1. 14 10月, 2014 13 次提交
  2. 08 8月, 2014 2 次提交
  3. 31 7月, 2014 1 次提交
    • N
      md: disable probing for md devices 512 and over. · af5628f0
      NeilBrown 提交于
      The way md devices are traditionally created in the kernel
      is simply to open the device with the desired major/minor number.
      
      This can be problematic as some support tools, notably udev and
      programs run by udev, can open a device just to see what is there, and
      find that it has created something.  It is easy for a race to cause
      udev to open an md device just after it was destroy, causing it to
      suddenly re-appear.
      
      For some time we have had an alternate way to create md devices
        echo md_somename > /sys/modules/md_mod/paramaters/new_array
      
      This will always use a minor number of 512 or higher, which mdadm
      normally avoids.
      Using this makes the creation-by-opening unnecessary, but does
      not disable it, so it is still there to cause problems.
      
      This patch disable probing for devices with a major of 9 (MD_MAJOR)
      and a minor of 512 and up.  This devices created by writing to
      new_array cannot be re-created by opening the node in /dev.
      Signed-off-by: NNeilBrown <neilb@suse.de>
      af5628f0
  4. 03 7月, 2014 2 次提交
  5. 29 5月, 2014 3 次提交
    • N
      md: md_clear_badblocks should return an error code on failure. · 8b32bf5e
      NeilBrown 提交于
      Julia Lawall and coccinelle report that md_clear_badblocks always
      returns 0, despite appearing to have an error path.
      The error path really should return an error code.  ENOSPC is
      reasonably appropriate.
      Reported-by: NJulia Lawall <Julia.Lawall@lip6.fr>
      Signed-off-by: NNeilBrown <neilb@suse.de>
      8b32bf5e
    • N
      md: refuse to change shape of array if it is active but read-only · bd8839e0
      NeilBrown 提交于
      read-only arrays should not be changed.  This includes changing
      the level, layout, size, or number of devices.
      
      So reject those changes for readonly arrays.
      Signed-off-by: NNeilBrown <neilb@suse.de>
      bd8839e0
    • N
      md: always set MD_RECOVERY_INTR when interrupting a reshape thread. · 2ac295a5
      NeilBrown 提交于
      Commit 8313b8e5
         md: fix problem when adding device to read-only array with bitmap.
      
      added a called to md_reap_sync_thread() which cause a reshape thread
      to be interrupted (in particular, it could cause md_thread() to never even
      call md_do_sync()).
      However it didn't set MD_RECOVERY_INTR so ->finish_reshape() would not
      know that the reshape didn't complete.
      
      This only happens when mddev->ro is set and normally reshape threads
      don't run in that situation.  But raid5 and raid10 can start a reshape
      thread during "run" is the array is in the middle of a reshape.
      They do this even if ->ro is set.
      
      So it is best to set MD_RECOVERY_INTR before abortingg the
      sync thread, just in case.
      
      Though it rare for this to trigger a problem it can cause data corruption
      because the reshape isn't finished properly.
      So it is suitable for any stable which the offending commit was applied to.
      (3.2 or later)
      
      Fixes: 8313b8e5
      Cc: stable@vger.kernel.org (3.2+)
      Signed-off-by: NNeilBrown <neilb@suse.de>
      2ac295a5
  6. 28 5月, 2014 1 次提交
    • N
      md: always set MD_RECOVERY_INTR when aborting a reshape or other "resync". · 3991b31e
      NeilBrown 提交于
      If mddev->ro is set, md_to_sync will (correctly) abort.
      However in that case MD_RECOVERY_INTR isn't set.
      
      If a RESHAPE had been requested, then ->finish_reshape() will be
      called and it will think the reshape was successful even though
      nothing happened.
      
      Normally a resync will not be requested if ->ro is set, but if an
      array is stopped while a reshape is on-going, then when the array is
      started, the reshape will be restarted.  If the array is also set
      read-only at this point, the reshape will instantly appear to success,
      resulting in data corruption.
      
