dsl_pool.c revision 276081
1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21/* 22 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. 23 * Copyright (c) 2011, 2014 by Delphix. All rights reserved. 24 * Copyright (c) 2013 Steven Hartland. All rights reserved. 25 */ 26 27#include <sys/dsl_pool.h> 28#include <sys/dsl_dataset.h> 29#include <sys/dsl_prop.h> 30#include <sys/dsl_dir.h> 31#include <sys/dsl_synctask.h> 32#include <sys/dsl_scan.h> 33#include <sys/dnode.h> 34#include <sys/dmu_tx.h> 35#include <sys/dmu_objset.h> 36#include <sys/arc.h> 37#include <sys/zap.h> 38#include <sys/zio.h> 39#include <sys/zfs_context.h> 40#include <sys/fs/zfs.h> 41#include <sys/zfs_znode.h> 42#include <sys/spa_impl.h> 43#include <sys/dsl_deadlist.h> 44#include <sys/bptree.h> 45#include <sys/zfeature.h> 46#include <sys/zil_impl.h> 47#include <sys/dsl_userhold.h> 48 49#ifdef __FreeBSD__ 50#include <sys/sysctl.h> 51#include <sys/types.h> 52#endif 53 54/* 55 * ZFS Write Throttle 56 * ------------------ 57 * 58 * ZFS must limit the rate of incoming writes to the rate at which it is able 59 * to sync data modifications to the backend storage. Throttling by too much 60 * creates an artificial limit; throttling by too little can only be sustained 61 * for short periods and would lead to highly lumpy performance. On a per-pool 62 * basis, ZFS tracks the amount of modified (dirty) data. As operations change 63 * data, the amount of dirty data increases; as ZFS syncs out data, the amount 64 * of dirty data decreases. When the amount of dirty data exceeds a 65 * predetermined threshold further modifications are blocked until the amount 66 * of dirty data decreases (as data is synced out). 67 * 68 * The limit on dirty data is tunable, and should be adjusted according to 69 * both the IO capacity and available memory of the system. The larger the 70 * window, the more ZFS is able to aggregate and amortize metadata (and data) 71 * changes. However, memory is a limited resource, and allowing for more dirty 72 * data comes at the cost of keeping other useful data in memory (for example 73 * ZFS data cached by the ARC). 74 * 75 * Implementation 76 * 77 * As buffers are modified dsl_pool_willuse_space() increments both the per- 78 * txg (dp_dirty_pertxg[]) and poolwide (dp_dirty_total) accounting of 79 * dirty space used; dsl_pool_dirty_space() decrements those values as data 80 * is synced out from dsl_pool_sync(). While only the poolwide value is 81 * relevant, the per-txg value is useful for debugging. The tunable 82 * zfs_dirty_data_max determines the dirty space limit. Once that value is 83 * exceeded, new writes are halted until space frees up. 84 * 85 * The zfs_dirty_data_sync tunable dictates the threshold at which we 86 * ensure that there is a txg syncing (see the comment in txg.c for a full 87 * description of transaction group stages). 88 * 89 * The IO scheduler uses both the dirty space limit and current amount of 90 * dirty data as inputs. Those values affect the number of concurrent IOs ZFS 91 * issues. See the comment in vdev_queue.c for details of the IO scheduler. 92 * 93 * The delay is also calculated based on the amount of dirty data. See the 94 * comment above dmu_tx_delay() for details. 95 */ 96 97/* 98 * zfs_dirty_data_max will be set to zfs_dirty_data_max_percent% of all memory, 99 * capped at zfs_dirty_data_max_max. It can also be overridden in /etc/system. 100 */ 101uint64_t zfs_dirty_data_max; 102uint64_t zfs_dirty_data_max_max = 4ULL * 1024 * 1024 * 1024; 103int zfs_dirty_data_max_percent = 10; 104 105/* 106 * If there is at least this much dirty data, push out a txg. 107 */ 108uint64_t zfs_dirty_data_sync = 64 * 1024 * 1024; 109 110/* 111 * Once there is this amount of dirty data, the dmu_tx_delay() will kick in 112 * and delay each transaction. 113 * This value should be >= zfs_vdev_async_write_active_max_dirty_percent. 114 */ 115int zfs_delay_min_dirty_percent = 60; 116 117/* 118 * This controls how quickly the delay approaches infinity. 119 * Larger values cause it to delay more for a given amount of dirty data. 120 * Therefore larger values will cause there to be less dirty data for a 121 * given throughput. 122 * 123 * For the smoothest delay, this value should be about 1 billion divided 124 * by the maximum number of operations per second. This will smoothly 125 * handle between 10x and 1/10th this number. 126 * 127 * Note: zfs_delay_scale * zfs_dirty_data_max must be < 2^64, due to the 128 * multiply in dmu_tx_delay(). 