Loading...
1/*
2 * JFFS2 -- Journalling Flash File System, Version 2.
3 *
4 * Copyright © 2001-2007 Red Hat, Inc.
5 * Copyright © 2004-2010 David Woodhouse <dwmw2@infradead.org>
6 *
7 * Created by David Woodhouse <dwmw2@infradead.org>
8 *
9 * For licensing information, see the file 'LICENCE' in this directory.
10 *
11 */
12
13#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
14
15#include <linux/kernel.h>
16#include <linux/mtd/mtd.h>
17#include <linux/slab.h>
18#include <linux/pagemap.h>
19#include <linux/crc32.h>
20#include <linux/compiler.h>
21#include <linux/stat.h>
22#include "nodelist.h"
23#include "compr.h"
24
25static int jffs2_garbage_collect_pristine(struct jffs2_sb_info *c,
26 struct jffs2_inode_cache *ic,
27 struct jffs2_raw_node_ref *raw);
28static int jffs2_garbage_collect_metadata(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
29 struct jffs2_inode_info *f, struct jffs2_full_dnode *fd);
30static int jffs2_garbage_collect_dirent(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
31 struct jffs2_inode_info *f, struct jffs2_full_dirent *fd);
32static int jffs2_garbage_collect_deletion_dirent(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
33 struct jffs2_inode_info *f, struct jffs2_full_dirent *fd);
34static int jffs2_garbage_collect_hole(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
35 struct jffs2_inode_info *f, struct jffs2_full_dnode *fn,
36 uint32_t start, uint32_t end);
37static int jffs2_garbage_collect_dnode(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
38 struct jffs2_inode_info *f, struct jffs2_full_dnode *fn,
39 uint32_t start, uint32_t end);
40static int jffs2_garbage_collect_live(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
41 struct jffs2_raw_node_ref *raw, struct jffs2_inode_info *f);
42
43/* Called with erase_completion_lock held */
44static struct jffs2_eraseblock *jffs2_find_gc_block(struct jffs2_sb_info *c)
45{
46 struct jffs2_eraseblock *ret;
47 struct list_head *nextlist = NULL;
48 int n = jiffies % 128;
49
50 /* Pick an eraseblock to garbage collect next. This is where we'll
51 put the clever wear-levelling algorithms. Eventually. */
52 /* We possibly want to favour the dirtier blocks more when the
53 number of free blocks is low. */
54again:
55 if (!list_empty(&c->bad_used_list) && c->nr_free_blocks > c->resv_blocks_gcbad) {
56 jffs2_dbg(1, "Picking block from bad_used_list to GC next\n");
57 nextlist = &c->bad_used_list;
58 } else if (n < 50 && !list_empty(&c->erasable_list)) {
59 /* Note that most of them will have gone directly to be erased.
60 So don't favour the erasable_list _too_ much. */
61 jffs2_dbg(1, "Picking block from erasable_list to GC next\n");
62 nextlist = &c->erasable_list;
63 } else if (n < 110 && !list_empty(&c->very_dirty_list)) {
64 /* Most of the time, pick one off the very_dirty list */
65 jffs2_dbg(1, "Picking block from very_dirty_list to GC next\n");
66 nextlist = &c->very_dirty_list;
67 } else if (n < 126 && !list_empty(&c->dirty_list)) {
68 jffs2_dbg(1, "Picking block from dirty_list to GC next\n");
69 nextlist = &c->dirty_list;
70 } else if (!list_empty(&c->clean_list)) {
71 jffs2_dbg(1, "Picking block from clean_list to GC next\n");
72 nextlist = &c->clean_list;
73 } else if (!list_empty(&c->dirty_list)) {
74 jffs2_dbg(1, "Picking block from dirty_list to GC next (clean_list was empty)\n");
75
76 nextlist = &c->dirty_list;
77 } else if (!list_empty(&c->very_dirty_list)) {
78 jffs2_dbg(1, "Picking block from very_dirty_list to GC next (clean_list and dirty_list were empty)\n");
79 nextlist = &c->very_dirty_list;
80 } else if (!list_empty(&c->erasable_list)) {
81 jffs2_dbg(1, "Picking block from erasable_list to GC next (clean_list and {very_,}dirty_list were empty)\n");
82
83 nextlist = &c->erasable_list;
84 } else if (!list_empty(&c->erasable_pending_wbuf_list)) {
85 /* There are blocks are wating for the wbuf sync */
86 jffs2_dbg(1, "Synching wbuf in order to reuse erasable_pending_wbuf_list blocks\n");
87 spin_unlock(&c->erase_completion_lock);
88 jffs2_flush_wbuf_pad(c);
89 spin_lock(&c->erase_completion_lock);
90 goto again;
91 } else {
92 /* Eep. All were empty */
93 jffs2_dbg(1, "No clean, dirty _or_ erasable blocks to GC from! Where are they all?\n");
94 return NULL;
95 }
96
97 ret = list_entry(nextlist->next, struct jffs2_eraseblock, list);
98 list_del(&ret->list);
99 c->gcblock = ret;
100 ret->gc_node = ret->first_node;
101 if (!ret->gc_node) {
102 pr_warn("Eep. ret->gc_node for block at 0x%08x is NULL\n",
103 ret->offset);
104 BUG();
105 }
106
107 /* Have we accidentally picked a clean block with wasted space ? */
108 if (ret->wasted_size) {
109 jffs2_dbg(1, "Converting wasted_size %08x to dirty_size\n",
110 ret->wasted_size);
111 ret->dirty_size += ret->wasted_size;
112 c->wasted_size -= ret->wasted_size;
113 c->dirty_size += ret->wasted_size;
114 ret->wasted_size = 0;
115 }
116
117 return ret;
118}
119
120/* jffs2_garbage_collect_pass
121 * Make a single attempt to progress GC. Move one node, and possibly
122 * start erasing one eraseblock.
123 */
124int jffs2_garbage_collect_pass(struct jffs2_sb_info *c)
125{
126 struct jffs2_inode_info *f;
127 struct jffs2_inode_cache *ic;
128 struct jffs2_eraseblock *jeb;
129 struct jffs2_raw_node_ref *raw;
130 uint32_t gcblock_dirty;
131 int ret = 0, inum, nlink;
132 int xattr = 0;
133
134 if (mutex_lock_interruptible(&c->alloc_sem))
135 return -EINTR;
136
137
138 for (;;) {
139 /* We can't start doing GC until we've finished checking
140 the node CRCs etc. */
141 int bucket, want_ino;
142
143 spin_lock(&c->erase_completion_lock);
144 if (!c->unchecked_size)
145 break;
146 spin_unlock(&c->erase_completion_lock);
147
148 if (!xattr)
149 xattr = jffs2_verify_xattr(c);
150
151 spin_lock(&c->inocache_lock);
152 /* Instead of doing the inodes in numeric order, doing a lookup
153 * in the hash for each possible number, just walk the hash
154 * buckets of *existing* inodes. This means that we process
155 * them out-of-order, but it can be a lot faster if there's
156 * a sparse inode# space. Which there often is. */
157 want_ino = c->check_ino;
158 for (bucket = c->check_ino % c->inocache_hashsize ; bucket < c->inocache_hashsize; bucket++) {
159 for (ic = c->inocache_list[bucket]; ic; ic = ic->next) {
160 if (ic->ino < want_ino)
161 continue;
162
163 if (ic->state != INO_STATE_CHECKEDABSENT &&
164 ic->state != INO_STATE_PRESENT)
165 goto got_next; /* with inocache_lock held */
166
167 jffs2_dbg(1, "Skipping ino #%u already checked\n",
168 ic->ino);
169 }
170 want_ino = 0;
171 }
172
173 /* Point c->check_ino past the end of the last bucket. */
174 c->check_ino = ((c->highest_ino + c->inocache_hashsize + 1) &
175 ~c->inocache_hashsize) - 1;
176
177 spin_unlock(&c->inocache_lock);
178
179 pr_crit("Checked all inodes but still 0x%x bytes of unchecked space?\n",
180 c->unchecked_size);
181 jffs2_dbg_dump_block_lists_nolock(c);
182 mutex_unlock(&c->alloc_sem);
183 return -ENOSPC;
184
185 got_next:
186 /* For next time round the loop, we want c->checked_ino to indicate
187 * the *next* one we want to check. And since we're walking the
188 * buckets rather than doing it sequentially, it's: */
189 c->check_ino = ic->ino + c->inocache_hashsize;
190
191 if (!ic->pino_nlink) {
192 jffs2_dbg(1, "Skipping check of ino #%d with nlink/pino zero\n",
193 ic->ino);
194 spin_unlock(&c->inocache_lock);
195 jffs2_xattr_delete_inode(c, ic);
196 continue;
197 }
198 switch(ic->state) {
199 case INO_STATE_CHECKEDABSENT:
200 case INO_STATE_PRESENT:
201 spin_unlock(&c->inocache_lock);
202 continue;
203
204 case INO_STATE_GC:
205 case INO_STATE_CHECKING:
206 pr_warn("Inode #%u is in state %d during CRC check phase!\n",
207 ic->ino, ic->state);
208 spin_unlock(&c->inocache_lock);
209 BUG();
210
211 case INO_STATE_READING:
212 /* We need to wait for it to finish, lest we move on
213 and trigger the BUG() above while we haven't yet
214 finished checking all its nodes */
215 jffs2_dbg(1, "Waiting for ino #%u to finish reading\n",
216 ic->ino);
217 /* We need to come back again for the _same_ inode. We've
218 made no progress in this case, but that should be OK */
219 c->check_ino = ic->ino;
220
221 mutex_unlock(&c->alloc_sem);
222 sleep_on_spinunlock(&c->inocache_wq, &c->inocache_lock);
223 return 0;
224
225 default:
226 BUG();
227
228 case INO_STATE_UNCHECKED:
229 ;
230 }
231 ic->state = INO_STATE_CHECKING;
232 spin_unlock(&c->inocache_lock);
233
234 jffs2_dbg(1, "%s(): triggering inode scan of ino#%u\n",
235 __func__, ic->ino);
236
237 ret = jffs2_do_crccheck_inode(c, ic);
238 if (ret)
239 pr_warn("Returned error for crccheck of ino #%u. Expect badness...\n",
240 ic->ino);
241
242 jffs2_set_inocache_state(c, ic, INO_STATE_CHECKEDABSENT);
243 mutex_unlock(&c->alloc_sem);
244 return ret;
245 }
246
247 /* If there are any blocks which need erasing, erase them now */
248 if (!list_empty(&c->erase_complete_list) ||
249 !list_empty(&c->erase_pending_list)) {
250 spin_unlock(&c->erase_completion_lock);
251 mutex_unlock(&c->alloc_sem);
252 jffs2_dbg(1, "%s(): erasing pending blocks\n", __func__);
253 if (jffs2_erase_pending_blocks(c, 1))
254 return 0;
255
256 jffs2_dbg(1, "No progress from erasing block; doing GC anyway\n");
257 mutex_lock(&c->alloc_sem);
258 spin_lock(&c->erase_completion_lock);
259 }
260
261 /* First, work out which block we're garbage-collecting */
262 jeb = c->gcblock;
263
264 if (!jeb)
265 jeb = jffs2_find_gc_block(c);
266
267 if (!jeb) {
268 /* Couldn't find a free block. But maybe we can just erase one and make 'progress'? */
269 if (c->nr_erasing_blocks) {
270 spin_unlock(&c->erase_completion_lock);
271 mutex_unlock(&c->alloc_sem);
272 return -EAGAIN;
273 }
274 jffs2_dbg(1, "Couldn't find erase block to garbage collect!\n");
275 spin_unlock(&c->erase_completion_lock);
276 mutex_unlock(&c->alloc_sem);
277 return -EIO;
278 }
279
280 jffs2_dbg(1, "GC from block %08x, used_size %08x, dirty_size %08x, free_size %08x\n",
281 jeb->offset, jeb->used_size, jeb->dirty_size, jeb->free_size);
282 D1(if (c->nextblock)
283 printk(KERN_DEBUG "Nextblock at %08x, used_size %08x, dirty_size %08x, wasted_size %08x, free_size %08x\n", c->nextblock->offset, c->nextblock->used_size, c->nextblock->dirty_size, c->nextblock->wasted_size, c->nextblock->free_size));
284
285 if (!jeb->used_size) {
286 mutex_unlock(&c->alloc_sem);
287 goto eraseit;
288 }
289
290 raw = jeb->gc_node;
291 gcblock_dirty = jeb->dirty_size;
292
293 while(ref_obsolete(raw)) {
294 jffs2_dbg(1, "Node at 0x%08x is obsolete... skipping\n",
295 ref_offset(raw));
296 raw = ref_next(raw);
297 if (unlikely(!raw)) {
298 pr_warn("eep. End of raw list while still supposedly nodes to GC\n");
299 pr_warn("erase block at 0x%08x. free_size 0x%08x, dirty_size 0x%08x, used_size 0x%08x\n",
300 jeb->offset, jeb->free_size,
301 jeb->dirty_size, jeb->used_size);
302 jeb->gc_node = raw;
303 spin_unlock(&c->erase_completion_lock);
304 mutex_unlock(&c->alloc_sem);
305 BUG();
306 }
307 }
308 jeb->gc_node = raw;
309
310 jffs2_dbg(1, "Going to garbage collect node at 0x%08x\n",
311 ref_offset(raw));
312
313 if (!raw->next_in_ino) {
314 /* Inode-less node. Clean marker, snapshot or something like that */
315 spin_unlock(&c->erase_completion_lock);
316 if (ref_flags(raw) == REF_PRISTINE) {
317 /* It's an unknown node with JFFS2_FEATURE_RWCOMPAT_COPY */
318 jffs2_garbage_collect_pristine(c, NULL, raw);
319 } else {
320 /* Just mark it obsolete */
321 jffs2_mark_node_obsolete(c, raw);
322 }
323 mutex_unlock(&c->alloc_sem);
324 goto eraseit_lock;
325 }
326
327 ic = jffs2_raw_ref_to_ic(raw);
328
329#ifdef CONFIG_JFFS2_FS_XATTR
330 /* When 'ic' refers xattr_datum/xattr_ref, this node is GCed as xattr.
331 * We can decide whether this node is inode or xattr by ic->class. */
332 if (ic->class == RAWNODE_CLASS_XATTR_DATUM
333 || ic->class == RAWNODE_CLASS_XATTR_REF) {
334 spin_unlock(&c->erase_completion_lock);
335
336 if (ic->class == RAWNODE_CLASS_XATTR_DATUM) {
337 ret = jffs2_garbage_collect_xattr_datum(c, (struct jffs2_xattr_datum *)ic, raw);
338 } else {
339 ret = jffs2_garbage_collect_xattr_ref(c, (struct jffs2_xattr_ref *)ic, raw);
340 }
341 goto test_gcnode;
342 }
343#endif
344
345 /* We need to hold the inocache. Either the erase_completion_lock or
346 the inocache_lock are sufficient; we trade down since the inocache_lock
347 causes less contention. */
348 spin_lock(&c->inocache_lock);
349
350 spin_unlock(&c->erase_completion_lock);
351
352 jffs2_dbg(1, "%s(): collecting from block @0x%08x. Node @0x%08x(%d), ino #%u\n",
353 __func__, jeb->offset, ref_offset(raw), ref_flags(raw),
354 ic->ino);
355
356 /* Three possibilities:
357 1. Inode is already in-core. We must iget it and do proper
358 updating to its fragtree, etc.
