547c43d777
- Various cleanups and code fixes - Implement lazytime as a mount option - Convert various on-disk metadata checks from asserts to -EFSCORRUPTED - Fix accounting problems with the rmap per-ag reservations - Refactorings and cleanups for xfs_log_force - Various bugfixes for the reflink code - Work around v5 AGFL padding problems to prevent fs shutdowns - Establish inode fork verifiers to inspect on-disk metadata correctness - Various online scrub fixes - Fix v5 swapext blowing up on deleted inodes -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAABCgAGBQJawZs5AAoJEPh/dxk0SrTrUbAQAKCT0zaYDHViC6p0yxVMTa1z 7fivnwtKNYc2LiihV6wPp+Hj5YtTGExYncJOLuTsAIuBZ6px+jlV9bpA8X9mWgbN e5XXyqz1O8nn/5iBwKRQm2yFdSnsQQfWXNm0XPNTuPGxuzlzxF/rpFN4UlWGdZul tigHom5gZD//GYfYHrsOb/7CIRGw90ebpqM3Nt4eAi5o0H5eK46sHKUYtAngSfPm FdPHJwmw5Kx+yZW5EdR+ELbLqGsBKsOfsp9SG+un0R+kvj/CKC2ovgwS6tuU+gsi MRD8C0zHlz4ikQrmJ0bV+no7T+9bC8fQDIZu0h7dQ1acWb2F1Epr1LRIxNH/1bLi qbtchVZkCNXiV0GMQ2iNo1cDJO3AICsQwTuktpoUMU1QOWgQenvzdZCUOQAUqne6 xwnrCq19UbmNlCdkRWChrVn9Gb7FNYVhe15W/y0qZhzJxWam6yIzKBm91Zc/XLp8 L5VUc+FVmtSiHXpEVttSwVeMSzhDfG6qOL42dFmw7xwh7JO/vXi0MlxjGe215ApS lhBWjEOGB9kbUxMjhqS5KsFn8E1DhL0AMD7N53z7eBTh5Eani81ytf1PzXWhvLbI 1auY0+7cVggXFltcW6rfAJFC0EEuw6wsx86rl3G+dQ9vmlhy4zaWlt0EJEGmNC90 Kw4GpFLDmtV93K++lD1C =fdIf -----END PGP SIGNATURE----- Merge tag 'xfs-4.17-merge-1' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux Pull xfs updates from Darrick Wong: "Here's the first round of fixes for XFS for 4.17. The biggest new features this time around are the addition of lazytime support, further enhancement of the on-disk inode metadata verifiers, and a patch to smooth over some of the AGFL padding problems that have intermittently plagued users since 4.5. I forsee sending a second pull request next week with further bug fixes and speedups in the online scrub code and elsewhere. This series has been run through a full xfstests run over the weekend and through a quick xfstests run against this morning's master, with no major failures reported. Summary of changes for this release: - Various cleanups and code fixes - Implement lazytime as a mount option - Convert various on-disk metadata checks from asserts to -EFSCORRUPTED - Fix accounting problems with the rmap per-ag reservations - Refactorings and cleanups for xfs_log_force - Various bugfixes for the reflink code - Work around v5 AGFL padding problems to prevent fs shutdowns - Establish inode fork verifiers to inspect on-disk metadata correctness - Various online scrub fixes - Fix v5 swapext blowing up on deleted inodes" * tag 'xfs-4.17-merge-1' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux: (49 commits) xfs: do not log/recover swapext extent owner changes for deleted inodes xfs: clean up xfs_mount allocation and dynamic initializers xfs: remove dead inode version setting code xfs: catch inode allocation state mismatch corruption xfs: xfs_scrub_iallocbt_xref_rmap_inodes should use xref_set_corrupt xfs: flag inode corruption if parent ptr doesn't get us a real inode xfs: don't accept inode buffers with suspicious unlinked chains xfs: move inode extent size hint validation to libxfs xfs: record inode buf errors as a xref error in inobt scrubber xfs: remove xfs_buf parameter from inode scrub methods xfs: inode scrubber shouldn't bother with raw checks xfs: bmap scrubber should do rmap xref with bmap for sparse files xfs: refactor inode buffer verifier error logging xfs: refactor inode verifier error logging xfs: refactor bmap record validation xfs: sanity-check the unused space before trying to use it xfs: detect agfl count corruption and reset agfl xfs: unwind the try_again loop in xfs_log_force xfs: refactor xfs_log_force_lsn xfs: minor cleanup for xfs_reflink_end_cow ...
