/* GFP_TRY, because we must not cause arbitrary write-out: in a DRBD * "criss-cross" setup, that might cause write-out on some other DRBD,
* which in turn might block on the other node at this very place. */ for (i = 0; i < number; i++) {
tmp = mempool_alloc(&drbd_buffer_page_pool, GFP_TRY); if (!tmp) goto fail;
set_page_private(tmp, (unsignedlong)page);
page = tmp;
} return page;
fail:
page_chain_for_each_safe(page, tmp) {
set_page_private(page, 0);
mempool_free(page, &drbd_buffer_page_pool);
} return NULL;
}
/** * drbd_alloc_pages() - Returns @number pages, retries forever (or until signalled) * @peer_device: DRBD device. * @number: number of pages requested * @retry: whether to retry, if not enough pages are available right now * * Tries to allocate number pages, first from our own page pool, then from * the kernel. * Possibly retry until DRBD frees sufficient pages somewhere else. * * If this allocation would exceed the max_buffers setting, we throttle * allocation (schedule_timeout) to give the system some room to breathe. * * We do not use max-buffers as hard limit, because it could lead to * congestion and further to a distributed deadlock during online-verify or * (checksum based) resync, if the max-buffers, socket buffer sizes and * resync-rate settings are mis-configured. * * Returns a page chain linked via page->private.
*/ struct page *drbd_alloc_pages(struct drbd_peer_device *peer_device, unsignedint number, bool retry)
{ struct drbd_device *device = peer_device->device; struct page *page; struct net_conf *nc; unsignedint mxb;
if (atomic_read(&device->pp_in_use) >= mxb)
schedule_timeout_interruptible(HZ / 10);
page = __drbd_alloc_pages(number);
if (page)
atomic_add(number, &device->pp_in_use); return page;
}
/* Must not be used from irq, as that may deadlock: see drbd_alloc_pages. * Is also used from inside an other spin_lock_irq(&resource->req_lock); * Either links the page chain back to the global pool,
* or returns all pages to the system. */ staticvoid drbd_free_pages(struct drbd_device *device, struct page *page)
{ struct page *tmp; int i = 0;
if (page == NULL) return;
page_chain_for_each_safe(page, tmp) {
set_page_private(page, 0); if (page_count(page) == 1)
mempool_free(page, &drbd_buffer_page_pool); else
put_page(page);
i++;
}
i = atomic_sub_return(i, &device->pp_in_use); if (i < 0)
drbd_warn(device, "ASSERTION FAILED: pp_in_use: %d < 0\n", i);
}
/* You need to hold the req_lock: _drbd_wait_ee_list_empty()
You must not have the req_lock: drbd_free_peer_req() drbd_alloc_peer_req() drbd_free_peer_reqs() drbd_ee_fix_bhs() drbd_finish_peer_reqs() drbd_clear_done_ee() drbd_wait_ee_list_empty()
*/
if (nr_pages) {
page = drbd_alloc_pages(peer_device, nr_pages,
gfpflags_allow_blocking(gfp_mask)); if (!page) goto fail; if (!mempool_is_saturated(&drbd_buffer_page_pool))
peer_req->flags |= EE_RELEASE_TO_MEMPOOL;
}
memset(peer_req, 0, sizeof(*peer_req));
INIT_LIST_HEAD(&peer_req->w.list);
drbd_clear_interval(&peer_req->i);
peer_req->i.size = request_size;
peer_req->i.sector = sector;
peer_req->submit_jif = jiffies;
peer_req->peer_device = peer_device;
peer_req->pages = page; /* * The block_id is opaque to the receiver. It is not endianness * converted, and sent back to the sender unchanged.
*/
peer_req->block_id = id;
/* * See also comments in _req_mod(,BARRIER_ACKED) and receive_Barrier.
*/ staticint drbd_finish_peer_reqs(struct drbd_device *device)
{
LIST_HEAD(work_list); struct drbd_peer_request *peer_req, *t; int err = 0;
/* possible callbacks here: * e_end_block, and e_end_resync_block, e_send_superseded. * all ignore the last argument.
*/
list_for_each_entry_safe(peer_req, t, &work_list, w.list) { int err2;
/* list_del not necessary, next/prev members not touched */
err2 = peer_req->w.cb(&peer_req->w, !!err); if (!err)
err = err2;
drbd_free_peer_req(device, peer_req);
}
wake_up(&device->ee_wait);
/* avoids spin_lock/unlock
* and calling prepare_to_wait in the fast path */ while (!list_empty(head)) {
prepare_to_wait(&device->ee_wait, &wait, TASK_UNINTERRUPTIBLE);
spin_unlock_irq(&device->resource->req_lock);
io_schedule();
finish_wait(&device->ee_wait, &wait);
spin_lock_irq(&device->resource->req_lock);
}
}
/* quoting tcp(7): * On individual connections, the socket buffer size must be set prior to the * listen(2) or connect(2) calls in order to have it take effect. * This is our wrapper to do so.
*/ staticvoid drbd_setbufsize(struct socket *sock, unsignedint snd, unsignedint rcv)
{ /* open coded SO_SNDBUF, SO_RCVBUF */ if (snd) {
sock->sk->sk_sndbuf = snd;
sock->sk->sk_userlocks |= SOCK_SNDBUF_LOCK;
} if (rcv) {
sock->sk->sk_rcvbuf = rcv;
sock->sk->sk_userlocks |= SOCK_RCVBUF_LOCK;
}
}
/* explicitly bind to the configured IP as source IP * for the outgoing connections. * This is needed for multihomed hosts and to be * able to use lo: interfaces for drbd. * Make sure to use 0 as port number, so linux selects * a free one dynamically.
*/
what = "bind before connect";
err = sock->ops->bind(sock, (struct sockaddr *) &src_in6, my_addr_len); if (err < 0) goto out;
/* connect may fail, peer not yet available.
* stay C_WF_CONNECTION, don't go Disconnecting! */
disconnect_on_error = 0;
what = "connect";
err = sock->ops->connect(sock, (struct sockaddr *) &peer_in6, peer_addr_len, 0);
out: if (err < 0) { if (sock) {
sock_release(sock);
sock = NULL;
} switch (-err) { /* timeout, busy, signal pending */ case ETIMEDOUT: case EAGAIN: case EINPROGRESS: case EINTR: case ERESTARTSYS: /* peer not (yet) available, network problem */ case ECONNREFUSED: case ENETUNREACH: case EHOSTDOWN: case EHOSTUNREACH:
disconnect_on_error = 0; break; default:
drbd_err(connection, "%s failed, err = %d\n", what, err);
} if (disconnect_on_error)
conn_request_state(connection, NS(conn, C_DISCONNECTING), CS_HARD);
}
/** * drbd_socket_okay() - Free the socket if its connection is not okay * @sock: pointer to the pointer to the socket.
*/ staticbool drbd_socket_okay(struct socket **sock)
{ int rr; char tb[4];
ok = drbd_socket_okay(sock1);
ok = drbd_socket_okay(sock2) && ok;
return ok;
}
/* Gets called if a connection is established, or if a new minor gets created
in a connection */ int drbd_connected(struct drbd_peer_device *peer_device)
{ struct drbd_device *device = peer_device->device; int err;
err = drbd_send_sync_param(peer_device); if (!err)
err = drbd_send_sizes(peer_device, 0, 0); if (!err)
err = drbd_send_uuids(peer_device); if (!err)
err = drbd_send_current_state(peer_device);
clear_bit(USE_DEGR_WFC_T, &device->flags);
clear_bit(RESIZE_PENDING, &device->flags);
atomic_set(&device->ap_in_flight, 0);
mod_timer(&device->request_timer, jiffies + HZ); /* just start it here. */ return err;
}
/* * return values: * 1 yes, we have a valid connection * 0 oops, did not work out, please try again * -1 peer talks different language, * no point in trying again, please go standalone. * -2 We do not have a network config...
*/ staticint conn_connect(struct drbd_connection *connection)
{ struct drbd_socket sock, msock; struct drbd_peer_device *peer_device; struct net_conf *nc; int vnr, timeout, h; bool discard_my_data, ok; enum drbd_state_rv rv; struct accept_wait_data ad = {
.connection = connection,
.door_bell = COMPLETION_INITIALIZER_ONSTACK(ad.door_bell),
};
/* NOT YET ... * sock.socket->sk->sk_sndtimeo = connection->net_conf->timeout*HZ/10; * sock.socket->sk->sk_rcvtimeo = MAX_SCHEDULE_TIMEOUT; * first set it to the P_CONNECTION_FEATURES timeout,
* which we set to 4x the configured ping_timeout. */
rcu_read_lock();
nc = rcu_dereference(connection->net_conf);
if (drbd_send_protocol(connection) == -EOPNOTSUPP) return -1;
/* Prevent a race between resync-handshake and * being promoted to Primary. * * Grab and release the state mutex, so we know that any current * drbd_set_role() is finished, and any incoming drbd_set_role * will see the STATE_SENT flag, and wait for it to be cleared.
*/
idr_for_each_entry(&connection->peer_devices, peer_device, vnr)
mutex_lock(peer_device->device->state_mutex);
/* avoid a race with conn_request_state( C_DISCONNECTING ) */
spin_lock_irq(&connection->resource->req_lock);
set_bit(STATE_SENT, &connection->flags);
spin_unlock_irq(&connection->resource->req_lock);
drbd_thread_start(&connection->ack_receiver); /* opencoded create_singlethread_workqueue(),
* to be able to use format string arguments */
connection->ack_sender =
alloc_ordered_workqueue("drbd_as_%s", WQ_MEM_RECLAIM, connection->resource->name); if (!connection->ack_sender) {
drbd_err(connection, "Failed to create workqueue ack_sender\n"); return 0;
}
mutex_lock(&connection->resource->conf_update); /* The discard_my_data flag is a single-shot modifier to the next * connection attempt, the handshake of which is now well underway. * No need for rcu style copying of the whole struct
* just to clear a single value. */
connection->net_conf->discard_my_data = 0;
mutex_unlock(&connection->resource->conf_update);
return h;
out_release_sockets: if (ad.s_listen)
sock_release(ad.s_listen); if (sock.socket)
sock_release(sock.socket); if (msock.socket)
sock_release(msock.socket); return -1;
}
err = drbd_recv_short(connection->data.socket, buffer, size, MSG_NOSIGNAL|MSG_DONTWAIT); if (err != size) { /* If we have nothing in the receive buffer now, to reduce * application latency, try to drain the backend queues as * quickly as possible, and let remote TCP know what we have
* received so far. */ if (err == -EAGAIN) {
tcp_sock_set_quickack(connection->data.socket->sk, 2);
drbd_unplug_all_devices(connection);
} if (err > 0) {
buffer += err;
size -= err;
}
err = drbd_recv_all_warn(connection, buffer, size); if (err) return err;
}
return err;
} /* This is blkdev_issue_flush, but asynchronous. * We want to submit to all component volumes in parallel, * then wait for all completions.