129 */ 130uint64_t zfs_delay_scale = 1000 * 1000 * 1000 / 2000; 131 132 133#ifdef __FreeBSD__ 134 135extern int zfs_vdev_async_write_active_max_dirty_percent; 136 137SYSCTL_DECL(_vfs_zfs); 138 139TUNABLE_QUAD("vfs.zfs.dirty_data_max", &zfs_dirty_data_max); 140SYSCTL_UQUAD(_vfs_zfs, OID_AUTO, dirty_data_max, CTLFLAG_RWTUN, 141 &zfs_dirty_data_max, 0, 142 "The maximum amount of dirty data in bytes after which new writes are " 143 "halted until space becomes available"); 144 145TUNABLE_QUAD("vfs.zfs.dirty_data_max_max", &zfs_dirty_data_max_max); 146SYSCTL_UQUAD(_vfs_zfs, OID_AUTO, dirty_data_max_max, CTLFLAG_RDTUN, 147 &zfs_dirty_data_max_max, 0, 148 "The absolute cap on dirty_data_max when auto calculating"); 149 150TUNABLE_INT("vfs.zfs.dirty_data_max_percent", &zfs_dirty_data_max_percent); 151static int sysctl_zfs_dirty_data_max_percent(SYSCTL_HANDLER_ARGS); 152SYSCTL_PROC(_vfs_zfs, OID_AUTO, dirty_data_max_percent, 153 CTLTYPE_INT | CTLFLAG_MPSAFE | CTLFLAG_RWTUN, 0, sizeof(int), 154 sysctl_zfs_dirty_data_max_percent, "I", 155 "The percent of physical memory used to auto calculate dirty_data_max"); 156 157TUNABLE_QUAD("vfs.zfs.dirty_data_sync", &zfs_dirty_data_sync); 158SYSCTL_UQUAD(_vfs_zfs, OID_AUTO, dirty_data_sync, CTLFLAG_RWTUN, 159 &zfs_dirty_data_sync, 0, 160 "Force a txg if the number of dirty buffer bytes exceed this value"); 161 162static int sysctl_zfs_delay_min_dirty_percent(SYSCTL_HANDLER_ARGS); 163/* No zfs_delay_min_dirty_percent tunable due to limit requirements */ 164SYSCTL_PROC(_vfs_zfs, OID_AUTO, delay_min_dirty_percent, 165 CTLTYPE_INT | CTLFLAG_MPSAFE | CTLFLAG_RW, 0, sizeof(int), 166 sysctl_zfs_delay_min_dirty_percent, "I", 167 "The limit of outstanding dirty data before transations are delayed"); 168 169static int sysctl_zfs_delay_scale(SYSCTL_HANDLER_ARGS); 170/* No zfs_delay_scale tunable due to limit requirements */ 171SYSCTL_PROC(_vfs_zfs, OID_AUTO, delay_scale, 172 CTLTYPE_U64 | CTLFLAG_MPSAFE | CTLFLAG_RW, 0, sizeof(uint64_t), 173 sysctl_zfs_delay_scale, "QU", 174 "Controls how quickly the delay approaches infinity"); 175 176static int 177sysctl_zfs_dirty_data_max_percent(SYSCTL_HANDLER_ARGS) 178{ 179 int val, err; 180 181 val = zfs_dirty_data_max_percent; 182 err = sysctl_handle_int(oidp, &val, 0, req); 183 if (err != 0 || req->newptr == NULL) 184 return (err); 185 186 if (val < 0 || val > 100) 187 return (EINVAL); 188 189 zfs_dirty_data_max_percent = val; 190 191 return (0); 192} 193 194static int 195sysctl_zfs_delay_min_dirty_percent(SYSCTL_HANDLER_ARGS) 196{ 197 int val, err; 198 199 val = zfs_delay_min_dirty_percent; 200 err = sysctl_handle_int(oidp, &val, 0, req); 201 if (err != 0 || req->newptr == NULL) 202 return (err); 203 204 if (val < zfs_vdev_async_write_active_max_dirty_percent) 205 return (EINVAL); 206 207 zfs_delay_min_dirty_percent = val; 208 209 return (0); 210} 211 212static int 213sysctl_zfs_delay_scale(SYSCTL_HANDLER_ARGS) 214{ 215 uint64_t val; 216 int err; 217 218 val = zfs_delay_scale; 219 err = sysctl_handle_64(oidp, &val, 0, req); 220 if (err != 0 || req->newptr == NULL) 221 return (err); 222 223 if (val > UINT64_MAX / zfs_dirty_data_max) 224 return (EINVAL); 225 226 zfs_delay_scale = val; 227 228 return (0); 229} 230#endif 231 232hrtime_t zfs_throttle_delay = MSEC2NSEC(10); 233hrtime_t zfs_throttle_resolution = MSEC2NSEC(10); 234 235int 236dsl_pool_open_special_dir(dsl_pool_t *dp, const char *name, dsl_dir_t **ddp) 237{ 238 uint64_t obj; 239 int err; 240 241 err = zap_lookup(dp->dp_meta_objset, 242 dp->dp_root_dir->dd_phys->dd_child_dir_zapobj, 243 name, sizeof (obj), 1, &obj); 244 if (err) 245 return (err); 246 247 return (dsl_dir_hold_obj(dp, obj, name, dp, ddp)); 248} 249 250static dsl_pool_t * 251dsl_pool_open_impl(spa_t *spa, uint64_t txg) 252{ 253 dsl_pool_t *dp; 254 blkptr_t *bp = spa_get_rootblkptr(spa); 255 256 dp = kmem_zalloc(sizeof (dsl_pool_t), KM_SLEEP); 257 dp->dp_spa = spa; 258 dp->dp_meta_rootbp = *bp; 259 rrw_init(&dp->dp_config_rwlock, B_TRUE); 260 txg_init(dp, txg); 261 262 txg_list_create(&dp->dp_dirty_datasets, 263 offsetof(dsl_dataset_t, ds_dirty_link)); 264 txg_list_create(&dp->dp_dirty_zilogs, 265 offsetof(zilog_t, zl_dirty_link)); 266 txg_list_create(&dp->dp_dirty_dirs, 267 offsetof(dsl_dir_t, dd_dirty_link)); 268 txg_list_create(&dp->dp_sync_tasks, 269 offsetof(dsl_sync_task_t, dst_node)); 270 271 mutex_init(&dp->dp_lock, NULL, MUTEX_DEFAULT, NULL); 272 