Loading...
1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * linux/fs/buffer.c
4 *
5 * Copyright (C) 1991, 1992, 2002 Linus Torvalds
6 */
7
8/*
9 * Start bdflush() with kernel_thread not syscall - Paul Gortmaker, 12/95
10 *
11 * Removed a lot of unnecessary code and simplified things now that
12 * the buffer cache isn't our primary cache - Andrew Tridgell 12/96
13 *
14 * Speed up hash, lru, and free list operations. Use gfp() for allocating
15 * hash table, use SLAB cache for buffer heads. SMP threading. -DaveM
16 *
17 * Added 32k buffer block sizes - these are required older ARM systems. - RMK
18 *
19 * async buffer flushing, 1999 Andrea Arcangeli <andrea@suse.de>
20 */
21
22#include <linux/kernel.h>
23#include <linux/sched/signal.h>
24#include <linux/syscalls.h>
25#include <linux/fs.h>
26#include <linux/iomap.h>
27#include <linux/mm.h>
28#include <linux/percpu.h>
29#include <linux/slab.h>
30#include <linux/capability.h>
31#include <linux/blkdev.h>
32#include <linux/file.h>
33#include <linux/quotaops.h>
34#include <linux/highmem.h>
35#include <linux/export.h>
36#include <linux/backing-dev.h>
37#include <linux/writeback.h>
38#include <linux/hash.h>
39#include <linux/suspend.h>
40#include <linux/buffer_head.h>
41#include <linux/task_io_accounting_ops.h>
42#include <linux/bio.h>
43#include <linux/cpu.h>
44#include <linux/bitops.h>
45#include <linux/mpage.h>
46#include <linux/bit_spinlock.h>
47#include <linux/pagevec.h>
48#include <linux/sched/mm.h>
49#include <trace/events/block.h>
50#include <linux/fscrypt.h>
51#include <linux/fsverity.h>
52#include <linux/sched/isolation.h>
53
54#include "internal.h"
55
56static int fsync_buffers_list(spinlock_t *lock, struct list_head *list);
57static void submit_bh_wbc(blk_opf_t opf, struct buffer_head *bh,
58 enum rw_hint hint, struct writeback_control *wbc);
59
60#define BH_ENTRY(list) list_entry((list), struct buffer_head, b_assoc_buffers)
61
62inline void touch_buffer(struct buffer_head *bh)
63{
64 trace_block_touch_buffer(bh);
65 folio_mark_accessed(bh->b_folio);
66}
67EXPORT_SYMBOL(touch_buffer);
68
69void __lock_buffer(struct buffer_head *bh)
70{
71 wait_on_bit_lock_io(&bh->b_state, BH_Lock, TASK_UNINTERRUPTIBLE);
72}
73EXPORT_SYMBOL(__lock_buffer);
74
75void unlock_buffer(struct buffer_head *bh)
76{
77 clear_bit_unlock(BH_Lock, &bh->b_state);
78 smp_mb__after_atomic();
79 wake_up_bit(&bh->b_state, BH_Lock);
80}
81EXPORT_SYMBOL(unlock_buffer);
82
83/*
84 * Returns if the folio has dirty or writeback buffers. If all the buffers
85 * are unlocked and clean then the folio_test_dirty information is stale. If
86 * any of the buffers are locked, it is assumed they are locked for IO.
87 */
88void buffer_check_dirty_writeback(struct folio *folio,
89 bool *dirty, bool *writeback)
90{
91 struct buffer_head *head, *bh;
92 *dirty = false;
93 *writeback = false;
94
95 BUG_ON(!folio_test_locked(folio));
96
97 head = folio_buffers(folio);
98 if (!head)
99 return;
100
101 if (folio_test_writeback(folio))
102 *writeback = true;
103
104 bh = head;
105 do {
106 if (buffer_locked(bh))
107 *writeback = true;
108
109 if (buffer_dirty(bh))
110 *dirty = true;
111
112 bh = bh->b_this_page;
113 } while (bh != head);
114}
115
116/*
117 * Block until a buffer comes unlocked. This doesn't stop it
118 * from becoming locked again - you have to lock it yourself
119 * if you want to preserve its state.
120 */
121void __wait_on_buffer(struct buffer_head * bh)
122{
123 wait_on_bit_io(&bh->b_state, BH_Lock, TASK_UNINTERRUPTIBLE);
124}
125EXPORT_SYMBOL(__wait_on_buffer);
126
127static void buffer_io_error(struct buffer_head *bh, char *msg)
128{
129 if (!test_bit(BH_Quiet, &bh->b_state))
130 printk_ratelimited(KERN_ERR
131 "Buffer I/O error on dev %pg, logical block %llu%s\n",
132 bh->b_bdev, (unsigned long long)bh->b_blocknr, msg);
133}
134
135/*
136 * End-of-IO handler helper function which does not touch the bh after
137 * unlocking it.
138 * Note: unlock_buffer() sort-of does touch the bh after unlocking it, but
139 * a race there is benign: unlock_buffer() only use the bh's address for
140 * hashing after unlocking the buffer, so it doesn't actually touch the bh
141 * itself.
142 */
143static void __end_buffer_read_notouch(struct buffer_head *bh, int uptodate)
144{
145 if (uptodate) {
146 set_buffer_uptodate(bh);
147 } else {
148 /* This happens, due to failed read-ahead attempts. */
149 clear_buffer_uptodate(bh);
150 }
151 unlock_buffer(bh);
152}
153
154/*
155 * Default synchronous end-of-IO handler.. Just mark it up-to-date and
156 * unlock the buffer.
157 */
158void end_buffer_read_sync(struct buffer_head *bh, int uptodate)
159{
160 __end_buffer_read_notouch(bh, uptodate);
161 put_bh(bh);
162}
163EXPORT_SYMBOL(end_buffer_read_sync);
164
165void end_buffer_write_sync(struct buffer_head *bh, int uptodate)
166{
167 if (uptodate) {
168 set_buffer_uptodate(bh);
169 } else {
170 buffer_io_error(bh, ", lost sync page write");
171 mark_buffer_write_io_error(bh);
172 clear_buffer_uptodate(bh);
173 }
174 unlock_buffer(bh);
175 put_bh(bh);
176}
177EXPORT_SYMBOL(end_buffer_write_sync);
178
179/*
180 * Various filesystems appear to want __find_get_block to be non-blocking.
181 * But it's the page lock which protects the buffers. To get around this,
182 * we get exclusion from try_to_free_buffers with the blockdev mapping's
183 * i_private_lock.
184 *
185 * Hack idea: for the blockdev mapping, i_private_lock contention
186 * may be quite high. This code could TryLock the page, and if that
187 * succeeds, there is no need to take i_private_lock.
188 */
189static struct buffer_head *
190__find_get_block_slow(struct block_device *bdev, sector_t block)
191{
192 struct inode *bd_inode = bdev->bd_inode;
193 struct address_space *bd_mapping = bd_inode->i_mapping;
194 struct buffer_head *ret = NULL;
195 pgoff_t index;
196 struct buffer_head *bh;
197 struct buffer_head *head;
198 struct folio *folio;
199 int all_mapped = 1;
200 static DEFINE_RATELIMIT_STATE(last_warned, HZ, 1);
201
202 index = ((loff_t)block << bd_inode->i_blkbits) / PAGE_SIZE;
203 folio = __filemap_get_folio(bd_mapping, index, FGP_ACCESSED, 0);
204 if (IS_ERR(folio))
205 goto out;
206
207 spin_lock(&bd_mapping->i_private_lock);
208 head = folio_buffers(folio);
209 if (!head)
210 goto out_unlock;
211 bh = head;
212 do {
213 if (!buffer_mapped(bh))
214 all_mapped = 0;
215 else if (bh->b_blocknr == block) {
216 ret = bh;
217 get_bh(bh);
218 goto out_unlock;
219 }
220 bh = bh->b_this_page;
221 } while (bh != head);
222
223 /* we might be here because some of the buffers on this page are
224 * not mapped. This is due to various races between
225 * file io on the block device and getblk. It gets dealt with
226 * elsewhere, don't buffer_error if we had some unmapped buffers
227 */
228 ratelimit_set_flags(&last_warned, RATELIMIT_MSG_ON_RELEASE);
229 if (all_mapped && __ratelimit(&last_warned)) {
230 printk("__find_get_block_slow() failed. block=%llu, "
231 "b_blocknr=%llu, b_state=0x%08lx, b_size=%zu, "
232 "device %pg blocksize: %d\n",
233 (unsigned long long)block,
234 (unsigned long long)bh->b_blocknr,
235 bh->b_state, bh->b_size, bdev,
236 1 << bd_inode->i_blkbits);
237 }
238out_unlock:
239 spin_unlock(&bd_mapping->i_private_lock);
240 folio_put(folio);
241out:
242 return ret;
243}
244
245static void end_buffer_async_read(struct buffer_head *bh, int uptodate)
246{
247 unsigned long flags;
248 struct buffer_head *first;
249 struct buffer_head *tmp;
250 struct folio *folio;
251 int folio_uptodate = 1;
252
253 BUG_ON(!buffer_async_read(bh));
254
255 folio = bh->b_folio;
256 if (uptodate) {
257 set_buffer_uptodate(bh);
258 } else {
259 clear_buffer_uptodate(bh);
260 buffer_io_error(bh, ", async page read");
261 folio_set_error(folio);
262 }
263
264 /*
265 * Be _very_ careful from here on. Bad things can happen if
266 * two buffer heads end IO at almost the same time and both
267 * decide that the page is now completely done.
268 */
269 first = folio_buffers(folio);
270 spin_lock_irqsave(&first->b_uptodate_lock, flags);
271 clear_buffer_async_read(bh);
272 unlock_buffer(bh);
273 tmp = bh;
274 do {
275 if (!buffer_uptodate(tmp))
276 folio_uptodate = 0;
277 if (buffer_async_read(tmp)) {
278 BUG_ON(!buffer_locked(tmp));
279 goto still_busy;
280 }
281 tmp = tmp->b_this_page;
282 } while (tmp != bh);
283 spin_unlock_irqrestore(&first->b_uptodate_lock, flags);
284
285 folio_end_read(folio, folio_uptodate);
286 return;
287
288still_busy:
289 spin_unlock_irqrestore(&first->b_uptodate_lock, flags);
290 return;
291}
292
293struct postprocess_bh_ctx {
294 struct work_struct work;
295 struct buffer_head *bh;
296};
297
298static void verify_bh(struct work_struct *work)
299{
300 struct postprocess_bh_ctx *ctx =
301 container_of(work, struct postprocess_bh_ctx, work);
302 struct buffer_head *bh = ctx->bh;
303 bool valid;
304
305 valid = fsverity_verify_blocks(bh->b_folio, bh->b_size, bh_offset(bh));
306 end_buffer_async_read(bh, valid);
307 kfree(ctx);
308}
309
310static bool need_fsverity(struct buffer_head *bh)
311{
312 struct folio *folio = bh->b_folio;
313 struct inode *inode = folio->mapping->host;
314
315 return fsverity_active(inode) &&
316 /* needed by ext4 */
317 folio->index < DIV_ROUND_UP(inode->i_size, PAGE_SIZE);
318}
319
320static void decrypt_bh(struct work_struct *work)
321{
322 struct postprocess_bh_ctx *ctx =
323 container_of(work, struct postprocess_bh_ctx, work);
324 struct buffer_head *bh = ctx->bh;
325 int err;
326
327 err = fscrypt_decrypt_pagecache_blocks(bh->b_folio, bh->b_size,
328 bh_offset(bh));
329 if (err == 0 && need_fsverity(bh)) {
330 /*
331 * We use different work queues for decryption and for verity
332 * because verity may require reading metadata pages that need
333 * decryption, and we shouldn't recurse to the same workqueue.
334 */
335 INIT_WORK(&ctx->work, verify_bh);
336 fsverity_enqueue_verify_work(&ctx->work);
337 return;
338 }
339 end_buffer_async_read(bh, err == 0);
340 kfree(ctx);
341}
342
343/*
344 * I/O completion handler for block_read_full_folio() - pages
345 * which come unlocked at the end of I/O.
346 */
347static void end_buffer_async_read_io(struct buffer_head *bh, int uptodate)
348{
349 struct inode *inode = bh->b_folio->mapping->host;
350 bool decrypt = fscrypt_inode_uses_fs_layer_crypto(inode);
351 bool verify = need_fsverity(bh);
352
353 /* Decrypt (with fscrypt) and/or verify (with fsverity) if needed. */
354 if (uptodate && (decrypt || verify)) {
355 struct postprocess_bh_ctx *ctx =
356 kmalloc(sizeof(*ctx), GFP_ATOMIC);
357
358 if (ctx) {
359 ctx->bh = bh;
360 if (decrypt) {
361 INIT_WORK(&ctx->work, decrypt_bh);
362 fscrypt_enqueue_decrypt_work(&ctx->work);
363 } else {
364 INIT_WORK(&ctx->work, verify_bh);
365 fsverity_enqueue_verify_work(&ctx->work);
366 }
367 return;
368 }
369 uptodate = 0;
370 }
371 end_buffer_async_read(bh, uptodate);
372}
373
374/*
375 * Completion handler for block_write_full_folio() - folios which are unlocked
376 * during I/O, and which have the writeback flag cleared upon I/O completion.
377 */
378static void end_buffer_async_write(struct buffer_head *bh, int uptodate)
379{
380 unsigned long flags;
381 struct buffer_head *first;
382 struct buffer_head *tmp;
383 struct folio *folio;
384
385 BUG_ON(!buffer_async_write(bh));
386
387 folio = bh->b_folio;
388 if (uptodate) {
389 set_buffer_uptodate(bh);
390 } else {
391 buffer_io_error(bh, ", lost async page write");
392 mark_buffer_write_io_error(bh);
393 clear_buffer_uptodate(bh);
394 folio_set_error(folio);
395 }
396
397 first = folio_buffers(folio);
398 spin_lock_irqsave(&first->b_uptodate_lock, flags);
399
400 clear_buffer_async_write(bh);
401 unlock_buffer(bh);
402 tmp = bh->b_this_page;
403 while (tmp != bh) {
404 if (buffer_async_write(tmp)) {
405 BUG_ON(!buffer_locked(tmp));
406 goto still_busy;
407 }
408 tmp = tmp->b_this_page;
409 }
410 spin_unlock_irqrestore(&first->b_uptodate_lock, flags);
411 folio_end_writeback(folio);
412 return;
413
414still_busy:
415 spin_unlock_irqrestore(&first->b_uptodate_lock, flags);
416 return;
417}
418
419/*
420 * If a page's buffers are under async readin (end_buffer_async_read
421 * completion) then there is a possibility that another thread of
422 * control could lock one of the buffers after it has completed
423 * but while some of the other buffers have not completed. This
424 * locked buffer would confuse end_buffer_async_read() into not unlocking
425 * the page. So the absence of BH_Async_Read tells end_buffer_async_read()
426 * that this buffer is not under async I/O.
427 *
428 * The page comes unlocked when it has no locked buffer_async buffers
429 * left.
430 *
431 * PageLocked prevents anyone starting new async I/O reads any of
432 * the buffers.
433 *
434 * PageWriteback is used to prevent simultaneous writeout of the same
435 * page.
436 *
437 * PageLocked prevents anyone from starting writeback of a page which is
438 * under read I/O (PageWriteback is only ever set against a locked page).
439 */
440static void mark_buffer_async_read(struct buffer_head *bh)
441{
442 bh->b_end_io = end_buffer_async_read_io;
443 set_buffer_async_read(bh);
444}
445
446static void mark_buffer_async_write_endio(struct buffer_head *bh,
447 bh_end_io_t *handler)
448{
449 bh->b_end_io = handler;
450 set_buffer_async_write(bh);
451}
452
453void mark_buffer_async_write(struct buffer_head *bh)
454{
455 mark_buffer_async_write_endio(bh, end_buffer_async_write);
456}
457EXPORT_SYMBOL(mark_buffer_async_write);
458
459
460/*
461 * fs/buffer.c contains helper functions for buffer-backed address space's
462 * fsync functions. A common requirement for buffer-based filesystems is
463 * that certain data from the backing blockdev needs to be written out for
464 * a successful fsync(). For example, ext2 indirect blocks need to be
465 * written back and waited upon before fsync() returns.
466 *
467 * The functions mark_buffer_dirty_inode(), fsync_inode_buffers(),
468 * inode_has_buffers() and invalidate_inode_buffers() are provided for the
469 * management of a list of dependent buffers at ->i_mapping->i_private_list.
470 *
471 * Locking is a little subtle: try_to_free_buffers() will remove buffers
472 * from their controlling inode's queue when they are being freed. But
473 * try_to_free_buffers() will be operating against the *blockdev* mapping
474 * at the time, not against the S_ISREG file which depends on those buffers.
475 * So the locking for i_private_list is via the i_private_lock in the address_space
476 * which backs the buffers. Which is different from the address_space
477 * against which the buffers are listed. So for a particular address_space,
478 * mapping->i_private_lock does *not* protect mapping->i_private_list! In fact,
479 * mapping->i_private_list will always be protected by the backing blockdev's
480 * ->i_private_lock.
481 *
482 * Which introduces a requirement: all buffers on an address_space's
483 * ->i_private_list must be from the same address_space: the blockdev's.
484 *
485 * address_spaces which do not place buffers at ->i_private_list via these
486 * utility functions are free to use i_private_lock and i_private_list for
487 * whatever they want. The only requirement is that list_empty(i_private_list)
488 * be true at clear_inode() time.
489 *
490 * FIXME: clear_inode should not call invalidate_inode_buffers(). The
491 * filesystems should do that. invalidate_inode_buffers() should just go
492 * BUG_ON(!list_empty).
493 *
494 * FIXME: mark_buffer_dirty_inode() is a data-plane operation. It should
495 * take an address_space, not an inode. And it should be called
496 * mark_buffer_dirty_fsync() to clearly define why those buffers are being
497 * queued up.
498 *
499 * FIXME: mark_buffer_dirty_inode() doesn't need to add the buffer to the
500 * list if it is already on a list. Because if the buffer is on a list,
501 * it *must* already be on the right one. If not, the filesystem is being
502 * silly. This will save a ton of locking. But first we have to ensure
503 * that buffers are taken *off* the old inode's list when they are freed
504 * (presumably in truncate). That requires careful auditing of all
505 * filesystems (do it inside bforget()). It could also be done by bringing
506 * b_inode back.
507 */
508
509/*
510 * The buffer's backing address_space's i_private_lock must be held
511 */
512static void __remove_assoc_queue(struct buffer_head *bh)
513{
514 list_del_init(&bh->b_assoc_buffers);
515 WARN_ON(!bh->b_assoc_map);
516 bh->b_assoc_map = NULL;
517}
518
519int inode_has_buffers(struct inode *inode)
520{
521 return !list_empty(&inode->i_data.i_private_list);
522}
523
524/*
525 * osync is designed to support O_SYNC io. It waits synchronously for
526 * all already-submitted IO to complete, but does not queue any new
527 * writes to the disk.
528 *
529 * To do O_SYNC writes, just queue the buffer writes with write_dirty_buffer
530 * as you dirty the buffers, and then use osync_inode_buffers to wait for
531 * completion. Any other dirty buffers which are not yet queued for
532 * write will not be flushed to disk by the osync.
533 */
534static int osync_buffers_list(spinlock_t *lock, struct list_head *list)
535{
536 struct buffer_head *bh;
537 struct list_head *p;
538 int err = 0;
539
540 spin_lock(lock);
541repeat:
542 list_for_each_prev(p, list) {
543 bh = BH_ENTRY(p);
544 if (buffer_locked(bh)) {
545 get_bh(bh);
546 spin_unlock(lock);
547 wait_on_buffer(bh);
548 if (!buffer_uptodate(bh))
549 err = -EIO;
550 brelse(bh);
551 spin_lock(lock);
552 goto repeat;
553 }
554 }
555 spin_unlock(lock);
556 return err;
557}
558
559/**
560 * sync_mapping_buffers - write out & wait upon a mapping's "associated" buffers
561 * @mapping: the mapping which wants those buffers written
562 *
563 * Starts I/O against the buffers at mapping->i_private_list, and waits upon
564 * that I/O.
565 *
566 * Basically, this is a convenience function for fsync().
567 * @mapping is a file or directory which needs those buffers to be written for
568 * a successful fsync().
569 */
570int sync_mapping_buffers(struct address_space *mapping)
571{
572 struct address_space *buffer_mapping = mapping->i_private_data;
573
574 if (buffer_mapping == NULL || list_empty(&mapping->i_private_list))
575 return 0;
576
577 return fsync_buffers_list(&buffer_mapping->i_private_lock,
578 &mapping->i_private_list);
579}
580EXPORT_SYMBOL(sync_mapping_buffers);
581
582/**
583 * generic_buffers_fsync_noflush - generic buffer fsync implementation
584 * for simple filesystems with no inode lock
585 *
586 * @file: file to synchronize
587 * @start: start offset in bytes
588 * @end: end offset in bytes (inclusive)
589 * @datasync: only synchronize essential metadata if true
590 *
591 * This is a generic implementation of the fsync method for simple
592 * filesystems which track all non-inode metadata in the buffers list
593 * hanging off the address_space structure.
594 */
595int generic_buffers_fsync_noflush(struct file *file, loff_t start, loff_t end,
596 bool datasync)
597{
598 struct inode *inode = file->f_mapping->host;
599 int err;
600 int ret;
601
602 err = file_write_and_wait_range(file, start, end);
603 if (err)
604 return err;
605
606 ret = sync_mapping_buffers(inode->i_mapping);
607 if (!(inode->i_state & I_DIRTY_ALL))
608 goto out;
609 if (datasync && !(inode->i_state & I_DIRTY_DATASYNC))
610 goto out;
611
612 err = sync_inode_metadata(inode, 1);
613 if (ret == 0)
614 ret = err;
615
616out:
617 /* check and advance again to catch errors after syncing out buffers */
618 err = file_check_and_advance_wb_err(file);
619 if (ret == 0)
620 ret = err;
621 return ret;
622}
623EXPORT_SYMBOL(generic_buffers_fsync_noflush);
624
625/**
626 * generic_buffers_fsync - generic buffer fsync implementation
627 * for simple filesystems with no inode lock
628 *
629 * @file: file to synchronize
630 * @start: start offset in bytes
631 * @end: end offset in bytes (inclusive)
632 * @datasync: only synchronize essential metadata if true
633 *
634 * This is a generic implementation of the fsync method for simple
635 * filesystems which track all non-inode metadata in the buffers list
636 * hanging off the address_space structure. This also makes sure that
637 * a device cache flush operation is called at the end.
638 */
639int generic_buffers_fsync(struct file *file, loff_t start, loff_t end,
640 bool datasync)
641{
642 struct inode *inode = file->f_mapping->host;
643 int ret;
644
645 ret = generic_buffers_fsync_noflush(file, start, end, datasync);
646 if (!ret)
647 ret = blkdev_issue_flush(inode->i_sb->s_bdev);
648 return ret;
649}
650EXPORT_SYMBOL(generic_buffers_fsync);
651
652/*
653 * Called when we've recently written block `bblock', and it is known that
654 * `bblock' was for a buffer_boundary() buffer. This means that the block at
655 * `bblock + 1' is probably a dirty indirect block. Hunt it down and, if it's
656 * dirty, schedule it for IO. So that indirects merge nicely with their data.
657 */
658void write_boundary_block(struct block_device *bdev,
659 sector_t bblock, unsigned blocksize)
660{
661 struct buffer_head *bh = __find_get_block(bdev, bblock + 1, blocksize);
662 if (bh) {
663 if (buffer_dirty(bh))
664 write_dirty_buffer(bh, 0);
665 put_bh(bh);
666 }
667}
668
669void mark_buffer_dirty_inode(struct buffer_head *bh, struct inode *inode)
670{
671 struct address_space *mapping = inode->i_mapping;
672 struct address_space *buffer_mapping = bh->b_folio->mapping;
673
674 mark_buffer_dirty(bh);
675 if (!mapping->i_private_data) {
676 mapping->i_private_data = buffer_mapping;
677 } else {
678 BUG_ON(mapping->i_private_data != buffer_mapping);
679 }
680 if (!bh->b_assoc_map) {
681 spin_lock(&buffer_mapping->i_private_lock);
682 list_move_tail(&bh->b_assoc_buffers,
683 &mapping->i_private_list);
684 bh->b_assoc_map = mapping;
685 spin_unlock(&buffer_mapping->i_private_lock);
686 }
687}
688EXPORT_SYMBOL(mark_buffer_dirty_inode);
689
690/*
691 * Add a page to the dirty page list.
692 *
693 * It is a sad fact of life that this function is called from several places
694 * deeply under spinlocking. It may not sleep.
695 *
696 * If the page has buffers, the uptodate buffers are set dirty, to preserve
697 * dirty-state coherency between the page and the buffers. It the page does
698 * not have buffers then when they are later attached they will all be set
699 * dirty.
700 *
701 * The buffers are dirtied before the page is dirtied. There's a small race
702 * window in which a writepage caller may see the page cleanness but not the
703 * buffer dirtiness. That's fine. If this code were to set the page dirty
704 * before the buffers, a concurrent writepage caller could clear the page dirty
705 * bit, see a bunch of clean buffers and we'd end up with dirty buffers/clean
706 * page on the dirty page list.
707 *
708 * We use i_private_lock to lock against try_to_free_buffers while using the
709 * page's buffer list. Also use this to protect against clean buffers being
710 * added to the page after it was set dirty.
711 *
712 * FIXME: may need to call ->reservepage here as well. That's rather up to the
713 * address_space though.
714 */
715bool block_dirty_folio(struct address_space *mapping, struct folio *folio)
716{
717 struct buffer_head *head;
718 bool newly_dirty;
719
720 spin_lock(&mapping->i_private_lock);
721 head = folio_buffers(folio);
722 if (head) {
723 struct buffer_head *bh = head;
724
725 do {
726 set_buffer_dirty(bh);
727 bh = bh->b_this_page;
728 } while (bh != head);
729 }
730 /*
731 * Lock out page's memcg migration to keep PageDirty
732 * synchronized with per-memcg dirty page counters.
733 */
734 folio_memcg_lock(folio);
735 newly_dirty = !folio_test_set_dirty(folio);
736 spin_unlock(&mapping->i_private_lock);
737
738 if (newly_dirty)
739 __folio_mark_dirty(folio, mapping, 1);
740
741 folio_memcg_unlock(folio);
742
743 if (newly_dirty)
744 __mark_inode_dirty(mapping->host, I_DIRTY_PAGES);
745
746 return newly_dirty;
747}
748EXPORT_SYMBOL(block_dirty_folio);
749
750/*
751 * Write out and wait upon a list of buffers.
752 *
753 * We have conflicting pressures: we want to make sure that all
754 * initially dirty buffers get waited on, but that any subsequently
755 * dirtied buffers don't. After all, we don't want fsync to last
756 * forever if somebody is actively writing to the file.
757 *
758 * Do this in two main stages: first we copy dirty buffers to a
759 * temporary inode list, queueing the writes as we go. Then we clean
760 * up, waiting for those writes to complete.
761 *
762 * During this second stage, any subsequent updates to the file may end
763 * up refiling the buffer on the original inode's dirty list again, so
764 * there is a chance we will end up with a buffer queued for write but
765 * not yet completed on that list. So, as a final cleanup we go through
766 * the osync code to catch these locked, dirty buffers without requeuing
767 * any newly dirty buffers for write.
768 */
769static int fsync_buffers_list(spinlock_t *lock, struct list_head *list)
770{
771 struct buffer_head *bh;
772 struct list_head tmp;
773 struct address_space *mapping;
774 int err = 0, err2;
775 struct blk_plug plug;
776
777 INIT_LIST_HEAD(&tmp);
778 blk_start_plug(&plug);
779
780 spin_lock(lock);
781 while (!list_empty(list)) {
782 bh = BH_ENTRY(list->next);
783 mapping = bh->b_assoc_map;
784 __remove_assoc_queue(bh);
785 /* Avoid race with mark_buffer_dirty_inode() which does
786 * a lockless check and we rely on seeing the dirty bit */
787 smp_mb();
788 if (buffer_dirty(bh) || buffer_locked(bh)) {
789 list_add(&bh->b_assoc_buffers, &tmp);
790 bh->b_assoc_map = mapping;
791 if (buffer_dirty(bh)) {
792 get_bh(bh);
793 spin_unlock(lock);
794 /*
795 * Ensure any pending I/O completes so that
796 * write_dirty_buffer() actually writes the
797 * current contents - it is a noop if I/O is
798 * still in flight on potentially older
799 * contents.
