Loading...
1// SPDX-License-Identifier: GPL-2.0
2/*
3 * Copyright (c) 2000-2006 Silicon Graphics, Inc.
4 * All Rights Reserved.
5 */
6#include "xfs.h"
7#include <linux/backing-dev.h>
8#include <linux/dax.h>
9
10#include "xfs_shared.h"
11#include "xfs_format.h"
12#include "xfs_log_format.h"
13#include "xfs_trans_resv.h"
14#include "xfs_mount.h"
15#include "xfs_trace.h"
16#include "xfs_log.h"
17#include "xfs_log_recover.h"
18#include "xfs_log_priv.h"
19#include "xfs_trans.h"
20#include "xfs_buf_item.h"
21#include "xfs_errortag.h"
22#include "xfs_error.h"
23#include "xfs_ag.h"
24#include "xfs_buf_mem.h"
25
26struct kmem_cache *xfs_buf_cache;
27
28/*
29 * Locking orders
30 *
31 * xfs_buf_ioacct_inc:
32 * xfs_buf_ioacct_dec:
33 * b_sema (caller holds)
34 * b_lock
35 *
36 * xfs_buf_stale:
37 * b_sema (caller holds)
38 * b_lock
39 * lru_lock
40 *
41 * xfs_buf_rele:
42 * b_lock
43 * pag_buf_lock
44 * lru_lock
45 *
46 * xfs_buftarg_drain_rele
47 * lru_lock
48 * b_lock (trylock due to inversion)
49 *
50 * xfs_buftarg_isolate
51 * lru_lock
52 * b_lock (trylock due to inversion)
53 */
54
55static int __xfs_buf_submit(struct xfs_buf *bp, bool wait);
56
57static inline int
58xfs_buf_submit(
59 struct xfs_buf *bp)
60{
61 return __xfs_buf_submit(bp, !(bp->b_flags & XBF_ASYNC));
62}
63
64static inline bool xfs_buf_is_uncached(struct xfs_buf *bp)
65{
66 return bp->b_rhash_key == XFS_BUF_DADDR_NULL;
67}
68
69static inline int
70xfs_buf_is_vmapped(
71 struct xfs_buf *bp)
72{
73 /*
74 * Return true if the buffer is vmapped.
75 *
76 * b_addr is null if the buffer is not mapped, but the code is clever
77 * enough to know it doesn't have to map a single page, so the check has
78 * to be both for b_addr and bp->b_page_count > 1.
79 */
80 return bp->b_addr && bp->b_page_count > 1;
81}
82
83static inline int
84xfs_buf_vmap_len(
85 struct xfs_buf *bp)
86{
87 return (bp->b_page_count * PAGE_SIZE);
88}
89
90/*
91 * Bump the I/O in flight count on the buftarg if we haven't yet done so for
92 * this buffer. The count is incremented once per buffer (per hold cycle)
93 * because the corresponding decrement is deferred to buffer release. Buffers
94 * can undergo I/O multiple times in a hold-release cycle and per buffer I/O
95 * tracking adds unnecessary overhead. This is used for sychronization purposes
96 * with unmount (see xfs_buftarg_drain()), so all we really need is a count of
97 * in-flight buffers.
98 *
99 * Buffers that are never released (e.g., superblock, iclog buffers) must set
100 * the XBF_NO_IOACCT flag before I/O submission. Otherwise, the buftarg count
101 * never reaches zero and unmount hangs indefinitely.
102 */
103static inline void
104xfs_buf_ioacct_inc(
105 struct xfs_buf *bp)
106{
107 if (bp->b_flags & XBF_NO_IOACCT)
108 return;
109
110 ASSERT(bp->b_flags & XBF_ASYNC);
111 spin_lock(&bp->b_lock);
112 if (!(bp->b_state & XFS_BSTATE_IN_FLIGHT)) {
113 bp->b_state |= XFS_BSTATE_IN_FLIGHT;
114 percpu_counter_inc(&bp->b_target->bt_io_count);
115 }
116 spin_unlock(&bp->b_lock);
117}
118
119/*
120 * Clear the in-flight state on a buffer about to be released to the LRU or
121 * freed and unaccount from the buftarg.
122 */
123static inline void
124__xfs_buf_ioacct_dec(
125 struct xfs_buf *bp)
126{
127 lockdep_assert_held(&bp->b_lock);
128
129 if (bp->b_state & XFS_BSTATE_IN_FLIGHT) {
130 bp->b_state &= ~XFS_BSTATE_IN_FLIGHT;
131 percpu_counter_dec(&bp->b_target->bt_io_count);
132 }
133}
134
135static inline void
136xfs_buf_ioacct_dec(
137 struct xfs_buf *bp)
138{
139 spin_lock(&bp->b_lock);
140 __xfs_buf_ioacct_dec(bp);
141 spin_unlock(&bp->b_lock);
142}
143
144/*
145 * When we mark a buffer stale, we remove the buffer from the LRU and clear the
146 * b_lru_ref count so that the buffer is freed immediately when the buffer
147 * reference count falls to zero. If the buffer is already on the LRU, we need
148 * to remove the reference that LRU holds on the buffer.
149 *
150 * This prevents build-up of stale buffers on the LRU.
151 */
152void
153xfs_buf_stale(
154 struct xfs_buf *bp)
155{
156 ASSERT(xfs_buf_islocked(bp));
157
158 bp->b_flags |= XBF_STALE;
159
160 /*
161 * Clear the delwri status so that a delwri queue walker will not
162 * flush this buffer to disk now that it is stale. The delwri queue has
163 * a reference to the buffer, so this is safe to do.
164 */
165 bp->b_flags &= ~_XBF_DELWRI_Q;
166
167 /*
168 * Once the buffer is marked stale and unlocked, a subsequent lookup
169 * could reset b_flags. There is no guarantee that the buffer is
170 * unaccounted (released to LRU) before that occurs. Drop in-flight
171 * status now to preserve accounting consistency.
172 */
173 spin_lock(&bp->b_lock);
174 __xfs_buf_ioacct_dec(bp);
175
176 atomic_set(&bp->b_lru_ref, 0);
177 if (!(bp->b_state & XFS_BSTATE_DISPOSE) &&
178 (list_lru_del_obj(&bp->b_target->bt_lru, &bp->b_lru)))
179 atomic_dec(&bp->b_hold);
180
181 ASSERT(atomic_read(&bp->b_hold) >= 1);
182 spin_unlock(&bp->b_lock);
183}
184
185static int
186xfs_buf_get_maps(
187 struct xfs_buf *bp,
188 int map_count)
189{
190 ASSERT(bp->b_maps == NULL);
191 bp->b_map_count = map_count;
192
193 if (map_count == 1) {
194 bp->b_maps = &bp->__b_map;
195 return 0;
196 }
197
198 bp->b_maps = kzalloc(map_count * sizeof(struct xfs_buf_map),
199 GFP_KERNEL | __GFP_NOLOCKDEP | __GFP_NOFAIL);
200 if (!bp->b_maps)
201 return -ENOMEM;
202 return 0;
203}
204
205/*
206 * Frees b_pages if it was allocated.
207 */
208static void
209xfs_buf_free_maps(
210 struct xfs_buf *bp)
211{
212 if (bp->b_maps != &bp->__b_map) {
213 kfree(bp->b_maps);
214 bp->b_maps = NULL;
215 }
216}
217
218static int
219_xfs_buf_alloc(
220 struct xfs_buftarg *target,
221 struct xfs_buf_map *map,
222 int nmaps,
223 xfs_buf_flags_t flags,
224 struct xfs_buf **bpp)
225{
226 struct xfs_buf *bp;
227 int error;
228 int i;
229
230 *bpp = NULL;
231 bp = kmem_cache_zalloc(xfs_buf_cache,
232 GFP_KERNEL | __GFP_NOLOCKDEP | __GFP_NOFAIL);
233
234 /*
235 * We don't want certain flags to appear in b_flags unless they are
236 * specifically set by later operations on the buffer.
237 */
238 flags &= ~(XBF_UNMAPPED | XBF_TRYLOCK | XBF_ASYNC | XBF_READ_AHEAD);
239
240 atomic_set(&bp->b_hold, 1);
241 atomic_set(&bp->b_lru_ref, 1);
242 init_completion(&bp->b_iowait);
243 INIT_LIST_HEAD(&bp->b_lru);
244 INIT_LIST_HEAD(&bp->b_list);
245 INIT_LIST_HEAD(&bp->b_li_list);
246 sema_init(&bp->b_sema, 0); /* held, no waiters */
247 spin_lock_init(&bp->b_lock);
248 bp->b_target = target;
249 bp->b_mount = target->bt_mount;
250 bp->b_flags = flags;
251
252 /*
253 * Set length and io_length to the same value initially.
254 * I/O routines should use io_length, which will be the same in
255 * most cases but may be reset (e.g. XFS recovery).
256 */
257 error = xfs_buf_get_maps(bp, nmaps);
258 if (error) {
259 kmem_cache_free(xfs_buf_cache, bp);
260 return error;
261 }
262
263 bp->b_rhash_key = map[0].bm_bn;
264 bp->b_length = 0;
265 for (i = 0; i < nmaps; i++) {
266 bp->b_maps[i].bm_bn = map[i].bm_bn;
267 bp->b_maps[i].bm_len = map[i].bm_len;
268 bp->b_length += map[i].bm_len;
269 }
270
271 atomic_set(&bp->b_pin_count, 0);
272 init_waitqueue_head(&bp->b_waiters);
273
274 XFS_STATS_INC(bp->b_mount, xb_create);
275 trace_xfs_buf_init(bp, _RET_IP_);
276
277 *bpp = bp;
278 return 0;
279}
280
281static void
282xfs_buf_free_pages(
283 struct xfs_buf *bp)
284{
285 uint i;
286
287 ASSERT(bp->b_flags & _XBF_PAGES);
288
289 if (xfs_buf_is_vmapped(bp))
290 vm_unmap_ram(bp->b_addr, bp->b_page_count);
291
292 for (i = 0; i < bp->b_page_count; i++) {
293 if (bp->b_pages[i])
294 __free_page(bp->b_pages[i]);
295 }
296 mm_account_reclaimed_pages(bp->b_page_count);
297
298 if (bp->b_pages != bp->b_page_array)
299 kfree(bp->b_pages);
300 bp->b_pages = NULL;
301 bp->b_flags &= ~_XBF_PAGES;
302}
303
304static void
305xfs_buf_free_callback(
306 struct callback_head *cb)
307{
308 struct xfs_buf *bp = container_of(cb, struct xfs_buf, b_rcu);
309
310 xfs_buf_free_maps(bp);
311 kmem_cache_free(xfs_buf_cache, bp);
312}
313
314static void
315xfs_buf_free(
316 struct xfs_buf *bp)
317{
318 trace_xfs_buf_free(bp, _RET_IP_);
319
320 ASSERT(list_empty(&bp->b_lru));
321
322 if (xfs_buftarg_is_mem(bp->b_target))
323 xmbuf_unmap_page(bp);
324 else if (bp->b_flags & _XBF_PAGES)
325 xfs_buf_free_pages(bp);
326 else if (bp->b_flags & _XBF_KMEM)
327 kfree(bp->b_addr);
328
329 call_rcu(&bp->b_rcu, xfs_buf_free_callback);
330}
331
332static int
333xfs_buf_alloc_kmem(
334 struct xfs_buf *bp,
335 xfs_buf_flags_t flags)
336{
337 gfp_t gfp_mask = GFP_KERNEL | __GFP_NOLOCKDEP | __GFP_NOFAIL;
338 size_t size = BBTOB(bp->b_length);
339
340 /* Assure zeroed buffer for non-read cases. */
341 if (!(flags & XBF_READ))
342 gfp_mask |= __GFP_ZERO;
343
344 bp->b_addr = kmalloc(size, gfp_mask);
345 if (!bp->b_addr)
346 return -ENOMEM;
347
348 if (((unsigned long)(bp->b_addr + size - 1) & PAGE_MASK) !=
349 ((unsigned long)bp->b_addr & PAGE_MASK)) {
350 /* b_addr spans two pages - use alloc_page instead */
351 kfree(bp->b_addr);
352 bp->b_addr = NULL;
353 return -ENOMEM;
354 }
355 bp->b_offset = offset_in_page(bp->b_addr);
356 bp->b_pages = bp->b_page_array;
357 bp->b_pages[0] = kmem_to_page(bp->b_addr);
358 bp->b_page_count = 1;
359 bp->b_flags |= _XBF_KMEM;
360 return 0;
361}
362
363static int
364xfs_buf_alloc_pages(
365 struct xfs_buf *bp,
366 xfs_buf_flags_t flags)
367{
368 gfp_t gfp_mask = GFP_KERNEL | __GFP_NOLOCKDEP | __GFP_NOWARN;
369 long filled = 0;
370
371 if (flags & XBF_READ_AHEAD)
372 gfp_mask |= __GFP_NORETRY;
373
374 /* Make sure that we have a page list */
375 bp->b_page_count = DIV_ROUND_UP(BBTOB(bp->b_length), PAGE_SIZE);
376 if (bp->b_page_count <= XB_PAGES) {
377 bp->b_pages = bp->b_page_array;
378 } else {
379 bp->b_pages = kzalloc(sizeof(struct page *) * bp->b_page_count,
380 gfp_mask);
381 if (!bp->b_pages)
382 return -ENOMEM;
383 }
384 bp->b_flags |= _XBF_PAGES;
385
386 /* Assure zeroed buffer for non-read cases. */
387 if (!(flags & XBF_READ))
388 gfp_mask |= __GFP_ZERO;
389
390 /*
391 * Bulk filling of pages can take multiple calls. Not filling the entire
392 * array is not an allocation failure, so don't back off if we get at
393 * least one extra page.
394 */
395 for (;;) {
396 long last = filled;
397
398 filled = alloc_pages_bulk_array(gfp_mask, bp->b_page_count,
399 bp->b_pages);
400 if (filled == bp->b_page_count) {
401 XFS_STATS_INC(bp->b_mount, xb_page_found);
402 break;
403 }
404
405 if (filled != last)
406 continue;
407
408 if (flags & XBF_READ_AHEAD) {
409 xfs_buf_free_pages(bp);
410 return -ENOMEM;
411 }
412
413 XFS_STATS_INC(bp->b_mount, xb_page_retries);
414 memalloc_retry_wait(gfp_mask);
415 }
416 return 0;
417}
418
419/*
420 * Map buffer into kernel address-space if necessary.
421 */
422STATIC int
423_xfs_buf_map_pages(
424 struct xfs_buf *bp,
425 xfs_buf_flags_t flags)
426{
427 ASSERT(bp->b_flags & _XBF_PAGES);
428 if (bp->b_page_count == 1) {
429 /* A single page buffer is always mappable */
430 bp->b_addr = page_address(bp->b_pages[0]);
431 } else if (flags & XBF_UNMAPPED) {
432 bp->b_addr = NULL;
433 } else {
434 int retried = 0;
435 unsigned nofs_flag;
436
437 /*
438 * vm_map_ram() will allocate auxiliary structures (e.g.
439 * pagetables) with GFP_KERNEL, yet we often under a scoped nofs
440 * context here. Mixing GFP_KERNEL with GFP_NOFS allocations
441 * from the same call site that can be run from both above and
442 * below memory reclaim causes lockdep false positives. Hence we
443 * always need to force this allocation to nofs context because
444 * we can't pass __GFP_NOLOCKDEP down to auxillary structures to
445 * prevent false positive lockdep reports.
446 *
447 * XXX(dgc): I think dquot reclaim is the only place we can get
448 * to this function from memory reclaim context now. If we fix
449 * that like we've fixed inode reclaim to avoid writeback from
450 * reclaim, this nofs wrapping can go away.
451 */
452 nofs_flag = memalloc_nofs_save();
453 do {
454 bp->b_addr = vm_map_ram(bp->b_pages, bp->b_page_count,
455 -1);
456 if (bp->b_addr)
457 break;
458 vm_unmap_aliases();
459 } while (retried++ <= 1);
460 memalloc_nofs_restore(nofs_flag);
461
462 if (!bp->b_addr)
463 return -ENOMEM;
464 }
465
466 return 0;
467}
468
469/*
470 * Finding and Reading Buffers
471 */
472static int
473_xfs_buf_obj_cmp(
474 struct rhashtable_compare_arg *arg,
475 const void *obj)
476{
477 const struct xfs_buf_map *map = arg->key;
478 const struct xfs_buf *bp = obj;
479
480 /*
481 * The key hashing in the lookup path depends on the key being the
482 * first element of the compare_arg, make sure to assert this.
483 */
484 BUILD_BUG_ON(offsetof(struct xfs_buf_map, bm_bn) != 0);
485
486 if (bp->b_rhash_key != map->bm_bn)
487 return 1;
488
489 if (unlikely(bp->b_length != map->bm_len)) {
490 /*
491 * found a block number match. If the range doesn't
492 * match, the only way this is allowed is if the buffer
493 * in the cache is stale and the transaction that made
494 * it stale has not yet committed. i.e. we are
495 * reallocating a busy extent. Skip this buffer and
496 * continue searching for an exact match.
497 *
498 * Note: If we're scanning for incore buffers to stale, don't
499 * complain if we find non-stale buffers.
500 */
501 if (!(map->bm_flags & XBM_LIVESCAN))
502 ASSERT(bp->b_flags & XBF_STALE);
503 return 1;
504 }
505 return 0;
506}
507
508static const struct rhashtable_params xfs_buf_hash_params = {
509 .min_size = 32, /* empty AGs have minimal footprint */
510 .nelem_hint = 16,
511 .key_len = sizeof(xfs_daddr_t),
512 .key_offset = offsetof(struct xfs_buf, b_rhash_key),
513 .head_offset = offsetof(struct xfs_buf, b_rhash_head),
514 .automatic_shrinking = true,
515 .obj_cmpfn = _xfs_buf_obj_cmp,
516};
517
518int
519xfs_buf_cache_init(
520 struct xfs_buf_cache *bch)
521{
522 spin_lock_init(&bch->bc_lock);
523 return rhashtable_init(&bch->bc_hash, &xfs_buf_hash_params);
524}
525
526void
527xfs_buf_cache_destroy(
528 struct xfs_buf_cache *bch)
529{
530 rhashtable_destroy(&bch->bc_hash);
531}
532
533static int
534xfs_buf_map_verify(
535 struct xfs_buftarg *btp,
536 struct xfs_buf_map *map)
537{
538 xfs_daddr_t eofs;
539
540 /* Check for IOs smaller than the sector size / not sector aligned */
541 ASSERT(!(BBTOB(map->bm_len) < btp->bt_meta_sectorsize));
542 ASSERT(!(BBTOB(map->bm_bn) & (xfs_off_t)btp->bt_meta_sectormask));
543
544 /*
545 * Corrupted block numbers can get through to here, unfortunately, so we
546 * have to check that the buffer falls within the filesystem bounds.
547 */
548 eofs = XFS_FSB_TO_BB(btp->bt_mount, btp->bt_mount->m_sb.sb_dblocks);
549 if (map->bm_bn < 0 || map->bm_bn >= eofs) {
550 xfs_alert(btp->bt_mount,
551 "%s: daddr 0x%llx out of range, EOFS 0x%llx",
552 __func__, map->bm_bn, eofs);
553 WARN_ON(1);
554 return -EFSCORRUPTED;
555 }
556 return 0;
557}
558
559static int
560xfs_buf_find_lock(
561 struct xfs_buf *bp,
562 xfs_buf_flags_t flags)
563{
564 if (flags & XBF_TRYLOCK) {
565 if (!xfs_buf_trylock(bp)) {
566 XFS_STATS_INC(bp->b_mount, xb_busy_locked);
567 return -EAGAIN;
568 }
569 } else {
570 xfs_buf_lock(bp);
571 XFS_STATS_INC(bp->b_mount, xb_get_locked_waited);
572 }
573
574 /*
575 * if the buffer is stale, clear all the external state associated with
576 * it. We need to keep flags such as how we allocated the buffer memory
577 * intact here.
578 */
579 if (bp->b_flags & XBF_STALE) {
580 if (flags & XBF_LIVESCAN) {
581 xfs_buf_unlock(bp);
582 return -ENOENT;
583 }
584 ASSERT((bp->b_flags & _XBF_DELWRI_Q) == 0);
585 bp->b_flags &= _XBF_KMEM | _XBF_PAGES;
586 bp->b_ops = NULL;
587 }
588 return 0;
589}
590
591static inline int
592xfs_buf_lookup(
593 struct xfs_buf_cache *bch,
594 struct xfs_buf_map *map,
595 xfs_buf_flags_t flags,
596 struct xfs_buf **bpp)
597{
598 struct xfs_buf *bp;
599 int error;
600
601 rcu_read_lock();
602 bp = rhashtable_lookup(&bch->bc_hash, map, xfs_buf_hash_params);
603 if (!bp || !atomic_inc_not_zero(&bp->b_hold)) {
604 rcu_read_unlock();
605 return -ENOENT;
606 }
607 rcu_read_unlock();
608
609 error = xfs_buf_find_lock(bp, flags);
610 if (error) {
611 xfs_buf_rele(bp);
612 return error;
613 }
614
615 trace_xfs_buf_find(bp, flags, _RET_IP_);
616 *bpp = bp;
617 return 0;
618}
619
620/*
621 * Insert the new_bp into the hash table. This consumes the perag reference
622 * taken for the lookup regardless of the result of the insert.
