1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21/*
22 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright (c) 2011, 2019 by Delphix. All rights reserved.
24 * Copyright 2015 Nexenta Systems, Inc.  All rights reserved.
25 * Copyright (c) 2014 Spectra Logic Corporation, All rights reserved.
26 * Copyright 2013 Saso Kiselkov. All rights reserved.
27 * Copyright (c) 2014 Integros [integros.com]
28 * Copyright (c) 2017 Datto Inc.
29 * Copyright (c) 2017, Intel Corporation.
30 */
31
32#include <sys/zfs_context.h>
33#include <sys/spa_impl.h>
34#include <sys/spa_boot.h>
35#include <sys/zio.h>
36#include <sys/zio_checksum.h>
37#include <sys/zio_compress.h>
38#include <sys/dmu.h>
39#include <sys/dmu_tx.h>
40#include <sys/zap.h>
41#include <sys/zil.h>
42#include <sys/vdev_impl.h>
43#include <sys/vdev_initialize.h>
44#include <sys/vdev_trim.h>
45#include <sys/metaslab.h>
46#include <sys/uberblock_impl.h>
47#include <sys/txg.h>
48#include <sys/avl.h>
49#include <sys/unique.h>
50#include <sys/dsl_pool.h>
51#include <sys/dsl_dir.h>
52#include <sys/dsl_prop.h>
53#include <sys/dsl_scan.h>
54#include <sys/fs/zfs.h>
55#include <sys/metaslab_impl.h>
56#include <sys/arc.h>
57#include <sys/ddt.h>
58#include "zfs_prop.h"
59#include <sys/btree.h>
60#include <sys/zfeature.h>
61
62/*
63 * SPA locking
64 *
65 * There are three basic locks for managing spa_t structures:
66 *
67 * spa_namespace_lock (global mutex)
68 *
69 *	This lock must be acquired to do any of the following:
70 *
71 *		- Lookup a spa_t by name
72 *		- Add or remove a spa_t from the namespace
73 *		- Increase spa_refcount from non-zero
74 *		- Check if spa_refcount is zero
75 *		- Rename a spa_t
76 *		- add/remove/attach/detach devices
77 *		- Held for the duration of create/destroy/import/export
78 *
79 *	It does not need to handle recursion.  A create or destroy may
80 *	reference objects (files or zvols) in other pools, but by
81 *	definition they must have an existing reference, and will never need
82 *	to lookup a spa_t by name.
83 *
84 * spa_refcount (per-spa zfs_refcount_t protected by mutex)
85 *
86 *	This reference count keep track of any active users of the spa_t.  The
87 *	spa_t cannot be destroyed or freed while this is non-zero.  Internally,
88 *	the refcount is never really 'zero' - opening a pool implicitly keeps
89 *	some references in the DMU.  Internally we check against spa_minref, but
90 *	present the image of a zero/non-zero value to consumers.
91 *
92 * spa_config_lock[] (per-spa array of rwlocks)
93 *
94 *	This protects the spa_t from config changes, and must be held in
95 *	the following circumstances:
96 *
97 *		- RW_READER to perform I/O to the spa
98 *		- RW_WRITER to change the vdev config
99 *
100 * The locking order is fairly straightforward:
101 *
102 *		spa_namespace_lock	->	spa_refcount
103 *
104 *	The namespace lock must be acquired to increase the refcount from 0
105 *	or to check if it is zero.
106 *
107 *		spa_refcount		->	spa_config_lock[]
108 *
109 *	There must be at least one valid reference on the spa_t to acquire
110 *	the config lock.
111 *
112 *		spa_namespace_lock	->	spa_config_lock[]
113 *
114 *	The namespace lock must always be taken before the config lock.
115 *
116 *
117 * The spa_namespace_lock can be acquired directly and is globally visible.
118 *
119 * The namespace is manipulated using the following functions, all of which
120 * require the spa_namespace_lock to be held.
121 *
122 *	spa_lookup()		Lookup a spa_t by name.
123 *
124 *	spa_add()		Create a new spa_t in the namespace.
125 *
126 *	spa_remove()		Remove a spa_t from the namespace.  This also
127 *				frees up any memory associated with the spa_t.
128 *
129 *	spa_next()		Returns the next spa_t in the system, or the
130 *				first if NULL is passed.
131 *
132 *	spa_evict_all()		Shutdown and remove all spa_t structures in
133 *				the system.
134 *
135 *	spa_guid_exists()	Determine whether a pool/device guid exists.
136 *
137 * The spa_refcount is manipulated using the following functions:
138 *
139 *	spa_open_ref()		Adds a reference to the given spa_t.  Must be
140 *				called with spa_namespace_lock held if the
141 *				refcount is currently zero.
142 *
143 *	spa_close()		Remove a reference from the spa_t.  This will
144 *				not free the spa_t or remove it from the
145 *				namespace.  No locking is required.
146 *
147 *	spa_refcount_zero()	Returns true if the refcount is currently
148 *				zero.  Must be called with spa_namespace_lock
149 *				held.
150 *
151 * The spa_config_lock[] is an array of rwlocks, ordered as follows:
152 * SCL_CONFIG > SCL_STATE > SCL_ALLOC > SCL_ZIO > SCL_FREE > SCL_VDEV.
153 * spa_config_lock[] is manipulated with spa_config_{enter,exit,held}().
154 *
155 * To read the configuration, it suffices to hold one of these locks as reader.
156 * To modify the configuration, you must hold all locks as writer.  To modify
157 * vdev state without altering the vdev tree's topology (e.g. online/offline),
158 * you must hold SCL_STATE and SCL_ZIO as writer.
159 *
160 * We use these distinct config locks to avoid recursive lock entry.
161 * For example, spa_sync() (which holds SCL_CONFIG as reader) induces
162 * block allocations (SCL_ALLOC), which may require reading space maps
163 * from disk (dmu_read() -> zio_read() -> SCL_ZIO).
164 *
165 * The spa config locks cannot be normal rwlocks because we need the
166 * ability to hand off ownership.  For example, SCL_ZIO is acquired
167 * by the issuing thread and later released by an interrupt thread.
168 * They do, however, obey the usual write-wanted semantics to prevent
169 * writer (i.e. system administrator) starvation.
170 *
171 * The lock acquisition rules are as follows:
172 *
173 * SCL_CONFIG
174 *	Protects changes to the vdev tree topology, such as vdev
175 *	add/remove/attach/detach.  Protects the dirty config list
176 *	(spa_config_dirty_list) and the set of spares and l2arc devices.
177 *
178 * SCL_STATE
179 *	Protects changes to pool state and vdev state, such as vdev
180 *	online/offline/fault/degrade/clear.  Protects the dirty state list
181 *	(spa_state_dirty_list) and global pool state (spa_state).
182 *
183 * SCL_ALLOC
184 *	Protects changes to metaslab groups and classes.
185 *	Held as reader by metaslab_alloc() and metaslab_claim().
186 *
187 * SCL_ZIO
188 *	Held by bp-level zios (those which have no io_vd upon entry)
189 *	to prevent changes to the vdev tree.  The bp-level zio implicitly
190 *	protects all of its vdev child zios, which do not hold SCL_ZIO.
191 *
192 * SCL_FREE
193 *	Protects changes to metaslab groups and classes.
194 *	Held as reader by metaslab_free().  SCL_FREE is distinct from
195 *	SCL_ALLOC, and lower than SCL_ZIO, so that we can safely free
196 *	blocks in zio_done() while another i/o that holds either
197 *	SCL_ALLOC or SCL_ZIO is waiting for this i/o to complete.
198 *
199 * SCL_VDEV
200 *	Held as reader to prevent changes to the vdev tree during trivial
201 *	inquiries such as bp_get_dsize().  SCL_VDEV is distinct from the
202 *	other locks, and lower than all of them, to ensure that it's safe
203 *	to acquire regardless of caller context.
204 *
205 * In addition, the following rules apply:
206 *
207 * (a)	spa_props_lock protects pool properties, spa_config and spa_config_list.
208 *	The lock ordering is SCL_CONFIG > spa_props_lock.
209 *
210 * (b)	I/O operations on leaf vdevs.  For any zio operation that takes
211 *	an explicit vdev_t argument -- such as zio_ioctl(), zio_read_phys(),
212 *	or zio_write_phys() -- the caller must ensure that the config cannot
213 *	cannot change in the interim, and that the vdev cannot be reopened.
214 *	SCL_STATE as reader suffices for both.
215 *
216 * The vdev configuration is protected by spa_vdev_enter() / spa_vdev_exit().
217 *
218 *	spa_vdev_enter()	Acquire the namespace lock and the config lock
219 *				for writing.
220 *
221 *	spa_vdev_exit()		Release the config lock, wait for all I/O
222 *				to complete, sync the updated configs to the
223 *				cache, and release the namespace lock.
224 *
225 * vdev state is protected by spa_vdev_state_enter() / spa_vdev_state_exit().
226 * Like spa_vdev_enter/exit, these are convenience wrappers -- the actual
227 * locking is, always, based on spa_namespace_lock and spa_config_lock[].
228 */
229
230static avl_tree_t spa_namespace_avl;
231kmutex_t spa_namespace_lock;
232static kcondvar_t spa_namespace_cv;
233static int spa_active_count;
234int spa_max_replication_override = SPA_DVAS_PER_BP;
235
236static kmutex_t spa_spare_lock;
237static avl_tree_t spa_spare_avl;
238static kmutex_t spa_l2cache_lock;
239static avl_tree_t spa_l2cache_avl;
240
241kmem_cache_t *spa_buffer_pool;
242int spa_mode_global;
243
244#ifdef ZFS_DEBUG
245/*
246 * Everything except dprintf, spa, and indirect_remap is on by default
247 * in debug builds.
248 */
249int zfs_flags = ~(ZFS_DEBUG_DPRINTF | ZFS_DEBUG_INDIRECT_REMAP);
250#else
251int zfs_flags = 0;
252#endif
253
254/*
255 * zfs_recover can be set to nonzero to attempt to recover from
256 * otherwise-fatal errors, typically caused by on-disk corruption.  When
257 * set, calls to zfs_panic_recover() will turn into warning messages.
258 * This should only be used as a last resort, as it typically results
259 * in leaked space, or worse.
260 */
261boolean_t zfs_recover = B_FALSE;
262
263/*
264 * If destroy encounters an EIO while reading metadata (e.g. indirect
265 * blocks), space referenced by the missing metadata can not be freed.
266 * Normally this causes the background destroy to become "stalled", as
267 * it is unable to make forward progress.  While in this stalled state,
268 * all remaining space to free from the error-encountering filesystem is
269 * "temporarily leaked".  Set this flag to cause it to ignore the EIO,
270 * permanently leak the space from indirect blocks that can not be read,
271 * and continue to free everything else that it can.
272 *
273 * The default, "stalling" behavior is useful if the storage partially
274 * fails (i.e. some but not all i/os fail), and then later recovers.  In
275 * this case, we will be able to continue pool operations while it is
276 * partially failed, and when it recovers, we can continue to free the
277 * space, with no leaks.  However, note that this case is actually
278 * fairly rare.