cv_init(&dp->dp_spaceavail_cv, NULL, CV_DEFAULT, NULL); 273 274 dp->dp_vnrele_taskq = taskq_create("zfs_vn_rele_taskq", 1, minclsyspri, 275 1, 4, 0); 276 277 return (dp); 278} 279 280int 281dsl_pool_init(spa_t *spa, uint64_t txg, dsl_pool_t **dpp) 282{ 283 int err; 284 dsl_pool_t *dp = dsl_pool_open_impl(spa, txg); 285 286 err = dmu_objset_open_impl(spa, NULL, &dp->dp_meta_rootbp, 287 &dp->dp_meta_objset); 288 if (err != 0) 289 dsl_pool_close(dp); 290 else 291 *dpp = dp; 292 293 return (err); 294} 295 296int 297dsl_pool_open(dsl_pool_t *dp) 298{ 299 int err; 300 dsl_dir_t *dd; 301 dsl_dataset_t *ds; 302 uint64_t obj; 303 304 rrw_enter(&dp->dp_config_rwlock, RW_WRITER, FTAG); 305 err = zap_lookup(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT, 306 DMU_POOL_ROOT_DATASET, sizeof (uint64_t), 1, 307 &dp->dp_root_dir_obj); 308 if (err) 309 goto out; 310 311 err = dsl_dir_hold_obj(dp, dp->dp_root_dir_obj, 312 NULL, dp, &dp->dp_root_dir); 313 if (err) 314 goto out; 315 316 err = dsl_pool_open_special_dir(dp, MOS_DIR_NAME, &dp->dp_mos_dir); 317 if (err) 318 goto out; 319 320 if (spa_version(dp->dp_spa) >= SPA_VERSION_ORIGIN) { 321 err = dsl_pool_open_special_dir(dp, ORIGIN_DIR_NAME, &dd); 322 if (err) 323 goto out; 324 err = dsl_dataset_hold_obj(dp, dd->dd_phys->dd_head_dataset_obj, 325 FTAG, &ds); 326 if (err == 0) { 327 err = dsl_dataset_hold_obj(dp, 328 ds->ds_phys->ds_prev_snap_obj, dp, 329 &dp->dp_origin_snap); 330 dsl_dataset_rele(ds, FTAG); 331 } 332 dsl_dir_rele(dd, dp); 333 if (err) 334 goto out; 335 } 336 337 if (spa_version(dp->dp_spa) >= SPA_VERSION_DEADLISTS) { 338 err = dsl_pool_open_special_dir(dp, FREE_DIR_NAME, 339 &dp->dp_free_dir); 340 if (err) 341 goto out; 342 343 err = zap_lookup(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT, 344 DMU_POOL_FREE_BPOBJ, sizeof (uint64_t), 1, &obj); 345 if (err) 346 goto out; 347 VERIFY0(bpobj_open(&dp->dp_free_bpobj, 348 dp->dp_meta_objset, obj)); 349 } 350 351 /* 352 * Note: errors ignored, because the leak dir will not exist if we 353 * have not encountered a leak yet. 354 */ 355 (void) dsl_pool_open_special_dir(dp, LEAK_DIR_NAME, 356 &dp->dp_leak_dir); 357 358 if (spa_feature_is_active(dp->dp_spa, SPA_FEATURE_ASYNC_DESTROY)) { 359 err = zap_lookup(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT, 360 DMU_POOL_BPTREE_OBJ, sizeof (uint64_t), 1, 361 &dp->dp_bptree_obj); 362 if (err != 0) 363 goto out; 364 } 365 366 if (spa_feature_is_active(dp->dp_spa, SPA_FEATURE_EMPTY_BPOBJ)) { 367 err = zap_lookup(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT, 368 DMU_POOL_EMPTY_BPOBJ, sizeof (uint64_t), 1, 369 &dp->dp_empty_bpobj); 370 if (err != 0) 371 goto out; 372 } 373 374 err = zap_lookup(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT, 375 DMU_POOL_TMP_USERREFS, sizeof (uint64_t), 1, 376 &dp->dp_tmp_userrefs_obj); 377 if (err == ENOENT) 378 err = 0; 379 if (err) 380 goto out; 381 382 err = dsl_scan_init(dp, dp->dp_tx.tx_open_txg); 383 384out: 385 rrw_exit(&dp->dp_config_rwlock, FTAG); 386 return (err); 387} 388 389void 390dsl_pool_close(dsl_pool_t *dp) 391{ 392 /* 393 * Drop our references from dsl_pool_open(). 394 * 395 * Since we held the origin_snap from "syncing" context (which 396 * includes pool-opening context), it actually only got a "ref" 397 * and not a hold, so just drop that here. 398 */ 399 if (dp->dp_origin_snap) 400 dsl_dataset_rele(dp->dp_origin_snap, dp); 401 if (dp->dp_mos_dir) 402 dsl_dir_rele(dp->dp_mos_dir, dp); 403 if (dp->dp_free_dir) 404 dsl_dir_rele(dp->dp_free_dir, dp); 405 if (dp->dp_leak_dir) 406 dsl_dir_rele(dp->dp_leak_dir, dp); 407 if (dp->dp_root_dir) 408 dsl_dir_rele(dp->dp_root_dir, dp); 409 410 bpobj_close(&dp->dp_free_bpobj); 411 412 /* undo the dmu_objset_open_impl(mos) from dsl_pool_open() */ 413 if (dp->dp_meta_objset) 414 dmu_objset_evict(dp->dp_meta_objset); 415 416 txg_list_destroy(&dp->dp_dirty_datasets); 417 txg_list_destroy(&dp->dp_dirty_zilogs); 418 txg_list_destroy(&dp->dp_sync_tasks); 419 txg_list_destroy(&dp->dp_dirty_dirs); 420 421 arc_flush(dp->dp_spa); 422 txg_fini(dp); 423 dsl_scan_fini(dp); 424 rrw_destroy(&dp->dp_config_rwlock); 425 mutex_destroy(&dp->dp_lock); 426 taskq_destroy(dp->dp_vnrele_taskq); 427 if (dp->dp_blkstats) 428 kmem_free(dp->dp_blkstats, sizeof (zfs_all_blkstats_t)); 429 kmem_free(dp, sizeof (dsl_pool_t)); 430} 431 432dsl_pool_t * 433dsl_pool_create(spa_t *spa, nvlist_t *zplprops, uint64_t txg) 434{ 435 int err; 436 dsl_pool_t *dp = dsl_pool_open_impl(spa, txg); 437 dmu_tx_t *tx = dmu_tx_create_assigned(dp, txg); 438 objset_t *os; 439 dsl_dataset_t *ds; 440 uint64_t obj; 441 442 rrw_enter(&dp->dp_config_rwlock, RW_WRITER, FTAG); 443 444 /* create and open the MOS (meta-objset) */ 445 dp->dp_meta_objset = dmu_objset_create_impl(spa, 446 NULL, &dp->dp_meta_rootbp, DMU_OST_META, tx); 447 448 /* create the pool directory */ 449 err = zap_create_claim(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT, 450 DMU_OT_OBJECT_DIRECTORY, DMU_OT_NONE, 0, tx); 451 ASSERT0(err); 452 453 /* Initialize scan structures */ 454 VERIFY0(dsl_scan_init(dp, txg)); 455 456 /* create and open the root dir */ 457 dp->dp_root_dir_obj = dsl_dir_create_sync(dp, NULL, NULL, tx); 458 VERIFY0(dsl_dir_hold_obj(dp, dp->dp_root_dir_obj, 459 NULL, dp, &dp->dp_root_dir)); 460 461 /* create and open the meta-objset dir */ 462 (void) dsl_dir_create_sync(dp, dp->dp_root_dir, MOS_DIR_NAME, tx); 463 VERIFY0(dsl_pool_open_special_dir(dp, 464 MOS_DIR_NAME, &dp->dp_mos_dir)); 465 466 if (spa_version(spa) >= SPA_VERSION_DEADLISTS) { 467 /* create and open the free dir */ 468 (void) dsl_dir_create_sync(dp, dp->dp_root_dir, 469 FREE_DIR_NAME, tx); 470 VERIFY0(dsl_pool_open_special_dir(dp, 471 FREE_DIR_NAME, &dp->dp_free_dir)); 472 473 /* create and open the free_bplist */ 474 obj = bpobj_alloc(dp->dp_meta_objset, SPA_OLD_MAXBLOCKSIZE, tx); 475 VERIFY(zap_add(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT, 476 DMU_POOL_FREE_BPOBJ, sizeof (uint64_t), 1, &obj, tx) == 0); 477 VERIFY0(bpobj_open(&dp->dp_free_bpobj, 478 dp->dp_meta_objset, obj)); 479 } 480 481 if (spa_version(spa) >= SPA_VERSION_DSL_SCRUB) 482 dsl_pool_create_origin(dp, tx); 483 484 /* create the root dataset */ 485 obj = dsl_dataset_create_sync_dd(dp->dp_root_dir, NULL, 0, tx); 486 487 /* create the root objset */ 488 VERIFY0(dsl_dataset_hold_obj(dp, obj, FTAG, &ds)); 489 os = dmu_objset_create_impl(dp->dp_spa, ds, 490 dsl_dataset_get_blkptr(ds), DMU_OST_ZFS, tx); 491#ifdef _KERNEL 492 zfs_create_fs(os, kcred, zplprops, tx); 493#endif 494 dsl_dataset_rele(ds, FTAG); 495 496 dmu_tx_commit(tx); 497 498 rrw_exit(&dp->dp_config_rwlock, FTAG); 499 500 return (dp); 501} 502 503/* 504 * Account for the meta-objset space in its placeholder dsl_dir. 505 */ 506void 507dsl_pool_mos_diduse_space(dsl_pool_t *dp, 508 int64_t used, int64_t comp, int64_t uncomp) 509{ 510 ASSERT3U(comp, ==, uncomp); /* it's all metadata */ 511 mutex_enter(&dp->dp_lock); 512 dp->dp_mos_used_delta += used; 513 dp->dp_mos_compressed_delta += comp; 514 dp->dp_mos_uncompressed_delta += uncomp; 515 mutex_exit(&dp->dp_lock); 516} 517 518static int 519deadlist_enqueue_cb(void *arg, const blkptr_t *bp, dmu_tx_t *tx) 520{ 521 dsl_deadlist_t *dl = arg; 522 dsl_deadlist_insert(dl, bp, tx); 523 return (0); 524} 525 526static void 527dsl_pool_sync_mos(dsl_pool_t *dp, dmu_tx_t *tx) 528{ 529 zio_t *zio = zio_root(dp->dp_spa, NULL, NULL, ZIO_FLAG_MUSTSUCCEED); 530 dmu_objset_sync(dp->dp_meta_objset, zio, tx); 531 VERIFY0(zio_wait(zio)); 532 dprintf_bp(&dp->dp_meta_rootbp, "meta objset rootbp is %s", ""); 533 spa_set_rootblkptr(dp->dp_spa, &dp->dp_meta_rootbp); 534} 535 536static void 537dsl_pool_dirty_delta(dsl_pool_t *dp, int64_t delta) 538{ 539 ASSERT(MUTEX_HELD(&dp->dp_lock)); 540 541 if (delta < 0) 542 ASSERT3U(-delta, <=, dp->dp_dirty_total); 543 544 dp->dp_dirty_total += delta; 545 546 /* 547 * Note: we signal even when increasing dp_dirty_total. 548 * This ensures forward progress -- each thread wakes the next waiter. 549 */ 550 if (dp->dp_dirty_total <= zfs_dirty_data_max) 551 cv_signal(&dp->dp_spaceavail_cv); 552} 553 554void 555dsl_pool_sync(dsl_pool_t *dp, uint64_t txg) 556{ 557 zio_t *zio; 558 dmu_tx_t *tx; 559 dsl_dir_t *dd; 560 dsl_dataset_t *ds; 561 objset_t *mos = dp->dp_meta_objset; 562 list_t synced_datasets; 563 564 list_create(&synced_datasets, sizeof (dsl_dataset_t), 565 offsetof(dsl_dataset_t, ds_synced_link)); 566 567 tx = dmu_tx_create_assigned(dp, txg); 568 569 /* 570 * Write out all dirty blocks of dirty datasets. 571 */ 572 zio = zio_root(dp->dp_spa, NULL, NULL, ZIO_FLAG_MUSTSUCCEED); 573 while ((ds = txg_list_remove(&dp->dp_dirty_datasets, txg)) != NULL) { 574 /* 575 * We must not sync any non-MOS datasets twice, because 576 * we may have taken a snapshot of them. However, we 577 * may sync newly-created datasets on pass 2. 