dsl_pool.c revision 271435
1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21/* 22 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. 23 * Copyright (c) 2011, 2014 by Delphix. All rights reserved. 24 * Copyright (c) 2013 Steven Hartland. All rights reserved. 25 */ 26 27#include <sys/dsl_pool.h> 28#include <sys/dsl_dataset.h> 29#include <sys/dsl_prop.h> 30#include <sys/dsl_dir.h> 31#include <sys/dsl_synctask.h> 32#include <sys/dsl_scan.h> 33#include <sys/dnode.h> 34#include <sys/dmu_tx.h> 35#include <sys/dmu_objset.h> 36#include <sys/arc.h> 37#include <sys/zap.h> 38#include <sys/zio.h> 39#include <sys/zfs_context.h> 40#include <sys/fs/zfs.h> 41#include <sys/zfs_znode.h> 42#include <sys/spa_impl.h> 43#include <sys/dsl_deadlist.h> 44#include <sys/bptree.h> 45#include <sys/zfeature.h> 46#include <sys/zil_impl.h> 47#include <sys/dsl_userhold.h> 48 49#ifdef __FreeBSD__ 50#include <sys/sysctl.h> 51#include <sys/types.h> 52#endif 53 54/* 55 * ZFS Write Throttle 56 * ------------------ 57 * 58 * ZFS must limit the rate of incoming writes to the rate at which it is able 59 * to sync data modifications to the backend storage. Throttling by too much 60 * creates an artificial limit; throttling by too little can only be sustained 61 * for short periods and would lead to highly lumpy performance. On a per-pool 62 * basis, ZFS tracks the amount of modified (dirty) data. As operations change 63 * data, the amount of dirty data increases; as ZFS syncs out data, the amount 64 * of dirty data decreases. When the amount of dirty data exceeds a 65 * predetermined threshold further modifications are blocked until the amount 66 * of dirty data decreases (as data is synced out). 67 * 68 * The limit on dirty data is tunable, and should be adjusted according to 69 * both the IO capacity and available memory of the system. The larger the 70 * window, the more ZFS is able to aggregate and amortize metadata (and data) 71 * changes. However, memory is a limited resource, and allowing for more dirty 72 * data comes at the cost of keeping other useful data in memory (for example 73 * ZFS data cached by the ARC). 74 * 75 * Implementation 76 * 77 * As buffers are modified dsl_pool_willuse_space() increments both the per- 78 * txg (dp_dirty_pertxg[]) and poolwide (dp_dirty_total) accounting of 79 * dirty space used; dsl_pool_dirty_space() decrements those values as data 80 * is synced out from dsl_pool_sync(). While only the poolwide value is 81 * relevant, the per-txg value is useful for debugging. The tunable 82 * zfs_dirty_data_max determines the dirty space limit. Once that value is 83 * exceeded, new writes are halted until space frees up. 84 * 85 * The zfs_dirty_data_sync tunable dictates the threshold at which we 86 * ensure that there is a txg syncing (see the comment in txg.c for a full 87 * description of transaction group stages). 88 * 89 * The IO scheduler uses both the dirty space limit and current amount of 90 * dirty data as inputs. Those values affect the number of concurrent IOs ZFS 91 * issues. See the comment in vdev_queue.c for details of the IO scheduler. 92 * 93 * The delay is also calculated based on the amount of dirty data. See the 94 * comment above dmu_tx_delay() for details. 95 */ 96 97/* 98 * zfs_dirty_data_max will be set to zfs_dirty_data_max_percent% of all memory, 99 * capped at zfs_dirty_data_max_max. It can also be overridden in /etc/system. 100 */ 101uint64_t zfs_dirty_data_max; 102uint64_t zfs_dirty_data_max_max = 4ULL * 1024 * 1024 * 1024; 103int zfs_dirty_data_max_percent = 10; 104 105/* 106 * If there is at least this much dirty data, push out a txg. 107 */ 108uint64_t zfs_dirty_data_sync = 64 * 1024 * 1024; 109 110/* 111 * Once there is this amount of dirty data, the dmu_tx_delay() will kick in 112 * and delay each transaction. 113 * This value should be >= zfs_vdev_async_write_active_max_dirty_percent. 114 */ 115int zfs_delay_min_dirty_percent = 60; 116 117/* 118 * This controls how quickly the delay approaches infinity. 119 * Larger values cause it to delay less for a given amount of dirty data. 120 * Therefore larger values will cause there to be more dirty data for a 121 * given throughput. 122 * 123 * For the smoothest delay, this value should be about 1 billion divided 124 * by the maximum number of operations per second. This will smoothly 125 * handle between 10x and 1/10th this number. 