transaction.c 86 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119212021212122212321242125212621272128212921302131213221332134213521362137213821392140214121422143214421452146214721482149215021512152215321542155215621572158215921602161216221632164216521662167216821692170217121722173217421752176217721782179218021812182218321842185218621872188218921902191219221932194219521962197219821992200220122022203220422052206220722082209221022112212221322142215221622172218221922202221222222232224222522262227222822292230223122322233223422352236223722382239224022412242224322442245224622472248224922502251225222532254225522562257225822592260226122622263226422652266226722682269227022712272227322742275227622772278227922802281228222832284228522862287228822892290229122922293229422952296229722982299230023012302230323042305230623072308230923102311231223132314231523162317231823192320232123222323232423252326232723282329233023312332233323342335233623372338233923402341234223432344234523462347234823492350235123522353235423552356235723582359236023612362236323642365236623672368236923702371237223732374237523762377237823792380238123822383238423852386238723882389239023912392239323942395239623972398239924002401240224032404240524062407240824092410241124122413241424152416241724182419242024212422242324242425242624272428242924302431243224332434243524362437243824392440244124422443244424452446244724482449245024512452245324542455245624572458245924602461246224632464246524662467246824692470247124722473247424752476247724782479248024812482248324842485248624872488248924902491249224932494249524962497249824992500250125022503250425052506250725082509251025112512251325142515251625172518251925202521252225232524252525262527252825292530253125322533253425352536253725382539254025412542254325442545254625472548254925502551255225532554255525562557255825592560256125622563256425652566256725682569257025712572257325742575257625772578257925802581258225832584258525862587258825892590259125922593259425952596259725982599260026012602260326042605260626072608260926102611261226132614261526162617261826192620262126222623262426252626262726282629263026312632263326342635263626372638263926402641264226432644264526462647264826492650265126522653265426552656265726582659266026612662266326642665266626672668266926702671267226732674267526762677267826792680268126822683268426852686268726882689269026912692269326942695269626972698269927002701270227032704270527062707270827092710271127122713271427152716271727182719272027212722272327242725272627272728272927302731273227332734273527362737273827392740274127422743274427452746274727482749275027512752275327542755275627572758275927602761
  1. // SPDX-License-Identifier: GPL-2.0+
  2. /*
  3. * linux/fs/jbd2/transaction.c
  4. *
  5. * Written by Stephen C. Tweedie <sct@redhat.com>, 1998
  6. *
  7. * Copyright 1998 Red Hat corp --- All Rights Reserved
  8. *
  9. * Generic filesystem transaction handling code; part of the ext2fs
  10. * journaling system.
  11. *
  12. * This file manages transactions (compound commits managed by the
  13. * journaling code) and handles (individual atomic operations by the
  14. * filesystem).
  15. */
  16. #include <linux/time.h>
  17. #include <linux/fs.h>
  18. #include <linux/jbd2.h>
  19. #include <linux/errno.h>
  20. #include <linux/slab.h>
  21. #include <linux/timer.h>
  22. #include <linux/mm.h>
  23. #include <linux/highmem.h>
  24. #include <linux/hrtimer.h>
  25. #include <linux/backing-dev.h>
  26. #include <linux/bug.h>
  27. #include <linux/module.h>
  28. #include <linux/sched/mm.h>
  29. #include <trace/events/jbd2.h>
  30. static void __jbd2_journal_temp_unlink_buffer(struct journal_head *jh);
  31. static void __jbd2_journal_unfile_buffer(struct journal_head *jh);
  32. static struct kmem_cache *transaction_cache;
  33. int __init jbd2_journal_init_transaction_cache(void)
  34. {
  35. J_ASSERT(!transaction_cache);
  36. transaction_cache = kmem_cache_create("jbd2_transaction_s",
  37. sizeof(transaction_t),
  38. 0,
  39. SLAB_HWCACHE_ALIGN|SLAB_TEMPORARY,
  40. NULL);
  41. if (!transaction_cache) {
  42. pr_emerg("JBD2: failed to create transaction cache\n");
  43. return -ENOMEM;
  44. }
  45. return 0;
  46. }
  47. void jbd2_journal_destroy_transaction_cache(void)
  48. {
  49. kmem_cache_destroy(transaction_cache);
  50. transaction_cache = NULL;
  51. }
  52. void jbd2_journal_free_transaction(transaction_t *transaction)
  53. {
  54. if (unlikely(ZERO_OR_NULL_PTR(transaction)))
  55. return;
  56. kmem_cache_free(transaction_cache, transaction);
  57. }
  58. /*
  59. * jbd2_get_transaction: obtain a new transaction_t object.
  60. *
  61. * Simply initialise a new transaction. Initialize it in
  62. * RUNNING state and add it to the current journal (which should not
  63. * have an existing running transaction: we only make a new transaction
  64. * once we have started to commit the old one).
  65. *
  66. * Preconditions:
  67. * The journal MUST be locked. We don't perform atomic mallocs on the
  68. * new transaction and we can't block without protecting against other
  69. * processes trying to touch the journal while it is in transition.
  70. *
  71. */
  72. static void jbd2_get_transaction(journal_t *journal,
  73. transaction_t *transaction)
  74. {
  75. transaction->t_journal = journal;
  76. transaction->t_state = T_RUNNING;
  77. transaction->t_start_time = ktime_get();
  78. transaction->t_tid = journal->j_transaction_sequence++;
  79. transaction->t_expires = jiffies + journal->j_commit_interval;
  80. atomic_set(&transaction->t_updates, 0);
  81. atomic_set(&transaction->t_outstanding_credits,
  82. journal->j_transaction_overhead_buffers +
  83. atomic_read(&journal->j_reserved_credits));
  84. atomic_set(&transaction->t_outstanding_revokes, 0);
  85. atomic_set(&transaction->t_handle_count, 0);
  86. INIT_LIST_HEAD(&transaction->t_inode_list);
  87. /* Set up the commit timer for the new transaction. */
  88. journal->j_commit_timer.expires = round_jiffies_up(transaction->t_expires);
  89. add_timer(&journal->j_commit_timer);
  90. J_ASSERT(journal->j_running_transaction == NULL);
  91. journal->j_running_transaction = transaction;
  92. transaction->t_max_wait = 0;
  93. transaction->t_start = jiffies;
  94. transaction->t_requested = 0;
  95. }
  96. /*
  97. * Handle management.
  98. *
  99. * A handle_t is an object which represents a single atomic update to a
  100. * filesystem, and which tracks all of the modifications which form part
  101. * of that one update.
  102. */
  103. /*
  104. * t_max_wait is carefully updated here with use of atomic compare exchange.
  105. * Note that there could be multiplre threads trying to do this simultaneously
  106. * hence using cmpxchg to avoid any use of locks in this case.
  107. */
  108. static inline void update_t_max_wait(transaction_t *transaction,
  109. unsigned long ts)
  110. {
  111. unsigned long oldts, newts;
  112. if (time_after(transaction->t_start, ts)) {
  113. newts = jbd2_time_diff(ts, transaction->t_start);
  114. oldts = READ_ONCE(transaction->t_max_wait);
  115. while (oldts < newts)
  116. oldts = cmpxchg(&transaction->t_max_wait, oldts, newts);
  117. }
  118. }
  119. /*
  120. * Wait until running transaction passes to T_FLUSH state and new transaction
  121. * can thus be started. Also starts the commit if needed. The function expects
  122. * running transaction to exist and releases j_state_lock.
  123. */
  124. static void wait_transaction_locked(journal_t *journal)
  125. __releases(journal->j_state_lock)
  126. {
  127. DEFINE_WAIT(wait);
  128. int need_to_start;
  129. tid_t tid = journal->j_running_transaction->t_tid;
  130. prepare_to_wait_exclusive(&journal->j_wait_transaction_locked, &wait,
  131. TASK_UNINTERRUPTIBLE);
  132. need_to_start = !tid_geq(journal->j_commit_request, tid);
  133. read_unlock(&journal->j_state_lock);
  134. if (need_to_start)
  135. jbd2_log_start_commit(journal, tid);
  136. jbd2_might_wait_for_commit(journal);
  137. schedule();
  138. finish_wait(&journal->j_wait_transaction_locked, &wait);
  139. }
  140. /*
  141. * Wait until running transaction transitions from T_SWITCH to T_FLUSH
  142. * state and new transaction can thus be started. The function releases
  143. * j_state_lock.
  144. */
  145. static void wait_transaction_switching(journal_t *journal)
  146. __releases(journal->j_state_lock)
  147. {
  148. DEFINE_WAIT(wait);
  149. if (WARN_ON(!journal->j_running_transaction ||
  150. journal->j_running_transaction->t_state != T_SWITCH)) {
  151. read_unlock(&journal->j_state_lock);
  152. return;
  153. }
  154. prepare_to_wait_exclusive(&journal->j_wait_transaction_locked, &wait,
  155. TASK_UNINTERRUPTIBLE);
  156. read_unlock(&journal->j_state_lock);
  157. /*
  158. * We don't call jbd2_might_wait_for_commit() here as there's no
  159. * waiting for outstanding handles happening anymore in T_SWITCH state
  160. * and handling of reserved handles actually relies on that for
  161. * correctness.
  162. */
  163. schedule();
  164. finish_wait(&journal->j_wait_transaction_locked, &wait);
  165. }
  166. static void sub_reserved_credits(journal_t *journal, int blocks)
  167. {
  168. atomic_sub(blocks, &journal->j_reserved_credits);
  169. wake_up(&journal->j_wait_reserved);
  170. }
  171. /* Maximum number of blocks for user transaction payload */
  172. static int jbd2_max_user_trans_buffers(journal_t *journal)
  173. {
  174. return journal->j_max_transaction_buffers -
  175. journal->j_transaction_overhead_buffers;
  176. }
  177. /*
  178. * Wait until we can add credits for handle to the running transaction. Called
  179. * with j_state_lock held for reading. Returns 0 if handle joined the running
  180. * transaction. Returns 1 if we had to wait, j_state_lock is dropped, and
  181. * caller must retry.
  182. *
  183. * Note: because j_state_lock may be dropped depending on the return
  184. * value, we need to fake out sparse so ti doesn't complain about a
  185. * locking imbalance. Callers of add_transaction_credits will need to
  186. * make a similar accomodation.
  187. */
  188. static int add_transaction_credits(journal_t *journal, int blocks,
  189. int rsv_blocks)
  190. __must_hold(&journal->j_state_lock)
  191. {
  192. transaction_t *t = journal->j_running_transaction;
  193. int needed;
  194. int total = blocks + rsv_blocks;
  195. /*
  196. * If the current transaction is locked down for commit, wait
  197. * for the lock to be released.
  198. */
  199. if (t->t_state != T_RUNNING) {
  200. WARN_ON_ONCE(t->t_state >= T_FLUSH);
  201. wait_transaction_locked(journal);
  202. __acquire(&journal->j_state_lock); /* fake out sparse */
  203. return 1;
  204. }
  205. /*
  206. * If there is not enough space left in the log to write all
  207. * potential buffers requested by this operation, we need to
  208. * stall pending a log checkpoint to free some more log space.
  209. */
  210. needed = atomic_add_return(total, &t->t_outstanding_credits);
  211. if (needed > journal->j_max_transaction_buffers) {
  212. /*
  213. * If the current transaction is already too large,
  214. * then start to commit it: we can then go back and
  215. * attach this handle to a new transaction.
  216. */
  217. atomic_sub(total, &t->t_outstanding_credits);
  218. /*
  219. * Is the number of reserved credits in the current transaction too
  220. * big to fit this handle? Wait until reserved credits are freed.
  221. */
  222. if (atomic_read(&journal->j_reserved_credits) + total >
  223. jbd2_max_user_trans_buffers(journal)) {
  224. read_unlock(&journal->j_state_lock);
  225. jbd2_might_wait_for_commit(journal);
  226. wait_event(journal->j_wait_reserved,
  227. atomic_read(&journal->j_reserved_credits) + total <=
  228. jbd2_max_user_trans_buffers(journal));
  229. __acquire(&journal->j_state_lock); /* fake out sparse */
  230. return 1;
  231. }
  232. wait_transaction_locked(journal);
  233. __acquire(&journal->j_state_lock); /* fake out sparse */
  234. return 1;
  235. }
  236. /*
  237. * The commit code assumes that it can get enough log space
  238. * without forcing a checkpoint. This is *critical* for
  239. * correctness: a checkpoint of a buffer which is also
  240. * associated with a committing transaction creates a deadlock,
  241. * so commit simply cannot force through checkpoints.