623 */
624static int
625xfs_buf_find_insert(
626 struct xfs_buftarg *btp,
627 struct xfs_buf_cache *bch,
628 struct xfs_perag *pag,
629 struct xfs_buf_map *cmap,
630 struct xfs_buf_map *map,
631 int nmaps,
632 xfs_buf_flags_t flags,
633 struct xfs_buf **bpp)
634{
635 struct xfs_buf *new_bp;
636 struct xfs_buf *bp;
637 int error;
638
639 error = _xfs_buf_alloc(btp, map, nmaps, flags, &new_bp);
640 if (error)
641 goto out_drop_pag;
642
643 if (xfs_buftarg_is_mem(new_bp->b_target)) {
644 error = xmbuf_map_page(new_bp);
645 } else if (BBTOB(new_bp->b_length) >= PAGE_SIZE ||
646 xfs_buf_alloc_kmem(new_bp, flags) < 0) {
647 /*
648 * For buffers that fit entirely within a single page, first
649 * attempt to allocate the memory from the heap to minimise
650 * memory usage. If we can't get heap memory for these small
651 * buffers, we fall back to using the page allocator.
652 */
653 error = xfs_buf_alloc_pages(new_bp, flags);
654 }
655 if (error)
656 goto out_free_buf;
657
658 spin_lock(&bch->bc_lock);
659 bp = rhashtable_lookup_get_insert_fast(&bch->bc_hash,
660 &new_bp->b_rhash_head, xfs_buf_hash_params);
661 if (IS_ERR(bp)) {
662 error = PTR_ERR(bp);
663 spin_unlock(&bch->bc_lock);
664 goto out_free_buf;
665 }
666 if (bp && atomic_inc_not_zero(&bp->b_hold)) {
667 /* found an existing buffer */
668 spin_unlock(&bch->bc_lock);
669 error = xfs_buf_find_lock(bp, flags);
670 if (error)
671 xfs_buf_rele(bp);
672 else
673 *bpp = bp;
674 goto out_free_buf;
675 }
676
677 /* The new buffer keeps the perag reference until it is freed. */
678 new_bp->b_pag = pag;
679 spin_unlock(&bch->bc_lock);
680 *bpp = new_bp;
681 return 0;
682
683out_free_buf:
684 xfs_buf_free(new_bp);
685out_drop_pag:
686 if (pag)
687 xfs_perag_put(pag);
688 return error;
689}
690
691static inline struct xfs_perag *
692xfs_buftarg_get_pag(
693 struct xfs_buftarg *btp,
694 const struct xfs_buf_map *map)
695{
696 struct xfs_mount *mp = btp->bt_mount;
697
698 if (xfs_buftarg_is_mem(btp))
699 return NULL;
700 return xfs_perag_get(mp, xfs_daddr_to_agno(mp, map->bm_bn));
701}
702
703static inline struct xfs_buf_cache *
704xfs_buftarg_buf_cache(
705 struct xfs_buftarg *btp,
706 struct xfs_perag *pag)
707{
708 if (pag)
709 return &pag->pag_bcache;
710 return btp->bt_cache;
711}
712
713/*
714 * Assembles a buffer covering the specified range. The code is optimised for
715 * cache hits, as metadata intensive workloads will see 3 orders of magnitude
716 * more hits than misses.
717 */
718int
719xfs_buf_get_map(
720 struct xfs_buftarg *btp,
721 struct xfs_buf_map *map,
722 int nmaps,
723 xfs_buf_flags_t flags,
724 struct xfs_buf **bpp)
725{
726 struct xfs_buf_cache *bch;
727 struct xfs_perag *pag;
728 struct xfs_buf *bp = NULL;
729 struct xfs_buf_map cmap = { .bm_bn = map[0].bm_bn };
730 int error;
731 int i;
732
733 if (flags & XBF_LIVESCAN)
734 cmap.bm_flags |= XBM_LIVESCAN;
735 for (i = 0; i < nmaps; i++)
736 cmap.bm_len += map[i].bm_len;
737
738 error = xfs_buf_map_verify(btp, &cmap);
739 if (error)
740 return error;
741
742 pag = xfs_buftarg_get_pag(btp, &cmap);
743 bch = xfs_buftarg_buf_cache(btp, pag);
744
745 error = xfs_buf_lookup(bch, &cmap, flags, &bp);
746 if (error && error != -ENOENT)
747 goto out_put_perag;
748
749 /* cache hits always outnumber misses by at least 10:1 */
750 if (unlikely(!bp)) {
751 XFS_STATS_INC(btp->bt_mount, xb_miss_locked);
752
753 if (flags & XBF_INCORE)
754 goto out_put_perag;
755
756 /* xfs_buf_find_insert() consumes the perag reference. */
757 error = xfs_buf_find_insert(btp, bch, pag, &cmap, map, nmaps,
758 flags, &bp);
759 if (error)
760 return error;
761 } else {
762 XFS_STATS_INC(btp->bt_mount, xb_get_locked);
763 if (pag)
764 xfs_perag_put(pag);
765 }
766
767 /* We do not hold a perag reference anymore. */
768 if (!bp->b_addr) {
769 error = _xfs_buf_map_pages(bp, flags);
770 if (unlikely(error)) {
771 xfs_warn_ratelimited(btp->bt_mount,
772 "%s: failed to map %u pages", __func__,
773 bp->b_page_count);
774 xfs_buf_relse(bp);
775 return error;
776 }
777 }
778
779 /*
780 * Clear b_error if this is a lookup from a caller that doesn't expect
781 * valid data to be found in the buffer.
782 */
783 if (!(flags & XBF_READ))
784 xfs_buf_ioerror(bp, 0);
785
786 XFS_STATS_INC(btp->bt_mount, xb_get);
787 trace_xfs_buf_get(bp, flags, _RET_IP_);
788 *bpp = bp;
789 return 0;
790
791out_put_perag:
792 if (pag)
793 xfs_perag_put(pag);
794 return error;
795}
796
797int
798_xfs_buf_read(
799 struct xfs_buf *bp,
800 xfs_buf_flags_t flags)
801{
802 ASSERT(!(flags & XBF_WRITE));
803 ASSERT(bp->b_maps[0].bm_bn != XFS_BUF_DADDR_NULL);
804
805 bp->b_flags &= ~(XBF_WRITE | XBF_ASYNC | XBF_READ_AHEAD | XBF_DONE);
806 bp->b_flags |= flags & (XBF_READ | XBF_ASYNC | XBF_READ_AHEAD);
807
808 return xfs_buf_submit(bp);
809}
810
811/*
812 * Reverify a buffer found in cache without an attached ->b_ops.
813 *
814 * If the caller passed an ops structure and the buffer doesn't have ops
815 * assigned, set the ops and use it to verify the contents. If verification
816 * fails, clear XBF_DONE. We assume the buffer has no recorded errors and is
817 * already in XBF_DONE state on entry.
818 *
819 * Under normal operations, every in-core buffer is verified on read I/O
820 * completion. There are two scenarios that can lead to in-core buffers without
821 * an assigned ->b_ops. The first is during log recovery of buffers on a V4
822 * filesystem, though these buffers are purged at the end of recovery. The
823 * other is online repair, which intentionally reads with a NULL buffer ops to
824 * run several verifiers across an in-core buffer in order to establish buffer
825 * type. If repair can't establish that, the buffer will be left in memory
826 * with NULL buffer ops.
827 */
828int
829xfs_buf_reverify(
830 struct xfs_buf *bp,
831 const struct xfs_buf_ops *ops)
832{
833 ASSERT(bp->b_flags & XBF_DONE);
834 ASSERT(bp->b_error == 0);
835
836 if (!ops || bp->b_ops)
837 return 0;
838
839 bp->b_ops = ops;
840 bp->b_ops->verify_read(bp);
841 if (bp->b_error)
842 bp->b_flags &= ~XBF_DONE;
843 return bp->b_error;
844}
845
846int
847xfs_buf_read_map(
848 struct xfs_buftarg *target,
849 struct xfs_buf_map *map,
850 int nmaps,
851 xfs_buf_flags_t flags,
852 struct xfs_buf **bpp,
853 const struct xfs_buf_ops *ops,
854 xfs_failaddr_t fa)
855{
856 struct xfs_buf *bp;
857 int error;
858
859 flags |= XBF_READ;
860 *bpp = NULL;
861
862 error = xfs_buf_get_map(target, map, nmaps, flags, &bp);
863 if (error)
864 return error;
865
866 trace_xfs_buf_read(bp, flags, _RET_IP_);
867
868 if (!(bp->b_flags & XBF_DONE)) {
869 /* Initiate the buffer read and wait. */
870 XFS_STATS_INC(target->bt_mount, xb_get_read);
871 bp->b_ops = ops;
872 error = _xfs_buf_read(bp, flags);
873
874 /* Readahead iodone already dropped the buffer, so exit. */
875 if (flags & XBF_ASYNC)
876 return 0;
877 } else {
878 /* Buffer already read; all we need to do is check it. */
879 error = xfs_buf_reverify(bp, ops);
880
881 /* Readahead already finished; drop the buffer and exit. */
882 if (flags & XBF_ASYNC) {
883 xfs_buf_relse(bp);
884 return 0;
885 }
886
887 /* We do not want read in the flags */
888 bp->b_flags &= ~XBF_READ;
889 ASSERT(bp->b_ops != NULL || ops == NULL);
890 }
891
892 /*
893 * If we've had a read error, then the contents of the buffer are
894 * invalid and should not be used. To ensure that a followup read tries
895 * to pull the buffer from disk again, we clear the XBF_DONE flag and
896 * mark the buffer stale. This ensures that anyone who has a current
897 * reference to the buffer will interpret it's contents correctly and
898 * future cache lookups will also treat it as an empty, uninitialised
899 * buffer.
900 */
901 if (error) {
902 /*
903 * Check against log shutdown for error reporting because
904 * metadata writeback may require a read first and we need to
905 * report errors in metadata writeback until the log is shut
906 * down. High level transaction read functions already check
907 * against mount shutdown, anyway, so we only need to be
908 * concerned about low level IO interactions here.
909 */
910 if (!xlog_is_shutdown(target->bt_mount->m_log))
911 xfs_buf_ioerror_alert(bp, fa);
912
913 bp->b_flags &= ~XBF_DONE;
914 xfs_buf_stale(bp);
915 xfs_buf_relse(bp);
916
917 /* bad CRC means corrupted metadata */
918 if (error == -EFSBADCRC)
919 error = -EFSCORRUPTED;
920 return error;
921 }
922
923 *bpp = bp;
924 return 0;
925}
926
927/*
928 * If we are not low on memory then do the readahead in a deadlock
929 * safe manner.
930 */
931void
932xfs_buf_readahead_map(
933 struct xfs_buftarg *target,
934 struct xfs_buf_map *map,
935 int nmaps,
936 const struct xfs_buf_ops *ops)
937{
938 struct xfs_buf *bp;
939
940 /*
941 * Currently we don't have a good means or justification for performing
942 * xmbuf_map_page asynchronously, so we don't do readahead.
943 */
944 if (xfs_buftarg_is_mem(target))
945 return;
946
947 xfs_buf_read_map(target, map, nmaps,
948 XBF_TRYLOCK | XBF_ASYNC | XBF_READ_AHEAD, &bp, ops,
949 __this_address);
950}
951
952/*
953 * Read an uncached buffer from disk. Allocates and returns a locked
954 * buffer containing the disk contents or nothing. Uncached buffers always have
955 * a cache index of XFS_BUF_DADDR_NULL so we can easily determine if the buffer
956 * is cached or uncached during fault diagnosis.
957 */
958int
959xfs_buf_read_uncached(
960 struct xfs_buftarg *target,
961 xfs_daddr_t daddr,
962 size_t numblks,
963 xfs_buf_flags_t flags,
964 struct xfs_buf **bpp,
965 const struct xfs_buf_ops *ops)
966{
967 struct xfs_buf *bp;
968 int error;
969
970 *bpp = NULL;
971
972 error = xfs_buf_get_uncached(target, numblks, flags, &bp);
973 if (error)
974 return error;
975
976 /* set up the buffer for a read IO */
977 ASSERT(bp->b_map_count == 1);
978 bp->b_rhash_key = XFS_BUF_DADDR_NULL;
979 bp->b_maps[0].bm_bn = daddr;
980 bp->b_flags |= XBF_READ;
981 bp->b_ops = ops;
982
983 xfs_buf_submit(bp);
984 if (bp->b_error) {
985 error = bp->b_error;
986 xfs_buf_relse(bp);
987 return error;
988 }
989
990 *bpp = bp;
991 return 0;
992}
993
994int
995xfs_buf_get_uncached(
996 struct xfs_buftarg *target,
997 size_t numblks,
998 xfs_buf_flags_t flags,
999 struct xfs_buf **bpp)
1000{
1001 int error;
1002 struct xfs_buf *bp;
1003 DEFINE_SINGLE_BUF_MAP(map, XFS_BUF_DADDR_NULL, numblks);
1004
1005 *bpp = NULL;
1006
1007 /* flags might contain irrelevant bits, pass only what we care about */
1008 error = _xfs_buf_alloc(target, &map, 1, flags & XBF_NO_IOACCT, &bp);
1009 if (error)
1010 return error;
1011
1012 if (xfs_buftarg_is_mem(bp->b_target))
1013 error = xmbuf_map_page(bp);
1014 else
1015 error = xfs_buf_alloc_pages(bp, flags);
1016 if (error)
1017 goto fail_free_buf;
1018
1019 error = _xfs_buf_map_pages(bp, 0);
1020 if (unlikely(error)) {
1021 xfs_warn(target->bt_mount,
1022 "%s: failed to map pages", __func__);
1023 goto fail_free_buf;
1024 }
1025
1026 trace_xfs_buf_get_uncached(bp, _RET_IP_);
1027 *bpp = bp;
1028 return 0;
1029
1030fail_free_buf:
1031 xfs_buf_free(bp);
1032 return error;
1033}
1034
1035/*
1036 * Increment reference count on buffer, to hold the buffer concurrently
1037 * with another thread which may release (free) the buffer asynchronously.
1038 * Must hold the buffer already to call this function.
1039 */
1040void
1041xfs_buf_hold(
1042 struct xfs_buf *bp)
1043{
1044 trace_xfs_buf_hold(bp, _RET_IP_);
1045 atomic_inc(&bp->b_hold);
1046}
1047
1048static void
1049xfs_buf_rele_uncached(
1050 struct xfs_buf *bp)
1051{
1052 ASSERT(list_empty(&bp->b_lru));
1053 if (atomic_dec_and_test(&bp->b_hold)) {
1054 xfs_buf_ioacct_dec(bp);
1055 xfs_buf_free(bp);
1056 }
1057}
1058
1059static void
1060xfs_buf_rele_cached(
1061 struct xfs_buf *bp)
1062{
1063 struct xfs_buftarg *btp = bp->b_target;
1064 struct xfs_perag *pag = bp->b_pag;
1065 struct xfs_buf_cache *bch = xfs_buftarg_buf_cache(btp, pag);
1066 bool release;
1067 bool freebuf = false;
1068
1069 trace_xfs_buf_rele(bp, _RET_IP_);
1070
1071 ASSERT(atomic_read(&bp->b_hold) > 0);
1072
1073 /*
1074 * We grab the b_lock here first to serialise racing xfs_buf_rele()
1075 * calls. The pag_buf_lock being taken on the last reference only
1076 * serialises against racing lookups in xfs_buf_find(). IOWs, the second
1077 * to last reference we drop here is not serialised against the last
1078 * reference until we take bp->b_lock. Hence if we don't grab b_lock
1079 * first, the last "release" reference can win the race to the lock and
1080 * free the buffer before the second-to-last reference is processed,
1081 * leading to a use-after-free scenario.
1082 */
1083 spin_lock(&bp->b_lock);
1084 release = atomic_dec_and_lock(&bp->b_hold, &bch->bc_lock);
1085 if (!release) {
1086 /*
1087 * Drop the in-flight state if the buffer is already on the LRU
1088 * and it holds the only reference. This is racy because we
1089 * haven't acquired the pag lock, but the use of _XBF_IN_FLIGHT
1090 * ensures the decrement occurs only once per-buf.
1091 */
1092 if ((atomic_read(&bp->b_hold) == 1) && !list_empty(&bp->b_lru))
1093 __xfs_buf_ioacct_dec(bp);
1094 goto out_unlock;
1095 }
1096
1097 /* the last reference has been dropped ... */
1098 __xfs_buf_ioacct_dec(bp);
1099 if (!(bp->b_flags & XBF_STALE) && atomic_read(&bp->b_lru_ref)) {
1100 /*
1101 * If the buffer is added to the LRU take a new reference to the
1102 * buffer for the LRU and clear the (now stale) dispose list
1103 * state flag
1104 */
1105 if (list_lru_add_obj(&btp->bt_lru, &bp->b_lru)) {
1106 bp->b_state &= ~XFS_BSTATE_DISPOSE;
1107 atomic_inc(&bp->b_hold);
1108 }
1109 spin_unlock(&bch->bc_lock);
1110 } else {
1111 /*
1112 * most of the time buffers will already be removed from the
1113 * LRU, so optimise that case by checking for the
1114 * XFS_BSTATE_DISPOSE flag indicating the last list the buffer
1115 * was on was the disposal list
1116 */
1117 if (!(bp->b_state & XFS_BSTATE_DISPOSE)) {
1118 list_lru_del_obj(&btp->bt_lru, &bp->b_lru);
1119 } else {
1120 ASSERT(list_empty(&bp->b_lru));
1121 }
1122
1123 ASSERT(!(bp->b_flags & _XBF_DELWRI_Q));
1124 rhashtable_remove_fast(&bch->bc_hash, &bp->b_rhash_head,
1125 xfs_buf_hash_params);
1126 spin_unlock(&bch->bc_lock);
1127 if (pag)
1128 xfs_perag_put(pag);
1129 freebuf = true;
1130 }
1131
1132out_unlock:
1133 spin_unlock(&bp->b_lock);
1134
1135 if (freebuf)
1136 xfs_buf_free(bp);
1137}
1138
1139/*
1140 * Release a hold on the specified buffer.
1141 */
1142void
1143xfs_buf_rele(
1144 struct xfs_buf *bp)
1145{
1146 trace_xfs_buf_rele(bp, _RET_IP_);
1147 if (xfs_buf_is_uncached(bp))
1148 xfs_buf_rele_uncached(bp);
1149 else
1150 xfs_buf_rele_cached(bp);
1151}
1152
1153/*
1154 * Lock a buffer object, if it is not already locked.
1155 *
1156 * If we come across a stale, pinned, locked buffer, we know that we are
1157 * being asked to lock a buffer that has been reallocated. Because it is
1158 * pinned, we know that the log has not been pushed to disk and hence it
1159 * will still be locked. Rather than continuing to have trylock attempts
1160 * fail until someone else pushes the log, push it ourselves before
1161 * returning. This means that the xfsaild will not get stuck trying
1162 * to push on stale inode buffers.
1163 */
1164int
1165xfs_buf_trylock(
1166 struct xfs_buf *bp)
1167{
1168 int locked;
1169
1170 locked = down_trylock(&bp->b_sema) == 0;
1171 if (locked)
1172 trace_xfs_buf_trylock(bp, _RET_IP_);
1173 else
1174 trace_xfs_buf_trylock_fail(bp, _RET_IP_);
1175 return locked;
1176}
1177
1178/*
1179 * Lock a buffer object.
1180 *
1181 * If we come across a stale, pinned, locked buffer, we know that we
1182 * are being asked to lock a buffer that has been reallocated. Because
1183 * it is pinned, we know that the log has not been pushed to disk and
1184 * hence it will still be locked. Rather than sleeping until someone
1185 * else pushes the log, push it ourselves before trying to get the lock.
1186 */
1187void
1188xfs_buf_lock(
1189 struct xfs_buf *bp)
1190{
1191 trace_xfs_buf_lock(bp, _RET_IP_);
1192
1193 if (atomic_read(&bp->b_pin_count) && (bp->b_flags & XBF_STALE))
1194 xfs_log_force(bp->b_mount, 0);
1195 down(&bp->b_sema);
1196
1197 trace_xfs_buf_lock_done(bp, _RET_IP_);
1198}
1199
1200void
1201xfs_buf_unlock(
1202 struct xfs_buf *bp)
1203{
1204 ASSERT(xfs_buf_islocked(bp));
1205
1206 up(&bp->b_sema);
1207 trace_xfs_buf_unlock(bp, _RET_IP_);
1208}
1209
1210STATIC void
1211xfs_buf_wait_unpin(
1212 struct xfs_buf *bp)
1213{
1214 DECLARE_WAITQUEUE (wait, current);
1215
1216 if (atomic_read(&bp->b_pin_count) == 0)
1217 return;
1218
1219 add_wait_queue(&bp->b_waiters, &wait);
1220 for (;;) {
1221 set_current_state(TASK_UNINTERRUPTIBLE);
1222 if (atomic_read(&bp->b_pin_count) == 0)
1223 break;
1224 io_schedule();
1225 }
1226 remove_wait_queue(&bp->b_waiters, &wait);
1227 set_current_state(TASK_RUNNING);
1228}
1229
1230static void
1231xfs_buf_ioerror_alert_ratelimited(
1232 struct xfs_buf *bp)
1233{
1234 static unsigned long lasttime;
1235 static struct xfs_buftarg *lasttarg;
1236
1237 if (bp->b_target != lasttarg ||
1238 time_after(jiffies, (lasttime + 5*HZ))) {
1239 lasttime = jiffies;
1240 xfs_buf_ioerror_alert(bp, __this_address);
1241 }
1242 lasttarg = bp->b_target;
1243}
1244
1245/*
1246 * Account for this latest trip around the retry handler, and decide if
1247 * we've failed enough times to constitute a permanent failure.