126 * 127 * Note: zfs_delay_scale * zfs_dirty_data_max must be < 2^64, due to the 128 * multiply in dmu_tx_delay(). 129 */ 130uint64_t zfs_delay_scale = 1000 * 1000 * 1000 / 2000; 131 132 133/* 134 * XXX someday maybe turn these into #defines, and you have to tune it on a 135 * per-pool basis using zfs.conf. 136 */ 137 138#ifdef __FreeBSD__ 139 140extern int zfs_vdev_async_write_active_max_dirty_percent; 141 142SYSCTL_DECL(_vfs_zfs); 143 144TUNABLE_QUAD("vfs.zfs.dirty_data_max", &zfs_dirty_data_max); 145SYSCTL_UQUAD(_vfs_zfs, OID_AUTO, dirty_data_max, CTLFLAG_RWTUN, 146 &zfs_dirty_data_max, 0, 147 "The maximum amount of dirty data in bytes after which new writes are " 148 "halted until space becomes available"); 149 150TUNABLE_QUAD("vfs.zfs.dirty_data_max_max", &zfs_dirty_data_max_max); 151SYSCTL_UQUAD(_vfs_zfs, OID_AUTO, dirty_data_max_max, CTLFLAG_RDTUN, 152 &zfs_dirty_data_max_max, 0, 153 "The absolute cap on dirty_data_max when auto calculating"); 154 155TUNABLE_INT("vfs.zfs.dirty_data_max_percent", &zfs_dirty_data_max_percent); 156SYSCTL_INT(_vfs_zfs, OID_AUTO, dirty_data_max_percent, CTLFLAG_RDTUN, 157 &zfs_dirty_data_max_percent, 0, 158 "The percent of physical memory used to auto calculate dirty_data_max"); 159 160TUNABLE_QUAD("vfs.zfs.dirty_data_sync", &zfs_dirty_data_sync); 161SYSCTL_UQUAD(_vfs_zfs, OID_AUTO, dirty_data_sync, CTLFLAG_RWTUN, 162 &zfs_dirty_data_sync, 0, 163 "Force a txg if the number of dirty buffer bytes exceed this value"); 164 165static int sysctl_zfs_delay_min_dirty_percent(SYSCTL_HANDLER_ARGS); 166/* No zfs_delay_min_dirty_percent tunable due to limit requirements */ 167SYSCTL_PROC(_vfs_zfs, OID_AUTO, delay_min_dirty_percent, 168 CTLTYPE_INT | CTLFLAG_MPSAFE | CTLFLAG_RW, 0, sizeof(int), 169 sysctl_zfs_delay_min_dirty_percent, "I", 170 "The limit of outstanding dirty data before transations are delayed"); 171 172static int sysctl_zfs_delay_scale(SYSCTL_HANDLER_ARGS); 173/* No zfs_delay_scale tunable due to limit requirements */ 174SYSCTL_PROC(_vfs_zfs, OID_AUTO, delay_scale, 175 CTLTYPE_U64 | CTLFLAG_MPSAFE | CTLFLAG_RW, 0, sizeof(uint64_t), 176 sysctl_zfs_delay_scale, "QU", 177 "Controls how quickly the delay approaches infinity"); 178 179static int 180sysctl_zfs_delay_min_dirty_percent(SYSCTL_HANDLER_ARGS) 181{ 182 int val, err; 183 184 val = zfs_delay_min_dirty_percent; 185 err = sysctl_handle_int(oidp, &val, 0, req); 186 if (err != 0 || req->newptr == NULL) 187 return (err); 188 189 if (val < zfs_vdev_async_write_active_max_dirty_percent) 190 return (EINVAL); 191 192 zfs_delay_min_dirty_percent = val; 193 194 return (0); 195} 196 197static int 198sysctl_zfs_delay_scale(SYSCTL_HANDLER_ARGS) 199{ 200 uint64_t val; 201 int err; 202 203 val = zfs_delay_scale; 204 err = sysctl_handle_64(oidp, &val, 0, req); 205 if (err != 0 || req->newptr == NULL) 206 return (err); 207 208 if (val > UINT64_MAX / zfs_dirty_data_max) 209 return (EINVAL); 210 211 zfs_delay_scale = val; 212 213 return (0); 214} 215#endif 216 217hrtime_t zfs_throttle_delay = MSEC2NSEC(10); 218hrtime_t zfs_throttle_resolution = MSEC2NSEC(10); 219 220int 221dsl_pool_open_special_dir(dsl_pool_t *dp, const char *name, dsl_dir_t **ddp) 222{ 223 uint64_t obj; 224 int err; 225 226 err = zap_lookup(dp->dp_meta_objset, 227 dp->dp_root_dir->dd_phys->dd_child_dir_zapobj, 228 name, sizeof (obj), 1, &obj); 229 if (err) 230 return (err); 231 232 return (dsl_dir_hold_obj(dp, obj, name, dp, ddp)); 233} 234 235static dsl_pool_t * 236dsl_pool_open_impl(spa_t *spa, uint64_t txg) 237{ 238 dsl_pool_t *dp; 239 blkptr_t *bp = spa_get_rootblkptr(spa); 240 241 dp = kmem_zalloc(sizeof (dsl_pool_t), KM_SLEEP); 242 dp->dp_spa = spa; 243 dp->dp_meta_rootbp = *bp; 244 rrw_init(&dp->dp_config_rwlock, B_TRUE); 245 txg_init(dp, txg); 246 247 txg_list_create(&dp->dp_dirty_datasets, 248 offsetof(dsl_dataset_t, ds_dirty_link)); 249 txg_list_create(&dp->dp_dirty_zilogs, 250 offsetof(zilog_t, zl_dirty_link)); 251 txg_list_create(&dp->dp_dirty_dirs, 252 offsetof(dsl_dir_t, dd_dirty_link)); 253 txg_list_create(&dp->dp_sync_tasks, 254 offsetof(dsl_sync_task_t, dst_node)); 255 256 mutex_init(&dp->dp_lock, NULL, MUTEX_DEFAULT, NULL); 257 cv_init(&dp->dp_spaceavail_cv, NULL, CV_DEFAULT, NULL); 258 259 dp->dp_vnrele_taskq = taskq_create("zfs_vn_rele_taskq", 1, minclsyspri, 260 1, 4, 0); 261 262 return (dp); 263} 264 265int 266dsl_pool_init(spa_t *spa, uint64_t txg, dsl_pool_t **dpp) 267{ 268 int err; 269 