  242. *
  243. * We must therefore ensure the necessary space in the journal
  244. * *before* starting to dirty potentially checkpointed buffers
  245. * in the new transaction.
  246. */
  247. if (jbd2_log_space_left(journal) < journal->j_max_transaction_buffers) {
  248. atomic_sub(total, &t->t_outstanding_credits);
  249. read_unlock(&journal->j_state_lock);
  250. jbd2_might_wait_for_commit(journal);
  251. write_lock(&journal->j_state_lock);
  252. if (jbd2_log_space_left(journal) <
  253. journal->j_max_transaction_buffers)
  254. __jbd2_log_wait_for_space(journal);
  255. write_unlock(&journal->j_state_lock);
  256. __acquire(&journal->j_state_lock); /* fake out sparse */
  257. return 1;
  258. }
  259. /* No reservation? We are done... */
  260. if (!rsv_blocks)
  261. return 0;
  262. needed = atomic_add_return(rsv_blocks, &journal->j_reserved_credits);
  263. /* We allow at most half of a transaction to be reserved */
  264. if (needed > jbd2_max_user_trans_buffers(journal) / 2) {
  265. sub_reserved_credits(journal, rsv_blocks);
  266. atomic_sub(total, &t->t_outstanding_credits);
  267. read_unlock(&journal->j_state_lock);
  268. jbd2_might_wait_for_commit(journal);
  269. wait_event(journal->j_wait_reserved,
  270. atomic_read(&journal->j_reserved_credits) + rsv_blocks
  271. <= jbd2_max_user_trans_buffers(journal) / 2);
  272. __acquire(&journal->j_state_lock); /* fake out sparse */
  273. return 1;
  274. }
  275. return 0;
  276. }
  277. /*
  278. * start_this_handle: Given a handle, deal with any locking or stalling
  279. * needed to make sure that there is enough journal space for the handle
  280. * to begin. Attach the handle to a transaction and set up the
  281. * transaction's buffer credits.
  282. */
  283. static int start_this_handle(journal_t *journal, handle_t *handle,
  284. gfp_t gfp_mask)
  285. {
  286. transaction_t *transaction, *new_transaction = NULL;
  287. int blocks = handle->h_total_credits;
  288. int rsv_blocks = 0;
  289. unsigned long ts = jiffies;
  290. if (handle->h_rsv_handle)
  291. rsv_blocks = handle->h_rsv_handle->h_total_credits;
  292. /*
  293. * Limit the number of reserved credits to 1/2 of maximum transaction
  294. * size and limit the number of total credits to not exceed maximum
  295. * transaction size per operation.
  296. */
  297. if (rsv_blocks > jbd2_max_user_trans_buffers(journal) / 2 ||
  298. rsv_blocks + blocks > jbd2_max_user_trans_buffers(journal)) {
  299. printk(KERN_ERR "JBD2: %s wants too many credits "
  300. "credits:%d rsv_credits:%d max:%d\n",
  301. current->comm, blocks, rsv_blocks,
  302. jbd2_max_user_trans_buffers(journal));
  303. WARN_ON(1);
  304. return -ENOSPC;
  305. }
  306. alloc_transaction:
  307. /*
  308. * This check is racy but it is just an optimization of allocating new
  309. * transaction early if there are high chances we'll need it. If we
  310. * guess wrong, we'll retry or free unused transaction.
  311. */
  312. if (!data_race(journal->j_running_transaction)) {
  313. /*
  314. * If __GFP_FS is not present, then we may be being called from
  315. * inside the fs writeback layer, so we MUST NOT fail.
  316. */
  317. if ((gfp_mask & __GFP_FS) == 0)
  318. gfp_mask |= __GFP_NOFAIL;
  319. new_transaction = kmem_cache_zalloc(transaction_cache,
  320. gfp_mask);
  321. if (!new_transaction)
  322. return -ENOMEM;
  323. }
  324. jbd2_debug(3, "New handle %p going live.\n", handle);
  325. /*
  326. * We need to hold j_state_lock until t_updates has been incremented,
  327. * for proper journal barrier handling
  328. */
  329. repeat:
  330. read_lock(&journal->j_state_lock);
  331. BUG_ON(journal->j_flags & JBD2_UNMOUNT);
  332. if (is_journal_aborted(journal) ||
  333. (journal->j_errno != 0 && !(journal->j_flags & JBD2_ACK_ERR))) {
  334. read_unlock(&journal->j_state_lock);
  335. jbd2_journal_free_transaction(new_transaction);
  336. return -EROFS;
  337. }
  338. /*
  339. * Wait on the journal's transaction barrier if necessary. Specifically
  340. * we allow reserved handles to proceed because otherwise commit could
  341. * deadlock on page writeback not being able to complete.
  342. */
  343. if (!handle->h_reserved && journal->j_barrier_count) {
  344. read_unlock(&journal->j_state_lock);
  345. wait_event(journal->j_wait_transaction_locked,
  346. journal->j_barrier_count == 0);
  347. goto repeat;
  348. }
  349. if (!journal->j_running_transaction) {
  350. read_unlock(&journal->j_state_lock);
  351. if (!new_transaction)
  352. goto alloc_transaction;
  353. write_lock(&journal->j_state_lock);
  354. if (!journal->j_running_transaction &&
  355. (handle->h_reserved || !journal->j_barrier_count)) {
  356. jbd2_get_transaction(journal, new_transaction);
  357. new_transaction = NULL;
  358. }
  359. write_unlock(&journal->j_state_lock);
  360. goto repeat;
  361. }
  362. transaction = journal->j_running_transaction;
  363. if (!handle->h_reserved) {
  364. /* We may have dropped j_state_lock - restart in that case */
  365. if (add_transaction_credits(journal, blocks, rsv_blocks)) {
  366. /*
  367. * add_transaction_credits releases
  368. * j_state_lock on a non-zero return
  369. */
  370. __release(&journal->j_state_lock);
  371. goto repeat;
  372. }
  373. } else {
  374. /*
  375. * We have handle reserved so we are allowed to join T_LOCKED
  376. * transaction and we don't have to check for transaction size
  377. * and journal space. But we still have to wait while running
  378. * transaction is being switched to a committing one as it
  379. * won't wait for any handles anymore.
  380. */
  381. if (transaction->t_state == T_SWITCH) {
  382. wait_transaction_switching(journal);
  383. goto repeat;
  384. }
  385. sub_reserved_credits(journal, blocks);
  386. handle->h_reserved = 0;
  387. }
  388. /* OK, account for the buffers that this operation expects to
  389. * use and add the handle to the running transaction.
  390. */
  391. update_t_max_wait(transaction, ts);
  392. handle->h_transaction = transaction;
  393. handle->h_requested_credits = blocks;
  394. handle->h_revoke_credits_requested = handle->h_revoke_credits;
  395. handle->h_start_jiffies = jiffies;
  396. atomic_inc(&transaction->t_updates);
  397. atomic_inc(&transaction->t_handle_count);
  398. jbd2_debug(4, "Handle %p given %d credits (total %d, free %lu)\n",
  399. handle, blocks,
  400. atomic_read(&transaction->t_outstanding_credits),
  401. jbd2_log_space_left(journal));
  402. read_unlock(&journal->j_state_lock);
  403. current->journal_info = handle;
  404. rwsem_acquire_read(&journal->j_trans_commit_map, 0, 1, _THIS_IP_);
  405. jbd2_journal_free_transaction(new_transaction);
  406. /*
  407. * Ensure that no allocations done while the transaction is open are
  408. * going to recurse back to the fs layer.
  409. */
  410. handle->saved_alloc_context = memalloc_nofs_save();
  411. return 0;
  412. }
  413. /* Allocate a new handle. This should probably be in a slab... */
  414. static handle_t *new_handle(int nblocks)
  415. {
  416. handle_t *handle = jbd2_alloc_handle(GFP_NOFS);
  417. if (!handle)
  418. return NULL;
  419. handle->h_total_credits = nblocks;
  420. handle->h_ref = 1;
  421. return handle;
  422. }
  423. handle_t *jbd2__journal_start(journal_t *journal, int nblocks, int rsv_blocks,
  424. int revoke_records, gfp_t gfp_mask,
  425. unsigned int type, unsigned int line_no)
  426. {
  427. handle_t *handle = journal_current_handle();
  428. int err;
  429. if (!journal)
  430. return ERR_PTR(-EROFS);
  431. if (handle) {
  432. J_ASSERT(handle->h_transaction->t_journal == journal);
  433. handle->h_ref++;
  434. return handle;
  435. }
  436. nblocks += DIV_ROUND_UP(revoke_records,
  437. journal->j_revoke_records_per_block);
  438. handle = new_handle(nblocks);
  439. if (!handle)
  440. return ERR_PTR(-ENOMEM);
  441. if (rsv_blocks) {
  442. handle_t *rsv_handle;
  443. rsv_handle = new_handle(rsv_blocks);
  444. if (!rsv_handle) {
  445. jbd2_free_handle(handle);
  446. return ERR_PTR(-ENOMEM);
  447. }
  448. rsv_handle->h_reserved = 1;
  449. rsv_handle->h_journal = journal;
  450. handle->h_rsv_handle = rsv_handle;
  451. }
  452. handle->h_revoke_credits = revoke_records;
  453. err = start_this_handle(journal, handle, gfp_mask);
  454. if (err < 0) {
  455. if (handle->h_rsv_handle)
  456. jbd2_free_handle(handle->h_rsv_handle);
  457. jbd2_free_handle(handle);
  458. return ERR_PTR(err);
  459. }
  460. handle->h_type = type;
  461. handle->h_line_no = line_no;
  462. trace_jbd2_handle_start(journal->j_fs_dev->bd_dev,
  463. handle->h_transaction->t_tid, type,
  464. line_no, nblocks);
  465. return handle;
  466. }
  467. EXPORT_SYMBOL(jbd2__journal_start);
  468. /**
  469. * jbd2_journal_start() - Obtain a new handle.
  470. * @journal: Journal to start transaction on.
  471. * @nblocks: number of block buffer we might modify
  472. *
  473. * We make sure that the transaction can guarantee at least nblocks of
  474. * modified buffers in the log. We block until the log can guarantee
  475. * that much space. Additionally, if rsv_blocks > 0, we also create another
  476. * handle with rsv_blocks reserved blocks in the journal. This handle is
  477. * stored in h_rsv_handle. It is not attached to any particular transaction
  478. * and thus doesn't block transaction commit. If the caller uses this reserved
  479. * handle, it has to set h_rsv_handle to NULL as otherwise jbd2_journal_stop()
  480. * on the parent handle will dispose the reserved one. Reserved handle has to
  481. * be converted to a normal handle using jbd2_journal_start_reserved() before
  482. * it can be used.
  483. *
  484. * Return a pointer to a newly allocated handle, or an ERR_PTR() value
  485. * on failure.
  486. */
  487. handle_t *jbd2_journal_start(journal_t *journal, int nblocks)
  488. {
  489. return jbd2__journal_start(journal, nblocks, 0, 0, GFP_NOFS, 0, 0);
  490. }
  491. EXPORT_SYMBOL(jbd2_journal_start);
  492. static void __jbd2_journal_unreserve_handle(handle_t *handle, transaction_t *t)
  493. {
  494. journal_t *journal = handle->h_journal;
  495. WARN_ON(!handle->h_reserved);
  496. sub_reserved_credits(journal, handle->h_total_credits);
  497. if (t)
  498. atomic_sub(handle->h_total_credits, &t->t_outstanding_credits);
  499. }
  500. void jbd2_journal_free_reserved(handle_t *handle)
  501. {
  502. journal_t *journal = handle->h_journal;
  503. /* Get j_state_lock to pin running transaction if it exists */
  504. read_lock(&journal->j_state_lock);
  505. __jbd2_journal_unreserve_handle(handle, journal->j_running_transaction);
  506. read_unlock(&journal->j_state_lock);
  507. jbd2_free_handle(handle);
  508. }
  509. EXPORT_SYMBOL(jbd2_journal_free_reserved);
  510. /**
  511. * jbd2_journal_start_reserved() - start reserved handle
  512. * @handle: handle to start
  513. * @type: for handle statistics
  514. * @line_no: for handle statistics
  515. *
  516. * Start handle that has been previously reserved with jbd2_journal_reserve().
  517. * This attaches @handle to the running transaction (or creates one if there's
  518. * not transaction running). Unlike jbd2_journal_start() this function cannot
  519. * block on journal commit, checkpointing, or similar stuff. It can block on
  520. * memory allocation or frozen journal though.
