]> git.proxmox.com Git - mirror_zfs-debian.git/blob - cmd/zed/agents/zfs_retire.c
projects / mirror_zfs-debian.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
New upstream version 0.7.2
[mirror_zfs-debian.git] / cmd / zed / agents / zfs_retire.c
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved.
23 *
24 * Copyright (c) 2016, Intel Corporation.
25 */
26
27 /*
28 * The ZFS retire agent is responsible for managing hot spares across all pools.
29 * When we see a device fault or a device removal, we try to open the associated
30 * pool and look for any hot spares. We iterate over any available hot spares
31 * and attempt a 'zpool replace' for each one.
32 *
33 * For vdevs diagnosed as faulty, the agent is also responsible for proactively
34 * marking the vdev FAULTY (for I/O errors) or DEGRADED (for checksum errors).
35 */
36
37 #include <sys/fs/zfs.h>
38 #include <sys/fm/protocol.h>
39 #include <sys/fm/fs/zfs.h>
40 #include <libzfs.h>
41 #include <string.h>
42
43 #include "zfs_agents.h"
44 #include "fmd_api.h"
45
46
47 typedef struct zfs_retire_repaired {
48 struct zfs_retire_repaired *zrr_next;
49 uint64_t zrr_pool;
50 uint64_t zrr_vdev;
51 } zfs_retire_repaired_t;
52
53 typedef struct zfs_retire_data {
54 libzfs_handle_t *zrd_hdl;
55 zfs_retire_repaired_t *zrd_repaired;
56 } zfs_retire_data_t;
57
58 static void
59 zfs_retire_clear_data(fmd_hdl_t *hdl, zfs_retire_data_t *zdp)
60 {
61 zfs_retire_repaired_t *zrp;
62
63 while ((zrp = zdp->zrd_repaired) != NULL) {
64 zdp->zrd_repaired = zrp->zrr_next;
65 fmd_hdl_free(hdl, zrp, sizeof (zfs_retire_repaired_t));
66 }
67 }
68
69 /*
70 * Find a pool with a matching GUID.
71 */
72 typedef struct find_cbdata {
73 uint64_t cb_guid;
74 const char *cb_fru;
75 zpool_handle_t *cb_zhp;
76 nvlist_t *cb_vdev;
77 } find_cbdata_t;
78
79 static int
80 find_pool(zpool_handle_t *zhp, void *data)
81 {
82 find_cbdata_t *cbp = data;
83
84 if (cbp->cb_guid ==
85 zpool_get_prop_int(zhp, ZPOOL_PROP_GUID, NULL)) {
86 cbp->cb_zhp = zhp;
87 return (1);
88 }
89
90 zpool_close(zhp);
91 return (0);
92 }
93
94 /*
95 * Find a vdev within a tree with a matching GUID.
96 */
97 static nvlist_t *
98 find_vdev(libzfs_handle_t *zhdl, nvlist_t *nv, const char *search_fru,
99 uint64_t search_guid)
100 {
101 uint64_t guid;
102 nvlist_t **child;
103 uint_t c, children;
104 nvlist_t *ret;
105 char *fru;
106
107 if (search_fru != NULL) {
108 if (nvlist_lookup_string(nv, ZPOOL_CONFIG_FRU, &fru) == 0 &&
109 libzfs_fru_compare(zhdl, fru, search_fru))
110 return (nv);
111 } else {
112 if (nvlist_lookup_uint64(nv, ZPOOL_CONFIG_GUID, &guid) == 0 &&
113 guid == search_guid) {
114 fmd_hdl_debug(fmd_module_hdl("zfs-retire"),
115 "matched vdev %llu", guid);
116 return (nv);
117 }
118 }
119
120 if (nvlist_lookup_nvlist_array(nv, ZPOOL_CONFIG_CHILDREN,
121 &child, &children) != 0)
122 return (NULL);
123
124 for (c = 0; c < children; c++) {
125 if ((ret = find_vdev(zhdl, child[c], search_fru,
126 search_guid)) != NULL)
127 return (ret);
128 }
129
130 if (nvlist_lookup_nvlist_array(nv, ZPOOL_CONFIG_L2CACHE,
131 &child, &children) != 0)
132 return (NULL);
133
134 for (c = 0; c < children; c++) {
135 if ((ret = find_vdev(zhdl, child[c], search_fru,
136 search_guid)) != NULL)
137 return (ret);
138 }
139
140 return (NULL);
141 }
142
143 /*
144 * Given a (pool, vdev) GUID pair, find the matching pool and vdev.
