4 This file is part of DRBD by Philipp Reisner and Lars Ellenberg.
6 Copyright (C) 2001-2008, LINBIT Information Technologies GmbH.
7 Copyright (C) 1999-2008, Philipp Reisner <philipp.reisner@linbit.com>.
8 Copyright (C) 2002-2008, Lars Ellenberg <lars.ellenberg@linbit.com>.
10 Thanks to Carter Burden, Bart Grantham and Gennadiy Nerubayev
11 from Logicworks, Inc. for making SDP replication support possible.
13 drbd is free software; you can redistribute it and/or modify
14 it under the terms of the GNU General Public License as published by
15 the Free Software Foundation; either version 2, or (at your option)
18 drbd is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 GNU General Public License for more details.
23 You should have received a copy of the GNU General Public License
24 along with drbd; see the file COPYING. If not, write to
25 the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
28 #include <linux/drbd_limits.h>
33 extern void tl_abort_disk_io(struct drbd_conf *mdev);
35 struct after_state_chg_work {
39 enum chg_state_flags flags;
40 struct completion *done;
43 enum sanitize_state_warnings {
45 ABORTED_ONLINE_VERIFY,
47 CONNECTION_LOST_NEGOTIATING,
48 IMPLICITLY_UPGRADED_DISK,
49 IMPLICITLY_UPGRADED_PDSK,
52 static int w_after_state_ch(struct drbd_work *w, int unused);
53 static void after_state_ch(struct drbd_conf *mdev, union drbd_state os,
54 union drbd_state ns, enum chg_state_flags flags);
55 static enum drbd_state_rv is_valid_state(struct drbd_conf *, union drbd_state);
56 static enum drbd_state_rv is_valid_soft_transition(union drbd_state, union drbd_state, struct drbd_tconn *);
57 static enum drbd_state_rv is_valid_transition(union drbd_state os, union drbd_state ns);
58 static union drbd_state sanitize_state(struct drbd_conf *mdev, union drbd_state ns,
59 enum sanitize_state_warnings *warn);
61 static inline bool is_susp(union drbd_state s)
63 return s.susp || s.susp_nod || s.susp_fen;
66 bool conn_all_vols_unconf(struct drbd_tconn *tconn)
68 struct drbd_conf *mdev;
73 idr_for_each_entry(&tconn->volumes, mdev, vnr) {
74 if (mdev->state.disk != D_DISKLESS ||
75 mdev->state.conn != C_STANDALONE ||
76 mdev->state.role != R_SECONDARY) {
86 /* Unfortunately the states where not correctly ordered, when
87 they where defined. therefore can not use max_t() here. */
88 static enum drbd_role max_role(enum drbd_role role1, enum drbd_role role2)
90 if (role1 == R_PRIMARY || role2 == R_PRIMARY)
92 if (role1 == R_SECONDARY || role2 == R_SECONDARY)
96 static enum drbd_role min_role(enum drbd_role role1, enum drbd_role role2)
98 if (role1 == R_UNKNOWN || role2 == R_UNKNOWN)
100 if (role1 == R_SECONDARY || role2 == R_SECONDARY)
105 enum drbd_role conn_highest_role(struct drbd_tconn *tconn)
107 enum drbd_role role = R_UNKNOWN;
108 struct drbd_conf *mdev;
112 idr_for_each_entry(&tconn->volumes, mdev, vnr)
113 role = max_role(role, mdev->state.role);
119 enum drbd_role conn_highest_peer(struct drbd_tconn *tconn)
121 enum drbd_role peer = R_UNKNOWN;
122 struct drbd_conf *mdev;
126 idr_for_each_entry(&tconn->volumes, mdev, vnr)
127 peer = max_role(peer, mdev->state.peer);
133 enum drbd_disk_state conn_highest_disk(struct drbd_tconn *tconn)
135 enum drbd_disk_state ds = D_DISKLESS;
136 struct drbd_conf *mdev;
140 idr_for_each_entry(&tconn->volumes, mdev, vnr)
141 ds = max_t(enum drbd_disk_state, ds, mdev->state.disk);
147 enum drbd_disk_state conn_lowest_disk(struct drbd_tconn *tconn)
149 enum drbd_disk_state ds = D_MASK;
150 struct drbd_conf *mdev;
154 idr_for_each_entry(&tconn->volumes, mdev, vnr)
155 ds = min_t(enum drbd_disk_state, ds, mdev->state.disk);
161 enum drbd_disk_state conn_highest_pdsk(struct drbd_tconn *tconn)
163 enum drbd_disk_state ds = D_DISKLESS;
164 struct drbd_conf *mdev;
168 idr_for_each_entry(&tconn->volumes, mdev, vnr)
169 ds = max_t(enum drbd_disk_state, ds, mdev->state.pdsk);
175 enum drbd_conns conn_lowest_conn(struct drbd_tconn *tconn)
177 enum drbd_conns conn = C_MASK;
178 struct drbd_conf *mdev;
182 idr_for_each_entry(&tconn->volumes, mdev, vnr)
183 conn = min_t(enum drbd_conns, conn, mdev->state.conn);
189 static bool no_peer_wf_report_params(struct drbd_tconn *tconn)
191 struct drbd_conf *mdev;
196 idr_for_each_entry(&tconn->volumes, mdev, vnr)
197 if (mdev->state.conn == C_WF_REPORT_PARAMS) {
208 * cl_wide_st_chg() - true if the state change is a cluster wide one
209 * @mdev: DRBD device.
210 * @os: old (current) state.
211 * @ns: new (wanted) state.
213 static int cl_wide_st_chg(struct drbd_conf *mdev,
214 union drbd_state os, union drbd_state ns)
216 return (os.conn >= C_CONNECTED && ns.conn >= C_CONNECTED &&
217 ((os.role != R_PRIMARY && ns.role == R_PRIMARY) ||
218 (os.conn != C_STARTING_SYNC_T && ns.conn == C_STARTING_SYNC_T) ||
219 (os.conn != C_STARTING_SYNC_S && ns.conn == C_STARTING_SYNC_S) ||
220 (os.disk != D_FAILED && ns.disk == D_FAILED))) ||
221 (os.conn >= C_CONNECTED && ns.conn == C_DISCONNECTING) ||
222 (os.conn == C_CONNECTED && ns.conn == C_VERIFY_S) ||
223 (os.conn == C_CONNECTED && ns.conn == C_WF_REPORT_PARAMS);
226 static union drbd_state
227 apply_mask_val(union drbd_state os, union drbd_state mask, union drbd_state val)
230 ns.i = (os.i & ~mask.i) | val.i;
235 drbd_change_state(struct drbd_conf *mdev, enum chg_state_flags f,
236 union drbd_state mask, union drbd_state val)
240 enum drbd_state_rv rv;
242 spin_lock_irqsave(&mdev->tconn->req_lock, flags);
243 ns = apply_mask_val(drbd_read_state(mdev), mask, val);
244 rv = _drbd_set_state(mdev, ns, f, NULL);
245 spin_unlock_irqrestore(&mdev->tconn->req_lock, flags);
251 * drbd_force_state() - Impose a change which happens outside our control on our state
252 * @mdev: DRBD device.
253 * @mask: mask of state bits to change.
254 * @val: value of new state bits.
256 void drbd_force_state(struct drbd_conf *mdev,
257 union drbd_state mask, union drbd_state val)
259 drbd_change_state(mdev, CS_HARD, mask, val);
262 static enum drbd_state_rv
263 _req_st_cond(struct drbd_conf *mdev, union drbd_state mask,
264 union drbd_state val)
266 union drbd_state os, ns;
268 enum drbd_state_rv rv;
270 if (test_and_clear_bit(CL_ST_CHG_SUCCESS, &mdev->flags))
271 return SS_CW_SUCCESS;
273 if (test_and_clear_bit(CL_ST_CHG_FAIL, &mdev->flags))
274 return SS_CW_FAILED_BY_PEER;
276 spin_lock_irqsave(&mdev->tconn->req_lock, flags);
277 os = drbd_read_state(mdev);
278 ns = sanitize_state(mdev, apply_mask_val(os, mask, val), NULL);
279 rv = is_valid_transition(os, ns);
280 if (rv >= SS_SUCCESS)
281 rv = SS_UNKNOWN_ERROR; /* cont waiting, otherwise fail. */
283 if (!cl_wide_st_chg(mdev, os, ns))
285 if (rv == SS_UNKNOWN_ERROR) {
286 rv = is_valid_state(mdev, ns);
287 if (rv >= SS_SUCCESS) {
288 rv = is_valid_soft_transition(os, ns, mdev->tconn);
289 if (rv >= SS_SUCCESS)
290 rv = SS_UNKNOWN_ERROR; /* cont waiting, otherwise fail. */
293 spin_unlock_irqrestore(&mdev->tconn->req_lock, flags);
299 * drbd_req_state() - Perform an eventually cluster wide state change
300 * @mdev: DRBD device.
