2 * Copyright (C) 2001-2002 Sistina Software (UK) Limited.
3 * Copyright (C) 2006-2008 Red Hat GmbH
5 * This file is released under the GPL.
8 #include "dm-exception-store.h"
10 #include <linux/ctype.h>
12 #include <linux/pagemap.h>
13 #include <linux/vmalloc.h>
14 #include <linux/export.h>
15 #include <linux/slab.h>
16 #include <linux/dm-io.h>
19 #define DM_MSG_PREFIX "persistent snapshot"
20 #define DM_CHUNK_SIZE_DEFAULT_SECTORS 32 /* 16KB */
22 #define DM_PREFETCH_CHUNKS 12
24 /*-----------------------------------------------------------------
25 * Persistent snapshots, by persistent we mean that the snapshot
26 * will survive a reboot.
27 *---------------------------------------------------------------*/
30 * We need to store a record of which parts of the origin have
31 * been copied to the snapshot device. The snapshot code
32 * requires that we copy exception chunks to chunk aligned areas
33 * of the COW store. It makes sense therefore, to store the
34 * metadata in chunk size blocks.
36 * There is no backward or forward compatibility implemented,
37 * snapshots with different disk versions than the kernel will
38 * not be usable. It is expected that "lvcreate" will blank out
39 * the start of a fresh COW device before calling the snapshot
42 * The first chunk of the COW device just contains the header.
43 * After this there is a chunk filled with exception metadata,
44 * followed by as many exception chunks as can fit in the
47 * All on disk structures are in little-endian format. The end
48 * of the exceptions info is indicated by an exception with a
49 * new_chunk of 0, which is invalid since it would point to the
54 * Magic for persistent snapshots: "SnAp" - Feeble isn't it.
56 #define SNAP_MAGIC 0x70416e53
59 * The on-disk version of the metadata.
61 #define SNAPSHOT_DISK_VERSION 1
63 #define NUM_SNAPSHOT_HDR_CHUNKS 1
69 * Is this snapshot valid. There is no way of recovering
70 * an invalid snapshot.
75 * Simple, incrementing version. no backward
84 struct disk_exception
{
89 struct core_exception
{
94 struct commit_callback
{
95 void (*callback
)(void *, int success
);
100 * The top level structure for a persistent exception store.
103 struct dm_exception_store
*store
;
106 uint32_t exceptions_per_area
;
109 * Now that we have an asynchronous kcopyd there is no
110 * need for large chunk sizes, so it wont hurt to have a
111 * whole chunks worth of metadata in memory at once.
116 * An area of zeros used to clear the next area.
121 * An area used for header. The header can be written
122 * concurrently with metadata (when invalidating the snapshot),
123 * so it needs a separate buffer.
128 * Used to keep track of which metadata area the data in
131 chunk_t current_area
;
134 * The next free chunk for an exception.
136 * When creating exceptions, all the chunks here and above are
137 * free. It holds the next chunk to be allocated. On rare
138 * occasions (e.g. after a system crash) holes can be left in
139 * the exception store because chunks can be committed out of
142 * When merging exceptions, it does not necessarily mean all the
143 * chunks here and above are free. It holds the value it would
144 * have held if all chunks had been committed in order of
145 * allocation. Consequently the value may occasionally be
146 * slightly too low, but since it's only used for 'status' and
147 * it can never reach its minimum value too early this doesn't
154 * The index of next free exception in the current
157 uint32_t current_committed
;
159 atomic_t pending_count
;
160 uint32_t callback_count
;
161 struct commit_callback
*callbacks
;
162 struct dm_io_client
*io_client
;
164 struct workqueue_struct
*metadata_wq
;
167 static int alloc_area(struct pstore
*ps
)
172 len
= ps
->store
->chunk_size
<< SECTOR_SHIFT
;
175 * Allocate the chunk_size block of memory that will hold
176 * a single metadata area.
