Merge tag 'for-4.21/libata-20190102' of git://git.kernel.dk/linux-block
[sfrench/cifs-2.6.git] / drivers / block / drbd / drbd_nl.c
1 /*
2    drbd_nl.c
3
4    This file is part of DRBD by Philipp Reisner and Lars Ellenberg.
5
6    Copyright (C) 2001-2008, LINBIT Information Technologies GmbH.
7    Copyright (C) 1999-2008, Philipp Reisner <philipp.reisner@linbit.com>.
8    Copyright (C) 2002-2008, Lars Ellenberg <lars.ellenberg@linbit.com>.
9
10    drbd is free software; you can redistribute it and/or modify
11    it under the terms of the GNU General Public License as published by
12    the Free Software Foundation; either version 2, or (at your option)
13    any later version.
14
15    drbd is distributed in the hope that it will be useful,
16    but WITHOUT ANY WARRANTY; without even the implied warranty of
17    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18    GNU General Public License for more details.
19
20    You should have received a copy of the GNU General Public License
21    along with drbd; see the file COPYING.  If not, write to
22    the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
23
24  */
25
26 #define pr_fmt(fmt)     KBUILD_MODNAME ": " fmt
27
28 #include <linux/module.h>
29 #include <linux/drbd.h>
30 #include <linux/in.h>
31 #include <linux/fs.h>
32 #include <linux/file.h>
33 #include <linux/slab.h>
34 #include <linux/blkpg.h>
35 #include <linux/cpumask.h>
36 #include "drbd_int.h"
37 #include "drbd_protocol.h"
38 #include "drbd_req.h"
39 #include "drbd_state_change.h"
40 #include <asm/unaligned.h>
41 #include <linux/drbd_limits.h>
42 #include <linux/kthread.h>
43
44 #include <net/genetlink.h>
45
46 /* .doit */
47 // int drbd_adm_create_resource(struct sk_buff *skb, struct genl_info *info);
48 // int drbd_adm_delete_resource(struct sk_buff *skb, struct genl_info *info);
49
50 int drbd_adm_new_minor(struct sk_buff *skb, struct genl_info *info);
51 int drbd_adm_del_minor(struct sk_buff *skb, struct genl_info *info);
52
53 int drbd_adm_new_resource(struct sk_buff *skb, struct genl_info *info);
54 int drbd_adm_del_resource(struct sk_buff *skb, struct genl_info *info);
55 int drbd_adm_down(struct sk_buff *skb, struct genl_info *info);
56
57 int drbd_adm_set_role(struct sk_buff *skb, struct genl_info *info);
58 int drbd_adm_attach(struct sk_buff *skb, struct genl_info *info);
59 int drbd_adm_disk_opts(struct sk_buff *skb, struct genl_info *info);
60 int drbd_adm_detach(struct sk_buff *skb, struct genl_info *info);
61 int drbd_adm_connect(struct sk_buff *skb, struct genl_info *info);
62 int drbd_adm_net_opts(struct sk_buff *skb, struct genl_info *info);
63 int drbd_adm_resize(struct sk_buff *skb, struct genl_info *info);
64 int drbd_adm_start_ov(struct sk_buff *skb, struct genl_info *info);
65 int drbd_adm_new_c_uuid(struct sk_buff *skb, struct genl_info *info);
66 int drbd_adm_disconnect(struct sk_buff *skb, struct genl_info *info);
67 int drbd_adm_invalidate(struct sk_buff *skb, struct genl_info *info);
68 int drbd_adm_invalidate_peer(struct sk_buff *skb, struct genl_info *info);
69 int drbd_adm_pause_sync(struct sk_buff *skb, struct genl_info *info);
70 int drbd_adm_resume_sync(struct sk_buff *skb, struct genl_info *info);
71 int drbd_adm_suspend_io(struct sk_buff *skb, struct genl_info *info);
72 int drbd_adm_resume_io(struct sk_buff *skb, struct genl_info *info);
73 int drbd_adm_outdate(struct sk_buff *skb, struct genl_info *info);
74 int drbd_adm_resource_opts(struct sk_buff *skb, struct genl_info *info);
75 int drbd_adm_get_status(struct sk_buff *skb, struct genl_info *info);
76 int drbd_adm_get_timeout_type(struct sk_buff *skb, struct genl_info *info);
77 /* .dumpit */
78 int drbd_adm_get_status_all(struct sk_buff *skb, struct netlink_callback *cb);
79 int drbd_adm_dump_resources(struct sk_buff *skb, struct netlink_callback *cb);
80 int drbd_adm_dump_devices(struct sk_buff *skb, struct netlink_callback *cb);
81 int drbd_adm_dump_devices_done(struct netlink_callback *cb);
82 int drbd_adm_dump_connections(struct sk_buff *skb, struct netlink_callback *cb);
83 int drbd_adm_dump_connections_done(struct netlink_callback *cb);
84 int drbd_adm_dump_peer_devices(struct sk_buff *skb, struct netlink_callback *cb);
85 int drbd_adm_dump_peer_devices_done(struct netlink_callback *cb);
86 int drbd_adm_get_initial_state(struct sk_buff *skb, struct netlink_callback *cb);
87
88 #include <linux/drbd_genl_api.h>
89 #include "drbd_nla.h"
90 #include <linux/genl_magic_func.h>
91
92 static atomic_t drbd_genl_seq = ATOMIC_INIT(2); /* two. */
93 static atomic_t notify_genl_seq = ATOMIC_INIT(2); /* two. */
94
95 DEFINE_MUTEX(notification_mutex);
96
97 /* used blkdev_get_by_path, to claim our meta data device(s) */
98 static char *drbd_m_holder = "Hands off! this is DRBD's meta data device.";
99
100 static void drbd_adm_send_reply(struct sk_buff *skb, struct genl_info *info)
101 {
102         genlmsg_end(skb, genlmsg_data(nlmsg_data(nlmsg_hdr(skb))));
103         if (genlmsg_reply(skb, info))
104                 pr_err("error sending genl reply\n");
105 }
106
107 /* Used on a fresh "drbd_adm_prepare"d reply_skb, this cannot fail: The only
108  * reason it could fail was no space in skb, and there are 4k available. */
109 static int drbd_msg_put_info(struct sk_buff *skb, const char *info)
110 {
111         struct nlattr *nla;
112         int err = -EMSGSIZE;
113
114         if (!info || !info[0])
115                 return 0;
116
117         nla = nla_nest_start(skb, DRBD_NLA_CFG_REPLY);
118         if (!nla)
119                 return err;
120
121         err = nla_put_string(skb, T_info_text, info);
122         if (err) {
123                 nla_nest_cancel(skb, nla);
124                 return err;
125         } else
126                 nla_nest_end(skb, nla);
127         return 0;
128 }
129
130 /* This would be a good candidate for a "pre_doit" hook,
131  * and per-family private info->pointers.
132  * But we need to stay compatible with older kernels.
133  * If it returns successfully, adm_ctx members are valid.
134  *
135  * At this point, we still rely on the global genl_lock().
136  * If we want to avoid that, and allow "genl_family.parallel_ops", we may need
137  * to add additional synchronization against object destruction/modification.
138  */
139 #define DRBD_ADM_NEED_MINOR     1
140 #define DRBD_ADM_NEED_RESOURCE  2
141 #define DRBD_ADM_NEED_CONNECTION 4
142 static int drbd_adm_prepare(struct drbd_config_context *adm_ctx,
143         struct sk_buff *skb, struct genl_info *info, unsigned flags)
144 {
145         struct drbd_genlmsghdr *d_in = info->userhdr;
146         const u8 cmd = info->genlhdr->cmd;
147         int err;
148
149         memset(adm_ctx, 0, sizeof(*adm_ctx));
150
151         /* genl_rcv_msg only checks for CAP_NET_ADMIN on "GENL_ADMIN_PERM" :( */
152         if (cmd != DRBD_ADM_GET_STATUS && !capable(CAP_NET_ADMIN))
153                return -EPERM;
154
155         adm_ctx->reply_skb = genlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
156         if (!adm_ctx->reply_skb) {
157                 err = -ENOMEM;
158                 goto fail;
159         }
160
161         adm_ctx->reply_dh = genlmsg_put_reply(adm_ctx->reply_skb,
162                                         info, &drbd_genl_family, 0, cmd);
163         /* put of a few bytes into a fresh skb of >= 4k will always succeed.
164          * but anyways */
165         if (!adm_ctx->reply_dh) {
166                 err = -ENOMEM;
167                 goto fail;
168         }
169
170         adm_ctx->reply_dh->minor = d_in->minor;
171         adm_ctx->reply_dh->ret_code = NO_ERROR;
172
173         adm_ctx->volume = VOLUME_UNSPECIFIED;
174         if (info->attrs[DRBD_NLA_CFG_CONTEXT]) {
175                 struct nlattr *nla;
176                 /* parse and validate only */
177                 err = drbd_cfg_context_from_attrs(NULL, info);
178                 if (err)
179                         goto fail;
180
181                 /* It was present, and valid,
182                  * copy it over to the reply skb. */
183                 err = nla_put_nohdr(adm_ctx->reply_skb,
184                                 info->attrs[DRBD_NLA_CFG_CONTEXT]->nla_len,
185                                 info->attrs[DRBD_NLA_CFG_CONTEXT]);
186                 if (err)
187                         goto fail;
188
189                 /* and assign stuff to the adm_ctx */
190                 nla = nested_attr_tb[__nla_type(T_ctx_volume)];
191                 if (nla)
192                         adm_ctx->volume = nla_get_u32(nla);
193                 nla = nested_attr_tb[__nla_type(T_ctx_resource_name)];
194                 if (nla)
195                         adm_ctx->resource_name = nla_data(nla);
196                 adm_ctx->my_addr = nested_attr_tb[__nla_type(T_ctx_my_addr)];
197                 adm_ctx->peer_addr = nested_attr_tb[__nla_type(T_ctx_peer_addr)];
198                 if ((adm_ctx->my_addr &&
199                      nla_len(adm_ctx->my_addr) > sizeof(adm_ctx->connection->my_addr)) ||
200                     (adm_ctx->peer_addr &&
201                      nla_len(adm_ctx->peer_addr) > sizeof(adm_ctx->connection->peer_addr))) {
202                         err = -EINVAL;
203                         goto fail;
204                 }
205         }
206
207         adm_ctx->minor = d_in->minor;
208         adm_ctx->device = minor_to_device(d_in->minor);
209
210         /* We are protected by the global genl_lock().
211          * But we may explicitly drop it/retake it in drbd_adm_set_role(),
212          * so make sure this object stays around. */
213         if (adm_ctx->device)
214                 kref_get(&adm_ctx->device->kref);
215
216         if (adm_ctx->resource_name) {
217                 adm_ctx->resource = drbd_find_resource(adm_ctx->resource_name);
218         }
219
220         if (!adm_ctx->device && (flags & DRBD_ADM_NEED_MINOR)) {
221                 drbd_msg_put_info(adm_ctx->reply_skb, "unknown minor");
222                 return ERR_MINOR_INVALID;
223         }
224         if (!adm_ctx->resource && (flags & DRBD_ADM_NEED_RESOURCE)) {
225                 drbd_msg_put_info(adm_ctx->reply_skb, "unknown resource");
226                 if (adm_ctx->resource_name)
227                         return ERR_RES_NOT_KNOWN;
228                 return ERR_INVALID_REQUEST;
229         }
230
231         if (flags & DRBD_ADM_NEED_CONNECTION) {
232                 if (adm_ctx->resource) {
233                         drbd_msg_put_info(adm_ctx->reply_skb, "no resource name expected");
234                         return ERR_INVALID_REQUEST;
235                 }
236                 if (adm_ctx->device) {
237                         drbd_msg_put_info(adm_ctx->reply_skb, "no minor number expected");
238                         return ERR_INVALID_REQUEST;
239                 }
240                 if (adm_ctx->my_addr && adm_ctx->peer_addr)
241                         adm_ctx->connection = conn_get_by_addrs(nla_data(adm_ctx->my_addr),
242                                                           nla_len(adm_ctx->my_addr),
243                                                           nla_data(adm_ctx->peer_addr),
244                                                           nla_len(adm_ctx->peer_addr));
245                 if (!adm_ctx->connection) {
246                         drbd_msg_put_info(adm_ctx->reply_skb, "unknown connection");
247                         return ERR_INVALID_REQUEST;
248                 }
249         }
250
251         /* some more paranoia, if the request was over-determined */
252         if (adm_ctx->device && adm_ctx->resource &&
253             adm_ctx->device->resource != adm_ctx->resource) {
254                 pr_warning("request: minor=%u, resource=%s; but that minor belongs to resource %s\n",
255                                 adm_ctx->minor, adm_ctx->resource->name,
256                                 adm_ctx->device->resource->name);
257                 drbd_msg_put_info(adm_ctx->reply_skb, "minor exists in different resource");
258                 return ERR_INVALID_REQUEST;
259         }
260         if (adm_ctx->device &&
261             adm_ctx->volume != VOLUME_UNSPECIFIED &&
262             adm_ctx->volume != adm_ctx->device->vnr) {
263                 pr_warning("request: minor=%u, volume=%u; but that minor is volume %u in %s\n",
264                                 adm_ctx->minor, adm_ctx->volume,
265                                 adm_ctx->device->vnr,
266                                 adm_ctx->device->resource->name);
267                 drbd_msg_put_info(adm_ctx->reply_skb, "minor exists as different volume");
268                 return ERR_INVALID_REQUEST;
269         }
270
271         /* still, provide adm_ctx->resource always, if possible. */
272         if (!adm_ctx->resource) {
273                 adm_ctx->resource = adm_ctx->device ? adm_ctx->device->resource
274                         : adm_ctx->connection ? adm_ctx->connection->resource : NULL;
275                 if (adm_ctx->resource)
276                         kref_get(&adm_ctx->resource->kref);
277         }
278
279         return NO_ERROR;
280
281 fail:
282         nlmsg_free(adm_ctx->reply_skb);
283         adm_ctx->reply_skb = NULL;
284         return err;
285 }
286
287 static int drbd_adm_finish(struct drbd_config_context *adm_ctx,
288         struct genl_info *info, int retcode)
289 {
290         if (adm_ctx->device) {
291                 kref_put(&adm_ctx->device->kref, drbd_destroy_device);
292                 adm_ctx->device = NULL;
293         }
294         if (adm_ctx->connection) {
295                 kref_put(&adm_ctx->connection->kref, &drbd_destroy_connection);
296                 adm_ctx->connection = NULL;
297         }
298         if (adm_ctx->resource) {
299                 kref_put(&adm_ctx->resource->kref, drbd_destroy_resource);
300                 adm_ctx->resource = NULL;
301         }
302
303         if (!adm_ctx->reply_skb)
304                 return -ENOMEM;
305
306         adm_ctx->reply_dh->ret_code = retcode;
307         drbd_adm_send_reply(adm_ctx->reply_skb, info);
308         return 0;
309 }
310
311 static void setup_khelper_env(struct drbd_connection *connection, char **envp)
312 {
313         char *afs;
314
315         /* FIXME: A future version will not allow this case. */
316         if (connection->my_addr_len == 0 || connection->peer_addr_len == 0)
317                 return;
318
319         switch (((struct sockaddr *)&connection->peer_addr)->sa_family) {
320         case AF_INET6:
321                 afs = "ipv6";
322                 snprintf(envp[4], 60, "DRBD_PEER_ADDRESS=%pI6",
323                          &((struct sockaddr_in6 *)&connection->peer_addr)->sin6_addr);
324                 break;
325         case AF_INET:
326                 afs = "ipv4";
327                 snprintf(envp[4], 60, "DRBD_PEER_ADDRESS=%pI4",
328                          &((struct sockaddr_in *)&connection->peer_addr)->sin_addr);
329                 break;
330         default:
331                 afs = "ssocks";
332                 snprintf(envp[4], 60, "DRBD_PEER_ADDRESS=%pI4",
333                          &((struct sockaddr_in *)&connection->peer_addr)->sin_addr);
334         }
335         snprintf(envp[3], 20, "DRBD_PEER_AF=%s", afs);
336 }
337
338 int drbd_khelper(struct drbd_device *device, char *cmd)
339 {
340         char *envp[] = { "HOME=/",
341                         "TERM=linux",
342                         "PATH=/sbin:/usr/sbin:/bin:/usr/bin",
343                          (char[20]) { }, /* address family */
344                          (char[60]) { }, /* address */
345                         NULL };
346         char mb[14];
347         char *argv[] = {drbd_usermode_helper, cmd, mb, NULL };
348         struct drbd_connection *connection = first_peer_device(device)->connection;
349         struct sib_info sib;
350         int ret;
351
352         if (current == connection->worker.task)
353                 set_bit(CALLBACK_PENDING, &connection->flags);
354
355         snprintf(mb, 14, "minor-%d", device_to_minor(device));
356         setup_khelper_env(connection, envp);
357
358         /* The helper may take some time.