301 * @mask: mask of state bits to change.
302 * @val: value of new state bits.
305 * Should not be called directly, use drbd_request_state() or
306 * _drbd_request_state().
308 static enum drbd_state_rv
309 drbd_req_state(struct drbd_conf *mdev, union drbd_state mask,
310 union drbd_state val, enum chg_state_flags f)
312 struct completion done;
314 union drbd_state os, ns;
315 enum drbd_state_rv rv;
317 init_completion(&done);
319 if (f & CS_SERIALIZE)
320 mutex_lock(mdev->state_mutex);
322 spin_lock_irqsave(&mdev->tconn->req_lock, flags);
323 os = drbd_read_state(mdev);
324 ns = sanitize_state(mdev, apply_mask_val(os, mask, val), NULL);
325 rv = is_valid_transition(os, ns);
326 if (rv < SS_SUCCESS) {
327 spin_unlock_irqrestore(&mdev->tconn->req_lock, flags);
331 if (cl_wide_st_chg(mdev, os, ns)) {
332 rv = is_valid_state(mdev, ns);
333 if (rv == SS_SUCCESS)
334 rv = is_valid_soft_transition(os, ns, mdev->tconn);
335 spin_unlock_irqrestore(&mdev->tconn->req_lock, flags);
337 if (rv < SS_SUCCESS) {
339 print_st_err(mdev, os, ns, rv);
343 if (drbd_send_state_req(mdev, mask, val)) {
344 rv = SS_CW_FAILED_BY_PEER;
346 print_st_err(mdev, os, ns, rv);
350 wait_event(mdev->state_wait,
351 (rv = _req_st_cond(mdev, mask, val)));
353 if (rv < SS_SUCCESS) {
355 print_st_err(mdev, os, ns, rv);
358 spin_lock_irqsave(&mdev->tconn->req_lock, flags);
359 ns = apply_mask_val(drbd_read_state(mdev), mask, val);
360 rv = _drbd_set_state(mdev, ns, f, &done);
362 rv = _drbd_set_state(mdev, ns, f, &done);
365 spin_unlock_irqrestore(&mdev->tconn->req_lock, flags);
367 if (f & CS_WAIT_COMPLETE && rv == SS_SUCCESS) {
368 D_ASSERT(current != mdev->tconn->worker.task);
369 wait_for_completion(&done);
373 if (f & CS_SERIALIZE)
374 mutex_unlock(mdev->state_mutex);
380 * _drbd_request_state() - Request a state change (with flags)
381 * @mdev: DRBD device.
382 * @mask: mask of state bits to change.
383 * @val: value of new state bits.
386 * Cousin of drbd_request_state(), useful with the CS_WAIT_COMPLETE
387 * flag, or when logging of failed state change requests is not desired.
390 _drbd_request_state(struct drbd_conf *mdev, union drbd_state mask,
391 union drbd_state val, enum chg_state_flags f)
393 enum drbd_state_rv rv;
395 wait_event(mdev->state_wait,
396 (rv = drbd_req_state(mdev, mask, val, f)) != SS_IN_TRANSIENT_STATE);
401 static void print_st(struct drbd_conf *mdev, char *name, union drbd_state ns)
403 dev_err(DEV, " %s = { cs:%s ro:%s/%s ds:%s/%s %c%c%c%c%c%c }\n",
405 drbd_conn_str(ns.conn),
406 drbd_role_str(ns.role),
407 drbd_role_str(ns.peer),
408 drbd_disk_str(ns.disk),
409 drbd_disk_str(ns.pdsk),
410 is_susp(ns) ? 's' : 'r',
411 ns.aftr_isp ? 'a' : '-',
412 ns.peer_isp ? 'p' : '-',
413 ns.user_isp ? 'u' : '-',
414 ns.susp_fen ? 'F' : '-',
415 ns.susp_nod ? 'N' : '-'
419 void print_st_err(struct drbd_conf *mdev, union drbd_state os,
420 union drbd_state ns, enum drbd_state_rv err)
422 if (err == SS_IN_TRANSIENT_STATE)
424 dev_err(DEV, "State change failed: %s\n", drbd_set_st_err_str(err));
425 print_st(mdev, " state", os);
426 print_st(mdev, "wanted", ns);
429 static long print_state_change(char *pb, union drbd_state os, union drbd_state ns,
430 enum chg_state_flags flags)
436 if (ns.role != os.role && flags & CS_DC_ROLE)
437 pbp += sprintf(pbp, "role( %s -> %s ) ",
438 drbd_role_str(os.role),
439 drbd_role_str(ns.role));
440 if (ns.peer != os.peer && flags & CS_DC_PEER)
441 pbp += sprintf(pbp, "peer( %s -> %s ) ",
442 drbd_role_str(os.peer),
443 drbd_role_str(ns.peer));
444 if (ns.conn != os.conn && flags & CS_DC_CONN)
445 pbp += sprintf(pbp, "conn( %s -> %s ) ",
446 drbd_conn_str(os.conn),
447 drbd_conn_str(ns.conn));
448 if (ns.disk != os.disk && flags & CS_DC_DISK)
449 pbp += sprintf(pbp, "disk( %s -> %s ) ",
450 drbd_disk_str(os.disk),
451 drbd_disk_str(ns.disk));
452 if (ns.pdsk != os.pdsk && flags & CS_DC_PDSK)
453 pbp += sprintf(pbp, "pdsk( %s -> %s ) ",
454 drbd_disk_str(os.pdsk),
455 drbd_disk_str(ns.pdsk));
460 static void drbd_pr_state_change(struct drbd_conf *mdev, union drbd_state os, union drbd_state ns,
461 enum chg_state_flags flags)
466 pbp += print_state_change(pbp, os, ns, flags ^ CS_DC_MASK);
468 if (ns.aftr_isp != os.aftr_isp)
469 pbp += sprintf(pbp, "aftr_isp( %d -> %d ) ",
472 if (ns.peer_isp != os.peer_isp)
473 pbp += sprintf(pbp, "peer_isp( %d -> %d ) ",
476 if (ns.user_isp != os.user_isp)
477 pbp += sprintf(pbp, "user_isp( %d -> %d ) ",
482 dev_info(DEV, "%s\n", pb);
485 static void conn_pr_state_change(struct drbd_tconn *tconn, union drbd_state os, union drbd_state ns,
486 enum chg_state_flags flags)
491 pbp += print_state_change(pbp, os, ns, flags);
493 if (is_susp(ns) != is_susp(os) && flags & CS_DC_SUSP)
494 pbp += sprintf(pbp, "susp( %d -> %d ) ",
499 conn_info(tconn, "%s\n", pb);
504 * is_valid_state() - Returns an SS_ error code if ns is not valid
505 * @mdev: DRBD device.
506 * @ns: State to consider.