578 */ 579 ASSERT(!list_link_active(&ds->ds_synced_link)); 580 list_insert_tail(&synced_datasets, ds); 581 dsl_dataset_sync(ds, zio, tx); 582 } 583 VERIFY0(zio_wait(zio)); 584 585 /* 586 * We have written all of the accounted dirty data, so our 587 * dp_space_towrite should now be zero. However, some seldom-used 588 * code paths do not adhere to this (e.g. dbuf_undirty(), also 589 * rounding error in dbuf_write_physdone). 590 * Shore up the accounting of any dirtied space now. 591 */ 592 dsl_pool_undirty_space(dp, dp->dp_dirty_pertxg[txg & TXG_MASK], txg); 593 594 /* 595 * After the data blocks have been written (ensured by the zio_wait() 596 * above), update the user/group space accounting. 597 */ 598 for (ds = list_head(&synced_datasets); ds != NULL; 599 ds = list_next(&synced_datasets, ds)) { 600 dmu_objset_do_userquota_updates(ds->ds_objset, tx); 601 } 602 603 /* 604 * Sync the datasets again to push out the changes due to 605 * userspace updates. This must be done before we process the 606 * sync tasks, so that any snapshots will have the correct 607 * user accounting information (and we won't get confused 608 * about which blocks are part of the snapshot). 609 */ 610 zio = zio_root(dp->dp_spa, NULL, NULL, ZIO_FLAG_MUSTSUCCEED); 611 while ((ds = txg_list_remove(&dp->dp_dirty_datasets, txg)) != NULL) { 612 ASSERT(list_link_active(&ds->ds_synced_link)); 613 dmu_buf_rele(ds->ds_dbuf, ds); 614 dsl_dataset_sync(ds, zio, tx); 615 } 616 VERIFY0(zio_wait(zio)); 617 618 /* 619 * Now that the datasets have been completely synced, we can 620 * clean up our in-memory structures accumulated while syncing: 621 * 622 * - move dead blocks from the pending deadlist to the on-disk deadlist 623 * - release hold from dsl_dataset_dirty() 624 */ 625 while ((ds = list_remove_head(&synced_datasets)) != NULL) { 626 objset_t *os = ds->ds_objset; 627 bplist_iterate(&ds->ds_pending_deadlist, 628 deadlist_enqueue_cb, &ds->ds_deadlist, tx); 629 ASSERT(!dmu_objset_is_dirty(os, txg)); 630 dmu_buf_rele(ds->ds_dbuf, ds); 631 } 632 while ((dd = txg_list_remove(&dp->dp_dirty_dirs, txg)) != NULL) { 633 dsl_dir_sync(dd, tx); 634 } 635 636 /* 637 * The MOS's space is accounted for in the pool/$MOS 638 * (dp_mos_dir). We can't modify the mos while we're syncing 639 * it, so we remember the deltas and apply them here. 640 */ 641 if (dp->dp_mos_used_delta != 0 || dp->dp_mos_compressed_delta != 0 || 642 dp->dp_mos_uncompressed_delta != 0) { 643 dsl_dir_diduse_space(dp->dp_mos_dir, DD_USED_HEAD, 644 dp->dp_mos_used_delta, 645 dp->dp_mos_compressed_delta, 646 dp->dp_mos_uncompressed_delta, tx); 647 dp->dp_mos_used_delta = 0; 648 dp->dp_mos_compressed_delta = 0; 649 dp->dp_mos_uncompressed_delta = 0; 650 } 651 652 if (list_head(&mos->os_dirty_dnodes[txg & TXG_MASK]) != NULL || 653 list_head(&mos->os_free_dnodes[txg & TXG_MASK]) != NULL) { 654 dsl_pool_sync_mos(dp, tx); 655 } 656 657 /* 658 * If we modify a dataset in the same txg that we want to destroy it, 659 * its dsl_dir's dd_dbuf will be dirty, and thus have a hold on it. 660 * dsl_dir_destroy_check() will fail if there are unexpected holds. 661 * Therefore, we want to sync the MOS (thus syncing the dd_dbuf 662 * and clearing the hold on it) before we process the sync_tasks. 663 * The MOS data dirtied by the sync_tasks will be synced on the next 664 * pass. 665 */ 666 if (!txg_list_empty(&dp->dp_sync_tasks, txg)) { 667 dsl_sync_task_t *dst; 668 /* 669 * No more sync tasks should have been added while we 670 * were syncing. 671 */ 672 ASSERT3U(spa_sync_pass(dp->dp_spa), ==, 1); 673 while ((dst = txg_list_remove(&dp->dp_sync_tasks, txg)) != NULL) 674 dsl_sync_task_sync(dst, tx); 675 } 676 677 dmu_tx_commit(tx); 678 679 DTRACE_PROBE2(dsl_pool_sync__done, dsl_pool_t *dp, dp, uint64_t, txg); 680} 681 682void 683dsl_pool_sync_done(dsl_pool_t *dp, uint64_t txg) 684{ 685 zilog_t *zilog; 686 687 while (zilog = txg_list_remove(&dp->dp_dirty_zilogs, txg)) { 688 dsl_dataset_t *ds = dmu_objset_ds(zilog->zl_os); 689 zil_clean(zilog, txg); 690 ASSERT(!dmu_objset_is_dirty(zilog->zl_os, txg)); 691 dmu_buf_rele(ds->ds_dbuf, zilog); 692 } 693 ASSERT(!dmu_objset_is_dirty(dp->dp_meta_objset, txg)); 694} 695 696/* 697 * TRUE if the current thread is the tx_sync_thread or if we 698 * are being called from SPA context during pool initialization. 699 */ 700int 701dsl_pool_sync_context(dsl_pool_t *dp) 702{ 703 return (curthread == dp->dp_tx.tx_sync_thread || 704 spa_is_initializing(dp->dp_spa)); 705} 706 707uint64_t 708dsl_pool_adjustedsize(dsl_pool_t *dp, boolean_t netfree) 709{ 710 uint64_t space, resv; 711 712 /* 713 * If we're trying to assess whether it's OK to do a free, 714 * cut the reservation in half to allow forward progress 715 * (e.g. make it possible to rm(1) files from a full pool). 