linux/Documentation/device-mapper
Jonathan Brassow 55ebbb59c1 DM-RAID: Fix RAID10's check for sufficient redundancy
Before attempting to activate a RAID array, it is checked for sufficient
redundancy.  That is, we make sure that there are not too many failed
devices - or devices specified for rebuild - to undermine our ability to
activate the array.  The current code performs this check twice - once to
ensure there were not too many devices specified for rebuild by the user
('validate_rebuild_devices') and again after possibly experiencing a failure
to read the superblock ('analyse_superblocks').  Neither of these checks are
sufficient.  The first check is done properly but with insufficient
information about the possible failure state of the devices to make a good
determination if the array can be activated.  The second check is simply
done wrong in the case of RAID10 because it doesn't account for the
independence of the stripes (i.e. mirror sets).  The solution is to use the
properly written check ('validate_rebuild_devices'), but perform the check
after the superblocks have been read and we know which devices have failed.
This gives us one check instead of two and performs it in a location where
it can be done right.

Only RAID10 was affected and it was affected in the following ways:
- the code did not properly catch the condition where a user specified
  a device for rebuild that already had a failed device in the same mirror
  set.  (This condition would, however, be caught at a deeper level in MD.)
- the code triggers a false positive and denies activation when devices in
  independent mirror sets have failed - counting the failures as though they
  were all in the same set.

The most likely place this error was introduced (or this patch should have
been included) is in commit 4ec1e369 - first introduced in v3.7-rc1.
Consequently this fix should also go in v3.7.y, however there is a
small conflict on the .version in raid_target, so I'll submit a
separate patch to -stable.

Cc: stable@vger.kernel.org
Signed-off-by: Jonathan Brassow <jbrassow@redhat.com>
Signed-off-by: NeilBrown <neilb@suse.de>
2013-01-24 12:02:36 +11:00
..
delay.txt dm: delay target 2007-05-09 12:30:47 -07:00
dm-crypt.txt dm crypt: optionally support discard requests 2011-08-02 12:32:08 +01:00
dm-flakey.txt dm flakey: add corrupt_bio_byte feature 2011-08-02 12:32:06 +01:00
dm-io.txt Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
dm-log.txt dm log userspace: fix comment hyphens 2011-10-31 20:21:22 +00:00
dm-queue-length.txt dm mpath: add queue length load balancer 2009-06-22 10:12:27 +01:00
dm-raid.txt DM-RAID: Fix RAID10's check for sufficient redundancy 2013-01-24 12:02:36 +11:00
dm-service-time.txt Fix common misspellings 2011-03-31 11:26:23 -03:00
dm-uevent.txt dm: uevent generate events 2007-10-20 02:01:26 +01:00
kcopyd.txt Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
linear.txt Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
persistent-data.txt Documentation: Fix multiple typo in Documentation 2012-03-07 16:08:24 +01:00
snapshot.txt dm: document when snapshot has finished merging 2010-03-06 02:29:56 +00:00
striped.txt dm stripe: support for non power of 2 chunksize 2012-07-27 15:08:01 +01:00
thin-provisioning.txt dm thin: add read only and fail io modes 2012-07-27 15:08:16 +01:00
verity.txt dm: verity fix documentation 2012-07-03 12:55:41 +01:00
zero.txt Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00