508 static enum drbd_state_rv
509 is_valid_state(struct drbd_conf *mdev, union drbd_state ns)
511 /* See drbd_state_sw_errors in drbd_strings.c */
513 enum drbd_fencing_p fp;
514 enum drbd_state_rv rv = SS_SUCCESS;
519 if (get_ldev(mdev)) {
520 fp = rcu_dereference(mdev->ldev->disk_conf)->fencing;
524 nc = rcu_dereference(mdev->tconn->net_conf);
526 if (!nc->two_primaries && ns.role == R_PRIMARY) {
527 if (ns.peer == R_PRIMARY)
528 rv = SS_TWO_PRIMARIES;
529 else if (conn_highest_peer(mdev->tconn) == R_PRIMARY)
530 rv = SS_O_VOL_PEER_PRI;
535 /* already found a reason to abort */;
536 else if (ns.role == R_SECONDARY && mdev->open_cnt)
537 rv = SS_DEVICE_IN_USE;
539 else if (ns.role == R_PRIMARY && ns.conn < C_CONNECTED && ns.disk < D_UP_TO_DATE)
540 rv = SS_NO_UP_TO_DATE_DISK;
542 else if (fp >= FP_RESOURCE &&
543 ns.role == R_PRIMARY && ns.conn < C_CONNECTED && ns.pdsk >= D_UNKNOWN)
546 else if (ns.role == R_PRIMARY && ns.disk <= D_INCONSISTENT && ns.pdsk <= D_INCONSISTENT)
547 rv = SS_NO_UP_TO_DATE_DISK;
549 else if (ns.conn > C_CONNECTED && ns.disk < D_INCONSISTENT)
550 rv = SS_NO_LOCAL_DISK;
552 else if (ns.conn > C_CONNECTED && ns.pdsk < D_INCONSISTENT)
553 rv = SS_NO_REMOTE_DISK;
555 else if (ns.conn > C_CONNECTED && ns.disk < D_UP_TO_DATE && ns.pdsk < D_UP_TO_DATE)
556 rv = SS_NO_UP_TO_DATE_DISK;
558 else if ((ns.conn == C_CONNECTED ||
559 ns.conn == C_WF_BITMAP_S ||
560 ns.conn == C_SYNC_SOURCE ||
561 ns.conn == C_PAUSED_SYNC_S) &&
562 ns.disk == D_OUTDATED)
563 rv = SS_CONNECTED_OUTDATES;
565 else if ((ns.conn == C_VERIFY_S || ns.conn == C_VERIFY_T) &&
566 (nc->verify_alg[0] == 0))
567 rv = SS_NO_VERIFY_ALG;
569 else if ((ns.conn == C_VERIFY_S || ns.conn == C_VERIFY_T) &&
570 mdev->tconn->agreed_pro_version < 88)
571 rv = SS_NOT_SUPPORTED;
573 else if (ns.role == R_PRIMARY && ns.disk < D_UP_TO_DATE && ns.pdsk < D_UP_TO_DATE)
574 rv = SS_NO_UP_TO_DATE_DISK;
576 else if ((ns.conn == C_STARTING_SYNC_S || ns.conn == C_STARTING_SYNC_T) &&
577 ns.pdsk == D_UNKNOWN)
578 rv = SS_NEED_CONNECTION;
580 else if (ns.conn >= C_CONNECTED && ns.pdsk == D_UNKNOWN)
581 rv = SS_CONNECTED_OUTDATES;
589 * is_valid_soft_transition() - Returns an SS_ error code if the state transition is not possible
590 * This function limits state transitions that may be declined by DRBD. I.e.
591 * user requests (aka soft transitions).
592 * @mdev: DRBD device.
596 static enum drbd_state_rv
597 is_valid_soft_transition(union drbd_state os, union drbd_state ns, struct drbd_tconn *tconn)
599 enum drbd_state_rv rv = SS_SUCCESS;
601 if ((ns.conn == C_STARTING_SYNC_T || ns.conn == C_STARTING_SYNC_S) &&
602 os.conn > C_CONNECTED)
603 rv = SS_RESYNC_RUNNING;
605 if (ns.conn == C_DISCONNECTING && os.conn == C_STANDALONE)
606 rv = SS_ALREADY_STANDALONE;
608 if (ns.disk > D_ATTACHING && os.disk == D_DISKLESS)
611 if (ns.conn == C_WF_CONNECTION && os.conn < C_UNCONNECTED)
612 rv = SS_NO_NET_CONFIG;
614 if (ns.disk == D_OUTDATED && os.disk < D_OUTDATED && os.disk != D_ATTACHING)
615 rv = SS_LOWER_THAN_OUTDATED;
617 if (ns.conn == C_DISCONNECTING && os.conn == C_UNCONNECTED)
618 rv = SS_IN_TRANSIENT_STATE;
620 /* if (ns.conn == os.conn && ns.conn == C_WF_REPORT_PARAMS)
621 rv = SS_IN_TRANSIENT_STATE; */
623 /* While establishing a connection only allow cstate to change.
624 Delay/refuse role changes, detach attach etc... */
625 if (test_bit(STATE_SENT, &tconn->flags) &&
626 !(os.conn == C_WF_REPORT_PARAMS ||
627 (ns.conn == C_WF_REPORT_PARAMS && os.conn == C_WF_CONNECTION)))
628 rv = SS_IN_TRANSIENT_STATE;
630 if ((ns.conn == C_VERIFY_S || ns.conn == C_VERIFY_T) && os.conn < C_CONNECTED)
631 rv = SS_NEED_CONNECTION;
633 if ((ns.conn == C_VERIFY_S || ns.conn == C_VERIFY_T) &&
634 ns.conn != os.conn && os.conn > C_CONNECTED)
635 rv = SS_RESYNC_RUNNING;
637 if ((ns.conn == C_STARTING_SYNC_S || ns.conn == C_STARTING_SYNC_T) &&
638 os.conn < C_CONNECTED)
639 rv = SS_NEED_CONNECTION;
641 if ((ns.conn == C_SYNC_TARGET || ns.conn == C_SYNC_SOURCE)
642 && os.conn < C_WF_REPORT_PARAMS)
643 rv = SS_NEED_CONNECTION; /* No NetworkFailure -> SyncTarget etc... */
645 if (ns.conn == C_DISCONNECTING && ns.pdsk == D_OUTDATED &&
646 os.conn < C_CONNECTED && os.pdsk > D_OUTDATED)
647 rv = SS_OUTDATE_WO_CONN;
652 static enum drbd_state_rv
653 is_valid_conn_transition(enum drbd_conns oc, enum drbd_conns nc)
655 /* no change -> nothing to do, at least for the connection part */
657 return SS_NOTHING_TO_DO;
659 /* disconnect of an unconfigured connection does not make sense */
660 if (oc == C_STANDALONE && nc == C_DISCONNECTING)
661 return SS_ALREADY_STANDALONE;
663 /* from C_STANDALONE, we start with C_UNCONNECTED */
664 if (oc == C_STANDALONE && nc != C_UNCONNECTED)
665 return SS_NEED_CONNECTION;
667 /* When establishing a connection we need to go through WF_REPORT_PARAMS!
668 Necessary to do the right thing upon invalidate-remote on a disconnected resource */
669 if (oc < C_WF_REPORT_PARAMS && nc >= C_CONNECTED)
670 return SS_NEED_CONNECTION;
672 /* After a network error only C_UNCONNECTED or C_DISCONNECTING may follow. */
673 if (oc >= C_TIMEOUT && oc <= C_TEAR_DOWN && nc != C_UNCONNECTED && nc != C_DISCONNECTING)
674 return SS_IN_TRANSIENT_STATE;
676 /* After C_DISCONNECTING only C_STANDALONE may follow */
677 if (oc == C_DISCONNECTING && nc != C_STANDALONE)
678 return SS_IN_TRANSIENT_STATE;
685 * is_valid_transition() - Returns an SS_ error code if the state transition is not possible
686 * This limits hard state transitions. Hard state transitions are facts there are
687 * imposed on DRBD by the environment. E.g. disk broke or network broke down.
688 * But those hard state transitions are still not allowed to do everything.
692 static enum drbd_state_rv
693 is_valid_transition(union drbd_state os, union drbd_state ns)
695 enum drbd_state_rv rv;
697 rv = is_valid_conn_transition(os.conn, ns.conn);
699 /* we cannot fail (again) if we already detached */
700 if (ns.disk == D_FAILED && os.disk == D_DISKLESS)
706 static void print_sanitize_warnings(struct drbd_conf *mdev, enum sanitize_state_warnings warn)
708 static const char *msg_table[] = {
710 [ABORTED_ONLINE_VERIFY] = "Online-verify aborted.",
711 [ABORTED_RESYNC] = "Resync aborted.",
712 [CONNECTION_LOST_NEGOTIATING] = "Connection lost while negotiating, no data!",
713 [IMPLICITLY_UPGRADED_DISK] = "Implicitly upgraded disk",
714 [IMPLICITLY_UPGRADED_PDSK] = "Implicitly upgraded pdsk",
717 if (warn != NO_WARNING)
718 dev_warn(DEV, "%s\n", msg_table[warn]);
722 * sanitize_state() - Resolves implicitly necessary additional changes to a state transition
723 * @mdev: DRBD device.
728 * When we loose connection, we have to set the state of the peers disk (pdsk)
729 * to D_UNKNOWN. This rule and many more along those lines are in this function.
731 static union drbd_state sanitize_state(struct drbd_conf *mdev, union drbd_state ns,
732 enum sanitize_state_warnings *warn)
734 enum drbd_fencing_p fp;
735 enum drbd_disk_state disk_min, disk_max, pdsk_min, pdsk_max;
741 if (get_ldev(mdev)) {
743 fp = rcu_dereference(mdev->ldev->disk_conf)->fencing;
748 /* Implications from connection to peer and peer_isp */
749 if (ns.conn < C_CONNECTED) {
752 if (ns.pdsk > D_UNKNOWN || ns.pdsk < D_INCONSISTENT)
756 /* Clear the aftr_isp when becoming unconfigured */
757 if (ns.conn == C_STANDALONE && ns.disk == D_DISKLESS && ns.role == R_SECONDARY)
760 /* An implication of the disk states onto the connection state */
761 /* Abort resync if a disk fails/detaches */
762 if (ns.conn > C_CONNECTED && (ns.disk <= D_FAILED || ns.pdsk <= D_FAILED)) {
764 *warn = ns.conn == C_VERIFY_S || ns.conn == C_VERIFY_T ?