  521. *
  522. * Return 0 on success, non-zero on error - handle is freed in that case.
  523. */
  524. int jbd2_journal_start_reserved(handle_t *handle, unsigned int type,
  525. unsigned int line_no)
  526. {
  527. journal_t *journal = handle->h_journal;
  528. int ret = -EIO;
  529. if (WARN_ON(!handle->h_reserved)) {
  530. /* Someone passed in normal handle? Just stop it. */
  531. jbd2_journal_stop(handle);
  532. return ret;
  533. }
  534. /*
  535. * Usefulness of mixing of reserved and unreserved handles is
  536. * questionable. So far nobody seems to need it so just error out.
  537. */
  538. if (WARN_ON(current->journal_info)) {
  539. jbd2_journal_free_reserved(handle);
  540. return ret;
  541. }
  542. handle->h_journal = NULL;
  543. /*
  544. * GFP_NOFS is here because callers are likely from writeback or
  545. * similarly constrained call sites
  546. */
  547. ret = start_this_handle(journal, handle, GFP_NOFS);
  548. if (ret < 0) {
  549. handle->h_journal = journal;
  550. jbd2_journal_free_reserved(handle);
  551. return ret;
  552. }
  553. handle->h_type = type;
  554. handle->h_line_no = line_no;
  555. trace_jbd2_handle_start(journal->j_fs_dev->bd_dev,
  556. handle->h_transaction->t_tid, type,
  557. line_no, handle->h_total_credits);
  558. return 0;
  559. }
  560. EXPORT_SYMBOL(jbd2_journal_start_reserved);
  561. /**
  562. * jbd2_journal_extend() - extend buffer credits.
  563. * @handle: handle to 'extend'
  564. * @nblocks: nr blocks to try to extend by.
  565. * @revoke_records: number of revoke records to try to extend by.
  566. *
  567. * Some transactions, such as large extends and truncates, can be done
  568. * atomically all at once or in several stages. The operation requests
  569. * a credit for a number of buffer modifications in advance, but can
  570. * extend its credit if it needs more.
  571. *
  572. * jbd2_journal_extend tries to give the running handle more buffer credits.
  573. * It does not guarantee that allocation - this is a best-effort only.
  574. * The calling process MUST be able to deal cleanly with a failure to
  575. * extend here.
  576. *
  577. * Return 0 on success, non-zero on failure.
  578. *
  579. * return code < 0 implies an error
  580. * return code > 0 implies normal transaction-full status.
  581. */
  582. int jbd2_journal_extend(handle_t *handle, int nblocks, int revoke_records)
  583. {
  584. transaction_t *transaction = handle->h_transaction;
  585. journal_t *journal;
  586. int result;
  587. int wanted;
  588. if (is_handle_aborted(handle))
  589. return -EROFS;
  590. journal = transaction->t_journal;
  591. result = 1;
  592. read_lock(&journal->j_state_lock);
  593. /* Don't extend a locked-down transaction! */
  594. if (transaction->t_state != T_RUNNING) {
  595. jbd2_debug(3, "denied handle %p %d blocks: "
  596. "transaction not running\n", handle, nblocks);
  597. goto error_out;
  598. }
  599. nblocks += DIV_ROUND_UP(
  600. handle->h_revoke_credits_requested + revoke_records,
  601. journal->j_revoke_records_per_block) -
  602. DIV_ROUND_UP(
  603. handle->h_revoke_credits_requested,
  604. journal->j_revoke_records_per_block);
  605. wanted = atomic_add_return(nblocks,
  606. &transaction->t_outstanding_credits);
  607. if (wanted > journal->j_max_transaction_buffers) {
  608. jbd2_debug(3, "denied handle %p %d blocks: "
  609. "transaction too large\n", handle, nblocks);
  610. atomic_sub(nblocks, &transaction->t_outstanding_credits);
  611. goto error_out;
  612. }
  613. trace_jbd2_handle_extend(journal->j_fs_dev->bd_dev,
  614. transaction->t_tid,
  615. handle->h_type, handle->h_line_no,
  616. handle->h_total_credits,
  617. nblocks);
  618. handle->h_total_credits += nblocks;
  619. handle->h_requested_credits += nblocks;
  620. handle->h_revoke_credits += revoke_records;
  621. handle->h_revoke_credits_requested += revoke_records;
  622. result = 0;
  623. jbd2_debug(3, "extended handle %p by %d\n", handle, nblocks);
  624. error_out:
  625. read_unlock(&journal->j_state_lock);
  626. return result;
  627. }
  628. static void stop_this_handle(handle_t *handle)
  629. {
  630. transaction_t *transaction = handle->h_transaction;
  631. journal_t *journal = transaction->t_journal;
  632. int revokes;
  633. J_ASSERT(journal_current_handle() == handle);
  634. J_ASSERT(atomic_read(&transaction->t_updates) > 0);
  635. current->journal_info = NULL;
  636. /*
  637. * Subtract necessary revoke descriptor blocks from handle credits. We
  638. * take care to account only for revoke descriptor blocks the
  639. * transaction will really need as large sequences of transactions with
  640. * small numbers of revokes are relatively common.
  641. */
  642. revokes = handle->h_revoke_credits_requested - handle->h_revoke_credits;
  643. if (revokes) {
  644. int t_revokes, revoke_descriptors;
  645. int rr_per_blk = journal->j_revoke_records_per_block;
  646. WARN_ON_ONCE(DIV_ROUND_UP(revokes, rr_per_blk)
  647. > handle->h_total_credits);
  648. t_revokes = atomic_add_return(revokes,
  649. &transaction->t_outstanding_revokes);
  650. revoke_descriptors =
  651. DIV_ROUND_UP(t_revokes, rr_per_blk) -
  652. DIV_ROUND_UP(t_revokes - revokes, rr_per_blk);
  653. handle->h_total_credits -= revoke_descriptors;
  654. }
  655. atomic_sub(handle->h_total_credits,
  656. &transaction->t_outstanding_credits);
  657. if (handle->h_rsv_handle)
  658. __jbd2_journal_unreserve_handle(handle->h_rsv_handle,
  659. transaction);
  660. if (atomic_dec_and_test(&transaction->t_updates))
  661. wake_up(&journal->j_wait_updates);
  662. rwsem_release(&journal->j_trans_commit_map, _THIS_IP_);
  663. /*
  664. * Scope of the GFP_NOFS context is over here and so we can restore the
  665. * original alloc context.
  666. */
  667. memalloc_nofs_restore(handle->saved_alloc_context);
  668. }
  669. /**
  670. * jbd2__journal_restart() - restart a handle .
  671. * @handle: handle to restart
  672. * @nblocks: nr credits requested
  673. * @revoke_records: number of revoke record credits requested
  674. * @gfp_mask: memory allocation flags (for start_this_handle)
  675. *
  676. * Restart a handle for a multi-transaction filesystem
  677. * operation.
  678. *
  679. * If the jbd2_journal_extend() call above fails to grant new buffer credits
  680. * to a running handle, a call to jbd2_journal_restart will commit the
  681. * handle's transaction so far and reattach the handle to a new
  682. * transaction capable of guaranteeing the requested number of
  683. * credits. We preserve reserved handle if there's any attached to the
  684. * passed in handle.
  685. */
  686. int jbd2__journal_restart(handle_t *handle, int nblocks, int revoke_records,
  687. gfp_t gfp_mask)
  688. {
  689. transaction_t *transaction = handle->h_transaction;
  690. journal_t *journal;
  691. tid_t tid;
  692. int need_to_start;
  693. int ret;
  694. /* If we've had an abort of any type, don't even think about
  695. * actually doing the restart! */
  696. if (is_handle_aborted(handle))
  697. return 0;
  698. journal = transaction->t_journal;
  699. tid = transaction->t_tid;
  700. /*
  701. * First unlink the handle from its current transaction, and start the
  702. * commit on that.
  703. */
  704. jbd2_debug(2, "restarting handle %p\n", handle);
  705. stop_this_handle(handle);
  706. handle->h_transaction = NULL;
  707. /*
  708. * TODO: If we use READ_ONCE / WRITE_ONCE for j_commit_request we can
  709. * get rid of pointless j_state_lock traffic like this.
  710. */
  711. read_lock(&journal->j_state_lock);
  712. need_to_start = !tid_geq(journal->j_commit_request, tid);
  713. read_unlock(&journal->j_state_lock);
  714. if (need_to_start)
  715. jbd2_log_start_commit(journal, tid);
  716. handle->h_total_credits = nblocks +
  717. DIV_ROUND_UP(revoke_records,
  718. journal->j_revoke_records_per_block);
  719. handle->h_revoke_credits = revoke_records;
  720. ret = start_this_handle(journal, handle, gfp_mask);
  721. trace_jbd2_handle_restart(journal->j_fs_dev->bd_dev,
  722. ret ? 0 : handle->h_transaction->t_tid,
  723. handle->h_type, handle->h_line_no,
  724. handle->h_total_credits);
  725. return ret;
  726. }
  727. EXPORT_SYMBOL(jbd2__journal_restart);
  728. int jbd2_journal_restart(handle_t *handle, int nblocks)
  729. {
  730. return jbd2__journal_restart(handle, nblocks, 0, GFP_NOFS);
  731. }
  732. EXPORT_SYMBOL(jbd2_journal_restart);
  733. /*
  734. * Waits for any outstanding t_updates to finish.
  735. * This is called with write j_state_lock held.
  736. */
  737. void jbd2_journal_wait_updates(journal_t *journal)
  738. {
  739. DEFINE_WAIT(wait);
  740. while (1) {
  741. /*
  742. * Note that the running transaction can get freed under us if
  743. * this transaction is getting committed in
  744. * jbd2_journal_commit_transaction() ->
  745. * jbd2_journal_free_transaction(). This can only happen when we
  746. * release j_state_lock -> schedule() -> acquire j_state_lock.
  747. * Hence we should everytime retrieve new j_running_transaction
  748. * value (after j_state_lock release acquire cycle), else it may
  749. * lead to use-after-free of old freed transaction.
  750. */
  751. transaction_t *transaction = journal->j_running_transaction;
  752. if (!transaction)
  753. break;
  754. prepare_to_wait(&journal->j_wait_updates, &wait,
  755. TASK_UNINTERRUPTIBLE);
  756. if (!atomic_read(&transaction->t_updates)) {
  757. finish_wait(&journal->j_wait_updates, &wait);
  758. break;
  759. }
  760. write_unlock(&journal->j_state_lock);
  761. schedule();
  762. finish_wait(&journal->j_wait_updates, &wait);
  763. write_lock(&journal->j_state_lock);
  764. }
  765. }
  766. /**
  767. * jbd2_journal_lock_updates () - establish a transaction barrier.
  768. * @journal: Journal to establish a barrier on.
  769. *
  770. * This locks out any further updates from being started, and blocks
  771. * until all existing updates have completed, returning only once the
  772. * journal is in a quiescent state with no updates running.
  773. *
  774. * The journal lock should not be held on entry.
  775. */
  776. void jbd2_journal_lock_updates(journal_t *journal)
  777. {
  778. jbd2_might_wait_for_commit(journal);
  779. write_lock(&journal->j_state_lock);
  780. ++journal->j_barrier_count;
  781. /* Wait until there are no reserved handles */
  782. if (atomic_read(&journal->j_reserved_credits)) {
  783. write_unlock(&journal->j_state_lock);
  784. wait_event(journal->j_wait_reserved,
  785. atomic_read(&journal->j_reserved_credits) == 0);
  786. write_lock(&journal->j_state_lock);
  787. }
  788. /* Wait until there are no running t_updates */
  789. jbd2_journal_wait_updates(journal);
  790. write_unlock(&journal->j_state_lock);
  791. /*
  792. * We have now established a barrier against other normal updates, but
  793. * we also need to barrier against other jbd2_journal_lock_updates() calls
  794. * to make sure that we serialise special journal-locked operations
  795. * too.
  796. */
  797. mutex_lock(&journal->j_barrier);
  798. }
  799. /**
  800. * jbd2_journal_unlock_updates () - release barrier
  801. * @journal: Journal to release the barrier on.
  802. *
  803. * Release a transaction barrier obtained with jbd2_journal_lock_updates().
  804. *
  805. * Should be called without the journal lock held.