359 2. Inode is not in-core, node is REF_PRISTINE. We lock the
360 inocache to prevent a read_inode(), copy the node intact.
361 3. Inode is not in-core, node is not pristine. We must iget()
362 and take the slow path.
363 */
364
365 switch(ic->state) {
366 case INO_STATE_CHECKEDABSENT:
367 /* It's been checked, but it's not currently in-core.
368 We can just copy any pristine nodes, but have
369 to prevent anyone else from doing read_inode() while
370 we're at it, so we set the state accordingly */
371 if (ref_flags(raw) == REF_PRISTINE)
372 ic->state = INO_STATE_GC;
373 else {
374 jffs2_dbg(1, "Ino #%u is absent but node not REF_PRISTINE. Reading.\n",
375 ic->ino);
376 }
377 break;
378
379 case INO_STATE_PRESENT:
380 /* It's in-core. GC must iget() it. */
381 break;
382
383 case INO_STATE_UNCHECKED:
384 case INO_STATE_CHECKING:
385 case INO_STATE_GC:
386 /* Should never happen. We should have finished checking
387 by the time we actually start doing any GC, and since
388 we're holding the alloc_sem, no other garbage collection
389 can happen.
390 */
391 pr_crit("Inode #%u already in state %d in jffs2_garbage_collect_pass()!\n",
392 ic->ino, ic->state);
393 mutex_unlock(&c->alloc_sem);
394 spin_unlock(&c->inocache_lock);
395 BUG();
396
397 case INO_STATE_READING:
398 /* Someone's currently trying to read it. We must wait for
399 them to finish and then go through the full iget() route
400 to do the GC. However, sometimes read_inode() needs to get
401 the alloc_sem() (for marking nodes invalid) so we must
402 drop the alloc_sem before sleeping. */
403
404 mutex_unlock(&c->alloc_sem);
405 jffs2_dbg(1, "%s(): waiting for ino #%u in state %d\n",
406 __func__, ic->ino, ic->state);
407 sleep_on_spinunlock(&c->inocache_wq, &c->inocache_lock);
408 /* And because we dropped the alloc_sem we must start again from the
409 beginning. Ponder chance of livelock here -- we're returning success
410 without actually making any progress.
411
412 Q: What are the chances that the inode is back in INO_STATE_READING
413 again by the time we next enter this function? And that this happens
414 enough times to cause a real delay?
415
416 A: Small enough that I don't care :)
417 */
418 return 0;
419 }
420
421 /* OK. Now if the inode is in state INO_STATE_GC, we are going to copy the
422 node intact, and we don't have to muck about with the fragtree etc.
423 because we know it's not in-core. If it _was_ in-core, we go through
424 all the iget() crap anyway */
425
426 if (ic->state == INO_STATE_GC) {
427 spin_unlock(&c->inocache_lock);
428
429 ret = jffs2_garbage_collect_pristine(c, ic, raw);
430
431 spin_lock(&c->inocache_lock);
432 ic->state = INO_STATE_CHECKEDABSENT;
433 wake_up(&c->inocache_wq);
434
435 if (ret != -EBADFD) {
436 spin_unlock(&c->inocache_lock);
437 goto test_gcnode;
438 }
439
440 /* Fall through if it wanted us to, with inocache_lock held */
441 }
442
443 /* Prevent the fairly unlikely race where the gcblock is
444 entirely obsoleted by the final close of a file which had
445 the only valid nodes in the block, followed by erasure,
446 followed by freeing of the ic because the erased block(s)
447 held _all_ the nodes of that inode.... never been seen but
448 it's vaguely possible. */
449
450 inum = ic->ino;
451 nlink = ic->pino_nlink;
452 spin_unlock(&c->inocache_lock);
453
454 f = jffs2_gc_fetch_inode(c, inum, !nlink);
455 if (IS_ERR(f)) {
456 ret = PTR_ERR(f);
457 goto release_sem;
458 }
459 if (!f) {
460 ret = 0;
461 goto release_sem;
462 }
463
464 ret = jffs2_garbage_collect_live(c, jeb, raw, f);
465
466 jffs2_gc_release_inode(c, f);
467
468 test_gcnode:
469 if (jeb->dirty_size == gcblock_dirty && !ref_obsolete(jeb->gc_node)) {
470 /* Eep. This really should never happen. GC is broken */
471 pr_err("Error garbage collecting node at %08x!\n",
472 ref_offset(jeb->gc_node));
473 ret = -ENOSPC;
474 }
475 release_sem:
476 mutex_unlock(&c->alloc_sem);
477
478 eraseit_lock:
479 /* If we've finished this block, start it erasing */
480 spin_lock(&c->erase_completion_lock);
481
482 eraseit:
483 if (c->gcblock && !c->gcblock->used_size) {
484 jffs2_dbg(1, "Block at 0x%08x completely obsoleted by GC. Moving to erase_pending_list\n",
485 c->gcblock->offset);
486 /* We're GC'ing an empty block? */
487 list_add_tail(&c->gcblock->list, &c->erase_pending_list);
488 c->gcblock = NULL;
489 c->nr_erasing_blocks++;
490 jffs2_garbage_collect_trigger(c);
491 }
492 spin_unlock(&c->erase_completion_lock);
493
494 return ret;
495}
496
497static int jffs2_garbage_collect_live(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
498 struct jffs2_raw_node_ref *raw, struct jffs2_inode_info *f)
499{
500 struct jffs2_node_frag *frag;
501 struct jffs2_full_dnode *fn = NULL;
502 struct jffs2_full_dirent *fd;
503 uint32_t start = 0, end = 0, nrfrags = 0;
504 int ret = 0;
505
506 mutex_lock(&f->sem);
507
508 /* Now we have the lock for this inode. Check that it's still the one at the head
509 of the list. */
510
511 spin_lock(&c->erase_completion_lock);
512
513 if (c->gcblock != jeb) {
514 spin_unlock(&c->erase_completion_lock);
515 jffs2_dbg(1, "GC block is no longer gcblock. Restart\n");
516 goto upnout;
517 }
518 if (ref_obsolete(raw)) {
519 spin_unlock(&c->erase_completion_lock);
520 jffs2_dbg(1, "node to be GC'd was obsoleted in the meantime.\n");
521 /* They'll call again */
522 goto upnout;
523 }
524 spin_unlock(&c->erase_completion_lock);
525
526 /* OK. Looks safe. And nobody can get us now because we have the semaphore. Move the block */
527 if (f->metadata && f->metadata->raw == raw) {
528 fn = f->metadata;
529 ret = jffs2_garbage_collect_metadata(c, jeb, f, fn);
530 goto upnout;
531 }
532
533 /* FIXME. Read node and do lookup? */
534 for (frag = frag_first(&f->fragtree); frag; frag = frag_next(frag)) {
535 if (frag->node && frag->node->raw == raw) {
536 fn = frag->node;
537 end = frag->ofs + frag->size;
538 if (!nrfrags++)
539 start = frag->ofs;
540 if (nrfrags == frag->node->frags)
541 break; /* We've found them all */
542 }
543 }
544 if (fn) {
545 if (ref_flags(raw) == REF_PRISTINE) {
546 ret = jffs2_garbage_collect_pristine(c, f->inocache, raw);
547 if (!ret) {
548 /* Urgh. Return it sensibly. */
549 frag->node->raw = f->inocache->nodes;
550 }
551 if (ret != -EBADFD)
552 goto upnout;
553 }
554 /* We found a datanode. Do the GC */
555 if((start >> PAGE_SHIFT) < ((end-1) >> PAGE_SHIFT)) {
556 /* It crosses a page boundary. Therefore, it must be a hole. */
557 ret = jffs2_garbage_collect_hole(c, jeb, f, fn, start, end);
558 } else {
559 /* It could still be a hole. But we GC the page this way anyway */
560 ret = jffs2_garbage_collect_dnode(c, jeb, f, fn, start, end);
561 }
562 goto upnout;
563 }
564
565 /* Wasn't a dnode. Try dirent */
566 for (fd = f->dents; fd; fd=fd->next) {
567 if (fd->raw == raw)
568 break;
569 }
570
571 if (fd && fd->ino) {
572 ret = jffs2_garbage_collect_dirent(c, jeb, f, fd);
573 } else if (fd) {
574 ret = jffs2_garbage_collect_deletion_dirent(c, jeb, f, fd);
575 } else {
576 pr_warn("Raw node at 0x%08x wasn't in node lists for ino #%u\n",
577 ref_offset(raw), f->inocache->ino);
578 if (ref_obsolete(raw)) {
579 pr_warn("But it's obsolete so we don't mind too much\n");
580 } else {
581 jffs2_dbg_dump_node(c, ref_offset(raw));
582 BUG();
583 }
584 }
585 upnout:
586 mutex_unlock(&f->sem);
587
588 return ret;
589}
590
591static int jffs2_garbage_collect_pristine(struct jffs2_sb_info *c,
592 struct jffs2_inode_cache *ic,
593 struct jffs2_raw_node_ref *raw)
594{
595 union jffs2_node_union *node;
596 size_t retlen;
597 int ret;
598 uint32_t phys_ofs, alloclen;
599 uint32_t crc, rawlen;
600 int retried = 0;
601
602 jffs2_dbg(1, "Going to GC REF_PRISTINE node at 0x%08x\n",
603 ref_offset(raw));
604
605 alloclen = rawlen = ref_totlen(c, c->gcblock, raw);
606
607 /* Ask for a small amount of space (or the totlen if smaller) because we
608 don't want to force wastage of the end of a block if splitting would
609 work. */
610 if (ic && alloclen > sizeof(struct jffs2_raw_inode) + JFFS2_MIN_DATA_LEN)
611 alloclen = sizeof(struct jffs2_raw_inode) + JFFS2_MIN_DATA_LEN;
612
613 ret = jffs2_reserve_space_gc(c, alloclen, &alloclen, rawlen);
614 /* 'rawlen' is not the exact summary size; it is only an upper estimation */
615
616 if (ret)
617 return ret;
618
619 if (alloclen < rawlen) {
620 /* Doesn't fit untouched. We'll go the old route and split it */
621 return -EBADFD;
622 }
623
624 node = kmalloc(rawlen, GFP_KERNEL);
625 if (!node)
626 return -ENOMEM;
627
628 ret = jffs2_flash_read(c, ref_offset(raw), rawlen, &retlen, (char *)node);
629 if (!ret && retlen != rawlen)
630 ret = -EIO;
631 if (ret)
632 goto out_node;
633
634 crc = crc32(0, node, sizeof(struct jffs2_unknown_node)-4);
635 if (je32_to_cpu(node->u.hdr_crc) != crc) {
636 pr_warn("Header CRC failed on REF_PRISTINE node at 0x%08x: Read 0x%08x, calculated 0x%08x\n",
637 ref_offset(raw), je32_to_cpu(node->u.hdr_crc), crc);
638 goto bail;
639 }
640
641 switch(je16_to_cpu(node->u.nodetype)) {
642 case JFFS2_NODETYPE_INODE:
643 crc = crc32(0, node, sizeof(node->i)-8);
644 if (je32_to_cpu(node->i.node_crc) != crc) {
645 pr_warn("Node CRC failed on REF_PRISTINE data node at 0x%08x: Read 0x%08x, calculated 0x%08x\n",
646 ref_offset(raw), je32_to_cpu(node->i.node_crc),
647 crc);
648 goto bail;
649 }
650
651 if (je32_to_cpu(node->i.dsize)) {
652 crc = crc32(0, node->i.data, je32_to_cpu(node->i.csize));
653 if (je32_to_cpu(node->i.data_crc) != crc) {
654 pr_warn("Data CRC failed on REF_PRISTINE data node at 0x%08x: Read 0x%08x, calculated 0x%08x\n",
655 ref_offset(raw),
656 je32_to_cpu(node->i.data_crc), crc);
657 goto bail;
658 }
659 }
660 break;
661
662 case JFFS2_NODETYPE_DIRENT:
663 crc = crc32(0, node, sizeof(node->d)-8);
664 if (je32_to_cpu(node->d.node_crc) != crc) {
665 pr_warn("Node CRC failed on REF_PRISTINE dirent node at 0x%08x: Read 0x%08x, calculated 0x%08x\n",
666 ref_offset(raw),
667 je32_to_cpu(node->d.node_crc), crc);
668 goto bail;
669 }
670
671 if (strnlen(node->d.name, node->d.nsize) != node->d.nsize) {
672 pr_warn("Name in dirent node at 0x%08x contains zeroes\n",
673 ref_offset(raw));
674 goto bail;
675 }
676
677 if (node->d.nsize) {
678 crc = crc32(0, node->d.name, node->d.nsize);
679 if (je32_to_cpu(node->d.name_crc) != crc) {
680 pr_warn("Name CRC failed on REF_PRISTINE dirent node at 0x%08x: Read 0x%08x, calculated 0x%08x\n",
681 ref_offset(raw),
682 je32_to_cpu(node->d.name_crc), crc);
683 goto bail;
684 }
685 }
686 break;
687 default:
688 /* If it's inode-less, we don't _know_ what it is. Just copy it intact */
689 if (ic) {
690 pr_warn("Unknown node type for REF_PRISTINE node at 0x%08x: 0x%04x\n",
691 ref_offset(raw), je16_to_cpu(node->u.nodetype));
692 goto bail;
693 }
694 }
695
696 /* OK, all the CRCs are good; this node can just be copied as-is. */
697 retry:
698 phys_ofs = write_ofs(c);
699
700 ret = jffs2_flash_write(c, phys_ofs, rawlen, &retlen, (char *)node);
701
702 if (ret || (retlen != rawlen)) {
703 pr_notice("Write of %d bytes at 0x%08x failed. returned %d, retlen %zd\n",
704 rawlen, phys_ofs, ret, retlen);
705 if (retlen) {
706 jffs2_add_physical_node_ref(c, phys_ofs | REF_OBSOLETE, rawlen, NULL);
707 } else {
708 pr_notice("Not marking the space at 0x%08x as dirty because the flash driver returned retlen zero\n",
709 phys_ofs);
710 }
711 if (!retried) {
712 /* Try to reallocate space and retry */
713 uint32_t dummy;
714 struct jffs2_eraseblock *jeb = &c->blocks[phys_ofs / c->sector_size];
715
716 retried = 1;
717
718 jffs2_dbg(1, "Retrying failed write of REF_PRISTINE node.\n");
719
720 jffs2_dbg_acct_sanity_check(c,jeb);
721 jffs2_dbg_acct_paranoia_check(c, jeb);
722
723 ret = jffs2_reserve_space_gc(c, rawlen, &dummy, rawlen);
724 /* this is not the exact summary size of it,
725 it is only an upper estimation */
726
727 if (!ret) {
728 jffs2_dbg(1, "Allocated space at 0x%08x to retry failed write.\n",
729 phys_ofs);
730
731 jffs2_dbg_acct_sanity_check(c,jeb);
732 jffs2_dbg_acct_paranoia_check(c, jeb);
733
734 goto retry;
735 }
736 jffs2_dbg(1, "Failed to allocate space to retry failed write: %d!\n",
737 ret);
738 }
739
740 if (!ret)
741 ret = -EIO;
742 goto out_node;
743 }
744 jffs2_add_physical_node_ref(c, phys_ofs | REF_PRISTINE, rawlen, ic);
745
746 jffs2_mark_node_obsolete(c, raw);
747 jffs2_dbg(1, "WHEEE! GC REF_PRISTINE node at 0x%08x succeeded\n",
748 ref_offset(raw));
749
750 out_node:
751 kfree(node);
752 return ret;
753 bail:
754 ret = -EBADFD;
755 goto out_node;
756}
757
758static int jffs2_garbage_collect_metadata(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
759 struct jffs2_inode_info *f, struct jffs2_full_dnode *fn)
760{
761 struct jffs2_full_dnode *new_fn;
762 struct jffs2_raw_inode ri;
763 struct jffs2_node_frag *last_frag;
764 union jffs2_device_node dev;
765 char *mdata = NULL;
766 int mdatalen = 0;
767 uint32_t alloclen, ilen;
768 int ret;
769