*/ struct issue_flush_context {
atomic_t pending; int error; struct completion done;
}; struct one_flush_context { struct drbd_device *device; struct issue_flush_context *ctx;
};
if (bio->bi_status) {
ctx->error = blk_status_to_errno(bio->bi_status);
drbd_info(device, "local disk FLUSH FAILED with status %d\n", bio->bi_status);
}
kfree(octx);
bio_put(bio);
if (!octx) {
drbd_warn(device, "Could not allocate a octx, CANNOT ISSUE FLUSH\n"); /* FIXME: what else can I do now? disconnecting or detaching * really does not help to improve the state of the world, either.
*/
bio_put(bio);
if (!get_ldev(device)) continue;
kref_get(&device->kref);
rcu_read_unlock();
submit_one_flush(device, &ctx);
rcu_read_lock();
}
rcu_read_unlock();
/* Do we want to add a timeout,
* if disk-timeout is set? */ if (!atomic_dec_and_test(&ctx.pending))
wait_for_completion(&ctx.done);
if (ctx.error) { /* would rather check on EOPNOTSUPP, but that is not reliable. * don't try again for ANY return value != 0
* if (rv == -EOPNOTSUPP) */ /* Any error is already reported by bio_endio callback. */
drbd_bump_write_ordering(connection->resource, NULL, WO_DRAIN_IO);
}
}
}
/** * drbd_may_finish_epoch() - Applies an epoch_event to the epoch's state, eventually finishes it. * @connection: DRBD connection. * @epoch: Epoch object. * @ev: Epoch event.
*/ staticenum finish_epoch drbd_may_finish_epoch(struct drbd_connection *connection, struct drbd_epoch *epoch, enum epoch_event ev)
{ int epoch_size; struct drbd_epoch *next_epoch; enum finish_epoch rv = FE_STILL_LIVE;
spin_lock(&connection->epoch_lock); do {
next_epoch = NULL;
epoch_size = atomic_read(&epoch->epoch_size);
switch (ev & ~EV_CLEANUP) { case EV_PUT:
atomic_dec(&epoch->active); break; case EV_GOT_BARRIER_NR:
set_bit(DE_HAVE_BARRIER_NUMBER, &epoch->flags); break; case EV_BECAME_LAST: /* nothing to do*/ break;
}
if (epoch_size != 0 &&
atomic_read(&epoch->active) == 0 &&
(test_bit(DE_HAVE_BARRIER_NUMBER, &epoch->flags) || ev & EV_CLEANUP)) { if (!(ev & EV_CLEANUP)) {
spin_unlock(&connection->epoch_lock);
drbd_send_b_ack(epoch->connection, epoch->barrier_nr, epoch_size);
spin_lock(&connection->epoch_lock);
} #if 0 /* FIXME: dec unacked on connection, once we have
* something to count pending connection packets in. */ if (test_bit(DE_HAVE_BARRIER_NUMBER, &epoch->flags))
dec_unacked(epoch->connection); #endif
if (wo == WO_BDEV_FLUSH && !dc->disk_flushes)
wo = WO_DRAIN_IO; if (wo == WO_DRAIN_IO && !dc->disk_drain)
wo = WO_NONE;
return wo;
}
/* * drbd_bump_write_ordering() - Fall back to an other write ordering method * @wo: Write ordering method to try.
*/ void drbd_bump_write_ordering(struct drbd_resource *resource, struct drbd_backing_dev *bdev, enum write_ordering_e wo)
{ struct drbd_device *device; enum write_ordering_e pwo; int vnr; staticchar *write_ordering_str[] = {
[WO_NONE] = "none",
[WO_DRAIN_IO] = "drain",
[WO_BDEV_FLUSH] = "flush",
};
pwo = resource->write_ordering; if (wo != WO_BDEV_FLUSH)
wo = min(pwo, wo);
rcu_read_lock();
idr_for_each_entry(&resource->devices, device, vnr) { if (get_ldev(device)) {
wo = max_allowed_wo(device->ldev, wo); if (device->ldev == bdev)
bdev = NULL;
put_ldev(device);
}
}
if (bdev)
wo = max_allowed_wo(bdev, wo);
rcu_read_unlock();
resource->write_ordering = wo; if (pwo != resource->write_ordering || wo == WO_BDEV_FLUSH)
drbd_info(resource, "Method to ensure write ordering: %s\n", write_ordering_str[resource->write_ordering]);
}
/* * Mapping "discard" to ZEROOUT with UNMAP does not work for us: * Drivers have to "announce" q->limits.max_write_zeroes_sectors, or it * will directly go to fallback mode, submitting normal writes, and * never even try to UNMAP. * * And dm-thin does not do this (yet), mostly because in general it has * to assume that "skip_block_zeroing" is set. See also: * https://www.mail-archive.com/dm-devel%40redhat.com/msg07965.html * https://www.redhat.com/archives/dm-devel/2018-January/msg00271.html * * We *may* ignore the discard-zeroes-data setting, if so configured. * * Assumption is that this "discard_zeroes_data=0" is only because the backend * may ignore partial unaligned discards. * * LVM/DM thin as of at least * LVM version: 2.02.115(2)-RHEL7 (2015-01-28) * Library version: 1.02.93-RHEL7 (2015-01-28) * Driver version: 4.29.0 * still behaves this way. * * For unaligned (wrt. alignment and granularity) or too small discards, * we zero-out the initial (and/or) trailing unaligned partial chunks, * but discard all the aligned full chunks. * * At least for LVM/DM thin, with skip_block_zeroing=false, * the result is effectively "discard_zeroes_data=1".
*/ /* flags: EE_TRIM|EE_ZEROOUT */ int drbd_issue_discard_or_zero_out(struct drbd_device *device, sector_t start, unsignedint nr_sectors, int flags)
{ struct block_device *bdev = device->ldev->backing_bdev;
sector_t tmp, nr; unsignedint max_discard_sectors, granularity; int alignment; int err = 0;
if ((flags & EE_ZEROOUT) || !(flags & EE_TRIM)) goto zero_out;
/* Zero-sector (unknown) and one-sector granularities are the same. */
granularity = max(bdev_discard_granularity(bdev) >> 9, 1U);
alignment = (bdev_discard_alignment(bdev) >> 9) % granularity;
tmp = start; if (sector_div(tmp, granularity) != alignment) { if (nr_sectors < 2*granularity) goto zero_out; /* start + gran - (start + gran - align) % gran */
tmp = start + granularity - alignment;
tmp = start + granularity - sector_div(tmp, granularity);
nr = tmp - start; /* don't flag BLKDEV_ZERO_NOUNMAP, we don't know how many
* layers are below us, some may have smaller granularity */
err |= blkdev_issue_zeroout(bdev, start, nr, GFP_NOIO, 0);
nr_sectors -= nr;
start = tmp;
} while (nr_sectors >= max_discard_sectors) {
err |= blkdev_issue_discard(bdev, start, max_discard_sectors,
GFP_NOIO);
nr_sectors -= max_discard_sectors;
start += max_discard_sectors;
} if (nr_sectors) { /* max_discard_sectors is unsigned int (and a multiple of * granularity, we made sure of that above already); * nr is < max_discard_sectors;
* I don't need sector_div here, even though nr is sector_t */
nr = nr_sectors;
nr -= (unsignedint)nr % granularity; if (nr) {
err |= blkdev_issue_discard(bdev, start, nr, GFP_NOIO);
nr_sectors -= nr;
start += nr;
}
}
zero_out: if (nr_sectors) {
err |= blkdev_issue_zeroout(bdev, start, nr_sectors, GFP_NOIO,
(flags & EE_TRIM) ? 0 : BLKDEV_ZERO_NOUNMAP);
} return err != 0;
}
staticvoid drbd_issue_peer_discard_or_zero_out(struct drbd_device *device, struct drbd_peer_request *peer_req)
{ /* If the backend cannot discard, or does not guarantee * read-back zeroes in discarded ranges, we fall back to * zero-out. Unless configuration specifically requested
* otherwise. */ if (!can_do_reliable_discards(device))
peer_req->flags |= EE_ZEROOUT;
/** * drbd_submit_peer_request() * @peer_req: peer request * * May spread the pages to multiple bios, * depending on bio_add_page restrictions. * * Returns 0 if all bios have been submitted, * -ENOMEM if we could not allocate enough bios, * -ENOSPC (any better suggestion?) if we have not been able to bio_add_page a * single page to an empty bio (which should never happen and likely indicates * that the lower level IO stack is in some way broken). This has been observed * on certain Xen deployments.
*/ /* TODO allocate from our own bio_set. */ int drbd_submit_peer_request(struct drbd_peer_request *peer_req)
{ struct drbd_device *device = peer_req->peer_device->device; struct bio *bios = NULL; struct bio *bio; struct page *page = peer_req->pages;
sector_t sector = peer_req->i.sector; unsignedint data_size = peer_req->i.size; unsignedint n_bios = 0; unsignedint nr_pages = PFN_UP(data_size);
/* TRIM/DISCARD: for now, always use the helper function * blkdev_issue_zeroout(..., discard=true). * It's synchronous, but it does the right thing wrt. bio splitting. * Correctness first, performance later. Next step is to code an * asynchronous variant of the same.
*/ if (peer_req->flags & (EE_TRIM | EE_ZEROOUT)) { /* wait for all pending IO completions, before we start
* zeroing things out. */
conn_wait_active_ee_empty(peer_req->peer_device->connection); /* add it to the active list now,
* so we can find it to present it in debugfs */
peer_req->submit_jif = jiffies;
peer_req->flags |= EE_SUBMITTED;
/* If this was a resync request from receive_rs_deallocated(),
* it is already on the sync_ee list */ if (list_empty(&peer_req->w.list)) {
spin_lock_irq(&device->resource->req_lock);
list_add_tail(&peer_req->w.list, &device->active_ee);
spin_unlock_irq(&device->resource->req_lock);
}
/* In most cases, we will only need one bio. But in case the lower * level restrictions happen to be different at this offset on this * side than those of the sending peer, we may need to submit the * request in more than one bio. * * Plain bio_alloc is good enough here, this is no DRBD internally * generated bio, but a bio allocated on behalf of the peer.
*/
next_bio: /* _DISCARD, _WRITE_ZEROES handled above. * REQ_OP_FLUSH (empty flush) not expected, * should have been mapped to a "drbd protocol barrier". * REQ_OP_SECURE_ERASE: I don't see how we could ever support that.
