From paul@inetstat.net  Fri May 23 19:08:08 2014
Return-Path: <paul@inetstat.net>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1])
	(using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by hub.freebsd.org (Postfix) with ESMTPS id 3C679C52
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 23 May 2014 19:08:08 +0000 (UTC)
Received: from srv00.inetstat.net (srv00.inetstat.net [91.121.154.174])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "srv00.inetstat.net", Issuer "srv00.inetstat.net" (not verified))
	by mx1.freebsd.org (Postfix) with ESMTPS id E3EC12CF2
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 23 May 2014 19:08:07 +0000 (UTC)
Received: from srv00.inetstat.net (localhost [127.0.0.1])
	by srv00.inetstat.net (Postfix) with ESMTP id C8A833ACDC
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 23 May 2014 19:07:58 +0000 (UTC)
Received: from srv00.inetstat.net ([IPv6:::1])
	by srv00.inetstat.net (srv00.inetstat.net [IPv6:::1]) (amavisd-new, port 10026)
	with ESMTP id nJHUUAKEjC7H; Fri, 23 May 2014 19:07:55 +0000 (UTC)
Received: by srv00.inetstat.net (Postfix, from userid 1001)
	id 566AA3ACDB; Fri, 23 May 2014 19:07:55 +0000 (UTC)
Message-Id: <20140523190755.566AA3ACDB@srv00.inetstat.net>
Date: Fri, 23 May 2014 19:07:55 +0000 (UTC)
From: Paul J Murphy <paul@inetstat.net>
Reply-To: Paul J Murphy <paul@inetstat.net>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: [patch] [rc] gmirror savecore support
X-Send-Pr-Version: 3.114
X-GNATS-Notify:

>Number:         190152
>Category:       conf
>Synopsis:       [patch] [rc] gmirror savecore support
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-rc
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri May 23 19:10:00 UTC 2014
>Closed-Date:    
>Last-Modified:  Wed May 28 11:20:00 UTC 2014
>Originator:     Paul J Murphy
>Release:        FreeBSD 10.0-RELEASE-p3 amd64
>Organization:
iNetStat.net
>Environment:
>Description:
(Calling this a sw-bug, rather than change-request, as I consider it a bug that savecore is basically broken on a very common setup.)

Adding long-overdue basic gmirror savecore support.  In a perfect world, it would support AUTO for simple configurations, but I've left that as a TODO for now, and think that it's better to get this basic support into the OS, and someone can figure out a nice AUTO implementation later.  RC-wizards, please feel free to decide that the gmirror commands would be better executed inside the savecore_start() instead of pre/post.

Also fixes doc-bugs in gmirror(8), which suggested addressing the issue through the removed rc.early/rc.late scripts, and removes mention of not being able to change priority of gmirror components (seems to work just fine on 10.0-RELEASE, not sure when it was fixed).
Small section on boot on gmirror added to the NOTES section of gmirror(8), since there really should be some mention of that in there.

>How-To-Repeat:
>Fix:
Proposed for CURRENT & 10-STABLE.  It should probably also go into older -STABLE too.  This patch was developed and tested on 10.0-RELEASE, but can probably be easily applied to just about any recent-ish release.

Is this simple and low-risk enough that it should go into existing releng branches as well?  There's a possible small benefit in security terms, in that any attacks or exploits which end up causing a panic might be more detectable/diagnosable with this patch installed.

--- savecore.patch begins here ---
Index: etc/defaults/rc.conf
===================================================================
--- etc/defaults/rc.conf	(revision 266549)
+++ etc/defaults/rc.conf	(working copy)
@@ -595,6 +595,9 @@
 savecore_flags="-m 10"	# Used if dumpdev is enabled above, and present.
 			# By default, only the 10 most recent kernel dumps
 			# are saved.
+savecore_gmirror_name="" # gmirror provider name containing dumpdev
+savecore_gmirror_balance="load" # gmirror balance algorithm to set after
+			# savecore has run
 crashinfo_enable="YES"	# Automatically generate crash dump summary.
 crashinfo_program="/usr/sbin/crashinfo"	# Script to generate crash dump summary.
 quota_enable="NO"	# turn on quotas on startup (or NO).
Index: etc/rc.d/savecore
===================================================================
--- etc/rc.d/savecore	(revision 266549)
+++ etc/rc.d/savecore	(working copy)
@@ -12,6 +12,7 @@
 name="savecore"
 start_cmd="savecore_start"
 start_precmd="savecore_prestart"
+start_postcmd="savecore_poststart"
 stop_cmd=":"
 