279 *
280 * Typically pools either (a) fail completely (but perhaps temporarily,
281 * e.g. a top-level vdev going offline), or (b) have localized,
282 * permanent errors (e.g. disk returns the wrong data due to bit flip or
283 * firmware bug).  In case (a), this setting does not matter because the
284 * pool will be suspended and the sync thread will not be able to make
285 * forward progress regardless.  In case (b), because the error is
286 * permanent, the best we can do is leak the minimum amount of space,
287 * which is what setting this flag will do.  Therefore, it is reasonable
288 * for this flag to normally be set, but we chose the more conservative
289 * approach of not setting it, so that there is no possibility of
290 * leaking space in the "partial temporary" failure case.
291 */
292boolean_t zfs_free_leak_on_eio = B_FALSE;
293
294/*
295 * Expiration time in milliseconds. This value has two meanings. First it is
296 * used to determine when the spa_deadman() logic should fire. By default the
297 * spa_deadman() will fire if spa_sync() has not completed in 1000 seconds.
298 * Secondly, the value determines if an I/O is considered "hung". Any I/O that
299 * has not completed in zfs_deadman_synctime_ms is considered "hung" resulting
300 * in a system panic.
301 */
302uint64_t zfs_deadman_synctime_ms = 1000000ULL;
303
304/*
305 * Check time in milliseconds. This defines the frequency at which we check
306 * for hung I/O.
307 */
308uint64_t zfs_deadman_checktime_ms = 5000ULL;
309
310/*
311 * Override the zfs deadman behavior via /etc/system. By default the
312 * deadman is enabled except on VMware and sparc deployments.
313 */
314int zfs_deadman_enabled = -1;
315
316/*
317 * The worst case is single-sector max-parity RAID-Z blocks, in which
318 * case the space requirement is exactly (VDEV_RAIDZ_MAXPARITY + 1)
319 * times the size; so just assume that.  Add to this the fact that
320 * we can have up to 3 DVAs per bp, and one more factor of 2 because
321 * the block may be dittoed with up to 3 DVAs by ddt_sync().  All together,
322 * the worst case is:
323 *     (VDEV_RAIDZ_MAXPARITY + 1) * SPA_DVAS_PER_BP * 2 == 24
324 */
325int spa_asize_inflation = 24;
326
327/*
328 * Normally, we don't allow the last 3.2% (1/(2^spa_slop_shift)) of space in
329 * the pool to be consumed.  This ensures that we don't run the pool
330 * completely out of space, due to unaccounted changes (e.g. to the MOS).
331 * It also limits the worst-case time to allocate space.  If we have
332 * less than this amount of free space, most ZPL operations (e.g. write,
333 * create) will return ENOSPC.
334 *
335 * Certain operations (e.g. file removal, most administrative actions) can
336 * use half the slop space.  They will only return ENOSPC if less than half
337 * the slop space is free.  Typically, once the pool has less than the slop
338 * space free, the user will use these operations to free up space in the pool.
339 * These are the operations that call dsl_pool_adjustedsize() with the netfree
340 * argument set to TRUE.
341 *
342 * Operations that are almost guaranteed to free up space in the absence of
343 * a pool checkpoint can use up to three quarters of the slop space
344 * (e.g zfs destroy).
345 *
346 * A very restricted set of operations are always permitted, regardless of
347 * the amount of free space.  These are the operations that call
348 * dsl_sync_task(ZFS_SPACE_CHECK_NONE). If these operations result in a net
349 * increase in the amount of space used, it is possible to run the pool
350 * completely out of space, causing it to be permanently read-only.
351 *
352 * Note that on very small pools, the slop space will be larger than
353 * 3.2%, in an effort to have it be at least spa_min_slop (128MB),
354 * but we never allow it to be more than half the pool size.
355 *
356 * See also the comments in zfs_space_check_t.
357 */
358int spa_slop_shift = 5;
359uint64_t spa_min_slop = 128 * 1024 * 1024;
360
361int spa_allocators = 4;
362
363/*PRINTFLIKE2*/
364void
365spa_load_failed(spa_t *spa, const char *fmt, ...)
366{
367	va_list adx;
368	char buf[256];
369
370	va_start(adx, fmt);
371	(void) vsnprintf(buf, sizeof (buf), fmt, adx);
372	va_end(adx);
373
374	zfs_dbgmsg("spa_load(%s, config %s): FAILED: %s", spa->spa_name,
375	    spa->spa_trust_config ? "trusted" : "untrusted", buf);
376}
377
378/*PRINTFLIKE2*/
379void
380spa_load_note(spa_t *spa, const char *fmt, ...)
381{
382	va_list adx;
383	char buf[256];
384
385	va_start(adx, fmt);
386	(void) vsnprintf(buf, sizeof (buf), fmt, adx);
387	va_end(adx);
388
389	zfs_dbgmsg("spa_load(%s, config %s): %s", spa->spa_name,
390	    spa->spa_trust_config ? "trusted" : "untrusted", buf);
391}
392
393/*
394 * By default dedup and user data indirects land in the special class
395 */
396int zfs_ddt_data_is_special = B_TRUE;
397int zfs_user_indirect_is_special = B_TRUE;
398
399/*
400 * The percentage of special class final space reserved for metadata only.
401 * Once we allocate 100 - zfs_special_class_metadata_reserve_pct we only
402 * let metadata into the class.
403 */
404int zfs_special_class_metadata_reserve_pct = 25;
405
406/*
407 * ==========================================================================
408 * SPA config locking
409 * ==========================================================================
410 */
411static void
412spa_config_lock_init(spa_t *spa)
413{
414	for (int i = 0; i < SCL_LOCKS; i++) {
415		spa_config_lock_t *scl = &spa->spa_config_lock[i];
416		mutex_init(&scl->scl_lock, NULL, MUTEX_DEFAULT, NULL);
417		cv_init(&scl->scl_cv, NULL, CV_DEFAULT, NULL);
418		zfs_refcount_create_untracked(&scl->scl_count);
419		scl->scl_writer = NULL;
420		scl->scl_write_wanted = 0;
421	}
422}
423
424static void
425spa_config_lock_destroy(spa_t *spa)
426{
427	for (int i = 0; i < SCL_LOCKS; i++) {
428		spa_config_lock_t *scl = &spa->spa_config_lock[i];
429		mutex_destroy(&scl->scl_lock);
430		cv_destroy(&scl->scl_cv);
431		zfs_refcount_destroy(&scl->scl_count);
432		ASSERT(scl->scl_writer == NULL);
433		ASSERT(scl->scl_write_wanted == 0);
434	}
435}
436
437int
438spa_config_tryenter(spa_t *spa, int locks, void *tag, krw_t rw)
439{
440	for (int i = 0; i < SCL_LOCKS; i++) {
441		spa_config_lock_t *scl = &spa->spa_config_lock[i];
442		if (!(locks & (1 << i)))
443			continue;
444		mutex_enter(&scl->scl_lock);
445		if (rw == RW_READER) {
446			if (scl->scl_writer || scl->scl_write_wanted) {
447				mutex_exit(&scl->scl_lock);
448				spa_config_exit(spa, locks & ((1 << i) - 1),
449				    tag);
450				return (0);
451			}
452		} else {
453			ASSERT(scl->scl_writer != curthread);
454			if (!zfs_refcount_is_zero(&scl->scl_count)) {
455				mutex_exit(&scl->scl_lock);
456				spa_config_exit(spa, locks & ((1 << i) - 1),
457				    tag);
458				return (0);
459			}
460			scl->scl_writer = curthread;
461		}
462		(void) zfs_refcount_add(&scl->scl_count, tag);
463		mutex_exit(&scl->scl_lock);
464	}
465	return (1);
466}
467
468void
469spa_config_enter(spa_t *spa, int locks, void *tag, krw_t rw)
470{
471	int wlocks_held = 0;
472
473	ASSERT3U(SCL_LOCKS, <, sizeof (wlocks_held) * NBBY);
474
475	for (int i = 0; i < SCL_LOCKS; i++) {
476		spa_config_lock_t *scl = &spa->spa_config_lock[i];
477		if (scl->scl_writer == curthread)
478			wlocks_held |= (1 << i);
479		if (!(locks & (1 << i)))
480			continue;
481		mutex_enter(&scl->scl_lock);
482		if (rw == RW_READER) {
483			while (scl->scl_writer || scl->scl_write_wanted) {
484				cv_wait(&scl->scl_cv, &scl->scl_lock);
485			}
486		} else {
487			ASSERT(scl->scl_writer != curthread);
488			while (!zfs_refcount_is_zero(&scl->scl_count)) {
489				scl->scl_write_wanted++;
490				cv_wait(&scl->scl_cv, &scl->scl_lock);
491				scl->scl_write_wanted--;
492			}
493			scl->scl_writer = curthread;
494		}
495		(void) zfs_refcount_add(&scl->scl_count, tag);
496		mutex_exit(&scl->scl_lock);
497	}
498	ASSERT3U(wlocks_held, <=, locks);
499}
500
501void
502spa_config_exit(spa_t *spa, int locks, void *tag)
503{
504	for (int i = SCL_LOCKS - 1; i >= 0; i--) {
505		spa_config_lock_t *scl = &spa->spa_config_lock[i];
506		if (!(locks & (1 << i)))
507			continue;
508		mutex_enter(&scl->scl_lock);
509		ASSERT(!zfs_refcount_is_zero(&scl->scl_count));
510		if (zfs_refcount_remove(&scl->scl_count, tag) == 0) {
511			ASSERT(scl->scl_writer == NULL ||
512			    scl->scl_writer == curthread);
513			scl->scl_writer = NULL;	/* OK in either case */
514			cv_broadcast(&scl->scl_cv);
515		}
516		mutex_exit(&scl->scl_lock);
517	}
518}
519
520int
521spa_config_held(spa_t *spa, int locks, krw_t rw)
522{
523	int locks_held = 0;
524
525	for (int i = 0; i < SCL_LOCKS; i++) {
526		spa_config_lock_t *scl = &spa->spa_config_lock[i];
527		if (!(locks & (1 << i)))
528			continue;
529		if ((rw == RW_READER &&
530		    !zfs_refcount_is_zero(&scl->scl_count)) ||
531		    (rw == RW_WRITER && scl->scl_writer == curthread))
532			locks_held |= 1 << i;
533	}
534
535	return (locks_held);
536}
537
538/*
539 * ==========================================================================
540 * SPA namespace functions
541 * ==========================================================================
542 */
543
544/*
545 * Lookup the named spa_t in the AVL tree.  The spa_namespace_lock must be held.
546 * Returns NULL if no matching spa_t is found.
547 */
548spa_t *
549spa_lookup(const char *name)
550{
551	static spa_t search;	/* spa_t is large; don't allocate on stack */
552	spa_t *spa;
553	avl_index_t where;
554	char *cp;
555
556	ASSERT(MUTEX_HELD(&spa_namespace_lock));
557
558	(void) strlcpy(search.spa_name, name, sizeof (search.spa_name));
559
560	/*
561	 * If it's a full dataset name, figure out the pool name and
562	 * just use that.