dsl_pool_t *dp = dsl_pool_open_impl(spa, txg); 270 271 err = dmu_objset_open_impl(spa, NULL, &dp->dp_meta_rootbp, 272 &dp->dp_meta_objset); 273 if (err != 0) 274 dsl_pool_close(dp); 275 else 276 *dpp = dp; 277 278 return (err); 279} 280 281int 282dsl_pool_open(dsl_pool_t *dp) 283{ 284 int err; 285 dsl_dir_t *dd; 286 dsl_dataset_t *ds; 287 uint64_t obj; 288 289 rrw_enter(&dp->dp_config_rwlock, RW_WRITER, FTAG); 290 err = zap_lookup(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT, 291 DMU_POOL_ROOT_DATASET, sizeof (uint64_t), 1, 292 &dp->dp_root_dir_obj); 293 if (err) 294 goto out; 295 296 err = dsl_dir_hold_obj(dp, dp->dp_root_dir_obj, 297 NULL, dp, &dp->dp_root_dir); 298 if (err) 299 goto out; 300 301 err = dsl_pool_open_special_dir(dp, MOS_DIR_NAME, &dp->dp_mos_dir); 302 if (err) 303 goto out; 304 305 if (spa_version(dp->dp_spa) >= SPA_VERSION_ORIGIN) { 306 err = dsl_pool_open_special_dir(dp, ORIGIN_DIR_NAME, &dd); 307 if (err) 308 goto out; 309 err = dsl_dataset_hold_obj(dp, dd->dd_phys->dd_head_dataset_obj, 310 FTAG, &ds); 311 if (err == 0) { 312 err = dsl_dataset_hold_obj(dp, 313 ds->ds_phys->ds_prev_snap_obj, dp, 314 &dp->dp_origin_snap); 315 dsl_dataset_rele(ds, FTAG); 316 } 317 dsl_dir_rele(dd, dp); 318 if (err) 319 goto out; 320 } 321 322 if (spa_version(dp->dp_spa) >= SPA_VERSION_DEADLISTS) { 323 err = dsl_pool_open_special_dir(dp, FREE_DIR_NAME, 324 &dp->dp_free_dir); 325 if (err) 326 goto out; 327 328 err = zap_lookup(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT, 329 DMU_POOL_FREE_BPOBJ, sizeof (uint64_t), 1, &obj); 330 if (err) 331 goto out; 332 VERIFY0(bpobj_open(&dp->dp_free_bpobj, 333 dp->dp_meta_objset, obj)); 334 } 335 336 /* 337 * Note: errors ignored, because the leak dir will not exist if we 338 * have not encountered a leak yet. 339 */ 340 (void) dsl_pool_open_special_dir(dp, LEAK_DIR_NAME, 341 &dp->dp_leak_dir); 342 343 if (spa_feature_is_active(dp->dp_spa, SPA_FEATURE_ASYNC_DESTROY)) { 344 err = zap_lookup(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT, 345 DMU_POOL_BPTREE_OBJ, sizeof (uint64_t), 1, 346 &dp->dp_bptree_obj); 347 if (err != 0) 348 goto out; 349 } 350 351 if (spa_feature_is_active(dp->dp_spa, SPA_FEATURE_EMPTY_BPOBJ)) { 352 err = zap_lookup(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT, 353 DMU_POOL_EMPTY_BPOBJ, sizeof (uint64_t), 1, 354 &dp->dp_empty_bpobj); 355 if (err != 0) 356 goto out; 357 } 358 359 err = zap_lookup(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT, 360 DMU_POOL_TMP_USERREFS, sizeof (uint64_t), 1, 361 &dp->dp_tmp_userrefs_obj); 362 if (err == ENOENT) 363 err = 0; 364 if (err) 365 goto out; 366 367 err = dsl_scan_init(dp, dp->dp_tx.tx_open_txg); 368 369out: 370 rrw_exit(&dp->dp_config_rwlock, FTAG); 371 return (err); 372} 373 374void 375dsl_pool_close(dsl_pool_t *dp) 376{ 377 /* 378 * Drop our references from dsl_pool_open(). 379 * 380 * Since we held the origin_snap from "syncing" context (which 381 * includes pool-opening context), it actually only got a "ref" 382 * and not a hold, so just drop that here. 383 */ 384 if (dp->dp_origin_snap) 385 dsl_dataset_rele(dp->dp_origin_snap, dp); 386 if (dp->dp_mos_dir) 387 dsl_dir_rele(dp->dp_mos_dir, dp); 388 if (dp->dp_free_dir) 389 dsl_dir_rele(dp->dp_free_dir, dp); 390 if (dp->dp_leak_dir) 391 dsl_dir_rele(dp->dp_leak_dir, dp); 392 if (dp->dp_root_dir) 393 dsl_dir_rele(dp->dp_root_dir, dp); 394 395 bpobj_close(&dp->dp_free_bpobj); 396 397 /* undo the dmu_objset_open_impl(mos) from dsl_pool_open() */ 398 if (dp->dp_meta_objset) 399 dmu_objset_evict(dp->dp_meta_objset); 400 401 txg_list_destroy(&dp->dp_dirty_datasets); 402 txg_list_destroy(&dp->dp_dirty_zilogs); 403 txg_list_destroy(&dp->dp_sync_tasks); 404 txg_list_destroy(&dp->dp_dirty_dirs); 405 406 arc_flush(dp->dp_spa); 407 txg_fini(dp); 408 dsl_scan_fini(dp); 409 rrw_destroy(&dp->dp_config_rwlock); 410 mutex_destroy(&dp->dp_lock); 411 taskq_destroy(dp->dp_vnrele_taskq); 412 if (dp->dp_blkstats) 413 kmem_free(dp->dp_blkstats, sizeof (zfs_all_blkstats_t)); 414 kmem_free(dp, sizeof (dsl_pool_t)); 415} 416 417dsl_pool_t * 418dsl_pool_create(spa_t *spa, nvlist_t *zplprops, uint64_t txg) 419{ 420 int err; 421 dsl_pool_t *dp = dsl_pool_open_impl(spa, txg); 422 dmu_tx_t *tx = dmu_tx_create_assigned(dp, txg); 423 objset_t *os; 424 dsl_dataset_t *ds; 425 uint64_t obj; 426 427 rrw_enter(&dp->dp_config_rwlock, RW_WRITER, FTAG); 428 429 /* create and open