      Consequently, this patch is suitable for any -stable kernel.
      
      Cc: stable@vger.kernel.org (any)
      Signed-off-by: NNeilBrown <neilb@suse.de>
      3991b31e
  7. 06 5月, 2014 1 次提交
    • N
      md: avoid possible spinning md thread at shutdown. · 0f62fb22
      NeilBrown 提交于
      If an md array with externally managed metadata (e.g. DDF or IMSM)
      is in use, then we should not set safemode==2 at shutdown because:
      
      1/ this is ineffective: user-space need to be involved in any 'safemode' handling,
      2/ The safemode management code doesn't cope with safemode==2 on external metadata
         and md_check_recover enters an infinite loop.
      
      Even at shutdown, an infinite-looping process can be problematic, so this
      could cause shutdown to hang.
      
      Cc: stable@vger.kernel.org (any kernel)
      Signed-off-by: NNeilBrown <neilb@suse.de>
      0f62fb22
  8. 09 4月, 2014 2 次提交
    • N
      md: avoid oops on unload if some process is in poll or select. · e2f23b60
      NeilBrown 提交于
      If md-mod is unloaded while some process is in poll() or select(),
      then that process maintains a pointer to md_event_waiters, and when
      the try to unlink from that list, they will oops.
      
      The procfs infrastructure ensures that ->poll won't be called after
      remove_proc_entry, but doesn't provide a wait_queue_head for us to
      use, and the waitqueue code doesn't provide a way to remove all
      listeners from a waitqueue.
      
      So we need to:
       1/ make sure no further references to md_event_waiters are taken (by
          setting md_unloading)
       2/ wake up all processes currently waiting, and
       3/ wait until all those processes have disconnected from our
          wait_queue_head.
      Reported-by: N"majianpeng" <majianpeng@gmail.com>
      Signed-off-by: NNeilBrown <neilb@suse.de>
      e2f23b60
    • N
      md/bitmap: don't abuse i_writecount for bitmap files. · 035328c2
      NeilBrown 提交于
      md bitmap code currently tries to use i_writecount to stop any other
      process from writing to out bitmap file.  But that is really an abuse
      and has bit-rotted so locking is all wrong.
      
      So discard that - root should be allowed to shoot self in foot.
      
      Still use it in a much less intrusive way to stop the same file being
      used as bitmap on two different array, and apply other checks to
      ensure the file is at least vaguely usable for bitmap storage
      (is regular, is open for write.  Support for ->bmap is already checked
      elsewhere).
      Reported-by: NAl Viro <viro@ZenIV.linux.org.uk>
      Signed-off-by: NNeilBrown <neilb@suse.de>
      035328c2
  9. 16 1月, 2014 1 次提交
    • N
      md: check command validity early in md_ioctl(). · cb335f88
      Nicolas Schichan 提交于
      Verify that the cmd parameter passed to md_ioctl() is valid before
      doing anything.
      
      This fixes mddev->hold_active being set to 0 when an invalid ioctl
      command is passed to md_ioctl() before the array has been configured.
      
      Clearing mddev->hold_active in that case can lead to a livelock
      situation when an invalid ioctl number is given to md_ioctl() by a
      process when the mddev is currently being opened by another process:
      
      Process 1				Process 2
      ---------				---------
      
      md_alloc()
        mddev_find()
        -> returns a new mddev with
           hold_active == UNTIL_IOCTL
        add_disk()
        -> sends KOBJ_ADD uevent
      
      					(sees KOBJ_ADD uevent for device)
                          			md_open()
                          			md_ioctl(INVALID_IOCTL)
                          			-> returns ENODEV and clears
                             			   mddev->hold_active
                          			md_release()
                            			md_put()
                            			-> deletes the mddev as
                               		   hold_active is 0
      
      md_open()
        mddev_find()
        -> returns a newly
          allocated mddev with
          mddev->gendisk == NULL
      -> returns with ERESTARTSYS
         (kernel restarts the open syscall)
      Signed-off-by: NNicolas Schichan <nschichan@freebox.fr>
      Signed-off-by: NNeilBrown <neilb@suse.de>
      cb335f88
  10. 14 1月, 2014 4 次提交
    • N
      md: ensure metadata is writen after raid level change. · 830778a1
      NeilBrown 提交于
      level_store() currently does not make sure the metadata is
      updates to reflect the new raid level.  It simply sets MD_CHANGE_DEVS.
      