359          * write out any unsynced meta data changes now */
360         drbd_md_sync(device);
361
362         drbd_info(device, "helper command: %s %s %s\n", drbd_usermode_helper, cmd, mb);
363         sib.sib_reason = SIB_HELPER_PRE;
364         sib.helper_name = cmd;
365         drbd_bcast_event(device, &sib);
366         notify_helper(NOTIFY_CALL, device, connection, cmd, 0);
367         ret = call_usermodehelper(drbd_usermode_helper, argv, envp, UMH_WAIT_PROC);
368         if (ret)
369                 drbd_warn(device, "helper command: %s %s %s exit code %u (0x%x)\n",
370                                 drbd_usermode_helper, cmd, mb,
371                                 (ret >> 8) & 0xff, ret);
372         else
373                 drbd_info(device, "helper command: %s %s %s exit code %u (0x%x)\n",
374                                 drbd_usermode_helper, cmd, mb,
375                                 (ret >> 8) & 0xff, ret);
376         sib.sib_reason = SIB_HELPER_POST;
377         sib.helper_exit_code = ret;
378         drbd_bcast_event(device, &sib);
379         notify_helper(NOTIFY_RESPONSE, device, connection, cmd, ret);
380
381         if (current == connection->worker.task)
382                 clear_bit(CALLBACK_PENDING, &connection->flags);
383
384         if (ret < 0) /* Ignore any ERRNOs we got. */
385                 ret = 0;
386
387         return ret;
388 }
389
390 enum drbd_peer_state conn_khelper(struct drbd_connection *connection, char *cmd)
391 {
392         char *envp[] = { "HOME=/",
393                         "TERM=linux",
394                         "PATH=/sbin:/usr/sbin:/bin:/usr/bin",
395                          (char[20]) { }, /* address family */
396                          (char[60]) { }, /* address */
397                         NULL };
398         char *resource_name = connection->resource->name;
399         char *argv[] = {drbd_usermode_helper, cmd, resource_name, NULL };
400         int ret;
401
402         setup_khelper_env(connection, envp);
403         conn_md_sync(connection);
404
405         drbd_info(connection, "helper command: %s %s %s\n", drbd_usermode_helper, cmd, resource_name);
406         /* TODO: conn_bcast_event() ?? */
407         notify_helper(NOTIFY_CALL, NULL, connection, cmd, 0);
408
409         ret = call_usermodehelper(drbd_usermode_helper, argv, envp, UMH_WAIT_PROC);
410         if (ret)
411                 drbd_warn(connection, "helper command: %s %s %s exit code %u (0x%x)\n",
412                           drbd_usermode_helper, cmd, resource_name,
413                           (ret >> 8) & 0xff, ret);
414         else
415                 drbd_info(connection, "helper command: %s %s %s exit code %u (0x%x)\n",
416                           drbd_usermode_helper, cmd, resource_name,
417                           (ret >> 8) & 0xff, ret);
418         /* TODO: conn_bcast_event() ?? */
419         notify_helper(NOTIFY_RESPONSE, NULL, connection, cmd, ret);
420
421         if (ret < 0) /* Ignore any ERRNOs we got. */
422                 ret = 0;
423
424         return ret;
425 }
426
427 static enum drbd_fencing_p highest_fencing_policy(struct drbd_connection *connection)
428 {
429         enum drbd_fencing_p fp = FP_NOT_AVAIL;
430         struct drbd_peer_device *peer_device;
431         int vnr;
432
433         rcu_read_lock();
434         idr_for_each_entry(&connection->peer_devices, peer_device, vnr) {
435                 struct drbd_device *device = peer_device->device;
436                 if (get_ldev_if_state(device, D_CONSISTENT)) {
437                         struct disk_conf *disk_conf =
438                                 rcu_dereference(peer_device->device->ldev->disk_conf);
439                         fp = max_t(enum drbd_fencing_p, fp, disk_conf->fencing);
440                         put_ldev(device);
441                 }
442         }
443         rcu_read_unlock();
444
445         return fp;
446 }
447
448 static bool resource_is_supended(struct drbd_resource *resource)
449 {
450         return resource->susp || resource->susp_fen || resource->susp_nod;
451 }
452
453 bool conn_try_outdate_peer(struct drbd_connection *connection)
454 {
455         struct drbd_resource * const resource = connection->resource;
456         unsigned int connect_cnt;
457         union drbd_state mask = { };
458         union drbd_state val = { };
459         enum drbd_fencing_p fp;
460         char *ex_to_string;
461         int r;
462
463         spin_lock_irq(&resource->req_lock);
464         if (connection->cstate >= C_WF_REPORT_PARAMS) {
465                 drbd_err(connection, "Expected cstate < C_WF_REPORT_PARAMS\n");
466                 spin_unlock_irq(&resource->req_lock);
467                 return false;
468         }
469
470         connect_cnt = connection->connect_cnt;
471         spin_unlock_irq(&resource->req_lock);
472
473         fp = highest_fencing_policy(connection);
474         switch (fp) {
475         case FP_NOT_AVAIL:
476                 drbd_warn(connection, "Not fencing peer, I'm not even Consistent myself.\n");
477                 spin_lock_irq(&resource->req_lock);
478                 if (connection->cstate < C_WF_REPORT_PARAMS) {
479                         _conn_request_state(connection,
480                                             (union drbd_state) { { .susp_fen = 1 } },
481                                             (union drbd_state) { { .susp_fen = 0 } },
482                                             CS_VERBOSE | CS_HARD | CS_DC_SUSP);
483                         /* We are no longer suspended due to the fencing policy.
484                          * We may still be suspended due to the on-no-data-accessible policy.
485                          * If that was OND_IO_ERROR, fail pending requests. */
486                         if (!resource_is_supended(resource))
487                                 _tl_restart(connection, CONNECTION_LOST_WHILE_PENDING);
488                 }
489                 /* Else: in case we raced with a connection handshake,
490                  * let the handshake figure out if we maybe can RESEND,
491                  * and do not resume/fail pending requests here.
492                  * Worst case is we stay suspended for now, which may be
493                  * resolved by either re-establishing the replication link, or
494                  * the next link failure, or eventually the administrator.  */
495                 spin_unlock_irq(&resource->req_lock);
496                 return false;
497
498         case FP_DONT_CARE:
499                 return true;
500         default: ;
501         }
502
503         r = conn_khelper(connection, "fence-peer");
504
505         switch ((r>>8) & 0xff) {
506         case P_INCONSISTENT: /* peer is inconsistent */
507                 ex_to_string = "peer is inconsistent or worse";
508                 mask.pdsk = D_MASK;
509                 val.pdsk = D_INCONSISTENT;
510                 break;
511         case P_OUTDATED: /* peer got outdated, or was already outdated */
512                 ex_to_string = "peer was fenced";
513                 mask.pdsk = D_MASK;
514                 val.pdsk = D_OUTDATED;
515                 break;
516         case P_DOWN: /* peer was down */
517                 if (conn_highest_disk(connection) == D_UP_TO_DATE) {
518                         /* we will(have) create(d) a new UUID anyways... */
519                         ex_to_string = "peer is unreachable, assumed to be dead";
520                         mask.pdsk = D_MASK;
521                         val.pdsk = D_OUTDATED;
522                 } else {
523                         ex_to_string = "peer unreachable, doing nothing since disk != UpToDate";
524                 }
525                 break;
526         case P_PRIMARY: /* Peer is primary, voluntarily outdate myself.
527                  * This is useful when an unconnected R_SECONDARY is asked to
528                  * become R_PRIMARY, but finds the other peer being active. */
529                 ex_to_string = "peer is active";
530                 drbd_warn(connection, "Peer is primary, outdating myself.\n");
531                 mask.disk = D_MASK;
532                 val.disk = D_OUTDATED;
533                 break;
534         case P_FENCING:
535                 /* THINK: do we need to handle this
536                  * like case 4, or more like case 5? */
537                 if (fp != FP_STONITH)
538                         drbd_err(connection, "fence-peer() = 7 && fencing != Stonith !!!\n");
539                 ex_to_string = "peer was stonithed";
540                 mask.pdsk = D_MASK;
541                 val.pdsk = D_OUTDATED;
542                 break;
543         default:
544                 /* The script is broken ... */
545                 drbd_err(connection, "fence-peer helper broken, returned %d\n", (r>>8)&0xff);
546                 return false; /* Eventually leave IO frozen */
547         }
548
549         drbd_info(connection, "fence-peer helper returned %d (%s)\n",
550                   (r>>8) & 0xff, ex_to_string);
551
552         /* Not using
553            conn_request_state(connection, mask, val, CS_VERBOSE);
554            here, because we might were able to re-establish the connection in the
555            meantime. */
556         spin_lock_irq(&resource->req_lock);
557         if (connection->cstate < C_WF_REPORT_PARAMS && !test_bit(STATE_SENT, &connection->flags)) {
558                 if (connection->connect_cnt != connect_cnt)
559                         /* In case the connection was established and droped
560                            while the fence-peer handler was running, ignore it */
561                         drbd_info(connection, "Ignoring fence-peer exit code\n");
562                 else
563                         _conn_request_state(connection, mask, val, CS_VERBOSE);
564         }
565         spin_unlock_irq(&resource->req_lock);
566
567         return conn_highest_pdsk(connection) <= D_OUTDATED;
568 }
569
570 static int _try_outdate_peer_async(void *data)
571 {
572         struct drbd_connection *connection = (struct drbd_connection *)data;
573
574         conn_try_outdate_peer(connection);
575
576         kref_put(&connection->kref, drbd_destroy_connection);
577         return 0;
578 }
579
580 void conn_try_outdate_peer_async(struct drbd_connection *connection)
581 {
582         struct task_struct *opa;
583
584         kref_get(&connection->kref);
585         /* We may just have force_sig()'ed this thread
586          * to get it out of some blocking network function.
587          * Clear signals; otherwise kthread_run(), which internally uses
588          * wait_on_completion_killable(), will mistake our pending signal
589          * for a new fatal signal and fail. */
590         flush_signals(current);
591         opa = kthread_run(_try_outdate_peer_async, connection, "drbd_async_h");
592         if (IS_ERR(opa)) {
593                 drbd_err(connection, "out of mem, failed to invoke fence-peer helper\n");
594                 kref_put(&connection->kref, drbd_destroy_connection);
595         }
596 }
597
598 enum drbd_state_rv
599 drbd_set_role(struct drbd_device *const device, enum drbd_role new_role, int force)
600 {
601         struct drbd_peer_device *const peer_device = first_peer_device(device);
602         struct drbd_connection *const connection = peer_device ? peer_device->connection : NULL;
603         const int max_tries = 4;
604         enum drbd_state_rv rv = SS_UNKNOWN_ERROR;
605         struct net_conf *nc;
606         int try = 0;
607         int forced = 0;
608         union drbd_state mask, val;
609
610         if (new_role == R_PRIMARY) {
611                 struct drbd_connection *connection;
612
613                 /* Detect dead peers as soon as possible.  */
614
615                 rcu_read_lock();
616                 for_each_connection(connection, device->resource)
617                         request_ping(connection);
618                 rcu_read_unlock();
619         }
620
621         mutex_lock(device->state_mutex);
622
623         mask.i = 0; mask.role = R_MASK;
624         val.i  = 0; val.role  = new_role;
625
626         while (try++ < max_tries) {
627                 rv = _drbd_request_state_holding_state_mutex(device, mask, val, CS_WAIT_COMPLETE);
628
629                 /* in case we first succeeded to outdate,
630                  * but now suddenly could establish a connection */
631                 if (rv == SS_CW_FAILED_BY_PEER && mask.pdsk != 0) {
632                         val.pdsk = 0;
633                         mask.pdsk = 0;
634                         continue;
635                 }
636
637                 if (rv == SS_NO_UP_TO_DATE_DISK && force &&
638                     (device->state.disk < D_UP_TO_DATE &&
639                      device->state.disk >= D_INCONSISTENT)) {
640                         mask.disk = D_MASK;
641                         val.disk  = D_UP_TO_DATE;
642                         forced = 1;
643                         continue;
644                 }
645
646                 if (rv == SS_NO_UP_TO_DATE_DISK &&
647                     device->state.disk == D_CONSISTENT && mask.pdsk == 0) {
648                         D_ASSERT(device, device->state.pdsk == D_UNKNOWN);
649
650                         if (conn_try_outdate_peer(connection)) {
651                                 val.disk = D_UP_TO_DATE;
652                                 mask.disk = D_MASK;
653                         }
654                         continue;
655                 }
656
657                 if (rv == SS_NOTHING_TO_DO)
658                         goto out;
659                 if (rv == SS_PRIMARY_NOP && mask.pdsk == 0) {
660                         if (!conn_try_outdate_peer(connection) && force) {
661                                 drbd_warn(device, "Forced into split brain situation!\n");
662                                 mask.pdsk = D_MASK;
663                                 val.pdsk  = D_OUTDATED;
664
665                         }
666                         continue;
667                 }
668                 if (rv == SS_TWO_PRIMARIES) {
669                         /* Maybe the peer is detected as dead very soon...
670                            retry at most once more in this case. */
671                         int timeo;
672                         rcu_read_lock();
673                         nc = rcu_dereference(connection->net_conf);
674                         timeo = nc ? (nc->ping_timeo + 1) * HZ / 10 : 1;
675                         rcu_read_unlock();
676                         schedule_timeout_interruptible(timeo);
677                         if (try < max_tries)
678                                 try = max_tries - 1;
679                         continue;
680                 }
681                 if (rv < SS_SUCCESS) {
682                         rv = _drbd_request_state(device, mask, val,
683                                                 CS_VERBOSE + CS_WAIT_COMPLETE);
684                         if (rv < SS_SUCCESS)
685                                 goto out;
686                 }
687                 break;
688         }
689
690         if (rv < SS_SUCCESS)
691                 goto out;
692
693         if (forced)
694                 drbd_warn(device, "Forced to consider local data as UpToDate!\n");
695
696         /* Wait until nothing is on the fly :) */
697         wait_event(device->misc_wait, atomic_read(&device->ap_pending_cnt) == 0);
698
699         /* FIXME also wait for all pending P_BARRIER_ACK? */
700
701         if (new_role == R_SECONDARY) {
702                 if (get_ldev(device)) {
703                         device->ldev->md.uuid[UI_CURRENT] &= ~(u64)1;
704                         put_ldev(device);
705                 }
706         } else {
707                 mutex_lock(&device->resource->conf_update);
708                 nc = connection->net_conf;
709                 if (nc)
710                         nc->discard_my_data = 0; /* without copy; single bit op is atomic */
711                 mutex_unlock(&device->resource->conf_update);
712
713                 if (get_ldev(device)) {
714                         if (((device->state.conn < C_CONNECTED ||
715                                device->state.pdsk <= D_FAILED)
716                               && device->ldev->md.uuid[UI_BITMAP] == 0) || forced)
717                                 drbd_uuid_new_current(device);
718
719                         device->ldev->md.uuid[UI_CURRENT] |=  (u64)1;
720                         put_ldev(device);
721                 }
722         }
723
724         /* writeout of activity log covered areas of the bitmap
725          * to stable storage done in after state change already */
726
727         if (device->state.conn >= C_WF_REPORT_PARAMS) {
728                 /* if this was forced, we should consider sync */
729                 if (forced)
730                         drbd_send_uuids(peer_device);
731                 drbd_send_current_state(peer_device);
732         }
733
734         drbd_md_sync(device);
735         set_disk_ro(device->vdisk, new_role == R_SECONDARY);
736         kobject_uevent(&disk_to_dev(device->vdisk)->kobj, KOBJ_CHANGE);
737 out:
738         mutex_unlock(device->state_mutex);
739         return rv;
740 }
741
742 static const char *from_attrs_err_to_txt(int err)
743 {
744         return  err == -ENOMSG ? "required attribute missing" :
745                 err == -EOPNOTSUPP ? "unknown mandatory attribute" :
746                 err == -EEXIST ? "can not change invariant setting" :
747                 "invalid attribute value";
748 }
749
750 int drbd_adm_set_role(struct sk_buff *skb, struct genl_info *info)
751 {
752         struct drbd_config_context adm_ctx;
753         struct set_role_parms parms;
754         int err;
755         enum drbd_ret_code retcode;
756
757         retcode = drbd_adm_prepare(&adm_ctx, skb, info, DRBD_ADM_NEED_MINOR);
758         if (!adm_ctx.reply_skb)
759                 return retcode;
760         if (retcode != NO_ERROR)
761                 goto out;
762
763         memset(&parms, 0, sizeof(parms));
764         if (info->attrs[DRBD_NLA_SET_ROLE_PARMS]) {
765                 err = set_role_parms_from_attrs(&parms, info);
766                 if (err) {
767                         retcode = ERR_MANDATORY_TAG;
768                         drbd_msg_put_info(adm_ctx.reply_skb, from_attrs_err_to_txt(err));
769                         goto out;
770                 }
771         }
772         genl_unlock();
773         mutex_lock(&adm_ctx.resource->adm_mutex);
774
775         if (info->genlhdr->cmd == DRBD_ADM_PRIMARY)
776                 retcode = drbd_set_role(adm_ctx.device, R_PRIMARY, parms.assume_uptodate);
777         else
778                 retcode = drbd_set_role(adm_ctx.device, R_SECONDARY, 0);
779
780         mutex_unlock(&adm_ctx.resource->adm_mutex);
781         genl_lock();
782 out:
783         drbd_adm_finish(&adm_ctx, info, retcode);
784         return 0;
785 }
786
787 /* Initializes the md.*_offset members, so we are able to find
788  * the on disk meta data.