178 ps
->area
= vmalloc(len
);
182 ps
->zero_area
= vzalloc(len
);
186 ps
->header_area
= vmalloc(len
);
187 if (!ps
->header_area
)
188 goto err_header_area
;
193 vfree(ps
->zero_area
);
202 static void free_area(struct pstore
*ps
)
206 vfree(ps
->zero_area
);
207 ps
->zero_area
= NULL
;
208 vfree(ps
->header_area
);
209 ps
->header_area
= NULL
;
213 struct dm_io_region
*where
;
214 struct dm_io_request
*io_req
;
215 struct work_struct work
;
219 static void do_metadata(struct work_struct
*work
)
221 struct mdata_req
*req
= container_of(work
, struct mdata_req
, work
);
223 req
->result
= dm_io(req
->io_req
, 1, req
->where
, NULL
);
227 * Read or write a chunk aligned and sized block of data from a device.
229 static int chunk_io(struct pstore
*ps
, void *area
, chunk_t chunk
, int op
,
230 int op_flags
, int metadata
)
232 struct dm_io_region where
= {
233 .bdev
= dm_snap_cow(ps
->store
->snap
)->bdev
,
234 .sector
= ps
->store
->chunk_size
* chunk
,
235 .count
= ps
->store
->chunk_size
,
237 struct dm_io_request io_req
= {
239 .bi_op_flags
= op_flags
,
240 .mem
.type
= DM_IO_VMA
,
242 .client
= ps
->io_client
,
245 struct mdata_req req
;
248 return dm_io(&io_req
, 1, &where
, NULL
);
251 req
.io_req
= &io_req
;
254 * Issue the synchronous I/O from a different thread
255 * to avoid generic_make_request recursion.
257 INIT_WORK_ONSTACK(&req
.work
, do_metadata
);
258 queue_work(ps
->metadata_wq
, &req
.work
);
259 flush_workqueue(ps
->metadata_wq
);
260 destroy_work_on_stack(&req
.work
);
266 * Convert a metadata area index to a chunk index.
268 static chunk_t
area_location(struct pstore
*ps
, chunk_t area
)
270 return NUM_SNAPSHOT_HDR_CHUNKS
+ ((ps
->exceptions_per_area
+ 1) * area
);
273 static void skip_metadata(struct pstore
*ps
)
275 uint32_t stride
= ps
->exceptions_per_area
+ 1;
276 chunk_t next_free
= ps
->next_free
;
277 if (sector_div(next_free
, stride
) == NUM_SNAPSHOT_HDR_CHUNKS
)
282 * Read or write a metadata area. Remembering to skip the first
283 * chunk which holds the header.
285 static int area_io(struct pstore
*ps
, int op
, int op_flags
)
290 chunk
= area_location(ps
, ps
->current_area
);
292 r
= chunk_io(ps
, ps
->area
, chunk
, op
, op_flags
, 0);
299 static void zero_memory_area(struct pstore
*ps
)
301 memset(ps
->area
, 0, ps
->store
->chunk_size
<< SECTOR_SHIFT
);
304 static int zero_disk_area(struct pstore
*ps
, chunk_t area
)
306 return chunk_io(ps
, ps
->zero_area
, area_location(ps
, area
),
310 static int read_header(struct pstore
*ps
, int *new_snapshot
)
313 struct disk_header
*dh
;
315 int chunk_size_supplied
= 1;
319 * Use default chunk size (or logical_block_size, if larger)
322 if (!ps
->store
->chunk_size
) {
323 ps
->store
->chunk_size
= max(DM_CHUNK_SIZE_DEFAULT_SECTORS
,
324 bdev_logical_block_size(dm_snap_cow(ps
->store
->snap
)->
326 ps
->store
->chunk_mask
= ps
->store
->chunk_size
- 1;
327 ps
->store
->chunk_shift
= __ffs(ps
->store
->chunk_size
);
328 chunk_size_supplied
= 0;
331 ps
->io_client
= dm_io_client_create();
332 if (IS_ERR(ps
->io_client
))
333 return PTR_ERR(ps
->io_client
);
339 r
= chunk_io(ps
, ps
->header_area
, 0, REQ_OP_READ
, 0, 1);
343 dh
= ps
->header_area
;
345 if (le32_to_cpu(dh
->magic
) == 0) {
350 if (le32_to_cpu(dh
->magic
) != SNAP_MAGIC
) {
351 DMWARN("Invalid or corrupt snapshot");
357 ps
->valid
= le32_to_cpu(dh
