2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
|
* CDDL HEADER START
|
|
|
|
|
*
|
|
|
|
|
* The contents of this file are subject to the terms of the
|
|
|
|
|
* Common Development and Distribution License (the "License").
|
|
|
|
|
* You may not use this file except in compliance with the License.
|
|
|
|
|
*
|
|
|
|
|
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
|
2022-07-12 00:16:13 +03:00
|
|
|
* or https://opensource.org/licenses/CDDL-1.0.
|
2008-11-20 23:01:55 +03:00
|
|
|
* See the License for the specific language governing permissions
|
|
|
|
|
* and limitations under the License.
|
|
|
|
|
*
|
|
|
|
|
* When distributing Covered Code, include this CDDL HEADER in each
|
|
|
|
|
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
|
|
|
|
|
* If applicable, add the following below this CDDL HEADER, with the
|
|
|
|
|
* fields enclosed by brackets "[]" replaced with your own identifying
|
|
|
|
|
* information: Portions Copyright [yyyy] [name of copyright owner]
|
|
|
|
|
*
|
|
|
|
|
* CDDL HEADER END
|
|
|
|
|
*/
|
|
|
|
|
/*
|
2009-07-03 02:44:48 +04:00
|
|
|
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
|
2008-11-20 23:01:55 +03:00
|
|
|
* Use is subject to license terms.
|
|
|
|
|
*/
|
|
|
|
|
|
2012-04-08 21:23:08 +04:00
|
|
|
/*
|
2021-02-20 09:33:15 +03:00
|
|
|
* Copyright (c) 2012,2021 by Delphix. All rights reserved.
|
2012-04-08 21:23:08 +04:00
|
|
|
*/
|
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
#include <sys/spa.h>
|
|
|
|
|
#include <sys/spa_impl.h>
|
|
|
|
|
#include <sys/vdev.h>
|
|
|
|
|
#include <sys/vdev_impl.h>
|
|
|
|
|
#include <sys/zio.h>
|
2010-05-29 00:45:14 +04:00
|
|
|
#include <sys/zio_checksum.h>
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
|
#include <sys/fm/fs/zfs.h>
|
|
|
|
|
#include <sys/fm/protocol.h>
|
|
|
|
|
#include <sys/fm/util.h>
|
|
|
|
|
#include <sys/sysevent.h>
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* This general routine is responsible for generating all the different ZFS
|
|
|
|
|
* ereports. The payload is dependent on the class, and which arguments are
|
|
|
|
|
* supplied to the function:
|
|
|
|
|
*
|
|
|
|
|
* EREPORT POOL VDEV IO
|
|
|
|
|
* block X X X
|
|
|
|
|
* data X X
|
|
|
|
|
* device X X
|
|
|
|
|
* pool X
|
|
|
|
|
*
|
|
|
|
|
* If we are in a loading state, all errors are chained together by the same
|
2008-12-03 23:09:06 +03:00
|
|
|
* SPA-wide ENA (Error Numeric Association).
|
2008-11-20 23:01:55 +03:00
|
|
|
*
|
|
|
|
|
* For isolated I/O requests, we get the ENA from the zio_t. The propagation
|
|
|
|
|
* gets very complicated due to RAID-Z, gang blocks, and vdev caching. We want
|
|
|
|
|
* to chain together all ereports associated with a logical piece of data. For
|
|
|
|
|
* read I/Os, there are basically three 'types' of I/O, which form a roughly
|
|
|
|
|
* layered diagram:
|
|
|
|
|
*
|
2021-12-12 18:06:44 +03:00
|
|
|
* +---------------+
|
2008-11-20 23:01:55 +03:00
|
|
|
* | Aggregate I/O | No associated logical data or device
|
|
|
|
|
* +---------------+
|
|
|
|
|
* |
|
|
|
|
|
* V
|
|
|
|
|
* +---------------+ Reads associated with a piece of logical data.
|
|
|
|
|
* | Read I/O | This includes reads on behalf of RAID-Z,
|
|
|
|
|
* +---------------+ mirrors, gang blocks, retries, etc.
|
|
|
|
|
* |
|
|
|
|
|
* V
|
|
|
|
|
* +---------------+ Reads associated with a particular device, but
|
|
|
|
|
* | Physical I/O | no logical data. Issued as part of vdev caching
|
|
|
|
|
* +---------------+ and I/O aggregation.
|
|
|
|
|
*
|
|
|
|
|
* Note that 'physical I/O' here is not the same terminology as used in the rest
|
|
|
|
|
* of ZIO. Typically, 'physical I/O' simply means that there is no attached
|
|
|
|
|
* blockpointer. But I/O with no associated block pointer can still be related
|
|
|
|
|
* to a logical piece of data (i.e. RAID-Z requests).
|
|
|
|
|
*
|
|
|
|
|
* Purely physical I/O always have unique ENAs. They are not related to a
|
|
|
|
|
* particular piece of logical data, and therefore cannot be chained together.
|
|
|
|
|
* We still generate an ereport, but the DE doesn't correlate it with any
|
|
|
|
|
* logical piece of data. When such an I/O fails, the delegated I/O requests
|
|
|
|
|
* will issue a retry, which will trigger the 'real' ereport with the correct
|
|
|
|
|
* ENA.
|
|
|
|
|
*
|
|
|
|
|
* We keep track of the ENA for a ZIO chain through the 'io_logical' member.
|
|
|
|
|
* When a new logical I/O is issued, we set this to point to itself. Child I/Os
|
|
|
|
|
* then inherit this pointer, so that when it is first set subsequent failures
|
2008-12-03 23:09:06 +03:00
|
|
|
* will use the same ENA. For vdev cache fill and queue aggregation I/O,
|
|
|
|
|
* this pointer is set to NULL, and no ereport will be generated (since it
|
|
|
|
|
* doesn't actually correspond to any particular device or piece of data,
|
|
|
|
|
* and the caller will always retry without caching or queueing anyway).
|
2010-05-29 00:45:14 +04:00
|
|
|
*
|
|
|
|
|
* For checksum errors, we want to include more information about the actual
|
|
|
|
|
* error which occurs. Accordingly, we build an ereport when the error is
|
|
|
|
|
* noticed, but instead of sending it in immediately, we hang it off of the
|
|
|
|
|
* io_cksum_report field of the logical IO. When the logical IO completes
|
|
|
|
|
* (successfully or not), zfs_ereport_finish_checksum() is called with the
|
|
|
|
|
* good and bad versions of the buffer (if available), and we annotate the
|
|
|
|
|
* ereport with information about the differences.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
2020-09-04 20:34:28 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
#ifdef _KERNEL
|
2020-09-04 20:34:28 +03:00
|
|
|
/*
|
|
|
|
|
* Duplicate ereport Detection
|
|
|
|
|
*
|
|
|
|
|
* Some ereports are retained momentarily for detecting duplicates. These
|
|
|
|
|
* are kept in a recent_events_node_t in both a time-ordered list and an AVL
|
|
|
|
|
* tree of recent unique ereports.
|
|
|
|
|
*
|
|
|
|
|
* The lifespan of these recent ereports is bounded (15 mins) and a cleaner
|
|
|
|
|
* task is used to purge stale entries.
|
|
|
|
|
*/
|
|
|
|
|
static list_t recent_events_list;
|
|
|
|
|
static avl_tree_t recent_events_tree;
|
|
|
|
|
static kmutex_t recent_events_lock;
|
|
|
|
|
static taskqid_t recent_events_cleaner_tqid;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Each node is about 128 bytes so 2,000 would consume 1/4 MiB.
|
|
|
|
|
*
|
|
|
|
|
* This setting can be changed dynamically and setting it to zero
|
|
|
|
|
* disables duplicate detection.
|
|
|
|
|
*/
|
2022-01-15 02:37:55 +03:00
|
|
|
static unsigned int zfs_zevent_retain_max = 2000;
|
2020-09-04 20:34:28 +03:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* The lifespan for a recent ereport entry. The default of 15 minutes is
|
|
|
|
|
* intended to outlive the zfs diagnosis engine's threshold of 10 errors
|
|
|
|
|
* over a period of 10 minutes.
|
|
|
|
|
*/
|
2022-01-15 02:37:55 +03:00
|
|
|
static unsigned int zfs_zevent_retain_expire_secs = 900;
|
2020-09-04 20:34:28 +03:00
|
|
|
|
|
|
|
|
typedef enum zfs_subclass {
|
|
|
|
|
ZSC_IO,
|
|
|
|
|
ZSC_DATA,
|
|
|
|
|
ZSC_CHECKSUM
|
|
|
|
|
} zfs_subclass_t;
|
|
|
|
|
|
|
|
|
|
typedef struct {
|
|
|
|
|
/* common criteria */
|
|
|
|
|
uint64_t re_pool_guid;
|
|
|
|
|
uint64_t re_vdev_guid;
|
|
|
|
|
int re_io_error;
|
|
|
|
|
uint64_t re_io_size;
|
|
|
|
|
uint64_t re_io_offset;
|
|
|
|
|
zfs_subclass_t re_subclass;
|
|
|
|
|
zio_priority_t re_io_priority;
|
|
|
|
|
|
|
|
|
|
/* logical zio criteria (optional) */
|
|
|
|
|
zbookmark_phys_t re_io_bookmark;
|
|
|
|
|
|
|
|
|
|
/* internal state */
|
|
|
|
|
avl_node_t re_tree_link;
|
|
|
|
|
list_node_t re_list_link;
|
|
|
|
|
uint64_t re_timestamp;
|
|
|
|
|
} recent_events_node_t;
|
|
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
recent_events_compare(const void *a, const void *b)
|
|
|
|
|
{
|
|
|
|
|
const recent_events_node_t *node1 = a;
|
|
|
|
|
const recent_events_node_t *node2 = b;
|
|
|
|
|
int cmp;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* The comparison order here is somewhat arbitrary.
|
|
|
|
|
* What's important is that if every criteria matches, then it
|
|
|
|
|
* is a duplicate (i.e. compare returns 0)
|
|
|
|
|
*/
|
|
|
|
|
if ((cmp = TREE_CMP(node1->re_subclass, node2->re_subclass)) != 0)
|
|
|
|
|
return (cmp);
|
|
|
|
|
if ((cmp = TREE_CMP(node1->re_pool_guid, node2->re_pool_guid)) != 0)
|
|
|
|
|
return (cmp);
|
|
|
|
|
if ((cmp = TREE_CMP(node1->re_vdev_guid, node2->re_vdev_guid)) != 0)
|
|
|
|
|
return (cmp);
|
|
|
|
|
if ((cmp = TREE_CMP(node1->re_io_error, node2->re_io_error)) != 0)
|
|
|
|
|
return (cmp);
|
|
|
|
|
if ((cmp = TREE_CMP(node1->re_io_priority, node2->re_io_priority)) != 0)
|
|
|
|
|
return (cmp);
|
|
|
|
|
if ((cmp = TREE_CMP(node1->re_io_size, node2->re_io_size)) != 0)
|
|
|
|
|
return (cmp);
|
|
|
|
|
if ((cmp = TREE_CMP(node1->re_io_offset, node2->re_io_offset)) != 0)
|
|
|
|
|
return (cmp);
|
|
|
|
|
|
|
|
|
|
const zbookmark_phys_t *zb1 = &node1->re_io_bookmark;
|
|
|
|
|
const zbookmark_phys_t *zb2 = &node2->re_io_bookmark;
|
|
|
|
|
|
|
|
|
|
if ((cmp = TREE_CMP(zb1->zb_objset, zb2->zb_objset)) != 0)
|
|
|
|
|
return (cmp);
|
|
|
|
|
if ((cmp = TREE_CMP(zb1->zb_object, zb2->zb_object)) != 0)
|
|
|
|
|
return (cmp);
|
|
|
|
|
if ((cmp = TREE_CMP(zb1->zb_level, zb2->zb_level)) != 0)
|
|
|
|
|
return (cmp);
|
|
|
|
|
if ((cmp = TREE_CMP(zb1->zb_blkid, zb2->zb_blkid)) != 0)
|
|
|
|
|
return (cmp);
|
|
|
|
|
|
|
|
|
|
return (0);
|
|
|
|
|
}
|
|
|
|
|
|
2023-01-24 00:14:25 +03:00
|
|
|
/*
|
|
|
|
|
* workaround: vdev properties don't have inheritance
|
|
|
|
|
*/
|
|
|
|
|
static uint64_t
|
|
|
|
|
vdev_prop_get_inherited(vdev_t *vd, vdev_prop_t prop)
|
|
|
|
|
{
|
|
|
|
|
uint64_t propdef, propval;
|
|
|
|
|
|
|
|
|
|
propdef = vdev_prop_default_numeric(prop);
|
|
|
|
|
switch (prop) {
|
|
|
|
|
case VDEV_PROP_CHECKSUM_N:
|
|
|
|
|
propval = vd->vdev_checksum_n;
|
|
|
|
|
break;
|
|
|
|
|
case VDEV_PROP_CHECKSUM_T:
|
|
|
|
|
propval = vd->vdev_checksum_t;
|
|
|
|
|
break;
|
|
|
|
|
case VDEV_PROP_IO_N:
|
|
|
|
|
propval = vd->vdev_io_n;
|
|
|
|
|
break;
|
|
|
|
|
case VDEV_PROP_IO_T:
|
|
|
|
|
propval = vd->vdev_io_t;
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
propval = propdef;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (propval != propdef)
|
|
|
|
|
return (propval);
|
|
|
|
|
|
|
|
|
|
if (vd->vdev_parent == NULL)
|
|
|
|
|
return (propdef);
|
|
|
|
|
|
|
|
|
|
return (vdev_prop_get_inherited(vd->vdev_parent, prop));
|
|
|
|
|
}
|
|
|
|
|
|
2020-09-04 20:34:28 +03:00
|
|
|
static void zfs_ereport_schedule_cleaner(void);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* background task to clean stale recent event nodes.
