_normal_class(spa));
316 spa_prop_add_list(*nvp, ZPOOL_PROP_NAME, spa_name(spa), 0, src);
317 spa_prop_add_list(*nvp, ZPOOL_PROP_SIZE, NULL, size, src);
318 spa_prop_add_list(*nvp, ZPOOL_PROP_ALLOCATED, NULL, alloc, src);
319 spa_prop_add_list(*nvp, ZPOOL_PROP_FREE, NULL,
321 spa_prop_add_list(*nvp, ZPOOL_PROP_CHECKPOINT, NULL,
322 spa->spa_checkpoint_info.sci_dspace, src);
324 spa_prop_add_list(*nvp, ZPOOL_PROP_FRAGMENTATION, NULL,
325 metaslab_class_fragmentation(mc), src);
326 spa_prop_add_list(*nvp, ZPOOL_PROP_EXPANDSZ, NULL,
327 metaslab_class_expandable_space(mc), src);
328 spa_prop_add_list(*nvp, ZPOOL_PROP_READONLY, NULL,
329 (spa_mode(spa) == FREAD), src);
331 cap = (size == 0) ? 0 : (alloc * 100 / size);
332 spa_prop_add_list(*nvp, ZPOOL_PROP_CAPACITY, NULL, cap, src);
334 spa_prop_add_list(*nvp, ZPOOL_PROP_DEDUPRATIO, NULL,
335 ddt_get_pool_dedup_ratio(spa), src);
337 spa_prop_add_list(*nvp, ZPOOL_PROP_HEALTH, NULL,
338 rvd->vdev_state, src);
340 version = spa_version(spa);
341 if (version == zpool_prop_default_numeric(ZPOOL_PROP_VERSION))
342 src = ZPROP_SRC_DEFAULT;
344 src = ZPROP_SRC_LOCAL;
345 spa_prop_add_list(*nvp, ZPOOL_PROP_VERSION, NULL, version, src);
350 * The $FREE directory was introduced in SPA_VERSION_DEADLISTS,
351 * when opening pools before this version freedir will be NULL.
353 if (pool->dp_free_dir != NULL) {
354 spa_prop_add_list(*nvp, ZPOOL_PROP_FREEING, NULL,
355 dsl_dir_phys(pool->dp_free_dir)->dd_used_bytes,
358 spa_prop_add_list(*nvp, ZPOOL_PROP_FREEING,
362 if (pool->dp_leak_dir != NULL) {
363 spa_prop_add_list(*nvp, ZPOOL_PROP_LEAKED, NULL,
364 dsl_dir_phys(pool->dp_leak_dir)->dd_used_bytes,
367 spa_prop_add_list(*nvp, ZPOOL_PROP_LEAKED,
372 spa_prop_add_list(*nvp, ZPOOL_PROP_GUID, NULL, spa_guid(spa), src);
374 if (spa->spa_comment != NULL) {
375 spa_prop_add_list(*nvp, ZPOOL_PROP_COMMENT, spa->spa_comment,
379 if (spa->spa_root != NULL)
380 spa_prop_add_list(*nvp, ZPOOL_PROP_ALTROOT, spa->spa_root,
383 if (spa_feature_is_enabled(spa, SPA_FEATURE_LARGE_BLOCKS)) {
384 spa_prop_add_list(*nvp, ZPOOL_PROP_MAXBLOCKSIZE, NULL,
385 MIN(zfs_max_recordsize, SPA_MAXBLOCKSIZE), ZPROP_SRC_NONE);
387 spa_prop_add_list(*nvp, ZPOOL_PROP_MAXBLOCKSIZE, NULL,
388 SPA_OLD_MAXBLOCKSIZE, ZPROP_SRC_NONE);
391 if (spa_feature_is_enabled(spa, SPA_FEATURE_LARGE_DNODE)) {
392 spa_prop_add_list(*nvp, ZPOOL_PROP_MAXDNODESIZE, NULL,
393 DNODE_MAX_SIZE, ZPROP_SRC_NONE);
395 spa_prop_add_list(*nvp, ZPOOL_PROP_MAXDNODESIZE, NULL,
396 DNODE_MIN_SIZE, ZPROP_SRC_NONE);
399 if ((dp = list_head(&spa->spa_config_list)) != NULL) {
400 if (dp->scd_path == NULL) {
401 spa_prop_add_list(*nvp, ZPOOL_PROP_CACHEFILE,
402 "none", 0, ZPROP_SRC_LOCAL);
403 } else if (strcmp(dp->scd_path, spa_config_path) != 0) {
404 spa_prop_add_list(*nvp, ZPOOL_PROP_CACHEFILE,
405 dp->scd_path, 0, ZPROP_SRC_LOCAL);
411 * Get zpool property values.
414 spa_prop_get(spa_t *spa, nvlist_t **nvp)
416 objset_t *mos = spa->spa_meta_objset;
421 VERIFY(nvlist_alloc(nvp, NV_UNIQUE_NAME, KM_SLEEP) == 0);
423 mutex_enter(&spa->spa_props_lock);
426 * Get properties from the spa config.
428 spa_prop_get_config(spa, nvp);
430 /* If no pool property object, no more prop to get. */
431 if (mos == NULL || spa->spa_pool_props_object == 0) {
432 mutex_exit(&spa->spa_props_lock);
437 * Get properties from the MOS pool property object.
439 for (zap_cursor_init(&zc, mos, spa->spa_pool_props_object);
440 (err = zap_cursor_retrieve(&zc, &za)) == 0;
441 zap_cursor_advance(&zc)) {
444 zprop_source_t src = ZPROP_SRC_DEFAULT;
447 if ((prop = zpool_name_to_prop(za.za_name)) == ZPOOL_PROP_INVAL)
450 switch (za.za_integer_length) {
452 /* integer property */
453 if (za.za_first_integer !=
454 zpool_prop_default_numeric(prop))
455 src = ZPROP_SRC_LOCAL;
457 if (prop == ZPOOL_PROP_BOOTFS) {
459 dsl_dataset_t *ds = NULL;
461 dp = spa_get_dsl(spa);
462 dsl_pool_config_enter(dp, FTAG);
463 err = dsl_dataset_hold_obj(dp,
464 za.za_first_integer, FTAG, &ds);
466 dsl_pool_config_exit(dp, FTAG);
470 strval = kmem_alloc(ZFS_MAX_DATASET_NAME_LEN,
472 dsl_dataset_name(ds, strval);
473 dsl_dataset_rele(ds, FTAG);
474 dsl_pool_config_exit(dp, FTAG);
477 intval = za.za_first_integer;
480 spa_prop_add_list(*nvp, prop, strval, intval, src);
483 kmem_free(strval, ZFS_MAX_DATASET_NAME_LEN);
488 /* string property */
489 strval = kmem_alloc(za.za_num_integers, KM_SLEEP);
490 err = zap_lookup(mos, spa->spa_pool_props_object,
491 za.za_name, 1, za.za_num_integers, strval);
493 kmem_free(strval, za.za_num_integers);
496 spa_prop_add_list(*nvp, prop, strval, 0, src);
497 kmem_free(strval, za.za_num_integers);
504 zap_cursor_fini(&zc);
505 mutex_exit(&spa->spa_props_lock);
507 if (err && err != ENOENT) {
517 * Validate the given pool properties nvlist and modify the list
518 * for the property values to be set.
521 spa_prop_validate(spa_t *spa, nvlist_t *props)
524 int error = 0, reset_bootfs = 0;
526 boolean_t has_feature = B_FALSE;
529 while ((elem = nvlist_next_nvpair(props, elem)) != NULL) {
531 char *strval, *slash, *check, *fname;
532 const char *propname = nvpair_name(elem);
533 zpool_prop_t prop = zpool_name_to_prop(propname);
536 case ZPOOL_PROP_INVAL:
537 if (!zpool_prop_feature(propname)) {
538 error = SET_ERROR(EINVAL);
543 * Sanitize the input.
545 if (nvpair_type(elem) != DATA_TYPE_UINT64) {
546 error = SET_ERROR(EINVAL);
550 if (nvpair_value_uint64(elem, &intval) != 0) {
551 error = SET_ERROR(EINVAL);
556 error = SET_ERROR(EINVAL);
560 fname = strchr(propname, '@') + 1;
561 if (zfeature_lookup_name(fname, NULL) != 0) {
562 error = SET_ERROR(EINVAL);
566 has_feature = B_TRUE;
569 case ZPOOL_PROP_VERSION:
570 error = nvpair_value_uint64(elem, &intval);
572 (intval < spa_version(spa) ||
573 intval > SPA_VERSION_BEFORE_FEATURES ||
575 error = SET_ERROR(EINVAL);
578 case ZPOOL_PROP_DELEGATION:
579 case ZPOOL_PROP_AUTOREPLACE:
580 case ZPOOL_PROP_LISTSNAPS:
581 case ZPOOL_PROP_AUTOEXPAND:
582 error = nvpair_value_uint64(elem, &intval);
583 if (!error && intval > 1)
584 error = SET_ERROR(EINVAL);
587 case ZPOOL_PROP_BOOTFS:
589 * If the pool version is less than SPA_VERSION_BOOTFS,
590 * or the pool is still being created (version == 0),
591 * the bootfs property cannot be set.
593 if (spa_version(spa) < SPA_VERSION_BOOTFS) {
594 error = SET_ERROR(ENOTSUP);
599 * Make sure the vdev config is bootable
601 if (!vdev_is_bootable(spa->spa_root_vdev)) {
602 error = SET_ERROR(ENOTSUP);
608 error = nvpair_value_string(elem, &strval);
614 if (strval == NULL || strval[0] == '\0') {
615 objnum = zpool_prop_default_numeric(
620 error = dmu_objset_hold(strval, FTAG, &os);
625 * Must be ZPL, and its property settings
629 if (dmu_objset_type(os) != DMU_OST_ZFS) {
630 error = SET_ERROR(ENOTSUP);
632 dsl_prop_get_int_ds(dmu_objset_ds(os),
633 zfs_prop_to_name(ZFS_PROP_COMPRESSION),
635 !BOOTFS_COMPRESS_VALID(propval)) {
636 error = SET_ERROR(ENOTSUP);
638 objnum = dmu_objset_id(os);
640 dmu_objset_rele(os, FTAG);
644 case ZPOOL_PROP_FAILUREMODE:
645 error = nvpair_value_uint64(elem, &intval);
646 if (!error && (intval < ZIO_FAILURE_MODE_WAIT ||
647 intval > ZIO_FAILURE_MODE_PANIC))
648 error = SET_ERROR(EINVAL);
651 * This is a special case which only occurs when
652 * the pool has completely failed. This allows
653 * the user to change the in-core failmode property
654 * without syncing it out to disk (I/Os might
655 * currently be blocked). We do this by returning
656 * EIO to the caller (spa_prop_set) to trick it
657 * into thinking we encountered a property validation
660 if (!error && spa_suspended(spa)) {
661 spa->spa_failmode = intval;
662 error = SET_ERROR(EIO);
666 case ZPOOL_PROP_CACHEFILE:
667 if ((error = nvpair_value_string(elem, &strval)) != 0)
670 if (strval[0] == '\0')
673 if (strcmp(strval, "none") == 0)
676 if (strval[0] != '/') {
677 error = SET_ERROR(EINVAL);
681 slash = strrchr(strval, '/');
682 ASSERT(slash != NULL);
684 if (slash[1] == '\0' || strcmp(slash, "/.") == 0 ||
685 strcmp(slash, "/..") == 0)
686 error = SET_ERROR(EINVAL);
689 case ZPOOL_PROP_COMMENT:
690 if ((error = nvpair_value_string(elem, &strval)) != 0)
692 for (check = strval; *check != '\0'; check++) {
694 * The kernel doesn't have an easy isprint()
695 * check. For this kernel check, we merely
696 * check ASCII apart from DEL. Fix this if
697 * there is an easy-to-use kernel isprint().
699 if (*check >= 0x7f) {
700 error = SET_ERROR(EINVAL);
704 if (strlen(strval) > ZPROP_MAX_COMMENT)
708 case ZPOOL_PROP_DEDUPDITTO:
709 if (spa_version(spa) < SPA_VERSION_DEDUP)
710 error = SET_ERROR(ENOTSUP);
712 error = nvpair_value_uint64(elem, &intval);
714 intval != 0 && intval < ZIO_DEDUPDITTO_MIN)
715 error = SET_ERROR(EINVAL);
723 if (!error && reset_bootfs) {
724 error = nvlist_remove(props,
725 zpool_prop_to_name(ZPOOL_PROP_BOOTFS), DATA_TYPE_STRING);
728 error = nvlist_add_uint64(props,
729 zpool_prop_to_name(ZPOOL_PROP_BOOTFS), objnum);
737 spa_configfile_set(spa_t *spa, nvlist_t *nvp, boolean_t need_sync)
740 spa_config_dirent_t *dp;
742 if (nvlist_lookup_string(nvp, zpool_prop_to_name(ZPOOL_PROP_CACHEFILE),
746 dp = kmem_alloc(sizeof (spa_config_dirent_t),
749 if (cachefile[0] == '\0')
750 dp->scd_path = spa_strdup(spa_config_path);
751 else if (strcmp(cachefile, "none") == 0)
754 dp->scd_path = spa_strdup(cachefile);
756 list_insert_head(&spa->spa_config_list, dp);
758 spa_async_request(spa, SPA_ASYNC_CONFIG_UPDATE);
762 spa_prop_set(spa_t *spa, nvlist_t *nvp)
765 nvpair_t *elem = NULL;
766 boolean_t need_sync = B_FALSE;
768 if ((error = spa_prop_validate(spa, nvp)) != 0)
771 while ((elem = nvlist_next_nvpair(nvp, elem)) != NULL) {
772 zpool_prop_t prop = zpool_name_to_prop(nvpair_name(elem));
774 if (prop == ZPOOL_PROP_CACHEFILE ||
775 prop == ZPOOL_PROP_ALTROOT ||
776 prop == ZPOOL_PROP_READONLY)
779 if (prop == ZPOOL_PROP_VERSION || prop == ZPOOL_PROP_INVAL) {
782 if (prop == ZPOOL_PROP_VERSION) {
783 VERIFY(nvpair_value_uint64(elem, &ver) == 0);
785 ASSERT(zpool_prop_feature(nvpair_name(elem)));
786 ver = SPA_VERSION_FEATURES;
790 /* Save time if the version is already set. */
791 if (ver == spa_version(spa))
795 * In addition to the pool directory object, we might
796 * create the pool properties object, the features for
797 * read object, the features for write object, or the
798 * feature descriptions object.
800 error = dsl_sync_task(spa->spa_name, NULL,
801 spa_sync_version, &ver,
802 6, ZFS_SPACE_CHECK_RESERVED);
813 return (dsl_sync_task(spa->spa_name, NULL, spa_sync_props,
814 nvp, 6, ZFS_SPACE_CHECK_RESERVED));
821 * If the bootfs property value is dsobj, clear it.
824 spa_prop_clear_bootfs(spa_t *spa, uint64_t dsobj, dmu_tx_t *tx)
826 if (spa->spa_bootfs == dsobj && spa->spa_pool_props_object != 0) {
827 VERIFY(zap_remove(spa->spa_meta_objset,
828 spa->spa_pool_props_object,
829 zpool_prop_to_name(ZPOOL_PROP_BOOTFS), tx) == 0);
836 spa_change_guid_check(void *arg, dmu_tx_t *tx)
838 uint64_t *newguid = arg;
839 spa_t *spa = dmu_tx_pool(tx)->dp_spa;
840 vdev_t *rvd = spa->spa_root_vdev;
843 if (spa_feature_is_active(spa, SPA_FEATURE_POOL_CHECKPOINT)) {
844 int error = (spa_has_checkpoint(spa)) ?
845 ZFS_ERR_CHECKPOINT_EXISTS : ZFS_ERR_DISCARDING_CHECKPOINT;
846 return (SET_ERROR(error));
849 spa_config_enter(spa, SCL_STATE, FTAG, RW_READER);
850 vdev_state = rvd->vdev_state;
851 spa_config_exit(spa, SCL_STATE, FTAG);
853 if (vdev_state != VDEV_STATE_HEALTHY)
854 return (SET_ERROR(ENXIO));
856 ASSERT3U(spa_guid(spa), !=, *newguid);
862 spa_change_guid_sync(void *arg, dmu_tx_t *tx)
864 uint64_t *newguid = arg;
865 spa_t *spa = dmu_tx_pool(tx)->dp_spa;
867 vdev_t *rvd = spa->spa_root_vdev;
869 oldguid = spa_guid(spa);
871 spa_config_enter(spa, SCL_STATE, FTAG, RW_READER);
872 rvd->vdev_guid = *newguid;
873 rvd->vdev_guid_sum += (*newguid - oldguid);
874 vdev_config_dirty(rvd);
875 spa_config_exit(spa, SCL_STATE, FTAG);
877 spa_history_log_internal(spa, "guid change", tx, "old=%llu new=%llu",
882 * Change the GUID for the pool. This is done so that we can later
883 * re-import a pool built from a clone of our own vdevs. We will modify
884 * the root vdev's guid, our own pool guid, and then mark all of our
885 * vdevs dirty. Note that we must make sure that all our vdevs are
886 * online when we do this, or else any vdevs that weren't present
887 * would be orphaned from our pool. We are also going to issue a
888 * sysevent to update any watchers.
891 spa_change_guid(spa_t *spa)
896 mutex_enter(&spa->spa_vdev_top_lock);
897 mutex_enter(&spa_namespace_lock);
898 guid = spa_generate_guid(NULL);
900 error = dsl_sync_task(spa->spa_name, spa_change_guid_check,
901 spa_change_guid_sync, &guid, 5, ZFS_SPACE_CHECK_RESERVED);
904 spa_write_cachefile(spa, B_FALSE, B_TRUE);
905 spa_event_notify(spa, NULL, NULL, ESC_ZFS_POOL_REGUID);
908 mutex_exit(&spa_namespace_lock);
909 mutex_exit(&spa->spa_vdev_top_lock);
915 * ==========================================================================
916 * SPA state manipulation (open/create/destroy/import/export)
917 * ==========================================================================
921 spa_error_entry_compare(const void *a, const void *b)
923 const spa_error_entry_t *sa = (const spa_error_entry_t *)a;
924 const spa_error_entry_t *sb = (const spa_error_entry_t *)b;
927 ret = memcmp(&sa->se_bookmark, &sb->se_bookmark,
928 sizeof (zbookmark_phys_t));
930 return (AVL_ISIGN(ret));
934 * Utility function which retrieves copies of the current logs and
935 * re-initializes them in the process.
938 spa_get_errlists(spa_t *spa, avl_tree_t *last, avl_tree_t *scrub)
940 ASSERT(MUTEX_HELD(&spa->spa_errlist_lock));
942 bcopy(&spa->spa_errlist_last, last, sizeof (avl_tree_t));
943 bcopy(&spa->spa_errlist_scrub, scrub, sizeof (avl_tree_t));
945 avl_create(&spa->spa_errlist_scrub,
946 spa_error_entry_compare, sizeof (spa_error_entry_t),
947 offsetof(spa_error_entry_t, se_avl));
948 avl_create(&spa->spa_errlist_last,
949 spa_error_entry_compare, sizeof (spa_error_entry_t),
950 offsetof(spa_error_entry_t, se_avl));
954 spa_taskqs_init(spa_t *spa, zio_type_t t, zio_taskq_type_t q)
956 const zio_taskq_info_t *ztip = &zio_taskqs[t][q];
957 enum zti_modes mode = ztip->zti_mode;
958 uint_t value = ztip->zti_value;
959 uint_t count = ztip->zti_count;
960 spa_taskqs_t *tqs = &spa->spa_zio_taskq[t][q];
963 boolean_t batch = B_FALSE;
965 if (mode == ZTI_MODE_NULL) {
967 tqs->stqs_taskq = NULL;
971 ASSERT3U(count, >, 0);
973 tqs->stqs_count = count;
974 tqs->stqs_taskq = kmem_alloc(count * sizeof (taskq_t *), KM_SLEEP);
978 ASSERT3U(value, >=, 1);
979 value = MAX(value, 1);
984 flags |= TASKQ_THREADS_CPU_PCT;
985 value = zio_taskq_batch_pct;
989 panic("unrecognized mode for %s_%s taskq (%u:%u) in "
991 zio_type_name[t], zio_taskq_types[q], mode, value);
995 for (uint_t i = 0; i < count; i++) {
999 (void) snprintf(name, sizeof (name), "%s_%s_%u",
1000 zio_type_name[t], zio_taskq_types[q], i);
1002 (void) snprintf(name, sizeof (name), "%s_%s",
1003 zio_type_name[t], zio_taskq_types[q]);
1007 if (zio_taskq_sysdc && spa->spa_proc != &p0) {
1009 flags |= TASKQ_DC_BATCH;
1011 tq = taskq_create_sysdc(name, value, 50, INT_MAX,
1012 spa->spa_proc, zio_taskq_basedc, flags);
1015 pri_t pri = maxclsyspri;
1017 * The write issue taskq can be extremely CPU
1018 * intensive. Run it at slightly lower priority
1019 * than the other taskqs.
1021 * - numerically higher priorities are lower priorities;
1022 * - if priorities divided by four (RQ_PPQ) are equal
1023 * then a difference between them is insignificant.
1025 if (t == ZIO_TYPE_WRITE && q == ZIO_TASKQ_ISSUE)
1032 tq = taskq_create_proc(name, value, pri, 50,
1033 INT_MAX, spa->spa_proc, flags);
1038 tqs->stqs_taskq[i] = tq;
1043 spa_taskqs_fini(spa_t *spa, zio_type_t t, zio_taskq_type_t q)
1045 spa_taskqs_t *tqs = &spa->spa_zio_taskq[t][q];
1047 if (tqs->stqs_taskq == NULL) {
1048 ASSERT0(tqs->stqs_count);
1052 for (uint_t i = 0; i < tqs->stqs_count; i++) {
1053 ASSERT3P(tqs->stqs_taskq[i], !=, NULL);
1054 taskq_destroy(tqs->stqs_taskq[i]);
1057 kmem_free(tqs->stqs_taskq, tqs->stqs_count * sizeof (taskq_t *));
1058 tqs->stqs_taskq = NULL;
1062 * Dispatch a task to the appropriate taskq for the ZFS I/O type and priority.
1063 * Note that a type may have multiple discrete taskqs to avoid lock contention
1064 * on the taskq itself. In that case we choose which taskq at random by using
1065 * the low bits of gethrtime().
1068 spa_taskq_dispatch_ent(spa_t *spa, zio_type_t t, zio_taskq_type_t q,
1069 task_func_t *func, void *arg, uint_t flags, taskq_ent_t *ent)
1071 spa_taskqs_t *tqs = &spa->spa_zio_taskq[t][q];
1074 ASSERT3P(tqs->stqs_taskq, !=, NULL);
1075 ASSERT3U(tqs->stqs_count, !=, 0);
1077 if (tqs->stqs_count == 1) {
1078 tq = tqs->stqs_taskq[0];
1081 tq = tqs->stqs_taskq[(u_int)(sbinuptime() + curcpu) %
1084 tq = tqs->stqs_taskq[gethrtime() % tqs->stqs_count];
1088 taskq_dispatch_ent(tq, func, arg, flags, ent);
1092 spa_create_zio_taskqs(spa_t *spa)
1094 for (int t = 0; t < ZIO_TYPES; t++) {
1095 for (int q = 0; q < ZIO_TASKQ_TYPES; q++) {
1096 spa_taskqs_init(spa, t, q);
1103 newproc(void (*pc)(void *), void *arg, id_t cid, int pri,
1104 void **ct, pid_t pid)
1107 spa_t *spa = (spa_t *)arg; /* XXX */
1114 ASSERT(cid == syscid);
1116 error = kproc_create(pc, arg, &newp, 0, 0, "zpool-%s", spa->spa_name);
1119 td = FIRST_THREAD_IN_PROC(newp);
1121 sched_prio(td, pri);
1127 spa_thread(void *arg)
1129 callb_cpr_t cprinfo;
1133 user_t *pu = PTOU(curproc);
1135 CALLB_CPR_INIT(&cprinfo, &spa->spa_proc_lock, callb_generic_cpr,
1138 ASSERT(curproc != &p0);
1140 (void) snprintf(pu->u_psargs, sizeof (pu->u_psargs),
1141 "zpool-%s", spa->spa_name);
1142 (void) strlcpy(pu->u_comm, pu->u_psargs, sizeof (pu->u_comm));
1146 /* bind this thread to the requested psrset */
1147 if (zio_taskq_psrset_bind != PS_NONE) {
1149 mutex_enter(&cpu_lock);
1150 mutex_enter(&pidlock);
1151 mutex_enter(&curproc->p_lock);
1153 if (cpupart_bind_thread(curthread, zio_taskq_psrset_bind,
1154 0, NULL, NULL) == 0) {
1155 curthread->t_bind_pset = zio_taskq_psrset_bind;
1158 "Couldn't bind process for zfs pool \"%s\" to "
1159 "pset %d\n", spa->spa_name, zio_taskq_psrset_bind);
1162 mutex_exit(&curproc->p_lock);
1163 mutex_exit(&pidlock);
1164 mutex_exit(&cpu_lock);
1170 if (zio_taskq_sysdc) {
1171 sysdc_thread_enter(curthread, 100, 0);
1175 spa->spa_proc = curproc;
1176 spa->spa_did = curthread->t_did;
1178 spa_create_zio_taskqs(spa);
1180 mutex_enter(&spa->spa_proc_lock);
1181 ASSERT(spa->spa_proc_state == SPA_PROC_CREATED);
1183 spa->spa_proc_state = SPA_PROC_ACTIVE;
1184 cv_broadcast(&spa->spa_proc_cv);
1186 CALLB_CPR_SAFE_BEGIN(&cprinfo);
1187 while (spa->spa_proc_state == SPA_PROC_ACTIVE)
1188 cv_wait(&spa->spa_proc_cv, &spa->spa_proc_lock);
1189 CALLB_CPR_SAFE_END(&cprinfo, &spa->spa_proc_lock);
1191 ASSERT(spa->spa_proc_state == SPA_PROC_DEACTIVATE);
1192 spa->spa_proc_state = SPA_PROC_GONE;
1193 spa->spa_proc = &p0;
1194 cv_broadcast(&spa->spa_proc_cv);
1195 CALLB_CPR_EXIT(&cprinfo); /* drops spa_proc_lock */
1198 mutex_enter(&curproc->p_lock);
1204 #endif /* SPA_PROCESS */
1207 * Activate an uninitialized pool.
1210 spa_activate(spa_t *spa, int mode)
1212 ASSERT(spa->spa_state == POOL_STATE_UNINITIALIZED);
1214 spa->spa_state = POOL_STATE_ACTIVE;
1215 spa->spa_mode = mode;
1217 spa->spa_normal_class = metaslab_class_create(spa, zfs_metaslab_ops);
1218 spa->spa_log_class = metaslab_class_create(spa, zfs_metaslab_ops);
1220 /* Try to create a covering process */
1221 mutex_enter(&spa->spa_proc_lock);
1222 ASSERT(spa->spa_proc_state == SPA_PROC_NONE);
1223 ASSERT(spa->spa_proc == &p0);
1227 /* Only create a process if we're going to be around a while. */
1228 if (spa_create_process && strcmp(spa->spa_name, TRYIMPORT_NAME) != 0) {
1229 if (newproc(spa_thread, (caddr_t)spa, syscid, maxclsyspri,
1231 spa->spa_proc_state = SPA_PROC_CREATED;
1232 while (spa->spa_proc_state == SPA_PROC_CREATED) {
1233 cv_wait(&spa->spa_proc_cv,
1234 &spa->spa_proc_lock);
1236 ASSERT(spa->spa_proc_state == SPA_PROC_ACTIVE);
1237 ASSERT(spa->spa_proc != &p0);
1238 ASSERT(spa->spa_did != 0);
1242 "Couldn't create process for zfs pool \"%s\"\n",
1247 #endif /* SPA_PROCESS */
1248 mutex_exit(&spa->spa_proc_lock);
1250 /* If we didn't create a process, we need to create our taskqs. */
1252 ASSERT(spa->spa_proc == &p0);
1253 #endif /* SPA_PROCESS */
1254 if (spa->spa_proc == &p0) {
1255 spa_create_zio_taskqs(spa);
1259 * Start TRIM thread.
1261 trim_thread_create(spa);
1263 for (size_t i = 0; i < TXG_SIZE; i++) {
1264 spa->spa_txg_zio[i] = zio_root(spa, NULL, NULL,
1268 list_create(&spa->spa_config_dirty_list, sizeof (vdev_t),
1269 offsetof(vdev_t, vdev_config_dirty_node));
1270 list_create(&spa->spa_evicting_os_list, sizeof (objset_t),
1271 offsetof(objset_t, os_evicting_node));
1272 list_create(&spa->spa_state_dirty_list, sizeof (vdev_t),
1273 offsetof(vdev_t, vdev_state_dirty_node));
1275 txg_list_create(&spa->spa_vdev_txg_list, spa,
1276 offsetof(struct vdev, vdev_txg_node));
1278 avl_create(&spa->spa_errlist_scrub,
1279 spa_error_entry_compare, sizeof (spa_error_entry_t),
1280 offsetof(spa_error_entry_t, se_avl));
1281 avl_create(&spa->spa_errlist_last,
1282 spa_error_entry_compare, sizeof (spa_error_entry_t),
1283 offsetof(spa_error_entry_t, se_avl));
1287 * Opposite of spa_activate().
1290 spa_deactivate(spa_t *spa)
1292 ASSERT(spa->spa_sync_on == B_FALSE);
1293 ASSERT(spa->spa_dsl_pool == NULL);
1294 ASSERT(spa->spa_root_vdev == NULL);
1295 ASSERT(spa->spa_async_zio_root == NULL);
1296 ASSERT(spa->spa_state != POOL_STATE_UNINITIALIZED);
1299 * Stop TRIM thread in case spa_unload() wasn't called directly
1300 * before spa_deactivate().
1302 trim_thread_destroy(spa);
1304 spa_evicting_os_wait(spa);
1306 txg_list_destroy(&spa->spa_vdev_txg_list);
1308 list_destroy(&spa->spa_config_dirty_list);
1309 list_destroy(&spa->spa_evicting_os_list);
1310 list_destroy(&spa->spa_state_dirty_list);
1312 for (int t = 0; t < ZIO_TYPES; t++) {
1313 for (int q = 0; q < ZIO_TASKQ_TYPES; q++) {
1314 spa_taskqs_fini(spa, t, q);
1318 for (size_t i = 0; i < TXG_SIZE; i++) {
1319 ASSERT3P(spa->spa_txg_zio[i], !=, NULL);
1320 VERIFY0(zio_wait(spa->spa_txg_zio[i]));
1321 spa->spa_txg_zio[i] = NULL;
1324 metaslab_class_destroy(spa->spa_normal_class);
1325 spa->spa_normal_class = NULL;
1327 metaslab_class_destroy(spa->spa_log_class);
1328 spa->spa_log_class = NULL;
1331 * If this was part of an import or the open otherwise failed, we may
1332 * still have errors left in the queues. Empty them just in case.
1334 spa_errlog_drain(spa);
1336 avl_destroy(&spa->spa_errlist_scrub);
1337 avl_destroy(&spa->spa_errlist_last);
1339 spa->spa_state = POOL_STATE_UNINITIALIZED;
1341 mutex_enter(&spa->spa_proc_lock);
1342 if (spa->spa_proc_state != SPA_PROC_NONE) {
1343 ASSERT(spa->spa_proc_state == SPA_PROC_ACTIVE);
1344 spa->spa_proc_state = SPA_PROC_DEACTIVATE;
1345 cv_broadcast(&spa->spa_proc_cv);
1346 while (spa->spa_proc_state == SPA_PROC_DEACTIVATE) {
1347 ASSERT(spa->spa_proc != &p0);
1348 cv_wait(&spa->spa_proc_cv, &spa->spa_proc_lock);
1350 ASSERT(spa->spa_proc_state == SPA_PROC_GONE);
1351 spa->spa_proc_state = SPA_PROC_NONE;
1353 ASSERT(spa->spa_proc == &p0);
1354 mutex_exit(&spa->spa_proc_lock);
1359 * We want to make sure spa_thread() has actually exited the ZFS
1360 * module, so that the module can't be unloaded out from underneath
1363 if (spa->spa_did != 0) {
1364 thread_join(spa->spa_did);
1368 #endif /* SPA_PROCESS */
1372 * Verify a pool configuration, and construct the vdev tree appropriately. This
1373 * will create all the necessary vdevs in the appropriate layout, with each vdev
1374 * in the CLOSED state. This will prep the pool before open/creation/import.
1375 * All vdev validation is done by the vdev_alloc() routine.
1378 spa_config_parse(spa_t *spa, vdev_t **vdp, nvlist_t *nv, vdev_t *parent,
1379 uint_t id, int atype)
1385 if ((error = vdev_alloc(spa, vdp, nv, parent, id, atype)) != 0)
1388 if ((*vdp)->vdev_ops->vdev_op_leaf)
1391 error = nvlist_lookup_nvlist_array(nv, ZPOOL_CONFIG_CHILDREN,
1394 if (error == ENOENT)
1400 return (SET_ERROR(EINVAL));
1403 for (int c = 0; c < children; c++) {
1405 if ((error = spa_config_parse(spa, &vd, child[c], *vdp, c,
1413 ASSERT(*vdp != NULL);
1419 * Opposite of spa_load().
1422 spa_unload(spa_t *spa)
1426 ASSERT(MUTEX_HELD(&spa_namespace_lock));
1428 spa_load_note(spa, "UNLOADING");
1433 trim_thread_destroy(spa);
1438 spa_async_suspend(spa);
1440 if (spa->spa_root_vdev) {
1441 vdev_initialize_stop_all(spa->spa_root_vdev,
1442 VDEV_INITIALIZE_ACTIVE);
1448 if (spa->spa_sync_on) {
1449 txg_sync_stop(spa->spa_dsl_pool);
1450 spa->spa_sync_on = B_FALSE;
1454 * Even though vdev_free() also calls vdev_metaslab_fini, we need
1455 * to call it earlier, before we wait for async i/o to complete.
1456 * This ensures that there is no async metaslab prefetching, by
1457 * calling taskq_wait(mg_taskq).