1248 */
1249static bool
1250xfs_buf_ioerror_permanent(
1251 struct xfs_buf *bp,
1252 struct xfs_error_cfg *cfg)
1253{
1254 struct xfs_mount *mp = bp->b_mount;
1255
1256 if (cfg->max_retries != XFS_ERR_RETRY_FOREVER &&
1257 ++bp->b_retries > cfg->max_retries)
1258 return true;
1259 if (cfg->retry_timeout != XFS_ERR_RETRY_FOREVER &&
1260 time_after(jiffies, cfg->retry_timeout + bp->b_first_retry_time))
1261 return true;
1262
1263 /* At unmount we may treat errors differently */
1264 if (xfs_is_unmounting(mp) && mp->m_fail_unmount)
1265 return true;
1266
1267 return false;
1268}
1269
1270/*
1271 * On a sync write or shutdown we just want to stale the buffer and let the
1272 * caller handle the error in bp->b_error appropriately.
1273 *
1274 * If the write was asynchronous then no one will be looking for the error. If
1275 * this is the first failure of this type, clear the error state and write the
1276 * buffer out again. This means we always retry an async write failure at least
1277 * once, but we also need to set the buffer up to behave correctly now for
1278 * repeated failures.
1279 *
1280 * If we get repeated async write failures, then we take action according to the
1281 * error configuration we have been set up to use.
1282 *
1283 * Returns true if this function took care of error handling and the caller must
1284 * not touch the buffer again. Return false if the caller should proceed with
1285 * normal I/O completion handling.
1286 */
1287static bool
1288xfs_buf_ioend_handle_error(
1289 struct xfs_buf *bp)
1290{
1291 struct xfs_mount *mp = bp->b_mount;
1292 struct xfs_error_cfg *cfg;
1293
1294 /*
1295 * If we've already shutdown the journal because of I/O errors, there's
1296 * no point in giving this a retry.
1297 */
1298 if (xlog_is_shutdown(mp->m_log))
1299 goto out_stale;
1300
1301 xfs_buf_ioerror_alert_ratelimited(bp);
1302
1303 /*
1304 * We're not going to bother about retrying this during recovery.
1305 * One strike!
1306 */
1307 if (bp->b_flags & _XBF_LOGRECOVERY) {
1308 xfs_force_shutdown(mp, SHUTDOWN_META_IO_ERROR);
1309 return false;
1310 }
1311
1312 /*
1313 * Synchronous writes will have callers process the error.
1314 */
1315 if (!(bp->b_flags & XBF_ASYNC))
1316 goto out_stale;
1317
1318 trace_xfs_buf_iodone_async(bp, _RET_IP_);
1319
1320 cfg = xfs_error_get_cfg(mp, XFS_ERR_METADATA, bp->b_error);
1321 if (bp->b_last_error != bp->b_error ||
1322 !(bp->b_flags & (XBF_STALE | XBF_WRITE_FAIL))) {
1323 bp->b_last_error = bp->b_error;
1324 if (cfg->retry_timeout != XFS_ERR_RETRY_FOREVER &&
1325 !bp->b_first_retry_time)
1326 bp->b_first_retry_time = jiffies;
1327 goto resubmit;
1328 }
1329
1330 /*
1331 * Permanent error - we need to trigger a shutdown if we haven't already
1332 * to indicate that inconsistency will result from this action.
1333 */
1334 if (xfs_buf_ioerror_permanent(bp, cfg)) {
1335 xfs_force_shutdown(mp, SHUTDOWN_META_IO_ERROR);
1336 goto out_stale;
1337 }
1338
1339 /* Still considered a transient error. Caller will schedule retries. */
1340 if (bp->b_flags & _XBF_INODES)
1341 xfs_buf_inode_io_fail(bp);
1342 else if (bp->b_flags & _XBF_DQUOTS)
1343 xfs_buf_dquot_io_fail(bp);
1344 else
1345 ASSERT(list_empty(&bp->b_li_list));
1346 xfs_buf_ioerror(bp, 0);
1347 xfs_buf_relse(bp);
1348 return true;
1349
1350resubmit:
1351 xfs_buf_ioerror(bp, 0);
1352 bp->b_flags |= (XBF_DONE | XBF_WRITE_FAIL);
1353 xfs_buf_submit(bp);
1354 return true;
1355out_stale:
1356 xfs_buf_stale(bp);
1357 bp->b_flags |= XBF_DONE;
1358 bp->b_flags &= ~XBF_WRITE;
1359 trace_xfs_buf_error_relse(bp, _RET_IP_);
1360 return false;
1361}
1362
1363static void
1364xfs_buf_ioend(
1365 struct xfs_buf *bp)
1366{
1367 trace_xfs_buf_iodone(bp, _RET_IP_);
1368
1369 /*
1370 * Pull in IO completion errors now. We are guaranteed to be running
1371 * single threaded, so we don't need the lock to read b_io_error.
1372 */
1373 if (!bp->b_error && bp->b_io_error)
1374 xfs_buf_ioerror(bp, bp->b_io_error);
1375
1376 if (bp->b_flags & XBF_READ) {
1377 if (!bp->b_error && bp->b_ops)
1378 bp->b_ops->verify_read(bp);
1379 if (!bp->b_error)
1380 bp->b_flags |= XBF_DONE;
1381 } else {
1382 if (!bp->b_error) {
1383 bp->b_flags &= ~XBF_WRITE_FAIL;
1384 bp->b_flags |= XBF_DONE;
1385 }
1386
1387 if (unlikely(bp->b_error) && xfs_buf_ioend_handle_error(bp))
1388 return;
1389
1390 /* clear the retry state */
1391 bp->b_last_error = 0;
1392 bp->b_retries = 0;
1393 bp->b_first_retry_time = 0;
1394
1395 /*
1396 * Note that for things like remote attribute buffers, there may
1397 * not be a buffer log item here, so processing the buffer log
1398 * item must remain optional.
1399 */
1400 if (bp->b_log_item)
1401 xfs_buf_item_done(bp);
1402
1403 if (bp->b_flags & _XBF_INODES)
1404 xfs_buf_inode_iodone(bp);
1405 else if (bp->b_flags & _XBF_DQUOTS)
1406 xfs_buf_dquot_iodone(bp);
1407
1408 }
1409
1410 bp->b_flags &= ~(XBF_READ | XBF_WRITE | XBF_READ_AHEAD |
1411 _XBF_LOGRECOVERY);
1412
1413 if (bp->b_flags & XBF_ASYNC)
1414 xfs_buf_relse(bp);
1415 else
1416 complete(&bp->b_iowait);
1417}
1418
1419static void
1420xfs_buf_ioend_work(
1421 struct work_struct *work)
1422{
1423 struct xfs_buf *bp =
1424 container_of(work, struct xfs_buf, b_ioend_work);
1425
1426 xfs_buf_ioend(bp);
1427}
1428
1429static void
1430xfs_buf_ioend_async(
1431 struct xfs_buf *bp)
1432{
1433 INIT_WORK(&bp->b_ioend_work, xfs_buf_ioend_work);
1434 queue_work(bp->b_mount->m_buf_workqueue, &bp->b_ioend_work);
1435}
1436
1437void
1438__xfs_buf_ioerror(
1439 struct xfs_buf *bp,
1440 int error,
1441 xfs_failaddr_t failaddr)
1442{
1443 ASSERT(error <= 0 && error >= -1000);
1444 bp->b_error = error;
1445 trace_xfs_buf_ioerror(bp, error, failaddr);
1446}
1447
1448void
1449xfs_buf_ioerror_alert(
1450 struct xfs_buf *bp,
1451 xfs_failaddr_t func)
1452{
1453 xfs_buf_alert_ratelimited(bp, "XFS: metadata IO error",
1454 "metadata I/O error in \"%pS\" at daddr 0x%llx len %d error %d",
1455 func, (uint64_t)xfs_buf_daddr(bp),
1456 bp->b_length, -bp->b_error);
1457}
1458
1459/*
1460 * To simulate an I/O failure, the buffer must be locked and held with at least
1461 * three references. The LRU reference is dropped by the stale call. The buf
1462 * item reference is dropped via ioend processing. The third reference is owned
1463 * by the caller and is dropped on I/O completion if the buffer is XBF_ASYNC.
1464 */
1465void
1466xfs_buf_ioend_fail(
1467 struct xfs_buf *bp)
1468{
1469 bp->b_flags &= ~XBF_DONE;
1470 xfs_buf_stale(bp);
1471 xfs_buf_ioerror(bp, -EIO);
1472 xfs_buf_ioend(bp);
1473}
1474
1475int
1476xfs_bwrite(
1477 struct xfs_buf *bp)
1478{
1479 int error;
1480
1481 ASSERT(xfs_buf_islocked(bp));
1482
1483 bp->b_flags |= XBF_WRITE;
1484 bp->b_flags &= ~(XBF_ASYNC | XBF_READ | _XBF_DELWRI_Q |
1485 XBF_DONE);
1486
1487 error = xfs_buf_submit(bp);
1488 if (error)
1489 xfs_force_shutdown(bp->b_mount, SHUTDOWN_META_IO_ERROR);
1490 return error;
1491}
1492
1493static void
1494xfs_buf_bio_end_io(
1495 struct bio *bio)
1496{
1497 struct xfs_buf *bp = (struct xfs_buf *)bio->bi_private;
1498
1499 if (!bio->bi_status &&
1500 (bp->b_flags & XBF_WRITE) && (bp->b_flags & XBF_ASYNC) &&
1501 XFS_TEST_ERROR(false, bp->b_mount, XFS_ERRTAG_BUF_IOERROR))
1502 bio->bi_status = BLK_STS_IOERR;
1503
1504 /*
1505 * don't overwrite existing errors - otherwise we can lose errors on
1506 * buffers that require multiple bios to complete.
1507 */
1508 if (bio->bi_status) {
1509 int error = blk_status_to_errno(bio->bi_status);
1510
1511 cmpxchg(&bp->b_io_error, 0, error);
1512 }
1513
1514 if (!bp->b_error && xfs_buf_is_vmapped(bp) && (bp->b_flags & XBF_READ))
1515 invalidate_kernel_vmap_range(bp->b_addr, xfs_buf_vmap_len(bp));
1516
1517 if (atomic_dec_and_test(&bp->b_io_remaining) == 1)
1518 xfs_buf_ioend_async(bp);
1519 bio_put(bio);
1520}
1521
1522static void
1523xfs_buf_ioapply_map(
1524 struct xfs_buf *bp,
1525 int map,
1526 int *buf_offset,
1527 int *count,
1528 blk_opf_t op)
1529{
1530 int page_index;
1531 unsigned int total_nr_pages = bp->b_page_count;
1532 int nr_pages;
1533 struct bio *bio;
1534 sector_t sector = bp->b_maps[map].bm_bn;
1535 int size;
1536 int offset;
1537
1538 /* skip the pages in the buffer before the start offset */
1539 page_index = 0;
1540 offset = *buf_offset;
1541 while (offset >= PAGE_SIZE) {
1542 page_index++;
1543 offset -= PAGE_SIZE;
1544 }
1545
1546 /*
1547 * Limit the IO size to the length of the current vector, and update the
1548 * remaining IO count for the next time around.
1549 */
1550 size = min_t(int, BBTOB(bp->b_maps[map].bm_len), *count);
1551 *count -= size;
1552 *buf_offset += size;
1553
1554next_chunk:
1555 atomic_inc(&bp->b_io_remaining);
1556 nr_pages = bio_max_segs(total_nr_pages);
1557
1558 bio = bio_alloc(bp->b_target->bt_bdev, nr_pages, op, GFP_NOIO);
1559 bio->bi_iter.bi_sector = sector;
1560 bio->bi_end_io = xfs_buf_bio_end_io;
1561 bio->bi_private = bp;
1562
1563 for (; size && nr_pages; nr_pages--, page_index++) {
1564 int rbytes, nbytes = PAGE_SIZE - offset;
1565
1566 if (nbytes > size)
1567 nbytes = size;
1568
1569 rbytes = bio_add_page(bio, bp->b_pages[page_index], nbytes,
1570 offset);
1571 if (rbytes < nbytes)
1572 break;
1573
1574 offset = 0;
1575 sector += BTOBB(nbytes);
1576 size -= nbytes;
1577 total_nr_pages--;
1578 }
1579
1580 if (likely(bio->bi_iter.bi_size)) {
1581 if (xfs_buf_is_vmapped(bp)) {
1582 flush_kernel_vmap_range(bp->b_addr,
1583 xfs_buf_vmap_len(bp));
1584 }
1585 submit_bio(bio);
1586 if (size)
1587 goto next_chunk;
1588 } else {
1589 /*
1590 * This is guaranteed not to be the last io reference count
1591 * because the caller (xfs_buf_submit) holds a count itself.
1592 */
1593 atomic_dec(&bp->b_io_remaining);
1594 xfs_buf_ioerror(bp, -EIO);
1595 bio_put(bio);
1596 }
1597
1598}
1599
1600STATIC void
1601_xfs_buf_ioapply(
1602 struct xfs_buf *bp)
1603{
1604 struct blk_plug plug;
1605 blk_opf_t op;
1606 int offset;
1607 int size;
1608 int i;
1609
1610 /*
1611 * Make sure we capture only current IO errors rather than stale errors
1612 * left over from previous use of the buffer (e.g. failed readahead).
1613 */
1614 bp->b_error = 0;
1615
1616 if (bp->b_flags & XBF_WRITE) {
1617 op = REQ_OP_WRITE;
1618
1619 /*
1620 * Run the write verifier callback function if it exists. If
1621 * this function fails it will mark the buffer with an error and
1622 * the IO should not be dispatched.
1623 */
1624 if (bp->b_ops) {
1625 bp->b_ops->verify_write(bp);
1626 if (bp->b_error) {
1627 xfs_force_shutdown(bp->b_mount,
1628 SHUTDOWN_CORRUPT_INCORE);
1629 return;
1630 }
1631 } else if (bp->b_rhash_key != XFS_BUF_DADDR_NULL) {
1632 struct xfs_mount *mp = bp->b_mount;
1633
1634 /*
1635 * non-crc filesystems don't attach verifiers during
1636 * log recovery, so don't warn for such filesystems.
1637 */
1638 if (xfs_has_crc(mp)) {
1639 xfs_warn(mp,
1640 "%s: no buf ops on daddr 0x%llx len %d",
1641 __func__, xfs_buf_daddr(bp),
1642 bp->b_length);
1643 xfs_hex_dump(bp->b_addr,
1644 XFS_CORRUPTION_DUMP_LEN);
1645 dump_stack();
1646 }
1647 }
1648 } else {
1649 op = REQ_OP_READ;
1650 if (bp->b_flags & XBF_READ_AHEAD)
1651 op |= REQ_RAHEAD;
1652 }
1653
1654 /* we only use the buffer cache for meta-data */
1655 op |= REQ_META;
1656
1657 /* in-memory targets are directly mapped, no IO required. */
1658 if (xfs_buftarg_is_mem(bp->b_target)) {
1659 xfs_buf_ioend(bp);
1660 return;
1661 }
1662
1663 /*
1664 * Walk all the vectors issuing IO on them. Set up the initial offset
1665 * into the buffer and the desired IO size before we start -
1666 * _xfs_buf_ioapply_vec() will modify them appropriately for each
1667 * subsequent call.
1668 */
1669 offset = bp->b_offset;
1670 size = BBTOB(bp->b_length);
1671 blk_start_plug(&plug);
1672 for (i = 0; i < bp->b_map_count; i++) {
1673 xfs_buf_ioapply_map(bp, i, &offset, &size, op);
1674 if (bp->b_error)
1675 break;
1676 if (size <= 0)
1677 break; /* all done */
1678 }
1679 blk_finish_plug(&plug);
1680}
1681
1682/*
1683 * Wait for I/O completion of a sync buffer and return the I/O error code.
1684 */
1685static int
1686xfs_buf_iowait(
1687 struct xfs_buf *bp)
1688{
1689 ASSERT(!(bp->b_flags & XBF_ASYNC));
1690
1691 trace_xfs_buf_iowait(bp, _RET_IP_);
1692 wait_for_completion(&bp->b_iowait);
1693 trace_xfs_buf_iowait_done(bp, _RET_IP_);
1694
1695 return bp->b_error;
1696}
1697
1698/*
1699 * Buffer I/O submission path, read or write. Asynchronous submission transfers
1700 * the buffer lock ownership and the current reference to the IO. It is not
1701 * safe to reference the buffer after a call to this function unless the caller
1702 * holds an additional reference itself.
1703 */
1704static int
1705__xfs_buf_submit(
1706 struct xfs_buf *bp,
1707 bool wait)
1708{
1709 int error = 0;
1710
1711 trace_xfs_buf_submit(bp, _RET_IP_);
1712
1713 ASSERT(!(bp->b_flags & _XBF_DELWRI_Q));
1714
1715 /*
1716 * On log shutdown we stale and complete the buffer immediately. We can
1717 * be called to read the superblock before the log has been set up, so
1718 * be careful checking the log state.
1719 *
1720 * Checking the mount shutdown state here can result in the log tail
1721 * moving inappropriately on disk as the log may not yet be shut down.
1722 * i.e. failing this buffer on mount shutdown can remove it from the AIL
1723 * and move the tail of the log forwards without having written this
1724 * buffer to disk. This corrupts the log tail state in memory, and
1725 * because the log may not be shut down yet, it can then be propagated
1726 * to disk before the log is shutdown. Hence we check log shutdown
1727 * state here rather than mount state to avoid corrupting the log tail
1728 * on shutdown.
1729 */
1730 if (bp->b_mount->m_log &&
1731 xlog_is_shutdown(bp->b_mount->m_log)) {
1732 xfs_buf_ioend_fail(bp);
1733 return -EIO;
1734 }
1735
1736 /*
1737 * Grab a reference so the buffer does not go away underneath us. For
1738 * async buffers, I/O completion drops the callers reference, which
1739 * could occur before submission returns.
1740 */
1741 xfs_buf_hold(bp);
1742
1743 if (bp->b_flags & XBF_WRITE)
1744 xfs_buf_wait_unpin(bp);
1745
1746 /* clear the internal error state to avoid spurious errors */
1747 bp->b_io_error = 0;
1748
1749 /*
1750 * Set the count to 1 initially, this will stop an I/O completion
1751 * callout which happens before we have started all the I/O from calling
1752 * xfs_buf_ioend too early.
1753 */
1754 atomic_set(&bp->b_io_remaining, 1);
1755 if (bp->b_flags & XBF_ASYNC)
1756 xfs_buf_ioacct_inc(bp);
1757 _xfs_buf_ioapply(bp);
1758
1759 /*
1760 * If _xfs_buf_ioapply failed, we can get back here with only the IO
1761 * reference we took above. If we drop it to zero, run completion so
1762 * that we don't return to the caller with completion still pending.
1763 */
1764 if (atomic_dec_and_test(&bp->b_io_remaining) == 1) {
1765 if (bp->b_error || !(bp->b_flags & XBF_ASYNC))
1766 xfs_buf_ioend(bp);
1767 else
1768 xfs_buf_ioend_async(bp);
1769 }
1770
1771 if (wait)
1772 error = xfs_buf_iowait(bp);
1773
1774 /*
1775 * Release the hold that keeps the buffer referenced for the entire
1776 * I/O. Note that if the buffer is async, it is not safe to reference
1777 * after this release.
1778 */
1779 xfs_buf_rele(bp);
1780 return error;
1781}
1782
1783void *
1784xfs_buf_offset(
1785 struct xfs_buf *bp,
1786 size_t offset)
1787{
1788 struct page *page;
1789
1790 if (bp->b_addr)
1791 return bp->b_addr + offset;
1792
1793 page = bp->b_pages[offset >> PAGE_SHIFT];
1794 return page_address(page) + (offset & (PAGE_SIZE-1));
1795}
1796
1797void
1798xfs_buf_zero(
1799 struct xfs_buf *bp,
1800 size_t boff,
1801 size_t bsize)
1802{
1803 size_t bend;
1804
1805 bend = boff + bsize;
1806 while (boff < bend) {
1807 struct page *page;
1808 int page_index, page_offset, csize;
1809
1810 page_index = (boff + bp->b_offset) >> PAGE_SHIFT;
1811 page_offset = (boff + bp->b_offset) & ~PAGE_MASK;
1812 page = bp->b_pages[page_index];
1813 csize = min_t(size_t, PAGE_SIZE - page_offset,
1814 BBTOB(bp->b_length) - boff);
1815
1816 ASSERT((csize + page_offset) <= PAGE_SIZE);
1817
1818 memset(page_address(page) + page_offset, 0, csize);
1819
1820 boff += csize;
1821 }
1822}
1823
1824/*
1825 * Log a message about and stale a buffer that a caller has decided is corrupt.
1826 *
1827 * This function should be called for the kinds of metadata corruption that
1828 * cannot be detect from a verifier, such as incorrect inter-block relationship
1829 * data. Do /not/ call this function from a verifier function.
1830 *
1831 * The buffer must be XBF_DONE prior to the call. Afterwards, the buffer will
1832 * be marked stale, but b_error will not be set. The caller is responsible for
1833 * releasing the buffer or fixing it.
1834 */
1835void
1836__xfs_buf_mark_corrupt(
1837 struct xfs_buf *bp,
1838 xfs_failaddr_t fa)
1839{
1840 ASSERT(bp->b_flags & XBF_DONE);
1841
1842 xfs_buf_corruption_error(bp, fa);
1843 xfs_buf_stale(bp);
1844}
1845
1846/*
1847 * Handling of buffer targets (buftargs).