765 ABORTED_ONLINE_VERIFY : ABORTED_RESYNC;
766 ns.conn = C_CONNECTED;
769 /* Connection breaks down before we finished "Negotiating" */
770 if (ns.conn < C_CONNECTED && ns.disk == D_NEGOTIATING &&
771 get_ldev_if_state(mdev, D_NEGOTIATING)) {
772 if (mdev->ed_uuid == mdev->ldev->md.uuid[UI_CURRENT]) {
773 ns.disk = mdev->new_state_tmp.disk;
774 ns.pdsk = mdev->new_state_tmp.pdsk;
777 *warn = CONNECTION_LOST_NEGOTIATING;
778 ns.disk = D_DISKLESS;
784 /* D_CONSISTENT and D_OUTDATED vanish when we get connected */
785 if (ns.conn >= C_CONNECTED && ns.conn < C_AHEAD) {
786 if (ns.disk == D_CONSISTENT || ns.disk == D_OUTDATED)
787 ns.disk = D_UP_TO_DATE;
788 if (ns.pdsk == D_CONSISTENT || ns.pdsk == D_OUTDATED)
789 ns.pdsk = D_UP_TO_DATE;
792 /* Implications of the connection stat on the disk states */
793 disk_min = D_DISKLESS;
794 disk_max = D_UP_TO_DATE;
795 pdsk_min = D_INCONSISTENT;
796 pdsk_max = D_UNKNOWN;
797 switch ((enum drbd_conns)ns.conn) {
799 case C_PAUSED_SYNC_T:
800 case C_STARTING_SYNC_T:
803 disk_min = D_INCONSISTENT;
804 disk_max = D_OUTDATED;
805 pdsk_min = D_UP_TO_DATE;
806 pdsk_max = D_UP_TO_DATE;
810 disk_min = D_UP_TO_DATE;
811 disk_max = D_UP_TO_DATE;
812 pdsk_min = D_UP_TO_DATE;
813 pdsk_max = D_UP_TO_DATE;
816 disk_min = D_DISKLESS;
817 disk_max = D_UP_TO_DATE;
818 pdsk_min = D_DISKLESS;
819 pdsk_max = D_UP_TO_DATE;
822 case C_PAUSED_SYNC_S:
823 case C_STARTING_SYNC_S:
825 disk_min = D_UP_TO_DATE;
826 disk_max = D_UP_TO_DATE;
827 pdsk_min = D_INCONSISTENT;
828 pdsk_max = D_CONSISTENT; /* D_OUTDATED would be nice. But explicit outdate necessary*/
831 disk_min = D_INCONSISTENT;
832 disk_max = D_INCONSISTENT;
833 pdsk_min = D_UP_TO_DATE;
834 pdsk_max = D_UP_TO_DATE;
837 disk_min = D_UP_TO_DATE;
838 disk_max = D_UP_TO_DATE;
839 pdsk_min = D_INCONSISTENT;
840 pdsk_max = D_INCONSISTENT;
843 case C_DISCONNECTING:
847 case C_NETWORK_FAILURE:
848 case C_PROTOCOL_ERROR:
850 case C_WF_CONNECTION:
851 case C_WF_REPORT_PARAMS:
855 if (ns.disk > disk_max)
858 if (ns.disk < disk_min) {
860 *warn = IMPLICITLY_UPGRADED_DISK;
863 if (ns.pdsk > pdsk_max)
866 if (ns.pdsk < pdsk_min) {
868 *warn = IMPLICITLY_UPGRADED_PDSK;
872 if (fp == FP_STONITH &&
873 (ns.role == R_PRIMARY && ns.conn < C_CONNECTED && ns.pdsk > D_OUTDATED))
874 ns.susp_fen = 1; /* Suspend IO while fence-peer handler runs (peer lost) */
876 if (mdev->tconn->res_opts.on_no_data == OND_SUSPEND_IO &&
877 (ns.role == R_PRIMARY && ns.disk < D_UP_TO_DATE && ns.pdsk < D_UP_TO_DATE))
878 ns.susp_nod = 1; /* Suspend IO while no data available (no accessible data available) */
880 if (ns.aftr_isp || ns.peer_isp || ns.user_isp) {
881 if (ns.conn == C_SYNC_SOURCE)
882 ns.conn = C_PAUSED_SYNC_S;
883 if (ns.conn == C_SYNC_TARGET)
884 ns.conn = C_PAUSED_SYNC_T;
886 if (ns.conn == C_PAUSED_SYNC_S)
887 ns.conn = C_SYNC_SOURCE;
888 if (ns.conn == C_PAUSED_SYNC_T)
889 ns.conn = C_SYNC_TARGET;
895 void drbd_resume_al(struct drbd_conf *mdev)
897 if (test_and_clear_bit(AL_SUSPENDED, &mdev->flags))
898 dev_info(DEV, "Resumed AL updates\n");
901 /* helper for __drbd_set_state */
902 static void set_ov_position(struct drbd_conf *mdev, enum drbd_conns cs)
904 if (mdev->tconn->agreed_pro_version < 90)
905 mdev->ov_start_sector = 0;
906 mdev->rs_total = drbd_bm_bits(mdev);
907 mdev->ov_position = 0;
908 if (cs == C_VERIFY_T) {
909 /* starting online verify from an arbitrary position
910 * does not fit well into the existing protocol.
911 * on C_VERIFY_T, we initialize ov_left and friends
912 * implicitly in receive_DataRequest once the
913 * first P_OV_REQUEST is received */
914 mdev->ov_start_sector = ~(sector_t)0;
916 unsigned long bit = BM_SECT_TO_BIT(mdev->ov_start_sector);
917 if (bit >= mdev->rs_total) {
918 mdev->ov_start_sector =
919 BM_BIT_TO_SECT(mdev->rs_total - 1);
922 mdev->rs_total -= bit;
923 mdev->ov_position = mdev->ov_start_sector;
925 mdev->ov_left = mdev->rs_total;
929 * __drbd_set_state() - Set a new DRBD state
930 * @mdev: DRBD device.
933 * @done: Optional completion, that will get completed after the after_state_ch() finished
935 * Caller needs to hold req_lock, and global_state_lock. Do not call directly.
938 __drbd_set_state(struct drbd_conf *mdev, union drbd_state ns,
939 enum chg_state_flags flags, struct completion *done)
942 enum drbd_state_rv rv = SS_SUCCESS;
943 enum sanitize_state_warnings ssw;
944 struct after_state_chg_work *ascw;
945 bool did_remote, should_do_remote;
947 os = drbd_read_state(mdev);
949 ns = sanitize_state(mdev, ns, &ssw);
951 return SS_NOTHING_TO_DO;
953 rv = is_valid_transition(os, ns);
957 if (!(flags & CS_HARD)) {
958 /* pre-state-change checks ; only look at ns */
959 /* See drbd_state_sw_errors in drbd_strings.c */
961 rv = is_valid_state(mdev, ns);
962 if (rv < SS_SUCCESS) {
963 /* If the old state was illegal as well, then let
966 if (is_valid_state(mdev, os) == rv)
967 rv = is_valid_soft_transition(os, ns, mdev->tconn);
969 rv = is_valid_soft_transition(os, ns, mdev->tconn);
972 if (rv < SS_SUCCESS) {
973 if (flags & CS_VERBOSE)
974 print_st_err(mdev, os, ns, rv);
978 print_sanitize_warnings(mdev, ssw);
980 drbd_pr_state_change(mdev, os, ns, flags);
982 /* Display changes to the susp* flags that where caused by the call to
983 sanitize_state(). Only display it here if we where not called from
984 _conn_request_state() */
985 if (!(flags & CS_DC_SUSP))
986 conn_pr_state_change(mdev->tconn, os, ns, (flags & ~CS_DC_MASK) | CS_DC_SUSP);
988 /* if we are going -> D_FAILED or D_DISKLESS, grab one extra reference
989 * on the ldev here, to be sure the transition -> D_DISKLESS resp.