770 if (S_ISBLK(JFFS2_F_I_MODE(f)) ||
771 S_ISCHR(JFFS2_F_I_MODE(f)) ) {
772 /* For these, we don't actually need to read the old node */
773 mdatalen = jffs2_encode_dev(&dev, JFFS2_F_I_RDEV(f));
774 mdata = (char *)&dev;
775 jffs2_dbg(1, "%s(): Writing %d bytes of kdev_t\n",
776 __func__, mdatalen);
777 } else if (S_ISLNK(JFFS2_F_I_MODE(f))) {
778 mdatalen = fn->size;
779 mdata = kmalloc(fn->size, GFP_KERNEL);
780 if (!mdata) {
781 pr_warn("kmalloc of mdata failed in jffs2_garbage_collect_metadata()\n");
782 return -ENOMEM;
783 }
784 ret = jffs2_read_dnode(c, f, fn, mdata, 0, mdatalen);
785 if (ret) {
786 pr_warn("read of old metadata failed in jffs2_garbage_collect_metadata(): %d\n",
787 ret);
788 kfree(mdata);
789 return ret;
790 }
791 jffs2_dbg(1, "%s(): Writing %d bites of symlink target\n",
792 __func__, mdatalen);
793
794 }
795
796 ret = jffs2_reserve_space_gc(c, sizeof(ri) + mdatalen, &alloclen,
797 JFFS2_SUMMARY_INODE_SIZE);
798 if (ret) {
799 pr_warn("jffs2_reserve_space_gc of %zd bytes for garbage_collect_metadata failed: %d\n",
800 sizeof(ri) + mdatalen, ret);
801 goto out;
802 }
803
804 last_frag = frag_last(&f->fragtree);
805 if (last_frag)
806 /* Fetch the inode length from the fragtree rather then
807 * from i_size since i_size may have not been updated yet */
808 ilen = last_frag->ofs + last_frag->size;
809 else
810 ilen = JFFS2_F_I_SIZE(f);
811
812 memset(&ri, 0, sizeof(ri));
813 ri.magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
814 ri.nodetype = cpu_to_je16(JFFS2_NODETYPE_INODE);
815 ri.totlen = cpu_to_je32(sizeof(ri) + mdatalen);
816 ri.hdr_crc = cpu_to_je32(crc32(0, &ri, sizeof(struct jffs2_unknown_node)-4));
817
818 ri.ino = cpu_to_je32(f->inocache->ino);
819 ri.version = cpu_to_je32(++f->highest_version);
820 ri.mode = cpu_to_jemode(JFFS2_F_I_MODE(f));
821 ri.uid = cpu_to_je16(JFFS2_F_I_UID(f));
822 ri.gid = cpu_to_je16(JFFS2_F_I_GID(f));
823 ri.isize = cpu_to_je32(ilen);
824 ri.atime = cpu_to_je32(JFFS2_F_I_ATIME(f));
825 ri.ctime = cpu_to_je32(JFFS2_F_I_CTIME(f));
826 ri.mtime = cpu_to_je32(JFFS2_F_I_MTIME(f));
827 ri.offset = cpu_to_je32(0);
828 ri.csize = cpu_to_je32(mdatalen);
829 ri.dsize = cpu_to_je32(mdatalen);
830 ri.compr = JFFS2_COMPR_NONE;
831 ri.node_crc = cpu_to_je32(crc32(0, &ri, sizeof(ri)-8));
832 ri.data_crc = cpu_to_je32(crc32(0, mdata, mdatalen));
833
834 new_fn = jffs2_write_dnode(c, f, &ri, mdata, mdatalen, ALLOC_GC);
835
836 if (IS_ERR(new_fn)) {
837 pr_warn("Error writing new dnode: %ld\n", PTR_ERR(new_fn));
838 ret = PTR_ERR(new_fn);
839 goto out;
840 }
841 jffs2_mark_node_obsolete(c, fn->raw);
842 jffs2_free_full_dnode(fn);
843 f->metadata = new_fn;
844 out:
845 if (S_ISLNK(JFFS2_F_I_MODE(f)))
846 kfree(mdata);
847 return ret;
848}
849
850static int jffs2_garbage_collect_dirent(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
851 struct jffs2_inode_info *f, struct jffs2_full_dirent *fd)
852{
853 struct jffs2_full_dirent *new_fd;
854 struct jffs2_raw_dirent rd;
855 uint32_t alloclen;
856 int ret;
857
858 rd.magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
859 rd.nodetype = cpu_to_je16(JFFS2_NODETYPE_DIRENT);
860 rd.nsize = strlen(fd->name);
861 rd.totlen = cpu_to_je32(sizeof(rd) + rd.nsize);
862 rd.hdr_crc = cpu_to_je32(crc32(0, &rd, sizeof(struct jffs2_unknown_node)-4));
863
864 rd.pino = cpu_to_je32(f->inocache->ino);
865 rd.version = cpu_to_je32(++f->highest_version);
866 rd.ino = cpu_to_je32(fd->ino);
867 /* If the times on this inode were set by explicit utime() they can be different,
868 so refrain from splatting them. */
869 if (JFFS2_F_I_MTIME(f) == JFFS2_F_I_CTIME(f))
870 rd.mctime = cpu_to_je32(JFFS2_F_I_MTIME(f));
871 else
872 rd.mctime = cpu_to_je32(0);
873 rd.type = fd->type;
874 rd.node_crc = cpu_to_je32(crc32(0, &rd, sizeof(rd)-8));
875 rd.name_crc = cpu_to_je32(crc32(0, fd->name, rd.nsize));
876
877 ret = jffs2_reserve_space_gc(c, sizeof(rd)+rd.nsize, &alloclen,
878 JFFS2_SUMMARY_DIRENT_SIZE(rd.nsize));
879 if (ret) {
880 pr_warn("jffs2_reserve_space_gc of %zd bytes for garbage_collect_dirent failed: %d\n",
881 sizeof(rd)+rd.nsize, ret);
882 return ret;
883 }
884 new_fd = jffs2_write_dirent(c, f, &rd, fd->name, rd.nsize, ALLOC_GC);
885
886 if (IS_ERR(new_fd)) {
887 pr_warn("jffs2_write_dirent in garbage_collect_dirent failed: %ld\n",
888 PTR_ERR(new_fd));
889 return PTR_ERR(new_fd);
890 }
891 jffs2_add_fd_to_list(c, new_fd, &f->dents);
892 return 0;
893}
894
895static int jffs2_garbage_collect_deletion_dirent(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
896 struct jffs2_inode_info *f, struct jffs2_full_dirent *fd)
897{
898 struct jffs2_full_dirent **fdp = &f->dents;
899 int found = 0;
900
901 /* On a medium where we can't actually mark nodes obsolete
902 pernamently, such as NAND flash, we need to work out
903 whether this deletion dirent is still needed to actively
904 delete a 'real' dirent with the same name that's still
905 somewhere else on the flash. */
906 if (!jffs2_can_mark_obsolete(c)) {
907 struct jffs2_raw_dirent *rd;
908 struct jffs2_raw_node_ref *raw;
909 int ret;
910 size_t retlen;
911 int name_len = strlen(fd->name);
912 uint32_t name_crc = crc32(0, fd->name, name_len);
913 uint32_t rawlen = ref_totlen(c, jeb, fd->raw);
914
915 rd = kmalloc(rawlen, GFP_KERNEL);
916 if (!rd)
917 return -ENOMEM;
918
919 /* Prevent the erase code from nicking the obsolete node refs while
920 we're looking at them. I really don't like this extra lock but
921 can't see any alternative. Suggestions on a postcard to... */
922 mutex_lock(&c->erase_free_sem);
923
924 for (raw = f->inocache->nodes; raw != (void *)f->inocache; raw = raw->next_in_ino) {
925
926 cond_resched();
927
928 /* We only care about obsolete ones */
929 if (!(ref_obsolete(raw)))
930 continue;
931
932 /* Any dirent with the same name is going to have the same length... */
933 if (ref_totlen(c, NULL, raw) != rawlen)
934 continue;
935
936 /* Doesn't matter if there's one in the same erase block. We're going to
937 delete it too at the same time. */
938 if (SECTOR_ADDR(raw->flash_offset) == SECTOR_ADDR(fd->raw->flash_offset))
939 continue;
940
941 jffs2_dbg(1, "Check potential deletion dirent at %08x\n",
942 ref_offset(raw));
943
944 /* This is an obsolete node belonging to the same directory, and it's of the right
945 length. We need to take a closer look...*/
946 ret = jffs2_flash_read(c, ref_offset(raw), rawlen, &retlen, (char *)rd);
947 if (ret) {
948 pr_warn("%s(): Read error (%d) reading obsolete node at %08x\n",
949 __func__, ret, ref_offset(raw));
950 /* If we can't read it, we don't need to continue to obsolete it. Continue */
951 continue;
952 }
953 if (retlen != rawlen) {
954 pr_warn("%s(): Short read (%zd not %u) reading header from obsolete node at %08x\n",
955 __func__, retlen, rawlen,
956 ref_offset(raw));
957 continue;
958 }
959
960 if (je16_to_cpu(rd->nodetype) != JFFS2_NODETYPE_DIRENT)
961 continue;
962
963 /* If the name CRC doesn't match, skip */
964 if (je32_to_cpu(rd->name_crc) != name_crc)
965 continue;
966
967 /* If the name length doesn't match, or it's another deletion dirent, skip */
968 if (rd->nsize != name_len || !je32_to_cpu(rd->ino))
969 continue;
970
971 /* OK, check the actual name now */
972 if (memcmp(rd->name, fd->name, name_len))
973 continue;
974
975 /* OK. The name really does match. There really is still an older node on
976 the flash which our deletion dirent obsoletes. So we have to write out
977 a new deletion dirent to replace it */
978 mutex_unlock(&c->erase_free_sem);
979
980 jffs2_dbg(1, "Deletion dirent at %08x still obsoletes real dirent \"%s\" at %08x for ino #%u\n",
981 ref_offset(fd->raw), fd->name,
982 ref_offset(raw), je32_to_cpu(rd->ino));
983 kfree(rd);
984
985 return jffs2_garbage_collect_dirent(c, jeb, f, fd);
986 }
987
988 mutex_unlock(&c->erase_free_sem);
989 kfree(rd);
990 }
991
992 /* FIXME: If we're deleting a dirent which contains the current mtime and ctime,
993 we should update the metadata node with those times accordingly */
994
995 /* No need for it any more. Just mark it obsolete and remove it from the list */
996 while (*fdp) {
997 if ((*fdp) == fd) {
998 found = 1;
999 *fdp = fd->next;
1000 break;
1001 }
1002 fdp = &(*fdp)->next;
1003 }
1004 if (!found) {
1005 pr_warn("Deletion dirent \"%s\" not found in list for ino #%u\n",
1006 fd->name, f->inocache->ino);
1007 }
1008 jffs2_mark_node_obsolete(c, fd->raw);
1009 jffs2_free_full_dirent(fd);
1010 return 0;
1011}
1012
1013static int jffs2_garbage_collect_hole(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
1014 struct jffs2_inode_info *f, struct jffs2_full_dnode *fn,
1015 uint32_t start, uint32_t end)
1016{
1017 struct jffs2_raw_inode ri;
1018 struct jffs2_node_frag *frag;
1019 struct jffs2_full_dnode *new_fn;
1020 uint32_t alloclen, ilen;
1021 int ret;
1022
1023 jffs2_dbg(1, "Writing replacement hole node for ino #%u from offset 0x%x to 0x%x\n",
1024 f->inocache->ino, start, end);
1025
1026 memset(&ri, 0, sizeof(ri));
1027
1028 if(fn->frags > 1) {
1029 size_t readlen;
1030 uint32_t crc;
1031 /* It's partially obsoleted by a later write. So we have to
1032 write it out again with the _same_ version as before */
1033 ret = jffs2_flash_read(c, ref_offset(fn->raw), sizeof(ri), &readlen, (char *)&ri);
1034 if (readlen != sizeof(ri) || ret) {
1035 pr_warn("Node read failed in jffs2_garbage_collect_hole. Ret %d, retlen %zd. Data will be lost by writing new hole node\n",
1036 ret, readlen);
1037 goto fill;
1038 }
1039 if (je16_to_cpu(ri.nodetype) != JFFS2_NODETYPE_INODE) {
1040 pr_warn("%s(): Node at 0x%08x had node type 0x%04x instead of JFFS2_NODETYPE_INODE(0x%04x)\n",
1041 __func__, ref_offset(fn->raw),
1042 je16_to_cpu(ri.nodetype), JFFS2_NODETYPE_INODE);
1043 return -EIO;
1044 }
1045 if (je32_to_cpu(ri.totlen) != sizeof(ri)) {
1046 pr_warn("%s(): Node at 0x%08x had totlen 0x%x instead of expected 0x%zx\n",
1047 __func__, ref_offset(fn->raw),
1048 je32_to_cpu(ri.totlen), sizeof(ri));
1049 return -EIO;
1050 }
1051 crc = crc32(0, &ri, sizeof(ri)-8);
1052 if (crc != je32_to_cpu(ri.node_crc)) {
1053 pr_warn("%s: Node at 0x%08x had CRC 0x%08x which doesn't match calculated CRC 0x%08x\n",
1054 __func__, ref_offset(fn->raw),
1055 je32_to_cpu(ri.node_crc), crc);
1056 /* FIXME: We could possibly deal with this by writing new holes for each frag */
1057 pr_warn("Data in the range 0x%08x to 0x%08x of inode #%u will be lost\n",
1058 start, end, f->inocache->ino);
1059 goto fill;
1060 }
1061 if (ri.compr != JFFS2_COMPR_ZERO) {
1062 pr_warn("%s(): Node 0x%08x wasn't a hole node!\n",
1063 __func__, ref_offset(fn->raw));
1064 pr_warn("Data in the range 0x%08x to 0x%08x of inode #%u will be lost\n",
1065 start, end, f->inocache->ino);
1066 goto fill;
1067 }
1068 } else {
1069 fill:
1070 ri.magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
1071 ri.nodetype = cpu_to_je16(JFFS2_NODETYPE_INODE);
1072 ri.totlen = cpu_to_je32(sizeof(ri));
1073 ri.hdr_crc = cpu_to_je32(crc32(0, &ri, sizeof(struct jffs2_unknown_node)-4));
1074
1075 ri.ino = cpu_to_je32(f->inocache->ino);
1076 ri.version = cpu_to_je32(++f->highest_version);
1077 ri.offset = cpu_to_je32(start);
1078 ri.dsize = cpu_to_je32(end - start);
1079 ri.csize = cpu_to_je32(0);
1080 ri.compr = JFFS2_COMPR_ZERO;
1081 }
1082
1083 frag = frag_last(&f->fragtree);
1084 if (frag)
1085 /* Fetch the inode length from the fragtree rather then
1086 * from i_size since i_size may have not been updated yet */
1087 ilen = frag->ofs + frag->size;
1088 else
1089 ilen = JFFS2_F_I_SIZE(f);
1090
1091 ri.mode = cpu_to_jemode(JFFS2_F_I_MODE(f));
1092 ri.uid = cpu_to_je16(JFFS2_F_I_UID(f));
1093 ri.gid = cpu_to_je16(JFFS2_F_I_GID(f));
1094 ri.isize = cpu_to_je32(ilen);
1095 ri.atime = cpu_to_je32(JFFS2_F_I_ATIME(f));
1096 ri.ctime = cpu_to_je32(JFFS2_F_I_CTIME(f));
1097 ri.mtime = cpu_to_je32(JFFS2_F_I_MTIME(f));
1098 ri.data_crc = cpu_to_je32(0);
1099 ri.node_crc = cpu_to_je32(crc32(0, &ri, sizeof(ri)-8));
1100
1101 ret = jffs2_reserve_space_gc(c, sizeof(ri), &alloclen,
1102 JFFS2_SUMMARY_INODE_SIZE);
1103 if (ret) {
1104 pr_warn("jffs2_reserve_space_gc of %zd bytes for garbage_collect_hole failed: %d\n",
1105 sizeof(ri), ret);
1106 return ret;
1107 }
1108 new_fn = jffs2_write_dnode(c, f, &ri, NULL, 0, ALLOC_GC);
1109
1110 if (IS_ERR(new_fn)) {
1111 pr_warn("Error writing new hole node: %ld\n", PTR_ERR(new_fn));
1112 return PTR_ERR(new_fn);
1113 }
1114 if (je32_to_cpu(ri.version) == f->highest_version) {
1115 jffs2_add_full_dnode_to_inode(c, f, new_fn);
1116 if (f->metadata) {
1117 jffs2_mark_node_obsolete(c, f->metadata->raw);
1118 jffs2_free_full_dnode(f->metadata);
1119 f->metadata = NULL;
1120 }
1121 return 0;
1122 }
1123
1124 /*
1125 * We should only get here in the case where the node we are
1126 * replacing had more than one frag, so we kept the same version
1127 * number as before. (Except in case of error -- see 'goto fill;'
1128 * above.)