800 */
801 write_dirty_buffer(bh, REQ_SYNC);
802
803 /*
804 * Kick off IO for the previous mapping. Note
805 * that we will not run the very last mapping,
806 * wait_on_buffer() will do that for us
807 * through sync_buffer().
808 */
809 brelse(bh);
810 spin_lock(lock);
811 }
812 }
813 }
814
815 spin_unlock(lock);
816 blk_finish_plug(&plug);
817 spin_lock(lock);
818
819 while (!list_empty(&tmp)) {
820 bh = BH_ENTRY(tmp.prev);
821 get_bh(bh);
822 mapping = bh->b_assoc_map;
823 __remove_assoc_queue(bh);
824 /* Avoid race with mark_buffer_dirty_inode() which does
825 * a lockless check and we rely on seeing the dirty bit */
826 smp_mb();
827 if (buffer_dirty(bh)) {
828 list_add(&bh->b_assoc_buffers,
829 &mapping->i_private_list);
830 bh->b_assoc_map = mapping;
831 }
832 spin_unlock(lock);
833 wait_on_buffer(bh);
834 if (!buffer_uptodate(bh))
835 err = -EIO;
836 brelse(bh);
837 spin_lock(lock);
838 }
839
840 spin_unlock(lock);
841 err2 = osync_buffers_list(lock, list);
842 if (err)
843 return err;
844 else
845 return err2;
846}
847
848/*
849 * Invalidate any and all dirty buffers on a given inode. We are
850 * probably unmounting the fs, but that doesn't mean we have already
851 * done a sync(). Just drop the buffers from the inode list.
852 *
853 * NOTE: we take the inode's blockdev's mapping's i_private_lock. Which
854 * assumes that all the buffers are against the blockdev. Not true
855 * for reiserfs.
856 */
857void invalidate_inode_buffers(struct inode *inode)
858{
859 if (inode_has_buffers(inode)) {
860 struct address_space *mapping = &inode->i_data;
861 struct list_head *list = &mapping->i_private_list;
862 struct address_space *buffer_mapping = mapping->i_private_data;
863
864 spin_lock(&buffer_mapping->i_private_lock);
865 while (!list_empty(list))
866 __remove_assoc_queue(BH_ENTRY(list->next));
867 spin_unlock(&buffer_mapping->i_private_lock);
868 }
869}
870EXPORT_SYMBOL(invalidate_inode_buffers);
871
872/*
873 * Remove any clean buffers from the inode's buffer list. This is called
874 * when we're trying to free the inode itself. Those buffers can pin it.
875 *
876 * Returns true if all buffers were removed.
877 */
878int remove_inode_buffers(struct inode *inode)
879{
880 int ret = 1;
881
882 if (inode_has_buffers(inode)) {
883 struct address_space *mapping = &inode->i_data;
884 struct list_head *list = &mapping->i_private_list;
885 struct address_space *buffer_mapping = mapping->i_private_data;
886
887 spin_lock(&buffer_mapping->i_private_lock);
888 while (!list_empty(list)) {
889 struct buffer_head *bh = BH_ENTRY(list->next);
890 if (buffer_dirty(bh)) {
891 ret = 0;
892 break;
893 }
894 __remove_assoc_queue(bh);
895 }
896 spin_unlock(&buffer_mapping->i_private_lock);
897 }
898 return ret;
899}
900
901/*
902 * Create the appropriate buffers when given a folio for data area and
903 * the size of each buffer.. Use the bh->b_this_page linked list to
904 * follow the buffers created. Return NULL if unable to create more
905 * buffers.
906 *
907 * The retry flag is used to differentiate async IO (paging, swapping)
908 * which may not fail from ordinary buffer allocations.
909 */
910struct buffer_head *folio_alloc_buffers(struct folio *folio, unsigned long size,
911 gfp_t gfp)
912{
913 struct buffer_head *bh, *head;
914 long offset;
915 struct mem_cgroup *memcg, *old_memcg;
916
917 /* The folio lock pins the memcg */
918 memcg = folio_memcg(folio);
919 old_memcg = set_active_memcg(memcg);
920
921 head = NULL;
922 offset = folio_size(folio);
923 while ((offset -= size) >= 0) {
924 bh = alloc_buffer_head(gfp);
925 if (!bh)
926 goto no_grow;
927
928 bh->b_this_page = head;
929 bh->b_blocknr = -1;
930 head = bh;
931
932 bh->b_size = size;
933
934 /* Link the buffer to its folio */
935 folio_set_bh(bh, folio, offset);
936 }
937out:
938 set_active_memcg(old_memcg);
939 return head;
940/*
941 * In case anything failed, we just free everything we got.
942 */
943no_grow:
944 if (head) {
945 do {
946 bh = head;
947 head = head->b_this_page;
948 free_buffer_head(bh);
949 } while (head);
950 }
951
952 goto out;
953}
954EXPORT_SYMBOL_GPL(folio_alloc_buffers);
955
956struct buffer_head *alloc_page_buffers(struct page *page, unsigned long size,
957 bool retry)
958{
959 gfp_t gfp = GFP_NOFS | __GFP_ACCOUNT;
960 if (retry)
961 gfp |= __GFP_NOFAIL;
962
963 return folio_alloc_buffers(page_folio(page), size, gfp);
964}
965EXPORT_SYMBOL_GPL(alloc_page_buffers);
966
967static inline void link_dev_buffers(struct folio *folio,
968 struct buffer_head *head)
969{
970 struct buffer_head *bh, *tail;
971
972 bh = head;
973 do {
974 tail = bh;
975 bh = bh->b_this_page;
976 } while (bh);
977 tail->b_this_page = head;
978 folio_attach_private(folio, head);
979}
980
981static sector_t blkdev_max_block(struct block_device *bdev, unsigned int size)
982{
983 sector_t retval = ~((sector_t)0);
984 loff_t sz = bdev_nr_bytes(bdev);
985
986 if (sz) {
987 unsigned int sizebits = blksize_bits(size);
988 retval = (sz >> sizebits);
989 }
990 return retval;
991}
992
993/*
994 * Initialise the state of a blockdev folio's buffers.
995 */
996static sector_t folio_init_buffers(struct folio *folio,
997 struct block_device *bdev, unsigned size)
998{
999 struct buffer_head *head = folio_buffers(folio);
1000 struct buffer_head *bh = head;
1001 bool uptodate = folio_test_uptodate(folio);
1002 sector_t block = div_u64(folio_pos(folio), size);
1003 sector_t end_block = blkdev_max_block(bdev, size);
1004
1005 do {
1006 if (!buffer_mapped(bh)) {
1007 bh->b_end_io = NULL;
1008 bh->b_private = NULL;
1009 bh->b_bdev = bdev;
1010 bh->b_blocknr = block;
1011 if (uptodate)
1012 set_buffer_uptodate(bh);
1013 if (block < end_block)
1014 set_buffer_mapped(bh);
1015 }
1016 block++;
1017 bh = bh->b_this_page;
1018 } while (bh != head);
1019
1020 /*
1021 * Caller needs to validate requested block against end of device.
1022 */
1023 return end_block;
1024}
1025
1026/*
1027 * Create the page-cache folio that contains the requested block.
1028 *
1029 * This is used purely for blockdev mappings.
1030 *
1031 * Returns false if we have a failure which cannot be cured by retrying
1032 * without sleeping. Returns true if we succeeded, or the caller should retry.
1033 */
1034static bool grow_dev_folio(struct block_device *bdev, sector_t block,
1035 pgoff_t index, unsigned size, gfp_t gfp)
1036{
1037 struct inode *inode = bdev->bd_inode;
1038 struct folio *folio;
1039 struct buffer_head *bh;
1040 sector_t end_block = 0;
1041
1042 folio = __filemap_get_folio(inode->i_mapping, index,
1043 FGP_LOCK | FGP_ACCESSED | FGP_CREAT, gfp);
1044 if (IS_ERR(folio))
1045 return false;
1046
1047 bh = folio_buffers(folio);
1048 if (bh) {
1049 if (bh->b_size == size) {
1050 end_block = folio_init_buffers(folio, bdev, size);
1051 goto unlock;
1052 }
1053
1054 /*
1055 * Retrying may succeed; for example the folio may finish
1056 * writeback, or buffers may be cleaned. This should not
1057 * happen very often; maybe we have old buffers attached to
1058 * this blockdev's page cache and we're trying to change
1059 * the block size?
1060 */
1061 if (!try_to_free_buffers(folio)) {
1062 end_block = ~0ULL;
1063 goto unlock;
1064 }
1065 }
1066
1067 bh = folio_alloc_buffers(folio, size, gfp | __GFP_ACCOUNT);
1068 if (!bh)
1069 goto unlock;
1070
1071 /*
1072 * Link the folio to the buffers and initialise them. Take the
1073 * lock to be atomic wrt __find_get_block(), which does not
1074 * run under the folio lock.
1075 */
1076 spin_lock(&inode->i_mapping->i_private_lock);
1077 link_dev_buffers(folio, bh);
1078 end_block = folio_init_buffers(folio, bdev, size);
1079 spin_unlock(&inode->i_mapping->i_private_lock);
1080unlock:
1081 folio_unlock(folio);
1082 folio_put(folio);
1083 return block < end_block;
1084}
1085
1086/*
1087 * Create buffers for the specified block device block's folio. If
1088 * that folio was dirty, the buffers are set dirty also. Returns false
1089 * if we've hit a permanent error.
1090 */
1091static bool grow_buffers(struct block_device *bdev, sector_t block,
1092 unsigned size, gfp_t gfp)
1093{
1094 loff_t pos;
1095
1096 /*
1097 * Check for a block which lies outside our maximum possible
1098 * pagecache index.
1099 */
1100 if (check_mul_overflow(block, (sector_t)size, &pos) || pos > MAX_LFS_FILESIZE) {
1101 printk(KERN_ERR "%s: requested out-of-range block %llu for device %pg\n",
1102 __func__, (unsigned long long)block,
1103 bdev);
1104 return false;
1105 }
1106
1107 /* Create a folio with the proper size buffers */
1108 return grow_dev_folio(bdev, block, pos / PAGE_SIZE, size, gfp);
1109}
1110
1111static struct buffer_head *
1112__getblk_slow(struct block_device *bdev, sector_t block,
1113 unsigned size, gfp_t gfp)
1114{
1115 /* Size must be multiple of hard sectorsize */
1116 if (unlikely(size & (bdev_logical_block_size(bdev)-1) ||
1117 (size < 512 || size > PAGE_SIZE))) {
1118 printk(KERN_ERR "getblk(): invalid block size %d requested\n",
1119 size);
1120 printk(KERN_ERR "logical block size: %d\n",
1121 bdev_logical_block_size(bdev));
1122
1123 dump_stack();
1124 return NULL;
1125 }
1126
1127 for (;;) {
1128 struct buffer_head *bh;
1129
1130 bh = __find_get_block(bdev, block, size);
1131 if (bh)
1132 return bh;
1133
1134 if (!grow_buffers(bdev, block, size, gfp))
1135 return NULL;
1136 }
1137}
1138
1139/*
1140 * The relationship between dirty buffers and dirty pages:
1141 *
1142 * Whenever a page has any dirty buffers, the page's dirty bit is set, and
1143 * the page is tagged dirty in the page cache.
1144 *
1145 * At all times, the dirtiness of the buffers represents the dirtiness of
1146 * subsections of the page. If the page has buffers, the page dirty bit is
1147 * merely a hint about the true dirty state.
1148 *
1149 * When a page is set dirty in its entirety, all its buffers are marked dirty
1150 * (if the page has buffers).
1151 *
1152 * When a buffer is marked dirty, its page is dirtied, but the page's other
1153 * buffers are not.
1154 *
1155 * Also. When blockdev buffers are explicitly read with bread(), they
1156 * individually become uptodate. But their backing page remains not
1157 * uptodate - even if all of its buffers are uptodate. A subsequent
1158 * block_read_full_folio() against that folio will discover all the uptodate
1159 * buffers, will set the folio uptodate and will perform no I/O.
1160 */
1161
1162/**
1163 * mark_buffer_dirty - mark a buffer_head as needing writeout
1164 * @bh: the buffer_head to mark dirty
1165 *
1166 * mark_buffer_dirty() will set the dirty bit against the buffer, then set
1167 * its backing page dirty, then tag the page as dirty in the page cache
1168 * and then attach the address_space's inode to its superblock's dirty
1169 * inode list.
1170 *
1171 * mark_buffer_dirty() is atomic. It takes bh->b_folio->mapping->i_private_lock,
1172 * i_pages lock and mapping->host->i_lock.
1173 */
1174void mark_buffer_dirty(struct buffer_head *bh)
1175{
1176 WARN_ON_ONCE(!buffer_uptodate(bh));
1177
1178 trace_block_dirty_buffer(bh);
1179
1180 /*
1181 * Very *carefully* optimize the it-is-already-dirty case.
1182 *
1183 * Don't let the final "is it dirty" escape to before we
1184 * perhaps modified the buffer.
1185 */
1186 if (buffer_dirty(bh)) {
1187 smp_mb();
1188 if (buffer_dirty(bh))
1189 return;
1190 }
1191
1192 if (!test_set_buffer_dirty(bh)) {
1193 struct folio *folio = bh->b_folio;
1194 struct address_space *mapping = NULL;
1195
1196 folio_memcg_lock(folio);
1197 if (!folio_test_set_dirty(folio)) {
1198 mapping = folio->mapping;
1199 if (mapping)
1200 __folio_mark_dirty(folio, mapping, 0);
1201 }
1202 folio_memcg_unlock(folio);
1203 if (mapping)
1204 __mark_inode_dirty(mapping->host, I_DIRTY_PAGES);
1205 }
1206}
1207EXPORT_SYMBOL(mark_buffer_dirty);
1208
1209void mark_buffer_write_io_error(struct buffer_head *bh)
1210{
1211 set_buffer_write_io_error(bh);
1212 /* FIXME: do we need to set this in both places? */
1213 if (bh->b_folio && bh->b_folio->mapping)
1214 mapping_set_error(bh->b_folio->mapping, -EIO);
1215 if (bh->b_assoc_map) {
1216 mapping_set_error(bh->b_assoc_map, -EIO);
1217 errseq_set(&bh->b_assoc_map->host->i_sb->s_wb_err, -EIO);
1218 }
1219}
1220EXPORT_SYMBOL(mark_buffer_write_io_error);
1221
1222/*
1223 * Decrement a buffer_head's reference count. If all buffers against a page
1224 * have zero reference count, are clean and unlocked, and if the page is clean
1225 * and unlocked then try_to_free_buffers() may strip the buffers from the page
1226 * in preparation for freeing it (sometimes, rarely, buffers are removed from
1227 * a page but it ends up not being freed, and buffers may later be reattached).
1228 */
1229void __brelse(struct buffer_head * buf)
1230{
1231 if (atomic_read(&buf->b_count)) {
1232 put_bh(buf);
1233 return;
1234 }
1235 WARN(1, KERN_ERR "VFS: brelse: Trying to free free buffer\n");
1236}
1237EXPORT_SYMBOL(__brelse);
1238
1239/*
1240 * bforget() is like brelse(), except it discards any
1241 * potentially dirty data.
1242 */
1243void __bforget(struct buffer_head *bh)
1244{
1245 clear_buffer_dirty(bh);
1246 if (bh->b_assoc_map) {
1247 struct address_space *buffer_mapping = bh->b_folio->mapping;
1248
1249 spin_lock(&buffer_mapping->i_private_lock);
1250 list_del_init(&bh->b_assoc_buffers);
1251 bh->b_assoc_map = NULL;
1252 spin_unlock(&buffer_mapping->i_private_lock);
1253 }
1254 __brelse(bh);
1255}
1256EXPORT_SYMBOL(__bforget);
1257
1258static struct buffer_head *__bread_slow(struct buffer_head *bh)
1259{
1260 lock_buffer(bh);
1261 if (buffer_uptodate(bh)) {
1262 unlock_buffer(bh);
1263 return bh;
1264 } else {
1265 get_bh(bh);
1266 bh->b_end_io = end_buffer_read_sync;
1267 submit_bh(REQ_OP_READ, bh);
1268 wait_on_buffer(bh);
1269 if (buffer_uptodate(bh))
1270 return bh;
1271 }
1272 brelse(bh);
1273 return NULL;
1274}
1275
1276/*
1277 * Per-cpu buffer LRU implementation. To reduce the cost of __find_get_block().
1278 * The bhs[] array is sorted - newest buffer is at bhs[0]. Buffers have their
1279 * refcount elevated by one when they're in an LRU. A buffer can only appear
1280 * once in a particular CPU's LRU. A single buffer can be present in multiple
1281 * CPU's LRUs at the same time.
1282 *
1283 * This is a transparent caching front-end to sb_bread(), sb_getblk() and
1284 * sb_find_get_block().
1285 *
1286 * The LRUs themselves only need locking against invalidate_bh_lrus. We use
1287 * a local interrupt disable for that.
1288 */
1289
1290#define BH_LRU_SIZE 16
1291
1292struct bh_lru {
1293 struct buffer_head *bhs[BH_LRU_SIZE];
1294};
1295
1296static DEFINE_PER_CPU(struct bh_lru, bh_lrus) = {{ NULL }};
1297
1298#ifdef CONFIG_SMP
1299#define bh_lru_lock() local_irq_disable()
1300#define bh_lru_unlock() local_irq_enable()
1301#else
1302#define bh_lru_lock() preempt_disable()
1303#define bh_lru_unlock() preempt_enable()
1304#endif
1305
1306static inline void check_irqs_on(void)
1307{
1308#ifdef irqs_disabled
1309 BUG_ON(irqs_disabled());
1310#endif
1311}
1312
1313/*
1314 * Install a buffer_head into this cpu's LRU. If not already in the LRU, it is
1315 * inserted at the front, and the buffer_head at the back if any is evicted.
1316 * Or, if already in the LRU it is moved to the front.
1317 */
1318static void bh_lru_install(struct buffer_head *bh)
1319{
1320 struct buffer_head *evictee = bh;
1321 struct bh_lru *b;
1322 int i;
1323
1324 check_irqs_on();
1325 bh_lru_lock();
1326
1327 /*
1328 * the refcount of buffer_head in bh_lru prevents dropping the
1329 * attached page(i.e., try_to_free_buffers) so it could cause
1330 * failing page migration.
1331 * Skip putting upcoming bh into bh_lru until migration is done.
1332 */
1333 if (lru_cache_disabled() || cpu_is_isolated(smp_processor_id())) {
1334 bh_lru_unlock();
1335 return;
1336 }
1337
1338 b = this_cpu_ptr(&bh_lrus);
1339 for (i = 0; i < BH_LRU_SIZE; i++) {
1340 swap(evictee, b->bhs[i]);
1341 if (evictee == bh) {
1342 bh_lru_unlock();
1343 return;
1344 }
1345 }
1346
1347 get_bh(bh);
1348 bh_lru_unlock();
1349 brelse(evictee);
1350}
1351
1352/*
1353 * Look up the bh in this cpu's LRU. If it's there, move it to the head.
1354 */
1355static struct buffer_head *
1356lookup_bh_lru(struct block_device *bdev, sector_t block, unsigned size)
1357{
1358 struct buffer_head *ret = NULL;
1359 unsigned int i;
1360
1361 check_irqs_on();
1362 bh_lru_lock();
1363 if (cpu_is_isolated(smp_processor_id())) {
1364 bh_lru_unlock();
1365 return NULL;
1366 }
1367 for (i = 0; i < BH_LRU_SIZE; i++) {
1368 struct buffer_head *bh = __this_cpu_read(bh_lrus.bhs[i]);
1369
1370 if (bh && bh->b_blocknr == block && bh->b_bdev == bdev &&
1371 bh->b_size == size) {
1372 if (i) {
1373 while (i) {
1374 __this_cpu_write(bh_lrus.bhs[i],
1375 __this_cpu_read(bh_lrus.bhs[i - 1]));
1376 i--;
1377 }
1378 __this_cpu_write(bh_lrus.bhs[0], bh);
1379 }
1380 get_bh(bh);
1381 ret = bh;
1382 break;
1383 }
1384 }
1385 bh_lru_unlock();
1386 return ret;
1387}
1388
1389/*
1390 * Perform a pagecache lookup for the matching buffer. If it's there, refresh
1391 * it in the LRU and mark it as accessed. If it is not present then return
1392 * NULL
1393 */
1394struct buffer_head *
1395__find_get_block(struct block_device *bdev, sector_t block, unsigned size)
1396{
1397 struct buffer_head *bh = lookup_bh_lru(bdev, block, size);
1398
1399 if (bh == NULL) {
1400 /* __find_get_block_slow will mark the page accessed */
1401 bh = __find_get_block_slow(bdev, block);
1402 if (bh)
1403 bh_lru_install(bh);
1404 } else
1405 touch_buffer(bh);
1406
1407 return bh;
1408}
1409EXPORT_SYMBOL(__find_get_block);
1410
1411/**
1412 * bdev_getblk - Get a buffer_head in a block device's buffer cache.
1413 * @bdev: The block device.
1414 * @block: The block number.
1415 * @size: The size of buffer_heads for this @bdev.
1416 * @gfp: The memory allocation flags to use.
1417 *
1418 * Return: The buffer head, or NULL if memory could not be allocated.
1419 */
1420struct buffer_head *bdev_getblk(struct block_device *bdev, sector_t block,
1421 unsigned size, gfp_t gfp)
1422{
1423 struct buffer_head *bh = __find_get_block(bdev, block, size);
1424
1425 might_alloc(gfp);
1426 if (bh)
1427 return bh;
1428
1429 return __getblk_slow(bdev, block, size, gfp);
1430}
1431EXPORT_SYMBOL(bdev_getblk);
1432
1433/*
1434 * Do async read-ahead on a buffer..
1435 */
1436void __breadahead(struct block_device *bdev, sector_t block, unsigned size)
1437{
1438 struct buffer_head *bh = bdev_getblk(bdev, block, size,
1439 GFP_NOWAIT | __GFP_MOVABLE);
1440
1441 if (likely(bh)) {
1442 bh_readahead(bh, REQ_RAHEAD);
1443 brelse(bh);
1444 }
1445}
1446EXPORT_SYMBOL(__breadahead);
1447
1448/**
1449 * __bread_gfp() - reads a specified block and returns the bh
1450 * @bdev: the block_device to read from
1451 * @block: number of block
1452 * @size: size (in bytes) to read
1453 * @gfp: page allocation flag
1454 *
1455 * Reads a specified block, and returns buffer head that contains it.
1456 * The page cache can be allocated from non-movable area
1457 * not to prevent page migration if you set gfp to zero.
1458 * It returns NULL if the block was unreadable.
1459 */
1460struct buffer_head *
1461__bread_gfp(struct block_device *bdev, sector_t block,
1462 unsigned size, gfp_t gfp)
1463{
1464 struct buffer_head *bh;
1465
1466 gfp |= mapping_gfp_constraint(bdev->bd_inode->i_mapping, ~__GFP_FS);
1467
1468 /*
1469 * Prefer looping in the allocator rather than here, at least that
1470 * code knows what it's doing.
1471 */
1472 gfp |= __GFP_NOFAIL;
1473
1474 bh = bdev_getblk(bdev, block, size, gfp);
1475
1476 if (likely(bh) && !buffer_uptodate(bh))
1477 bh = __bread_slow(bh);
1478 return bh;
1479}
1480EXPORT_SYMBOL(__bread_gfp);
1481
1482static void __invalidate_bh_lrus(struct bh_lru *b)
1483{
1484 int i;
1485
1486 for (i = 0; i < BH_LRU_SIZE; i++) {
1487 brelse(b->bhs[i]);
1488 b->bhs[i] = NULL;
1489 }
1490}
1491/*
1492 * invalidate_bh_lrus() is called rarely - but not only at unmount.
1493 * This doesn't race because it runs in each cpu either in irq
1494 * or with preempt disabled.
1495 */
1496static void invalidate_bh_lru(void *arg)
1497{
1498 struct bh_lru *b = &get_cpu_var(bh_lrus);
1499
1500 __invalidate_bh_lrus(b);
1501 put_cpu_var(bh_lrus);
1502}
1503
1504bool has_bh_in_lru(int cpu, void *dummy)
1505{
1506 struct bh_lru *b = per_cpu_ptr(&bh_lrus, cpu);
1507 int i;
1508
1509 for (i = 0; i < BH_LRU_SIZE; i++) {
1510 if (b->bhs[i])
1511 return true;
1512 }
1513
1514 return false;
1515}
1516
1517void invalidate_bh_lrus(void)
1518{
1519 on_each_cpu_cond(has_bh_in_lru, invalidate_bh_lru, NULL, 1);
1520}
1521EXPORT_SYMBOL_GPL(invalidate_bh_lrus);
1522
1523/*
1524 * It's called from workqueue context so we need a bh_lru_lock to close
1525 * the race with preemption/irq.
1526 */
1527void invalidate_bh_lrus_cpu(void)
1528{
1529 struct bh_lru *b;
1530
1531 bh_lru_lock();
1532 b = this_cpu_ptr(&bh_lrus);
1533 __invalidate_bh_lrus(b);
1534 bh_lru_unlock();
1535}
1536
1537void folio_set_bh(struct buffer_head *bh, struct folio *folio,
1538 unsigned long offset)
1539{
1540 bh->b_folio = folio;
1541 BUG_ON(offset >= folio_size(folio));
1542 if (folio_test_highmem(folio))
1543 /*
1544 * This catches illegal uses and preserves the offset:
1545 */
1546 bh->b_data = (char *)(0 + offset);
1547 else
1548 bh->b_data = folio_address(folio) + offset;
1549}
1550EXPORT_SYMBOL(folio_set_bh);
1551
1552/*
1553 * Called when truncating a buffer on a page completely.
1554 */
1555
1556/* Bits that are cleared during an invalidate */
1557#define BUFFER_FLAGS_DISCARD \
1558 (1 << BH_Mapped | 1 << BH_New | 1 << BH_Req | \
1559 1 << BH_Delay | 1 << BH_Unwritten)
1560
1561static void discard_buffer(struct buffer_head * bh)
1562{
1563 unsigned long b_state;
1564
1565 lock_buffer(bh);
1566 clear_buffer_dirty(bh);
1567 bh->b_bdev = NULL;
1568 b_state = READ_ONCE(bh->b_state);
1569 do {
1570 } while (!try_cmpxchg(&bh->b_state, &b_state,
1571 b_state & ~BUFFER_FLAGS_DISCARD));
1572 unlock_buffer(bh);
1573}
1574
1575/**
1576 * block_invalidate_folio - Invalidate part or all of a buffer-backed folio.
1577 * @folio: The folio which is affected.
1578 * @offset: start of the range to invalidate
1579 * @length: length of the range to invalidate
1580 *
1581 * block_invalidate_folio() is called when all or part of the folio has been
1582 * invalidated by a truncate operation.
1583 *
1584 * block_invalidate_folio() does not have to release all buffers, but it must
1585 * ensure that no dirty buffer is left outside @offset and that no I/O
1586 * is underway against any of the blocks which are outside the truncation
1587 * point. Because the caller is about to free (and possibly reuse) those
1588 * blocks on-disk.
1589 */
1590void block_invalidate_folio(struct folio *folio, size_t offset, size_t length)
1591{
1592 struct buffer_head *head, *bh, *next;
1593 size_t curr_off = 0;
1594 size_t stop = length + offset;
1595
1596 BUG_ON(!folio_test_locked(folio));
1597
1598 /*
1599 * Check for overflow
1600 */
1601 BUG_ON(stop > folio_size(folio) || stop < length);
1602
1603 head = folio_buffers(folio);
1604 if (!head)
1605 return;
1606
1607 bh = head;
1608 do {
1609 size_t next_off = curr_off + bh->b_size;
1610 next = bh->b_this_page;
1611
1612 /*
1613 * Are we still fully in range ?
1614 */
1615 if (next_off > stop)
1616 goto out;
1617
1618 /*
1619 * is this block fully invalidated?
1620 */
1621 if (offset <= curr_off)
1622 discard_buffer(bh);
1623 curr_off = next_off;
1624 bh = next;
1625 } while (bh != head);
1626
1627 /*
1628 * We release buffers only if the entire folio is being invalidated.
1629 * The get_block cached value has been unconditionally invalidated,
1630 * so real IO is not possible anymore.
1631 */
1632 if (length == folio_size(folio))
1633 filemap_release_folio(folio, 0);
1634out:
1635 return;
1636}
1637EXPORT_SYMBOL(block_invalidate_folio);
1638
1639/*
1640 * We attach and possibly dirty the buffers atomically wrt
1641 * block_dirty_folio() via i_private_lock. try_to_free_buffers
1642 * is already excluded via the folio lock.