789  *
790  * We currently have two possible layouts:
791  * external:
792  *   |----------- md_size_sect ------------------|
793  *   [ 4k superblock ][ activity log ][  Bitmap  ]
794  *   | al_offset == 8 |
795  *   | bm_offset = al_offset + X      |
796  *  ==> bitmap sectors = md_size_sect - bm_offset
797  *
798  * internal:
799  *            |----------- md_size_sect ------------------|
800  * [data.....][  Bitmap  ][ activity log ][ 4k superblock ]
801  *                        | al_offset < 0 |
802  *            | bm_offset = al_offset - Y |
803  *  ==> bitmap sectors = Y = al_offset - bm_offset
804  *
805  *  Activity log size used to be fixed 32kB,
806  *  but is about to become configurable.
807  */
808 static void drbd_md_set_sector_offsets(struct drbd_device *device,
809                                        struct drbd_backing_dev *bdev)
810 {
811         sector_t md_size_sect = 0;
812         unsigned int al_size_sect = bdev->md.al_size_4k * 8;
813
814         bdev->md.md_offset = drbd_md_ss(bdev);
815
816         switch (bdev->md.meta_dev_idx) {
817         default:
818                 /* v07 style fixed size indexed meta data */
819                 bdev->md.md_size_sect = MD_128MB_SECT;
820                 bdev->md.al_offset = MD_4kB_SECT;
821                 bdev->md.bm_offset = MD_4kB_SECT + al_size_sect;
822                 break;
823         case DRBD_MD_INDEX_FLEX_EXT:
824                 /* just occupy the full device; unit: sectors */
825                 bdev->md.md_size_sect = drbd_get_capacity(bdev->md_bdev);
826                 bdev->md.al_offset = MD_4kB_SECT;
827                 bdev->md.bm_offset = MD_4kB_SECT + al_size_sect;
828                 break;
829         case DRBD_MD_INDEX_INTERNAL:
830         case DRBD_MD_INDEX_FLEX_INT:
831                 /* al size is still fixed */
832                 bdev->md.al_offset = -al_size_sect;
833                 /* we need (slightly less than) ~ this much bitmap sectors: */
834                 md_size_sect = drbd_get_capacity(bdev->backing_bdev);
835                 md_size_sect = ALIGN(md_size_sect, BM_SECT_PER_EXT);
836                 md_size_sect = BM_SECT_TO_EXT(md_size_sect);
837                 md_size_sect = ALIGN(md_size_sect, 8);
838
839                 /* plus the "drbd meta data super block",
840                  * and the activity log; */
841                 md_size_sect += MD_4kB_SECT + al_size_sect;
842
843                 bdev->md.md_size_sect = md_size_sect;
844                 /* bitmap offset is adjusted by 'super' block size */
845                 bdev->md.bm_offset   = -md_size_sect + MD_4kB_SECT;
846                 break;
847         }
848 }
849
850 /* input size is expected to be in KB */
851 char *ppsize(char *buf, unsigned long long size)
852 {
853         /* Needs 9 bytes at max including trailing NUL:
854          * -1ULL ==> "16384 EB" */
855         static char units[] = { 'K', 'M', 'G', 'T', 'P', 'E' };
856         int base = 0;
857         while (size >= 10000 && base < sizeof(units)-1) {
858                 /* shift + round */
859                 size = (size >> 10) + !!(size & (1<<9));
860                 base++;
861         }
862         sprintf(buf, "%u %cB", (unsigned)size, units[base]);
863
864         return buf;
865 }
866
867 /* there is still a theoretical deadlock when called from receiver
868  * on an D_INCONSISTENT R_PRIMARY:
869  *  remote READ does inc_ap_bio, receiver would need to receive answer
870  *  packet from remote to dec_ap_bio again.
871  *  receiver receive_sizes(), comes here,
872  *  waits for ap_bio_cnt == 0. -> deadlock.
873  * but this cannot happen, actually, because:
874  *  R_PRIMARY D_INCONSISTENT, and peer's disk is unreachable
875  *  (not connected, or bad/no disk on peer):
876  *  see drbd_fail_request_early, ap_bio_cnt is zero.
877  *  R_PRIMARY D_INCONSISTENT, and C_SYNC_TARGET:
878  *  peer may not initiate a resize.
879  */
880 /* Note these are not to be confused with
881  * drbd_adm_suspend_io/drbd_adm_resume_io,
882  * which are (sub) state changes triggered by admin (drbdsetup),
883  * and can be long lived.
884  * This changes an device->flag, is triggered by drbd internals,
885  * and should be short-lived. */
886 /* It needs to be a counter, since multiple threads might
887    independently suspend and resume IO. */
888 void drbd_suspend_io(struct drbd_device *device)
889 {
890         atomic_inc(&device->suspend_cnt);
891         if (drbd_suspended(device))
892                 return;
893         wait_event(device->misc_wait, !atomic_read(&device->ap_bio_cnt));
894 }
895
896 void drbd_resume_io(struct drbd_device *device)
897 {
898         if (atomic_dec_and_test(&device->suspend_cnt))
899                 wake_up(&device->misc_wait);
900 }
901
902 /**
903  * drbd_determine_dev_size() -  Sets the right device size obeying all constraints
904  * @device:     DRBD device.
905  *
906  * Returns 0 on success, negative return values indicate errors.
907  * You should call drbd_md_sync() after calling this function.
908  */
909 enum determine_dev_size
910 drbd_determine_dev_size(struct drbd_device *device, enum dds_flags flags, struct resize_parms *rs) __must_hold(local)
911 {
912         struct md_offsets_and_sizes {
913                 u64 last_agreed_sect;
914                 u64 md_offset;
915                 s32 al_offset;
916                 s32 bm_offset;
917                 u32 md_size_sect;
918
919                 u32 al_stripes;
920                 u32 al_stripe_size_4k;
921         } prev;
922         sector_t u_size, size;
923         struct drbd_md *md = &device->ldev->md;
924         char ppb[10];
925         void *buffer;
926
927         int md_moved, la_size_changed;
928         enum determine_dev_size rv = DS_UNCHANGED;
929
930         /* We may change the on-disk offsets of our meta data below.  Lock out
931          * anything that may cause meta data IO, to avoid acting on incomplete
932          * layout changes or scribbling over meta data that is in the process
933          * of being moved.
934          *
935          * Move is not exactly correct, btw, currently we have all our meta
936          * data in core memory, to "move" it we just write it all out, there
937          * are no reads. */
938         drbd_suspend_io(device);
939         buffer = drbd_md_get_buffer(device, __func__); /* Lock meta-data IO */
940         if (!buffer) {
941                 drbd_resume_io(device);
942                 return DS_ERROR;
943         }
944
945         /* remember current offset and sizes */
946         prev.last_agreed_sect = md->la_size_sect;
947         prev.md_offset = md->md_offset;
948         prev.al_offset = md->al_offset;
949         prev.bm_offset = md->bm_offset;
950         prev.md_size_sect = md->md_size_sect;
951         prev.al_stripes = md->al_stripes;
952         prev.al_stripe_size_4k = md->al_stripe_size_4k;
953
954         if (rs) {
955                 /* rs is non NULL if we should change the AL layout only */
956                 md->al_stripes = rs->al_stripes;
957                 md->al_stripe_size_4k = rs->al_stripe_size / 4;
958                 md->al_size_4k = (u64)rs->al_stripes * rs->al_stripe_size / 4;
959         }
960
961         drbd_md_set_sector_offsets(device, device->ldev);
962
963         rcu_read_lock();
964         u_size = rcu_dereference(device->ldev->disk_conf)->disk_size;
965         rcu_read_unlock();
966         size = drbd_new_dev_size(device, device->ldev, u_size, flags & DDSF_FORCED);
967
968         if (size < prev.last_agreed_sect) {
969                 if (rs && u_size == 0) {
970                         /* Remove "rs &&" later. This check should always be active, but
971                            right now the receiver expects the permissive behavior */
972                         drbd_warn(device, "Implicit shrink not allowed. "
973                                  "Use --size=%llus for explicit shrink.\n",
974                                  (unsigned long long)size);
975                         rv = DS_ERROR_SHRINK;
976                 }
977                 if (u_size > size)
978                         rv = DS_ERROR_SPACE_MD;
979                 if (rv != DS_UNCHANGED)
980                         goto err_out;
981         }
982
983         if (drbd_get_capacity(device->this_bdev) != size ||
984             drbd_bm_capacity(device) != size) {
985                 int err;
986                 err = drbd_bm_resize(device, size, !(flags & DDSF_NO_RESYNC));
987                 if (unlikely(err)) {
988                         /* currently there is only one error: ENOMEM! */
989                         size = drbd_bm_capacity(device);
990                         if (size == 0) {
991                                 drbd_err(device, "OUT OF MEMORY! "
992                                     "Could not allocate bitmap!\n");
993                         } else {
994                                 drbd_err(device, "BM resizing failed. "
995                                     "Leaving size unchanged\n");
996                         }
997                         rv = DS_ERROR;
998                 }
999                 /* racy, see comments above. */
1000                 drbd_set_my_capacity(device, size);
1001                 md->la_size_sect = size;
1002                 drbd_info(device, "size = %s (%llu KB)\n", ppsize(ppb, size>>1),
1003                      (unsigned long long)size>>1);
1004         }
1005         if (rv <= DS_ERROR)
1006                 goto err_out;
1007
1008         la_size_changed = (prev.last_agreed_sect != md->la_size_sect);
1009
1010         md_moved = prev.md_offset    != md->md_offset
1011                 || prev.md_size_sect != md->md_size_sect;
1012
1013         if (la_size_changed || md_moved || rs) {
1014                 u32 prev_flags;
1015
1016                 /* We do some synchronous IO below, which may take some time.
1017                  * Clear the timer, to avoid scary "timer expired!" messages,
1018                  * "Superblock" is written out at least twice below, anyways. */
1019                 del_timer(&device->md_sync_timer);
1020
1021                 /* We won't change the "al-extents" setting, we just may need
1022                  * to move the on-disk location of the activity log ringbuffer.
1023                  * Lock for transaction is good enough, it may well be "dirty"
1024                  * or even "starving". */
1025                 wait_event(device->al_wait, lc_try_lock_for_transaction(device->act_log));
1026
1027                 /* mark current on-disk bitmap and activity log as unreliable */
1028                 prev_flags = md->flags;
1029                 md->flags |= MDF_FULL_SYNC | MDF_AL_DISABLED;
1030                 drbd_md_write(device, buffer);
1031
1032                 drbd_al_initialize(device, buffer);
1033
1034                 drbd_info(device, "Writing the whole bitmap, %s\n",
1035                          la_size_changed && md_moved ? "size changed and md moved" :
1036                          la_size_changed ? "size changed" : "md moved");
1037                 /* next line implicitly does drbd_suspend_io()+drbd_resume_io() */
1038                 drbd_bitmap_io(device, md_moved ? &drbd_bm_write_all : &drbd_bm_write,
1039                                "size changed", BM_LOCKED_MASK);
1040
1041                 /* on-disk bitmap and activity log is authoritative again
1042                  * (unless there was an IO error meanwhile...) */
1043                 md->flags = prev_flags;
1044                 drbd_md_write(device, buffer);
1045
1046                 if (rs)
1047                         drbd_info(device, "Changed AL layout to al-stripes = %d, al-stripe-size-kB = %d\n",
1048                                   md->al_stripes, md->al_stripe_size_4k * 4);
1049         }
1050
1051         if (size > prev.last_agreed_sect)
1052                 rv = prev.last_agreed_sect ? DS_GREW : DS_GREW_FROM_ZERO;
1053         if (size < prev.last_agreed_sect)
1054                 rv = DS_SHRUNK;
1055
1056         if (0) {
1057         err_out:
1058                 /* restore previous offset and sizes */
1059                 md->la_size_sect = prev.last_agreed_sect;
1060                 md->md_offset = prev.md_offset;
1061                 md->al_offset = prev.al_offset;
1062                 md->bm_offset = prev.bm_offset;
1063                 md->md_size_sect = prev.md_size_sect;
1064                 md->al_stripes = prev.al_stripes;
1065                 md->al_stripe_size_4k = prev.al_stripe_size_4k;
1066                 md->al_size_4k = (u64)prev.al_stripes * prev.al_stripe_size_4k;
1067         }
1068         lc_unlock(device->act_log);
1069         wake_up(&device->al_wait);
1070         drbd_md_put_buffer(device);
1071         drbd_resume_io(device);
1072
1073         return rv;
1074 }
1075
1076 sector_t
1077 drbd_new_dev_size(struct drbd_device *device, struct drbd_backing_dev *bdev,
1078                   sector_t u_size, int assume_peer_has_space)
1079 {
1080         sector_t p_size = device->p_size;   /* partner's disk size. */
1081         sector_t la_size_sect = bdev->md.la_size_sect; /* last agreed size. */
1082         sector_t m_size; /* my size */
1083         sector_t size = 0;
1084
1085         m_size = drbd_get_max_capacity(bdev);
1086
1087         if (device->state.conn < C_CONNECTED && assume_peer_has_space) {
1088                 drbd_warn(device, "Resize while not connected was forced by the user!\n");
1089                 p_size = m_size;
1090         }
1091
1092         if (p_size && m_size) {
1093                 size = min_t(sector_t, p_size, m_size);
1094         } else {
1095                 if (la_size_sect) {
1096                         size = la_size_sect;
1097                         if (m_size && m_size < size)
1098                                 size = m_size;
1099                         if (p_size && p_size < size)
1100                                 size = p_size;
1101                 } else {
1102                         if (m_size)
1103                                 size = m_size;
1104                         if (p_size)
1105                                 size = p_size;
1106                 }
1107         }
1108
1109         if (size == 0)
1110                 drbd_err(device, "Both nodes diskless!\n");
1111
1112         if (u_size) {
1113                 if (u_size > size)
1114                         drbd_err(device, "Requested disk size is too big (%lu > %lu)\n",
1115                             (unsigned long)u_size>>1, (unsigned long)size>>1);
1116                 else
1117                         size = u_size;
1118         }
1119
1120         return size;
1121 }
1122
1123 /**
1124  * drbd_check_al_size() - Ensures that the AL is of the right size
1125  * @device:     DRBD device.
1126  *
1127  * Returns -EBUSY if current al lru is still used, -ENOMEM when allocation
1128  * failed, and 0 on success. You should call drbd_md_sync() after you called
1129  * this function.
1130  */
1131 static int drbd_check_al_size(struct drbd_device *device, struct disk_conf *dc)
1132 {
1133         struct lru_cache *n, *t;
1134         struct lc_element *e;
1135         unsigned int in_use;
1136         int i;
1137
1138         if (device->act_log &&
1139             device->act_log->nr_elements == dc->al_extents)
1140                 return 0;
1141
1142         in_use = 0;
1143         t = device->act_log;
1144         n = lc_create("act_log", drbd_al_ext_cache, AL_UPDATES_PER_TRANSACTION,
1145                 dc->al_extents, sizeof(struct lc_element), 0);
1146
1147         if (n == NULL) {
1148                 drbd_err(device, "Cannot allocate act_log lru!\n");
1149                 return -ENOMEM;
1150         }
1151         spin_lock_irq(&device->al_lock);
1152         if (t) {
1153                 for (i = 0; i < t->nr_elements; i++) {
1154                         e = lc_element_by_index(t, i);
1155                         if (e->refcnt)
1156                                 drbd_err(device, "refcnt(%d)==%d\n",
1157                                     e->lc_number, e->refcnt);
1158                         in_use += e->refcnt;
1159                 }
1160         }
1161         if (!in_use)
1162                 device->act_log = n;
1163         spin_unlock_irq(&device->al_lock);
1164         if (in_use) {
1165                 drbd_err(device, "Activity log still in use!\n");
1166                 lc_destroy(n);
1167                 return -EBUSY;
1168         } else {
1169                 lc_destroy(t);
1170         }
1171         drbd_md_mark_dirty(device); /* we changed device->act_log->nr_elemens */
1172         return 0;
1173 }
1174
1175 static void blk_queue_discard_granularity(struct request_queue *q, unsigned int granularity)
1176 {
1177         q->limits.discard_granularity = granularity;
1178 }
1179
1180 static unsigned int drbd_max_discard_sectors(struct drbd_connection *connection)
1181 {
1182         /* when we introduced REQ_WRITE_SAME support, we also bumped
1183          * our maximum supported batch bio size used for discards. */
1184         if (connection->agreed_features & DRBD_FF_WSAME)
1185                 return DRBD_MAX_BBIO_SECTORS;
1186         /* before, with DRBD <= 8.4.6, we only allowed up to one AL_EXTENT_SIZE. */
1187         return AL_EXTENT_SIZE >> 9;
1188 }
1189
1190 static void decide_on_discard_support(struct drbd_device *device,
1191                         struct request_queue *q,
1192                         struct request_queue *b,
1193                         bool discard_zeroes_if_aligned)
1194 {
1195         /* q = drbd device queue (device->rq_queue)
1196          * b = backing device queue (device->ldev->backing_bdev->bd_disk->queue),
1197          *     or NULL if diskless
1198          */
1199         struct drbd_connection *connection = first_peer_device(device)->connection;
1200         bool can_do = b ? blk_queue_discard(b) : true;
1201
1202         if (can_do && connection->cstate >= C_CONNECTED && !(connection->agreed_features & DRBD_FF_TRIM)) {
1203                 can_do = false;
1204                 drbd_info(connection, "peer DRBD too old, does not support TRIM: disabling discards\n");
1205         }
1206         if (can_do) {
1207                 /* We don't care for the granularity, really.