145 */
146 static zpool_handle_t *
147 find_by_guid(libzfs_handle_t *zhdl, uint64_t pool_guid, uint64_t vdev_guid,
148 nvlist_t **vdevp)
149 {
150 find_cbdata_t cb;
151 zpool_handle_t *zhp;
152 nvlist_t *config, *nvroot;
153
154 /*
155 * Find the corresponding pool and make sure the vdev still exists.
156 */
157 cb.cb_guid = pool_guid;
158 if (zpool_iter(zhdl, find_pool, &cb) != 1)
159 return (NULL);
160
161 zhp = cb.cb_zhp;
162 config = zpool_get_config(zhp, NULL);
163 if (nvlist_lookup_nvlist(config, ZPOOL_CONFIG_VDEV_TREE,
164 &nvroot) != 0) {
165 zpool_close(zhp);
166 return (NULL);
167 }
168
169 if (vdev_guid != 0) {
170 if ((*vdevp = find_vdev(zhdl, nvroot, NULL,
171 vdev_guid)) == NULL) {
172 zpool_close(zhp);
173 return (NULL);
174 }
175 }
176
177 return (zhp);
178 }
179
180 #ifdef HAVE_LIBTOPO
181 static int
182 search_pool(zpool_handle_t *zhp, void *data)
183 {
184 find_cbdata_t *cbp = data;
185 nvlist_t *config;
186 nvlist_t *nvroot;
187
188 config = zpool_get_config(zhp, NULL);
189 if (nvlist_lookup_nvlist(config, ZPOOL_CONFIG_VDEV_TREE,
190 &nvroot) != 0) {
191 zpool_close(zhp);
192 return (0);
193 }
194
195 if ((cbp->cb_vdev = find_vdev(zpool_get_handle(zhp), nvroot,
196 cbp->cb_fru, 0)) != NULL) {
197 cbp->cb_zhp = zhp;
198 return (1);
199 }
200
201 zpool_close(zhp);
202 return (0);
203 }
204
205 /*
206 * Given a FRU FMRI, find the matching pool and vdev.
207 */
208 static zpool_handle_t *
209 find_by_fru(libzfs_handle_t *zhdl, const char *fru, nvlist_t **vdevp)
210 {
211 find_cbdata_t cb;
212
213 cb.cb_fru = fru;
214 cb.cb_zhp = NULL;
215 if (zpool_iter(zhdl, search_pool, &cb) != 1)
216 return (NULL);
217
218 *vdevp = cb.cb_vdev;
219 return (cb.cb_zhp);
220 }
221 #endif /* HAVE_LIBTOPO */
222
223 /*
224 * Given a vdev, attempt to replace it with every known spare until one
225 * succeeds.
226 */
227 static void
228 replace_with_spare(fmd_hdl_t *hdl, zpool_handle_t *zhp, nvlist_t *vdev)
229 {
230 nvlist_t *config, *nvroot, *replacement;
231 nvlist_t **spares;
232 uint_t s, nspares;
233 char *dev_name;
234
235 config = zpool_get_config(zhp, NULL);
236 if (nvlist_lookup_nvlist(config, ZPOOL_CONFIG_VDEV_TREE,
237 &nvroot) != 0)
238 return;
239
240 /*
241 * Find out if there are any hot spares available in the pool.
