The secondary map is used to reflect the migration state of the array
i.e. from dev->vol.map[1] to dev->vol.map[0]. Ensure a rebuilding /
initializing array is marked in the second map, while normal status is
reflected in the first map. Also mark rebuilding drives with
IMSM_ORD_REBUILD.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
* fix breakage from last merge (infinite loop in imsm_process_update())
* add ability to delete by index
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
IMSM_ORD_REBUILD is the 'insync' flag in MD terms. USABLE is a flag to
opt-in disks for use with the Windows driver.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Save some unnecessary calls to get_imsm_map() by teaching
get_imsm_disk_idx() to retrieve the map.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
This allows spares to be associated with any family while not allowing
disks from different families to be assembled.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
We used to leave SPARE_DISK unset to indicate it was available to be
assimilated into other arrays. Now we explicitly check the size.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
* Truncate the first character of the serial number
* Set 'scsi_id' to all f's
* Expect to find disk entries with unmatchable serial numbers, i.e.
expect get_imsm_disk() to return NULL in some situations
* Allow discrepencies between mpb->num_disks and len(super->disks)
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Ensure that the mpb buffer is large enough to hold the extra imsm_map's
of migrating arrays and dynamically created raid devices.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Since we introduced O_DIRECT for device access we need
properly aligned buffers and IO requests. The reshape code
missed out on the conversion.
Signed-off-by: NeilBrown <neilb@suse.de>
If the metadata_version is
-mdXXX/whatever
rather than
/mdXXX/whatever
then the array is readonly and should be left alone by mdmon.
Signed-off-by: NeilBrown <neilb@suse.de>
We are about to change the syntax of the version string
for 'subarray's. So factor out the test into a single function.
Signed-off-by: NeilBrown <neilb@suse.de>
For example, this allows one to still say mdadm -A /dev/sd[b-e] even
though /dev/sde has replaced /dev/sdd. Otherwise mdadm will say:
mdadm: superblock on /dev/sdd doesn't match others - assembly aborted
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Adding a device updates the container and then mdmon takes action upon
noticing a change in devices. This reuses the container version of
add_to_super to create a new record for the device.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: NeilBrown <neilb@suse.de>
Once the monitor thread has kicked a drive from all managed arrays mdadm
-r is permitted. We are guaranteed that the drive is marked failed at
this point, so allow the drive to be re-added as a spare.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
When we have determined that a disk is no longer of any value, remove
it from the data structure. This is now safe because the manager
will back off while any metadata update is pending in the monitor.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: NeilBrown <neilb@suse.de>
A metadata update may modify the data structure of the metadata
including freeing things, so it is not safe of the manager to touch
the metadata while an update is pending in the monitor.
So When an update has been submitted, don't do anything else in the
manager until it is complete.
Signed-off-by: NeilBrown <neilb@suse.de>
When we first start an array, it might be good to start recovery
straight away. That requires setting the array to 'dirty', but
only the metadata handler can know if that is required or not.
So have a third possible 'consistent' option to set_array_state.
Either 'no' or 'yes' or 'you choose'.
Return value indicates what was chosen.
'1' (no) should be chosen unless there is a good reason.
Signed-off-by: NeilBrown <neilb@suse.de>
Transition readauto arrays to active before failing drives.
Hmm... why do we keep reblocking / renotifying in the readonly case?
Need to bottom out on this, but not right now.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
1/ Do not assemble !in_sync or failed devices in container_content.
2/ Prevent activation of failed or configured devices in activate_spare.
3/ Be sure to avoid dirty degraded if the array was shutdown cleanly.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
imsm_dev dynamically grows, so dev_idx needs to be moved up in the
definition to avoid getting clobbered.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
With dev->vol.map and mpb->disk entries entering and leaving the parameter
block write_super_imsm needs to update the size before writeback.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Disks that are not in-sync or failed are not assembled into member
arrays by mdadm. Teach mdmon to resolve this situation by checking for
spares at start. imsm_activate_spare() is updated to prefer devices
that can be re-added versus new spares.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
The option-rom and the Matrix driver mark resyncs/rebuilds with the
migrate state bits. Update sizeof_imsm_dev to allow allocation of
imsm_dev entries large enough to grow if migr_state is later set.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
This poses a small problem for the case of handling multiple raid1 arrays
across separate disk pairs i.e. 2 mirrors on 4 disks. The option-ROM will
configure this as two containers. We may need the capability for one
container to ask for an unused spare in another container. For now spares
will just maintain the affinity established at assemble time.
To support this configuration spare devices must be allowed to be assembled
into the container even though the metadata indicates the disk belongs to a
different family.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
removes the need to lookup the disk by index in a few cases and is a
preparation step for tracking spares outside the current anchor.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Repair sets MD_RECOVERY_REQUESTED in md which may not result in the
spare device being recovered.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
This is the initial defensive implementation of bad block management
support. It simply precludes assembly if there are entries in the bad
block logs. This is sufficient for now as the conditions that lead to
an entry in the bad block log would cause the array to be failed by MD
(as of 2.6.27).
[dan.j.williams@intel.com: general cleanups]
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
While mdadm is constructing an array mdmon may see an intermediate state
(some disks not yet added / redundancy attributes like sync_action not
available). Waiting for mdstat->active == true ensures that the array
is ready to be handled. This fixes a bug in create array via mdmon
update whereby failures are not detected in the new array.
Introduce aa_ready() to catch cases where the active_array is not
correctly initialized. Barring a kernel bug this should never trigger,
nonetheless it precludes a class of bugs like the one mentioned above
from triggering.
Cleanup the exit paths and only call replace_array when the new array is
ready to be inserted into container->arrays.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Maintaining a single global buffer is unwieldly when extending/rewriting
sections of the metadata. Parse the metadata into component data
structures upon reading and coalesce to a coherent buffer before
writing.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>