563	 */
564	cp = strpbrk(search.spa_name, "/@#");
565	if (cp != NULL)
566		*cp = '\0';
567
568	spa = avl_find(&spa_namespace_avl, &search, &where);
569
570	return (spa);
571}
572
573/*
574 * Fires when spa_sync has not completed within zfs_deadman_synctime_ms.
575 * If the zfs_deadman_enabled flag is set then it inspects all vdev queues
576 * looking for potentially hung I/Os.
577 */
578void
579spa_deadman(void *arg)
580{
581	spa_t *spa = arg;
582
583	/*
584	 * Disable the deadman timer if the pool is suspended.
585	 */
586	if (spa_suspended(spa)) {
587		VERIFY(cyclic_reprogram(spa->spa_deadman_cycid, CY_INFINITY));
588		return;
589	}
590
591	zfs_dbgmsg("slow spa_sync: started %llu seconds ago, calls %llu",
592	    (gethrtime() - spa->spa_sync_starttime) / NANOSEC,
593	    ++spa->spa_deadman_calls);
594	if (zfs_deadman_enabled)
595		vdev_deadman(spa->spa_root_vdev);
596}
597
598int
599spa_log_sm_sort_by_txg(const void *va, const void *vb)
600{
601	const spa_log_sm_t *a = va;
602	const spa_log_sm_t *b = vb;
603
604	return (TREE_CMP(a->sls_txg, b->sls_txg));
605}
606
607/*
608 * Create an uninitialized spa_t with the given name.  Requires
609 * spa_namespace_lock.  The caller must ensure that the spa_t doesn't already
610 * exist by calling spa_lookup() first.
611 */
612spa_t *
613spa_add(const char *name, nvlist_t *config, const char *altroot)
614{
615	spa_t *spa;
616	spa_config_dirent_t *dp;
617	cyc_handler_t hdlr;
618	cyc_time_t when;
619
620	ASSERT(MUTEX_HELD(&spa_namespace_lock));
621
622	spa = kmem_zalloc(sizeof (spa_t), KM_SLEEP);
623
624	mutex_init(&spa->spa_async_lock, NULL, MUTEX_DEFAULT, NULL);
625	mutex_init(&spa->spa_errlist_lock, NULL, MUTEX_DEFAULT, NULL);
626	mutex_init(&spa->spa_errlog_lock, NULL, MUTEX_DEFAULT, NULL);
627	mutex_init(&spa->spa_evicting_os_lock, NULL, MUTEX_DEFAULT, NULL);
628	mutex_init(&spa->spa_history_lock, NULL, MUTEX_DEFAULT, NULL);
629	mutex_init(&spa->spa_proc_lock, NULL, MUTEX_DEFAULT, NULL);
630	mutex_init(&spa->spa_props_lock, NULL, MUTEX_DEFAULT, NULL);
631	mutex_init(&spa->spa_cksum_tmpls_lock, NULL, MUTEX_DEFAULT, NULL);
632	mutex_init(&spa->spa_scrub_lock, NULL, MUTEX_DEFAULT, NULL);
633	mutex_init(&spa->spa_suspend_lock, NULL, MUTEX_DEFAULT, NULL);
634	mutex_init(&spa->spa_vdev_top_lock, NULL, MUTEX_DEFAULT, NULL);
635	mutex_init(&spa->spa_iokstat_lock, NULL, MUTEX_DEFAULT, NULL);
636	mutex_init(&spa->spa_flushed_ms_lock, NULL, MUTEX_DEFAULT, NULL);
637
638	cv_init(&spa->spa_async_cv, NULL, CV_DEFAULT, NULL);
639	cv_init(&spa->spa_evicting_os_cv, NULL, CV_DEFAULT, NULL);
640	cv_init(&spa->spa_proc_cv, NULL, CV_DEFAULT, NULL);
641	cv_init(&spa->spa_scrub_io_cv, NULL, CV_DEFAULT, NULL);
642	cv_init(&spa->spa_suspend_cv, NULL, CV_DEFAULT, NULL);
643
644	for (int t = 0; t < TXG_SIZE; t++)
645		bplist_create(&spa->spa_free_bplist[t]);
646
647	(void) strlcpy(spa->spa_name, name, sizeof (spa->spa_name));
648	spa->spa_state = POOL_STATE_UNINITIALIZED;
649	spa->spa_freeze_txg = UINT64_MAX;
650	spa->spa_final_txg = UINT64_MAX;
651	spa->spa_load_max_txg = UINT64_MAX;
652	spa->spa_proc = &p0;
653	spa->spa_proc_state = SPA_PROC_NONE;
654	spa->spa_trust_config = B_TRUE;
655
656	hdlr.cyh_func = spa_deadman;
657	hdlr.cyh_arg = spa;
658	hdlr.cyh_level = CY_LOW_LEVEL;
659
660	spa->spa_deadman_synctime = MSEC2NSEC(zfs_deadman_synctime_ms);
661
662	/*
663	 * This determines how often we need to check for hung I/Os after
664	 * the cyclic has already fired. Since checking for hung I/Os is
665	 * an expensive operation we don't want to check too frequently.
666	 * Instead wait for 5 seconds before checking again.
667	 */
668	when.cyt_interval = MSEC2NSEC(zfs_deadman_checktime_ms);
669	when.cyt_when = CY_INFINITY;
670	mutex_enter(&cpu_lock);
671	spa->spa_deadman_cycid = cyclic_add(&hdlr, &when);
672	mutex_exit(&cpu_lock);
673
674	zfs_refcount_create(&spa->spa_refcount);
675	spa_config_lock_init(spa);
676
677	avl_add(&spa_namespace_avl, spa);
678
679	/*
680	 * Set the alternate root, if there is one.
681	 */
682	if (altroot) {
683		spa->spa_root = spa_strdup(altroot);
684		spa_active_count++;
685	}
686
687	spa->spa_alloc_count = spa_allocators;
688	spa->spa_alloc_locks = kmem_zalloc(spa->spa_alloc_count *
689	    sizeof (kmutex_t), KM_SLEEP);
690	spa->spa_alloc_trees = kmem_zalloc(spa->spa_alloc_count *
691	    sizeof (avl_tree_t), KM_SLEEP);
692	for (int i = 0; i < spa->spa_alloc_count; i++) {
693		mutex_init(&spa->spa_alloc_locks[i], NULL, MUTEX_DEFAULT, NULL);
694		avl_create(&spa->spa_alloc_trees[i], zio_bookmark_compare,
695		    sizeof (zio_t), offsetof(zio_t, io_alloc_node));
696	}
697	avl_create(&spa->spa_metaslabs_by_flushed, metaslab_sort_by_flushed,
698	    sizeof (metaslab_t), offsetof(metaslab_t, ms_spa_txg_node));
699	avl_create(&spa->spa_sm_logs_by_txg, spa_log_sm_sort_by_txg,
700	    sizeof (spa_log_sm_t), offsetof(spa_log_sm_t, sls_node));
701	list_create(&spa->spa_log_summary, sizeof (log_summary_entry_t),
702	    offsetof(log_summary_entry_t, lse_node));
703
704	/*
705	 * Every pool starts with the default cachefile
706	 */
707	list_create(&spa->spa_config_list, sizeof (spa_config_dirent_t),
708	    offsetof(spa_config_dirent_t, scd_link));
709
710	dp = kmem_zalloc(sizeof (spa_config_dirent_t), KM_SLEEP);
711	dp->scd_path = altroot ? NULL : spa_strdup(spa_config_path);
712	list_insert_head(&spa->spa_config_list, dp);
713
714	VERIFY(nvlist_alloc(&spa->spa_load_info, NV_UNIQUE_NAME,
715	    KM_SLEEP) == 0);
716
717	if (config != NULL) {
718		nvlist_t *features;
719
720		if (nvlist_lookup_nvlist(config, ZPOOL_CONFIG_FEATURES_FOR_READ,
721		    &features) == 0) {
722			VERIFY(nvlist_dup(features, &spa->spa_label_features,
723			    0) == 0);
724		}
725
726		VERIFY(nvlist_dup(config, &spa->spa_config, 0) == 0);
727	}
728
729	if (spa->spa_label_features == NULL) {
730		VERIFY(nvlist_alloc(&spa->spa_label_features, NV_UNIQUE_NAME,
731		    KM_SLEEP) == 0);
732	}
733
734	spa->spa_iokstat = kstat_create("zfs", 0, name,
735	    "disk", KSTAT_TYPE_IO, 1, 0);
736	if (spa->spa_iokstat) {
737		spa->spa_iokstat->ks_lock = &spa->spa_iokstat_lock;
738		kstat_install(spa->spa_iokstat);
739	}
740
741	spa->spa_min_ashift = INT_MAX;
742	spa->spa_max_ashift = 0;
743
744	/*
745	 * As a pool is being created, treat all features as disabled by
746	 * setting SPA_FEATURE_DISABLED for all entries in the feature
747	 * refcount cache.
748	 */
749	for (int i = 0; i < SPA_FEATURES; i++) {
750		spa->spa_feat_refcount_cache[i] = SPA_FEATURE_DISABLED;
751	}
752
753	list_create(&spa->spa_leaf_list, sizeof (vdev_t),
754	    offsetof(vdev_t, vdev_leaf_node));
755
756	return (spa);
757}
758
759/*
760 * Removes a spa_t from the namespace, freeing up any memory used.  Requires
761 * spa_namespace_lock.  This is called only after the spa_t has been closed and
762 * deactivated.