->valid
);
358 ps
->version
= le32_to_cpu(dh
->version
);
359 chunk_size
= le32_to_cpu(dh
->chunk_size
);
361 if (ps
->store
->chunk_size
== chunk_size
)
364 if (chunk_size_supplied
)
365 DMWARN("chunk size %u in device metadata overrides "
366 "table chunk size of %u.",
367 chunk_size
, ps
->store
->chunk_size
);
369 /* We had a bogus chunk_size. Fix stuff up. */
372 r
= dm_exception_store_set_chunk_size(ps
->store
, chunk_size
,
375 DMERR("invalid on-disk chunk size %u: %s.",
376 chunk_size
, chunk_err
);
388 static int write_header(struct pstore
*ps
)
390 struct disk_header
*dh
;
392 memset(ps
->header_area
, 0, ps
->store
->chunk_size
<< SECTOR_SHIFT
);
394 dh
= ps
->header_area
;
395 dh
->magic
= cpu_to_le32(SNAP_MAGIC
);
396 dh
->valid
= cpu_to_le32(ps
->valid
);
397 dh
->version
= cpu_to_le32(ps
->version
);
398 dh
->chunk_size
= cpu_to_le32(ps
->store
->chunk_size
);
400 return chunk_io(ps
, ps
->header_area
, 0, REQ_OP_WRITE
, 0, 1);
404 * Access functions for the disk exceptions, these do the endian conversions.
406 static struct disk_exception
*get_exception(struct pstore
*ps
, void *ps_area
,
409 BUG_ON(index
>= ps
->exceptions_per_area
);
411 return ((struct disk_exception
*) ps_area
) + index
;
414 static void read_exception(struct pstore
*ps
, void *ps_area
,
415 uint32_t index
, struct core_exception
*result
)
417 struct disk_exception
*de
= get_exception(ps
, ps_area
, index
);
420 result
->old_chunk
= le64_to_cpu(de
->old_chunk
);
421 result
->new_chunk
= le64_to_cpu(de
->new_chunk
);
424 static void write_exception(struct pstore
*ps
,
425 uint32_t index
, struct core_exception
*e
)
427 struct disk_exception
*de
= get_exception(ps
, ps
->area
, index
);
430 de
->old_chunk
= cpu_to_le64(e
->old_chunk
);
431 de
->new_chunk
= cpu_to_le64(e
->new_chunk
);
434 static void clear_exception(struct pstore
*ps
, uint32_t index
)
436 struct disk_exception
*de
= get_exception(ps
, ps
->area
, index
);
444 * Registers the exceptions that are present in the current area.
445 * 'full' is filled in to indicate if the area has been
448 static int insert_exceptions(struct pstore
*ps
, void *ps_area
,
449 int (*callback
)(void *callback_context
,
450 chunk_t old
, chunk_t
new),
451 void *callback_context
,
456 struct core_exception e
;
458 /* presume the area is full */
461 for (i
= 0; i
< ps
->exceptions_per_area
; i
++) {
462 read_exception(ps
, ps_area
, i
, &e
);
465 * If the new_chunk is pointing at the start of
466 * the COW device, where the first metadata area
467 * is we know that we've hit the end of the
468 * exceptions. Therefore the area is not full.
470 if (e
.new_chunk
== 0LL) {
471 ps
->current_committed
= i
;
477 * Keep track of the start of the free chunks.
479 if (ps
->next_free
<= e
.new_chunk
)
480 ps
->next_free
= e
.new_chunk
+ 1;
483 * Otherwise we add the exception to the snapshot.
485 r
= callback(callback_context
, e
.old_chunk
, e
.new_chunk
);
493 static int read_exceptions(struct pstore
*ps
,
494 int (*callback
)(void *callback_context
, chunk_t old
,
496 void *callback_context
)
499 struct dm_bufio_client
*client
;
500 chunk_t prefetch_area
= 0;
502 client
= dm_bufio_client_create(dm_snap_cow(ps
->store
->snap
)->bdev
,
503 ps
->store
->chunk_size
<< SECTOR_SHIFT
,
507 return PTR_ERR(client
);
510 * Setup for one current buffer + desired readahead buffers.