1643 */
1644struct buffer_head *create_empty_buffers(struct folio *folio,
1645 unsigned long blocksize, unsigned long b_state)
1646{
1647 struct buffer_head *bh, *head, *tail;
1648 gfp_t gfp = GFP_NOFS | __GFP_ACCOUNT | __GFP_NOFAIL;
1649
1650 head = folio_alloc_buffers(folio, blocksize, gfp);
1651 bh = head;
1652 do {
1653 bh->b_state |= b_state;
1654 tail = bh;
1655 bh = bh->b_this_page;
1656 } while (bh);
1657 tail->b_this_page = head;
1658
1659 spin_lock(&folio->mapping->i_private_lock);
1660 if (folio_test_uptodate(folio) || folio_test_dirty(folio)) {
1661 bh = head;
1662 do {
1663 if (folio_test_dirty(folio))
1664 set_buffer_dirty(bh);
1665 if (folio_test_uptodate(folio))
1666 set_buffer_uptodate(bh);
1667 bh = bh->b_this_page;
1668 } while (bh != head);
1669 }
1670 folio_attach_private(folio, head);
1671 spin_unlock(&folio->mapping->i_private_lock);
1672
1673 return head;
1674}
1675EXPORT_SYMBOL(create_empty_buffers);
1676
1677/**
1678 * clean_bdev_aliases: clean a range of buffers in block device
1679 * @bdev: Block device to clean buffers in
1680 * @block: Start of a range of blocks to clean
1681 * @len: Number of blocks to clean
1682 *
1683 * We are taking a range of blocks for data and we don't want writeback of any
1684 * buffer-cache aliases starting from return from this function and until the
1685 * moment when something will explicitly mark the buffer dirty (hopefully that
1686 * will not happen until we will free that block ;-) We don't even need to mark
1687 * it not-uptodate - nobody can expect anything from a newly allocated buffer
1688 * anyway. We used to use unmap_buffer() for such invalidation, but that was
1689 * wrong. We definitely don't want to mark the alias unmapped, for example - it
1690 * would confuse anyone who might pick it with bread() afterwards...
1691 *
1692 * Also.. Note that bforget() doesn't lock the buffer. So there can be
1693 * writeout I/O going on against recently-freed buffers. We don't wait on that
1694 * I/O in bforget() - it's more efficient to wait on the I/O only if we really
1695 * need to. That happens here.
1696 */
1697void clean_bdev_aliases(struct block_device *bdev, sector_t block, sector_t len)
1698{
1699 struct inode *bd_inode = bdev->bd_inode;
1700 struct address_space *bd_mapping = bd_inode->i_mapping;
1701 struct folio_batch fbatch;
1702 pgoff_t index = ((loff_t)block << bd_inode->i_blkbits) / PAGE_SIZE;
1703 pgoff_t end;
1704 int i, count;
1705 struct buffer_head *bh;
1706 struct buffer_head *head;
1707
1708 end = ((loff_t)(block + len - 1) << bd_inode->i_blkbits) / PAGE_SIZE;
1709 folio_batch_init(&fbatch);
1710 while (filemap_get_folios(bd_mapping, &index, end, &fbatch)) {
1711 count = folio_batch_count(&fbatch);
1712 for (i = 0; i < count; i++) {
1713 struct folio *folio = fbatch.folios[i];
1714
1715 if (!folio_buffers(folio))
1716 continue;
1717 /*
1718 * We use folio lock instead of bd_mapping->i_private_lock
1719 * to pin buffers here since we can afford to sleep and
1720 * it scales better than a global spinlock lock.
1721 */
1722 folio_lock(folio);
1723 /* Recheck when the folio is locked which pins bhs */
1724 head = folio_buffers(folio);
1725 if (!head)
1726 goto unlock_page;
1727 bh = head;
1728 do {
1729 if (!buffer_mapped(bh) || (bh->b_blocknr < block))
1730 goto next;
1731 if (bh->b_blocknr >= block + len)
1732 break;
1733 clear_buffer_dirty(bh);
1734 wait_on_buffer(bh);
1735 clear_buffer_req(bh);
1736next:
1737 bh = bh->b_this_page;
1738 } while (bh != head);
1739unlock_page:
1740 folio_unlock(folio);
1741 }
1742 folio_batch_release(&fbatch);
1743 cond_resched();
1744 /* End of range already reached? */
1745 if (index > end || !index)
1746 break;
1747 }
1748}
1749EXPORT_SYMBOL(clean_bdev_aliases);
1750
1751static struct buffer_head *folio_create_buffers(struct folio *folio,
1752 struct inode *inode,
1753 unsigned int b_state)
1754{
1755 struct buffer_head *bh;
1756
1757 BUG_ON(!folio_test_locked(folio));
1758
1759 bh = folio_buffers(folio);
1760 if (!bh)
1761 bh = create_empty_buffers(folio,
1762 1 << READ_ONCE(inode->i_blkbits), b_state);
1763 return bh;
1764}
1765
1766/*
1767 * NOTE! All mapped/uptodate combinations are valid:
1768 *
1769 * Mapped Uptodate Meaning
1770 *
1771 * No No "unknown" - must do get_block()
1772 * No Yes "hole" - zero-filled
1773 * Yes No "allocated" - allocated on disk, not read in
1774 * Yes Yes "valid" - allocated and up-to-date in memory.
1775 *
1776 * "Dirty" is valid only with the last case (mapped+uptodate).
1777 */
1778
1779/*
1780 * While block_write_full_folio is writing back the dirty buffers under
1781 * the page lock, whoever dirtied the buffers may decide to clean them
1782 * again at any time. We handle that by only looking at the buffer
1783 * state inside lock_buffer().
1784 *
1785 * If block_write_full_folio() is called for regular writeback
1786 * (wbc->sync_mode == WB_SYNC_NONE) then it will redirty a page which has a
1787 * locked buffer. This only can happen if someone has written the buffer
1788 * directly, with submit_bh(). At the address_space level PageWriteback
1789 * prevents this contention from occurring.
1790 *
1791 * If block_write_full_folio() is called with wbc->sync_mode ==
1792 * WB_SYNC_ALL, the writes are posted using REQ_SYNC; this
1793 * causes the writes to be flagged as synchronous writes.
1794 */
1795int __block_write_full_folio(struct inode *inode, struct folio *folio,
1796 get_block_t *get_block, struct writeback_control *wbc)
1797{
1798 int err;
1799 sector_t block;
1800 sector_t last_block;
1801 struct buffer_head *bh, *head;
1802 size_t blocksize;
1803 int nr_underway = 0;
1804 blk_opf_t write_flags = wbc_to_write_flags(wbc);
1805
1806 head = folio_create_buffers(folio, inode,
1807 (1 << BH_Dirty) | (1 << BH_Uptodate));
1808
1809 /*
1810 * Be very careful. We have no exclusion from block_dirty_folio
1811 * here, and the (potentially unmapped) buffers may become dirty at
1812 * any time. If a buffer becomes dirty here after we've inspected it
1813 * then we just miss that fact, and the folio stays dirty.
1814 *
1815 * Buffers outside i_size may be dirtied by block_dirty_folio;
1816 * handle that here by just cleaning them.
1817 */
1818
1819 bh = head;
1820 blocksize = bh->b_size;
1821
1822 block = div_u64(folio_pos(folio), blocksize);
1823 last_block = div_u64(i_size_read(inode) - 1, blocksize);
1824
1825 /*
1826 * Get all the dirty buffers mapped to disk addresses and
1827 * handle any aliases from the underlying blockdev's mapping.
1828 */
1829 do {
1830 if (block > last_block) {
1831 /*
1832 * mapped buffers outside i_size will occur, because
1833 * this folio can be outside i_size when there is a
1834 * truncate in progress.
1835 */
1836 /*
1837 * The buffer was zeroed by block_write_full_folio()
1838 */
1839 clear_buffer_dirty(bh);
1840 set_buffer_uptodate(bh);
1841 } else if ((!buffer_mapped(bh) || buffer_delay(bh)) &&
1842 buffer_dirty(bh)) {
1843 WARN_ON(bh->b_size != blocksize);
1844 err = get_block(inode, block, bh, 1);
1845 if (err)
1846 goto recover;
1847 clear_buffer_delay(bh);
1848 if (buffer_new(bh)) {
1849 /* blockdev mappings never come here */
1850 clear_buffer_new(bh);
1851 clean_bdev_bh_alias(bh);
1852 }
1853 }
1854 bh = bh->b_this_page;
1855 block++;
1856 } while (bh != head);
1857
1858 do {
1859 if (!buffer_mapped(bh))
1860 continue;
1861 /*
1862 * If it's a fully non-blocking write attempt and we cannot
1863 * lock the buffer then redirty the folio. Note that this can
1864 * potentially cause a busy-wait loop from writeback threads
1865 * and kswapd activity, but those code paths have their own
1866 * higher-level throttling.
1867 */
1868 if (wbc->sync_mode != WB_SYNC_NONE) {
1869 lock_buffer(bh);
1870 } else if (!trylock_buffer(bh)) {
1871 folio_redirty_for_writepage(wbc, folio);
1872 continue;
1873 }
1874 if (test_clear_buffer_dirty(bh)) {
1875 mark_buffer_async_write_endio(bh,
1876 end_buffer_async_write);
1877 } else {
1878 unlock_buffer(bh);
1879 }
1880 } while ((bh = bh->b_this_page) != head);
1881
1882 /*
1883 * The folio and its buffers are protected by the writeback flag,
1884 * so we can drop the bh refcounts early.
1885 */
1886 BUG_ON(folio_test_writeback(folio));
1887 folio_start_writeback(folio);
1888
1889 do {
1890 struct buffer_head *next = bh->b_this_page;
1891 if (buffer_async_write(bh)) {
1892 submit_bh_wbc(REQ_OP_WRITE | write_flags, bh,
1893 inode->i_write_hint, wbc);
1894 nr_underway++;
1895 }
1896 bh = next;
1897 } while (bh != head);
1898 folio_unlock(folio);
1899
1900 err = 0;
1901done:
1902 if (nr_underway == 0) {
1903 /*
1904 * The folio was marked dirty, but the buffers were
1905 * clean. Someone wrote them back by hand with
1906 * write_dirty_buffer/submit_bh. A rare case.
1907 */
1908 folio_end_writeback(folio);
1909
1910 /*
1911 * The folio and buffer_heads can be released at any time from
1912 * here on.
1913 */
1914 }
1915 return err;
1916
1917recover:
1918 /*
1919 * ENOSPC, or some other error. We may already have added some
1920 * blocks to the file, so we need to write these out to avoid
1921 * exposing stale data.
1922 * The folio is currently locked and not marked for writeback
1923 */
1924 bh = head;
1925 /* Recovery: lock and submit the mapped buffers */
1926 do {
1927 if (buffer_mapped(bh) && buffer_dirty(bh) &&
1928 !buffer_delay(bh)) {
1929 lock_buffer(bh);
1930 mark_buffer_async_write_endio(bh,
1931 end_buffer_async_write);
1932 } else {
1933 /*
1934 * The buffer may have been set dirty during
1935 * attachment to a dirty folio.
1936 */
1937 clear_buffer_dirty(bh);
1938 }
1939 } while ((bh = bh->b_this_page) != head);
1940 folio_set_error(folio);
1941 BUG_ON(folio_test_writeback(folio));
1942 mapping_set_error(folio->mapping, err);
1943 folio_start_writeback(folio);
1944 do {
1945 struct buffer_head *next = bh->b_this_page;
1946 if (buffer_async_write(bh)) {
1947 clear_buffer_dirty(bh);
1948 submit_bh_wbc(REQ_OP_WRITE | write_flags, bh,
1949 inode->i_write_hint, wbc);
1950 nr_underway++;
1951 }
1952 bh = next;
1953 } while (bh != head);
1954 folio_unlock(folio);
1955 goto done;
1956}
1957EXPORT_SYMBOL(__block_write_full_folio);
1958
1959/*
1960 * If a folio has any new buffers, zero them out here, and mark them uptodate
1961 * and dirty so they'll be written out (in order to prevent uninitialised
1962 * block data from leaking). And clear the new bit.
1963 */
1964void folio_zero_new_buffers(struct folio *folio, size_t from, size_t to)
1965{
1966 size_t block_start, block_end;
1967 struct buffer_head *head, *bh;
1968
1969 BUG_ON(!folio_test_locked(folio));
1970 head = folio_buffers(folio);
1971 if (!head)
1972 return;
1973
1974 bh = head;
1975 block_start = 0;
1976 do {
1977 block_end = block_start + bh->b_size;
1978
1979 if (buffer_new(bh)) {
1980 if (block_end > from && block_start < to) {
1981 if (!folio_test_uptodate(folio)) {
1982 size_t start, xend;
1983
1984 start = max(from, block_start);
1985 xend = min(to, block_end);
1986
1987 folio_zero_segment(folio, start, xend);
1988 set_buffer_uptodate(bh);
1989 }
1990
1991 clear_buffer_new(bh);
1992 mark_buffer_dirty(bh);
1993 }
1994 }
1995
1996 block_start = block_end;
1997 bh = bh->b_this_page;
1998 } while (bh != head);
1999}
2000EXPORT_SYMBOL(folio_zero_new_buffers);
2001
2002static int
2003iomap_to_bh(struct inode *inode, sector_t block, struct buffer_head *bh,
2004 const struct iomap *iomap)
2005{
2006 loff_t offset = (loff_t)block << inode->i_blkbits;
2007
2008 bh->b_bdev = iomap->bdev;
2009
2010 /*
2011 * Block points to offset in file we need to map, iomap contains
2012 * the offset at which the map starts. If the map ends before the
2013 * current block, then do not map the buffer and let the caller
2014 * handle it.
2015 */
2016 if (offset >= iomap->offset + iomap->length)
2017 return -EIO;
2018
2019 switch (iomap->type) {
2020 case IOMAP_HOLE:
2021 /*
2022 * If the buffer is not up to date or beyond the current EOF,
2023 * we need to mark it as new to ensure sub-block zeroing is
2024 * executed if necessary.
2025 */
2026 if (!buffer_uptodate(bh) ||
2027 (offset >= i_size_read(inode)))
2028 set_buffer_new(bh);
2029 return 0;
2030 case IOMAP_DELALLOC:
2031 if (!buffer_uptodate(bh) ||
2032 (offset >= i_size_read(inode)))
2033 set_buffer_new(bh);
2034 set_buffer_uptodate(bh);
2035 set_buffer_mapped(bh);
2036 set_buffer_delay(bh);
2037 return 0;
2038 case IOMAP_UNWRITTEN:
2039 /*
2040 * For unwritten regions, we always need to ensure that regions
2041 * in the block we are not writing to are zeroed. Mark the
2042 * buffer as new to ensure this.
2043 */
2044 set_buffer_new(bh);
2045 set_buffer_unwritten(bh);
2046 fallthrough;
2047 case IOMAP_MAPPED:
2048 if ((iomap->flags & IOMAP_F_NEW) ||
2049 offset >= i_size_read(inode)) {
2050 /*
2051 * This can happen if truncating the block device races
2052 * with the check in the caller as i_size updates on
2053 * block devices aren't synchronized by i_rwsem for
2054 * block devices.
2055 */
2056 if (S_ISBLK(inode->i_mode))
2057 return -EIO;
2058 set_buffer_new(bh);
2059 }
2060 bh->b_blocknr = (iomap->addr + offset - iomap->offset) >>
2061 inode->i_blkbits;
2062 set_buffer_mapped(bh);
2063 return 0;
2064 default:
2065 WARN_ON_ONCE(1);
2066 return -EIO;
2067 }
2068}
2069
2070int __block_write_begin_int(struct folio *folio, loff_t pos, unsigned len,
2071 get_block_t *get_block, const struct iomap *iomap)
2072{
2073 size_t from = offset_in_folio(folio, pos);
2074 size_t to = from + len;
2075 struct inode *inode = folio->mapping->host;
2076 size_t block_start, block_end;
2077 sector_t block;
2078 int err = 0;
2079 size_t blocksize;
2080 struct buffer_head *bh, *head, *wait[2], **wait_bh=wait;
2081
2082 BUG_ON(!folio_test_locked(folio));
2083 BUG_ON(to > folio_size(folio));
2084 BUG_ON(from > to);
2085
2086 head = folio_create_buffers(folio, inode, 0);
2087 blocksize = head->b_size;
2088 block = div_u64(folio_pos(folio), blocksize);
2089
2090 for (bh = head, block_start = 0; bh != head || !block_start;
2091 block++, block_start=block_end, bh = bh->b_this_page) {
2092 block_end = block_start + blocksize;
2093 if (block_end <= from || block_start >= to) {
2094 if (folio_test_uptodate(folio)) {
2095 if (!buffer_uptodate(bh))
2096 set_buffer_uptodate(bh);
2097 }
2098 continue;
2099 }
2100 if (buffer_new(bh))
2101 clear_buffer_new(bh);
2102 if (!buffer_mapped(bh)) {
2103 WARN_ON(bh->b_size != blocksize);
2104 if (get_block)
2105 err = get_block(inode, block, bh, 1);
2106 else
2107 err = iomap_to_bh(inode, block, bh, iomap);
2108 if (err)
2109 break;
2110
2111 if (buffer_new(bh)) {
2112 clean_bdev_bh_alias(bh);
2113 if (folio_test_uptodate(folio)) {
2114 clear_buffer_new(bh);
2115 set_buffer_uptodate(bh);
2116 mark_buffer_dirty(bh);
2117 continue;
2118 }
2119 if (block_end > to || block_start < from)
2120 folio_zero_segments(folio,
2121 to, block_end,
2122 block_start, from);
2123 continue;
2124 }
2125 }
2126 if (folio_test_uptodate(folio)) {
2127 if (!buffer_uptodate(bh))
2128 set_buffer_uptodate(bh);
2129 continue;
2130 }
2131 if (!buffer_uptodate(bh) && !buffer_delay(bh) &&
2132 !buffer_unwritten(bh) &&
2133 (block_start < from || block_end > to)) {
2134 bh_read_nowait(bh, 0);
2135 *wait_bh++=bh;
2136 }
2137 }
2138 /*
2139 * If we issued read requests - let them complete.
2140 */
2141 while(wait_bh > wait) {
2142 wait_on_buffer(*--wait_bh);
2143 if (!buffer_uptodate(*wait_bh))
2144 err = -EIO;
2145 }
2146 if (unlikely(err))
2147 folio_zero_new_buffers(folio, from, to);
2148 return err;
2149}
2150
2151int __block_write_begin(struct page *page, loff_t pos, unsigned len,
2152 get_block_t *get_block)
2153{
2154 return __block_write_begin_int(page_folio(page), pos, len, get_block,
2155 NULL);
2156}
2157EXPORT_SYMBOL(__block_write_begin);
2158
2159static void __block_commit_write(struct folio *folio, size_t from, size_t to)
2160{
2161 size_t block_start, block_end;
2162 bool partial = false;
2163 unsigned blocksize;
2164 struct buffer_head *bh, *head;
2165
2166 bh = head = folio_buffers(folio);
2167 blocksize = bh->b_size;
2168
2169 block_start = 0;
2170 do {
2171 block_end = block_start + blocksize;
2172 if (block_end <= from || block_start >= to) {
2173 if (!buffer_uptodate(bh))
2174 partial = true;
2175 } else {
2176 set_buffer_uptodate(bh);
2177 mark_buffer_dirty(bh);
2178 }
2179 if (buffer_new(bh))
2180 clear_buffer_new(bh);
2181
2182 block_start = block_end;
2183 bh = bh->b_this_page;
2184 } while (bh != head);
2185
2186 /*
2187 * If this is a partial write which happened to make all buffers
2188 * uptodate then we can optimize away a bogus read_folio() for
2189 * the next read(). Here we 'discover' whether the folio went
2190 * uptodate as a result of this (potentially partial) write.
2191 */
2192 if (!partial)
2193 folio_mark_uptodate(folio);
2194}
2195
2196/*
2197 * block_write_begin takes care of the basic task of block allocation and
2198 * bringing partial write blocks uptodate first.
2199 *
2200 * The filesystem needs to handle block truncation upon failure.
2201 */
2202int block_write_begin(struct address_space *mapping, loff_t pos, unsigned len,
2203 struct page **pagep, get_block_t *get_block)
2204{
2205 pgoff_t index = pos >> PAGE_SHIFT;
2206 struct page *page;
2207 int status;
2208
2209 page = grab_cache_page_write_begin(mapping, index);
2210 if (!page)
2211 return -ENOMEM;
2212
2213 status = __block_write_begin(page, pos, len, get_block);
2214 if (unlikely(status)) {
2215 unlock_page(page);
2216 put_page(page);
2217 page = NULL;
2218 }
2219
2220 *pagep = page;
2221 return status;
2222}
2223EXPORT_SYMBOL(block_write_begin);
2224
2225int block_write_end(struct file *file, struct address_space *mapping,
2226 loff_t pos, unsigned len, unsigned copied,
2227 struct page *page, void *fsdata)
2228{
2229 struct folio *folio = page_folio(page);
2230 size_t start = pos - folio_pos(folio);
2231
2232 if (unlikely(copied < len)) {
2233 /*
2234 * The buffers that were written will now be uptodate, so
2235 * we don't have to worry about a read_folio reading them
2236 * and overwriting a partial write. However if we have
2237 * encountered a short write and only partially written
2238 * into a buffer, it will not be marked uptodate, so a
2239 * read_folio might come in and destroy our partial write.
2240 *
2241 * Do the simplest thing, and just treat any short write to a
2242 * non uptodate folio as a zero-length write, and force the
2243 * caller to redo the whole thing.
2244 */
2245 if (!folio_test_uptodate(folio))
2246 copied = 0;
2247
2248 folio_zero_new_buffers(folio, start+copied, start+len);
2249 }
2250 flush_dcache_folio(folio);
2251
2252 /* This could be a short (even 0-length) commit */
2253 __block_commit_write(folio, start, start + copied);
2254
2255 return copied;
2256}
2257EXPORT_SYMBOL(block_write_end);
2258
2259int generic_write_end(struct file *file, struct address_space *mapping,
2260 loff_t pos, unsigned len, unsigned copied,
2261 struct page *page, void *fsdata)
2262{
2263 struct inode *inode = mapping->host;
2264 loff_t old_size = inode->i_size;
2265 bool i_size_changed = false;
2266
2267 copied = block_write_end(file, mapping, pos, len, copied, page, fsdata);
2268
2269 /*
2270 * No need to use i_size_read() here, the i_size cannot change under us
2271 * because we hold i_rwsem.
2272 *
2273 * But it's important to update i_size while still holding page lock:
2274 * page writeout could otherwise come in and zero beyond i_size.
2275 */
2276 if (pos + copied > inode->i_size) {
2277 i_size_write(inode, pos + copied);
2278 i_size_changed = true;
2279 }
2280
2281 unlock_page(page);
2282 put_page(page);
2283
2284 if (old_size < pos)
2285 pagecache_isize_extended(inode, old_size, pos);
2286 /*
2287 * Don't mark the inode dirty under page lock. First, it unnecessarily
2288 * makes the holding time of page lock longer. Second, it forces lock
2289 * ordering of page lock and transaction start for journaling
2290 * filesystems.
2291 */
2292 if (i_size_changed)
2293 mark_inode_dirty(inode);
2294 return copied;
2295}
2296EXPORT_SYMBOL(generic_write_end);
2297
2298/*
2299 * block_is_partially_uptodate checks whether buffers within a folio are
2300 * uptodate or not.
2301 *
2302 * Returns true if all buffers which correspond to the specified part
2303 * of the folio are uptodate.
2304 */
2305bool block_is_partially_uptodate(struct folio *folio, size_t from, size_t count)
2306{
2307 unsigned block_start, block_end, blocksize;
2308 unsigned to;
2309 struct buffer_head *bh, *head;
2310 bool ret = true;
2311
2312 head = folio_buffers(folio);
2313 if (!head)
2314 return false;
2315 blocksize = head->b_size;
2316 to = min_t(unsigned, folio_size(folio) - from, count);
2317 to = from + to;
2318 if (from < blocksize && to > folio_size(folio) - blocksize)
2319 return false;
2320
2321 bh = head;
2322 block_start = 0;
2323 do {
2324 block_end = block_start + blocksize;
2325 if (block_end > from && block_start < to) {
2326 if (!buffer_uptodate(bh)) {
2327 ret = false;
2328 break;
2329 }
2330 if (block_end >= to)
2331 break;
2332 }
2333 block_start = block_end;
2334 bh = bh->b_this_page;
2335 } while (bh != head);
2336
2337 return ret;
2338}
2339EXPORT_SYMBOL(block_is_partially_uptodate);
2340
2341/*
2342 * Generic "read_folio" function for block devices that have the normal
2343 * get_block functionality. This is most of the block device filesystems.
2344 * Reads the folio asynchronously --- the unlock_buffer() and
2345 * set/clear_buffer_uptodate() functions propagate buffer state into the
2346 * folio once IO has completed.
2347 */
2348int block_read_full_folio(struct folio *folio, get_block_t *get_block)
2349{
2350 struct inode *inode = folio->mapping->host;
2351 sector_t iblock, lblock;
2352 struct buffer_head *bh, *head, *arr[MAX_BUF_PER_PAGE];
2353 size_t blocksize;
2354 int nr, i;
2355 int fully_mapped = 1;
2356 bool page_error = false;
2357 loff_t limit = i_size_read(inode);
2358
2359 /* This is needed for ext4. */
2360 if (IS_ENABLED(CONFIG_FS_VERITY) && IS_VERITY(inode))
2361 limit = inode->i_sb->s_maxbytes;
2362
2363 VM_BUG_ON_FOLIO(folio_test_large(folio), folio);
2364
2365 head = folio_create_buffers(folio, inode, 0);
2366 blocksize = head->b_size;
2367
2368 iblock = div_u64(folio_pos(folio), blocksize);
2369 lblock = div_u64(limit + blocksize - 1, blocksize);
2370 bh = head;
2371 nr = 0;
2372 i = 0;
2373
2374 do {
2375 if (buffer_uptodate(bh))
2376 continue;
2377
2378 if (!buffer_mapped(bh)) {
2379 int err = 0;
2380
2381 fully_mapped = 0;
2382 if (iblock < lblock) {
2383 WARN_ON(bh->b_size != blocksize);
2384 err = get_block(inode, iblock, bh, 0);
2385 if (err) {
2386 folio_set_error(folio);
2387 page_error = true;
2388 }
2389 }
2390 if (!buffer_mapped(bh)) {
2391 folio_zero_range(folio, i * blocksize,
2392 blocksize);
2393 if (!err)
2394 set_buffer_uptodate(bh);
2395 continue;
2396 }
2397 /*
2398 * get_block() might have updated the buffer
2399 * synchronously
2400 */
2401 if (buffer_uptodate(bh))
2402 continue;
2403 }
2404 arr[nr++] = bh;
2405 } while (i++, iblock++, (bh = bh->b_this_page) != head);
2406
2407 if (fully_mapped)
2408 folio_set_mappedtodisk(folio);
2409
2410 if (!nr) {
2411 /*
2412 * All buffers are uptodate or get_block() returned an
2413 * error when trying to map them - we can finish the read.
2414 */
2415 folio_end_read(folio, !page_error);
2416 return 0;
2417 }
2418
2419 /* Stage two: lock the buffers */
2420 for (i = 0; i < nr; i++) {
2421 bh = arr[i];
2422 lock_buffer(bh);
2423 mark_buffer_async_read(bh);
2424 }
2425
2426 /*
2427 * Stage 3: start the IO. Check for uptodateness
2428 * inside the buffer lock in case another process reading
2429 * the underlying blockdev brought it uptodate (the sct fix).
2430 */
2431 for (i = 0; i < nr; i++) {
2432 bh = arr[i];
2433 if (buffer_uptodate(bh))
2434 end_buffer_async_read(bh, 1);
2435 else
2436 submit_bh(REQ_OP_READ, bh);
2437 }
2438 return 0;
2439}
2440EXPORT_SYMBOL(block_read_full_folio);
2441
2442/* utility function for filesystems that need to do work on expanding
2443 * truncates. Uses filesystem pagecache writes to allow the filesystem to
2444 * deal with the hole.