763 */
764void
765spa_remove(spa_t *spa)
766{
767	spa_config_dirent_t *dp;
768
769	ASSERT(MUTEX_HELD(&spa_namespace_lock));
770	ASSERT(spa_state(spa) == POOL_STATE_UNINITIALIZED);
771	ASSERT3U(zfs_refcount_count(&spa->spa_refcount), ==, 0);
772
773	nvlist_free(spa->spa_config_splitting);
774
775	avl_remove(&spa_namespace_avl, spa);
776	cv_broadcast(&spa_namespace_cv);
777
778	if (spa->spa_root) {
779		spa_strfree(spa->spa_root);
780		spa_active_count--;
781	}
782
783	while ((dp = list_head(&spa->spa_config_list)) != NULL) {
784		list_remove(&spa->spa_config_list, dp);
785		if (dp->scd_path != NULL)
786			spa_strfree(dp->scd_path);
787		kmem_free(dp, sizeof (spa_config_dirent_t));
788	}
789
790	for (int i = 0; i < spa->spa_alloc_count; i++) {
791		avl_destroy(&spa->spa_alloc_trees[i]);
792		mutex_destroy(&spa->spa_alloc_locks[i]);
793	}
794	kmem_free(spa->spa_alloc_locks, spa->spa_alloc_count *
795	    sizeof (kmutex_t));
796	kmem_free(spa->spa_alloc_trees, spa->spa_alloc_count *
797	    sizeof (avl_tree_t));
798
799	avl_destroy(&spa->spa_metaslabs_by_flushed);
800	avl_destroy(&spa->spa_sm_logs_by_txg);
801	list_destroy(&spa->spa_log_summary);
802	list_destroy(&spa->spa_config_list);
803	list_destroy(&spa->spa_leaf_list);
804
805	nvlist_free(spa->spa_label_features);
806	nvlist_free(spa->spa_load_info);
807	spa_config_set(spa, NULL);
808
809	mutex_enter(&cpu_lock);
810	if (spa->spa_deadman_cycid != CYCLIC_NONE)
811		cyclic_remove(spa->spa_deadman_cycid);
812	mutex_exit(&cpu_lock);
813	spa->spa_deadman_cycid = CYCLIC_NONE;
814
815	zfs_refcount_destroy(&spa->spa_refcount);
816
817	spa_config_lock_destroy(spa);
818
819	kstat_delete(spa->spa_iokstat);
820	spa->spa_iokstat = NULL;
821
822	for (int t = 0; t < TXG_SIZE; t++)
823		bplist_destroy(&spa->spa_free_bplist[t]);
824
825	zio_checksum_templates_free(spa);
826
827	cv_destroy(&spa->spa_async_cv);
828	cv_destroy(&spa->spa_evicting_os_cv);
829	cv_destroy(&spa->spa_proc_cv);
830	cv_destroy(&spa->spa_scrub_io_cv);
831	cv_destroy(&spa->spa_suspend_cv);
832
833	mutex_destroy(&spa->spa_flushed_ms_lock);
834	mutex_destroy(&spa->spa_async_lock);
835	mutex_destroy(&spa->spa_errlist_lock);
836	mutex_destroy(&spa->spa_errlog_lock);
837	mutex_destroy(&spa->spa_evicting_os_lock);
838	mutex_destroy(&spa->spa_history_lock);
839	mutex_destroy(&spa->spa_proc_lock);
840	mutex_destroy(&spa->spa_props_lock);
841	mutex_destroy(&spa->spa_cksum_tmpls_lock);
842	mutex_destroy(&spa->spa_scrub_lock);
843	mutex_destroy(&spa->spa_suspend_lock);
844	mutex_destroy(&spa->spa_vdev_top_lock);
845	mutex_destroy(&spa->spa_iokstat_lock);
846
847	kmem_free(spa, sizeof (spa_t));
848}
849
850/*
851 * Given a pool, return the next pool in the namespace, or NULL if there is
852 * none.  If 'prev' is NULL, return the first pool.
853 */
854spa_t *
855spa_next(spa_t *prev)
856{
857	ASSERT(MUTEX_HELD(&spa_namespace_lock));
858
859	if (prev)
860		return (AVL_NEXT(&spa_namespace_avl, prev));
861	else
862		return (avl_first(&spa_namespace_avl));
863}
864
865/*
866 * ==========================================================================
867 * SPA refcount functions
868 * ==========================================================================
869 */
870
871/*
872 * Add a reference to the given spa_t.  Must have at least one reference, or
873 * have the namespace lock held.
874 */
875void
876spa_open_ref(spa_t *spa, void *tag)
877{
878	ASSERT(zfs_refcount_count(&spa->spa_refcount) >= spa->spa_minref ||
879	    MUTEX_HELD(&spa_namespace_lock));
880	(void) zfs_refcount_add(&spa->spa_refcount, tag);
881}
882
883/*
884 * Remove a reference to the given spa_t.  Must have at least one reference, or
885 * have the namespace lock held.
886 */
887void
888spa_close(spa_t *spa, void *tag)
889{
890	ASSERT(zfs_refcount_count(&spa->spa_refcount) > spa->spa_minref ||
891	    MUTEX_HELD(&spa_namespace_lock));
892	(void) zfs_refcount_remove(&spa->spa_refcount, tag);
893}
894
895/*
896 * Remove a reference to the given spa_t held by a dsl dir that is
897 * being asynchronously released.  Async releases occur from a taskq
898 * performing eviction of dsl datasets and dirs.  The namespace lock
899 * isn't held and the hold by the object being evicted may contribute to
900 * spa_minref (e.g. dataset or directory released during pool export),
901 * so the asserts in spa_close() do not apply.
902 */
903void
904spa_async_close(spa_t *spa, void *tag)
905{
906	(void) zfs_refcount_remove(&spa->spa_refcount, tag);
907}
908
909/*
910 * Check to see if the spa refcount is zero.  Must be called with
911 * spa_namespace_lock held.  We really compare against spa_minref, which is the
912 * number of references acquired when opening a pool
913 */
914boolean_t
915spa_refcount_zero(spa_t *spa)
916{
917	ASSERT(MUTEX_HELD(&spa_namespace_lock));
918
919	return (zfs_refcount_count(&spa->spa_refcount) == spa->spa_minref);
920}
921
922/*
923 * ==========================================================================
924 * SPA spare and l2cache tracking
925 * ==========================================================================
926 */
927
928/*
929 * Hot spares and cache devices are tracked using the same code below,
930 * for 'auxiliary' devices.
931 */
932
933typedef struct spa_aux {
934	uint64_t	aux_guid;
935	uint64_t	aux_pool;
936	avl_node_t	aux_avl;
937	int		aux_count;
938} spa_aux_t;
939
940static inline int
941spa_aux_compare(const void *a, const void *b)
942{
943	const spa_aux_t *sa = (const spa_aux_t *)a;
944	const spa_aux_t *sb = (const spa_aux_t *)b;
945
946	return (TREE_CMP(sa->aux_guid, sb->aux_guid));
947}
948
949void
950spa_aux_add(vdev_t *vd, avl_tree_t *avl)
951{
952	avl_index_t where;
953	spa_aux_t search;
954	spa_aux_t *aux;
955
956	search.aux_guid = vd->vdev_guid;
957	if ((aux = avl_find(avl, &search, &where)) != NULL) {
958		aux->aux_count++;
959	} else {
960		aux = kmem_zalloc(sizeof (spa_aux_t), KM_SLEEP);
961		aux->aux_guid = vd->vdev_guid;
962		aux->aux_count = 1;
963		avl_insert(avl, aux, where);
964	}
965}
966
967void
968spa_aux_remove(vdev_t *vd, avl_tree_t *avl)
969{
970	spa_aux_t search;
971	spa_aux_t *aux;
972	avl_index_t where;
973
974	search.aux_guid = vd->vdev_guid;
975	aux = avl_find(avl, &search, &where);
976
977	ASSERT(aux != NULL);
978
979	if (--aux->aux_count == 0) {
980		avl_remove(avl, aux);
981		kmem_free(aux, sizeof (spa_aux_t));
982	} else if (aux->aux_pool == spa_guid(vd->vdev_spa)) {
983		aux->aux_pool = 0ULL;
984	}
985}
986
987boolean_t
988spa_aux_exists(uint64_t guid, uint64_t *pool, int *refcnt, avl_tree_t *avl)
989{
990	spa_aux_t search, *found;
991
992	search.aux_guid = guid;
993	found = avl_find(avl, &search, NULL);
994
995	if (pool) {
996		if (found)
997			*pool = found->aux_pool;
998		else
999			*pool = 0ULL;
1000	}
1001
1002	if (refcnt) {
1003		if (found)
1004			*refcnt = found->aux_count;
1005		else
1006			*refcnt = 0;
1007	}
1008
1009	return (found != NULL);
1010}
1011
1012void
1013spa_aux_activate(vdev_t *vd, avl_tree_t *avl)
1014{
1015	spa_aux_t search, *found;
1016	avl_index_t where;
1017
1018	search.aux_guid = vd->vdev_guid;
1019	found = avl_find(avl, &search, &where);
1020	ASSERT(found != NULL);
1021	ASSERT(found->aux_pool == 0ULL);
1022
1023	found->aux_pool = spa_guid(vd->vdev_spa);
1024}
1025
1026/*
1027 * Spares are tracked globally due to the following constraints:
1028 *
1029 *	- A spare may be part of multiple pools.
1030 *	- A spare may be added to a pool even if it's actively in use within
1031 *	  another pool.
1032 *	- A spare in use in any pool can only be the source of a replacement if
1033 *	  the target is a spare in the same pool.
1034 *
1035 * We keep track of all spares on the system through the use of a reference
1036 * counted AVL tree.  When a vdev is added as a spare, or used as a replacement
1037 * spare, then we bump the reference count in the AVL tree.  In addition, we set
1038 * the 'vdev_isspare' member to indicate that the device is a spare (active or
1039 * inactive).  When a spare is made active (used to replace a device in the
1040 * pool), we also keep track of which pool its been made a part of.
1041 *
1042 * The 'spa_spare_lock' protects the AVL tree.  These functions are normally
1043 * called under the spa_namespace lock as part of vdev reconfiguration.  The
1044 * separate spare lock exists for the status query path, which does not need to
1045 * be completely consistent with respect to other vdev configuration changes.
1046 */
1047
1048static int
1049spa_spare_compare(const void *a, const void *b)
1050{
1051	return (spa_aux_compare(a, b));
1052}
1053
1054void
1055spa_spare_add(vdev_t *vd)
1056{
1057	mutex_enter(&spa_spare_lock);
1058	ASSERT(!vd->vdev_isspare);
1059	spa_aux_add(vd, &spa_spare_avl);
1060	vd->vdev_isspare = B_TRUE;
1061	mutex_exit(&spa_spare_lock);
1062}
1063
1064void
1065spa_spare_remove(vdev_t *vd)
1066{
1067	mutex_enter(&spa_spare_lock);
1068	ASSERT(vd->vdev_isspare);
1069	spa_aux_remove(vd, &spa_spare_avl);
1070	vd->vdev_isspare = B_FALSE;
1071	mutex_exit(&spa_spare_lock);
1072}
1073
1074boolean_t
1075spa_spare_exists(uint64_t guid, uint64_t *pool, int *refcnt)
1076{
1077	boolean_t found;
1078
1079	mutex_enter(&spa_spare_lock);
1080	found = spa_aux_exists(guid, pool, refcnt, &spa_spare_avl);
1081	mutex_exit(&spa_spare_lock);
1082
1083	return (found);
1084}
1085
1086void
1087spa_spare_activate(vdev_t *vd)
1088{
1089	mutex_enter(&spa_spare_lock);
1090	ASSERT(vd->vdev_isspare);
1091	spa_aux_activate(vd, &spa_spare_avl);
1092	mutex_exit(&spa_spare_lock);
1093}
1094
1095/*
1096 * Level 2 ARC devices are tracked globally for the same reasons as spares.
1097 * Cache devices currently only support one pool per cache device, and so
1098 * for these devices the aux reference count is currently unused beyond 1.