242 */
243 if (nvlist_lookup_nvlist_array(nvroot, ZPOOL_CONFIG_SPARES,
244 &spares, &nspares) != 0)
245 return;
246
247 replacement = fmd_nvl_alloc(hdl, FMD_SLEEP);
248
249 (void) nvlist_add_string(replacement, ZPOOL_CONFIG_TYPE,
250 VDEV_TYPE_ROOT);
251
252 dev_name = zpool_vdev_name(NULL, zhp, vdev, B_FALSE);
253
254 /*
255 * Try to replace each spare, ending when we successfully
256 * replace it.
257 */
258 for (s = 0; s < nspares; s++) {
259 char *spare_name;
260
261 if (nvlist_lookup_string(spares[s], ZPOOL_CONFIG_PATH,
262 &spare_name) != 0)
263 continue;
264
265 (void) nvlist_add_nvlist_array(replacement,
266 ZPOOL_CONFIG_CHILDREN, &spares[s], 1);
267
268 fmd_hdl_debug(hdl, "zpool_vdev_replace '%s' with spare '%s'",
269 dev_name, basename(spare_name));
270
271 if (zpool_vdev_attach(zhp, dev_name, spare_name,
272 replacement, B_TRUE) == 0)
273 break;
274 }
275
276 free(dev_name);
277 nvlist_free(replacement);
278 }
279
280 /*
281 * Repair this vdev if we had diagnosed a 'fault.fs.zfs.device' and
282 * ASRU is now usable. ZFS has found the device to be present and
283 * functioning.
284 */
285 /*ARGSUSED*/
286 static void
287 zfs_vdev_repair(fmd_hdl_t *hdl, nvlist_t *nvl)
288 {
289 zfs_retire_data_t *zdp = fmd_hdl_getspecific(hdl);
290 zfs_retire_repaired_t *zrp;
291 uint64_t pool_guid, vdev_guid;
292 #ifdef HAVE_LIBTOPO
293 nvlist_t *asru;
294 #endif
295
296 if (nvlist_lookup_uint64(nvl, FM_EREPORT_PAYLOAD_ZFS_POOL_GUID,
297 &pool_guid) != 0 || nvlist_lookup_uint64(nvl,
298 FM_EREPORT_PAYLOAD_ZFS_VDEV_GUID, &vdev_guid) != 0)
299 return;
300
301 /*
302 * Before checking the state of the ASRU, go through and see if we've
303 * already made an attempt to repair this ASRU. This list is cleared
304 * whenever we receive any kind of list event, and is designed to
305 * prevent us from generating a feedback loop when we attempt repairs
306 * against a faulted pool. The problem is that checking the unusable
307 * state of the ASRU can involve opening the pool, which can post
308 * statechange events but otherwise leave the pool in the faulted
309 * state. This list allows us to detect when a statechange event is
310 * due to our own request.
311 */
312 for (zrp = zdp->zrd_repaired; zrp != NULL; zrp = zrp->zrr_next) {
313 if (zrp->zrr_pool == pool_guid &&
314 zrp->zrr_vdev == vdev_guid)
315 return;
316 }
317
318 #ifdef HAVE_LIBTOPO
319 asru = fmd_nvl_alloc(hdl, FMD_SLEEP);
320
321 (void) nvlist_add_uint8(asru, FM_VERSION, ZFS_SCHEME_VERSION0);
322 (void) nvlist_add_string(asru, FM_FMRI_SCHEME, FM_FMRI_SCHEME_ZFS);
323 (void) nvlist_add_uint64(asru, FM_FMRI_ZFS_POOL, pool_guid);
324 (void) nvlist_add_uint64(asru, FM_FMRI_ZFS_VDEV, vdev_guid);
325
326 /*
327 * We explicitly check for the unusable state here to make sure we
328 * aren't responding to a transient state change. As part of opening a
329 * vdev, it's possible to see the 'statechange' event, only to be
330 * followed by a vdev failure later. If we don't check the current
331 * state of the vdev (or pool) before marking it repaired, then we risk
332 * generating spurious repair events followed immediately by the same
333 * diagnosis.
334 *
335 * This assumes that the ZFS scheme code associated unusable (i.e.