990 * drbd_ldev_destroy() won't happen before our corresponding
991 * after_state_ch works run, where we put_ldev again. */
992 if ((os.disk != D_FAILED && ns.disk == D_FAILED) ||
993 (os.disk != D_DISKLESS && ns.disk == D_DISKLESS))
994 atomic_inc(&mdev->local_cnt);
996 did_remote = drbd_should_do_remote(mdev->state);
997 mdev->state.i = ns.i;
998 should_do_remote = drbd_should_do_remote(mdev->state);
999 mdev->tconn->susp = ns.susp;
1000 mdev->tconn->susp_nod = ns.susp_nod;
1001 mdev->tconn->susp_fen = ns.susp_fen;
1003 /* put replicated vs not-replicated requests in seperate epochs */
1004 if (did_remote != should_do_remote)
1005 start_new_tl_epoch(mdev->tconn);
1007 if (os.disk == D_ATTACHING && ns.disk >= D_NEGOTIATING)
1008 drbd_print_uuids(mdev, "attached to UUIDs");
1010 /* Wake up role changes, that were delayed because of connection establishing */
1011 if (os.conn == C_WF_REPORT_PARAMS && ns.conn != C_WF_REPORT_PARAMS &&
1012 no_peer_wf_report_params(mdev->tconn))
1013 clear_bit(STATE_SENT, &mdev->tconn->flags);
1015 wake_up(&mdev->misc_wait);
1016 wake_up(&mdev->state_wait);
1017 wake_up(&mdev->tconn->ping_wait);
1019 /* Aborted verify run, or we reached the stop sector.
1020 * Log the last position, unless end-of-device. */
1021 if ((os.conn == C_VERIFY_S || os.conn == C_VERIFY_T) &&
1022 ns.conn <= C_CONNECTED) {
1023 mdev->ov_start_sector =
1024 BM_BIT_TO_SECT(drbd_bm_bits(mdev) - mdev->ov_left);
1026 dev_info(DEV, "Online Verify reached sector %llu\n",
1027 (unsigned long long)mdev->ov_start_sector);
1030 if ((os.conn == C_PAUSED_SYNC_T || os.conn == C_PAUSED_SYNC_S) &&
1031 (ns.conn == C_SYNC_TARGET || ns.conn == C_SYNC_SOURCE)) {
1032 dev_info(DEV, "Syncer continues.\n");
1033 mdev->rs_paused += (long)jiffies
1034 -(long)mdev->rs_mark_time[mdev->rs_last_mark];
1035 if (ns.conn == C_SYNC_TARGET)
1036 mod_timer(&mdev->resync_timer, jiffies);
1039 if ((os.conn == C_SYNC_TARGET || os.conn == C_SYNC_SOURCE) &&
1040 (ns.conn == C_PAUSED_SYNC_T || ns.conn == C_PAUSED_SYNC_S)) {
1041 dev_info(DEV, "Resync suspended\n");
1042 mdev->rs_mark_time[mdev->rs_last_mark] = jiffies;
1045 if (os.conn == C_CONNECTED &&
1046 (ns.conn == C_VERIFY_S || ns.conn == C_VERIFY_T)) {
1047 unsigned long now = jiffies;
1050 set_ov_position(mdev, ns.conn);
1051 mdev->rs_start = now;
1052 mdev->rs_last_events = 0;
1053 mdev->rs_last_sect_ev = 0;
1054 mdev->ov_last_oos_size = 0;
1055 mdev->ov_last_oos_start = 0;
1057 for (i = 0; i < DRBD_SYNC_MARKS; i++) {
1058 mdev->rs_mark_left[i] = mdev->ov_left;
1059 mdev->rs_mark_time[i] = now;
1062 drbd_rs_controller_reset(mdev);
1064 if (ns.conn == C_VERIFY_S) {
1065 dev_info(DEV, "Starting Online Verify from sector %llu\n",
1066 (unsigned long long)mdev->ov_position);
1067 mod_timer(&mdev->resync_timer, jiffies);
1071 if (get_ldev(mdev)) {
1072 u32 mdf = mdev->ldev->md.flags & ~(MDF_CONSISTENT|MDF_PRIMARY_IND|
1073 MDF_CONNECTED_IND|MDF_WAS_UP_TO_DATE|
1074 MDF_PEER_OUT_DATED|MDF_CRASHED_PRIMARY);
1076 mdf &= ~MDF_AL_CLEAN;
1077 if (test_bit(CRASHED_PRIMARY, &mdev->flags))
1078 mdf |= MDF_CRASHED_PRIMARY;
1079 if (mdev->state.role == R_PRIMARY ||
1080 (mdev->state.pdsk < D_INCONSISTENT && mdev->state.peer == R_PRIMARY))
1081 mdf |= MDF_PRIMARY_IND;
1082 if (mdev->state.conn > C_WF_REPORT_PARAMS)
1083 mdf |= MDF_CONNECTED_IND;
1084 if (mdev->state.disk > D_INCONSISTENT)
1085 mdf |= MDF_CONSISTENT;
1086 if (mdev->state.disk > D_OUTDATED)
1087 mdf |= MDF_WAS_UP_TO_DATE;
1088 if (mdev->state.pdsk <= D_OUTDATED && mdev->state.pdsk >= D_INCONSISTENT)
1089 mdf |= MDF_PEER_OUT_DATED;
1090 if (mdf != mdev->ldev->md.flags) {
1091 mdev->ldev->md.flags = mdf;
1092 drbd_md_mark_dirty(mdev);
1094 if (os.disk < D_CONSISTENT && ns.disk >= D_CONSISTENT)
1095 drbd_set_ed_uuid(mdev, mdev->ldev->md.uuid[UI_CURRENT]);
1099 /* Peer was forced D_UP_TO_DATE & R_PRIMARY, consider to resync */
1100 if (os.disk == D_INCONSISTENT && os.pdsk == D_INCONSISTENT &&
1101 os.peer == R_SECONDARY && ns.peer == R_PRIMARY)
1102 set_bit(CONSIDER_RESYNC, &mdev->flags);
1104 /* Receiver should clean up itself */
1105 if (os.conn != C_DISCONNECTING && ns.conn == C_DISCONNECTING)
1106 drbd_thread_stop_nowait(&mdev->tconn->receiver);
1108 /* Now the receiver finished cleaning up itself, it should die */
1109 if (os.conn != C_STANDALONE && ns.conn == C_STANDALONE)
1110 drbd_thread_stop_nowait(&mdev->tconn->receiver);
1112 /* Upon network failure, we need to restart the receiver. */
1113 if (os.conn > C_WF_CONNECTION &&
1114 ns.conn <= C_TEAR_DOWN && ns.conn >= C_TIMEOUT)
1115 drbd_thread_restart_nowait(&mdev->tconn->receiver);
1117 /* Resume AL writing if we get a connection */
1118 if (os.conn < C_CONNECTED && ns.conn >= C_CONNECTED) {
1119 drbd_resume_al(mdev);
1120 mdev->tconn->connect_cnt++;
1123 /* remember last attach time so request_timer_fn() won't
1124 * kill newly established sessions while we are still trying to thaw
1125 * previously frozen IO */
1126 if ((os.disk == D_ATTACHING || os.disk == D_NEGOTIATING) &&
1127 ns.disk > D_NEGOTIATING)
1128 mdev->last_reattach_jif = jiffies;
1130 ascw = kmalloc(sizeof(*ascw), GFP_ATOMIC);
1134 ascw->flags = flags;
1135 ascw->w.cb = w_after_state_ch;
1136 ascw->w.mdev = mdev;
1138 drbd_queue_work(&mdev->tconn->sender_work, &ascw->w);
1140 dev_err(DEV, "Could not kmalloc an ascw\n");
1146 static int w_after_state_ch(struct drbd_work *w, int unused)
1148 struct after_state_chg_work *ascw =
1149 container_of(w, struct after_state_chg_work, w);
1150 struct drbd_conf *mdev = w->mdev;
1152 after_state_ch(mdev, ascw->os, ascw->ns, ascw->flags);
1153 if (ascw->flags & CS_WAIT_COMPLETE) {
1154 D_ASSERT(ascw->done != NULL);
1155 complete(ascw->done);
1162 static void abw_start_sync(struct drbd_conf *mdev, int rv)
1165 dev_err(DEV, "Writing the bitmap failed not starting resync.\n");
1166 _drbd_request_state(mdev, NS(conn, C_CONNECTED), CS_VERBOSE);
1170 switch (mdev->state.conn) {
1171 case C_STARTING_SYNC_T:
1172 _drbd_request_state(mdev, NS(conn, C_WF_SYNC_UUID), CS_VERBOSE);
1174 case C_STARTING_SYNC_S:
1175 drbd_start_resync(mdev, C_SYNC_SOURCE);
1180 int drbd_bitmap_io_from_worker(struct drbd_conf *mdev,
1181 int (*io_fn)(struct drbd_conf *),
1182 char *why, enum bm_flag flags)
1186 D_ASSERT(current == mdev->tconn->worker.task);
1188 /* open coded non-blocking drbd_suspend_io(mdev); */
1189 set_bit(SUSPEND_IO, &mdev->flags);
1191 drbd_bm_lock(mdev, why, flags);
1193 drbd_bm_unlock(mdev);
1195 drbd_resume_io(mdev);
1201 * after_state_ch() - Perform after state change actions that may sleep
1202 * @mdev: DRBD device.