1099 */
1100
1101static int
1102spa_l2cache_compare(const void *a, const void *b)
1103{
1104	return (spa_aux_compare(a, b));
1105}
1106
1107void
1108spa_l2cache_add(vdev_t *vd)
1109{
1110	mutex_enter(&spa_l2cache_lock);
1111	ASSERT(!vd->vdev_isl2cache);
1112	spa_aux_add(vd, &spa_l2cache_avl);
1113	vd->vdev_isl2cache = B_TRUE;
1114	mutex_exit(&spa_l2cache_lock);
1115}
1116
1117void
1118spa_l2cache_remove(vdev_t *vd)
1119{
1120	mutex_enter(&spa_l2cache_lock);
1121	ASSERT(vd->vdev_isl2cache);
1122	spa_aux_remove(vd, &spa_l2cache_avl);
1123	vd->vdev_isl2cache = B_FALSE;
1124	mutex_exit(&spa_l2cache_lock);
1125}
1126
1127boolean_t
1128spa_l2cache_exists(uint64_t guid, uint64_t *pool)
1129{
1130	boolean_t found;
1131
1132	mutex_enter(&spa_l2cache_lock);
1133	found = spa_aux_exists(guid, pool, NULL, &spa_l2cache_avl);
1134	mutex_exit(&spa_l2cache_lock);
1135
1136	return (found);
1137}
1138
1139void
1140spa_l2cache_activate(vdev_t *vd)
1141{
1142	mutex_enter(&spa_l2cache_lock);
1143	ASSERT(vd->vdev_isl2cache);
1144	spa_aux_activate(vd, &spa_l2cache_avl);
1145	mutex_exit(&spa_l2cache_lock);
1146}
1147
1148/*
1149 * ==========================================================================
1150 * SPA vdev locking
1151 * ==========================================================================
1152 */
1153
1154/*
1155 * Lock the given spa_t for the purpose of adding or removing a vdev.
1156 * Grabs the global spa_namespace_lock plus the spa config lock for writing.
1157 * It returns the next transaction group for the spa_t.
1158 */
1159uint64_t
1160spa_vdev_enter(spa_t *spa)
1161{
1162	mutex_enter(&spa->spa_vdev_top_lock);
1163	mutex_enter(&spa_namespace_lock);
1164
1165	vdev_autotrim_stop_all(spa);
1166
1167	return (spa_vdev_config_enter(spa));
1168}
1169
1170/*
1171 * Internal implementation for spa_vdev_enter().  Used when a vdev
1172 * operation requires multiple syncs (i.e. removing a device) while
1173 * keeping the spa_namespace_lock held.
1174 */
1175uint64_t
1176spa_vdev_config_enter(spa_t *spa)
1177{
1178	ASSERT(MUTEX_HELD(&spa_namespace_lock));
1179
1180	spa_config_enter(spa, SCL_ALL, spa, RW_WRITER);
1181
1182	return (spa_last_synced_txg(spa) + 1);
1183}
1184
1185/*
1186 * Used in combination with spa_vdev_config_enter() to allow the syncing
1187 * of multiple transactions without releasing the spa_namespace_lock.
1188 */
1189void
1190spa_vdev_config_exit(spa_t *spa, vdev_t *vd, uint64_t txg, int error, char *tag)
1191{
1192	ASSERT(MUTEX_HELD(&spa_namespace_lock));
1193
1194	int config_changed = B_FALSE;
1195
1196	ASSERT(txg > spa_last_synced_txg(spa));
1197
1198	spa->spa_pending_vdev = NULL;
1199
1200	/*
1201	 * Reassess the DTLs.
1202	 */
1203	vdev_dtl_reassess(spa->spa_root_vdev, 0, 0, B_FALSE);
1204
1205	if (error == 0 && !list_is_empty(&spa->spa_config_dirty_list)) {
1206		config_changed = B_TRUE;
1207		spa->spa_config_generation++;
1208	}
1209
1210	/*
1211	 * Verify the metaslab classes.
1212	 */
1213	ASSERT(metaslab_class_validate(spa_normal_class(spa)) == 0);
1214	ASSERT(metaslab_class_validate(spa_log_class(spa)) == 0);
1215	ASSERT(metaslab_class_validate(spa_special_class(spa)) == 0);
1216	ASSERT(metaslab_class_validate(spa_dedup_class(spa)) == 0);
1217
1218	spa_config_exit(spa, SCL_ALL, spa);
1219
1220	/*
1221	 * Panic the system if the specified tag requires it.  This
1222	 * is useful for ensuring that configurations are updated
1223	 * transactionally.
1224	 */
1225	if (zio_injection_enabled)
1226		zio_handle_panic_injection(spa, tag, 0);
1227
1228	/*
1229	 * Note: this txg_wait_synced() is important because it ensures
1230	 * that there won't be more than one config change per txg.
1231	 * This allows us to use the txg as the generation number.
1232	 */
1233	if (error == 0)
1234		txg_wait_synced(spa->spa_dsl_pool, txg);
1235
1236	if (vd != NULL) {
1237		ASSERT(!vd->vdev_detached || vd->vdev_dtl_sm == NULL);
1238		if (vd->vdev_ops->vdev_op_leaf) {
1239			mutex_enter(&vd->vdev_initialize_lock);
1240			vdev_initialize_stop(vd, VDEV_INITIALIZE_CANCELED,
1241			    NULL);
1242			mutex_exit(&vd->vdev_initialize_lock);
1243
1244			mutex_enter(&vd->vdev_trim_lock);
1245			vdev_trim_stop(vd, VDEV_TRIM_CANCELED, NULL);
1246			mutex_exit(&vd->vdev_trim_lock);
1247		}
1248
1249		/*
1250		 * The vdev may be both a leaf and top-level device.
1251		 */
1252		vdev_autotrim_stop_wait(vd);
1253
1254		spa_config_enter(spa, SCL_ALL, spa, RW_WRITER);
1255		vdev_free(vd);
1256		spa_config_exit(spa, SCL_ALL, spa);
1257	}
1258
1259	/*
1260	 * If the config changed, update the config cache.
1261	 */
1262	if (config_changed)
1263		spa_write_cachefile(spa, B_FALSE, B_TRUE);
1264}
1265
1266/*
1267 * Unlock the spa_t after adding or removing a vdev.  Besides undoing the
1268 * locking of spa_vdev_enter(), we also want make sure the transactions have
1269 * synced to disk, and then update the global configuration cache with the new
1270 * information.
1271 */
1272int
1273spa_vdev_exit(spa_t *spa, vdev_t *vd, uint64_t txg, int error)
1274{
1275	vdev_autotrim_restart(spa);
1276
1277	spa_vdev_config_exit(spa, vd, txg, error, FTAG);
1278	mutex_exit(&spa_namespace_lock);
1279	mutex_exit(&spa->spa_vdev_top_lock);
1280
1281	return (error);
1282}
1283
1284/*
1285 * Lock the given spa_t for the purpose of changing vdev state.
1286 */
1287void
1288spa_vdev_state_enter(spa_t *spa, int oplocks)
1289{
1290	int locks = SCL_STATE_ALL | oplocks;
1291
1292	/*
1293	 * Root pools may need to read of the underlying devfs filesystem
1294	 * when opening up a vdev.  Unfortunately if we're holding the
1295	 * SCL_ZIO lock it will result in a deadlock when we try to issue
1296	 * the read from the root filesystem.  Instead we "prefetch"
1297	 * the associated vnodes that we need prior to opening the
1298	 * underlying devices and cache them so that we can prevent
1299	 * any I/O when we are doing the actual open.
1300	 */
1301	if (spa_is_root(spa)) {
1302		int low = locks & ~(SCL_ZIO - 1);
1303		int high = locks & ~low;
1304
1305		spa_config_enter(spa, high, spa, RW_WRITER);
1306		vdev_hold(spa->spa_root_vdev);
1307		spa_config_enter(spa, low, spa, RW_WRITER);
1308	} else {
1309		spa_config_enter(spa, locks, spa, RW_WRITER);
1310	}
1311	spa->spa_vdev_locks = locks;
1312}
1313
1314int
1315spa_vdev_state_exit(spa_t *spa, vdev_t *vd, int error)
1316{
1317	boolean_t config_changed = B_FALSE;
1318
1319	if (vd != NULL || error == 0)
1320		vdev_dtl_reassess(vd ? vd->vdev_top : spa->spa_root_vdev,
1321		    0, 0, B_FALSE);
1322
1323	if (vd != NULL) {
1324		vdev_state_dirty(vd->vdev_top);
1325		config_changed = B_TRUE;
1326		spa->spa_config_generation++;
1327	}
1328
1329	if (spa_is_root(spa))
1330		vdev_rele(spa->spa_root_vdev);
1331
1332	ASSERT3U(spa->spa_vdev_locks, >=, SCL_STATE_ALL);
1333	spa_config_exit(spa, spa->spa_vdev_locks, spa);
1334
1335	/*
1336	 * If anything changed, wait for it to sync.  This ensures that,
1337	 * from the system administrator's perspective, zpool(1M) commands
1338	 * are synchronous.  This is important for things like zpool offline:
1339	 * when the command completes, you expect no further I/O from ZFS.
1340	 */
1341	if (vd != NULL)
1342		txg_wait_synced(spa->spa_dsl_pool, 0);
1343
1344	/*
1345	 * If the config changed, update the config cache.
1346	 */
1347	if (config_changed) {
1348		mutex_enter(&spa_namespace_lock);
1349		spa_write_cachefile(spa, B_FALSE, B_TRUE);
1350		mutex_exit(&spa_namespace_lock);
1351	}
1352
1353	return (error);
1354}
1355
1356/*
1357 * ==========================================================================
1358 * Miscellaneous functions
1359 * ==========================================================================
1360 */
1361
1362void
1363spa_activate_mos_feature(spa_t *spa, const char *feature, dmu_tx_t *tx)
1364{
1365	if (!nvlist_exists(spa->spa_label_features, feature)) {
1366		fnvlist_add_boolean(spa->spa_label_features, feature);
1367		/*
1368		 * When we are creating the pool (tx_txg==TXG_INITIAL), we can't
1369		 * dirty the vdev config because lock SCL_CONFIG is not held.
1370		 * Thankfully, in this case we don't need to dirty the config
1371		 * because it will be written out anyway when we finish
1372		 * creating the pool.
1373		 */
1374		if (tx->tx_txg != TXG_INITIAL)
1375			vdev_config_dirty(spa->spa_root_vdev);
1376	}
1377}
1378
1379void
1380spa_deactivate_mos_feature(spa_t *spa, const char *feature)
1381{
1382	if (nvlist_remove_all(spa->spa_label_features, feature) == 0)
1383		vdev_config_dirty(spa->spa_root_vdev);
1384}
1385
1386/*
1387 * Return the spa_t associated with given pool_guid, if it exists.  If
1388 * device_guid is non-zero, determine whether the pool exists *and* contains
1389 * a device with the specified device_guid.
1390 */
1391spa_t *
1392spa_by_guid(uint64_t pool_guid, uint64_t device_guid)
1393{
1394	spa_t *spa;
1395	avl_tree_t *t = &spa_namespace_avl;
1396
1397	ASSERT(MUTEX_HELD(&spa_namespace_lock));
1398
1399	for (spa = avl_first(t); spa != NULL; spa = AVL_NEXT(t, spa)) {
1400		if (spa->spa_state == POOL_STATE_UNINITIALIZED)
1401			continue;
1402		if (spa->spa_root_vdev == NULL)
1403			continue;
1404		if (spa_guid(spa) == pool_guid) {
1405			if (device_guid == 0)
1406				break;
1407
1408			if (vdev_lookup_by_guid(spa->spa_root_vdev,
1409			    device_guid) != NULL)
1410				break;
1411
1412			/*
1413			 * Check any devices we may be in the process of adding.