336 * isolated) with its own definition of faulty state. In the case of a
337 * DEGRADED leaf vdev (due to checksum errors), this is not the case.
338 * This works, however, because the transient state change is not
339 * posted in this case. This could be made more explicit by not
340 * relying on the scheme's unusable callback and instead directly
341 * checking the vdev state, where we could correctly account for
342 * DEGRADED state.
343 */
344 if (!fmd_nvl_fmri_unusable(hdl, asru) && fmd_nvl_fmri_has_fault(hdl,
345 asru, FMD_HAS_FAULT_ASRU, NULL)) {
346 topo_hdl_t *thp;
347 char *fmri = NULL;
348 int err;
349
350 thp = fmd_hdl_topo_hold(hdl, TOPO_VERSION);
351 if (topo_fmri_nvl2str(thp, asru, &fmri, &err) == 0)
352 (void) fmd_repair_asru(hdl, fmri);
353 fmd_hdl_topo_rele(hdl, thp);
354
355 topo_hdl_strfree(thp, fmri);
356 }
357 nvlist_free(asru);
358 #endif
359 zrp = fmd_hdl_alloc(hdl, sizeof (zfs_retire_repaired_t), FMD_SLEEP);
360 zrp->zrr_next = zdp->zrd_repaired;
361 zrp->zrr_pool = pool_guid;
362 zrp->zrr_vdev = vdev_guid;
363 zdp->zrd_repaired = zrp;
364
365 fmd_hdl_debug(hdl, "marking repaired vdev %llu on pool %llu",
366 vdev_guid, pool_guid);
367 }
368
369 /*ARGSUSED*/
370 static void
371 zfs_retire_recv(fmd_hdl_t *hdl, fmd_event_t *ep, nvlist_t *nvl,
372 const char *class)
373 {
374 uint64_t pool_guid, vdev_guid;
375 zpool_handle_t *zhp;
376 nvlist_t *resource, *fault;
377 nvlist_t **faults;
378 uint_t f, nfaults;
379 zfs_retire_data_t *zdp = fmd_hdl_getspecific(hdl);
380 libzfs_handle_t *zhdl = zdp->zrd_hdl;
381 boolean_t fault_device, degrade_device;
382 boolean_t is_repair;
383 char *scheme;
384 nvlist_t *vdev = NULL;
385 char *uuid;
386 int repair_done = 0;
387 boolean_t retire;
388 boolean_t is_disk;
389 vdev_aux_t aux;
390 uint64_t state = 0;
391
392 fmd_hdl_debug(hdl, "zfs_retire_recv: '%s'", class);
393
394 /*
395 * If this is a resource notifying us of device removal, then simply
396 * check for an available spare and continue.
397 */
398 if (strcmp(class, "resource.fs.zfs.removed") == 0) {
399 if (nvlist_lookup_uint64(nvl, FM_EREPORT_PAYLOAD_ZFS_POOL_GUID,
400 &pool_guid) != 0 ||
401 nvlist_lookup_uint64(nvl, FM_EREPORT_PAYLOAD_ZFS_VDEV_GUID,
402 &vdev_guid) != 0)
403 return;
404
405 if ((zhp = find_by_guid(zhdl, pool_guid, vdev_guid,
406 &vdev)) == NULL)
407 return;
408
409 if (fmd_prop_get_int32(hdl, "spare_on_remove"))
410 replace_with_spare(hdl, zhp, vdev);
411 zpool_close(zhp);
412 return;
413 }
414
415 if (strcmp(class, FM_LIST_RESOLVED_CLASS) == 0)
416 return;
417
418 /*
419 * Note: on zfsonlinux statechange events are more than just
420 * healthy ones so we need to confirm the actual state value.
421 */
422 if (strcmp(class, "resource.fs.zfs.statechange") == 0 &&
423 nvlist_lookup_uint64(nvl, FM_EREPORT_PAYLOAD_ZFS_VDEV_STATE,
424 &state) == 0 && state == VDEV_STATE_HEALTHY) {
425 zfs_vdev_repair(hdl, nvl);
426 return;
427 }
428 if (strcmp(class, "sysevent.fs.zfs.vdev_remove") == 0) {
429 zfs_vdev_repair(hdl, nvl);
430 return;
431 }
432
433 zfs_retire_clear_data(hdl, zdp);
434
435 if (strcmp(class, FM_LIST_REPAIRED_CLASS) == 0)
436 is_repair = B_TRUE;
437 else
438 is_repair = B_FALSE;
439
440 /*
441 * We subscribe to zfs faults as well as all repair events.
442 */
443 if (nvlist_lookup_nvlist_array(nvl, FM_SUSPECT_FAULT_LIST,
444 &faults, &nfaults) != 0)
445 return;
446
447 for (f = 0; f < nfaults; f++) {
448 fault = faults[f];
449
450 fault_device = B_FALSE;
451 degrade_device = B_FALSE;
452 is_disk = B_FALSE;
453
454 if (nvlist_lookup_boolean_value(fault, FM_SUSPECT_RETIRE,
455 &retire) == 0 && retire == 0)
456 continue;
457
458 /*
459 * While we subscribe to fault.fs.zfs.*, we only take action
460 * for faults targeting a specific vdev (open failure or SERD
461 * failure). We also subscribe to fault.io.* events, so that
462 * faulty disks will be faulted in the ZFS configuration.
463 */
464 if (fmd_nvl_class_match(hdl, fault, "fault.fs.zfs.vdev.io")) {
465 fault_device = B_TRUE;
466 } else if (fmd_nvl_class_match(hdl, fault,
467 "fault.fs.zfs.vdev.checksum")) {
468 degrade_device = B_TRUE;
469 } else if (fmd_nvl_class_match(hdl, fault,
470 "fault.fs.zfs.device")) {
471 fault_device = B_FALSE;
472 } else if (fmd_nvl_class_match(hdl, fault, "fault.io.*")) {
473 is_disk = B_TRUE;
474 fault_device = B_TRUE;
475 } else {
476 continue;
477 }
478
479 if (is_disk) {
480 #ifdef HAVE_LIBTOPO
481 /*
482 * This is a disk fault. Lookup the FRU, convert it to
483 * an FMRI string, and attempt to find a matching vdev.
484 */
485 if (nvlist_lookup_nvlist(fault, FM_FAULT_FRU,
486 &fru) != 0 ||
487 nvlist_lookup_string(fru, FM_FMRI_SCHEME,
488 &scheme) != 0)
489 continue;
490
491 if (strcmp(scheme, FM_FMRI_SCHEME_HC) != 0)
492 continue;
493
494 thp = fmd_hdl_topo_hold(hdl, TOPO_VERSION);
495 if (topo_fmri_nvl2str(thp, fru, &fmri, &err) != 0) {
496 fmd_hdl_topo_rele(hdl, thp);
497 continue;
498 }
499
500 zhp = find_by_fru(zhdl, fmri, &vdev);
501 topo_hdl_strfree(thp, fmri);
502 fmd_hdl_topo_rele(hdl, thp);
503
504 if (zhp == NULL)
505 continue;
506
507 (void) nvlist_lookup_uint64(vdev,
508 ZPOOL_CONFIG_GUID, &vdev_guid);
509 aux = VDEV_AUX_EXTERNAL;
510 #else
511 continue;
512 #endif
513 } else {
514 /*
515 * This is a ZFS fault. Lookup the resource, and
516 * attempt to find the matching vdev.
517 */
518 if (nvlist_lookup_nvlist(fault, FM_FAULT_RESOURCE,
519 &resource) != 0 ||
520 nvlist_lookup_string(resource, FM_FMRI_SCHEME,
521 &scheme) != 0)
522 continue;
523
524 if (strcmp(scheme, FM_FMRI_SCHEME_ZFS) != 0)
525 continue;
526
527 if (nvlist_lookup_uint64(resource, FM_FMRI_ZFS_POOL,
528 &pool_guid) != 0)
529 continue;
530
531 if (nvlist_lookup_uint64(resource, FM_FMRI_ZFS_VDEV,
532 &vdev_guid) != 0) {
533 if (is_repair)
534 vdev_guid = 0;
535 else
536 continue;
537 }
538
539 if ((zhp = find_by_guid(zhdl, pool_guid, vdev_guid,
540 &vdev)) == NULL)
541 continue;
542
543 aux = VDEV_AUX_ERR_EXCEEDED;
544 }
545
546 if (vdev_guid == 0) {
547 /*
548 * For pool-level repair events, clear the entire pool.
549 */
550 fmd_hdl_debug(hdl, "zpool_clear of pool '%s'",
551 zpool_get_name(zhp));
552 (void) zpool_clear(zhp, NULL, NULL);
553 zpool_close(zhp);
554 continue;
555 }
556
557 /*
558 * If this is a repair event, then mark the vdev as repaired and
559 * continue.
560 */
561 if (is_repair) {
562 repair_done = 1;
563 fmd_hdl_debug(hdl, "zpool_clear of pool '%s' vdev %llu",
564 zpool_get_name(zhp), vdev_guid);
565 (void) zpool_vdev_clear(zhp, vdev_guid);
566 zpool_close(zhp);
567 continue;
568 }
569
570 /*
571 * Actively fault the device if needed.
572 */
573 if (fault_device)
574 (void) zpool_vdev_fault(zhp, vdev_guid, aux);
575 if (degrade_device)
576 (void) zpool_vdev_degrade(zhp, vdev_guid, aux);
577
578 if (fault_device || degrade_device)
579 fmd_hdl_debug(hdl, "zpool_vdev_%s: vdev %llu on '%s'",
580 fault_device ? "fault" : "degrade", vdev_guid,
581 zpool_get_name(zhp));
582
583 /*
584 * Attempt to substitute a hot spare.
585 */
586 replace_with_spare(hdl, zhp, vdev);
587 zpool_close(zhp);
588 }
589
590 if (strcmp(class, FM_LIST_REPAIRED_CLASS) == 0 && repair_done &&
591 nvlist_lookup_string(nvl, FM_SUSPECT_UUID, &uuid) == 0)
592 fmd_case_uuresolved(hdl, uuid);
593 }
594
595 static const fmd_hdl_ops_t fmd_ops = {
596 zfs_retire_recv, /* fmdo_recv */
597 NULL, /* fmdo_timeout */
598 NULL, /* fmdo_close */
599 NULL, /* fmdo_stats */
600 NULL, /* fmdo_gc */
601 };
602
603 static const fmd_prop_t fmd_props[] = {
604 { "spare_on_remove", FMD_TYPE_BOOL, "true" },
605 { NULL, 0, NULL }
606 };
607
608 static const fmd_hdl_info_t fmd_info = {
609 "ZFS Retire Agent", "1.0", &fmd_ops, fmd_props
610 };
611
612 void
613 _zfs_retire_init(fmd_hdl_t *hdl)
614 {
615 zfs_retire_data_t *zdp;
616 libzfs_handle_t *zhdl;
617
618 if ((zhdl = __libzfs_init()) == NULL)
619 return;
620
621 if (fmd_hdl_register(hdl, FMD_API_VERSION, &fmd_info) != 0) {
622 libzfs_fini(zhdl);
623 return;
624 }
625
626 zdp = fmd_hdl_zalloc(hdl, sizeof (zfs_retire_data_t), FMD_SLEEP);
627 zdp->zrd_hdl = zhdl;
628
629 fmd_hdl_setspecific(hdl, zdp);
630 }
631
632 void
633 _zfs_retire_fini(fmd_hdl_t *hdl)
634 {
635 zfs_retire_data_t *zdp = fmd_hdl_getspecific(hdl);
636
637 if (zdp != NULL) {
638 zfs_retire_clear_data(hdl, zdp);
639 __libzfs_fini(zdp->zrd_hdl);
640 fmd_hdl_free(hdl, zdp, sizeof (zfs_retire_data_t));
641 }
642 }
Mirror of ZFSOnLinux for Debian