1129 */
1130 D1(if(unlikely(fn->frags <= 1)) {
1131 pr_warn("%s(): Replacing fn with %d frag(s) but new ver %d != highest_version %d of ino #%d\n",
1132 __func__, fn->frags, je32_to_cpu(ri.version),
1133 f->highest_version, je32_to_cpu(ri.ino));
1134 });
1135
1136 /* This is a partially-overlapped hole node. Mark it REF_NORMAL not REF_PRISTINE */
1137 mark_ref_normal(new_fn->raw);
1138
1139 for (frag = jffs2_lookup_node_frag(&f->fragtree, fn->ofs);
1140 frag; frag = frag_next(frag)) {
1141 if (frag->ofs > fn->size + fn->ofs)
1142 break;
1143 if (frag->node == fn) {
1144 frag->node = new_fn;
1145 new_fn->frags++;
1146 fn->frags--;
1147 }
1148 }
1149 if (fn->frags) {
1150 pr_warn("%s(): Old node still has frags!\n", __func__);
1151 BUG();
1152 }
1153 if (!new_fn->frags) {
1154 pr_warn("%s(): New node has no frags!\n", __func__);
1155 BUG();
1156 }
1157
1158 jffs2_mark_node_obsolete(c, fn->raw);
1159 jffs2_free_full_dnode(fn);
1160
1161 return 0;
1162}
1163
1164static int jffs2_garbage_collect_dnode(struct jffs2_sb_info *c, struct jffs2_eraseblock *orig_jeb,
1165 struct jffs2_inode_info *f, struct jffs2_full_dnode *fn,
1166 uint32_t start, uint32_t end)
1167{
1168 struct inode *inode = OFNI_EDONI_2SFFJ(f);
1169 struct jffs2_full_dnode *new_fn;
1170 struct jffs2_raw_inode ri;
1171 uint32_t alloclen, offset, orig_end, orig_start;
1172 int ret = 0;
1173 unsigned char *comprbuf = NULL, *writebuf;
1174 struct page *page;
1175 unsigned char *pg_ptr;
1176
1177 memset(&ri, 0, sizeof(ri));
1178
1179 jffs2_dbg(1, "Writing replacement dnode for ino #%u from offset 0x%x to 0x%x\n",
1180 f->inocache->ino, start, end);
1181
1182 orig_end = end;
1183 orig_start = start;
1184
1185 if (c->nr_free_blocks + c->nr_erasing_blocks > c->resv_blocks_gcmerge) {
1186 /* Attempt to do some merging. But only expand to cover logically
1187 adjacent frags if the block containing them is already considered
1188 to be dirty. Otherwise we end up with GC just going round in
1189 circles dirtying the nodes it already wrote out, especially
1190 on NAND where we have small eraseblocks and hence a much higher
1191 chance of nodes having to be split to cross boundaries. */
1192
1193 struct jffs2_node_frag *frag;
1194 uint32_t min, max;
1195
1196 min = start & ~(PAGE_SIZE-1);
1197 max = min + PAGE_SIZE;
1198
1199 frag = jffs2_lookup_node_frag(&f->fragtree, start);
1200
1201 /* BUG_ON(!frag) but that'll happen anyway... */
1202
1203 BUG_ON(frag->ofs != start);
1204
1205 /* First grow down... */
1206 while((frag = frag_prev(frag)) && frag->ofs >= min) {
1207
1208 /* If the previous frag doesn't even reach the beginning, there's
1209 excessive fragmentation. Just merge. */
1210 if (frag->ofs > min) {
1211 jffs2_dbg(1, "Expanding down to cover partial frag (0x%x-0x%x)\n",
1212 frag->ofs, frag->ofs+frag->size);
1213 start = frag->ofs;
1214 continue;
1215 }
1216 /* OK. This frag holds the first byte of the page. */
1217 if (!frag->node || !frag->node->raw) {
1218 jffs2_dbg(1, "First frag in page is hole (0x%x-0x%x). Not expanding down.\n",
1219 frag->ofs, frag->ofs+frag->size);
1220 break;
1221 } else {
1222
1223 /* OK, it's a frag which extends to the beginning of the page. Does it live
1224 in a block which is still considered clean? If so, don't obsolete it.
1225 If not, cover it anyway. */
1226
1227 struct jffs2_raw_node_ref *raw = frag->node->raw;
1228 struct jffs2_eraseblock *jeb;
1229
1230 jeb = &c->blocks[raw->flash_offset / c->sector_size];
1231
1232 if (jeb == c->gcblock) {
1233 jffs2_dbg(1, "Expanding down to cover frag (0x%x-0x%x) in gcblock at %08x\n",
1234 frag->ofs,
1235 frag->ofs + frag->size,
1236 ref_offset(raw));
1237 start = frag->ofs;
1238 break;
1239 }
1240 if (!ISDIRTY(jeb->dirty_size + jeb->wasted_size)) {
1241 jffs2_dbg(1, "Not expanding down to cover frag (0x%x-0x%x) in clean block %08x\n",
1242 frag->ofs,
1243 frag->ofs + frag->size,
1244 jeb->offset);
1245 break;
1246 }
1247
1248 jffs2_dbg(1, "Expanding down to cover frag (0x%x-0x%x) in dirty block %08x\n",
1249 frag->ofs,
1250 frag->ofs + frag->size,
1251 jeb->offset);
1252 start = frag->ofs;
1253 break;
1254 }
1255 }
1256
1257 /* ... then up */
1258
1259 /* Find last frag which is actually part of the node we're to GC. */
1260 frag = jffs2_lookup_node_frag(&f->fragtree, end-1);
1261
1262 while((frag = frag_next(frag)) && frag->ofs+frag->size <= max) {
1263
1264 /* If the previous frag doesn't even reach the beginning, there's lots
1265 of fragmentation. Just merge. */
1266 if (frag->ofs+frag->size < max) {
1267 jffs2_dbg(1, "Expanding up to cover partial frag (0x%x-0x%x)\n",
1268 frag->ofs, frag->ofs+frag->size);
1269 end = frag->ofs + frag->size;
1270 continue;
1271 }
1272
1273 if (!frag->node || !frag->node->raw) {
1274 jffs2_dbg(1, "Last frag in page is hole (0x%x-0x%x). Not expanding up.\n",
1275 frag->ofs, frag->ofs+frag->size);
1276 break;
1277 } else {
1278
1279 /* OK, it's a frag which extends to the beginning of the page. Does it live
1280 in a block which is still considered clean? If so, don't obsolete it.
1281 If not, cover it anyway. */
1282
1283 struct jffs2_raw_node_ref *raw = frag->node->raw;
1284 struct jffs2_eraseblock *jeb;
1285
1286 jeb = &c->blocks[raw->flash_offset / c->sector_size];
1287
1288 if (jeb == c->gcblock) {
1289 jffs2_dbg(1, "Expanding up to cover frag (0x%x-0x%x) in gcblock at %08x\n",
1290 frag->ofs,
1291 frag->ofs + frag->size,
1292 ref_offset(raw));
1293 end = frag->ofs + frag->size;
1294 break;
1295 }
1296 if (!ISDIRTY(jeb->dirty_size + jeb->wasted_size)) {
1297 jffs2_dbg(1, "Not expanding up to cover frag (0x%x-0x%x) in clean block %08x\n",
1298 frag->ofs,
1299 frag->ofs + frag->size,
1300 jeb->offset);
1301 break;
1302 }
1303
1304 jffs2_dbg(1, "Expanding up to cover frag (0x%x-0x%x) in dirty block %08x\n",
1305 frag->ofs,
1306 frag->ofs + frag->size,
1307 jeb->offset);
1308 end = frag->ofs + frag->size;
1309 break;
1310 }
1311 }
1312 jffs2_dbg(1, "Expanded dnode to write from (0x%x-0x%x) to (0x%x-0x%x)\n",
1313 orig_start, orig_end, start, end);
1314
1315 D1(BUG_ON(end > frag_last(&f->fragtree)->ofs + frag_last(&f->fragtree)->size));
1316 BUG_ON(end < orig_end);
1317 BUG_ON(start > orig_start);
1318 }
1319
1320 /* The rules state that we must obtain the page lock *before* f->sem, so
1321 * drop f->sem temporarily. Since we also hold c->alloc_sem, nothing's
1322 * actually going to *change* so we're safe; we only allow reading.
1323 *
1324 * It is important to note that jffs2_write_begin() will ensure that its
1325 * page is marked Uptodate before allocating space. That means that if we
1326 * end up here trying to GC the *same* page that jffs2_write_begin() is
1327 * trying to write out, read_cache_page() will not deadlock. */
1328 mutex_unlock(&f->sem);
1329 page = read_cache_page(inode->i_mapping, start >> PAGE_SHIFT,
1330 jffs2_do_readpage_unlock, inode);
1331 if (IS_ERR(page)) {
1332 pr_warn("read_cache_page() returned error: %ld\n",
1333 PTR_ERR(page));
1334 mutex_lock(&f->sem);
1335 return PTR_ERR(page);
1336 }
1337
1338 pg_ptr = kmap(page);
1339 mutex_lock(&f->sem);
1340
1341 offset = start;
1342 while(offset < orig_end) {
1343 uint32_t datalen;
1344 uint32_t cdatalen;
1345 uint16_t comprtype = JFFS2_COMPR_NONE;
1346
1347 ret = jffs2_reserve_space_gc(c, sizeof(ri) + JFFS2_MIN_DATA_LEN,
1348 &alloclen, JFFS2_SUMMARY_INODE_SIZE);
1349
1350 if (ret) {
1351 pr_warn("jffs2_reserve_space_gc of %zd bytes for garbage_collect_dnode failed: %d\n",
1352 sizeof(ri) + JFFS2_MIN_DATA_LEN, ret);
1353 break;
1354 }
1355 cdatalen = min_t(uint32_t, alloclen - sizeof(ri), end - offset);
1356 datalen = end - offset;
1357
1358 writebuf = pg_ptr + (offset & (PAGE_SIZE -1));
1359
1360 comprtype = jffs2_compress(c, f, writebuf, &comprbuf, &datalen, &cdatalen);
1361
1362 ri.magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
1363 ri.nodetype = cpu_to_je16(JFFS2_NODETYPE_INODE);
1364 ri.totlen = cpu_to_je32(sizeof(ri) + cdatalen);
1365 ri.hdr_crc = cpu_to_je32(crc32(0, &ri, sizeof(struct jffs2_unknown_node)-4));
1366
1367 ri.ino = cpu_to_je32(f->inocache->ino);
1368 ri.version = cpu_to_je32(++f->highest_version);
1369 ri.mode = cpu_to_jemode(JFFS2_F_I_MODE(f));
1370 ri.uid = cpu_to_je16(JFFS2_F_I_UID(f));
1371 ri.gid = cpu_to_je16(JFFS2_F_I_GID(f));
1372 ri.isize = cpu_to_je32(JFFS2_F_I_SIZE(f));
1373 ri.atime = cpu_to_je32(JFFS2_F_I_ATIME(f));
1374 ri.ctime = cpu_to_je32(JFFS2_F_I_CTIME(f));
1375 ri.mtime = cpu_to_je32(JFFS2_F_I_MTIME(f));
1376 ri.offset = cpu_to_je32(offset);
1377 ri.csize = cpu_to_je32(cdatalen);
1378 ri.dsize = cpu_to_je32(datalen);
1379 ri.compr = comprtype & 0xff;
1380 ri.usercompr = (comprtype >> 8) & 0xff;
1381 ri.node_crc = cpu_to_je32(crc32(0, &ri, sizeof(ri)-8));
1382 ri.data_crc = cpu_to_je32(crc32(0, comprbuf, cdatalen));
1383
1384 new_fn = jffs2_write_dnode(c, f, &ri, comprbuf, cdatalen, ALLOC_GC);
1385
1386 jffs2_free_comprbuf(comprbuf, writebuf);
1387
1388 if (IS_ERR(new_fn)) {
1389 pr_warn("Error writing new dnode: %ld\n",
1390 PTR_ERR(new_fn));
1391 ret = PTR_ERR(new_fn);
1392 break;
1393 }
1394 ret = jffs2_add_full_dnode_to_inode(c, f, new_fn);
1395 offset += datalen;
1396 if (f->metadata) {
1397 jffs2_mark_node_obsolete(c, f->metadata->raw);
1398 jffs2_free_full_dnode(f->metadata);
1399 f->metadata = NULL;
1400 }
1401 }
1402
1403 kunmap(page);
1404 put_page(page);
1405 return ret;
1406}
1/*
2 * JFFS2 -- Journalling Flash File System, Version 2.