716 */ 717 space = spa_get_dspace(dp->dp_spa); 718 resv = spa_get_slop_space(dp->dp_spa); 719 if (netfree) 720 resv >>= 1; 721 722 return (space - resv); 723} 724 725boolean_t 726dsl_pool_need_dirty_delay(dsl_pool_t *dp) 727{ 728 uint64_t delay_min_bytes = 729 zfs_dirty_data_max * zfs_delay_min_dirty_percent / 100; 730 boolean_t rv; 731 732 mutex_enter(&dp->dp_lock); 733 if (dp->dp_dirty_total > zfs_dirty_data_sync) 734 txg_kick(dp); 735 rv = (dp->dp_dirty_total > delay_min_bytes); 736 mutex_exit(&dp->dp_lock); 737 return (rv); 738} 739 740void 741dsl_pool_dirty_space(dsl_pool_t *dp, int64_t space, dmu_tx_t *tx) 742{ 743 if (space > 0) { 744 mutex_enter(&dp->dp_lock); 745 dp->dp_dirty_pertxg[tx->tx_txg & TXG_MASK] += space; 746 dsl_pool_dirty_delta(dp, space); 747 mutex_exit(&dp->dp_lock); 748 } 749} 750 751void 752dsl_pool_undirty_space(dsl_pool_t *dp, int64_t space, uint64_t txg) 753{ 754 ASSERT3S(space, >=, 0); 755 if (space == 0) 756 return; 757 mutex_enter(&dp->dp_lock); 758 if (dp->dp_dirty_pertxg[txg & TXG_MASK] < space) { 759 /* XXX writing something we didn't dirty? */ 760 space = dp->dp_dirty_pertxg[txg & TXG_MASK]; 761 } 762 ASSERT3U(dp->dp_dirty_pertxg[txg & TXG_MASK], >=, space); 763 dp->dp_dirty_pertxg[txg & TXG_MASK] -= space; 764 ASSERT3U(dp->dp_dirty_total, >=, space); 765 dsl_pool_dirty_delta(dp, -space); 766 mutex_exit(&dp->dp_lock); 767} 768 769/* ARGSUSED */ 770static int 771upgrade_clones_cb(dsl_pool_t *dp, dsl_dataset_t *hds, void *arg) 772{ 773 dmu_tx_t *tx = arg; 774 dsl_dataset_t *ds, *prev = NULL; 775 int err; 776 777 err = dsl_dataset_hold_obj(dp, hds->ds_object, FTAG, &ds); 778 if (err) 779 return (err); 780 781 while (ds->ds_phys->ds_prev_snap_obj != 0) { 782 err = dsl_dataset_hold_obj(dp, ds->ds_phys->ds_prev_snap_obj, 783 FTAG, &prev); 784 if (err) { 785 dsl_dataset_rele(ds, FTAG); 786 return (err); 787 } 788 789 if (prev->ds_phys->ds_next_snap_obj != ds->ds_object) 790 break; 791 dsl_dataset_rele(ds, FTAG); 792 ds = prev; 793 prev = NULL; 794 } 795 796 if (prev == NULL) { 797 prev = dp->dp_origin_snap; 798 799 /* 800 * The $ORIGIN can't have any data, or the accounting 801 * will be wrong. 802 */ 803 ASSERT0(prev->ds_phys->ds_bp.blk_birth); 804 805 /* The origin doesn't get attached to itself */ 806 if (ds->ds_object == prev->ds_object) { 807 dsl_dataset_rele(ds, FTAG); 808 return (0); 809 } 810 811 dmu_buf_will_dirty(ds->ds_dbuf, tx); 812 ds->ds_phys->ds_prev_snap_obj = prev->ds_object; 813 ds->ds_phys->ds_prev_snap_txg = prev->ds_phys->ds_creation_txg; 814 815 dmu_buf_will_dirty(ds->ds_dir->dd_dbuf, tx); 816 ds->ds_dir->dd_phys->dd_origin_obj = prev->ds_object; 817 818 dmu_buf_will_dirty(prev->ds_dbuf, tx); 819 prev->ds_phys->ds_num_children++; 820 821 if (ds->ds_phys->ds_next_snap_obj == 0) { 822 ASSERT(ds->ds_prev == NULL); 823 VERIFY0(dsl_dataset_hold_obj(dp, 824 ds->ds_phys->ds_prev_snap_obj, ds, &ds->ds_prev)); 825 } 826 } 827 828 ASSERT3U(ds->ds_dir->dd_phys->dd_origin_obj, ==, prev->ds_object); 829 ASSERT3U(ds->ds_phys->ds_prev_snap_obj, ==, prev->ds_object); 830 831 if (prev->ds_phys->ds_next_clones_obj == 0) { 832 dmu_buf_will_dirty(prev->ds_dbuf, tx); 833 prev->ds_phys->ds_next_clones_obj = 834 zap_create(dp->dp_meta_objset, 835 DMU_OT_NEXT_CLONES, DMU_OT_NONE, 0, tx); 836 } 837 VERIFY0(zap_add_int(dp->dp_meta_objset, 838 prev->ds_phys->ds_next_clones_obj, ds->ds_object, tx)); 839 840 dsl_dataset_rele(ds, FTAG); 841 if (prev != dp->dp_origin_snap) 842 dsl_dataset_rele(prev, FTAG); 843 return (0); 844} 845 846void 847dsl_pool_upgrade_clones(dsl_pool_t *dp, dmu_tx_t *tx) 848{ 849 ASSERT(dmu_tx_is_syncing(tx)); 850 ASSERT(dp->dp_origin_snap != NULL); 851 852 VERIFY0(dmu_objset_find_dp(dp, dp->dp_root_dir_obj, upgrade_clones_cb, 853 tx, DS_FIND_CHILDREN)); 854} 855 856/* ARGSUSED */ 857static int 858upgrade_dir_clones_cb(dsl_pool_t *dp, dsl_dataset_t *ds, void *arg) 859{ 860 dmu_tx_t *tx = arg; 861 objset_t *mos = dp->dp_meta_objset; 862 863 if (ds->ds_dir->dd_phys->dd_origin_obj != 0) { 864 dsl_dataset_t *origin; 865 866 VERIFY0(dsl_dataset_hold_obj(dp, 867 ds->ds_dir->dd_phys->dd_origin_obj, FTAG, &origin)); 868 869 if (origin->ds_dir->dd_phys->dd_clones == 0) { 870 dmu_buf_will_dirty(origin->ds_dir->dd_dbuf, tx); 871 