the MOS (meta-objset) */ 430 dp->dp_meta_objset = dmu_objset_create_impl(spa, 431 NULL, &dp->dp_meta_rootbp, DMU_OST_META, tx); 432 433 /* create the pool directory */ 434 err = zap_create_claim(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT, 435 DMU_OT_OBJECT_DIRECTORY, DMU_OT_NONE, 0, tx); 436 ASSERT0(err); 437 438 /* Initialize scan structures */ 439 VERIFY0(dsl_scan_init(dp, txg)); 440 441 /* create and open the root dir */ 442 dp->dp_root_dir_obj = dsl_dir_create_sync(dp, NULL, NULL, tx); 443 VERIFY0(dsl_dir_hold_obj(dp, dp->dp_root_dir_obj, 444 NULL, dp, &dp->dp_root_dir)); 445 446 /* create and open the meta-objset dir */ 447 (void) dsl_dir_create_sync(dp, dp->dp_root_dir, MOS_DIR_NAME, tx); 448 VERIFY0(dsl_pool_open_special_dir(dp, 449 MOS_DIR_NAME, &dp->dp_mos_dir)); 450 451 if (spa_version(spa) >= SPA_VERSION_DEADLISTS) { 452 /* create and open the free dir */ 453 (void) dsl_dir_create_sync(dp, dp->dp_root_dir, 454 FREE_DIR_NAME, tx); 455 VERIFY0(dsl_pool_open_special_dir(dp, 456 FREE_DIR_NAME, &dp->dp_free_dir)); 457 458 /* create and open the free_bplist */ 459 obj = bpobj_alloc(dp->dp_meta_objset, SPA_MAXBLOCKSIZE, tx); 460 VERIFY(zap_add(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT, 461 DMU_POOL_FREE_BPOBJ, sizeof (uint64_t), 1, &obj, tx) == 0); 462 VERIFY0(bpobj_open(&dp->dp_free_bpobj, 463 dp->dp_meta_objset, obj)); 464 } 465 466 if (spa_version(spa) >= SPA_VERSION_DSL_SCRUB) 467 dsl_pool_create_origin(dp, tx); 468 469 /* create the root dataset */ 470 obj = dsl_dataset_create_sync_dd(dp->dp_root_dir, NULL, 0, tx); 471 472 /* create the root objset */ 473 VERIFY0(dsl_dataset_hold_obj(dp, obj, FTAG, &ds)); 474 os = dmu_objset_create_impl(dp->dp_spa, ds, 475 dsl_dataset_get_blkptr(ds), DMU_OST_ZFS, tx); 476#ifdef _KERNEL 477 zfs_create_fs(os, kcred, zplprops, tx); 478#endif 479 dsl_dataset_rele(ds, FTAG); 480 481 dmu_tx_commit(tx); 482 483 rrw_exit(&dp->dp_config_rwlock, FTAG); 484 485 return (dp); 486} 487 488/* 489 * Account for the meta-objset space in its placeholder dsl_dir. 490 */ 491void 492dsl_pool_mos_diduse_space(dsl_pool_t *dp, 493 int64_t used, int64_t comp, int64_t uncomp) 494{ 495 ASSERT3U(comp, ==, uncomp); /* it's all metadata */ 496 mutex_enter(&dp->dp_lock); 497 dp->dp_mos_used_delta += used; 498 dp->dp_mos_compressed_delta += comp; 499 dp->dp_mos_uncompressed_delta += uncomp; 500 mutex_exit(&dp->dp_lock); 501} 502 503static int 504deadlist_enqueue_cb(void *arg, const blkptr_t *bp, dmu_tx_t *tx) 505{ 506 dsl_deadlist_t *dl = arg; 507 dsl_deadlist_insert(dl, bp, tx); 508 return (0); 509} 510 511static void 512dsl_pool_sync_mos(dsl_pool_t *dp, dmu_tx_t *tx) 513{ 514 zio_t *zio = zio_root(dp->dp_spa, NULL, NULL, ZIO_FLAG_MUSTSUCCEED); 515 dmu_objset_sync(dp->dp_meta_objset, zio, tx); 516 VERIFY0(zio_wait(zio)); 517 dprintf_bp(&dp->dp_meta_rootbp, "meta objset rootbp is %s", ""); 518 spa_set_rootblkptr(dp->dp_spa, &dp->dp_meta_rootbp); 519} 520 521static void 522dsl_pool_dirty_delta(dsl_pool_t *dp, int64_t delta) 523{ 524 ASSERT(MUTEX_HELD(&dp->dp_lock)); 525 526 if (delta < 0) 527 ASSERT3U(-delta, <=, dp->dp_dirty_total); 528 529 dp->dp_dirty_total += delta; 530 531 /* 532 * Note: we signal even when increasing dp_dirty_total. 533 * This ensures forward progress -- each thread wakes the next waiter. 534 */ 535 if (dp->dp_dirty_total <= zfs_dirty_data_max) 536 cv_signal(&dp->dp_spaceavail_cv); 537} 538 539void 540dsl_pool_sync(dsl_pool_t *dp, uint64_t txg) 541{ 542 zio_t *zio; 543 dmu_tx_t *tx; 544 dsl_dir_t *dd; 545 dsl_dataset_t *ds; 546 objset_t *mos = dp->dp_meta_objset; 547 list_t synced_datasets; 548 549 list_create(&synced_datasets, sizeof (dsl_dataset_t), 550 offsetof(dsl_dataset_t, ds_synced_link)); 551 552 tx = dmu_tx_create_assigned(dp, txg); 553 554 /* 555 * Write out all dirty blocks of dirty datasets. 556 */ 557 zio = zio_root(dp->dp_spa, NULL, NULL, ZIO_FLAG_MUSTSUCCEED); 558 while ((ds = txg_list_remove(&dp->dp_dirty_datasets, txg)) != NULL) { 559 /* 560 * We must not sync any non-MOS datasets twice, because 561 * we may have taken a snapshot of them. However, we 562 * may sync newly-created datasets on pass 2. 563 */ 564 ASSERT(!list_link_active(&ds->ds_synced_link)); 565 list_insert_tail(&synced_datasets, ds); 566 dsl_dataset_sync(ds, zio, tx); 567 } 568 VERIFY0(zio_wait(zio)); 569 570 /* 571 * We have written all of the accounted dirty data, so our 572 * dp_space_towrite should now be zero. However, some seldom-used 573 * code paths do not adhere to this (e.g. dbuf_undirty(), also 574 * rounding error in dbuf_write_physdone). 