|
|
|
|
|
*/
|
|
|
|
|
static void
|
|
|
|
|
zfs_ereport_cleaner(void *arg)
|
|
|
|
|
{
|
|
|
|
|
recent_events_node_t *entry;
|
|
|
|
|
uint64_t now = gethrtime();
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* purge expired entries
|
|
|
|
|
*/
|
|
|
|
|
mutex_enter(&recent_events_lock);
|
|
|
|
|
while ((entry = list_tail(&recent_events_list)) != NULL) {
|
|
|
|
|
uint64_t age = NSEC2SEC(now - entry->re_timestamp);
|
|
|
|
|
if (age <= zfs_zevent_retain_expire_secs)
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
/* remove expired node */
|
|
|
|
|
avl_remove(&recent_events_tree, entry);
|
|
|
|
|
list_remove(&recent_events_list, entry);
|
|
|
|
|
kmem_free(entry, sizeof (*entry));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Restart the cleaner if more entries remain */
|
|
|
|
|
recent_events_cleaner_tqid = 0;
|
|
|
|
|
if (!list_is_empty(&recent_events_list))
|
|
|
|
|
zfs_ereport_schedule_cleaner();
|
|
|
|
|
|
|
|
|
|
mutex_exit(&recent_events_lock);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
zfs_ereport_schedule_cleaner(void)
|
|
|
|
|
{
|
|
|
|
|
ASSERT(MUTEX_HELD(&recent_events_lock));
|
|
|
|
|
|
|
|
|
|
uint64_t timeout = SEC2NSEC(zfs_zevent_retain_expire_secs + 1);
|
|
|
|
|
|
|
|
|
|
recent_events_cleaner_tqid = taskq_dispatch_delay(
|
|
|
|
|
system_delay_taskq, zfs_ereport_cleaner, NULL, TQ_SLEEP,
|
|
|
|
|
ddi_get_lbolt() + NSEC_TO_TICK(timeout));
|
|
|
|
|
}
|
|
|
|
|
|
2021-02-20 09:33:15 +03:00
|
|
|
/*
|
|
|
|
|
* Clear entries for a given vdev or all vdevs in a pool when vdev == NULL
|
|
|
|
|
*/
|
|
|
|
|
void
|
|
|
|
|
zfs_ereport_clear(spa_t *spa, vdev_t *vd)
|
|
|
|
|
{
|
|
|
|
|
uint64_t vdev_guid, pool_guid;
|
|
|
|
|
|
|
|
|
|
ASSERT(vd != NULL || spa != NULL);
|
|
|
|
|
if (vd == NULL) {
|
|
|
|
|
vdev_guid = 0;
|
|
|
|
|
pool_guid = spa_guid(spa);
|
|
|
|
|
} else {
|
|
|
|
|
vdev_guid = vd->vdev_guid;
|
|
|
|
|
pool_guid = 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
mutex_enter(&recent_events_lock);
|
|
|
|
|
|
|
|
|
|
recent_events_node_t *next = list_head(&recent_events_list);
|
|
|
|
|
while (next != NULL) {
|
|
|
|
|
recent_events_node_t *entry = next;
|
|
|
|
|
|
|
|
|
|
next = list_next(&recent_events_list, next);
|
|
|
|
|
|
|
|
|
|
if (entry->re_vdev_guid == vdev_guid ||
|
|
|
|
|
entry->re_pool_guid == pool_guid) {
|
|
|
|
|
avl_remove(&recent_events_tree, entry);
|
|
|
|
|
list_remove(&recent_events_list, entry);
|
|
|
|
|
kmem_free(entry, sizeof (*entry));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
mutex_exit(&recent_events_lock);
|
|
|
|
|
}
|
|
|
|
|
|
2020-09-04 20:34:28 +03:00
|
|
|
/*
|
|
|
|
|
* Check if an ereport would be a duplicate of one recently posted.
|
|
|
|
|
*
|
|
|
|
|
* An ereport is considered a duplicate if the set of criteria in
|
|
|
|
|
* recent_events_node_t all match.
|
|
|
|
|
*
|
|
|
|
|
* Only FM_EREPORT_ZFS_IO, FM_EREPORT_ZFS_DATA, and FM_EREPORT_ZFS_CHECKSUM
|
|
|
|
|
* are candidates for duplicate checking.
|
|
|
|
|
*/
|
|
|
|
|
static boolean_t
|
|
|
|
|
zfs_ereport_is_duplicate(const char *subclass, spa_t *spa, vdev_t *vd,
|
|
|
|
|
const zbookmark_phys_t *zb, zio_t *zio, uint64_t offset, uint64_t size)
|
|
|
|
|
{
|
|
|
|
|
recent_events_node_t search = {0}, *entry;
|
|
|
|
|
|
|
|
|
|
if (vd == NULL || zio == NULL)
|
|
|
|
|
return (B_FALSE);
|
|
|
|
|
|
|
|
|
|
if (zfs_zevent_retain_max == 0)
|
|
|
|
|
return (B_FALSE);
|
|
|
|
|
|
|
|
|
|
if (strcmp(subclass, FM_EREPORT_ZFS_IO) == 0)
|
|
|
|
|
search.re_subclass = ZSC_IO;
|
|
|
|
|
else if (strcmp(subclass, FM_EREPORT_ZFS_DATA) == 0)
|
|
|
|
|
search.re_subclass = ZSC_DATA;
|
|
|
|
|
else if (strcmp(subclass, FM_EREPORT_ZFS_CHECKSUM) == 0)
|
|
|
|
|
search.re_subclass = ZSC_CHECKSUM;
|
|
|
|
|
else
|
|
|
|
|
return (B_FALSE);
|
|
|
|
|
|
|
|
|
|
search.re_pool_guid = spa_guid(spa);
|
|
|
|
|
search.re_vdev_guid = vd->vdev_guid;
|
|
|
|
|
search.re_io_error = zio->io_error;
|
|
|
|
|
search.re_io_priority = zio->io_priority;
|
|
|
|
|
/* if size is supplied use it over what's in zio */
|
|
|
|
|
if (size) {
|
|
|
|
|
search.re_io_size = size;
|
|
|
|
|
search.re_io_offset = offset;
|
|
|
|
|
} else {
|
|
|
|
|
search.re_io_size = zio->io_size;
|
|
|
|
|
search.re_io_offset = zio->io_offset;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* grab optional logical zio criteria */
|
|
|
|
|
if (zb != NULL) {
|
|
|
|
|
search.re_io_bookmark.zb_objset = zb->zb_objset;
|
|
|
|
|
search.re_io_bookmark.zb_object = zb->zb_object;
|
|
|
|
|
search.re_io_bookmark.zb_level = zb->zb_level;
|
|
|
|
|
search.re_io_bookmark.zb_blkid = zb->zb_blkid;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
uint64_t now = gethrtime();
|
|
|
|
|
|
|
|
|
|
mutex_enter(&recent_events_lock);
|
|
|
|
|
|
|
|
|
|
/* check if we have seen this one recently */
|
|
|
|
|
entry = avl_find(&recent_events_tree, &search, NULL);
|
|
|
|
|
if (entry != NULL) {
|
|
|
|
|
uint64_t age = NSEC2SEC(now - entry->re_timestamp);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* There is still an active cleaner (since we're here).
|
|
|
|
|
* Reset the last seen time for this duplicate entry
|
|
|
|
|
* so that its lifespand gets extended.
|
|
|
|
|
*/
|
|
|
|
|
list_remove(&recent_events_list, entry);
|
|
|
|
|
list_insert_head(&recent_events_list, entry);
|
|
|
|
|
entry->re_timestamp = now;
|
|
|
|
|
|
|
|
|
|
zfs_zevent_track_duplicate();
|
|
|
|
|
mutex_exit(&recent_events_lock);
|
|
|
|
|
|
|
|
|
|
return (age <= zfs_zevent_retain_expire_secs);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (avl_numnodes(&recent_events_tree) >= zfs_zevent_retain_max) {
|
|
|
|
|
/* recycle oldest node */
|
|
|
|
|
entry = list_tail(&recent_events_list);
|
|
|
|
|
ASSERT(entry != NULL);
|
|
|
|
|
list_remove(&recent_events_list, entry);
|
|
|
|
|
avl_remove(&recent_events_tree, entry);
|
|
|
|
|
} else {
|
|
|
|
|
entry = kmem_alloc(sizeof (recent_events_node_t), KM_SLEEP);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* record this as a recent ereport */
|
|
|
|
|
*entry = search;
|
|
|
|
|
avl_add(&recent_events_tree, entry);
|
|
|
|
|
list_insert_head(&recent_events_list, entry);
|
|
|
|
|
entry->re_timestamp = now;
|
|
|
|
|
|
|
|
|
|
/* Start a cleaner if not already scheduled */
|
|
|
|
|
if (recent_events_cleaner_tqid == 0)
|
|
|
|
|
zfs_ereport_schedule_cleaner();
|
|
|
|
|
|
|
|
|
|
mutex_exit(&recent_events_lock);
|
|
|
|
|
return (B_FALSE);
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-30 21:39:17 +03:00
|
|
|
void
|
2010-08-26 22:42:43 +04:00
|
|
|
zfs_zevent_post_cb(nvlist_t *nvl, nvlist_t *detector)
|
|
|
|
|
{
|
|
|
|
|
if (nvl)
|
|
|
|
|
fm_nvlist_destroy(nvl, FM_NVA_FREE);
|
|
|
|
|
|
|
|
|
|
if (detector)
|
|
|
|
|
fm_nvlist_destroy(detector, FM_NVA_FREE);
|
|
|
|
|
}
|
|
|
|
|
|
2016-10-19 22:55:59 +03:00
|
|
|
/*
|
2021-04-08 02:23:57 +03:00
|
|
|
* We want to rate limit ZIO delay, deadman, and checksum events so as to not
|
|
|
|
|
* flood zevent consumers when a disk is acting up.
|
2016-10-19 22:55:59 +03:00
|
|
|
*
|
|
|
|
|
* Returns 1 if we're ratelimiting, 0 if not.
|
|
|
|
|
*/
|
|
|
|
|
static int
|
|
|
|
|
zfs_is_ratelimiting_event(const char *subclass, vdev_t *vd)
|
|
|
|
|
{
|
|
|
|
|
int rc = 0;
|
|
|
|
|
/*
|
2021-04-08 02:23:57 +03:00
|
|
|
* zfs_ratelimit() returns 1 if we're *not* ratelimiting and 0 if we
|
2016-10-19 22:55:59 +03:00
|
|
|
* are. Invert it to get our return value.
|
|
|
|
|
*/
|
|
|
|
|
if (strcmp(subclass, FM_EREPORT_ZFS_DELAY) == 0) {
|
|
|
|
|
rc = !zfs_ratelimit(&vd->vdev_delay_rl);
|
2021-04-08 02:23:57 +03:00
|
|
|
} else if (strcmp(subclass, FM_EREPORT_ZFS_DEADMAN) == 0) {
|
|
|
|
|
rc = !zfs_ratelimit(&vd->vdev_deadman_rl);
|
2016-10-19 22:55:59 +03:00
|
|
|
} else if (strcmp(subclass, FM_EREPORT_ZFS_CHECKSUM) == 0) {
|
|
|
|
|
rc = !zfs_ratelimit(&vd->vdev_checksum_rl);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (rc) {
|
|
|
|
|
/* We're rate limiting */
|
|
|
|
|
fm_erpt_dropped_increment();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return (rc);
|
|
|
|
|
}
|
2014-03-04 07:00:11 +04:00
|
|
|
|
2018-11-09 03:47:24 +03:00
|
|
|
/*
|
|
|
|
|
* Return B_TRUE if the event actually posted, B_FALSE if not.
|
|
|
|
|
*/
|
|
|
|
|
static boolean_t
|
2010-05-29 00:45:14 +04:00
|
|
|
zfs_ereport_start(nvlist_t **ereport_out, nvlist_t **detector_out,
|
2018-03-31 21:12:51 +03:00
|
|
|
const char *subclass, spa_t *spa, vdev_t *vd, const zbookmark_phys_t *zb,
|
Native Encryption for ZFS on Linux
This change incorporates three major pieces:
The first change is a keystore that manages wrapping
and encryption keys for encrypted datasets. These
commands mostly involve manipulating the new
DSL Crypto Key ZAP Objects that live in the MOS. Each
encrypted dataset has its own DSL Crypto Key that is
protected with a user's key. This level of indirection
allows users to change their keys without re-encrypting
their entire datasets. The change implements the new
subcommands "zfs load-key", "zfs unload-key" and
"zfs change-key" which allow the user to manage their
encryption keys and settings. In addition, several new
flags and properties have been added to allow dataset
creation and to make mounting and unmounting more
convenient.
The second piece of this patch provides the ability to
encrypt, decyrpt, and authenticate protected datasets.
Each object set maintains a Merkel tree of Message
Authentication Codes that protect the lower layers,
similarly to how checksums are maintained. This part
impacts the zio layer, which handles the actual
encryption and generation of MACs, as well as the ARC
and DMU, which need to be able to handle encrypted
buffers and protected data.