1207 static void after_state_ch(struct drbd_conf *mdev, union drbd_state os,
1208 union drbd_state ns, enum chg_state_flags flags)
1210 struct sib_info sib;
1212 sib.sib_reason = SIB_STATE_CHANGE;
1216 if (os.conn != C_CONNECTED && ns.conn == C_CONNECTED) {
1217 clear_bit(CRASHED_PRIMARY, &mdev->flags);
1219 mdev->p_uuid[UI_FLAGS] &= ~((u64)2);
1222 /* Inform userspace about the change... */
1223 drbd_bcast_event(mdev, &sib);
1225 if (!(os.role == R_PRIMARY && os.disk < D_UP_TO_DATE && os.pdsk < D_UP_TO_DATE) &&
1226 (ns.role == R_PRIMARY && ns.disk < D_UP_TO_DATE && ns.pdsk < D_UP_TO_DATE))
1227 drbd_khelper(mdev, "pri-on-incon-degr");
1229 /* Here we have the actions that are performed after a
1230 state change. This function might sleep */
1233 struct drbd_tconn *tconn = mdev->tconn;
1234 enum drbd_req_event what = NOTHING;
1236 spin_lock_irq(&tconn->req_lock);
1237 if (os.conn < C_CONNECTED && conn_lowest_conn(tconn) >= C_CONNECTED)
1240 if ((os.disk == D_ATTACHING || os.disk == D_NEGOTIATING) &&
1241 conn_lowest_disk(tconn) > D_NEGOTIATING)
1242 what = RESTART_FROZEN_DISK_IO;
1244 if (tconn->susp_nod && what != NOTHING) {
1245 _tl_restart(tconn, what);
1246 _conn_request_state(tconn,
1247 (union drbd_state) { { .susp_nod = 1 } },
1248 (union drbd_state) { { .susp_nod = 0 } },
1251 spin_unlock_irq(&tconn->req_lock);
1255 struct drbd_tconn *tconn = mdev->tconn;
1257 spin_lock_irq(&tconn->req_lock);
1258 if (tconn->susp_fen && conn_lowest_conn(tconn) >= C_CONNECTED) {
1259 /* case2: The connection was established again: */
1260 struct drbd_conf *odev;
1264 idr_for_each_entry(&tconn->volumes, odev, vnr)
1265 clear_bit(NEW_CUR_UUID, &odev->flags);
1267 _tl_restart(tconn, RESEND);
1268 _conn_request_state(tconn,
1269 (union drbd_state) { { .susp_fen = 1 } },
1270 (union drbd_state) { { .susp_fen = 0 } },
1273 spin_unlock_irq(&tconn->req_lock);
1276 /* Became sync source. With protocol >= 96, we still need to send out
1277 * the sync uuid now. Need to do that before any drbd_send_state, or
1278 * the other side may go "paused sync" before receiving the sync uuids,
1279 * which is unexpected. */
1280 if ((os.conn != C_SYNC_SOURCE && os.conn != C_PAUSED_SYNC_S) &&
1281 (ns.conn == C_SYNC_SOURCE || ns.conn == C_PAUSED_SYNC_S) &&
1282 mdev->tconn->agreed_pro_version >= 96 && get_ldev(mdev)) {
1283 drbd_gen_and_send_sync_uuid(mdev);
1287 /* Do not change the order of the if above and the two below... */
1288 if (os.pdsk == D_DISKLESS &&
1289 ns.pdsk > D_DISKLESS && ns.pdsk != D_UNKNOWN) { /* attach on the peer */
1290 /* we probably will start a resync soon.
1291 * make sure those things are properly reset. */
1293 mdev->rs_failed = 0;
1294 atomic_set(&mdev->rs_pending_cnt, 0);
1295 drbd_rs_cancel_all(mdev);
1297 drbd_send_uuids(mdev);
1298 drbd_send_state(mdev, ns);
1300 /* No point in queuing send_bitmap if we don't have a connection
1301 * anymore, so check also the _current_ state, not only the new state
1302 * at the time this work was queued. */
1303 if (os.conn != C_WF_BITMAP_S && ns.conn == C_WF_BITMAP_S &&
1304 mdev->state.conn == C_WF_BITMAP_S)
1305 drbd_queue_bitmap_io(mdev, &drbd_send_bitmap, NULL,
1306 "send_bitmap (WFBitMapS)",
1307 BM_LOCKED_TEST_ALLOWED);
1309 /* Lost contact to peer's copy of the data */
1310 if ((os.pdsk >= D_INCONSISTENT &&
1311 os.pdsk != D_UNKNOWN &&
1312 os.pdsk != D_OUTDATED)
1313 && (ns.pdsk < D_INCONSISTENT ||
1314 ns.pdsk == D_UNKNOWN ||
1315 ns.pdsk == D_OUTDATED)) {
1316 if (get_ldev(mdev)) {
1317 if ((ns.role == R_PRIMARY || ns.peer == R_PRIMARY) &&
1318 mdev->ldev->md.uuid[UI_BITMAP] == 0 && ns.disk >= D_UP_TO_DATE) {
1319 if (drbd_suspended(mdev)) {
1320 set_bit(NEW_CUR_UUID, &mdev->flags);
1322 drbd_uuid_new_current(mdev);
1323 drbd_send_uuids(mdev);
1330 if (ns.pdsk < D_INCONSISTENT && get_ldev(mdev)) {
1331 if (os.peer == R_SECONDARY && ns.peer == R_PRIMARY &&
1332 mdev->ldev->md.uuid[UI_BITMAP] == 0 && ns.disk >= D_UP_TO_DATE) {
1333 drbd_uuid_new_current(mdev);
1334 drbd_send_uuids(mdev);
1336 /* D_DISKLESS Peer becomes secondary */
1337 if (os.peer == R_PRIMARY && ns.peer == R_SECONDARY)
1338 /* We may still be Primary ourselves.
1339 * No harm done if the bitmap still changes,
1340 * redirtied pages will follow later. */
1341 drbd_bitmap_io_from_worker(mdev, &drbd_bm_write,
1342 "demote diskless peer", BM_LOCKED_SET_ALLOWED);
1346 /* Write out all changed bits on demote.
1347 * Though, no need to da that just yet
1348 * if there is a resync going on still */
1349 if (os.role == R_PRIMARY && ns.role == R_SECONDARY &&
1350 mdev->state.conn <= C_CONNECTED && get_ldev(mdev)) {
1351 /* No changes to the bitmap expected this time, so assert that,
1352 * even though no harm was done if it did change. */
1353 drbd_bitmap_io_from_worker(mdev, &drbd_bm_write,
1354 "demote", BM_LOCKED_TEST_ALLOWED);
1358 /* Last part of the attaching process ... */
1359 if (ns.conn >= C_CONNECTED &&
1360 os.disk == D_ATTACHING && ns.disk == D_NEGOTIATING) {
1361 drbd_send_sizes(mdev, 0, 0); /* to start sync... */
1362 drbd_send_uuids(mdev);
1363 drbd_send_state(mdev, ns);
1366 /* We want to pause/continue resync, tell peer. */
1367 if (ns.conn >= C_CONNECTED &&
1368 ((os.aftr_isp != ns.aftr_isp) ||
1369 (os.user_isp != ns.user_isp)))
1370 drbd_send_state(mdev, ns);
1372 /* In case one of the isp bits got set, suspend other devices. */
1373 if ((!os.aftr_isp && !os.peer_isp && !os.user_isp) &&
1374 (ns.aftr_isp || ns.peer_isp || ns.user_isp))
1375 suspend_other_sg(mdev);
1377 /* Make sure the peer gets informed about eventual state
1378 changes (ISP bits) while we were in WFReportParams. */
1379 if (os.conn == C_WF_REPORT_PARAMS && ns.conn >= C_CONNECTED)
1380 drbd_send_state(mdev, ns);
1382 if (os.conn != C_AHEAD && ns.conn == C_AHEAD)
1383 drbd_send_state(mdev, ns);
1385 /* We are in the progress to start a full sync... */
1386 if ((os.conn != C_STARTING_SYNC_T && ns.conn == C_STARTING_SYNC_T) ||
1387 (os.conn != C_STARTING_SYNC_S && ns.conn == C_STARTING_SYNC_S))
1388 /* no other bitmap changes expected during this phase */
1389 drbd_queue_bitmap_io(mdev,
1390 &drbd_bmio_set_n_write, &abw_start_sync,
1391 "set_n_write from StartingSync", BM_LOCKED_TEST_ALLOWED);
1393 /* first half of local IO error, failure to attach,
1394 * or administrative detach */
1395 if (os.disk != D_FAILED && ns.disk == D_FAILED) {
1396 enum drbd_io_error_p eh = EP_PASS_ON;
1397 int was_io_error = 0;
1398 /* corresponding get_ldev was in __drbd_set_state, to serialize
1399 * our cleanup here with the transition to D_DISKLESS.