1459 if (spa->spa_root_vdev != NULL) {
1460 spa_config_enter(spa, SCL_ALL, spa, RW_WRITER);
1461 for (int c = 0; c < spa->spa_root_vdev->vdev_children; c++)
1462 vdev_metaslab_fini(spa->spa_root_vdev->vdev_child[c]);
1463 spa_config_exit(spa, SCL_ALL, spa);
1467 * Wait for any outstanding async I/O to complete.
1469 if (spa->spa_async_zio_root != NULL) {
1470 for (int i = 0; i < max_ncpus; i++)
1471 (void) zio_wait(spa->spa_async_zio_root[i]);
1472 kmem_free(spa->spa_async_zio_root, max_ncpus * sizeof (void *));
1473 spa->spa_async_zio_root = NULL;
1476 if (spa->spa_vdev_removal != NULL) {
1477 spa_vdev_removal_destroy(spa->spa_vdev_removal);
1478 spa->spa_vdev_removal = NULL;
1481 if (spa->spa_condense_zthr != NULL) {
1482 zthr_destroy(spa->spa_condense_zthr);
1483 spa->spa_condense_zthr = NULL;
1486 if (spa->spa_checkpoint_discard_zthr != NULL) {
1487 zthr_destroy(spa->spa_checkpoint_discard_zthr);
1488 spa->spa_checkpoint_discard_zthr = NULL;
1491 spa_condense_fini(spa);
1493 bpobj_close(&spa->spa_deferred_bpobj);
1495 spa_config_enter(spa, SCL_ALL, spa, RW_WRITER);
1500 if (spa->spa_root_vdev)
1501 vdev_free(spa->spa_root_vdev);
1502 ASSERT(spa->spa_root_vdev == NULL);
1505 * Close the dsl pool.
1507 if (spa->spa_dsl_pool) {
1508 dsl_pool_close(spa->spa_dsl_pool);
1509 spa->spa_dsl_pool = NULL;
1510 spa->spa_meta_objset = NULL;
1516 * Drop and purge level 2 cache
1518 spa_l2cache_drop(spa);
1520 for (i = 0; i < spa->spa_spares.sav_count; i++)
1521 vdev_free(spa->spa_spares.sav_vdevs[i]);
1522 if (spa->spa_spares.sav_vdevs) {
1523 kmem_free(spa->spa_spares.sav_vdevs,
1524 spa->spa_spares.sav_count * sizeof (void *));
1525 spa->spa_spares.sav_vdevs = NULL;
1527 if (spa->spa_spares.sav_config) {
1528 nvlist_free(spa->spa_spares.sav_config);
1529 spa->spa_spares.sav_config = NULL;
1531 spa->spa_spares.sav_count = 0;
1533 for (i = 0; i < spa->spa_l2cache.sav_count; i++) {
1534 vdev_clear_stats(spa->spa_l2cache.sav_vdevs[i]);
1535 vdev_free(spa->spa_l2cache.sav_vdevs[i]);
1537 if (spa->spa_l2cache.sav_vdevs) {
1538 kmem_free(spa->spa_l2cache.sav_vdevs,
1539 spa->spa_l2cache.sav_count * sizeof (void *));
1540 spa->spa_l2cache.sav_vdevs = NULL;
1542 if (spa->spa_l2cache.sav_config) {
1543 nvlist_free(spa->spa_l2cache.sav_config);
1544 spa->spa_l2cache.sav_config = NULL;
1546 spa->spa_l2cache.sav_count = 0;
1548 spa->spa_async_suspended = 0;
1550 spa->spa_indirect_vdevs_loaded = B_FALSE;
1552 if (spa->spa_comment != NULL) {
1553 spa_strfree(spa->spa_comment);
1554 spa->spa_comment = NULL;
1557 spa_config_exit(spa, SCL_ALL, spa);
1561 * Load (or re-load) the current list of vdevs describing the active spares for
1562 * this pool. When this is called, we have some form of basic information in
1563 * 'spa_spares.sav_config'. We parse this into vdevs, try to open them, and
1564 * then re-generate a more complete list including status information.
1567 spa_load_spares(spa_t *spa)
1576 * zdb opens both the current state of the pool and the
1577 * checkpointed state (if present), with a different spa_t.
1579 * As spare vdevs are shared among open pools, we skip loading
1580 * them when we load the checkpointed state of the pool.
1582 if (!spa_writeable(spa))
1586 ASSERT(spa_config_held(spa, SCL_ALL, RW_WRITER) == SCL_ALL);
1589 * First, close and free any existing spare vdevs.
1591 for (i = 0; i < spa->spa_spares.sav_count; i++) {
1592 vd = spa->spa_spares.sav_vdevs[i];
1594 /* Undo the call to spa_activate() below */
1595 if ((tvd = spa_lookup_by_guid(spa, vd->vdev_guid,
1596 B_FALSE)) != NULL && tvd->vdev_isspare)
1597 spa_spare_remove(tvd);
1602 if (spa->spa_spares.sav_vdevs)
1603 kmem_free(spa->spa_spares.sav_vdevs,
1604 spa->spa_spares.sav_count * sizeof (void *));
1606 if (spa->spa_spares.sav_config == NULL)
1609 VERIFY(nvlist_lookup_nvlist_array(spa->spa_spares.sav_config,
1610 ZPOOL_CONFIG_SPARES, &spares, &nspares) == 0);
1612 spa->spa_spares.sav_count = (int)nspares;
1613 spa->spa_spares.sav_vdevs = NULL;
1619 * Construct the array of vdevs, opening them to get status in the
1620 * process. For each spare, there is potentially two different vdev_t
1621 * structures associated with it: one in the list of spares (used only
1622 * for basic validation purposes) and one in the active vdev
1623 * configuration (if it's spared in). During this phase we open and
1624 * validate each vdev on the spare list. If the vdev also exists in the
1625 * active configuration, then we also mark this vdev as an active spare.
1627 spa->spa_spares.sav_vdevs = kmem_alloc(nspares * sizeof (void *),
1629 for (i = 0; i < spa->spa_spares.sav_count; i++) {
1630 VERIFY(spa_config_parse(spa, &vd, spares[i], NULL, 0,
1631 VDEV_ALLOC_SPARE) == 0);
1634 spa->spa_spares.sav_vdevs[i] = vd;
1636 if ((tvd = spa_lookup_by_guid(spa, vd->vdev_guid,
1637 B_FALSE)) != NULL) {
1638 if (!tvd->vdev_isspare)
1642 * We only mark the spare active if we were successfully
1643 * able to load the vdev. Otherwise, importing a pool
1644 * with a bad active spare would result in strange
1645 * behavior, because multiple pool would think the spare
1646 * is actively in use.
1648 * There is a vulnerability here to an equally bizarre
1649 * circumstance, where a dead active spare is later
1650 * brought back to life (onlined or otherwise). Given
1651 * the rarity of this scenario, and the extra complexity
1652 * it adds, we ignore the possibility.
1654 if (!vdev_is_dead(tvd))
1655 spa_spare_activate(tvd);
1659 vd->vdev_aux = &spa->spa_spares;
1661 if (vdev_open(vd) != 0)
1664 if (vdev_validate_aux(vd) == 0)
1669 * Recompute the stashed list of spares, with status information
1672 VERIFY(nvlist_remove(spa->spa_spares.sav_config, ZPOOL_CONFIG_SPARES,
1673 DATA_TYPE_NVLIST_ARRAY) == 0);
1675 spares = kmem_alloc(spa->spa_spares.sav_count * sizeof (void *),
1677 for (i = 0; i < spa->spa_spares.sav_count; i++)
1678 spares[i] = vdev_config_generate(spa,
1679 spa->spa_spares.sav_vdevs[i], B_TRUE, VDEV_CONFIG_SPARE);
1680 VERIFY(nvlist_add_nvlist_array(spa->spa_spares.sav_config,
1681 ZPOOL_CONFIG_SPARES, spares, spa->spa_spares.sav_count) == 0);
1682 for (i = 0; i < spa->spa_spares.sav_count; i++)
1683 nvlist_free(spares[i]);
1684 kmem_free(spares, spa->spa_spares.sav_count * sizeof (void *));
1688 * Load (or re-load) the current list of vdevs describing the active l2cache for
1689 * this pool. When this is called, we have some form of basic information in
1690 * 'spa_l2cache.sav_config'. We parse this into vdevs, try to open them, and
1691 * then re-generate a more complete list including status information.
1692 * Devices which are already active have their details maintained, and are
1696 spa_load_l2cache(spa_t *spa)
1700 int i, j, oldnvdevs;
1702 vdev_t *vd, **oldvdevs, **newvdevs;
1703 spa_aux_vdev_t *sav = &spa->spa_l2cache;
1707 * zdb opens both the current state of the pool and the
1708 * checkpointed state (if present), with a different spa_t.
1710 * As L2 caches are part of the ARC which is shared among open
1711 * pools, we skip loading them when we load the checkpointed
1712 * state of the pool.
1714 if (!spa_writeable(spa))
1718 ASSERT(spa_config_held(spa, SCL_ALL, RW_WRITER) == SCL_ALL);
1720 if (sav->sav_config != NULL) {
1721 VERIFY(nvlist_lookup_nvlist_array(sav->sav_config,
1722 ZPOOL_CONFIG_L2CACHE, &l2cache, &nl2cache) == 0);
1723 newvdevs = kmem_alloc(nl2cache * sizeof (void *), KM_SLEEP);
1729 oldvdevs = sav->sav_vdevs;
1730 oldnvdevs = sav->sav_count;
1731 sav->sav_vdevs = NULL;
1735 * Process new nvlist of vdevs.
1737 for (i = 0; i < nl2cache; i++) {
1738 VERIFY(nvlist_lookup_uint64(l2cache[i], ZPOOL_CONFIG_GUID,
1742 for (j = 0; j < oldnvdevs; j++) {
1744 if (vd != NULL && guid == vd->vdev_guid) {
1746 * Retain previous vdev for add/remove ops.
1754 if (newvdevs[i] == NULL) {
1758 VERIFY(spa_config_parse(spa, &vd, l2cache[i], NULL, 0,
1759 VDEV_ALLOC_L2CACHE) == 0);
1764 * Commit this vdev as an l2cache device,
1765 * even if it fails to open.
1767 spa_l2cache_add(vd);
1772 spa_l2cache_activate(vd);
1774 if (vdev_open(vd) != 0)
1777 (void) vdev_validate_aux(vd);
1779 if (!vdev_is_dead(vd))
1780 l2arc_add_vdev(spa, vd);
1785 * Purge vdevs that were dropped
1787 for (i = 0; i < oldnvdevs; i++) {
1792 ASSERT(vd->vdev_isl2cache);
1794 if (spa_l2cache_exists(vd->vdev_guid, &pool) &&
1795 pool != 0ULL && l2arc_vdev_present(vd))
1796 l2arc_remove_vdev(vd);
1797 vdev_clear_stats(vd);
1803 kmem_free(oldvdevs, oldnvdevs * sizeof (void *));
1805 if (sav->sav_config == NULL)
1808 sav->sav_vdevs = newvdevs;
1809 sav->sav_count = (int)nl2cache;
1812 * Recompute the stashed list of l2cache devices, with status
1813 * information this time.
1815 VERIFY(nvlist_remove(sav->sav_config, ZPOOL_CONFIG_L2CACHE,
1816 DATA_TYPE_NVLIST_ARRAY) == 0);
1818 l2cache = kmem_alloc(sav->sav_count * sizeof (void *), KM_SLEEP);
1819 for (i = 0; i < sav->sav_count; i++)
1820 l2cache[i] = vdev_config_generate(spa,
1821 sav->sav_vdevs[i], B_TRUE, VDEV_CONFIG_L2CACHE);
1822 VERIFY(nvlist_add_nvlist_array(sav->sav_config,
1823 ZPOOL_CONFIG_L2CACHE, l2cache, sav->sav_count) == 0);
1825 for (i = 0; i < sav->sav_count; i++)
1826 nvlist_free(l2cache[i]);
1828 kmem_free(l2cache, sav->sav_count * sizeof (void *));
1832 load_nvlist(spa_t *spa, uint64_t obj, nvlist_t **value)
1835 char *packed = NULL;
1840 error = dmu_bonus_hold(spa->spa_meta_objset, obj, FTAG, &db);
1844 nvsize = *(uint64_t *)db->db_data;
1845 dmu_buf_rele(db, FTAG);
1847 packed = kmem_alloc(nvsize, KM_SLEEP);
1848 error = dmu_read(spa->spa_meta_objset, obj, 0, nvsize, packed,
1851 error = nvlist_unpack(packed, nvsize, value, 0);
1852 kmem_free(packed, nvsize);
1858 * Concrete top-level vdevs that are not missing and are not logs. At every
1859 * spa_sync we write new uberblocks to at least SPA_SYNC_MIN_VDEVS core tvds.
1862 spa_healthy_core_tvds(spa_t *spa)
1864 vdev_t *rvd = spa->spa_root_vdev;
1867 for (uint64_t i = 0; i < rvd->vdev_children; i++) {
1868 vdev_t *vd = rvd->vdev_child[i];
1871 if (vdev_is_concrete(vd) && !vdev_is_dead(vd))
1879 * Checks to see if the given vdev could not be opened, in which case we post a
1880 * sysevent to notify the autoreplace code that the device has been removed.
1883 spa_check_removed(vdev_t *vd)
1885 for (uint64_t c = 0; c < vd->vdev_children; c++)
1886 spa_check_removed(vd->vdev_child[c]);
1888 if (vd->vdev_ops->vdev_op_leaf && vdev_is_dead(vd) &&
1889 vdev_is_concrete(vd)) {
1890 zfs_post_autoreplace(vd->vdev_spa, vd);
1891 spa_event_notify(vd->vdev_spa, vd, NULL, ESC_ZFS_VDEV_CHECK);
1896 spa_check_for_missing_logs(spa_t *spa)
1898 vdev_t *rvd = spa->spa_root_vdev;
1901 * If we're doing a normal import, then build up any additional
1902 * diagnostic information about missing log devices.
1903 * We'll pass this up to the user for further processing.
1905 if (!(spa->spa_import_flags & ZFS_IMPORT_MISSING_LOG)) {
1906 nvlist_t **child, *nv;
1909 child = kmem_alloc(rvd->vdev_children * sizeof (nvlist_t **),
1911 VERIFY(nvlist_alloc(&nv, NV_UNIQUE_NAME, KM_SLEEP) == 0);
1913 for (uint64_t c = 0; c < rvd->vdev_children; c++) {
1914 vdev_t *tvd = rvd->vdev_child[c];
1917 * We consider a device as missing only if it failed
1918 * to open (i.e. offline or faulted is not considered
1921 if (tvd->vdev_islog &&
1922 tvd->vdev_state == VDEV_STATE_CANT_OPEN) {
1923 child[idx++] = vdev_config_generate(spa, tvd,
1924 B_FALSE, VDEV_CONFIG_MISSING);
1929 fnvlist_add_nvlist_array(nv,
1930 ZPOOL_CONFIG_CHILDREN, child, idx);
1931 fnvlist_add_nvlist(spa->spa_load_info,
1932 ZPOOL_CONFIG_MISSING_DEVICES, nv);
1934 for (uint64_t i = 0; i < idx; i++)
1935 nvlist_free(child[i]);
1938 kmem_free(child, rvd->vdev_children * sizeof (char **));
1941 spa_load_failed(spa, "some log devices are missing");
1942 vdev_dbgmsg_print_tree(rvd, 2);
1943 return (SET_ERROR(ENXIO));
1946 for (uint64_t c = 0; c < rvd->vdev_children; c++) {
1947 vdev_t *tvd = rvd->vdev_child[c];
1949 if (tvd->vdev_islog &&
1950 tvd->vdev_state == VDEV_STATE_CANT_OPEN) {
1951 spa_set_log_state(spa, SPA_LOG_CLEAR);
1952 spa_load_note(spa, "some log devices are "
1953 "missing, ZIL is dropped.");
1954 vdev_dbgmsg_print_tree(rvd, 2);
1964 * Check for missing log devices
1967 spa_check_logs(spa_t *spa)
1969 boolean_t rv = B_FALSE;
1970 dsl_pool_t *dp = spa_get_dsl(spa);
1972 switch (spa->spa_log_state) {
1973 case SPA_LOG_MISSING:
1974 /* need to recheck in case slog has been restored */
1975 case SPA_LOG_UNKNOWN:
1976 rv = (dmu_objset_find_dp(dp, dp->dp_root_dir_obj,
1977 zil_check_log_chain, NULL, DS_FIND_CHILDREN) != 0);
1979 spa_set_log_state(spa, SPA_LOG_MISSING);
1986 spa_passivate_log(spa_t *spa)
1988 vdev_t *rvd = spa->spa_root_vdev;
1989 boolean_t slog_found = B_FALSE;
1991 ASSERT(spa_config_held(spa, SCL_ALLOC, RW_WRITER));
1993 if (!spa_has_slogs(spa))
1996 for (int c = 0; c < rvd->vdev_children; c++) {
1997 vdev_t *tvd = rvd->vdev_child[c];
1998 metaslab_group_t *mg = tvd->vdev_mg;
2000 if (tvd->vdev_islog) {
2001 metaslab_group_passivate(mg);
2002 slog_found = B_TRUE;
2006 return (slog_found);
2010 spa_activate_log(spa_t *spa)
2012 vdev_t *rvd = spa->spa_root_vdev;
2014 ASSERT(spa_config_held(spa, SCL_ALLOC, RW_WRITER));
2016 for (int c = 0; c < rvd->vdev_children; c++) {
2017 vdev_t *tvd = rvd->vdev_child[c];
2018 metaslab_group_t *mg = tvd->vdev_mg;
2020 if (tvd->vdev_islog)
2021 metaslab_group_activate(mg);
2026 spa_reset_logs(spa_t *spa)
2030 error = dmu_objset_find(spa_name(spa), zil_reset,
2031 NULL, DS_FIND_CHILDREN);
2034 * We successfully offlined the log device, sync out the
2035 * current txg so that the "stubby" block can be removed
2038 txg_wait_synced(spa->spa_dsl_pool, 0);
2044 spa_aux_check_removed(spa_aux_vdev_t *sav)
2048 for (i = 0; i < sav->sav_count; i++)
2049 spa_check_removed(sav->sav_vdevs[i]);
2053 spa_claim_notify(zio_t *zio)
2055 spa_t *spa = zio->io_spa;
2060 mutex_enter(&spa->spa_props_lock); /* any mutex will do */
2061 if (spa->spa_claim_max_txg < zio->io_bp->blk_birth)
2062 spa->spa_claim_max_txg = zio->io_bp->blk_birth;
2063 mutex_exit(&spa->spa_props_lock);
2066 typedef struct spa_load_error {
2067 uint64_t sle_meta_count;
2068 uint64_t sle_data_count;
2072 spa_load_verify_done(zio_t *zio)
2074 blkptr_t *bp = zio->io_bp;
2075 spa_load_error_t *sle = zio->io_private;
2076 dmu_object_type_t type = BP_GET_TYPE(bp);
2077 int error = zio->io_error;
2078 spa_t *spa = zio->io_spa;
2080 abd_free(zio->io_abd);
2082 if ((BP_GET_LEVEL(bp) != 0 || DMU_OT_IS_METADATA(type)) &&
2083 type != DMU_OT_INTENT_LOG)
2084 atomic_inc_64(&sle->sle_meta_count);
2086 atomic_inc_64(&sle->sle_data_count);
2089 mutex_enter(&spa->spa_scrub_lock);
2090 spa->spa_load_verify_ios--;
2091 cv_broadcast(&spa->spa_scrub_io_cv);
2092 mutex_exit(&spa->spa_scrub_lock);
2096 * Maximum number of concurrent scrub i/os to create while verifying
2097 * a pool while importing it.
2099 int spa_load_verify_maxinflight = 10000;
2100 boolean_t spa_load_verify_metadata = B_TRUE;
2101 boolean_t spa_load_verify_data = B_TRUE;
2103 SYSCTL_INT(_vfs_zfs, OID_AUTO, spa_load_verify_maxinflight, CTLFLAG_RWTUN,
2104 &spa_load_verify_maxinflight, 0,
2105 "Maximum number of concurrent scrub I/Os to create while verifying a "
2106 "pool while importing it");
2108 SYSCTL_INT(_vfs_zfs, OID_AUTO, spa_load_verify_metadata, CTLFLAG_RWTUN,
2109 &spa_load_verify_metadata, 0,
2110 "Check metadata on import?");
2112 SYSCTL_INT(_vfs_zfs, OID_AUTO, spa_load_verify_data, CTLFLAG_RWTUN,
2113 &spa_load_verify_data, 0,
2114 "Check user data on import?");
2118 spa_load_verify_cb(spa_t *spa, zilog_t *zilog, const blkptr_t *bp,
2119 const zbookmark_phys_t *zb, const dnode_phys_t *dnp, void *arg)
2121 if (bp == NULL || BP_IS_HOLE(bp) || BP_IS_EMBEDDED(bp))
2124 * Note: normally this routine will not be called if
2125 * spa_load_verify_metadata is not set. However, it may be useful
2126 * to manually set the flag after the traversal has begun.
2128 if (!spa_load_verify_metadata)
2130 if (!BP_IS_METADATA(bp) && !spa_load_verify_data)
2134 size_t size = BP_GET_PSIZE(bp);
2136 mutex_enter(&spa->spa_scrub_lock);
2137 while (spa->spa_load_verify_ios >= spa_load_verify_maxinflight)
2138 cv_wait(&spa->spa_scrub_io_cv, &spa->spa_scrub_lock);
2139 spa->spa_load_verify_ios++;
2140 mutex_exit(&spa->spa_scrub_lock);
2142 zio_nowait(zio_read(rio, spa, bp, abd_alloc_for_io(size, B_FALSE), size,
2143 spa_load_verify_done, rio->io_private, ZIO_PRIORITY_SCRUB,
2144 ZIO_FLAG_SPECULATIVE | ZIO_FLAG_CANFAIL |
2145 ZIO_FLAG_SCRUB | ZIO_FLAG_RAW, zb));
2151 verify_dataset_name_len(dsl_pool_t *dp, dsl_dataset_t *ds, void *arg)
2153 if (dsl_dataset_namelen(ds) >= ZFS_MAX_DATASET_NAME_LEN)
2154 return (SET_ERROR(ENAMETOOLONG));
2160 spa_load_verify(spa_t *spa)
2163 spa_load_error_t sle = { 0 };
2164 zpool_load_policy_t policy;
2165 boolean_t verify_ok = B_FALSE;
2168 zpool_get_load_policy(spa->spa_config, &policy);
2170 if (policy.zlp_rewind & ZPOOL_NEVER_REWIND)
2173 dsl_pool_config_enter(spa->spa_dsl_pool, FTAG);
2174 error = dmu_objset_find_dp(spa->spa_dsl_pool,
2175 spa->spa_dsl_pool->dp_root_dir_obj, verify_dataset_name_len, NULL,
2177 dsl_pool_config_exit(spa->spa_dsl_pool, FTAG);
2181 rio = zio_root(spa, NULL, &sle,
2182 ZIO_FLAG_CANFAIL | ZIO_FLAG_SPECULATIVE);
2184 if (spa_load_verify_metadata) {
2185 if (spa->spa_extreme_rewind) {
2186 spa_load_note(spa, "performing a complete scan of the "
2187 "pool since extreme rewind is on. This may take "
2188 "a very long time.\n (spa_load_verify_data=%u, "
2189 "spa_load_verify_metadata=%u)",
2190 spa_load_verify_data, spa_load_verify_metadata);
2192 error = traverse_pool(spa, spa->spa_verify_min_txg,
2193 TRAVERSE_PRE | TRAVERSE_PREFETCH_METADATA,
2194 spa_load_verify_cb, rio);
2197 (void) zio_wait(rio);
2199 spa->spa_load_meta_errors = sle.sle_meta_count;
2200 spa->spa_load_data_errors = sle.sle_data_count;
2202 if (sle.sle_meta_count != 0 || sle.sle_data_count != 0) {
2203 spa_load_note(spa, "spa_load_verify found %llu metadata errors "
2204 "and %llu data errors", (u_longlong_t)sle.sle_meta_count,
2205 (u_longlong_t)sle.sle_data_count);
2208 if (spa_load_verify_dryrun ||
2209 (!error && sle.sle_meta_count <= policy.zlp_maxmeta &&
2210 sle.sle_data_count <= policy.zlp_maxdata)) {
2214 spa->spa_load_txg = spa->spa_uberblock.ub_txg;
2215 spa->spa_load_txg_ts = spa->spa_uberblock.ub_timestamp;
2217 loss = spa->spa_last_ubsync_txg_ts - spa->spa_load_txg_ts;
2218 VERIFY(nvlist_add_uint64(spa->spa_load_info,
2219 ZPOOL_CONFIG_LOAD_TIME, spa->spa_load_txg_ts) == 0);
2220 VERIFY(nvlist_add_int64(spa->spa_load_info,
2221 ZPOOL_CONFIG_REWIND_TIME, loss) == 0);
2222 VERIFY(nvlist_add_uint64(spa->spa_load_info,
2223 ZPOOL_CONFIG_LOAD_DATA_ERRORS, sle.sle_data_count) == 0);
2225 spa->spa_load_max_txg = spa->spa_uberblock.ub_txg;
2228 if (spa_load_verify_dryrun)
2232 if (error != ENXIO && error != EIO)
2233 error = SET_ERROR(EIO);
2237 return (verify_ok ? 0 : EIO);
2241 * Find a value in the pool props object.
2244 spa_prop_find(spa_t *spa, zpool_prop_t prop, uint64_t *val)
2246 (void) zap_lookup(spa->spa_meta_objset, spa->spa_pool_props_object,
2247 zpool_prop_to_name(prop), sizeof (uint64_t), 1, val);
2251 * Find a value in the pool directory object.
2254 spa_dir_prop(spa_t *spa, const char *name, uint64_t *val, boolean_t log_enoent)
2256 int error = zap_lookup(spa->spa_meta_objset, DMU_POOL_DIRECTORY_OBJECT,
2257 name, sizeof (uint64_t), 1, val);
2259 if (error != 0 && (error != ENOENT || log_enoent)) {
2260 spa_load_failed(spa, "couldn't get '%s' value in MOS directory "
2261 "[error=%d]", name, error);
2268 spa_vdev_err(vdev_t *vdev, vdev_aux_t aux, int err)
2270 vdev_set_state(vdev, B_TRUE, VDEV_STATE_CANT_OPEN, aux);
2271 return (SET_ERROR(err));
2275 spa_spawn_aux_threads(spa_t *spa)
2277 ASSERT(spa_writeable(spa));
2279 ASSERT(MUTEX_HELD(&spa_namespace_lock));
2281 spa_start_indirect_condensing_thread(spa);
2283 ASSERT3P(spa->spa_checkpoint_discard_zthr, ==, NULL);
2284 spa->spa_checkpoint_discard_zthr =
2285 zthr_create(spa_checkpoint_discard_thread_check,
2286 spa_checkpoint_discard_thread, spa);
2290 * Fix up config after a partly-completed split. This is done with the
2291 * ZPOOL_CONFIG_SPLIT nvlist. Both the splitting pool and the split-off
2292 * pool have that entry in their config, but only the splitting one contains
2293 * a list of all the guids of the vdevs that are being split off.
2295 * This function determines what to do with that list: either rejoin
2296 * all the disks to the pool, or complete the splitting process. To attempt
2297 * the rejoin, each disk that is offlined is marked online again, and
2298 * we do a reopen() call. If the vdev label for every disk that was
2299 * marked online indicates it was successfully split off (VDEV_AUX_SPLIT_POOL)
2300 * then we call vdev_split() on each disk, and complete the split.
2302 * Otherwise we leave the config alone, with all the vdevs in place in
2303 * the original pool.
2306 spa_try_repair(spa_t *spa, nvlist_t *config)
2313 boolean_t attempt_reopen;
2315 if (nvlist_lookup_nvlist(config, ZPOOL_CONFIG_SPLIT, &nvl) != 0)
2318 /* check that the config is complete */
2319 if (nvlist_lookup_uint64_array(nvl, ZPOOL_CONFIG_SPLIT_LIST,
2320 &glist, &gcount) != 0)
2323 vd = kmem_zalloc(gcount * sizeof (vdev_t *), KM_SLEEP);
2325 /* attempt to online all the vdevs & validate */
2326 attempt_reopen = B_TRUE;
2327 for (i = 0; i < gcount; i++) {
2328 if (glist[i] == 0) /* vdev is hole */
2331 vd[i] = spa_lookup_by_guid(spa, glist[i], B_FALSE);
2332 if (vd[i] == NULL) {
2334 * Don't bother attempting to reopen the disks;
2335 * just do the split.
2337 attempt_reopen = B_FALSE;
2339 /* attempt to re-online it */
2340 vd[i]->vdev_offline = B_FALSE;
2344 if (attempt_reopen) {
2345 vdev_reopen(spa->spa_root_vdev);
2347 /* check each device to see what state it's in */
2348 for (extracted = 0, i = 0; i < gcount; i++) {
2349 if (vd[i] != NULL &&
2350 vd[i]->vdev_stat.vs_aux != VDEV_AUX_SPLIT_POOL)
2357 * If every disk has been moved to the new pool, or if we never
2358 * even attempted to look at them, then we split them off for
2361 if (!attempt_reopen || gcount == extracted) {
2362 for (i = 0; i < gcount; i++)
2365 vdev_reopen(spa->spa_root_vdev);
2368 kmem_free(vd, gcount * sizeof (vdev_t *));
2372 spa_load(spa_t *spa, spa_load_state_t state, spa_import_type_t type)
2374 char *ereport = FM_EREPORT_ZFS_POOL;
2377 spa->spa_load_state = state;
2379 gethrestime(&spa->spa_loaded_ts);
2380 error = spa_load_impl(spa, type, &ereport);
2383 * Don't count references from objsets that are already closed
2384 * and are making their way through the eviction process.
2386 spa_evicting_os_wait(spa);
2387 spa->spa_minref = zfs_refcount_count(&spa->spa_refcount);
2389 if (error != EEXIST) {
2390 spa->spa_loaded_ts.tv_sec = 0;
2391 spa->spa_loaded_ts.tv_nsec = 0;
2393 if (error != EBADF) {
2394 zfs_ereport_post(ereport, spa, NULL, NULL, 0, 0);
2397 spa->spa_load_state = error ? SPA_LOAD_ERROR : SPA_LOAD_NONE;
2404 * Count the number of per-vdev ZAPs associated with all of the vdevs in the
2405 * vdev tree rooted in the given vd, and ensure that each ZAP is present in the
2406 * spa's per-vdev ZAP list.
2409 vdev_count_verify_zaps(vdev_t *vd)
2411 spa_t *spa = vd->vdev_spa;
2413 if (vd->vdev_top_zap != 0) {
2415 ASSERT0(zap_lookup_int(spa->spa_meta_objset,
2416 spa->spa_all_vdev_zaps, vd->vdev_top_zap));
2418 if (vd->vdev_leaf_zap != 0) {
2420 ASSERT0(zap_lookup_int(spa->spa_meta_objset,
2421 spa->spa_all_vdev_zaps, vd->vdev_leaf_zap));
2424 for (uint64_t i = 0; i < vd->vdev_children; i++) {
2425 total += vdev_count_verify_zaps(vd->vdev_child[i]);
2432 spa_verify_host(spa_t *spa, nvlist_t *mos_config)
2436 uint64_t myhostid = 0;
2438 if (!spa_is_root(spa) && nvlist_lookup_uint64(mos_config,
2439 ZPOOL_CONFIG_HOSTID, &hostid) == 0) {
2440 hostname = fnvlist_lookup_string(mos_config,
2441 ZPOOL_CONFIG_HOSTNAME);
2443 myhostid = zone_get_hostid(NULL);
2445 if (hostid != 0 && myhostid != 0 && hostid != myhostid) {
2446 cmn_err(CE_WARN, "pool '%s' could not be "
2447 "loaded as it was last accessed by "
2448 "another system (host: %s hostid: 0x%llx). "
2449 "See: http://illumos.org/msg/ZFS-8000-EY",
2450 spa_name(spa), hostname, (u_longlong_t)hostid);
2451 spa_load_failed(spa, "hostid verification failed: pool "
2452 "last accessed by host: %s (hostid: 0x%llx)",
2453 hostname, (u_longlong_t)hostid);
2454 return (SET_ERROR(EBADF));
2462 spa_ld_parse_config(spa_t *spa, spa_import_type_t type)
2465 nvlist_t *nvtree, *nvl, *config = spa->spa_config;
2472 * Versioning wasn't explicitly added to the label until later, so if
2473 * it's not present treat it as the initial version.
2475 if (nvlist_lookup_uint64(config, ZPOOL_CONFIG_VERSION,
2476 &spa->spa_ubsync.ub_version) != 0)
2477 spa->spa_ubsync.ub_version = SPA_VERSION_INITIAL;
2479 if (nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_GUID, &pool_guid)) {
2480 spa_load_failed(spa, "invalid config provided: '%s' missing",
2481 ZPOOL_CONFIG_POOL_GUID);
2482 return (SET_ERROR(EINVAL));
2486 * If we are doing an import, ensure that the pool is not already
2487 * imported by checking if its pool guid already exists in the
2490 * The only case that we allow an already imported pool to be
2491 * imported again, is when the pool is checkpointed and we want to
2492 * look at its checkpointed state from userland tools like zdb.