  806. */
  807. void jbd2_journal_unlock_updates (journal_t *journal)
  808. {
  809. J_ASSERT(journal->j_barrier_count != 0);
  810. mutex_unlock(&journal->j_barrier);
  811. write_lock(&journal->j_state_lock);
  812. --journal->j_barrier_count;
  813. write_unlock(&journal->j_state_lock);
  814. wake_up_all(&journal->j_wait_transaction_locked);
  815. }
  816. static void warn_dirty_buffer(struct buffer_head *bh)
  817. {
  818. printk(KERN_WARNING
  819. "JBD2: Spotted dirty metadata buffer (dev = %pg, blocknr = %llu). "
  820. "There's a risk of filesystem corruption in case of system "
  821. "crash.\n",
  822. bh->b_bdev, (unsigned long long)bh->b_blocknr);
  823. }
  824. /* Call t_frozen trigger and copy buffer data into jh->b_frozen_data. */
  825. static void jbd2_freeze_jh_data(struct journal_head *jh)
  826. {
  827. char *source;
  828. struct buffer_head *bh = jh2bh(jh);
  829. J_EXPECT_JH(jh, buffer_uptodate(bh), "Possible IO failure.\n");
  830. source = kmap_local_folio(bh->b_folio, bh_offset(bh));
  831. /* Fire data frozen trigger just before we copy the data */
  832. jbd2_buffer_frozen_trigger(jh, source, jh->b_triggers);
  833. memcpy(jh->b_frozen_data, source, bh->b_size);
  834. kunmap_local(source);
  835. /*
  836. * Now that the frozen data is saved off, we need to store any matching
  837. * triggers.
  838. */
  839. jh->b_frozen_triggers = jh->b_triggers;
  840. }
  841. /*
  842. * If the buffer is already part of the current transaction, then there
  843. * is nothing we need to do. If it is already part of a prior
  844. * transaction which we are still committing to disk, then we need to
  845. * make sure that we do not overwrite the old copy: we do copy-out to
  846. * preserve the copy going to disk. We also account the buffer against
  847. * the handle's metadata buffer credits (unless the buffer is already
  848. * part of the transaction, that is).
  849. *
  850. */
  851. static int
  852. do_get_write_access(handle_t *handle, struct journal_head *jh,
  853. int force_copy)
  854. {
  855. struct buffer_head *bh;
  856. transaction_t *transaction = handle->h_transaction;
  857. journal_t *journal;
  858. int error;
  859. char *frozen_buffer = NULL;
  860. unsigned long start_lock, time_lock;
  861. journal = transaction->t_journal;
  862. jbd2_debug(5, "journal_head %p, force_copy %d\n", jh, force_copy);
  863. JBUFFER_TRACE(jh, "entry");
  864. repeat:
  865. bh = jh2bh(jh);
  866. /* @@@ Need to check for errors here at some point. */
  867. start_lock = jiffies;
  868. lock_buffer(bh);
  869. spin_lock(&jh->b_state_lock);
  870. /* If it takes too long to lock the buffer, trace it */
  871. time_lock = jbd2_time_diff(start_lock, jiffies);
  872. if (time_lock > HZ/10)
  873. trace_jbd2_lock_buffer_stall(bh->b_bdev->bd_dev,
  874. jiffies_to_msecs(time_lock));
  875. /* We now hold the buffer lock so it is safe to query the buffer
  876. * state. Is the buffer dirty?
  877. *
  878. * If so, there are two possibilities. The buffer may be
  879. * non-journaled, and undergoing a quite legitimate writeback.
  880. * Otherwise, it is journaled, and we don't expect dirty buffers
  881. * in that state (the buffers should be marked JBD_Dirty
  882. * instead.) So either the IO is being done under our own
  883. * control and this is a bug, or it's a third party IO such as
  884. * dump(8) (which may leave the buffer scheduled for read ---
  885. * ie. locked but not dirty) or tune2fs (which may actually have
  886. * the buffer dirtied, ugh.) */
  887. if (buffer_dirty(bh) && jh->b_transaction) {
  888. warn_dirty_buffer(bh);
  889. /*
  890. * We need to clean the dirty flag and we must do it under the
  891. * buffer lock to be sure we don't race with running write-out.
  892. */
  893. JBUFFER_TRACE(jh, "Journalling dirty buffer");
  894. clear_buffer_dirty(bh);
  895. /*
  896. * The buffer is going to be added to BJ_Reserved list now and
  897. * nothing guarantees jbd2_journal_dirty_metadata() will be
  898. * ever called for it. So we need to set jbddirty bit here to
  899. * make sure the buffer is dirtied and written out when the
  900. * journaling machinery is done with it.
  901. */
  902. set_buffer_jbddirty(bh);
  903. }
  904. error = -EROFS;
  905. if (is_handle_aborted(handle)) {
  906. spin_unlock(&jh->b_state_lock);
  907. unlock_buffer(bh);
  908. goto out;
  909. }
  910. error = 0;
  911. /*
  912. * The buffer is already part of this transaction if b_transaction or
  913. * b_next_transaction points to it
  914. */
  915. if (jh->b_transaction == transaction ||
  916. jh->b_next_transaction == transaction) {
  917. unlock_buffer(bh);
  918. goto done;
  919. }
  920. /*
  921. * this is the first time this transaction is touching this buffer,
  922. * reset the modified flag
  923. */
  924. jh->b_modified = 0;
  925. /*
  926. * If the buffer is not journaled right now, we need to make sure it
  927. * doesn't get written to disk before the caller actually commits the
  928. * new data
  929. */
  930. if (!jh->b_transaction) {
  931. JBUFFER_TRACE(jh, "no transaction");
  932. J_ASSERT_JH(jh, !jh->b_next_transaction);
  933. JBUFFER_TRACE(jh, "file as BJ_Reserved");
  934. /*
  935. * Make sure all stores to jh (b_modified, b_frozen_data) are
  936. * visible before attaching it to the running transaction.
  937. * Paired with barrier in jbd2_write_access_granted()
  938. */
  939. smp_wmb();
  940. spin_lock(&journal->j_list_lock);
  941. if (test_clear_buffer_dirty(bh)) {
  942. /*
  943. * Execute buffer dirty clearing and jh->b_transaction
  944. * assignment under journal->j_list_lock locked to
  945. * prevent bh being removed from checkpoint list if
  946. * the buffer is in an intermediate state (not dirty
  947. * and jh->b_transaction is NULL).
  948. */
  949. JBUFFER_TRACE(jh, "Journalling dirty buffer");
  950. set_buffer_jbddirty(bh);
  951. }
  952. __jbd2_journal_file_buffer(jh, transaction, BJ_Reserved);
  953. spin_unlock(&journal->j_list_lock);
  954. unlock_buffer(bh);
  955. goto done;
  956. }
  957. unlock_buffer(bh);
  958. /*
  959. * If there is already a copy-out version of this buffer, then we don't
  960. * need to make another one
  961. */
  962. if (jh->b_frozen_data) {
  963. JBUFFER_TRACE(jh, "has frozen data");
  964. J_ASSERT_JH(jh, jh->b_next_transaction == NULL);
  965. goto attach_next;
  966. }
  967. JBUFFER_TRACE(jh, "owned by older transaction");
  968. J_ASSERT_JH(jh, jh->b_next_transaction == NULL);
  969. J_ASSERT_JH(jh, jh->b_transaction == journal->j_committing_transaction);
  970. /*
  971. * There is one case we have to be very careful about. If the
  972. * committing transaction is currently writing this buffer out to disk
  973. * and has NOT made a copy-out, then we cannot modify the buffer
  974. * contents at all right now. The essence of copy-out is that it is
  975. * the extra copy, not the primary copy, which gets journaled. If the
  976. * primary copy is already going to disk then we cannot do copy-out
  977. * here.
  978. */
  979. if (buffer_shadow(bh)) {
  980. JBUFFER_TRACE(jh, "on shadow: sleep");
  981. spin_unlock(&jh->b_state_lock);
  982. wait_on_bit_io(&bh->b_state, BH_Shadow, TASK_UNINTERRUPTIBLE);
  983. goto repeat;
  984. }
  985. /*
  986. * Only do the copy if the currently-owning transaction still needs it.
  987. * If buffer isn't on BJ_Metadata list, the committing transaction is
  988. * past that stage (here we use the fact that BH_Shadow is set under
  989. * bh_state lock together with refiling to BJ_Shadow list and at this
  990. * point we know the buffer doesn't have BH_Shadow set).
  991. *
  992. * Subtle point, though: if this is a get_undo_access, then we will be
  993. * relying on the frozen_data to contain the new value of the
  994. * committed_data record after the transaction, so we HAVE to force the
  995. * frozen_data copy in that case.
  996. */
  997. if (jh->b_jlist == BJ_Metadata || force_copy) {
  998. JBUFFER_TRACE(jh, "generate frozen data");
  999. if (!frozen_buffer) {
  1000. JBUFFER_TRACE(jh, "allocate memory for buffer");
  1001. spin_unlock(&jh->b_state_lock);
  1002. frozen_buffer = jbd2_alloc(jh2bh(jh)->b_size,
  1003. GFP_NOFS | __GFP_NOFAIL);
  1004. goto repeat;
  1005. }
  1006. jh->b_frozen_data = frozen_buffer;
  1007. frozen_buffer = NULL;
  1008. jbd2_freeze_jh_data(jh);
  1009. }
  1010. attach_next:
  1011. /*
  1012. * Make sure all stores to jh (b_modified, b_frozen_data) are visible
  1013. * before attaching it to the running transaction. Paired with barrier
  1014. * in jbd2_write_access_granted()
  1015. */
  1016. smp_wmb();
  1017. jh->b_next_transaction = transaction;
  1018. done:
  1019. spin_unlock(&jh->b_state_lock);
  1020. /*
  1021. * If we are about to journal a buffer, then any revoke pending on it is
  1022. * no longer valid
  1023. */
  1024. jbd2_journal_cancel_revoke(handle, jh);
  1025. out:
  1026. if (unlikely(frozen_buffer)) /* It's usually NULL */
  1027. jbd2_free(frozen_buffer, bh->b_size);
  1028. JBUFFER_TRACE(jh, "exit");
  1029. return error;
  1030. }
  1031. /* Fast check whether buffer is already attached to the required transaction */
  1032. static bool jbd2_write_access_granted(handle_t *handle, struct buffer_head *bh,
  1033. bool undo)
  1034. {
  1035. struct journal_head *jh;
  1036. bool ret = false;
  1037. /* Dirty buffers require special handling... */
  1038. if (buffer_dirty(bh))
  1039. return false;
  1040. /*
  1041. * RCU protects us from dereferencing freed pages. So the checks we do
  1042. * are guaranteed not to oops. However the jh slab object can get freed
  1043. * & reallocated while we work with it. So we have to be careful. When
  1044. * we see jh attached to the running transaction, we know it must stay
  1045. * so until the transaction is committed. Thus jh won't be freed and
  1046. * will be attached to the same bh while we run. However it can
  1047. * happen jh gets freed, reallocated, and attached to the transaction
  1048. * just after we get pointer to it from bh. So we have to be careful
  1049. * and recheck jh still belongs to our bh before we return success.
  1050. */
  1051. rcu_read_lock();
  1052. if (!buffer_jbd(bh))
  1053. goto out;
  1054. /* This should be bh2jh() but that doesn't work with inline functions */
  1055. jh = READ_ONCE(bh->b_private);
  1056. if (!jh)
  1057. goto out;
  1058. /* For undo access buffer must have data copied */
  1059. if (undo && !jh->b_committed_data)
  1060. goto out;
  1061. if (READ_ONCE(jh->b_transaction) != handle->h_transaction &&
  1062. READ_ONCE(jh->b_next_transaction) != handle->h_transaction)
  1063. goto out;
  1064. /*
  1065. * There are two reasons for the barrier here:
  1066. * 1) Make sure to fetch b_bh after we did previous checks so that we
  1067. * detect when jh went through free, realloc, attach to transaction
  1068. * while we were checking. Paired with implicit barrier in that path.
  1069. * 2) So that access to bh done after jbd2_write_access_granted()
  1070. * doesn't get reordered and see inconsistent state of concurrent
  1071. * do_get_write_access().
  1072. */
  1073. smp_mb();
  1074. if (unlikely(jh->b_bh != bh))
  1075. goto out;
  1076. ret = true;
  1077. out:
  1078. rcu_read_unlock();
  1079. return ret;
  1080. }
  1081. /**
  1082. * jbd2_journal_get_write_access() - notify intent to modify a buffer
  1083. * for metadata (not data) update.
  1084. * @handle: transaction to add buffer modifications to
  1085. * @bh: bh to be used for metadata writes
  1086. *
  1087. * Returns: error code or 0 on success.