1414			 */
1415			if (spa->spa_pending_vdev) {
1416				if (vdev_lookup_by_guid(spa->spa_pending_vdev,
1417				    device_guid) != NULL)
1418					break;
1419			}
1420		}
1421	}
1422
1423	return (spa);
1424}
1425
1426/*
1427 * Determine whether a pool with the given pool_guid exists.
1428 */
1429boolean_t
1430spa_guid_exists(uint64_t pool_guid, uint64_t device_guid)
1431{
1432	return (spa_by_guid(pool_guid, device_guid) != NULL);
1433}
1434
1435char *
1436spa_strdup(const char *s)
1437{
1438	size_t len;
1439	char *new;
1440
1441	len = strlen(s);
1442	new = kmem_alloc(len + 1, KM_SLEEP);
1443	bcopy(s, new, len);
1444	new[len] = '\0';
1445
1446	return (new);
1447}
1448
1449void
1450spa_strfree(char *s)
1451{
1452	kmem_free(s, strlen(s) + 1);
1453}
1454
1455uint64_t
1456spa_get_random(uint64_t range)
1457{
1458	uint64_t r;
1459
1460	ASSERT(range != 0);
1461
1462	if (range == 1)
1463		return (0);
1464
1465	(void) random_get_pseudo_bytes((void *)&r, sizeof (uint64_t));
1466
1467	return (r % range);
1468}
1469
1470uint64_t
1471spa_generate_guid(spa_t *spa)
1472{
1473	uint64_t guid = spa_get_random(-1ULL);
1474
1475	if (spa != NULL) {
1476		while (guid == 0 || spa_guid_exists(spa_guid(spa), guid))
1477			guid = spa_get_random(-1ULL);
1478	} else {
1479		while (guid == 0 || spa_guid_exists(guid, 0))
1480			guid = spa_get_random(-1ULL);
1481	}
1482
1483	return (guid);
1484}
1485
1486void
1487snprintf_blkptr(char *buf, size_t buflen, const blkptr_t *bp)
1488{
1489	char type[256];
1490	char *checksum = NULL;
1491	char *compress = NULL;
1492
1493	if (bp != NULL) {
1494		if (BP_GET_TYPE(bp) & DMU_OT_NEWTYPE) {
1495			dmu_object_byteswap_t bswap =
1496			    DMU_OT_BYTESWAP(BP_GET_TYPE(bp));
1497			(void) snprintf(type, sizeof (type), "bswap %s %s",
1498			    DMU_OT_IS_METADATA(BP_GET_TYPE(bp)) ?
1499			    "metadata" : "data",
1500			    dmu_ot_byteswap[bswap].ob_name);
1501		} else {
1502			(void) strlcpy(type, dmu_ot[BP_GET_TYPE(bp)].ot_name,
1503			    sizeof (type));
1504		}
1505		if (!BP_IS_EMBEDDED(bp)) {
1506			checksum =
1507			    zio_checksum_table[BP_GET_CHECKSUM(bp)].ci_name;
1508		}
1509		compress = zio_compress_table[BP_GET_COMPRESS(bp)].ci_name;
1510	}
1511
1512	SNPRINTF_BLKPTR(snprintf, ' ', buf, buflen, bp, type, checksum,
1513	    compress);
1514}
1515
1516void
1517spa_freeze(spa_t *spa)
1518{
1519	uint64_t freeze_txg = 0;
1520
1521	spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
1522	if (spa->spa_freeze_txg == UINT64_MAX) {
1523		freeze_txg = spa_last_synced_txg(spa) + TXG_SIZE;
1524		spa->spa_freeze_txg = freeze_txg;
1525	}
1526	spa_config_exit(spa, SCL_ALL, FTAG);
1527	if (freeze_txg != 0)
1528		txg_wait_synced(spa_get_dsl(spa), freeze_txg);
1529}
1530
1531void
1532zfs_panic_recover(const char *fmt, ...)
1533{
1534	va_list adx;
1535
1536	va_start(adx, fmt);
1537	vcmn_err(zfs_recover ? CE_WARN : CE_PANIC, fmt, adx);
1538	va_end(adx);
1539}
1540
1541/*
1542 * This is a stripped-down version of strtoull, suitable only for converting
1543 * lowercase hexadecimal numbers that don't overflow.
1544 */
1545uint64_t
1546zfs_strtonum(const char *str, char **nptr)
1547{
1548	uint64_t val = 0;
1549	char c;
1550	int digit;
1551
1552	while ((c = *str) != '\0') {
1553		if (c >= '0' && c <= '9')
1554			digit = c - '0';
1555		else if (c >= 'a' && c <= 'f')
1556			digit = 10 + c - 'a';
1557		else
1558			break;
1559
1560		val *= 16;
1561		val += digit;
1562
1563		str++;
1564	}
1565
1566	if (nptr)
1567		*nptr = (char *)str;
1568
1569	return (val);
1570}
1571
1572void
1573spa_activate_allocation_classes(spa_t *spa, dmu_tx_t *tx)
1574{
1575	/*
1576	 * We bump the feature refcount for each special vdev added to the pool
1577	 */
1578	ASSERT(spa_feature_is_enabled(spa, SPA_FEATURE_ALLOCATION_CLASSES));
1579	spa_feature_incr(spa, SPA_FEATURE_ALLOCATION_CLASSES, tx);
1580}
1581
1582/*
1583 * ==========================================================================
1584 * Accessor functions
1585 * ==========================================================================
1586 */
1587
1588boolean_t
1589spa_shutting_down(spa_t *spa)
1590{
1591	return (spa->spa_async_suspended);
1592}
1593
1594dsl_pool_t *
1595spa_get_dsl(spa_t *spa)
1596{
1597	return (spa->spa_dsl_pool);
1598}
1599
1600boolean_t
1601spa_is_initializing(spa_t *spa)
1602{
1603	return (spa->spa_is_initializing);
1604}
1605
1606boolean_t
1607spa_indirect_vdevs_loaded(spa_t *spa)
1608{
1609	return (spa->spa_indirect_vdevs_loaded);
1610}
1611
1612blkptr_t *
1613spa_get_rootblkptr(spa_t *spa)
1614{
1615	return (&spa->spa_ubsync.ub_rootbp);
1616}
1617
1618void
1619spa_set_rootblkptr(spa_t *spa, const blkptr_t *bp)
1620{
1621	spa->spa_uberblock.ub_rootbp = *bp;
1622}
1623
1624void
1625spa_altroot(spa_t *spa, char *buf, size_t buflen)
1626{
1627	if (spa->spa_root == NULL)
1628		buf[0] = '\0';
1629	else
1630		(void) strncpy(buf, spa->spa_root, buflen);
1631}
1632
1633int
1634spa_sync_pass(spa_t *spa)
1635{
1636	return (spa->spa_sync_pass);
1637}
1638
1639char *
1640spa_name(spa_t *spa)
1641{
1642	return (spa->spa_name);
1643}
1644
1645uint64_t
1646spa_guid(spa_t *spa)
1647{
1648	dsl_pool_t *dp = spa_get_dsl(spa);
1649	uint64_t guid;
1650
1651	/*
1652	 * If we fail to parse the config during spa_load(), we can go through
1653	 * the error path (which posts an ereport) and end up here with no root
1654	 * vdev.  We stash the original pool guid in 'spa_config_guid' to handle
1655	 * this case.
1656	 */
1657	if (spa->spa_root_vdev == NULL)
1658		return (spa->spa_config_guid);
1659
1660	guid = spa->spa_last_synced_guid != 0 ?
1661	    spa->spa_last_synced_guid : spa->spa_root_vdev->vdev_guid;
1662
1663	/*
1664	 * Return the most recently synced out guid unless we're
1665	 * in syncing context.
1666	 */
1667	if (dp && dsl_pool_sync_context(dp))
1668		return (spa->spa_root_vdev->vdev_guid);
1669	else
1670		return (guid);
1671}
1672
1673uint64_t
1674spa_load_guid(spa_t *spa)
1675{
1676	/*
1677	 * This is a GUID that exists solely as a reference for the
1678	 * purposes of the arc.  It is generated at load time, and
1679	 * is never written to persistent storage.
1680	 */
1681	return (spa->spa_load_guid);
1682}
1683
1684uint64_t
1685spa_last_synced_txg(spa_t *spa)
1686{
1687	return (spa->spa_ubsync.ub_txg);
1688}
1689
1690uint64_t
1691spa_first_txg(spa_t *spa)
1692{
1693	return (spa->spa_first_txg);
1694}
1695
1696uint64_t
1697spa_syncing_txg(spa_t *spa)
1698{
1699	return (spa->spa_syncing_txg);
1700}
1701
1702/*
1703 * Return the last txg where data can be dirtied. The final txgs
1704 * will be used to just clear out any deferred frees that remain.
1705 */
1706uint64_t
1707spa_final_dirty_txg(spa_t *spa)
1708{
1709	return (spa->spa_final_txg - TXG_DEFER_SIZE);
1710}
1711
1712pool_state_t
1713spa_state(spa_t *spa)
1714{
1715	return (spa->spa_state);
1716}
1717
1718spa_load_state_t
1719spa_load_state(spa_t *spa)
1720{
1721	return (spa->spa_load_state);
1722}
1723
1724uint64_t
1725spa_freeze_txg(spa_t *spa)
1726{
1727	return (spa->spa_freeze_txg);
1728}
1729
1730/* ARGSUSED */
1731uint64_t
1732spa_get_worst_case_asize(spa_t *spa, uint64_t lsize)
1733{
1734	return (lsize * spa_asize_inflation);
1735}
1736
1737/*
1738 * Return the amount of slop space in bytes.  It is 1/32 of the pool (3.2%),
1739 * or at least 128MB, unless that would cause it to be more than half the
1740 * pool size.
1741 *
1742 * See the comment above spa_slop_shift for details.
1743 */
1744uint64_t
1745spa_get_slop_space(spa_t *spa)
1746{
1747	uint64_t space = spa_get_dspace(spa);
1748	return (MAX(space >> spa_slop_shift, MIN(space >> 1, spa_min_slop)));
1749}
1750
1751uint64_t
1752spa_get_dspace(spa_t *spa)
1753{
1754	return (spa->spa_dspace);
1755}
1756
1757uint64_t
1758spa_get_checkpoint_space(spa_t *spa)
1759{
1760	return (spa->spa_checkpoint_info.sci_dspace);
1761}
1762
1763void
1764spa_update_dspace(spa_t *spa)
1765{
1766	spa->spa_dspace = metaslab_class_get_dspace(spa_normal_class(spa)) +
1767	    ddt_get_dedup_dspace(spa);
1768	if (spa->spa_vdev_removal != NULL) {
1769		/*
1770		 * We can't allocate from the removing device, so
1771		 * subtract its size.  This prevents the DMU/DSL from
1772		 * filling up the (now smaller) pool while we are in the
1773		 * middle of removing the device.