512 dm_bufio_set_minimum_buffers(client
, 1 + DM_PREFETCH_CHUNKS
);
515 * Keeping reading chunks and inserting exceptions until
516 * we find a partially full area.
518 for (ps
->current_area
= 0; full
; ps
->current_area
++) {
519 struct dm_buffer
*bp
;
523 if (unlikely(prefetch_area
< ps
->current_area
))
524 prefetch_area
= ps
->current_area
;
526 if (DM_PREFETCH_CHUNKS
) do {
527 chunk_t pf_chunk
= area_location(ps
, prefetch_area
);
528 if (unlikely(pf_chunk
>= dm_bufio_get_device_size(client
)))
530 dm_bufio_prefetch(client
, pf_chunk
, 1);
532 if (unlikely(!prefetch_area
))
534 } while (prefetch_area
<= ps
->current_area
+ DM_PREFETCH_CHUNKS
);
536 chunk
= area_location(ps
, ps
->current_area
);
538 area
= dm_bufio_read(client
, chunk
, &bp
);
541 goto ret_destroy_bufio
;
544 r
= insert_exceptions(ps
, area
, callback
, callback_context
,
548 memcpy(ps
->area
, area
, ps
->store
->chunk_size
<< SECTOR_SHIFT
);
550 dm_bufio_release(bp
);
552 dm_bufio_forget(client
, chunk
);
555 goto ret_destroy_bufio
;
565 dm_bufio_client_destroy(client
);
570 static struct pstore
*get_info(struct dm_exception_store
*store
)
572 return (struct pstore
*) store
->context
;
575 static void persistent_usage(struct dm_exception_store
*store
,
576 sector_t
*total_sectors
,
577 sector_t
*sectors_allocated
,
578 sector_t
*metadata_sectors
)
580 struct pstore
*ps
= get_info(store
);
582 *sectors_allocated
= ps
->next_free
* store
->chunk_size
;
583 *total_sectors
= get_dev_size(dm_snap_cow(store
->snap
)->bdev
);
586 * First chunk is the fixed header.
587 * Then there are (ps->current_area + 1) metadata chunks, each one
588 * separated from the next by ps->exceptions_per_area data chunks.
590 *metadata_sectors
= (ps
->current_area
+ 1 + NUM_SNAPSHOT_HDR_CHUNKS
) *
594 static void persistent_dtr(struct dm_exception_store
*store
)
596 struct pstore
*ps
= get_info(store
);
598 destroy_workqueue(ps
->metadata_wq
);
600 /* Created in read_header */
602 dm_io_client_destroy(ps
->io_client
);
605 /* Allocated in persistent_read_metadata */
606 vfree(ps
->callbacks
);
611 static int persistent_read_metadata(struct dm_exception_store
*store
,
612 int (*callback
)(void *callback_context
,
613 chunk_t old
, chunk_t
new),
614 void *callback_context
)
616 int r
, uninitialized_var(new_snapshot
);
617 struct pstore
*ps
= get_info(store
);
620 * Read the snapshot header.
622 r
= read_header(ps
, &new_snapshot
);
627 * Now we know correct chunk_size, complete the initialisation.
629 ps
->exceptions_per_area
= (ps
->store
->chunk_size
<< SECTOR_SHIFT
) /
630 sizeof(struct disk_exception
);
631 ps
->callbacks
= dm_vcalloc(ps
->exceptions_per_area
,
632 sizeof(*ps
->callbacks
));
637 * Do we need to setup a new snapshot ?