  1088. *
  1089. * In full data journalling mode the buffer may be of type BJ_AsyncData,
  1090. * because we're ``write()ing`` a buffer which is also part of a shared mapping.
  1091. */
  1092. int jbd2_journal_get_write_access(handle_t *handle, struct buffer_head *bh)
  1093. {
  1094. struct journal_head *jh;
  1095. journal_t *journal;
  1096. int rc;
  1097. if (is_handle_aborted(handle))
  1098. return -EROFS;
  1099. journal = handle->h_transaction->t_journal;
  1100. rc = jbd2_check_fs_dev_write_error(journal);
  1101. if (rc) {
  1102. /*
  1103. * If the fs dev has writeback errors, it may have failed
  1104. * to async write out metadata buffers in the background.
  1105. * In this case, we could read old data from disk and write
  1106. * it out again, which may lead to on-disk filesystem
  1107. * inconsistency. Aborting journal can avoid it happen.
  1108. */
  1109. jbd2_journal_abort(journal, rc);
  1110. return -EIO;
  1111. }
  1112. if (jbd2_write_access_granted(handle, bh, false))
  1113. return 0;
  1114. jh = jbd2_journal_add_journal_head(bh);
  1115. /* We do not want to get caught playing with fields which the
  1116. * log thread also manipulates. Make sure that the buffer
  1117. * completes any outstanding IO before proceeding. */
  1118. rc = do_get_write_access(handle, jh, 0);
  1119. jbd2_journal_put_journal_head(jh);
  1120. return rc;
  1121. }
  1122. /*
  1123. * When the user wants to journal a newly created buffer_head
  1124. * (ie. getblk() returned a new buffer and we are going to populate it
  1125. * manually rather than reading off disk), then we need to keep the
  1126. * buffer_head locked until it has been completely filled with new
  1127. * data. In this case, we should be able to make the assertion that
  1128. * the bh is not already part of an existing transaction.
  1129. *
  1130. * The buffer should already be locked by the caller by this point.
  1131. * There is no lock ranking violation: it was a newly created,
  1132. * unlocked buffer beforehand. */
  1133. /**
  1134. * jbd2_journal_get_create_access () - notify intent to use newly created bh
  1135. * @handle: transaction to new buffer to
  1136. * @bh: new buffer.
  1137. *
  1138. * Call this if you create a new bh.
  1139. */
  1140. int jbd2_journal_get_create_access(handle_t *handle, struct buffer_head *bh)
  1141. {
  1142. transaction_t *transaction = handle->h_transaction;
  1143. journal_t *journal;
  1144. struct journal_head *jh = jbd2_journal_add_journal_head(bh);
  1145. int err;
  1146. jbd2_debug(5, "journal_head %p\n", jh);
  1147. err = -EROFS;
  1148. if (is_handle_aborted(handle))
  1149. goto out;
  1150. journal = transaction->t_journal;
  1151. err = 0;
  1152. JBUFFER_TRACE(jh, "entry");
  1153. /*
  1154. * The buffer may already belong to this transaction due to pre-zeroing
  1155. * in the filesystem's new_block code. It may also be on the previous,
  1156. * committing transaction's lists, but it HAS to be in Forget state in
  1157. * that case: the transaction must have deleted the buffer for it to be
  1158. * reused here.
  1159. * In the case of file system data inconsistency, for example, if the
  1160. * block bitmap of a referenced block is not set, it can lead to the
  1161. * situation where a block being committed is allocated and used again.
  1162. * As a result, the following condition will not be satisfied, so here
  1163. * we directly trigger a JBD abort instead of immediately invoking
  1164. * bugon.
  1165. */
  1166. spin_lock(&jh->b_state_lock);
  1167. if (!(jh->b_transaction == transaction || jh->b_transaction == NULL ||
  1168. (jh->b_transaction == journal->j_committing_transaction &&
  1169. jh->b_jlist == BJ_Forget)) || jh->b_next_transaction != NULL) {
  1170. err = -EROFS;
  1171. spin_unlock(&jh->b_state_lock);
  1172. jbd2_journal_abort(journal, err);
  1173. goto out;
  1174. }
  1175. J_ASSERT_JH(jh, buffer_locked(jh2bh(jh)));
  1176. if (jh->b_transaction == NULL) {
  1177. /*
  1178. * Previous jbd2_journal_forget() could have left the buffer
  1179. * with jbddirty bit set because it was being committed. When
  1180. * the commit finished, we've filed the buffer for
  1181. * checkpointing and marked it dirty. Now we are reallocating
  1182. * the buffer so the transaction freeing it must have
  1183. * committed and so it's safe to clear the dirty bit.
  1184. */
  1185. clear_buffer_dirty(jh2bh(jh));
  1186. /* first access by this transaction */
  1187. jh->b_modified = 0;
  1188. JBUFFER_TRACE(jh, "file as BJ_Reserved");
  1189. spin_lock(&journal->j_list_lock);
  1190. __jbd2_journal_file_buffer(jh, transaction, BJ_Reserved);
  1191. spin_unlock(&journal->j_list_lock);
  1192. } else if (jh->b_transaction == journal->j_committing_transaction) {
  1193. /* first access by this transaction */
  1194. jh->b_modified = 0;
  1195. JBUFFER_TRACE(jh, "set next transaction");
  1196. spin_lock(&journal->j_list_lock);
  1197. jh->b_next_transaction = transaction;
  1198. spin_unlock(&journal->j_list_lock);
  1199. }
  1200. spin_unlock(&jh->b_state_lock);
  1201. /*
  1202. * akpm: I added this. ext3_alloc_branch can pick up new indirect
  1203. * blocks which contain freed but then revoked metadata. We need
  1204. * to cancel the revoke in case we end up freeing it yet again
  1205. * and the reallocating as data - this would cause a second revoke,
  1206. * which hits an assertion error.
  1207. */
  1208. JBUFFER_TRACE(jh, "cancelling revoke");
  1209. jbd2_journal_cancel_revoke(handle, jh);
  1210. out:
  1211. jbd2_journal_put_journal_head(jh);
  1212. return err;
  1213. }
  1214. /**
  1215. * jbd2_journal_get_undo_access() - Notify intent to modify metadata with
  1216. * non-rewindable consequences
  1217. * @handle: transaction
  1218. * @bh: buffer to undo
  1219. *
  1220. * Sometimes there is a need to distinguish between metadata which has
  1221. * been committed to disk and that which has not. The ext3fs code uses
  1222. * this for freeing and allocating space, we have to make sure that we
  1223. * do not reuse freed space until the deallocation has been committed,
  1224. * since if we overwrote that space we would make the delete
  1225. * un-rewindable in case of a crash.
  1226. *
  1227. * To deal with that, jbd2_journal_get_undo_access requests write access to a
  1228. * buffer for parts of non-rewindable operations such as delete
  1229. * operations on the bitmaps. The journaling code must keep a copy of
  1230. * the buffer's contents prior to the undo_access call until such time
  1231. * as we know that the buffer has definitely been committed to disk.
  1232. *
  1233. * We never need to know which transaction the committed data is part
  1234. * of, buffers touched here are guaranteed to be dirtied later and so
  1235. * will be committed to a new transaction in due course, at which point
  1236. * we can discard the old committed data pointer.
  1237. *
  1238. * Returns error number or 0 on success.
  1239. */
  1240. int jbd2_journal_get_undo_access(handle_t *handle, struct buffer_head *bh)
  1241. {
  1242. int err;
  1243. struct journal_head *jh;
  1244. char *committed_data = NULL;
  1245. if (is_handle_aborted(handle))
  1246. return -EROFS;
  1247. if (jbd2_write_access_granted(handle, bh, true))
  1248. return 0;
  1249. jh = jbd2_journal_add_journal_head(bh);
  1250. JBUFFER_TRACE(jh, "entry");
  1251. /*
  1252. * Do this first --- it can drop the journal lock, so we want to
  1253. * make sure that obtaining the committed_data is done
  1254. * atomically wrt. completion of any outstanding commits.
  1255. */
  1256. err = do_get_write_access(handle, jh, 1);
  1257. if (err)
  1258. goto out;
  1259. repeat:
  1260. if (!jh->b_committed_data)
  1261. committed_data = jbd2_alloc(jh2bh(jh)->b_size,
  1262. GFP_NOFS|__GFP_NOFAIL);
  1263. spin_lock(&jh->b_state_lock);
  1264. if (!jh->b_committed_data) {
  1265. /* Copy out the current buffer contents into the
  1266. * preserved, committed copy. */
  1267. JBUFFER_TRACE(jh, "generate b_committed data");
  1268. if (!committed_data) {
  1269. spin_unlock(&jh->b_state_lock);
  1270. goto repeat;
  1271. }
  1272. jh->b_committed_data = committed_data;
  1273. committed_data = NULL;
  1274. memcpy(jh->b_committed_data, bh->b_data, bh->b_size);
  1275. }
  1276. spin_unlock(&jh->b_state_lock);
  1277. out:
  1278. jbd2_journal_put_journal_head(jh);
  1279. if (unlikely(committed_data))
  1280. jbd2_free(committed_data, bh->b_size);
  1281. return err;
  1282. }
  1283. /**
  1284. * jbd2_journal_set_triggers() - Add triggers for commit writeout
  1285. * @bh: buffer to trigger on
  1286. * @type: struct jbd2_buffer_trigger_type containing the trigger(s).
  1287. *
  1288. * Set any triggers on this journal_head. This is always safe, because
  1289. * triggers for a committing buffer will be saved off, and triggers for
  1290. * a running transaction will match the buffer in that transaction.
  1291. *
  1292. * Call with NULL to clear the triggers.
  1293. */
  1294. void jbd2_journal_set_triggers(struct buffer_head *bh,
  1295. struct jbd2_buffer_trigger_type *type)
  1296. {
  1297. struct journal_head *jh = jbd2_journal_grab_journal_head(bh);
  1298. if (WARN_ON_ONCE(!jh))
  1299. return;
  1300. jh->b_triggers = type;
  1301. jbd2_journal_put_journal_head(jh);
  1302. }
  1303. void jbd2_buffer_frozen_trigger(struct journal_head *jh, void *mapped_data,
  1304. struct jbd2_buffer_trigger_type *triggers)
  1305. {
  1306. struct buffer_head *bh = jh2bh(jh);
  1307. if (!triggers || !triggers->t_frozen)
  1308. return;
  1309. triggers->t_frozen(triggers, bh, mapped_data, bh->b_size);
  1310. }
  1311. void jbd2_buffer_abort_trigger(struct journal_head *jh,
  1312. struct jbd2_buffer_trigger_type *triggers)
  1313. {
  1314. if (!triggers || !triggers->t_abort)
  1315. return;
  1316. triggers->t_abort(triggers, jh2bh(jh));
  1317. }
  1318. /**
  1319. * jbd2_journal_dirty_metadata() - mark a buffer as containing dirty metadata
  1320. * @handle: transaction to add buffer to.
  1321. * @bh: buffer to mark
  1322. *
  1323. * mark dirty metadata which needs to be journaled as part of the current
  1324. * transaction.
  1325. *
  1326. * The buffer must have previously had jbd2_journal_get_write_access()
  1327. * called so that it has a valid journal_head attached to the buffer
  1328. * head.
  1329. *
  1330. * The buffer is placed on the transaction's metadata list and is marked
  1331. * as belonging to the transaction.
  1332. *
  1333. * Returns error number or 0 on success.
  1334. *
  1335. * Special care needs to be taken if the buffer already belongs to the
  1336. * current committing transaction (in which case we should have frozen
  1337. * data present for that commit). In that case, we don't relink the
  1338. * buffer: that only gets done when the old transaction finally
  1339. * completes its commit.
  1340. */
  1341. int jbd2_journal_dirty_metadata(handle_t *handle, struct buffer_head *bh)
  1342. {
  1343. transaction_t *transaction = handle->h_transaction;
  1344. journal_t *journal;
  1345. struct journal_head *jh;
  1346. int ret = 0;
  1347. if (!buffer_jbd(bh))
  1348. return -EUCLEAN;
  1349. /*
  1350. * We don't grab jh reference here since the buffer must be part
  1351. * of the running transaction.
  1352. */
  1353. jh = bh2jh(bh);
  1354. jbd2_debug(5, "journal_head %p\n", jh);
  1355. JBUFFER_TRACE(jh, "entry");
  1356. /*
  1357. * This and the following assertions are unreliable since we may see jh
  1358. * in inconsistent state unless we grab bh_state lock. But this is
  1359. * crucial to catch bugs so let's do a reliable check until the
  1360. * lockless handling is fully proven.