      Any level with a ->thread will quickly notice this and update the
      metadata.  However RAID0 and Linear do not have a thread so no
      metadata update happens until the array is stopped.  At that point the
      metadata is written.
      
      This is later that we would like.  While the delay doesn't risk any
      data it can cause confusion.  So if there is no md thread, immediately
      update the metadata after a level change.
      Reported-by: NRichard Michael <rmichael@edgeofthenet.org>
      Signed-off-by: NNeilBrown <neilb@suse.de>
      830778a1
    • N
      md: allow a partially recovered device to be hot-added to an array. · 7eb41885
      NeilBrown 提交于
      When adding a new device into an array it is normally important to
      clear any stale data from ->recovery_offset else the new device may
      not be recovered properly.
      
      However when re-adding a device which is known to be nearly in-sync,
      this is not needed and can be detrimental.  The (bitmap-based)
      resync will still happen, and further recovery is only needed from
      where-ever it was already up to.
      
      So if save_raid_disk is set, signifying a re-add, don't clear
      ->recovery_offset.
      Signed-off-by: NNeilBrown <neilb@suse.de>
      7eb41885
    • N
      md: Change handling of save_raid_disk and metadata update during recovery. · f466722c
      NeilBrown 提交于
      Since commit d70ed2e4
         MD: Allow restarting an interrupted incremental recovery.
      
      we don't write out the metadata to devices while they are recovering.
      This had a good reason, but has unfortunate consequences.  This patch
      changes things to make them work better.
      
      At issue is what happens if the array is shut down while a recovery is
      happening, particularly a bitmap-guided recovery.
      Ideally the recovery should pick up where it left off.
      However the metadata cannot represent the state "A recovery is in
      process which is guided by the bitmap".
      
      Before the above mentioned commit, we wrote metadata to the device
      which said "this is being recovered and it is up to <here>".  So after
      a restart, a full recovery (not bitmap-guided) would happen from
      where-ever it was up to.
      
      After the commit the metadata wasn't updated so it still said "This
      device is fully in sync with <this> event count".  That leads to a
      bitmap-based recovery following the whole bitmap, which should be a
      lot less work than a full recovery from some starting point.  So this
      was an improvement.
      
      However updates some metadata but not all leads to other problems.
      In particular, the metadata written to the fully-up-to-date device
      record that the array has all devices present (even though some are
      recovering).  So on restart, mdadm wants to find all devices and
      expects them to have current event counts.
      Obviously it doesn't (some have old event counts) so (when assembling
      with --incremental) it waits indefinitely for the rest of the expected
      devices.
      
      It really is wrong to not update all the metadata together.  Do that
      is bound to cause confusion.
      Instead, we should make it possible to record the truth in the
      metadata.  i.e. we need to be able to record that a device is being
      recovered based on the bitmap.
      We already have a Feature flag to say that recovery is happening.  We
      now add another one to say that it is a bitmap-based recovery.
      
      With this we can remove the code that disables the write-out of
      metadata on some devices.
      
      So this patch:
       - moves the setting of 'saved_raid_disk' from add_new_disk to
         the validate_super methods.  This makes sure it is always set
         properly, both when adding a new device to an array, and when
         assembling an array from a collection of devices.
       - Adds a metadata flag MD_FEATURE_RECOVERY_BITMAP which is only
         used if MD_FEATURE_RECOVERY_OFFSET is set, and record that a
         bitmap-based recovery is allowed.
         This is only present in v1.x metadata. v0.90 doesn't support
         devices which are in the middle of recovery at all.
       - Only skips writing metadata to Faulty devices.
      