2445 */
2446int generic_cont_expand_simple(struct inode *inode, loff_t size)
2447{
2448 struct address_space *mapping = inode->i_mapping;
2449 const struct address_space_operations *aops = mapping->a_ops;
2450 struct page *page;
2451 void *fsdata = NULL;
2452 int err;
2453
2454 err = inode_newsize_ok(inode, size);
2455 if (err)
2456 goto out;
2457
2458 err = aops->write_begin(NULL, mapping, size, 0, &page, &fsdata);
2459 if (err)
2460 goto out;
2461
2462 err = aops->write_end(NULL, mapping, size, 0, 0, page, fsdata);
2463 BUG_ON(err > 0);
2464
2465out:
2466 return err;
2467}
2468EXPORT_SYMBOL(generic_cont_expand_simple);
2469
2470static int cont_expand_zero(struct file *file, struct address_space *mapping,
2471 loff_t pos, loff_t *bytes)
2472{
2473 struct inode *inode = mapping->host;
2474 const struct address_space_operations *aops = mapping->a_ops;
2475 unsigned int blocksize = i_blocksize(inode);
2476 struct page *page;
2477 void *fsdata = NULL;
2478 pgoff_t index, curidx;
2479 loff_t curpos;
2480 unsigned zerofrom, offset, len;
2481 int err = 0;
2482
2483 index = pos >> PAGE_SHIFT;
2484 offset = pos & ~PAGE_MASK;
2485
2486 while (index > (curidx = (curpos = *bytes)>>PAGE_SHIFT)) {
2487 zerofrom = curpos & ~PAGE_MASK;
2488 if (zerofrom & (blocksize-1)) {
2489 *bytes |= (blocksize-1);
2490 (*bytes)++;
2491 }
2492 len = PAGE_SIZE - zerofrom;
2493
2494 err = aops->write_begin(file, mapping, curpos, len,
2495 &page, &fsdata);
2496 if (err)
2497 goto out;
2498 zero_user(page, zerofrom, len);
2499 err = aops->write_end(file, mapping, curpos, len, len,
2500 page, fsdata);
2501 if (err < 0)
2502 goto out;
2503 BUG_ON(err != len);
2504 err = 0;
2505
2506 balance_dirty_pages_ratelimited(mapping);
2507
2508 if (fatal_signal_pending(current)) {
2509 err = -EINTR;
2510 goto out;
2511 }
2512 }
2513
2514 /* page covers the boundary, find the boundary offset */
2515 if (index == curidx) {
2516 zerofrom = curpos & ~PAGE_MASK;
2517 /* if we will expand the thing last block will be filled */
2518 if (offset <= zerofrom) {
2519 goto out;
2520 }
2521 if (zerofrom & (blocksize-1)) {
2522 *bytes |= (blocksize-1);
2523 (*bytes)++;
2524 }
2525 len = offset - zerofrom;
2526
2527 err = aops->write_begin(file, mapping, curpos, len,
2528 &page, &fsdata);
2529 if (err)
2530 goto out;
2531 zero_user(page, zerofrom, len);
2532 err = aops->write_end(file, mapping, curpos, len, len,
2533 page, fsdata);
2534 if (err < 0)
2535 goto out;
2536 BUG_ON(err != len);
2537 err = 0;
2538 }
2539out:
2540 return err;
2541}
2542
2543/*
2544 * For moronic filesystems that do not allow holes in file.
2545 * We may have to extend the file.
2546 */
2547int cont_write_begin(struct file *file, struct address_space *mapping,
2548 loff_t pos, unsigned len,
2549 struct page **pagep, void **fsdata,
2550 get_block_t *get_block, loff_t *bytes)
2551{
2552 struct inode *inode = mapping->host;
2553 unsigned int blocksize = i_blocksize(inode);
2554 unsigned int zerofrom;
2555 int err;
2556
2557 err = cont_expand_zero(file, mapping, pos, bytes);
2558 if (err)
2559 return err;
2560
2561 zerofrom = *bytes & ~PAGE_MASK;
2562 if (pos+len > *bytes && zerofrom & (blocksize-1)) {
2563 *bytes |= (blocksize-1);
2564 (*bytes)++;
2565 }
2566
2567 return block_write_begin(mapping, pos, len, pagep, get_block);
2568}
2569EXPORT_SYMBOL(cont_write_begin);
2570
2571void block_commit_write(struct page *page, unsigned from, unsigned to)
2572{
2573 struct folio *folio = page_folio(page);
2574 __block_commit_write(folio, from, to);
2575}
2576EXPORT_SYMBOL(block_commit_write);
2577
2578/*
2579 * block_page_mkwrite() is not allowed to change the file size as it gets
2580 * called from a page fault handler when a page is first dirtied. Hence we must
2581 * be careful to check for EOF conditions here. We set the page up correctly
2582 * for a written page which means we get ENOSPC checking when writing into
2583 * holes and correct delalloc and unwritten extent mapping on filesystems that
2584 * support these features.
2585 *
2586 * We are not allowed to take the i_mutex here so we have to play games to
2587 * protect against truncate races as the page could now be beyond EOF. Because
2588 * truncate writes the inode size before removing pages, once we have the
2589 * page lock we can determine safely if the page is beyond EOF. If it is not
2590 * beyond EOF, then the page is guaranteed safe against truncation until we
2591 * unlock the page.
2592 *
2593 * Direct callers of this function should protect against filesystem freezing
2594 * using sb_start_pagefault() - sb_end_pagefault() functions.
2595 */
2596int block_page_mkwrite(struct vm_area_struct *vma, struct vm_fault *vmf,
2597 get_block_t get_block)
2598{
2599 struct folio *folio = page_folio(vmf->page);
2600 struct inode *inode = file_inode(vma->vm_file);
2601 unsigned long end;
2602 loff_t size;
2603 int ret;
2604
2605 folio_lock(folio);
2606 size = i_size_read(inode);
2607 if ((folio->mapping != inode->i_mapping) ||
2608 (folio_pos(folio) >= size)) {
2609 /* We overload EFAULT to mean page got truncated */
2610 ret = -EFAULT;
2611 goto out_unlock;
2612 }
2613
2614 end = folio_size(folio);
2615 /* folio is wholly or partially inside EOF */
2616 if (folio_pos(folio) + end > size)
2617 end = size - folio_pos(folio);
2618
2619 ret = __block_write_begin_int(folio, 0, end, get_block, NULL);
2620 if (unlikely(ret))
2621 goto out_unlock;
2622
2623 __block_commit_write(folio, 0, end);
2624
2625 folio_mark_dirty(folio);
2626 folio_wait_stable(folio);
2627 return 0;
2628out_unlock:
2629 folio_unlock(folio);
2630 return ret;
2631}
2632EXPORT_SYMBOL(block_page_mkwrite);
2633
2634int block_truncate_page(struct address_space *mapping,
2635 loff_t from, get_block_t *get_block)
2636{
2637 pgoff_t index = from >> PAGE_SHIFT;
2638 unsigned blocksize;
2639 sector_t iblock;
2640 size_t offset, length, pos;
2641 struct inode *inode = mapping->host;
2642 struct folio *folio;
2643 struct buffer_head *bh;
2644 int err = 0;
2645
2646 blocksize = i_blocksize(inode);
2647 length = from & (blocksize - 1);
2648
2649 /* Block boundary? Nothing to do */
2650 if (!length)
2651 return 0;
2652
2653 length = blocksize - length;
2654 iblock = ((loff_t)index * PAGE_SIZE) >> inode->i_blkbits;
2655
2656 folio = filemap_grab_folio(mapping, index);
2657 if (IS_ERR(folio))
2658 return PTR_ERR(folio);
2659
2660 bh = folio_buffers(folio);
2661 if (!bh)
2662 bh = create_empty_buffers(folio, blocksize, 0);
2663
2664 /* Find the buffer that contains "offset" */
2665 offset = offset_in_folio(folio, from);
2666 pos = blocksize;
2667 while (offset >= pos) {
2668 bh = bh->b_this_page;
2669 iblock++;
2670 pos += blocksize;
2671 }
2672
2673 if (!buffer_mapped(bh)) {
2674 WARN_ON(bh->b_size != blocksize);
2675 err = get_block(inode, iblock, bh, 0);
2676 if (err)
2677 goto unlock;
2678 /* unmapped? It's a hole - nothing to do */
2679 if (!buffer_mapped(bh))
2680 goto unlock;
2681 }
2682
2683 /* Ok, it's mapped. Make sure it's up-to-date */
2684 if (folio_test_uptodate(folio))
2685 set_buffer_uptodate(bh);
2686
2687 if (!buffer_uptodate(bh) && !buffer_delay(bh) && !buffer_unwritten(bh)) {
2688 err = bh_read(bh, 0);
2689 /* Uhhuh. Read error. Complain and punt. */
2690 if (err < 0)
2691 goto unlock;
2692 }
2693
2694 folio_zero_range(folio, offset, length);
2695 mark_buffer_dirty(bh);
2696
2697unlock:
2698 folio_unlock(folio);
2699 folio_put(folio);
2700
2701 return err;
2702}
2703EXPORT_SYMBOL(block_truncate_page);
2704
2705/*
2706 * The generic ->writepage function for buffer-backed address_spaces
2707 */
2708int block_write_full_folio(struct folio *folio, struct writeback_control *wbc,
2709 void *get_block)
2710{
2711 struct inode * const inode = folio->mapping->host;
2712 loff_t i_size = i_size_read(inode);
2713
2714 /* Is the folio fully inside i_size? */
2715 if (folio_pos(folio) + folio_size(folio) <= i_size)
2716 return __block_write_full_folio(inode, folio, get_block, wbc);
2717
2718 /* Is the folio fully outside i_size? (truncate in progress) */
2719 if (folio_pos(folio) >= i_size) {
2720 folio_unlock(folio);
2721 return 0; /* don't care */
2722 }
2723
2724 /*
2725 * The folio straddles i_size. It must be zeroed out on each and every
2726 * writepage invocation because it may be mmapped. "A file is mapped
2727 * in multiples of the page size. For a file that is not a multiple of
2728 * the page size, the remaining memory is zeroed when mapped, and
2729 * writes to that region are not written out to the file."
2730 */
2731 folio_zero_segment(folio, offset_in_folio(folio, i_size),
2732 folio_size(folio));
2733 return __block_write_full_folio(inode, folio, get_block, wbc);
2734}
2735
2736sector_t generic_block_bmap(struct address_space *mapping, sector_t block,
2737 get_block_t *get_block)
2738{
2739 struct inode *inode = mapping->host;
2740 struct buffer_head tmp = {
2741 .b_size = i_blocksize(inode),
2742 };
2743
2744 get_block(inode, block, &tmp, 0);
2745 return tmp.b_blocknr;
2746}
2747EXPORT_SYMBOL(generic_block_bmap);
2748
2749static void end_bio_bh_io_sync(struct bio *bio)
2750{
2751 struct buffer_head *bh = bio->bi_private;
2752
2753 if (unlikely(bio_flagged(bio, BIO_QUIET)))
2754 set_bit(BH_Quiet, &bh->b_state);
2755
2756 bh->b_end_io(bh, !bio->bi_status);
2757 bio_put(bio);
2758}
2759
2760static void submit_bh_wbc(blk_opf_t opf, struct buffer_head *bh,
2761 enum rw_hint write_hint,
2762 struct writeback_control *wbc)
2763{
2764 const enum req_op op = opf & REQ_OP_MASK;
2765 struct bio *bio;
2766
2767 BUG_ON(!buffer_locked(bh));
2768 BUG_ON(!buffer_mapped(bh));
2769 BUG_ON(!bh->b_end_io);
2770 BUG_ON(buffer_delay(bh));
2771 BUG_ON(buffer_unwritten(bh));
2772
2773 /*
2774 * Only clear out a write error when rewriting
2775 */
2776 if (test_set_buffer_req(bh) && (op == REQ_OP_WRITE))
2777 clear_buffer_write_io_error(bh);
2778
2779 if (buffer_meta(bh))
2780 opf |= REQ_META;
2781 if (buffer_prio(bh))
2782 opf |= REQ_PRIO;
2783
2784 bio = bio_alloc(bh->b_bdev, 1, opf, GFP_NOIO);
2785
2786 fscrypt_set_bio_crypt_ctx_bh(bio, bh, GFP_NOIO);
2787
2788 bio->bi_iter.bi_sector = bh->b_blocknr * (bh->b_size >> 9);
2789 bio->bi_write_hint = write_hint;
2790
2791 __bio_add_page(bio, bh->b_page, bh->b_size, bh_offset(bh));
2792
2793 bio->bi_end_io = end_bio_bh_io_sync;
2794 bio->bi_private = bh;
2795
2796 /* Take care of bh's that straddle the end of the device */
2797 guard_bio_eod(bio);
2798
2799 if (wbc) {
2800 wbc_init_bio(wbc, bio);
2801 wbc_account_cgroup_owner(wbc, bh->b_page, bh->b_size);
2802 }
2803
2804 submit_bio(bio);
2805}
2806
2807void submit_bh(blk_opf_t opf, struct buffer_head *bh)
2808{
2809 submit_bh_wbc(opf, bh, WRITE_LIFE_NOT_SET, NULL);
2810}
2811EXPORT_SYMBOL(submit_bh);
2812
2813void write_dirty_buffer(struct buffer_head *bh, blk_opf_t op_flags)
2814{
2815 lock_buffer(bh);
2816 if (!test_clear_buffer_dirty(bh)) {
2817 unlock_buffer(bh);
2818 return;
2819 }
2820 bh->b_end_io = end_buffer_write_sync;
2821 get_bh(bh);
2822 submit_bh(REQ_OP_WRITE | op_flags, bh);
2823}
2824EXPORT_SYMBOL(write_dirty_buffer);
2825
2826/*
2827 * For a data-integrity writeout, we need to wait upon any in-progress I/O
2828 * and then start new I/O and then wait upon it. The caller must have a ref on
2829 * the buffer_head.
2830 */
2831int __sync_dirty_buffer(struct buffer_head *bh, blk_opf_t op_flags)
2832{
2833 WARN_ON(atomic_read(&bh->b_count) < 1);
2834 lock_buffer(bh);
2835 if (test_clear_buffer_dirty(bh)) {
2836 /*
2837 * The bh should be mapped, but it might not be if the
2838 * device was hot-removed. Not much we can do but fail the I/O.
2839 */
2840 if (!buffer_mapped(bh)) {
2841 unlock_buffer(bh);
2842 return -EIO;
2843 }
2844
2845 get_bh(bh);
2846 bh->b_end_io = end_buffer_write_sync;
2847 submit_bh(REQ_OP_WRITE | op_flags, bh);
2848 wait_on_buffer(bh);
2849 if (!buffer_uptodate(bh))
2850 return -EIO;
2851 } else {
2852 unlock_buffer(bh);
2853 }
2854 return 0;
2855}
2856EXPORT_SYMBOL(__sync_dirty_buffer);
2857
2858int sync_dirty_buffer(struct buffer_head *bh)
2859{
2860 return __sync_dirty_buffer(bh, REQ_SYNC);
2861}
2862EXPORT_SYMBOL(sync_dirty_buffer);
2863
2864/*
2865 * try_to_free_buffers() checks if all the buffers on this particular folio
2866 * are unused, and releases them if so.
2867 *
2868 * Exclusion against try_to_free_buffers may be obtained by either
2869 * locking the folio or by holding its mapping's i_private_lock.
2870 *
2871 * If the folio is dirty but all the buffers are clean then we need to
2872 * be sure to mark the folio clean as well. This is because the folio
2873 * may be against a block device, and a later reattachment of buffers
2874 * to a dirty folio will set *all* buffers dirty. Which would corrupt
2875 * filesystem data on the same device.
2876 *
2877 * The same applies to regular filesystem folios: if all the buffers are
2878 * clean then we set the folio clean and proceed. To do that, we require
2879 * total exclusion from block_dirty_folio(). That is obtained with
2880 * i_private_lock.
2881 *
2882 * try_to_free_buffers() is non-blocking.
2883 */
2884static inline int buffer_busy(struct buffer_head *bh)
2885{
2886 return atomic_read(&bh->b_count) |
2887 (bh->b_state & ((1 << BH_Dirty) | (1 << BH_Lock)));
2888}
2889
2890static bool
2891drop_buffers(struct folio *folio, struct buffer_head **buffers_to_free)
2892{
2893 struct buffer_head *head = folio_buffers(folio);
2894 struct buffer_head *bh;
2895
2896 bh = head;
2897 do {
2898 if (buffer_busy(bh))
2899 goto failed;
2900 bh = bh->b_this_page;
2901 } while (bh != head);
2902
2903 do {
2904 struct buffer_head *next = bh->b_this_page;
2905
2906 if (bh->b_assoc_map)
2907 __remove_assoc_queue(bh);
2908 bh = next;
2909 } while (bh != head);
2910 *buffers_to_free = head;
2911 folio_detach_private(folio);
2912 return true;
2913failed:
2914 return false;
2915}
2916
2917bool try_to_free_buffers(struct folio *folio)
2918{
2919 struct address_space * const mapping = folio->mapping;
2920 struct buffer_head *buffers_to_free = NULL;
2921 bool ret = 0;
2922
2923 BUG_ON(!folio_test_locked(folio));
2924 if (folio_test_writeback(folio))
2925 return false;
2926
2927 if (mapping == NULL) { /* can this still happen? */
2928 ret = drop_buffers(folio, &buffers_to_free);
2929 goto out;
2930 }
2931
2932 spin_lock(&mapping->i_private_lock);
2933 ret = drop_buffers(folio, &buffers_to_free);
2934
2935 /*
2936 * If the filesystem writes its buffers by hand (eg ext3)
2937 * then we can have clean buffers against a dirty folio. We
2938 * clean the folio here; otherwise the VM will never notice
2939 * that the filesystem did any IO at all.
2940 *
2941 * Also, during truncate, discard_buffer will have marked all
2942 * the folio's buffers clean. We discover that here and clean
2943 * the folio also.
2944 *
2945 * i_private_lock must be held over this entire operation in order
2946 * to synchronise against block_dirty_folio and prevent the
2947 * dirty bit from being lost.
2948 */
2949 if (ret)
2950 folio_cancel_dirty(folio);
2951 spin_unlock(&mapping->i_private_lock);
2952out:
2953 if (buffers_to_free) {
2954 struct buffer_head *bh = buffers_to_free;
2955
2956 do {
2957 struct buffer_head *next = bh->b_this_page;
2958 free_buffer_head(bh);
2959 bh = next;
2960 } while (bh != buffers_to_free);
2961 }
2962 return ret;
2963}
2964EXPORT_SYMBOL(try_to_free_buffers);
2965
2966/*
2967 * Buffer-head allocation
2968 */
2969static struct kmem_cache *bh_cachep __ro_after_init;
2970
2971/*
2972 * Once the number of bh's in the machine exceeds this level, we start
2973 * stripping them in writeback.
2974 */
2975static unsigned long max_buffer_heads __ro_after_init;
2976
2977int buffer_heads_over_limit;
2978
2979struct bh_accounting {
2980 int nr; /* Number of live bh's */
2981 int ratelimit; /* Limit cacheline bouncing */
2982};
2983
2984static DEFINE_PER_CPU(struct bh_accounting, bh_accounting) = {0, 0};
2985
2986static void recalc_bh_state(void)
2987{
2988 int i;
2989 int tot = 0;
2990
2991 if (__this_cpu_inc_return(bh_accounting.ratelimit) - 1 < 4096)
2992 return;
2993 __this_cpu_write(bh_accounting.ratelimit, 0);
2994 for_each_online_cpu(i)
2995 tot += per_cpu(bh_accounting, i).nr;
2996 buffer_heads_over_limit = (tot > max_buffer_heads);
2997}
2998
2999struct buffer_head *alloc_buffer_head(gfp_t gfp_flags)
3000{
3001 struct buffer_head *ret = kmem_cache_zalloc(bh_cachep, gfp_flags);
3002 if (ret) {
3003 INIT_LIST_HEAD(&ret->b_assoc_buffers);
3004 spin_lock_init(&ret->b_uptodate_lock);
3005 preempt_disable();
3006 __this_cpu_inc(bh_accounting.nr);
3007 recalc_bh_state();
3008 preempt_enable();
3009 }
3010 return ret;
3011}
3012EXPORT_SYMBOL(alloc_buffer_head);
3013
3014void free_buffer_head(struct buffer_head *bh)
3015{
3016 BUG_ON(!list_empty(&bh->b_assoc_buffers));
3017 kmem_cache_free(bh_cachep, bh);
3018 preempt_disable();
3019 __this_cpu_dec(bh_accounting.nr);
3020 recalc_bh_state();
3021 preempt_enable();
3022}
3023EXPORT_SYMBOL(free_buffer_head);
3024
3025static int buffer_exit_cpu_dead(unsigned int cpu)
3026{
3027 int i;
3028 struct bh_lru *b = &per_cpu(bh_lrus, cpu);
3029
3030 for (i = 0; i < BH_LRU_SIZE; i++) {
3031 brelse(b->bhs[i]);
3032 b->bhs[i] = NULL;
3033 }
3034 this_cpu_add(bh_accounting.nr, per_cpu(bh_accounting, cpu).nr);
3035 per_cpu(bh_accounting, cpu).nr = 0;
3036 return 0;
3037}
3038
3039/**
3040 * bh_uptodate_or_lock - Test whether the buffer is uptodate
3041 * @bh: struct buffer_head
3042 *
3043 * Return true if the buffer is up-to-date and false,
3044 * with the buffer locked, if not.
3045 */
3046int bh_uptodate_or_lock(struct buffer_head *bh)
3047{
3048 if (!buffer_uptodate(bh)) {
3049 lock_buffer(bh);
3050 if (!buffer_uptodate(bh))
3051 return 0;
3052 unlock_buffer(bh);
3053 }
3054 return 1;
3055}
3056EXPORT_SYMBOL(bh_uptodate_or_lock);
3057
3058/**
3059 * __bh_read - Submit read for a locked buffer
3060 * @bh: struct buffer_head
3061 * @op_flags: appending REQ_OP_* flags besides REQ_OP_READ
3062 * @wait: wait until reading finish
3063 *
3064 * Returns zero on success or don't wait, and -EIO on error.
3065 */
3066int __bh_read(struct buffer_head *bh, blk_opf_t op_flags, bool wait)
3067{
3068 int ret = 0;
3069
3070 BUG_ON(!buffer_locked(bh));
3071
3072 get_bh(bh);
3073 bh->b_end_io = end_buffer_read_sync;
3074 submit_bh(REQ_OP_READ | op_flags, bh);
3075 if (wait) {
3076 wait_on_buffer(bh);
3077 if (!buffer_uptodate(bh))
3078 ret = -EIO;
3079 }
3080 return ret;
3081}
3082EXPORT_SYMBOL(__bh_read);
3083
3084/**
3085 * __bh_read_batch - Submit read for a batch of unlocked buffers
3086 * @nr: entry number of the buffer batch
3087 * @bhs: a batch of struct buffer_head
3088 * @op_flags: appending REQ_OP_* flags besides REQ_OP_READ
3089 * @force_lock: force to get a lock on the buffer if set, otherwise drops any
3090 * buffer that cannot lock.
3091 *
3092 * Returns zero on success or don't wait, and -EIO on error.
3093 */
3094void __bh_read_batch(int nr, struct buffer_head *bhs[],
3095 blk_opf_t op_flags, bool force_lock)
3096{
3097 int i;
3098
3099 for (i = 0; i < nr; i++) {
3100 struct buffer_head *bh = bhs[i];
3101
3102 if (buffer_uptodate(bh))
3103 continue;
3104
3105 if (force_lock)
3106 lock_buffer(bh);
3107 else
3108 if (!trylock_buffer(bh))
3109 continue;
3110
3111 if (buffer_uptodate(bh)) {
3112 unlock_buffer(bh);
3113 continue;
3114 }
3115
3116 bh->b_end_io = end_buffer_read_sync;
3117 get_bh(bh);
3118 submit_bh(REQ_OP_READ | op_flags, bh);
3119 }
3120}
3121EXPORT_SYMBOL(__bh_read_batch);
3122
3123void __init buffer_init(void)
3124{
3125 unsigned long nrpages;
3126 int ret;
3127
3128 bh_cachep = KMEM_CACHE(buffer_head,
3129 SLAB_RECLAIM_ACCOUNT|SLAB_PANIC);
3130 /*
3131 * Limit the bh occupancy to 10% of ZONE_NORMAL
3132 */
3133 nrpages = (nr_free_buffer_pages() * 10) / 100;
3134 max_buffer_heads = nrpages * (PAGE_SIZE / sizeof(struct buffer_head));
3135 ret = cpuhp_setup_state_nocalls(CPUHP_FS_BUFF_DEAD, "fs/buffer:dead",
3136 NULL, buffer_exit_cpu_dead);
3137 WARN_ON(ret < 0);
3138}
1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * linux/fs/buffer.c
4 *
5 * Copyright (C) 1991, 1992, 2002 Linus Torvalds
6 */
7
8/*
9 * Start bdflush() with kernel_thread not syscall - Paul Gortmaker, 12/95
10 *
11 * Removed a lot of unnecessary code and simplified things now that
12 * the buffer cache isn't our primary cache - Andrew Tridgell 12/96
13 *
14 * Speed up hash, lru, and free list operations. Use gfp() for allocating
15 * hash table, use SLAB cache for buffer heads. SMP threading. -DaveM
16 *
17 * Added 32k buffer block sizes - these are required older ARM systems. - RMK
18 *
19 * async buffer flushing, 1999 Andrea Arcangeli <andrea@suse.de>
20 */
21
22#include <linux/kernel.h>
23#include <linux/sched/signal.h>
24#include <linux/syscalls.h>
25#include <linux/fs.h>
26#include <linux/iomap.h>
27#include <linux/mm.h>
28#include <linux/percpu.h>
29#include <linux/slab.h>
30#include <linux/capability.h>
31#include <linux/blkdev.h>
32#include <linux/file.h>
33#include <linux/quotaops.h>
34#include <linux/highmem.h>
35#include <linux/export.h>
36#include <linux/backing-dev.h>
37#include <linux/writeback.h>
38#include <linux/hash.h>
39#include <linux/suspend.h>
40#include <linux/buffer_head.h>
41#include <linux/task_io_accounting_ops.h>
42#include <linux/bio.h>
43#include <linux/cpu.h>
44#include <linux/bitops.h>
45#include <linux/mpage.h>
46#include <linux/bit_spinlock.h>
47#include <linux/pagevec.h>
48#include <linux/sched/mm.h>
49#include <trace/events/block.h>
50#include <linux/fscrypt.h>
51
52#include "internal.h"
53
54static int fsync_buffers_list(spinlock_t *lock, struct list_head *list);
55static int submit_bh_wbc(int op, int op_flags, struct buffer_head *bh,
56 enum rw_hint hint, struct writeback_control *wbc);
57
58#define BH_ENTRY(list) list_entry((list), struct buffer_head, b_assoc_buffers)
59
60inline void touch_buffer(struct buffer_head *bh)
61{
62 trace_block_touch_buffer(bh);
63 mark_page_accessed(bh->b_page);
64}
65EXPORT_SYMBOL(touch_buffer);
66
67void __lock_buffer(struct buffer_head *bh)
68{
69 wait_on_bit_lock_io(&bh->b_state, BH_Lock, TASK_UNINTERRUPTIBLE);
70}
71EXPORT_SYMBOL(__lock_buffer);
72
73void unlock_buffer(struct buffer_head *bh)
74{
75 clear_bit_unlock(BH_Lock, &bh->b_state);
76 smp_mb__after_atomic();
77 wake_up_bit(&bh->b_state, BH_Lock);
78}
79EXPORT_SYMBOL(unlock_buffer);
80
81/*
82 * Returns if the page has dirty or writeback buffers. If all the buffers
83 * are unlocked and clean then the PageDirty information is stale. If
84 * any of the pages are locked, it is assumed they are locked for IO.
85 */
86void buffer_check_dirty_writeback(struct page *page,
87 bool *dirty, bool *writeback)
88{
89 struct buffer_head *head, *bh;
90 *dirty = false;
91 *writeback = false;
92
93 BUG_ON(!PageLocked(page));
94
95 if (!page_has_buffers(page))
96 return;
97
98 if (PageWriteback(page))
99 *writeback = true;
100
101 head = page_buffers(page);
102 bh = head;
103 do {
104 if (buffer_locked(bh))
105 *writeback = true;
106
107 if (buffer_dirty(bh))
108 *dirty = true;
109
110 bh = bh->b_this_page;
111 } while (bh != head);
112}
113EXPORT_SYMBOL(buffer_check_dirty_writeback);
114
115/*
116 * Block until a buffer comes unlocked. This doesn't stop it
117 * from becoming locked again - you have to lock it yourself
118 * if you want to preserve its state.
119 */
120void __wait_on_buffer(struct buffer_head * bh)
121{
122 wait_on_bit_io(&bh->b_state, BH_Lock, TASK_UNINTERRUPTIBLE);
123}
124EXPORT_SYMBOL(__wait_on_buffer);
125
126static void buffer_io_error(struct buffer_head *bh, char *msg)
127{
128 if (!test_bit(BH_Quiet, &bh->b_state))
129 printk_ratelimited(KERN_ERR
130 "Buffer I/O error on dev %pg, logical block %llu%s\n",
131 bh->b_bdev, (unsigned long long)bh->b_blocknr, msg);
132}
133
134/*
135 * End-of-IO handler helper function which does not touch the bh after
136 * unlocking it.