The last addition is the ability to do raw, encrypted
sends and receives. The idea here is to send raw
encrypted and compressed data and receive it exactly
as is on a backup system. This means that the dataset
on the receiving system is protected using the same
user key that is in use on the sending side. By doing
so, datasets can be efficiently backed up to an
untrusted system without fear of data being
compromised.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Jorgen Lundman <lundman@lundman.net>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #494
Closes #5769
2017-08-14 20:36:48 +03:00
|
|
|
zio_t *zio, uint64_t stateoroffset, uint64_t size)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
|
|
|
|
nvlist_t *ereport, *detector;
|
2010-05-29 00:45:14 +04:00
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
uint64_t ena;
|
|
|
|
|
char class[64];
|
|
|
|
|
|
|
|
|
|
if ((ereport = fm_nvlist_create(NULL)) == NULL)
|
2018-11-09 03:47:24 +03:00
|
|
|
return (B_FALSE);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
|
if ((detector = fm_nvlist_create(NULL)) == NULL) {
|
|
|
|
|
fm_nvlist_destroy(ereport, FM_NVA_FREE);
|
2018-11-09 03:47:24 +03:00
|
|
|
return (B_FALSE);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Serialize ereport generation
|
|
|
|
|
*/
|
|
|
|
|
mutex_enter(&spa->spa_errlist_lock);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Determine the ENA to use for this event. If we are in a loading
|
|
|
|
|
* state, use a SPA-wide ENA. Otherwise, if we are in an I/O state, use
|
|
|
|
|
* a root zio-wide ENA. Otherwise, simply use a unique ENA.
|
|
|
|
|
*/
|
2010-05-29 00:45:14 +04:00
|
|
|
if (spa_load_state(spa) != SPA_LOAD_NONE) {
|
2008-11-20 23:01:55 +03:00
|
|
|
if (spa->spa_ena == 0)
|
|
|
|
|
spa->spa_ena = fm_ena_generate(0, FM_ENA_FMT1);
|
|
|
|
|
ena = spa->spa_ena;
|
|
|
|
|
} else if (zio != NULL && zio->io_logical != NULL) {
|
|
|
|
|
if (zio->io_logical->io_ena == 0)
|
|
|
|
|
zio->io_logical->io_ena =
|
|
|
|
|
fm_ena_generate(0, FM_ENA_FMT1);
|
|
|
|
|
ena = zio->io_logical->io_ena;
|
|
|
|
|
} else {
|
|
|
|
|
ena = fm_ena_generate(0, FM_ENA_FMT1);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Construct the full class, detector, and other standard FMA fields.
|
|
|
|
|
*/
|
|
|
|
|
(void) snprintf(class, sizeof (class), "%s.%s",
|
|
|
|
|
ZFS_ERROR_CLASS, subclass);
|
|
|
|
|
|
|
|
|
|
fm_fmri_zfs_set(detector, FM_ZFS_SCHEME_VERSION, spa_guid(spa),
|
|
|
|
|
vd != NULL ? vd->vdev_guid : 0);
|
|
|
|
|
|
|
|
|
|
fm_ereport_set(ereport, FM_EREPORT_VERSION, class, ena, detector, NULL);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Construct the per-ereport payload, depending on which parameters are
|
|
|
|
|
* passed in.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Generic payload members common to all ereports.
|
|
|
|
|
*/
|
2017-04-04 00:23:02 +03:00
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_POOL, DATA_TYPE_STRING, spa_name(spa),
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_POOL_GUID, DATA_TYPE_UINT64, spa_guid(spa),
|
2017-04-06 00:24:26 +03:00
|
|
|
FM_EREPORT_PAYLOAD_ZFS_POOL_STATE, DATA_TYPE_UINT64,
|
|
|
|
|
(uint64_t)spa_state(spa),
|
2008-11-20 23:01:55 +03:00
|
|
|
FM_EREPORT_PAYLOAD_ZFS_POOL_CONTEXT, DATA_TYPE_INT32,
|
2017-04-06 00:24:26 +03:00
|
|
|
(int32_t)spa_load_state(spa), NULL);
|
2008-12-03 23:09:06 +03:00
|
|
|
|
2016-11-09 01:28:17 +03:00
|
|
|
fm_payload_set(ereport, FM_EREPORT_PAYLOAD_ZFS_POOL_FAILMODE,
|
|
|
|
|
DATA_TYPE_STRING,
|
|
|
|
|
spa_get_failmode(spa) == ZIO_FAILURE_MODE_WAIT ?
|
|
|
|
|
FM_EREPORT_FAILMODE_WAIT :
|
|
|
|
|
spa_get_failmode(spa) == ZIO_FAILURE_MODE_CONTINUE ?
|
|
|
|
|
FM_EREPORT_FAILMODE_CONTINUE : FM_EREPORT_FAILMODE_PANIC,
|
|
|
|
|
NULL);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
|
if (vd != NULL) {
|
|
|
|
|
vdev_t *pvd = vd->vdev_parent;
|
2013-04-30 02:49:23 +04:00
|
|
|
vdev_queue_t *vq = &vd->vdev_queue;
|
2014-01-25 03:47:46 +04:00
|
|
|
vdev_stat_t *vs = &vd->vdev_stat;
|
|
|
|
|
vdev_t *spare_vd;
|
|
|
|
|
uint64_t *spare_guids;
|
|
|
|
|
char **spare_paths;
|
|
|
|
|
int i, spare_count;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
|
fm_payload_set(ereport, FM_EREPORT_PAYLOAD_ZFS_VDEV_GUID,
|
|
|
|
|
DATA_TYPE_UINT64, vd->vdev_guid,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_TYPE,
|
|
|
|
|
DATA_TYPE_STRING, vd->vdev_ops->vdev_op_type, NULL);
|
2009-07-03 02:44:48 +04:00
|
|
|
if (vd->vdev_path != NULL)
|
2008-11-20 23:01:55 +03:00
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_PATH,
|
|
|
|
|
DATA_TYPE_STRING, vd->vdev_path, NULL);
|
2009-07-03 02:44:48 +04:00
|
|
|
if (vd->vdev_devid != NULL)
|
2008-11-20 23:01:55 +03:00
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_DEVID,
|
|
|
|
|
DATA_TYPE_STRING, vd->vdev_devid, NULL);
|
2009-07-03 02:44:48 +04:00
|
|
|
if (vd->vdev_fru != NULL)
|
|
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_FRU,
|
|
|
|
|
DATA_TYPE_STRING, vd->vdev_fru, NULL);
|
2016-10-25 21:05:30 +03:00
|
|
|
if (vd->vdev_enc_sysfs_path != NULL)
|
|
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_ENC_SYSFS_PATH,
|
|
|
|
|
DATA_TYPE_STRING, vd->vdev_enc_sysfs_path, NULL);
|
2012-05-03 16:49:19 +04:00
|
|
|
if (vd->vdev_ashift)
|
|
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_ASHIFT,
|
|
|
|
|
DATA_TYPE_UINT64, vd->vdev_ashift, NULL);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2013-04-30 02:49:23 +04:00
|
|
|
if (vq != NULL) {
|
|
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_COMP_TS,
|
|
|
|
|
DATA_TYPE_UINT64, vq->vq_io_complete_ts, NULL);
|
|
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_DELTA_TS,
|
|
|
|
|
DATA_TYPE_UINT64, vq->vq_io_delta_ts, NULL);
|
|
|
|
|
}
|
|
|
|
|
|
2014-01-25 03:47:46 +04:00
|
|
|
if (vs != NULL) {
|
|
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_READ_ERRORS,
|
|
|
|
|
DATA_TYPE_UINT64, vs->vs_read_errors,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_WRITE_ERRORS,
|
|
|
|
|
DATA_TYPE_UINT64, vs->vs_write_errors,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_CKSUM_ERRORS,
|
2018-11-09 03:47:24 +03:00
|
|
|
DATA_TYPE_UINT64, vs->vs_checksum_errors,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_DELAYS,
|
|
|
|
|
DATA_TYPE_UINT64, vs->vs_slow_ios,
|
|
|
|
|
NULL);
|
2014-01-25 03:47:46 +04:00
|
|
|
}
|
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
if (pvd != NULL) {
|
|
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_PARENT_GUID,
|
|
|
|
|
DATA_TYPE_UINT64, pvd->vdev_guid,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_PARENT_TYPE,
|
|
|
|
|
DATA_TYPE_STRING, pvd->vdev_ops->vdev_op_type,
|
|
|
|
|
NULL);
|
|
|
|
|
if (pvd->vdev_path)
|
|
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_PARENT_PATH,
|
|
|
|
|
DATA_TYPE_STRING, pvd->vdev_path, NULL);
|
|
|
|
|
if (pvd->vdev_devid)
|
|
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_PARENT_DEVID,
|
|
|
|
|
DATA_TYPE_STRING, pvd->vdev_devid, NULL);
|
|
|
|
|
}
|
2014-01-25 03:47:46 +04:00
|
|
|
|
|
|
|
|
spare_count = spa->spa_spares.sav_count;
|
|
|
|
|
spare_paths = kmem_zalloc(sizeof (char *) * spare_count,
|
2014-11-21 03:09:39 +03:00
|
|
|
KM_SLEEP);
|
2014-01-25 03:47:46 +04:00
|
|
|
spare_guids = kmem_zalloc(sizeof (uint64_t) * spare_count,
|
2014-11-21 03:09:39 +03:00
|
|
|
KM_SLEEP);
|
2014-01-25 03:47:46 +04:00
|
|
|
|
|
|
|
|
for (i = 0; i < spare_count; i++) {
|
|
|
|
|
spare_vd = spa->spa_spares.sav_vdevs[i];
|
|
|
|
|
if (spare_vd) {
|
|
|
|
|
spare_paths[i] = spare_vd->vdev_path;
|
|
|
|
|
spare_guids[i] = spare_vd->vdev_guid;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fm_payload_set(ereport, FM_EREPORT_PAYLOAD_ZFS_VDEV_SPARE_PATHS,
|
|
|
|
|
DATA_TYPE_STRING_ARRAY, spare_count, spare_paths,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_SPARE_GUIDS,
|
|
|
|
|
DATA_TYPE_UINT64_ARRAY, spare_count, spare_guids, NULL);
|
|
|
|
|
|
|
|
|
|
kmem_free(spare_guids, sizeof (uint64_t) * spare_count);
|
|
|
|
|
kmem_free(spare_paths, sizeof (char *) * spare_count);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (zio != NULL) {
|
|
|
|
|
/*
|
|
|
|
|
* Payload common to all I/Os.
|
|
|
|
|
*/
|
|
|
|
|
fm_payload_set(ereport, FM_EREPORT_PAYLOAD_ZFS_ZIO_ERR,
|
|
|
|
|
DATA_TYPE_INT32, zio->io_error, NULL);
|
2010-09-28 03:55:05 +04:00
|
|
|
fm_payload_set(ereport, FM_EREPORT_PAYLOAD_ZFS_ZIO_FLAGS,
|
|
|
|
|
DATA_TYPE_INT32, zio->io_flags, NULL);
|
2012-10-26 00:02:31 +04:00
|
|
|
fm_payload_set(ereport, FM_EREPORT_PAYLOAD_ZFS_ZIO_STAGE,
|
|
|
|
|
DATA_TYPE_UINT32, zio->io_stage, NULL);
|
|
|
|
|
fm_payload_set(ereport, FM_EREPORT_PAYLOAD_ZFS_ZIO_PIPELINE,
|
|
|
|
|
DATA_TYPE_UINT32, zio->io_pipeline, NULL);
|
2010-10-02 03:54:52 +04:00
|
|
|
fm_payload_set(ereport, FM_EREPORT_PAYLOAD_ZFS_ZIO_DELAY,
|
|
|
|
|
DATA_TYPE_UINT64, zio->io_delay, NULL);
|
2013-04-30 02:49:23 +04:00
|
|
|
fm_payload_set(ereport, FM_EREPORT_PAYLOAD_ZFS_ZIO_TIMESTAMP,
|
|
|
|
|
DATA_TYPE_UINT64, zio->io_timestamp, NULL);
|
|
|
|
|
fm_payload_set(ereport, FM_EREPORT_PAYLOAD_ZFS_ZIO_DELTA,
|
|
|
|
|
DATA_TYPE_UINT64, zio->io_delta, NULL);
|
2020-09-04 20:34:28 +03:00
|
|
|
fm_payload_set(ereport, FM_EREPORT_PAYLOAD_ZFS_ZIO_PRIORITY,
|
|
|
|
|
DATA_TYPE_UINT32, zio->io_priority, NULL);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* If the 'size' parameter is non-zero, it indicates this is a
|
|
|
|
|
* RAID-Z or other I/O where the physical offset and length are
|
|
|
|
|
* provided for us, instead of within the zio_t.
|
|
|
|
|
*/
|
|
|
|
|
if (vd != NULL) {
|
|
|
|
|
if (size)
|
|
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_ZIO_OFFSET,
|
|
|
|
|
DATA_TYPE_UINT64, stateoroffset,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_ZIO_SIZE,
|
|
|
|
|
DATA_TYPE_UINT64, size, NULL);
|
|
|
|
|
else
|
|
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_ZIO_OFFSET,
|
|
|
|
|
DATA_TYPE_UINT64, zio->io_offset,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_ZIO_SIZE,
|
|
|
|
|
DATA_TYPE_UINT64, zio->io_size, NULL);
|
|
|
|
|
}
|
|
|
|
|
} else if (vd != NULL) {
|
|
|
|
|
/*
|
|
|
|
|
* If we have a vdev but no zio, this is a device fault, and the
|
|
|
|
|
* 'stateoroffset' parameter indicates the previous state of the
|
|
|
|
|
* vdev.
|
|
|
|
|
*/
|
|
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_PREV_STATE,
|
|
|
|
|
DATA_TYPE_UINT64, stateoroffset, NULL);
|
|
|
|
|
}
|
2010-05-29 00:45:14 +04:00
|
|
|
|
Native Encryption for ZFS on Linux
This change incorporates three major pieces:
The first change is a keystore that manages wrapping
and encryption keys for encrypted datasets. These
commands mostly involve manipulating the new
DSL Crypto Key ZAP Objects that live in the MOS. Each
encrypted dataset has its own DSL Crypto Key that is
protected with a user's key. This level of indirection
allows users to change their keys without re-encrypting
their entire datasets. The change implements the new
subcommands "zfs load-key", "zfs unload-key" and
"zfs change-key" which allow the user to manage their
encryption keys and settings. In addition, several new
flags and properties have been added to allow dataset
creation and to make mounting and unmounting more
convenient.
The second piece of this patch provides the ability to
encrypt, decyrpt, and authenticate protected datasets.
Each object set maintains a Merkel tree of Message
Authentication Codes that protect the lower layers,
similarly to how checksums are maintained. This part
impacts the zio layer, which handles the actual
encryption and generation of MACs, as well as the ARC
and DMU, which need to be able to handle encrypted
buffers and protected data.