1400 * But is is still not save to dreference ldev here, since
1401 * we might come from an failed Attach before ldev was set. */
1404 eh = rcu_dereference(mdev->ldev->disk_conf)->on_io_error;
1407 was_io_error = test_and_clear_bit(WAS_IO_ERROR, &mdev->flags);
1409 if (was_io_error && eh == EP_CALL_HELPER)
1410 drbd_khelper(mdev, "local-io-error");
1412 /* Immediately allow completion of all application IO,
1413 * that waits for completion from the local disk,
1414 * if this was a force-detach due to disk_timeout
1415 * or administrator request (drbdsetup detach --force).
1416 * Do NOT abort otherwise.
1417 * Aborting local requests may cause serious problems,
1418 * if requests are completed to upper layers already,
1419 * and then later the already submitted local bio completes.
1420 * This can cause DMA into former bio pages that meanwhile
1421 * have been re-used for other things.
1422 * So aborting local requests may cause crashes,
1423 * or even worse, silent data corruption.
1425 if (test_and_clear_bit(FORCE_DETACH, &mdev->flags))
1426 tl_abort_disk_io(mdev);
1428 /* current state still has to be D_FAILED,
1429 * there is only one way out: to D_DISKLESS,
1430 * and that may only happen after our put_ldev below. */
1431 if (mdev->state.disk != D_FAILED)
1433 "ASSERT FAILED: disk is %s during detach\n",
1434 drbd_disk_str(mdev->state.disk));
1436 if (ns.conn >= C_CONNECTED)
1437 drbd_send_state(mdev, ns);
1439 drbd_rs_cancel_all(mdev);
1441 /* In case we want to get something to stable storage still,
1442 * this may be the last chance.
1443 * Following put_ldev may transition to D_DISKLESS. */
1449 /* second half of local IO error, failure to attach,
1450 * or administrative detach,
1451 * after local_cnt references have reached zero again */
1452 if (os.disk != D_DISKLESS && ns.disk == D_DISKLESS) {
1453 /* We must still be diskless,
1454 * re-attach has to be serialized with this! */
1455 if (mdev->state.disk != D_DISKLESS)
1457 "ASSERT FAILED: disk is %s while going diskless\n",
1458 drbd_disk_str(mdev->state.disk));
1460 if (ns.conn >= C_CONNECTED)
1461 drbd_send_state(mdev, ns);
1462 /* corresponding get_ldev in __drbd_set_state
1463 * this may finally trigger drbd_ldev_destroy. */
1467 /* Notify peer that I had a local IO error, and did not detached.. */
1468 if (os.disk == D_UP_TO_DATE && ns.disk == D_INCONSISTENT && ns.conn >= C_CONNECTED)
1469 drbd_send_state(mdev, ns);
1471 /* Disks got bigger while they were detached */
1472 if (ns.disk > D_NEGOTIATING && ns.pdsk > D_NEGOTIATING &&
1473 test_and_clear_bit(RESYNC_AFTER_NEG, &mdev->flags)) {
1474 if (ns.conn == C_CONNECTED)
1475 resync_after_online_grow(mdev);
1478 /* A resync finished or aborted, wake paused devices... */
1479 if ((os.conn > C_CONNECTED && ns.conn <= C_CONNECTED) ||
1480 (os.peer_isp && !ns.peer_isp) ||
1481 (os.user_isp && !ns.user_isp))
1482 resume_next_sg(mdev);
1484 /* sync target done with resync. Explicitly notify peer, even though
1485 * it should (at least for non-empty resyncs) already know itself. */
1486 if (os.disk < D_UP_TO_DATE && os.conn >= C_SYNC_SOURCE && ns.conn == C_CONNECTED)
1487 drbd_send_state(mdev, ns);
1489 /* Verify finished, or reached stop sector. Peer did not know about
1490 * the stop sector, and we may even have changed the stop sector during
1491 * verify to interrupt/stop early. Send the new state. */
1492 if (os.conn == C_VERIFY_S && ns.conn == C_CONNECTED
1493 && verify_can_do_stop_sector(mdev))
1494 drbd_send_state(mdev, ns);
1496 /* This triggers bitmap writeout of potentially still unwritten pages
1497 * if the resync finished cleanly, or aborted because of peer disk
1498 * failure, or because of connection loss.
1499 * For resync aborted because of local disk failure, we cannot do
1500 * any bitmap writeout anymore.
1501 * No harm done if some bits change during this phase.
1503 if (os.conn > C_CONNECTED && ns.conn <= C_CONNECTED && get_ldev(mdev)) {
1504 drbd_queue_bitmap_io(mdev, &drbd_bm_write_copy_pages, NULL,
1505 "write from resync_finished", BM_LOCKED_CHANGE_ALLOWED);
1509 if (ns.disk == D_DISKLESS &&
1510 ns.conn == C_STANDALONE &&
1511 ns.role == R_SECONDARY) {
1512 if (os.aftr_isp != ns.aftr_isp)
1513 resume_next_sg(mdev);
1519 struct after_conn_state_chg_work {
1522 union drbd_state ns_min;
1523 union drbd_state ns_max; /* new, max state, over all mdevs */
1524 enum chg_state_flags flags;
1527 static int w_after_conn_state_ch(struct drbd_work *w, int unused)
1529 struct after_conn_state_chg_work *acscw =
1530 container_of(w, struct after_conn_state_chg_work, w);
1531 struct drbd_tconn *tconn = w->tconn;
1532 enum drbd_conns oc = acscw->oc;
1533 union drbd_state ns_max = acscw->ns_max;
1534 struct drbd_conf *mdev;
1539 /* Upon network configuration, we need to start the receiver */
1540 if (oc == C_STANDALONE && ns_max.conn == C_UNCONNECTED)
1541 drbd_thread_start(&tconn->receiver);
1543 if (oc == C_DISCONNECTING && ns_max.conn == C_STANDALONE) {
1544 struct net_conf *old_conf;
1546 mutex_lock(&tconn->conf_update);
1547 old_conf = tconn->net_conf;
1548 tconn->my_addr_len = 0;
1549 tconn->peer_addr_len = 0;
1550 rcu_assign_pointer(tconn->net_conf, NULL);
1551 conn_free_crypto(tconn);
1552 mutex_unlock(&tconn->conf_update);
1558 if (ns_max.susp_fen) {
1559 /* case1: The outdate peer handler is successful: */
1560 if (ns_max.pdsk <= D_OUTDATED) {
1562 idr_for_each_entry(&tconn->volumes, mdev, vnr) {
1563 if (test_bit(NEW_CUR_UUID, &mdev->flags)) {
1564 drbd_uuid_new_current(mdev);
1565 clear_bit(NEW_CUR_UUID, &mdev->flags);
1569 spin_lock_irq(&tconn->req_lock);
1570 _tl_restart(tconn, CONNECTION_LOST_WHILE_PENDING);
1571 _conn_request_state(tconn,
1572 (union drbd_state) { { .susp_fen = 1 } },
1573 (union drbd_state) { { .susp_fen = 0 } },
1575 spin_unlock_irq(&tconn->req_lock);
1578 kref_put(&tconn->kref, &conn_destroy);
1580 conn_md_sync(tconn);
1585 void conn_old_common_state(struct drbd_tconn *tconn, union drbd_state *pcs, enum chg_state_flags *pf)
1587 enum chg_state_flags flags = ~0;
1588 struct drbd_conf *mdev;
1589 int vnr, first_vol = 1;
1590 union drbd_dev_state os, cs = {
1591 { .role = R_SECONDARY,
1593 .conn = tconn->cstate,
1599 idr_for_each_entry(&tconn->volumes, mdev, vnr) {
1608 if (cs.role != os.role)
1609 flags &= ~CS_DC_ROLE;
1611 if (cs.peer != os.peer)
1612 flags &= ~CS_DC_PEER;
1614 if (cs.conn != os.conn)
1615 flags &= ~CS_DC_CONN;
1617 if (cs.disk != os.disk)