       - Also allows rdev state to be set to "-insync" via sysfs.
         This can be used for external-metadata arrays.  When the
         'role' is set the device is assumed to be in-sync.  If, after
         setting the role, we set the state to "-insync", the role is
         moved to saved_raid_disk which effectively says the device is
         partly in-sync with that slot and needs a bitmap recovery.
      
      Cc: Andrei Warkentin <andreiw@vmware.com>
      Signed-off-by: NNeilBrown <neilb@suse.de>
      f466722c
    • N
      md: fix problem when adding device to read-only array with bitmap. · 8313b8e5
      NeilBrown 提交于
      If an array is started degraded, and then the missing device
      is found it can be re-added and a minimal bitmap-based recovery
      will bring it fully up-to-date.
      
      If the array is read-only a recovery would not be allowed.
      But also if the array is read-only and the missing device was
      present very recently, then there could be no need for any
      recovery at all, so we simply include the device in the read-only
      array without any recovery.
      
      However... if the missing device was removed a little longer ago
      it could be missing some updates, but if a bitmap is present it will
      be conditionally accepted pending a bitmap-based update.  We don't
      currently detect this case properly and will include that old
      device into the read-only array with no recovery even though it really
      needs a recovery.
      
      This patch keeps track of whether a bitmap-based-recovery is really
      needed or not in the new Bitmap_sync rdev flag.  If that is set,
      then the device will not be added to a read-only array.
      