*/ if (!(peer_req_op(peer_req) == REQ_OP_WRITE ||
peer_req_op(peer_req) == REQ_OP_READ)) {
drbd_err(device, "Invalid bio op received: 0x%x\n", peer_req->opf); return -EINVAL;
}
bio = bio_alloc(device->ldev->backing_bdev, nr_pages, peer_req->opf, GFP_NOIO); /* > peer_req->i.sector, unless this is the first bio */
bio->bi_iter.bi_sector = sector;
bio->bi_private = peer_req;
bio->bi_end_io = drbd_peer_request_endio;
/* FIXME these are unacked on connection, * not a specific (peer)device.
*/
connection->current_epoch->barrier_nr = p->barrier;
connection->current_epoch->connection = connection;
rv = drbd_may_finish_epoch(connection, connection->current_epoch, EV_GOT_BARRIER_NR);
/* P_BARRIER_ACK may imply that the corresponding extent is dropped from * the activity log, which means it would not be resynced in case the * R_PRIMARY crashes now. * Therefore we must send the barrier_ack after the barrier request was
* completed. */ switch (connection->resource->write_ordering) { case WO_NONE: if (rv == FE_RECYCLED) return 0;
/* receiver context, in the writeout path of the other node.
* avoid potential distributed deadlock */
epoch = kmalloc(sizeof(struct drbd_epoch), GFP_NOIO); if (epoch) break; else
drbd_warn(connection, "Allocation of an epoch failed, slowing down\n");
fallthrough;
case WO_BDEV_FLUSH: case WO_DRAIN_IO:
conn_wait_active_ee_empty(connection);
drbd_flush(connection);
if (atomic_read(&connection->current_epoch->epoch_size)) {
epoch = kmalloc(sizeof(struct drbd_epoch), GFP_NOIO); if (epoch) break;
}
/* used from receive_RSDataReply (recv_resync_read) * and from receive_Data. * data_size: actual payload ("data in") * for normal writes that is bi_size. * for discards, that is zero. * for write same, it is logical_block_size. * both trim and write same have the bi_size ("data len to be affected") * as extra argument in the packet header.
*/ staticstruct drbd_peer_request *
read_in_block(struct drbd_peer_device *peer_device, u64 id, sector_t sector, struct packet_info *pi) __must_hold(local)
{ struct drbd_device *device = peer_device->device; const sector_t capacity = get_capacity(device->vdisk); struct drbd_peer_request *peer_req; struct page *page; int digest_size, err; unsignedint data_size = pi->size, ds; void *dig_in = peer_device->connection->int_dig_in; void *dig_vv = peer_device->connection->int_dig_vv; unsignedlong *data; struct p_trim *trim = (pi->cmd == P_TRIM) ? pi->data : NULL; struct p_trim *zeroes = (pi->cmd == P_ZEROES) ? pi->data : NULL;
digest_size = 0; if (!trim && peer_device->connection->peer_integrity_tfm) {
digest_size = crypto_shash_digestsize(peer_device->connection->peer_integrity_tfm); /* * FIXME: Receive the incoming digest into the receive buffer * here, together with its struct p_data?
*/
err = drbd_recv_all_warn(peer_device->connection, dig_in, digest_size); if (err) return NULL;
data_size -= digest_size;
}
/* assume request_size == data_size, but special case trim. */
ds = data_size; if (trim) { if (!expect(peer_device, data_size == 0)) return NULL;
ds = be32_to_cpu(trim->size);
} elseif (zeroes) { if (!expect(peer_device, data_size == 0)) return NULL;
ds = be32_to_cpu(zeroes->size);
}
if (!expect(peer_device, IS_ALIGNED(ds, 512))) return NULL; if (trim || zeroes) { if (!expect(peer_device, ds <= (DRBD_MAX_BBIO_SECTORS << 9))) return NULL;
} elseif (!expect(peer_device, ds <= DRBD_MAX_BIO_SIZE)) return NULL;
/* even though we trust out peer,
* we sometimes have to double check. */ if (sector + (ds>>9) > capacity) {
drbd_err(device, "request from peer beyond end of local disk: " "capacity: %llus < sector: %llus + size: %u\n",
(unsignedlonglong)capacity,
(unsignedlonglong)sector, ds); return NULL;
}
/* GFP_NOIO, because we must not cause arbitrary write-out: in a DRBD * "criss-cross" setup, that might cause write-out on some other DRBD,
* which in turn might block on the other node at this very place. */
peer_req = drbd_alloc_peer_req(peer_device, id, sector, ds, data_size, GFP_NOIO); if (!peer_req) return NULL;
/* drbd_drain_block() just takes a data block * out of the socket input buffer, and discards it.
*/ staticint drbd_drain_block(struct drbd_peer_device *peer_device, int data_size)
{ struct page *page; int err = 0; void *data;
if (!data_size) return 0;
page = drbd_alloc_pages(peer_device, 1, 1);
data = kmap(page); while (data_size) { unsignedint len = min_t(int, data_size, PAGE_SIZE);
/* optimistically update recv_cnt. if receiving fails below,
* we disconnect anyways, and counters will be reset. */
peer_device->device->recv_cnt += data_size>>9;
bio = req->master_bio;
D_ASSERT(peer_device->device, sector == bio->bi_iter.bi_sector);
atomic_add(pi->size >> 9, &device->rs_sect_ev); if (drbd_submit_peer_request(peer_req) == 0) return 0;
/* don't care for the reason here */
drbd_err(device, "submit failed, triggering re-connect\n");
spin_lock_irq(&device->resource->req_lock);
list_del(&peer_req->w.list);
spin_unlock_irq(&device->resource->req_lock);
err = recv_dless_read(peer_device, req, sector, pi->size); if (!err)
req_mod(req, DATA_RECEIVED, peer_device); /* else: nothing. handled from drbd_disconnect... * I don't think we may complete this just yet
* in case we are "on-disconnect: freeze" */
if (get_ldev(device)) { /* data is submitted to disk within recv_resync_read. * corresponding put_ldev done below on error,
* or in drbd_peer_request_endio. */
err = recv_resync_read(peer_device, sector, pi);
} else { if (drbd_ratelimit())
drbd_err(device, "Can not write resync data to local disk.\n");
drbd_for_each_overlap(i, &device->write_requests, sector, size) { if (!i->local) continue;
req = container_of(i, struct drbd_request, i); if (req->rq_state & RQ_LOCAL_PENDING ||
!(req->rq_state & RQ_POSTPONED)) continue; /* as it is RQ_POSTPONED, this will cause it to
* be queued on the retry workqueue. */
__req_mod(req, CONFLICT_RESOLVED, NULL, NULL);
}
}
/* * e_end_block() is called in ack_sender context via drbd_finish_peer_reqs().
*/ staticint e_end_block(struct drbd_work *w, int cancel)
{ struct drbd_peer_request *peer_req =
container_of(w, struct drbd_peer_request, w); struct drbd_peer_device *peer_device = peer_req->peer_device; struct drbd_device *device = peer_device->device;
sector_t sector = peer_req->i.sector; int err = 0, pcmd;
if (peer_req->flags & EE_SEND_WRITE_ACK) { if (likely((peer_req->flags & EE_WAS_ERROR) == 0)) {
pcmd = (device->state.conn >= C_SYNC_SOURCE &&
device->state.conn <= C_PAUSED_SYNC_T &&
peer_req->flags & EE_MAY_SET_IN_SYNC) ?
P_RS_WRITE_ACK : P_WRITE_ACK;
err = drbd_send_ack(peer_device, pcmd, peer_req); if (pcmd == P_RS_WRITE_ACK)
drbd_set_in_sync(peer_device, sector, peer_req->i.size);
} else {
err = drbd_send_ack(peer_device, P_NEG_ACK, peer_req); /* we expect it to be marked out of sync anyways...
* maybe assert this? */
}
dec_unacked(device);
}
/* we delete from the conflict detection hash _after_ we sent out the
* P_WRITE_ACK / P_NEG_ACK, to get the sequence number right. */ if (peer_req->flags & EE_IN_INTERVAL_TREE) {
spin_lock_irq(&device->resource->req_lock);
D_ASSERT(device, !drbd_interval_empty(&peer_req->i));
drbd_remove_epoch_entry_interval(device, peer_req); if (peer_req->flags & EE_RESTART_REQUESTS)
restart_conflicting_writes(device, sector, peer_req->i.size);
spin_unlock_irq(&device->resource->req_lock);
} else
D_ASSERT(device, drbd_interval_empty(&peer_req->i));
staticbool seq_greater(u32 a, u32 b)
{ /* * We assume 32-bit wrap-around here. * For 24-bit wrap-around, we would have to shift: * a <<= 8; b <<= 8;
*/ return (s32)a - (s32)b > 0;
}
static u32 seq_max(u32 a, u32 b)
{ return seq_greater(a, b) ? a : b;
}
if (test_bit(RESOLVE_CONFLICTS, &peer_device->connection->flags)) {
spin_lock(&device->peer_seq_lock);
newest_peer_seq = seq_max(device->peer_seq, peer_seq);
device->peer_seq = newest_peer_seq;
spin_unlock(&device->peer_seq_lock); /* wake up only if we actually changed device->peer_seq */ if (peer_seq == newest_peer_seq)
wake_up(&device->seq_wait);
}
}
/* Called from receive_Data. * Synchronize packets on sock with packets on msock. * * This is here so even when a P_DATA packet traveling via sock overtook an Ack * packet traveling on msock, they are still processed in the order they have * been sent. * * Note: we don't care for Ack packets overtaking P_DATA packets. * * In case packet_seq is larger than device->peer_seq number, there are * outstanding packets on the msock. We wait for them to arrive. * In case we are the logically next packet, we update device->peer_seq * ourselves. Correctly handles 32bit wrap around. * * Assume we have a 10 GBit connection, that is about 1<<30 byte per second, * about 1<<21 sectors per second. So "worst" case, we have 1<<3 == 8 seconds * for the 24bit wrap (historical atomic_t guarantee on some archs), and we have * 1<<9 == 512 seconds aka ages for the 32bit wrap around... * * returns 0 if we may process the packet,
* -ERESTARTSYS if we were interrupted (by disconnect signal). */ staticint wait_for_and_update_peer_seq(struct drbd_peer_device *peer_device, const u32 peer_seq)
{ struct drbd_device *device = peer_device->device;
DEFINE_WAIT(wait); long timeout; int ret = 0, tp;
if (!test_bit(RESOLVE_CONFLICTS, &peer_device->connection->flags)) return 0;
spin_lock(&device->peer_seq_lock); for (;;) { if (!seq_greater(peer_seq - 1, device->peer_seq)) {
device->peer_seq = seq_max(device->peer_seq, peer_seq); break;
}
if (signal_pending(current)) {
ret = -ERESTARTSYS; break;
}
/* * Inserting the peer request into the write_requests tree will prevent * new conflicting local requests from being added.
*/
drbd_insert_interval(&device->write_requests, &peer_req->i);
repeat:
drbd_for_each_overlap(i, &device->write_requests, sector, size) { if (i == &peer_req->i) continue; if (i->completed) continue;
if (!i->local) { /* * Our peer has sent a conflicting remote request; this * should not happen in a two-node setup. Wait for the * earlier peer request to complete.