  1361. */
  1362. if (data_race(jh->b_transaction != transaction &&
  1363. jh->b_next_transaction != transaction)) {
  1364. spin_lock(&jh->b_state_lock);
  1365. J_ASSERT_JH(jh, jh->b_transaction == transaction ||
  1366. jh->b_next_transaction == transaction);
  1367. spin_unlock(&jh->b_state_lock);
  1368. }
  1369. if (data_race(jh->b_modified == 1)) {
  1370. /* If it's in our transaction it must be in BJ_Metadata list. */
  1371. if (data_race(jh->b_transaction == transaction &&
  1372. jh->b_jlist != BJ_Metadata)) {
  1373. spin_lock(&jh->b_state_lock);
  1374. if (jh->b_transaction == transaction &&
  1375. jh->b_jlist != BJ_Metadata)
  1376. pr_err("JBD2: assertion failure: h_type=%u "
  1377. "h_line_no=%u block_no=%llu jlist=%u\n",
  1378. handle->h_type, handle->h_line_no,
  1379. (unsigned long long) bh->b_blocknr,
  1380. jh->b_jlist);
  1381. J_ASSERT_JH(jh, jh->b_transaction != transaction ||
  1382. jh->b_jlist == BJ_Metadata);
  1383. spin_unlock(&jh->b_state_lock);
  1384. }
  1385. goto out;
  1386. }
  1387. spin_lock(&jh->b_state_lock);
  1388. if (is_handle_aborted(handle)) {
  1389. /*
  1390. * Check journal aborting with @jh->b_state_lock locked,
  1391. * since 'jh->b_transaction' could be replaced with
  1392. * 'jh->b_next_transaction' during old transaction
  1393. * committing if journal aborted, which may fail
  1394. * assertion on 'jh->b_frozen_data == NULL'.
  1395. */
  1396. ret = -EROFS;
  1397. goto out_unlock_bh;
  1398. }
  1399. journal = transaction->t_journal;
  1400. if (jh->b_modified == 0) {
  1401. /*
  1402. * This buffer's got modified and becoming part
  1403. * of the transaction. This needs to be done
  1404. * once a transaction -bzzz
  1405. */
  1406. if (WARN_ON_ONCE(jbd2_handle_buffer_credits(handle) <= 0)) {
  1407. ret = -ENOSPC;
  1408. goto out_unlock_bh;
  1409. }
  1410. jh->b_modified = 1;
  1411. handle->h_total_credits--;
  1412. }
  1413. /*
  1414. * fastpath, to avoid expensive locking. If this buffer is already
  1415. * on the running transaction's metadata list there is nothing to do.
  1416. * Nobody can take it off again because there is a handle open.
  1417. * I _think_ we're OK here with SMP barriers - a mistaken decision will
  1418. * result in this test being false, so we go in and take the locks.
  1419. */
  1420. if (jh->b_transaction == transaction && jh->b_jlist == BJ_Metadata) {
  1421. JBUFFER_TRACE(jh, "fastpath");
  1422. if (unlikely(jh->b_transaction !=
  1423. journal->j_running_transaction)) {
  1424. printk(KERN_ERR "JBD2: %s: "
  1425. "jh->b_transaction (%llu, %p, %u) != "
  1426. "journal->j_running_transaction (%p, %u)\n",
  1427. journal->j_devname,
  1428. (unsigned long long) bh->b_blocknr,
  1429. jh->b_transaction,
  1430. jh->b_transaction ? jh->b_transaction->t_tid : 0,
  1431. journal->j_running_transaction,
  1432. journal->j_running_transaction ?
  1433. journal->j_running_transaction->t_tid : 0);
  1434. ret = -EINVAL;
  1435. }
  1436. goto out_unlock_bh;
  1437. }
  1438. set_buffer_jbddirty(bh);
  1439. /*
  1440. * Metadata already on the current transaction list doesn't
  1441. * need to be filed. Metadata on another transaction's list must
  1442. * be committing, and will be refiled once the commit completes:
  1443. * leave it alone for now.
  1444. */
  1445. if (jh->b_transaction != transaction) {
  1446. JBUFFER_TRACE(jh, "already on other transaction");
  1447. if (unlikely(((jh->b_transaction !=
  1448. journal->j_committing_transaction)) ||
  1449. (jh->b_next_transaction != transaction))) {
  1450. printk(KERN_ERR "jbd2_journal_dirty_metadata: %s: "
  1451. "bad jh for block %llu: "
  1452. "transaction (%p, %u), "
  1453. "jh->b_transaction (%p, %u), "
  1454. "jh->b_next_transaction (%p, %u), jlist %u\n",
  1455. journal->j_devname,
  1456. (unsigned long long) bh->b_blocknr,
  1457. transaction, transaction->t_tid,
  1458. jh->b_transaction,
  1459. jh->b_transaction ?
  1460. jh->b_transaction->t_tid : 0,
  1461. jh->b_next_transaction,
  1462. jh->b_next_transaction ?
  1463. jh->b_next_transaction->t_tid : 0,
  1464. jh->b_jlist);
  1465. WARN_ON(1);
  1466. ret = -EINVAL;
  1467. }
  1468. /* And this case is illegal: we can't reuse another
  1469. * transaction's data buffer, ever. */
  1470. goto out_unlock_bh;
  1471. }
  1472. /* That test should have eliminated the following case: */
  1473. J_ASSERT_JH(jh, jh->b_frozen_data == NULL);
  1474. JBUFFER_TRACE(jh, "file as BJ_Metadata");
  1475. spin_lock(&journal->j_list_lock);
  1476. __jbd2_journal_file_buffer(jh, transaction, BJ_Metadata);
  1477. spin_unlock(&journal->j_list_lock);
  1478. out_unlock_bh:
  1479. spin_unlock(&jh->b_state_lock);
  1480. out:
  1481. JBUFFER_TRACE(jh, "exit");
  1482. return ret;
  1483. }
  1484. /**
  1485. * jbd2_journal_forget() - bforget() for potentially-journaled buffers.
  1486. * @handle: transaction handle
  1487. * @bh: bh to 'forget'
  1488. *
  1489. * We can only do the bforget if there are no commits pending against the
  1490. * buffer. If the buffer is dirty in the current running transaction we
  1491. * can safely unlink it.
  1492. *
  1493. * bh may not be a journalled buffer at all - it may be a non-JBD
  1494. * buffer which came off the hashtable. Check for this.
  1495. *
  1496. * Decrements bh->b_count by one.
  1497. *
  1498. * Allow this call even if the handle has aborted --- it may be part of
  1499. * the caller's cleanup after an abort.
  1500. */
  1501. int jbd2_journal_forget(handle_t *handle, struct buffer_head *bh)
  1502. {
  1503. transaction_t *transaction = handle->h_transaction;
  1504. journal_t *journal;
  1505. struct journal_head *jh;
  1506. int drop_reserve = 0;
  1507. int err = 0;
  1508. int was_modified = 0;
  1509. int wait_for_writeback = 0;
  1510. if (is_handle_aborted(handle))
  1511. return -EROFS;
  1512. journal = transaction->t_journal;
  1513. BUFFER_TRACE(bh, "entry");
  1514. jh = jbd2_journal_grab_journal_head(bh);
  1515. if (!jh) {
  1516. __bforget(bh);
  1517. return 0;
  1518. }
  1519. spin_lock(&jh->b_state_lock);
  1520. /* Critical error: attempting to delete a bitmap buffer, maybe?
  1521. * Don't do any jbd operations, and return an error. */
  1522. if (!J_EXPECT_JH(jh, !jh->b_committed_data,
  1523. "inconsistent data on disk")) {
  1524. err = -EIO;
  1525. goto drop;
  1526. }
  1527. /* keep track of whether or not this transaction modified us */
  1528. was_modified = jh->b_modified;
  1529. /*
  1530. * The buffer's going from the transaction, we must drop
  1531. * all references -bzzz
  1532. */
  1533. jh->b_modified = 0;
  1534. if (jh->b_transaction == transaction) {
  1535. J_ASSERT_JH(jh, !jh->b_frozen_data);
  1536. /* If we are forgetting a buffer which is already part
  1537. * of this transaction, then we can just drop it from
  1538. * the transaction immediately. */
  1539. clear_buffer_dirty(bh);
  1540. clear_buffer_jbddirty(bh);
  1541. JBUFFER_TRACE(jh, "belongs to current transaction: unfile");
  1542. /*
  1543. * we only want to drop a reference if this transaction
  1544. * modified the buffer
  1545. */
  1546. if (was_modified)
  1547. drop_reserve = 1;
  1548. /*
  1549. * We are no longer going to journal this buffer.
  1550. * However, the commit of this transaction is still
  1551. * important to the buffer: the delete that we are now
  1552. * processing might obsolete an old log entry, so by
  1553. * committing, we can satisfy the buffer's checkpoint.
  1554. *
  1555. * So, if we have a checkpoint on the buffer, we should
  1556. * now refile the buffer on our BJ_Forget list so that
  1557. * we know to remove the checkpoint after we commit.
  1558. */
  1559. spin_lock(&journal->j_list_lock);
  1560. if (jh->b_cp_transaction) {
  1561. __jbd2_journal_temp_unlink_buffer(jh);
  1562. __jbd2_journal_file_buffer(jh, transaction, BJ_Forget);
  1563. } else {
  1564. __jbd2_journal_unfile_buffer(jh);
  1565. jbd2_journal_put_journal_head(jh);
  1566. }
  1567. spin_unlock(&journal->j_list_lock);
  1568. } else if (jh->b_transaction) {
  1569. J_ASSERT_JH(jh, (jh->b_transaction ==
  1570. journal->j_committing_transaction));
  1571. /* However, if the buffer is still owned by a prior
  1572. * (committing) transaction, we can't drop it yet... */
  1573. JBUFFER_TRACE(jh, "belongs to older transaction");
  1574. /* ... but we CAN drop it from the new transaction through
  1575. * marking the buffer as freed and set j_next_transaction to
  1576. * the new transaction, so that not only the commit code
  1577. * knows it should clear dirty bits when it is done with the
  1578. * buffer, but also the buffer can be checkpointed only
  1579. * after the new transaction commits. */
  1580. set_buffer_freed(bh);
  1581. if (!jh->b_next_transaction) {
  1582. spin_lock(&journal->j_list_lock);
  1583. jh->b_next_transaction = transaction;
  1584. spin_unlock(&journal->j_list_lock);
  1585. } else {
  1586. J_ASSERT(jh->b_next_transaction == transaction);
  1587. /*
  1588. * only drop a reference if this transaction modified
  1589. * the buffer
  1590. */
  1591. if (was_modified)
  1592. drop_reserve = 1;
  1593. }
  1594. } else {
  1595. /*
  1596. * Finally, if the buffer is not belongs to any
  1597. * transaction, we can just drop it now if it has no
  1598. * checkpoint.
  1599. */
  1600. spin_lock(&journal->j_list_lock);
  1601. if (!jh->b_cp_transaction) {
  1602. JBUFFER_TRACE(jh, "belongs to none transaction");
  1603. spin_unlock(&journal->j_list_lock);
  1604. goto drop;
  1605. }
  1606. /*
  1607. * Otherwise, if the buffer has been written to disk,
  1608. * it is safe to remove the checkpoint and drop it.
  1609. */
  1610. if (jbd2_journal_try_remove_checkpoint(jh) >= 0) {
  1611. spin_unlock(&journal->j_list_lock);
  1612. goto drop;
  1613. }
  1614. /*
  1615. * The buffer has not yet been written to disk. We should
  1616. * either clear the buffer or ensure that the ongoing I/O
  1617. * is completed, and attach this buffer to current
  1618. * transaction so that the buffer can be checkpointed only
  1619. * after the current transaction commits.
  1620. */
  1621. clear_buffer_dirty(bh);
  1622. wait_for_writeback = 1;
  1623. __jbd2_journal_file_buffer(jh, transaction, BJ_Forget);
  1624. spin_unlock(&journal->j_list_lock);
  1625. }
  1626. drop:
  1627. __brelse(bh);
  1628. spin_unlock(&jh->b_state_lock);
  1629. if (wait_for_writeback)
  1630. wait_on_buffer(bh);
  1631. jbd2_journal_put_journal_head(jh);
  1632. if (drop_reserve) {
  1633. /* no need to reserve log space for this block -bzzz */
  1634. handle->h_total_credits++;
  1635. }
  1636. return err;
  1637. }
  1638. /**
  1639. * jbd2_journal_stop() - complete a transaction
  1640. * @handle: transaction to complete.