375 lines
9.9 KiB
C
375 lines
9.9 KiB
C
// SPDX-License-Identifier: GPL-2.0
|
|
/*
|
|
* High-level sync()-related operations
|
|
*/
|
|
|
|
#include <linux/kernel.h>
|
|
#include <linux/file.h>
|
|
#include <linux/fs.h>
|
|
#include <linux/slab.h>
|
|
#include <linux/export.h>
|
|
#include <linux/namei.h>
|
|
#include <linux/sched.h>
|
|
#include <linux/writeback.h>
|
|
#include <linux/syscalls.h>
|
|
#include <linux/linkage.h>
|
|
#include <linux/pagemap.h>
|
|
#include <linux/quotaops.h>
|
|
#include <linux/backing-dev.h>
|
|
#include "internal.h"
|
|
|
|
#define VALID_FLAGS (SYNC_FILE_RANGE_WAIT_BEFORE|SYNC_FILE_RANGE_WRITE| \
|
|
SYNC_FILE_RANGE_WAIT_AFTER)
|
|
|
|
/*
|
|
* Do the filesystem syncing work. For simple filesystems
|
|
* writeback_inodes_sb(sb) just dirties buffers with inodes so we have to
|
|
* submit IO for these buffers via __sync_blockdev(). This also speeds up the
|
|
* wait == 1 case since in that case write_inode() functions do
|
|
* sync_dirty_buffer() and thus effectively write one block at a time.
|
|
*/
|
|
static int __sync_filesystem(struct super_block *sb, int wait)
|
|
{
|
|
if (wait)
|
|
sync_inodes_sb(sb);
|
|
else
|
|
writeback_inodes_sb(sb, WB_REASON_SYNC);
|
|
|
|
if (sb->s_op->sync_fs)
|
|
sb->s_op->sync_fs(sb, wait);
|
|
return __sync_blockdev(sb->s_bdev, wait);
|
|
}
|
|
|
|
/*
|
|
* Write out and wait upon all dirty data associated with this
|
|
* superblock. Filesystem data as well as the underlying block
|
|
* device. Takes the superblock lock.
|
|
*/
|
|
int sync_filesystem(struct super_block *sb)
|
|
{
|
|
int ret;
|
|
|
|
/*
|
|
* We need to be protected against the filesystem going from
|
|
* r/o to r/w or vice versa.
|
|
*/
|
|
WARN_ON(!rwsem_is_locked(&sb->s_umount));
|
|
|
|
/*
|
|
* No point in syncing out anything if the filesystem is read-only.
|
|
*/
|
|
if (sb_rdonly(sb))
|
|
return 0;
|
|
|
|
ret = __sync_filesystem(sb, 0);
|
|
if (ret < 0)
|
|
return ret;
|
|
return __sync_filesystem(sb, 1);
|
|
}
|
|
EXPORT_SYMBOL(sync_filesystem);
|
|
|
|
static void sync_inodes_one_sb(struct super_block *sb, void *arg)
|
|
{
|
|
if (!sb_rdonly(sb))
|
|
sync_inodes_sb(sb);
|
|
}
|
|
|
|
static void sync_fs_one_sb(struct super_block *sb, void *arg)
|
|
{
|
|
if (!sb_rdonly(sb) && sb->s_op->sync_fs)
|
|
sb->s_op->sync_fs(sb, *(int *)arg);
|
|
}
|
|
|
|
static void fdatawrite_one_bdev(struct block_device *bdev, void *arg)
|
|
{
|
|
filemap_fdatawrite(bdev->bd_inode->i_mapping);
|
|
}
|
|
|
|
static void fdatawait_one_bdev(struct block_device *bdev, void *arg)
|
|
{
|
|
/*
|
|
* We keep the error status of individual mapping so that
|
|
* applications can catch the writeback error using fsync(2).