1618 flags &= ~CS_DC_DISK;
1620 if (cs.pdsk != os.pdsk)
1621 flags &= ~CS_DC_PDSK;
1630 static enum drbd_state_rv
1631 conn_is_valid_transition(struct drbd_tconn *tconn, union drbd_state mask, union drbd_state val,
1632 enum chg_state_flags flags)
1634 enum drbd_state_rv rv = SS_SUCCESS;
1635 union drbd_state ns, os;
1636 struct drbd_conf *mdev;
1640 idr_for_each_entry(&tconn->volumes, mdev, vnr) {
1641 os = drbd_read_state(mdev);
1642 ns = sanitize_state(mdev, apply_mask_val(os, mask, val), NULL);
1644 if (flags & CS_IGN_OUTD_FAIL && ns.disk == D_OUTDATED && os.disk < D_OUTDATED)
1650 rv = is_valid_transition(os, ns);
1651 if (rv < SS_SUCCESS)
1654 if (!(flags & CS_HARD)) {
1655 rv = is_valid_state(mdev, ns);
1656 if (rv < SS_SUCCESS) {
1657 if (is_valid_state(mdev, os) == rv)
1658 rv = is_valid_soft_transition(os, ns, tconn);
1660 rv = is_valid_soft_transition(os, ns, tconn);
1662 if (rv < SS_SUCCESS)
1667 if (rv < SS_SUCCESS && flags & CS_VERBOSE)
1668 print_st_err(mdev, os, ns, rv);
1674 conn_set_state(struct drbd_tconn *tconn, union drbd_state mask, union drbd_state val,
1675 union drbd_state *pns_min, union drbd_state *pns_max, enum chg_state_flags flags)
1677 union drbd_state ns, os, ns_max = { };
1678 union drbd_state ns_min = {
1685 struct drbd_conf *mdev;
1686 enum drbd_state_rv rv;
1687 int vnr, number_of_volumes = 0;
1689 if (mask.conn == C_MASK) {
1690 /* remember last connect time so request_timer_fn() won't
1691 * kill newly established sessions while we are still trying to thaw
1692 * previously frozen IO */
1693 if (tconn->cstate != C_WF_REPORT_PARAMS && val.conn == C_WF_REPORT_PARAMS)
1694 tconn->last_reconnect_jif = jiffies;
1696 tconn->cstate = val.conn;
1700 idr_for_each_entry(&tconn->volumes, mdev, vnr) {
1701 number_of_volumes++;
1702 os = drbd_read_state(mdev);
1703 ns = apply_mask_val(os, mask, val);
1704 ns = sanitize_state(mdev, ns, NULL);
1706 if (flags & CS_IGN_OUTD_FAIL && ns.disk == D_OUTDATED && os.disk < D_OUTDATED)
1709 rv = __drbd_set_state(mdev, ns, flags, NULL);
1710 if (rv < SS_SUCCESS)
1713 ns.i = mdev->state.i;
1714 ns_max.role = max_role(ns.role, ns_max.role);
1715 ns_max.peer = max_role(ns.peer, ns_max.peer);
1716 ns_max.conn = max_t(enum drbd_conns, ns.conn, ns_max.conn);
1717 ns_max.disk = max_t(enum drbd_disk_state, ns.disk, ns_max.disk);
1718 ns_max.pdsk = max_t(enum drbd_disk_state, ns.pdsk, ns_max.pdsk);
1720 ns_min.role = min_role(ns.role, ns_min.role);
1721 ns_min.peer = min_role(ns.peer, ns_min.peer);
1722 ns_min.conn = min_t(enum drbd_conns, ns.conn, ns_min.conn);
1723 ns_min.disk = min_t(enum drbd_disk_state, ns.disk, ns_min.disk);
1724 ns_min.pdsk = min_t(enum drbd_disk_state, ns.pdsk, ns_min.pdsk);
1728 if (number_of_volumes == 0) {
1729 ns_min = ns_max = (union drbd_state) { {
1730 .role = R_SECONDARY,
1738 ns_min.susp = ns_max.susp = tconn->susp;
1739 ns_min.susp_nod = ns_max.susp_nod = tconn->susp_nod;
1740 ns_min.susp_fen = ns_max.susp_fen = tconn->susp_fen;
1746 static enum drbd_state_rv
1747 _conn_rq_cond(struct drbd_tconn *tconn, union drbd_state mask, union drbd_state val)
1749 enum drbd_state_rv rv;
1751 if (test_and_clear_bit(CONN_WD_ST_CHG_OKAY, &tconn->flags))
1752 return SS_CW_SUCCESS;
1754 if (test_and_clear_bit(CONN_WD_ST_CHG_FAIL, &tconn->flags))
1755 return SS_CW_FAILED_BY_PEER;
1757 rv = conn_is_valid_transition(tconn, mask, val, 0);
1758 if (rv == SS_SUCCESS && tconn->cstate == C_WF_REPORT_PARAMS)
1759 rv = SS_UNKNOWN_ERROR; /* continue waiting */
1765 _conn_request_state(struct drbd_tconn *tconn, union drbd_state mask, union drbd_state val,
1766 enum chg_state_flags flags)
1768 enum drbd_state_rv rv = SS_SUCCESS;
1769 struct after_conn_state_chg_work *acscw;
1770 enum drbd_conns oc = tconn->cstate;
1771 union drbd_state ns_max, ns_min, os;
1772 bool have_mutex = false;
1775 rv = is_valid_conn_transition(oc, val.conn);
1776 if (rv < SS_SUCCESS)
1780 rv = conn_is_valid_transition(tconn, mask, val, flags);
1781 if (rv < SS_SUCCESS)
1784 if (oc == C_WF_REPORT_PARAMS && val.conn == C_DISCONNECTING &&
1785 !(flags & (CS_LOCAL_ONLY | CS_HARD))) {
1787 /* This will be a cluster-wide state change.
1788 * Need to give up the spinlock, grab the mutex,
1789 * then send the state change request, ... */
1790 spin_unlock_irq(&tconn->req_lock);
1791 mutex_lock(&tconn->cstate_mutex);
1794 set_bit(CONN_WD_ST_CHG_REQ, &tconn->flags);
1795 if (conn_send_state_req(tconn, mask, val)) {
1796 /* sending failed. */
1797 clear_bit(CONN_WD_ST_CHG_REQ, &tconn->flags);
1798 rv = SS_CW_FAILED_BY_PEER;
1799 /* need to re-aquire the spin lock, though */
1800 goto abort_unlocked;
1803 if (val.conn == C_DISCONNECTING)
1804 set_bit(DISCONNECT_SENT, &tconn->flags);
1806 /* ... and re-aquire the spinlock.
1807 * If _conn_rq_cond() returned >= SS_SUCCESS, we must call
1808 * conn_set_state() within the same spinlock. */
1809 spin_lock_irq(&tconn->req_lock);
1810 wait_event_lock_irq(tconn->ping_wait,
1811 (rv = _conn_rq_cond(tconn, mask, val)),
1813 clear_bit(CONN_WD_ST_CHG_REQ, &tconn->flags);
1814 if (rv < SS_SUCCESS)
1818 conn_old_common_state(tconn, &os, &flags);
1819 flags |= CS_DC_SUSP;
1820 conn_set_state(tconn, mask, val, &ns_min, &ns_max, flags);
1821 conn_pr_state_change(tconn, os, ns_max, flags);
1823 acscw = kmalloc(sizeof(*acscw), GFP_ATOMIC);
1825 acscw->oc = os.conn;
1826 acscw->ns_min = ns_min;
1827 acscw->ns_max = ns_max;
1828 acscw->flags = flags;
1829 acscw->w.cb = w_after_conn_state_ch;
1830 kref_get(&tconn->kref);
1831 acscw->w.tconn = tconn;
1832 drbd_queue_work(&tconn->sender_work, &acscw->w);
1834 conn_err(tconn, "Could not kmalloc an acscw\n");
1839 /* mutex_unlock() "... must not be used in interrupt context.",
1840 * so give up the spinlock, then re-aquire it */
1841 spin_unlock_irq(&tconn->req_lock);
1843 mutex_unlock(&tconn->cstate_mutex);
1844 spin_lock_irq(&tconn->req_lock);
1846 if (rv < SS_SUCCESS && flags & CS_VERBOSE) {
1847 conn_err(tconn, "State change failed: %s\n", drbd_set_st_err_str(rv));
1848 conn_err(tconn, " mask = 0x%x val = 0x%x\n", mask.i, val.i);
1849 conn_err(tconn, " old_conn:%s wanted_conn:%s\n", drbd_conn_str(oc), drbd_conn_str(val.conn));
1855 conn_request_state(struct drbd_tconn *tconn, union drbd_state mask, union drbd_state val,
1856 enum chg_state_flags flags)
1858 enum drbd_state_rv rv;
1860 spin_lock_irq(&tconn->req_lock);
1861 rv = _conn_request_state(tconn, mask, val, flags);
1862 spin_unlock_irq(&tconn->req_lock);