linux-hardened/drivers/md
NeilBrown dfc7064500 md: restart recovery cleanly after device failure.
When we get any IO error during a recovery (rebuilding a spare), we abort
the recovery and restart it.

For RAID6 (and multi-drive RAID1) it may not be best to restart at the
beginning: when multiple failures can be tolerated, the recovery may be
able to continue and re-doing all that has already been done doesn't make
sense.

We already have the infrastructure to record where a recovery is up to
and restart from there, but it is not being used properly.
This is because:
  - We sometimes abort with MD_RECOVERY_ERR rather than just MD_RECOVERY_INTR,
    which causes the recovery not be be checkpointed.
  - We remove spares and then re-added them which loses important state
    information.

The distinction between MD_RECOVERY_ERR and MD_RECOVERY_INTR really isn't
needed.  If there is an error, the relevant drive will be marked as
Faulty, and that is enough to ensure correct handling of the error.  So we
first remove MD_RECOVERY_ERR, changing some of the uses of it to
MD_RECOVERY_INTR.

Then we cause the attempt to remove a non-faulty device from an array to
fail (unless recovery is impossible as the array is too degraded).  Then
when remove_and_add_spares attempts to remove the devices on which
recovery can continue, it will fail, they will remain in place, and
recovery will continue on them as desired.

Issue:  If we are halfway through rebuilding a spare and another drive
fails, and a new spare is immediately available,  do we want to:
 1/ complete the current rebuild, then go back and rebuild the new spare or
 2/ restart the rebuild from the start and rebuild both devices in
    parallel.

Both options can be argued for.  The code currently takes option 2 as
  a/ this requires least code change
  b/ this results in a minimally-degraded array in minimal time.

Cc: "Eivind Sarto" <ivan@kasenna.com>
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-05-24 09:56:10 -07:00
..
raid6test md: raid6: clean up the style of raid6test/test.c 2008-02-06 10:41:18 -08:00
.gitignore gitignore: misc files 2006-01-01 22:21:50 +01:00
bitmap.c md: kill file_path wrapper 2008-05-24 09:56:09 -07:00
dm-bio-list.h dm: bio_list macro renaming 2007-10-20 02:01:11 +01:00
dm-bio-record.h
dm-crypt.c dm crypt: fix ctx pending 2008-03-28 14:45:22 -07:00
dm-delay.c dm: bio_list macro renaming 2007-10-20 02:01:11 +01:00
dm-emc.c block: no need to initialize rq->cmd with blk_get_request 2008-04-29 14:48:55 +02:00
dm-exception-store.c dm: move include files 2008-04-25 13:26:55 +01:00
dm-hw-handler.c dm: use kzalloc 2007-10-20 02:01:07 +01:00
dm-hw-handler.h dm mpath: add retry pg init 2007-10-20 02:01:18 +01:00
dm-io.c dm: unplug queues in threads 2008-04-25 13:26:57 +01:00
dm-ioctl.c dm ioctl: use uninitialized_var 2008-02-08 02:10:16 +00:00
dm-kcopyd.c dm: unplug queues in threads 2008-04-25 13:26:57 +01:00
dm-linear.c [PATCH] dm: map and endio symbolic return codes 2006-12-08 08:29:09 -08:00
dm-log.c dm: move include files 2008-04-25 13:26:55 +01:00
dm-mpath-hp-sw.c block: no need to initialize rq->cmd with blk_get_request 2008-04-29 14:48:55 +02:00
dm-mpath-rdac.c block: no need to initialize rq->cmd with blk_get_request 2008-04-29 14:48:55 +02:00
dm-mpath.c dm mpath: add missing static 2008-02-08 02:10:35 +00:00
dm-mpath.h [PATCH] struct path: rename DM's struct path 2006-12-08 08:28:40 -08:00
dm-path-selector.c dm: use kzalloc 2007-10-20 02:01:07 +01:00
dm-path-selector.h [PATCH] struct path: rename DM's struct path 2006-12-08 08:28:40 -08:00
dm-raid1.c dm: unplug queues in threads 2008-04-25 13:26:57 +01:00
dm-round-robin.c dm: remove duplicate module name from error msgs 2007-07-12 15:01:08 -07:00
dm-snap.c dm: move include files 2008-04-25 13:26:55 +01:00
dm-snap.h dm kcopyd: clean interface 2008-04-25 13:26:44 +01:00
dm-stripe.c dm: stripe enhanced status return 2008-02-08 02:11:24 +00:00
dm-table.c dm: use unlocked variants of queue flag check/set 2008-04-29 10:21:12 -07:00
dm-target.c dm: use kzalloc 2007-10-20 02:01:07 +01:00
dm-uevent.c md: replace remaining __FUNCTION__ occurrences 2008-04-28 08:58:42 -07:00
dm-uevent.h dm: uevent generate events 2007-10-20 02:01:26 +01:00
dm-zero.c Drop 'size' argument from bio_endio and bi_end_io 2007-10-10 09:25:57 +02:00
dm.c dm: remove md argument from specific_minor 2008-04-25 13:27:02 +01:00
dm.h dm: expose macros 2008-04-25 13:26:53 +01:00
faulty.c md: change ITERATE_RDEV to rdev_for_each 2008-02-06 10:41:19 -08:00
Kconfig dm: targets no longer experimental 2008-02-08 02:10:32 +00:00
linear.c Remove blkdev warning triggered by using md 2008-05-14 19:11:15 -07:00
Makefile dm: move include files 2008-04-25 13:26:55 +01:00
md.c md: restart recovery cleanly after device failure. 2008-05-24 09:56:10 -07:00
mktables.c md: raid6: Fix mktable.c 2008-02-06 10:41:18 -08:00
multipath.c md: restart recovery cleanly after device failure. 2008-05-24 09:56:10 -07:00
raid0.c Remove blkdev warning triggered by using md 2008-05-14 19:11:15 -07:00
raid1.c md: restart recovery cleanly after device failure. 2008-05-24 09:56:10 -07:00
raid5.c md: restart recovery cleanly after device failure. 2008-05-24 09:56:10 -07:00
raid6.h
raid6algos.c drivers/md: use time_before, time_before_eq, etc 2008-04-28 08:58:42 -07:00
raid6altivec.uc
raid6int.uc
raid6mmx.c x86 merge fallout: uml 2007-10-29 07:41:32 -07:00
raid6recov.c
raid6sse1.c x86 merge fallout: uml 2007-10-29 07:41:32 -07:00
raid6sse2.c x86 merge fallout: uml 2007-10-29 07:41:32 -07:00
raid6x86.h x86 merge fallout: uml 2007-10-29 07:41:32 -07:00
raid10.c md: restart recovery cleanly after device failure. 2008-05-24 09:56:10 -07:00
unroll.pl