|
|
* See filemap_fdatawait_keep_errors() for details.
|
|
*/
|
|
filemap_fdatawait_keep_errors(bdev->bd_inode->i_mapping);
|
|
}
|
|
|
|
/*
|
|
* Sync everything. We start by waking flusher threads so that most of
|
|
* writeback runs on all devices in parallel. Then we sync all inodes reliably
|
|
* which effectively also waits for all flusher threads to finish doing
|
|
* writeback. At this point all data is on disk so metadata should be stable
|
|
* and we tell filesystems to sync their metadata via ->sync_fs() calls.
|
|
* Finally, we writeout all block devices because some filesystems (e.g. ext2)
|
|
* just write metadata (such as inodes or bitmaps) to block device page cache
|
|
* and do not sync it on their own in ->sync_fs().
|
|
*/
|
|
void ksys_sync(void)
|
|
{
|
|
int nowait = 0, wait = 1;
|
|
|
|
wakeup_flusher_threads(WB_REASON_SYNC);
|
|
iterate_supers(sync_inodes_one_sb, NULL);
|
|
iterate_supers(sync_fs_one_sb, &nowait);
|
|
iterate_supers(sync_fs_one_sb, &wait);
|
|
iterate_bdevs(fdatawrite_one_bdev, NULL);
|
|
iterate_bdevs(fdatawait_one_bdev, NULL);
|
|
if (unlikely(laptop_mode))
|
|
laptop_sync_completion();
|
|
}
|
|
|
|
SYSCALL_DEFINE0(sync)
|
|
{
|
|
ksys_sync();
|
|
return 0;
|
|
}
|
|
|
|
static void do_sync_work(struct work_struct *work)
|
|
{
|
|
int nowait = 0;
|
|
|
|
/*
|
|
* Sync twice to reduce the possibility we skipped some inodes / pages
|
|
* because they were temporarily locked
|
|
*/
|
|
iterate_supers(sync_inodes_one_sb, &nowait);
|
|
iterate_supers(sync_fs_one_sb, &nowait);
|
|
iterate_bdevs(fdatawrite_one_bdev, NULL);
|
|
iterate_supers(sync_inodes_one_sb, &nowait);
|
|
iterate_supers(sync_fs_one_sb, &nowait);
|
|
iterate_bdevs(fdatawrite_one_bdev, NULL);
|
|
printk("Emergency Sync complete\n");
|
|
kfree(work);
|
|
}
|
|
|
|
void emergency_sync(void)
|
|
{
|
|
struct work_struct *work;
|
|
|
|
work = kmalloc(sizeof(*work), GFP_ATOMIC);
|
|
if (work) {
|
|
INIT_WORK(work, do_sync_work);
|
|
schedule_work(work);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* sync a single super
|
|
*/
|
|
SYSCALL_DEFINE1(syncfs, int, fd)
|
|
{
|
|
struct fd f = fdget(fd);
|
|
struct super_block *sb;
|
|
int ret;
|
|
|
|
if (!f.file)
|
|
return -EBADF;
|
|
sb = f.file->f_path.dentry->d_sb;
|
|
|
|
down_read(&sb->s_umount);
|
|
ret = sync_filesystem(sb);
|
|
up_read(&sb->s_umount);
|
|
|
|
fdput(f);
|
|
return ret;
|
|
}
|
|
|
|
/**
|
|
* vfs_fsync_range - helper to sync a range of data & metadata to disk
|
|
* @file: file to sync
|
|
* @start: offset in bytes of the beginning of data range to sync
|
|
* @end: offset in bytes of the end of data range (inclusive)
|
|
* @datasync: perform only datasync
|
|
*
|
|
* Write back data in range @start..@end and metadata for @file to disk. If
|
|
* @datasync is set only metadata needed to access modified file data is
|
|
* written.