1848 */
1849
1850/*
1851 * Wait for any bufs with callbacks that have been submitted but have not yet
1852 * returned. These buffers will have an elevated hold count, so wait on those
1853 * while freeing all the buffers only held by the LRU.
1854 */
1855static enum lru_status
1856xfs_buftarg_drain_rele(
1857 struct list_head *item,
1858 struct list_lru_one *lru,
1859 void *arg)
1860
1861{
1862 struct xfs_buf *bp = container_of(item, struct xfs_buf, b_lru);
1863 struct list_head *dispose = arg;
1864
1865 if (atomic_read(&bp->b_hold) > 1) {
1866 /* need to wait, so skip it this pass */
1867 trace_xfs_buf_drain_buftarg(bp, _RET_IP_);
1868 return LRU_SKIP;
1869 }
1870 if (!spin_trylock(&bp->b_lock))
1871 return LRU_SKIP;
1872
1873 /*
1874 * clear the LRU reference count so the buffer doesn't get
1875 * ignored in xfs_buf_rele().
1876 */
1877 atomic_set(&bp->b_lru_ref, 0);
1878 bp->b_state |= XFS_BSTATE_DISPOSE;
1879 list_lru_isolate_move(lru, item, dispose);
1880 spin_unlock(&bp->b_lock);
1881 return LRU_REMOVED;
1882}
1883
1884/*
1885 * Wait for outstanding I/O on the buftarg to complete.
1886 */
1887void
1888xfs_buftarg_wait(
1889 struct xfs_buftarg *btp)
1890{
1891 /*
1892 * First wait on the buftarg I/O count for all in-flight buffers to be
1893 * released. This is critical as new buffers do not make the LRU until
1894 * they are released.
1895 *
1896 * Next, flush the buffer workqueue to ensure all completion processing
1897 * has finished. Just waiting on buffer locks is not sufficient for
1898 * async IO as the reference count held over IO is not released until
1899 * after the buffer lock is dropped. Hence we need to ensure here that
1900 * all reference counts have been dropped before we start walking the
1901 * LRU list.
1902 */
1903 while (percpu_counter_sum(&btp->bt_io_count))
1904 delay(100);
1905 flush_workqueue(btp->bt_mount->m_buf_workqueue);
1906}
1907
1908void
1909xfs_buftarg_drain(
1910 struct xfs_buftarg *btp)
1911{
1912 LIST_HEAD(dispose);
1913 int loop = 0;
1914 bool write_fail = false;
1915
1916 xfs_buftarg_wait(btp);
1917
1918 /* loop until there is nothing left on the lru list. */
1919 while (list_lru_count(&btp->bt_lru)) {
1920 list_lru_walk(&btp->bt_lru, xfs_buftarg_drain_rele,
1921 &dispose, LONG_MAX);
1922
1923 while (!list_empty(&dispose)) {
1924 struct xfs_buf *bp;
1925 bp = list_first_entry(&dispose, struct xfs_buf, b_lru);
1926 list_del_init(&bp->b_lru);
1927 if (bp->b_flags & XBF_WRITE_FAIL) {
1928 write_fail = true;
1929 xfs_buf_alert_ratelimited(bp,
1930 "XFS: Corruption Alert",
1931"Corruption Alert: Buffer at daddr 0x%llx had permanent write failures!",
1932 (long long)xfs_buf_daddr(bp));
1933 }
1934 xfs_buf_rele(bp);
1935 }
1936 if (loop++ != 0)
1937 delay(100);
1938 }
1939
1940 /*
1941 * If one or more failed buffers were freed, that means dirty metadata
1942 * was thrown away. This should only ever happen after I/O completion
1943 * handling has elevated I/O error(s) to permanent failures and shuts
1944 * down the journal.
1945 */
1946 if (write_fail) {
1947 ASSERT(xlog_is_shutdown(btp->bt_mount->m_log));
1948 xfs_alert(btp->bt_mount,
1949 "Please run xfs_repair to determine the extent of the problem.");
1950 }
1951}
1952
1953static enum lru_status
1954xfs_buftarg_isolate(
1955 struct list_head *item,
1956 struct list_lru_one *lru,
1957 void *arg)
1958{
1959 struct xfs_buf *bp = container_of(item, struct xfs_buf, b_lru);
1960 struct list_head *dispose = arg;
1961
1962 /*
1963 * we are inverting the lru lock/bp->b_lock here, so use a trylock.
1964 * If we fail to get the lock, just skip it.
1965 */
1966 if (!spin_trylock(&bp->b_lock))
1967 return LRU_SKIP;
1968 /*
1969 * Decrement the b_lru_ref count unless the value is already
1970 * zero. If the value is already zero, we need to reclaim the
1971 * buffer, otherwise it gets another trip through the LRU.
1972 */
1973 if (atomic_add_unless(&bp->b_lru_ref, -1, 0)) {
1974 spin_unlock(&bp->b_lock);
1975 return LRU_ROTATE;
1976 }
1977
1978 bp->b_state |= XFS_BSTATE_DISPOSE;
1979 list_lru_isolate_move(lru, item, dispose);
1980 spin_unlock(&bp->b_lock);
1981 return LRU_REMOVED;
1982}
1983
1984static unsigned long
1985xfs_buftarg_shrink_scan(
1986 struct shrinker *shrink,
1987 struct shrink_control *sc)
1988{
1989 struct xfs_buftarg *btp = shrink->private_data;
1990 LIST_HEAD(dispose);
1991 unsigned long freed;
1992
1993 freed = list_lru_shrink_walk(&btp->bt_lru, sc,
1994 xfs_buftarg_isolate, &dispose);
1995
1996 while (!list_empty(&dispose)) {
1997 struct xfs_buf *bp;
1998 bp = list_first_entry(&dispose, struct xfs_buf, b_lru);
1999 list_del_init(&bp->b_lru);
2000 xfs_buf_rele(bp);
2001 }
2002
2003 return freed;
2004}
2005
2006static unsigned long
2007xfs_buftarg_shrink_count(
2008 struct shrinker *shrink,
2009 struct shrink_control *sc)
2010{
2011 struct xfs_buftarg *btp = shrink->private_data;
2012 return list_lru_shrink_count(&btp->bt_lru, sc);
2013}
2014
2015void
2016xfs_destroy_buftarg(
2017 struct xfs_buftarg *btp)
2018{
2019 shrinker_free(btp->bt_shrinker);
2020 ASSERT(percpu_counter_sum(&btp->bt_io_count) == 0);
2021 percpu_counter_destroy(&btp->bt_io_count);
2022 list_lru_destroy(&btp->bt_lru);
2023}
2024
2025void
2026xfs_free_buftarg(
2027 struct xfs_buftarg *btp)
2028{
2029 xfs_destroy_buftarg(btp);
2030 fs_put_dax(btp->bt_daxdev, btp->bt_mount);
2031 /* the main block device is closed by kill_block_super */
2032 if (btp->bt_bdev != btp->bt_mount->m_super->s_bdev)
2033 bdev_fput(btp->bt_bdev_file);
2034 kfree(btp);
2035}
2036
2037int
2038xfs_setsize_buftarg(
2039 struct xfs_buftarg *btp,
2040 unsigned int sectorsize)
2041{
2042 /* Set up metadata sector size info */
2043 btp->bt_meta_sectorsize = sectorsize;
2044 btp->bt_meta_sectormask = sectorsize - 1;
2045
2046 if (set_blocksize(btp->bt_bdev_file, sectorsize)) {
2047 xfs_warn(btp->bt_mount,
2048 "Cannot set_blocksize to %u on device %pg",
2049 sectorsize, btp->bt_bdev);
2050 return -EINVAL;
2051 }
2052
2053 return 0;
2054}
2055
2056int
2057xfs_init_buftarg(
2058 struct xfs_buftarg *btp,
2059 size_t logical_sectorsize,
2060 const char *descr)
2061{
2062 /* Set up device logical sector size mask */
2063 btp->bt_logical_sectorsize = logical_sectorsize;
2064 btp->bt_logical_sectormask = logical_sectorsize - 1;
2065
2066 /*
2067 * Buffer IO error rate limiting. Limit it to no more than 10 messages
2068 * per 30 seconds so as to not spam logs too much on repeated errors.
2069 */
2070 ratelimit_state_init(&btp->bt_ioerror_rl, 30 * HZ,
2071 DEFAULT_RATELIMIT_BURST);
2072
2073 if (list_lru_init(&btp->bt_lru))
2074 return -ENOMEM;
2075 if (percpu_counter_init(&btp->bt_io_count, 0, GFP_KERNEL))
2076 goto out_destroy_lru;
2077
2078 btp->bt_shrinker =
2079 shrinker_alloc(SHRINKER_NUMA_AWARE, "xfs-buf:%s", descr);
2080 if (!btp->bt_shrinker)
2081 goto out_destroy_io_count;
2082 btp->bt_shrinker->count_objects = xfs_buftarg_shrink_count;
2083 btp->bt_shrinker->scan_objects = xfs_buftarg_shrink_scan;
2084 btp->bt_shrinker->private_data = btp;
2085 shrinker_register(btp->bt_shrinker);
2086 return 0;
2087
2088out_destroy_io_count:
2089 percpu_counter_destroy(&btp->bt_io_count);
2090out_destroy_lru:
2091 list_lru_destroy(&btp->bt_lru);
2092 return -ENOMEM;
2093}
2094
2095struct xfs_buftarg *
2096xfs_alloc_buftarg(
2097 struct xfs_mount *mp,
2098 struct file *bdev_file)
2099{
2100 struct xfs_buftarg *btp;
2101 const struct dax_holder_operations *ops = NULL;
2102
2103#if defined(CONFIG_FS_DAX) && defined(CONFIG_MEMORY_FAILURE)
2104 ops = &xfs_dax_holder_operations;
2105#endif
2106 btp = kzalloc(sizeof(*btp), GFP_KERNEL | __GFP_NOFAIL);
2107
2108 btp->bt_mount = mp;
2109 btp->bt_bdev_file = bdev_file;
2110 btp->bt_bdev = file_bdev(bdev_file);
2111 btp->bt_dev = btp->bt_bdev->bd_dev;
2112 btp->bt_daxdev = fs_dax_get_by_bdev(btp->bt_bdev, &btp->bt_dax_part_off,
2113 mp, ops);
2114
2115 if (bdev_can_atomic_write(btp->bt_bdev)) {
2116 btp->bt_bdev_awu_min = bdev_atomic_write_unit_min_bytes(
2117 btp->bt_bdev);
2118 btp->bt_bdev_awu_max = bdev_atomic_write_unit_max_bytes(
2119 btp->bt_bdev);
2120 }
2121
2122 /*
2123 * When allocating the buftargs we have not yet read the super block and
2124 * thus don't know the file system sector size yet.
2125 */
2126 if (xfs_setsize_buftarg(btp, bdev_logical_block_size(btp->bt_bdev)))
2127 goto error_free;
2128 if (xfs_init_buftarg(btp, bdev_logical_block_size(btp->bt_bdev),
2129 mp->m_super->s_id))
2130 goto error_free;
2131
2132 return btp;
2133
2134error_free:
2135 kfree(btp);
2136 return NULL;
2137}
2138
2139static inline void
2140xfs_buf_list_del(
2141 struct xfs_buf *bp)
2142{
2143 list_del_init(&bp->b_list);
2144 wake_up_var(&bp->b_list);
2145}
2146
2147/*
2148 * Cancel a delayed write list.
2149 *
2150 * Remove each buffer from the list, clear the delwri queue flag and drop the
2151 * associated buffer reference.
2152 */
2153void
2154xfs_buf_delwri_cancel(
2155 struct list_head *list)
2156{
2157 struct xfs_buf *bp;
2158
2159 while (!list_empty(list)) {
2160 bp = list_first_entry(list, struct xfs_buf, b_list);
2161
2162 xfs_buf_lock(bp);
2163 bp->b_flags &= ~_XBF_DELWRI_Q;
2164 xfs_buf_list_del(bp);
2165 xfs_buf_relse(bp);
2166 }
2167}
2168
2169/*
2170 * Add a buffer to the delayed write list.
2171 *
2172 * This queues a buffer for writeout if it hasn't already been. Note that
2173 * neither this routine nor the buffer list submission functions perform
2174 * any internal synchronization. It is expected that the lists are thread-local
2175 * to the callers.
2176 *
2177 * Returns true if we queued up the buffer, or false if it already had
2178 * been on the buffer list.
2179 */
2180bool
2181xfs_buf_delwri_queue(
2182 struct xfs_buf *bp,
2183 struct list_head *list)
2184{
2185 ASSERT(xfs_buf_islocked(bp));
2186 ASSERT(!(bp->b_flags & XBF_READ));
2187
2188 /*
2189 * If the buffer is already marked delwri it already is queued up
2190 * by someone else for imediate writeout. Just ignore it in that
2191 * case.
2192 */
2193 if (bp->b_flags & _XBF_DELWRI_Q) {
2194 trace_xfs_buf_delwri_queued(bp, _RET_IP_);
2195 return false;
2196 }
2197
2198 trace_xfs_buf_delwri_queue(bp, _RET_IP_);
2199
2200 /*
2201 * If a buffer gets written out synchronously or marked stale while it
2202 * is on a delwri list we lazily remove it. To do this, the other party
2203 * clears the _XBF_DELWRI_Q flag but otherwise leaves the buffer alone.
2204 * It remains referenced and on the list. In a rare corner case it
2205 * might get readded to a delwri list after the synchronous writeout, in
2206 * which case we need just need to re-add the flag here.
2207 */
2208 bp->b_flags |= _XBF_DELWRI_Q;
2209 if (list_empty(&bp->b_list)) {
2210 atomic_inc(&bp->b_hold);
2211 list_add_tail(&bp->b_list, list);
2212 }
2213
2214 return true;
2215}
2216
2217/*
2218 * Queue a buffer to this delwri list as part of a data integrity operation.
2219 * If the buffer is on any other delwri list, we'll wait for that to clear
2220 * so that the caller can submit the buffer for IO and wait for the result.
2221 * Callers must ensure the buffer is not already on the list.
2222 */
2223void
2224xfs_buf_delwri_queue_here(
2225 struct xfs_buf *bp,
2226 struct list_head *buffer_list)
2227{
2228 /*
2229 * We need this buffer to end up on the /caller's/ delwri list, not any
2230 * old list. This can happen if the buffer is marked stale (which
2231 * clears DELWRI_Q) after the AIL queues the buffer to its list but
2232 * before the AIL has a chance to submit the list.
2233 */
2234 while (!list_empty(&bp->b_list)) {
2235 xfs_buf_unlock(bp);
2236 wait_var_event(&bp->b_list, list_empty(&bp->b_list));
2237 xfs_buf_lock(bp);
2238 }
2239
2240 ASSERT(!(bp->b_flags & _XBF_DELWRI_Q));
2241
2242 xfs_buf_delwri_queue(bp, buffer_list);
2243}
2244
2245/*
2246 * Compare function is more complex than it needs to be because
2247 * the return value is only 32 bits and we are doing comparisons
2248 * on 64 bit values
2249 */
2250static int
2251xfs_buf_cmp(
2252 void *priv,
2253 const struct list_head *a,
2254 const struct list_head *b)
2255{
2256 struct xfs_buf *ap = container_of(a, struct xfs_buf, b_list);
2257 struct xfs_buf *bp = container_of(b, struct xfs_buf, b_list);
2258 xfs_daddr_t diff;
2259
2260 diff = ap->b_maps[0].bm_bn - bp->b_maps[0].bm_bn;
2261 if (diff < 0)
2262 return -1;
2263 if (diff > 0)
2264 return 1;
2265 return 0;
2266}
2267
2268/*
2269 * Submit buffers for write. If wait_list is specified, the buffers are
2270 * submitted using sync I/O and placed on the wait list such that the caller can
2271 * iowait each buffer. Otherwise async I/O is used and the buffers are released
2272 * at I/O completion time. In either case, buffers remain locked until I/O
2273 * completes and the buffer is released from the queue.
2274 */
2275static int
2276xfs_buf_delwri_submit_buffers(
2277 struct list_head *buffer_list,
2278 struct list_head *wait_list)
2279{
2280 struct xfs_buf *bp, *n;
2281 int pinned = 0;
2282 struct blk_plug plug;
2283
2284 list_sort(NULL, buffer_list, xfs_buf_cmp);
2285
2286 blk_start_plug(&plug);
2287 list_for_each_entry_safe(bp, n, buffer_list, b_list) {
2288 if (!wait_list) {
2289 if (!xfs_buf_trylock(bp))
2290 continue;
2291 if (xfs_buf_ispinned(bp)) {
2292 xfs_buf_unlock(bp);
2293 pinned++;
2294 continue;
2295 }
2296 } else {
2297 xfs_buf_lock(bp);
2298 }
2299
2300 /*
2301 * Someone else might have written the buffer synchronously or
2302 * marked it stale in the meantime. In that case only the
2303 * _XBF_DELWRI_Q flag got cleared, and we have to drop the
2304 * reference and remove it from the list here.
2305 */
2306 if (!(bp->b_flags & _XBF_DELWRI_Q)) {
2307 xfs_buf_list_del(bp);
2308 xfs_buf_relse(bp);
2309 continue;
2310 }
2311
2312 trace_xfs_buf_delwri_split(bp, _RET_IP_);
2313
2314 /*
2315 * If we have a wait list, each buffer (and associated delwri
2316 * queue reference) transfers to it and is submitted
2317 * synchronously. Otherwise, drop the buffer from the delwri
2318 * queue and submit async.
2319 */
2320 bp->b_flags &= ~_XBF_DELWRI_Q;
2321 bp->b_flags |= XBF_WRITE;
2322 if (wait_list) {
2323 bp->b_flags &= ~XBF_ASYNC;
2324 list_move_tail(&bp->b_list, wait_list);
2325 } else {
2326 bp->b_flags |= XBF_ASYNC;
2327 xfs_buf_list_del(bp);
2328 }
2329 __xfs_buf_submit(bp, false);
2330 }
2331 blk_finish_plug(&plug);
2332
2333 return pinned;
2334}
2335
2336/*
2337 * Write out a buffer list asynchronously.
2338 *
2339 * This will take the @buffer_list, write all non-locked and non-pinned buffers
2340 * out and not wait for I/O completion on any of the buffers. This interface
2341 * is only safely useable for callers that can track I/O completion by higher
2342 * level means, e.g. AIL pushing as the @buffer_list is consumed in this
2343 * function.
2344 *
2345 * Note: this function will skip buffers it would block on, and in doing so
2346 * leaves them on @buffer_list so they can be retried on a later pass. As such,
2347 * it is up to the caller to ensure that the buffer list is fully submitted or
2348 * cancelled appropriately when they are finished with the list. Failure to
2349 * cancel or resubmit the list until it is empty will result in leaked buffers
2350 * at unmount time.
2351 */
2352int
2353xfs_buf_delwri_submit_nowait(
2354 struct list_head *buffer_list)
2355{
2356 return xfs_buf_delwri_submit_buffers(buffer_list, NULL);
2357}
2358
2359/*
2360 * Write out a buffer list synchronously.
2361 *
2362 * This will take the @buffer_list, write all buffers out and wait for I/O
2363 * completion on all of the buffers. @buffer_list is consumed by the function,
2364 * so callers must have some other way of tracking buffers if they require such
2365 * functionality.
2366 */
2367int
2368xfs_buf_delwri_submit(
2369 struct list_head *buffer_list)
2370{
2371 LIST_HEAD (wait_list);
2372 int error = 0, error2;
2373 struct xfs_buf *bp;
2374
2375 xfs_buf_delwri_submit_buffers(buffer_list, &wait_list);
2376
2377 /* Wait for IO to complete. */
2378 while (!list_empty(&wait_list)) {
2379 bp = list_first_entry(&wait_list, struct xfs_buf, b_list);
2380
2381 xfs_buf_list_del(bp);
2382
2383 /*
2384 * Wait on the locked buffer, check for errors and unlock and
2385 * release the delwri queue reference.
2386 */
2387 error2 = xfs_buf_iowait(bp);
2388 xfs_buf_relse(bp);
2389 if (!error)
2390 error = error2;
2391 }
2392
2393 return error;
2394}
2395
2396/*
2397 * Push a single buffer on a delwri queue.
2398 *
2399 * The purpose of this function is to submit a single buffer of a delwri queue
2400 * and return with the buffer still on the original queue. The waiting delwri
2401 * buffer submission infrastructure guarantees transfer of the delwri queue
2402 * buffer reference to a temporary wait list. We reuse this infrastructure to
2403 * transfer the buffer back to the original queue.
2404 *
2405 * Note the buffer transitions from the queued state, to the submitted and wait
2406 * listed state and back to the queued state during this call. The buffer
2407 * locking and queue management logic between _delwri_pushbuf() and
2408 * _delwri_queue() guarantee that the buffer cannot be queued to another list
2409 * before returning.
2410 */
2411int
2412xfs_buf_delwri_pushbuf(
2413 struct xfs_buf *bp,
2414 struct list_head *buffer_list)
2415{
2416 LIST_HEAD (submit_list);
2417 int error;
2418
2419 ASSERT(bp->b_flags & _XBF_DELWRI_Q);
2420
2421 trace_xfs_buf_delwri_pushbuf(bp, _RET_IP_);
2422
2423 /*
2424 * Isolate the buffer to a new local list so we can submit it for I/O
2425 * independently from the rest of the original list.