3 *
4 * Copyright © 2001-2007 Red Hat, Inc.
5 * Copyright © 2004-2010 David Woodhouse <dwmw2@infradead.org>
6 *
7 * Created by David Woodhouse <dwmw2@infradead.org>
8 *
9 * For licensing information, see the file 'LICENCE' in this directory.
10 *
11 */
12
13#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
14
15#include <linux/kernel.h>
16#include <linux/mtd/mtd.h>
17#include <linux/slab.h>
18#include <linux/pagemap.h>
19#include <linux/crc32.h>
20#include <linux/compiler.h>
21#include <linux/stat.h>
22#include "nodelist.h"
23#include "compr.h"
24
25static int jffs2_garbage_collect_pristine(struct jffs2_sb_info *c,
26 struct jffs2_inode_cache *ic,
27 struct jffs2_raw_node_ref *raw);
28static int jffs2_garbage_collect_metadata(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
29 struct jffs2_inode_info *f, struct jffs2_full_dnode *fd);
30static int jffs2_garbage_collect_dirent(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
31 struct jffs2_inode_info *f, struct jffs2_full_dirent *fd);
32static int jffs2_garbage_collect_deletion_dirent(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
33 struct jffs2_inode_info *f, struct jffs2_full_dirent *fd);
34static int jffs2_garbage_collect_hole(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
35 struct jffs2_inode_info *f, struct jffs2_full_dnode *fn,
36 uint32_t start, uint32_t end);
37static int jffs2_garbage_collect_dnode(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
38 struct jffs2_inode_info *f, struct jffs2_full_dnode *fn,
39 uint32_t start, uint32_t end);
40static int jffs2_garbage_collect_live(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
41 struct jffs2_raw_node_ref *raw, struct jffs2_inode_info *f);
42
43/* Called with erase_completion_lock held */
44static struct jffs2_eraseblock *jffs2_find_gc_block(struct jffs2_sb_info *c)
45{
46 struct jffs2_eraseblock *ret;
47 struct list_head *nextlist = NULL;
48 int n = jiffies % 128;
49
50 /* Pick an eraseblock to garbage collect next. This is where we'll
51 put the clever wear-levelling algorithms. Eventually. */
52 /* We possibly want to favour the dirtier blocks more when the
53 number of free blocks is low. */
54again:
55 if (!list_empty(&c->bad_used_list) && c->nr_free_blocks > c->resv_blocks_gcbad) {
56 jffs2_dbg(1, "Picking block from bad_used_list to GC next\n");
57 nextlist = &c->bad_used_list;
58 } else if (n < 50 && !list_empty(&c->erasable_list)) {
59 /* Note that most of them will have gone directly to be erased.
60 So don't favour the erasable_list _too_ much. */
61 jffs2_dbg(1, "Picking block from erasable_list to GC next\n");
62 nextlist = &c->erasable_list;
63 } else if (n < 110 && !list_empty(&c->very_dirty_list)) {
64 /* Most of the time, pick one off the very_dirty list */
65 jffs2_dbg(1, "Picking block from very_dirty_list to GC next\n");
66 nextlist = &c->very_dirty_list;
67 } else if (n < 126 && !list_empty(&c->dirty_list)) {
68 jffs2_dbg(1, "Picking block from dirty_list to GC next\n");
69 nextlist = &c->dirty_list;
70 } else if (!list_empty(&c->clean_list)) {
71 jffs2_dbg(1, "Picking block from clean_list to GC next\n");
72 nextlist = &c->clean_list;
73 } else if (!list_empty(&c->dirty_list)) {
74 jffs2_dbg(1, "Picking block from dirty_list to GC next (clean_list was empty)\n");
75
76 nextlist = &c->dirty_list;
77 } else if (!list_empty(&c->very_dirty_list)) {
78 jffs2_dbg(1, "Picking block from very_dirty_list to GC next (clean_list and dirty_list were empty)\n");
79 nextlist = &c->very_dirty_list;
80 } else if (!list_empty(&c->erasable_list)) {
81 jffs2_dbg(1, "Picking block from erasable_list to GC next (clean_list and {very_,}dirty_list were empty)\n");
82
83 nextlist = &c->erasable_list;
84 } else if (!list_empty(&c->erasable_pending_wbuf_list)) {
85 /* There are blocks are waiting for the wbuf sync */
86 jffs2_dbg(1, "Synching wbuf in order to reuse erasable_pending_wbuf_list blocks\n");
87 spin_unlock(&c->erase_completion_lock);
88 jffs2_flush_wbuf_pad(c);
89 spin_lock(&c->erase_completion_lock);
90 goto again;
91 } else {
92 /* Eep. All were empty */
93 jffs2_dbg(1, "No clean, dirty _or_ erasable blocks to GC from! Where are they all?\n");
94 return NULL;
95 }
96
97 ret = list_entry(nextlist->next, struct jffs2_eraseblock, list);
98 list_del(&ret->list);
99 c->gcblock = ret;
100 ret->gc_node = ret->first_node;
101 if (!ret->gc_node) {
102 pr_warn("Eep. ret->gc_node for block at 0x%08x is NULL\n",
103 ret->offset);
104 BUG();
105 }
106
107 /* Have we accidentally picked a clean block with wasted space ? */
108 if (ret->wasted_size) {
109 jffs2_dbg(1, "Converting wasted_size %08x to dirty_size\n",
110 ret->wasted_size);
111 ret->dirty_size += ret->wasted_size;
112 c->wasted_size -= ret->wasted_size;
113 c->dirty_size += ret->wasted_size;
114 ret->wasted_size = 0;
115 }
116
117 return ret;
118}
119
120/* jffs2_garbage_collect_pass
121 * Make a single attempt to progress GC. Move one node, and possibly
122 * start erasing one eraseblock.
123 */
124int jffs2_garbage_collect_pass(struct jffs2_sb_info *c)
125{
126 struct jffs2_inode_info *f;
127 struct jffs2_inode_cache *ic;
128 struct jffs2_eraseblock *jeb;
129 struct jffs2_raw_node_ref *raw;
130 uint32_t gcblock_dirty;
131 int ret = 0, inum, nlink;
132 int xattr = 0;
133
134 if (mutex_lock_interruptible(&c->alloc_sem))
135 return -EINTR;
136
137
138 for (;;) {
139 /* We can't start doing GC until we've finished checking
140 the node CRCs etc. */
141 int bucket, want_ino;
142
143 spin_lock(&c->erase_completion_lock);
144 if (!c->unchecked_size)
145 break;
146 spin_unlock(&c->erase_completion_lock);
147
148 if (!xattr)
149 xattr = jffs2_verify_xattr(c);
150
151 spin_lock(&c->inocache_lock);
152 /* Instead of doing the inodes in numeric order, doing a lookup
153 * in the hash for each possible number, just walk the hash
154 * buckets of *existing* inodes. This means that we process
155 * them out-of-order, but it can be a lot faster if there's
156 * a sparse inode# space. Which there often is. */
157 want_ino = c->check_ino;
158 for (bucket = c->check_ino % c->inocache_hashsize ; bucket < c->inocache_hashsize; bucket++) {
159 for (ic = c->inocache_list[bucket]; ic; ic = ic->next) {
160 if (ic->ino < want_ino)
161 continue;
162
163 if (ic->state != INO_STATE_CHECKEDABSENT &&
164 ic->state != INO_STATE_PRESENT)
165 goto got_next; /* with inocache_lock held */
166
167 jffs2_dbg(1, "Skipping ino #%u already checked\n",
168 ic->ino);
169 }
170 want_ino = 0;
171 }
172
173 /* Point c->check_ino past the end of the last bucket. */
174 c->check_ino = ((c->highest_ino + c->inocache_hashsize + 1) &
175 ~c->inocache_hashsize) - 1;
176
177 spin_unlock(&c->inocache_lock);
178
179 pr_crit("Checked all inodes but still 0x%x bytes of unchecked space?\n",
180 c->unchecked_size);
181 jffs2_dbg_dump_block_lists_nolock(c);
182 mutex_unlock(&c->alloc_sem);
183 return -ENOSPC;
184
185 got_next:
186 /* For next time round the loop, we want c->checked_ino to indicate
187 * the *next* one we want to check. And since we're walking the
188 * buckets rather than doing it sequentially, it's: */
189 c->check_ino = ic->ino + c->inocache_hashsize;
190
191 if (!ic->pino_nlink) {
192 jffs2_dbg(1, "Skipping check of ino #%d with nlink/pino zero\n",
193 ic->ino);
194 spin_unlock(&c->inocache_lock);
195 jffs2_xattr_delete_inode(c, ic);
196 continue;
197 }
198 switch(ic->state) {
199 case INO_STATE_CHECKEDABSENT:
200 case INO_STATE_PRESENT:
201 spin_unlock(&c->inocache_lock);
202 continue;
203
204 case INO_STATE_GC:
205 case INO_STATE_CHECKING:
206 pr_warn("Inode #%u is in state %d during CRC check phase!\n",
207 ic->ino, ic->state);
208 spin_unlock(&c->inocache_lock);
209 BUG();
210
211 case INO_STATE_READING:
212 /* We need to wait for it to finish, lest we move on
213 and trigger the BUG() above while we haven't yet
214 finished checking all its nodes */
215 jffs2_dbg(1, "Waiting for ino #%u to finish reading\n",
216 ic->ino);
217 /* We need to come back again for the _same_ inode. We've
218 made no progress in this case, but that should be OK */
219 c->check_ino = ic->ino;
220
221 mutex_unlock(&c->alloc_sem);
222 sleep_on_spinunlock(&c->inocache_wq, &c->inocache_lock);
223 return 0;
224
225 default:
226 BUG();
227
228 case INO_STATE_UNCHECKED:
229 ;
230 }
231 ic->state = INO_STATE_CHECKING;
232 spin_unlock(&c->inocache_lock);
233
234 jffs2_dbg(1, "%s(): triggering inode scan of ino#%u\n",
235 __func__, ic->ino);
236
237 ret = jffs2_do_crccheck_inode(c, ic);
238 if (ret)
239 pr_warn("Returned error for crccheck of ino #%u. Expect badness...\n",
240 ic->ino);
241
242 jffs2_set_inocache_state(c, ic, INO_STATE_CHECKEDABSENT);
243 mutex_unlock(&c->alloc_sem);
244 return ret;
245 }
246
247 /* If there are any blocks which need erasing, erase them now */
248 if (!list_empty(&c->erase_complete_list) ||
249 !list_empty(&c->erase_pending_list)) {
250 spin_unlock(&c->erase_completion_lock);
251 mutex_unlock(&c->alloc_sem);
252 jffs2_dbg(1, "%s(): erasing pending blocks\n", __func__);
253 if (jffs2_erase_pending_blocks(c, 1))
254 return 0;
255
256 jffs2_dbg(1, "No progress from erasing block; doing GC anyway\n");
257 mutex_lock(&c->alloc_sem);
258 spin_lock(&c->erase_completion_lock);
259 }
260
261 /* First, work out which block we're garbage-collecting */
262 jeb = c->gcblock;
263
264 if (!jeb)
265 jeb = jffs2_find_gc_block(c);
266
267 if (!jeb) {
268 /* Couldn't find a free block. But maybe we can just erase one and make 'progress'? */
269 if (c->nr_erasing_blocks) {
270 spin_unlock(&c->erase_completion_lock);
271 mutex_unlock(&c->alloc_sem);
272 return -EAGAIN;
273 }
274 jffs2_dbg(1, "Couldn't find erase block to garbage collect!\n");
275 spin_unlock(&c->erase_completion_lock);
276 mutex_unlock(&c->alloc_sem);
277 return -EIO;
278 }
279
280 jffs2_dbg(1, "GC from block %08x, used_size %08x, dirty_size %08x, free_size %08x\n",
281 jeb->offset, jeb->used_size, jeb->dirty_size, jeb->free_size);
282 D1(if (c->nextblock)
283 printk(KERN_DEBUG "Nextblock at %08x, used_size %08x, dirty_size %08x, wasted_size %08x, free_size %08x\n", c->nextblock->offset, c->nextblock->used_size, c->nextblock->dirty_size, c->nextblock->wasted_size, c->nextblock->free_size));
284
285 if (!jeb->used_size) {
286 mutex_unlock(&c->alloc_sem);
287 goto eraseit;
288 }
289
290 raw = jeb->gc_node;
291 gcblock_dirty = jeb->dirty_size;
292
293 while(ref_obsolete(raw)) {
294 jffs2_dbg(1, "Node at 0x%08x is obsolete... skipping\n",
295 ref_offset(raw));
296 raw = ref_next(raw);
297 if (unlikely(!raw)) {
298 pr_warn("eep. End of raw list while still supposedly nodes to GC\n");
299 pr_warn("erase block at 0x%08x. free_size 0x%08x, dirty_size 0x%08x, used_size 0x%08x\n",
300 jeb->offset, jeb->free_size,
301 jeb->dirty_size, jeb->used_size);
302 jeb->gc_node = raw;
303 spin_unlock(&c->erase_completion_lock);
304 mutex_unlock(&c->alloc_sem);
305 BUG();
306 }
307 }
308 jeb->gc_node = raw;
309
310 jffs2_dbg(1, "Going to garbage collect node at 0x%08x\n",
311 ref_offset(raw));
312
313 if (!raw->next_in_ino) {
314 /* Inode-less node. Clean marker, snapshot or something like that */
315 spin_unlock(&c->erase_completion_lock);
316 if (ref_flags(raw) == REF_PRISTINE) {
317 /* It's an unknown node with JFFS2_FEATURE_RWCOMPAT_COPY */
318 jffs2_garbage_collect_pristine(c, NULL, raw);
319 } else {
320 /* Just mark it obsolete */
321 jffs2_mark_node_obsolete(c, raw);
322 }
323 mutex_unlock(&c->alloc_sem);
324 goto eraseit_lock;
325 }
326
327 ic = jffs2_raw_ref_to_ic(raw);
328
329#ifdef CONFIG_JFFS2_FS_XATTR
330 /* When 'ic' refers xattr_datum/xattr_ref, this node is GCed as xattr.
331 * We can decide whether this node is inode or xattr by ic->class. */
332 if (ic->class == RAWNODE_CLASS_XATTR_DATUM
333 || ic->class == RAWNODE_CLASS_XATTR_REF) {
334 spin_unlock(&c->erase_completion_lock);
335
336 if (ic->class == RAWNODE_CLASS_XATTR_DATUM) {
337 ret = jffs2_garbage_collect_xattr_datum(c, (struct jffs2_xattr_datum *)ic, raw);
338 } else {
339 ret = jffs2_garbage_collect_xattr_ref(c, (struct jffs2_xattr_ref *)ic, raw);
340 }
341 goto test_gcnode;
342 }
343#endif
344
345 /* We need to hold the inocache. Either the erase_completion_lock or
346 the inocache_lock are sufficient; we trade down since the inocache_lock
347 causes less contention. */
348 spin_lock(&c->inocache_lock);
349
350 spin_unlock(&c->erase_completion_lock);
351
352 jffs2_dbg(1, "%s(): collecting from block @0x%08x. Node @0x%08x(%d), ino #%u\n",
353 __func__, jeb->offset, ref_offset(raw), ref_flags(raw),
354 ic->ino);
355
356 /* Three possibilities:
357 1. Inode is already in-core. We must iget it and do proper
358 updating to its fragtree, etc.