The last addition is the ability to do raw, encrypted
sends and receives. The idea here is to send raw
encrypted and compressed data and receive it exactly
as is on a backup system. This means that the dataset
on the receiving system is protected using the same
user key that is in use on the sending side. By doing
so, datasets can be efficiently backed up to an
untrusted system without fear of data being
compromised.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Jorgen Lundman <lundman@lundman.net>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #494
Closes #5769
2017-08-14 20:36:48 +03:00
|
|
|
/*
|
|
|
|
|
* Payload for I/Os with corresponding logical information.
|
|
|
|
|
*/
|
2018-11-09 03:47:24 +03:00
|
|
|
if (zb != NULL && (zio == NULL || zio->io_logical != NULL)) {
|
Native Encryption for ZFS on Linux
This change incorporates three major pieces:
The first change is a keystore that manages wrapping
and encryption keys for encrypted datasets. These
commands mostly involve manipulating the new
DSL Crypto Key ZAP Objects that live in the MOS. Each
encrypted dataset has its own DSL Crypto Key that is
protected with a user's key. This level of indirection
allows users to change their keys without re-encrypting
their entire datasets. The change implements the new
subcommands "zfs load-key", "zfs unload-key" and
"zfs change-key" which allow the user to manage their
encryption keys and settings. In addition, several new
flags and properties have been added to allow dataset
creation and to make mounting and unmounting more
convenient.
The second piece of this patch provides the ability to
encrypt, decyrpt, and authenticate protected datasets.
Each object set maintains a Merkel tree of Message
Authentication Codes that protect the lower layers,
similarly to how checksums are maintained. This part
impacts the zio layer, which handles the actual
encryption and generation of MACs, as well as the ARC
and DMU, which need to be able to handle encrypted
buffers and protected data.
The last addition is the ability to do raw, encrypted
sends and receives. The idea here is to send raw
encrypted and compressed data and receive it exactly
as is on a backup system. This means that the dataset
on the receiving system is protected using the same
user key that is in use on the sending side. By doing
so, datasets can be efficiently backed up to an
untrusted system without fear of data being
compromised.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Jorgen Lundman <lundman@lundman.net>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #494
Closes #5769
2017-08-14 20:36:48 +03:00
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_ZIO_OBJSET,
|
|
|
|
|
DATA_TYPE_UINT64, zb->zb_objset,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_ZIO_OBJECT,
|
|
|
|
|
DATA_TYPE_UINT64, zb->zb_object,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_ZIO_LEVEL,
|
|
|
|
|
DATA_TYPE_INT64, zb->zb_level,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_ZIO_BLKID,
|
|
|
|
|
DATA_TYPE_UINT64, zb->zb_blkid, NULL);
|
2018-11-09 03:47:24 +03:00
|
|
|
}
|
Native Encryption for ZFS on Linux
This change incorporates three major pieces:
The first change is a keystore that manages wrapping
and encryption keys for encrypted datasets. These
commands mostly involve manipulating the new
DSL Crypto Key ZAP Objects that live in the MOS. Each
encrypted dataset has its own DSL Crypto Key that is
protected with a user's key. This level of indirection
allows users to change their keys without re-encrypting
their entire datasets. The change implements the new
subcommands "zfs load-key", "zfs unload-key" and
"zfs change-key" which allow the user to manage their
encryption keys and settings. In addition, several new
flags and properties have been added to allow dataset
creation and to make mounting and unmounting more
convenient.
The second piece of this patch provides the ability to
encrypt, decyrpt, and authenticate protected datasets.
Each object set maintains a Merkel tree of Message
Authentication Codes that protect the lower layers,
similarly to how checksums are maintained. This part
impacts the zio layer, which handles the actual
encryption and generation of MACs, as well as the ARC
and DMU, which need to be able to handle encrypted
buffers and protected data.
The last addition is the ability to do raw, encrypted
sends and receives. The idea here is to send raw
encrypted and compressed data and receive it exactly
as is on a backup system. This means that the dataset
on the receiving system is protected using the same
user key that is in use on the sending side. By doing
so, datasets can be efficiently backed up to an
untrusted system without fear of data being
compromised.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Jorgen Lundman <lundman@lundman.net>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #494
Closes #5769
2017-08-14 20:36:48 +03:00
|
|
|
|
2023-01-24 00:14:25 +03:00
|
|
|
/*
|
|
|
|
|
* Payload for tuning the zed
|
|
|
|
|
*/
|
|
|
|
|
if (vd != NULL && strcmp(subclass, FM_EREPORT_ZFS_CHECKSUM) == 0) {
|
|
|
|
|
uint64_t cksum_n, cksum_t;
|
|
|
|
|
|
|
|
|
|
cksum_n = vdev_prop_get_inherited(vd, VDEV_PROP_CHECKSUM_N);
|
|
|
|
|
if (cksum_n != vdev_prop_default_numeric(VDEV_PROP_CHECKSUM_N))
|
|
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_CKSUM_N,
|
|
|
|
|
DATA_TYPE_UINT64,
|
|
|
|
|
cksum_n,
|
|
|
|
|
NULL);
|
|
|
|
|
|
|
|
|
|
cksum_t = vdev_prop_get_inherited(vd, VDEV_PROP_CHECKSUM_T);
|
|
|
|
|
if (cksum_t != vdev_prop_default_numeric(VDEV_PROP_CHECKSUM_T))
|
|
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_CKSUM_T,
|
|
|
|
|
DATA_TYPE_UINT64,
|
|
|
|
|
cksum_t,
|
|
|
|
|
NULL);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (vd != NULL && strcmp(subclass, FM_EREPORT_ZFS_IO) == 0) {
|
|
|
|
|
uint64_t io_n, io_t;
|
|
|
|
|
|
|
|
|
|
io_n = vdev_prop_get_inherited(vd, VDEV_PROP_IO_N);
|
|
|
|
|
if (io_n != vdev_prop_default_numeric(VDEV_PROP_IO_N))
|
|
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_IO_N,
|
|
|
|
|
DATA_TYPE_UINT64,
|
|
|
|
|
io_n,
|
|
|
|
|
NULL);
|
|
|
|
|
|
|
|
|
|
io_t = vdev_prop_get_inherited(vd, VDEV_PROP_IO_T);
|
|
|
|
|
if (io_t != vdev_prop_default_numeric(VDEV_PROP_IO_T))
|
|
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_IO_T,
|
|
|
|
|
DATA_TYPE_UINT64,
|
|
|
|
|
io_t,
|
|
|
|
|
NULL);
|
|
|
|
|
}
|
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
mutex_exit(&spa->spa_errlist_lock);
|
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
*ereport_out = ereport;
|
|
|
|
|
*detector_out = detector;
|
2018-11-09 03:47:24 +03:00
|
|
|
return (B_TRUE);
|
2010-05-29 00:45:14 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* if it's <= 128 bytes, save the corruption directly */
|
|
|
|
|
#define ZFM_MAX_INLINE (128 / sizeof (uint64_t))
|
|
|
|
|
|
|
|
|
|
#define MAX_RANGES 16
|
|
|
|
|
|
|
|
|
|
typedef struct zfs_ecksum_info {
|
|
|
|
|
/* histograms of set and cleared bits by bit number in a 64-bit word */
|
2023-04-11 00:24:27 +03:00
|
|
|
uint8_t zei_histogram_set[sizeof (uint64_t) * NBBY];
|
|
|
|
|
uint8_t zei_histogram_cleared[sizeof (uint64_t) * NBBY];
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
|
/* inline arrays of bits set and cleared. */
|
|
|
|
|
uint64_t zei_bits_set[ZFM_MAX_INLINE];
|
|
|
|
|
uint64_t zei_bits_cleared[ZFM_MAX_INLINE];
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* for each range, the number of bits set and cleared. The Hamming
|
|
|
|
|
* distance between the good and bad buffers is the sum of them all.
|
|
|
|
|
*/
|
|
|
|
|
uint32_t zei_range_sets[MAX_RANGES];
|
|
|
|
|
uint32_t zei_range_clears[MAX_RANGES];
|
|
|
|
|
|
|
|
|
|
struct zei_ranges {
|
|
|
|
|
uint32_t zr_start;
|
|
|
|
|
uint32_t zr_end;
|
|
|
|
|
} zei_ranges[MAX_RANGES];
|
|
|
|
|
|
|
|
|
|
size_t zei_range_count;
|
|
|
|
|
uint32_t zei_mingap;
|
|
|
|
|
uint32_t zei_allowed_mingap;
|
|
|
|
|
|
|
|
|
|
} zfs_ecksum_info_t;
|
|
|
|
|
|
|
|
|
|
static void
|
2023-04-11 00:24:27 +03:00
|
|
|
update_histogram(uint64_t value_arg, uint8_t *hist, uint32_t *count)
|
2010-05-29 00:45:14 +04:00
|
|
|
{
|
|
|
|
|
size_t i;
|
|
|
|
|
size_t bits = 0;
|
|
|
|
|
uint64_t value = BE_64(value_arg);
|
|
|
|
|
|
|
|
|
|
/* We store the bits in big-endian (largest-first) order */
|
|
|
|
|
for (i = 0; i < 64; i++) {
|
|
|
|
|
if (value & (1ull << i)) {
|
2018-01-25 03:19:55 +03:00
|
|
|
hist[63 - i]++;
|
2010-05-29 00:45:14 +04:00
|
|
|
++bits;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
/* update the count of bits changed */
|
|
|
|
|
*count += bits;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* We've now filled up the range array, and need to increase "mingap" and
|
|
|
|
|
* shrink the range list accordingly. zei_mingap is always the smallest
|
|
|
|
|
* distance between array entries, so we set the new_allowed_gap to be
|
|
|
|
|
* one greater than that. We then go through the list, joining together
|
|
|
|
|
* any ranges which are closer than the new_allowed_gap.
|
|
|
|
|
*
|
|
|
|
|
* By construction, there will be at least one. We also update zei_mingap
|
|
|
|
|
* to the new smallest gap, to prepare for our next invocation.