1208                  * Stacking limits below should fix it for the local
1209                  * device.  Whether or not it is a suitable granularity
1210                  * on the remote device is not our problem, really. If
1211                  * you care, you need to use devices with similar
1212                  * topology on all peers. */
1213                 blk_queue_discard_granularity(q, 512);
1214                 q->limits.max_discard_sectors = drbd_max_discard_sectors(connection);
1215                 blk_queue_flag_set(QUEUE_FLAG_DISCARD, q);
1216                 q->limits.max_write_zeroes_sectors = drbd_max_discard_sectors(connection);
1217         } else {
1218                 blk_queue_flag_clear(QUEUE_FLAG_DISCARD, q);
1219                 blk_queue_discard_granularity(q, 0);
1220                 q->limits.max_discard_sectors = 0;
1221                 q->limits.max_write_zeroes_sectors = 0;
1222         }
1223 }
1224
1225 static void fixup_discard_if_not_supported(struct request_queue *q)
1226 {
1227         /* To avoid confusion, if this queue does not support discard, clear
1228          * max_discard_sectors, which is what lsblk -D reports to the user.
1229          * Older kernels got this wrong in "stack limits".
1230          * */
1231         if (!blk_queue_discard(q)) {
1232                 blk_queue_max_discard_sectors(q, 0);
1233                 blk_queue_discard_granularity(q, 0);
1234         }
1235 }
1236
1237 static void decide_on_write_same_support(struct drbd_device *device,
1238                         struct request_queue *q,
1239                         struct request_queue *b, struct o_qlim *o,
1240                         bool disable_write_same)
1241 {
1242         struct drbd_peer_device *peer_device = first_peer_device(device);
1243         struct drbd_connection *connection = peer_device->connection;
1244         bool can_do = b ? b->limits.max_write_same_sectors : true;
1245
1246         if (can_do && disable_write_same) {
1247                 can_do = false;
1248                 drbd_info(peer_device, "WRITE_SAME disabled by config\n");
1249         }
1250
1251         if (can_do && connection->cstate >= C_CONNECTED && !(connection->agreed_features & DRBD_FF_WSAME)) {
1252                 can_do = false;
1253                 drbd_info(peer_device, "peer does not support WRITE_SAME\n");
1254         }
1255
1256         if (o) {
1257                 /* logical block size; queue_logical_block_size(NULL) is 512 */
1258                 unsigned int peer_lbs = be32_to_cpu(o->logical_block_size);
1259                 unsigned int me_lbs_b = queue_logical_block_size(b);
1260                 unsigned int me_lbs = queue_logical_block_size(q);
1261
1262                 if (me_lbs_b != me_lbs) {
1263                         drbd_warn(device,
1264                                 "logical block size of local backend does not match (drbd:%u, backend:%u); was this a late attach?\n",
1265                                 me_lbs, me_lbs_b);
1266                         /* rather disable write same than trigger some BUG_ON later in the scsi layer. */
1267                         can_do = false;
1268                 }
1269                 if (me_lbs_b != peer_lbs) {
1270                         drbd_warn(peer_device, "logical block sizes do not match (me:%u, peer:%u); this may cause problems.\n",
1271                                 me_lbs, peer_lbs);
1272                         if (can_do) {
1273                                 drbd_dbg(peer_device, "logical block size mismatch: WRITE_SAME disabled.\n");
1274                                 can_do = false;
1275                         }
1276                         me_lbs = max(me_lbs, me_lbs_b);
1277                         /* We cannot change the logical block size of an in-use queue.
1278                          * We can only hope that access happens to be properly aligned.
1279                          * If not, the peer will likely produce an IO error, and detach. */
1280                         if (peer_lbs > me_lbs) {
1281                                 if (device->state.role != R_PRIMARY) {
1282                                         blk_queue_logical_block_size(q, peer_lbs);
1283                                         drbd_warn(peer_device, "logical block size set to %u\n", peer_lbs);
1284                                 } else {
1285                                         drbd_warn(peer_device,
1286                                                 "current Primary must NOT adjust logical block size (%u -> %u); hope for the best.\n",
1287                                                 me_lbs, peer_lbs);
1288                                 }
1289                         }
1290                 }
1291                 if (can_do && !o->write_same_capable) {
1292                         /* If we introduce an open-coded write-same loop on the receiving side,
1293                          * the peer would present itself as "capable". */
1294                         drbd_dbg(peer_device, "WRITE_SAME disabled (peer device not capable)\n");
1295                         can_do = false;
1296                 }
1297         }
1298
1299         blk_queue_max_write_same_sectors(q, can_do ? DRBD_MAX_BBIO_SECTORS : 0);
1300 }
1301
1302 static void drbd_setup_queue_param(struct drbd_device *device, struct drbd_backing_dev *bdev,
1303                                    unsigned int max_bio_size, struct o_qlim *o)
1304 {
1305         struct request_queue * const q = device->rq_queue;
1306         unsigned int max_hw_sectors = max_bio_size >> 9;
1307         unsigned int max_segments = 0;
1308         struct request_queue *b = NULL;
1309         struct disk_conf *dc;
1310         bool discard_zeroes_if_aligned = true;
1311         bool disable_write_same = false;
1312
1313         if (bdev) {
1314                 b = bdev->backing_bdev->bd_disk->queue;
1315
1316                 max_hw_sectors = min(queue_max_hw_sectors(b), max_bio_size >> 9);
1317                 rcu_read_lock();
1318                 dc = rcu_dereference(device->ldev->disk_conf);
1319                 max_segments = dc->max_bio_bvecs;
1320                 discard_zeroes_if_aligned = dc->discard_zeroes_if_aligned;
1321                 disable_write_same = dc->disable_write_same;
1322                 rcu_read_unlock();
1323
1324                 blk_set_stacking_limits(&q->limits);
1325         }
1326
1327         blk_queue_max_hw_sectors(q, max_hw_sectors);
1328         /* This is the workaround for "bio would need to, but cannot, be split" */
1329         blk_queue_max_segments(q, max_segments ? max_segments : BLK_MAX_SEGMENTS);
1330         blk_queue_segment_boundary(q, PAGE_SIZE-1);
1331         decide_on_discard_support(device, q, b, discard_zeroes_if_aligned);
1332         decide_on_write_same_support(device, q, b, o, disable_write_same);
1333
1334         if (b) {
1335                 blk_queue_stack_limits(q, b);
1336
1337                 if (q->backing_dev_info->ra_pages !=
1338                     b->backing_dev_info->ra_pages) {
1339                         drbd_info(device, "Adjusting my ra_pages to backing device's (%lu -> %lu)\n",
1340                                  q->backing_dev_info->ra_pages,
1341                                  b->backing_dev_info->ra_pages);
1342                         q->backing_dev_info->ra_pages =
1343                                                 b->backing_dev_info->ra_pages;
1344                 }
1345         }
1346         fixup_discard_if_not_supported(q);
1347 }
1348
1349 void drbd_reconsider_queue_parameters(struct drbd_device *device, struct drbd_backing_dev *bdev, struct o_qlim *o)
1350 {
1351         unsigned int now, new, local, peer;
1352
1353         now = queue_max_hw_sectors(device->rq_queue) << 9;
1354         local = device->local_max_bio_size; /* Eventually last known value, from volatile memory */
1355         peer = device->peer_max_bio_size; /* Eventually last known value, from meta data */
1356
1357         if (bdev) {
1358                 local = queue_max_hw_sectors(bdev->backing_bdev->bd_disk->queue) << 9;
1359                 device->local_max_bio_size = local;
1360         }
1361         local = min(local, DRBD_MAX_BIO_SIZE);
1362
1363         /* We may ignore peer limits if the peer is modern enough.
1364            Because new from 8.3.8 onwards the peer can use multiple
1365            BIOs for a single peer_request */
1366         if (device->state.conn >= C_WF_REPORT_PARAMS) {
1367                 if (first_peer_device(device)->connection->agreed_pro_version < 94)
1368                         peer = min(device->peer_max_bio_size, DRBD_MAX_SIZE_H80_PACKET);
1369                         /* Correct old drbd (up to 8.3.7) if it believes it can do more than 32KiB */
1370                 else if (first_peer_device(device)->connection->agreed_pro_version == 94)
1371                         peer = DRBD_MAX_SIZE_H80_PACKET;
1372                 else if (first_peer_device(device)->connection->agreed_pro_version < 100)
1373                         peer = DRBD_MAX_BIO_SIZE_P95;  /* drbd 8.3.8 onwards, before 8.4.0 */
1374                 else
1375                         peer = DRBD_MAX_BIO_SIZE;
1376
1377                 /* We may later detach and re-attach on a disconnected Primary.
1378                  * Avoid this setting to jump back in that case.
1379                  * We want to store what we know the peer DRBD can handle,
1380                  * not what the peer IO backend can handle. */
1381                 if (peer > device->peer_max_bio_size)
1382                         device->peer_max_bio_size = peer;
1383         }
1384         new = min(local, peer);
1385
1386         if (device->state.role == R_PRIMARY && new < now)
1387                 drbd_err(device, "ASSERT FAILED new < now; (%u < %u)\n", new, now);
1388
1389         if (new != now)
1390                 drbd_info(device, "max BIO size = %u\n", new);
1391
1392         drbd_setup_queue_param(device, bdev, new, o);
1393 }
1394
1395 /* Starts the worker thread */
1396 static void conn_reconfig_start(struct drbd_connection *connection)
1397 {
1398         drbd_thread_start(&connection->worker);
1399         drbd_flush_workqueue(&connection->sender_work);
1400 }
1401
1402 /* if still unconfigured, stops worker again. */
1403 static void conn_reconfig_done(struct drbd_connection *connection)
1404 {
1405         bool stop_threads;
1406         spin_lock_irq(&connection->resource->req_lock);
1407         stop_threads = conn_all_vols_unconf(connection) &&
1408                 connection->cstate == C_STANDALONE;
1409         spin_unlock_irq(&connection->resource->req_lock);
1410         if (stop_threads) {
1411                 /* ack_receiver thread and ack_sender workqueue are implicitly
1412                  * stopped by receiver in conn_disconnect() */
1413                 drbd_thread_stop(&connection->receiver);
1414                 drbd_thread_stop(&connection->worker);
1415         }
1416 }
1417
1418 /* Make sure IO is suspended before calling this function(). */
1419 static void drbd_suspend_al(struct drbd_device *device)
1420 {
1421         int s = 0;
1422
1423         if (!lc_try_lock(device->act_log)) {
1424                 drbd_warn(device, "Failed to lock al in drbd_suspend_al()\n");
1425                 return;
1426         }
1427
1428         drbd_al_shrink(device);
1429         spin_lock_irq(&device->resource->req_lock);
1430         if (device->state.conn < C_CONNECTED)
1431                 s = !test_and_set_bit(AL_SUSPENDED, &device->flags);
1432         spin_unlock_irq(&device->resource->req_lock);
1433         lc_unlock(device->act_log);
1434
1435         if (s)
1436                 drbd_info(device, "Suspended AL updates\n");
1437 }
1438
1439
1440 static bool should_set_defaults(struct genl_info *info)
1441 {
1442         unsigned flags = ((struct drbd_genlmsghdr*)info->userhdr)->flags;
1443         return 0 != (flags & DRBD_GENL_F_SET_DEFAULTS);
1444 }
1445
1446 static unsigned int drbd_al_extents_max(struct drbd_backing_dev *bdev)
1447 {
1448         /* This is limited by 16 bit "slot" numbers,
1449          * and by available on-disk context storage.
1450          *
1451          * Also (u16)~0 is special (denotes a "free" extent).
1452          *
1453          * One transaction occupies one 4kB on-disk block,
1454          * we have n such blocks in the on disk ring buffer,
1455          * the "current" transaction may fail (n-1),
1456          * and there is 919 slot numbers context information per transaction.
1457          *
1458          * 72 transaction blocks amounts to more than 2**16 context slots,
1459          * so cap there first.