2426 */
2427 xfs_buf_lock(bp);
2428 list_move(&bp->b_list, &submit_list);
2429 xfs_buf_unlock(bp);
2430
2431 /*
2432 * Delwri submission clears the DELWRI_Q buffer flag and returns with
2433 * the buffer on the wait list with the original reference. Rather than
2434 * bounce the buffer from a local wait list back to the original list
2435 * after I/O completion, reuse the original list as the wait list.
2436 */
2437 xfs_buf_delwri_submit_buffers(&submit_list, buffer_list);
2438
2439 /*
2440 * The buffer is now locked, under I/O and wait listed on the original
2441 * delwri queue. Wait for I/O completion, restore the DELWRI_Q flag and
2442 * return with the buffer unlocked and on the original queue.
2443 */
2444 error = xfs_buf_iowait(bp);
2445 bp->b_flags |= _XBF_DELWRI_Q;
2446 xfs_buf_unlock(bp);
2447
2448 return error;
2449}
2450
2451void xfs_buf_set_ref(struct xfs_buf *bp, int lru_ref)
2452{
2453 /*
2454 * Set the lru reference count to 0 based on the error injection tag.
2455 * This allows userspace to disrupt buffer caching for debug/testing
2456 * purposes.
2457 */
2458 if (XFS_TEST_ERROR(false, bp->b_mount, XFS_ERRTAG_BUF_LRU_REF))
2459 lru_ref = 0;
2460
2461 atomic_set(&bp->b_lru_ref, lru_ref);
2462}
2463
2464/*
2465 * Verify an on-disk magic value against the magic value specified in the
2466 * verifier structure. The verifier magic is in disk byte order so the caller is
2467 * expected to pass the value directly from disk.
2468 */
2469bool
2470xfs_verify_magic(
2471 struct xfs_buf *bp,
2472 __be32 dmagic)
2473{
2474 struct xfs_mount *mp = bp->b_mount;
2475 int idx;
2476
2477 idx = xfs_has_crc(mp);
2478 if (WARN_ON(!bp->b_ops || !bp->b_ops->magic[idx]))
2479 return false;
2480 return dmagic == bp->b_ops->magic[idx];
2481}
2482/*
2483 * Verify an on-disk magic value against the magic value specified in the
2484 * verifier structure. The verifier magic is in disk byte order so the caller is
2485 * expected to pass the value directly from disk.
2486 */
2487bool
2488xfs_verify_magic16(
2489 struct xfs_buf *bp,
2490 __be16 dmagic)
2491{
2492 struct xfs_mount *mp = bp->b_mount;
2493 int idx;
2494
2495 idx = xfs_has_crc(mp);
2496 if (WARN_ON(!bp->b_ops || !bp->b_ops->magic16[idx]))
2497 return false;
2498 return dmagic == bp->b_ops->magic16[idx];
2499}
1// SPDX-License-Identifier: GPL-2.0
2/*
3 * Copyright (c) 2000-2006 Silicon Graphics, Inc.
4 * All Rights Reserved.
5 */
6#include "xfs.h"
7#include <linux/backing-dev.h>
8#include <linux/dax.h>
9
10#include "xfs_shared.h"
11#include "xfs_format.h"
12#include "xfs_log_format.h"
13#include "xfs_trans_resv.h"
14#include "xfs_mount.h"
15#include "xfs_trace.h"
16#include "xfs_log.h"
17#include "xfs_log_recover.h"
18#include "xfs_log_priv.h"
19#include "xfs_trans.h"
20#include "xfs_buf_item.h"
21#include "xfs_errortag.h"
22#include "xfs_error.h"
23#include "xfs_ag.h"
24
25struct kmem_cache *xfs_buf_cache;
26
27/*
28 * Locking orders
29 *
30 * xfs_buf_ioacct_inc:
31 * xfs_buf_ioacct_dec:
32 * b_sema (caller holds)
33 * b_lock
34 *
35 * xfs_buf_stale:
36 * b_sema (caller holds)
37 * b_lock
38 * lru_lock
39 *
40 * xfs_buf_rele:
41 * b_lock
42 * pag_buf_lock
43 * lru_lock
44 *
45 * xfs_buftarg_drain_rele
46 * lru_lock
47 * b_lock (trylock due to inversion)
48 *
49 * xfs_buftarg_isolate
50 * lru_lock
51 * b_lock (trylock due to inversion)
52 */
53
54static int __xfs_buf_submit(struct xfs_buf *bp, bool wait);
55
56static inline int
57xfs_buf_submit(
58 struct xfs_buf *bp)
59{
60 return __xfs_buf_submit(bp, !(bp->b_flags & XBF_ASYNC));
61}
62
63static inline int
64xfs_buf_is_vmapped(
65 struct xfs_buf *bp)
66{
67 /*
68 * Return true if the buffer is vmapped.
69 *
70 * b_addr is null if the buffer is not mapped, but the code is clever
71 * enough to know it doesn't have to map a single page, so the check has
72 * to be both for b_addr and bp->b_page_count > 1.
73 */
74 return bp->b_addr && bp->b_page_count > 1;
75}
76
77static inline int
78xfs_buf_vmap_len(
79 struct xfs_buf *bp)
80{
81 return (bp->b_page_count * PAGE_SIZE);
82}
83
84/*
85 * Bump the I/O in flight count on the buftarg if we haven't yet done so for
86 * this buffer. The count is incremented once per buffer (per hold cycle)
87 * because the corresponding decrement is deferred to buffer release. Buffers
88 * can undergo I/O multiple times in a hold-release cycle and per buffer I/O
89 * tracking adds unnecessary overhead. This is used for sychronization purposes
90 * with unmount (see xfs_buftarg_drain()), so all we really need is a count of
91 * in-flight buffers.
92 *
93 * Buffers that are never released (e.g., superblock, iclog buffers) must set
94 * the XBF_NO_IOACCT flag before I/O submission. Otherwise, the buftarg count
95 * never reaches zero and unmount hangs indefinitely.
96 */
97static inline void
98xfs_buf_ioacct_inc(
99 struct xfs_buf *bp)
100{
101 if (bp->b_flags & XBF_NO_IOACCT)
102 return;
103
104 ASSERT(bp->b_flags & XBF_ASYNC);
105 spin_lock(&bp->b_lock);
106 if (!(bp->b_state & XFS_BSTATE_IN_FLIGHT)) {
107 bp->b_state |= XFS_BSTATE_IN_FLIGHT;
108 percpu_counter_inc(&bp->b_target->bt_io_count);
109 }
110 spin_unlock(&bp->b_lock);
111}
112
113/*
114 * Clear the in-flight state on a buffer about to be released to the LRU or
115 * freed and unaccount from the buftarg.
116 */
117static inline void
118__xfs_buf_ioacct_dec(
119 struct xfs_buf *bp)
120{
121 lockdep_assert_held(&bp->b_lock);
122
123 if (bp->b_state & XFS_BSTATE_IN_FLIGHT) {
124 bp->b_state &= ~XFS_BSTATE_IN_FLIGHT;
125 percpu_counter_dec(&bp->b_target->bt_io_count);
126 }
127}
128
129static inline void
130xfs_buf_ioacct_dec(
131 struct xfs_buf *bp)
132{
133 spin_lock(&bp->b_lock);
134 __xfs_buf_ioacct_dec(bp);
135 spin_unlock(&bp->b_lock);
136}
137
138/*
139 * When we mark a buffer stale, we remove the buffer from the LRU and clear the
140 * b_lru_ref count so that the buffer is freed immediately when the buffer
141 * reference count falls to zero. If the buffer is already on the LRU, we need
142 * to remove the reference that LRU holds on the buffer.
143 *
144 * This prevents build-up of stale buffers on the LRU.
145 */
146void
147xfs_buf_stale(
148 struct xfs_buf *bp)
149{
150 ASSERT(xfs_buf_islocked(bp));
151
152 bp->b_flags |= XBF_STALE;
153
154 /*
155 * Clear the delwri status so that a delwri queue walker will not
156 * flush this buffer to disk now that it is stale. The delwri queue has
157 * a reference to the buffer, so this is safe to do.
158 */
159 bp->b_flags &= ~_XBF_DELWRI_Q;
160
161 /*
162 * Once the buffer is marked stale and unlocked, a subsequent lookup
163 * could reset b_flags. There is no guarantee that the buffer is
164 * unaccounted (released to LRU) before that occurs. Drop in-flight
165 * status now to preserve accounting consistency.
166 */
167 spin_lock(&bp->b_lock);
168 __xfs_buf_ioacct_dec(bp);
169
170 atomic_set(&bp->b_lru_ref, 0);
171 if (!(bp->b_state & XFS_BSTATE_DISPOSE) &&
172 (list_lru_del(&bp->b_target->bt_lru, &bp->b_lru)))
173 atomic_dec(&bp->b_hold);
174
175 ASSERT(atomic_read(&bp->b_hold) >= 1);
176 spin_unlock(&bp->b_lock);
177}
178
179static int
180xfs_buf_get_maps(
181 struct xfs_buf *bp,
182 int map_count)
183{
184 ASSERT(bp->b_maps == NULL);
185 bp->b_map_count = map_count;
186
187 if (map_count == 1) {
188 bp->b_maps = &bp->__b_map;
189 return 0;
190 }
191
192 bp->b_maps = kmem_zalloc(map_count * sizeof(struct xfs_buf_map),
193 KM_NOFS);
194 if (!bp->b_maps)
195 return -ENOMEM;
196 return 0;
197}
198
199/*
200 * Frees b_pages if it was allocated.
201 */
202static void
203xfs_buf_free_maps(
204 struct xfs_buf *bp)
205{
206 if (bp->b_maps != &bp->__b_map) {
207 kmem_free(bp->b_maps);
208 bp->b_maps = NULL;
209 }
210}
211
212static int
213_xfs_buf_alloc(
214 struct xfs_buftarg *target,
215 struct xfs_buf_map *map,
216 int nmaps,
217 xfs_buf_flags_t flags,
218 struct xfs_buf **bpp)
219{
220 struct xfs_buf *bp;
221 int error;
222 int i;
223
224 *bpp = NULL;
225 bp = kmem_cache_zalloc(xfs_buf_cache, GFP_NOFS | __GFP_NOFAIL);
226
227 /*
228 * We don't want certain flags to appear in b_flags unless they are
229 * specifically set by later operations on the buffer.
230 */
231 flags &= ~(XBF_UNMAPPED | XBF_TRYLOCK | XBF_ASYNC | XBF_READ_AHEAD);
232
233 atomic_set(&bp->b_hold, 1);
234 atomic_set(&bp->b_lru_ref, 1);
235 init_completion(&bp->b_iowait);
236 INIT_LIST_HEAD(&bp->b_lru);
237 INIT_LIST_HEAD(&bp->b_list);
238 INIT_LIST_HEAD(&bp->b_li_list);
239 sema_init(&bp->b_sema, 0); /* held, no waiters */
240 spin_lock_init(&bp->b_lock);
241 bp->b_target = target;
242 bp->b_mount = target->bt_mount;
243 bp->b_flags = flags;
244
245 /*
246 * Set length and io_length to the same value initially.
247 * I/O routines should use io_length, which will be the same in
248 * most cases but may be reset (e.g. XFS recovery).
249 */
250 error = xfs_buf_get_maps(bp, nmaps);
251 if (error) {
252 kmem_cache_free(xfs_buf_cache, bp);
253 return error;
254 }
255
256 bp->b_rhash_key = map[0].bm_bn;
257 bp->b_length = 0;
258 for (i = 0; i < nmaps; i++) {
259 bp->b_maps[i].bm_bn = map[i].bm_bn;
260 bp->b_maps[i].bm_len = map[i].bm_len;
261 bp->b_length += map[i].bm_len;
262 }
263
264 atomic_set(&bp->b_pin_count, 0);
265 init_waitqueue_head(&bp->b_waiters);
266
267 XFS_STATS_INC(bp->b_mount, xb_create);
268 trace_xfs_buf_init(bp, _RET_IP_);
269
270 *bpp = bp;
271 return 0;
272}
273
274static void
275xfs_buf_free_pages(
276 struct xfs_buf *bp)
277{
278 uint i;
279
280 ASSERT(bp->b_flags & _XBF_PAGES);
281
282 if (xfs_buf_is_vmapped(bp))
283 vm_unmap_ram(bp->b_addr, bp->b_page_count);
284
285 for (i = 0; i < bp->b_page_count; i++) {
286 if (bp->b_pages[i])
287 __free_page(bp->b_pages[i]);
288 }
289 if (current->reclaim_state)
290 current->reclaim_state->reclaimed_slab += bp->b_page_count;
291
292 if (bp->b_pages != bp->b_page_array)
293 kmem_free(bp->b_pages);
294 bp->b_pages = NULL;
295 bp->b_flags &= ~_XBF_PAGES;
296}
297
298static void
299xfs_buf_free_callback(
300 struct callback_head *cb)
301{
302 struct xfs_buf *bp = container_of(cb, struct xfs_buf, b_rcu);
303
304 xfs_buf_free_maps(bp);
305 kmem_cache_free(xfs_buf_cache, bp);
306}
307
308static void
309xfs_buf_free(
310 struct xfs_buf *bp)
311{
312 trace_xfs_buf_free(bp, _RET_IP_);
313
314 ASSERT(list_empty(&bp->b_lru));
315
316 if (bp->b_flags & _XBF_PAGES)
317 xfs_buf_free_pages(bp);
318 else if (bp->b_flags & _XBF_KMEM)
319 kmem_free(bp->b_addr);
320
321 call_rcu(&bp->b_rcu, xfs_buf_free_callback);
322}
323
324static int
325xfs_buf_alloc_kmem(
326 struct xfs_buf *bp,
327 xfs_buf_flags_t flags)
328{
329 xfs_km_flags_t kmflag_mask = KM_NOFS;
330 size_t size = BBTOB(bp->b_length);
331
332 /* Assure zeroed buffer for non-read cases. */
333 if (!(flags & XBF_READ))
334 kmflag_mask |= KM_ZERO;
335
336 bp->b_addr = kmem_alloc(size, kmflag_mask);
337 if (!bp->b_addr)
338 return -ENOMEM;
339
340 if (((unsigned long)(bp->b_addr + size - 1) & PAGE_MASK) !=
341 ((unsigned long)bp->b_addr & PAGE_MASK)) {
342 /* b_addr spans two pages - use alloc_page instead */
343 kmem_free(bp->b_addr);
344 bp->b_addr = NULL;
345 return -ENOMEM;
346 }
347 bp->b_offset = offset_in_page(bp->b_addr);
348 bp->b_pages = bp->b_page_array;
349 bp->b_pages[0] = kmem_to_page(bp->b_addr);
350 bp->b_page_count = 1;
351 bp->b_flags |= _XBF_KMEM;
352 return 0;
353}
354
355static int
356xfs_buf_alloc_pages(
357 struct xfs_buf *bp,
358 xfs_buf_flags_t flags)
359{
360 gfp_t gfp_mask = __GFP_NOWARN;
361 long filled = 0;
362
363 if (flags & XBF_READ_AHEAD)
364 gfp_mask |= __GFP_NORETRY;
365 else
366 gfp_mask |= GFP_NOFS;
367
368 /* Make sure that we have a page list */
369 bp->b_page_count = DIV_ROUND_UP(BBTOB(bp->b_length), PAGE_SIZE);
370 if (bp->b_page_count <= XB_PAGES) {
371 bp->b_pages = bp->b_page_array;
372 } else {
373 bp->b_pages = kzalloc(sizeof(struct page *) * bp->b_page_count,
374 gfp_mask);
375 if (!bp->b_pages)
376 return -ENOMEM;
377 }
378 bp->b_flags |= _XBF_PAGES;
379
380 /* Assure zeroed buffer for non-read cases. */
381 if (!(flags & XBF_READ))
382 gfp_mask |= __GFP_ZERO;
383
384 /*
385 * Bulk filling of pages can take multiple calls. Not filling the entire
386 * array is not an allocation failure, so don't back off if we get at
387 * least one extra page.
388 */
389 for (;;) {
390 long last = filled;
391
392 filled = alloc_pages_bulk_array(gfp_mask, bp->b_page_count,
393 bp->b_pages);
394 if (filled == bp->b_page_count) {
395 XFS_STATS_INC(bp->b_mount, xb_page_found);
396 break;
397 }
398
399 if (filled != last)
400 continue;
401
402 if (flags & XBF_READ_AHEAD) {
403 xfs_buf_free_pages(bp);
404 return -ENOMEM;
405 }
406
407 XFS_STATS_INC(bp->b_mount, xb_page_retries);
408 memalloc_retry_wait(gfp_mask);
409 }
410 return 0;
411}
412
413/*
414 * Map buffer into kernel address-space if necessary.
415 */
416STATIC int
417_xfs_buf_map_pages(
418 struct xfs_buf *bp,
419 xfs_buf_flags_t flags)
420{
421 ASSERT(bp->b_flags & _XBF_PAGES);
422 if (bp->b_page_count == 1) {
423 /* A single page buffer is always mappable */
424 bp->b_addr = page_address(bp->b_pages[0]);
425 } else if (flags & XBF_UNMAPPED) {
426 bp->b_addr = NULL;
427 } else {
428 int retried = 0;
429 unsigned nofs_flag;
430
431 /*
432 * vm_map_ram() will allocate auxiliary structures (e.g.
433 * pagetables) with GFP_KERNEL, yet we are likely to be under
434 * GFP_NOFS context here. Hence we need to tell memory reclaim
435 * that we are in such a context via PF_MEMALLOC_NOFS to prevent
436 * memory reclaim re-entering the filesystem here and
437 * potentially deadlocking.
438 */
439 nofs_flag = memalloc_nofs_save();
440 do {
441 bp->b_addr = vm_map_ram(bp->b_pages, bp->b_page_count,
442 -1);
443 if (bp->b_addr)
444 break;
445 vm_unmap_aliases();
446 } while (retried++ <= 1);
447 memalloc_nofs_restore(nofs_flag);
448
449 if (!bp->b_addr)
450 return -ENOMEM;
451 }
452
453 return 0;
454}
455
456/*
457 * Finding and Reading Buffers
458 */
459static int
460_xfs_buf_obj_cmp(
461 struct rhashtable_compare_arg *arg,
462 const void *obj)
463{
464 const struct xfs_buf_map *map = arg->key;
465 const struct xfs_buf *bp = obj;
466
467 /*
468 * The key hashing in the lookup path depends on the key being the
469 * first element of the compare_arg, make sure to assert this.
470 */
471 BUILD_BUG_ON(offsetof(struct xfs_buf_map, bm_bn) != 0);
472
473 if (bp->b_rhash_key != map->bm_bn)
474 return 1;
475
476 if (unlikely(bp->b_length != map->bm_len)) {
477 /*
478 * found a block number match. If the range doesn't
479 * match, the only way this is allowed is if the buffer
480 * in the cache is stale and the transaction that made
481 * it stale has not yet committed. i.e. we are
482 * reallocating a busy extent. Skip this buffer and
483 * continue searching for an exact match.
484 */
485 ASSERT(bp->b_flags & XBF_STALE);
486 return 1;
487 }
488 return 0;
489}
490
491static const struct rhashtable_params xfs_buf_hash_params = {
492 .min_size = 32, /* empty AGs have minimal footprint */
493 .nelem_hint = 16,
494 .key_len = sizeof(xfs_daddr_t),
495 .key_offset = offsetof(struct xfs_buf, b_rhash_key),
496 .head_offset = offsetof(struct xfs_buf, b_rhash_head),
497 .automatic_shrinking = true,
498 .obj_cmpfn = _xfs_buf_obj_cmp,
499};
500
501int
502xfs_buf_hash_init(
503 struct xfs_perag *pag)
504{
505 spin_lock_init(&pag->pag_buf_lock);
506 return rhashtable_init(&pag->pag_buf_hash, &xfs_buf_hash_params);
507}
508
509void
510xfs_buf_hash_destroy(
511 struct xfs_perag *pag)
512{
513 rhashtable_destroy(&pag->pag_buf_hash);
514}
515
516static int
517xfs_buf_map_verify(
518 struct xfs_buftarg *btp,
519 struct xfs_buf_map *map)
520{
521 xfs_daddr_t eofs;
522
523 /* Check for IOs smaller than the sector size / not sector aligned */
524 ASSERT(!(BBTOB(map->bm_len) < btp->bt_meta_sectorsize));
525 ASSERT(!(BBTOB(map->bm_bn) & (xfs_off_t)btp->bt_meta_sectormask));
526
527 /*
528 * Corrupted block numbers can get through to here, unfortunately, so we
529 * have to check that the buffer falls within the filesystem bounds.
530 */
531 eofs = XFS_FSB_TO_BB(btp->bt_mount, btp->bt_mount->m_sb.sb_dblocks);
532 if (map->bm_bn < 0 || map->bm_bn >= eofs) {
533 xfs_alert(btp->bt_mount,
534 "%s: daddr 0x%llx out of range, EOFS 0x%llx",
535 __func__, map->bm_bn, eofs);
536 WARN_ON(1);
537 return -EFSCORRUPTED;
538 }
539 return 0;
540}
541
542static int
543xfs_buf_find_lock(
544 struct xfs_buf *bp,
545 xfs_buf_flags_t flags)
546{
547 if (flags & XBF_TRYLOCK) {
548 if (!xfs_buf_trylock(bp)) {
549 XFS_STATS_INC(bp->b_mount, xb_busy_locked);
550 return -EAGAIN;
551 }
552 } else {
553 xfs_buf_lock(bp);
554 XFS_STATS_INC(bp->b_mount, xb_get_locked_waited);
555 }
556
557 /*
558 * if the buffer is stale, clear all the external state associated with
559 * it. We need to keep flags such as how we allocated the buffer memory
560 * intact here.