|
|
*/
|
|
int vfs_fsync_range(struct file *file, loff_t start, loff_t end, int datasync)
|
|
{
|
|
struct inode *inode = file->f_mapping->host;
|
|
|
|
if (!file->f_op->fsync)
|
|
return -EINVAL;
|
|
if (!datasync && (inode->i_state & I_DIRTY_TIME))
|
|
mark_inode_dirty_sync(inode);
|
|
return file->f_op->fsync(file, start, end, datasync);
|
|
}
|
|
EXPORT_SYMBOL(vfs_fsync_range);
|
|
|
|
/**
|
|
* vfs_fsync - perform a fsync or fdatasync on a file
|
|
* @file: file to sync
|
|
* @datasync: only perform a fdatasync operation
|
|
*
|
|
* Write back data and metadata for @file to disk. If @datasync is
|
|
* set only metadata needed to access modified file data is written.
|
|
*/
|
|
int vfs_fsync(struct file *file, int datasync)
|
|
{
|
|
return vfs_fsync_range(file, 0, LLONG_MAX, datasync);
|
|
}
|
|
EXPORT_SYMBOL(vfs_fsync);
|
|
|
|
static int do_fsync(unsigned int fd, int datasync)
|
|
{
|
|
struct fd f = fdget(fd);
|
|
int ret = -EBADF;
|
|
|
|
if (f.file) {
|
|
ret = vfs_fsync(f.file, datasync);
|
|
fdput(f);
|
|
}
|
|
return ret;
|
|
}
|
|
|
|
SYSCALL_DEFINE1(fsync, unsigned int, fd)
|
|
{
|
|
return do_fsync(fd, 0);
|
|
}
|
|
|
|
SYSCALL_DEFINE1(fdatasync, unsigned int, fd)
|
|
{
|
|
return do_fsync(fd, 1);
|
|
}
|
|
|
|
/*
|
|
* sys_sync_file_range() permits finely controlled syncing over a segment of
|
|
* a file in the range offset .. (offset+nbytes-1) inclusive. If nbytes is
|
|
* zero then sys_sync_file_range() will operate from offset out to EOF.
|
|
*
|
|
* The flag bits are:
|
|
*
|
|
* SYNC_FILE_RANGE_WAIT_BEFORE: wait upon writeout of all pages in the range
|
|
* before performing the write.
|
|
*
|
|
* SYNC_FILE_RANGE_WRITE: initiate writeout of all those dirty pages in the
|
|
* range which are not presently under writeback. Note that this may block for
|
|
* significant periods due to exhaustion of disk request structures.
|
|
*
|
|
* SYNC_FILE_RANGE_WAIT_AFTER: wait upon writeout of all pages in the range
|
|
* after performing the write.
|
|
*
|
|
* Useful combinations of the flag bits are:
|
|
*
|
|
* SYNC_FILE_RANGE_WAIT_BEFORE|SYNC_FILE_RANGE_WRITE: ensures that all pages
|
|
* in the range which were dirty on entry to sys_sync_file_range() are placed
|
|
* under writeout. This is a start-write-for-data-integrity operation.
|
|
*
|
|
* SYNC_FILE_RANGE_WRITE: start writeout of all dirty pages in the range which
|
|
* are not presently under writeout. This is an asynchronous flush-to-disk
|
|
* operation. Not suitable for data integrity operations.
|
|
*
|
|
* SYNC_FILE_RANGE_WAIT_BEFORE (or SYNC_FILE_RANGE_WAIT_AFTER): wait for
|
|
* completion of writeout of all pages in the range. This will be used after an
|
|
* earlier SYNC_FILE_RANGE_WAIT_BEFORE|SYNC_FILE_RANGE_WRITE operation to wait
|
|
* for that operation to complete and to return the result.
|
|
*
|
|
* SYNC_FILE_RANGE_WAIT_BEFORE|SYNC_FILE_RANGE_WRITE|SYNC_FILE_RANGE_WAIT_AFTER:
|
|
* a traditional sync() operation. This is a write-for-data-integrity operation
|
|
* which will ensure that all pages in the range which were dirty on entry to
|
|
* sys_sync_file_range() are committed to disk.