origin->ds_dir->dd_phys->dd_clones = zap_create(mos, 872 DMU_OT_DSL_CLONES, DMU_OT_NONE, 0, tx); 873 } 874 875 VERIFY0(zap_add_int(dp->dp_meta_objset, 876 origin->ds_dir->dd_phys->dd_clones, ds->ds_object, tx)); 877 878 dsl_dataset_rele(origin, FTAG); 879 } 880 return (0); 881} 882 883void 884dsl_pool_upgrade_dir_clones(dsl_pool_t *dp, dmu_tx_t *tx) 885{ 886 ASSERT(dmu_tx_is_syncing(tx)); 887 uint64_t obj; 888 889 (void) dsl_dir_create_sync(dp, dp->dp_root_dir, FREE_DIR_NAME, tx); 890 VERIFY0(dsl_pool_open_special_dir(dp, 891 FREE_DIR_NAME, &dp->dp_free_dir)); 892 893 /* 894 * We can't use bpobj_alloc(), because spa_version() still 895 * returns the old version, and we need a new-version bpobj with 896 * subobj support. So call dmu_object_alloc() directly. 897 */ 898 obj = dmu_object_alloc(dp->dp_meta_objset, DMU_OT_BPOBJ, 899 SPA_OLD_MAXBLOCKSIZE, DMU_OT_BPOBJ_HDR, sizeof (bpobj_phys_t), tx); 900 VERIFY0(zap_add(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT, 901 DMU_POOL_FREE_BPOBJ, sizeof (uint64_t), 1, &obj, tx)); 902 VERIFY0(bpobj_open(&dp->dp_free_bpobj, dp->dp_meta_objset, obj)); 903 904 VERIFY0(dmu_objset_find_dp(dp, dp->dp_root_dir_obj, 905 upgrade_dir_clones_cb, tx, DS_FIND_CHILDREN)); 906} 907 908void 909dsl_pool_create_origin(dsl_pool_t *dp, dmu_tx_t *tx) 910{ 911 uint64_t dsobj; 912 dsl_dataset_t *ds; 913 914 ASSERT(dmu_tx_is_syncing(tx)); 915 ASSERT(dp->dp_origin_snap == NULL); 916 ASSERT(rrw_held(&dp->dp_config_rwlock, RW_WRITER)); 917 918 /* create the origin dir, ds, & snap-ds */ 919 dsobj = dsl_dataset_create_sync(dp->dp_root_dir, ORIGIN_DIR_NAME, 920 NULL, 0, kcred, tx); 921 VERIFY0(dsl_dataset_hold_obj(dp, dsobj, FTAG, &ds)); 922 dsl_dataset_snapshot_sync_impl(ds, ORIGIN_DIR_NAME, tx); 923 VERIFY0(dsl_dataset_hold_obj(dp, ds->ds_phys->ds_prev_snap_obj, 924 dp, &dp->dp_origin_snap)); 925 dsl_dataset_rele(ds, FTAG); 926} 927 928taskq_t * 929dsl_pool_vnrele_taskq(dsl_pool_t *dp) 930{ 931 return (dp->dp_vnrele_taskq); 932} 933 934/* 935 * Walk through the pool-wide zap object of temporary snapshot user holds 936 * and release them. 937 */ 938void 939dsl_pool_clean_tmp_userrefs(dsl_pool_t *dp) 940{ 941 zap_attribute_t za; 942 zap_cursor_t zc; 943 objset_t *mos = dp->dp_meta_objset; 944 uint64_t zapobj = dp->dp_tmp_userrefs_obj; 945 nvlist_t *holds; 946 947 if (zapobj == 0) 948 return; 949 ASSERT(spa_version(dp->dp_spa) >= SPA_VERSION_USERREFS); 950 951 holds = fnvlist_alloc(); 952 953 for (zap_cursor_init(&zc, mos, zapobj); 954 zap_cursor_retrieve(&zc, &za) == 0; 955 zap_cursor_advance(&zc)) { 956 char *htag; 957 nvlist_t *tags; 958 959 htag = strchr(za.za_name, '-'); 960 *htag = '\0'; 961 ++htag; 962 if (nvlist_lookup_nvlist(holds, za.za_name, &tags) != 0) { 963 tags = fnvlist_alloc(); 964 fnvlist_add_boolean(tags, htag); 965 fnvlist_add_nvlist(holds, za.za_name, tags); 966 fnvlist_free(tags); 967 } else { 968 fnvlist_add_boolean(tags, htag); 969 } 970 } 971 dsl_dataset_user_release_tmp(dp, holds); 972 fnvlist_free(holds); 973 zap_cursor_fini(&zc); 974} 975 976/* 977 * Create the pool-wide zap object for storing temporary snapshot holds. 978 */ 979void 980dsl_pool_user_hold_create_obj(dsl_pool_t *dp, dmu_tx_t *tx) 981{ 982 objset_t *mos = dp->dp_meta_objset; 983 984 ASSERT(dp->dp_tmp_userrefs_obj == 0); 985 ASSERT(dmu_tx_is_syncing(tx)); 986 987 dp->dp_tmp_userrefs_obj = zap_create_link(mos, DMU_OT_USERREFS, 988 DMU_POOL_DIRECTORY_OBJECT, DMU_POOL_TMP_USERREFS, tx); 989} 990 991static int 992dsl_pool_user_hold_rele_impl(dsl_pool_t *dp, uint64_t dsobj, 993 const char *tag, uint64_t now, dmu_tx_t *tx, boolean_t holding) 994{ 995 objset_t *mos = dp->dp_meta_objset; 996 uint64_t zapobj = dp->dp_tmp_userrefs_obj; 997 char *name; 998 int error; 999 1000 ASSERT(spa_version(dp->dp_spa) >= SPA_VERSION_USERREFS); 1001 ASSERT(dmu_tx_is_syncing(tx)); 1002 1003 /* 1004 * If the pool was created prior to SPA_VERSION_USERREFS, the 1005 * zap object for temporary holds might not exist yet. 1006 */ 1007 if (zapobj == 0) { 1008 if (holding) { 1009 dsl_pool_user_hold_create_obj(dp, tx); 1010 zapobj = dp->dp_tmp_userrefs_obj; 1011 } else { 1012 return (SET_ERROR(ENOENT)); 1013 } 1014 } 1015 1016 name = kmem_asprintf("%llx-%s", (u_longlong_t)dsobj, tag); 1017 if (holding) 1018 error = zap_add(mos, zapobj, name, 8, 1, &now, tx); 1019 else 1020 error = zap_remove(mos, zapobj, name, tx); 1021 strfree(name); 1022 1023 return (error); 1024} 1025 1026/* 1027 * Add a temporary hold