2495 if ((spa->spa_load_state == SPA_LOAD_IMPORT ||
2496 spa->spa_load_state == SPA_LOAD_TRYIMPORT) &&
2497 spa_guid_exists(pool_guid, 0)) {
2499 if ((spa->spa_load_state == SPA_LOAD_IMPORT ||
2500 spa->spa_load_state == SPA_LOAD_TRYIMPORT) &&
2501 spa_guid_exists(pool_guid, 0) &&
2502 !spa_importing_readonly_checkpoint(spa)) {
2504 spa_load_failed(spa, "a pool with guid %llu is already open",
2505 (u_longlong_t)pool_guid);
2506 return (SET_ERROR(EEXIST));
2509 spa->spa_config_guid = pool_guid;
2511 nvlist_free(spa->spa_load_info);
2512 spa->spa_load_info = fnvlist_alloc();
2514 ASSERT(spa->spa_comment == NULL);
2515 if (nvlist_lookup_string(config, ZPOOL_CONFIG_COMMENT, &comment) == 0)
2516 spa->spa_comment = spa_strdup(comment);
2518 (void) nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_TXG,
2519 &spa->spa_config_txg);
2521 if (nvlist_lookup_nvlist(config, ZPOOL_CONFIG_SPLIT, &nvl) == 0)
2522 spa->spa_config_splitting = fnvlist_dup(nvl);
2524 if (nvlist_lookup_nvlist(config, ZPOOL_CONFIG_VDEV_TREE, &nvtree)) {
2525 spa_load_failed(spa, "invalid config provided: '%s' missing",
2526 ZPOOL_CONFIG_VDEV_TREE);
2527 return (SET_ERROR(EINVAL));
2531 * Create "The Godfather" zio to hold all async IOs
2533 spa->spa_async_zio_root = kmem_alloc(max_ncpus * sizeof (void *),
2535 for (int i = 0; i < max_ncpus; i++) {
2536 spa->spa_async_zio_root[i] = zio_root(spa, NULL, NULL,
2537 ZIO_FLAG_CANFAIL | ZIO_FLAG_SPECULATIVE |
2538 ZIO_FLAG_GODFATHER);
2542 * Parse the configuration into a vdev tree. We explicitly set the
2543 * value that will be returned by spa_version() since parsing the
2544 * configuration requires knowing the version number.
2546 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
2547 parse = (type == SPA_IMPORT_EXISTING ?
2548 VDEV_ALLOC_LOAD : VDEV_ALLOC_SPLIT);
2549 error = spa_config_parse(spa, &rvd, nvtree, NULL, 0, parse);
2550 spa_config_exit(spa, SCL_ALL, FTAG);
2553 spa_load_failed(spa, "unable to parse config [error=%d]",
2558 ASSERT(spa->spa_root_vdev == rvd);
2559 ASSERT3U(spa->spa_min_ashift, >=, SPA_MINBLOCKSHIFT);
2560 ASSERT3U(spa->spa_max_ashift, <=, SPA_MAXBLOCKSHIFT);
2562 if (type != SPA_IMPORT_ASSEMBLE) {
2563 ASSERT(spa_guid(spa) == pool_guid);
2570 * Recursively open all vdevs in the vdev tree. This function is called twice:
2571 * first with the untrusted config, then with the trusted config.
2574 spa_ld_open_vdevs(spa_t *spa)
2579 * spa_missing_tvds_allowed defines how many top-level vdevs can be
2580 * missing/unopenable for the root vdev to be still considered openable.
2582 if (spa->spa_trust_config) {
2583 spa->spa_missing_tvds_allowed = zfs_max_missing_tvds;
2584 } else if (spa->spa_config_source == SPA_CONFIG_SRC_CACHEFILE) {
2585 spa->spa_missing_tvds_allowed = zfs_max_missing_tvds_cachefile;
2586 } else if (spa->spa_config_source == SPA_CONFIG_SRC_SCAN) {
2587 spa->spa_missing_tvds_allowed = zfs_max_missing_tvds_scan;
2589 spa->spa_missing_tvds_allowed = 0;
2592 spa->spa_missing_tvds_allowed =
2593 MAX(zfs_max_missing_tvds, spa->spa_missing_tvds_allowed);
2595 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
2596 error = vdev_open(spa->spa_root_vdev);
2597 spa_config_exit(spa, SCL_ALL, FTAG);
2599 if (spa->spa_missing_tvds != 0) {
2600 spa_load_note(spa, "vdev tree has %lld missing top-level "
2601 "vdevs.", (u_longlong_t)spa->spa_missing_tvds);
2602 if (spa->spa_trust_config && (spa->spa_mode & FWRITE)) {
2604 * Although theoretically we could allow users to open
2605 * incomplete pools in RW mode, we'd need to add a lot
2606 * of extra logic (e.g. adjust pool space to account
2607 * for missing vdevs).
2608 * This limitation also prevents users from accidentally
2609 * opening the pool in RW mode during data recovery and
2610 * damaging it further.
2612 spa_load_note(spa, "pools with missing top-level "
2613 "vdevs can only be opened in read-only mode.");
2614 error = SET_ERROR(ENXIO);
2616 spa_load_note(spa, "current settings allow for maximum "
2617 "%lld missing top-level vdevs at this stage.",
2618 (u_longlong_t)spa->spa_missing_tvds_allowed);
2622 spa_load_failed(spa, "unable to open vdev tree [error=%d]",
2625 if (spa->spa_missing_tvds != 0 || error != 0)
2626 vdev_dbgmsg_print_tree(spa->spa_root_vdev, 2);
2632 * We need to validate the vdev labels against the configuration that
2633 * we have in hand. This function is called twice: first with an untrusted
2634 * config, then with a trusted config. The validation is more strict when the
2635 * config is trusted.
2638 spa_ld_validate_vdevs(spa_t *spa)
2641 vdev_t *rvd = spa->spa_root_vdev;
2643 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
2644 error = vdev_validate(rvd);
2645 spa_config_exit(spa, SCL_ALL, FTAG);
2648 spa_load_failed(spa, "vdev_validate failed [error=%d]", error);
2652 if (rvd->vdev_state <= VDEV_STATE_CANT_OPEN) {
2653 spa_load_failed(spa, "cannot open vdev tree after invalidating "
2655 vdev_dbgmsg_print_tree(rvd, 2);
2656 return (SET_ERROR(ENXIO));
2663 spa_ld_select_uberblock_done(spa_t *spa, uberblock_t *ub)
2665 spa->spa_state = POOL_STATE_ACTIVE;
2666 spa->spa_ubsync = spa->spa_uberblock;
2667 spa->spa_verify_min_txg = spa->spa_extreme_rewind ?
2668 TXG_INITIAL - 1 : spa_last_synced_txg(spa) - TXG_DEFER_SIZE - 1;
2669 spa->spa_first_txg = spa->spa_last_ubsync_txg ?
2670 spa->spa_last_ubsync_txg : spa_last_synced_txg(spa) + 1;
2671 spa->spa_claim_max_txg = spa->spa_first_txg;
2672 spa->spa_prev_software_version = ub->ub_software_version;
2676 spa_ld_select_uberblock(spa_t *spa, spa_import_type_t type)
2678 vdev_t *rvd = spa->spa_root_vdev;
2680 uberblock_t *ub = &spa->spa_uberblock;
2683 * If we are opening the checkpointed state of the pool by
2684 * rewinding to it, at this point we will have written the
2685 * checkpointed uberblock to the vdev labels, so searching
2686 * the labels will find the right uberblock. However, if
2687 * we are opening the checkpointed state read-only, we have
2688 * not modified the labels. Therefore, we must ignore the
2689 * labels and continue using the spa_uberblock that was set
2690 * by spa_ld_checkpoint_rewind.
2692 * Note that it would be fine to ignore the labels when
2693 * rewinding (opening writeable) as well. However, if we
2694 * crash just after writing the labels, we will end up
2695 * searching the labels. Doing so in the common case means
2696 * that this code path gets exercised normally, rather than
2697 * just in the edge case.
2699 if (ub->ub_checkpoint_txg != 0 &&
2700 spa_importing_readonly_checkpoint(spa)) {
2701 spa_ld_select_uberblock_done(spa, ub);
2706 * Find the best uberblock.
2708 vdev_uberblock_load(rvd, ub, &label);
2711 * If we weren't able to find a single valid uberblock, return failure.
2713 if (ub->ub_txg == 0) {
2715 spa_load_failed(spa, "no valid uberblock found");
2716 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, ENXIO));
2719 spa_load_note(spa, "using uberblock with txg=%llu",
2720 (u_longlong_t)ub->ub_txg);
2723 * If the pool has an unsupported version we can't open it.
2725 if (!SPA_VERSION_IS_SUPPORTED(ub->ub_version)) {
2727 spa_load_failed(spa, "version %llu is not supported",
2728 (u_longlong_t)ub->ub_version);
2729 return (spa_vdev_err(rvd, VDEV_AUX_VERSION_NEWER, ENOTSUP));
2732 if (ub->ub_version >= SPA_VERSION_FEATURES) {
2736 * If we weren't able to find what's necessary for reading the
2737 * MOS in the label, return failure.
2739 if (label == NULL) {
2740 spa_load_failed(spa, "label config unavailable");
2741 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA,
2745 if (nvlist_lookup_nvlist(label, ZPOOL_CONFIG_FEATURES_FOR_READ,
2748 spa_load_failed(spa, "invalid label: '%s' missing",
2749 ZPOOL_CONFIG_FEATURES_FOR_READ);
2750 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA,
2755 * Update our in-core representation with the definitive values
2758 nvlist_free(spa->spa_label_features);
2759 VERIFY(nvlist_dup(features, &spa->spa_label_features, 0) == 0);
2765 * Look through entries in the label nvlist's features_for_read. If
2766 * there is a feature listed there which we don't understand then we
2767 * cannot open a pool.
2769 if (ub->ub_version >= SPA_VERSION_FEATURES) {
2770 nvlist_t *unsup_feat;
2772 VERIFY(nvlist_alloc(&unsup_feat, NV_UNIQUE_NAME, KM_SLEEP) ==
2775 for (nvpair_t *nvp = nvlist_next_nvpair(spa->spa_label_features,
2777 nvp = nvlist_next_nvpair(spa->spa_label_features, nvp)) {
2778 if (!zfeature_is_supported(nvpair_name(nvp))) {
2779 VERIFY(nvlist_add_string(unsup_feat,
2780 nvpair_name(nvp), "") == 0);
2784 if (!nvlist_empty(unsup_feat)) {
2785 VERIFY(nvlist_add_nvlist(spa->spa_load_info,
2786 ZPOOL_CONFIG_UNSUP_FEAT, unsup_feat) == 0);
2787 nvlist_free(unsup_feat);
2788 spa_load_failed(spa, "some features are unsupported");
2789 return (spa_vdev_err(rvd, VDEV_AUX_UNSUP_FEAT,
2793 nvlist_free(unsup_feat);
2796 if (type != SPA_IMPORT_ASSEMBLE && spa->spa_config_splitting) {
2797 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
2798 spa_try_repair(spa, spa->spa_config);
2799 spa_config_exit(spa, SCL_ALL, FTAG);
2800 nvlist_free(spa->spa_config_splitting);
2801 spa->spa_config_splitting = NULL;
2805 * Initialize internal SPA structures.
2807 spa_ld_select_uberblock_done(spa, ub);
2813 spa_ld_open_rootbp(spa_t *spa)
2816 vdev_t *rvd = spa->spa_root_vdev;
2818 error = dsl_pool_init(spa, spa->spa_first_txg, &spa->spa_dsl_pool);
2820 spa_load_failed(spa, "unable to open rootbp in dsl_pool_init "
2821 "[error=%d]", error);
2822 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
2824 spa->spa_meta_objset = spa->spa_dsl_pool->dp_meta_objset;
2830 spa_ld_trusted_config(spa_t *spa, spa_import_type_t type,
2831 boolean_t reloading)
2833 vdev_t *mrvd, *rvd = spa->spa_root_vdev;
2834 nvlist_t *nv, *mos_config, *policy;
2835 int error = 0, copy_error;
2836 uint64_t healthy_tvds, healthy_tvds_mos;
2837 uint64_t mos_config_txg;
2839 if (spa_dir_prop(spa, DMU_POOL_CONFIG, &spa->spa_config_object, B_TRUE)
2841 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
2844 * If we're assembling a pool from a split, the config provided is
2845 * already trusted so there is nothing to do.
2847 if (type == SPA_IMPORT_ASSEMBLE)
2850 healthy_tvds = spa_healthy_core_tvds(spa);
2852 if (load_nvlist(spa, spa->spa_config_object, &mos_config)
2854 spa_load_failed(spa, "unable to retrieve MOS config");
2855 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
2859 * If we are doing an open, pool owner wasn't verified yet, thus do
2860 * the verification here.
2862 if (spa->spa_load_state == SPA_LOAD_OPEN) {
2863 error = spa_verify_host(spa, mos_config);
2865 nvlist_free(mos_config);
2870 nv = fnvlist_lookup_nvlist(mos_config, ZPOOL_CONFIG_VDEV_TREE);
2872 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
2875 * Build a new vdev tree from the trusted config
2877 VERIFY(spa_config_parse(spa, &mrvd, nv, NULL, 0, VDEV_ALLOC_LOAD) == 0);
2880 * Vdev paths in the MOS may be obsolete. If the untrusted config was
2881 * obtained by scanning /dev/dsk, then it will have the right vdev
2882 * paths. We update the trusted MOS config with this information.
2883 * We first try to copy the paths with vdev_copy_path_strict, which
2884 * succeeds only when both configs have exactly the same vdev tree.
2885 * If that fails, we fall back to a more flexible method that has a
2886 * best effort policy.
2888 copy_error = vdev_copy_path_strict(rvd, mrvd);
2889 if (copy_error != 0 || spa_load_print_vdev_tree) {
2890 spa_load_note(spa, "provided vdev tree:");
2891 vdev_dbgmsg_print_tree(rvd, 2);
2892 spa_load_note(spa, "MOS vdev tree:");
2893 vdev_dbgmsg_print_tree(mrvd, 2);
2895 if (copy_error != 0) {
2896 spa_load_note(spa, "vdev_copy_path_strict failed, falling "
2897 "back to vdev_copy_path_relaxed");
2898 vdev_copy_path_relaxed(rvd, mrvd);
2903 spa->spa_root_vdev = mrvd;
2905 spa_config_exit(spa, SCL_ALL, FTAG);
2908 * We will use spa_config if we decide to reload the spa or if spa_load
2909 * fails and we rewind. We must thus regenerate the config using the
2910 * MOS information with the updated paths. ZPOOL_LOAD_POLICY is used to
2911 * pass settings on how to load the pool and is not stored in the MOS.
2912 * We copy it over to our new, trusted config.
2914 mos_config_txg = fnvlist_lookup_uint64(mos_config,
2915 ZPOOL_CONFIG_POOL_TXG);
2916 nvlist_free(mos_config);
2917 mos_config = spa_config_generate(spa, NULL, mos_config_txg, B_FALSE);
2918 if (nvlist_lookup_nvlist(spa->spa_config, ZPOOL_LOAD_POLICY,
2920 fnvlist_add_nvlist(mos_config, ZPOOL_LOAD_POLICY, policy);
2921 spa_config_set(spa, mos_config);
2922 spa->spa_config_source = SPA_CONFIG_SRC_MOS;
2925 * Now that we got the config from the MOS, we should be more strict
2926 * in checking blkptrs and can make assumptions about the consistency
2927 * of the vdev tree. spa_trust_config must be set to true before opening
2928 * vdevs in order for them to be writeable.
2930 spa->spa_trust_config = B_TRUE;
2933 * Open and validate the new vdev tree
2935 error = spa_ld_open_vdevs(spa);
2939 error = spa_ld_validate_vdevs(spa);
2943 if (copy_error != 0 || spa_load_print_vdev_tree) {
2944 spa_load_note(spa, "final vdev tree:");
2945 vdev_dbgmsg_print_tree(rvd, 2);
2948 if (spa->spa_load_state != SPA_LOAD_TRYIMPORT &&
2949 !spa->spa_extreme_rewind && zfs_max_missing_tvds == 0) {
2951 * Sanity check to make sure that we are indeed loading the
2952 * latest uberblock. If we missed SPA_SYNC_MIN_VDEVS tvds
2953 * in the config provided and they happened to be the only ones
2954 * to have the latest uberblock, we could involuntarily perform
2955 * an extreme rewind.
2957 healthy_tvds_mos = spa_healthy_core_tvds(spa);
2958 if (healthy_tvds_mos - healthy_tvds >=
2959 SPA_SYNC_MIN_VDEVS) {
2960 spa_load_note(spa, "config provided misses too many "
2961 "top-level vdevs compared to MOS (%lld vs %lld). ",
2962 (u_longlong_t)healthy_tvds,
2963 (u_longlong_t)healthy_tvds_mos);
2964 spa_load_note(spa, "vdev tree:");
2965 vdev_dbgmsg_print_tree(rvd, 2);
2967 spa_load_failed(spa, "config was already "
2968 "provided from MOS. Aborting.");
2969 return (spa_vdev_err(rvd,
2970 VDEV_AUX_CORRUPT_DATA, EIO));
2972 spa_load_note(spa, "spa must be reloaded using MOS "
2974 return (SET_ERROR(EAGAIN));
2978 error = spa_check_for_missing_logs(spa);
2980 return (spa_vdev_err(rvd, VDEV_AUX_BAD_GUID_SUM, ENXIO));
2982 if (rvd->vdev_guid_sum != spa->spa_uberblock.ub_guid_sum) {
2983 spa_load_failed(spa, "uberblock guid sum doesn't match MOS "
2984 "guid sum (%llu != %llu)",
2985 (u_longlong_t)spa->spa_uberblock.ub_guid_sum,
2986 (u_longlong_t)rvd->vdev_guid_sum);
2987 return (spa_vdev_err(rvd, VDEV_AUX_BAD_GUID_SUM,
2995 spa_ld_open_indirect_vdev_metadata(spa_t *spa)
2998 vdev_t *rvd = spa->spa_root_vdev;
3001 * Everything that we read before spa_remove_init() must be stored
3002 * on concreted vdevs. Therefore we do this as early as possible.
3004 error = spa_remove_init(spa);
3006 spa_load_failed(spa, "spa_remove_init failed [error=%d]",
3008 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
3012 * Retrieve information needed to condense indirect vdev mappings.
3014 error = spa_condense_init(spa);
3016 spa_load_failed(spa, "spa_condense_init failed [error=%d]",
3018 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, error));
3025 spa_ld_check_features(spa_t *spa, boolean_t *missing_feat_writep)
3028 vdev_t *rvd = spa->spa_root_vdev;
3030 if (spa_version(spa) >= SPA_VERSION_FEATURES) {
3031 boolean_t missing_feat_read = B_FALSE;
3032 nvlist_t *unsup_feat, *enabled_feat;
3034 if (spa_dir_prop(spa, DMU_POOL_FEATURES_FOR_READ,
3035 &spa->spa_feat_for_read_obj, B_TRUE) != 0) {
3036 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
3039 if (spa_dir_prop(spa, DMU_POOL_FEATURES_FOR_WRITE,
3040 &spa->spa_feat_for_write_obj, B_TRUE) != 0) {
3041 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
3044 if (spa_dir_prop(spa, DMU_POOL_FEATURE_DESCRIPTIONS,
3045 &spa->spa_feat_desc_obj, B_TRUE) != 0) {
3046 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
3049 enabled_feat = fnvlist_alloc();
3050 unsup_feat = fnvlist_alloc();
3052 if (!spa_features_check(spa, B_FALSE,
3053 unsup_feat, enabled_feat))
3054 missing_feat_read = B_TRUE;
3056 if (spa_writeable(spa) ||
3057 spa->spa_load_state == SPA_LOAD_TRYIMPORT) {
3058 if (!spa_features_check(spa, B_TRUE,
3059 unsup_feat, enabled_feat)) {
3060 *missing_feat_writep = B_TRUE;
3064 fnvlist_add_nvlist(spa->spa_load_info,
3065 ZPOOL_CONFIG_ENABLED_FEAT, enabled_feat);
3067 if (!nvlist_empty(unsup_feat)) {
3068 fnvlist_add_nvlist(spa->spa_load_info,
3069 ZPOOL_CONFIG_UNSUP_FEAT, unsup_feat);
3072 fnvlist_free(enabled_feat);
3073 fnvlist_free(unsup_feat);
3075 if (!missing_feat_read) {
3076 fnvlist_add_boolean(spa->spa_load_info,
3077 ZPOOL_CONFIG_CAN_RDONLY);
3081 * If the state is SPA_LOAD_TRYIMPORT, our objective is
3082 * twofold: to determine whether the pool is available for
3083 * import in read-write mode and (if it is not) whether the
3084 * pool is available for import in read-only mode. If the pool
3085 * is available for import in read-write mode, it is displayed
3086 * as available in userland; if it is not available for import
3087 * in read-only mode, it is displayed as unavailable in
3088 * userland. If the pool is available for import in read-only
3089 * mode but not read-write mode, it is displayed as unavailable
3090 * in userland with a special note that the pool is actually
3091 * available for open in read-only mode.
3093 * As a result, if the state is SPA_LOAD_TRYIMPORT and we are
3094 * missing a feature for write, we must first determine whether
3095 * the pool can be opened read-only before returning to
3096 * userland in order to know whether to display the
3097 * abovementioned note.
3099 if (missing_feat_read || (*missing_feat_writep &&
3100 spa_writeable(spa))) {
3101 spa_load_failed(spa, "pool uses unsupported features");
3102 return (spa_vdev_err(rvd, VDEV_AUX_UNSUP_FEAT,
3107 * Load refcounts for ZFS features from disk into an in-memory
3108 * cache during SPA initialization.
3110 for (spa_feature_t i = 0; i < SPA_FEATURES; i++) {
3113 error = feature_get_refcount_from_disk(spa,
3114 &spa_feature_table[i], &refcount);
3116 spa->spa_feat_refcount_cache[i] = refcount;
3117 } else if (error == ENOTSUP) {
3118 spa->spa_feat_refcount_cache[i] =
3119 SPA_FEATURE_DISABLED;
3121 spa_load_failed(spa, "error getting refcount "
3122 "for feature %s [error=%d]",
3123 spa_feature_table[i].fi_guid, error);
3124 return (spa_vdev_err(rvd,
3125 VDEV_AUX_CORRUPT_DATA, EIO));
3130 if (spa_feature_is_active(spa, SPA_FEATURE_ENABLED_TXG)) {
3131 if (spa_dir_prop(spa, DMU_POOL_FEATURE_ENABLED_TXG,
3132 &spa->spa_feat_enabled_txg_obj, B_TRUE) != 0)
3133 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
3140 spa_ld_load_special_directories(spa_t *spa)
3143 vdev_t *rvd = spa->spa_root_vdev;
3145 spa->spa_is_initializing = B_TRUE;
3146 error = dsl_pool_open(spa->spa_dsl_pool);
3147 spa->spa_is_initializing = B_FALSE;
3149 spa_load_failed(spa, "dsl_pool_open failed [error=%d]", error);
3150 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
3157 spa_ld_get_props(spa_t *spa)
3161 vdev_t *rvd = spa->spa_root_vdev;
3163 /* Grab the secret checksum salt from the MOS. */
3164 error = zap_lookup(spa->spa_meta_objset, DMU_POOL_DIRECTORY_OBJECT,
3165 DMU_POOL_CHECKSUM_SALT, 1,
3166 sizeof (spa->spa_cksum_salt.zcs_bytes),
3167 spa->spa_cksum_salt.zcs_bytes);
3168 if (error == ENOENT) {
3169 /* Generate a new salt for subsequent use */
3170 (void) random_get_pseudo_bytes(spa->spa_cksum_salt.zcs_bytes,
3171 sizeof (spa->spa_cksum_salt.zcs_bytes));
3172 } else if (error != 0) {
3173 spa_load_failed(spa, "unable to retrieve checksum salt from "
3174 "MOS [error=%d]", error);
3175 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
3178 if (spa_dir_prop(spa, DMU_POOL_SYNC_BPOBJ, &obj, B_TRUE) != 0)
3179 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
3180 error = bpobj_open(&spa->spa_deferred_bpobj, spa->spa_meta_objset, obj);
3182 spa_load_failed(spa, "error opening deferred-frees bpobj "
3183 "[error=%d]", error);
3184 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
3188 * Load the bit that tells us to use the new accounting function
3189 * (raid-z deflation). If we have an older pool, this will not
3192 error = spa_dir_prop(spa, DMU_POOL_DEFLATE, &spa->spa_deflate, B_FALSE);
3193 if (error != 0 && error != ENOENT)
3194 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
3196 error = spa_dir_prop(spa, DMU_POOL_CREATION_VERSION,
3197 &spa->spa_creation_version, B_FALSE);
3198 if (error != 0 && error != ENOENT)
3199 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
3202 * Load the persistent error log. If we have an older pool, this will
3205 error = spa_dir_prop(spa, DMU_POOL_ERRLOG_LAST, &spa->spa_errlog_last,
3207 if (error != 0 && error != ENOENT)
3208 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
3210 error = spa_dir_prop(spa, DMU_POOL_ERRLOG_SCRUB,
3211 &spa->spa_errlog_scrub, B_FALSE);
3212 if (error != 0 && error != ENOENT)
3213 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
3216 * Load the history object. If we have an older pool, this
3217 * will not be present.
3219 error = spa_dir_prop(spa, DMU_POOL_HISTORY, &spa->spa_history, B_FALSE);
3220 if (error != 0 && error != ENOENT)
3221 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
3224 * Load the per-vdev ZAP map. If we have an older pool, this will not
3225 * be present; in this case, defer its creation to a later time to
3226 * avoid dirtying the MOS this early / out of sync context. See
3227 * spa_sync_config_object.
3230 /* The sentinel is only available in the MOS config. */
3231 nvlist_t *mos_config;
3232 if (load_nvlist(spa, spa->spa_config_object, &mos_config) != 0) {
3233 spa_load_failed(spa, "unable to retrieve MOS config");
3234 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
3237 error = spa_dir_prop(spa, DMU_POOL_VDEV_ZAP_MAP,
3238 &spa->spa_all_vdev_zaps, B_FALSE);
3240 if (error == ENOENT) {
3241 VERIFY(!nvlist_exists(mos_config,
3242 ZPOOL_CONFIG_HAS_PER_VDEV_ZAPS));
3243 spa->spa_avz_action = AVZ_ACTION_INITIALIZE;
3244 ASSERT0(vdev_count_verify_zaps(spa->spa_root_vdev));
3245 } else if (error != 0) {
3246 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
3247 } else if (!nvlist_exists(mos_config, ZPOOL_CONFIG_HAS_PER_VDEV_ZAPS)) {
3249 * An older version of ZFS overwrote the sentinel value, so
3250 * we have orphaned per-vdev ZAPs in the MOS. Defer their
3251 * destruction to later; see spa_sync_config_object.
3253 spa->spa_avz_action = AVZ_ACTION_DESTROY;
3255 * We're assuming that no vdevs have had their ZAPs created
3256 * before this. Better be sure of it.
3258 ASSERT0(vdev_count_verify_zaps(spa->spa_root_vdev));
3260 nvlist_free(mos_config);
3262 spa->spa_delegation = zpool_prop_default_numeric(ZPOOL_PROP_DELEGATION);
3264 error = spa_dir_prop(spa, DMU_POOL_PROPS, &spa->spa_pool_props_object,
3266 if (error && error != ENOENT)
3267 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
3270 uint64_t autoreplace;
3272 spa_prop_find(spa, ZPOOL_PROP_BOOTFS, &spa->spa_bootfs);
3273 spa_prop_find(spa, ZPOOL_PROP_AUTOREPLACE, &autoreplace);
3274 spa_prop_find(spa, ZPOOL_PROP_DELEGATION, &spa->spa_delegation);
3275 spa_prop_find(spa, ZPOOL_PROP_FAILUREMODE, &spa->spa_failmode);
3276 spa_prop_find(spa, ZPOOL_PROP_AUTOEXPAND, &spa->spa_autoexpand);
3277 spa_prop_find(spa, ZPOOL_PROP_DEDUPDITTO,
3278 &spa->spa_dedup_ditto);
3280 spa->spa_autoreplace = (autoreplace != 0);
3284 * If we are importing a pool with missing top-level vdevs,
3285 * we enforce that the pool doesn't panic or get suspended on
3286 * error since the likelihood of missing data is extremely high.
3288 if (spa->spa_missing_tvds > 0 &&
3289 spa->spa_failmode != ZIO_FAILURE_MODE_CONTINUE &&
3290 spa->spa_load_state != SPA_LOAD_TRYIMPORT) {
3291 spa_load_note(spa, "forcing failmode to 'continue' "
3292 "as some top level vdevs are missing");
3293 spa->spa_failmode = ZIO_FAILURE_MODE_CONTINUE;
3300 spa_ld_open_aux_vdevs(spa_t *spa, spa_import_type_t type)
3303 vdev_t *rvd = spa->spa_root_vdev;
3306 * If we're assembling the pool from the split-off vdevs of
3307 * an existing pool, we don't want to attach the spares & cache
3312 * Load any hot spares for this pool.
3314 error = spa_dir_prop(spa, DMU_POOL_SPARES, &spa->spa_spares.sav_object,
3316 if (error != 0 && error != ENOENT)
3317 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
3318 if (error == 0 && type != SPA_IMPORT_ASSEMBLE) {
3319 ASSERT(spa_version(spa) >= SPA_VERSION_SPARES);
3320 if (load_nvlist(spa, spa->spa_spares.sav_object,
3321 &spa->spa_spares.sav_config) != 0) {
3322 spa_load_failed(spa, "error loading spares nvlist");
3323 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
3326 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
3327 spa_load_spares(spa);
3328 spa_config_exit(spa, SCL_ALL, FTAG);
3329 } else if (error == 0) {
3330 spa->spa_spares.sav_sync = B_TRUE;
3334 * Load any level 2 ARC devices for this pool.
3336 error = spa_dir_prop(spa, DMU_POOL_L2CACHE,
3337 &spa->spa_l2cache.sav_object, B_FALSE);
3338 if (error != 0 && error != ENOENT)
3339 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
3340 if (error == 0 && type != SPA_IMPORT_ASSEMBLE) {
3341 ASSERT(spa_version(spa) >= SPA_VERSION_L2CACHE);
3342 if (load_nvlist(spa, spa->spa_l2cache.sav_object,
3343 &spa->spa_l2cache.sav_config) != 0) {
3344 spa_load_failed(spa, "error loading l2cache nvlist");
3345 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
3348 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
3349 spa_load_l2cache(spa);
3350 spa_config_exit(spa, SCL_ALL, FTAG);
3351 } else if (error == 0) {
3352 spa->spa_l2cache.sav_sync = B_TRUE;
3359 spa_ld_load_vdev_metadata(spa_t *spa)
3362 vdev_t *rvd = spa->spa_root_vdev;
3365 * If the 'autoreplace' property is set, then post a resource notifying
3366 * the ZFS DE that it should not issue any faults for unopenable
3367 * devices. We also iterate over the vdevs, and post a sysevent for any
3368 * unopenable vdevs so that the normal autoreplace handler can take
3371 if (spa->spa_autoreplace && spa->spa_load_state != SPA_LOAD_TRYIMPORT) {
3372 spa_check_removed(spa->spa_root_vdev);
3374 * For the import case, this is done in spa_import(), because
3375 * at this point we're using the spare definitions from
3376 * the MOS config, not necessarily from the userland config.
3378 if (spa->spa_load_state != SPA_LOAD_IMPORT) {
3379 spa_aux_check_removed(&spa->spa_spares);
3380 spa_aux_check_removed(&spa->spa_l2cache);
3385 * Load the vdev metadata such as metaslabs, DTLs, spacemap object, etc.
3387 error = vdev_load(rvd);
3389 spa_load_failed(spa, "vdev_load failed [error=%d]", error);
3390 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, error));
3394 * Propagate the leaf DTLs we just loaded all the way up the vdev tree.
3396 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
3397 vdev_dtl_reassess(rvd, 0, 0, B_FALSE);
3398 spa_config_exit(spa, SCL_ALL, FTAG);
3404 spa_ld_load_dedup_tables(spa_t *spa)
3407 vdev_t *rvd = spa->spa_root_vdev;
3409 error = ddt_load(spa);
3411 spa_load_failed(spa, "ddt_load failed [error=%d]", error);
3412 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
3419 spa_ld_verify_logs(spa_t *spa, spa_import_type_t type, char **ereport)
3421 vdev_t *rvd = spa->spa_root_vdev;
3423 if (type != SPA_IMPORT_ASSEMBLE && spa_writeable(spa)) {
3424 boolean_t missing = spa_check_logs(spa);
3426 if (spa->spa_missing_tvds != 0) {
3427 spa_load_note(spa, "spa_check_logs failed "
3428 "so dropping the logs");
3430 *ereport = FM_EREPORT_ZFS_LOG_REPLAY;
3431 spa_load_failed(spa, "spa_check_logs failed");
3432 return (spa_vdev_err(rvd, VDEV_AUX_BAD_LOG,
3442 spa_ld_verify_pool_data(spa_t *spa)
3445 vdev_t *rvd = spa->spa_root_vdev;
3448 * We've successfully opened the pool, verify that we're ready
3449 * to start pushing transactions.
3451 if (spa->spa_load_state != SPA_LOAD_TRYIMPORT) {
3452 error = spa_load_verify(spa);
3454 spa_load_failed(spa, "spa_load_verify failed "
3455 "[error=%d]", error);
3456 return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA,
3465 spa_ld_claim_log_blocks(spa_t *spa)
3468 dsl_pool_t *dp = spa_get_dsl(spa);
3471 * Claim log blocks that haven't been committed yet.
3472 * This must all happen in a single txg.
3473 * Note: spa_claim_max_txg is updated by spa_claim_notify(),
3474 * invoked from zil_claim_log_block()'s i/o done callback.
3475 * Price of rollback is that we abandon the log.
3477 spa->spa_claiming = B_TRUE;
3479 tx = dmu_tx_create_assigned(dp, spa_first_txg(spa));
3480 (void) dmu_objset_find_dp(dp, dp->dp_root_dir_obj,
3481 zil_claim, tx, DS_FIND_CHILDREN);
3484 spa->spa_claiming = B_FALSE;
3486 spa_set_log_state(spa, SPA_LOG_GOOD);
3490 spa_ld_check_for_config_update(spa_t *spa, uint64_t config_cache_txg,
3491 boolean_t update_config_cache)
3493 vdev_t *rvd = spa->spa_root_vdev;
3494 int need_update = B_FALSE;
3497 * If the config cache is stale, or we have uninitialized
3498 * metaslabs (see spa_vdev_add()), then update the config.
3500 * If this is a verbatim import, trust the current
3501 * in-core spa_config and update the disk labels.
3503 if (update_config_cache || config_cache_txg != spa->spa_config_txg ||
3504 spa->spa_load_state == SPA_LOAD_IMPORT ||
3505 spa->spa_load_state == SPA_LOAD_RECOVER ||
3506 (spa->spa_import_flags & ZFS_IMPORT_VERBATIM))
3507 need_update = B_TRUE;
3509 for (int c = 0; c < rvd->vdev_children; c++)
3510 if (rvd->vdev_child[c]->vdev_ms_array == 0)
3511 need_update = B_TRUE;
3514 * Update the config cache asychronously in case we're the
3515 * root pool, in which case the config cache isn't writable yet.