561 */
562 if (bp->b_flags & XBF_STALE) {
563 ASSERT((bp->b_flags & _XBF_DELWRI_Q) == 0);
564 bp->b_flags &= _XBF_KMEM | _XBF_PAGES;
565 bp->b_ops = NULL;
566 }
567 return 0;
568}
569
570static inline int
571xfs_buf_lookup(
572 struct xfs_perag *pag,
573 struct xfs_buf_map *map,
574 xfs_buf_flags_t flags,
575 struct xfs_buf **bpp)
576{
577 struct xfs_buf *bp;
578 int error;
579
580 rcu_read_lock();
581 bp = rhashtable_lookup(&pag->pag_buf_hash, map, xfs_buf_hash_params);
582 if (!bp || !atomic_inc_not_zero(&bp->b_hold)) {
583 rcu_read_unlock();
584 return -ENOENT;
585 }
586 rcu_read_unlock();
587
588 error = xfs_buf_find_lock(bp, flags);
589 if (error) {
590 xfs_buf_rele(bp);
591 return error;
592 }
593
594 trace_xfs_buf_find(bp, flags, _RET_IP_);
595 *bpp = bp;
596 return 0;
597}
598
599/*
600 * Insert the new_bp into the hash table. This consumes the perag reference
601 * taken for the lookup regardless of the result of the insert.
602 */
603static int
604xfs_buf_find_insert(
605 struct xfs_buftarg *btp,
606 struct xfs_perag *pag,
607 struct xfs_buf_map *cmap,
608 struct xfs_buf_map *map,
609 int nmaps,
610 xfs_buf_flags_t flags,
611 struct xfs_buf **bpp)
612{
613 struct xfs_buf *new_bp;
614 struct xfs_buf *bp;
615 int error;
616
617 error = _xfs_buf_alloc(btp, map, nmaps, flags, &new_bp);
618 if (error)
619 goto out_drop_pag;
620
621 /*
622 * For buffers that fit entirely within a single page, first attempt to
623 * allocate the memory from the heap to minimise memory usage. If we
624 * can't get heap memory for these small buffers, we fall back to using
625 * the page allocator.
626 */
627 if (BBTOB(new_bp->b_length) >= PAGE_SIZE ||
628 xfs_buf_alloc_kmem(new_bp, flags) < 0) {
629 error = xfs_buf_alloc_pages(new_bp, flags);
630 if (error)
631 goto out_free_buf;
632 }
633
634 spin_lock(&pag->pag_buf_lock);
635 bp = rhashtable_lookup_get_insert_fast(&pag->pag_buf_hash,
636 &new_bp->b_rhash_head, xfs_buf_hash_params);
637 if (IS_ERR(bp)) {
638 error = PTR_ERR(bp);
639 spin_unlock(&pag->pag_buf_lock);
640 goto out_free_buf;
641 }
642 if (bp) {
643 /* found an existing buffer */
644 atomic_inc(&bp->b_hold);
645 spin_unlock(&pag->pag_buf_lock);
646 error = xfs_buf_find_lock(bp, flags);
647 if (error)
648 xfs_buf_rele(bp);
649 else
650 *bpp = bp;
651 goto out_free_buf;
652 }
653
654 /* The new buffer keeps the perag reference until it is freed. */
655 new_bp->b_pag = pag;
656 spin_unlock(&pag->pag_buf_lock);
657 *bpp = new_bp;
658 return 0;
659
660out_free_buf:
661 xfs_buf_free(new_bp);
662out_drop_pag:
663 xfs_perag_put(pag);
664 return error;
665}
666
667/*
668 * Assembles a buffer covering the specified range. The code is optimised for
669 * cache hits, as metadata intensive workloads will see 3 orders of magnitude
670 * more hits than misses.
671 */
672int
673xfs_buf_get_map(
674 struct xfs_buftarg *btp,
675 struct xfs_buf_map *map,
676 int nmaps,
677 xfs_buf_flags_t flags,
678 struct xfs_buf **bpp)
679{
680 struct xfs_perag *pag;
681 struct xfs_buf *bp = NULL;
682 struct xfs_buf_map cmap = { .bm_bn = map[0].bm_bn };
683 int error;
684 int i;
685
686 for (i = 0; i < nmaps; i++)
687 cmap.bm_len += map[i].bm_len;
688
689 error = xfs_buf_map_verify(btp, &cmap);
690 if (error)
691 return error;
692
693 pag = xfs_perag_get(btp->bt_mount,
694 xfs_daddr_to_agno(btp->bt_mount, cmap.bm_bn));
695
696 error = xfs_buf_lookup(pag, &cmap, flags, &bp);
697 if (error && error != -ENOENT)
698 goto out_put_perag;
699
700 /* cache hits always outnumber misses by at least 10:1 */
701 if (unlikely(!bp)) {
702 XFS_STATS_INC(btp->bt_mount, xb_miss_locked);
703
704 if (flags & XBF_INCORE)
705 goto out_put_perag;
706
707 /* xfs_buf_find_insert() consumes the perag reference. */
708 error = xfs_buf_find_insert(btp, pag, &cmap, map, nmaps,
709 flags, &bp);
710 if (error)
711 return error;
712 } else {
713 XFS_STATS_INC(btp->bt_mount, xb_get_locked);
714 xfs_perag_put(pag);
715 }
716
717 /* We do not hold a perag reference anymore. */
718 if (!bp->b_addr) {
719 error = _xfs_buf_map_pages(bp, flags);
720 if (unlikely(error)) {
721 xfs_warn_ratelimited(btp->bt_mount,
722 "%s: failed to map %u pages", __func__,
723 bp->b_page_count);
724 xfs_buf_relse(bp);
725 return error;
726 }
727 }
728
729 /*
730 * Clear b_error if this is a lookup from a caller that doesn't expect
731 * valid data to be found in the buffer.
732 */
733 if (!(flags & XBF_READ))
734 xfs_buf_ioerror(bp, 0);
735
736 XFS_STATS_INC(btp->bt_mount, xb_get);
737 trace_xfs_buf_get(bp, flags, _RET_IP_);
738 *bpp = bp;
739 return 0;
740
741out_put_perag:
742 xfs_perag_put(pag);
743 return error;
744}
745
746int
747_xfs_buf_read(
748 struct xfs_buf *bp,
749 xfs_buf_flags_t flags)
750{
751 ASSERT(!(flags & XBF_WRITE));
752 ASSERT(bp->b_maps[0].bm_bn != XFS_BUF_DADDR_NULL);
753
754 bp->b_flags &= ~(XBF_WRITE | XBF_ASYNC | XBF_READ_AHEAD | XBF_DONE);
755 bp->b_flags |= flags & (XBF_READ | XBF_ASYNC | XBF_READ_AHEAD);
756
757 return xfs_buf_submit(bp);
758}
759
760/*
761 * Reverify a buffer found in cache without an attached ->b_ops.
762 *
763 * If the caller passed an ops structure and the buffer doesn't have ops
764 * assigned, set the ops and use it to verify the contents. If verification
765 * fails, clear XBF_DONE. We assume the buffer has no recorded errors and is
766 * already in XBF_DONE state on entry.
767 *
768 * Under normal operations, every in-core buffer is verified on read I/O
769 * completion. There are two scenarios that can lead to in-core buffers without
770 * an assigned ->b_ops. The first is during log recovery of buffers on a V4
771 * filesystem, though these buffers are purged at the end of recovery. The
772 * other is online repair, which intentionally reads with a NULL buffer ops to
773 * run several verifiers across an in-core buffer in order to establish buffer
774 * type. If repair can't establish that, the buffer will be left in memory
775 * with NULL buffer ops.
776 */
777int
778xfs_buf_reverify(
779 struct xfs_buf *bp,
780 const struct xfs_buf_ops *ops)
781{
782 ASSERT(bp->b_flags & XBF_DONE);
783 ASSERT(bp->b_error == 0);
784
785 if (!ops || bp->b_ops)
786 return 0;
787
788 bp->b_ops = ops;
789 bp->b_ops->verify_read(bp);
790 if (bp->b_error)
791 bp->b_flags &= ~XBF_DONE;
792 return bp->b_error;
793}
794
795int
796xfs_buf_read_map(
797 struct xfs_buftarg *target,
798 struct xfs_buf_map *map,
799 int nmaps,
800 xfs_buf_flags_t flags,
801 struct xfs_buf **bpp,
802 const struct xfs_buf_ops *ops,
803 xfs_failaddr_t fa)
804{
805 struct xfs_buf *bp;
806 int error;
807
808 flags |= XBF_READ;
809 *bpp = NULL;
810
811 error = xfs_buf_get_map(target, map, nmaps, flags, &bp);
812 if (error)
813 return error;
814
815 trace_xfs_buf_read(bp, flags, _RET_IP_);
816
817 if (!(bp->b_flags & XBF_DONE)) {
818 /* Initiate the buffer read and wait. */
819 XFS_STATS_INC(target->bt_mount, xb_get_read);
820 bp->b_ops = ops;
821 error = _xfs_buf_read(bp, flags);
822
823 /* Readahead iodone already dropped the buffer, so exit. */
824 if (flags & XBF_ASYNC)
825 return 0;
826 } else {
827 /* Buffer already read; all we need to do is check it. */
828 error = xfs_buf_reverify(bp, ops);
829
830 /* Readahead already finished; drop the buffer and exit. */
831 if (flags & XBF_ASYNC) {
832 xfs_buf_relse(bp);
833 return 0;
834 }
835
836 /* We do not want read in the flags */
837 bp->b_flags &= ~XBF_READ;
838 ASSERT(bp->b_ops != NULL || ops == NULL);
839 }
840
841 /*
842 * If we've had a read error, then the contents of the buffer are
843 * invalid and should not be used. To ensure that a followup read tries
844 * to pull the buffer from disk again, we clear the XBF_DONE flag and
845 * mark the buffer stale. This ensures that anyone who has a current
846 * reference to the buffer will interpret it's contents correctly and
847 * future cache lookups will also treat it as an empty, uninitialised
848 * buffer.
849 */
850 if (error) {
851 /*
852 * Check against log shutdown for error reporting because
853 * metadata writeback may require a read first and we need to
854 * report errors in metadata writeback until the log is shut
855 * down. High level transaction read functions already check
856 * against mount shutdown, anyway, so we only need to be
857 * concerned about low level IO interactions here.
858 */
859 if (!xlog_is_shutdown(target->bt_mount->m_log))
860 xfs_buf_ioerror_alert(bp, fa);
861
862 bp->b_flags &= ~XBF_DONE;
863 xfs_buf_stale(bp);
864 xfs_buf_relse(bp);
865
866 /* bad CRC means corrupted metadata */
867 if (error == -EFSBADCRC)
868 error = -EFSCORRUPTED;
869 return error;
870 }
871
872 *bpp = bp;
873 return 0;
874}
875
876/*
877 * If we are not low on memory then do the readahead in a deadlock
878 * safe manner.
879 */
880void
881xfs_buf_readahead_map(
882 struct xfs_buftarg *target,
883 struct xfs_buf_map *map,
884 int nmaps,
885 const struct xfs_buf_ops *ops)
886{
887 struct xfs_buf *bp;
888
889 xfs_buf_read_map(target, map, nmaps,
890 XBF_TRYLOCK | XBF_ASYNC | XBF_READ_AHEAD, &bp, ops,
891 __this_address);
892}
893
894/*
895 * Read an uncached buffer from disk. Allocates and returns a locked
896 * buffer containing the disk contents or nothing. Uncached buffers always have
897 * a cache index of XFS_BUF_DADDR_NULL so we can easily determine if the buffer
898 * is cached or uncached during fault diagnosis.
899 */
900int
901xfs_buf_read_uncached(
902 struct xfs_buftarg *target,
903 xfs_daddr_t daddr,
904 size_t numblks,
905 xfs_buf_flags_t flags,
906 struct xfs_buf **bpp,
907 const struct xfs_buf_ops *ops)
908{
909 struct xfs_buf *bp;
910 int error;
911
912 *bpp = NULL;
913
914 error = xfs_buf_get_uncached(target, numblks, flags, &bp);
915 if (error)
916 return error;
917
918 /* set up the buffer for a read IO */
919 ASSERT(bp->b_map_count == 1);
920 bp->b_rhash_key = XFS_BUF_DADDR_NULL;
921 bp->b_maps[0].bm_bn = daddr;
922 bp->b_flags |= XBF_READ;
923 bp->b_ops = ops;
924
925 xfs_buf_submit(bp);
926 if (bp->b_error) {
927 error = bp->b_error;
928 xfs_buf_relse(bp);
929 return error;
930 }
931
932 *bpp = bp;
933 return 0;
934}
935
936int
937xfs_buf_get_uncached(
938 struct xfs_buftarg *target,
939 size_t numblks,
940 xfs_buf_flags_t flags,
941 struct xfs_buf **bpp)
942{
943 int error;
944 struct xfs_buf *bp;
945 DEFINE_SINGLE_BUF_MAP(map, XFS_BUF_DADDR_NULL, numblks);
946
947 *bpp = NULL;
948
949 /* flags might contain irrelevant bits, pass only what we care about */
950 error = _xfs_buf_alloc(target, &map, 1, flags & XBF_NO_IOACCT, &bp);
951 if (error)
952 return error;
953
954 error = xfs_buf_alloc_pages(bp, flags);
955 if (error)
956 goto fail_free_buf;
957
958 error = _xfs_buf_map_pages(bp, 0);
959 if (unlikely(error)) {
960 xfs_warn(target->bt_mount,
961 "%s: failed to map pages", __func__);
962 goto fail_free_buf;
963 }
964
965 trace_xfs_buf_get_uncached(bp, _RET_IP_);
966 *bpp = bp;
967 return 0;
968
969fail_free_buf:
970 xfs_buf_free(bp);
971 return error;
972}
973
974/*
975 * Increment reference count on buffer, to hold the buffer concurrently
976 * with another thread which may release (free) the buffer asynchronously.
977 * Must hold the buffer already to call this function.
978 */
979void
980xfs_buf_hold(
981 struct xfs_buf *bp)
982{
983 trace_xfs_buf_hold(bp, _RET_IP_);
984 atomic_inc(&bp->b_hold);
985}
986
987/*
988 * Release a hold on the specified buffer. If the hold count is 1, the buffer is
989 * placed on LRU or freed (depending on b_lru_ref).
990 */
991void
992xfs_buf_rele(
993 struct xfs_buf *bp)
994{
995 struct xfs_perag *pag = bp->b_pag;
996 bool release;
997 bool freebuf = false;
998
999 trace_xfs_buf_rele(bp, _RET_IP_);
1000
1001 if (!pag) {
1002 ASSERT(list_empty(&bp->b_lru));
1003 if (atomic_dec_and_test(&bp->b_hold)) {
1004 xfs_buf_ioacct_dec(bp);
1005 xfs_buf_free(bp);
1006 }
1007 return;
1008 }
1009
1010 ASSERT(atomic_read(&bp->b_hold) > 0);
1011
1012 /*
1013 * We grab the b_lock here first to serialise racing xfs_buf_rele()
1014 * calls. The pag_buf_lock being taken on the last reference only
1015 * serialises against racing lookups in xfs_buf_find(). IOWs, the second
1016 * to last reference we drop here is not serialised against the last
1017 * reference until we take bp->b_lock. Hence if we don't grab b_lock
1018 * first, the last "release" reference can win the race to the lock and
1019 * free the buffer before the second-to-last reference is processed,
1020 * leading to a use-after-free scenario.
1021 */
1022 spin_lock(&bp->b_lock);
1023 release = atomic_dec_and_lock(&bp->b_hold, &pag->pag_buf_lock);
1024 if (!release) {
1025 /*
1026 * Drop the in-flight state if the buffer is already on the LRU
1027 * and it holds the only reference. This is racy because we
1028 * haven't acquired the pag lock, but the use of _XBF_IN_FLIGHT
1029 * ensures the decrement occurs only once per-buf.
1030 */
1031 if ((atomic_read(&bp->b_hold) == 1) && !list_empty(&bp->b_lru))
1032 __xfs_buf_ioacct_dec(bp);
1033 goto out_unlock;
1034 }
1035
1036 /* the last reference has been dropped ... */
1037 __xfs_buf_ioacct_dec(bp);
1038 if (!(bp->b_flags & XBF_STALE) && atomic_read(&bp->b_lru_ref)) {
1039 /*
1040 * If the buffer is added to the LRU take a new reference to the
1041 * buffer for the LRU and clear the (now stale) dispose list
1042 * state flag
1043 */
1044 if (list_lru_add(&bp->b_target->bt_lru, &bp->b_lru)) {
1045 bp->b_state &= ~XFS_BSTATE_DISPOSE;
1046 atomic_inc(&bp->b_hold);
1047 }
1048 spin_unlock(&pag->pag_buf_lock);
1049 } else {
1050 /*
1051 * most of the time buffers will already be removed from the
1052 * LRU, so optimise that case by checking for the
1053 * XFS_BSTATE_DISPOSE flag indicating the last list the buffer
1054 * was on was the disposal list
1055 */
1056 if (!(bp->b_state & XFS_BSTATE_DISPOSE)) {
1057 list_lru_del(&bp->b_target->bt_lru, &bp->b_lru);
1058 } else {
1059 ASSERT(list_empty(&bp->b_lru));
1060 }
1061
1062 ASSERT(!(bp->b_flags & _XBF_DELWRI_Q));
1063 rhashtable_remove_fast(&pag->pag_buf_hash, &bp->b_rhash_head,
1064 xfs_buf_hash_params);
1065 spin_unlock(&pag->pag_buf_lock);
1066 xfs_perag_put(pag);
1067 freebuf = true;
1068 }
1069
1070out_unlock:
1071 spin_unlock(&bp->b_lock);
1072
1073 if (freebuf)
1074 xfs_buf_free(bp);
1075}
1076
1077
1078/*
1079 * Lock a buffer object, if it is not already locked.
1080 *
1081 * If we come across a stale, pinned, locked buffer, we know that we are
1082 * being asked to lock a buffer that has been reallocated. Because it is
1083 * pinned, we know that the log has not been pushed to disk and hence it
1084 * will still be locked. Rather than continuing to have trylock attempts
1085 * fail until someone else pushes the log, push it ourselves before
1086 * returning. This means that the xfsaild will not get stuck trying
1087 * to push on stale inode buffers.
1088 */
1089int
1090xfs_buf_trylock(
1091 struct xfs_buf *bp)
1092{
1093 int locked;
1094
1095 locked = down_trylock(&bp->b_sema) == 0;
1096 if (locked)
1097 trace_xfs_buf_trylock(bp, _RET_IP_);
1098 else
1099 trace_xfs_buf_trylock_fail(bp, _RET_IP_);
1100 return locked;
1101}
1102
1103/*
1104 * Lock a buffer object.
1105 *
1106 * If we come across a stale, pinned, locked buffer, we know that we
1107 * are being asked to lock a buffer that has been reallocated. Because
1108 * it is pinned, we know that the log has not been pushed to disk and
1109 * hence it will still be locked. Rather than sleeping until someone
1110 * else pushes the log, push it ourselves before trying to get the lock.
1111 */
1112void
1113xfs_buf_lock(
1114 struct xfs_buf *bp)
1115{
1116 trace_xfs_buf_lock(bp, _RET_IP_);
1117
1118 if (atomic_read(&bp->b_pin_count) && (bp->b_flags & XBF_STALE))
1119 xfs_log_force(bp->b_mount, 0);
1120 down(&bp->b_sema);
1121
1122 trace_xfs_buf_lock_done(bp, _RET_IP_);
1123}
1124
1125void
1126xfs_buf_unlock(
1127 struct xfs_buf *bp)
1128{
1129 ASSERT(xfs_buf_islocked(bp));
1130
1131 up(&bp->b_sema);
1132 trace_xfs_buf_unlock(bp, _RET_IP_);
1133}
1134
1135STATIC void
1136xfs_buf_wait_unpin(
1137 struct xfs_buf *bp)
1138{
1139 DECLARE_WAITQUEUE (wait, current);
1140
1141 if (atomic_read(&bp->b_pin_count) == 0)
1142 return;
1143
1144 add_wait_queue(&bp->b_waiters, &wait);
1145 for (;;) {
1146 set_current_state(TASK_UNINTERRUPTIBLE);
1147 if (atomic_read(&bp->b_pin_count) == 0)
1148 break;
1149 io_schedule();
1150 }
1151 remove_wait_queue(&bp->b_waiters, &wait);
1152 set_current_state(TASK_RUNNING);
1153}
1154
1155static void
1156xfs_buf_ioerror_alert_ratelimited(
1157 struct xfs_buf *bp)
1158{
1159 static unsigned long lasttime;
1160 static struct xfs_buftarg *lasttarg;
1161
1162 if (bp->b_target != lasttarg ||
1163 time_after(jiffies, (lasttime + 5*HZ))) {
1164 lasttime = jiffies;
1165 xfs_buf_ioerror_alert(bp, __this_address);
1166 }
1167 lasttarg = bp->b_target;
1168}
1169
1170/*
1171 * Account for this latest trip around the retry handler, and decide if
1172 * we've failed enough times to constitute a permanent failure.