|
|
|
|
|
*/
|
|
|
|
|
static void
|
2010-08-26 22:42:43 +04:00
|
|
|
zei_shrink_ranges(zfs_ecksum_info_t *eip)
|
2010-05-29 00:45:14 +04:00
|
|
|
{
|
|
|
|
|
uint32_t mingap = UINT32_MAX;
|
|
|
|
|
uint32_t new_allowed_gap = eip->zei_mingap + 1;
|
|
|
|
|
|
|
|
|
|
size_t idx, output;
|
|
|
|
|
size_t max = eip->zei_range_count;
|
|
|
|
|
|
|
|
|
|
struct zei_ranges *r = eip->zei_ranges;
|
|
|
|
|
|
|
|
|
|
ASSERT3U(eip->zei_range_count, >, 0);
|
|
|
|
|
ASSERT3U(eip->zei_range_count, <=, MAX_RANGES);
|
|
|
|
|
|
|
|
|
|
output = idx = 0;
|
|
|
|
|
while (idx < max - 1) {
|
|
|
|
|
uint32_t start = r[idx].zr_start;
|
|
|
|
|
uint32_t end = r[idx].zr_end;
|
|
|
|
|
|
|
|
|
|
while (idx < max - 1) {
|
2010-08-26 22:42:43 +04:00
|
|
|
idx++;
|
2010-05-29 00:45:14 +04:00
|
|
|
|
2017-11-04 23:25:13 +03:00
|
|
|
uint32_t nstart = r[idx].zr_start;
|
|
|
|
|
uint32_t nend = r[idx].zr_end;
|
|
|
|
|
|
|
|
|
|
uint32_t gap = nstart - end;
|
2010-05-29 00:45:14 +04:00
|
|
|
if (gap < new_allowed_gap) {
|
|
|
|
|
end = nend;
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
if (gap < mingap)
|
|
|
|
|
mingap = gap;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
r[output].zr_start = start;
|
|
|
|
|
r[output].zr_end = end;
|
|
|
|
|
output++;
|
|
|
|
|
}
|
|
|
|
|
ASSERT3U(output, <, eip->zei_range_count);
|
|
|
|
|
eip->zei_range_count = output;
|
|
|
|
|
eip->zei_mingap = mingap;
|
|
|
|
|
eip->zei_allowed_mingap = new_allowed_gap;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
2010-08-26 22:42:43 +04:00
|
|
|
zei_add_range(zfs_ecksum_info_t *eip, int start, int end)
|
2010-05-29 00:45:14 +04:00
|
|
|
{
|
|
|
|
|
struct zei_ranges *r = eip->zei_ranges;
|
|
|
|
|
size_t count = eip->zei_range_count;
|
|
|
|
|
|
|
|
|
|
if (count >= MAX_RANGES) {
|
2010-08-26 22:42:43 +04:00
|
|
|
zei_shrink_ranges(eip);
|
2010-05-29 00:45:14 +04:00
|
|
|
count = eip->zei_range_count;
|
|
|
|
|
}
|
|
|
|
|
if (count == 0) {
|
|
|
|
|
eip->zei_mingap = UINT32_MAX;
|
|
|
|
|
eip->zei_allowed_mingap = 1;
|
|
|
|
|
} else {
|
|
|
|
|
int gap = start - r[count - 1].zr_end;
|
|
|
|
|
|
|
|
|
|
if (gap < eip->zei_allowed_mingap) {
|
|
|
|
|
r[count - 1].zr_end = end;
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
if (gap < eip->zei_mingap)
|
|
|
|
|
eip->zei_mingap = gap;
|
|
|
|
|
}
|
|
|
|
|
r[count].zr_start = start;
|
|
|
|
|
r[count].zr_end = end;
|
|
|
|
|
eip->zei_range_count++;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static size_t
|
2010-08-26 22:42:43 +04:00
|
|
|
zei_range_total_size(zfs_ecksum_info_t *eip)
|
2010-05-29 00:45:14 +04:00
|
|
|
{
|
|
|
|
|
struct zei_ranges *r = eip->zei_ranges;
|
|
|
|
|
size_t count = eip->zei_range_count;
|
|
|
|
|
size_t result = 0;
|
|
|
|
|
size_t idx;
|
|
|
|
|
|
|
|
|
|
for (idx = 0; idx < count; idx++)
|
|
|
|
|
result += (r[idx].zr_end - r[idx].zr_start);
|
|
|
|
|
|
|
|
|
|
return (result);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static zfs_ecksum_info_t *
|
|
|
|
|
annotate_ecksum(nvlist_t *ereport, zio_bad_cksum_t *info,
|
2017-01-05 22:10:07 +03:00
|
|
|
const abd_t *goodabd, const abd_t *badabd, size_t size,
|
2010-05-29 00:45:14 +04:00
|
|
|
boolean_t drop_if_identical)
|
|
|
|
|
{
|
2017-01-05 22:10:07 +03:00
|
|
|
const uint64_t *good;
|
|
|
|
|
const uint64_t *bad;
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
|
size_t nui64s = size / sizeof (uint64_t);
|
|
|
|
|
|
|
|
|
|
size_t inline_size;
|
|
|
|
|
int no_inline = 0;
|
|
|
|
|
size_t idx;
|
|
|
|
|
size_t range;
|
|
|
|
|
|
|
|
|
|
size_t offset = 0;
|
|
|
|
|
ssize_t start = -1;
|
|
|
|
|
|
2014-11-21 03:09:39 +03:00
|
|
|
zfs_ecksum_info_t *eip = kmem_zalloc(sizeof (*eip), KM_SLEEP);
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
|
/* don't do any annotation for injected checksum errors */
|
|
|
|
|
if (info != NULL && info->zbc_injected)
|
|
|
|
|
return (eip);
|
|
|
|
|
|
|
|
|
|
if (info != NULL && info->zbc_has_cksum) {
|
|
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_CKSUM_EXPECTED,
|
|
|
|
|
DATA_TYPE_UINT64_ARRAY,
|
|
|
|
|
sizeof (info->zbc_expected) / sizeof (uint64_t),
|
|
|
|
|
(uint64_t *)&info->zbc_expected,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_CKSUM_ACTUAL,
|
|
|
|
|
DATA_TYPE_UINT64_ARRAY,
|
|
|
|
|
sizeof (info->zbc_actual) / sizeof (uint64_t),
|
|
|
|
|
(uint64_t *)&info->zbc_actual,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_CKSUM_ALGO,
|
|
|
|
|
DATA_TYPE_STRING,
|
|
|
|
|
info->zbc_checksum_name,
|
|
|
|
|
NULL);
|
|
|
|
|
|
|
|
|
|
if (info->zbc_byteswapped) {
|
|
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_CKSUM_BYTESWAP,
|
|
|
|
|
DATA_TYPE_BOOLEAN, 1,
|
|
|
|
|
NULL);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-01-05 22:10:07 +03:00
|
|
|
if (badabd == NULL || goodabd == NULL)
|
2010-05-29 00:45:14 +04:00
|
|
|
return (eip);
|
|
|
|
|
|
2017-10-26 18:55:19 +03:00
|
|
|
ASSERT3U(nui64s, <=, UINT32_MAX);
|
2010-05-29 00:45:14 +04:00
|
|
|
ASSERT3U(size, ==, nui64s * sizeof (uint64_t));
|
|
|
|
|
ASSERT3U(size, <=, SPA_MAXBLOCKSIZE);
|
|
|
|
|
ASSERT3U(size, <=, UINT32_MAX);
|
|
|
|
|
|
2017-01-05 22:10:07 +03:00
|
|
|
good = (const uint64_t *) abd_borrow_buf_copy((abd_t *)goodabd, size);
|
|
|
|
|
bad = (const uint64_t *) abd_borrow_buf_copy((abd_t *)badabd, size);
|
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
/* build up the range list by comparing the two buffers. */
|
|
|
|
|
for (idx = 0; idx < nui64s; idx++) {
|
|
|
|
|
if (good[idx] == bad[idx]) {
|
|
|
|
|
if (start == -1)
|
|
|
|
|
continue;
|
|
|
|
|
|
2010-08-26 22:42:43 +04:00
|
|
|
zei_add_range(eip, start, idx);
|
2010-05-29 00:45:14 +04:00
|
|
|
start = -1;
|
|
|
|
|
} else {
|
|
|
|
|
if (start != -1)
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
start = idx;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if (start != -1)
|
2010-08-26 22:42:43 +04:00
|
|
|
zei_add_range(eip, start, idx);
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
|
/* See if it will fit in our inline buffers */
|
2010-08-26 22:42:43 +04:00
|
|
|
inline_size = zei_range_total_size(eip);
|
2010-05-29 00:45:14 +04:00
|
|
|
if (inline_size > ZFM_MAX_INLINE)
|
|
|
|
|
no_inline = 1;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* If there is no change and we want to drop if the buffers are
|
|
|
|
|
* identical, do so.
|
|
|
|
|
*/
|
|
|
|
|
if (inline_size == 0 && drop_if_identical) {
|
|
|
|
|
kmem_free(eip, sizeof (*eip));
|
2017-01-05 22:10:07 +03:00
|
|
|
abd_return_buf((abd_t *)goodabd, (void *)good, size);
|
|
|
|
|
abd_return_buf((abd_t *)badabd, (void *)bad, size);
|
2010-05-29 00:45:14 +04:00
|
|
|
return (NULL);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Now walk through the ranges, filling in the details of the
|
|
|
|
|
* differences. Also convert our uint64_t-array offsets to byte
|
|
|
|
|
* offsets.
|
|
|
|
|
*/
|
|
|
|
|
for (range = 0; range < eip->zei_range_count; range++) {
|
|
|
|
|
size_t start = eip->zei_ranges[range].zr_start;
|
|
|
|
|
size_t end = eip->zei_ranges[range].zr_end;
|
|
|
|
|
|
|
|
|
|
for (idx = start; idx < end; idx++) {
|
|
|
|
|
uint64_t set, cleared;
|
|
|
|
|
|
|
|
|
|
// bits set in bad, but not in good
|
|
|
|
|
set = ((~good[idx]) & bad[idx]);
|
|
|
|
|
// bits set in good, but not in bad
|
|
|
|
|
cleared = (good[idx] & (~bad[idx]));
|
|
|
|
|
|
|
|
|
|
if (!no_inline) {
|
|
|
|
|
ASSERT3U(offset, <, inline_size);
|
|
|
|
|
eip->zei_bits_set[offset] = set;
|
|
|
|
|
eip->zei_bits_cleared[offset] = cleared;
|
|
|
|
|
offset++;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
update_histogram(set, eip->zei_histogram_set,
|
|
|
|
|
&eip->zei_range_sets[range]);
|
|
|
|
|
update_histogram(cleared, eip->zei_histogram_cleared,
|
|
|
|
|
&eip->zei_range_clears[range]);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* convert to byte offsets */
|
|
|
|
|
eip->zei_ranges[range].zr_start *= sizeof (uint64_t);
|
|
|
|
|
eip->zei_ranges[range].zr_end *= sizeof (uint64_t);
|
|
|
|
|
}
|
2017-01-05 22:10:07 +03:00
|
|
|
|
|
|
|
|
abd_return_buf((abd_t *)goodabd, (void *)good, size);
|
|
|
|
|
abd_return_buf((abd_t *)badabd, (void *)bad, size);
|
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
eip->zei_allowed_mingap *= sizeof (uint64_t);
|
|
|
|
|
inline_size *= sizeof (uint64_t);
|
|
|
|
|
|
|
|
|
|
/* fill in ereport */
|
|
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_BAD_OFFSET_RANGES,
|
|
|
|
|
DATA_TYPE_UINT32_ARRAY, 2 * eip->zei_range_count,
|
|
|
|
|
(uint32_t *)eip->zei_ranges,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_BAD_RANGE_MIN_GAP,
|
|
|
|
|
DATA_TYPE_UINT32, eip->zei_allowed_mingap,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_BAD_RANGE_SETS,
|
|
|
|
|
DATA_TYPE_UINT32_ARRAY, eip->zei_range_count, eip->zei_range_sets,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_BAD_RANGE_CLEARS,
|
|
|
|
|
DATA_TYPE_UINT32_ARRAY, eip->zei_range_count, eip->zei_range_clears,
|
|
|
|
|
NULL);
|
|
|
|
|
|
|
|
|
|
if (!no_inline) {
|
|
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_BAD_SET_BITS,
|
|
|
|
|
DATA_TYPE_UINT8_ARRAY,
|
|
|
|
|
inline_size, (uint8_t *)eip->zei_bits_set,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_BAD_CLEARED_BITS,
|
|
|
|
|
DATA_TYPE_UINT8_ARRAY,
|
|
|
|
|
inline_size, (uint8_t *)eip->zei_bits_cleared,
|
|
|
|
|
NULL);
|
|
|
|
|
} else {
|
|
|
|
|
fm_payload_set(ereport,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_BAD_SET_HISTOGRAM,
|
2023-04-11 00:24:27 +03:00
|
|
|
DATA_TYPE_UINT8_ARRAY,
|
2010-05-29 00:45:14 +04:00
|
|
|
NBBY * sizeof (uint64_t), eip->zei_histogram_set,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_BAD_CLEARED_HISTOGRAM,
|
2023-04-11 00:24:27 +03:00
|
|
|
DATA_TYPE_UINT8_ARRAY,
|
2010-05-29 00:45:14 +04:00
|
|
|
NBBY * sizeof (uint64_t), eip->zei_histogram_cleared,
|
|
|
|
|
NULL);
|
|
|
|
|
}
|
|
|
|
|
return (eip);
|
|
|
|
|
}
|
2021-02-20 09:33:15 +03:00
|
|
|
#else
|
|
|
|
|
void
|
|
|
|
|
zfs_ereport_clear(spa_t *spa, vdev_t *vd)
|
|
|
|
|
{
|
2021-12-12 18:06:44 +03:00
|
|
|
(void) spa, (void) vd;
|
2021-02-20 09:33:15 +03:00
|
|
|
}
|
2010-05-29 00:45:14 +04:00
|
|
|
#endif
|
|
|
|
|
|
2018-11-09 03:47:24 +03:00
|
|
|
/*
|
|
|
|
|
* Make sure our event is still valid for the given zio/vdev/pool. For example,
|
|
|
|
|
* we don't want to keep logging events for a faulted or missing vdev.
|
|
|
|
|
*/
|
|
|
|
|
boolean_t
|
|
|
|
|
zfs_ereport_is_valid(const char *subclass, spa_t *spa, vdev_t *vd, zio_t *zio)
|
|
|
|
|
{
|
|
|
|
|
#ifdef _KERNEL
|
|
|
|
|
/*
|
|
|
|
|
* If we are doing a spa_tryimport() or in recovery mode,
|
|
|
|
|
* ignore errors.
|
|
|
|
|
*/
|
|
|
|
|
if (spa_load_state(spa) == SPA_LOAD_TRYIMPORT ||
|
|
|
|
|
spa_load_state(spa) == SPA_LOAD_RECOVER)
|
|
|
|
|
return (B_FALSE);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* If we are in the middle of opening a pool, and the previous attempt
|
|
|
|
|
* failed, don't bother logging any new ereports - we're just going to
|
|
|
|
|
* get the same diagnosis anyway.
|
|
|
|
|
*/
|
|
|
|
|
if (spa_load_state(spa) != SPA_LOAD_NONE &&
|
|
|
|
|
spa->spa_last_open_failed)
|
|
|
|
|
return (B_FALSE);
|
|
|
|
|
|
|
|
|
|
if (zio != NULL) {
|
|
|
|
|
/*
|
|
|
|
|
* If this is not a read or write zio, ignore the error. This
|
|
|
|
|
* can occur if the DKIOCFLUSHWRITECACHE ioctl fails.
|
|
|
|
|
*/
|
|
|
|
|
if (zio->io_type != ZIO_TYPE_READ &&
|
|
|
|
|
zio->io_type != ZIO_TYPE_WRITE)
|
|
|
|
|
return (B_FALSE);
|
|
|
|
|
|
|
|
|
|
if (vd != NULL) {
|
|
|
|
|
/*
|
|
|
|
|
* If the vdev has already been marked as failing due
|
|
|
|
|
* to a failed probe, then ignore any subsequent I/O
|
|
|
|
|
* errors, as the DE will automatically fault the vdev
|
|
|
|
|
* on the first such failure. This also catches cases
|
|
|
|
|
* where vdev_remove_wanted is set and the device has
|
|
|
|
|
* not yet been asynchronously placed into the REMOVED
|
|
|
|
|
* state.
|
|
|
|
|
*/
|
|
|
|
|
if (zio->io_vd == vd && !vdev_accessible(vd, zio))
|
|
|
|
|
return (B_FALSE);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Ignore checksum errors for reads from DTL regions of
|
|
|
|
|
* leaf vdevs.
|
|
|
|
|
*/
|
|
|
|
|
if (zio->io_type == ZIO_TYPE_READ &&
|
|
|
|
|
zio->io_error == ECKSUM &&
|
|
|
|
|
vd->vdev_ops->vdev_op_leaf &&
|
|
|
|
|
vdev_dtl_contains(vd, DTL_MISSING, zio->io_txg, 1))
|
|
|
|
|
return (B_FALSE);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* For probe failure, we want to avoid posting ereports if we've
|
|
|
|
|
* already removed the device in the meantime.
|
|
|
|
|
*/
|
|
|
|
|
if (vd != NULL &&
|
|
|
|
|
strcmp(subclass, FM_EREPORT_ZFS_PROBE_FAILURE) == 0 &&
|
|
|
|
|
(vd->vdev_remove_wanted || vd->vdev_state == VDEV_STATE_REMOVED))
|
|
|
|
|
return (B_FALSE);
|
|
|
|
|
|
|
|
|
|
/* Ignore bogus delay events (like from ioctls or unqueued IOs) */
|
|
|
|
|
if ((strcmp(subclass, FM_EREPORT_ZFS_DELAY) == 0) &&
|
|
|
|
|
(zio != NULL) && (!zio->io_timestamp)) {
|
|
|
|
|
return (B_FALSE);
|
|
|
|
|
}
|
2021-12-12 18:06:44 +03:00
|
|
|
#else
|
|
|
|
|
(void) subclass, (void) spa, (void) vd, (void) zio;
|
2018-11-09 03:47:24 +03:00
|
|
|
#endif
|
|
|
|
|
return (B_TRUE);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
2020-09-04 20:34:28 +03:00
|
|
|
* Post an ereport for the given subclass
|
|
|
|
|
*
|
|
|
|
|
* Returns
|
|
|
|
|
* - 0 if an event was posted
|
|
|
|
|
* - EINVAL if there was a problem posting event
|
|
|
|
|
* - EBUSY if the event was rate limited
|
|
|
|
|
* - EALREADY if the event was already posted (duplicate)
|
2018-11-09 03:47:24 +03:00
|
|
|
*/
|
|
|
|
|
int
|
Native Encryption for ZFS on Linux
This change incorporates three major pieces:
The first change is a keystore that manages wrapping
and encryption keys for encrypted datasets. These
commands mostly involve manipulating the new
DSL Crypto Key ZAP Objects that live in the MOS. Each
encrypted dataset has its own DSL Crypto Key that is
protected with a user's key. This level of indirection
allows users to change their keys without re-encrypting
their entire datasets. The change implements the new
subcommands "zfs load-key", "zfs unload-key" and
"zfs change-key" which allow the user to manage their
encryption keys and settings. In addition, several new
flags and properties have been added to allow dataset
creation and to make mounting and unmounting more
convenient.