*/
err = drbd_wait_misc(device, i); if (err) goto out; goto repeat;
}
equal = i->sector == sector && i->size == size; if (resolve_conflicts) { /* * If the peer request is fully contained within the * overlapping request, it can be considered overwritten * and thus superseded; otherwise, it will be retried * once all overlapping requests have completed.
*/ bool superseded = i->sector <= sector && i->sector +
(i->size >> 9) >= sector + (size >> 9);
if (req->rq_state & RQ_LOCAL_PENDING ||
!(req->rq_state & RQ_POSTPONED)) { /* * Wait for the node with the discard flag to * decide if this request has been superseded * or needs to be retried. * Requests that have been superseded will * disappear from the write_requests tree. * * In addition, wait for the conflicting * request to finish locally before submitting * the conflicting peer request.
*/
err = drbd_wait_misc(device, &req->i); if (err) {
_conn_request_state(connection, NS(conn, C_TIMEOUT), CS_HARD);
fail_postponed_requests(device, sector, size); goto out;
} goto repeat;
} /* * Remember to restart the conflicting requests after * the new peer request has completed.
*/
peer_req->flags |= EE_RESTART_REQUESTS;
}
}
err = 0;
out: if (err)
drbd_remove_epoch_entry_interval(device, peer_req); return err;
}
/* * Corresponding put_ldev done either below (on various errors), or in * drbd_peer_request_endio, if we successfully submit the data at the * end of this function.
*/
rcu_read_lock();
nc = rcu_dereference(peer_device->connection->net_conf);
tp = nc->two_primaries; if (peer_device->connection->agreed_pro_version < 100) { switch (nc->wire_protocol) { case DRBD_PROT_C:
dp_flags |= DP_SEND_WRITE_ACK; break; case DRBD_PROT_B:
dp_flags |= DP_SEND_RECEIVE_ACK; break;
}
}
rcu_read_unlock();
if (dp_flags & DP_SEND_WRITE_ACK) {
peer_req->flags |= EE_SEND_WRITE_ACK;
inc_unacked(device); /* corresponding dec_unacked() in e_end_block()
* respective _drbd_clear_done_ee */
}
if (dp_flags & DP_SEND_RECEIVE_ACK) { /* I really don't like it that the receiver thread
* sends on the msock, but anyways */
drbd_send_ack(peer_device, P_RECV_ACK, peer_req);
}
if (tp) { /* two primaries implies protocol C */
D_ASSERT(device, dp_flags & DP_SEND_WRITE_ACK);
peer_req->flags |= EE_IN_INTERVAL_TREE;
err = wait_for_and_update_peer_seq(peer_device, peer_seq); if (err) goto out_interrupted;
spin_lock_irq(&device->resource->req_lock);
err = handle_write_conflicts(device, peer_req); if (err) {
spin_unlock_irq(&device->resource->req_lock); if (err == -ENOENT) {
put_ldev(device); return 0;
} goto out_interrupted;
}
} else {
update_peer_seq(peer_device, peer_seq);
spin_lock_irq(&device->resource->req_lock);
} /* TRIM and is processed synchronously, * we wait for all pending requests, respectively wait for * active_ee to become empty in drbd_submit_peer_request();
* better not add ourselves here. */ if ((peer_req->flags & (EE_TRIM | EE_ZEROOUT)) == 0)
list_add_tail(&peer_req->w.list, &device->active_ee);
spin_unlock_irq(&device->resource->req_lock);
if (device->state.conn == C_SYNC_TARGET)
wait_event(device->ee_wait, !overlapping_resync_write(device, peer_req));
if (device->state.pdsk < D_INCONSISTENT) { /* In case we have the only disk of the cluster, */
drbd_set_out_of_sync(peer_device, peer_req->i.sector, peer_req->i.size);
peer_req->flags &= ~EE_MAY_SET_IN_SYNC;
drbd_al_begin_io(device, &peer_req->i);
peer_req->flags |= EE_CALL_AL_COMPLETE_IO;
}
err = drbd_submit_peer_request(peer_req); if (!err) return 0;
/* don't care for the reason here */
drbd_err(device, "submit failed, triggering re-connect\n");
spin_lock_irq(&device->resource->req_lock);
list_del(&peer_req->w.list);
drbd_remove_epoch_entry_interval(device, peer_req);
spin_unlock_irq(&device->resource->req_lock); if (peer_req->flags & EE_CALL_AL_COMPLETE_IO) {
peer_req->flags &= ~EE_CALL_AL_COMPLETE_IO;
drbd_al_complete_io(device, &peer_req->i);
}
/* We may throttle resync, if the lower device seems to be busy, * and current sync rate is above c_min_rate. * * To decide whether or not the lower device is busy, we use a scheme similar * to MD RAID is_mddev_idle(): if the partition stats reveal "significant" * (more than 64 sectors) of activity we cannot account for with our own resync * activity, it obviously is "busy". * * The current sync rate used here uses only the most recent two step marks, * to have a short time average so we can react faster.
*/ bool drbd_rs_should_slow_down(struct drbd_peer_device *peer_device, sector_t sector, bool throttle_if_app_is_waiting)
{ struct drbd_device *device = peer_device->device; struct lc_element *tmp; bool throttle = drbd_rs_c_min_rate_throttle(device);
if (!throttle || throttle_if_app_is_waiting) return throttle;
spin_lock_irq(&device->al_lock);
tmp = lc_find(device->resync, BM_SECT_TO_EXT(sector)); if (tmp) { struct bm_extent *bm_ext = lc_entry(tmp, struct bm_extent, lce); if (test_bit(BME_PRIORITY, &bm_ext->flags))
throttle = false; /* Do not slow down if app IO is already waiting for this extent,
* and our progress is necessary for application IO to complete. */
}
spin_unlock_irq(&device->al_lock);
/* GFP_NOIO, because we must not cause arbitrary write-out: in a DRBD * "criss-cross" setup, that might cause write-out on some other DRBD,
* which in turn might block on the other node at this very place. */
peer_req = drbd_alloc_peer_req(peer_device, p->block_id, sector, size,
size, GFP_NOIO); if (!peer_req) {
put_ldev(device); return -ENOMEM;
}
peer_req->opf = REQ_OP_READ;
case P_RS_THIN_REQ: /* If at some point in the future we have a smart way to find out if this data block is completely deallocated, then we would do something smarter here than reading
the block... */
peer_req->flags |= EE_RS_THIN_REQ;
fallthrough; case P_RS_DATA_REQUEST:
peer_req->w.cb = w_e_end_rsdata_req; /* used in the sector offset progress display */
device->bm_resync_fo = BM_SECT_TO_BIT(sector); break;
case P_OV_REPLY: case P_CSUM_RS_REQUEST:
di = kmalloc(sizeof(*di) + pi->size, GFP_NOIO); if (!di) goto out_free_e;
if (drbd_recv_all(peer_device->connection, di->digest, pi->size)) goto out_free_e;
if (pi->cmd == P_CSUM_RS_REQUEST) {
D_ASSERT(device, peer_device->connection->agreed_pro_version >= 89);
peer_req->w.cb = w_e_end_csum_rs_req; /* used in the sector offset progress display */
device->bm_resync_fo = BM_SECT_TO_BIT(sector); /* remember to report stats in drbd_resync_finished */
device->use_csums = true;
} elseif (pi->cmd == P_OV_REPLY) { /* track progress, we may need to throttle */
atomic_add(size >> 9, &device->rs_sect_in);
peer_req->w.cb = w_e_end_ov_reply;
dec_rs_pending(peer_device); /* drbd_rs_begin_io done when we sent this request,
* but accounting still needs to be done. */ goto submit_for_resync;
} break;
case P_OV_REQUEST: if (device->ov_start_sector == ~(sector_t)0 &&
peer_device->connection->agreed_pro_version >= 90) { unsignedlong now = jiffies; int i;
device->ov_start_sector = sector;
device->ov_position = sector;
device->ov_left = drbd_bm_bits(device) - BM_SECT_TO_BIT(sector);
device->rs_total = device->ov_left; for (i = 0; i < DRBD_SYNC_MARKS; i++) {
device->rs_mark_left[i] = device->ov_left;
device->rs_mark_time[i] = now;
}
drbd_info(device, "Online Verify start sector: %llu\n",
(unsignedlonglong)sector);
}
peer_req->w.cb = w_e_end_ov_req; break;
default:
BUG();
}
/* Throttle, drbd_rs_begin_io and submit should become asynchronous * wrt the receiver, but it is not as straightforward as it may seem. * Various places in the resync start and stop logic assume resync * requests are processed in order, requeuing this on the worker thread * introduces a bunch of new code for synchronization between threads. * * Unlimited throttling before drbd_rs_begin_io may stall the resync * "forever", throttling after drbd_rs_begin_io will lock that extent * for application writes for the same time. For now, just throttle * here, where the rest of the code expects the receiver to sleep for * a while, anyways.
*/
/* Throttle before drbd_rs_begin_io, as that locks out application IO; * this defers syncer requests for some time, before letting at least * on request through. The resync controller on the receiving side * will adapt to the incoming rate accordingly. * * We cannot throttle here if remote is Primary/SyncTarget: * we would also throttle its application reads. * In that case, throttling is done on the SyncTarget only.