1173 */
1174static bool
1175xfs_buf_ioerror_permanent(
1176 struct xfs_buf *bp,
1177 struct xfs_error_cfg *cfg)
1178{
1179 struct xfs_mount *mp = bp->b_mount;
1180
1181 if (cfg->max_retries != XFS_ERR_RETRY_FOREVER &&
1182 ++bp->b_retries > cfg->max_retries)
1183 return true;
1184 if (cfg->retry_timeout != XFS_ERR_RETRY_FOREVER &&
1185 time_after(jiffies, cfg->retry_timeout + bp->b_first_retry_time))
1186 return true;
1187
1188 /* At unmount we may treat errors differently */
1189 if (xfs_is_unmounting(mp) && mp->m_fail_unmount)
1190 return true;
1191
1192 return false;
1193}
1194
1195/*
1196 * On a sync write or shutdown we just want to stale the buffer and let the
1197 * caller handle the error in bp->b_error appropriately.
1198 *
1199 * If the write was asynchronous then no one will be looking for the error. If
1200 * this is the first failure of this type, clear the error state and write the
1201 * buffer out again. This means we always retry an async write failure at least
1202 * once, but we also need to set the buffer up to behave correctly now for
1203 * repeated failures.
1204 *
1205 * If we get repeated async write failures, then we take action according to the
1206 * error configuration we have been set up to use.
1207 *
1208 * Returns true if this function took care of error handling and the caller must
1209 * not touch the buffer again. Return false if the caller should proceed with
1210 * normal I/O completion handling.
1211 */
1212static bool
1213xfs_buf_ioend_handle_error(
1214 struct xfs_buf *bp)
1215{
1216 struct xfs_mount *mp = bp->b_mount;
1217 struct xfs_error_cfg *cfg;
1218
1219 /*
1220 * If we've already shutdown the journal because of I/O errors, there's
1221 * no point in giving this a retry.
1222 */
1223 if (xlog_is_shutdown(mp->m_log))
1224 goto out_stale;
1225
1226 xfs_buf_ioerror_alert_ratelimited(bp);
1227
1228 /*
1229 * We're not going to bother about retrying this during recovery.
1230 * One strike!
1231 */
1232 if (bp->b_flags & _XBF_LOGRECOVERY) {
1233 xfs_force_shutdown(mp, SHUTDOWN_META_IO_ERROR);
1234 return false;
1235 }
1236
1237 /*
1238 * Synchronous writes will have callers process the error.
1239 */
1240 if (!(bp->b_flags & XBF_ASYNC))
1241 goto out_stale;
1242
1243 trace_xfs_buf_iodone_async(bp, _RET_IP_);
1244
1245 cfg = xfs_error_get_cfg(mp, XFS_ERR_METADATA, bp->b_error);
1246 if (bp->b_last_error != bp->b_error ||
1247 !(bp->b_flags & (XBF_STALE | XBF_WRITE_FAIL))) {
1248 bp->b_last_error = bp->b_error;
1249 if (cfg->retry_timeout != XFS_ERR_RETRY_FOREVER &&
1250 !bp->b_first_retry_time)
1251 bp->b_first_retry_time = jiffies;
1252 goto resubmit;
1253 }
1254
1255 /*
1256 * Permanent error - we need to trigger a shutdown if we haven't already
1257 * to indicate that inconsistency will result from this action.
1258 */
1259 if (xfs_buf_ioerror_permanent(bp, cfg)) {
1260 xfs_force_shutdown(mp, SHUTDOWN_META_IO_ERROR);
1261 goto out_stale;
1262 }
1263
1264 /* Still considered a transient error. Caller will schedule retries. */
1265 if (bp->b_flags & _XBF_INODES)
1266 xfs_buf_inode_io_fail(bp);
1267 else if (bp->b_flags & _XBF_DQUOTS)
1268 xfs_buf_dquot_io_fail(bp);
1269 else
1270 ASSERT(list_empty(&bp->b_li_list));
1271 xfs_buf_ioerror(bp, 0);
1272 xfs_buf_relse(bp);
1273 return true;
1274
1275resubmit:
1276 xfs_buf_ioerror(bp, 0);
1277 bp->b_flags |= (XBF_DONE | XBF_WRITE_FAIL);
1278 xfs_buf_submit(bp);
1279 return true;
1280out_stale:
1281 xfs_buf_stale(bp);
1282 bp->b_flags |= XBF_DONE;
1283 bp->b_flags &= ~XBF_WRITE;
1284 trace_xfs_buf_error_relse(bp, _RET_IP_);
1285 return false;
1286}
1287
1288static void
1289xfs_buf_ioend(
1290 struct xfs_buf *bp)
1291{
1292 trace_xfs_buf_iodone(bp, _RET_IP_);
1293
1294 /*
1295 * Pull in IO completion errors now. We are guaranteed to be running
1296 * single threaded, so we don't need the lock to read b_io_error.
1297 */
1298 if (!bp->b_error && bp->b_io_error)
1299 xfs_buf_ioerror(bp, bp->b_io_error);
1300
1301 if (bp->b_flags & XBF_READ) {
1302 if (!bp->b_error && bp->b_ops)
1303 bp->b_ops->verify_read(bp);
1304 if (!bp->b_error)
1305 bp->b_flags |= XBF_DONE;
1306 } else {
1307 if (!bp->b_error) {
1308 bp->b_flags &= ~XBF_WRITE_FAIL;
1309 bp->b_flags |= XBF_DONE;
1310 }
1311
1312 if (unlikely(bp->b_error) && xfs_buf_ioend_handle_error(bp))
1313 return;
1314
1315 /* clear the retry state */
1316 bp->b_last_error = 0;
1317 bp->b_retries = 0;
1318 bp->b_first_retry_time = 0;
1319
1320 /*
1321 * Note that for things like remote attribute buffers, there may
1322 * not be a buffer log item here, so processing the buffer log
1323 * item must remain optional.
1324 */
1325 if (bp->b_log_item)
1326 xfs_buf_item_done(bp);
1327
1328 if (bp->b_flags & _XBF_INODES)
1329 xfs_buf_inode_iodone(bp);
1330 else if (bp->b_flags & _XBF_DQUOTS)
1331 xfs_buf_dquot_iodone(bp);
1332
1333 }
1334
1335 bp->b_flags &= ~(XBF_READ | XBF_WRITE | XBF_READ_AHEAD |
1336 _XBF_LOGRECOVERY);
1337
1338 if (bp->b_flags & XBF_ASYNC)
1339 xfs_buf_relse(bp);
1340 else
1341 complete(&bp->b_iowait);
1342}
1343
1344static void
1345xfs_buf_ioend_work(
1346 struct work_struct *work)
1347{
1348 struct xfs_buf *bp =
1349 container_of(work, struct xfs_buf, b_ioend_work);
1350
1351 xfs_buf_ioend(bp);
1352}
1353
1354static void
1355xfs_buf_ioend_async(
1356 struct xfs_buf *bp)
1357{
1358 INIT_WORK(&bp->b_ioend_work, xfs_buf_ioend_work);
1359 queue_work(bp->b_mount->m_buf_workqueue, &bp->b_ioend_work);
1360}
1361
1362void
1363__xfs_buf_ioerror(
1364 struct xfs_buf *bp,
1365 int error,
1366 xfs_failaddr_t failaddr)
1367{
1368 ASSERT(error <= 0 && error >= -1000);
1369 bp->b_error = error;
1370 trace_xfs_buf_ioerror(bp, error, failaddr);
1371}
1372
1373void
1374xfs_buf_ioerror_alert(
1375 struct xfs_buf *bp,
1376 xfs_failaddr_t func)
1377{
1378 xfs_buf_alert_ratelimited(bp, "XFS: metadata IO error",
1379 "metadata I/O error in \"%pS\" at daddr 0x%llx len %d error %d",
1380 func, (uint64_t)xfs_buf_daddr(bp),
1381 bp->b_length, -bp->b_error);
1382}
1383
1384/*
1385 * To simulate an I/O failure, the buffer must be locked and held with at least
1386 * three references. The LRU reference is dropped by the stale call. The buf
1387 * item reference is dropped via ioend processing. The third reference is owned
1388 * by the caller and is dropped on I/O completion if the buffer is XBF_ASYNC.
1389 */
1390void
1391xfs_buf_ioend_fail(
1392 struct xfs_buf *bp)
1393{
1394 bp->b_flags &= ~XBF_DONE;
1395 xfs_buf_stale(bp);
1396 xfs_buf_ioerror(bp, -EIO);
1397 xfs_buf_ioend(bp);
1398}
1399
1400int
1401xfs_bwrite(
1402 struct xfs_buf *bp)
1403{
1404 int error;
1405
1406 ASSERT(xfs_buf_islocked(bp));
1407
1408 bp->b_flags |= XBF_WRITE;
1409 bp->b_flags &= ~(XBF_ASYNC | XBF_READ | _XBF_DELWRI_Q |
1410 XBF_DONE);
1411
1412 error = xfs_buf_submit(bp);
1413 if (error)
1414 xfs_force_shutdown(bp->b_mount, SHUTDOWN_META_IO_ERROR);
1415 return error;
1416}
1417
1418static void
1419xfs_buf_bio_end_io(
1420 struct bio *bio)
1421{
1422 struct xfs_buf *bp = (struct xfs_buf *)bio->bi_private;
1423
1424 if (!bio->bi_status &&
1425 (bp->b_flags & XBF_WRITE) && (bp->b_flags & XBF_ASYNC) &&
1426 XFS_TEST_ERROR(false, bp->b_mount, XFS_ERRTAG_BUF_IOERROR))
1427 bio->bi_status = BLK_STS_IOERR;
1428
1429 /*
1430 * don't overwrite existing errors - otherwise we can lose errors on
1431 * buffers that require multiple bios to complete.
1432 */
1433 if (bio->bi_status) {
1434 int error = blk_status_to_errno(bio->bi_status);
1435
1436 cmpxchg(&bp->b_io_error, 0, error);
1437 }
1438
1439 if (!bp->b_error && xfs_buf_is_vmapped(bp) && (bp->b_flags & XBF_READ))
1440 invalidate_kernel_vmap_range(bp->b_addr, xfs_buf_vmap_len(bp));
1441
1442 if (atomic_dec_and_test(&bp->b_io_remaining) == 1)
1443 xfs_buf_ioend_async(bp);
1444 bio_put(bio);
1445}
1446
1447static void
1448xfs_buf_ioapply_map(
1449 struct xfs_buf *bp,
1450 int map,
1451 int *buf_offset,
1452 int *count,
1453 blk_opf_t op)
1454{
1455 int page_index;
1456 unsigned int total_nr_pages = bp->b_page_count;
1457 int nr_pages;
1458 struct bio *bio;
1459 sector_t sector = bp->b_maps[map].bm_bn;
1460 int size;
1461 int offset;
1462
1463 /* skip the pages in the buffer before the start offset */
1464 page_index = 0;
1465 offset = *buf_offset;
1466 while (offset >= PAGE_SIZE) {
1467 page_index++;
1468 offset -= PAGE_SIZE;
1469 }
1470
1471 /*
1472 * Limit the IO size to the length of the current vector, and update the
1473 * remaining IO count for the next time around.
1474 */
1475 size = min_t(int, BBTOB(bp->b_maps[map].bm_len), *count);
1476 *count -= size;
1477 *buf_offset += size;
1478
1479next_chunk:
1480 atomic_inc(&bp->b_io_remaining);
1481 nr_pages = bio_max_segs(total_nr_pages);
1482
1483 bio = bio_alloc(bp->b_target->bt_bdev, nr_pages, op, GFP_NOIO);
1484 bio->bi_iter.bi_sector = sector;
1485 bio->bi_end_io = xfs_buf_bio_end_io;
1486 bio->bi_private = bp;
1487
1488 for (; size && nr_pages; nr_pages--, page_index++) {
1489 int rbytes, nbytes = PAGE_SIZE - offset;
1490
1491 if (nbytes > size)
1492 nbytes = size;
1493
1494 rbytes = bio_add_page(bio, bp->b_pages[page_index], nbytes,
1495 offset);
1496 if (rbytes < nbytes)
1497 break;
1498
1499 offset = 0;
1500 sector += BTOBB(nbytes);
1501 size -= nbytes;
1502 total_nr_pages--;
1503 }
1504
1505 if (likely(bio->bi_iter.bi_size)) {
1506 if (xfs_buf_is_vmapped(bp)) {
1507 flush_kernel_vmap_range(bp->b_addr,
1508 xfs_buf_vmap_len(bp));
1509 }
1510 submit_bio(bio);
1511 if (size)
1512 goto next_chunk;
1513 } else {
1514 /*
1515 * This is guaranteed not to be the last io reference count
1516 * because the caller (xfs_buf_submit) holds a count itself.
1517 */
1518 atomic_dec(&bp->b_io_remaining);
1519 xfs_buf_ioerror(bp, -EIO);
1520 bio_put(bio);
1521 }
1522
1523}
1524
1525STATIC void
1526_xfs_buf_ioapply(
1527 struct xfs_buf *bp)
1528{
1529 struct blk_plug plug;
1530 blk_opf_t op;
1531 int offset;
1532 int size;
1533 int i;
1534
1535 /*
1536 * Make sure we capture only current IO errors rather than stale errors
1537 * left over from previous use of the buffer (e.g. failed readahead).
1538 */
1539 bp->b_error = 0;
1540
1541 if (bp->b_flags & XBF_WRITE) {
1542 op = REQ_OP_WRITE;
1543
1544 /*
1545 * Run the write verifier callback function if it exists. If
1546 * this function fails it will mark the buffer with an error and
1547 * the IO should not be dispatched.
1548 */
1549 if (bp->b_ops) {
1550 bp->b_ops->verify_write(bp);
1551 if (bp->b_error) {
1552 xfs_force_shutdown(bp->b_mount,
1553 SHUTDOWN_CORRUPT_INCORE);
1554 return;
1555 }
1556 } else if (bp->b_rhash_key != XFS_BUF_DADDR_NULL) {
1557 struct xfs_mount *mp = bp->b_mount;
1558
1559 /*
1560 * non-crc filesystems don't attach verifiers during
1561 * log recovery, so don't warn for such filesystems.
1562 */
1563 if (xfs_has_crc(mp)) {
1564 xfs_warn(mp,
1565 "%s: no buf ops on daddr 0x%llx len %d",
1566 __func__, xfs_buf_daddr(bp),
1567 bp->b_length);
1568 xfs_hex_dump(bp->b_addr,
1569 XFS_CORRUPTION_DUMP_LEN);
1570 dump_stack();
1571 }
1572 }
1573 } else {
1574 op = REQ_OP_READ;
1575 if (bp->b_flags & XBF_READ_AHEAD)
1576 op |= REQ_RAHEAD;
1577 }
1578
1579 /* we only use the buffer cache for meta-data */
1580 op |= REQ_META;
1581
1582 /*
1583 * Walk all the vectors issuing IO on them. Set up the initial offset
1584 * into the buffer and the desired IO size before we start -
1585 * _xfs_buf_ioapply_vec() will modify them appropriately for each
1586 * subsequent call.
1587 */
1588 offset = bp->b_offset;
1589 size = BBTOB(bp->b_length);
1590 blk_start_plug(&plug);
1591 for (i = 0; i < bp->b_map_count; i++) {
1592 xfs_buf_ioapply_map(bp, i, &offset, &size, op);
1593 if (bp->b_error)
1594 break;
1595 if (size <= 0)
1596 break; /* all done */
1597 }
1598 blk_finish_plug(&plug);
1599}
1600
1601/*
1602 * Wait for I/O completion of a sync buffer and return the I/O error code.
1603 */
1604static int
1605xfs_buf_iowait(
1606 struct xfs_buf *bp)
1607{
1608 ASSERT(!(bp->b_flags & XBF_ASYNC));
1609
1610 trace_xfs_buf_iowait(bp, _RET_IP_);
1611 wait_for_completion(&bp->b_iowait);
1612 trace_xfs_buf_iowait_done(bp, _RET_IP_);
1613
1614 return bp->b_error;
1615}
1616
1617/*
1618 * Buffer I/O submission path, read or write. Asynchronous submission transfers
1619 * the buffer lock ownership and the current reference to the IO. It is not
1620 * safe to reference the buffer after a call to this function unless the caller
1621 * holds an additional reference itself.
1622 */
1623static int
1624__xfs_buf_submit(
1625 struct xfs_buf *bp,
1626 bool wait)
1627{
1628 int error = 0;
1629
1630 trace_xfs_buf_submit(bp, _RET_IP_);
1631
1632 ASSERT(!(bp->b_flags & _XBF_DELWRI_Q));
1633
1634 /*
1635 * On log shutdown we stale and complete the buffer immediately. We can
1636 * be called to read the superblock before the log has been set up, so
1637 * be careful checking the log state.
1638 *
1639 * Checking the mount shutdown state here can result in the log tail
1640 * moving inappropriately on disk as the log may not yet be shut down.
1641 * i.e. failing this buffer on mount shutdown can remove it from the AIL
1642 * and move the tail of the log forwards without having written this
1643 * buffer to disk. This corrupts the log tail state in memory, and
1644 * because the log may not be shut down yet, it can then be propagated
1645 * to disk before the log is shutdown. Hence we check log shutdown
1646 * state here rather than mount state to avoid corrupting the log tail
1647 * on shutdown.
1648 */
1649 if (bp->b_mount->m_log &&
1650 xlog_is_shutdown(bp->b_mount->m_log)) {
1651 xfs_buf_ioend_fail(bp);
1652 return -EIO;
1653 }
1654
1655 /*
1656 * Grab a reference so the buffer does not go away underneath us. For
1657 * async buffers, I/O completion drops the callers reference, which
1658 * could occur before submission returns.
1659 */
1660 xfs_buf_hold(bp);
1661
1662 if (bp->b_flags & XBF_WRITE)
1663 xfs_buf_wait_unpin(bp);
1664
1665 /* clear the internal error state to avoid spurious errors */
1666 bp->b_io_error = 0;
1667
1668 /*
1669 * Set the count to 1 initially, this will stop an I/O completion
1670 * callout which happens before we have started all the I/O from calling
1671 * xfs_buf_ioend too early.
1672 */
1673 atomic_set(&bp->b_io_remaining, 1);
1674 if (bp->b_flags & XBF_ASYNC)
1675 xfs_buf_ioacct_inc(bp);
1676 _xfs_buf_ioapply(bp);
1677
1678 /*
1679 * If _xfs_buf_ioapply failed, we can get back here with only the IO
1680 * reference we took above. If we drop it to zero, run completion so
1681 * that we don't return to the caller with completion still pending.
1682 */
1683 if (atomic_dec_and_test(&bp->b_io_remaining) == 1) {
1684 if (bp->b_error || !(bp->b_flags & XBF_ASYNC))
1685 xfs_buf_ioend(bp);
1686 else
1687 xfs_buf_ioend_async(bp);
1688 }
1689
1690 if (wait)
1691 error = xfs_buf_iowait(bp);
1692
1693 /*
1694 * Release the hold that keeps the buffer referenced for the entire
1695 * I/O. Note that if the buffer is async, it is not safe to reference
1696 * after this release.
1697 */
1698 xfs_buf_rele(bp);
1699 return error;
1700}
1701
1702void *
1703xfs_buf_offset(
1704 struct xfs_buf *bp,
1705 size_t offset)
1706{
1707 struct page *page;
1708
1709 if (bp->b_addr)
1710 return bp->b_addr + offset;
1711
1712 page = bp->b_pages[offset >> PAGE_SHIFT];
1713 return page_address(page) + (offset & (PAGE_SIZE-1));
1714}
1715
1716void
1717xfs_buf_zero(
1718 struct xfs_buf *bp,
1719 size_t boff,
1720 size_t bsize)
1721{
1722 size_t bend;
1723
1724 bend = boff + bsize;
1725 while (boff < bend) {
1726 struct page *page;
1727 int page_index, page_offset, csize;
1728
1729 page_index = (boff + bp->b_offset) >> PAGE_SHIFT;
1730 page_offset = (boff + bp->b_offset) & ~PAGE_MASK;
1731 page = bp->b_pages[page_index];
1732 csize = min_t(size_t, PAGE_SIZE - page_offset,
1733 BBTOB(bp->b_length) - boff);
1734
1735 ASSERT((csize + page_offset) <= PAGE_SIZE);
1736
1737 memset(page_address(page) + page_offset, 0, csize);
1738
1739 boff += csize;
1740 }
1741}
1742
1743/*
1744 * Log a message about and stale a buffer that a caller has decided is corrupt.
1745 *
1746 * This function should be called for the kinds of metadata corruption that
1747 * cannot be detect from a verifier, such as incorrect inter-block relationship
1748 * data. Do /not/ call this function from a verifier function.
1749 *
1750 * The buffer must be XBF_DONE prior to the call. Afterwards, the buffer will
1751 * be marked stale, but b_error will not be set. The caller is responsible for
1752 * releasing the buffer or fixing it.
1753 */
1754void
1755__xfs_buf_mark_corrupt(
1756 struct xfs_buf *bp,
1757 xfs_failaddr_t fa)
1758{
1759 ASSERT(bp->b_flags & XBF_DONE);
1760
1761 xfs_buf_corruption_error(bp, fa);
1762 xfs_buf_stale(bp);
1763}
1764
1765/*
1766 * Handling of buffer targets (buftargs).
1767 */
1768
1769/*
1770 * Wait for any bufs with callbacks that have been submitted but have not yet
1771 * returned. These buffers will have an elevated hold count, so wait on those
1772 * while freeing all the buffers only held by the LRU.