137 * Note: unlock_buffer() sort-of does touch the bh after unlocking it, but
138 * a race there is benign: unlock_buffer() only use the bh's address for
139 * hashing after unlocking the buffer, so it doesn't actually touch the bh
140 * itself.
141 */
142static void __end_buffer_read_notouch(struct buffer_head *bh, int uptodate)
143{
144 if (uptodate) {
145 set_buffer_uptodate(bh);
146 } else {
147 /* This happens, due to failed read-ahead attempts. */
148 clear_buffer_uptodate(bh);
149 }
150 unlock_buffer(bh);
151}
152
153/*
154 * Default synchronous end-of-IO handler.. Just mark it up-to-date and
155 * unlock the buffer. This is what ll_rw_block uses too.
156 */
157void end_buffer_read_sync(struct buffer_head *bh, int uptodate)
158{
159 __end_buffer_read_notouch(bh, uptodate);
160 put_bh(bh);
161}
162EXPORT_SYMBOL(end_buffer_read_sync);
163
164void end_buffer_write_sync(struct buffer_head *bh, int uptodate)
165{
166 if (uptodate) {
167 set_buffer_uptodate(bh);
168 } else {
169 buffer_io_error(bh, ", lost sync page write");
170 mark_buffer_write_io_error(bh);
171 clear_buffer_uptodate(bh);
172 }
173 unlock_buffer(bh);
174 put_bh(bh);
175}
176EXPORT_SYMBOL(end_buffer_write_sync);
177
178/*
179 * Various filesystems appear to want __find_get_block to be non-blocking.
180 * But it's the page lock which protects the buffers. To get around this,
181 * we get exclusion from try_to_free_buffers with the blockdev mapping's
182 * private_lock.
183 *
184 * Hack idea: for the blockdev mapping, private_lock contention
185 * may be quite high. This code could TryLock the page, and if that
186 * succeeds, there is no need to take private_lock.
187 */
188static struct buffer_head *
189__find_get_block_slow(struct block_device *bdev, sector_t block)
190{
191 struct inode *bd_inode = bdev->bd_inode;
192 struct address_space *bd_mapping = bd_inode->i_mapping;
193 struct buffer_head *ret = NULL;
194 pgoff_t index;
195 struct buffer_head *bh;
196 struct buffer_head *head;
197 struct page *page;
198 int all_mapped = 1;
199 static DEFINE_RATELIMIT_STATE(last_warned, HZ, 1);
200
201 index = block >> (PAGE_SHIFT - bd_inode->i_blkbits);
202 page = find_get_page_flags(bd_mapping, index, FGP_ACCESSED);
203 if (!page)
204 goto out;
205
206 spin_lock(&bd_mapping->private_lock);
207 if (!page_has_buffers(page))
208 goto out_unlock;
209 head = page_buffers(page);
210 bh = head;
211 do {
212 if (!buffer_mapped(bh))
213 all_mapped = 0;
214 else if (bh->b_blocknr == block) {
215 ret = bh;
216 get_bh(bh);
217 goto out_unlock;
218 }
219 bh = bh->b_this_page;
220 } while (bh != head);
221
222 /* we might be here because some of the buffers on this page are
223 * not mapped. This is due to various races between
224 * file io on the block device and getblk. It gets dealt with
225 * elsewhere, don't buffer_error if we had some unmapped buffers
226 */
227 ratelimit_set_flags(&last_warned, RATELIMIT_MSG_ON_RELEASE);
228 if (all_mapped && __ratelimit(&last_warned)) {
229 printk("__find_get_block_slow() failed. block=%llu, "
230 "b_blocknr=%llu, b_state=0x%08lx, b_size=%zu, "
231 "device %pg blocksize: %d\n",
232 (unsigned long long)block,
233 (unsigned long long)bh->b_blocknr,
234 bh->b_state, bh->b_size, bdev,
235 1 << bd_inode->i_blkbits);
236 }
237out_unlock:
238 spin_unlock(&bd_mapping->private_lock);
239 put_page(page);
240out:
241 return ret;
242}
243
244static void end_buffer_async_read(struct buffer_head *bh, int uptodate)
245{
246 unsigned long flags;
247 struct buffer_head *first;
248 struct buffer_head *tmp;
249 struct page *page;
250 int page_uptodate = 1;
251
252 BUG_ON(!buffer_async_read(bh));
253
254 page = bh->b_page;
255 if (uptodate) {
256 set_buffer_uptodate(bh);
257 } else {
258 clear_buffer_uptodate(bh);
259 buffer_io_error(bh, ", async page read");
260 SetPageError(page);
261 }
262
263 /*
264 * Be _very_ careful from here on. Bad things can happen if
265 * two buffer heads end IO at almost the same time and both
266 * decide that the page is now completely done.
267 */
268 first = page_buffers(page);
269 spin_lock_irqsave(&first->b_uptodate_lock, flags);
270 clear_buffer_async_read(bh);
271 unlock_buffer(bh);
272 tmp = bh;
273 do {
274 if (!buffer_uptodate(tmp))
275 page_uptodate = 0;
276 if (buffer_async_read(tmp)) {
277 BUG_ON(!buffer_locked(tmp));
278 goto still_busy;
279 }
280 tmp = tmp->b_this_page;
281 } while (tmp != bh);
282 spin_unlock_irqrestore(&first->b_uptodate_lock, flags);
283
284 /*
285 * If none of the buffers had errors and they are all
286 * uptodate then we can set the page uptodate.
287 */
288 if (page_uptodate && !PageError(page))
289 SetPageUptodate(page);
290 unlock_page(page);
291 return;
292
293still_busy:
294 spin_unlock_irqrestore(&first->b_uptodate_lock, flags);
295 return;
296}
297
298struct decrypt_bh_ctx {
299 struct work_struct work;
300 struct buffer_head *bh;
301};
302
303static void decrypt_bh(struct work_struct *work)
304{
305 struct decrypt_bh_ctx *ctx =
306 container_of(work, struct decrypt_bh_ctx, work);
307 struct buffer_head *bh = ctx->bh;
308 int err;
309
310 err = fscrypt_decrypt_pagecache_blocks(bh->b_page, bh->b_size,
311 bh_offset(bh));
312 end_buffer_async_read(bh, err == 0);
313 kfree(ctx);
314}
315
316/*
317 * I/O completion handler for block_read_full_page() - pages
318 * which come unlocked at the end of I/O.
319 */
320static void end_buffer_async_read_io(struct buffer_head *bh, int uptodate)
321{
322 /* Decrypt if needed */
323 if (uptodate &&
324 fscrypt_inode_uses_fs_layer_crypto(bh->b_page->mapping->host)) {
325 struct decrypt_bh_ctx *ctx = kmalloc(sizeof(*ctx), GFP_ATOMIC);
326
327 if (ctx) {
328 INIT_WORK(&ctx->work, decrypt_bh);
329 ctx->bh = bh;
330 fscrypt_enqueue_decrypt_work(&ctx->work);
331 return;
332 }
333 uptodate = 0;
334 }
335 end_buffer_async_read(bh, uptodate);
336}
337
338/*
339 * Completion handler for block_write_full_page() - pages which are unlocked
340 * during I/O, and which have PageWriteback cleared upon I/O completion.
341 */
342void end_buffer_async_write(struct buffer_head *bh, int uptodate)
343{
344 unsigned long flags;
345 struct buffer_head *first;
346 struct buffer_head *tmp;
347 struct page *page;
348
349 BUG_ON(!buffer_async_write(bh));
350
351 page = bh->b_page;
352 if (uptodate) {
353 set_buffer_uptodate(bh);
354 } else {
355 buffer_io_error(bh, ", lost async page write");
356 mark_buffer_write_io_error(bh);
357 clear_buffer_uptodate(bh);
358 SetPageError(page);
359 }
360
361 first = page_buffers(page);
362 spin_lock_irqsave(&first->b_uptodate_lock, flags);
363
364 clear_buffer_async_write(bh);
365 unlock_buffer(bh);
366 tmp = bh->b_this_page;
367 while (tmp != bh) {
368 if (buffer_async_write(tmp)) {
369 BUG_ON(!buffer_locked(tmp));
370 goto still_busy;
371 }
372 tmp = tmp->b_this_page;
373 }
374 spin_unlock_irqrestore(&first->b_uptodate_lock, flags);
375 end_page_writeback(page);
376 return;
377
378still_busy:
379 spin_unlock_irqrestore(&first->b_uptodate_lock, flags);
380 return;
381}
382EXPORT_SYMBOL(end_buffer_async_write);
383
384/*
385 * If a page's buffers are under async readin (end_buffer_async_read
386 * completion) then there is a possibility that another thread of
387 * control could lock one of the buffers after it has completed
388 * but while some of the other buffers have not completed. This
389 * locked buffer would confuse end_buffer_async_read() into not unlocking
390 * the page. So the absence of BH_Async_Read tells end_buffer_async_read()
391 * that this buffer is not under async I/O.
392 *
393 * The page comes unlocked when it has no locked buffer_async buffers
394 * left.
395 *
396 * PageLocked prevents anyone starting new async I/O reads any of
397 * the buffers.
398 *
399 * PageWriteback is used to prevent simultaneous writeout of the same
400 * page.
401 *
402 * PageLocked prevents anyone from starting writeback of a page which is
403 * under read I/O (PageWriteback is only ever set against a locked page).
404 */
405static void mark_buffer_async_read(struct buffer_head *bh)
406{
407 bh->b_end_io = end_buffer_async_read_io;
408 set_buffer_async_read(bh);
409}
410
411static void mark_buffer_async_write_endio(struct buffer_head *bh,
412 bh_end_io_t *handler)
413{
414 bh->b_end_io = handler;
415 set_buffer_async_write(bh);
416}
417
418void mark_buffer_async_write(struct buffer_head *bh)
419{
420 mark_buffer_async_write_endio(bh, end_buffer_async_write);
421}
422EXPORT_SYMBOL(mark_buffer_async_write);
423
424
425/*
426 * fs/buffer.c contains helper functions for buffer-backed address space's
427 * fsync functions. A common requirement for buffer-based filesystems is
428 * that certain data from the backing blockdev needs to be written out for
429 * a successful fsync(). For example, ext2 indirect blocks need to be
430 * written back and waited upon before fsync() returns.
431 *
432 * The functions mark_buffer_inode_dirty(), fsync_inode_buffers(),
433 * inode_has_buffers() and invalidate_inode_buffers() are provided for the
434 * management of a list of dependent buffers at ->i_mapping->private_list.
435 *
436 * Locking is a little subtle: try_to_free_buffers() will remove buffers
437 * from their controlling inode's queue when they are being freed. But
438 * try_to_free_buffers() will be operating against the *blockdev* mapping
439 * at the time, not against the S_ISREG file which depends on those buffers.
440 * So the locking for private_list is via the private_lock in the address_space
441 * which backs the buffers. Which is different from the address_space
442 * against which the buffers are listed. So for a particular address_space,
443 * mapping->private_lock does *not* protect mapping->private_list! In fact,
444 * mapping->private_list will always be protected by the backing blockdev's
445 * ->private_lock.
446 *
447 * Which introduces a requirement: all buffers on an address_space's
448 * ->private_list must be from the same address_space: the blockdev's.
449 *
450 * address_spaces which do not place buffers at ->private_list via these
451 * utility functions are free to use private_lock and private_list for
452 * whatever they want. The only requirement is that list_empty(private_list)
453 * be true at clear_inode() time.
454 *
455 * FIXME: clear_inode should not call invalidate_inode_buffers(). The
456 * filesystems should do that. invalidate_inode_buffers() should just go
457 * BUG_ON(!list_empty).
458 *
459 * FIXME: mark_buffer_dirty_inode() is a data-plane operation. It should
460 * take an address_space, not an inode. And it should be called
461 * mark_buffer_dirty_fsync() to clearly define why those buffers are being
462 * queued up.
463 *
464 * FIXME: mark_buffer_dirty_inode() doesn't need to add the buffer to the
465 * list if it is already on a list. Because if the buffer is on a list,
466 * it *must* already be on the right one. If not, the filesystem is being
467 * silly. This will save a ton of locking. But first we have to ensure
468 * that buffers are taken *off* the old inode's list when they are freed
469 * (presumably in truncate). That requires careful auditing of all
470 * filesystems (do it inside bforget()). It could also be done by bringing
471 * b_inode back.
472 */
473
474/*
475 * The buffer's backing address_space's private_lock must be held
476 */
477static void __remove_assoc_queue(struct buffer_head *bh)
478{
479 list_del_init(&bh->b_assoc_buffers);
480 WARN_ON(!bh->b_assoc_map);
481 bh->b_assoc_map = NULL;
482}
483
484int inode_has_buffers(struct inode *inode)
485{
486 return !list_empty(&inode->i_data.private_list);
487}
488
489/*
490 * osync is designed to support O_SYNC io. It waits synchronously for
491 * all already-submitted IO to complete, but does not queue any new
492 * writes to the disk.
493 *
494 * To do O_SYNC writes, just queue the buffer writes with ll_rw_block as
495 * you dirty the buffers, and then use osync_inode_buffers to wait for
496 * completion. Any other dirty buffers which are not yet queued for
497 * write will not be flushed to disk by the osync.
498 */
499static int osync_buffers_list(spinlock_t *lock, struct list_head *list)
500{
501 struct buffer_head *bh;
502 struct list_head *p;
503 int err = 0;
504
505 spin_lock(lock);
506repeat:
507 list_for_each_prev(p, list) {
508 bh = BH_ENTRY(p);
509 if (buffer_locked(bh)) {
510 get_bh(bh);
511 spin_unlock(lock);
512 wait_on_buffer(bh);
513 if (!buffer_uptodate(bh))
514 err = -EIO;
515 brelse(bh);
516 spin_lock(lock);
517 goto repeat;
518 }
519 }
520 spin_unlock(lock);
521 return err;
522}
523
524void emergency_thaw_bdev(struct super_block *sb)
525{
526 while (sb->s_bdev && !thaw_bdev(sb->s_bdev))
527 printk(KERN_WARNING "Emergency Thaw on %pg\n", sb->s_bdev);
528}
529
530/**
531 * sync_mapping_buffers - write out & wait upon a mapping's "associated" buffers
532 * @mapping: the mapping which wants those buffers written
533 *
534 * Starts I/O against the buffers at mapping->private_list, and waits upon
535 * that I/O.
536 *
537 * Basically, this is a convenience function for fsync().
538 * @mapping is a file or directory which needs those buffers to be written for
539 * a successful fsync().
540 */
541int sync_mapping_buffers(struct address_space *mapping)
542{
543 struct address_space *buffer_mapping = mapping->private_data;
544
545 if (buffer_mapping == NULL || list_empty(&mapping->private_list))
546 return 0;
547
548 return fsync_buffers_list(&buffer_mapping->private_lock,
549 &mapping->private_list);
550}
551EXPORT_SYMBOL(sync_mapping_buffers);
552
553/*
554 * Called when we've recently written block `bblock', and it is known that
555 * `bblock' was for a buffer_boundary() buffer. This means that the block at
556 * `bblock + 1' is probably a dirty indirect block. Hunt it down and, if it's
557 * dirty, schedule it for IO. So that indirects merge nicely with their data.
558 */
559void write_boundary_block(struct block_device *bdev,
560 sector_t bblock, unsigned blocksize)
561{
562 struct buffer_head *bh = __find_get_block(bdev, bblock + 1, blocksize);
563 if (bh) {
564 if (buffer_dirty(bh))
565 ll_rw_block(REQ_OP_WRITE, 0, 1, &bh);
566 put_bh(bh);
567 }
568}
569
570void mark_buffer_dirty_inode(struct buffer_head *bh, struct inode *inode)
571{
572 struct address_space *mapping = inode->i_mapping;
573 struct address_space *buffer_mapping = bh->b_page->mapping;
574
575 mark_buffer_dirty(bh);
576 if (!mapping->private_data) {
577 mapping->private_data = buffer_mapping;
578 } else {
579 BUG_ON(mapping->private_data != buffer_mapping);
580 }
581 if (!bh->b_assoc_map) {
582 spin_lock(&buffer_mapping->private_lock);
583 list_move_tail(&bh->b_assoc_buffers,
584 &mapping->private_list);
585 bh->b_assoc_map = mapping;
586 spin_unlock(&buffer_mapping->private_lock);
587 }
588}
589EXPORT_SYMBOL(mark_buffer_dirty_inode);
590
591/*
592 * Add a page to the dirty page list.
593 *
594 * It is a sad fact of life that this function is called from several places
595 * deeply under spinlocking. It may not sleep.
596 *
597 * If the page has buffers, the uptodate buffers are set dirty, to preserve
598 * dirty-state coherency between the page and the buffers. It the page does
599 * not have buffers then when they are later attached they will all be set
600 * dirty.
601 *
602 * The buffers are dirtied before the page is dirtied. There's a small race
603 * window in which a writepage caller may see the page cleanness but not the
604 * buffer dirtiness. That's fine. If this code were to set the page dirty
605 * before the buffers, a concurrent writepage caller could clear the page dirty
606 * bit, see a bunch of clean buffers and we'd end up with dirty buffers/clean
607 * page on the dirty page list.
608 *
609 * We use private_lock to lock against try_to_free_buffers while using the
610 * page's buffer list. Also use this to protect against clean buffers being
611 * added to the page after it was set dirty.
612 *
613 * FIXME: may need to call ->reservepage here as well. That's rather up to the
614 * address_space though.
615 */
616int __set_page_dirty_buffers(struct page *page)
617{
618 int newly_dirty;
619 struct address_space *mapping = page_mapping(page);
620
621 if (unlikely(!mapping))
622 return !TestSetPageDirty(page);
623
624 spin_lock(&mapping->private_lock);
625 if (page_has_buffers(page)) {
626 struct buffer_head *head = page_buffers(page);
627 struct buffer_head *bh = head;
628
629 do {
630 set_buffer_dirty(bh);
631 bh = bh->b_this_page;
632 } while (bh != head);
633 }
634 /*
635 * Lock out page's memcg migration to keep PageDirty
636 * synchronized with per-memcg dirty page counters.
637 */
638 lock_page_memcg(page);
639 newly_dirty = !TestSetPageDirty(page);
640 spin_unlock(&mapping->private_lock);
641
642 if (newly_dirty)
643 __set_page_dirty(page, mapping, 1);
644
645 unlock_page_memcg(page);
646
647 if (newly_dirty)
648 __mark_inode_dirty(mapping->host, I_DIRTY_PAGES);
649
650 return newly_dirty;
651}
652EXPORT_SYMBOL(__set_page_dirty_buffers);
653
654/*
655 * Write out and wait upon a list of buffers.
656 *
657 * We have conflicting pressures: we want to make sure that all
658 * initially dirty buffers get waited on, but that any subsequently
659 * dirtied buffers don't. After all, we don't want fsync to last
660 * forever if somebody is actively writing to the file.
661 *
662 * Do this in two main stages: first we copy dirty buffers to a
663 * temporary inode list, queueing the writes as we go. Then we clean
664 * up, waiting for those writes to complete.
665 *
666 * During this second stage, any subsequent updates to the file may end
667 * up refiling the buffer on the original inode's dirty list again, so
668 * there is a chance we will end up with a buffer queued for write but
669 * not yet completed on that list. So, as a final cleanup we go through
670 * the osync code to catch these locked, dirty buffers without requeuing
671 * any newly dirty buffers for write.
672 */
673static int fsync_buffers_list(spinlock_t *lock, struct list_head *list)
674{
675 struct buffer_head *bh;
676 struct list_head tmp;
677 struct address_space *mapping;
678 int err = 0, err2;
679 struct blk_plug plug;
680
681 INIT_LIST_HEAD(&tmp);
682 blk_start_plug(&plug);
683
684 spin_lock(lock);
685 while (!list_empty(list)) {
686 bh = BH_ENTRY(list->next);
687 mapping = bh->b_assoc_map;
688 __remove_assoc_queue(bh);
689 /* Avoid race with mark_buffer_dirty_inode() which does
690 * a lockless check and we rely on seeing the dirty bit */
691 smp_mb();
692 if (buffer_dirty(bh) || buffer_locked(bh)) {
693 list_add(&bh->b_assoc_buffers, &tmp);
694 bh->b_assoc_map = mapping;
695 if (buffer_dirty(bh)) {
696 get_bh(bh);
697 spin_unlock(lock);
698 /*
699 * Ensure any pending I/O completes so that
700 * write_dirty_buffer() actually writes the
701 * current contents - it is a noop if I/O is
702 * still in flight on potentially older
703 * contents.
704 */
705 write_dirty_buffer(bh, REQ_SYNC);
706
707 /*
708 * Kick off IO for the previous mapping. Note
709 * that we will not run the very last mapping,
710 * wait_on_buffer() will do that for us
711 * through sync_buffer().
712 */
713 brelse(bh);
714 spin_lock(lock);
715 }
716 }
717 }
718
719 spin_unlock(lock);
720 blk_finish_plug(&plug);
721 spin_lock(lock);
722
723 while (!list_empty(&tmp)) {
724 bh = BH_ENTRY(tmp.prev);
725 get_bh(bh);
726 mapping = bh->b_assoc_map;
727 __remove_assoc_queue(bh);
728 /* Avoid race with mark_buffer_dirty_inode() which does
729 * a lockless check and we rely on seeing the dirty bit */
730 smp_mb();
731 if (buffer_dirty(bh)) {
732 list_add(&bh->b_assoc_buffers,
733 &mapping->private_list);
734 bh->b_assoc_map = mapping;
735 }
736 spin_unlock(lock);
737 wait_on_buffer(bh);
738 if (!buffer_uptodate(bh))
739 err = -EIO;
740 brelse(bh);
741 spin_lock(lock);
742 }
743
744 spin_unlock(lock);
745 err2 = osync_buffers_list(lock, list);
746 if (err)
747 return err;
748 else
749 return err2;
750}
751
752/*
753 * Invalidate any and all dirty buffers on a given inode. We are
754 * probably unmounting the fs, but that doesn't mean we have already
755 * done a sync(). Just drop the buffers from the inode list.
756 *
757 * NOTE: we take the inode's blockdev's mapping's private_lock. Which
758 * assumes that all the buffers are against the blockdev. Not true
759 * for reiserfs.
760 */
761void invalidate_inode_buffers(struct inode *inode)
762{
763 if (inode_has_buffers(inode)) {
764 struct address_space *mapping = &inode->i_data;
765 struct list_head *list = &mapping->private_list;
766 struct address_space *buffer_mapping = mapping->private_data;
767
768 spin_lock(&buffer_mapping->private_lock);
769 while (!list_empty(list))
770 __remove_assoc_queue(BH_ENTRY(list->next));
771 spin_unlock(&buffer_mapping->private_lock);
772 }
773}
774EXPORT_SYMBOL(invalidate_inode_buffers);
775
776/*
777 * Remove any clean buffers from the inode's buffer list. This is called
778 * when we're trying to free the inode itself. Those buffers can pin it.
779 *
780 * Returns true if all buffers were removed.
781 */
782int remove_inode_buffers(struct inode *inode)
783{
784 int ret = 1;
785
786 if (inode_has_buffers(inode)) {
787 struct address_space *mapping = &inode->i_data;
788 struct list_head *list = &mapping->private_list;
789 struct address_space *buffer_mapping = mapping->private_data;
790
791 spin_lock(&buffer_mapping->private_lock);
792 while (!list_empty(list)) {
793 struct buffer_head *bh = BH_ENTRY(list->next);
794 if (buffer_dirty(bh)) {
795 ret = 0;
796 break;
797 }
798 __remove_assoc_queue(bh);
799 }
800 spin_unlock(&buffer_mapping->private_lock);
801 }
802 return ret;
803}
804
805/*
806 * Create the appropriate buffers when given a page for data area and
807 * the size of each buffer.. Use the bh->b_this_page linked list to
808 * follow the buffers created. Return NULL if unable to create more
809 * buffers.
810 *
811 * The retry flag is used to differentiate async IO (paging, swapping)
812 * which may not fail from ordinary buffer allocations.
813 */
814struct buffer_head *alloc_page_buffers(struct page *page, unsigned long size,
815 bool retry)
816{
817 struct buffer_head *bh, *head;
818 gfp_t gfp = GFP_NOFS | __GFP_ACCOUNT;
819 long offset;
820 struct mem_cgroup *memcg, *old_memcg;
821
822 if (retry)
823 gfp |= __GFP_NOFAIL;
824
825 /* The page lock pins the memcg */
826 memcg = page_memcg(page);
827 old_memcg = set_active_memcg(memcg);
828
829 head = NULL;
830 offset = PAGE_SIZE;
831 while ((offset -= size) >= 0) {
832 bh = alloc_buffer_head(gfp);
833 if (!bh)
834 goto no_grow;
835
836 bh->b_this_page = head;
837 bh->b_blocknr = -1;
838 head = bh;
839
840 bh->b_size = size;
841
842 /* Link the buffer to its page */
843 set_bh_page(bh, page, offset);
844 }
845out:
846 set_active_memcg(old_memcg);
847 return head;
848/*
849 * In case anything failed, we just free everything we got.
850 */
851no_grow:
852 if (head) {
853 do {
854 bh = head;
855 head = head->b_this_page;
856 free_buffer_head(bh);
857 } while (head);
858 }
859
860 goto out;
861}
862EXPORT_SYMBOL_GPL(alloc_page_buffers);
863
864static inline void
865link_dev_buffers(struct page *page, struct buffer_head *head)
866{
867 struct buffer_head *bh, *tail;
868
869 bh = head;
870 do {
871 tail = bh;
872 bh = bh->b_this_page;
873 } while (bh);
874 tail->b_this_page = head;
875 attach_page_private(page, head);
876}
877
878static sector_t blkdev_max_block(struct block_device *bdev, unsigned int size)
879{
880 sector_t retval = ~((sector_t)0);
881 loff_t sz = i_size_read(bdev->bd_inode);
882
883 if (sz) {
884 unsigned int sizebits = blksize_bits(size);
885 retval = (sz >> sizebits);
886 }
887 return retval;
888}
889
890/*
891 * Initialise the state of a blockdev page's buffers.
892 */
893static sector_t
894init_page_buffers(struct page *page, struct block_device *bdev,
895 sector_t block, int size)
896{
897 struct buffer_head *head = page_buffers(page);
898 struct buffer_head *bh = head;
899 int uptodate = PageUptodate(page);
900 sector_t end_block = blkdev_max_block(I_BDEV(bdev->bd_inode), size);
901
902 do {
903 if (!buffer_mapped(bh)) {
904 bh->b_end_io = NULL;
905 bh->b_private = NULL;
906 bh->b_bdev = bdev;
907 bh->b_blocknr = block;
908 if (uptodate)
909 set_buffer_uptodate(bh);
910 if (block < end_block)
911 set_buffer_mapped(bh);
912 }
913 block++;
914 bh = bh->b_this_page;
915 } while (bh != head);
916
917 /*
918 * Caller needs to validate requested block against end of device.
919 */
920 return end_block;
921}
922
923/*
924 * Create the page-cache page that contains the requested block.
925 *
926 * This is used purely for blockdev mappings.
927 */
928static int
929grow_dev_page(struct block_device *bdev, sector_t block,
930 pgoff_t index, int size, int sizebits, gfp_t gfp)
931{
932 struct inode *inode = bdev->bd_inode;
933 struct page *page;
934 struct buffer_head *bh;
935 sector_t end_block;
936 int ret = 0;
937 gfp_t gfp_mask;
938
939 gfp_mask = mapping_gfp_constraint(inode->i_mapping, ~__GFP_FS) | gfp;
940
941 /*
942 * XXX: __getblk_slow() can not really deal with failure and
943 * will endlessly loop on improvised global reclaim. Prefer
944 * looping in the allocator rather than here, at least that
945 * code knows what it's doing.
946 */
947 gfp_mask |= __GFP_NOFAIL;
948
949 page = find_or_create_page(inode->i_mapping, index, gfp_mask);
950
951 BUG_ON(!PageLocked(page));
952
953 if (page_has_buffers(page)) {
954 bh = page_buffers(page);
955 if (bh->b_size == size) {
956 end_block = init_page_buffers(page, bdev,
957 (sector_t)index << sizebits,
958 size);
959 goto done;
960 }
961 if (!try_to_free_buffers(page))
962 goto failed;
963 }
964
965 /*
966 * Allocate some buffers for this page
967 */
968 bh = alloc_page_buffers(page, size, true);
969
970 /*
971 * Link the page to the buffers and initialise them. Take the
972 * lock to be atomic wrt __find_get_block(), which does not
973 * run under the page lock.