1460          */
1461         const unsigned int max_al_nr = DRBD_AL_EXTENTS_MAX;
1462         const unsigned int sufficient_on_disk =
1463                 (max_al_nr + AL_CONTEXT_PER_TRANSACTION -1)
1464                 /AL_CONTEXT_PER_TRANSACTION;
1465
1466         unsigned int al_size_4k = bdev->md.al_size_4k;
1467
1468         if (al_size_4k > sufficient_on_disk)
1469                 return max_al_nr;
1470
1471         return (al_size_4k - 1) * AL_CONTEXT_PER_TRANSACTION;
1472 }
1473
1474 static bool write_ordering_changed(struct disk_conf *a, struct disk_conf *b)
1475 {
1476         return  a->disk_barrier != b->disk_barrier ||
1477                 a->disk_flushes != b->disk_flushes ||
1478                 a->disk_drain != b->disk_drain;
1479 }
1480
1481 static void sanitize_disk_conf(struct drbd_device *device, struct disk_conf *disk_conf,
1482                                struct drbd_backing_dev *nbc)
1483 {
1484         struct request_queue * const q = nbc->backing_bdev->bd_disk->queue;
1485
1486         if (disk_conf->al_extents < DRBD_AL_EXTENTS_MIN)
1487                 disk_conf->al_extents = DRBD_AL_EXTENTS_MIN;
1488         if (disk_conf->al_extents > drbd_al_extents_max(nbc))
1489                 disk_conf->al_extents = drbd_al_extents_max(nbc);
1490
1491         if (!blk_queue_discard(q)) {
1492                 if (disk_conf->rs_discard_granularity) {
1493                         disk_conf->rs_discard_granularity = 0; /* disable feature */
1494                         drbd_info(device, "rs_discard_granularity feature disabled\n");
1495                 }
1496         }
1497
1498         if (disk_conf->rs_discard_granularity) {
1499                 int orig_value = disk_conf->rs_discard_granularity;
1500                 int remainder;
1501
1502                 if (q->limits.discard_granularity > disk_conf->rs_discard_granularity)
1503                         disk_conf->rs_discard_granularity = q->limits.discard_granularity;
1504
1505                 remainder = disk_conf->rs_discard_granularity % q->limits.discard_granularity;
1506                 disk_conf->rs_discard_granularity += remainder;
1507
1508                 if (disk_conf->rs_discard_granularity > q->limits.max_discard_sectors << 9)
1509                         disk_conf->rs_discard_granularity = q->limits.max_discard_sectors << 9;
1510
1511                 if (disk_conf->rs_discard_granularity != orig_value)
1512                         drbd_info(device, "rs_discard_granularity changed to %d\n",
1513                                   disk_conf->rs_discard_granularity);
1514         }
1515 }
1516
1517 int drbd_adm_disk_opts(struct sk_buff *skb, struct genl_info *info)
1518 {
1519         struct drbd_config_context adm_ctx;
1520         enum drbd_ret_code retcode;
1521         struct drbd_device *device;
1522         struct disk_conf *new_disk_conf, *old_disk_conf;
1523         struct fifo_buffer *old_plan = NULL, *new_plan = NULL;
1524         int err, fifo_size;
1525
1526         retcode = drbd_adm_prepare(&adm_ctx, skb, info, DRBD_ADM_NEED_MINOR);
1527         if (!adm_ctx.reply_skb)
1528                 return retcode;
1529         if (retcode != NO_ERROR)
1530                 goto finish;
1531
1532         device = adm_ctx.device;
1533         mutex_lock(&adm_ctx.resource->adm_mutex);
1534
1535         /* we also need a disk
1536          * to change the options on */
1537         if (!get_ldev(device)) {
1538                 retcode = ERR_NO_DISK;
1539                 goto out;
1540         }
1541
1542         new_disk_conf = kmalloc(sizeof(struct disk_conf), GFP_KERNEL);
1543         if (!new_disk_conf) {
1544                 retcode = ERR_NOMEM;
1545                 goto fail;
1546         }
1547
1548         mutex_lock(&device->resource->conf_update);
1549         old_disk_conf = device->ldev->disk_conf;
1550         *new_disk_conf = *old_disk_conf;
1551         if (should_set_defaults(info))
1552                 set_disk_conf_defaults(new_disk_conf);
1553
1554         err = disk_conf_from_attrs_for_change(new_disk_conf, info);
1555         if (err && err != -ENOMSG) {
1556                 retcode = ERR_MANDATORY_TAG;
1557                 drbd_msg_put_info(adm_ctx.reply_skb, from_attrs_err_to_txt(err));
1558                 goto fail_unlock;
1559         }
1560
1561         if (!expect(new_disk_conf->resync_rate >= 1))
1562                 new_disk_conf->resync_rate = 1;
1563
1564         sanitize_disk_conf(device, new_disk_conf, device->ldev);
1565
1566         if (new_disk_conf->c_plan_ahead > DRBD_C_PLAN_AHEAD_MAX)
1567                 new_disk_conf->c_plan_ahead = DRBD_C_PLAN_AHEAD_MAX;
1568
1569         fifo_size = (new_disk_conf->c_plan_ahead * 10 * SLEEP_TIME) / HZ;
1570         if (fifo_size != device->rs_plan_s->size) {
1571                 new_plan = fifo_alloc(fifo_size);
1572                 if (!new_plan) {
1573                         drbd_err(device, "kmalloc of fifo_buffer failed");
1574                         retcode = ERR_NOMEM;
1575                         goto fail_unlock;
1576                 }
1577         }
1578
1579         drbd_suspend_io(device);
1580         wait_event(device->al_wait, lc_try_lock(device->act_log));
1581         drbd_al_shrink(device);
1582         err = drbd_check_al_size(device, new_disk_conf);
1583         lc_unlock(device->act_log);
1584         wake_up(&device->al_wait);
1585         drbd_resume_io(device);
1586
1587         if (err) {
1588                 retcode = ERR_NOMEM;
1589                 goto fail_unlock;
1590         }
1591
1592         lock_all_resources();
1593         retcode = drbd_resync_after_valid(device, new_disk_conf->resync_after);
1594         if (retcode == NO_ERROR) {
1595                 rcu_assign_pointer(device->ldev->disk_conf, new_disk_conf);
1596                 drbd_resync_after_changed(device);
1597         }
1598         unlock_all_resources();
1599
1600         if (retcode != NO_ERROR)
1601                 goto fail_unlock;
1602
1603         if (new_plan) {
1604                 old_plan = device->rs_plan_s;
1605                 rcu_assign_pointer(device->rs_plan_s, new_plan);
1606         }
1607
1608         mutex_unlock(&device->resource->conf_update);
1609
1610         if (new_disk_conf->al_updates)
1611                 device->ldev->md.flags &= ~MDF_AL_DISABLED;
1612         else
1613                 device->ldev->md.flags |= MDF_AL_DISABLED;
1614
1615         if (new_disk_conf->md_flushes)
1616                 clear_bit(MD_NO_FUA, &device->flags);
1617         else
1618                 set_bit(MD_NO_FUA, &device->flags);
1619
1620         if (write_ordering_changed(old_disk_conf, new_disk_conf))
1621                 drbd_bump_write_ordering(device->resource, NULL, WO_BDEV_FLUSH);
1622
1623         if (old_disk_conf->discard_zeroes_if_aligned != new_disk_conf->discard_zeroes_if_aligned
1624         ||  old_disk_conf->disable_write_same != new_disk_conf->disable_write_same)
1625                 drbd_reconsider_queue_parameters(device, device->ldev, NULL);
1626
1627         drbd_md_sync(device);
1628
1629         if (device->state.conn >= C_CONNECTED) {
1630                 struct drbd_peer_device *peer_device;
1631
1632                 for_each_peer_device(peer_device, device)
1633                         drbd_send_sync_param(peer_device);
1634         }
1635
1636         synchronize_rcu();
1637         kfree(old_disk_conf);
1638         kfree(old_plan);
1639         mod_timer(&device->request_timer, jiffies + HZ);
1640         goto success;
1641
1642 fail_unlock:
1643         mutex_unlock(&device->resource->conf_update);
1644  fail:
1645         kfree(new_disk_conf);
1646         kfree(new_plan);
1647 success:
1648         put_ldev(device);
1649  out:
1650         mutex_unlock(&adm_ctx.resource->adm_mutex);
1651  finish:
1652         drbd_adm_finish(&adm_ctx, info, retcode);
1653         return 0;
1654 }
1655
1656 static struct block_device *open_backing_dev(struct drbd_device *device,
1657                 const char *bdev_path, void *claim_ptr, bool do_bd_link)
1658 {
1659         struct block_device *bdev;
1660         int err = 0;
1661
1662         bdev = blkdev_get_by_path(bdev_path,
1663                                   FMODE_READ | FMODE_WRITE | FMODE_EXCL, claim_ptr);
1664         if (IS_ERR(bdev)) {
1665                 drbd_err(device, "open(\"%s\") failed with %ld\n",
1666                                 bdev_path, PTR_ERR(bdev));
1667                 return bdev;
1668         }
1669
1670         if (!do_bd_link)
1671                 return bdev;
1672
1673         err = bd_link_disk_holder(bdev, device->vdisk);
1674         if (err) {
1675                 blkdev_put(bdev, FMODE_READ | FMODE_WRITE | FMODE_EXCL);
1676                 drbd_err(device, "bd_link_disk_holder(\"%s\", ...) failed with %d\n",
1677                                 bdev_path, err);
1678                 bdev = ERR_PTR(err);
1679         }
1680         return bdev;
1681 }
1682
1683 static int open_backing_devices(struct drbd_device *device,
1684                 struct disk_conf *new_disk_conf,
1685                 struct drbd_backing_dev *nbc)
1686 {
1687         struct block_device *bdev;
1688
1689         bdev = open_backing_dev(device, new_disk_conf->backing_dev, device, true);
1690         if (IS_ERR(bdev))
1691                 return ERR_OPEN_DISK;
1692         nbc->backing_bdev = bdev;
1693
1694         /*
1695          * meta_dev_idx >= 0: external fixed size, possibly multiple
1696          * drbd sharing one meta device.  TODO in that case, paranoia
1697          * check that [md_bdev, meta_dev_idx] is not yet used by some
1698          * other drbd minor!  (if you use drbd.conf + drbdadm, that
1699          * should check it for you already; but if you don't, or
1700          * someone fooled it, we need to double check here)
1701          */
1702         bdev = open_backing_dev(device, new_disk_conf->meta_dev,
1703                 /* claim ptr: device, if claimed exclusively; shared drbd_m_holder,
1704                  * if potentially shared with other drbd minors */
1705                         (new_disk_conf->meta_dev_idx < 0) ? (void*)device : (void*)drbd_m_holder,
1706                 /* avoid double bd_claim_by_disk() for the same (source,target) tuple,
1707                  * as would happen with internal metadata. */
1708                         (new_disk_conf->meta_dev_idx != DRBD_MD_INDEX_FLEX_INT &&
1709                          new_disk_conf->meta_dev_idx != DRBD_MD_INDEX_INTERNAL));
1710         if (IS_ERR(bdev))
1711                 return ERR_OPEN_MD_DISK;
1712         nbc->md_bdev = bdev;
1713         return NO_ERROR;
1714 }
1715
1716 static void close_backing_dev(struct drbd_device *device, struct block_device *bdev,
1717         bool do_bd_unlink)
1718 {
1719         if (!bdev)
1720                 return;
1721         if (do_bd_unlink)
1722                 bd_unlink_disk_holder(bdev, device->vdisk);
1723         blkdev_put(bdev, FMODE_READ | FMODE_WRITE | FMODE_EXCL);
1724 }
1725
1726 void drbd_backing_dev_free(struct drbd_device *device, struct drbd_backing_dev *ldev)
1727 {
1728         if (ldev == NULL)
1729                 return;
1730
1731         close_backing_dev(device, ldev->md_bdev, ldev->md_bdev != ldev->backing_bdev);
1732         close_backing_dev(device, ldev->backing_bdev, true);
1733
1734         kfree(ldev->disk_conf);
1735         kfree(ldev);
1736 }
1737
1738 int drbd_adm_attach(struct sk_buff *skb, struct genl_info *info)
1739 {
1740         struct drbd_config_context adm_ctx;
1741         struct drbd_device *device;
1742         struct drbd_peer_device *peer_device;
1743         struct drbd_connection *connection;
1744         int err;
1745         enum drbd_ret_code retcode;
1746         enum determine_dev_size dd;
1747         sector_t max_possible_sectors;
1748         sector_t min_md_device_sectors;
1749         struct drbd_backing_dev *nbc = NULL; /* new_backing_conf */
1750         struct disk_conf *new_disk_conf = NULL;
1751         struct lru_cache *resync_lru = NULL;
1752         struct fifo_buffer *new_plan = NULL;
1753         union drbd_state ns, os;
1754         enum drbd_state_rv rv;
1755         struct net_conf *nc;
1756
1757         retcode = drbd_adm_prepare(&adm_ctx, skb, info, DRBD_ADM_NEED_MINOR);
1758         if (!adm_ctx.reply_skb)
1759                 return retcode;
1760         if (retcode != NO_ERROR)
1761                 goto finish;
1762
1763         device = adm_ctx.device;
1764         mutex_lock(&adm_ctx.resource->adm_mutex);
1765         peer_device = first_peer_device(device);
1766         connection = peer_device->connection;
1767         conn_reconfig_start(connection);
1768
1769         /* if you want to reconfigure, please tear down first */
1770         if (device->state.disk > D_DISKLESS) {
1771                 retcode = ERR_DISK_CONFIGURED;
1772                 goto fail;
1773         }
1774         /* It may just now have detached because of IO error.  Make sure
1775          * drbd_ldev_destroy is done already, we may end up here very fast,
1776          * e.g. if someone calls attach from the on-io-error handler,
1777          * to realize a "hot spare" feature (not that I'd recommend that) */
1778         wait_event(device->misc_wait, !test_bit(GOING_DISKLESS, &device->flags));
1779
1780         /* make sure there is no leftover from previous force-detach attempts */
1781         clear_bit(FORCE_DETACH, &device->flags);
1782         clear_bit(WAS_IO_ERROR, &device->flags);
1783         clear_bit(WAS_READ_ERROR, &device->flags);
1784
1785         /* and no leftover from previously aborted resync or verify, either */
1786         device->rs_total = 0;
1787         device->rs_failed = 0;
1788         atomic_set(&device->rs_pending_cnt, 0);
1789
1790         /* allocation not in the IO path, drbdsetup context */
1791         nbc = kzalloc(sizeof(struct drbd_backing_dev), GFP_KERNEL);
1792         if (!nbc) {
1793                 retcode = ERR_NOMEM;
1794                 goto fail;
1795         }
1796         spin_lock_init(&nbc->md.uuid_lock);
1797
1798         new_disk_conf = kzalloc(sizeof(struct disk_conf), GFP_KERNEL);
1799         if (!new_disk_conf) {
1800                 retcode = ERR_NOMEM;
1801                 goto fail;
1802         }
1803         nbc->disk_conf = new_disk_conf;
1804
1805         set_disk_conf_defaults(new_disk_conf);
1806         err = disk_conf_from_attrs(new_disk_conf, info);
1807         if (err) {
1808                 retcode = ERR_MANDATORY_TAG;
1809                 drbd_msg_put_info(adm_ctx.reply_skb, from_attrs_err_to_txt(err));
1810                 goto fail;
1811         }
1812
1813         if (new_disk_conf->c_plan_ahead > DRBD_C_PLAN_AHEAD_MAX)
1814                 new_disk_conf->c_plan_ahead = DRBD_C_PLAN_AHEAD_MAX;
1815
1816         new_plan = fifo_alloc((new_disk_conf->c_plan_ahead * 10 * SLEEP_TIME) / HZ);
1817         if (!new_plan) {
1818                 retcode = ERR_NOMEM;
1819                 goto fail;
1820         }
1821
1822         if (new_disk_conf->meta_dev_idx < DRBD_MD_INDEX_FLEX_INT) {
1823                 retcode = ERR_MD_IDX_INVALID;
1824                 goto fail;
1825         }
1826
1827         rcu_read_lock();
1828         nc = rcu_dereference(connection->net_conf);
1829         if (nc) {
1830                 if (new_disk_conf->fencing == FP_STONITH && nc->wire_protocol == DRBD_PROT_A) {
1831                         rcu_read_unlock();
1832                         retcode = ERR_STONITH_AND_PROT_A;
1833                         goto fail;
1834                 }
1835         }
1836         rcu_read_unlock();
1837
1838         retcode = open_backing_devices(device, new_disk_conf, nbc);
1839         if (retcode != NO_ERROR)
1840                 goto fail;
1841
1842         if ((nbc->backing_bdev == nbc->md_bdev) !=
1843             (new_disk_conf->meta_dev_idx == DRBD_MD_INDEX_INTERNAL ||
1844              new_disk_conf->meta_dev_idx == DRBD_MD_INDEX_FLEX_INT)) {
1845                 retcode = ERR_MD_IDX_INVALID;
1846                 goto fail;
1847         }
1848
1849         resync_lru = lc_create("resync", drbd_bm_ext_cache,
1850                         1, 61, sizeof(struct bm_extent),
1851                         offsetof(struct bm_extent, lce));
1852         if (!resync_lru) {
1853                 retcode = ERR_NOMEM;
1854                 goto fail;
1855         }
1856
1857         /* Read our meta data super block early.
1858          * This also sets other on-disk offsets. */
1859         retcode = drbd_md_read(device, nbc);
1860         if (retcode != NO_ERROR)
1861                 goto fail;
1862
1863         sanitize_disk_conf(device, new_disk_conf, nbc);
1864
1865         if (drbd_get_max_capacity(nbc) < new_disk_conf->disk_size) {
1866                 drbd_err(device, "max capacity %llu smaller than disk size %llu\n",
1867                         (unsigned long long) drbd_get_max_capacity(nbc),
1868                         (unsigned long long) new_disk_conf->disk_size);
1869                 retcode = ERR_DISK_TOO_SMALL;
1870                 goto fail;
1871         }
1872
1873         if (new_disk_conf->meta_dev_idx < 0) {
1874                 max_possible_sectors = DRBD_MAX_SECTORS_FLEX;
1875                 /* at least one MB, otherwise it does not make sense */
1876                 min_md_device_sectors = (2<<10);
1877         } else {
1878                 max_possible_sectors = DRBD_MAX_SECTORS;
1879                 min_md_device_sectors = MD_128MB_SECT * (new_disk_conf->meta_dev_idx + 1);
1880         }
1881
1882         if (drbd_get_capacity(nbc->md_bdev) < min_md_device_sectors) {
1883                 retcode = ERR_MD_DISK_TOO_SMALL;
1884                 drbd_warn(device, "refusing attach: md-device too small, "
1885                      "at least %llu sectors needed for this meta-disk type\n",
1886                      (unsigned long long) min_md_device_sectors);
1887                 goto fail;
1888         }
1889
1890         /* Make sure the new disk is big enough
1891          * (we may currently be R_PRIMARY with no local disk...) */
1892         if (drbd_get_max_capacity(nbc) <
1893             drbd_get_capacity(device->this_bdev)) {
1894                 retcode = ERR_DISK_TOO_SMALL;
1895                 goto fail;
1896         }
1897
1898         nbc->known_size = drbd_get_capacity(nbc->backing_bdev);
1899
1900         if (nbc->known_size > max_possible_sectors) {
1901                 drbd_warn(device, "==> truncating very big lower level device "
1902                         "to currently maximum possible %llu sectors <==\n",
1903                         (unsigned long long) max_possible_sectors);
1904                 if (new_disk_conf->meta_dev_idx >= 0)
1905                         drbd_warn(device, "==>> using internal or flexible "
1906                                       "meta data may help <<==\n");
1907         }
1908
1909         drbd_suspend_io(device);
1910         /* also wait for the last barrier ack. */
1911         /* FIXME see also https://daiquiri.linbit/cgi-bin/bugzilla/show_bug.cgi?id=171
1912          * We need a way to either ignore barrier acks for barriers sent before a device
1913          * was attached, or a way to wait for all pending barrier acks to come in.
1914          * As barriers are counted per resource,
1915          * we'd need to suspend io on all devices of a resource.