1774		 *
1775		 * Note that the DMU/DSL doesn't actually know or care
1776		 * how much space is allocated (it does its own tracking
1777		 * of how much space has been logically used).  So it
1778		 * doesn't matter that the data we are moving may be
1779		 * allocated twice (on the old device and the new
1780		 * device).
1781		 */
1782		spa_config_enter(spa, SCL_VDEV, FTAG, RW_READER);
1783		vdev_t *vd =
1784		    vdev_lookup_top(spa, spa->spa_vdev_removal->svr_vdev_id);
1785		spa->spa_dspace -= spa_deflate(spa) ?
1786		    vd->vdev_stat.vs_dspace : vd->vdev_stat.vs_space;
1787		spa_config_exit(spa, SCL_VDEV, FTAG);
1788	}
1789}
1790
1791/*
1792 * Return the failure mode that has been set to this pool. The default
1793 * behavior will be to block all I/Os when a complete failure occurs.
1794 */
1795uint8_t
1796spa_get_failmode(spa_t *spa)
1797{
1798	return (spa->spa_failmode);
1799}
1800
1801boolean_t
1802spa_suspended(spa_t *spa)
1803{
1804	return (spa->spa_suspended != ZIO_SUSPEND_NONE);
1805}
1806
1807uint64_t
1808spa_version(spa_t *spa)
1809{
1810	return (spa->spa_ubsync.ub_version);
1811}
1812
1813boolean_t
1814spa_deflate(spa_t *spa)
1815{
1816	return (spa->spa_deflate);
1817}
1818
1819metaslab_class_t *
1820spa_normal_class(spa_t *spa)
1821{
1822	return (spa->spa_normal_class);
1823}
1824
1825metaslab_class_t *
1826spa_log_class(spa_t *spa)
1827{
1828	return (spa->spa_log_class);
1829}
1830
1831metaslab_class_t *
1832spa_special_class(spa_t *spa)
1833{
1834	return (spa->spa_special_class);
1835}
1836
1837metaslab_class_t *
1838spa_dedup_class(spa_t *spa)
1839{
1840	return (spa->spa_dedup_class);
1841}
1842
1843/*
1844 * Locate an appropriate allocation class
1845 */
1846metaslab_class_t *
1847spa_preferred_class(spa_t *spa, uint64_t size, dmu_object_type_t objtype,
1848    uint_t level, uint_t special_smallblk)
1849{
1850	if (DMU_OT_IS_ZIL(objtype)) {
1851		if (spa->spa_log_class->mc_groups != 0)
1852			return (spa_log_class(spa));
1853		else
1854			return (spa_normal_class(spa));
1855	}
1856
1857	boolean_t has_special_class = spa->spa_special_class->mc_groups != 0;
1858
1859	if (DMU_OT_IS_DDT(objtype)) {
1860		if (spa->spa_dedup_class->mc_groups != 0)
1861			return (spa_dedup_class(spa));
1862		else if (has_special_class && zfs_ddt_data_is_special)
1863			return (spa_special_class(spa));
1864		else
1865			return (spa_normal_class(spa));
1866	}
1867
1868	/* Indirect blocks for user data can land in special if allowed */
1869	if (level > 0 && (DMU_OT_IS_FILE(objtype) || objtype == DMU_OT_ZVOL)) {
1870		if (has_special_class && zfs_user_indirect_is_special)
1871			return (spa_special_class(spa));
1872		else
1873			return (spa_normal_class(spa));
1874	}
1875
1876	if (DMU_OT_IS_METADATA(objtype) || level > 0) {
1877		if (has_special_class)
1878			return (spa_special_class(spa));
1879		else
1880			return (spa_normal_class(spa));
1881	}
1882
1883	/*
1884	 * Allow small file blocks in special class in some cases (like
1885	 * for the dRAID vdev feature). But always leave a reserve of
1886	 * zfs_special_class_metadata_reserve_pct exclusively for metadata.
1887	 */
1888	if (DMU_OT_IS_FILE(objtype) &&
1889	    has_special_class && size <= special_smallblk) {
1890		metaslab_class_t *special = spa_special_class(spa);
1891		uint64_t alloc = metaslab_class_get_alloc(special);
1892		uint64_t space = metaslab_class_get_space(special);
1893		uint64_t limit =
1894		    (space * (100 - zfs_special_class_metadata_reserve_pct))
1895		    / 100;
1896
1897		if (alloc < limit)
1898			return (special);
1899	}
1900
1901	return (spa_normal_class(spa));
1902}
1903
1904void
1905spa_evicting_os_register(spa_t *spa, objset_t *os)
1906{
1907	mutex_enter(&spa->spa_evicting_os_lock);
1908	list_insert_head(&spa->spa_evicting_os_list, os);
1909	mutex_exit(&spa->spa_evicting_os_lock);
1910}
1911
1912void
1913spa_evicting_os_deregister(spa_t *spa, objset_t *os)
1914{
1915	mutex_enter(&spa->spa_evicting_os_lock);
1916	list_remove(&spa->spa_evicting_os_list, os);
1917	cv_broadcast(&spa->spa_evicting_os_cv);
1918	mutex_exit(&spa->spa_evicting_os_lock);
1919}
1920
1921void
1922spa_evicting_os_wait(spa_t *spa)
1923{
1924	mutex_enter(&spa->spa_evicting_os_lock);
1925	while (!list_is_empty(&spa->spa_evicting_os_list))
1926		cv_wait(&spa->spa_evicting_os_cv, &spa->spa_evicting_os_lock);
1927	mutex_exit(&spa->spa_evicting_os_lock);
1928
1929	dmu_buf_user_evict_wait();
1930}
1931
1932int
1933spa_max_replication(spa_t *spa)
1934{
1935	/*
1936	 * As of SPA_VERSION == SPA_VERSION_DITTO_BLOCKS, we are able to
1937	 * handle BPs with more than one DVA allocated.  Set our max
1938	 * replication level accordingly.
1939	 */
1940	if (spa_version(spa) < SPA_VERSION_DITTO_BLOCKS)
1941		return (1);
1942	return (MIN(SPA_DVAS_PER_BP, spa_max_replication_override));
1943}
1944
1945int
1946spa_prev_software_version(spa_t *spa)
1947{
1948	return (spa->spa_prev_software_version);
1949}
1950
1951uint64_t
1952spa_deadman_synctime(spa_t *spa)
1953{
1954	return (spa->spa_deadman_synctime);
1955}
1956
1957spa_autotrim_t
1958spa_get_autotrim(spa_t *spa)
1959{
1960	return (spa->spa_autotrim);
1961}
1962
1963uint64_t
1964dva_get_dsize_sync(spa_t *spa, const dva_t *dva)
1965{
1966	uint64_t asize = DVA_GET_ASIZE(dva);
1967	uint64_t dsize = asize;
1968
1969	ASSERT(spa_config_held(spa, SCL_ALL, RW_READER) != 0);
1970
1971	if (asize != 0 && spa->spa_deflate) {
1972		vdev_t *vd = vdev_lookup_top(spa, DVA_GET_VDEV(dva));
1973		dsize = (asize >> SPA_MINBLOCKSHIFT) * vd->vdev_deflate_ratio;
1974	}
1975
1976	return (dsize);
1977}
1978
1979uint64_t
1980bp_get_dsize_sync(spa_t *spa, const blkptr_t *bp)
1981{
1982	uint64_t dsize = 0;
1983
1984	for (int d = 0; d < BP_GET_NDVAS(bp); d++)
1985		dsize += dva_get_dsize_sync(spa, &bp->blk_dva[d]);
1986
1987	return (dsize);
1988}
1989
1990uint64_t
1991bp_get_dsize(spa_t *spa, const blkptr_t *bp)
1992{
1993	uint64_t dsize = 0;
1994
1995	spa_config_enter(spa, SCL_VDEV, FTAG, RW_READER);
1996
1997	for (int d = 0; d < BP_GET_NDVAS(bp); d++)
1998		dsize += dva_get_dsize_sync(spa, &bp->blk_dva[d]);
1999
2000	spa_config_exit(spa, SCL_VDEV, FTAG);
2001
2002	return (dsize);
2003}
2004
2005uint64_t
2006spa_dirty_data(spa_t *spa)
2007{
2008	return (spa->spa_dsl_pool->dp_dirty_total);
2009}
2010
2011/*
2012 * ==========================================================================
2013 * Initialization and Termination
2014 * ==========================================================================
2015 */
2016
2017static int
2018spa_name_compare(const void *a1, const void *a2)
2019{
2020	const spa_t *s1 = a1;
2021	const spa_t *s2 = a2;
2022	int s;
2023
2024	s = strcmp(s1->spa_name, s2->spa_name);
2025
2026	return (TREE_ISIGN(s));
2027}
2028
2029int
2030spa_busy(void)
2031{
2032	return (spa_active_count);
2033}
2034
2035void
2036spa_boot_init()
2037{
2038	spa_config_load();
2039}
2040
2041void
2042spa_init(int mode)
2043{
2044	mutex_init(&spa_namespace_lock, NULL, MUTEX_DEFAULT, NULL);
2045	mutex_init(&spa_spare_lock, NULL, MUTEX_DEFAULT, NULL);
2046	mutex_init(&spa_l2cache_lock, NULL, MUTEX_DEFAULT, NULL);
2047	cv_init(&spa_namespace_cv, NULL, CV_DEFAULT, NULL);
2048
2049	avl_create(&spa_namespace_avl, spa_name_compare, sizeof (spa_t),
2050	    offsetof(spa_t, spa_avl));
2051
2052	avl_create(&spa_spare_avl, spa_spare_compare, sizeof (spa_aux_t),
2053	    offsetof(spa_aux_t, aux_avl));
2054
2055	avl_create(&spa_l2cache_avl, spa_l2cache_compare, sizeof (spa_aux_t),
2056	    offsetof(spa_aux_t, aux_avl));
2057
2058	spa_mode_global = mode;
2059
2060#ifdef _KERNEL
2061	spa_arch_init();
2062#else
2063	if (spa_mode_global != FREAD && dprintf_find_string("watch")) {
2064		arc_procfd = open("/proc/self/ctl", O_WRONLY);
2065		if (arc_procfd == -1) {
2066			perror("could not enable watchpoints: "
2067			    "opening /proc/self/ctl failed: ");
2068		} else {
2069			arc_watch = B_TRUE;
2070		}
2071	}
2072#endif
2073
2074	zfs_refcount_init();
2075	unique_init();
2076	zfs_btree_init();
2077	metaslab_stat_init();
2078	zio_init();
2079	dmu_init();
2080	zil_init();
2081	vdev_cache_stat_init();
2082	vdev_mirror_stat_init();
2083	zfs_prop_init();
2084	zpool_prop_init();
2085	zpool_feature_init();
2086	spa_config_load();
2087	l2arc_start();
2088	scan_init();
2089}
2090
2091void
2092spa_fini(void)
2093{
2094	l2arc_stop();
2095
2096	spa_evict_all();
2097
2098	vdev_cache_stat_fini();
2099	vdev_mirror_stat_fini();
2100	zil_fini();
2101	dmu_fini();
2102	zio_fini();
2103	metaslab_stat_fini();
2104	zfs_btree_fini();
2105	unique_fini();
2106	zfs_refcount_fini();
2107	scan_fini();
2108
2109	avl_destroy(&spa_namespace_avl);
2110	avl_destroy(&spa_spare_avl);
2111	avl_destroy(&spa_l2cache_avl);
2112
2113	cv_destroy(&spa_namespace_cv);
2114	mutex_destroy(&spa_namespace_lock);
2115	mutex_destroy(&spa_spare_lock);
2116	mutex_destroy(&spa_l2cache_lock);
2117}
2118
2119/*
2120 * Return whether this pool has slogs. No locking needed.