  1641. *
  1642. * All done for a particular handle.
  1643. *
  1644. * There is not much action needed here. We just return any remaining
  1645. * buffer credits to the transaction and remove the handle. The only
  1646. * complication is that we need to start a commit operation if the
  1647. * filesystem is marked for synchronous update.
  1648. *
  1649. * jbd2_journal_stop itself will not usually return an error, but it may
  1650. * do so in unusual circumstances. In particular, expect it to
  1651. * return -EIO if a jbd2_journal_abort has been executed since the
  1652. * transaction began.
  1653. */
  1654. int jbd2_journal_stop(handle_t *handle)
  1655. {
  1656. transaction_t *transaction = handle->h_transaction;
  1657. journal_t *journal;
  1658. int err = 0, wait_for_commit = 0;
  1659. tid_t tid;
  1660. pid_t pid;
  1661. if (--handle->h_ref > 0) {
  1662. jbd2_debug(4, "h_ref %d -> %d\n", handle->h_ref + 1,
  1663. handle->h_ref);
  1664. if (is_handle_aborted(handle))
  1665. return -EIO;
  1666. return 0;
  1667. }
  1668. if (!transaction) {
  1669. /*
  1670. * Handle is already detached from the transaction so there is
  1671. * nothing to do other than free the handle.
  1672. */
  1673. memalloc_nofs_restore(handle->saved_alloc_context);
  1674. goto free_and_exit;
  1675. }
  1676. journal = transaction->t_journal;
  1677. tid = transaction->t_tid;
  1678. if (is_handle_aborted(handle))
  1679. err = -EIO;
  1680. jbd2_debug(4, "Handle %p going down\n", handle);
  1681. trace_jbd2_handle_stats(journal->j_fs_dev->bd_dev,
  1682. tid, handle->h_type, handle->h_line_no,
  1683. jiffies - handle->h_start_jiffies,
  1684. handle->h_sync, handle->h_requested_credits,
  1685. (handle->h_requested_credits -
  1686. handle->h_total_credits));
  1687. /*
  1688. * Implement synchronous transaction batching. If the handle
  1689. * was synchronous, don't force a commit immediately. Let's
  1690. * yield and let another thread piggyback onto this
  1691. * transaction. Keep doing that while new threads continue to
  1692. * arrive. It doesn't cost much - we're about to run a commit
  1693. * and sleep on IO anyway. Speeds up many-threaded, many-dir
  1694. * operations by 30x or more...
  1695. *
  1696. * We try and optimize the sleep time against what the
  1697. * underlying disk can do, instead of having a static sleep
  1698. * time. This is useful for the case where our storage is so
  1699. * fast that it is more optimal to go ahead and force a flush
  1700. * and wait for the transaction to be committed than it is to
  1701. * wait for an arbitrary amount of time for new writers to
  1702. * join the transaction. We achieve this by measuring how
  1703. * long it takes to commit a transaction, and compare it with
  1704. * how long this transaction has been running, and if run time
  1705. * < commit time then we sleep for the delta and commit. This
  1706. * greatly helps super fast disks that would see slowdowns as
  1707. * more threads started doing fsyncs.
  1708. *
  1709. * But don't do this if this process was the most recent one
  1710. * to perform a synchronous write. We do this to detect the
  1711. * case where a single process is doing a stream of sync
  1712. * writes. No point in waiting for joiners in that case.
  1713. *
  1714. * Setting max_batch_time to 0 disables this completely.
  1715. */
  1716. pid = current->pid;
  1717. if (handle->h_sync && journal->j_last_sync_writer != pid &&
  1718. journal->j_max_batch_time) {
  1719. u64 commit_time, trans_time;
  1720. journal->j_last_sync_writer = pid;
  1721. read_lock(&journal->j_state_lock);
  1722. commit_time = journal->j_average_commit_time;
  1723. read_unlock(&journal->j_state_lock);
  1724. trans_time = ktime_to_ns(ktime_sub(ktime_get(),
  1725. transaction->t_start_time));
  1726. commit_time = max_t(u64, commit_time,
  1727. 1000*journal->j_min_batch_time);
  1728. commit_time = min_t(u64, commit_time,
  1729. 1000*journal->j_max_batch_time);
  1730. if (trans_time < commit_time) {
  1731. ktime_t expires = ktime_add_ns(ktime_get(),
  1732. commit_time);
  1733. set_current_state(TASK_UNINTERRUPTIBLE);
  1734. schedule_hrtimeout(&expires, HRTIMER_MODE_ABS);
  1735. }
  1736. }
  1737. if (handle->h_sync)
  1738. transaction->t_synchronous_commit = 1;
  1739. /*
  1740. * If the handle is marked SYNC, we need to set another commit
  1741. * going! We also want to force a commit if the transaction is too
  1742. * old now.
  1743. */
  1744. if (handle->h_sync ||
  1745. time_after_eq(jiffies, transaction->t_expires)) {
  1746. /* Do this even for aborted journals: an abort still
  1747. * completes the commit thread, it just doesn't write
  1748. * anything to disk. */
  1749. jbd2_debug(2, "transaction too old, requesting commit for "
  1750. "handle %p\n", handle);
  1751. /* This is non-blocking */
  1752. jbd2_log_start_commit(journal, tid);
  1753. /*
  1754. * Special case: JBD2_SYNC synchronous updates require us
  1755. * to wait for the commit to complete.
  1756. */
  1757. if (handle->h_sync && !(current->flags & PF_MEMALLOC))
  1758. wait_for_commit = 1;
  1759. }
  1760. /*
  1761. * Once stop_this_handle() drops t_updates, the transaction could start
  1762. * committing on us and eventually disappear. So we must not
  1763. * dereference transaction pointer again after calling
  1764. * stop_this_handle().
  1765. */
  1766. stop_this_handle(handle);
  1767. if (wait_for_commit)
  1768. err = jbd2_log_wait_commit(journal, tid);
  1769. free_and_exit:
  1770. if (handle->h_rsv_handle)
  1771. jbd2_free_handle(handle->h_rsv_handle);
  1772. jbd2_free_handle(handle);
  1773. return err;
  1774. }
  1775. /*
  1776. *
  1777. * List management code snippets: various functions for manipulating the
  1778. * transaction buffer lists.
  1779. *
  1780. */
  1781. /*
  1782. * Append a buffer to a transaction list, given the transaction's list head
  1783. * pointer.
  1784. *
  1785. * j_list_lock is held.
  1786. *
  1787. * jh->b_state_lock is held.
  1788. */
  1789. static inline void
  1790. __blist_add_buffer(struct journal_head **list, struct journal_head *jh)
  1791. {
  1792. if (!*list) {
  1793. jh->b_tnext = jh->b_tprev = jh;
  1794. *list = jh;
  1795. } else {
  1796. /* Insert at the tail of the list to preserve order */
  1797. struct journal_head *first = *list, *last = first->b_tprev;
  1798. jh->b_tprev = last;
  1799. jh->b_tnext = first;
  1800. last->b_tnext = first->b_tprev = jh;
  1801. }
  1802. }
  1803. /*
  1804. * Remove a buffer from a transaction list, given the transaction's list
  1805. * head pointer.
  1806. *
  1807. * Called with j_list_lock held, and the journal may not be locked.
  1808. *
  1809. * jh->b_state_lock is held.
  1810. */
  1811. static inline void
  1812. __blist_del_buffer(struct journal_head **list, struct journal_head *jh)
  1813. {
  1814. if (*list == jh) {
  1815. *list = jh->b_tnext;
  1816. if (*list == jh)
  1817. *list = NULL;
  1818. }
  1819. jh->b_tprev->b_tnext = jh->b_tnext;
  1820. jh->b_tnext->b_tprev = jh->b_tprev;
  1821. }
  1822. /*
  1823. * Remove a buffer from the appropriate transaction list.
  1824. *
  1825. * Note that this function can *change* the value of
  1826. * bh->b_transaction->t_buffers, t_forget, t_shadow_list, t_log_list or
  1827. * t_reserved_list. If the caller is holding onto a copy of one of these
  1828. * pointers, it could go bad. Generally the caller needs to re-read the
  1829. * pointer from the transaction_t.
  1830. *
  1831. * Called under j_list_lock.
  1832. */
  1833. static void __jbd2_journal_temp_unlink_buffer(struct journal_head *jh)
  1834. {
  1835. struct journal_head **list = NULL;
  1836. transaction_t *transaction;
  1837. struct buffer_head *bh = jh2bh(jh);
  1838. lockdep_assert_held(&jh->b_state_lock);
  1839. transaction = jh->b_transaction;
  1840. if (transaction)
  1841. assert_spin_locked(&transaction->t_journal->j_list_lock);
  1842. J_ASSERT_JH(jh, jh->b_jlist < BJ_Types);
  1843. if (jh->b_jlist != BJ_None)
  1844. J_ASSERT_JH(jh, transaction != NULL);
  1845. switch (jh->b_jlist) {
  1846. case BJ_None:
  1847. return;
  1848. case BJ_Metadata:
  1849. transaction->t_nr_buffers--;
  1850. J_ASSERT_JH(jh, transaction->t_nr_buffers >= 0);
  1851. list = &transaction->t_buffers;
  1852. break;
  1853. case BJ_Forget:
  1854. list = &transaction->t_forget;
  1855. break;
  1856. case BJ_Shadow:
  1857. list = &transaction->t_shadow_list;
  1858. break;
  1859. case BJ_Reserved:
  1860. list = &transaction->t_reserved_list;
  1861. break;
  1862. }
  1863. __blist_del_buffer(list, jh);
  1864. jh->b_jlist = BJ_None;
  1865. if (transaction && is_journal_aborted(transaction->t_journal))
  1866. clear_buffer_jbddirty(bh);
  1867. else if (test_clear_buffer_jbddirty(bh))
  1868. mark_buffer_dirty(bh); /* Expose it to the VM */
  1869. }
  1870. /*
  1871. * Remove buffer from all transactions. The caller is responsible for dropping
  1872. * the jh reference that belonged to the transaction.
  1873. *
  1874. * Called with bh_state lock and j_list_lock
  1875. */
  1876. static void __jbd2_journal_unfile_buffer(struct journal_head *jh)
  1877. {
  1878. J_ASSERT_JH(jh, jh->b_transaction != NULL);
  1879. J_ASSERT_JH(jh, jh->b_next_transaction == NULL);
  1880. __jbd2_journal_temp_unlink_buffer(jh);
  1881. jh->b_transaction = NULL;
  1882. }
  1883. /**
  1884. * jbd2_journal_try_to_free_buffers() - try to free page buffers.
  1885. * @journal: journal for operation
  1886. * @folio: Folio to detach data from.
  1887. *
  1888. * For all the buffers on this page,
  1889. * if they are fully written out ordered data, move them onto BUF_CLEAN
  1890. * so try_to_free_buffers() can reap them.
  1891. *
  1892. * This function returns non-zero if we wish try_to_free_buffers()
  1893. * to be called. We do this if the page is releasable by try_to_free_buffers().
  1894. * We also do it if the page has locked or dirty buffers and the caller wants
  1895. * us to perform sync or async writeout.
  1896. *
  1897. * This complicates JBD locking somewhat. We aren't protected by the
  1898. * BKL here. We wish to remove the buffer from its committing or
  1899. * running transaction's ->t_datalist via __jbd2_journal_unfile_buffer.
  1900. *
  1901. * This may *change* the value of transaction_t->t_datalist, so anyone
  1902. * who looks at t_datalist needs to lock against this function.
  1903. *
  1904. * Even worse, someone may be doing a jbd2_journal_dirty_data on this
  1905. * buffer. So we need to lock against that. jbd2_journal_dirty_data()
  1906. * will come out of the lock with the buffer dirty, which makes it
  1907. * ineligible for release here.
  1908. *
  1909. * Who else is affected by this? hmm... Really the only contender
  1910. * is do_get_write_access() - it could be looking at the buffer while
  1911. * journal_try_to_free_buffer() is changing its state. But that
  1912. * cannot happen because we never reallocate freed data as metadata
  1913. * while the data is part of a transaction. Yes?
  1914. *
  1915. * Return false on failure, true on success
  1916. */
  1917. bool jbd2_journal_try_to_free_buffers(journal_t *journal, struct folio *folio)
  1918. {
  1919. struct buffer_head *head;
  1920. struct buffer_head *bh;
  1921. bool ret = false;
  1922. J_ASSERT(folio_test_locked(folio));
  1923. head = folio_buffers(folio);
  1924. bh = head;
  1925. do {
  1926. struct journal_head *jh;
  1927. /*
  1928. * We take our own ref against the journal_head here to avoid
  1929. * having to add tons of locking around each instance of
  1930. * jbd2_journal_put_journal_head().