1773 */
1774static enum lru_status
1775xfs_buftarg_drain_rele(
1776 struct list_head *item,
1777 struct list_lru_one *lru,
1778 spinlock_t *lru_lock,
1779 void *arg)
1780
1781{
1782 struct xfs_buf *bp = container_of(item, struct xfs_buf, b_lru);
1783 struct list_head *dispose = arg;
1784
1785 if (atomic_read(&bp->b_hold) > 1) {
1786 /* need to wait, so skip it this pass */
1787 trace_xfs_buf_drain_buftarg(bp, _RET_IP_);
1788 return LRU_SKIP;
1789 }
1790 if (!spin_trylock(&bp->b_lock))
1791 return LRU_SKIP;
1792
1793 /*
1794 * clear the LRU reference count so the buffer doesn't get
1795 * ignored in xfs_buf_rele().
1796 */
1797 atomic_set(&bp->b_lru_ref, 0);
1798 bp->b_state |= XFS_BSTATE_DISPOSE;
1799 list_lru_isolate_move(lru, item, dispose);
1800 spin_unlock(&bp->b_lock);
1801 return LRU_REMOVED;
1802}
1803
1804/*
1805 * Wait for outstanding I/O on the buftarg to complete.
1806 */
1807void
1808xfs_buftarg_wait(
1809 struct xfs_buftarg *btp)
1810{
1811 /*
1812 * First wait on the buftarg I/O count for all in-flight buffers to be
1813 * released. This is critical as new buffers do not make the LRU until
1814 * they are released.
1815 *
1816 * Next, flush the buffer workqueue to ensure all completion processing
1817 * has finished. Just waiting on buffer locks is not sufficient for
1818 * async IO as the reference count held over IO is not released until
1819 * after the buffer lock is dropped. Hence we need to ensure here that
1820 * all reference counts have been dropped before we start walking the
1821 * LRU list.
1822 */
1823 while (percpu_counter_sum(&btp->bt_io_count))
1824 delay(100);
1825 flush_workqueue(btp->bt_mount->m_buf_workqueue);
1826}
1827
1828void
1829xfs_buftarg_drain(
1830 struct xfs_buftarg *btp)
1831{
1832 LIST_HEAD(dispose);
1833 int loop = 0;
1834 bool write_fail = false;
1835
1836 xfs_buftarg_wait(btp);
1837
1838 /* loop until there is nothing left on the lru list. */
1839 while (list_lru_count(&btp->bt_lru)) {
1840 list_lru_walk(&btp->bt_lru, xfs_buftarg_drain_rele,
1841 &dispose, LONG_MAX);
1842
1843 while (!list_empty(&dispose)) {
1844 struct xfs_buf *bp;
1845 bp = list_first_entry(&dispose, struct xfs_buf, b_lru);
1846 list_del_init(&bp->b_lru);
1847 if (bp->b_flags & XBF_WRITE_FAIL) {
1848 write_fail = true;
1849 xfs_buf_alert_ratelimited(bp,
1850 "XFS: Corruption Alert",
1851"Corruption Alert: Buffer at daddr 0x%llx had permanent write failures!",
1852 (long long)xfs_buf_daddr(bp));
1853 }
1854 xfs_buf_rele(bp);
1855 }
1856 if (loop++ != 0)
1857 delay(100);
1858 }
1859
1860 /*
1861 * If one or more failed buffers were freed, that means dirty metadata
1862 * was thrown away. This should only ever happen after I/O completion
1863 * handling has elevated I/O error(s) to permanent failures and shuts
1864 * down the journal.
1865 */
1866 if (write_fail) {
1867 ASSERT(xlog_is_shutdown(btp->bt_mount->m_log));
1868 xfs_alert(btp->bt_mount,
1869 "Please run xfs_repair to determine the extent of the problem.");
1870 }
1871}
1872
1873static enum lru_status
1874xfs_buftarg_isolate(
1875 struct list_head *item,
1876 struct list_lru_one *lru,
1877 spinlock_t *lru_lock,
1878 void *arg)
1879{
1880 struct xfs_buf *bp = container_of(item, struct xfs_buf, b_lru);
1881 struct list_head *dispose = arg;
1882
1883 /*
1884 * we are inverting the lru lock/bp->b_lock here, so use a trylock.
1885 * If we fail to get the lock, just skip it.
1886 */
1887 if (!spin_trylock(&bp->b_lock))
1888 return LRU_SKIP;
1889 /*
1890 * Decrement the b_lru_ref count unless the value is already
1891 * zero. If the value is already zero, we need to reclaim the
1892 * buffer, otherwise it gets another trip through the LRU.
1893 */
1894 if (atomic_add_unless(&bp->b_lru_ref, -1, 0)) {
1895 spin_unlock(&bp->b_lock);
1896 return LRU_ROTATE;
1897 }
1898
1899 bp->b_state |= XFS_BSTATE_DISPOSE;
1900 list_lru_isolate_move(lru, item, dispose);
1901 spin_unlock(&bp->b_lock);
1902 return LRU_REMOVED;
1903}
1904
1905static unsigned long
1906xfs_buftarg_shrink_scan(
1907 struct shrinker *shrink,
1908 struct shrink_control *sc)
1909{
1910 struct xfs_buftarg *btp = container_of(shrink,
1911 struct xfs_buftarg, bt_shrinker);
1912 LIST_HEAD(dispose);
1913 unsigned long freed;
1914
1915 freed = list_lru_shrink_walk(&btp->bt_lru, sc,
1916 xfs_buftarg_isolate, &dispose);
1917
1918 while (!list_empty(&dispose)) {
1919 struct xfs_buf *bp;
1920 bp = list_first_entry(&dispose, struct xfs_buf, b_lru);
1921 list_del_init(&bp->b_lru);
1922 xfs_buf_rele(bp);
1923 }
1924
1925 return freed;
1926}
1927
1928static unsigned long
1929xfs_buftarg_shrink_count(
1930 struct shrinker *shrink,
1931 struct shrink_control *sc)
1932{
1933 struct xfs_buftarg *btp = container_of(shrink,
1934 struct xfs_buftarg, bt_shrinker);
1935 return list_lru_shrink_count(&btp->bt_lru, sc);
1936}
1937
1938void
1939xfs_free_buftarg(
1940 struct xfs_buftarg *btp)
1941{
1942 unregister_shrinker(&btp->bt_shrinker);
1943 ASSERT(percpu_counter_sum(&btp->bt_io_count) == 0);
1944 percpu_counter_destroy(&btp->bt_io_count);
1945 list_lru_destroy(&btp->bt_lru);
1946
1947 blkdev_issue_flush(btp->bt_bdev);
1948 invalidate_bdev(btp->bt_bdev);
1949 fs_put_dax(btp->bt_daxdev, btp->bt_mount);
1950
1951 kmem_free(btp);
1952}
1953
1954int
1955xfs_setsize_buftarg(
1956 xfs_buftarg_t *btp,
1957 unsigned int sectorsize)
1958{
1959 /* Set up metadata sector size info */
1960 btp->bt_meta_sectorsize = sectorsize;
1961 btp->bt_meta_sectormask = sectorsize - 1;
1962
1963 if (set_blocksize(btp->bt_bdev, sectorsize)) {
1964 xfs_warn(btp->bt_mount,
1965 "Cannot set_blocksize to %u on device %pg",
1966 sectorsize, btp->bt_bdev);
1967 return -EINVAL;
1968 }
1969
1970 /* Set up device logical sector size mask */
1971 btp->bt_logical_sectorsize = bdev_logical_block_size(btp->bt_bdev);
1972 btp->bt_logical_sectormask = bdev_logical_block_size(btp->bt_bdev) - 1;
1973
1974 return 0;
1975}
1976
1977/*
1978 * When allocating the initial buffer target we have not yet
1979 * read in the superblock, so don't know what sized sectors
1980 * are being used at this early stage. Play safe.
1981 */
1982STATIC int
1983xfs_setsize_buftarg_early(
1984 xfs_buftarg_t *btp,
1985 struct block_device *bdev)
1986{
1987 return xfs_setsize_buftarg(btp, bdev_logical_block_size(bdev));
1988}
1989
1990struct xfs_buftarg *
1991xfs_alloc_buftarg(
1992 struct xfs_mount *mp,
1993 struct block_device *bdev)
1994{
1995 xfs_buftarg_t *btp;
1996 const struct dax_holder_operations *ops = NULL;
1997
1998#if defined(CONFIG_FS_DAX) && defined(CONFIG_MEMORY_FAILURE)
1999 ops = &xfs_dax_holder_operations;
2000#endif
2001 btp = kmem_zalloc(sizeof(*btp), KM_NOFS);
2002
2003 btp->bt_mount = mp;
2004 btp->bt_dev = bdev->bd_dev;
2005 btp->bt_bdev = bdev;
2006 btp->bt_daxdev = fs_dax_get_by_bdev(bdev, &btp->bt_dax_part_off,
2007 mp, ops);
2008
2009 /*
2010 * Buffer IO error rate limiting. Limit it to no more than 10 messages
2011 * per 30 seconds so as to not spam logs too much on repeated errors.
2012 */
2013 ratelimit_state_init(&btp->bt_ioerror_rl, 30 * HZ,
2014 DEFAULT_RATELIMIT_BURST);
2015
2016 if (xfs_setsize_buftarg_early(btp, bdev))
2017 goto error_free;
2018
2019 if (list_lru_init(&btp->bt_lru))
2020 goto error_free;
2021
2022 if (percpu_counter_init(&btp->bt_io_count, 0, GFP_KERNEL))
2023 goto error_lru;
2024
2025 btp->bt_shrinker.count_objects = xfs_buftarg_shrink_count;
2026 btp->bt_shrinker.scan_objects = xfs_buftarg_shrink_scan;
2027 btp->bt_shrinker.seeks = DEFAULT_SEEKS;
2028 btp->bt_shrinker.flags = SHRINKER_NUMA_AWARE;
2029 if (register_shrinker(&btp->bt_shrinker, "xfs-buf:%s",
2030 mp->m_super->s_id))
2031 goto error_pcpu;
2032 return btp;
2033
2034error_pcpu:
2035 percpu_counter_destroy(&btp->bt_io_count);
2036error_lru:
2037 list_lru_destroy(&btp->bt_lru);
2038error_free:
2039 kmem_free(btp);
2040 return NULL;
2041}
2042
2043/*
2044 * Cancel a delayed write list.
2045 *
2046 * Remove each buffer from the list, clear the delwri queue flag and drop the
2047 * associated buffer reference.
2048 */
2049void
2050xfs_buf_delwri_cancel(
2051 struct list_head *list)
2052{
2053 struct xfs_buf *bp;
2054
2055 while (!list_empty(list)) {
2056 bp = list_first_entry(list, struct xfs_buf, b_list);
2057
2058 xfs_buf_lock(bp);
2059 bp->b_flags &= ~_XBF_DELWRI_Q;
2060 list_del_init(&bp->b_list);
2061 xfs_buf_relse(bp);
2062 }
2063}
2064
2065/*
2066 * Add a buffer to the delayed write list.
2067 *
2068 * This queues a buffer for writeout if it hasn't already been. Note that
2069 * neither this routine nor the buffer list submission functions perform
2070 * any internal synchronization. It is expected that the lists are thread-local
2071 * to the callers.
2072 *
2073 * Returns true if we queued up the buffer, or false if it already had
2074 * been on the buffer list.
2075 */
2076bool
2077xfs_buf_delwri_queue(
2078 struct xfs_buf *bp,
2079 struct list_head *list)
2080{
2081 ASSERT(xfs_buf_islocked(bp));
2082 ASSERT(!(bp->b_flags & XBF_READ));
2083
2084 /*
2085 * If the buffer is already marked delwri it already is queued up
2086 * by someone else for imediate writeout. Just ignore it in that
2087 * case.
2088 */
2089 if (bp->b_flags & _XBF_DELWRI_Q) {
2090 trace_xfs_buf_delwri_queued(bp, _RET_IP_);
2091 return false;
2092 }
2093
2094 trace_xfs_buf_delwri_queue(bp, _RET_IP_);
2095
2096 /*
2097 * If a buffer gets written out synchronously or marked stale while it
2098 * is on a delwri list we lazily remove it. To do this, the other party
2099 * clears the _XBF_DELWRI_Q flag but otherwise leaves the buffer alone.
2100 * It remains referenced and on the list. In a rare corner case it
2101 * might get readded to a delwri list after the synchronous writeout, in
2102 * which case we need just need to re-add the flag here.
2103 */
2104 bp->b_flags |= _XBF_DELWRI_Q;
2105 if (list_empty(&bp->b_list)) {
2106 atomic_inc(&bp->b_hold);
2107 list_add_tail(&bp->b_list, list);
2108 }
2109
2110 return true;
2111}
2112
2113/*
2114 * Compare function is more complex than it needs to be because
2115 * the return value is only 32 bits and we are doing comparisons
2116 * on 64 bit values
2117 */
2118static int
2119xfs_buf_cmp(
2120 void *priv,
2121 const struct list_head *a,
2122 const struct list_head *b)
2123{
2124 struct xfs_buf *ap = container_of(a, struct xfs_buf, b_list);
2125 struct xfs_buf *bp = container_of(b, struct xfs_buf, b_list);
2126 xfs_daddr_t diff;
2127
2128 diff = ap->b_maps[0].bm_bn - bp->b_maps[0].bm_bn;
2129 if (diff < 0)
2130 return -1;
2131 if (diff > 0)
2132 return 1;
2133 return 0;
2134}
2135
2136/*
2137 * Submit buffers for write. If wait_list is specified, the buffers are
2138 * submitted using sync I/O and placed on the wait list such that the caller can
2139 * iowait each buffer. Otherwise async I/O is used and the buffers are released
2140 * at I/O completion time. In either case, buffers remain locked until I/O
2141 * completes and the buffer is released from the queue.
2142 */
2143static int
2144xfs_buf_delwri_submit_buffers(
2145 struct list_head *buffer_list,
2146 struct list_head *wait_list)
2147{
2148 struct xfs_buf *bp, *n;
2149 int pinned = 0;
2150 struct blk_plug plug;
2151
2152 list_sort(NULL, buffer_list, xfs_buf_cmp);
2153
2154 blk_start_plug(&plug);
2155 list_for_each_entry_safe(bp, n, buffer_list, b_list) {
2156 if (!wait_list) {
2157 if (!xfs_buf_trylock(bp))
2158 continue;
2159 if (xfs_buf_ispinned(bp)) {
2160 xfs_buf_unlock(bp);
2161 pinned++;
2162 continue;
2163 }
2164 } else {
2165 xfs_buf_lock(bp);
2166 }
2167
2168 /*
2169 * Someone else might have written the buffer synchronously or
2170 * marked it stale in the meantime. In that case only the
2171 * _XBF_DELWRI_Q flag got cleared, and we have to drop the
2172 * reference and remove it from the list here.
2173 */
2174 if (!(bp->b_flags & _XBF_DELWRI_Q)) {
2175 list_del_init(&bp->b_list);
2176 xfs_buf_relse(bp);
2177 continue;
2178 }
2179
2180 trace_xfs_buf_delwri_split(bp, _RET_IP_);
2181
2182 /*
2183 * If we have a wait list, each buffer (and associated delwri
2184 * queue reference) transfers to it and is submitted
2185 * synchronously. Otherwise, drop the buffer from the delwri
2186 * queue and submit async.
2187 */
2188 bp->b_flags &= ~_XBF_DELWRI_Q;
2189 bp->b_flags |= XBF_WRITE;
2190 if (wait_list) {
2191 bp->b_flags &= ~XBF_ASYNC;
2192 list_move_tail(&bp->b_list, wait_list);
2193 } else {
2194 bp->b_flags |= XBF_ASYNC;
2195 list_del_init(&bp->b_list);
2196 }
2197 __xfs_buf_submit(bp, false);
2198 }
2199 blk_finish_plug(&plug);
2200
2201 return pinned;
2202}
2203
2204/*
2205 * Write out a buffer list asynchronously.
2206 *
2207 * This will take the @buffer_list, write all non-locked and non-pinned buffers
2208 * out and not wait for I/O completion on any of the buffers. This interface
2209 * is only safely useable for callers that can track I/O completion by higher
2210 * level means, e.g. AIL pushing as the @buffer_list is consumed in this
2211 * function.
2212 *
2213 * Note: this function will skip buffers it would block on, and in doing so
2214 * leaves them on @buffer_list so they can be retried on a later pass. As such,
2215 * it is up to the caller to ensure that the buffer list is fully submitted or
2216 * cancelled appropriately when they are finished with the list. Failure to
2217 * cancel or resubmit the list until it is empty will result in leaked buffers
2218 * at unmount time.
2219 */
2220int
2221xfs_buf_delwri_submit_nowait(
2222 struct list_head *buffer_list)
2223{
2224 return xfs_buf_delwri_submit_buffers(buffer_list, NULL);
2225}
2226
2227/*
2228 * Write out a buffer list synchronously.
2229 *
2230 * This will take the @buffer_list, write all buffers out and wait for I/O
2231 * completion on all of the buffers. @buffer_list is consumed by the function,
2232 * so callers must have some other way of tracking buffers if they require such
2233 * functionality.
2234 */
2235int
2236xfs_buf_delwri_submit(
2237 struct list_head *buffer_list)
2238{
2239 LIST_HEAD (wait_list);
2240 int error = 0, error2;
2241 struct xfs_buf *bp;
2242
2243 xfs_buf_delwri_submit_buffers(buffer_list, &wait_list);
2244
2245 /* Wait for IO to complete. */
2246 while (!list_empty(&wait_list)) {
2247 bp = list_first_entry(&wait_list, struct xfs_buf, b_list);
2248
2249 list_del_init(&bp->b_list);
2250
2251 /*
2252 * Wait on the locked buffer, check for errors and unlock and
2253 * release the delwri queue reference.
2254 */
2255 error2 = xfs_buf_iowait(bp);
2256 xfs_buf_relse(bp);
2257 if (!error)
2258 error = error2;
2259 }
2260
2261 return error;
2262}
2263
2264/*
2265 * Push a single buffer on a delwri queue.
2266 *
2267 * The purpose of this function is to submit a single buffer of a delwri queue
2268 * and return with the buffer still on the original queue. The waiting delwri
2269 * buffer submission infrastructure guarantees transfer of the delwri queue
2270 * buffer reference to a temporary wait list. We reuse this infrastructure to
2271 * transfer the buffer back to the original queue.
2272 *
2273 * Note the buffer transitions from the queued state, to the submitted and wait
2274 * listed state and back to the queued state during this call. The buffer
2275 * locking and queue management logic between _delwri_pushbuf() and
2276 * _delwri_queue() guarantee that the buffer cannot be queued to another list
2277 * before returning.
2278 */
2279int
2280xfs_buf_delwri_pushbuf(
2281 struct xfs_buf *bp,
2282 struct list_head *buffer_list)
2283{
2284 LIST_HEAD (submit_list);
2285 int error;
2286
2287 ASSERT(bp->b_flags & _XBF_DELWRI_Q);
2288
2289 trace_xfs_buf_delwri_pushbuf(bp, _RET_IP_);
2290
2291 /*
2292 * Isolate the buffer to a new local list so we can submit it for I/O
2293 * independently from the rest of the original list.
2294 */
2295 xfs_buf_lock(bp);
2296 list_move(&bp->b_list, &submit_list);
2297 xfs_buf_unlock(bp);
2298
2299 /*
2300 * Delwri submission clears the DELWRI_Q buffer flag and returns with
2301 * the buffer on the wait list with the original reference. Rather than
2302 * bounce the buffer from a local wait list back to the original list
2303 * after I/O completion, reuse the original list as the wait list.
2304 */
2305 xfs_buf_delwri_submit_buffers(&submit_list, buffer_list);
2306
2307 /*
2308 * The buffer is now locked, under I/O and wait listed on the original
2309 * delwri queue. Wait for I/O completion, restore the DELWRI_Q flag and
2310 * return with the buffer unlocked and on the original queue.
2311 */
2312 error = xfs_buf_iowait(bp);
2313 bp->b_flags |= _XBF_DELWRI_Q;
2314 xfs_buf_unlock(bp);
2315
2316 return error;
2317}
2318
2319void xfs_buf_set_ref(struct xfs_buf *bp, int lru_ref)
2320{
2321 /*
2322 * Set the lru reference count to 0 based on the error injection tag.
2323 * This allows userspace to disrupt buffer caching for debug/testing
2324 * purposes.
2325 */
2326 if (XFS_TEST_ERROR(false, bp->b_mount, XFS_ERRTAG_BUF_LRU_REF))
2327 lru_ref = 0;
2328
2329 atomic_set(&bp->b_lru_ref, lru_ref);
2330}
2331
2332/*
2333 * Verify an on-disk magic value against the magic value specified in the
2334 * verifier structure. The verifier magic is in disk byte order so the caller is
2335 * expected to pass the value directly from disk.
2336 */
2337bool
2338xfs_verify_magic(
2339 struct xfs_buf *bp,
2340 __be32 dmagic)
2341{
2342 struct xfs_mount *mp = bp->b_mount;
2343 int idx;
2344
2345 idx = xfs_has_crc(mp);
2346 if (WARN_ON(!bp->b_ops || !bp->b_ops->magic[idx]))
2347 return false;
2348 return dmagic == bp->b_ops->magic[idx];
2349}
2350/*
2351 * Verify an on-disk magic value against the magic value specified in the
2352 * verifier structure. The verifier magic is in disk byte order so the caller is
2353 * expected to pass the value directly from disk.
2354 */
2355bool
2356xfs_verify_magic16(
2357 struct xfs_buf *bp,
2358 __be16 dmagic)
2359{
2360 struct xfs_mount *mp = bp->b_mount;
2361 int idx;
2362
2363 idx = xfs_has_crc(mp);
2364 if (WARN_ON(!bp->b_ops || !bp->b_ops->magic16[idx]))
2365 return false;
2366 return dmagic == bp->b_ops->magic16[idx];
2367}