      Cc: Andrei Warkentin <andreiw@vmware.com>
      Fixes: d70ed2e4
      Cc: stable@vger.kernel.org (3.2+)
      Signed-off-by: NNeilBrown <neilb@suse.de>
      8313b8e5
  11. 28 11月, 2013 1 次提交
  12. 25 11月, 2013 1 次提交
  13. 24 11月, 2013 2 次提交
    • K
      block: Abstract out bvec iterator · 4f024f37
      Kent Overstreet 提交于
      Immutable biovecs are going to require an explicit iterator. To
      implement immutable bvecs, a later patch is going to add a bi_bvec_done
      member to this struct; for now, this patch effectively just renames
      things.
      Signed-off-by: NKent Overstreet <kmo@daterainc.com>
      Cc: Jens Axboe <axboe@kernel.dk>
      Cc: Geert Uytterhoeven <geert@linux-m68k.org>
      Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
      Cc: Paul Mackerras <paulus@samba.org>
      Cc: "Ed L. Cashin" <ecashin@coraid.com>
      Cc: Nick Piggin <npiggin@kernel.dk>
      Cc: Lars Ellenberg <drbd-dev@lists.linbit.com>
      Cc: Jiri Kosina <jkosina@suse.cz>
      Cc: Matthew Wilcox <willy@linux.intel.com>
      Cc: Geoff Levand <geoff@infradead.org>
      Cc: Yehuda Sadeh <yehuda@inktank.com>
      Cc: Sage Weil <sage@inktank.com>
      Cc: Alex Elder <elder@inktank.com>
      Cc: ceph-devel@vger.kernel.org
      Cc: Joshua Morris <josh.h.morris@us.ibm.com>
      Cc: Philip Kelleher <pjk1939@linux.vnet.ibm.com>
      Cc: Rusty Russell <rusty@rustcorp.com.au>
      Cc: "Michael S. Tsirkin" <mst@redhat.com>
      Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
      Cc: Jeremy Fitzhardinge <jeremy@goop.org>
      Cc: Neil Brown <neilb@suse.de>
      Cc: Alasdair Kergon <agk@redhat.com>
      Cc: Mike Snitzer <snitzer@redhat.com>
      Cc: dm-devel@redhat.com
      Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
      Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
      Cc: linux390@de.ibm.com
      Cc: Boaz Harrosh <bharrosh@panasas.com>
      Cc: Benny Halevy <bhalevy@tonian.com>
      Cc: "James E.J. Bottomley" <JBottomley@parallels.com>
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Cc: "Nicholas A. Bellinger" <nab@linux-iscsi.org>
      Cc: Alexander Viro <viro@zeniv.linux.org.uk>
      Cc: Chris Mason <chris.mason@fusionio.com>
      Cc: "Theodore Ts'o" <tytso@mit.edu>
      Cc: Andreas Dilger <adilger.kernel@dilger.ca>
      Cc: Jaegeuk Kim <jaegeuk.kim@samsung.com>
      Cc: Steven Whitehouse <swhiteho@redhat.com>
      Cc: Dave Kleikamp <shaggy@kernel.org>
      Cc: Joern Engel <joern@logfs.org>
      Cc: Prasad Joshi <prasadjoshi.linux@gmail.com>
      Cc: Trond Myklebust <Trond.Myklebust@netapp.com>
      Cc: KONISHI Ryusuke <konishi.ryusuke@lab.ntt.co.jp>
      Cc: Mark Fasheh <mfasheh@suse.com>
      Cc: Joel Becker <jlbec@evilplan.org>
      Cc: Ben Myers <bpm@sgi.com>
      Cc: xfs@oss.sgi.com
      Cc: Steven Rostedt <rostedt@goodmis.org>
      Cc: Frederic Weisbecker <fweisbec@gmail.com>
      Cc: Ingo Molnar <mingo@redhat.com>
      Cc: Len Brown <len.brown@intel.com>
      Cc: Pavel Machek <pavel@ucw.cz>
      Cc: "Rafael J. Wysocki" <rjw@sisk.pl>
      Cc: Herton Ronaldo Krzesinski <herton.krzesinski@canonical.com>
      Cc: Ben Hutchings <ben@decadent.org.uk>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Guo Chao <yan@linux.vnet.ibm.com>
      Cc: Tejun Heo <tj@kernel.org>
      Cc: Asai Thambi S P <asamymuthupa@micron.com>
      Cc: Selvan Mani <smani@micron.com>
      Cc: Sam Bradshaw <sbradshaw@micron.com>
      Cc: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
      Cc: "Roger Pau Monné" <roger.pau@citrix.com>
      Cc: Jan Beulich <jbeulich@suse.com>
      Cc: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
      Cc: Ian Campbell <Ian.Campbell@citrix.com>
      Cc: Sebastian Ott <sebott@linux.vnet.ibm.com>
      Cc: Christian Borntraeger <borntraeger@de.ibm.com>
      Cc: Minchan Kim <minchan@kernel.org>
      Cc: Jiang Liu <jiang.liu@huawei.com>
      Cc: Nitin Gupta <ngupta@vflare.org>
      Cc: Jerome Marchand <jmarchand@redhat.com>
      Cc: Joe Perches <joe@perches.com>
      Cc: Peng Tao <tao.peng@emc.com>
      Cc: Andy Adamson <andros@netapp.com>
      Cc: fanchaoting <fanchaoting@cn.fujitsu.com>
      Cc: Jie Liu <jeff.liu@oracle.com>
      Cc: Sunil Mushran <sunil.mushran@gmail.com>
      Cc: "Martin K. Petersen" <martin.petersen@oracle.com>
      Cc: Namjae Jeon <namjae.jeon@samsung.com>
      Cc: Pankaj Kumar <pankaj.km@samsung.com>
      Cc: Dan Magenheimer <dan.magenheimer@oracle.com>
      Cc: Mel Gorman <mgorman@suse.de>6
      4f024f37
    • K
      block: submit_bio_wait() conversions · 33879d45
      Kent Overstreet 提交于
      It was being open coded in a few places.
      Signed-off-by: NKent Overstreet <kmo@daterainc.com>
      Cc: Jens Axboe <axboe@kernel.dk>
      Cc: Joern Engel <joern@logfs.org>
      Cc: Prasad Joshi <prasadjoshi.linux@gmail.com>
      Cc: Neil Brown <neilb@suse.de>
      Cc: Chris Mason <chris.mason@fusionio.com>
      Acked-by: NNeilBrown <neilb@suse.de>
      33879d45
  14. 19 11月, 2013 4 次提交
    • J
      md: Convert use of typedef ctl_table to struct ctl_table · 82592c38
      Joe Perches 提交于
      This typedef is unnecessary and should just be removed.
      Signed-off-by: NJoe Perches <joe@perches.com>
      Signed-off-by: NNeilBrown <neilb@suse.de>
      82592c38
    • N
      md/raid5: avoid deadlock when raid5 array has unack badblocks during md_stop_writes. · 30b8feb7
      NeilBrown 提交于
      When raid5 recovery hits a fresh badblock, this badblock will flagged as unack
      badblock until md_update_sb() is called.
      But md_stop will take reconfig lock which means raid5d can't call
      md_update_sb() in md_check_recovery(), the badblock will always
      be unack, so raid5d thread enters an infinite loop and md_stop_write()
      can never stop sync_thread. This causes deadlock.
      