for the given dataset object and tag. 1028 */ 1029int 1030dsl_pool_user_hold(dsl_pool_t *dp, uint64_t dsobj, const char *tag, 1031 uint64_t now, dmu_tx_t *tx) 1032{ 1033 return (dsl_pool_user_hold_rele_impl(dp, dsobj, tag, now, tx, B_TRUE)); 1034} 1035 1036/* 1037 * Release a temporary hold for the given dataset object and tag. 1038 */ 1039int 1040dsl_pool_user_release(dsl_pool_t *dp, uint64_t dsobj, const char *tag, 1041 dmu_tx_t *tx) 1042{ 1043 return (dsl_pool_user_hold_rele_impl(dp, dsobj, tag, 0, 1044 tx, B_FALSE)); 1045} 1046 1047/* 1048 * DSL Pool Configuration Lock 1049 * 1050 * The dp_config_rwlock protects against changes to DSL state (e.g. dataset 1051 * creation / destruction / rename / property setting). It must be held for 1052 * read to hold a dataset or dsl_dir. I.e. you must call 1053 * dsl_pool_config_enter() or dsl_pool_hold() before calling 1054 * dsl_{dataset,dir}_hold{_obj}. In most circumstances, the dp_config_rwlock 1055 * must be held continuously until all datasets and dsl_dirs are released. 1056 * 1057 * The only exception to this rule is that if a "long hold" is placed on 1058 * a dataset, then the dp_config_rwlock may be dropped while the dataset 1059 * is still held. The long hold will prevent the dataset from being 1060 * destroyed -- the destroy will fail with EBUSY. A long hold can be 1061 * obtained by calling dsl_dataset_long_hold(), or by "owning" a dataset 1062 * (by calling dsl_{dataset,objset}_{try}own{_obj}). 1063 * 1064 * Legitimate long-holders (including owners) should be long-running, cancelable 1065 * tasks that should cause "zfs destroy" to fail. This includes DMU 1066 * consumers (i.e. a ZPL filesystem being mounted or ZVOL being open), 1067 * "zfs send", and "zfs diff". There are several other long-holders whose 1068 * uses are suboptimal (e.g. "zfs promote", and zil_suspend()). 1069 * 1070 * The usual formula for long-holding would be: 1071 * dsl_pool_hold() 1072 * dsl_dataset_hold() 1073 * ... perform checks ... 1074 * dsl_dataset_long_hold() 1075 * dsl_pool_rele() 1076 * ... perform long-running task ... 1077 * dsl_dataset_long_rele() 1078 * dsl_dataset_rele() 1079 * 1080 * Note that when the long hold is released, the dataset is still held but 1081 * the pool is not held. The dataset may change arbitrarily during this time 1082 * (e.g. it could be destroyed). Therefore you shouldn't do anything to the 1083 * dataset except release it. 1084 * 1085 * User-initiated operations (e.g. ioctls, zfs_ioc_*()) are either read-only 1086 * or modifying operations. 1087 * 1088 * Modifying operations should generally use dsl_sync_task(). The synctask 1089 * infrastructure enforces proper locking strategy with respect to the 1090 * dp_config_rwlock. See the comment above dsl_sync_task() for details. 1091 * 1092 * Read-only operations will manually hold the pool, then the dataset, obtain 1093 * information from the dataset, then release the pool and dataset. 1094 * dmu_objset_{hold,rele}() are convenience routines that also do the pool 1095 * hold/rele. 1096 */ 1097 1098int 1099dsl_pool_hold(const char *name, void *tag, dsl_pool_t **dp) 1100{ 1101 spa_t *spa; 1102 int error; 1103 1104 error = spa_open(name, &spa, tag); 1105 if (error == 0) { 1106 *dp = spa_get_dsl(spa); 1107 dsl_pool_config_enter(*dp, tag); 1108 } 1109 return (error); 1110} 1111 1112void 1113dsl_pool_rele(dsl_pool_t *dp, void *tag) 1114{ 1115 dsl_pool_config_exit(dp, tag); 1116 spa_close(dp->dp_spa, tag); 1117} 1118 1119void 1120dsl_pool_config_enter(dsl_pool_t *dp, void *tag) 1121{ 1122 /* 1123 * We use a "reentrant" reader-writer lock, but not reentrantly. 1124 * 1125 * The rrwlock can (with the track_all flag) track all reading threads, 1126 * which is very useful for debugging which code path failed to release 1127 * the lock, and for verifying that the *current* thread does hold 1128 * the lock. 1129 * 1130 * (Unlike a rwlock, which knows that N threads hold it for 1131 * read, but not *which* threads, so rw_held(RW_READER) returns TRUE 1132 * if any thread holds it for read, even if this thread doesn't). 1133 */ 1134 ASSERT(!rrw_held(&dp->dp_config_rwlock, RW_READER)); 1135 rrw_enter(&dp->dp_config_rwlock, RW_READER, tag); 1136} 1137 1138void 1139dsl_pool_config_exit(dsl_pool_t *dp, void *tag) 1140{ 1141 rrw_exit(&dp->dp_config_rwlock, tag); 1142} 1143 1144boolean_t 1145dsl_pool_config_held(dsl_pool_t *dp) 1146{ 1147 return (RRW_LOCK_HELD(&dp->dp_config_rwlock)); 1148} 1149