• Kiyoshi Ueda's avatar
    [PATCH] dm: suspend: add noflush pushback · 2e93ccc1
    Kiyoshi Ueda authored
    In device-mapper I/O is sometimes queued within targets for later processing.
    For example the multipath target can be configured to store I/O when no paths
    are available instead of returning it -EIO.
    
    This patch allows the device-mapper core to instruct a target to transfer the
    contents of any such in-target queue back into the core.  This frees up the
    resources used by the target so the core can replace that target with an
    alternative one and then resend the I/O to it.  Without this patch the only
    way to change the target in such circumstances involves returning the I/O with
    an error back to the filesystem/application.  In the multipath case, this
    patch will let us add new paths for existing I/O to try after all the existing
    paths have failed.
    
        DMF_NOFLUSH_SUSPENDING
        ----------------------
    
    If the DM_NOFLUSH_FLAG ioctl option is specified at suspend time, the
    DMF_NOFLUSH_SUSPENDING flag is set in md->flags during dm_suspend().  It
    is always cleared before dm_suspend() returns.
    
    The flag must be visible while the target is flushing pending I/Os so it
    is set before presuspend where the flush starts and unset after the wait
    for md->pending where the flush ends.
    
    Target drivers can check this flag by calling dm_noflush_suspending().
    
        DM_MAPIO_REQUEUE / DM_ENDIO_REQUEUE
        -----------------------------------
    
    A target's map() function can now return DM_MAPIO_REQUEUE to request the
    device mapper core queue the bio.
    
    Similarly, a target's end_io() function can return DM_ENDIO_REQUEUE to request
    the same.  This has been labelled 'pushback'.
    
    The __map_bio() and clone_endio() functions in the core treat these return
    values as errors and call dec_pending() to end the I/O.
    
        dec_pending
        -----------
    
    dec_pending() saves the pushback request in struct dm_io->error.  Once all
    the split clones have ended, dec_pending() will put the original bio on
    the md->pushback list.  Note that this supercedes any I/O errors.
    
    It is possible for the suspend with DM_NOFLUSH_FLAG to be aborted while
    in progress (e.g. by user interrupt).  dec_pending() checks for this and
    returns -EIO if it happened.
    
        pushdback list and pushback_lock
        --------------------------------
    
    The bio is queued on md->pushback temporarily in dec_pending(), and after
    all pending I/Os return, md->pushback is merged into md->deferred in
    dm_suspend() for re-issuing at resume time.
    
    md->pushback_lock protects md->pushback.
    The lock should be held with irq disabled because dec_pending() can be
    called from interrupt context.
    
    Queueing bios to md->pushback in dec_pending() must be done atomically
    with the check for DMF_NOFLUSH_SUSPENDING flag.  So md->pushback_lock is
    held when checking the flag.  Otherwise dec_pending() may queue a bio to
    md->pushback after the interrupted dm_suspend() flushes md->pushback.
    Then the bio would be left in md->pushback.
    
    Flag setting in dm_suspend() can be done without md->pushback_lock because
    the flag is checked only after presuspend and the set value is already
    made visible via the target's presuspend function.
    
    The flag can be checked without md->pushback_lock (e.g. the first part of
    the dec_pending() or target drivers), because the flag is checked again
    with md->pushback_lock held when the bio is really queued to md->pushback
    as described above.  So even if the flag is cleared after the lockless
    checkings, the bio isn't left in md->pushback but returned to applications
    with -EIO.
    
        Other notes on the current patch
        --------------------------------
    
    - md->pushback is added to the struct mapped_device instead of using
      md->deferred directly because md->io_lock which protects md->deferred is
      rw_semaphore and can't be used in interrupt context like dec_pending(),
      and md->io_lock protects the DMF_BLOCK_IO flag of md->flags too.
    
    - Don't issue lock_fs() in dm_suspend() if the DM_NOFLUSH_FLAG
      ioctl option is specified, because I/Os generated by lock_fs() would be
      pushed back and never return if there were no valid devices.
    
    - If an error occurs in dm_suspend() after the DMF_NOFLUSH_SUSPENDING
      flag is set, md->pushback must be flushed because I/Os may be queued to
      the list already.  (flush_and_out label in dm_suspend())
    
        Test results
        ------------
    
    I have tested using multipath target with the next patch.
    
    The following tests are for regression/compatibility:
      - I/Os succeed when valid paths exist;
      - I/Os fail when there are no valid paths and queue_if_no_path is not
        set;
      - I/Os are queued in the multipath target when there are no valid paths and
        queue_if_no_path is set;
      - The queued I/Os above fail when suspend is issued without the
        DM_NOFLUSH_FLAG ioctl option.  I/Os spanning 2 multipath targets also
        fail.
    
    The following tests are for the normal code path of new pushback feature:
      - Queued I/Os in the multipath target are flushed from the target
        but don't return when suspend is issued with the DM_NOFLUSH_FLAG
        ioctl option;
      - The I/Os above are queued in the multipath target again when
        resume is issued without path recovery;
      - The I/Os above succeed when resume is issued after path recovery
        or table load;
      - Queued I/Os in the multipath target succeed when resume is issued
        with the DM_NOFLUSH_FLAG ioctl option after table load. I/Os
        spanning 2 multipath targets also succeed.
    
    The following tests are for the error paths of the new pushback feature:
      - When the bdget_disk() fails in dm_suspend(), the
        DMF_NOFLUSH_SUSPENDING flag is cleared and I/Os already queued to the
        pushback list are flushed properly.
      - When suspend with the DM_NOFLUSH_FLAG ioctl option is interrupted,
          o I/Os which had already been queued to the pushback list
            at the time don't return, and are re-issued at resume time;
          o I/Os which hadn't been returned at the time return with EIO.
    Signed-off-by: default avatarKiyoshi Ueda <k-ueda@ct.jp.nec.com>
    Signed-off-by: default avatarJun'ichi Nomura <j-nomura@ce.jp.nec.com>
    Signed-off-by: default avatarAlasdair G Kergon <agk@redhat.com>
    Cc: dm-devel@redhat.com
    Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
    2e93ccc1
dm.c 31.1 KB