3518 spa_async_request(spa, SPA_ASYNC_CONFIG_UPDATE);
3522 spa_ld_prepare_for_reload(spa_t *spa)
3524 int mode = spa->spa_mode;
3525 int async_suspended = spa->spa_async_suspended;
3528 spa_deactivate(spa);
3529 spa_activate(spa, mode);
3532 * We save the value of spa_async_suspended as it gets reset to 0 by
3533 * spa_unload(). We want to restore it back to the original value before
3534 * returning as we might be calling spa_async_resume() later.
3536 spa->spa_async_suspended = async_suspended;
3540 spa_ld_read_checkpoint_txg(spa_t *spa)
3542 uberblock_t checkpoint;
3545 ASSERT0(spa->spa_checkpoint_txg);
3546 ASSERT(MUTEX_HELD(&spa_namespace_lock));
3548 error = zap_lookup(spa->spa_meta_objset, DMU_POOL_DIRECTORY_OBJECT,
3549 DMU_POOL_ZPOOL_CHECKPOINT, sizeof (uint64_t),
3550 sizeof (uberblock_t) / sizeof (uint64_t), &checkpoint);
3552 if (error == ENOENT)
3558 ASSERT3U(checkpoint.ub_txg, !=, 0);
3559 ASSERT3U(checkpoint.ub_checkpoint_txg, !=, 0);
3560 ASSERT3U(checkpoint.ub_timestamp, !=, 0);
3561 spa->spa_checkpoint_txg = checkpoint.ub_txg;
3562 spa->spa_checkpoint_info.sci_timestamp = checkpoint.ub_timestamp;
3568 spa_ld_mos_init(spa_t *spa, spa_import_type_t type)
3572 ASSERT(MUTEX_HELD(&spa_namespace_lock));
3573 ASSERT(spa->spa_config_source != SPA_CONFIG_SRC_NONE);
3576 * Never trust the config that is provided unless we are assembling
3577 * a pool following a split.
3578 * This means don't trust blkptrs and the vdev tree in general. This
3579 * also effectively puts the spa in read-only mode since
3580 * spa_writeable() checks for spa_trust_config to be true.
3581 * We will later load a trusted config from the MOS.
3583 if (type != SPA_IMPORT_ASSEMBLE)
3584 spa->spa_trust_config = B_FALSE;
3587 * Parse the config provided to create a vdev tree.
3589 error = spa_ld_parse_config(spa, type);
3594 * Now that we have the vdev tree, try to open each vdev. This involves
3595 * opening the underlying physical device, retrieving its geometry and
3596 * probing the vdev with a dummy I/O. The state of each vdev will be set
3597 * based on the success of those operations. After this we'll be ready
3598 * to read from the vdevs.
3600 error = spa_ld_open_vdevs(spa);
3605 * Read the label of each vdev and make sure that the GUIDs stored
3606 * there match the GUIDs in the config provided.
3607 * If we're assembling a new pool that's been split off from an
3608 * existing pool, the labels haven't yet been updated so we skip
3609 * validation for now.
3611 if (type != SPA_IMPORT_ASSEMBLE) {
3612 error = spa_ld_validate_vdevs(spa);
3618 * Read all vdev labels to find the best uberblock (i.e. latest,
3619 * unless spa_load_max_txg is set) and store it in spa_uberblock. We
3620 * get the list of features required to read blkptrs in the MOS from
3621 * the vdev label with the best uberblock and verify that our version
3622 * of zfs supports them all.
3624 error = spa_ld_select_uberblock(spa, type);
3629 * Pass that uberblock to the dsl_pool layer which will open the root
3630 * blkptr. This blkptr points to the latest version of the MOS and will
3631 * allow us to read its contents.
3633 error = spa_ld_open_rootbp(spa);
3641 spa_ld_checkpoint_rewind(spa_t *spa)
3643 uberblock_t checkpoint;
3646 ASSERT(MUTEX_HELD(&spa_namespace_lock));
3647 ASSERT(spa->spa_import_flags & ZFS_IMPORT_CHECKPOINT);
3649 error = zap_lookup(spa->spa_meta_objset, DMU_POOL_DIRECTORY_OBJECT,
3650 DMU_POOL_ZPOOL_CHECKPOINT, sizeof (uint64_t),
3651 sizeof (uberblock_t) / sizeof (uint64_t), &checkpoint);
3654 spa_load_failed(spa, "unable to retrieve checkpointed "
3655 "uberblock from the MOS config [error=%d]", error);
3657 if (error == ENOENT)
3658 error = ZFS_ERR_NO_CHECKPOINT;
3663 ASSERT3U(checkpoint.ub_txg, <, spa->spa_uberblock.ub_txg);
3664 ASSERT3U(checkpoint.ub_txg, ==, checkpoint.ub_checkpoint_txg);
3667 * We need to update the txg and timestamp of the checkpointed
3668 * uberblock to be higher than the latest one. This ensures that
3669 * the checkpointed uberblock is selected if we were to close and
3670 * reopen the pool right after we've written it in the vdev labels.
3671 * (also see block comment in vdev_uberblock_compare)
3673 checkpoint.ub_txg = spa->spa_uberblock.ub_txg + 1;
3674 checkpoint.ub_timestamp = gethrestime_sec();
3677 * Set current uberblock to be the checkpointed uberblock.
3679 spa->spa_uberblock = checkpoint;
3682 * If we are doing a normal rewind, then the pool is open for
3683 * writing and we sync the "updated" checkpointed uberblock to
3684 * disk. Once this is done, we've basically rewound the whole
3685 * pool and there is no way back.
3687 * There are cases when we don't want to attempt and sync the
3688 * checkpointed uberblock to disk because we are opening a
3689 * pool as read-only. Specifically, verifying the checkpointed
3690 * state with zdb, and importing the checkpointed state to get
3691 * a "preview" of its content.
3693 if (spa_writeable(spa)) {
3694 vdev_t *rvd = spa->spa_root_vdev;
3696 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
3697 vdev_t *svd[SPA_SYNC_MIN_VDEVS] = { NULL };
3699 int children = rvd->vdev_children;
3700 int c0 = spa_get_random(children);
3702 for (int c = 0; c < children; c++) {
3703 vdev_t *vd = rvd->vdev_child[(c0 + c) % children];
3705 /* Stop when revisiting the first vdev */
3706 if (c > 0 && svd[0] == vd)
3709 if (vd->vdev_ms_array == 0 || vd->vdev_islog ||
3710 !vdev_is_concrete(vd))
3713 svd[svdcount++] = vd;
3714 if (svdcount == SPA_SYNC_MIN_VDEVS)
3717 error = vdev_config_sync(svd, svdcount, spa->spa_first_txg);
3719 spa->spa_last_synced_guid = rvd->vdev_guid;
3720 spa_config_exit(spa, SCL_ALL, FTAG);
3723 spa_load_failed(spa, "failed to write checkpointed "
3724 "uberblock to the vdev labels [error=%d]", error);
3733 spa_ld_mos_with_trusted_config(spa_t *spa, spa_import_type_t type,
3734 boolean_t *update_config_cache)
3739 * Parse the config for pool, open and validate vdevs,
3740 * select an uberblock, and use that uberblock to open
3743 error = spa_ld_mos_init(spa, type);
3748 * Retrieve the trusted config stored in the MOS and use it to create
3749 * a new, exact version of the vdev tree, then reopen all vdevs.
3751 error = spa_ld_trusted_config(spa, type, B_FALSE);
3752 if (error == EAGAIN) {
3753 if (update_config_cache != NULL)
3754 *update_config_cache = B_TRUE;
3757 * Redo the loading process with the trusted config if it is
3758 * too different from the untrusted config.
3760 spa_ld_prepare_for_reload(spa);
3761 spa_load_note(spa, "RELOADING");
3762 error = spa_ld_mos_init(spa, type);
3766 error = spa_ld_trusted_config(spa, type, B_TRUE);
3770 } else if (error != 0) {
3778 * Load an existing storage pool, using the config provided. This config
3779 * describes which vdevs are part of the pool and is later validated against
3780 * partial configs present in each vdev's label and an entire copy of the
3781 * config stored in the MOS.
3784 spa_load_impl(spa_t *spa, spa_import_type_t type, char **ereport)
3787 boolean_t missing_feat_write = B_FALSE;
3788 boolean_t checkpoint_rewind =
3789 (spa->spa_import_flags & ZFS_IMPORT_CHECKPOINT);
3790 boolean_t update_config_cache = B_FALSE;
3792 ASSERT(MUTEX_HELD(&spa_namespace_lock));
3793 ASSERT(spa->spa_config_source != SPA_CONFIG_SRC_NONE);
3795 spa_load_note(spa, "LOADING");
3797 error = spa_ld_mos_with_trusted_config(spa, type, &update_config_cache);
3802 * If we are rewinding to the checkpoint then we need to repeat
3803 * everything we've done so far in this function but this time
3804 * selecting the checkpointed uberblock and using that to open
3807 if (checkpoint_rewind) {
3809 * If we are rewinding to the checkpoint update config cache
3812 update_config_cache = B_TRUE;
3815 * Extract the checkpointed uberblock from the current MOS
3816 * and use this as the pool's uberblock from now on. If the
3817 * pool is imported as writeable we also write the checkpoint
3818 * uberblock to the labels, making the rewind permanent.
3820 error = spa_ld_checkpoint_rewind(spa);
3825 * Redo the loading process process again with the
3826 * checkpointed uberblock.
3828 spa_ld_prepare_for_reload(spa);
3829 spa_load_note(spa, "LOADING checkpointed uberblock");
3830 error = spa_ld_mos_with_trusted_config(spa, type, NULL);
3836 * Retrieve the checkpoint txg if the pool has a checkpoint.
3838 error = spa_ld_read_checkpoint_txg(spa);
3843 * Retrieve the mapping of indirect vdevs. Those vdevs were removed
3844 * from the pool and their contents were re-mapped to other vdevs. Note
3845 * that everything that we read before this step must have been
3846 * rewritten on concrete vdevs after the last device removal was
3847 * initiated. Otherwise we could be reading from indirect vdevs before
3848 * we have loaded their mappings.
3850 error = spa_ld_open_indirect_vdev_metadata(spa);
3855 * Retrieve the full list of active features from the MOS and check if
3856 * they are all supported.
3858 error = spa_ld_check_features(spa, &missing_feat_write);
3863 * Load several special directories from the MOS needed by the dsl_pool
3866 error = spa_ld_load_special_directories(spa);
3871 * Retrieve pool properties from the MOS.
3873 error = spa_ld_get_props(spa);
3878 * Retrieve the list of auxiliary devices - cache devices and spares -
3881 error = spa_ld_open_aux_vdevs(spa, type);
3886 * Load the metadata for all vdevs. Also check if unopenable devices
3887 * should be autoreplaced.
3889 error = spa_ld_load_vdev_metadata(spa);
3893 error = spa_ld_load_dedup_tables(spa);
3898 * Verify the logs now to make sure we don't have any unexpected errors
3899 * when we claim log blocks later.
3901 error = spa_ld_verify_logs(spa, type, ereport);
3905 if (missing_feat_write) {
3906 ASSERT(spa->spa_load_state == SPA_LOAD_TRYIMPORT);
3909 * At this point, we know that we can open the pool in
3910 * read-only mode but not read-write mode. We now have enough
3911 * information and can return to userland.
3913 return (spa_vdev_err(spa->spa_root_vdev, VDEV_AUX_UNSUP_FEAT,
3918 * Traverse the last txgs to make sure the pool was left off in a safe
3919 * state. When performing an extreme rewind, we verify the whole pool,
3920 * which can take a very long time.
3922 error = spa_ld_verify_pool_data(spa);
3927 * Calculate the deflated space for the pool. This must be done before
3928 * we write anything to the pool because we'd need to update the space
3929 * accounting using the deflated sizes.
3931 spa_update_dspace(spa);
3934 * We have now retrieved all the information we needed to open the
3935 * pool. If we are importing the pool in read-write mode, a few
3936 * additional steps must be performed to finish the import.
3938 if (spa_writeable(spa) && (spa->spa_load_state == SPA_LOAD_RECOVER ||
3939 spa->spa_load_max_txg == UINT64_MAX)) {
3940 uint64_t config_cache_txg = spa->spa_config_txg;
3942 ASSERT(spa->spa_load_state != SPA_LOAD_TRYIMPORT);
3945 * In case of a checkpoint rewind, log the original txg
3946 * of the checkpointed uberblock.
3948 if (checkpoint_rewind) {
3949 spa_history_log_internal(spa, "checkpoint rewind",
3950 NULL, "rewound state to txg=%llu",
3951 (u_longlong_t)spa->spa_uberblock.ub_checkpoint_txg);
3955 * Traverse the ZIL and claim all blocks.
3957 spa_ld_claim_log_blocks(spa);
3960 * Kick-off the syncing thread.
3962 spa->spa_sync_on = B_TRUE;
3963 txg_sync_start(spa->spa_dsl_pool);
3966 * Wait for all claims to sync. We sync up to the highest
3967 * claimed log block birth time so that claimed log blocks
3968 * don't appear to be from the future. spa_claim_max_txg
3969 * will have been set for us by ZIL traversal operations
3972 txg_wait_synced(spa->spa_dsl_pool, spa->spa_claim_max_txg);
3975 * Check if we need to request an update of the config. On the
3976 * next sync, we would update the config stored in vdev labels
3977 * and the cachefile (by default /etc/zfs/zpool.cache).
3979 spa_ld_check_for_config_update(spa, config_cache_txg,
3980 update_config_cache);
3983 * Check all DTLs to see if anything needs resilvering.
3985 if (!dsl_scan_resilvering(spa->spa_dsl_pool) &&
3986 vdev_resilver_needed(spa->spa_root_vdev, NULL, NULL))
3987 spa_async_request(spa, SPA_ASYNC_RESILVER);
3990 * Log the fact that we booted up (so that we can detect if
3991 * we rebooted in the middle of an operation).
3993 spa_history_log_version(spa, "open");
3995 spa_restart_removal(spa);
3996 spa_spawn_aux_threads(spa);
3999 * Delete any inconsistent datasets.
4002 * Since we may be issuing deletes for clones here,
4003 * we make sure to do so after we've spawned all the
4004 * auxiliary threads above (from which the livelist
4005 * deletion zthr is part of).
4007 (void) dmu_objset_find(spa_name(spa),
4008 dsl_destroy_inconsistent, NULL, DS_FIND_CHILDREN);
4011 * Clean up any stale temporary dataset userrefs.
4013 dsl_pool_clean_tmp_userrefs(spa->spa_dsl_pool);
4015 spa_config_enter(spa, SCL_CONFIG, FTAG, RW_READER);
4016 vdev_initialize_restart(spa->spa_root_vdev);
4017 spa_config_exit(spa, SCL_CONFIG, FTAG);
4020 spa_load_note(spa, "LOADED");
4026 spa_load_retry(spa_t *spa, spa_load_state_t state)
4028 int mode = spa->spa_mode;
4031 spa_deactivate(spa);
4033 spa->spa_load_max_txg = spa->spa_uberblock.ub_txg - 1;
4035 spa_activate(spa, mode);
4036 spa_async_suspend(spa);
4038 spa_load_note(spa, "spa_load_retry: rewind, max txg: %llu",
4039 (u_longlong_t)spa->spa_load_max_txg);
4041 return (spa_load(spa, state, SPA_IMPORT_EXISTING));
4045 * If spa_load() fails this function will try loading prior txg's. If
4046 * 'state' is SPA_LOAD_RECOVER and one of these loads succeeds the pool
4047 * will be rewound to that txg. If 'state' is not SPA_LOAD_RECOVER this
4048 * function will not rewind the pool and will return the same error as
4052 spa_load_best(spa_t *spa, spa_load_state_t state, uint64_t max_request,
4055 nvlist_t *loadinfo = NULL;
4056 nvlist_t *config = NULL;
4057 int load_error, rewind_error;
4058 uint64_t safe_rewind_txg;
4061 if (spa->spa_load_txg && state == SPA_LOAD_RECOVER) {
4062 spa->spa_load_max_txg = spa->spa_load_txg;
4063 spa_set_log_state(spa, SPA_LOG_CLEAR);
4065 spa->spa_load_max_txg = max_request;
4066 if (max_request != UINT64_MAX)
4067 spa->spa_extreme_rewind = B_TRUE;
4070 load_error = rewind_error = spa_load(spa, state, SPA_IMPORT_EXISTING);
4071 if (load_error == 0)
4073 if (load_error == ZFS_ERR_NO_CHECKPOINT) {
4075 * When attempting checkpoint-rewind on a pool with no
4076 * checkpoint, we should not attempt to load uberblocks
4077 * from previous txgs when spa_load fails.
4079 ASSERT(spa->spa_import_flags & ZFS_IMPORT_CHECKPOINT);
4080 return (load_error);
4083 if (spa->spa_root_vdev != NULL)
4084 config = spa_config_generate(spa, NULL, -1ULL, B_TRUE);
4086 spa->spa_last_ubsync_txg = spa->spa_uberblock.ub_txg;
4087 spa->spa_last_ubsync_txg_ts = spa->spa_uberblock.ub_timestamp;
4089 if (rewind_flags & ZPOOL_NEVER_REWIND) {
4090 nvlist_free(config);
4091 return (load_error);
4094 if (state == SPA_LOAD_RECOVER) {
4095 /* Price of rolling back is discarding txgs, including log */
4096 spa_set_log_state(spa, SPA_LOG_CLEAR);
4099 * If we aren't rolling back save the load info from our first
4100 * import attempt so that we can restore it after attempting
4103 loadinfo = spa->spa_load_info;
4104 spa->spa_load_info = fnvlist_alloc();
4107 spa->spa_load_max_txg = spa->spa_last_ubsync_txg;
4108 safe_rewind_txg = spa->spa_last_ubsync_txg - TXG_DEFER_SIZE;
4109 min_txg = (rewind_flags & ZPOOL_EXTREME_REWIND) ?
4110 TXG_INITIAL : safe_rewind_txg;
4113 * Continue as long as we're finding errors, we're still within
4114 * the acceptable rewind range, and we're still finding uberblocks
4116 while (rewind_error && spa->spa_uberblock.ub_txg >= min_txg &&
4117 spa->spa_uberblock.ub_txg <= spa->spa_load_max_txg) {
4118 if (spa->spa_load_max_txg < safe_rewind_txg)
4119 spa->spa_extreme_rewind = B_TRUE;
4120 rewind_error = spa_load_retry(spa, state);
4123 spa->spa_extreme_rewind = B_FALSE;
4124 spa->spa_load_max_txg = UINT64_MAX;
4126 if (config && (rewind_error || state != SPA_LOAD_RECOVER))
4127 spa_config_set(spa, config);
4129 nvlist_free(config);
4131 if (state == SPA_LOAD_RECOVER) {
4132 ASSERT3P(loadinfo, ==, NULL);
4133 return (rewind_error);
4135 /* Store the rewind info as part of the initial load info */
4136 fnvlist_add_nvlist(loadinfo, ZPOOL_CONFIG_REWIND_INFO,
4137 spa->spa_load_info);
4139 /* Restore the initial load info */
4140 fnvlist_free(spa->spa_load_info);
4141 spa->spa_load_info = loadinfo;
4143 return (load_error);
4150 * The import case is identical to an open except that the configuration is sent
4151 * down from userland, instead of grabbed from the configuration cache. For the
4152 * case of an open, the pool configuration will exist in the
4153 * POOL_STATE_UNINITIALIZED state.
4155 * The stats information (gen/count/ustats) is used to gather vdev statistics at
4156 * the same time open the pool, without having to keep around the spa_t in some
4160 spa_open_common(const char *pool, spa_t **spapp, void *tag, nvlist_t *nvpolicy,
4164 spa_load_state_t state = SPA_LOAD_OPEN;
4166 int locked = B_FALSE;
4167 int firstopen = B_FALSE;
4172 * As disgusting as this is, we need to support recursive calls to this
4173 * function because dsl_dir_open() is called during spa_load(), and ends
4174 * up calling spa_open() again. The real fix is to figure out how to
4175 * avoid dsl_dir_open() calling this in the first place.
4177 if (mutex_owner(&spa_namespace_lock) != curthread) {
4178 mutex_enter(&spa_namespace_lock);
4182 if ((spa = spa_lookup(pool)) == NULL) {
4184 mutex_exit(&spa_namespace_lock);
4185 return (SET_ERROR(ENOENT));
4188 if (spa->spa_state == POOL_STATE_UNINITIALIZED) {
4189 zpool_load_policy_t policy;
4193 zpool_get_load_policy(nvpolicy ? nvpolicy : spa->spa_config,
4195 if (policy.zlp_rewind & ZPOOL_DO_REWIND)
4196 state = SPA_LOAD_RECOVER;
4198 spa_activate(spa, spa_mode_global);
4200 if (state != SPA_LOAD_RECOVER)
4201 spa->spa_last_ubsync_txg = spa->spa_load_txg = 0;
4202 spa->spa_config_source = SPA_CONFIG_SRC_CACHEFILE;
4204 zfs_dbgmsg("spa_open_common: opening %s", pool);
4205 error = spa_load_best(spa, state, policy.zlp_txg,
4208 if (error == EBADF) {
4210 * If vdev_validate() returns failure (indicated by
4211 * EBADF), it indicates that one of the vdevs indicates
4212 * that the pool has been exported or destroyed. If
4213 * this is the case, the config cache is out of sync and
4214 * we should remove the pool from the namespace.
4217 spa_deactivate(spa);
4218 spa_write_cachefile(spa, B_TRUE, B_TRUE);
4221 mutex_exit(&spa_namespace_lock);
4222 return (SET_ERROR(ENOENT));
4227 * We can't open the pool, but we still have useful
4228 * information: the state of each vdev after the
4229 * attempted vdev_open(). Return this to the user.
4231 if (config != NULL && spa->spa_config) {
4232 VERIFY(nvlist_dup(spa->spa_config, config,
4234 VERIFY(nvlist_add_nvlist(*config,
4235 ZPOOL_CONFIG_LOAD_INFO,
4236 spa->spa_load_info) == 0);
4239 spa_deactivate(spa);
4240 spa->spa_last_open_failed = error;
4242 mutex_exit(&spa_namespace_lock);
4248 spa_open_ref(spa, tag);
4251 *config = spa_config_generate(spa, NULL, -1ULL, B_TRUE);
4254 * If we've recovered the pool, pass back any information we
4255 * gathered while doing the load.
4257 if (state == SPA_LOAD_RECOVER) {
4258 VERIFY(nvlist_add_nvlist(*config, ZPOOL_CONFIG_LOAD_INFO,
4259 spa->spa_load_info) == 0);
4263 spa->spa_last_open_failed = 0;
4264 spa->spa_last_ubsync_txg = 0;
4265 spa->spa_load_txg = 0;
4266 mutex_exit(&spa_namespace_lock);
4270 zvol_create_minors(spa->spa_name);
4281 spa_open_rewind(const char *name, spa_t **spapp, void *tag, nvlist_t *policy,
4284 return (spa_open_common(name, spapp, tag, policy, config));
4288 spa_open(const char *name, spa_t **spapp, void *tag)
4290 return (spa_open_common(name, spapp, tag, NULL, NULL));
4294 * Lookup the given spa_t, incrementing the inject count in the process,
4295 * preventing it from being exported or destroyed.
4298 spa_inject_addref(char *name)
4302 mutex_enter(&spa_namespace_lock);
4303 if ((spa = spa_lookup(name)) == NULL) {
4304 mutex_exit(&spa_namespace_lock);
4307 spa->spa_inject_ref++;
4308 mutex_exit(&spa_namespace_lock);
4314 spa_inject_delref(spa_t *spa)
4316 mutex_enter(&spa_namespace_lock);
4317 spa->spa_inject_ref--;
4318 mutex_exit(&spa_namespace_lock);
4322 * Add spares device information to the nvlist.
4325 spa_add_spares(spa_t *spa, nvlist_t *config)
4335 ASSERT(spa_config_held(spa, SCL_CONFIG, RW_READER));
4337 if (spa->spa_spares.sav_count == 0)
4340 VERIFY(nvlist_lookup_nvlist(config,
4341 ZPOOL_CONFIG_VDEV_TREE, &nvroot) == 0);
4342 VERIFY(nvlist_lookup_nvlist_array(spa->spa_spares.sav_config,
4343 ZPOOL_CONFIG_SPARES, &spares, &nspares) == 0);
4345 VERIFY(nvlist_add_nvlist_array(nvroot,
4346 ZPOOL_CONFIG_SPARES, spares, nspares) == 0);
4347 VERIFY(nvlist_lookup_nvlist_array(nvroot,
4348 ZPOOL_CONFIG_SPARES, &spares, &nspares) == 0);
4351 * Go through and find any spares which have since been
4352 * repurposed as an active spare. If this is the case, update
4353 * their status appropriately.
4355 for (i = 0; i < nspares; i++) {
4356 VERIFY(nvlist_lookup_uint64(spares[i],
4357 ZPOOL_CONFIG_GUID, &guid) == 0);
4358 if (spa_spare_exists(guid, &pool, NULL) &&
4360 VERIFY(nvlist_lookup_uint64_array(
4361 spares[i], ZPOOL_CONFIG_VDEV_STATS,
4362 (uint64_t **)&vs, &vsc) == 0);
4363 vs->vs_state = VDEV_STATE_CANT_OPEN;
4364 vs->vs_aux = VDEV_AUX_SPARED;
4371 * Add l2cache device information to the nvlist, including vdev stats.
4374 spa_add_l2cache(spa_t *spa, nvlist_t *config)
4377 uint_t i, j, nl2cache;
4384 ASSERT(spa_config_held(spa, SCL_CONFIG, RW_READER));
4386 if (spa->spa_l2cache.sav_count == 0)
4389 VERIFY(nvlist_lookup_nvlist(config,
4390 ZPOOL_CONFIG_VDEV_TREE, &nvroot) == 0);
4391 VERIFY(nvlist_lookup_nvlist_array(spa->spa_l2cache.sav_config,
4392 ZPOOL_CONFIG_L2CACHE, &l2cache, &nl2cache) == 0);
4393 if (nl2cache != 0) {
4394 VERIFY(nvlist_add_nvlist_array(nvroot,
4395 ZPOOL_CONFIG_L2CACHE, l2cache, nl2cache) == 0);
4396 VERIFY(nvlist_lookup_nvlist_array(nvroot,
4397 ZPOOL_CONFIG_L2CACHE, &l2cache, &nl2cache) == 0);
4400 * Update level 2 cache device stats.
4403 for (i = 0; i < nl2cache; i++) {
4404 VERIFY(nvlist_lookup_uint64(l2cache[i],
4405 ZPOOL_CONFIG_GUID, &guid) == 0);
4408 for (j = 0; j < spa->spa_l2cache.sav_count; j++) {
4410 spa->spa_l2cache.sav_vdevs[j]->vdev_guid) {
4411 vd = spa->spa_l2cache.sav_vdevs[j];
4417 VERIFY(nvlist_lookup_uint64_array(l2cache[i],
4418 ZPOOL_CONFIG_VDEV_STATS, (uint64_t **)&vs, &vsc)
4420 vdev_get_stats(vd, vs);
4426 spa_feature_stats_from_disk(spa_t *spa, nvlist_t *features)
4431 /* We may be unable to read features if pool is suspended. */
4432 if (spa_suspended(spa))
4435 if (spa->spa_feat_for_read_obj != 0) {
4436 for (zap_cursor_init(&zc, spa->spa_meta_objset,
4437 spa->spa_feat_for_read_obj);
4438 zap_cursor_retrieve(&zc, &za) == 0;
4439 zap_cursor_advance(&zc)) {
4440 ASSERT(za.za_integer_length == sizeof (uint64_t) &&
4441 za.za_num_integers == 1);
4442 VERIFY0(nvlist_add_uint64(features, za.za_name,
4443 za.za_first_integer));
4445 zap_cursor_fini(&zc);
4448 if (spa->spa_feat_for_write_obj != 0) {
4449 for (zap_cursor_init(&zc, spa->spa_meta_objset,
4450 spa->spa_feat_for_write_obj);
4451 zap_cursor_retrieve(&zc, &za) == 0;
4452 zap_cursor_advance(&zc)) {
4453 ASSERT(za.za_integer_length == sizeof (uint64_t) &&
4454 za.za_num_integers == 1);
4455 VERIFY0(nvlist_add_uint64(features, za.za_name,
4456 za.za_first_integer));
4458 zap_cursor_fini(&zc);
4463 spa_feature_stats_from_cache(spa_t *spa, nvlist_t *features)
4467 for (i = 0; i < SPA_FEATURES; i++) {
4468 zfeature_info_t feature = spa_feature_table[i];
4471 if (feature_get_refcount(spa, &feature, &refcount) != 0)
4474 VERIFY0(nvlist_add_uint64(features, feature.fi_guid, refcount));
4479 * Store a list of pool features and their reference counts in the
4482 * The first time this is called on a spa, allocate a new nvlist, fetch
4483 * the pool features and reference counts from disk, then save the list
4484 * in the spa. In subsequent calls on the same spa use the saved nvlist
4485 * and refresh its values from the cached reference counts. This
4486 * ensures we don't block here on I/O on a suspended pool so 'zpool
4487 * clear' can resume the pool.
4490 spa_add_feature_stats(spa_t *spa, nvlist_t *config)
4494 ASSERT(spa_config_held(spa, SCL_CONFIG, RW_READER));
4496 mutex_enter(&spa->spa_feat_stats_lock);
4497 features = spa->spa_feat_stats;
4499 if (features != NULL) {
4500 spa_feature_stats_from_cache(spa, features);
4502 VERIFY0(nvlist_alloc(&features, NV_UNIQUE_NAME, KM_SLEEP));
4503 spa->spa_feat_stats = features;
4504 spa_feature_stats_from_disk(spa, features);
4507 VERIFY0(nvlist_add_nvlist(config, ZPOOL_CONFIG_FEATURE_STATS,
4510 mutex_exit(&spa->spa_feat_stats_lock);
4514 spa_get_stats(const char *name, nvlist_t **config,
4515 char *altroot, size_t buflen)
4521 error = spa_open_common(name, &spa, FTAG, NULL, config);
4525 * This still leaves a window of inconsistency where the spares
4526 * or l2cache devices could change and the config would be
4527 * self-inconsistent.
4529 spa_config_enter(spa, SCL_CONFIG, FTAG, RW_READER);
4531 if (*config != NULL) {
4532 uint64_t loadtimes[2];
4534 loadtimes[0] = spa->spa_loaded_ts.tv_sec;
4535 loadtimes[1] = spa->spa_loaded_ts.tv_nsec;
4536 VERIFY(nvlist_add_uint64_array(*config,
4537 ZPOOL_CONFIG_LOADED_TIME, loadtimes, 2) == 0);
4539 VERIFY(nvlist_add_uint64(*config,
4540 ZPOOL_CONFIG_ERRCOUNT,
4541 spa_get_errlog_size(spa)) == 0);
4543 if (spa_suspended(spa))
4544 VERIFY(nvlist_add_uint64(*config,
4545 ZPOOL_CONFIG_SUSPENDED,
4546 spa->spa_failmode) == 0);
4548 spa_add_spares(spa, *config);
4549 spa_add_l2cache(spa, *config);
4550 spa_add_feature_stats(spa, *config);
4555 * We want to get the alternate root even for faulted pools, so we cheat
4556 * and call spa_lookup() directly.
4560 mutex_enter(&spa_namespace_lock);
4561 spa = spa_lookup(name);
4563 spa_altroot(spa, altroot, buflen);
4567 mutex_exit(&spa_namespace_lock);
4569 spa_altroot(spa, altroot, buflen);
4574 spa_config_exit(spa, SCL_CONFIG, FTAG);
4575 spa_close(spa, FTAG);
4582 * Validate that the auxiliary device array is well formed. We must have an
4583 * array of nvlists, each which describes a valid leaf vdev. If this is an
4584 * import (mode is VDEV_ALLOC_SPARE), then we allow corrupted spares to be
4585 * specified, as long as they are well-formed.
4588 spa_validate_aux_devs(spa_t *spa, nvlist_t *nvroot, uint64_t crtxg, int mode,
4589 spa_aux_vdev_t *sav, const char *config, uint64_t version,
4590 vdev_labeltype_t label)
4597 ASSERT(spa_config_held(spa, SCL_ALL, RW_WRITER) == SCL_ALL);
4600 * It's acceptable to have no devs specified.
4602 if (nvlist_lookup_nvlist_array(nvroot, config, &dev, &ndev) != 0)
4606 return (SET_ERROR(EINVAL));
4609 * Make sure the pool is formatted with a version that supports this
4612 if (spa_version(spa) < version)
4613 return (SET_ERROR(ENOTSUP));
4616 * Set the pending device list so we correctly handle device in-use
4619 sav->sav_pending = dev;
4620 sav->sav_npending = ndev;
4622 for (i = 0; i < ndev; i++) {
4623 if ((error = spa_config_parse(spa, &vd, dev[i], NULL, 0,
4627 if (!vd->vdev_ops->vdev_op_leaf) {
4629 error = SET_ERROR(EINVAL);
4634 * The L2ARC currently only supports disk devices in
4635 * kernel context. For user-level testing, we allow it.