1916          */
1917         wait_event(device->misc_wait, !atomic_read(&device->ap_pending_cnt) || drbd_suspended(device));
1918         /* and for any other previously queued work */
1919         drbd_flush_workqueue(&connection->sender_work);
1920
1921         rv = _drbd_request_state(device, NS(disk, D_ATTACHING), CS_VERBOSE);
1922         retcode = rv;  /* FIXME: Type mismatch. */
1923         drbd_resume_io(device);
1924         if (rv < SS_SUCCESS)
1925                 goto fail;
1926
1927         if (!get_ldev_if_state(device, D_ATTACHING))
1928                 goto force_diskless;
1929
1930         if (!device->bitmap) {
1931                 if (drbd_bm_init(device)) {
1932                         retcode = ERR_NOMEM;
1933                         goto force_diskless_dec;
1934                 }
1935         }
1936
1937         if (device->state.conn < C_CONNECTED &&
1938             device->state.role == R_PRIMARY && device->ed_uuid &&
1939             (device->ed_uuid & ~((u64)1)) != (nbc->md.uuid[UI_CURRENT] & ~((u64)1))) {
1940                 drbd_err(device, "Can only attach to data with current UUID=%016llX\n",
1941                     (unsigned long long)device->ed_uuid);
1942                 retcode = ERR_DATA_NOT_CURRENT;
1943                 goto force_diskless_dec;
1944         }
1945
1946         /* Since we are diskless, fix the activity log first... */
1947         if (drbd_check_al_size(device, new_disk_conf)) {
1948                 retcode = ERR_NOMEM;
1949                 goto force_diskless_dec;
1950         }
1951
1952         /* Prevent shrinking of consistent devices ! */
1953         if (drbd_md_test_flag(nbc, MDF_CONSISTENT) &&
1954             drbd_new_dev_size(device, nbc, nbc->disk_conf->disk_size, 0) < nbc->md.la_size_sect) {
1955                 drbd_warn(device, "refusing to truncate a consistent device\n");
1956                 retcode = ERR_DISK_TOO_SMALL;
1957                 goto force_diskless_dec;
1958         }
1959
1960         lock_all_resources();
1961         retcode = drbd_resync_after_valid(device, new_disk_conf->resync_after);
1962         if (retcode != NO_ERROR) {
1963                 unlock_all_resources();
1964                 goto force_diskless_dec;
1965         }
1966
1967         /* Reset the "barriers don't work" bits here, then force meta data to
1968          * be written, to ensure we determine if barriers are supported. */
1969         if (new_disk_conf->md_flushes)
1970                 clear_bit(MD_NO_FUA, &device->flags);
1971         else
1972                 set_bit(MD_NO_FUA, &device->flags);
1973
1974         /* Point of no return reached.
1975          * Devices and memory are no longer released by error cleanup below.
1976          * now device takes over responsibility, and the state engine should
1977          * clean it up somewhere.  */
1978         D_ASSERT(device, device->ldev == NULL);
1979         device->ldev = nbc;
1980         device->resync = resync_lru;
1981         device->rs_plan_s = new_plan;
1982         nbc = NULL;
1983         resync_lru = NULL;
1984         new_disk_conf = NULL;
1985         new_plan = NULL;
1986
1987         drbd_resync_after_changed(device);
1988         drbd_bump_write_ordering(device->resource, device->ldev, WO_BDEV_FLUSH);
1989         unlock_all_resources();
1990
1991         if (drbd_md_test_flag(device->ldev, MDF_CRASHED_PRIMARY))
1992                 set_bit(CRASHED_PRIMARY, &device->flags);
1993         else
1994                 clear_bit(CRASHED_PRIMARY, &device->flags);
1995
1996         if (drbd_md_test_flag(device->ldev, MDF_PRIMARY_IND) &&
1997             !(device->state.role == R_PRIMARY && device->resource->susp_nod))
1998                 set_bit(CRASHED_PRIMARY, &device->flags);
1999
2000         device->send_cnt = 0;
2001         device->recv_cnt = 0;
2002         device->read_cnt = 0;
2003         device->writ_cnt = 0;
2004
2005         drbd_reconsider_queue_parameters(device, device->ldev, NULL);
2006
2007         /* If I am currently not R_PRIMARY,
2008          * but meta data primary indicator is set,
2009          * I just now recover from a hard crash,
2010          * and have been R_PRIMARY before that crash.
2011          *
2012          * Now, if I had no connection before that crash
2013          * (have been degraded R_PRIMARY), chances are that
2014          * I won't find my peer now either.
2015          *
2016          * In that case, and _only_ in that case,
2017          * we use the degr-wfc-timeout instead of the default,
2018          * so we can automatically recover from a crash of a
2019          * degraded but active "cluster" after a certain timeout.
2020          */
2021         clear_bit(USE_DEGR_WFC_T, &device->flags);
2022         if (device->state.role != R_PRIMARY &&
2023              drbd_md_test_flag(device->ldev, MDF_PRIMARY_IND) &&
2024             !drbd_md_test_flag(device->ldev, MDF_CONNECTED_IND))
2025                 set_bit(USE_DEGR_WFC_T, &device->flags);
2026
2027         dd = drbd_determine_dev_size(device, 0, NULL);
2028         if (dd <= DS_ERROR) {
2029                 retcode = ERR_NOMEM_BITMAP;
2030                 goto force_diskless_dec;
2031         } else if (dd == DS_GREW)
2032                 set_bit(RESYNC_AFTER_NEG, &device->flags);
2033
2034         if (drbd_md_test_flag(device->ldev, MDF_FULL_SYNC) ||
2035             (test_bit(CRASHED_PRIMARY, &device->flags) &&
2036              drbd_md_test_flag(device->ldev, MDF_AL_DISABLED))) {
2037                 drbd_info(device, "Assuming that all blocks are out of sync "
2038                      "(aka FullSync)\n");
2039                 if (drbd_bitmap_io(device, &drbd_bmio_set_n_write,
2040                         "set_n_write from attaching", BM_LOCKED_MASK)) {
2041                         retcode = ERR_IO_MD_DISK;
2042                         goto force_diskless_dec;
2043                 }
2044         } else {
2045                 if (drbd_bitmap_io(device, &drbd_bm_read,
2046                         "read from attaching", BM_LOCKED_MASK)) {
2047                         retcode = ERR_IO_MD_DISK;
2048                         goto force_diskless_dec;
2049                 }
2050         }
2051
2052         if (_drbd_bm_total_weight(device) == drbd_bm_bits(device))
2053                 drbd_suspend_al(device); /* IO is still suspended here... */
2054
2055         spin_lock_irq(&device->resource->req_lock);
2056         os = drbd_read_state(device);
2057         ns = os;
2058         /* If MDF_CONSISTENT is not set go into inconsistent state,
2059            otherwise investigate MDF_WasUpToDate...
2060            If MDF_WAS_UP_TO_DATE is not set go into D_OUTDATED disk state,
2061            otherwise into D_CONSISTENT state.
2062         */
2063         if (drbd_md_test_flag(device->ldev, MDF_CONSISTENT)) {
2064                 if (drbd_md_test_flag(device->ldev, MDF_WAS_UP_TO_DATE))
2065                         ns.disk = D_CONSISTENT;
2066                 else
2067                         ns.disk = D_OUTDATED;
2068         } else {
2069                 ns.disk = D_INCONSISTENT;
2070         }
2071
2072         if (drbd_md_test_flag(device->ldev, MDF_PEER_OUT_DATED))
2073                 ns.pdsk = D_OUTDATED;
2074
2075         rcu_read_lock();
2076         if (ns.disk == D_CONSISTENT &&
2077             (ns.pdsk == D_OUTDATED || rcu_dereference(device->ldev->disk_conf)->fencing == FP_DONT_CARE))
2078                 ns.disk = D_UP_TO_DATE;
2079
2080         /* All tests on MDF_PRIMARY_IND, MDF_CONNECTED_IND,
2081            MDF_CONSISTENT and MDF_WAS_UP_TO_DATE must happen before
2082            this point, because drbd_request_state() modifies these
2083            flags. */
2084
2085         if (rcu_dereference(device->ldev->disk_conf)->al_updates)
2086                 device->ldev->md.flags &= ~MDF_AL_DISABLED;
2087         else
2088                 device->ldev->md.flags |= MDF_AL_DISABLED;
2089
2090         rcu_read_unlock();
2091
2092         /* In case we are C_CONNECTED postpone any decision on the new disk
2093            state after the negotiation phase. */
2094         if (device->state.conn == C_CONNECTED) {
2095                 device->new_state_tmp.i = ns.i;
2096                 ns.i = os.i;
2097                 ns.disk = D_NEGOTIATING;
2098
2099                 /* We expect to receive up-to-date UUIDs soon.
2100                    To avoid a race in receive_state, free p_uuid while
2101                    holding req_lock. I.e. atomic with the state change */
2102                 kfree(device->p_uuid);
2103                 device->p_uuid = NULL;
2104         }
2105
2106         rv = _drbd_set_state(device, ns, CS_VERBOSE, NULL);
2107         spin_unlock_irq(&device->resource->req_lock);
2108
2109         if (rv < SS_SUCCESS)
2110                 goto force_diskless_dec;
2111
2112         mod_timer(&device->request_timer, jiffies + HZ);
2113
2114         if (device->state.role == R_PRIMARY)
2115                 device->ldev->md.uuid[UI_CURRENT] |=  (u64)1;
2116         else
2117                 device->ldev->md.uuid[UI_CURRENT] &= ~(u64)1;
2118
2119         drbd_md_mark_dirty(device);
2120         drbd_md_sync(device);
2121
2122         kobject_uevent(&disk_to_dev(device->vdisk)->kobj, KOBJ_CHANGE);
2123         put_ldev(device);
2124         conn_reconfig_done(connection);
2125         mutex_unlock(&adm_ctx.resource->adm_mutex);
2126         drbd_adm_finish(&adm_ctx, info, retcode);
2127         return 0;
2128
2129  force_diskless_dec:
2130         put_ldev(device);
2131  force_diskless:
2132         drbd_force_state(device, NS(disk, D_DISKLESS));
2133         drbd_md_sync(device);
2134  fail:
2135         conn_reconfig_done(connection);
2136         if (nbc) {
2137                 close_backing_dev(device, nbc->md_bdev, nbc->md_bdev != nbc->backing_bdev);
2138                 close_backing_dev(device, nbc->backing_bdev, true);
2139                 kfree(nbc);
2140         }
2141         kfree(new_disk_conf);
2142         lc_destroy(resync_lru);
2143         kfree(new_plan);
2144         mutex_unlock(&adm_ctx.resource->adm_mutex);
2145  finish:
2146         drbd_adm_finish(&adm_ctx, info, retcode);
2147         return 0;
2148 }
2149
2150 static int adm_detach(struct drbd_device *device, int force)
2151 {
2152         if (force) {
2153                 set_bit(FORCE_DETACH, &device->flags);
2154                 drbd_force_state(device, NS(disk, D_FAILED));
2155                 return SS_SUCCESS;
2156         }
2157
2158         return drbd_request_detach_interruptible(device);
2159 }
2160
2161 /* Detaching the disk is a process in multiple stages.  First we need to lock
2162  * out application IO, in-flight IO, IO stuck in drbd_al_begin_io.
2163  * Then we transition to D_DISKLESS, and wait for put_ldev() to return all
2164  * internal references as well.
2165  * Only then we have finally detached. */
2166 int drbd_adm_detach(struct sk_buff *skb, struct genl_info *info)
2167 {
2168         struct drbd_config_context adm_ctx;
2169         enum drbd_ret_code retcode;
2170         struct detach_parms parms = { };
2171         int err;
2172
2173         retcode = drbd_adm_prepare(&adm_ctx, skb, info, DRBD_ADM_NEED_MINOR);
2174         if (!adm_ctx.reply_skb)
2175                 return retcode;
2176         if (retcode != NO_ERROR)
2177                 goto out;
2178
2179         if (info->attrs[DRBD_NLA_DETACH_PARMS]) {
2180                 err = detach_parms_from_attrs(&parms, info);
2181                 if (err) {
2182                         retcode = ERR_MANDATORY_TAG;
2183                         drbd_msg_put_info(adm_ctx.reply_skb, from_attrs_err_to_txt(err));
2184                         goto out;
2185                 }
2186         }
2187
2188         mutex_lock(&adm_ctx.resource->adm_mutex);
2189         retcode = adm_detach(adm_ctx.device, parms.force_detach);
2190         mutex_unlock(&adm_ctx.resource->adm_mutex);
2191 out:
2192         drbd_adm_finish(&adm_ctx, info, retcode);
2193         return 0;
2194 }
2195
2196 static bool conn_resync_running(struct drbd_connection *connection)
2197 {
2198         struct drbd_peer_device *peer_device;
2199         bool rv = false;
2200         int vnr;
2201
2202         rcu_read_lock();
2203         idr_for_each_entry(&connection->peer_devices, peer_device, vnr) {
2204                 struct drbd_device *device = peer_device->device;
2205                 if (device->state.conn == C_SYNC_SOURCE ||
2206                     device->state.conn == C_SYNC_TARGET ||
2207                     device->state.conn == C_PAUSED_SYNC_S ||
2208                     device->state.conn == C_PAUSED_SYNC_T) {
2209                         rv = true;
2210                         break;
2211                 }
2212         }
2213         rcu_read_unlock();
2214
2215         return rv;
2216 }
2217
2218 static bool conn_ov_running(struct drbd_connection *connection)
2219 {
2220         struct drbd_peer_device *peer_device;
2221         bool rv = false;
2222         int vnr;
2223
2224         rcu_read_lock();
2225         idr_for_each_entry(&connection->peer_devices, peer_device, vnr) {
2226                 struct drbd_device *device = peer_device->device;
2227                 if (device->state.conn == C_VERIFY_S ||
2228                     device->state.conn == C_VERIFY_T) {
2229                         rv = true;
2230                         break;
2231                 }
2232         }
2233         rcu_read_unlock();
2234
2235         return rv;
2236 }
2237
2238 static enum drbd_ret_code
2239 _check_net_options(struct drbd_connection *connection, struct net_conf *old_net_conf, struct net_conf *new_net_conf)
2240 {
2241         struct drbd_peer_device *peer_device;
2242         int i;
2243
2244         if (old_net_conf && connection->cstate == C_WF_REPORT_PARAMS && connection->agreed_pro_version < 100) {
2245                 if (new_net_conf->wire_protocol != old_net_conf->wire_protocol)
2246                         return ERR_NEED_APV_100;
2247
2248                 if (new_net_conf->two_primaries != old_net_conf->two_primaries)
2249                         return ERR_NEED_APV_100;
2250
2251                 if (strcmp(new_net_conf->integrity_alg, old_net_conf->integrity_alg))
2252                         return ERR_NEED_APV_100;
2253         }
2254
2255         if (!new_net_conf->two_primaries &&
2256             conn_highest_role(connection) == R_PRIMARY &&
2257             conn_highest_peer(connection) == R_PRIMARY)
2258                 return ERR_NEED_ALLOW_TWO_PRI;
2259
2260         if (new_net_conf->two_primaries &&
2261             (new_net_conf->wire_protocol != DRBD_PROT_C))
2262                 return ERR_NOT_PROTO_C;
2263
2264         idr_for_each_entry(&connection->peer_devices, peer_device, i) {
2265                 struct drbd_device *device = peer_device->device;
2266                 if (get_ldev(device)) {
2267                         enum drbd_fencing_p fp = rcu_dereference(device->ldev->disk_conf)->fencing;
2268                         put_ldev(device);
2269                         if (new_net_conf->wire_protocol == DRBD_PROT_A && fp == FP_STONITH)
2270                                 return ERR_STONITH_AND_PROT_A;
2271                 }
2272                 if (device->state.role == R_PRIMARY && new_net_conf->discard_my_data)
2273                         return ERR_DISCARD_IMPOSSIBLE;
2274         }
2275
2276         if (new_net_conf->on_congestion != OC_BLOCK && new_net_conf->wire_protocol != DRBD_PROT_A)
2277                 return ERR_CONG_NOT_PROTO_A;
2278
2279         return NO_ERROR;
2280 }
2281
2282 static enum drbd_ret_code
2283 check_net_options(struct drbd_connection *connection, struct net_conf *new_net_conf)
2284 {
2285         enum drbd_ret_code rv;
2286         struct drbd_peer_device *peer_device;
2287         int i;
2288
2289         rcu_read_lock();
2290         rv = _check_net_options(connection, rcu_dereference(connection->net_conf), new_net_conf);
2291         rcu_read_unlock();
2292
2293         /* connection->peer_devices protected by genl_lock() here */
2294         idr_for_each_entry(&connection->peer_devices, peer_device, i) {
2295                 struct drbd_device *device = peer_device->device;
2296                 if (!device->bitmap) {
2297                         if (drbd_bm_init(device))
2298                                 return ERR_NOMEM;
2299                 }
2300         }
2301
2302         return rv;
2303 }