359 2. Inode is not in-core, node is REF_PRISTINE. We lock the
360 inocache to prevent a read_inode(), copy the node intact.
361 3. Inode is not in-core, node is not pristine. We must iget()
362 and take the slow path.
363 */
364
365 switch(ic->state) {
366 case INO_STATE_CHECKEDABSENT:
367 /* It's been checked, but it's not currently in-core.
368 We can just copy any pristine nodes, but have
369 to prevent anyone else from doing read_inode() while
370 we're at it, so we set the state accordingly */
371 if (ref_flags(raw) == REF_PRISTINE)
372 ic->state = INO_STATE_GC;
373 else {
374 jffs2_dbg(1, "Ino #%u is absent but node not REF_PRISTINE. Reading.\n",
375 ic->ino);
376 }
377 break;
378
379 case INO_STATE_PRESENT:
380 /* It's in-core. GC must iget() it. */
381 break;
382
383 case INO_STATE_UNCHECKED:
384 case INO_STATE_CHECKING:
385 case INO_STATE_GC:
386 /* Should never happen. We should have finished checking
387 by the time we actually start doing any GC, and since
388 we're holding the alloc_sem, no other garbage collection
389 can happen.
390 */
391 pr_crit("Inode #%u already in state %d in jffs2_garbage_collect_pass()!\n",
392 ic->ino, ic->state);
393 mutex_unlock(&c->alloc_sem);
394 spin_unlock(&c->inocache_lock);
395 BUG();
396
397 case INO_STATE_READING:
398 /* Someone's currently trying to read it. We must wait for
399 them to finish and then go through the full iget() route
400 to do the GC. However, sometimes read_inode() needs to get
401 the alloc_sem() (for marking nodes invalid) so we must
402 drop the alloc_sem before sleeping. */
403
404 mutex_unlock(&c->alloc_sem);
405 jffs2_dbg(1, "%s(): waiting for ino #%u in state %d\n",
406 __func__, ic->ino, ic->state);
407 sleep_on_spinunlock(&c->inocache_wq, &c->inocache_lock);
408 /* And because we dropped the alloc_sem we must start again from the
409 beginning. Ponder chance of livelock here -- we're returning success
410 without actually making any progress.
411
412 Q: What are the chances that the inode is back in INO_STATE_READING
413 again by the time we next enter this function? And that this happens
414 enough times to cause a real delay?
415
416 A: Small enough that I don't care :)
417 */
418 return 0;
419 }
420
421 /* OK. Now if the inode is in state INO_STATE_GC, we are going to copy the
422 node intact, and we don't have to muck about with the fragtree etc.
423 because we know it's not in-core. If it _was_ in-core, we go through
424 all the iget() crap anyway */
425
426 if (ic->state == INO_STATE_GC) {
427 spin_unlock(&c->inocache_lock);
428
429 ret = jffs2_garbage_collect_pristine(c, ic, raw);
430
431 spin_lock(&c->inocache_lock);
432 ic->state = INO_STATE_CHECKEDABSENT;
433 wake_up(&c->inocache_wq);
434
435 if (ret != -EBADFD) {
436 spin_unlock(&c->inocache_lock);
437 goto test_gcnode;
438 }
439
440 /* Fall through if it wanted us to, with inocache_lock held */
441 }
442
443 /* Prevent the fairly unlikely race where the gcblock is
444 entirely obsoleted by the final close of a file which had
445 the only valid nodes in the block, followed by erasure,
446 followed by freeing of the ic because the erased block(s)
447 held _all_ the nodes of that inode.... never been seen but
448 it's vaguely possible. */
449
450 inum = ic->ino;
451 nlink = ic->pino_nlink;
452 spin_unlock(&c->inocache_lock);
453
454 f = jffs2_gc_fetch_inode(c, inum, !nlink);
455 if (IS_ERR(f)) {
456 ret = PTR_ERR(f);
457 goto release_sem;
458 }
459 if (!f) {
460 ret = 0;
461 goto release_sem;
462 }
463
464 ret = jffs2_garbage_collect_live(c, jeb, raw, f);
465
466 jffs2_gc_release_inode(c, f);
467
468 test_gcnode:
469 if (jeb->dirty_size == gcblock_dirty && !ref_obsolete(jeb->gc_node)) {
470 /* Eep. This really should never happen. GC is broken */
471 pr_err("Error garbage collecting node at %08x!\n",
472 ref_offset(jeb->gc_node));
473 ret = -ENOSPC;
474 }
475 release_sem:
476 mutex_unlock(&c->alloc_sem);
477
478 eraseit_lock:
479 /* If we've finished this block, start it erasing */
480 spin_lock(&c->erase_completion_lock);
481
482 eraseit:
483 if (c->gcblock && !c->gcblock->used_size) {
484 jffs2_dbg(1, "Block at 0x%08x completely obsoleted by GC. Moving to erase_pending_list\n",
485 c->gcblock->offset);
486 /* We're GC'ing an empty block? */
487 list_add_tail(&c->gcblock->list, &c->erase_pending_list);
488 c->gcblock = NULL;
489 c->nr_erasing_blocks++;
490 jffs2_garbage_collect_trigger(c);
491 }
492 spin_unlock(&c->erase_completion_lock);
493
494 return ret;
495}
496
497static int jffs2_garbage_collect_live(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
498 struct jffs2_raw_node_ref *raw, struct jffs2_inode_info *f)
499{
500 struct jffs2_node_frag *frag;
501 struct jffs2_full_dnode *fn = NULL;
502 struct jffs2_full_dirent *fd;
503 uint32_t start = 0, end = 0, nrfrags = 0;
504 int ret = 0;
505
506 mutex_lock(&f->sem);
507
508 /* Now we have the lock for this inode. Check that it's still the one at the head
509 of the list. */
510
511 spin_lock(&c->erase_completion_lock);
512
513 if (c->gcblock != jeb) {
514 spin_unlock(&c->erase_completion_lock);
515 jffs2_dbg(1, "GC block is no longer gcblock. Restart\n");
516 goto upnout;
517 }
518 if (ref_obsolete(raw)) {
519 spin_unlock(&c->erase_completion_lock);
520 jffs2_dbg(1, "node to be GC'd was obsoleted in the meantime.\n");
521 /* They'll call again */
522 goto upnout;
523 }
524 spin_unlock(&c->erase_completion_lock);
525
526 /* OK. Looks safe. And nobody can get us now because we have the semaphore. Move the block */
527 if (f->metadata && f->metadata->raw == raw) {
528 fn = f->metadata;
529 ret = jffs2_garbage_collect_metadata(c, jeb, f, fn);
530 goto upnout;
531 }
532
533 /* FIXME. Read node and do lookup? */
534 for (frag = frag_first(&f->fragtree); frag; frag = frag_next(frag)) {
535 if (frag->node && frag->node->raw == raw) {
536 fn = frag->node;
537 end = frag->ofs + frag->size;
538 if (!nrfrags++)
539 start = frag->ofs;
540 if (nrfrags == frag->node->frags)
541 break; /* We've found them all */
542 }
543 }
544 if (fn) {
545 if (ref_flags(raw) == REF_PRISTINE) {
546 ret = jffs2_garbage_collect_pristine(c, f->inocache, raw);
547 if (!ret) {
548 /* Urgh. Return it sensibly. */
549 frag->node->raw = f->inocache->nodes;
550 }
551 if (ret != -EBADFD)
552 goto upnout;
553 }
554 /* We found a datanode. Do the GC */
555 if((start >> PAGE_SHIFT) < ((end-1) >> PAGE_SHIFT)) {
556 /* It crosses a page boundary. Therefore, it must be a hole. */
557 ret = jffs2_garbage_collect_hole(c, jeb, f, fn, start, end);
558 } else {
559 /* It could still be a hole. But we GC the page this way anyway */
560 ret = jffs2_garbage_collect_dnode(c, jeb, f, fn, start, end);
561 }
562 goto upnout;
563 }
564
565 /* Wasn't a dnode. Try dirent */
566 for (fd = f->dents; fd; fd=fd->next) {
567 if (fd->raw == raw)
568 break;
569 }
570
571 if (fd && fd->ino) {
572 ret = jffs2_garbage_collect_dirent(c, jeb, f, fd);
573 } else if (fd) {
574 ret = jffs2_garbage_collect_deletion_dirent(c, jeb, f, fd);
575 } else {
576 pr_warn("Raw node at 0x%08x wasn't in node lists for ino #%u\n",
577 ref_offset(raw), f->inocache->ino);
578 if (ref_obsolete(raw)) {
579 pr_warn("But it's obsolete so we don't mind too much\n");
580 } else {
581 jffs2_dbg_dump_node(c, ref_offset(raw));
582 BUG();
583 }
584 }
585 upnout:
586 mutex_unlock(&f->sem);
587
588 return ret;
589}
590
591static int jffs2_garbage_collect_pristine(struct jffs2_sb_info *c,
592 struct jffs2_inode_cache *ic,
593 struct jffs2_raw_node_ref *raw)
594{
595 union jffs2_node_union *node;
596 size_t retlen;
597 int ret;
598 uint32_t phys_ofs, alloclen;
599 uint32_t crc, rawlen;
600 int retried = 0;
601
602 jffs2_dbg(1, "Going to GC REF_PRISTINE node at 0x%08x\n",
603 ref_offset(raw));
604
605 alloclen = rawlen = ref_totlen(c, c->gcblock, raw);
606
607 /* Ask for a small amount of space (or the totlen if smaller) because we
608 don't want to force wastage of the end of a block if splitting would
609 work. */
610 if (ic && alloclen > sizeof(struct jffs2_raw_inode) + JFFS2_MIN_DATA_LEN)
611 alloclen = sizeof(struct jffs2_raw_inode) + JFFS2_MIN_DATA_LEN;
612
613 ret = jffs2_reserve_space_gc(c, alloclen, &alloclen, rawlen);
614 /* 'rawlen' is not the exact summary size; it is only an upper estimation */
615
616 if (ret)
617 return ret;
618
619 if (alloclen < rawlen) {
620 /* Doesn't fit untouched. We'll go the old route and split it */
621 return -EBADFD;
622 }
623
624 node = kmalloc(rawlen, GFP_KERNEL);
625 if (!node)
626 return -ENOMEM;
627
628 ret = jffs2_flash_read(c, ref_offset(raw), rawlen, &retlen, (char *)node);
629 if (!ret && retlen != rawlen)
630 ret = -EIO;
631 if (ret)
632 goto out_node;
633
634 crc = crc32(0, node, sizeof(struct jffs2_unknown_node)-4);
635 if (je32_to_cpu(node->u.hdr_crc) != crc) {
636 pr_warn("Header CRC failed on REF_PRISTINE node at 0x%08x: Read 0x%08x, calculated 0x%08x\n",
637 ref_offset(raw), je32_to_cpu(node->u.hdr_crc), crc);
638 goto bail;
639 }
640
641 switch(je16_to_cpu(node->u.nodetype)) {
642 case JFFS2_NODETYPE_INODE:
643 crc = crc32(0, node, sizeof(node->i)-8);
644 if (je32_to_cpu(node->i.node_crc) != crc) {
645 pr_warn("Node CRC failed on REF_PRISTINE data node at 0x%08x: Read 0x%08x, calculated 0x%08x\n",
646 ref_offset(raw), je32_to_cpu(node->i.node_crc),
647 crc);
648 goto bail;
649 }
650
651 if (je32_to_cpu(node->i.dsize)) {
652 crc = crc32(0, node->i.data, je32_to_cpu(node->i.csize));
653 if (je32_to_cpu(node->i.data_crc) != crc) {
654 pr_warn("Data CRC failed on REF_PRISTINE data node at 0x%08x: Read 0x%08x, calculated 0x%08x\n",
655 ref_offset(raw),
656 je32_to_cpu(node->i.data_crc), crc);
657 goto bail;
658 }
659 }
660 break;
661
662 case JFFS2_NODETYPE_DIRENT:
663 crc = crc32(0, node, sizeof(node->d)-8);
664 if (je32_to_cpu(node->d.node_crc) != crc) {
665 pr_warn("Node CRC failed on REF_PRISTINE dirent node at 0x%08x: Read 0x%08x, calculated 0x%08x\n",
666 ref_offset(raw),
667 je32_to_cpu(node->d.node_crc), crc);
668 goto bail;
669 }
670
671 if (strnlen(node->d.name, node->d.nsize) != node->d.nsize) {
672 pr_warn("Name in dirent node at 0x%08x contains zeroes\n",
673 ref_offset(raw));
674 goto bail;
675 }
676
677 if (node->d.nsize) {
678 crc = crc32(0, node->d.name, node->d.nsize);
679 if (je32_to_cpu(node->d.name_crc) != crc) {
680 pr_warn("Name CRC failed on REF_PRISTINE dirent node at 0x%08x: Read 0x%08x, calculated 0x%08x\n",
681 ref_offset(raw),
682 je32_to_cpu(node->d.name_crc), crc);
683 goto bail;
684 }
685 }
686 break;
687 default:
688 /* If it's inode-less, we don't _know_ what it is. Just copy it intact */
689 if (ic) {
690 pr_warn("Unknown node type for REF_PRISTINE node at 0x%08x: 0x%04x\n",
691 ref_offset(raw), je16_to_cpu(node->u.nodetype));
692 goto bail;
693 }
694 }
695
696 /* OK, all the CRCs are good; this node can just be copied as-is. */
697 retry:
698 phys_ofs = write_ofs(c);
699
700 ret = jffs2_flash_write(c, phys_ofs, rawlen, &retlen, (char *)node);
701
702 if (ret || (retlen != rawlen)) {
703 pr_notice("Write of %d bytes at 0x%08x failed. returned %d, retlen %zd\n",
704 rawlen, phys_ofs, ret, retlen);
705 if (retlen) {
706 jffs2_add_physical_node_ref(c, phys_ofs | REF_OBSOLETE, rawlen, NULL);
707 } else {
708 pr_notice("Not marking the space at 0x%08x as dirty because the flash driver returned retlen zero\n",
709 phys_ofs);
710 }
711 if (!retried) {
712 /* Try to reallocate space and retry */
713 uint32_t dummy;
714 struct jffs2_eraseblock *jeb = &c->blocks[phys_ofs / c->sector_size];
715
716 retried = 1;
717
718 jffs2_dbg(1, "Retrying failed write of REF_PRISTINE node.\n");
719
720 jffs2_dbg_acct_sanity_check(c,jeb);
721 jffs2_dbg_acct_paranoia_check(c, jeb);
722
723 ret = jffs2_reserve_space_gc(c, rawlen, &dummy, rawlen);
724 /* this is not the exact summary size of it,
725 it is only an upper estimation */
726
727 if (!ret) {
728 jffs2_dbg(1, "Allocated space at 0x%08x to retry failed write.\n",
729 phys_ofs);
730
731 jffs2_dbg_acct_sanity_check(c,jeb);
732 jffs2_dbg_acct_paranoia_check(c, jeb);
733
734 goto retry;
735 }
736 jffs2_dbg(1, "Failed to allocate space to retry failed write: %d!\n",
737 ret);
738 }
739
740 if (!ret)
741 ret = -EIO;
742 goto out_node;
743 }
744 jffs2_add_physical_node_ref(c, phys_ofs | REF_PRISTINE, rawlen, ic);
745
746 jffs2_mark_node_obsolete(c, raw);
747 jffs2_dbg(1, "WHEEE! GC REF_PRISTINE node at 0x%08x succeeded\n",
748 ref_offset(raw));
749
750 out_node:
751 kfree(node);
752 return ret;
753 bail:
754 ret = -EBADFD;
755 goto out_node;
756}
757
758static int jffs2_garbage_collect_metadata(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
759 struct jffs2_inode_info *f, struct jffs2_full_dnode *fn)
760{
761 struct jffs2_full_dnode *new_fn;
762 struct jffs2_raw_inode ri;
763 struct jffs2_node_frag *last_frag;
764 union jffs2_device_node dev;
765 char *mdata = NULL;
766 int mdatalen = 0;
767 uint32_t alloclen, ilen;
768 int ret;
769