      To solve this, when STOP_ARRAY ioctl is issued and sync_thread is
      running, we need set md->recovery FROZEN and INTR flags and wait for
      sync_thread to stop before we (re)take reconfig lock.
      
      This requires that raid5 reshape_request notices MD_RECOVERY_INTR
      (which it probably should have noticed anyway) and stops waiting for a
      metadata update in that case.
      Reported-by: NJianpeng Ma <majianpeng@gmail.com>
      Reported-by: NBian Yu <bianyu@kedacom.com>
      Signed-off-by: NNeilBrown <neilb@suse.de>
      30b8feb7
    • N
      md: use MD_RECOVERY_INTR instead of kthread_should_stop in resync thread. · c91abf5a
      NeilBrown 提交于
      We currently use kthread_should_stop() in various places in the
      sync/reshape code to abort early.
      However some places set MD_RECOVERY_INTR but don't immediately call
      md_reap_sync_thread() (and we will shortly get another one).
      When this happens we are relying on md_check_recovery() to reap the
      thread and that only happen when it finishes normally.
      So MD_RECOVERY_INTR must lead to a normal finish without the
      kthread_should_stop() test.
      
      So replace all relevant tests, and be more careful when the thread is
      interrupted not to acknowledge that latest step in a reshape as it may
      not be fully committed yet.
      
      Also add a test on MD_RECOVERY_INTR in the 'is_mddev_idle' loop
      so we don't wait have to wait for the speed to drop before we can abort.
      Signed-off-by: NNeilBrown <neilb@suse.de>
      c91abf5a
    • N
      md: fix some places where mddev_lock return value is not checked. · 29f097c4
      NeilBrown 提交于
      Sometimes we need to lock and mddev and cannot cope with
      failure due to interrupt.
      In these cases we should use mutex_lock, not mutex_lock_interruptible.
      Signed-off-by: NNeilBrown <neilb@suse.de>
      29f097c4
  15. 14 11月, 2013 1 次提交
    • N
      md: fix calculation of stacking limits on level change. · 02e5f5c0
      NeilBrown 提交于
      The various ->run routines of md personalities assume that the 'queue'
      has been initialised by the blk_set_stacking_limits() call in
      md_alloc().
      
      However when the level is changed (by level_store()) the ->run routine
      for the new level is called for an array which has already had the
      stacking limits modified.  This can result in incorrect final
      settings.
      
      So call blk_set_stacking_limits() before ->run in level_store().
      
      A specific consequence of this bug is that it causes
      discard_granularity to be set incorrectly when reshaping a RAID4 to a
      RAID0.
      
      This is suitable for any -stable kernel since 3.3 in which
      blk_set_stacking_limits() was introduced.
      
      Cc: stable@vger.kernel.org (3.3+)
      Reported-and-tested-by: N"Baldysiak, Pawel" <pawel.baldysiak@intel.com>
      Signed-off-by: NNeilBrown <neilb@suse.de>
      02e5f5c0
  16. 09 11月, 2013 1 次提交