The second piece of this patch provides the ability to
encrypt, decyrpt, and authenticate protected datasets.
Each object set maintains a Merkel tree of Message
Authentication Codes that protect the lower layers,
similarly to how checksums are maintained. This part
impacts the zio layer, which handles the actual
encryption and generation of MACs, as well as the ARC
and DMU, which need to be able to handle encrypted
buffers and protected data.
The last addition is the ability to do raw, encrypted
sends and receives. The idea here is to send raw
encrypted and compressed data and receive it exactly
as is on a backup system. This means that the dataset
on the receiving system is protected using the same
user key that is in use on the sending side. By doing
so, datasets can be efficiently backed up to an
untrusted system without fear of data being
compromised.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Jorgen Lundman <lundman@lundman.net>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #494
Closes #5769
2017-08-14 20:36:48 +03:00
|
|
|
zfs_ereport_post(const char *subclass, spa_t *spa, vdev_t *vd,
|
2020-09-04 20:34:28 +03:00
|
|
|
const zbookmark_phys_t *zb, zio_t *zio, uint64_t state)
|
2010-05-29 00:45:14 +04:00
|
|
|
{
|
2018-11-09 03:47:24 +03:00
|
|
|
int rc = 0;
|
2010-05-29 00:45:14 +04:00
|
|
|
#ifdef _KERNEL
|
|
|
|
|
nvlist_t *ereport = NULL;
|
|
|
|
|
nvlist_t *detector = NULL;
|
|
|
|
|
|
2020-09-04 20:34:28 +03:00
|
|
|
if (!zfs_ereport_is_valid(subclass, spa, vd, zio))
|
|
|
|
|
return (EINVAL);
|
|
|
|
|
|
|
|
|
|
if (zfs_ereport_is_duplicate(subclass, spa, vd, zb, zio, 0, 0))
|
|
|
|
|
return (SET_ERROR(EALREADY));
|
|
|
|
|
|
2017-04-12 04:37:45 +03:00
|
|
|
if (zfs_is_ratelimiting_event(subclass, vd))
|
2018-11-09 03:47:24 +03:00
|
|
|
return (SET_ERROR(EBUSY));
|
2017-04-12 04:37:45 +03:00
|
|
|
|
2018-11-09 03:47:24 +03:00
|
|
|
if (!zfs_ereport_start(&ereport, &detector, subclass, spa, vd,
|
2020-09-04 20:34:28 +03:00
|
|
|
zb, zio, state, 0))
|
2018-11-09 03:47:24 +03:00
|
|
|
return (SET_ERROR(EINVAL)); /* couldn't post event */
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
|
if (ereport == NULL)
|
2018-11-09 03:47:24 +03:00
|
|
|
return (SET_ERROR(EINVAL));
|
2010-05-29 00:45:14 +04:00
|
|
|
|
2010-08-26 22:42:43 +04:00
|
|
|
/* Cleanup is handled by the callback function */
|
2018-11-09 03:47:24 +03:00
|
|
|
rc = zfs_zevent_post(ereport, detector, zfs_zevent_post_cb);
|
2021-12-12 18:06:44 +03:00
|
|
|
#else
|
|
|
|
|
(void) subclass, (void) spa, (void) vd, (void) zb, (void) zio,
|
|
|
|
|
(void) state;
|
2008-11-20 23:01:55 +03:00
|
|
|
#endif
|
2018-11-09 03:47:24 +03:00
|
|
|
return (rc);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
2020-09-04 20:34:28 +03:00
|
|
|
/*
|
|
|
|
|
* Prepare a checksum ereport
|
|
|
|
|
*
|
|
|
|
|
* Returns
|
|
|
|
|
* - 0 if an event was posted
|
|
|
|
|
* - EINVAL if there was a problem posting event
|
|
|
|
|
* - EBUSY if the event was rate limited
|
|
|
|
|
* - EALREADY if the event was already posted (duplicate)
|
|
|
|
|
*/
|
|
|
|
|
int
|
2018-03-31 21:12:51 +03:00
|
|
|
zfs_ereport_start_checksum(spa_t *spa, vdev_t *vd, const zbookmark_phys_t *zb,
|
Clean up RAIDZ/DRAID ereport code
The RAIDZ and DRAID code is responsible for reporting checksum errors on
their child vdevs. Checksum errors represent events where a disk
returned data or parity that should have been correct, but was not. In
other words, these are instances of silent data corruption. The
checksum errors show up in the vdev stats (and thus `zpool status`'s
CKSUM column), and in the event log (`zpool events`).
Note, this is in contrast with the more common "noisy" errors where a
disk goes offline, in which case ZFS knows that the disk is bad and
doesn't try to read it, or the device returns an error on the requested
read or write operation.
RAIDZ/DRAID generate checksum errors via three code paths:
1. When RAIDZ/DRAID reconstructs a damaged block, checksum errors are
reported on any children whose data was not used during the
reconstruction. This is handled in `raidz_reconstruct()`. This is the
most common type of RAIDZ/DRAID checksum error.
2. When RAIDZ/DRAID is not able to reconstruct a damaged block, that
means that the data has been lost. The zio fails and an error is
returned to the consumer (e.g. the read(2) system call). This would
happen if, for example, three different disks in a RAIDZ2 group are
silently damaged. Since the damage is silent, it isn't possible to know
which three disks are damaged, so a checksum error is reported against
every child that returned data or parity for this read. (For DRAID,
typically only one "group" of children is involved in each io.) This
case is handled in `vdev_raidz_cksum_finish()`. This is the next most
common type of RAIDZ/DRAID checksum error.
3. If RAIDZ/DRAID is not able to reconstruct a damaged block (like in
case 2), but there happens to be additional copies of this block due to
"ditto blocks" (i.e. multiple DVA's in this blkptr_t), and one of those
copies is good, then RAIDZ/DRAID compares each sector of the data or
parity that it retrieved with the good data from the other DVA, and if
they differ then it reports a checksum error on this child. This
differs from case 2 in that the checksum error is reported on only the
subset of children that actually have bad data or parity. This case
happens very rarely, since normally only metadata has ditto blocks. If
the silent damage is extensive, there will be many instances of case 2,
and the pool will likely be unrecoverable.
The code for handling case 3 is considerably more complicated than the
other cases, for two reasons:
1. It needs to run after the main raidz read logic has completed. The
data RAIDZ read needs to be preserved until after the alternate DVA has
been read, which necessitates refcounts and callbacks managed by the
non-raidz-specific zio layer.
2. It's nontrivial to map the sections of data read by RAIDZ to the
correct data. For example, the correct data does not include the parity
information, so the parity must be recalculated based on the correct
data, and then compared to the parity that was read from the RAIDZ
children.
Due to the complexity of case 3, the rareness of hitting it, and the
minimal benefit it provides above case 2, this commit removes the code
for case 3. These types of errors will now be handled the same as case
2, i.e. the checksum error will be reported against all children that
returned data or parity.
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Matthew Ahrens <mahrens@delphix.com>
Closes #11735
2021-03-20 02:22:10 +03:00
|
|
|
struct zio *zio, uint64_t offset, uint64_t length, zio_bad_cksum_t *info)
|
2010-05-29 00:45:14 +04:00
|
|
|
{
|
2016-10-19 22:55:59 +03:00
|
|
|
zio_cksum_report_t *report;
|
|
|
|
|
|
|
|
|
|
#ifdef _KERNEL
|
2020-09-04 20:34:28 +03:00
|
|
|
if (!zfs_ereport_is_valid(FM_EREPORT_ZFS_CHECKSUM, spa, vd, zio))
|
|
|
|
|
return (SET_ERROR(EINVAL));
|
|
|
|
|
|
|
|
|
|
if (zfs_ereport_is_duplicate(FM_EREPORT_ZFS_CHECKSUM, spa, vd, zb, zio,
|
|
|
|
|
offset, length))
|
|
|
|
|
return (SET_ERROR(EALREADY));
|
|
|
|
|
|
2016-10-19 22:55:59 +03:00
|
|
|
if (zfs_is_ratelimiting_event(FM_EREPORT_ZFS_CHECKSUM, vd))
|
2020-09-04 20:34:28 +03:00
|
|
|
return (SET_ERROR(EBUSY));
|
2021-12-12 18:06:44 +03:00
|
|
|
#else
|
|
|
|
|
(void) zb, (void) offset;
|
2016-10-19 22:55:59 +03:00
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
report = kmem_zalloc(sizeof (*report), KM_SLEEP);
|
2010-05-29 00:45:14 +04:00
|
|
|
|
Clean up RAIDZ/DRAID ereport code
The RAIDZ and DRAID code is responsible for reporting checksum errors on
their child vdevs. Checksum errors represent events where a disk
returned data or parity that should have been correct, but was not. In
other words, these are instances of silent data corruption. The
checksum errors show up in the vdev stats (and thus `zpool status`'s
CKSUM column), and in the event log (`zpool events`).
Note, this is in contrast with the more common "noisy" errors where a
disk goes offline, in which case ZFS knows that the disk is bad and
doesn't try to read it, or the device returns an error on the requested
read or write operation.
RAIDZ/DRAID generate checksum errors via three code paths:
1. When RAIDZ/DRAID reconstructs a damaged block, checksum errors are
reported on any children whose data was not used during the
reconstruction. This is handled in `raidz_reconstruct()`. This is the
most common type of RAIDZ/DRAID checksum error.
2. When RAIDZ/DRAID is not able to reconstruct a damaged block, that
means that the data has been lost. The zio fails and an error is
returned to the consumer (e.g. the read(2) system call). This would
happen if, for example, three different disks in a RAIDZ2 group are
silently damaged. Since the damage is silent, it isn't possible to know
which three disks are damaged, so a checksum error is reported against
every child that returned data or parity for this read. (For DRAID,
typically only one "group" of children is involved in each io.) This
case is handled in `vdev_raidz_cksum_finish()`. This is the next most
common type of RAIDZ/DRAID checksum error.
3. If RAIDZ/DRAID is not able to reconstruct a damaged block (like in
case 2), but there happens to be additional copies of this block due to
"ditto blocks" (i.e. multiple DVA's in this blkptr_t), and one of those
copies is good, then RAIDZ/DRAID compares each sector of the data or
parity that it retrieved with the good data from the other DVA, and if
they differ then it reports a checksum error on this child. This
differs from case 2 in that the checksum error is reported on only the
subset of children that actually have bad data or parity. This case
happens very rarely, since normally only metadata has ditto blocks. If
the silent damage is extensive, there will be many instances of case 2,
and the pool will likely be unrecoverable.
The code for handling case 3 is considerably more complicated than the
other cases, for two reasons:
1. It needs to run after the main raidz read logic has completed. The
data RAIDZ read needs to be preserved until after the alternate DVA has
been read, which necessitates refcounts and callbacks managed by the
non-raidz-specific zio layer.
2. It's nontrivial to map the sections of data read by RAIDZ to the
correct data. For example, the correct data does not include the parity
information, so the parity must be recalculated based on the correct
data, and then compared to the parity that was read from the RAIDZ
children.
Due to the complexity of case 3, the rareness of hitting it, and the
minimal benefit it provides above case 2, this commit removes the code
for case 3. These types of errors will now be handled the same as case
2, i.e. the checksum error will be reported against all children that
returned data or parity.
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Matthew Ahrens <mahrens@delphix.com>
Closes #11735
2021-03-20 02:22:10 +03:00
|
|
|
zio_vsd_default_cksum_report(zio, report);
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
|
/* copy the checksum failure information if it was provided */
|
|
|
|
|
if (info != NULL) {
|
2014-11-21 03:09:39 +03:00
|
|
|
report->zcr_ckinfo = kmem_zalloc(sizeof (*info), KM_SLEEP);
|
2022-02-25 16:26:54 +03:00
|
|
|
memcpy(report->zcr_ckinfo, info, sizeof (*info));
|
2010-05-29 00:45:14 +04:00
|
|
|
}
|
|
|
|
|
|
Distributed Spare (dRAID) Feature
This patch adds a new top-level vdev type called dRAID, which stands
for Distributed parity RAID. This pool configuration allows all dRAID
vdevs to participate when rebuilding to a distributed hot spare device.
This can substantially reduce the total time required to restore full
parity to pool with a failed device.
A dRAID pool can be created using the new top-level `draid` type.