4638 if ((strcmp(config, ZPOOL_CONFIG_L2CACHE) == 0) &&
4639 strcmp(vd->vdev_ops->vdev_op_type, VDEV_TYPE_DISK) != 0) {
4640 error = SET_ERROR(ENOTBLK);
4647 if ((error = vdev_open(vd)) == 0 &&
4648 (error = vdev_label_init(vd, crtxg, label)) == 0) {
4649 VERIFY(nvlist_add_uint64(dev[i], ZPOOL_CONFIG_GUID,
4650 vd->vdev_guid) == 0);
4656 (mode != VDEV_ALLOC_SPARE && mode != VDEV_ALLOC_L2CACHE))
4663 sav->sav_pending = NULL;
4664 sav->sav_npending = 0;
4669 spa_validate_aux(spa_t *spa, nvlist_t *nvroot, uint64_t crtxg, int mode)
4673 ASSERT(spa_config_held(spa, SCL_ALL, RW_WRITER) == SCL_ALL);
4675 if ((error = spa_validate_aux_devs(spa, nvroot, crtxg, mode,
4676 &spa->spa_spares, ZPOOL_CONFIG_SPARES, SPA_VERSION_SPARES,
4677 VDEV_LABEL_SPARE)) != 0) {
4681 return (spa_validate_aux_devs(spa, nvroot, crtxg, mode,
4682 &spa->spa_l2cache, ZPOOL_CONFIG_L2CACHE, SPA_VERSION_L2CACHE,
4683 VDEV_LABEL_L2CACHE));
4687 spa_set_aux_vdevs(spa_aux_vdev_t *sav, nvlist_t **devs, int ndevs,
4692 if (sav->sav_config != NULL) {
4698 * Generate new dev list by concatentating with the
4701 VERIFY(nvlist_lookup_nvlist_array(sav->sav_config, config,
4702 &olddevs, &oldndevs) == 0);
4704 newdevs = kmem_alloc(sizeof (void *) *
4705 (ndevs + oldndevs), KM_SLEEP);
4706 for (i = 0; i < oldndevs; i++)
4707 VERIFY(nvlist_dup(olddevs[i], &newdevs[i],
4709 for (i = 0; i < ndevs; i++)
4710 VERIFY(nvlist_dup(devs[i], &newdevs[i + oldndevs],
4713 VERIFY(nvlist_remove(sav->sav_config, config,
4714 DATA_TYPE_NVLIST_ARRAY) == 0);
4716 VERIFY(nvlist_add_nvlist_array(sav->sav_config,
4717 config, newdevs, ndevs + oldndevs) == 0);
4718 for (i = 0; i < oldndevs + ndevs; i++)
4719 nvlist_free(newdevs[i]);
4720 kmem_free(newdevs, (oldndevs + ndevs) * sizeof (void *));
4723 * Generate a new dev list.
4725 VERIFY(nvlist_alloc(&sav->sav_config, NV_UNIQUE_NAME,
4727 VERIFY(nvlist_add_nvlist_array(sav->sav_config, config,
4733 * Stop and drop level 2 ARC devices
4736 spa_l2cache_drop(spa_t *spa)
4740 spa_aux_vdev_t *sav = &spa->spa_l2cache;
4742 for (i = 0; i < sav->sav_count; i++) {
4745 vd = sav->sav_vdevs[i];
4748 if (spa_l2cache_exists(vd->vdev_guid, &pool) &&
4749 pool != 0ULL && l2arc_vdev_present(vd))
4750 l2arc_remove_vdev(vd);
4758 spa_create(const char *pool, nvlist_t *nvroot, nvlist_t *props,
4762 char *altroot = NULL;
4767 uint64_t txg = TXG_INITIAL;
4768 nvlist_t **spares, **l2cache;
4769 uint_t nspares, nl2cache;
4770 uint64_t version, obj;
4771 boolean_t has_features;
4775 if (nvlist_lookup_string(props,
4776 zpool_prop_to_name(ZPOOL_PROP_TNAME), &poolname) != 0)
4777 poolname = (char *)pool;
4780 * If this pool already exists, return failure.
4782 mutex_enter(&spa_namespace_lock);
4783 if (spa_lookup(poolname) != NULL) {
4784 mutex_exit(&spa_namespace_lock);
4785 return (SET_ERROR(EEXIST));
4789 * Allocate a new spa_t structure.
4791 nvl = fnvlist_alloc();
4792 fnvlist_add_string(nvl, ZPOOL_CONFIG_POOL_NAME, pool);
4793 (void) nvlist_lookup_string(props,
4794 zpool_prop_to_name(ZPOOL_PROP_ALTROOT), &altroot);
4795 spa = spa_add(poolname, nvl, altroot);
4797 spa_activate(spa, spa_mode_global);
4799 if (props && (error = spa_prop_validate(spa, props))) {
4800 spa_deactivate(spa);
4802 mutex_exit(&spa_namespace_lock);
4807 * Temporary pool names should never be written to disk.
4809 if (poolname != pool)
4810 spa->spa_import_flags |= ZFS_IMPORT_TEMP_NAME;
4812 has_features = B_FALSE;
4813 for (nvpair_t *elem = nvlist_next_nvpair(props, NULL);
4814 elem != NULL; elem = nvlist_next_nvpair(props, elem)) {
4815 if (zpool_prop_feature(nvpair_name(elem)))
4816 has_features = B_TRUE;
4819 if (has_features || nvlist_lookup_uint64(props,
4820 zpool_prop_to_name(ZPOOL_PROP_VERSION), &version) != 0) {
4821 version = SPA_VERSION;
4823 ASSERT(SPA_VERSION_IS_SUPPORTED(version));
4825 spa->spa_first_txg = txg;
4826 spa->spa_uberblock.ub_txg = txg - 1;
4827 spa->spa_uberblock.ub_version = version;
4828 spa->spa_ubsync = spa->spa_uberblock;
4829 spa->spa_load_state = SPA_LOAD_CREATE;
4830 spa->spa_removing_phys.sr_state = DSS_NONE;
4831 spa->spa_removing_phys.sr_removing_vdev = -1;
4832 spa->spa_removing_phys.sr_prev_indirect_vdev = -1;
4833 spa->spa_indirect_vdevs_loaded = B_TRUE;
4836 * Create "The Godfather" zio to hold all async IOs
4838 spa->spa_async_zio_root = kmem_alloc(max_ncpus * sizeof (void *),
4840 for (int i = 0; i < max_ncpus; i++) {
4841 spa->spa_async_zio_root[i] = zio_root(spa, NULL, NULL,
4842 ZIO_FLAG_CANFAIL | ZIO_FLAG_SPECULATIVE |
4843 ZIO_FLAG_GODFATHER);
4847 * Create the root vdev.
4849 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
4851 error = spa_config_parse(spa, &rvd, nvroot, NULL, 0, VDEV_ALLOC_ADD);
4853 ASSERT(error != 0 || rvd != NULL);
4854 ASSERT(error != 0 || spa->spa_root_vdev == rvd);
4856 if (error == 0 && !zfs_allocatable_devs(nvroot))
4857 error = SET_ERROR(EINVAL);
4860 (error = vdev_create(rvd, txg, B_FALSE)) == 0 &&
4861 (error = spa_validate_aux(spa, nvroot, txg,
4862 VDEV_ALLOC_ADD)) == 0) {
4863 for (int c = 0; c < rvd->vdev_children; c++) {
4864 vdev_ashift_optimize(rvd->vdev_child[c]);
4865 vdev_metaslab_set_size(rvd->vdev_child[c]);
4866 vdev_expand(rvd->vdev_child[c], txg);
4870 spa_config_exit(spa, SCL_ALL, FTAG);
4874 spa_deactivate(spa);
4876 mutex_exit(&spa_namespace_lock);
4881 * Get the list of spares, if specified.
4883 if (nvlist_lookup_nvlist_array(nvroot, ZPOOL_CONFIG_SPARES,
4884 &spares, &nspares) == 0) {
4885 VERIFY(nvlist_alloc(&spa->spa_spares.sav_config, NV_UNIQUE_NAME,
4887 VERIFY(nvlist_add_nvlist_array(spa->spa_spares.sav_config,
4888 ZPOOL_CONFIG_SPARES, spares, nspares) == 0);
4889 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
4890 spa_load_spares(spa);
4891 spa_config_exit(spa, SCL_ALL, FTAG);
4892 spa->spa_spares.sav_sync = B_TRUE;
4896 * Get the list of level 2 cache devices, if specified.
4898 if (nvlist_lookup_nvlist_array(nvroot, ZPOOL_CONFIG_L2CACHE,
4899 &l2cache, &nl2cache) == 0) {
4900 VERIFY(nvlist_alloc(&spa->spa_l2cache.sav_config,
4901 NV_UNIQUE_NAME, KM_SLEEP) == 0);
4902 VERIFY(nvlist_add_nvlist_array(spa->spa_l2cache.sav_config,
4903 ZPOOL_CONFIG_L2CACHE, l2cache, nl2cache) == 0);
4904 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
4905 spa_load_l2cache(spa);
4906 spa_config_exit(spa, SCL_ALL, FTAG);
4907 spa->spa_l2cache.sav_sync = B_TRUE;
4910 spa->spa_is_initializing = B_TRUE;
4911 spa->spa_dsl_pool = dp = dsl_pool_create(spa, zplprops, txg);
4912 spa->spa_meta_objset = dp->dp_meta_objset;
4913 spa->spa_is_initializing = B_FALSE;
4916 * Create DDTs (dedup tables).
4920 spa_update_dspace(spa);
4922 tx = dmu_tx_create_assigned(dp, txg);
4925 * Create the pool config object.
4927 spa->spa_config_object = dmu_object_alloc(spa->spa_meta_objset,
4928 DMU_OT_PACKED_NVLIST, SPA_CONFIG_BLOCKSIZE,
4929 DMU_OT_PACKED_NVLIST_SIZE, sizeof (uint64_t), tx);
4931 if (zap_add(spa->spa_meta_objset,
4932 DMU_POOL_DIRECTORY_OBJECT, DMU_POOL_CONFIG,
4933 sizeof (uint64_t), 1, &spa->spa_config_object, tx) != 0) {
4934 cmn_err(CE_PANIC, "failed to add pool config");
4937 if (spa_version(spa) >= SPA_VERSION_FEATURES)
4938 spa_feature_create_zap_objects(spa, tx);
4940 if (zap_add(spa->spa_meta_objset,
4941 DMU_POOL_DIRECTORY_OBJECT, DMU_POOL_CREATION_VERSION,
4942 sizeof (uint64_t), 1, &version, tx) != 0) {
4943 cmn_err(CE_PANIC, "failed to add pool version");
4946 /* Newly created pools with the right version are always deflated. */
4947 if (version >= SPA_VERSION_RAIDZ_DEFLATE) {
4948 spa->spa_deflate = TRUE;
4949 if (zap_add(spa->spa_meta_objset,
4950 DMU_POOL_DIRECTORY_OBJECT, DMU_POOL_DEFLATE,
4951 sizeof (uint64_t), 1, &spa->spa_deflate, tx) != 0) {
4952 cmn_err(CE_PANIC, "failed to add deflate");
4957 * Create the deferred-free bpobj. Turn off compression
4958 * because sync-to-convergence takes longer if the blocksize
4961 obj = bpobj_alloc(spa->spa_meta_objset, 1 << 14, tx);
4962 dmu_object_set_compress(spa->spa_meta_objset, obj,
4963 ZIO_COMPRESS_OFF, tx);
4964 if (zap_add(spa->spa_meta_objset,
4965 DMU_POOL_DIRECTORY_OBJECT, DMU_POOL_SYNC_BPOBJ,
4966 sizeof (uint64_t), 1, &obj, tx) != 0) {
4967 cmn_err(CE_PANIC, "failed to add bpobj");
4969 VERIFY3U(0, ==, bpobj_open(&spa->spa_deferred_bpobj,
4970 spa->spa_meta_objset, obj));
4973 * Create the pool's history object.
4975 if (version >= SPA_VERSION_ZPOOL_HISTORY)
4976 spa_history_create_obj(spa, tx);
4979 * Generate some random noise for salted checksums to operate on.
4981 (void) random_get_pseudo_bytes(spa->spa_cksum_salt.zcs_bytes,
4982 sizeof (spa->spa_cksum_salt.zcs_bytes));
4985 * Set pool properties.
4987 spa->spa_bootfs = zpool_prop_default_numeric(ZPOOL_PROP_BOOTFS);
4988 spa->spa_delegation = zpool_prop_default_numeric(ZPOOL_PROP_DELEGATION);
4989 spa->spa_failmode = zpool_prop_default_numeric(ZPOOL_PROP_FAILUREMODE);
4990 spa->spa_autoexpand = zpool_prop_default_numeric(ZPOOL_PROP_AUTOEXPAND);
4992 if (props != NULL) {
4993 spa_configfile_set(spa, props, B_FALSE);
4994 spa_sync_props(props, tx);
4999 spa->spa_sync_on = B_TRUE;
5000 txg_sync_start(spa->spa_dsl_pool);
5003 * We explicitly wait for the first transaction to complete so that our
5004 * bean counters are appropriately updated.
5006 txg_wait_synced(spa->spa_dsl_pool, txg);
5008 spa_spawn_aux_threads(spa);
5010 spa_write_cachefile(spa, B_FALSE, B_TRUE);
5011 spa_event_notify(spa, NULL, NULL, ESC_ZFS_POOL_CREATE);
5013 spa_history_log_version(spa, "create");
5016 * Don't count references from objsets that are already closed
5017 * and are making their way through the eviction process.
5019 spa_evicting_os_wait(spa);
5020 spa->spa_minref = zfs_refcount_count(&spa->spa_refcount);
5021 spa->spa_load_state = SPA_LOAD_NONE;
5023 mutex_exit(&spa_namespace_lock);
5031 * Get the root pool information from the root disk, then import the root pool
5032 * during the system boot up time.
5034 extern int vdev_disk_read_rootlabel(char *, char *, nvlist_t **);
5037 spa_generate_rootconf(char *devpath, char *devid, uint64_t *guid)
5040 nvlist_t *nvtop, *nvroot;
5043 if (vdev_disk_read_rootlabel(devpath, devid, &config) != 0)
5047 * Add this top-level vdev to the child array.
5049 VERIFY(nvlist_lookup_nvlist(config, ZPOOL_CONFIG_VDEV_TREE,
5051 VERIFY(nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_GUID,
5053 VERIFY(nvlist_lookup_uint64(config, ZPOOL_CONFIG_GUID, guid) == 0);
5056 * Put this pool's top-level vdevs into a root vdev.
5058 VERIFY(nvlist_alloc(&nvroot, NV_UNIQUE_NAME, KM_SLEEP) == 0);
5059 VERIFY(nvlist_add_string(nvroot, ZPOOL_CONFIG_TYPE,
5060 VDEV_TYPE_ROOT) == 0);
5061 VERIFY(nvlist_add_uint64(nvroot, ZPOOL_CONFIG_ID, 0ULL) == 0);
5062 VERIFY(nvlist_add_uint64(nvroot, ZPOOL_CONFIG_GUID, pgid) == 0);
5063 VERIFY(nvlist_add_nvlist_array(nvroot, ZPOOL_CONFIG_CHILDREN,
5067 * Replace the existing vdev_tree with the new root vdev in
5068 * this pool's configuration (remove the old, add the new).
5070 VERIFY(nvlist_add_nvlist(config, ZPOOL_CONFIG_VDEV_TREE, nvroot) == 0);
5071 nvlist_free(nvroot);
5076 * Walk the vdev tree and see if we can find a device with "better"
5077 * configuration. A configuration is "better" if the label on that
5078 * device has a more recent txg.
5081 spa_alt_rootvdev(vdev_t *vd, vdev_t **avd, uint64_t *txg)
5083 for (int c = 0; c < vd->vdev_children; c++)
5084 spa_alt_rootvdev(vd->vdev_child[c], avd, txg);
5086 if (vd->vdev_ops->vdev_op_leaf) {
5090 if (vdev_disk_read_rootlabel(vd->vdev_physpath, vd->vdev_devid,
5094 VERIFY(nvlist_lookup_uint64(label, ZPOOL_CONFIG_POOL_TXG,
5098 * Do we have a better boot device?
5100 if (label_txg > *txg) {
5109 * Import a root pool.
5111 * For x86. devpath_list will consist of devid and/or physpath name of
5112 * the vdev (e.g. "id1,sd@SSEAGATE..." or "/pci@1f,0/ide@d/disk@0,0:a").
5113 * The GRUB "findroot" command will return the vdev we should boot.
5115 * For Sparc, devpath_list consists the physpath name of the booting device
5116 * no matter the rootpool is a single device pool or a mirrored pool.
5118 * "/pci@1f,0/ide@d/disk@0,0:a"
5121 spa_import_rootpool(char *devpath, char *devid)
5124 vdev_t *rvd, *bvd, *avd = NULL;
5125 nvlist_t *config, *nvtop;
5131 * Read the label from the boot device and generate a configuration.
5133 config = spa_generate_rootconf(devpath, devid, &guid);
5134 #if defined(_OBP) && defined(_KERNEL)
5135 if (config == NULL) {
5136 if (strstr(devpath, "/iscsi/ssd") != NULL) {
5138 get_iscsi_bootpath_phy(devpath);
5139 config = spa_generate_rootconf(devpath, devid, &guid);
5143 if (config == NULL) {
5144 cmn_err(CE_NOTE, "Cannot read the pool label from '%s'",
5146 return (SET_ERROR(EIO));
5149 VERIFY(nvlist_lookup_string(config, ZPOOL_CONFIG_POOL_NAME,
5151 VERIFY(nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_TXG, &txg) == 0);
5153 mutex_enter(&spa_namespace_lock);
5154 if ((spa = spa_lookup(pname)) != NULL) {
5156 * Remove the existing root pool from the namespace so that we
5157 * can replace it with the correct config we just read in.
5162 spa = spa_add(pname, config, NULL);
5163 spa->spa_is_root = B_TRUE;
5164 spa->spa_import_flags = ZFS_IMPORT_VERBATIM;
5165 if (nvlist_lookup_uint64(config, ZPOOL_CONFIG_VERSION,
5166 &spa->spa_ubsync.ub_version) != 0)
5167 spa->spa_ubsync.ub_version = SPA_VERSION_INITIAL;
5170 * Build up a vdev tree based on the boot device's label config.
5172 VERIFY(nvlist_lookup_nvlist(config, ZPOOL_CONFIG_VDEV_TREE,
5174 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
5175 error = spa_config_parse(spa, &rvd, nvtop, NULL, 0,
5176 VDEV_ALLOC_ROOTPOOL);
5177 spa_config_exit(spa, SCL_ALL, FTAG);
5179 mutex_exit(&spa_namespace_lock);
5180 nvlist_free(config);
5181 cmn_err(CE_NOTE, "Can not parse the config for pool '%s'",
5187 * Get the boot vdev.
5189 if ((bvd = vdev_lookup_by_guid(rvd, guid)) == NULL) {
5190 cmn_err(CE_NOTE, "Can not find the boot vdev for guid %llu",
5191 (u_longlong_t)guid);
5192 error = SET_ERROR(ENOENT);
5197 * Determine if there is a better boot device.
5200 spa_alt_rootvdev(rvd, &avd, &txg);
5202 cmn_err(CE_NOTE, "The boot device is 'degraded'. Please "
5203 "try booting from '%s'", avd->vdev_path);
5204 error = SET_ERROR(EINVAL);
5209 * If the boot device is part of a spare vdev then ensure that
5210 * we're booting off the active spare.
5212 if (bvd->vdev_parent->vdev_ops == &vdev_spare_ops &&
5213 !bvd->vdev_isspare) {
5214 cmn_err(CE_NOTE, "The boot device is currently spared. Please "
5215 "try booting from '%s'",
5217 vdev_child[bvd->vdev_parent->vdev_children - 1]->vdev_path);
5218 error = SET_ERROR(EINVAL);
5224 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
5226 spa_config_exit(spa, SCL_ALL, FTAG);
5227 mutex_exit(&spa_namespace_lock);
5229 nvlist_free(config);
5233 #else /* !illumos */
5235 extern int vdev_geom_read_pool_label(const char *name, nvlist_t ***configs,
5239 spa_generate_rootconf(const char *name)
5241 nvlist_t **configs, **tops;
5243 nvlist_t *best_cfg, *nvtop, *nvroot;
5252 if (vdev_geom_read_pool_label(name, &configs, &count) != 0)
5255 ASSERT3U(count, !=, 0);
5257 for (i = 0; i < count; i++) {
5260 VERIFY(nvlist_lookup_uint64(configs[i], ZPOOL_CONFIG_POOL_TXG,
5262 if (txg > best_txg) {
5264 best_cfg = configs[i];
5269 nvlist_lookup_uint64(best_cfg, ZPOOL_CONFIG_VDEV_CHILDREN, &nchildren);
5271 nvlist_lookup_uint64_array(best_cfg, ZPOOL_CONFIG_HOLE_ARRAY,
5274 tops = kmem_zalloc(nchildren * sizeof(void *), KM_SLEEP);
5275 for (i = 0; i < nchildren; i++) {
5278 if (configs[i] == NULL)
5280 VERIFY(nvlist_lookup_nvlist(configs[i], ZPOOL_CONFIG_VDEV_TREE,
5282 nvlist_dup(nvtop, &tops[i], KM_SLEEP);
5284 for (i = 0; holes != NULL && i < nholes; i++) {
5287 if (tops[holes[i]] != NULL)
5289 nvlist_alloc(&tops[holes[i]], NV_UNIQUE_NAME, KM_SLEEP);
5290 VERIFY(nvlist_add_string(tops[holes[i]], ZPOOL_CONFIG_TYPE,
5291 VDEV_TYPE_HOLE) == 0);
5292 VERIFY(nvlist_add_uint64(tops[holes[i]], ZPOOL_CONFIG_ID,
5294 VERIFY(nvlist_add_uint64(tops[holes[i]], ZPOOL_CONFIG_GUID,
5297 for (i = 0; i < nchildren; i++) {
5298 if (tops[i] != NULL)
5300 nvlist_alloc(&tops[i], NV_UNIQUE_NAME, KM_SLEEP);
5301 VERIFY(nvlist_add_string(tops[i], ZPOOL_CONFIG_TYPE,
5302 VDEV_TYPE_MISSING) == 0);
5303 VERIFY(nvlist_add_uint64(tops[i], ZPOOL_CONFIG_ID,
5305 VERIFY(nvlist_add_uint64(tops[i], ZPOOL_CONFIG_GUID,
5310 * Create pool config based on the best vdev config.
5312 nvlist_dup(best_cfg, &config, KM_SLEEP);
5315 * Put this pool's top-level vdevs into a root vdev.
5317 VERIFY(nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_GUID,
5319 VERIFY(nvlist_alloc(&nvroot, NV_UNIQUE_NAME, KM_SLEEP) == 0);
5320 VERIFY(nvlist_add_string(nvroot, ZPOOL_CONFIG_TYPE,
5321 VDEV_TYPE_ROOT) == 0);
5322 VERIFY(nvlist_add_uint64(nvroot, ZPOOL_CONFIG_ID, 0ULL) == 0);
5323 VERIFY(nvlist_add_uint64(nvroot, ZPOOL_CONFIG_GUID, pgid) == 0);
5324 VERIFY(nvlist_add_nvlist_array(nvroot, ZPOOL_CONFIG_CHILDREN,
5325 tops, nchildren) == 0);
5328 * Replace the existing vdev_tree with the new root vdev in
5329 * this pool's configuration (remove the old, add the new).
5331 VERIFY(nvlist_add_nvlist(config, ZPOOL_CONFIG_VDEV_TREE, nvroot) == 0);
5334 * Drop vdev config elements that should not be present at pool level.
5336 nvlist_remove(config, ZPOOL_CONFIG_GUID, DATA_TYPE_UINT64);
5337 nvlist_remove(config, ZPOOL_CONFIG_TOP_GUID, DATA_TYPE_UINT64);
5339 for (i = 0; i < count; i++)
5340 nvlist_free(configs[i]);
5341 kmem_free(configs, count * sizeof(void *));
5342 for (i = 0; i < nchildren; i++)
5343 nvlist_free(tops[i]);
5344 kmem_free(tops, nchildren * sizeof(void *));
5345 nvlist_free(nvroot);
5350 spa_import_rootpool(const char *name)
5353 vdev_t *rvd, *bvd, *avd = NULL;
5354 nvlist_t *config, *nvtop;
5360 * Read the label from the boot device and generate a configuration.
5362 config = spa_generate_rootconf(name);
5364 mutex_enter(&spa_namespace_lock);
5365 if (config != NULL) {
5366 VERIFY(nvlist_lookup_string(config, ZPOOL_CONFIG_POOL_NAME,
5367 &pname) == 0 && strcmp(name, pname) == 0);
5368 VERIFY(nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_TXG, &txg)
5371 if ((spa = spa_lookup(pname)) != NULL) {
5373 * The pool could already be imported,
5374 * e.g., after reboot -r.
5376 if (spa->spa_state == POOL_STATE_ACTIVE) {
5377 mutex_exit(&spa_namespace_lock);
5378 nvlist_free(config);
5383 * Remove the existing root pool from the namespace so
5384 * that we can replace it with the correct config
5389 spa = spa_add(pname, config, NULL);
5392 * Set spa_ubsync.ub_version as it can be used in vdev_alloc()
5393 * via spa_version().
5395 if (nvlist_lookup_uint64(config, ZPOOL_CONFIG_VERSION,
5396 &spa->spa_ubsync.ub_version) != 0)
5397 spa->spa_ubsync.ub_version = SPA_VERSION_INITIAL;
5398 } else if ((spa = spa_lookup(name)) == NULL) {
5399 mutex_exit(&spa_namespace_lock);
5400 nvlist_free(config);
5401 cmn_err(CE_NOTE, "Cannot find the pool label for '%s'",
5405 VERIFY(nvlist_dup(spa->spa_config, &config, KM_SLEEP) == 0);
5407 spa->spa_is_root = B_TRUE;
5408 spa->spa_import_flags = ZFS_IMPORT_VERBATIM;
5411 * Build up a vdev tree based on the boot device's label config.
5413 VERIFY(nvlist_lookup_nvlist(config, ZPOOL_CONFIG_VDEV_TREE,
5415 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
5416 error = spa_config_parse(spa, &rvd, nvtop, NULL, 0,
5417 VDEV_ALLOC_ROOTPOOL);
5418 spa_config_exit(spa, SCL_ALL, FTAG);
5420 mutex_exit(&spa_namespace_lock);
5421 nvlist_free(config);
5422 cmn_err(CE_NOTE, "Can not parse the config for pool '%s'",
5427 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
5429 spa_config_exit(spa, SCL_ALL, FTAG);
5430 mutex_exit(&spa_namespace_lock);
5432 nvlist_free(config);
5436 #endif /* illumos */
5437 #endif /* _KERNEL */
5440 * Import a non-root pool into the system.
5443 spa_import(const char *pool, nvlist_t *config, nvlist_t *props, uint64_t flags)
5446 char *altroot = NULL;
5447 spa_load_state_t state = SPA_LOAD_IMPORT;
5448 zpool_load_policy_t policy;
5449 uint64_t mode = spa_mode_global;
5450 uint64_t readonly = B_FALSE;
5453 nvlist_t **spares, **l2cache;
5454 uint_t nspares, nl2cache;
5457 * If a pool with this name exists, return failure.
5459 mutex_enter(&spa_namespace_lock);
5460 if (spa_lookup(pool) != NULL) {
5461 mutex_exit(&spa_namespace_lock);
5462 return (SET_ERROR(EEXIST));
5466 * Create and initialize the spa structure.
5468 (void) nvlist_lookup_string(props,
5469 zpool_prop_to_name(ZPOOL_PROP_ALTROOT), &altroot);
5470 (void) nvlist_lookup_uint64(props,
5471 zpool_prop_to_name(ZPOOL_PROP_READONLY), &readonly);
5474 spa = spa_add(pool, config, altroot);
5475 spa->spa_import_flags = flags;
5478 * Verbatim import - Take a pool and insert it into the namespace
5479 * as if it had been loaded at boot.
5481 if (spa->spa_import_flags & ZFS_IMPORT_VERBATIM) {
5483 spa_configfile_set(spa, props, B_FALSE);
5485 spa_write_cachefile(spa, B_FALSE, B_TRUE);
5486 spa_event_notify(spa, NULL, NULL, ESC_ZFS_POOL_IMPORT);
5487 zfs_dbgmsg("spa_import: verbatim import of %s", pool);
5488 mutex_exit(&spa_namespace_lock);
5492 spa_activate(spa, mode);
5495 * Don't start async tasks until we know everything is healthy.
5497 spa_async_suspend(spa);
5499 zpool_get_load_policy(config, &policy);
5500 if (policy.zlp_rewind & ZPOOL_DO_REWIND)
5501 state = SPA_LOAD_RECOVER;
5503 spa->spa_config_source = SPA_CONFIG_SRC_TRYIMPORT;
5505 if (state != SPA_LOAD_RECOVER) {
5506 spa->spa_last_ubsync_txg = spa->spa_load_txg = 0;
5507 zfs_dbgmsg("spa_import: importing %s", pool);
5509 zfs_dbgmsg("spa_import: importing %s, max_txg=%lld "
5510 "(RECOVERY MODE)", pool, (longlong_t)policy.zlp_txg);
5512 error = spa_load_best(spa, state, policy.zlp_txg, policy.zlp_rewind);
5515 * Propagate anything learned while loading the pool and pass it
5516 * back to caller (i.e. rewind info, missing devices, etc).
5518 VERIFY(nvlist_add_nvlist(config, ZPOOL_CONFIG_LOAD_INFO,
5519 spa->spa_load_info) == 0);
5521 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
5523 * Toss any existing sparelist, as it doesn't have any validity
5524 * anymore, and conflicts with spa_has_spare().
5526 if (spa->spa_spares.sav_config) {
5527 nvlist_free(spa->spa_spares.sav_config);
5528 spa->spa_spares.sav_config = NULL;
5529 spa_load_spares(spa);
5531 if (spa->spa_l2cache.sav_config) {
5532 nvlist_free(spa->spa_l2cache.sav_config);
5533 spa->spa_l2cache.sav_config = NULL;
5534 spa_load_l2cache(spa);
5537 VERIFY(nvlist_lookup_nvlist(config, ZPOOL_CONFIG_VDEV_TREE,
5540 error = spa_validate_aux(spa, nvroot, -1ULL,
5543 error = spa_validate_aux(spa, nvroot, -1ULL,
5544 VDEV_ALLOC_L2CACHE);
5545 spa_config_exit(spa, SCL_ALL, FTAG);
5548 spa_configfile_set(spa, props, B_FALSE);
5550 if (error != 0 || (props && spa_writeable(spa) &&
5551 (error = spa_prop_set(spa, props)))) {
5553 spa_deactivate(spa);
5555 mutex_exit(&spa_namespace_lock);
5559 spa_async_resume(spa);
5562 * Override any spares and level 2 cache devices as specified by
5563 * the user, as these may have correct device names/devids, etc.
5565 if (nvlist_lookup_nvlist_array(nvroot, ZPOOL_CONFIG_SPARES,
5566 &spares, &nspares) == 0) {
5567 if (spa->spa_spares.sav_config)
5568 VERIFY(nvlist_remove(spa->spa_spares.sav_config,
5569 ZPOOL_CONFIG_SPARES, DATA_TYPE_NVLIST_ARRAY) == 0);
5571 VERIFY(nvlist_alloc(&spa->spa_spares.sav_config,
5572 NV_UNIQUE_NAME, KM_SLEEP) == 0);
5573 VERIFY(nvlist_add_nvlist_array(spa->spa_spares.sav_config,
5574 ZPOOL_CONFIG_SPARES, spares, nspares) == 0);
5575 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
5576 spa_load_spares(spa);
5577 spa_config_exit(spa, SCL_ALL, FTAG);
5578 spa->spa_spares.sav_sync = B_TRUE;
5580 if (nvlist_lookup_nvlist_array(nvroot, ZPOOL_CONFIG_L2CACHE,
5581 &l2cache, &nl2cache) == 0) {
5582 if (spa->spa_l2cache.sav_config)
5583 VERIFY(nvlist_remove(spa->spa_l2cache.sav_config,
5584 ZPOOL_CONFIG_L2CACHE, DATA_TYPE_NVLIST_ARRAY) == 0);
5586 VERIFY(nvlist_alloc(&spa->spa_l2cache.sav_config,
5587 NV_UNIQUE_NAME, KM_SLEEP) == 0);
5588 VERIFY(nvlist_add_nvlist_array(spa->spa_l2cache.sav_config,
5589 ZPOOL_CONFIG_L2CACHE, l2cache, nl2cache) == 0);
5590 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
5591 spa_load_l2cache(spa);
5592 spa_config_exit(spa, SCL_ALL, FTAG);
5593 spa->spa_l2cache.sav_sync = B_TRUE;
5597 * Check for any removed devices.
5599 if (spa->spa_autoreplace) {
5600 spa_aux_check_removed(&spa->spa_spares);
5601 spa_aux_check_removed(&spa->spa_l2cache);
5604 if (spa_writeable(spa)) {
5606 * Update the config cache to include the newly-imported pool.
5608 spa_config_update(spa, SPA_CONFIG_UPDATE_POOL);
5612 * It's possible that the pool was expanded while it was exported.
5613 * We kick off an async task to handle this for us.
5615 spa_async_request(spa, SPA_ASYNC_AUTOEXPAND);
5617 spa_history_log_version(spa, "import");
5619 spa_event_notify(spa, NULL, NULL, ESC_ZFS_POOL_IMPORT);
5621 mutex_exit(&spa_namespace_lock);
5625 zvol_create_minors(pool);
5632 spa_tryimport(nvlist_t *tryconfig)
5634 nvlist_t *config = NULL;
5635 char *poolname, *cachefile;
5639 zpool_load_policy_t policy;
5641 if (nvlist_lookup_string(tryconfig, ZPOOL_CONFIG_POOL_NAME, &poolname))
5644 if (nvlist_lookup_uint64(tryconfig, ZPOOL_CONFIG_POOL_STATE, &state))
5648 * Create and initialize the spa structure.
5650 mutex_enter(&spa_namespace_lock);
5651 spa = spa_add(TRYIMPORT_NAME, tryconfig, NULL);
5652 spa_activate(spa, FREAD);
5655 * Rewind pool if a max txg was provided.
5657 zpool_get_load_policy(spa->spa_config, &policy);
5658 if (policy.zlp_txg != UINT64_MAX) {
5659 spa->spa_load_max_txg = policy.zlp_txg;
5660 spa->spa_extreme_rewind = B_TRUE;
5661 zfs_dbgmsg("spa_tryimport: importing %s, max_txg=%lld",
5662 poolname, (longlong_t)policy.zlp_txg);
5664 zfs_dbgmsg("spa_tryimport: importing %s", poolname);
5667 if (nvlist_lookup_string(tryconfig, ZPOOL_CONFIG_CACHEFILE, &cachefile)
5669 zfs_dbgmsg("spa_tryimport: using cachefile '%s'", cachefile);
5670 spa->spa_config_source = SPA_CONFIG_SRC_CACHEFILE;
5672 spa->spa_config_source = SPA_CONFIG_SRC_SCAN;
5675 error = spa_load(spa, SPA_LOAD_TRYIMPORT, SPA_IMPORT_EXISTING);
5678 * If 'tryconfig' was at least parsable, return the current config.