575 * Shore up the accounting of any dirtied space now. 576 */ 577 dsl_pool_undirty_space(dp, dp->dp_dirty_pertxg[txg & TXG_MASK], txg); 578 579 /* 580 * After the data blocks have been written (ensured by the zio_wait() 581 * above), update the user/group space accounting. 582 */ 583 for (ds = list_head(&synced_datasets); ds != NULL; 584 ds = list_next(&synced_datasets, ds)) { 585 dmu_objset_do_userquota_updates(ds->ds_objset, tx); 586 } 587 588 /* 589 * Sync the datasets again to push out the changes due to 590 * userspace updates. This must be done before we process the 591 * sync tasks, so that any snapshots will have the correct 592 * user accounting information (and we won't get confused 593 * about which blocks are part of the snapshot). 594 */ 595 zio = zio_root(dp->dp_spa, NULL, NULL, ZIO_FLAG_MUSTSUCCEED); 596 while ((ds = txg_list_remove(&dp->dp_dirty_datasets, txg)) != NULL) { 597 ASSERT(list_link_active(&ds->ds_synced_link)); 598 dmu_buf_rele(ds->ds_dbuf, ds); 599 dsl_dataset_sync(ds, zio, tx); 600 } 601 VERIFY0(zio_wait(zio)); 602 603 /* 604 * Now that the datasets have been completely synced, we can 605 * clean up our in-memory structures accumulated while syncing: 606 * 607 * - move dead blocks from the pending deadlist to the on-disk deadlist 608 * - release hold from dsl_dataset_dirty() 609 */ 610 while ((ds = list_remove_head(&synced_datasets)) != NULL) { 611 objset_t *os = ds->ds_objset; 612 bplist_iterate(&ds->ds_pending_deadlist, 613 deadlist_enqueue_cb, &ds->ds_deadlist, tx); 614 ASSERT(!dmu_objset_is_dirty(os, txg)); 615 dmu_buf_rele(ds->ds_dbuf, ds); 616 } 617 while ((dd = txg_list_remove(&dp->dp_dirty_dirs, txg)) != NULL) { 618 dsl_dir_sync(dd, tx); 619 } 620 621 /* 622 * The MOS's space is accounted for in the pool/$MOS 623 * (dp_mos_dir). We can't modify the mos while we're syncing 624 * it, so we remember the deltas and apply them here. 625 */ 626 if (dp->dp_mos_used_delta != 0 || dp->dp_mos_compressed_delta != 0 || 627 dp->dp_mos_uncompressed_delta != 0) { 628 dsl_dir_diduse_space(dp->dp_mos_dir, DD_USED_HEAD, 629 dp->dp_mos_used_delta, 630 dp->dp_mos_compressed_delta, 631 dp->dp_mos_uncompressed_delta, tx); 632 dp->dp_mos_used_delta = 0; 633 dp->dp_mos_compressed_delta = 0; 634 dp->dp_mos_uncompressed_delta = 0; 635 } 636 637 if (list_head(&mos->os_dirty_dnodes[txg & TXG_MASK]) != NULL || 638 list_head(&mos->os_free_dnodes[txg & TXG_MASK]) != NULL) { 639 dsl_pool_sync_mos(dp, tx); 640 } 641 642 /* 643 * If we modify a dataset in the same txg that we want to destroy it, 644 * its dsl_dir's dd_dbuf will be dirty, and thus have a hold on it. 645 * dsl_dir_destroy_check() will fail if there are unexpected holds. 646 * Therefore, we want to sync the MOS (thus syncing the dd_dbuf 647 * and clearing the hold on it) before we process the sync_tasks. 648 * The MOS data dirtied by the sync_tasks will be synced on the next 649 * pass. 650 */ 651 if (!txg_list_empty(&dp->dp_sync_tasks, txg)) { 652 dsl_sync_task_t *dst; 653 /* 654 * No more sync tasks should have been added while we 655 * were syncing. 656 */ 657 ASSERT3U(spa_sync_pass(dp->dp_spa), ==, 1); 658 while ((dst = txg_list_remove(&dp->dp_sync_tasks, txg)) != NULL) 659 dsl_sync_task_sync(dst, tx); 660 } 661 662 dmu_tx_commit(tx); 663 664 DTRACE_PROBE2(dsl_pool_sync__done, dsl_pool_t *dp, dp, uint64_t, txg); 665} 666 667void 668dsl_pool_sync_done(dsl_pool_t *dp, uint64_t txg) 669{ 670 zilog_t *zilog; 671 672 while (zilog = txg_list_remove(&dp->dp_dirty_zilogs, txg)) { 673 dsl_dataset_t *ds = dmu_objset_ds(zilog->zl_os); 674 zil_clean(zilog, txg); 675 ASSERT(!dmu_objset_is_dirty(zilog->zl_os, txg)); 676 dmu_buf_rele(ds->ds_dbuf, zilog); 677 } 678 ASSERT(!dmu_objset_is_dirty(dp->dp_meta_objset, txg)); 679} 680 681/* 682 * TRUE if the current thread is the tx_sync_thread or if we 683 * are being called from SPA context during pool initialization. 684 */ 685int 686dsl_pool_sync_context(dsl_pool_t *dp) 687{ 688 return (curthread == dp->dp_tx.tx_sync_thread || 689 spa_is_initializing(dp->dp_spa)); 690} 691 692uint64_t 693dsl_pool_adjustedsize(dsl_pool_t *dp, boolean_t netfree) 694{ 695 uint64_t space, resv; 696 697 /* 698 * If we're trying to assess whether it's OK to do a free, 699 * cut the reservation in half to allow forward progress 700 * (e.g. make it possible to rm(1) files from a full pool). 