640 r
= write_header(ps
);
642 DMWARN("write_header failed");
646 ps
->current_area
= 0;
647 zero_memory_area(ps
);
648 r
= zero_disk_area(ps
, 0);
650 DMWARN("zero_disk_area(0) failed");
656 if (ps
->version
!= SNAPSHOT_DISK_VERSION
) {
657 DMWARN("unable to handle snapshot disk version %d",
663 * Metadata are valid, but snapshot is invalidated
671 r
= read_exceptions(ps
, callback
, callback_context
);
676 static int persistent_prepare_exception(struct dm_exception_store
*store
,
677 struct dm_exception
*e
)
679 struct pstore
*ps
= get_info(store
);
680 sector_t size
= get_dev_size(dm_snap_cow(store
->snap
)->bdev
);
682 /* Is there enough room ? */
683 if (size
< ((ps
->next_free
+ 1) * store
->chunk_size
))
686 e
->new_chunk
= ps
->next_free
;
689 * Move onto the next free pending, making sure to take
690 * into account the location of the metadata chunks.
695 atomic_inc(&ps
->pending_count
);
699 static void persistent_commit_exception(struct dm_exception_store
*store
,
700 struct dm_exception
*e
, int valid
,
701 void (*callback
) (void *, int success
),
702 void *callback_context
)
705 struct pstore
*ps
= get_info(store
);
706 struct core_exception ce
;
707 struct commit_callback
*cb
;
712 ce
.old_chunk
= e
->old_chunk
;
713 ce
.new_chunk
= e
->new_chunk
;
714 write_exception(ps
, ps
->current_committed
++, &ce
);
717 * Add the callback to the back of the array. This code
718 * is the only place where the callback array is
719 * manipulated, and we know that it will never be called
720 * multiple times concurrently.
722 cb
= ps
->callbacks
+ ps
->callback_count
++;
723 cb
->callback
= callback
;
724 cb
->context
= callback_context
;
727 * If there are exceptions in flight and we have not yet
728 * filled this metadata area there's nothing more to do.
730 if (!atomic_dec_and_test(&ps
->pending_count
) &&
731 (ps
->current_committed
!= ps
->exceptions_per_area
))
735 * If we completely filled the current area, then wipe the next one.
737 if ((ps
->current_committed
== ps
->exceptions_per_area
) &&
738 zero_disk_area(ps
, ps
->current_area
+ 1))
742 * Commit exceptions to disk.
744 if (ps
->valid
&& area_io(ps
, REQ_OP_WRITE
, REQ_PREFLUSH
| REQ_FUA
))
748 * Advance to the next area if this one is full.
750 if (ps
->current_committed
== ps
->exceptions_per_area
) {
751 ps
->current_committed
= 0;
753 zero_memory_area(ps
);
756 for (i
= 0; i
< ps
->callback_count
; i
++) {
757 cb
= ps
->callbacks
+ i
;
758 cb
->callback(cb
->context
, ps
->valid
);
761 ps
->callback_count
= 0;
764 static int persistent_prepare_merge(struct dm_exception_store
*store
,
765 chunk_t
*last_old_chunk
,
766 chunk_t
*last_new_chunk
)
768 struct pstore
*ps
= get_info(store
);
769 struct core_exception ce
;
774 * When current area is empty, move back to preceding area.
776 if (!ps
->current_committed
) {
780 if (!ps
->current_area
)
784 r
= area_io(ps
, REQ_OP_READ
, 0);
787 ps
->current_committed
= ps
->exceptions_per_area
;
790 read_exception(ps
, ps
->area
, ps
->current_committed
- 1, &ce
);
791 *last_old_chunk
= ce
.old_chunk
;
792 *last_new_chunk
= ce
.new_chunk
;
795 * Find number of consecutive chunks within the current area,
798 for (nr_consecutive
= 1; nr_consecutive
< ps
->current_committed
;
800 read_exception(ps
, ps
->area
,
801 ps
->current_committed
- 1 - nr_consecutive
, &ce
);
802 if (ce
.old_chunk
!= *last_old_chunk
- nr_consecutive
||
803 ce
.new_chunk
!= *last_new_chunk
- nr_consecutive
)
807 return nr_consecutive
;
810 static int persistent_commit_merge(struct dm_exception_store
*store
,
814 struct pstore
*ps
= get_info(store
);
816 BUG_ON(nr_merged
> ps
->current_committed
);
818 for (i
= 0; i
< nr_merged
; i
++)
819 clear_exception(ps
, ps
->current_committed
- 1 - i
);
821 r
= area_io(ps
, REQ_OP_WRITE
, REQ_PREFLUSH
| REQ_FUA
);
825 ps
->current_committed
-= nr_merged
;
828 * At this stage, only persistent_usage() uses ps->next_free, so
829 * we make no attempt to keep ps->next_free strictly accurate
830 * as exceptions may have been committed out-of-order originally.