2304
2305 struct crypto {
2306         struct crypto_shash *verify_tfm;
2307         struct crypto_shash *csums_tfm;
2308         struct crypto_shash *cram_hmac_tfm;
2309         struct crypto_shash *integrity_tfm;
2310 };
2311
2312 static int
2313 alloc_shash(struct crypto_shash **tfm, char *tfm_name, int err_alg)
2314 {
2315         if (!tfm_name[0])
2316                 return NO_ERROR;
2317
2318         *tfm = crypto_alloc_shash(tfm_name, 0, 0);
2319         if (IS_ERR(*tfm)) {
2320                 *tfm = NULL;
2321                 return err_alg;
2322         }
2323
2324         return NO_ERROR;
2325 }
2326
2327 static enum drbd_ret_code
2328 alloc_crypto(struct crypto *crypto, struct net_conf *new_net_conf)
2329 {
2330         char hmac_name[CRYPTO_MAX_ALG_NAME];
2331         enum drbd_ret_code rv;
2332
2333         rv = alloc_shash(&crypto->csums_tfm, new_net_conf->csums_alg,
2334                          ERR_CSUMS_ALG);
2335         if (rv != NO_ERROR)
2336                 return rv;
2337         rv = alloc_shash(&crypto->verify_tfm, new_net_conf->verify_alg,
2338                          ERR_VERIFY_ALG);
2339         if (rv != NO_ERROR)
2340                 return rv;
2341         rv = alloc_shash(&crypto->integrity_tfm, new_net_conf->integrity_alg,
2342                          ERR_INTEGRITY_ALG);
2343         if (rv != NO_ERROR)
2344                 return rv;
2345         if (new_net_conf->cram_hmac_alg[0] != 0) {
2346                 snprintf(hmac_name, CRYPTO_MAX_ALG_NAME, "hmac(%s)",
2347                          new_net_conf->cram_hmac_alg);
2348
2349                 rv = alloc_shash(&crypto->cram_hmac_tfm, hmac_name,
2350                                  ERR_AUTH_ALG);
2351         }
2352
2353         return rv;
2354 }
2355
2356 static void free_crypto(struct crypto *crypto)
2357 {
2358         crypto_free_shash(crypto->cram_hmac_tfm);
2359         crypto_free_shash(crypto->integrity_tfm);
2360         crypto_free_shash(crypto->csums_tfm);
2361         crypto_free_shash(crypto->verify_tfm);
2362 }
2363
2364 int drbd_adm_net_opts(struct sk_buff *skb, struct genl_info *info)
2365 {
2366         struct drbd_config_context adm_ctx;
2367         enum drbd_ret_code retcode;
2368         struct drbd_connection *connection;
2369         struct net_conf *old_net_conf, *new_net_conf = NULL;
2370         int err;
2371         int ovr; /* online verify running */
2372         int rsr; /* re-sync running */
2373         struct crypto crypto = { };
2374
2375         retcode = drbd_adm_prepare(&adm_ctx, skb, info, DRBD_ADM_NEED_CONNECTION);
2376         if (!adm_ctx.reply_skb)
2377                 return retcode;
2378         if (retcode != NO_ERROR)
2379                 goto finish;
2380
2381         connection = adm_ctx.connection;
2382         mutex_lock(&adm_ctx.resource->adm_mutex);
2383
2384         new_net_conf = kzalloc(sizeof(struct net_conf), GFP_KERNEL);
2385         if (!new_net_conf) {
2386                 retcode = ERR_NOMEM;
2387                 goto out;
2388         }
2389
2390         conn_reconfig_start(connection);
2391
2392         mutex_lock(&connection->data.mutex);
2393         mutex_lock(&connection->resource->conf_update);
2394         old_net_conf = connection->net_conf;
2395
2396         if (!old_net_conf) {
2397                 drbd_msg_put_info(adm_ctx.reply_skb, "net conf missing, try connect");
2398                 retcode = ERR_INVALID_REQUEST;
2399                 goto fail;
2400         }
2401
2402         *new_net_conf = *old_net_conf;
2403         if (should_set_defaults(info))
2404                 set_net_conf_defaults(new_net_conf);
2405
2406         err = net_conf_from_attrs_for_change(new_net_conf, info);
2407         if (err && err != -ENOMSG) {
2408                 retcode = ERR_MANDATORY_TAG;
2409                 drbd_msg_put_info(adm_ctx.reply_skb, from_attrs_err_to_txt(err));
2410                 goto fail;
2411         }
2412
2413         retcode = check_net_options(connection, new_net_conf);
2414         if (retcode != NO_ERROR)
2415                 goto fail;
2416
2417         /* re-sync running */
2418         rsr = conn_resync_running(connection);
2419         if (rsr && strcmp(new_net_conf->csums_alg, old_net_conf->csums_alg)) {
2420                 retcode = ERR_CSUMS_RESYNC_RUNNING;
2421                 goto fail;
2422         }
2423
2424         /* online verify running */
2425         ovr = conn_ov_running(connection);
2426         if (ovr && strcmp(new_net_conf->verify_alg, old_net_conf->verify_alg)) {
2427                 retcode = ERR_VERIFY_RUNNING;
2428                 goto fail;
2429         }
2430
2431         retcode = alloc_crypto(&crypto, new_net_conf);
2432         if (retcode != NO_ERROR)
2433                 goto fail;
2434
2435         rcu_assign_pointer(connection->net_conf, new_net_conf);
2436
2437         if (!rsr) {
2438                 crypto_free_shash(connection->csums_tfm);
2439                 connection->csums_tfm = crypto.csums_tfm;
2440                 crypto.csums_tfm = NULL;
2441         }
2442         if (!ovr) {
2443                 crypto_free_shash(connection->verify_tfm);
2444                 connection->verify_tfm = crypto.verify_tfm;
2445                 crypto.verify_tfm = NULL;
2446         }
2447
2448         crypto_free_shash(connection->integrity_tfm);
2449         connection->integrity_tfm = crypto.integrity_tfm;
2450         if (connection->cstate >= C_WF_REPORT_PARAMS && connection->agreed_pro_version >= 100)
2451                 /* Do this without trying to take connection->data.mutex again.  */
2452                 __drbd_send_protocol(connection, P_PROTOCOL_UPDATE);
2453
2454         crypto_free_shash(connection->cram_hmac_tfm);
2455         connection->cram_hmac_tfm = crypto.cram_hmac_tfm;
2456
2457         mutex_unlock(&connection->resource->conf_update);
2458         mutex_unlock(&connection->data.mutex);
2459         synchronize_rcu();
2460         kfree(old_net_conf);
2461
2462         if (connection->cstate >= C_WF_REPORT_PARAMS) {
2463                 struct drbd_peer_device *peer_device;
2464                 int vnr;
2465
2466                 idr_for_each_entry(&connection->peer_devices, peer_device, vnr)
2467                         drbd_send_sync_param(peer_device);
2468         }
2469
2470         goto done;
2471
2472  fail:
2473         mutex_unlock(&connection->resource->conf_update);
2474         mutex_unlock(&connection->data.mutex);
2475         free_crypto(&crypto);
2476         kfree(new_net_conf);
2477  done:
2478         conn_reconfig_done(connection);
2479  out:
2480         mutex_unlock(&adm_ctx.resource->adm_mutex);
2481  finish:
2482         drbd_adm_finish(&adm_ctx, info, retcode);
2483         return 0;
2484 }
2485
2486 static void connection_to_info(struct connection_info *info,
2487                                struct drbd_connection *connection)
2488 {
2489         info->conn_connection_state = connection->cstate;
2490         info->conn_role = conn_highest_peer(connection);
2491 }
2492
2493 static void peer_device_to_info(struct peer_device_info *info,
2494                                 struct drbd_peer_device *peer_device)
2495 {
2496         struct drbd_device *device = peer_device->device;
2497
2498         info->peer_repl_state =
2499                 max_t(enum drbd_conns, C_WF_REPORT_PARAMS, device->state.conn);
2500         info->peer_disk_state = device->state.pdsk;
2501         info->peer_resync_susp_user = device->state.user_isp;
2502         info->peer_resync_susp_peer = device->state.peer_isp;
2503         info->peer_resync_susp_dependency = device->state.aftr_isp;
2504 }
2505
2506 int drbd_adm_connect(struct sk_buff *skb, struct genl_info *info)
2507 {
2508         struct connection_info connection_info;
2509         enum drbd_notification_type flags;
2510         unsigned int peer_devices = 0;
2511         struct drbd_config_context adm_ctx;
2512         struct drbd_peer_device *peer_device;
2513         struct net_conf *old_net_conf, *new_net_conf = NULL;
2514         struct crypto crypto = { };
2515         struct drbd_resource *resource;
2516         struct drbd_connection *connection;
2517         enum drbd_ret_code retcode;
2518         int i;
2519         int err;
2520
2521         retcode = drbd_adm_prepare(&adm_ctx, skb, info, DRBD_ADM_NEED_RESOURCE);
2522
2523         if (!adm_ctx.reply_skb)
2524                 return retcode;
2525         if (retcode != NO_ERROR)
2526                 goto out;
2527         if (!(adm_ctx.my_addr && adm_ctx.peer_addr)) {
2528                 drbd_msg_put_info(adm_ctx.reply_skb, "connection endpoint(s) missing");
2529                 retcode = ERR_INVALID_REQUEST;
2530                 goto out;
2531         }
2532
2533         /* No need for _rcu here. All reconfiguration is
2534          * strictly serialized on genl_lock(). We are protected against
2535          * concurrent reconfiguration/addition/deletion */
2536         for_each_resource(resource, &drbd_resources) {
2537                 for_each_connection(connection, resource) {
2538                         if (nla_len(adm_ctx.my_addr) == connection->my_addr_len &&
2539                             !memcmp(nla_data(adm_ctx.my_addr), &connection->my_addr,
2540                                     connection->my_addr_len)) {
2541                                 retcode = ERR_LOCAL_ADDR;
2542                                 goto out;
2543                         }
2544
2545                         if (nla_len(adm_ctx.peer_addr) == connection->peer_addr_len &&
2546                             !memcmp(nla_data(adm_ctx.peer_addr), &connection->peer_addr,
2547                                     connection->peer_addr_len)) {
2548                                 retcode = ERR_PEER_ADDR;
2549                                 goto out;
2550                         }
2551                 }
2552         }
2553
2554         mutex_lock(&adm_ctx.resource->adm_mutex);
2555         connection = first_connection(adm_ctx.resource);
2556         conn_reconfig_start(connection);
2557
2558         if (connection->cstate > C_STANDALONE) {
2559                 retcode = ERR_NET_CONFIGURED;
2560                 goto fail;
2561         }
2562
2563         /* allocation not in the IO path, drbdsetup / netlink process context */
2564         new_net_conf = kzalloc(sizeof(*new_net_conf), GFP_KERNEL);
2565         if (!new_net_conf) {
2566                 retcode = ERR_NOMEM;
2567                 goto fail;
2568         }
2569
2570         set_net_conf_defaults(new_net_conf);
2571
2572         err = net_conf_from_attrs(new_net_conf, info);
2573         if (err && err != -ENOMSG) {
2574                 retcode = ERR_MANDATORY_TAG;
2575                 drbd_msg_put_info(adm_ctx.reply_skb, from_attrs_err_to_txt(err));
2576                 goto fail;
2577         }
2578
2579         retcode = check_net_options(connection, new_net_conf);
2580         if (retcode != NO_ERROR)
2581                 goto fail;
2582
2583         retcode = alloc_crypto(&crypto, new_net_conf);
2584         if (retcode != NO_ERROR)
2585                 goto fail;
2586
2587         ((char *)new_net_conf->shared_secret)[SHARED_SECRET_MAX-1] = 0;
2588
2589         drbd_flush_workqueue(&connection->sender_work);
2590
2591         mutex_lock(&adm_ctx.resource->conf_update);
2592         old_net_conf = connection->net_conf;
2593         if (old_net_conf) {
2594                 retcode = ERR_NET_CONFIGURED;
2595                 mutex_unlock(&adm_ctx.resource->conf_update);
2596                 goto fail;
2597         }
2598         rcu_assign_pointer(connection->net_conf, new_net_conf);
2599
2600         conn_free_crypto(connection);
2601         connection->cram_hmac_tfm = crypto.cram_hmac_tfm;
2602         connection->integrity_tfm = crypto.integrity_tfm;
2603         connection->csums_tfm = crypto.csums_tfm;
2604         connection->verify_tfm = crypto.verify_tfm;
2605
2606         connection->my_addr_len = nla_len(adm_ctx.my_addr);
2607         memcpy(&connection->my_addr, nla_data(adm_ctx.my_addr), connection->my_addr_len);
2608         connection->peer_addr_len = nla_len(adm_ctx.peer_addr);
2609         memcpy(&connection->peer_addr, nla_data(adm_ctx.peer_addr), connection->peer_addr_len);
2610
2611         idr_for_each_entry(&connection->peer_devices, peer_device, i) {
2612                 peer_devices++;
2613         }
2614
2615         connection_to_info(&connection_info, connection);
2616         flags = (peer_devices--) ? NOTIFY_CONTINUES : 0;
2617         mutex_lock(&notification_mutex);
2618         notify_connection_state(NULL, 0, connection, &connection_info, NOTIFY_CREATE | flags);
2619         idr_for_each_entry(&connection->peer_devices, peer_device, i) {
2620                 struct peer_device_info peer_device_info;
2621
2622                 peer_device_to_info(&peer_device_info, peer_device);
2623                 flags = (peer_devices--) ? NOTIFY_CONTINUES : 0;
2624                 notify_peer_device_state(NULL, 0, peer_device, &peer_device_info, NOTIFY_CREATE | flags);
2625         }
2626         mutex_unlock(&notification_mutex);
2627         mutex_unlock(&adm_ctx.resource->conf_update);
2628
2629         rcu_read_lock();
2630         idr_for_each_entry(&connection->peer_devices, peer_device, i) {
2631                 struct drbd_device *device = peer_device->device;
2632                 device->send_cnt = 0;
2633                 device->recv_cnt = 0;
2634         }
2635         rcu_read_unlock();
2636
2637         retcode = conn_request_state(connection, NS(conn, C_UNCONNECTED), CS_VERBOSE);
2638
2639         conn_reconfig_done(connection);
2640         mutex_unlock(&adm_ctx.resource->adm_mutex);
2641         drbd_adm_finish(&adm_ctx, info, retcode);
2642         return 0;
2643
2644 fail:
2645         free_crypto(&crypto);
2646         kfree(new_net_conf);
2647
2648         conn_reconfig_done(connection);
2649         mutex_unlock(&adm_ctx.resource->adm_mutex);
2650 out:
2651         drbd_adm_finish(&adm_ctx, info, retcode);
2652         return 0;
2653 }
2654
2655 static enum drbd_state_rv conn_try_disconnect(struct drbd_connection *connection, bool force)
2656 {
2657         enum drbd_state_rv rv;
2658
2659         rv = conn_request_state(connection, NS(conn, C_DISCONNECTING),
2660                         force ? CS_HARD : 0);
2661
2662         switch (rv) {
2663         case SS_NOTHING_TO_DO:
2664                 break;
2665         case SS_ALREADY_STANDALONE:
2666                 return SS_SUCCESS;
2667         case SS_PRIMARY_NOP:
2668                 /* Our state checking code wants to see the peer outdated. */
2669                 rv = conn_request_state(connection, NS2(conn, C_DISCONNECTING, pdsk, D_OUTDATED), 0);
2670
2671                 if (rv == SS_OUTDATE_WO_CONN) /* lost connection before graceful disconnect succeeded */
2672                         rv = conn_request_state(connection, NS(conn, C_DISCONNECTING), CS_VERBOSE);
2673
2674                 break;
2675         case SS_CW_FAILED_BY_PEER:
2676                 /* The peer probably wants to see us outdated. */
2677                 rv = conn_request_state(connection, NS2(conn, C_DISCONNECTING,
2678                                                         disk, D_OUTDATED), 0);
2679                 if (rv == SS_IS_DISKLESS || rv == SS_LOWER_THAN_OUTDATED) {
2680                         rv = conn_request_state(connection, NS(conn, C_DISCONNECTING),
2681                                         CS_HARD);
2682                 }
2683                 break;
2684         default:;
2685                 /* no special handling necessary */
2686         }
2687
2688         if (rv >= SS_SUCCESS) {
2689                 enum drbd_state_rv rv2;
2690                 /* No one else can reconfigure the network while I am here.
2691                  * The state handling only uses drbd_thread_stop_nowait(),
2692                  * we want to really wait here until the receiver is no more.
2693                  */
2694                 drbd_thread_stop(&connection->receiver);
2695
2696                 /* Race breaker.  This additional state change request may be
2697                  * necessary, if this was a forced disconnect during a receiver
2698                  * restart.  We may have "killed" the receiver thread just
2699                  * after drbd_receiver() returned.  Typically, we should be
2700                  * C_STANDALONE already, now, and this becomes a no-op.