770 if (S_ISBLK(JFFS2_F_I_MODE(f)) ||
771 S_ISCHR(JFFS2_F_I_MODE(f)) ) {
772 /* For these, we don't actually need to read the old node */
773 mdatalen = jffs2_encode_dev(&dev, JFFS2_F_I_RDEV(f));
774 mdata = (char *)&dev;
775 jffs2_dbg(1, "%s(): Writing %d bytes of kdev_t\n",
776 __func__, mdatalen);
777 } else if (S_ISLNK(JFFS2_F_I_MODE(f))) {
778 mdatalen = fn->size;
779 mdata = kmalloc(fn->size, GFP_KERNEL);
780 if (!mdata) {
781 pr_warn("kmalloc of mdata failed in jffs2_garbage_collect_metadata()\n");
782 return -ENOMEM;
783 }
784 ret = jffs2_read_dnode(c, f, fn, mdata, 0, mdatalen);
785 if (ret) {
786 pr_warn("read of old metadata failed in jffs2_garbage_collect_metadata(): %d\n",
787 ret);
788 kfree(mdata);
789 return ret;
790 }
791 jffs2_dbg(1, "%s(): Writing %d bites of symlink target\n",
792 __func__, mdatalen);
793
794 }
795
796 ret = jffs2_reserve_space_gc(c, sizeof(ri) + mdatalen, &alloclen,
797 JFFS2_SUMMARY_INODE_SIZE);
798 if (ret) {
799 pr_warn("jffs2_reserve_space_gc of %zd bytes for garbage_collect_metadata failed: %d\n",
800 sizeof(ri) + mdatalen, ret);
801 goto out;
802 }
803
804 last_frag = frag_last(&f->fragtree);
805 if (last_frag)
806 /* Fetch the inode length from the fragtree rather then
807 * from i_size since i_size may have not been updated yet */
808 ilen = last_frag->ofs + last_frag->size;
809 else
810 ilen = JFFS2_F_I_SIZE(f);
811
812 memset(&ri, 0, sizeof(ri));
813 ri.magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
814 ri.nodetype = cpu_to_je16(JFFS2_NODETYPE_INODE);
815 ri.totlen = cpu_to_je32(sizeof(ri) + mdatalen);
816 ri.hdr_crc = cpu_to_je32(crc32(0, &ri, sizeof(struct jffs2_unknown_node)-4));
817
818 ri.ino = cpu_to_je32(f->inocache->ino);
819 ri.version = cpu_to_je32(++f->highest_version);
820 ri.mode = cpu_to_jemode(JFFS2_F_I_MODE(f));
821 ri.uid = cpu_to_je16(JFFS2_F_I_UID(f));
822 ri.gid = cpu_to_je16(JFFS2_F_I_GID(f));
823 ri.isize = cpu_to_je32(ilen);
824 ri.atime = cpu_to_je32(JFFS2_F_I_ATIME(f));
825 ri.ctime = cpu_to_je32(JFFS2_F_I_CTIME(f));
826 ri.mtime = cpu_to_je32(JFFS2_F_I_MTIME(f));
827 ri.offset = cpu_to_je32(0);
828 ri.csize = cpu_to_je32(mdatalen);
829 ri.dsize = cpu_to_je32(mdatalen);
830 ri.compr = JFFS2_COMPR_NONE;
831 ri.node_crc = cpu_to_je32(crc32(0, &ri, sizeof(ri)-8));
832 ri.data_crc = cpu_to_je32(crc32(0, mdata, mdatalen));
833
834 new_fn = jffs2_write_dnode(c, f, &ri, mdata, mdatalen, ALLOC_GC);
835
836 if (IS_ERR(new_fn)) {
837 pr_warn("Error writing new dnode: %ld\n", PTR_ERR(new_fn));
838 ret = PTR_ERR(new_fn);
839 goto out;
840 }
841 jffs2_mark_node_obsolete(c, fn->raw);
842 jffs2_free_full_dnode(fn);
843 f->metadata = new_fn;
844 out:
845 if (S_ISLNK(JFFS2_F_I_MODE(f)))
846 kfree(mdata);
847 return ret;
848}
849
850static int jffs2_garbage_collect_dirent(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
851 struct jffs2_inode_info *f, struct jffs2_full_dirent *fd)
852{
853 struct jffs2_full_dirent *new_fd;
854 struct jffs2_raw_dirent rd;
855 uint32_t alloclen;
856 int ret;
857
858 rd.magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
859 rd.nodetype = cpu_to_je16(JFFS2_NODETYPE_DIRENT);
860 rd.nsize = strlen(fd->name);
861 rd.totlen = cpu_to_je32(sizeof(rd) + rd.nsize);
862 rd.hdr_crc = cpu_to_je32(crc32(0, &rd, sizeof(struct jffs2_unknown_node)-4));
863
864 rd.pino = cpu_to_je32(f->inocache->ino);
865 rd.version = cpu_to_je32(++f->highest_version);
866 rd.ino = cpu_to_je32(fd->ino);
867 /* If the times on this inode were set by explicit utime() they can be different,
868 so refrain from splatting them. */
869 if (JFFS2_F_I_MTIME(f) == JFFS2_F_I_CTIME(f))
870 rd.mctime = cpu_to_je32(JFFS2_F_I_MTIME(f));
871 else
872 rd.mctime = cpu_to_je32(0);
873 rd.type = fd->type;
874 rd.node_crc = cpu_to_je32(crc32(0, &rd, sizeof(rd)-8));
875 rd.name_crc = cpu_to_je32(crc32(0, fd->name, rd.nsize));
876
877 ret = jffs2_reserve_space_gc(c, sizeof(rd)+rd.nsize, &alloclen,
878 JFFS2_SUMMARY_DIRENT_SIZE(rd.nsize));
879 if (ret) {
880 pr_warn("jffs2_reserve_space_gc of %zd bytes for garbage_collect_dirent failed: %d\n",
881 sizeof(rd)+rd.nsize, ret);
882 return ret;
883 }
884 new_fd = jffs2_write_dirent(c, f, &rd, fd->name, rd.nsize, ALLOC_GC);
885
886 if (IS_ERR(new_fd)) {
887 pr_warn("jffs2_write_dirent in garbage_collect_dirent failed: %ld\n",
888 PTR_ERR(new_fd));
889 return PTR_ERR(new_fd);
890 }
891 jffs2_add_fd_to_list(c, new_fd, &f->dents);
892 return 0;
893}
894
895static int jffs2_garbage_collect_deletion_dirent(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
896 struct jffs2_inode_info *f, struct jffs2_full_dirent *fd)
897{
898 struct jffs2_full_dirent **fdp = &f->dents;
899 int found = 0;
900
901 /* On a medium where we can't actually mark nodes obsolete
902 pernamently, such as NAND flash, we need to work out
903 whether this deletion dirent is still needed to actively
904 delete a 'real' dirent with the same name that's still
905 somewhere else on the flash. */
906 if (!jffs2_can_mark_obsolete(c)) {
907 struct jffs2_raw_dirent *rd;
908 struct jffs2_raw_node_ref *raw;
909 int ret;
910 size_t retlen;
911 int name_len = strlen(fd->name);
912 uint32_t name_crc = crc32(0, fd->name, name_len);
913 uint32_t rawlen = ref_totlen(c, jeb, fd->raw);
914
915 rd = kmalloc(rawlen, GFP_KERNEL);
916 if (!rd)
917 return -ENOMEM;
918
919 /* Prevent the erase code from nicking the obsolete node refs while
920 we're looking at them. I really don't like this extra lock but
921 can't see any alternative. Suggestions on a postcard to... */
922 mutex_lock(&c->erase_free_sem);
923
924 for (raw = f->inocache->nodes; raw != (void *)f->inocache; raw = raw->next_in_ino) {
925
926 cond_resched();
927
928 /* We only care about obsolete ones */
929 if (!(ref_obsolete(raw)))
930 continue;
931
932 /* Any dirent with the same name is going to have the same length... */
933 if (ref_totlen(c, NULL, raw) != rawlen)
934 continue;
935
936 /* Doesn't matter if there's one in the same erase block. We're going to
937 delete it too at the same time. */
938 if (SECTOR_ADDR(raw->flash_offset) == SECTOR_ADDR(fd->raw->flash_offset))
939 continue;
940
941 jffs2_dbg(1, "Check potential deletion dirent at %08x\n",
942 ref_offset(raw));
943
944 /* This is an obsolete node belonging to the same directory, and it's of the right
945 length. We need to take a closer look...*/
946 ret = jffs2_flash_read(c, ref_offset(raw), rawlen, &retlen, (char *)rd);
947 if (ret) {
948 pr_warn("%s(): Read error (%d) reading obsolete node at %08x\n",
949 __func__, ret, ref_offset(raw));
950 /* If we can't read it, we don't need to continue to obsolete it. Continue */
951 continue;
952 }
953 if (retlen != rawlen) {
954 pr_warn("%s(): Short read (%zd not %u) reading header from obsolete node at %08x\n",
955 __func__, retlen, rawlen,
956 ref_offset(raw));
957 continue;
958 }
959
960 if (je16_to_cpu(rd->nodetype) != JFFS2_NODETYPE_DIRENT)
961 continue;
962
963 /* If the name CRC doesn't match, skip */
964 if (je32_to_cpu(rd->name_crc) != name_crc)
965 continue;
966
967 /* If the name length doesn't match, or it's another deletion dirent, skip */
968 if (rd->nsize != name_len || !je32_to_cpu(rd->ino))
969 continue;
970
971 /* OK, check the actual name now */
972 if (memcmp(rd->name, fd->name, name_len))
973 continue;
974
975 /* OK. The name really does match. There really is still an older node on
976 the flash which our deletion dirent obsoletes. So we have to write out
977 a new deletion dirent to replace it */
978 mutex_unlock(&c->erase_free_sem);
979
980 jffs2_dbg(1, "Deletion dirent at %08x still obsoletes real dirent \"%s\" at %08x for ino #%u\n",
981 ref_offset(fd->raw), fd->name,
982 ref_offset(raw), je32_to_cpu(rd->ino));
983 kfree(rd);
984
985 return jffs2_garbage_collect_dirent(c, jeb, f, fd);
986 }
987
988 mutex_unlock(&c->erase_free_sem);
989 kfree(rd);
990 }
991
992 /* FIXME: If we're deleting a dirent which contains the current mtime and ctime,
993 we should update the metadata node with those times accordingly */
994
995 /* No need for it any more. Just mark it obsolete and remove it from the list */
996 while (*fdp) {
997 if ((*fdp) == fd) {
998 found = 1;
999 *fdp = fd->next;
1000 break;
1001 }
1002 fdp = &(*fdp)->next;
1003 }
1004 if (!found) {
1005 pr_warn("Deletion dirent \"%s\" not found in list for ino #%u\n",
1006 fd->name, f->inocache->ino);
1007 }
1008 jffs2_mark_node_obsolete(c, fd->raw);
1009 jffs2_free_full_dirent(fd);
1010 return 0;
1011}
1012
1013static int jffs2_garbage_collect_hole(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
1014 struct jffs2_inode_info *f, struct jffs2_full_dnode *fn,
1015 uint32_t start, uint32_t end)
1016{
1017 struct jffs2_raw_inode ri;
1018 struct jffs2_node_frag *frag;
1019 struct jffs2_full_dnode *new_fn;
1020 uint32_t alloclen, ilen;
1021 int ret;
1022
1023 jffs2_dbg(1, "Writing replacement hole node for ino #%u from offset 0x%x to 0x%x\n",
1024 f->inocache->ino, start, end);
1025
1026 memset(&ri, 0, sizeof(ri));
1027
1028 if(fn->frags > 1) {
1029 size_t readlen;
1030 uint32_t crc;
1031 /* It's partially obsoleted by a later write. So we have to
1032 write it out again with the _same_ version as before */
1033 ret = jffs2_flash_read(c, ref_offset(fn->raw), sizeof(ri), &readlen, (char *)&ri);
1034 if (readlen != sizeof(ri) || ret) {
1035 pr_warn("Node read failed in jffs2_garbage_collect_hole. Ret %d, retlen %zd. Data will be lost by writing new hole node\n",
1036 ret, readlen);
1037 goto fill;
1038 }
1039 if (je16_to_cpu(ri.nodetype) != JFFS2_NODETYPE_INODE) {
1040 pr_warn("%s(): Node at 0x%08x had node type 0x%04x instead of JFFS2_NODETYPE_INODE(0x%04x)\n",
1041 __func__, ref_offset(fn->raw),
1042 je16_to_cpu(ri.nodetype), JFFS2_NODETYPE_INODE);
1043 return -EIO;
1044 }
1045 if (je32_to_cpu(ri.totlen) != sizeof(ri)) {
1046 pr_warn("%s(): Node at 0x%08x had totlen 0x%x instead of expected 0x%zx\n",
1047 __func__, ref_offset(fn->raw),
1048 je32_to_cpu(ri.totlen), sizeof(ri));
1049 return -EIO;
1050 }
1051 crc = crc32(0, &ri, sizeof(ri)-8);
1052 if (crc != je32_to_cpu(ri.node_crc)) {
1053 pr_warn("%s: Node at 0x%08x had CRC 0x%08x which doesn't match calculated CRC 0x%08x\n",
1054 __func__, ref_offset(fn->raw),
1055 je32_to_cpu(ri.node_crc), crc);
1056 /* FIXME: We could possibly deal with this by writing new holes for each frag */
1057 pr_warn("Data in the range 0x%08x to 0x%08x of inode #%u will be lost\n",
1058 start, end, f->inocache->ino);
1059 goto fill;
1060 }
1061 if (ri.compr != JFFS2_COMPR_ZERO) {
1062 pr_warn("%s(): Node 0x%08x wasn't a hole node!\n",
1063 __func__, ref_offset(fn->raw));
1064 pr_warn("Data in the range 0x%08x to 0x%08x of inode #%u will be lost\n",
1065 start, end, f->inocache->ino);
1066 goto fill;
1067 }
1068 } else {
1069 fill:
1070 ri.magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
1071 ri.nodetype = cpu_to_je16(JFFS2_NODETYPE_INODE);
1072 ri.totlen = cpu_to_je32(sizeof(ri));
1073 ri.hdr_crc = cpu_to_je32(crc32(0, &ri, sizeof(struct jffs2_unknown_node)-4));
1074
1075 ri.ino = cpu_to_je32(f->inocache->ino);
1076 ri.version = cpu_to_je32(++f->highest_version);
1077 ri.offset = cpu_to_je32(start);
1078 ri.dsize = cpu_to_je32(end - start);
1079 ri.csize = cpu_to_je32(0);
1080 ri.compr = JFFS2_COMPR_ZERO;
1081 }
1082
1083 frag = frag_last(&f->fragtree);
1084 if (frag)
1085 /* Fetch the inode length from the fragtree rather then
1086 * from i_size since i_size may have not been updated yet */
1087 ilen = frag->ofs + frag->size;
1088 else
1089 ilen = JFFS2_F_I_SIZE(f);
1090
1091 ri.mode = cpu_to_jemode(JFFS2_F_I_MODE(f));
1092 ri.uid = cpu_to_je16(JFFS2_F_I_UID(f));
1093 ri.gid = cpu_to_je16(JFFS2_F_I_GID(f));
1094 ri.isize = cpu_to_je32(ilen);
1095 ri.atime = cpu_to_je32(JFFS2_F_I_ATIME(f));
1096 ri.ctime = cpu_to_je32(JFFS2_F_I_CTIME(f));
1097 ri.mtime = cpu_to_je32(JFFS2_F_I_MTIME(f));
1098 ri.data_crc = cpu_to_je32(0);
1099 ri.node_crc = cpu_to_je32(crc32(0, &ri, sizeof(ri)-8));
1100
1101 ret = jffs2_reserve_space_gc(c, sizeof(ri), &alloclen,
1102 JFFS2_SUMMARY_INODE_SIZE);
1103 if (ret) {
1104 pr_warn("jffs2_reserve_space_gc of %zd bytes for garbage_collect_hole failed: %d\n",
1105 sizeof(ri), ret);
1106 return ret;
1107 }
1108 new_fn = jffs2_write_dnode(c, f, &ri, NULL, 0, ALLOC_GC);
1109
1110 if (IS_ERR(new_fn)) {
1111 pr_warn("Error writing new hole node: %ld\n", PTR_ERR(new_fn));
1112 return PTR_ERR(new_fn);
1113 }
1114 if (je32_to_cpu(ri.version) == f->highest_version) {
1115 jffs2_add_full_dnode_to_inode(c, f, new_fn);
1116 if (f->metadata) {
1117 jffs2_mark_node_obsolete(c, f->metadata->raw);
1118 jffs2_free_full_dnode(f->metadata);
1119 f->metadata = NULL;
1120 }
1121 return 0;
1122 }
1123
1124 /*
1125 * We should only get here in the case where the node we are
1126 * replacing had more than one frag, so we kept the same version
1127 * number as before. (Except in case of error -- see 'goto fill;'
1128 * above.)