701 */ 702 space = spa_get_dspace(dp->dp_spa); 703 resv = spa_get_slop_space(dp->dp_spa); 704 if (netfree) 705 resv >>= 1; 706 707 return (space - resv); 708} 709 710boolean_t 711dsl_pool_need_dirty_delay(dsl_pool_t *dp) 712{ 713 uint64_t delay_min_bytes = 714 zfs_dirty_data_max * zfs_delay_min_dirty_percent / 100; 715 boolean_t rv; 716 717 mutex_enter(&dp->dp_lock); 718 if (dp->dp_dirty_total > zfs_dirty_data_sync) 719 txg_kick(dp); 720 rv = (dp->dp_dirty_total > delay_min_bytes); 721 mutex_exit(&dp->dp_lock); 722 return (rv); 723} 724 725void 726dsl_pool_dirty_space(dsl_pool_t *dp, int64_t space, dmu_tx_t *tx) 727{ 728 if (space > 0) { 729 mutex_enter(&dp->dp_lock); 730 dp->dp_dirty_pertxg[tx->tx_txg & TXG_MASK] += space; 731 dsl_pool_dirty_delta(dp, space); 732 mutex_exit(&dp->dp_lock); 733 } 734} 735 736void 737dsl_pool_undirty_space(dsl_pool_t *dp, int64_t space, uint64_t txg) 738{ 739 ASSERT3S(space, >=, 0); 740 if (space == 0) 741 return; 742 mutex_enter(&dp->dp_lock); 743 if (dp->dp_dirty_pertxg[txg & TXG_MASK] < space) { 744 /* XXX writing something we didn't dirty? */ 745 space = dp->dp_dirty_pertxg[txg & TXG_MASK]; 746 } 747 ASSERT3U(dp->dp_dirty_pertxg[txg & TXG_MASK], >=, space); 748 dp->dp_dirty_pertxg[txg & TXG_MASK] -= space; 749 ASSERT3U(dp->dp_dirty_total, >=, space); 750 dsl_pool_dirty_delta(dp, -space); 751 mutex_exit(&dp->dp_lock); 752} 753 754/* ARGSUSED */ 755static int 756upgrade_clones_cb(dsl_pool_t *dp, dsl_dataset_t *hds, void *arg) 757{ 758 dmu_tx_t *tx = arg; 759 dsl_dataset_t *ds, *prev = NULL; 760 int err; 761 762 err = dsl_dataset_hold_obj(dp, hds->ds_object, FTAG, &ds); 763 if (err) 764 return (err); 765 766 while (ds->ds_phys->ds_prev_snap_obj != 0) { 767 err = dsl_dataset_hold_obj(dp, ds->ds_phys->ds_prev_snap_obj, 768 FTAG, &prev); 769 if (err) { 770 dsl_dataset_rele(ds, FTAG); 771 return (err); 772 } 773 774 if (prev->ds_phys->ds_next_snap_obj != ds->ds_object) 775 break; 776 dsl_dataset_rele(ds, FTAG); 777 ds = prev; 778 prev = NULL; 779 } 780 781 if (prev == NULL) { 782 prev = dp->dp_origin_snap; 783 784 /* 785 * The $ORIGIN can't have any data, or the accounting 786 * will be wrong. 787 */ 788 ASSERT0(prev->ds_phys->ds_bp.blk_birth); 789 790 /* The origin doesn't get attached to itself */ 791 if (ds->ds_object == prev->ds_object) { 792 dsl_dataset_rele(ds, FTAG); 793 return (0); 794 } 795 796 dmu_buf_will_dirty(ds->ds_dbuf, tx); 797 ds->ds_phys->ds_prev_snap_obj = prev->ds_object; 798 ds->ds_phys->ds_prev_snap_txg = prev->ds_phys->ds_creation_txg; 799 800 dmu_buf_will_dirty(ds->ds_dir->dd_dbuf, tx); 801 ds->ds_dir->dd_phys->dd_origin_obj = prev->ds_object; 802 803 dmu_buf_will_dirty(prev->ds_dbuf, tx); 804 prev->ds_phys->ds_num_children++; 805 806 if (ds->ds_phys->ds_next_snap_obj == 0) { 807 ASSERT(ds->ds_prev == NULL); 808 VERIFY0(dsl_dataset_hold_obj(dp, 809 ds->ds_phys->ds_prev_snap_obj, ds, &ds->ds_prev)); 810 } 811 } 812 813 ASSERT3U(ds->ds_dir->dd_phys->dd_origin_obj, ==, prev->ds_object); 814 ASSERT3U(ds->ds_phys->ds_prev_snap_obj, ==, prev->ds_object); 815 816 if (prev->ds_phys->ds_next_clones_obj == 0) { 817 dmu_buf_will_dirty(prev->ds_dbuf, tx); 818 prev->ds_phys->ds_next_clones_obj = 819 zap_create(dp->dp_meta_objset, 820 DMU_OT_NEXT_CLONES, DMU_OT_NONE, 0, tx); 821 } 822 VERIFY0(zap_add_int(dp->dp_meta_objset, 823 prev->ds_phys->ds_next_clones_obj, ds->ds_object, tx)); 824 825 dsl_dataset_rele(ds, FTAG); 826 if (prev != dp->dp_origin_snap) 827 dsl_dataset_rele(prev, FTAG); 828 return (0); 829} 830 831void 832dsl_pool_upgrade_clones(dsl_pool_t *dp, dmu_tx_t *tx) 833{ 834 ASSERT(dmu_tx_is_syncing(tx)); 835 ASSERT(dp->dp_origin_snap != NULL); 836 837 VERIFY0(dmu_objset_find_dp(dp, dp->dp_root_dir_obj, upgrade_clones_cb, 838 tx, DS_FIND_CHILDREN)); 839} 840 841/* ARGSUSED */ 842static int 843upgrade_dir_clones_cb(dsl_pool_t *dp, dsl_dataset_t *ds, void *arg) 844{ 845 dmu_tx_t *tx = arg; 846 objset_t *mos = dp->dp_meta_objset; 847 848 if (ds->ds_dir->dd_phys->dd_origin_obj != 0) { 849 dsl_dataset_t *origin; 850 851 VERIFY0(dsl_dataset_hold_obj(dp, 852 ds->ds_dir->dd_phys->dd_origin_obj, FTAG, &origin)); 853 854 if (origin->ds_dir->dd_phys->dd_clones == 0) { 855 dmu_buf_will_dirty(origin->ds_dir->dd_dbuf, tx); 856 origin->ds_dir->dd_phys->dd_clones = zap_create(mos, 857 DMU_OT_DSL_CLONES, DMU_OT_NONE, 