974 */
975 spin_lock(&inode->i_mapping->private_lock);
976 link_dev_buffers(page, bh);
977 end_block = init_page_buffers(page, bdev, (sector_t)index << sizebits,
978 size);
979 spin_unlock(&inode->i_mapping->private_lock);
980done:
981 ret = (block < end_block) ? 1 : -ENXIO;
982failed:
983 unlock_page(page);
984 put_page(page);
985 return ret;
986}
987
988/*
989 * Create buffers for the specified block device block's page. If
990 * that page was dirty, the buffers are set dirty also.
991 */
992static int
993grow_buffers(struct block_device *bdev, sector_t block, int size, gfp_t gfp)
994{
995 pgoff_t index;
996 int sizebits;
997
998 sizebits = PAGE_SHIFT - __ffs(size);
999 index = block >> sizebits;
1000
1001 /*
1002 * Check for a block which wants to lie outside our maximum possible
1003 * pagecache index. (this comparison is done using sector_t types).
1004 */
1005 if (unlikely(index != block >> sizebits)) {
1006 printk(KERN_ERR "%s: requested out-of-range block %llu for "
1007 "device %pg\n",
1008 __func__, (unsigned long long)block,
1009 bdev);
1010 return -EIO;
1011 }
1012
1013 /* Create a page with the proper size buffers.. */
1014 return grow_dev_page(bdev, block, index, size, sizebits, gfp);
1015}
1016
1017static struct buffer_head *
1018__getblk_slow(struct block_device *bdev, sector_t block,
1019 unsigned size, gfp_t gfp)
1020{
1021 /* Size must be multiple of hard sectorsize */
1022 if (unlikely(size & (bdev_logical_block_size(bdev)-1) ||
1023 (size < 512 || size > PAGE_SIZE))) {
1024 printk(KERN_ERR "getblk(): invalid block size %d requested\n",
1025 size);
1026 printk(KERN_ERR "logical block size: %d\n",
1027 bdev_logical_block_size(bdev));
1028
1029 dump_stack();
1030 return NULL;
1031 }
1032
1033 for (;;) {
1034 struct buffer_head *bh;
1035 int ret;
1036
1037 bh = __find_get_block(bdev, block, size);
1038 if (bh)
1039 return bh;
1040
1041 ret = grow_buffers(bdev, block, size, gfp);
1042 if (ret < 0)
1043 return NULL;
1044 }
1045}
1046
1047/*
1048 * The relationship between dirty buffers and dirty pages:
1049 *
1050 * Whenever a page has any dirty buffers, the page's dirty bit is set, and
1051 * the page is tagged dirty in the page cache.
1052 *
1053 * At all times, the dirtiness of the buffers represents the dirtiness of
1054 * subsections of the page. If the page has buffers, the page dirty bit is
1055 * merely a hint about the true dirty state.
1056 *
1057 * When a page is set dirty in its entirety, all its buffers are marked dirty
1058 * (if the page has buffers).
1059 *
1060 * When a buffer is marked dirty, its page is dirtied, but the page's other
1061 * buffers are not.
1062 *
1063 * Also. When blockdev buffers are explicitly read with bread(), they
1064 * individually become uptodate. But their backing page remains not
1065 * uptodate - even if all of its buffers are uptodate. A subsequent
1066 * block_read_full_page() against that page will discover all the uptodate
1067 * buffers, will set the page uptodate and will perform no I/O.
1068 */
1069
1070/**
1071 * mark_buffer_dirty - mark a buffer_head as needing writeout
1072 * @bh: the buffer_head to mark dirty
1073 *
1074 * mark_buffer_dirty() will set the dirty bit against the buffer, then set
1075 * its backing page dirty, then tag the page as dirty in the page cache
1076 * and then attach the address_space's inode to its superblock's dirty
1077 * inode list.
1078 *
1079 * mark_buffer_dirty() is atomic. It takes bh->b_page->mapping->private_lock,
1080 * i_pages lock and mapping->host->i_lock.
1081 */
1082void mark_buffer_dirty(struct buffer_head *bh)
1083{
1084 WARN_ON_ONCE(!buffer_uptodate(bh));
1085
1086 trace_block_dirty_buffer(bh);
1087
1088 /*
1089 * Very *carefully* optimize the it-is-already-dirty case.
1090 *
1091 * Don't let the final "is it dirty" escape to before we
1092 * perhaps modified the buffer.
1093 */
1094 if (buffer_dirty(bh)) {
1095 smp_mb();
1096 if (buffer_dirty(bh))
1097 return;
1098 }
1099
1100 if (!test_set_buffer_dirty(bh)) {
1101 struct page *page = bh->b_page;
1102 struct address_space *mapping = NULL;
1103
1104 lock_page_memcg(page);
1105 if (!TestSetPageDirty(page)) {
1106 mapping = page_mapping(page);
1107 if (mapping)
1108 __set_page_dirty(page, mapping, 0);
1109 }
1110 unlock_page_memcg(page);
1111 if (mapping)
1112 __mark_inode_dirty(mapping->host, I_DIRTY_PAGES);
1113 }
1114}
1115EXPORT_SYMBOL(mark_buffer_dirty);
1116
1117void mark_buffer_write_io_error(struct buffer_head *bh)
1118{
1119 struct super_block *sb;
1120
1121 set_buffer_write_io_error(bh);
1122 /* FIXME: do we need to set this in both places? */
1123 if (bh->b_page && bh->b_page->mapping)
1124 mapping_set_error(bh->b_page->mapping, -EIO);
1125 if (bh->b_assoc_map)
1126 mapping_set_error(bh->b_assoc_map, -EIO);
1127 rcu_read_lock();
1128 sb = READ_ONCE(bh->b_bdev->bd_super);
1129 if (sb)
1130 errseq_set(&sb->s_wb_err, -EIO);
1131 rcu_read_unlock();
1132}
1133EXPORT_SYMBOL(mark_buffer_write_io_error);
1134
1135/*
1136 * Decrement a buffer_head's reference count. If all buffers against a page
1137 * have zero reference count, are clean and unlocked, and if the page is clean
1138 * and unlocked then try_to_free_buffers() may strip the buffers from the page
1139 * in preparation for freeing it (sometimes, rarely, buffers are removed from
1140 * a page but it ends up not being freed, and buffers may later be reattached).
1141 */
1142void __brelse(struct buffer_head * buf)
1143{
1144 if (atomic_read(&buf->b_count)) {
1145 put_bh(buf);
1146 return;
1147 }
1148 WARN(1, KERN_ERR "VFS: brelse: Trying to free free buffer\n");
1149}
1150EXPORT_SYMBOL(__brelse);
1151
1152/*
1153 * bforget() is like brelse(), except it discards any
1154 * potentially dirty data.
1155 */
1156void __bforget(struct buffer_head *bh)
1157{
1158 clear_buffer_dirty(bh);
1159 if (bh->b_assoc_map) {
1160 struct address_space *buffer_mapping = bh->b_page->mapping;
1161
1162 spin_lock(&buffer_mapping->private_lock);
1163 list_del_init(&bh->b_assoc_buffers);
1164 bh->b_assoc_map = NULL;
1165 spin_unlock(&buffer_mapping->private_lock);
1166 }
1167 __brelse(bh);
1168}
1169EXPORT_SYMBOL(__bforget);
1170
1171static struct buffer_head *__bread_slow(struct buffer_head *bh)
1172{
1173 lock_buffer(bh);
1174 if (buffer_uptodate(bh)) {
1175 unlock_buffer(bh);
1176 return bh;
1177 } else {
1178 get_bh(bh);
1179 bh->b_end_io = end_buffer_read_sync;
1180 submit_bh(REQ_OP_READ, 0, bh);
1181 wait_on_buffer(bh);
1182 if (buffer_uptodate(bh))
1183 return bh;
1184 }
1185 brelse(bh);
1186 return NULL;
1187}
1188
1189/*
1190 * Per-cpu buffer LRU implementation. To reduce the cost of __find_get_block().
1191 * The bhs[] array is sorted - newest buffer is at bhs[0]. Buffers have their
1192 * refcount elevated by one when they're in an LRU. A buffer can only appear
1193 * once in a particular CPU's LRU. A single buffer can be present in multiple
1194 * CPU's LRUs at the same time.
1195 *
1196 * This is a transparent caching front-end to sb_bread(), sb_getblk() and
1197 * sb_find_get_block().
1198 *
1199 * The LRUs themselves only need locking against invalidate_bh_lrus. We use
1200 * a local interrupt disable for that.
1201 */
1202
1203#define BH_LRU_SIZE 16
1204
1205struct bh_lru {
1206 struct buffer_head *bhs[BH_LRU_SIZE];
1207};
1208
1209static DEFINE_PER_CPU(struct bh_lru, bh_lrus) = {{ NULL }};
1210
1211#ifdef CONFIG_SMP
1212#define bh_lru_lock() local_irq_disable()
1213#define bh_lru_unlock() local_irq_enable()
1214#else
1215#define bh_lru_lock() preempt_disable()
1216#define bh_lru_unlock() preempt_enable()
1217#endif
1218
1219static inline void check_irqs_on(void)
1220{
1221#ifdef irqs_disabled
1222 BUG_ON(irqs_disabled());
1223#endif
1224}
1225
1226/*
1227 * Install a buffer_head into this cpu's LRU. If not already in the LRU, it is
1228 * inserted at the front, and the buffer_head at the back if any is evicted.
1229 * Or, if already in the LRU it is moved to the front.
1230 */
1231static void bh_lru_install(struct buffer_head *bh)
1232{
1233 struct buffer_head *evictee = bh;
1234 struct bh_lru *b;
1235 int i;
1236
1237 check_irqs_on();
1238 /*
1239 * the refcount of buffer_head in bh_lru prevents dropping the
1240 * attached page(i.e., try_to_free_buffers) so it could cause
1241 * failing page migration.
1242 * Skip putting upcoming bh into bh_lru until migration is done.
1243 */
1244 if (lru_cache_disabled())
1245 return;
1246
1247 bh_lru_lock();
1248
1249 b = this_cpu_ptr(&bh_lrus);
1250 for (i = 0; i < BH_LRU_SIZE; i++) {
1251 swap(evictee, b->bhs[i]);
1252 if (evictee == bh) {
1253 bh_lru_unlock();
1254 return;
1255 }
1256 }
1257
1258 get_bh(bh);
1259 bh_lru_unlock();
1260 brelse(evictee);
1261}
1262
1263/*
1264 * Look up the bh in this cpu's LRU. If it's there, move it to the head.
1265 */
1266static struct buffer_head *
1267lookup_bh_lru(struct block_device *bdev, sector_t block, unsigned size)
1268{
1269 struct buffer_head *ret = NULL;
1270 unsigned int i;
1271
1272 check_irqs_on();
1273 bh_lru_lock();
1274 for (i = 0; i < BH_LRU_SIZE; i++) {
1275 struct buffer_head *bh = __this_cpu_read(bh_lrus.bhs[i]);
1276
1277 if (bh && bh->b_blocknr == block && bh->b_bdev == bdev &&
1278 bh->b_size == size) {
1279 if (i) {
1280 while (i) {
1281 __this_cpu_write(bh_lrus.bhs[i],
1282 __this_cpu_read(bh_lrus.bhs[i - 1]));
1283 i--;
1284 }
1285 __this_cpu_write(bh_lrus.bhs[0], bh);
1286 }
1287 get_bh(bh);
1288 ret = bh;
1289 break;
1290 }
1291 }
1292 bh_lru_unlock();
1293 return ret;
1294}
1295
1296/*
1297 * Perform a pagecache lookup for the matching buffer. If it's there, refresh
1298 * it in the LRU and mark it as accessed. If it is not present then return
1299 * NULL
1300 */
1301struct buffer_head *
1302__find_get_block(struct block_device *bdev, sector_t block, unsigned size)
1303{
1304 struct buffer_head *bh = lookup_bh_lru(bdev, block, size);
1305
1306 if (bh == NULL) {
1307 /* __find_get_block_slow will mark the page accessed */
1308 bh = __find_get_block_slow(bdev, block);
1309 if (bh)
1310 bh_lru_install(bh);
1311 } else
1312 touch_buffer(bh);
1313
1314 return bh;
1315}
1316EXPORT_SYMBOL(__find_get_block);
1317
1318/*
1319 * __getblk_gfp() will locate (and, if necessary, create) the buffer_head
1320 * which corresponds to the passed block_device, block and size. The
1321 * returned buffer has its reference count incremented.
1322 *
1323 * __getblk_gfp() will lock up the machine if grow_dev_page's
1324 * try_to_free_buffers() attempt is failing. FIXME, perhaps?
1325 */
1326struct buffer_head *
1327__getblk_gfp(struct block_device *bdev, sector_t block,
1328 unsigned size, gfp_t gfp)
1329{
1330 struct buffer_head *bh = __find_get_block(bdev, block, size);
1331
1332 might_sleep();
1333 if (bh == NULL)
1334 bh = __getblk_slow(bdev, block, size, gfp);
1335 return bh;
1336}
1337EXPORT_SYMBOL(__getblk_gfp);
1338
1339/*
1340 * Do async read-ahead on a buffer..
1341 */
1342void __breadahead(struct block_device *bdev, sector_t block, unsigned size)
1343{
1344 struct buffer_head *bh = __getblk(bdev, block, size);
1345 if (likely(bh)) {
1346 ll_rw_block(REQ_OP_READ, REQ_RAHEAD, 1, &bh);
1347 brelse(bh);
1348 }
1349}
1350EXPORT_SYMBOL(__breadahead);
1351
1352void __breadahead_gfp(struct block_device *bdev, sector_t block, unsigned size,
1353 gfp_t gfp)
1354{
1355 struct buffer_head *bh = __getblk_gfp(bdev, block, size, gfp);
1356 if (likely(bh)) {
1357 ll_rw_block(REQ_OP_READ, REQ_RAHEAD, 1, &bh);
1358 brelse(bh);
1359 }
1360}
1361EXPORT_SYMBOL(__breadahead_gfp);
1362
1363/**
1364 * __bread_gfp() - reads a specified block and returns the bh
1365 * @bdev: the block_device to read from
1366 * @block: number of block
1367 * @size: size (in bytes) to read
1368 * @gfp: page allocation flag
1369 *
1370 * Reads a specified block, and returns buffer head that contains it.
1371 * The page cache can be allocated from non-movable area
1372 * not to prevent page migration if you set gfp to zero.
1373 * It returns NULL if the block was unreadable.
1374 */
1375struct buffer_head *
1376__bread_gfp(struct block_device *bdev, sector_t block,
1377 unsigned size, gfp_t gfp)
1378{
1379 struct buffer_head *bh = __getblk_gfp(bdev, block, size, gfp);
1380
1381 if (likely(bh) && !buffer_uptodate(bh))
1382 bh = __bread_slow(bh);
1383 return bh;
1384}
1385EXPORT_SYMBOL(__bread_gfp);
1386
1387static void __invalidate_bh_lrus(struct bh_lru *b)
1388{
1389 int i;
1390
1391 for (i = 0; i < BH_LRU_SIZE; i++) {
1392 brelse(b->bhs[i]);
1393 b->bhs[i] = NULL;
1394 }
1395}
1396/*
1397 * invalidate_bh_lrus() is called rarely - but not only at unmount.
1398 * This doesn't race because it runs in each cpu either in irq
1399 * or with preempt disabled.
1400 */
1401static void invalidate_bh_lru(void *arg)
1402{
1403 struct bh_lru *b = &get_cpu_var(bh_lrus);
1404
1405 __invalidate_bh_lrus(b);
1406 put_cpu_var(bh_lrus);
1407}
1408
1409bool has_bh_in_lru(int cpu, void *dummy)
1410{
1411 struct bh_lru *b = per_cpu_ptr(&bh_lrus, cpu);
1412 int i;
1413
1414 for (i = 0; i < BH_LRU_SIZE; i++) {
1415 if (b->bhs[i])
1416 return true;
1417 }
1418
1419 return false;
1420}
1421
1422void invalidate_bh_lrus(void)
1423{
1424 on_each_cpu_cond(has_bh_in_lru, invalidate_bh_lru, NULL, 1);
1425}
1426EXPORT_SYMBOL_GPL(invalidate_bh_lrus);
1427
1428void invalidate_bh_lrus_cpu(int cpu)
1429{
1430 struct bh_lru *b;
1431
1432 bh_lru_lock();
1433 b = per_cpu_ptr(&bh_lrus, cpu);
1434 __invalidate_bh_lrus(b);
1435 bh_lru_unlock();
1436}
1437
1438void set_bh_page(struct buffer_head *bh,
1439 struct page *page, unsigned long offset)
1440{
1441 bh->b_page = page;
1442 BUG_ON(offset >= PAGE_SIZE);
1443 if (PageHighMem(page))
1444 /*
1445 * This catches illegal uses and preserves the offset:
1446 */
1447 bh->b_data = (char *)(0 + offset);
1448 else
1449 bh->b_data = page_address(page) + offset;
1450}
1451EXPORT_SYMBOL(set_bh_page);
1452
1453/*
1454 * Called when truncating a buffer on a page completely.
1455 */
1456
1457/* Bits that are cleared during an invalidate */
1458#define BUFFER_FLAGS_DISCARD \
1459 (1 << BH_Mapped | 1 << BH_New | 1 << BH_Req | \
1460 1 << BH_Delay | 1 << BH_Unwritten)
1461
1462static void discard_buffer(struct buffer_head * bh)
1463{
1464 unsigned long b_state, b_state_old;
1465
1466 lock_buffer(bh);
1467 clear_buffer_dirty(bh);
1468 bh->b_bdev = NULL;
1469 b_state = bh->b_state;
1470 for (;;) {
1471 b_state_old = cmpxchg(&bh->b_state, b_state,
1472 (b_state & ~BUFFER_FLAGS_DISCARD));
1473 if (b_state_old == b_state)
1474 break;
1475 b_state = b_state_old;
1476 }
1477 unlock_buffer(bh);
1478}
1479
1480/**
1481 * block_invalidatepage - invalidate part or all of a buffer-backed page
1482 *
1483 * @page: the page which is affected
1484 * @offset: start of the range to invalidate
1485 * @length: length of the range to invalidate
1486 *
1487 * block_invalidatepage() is called when all or part of the page has become
1488 * invalidated by a truncate operation.
1489 *
1490 * block_invalidatepage() does not have to release all buffers, but it must
1491 * ensure that no dirty buffer is left outside @offset and that no I/O
1492 * is underway against any of the blocks which are outside the truncation
1493 * point. Because the caller is about to free (and possibly reuse) those
1494 * blocks on-disk.
1495 */
1496void block_invalidatepage(struct page *page, unsigned int offset,
1497 unsigned int length)
1498{
1499 struct buffer_head *head, *bh, *next;
1500 unsigned int curr_off = 0;
1501 unsigned int stop = length + offset;
1502
1503 BUG_ON(!PageLocked(page));
1504 if (!page_has_buffers(page))
1505 goto out;
1506
1507 /*
1508 * Check for overflow
1509 */
1510 BUG_ON(stop > PAGE_SIZE || stop < length);
1511
1512 head = page_buffers(page);
1513 bh = head;
1514 do {
1515 unsigned int next_off = curr_off + bh->b_size;
1516 next = bh->b_this_page;
1517
1518 /*
1519 * Are we still fully in range ?
1520 */
1521 if (next_off > stop)
1522 goto out;
1523
1524 /*
1525 * is this block fully invalidated?
1526 */
1527 if (offset <= curr_off)
1528 discard_buffer(bh);
1529 curr_off = next_off;
1530 bh = next;
1531 } while (bh != head);
1532
1533 /*
1534 * We release buffers only if the entire page is being invalidated.
1535 * The get_block cached value has been unconditionally invalidated,
1536 * so real IO is not possible anymore.
1537 */
1538 if (length == PAGE_SIZE)
1539 try_to_release_page(page, 0);
1540out:
1541 return;
1542}
1543EXPORT_SYMBOL(block_invalidatepage);
1544
1545
1546/*
1547 * We attach and possibly dirty the buffers atomically wrt
1548 * __set_page_dirty_buffers() via private_lock. try_to_free_buffers
1549 * is already excluded via the page lock.
1550 */
1551void create_empty_buffers(struct page *page,
1552 unsigned long blocksize, unsigned long b_state)
1553{
1554 struct buffer_head *bh, *head, *tail;
1555
1556 head = alloc_page_buffers(page, blocksize, true);
1557 bh = head;
1558 do {
1559 bh->b_state |= b_state;
1560 tail = bh;
1561 bh = bh->b_this_page;
1562 } while (bh);
1563 tail->b_this_page = head;
1564
1565 spin_lock(&page->mapping->private_lock);
1566 if (PageUptodate(page) || PageDirty(page)) {
1567 bh = head;
1568 do {
1569 if (PageDirty(page))
1570 set_buffer_dirty(bh);
1571 if (PageUptodate(page))
1572 set_buffer_uptodate(bh);
1573 bh = bh->b_this_page;
1574 } while (bh != head);
1575 }
1576 attach_page_private(page, head);
1577 spin_unlock(&page->mapping->private_lock);
1578}
1579EXPORT_SYMBOL(create_empty_buffers);
1580
1581/**
1582 * clean_bdev_aliases: clean a range of buffers in block device
1583 * @bdev: Block device to clean buffers in
1584 * @block: Start of a range of blocks to clean
1585 * @len: Number of blocks to clean
1586 *
1587 * We are taking a range of blocks for data and we don't want writeback of any
1588 * buffer-cache aliases starting from return from this function and until the
1589 * moment when something will explicitly mark the buffer dirty (hopefully that
1590 * will not happen until we will free that block ;-) We don't even need to mark
1591 * it not-uptodate - nobody can expect anything from a newly allocated buffer
1592 * anyway. We used to use unmap_buffer() for such invalidation, but that was
1593 * wrong. We definitely don't want to mark the alias unmapped, for example - it
1594 * would confuse anyone who might pick it with bread() afterwards...
1595 *
1596 * Also.. Note that bforget() doesn't lock the buffer. So there can be
1597 * writeout I/O going on against recently-freed buffers. We don't wait on that
1598 * I/O in bforget() - it's more efficient to wait on the I/O only if we really
1599 * need to. That happens here.
1600 */
1601void clean_bdev_aliases(struct block_device *bdev, sector_t block, sector_t len)
1602{
1603 struct inode *bd_inode = bdev->bd_inode;
1604 struct address_space *bd_mapping = bd_inode->i_mapping;
1605 struct pagevec pvec;
1606 pgoff_t index = block >> (PAGE_SHIFT - bd_inode->i_blkbits);
1607 pgoff_t end;
1608 int i, count;
1609 struct buffer_head *bh;
1610 struct buffer_head *head;
1611
1612 end = (block + len - 1) >> (PAGE_SHIFT - bd_inode->i_blkbits);
1613 pagevec_init(&pvec);
1614 while (pagevec_lookup_range(&pvec, bd_mapping, &index, end)) {
1615 count = pagevec_count(&pvec);
1616 for (i = 0; i < count; i++) {
1617 struct page *page = pvec.pages[i];
1618
1619 if (!page_has_buffers(page))
1620 continue;
1621 /*
1622 * We use page lock instead of bd_mapping->private_lock
1623 * to pin buffers here since we can afford to sleep and
1624 * it scales better than a global spinlock lock.
1625 */
1626 lock_page(page);
1627 /* Recheck when the page is locked which pins bhs */
1628 if (!page_has_buffers(page))
1629 goto unlock_page;
1630 head = page_buffers(page);
1631 bh = head;
1632 do {
1633 if (!buffer_mapped(bh) || (bh->b_blocknr < block))
1634 goto next;
1635 if (bh->b_blocknr >= block + len)
1636 break;
1637 clear_buffer_dirty(bh);
1638 wait_on_buffer(bh);
1639 clear_buffer_req(bh);
1640next:
1641 bh = bh->b_this_page;
1642 } while (bh != head);
1643unlock_page:
1644 unlock_page(page);
1645 }
1646 pagevec_release(&pvec);
1647 cond_resched();
1648 /* End of range already reached? */
1649 if (index > end || !index)
1650 break;
1651 }
1652}
1653EXPORT_SYMBOL(clean_bdev_aliases);
1654
1655/*
1656 * Size is a power-of-two in the range 512..PAGE_SIZE,
1657 * and the case we care about most is PAGE_SIZE.
1658 *
1659 * So this *could* possibly be written with those
1660 * constraints in mind (relevant mostly if some
1661 * architecture has a slow bit-scan instruction)
1662 */
1663static inline int block_size_bits(unsigned int blocksize)
1664{
1665 return ilog2(blocksize);
1666}
1667
1668static struct buffer_head *create_page_buffers(struct page *page, struct inode *inode, unsigned int b_state)
1669{
1670 BUG_ON(!PageLocked(page));
1671
1672 if (!page_has_buffers(page))
1673 create_empty_buffers(page, 1 << READ_ONCE(inode->i_blkbits),
1674 b_state);
1675 return page_buffers(page);
1676}
1677
1678/*
1679 * NOTE! All mapped/uptodate combinations are valid:
1680 *
1681 * Mapped Uptodate Meaning
1682 *
1683 * No No "unknown" - must do get_block()
1684 * No Yes "hole" - zero-filled
1685 * Yes No "allocated" - allocated on disk, not read in
1686 * Yes Yes "valid" - allocated and up-to-date in memory.
1687 *
1688 * "Dirty" is valid only with the last case (mapped+uptodate).
1689 */
1690
1691/*
1692 * While block_write_full_page is writing back the dirty buffers under
1693 * the page lock, whoever dirtied the buffers may decide to clean them
1694 * again at any time. We handle that by only looking at the buffer
1695 * state inside lock_buffer().
1696 *
1697 * If block_write_full_page() is called for regular writeback
1698 * (wbc->sync_mode == WB_SYNC_NONE) then it will redirty a page which has a
1699 * locked buffer. This only can happen if someone has written the buffer
1700 * directly, with submit_bh(). At the address_space level PageWriteback
1701 * prevents this contention from occurring.
1702 *
1703 * If block_write_full_page() is called with wbc->sync_mode ==
1704 * WB_SYNC_ALL, the writes are posted using REQ_SYNC; this
1705 * causes the writes to be flagged as synchronous writes.
1706 */
1707int __block_write_full_page(struct inode *inode, struct page *page,
1708 get_block_t *get_block, struct writeback_control *wbc,
1709 bh_end_io_t *handler)
1710{
1711 int err;
1712 sector_t block;
1713 sector_t last_block;
1714 struct buffer_head *bh, *head;
1715 unsigned int blocksize, bbits;
1716 int nr_underway = 0;
1717 int write_flags = wbc_to_write_flags(wbc);
1718
1719 head = create_page_buffers(page, inode,
1720 (1 << BH_Dirty)|(1 << BH_Uptodate));
1721
1722 /*
1723 * Be very careful. We have no exclusion from __set_page_dirty_buffers
1724 * here, and the (potentially unmapped) buffers may become dirty at
1725 * any time. If a buffer becomes dirty here after we've inspected it
1726 * then we just miss that fact, and the page stays dirty.
1727 *
1728 * Buffers outside i_size may be dirtied by __set_page_dirty_buffers;
1729 * handle that here by just cleaning them.
1730 */
1731
1732 bh = head;
1733 blocksize = bh->b_size;
1734 bbits = block_size_bits(blocksize);
1735
1736 block = (sector_t)page->index << (PAGE_SHIFT - bbits);
1737 last_block = (i_size_read(inode) - 1) >> bbits;
1738
1739 /*
1740 * Get all the dirty buffers mapped to disk addresses and
1741 * handle any aliases from the underlying blockdev's mapping.
1742 */
1743 do {
1744 if (block > last_block) {
1745 /*
1746 * mapped buffers outside i_size will occur, because
1747 * this page can be outside i_size when there is a
1748 * truncate in progress.
1749 */
1750 /*
1751 * The buffer was zeroed by block_write_full_page()
1752 */
1753 clear_buffer_dirty(bh);
1754 set_buffer_uptodate(bh);
1755 } else if ((!buffer_mapped(bh) || buffer_delay(bh)) &&
1756 buffer_dirty(bh)) {
1757 WARN_ON(bh->b_size != blocksize);
1758 err = get_block(inode, block, bh, 1);
1759 if (err)
1760 goto recover;
1761 clear_buffer_delay(bh);
1762 if (buffer_new(bh)) {
1763 /* blockdev mappings never come here */
1764 clear_buffer_new(bh);
1765 clean_bdev_bh_alias(bh);
1766 }
1767 }
1768 bh = bh->b_this_page;
1769 block++;
1770 } while (bh != head);
1771
1772 do {
1773 if (!buffer_mapped(bh))
1774 continue;
1775 /*
1776 * If it's a fully non-blocking write attempt and we cannot
1777 * lock the buffer then redirty the page. Note that this can
1778 * potentially cause a busy-wait loop from writeback threads
1779 * and kswapd activity, but those code paths have their own
1780 * higher-level throttling.