Like `raidz`, the desired redundancy is specified after the type:
`draid[1,2,3]`. No additional information is required to create the
pool and reasonable default values will be chosen based on the number
of child vdevs in the dRAID vdev.
zpool create <pool> draid[1,2,3] <vdevs...>
Unlike raidz, additional optional dRAID configuration values can be
provided as part of the draid type as colon separated values. This
allows administrators to fully specify a layout for either performance
or capacity reasons. The supported options include:
zpool create <pool> \
draid[<parity>][:<data>d][:<children>c][:<spares>s] \
<vdevs...>
- draid[parity] - Parity level (default 1)
- draid[:<data>d] - Data devices per group (default 8)
- draid[:<children>c] - Expected number of child vdevs
- draid[:<spares>s] - Distributed hot spares (default 0)
Abbreviated example `zpool status` output for a 68 disk dRAID pool
with two distributed spares using special allocation classes.
```
pool: tank
state: ONLINE
config:
NAME STATE READ WRITE CKSUM
slag7 ONLINE 0 0 0
draid2:8d:68c:2s-0 ONLINE 0 0 0
L0 ONLINE 0 0 0
L1 ONLINE 0 0 0
...
U25 ONLINE 0 0 0
U26 ONLINE 0 0 0
spare-53 ONLINE 0 0 0
U27 ONLINE 0 0 0
draid2-0-0 ONLINE 0 0 0
U28 ONLINE 0 0 0
U29 ONLINE 0 0 0
...
U42 ONLINE 0 0 0
U43 ONLINE 0 0 0
special
mirror-1 ONLINE 0 0 0
L5 ONLINE 0 0 0
U5 ONLINE 0 0 0
mirror-2 ONLINE 0 0 0
L6 ONLINE 0 0 0
U6 ONLINE 0 0 0
spares
draid2-0-0 INUSE currently in use
draid2-0-1 AVAIL
```
When adding test coverage for the new dRAID vdev type the following
options were added to the ztest command. These options are leverages
by zloop.sh to test a wide range of dRAID configurations.
-K draid|raidz|random - kind of RAID to test
-D <value> - dRAID data drives per group
-S <value> - dRAID distributed hot spares
-R <value> - RAID parity (raidz or dRAID)
The zpool_create, zpool_import, redundancy, replacement and fault
test groups have all been updated provide test coverage for the
dRAID feature.
Co-authored-by: Isaac Huang <he.huang@intel.com>
Co-authored-by: Mark Maybee <mmaybee@cray.com>
Co-authored-by: Don Brady <don.brady@delphix.com>
Co-authored-by: Matthew Ahrens <mahrens@delphix.com>
Co-authored-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Mark Maybee <mmaybee@cray.com>
Reviewed-by: Matt Ahrens <matt@delphix.com>
Reviewed-by: Tony Hutter <hutter2@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #10102
2020-11-14 00:51:51 +03:00
|
|
|
report->zcr_sector = 1ULL << vd->vdev_top->vdev_ashift;
|
|
|
|
|
report->zcr_align =
|
|
|
|
|
vdev_psize_to_asize(vd->vdev_top, report->zcr_sector);
|
2010-05-29 00:45:14 +04:00
|
|
|
report->zcr_length = length;
|
|
|
|
|
|
|
|
|
|
#ifdef _KERNEL
|
2020-09-01 05:35:11 +03:00
|
|
|
(void) zfs_ereport_start(&report->zcr_ereport, &report->zcr_detector,
|
Native Encryption for ZFS on Linux
This change incorporates three major pieces:
The first change is a keystore that manages wrapping
and encryption keys for encrypted datasets. These
commands mostly involve manipulating the new
DSL Crypto Key ZAP Objects that live in the MOS. Each
encrypted dataset has its own DSL Crypto Key that is
protected with a user's key. This level of indirection
allows users to change their keys without re-encrypting
their entire datasets. The change implements the new
subcommands "zfs load-key", "zfs unload-key" and
"zfs change-key" which allow the user to manage their
encryption keys and settings. In addition, several new
flags and properties have been added to allow dataset
creation and to make mounting and unmounting more
convenient.
The second piece of this patch provides the ability to
encrypt, decyrpt, and authenticate protected datasets.
Each object set maintains a Merkel tree of Message
Authentication Codes that protect the lower layers,
similarly to how checksums are maintained. This part
impacts the zio layer, which handles the actual
encryption and generation of MACs, as well as the ARC
and DMU, which need to be able to handle encrypted
buffers and protected data.
The last addition is the ability to do raw, encrypted
sends and receives. The idea here is to send raw
encrypted and compressed data and receive it exactly
as is on a backup system. This means that the dataset
on the receiving system is protected using the same
user key that is in use on the sending side. By doing
so, datasets can be efficiently backed up to an
untrusted system without fear of data being
compromised.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Jorgen Lundman <lundman@lundman.net>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #494
Closes #5769
2017-08-14 20:36:48 +03:00
|
|
|
FM_EREPORT_ZFS_CHECKSUM, spa, vd, zb, zio, offset, length);
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
|
if (report->zcr_ereport == NULL) {
|
2014-03-04 07:00:11 +04:00
|
|
|
zfs_ereport_free_checksum(report);
|
2020-09-04 20:34:28 +03:00
|
|
|
return (0);
|
2010-05-29 00:45:14 +04:00
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
mutex_enter(&spa->spa_errlist_lock);
|
|
|
|
|
report->zcr_next = zio->io_logical->io_cksum_report;
|
|
|
|
|
zio->io_logical->io_cksum_report = report;
|
|
|
|
|
mutex_exit(&spa->spa_errlist_lock);
|
2020-09-04 20:34:28 +03:00
|
|
|
return (0);
|
2010-05-29 00:45:14 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
2017-01-05 22:10:07 +03:00
|
|
|
zfs_ereport_finish_checksum(zio_cksum_report_t *report, const abd_t *good_data,
|
|
|
|
|
const abd_t *bad_data, boolean_t drop_if_identical)
|
2010-05-29 00:45:14 +04:00
|
|
|
{
|
|
|
|
|
#ifdef _KERNEL
|
2014-03-04 07:00:11 +04:00
|
|
|
zfs_ecksum_info_t *info;
|
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
info = annotate_ecksum(report->zcr_ereport, report->zcr_ckinfo,
|
|
|
|
|
good_data, bad_data, report->zcr_length, drop_if_identical);
|
|
|
|
|
if (info != NULL)
|
2010-08-26 22:42:43 +04:00
|
|
|
zfs_zevent_post(report->zcr_ereport,
|
|
|
|
|
report->zcr_detector, zfs_zevent_post_cb);
|
2014-03-04 07:00:11 +04:00
|
|
|
else
|
|
|
|
|
zfs_zevent_post_cb(report->zcr_ereport, report->zcr_detector);
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
|
report->zcr_ereport = report->zcr_detector = NULL;
|
|
|
|
|
if (info != NULL)
|
|
|
|
|
kmem_free(info, sizeof (*info));
|
2021-12-12 18:06:44 +03:00
|
|
|
#else
|
|
|
|
|
(void) report, (void) good_data, (void) bad_data,
|
|
|
|
|
(void) drop_if_identical;
|
2010-05-29 00:45:14 +04:00
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
zfs_ereport_free_checksum(zio_cksum_report_t *rpt)
|
|
|
|
|
{
|
|
|
|
|
#ifdef _KERNEL
|
|
|
|
|
if (rpt->zcr_ereport != NULL) {
|
|
|
|
|
fm_nvlist_destroy(rpt->zcr_ereport,
|
|
|
|
|
FM_NVA_FREE);
|
|
|
|
|
fm_nvlist_destroy(rpt->zcr_detector,
|
|
|
|
|
FM_NVA_FREE);
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
rpt->zcr_free(rpt->zcr_cbdata, rpt->zcr_cbinfo);
|
|
|
|
|
|
|
|
|
|
if (rpt->zcr_ckinfo != NULL)
|
|
|
|
|
kmem_free(rpt->zcr_ckinfo, sizeof (*rpt->zcr_ckinfo));
|
|
|
|
|
|
|
|
|
|
kmem_free(rpt, sizeof (*rpt));
|
|
|
|
|
}
|
|
|
|
|
|
2020-09-04 20:34:28 +03:00
|
|
|
/*
|
|
|
|
|
* Post a checksum ereport
|
|
|
|
|
*
|
|
|
|
|
* Returns
|
|
|
|
|
* - 0 if an event was posted
|
|
|
|
|
* - EINVAL if there was a problem posting event
|
|
|
|
|
* - EBUSY if the event was rate limited
|
|
|
|
|
* - EALREADY if the event was already posted (duplicate)
|
|
|
|
|
*/
|
2018-11-09 03:47:24 +03:00
|
|
|
int
|
2018-03-31 21:12:51 +03:00
|
|
|
zfs_ereport_post_checksum(spa_t *spa, vdev_t *vd, const zbookmark_phys_t *zb,
|
2010-05-29 00:45:14 +04:00
|
|
|
struct zio *zio, uint64_t offset, uint64_t length,
|
2017-01-05 22:10:07 +03:00
|
|
|
const abd_t *good_data, const abd_t *bad_data, zio_bad_cksum_t *zbc)
|
2010-05-29 00:45:14 +04:00
|
|
|
{
|
2018-11-09 03:47:24 +03:00
|
|
|
int rc = 0;
|
2010-05-29 00:45:14 +04:00
|
|
|
#ifdef _KERNEL
|
|
|
|
|
nvlist_t *ereport = NULL;
|
|
|
|
|
nvlist_t *detector = NULL;
|
|
|
|
|
zfs_ecksum_info_t *info;
|
|
|
|
|
|
2020-09-04 20:34:28 +03:00
|
|
|
if (!zfs_ereport_is_valid(FM_EREPORT_ZFS_CHECKSUM, spa, vd, zio))
|
|
|
|
|
return (SET_ERROR(EINVAL));
|
|
|
|
|
|
|
|
|
|
if (zfs_ereport_is_duplicate(FM_EREPORT_ZFS_CHECKSUM, spa, vd, zb, zio,
|
|
|
|
|
offset, length))
|
|
|
|
|
return (SET_ERROR(EALREADY));
|
|
|
|
|
|
2018-11-09 03:47:24 +03:00
|
|
|
if (zfs_is_ratelimiting_event(FM_EREPORT_ZFS_CHECKSUM, vd))
|
2020-09-04 20:34:28 +03:00
|
|
|
return (SET_ERROR(EBUSY));
|
2010-05-29 00:45:14 +04:00
|
|
|
|
2018-11-09 03:47:24 +03:00
|
|
|
if (!zfs_ereport_start(&ereport, &detector, FM_EREPORT_ZFS_CHECKSUM,
|
|
|
|
|
spa, vd, zb, zio, offset, length) || (ereport == NULL)) {
|
|
|
|
|
return (SET_ERROR(EINVAL));
|
|
|
|
|
}
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
|
info = annotate_ecksum(ereport, zbc, good_data, bad_data, length,
|
|
|
|
|
B_FALSE);
|
|
|
|
|
|
2010-08-26 22:42:43 +04:00
|
|
|
if (info != NULL) {
|
2018-11-09 03:47:24 +03:00
|
|
|
rc = zfs_zevent_post(ereport, detector, zfs_zevent_post_cb);
|
2010-05-29 00:45:14 +04:00
|
|
|
kmem_free(info, sizeof (*info));
|
2010-08-26 22:42:43 +04:00
|
|
|
}
|
2021-12-12 18:06:44 +03:00
|
|
|
#else
|
|
|
|
|
(void) spa, (void) vd, (void) zb, (void) zio, (void) offset,
|
|
|
|
|
(void) length, (void) good_data, (void) bad_data, (void) zbc;
|
2010-05-29 00:45:14 +04:00
|
|
|
#endif
|
2018-11-09 03:47:24 +03:00
|
|
|
return (rc);
|
2010-05-29 00:45:14 +04:00
|
|
|
}
|
|
|
|
|
|
2017-05-30 21:39:17 +03:00
|
|
|
/*
|
|
|
|
|
* The 'sysevent.fs.zfs.*' events are signals posted to notify user space of
|
|
|
|
|
* change in the pool. All sysevents are listed in sys/sysevent/eventdefs.h
|
|
|
|
|
* and are designed to be consumed by the ZFS Event Daemon (ZED). For
|
|
|
|
|
* additional details refer to the zed(8) man page.