0, tx); 858 } 859 860 VERIFY0(zap_add_int(dp->dp_meta_objset, 861 origin->ds_dir->dd_phys->dd_clones, ds->ds_object, tx)); 862 863 dsl_dataset_rele(origin, FTAG); 864 } 865 return (0); 866} 867 868void 869dsl_pool_upgrade_dir_clones(dsl_pool_t *dp, dmu_tx_t *tx) 870{ 871 ASSERT(dmu_tx_is_syncing(tx)); 872 uint64_t obj; 873 874 (void) dsl_dir_create_sync(dp, dp->dp_root_dir, FREE_DIR_NAME, tx); 875 VERIFY0(dsl_pool_open_special_dir(dp, 876 FREE_DIR_NAME, &dp->dp_free_dir)); 877 878 /* 879 * We can't use bpobj_alloc(), because spa_version() still 880 * returns the old version, and we need a new-version bpobj with 881 * subobj support. So call dmu_object_alloc() directly. 882 */ 883 obj = dmu_object_alloc(dp->dp_meta_objset, DMU_OT_BPOBJ, 884 SPA_MAXBLOCKSIZE, DMU_OT_BPOBJ_HDR, sizeof (bpobj_phys_t), tx); 885 VERIFY0(zap_add(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT, 886 DMU_POOL_FREE_BPOBJ, sizeof (uint64_t), 1, &obj, tx)); 887 VERIFY0(bpobj_open(&dp->dp_free_bpobj, dp->dp_meta_objset, obj)); 888 889 VERIFY0(dmu_objset_find_dp(dp, dp->dp_root_dir_obj, 890 upgrade_dir_clones_cb, tx, DS_FIND_CHILDREN)); 891} 892 893void 894dsl_pool_create_origin(dsl_pool_t *dp, dmu_tx_t *tx) 895{ 896 uint64_t dsobj; 897 dsl_dataset_t *ds; 898 899 ASSERT(dmu_tx_is_syncing(tx)); 900 ASSERT(dp->dp_origin_snap == NULL); 901 ASSERT(rrw_held(&dp->dp_config_rwlock, RW_WRITER)); 902 903 /* create the origin dir, ds, & snap-ds */ 904 dsobj = dsl_dataset_create_sync(dp->dp_root_dir, ORIGIN_DIR_NAME, 905 NULL, 0, kcred, tx); 906 VERIFY0(dsl_dataset_hold_obj(dp, dsobj, FTAG, &ds)); 907 dsl_dataset_snapshot_sync_impl(ds, ORIGIN_DIR_NAME, tx); 908 VERIFY0(dsl_dataset_hold_obj(dp, ds->ds_phys->ds_prev_snap_obj, 909 dp, &dp->dp_origin_snap)); 910 dsl_dataset_rele(ds, FTAG); 911} 912 913taskq_t * 914dsl_pool_vnrele_taskq(dsl_pool_t *dp) 915{ 916 return (dp->dp_vnrele_taskq); 917} 918 919/* 920 * Walk through the pool-wide zap object of temporary snapshot user holds 921 * and release them. 922 */ 923void 924dsl_pool_clean_tmp_userrefs(dsl_pool_t *dp) 925{ 926 zap_attribute_t za; 927 zap_cursor_t zc; 928 objset_t *mos = dp->dp_meta_objset; 929 uint64_t zapobj = dp->dp_tmp_userrefs_obj; 930 nvlist_t *holds; 931 932 if (zapobj == 0) 933 return; 934 ASSERT(spa_version(dp->dp_spa) >= SPA_VERSION_USERREFS); 935 936 holds = fnvlist_alloc(); 937 938 for (zap_cursor_init(&zc, mos, zapobj); 939 zap_cursor_retrieve(&zc, &za) == 0; 940 zap_cursor_advance(&zc)) { 941 char *htag; 942 nvlist_t *tags; 943 944 htag = strchr(za.za_name, '-'); 945 *htag = '\0'; 946 ++htag; 947 if (nvlist_lookup_nvlist(holds, za.za_name, &tags) != 0) { 948 tags = fnvlist_alloc(); 949 fnvlist_add_boolean(tags, htag); 950 fnvlist_add_nvlist(holds, za.za_name, tags); 951 fnvlist_free(tags); 952 } else { 953 fnvlist_add_boolean(tags, htag); 954 } 955 } 956 dsl_dataset_user_release_tmp(dp, holds); 957 fnvlist_free(holds); 958 zap_cursor_fini(&zc); 959} 960 961/* 962 * Create the pool-wide zap object for storing temporary snapshot holds. 963 */ 964void 965dsl_pool_user_hold_create_obj(dsl_pool_t *dp, dmu_tx_t *tx) 966{ 967 objset_t *mos = dp->dp_meta_objset; 968 969 ASSERT(dp->dp_tmp_userrefs_obj == 0); 970 ASSERT(dmu_tx_is_syncing(tx)); 971 972 dp->dp_tmp_userrefs_obj = zap_create_link(mos, DMU_OT_USERREFS, 973 DMU_POOL_DIRECTORY_OBJECT, DMU_POOL_TMP_USERREFS, tx); 974} 975 976static int 977dsl_pool_user_hold_rele_impl(dsl_pool_t *dp, uint64_t dsobj, 978 const char *tag, uint64_t now, dmu_tx_t *tx, boolean_t holding) 979{ 980 objset_t *mos = dp->dp_meta_objset; 981 uint64_t zapobj = dp->dp_tmp_userrefs_obj; 982 char *name; 983 int error; 984 985 ASSERT(spa_version(dp->dp_spa) >= SPA_VERSION_USERREFS); 986 ASSERT(dmu_tx_is_syncing(tx)); 987 988 /* 989 * If the pool was created prior to SPA_VERSION_USERREFS, the 990 * zap object for temporary holds might not exist yet. 991 */ 992 if (zapobj == 0) { 993 if (holding) { 994 dsl_pool_user_hold_create_obj(dp, tx); 995 zapobj = dp->dp_tmp_userrefs_obj; 996 } else { 997 return (SET_ERROR(ENOENT)); 998 } 999 } 1000 1001 name = kmem_asprintf("%llx-%s", (u_longlong_t)dsobj, tag); 1002 if (holding) 1003 error = zap_add(mos, zapobj, name, 8, 1, &now, tx); 1004 else 1005 error = zap_remove(mos, zapobj, name, tx); 1006 strfree(name); 1007 1008 return (error); 1009} 1010 1011/* 1012 * Add a temporary hold for the given dataset object and tag. 1013 */ 1014int 1015dsl_pool_user_hold(dsl_pool_t *dp, uint64_t dsobj, const char *tag, 1016 uint64_t now, dmu_tx_t *tx) 1017{ 1018 return (dsl_pool_user_hold_rele_impl(dp, dsobj, tag, now, tx, B_TRUE)); 1019} 1020 1021/* 1022 * Release a temporary hold for the given dataset object and tag. 1023 */ 1024int 1025dsl_pool_user_release(dsl_pool_t *dp, uint64_t dsobj, const char *tag, 1026 dmu_tx_t *tx) 1027{ 1028 return (dsl_pool_user_hold_rele_impl(dp, dsobj, tag, 0, 1029 tx, B_FALSE)); 1030} 1031 1032/* 1033 * DSL Pool Configuration Lock 1034 * 1035 * The dp_config_rwlock protects against changes to DSL state (e.g. dataset 1036 * creation / destruction / rename / property setting). It must be held for 1037 * read to hold a dataset or dsl_dir. I.e. you must call 1038 * dsl_pool_config_enter() or dsl_pool_hold() before calling 1039 * dsl_{dataset,dir}_hold{_obj}. In most circumstances, the dp_config_rwlock 1040 * must be held continuously until all datasets and dsl_dirs are released. 1041 * 1042 * The only exception to this rule is that if a "long hold" is placed on 1043 * a dataset, then the dp_config_rwlock may be dropped while the dataset 1044 * is still held. The long hold will prevent the dataset from being 1045 * destroyed -- the destroy will fail with EBUSY. A long hold can be 1046 * obtained by calling dsl_dataset_long_hold(), or by "owning" a dataset 1047 * (by calling dsl_{dataset,objset}_{try}own{_obj}). 1048 * 1049 * Legitimate long-holders (including owners) should be long-running, cancelable 1050 * tasks that should cause "zfs destroy" to fail. This includes DMU 1051 * consumers (i.e. a ZPL filesystem being mounted or ZVOL being open), 1052 * "zfs send", and "zfs diff". There are several other long-holders whose 1053 * uses are suboptimal (e.g. "zfs promote", and zil_suspend()). 1054 * 1055 * The usual formula for long-holding would be: 1056 * dsl_pool_hold() 1057 * dsl_dataset_hold() 1058 * ... perform checks ... 1059 * dsl_dataset_long_hold() 1060 * dsl_pool_rele() 1061 * ... perform long-running task ... 1062 * dsl_dataset_long_rele() 1063 * dsl_dataset_rele() 1064 * 1065 * Note that when the long hold is released, the dataset is still held but 1066 * the pool is not held. The dataset may change arbitrarily during this time 1067 * (e.g. it could be destroyed). Therefore you shouldn't do anything to the 1068 * dataset except release it. 1069 * 1070 * User-initiated operations (e.g. ioctls, zfs_ioc_*()) are either read-only 1071 * or modifying operations. 1072 * 1073 * Modifying operations should generally use dsl_sync_task(). The synctask 1074 * infrastructure enforces proper locking strategy with respect to the 1075 * dp_config_rwlock. See the comment above dsl_sync_task() for details. 1076 * 1077 * Read-only operations will manually hold the pool, then the dataset, obtain 1078 * information from the dataset, then release the pool and dataset. 1079 * dmu_objset_{hold,rele}() are convenience routines that also do the pool 1080 * hold/rele. 1081 */ 1082 1083int 1084dsl_pool_hold(const char *name, void *tag, dsl_pool_t **dp) 1085{ 1086 spa_t *spa; 1087 int error; 1088 1089 error = spa_open(name, &spa, tag); 1090 if (error == 0) { 1091 *dp = spa_get_dsl(spa); 1092 dsl_pool_config_enter(*dp, tag); 1093 } 1094 return (error); 1095} 1096 1097void 1098dsl_pool_rele(dsl_pool_t *dp, void *tag) 1099{ 1100 dsl_pool_config_exit(dp, tag); 1101 spa_close(dp->dp_spa, tag); 1102} 1103 1104void 1105dsl_pool_config_enter(dsl_pool_t *dp, void *tag) 1106{ 1107 /* 1108 * We use a "reentrant" reader-writer lock, but not reentrantly. 1109 * 1110 * The rrwlock can (with the track_all flag) track all reading threads, 1111 * which is very useful for debugging which code path failed to release 1112 * the lock, and for verifying that the *current* thread does hold 1113 * the lock. 1114 * 1115 * (Unlike a rwlock, which knows that N threads hold it for 1116 * read, but not *which* threads, so rw_held(RW_READER) returns TRUE 1117 * if any thread holds it for read, even if this thread doesn't). 1118 */ 1119 ASSERT(!rrw_held(&dp->dp_config_rwlock, RW_READER)); 1120 rrw_enter(&dp->dp_config_rwlock, RW_READER, tag); 1121} 1122 1123void 1124dsl_pool_config_exit(dsl_pool_t *dp, void *tag) 1125{ 1126 rrw_exit(&dp->dp_config_rwlock, tag); 1127} 1128 1129boolean_t 1130dsl_pool_config_held(dsl_pool_t *dp) 1131{ 1132 return (RRW_LOCK_HELD(&dp->dp_config_rwlock)); 1133} 1134