2121 * It's not a problem if the wrong answer is returned as it's only for
2122 * performance and not correctness
2123 */
2124boolean_t
2125spa_has_slogs(spa_t *spa)
2126{
2127	return (spa->spa_log_class->mc_rotor != NULL);
2128}
2129
2130spa_log_state_t
2131spa_get_log_state(spa_t *spa)
2132{
2133	return (spa->spa_log_state);
2134}
2135
2136void
2137spa_set_log_state(spa_t *spa, spa_log_state_t state)
2138{
2139	spa->spa_log_state = state;
2140}
2141
2142boolean_t
2143spa_is_root(spa_t *spa)
2144{
2145	return (spa->spa_is_root);
2146}
2147
2148boolean_t
2149spa_writeable(spa_t *spa)
2150{
2151	return (!!(spa->spa_mode & FWRITE) && spa->spa_trust_config);
2152}
2153
2154/*
2155 * Returns true if there is a pending sync task in any of the current
2156 * syncing txg, the current quiescing txg, or the current open txg.
2157 */
2158boolean_t
2159spa_has_pending_synctask(spa_t *spa)
2160{
2161	return (!txg_all_lists_empty(&spa->spa_dsl_pool->dp_sync_tasks) ||
2162	    !txg_all_lists_empty(&spa->spa_dsl_pool->dp_early_sync_tasks));
2163}
2164
2165int
2166spa_mode(spa_t *spa)
2167{
2168	return (spa->spa_mode);
2169}
2170
2171uint64_t
2172spa_bootfs(spa_t *spa)
2173{
2174	return (spa->spa_bootfs);
2175}
2176
2177uint64_t
2178spa_delegation(spa_t *spa)
2179{
2180	return (spa->spa_delegation);
2181}
2182
2183objset_t *
2184spa_meta_objset(spa_t *spa)
2185{
2186	return (spa->spa_meta_objset);
2187}
2188
2189enum zio_checksum
2190spa_dedup_checksum(spa_t *spa)
2191{
2192	return (spa->spa_dedup_checksum);
2193}
2194
2195/*
2196 * Reset pool scan stat per scan pass (or reboot).
2197 */
2198void
2199spa_scan_stat_init(spa_t *spa)
2200{
2201	/* data not stored on disk */
2202	spa->spa_scan_pass_start = gethrestime_sec();
2203	if (dsl_scan_is_paused_scrub(spa->spa_dsl_pool->dp_scan))
2204		spa->spa_scan_pass_scrub_pause = spa->spa_scan_pass_start;
2205	else
2206		spa->spa_scan_pass_scrub_pause = 0;
2207	spa->spa_scan_pass_scrub_spent_paused = 0;
2208	spa->spa_scan_pass_exam = 0;
2209	spa->spa_scan_pass_issued = 0;
2210	vdev_scan_stat_init(spa->spa_root_vdev);
2211}
2212
2213/*
2214 * Get scan stats for zpool status reports
2215 */
2216int
2217spa_scan_get_stats(spa_t *spa, pool_scan_stat_t *ps)
2218{
2219	dsl_scan_t *scn = spa->spa_dsl_pool ? spa->spa_dsl_pool->dp_scan : NULL;
2220
2221	if (scn == NULL || scn->scn_phys.scn_func == POOL_SCAN_NONE)
2222		return (SET_ERROR(ENOENT));
2223	bzero(ps, sizeof (pool_scan_stat_t));
2224
2225	/* data stored on disk */
2226	ps->pss_func = scn->scn_phys.scn_func;
2227	ps->pss_state = scn->scn_phys.scn_state;
2228	ps->pss_start_time = scn->scn_phys.scn_start_time;
2229	ps->pss_end_time = scn->scn_phys.scn_end_time;
2230	ps->pss_to_examine = scn->scn_phys.scn_to_examine;
2231	ps->pss_to_process = scn->scn_phys.scn_to_process;
2232	ps->pss_processed = scn->scn_phys.scn_processed;
2233	ps->pss_errors = scn->scn_phys.scn_errors;
2234	ps->pss_examined = scn->scn_phys.scn_examined;
2235	ps->pss_issued =
2236	    scn->scn_issued_before_pass + spa->spa_scan_pass_issued;
2237	ps->pss_state = scn->scn_phys.scn_state;
2238
2239	/* data not stored on disk */
2240	ps->pss_pass_start = spa->spa_scan_pass_start;
2241	ps->pss_pass_exam = spa->spa_scan_pass_exam;
2242	ps->pss_pass_issued = spa->spa_scan_pass_issued;
2243	ps->pss_pass_scrub_pause = spa->spa_scan_pass_scrub_pause;
2244	ps->pss_pass_scrub_spent_paused = spa->spa_scan_pass_scrub_spent_paused;
2245
2246	return (0);
2247}
2248
2249int
2250spa_maxblocksize(spa_t *spa)
2251{
2252	if (spa_feature_is_enabled(spa, SPA_FEATURE_LARGE_BLOCKS))
2253		return (SPA_MAXBLOCKSIZE);
2254	else
2255		return (SPA_OLD_MAXBLOCKSIZE);
2256}
2257
2258int
2259spa_maxdnodesize(spa_t *spa)
2260{
2261	if (spa_feature_is_enabled(spa, SPA_FEATURE_LARGE_DNODE))
2262		return (DNODE_MAX_SIZE);
2263	else
2264		return (DNODE_MIN_SIZE);
2265}
2266
2267boolean_t
2268spa_multihost(spa_t *spa)
2269{
2270	return (spa->spa_multihost ? B_TRUE : B_FALSE);
2271}
2272
2273unsigned long
2274spa_get_hostid(void)
2275{
2276	unsigned long myhostid;
2277
2278#ifdef	_KERNEL
2279	myhostid = zone_get_hostid(NULL);
2280#else	/* _KERNEL */
2281	/*
2282	 * We're emulating the system's hostid in userland, so
2283	 * we can't use zone_get_hostid().
2284	 */
2285	(void) ddi_strtoul(hw_serial, NULL, 10, &myhostid);
2286#endif	/* _KERNEL */
2287
2288	return (myhostid);
2289}
2290
2291/*
2292 * Returns the txg that the last device removal completed. No indirect mappings
2293 * have been added since this txg.
2294 */
2295uint64_t
2296spa_get_last_removal_txg(spa_t *spa)
2297{
2298	uint64_t vdevid;
2299	uint64_t ret = -1ULL;
2300
2301	spa_config_enter(spa, SCL_VDEV, FTAG, RW_READER);
2302	/*
2303	 * sr_prev_indirect_vdev is only modified while holding all the
2304	 * config locks, so it is sufficient to hold SCL_VDEV as reader when
2305	 * examining it.
2306	 */
2307	vdevid = spa->spa_removing_phys.sr_prev_indirect_vdev;
2308
2309	while (vdevid != -1ULL) {
2310		vdev_t *vd = vdev_lookup_top(spa, vdevid);
2311		vdev_indirect_births_t *vib = vd->vdev_indirect_births;
2312
2313		ASSERT3P(vd->vdev_ops, ==, &vdev_indirect_ops);
2314
2315		/*
2316		 * If the removal did not remap any data, we don't care.
2317		 */
2318		if (vdev_indirect_births_count(vib) != 0) {
2319			ret = vdev_indirect_births_last_entry_txg(vib);
2320			break;
2321		}
2322
2323		vdevid = vd->vdev_indirect_config.vic_prev_indirect_vdev;
2324	}
2325	spa_config_exit(spa, SCL_VDEV, FTAG);
2326
2327	IMPLY(ret != -1ULL,
2328	    spa_feature_is_active(spa, SPA_FEATURE_DEVICE_REMOVAL));
2329
2330	return (ret);
2331}
2332
2333boolean_t
2334spa_trust_config(spa_t *spa)
2335{
2336	return (spa->spa_trust_config);
2337}
2338
2339uint64_t
2340spa_missing_tvds_allowed(spa_t *spa)
2341{
2342	return (spa->spa_missing_tvds_allowed);
2343}
2344
2345space_map_t *
2346spa_syncing_log_sm(spa_t *spa)
2347{
2348	return (spa->spa_syncing_log_sm);
2349}
2350
2351void
2352spa_set_missing_tvds(spa_t *spa, uint64_t missing)
2353{
2354	spa->spa_missing_tvds = missing;
2355}
2356
2357boolean_t
2358spa_top_vdevs_spacemap_addressable(spa_t *spa)
2359{
2360	vdev_t *rvd = spa->spa_root_vdev;
2361	for (uint64_t c = 0; c < rvd->vdev_children; c++) {
2362		if (!vdev_is_spacemap_addressable(rvd->vdev_child[c]))
2363			return (B_FALSE);
2364	}
2365	return (B_TRUE);
2366}
2367
2368boolean_t
2369spa_has_checkpoint(spa_t *spa)
2370{
2371	return (spa->spa_checkpoint_txg != 0);
2372}
2373
2374boolean_t
2375spa_importing_readonly_checkpoint(spa_t *spa)
2376{
2377	return ((spa->spa_import_flags & ZFS_IMPORT_CHECKPOINT) &&
2378	    spa->spa_mode == FREAD);
2379}
2380
2381uint64_t
2382spa_min_claim_txg(spa_t *spa)
2383{
2384	uint64_t checkpoint_txg = spa->spa_uberblock.ub_checkpoint_txg;
2385
2386	if (checkpoint_txg != 0)
2387		return (checkpoint_txg + 1);
2388
2389	return (spa->spa_first_txg);
2390}
2391
2392/*
2393 * If there is a checkpoint, async destroys may consume more space from
2394 * the pool instead of freeing it. In an attempt to save the pool from
2395 * getting suspended when it is about to run out of space, we stop
2396 * processing async destroys.
2397 */
2398boolean_t
2399spa_suspend_async_destroy(spa_t *spa)
2400{
2401	dsl_pool_t *dp = spa_get_dsl(spa);
2402
2403	uint64_t unreserved = dsl_pool_unreserved_space(dp,
2404	    ZFS_SPACE_CHECK_EXTRA_RESERVED);
2405	uint64_t used = dsl_dir_phys(dp->dp_root_dir)->dd_used_bytes;
2406	uint64_t avail = (unreserved > used) ? (unreserved - used) : 0;
2407
2408	if (spa_has_checkpoint(spa) && avail == 0)
2409		return (B_TRUE);
2410
2411	return (B_FALSE);
2412}
2413