 savecore_prestart()
@@ -40,6 +41,22 @@
 		;;
 	esac
 
+	case ${savecore_gmirror_name} in
+	[Nn][Oo] | '')
+		savecore_gmirror_name=''
+		;;
+	[Aa][Uu][Tt][Oo])
+		# TODO: figure out a reasonable method for auto mode
+		;;
+	esac
+
+	# If there is no balance algorithm, use the default for new mirrors
+	case ${savecore_gmirror_balance} in
+	'')
+		savecore_gmirror_balance='load'
+		;;
+	esac
+
 	if [ ! -c "${dumpdev}" ]; then
 		warn "Dump device does not exist.  Savecore not run."
 		return 1
@@ -49,6 +66,11 @@
 		warn "Dump directory does not exist.  Savecore not run."
 		return 1
 	fi
+
+	if [ "${savecore_gmirror_name}" ]; then
+		gmirror configure -b prefer ${savecore_gmirror_name}
+	fi
+
 	return 0
 }
 
@@ -76,5 +98,12 @@
 	fi
 }
 
+savecore_poststart()
+{
+	if [ "${savecore_gmirror_name}" ]; then
+		gmirror configure -b ${savecore_gmirror_balance} ${savecore_gmirror_name}
+	fi
+}
+
 load_rc_config $name
 run_rc_command "$1"
Index: sbin/geom/class/mirror/gmirror.8
===================================================================
--- sbin/geom/class/mirror/gmirror.8	(revision 266549)
+++ sbin/geom/class/mirror/gmirror.8	(working copy)
@@ -298,10 +298,23 @@
 gmirror activate data da1
 .Ed
 .Sh NOTES
-Doing kernel dumps to
+.Ss Booting from a gmirror provider
+Systems which boot from a
 .Nm
-providers.
+provider will need to make the geom_mirror kernel module available at
+boot time.  If it is not included in the base kernel, but is available
+as a loadable module (the normal situation with the standard GENERIC
+kernel build), the following should be added to the
+.Pa /boot/loader.conf
+file:
+.Bd -literal -offset indent
+geom_mirror_load="YES"
+.Ed
 .Pp
+Obviously, normal partitioning and boot code will be required in
+addition to loading the kernel module.
+.Ss Doing kernel dumps to gmirror providers.
+.Pp
 This is possible, but some conditions have to be met.
 First of all, a kernel dump will go only to one component and
 .Nm
@@ -313,18 +326,12 @@
 will read only from the component with the highest priority).
 If you use a different balance algorithm, you should add:
 .Bd -literal -offset indent
-gmirror configure -b prefer data
+.No savecore_gmirror_name= Ns Qq Ar name
+.No savecore_gmirror_balance= Ns Qq Ar balance
 .Ed
 .Pp
 to the
-.Pa /etc/rc.early
-script and:
-.Bd -literal -offset indent
-gmirror configure -b round-robin data
-.Ed
-.Pp
-to the
-.Pa /etc/rc.local
+.Pa /etc/rc.conf
 script.
 The decision which component to choose for dumping is made when
 .Xr dumpon 8
@@ -353,8 +360,6 @@
 .Sh AUTHORS
 .An Pawel Jakub Dawidek Aq pjd@FreeBSD.org
 .Sh BUGS
-There should be a way to change a component's priority inside a running mirror.
-.Pp
 There should be a section with an implementation description.
 .Pp
 Documentation for sysctls
--- savecore.patch ends here ---