5680 if (spa->spa_root_vdev != NULL) {
5681 config = spa_config_generate(spa, NULL, -1ULL, B_TRUE);
5682 VERIFY(nvlist_add_string(config, ZPOOL_CONFIG_POOL_NAME,
5684 VERIFY(nvlist_add_uint64(config, ZPOOL_CONFIG_POOL_STATE,
5686 VERIFY(nvlist_add_uint64(config, ZPOOL_CONFIG_TIMESTAMP,
5687 spa->spa_uberblock.ub_timestamp) == 0);
5688 VERIFY(nvlist_add_nvlist(config, ZPOOL_CONFIG_LOAD_INFO,
5689 spa->spa_load_info) == 0);
5692 * If the bootfs property exists on this pool then we
5693 * copy it out so that external consumers can tell which
5694 * pools are bootable.
5696 if ((!error || error == EEXIST) && spa->spa_bootfs) {
5697 char *tmpname = kmem_alloc(MAXPATHLEN, KM_SLEEP);
5700 * We have to play games with the name since the
5701 * pool was opened as TRYIMPORT_NAME.
5703 if (dsl_dsobj_to_dsname(spa_name(spa),
5704 spa->spa_bootfs, tmpname) == 0) {
5706 char *dsname = kmem_alloc(MAXPATHLEN, KM_SLEEP);
5708 cp = strchr(tmpname, '/');
5710 (void) strlcpy(dsname, tmpname,
5713 (void) snprintf(dsname, MAXPATHLEN,
5714 "%s/%s", poolname, ++cp);
5716 VERIFY(nvlist_add_string(config,
5717 ZPOOL_CONFIG_BOOTFS, dsname) == 0);
5718 kmem_free(dsname, MAXPATHLEN);
5720 kmem_free(tmpname, MAXPATHLEN);
5724 * Add the list of hot spares and level 2 cache devices.
5726 spa_config_enter(spa, SCL_CONFIG, FTAG, RW_READER);
5727 spa_add_spares(spa, config);
5728 spa_add_l2cache(spa, config);
5729 spa_config_exit(spa, SCL_CONFIG, FTAG);
5733 spa_deactivate(spa);
5735 mutex_exit(&spa_namespace_lock);
5741 * Pool export/destroy
5743 * The act of destroying or exporting a pool is very simple. We make sure there
5744 * is no more pending I/O and any references to the pool are gone. Then, we
5745 * update the pool state and sync all the labels to disk, removing the
5746 * configuration from the cache afterwards. If the 'hardforce' flag is set, then
5747 * we don't sync the labels or remove the configuration cache.
5750 spa_export_common(char *pool, int new_state, nvlist_t **oldconfig,
5751 boolean_t force, boolean_t hardforce)
5758 if (!(spa_mode_global & FWRITE))
5759 return (SET_ERROR(EROFS));
5761 mutex_enter(&spa_namespace_lock);
5762 if ((spa = spa_lookup(pool)) == NULL) {
5763 mutex_exit(&spa_namespace_lock);
5764 return (SET_ERROR(ENOENT));
5768 * Put a hold on the pool, drop the namespace lock, stop async tasks,
5769 * reacquire the namespace lock, and see if we can export.
5771 spa_open_ref(spa, FTAG);
5772 mutex_exit(&spa_namespace_lock);
5773 spa_async_suspend(spa);
5774 mutex_enter(&spa_namespace_lock);
5775 spa_close(spa, FTAG);
5778 * The pool will be in core if it's openable,
5779 * in which case we can modify its state.
5781 if (spa->spa_state != POOL_STATE_UNINITIALIZED && spa->spa_sync_on) {
5784 * Objsets may be open only because they're dirty, so we
5785 * have to force it to sync before checking spa_refcnt.
5787 txg_wait_synced(spa->spa_dsl_pool, 0);
5788 spa_evicting_os_wait(spa);
5791 * A pool cannot be exported or destroyed if there are active
5792 * references. If we are resetting a pool, allow references by
5793 * fault injection handlers.
5795 if (!spa_refcount_zero(spa) ||
5796 (spa->spa_inject_ref != 0 &&
5797 new_state != POOL_STATE_UNINITIALIZED)) {
5798 spa_async_resume(spa);
5799 mutex_exit(&spa_namespace_lock);
5800 return (SET_ERROR(EBUSY));
5804 * A pool cannot be exported if it has an active shared spare.
5805 * This is to prevent other pools stealing the active spare
5806 * from an exported pool. At user's own will, such pool can
5807 * be forcedly exported.
5809 if (!force && new_state == POOL_STATE_EXPORTED &&
5810 spa_has_active_shared_spare(spa)) {
5811 spa_async_resume(spa);
5812 mutex_exit(&spa_namespace_lock);
5813 return (SET_ERROR(EXDEV));
5817 * We're about to export or destroy this pool. Make sure
5818 * we stop all initializtion activity here before we
5819 * set the spa_final_txg. This will ensure that all
5820 * dirty data resulting from the initialization is
5821 * committed to disk before we unload the pool.
5823 if (spa->spa_root_vdev != NULL) {
5824 vdev_initialize_stop_all(spa->spa_root_vdev,
5825 VDEV_INITIALIZE_ACTIVE);
5829 * We want this to be reflected on every label,
5830 * so mark them all dirty. spa_unload() will do the
5831 * final sync that pushes these changes out.
5833 if (new_state != POOL_STATE_UNINITIALIZED && !hardforce) {
5834 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
5835 spa->spa_state = new_state;
5836 spa->spa_final_txg = spa_last_synced_txg(spa) +
5838 vdev_config_dirty(spa->spa_root_vdev);
5839 spa_config_exit(spa, SCL_ALL, FTAG);
5843 spa_event_notify(spa, NULL, NULL, ESC_ZFS_POOL_DESTROY);
5845 if (spa->spa_state != POOL_STATE_UNINITIALIZED) {
5847 spa_deactivate(spa);
5850 if (oldconfig && spa->spa_config)
5851 VERIFY(nvlist_dup(spa->spa_config, oldconfig, 0) == 0);
5853 if (new_state != POOL_STATE_UNINITIALIZED) {
5855 spa_write_cachefile(spa, B_TRUE, B_TRUE);
5858 mutex_exit(&spa_namespace_lock);
5864 * Destroy a storage pool.
5867 spa_destroy(char *pool)
5869 return (spa_export_common(pool, POOL_STATE_DESTROYED, NULL,
5874 * Export a storage pool.
5877 spa_export(char *pool, nvlist_t **oldconfig, boolean_t force,
5878 boolean_t hardforce)
5880 return (spa_export_common(pool, POOL_STATE_EXPORTED, oldconfig,
5885 * Similar to spa_export(), this unloads the spa_t without actually removing it
5886 * from the namespace in any way.
5889 spa_reset(char *pool)
5891 return (spa_export_common(pool, POOL_STATE_UNINITIALIZED, NULL,
5896 * ==========================================================================
5897 * Device manipulation
5898 * ==========================================================================
5902 * Add a device to a storage pool.
5905 spa_vdev_add(spa_t *spa, nvlist_t *nvroot)
5909 vdev_t *rvd = spa->spa_root_vdev;
5911 nvlist_t **spares, **l2cache;
5912 uint_t nspares, nl2cache;
5914 ASSERT(spa_writeable(spa));
5916 txg = spa_vdev_enter(spa);
5918 if ((error = spa_config_parse(spa, &vd, nvroot, NULL, 0,
5919 VDEV_ALLOC_ADD)) != 0)
5920 return (spa_vdev_exit(spa, NULL, txg, error));
5922 spa->spa_pending_vdev = vd; /* spa_vdev_exit() will clear this */
5924 if (nvlist_lookup_nvlist_array(nvroot, ZPOOL_CONFIG_SPARES, &spares,
5928 if (nvlist_lookup_nvlist_array(nvroot, ZPOOL_CONFIG_L2CACHE, &l2cache,
5932 if (vd->vdev_children == 0 && nspares == 0 && nl2cache == 0)
5933 return (spa_vdev_exit(spa, vd, txg, EINVAL));
5935 if (vd->vdev_children != 0 &&
5936 (error = vdev_create(vd, txg, B_FALSE)) != 0)
5937 return (spa_vdev_exit(spa, vd, txg, error));
5940 * We must validate the spares and l2cache devices after checking the
5941 * children. Otherwise, vdev_inuse() will blindly overwrite the spare.
5943 if ((error = spa_validate_aux(spa, nvroot, txg, VDEV_ALLOC_ADD)) != 0)
5944 return (spa_vdev_exit(spa, vd, txg, error));
5947 * If we are in the middle of a device removal, we can only add
5948 * devices which match the existing devices in the pool.
5949 * If we are in the middle of a removal, or have some indirect
5950 * vdevs, we can not add raidz toplevels.
5952 if (spa->spa_vdev_removal != NULL ||
5953 spa->spa_removing_phys.sr_prev_indirect_vdev != -1) {
5954 for (int c = 0; c < vd->vdev_children; c++) {
5955 tvd = vd->vdev_child[c];
5956 if (spa->spa_vdev_removal != NULL &&
5957 tvd->vdev_ashift != spa->spa_max_ashift) {
5958 return (spa_vdev_exit(spa, vd, txg, EINVAL));
5960 /* Fail if top level vdev is raidz */
5961 if (tvd->vdev_ops == &vdev_raidz_ops) {
5962 return (spa_vdev_exit(spa, vd, txg, EINVAL));
5965 * Need the top level mirror to be
5966 * a mirror of leaf vdevs only
5968 if (tvd->vdev_ops == &vdev_mirror_ops) {
5969 for (uint64_t cid = 0;
5970 cid < tvd->vdev_children; cid++) {
5971 vdev_t *cvd = tvd->vdev_child[cid];
5972 if (!cvd->vdev_ops->vdev_op_leaf) {
5973 return (spa_vdev_exit(spa, vd,
5981 for (int c = 0; c < vd->vdev_children; c++) {
5984 * Set the vdev id to the first hole, if one exists.
5986 for (id = 0; id < rvd->vdev_children; id++) {
5987 if (rvd->vdev_child[id]->vdev_ishole) {
5988 vdev_free(rvd->vdev_child[id]);
5992 tvd = vd->vdev_child[c];
5993 vdev_remove_child(vd, tvd);
5995 vdev_add_child(rvd, tvd);
5996 vdev_config_dirty(tvd);
6000 spa_set_aux_vdevs(&spa->spa_spares, spares, nspares,
6001 ZPOOL_CONFIG_SPARES);
6002 spa_load_spares(spa);
6003 spa->spa_spares.sav_sync = B_TRUE;
6006 if (nl2cache != 0) {
6007 spa_set_aux_vdevs(&spa->spa_l2cache, l2cache, nl2cache,
6008 ZPOOL_CONFIG_L2CACHE);
6009 spa_load_l2cache(spa);
6010 spa->spa_l2cache.sav_sync = B_TRUE;
6014 * We have to be careful when adding new vdevs to an existing pool.
6015 * If other threads start allocating from these vdevs before we
6016 * sync the config cache, and we lose power, then upon reboot we may
6017 * fail to open the pool because there are DVAs that the config cache
6018 * can't translate. Therefore, we first add the vdevs without
6019 * initializing metaslabs; sync the config cache (via spa_vdev_exit());
6020 * and then let spa_config_update() initialize the new metaslabs.
6022 * spa_load() checks for added-but-not-initialized vdevs, so that
6023 * if we lose power at any point in this sequence, the remaining
6024 * steps will be completed the next time we load the pool.
6026 (void) spa_vdev_exit(spa, vd, txg, 0);
6028 mutex_enter(&spa_namespace_lock);
6029 spa_config_update(spa, SPA_CONFIG_UPDATE_POOL);
6030 spa_event_notify(spa, NULL, NULL, ESC_ZFS_VDEV_ADD);
6031 mutex_exit(&spa_namespace_lock);
6037 * Attach a device to a mirror. The arguments are the path to any device
6038 * in the mirror, and the nvroot for the new device. If the path specifies
6039 * a device that is not mirrored, we automatically insert the mirror vdev.
6041 * If 'replacing' is specified, the new device is intended to replace the
6042 * existing device; in this case the two devices are made into their own
6043 * mirror using the 'replacing' vdev, which is functionally identical to
6044 * the mirror vdev (it actually reuses all the same ops) but has a few
6045 * extra rules: you can't attach to it after it's been created, and upon
6046 * completion of resilvering, the first disk (the one being replaced)
6047 * is automatically detached.
6050 spa_vdev_attach(spa_t *spa, uint64_t guid, nvlist_t *nvroot, int replacing)
6052 uint64_t txg, dtl_max_txg;
6053 vdev_t *rvd = spa->spa_root_vdev;
6054 vdev_t *oldvd, *newvd, *newrootvd, *pvd, *tvd;
6056 char *oldvdpath, *newvdpath;
6060 ASSERT(spa_writeable(spa));
6062 txg = spa_vdev_enter(spa);
6064 oldvd = spa_lookup_by_guid(spa, guid, B_FALSE);
6066 ASSERT(MUTEX_HELD(&spa_namespace_lock));
6067 if (spa_feature_is_active(spa, SPA_FEATURE_POOL_CHECKPOINT)) {
6068 error = (spa_has_checkpoint(spa)) ?
6069 ZFS_ERR_CHECKPOINT_EXISTS : ZFS_ERR_DISCARDING_CHECKPOINT;
6070 return (spa_vdev_exit(spa, NULL, txg, error));
6073 if (spa->spa_vdev_removal != NULL)
6074 return (spa_vdev_exit(spa, NULL, txg, EBUSY));
6077 return (spa_vdev_exit(spa, NULL, txg, ENODEV));
6079 if (!oldvd->vdev_ops->vdev_op_leaf)
6080 return (spa_vdev_exit(spa, NULL, txg, ENOTSUP));
6082 pvd = oldvd->vdev_parent;
6084 if ((error = spa_config_parse(spa, &newrootvd, nvroot, NULL, 0,
6085 VDEV_ALLOC_ATTACH)) != 0)
6086 return (spa_vdev_exit(spa, NULL, txg, EINVAL));
6088 if (newrootvd->vdev_children != 1)
6089 return (spa_vdev_exit(spa, newrootvd, txg, EINVAL));
6091 newvd = newrootvd->vdev_child[0];
6093 if (!newvd->vdev_ops->vdev_op_leaf)
6094 return (spa_vdev_exit(spa, newrootvd, txg, EINVAL));
6096 if ((error = vdev_create(newrootvd, txg, replacing)) != 0)
6097 return (spa_vdev_exit(spa, newrootvd, txg, error));
6100 * Spares can't replace logs
6102 if (oldvd->vdev_top->vdev_islog && newvd->vdev_isspare)
6103 return (spa_vdev_exit(spa, newrootvd, txg, ENOTSUP));
6107 * For attach, the only allowable parent is a mirror or the root
6110 if (pvd->vdev_ops != &vdev_mirror_ops &&
6111 pvd->vdev_ops != &vdev_root_ops)
6112 return (spa_vdev_exit(spa, newrootvd, txg, ENOTSUP));
6114 pvops = &vdev_mirror_ops;
6117 * Active hot spares can only be replaced by inactive hot
6120 if (pvd->vdev_ops == &vdev_spare_ops &&
6121 oldvd->vdev_isspare &&
6122 !spa_has_spare(spa, newvd->vdev_guid))
6123 return (spa_vdev_exit(spa, newrootvd, txg, ENOTSUP));
6126 * If the source is a hot spare, and the parent isn't already a
6127 * spare, then we want to create a new hot spare. Otherwise, we
6128 * want to create a replacing vdev. The user is not allowed to
6129 * attach to a spared vdev child unless the 'isspare' state is
6130 * the same (spare replaces spare, non-spare replaces
6133 if (pvd->vdev_ops == &vdev_replacing_ops &&
6134 spa_version(spa) < SPA_VERSION_MULTI_REPLACE) {
6135 return (spa_vdev_exit(spa, newrootvd, txg, ENOTSUP));
6136 } else if (pvd->vdev_ops == &vdev_spare_ops &&
6137 newvd->vdev_isspare != oldvd->vdev_isspare) {
6138 return (spa_vdev_exit(spa, newrootvd, txg, ENOTSUP));
6141 if (newvd->vdev_isspare)
6142 pvops = &vdev_spare_ops;
6144 pvops = &vdev_replacing_ops;
6148 * Make sure the new device is big enough.
6150 if (newvd->vdev_asize < vdev_get_min_asize(oldvd))
6151 return (spa_vdev_exit(spa, newrootvd, txg, EOVERFLOW));
6154 * The new device cannot have a higher alignment requirement
6155 * than the top-level vdev.
6157 if (newvd->vdev_ashift > oldvd->vdev_top->vdev_ashift)
6158 return (spa_vdev_exit(spa, newrootvd, txg, EDOM));
6161 * If this is an in-place replacement, update oldvd's path and devid
6162 * to make it distinguishable from newvd, and unopenable from now on.
6164 if (strcmp(oldvd->vdev_path, newvd->vdev_path) == 0) {
6165 spa_strfree(oldvd->vdev_path);
6166 oldvd->vdev_path = kmem_alloc(strlen(newvd->vdev_path) + 5,
6168 (void) sprintf(oldvd->vdev_path, "%s/%s",
6169 newvd->vdev_path, "old");
6170 if (oldvd->vdev_devid != NULL) {
6171 spa_strfree(oldvd->vdev_devid);
6172 oldvd->vdev_devid = NULL;
6176 /* mark the device being resilvered */
6177 newvd->vdev_resilver_txg = txg;
6180 * If the parent is not a mirror, or if we're replacing, insert the new
6181 * mirror/replacing/spare vdev above oldvd.
6183 if (pvd->vdev_ops != pvops)
6184 pvd = vdev_add_parent(oldvd, pvops);
6186 ASSERT(pvd->vdev_top->vdev_parent == rvd);
6187 ASSERT(pvd->vdev_ops == pvops);
6188 ASSERT(oldvd->vdev_parent == pvd);
6191 * Extract the new device from its root and add it to pvd.
6193 vdev_remove_child(newrootvd, newvd);
6194 newvd->vdev_id = pvd->vdev_children;
6195 newvd->vdev_crtxg = oldvd->vdev_crtxg;
6196 vdev_add_child(pvd, newvd);
6198 tvd = newvd->vdev_top;
6199 ASSERT(pvd->vdev_top == tvd);
6200 ASSERT(tvd->vdev_parent == rvd);
6202 vdev_config_dirty(tvd);
6205 * Set newvd's DTL to [TXG_INITIAL, dtl_max_txg) so that we account
6206 * for any dmu_sync-ed blocks. It will propagate upward when
6207 * spa_vdev_exit() calls vdev_dtl_reassess().
6209 dtl_max_txg = txg + TXG_CONCURRENT_STATES;
6211 vdev_dtl_dirty(newvd, DTL_MISSING, TXG_INITIAL,
6212 dtl_max_txg - TXG_INITIAL);
6214 if (newvd->vdev_isspare) {
6215 spa_spare_activate(newvd);
6216 spa_event_notify(spa, newvd, NULL, ESC_ZFS_VDEV_SPARE);
6219 oldvdpath = spa_strdup(oldvd->vdev_path);
6220 newvdpath = spa_strdup(newvd->vdev_path);
6221 newvd_isspare = newvd->vdev_isspare;
6224 * Mark newvd's DTL dirty in this txg.
6226 vdev_dirty(tvd, VDD_DTL, newvd, txg);
6229 * Schedule the resilver to restart in the future. We do this to
6230 * ensure that dmu_sync-ed blocks have been stitched into the
6231 * respective datasets.
6233 dsl_resilver_restart(spa->spa_dsl_pool, dtl_max_txg);
6235 if (spa->spa_bootfs)
6236 spa_event_notify(spa, newvd, NULL, ESC_ZFS_BOOTFS_VDEV_ATTACH);
6238 spa_event_notify(spa, newvd, NULL, ESC_ZFS_VDEV_ATTACH);
6243 (void) spa_vdev_exit(spa, newrootvd, dtl_max_txg, 0);
6245 spa_history_log_internal(spa, "vdev attach", NULL,
6246 "%s vdev=%s %s vdev=%s",
6247 replacing && newvd_isspare ? "spare in" :
6248 replacing ? "replace" : "attach", newvdpath,
6249 replacing ? "for" : "to", oldvdpath);
6251 spa_strfree(oldvdpath);
6252 spa_strfree(newvdpath);
6258 * Detach a device from a mirror or replacing vdev.
6260 * If 'replace_done' is specified, only detach if the parent
6261 * is a replacing vdev.
6264 spa_vdev_detach(spa_t *spa, uint64_t guid, uint64_t pguid, int replace_done)
6268 vdev_t *rvd = spa->spa_root_vdev;
6269 vdev_t *vd, *pvd, *cvd, *tvd;
6270 boolean_t unspare = B_FALSE;
6271 uint64_t unspare_guid = 0;
6274 ASSERT(spa_writeable(spa));
6276 txg = spa_vdev_enter(spa);
6278 vd = spa_lookup_by_guid(spa, guid, B_FALSE);
6281 * Besides being called directly from the userland through the
6282 * ioctl interface, spa_vdev_detach() can be potentially called
6283 * at the end of spa_vdev_resilver_done().
6285 * In the regular case, when we have a checkpoint this shouldn't
6286 * happen as we never empty the DTLs of a vdev during the scrub
6287 * [see comment in dsl_scan_done()]. Thus spa_vdev_resilvering_done()
6288 * should never get here when we have a checkpoint.
6290 * That said, even in a case when we checkpoint the pool exactly
6291 * as spa_vdev_resilver_done() calls this function everything
6292 * should be fine as the resilver will return right away.
6294 ASSERT(MUTEX_HELD(&spa_namespace_lock));
6295 if (spa_feature_is_active(spa, SPA_FEATURE_POOL_CHECKPOINT)) {
6296 error = (spa_has_checkpoint(spa)) ?
6297 ZFS_ERR_CHECKPOINT_EXISTS : ZFS_ERR_DISCARDING_CHECKPOINT;
6298 return (spa_vdev_exit(spa, NULL, txg, error));
6302 return (spa_vdev_exit(spa, NULL, txg, ENODEV));
6304 if (!vd->vdev_ops->vdev_op_leaf)
6305 return (spa_vdev_exit(spa, NULL, txg, ENOTSUP));
6307 pvd = vd->vdev_parent;
6310 * If the parent/child relationship is not as expected, don't do it.
6311 * Consider M(A,R(B,C)) -- that is, a mirror of A with a replacing
6312 * vdev that's replacing B with C. The user's intent in replacing
6313 * is to go from M(A,B) to M(A,C). If the user decides to cancel
6314 * the replace by detaching C, the expected behavior is to end up
6315 * M(A,B). But suppose that right after deciding to detach C,
6316 * the replacement of B completes. We would have M(A,C), and then
6317 * ask to detach C, which would leave us with just A -- not what
6318 * the user wanted. To prevent this, we make sure that the
6319 * parent/child relationship hasn't changed -- in this example,
6320 * that C's parent is still the replacing vdev R.
6322 if (pvd->vdev_guid != pguid && pguid != 0)
6323 return (spa_vdev_exit(spa, NULL, txg, EBUSY));
6326 * Only 'replacing' or 'spare' vdevs can be replaced.
6328 if (replace_done && pvd->vdev_ops != &vdev_replacing_ops &&
6329 pvd->vdev_ops != &vdev_spare_ops)
6330 return (spa_vdev_exit(spa, NULL, txg, ENOTSUP));
6332 ASSERT(pvd->vdev_ops != &vdev_spare_ops ||
6333 spa_version(spa) >= SPA_VERSION_SPARES);
6336 * Only mirror, replacing, and spare vdevs support detach.
6338 if (pvd->vdev_ops != &vdev_replacing_ops &&
6339 pvd->vdev_ops != &vdev_mirror_ops &&
6340 pvd->vdev_ops != &vdev_spare_ops)
6341 return (spa_vdev_exit(spa, NULL, txg, ENOTSUP));
6344 * If this device has the only valid copy of some data,
6345 * we cannot safely detach it.
6347 if (vdev_dtl_required(vd))
6348 return (spa_vdev_exit(spa, NULL, txg, EBUSY));
6350 ASSERT(pvd->vdev_children >= 2);
6353 * If we are detaching the second disk from a replacing vdev, then
6354 * check to see if we changed the original vdev's path to have "/old"
6355 * at the end in spa_vdev_attach(). If so, undo that change now.
6357 if (pvd->vdev_ops == &vdev_replacing_ops && vd->vdev_id > 0 &&
6358 vd->vdev_path != NULL) {
6359 size_t len = strlen(vd->vdev_path);
6361 for (int c = 0; c < pvd->vdev_children; c++) {
6362 cvd = pvd->vdev_child[c];
6364 if (cvd == vd || cvd->vdev_path == NULL)
6367 if (strncmp(cvd->vdev_path, vd->vdev_path, len) == 0 &&
6368 strcmp(cvd->vdev_path + len, "/old") == 0) {
6369 spa_strfree(cvd->vdev_path);
6370 cvd->vdev_path = spa_strdup(vd->vdev_path);
6377 * If we are detaching the original disk from a spare, then it implies
6378 * that the spare should become a real disk, and be removed from the
6379 * active spare list for the pool.
6381 if (pvd->vdev_ops == &vdev_spare_ops &&
6383 pvd->vdev_child[pvd->vdev_children - 1]->vdev_isspare)
6387 * Erase the disk labels so the disk can be used for other things.
6388 * This must be done after all other error cases are handled,
6389 * but before we disembowel vd (so we can still do I/O to it).
6390 * But if we can't do it, don't treat the error as fatal --
6391 * it may be that the unwritability of the disk is the reason
6392 * it's being detached!
6394 error = vdev_label_init(vd, 0, VDEV_LABEL_REMOVE);
6397 * Remove vd from its parent and compact the parent's children.
6399 vdev_remove_child(pvd, vd);
6400 vdev_compact_children(pvd);
6403 * Remember one of the remaining children so we can get tvd below.
6405 cvd = pvd->vdev_child[pvd->vdev_children - 1];
6408 * If we need to remove the remaining child from the list of hot spares,
6409 * do it now, marking the vdev as no longer a spare in the process.
6410 * We must do this before vdev_remove_parent(), because that can
6411 * change the GUID if it creates a new toplevel GUID. For a similar
6412 * reason, we must remove the spare now, in the same txg as the detach;
6413 * otherwise someone could attach a new sibling, change the GUID, and
6414 * the subsequent attempt to spa_vdev_remove(unspare_guid) would fail.
6417 ASSERT(cvd->vdev_isspare);
6418 spa_spare_remove(cvd);
6419 unspare_guid = cvd->vdev_guid;
6420 (void) spa_vdev_remove(spa, unspare_guid, B_TRUE);
6421 cvd->vdev_unspare = B_TRUE;
6425 * If the parent mirror/replacing vdev only has one child,
6426 * the parent is no longer needed. Remove it from the tree.
6428 if (pvd->vdev_children == 1) {
6429 if (pvd->vdev_ops == &vdev_spare_ops)
6430 cvd->vdev_unspare = B_FALSE;
6431 vdev_remove_parent(cvd);
6436 * We don't set tvd until now because the parent we just removed
6437 * may have been the previous top-level vdev.
6439 tvd = cvd->vdev_top;
6440 ASSERT(tvd->vdev_parent == rvd);
6443 * Reevaluate the parent vdev state.
6445 vdev_propagate_state(cvd);
6448 * If the 'autoexpand' property is set on the pool then automatically
6449 * try to expand the size of the pool. For example if the device we
6450 * just detached was smaller than the others, it may be possible to
6451 * add metaslabs (i.e. grow the pool). We need to reopen the vdev
6452 * first so that we can obtain the updated sizes of the leaf vdevs.
6454 if (spa->spa_autoexpand) {
6456 vdev_expand(tvd, txg);
6459 vdev_config_dirty(tvd);
6462 * Mark vd's DTL as dirty in this txg. vdev_dtl_sync() will see that
6463 * vd->vdev_detached is set and free vd's DTL object in syncing context.
6464 * But first make sure we're not on any *other* txg's DTL list, to
6465 * prevent vd from being accessed after it's freed.
6467 vdpath = spa_strdup(vd->vdev_path);
6468 for (int t = 0; t < TXG_SIZE; t++)
6469 (void) txg_list_remove_this(&tvd->vdev_dtl_list, vd, t);
6470 vd->vdev_detached = B_TRUE;
6471 vdev_dirty(tvd, VDD_DTL, vd, txg);
6473 spa_event_notify(spa, vd, NULL, ESC_ZFS_VDEV_REMOVE);
6475 /* hang on to the spa before we release the lock */
6476 spa_open_ref(spa, FTAG);
6478 error = spa_vdev_exit(spa, vd, txg, 0);
6480 spa_history_log_internal(spa, "detach", NULL,
6482 spa_strfree(vdpath);
6485 * If this was the removal of the original device in a hot spare vdev,
6486 * then we want to go through and remove the device from the hot spare
6487 * list of every other pool.
6490 spa_t *altspa = NULL;
6492 mutex_enter(&spa_namespace_lock);
6493 while ((altspa = spa_next(altspa)) != NULL) {
6494 if (altspa->spa_state != POOL_STATE_ACTIVE ||
6498 spa_open_ref(altspa, FTAG);
6499 mutex_exit(&spa_namespace_lock);
6500 (void) spa_vdev_remove(altspa, unspare_guid, B_TRUE);
6501 mutex_enter(&spa_namespace_lock);
6502 spa_close(altspa, FTAG);
6504 mutex_exit(&spa_namespace_lock);
6506 /* search the rest of the vdevs for spares to remove */
6507 spa_vdev_resilver_done(spa);
6510 /* all done with the spa; OK to release */
6511 mutex_enter(&spa_namespace_lock);
6512 spa_close(spa, FTAG);
6513 mutex_exit(&spa_namespace_lock);
6519 spa_vdev_initialize(spa_t *spa, uint64_t guid, uint64_t cmd_type)
6522 * We hold the namespace lock through the whole function
6523 * to prevent any changes to the pool while we're starting or
6524 * stopping initialization. The config and state locks are held so that
6525 * we can properly assess the vdev state before we commit to
6526 * the initializing operation.
6528 mutex_enter(&spa_namespace_lock);
6529 spa_config_enter(spa, SCL_CONFIG | SCL_STATE, FTAG, RW_READER);
6531 /* Look up vdev and ensure it's a leaf. */
6532 vdev_t *vd = spa_lookup_by_guid(spa, guid, B_FALSE);
6533 if (vd == NULL || vd->vdev_detached) {
6534 spa_config_exit(spa, SCL_CONFIG | SCL_STATE, FTAG);
6535 mutex_exit(&spa_namespace_lock);
6536 return (SET_ERROR(ENODEV));
6537 } else if (!vd->vdev_ops->vdev_op_leaf || !vdev_is_concrete(vd)) {
6538 spa_config_exit(spa, SCL_CONFIG | SCL_STATE, FTAG);
6539 mutex_exit(&spa_namespace_lock);
6540 return (SET_ERROR(EINVAL));
6541 } else if (!vdev_writeable(vd)) {
6542 spa_config_exit(spa, SCL_CONFIG | SCL_STATE, FTAG);
6543 mutex_exit(&spa_namespace_lock);
6544 return (SET_ERROR(EROFS));
6546 mutex_enter(&vd->vdev_initialize_lock);
6547 spa_config_exit(spa, SCL_CONFIG | SCL_STATE, FTAG);
6550 * When we activate an initialize action we check to see
6551 * if the vdev_initialize_thread is NULL. We do this instead
6552 * of using the vdev_initialize_state since there might be
6553 * a previous initialization process which has completed but
6554 * the thread is not exited.
6556 if (cmd_type == POOL_INITIALIZE_DO &&
6557 (vd->vdev_initialize_thread != NULL ||
6558 vd->vdev_top->vdev_removing)) {
6559 mutex_exit(&vd->vdev_initialize_lock);
6560 mutex_exit(&spa_namespace_lock);
6561 return (SET_ERROR(EBUSY));
6562 } else if (cmd_type == POOL_INITIALIZE_CANCEL &&
6563 (vd->vdev_initialize_state != VDEV_INITIALIZE_ACTIVE &&
6564 vd->vdev_initialize_state != VDEV_INITIALIZE_SUSPENDED)) {
6565 mutex_exit(&vd->vdev_initialize_lock);
6566 mutex_exit(&spa_namespace_lock);
6567 return (SET_ERROR(ESRCH));
6568 } else if (cmd_type == POOL_INITIALIZE_SUSPEND &&
6569 vd->vdev_initialize_state != VDEV_INITIALIZE_ACTIVE) {
6570 mutex_exit(&vd->vdev_initialize_lock);
6571 mutex_exit(&spa_namespace_lock);
6572 return (SET_ERROR(ESRCH));
6576 case POOL_INITIALIZE_DO:
6577 vdev_initialize(vd);
6579 case POOL_INITIALIZE_CANCEL:
6580 vdev_initialize_stop(vd, VDEV_INITIALIZE_CANCELED);
6582 case POOL_INITIALIZE_SUSPEND:
6583 vdev_initialize_stop(vd, VDEV_INITIALIZE_SUSPENDED);
6586 panic("invalid cmd_type %llu", (unsigned long long)cmd_type);
6588 mutex_exit(&vd->vdev_initialize_lock);
6590 /* Sync out the initializing state */
6591 txg_wait_synced(spa->spa_dsl_pool, 0);
6592 mutex_exit(&spa_namespace_lock);
6599 * Split a set of devices from their mirrors, and create a new pool from them.
6602 spa_vdev_split_mirror(spa_t *spa, char *newname, nvlist_t *config,
6603 nvlist_t *props, boolean_t exp)
6606 uint64_t txg, *glist;
6608 uint_t c, children, lastlog;
6609 nvlist_t **child, *nvl, *tmp;
6611 char *altroot = NULL;
6612 vdev_t *rvd, **vml = NULL; /* vdev modify list */
6613 boolean_t activate_slog;
6615 ASSERT(spa_writeable(spa));
6617 txg = spa_vdev_enter(spa);
6619 ASSERT(MUTEX_HELD(&spa_namespace_lock));
6620 if (spa_feature_is_active(spa, SPA_FEATURE_POOL_CHECKPOINT)) {
6621 error = (spa_has_checkpoint(spa)) ?
6622 ZFS_ERR_CHECKPOINT_EXISTS : ZFS_ERR_DISCARDING_CHECKPOINT;
6623 return (spa_vdev_exit(spa, NULL, txg, error));
6626 /* clear the log and flush everything up to now */
6627 activate_slog = spa_passivate_log(spa);
6628 (void) spa_vdev_config_exit(spa, NULL, txg, 0, FTAG);
6629 error = spa_reset_logs(spa);
6630 txg = spa_vdev_config_enter(spa);
6633 spa_activate_log(spa);
6636 return (spa_vdev_exit(spa, NULL, txg, error));
6638 /* check new spa name before going any further */
6639 if (spa_lookup(newname) != NULL)
6640 return (spa_vdev_exit(spa, NULL, txg, EEXIST));
6643 * scan through all the children to ensure they're all mirrors
6645 if (nvlist_lookup_nvlist(config, ZPOOL_CONFIG_VDEV_TREE, &nvl) != 0 ||
6646 nvlist_lookup_nvlist_array(nvl, ZPOOL_CONFIG_CHILDREN, &child,
6648 return (spa_vdev_exit(spa, NULL, txg, EINVAL));
6650 /* first, check to ensure we've got the right child count */
6651 rvd = spa->spa_root_vdev;
6653 for (c = 0; c < rvd->vdev_children; c++) {
6654 vdev_t *vd = rvd->vdev_child[c];
6656 /* don't count the holes & logs as children */
6657 if (vd->vdev_islog || !vdev_is_concrete(vd)) {
6665 if (children != (lastlog != 0 ? lastlog : rvd->vdev_children))
6666 return (spa_vdev_exit(spa, NULL, txg, EINVAL));
6668 /* next, ensure no spare or cache devices are part of the split */
6669 if (nvlist_lookup_nvlist(nvl, ZPOOL_CONFIG_SPARES, &tmp) == 0 ||
6670 nvlist_lookup_nvlist(nvl, ZPOOL_CONFIG_L2CACHE, &tmp) == 0)
6671 return (spa_vdev_exit(spa, NULL, txg, EINVAL));
6673 vml = kmem_zalloc(children * sizeof (vdev_t *), KM_SLEEP);
6674 glist = kmem_zalloc(children * sizeof (uint64_t), KM_SLEEP);
6676 /* then, loop over each vdev and validate it */
6677 for (c = 0; c < children; c++) {
6678 uint64_t is_hole = 0;
6680 (void) nvlist_lookup_uint64(child[c], ZPOOL_CONFIG_IS_HOLE,
6684 if (spa->spa_root_vdev->vdev_child[c]->vdev_ishole ||
6685 spa->spa_root_vdev->vdev_child[c]->vdev_islog) {
6688 error = SET_ERROR(EINVAL);
6693 /* which disk is going to be split? */
6694 if (nvlist_lookup_uint64(child[c], ZPOOL_CONFIG_GUID,
6696 error = SET_ERROR(EINVAL);
6700 /* look it up in the spa */
6701 vml[c] = spa_lookup_by_guid(spa, glist[c], B_FALSE);
6702 if (vml[c] == NULL) {
6703 error = SET_ERROR(ENODEV);
6707 /* make sure there's nothing stopping the split */
6708 if (vml[c]->vdev_parent->vdev_ops != &vdev_mirror_ops ||
6709 vml[c]->vdev_islog ||
6710 !vdev_is_concrete(vml[c]) ||
6711 vml[c]->vdev_isspare ||
6712 vml[c]->vdev_isl2cache ||
6713 !vdev_writeable(vml[c]) ||
6714 vml[c]->vdev_children != 0 ||
6715 vml[c]->vdev_state != VDEV_STATE_HEALTHY ||
6716 c != spa->spa_root_vdev->vdev_child[c]->vdev_id) {
6717 error = SET_ERROR(EINVAL);
6721 if (vdev_dtl_required(vml[c])) {
6722 error = SET_ERROR(EBUSY);
6726 /* we need certain info from the top level */
6727 VERIFY(nvlist_add_uint64(child[c], ZPOOL_CONFIG_METASLAB_ARRAY,
6728 vml[c]->vdev_top->vdev_ms_array) == 0);
6729 VERIFY(nvlist_add_uint64(child[c], ZPOOL_CONFIG_METASLAB_SHIFT,
6730 vml[c]->vdev_top->vdev_ms_shift) == 0);
6731 VERIFY(nvlist_add_uint64(child[c], ZPOOL_CONFIG_ASIZE,
6732 vml[c]->vdev_top->vdev_asize) == 0);
6733 VERIFY(nvlist_add_uint64(child[c], ZPOOL_CONFIG_ASHIFT,
6734 vml[c]->vdev_top->vdev_ashift) == 0);
6736 /* transfer per-vdev ZAPs */
6737 ASSERT3U(vml[c]->vdev_leaf_zap, !=, 0);
6738 VERIFY0(nvlist_add_uint64(child[c],
6739 ZPOOL_CONFIG_VDEV_LEAF_ZAP, vml[c]->vdev_leaf_zap));
6741 ASSERT3U(vml[c]->vdev_top->vdev_top_zap, !=, 0);
6742 VERIFY0(nvlist_add_uint64(child[c],
6743 ZPOOL_CONFIG_VDEV_TOP_ZAP,
6744 vml[c]->vdev_parent->vdev_top_zap));
6748 kmem_free(vml, children * sizeof (vdev_t *));
6749 kmem_free(glist, children * sizeof (uint64_t));
6750 return (spa_vdev_exit(spa, NULL, txg, error));
6753 /* stop writers from using the disks */
6754 for (c = 0; c < children; c++) {
6756 vml[c]->vdev_offline = B_TRUE;
6758 vdev_reopen(spa->spa_root_vdev);
6761 * Temporarily record the splitting vdevs in the spa config. This
6762 * will disappear once the config is regenerated.
6764 VERIFY(nvlist_alloc(&nvl, NV_UNIQUE_NAME, KM_SLEEP) == 0);
6765 VERIFY(nvlist_add_uint64_array(nvl, ZPOOL_CONFIG_SPLIT_LIST,
6766 glist, children) == 0);
6767 kmem_free(glist, children * sizeof (uint64_t));
6769 mutex_enter(&spa->spa_props_lock);
6770 VERIFY(nvlist_add_nvlist(spa->spa_config, ZPOOL_CONFIG_SPLIT,
6772 mutex_exit(&spa->spa_props_lock);
6773 spa->spa_config_splitting = nvl;
6774 vdev_config_dirty(spa->spa_root_vdev);
6776 /* configure and create the new pool */
6777 VERIFY(nvlist_add_string(config, ZPOOL_CONFIG_POOL_NAME, newname) == 0);
6778 VERIFY(nvlist_add_uint64(config, ZPOOL_CONFIG_POOL_STATE,
6779 exp ? POOL_STATE_EXPORTED : POOL_STATE_ACTIVE) == 0);
6780 VERIFY(nvlist_add_uint64(config, ZPOOL_CONFIG_VERSION,
6781 spa_version(spa)) == 0);
6782 VERIFY(nvlist_add_uint64(config, ZPOOL_CONFIG_POOL_TXG,
6783 spa->spa_config_txg) == 0);
6784 VERIFY(nvlist_add_uint64(config, ZPOOL_CONFIG_POOL_GUID,
6785 spa_generate_guid(NULL)) == 0);
6786 VERIFY0(nvlist_add_boolean(config, ZPOOL_CONFIG_HAS_PER_VDEV_ZAPS));
6787 (void) nvlist_lookup_string(props,
6788 zpool_prop_to_name(ZPOOL_PROP_ALTROOT), &altroot);
6790 /* add the new pool to the namespace */
6791 newspa = spa_add(newname, config, altroot);
6792 newspa->spa_avz_action = AVZ_ACTION_REBUILD;
6793 newspa->spa_config_txg = spa->spa_config_txg;
6794 spa_set_log_state(newspa, SPA_LOG_CLEAR);
6796 /* release the spa config lock, retaining the namespace lock */
6797 spa_vdev_config_exit(spa, NULL, txg, 0, FTAG);
6799 if (zio_injection_enabled)
6800 zio_handle_panic_injection(spa, FTAG, 1);
6802 spa_activate(newspa, spa_mode_global);
6803 spa_async_suspend(newspa);
6805 for (c = 0; c < children; c++) {
6806 if (vml[c] != NULL) {
6808 * Temporarily stop the initializing activity. We set
6809 * the state to ACTIVE so that we know to resume
6810 * the initializing once the split has completed.
6812 mutex_enter(&vml[c]->vdev_initialize_lock);
6813 vdev_initialize_stop(vml[c], VDEV_INITIALIZE_ACTIVE);
6814 mutex_exit(&vml[c]->vdev_initialize_lock);
6819 /* mark that we are creating new spa by splitting */
6820 newspa->spa_splitting_newspa = B_TRUE;
6822 newspa->spa_config_source = SPA_CONFIG_SRC_SPLIT;
6824 /* create the new pool from the disks of the original pool */
6825 error = spa_load(newspa, SPA_LOAD_IMPORT, SPA_IMPORT_ASSEMBLE);
6827 newspa->spa_splitting_newspa = B_FALSE;
6832 /* if that worked, generate a real config for the new pool */
6833 if (newspa->spa_root_vdev != NULL) {
6834 VERIFY(nvlist_alloc(&newspa->spa_config_splitting,
6835 NV_UNIQUE_NAME, KM_SLEEP) == 0);
6836 VERIFY(nvlist_add_uint64(newspa->spa_config_splitting,
6837 ZPOOL_CONFIG_SPLIT_GUID, spa_guid(spa)) == 0);
6838 spa_config_set(newspa, spa_config_generate(newspa, NULL, -1ULL,
6843 if (props != NULL) {
6844 spa_configfile_set(newspa, props, B_FALSE);
6845 error = spa_prop_set(newspa, props);
6850 /* flush everything */
6851 txg = spa_vdev_config_enter(newspa);
6852 vdev_config_dirty(newspa->spa_root_vdev);
6853 (void) spa_vdev_config_exit(newspa, NULL, txg, 0, FTAG);
6855 if (zio_injection_enabled)
6856 zio_handle_panic_injection(spa, FTAG, 2);
6858 spa_async_resume(newspa);
6860 /* finally, update the original pool's config */
6861 txg = spa_vdev_config_enter(spa);
6862 tx = dmu_tx_create_dd(spa_get_dsl(spa)->dp_mos_dir);
6863 error = dmu_tx_assign(tx, TXG_WAIT);
6866 for (c = 0; c < children; c++) {
6867 if (vml[c] != NULL) {
6870 spa_history_log_internal(spa, "detach", tx,
6871 "vdev=%s", vml[c]->vdev_path);
6876 spa->spa_avz_action = AVZ_ACTION_REBUILD;
6877 vdev_config_dirty(spa->spa_root_vdev);
6878 spa->spa_config_splitting = NULL;
6882 (void) spa_vdev_exit(spa, NULL, txg, 0);
6884 if (zio_injection_enabled)
6885 zio_handle_panic_injection(spa, FTAG, 3);
6887 /* split is complete; log a history record */
6888 spa_history_log_internal(newspa, "split", NULL,
6889 "from pool %s", spa_name(spa));
6891 kmem_free(vml, children * sizeof (vdev_t *));
6893 /* if we're not going to mount the filesystems in userland, export */
6895 error = spa_export_common(newname, POOL_STATE_EXPORTED, NULL,
6902 spa_deactivate(newspa);
6905 txg = spa_vdev_config_enter(spa);
6907 /* re-online all offlined disks */
6908 for (c = 0; c < children; c++) {
6910 vml[c]->vdev_offline = B_FALSE;
6913 /* restart initializing disks as necessary */
6914 spa_async_request(spa, SPA_ASYNC_INITIALIZE_RESTART);
6916 vdev_reopen(spa->spa_root_vdev);
6918 nvlist_free(spa->spa_config_splitting);
6919 spa->spa_config_splitting = NULL;
6920 (void) spa_vdev_exit(spa, NULL, txg, error);
6922 kmem_free(vml, children * sizeof (vdev_t *));
6927 * Find any device that's done replacing, or a vdev marked 'unspare' that's
6928 * currently spared, so we can detach it.
6931 spa_vdev_resilver_done_hunt(vdev_t *vd)
6933 vdev_t *newvd, *oldvd;
6935 for (int c = 0; c < vd->vdev_children; c++) {
6936 oldvd = spa_vdev_resilver_done_hunt(vd->vdev_child[c]);
6942 * Check for a completed replacement. We always consider the first
6943 * vdev in the list to be the oldest vdev, and the last one to be
6944 * the newest (see spa_vdev_attach() for how that works). In
6945 * the case where the newest vdev is faulted, we will not automatically
6946 * remove it after a resilver completes. This is OK as it will require
6947 * user intervention to determine which disk the admin wishes to keep.
6949 if (vd->vdev_ops == &vdev_replacing_ops) {
6950 ASSERT(vd->vdev_children > 1);
6952 newvd = vd->vdev_child[vd->vdev_children - 1];
6953 oldvd = vd->vdev_child[0];
6955 if (vdev_dtl_empty(newvd, DTL_MISSING) &&
6956 vdev_dtl_empty(newvd, DTL_OUTAGE) &&
6957 !vdev_dtl_required(oldvd))
6962 * Check for a completed resilver with the 'unspare' flag set.
6963 * Also potentially update faulted state.
6965 if (vd->vdev_ops == &vdev_spare_ops) {
6966 vdev_t *first = vd->vdev_child[0];
6967 vdev_t *last = vd->vdev_child[vd->vdev_children - 1];
6969 if (last->vdev_unspare) {
6972 } else if (first->vdev_unspare) {
6979 if (oldvd != NULL &&
6980 vdev_dtl_empty(newvd, DTL_MISSING) &&
6981 vdev_dtl_empty(newvd, DTL_OUTAGE) &&
6982 !vdev_dtl_required(oldvd))
6985 vdev_propagate_state(vd);
6988 * If there are more than two spares attached to a disk,
6989 * and those spares are not required, then we want to
6990 * attempt to free them up now so that they can be used
6991 * by other pools. Once we're back down to a single
6992 * disk+spare, we stop removing them.
6994 if (vd->vdev_children > 2) {
6995 newvd = vd->vdev_child[1];
6997 if (newvd->vdev_isspare && last->vdev_isspare &&
6998 vdev_dtl_empty(last, DTL_MISSING) &&
6999 vdev_dtl_empty(last, DTL_OUTAGE) &&
7000 !vdev_dtl_required(newvd))
7009 spa_vdev_resilver_done(spa_t *spa)
7011 vdev_t *vd, *pvd, *ppvd;
7012 uint64_t guid, sguid, pguid, ppguid;
7014 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
7016 while ((vd = spa_vdev_resilver_done_hunt(spa->spa_root_vdev)) != NULL) {
7017 pvd = vd->vdev_parent;
7018 ppvd = pvd->vdev_parent;
7019 guid = vd->vdev_guid;
7020 pguid = pvd->vdev_guid;
7021 ppguid = ppvd->vdev_guid;
7024 * If we have just finished replacing a hot spared device, then
7025 * we need to detach the parent's first child (the original hot
7028 if (ppvd->vdev_ops == &vdev_spare_ops && pvd->vdev_id == 0 &&
7029 ppvd->vdev_children == 2) {
7030 ASSERT(pvd->vdev_ops == &vdev_replacing_ops);
7031 sguid = ppvd->vdev_child[1]->vdev_guid;
7033 ASSERT(vd->vdev_resilver_txg == 0 || !vdev_dtl_required(vd));
7035 spa_config_exit(spa, SCL_ALL, FTAG);
7036 if (spa_vdev_detach(spa, guid, pguid, B_TRUE) != 0)
7038 if (sguid && spa_vdev_detach(spa, sguid, ppguid, B_TRUE) != 0)
7040 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
7043 spa_config_exit(spa, SCL_ALL, FTAG);
7047 * Update the stored path or FRU for this vdev.
7050 spa_vdev_set_common(spa_t *spa, uint64_t guid, const char *value,
7054 boolean_t sync = B_FALSE;
7056 ASSERT(spa_writeable(spa));
7058 spa_vdev_state_enter(spa, SCL_ALL);
7060 if ((vd = spa_lookup_by_guid(spa, guid, B_TRUE)) == NULL)
7061 return (spa_vdev_state_exit(spa, NULL, ENOENT));
7063 if (!vd->vdev_ops->vdev_op_leaf)
7064 return (spa_vdev_state_exit(spa, NULL, ENOTSUP));
7067 if (strcmp(value, vd->vdev_path) != 0) {
7068 spa_strfree(vd->vdev_path);
7069 vd->vdev_path = spa_strdup(value);
7073 if (vd->vdev_fru == NULL) {
7074 vd->vdev_fru = spa_strdup(value);
7076 } else if (strcmp(value, vd->vdev_fru) != 0) {
7077 spa_strfree(vd->vdev_fru);
7078 vd->vdev_fru = spa_strdup(value);
7083 return (spa_vdev_state_exit(spa, sync ? vd : NULL, 0));
7087 spa_vdev_setpath(spa_t *spa, uint64_t guid, const char *newpath)
7089 return (spa_vdev_set_common(spa, guid, newpath, B_TRUE));
7093 spa_vdev_setfru(spa_t *spa, uint64_t guid, const char *newfru)
7095 return (spa_vdev_set_common(spa, guid, newfru, B_FALSE));
7099 * ==========================================================================
7101 * ==========================================================================
7104 spa_scrub_pause_resume(spa_t *spa, pool_scrub_cmd_t cmd)
7106 ASSERT(spa_config_held(spa, SCL_ALL, RW_WRITER) == 0);
7108 if (dsl_scan_resilvering(spa->spa_dsl_pool))
7109 return (SET_ERROR(EBUSY));
7111 return (dsl_scrub_set_pause_resume(spa->spa_dsl_pool, cmd));
7115 spa_scan_stop(spa_t *spa)
7117 ASSERT(spa_config_held(spa, SCL_ALL, RW_WRITER) == 0);
7118 if (dsl_scan_resilvering(spa->spa_dsl_pool))
7119 return (SET_ERROR(EBUSY));
7120 return (dsl_scan_cancel(spa->spa_dsl_pool));
7124 spa_scan(spa_t *spa, pool_scan_func_t func)
7126 ASSERT(spa_config_held(spa, SCL_ALL, RW_WRITER) == 0);
7128 if (func >= POOL_SCAN_FUNCS || func == POOL_SCAN_NONE)
7129 return (SET_ERROR(ENOTSUP));
7132 * If a resilver was requested, but there is no DTL on a
7133 * writeable leaf device, we have nothing to do.
7135 if (func == POOL_SCAN_RESILVER &&
7136 !vdev_resilver_needed(spa->spa_root_vdev, NULL, NULL)) {
7137 spa_async_request(spa, SPA_ASYNC_RESILVER_DONE);
7141 return (dsl_scan(spa->spa_dsl_pool, func));
7145 * ==========================================================================
7146 * SPA async task processing
7147 * ==========================================================================
7151 spa_async_remove(spa_t *spa, vdev_t *vd)
7153 if (vd->vdev_remove_wanted) {
7154 vd->vdev_remove_wanted = B_FALSE;
7155 vd->vdev_delayed_close = B_FALSE;
7156 vdev_set_state(vd, B_FALSE, VDEV_STATE_REMOVED, VDEV_AUX_NONE);
7159 * We want to clear the stats, but we don't want to do a full
7160 * vdev_clear() as that will cause us to throw away
7161 * degraded/faulted state as well as attempt to reopen the
7162 * device, all of which is a waste.
7164 vd->vdev_stat.vs_read_errors = 0;
7165 vd->vdev_stat.vs_write_errors = 0;
7166 vd->vdev_stat.vs_checksum_errors = 0;
7168 vdev_state_dirty(vd->vdev_top);
7169 /* Tell userspace that the vdev is gone. */
7170 zfs_post_remove(spa, vd);
7173 for (int c = 0; c < vd->vdev_children; c++)
7174 spa_async_remove(spa, vd->vdev_child[c]);
7178 spa_async_probe(spa_t *spa, vdev_t *vd)
7180 if (vd->vdev_probe_wanted) {
7181 vd->vdev_probe_wanted = B_FALSE;
7182 vdev_reopen(vd); /* vdev_open() does the actual probe */
7185 for (int c = 0; c < vd->vdev_children; c++)
7186 spa_async_probe(spa, vd->vdev_child[c]);
7190 spa_async_autoexpand(spa_t *spa, vdev_t *vd)
7196 if (!spa->spa_autoexpand)
7199 for (int c = 0; c < vd->vdev_children; c++) {
7200 vdev_t *cvd = vd->vdev_child[c];
7201 spa_async_autoexpand(spa, cvd);
7204 if (!vd->vdev_ops->vdev_op_leaf || vd->vdev_physpath == NULL)
7207 physpath = kmem_zalloc(MAXPATHLEN, KM_SLEEP);
7208 (void) snprintf(physpath, MAXPATHLEN, "/devices%s", vd->vdev_physpath);
7210 VERIFY(nvlist_alloc(&attr, NV_UNIQUE_NAME, KM_SLEEP) == 0);
7211 VERIFY(nvlist_add_string(attr, DEV_PHYS_PATH, physpath) == 0);
7213 (void) ddi_log_sysevent(zfs_dip, SUNW_VENDOR, EC_DEV_STATUS,
7214 ESC_ZFS_VDEV_AUTOEXPAND, attr, &eid, DDI_SLEEP);
7217 kmem_free(physpath, MAXPATHLEN);
7221 spa_async_thread(void *arg)
7223 spa_t *spa = (spa_t *)arg;
7226 ASSERT(spa->spa_sync_on);
7228 mutex_enter(&spa->spa_async_lock);
7229 tasks = spa->spa_async_tasks;
7230 spa->spa_async_tasks &= SPA_ASYNC_REMOVE;
7231 mutex_exit(&spa->spa_async_lock);
7234 * See if the config needs to be updated.
7236 if (tasks & SPA_ASYNC_CONFIG_UPDATE) {
7237 uint64_t old_space, new_space;
7239 mutex_enter(&spa_namespace_lock);
7240 old_space = metaslab_class_get_space(spa_normal_class(spa));
7241 spa_config_update(spa, SPA_CONFIG_UPDATE_POOL);
7242 new_space = metaslab_class_get_space(spa_normal_class(spa));
7243 mutex_exit(&spa_namespace_lock);
7246 * If the pool grew as a result of the config update,
7247 * then log an internal history event.
7249 if (new_space != old_space) {
7250 spa_history_log_internal(spa, "vdev online", NULL,
7251 "pool '%s' size: %llu(+%llu)",
7252 spa_name(spa), new_space, new_space - old_space);
7256 if ((tasks & SPA_ASYNC_AUTOEXPAND) && !spa_suspended(spa)) {
7257 spa_config_enter(spa, SCL_CONFIG, FTAG, RW_READER);
7258 spa_async_autoexpand(spa, spa->spa_root_vdev);
7259 spa_config_exit(spa, SCL_CONFIG, FTAG);
7263 * See if any devices need to be probed.
7265 if (tasks & SPA_ASYNC_PROBE) {
7266 spa_vdev_state_enter(spa, SCL_NONE);
7267 spa_async_probe(spa, spa->spa_root_vdev);
7268 (void) spa_vdev_state_exit(spa, NULL, 0);
7272 * If any devices are done replacing, detach them.
7274 if (tasks & SPA_ASYNC_RESILVER_DONE)
7275 spa_vdev_resilver_done(spa);
7278 * Kick off a resilver.
7280 if (tasks & SPA_ASYNC_RESILVER)
7281 dsl_resilver_restart(spa->spa_dsl_pool, 0);
7283 if (tasks & SPA_ASYNC_INITIALIZE_RESTART) {
7284 mutex_enter(&spa_namespace_lock);
7285 spa_config_enter(spa, SCL_CONFIG, FTAG, RW_READER);
7286 vdev_initialize_restart(spa->spa_root_vdev);
7287 spa_config_exit(spa, SCL_CONFIG, FTAG);
7288 mutex_exit(&spa_namespace_lock);
7292 * Let the world know that we're done.
7294 mutex_enter(&spa->spa_async_lock);
7295 spa->spa_async_thread = NULL;
7296 cv_broadcast(&spa->spa_async_cv);
7297 mutex_exit(&spa->spa_async_lock);
7302 spa_async_thread_vd(void *arg)
7307 mutex_enter(&spa->spa_async_lock);
7308 tasks = spa->spa_async_tasks;
7310 spa->spa_async_tasks &= ~SPA_ASYNC_REMOVE;
7311 mutex_exit(&spa->spa_async_lock);
7314 * See if any devices need to be marked REMOVED.
7316 if (tasks & SPA_ASYNC_REMOVE) {
7317 spa_vdev_state_enter(spa, SCL_NONE);
7318 spa_async_remove(spa, spa->spa_root_vdev);
7319 for (int i = 0; i < spa->spa_l2cache.sav_count; i++)
7320 spa_async_remove(spa, spa->spa_l2cache.sav_vdevs[i]);
7321 for (int i = 0; i < spa->spa_spares.sav_count; i++)
7322 spa_async_remove(spa, spa->spa_spares.sav_vdevs[i]);
7323 (void) spa_vdev_state_exit(spa, NULL, 0);
7327 * Let the world know that we're done.
7329 mutex_enter(&spa->spa_async_lock);
7330 tasks = spa->spa_async_tasks;
7331 if ((tasks & SPA_ASYNC_REMOVE) != 0)
7333 spa->spa_async_thread_vd = NULL;
7334 cv_broadcast(&spa->spa_async_cv);
7335 mutex_exit(&spa->spa_async_lock);
7340 spa_async_suspend(spa_t *spa)
7342 mutex_enter(&spa->spa_async_lock);
7343 spa->spa_async_suspended++;
7344 while (spa->spa_async_thread != NULL ||
7345 spa->spa_async_thread_vd != NULL)
7346 cv_wait(&spa->spa_async_cv, &spa->spa_async_lock);
7347 mutex_exit(&spa->spa_async_lock);
7349 spa_vdev_remove_suspend(spa);
7351 zthr_t *condense_thread = spa->spa_condense_zthr;
7352 if (condense_thread != NULL)
7353 zthr_cancel(condense_thread);
7355 zthr_t *discard_thread = spa->spa_checkpoint_discard_zthr;
7356 if (discard_thread != NULL)
7357 zthr_cancel(discard_thread);
7361 spa_async_resume(spa_t *spa)
7363 mutex_enter(&spa->spa_async_lock);
7364 ASSERT(spa->spa_async_suspended != 0);
7365 spa->spa_async_suspended--;
7366 mutex_exit(&spa->spa_async_lock);
7367 spa_restart_removal(spa);
7369 zthr_t *condense_thread = spa->spa_condense_zthr;
7370 if (condense_thread != NULL)
7371 zthr_resume(condense_thread);
7373 zthr_t *discard_thread = spa->spa_checkpoint_discard_zthr;
7374 if (discard_thread != NULL)
7375 zthr_resume(discard_thread);
7379 spa_async_tasks_pending(spa_t *spa)
7381 uint_t non_config_tasks;
7383 boolean_t config_task_suspended;
7385 non_config_tasks = spa->spa_async_tasks & ~(SPA_ASYNC_CONFIG_UPDATE |
7387 config_task = spa->spa_async_tasks & SPA_ASYNC_CONFIG_UPDATE;
7388 if (spa->spa_ccw_fail_time == 0) {
7389 config_task_suspended = B_FALSE;
7391 config_task_suspended =
7392 (gethrtime() - spa->spa_ccw_fail_time) <
7393 (zfs_ccw_retry_interval * NANOSEC);
7396 return (non_config_tasks || (config_task && !config_task_suspended));
7400 spa_async_dispatch(spa_t *spa)
7402 mutex_enter(&spa->spa_async_lock);
7403 if (spa_async_tasks_pending(spa) &&
7404 !spa->spa_async_suspended &&
7405 spa->spa_async_thread == NULL &&
7407 spa->spa_async_thread = thread_create(NULL, 0,
7408 spa_async_thread, spa, 0, &p0, TS_RUN, maxclsyspri);
7409 mutex_exit(&spa->spa_async_lock);
7413 spa_async_dispatch_vd(spa_t *spa)
7415 mutex_enter(&spa->spa_async_lock);
7416 if ((spa->spa_async_tasks & SPA_ASYNC_REMOVE) != 0 &&
7417 !spa->spa_async_suspended &&
7418 spa->spa_async_thread_vd == NULL &&
7420 spa->spa_async_thread_vd = thread_create(NULL, 0,
7421 spa_async_thread_vd, spa, 0, &p0, TS_RUN, maxclsyspri);
7422 mutex_exit(&spa->spa_async_lock);
7426 spa_async_request(spa_t *spa, int task)
7428 zfs_dbgmsg("spa=%s async request task=%u", spa->spa_name, task);
7429 mutex_enter(&spa->spa_async_lock);
7430 spa->spa_async_tasks |= task;
7431 mutex_exit(&spa->spa_async_lock);
7432 spa_async_dispatch_vd(spa);
7436 * ==========================================================================
7437 * SPA syncing routines
7438 * ==========================================================================
7442 bpobj_enqueue_cb(void *arg, const blkptr_t *bp, dmu_tx_t *tx)
7445 bpobj_enqueue(bpo, bp, tx);
7450 spa_free_sync_cb(void *arg, const blkptr_t *bp, dmu_tx_t *tx)
7454 zio_nowait(zio_free_sync(zio, zio->io_spa, dmu_tx_get_txg(tx), bp,
7455 BP_GET_PSIZE(bp), zio->io_flags));
7460 * Note: this simple function is not inlined to make it easier to dtrace the
7461 * amount of time spent syncing frees.
7464 spa_sync_frees(spa_t *spa, bplist_t *bpl, dmu_tx_t *tx)
7466 zio_t *zio = zio_root(spa, NULL, NULL, 0);
7467 bplist_iterate(bpl, spa_free_sync_cb, zio, tx);
7468 VERIFY(zio_wait(zio) == 0);
7472 * Note: this simple function is not inlined to make it easier to dtrace the
7473 * amount of time spent syncing deferred frees.
7476 spa_sync_deferred_frees(spa_t *spa, dmu_tx_t *tx)
7478 zio_t *zio = zio_root(spa, NULL, NULL, 0);
7479 VERIFY3U(bpobj_iterate(&spa->spa_deferred_bpobj,
7480 spa_free_sync_cb, zio, tx), ==, 0);
7481 VERIFY0(zio_wait(zio));
7486 spa_sync_nvlist(spa_t *spa, uint64_t obj, nvlist_t *nv, dmu_tx_t *tx)
7488 char *packed = NULL;
7493 VERIFY(nvlist_size(nv, &nvsize, NV_ENCODE_XDR) == 0);
7496 * Write full (SPA_CONFIG_BLOCKSIZE) blocks of configuration
7497 * information. This avoids the dmu_buf_will_dirty() path and
7498 * saves us a pre-read to get data we don't actually care about.
7500 bufsize = P2ROUNDUP((uint64_t)nvsize, SPA_CONFIG_BLOCKSIZE);
7501 packed = kmem_alloc(bufsize, KM_SLEEP);
7503 VERIFY(nvlist_pack(nv, &packed, &nvsize, NV_ENCODE_XDR,
7505 bzero(packed + nvsize, bufsize - nvsize);
7507 dmu_write(spa->spa_meta_objset, obj, 0, bufsize, packed, tx);
7509 kmem_free(packed, bufsize);
7511 VERIFY(0 == dmu_bonus_hold(spa->spa_meta_objset, obj, FTAG, &db));
7512 dmu_buf_will_dirty(db, tx);
7513 *(uint64_t *)db->db_data = nvsize;
7514 dmu_buf_rele(db, FTAG);
7518 spa_sync_aux_dev(spa_t *spa, spa_aux_vdev_t *sav, dmu_tx_t *tx,
7519 const char *config, const char *entry)
7529 * Update the MOS nvlist describing the list of available devices.
7530 * spa_validate_aux() will have already made sure this nvlist is
7531 * valid and the vdevs are labeled appropriately.
7533 if (sav->sav_object == 0) {
7534 sav->sav_object = dmu_object_alloc(spa->spa_meta_objset,
7535 DMU_OT_PACKED_NVLIST, 1 << 14, DMU_OT_PACKED_NVLIST_SIZE,
7536 sizeof (uint64_t), tx);
7537 VERIFY(zap_update(spa->spa_meta_objset,
7538 DMU_POOL_DIRECTORY_OBJECT, entry, sizeof (uint64_t), 1,
7539 &sav->sav_object, tx) == 0);
7542 VERIFY(nvlist_alloc(&nvroot, NV_UNIQUE_NAME, KM_SLEEP) == 0);
7543 if (sav->sav_count == 0) {
7544 VERIFY(nvlist_add_nvlist_array(nvroot, config, NULL, 0) == 0);
7546 list = kmem_alloc(sav->sav_count * sizeof (void *), KM_SLEEP);
7547 for (i = 0; i < sav->sav_count; i++)
7548 list[i] = vdev_config_generate(spa, sav->sav_vdevs[i],
7549 B_FALSE, VDEV_CONFIG_L2CACHE);
7550 VERIFY(nvlist_add_nvlist_array(nvroot, config, list,
7551 sav->sav_count) == 0);
7552 for (i = 0; i < sav->sav_count; i++)
7553 nvlist_free(list[i]);
7554 kmem_free(list, sav->sav_count * sizeof (void *));
7557 spa_sync_nvlist(spa, sav->sav_object, nvroot, tx);
7558 nvlist_free(nvroot);
7560 sav->sav_sync = B_FALSE;
7564 * Rebuild spa's all-vdev ZAP from the vdev ZAPs indicated in each vdev_t.
7565 * The all-vdev ZAP must be empty.