*/
/* Even though this may be a resync request, we do add to "read_ee"; * "sync_ee" is only used for resync WRITEs. * Add to list early, so debugfs can find this request
* even if we have to sleep below. */
spin_lock_irq(&device->resource->req_lock);
list_add_tail(&peer_req->w.list, &device->read_ee);
spin_unlock_irq(&device->resource->req_lock);
update_receiver_timing_details(connection, drbd_rs_should_slow_down); if (device->state.peer != R_PRIMARY
&& drbd_rs_should_slow_down(peer_device, sector, false))
schedule_timeout_uninterruptible(HZ/10);
update_receiver_timing_details(connection, drbd_rs_begin_io); if (drbd_rs_begin_io(device, sector)) goto out_free_e;
submit:
update_receiver_timing_details(connection, drbd_submit_peer_request);
inc_unacked(device); if (drbd_submit_peer_request(peer_req) == 0) return 0;
/* don't care for the reason here */
drbd_err(device, "submit failed, triggering re-connect\n");
out_free_e:
spin_lock_irq(&device->resource->req_lock);
list_del(&peer_req->w.list);
spin_unlock_irq(&device->resource->req_lock); /* no drbd_rs_complete_io(), we are dropping the connection anyways */
rcu_read_lock();
after_sb_0p = rcu_dereference(peer_device->connection->net_conf)->after_sb_0p;
rcu_read_unlock(); switch (after_sb_0p) { case ASB_CONSENSUS: case ASB_DISCARD_SECONDARY: case ASB_CALL_HELPER: case ASB_VIOLENTLY:
drbd_err(device, "Configuration error.\n"); break; case ASB_DISCONNECT: break; case ASB_DISCARD_YOUNGER_PRI: if (self == 0 && peer == 1) {
rv = -1; break;
} if (self == 1 && peer == 0) {
rv = 1; break;
}
fallthrough; /* to one of the other strategies */ case ASB_DISCARD_OLDER_PRI: if (self == 0 && peer == 1) {
rv = 1; break;
} if (self == 1 && peer == 0) {
rv = -1; break;
} /* Else fall through to one of the other strategies... */
drbd_warn(device, "Discard younger/older primary did not find a decision\n" "Using discard-least-changes instead\n");
fallthrough; case ASB_DISCARD_ZERO_CHG: if (ch_peer == 0 && ch_self == 0) {
rv = test_bit(RESOLVE_CONFLICTS, &peer_device->connection->flags)
? -1 : 1; break;
} else { if (ch_peer == 0) { rv = 1; break; } if (ch_self == 0) { rv = -1; break; }
} if (after_sb_0p == ASB_DISCARD_ZERO_CHG) break;
fallthrough; case ASB_DISCARD_LEAST_CHG: if (ch_self < ch_peer)
rv = -1; elseif (ch_self > ch_peer)
rv = 1; else/* ( ch_self == ch_peer ) */ /* Well, then use something else. */
rv = test_bit(RESOLVE_CONFLICTS, &peer_device->connection->flags)
? -1 : 1; break; case ASB_DISCARD_LOCAL:
rv = -1; break; case ASB_DISCARD_REMOTE:
rv = 1;
}
return rv;
}
/* * drbd_asb_recover_1p - Recover after split-brain with one remaining primary
*/ staticint drbd_asb_recover_1p(struct drbd_peer_device *peer_device) __must_hold(local)
{ struct drbd_device *device = peer_device->device; int hg, rv = -100; enum drbd_after_sb_p after_sb_1p;
rcu_read_lock();
after_sb_1p = rcu_dereference(peer_device->connection->net_conf)->after_sb_1p;
rcu_read_unlock(); switch (after_sb_1p) { case ASB_DISCARD_YOUNGER_PRI: case ASB_DISCARD_OLDER_PRI: case ASB_DISCARD_LEAST_CHG: case ASB_DISCARD_LOCAL: case ASB_DISCARD_REMOTE: case ASB_DISCARD_ZERO_CHG:
drbd_err(device, "Configuration error.\n"); break; case ASB_DISCONNECT: break; case ASB_CONSENSUS:
hg = drbd_asb_recover_0p(peer_device); if (hg == -1 && device->state.role == R_SECONDARY)
rv = hg; if (hg == 1 && device->state.role == R_PRIMARY)
rv = hg; break; case ASB_VIOLENTLY:
rv = drbd_asb_recover_0p(peer_device); break; case ASB_DISCARD_SECONDARY: return device->state.role == R_PRIMARY ? 1 : -1; case ASB_CALL_HELPER:
hg = drbd_asb_recover_0p(peer_device); if (hg == -1 && device->state.role == R_PRIMARY) { enum drbd_state_rv rv2;
/* drbd_change_state() does not sleep while in SS_IN_TRANSIENT_STATE, * we might be here in C_WF_REPORT_PARAMS which is transient.
* we do not need to wait for the after state change work either. */
rv2 = drbd_change_state(device, CS_VERBOSE, NS(role, R_SECONDARY)); if (rv2 != SS_SUCCESS) {
drbd_khelper(device, "pri-lost-after-sb");
} else {
drbd_warn(device, "Successfully gave up primary role.\n");
rv = hg;
}
} else
rv = hg;
}
return rv;
}
/* * drbd_asb_recover_2p - Recover after split-brain with two remaining primaries
*/ staticint drbd_asb_recover_2p(struct drbd_peer_device *peer_device) __must_hold(local)
{ struct drbd_device *device = peer_device->device; int hg, rv = -100; enum drbd_after_sb_p after_sb_2p;
rcu_read_lock();
after_sb_2p = rcu_dereference(peer_device->connection->net_conf)->after_sb_2p;
rcu_read_unlock(); switch (after_sb_2p) { case ASB_DISCARD_YOUNGER_PRI: case ASB_DISCARD_OLDER_PRI: case ASB_DISCARD_LEAST_CHG: case ASB_DISCARD_LOCAL: case ASB_DISCARD_REMOTE: case ASB_CONSENSUS: case ASB_DISCARD_SECONDARY: case ASB_DISCARD_ZERO_CHG:
drbd_err(device, "Configuration error.\n"); break; case ASB_VIOLENTLY:
rv = drbd_asb_recover_0p(peer_device); break; case ASB_DISCONNECT: break; case ASB_CALL_HELPER:
hg = drbd_asb_recover_0p(peer_device); if (hg == -1) { enum drbd_state_rv rv2;
/* drbd_change_state() does not sleep while in SS_IN_TRANSIENT_STATE, * we might be here in C_WF_REPORT_PARAMS which is transient.
* we do not need to wait for the after state change work either. */
rv2 = drbd_change_state(device, CS_VERBOSE, NS(role, R_SECONDARY)); if (rv2 != SS_SUCCESS) {
drbd_khelper(device, "pri-lost-after-sb");
} else {
drbd_warn(device, "Successfully gave up primary role.\n");
rv = hg;
}
} else
rv = hg;
}
return rv;
}
staticvoid drbd_uuid_dump(struct drbd_device *device, char *text, u64 *uuid,
u64 bits, u64 flags)
{ if (!uuid) {
drbd_info(device, "%s uuid info vanished while I was looking!\n", text); return;
}
drbd_info(device, "%s %016llX:%016llX:%016llX:%016llX bits:%llu flags:%llX\n",
text,
(unsignedlonglong)uuid[UI_CURRENT],
(unsignedlonglong)uuid[UI_BITMAP],
(unsignedlonglong)uuid[UI_HISTORY_START],
(unsignedlonglong)uuid[UI_HISTORY_END],
(unsignedlonglong)bits,
(unsignedlonglong)flags);
}
/* 100 after split brain try auto recover 2 C_SYNC_SOURCE set BitMap 1 C_SYNC_SOURCE use BitMap 0 no Sync -1 C_SYNC_TARGET use BitMap -2 C_SYNC_TARGET set BitMap -100 after split brain, disconnect -1000 unrelated data -1091 requires proto 91 -1096 requires proto 96
*/
staticint drbd_uuid_compare(struct drbd_peer_device *const peer_device, enum drbd_role const peer_role, int *rule_nr) __must_hold(local)
{ struct drbd_connection *const connection = peer_device->connection; struct drbd_device *device = peer_device->device;
u64 self, peer; int i, j;
/* Common power [off|failure] */
rct = (test_bit(CRASHED_PRIMARY, &device->flags) ? 1 : 0) +
(device->p_uuid[UI_FLAGS] & 2); /* lowest bit is set when we were primary,
* next bit (weight 2) is set when peer was primary */
*rule_nr = 40;
/* Neither has the "crashed primary" flag set,
* only a replication link hickup. */ if (rct == 0) return 0;
/* Current UUID equal and no bitmap uuid; does not necessarily * mean this was a "simultaneous hard crash", maybe IO was * frozen, so no UUID-bump happened. * This is a protocol change, overload DRBD_FF_WSAME as flag
* for "new-enough" peer DRBD version. */ if (device->state.role == R_PRIMARY || peer_role == R_PRIMARY) {
*rule_nr = 41; if (!(connection->agreed_features & DRBD_FF_WSAME)) {
drbd_warn(peer_device, "Equivalent unrotated UUIDs, but current primary present.\n"); return -(0x10000 | PRO_VERSION_MAX | (DRBD_FF_WSAME << 8));
} if (device->state.role == R_PRIMARY && peer_role == R_PRIMARY) { /* At least one has the "crashed primary" bit set, * both are primary now, but neither has rotated its UUIDs?
* "Can not happen." */
drbd_err(peer_device, "Equivalent unrotated UUIDs, but both are primary. Can not resolve this.\n"); return -100;
} if (device->state.role == R_PRIMARY) return 1; return -1;
}
/* Both are secondary. * Really looks like recovery from simultaneous hard crash.
* Check which had been primary before, and arbitrate. */ switch (rct) { case 0: /* !self_pri && !peer_pri */ return 0; /* already handled */ case 1: /* self_pri && !peer_pri */ return 1; case 2: /* !self_pri && peer_pri */ return -1; case 3: /* self_pri && peer_pri */
dc = test_bit(RESOLVE_CONFLICTS, &connection->flags); return dc ? -1 : 1;
}
}
*rule_nr = 51;
peer = device->p_uuid[UI_HISTORY_START] & ~((u64)1); if (self == peer) { if (connection->agreed_pro_version < 96 ?
(device->ldev->md.uuid[UI_HISTORY_START] & ~((u64)1)) ==
(device->p_uuid[UI_HISTORY_START + 1] & ~((u64)1)) :
peer + UUID_NEW_BM_OFFSET == (device->p_uuid[UI_BITMAP] & ~((u64)1))) { /* The last P_SYNC_UUID did not get though. Undo the last start of
resync as sync source modifications of the peer's UUIDs. */
if (connection->agreed_pro_version < 91) return -1091;
*rule_nr = 71;
self = device->ldev->md.uuid[UI_HISTORY_START] & ~((u64)1); if (self == peer) { if (connection->agreed_pro_version < 96 ?