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->freebsd-rc 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Sat May 24 17:13:19 UTC 2014 
Responsible-Changed-Why:  
Over to maintainer(s). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=190152 

From: The BSD Dreamer <beastie@tardisi.com>
To: Bug followup <bug-followup@freebsd.org>, paul@inetstat.net
Cc:  
Subject: Re: conf/190152: [patch] [rc] gmirror savecore support
Date: Tue, 27 May 2014 17:13:55 -0500

 This sounds/looks similar to an issue I had reported as:
 
 docs/178818: gmirror(8) says to use rc.early which is no longer available
 
 Where there was a suggestion to handle it through the dumpon script, which I 
 more recently found that the savecore script should have a corresponding mod 
 as well.
 
 The timestamp on my current savecore is May 12th.  And, my system 
 successfully saved crash dumps from May 11th and May 13th.
 
 The problem after the May 11th savecore, was that it didn't restore my 
 balance setting.  I didn't look at the May 13th one....since I'm without a 
 mirror now.  No panics since, perhaps that was the reason.
 
 -- 
    Name: Lawrence "The Dreamer" Chen    Call: W0LKC
   Snail: 1530 College Ave, A5          Email: beastie@tardisi.com
          Manhattan, KS 66502-2768       Blog: http://lawrencechen.net

From: Paul J Murphy <paul@inetstat.net>
To: The BSD Dreamer <beastie@tardisi.com>
Cc: Bug followup <bug-followup@freebsd.org>
Subject: Re: conf/190152: [patch] [rc] gmirror savecore support
Date: Wed, 28 May 2014 11:11:56 +0000

 On Tue, May 27, 2014 at 05:13:55PM -0500, The BSD Dreamer wrote:
 > This sounds/looks similar to an issue I had reported as:
 > 
 > docs/178818: gmirror(8) says to use rc.early which is no longer available
 > 
 > Where there was a suggestion to handle it through the dumpon script, which I 
 > more recently found that the savecore script should have a corresponding mod 
 > as well.
 > 
 > The timestamp on my current savecore is May 12th.  And, my system 
 > successfully saved crash dumps from May 11th and May 13th.
 > 
 > The problem after the May 11th savecore, was that it didn't restore my 
 > balance setting.  I didn't look at the May 13th one....since I'm without a 
 > mirror now.  No panics since, perhaps that was the reason.
 
 Yes, it's basically the same problem as docs/178818.  I didn't spot
 that PR when submitting this one, as I wasn't thinking "docs".  As far
 as I'm aware, the problem doesn't actually need any changes to the
 dumpon script, as the kernel will always deterministically pick 1
 physical device within the mirror when dumping.  The problem comes
 when savecore tries to read the saved dump, and needs the dump device
 to give the same deterministic behaviour when reading from it.
 
 It's quite possible that there is a configuration where changes are
 needed to dumpon as well as savecore, but I don't know what that
 configuration is.  If you know of a configuration which needs special
 handling there (as well as during savecore), please provide any
 details that you can.  I believe that my patch here is sufficient for
 the 2 most obvious cases with a simple pair of simple drives
 (i.e. JBOD, with no complex RAID hardware involved): 1) entire-disk
 gmirror; 2) single-partition gmirror.
 
 There's also a problem with the fix suggested in docs/178818, I think,
 where it will fail on entire-disk gmirrors (i.e. where the mirror is
 /dev/mirror/gm0, with dump on a partition inside the mirror at, e.g.,
 /dev/mirror/gm0b or /dev/mirror/gm0s1b).  That is why I provided a
 "savecore_gmirror_name" conf var in my patch here, and avoided
 implementing AUTO for now.  It's certainly possible for someone to
 implement AUTO in the future, which is why I left a TODO stub for it
 in my patch, but it's more complex to reliably determine the mirror
 name from the dump device than the simple stripping of "/dev/mirror"
 attempted in docs/178818.
 
 
 Regards,
 
 Paul.
>Unformatted:
