mirror_zfs/module
Brian Behlendorf 3920d7f325
Scrub mirror children without BPs
When scrubbing a raidz/draid pool, which contains a replacing or
sparing mirror with multiple online children, only one child will
be read.  This is not normally a serious concern because the DTL
records are used to determine where a good copy of the data is.
As long as the data can be read from one child the mirror vdev
will use it to repair gaps in any of its children.  Furthermore,
even if the data which was read is corrupt the raidz code will
detect this and issue its own repair I/O to correct the damage
in the mirror vdev.

However, in the scenario where the DTL is wrong due to silent
data corruption (say due to overwriting one child) and the scrub
happens to read from a child with good data, then the other damaged
mirror child will not be detected nor repaired.

While this is possible for both raidz and draid vdevs, it's most
pronounced when using draid.  This is because by default the zed
will sequentially rebuild a draid pool to a distributed spare,
and the distributed spare half of the mirror is always preferred
since it delivers better performance.  This means the damaged
half of the mirror will go undetected even after scrubbing.

For system administrations this behavior is non-intuitive and in
a worst case scenario could result in the only good copy of the
data being unknowingly detached from the mirror.

This change resolves the issue by reading all replacing/sparing
mirror children when scrubbing.  When the BP isn't available for
verification, then compare the data buffers from each child.  They
must all be identical, if not there's silent damage and an error
is returned to prompt the top-level vdev to issue a repair I/O to
rewrite the data on all of the mirror children.  Since we can't
tell which child was wrong a checksum error is logged against the
replacing or sparing mirror vdev.

Reviewed-by: Mark Maybee <mark.maybee@delphix.com>
Reviewed-by: Tony Hutter <hutter2@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #13555
2022-07-14 10:21:29 -07:00
..
avl Fix various typos 2021-04-07 13:27:11 -07:00
icp Fix functions without a prototype 2022-05-20 10:33:24 -07:00
lua Use fallthrough macro 2021-11-02 09:50:30 -07:00
nvpair Update checkstyle workflow env to ubuntu-20.04 2021-12-08 13:27:56 -08:00
os Linux 5.19 compat: aops->read_folio() 2022-06-01 14:24:49 -07:00
spl Cleanup linux module kbuild files 2020-06-10 09:24:15 -07:00
unicode Update checkstyle workflow env to ubuntu-20.04 2021-12-08 13:27:56 -08:00
zcommon Linux 5.16 compat: don't use XSTATE_XSAVE to save FPU state 2022-02-16 17:58:55 -08:00
zfs Scrub mirror children without BPs 2022-07-14 10:21:29 -07:00
zstd module: zstd: check we don't leak symbols; regenerate symbol map 2022-05-16 15:48:21 -07:00
.gitignore Cleanup linux module kbuild files 2020-06-10 09:24:15 -07:00
Kbuild.in Add zstd support to zfs 2020-08-20 10:30:06 -07:00
Makefile.bsd FreeBSD: Silence clang unused-but-set-variable 2022-06-15 11:27:28 -07:00
Makefile.in Add support for $KERNEL_{CC,LD,LLVM} variables 2022-02-16 17:58:55 -08:00