(device->ldev->md.uuid[UI_HISTORY_START + 1] & ~((u64)1)) ==
(device->p_uuid[UI_HISTORY_START] & ~((u64)1)) :
self + UUID_NEW_BM_OFFSET == (device->ldev->md.uuid[UI_BITMAP] & ~((u64)1))) { /* The last P_SYNC_UUID did not get though. Undo the last start of
resync as sync source modifications of our UUIDs. */
if (connection->agreed_pro_version < 91) return -1091;
drbd_info(device, "uuid_compare()=%d by rule %d\n", hg, rule_nr);
if (hg == -1000) {
drbd_alert(device, "Unrelated data, aborting!\n"); return C_MASK;
} if (hg < -0x10000) { int proto, fflags;
hg = -hg;
proto = hg & 0xff;
fflags = (hg >> 8) & 0xff;
drbd_alert(device, "To resolve this both sides have to support at least protocol %d and feature flags 0x%x\n",
proto, fflags); return C_MASK;
} if (hg < -1000) {
drbd_alert(device, "To resolve this both sides have to support at least protocol %d\n", -hg - 1000); return C_MASK;
}
if ((mydisk == D_INCONSISTENT && peer_disk > D_INCONSISTENT) ||
(peer_disk == D_INCONSISTENT && mydisk > D_INCONSISTENT)) { int f = (hg == -100) || abs(hg) == 2;
hg = mydisk > D_INCONSISTENT ? 1 : -1; if (f)
hg = hg*2;
drbd_info(device, "Becoming sync %s due to disk states.\n",
hg > 0 ? "source" : "target");
}
if (abs(hg) == 100)
drbd_khelper(device, "initial-split-brain");
if (hg == -100) { /* FIXME this log message is not correct if we end up here * after an attempted attach on a diskless node. * We just refuse to attach -- well, we drop the "connection"
* to that disk, in a way... */
drbd_alert(device, "Split-Brain detected but unresolved, dropping connection!\n");
drbd_khelper(device, "split-brain"); return C_MASK;
}
if (hg > 0 && mydisk <= D_INCONSISTENT) {
drbd_err(device, "I shall become SyncSource, but I am inconsistent!\n"); return C_MASK;
}
if (hg < 0 && /* by intention we do not use mydisk here. */
device->state.role == R_PRIMARY && device->state.disk >= D_CONSISTENT) { switch (rr_conflict) { case ASB_CALL_HELPER:
drbd_khelper(device, "pri-lost");
fallthrough; case ASB_DISCONNECT:
drbd_err(device, "I shall become SyncTarget, but I am primary!\n"); return C_MASK; case ASB_VIOLENTLY:
drbd_warn(device, "Becoming SyncTarget, violating the stable-data" "assumption\n");
}
}
if (tentative || test_bit(CONN_DRY_RUN, &peer_device->connection->flags)) { if (hg == 0)
drbd_info(device, "dry-run connect: No resync, would become Connected immediately.\n"); else
drbd_info(device, "dry-run connect: Would become %s, doing a %s resync.",
drbd_conn_str(hg > 0 ? C_SYNC_SOURCE : C_SYNC_TARGET),
abs(hg) >= 2 ? "full" : "bit-map based"); return C_MASK;
}
if (abs(hg) >= 2) {
drbd_info(device, "Writing the whole bitmap, full sync required after drbd_sync_handshake.\n"); if (drbd_bitmap_io(device, &drbd_bmio_set_n_write, "set_n_write from sync_handshake",
BM_LOCKED_SET_ALLOWED, NULL)) return C_MASK;
}
if (hg > 0) { /* become sync source. */
rv = C_WF_BITMAP_S;
} elseif (hg < 0) { /* become sync target */
rv = C_WF_BITMAP_T;
} else {
rv = C_CONNECTED; if (drbd_bm_total_weight(device)) {
drbd_info(device, "No resync, but %lu bits in bitmap!\n",
drbd_bm_total_weight(device));
}
}
return rv;
}
staticenum drbd_after_sb_p convert_after_sb(enum drbd_after_sb_p peer)
{ /* ASB_DISCARD_REMOTE - ASB_DISCARD_LOCAL is valid */ if (peer == ASB_DISCARD_REMOTE) return ASB_DISCARD_LOCAL;
/* any other things with ASB_DISCARD_REMOTE or ASB_DISCARD_LOCAL are invalid */ if (peer == ASB_DISCARD_LOCAL) return ASB_DISCARD_REMOTE;
/* everything else is valid if they are equal on both sides. */ return peer;
}
/* * We can only change the peer data integrity algorithm * here. Changing our own data integrity algorithm * requires that we send a P_PROTOCOL_UPDATE packet at * the same time; otherwise, the peer has no way to * tell between which packets the algorithm should * change.
*/
/* helper function * input: alg name, feature name * return: NULL (alg name was "") * ERR_PTR(error) if something goes wrong
* or the crypto hash ptr, if it worked out ok. */ staticstruct crypto_shash *drbd_crypto_alloc_digest_safe( conststruct drbd_device *device, constchar *alg, constchar *name)
{ struct crypto_shash *tfm;
if (!alg[0]) return NULL;
tfm = crypto_alloc_shash(alg, 0, 0); if (IS_ERR(tfm)) {
drbd_err(device, "Can not allocate \"%s\" as %s (reason: %ld)\n",
alg, name, PTR_ERR(tfm)); return tfm;
} return tfm;
}
while (size) { int s = min_t(int, size, DRBD_SOCKET_BUFFER_SIZE);
s = drbd_recv(connection, buffer, s); if (s <= 0) { if (s < 0) return s; break;
}
size -= s;
} if (size) return -EIO; return 0;
}
/* * config_unknown_volume - device configuration command for unknown volume * * When a device is added to an existing connection, the node on which the * device is added first will send configuration commands to its peer but the * peer will not know about the device yet. It will warn and ignore these * commands. Once the device is added on the second node, the second node will * send the same device configuration commands, but in the other direction. * * (We can also end up here if drbd is misconfigured.)
*/ staticint config_unknown_volume(struct drbd_connection *connection, struct packet_info *pi)
{
drbd_warn(connection, "%s packet received for volume %u, which is not configured locally\n",
cmdname(pi->cmd), pi->vnr); return ignore_remaining_packet(connection, pi);
}
if (apv >= 88) { if (apv == 88) { if (data_size > SHARED_SECRET_MAX || data_size == 0) {
drbd_err(device, "verify-alg of wrong size, " "peer wants %u, accepting only up to %u byte\n",
data_size, SHARED_SECRET_MAX); goto reconnect;
}
err = drbd_recv_all(peer_device->connection, p->verify_alg, data_size); if (err) goto reconnect; /* we expect NUL terminated string */ /* but just in case someone tries to be evil */
D_ASSERT(device, p->verify_alg[data_size-1] == 0);
p->verify_alg[data_size-1] = 0;
} else/* apv >= 89 */ { /* we still expect NUL terminated strings */ /* but just in case someone tries to be evil */
D_ASSERT(device, p->verify_alg[SHARED_SECRET_MAX-1] == 0);
D_ASSERT(device, p->csums_alg[SHARED_SECRET_MAX-1] == 0);
p->verify_alg[SHARED_SECRET_MAX-1] = 0;
p->csums_alg[SHARED_SECRET_MAX-1] = 0;
}
if (new_disk_conf) {
rcu_assign_pointer(device->ldev->disk_conf, new_disk_conf);
put_ldev(device);
}
if (new_plan) {
old_plan = device->rs_plan_s;
rcu_assign_pointer(device->rs_plan_s, new_plan);
}
mutex_unlock(&connection->resource->conf_update);
synchronize_rcu(); if (new_net_conf)
kfree(old_net_conf);
kfree(old_disk_conf);
kfree(old_plan);
return 0;
reconnect: if (new_disk_conf) {
put_ldev(device);
kfree(new_disk_conf);
}
mutex_unlock(&connection->resource->conf_update); return -EIO;
disconnect:
kfree(new_plan); if (new_disk_conf) {
put_ldev(device);
kfree(new_disk_conf);
}
mutex_unlock(&connection->resource->conf_update); /* just for completeness: actually not needed,
* as this is not reached if csums_tfm was ok. */
crypto_free_shash(csums_tfm); /* but free the verify_tfm again, if csums_tfm did not work out */
crypto_free_shash(verify_tfm);
conn_request_state(peer_device->connection, NS(conn, C_DISCONNECTING), CS_HARD); return -EIO;
}
/* warn if the arguments differ by more than 12.5% */ staticvoid warn_if_differ_considerably(struct drbd_device *device, constchar *s, sector_t a, sector_t b)
{
sector_t d; if (a == 0 || b == 0) return;
d = (a > b) ? (a - b) : (b - a); if (d > (a>>3) || d > (b>>3))
drbd_warn(device, "Considerable difference in %s: %llus vs. %llus\n", s,
(unsignedlonglong)a, (unsignedlonglong)b);
}
/* if this is the first connect, or an otherwise expected
* param exchange, choose the minimum */ if (device->state.conn == C_WF_REPORT_PARAMS)
p_usize = min_not_zero(my_usize, p_usize);
/* Never shrink a device with usable data during connect, * or "attach" on the peer.
* But allow online shrinking if we are connected. */
new_size = drbd_new_dev_size(device, device->ldev, p_usize, 0); if (new_size < cur_size &&
device->state.disk >= D_OUTDATED &&
(device->state.conn < C_CONNECTED || device->state.pdsk == D_DISKLESS)) {
drbd_err(device, "The peer's disk size is too small! (%llu < %llu sectors)\n",
(unsignedlonglong)new_size, (unsignedlonglong)cur_size);
conn_request_state(peer_device->connection, NS(conn, C_DISCONNECTING), CS_HARD);
put_ldev(device); return -EIO;
}
device->peer_max_bio_size = be32_to_cpu(p->max_bio_size); /* Leave drbd_reconsider_queue_parameters() before drbd_determine_dev_size(). In case we cleared the QUEUE_FLAG_DISCARD from our queue in drbd_reconsider_queue_parameters(), we can be sure that after
drbd_determine_dev_size() no REQ_DISCARDs are in the queue. */
ddsf = be16_to_cpu(p->dds_flags); if (get_ldev(device)) {
drbd_reconsider_queue_parameters(device, device->ldev, o);
dd = drbd_determine_dev_size(device, ddsf, NULL);
put_ldev(device); if (dd == DS_ERROR) return -EIO;
drbd_md_sync(device);
} else { /* * I am diskless, need to accept the peer's *current* size. * I must NOT accept the peers backing disk size, * it may have been larger than mine all along... * * At this point, the peer knows more about my disk, or at * least about what we last agreed upon, than myself. * So if his c_size is less than his d_size, the most likely * reason is that *my* d_size was smaller last time we checked. * * However, if he sends a zero current size, * take his (user-capped or) backing disk size anyways. * * Unless of course he does not have a disk himself. * In which case we ignore this completely.