|
|
*
|
|
*
|
|
* SYNC_FILE_RANGE_WAIT_BEFORE and SYNC_FILE_RANGE_WAIT_AFTER will detect any
|
|
* I/O errors or ENOSPC conditions and will return those to the caller, after
|
|
* clearing the EIO and ENOSPC flags in the address_space.
|
|
*
|
|
* It should be noted that none of these operations write out the file's
|
|
* metadata. So unless the application is strictly performing overwrites of
|
|
* already-instantiated disk blocks, there are no guarantees here that the data
|
|
* will be available after a crash.
|
|
*/
|
|
int ksys_sync_file_range(int fd, loff_t offset, loff_t nbytes,
|
|
unsigned int flags)
|
|
{
|
|
int ret;
|
|
struct fd f;
|
|
struct address_space *mapping;
|
|
loff_t endbyte; /* inclusive */
|
|
umode_t i_mode;
|
|
|
|
ret = -EINVAL;
|
|
if (flags & ~VALID_FLAGS)
|
|
goto out;
|
|
|
|
endbyte = offset + nbytes;
|
|
|
|
if ((s64)offset < 0)
|
|
goto out;
|
|
if ((s64)endbyte < 0)
|
|
goto out;
|
|
if (endbyte < offset)
|
|
goto out;
|
|
|
|
if (sizeof(pgoff_t) == 4) {
|
|
if (offset >= (0x100000000ULL << PAGE_SHIFT)) {
|
|
/*
|
|
* The range starts outside a 32 bit machine's
|
|
* pagecache addressing capabilities. Let it "succeed"
|
|
*/
|
|
ret = 0;
|
|
goto out;
|
|
}
|
|
if (endbyte >= (0x100000000ULL << PAGE_SHIFT)) {
|
|
/*
|
|
* Out to EOF
|
|
*/
|
|
nbytes = 0;
|
|
}
|
|
}
|
|
|
|
if (nbytes == 0)
|
|
endbyte = LLONG_MAX;
|
|
else
|
|
endbyte--; /* inclusive */
|
|
|
|
ret = -EBADF;
|
|
f = fdget(fd);
|
|
if (!f.file)
|
|
goto out;
|
|
|
|
i_mode = file_inode(f.file)->i_mode;
|
|
ret = -ESPIPE;
|
|
if (!S_ISREG(i_mode) && !S_ISBLK(i_mode) && !S_ISDIR(i_mode) &&
|
|
!S_ISLNK(i_mode))
|
|
goto out_put;
|
|
|
|
mapping = f.file->f_mapping;
|
|
ret = 0;
|
|
if (flags & SYNC_FILE_RANGE_WAIT_BEFORE) {
|
|
ret = file_fdatawait_range(f.file, offset, endbyte);
|
|
if (ret < 0)
|
|
goto out_put;
|
|
}
|
|
|
|
if (flags & SYNC_FILE_RANGE_WRITE) {
|
|
ret = __filemap_fdatawrite_range(mapping, offset, endbyte,
|
|
WB_SYNC_NONE);
|
|
if (ret < 0)
|
|
goto out_put;
|
|
}
|
|
|
|
if (flags & SYNC_FILE_RANGE_WAIT_AFTER)
|
|
ret = file_fdatawait_range(f.file, offset, endbyte);
|
|
|
|
out_put:
|
|
fdput(f);
|
|
out:
|
|
return ret;
|
|
}
|
|
|
|
SYSCALL_DEFINE4(sync_file_range, int, fd, loff_t, offset, loff_t, nbytes,
|
|
unsigned int, flags)
|
|
{
|
|
return ksys_sync_file_range(fd, offset, nbytes, flags);
|
|
}
|
|
|
|
/* It would be nice if people remember that not all the world's an i386
|
|
when they introduce new system calls */
|
|
SYSCALL_DEFINE4(sync_file_range2, int, fd, unsigned int, flags,
|
|
loff_t, offset, loff_t, nbytes)
|
|
{
|
|
return ksys_sync_file_range(fd, offset, nbytes, flags);
|
|
}
|