2701                  */
2702                 rv2 = conn_request_state(connection, NS(conn, C_STANDALONE),
2703                                 CS_VERBOSE | CS_HARD);
2704                 if (rv2 < SS_SUCCESS)
2705                         drbd_err(connection,
2706                                 "unexpected rv2=%d in conn_try_disconnect()\n",
2707                                 rv2);
2708                 /* Unlike in DRBD 9, the state engine has generated
2709                  * NOTIFY_DESTROY events before clearing connection->net_conf. */
2710         }
2711         return rv;
2712 }
2713
2714 int drbd_adm_disconnect(struct sk_buff *skb, struct genl_info *info)
2715 {
2716         struct drbd_config_context adm_ctx;
2717         struct disconnect_parms parms;
2718         struct drbd_connection *connection;
2719         enum drbd_state_rv rv;
2720         enum drbd_ret_code retcode;
2721         int err;
2722
2723         retcode = drbd_adm_prepare(&adm_ctx, skb, info, DRBD_ADM_NEED_CONNECTION);
2724         if (!adm_ctx.reply_skb)
2725                 return retcode;
2726         if (retcode != NO_ERROR)
2727                 goto fail;
2728
2729         connection = adm_ctx.connection;
2730         memset(&parms, 0, sizeof(parms));
2731         if (info->attrs[DRBD_NLA_DISCONNECT_PARMS]) {
2732                 err = disconnect_parms_from_attrs(&parms, info);
2733                 if (err) {
2734                         retcode = ERR_MANDATORY_TAG;
2735                         drbd_msg_put_info(adm_ctx.reply_skb, from_attrs_err_to_txt(err));
2736                         goto fail;
2737                 }
2738         }
2739
2740         mutex_lock(&adm_ctx.resource->adm_mutex);
2741         rv = conn_try_disconnect(connection, parms.force_disconnect);
2742         if (rv < SS_SUCCESS)
2743                 retcode = rv;  /* FIXME: Type mismatch. */
2744         else
2745                 retcode = NO_ERROR;
2746         mutex_unlock(&adm_ctx.resource->adm_mutex);
2747  fail:
2748         drbd_adm_finish(&adm_ctx, info, retcode);
2749         return 0;
2750 }
2751
2752 void resync_after_online_grow(struct drbd_device *device)
2753 {
2754         int iass; /* I am sync source */
2755
2756         drbd_info(device, "Resync of new storage after online grow\n");
2757         if (device->state.role != device->state.peer)
2758                 iass = (device->state.role == R_PRIMARY);
2759         else
2760                 iass = test_bit(RESOLVE_CONFLICTS, &first_peer_device(device)->connection->flags);
2761
2762         if (iass)
2763                 drbd_start_resync(device, C_SYNC_SOURCE);
2764         else
2765                 _drbd_request_state(device, NS(conn, C_WF_SYNC_UUID), CS_VERBOSE + CS_SERIALIZE);
2766 }
2767
2768 int drbd_adm_resize(struct sk_buff *skb, struct genl_info *info)
2769 {
2770         struct drbd_config_context adm_ctx;
2771         struct disk_conf *old_disk_conf, *new_disk_conf = NULL;
2772         struct resize_parms rs;
2773         struct drbd_device *device;
2774         enum drbd_ret_code retcode;
2775         enum determine_dev_size dd;
2776         bool change_al_layout = false;
2777         enum dds_flags ddsf;
2778         sector_t u_size;
2779         int err;
2780
2781         retcode = drbd_adm_prepare(&adm_ctx, skb, info, DRBD_ADM_NEED_MINOR);
2782         if (!adm_ctx.reply_skb)
2783                 return retcode;
2784         if (retcode != NO_ERROR)
2785                 goto finish;
2786
2787         mutex_lock(&adm_ctx.resource->adm_mutex);
2788         device = adm_ctx.device;
2789         if (!get_ldev(device)) {
2790                 retcode = ERR_NO_DISK;
2791                 goto fail;
2792         }
2793
2794         memset(&rs, 0, sizeof(struct resize_parms));
2795         rs.al_stripes = device->ldev->md.al_stripes;
2796         rs.al_stripe_size = device->ldev->md.al_stripe_size_4k * 4;
2797         if (info->attrs[DRBD_NLA_RESIZE_PARMS]) {
2798                 err = resize_parms_from_attrs(&rs, info);
2799                 if (err) {
2800                         retcode = ERR_MANDATORY_TAG;
2801                         drbd_msg_put_info(adm_ctx.reply_skb, from_attrs_err_to_txt(err));
2802                         goto fail_ldev;
2803                 }
2804         }
2805
2806         if (device->state.conn > C_CONNECTED) {
2807                 retcode = ERR_RESIZE_RESYNC;
2808                 goto fail_ldev;
2809         }
2810
2811         if (device->state.role == R_SECONDARY &&
2812             device->state.peer == R_SECONDARY) {
2813                 retcode = ERR_NO_PRIMARY;
2814                 goto fail_ldev;
2815         }
2816
2817         if (rs.no_resync && first_peer_device(device)->connection->agreed_pro_version < 93) {
2818                 retcode = ERR_NEED_APV_93;
2819                 goto fail_ldev;
2820         }
2821
2822         rcu_read_lock();
2823         u_size = rcu_dereference(device->ldev->disk_conf)->disk_size;
2824         rcu_read_unlock();
2825         if (u_size != (sector_t)rs.resize_size) {
2826                 new_disk_conf = kmalloc(sizeof(struct disk_conf), GFP_KERNEL);
2827                 if (!new_disk_conf) {
2828                         retcode = ERR_NOMEM;
2829                         goto fail_ldev;
2830                 }
2831         }
2832
2833         if (device->ldev->md.al_stripes != rs.al_stripes ||
2834             device->ldev->md.al_stripe_size_4k != rs.al_stripe_size / 4) {
2835                 u32 al_size_k = rs.al_stripes * rs.al_stripe_size;
2836
2837                 if (al_size_k > (16 * 1024 * 1024)) {
2838                         retcode = ERR_MD_LAYOUT_TOO_BIG;
2839                         goto fail_ldev;
2840                 }
2841
2842                 if (al_size_k < MD_32kB_SECT/2) {
2843                         retcode = ERR_MD_LAYOUT_TOO_SMALL;
2844                         goto fail_ldev;
2845                 }
2846
2847                 if (device->state.conn != C_CONNECTED && !rs.resize_force) {
2848                         retcode = ERR_MD_LAYOUT_CONNECTED;
2849                         goto fail_ldev;
2850                 }
2851
2852                 change_al_layout = true;
2853         }
2854
2855         if (device->ldev->known_size != drbd_get_capacity(device->ldev->backing_bdev))
2856                 device->ldev->known_size = drbd_get_capacity(device->ldev->backing_bdev);
2857
2858         if (new_disk_conf) {
2859                 mutex_lock(&device->resource->conf_update);
2860                 old_disk_conf = device->ldev->disk_conf;
2861                 *new_disk_conf = *old_disk_conf;
2862                 new_disk_conf->disk_size = (sector_t)rs.resize_size;
2863                 rcu_assign_pointer(device->ldev->disk_conf, new_disk_conf);
2864                 mutex_unlock(&device->resource->conf_update);
2865                 synchronize_rcu();
2866                 kfree(old_disk_conf);
2867                 new_disk_conf = NULL;
2868         }
2869
2870         ddsf = (rs.resize_force ? DDSF_FORCED : 0) | (rs.no_resync ? DDSF_NO_RESYNC : 0);
2871         dd = drbd_determine_dev_size(device, ddsf, change_al_layout ? &rs : NULL);
2872         drbd_md_sync(device);
2873         put_ldev(device);
2874         if (dd == DS_ERROR) {
2875                 retcode = ERR_NOMEM_BITMAP;
2876                 goto fail;
2877         } else if (dd == DS_ERROR_SPACE_MD) {
2878                 retcode = ERR_MD_LAYOUT_NO_FIT;
2879                 goto fail;
2880         } else if (dd == DS_ERROR_SHRINK) {
2881                 retcode = ERR_IMPLICIT_SHRINK;
2882                 goto fail;
2883         }
2884
2885         if (device->state.conn == C_CONNECTED) {
2886                 if (dd == DS_GREW)
2887                         set_bit(RESIZE_PENDING, &device->flags);
2888
2889                 drbd_send_uuids(first_peer_device(device));
2890                 drbd_send_sizes(first_peer_device(device), 1, ddsf);
2891         }
2892
2893  fail:
2894         mutex_unlock(&adm_ctx.resource->adm_mutex);
2895  finish:
2896         drbd_adm_finish(&adm_ctx, info, retcode);
2897         return 0;
2898
2899  fail_ldev:
2900         put_ldev(device);
2901         kfree(new_disk_conf);
2902         goto fail;
2903 }
2904
2905 int drbd_adm_resource_opts(struct sk_buff *skb, struct genl_info *info)
2906 {
2907         struct drbd_config_context adm_ctx;
2908         enum drbd_ret_code retcode;
2909         struct res_opts res_opts;
2910         int err;
2911
2912         retcode = drbd_adm_prepare(&adm_ctx, skb, info, DRBD_ADM_NEED_RESOURCE);
2913         if (!adm_ctx.reply_skb)
2914                 return retcode;
2915         if (retcode != NO_ERROR)
2916                 goto fail;
2917
2918         res_opts = adm_ctx.resource->res_opts;
2919         if (should_set_defaults(info))
2920                 set_res_opts_defaults(&res_opts);
2921
2922         err = res_opts_from_attrs(&res_opts, info);
2923         if (err && err != -ENOMSG) {
2924                 retcode = ERR_MANDATORY_TAG;
2925                 drbd_msg_put_info(adm_ctx.reply_skb, from_attrs_err_to_txt(err));
2926                 goto fail;
2927         }
2928
2929         mutex_lock(&adm_ctx.resource->adm_mutex);
2930         err = set_resource_options(adm_ctx.resource, &res_opts);
2931         if (err) {
2932                 retcode = ERR_INVALID_REQUEST;
2933                 if (err == -ENOMEM)
2934                         retcode = ERR_NOMEM;
2935         }
2936         mutex_unlock(&adm_ctx.resource->adm_mutex);
2937
2938 fail:
2939         drbd_adm_finish(&adm_ctx, info, retcode);
2940         return 0;
2941 }
2942
2943 int drbd_adm_invalidate(struct sk_buff *skb, struct genl_info *info)
2944 {
2945         struct drbd_config_context adm_ctx;
2946         struct drbd_device *device;
2947         int retcode; /* enum drbd_ret_code rsp. enum drbd_state_rv */
2948
2949         retcode = drbd_adm_prepare(&adm_ctx, skb, info, DRBD_ADM_NEED_MINOR);
2950         if (!adm_ctx.reply_skb)
2951                 return retcode;
2952         if (retcode != NO_ERROR)
2953                 goto out;
2954
2955         device = adm_ctx.device;
2956         if (!get_ldev(device)) {
2957                 retcode = ERR_NO_DISK;
2958                 goto out;
2959         }
2960
2961         mutex_lock(&adm_ctx.resource->adm_mutex);
2962
2963         /* If there is still bitmap IO pending, probably because of a previous
2964          * resync just being finished, wait for it before requesting a new resync.
2965          * Also wait for it's after_state_ch(). */
2966         drbd_suspend_io(device);
2967         wait_event(device->misc_wait, !test_bit(BITMAP_IO, &device->flags));
2968         drbd_flush_workqueue(&first_peer_device(device)->connection->sender_work);
2969
2970         /* If we happen to be C_STANDALONE R_SECONDARY, just change to
2971          * D_INCONSISTENT, and set all bits in the bitmap.  Otherwise,
2972          * try to start a resync handshake as sync target for full sync.
2973          */
2974         if (device->state.conn == C_STANDALONE && device->state.role == R_SECONDARY) {
2975                 retcode = drbd_request_state(device, NS(disk, D_INCONSISTENT));
2976                 if (retcode >= SS_SUCCESS) {
2977                         if (drbd_bitmap_io(device, &drbd_bmio_set_n_write,
2978                                 "set_n_write from invalidate", BM_LOCKED_MASK))
2979                                 retcode = ERR_IO_MD_DISK;
2980                 }
2981         } else
2982                 retcode = drbd_request_state(device, NS(conn, C_STARTING_SYNC_T));
2983         drbd_resume_io(device);
2984         mutex_unlock(&adm_ctx.resource->adm_mutex);
2985         put_ldev(device);
2986 out:
2987         drbd_adm_finish(&adm_ctx, info, retcode);
2988         return 0;
2989 }
2990
2991 static int drbd_adm_simple_request_state(struct sk_buff *skb, struct genl_info *info,
2992                 union drbd_state mask, union drbd_state val)
2993 {
2994         struct drbd_config_context adm_ctx;
2995         enum drbd_ret_code retcode;
2996
2997         retcode = drbd_adm_prepare(&adm_ctx, skb, info, DRBD_ADM_NEED_MINOR);
2998         if (!adm_ctx.reply_skb)
2999                 return retcode;
3000         if (retcode != NO_ERROR)
3001                 goto out;
3002
3003         mutex_lock(&adm_ctx.resource->adm_mutex);
3004         retcode = drbd_request_state(adm_ctx.device, mask, val);
3005         mutex_unlock(&adm_ctx.resource->adm_mutex);
3006 out:
3007         drbd_adm_finish(&adm_ctx, info, retcode);
3008         return 0;
3009 }
3010
3011 static int drbd_bmio_set_susp_al(struct drbd_device *device) __must_hold(local)
3012 {
3013         int rv;
3014
3015         rv = drbd_bmio_set_n_write(device);
3016         drbd_suspend_al(device);
3017         return rv;
3018 }
3019
3020 int drbd_adm_invalidate_peer(struct sk_buff *skb, struct genl_info *info)
3021 {
3022         struct drbd_config_context adm_ctx;
3023         int retcode; /* drbd_ret_code, drbd_state_rv */
3024         struct drbd_device *device;
3025
3026         retcode = drbd_adm_prepare(&adm_ctx, skb, info, DRBD_ADM_NEED_MINOR);
3027         if (!adm_ctx.reply_skb)
3028                 return retcode;
3029         if (retcode != NO_ERROR)
3030                 goto out;
3031
3032         device = adm_ctx.device;
3033         if (!get_ldev(device)) {
3034                 retcode = ERR_NO_DISK;
3035                 goto out;
3036         }
3037
3038         mutex_lock(&adm_ctx.resource->adm_mutex);
3039
3040         /* If there is still bitmap IO pending, probably because of a previous
3041          * resync just being finished, wait for it before requesting a new resync.
3042          * Also wait for it's after_state_ch(). */
3043         drbd_suspend_io(device);
3044         wait_event(device->misc_wait, !test_bit(BITMAP_IO, &device->flags));
3045         drbd_flush_workqueue(&first_peer_device(device)->connection->sender_work);
3046
3047         /* If we happen to be C_STANDALONE R_PRIMARY, just set all bits
3048          * in the bitmap.  Otherwise, try to start a resync handshake
3049          * as sync source for full sync.
3050          */
3051         if (device->state.conn == C_STANDALONE && device->state.role == R_PRIMARY) {
3052                 /* The peer will get a resync upon connect anyways. Just make that
3053                    into a full resync. */
3054                 retcode = drbd_request_state(device, NS(pdsk, D_INCONSISTENT));
3055                 if (retcode >= SS_SUCCESS) {
3056                         if (drbd_bitmap_io(device, &drbd_bmio_set_susp_al,
3057                                 "set_n_write from invalidate_peer",
3058                                 BM_LOCKED_SET_ALLOWED))
3059                                 retcode = ERR_IO_MD_DISK;
3060                 }
3061         } else
3062                 retcode = drbd_request_state(device, NS(conn, C_STARTING_SYNC_S));
3063         drbd_resume_io(device);
3064         mutex_unlock(&adm_ctx.resource->adm_mutex);
3065         put_ldev(device);
3066 out:
3067         drbd_adm_finish(&adm_ctx, info, retcode);
3068         return 0;
3069 }
3070
3071 int drbd_adm_pause_sync(struct sk_buff *skb, struct genl_info *info)
3072 {
3073         struct drbd_config_context adm_ctx;
3074         enum drbd_ret_code retcode;
3075
3076         retcode = drbd_adm_prepare(&adm_ctx, skb, info, DRBD_ADM_NEED_MINOR);
3077         if (!adm_ctx.reply_skb)
3078                 return retcode;
3079         if (retcode != NO_ERROR)
3080                 goto out;
3081
3082         mutex_lock(&adm_ctx.resource->adm_mutex);
3083         if (drbd_request_state(adm_ctx.device, NS(user_isp, 1)) == SS_NOTHING_TO_DO)
3084                 retcode = ERR_PAUSE_IS_SET;
3085         mutex_unlock(&adm_ctx.resource->adm_mutex);
3086 out:
3087         drbd_adm_finish(&adm_ctx, info, retcode);
3088         return 0;
3089 }
3090
3091 int drbd_adm_resume_sync(struct sk_buff *skb, struct genl_info *info)
3092 {
3093         struct drbd_config_context adm_ctx;
3094         union drbd_dev_state s;
3095         enum drbd_ret_code retcode;
3096
3097         retcode = drbd_adm_prepare(&adm_ctx, skb, info, DRBD_ADM_NEED_MINOR);
3098         if (!adm_ctx.reply_skb)
3099                 return retcode;
3100         if (retcode != NO_ERROR)
3101                 goto out;
3102
3103         mutex_lock(&adm_ctx.resource->adm_mutex);
3104         if (drbd_request_state(adm_ctx.device, NS(user_isp, 0)) == SS_NOTHING_TO_DO) {
3105                 s = adm_ctx.device->state;
3106                 if (s.conn == C_PAUSED_SYNC_S || s.conn == C_PAUSED_SYNC_T) {
3107                         retcode = s.aftr_isp ? ERR_PIC_AFTER_DEP :