1129 */
1130 D1(if(unlikely(fn->frags <= 1)) {
1131 pr_warn("%s(): Replacing fn with %d frag(s) but new ver %d != highest_version %d of ino #%d\n",
1132 __func__, fn->frags, je32_to_cpu(ri.version),
1133 f->highest_version, je32_to_cpu(ri.ino));
1134 });
1135
1136 /* This is a partially-overlapped hole node. Mark it REF_NORMAL not REF_PRISTINE */
1137 mark_ref_normal(new_fn->raw);
1138
1139 for (frag = jffs2_lookup_node_frag(&f->fragtree, fn->ofs);
1140 frag; frag = frag_next(frag)) {
1141 if (frag->ofs > fn->size + fn->ofs)
1142 break;
1143 if (frag->node == fn) {
1144 frag->node = new_fn;
1145 new_fn->frags++;
1146 fn->frags--;
1147 }
1148 }
1149 if (fn->frags) {
1150 pr_warn("%s(): Old node still has frags!\n", __func__);
1151 BUG();
1152 }
1153 if (!new_fn->frags) {
1154 pr_warn("%s(): New node has no frags!\n", __func__);
1155 BUG();
1156 }
1157
1158 jffs2_mark_node_obsolete(c, fn->raw);
1159 jffs2_free_full_dnode(fn);
1160
1161 return 0;
1162}
1163
1164static int jffs2_garbage_collect_dnode(struct jffs2_sb_info *c, struct jffs2_eraseblock *orig_jeb,
1165 struct jffs2_inode_info *f, struct jffs2_full_dnode *fn,
1166 uint32_t start, uint32_t end)
1167{
1168 struct inode *inode = OFNI_EDONI_2SFFJ(f);
1169 struct jffs2_full_dnode *new_fn;
1170 struct jffs2_raw_inode ri;
1171 uint32_t alloclen, offset, orig_end, orig_start;
1172 int ret = 0;
1173 unsigned char *comprbuf = NULL, *writebuf;
1174 struct folio *folio;
1175 unsigned char *pg_ptr;
1176
1177 memset(&ri, 0, sizeof(ri));
1178
1179 jffs2_dbg(1, "Writing replacement dnode for ino #%u from offset 0x%x to 0x%x\n",
1180 f->inocache->ino, start, end);
1181
1182 orig_end = end;
1183 orig_start = start;
1184
1185 if (c->nr_free_blocks + c->nr_erasing_blocks > c->resv_blocks_gcmerge) {
1186 /* Attempt to do some merging. But only expand to cover logically
1187 adjacent frags if the block containing them is already considered
1188 to be dirty. Otherwise we end up with GC just going round in
1189 circles dirtying the nodes it already wrote out, especially
1190 on NAND where we have small eraseblocks and hence a much higher
1191 chance of nodes having to be split to cross boundaries. */
1192
1193 struct jffs2_node_frag *frag;
1194 uint32_t min, max;
1195
1196 min = start & ~(PAGE_SIZE-1);
1197 max = min + PAGE_SIZE;
1198
1199 frag = jffs2_lookup_node_frag(&f->fragtree, start);
1200
1201 /* BUG_ON(!frag) but that'll happen anyway... */
1202
1203 BUG_ON(frag->ofs != start);
1204
1205 /* First grow down... */
1206 while((frag = frag_prev(frag)) && frag->ofs >= min) {
1207
1208 /* If the previous frag doesn't even reach the beginning, there's
1209 excessive fragmentation. Just merge. */
1210 if (frag->ofs > min) {
1211 jffs2_dbg(1, "Expanding down to cover partial frag (0x%x-0x%x)\n",
1212 frag->ofs, frag->ofs+frag->size);
1213 start = frag->ofs;
1214 continue;
1215 }
1216 /* OK. This frag holds the first byte of the page. */
1217 if (!frag->node || !frag->node->raw) {
1218 jffs2_dbg(1, "First frag in page is hole (0x%x-0x%x). Not expanding down.\n",
1219 frag->ofs, frag->ofs+frag->size);
1220 break;
1221 } else {
1222
1223 /* OK, it's a frag which extends to the beginning of the page. Does it live
1224 in a block which is still considered clean? If so, don't obsolete it.
1225 If not, cover it anyway. */
1226
1227 struct jffs2_raw_node_ref *raw = frag->node->raw;
1228 struct jffs2_eraseblock *jeb;
1229
1230 jeb = &c->blocks[raw->flash_offset / c->sector_size];
1231
1232 if (jeb == c->gcblock) {
1233 jffs2_dbg(1, "Expanding down to cover frag (0x%x-0x%x) in gcblock at %08x\n",
1234 frag->ofs,
1235 frag->ofs + frag->size,
1236 ref_offset(raw));
1237 start = frag->ofs;
1238 break;
1239 }
1240 if (!ISDIRTY(jeb->dirty_size + jeb->wasted_size)) {
1241 jffs2_dbg(1, "Not expanding down to cover frag (0x%x-0x%x) in clean block %08x\n",
1242 frag->ofs,
1243 frag->ofs + frag->size,
1244 jeb->offset);
1245 break;
1246 }
1247
1248 jffs2_dbg(1, "Expanding down to cover frag (0x%x-0x%x) in dirty block %08x\n",
1249 frag->ofs,
1250 frag->ofs + frag->size,
1251 jeb->offset);
1252 start = frag->ofs;
1253 break;
1254 }
1255 }
1256
1257 /* ... then up */
1258
1259 /* Find last frag which is actually part of the node we're to GC. */
1260 frag = jffs2_lookup_node_frag(&f->fragtree, end-1);
1261
1262 while((frag = frag_next(frag)) && frag->ofs+frag->size <= max) {
1263
1264 /* If the previous frag doesn't even reach the beginning, there's lots
1265 of fragmentation. Just merge. */
1266 if (frag->ofs+frag->size < max) {
1267 jffs2_dbg(1, "Expanding up to cover partial frag (0x%x-0x%x)\n",
1268 frag->ofs, frag->ofs+frag->size);
1269 end = frag->ofs + frag->size;
1270 continue;
1271 }
1272
1273 if (!frag->node || !frag->node->raw) {
1274 jffs2_dbg(1, "Last frag in page is hole (0x%x-0x%x). Not expanding up.\n",
1275 frag->ofs, frag->ofs+frag->size);
1276 break;
1277 } else {
1278
1279 /* OK, it's a frag which extends to the beginning of the page. Does it live
1280 in a block which is still considered clean? If so, don't obsolete it.
1281 If not, cover it anyway. */
1282
1283 struct jffs2_raw_node_ref *raw = frag->node->raw;
1284 struct jffs2_eraseblock *jeb;
1285
1286 jeb = &c->blocks[raw->flash_offset / c->sector_size];
1287
1288 if (jeb == c->gcblock) {
1289 jffs2_dbg(1, "Expanding up to cover frag (0x%x-0x%x) in gcblock at %08x\n",
1290 frag->ofs,
1291 frag->ofs + frag->size,
1292 ref_offset(raw));
1293 end = frag->ofs + frag->size;
1294 break;
1295 }
1296 if (!ISDIRTY(jeb->dirty_size + jeb->wasted_size)) {
1297 jffs2_dbg(1, "Not expanding up to cover frag (0x%x-0x%x) in clean block %08x\n",
1298 frag->ofs,
1299 frag->ofs + frag->size,
1300 jeb->offset);
1301 break;
1302 }
1303
1304 jffs2_dbg(1, "Expanding up to cover frag (0x%x-0x%x) in dirty block %08x\n",
1305 frag->ofs,
1306 frag->ofs + frag->size,
1307 jeb->offset);
1308 end = frag->ofs + frag->size;
1309 break;
1310 }
1311 }
1312 jffs2_dbg(1, "Expanded dnode to write from (0x%x-0x%x) to (0x%x-0x%x)\n",
1313 orig_start, orig_end, start, end);
1314
1315 D1(BUG_ON(end > frag_last(&f->fragtree)->ofs + frag_last(&f->fragtree)->size));
1316 BUG_ON(end < orig_end);
1317 BUG_ON(start > orig_start);
1318 }
1319
1320 /* The rules state that we must obtain the folio lock *before* f->sem, so
1321 * drop f->sem temporarily. Since we also hold c->alloc_sem, nothing's
1322 * actually going to *change* so we're safe; we only allow reading.
1323 *
1324 * It is important to note that jffs2_write_begin() will ensure that its
1325 * folio is marked uptodate before allocating space. That means that if we
1326 * end up here trying to GC the *same* folio that jffs2_write_begin() is
1327 * trying to write out, read_cache_folio() will not deadlock. */
1328 mutex_unlock(&f->sem);
1329 folio = read_cache_folio(inode->i_mapping, start >> PAGE_SHIFT,
1330 __jffs2_read_folio, NULL);
1331 if (IS_ERR(folio)) {
1332 pr_warn("read_cache_folio() returned error: %ld\n",
1333 PTR_ERR(folio));
1334 mutex_lock(&f->sem);
1335 return PTR_ERR(folio);
1336 }
1337
1338 pg_ptr = kmap_local_folio(folio, 0);
1339 mutex_lock(&f->sem);
1340
1341 offset = start;
1342 while(offset < orig_end) {
1343 uint32_t datalen;
1344 uint32_t cdatalen;
1345 uint16_t comprtype = JFFS2_COMPR_NONE;
1346
1347 ret = jffs2_reserve_space_gc(c, sizeof(ri) + JFFS2_MIN_DATA_LEN,
1348 &alloclen, JFFS2_SUMMARY_INODE_SIZE);
1349
1350 if (ret) {
1351 pr_warn("jffs2_reserve_space_gc of %zd bytes for garbage_collect_dnode failed: %d\n",
1352 sizeof(ri) + JFFS2_MIN_DATA_LEN, ret);
1353 break;
1354 }
1355 cdatalen = min_t(uint32_t, alloclen - sizeof(ri), end - offset);
1356 datalen = end - offset;
1357
1358 writebuf = pg_ptr + (offset & (PAGE_SIZE -1));
1359
1360 comprtype = jffs2_compress(c, f, writebuf, &comprbuf, &datalen, &cdatalen);
1361
1362 ri.magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
1363 ri.nodetype = cpu_to_je16(JFFS2_NODETYPE_INODE);
1364 ri.totlen = cpu_to_je32(sizeof(ri) + cdatalen);
1365 ri.hdr_crc = cpu_to_je32(crc32(0, &ri, sizeof(struct jffs2_unknown_node)-4));
1366
1367 ri.ino = cpu_to_je32(f->inocache->ino);
1368 ri.version = cpu_to_je32(++f->highest_version);
1369 ri.mode = cpu_to_jemode(JFFS2_F_I_MODE(f));
1370 ri.uid = cpu_to_je16(JFFS2_F_I_UID(f));
1371 ri.gid = cpu_to_je16(JFFS2_F_I_GID(f));
1372 ri.isize = cpu_to_je32(JFFS2_F_I_SIZE(f));
1373 ri.atime = cpu_to_je32(JFFS2_F_I_ATIME(f));
1374 ri.ctime = cpu_to_je32(JFFS2_F_I_CTIME(f));
1375 ri.mtime = cpu_to_je32(JFFS2_F_I_MTIME(f));
1376 ri.offset = cpu_to_je32(offset);
1377 ri.csize = cpu_to_je32(cdatalen);
1378 ri.dsize = cpu_to_je32(datalen);
1379 ri.compr = comprtype & 0xff;
1380 ri.usercompr = (comprtype >> 8) & 0xff;
1381 ri.node_crc = cpu_to_je32(crc32(0, &ri, sizeof(ri)-8));
1382 ri.data_crc = cpu_to_je32(crc32(0, comprbuf, cdatalen));
1383
1384 new_fn = jffs2_write_dnode(c, f, &ri, comprbuf, cdatalen, ALLOC_GC);
1385
1386 jffs2_free_comprbuf(comprbuf, writebuf);
1387
1388 if (IS_ERR(new_fn)) {
1389 pr_warn("Error writing new dnode: %ld\n",
1390 PTR_ERR(new_fn));
1391 ret = PTR_ERR(new_fn);
1392 break;
1393 }
1394 ret = jffs2_add_full_dnode_to_inode(c, f, new_fn);
1395 offset += datalen;
1396 if (f->metadata) {
1397 jffs2_mark_node_obsolete(c, f->metadata->raw);
1398 jffs2_free_full_dnode(f->metadata);
1399 f->metadata = NULL;
1400 }
1401 }
1402
1403 folio_release_kmap(folio, pg_ptr);
1404 return ret;
1405}