831 * Once a snapshot has become merging, we set it to the value it
832 * would have held had all the exceptions been committed in order.
834 * ps->current_area does not get reduced by prepare_merge() until
835 * after commit_merge() has removed the nr_merged previous exceptions.
837 ps
->next_free
= area_location(ps
, ps
->current_area
) +
838 ps
->current_committed
+ 1;
843 static void persistent_drop_snapshot(struct dm_exception_store
*store
)
845 struct pstore
*ps
= get_info(store
);
848 if (write_header(ps
))
849 DMWARN("write header failed");
852 static int persistent_ctr(struct dm_exception_store
*store
, char *options
)
857 /* allocate the pstore */
858 ps
= kzalloc(sizeof(*ps
), GFP_KERNEL
);
864 ps
->version
= SNAPSHOT_DISK_VERSION
;
866 ps
->zero_area
= NULL
;
867 ps
->header_area
= NULL
;
868 ps
->next_free
= NUM_SNAPSHOT_HDR_CHUNKS
+ 1; /* header and 1st area */
869 ps
->current_committed
= 0;
871 ps
->callback_count
= 0;
872 atomic_set(&ps
->pending_count
, 0);
873 ps
->callbacks
= NULL
;
875 ps
->metadata_wq
= alloc_workqueue("ksnaphd", WQ_MEM_RECLAIM
, 0);
876 if (!ps
->metadata_wq
) {
877 DMERR("couldn't start header metadata update thread");
883 char overflow
= toupper(options
[0]);
885 store
->userspace_supports_overflow
= true;
887 DMERR("Unsupported persistent store option: %s", options
);
898 destroy_workqueue(ps
->metadata_wq
);
905 static unsigned persistent_status(struct dm_exception_store
*store
,
906 status_type_t status
, char *result
,
912 case STATUSTYPE_INFO
:
914 case STATUSTYPE_TABLE
:
915 DMEMIT(" %s %llu", store
->userspace_supports_overflow
? "PO" : "P",
916 (unsigned long long)store
->chunk_size
);
922 static struct dm_exception_store_type _persistent_type
= {
923 .name
= "persistent",
924 .module
= THIS_MODULE
,
925 .ctr
= persistent_ctr
,
926 .dtr
= persistent_dtr
,
927 .read_metadata
= persistent_read_metadata
,
928 .prepare_exception
= persistent_prepare_exception
,
929 .commit_exception
= persistent_commit_exception
,
930 .prepare_merge
= persistent_prepare_merge
,
931 .commit_merge
= persistent_commit_merge
,
932 .drop_snapshot
= persistent_drop_snapshot
,
933 .usage
= persistent_usage
,
934 .status
= persistent_status
,
937 static struct dm_exception_store_type _persistent_compat_type
= {
939 .module
= THIS_MODULE
,
940 .ctr
= persistent_ctr
,
941 .dtr
= persistent_dtr
,
942 .read_metadata
= persistent_read_metadata
,
943 .prepare_exception
= persistent_prepare_exception
,
944 .commit_exception
= persistent_commit_exception
,
945 .prepare_merge
= persistent_prepare_merge
,
946 .commit_merge
= persistent_commit_merge
,
947 .drop_snapshot
= persistent_drop_snapshot
,
948 .usage
= persistent_usage
,
949 .status
= persistent_status
,
952 int dm_persistent_snapshot_init(void)
956 r
= dm_exception_store_type_register(&_persistent_type
);
958 DMERR("Unable to register persistent exception store type");
962 r
= dm_exception_store_type_register(&_persistent_compat_type
);
964 DMERR("Unable to register old-style persistent exception "
966 dm_exception_store_type_unregister(&_persistent_type
);
973 void dm_persistent_snapshot_exit(void)
975 dm_exception_store_type_unregister(&_persistent_type
);
976 dm_exception_store_type_unregister(&_persistent_compat_type
);