1781 */
1782 if (wbc->sync_mode != WB_SYNC_NONE) {
1783 lock_buffer(bh);
1784 } else if (!trylock_buffer(bh)) {
1785 redirty_page_for_writepage(wbc, page);
1786 continue;
1787 }
1788 if (test_clear_buffer_dirty(bh)) {
1789 mark_buffer_async_write_endio(bh, handler);
1790 } else {
1791 unlock_buffer(bh);
1792 }
1793 } while ((bh = bh->b_this_page) != head);
1794
1795 /*
1796 * The page and its buffers are protected by PageWriteback(), so we can
1797 * drop the bh refcounts early.
1798 */
1799 BUG_ON(PageWriteback(page));
1800 set_page_writeback(page);
1801
1802 do {
1803 struct buffer_head *next = bh->b_this_page;
1804 if (buffer_async_write(bh)) {
1805 submit_bh_wbc(REQ_OP_WRITE, write_flags, bh,
1806 inode->i_write_hint, wbc);
1807 nr_underway++;
1808 }
1809 bh = next;
1810 } while (bh != head);
1811 unlock_page(page);
1812
1813 err = 0;
1814done:
1815 if (nr_underway == 0) {
1816 /*
1817 * The page was marked dirty, but the buffers were
1818 * clean. Someone wrote them back by hand with
1819 * ll_rw_block/submit_bh. A rare case.
1820 */
1821 end_page_writeback(page);
1822
1823 /*
1824 * The page and buffer_heads can be released at any time from
1825 * here on.
1826 */
1827 }
1828 return err;
1829
1830recover:
1831 /*
1832 * ENOSPC, or some other error. We may already have added some
1833 * blocks to the file, so we need to write these out to avoid
1834 * exposing stale data.
1835 * The page is currently locked and not marked for writeback
1836 */
1837 bh = head;
1838 /* Recovery: lock and submit the mapped buffers */
1839 do {
1840 if (buffer_mapped(bh) && buffer_dirty(bh) &&
1841 !buffer_delay(bh)) {
1842 lock_buffer(bh);
1843 mark_buffer_async_write_endio(bh, handler);
1844 } else {
1845 /*
1846 * The buffer may have been set dirty during
1847 * attachment to a dirty page.
1848 */
1849 clear_buffer_dirty(bh);
1850 }
1851 } while ((bh = bh->b_this_page) != head);
1852 SetPageError(page);
1853 BUG_ON(PageWriteback(page));
1854 mapping_set_error(page->mapping, err);
1855 set_page_writeback(page);
1856 do {
1857 struct buffer_head *next = bh->b_this_page;
1858 if (buffer_async_write(bh)) {
1859 clear_buffer_dirty(bh);
1860 submit_bh_wbc(REQ_OP_WRITE, write_flags, bh,
1861 inode->i_write_hint, wbc);
1862 nr_underway++;
1863 }
1864 bh = next;
1865 } while (bh != head);
1866 unlock_page(page);
1867 goto done;
1868}
1869EXPORT_SYMBOL(__block_write_full_page);
1870
1871/*
1872 * If a page has any new buffers, zero them out here, and mark them uptodate
1873 * and dirty so they'll be written out (in order to prevent uninitialised
1874 * block data from leaking). And clear the new bit.
1875 */
1876void page_zero_new_buffers(struct page *page, unsigned from, unsigned to)
1877{
1878 unsigned int block_start, block_end;
1879 struct buffer_head *head, *bh;
1880
1881 BUG_ON(!PageLocked(page));
1882 if (!page_has_buffers(page))
1883 return;
1884
1885 bh = head = page_buffers(page);
1886 block_start = 0;
1887 do {
1888 block_end = block_start + bh->b_size;
1889
1890 if (buffer_new(bh)) {
1891 if (block_end > from && block_start < to) {
1892 if (!PageUptodate(page)) {
1893 unsigned start, size;
1894
1895 start = max(from, block_start);
1896 size = min(to, block_end) - start;
1897
1898 zero_user(page, start, size);
1899 set_buffer_uptodate(bh);
1900 }
1901
1902 clear_buffer_new(bh);
1903 mark_buffer_dirty(bh);
1904 }
1905 }
1906
1907 block_start = block_end;
1908 bh = bh->b_this_page;
1909 } while (bh != head);
1910}
1911EXPORT_SYMBOL(page_zero_new_buffers);
1912
1913static void
1914iomap_to_bh(struct inode *inode, sector_t block, struct buffer_head *bh,
1915 struct iomap *iomap)
1916{
1917 loff_t offset = block << inode->i_blkbits;
1918
1919 bh->b_bdev = iomap->bdev;
1920
1921 /*
1922 * Block points to offset in file we need to map, iomap contains
1923 * the offset at which the map starts. If the map ends before the
1924 * current block, then do not map the buffer and let the caller
1925 * handle it.
1926 */
1927 BUG_ON(offset >= iomap->offset + iomap->length);
1928
1929 switch (iomap->type) {
1930 case IOMAP_HOLE:
1931 /*
1932 * If the buffer is not up to date or beyond the current EOF,
1933 * we need to mark it as new to ensure sub-block zeroing is
1934 * executed if necessary.
1935 */
1936 if (!buffer_uptodate(bh) ||
1937 (offset >= i_size_read(inode)))
1938 set_buffer_new(bh);
1939 break;
1940 case IOMAP_DELALLOC:
1941 if (!buffer_uptodate(bh) ||
1942 (offset >= i_size_read(inode)))
1943 set_buffer_new(bh);
1944 set_buffer_uptodate(bh);
1945 set_buffer_mapped(bh);
1946 set_buffer_delay(bh);
1947 break;
1948 case IOMAP_UNWRITTEN:
1949 /*
1950 * For unwritten regions, we always need to ensure that regions
1951 * in the block we are not writing to are zeroed. Mark the
1952 * buffer as new to ensure this.
1953 */
1954 set_buffer_new(bh);
1955 set_buffer_unwritten(bh);
1956 fallthrough;
1957 case IOMAP_MAPPED:
1958 if ((iomap->flags & IOMAP_F_NEW) ||
1959 offset >= i_size_read(inode))
1960 set_buffer_new(bh);
1961 bh->b_blocknr = (iomap->addr + offset - iomap->offset) >>
1962 inode->i_blkbits;
1963 set_buffer_mapped(bh);
1964 break;
1965 }
1966}
1967
1968int __block_write_begin_int(struct page *page, loff_t pos, unsigned len,
1969 get_block_t *get_block, struct iomap *iomap)
1970{
1971 unsigned from = pos & (PAGE_SIZE - 1);
1972 unsigned to = from + len;
1973 struct inode *inode = page->mapping->host;
1974 unsigned block_start, block_end;
1975 sector_t block;
1976 int err = 0;
1977 unsigned blocksize, bbits;
1978 struct buffer_head *bh, *head, *wait[2], **wait_bh=wait;
1979
1980 BUG_ON(!PageLocked(page));
1981 BUG_ON(from > PAGE_SIZE);
1982 BUG_ON(to > PAGE_SIZE);
1983 BUG_ON(from > to);
1984
1985 head = create_page_buffers(page, inode, 0);
1986 blocksize = head->b_size;
1987 bbits = block_size_bits(blocksize);
1988
1989 block = (sector_t)page->index << (PAGE_SHIFT - bbits);
1990
1991 for(bh = head, block_start = 0; bh != head || !block_start;
1992 block++, block_start=block_end, bh = bh->b_this_page) {
1993 block_end = block_start + blocksize;
1994 if (block_end <= from || block_start >= to) {
1995 if (PageUptodate(page)) {
1996 if (!buffer_uptodate(bh))
1997 set_buffer_uptodate(bh);
1998 }
1999 continue;
2000 }
2001 if (buffer_new(bh))
2002 clear_buffer_new(bh);
2003 if (!buffer_mapped(bh)) {
2004 WARN_ON(bh->b_size != blocksize);
2005 if (get_block) {
2006 err = get_block(inode, block, bh, 1);
2007 if (err)
2008 break;
2009 } else {
2010 iomap_to_bh(inode, block, bh, iomap);
2011 }
2012
2013 if (buffer_new(bh)) {
2014 clean_bdev_bh_alias(bh);
2015 if (PageUptodate(page)) {
2016 clear_buffer_new(bh);
2017 set_buffer_uptodate(bh);
2018 mark_buffer_dirty(bh);
2019 continue;
2020 }
2021 if (block_end > to || block_start < from)
2022 zero_user_segments(page,
2023 to, block_end,
2024 block_start, from);
2025 continue;
2026 }
2027 }
2028 if (PageUptodate(page)) {
2029 if (!buffer_uptodate(bh))
2030 set_buffer_uptodate(bh);
2031 continue;
2032 }
2033 if (!buffer_uptodate(bh) && !buffer_delay(bh) &&
2034 !buffer_unwritten(bh) &&
2035 (block_start < from || block_end > to)) {
2036 ll_rw_block(REQ_OP_READ, 0, 1, &bh);
2037 *wait_bh++=bh;
2038 }
2039 }
2040 /*
2041 * If we issued read requests - let them complete.
2042 */
2043 while(wait_bh > wait) {
2044 wait_on_buffer(*--wait_bh);
2045 if (!buffer_uptodate(*wait_bh))
2046 err = -EIO;
2047 }
2048 if (unlikely(err))
2049 page_zero_new_buffers(page, from, to);
2050 return err;
2051}
2052
2053int __block_write_begin(struct page *page, loff_t pos, unsigned len,
2054 get_block_t *get_block)
2055{
2056 return __block_write_begin_int(page, pos, len, get_block, NULL);
2057}
2058EXPORT_SYMBOL(__block_write_begin);
2059
2060static int __block_commit_write(struct inode *inode, struct page *page,
2061 unsigned from, unsigned to)
2062{
2063 unsigned block_start, block_end;
2064 int partial = 0;
2065 unsigned blocksize;
2066 struct buffer_head *bh, *head;
2067
2068 bh = head = page_buffers(page);
2069 blocksize = bh->b_size;
2070
2071 block_start = 0;
2072 do {
2073 block_end = block_start + blocksize;
2074 if (block_end <= from || block_start >= to) {
2075 if (!buffer_uptodate(bh))
2076 partial = 1;
2077 } else {
2078 set_buffer_uptodate(bh);
2079 mark_buffer_dirty(bh);
2080 }
2081 if (buffer_new(bh))
2082 clear_buffer_new(bh);
2083
2084 block_start = block_end;
2085 bh = bh->b_this_page;
2086 } while (bh != head);
2087
2088 /*
2089 * If this is a partial write which happened to make all buffers
2090 * uptodate then we can optimize away a bogus readpage() for
2091 * the next read(). Here we 'discover' whether the page went
2092 * uptodate as a result of this (potentially partial) write.
2093 */
2094 if (!partial)
2095 SetPageUptodate(page);
2096 return 0;
2097}
2098
2099/*
2100 * block_write_begin takes care of the basic task of block allocation and
2101 * bringing partial write blocks uptodate first.
2102 *
2103 * The filesystem needs to handle block truncation upon failure.
2104 */
2105int block_write_begin(struct address_space *mapping, loff_t pos, unsigned len,
2106 unsigned flags, struct page **pagep, get_block_t *get_block)
2107{
2108 pgoff_t index = pos >> PAGE_SHIFT;
2109 struct page *page;
2110 int status;
2111
2112 page = grab_cache_page_write_begin(mapping, index, flags);
2113 if (!page)
2114 return -ENOMEM;
2115
2116 status = __block_write_begin(page, pos, len, get_block);
2117 if (unlikely(status)) {
2118 unlock_page(page);
2119 put_page(page);
2120 page = NULL;
2121 }
2122
2123 *pagep = page;
2124 return status;
2125}
2126EXPORT_SYMBOL(block_write_begin);
2127
2128int block_write_end(struct file *file, struct address_space *mapping,
2129 loff_t pos, unsigned len, unsigned copied,
2130 struct page *page, void *fsdata)
2131{
2132 struct inode *inode = mapping->host;
2133 unsigned start;
2134
2135 start = pos & (PAGE_SIZE - 1);
2136
2137 if (unlikely(copied < len)) {
2138 /*
2139 * The buffers that were written will now be uptodate, so we
2140 * don't have to worry about a readpage reading them and
2141 * overwriting a partial write. However if we have encountered
2142 * a short write and only partially written into a buffer, it
2143 * will not be marked uptodate, so a readpage might come in and
2144 * destroy our partial write.
2145 *
2146 * Do the simplest thing, and just treat any short write to a
2147 * non uptodate page as a zero-length write, and force the
2148 * caller to redo the whole thing.
2149 */
2150 if (!PageUptodate(page))
2151 copied = 0;
2152
2153 page_zero_new_buffers(page, start+copied, start+len);
2154 }
2155 flush_dcache_page(page);
2156
2157 /* This could be a short (even 0-length) commit */
2158 __block_commit_write(inode, page, start, start+copied);
2159
2160 return copied;
2161}
2162EXPORT_SYMBOL(block_write_end);
2163
2164int generic_write_end(struct file *file, struct address_space *mapping,
2165 loff_t pos, unsigned len, unsigned copied,
2166 struct page *page, void *fsdata)
2167{
2168 struct inode *inode = mapping->host;
2169 loff_t old_size = inode->i_size;
2170 bool i_size_changed = false;
2171
2172 copied = block_write_end(file, mapping, pos, len, copied, page, fsdata);
2173
2174 /*
2175 * No need to use i_size_read() here, the i_size cannot change under us
2176 * because we hold i_rwsem.
2177 *
2178 * But it's important to update i_size while still holding page lock:
2179 * page writeout could otherwise come in and zero beyond i_size.
2180 */
2181 if (pos + copied > inode->i_size) {
2182 i_size_write(inode, pos + copied);
2183 i_size_changed = true;
2184 }
2185
2186 unlock_page(page);
2187 put_page(page);
2188
2189 if (old_size < pos)
2190 pagecache_isize_extended(inode, old_size, pos);
2191 /*
2192 * Don't mark the inode dirty under page lock. First, it unnecessarily
2193 * makes the holding time of page lock longer. Second, it forces lock
2194 * ordering of page lock and transaction start for journaling
2195 * filesystems.
2196 */
2197 if (i_size_changed)
2198 mark_inode_dirty(inode);
2199 return copied;
2200}
2201EXPORT_SYMBOL(generic_write_end);
2202
2203/*
2204 * block_is_partially_uptodate checks whether buffers within a page are
2205 * uptodate or not.
2206 *
2207 * Returns true if all buffers which correspond to a file portion
2208 * we want to read are uptodate.
2209 */
2210int block_is_partially_uptodate(struct page *page, unsigned long from,
2211 unsigned long count)
2212{
2213 unsigned block_start, block_end, blocksize;
2214 unsigned to;
2215 struct buffer_head *bh, *head;
2216 int ret = 1;
2217
2218 if (!page_has_buffers(page))
2219 return 0;
2220
2221 head = page_buffers(page);
2222 blocksize = head->b_size;
2223 to = min_t(unsigned, PAGE_SIZE - from, count);
2224 to = from + to;
2225 if (from < blocksize && to > PAGE_SIZE - blocksize)
2226 return 0;
2227
2228 bh = head;
2229 block_start = 0;
2230 do {
2231 block_end = block_start + blocksize;
2232 if (block_end > from && block_start < to) {
2233 if (!buffer_uptodate(bh)) {
2234 ret = 0;
2235 break;
2236 }
2237 if (block_end >= to)
2238 break;
2239 }
2240 block_start = block_end;
2241 bh = bh->b_this_page;
2242 } while (bh != head);
2243
2244 return ret;
2245}
2246EXPORT_SYMBOL(block_is_partially_uptodate);
2247
2248/*
2249 * Generic "read page" function for block devices that have the normal
2250 * get_block functionality. This is most of the block device filesystems.
2251 * Reads the page asynchronously --- the unlock_buffer() and
2252 * set/clear_buffer_uptodate() functions propagate buffer state into the
2253 * page struct once IO has completed.
2254 */
2255int block_read_full_page(struct page *page, get_block_t *get_block)
2256{
2257 struct inode *inode = page->mapping->host;
2258 sector_t iblock, lblock;
2259 struct buffer_head *bh, *head, *arr[MAX_BUF_PER_PAGE];
2260 unsigned int blocksize, bbits;
2261 int nr, i;
2262 int fully_mapped = 1;
2263
2264 head = create_page_buffers(page, inode, 0);
2265 blocksize = head->b_size;
2266 bbits = block_size_bits(blocksize);
2267
2268 iblock = (sector_t)page->index << (PAGE_SHIFT - bbits);
2269 lblock = (i_size_read(inode)+blocksize-1) >> bbits;
2270 bh = head;
2271 nr = 0;
2272 i = 0;
2273
2274 do {
2275 if (buffer_uptodate(bh))
2276 continue;
2277
2278 if (!buffer_mapped(bh)) {
2279 int err = 0;
2280
2281 fully_mapped = 0;
2282 if (iblock < lblock) {
2283 WARN_ON(bh->b_size != blocksize);
2284 err = get_block(inode, iblock, bh, 0);
2285 if (err)
2286 SetPageError(page);
2287 }
2288 if (!buffer_mapped(bh)) {
2289 zero_user(page, i * blocksize, blocksize);
2290 if (!err)
2291 set_buffer_uptodate(bh);
2292 continue;
2293 }
2294 /*
2295 * get_block() might have updated the buffer
2296 * synchronously
2297 */
2298 if (buffer_uptodate(bh))
2299 continue;
2300 }
2301 arr[nr++] = bh;
2302 } while (i++, iblock++, (bh = bh->b_this_page) != head);
2303
2304 if (fully_mapped)
2305 SetPageMappedToDisk(page);
2306
2307 if (!nr) {
2308 /*
2309 * All buffers are uptodate - we can set the page uptodate
2310 * as well. But not if get_block() returned an error.
2311 */
2312 if (!PageError(page))
2313 SetPageUptodate(page);
2314 unlock_page(page);
2315 return 0;
2316 }
2317
2318 /* Stage two: lock the buffers */
2319 for (i = 0; i < nr; i++) {
2320 bh = arr[i];
2321 lock_buffer(bh);
2322 mark_buffer_async_read(bh);
2323 }
2324
2325 /*
2326 * Stage 3: start the IO. Check for uptodateness
2327 * inside the buffer lock in case another process reading
2328 * the underlying blockdev brought it uptodate (the sct fix).
2329 */
2330 for (i = 0; i < nr; i++) {
2331 bh = arr[i];
2332 if (buffer_uptodate(bh))
2333 end_buffer_async_read(bh, 1);
2334 else
2335 submit_bh(REQ_OP_READ, 0, bh);
2336 }
2337 return 0;
2338}
2339EXPORT_SYMBOL(block_read_full_page);
2340
2341/* utility function for filesystems that need to do work on expanding
2342 * truncates. Uses filesystem pagecache writes to allow the filesystem to
2343 * deal with the hole.
2344 */
2345int generic_cont_expand_simple(struct inode *inode, loff_t size)
2346{
2347 struct address_space *mapping = inode->i_mapping;
2348 struct page *page;
2349 void *fsdata;
2350 int err;
2351
2352 err = inode_newsize_ok(inode, size);
2353 if (err)
2354 goto out;
2355
2356 err = pagecache_write_begin(NULL, mapping, size, 0,
2357 AOP_FLAG_CONT_EXPAND, &page, &fsdata);
2358 if (err)
2359 goto out;
2360
2361 err = pagecache_write_end(NULL, mapping, size, 0, 0, page, fsdata);
2362 BUG_ON(err > 0);
2363
2364out:
2365 return err;
2366}
2367EXPORT_SYMBOL(generic_cont_expand_simple);
2368
2369static int cont_expand_zero(struct file *file, struct address_space *mapping,
2370 loff_t pos, loff_t *bytes)
2371{
2372 struct inode *inode = mapping->host;
2373 unsigned int blocksize = i_blocksize(inode);
2374 struct page *page;
2375 void *fsdata;
2376 pgoff_t index, curidx;
2377 loff_t curpos;
2378 unsigned zerofrom, offset, len;
2379 int err = 0;
2380
2381 index = pos >> PAGE_SHIFT;
2382 offset = pos & ~PAGE_MASK;
2383
2384 while (index > (curidx = (curpos = *bytes)>>PAGE_SHIFT)) {
2385 zerofrom = curpos & ~PAGE_MASK;
2386 if (zerofrom & (blocksize-1)) {
2387 *bytes |= (blocksize-1);
2388 (*bytes)++;
2389 }
2390 len = PAGE_SIZE - zerofrom;
2391
2392 err = pagecache_write_begin(file, mapping, curpos, len, 0,
2393 &page, &fsdata);
2394 if (err)
2395 goto out;
2396 zero_user(page, zerofrom, len);
2397 err = pagecache_write_end(file, mapping, curpos, len, len,
2398 page, fsdata);
2399 if (err < 0)
2400 goto out;
2401 BUG_ON(err != len);
2402 err = 0;
2403
2404 balance_dirty_pages_ratelimited(mapping);
2405
2406 if (fatal_signal_pending(current)) {
2407 err = -EINTR;
2408 goto out;
2409 }
2410 }
2411
2412 /* page covers the boundary, find the boundary offset */
2413 if (index == curidx) {
2414 zerofrom = curpos & ~PAGE_MASK;
2415 /* if we will expand the thing last block will be filled */
2416 if (offset <= zerofrom) {
2417 goto out;
2418 }
2419 if (zerofrom & (blocksize-1)) {
2420 *bytes |= (blocksize-1);
2421 (*bytes)++;
2422 }
2423 len = offset - zerofrom;
2424
2425 err = pagecache_write_begin(file, mapping, curpos, len, 0,
2426 &page, &fsdata);
2427 if (err)
2428 goto out;
2429 zero_user(page, zerofrom, len);
2430 err = pagecache_write_end(file, mapping, curpos, len, len,
2431 page, fsdata);
2432 if (err < 0)
2433 goto out;
2434 BUG_ON(err != len);
2435 err = 0;
2436 }
2437out:
2438 return err;
2439}
2440
2441/*
2442 * For moronic filesystems that do not allow holes in file.
2443 * We may have to extend the file.
2444 */
2445int cont_write_begin(struct file *file, struct address_space *mapping,
2446 loff_t pos, unsigned len, unsigned flags,
2447 struct page **pagep, void **fsdata,
2448 get_block_t *get_block, loff_t *bytes)
2449{
2450 struct inode *inode = mapping->host;
2451 unsigned int blocksize = i_blocksize(inode);
2452 unsigned int zerofrom;
2453 int err;
2454
2455 err = cont_expand_zero(file, mapping, pos, bytes);
2456 if (err)
2457 return err;
2458
2459 zerofrom = *bytes & ~PAGE_MASK;
2460 if (pos+len > *bytes && zerofrom & (blocksize-1)) {
2461 *bytes |= (blocksize-1);
2462 (*bytes)++;
2463 }
2464
2465 return block_write_begin(mapping, pos, len, flags, pagep, get_block);
2466}
2467EXPORT_SYMBOL(cont_write_begin);
2468
2469int block_commit_write(struct page *page, unsigned from, unsigned to)
2470{
2471 struct inode *inode = page->mapping->host;
2472 __block_commit_write(inode,page,from,to);
2473 return 0;
2474}
2475EXPORT_SYMBOL(block_commit_write);
2476
2477/*
2478 * block_page_mkwrite() is not allowed to change the file size as it gets
2479 * called from a page fault handler when a page is first dirtied. Hence we must
2480 * be careful to check for EOF conditions here. We set the page up correctly
2481 * for a written page which means we get ENOSPC checking when writing into
2482 * holes and correct delalloc and unwritten extent mapping on filesystems that
2483 * support these features.
2484 *
2485 * We are not allowed to take the i_mutex here so we have to play games to
2486 * protect against truncate races as the page could now be beyond EOF. Because
2487 * truncate writes the inode size before removing pages, once we have the
2488 * page lock we can determine safely if the page is beyond EOF. If it is not
2489 * beyond EOF, then the page is guaranteed safe against truncation until we
2490 * unlock the page.
2491 *
2492 * Direct callers of this function should protect against filesystem freezing
2493 * using sb_start_pagefault() - sb_end_pagefault() functions.
2494 */
2495int block_page_mkwrite(struct vm_area_struct *vma, struct vm_fault *vmf,
2496 get_block_t get_block)
2497{
2498 struct page *page = vmf->page;
2499 struct inode *inode = file_inode(vma->vm_file);
2500 unsigned long end;
2501 loff_t size;
2502 int ret;
2503
2504 lock_page(page);
2505 size = i_size_read(inode);
2506 if ((page->mapping != inode->i_mapping) ||
2507 (page_offset(page) > size)) {
2508 /* We overload EFAULT to mean page got truncated */
2509 ret = -EFAULT;
2510 goto out_unlock;
2511 }
2512
2513 /* page is wholly or partially inside EOF */
2514 if (((page->index + 1) << PAGE_SHIFT) > size)
2515 end = size & ~PAGE_MASK;
2516 else
2517 end = PAGE_SIZE;
2518
2519 ret = __block_write_begin(page, 0, end, get_block);
2520 if (!ret)
2521 ret = block_commit_write(page, 0, end);
2522
2523 if (unlikely(ret < 0))
2524 goto out_unlock;
2525 set_page_dirty(page);
2526 wait_for_stable_page(page);
2527 return 0;
2528out_unlock:
2529 unlock_page(page);
2530 return ret;
2531}
2532EXPORT_SYMBOL(block_page_mkwrite);
2533
2534/*
2535 * nobh_write_begin()'s prereads are special: the buffer_heads are freed
2536 * immediately, while under the page lock. So it needs a special end_io
2537 * handler which does not touch the bh after unlocking it.
2538 */
2539static void end_buffer_read_nobh(struct buffer_head *bh, int uptodate)
2540{
2541 __end_buffer_read_notouch(bh, uptodate);
2542}
2543
2544/*
2545 * Attach the singly-linked list of buffers created by nobh_write_begin, to
2546 * the page (converting it to circular linked list and taking care of page
2547 * dirty races).
2548 */
2549static void attach_nobh_buffers(struct page *page, struct buffer_head *head)
2550{
2551 struct buffer_head *bh;
2552
2553 BUG_ON(!PageLocked(page));
2554
2555 spin_lock(&page->mapping->private_lock);
2556 bh = head;
2557 do {
2558 if (PageDirty(page))
2559 set_buffer_dirty(bh);
2560 if (!bh->b_this_page)
2561 bh->b_this_page = head;
2562 bh = bh->b_this_page;
2563 } while (bh != head);
2564 attach_page_private(page, head);
2565 spin_unlock(&page->mapping->private_lock);
2566}
2567
2568/*
2569 * On entry, the page is fully not uptodate.
2570 * On exit the page is fully uptodate in the areas outside (from,to)
2571 * The filesystem needs to handle block truncation upon failure.
2572 */
2573int nobh_write_begin(struct address_space *mapping,
2574 loff_t pos, unsigned len, unsigned flags,
2575 struct page **pagep, void **fsdata,
2576 get_block_t *get_block)
2577{
2578 struct inode *inode = mapping->host;
2579 const unsigned blkbits = inode->i_blkbits;
2580 const unsigned blocksize = 1 << blkbits;
2581 struct buffer_head *head, *bh;
2582 struct page *page;
2583 pgoff_t index;
2584 unsigned from, to;
2585 unsigned block_in_page;
2586 unsigned block_start, block_end;
2587 sector_t block_in_file;
2588 int nr_reads = 0;
2589 int ret = 0;
2590 int is_mapped_to_disk = 1;
2591
2592 index = pos >> PAGE_SHIFT;
2593 from = pos & (PAGE_SIZE - 1);
2594 to = from + len;
2595
2596 page = grab_cache_page_write_begin(mapping, index, flags);
2597 if (!page)
2598 return -ENOMEM;
2599 *pagep = page;
2600 *fsdata = NULL;
2601
2602 if (page_has_buffers(page)) {
2603 ret = __block_write_begin(page, pos, len, get_block);
2604 if (unlikely(ret))
2605 goto out_release;
2606 return ret;
2607 }
2608
2609 if (PageMappedToDisk(page))
2610 return 0;
2611
2612 /*
2613 * Allocate buffers so that we can keep track of state, and potentially
2614 * attach them to the page if an error occurs. In the common case of
2615 * no error, they will just be freed again without ever being attached
2616 * to the page (which is all OK, because we're under the page lock).