*/
sector_t new_size = p_csize ?: p_usize ?: p_size;
drbd_reconsider_queue_parameters(device, NULL, o); if (new_size == 0) { /* Ignore, peer does not know nothing. */
} elseif (new_size == cur_size) { /* nothing to do */
} elseif (cur_size != 0 && p_size == 0) {
drbd_warn(device, "Ignored diskless peer device size (peer:%llu != me:%llu sectors)!\n",
(unsignedlonglong)new_size, (unsignedlonglong)cur_size);
} elseif (new_size < cur_size && device->state.role == R_PRIMARY) {
drbd_err(device, "The peer's device size is too small! (%llu < %llu sectors); demote me first!\n",
(unsignedlonglong)new_size, (unsignedlonglong)cur_size);
conn_request_state(peer_device->connection, NS(conn, C_DISCONNECTING), CS_HARD); return -EIO;
} else { /* I believe the peer, if * - I don't have a current size myself * - we agree on the size anyways * - I do have a current size, am Secondary, * and he has the only disk * - I do have a current size, am Primary, * and he has the only disk, * which is larger than my current size
*/
drbd_set_my_capacity(device, new_size);
}
}
if (get_ldev(device)) { if (device->ldev->known_size != drbd_get_capacity(device->ldev->backing_bdev)) {
device->ldev->known_size = drbd_get_capacity(device->ldev->backing_bdev);
ldsc = 1;
}
put_ldev(device);
}
if (device->state.conn > C_WF_REPORT_PARAMS) { if (be64_to_cpu(p->c_size) != get_capacity(device->vdisk) ||
ldsc) { /* we have different sizes, probably peer
* needs to know my new size... */
drbd_send_sizes(peer_device, 0, ddsf);
} if (test_and_clear_bit(RESIZE_PENDING, &device->flags) ||
(dd == DS_GREW && device->state.conn == C_CONNECTED)) { if (device->state.pdsk >= D_INCONSISTENT &&
device->state.disk >= D_INCONSISTENT) { if (ddsf & DDSF_NO_RESYNC)
drbd_info(device, "Resync of new storage suppressed with --assume-clean\n"); else
resync_after_online_grow(device);
} else
set_bit(RESYNC_AFTER_NEG, &device->flags);
}
}
p_uuid = kmalloc_array(UI_EXTENDED_SIZE, sizeof(*p_uuid), GFP_NOIO); if (!p_uuid) returnfalse;
for (i = UI_CURRENT; i < UI_EXTENDED_SIZE; i++)
p_uuid[i] = be64_to_cpu(p->uuid[i]);
kfree(device->p_uuid);
device->p_uuid = p_uuid;
if ((device->state.conn < C_CONNECTED || device->state.pdsk == D_DISKLESS) &&
device->state.disk < D_INCONSISTENT &&
device->state.role == R_PRIMARY &&
(device->ed_uuid & ~((u64)1)) != (p_uuid[UI_CURRENT] & ~((u64)1))) {
drbd_err(device, "Can only connect to data with current UUID=%016llX\n",
(unsignedlonglong)device->ed_uuid);
conn_request_state(peer_device->connection, NS(conn, C_DISCONNECTING), CS_HARD); return -EIO;
}
if (get_ldev(device)) { int skip_initial_sync =
device->state.conn == C_CONNECTED &&
peer_device->connection->agreed_pro_version >= 90 &&
device->ldev->md.uuid[UI_CURRENT] == UUID_JUST_CREATED &&
(p_uuid[UI_FLAGS] & 8); if (skip_initial_sync) {
drbd_info(device, "Accepted new current UUID, preparing to skip initial sync\n");
drbd_bitmap_io(device, &drbd_bmio_clear_n_write, "clear_n_write from receive_uuids",
BM_LOCKED_TEST_ALLOWED, NULL);
_drbd_uuid_set(device, UI_CURRENT, p_uuid[UI_CURRENT]);
_drbd_uuid_set(device, UI_BITMAP, 0);
_drbd_set_state(_NS2(device, disk, D_UP_TO_DATE, pdsk, D_UP_TO_DATE),
CS_VERBOSE, NULL);
drbd_md_sync(device);
updated_uuids = 1;
}
put_ldev(device);
} elseif (device->state.disk < D_INCONSISTENT &&
device->state.role == R_PRIMARY) { /* I am a diskless primary, the peer just created a new current UUID
for me. */
updated_uuids = drbd_set_ed_uuid(device, p_uuid[UI_CURRENT]);
}
/* Before we test for the disk state, we should wait until an eventually ongoing cluster wide state change is finished. That is important if we are primary and are detaching from our disk. We need to see the
new disk state... */
mutex_lock(device->state_mutex);
mutex_unlock(device->state_mutex); if (device->state.conn >= C_CONNECTED && device->state.disk < D_INCONSISTENT)
updated_uuids |= drbd_set_ed_uuid(device, p_uuid[UI_CURRENT]);
if (updated_uuids)
drbd_print_uuids(device, "receiver updated UUIDs to");
return 0;
}
/** * convert_state() - Converts the peer's view of the cluster state to our point of view * @ps: The state as seen by the peer.
*/ staticunion drbd_state convert_state(union drbd_state ps)
{ union drbd_state ms;
real_peer_disk = peer_state.disk; if (peer_state.disk == D_NEGOTIATING) {
real_peer_disk = device->p_uuid[UI_FLAGS] & 4 ? D_INCONSISTENT : D_CONSISTENT;
drbd_info(device, "real peer disk state = %s\n", drbd_disk_str(real_peer_disk));
}
spin_lock_irq(&device->resource->req_lock);
retry:
os = ns = drbd_read_state(device);
spin_unlock_irq(&device->resource->req_lock);
/* If some other part of the code (ack_receiver thread, timeout) * already decided to close the connection again,
* we must not "re-establish" it here. */ if (os.conn <= C_TEAR_DOWN) return -ECONNRESET;
/* If this is the "end of sync" confirmation, usually the peer disk * transitions from D_INCONSISTENT to D_UP_TO_DATE. For empty (0 bits * set) resync started in PausedSyncT, or if the timing of pause-/ * unpause-sync events has been "just right", the peer disk may * transition from D_CONSISTENT to D_UP_TO_DATE as well.
*/ if ((os.pdsk == D_INCONSISTENT || os.pdsk == D_CONSISTENT) &&
real_peer_disk == D_UP_TO_DATE &&
os.conn > C_CONNECTED && os.disk == D_UP_TO_DATE) { /* If we are (becoming) SyncSource, but peer is still in sync * preparation, ignore its uptodate-ness to avoid flapping, it * will change to inconsistent once the peer reaches active * syncing states. * It may have changed syncer-paused flags, however, so we
* cannot ignore this completely. */ if (peer_state.conn > C_CONNECTED &&
peer_state.conn < C_SYNC_SOURCE)
real_peer_disk = D_INCONSISTENT;
/* if peer_state changes to connected at the same time, * it explicitly notifies us that it finished resync.
* Maybe we should finish it up, too? */ elseif (os.conn >= C_SYNC_SOURCE &&
peer_state.conn == C_CONNECTED) { if (drbd_bm_total_weight(device) <= device->rs_failed)
drbd_resync_finished(peer_device); return 0;
}
}
/* peer says his disk is inconsistent, while we think it is uptodate, * and this happens while the peer still thinks we have a sync going on, * but we think we are already done with the sync. * We ignore this to avoid flapping pdsk.
* This should not happen, if the peer is a recent version of drbd. */ if (os.pdsk == D_UP_TO_DATE && real_peer_disk == D_INCONSISTENT &&
os.conn == C_CONNECTED && peer_state.conn > C_SYNC_SOURCE)
real_peer_disk = D_UP_TO_DATE;
if (ns.conn == C_WF_REPORT_PARAMS)
ns.conn = C_CONNECTED;
if (peer_state.conn == C_AHEAD)
ns.conn = C_BEHIND;
/* TODO: * if (primary and diskless and peer uuid != effective uuid) * abort attach on peer; * * If this node does not have good data, was already connected, but * the peer did a late attach only now, trying to "negotiate" with me, * AND I am currently Primary, possibly frozen, with some specific * "effective" uuid, this should never be reached, really, because * we first send the uuids, then the current state. * * In this scenario, we already dropped the connection hard * when we received the unsuitable uuids (receive_uuids(). * * Should we want to change this, that is: not drop the connection in * receive_uuids() already, then we would need to add a branch here * that aborts the attach of "unsuitable uuids" on the peer in case * this node is currently Diskless Primary.
*/
if (device->p_uuid && peer_state.disk >= D_NEGOTIATING &&
get_ldev_if_state(device, D_NEGOTIATING)) { int cr; /* consider resync */
/* if we established a new connection */
cr = (os.conn < C_CONNECTED); /* if we had an established connection
* and one of the nodes newly attaches a disk */
cr |= (os.conn == C_CONNECTED &&
(peer_state.disk == D_NEGOTIATING ||
os.disk == D_NEGOTIATING)); /* if we have both been inconsistent, and the peer has been
* forced to be UpToDate with --force */
cr |= test_bit(CONSIDER_RESYNC, &device->flags); /* if we had been plain connected, and the admin requested to
* start a sync by "invalidate" or "invalidate-remote" */
cr |= (os.conn == C_CONNECTED &&
(peer_state.conn >= C_STARTING_SYNC_S &&
peer_state.conn <= C_WF_BITMAP_T));
if (cr)
ns.conn = drbd_sync_handshake(peer_device, peer_state.role, real_peer_disk);
put_ldev(device); if (ns.conn == C_MASK) {
ns.conn = C_CONNECTED; if (device->state.disk == D_NEGOTIATING) {
drbd_force_state(device, NS(disk, D_FAILED));
} elseif (peer_state.disk == D_NEGOTIATING) {
drbd_err(device, "Disk attach process on the peer node was aborted.\n");
peer_state.disk = D_DISKLESS;
real_peer_disk = D_DISKLESS;
} else { if (test_and_clear_bit(CONN_DRY_RUN, &peer_device->connection->flags)) return -EIO;
D_ASSERT(device, os.conn == C_WF_REPORT_PARAMS);
conn_request_state(peer_device->connection, NS(conn, C_DISCONNECTING), CS_HARD); return -EIO;
}
}
}
spin_lock_irq(&device->resource->req_lock); if (os.i != drbd_read_state(device).i) goto retry;
clear_bit(CONSIDER_RESYNC, &device->flags);
ns.peer = peer_state.role;
ns.pdsk = real_peer_disk;
ns.peer_isp = (peer_state.aftr_isp | peer_state.user_isp); if ((ns.conn == C_CONNECTED || ns.conn == C_WF_BITMAP_S) && ns.disk == D_NEGOTIATING)
ns.disk = device->new_state_tmp.disk;
cs_flags = CS_VERBOSE + (os.conn < C_CONNECTED && ns.conn >= C_CONNECTED ? 0 : CS_HARD); if (ns.pdsk == D_CONSISTENT && drbd_suspended(device) && ns.conn == C_CONNECTED && os.conn < C_CONNECTED &&
test_bit(NEW_CUR_UUID, &device->flags)) { /* Do not allow tl_restart(RESEND) for a rebooted peer. We can only allow this
for temporal network outages! */
spin_unlock_irq(&device->resource->req_lock);
drbd_err(device, "Aborting Connect, can not thaw IO with an only Consistent peer\n");
tl_clear(peer_device->connection);
drbd_uuid_new_current(device);
clear_bit(NEW_CUR_UUID, &device->flags);
conn_request_state(peer_device->connection, NS2(conn, C_PROTOCOL_ERROR, susp, 0), CS_HARD); return -EIO;
}
rv = _drbd_set_state(device, ns, cs_flags, NULL);
ns = drbd_read_state(device);
spin_unlock_irq(&device->resource->req_lock);
if (os.conn > C_WF_REPORT_PARAMS) { if (ns.conn > C_CONNECTED && peer_state.conn <= C_CONNECTED &&
peer_state.disk != D_NEGOTIATING ) { /* we want resync, peer has not yet decided to sync... */ /* Nowadays only used when forcing a node into primary role and
setting its disk to UpToDate with that */
drbd_send_uuids(peer_device);
drbd_send_current_state(peer_device);
}
}
/* Here the _drbd_uuid_ functions are right, current should
_not_ be rotated into the history */ if (get_ldev_if_state(device, D_NEGOTIATING)) {
_drbd_uuid_set(device, UI_CURRENT, be64_to_cpu(p->uuid));
_drbd_uuid_set(device, UI_BITMAP, 0UL);
/* Since we are processing the bitfield from lower addresses to higher, it does not matter if the process it in 32 bit chunks or 64 bit chunks as long as it is little endian. (Understand it as byte stream, beginning with the lowest byte...) If we would use big endian we would need to process it from the highest address to the lowest, in order to be agnostic to the 32 vs 64 bits issue.