7568 spa_avz_build(vdev_t *vd, uint64_t avz, dmu_tx_t *tx)
7570 spa_t *spa = vd->vdev_spa;
7571 if (vd->vdev_top_zap != 0) {
7572 VERIFY0(zap_add_int(spa->spa_meta_objset, avz,
7573 vd->vdev_top_zap, tx));
7575 if (vd->vdev_leaf_zap != 0) {
7576 VERIFY0(zap_add_int(spa->spa_meta_objset, avz,
7577 vd->vdev_leaf_zap, tx));
7579 for (uint64_t i = 0; i < vd->vdev_children; i++) {
7580 spa_avz_build(vd->vdev_child[i], avz, tx);
7585 spa_sync_config_object(spa_t *spa, dmu_tx_t *tx)
7590 * If the pool is being imported from a pre-per-vdev-ZAP version of ZFS,
7591 * its config may not be dirty but we still need to build per-vdev ZAPs.
7592 * Similarly, if the pool is being assembled (e.g. after a split), we
7593 * need to rebuild the AVZ although the config may not be dirty.
7595 if (list_is_empty(&spa->spa_config_dirty_list) &&
7596 spa->spa_avz_action == AVZ_ACTION_NONE)
7599 spa_config_enter(spa, SCL_STATE, FTAG, RW_READER);
7601 ASSERT(spa->spa_avz_action == AVZ_ACTION_NONE ||
7602 spa->spa_avz_action == AVZ_ACTION_INITIALIZE ||
7603 spa->spa_all_vdev_zaps != 0);
7605 if (spa->spa_avz_action == AVZ_ACTION_REBUILD) {
7606 /* Make and build the new AVZ */
7607 uint64_t new_avz = zap_create(spa->spa_meta_objset,
7608 DMU_OTN_ZAP_METADATA, DMU_OT_NONE, 0, tx);
7609 spa_avz_build(spa->spa_root_vdev, new_avz, tx);
7611 /* Diff old AVZ with new one */
7615 for (zap_cursor_init(&zc, spa->spa_meta_objset,
7616 spa->spa_all_vdev_zaps);
7617 zap_cursor_retrieve(&zc, &za) == 0;
7618 zap_cursor_advance(&zc)) {
7619 uint64_t vdzap = za.za_first_integer;
7620 if (zap_lookup_int(spa->spa_meta_objset, new_avz,
7623 * ZAP is listed in old AVZ but not in new one;
7626 VERIFY0(zap_destroy(spa->spa_meta_objset, vdzap,
7631 zap_cursor_fini(&zc);
7633 /* Destroy the old AVZ */
7634 VERIFY0(zap_destroy(spa->spa_meta_objset,
7635 spa->spa_all_vdev_zaps, tx));
7637 /* Replace the old AVZ in the dir obj with the new one */
7638 VERIFY0(zap_update(spa->spa_meta_objset,
7639 DMU_POOL_DIRECTORY_OBJECT, DMU_POOL_VDEV_ZAP_MAP,
7640 sizeof (new_avz), 1, &new_avz, tx));
7642 spa->spa_all_vdev_zaps = new_avz;
7643 } else if (spa->spa_avz_action == AVZ_ACTION_DESTROY) {
7647 /* Walk through the AVZ and destroy all listed ZAPs */
7648 for (zap_cursor_init(&zc, spa->spa_meta_objset,
7649 spa->spa_all_vdev_zaps);
7650 zap_cursor_retrieve(&zc, &za) == 0;
7651 zap_cursor_advance(&zc)) {
7652 uint64_t zap = za.za_first_integer;
7653 VERIFY0(zap_destroy(spa->spa_meta_objset, zap, tx));
7656 zap_cursor_fini(&zc);
7658 /* Destroy and unlink the AVZ itself */
7659 VERIFY0(zap_destroy(spa->spa_meta_objset,
7660 spa->spa_all_vdev_zaps, tx));
7661 VERIFY0(zap_remove(spa->spa_meta_objset,
7662 DMU_POOL_DIRECTORY_OBJECT, DMU_POOL_VDEV_ZAP_MAP, tx));
7663 spa->spa_all_vdev_zaps = 0;
7666 if (spa->spa_all_vdev_zaps == 0) {
7667 spa->spa_all_vdev_zaps = zap_create_link(spa->spa_meta_objset,
7668 DMU_OTN_ZAP_METADATA, DMU_POOL_DIRECTORY_OBJECT,
7669 DMU_POOL_VDEV_ZAP_MAP, tx);
7671 spa->spa_avz_action = AVZ_ACTION_NONE;
7673 /* Create ZAPs for vdevs that don't have them. */
7674 vdev_construct_zaps(spa->spa_root_vdev, tx);
7676 config = spa_config_generate(spa, spa->spa_root_vdev,
7677 dmu_tx_get_txg(tx), B_FALSE);
7680 * If we're upgrading the spa version then make sure that
7681 * the config object gets updated with the correct version.
7683 if (spa->spa_ubsync.ub_version < spa->spa_uberblock.ub_version)
7684 fnvlist_add_uint64(config, ZPOOL_CONFIG_VERSION,
7685 spa->spa_uberblock.ub_version);
7687 spa_config_exit(spa, SCL_STATE, FTAG);
7689 nvlist_free(spa->spa_config_syncing);
7690 spa->spa_config_syncing = config;
7692 spa_sync_nvlist(spa, spa->spa_config_object, config, tx);
7696 spa_sync_version(void *arg, dmu_tx_t *tx)
7698 uint64_t *versionp = arg;
7699 uint64_t version = *versionp;
7700 spa_t *spa = dmu_tx_pool(tx)->dp_spa;
7703 * Setting the version is special cased when first creating the pool.
7705 ASSERT(tx->tx_txg != TXG_INITIAL);
7707 ASSERT(SPA_VERSION_IS_SUPPORTED(version));
7708 ASSERT(version >= spa_version(spa));
7710 spa->spa_uberblock.ub_version = version;
7711 vdev_config_dirty(spa->spa_root_vdev);
7712 spa_history_log_internal(spa, "set", tx, "version=%lld", version);
7716 * Set zpool properties.
7719 spa_sync_props(void *arg, dmu_tx_t *tx)
7721 nvlist_t *nvp = arg;
7722 spa_t *spa = dmu_tx_pool(tx)->dp_spa;
7723 objset_t *mos = spa->spa_meta_objset;
7724 nvpair_t *elem = NULL;
7726 mutex_enter(&spa->spa_props_lock);
7728 while ((elem = nvlist_next_nvpair(nvp, elem))) {
7730 char *strval, *fname;
7732 const char *propname;
7733 zprop_type_t proptype;
7736 switch (prop = zpool_name_to_prop(nvpair_name(elem))) {
7737 case ZPOOL_PROP_INVAL:
7739 * We checked this earlier in spa_prop_validate().
7741 ASSERT(zpool_prop_feature(nvpair_name(elem)));
7743 fname = strchr(nvpair_name(elem), '@') + 1;
7744 VERIFY0(zfeature_lookup_name(fname, &fid));
7746 spa_feature_enable(spa, fid, tx);
7747 spa_history_log_internal(spa, "set", tx,
7748 "%s=enabled", nvpair_name(elem));
7751 case ZPOOL_PROP_VERSION:
7752 intval = fnvpair_value_uint64(elem);
7754 * The version is synced seperatly before other
7755 * properties and should be correct by now.
7757 ASSERT3U(spa_version(spa), >=, intval);
7760 case ZPOOL_PROP_ALTROOT:
7762 * 'altroot' is a non-persistent property. It should
7763 * have been set temporarily at creation or import time.
7765 ASSERT(spa->spa_root != NULL);
7768 case ZPOOL_PROP_READONLY:
7769 case ZPOOL_PROP_CACHEFILE:
7771 * 'readonly' and 'cachefile' are also non-persisitent
7775 case ZPOOL_PROP_COMMENT:
7776 strval = fnvpair_value_string(elem);
7777 if (spa->spa_comment != NULL)
7778 spa_strfree(spa->spa_comment);
7779 spa->spa_comment = spa_strdup(strval);
7781 * We need to dirty the configuration on all the vdevs
7782 * so that their labels get updated. It's unnecessary
7783 * to do this for pool creation since the vdev's
7784 * configuratoin has already been dirtied.
7786 if (tx->tx_txg != TXG_INITIAL)
7787 vdev_config_dirty(spa->spa_root_vdev);
7788 spa_history_log_internal(spa, "set", tx,
7789 "%s=%s", nvpair_name(elem), strval);
7793 * Set pool property values in the poolprops mos object.
7795 if (spa->spa_pool_props_object == 0) {
7796 spa->spa_pool_props_object =
7797 zap_create_link(mos, DMU_OT_POOL_PROPS,
7798 DMU_POOL_DIRECTORY_OBJECT, DMU_POOL_PROPS,
7802 /* normalize the property name */
7803 propname = zpool_prop_to_name(prop);
7804 proptype = zpool_prop_get_type(prop);
7806 if (nvpair_type(elem) == DATA_TYPE_STRING) {
7807 ASSERT(proptype == PROP_TYPE_STRING);
7808 strval = fnvpair_value_string(elem);
7809 VERIFY0(zap_update(mos,
7810 spa->spa_pool_props_object, propname,
7811 1, strlen(strval) + 1, strval, tx));
7812 spa_history_log_internal(spa, "set", tx,
7813 "%s=%s", nvpair_name(elem), strval);
7814 } else if (nvpair_type(elem) == DATA_TYPE_UINT64) {
7815 intval = fnvpair_value_uint64(elem);
7817 if (proptype == PROP_TYPE_INDEX) {
7819 VERIFY0(zpool_prop_index_to_string(
7820 prop, intval, &unused));
7822 VERIFY0(zap_update(mos,
7823 spa->spa_pool_props_object, propname,
7824 8, 1, &intval, tx));
7825 spa_history_log_internal(spa, "set", tx,
7826 "%s=%lld", nvpair_name(elem), intval);
7828 ASSERT(0); /* not allowed */
7832 case ZPOOL_PROP_DELEGATION:
7833 spa->spa_delegation = intval;
7835 case ZPOOL_PROP_BOOTFS:
7836 spa->spa_bootfs = intval;
7838 case ZPOOL_PROP_FAILUREMODE:
7839 spa->spa_failmode = intval;
7841 case ZPOOL_PROP_AUTOEXPAND:
7842 spa->spa_autoexpand = intval;
7843 if (tx->tx_txg != TXG_INITIAL)
7844 spa_async_request(spa,
7845 SPA_ASYNC_AUTOEXPAND);
7847 case ZPOOL_PROP_DEDUPDITTO:
7848 spa->spa_dedup_ditto = intval;
7857 mutex_exit(&spa->spa_props_lock);
7861 * Perform one-time upgrade on-disk changes. spa_version() does not
7862 * reflect the new version this txg, so there must be no changes this
7863 * txg to anything that the upgrade code depends on after it executes.
7864 * Therefore this must be called after dsl_pool_sync() does the sync
7868 spa_sync_upgrades(spa_t *spa, dmu_tx_t *tx)
7870 dsl_pool_t *dp = spa->spa_dsl_pool;
7872 ASSERT(spa->spa_sync_pass == 1);
7874 rrw_enter(&dp->dp_config_rwlock, RW_WRITER, FTAG);
7876 if (spa->spa_ubsync.ub_version < SPA_VERSION_ORIGIN &&
7877 spa->spa_uberblock.ub_version >= SPA_VERSION_ORIGIN) {
7878 dsl_pool_create_origin(dp, tx);
7880 /* Keeping the origin open increases spa_minref */
7881 spa->spa_minref += 3;
7884 if (spa->spa_ubsync.ub_version < SPA_VERSION_NEXT_CLONES &&
7885 spa->spa_uberblock.ub_version >= SPA_VERSION_NEXT_CLONES) {
7886 dsl_pool_upgrade_clones(dp, tx);
7889 if (spa->spa_ubsync.ub_version < SPA_VERSION_DIR_CLONES &&
7890 spa->spa_uberblock.ub_version >= SPA_VERSION_DIR_CLONES) {
7891 dsl_pool_upgrade_dir_clones(dp, tx);
7893 /* Keeping the freedir open increases spa_minref */
7894 spa->spa_minref += 3;
7897 if (spa->spa_ubsync.ub_version < SPA_VERSION_FEATURES &&
7898 spa->spa_uberblock.ub_version >= SPA_VERSION_FEATURES) {
7899 spa_feature_create_zap_objects(spa, tx);
7903 * LZ4_COMPRESS feature's behaviour was changed to activate_on_enable
7904 * when possibility to use lz4 compression for metadata was added
7905 * Old pools that have this feature enabled must be upgraded to have
7906 * this feature active
7908 if (spa->spa_uberblock.ub_version >= SPA_VERSION_FEATURES) {
7909 boolean_t lz4_en = spa_feature_is_enabled(spa,
7910 SPA_FEATURE_LZ4_COMPRESS);
7911 boolean_t lz4_ac = spa_feature_is_active(spa,
7912 SPA_FEATURE_LZ4_COMPRESS);
7914 if (lz4_en && !lz4_ac)
7915 spa_feature_incr(spa, SPA_FEATURE_LZ4_COMPRESS, tx);
7919 * If we haven't written the salt, do so now. Note that the
7920 * feature may not be activated yet, but that's fine since
7921 * the presence of this ZAP entry is backwards compatible.
7923 if (zap_contains(spa->spa_meta_objset, DMU_POOL_DIRECTORY_OBJECT,
7924 DMU_POOL_CHECKSUM_SALT) == ENOENT) {
7925 VERIFY0(zap_add(spa->spa_meta_objset,
7926 DMU_POOL_DIRECTORY_OBJECT, DMU_POOL_CHECKSUM_SALT, 1,
7927 sizeof (spa->spa_cksum_salt.zcs_bytes),
7928 spa->spa_cksum_salt.zcs_bytes, tx));
7931 rrw_exit(&dp->dp_config_rwlock, FTAG);
7935 vdev_indirect_state_sync_verify(vdev_t *vd)
7937 vdev_indirect_mapping_t *vim = vd->vdev_indirect_mapping;
7938 vdev_indirect_births_t *vib = vd->vdev_indirect_births;
7940 if (vd->vdev_ops == &vdev_indirect_ops) {
7941 ASSERT(vim != NULL);
7942 ASSERT(vib != NULL);
7945 if (vdev_obsolete_sm_object(vd) != 0) {
7946 ASSERT(vd->vdev_obsolete_sm != NULL);
7947 ASSERT(vd->vdev_removing ||
7948 vd->vdev_ops == &vdev_indirect_ops);
7949 ASSERT(vdev_indirect_mapping_num_entries(vim) > 0);
7950 ASSERT(vdev_indirect_mapping_bytes_mapped(vim) > 0);
7952 ASSERT3U(vdev_obsolete_sm_object(vd), ==,
7953 space_map_object(vd->vdev_obsolete_sm));
7954 ASSERT3U(vdev_indirect_mapping_bytes_mapped(vim), >=,
7955 space_map_allocated(vd->vdev_obsolete_sm));
7957 ASSERT(vd->vdev_obsolete_segments != NULL);
7960 * Since frees / remaps to an indirect vdev can only
7961 * happen in syncing context, the obsolete segments
7962 * tree must be empty when we start syncing.
7964 ASSERT0(range_tree_space(vd->vdev_obsolete_segments));
7968 * Sync the specified transaction group. New blocks may be dirtied as
7969 * part of the process, so we iterate until it converges.
7972 spa_sync(spa_t *spa, uint64_t txg)
7974 dsl_pool_t *dp = spa->spa_dsl_pool;
7975 objset_t *mos = spa->spa_meta_objset;
7976 bplist_t *free_bpl = &spa->spa_free_bplist[txg & TXG_MASK];
7977 vdev_t *rvd = spa->spa_root_vdev;
7981 uint32_t max_queue_depth = zfs_vdev_async_write_max_active *
7982 zfs_vdev_queue_depth_pct / 100;
7984 VERIFY(spa_writeable(spa));
7987 * Wait for i/os issued in open context that need to complete
7988 * before this txg syncs.
7990 (void) zio_wait(spa->spa_txg_zio[txg & TXG_MASK]);
7991 spa->spa_txg_zio[txg & TXG_MASK] = zio_root(spa, NULL, NULL,
7995 * Lock out configuration changes.
7997 spa_config_enter(spa, SCL_CONFIG, FTAG, RW_READER);
7999 spa->spa_syncing_txg = txg;
8000 spa->spa_sync_pass = 0;
8002 for (int i = 0; i < spa->spa_alloc_count; i++) {
8003 mutex_enter(&spa->spa_alloc_locks[i]);
8004 VERIFY0(avl_numnodes(&spa->spa_alloc_trees[i]));
8005 mutex_exit(&spa->spa_alloc_locks[i]);
8009 * If there are any pending vdev state changes, convert them
8010 * into config changes that go out with this transaction group.
8012 spa_config_enter(spa, SCL_STATE, FTAG, RW_READER);
8013 while (list_head(&spa->spa_state_dirty_list) != NULL) {
8015 * We need the write lock here because, for aux vdevs,
8016 * calling vdev_config_dirty() modifies sav_config.
8017 * This is ugly and will become unnecessary when we
8018 * eliminate the aux vdev wart by integrating all vdevs
8019 * into the root vdev tree.
8021 spa_config_exit(spa, SCL_CONFIG | SCL_STATE, FTAG);
8022 spa_config_enter(spa, SCL_CONFIG | SCL_STATE, FTAG, RW_WRITER);
8023 while ((vd = list_head(&spa->spa_state_dirty_list)) != NULL) {
8024 vdev_state_clean(vd);
8025 vdev_config_dirty(vd);
8027 spa_config_exit(spa, SCL_CONFIG | SCL_STATE, FTAG);
8028 spa_config_enter(spa, SCL_CONFIG | SCL_STATE, FTAG, RW_READER);
8030 spa_config_exit(spa, SCL_STATE, FTAG);
8032 tx = dmu_tx_create_assigned(dp, txg);
8034 spa->spa_sync_starttime = gethrtime();
8036 VERIFY(cyclic_reprogram(spa->spa_deadman_cycid,
8037 spa->spa_sync_starttime + spa->spa_deadman_synctime));
8038 #else /* !illumos */
8040 callout_schedule(&spa->spa_deadman_cycid,
8041 hz * spa->spa_deadman_synctime / NANOSEC);
8043 #endif /* illumos */
8046 * If we are upgrading to SPA_VERSION_RAIDZ_DEFLATE this txg,
8047 * set spa_deflate if we have no raid-z vdevs.
8049 if (spa->spa_ubsync.ub_version < SPA_VERSION_RAIDZ_DEFLATE &&
8050 spa->spa_uberblock.ub_version >= SPA_VERSION_RAIDZ_DEFLATE) {
8053 for (i = 0; i < rvd->vdev_children; i++) {
8054 vd = rvd->vdev_child[i];
8055 if (vd->vdev_deflate_ratio != SPA_MINBLOCKSIZE)
8058 if (i == rvd->vdev_children) {
8059 spa->spa_deflate = TRUE;
8060 VERIFY(0 == zap_add(spa->spa_meta_objset,
8061 DMU_POOL_DIRECTORY_OBJECT, DMU_POOL_DEFLATE,
8062 sizeof (uint64_t), 1, &spa->spa_deflate, tx));
8067 * Set the top-level vdev's max queue depth. Evaluate each
8068 * top-level's async write queue depth in case it changed.
8069 * The max queue depth will not change in the middle of syncing
8072 uint64_t slots_per_allocator = 0;
8073 for (int c = 0; c < rvd->vdev_children; c++) {
8074 vdev_t *tvd = rvd->vdev_child[c];
8075 metaslab_group_t *mg = tvd->vdev_mg;
8077 if (mg == NULL || mg->mg_class != spa_normal_class(spa) ||
8078 !metaslab_group_initialized(mg))
8082 * It is safe to do a lock-free check here because only async
8083 * allocations look at mg_max_alloc_queue_depth, and async
8084 * allocations all happen from spa_sync().
8086 for (int i = 0; i < spa->spa_alloc_count; i++)
8087 ASSERT0(zfs_refcount_count(
8088 &(mg->mg_alloc_queue_depth[i])));
8089 mg->mg_max_alloc_queue_depth = max_queue_depth;
8091 for (int i = 0; i < spa->spa_alloc_count; i++) {
8092 mg->mg_cur_max_alloc_queue_depth[i] =
8093 zfs_vdev_def_queue_depth;
8095 slots_per_allocator += zfs_vdev_def_queue_depth;
8097 metaslab_class_t *mc = spa_normal_class(spa);
8098 for (int i = 0; i < spa->spa_alloc_count; i++) {
8099 ASSERT0(zfs_refcount_count(&mc->mc_alloc_slots[i]));
8100 mc->mc_alloc_max_slots[i] = slots_per_allocator;
8102 mc->mc_alloc_throttle_enabled = zio_dva_throttle_enabled;
8104 for (int c = 0; c < rvd->vdev_children; c++) {
8105 vdev_t *vd = rvd->vdev_child[c];
8106 vdev_indirect_state_sync_verify(vd);
8108 if (vdev_indirect_should_condense(vd)) {
8109 spa_condense_indirect_start_sync(vd, tx);
8115 * Iterate to convergence.
8118 int pass = ++spa->spa_sync_pass;
8120 spa_sync_config_object(spa, tx);
8121 spa_sync_aux_dev(spa, &spa->spa_spares, tx,
8122 ZPOOL_CONFIG_SPARES, DMU_POOL_SPARES);
8123 spa_sync_aux_dev(spa, &spa->spa_l2cache, tx,
8124 ZPOOL_CONFIG_L2CACHE, DMU_POOL_L2CACHE);
8125 spa_errlog_sync(spa, txg);
8126 dsl_pool_sync(dp, txg);
8128 if (pass < zfs_sync_pass_deferred_free) {
8129 spa_sync_frees(spa, free_bpl, tx);
8132 * We can not defer frees in pass 1, because
8133 * we sync the deferred frees later in pass 1.
8135 ASSERT3U(pass, >, 1);
8136 bplist_iterate(free_bpl, bpobj_enqueue_cb,
8137 &spa->spa_deferred_bpobj, tx);
8141 dsl_scan_sync(dp, tx);
8143 if (spa->spa_vdev_removal != NULL)
8146 while ((vd = txg_list_remove(&spa->spa_vdev_txg_list, txg))
8151 spa_sync_upgrades(spa, tx);
8153 spa->spa_uberblock.ub_rootbp.blk_birth);
8155 * Note: We need to check if the MOS is dirty
8156 * because we could have marked the MOS dirty
8157 * without updating the uberblock (e.g. if we
8158 * have sync tasks but no dirty user data). We
8159 * need to check the uberblock's rootbp because
8160 * it is updated if we have synced out dirty
8161 * data (though in this case the MOS will most
8162 * likely also be dirty due to second order
8163 * effects, we don't want to rely on that here).
8165 if (spa->spa_uberblock.ub_rootbp.blk_birth < txg &&
8166 !dmu_objset_is_dirty(mos, txg)) {
8168 * Nothing changed on the first pass,
8169 * therefore this TXG is a no-op. Avoid
8170 * syncing deferred frees, so that we
8171 * can keep this TXG as a no-op.
8173 ASSERT(txg_list_empty(&dp->dp_dirty_datasets,
8175 ASSERT(txg_list_empty(&dp->dp_dirty_dirs, txg));
8176 ASSERT(txg_list_empty(&dp->dp_sync_tasks, txg));
8177 ASSERT(txg_list_empty(&dp->dp_early_sync_tasks,
8181 spa_sync_deferred_frees(spa, tx);
8184 } while (dmu_objset_is_dirty(mos, txg));
8186 if (!list_is_empty(&spa->spa_config_dirty_list)) {
8188 * Make sure that the number of ZAPs for all the vdevs matches
8189 * the number of ZAPs in the per-vdev ZAP list. This only gets
8190 * called if the config is dirty; otherwise there may be
8191 * outstanding AVZ operations that weren't completed in
8192 * spa_sync_config_object.
8194 uint64_t all_vdev_zap_entry_count;
8195 ASSERT0(zap_count(spa->spa_meta_objset,
8196 spa->spa_all_vdev_zaps, &all_vdev_zap_entry_count));
8197 ASSERT3U(vdev_count_verify_zaps(spa->spa_root_vdev), ==,
8198 all_vdev_zap_entry_count);
8201 if (spa->spa_vdev_removal != NULL) {
8202 ASSERT0(spa->spa_vdev_removal->svr_bytes_done[txg & TXG_MASK]);
8206 * Rewrite the vdev configuration (which includes the uberblock)
8207 * to commit the transaction group.
8209 * If there are no dirty vdevs, we sync the uberblock to a few
8210 * random top-level vdevs that are known to be visible in the
8211 * config cache (see spa_vdev_add() for a complete description).
8212 * If there *are* dirty vdevs, sync the uberblock to all vdevs.
8216 * We hold SCL_STATE to prevent vdev open/close/etc.
8217 * while we're attempting to write the vdev labels.
8219 spa_config_enter(spa, SCL_STATE, FTAG, RW_READER);
8221 if (list_is_empty(&spa->spa_config_dirty_list)) {
8222 vdev_t *svd[SPA_SYNC_MIN_VDEVS] = { NULL };
8224 int children = rvd->vdev_children;
8225 int c0 = spa_get_random(children);
8227 for (int c = 0; c < children; c++) {
8228 vd = rvd->vdev_child[(c0 + c) % children];
8230 /* Stop when revisiting the first vdev */
8231 if (c > 0 && svd[0] == vd)
8234 if (vd->vdev_ms_array == 0 || vd->vdev_islog ||
8235 !vdev_is_concrete(vd))
8238 svd[svdcount++] = vd;
8239 if (svdcount == SPA_SYNC_MIN_VDEVS)
8242 error = vdev_config_sync(svd, svdcount, txg);
8244 error = vdev_config_sync(rvd->vdev_child,
8245 rvd->vdev_children, txg);
8249 spa->spa_last_synced_guid = rvd->vdev_guid;
8251 spa_config_exit(spa, SCL_STATE, FTAG);
8255 zio_suspend(spa, NULL);
8256 zio_resume_wait(spa);
8261 VERIFY(cyclic_reprogram(spa->spa_deadman_cycid, CY_INFINITY));
8262 #else /* !illumos */
8264 callout_drain(&spa->spa_deadman_cycid);
8266 #endif /* illumos */
8269 * Clear the dirty config list.
8271 while ((vd = list_head(&spa->spa_config_dirty_list)) != NULL)
8272 vdev_config_clean(vd);
8275 * Now that the new config has synced transactionally,
8276 * let it become visible to the config cache.
8278 if (spa->spa_config_syncing != NULL) {
8279 spa_config_set(spa, spa->spa_config_syncing);
8280 spa->spa_config_txg = txg;
8281 spa->spa_config_syncing = NULL;
8284 dsl_pool_sync_done(dp, txg);
8286 for (int i = 0; i < spa->spa_alloc_count; i++) {
8287 mutex_enter(&spa->spa_alloc_locks[i]);
8288 VERIFY0(avl_numnodes(&spa->spa_alloc_trees[i]));
8289 mutex_exit(&spa->spa_alloc_locks[i]);
8293 * Update usable space statistics.
8295 while ((vd = txg_list_remove(&spa->spa_vdev_txg_list, TXG_CLEAN(txg)))
8297 vdev_sync_done(vd, txg);
8299 spa_update_dspace(spa);
8302 * It had better be the case that we didn't dirty anything
8303 * since vdev_config_sync().
8305 ASSERT(txg_list_empty(&dp->dp_dirty_datasets, txg));
8306 ASSERT(txg_list_empty(&dp->dp_dirty_dirs, txg));
8307 ASSERT(txg_list_empty(&spa->spa_vdev_txg_list, txg));
8309 while (zfs_pause_spa_sync)
8312 spa->spa_sync_pass = 0;
8315 * Update the last synced uberblock here. We want to do this at
8316 * the end of spa_sync() so that consumers of spa_last_synced_txg()
8317 * will be guaranteed that all the processing associated with
8318 * that txg has been completed.
8320 spa->spa_ubsync = spa->spa_uberblock;
8321 spa_config_exit(spa, SCL_CONFIG, FTAG);
8323 spa_handle_ignored_writes(spa);
8326 * If any async tasks have been requested, kick them off.
8328 spa_async_dispatch(spa);
8329 spa_async_dispatch_vd(spa);
8333 * Sync all pools. We don't want to hold the namespace lock across these
8334 * operations, so we take a reference on the spa_t and drop the lock during the
8338 spa_sync_allpools(void)
8341 mutex_enter(&spa_namespace_lock);
8342 while ((spa = spa_next(spa)) != NULL) {
8343 if (spa_state(spa) != POOL_STATE_ACTIVE ||
8344 !spa_writeable(spa) || spa_suspended(spa))
8346 spa_open_ref(spa, FTAG);
8347 mutex_exit(&spa_namespace_lock);
8348 txg_wait_synced(spa_get_dsl(spa), 0);
8349 mutex_enter(&spa_namespace_lock);
8350 spa_close(spa, FTAG);
8352 mutex_exit(&spa_namespace_lock);
8356 * ==========================================================================
8357 * Miscellaneous routines
8358 * ==========================================================================
8362 * Remove all pools in the system.
8370 * Remove all cached state. All pools should be closed now,
8371 * so every spa in the AVL tree should be unreferenced.
8373 mutex_enter(&spa_namespace_lock);
8374 while ((spa = spa_next(NULL)) != NULL) {
8376 * Stop async tasks. The async thread may need to detach
8377 * a device that's been replaced, which requires grabbing
8378 * spa_namespace_lock, so we must drop it here.
8380 spa_open_ref(spa, FTAG);
8381 mutex_exit(&spa_namespace_lock);
8382 spa_async_suspend(spa);
8383 mutex_enter(&spa_namespace_lock);
8384 spa_close(spa, FTAG);
8386 if (spa->spa_state != POOL_STATE_UNINITIALIZED) {
8388 spa_deactivate(spa);
8392 mutex_exit(&spa_namespace_lock);
8396 spa_lookup_by_guid(spa_t *spa, uint64_t guid, boolean_t aux)
8401 if ((vd = vdev_lookup_by_guid(spa->spa_root_vdev, guid)) != NULL)
8405 for (i = 0; i < spa->spa_l2cache.sav_count; i++) {
8406 vd = spa->spa_l2cache.sav_vdevs[i];
8407 if (vd->vdev_guid == guid)
8411 for (i = 0; i < spa->spa_spares.sav_count; i++) {
8412 vd = spa->spa_spares.sav_vdevs[i];
8413 if (vd->vdev_guid == guid)
8422 spa_upgrade(spa_t *spa, uint64_t version)
8424 ASSERT(spa_writeable(spa));
8426 spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
8429 * This should only be called for a non-faulted pool, and since a
8430 * future version would result in an unopenable pool, this shouldn't be
8433 ASSERT(SPA_VERSION_IS_SUPPORTED(spa->spa_uberblock.ub_version));
8434 ASSERT3U(version, >=, spa->spa_uberblock.ub_version);
8436 spa->spa_uberblock.ub_version = version;
8437 vdev_config_dirty(spa->spa_root_vdev);
8439 spa_config_exit(spa, SCL_ALL, FTAG);
8441 txg_wait_synced(spa_get_dsl(spa), 0);
8445 spa_has_spare(spa_t *spa, uint64_t guid)
8449 spa_aux_vdev_t *sav = &spa->spa_spares;
8451 for (i = 0; i < sav->sav_count; i++)
8452 if (sav->sav_vdevs[i]->vdev_guid == guid)
8455 for (i = 0; i < sav->sav_npending; i++) {
8456 if (nvlist_lookup_uint64(sav->sav_pending[i], ZPOOL_CONFIG_GUID,
8457 &spareguid) == 0 && spareguid == guid)
8465 * Check if a pool has an active shared spare device.
8466 * Note: reference count of an active spare is 2, as a spare and as a replace
8469 spa_has_active_shared_spare(spa_t *spa)
8473 spa_aux_vdev_t *sav = &spa->spa_spares;
8475 for (i = 0; i < sav->sav_count; i++) {
8476 if (spa_spare_exists(sav->sav_vdevs[i]->vdev_guid, &pool,
8477 &refcnt) && pool != 0ULL && pool == spa_guid(spa) &&
8486 spa_event_create(spa_t *spa, vdev_t *vd, nvlist_t *hist_nvl, const char *name)
8488 sysevent_t *ev = NULL;
8490 sysevent_attr_list_t *attr = NULL;
8491 sysevent_value_t value;
8493 ev = sysevent_alloc(EC_ZFS, (char *)name, SUNW_KERN_PUB "zfs",
8497 value.value_type = SE_DATA_TYPE_STRING;
8498 value.value.sv_string = spa_name(spa);
8499 if (sysevent_add_attr(&attr, ZFS_EV_POOL_NAME, &value, SE_SLEEP) != 0)
8502 value.value_type = SE_DATA_TYPE_UINT64;
8503 value.value.sv_uint64 = spa_guid(spa);
8504 if (sysevent_add_attr(&attr, ZFS_EV_POOL_GUID, &value, SE_SLEEP) != 0)
8508 value.value_type = SE_DATA_TYPE_UINT64;
8509 value.value.sv_uint64 = vd->vdev_guid;
8510 if (sysevent_add_attr(&attr, ZFS_EV_VDEV_GUID, &value,
8514 if (vd->vdev_path) {
8515 value.value_type = SE_DATA_TYPE_STRING;
8516 value.value.sv_string = vd->vdev_path;
8517 if (sysevent_add_attr(&attr, ZFS_EV_VDEV_PATH,
8518 &value, SE_SLEEP) != 0)
8523 if (hist_nvl != NULL) {
8524 fnvlist_merge((nvlist_t *)attr, hist_nvl);
8527 if (sysevent_attach_attributes(ev, attr) != 0)
8533 sysevent_free_attr(attr);
8540 spa_event_post(sysevent_t *ev)
8545 (void) log_sysevent(ev, SE_SLEEP, &eid);
8551 spa_event_discard(sysevent_t *ev)
8559 * Post a sysevent corresponding to the given event. The 'name' must be one of
8560 * the event definitions in sys/sysevent/eventdefs.h. The payload will be
8561 * filled in from the spa and (optionally) the vdev and history nvl. This
8562 * doesn't do anything in the userland libzpool, as we don't want consumers to
8563 * misinterpret ztest or zdb as real changes.
8566 spa_event_notify(spa_t *spa, vdev_t *vd, nvlist_t *hist_nvl, const char *name)
8568 spa_event_post(spa_event_create(spa, vd, hist_nvl, name));