2617 *
2618 * Be careful: the buffer linked list is a NULL terminated one, rather
2619 * than the circular one we're used to.
2620 */
2621 head = alloc_page_buffers(page, blocksize, false);
2622 if (!head) {
2623 ret = -ENOMEM;
2624 goto out_release;
2625 }
2626
2627 block_in_file = (sector_t)page->index << (PAGE_SHIFT - blkbits);
2628
2629 /*
2630 * We loop across all blocks in the page, whether or not they are
2631 * part of the affected region. This is so we can discover if the
2632 * page is fully mapped-to-disk.
2633 */
2634 for (block_start = 0, block_in_page = 0, bh = head;
2635 block_start < PAGE_SIZE;
2636 block_in_page++, block_start += blocksize, bh = bh->b_this_page) {
2637 int create;
2638
2639 block_end = block_start + blocksize;
2640 bh->b_state = 0;
2641 create = 1;
2642 if (block_start >= to)
2643 create = 0;
2644 ret = get_block(inode, block_in_file + block_in_page,
2645 bh, create);
2646 if (ret)
2647 goto failed;
2648 if (!buffer_mapped(bh))
2649 is_mapped_to_disk = 0;
2650 if (buffer_new(bh))
2651 clean_bdev_bh_alias(bh);
2652 if (PageUptodate(page)) {
2653 set_buffer_uptodate(bh);
2654 continue;
2655 }
2656 if (buffer_new(bh) || !buffer_mapped(bh)) {
2657 zero_user_segments(page, block_start, from,
2658 to, block_end);
2659 continue;
2660 }
2661 if (buffer_uptodate(bh))
2662 continue; /* reiserfs does this */
2663 if (block_start < from || block_end > to) {
2664 lock_buffer(bh);
2665 bh->b_end_io = end_buffer_read_nobh;
2666 submit_bh(REQ_OP_READ, 0, bh);
2667 nr_reads++;
2668 }
2669 }
2670
2671 if (nr_reads) {
2672 /*
2673 * The page is locked, so these buffers are protected from
2674 * any VM or truncate activity. Hence we don't need to care
2675 * for the buffer_head refcounts.
2676 */
2677 for (bh = head; bh; bh = bh->b_this_page) {
2678 wait_on_buffer(bh);
2679 if (!buffer_uptodate(bh))
2680 ret = -EIO;
2681 }
2682 if (ret)
2683 goto failed;
2684 }
2685
2686 if (is_mapped_to_disk)
2687 SetPageMappedToDisk(page);
2688
2689 *fsdata = head; /* to be released by nobh_write_end */
2690
2691 return 0;
2692
2693failed:
2694 BUG_ON(!ret);
2695 /*
2696 * Error recovery is a bit difficult. We need to zero out blocks that
2697 * were newly allocated, and dirty them to ensure they get written out.
2698 * Buffers need to be attached to the page at this point, otherwise
2699 * the handling of potential IO errors during writeout would be hard
2700 * (could try doing synchronous writeout, but what if that fails too?)
2701 */
2702 attach_nobh_buffers(page, head);
2703 page_zero_new_buffers(page, from, to);
2704
2705out_release:
2706 unlock_page(page);
2707 put_page(page);
2708 *pagep = NULL;
2709
2710 return ret;
2711}
2712EXPORT_SYMBOL(nobh_write_begin);
2713
2714int nobh_write_end(struct file *file, struct address_space *mapping,
2715 loff_t pos, unsigned len, unsigned copied,
2716 struct page *page, void *fsdata)
2717{
2718 struct inode *inode = page->mapping->host;
2719 struct buffer_head *head = fsdata;
2720 struct buffer_head *bh;
2721 BUG_ON(fsdata != NULL && page_has_buffers(page));
2722
2723 if (unlikely(copied < len) && head)
2724 attach_nobh_buffers(page, head);
2725 if (page_has_buffers(page))
2726 return generic_write_end(file, mapping, pos, len,
2727 copied, page, fsdata);
2728
2729 SetPageUptodate(page);
2730 set_page_dirty(page);
2731 if (pos+copied > inode->i_size) {
2732 i_size_write(inode, pos+copied);
2733 mark_inode_dirty(inode);
2734 }
2735
2736 unlock_page(page);
2737 put_page(page);
2738
2739 while (head) {
2740 bh = head;
2741 head = head->b_this_page;
2742 free_buffer_head(bh);
2743 }
2744
2745 return copied;
2746}
2747EXPORT_SYMBOL(nobh_write_end);
2748
2749/*
2750 * nobh_writepage() - based on block_full_write_page() except
2751 * that it tries to operate without attaching bufferheads to
2752 * the page.
2753 */
2754int nobh_writepage(struct page *page, get_block_t *get_block,
2755 struct writeback_control *wbc)
2756{
2757 struct inode * const inode = page->mapping->host;
2758 loff_t i_size = i_size_read(inode);
2759 const pgoff_t end_index = i_size >> PAGE_SHIFT;
2760 unsigned offset;
2761 int ret;
2762
2763 /* Is the page fully inside i_size? */
2764 if (page->index < end_index)
2765 goto out;
2766
2767 /* Is the page fully outside i_size? (truncate in progress) */
2768 offset = i_size & (PAGE_SIZE-1);
2769 if (page->index >= end_index+1 || !offset) {
2770 unlock_page(page);
2771 return 0; /* don't care */
2772 }
2773
2774 /*
2775 * The page straddles i_size. It must be zeroed out on each and every
2776 * writepage invocation because it may be mmapped. "A file is mapped
2777 * in multiples of the page size. For a file that is not a multiple of
2778 * the page size, the remaining memory is zeroed when mapped, and
2779 * writes to that region are not written out to the file."
2780 */
2781 zero_user_segment(page, offset, PAGE_SIZE);
2782out:
2783 ret = mpage_writepage(page, get_block, wbc);
2784 if (ret == -EAGAIN)
2785 ret = __block_write_full_page(inode, page, get_block, wbc,
2786 end_buffer_async_write);
2787 return ret;
2788}
2789EXPORT_SYMBOL(nobh_writepage);
2790
2791int nobh_truncate_page(struct address_space *mapping,
2792 loff_t from, get_block_t *get_block)
2793{
2794 pgoff_t index = from >> PAGE_SHIFT;
2795 unsigned offset = from & (PAGE_SIZE-1);
2796 unsigned blocksize;
2797 sector_t iblock;
2798 unsigned length, pos;
2799 struct inode *inode = mapping->host;
2800 struct page *page;
2801 struct buffer_head map_bh;
2802 int err;
2803
2804 blocksize = i_blocksize(inode);
2805 length = offset & (blocksize - 1);
2806
2807 /* Block boundary? Nothing to do */
2808 if (!length)
2809 return 0;
2810
2811 length = blocksize - length;
2812 iblock = (sector_t)index << (PAGE_SHIFT - inode->i_blkbits);
2813
2814 page = grab_cache_page(mapping, index);
2815 err = -ENOMEM;
2816 if (!page)
2817 goto out;
2818
2819 if (page_has_buffers(page)) {
2820has_buffers:
2821 unlock_page(page);
2822 put_page(page);
2823 return block_truncate_page(mapping, from, get_block);
2824 }
2825
2826 /* Find the buffer that contains "offset" */
2827 pos = blocksize;
2828 while (offset >= pos) {
2829 iblock++;
2830 pos += blocksize;
2831 }
2832
2833 map_bh.b_size = blocksize;
2834 map_bh.b_state = 0;
2835 err = get_block(inode, iblock, &map_bh, 0);
2836 if (err)
2837 goto unlock;
2838 /* unmapped? It's a hole - nothing to do */
2839 if (!buffer_mapped(&map_bh))
2840 goto unlock;
2841
2842 /* Ok, it's mapped. Make sure it's up-to-date */
2843 if (!PageUptodate(page)) {
2844 err = mapping->a_ops->readpage(NULL, page);
2845 if (err) {
2846 put_page(page);
2847 goto out;
2848 }
2849 lock_page(page);
2850 if (!PageUptodate(page)) {
2851 err = -EIO;
2852 goto unlock;
2853 }
2854 if (page_has_buffers(page))
2855 goto has_buffers;
2856 }
2857 zero_user(page, offset, length);
2858 set_page_dirty(page);
2859 err = 0;
2860
2861unlock:
2862 unlock_page(page);
2863 put_page(page);
2864out:
2865 return err;
2866}
2867EXPORT_SYMBOL(nobh_truncate_page);
2868
2869int block_truncate_page(struct address_space *mapping,
2870 loff_t from, get_block_t *get_block)
2871{
2872 pgoff_t index = from >> PAGE_SHIFT;
2873 unsigned offset = from & (PAGE_SIZE-1);
2874 unsigned blocksize;
2875 sector_t iblock;
2876 unsigned length, pos;
2877 struct inode *inode = mapping->host;
2878 struct page *page;
2879 struct buffer_head *bh;
2880 int err;
2881
2882 blocksize = i_blocksize(inode);
2883 length = offset & (blocksize - 1);
2884
2885 /* Block boundary? Nothing to do */
2886 if (!length)
2887 return 0;
2888
2889 length = blocksize - length;
2890 iblock = (sector_t)index << (PAGE_SHIFT - inode->i_blkbits);
2891
2892 page = grab_cache_page(mapping, index);
2893 err = -ENOMEM;
2894 if (!page)
2895 goto out;
2896
2897 if (!page_has_buffers(page))
2898 create_empty_buffers(page, blocksize, 0);
2899
2900 /* Find the buffer that contains "offset" */
2901 bh = page_buffers(page);
2902 pos = blocksize;
2903 while (offset >= pos) {
2904 bh = bh->b_this_page;
2905 iblock++;
2906 pos += blocksize;
2907 }
2908
2909 err = 0;
2910 if (!buffer_mapped(bh)) {
2911 WARN_ON(bh->b_size != blocksize);
2912 err = get_block(inode, iblock, bh, 0);
2913 if (err)
2914 goto unlock;
2915 /* unmapped? It's a hole - nothing to do */
2916 if (!buffer_mapped(bh))
2917 goto unlock;
2918 }
2919
2920 /* Ok, it's mapped. Make sure it's up-to-date */
2921 if (PageUptodate(page))
2922 set_buffer_uptodate(bh);
2923
2924 if (!buffer_uptodate(bh) && !buffer_delay(bh) && !buffer_unwritten(bh)) {
2925 err = -EIO;
2926 ll_rw_block(REQ_OP_READ, 0, 1, &bh);
2927 wait_on_buffer(bh);
2928 /* Uhhuh. Read error. Complain and punt. */
2929 if (!buffer_uptodate(bh))
2930 goto unlock;
2931 }
2932
2933 zero_user(page, offset, length);
2934 mark_buffer_dirty(bh);
2935 err = 0;
2936
2937unlock:
2938 unlock_page(page);
2939 put_page(page);
2940out:
2941 return err;
2942}
2943EXPORT_SYMBOL(block_truncate_page);
2944
2945/*
2946 * The generic ->writepage function for buffer-backed address_spaces
2947 */
2948int block_write_full_page(struct page *page, get_block_t *get_block,
2949 struct writeback_control *wbc)
2950{
2951 struct inode * const inode = page->mapping->host;
2952 loff_t i_size = i_size_read(inode);
2953 const pgoff_t end_index = i_size >> PAGE_SHIFT;
2954 unsigned offset;
2955
2956 /* Is the page fully inside i_size? */
2957 if (page->index < end_index)
2958 return __block_write_full_page(inode, page, get_block, wbc,
2959 end_buffer_async_write);
2960
2961 /* Is the page fully outside i_size? (truncate in progress) */
2962 offset = i_size & (PAGE_SIZE-1);
2963 if (page->index >= end_index+1 || !offset) {
2964 unlock_page(page);
2965 return 0; /* don't care */
2966 }
2967
2968 /*
2969 * The page straddles i_size. It must be zeroed out on each and every
2970 * writepage invocation because it may be mmapped. "A file is mapped
2971 * in multiples of the page size. For a file that is not a multiple of
2972 * the page size, the remaining memory is zeroed when mapped, and
2973 * writes to that region are not written out to the file."
2974 */
2975 zero_user_segment(page, offset, PAGE_SIZE);
2976 return __block_write_full_page(inode, page, get_block, wbc,
2977 end_buffer_async_write);
2978}
2979EXPORT_SYMBOL(block_write_full_page);
2980
2981sector_t generic_block_bmap(struct address_space *mapping, sector_t block,
2982 get_block_t *get_block)
2983{
2984 struct inode *inode = mapping->host;
2985 struct buffer_head tmp = {
2986 .b_size = i_blocksize(inode),
2987 };
2988
2989 get_block(inode, block, &tmp, 0);
2990 return tmp.b_blocknr;
2991}
2992EXPORT_SYMBOL(generic_block_bmap);
2993
2994static void end_bio_bh_io_sync(struct bio *bio)
2995{
2996 struct buffer_head *bh = bio->bi_private;
2997
2998 if (unlikely(bio_flagged(bio, BIO_QUIET)))
2999 set_bit(BH_Quiet, &bh->b_state);
3000
3001 bh->b_end_io(bh, !bio->bi_status);
3002 bio_put(bio);
3003}
3004
3005static int submit_bh_wbc(int op, int op_flags, struct buffer_head *bh,
3006 enum rw_hint write_hint, struct writeback_control *wbc)
3007{
3008 struct bio *bio;
3009
3010 BUG_ON(!buffer_locked(bh));
3011 BUG_ON(!buffer_mapped(bh));
3012 BUG_ON(!bh->b_end_io);
3013 BUG_ON(buffer_delay(bh));
3014 BUG_ON(buffer_unwritten(bh));
3015
3016 /*
3017 * Only clear out a write error when rewriting
3018 */
3019 if (test_set_buffer_req(bh) && (op == REQ_OP_WRITE))
3020 clear_buffer_write_io_error(bh);
3021
3022 bio = bio_alloc(GFP_NOIO, 1);
3023
3024 fscrypt_set_bio_crypt_ctx_bh(bio, bh, GFP_NOIO);
3025
3026 bio->bi_iter.bi_sector = bh->b_blocknr * (bh->b_size >> 9);
3027 bio_set_dev(bio, bh->b_bdev);
3028 bio->bi_write_hint = write_hint;
3029
3030 bio_add_page(bio, bh->b_page, bh->b_size, bh_offset(bh));
3031 BUG_ON(bio->bi_iter.bi_size != bh->b_size);
3032
3033 bio->bi_end_io = end_bio_bh_io_sync;
3034 bio->bi_private = bh;
3035
3036 if (buffer_meta(bh))
3037 op_flags |= REQ_META;
3038 if (buffer_prio(bh))
3039 op_flags |= REQ_PRIO;
3040 bio_set_op_attrs(bio, op, op_flags);
3041
3042 /* Take care of bh's that straddle the end of the device */
3043 guard_bio_eod(bio);
3044
3045 if (wbc) {
3046 wbc_init_bio(wbc, bio);
3047 wbc_account_cgroup_owner(wbc, bh->b_page, bh->b_size);
3048 }
3049
3050 submit_bio(bio);
3051 return 0;
3052}
3053
3054int submit_bh(int op, int op_flags, struct buffer_head *bh)
3055{
3056 return submit_bh_wbc(op, op_flags, bh, 0, NULL);
3057}
3058EXPORT_SYMBOL(submit_bh);
3059
3060/**
3061 * ll_rw_block: low-level access to block devices (DEPRECATED)
3062 * @op: whether to %READ or %WRITE
3063 * @op_flags: req_flag_bits
3064 * @nr: number of &struct buffer_heads in the array
3065 * @bhs: array of pointers to &struct buffer_head
3066 *
3067 * ll_rw_block() takes an array of pointers to &struct buffer_heads, and
3068 * requests an I/O operation on them, either a %REQ_OP_READ or a %REQ_OP_WRITE.
3069 * @op_flags contains flags modifying the detailed I/O behavior, most notably
3070 * %REQ_RAHEAD.
3071 *
3072 * This function drops any buffer that it cannot get a lock on (with the
3073 * BH_Lock state bit), any buffer that appears to be clean when doing a write
3074 * request, and any buffer that appears to be up-to-date when doing read
3075 * request. Further it marks as clean buffers that are processed for
3076 * writing (the buffer cache won't assume that they are actually clean
3077 * until the buffer gets unlocked).
3078 *
3079 * ll_rw_block sets b_end_io to simple completion handler that marks
3080 * the buffer up-to-date (if appropriate), unlocks the buffer and wakes
3081 * any waiters.
3082 *
3083 * All of the buffers must be for the same device, and must also be a
3084 * multiple of the current approved size for the device.
3085 */
3086void ll_rw_block(int op, int op_flags, int nr, struct buffer_head *bhs[])
3087{
3088 int i;
3089
3090 for (i = 0; i < nr; i++) {
3091 struct buffer_head *bh = bhs[i];
3092
3093 if (!trylock_buffer(bh))
3094 continue;
3095 if (op == WRITE) {
3096 if (test_clear_buffer_dirty(bh)) {
3097 bh->b_end_io = end_buffer_write_sync;
3098 get_bh(bh);
3099 submit_bh(op, op_flags, bh);
3100 continue;
3101 }
3102 } else {
3103 if (!buffer_uptodate(bh)) {
3104 bh->b_end_io = end_buffer_read_sync;
3105 get_bh(bh);
3106 submit_bh(op, op_flags, bh);
3107 continue;
3108 }
3109 }
3110 unlock_buffer(bh);
3111 }
3112}
3113EXPORT_SYMBOL(ll_rw_block);
3114
3115void write_dirty_buffer(struct buffer_head *bh, int op_flags)
3116{
3117 lock_buffer(bh);
3118 if (!test_clear_buffer_dirty(bh)) {
3119 unlock_buffer(bh);
3120 return;
3121 }
3122 bh->b_end_io = end_buffer_write_sync;
3123 get_bh(bh);
3124 submit_bh(REQ_OP_WRITE, op_flags, bh);
3125}
3126EXPORT_SYMBOL(write_dirty_buffer);
3127
3128/*
3129 * For a data-integrity writeout, we need to wait upon any in-progress I/O
3130 * and then start new I/O and then wait upon it. The caller must have a ref on
3131 * the buffer_head.
3132 */
3133int __sync_dirty_buffer(struct buffer_head *bh, int op_flags)
3134{
3135 int ret = 0;
3136
3137 WARN_ON(atomic_read(&bh->b_count) < 1);
3138 lock_buffer(bh);
3139 if (test_clear_buffer_dirty(bh)) {
3140 /*
3141 * The bh should be mapped, but it might not be if the
3142 * device was hot-removed. Not much we can do but fail the I/O.
3143 */
3144 if (!buffer_mapped(bh)) {
3145 unlock_buffer(bh);
3146 return -EIO;
3147 }
3148
3149 get_bh(bh);
3150 bh->b_end_io = end_buffer_write_sync;
3151 ret = submit_bh(REQ_OP_WRITE, op_flags, bh);
3152 wait_on_buffer(bh);
3153 if (!ret && !buffer_uptodate(bh))
3154 ret = -EIO;
3155 } else {
3156 unlock_buffer(bh);
3157 }
3158 return ret;
3159}
3160EXPORT_SYMBOL(__sync_dirty_buffer);
3161
3162int sync_dirty_buffer(struct buffer_head *bh)
3163{
3164 return __sync_dirty_buffer(bh, REQ_SYNC);
3165}
3166EXPORT_SYMBOL(sync_dirty_buffer);
3167
3168/*
3169 * try_to_free_buffers() checks if all the buffers on this particular page
3170 * are unused, and releases them if so.
3171 *
3172 * Exclusion against try_to_free_buffers may be obtained by either
3173 * locking the page or by holding its mapping's private_lock.
3174 *
3175 * If the page is dirty but all the buffers are clean then we need to
3176 * be sure to mark the page clean as well. This is because the page
3177 * may be against a block device, and a later reattachment of buffers
3178 * to a dirty page will set *all* buffers dirty. Which would corrupt
3179 * filesystem data on the same device.
3180 *
3181 * The same applies to regular filesystem pages: if all the buffers are
3182 * clean then we set the page clean and proceed. To do that, we require
3183 * total exclusion from __set_page_dirty_buffers(). That is obtained with
3184 * private_lock.
3185 *
3186 * try_to_free_buffers() is non-blocking.
3187 */
3188static inline int buffer_busy(struct buffer_head *bh)
3189{
3190 return atomic_read(&bh->b_count) |
3191 (bh->b_state & ((1 << BH_Dirty) | (1 << BH_Lock)));
3192}
3193
3194static int
3195drop_buffers(struct page *page, struct buffer_head **buffers_to_free)
3196{
3197 struct buffer_head *head = page_buffers(page);
3198 struct buffer_head *bh;
3199
3200 bh = head;
3201 do {
3202 if (buffer_busy(bh))
3203 goto failed;
3204 bh = bh->b_this_page;
3205 } while (bh != head);
3206
3207 do {
3208 struct buffer_head *next = bh->b_this_page;
3209
3210 if (bh->b_assoc_map)
3211 __remove_assoc_queue(bh);
3212 bh = next;
3213 } while (bh != head);
3214 *buffers_to_free = head;
3215 detach_page_private(page);
3216 return 1;
3217failed:
3218 return 0;
3219}
3220
3221int try_to_free_buffers(struct page *page)
3222{
3223 struct address_space * const mapping = page->mapping;
3224 struct buffer_head *buffers_to_free = NULL;
3225 int ret = 0;
3226
3227 BUG_ON(!PageLocked(page));
3228 if (PageWriteback(page))
3229 return 0;
3230
3231 if (mapping == NULL) { /* can this still happen? */
3232 ret = drop_buffers(page, &buffers_to_free);
3233 goto out;
3234 }
3235
3236 spin_lock(&mapping->private_lock);
3237 ret = drop_buffers(page, &buffers_to_free);
3238
3239 /*
3240 * If the filesystem writes its buffers by hand (eg ext3)
3241 * then we can have clean buffers against a dirty page. We
3242 * clean the page here; otherwise the VM will never notice
3243 * that the filesystem did any IO at all.
3244 *
3245 * Also, during truncate, discard_buffer will have marked all
3246 * the page's buffers clean. We discover that here and clean
3247 * the page also.
3248 *
3249 * private_lock must be held over this entire operation in order
3250 * to synchronise against __set_page_dirty_buffers and prevent the
3251 * dirty bit from being lost.
3252 */
3253 if (ret)
3254 cancel_dirty_page(page);
3255 spin_unlock(&mapping->private_lock);
3256out:
3257 if (buffers_to_free) {
3258 struct buffer_head *bh = buffers_to_free;
3259
3260 do {
3261 struct buffer_head *next = bh->b_this_page;
3262 free_buffer_head(bh);
3263 bh = next;
3264 } while (bh != buffers_to_free);
3265 }
3266 return ret;
3267}
3268EXPORT_SYMBOL(try_to_free_buffers);
3269
3270/*
3271 * There are no bdflush tunables left. But distributions are
3272 * still running obsolete flush daemons, so we terminate them here.
3273 *
3274 * Use of bdflush() is deprecated and will be removed in a future kernel.
3275 * The `flush-X' kernel threads fully replace bdflush daemons and this call.
3276 */
3277SYSCALL_DEFINE2(bdflush, int, func, long, data)
3278{
3279 static int msg_count;
3280
3281 if (!capable(CAP_SYS_ADMIN))
3282 return -EPERM;
3283
3284 if (msg_count < 5) {
3285 msg_count++;
3286 printk(KERN_INFO
3287 "warning: process `%s' used the obsolete bdflush"
3288 " system call\n", current->comm);
3289 printk(KERN_INFO "Fix your initscripts?\n");
3290 }
3291
3292 if (func == 1)
3293 do_exit(0);
3294 return 0;
3295}
3296
3297/*
3298 * Buffer-head allocation
3299 */
3300static struct kmem_cache *bh_cachep __read_mostly;
3301
3302/*
3303 * Once the number of bh's in the machine exceeds this level, we start
3304 * stripping them in writeback.
3305 */
3306static unsigned long max_buffer_heads;
3307
3308int buffer_heads_over_limit;
3309
3310struct bh_accounting {
3311 int nr; /* Number of live bh's */
3312 int ratelimit; /* Limit cacheline bouncing */
3313};
3314
3315static DEFINE_PER_CPU(struct bh_accounting, bh_accounting) = {0, 0};
3316
3317static void recalc_bh_state(void)
3318{
3319 int i;
3320 int tot = 0;
3321
3322 if (__this_cpu_inc_return(bh_accounting.ratelimit) - 1 < 4096)
3323 return;
3324 __this_cpu_write(bh_accounting.ratelimit, 0);
3325 for_each_online_cpu(i)
3326 tot += per_cpu(bh_accounting, i).nr;
3327 buffer_heads_over_limit = (tot > max_buffer_heads);
3328}
3329
3330struct buffer_head *alloc_buffer_head(gfp_t gfp_flags)
3331{
3332 struct buffer_head *ret = kmem_cache_zalloc(bh_cachep, gfp_flags);
3333 if (ret) {
3334 INIT_LIST_HEAD(&ret->b_assoc_buffers);
3335 spin_lock_init(&ret->b_uptodate_lock);
3336 preempt_disable();
3337 __this_cpu_inc(bh_accounting.nr);
3338 recalc_bh_state();
3339 preempt_enable();
3340 }
3341 return ret;
3342}
3343EXPORT_SYMBOL(alloc_buffer_head);
3344
3345void free_buffer_head(struct buffer_head *bh)
3346{
3347 BUG_ON(!list_empty(&bh->b_assoc_buffers));
3348 kmem_cache_free(bh_cachep, bh);
3349 preempt_disable();
3350 __this_cpu_dec(bh_accounting.nr);
3351 recalc_bh_state();
3352 preempt_enable();
3353}
3354EXPORT_SYMBOL(free_buffer_head);
3355
3356static int buffer_exit_cpu_dead(unsigned int cpu)
3357{
3358 int i;
3359 struct bh_lru *b = &per_cpu(bh_lrus, cpu);
3360
3361 for (i = 0; i < BH_LRU_SIZE; i++) {
3362 brelse(b->bhs[i]);
3363 b->bhs[i] = NULL;
3364 }
3365 this_cpu_add(bh_accounting.nr, per_cpu(bh_accounting, cpu).nr);
3366 per_cpu(bh_accounting, cpu).nr = 0;
3367 return 0;
3368}
3369
3370/**
3371 * bh_uptodate_or_lock - Test whether the buffer is uptodate
3372 * @bh: struct buffer_head
3373 *
3374 * Return true if the buffer is up-to-date and false,
3375 * with the buffer locked, if not.
3376 */
3377int bh_uptodate_or_lock(struct buffer_head *bh)
3378{
3379 if (!buffer_uptodate(bh)) {
3380 lock_buffer(bh);
3381 if (!buffer_uptodate(bh))
3382 return 0;
3383 unlock_buffer(bh);
3384 }
3385 return 1;
3386}
3387EXPORT_SYMBOL(bh_uptodate_or_lock);
3388
3389/**
3390 * bh_submit_read - Submit a locked buffer for reading
3391 * @bh: struct buffer_head
3392 *
3393 * Returns zero on success and -EIO on error.
3394 */
3395int bh_submit_read(struct buffer_head *bh)
3396{
3397 BUG_ON(!buffer_locked(bh));
3398
3399 if (buffer_uptodate(bh)) {
3400 unlock_buffer(bh);
3401 return 0;
3402 }
3403
3404 get_bh(bh);
3405 bh->b_end_io = end_buffer_read_sync;
3406 submit_bh(REQ_OP_READ, 0, bh);
3407 wait_on_buffer(bh);
3408 if (buffer_uptodate(bh))
3409 return 0;
3410 return -EIO;
3411}
3412EXPORT_SYMBOL(bh_submit_read);
3413
3414void __init buffer_init(void)
3415{
3416 unsigned long nrpages;
3417 int ret;
3418
3419 bh_cachep = kmem_cache_create("buffer_head",
3420 sizeof(struct buffer_head), 0,
3421 (SLAB_RECLAIM_ACCOUNT|SLAB_PANIC|
3422 SLAB_MEM_SPREAD),
3423 NULL);
3424
3425 /*
3426 * Limit the bh occupancy to 10% of ZONE_NORMAL
3427 */
3428 nrpages = (nr_free_buffer_pages() * 10) / 100;
3429 max_buffer_heads = nrpages * (PAGE_SIZE / sizeof(struct buffer_head));
3430 ret = cpuhp_setup_state_nocalls(CPUHP_FS_BUFF_DEAD, "fs/buffer:dead",
3431 NULL, buffer_exit_cpu_dead);
3432 WARN_ON(ret < 0);
3433}