|
|
|
|
|
*/
|
|
|
|
|
nvlist_t *
|
|
|
|
|
zfs_event_create(spa_t *spa, vdev_t *vd, const char *type, const char *name,
|
2016-09-01 00:46:58 +03:00
|
|
|
nvlist_t *aux)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2017-05-30 21:39:17 +03:00
|
|
|
nvlist_t *resource = NULL;
|
2008-11-20 23:01:55 +03:00
|
|
|
#ifdef _KERNEL
|
|
|
|
|
char class[64];
|
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
if (spa_load_state(spa) == SPA_LOAD_TRYIMPORT)
|
2017-05-30 21:39:17 +03:00
|
|
|
return (NULL);
|
2010-05-29 00:45:14 +04:00
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
if ((resource = fm_nvlist_create(NULL)) == NULL)
|
2017-05-30 21:39:17 +03:00
|
|
|
return (NULL);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2016-07-28 01:29:15 +03:00
|
|
|
(void) snprintf(class, sizeof (class), "%s.%s.%s", type,
|
2008-11-20 23:01:55 +03:00
|
|
|
ZFS_ERROR_CLASS, name);
|
2014-01-25 03:47:46 +04:00
|
|
|
VERIFY0(nvlist_add_uint8(resource, FM_VERSION, FM_RSRC_VERSION));
|
|
|
|
|
VERIFY0(nvlist_add_string(resource, FM_CLASS, class));
|
2017-04-04 00:23:02 +03:00
|
|
|
VERIFY0(nvlist_add_string(resource,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_POOL, spa_name(spa)));
|
2014-01-25 03:47:46 +04:00
|
|
|
VERIFY0(nvlist_add_uint64(resource,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_POOL_GUID, spa_guid(spa)));
|
2017-04-04 00:23:02 +03:00
|
|
|
VERIFY0(nvlist_add_uint64(resource,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_POOL_STATE, spa_state(spa)));
|
2014-01-25 03:47:46 +04:00
|
|
|
VERIFY0(nvlist_add_int32(resource,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_POOL_CONTEXT, spa_load_state(spa)));
|
|
|
|
|
|
2010-08-26 22:42:43 +04:00
|
|
|
if (vd) {
|
2014-01-25 03:47:46 +04:00
|
|
|
VERIFY0(nvlist_add_uint64(resource,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_GUID, vd->vdev_guid));
|
|
|
|
|
VERIFY0(nvlist_add_uint64(resource,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_STATE, vd->vdev_state));
|
2016-07-28 01:29:15 +03:00
|
|
|
if (vd->vdev_path != NULL)
|
|
|
|
|
VERIFY0(nvlist_add_string(resource,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_PATH, vd->vdev_path));
|
|
|
|
|
if (vd->vdev_devid != NULL)
|
|
|
|
|
VERIFY0(nvlist_add_string(resource,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_DEVID, vd->vdev_devid));
|
|
|
|
|
if (vd->vdev_fru != NULL)
|
|
|
|
|
VERIFY0(nvlist_add_string(resource,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_FRU, vd->vdev_fru));
|
2016-10-25 21:05:30 +03:00
|
|
|
if (vd->vdev_enc_sysfs_path != NULL)
|
|
|
|
|
VERIFY0(nvlist_add_string(resource,
|
|
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_ENC_SYSFS_PATH,
|
|
|
|
|
vd->vdev_enc_sysfs_path));
|
2017-05-30 21:39:17 +03:00
|
|
|
}
|
2016-09-01 00:46:58 +03:00
|
|
|
|
2017-05-30 21:39:17 +03:00
|
|
|
/* also copy any optional payload data */
|
|
|
|
|
if (aux) {
|
|
|
|
|
nvpair_t *elem = NULL;
|
|
|
|
|
|
|
|
|
|
while ((elem = nvlist_next_nvpair(aux, elem)) != NULL)
|
|
|
|
|
(void) nvlist_add_nvpair(resource, elem);
|
2010-08-26 22:42:43 +04:00
|
|
|
}
|
2021-12-12 18:06:44 +03:00
|
|
|
#else
|
|
|
|
|
(void) spa, (void) vd, (void) type, (void) name, (void) aux;
|
2017-05-30 21:39:17 +03:00
|
|
|
#endif
|
|
|
|
|
return (resource);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
zfs_post_common(spa_t *spa, vdev_t *vd, const char *type, const char *name,
|
|
|
|
|
nvlist_t *aux)
|
|
|
|
|
{
|
|
|
|
|
#ifdef _KERNEL
|
|
|
|
|
nvlist_t *resource;
|
|
|
|
|
|
|
|
|
|
resource = zfs_event_create(spa, vd, type, name, aux);
|
|
|
|
|
if (resource)
|
|
|
|
|
zfs_zevent_post(resource, NULL, zfs_zevent_post_cb);
|
2021-12-12 18:06:44 +03:00
|
|
|
#else
|
|
|
|
|
(void) spa, (void) vd, (void) type, (void) name, (void) aux;
|
2008-11-20 23:01:55 +03:00
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* The 'resource.fs.zfs.removed' event is an internal signal that the given vdev
|
|
|
|
|
* has been removed from the system. This will cause the DE to ignore any
|
|
|
|
|
* recent I/O errors, inferring that they are due to the asynchronous device
|
|
|
|
|
* removal.
|
|
|
|
|
*/
|
|
|
|
|
void
|
|
|
|
|
zfs_post_remove(spa_t *spa, vdev_t *vd)
|
|
|
|
|
{
|
2016-09-01 00:46:58 +03:00
|
|
|
zfs_post_common(spa, vd, FM_RSRC_CLASS, FM_RESOURCE_REMOVED, NULL);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* The 'resource.fs.zfs.autoreplace' event is an internal signal that the pool
|
|
|
|
|
* has the 'autoreplace' property set, and therefore any broken vdevs will be
|
|
|
|
|
* handled by higher level logic, and no vdev fault should be generated.
|
|
|
|
|
*/
|
|
|
|
|
void
|
|
|
|
|
zfs_post_autoreplace(spa_t *spa, vdev_t *vd)
|
|
|
|
|
{
|
2016-09-01 00:46:58 +03:00
|
|
|
zfs_post_common(spa, vd, FM_RSRC_CLASS, FM_RESOURCE_AUTOREPLACE, NULL);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* The 'resource.fs.zfs.statechange' event is an internal signal that the
|
|
|
|
|
* given vdev has transitioned its state to DEGRADED or HEALTHY. This will
|
|
|
|
|
* cause the retire agent to repair any outstanding fault management cases
|
|
|
|
|
* open because the device was not found (fault.fs.zfs.device).
|
|
|
|
|
*/
|
|
|
|
|
void
|
2016-09-01 00:46:58 +03:00
|
|
|
zfs_post_state_change(spa_t *spa, vdev_t *vd, uint64_t laststate)
|
2010-05-29 00:45:14 +04:00
|
|
|
{
|
2016-09-01 00:46:58 +03:00
|
|
|
#ifdef _KERNEL
|
|
|
|
|
nvlist_t *aux;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Add optional supplemental keys to payload
|
|
|
|
|
*/
|
|
|
|
|
aux = fm_nvlist_create(NULL);
|
|
|
|
|
if (vd && aux) {
|
|
|
|
|
if (vd->vdev_physpath) {
|
2022-09-24 02:52:03 +03:00
|
|
|
fnvlist_add_string(aux,
|
2016-09-01 00:46:58 +03:00
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_PHYSPATH,
|
|
|
|
|
vd->vdev_physpath);
|
|
|
|
|
}
|
2016-10-24 20:45:59 +03:00
|
|
|
if (vd->vdev_enc_sysfs_path) {
|
2022-09-24 02:52:03 +03:00
|
|
|
fnvlist_add_string(aux,
|
2016-10-24 20:45:59 +03:00
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_ENC_SYSFS_PATH,
|
|
|
|
|
vd->vdev_enc_sysfs_path);
|
|
|
|
|
}
|
|
|
|
|
|
2022-09-24 02:52:03 +03:00
|
|
|
fnvlist_add_uint64(aux,
|
2016-09-01 00:46:58 +03:00
|
|
|
FM_EREPORT_PAYLOAD_ZFS_VDEV_LASTSTATE, laststate);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
zfs_post_common(spa, vd, FM_RSRC_CLASS, FM_RESOURCE_STATECHANGE,
|
|
|
|
|
aux);
|
|
|
|
|
|
|
|
|
|
if (aux)
|
|
|
|
|
fm_nvlist_destroy(aux, FM_NVA_FREE);
|
2021-12-12 18:06:44 +03:00
|
|
|
#else
|
|
|
|
|
(void) spa, (void) vd, (void) laststate;
|
2016-09-01 00:46:58 +03:00
|
|
|
#endif
|
2016-07-28 01:29:15 +03:00
|
|
|
}
|
|
|
|
|
|
2020-09-04 20:34:28 +03:00
|
|
|
#ifdef _KERNEL
|
|
|
|
|
void
|
|
|
|
|
zfs_ereport_init(void)
|
|
|
|
|
{
|
|
|
|
|
mutex_init(&recent_events_lock, NULL, MUTEX_DEFAULT, NULL);
|
|
|
|
|
list_create(&recent_events_list, sizeof (recent_events_node_t),
|
|
|
|
|
offsetof(recent_events_node_t, re_list_link));
|
|
|
|
|
avl_create(&recent_events_tree, recent_events_compare,
|
|
|
|
|
sizeof (recent_events_node_t), offsetof(recent_events_node_t,
|
|
|
|
|
re_tree_link));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* This 'early' fini needs to run before zfs_fini() which on Linux waits
|
|
|
|
|
* for the system_delay_taskq to drain.
|
|
|
|
|
*/
|
|
|
|
|
void
|
|
|
|
|
zfs_ereport_taskq_fini(void)
|
|
|
|
|
{
|
|
|
|
|
mutex_enter(&recent_events_lock);
|
|
|
|
|
if (recent_events_cleaner_tqid != 0) {
|
|
|
|
|
taskq_cancel_id(system_delay_taskq, recent_events_cleaner_tqid);
|
|
|
|
|
recent_events_cleaner_tqid = 0;
|
|
|
|
|
}
|
|
|
|
|
mutex_exit(&recent_events_lock);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
zfs_ereport_fini(void)
|
|
|
|
|
{
|
|
|
|
|
recent_events_node_t *entry;
|
|
|
|
|
|
|
|
|
|
while ((entry = list_head(&recent_events_list)) != NULL) {
|
|
|
|
|
avl_remove(&recent_events_tree, entry);
|
|
|
|
|
list_remove(&recent_events_list, entry);
|
|
|
|
|
kmem_free(entry, sizeof (*entry));
|
|
|
|
|
}
|
|
|
|
|
avl_destroy(&recent_events_tree);
|
|
|
|
|
list_destroy(&recent_events_list);
|
|
|
|
|
mutex_destroy(&recent_events_lock);
|
|
|
|
|
}
|
|
|
|
|
|
2021-09-09 20:44:21 +03:00
|
|
|
void
|
|
|
|
|
zfs_ereport_snapshot_post(const char *subclass, spa_t *spa, const char *name)
|
|
|
|
|
{
|
|
|
|
|
nvlist_t *aux;
|
|
|
|
|
|
|
|
|
|
aux = fm_nvlist_create(NULL);
|
2022-09-29 19:02:57 +03:00
|
|
|
fnvlist_add_string(aux, FM_EREPORT_PAYLOAD_ZFS_SNAPSHOT_NAME, name);
|
2021-09-09 20:44:21 +03:00
|
|
|
|
|
|
|
|
zfs_post_common(spa, NULL, FM_RSRC_CLASS, subclass, aux);
|
|
|
|
|
fm_nvlist_destroy(aux, FM_NVA_FREE);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Post when a event when a zvol is created or removed
|
|
|
|
|
*
|
|
|
|
|
* This is currently only used by macOS, since it uses the event to create
|
|
|
|
|
* symlinks between the volume name (mypool/myvol) and the actual /dev
|
|
|
|
|
* device (/dev/disk3). For example:
|
|
|
|
|
*
|
|
|
|
|
* /var/run/zfs/dsk/mypool/myvol -> /dev/disk3
|
|
|
|
|
*
|
|
|
|
|
* name: The full name of the zvol ("mypool/myvol")
|
|
|
|
|
* dev_name: The full /dev name for the zvol ("/dev/disk3")
|
|
|
|
|
* raw_name: The raw /dev name for the zvol ("/dev/rdisk3")
|
|
|
|
|
*/
|
|
|
|
|
void
|
|
|
|
|
zfs_ereport_zvol_post(const char *subclass, const char *name,
|
|
|
|
|
const char *dev_name, const char *raw_name)
|
|
|
|
|
{
|
|
|
|
|
nvlist_t *aux;
|
|
|
|
|
char *r;
|
|
|
|
|
|
|
|
|
|
boolean_t locked = mutex_owned(&spa_namespace_lock);
|
|
|
|
|
if (!locked) mutex_enter(&spa_namespace_lock);
|
|
|
|
|
spa_t *spa = spa_lookup(name);
|
|
|
|
|
if (!locked) mutex_exit(&spa_namespace_lock);
|
|
|
|
|
|
|
|
|
|
if (spa == NULL)
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
aux = fm_nvlist_create(NULL);
|
2022-09-24 02:52:03 +03:00
|
|
|
fnvlist_add_string(aux, FM_EREPORT_PAYLOAD_ZFS_DEVICE_NAME, dev_name);
|
|
|
|
|
fnvlist_add_string(aux, FM_EREPORT_PAYLOAD_ZFS_RAW_DEVICE_NAME,
|
2021-09-09 20:44:21 +03:00
|
|
|
raw_name);
|
|
|
|
|
r = strchr(name, '/');
|
|
|
|
|
if (r && r[1])
|
2022-09-24 02:52:03 +03:00
|
|
|
fnvlist_add_string(aux, FM_EREPORT_PAYLOAD_ZFS_VOLUME, &r[1]);
|
2021-09-09 20:44:21 +03:00
|
|
|
|
|
|
|
|
zfs_post_common(spa, NULL, FM_RSRC_CLASS, subclass, aux);
|
|
|
|
|
fm_nvlist_destroy(aux, FM_NVA_FREE);
|
|
|
|
|
}
|
|
|
|
|
|
2010-08-26 22:42:43 +04:00
|
|
|
EXPORT_SYMBOL(zfs_ereport_post);
|
2018-11-09 03:47:24 +03:00
|
|
|
EXPORT_SYMBOL(zfs_ereport_is_valid);
|
2010-08-26 22:42:43 +04:00
|
|
|
EXPORT_SYMBOL(zfs_ereport_post_checksum);
|
|
|
|
|
EXPORT_SYMBOL(zfs_post_remove);
|
|
|
|
|
EXPORT_SYMBOL(zfs_post_autoreplace);
|
|
|
|
|
EXPORT_SYMBOL(zfs_post_state_change);
|
2020-09-04 20:34:28 +03:00
|
|
|
|
|
|
|
|
ZFS_MODULE_PARAM(zfs_zevent, zfs_zevent_, retain_max, UINT, ZMOD_RW,
|
|
|
|
|
"Maximum recent zevents records to retain for duplicate checking");
|
|
|
|
|
ZFS_MODULE_PARAM(zfs_zevent, zfs_zevent_, retain_expire_secs, UINT, ZMOD_RW,
|
|
|
|
|
"Expiration time for recent zevents records");
|
2010-08-26 22:42:43 +04:00
|
|
|
#endif /* _KERNEL */
|