returns 0 on failure, 1 if we successfully received it. */ staticint receive_bitmap(struct drbd_connection *connection, struct packet_info *pi)
{ struct drbd_peer_device *peer_device; struct drbd_device *device; struct bm_xfer_ctx c; int err;
drbd_bm_lock(device, "receive bitmap", BM_LOCKED_SET_ALLOWED); /* you are supposed to send additional out-of-sync information
* if you actually set bits during this phase */
staticint receive_UnplugRemote(struct drbd_connection *connection, struct packet_info *pi)
{ /* Make sure we've acked all the TCP data associated
* with the data requests being unplugged */
tcp_sock_set_quickack(connection->data.socket->sk, 2); return 0;
}
/* No put_ldev() here. Gets called in drbd_endio_write_sec_final(),
as well as drbd_rs_complete_io() */
} else {
fail:
drbd_rs_complete_io(device, sector);
drbd_send_ack_ex(peer_device, P_NEG_ACK, sector, size, ID_SYNCER);
}
atomic_add(size >> 9, &device->rs_sect_in);
return err;
}
struct data_cmd { int expect_payload; unsignedint pkt_size; int (*fn)(struct drbd_connection *, struct packet_info *);
};
/* We are about to start the cleanup after connection loss. * Make sure drbd_make_request knows about that. * Usually we should be in some network failure state already, * but just in case we are not, we fix it up here.
*/
conn_request_state(connection, NS(conn, C_NETWORK_FAILURE), CS_HARD);
/* ack_receiver does not clean up anything. it must not interfere, either */
drbd_thread_stop(&connection->ack_receiver); if (connection->ack_sender) {
destroy_workqueue(connection->ack_sender);
connection->ack_sender = NULL;
}
drbd_free_sock(connection);
if (!list_empty(&connection->current_epoch->list))
drbd_err(connection, "ASSERTION FAILED: connection->current_epoch->list not empty\n"); /* ok, no more ee's on the fly, it is safe to reset the epoch_size */
atomic_set(&connection->current_epoch->epoch_size, 0);
connection->send.seen_any_write_yet = false;
drbd_info(connection, "Connection closed\n");
if (conn_highest_role(connection) == R_PRIMARY && conn_highest_pdsk(connection) >= D_UNKNOWN)
conn_try_outdate_peer_async(connection);
/* wait for current activity to cease. */
spin_lock_irq(&device->resource->req_lock);
_drbd_wait_ee_list_empty(device, &device->active_ee);
_drbd_wait_ee_list_empty(device, &device->sync_ee);
_drbd_wait_ee_list_empty(device, &device->read_ee);
spin_unlock_irq(&device->resource->req_lock);
/* We do not have data structures that would allow us to * get the rs_pending_cnt down to 0 again. * * On C_SYNC_TARGET we do not have any data structures describing * the pending RSDataRequest's we have sent. * * On C_SYNC_SOURCE there is no data structure that tracks * the P_RS_DATA_REPLY blocks that we sent to the SyncTarget. * And no, it is not the sum of the reference counts in the * resync_LRU. The resync_LRU tracks the whole operation including * the disk-IO, while the rs_pending_cnt only tracks the blocks
* on the fly. */
drbd_rs_cancel_all(device);
device->rs_total = 0;
device->rs_failed = 0;
atomic_set(&device->rs_pending_cnt, 0);
wake_up(&device->misc_wait);
/* wait for all w_e_end_data_req, w_e_end_rsdata_req, w_send_barrier, * w_make_resync_request etc. which may still be on the worker queue
* to be "canceled" */
drbd_flush_workqueue(&peer_device->connection->sender_work);
drbd_finish_peer_reqs(device);
/* This second workqueue flush is necessary, since drbd_finish_peer_reqs() might have issued a work again. The one before drbd_finish_peer_reqs() is
necessary to reclain net_ee in drbd_finish_peer_reqs(). */
drbd_flush_workqueue(&peer_device->connection->sender_work);
/* need to do it again, drbd_finish_peer_reqs() may have populated it
* again via drbd_try_clear_on_disk_bm(). */
drbd_rs_cancel_all(device);
kfree(device->p_uuid);
device->p_uuid = NULL;
if (!drbd_suspended(device))
tl_clear(peer_device->connection);
drbd_md_sync(device);
if (get_ldev(device)) {
drbd_bitmap_io(device, &drbd_bm_write_copy_pages, "write from disconnected", BM_LOCKED_CHANGE_ALLOWED, NULL);
put_ldev(device);
}
i = atomic_read(&device->pp_in_use_by_net); if (i)
drbd_info(device, "pp_in_use_by_net = %d, expected 0\n", i);
i = atomic_read(&device->pp_in_use); if (i)
drbd_info(device, "pp_in_use = %d, expected 0\n", i);
/* * We support PRO_VERSION_MIN to PRO_VERSION_MAX. The protocol version * we can agree on is stored in agreed_pro_version. * * feature flags and the reserved array should be enough room for future * enhancements of the handshake protocol, and possible plugins... * * for now, they are expected to be zero, but ignored.
*/ staticint drbd_send_features(struct drbd_connection *connection)
{ struct drbd_socket *sock; struct p_connection_features *p;
/* * return values: * 1 yes, we have a valid connection * 0 oops, did not work out, please try again * -1 peer talks different language, * no point in trying again, please go standalone.
*/ staticint drbd_do_features(struct drbd_connection *connection)
{ /* ASSERT current == connection->receiver ... */ struct p_connection_features *p; constint expect = sizeof(struct p_connection_features); struct packet_info pi; int err;
err = drbd_send_features(connection); if (err) return 0;
err = drbd_recv_header(connection, &pi); if (err) return 0;
if (p->block_id == ID_SYNCER) {
drbd_set_in_sync(peer_device, sector, blksize);
dec_rs_pending(peer_device); return 0;
} switch (pi->cmd) { case P_RS_WRITE_ACK:
what = WRITE_ACKED_BY_PEER_AND_SIS; break; case P_WRITE_ACK:
what = WRITE_ACKED_BY_PEER; break; case P_RECV_ACK:
what = RECV_ACKED_BY_PEER; break; case P_SUPERSEDED:
what = CONFLICT_RESOLVED; break; case P_RETRY_WRITE:
what = POSTPONE_WRITE; break; default:
BUG();
}
err = validate_req_change_req_state(peer_device, p->block_id, sector,
&device->write_requests, __func__,
NEG_ACKED, true); if (err) { /* Protocol A has no P_WRITE_ACKs, but has P_NEG_ACKs. The master bio might already be completed, therefore the
request is no longer in the collision hash. */ /* In Protocol B we might already have got a P_RECV_ACK
but then get a P_NEG_ACK afterwards. */
drbd_set_out_of_sync(peer_device, sector, size);
} return 0;
}
/* let's advance progress step marks only for every other megabyte */ if ((device->ov_left & 0x200) == 0x200)
drbd_advance_rs_marks(peer_device, device->ov_left);
/* Note: * -EINTR (on meta) we got a signal * -EAGAIN (on meta) rcvtimeo expired * -ECONNRESET other side closed the connection * -ERESTARTSYS (on data) we got a signal * rv < 0 other than above: unexpected error! * rv == expected: full header or command * rv < expected: "woken" by signal during receive * rv == 0 : "connection shut down by peer"
*/ if (likely(rv > 0)) {
received += rv;
buf += rv;
} elseif (rv == 0) { if (test_bit(DISCONNECT_SENT, &connection->flags)) { long t;
rcu_read_lock();
t = rcu_dereference(connection->net_conf)->ping_timeo * HZ/10;
rcu_read_unlock();
t = wait_event_timeout(connection->ping_wait,
connection->cstate < C_WF_REPORT_PARAMS,
t); if (t) break;
}
drbd_err(connection, "meta connection shut down by peer.\n"); goto reconnect;
} elseif (rv == -EAGAIN) { /* If the data socket received something meanwhile,
* that is good enough: peer is still alive. */ if (time_after(connection->last_received, pre_recv_jif)) continue; if (ping_timeout_active) {
drbd_err(connection, "PingAck did not arrive in time.\n"); goto reconnect;
}
set_bit(SEND_PING, &connection->flags); continue;
} elseif (rv == -EINTR) { /* maybe drbd_thread_stop(): the while condition will notice. * maybe woken for send_ping: we'll send a ping above,
* and change the rcvtimeo */
flush_signals(current); continue;
} else {
drbd_err(connection, "sock_recvmsg returned %d\n", rv); goto reconnect;
}
if (received == expect && cmd == NULL) { if (decode_header(connection, connection->meta.rbuf, &pi)) goto reconnect;
cmd = &ack_receiver_tbl[pi.cmd]; if (pi.cmd >= ARRAY_SIZE(ack_receiver_tbl) || !cmd->fn) {
drbd_err(connection, "Unexpected meta packet %s (0x%04x)\n",
cmdname(pi.cmd), pi.cmd); goto disconnect;
}
expect = header_size + cmd->pkt_size; if (pi.size != expect - header_size) {
drbd_err(connection, "Wrong packet size on meta (c: %d, l: %d)\n",
pi.cmd, pi.size); goto reconnect;
}
} if (received == expect) { bool err;
if (tcp_cork)
tcp_sock_set_cork(connection->meta.socket->sk, true);
err = drbd_finish_peer_reqs(device);
kref_put(&device->kref, drbd_destroy_device); /* get is in drbd_endio_write_sec_final(). That is necessary to keep the
struct work_struct send_acks_work alive, which is in the peer_device object */
if (err) {
conn_request_state(connection, NS(conn, C_NETWORK_FAILURE), CS_HARD); return;
}
if (tcp_cork)
tcp_sock_set_cork(connection->meta.socket->sk, false);
return;
}
Messung V0.5 in Prozent
¤ Dauer der Verarbeitung: 0.108 Sekunden
(vorverarbeitet am 2026-04-28)
¤
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung und die Messung sind noch experimentell.