  1931. */
  1932. jh = jbd2_journal_grab_journal_head(bh);
  1933. if (!jh)
  1934. continue;
  1935. spin_lock(&jh->b_state_lock);
  1936. if (!jh->b_transaction && !jh->b_next_transaction) {
  1937. spin_lock(&journal->j_list_lock);
  1938. /* Remove written-back checkpointed metadata buffer */
  1939. if (jh->b_cp_transaction != NULL)
  1940. jbd2_journal_try_remove_checkpoint(jh);
  1941. spin_unlock(&journal->j_list_lock);
  1942. }
  1943. spin_unlock(&jh->b_state_lock);
  1944. jbd2_journal_put_journal_head(jh);
  1945. if (buffer_jbd(bh))
  1946. goto busy;
  1947. } while ((bh = bh->b_this_page) != head);
  1948. ret = try_to_free_buffers(folio);
  1949. busy:
  1950. return ret;
  1951. }
  1952. /*
  1953. * This buffer is no longer needed. If it is on an older transaction's
  1954. * checkpoint list we need to record it on this transaction's forget list
  1955. * to pin this buffer (and hence its checkpointing transaction) down until
  1956. * this transaction commits. If the buffer isn't on a checkpoint list, we
  1957. * release it.
  1958. * Returns non-zero if JBD no longer has an interest in the buffer.
  1959. *
  1960. * Called under j_list_lock.
  1961. *
  1962. * Called under jh->b_state_lock.
  1963. */
  1964. static int __dispose_buffer(struct journal_head *jh, transaction_t *transaction)
  1965. {
  1966. int may_free = 1;
  1967. struct buffer_head *bh = jh2bh(jh);
  1968. if (jh->b_cp_transaction) {
  1969. JBUFFER_TRACE(jh, "on running+cp transaction");
  1970. __jbd2_journal_temp_unlink_buffer(jh);
  1971. /*
  1972. * We don't want to write the buffer anymore, clear the
  1973. * bit so that we don't confuse checks in
  1974. * __jbd2_journal_file_buffer
  1975. */
  1976. clear_buffer_dirty(bh);
  1977. __jbd2_journal_file_buffer(jh, transaction, BJ_Forget);
  1978. may_free = 0;
  1979. } else {
  1980. JBUFFER_TRACE(jh, "on running transaction");
  1981. __jbd2_journal_unfile_buffer(jh);
  1982. jbd2_journal_put_journal_head(jh);
  1983. }
  1984. return may_free;
  1985. }
  1986. /*
  1987. * jbd2_journal_invalidate_folio
  1988. *
  1989. * This code is tricky. It has a number of cases to deal with.
  1990. *
  1991. * There are two invariants which this code relies on:
  1992. *
  1993. * i_size must be updated on disk before we start calling invalidate_folio
  1994. * on the data.
  1995. *
  1996. * This is done in ext3 by defining an ext3_setattr method which
  1997. * updates i_size before truncate gets going. By maintaining this
  1998. * invariant, we can be sure that it is safe to throw away any buffers
  1999. * attached to the current transaction: once the transaction commits,
  2000. * we know that the data will not be needed.
  2001. *
  2002. * Note however that we can *not* throw away data belonging to the
  2003. * previous, committing transaction!
  2004. *
  2005. * Any disk blocks which *are* part of the previous, committing
  2006. * transaction (and which therefore cannot be discarded immediately) are
  2007. * not going to be reused in the new running transaction
  2008. *
  2009. * The bitmap committed_data images guarantee this: any block which is
  2010. * allocated in one transaction and removed in the next will be marked
  2011. * as in-use in the committed_data bitmap, so cannot be reused until
  2012. * the next transaction to delete the block commits. This means that
  2013. * leaving committing buffers dirty is quite safe: the disk blocks
  2014. * cannot be reallocated to a different file and so buffer aliasing is
  2015. * not possible.
  2016. *
  2017. *
  2018. * The above applies mainly to ordered data mode. In writeback mode we
  2019. * don't make guarantees about the order in which data hits disk --- in
  2020. * particular we don't guarantee that new dirty data is flushed before
  2021. * transaction commit --- so it is always safe just to discard data
  2022. * immediately in that mode. --sct
  2023. */
  2024. /*
  2025. * The journal_unmap_buffer helper function returns zero if the buffer
  2026. * concerned remains pinned as an anonymous buffer belonging to an older
  2027. * transaction.
  2028. *
  2029. * We're outside-transaction here. Either or both of j_running_transaction
  2030. * and j_committing_transaction may be NULL.
  2031. */
  2032. static int journal_unmap_buffer(journal_t *journal, struct buffer_head *bh,
  2033. int partial_page)
  2034. {
  2035. transaction_t *transaction;
  2036. struct journal_head *jh;
  2037. int may_free = 1;
  2038. BUFFER_TRACE(bh, "entry");
  2039. /*
  2040. * It is safe to proceed here without the j_list_lock because the
  2041. * buffers cannot be stolen by try_to_free_buffers as long as we are
  2042. * holding the page lock. --sct
  2043. */
  2044. jh = jbd2_journal_grab_journal_head(bh);
  2045. if (!jh)
  2046. goto zap_buffer_unlocked;
  2047. /* OK, we have data buffer in journaled mode */
  2048. write_lock(&journal->j_state_lock);
  2049. spin_lock(&jh->b_state_lock);
  2050. spin_lock(&journal->j_list_lock);
  2051. /*
  2052. * We cannot remove the buffer from checkpoint lists until the
  2053. * transaction adding inode to orphan list (let's call it T)
  2054. * is committed. Otherwise if the transaction changing the
  2055. * buffer would be cleaned from the journal before T is
  2056. * committed, a crash will cause that the correct contents of
  2057. * the buffer will be lost. On the other hand we have to
  2058. * clear the buffer dirty bit at latest at the moment when the
  2059. * transaction marking the buffer as freed in the filesystem
  2060. * structures is committed because from that moment on the
  2061. * block can be reallocated and used by a different page.
  2062. * Since the block hasn't been freed yet but the inode has
  2063. * already been added to orphan list, it is safe for us to add
  2064. * the buffer to BJ_Forget list of the newest transaction.
  2065. *
  2066. * Also we have to clear buffer_mapped flag of a truncated buffer
  2067. * because the buffer_head may be attached to the page straddling
  2068. * i_size (can happen only when blocksize < pagesize) and thus the
  2069. * buffer_head can be reused when the file is extended again. So we end
  2070. * up keeping around invalidated buffers attached to transactions'
  2071. * BJ_Forget list just to stop checkpointing code from cleaning up
  2072. * the transaction this buffer was modified in.
  2073. */
  2074. transaction = jh->b_transaction;
  2075. if (transaction == NULL) {
  2076. /* First case: not on any transaction. If it
  2077. * has no checkpoint link, then we can zap it:
  2078. * it's a writeback-mode buffer so we don't care
  2079. * if it hits disk safely. */
  2080. if (!jh->b_cp_transaction) {
  2081. JBUFFER_TRACE(jh, "not on any transaction: zap");
  2082. goto zap_buffer;
  2083. }
  2084. if (!buffer_dirty(bh)) {
  2085. /* bdflush has written it. We can drop it now */
  2086. __jbd2_journal_remove_checkpoint(jh);
  2087. goto zap_buffer;
  2088. }
  2089. /* OK, it must be in the journal but still not
  2090. * written fully to disk: it's metadata or
  2091. * journaled data... */
  2092. if (journal->j_running_transaction) {
  2093. /* ... and once the current transaction has
  2094. * committed, the buffer won't be needed any
  2095. * longer. */
  2096. JBUFFER_TRACE(jh, "checkpointed: add to BJ_Forget");
  2097. may_free = __dispose_buffer(jh,
  2098. journal->j_running_transaction);
  2099. goto zap_buffer;
  2100. } else {
  2101. /* There is no currently-running transaction. So the
  2102. * orphan record which we wrote for this file must have
  2103. * passed into commit. We must attach this buffer to
  2104. * the committing transaction, if it exists. */
  2105. if (journal->j_committing_transaction) {
  2106. JBUFFER_TRACE(jh, "give to committing trans");
  2107. may_free = __dispose_buffer(jh,
  2108. journal->j_committing_transaction);
  2109. goto zap_buffer;
  2110. } else {
  2111. /* The orphan record's transaction has
  2112. * committed. We can cleanse this buffer */
  2113. clear_buffer_jbddirty(bh);
  2114. __jbd2_journal_remove_checkpoint(jh);
  2115. goto zap_buffer;
  2116. }
  2117. }
  2118. } else if (transaction == journal->j_committing_transaction) {
  2119. JBUFFER_TRACE(jh, "on committing transaction");
  2120. /*
  2121. * The buffer is committing, we simply cannot touch
  2122. * it. If the page is straddling i_size we have to wait
  2123. * for commit and try again.
  2124. */
  2125. if (partial_page) {
  2126. spin_unlock(&journal->j_list_lock);
  2127. spin_unlock(&jh->b_state_lock);
  2128. write_unlock(&journal->j_state_lock);
  2129. jbd2_journal_put_journal_head(jh);
  2130. /* Already zapped buffer? Nothing to do... */
  2131. if (!bh->b_bdev)
  2132. return 0;
  2133. return -EBUSY;
  2134. }
  2135. /*
  2136. * OK, buffer won't be reachable after truncate. We just clear
  2137. * b_modified to not confuse transaction credit accounting, and
  2138. * set j_next_transaction to the running transaction (if there
  2139. * is one) and mark buffer as freed so that commit code knows
  2140. * it should clear dirty bits when it is done with the buffer.
  2141. */
  2142. set_buffer_freed(bh);
  2143. if (journal->j_running_transaction && buffer_jbddirty(bh))
  2144. jh->b_next_transaction = journal->j_running_transaction;
  2145. jh->b_modified = 0;
  2146. spin_unlock(&journal->j_list_lock);
  2147. spin_unlock(&jh->b_state_lock);
  2148. write_unlock(&journal->j_state_lock);
  2149. jbd2_journal_put_journal_head(jh);
  2150. return 0;
  2151. } else {
  2152. /* Good, the buffer belongs to the running transaction.
  2153. * We are writing our own transaction's data, not any
  2154. * previous one's, so it is safe to throw it away
  2155. * (remember that we expect the filesystem to have set
  2156. * i_size already for this truncate so recovery will not
  2157. * expose the disk blocks we are discarding here.) */
  2158. J_ASSERT_JH(jh, transaction == journal->j_running_transaction);
  2159. JBUFFER_TRACE(jh, "on running transaction");
  2160. may_free = __dispose_buffer(jh, transaction);
  2161. }
  2162. zap_buffer:
  2163. /*
  2164. * This is tricky. Although the buffer is truncated, it may be reused
  2165. * if blocksize < pagesize and it is attached to the page straddling
  2166. * EOF. Since the buffer might have been added to BJ_Forget list of the
  2167. * running transaction, journal_get_write_access() won't clear
  2168. * b_modified and credit accounting gets confused. So clear b_modified
  2169. * here.
  2170. */
  2171. jh->b_modified = 0;
  2172. spin_unlock(&journal->j_list_lock);
  2173. spin_unlock(&jh->b_state_lock);
  2174. write_unlock(&journal->j_state_lock);
  2175. jbd2_journal_put_journal_head(jh);
  2176. zap_buffer_unlocked:
  2177. clear_buffer_dirty(bh);
  2178. J_ASSERT_BH(bh, !buffer_jbddirty(bh));
  2179. clear_buffer_mapped(bh);
  2180. clear_buffer_req(bh);
  2181. clear_buffer_new(bh);
  2182. clear_buffer_delay(bh);
  2183. clear_buffer_unwritten(bh);
  2184. bh->b_bdev = NULL;
  2185. return may_free;
  2186. }
  2187. /**
  2188. * jbd2_journal_invalidate_folio()
  2189. * @journal: journal to use for flush...
  2190. * @folio: folio to flush
  2191. * @offset: start of the range to invalidate
  2192. * @length: length of the range to invalidate
  2193. *
  2194. * Reap page buffers containing data after in the specified range in page.
  2195. * Can return -EBUSY if buffers are part of the committing transaction and
  2196. * the page is straddling i_size. Caller then has to wait for current commit
  2197. * and try again.
  2198. */
  2199. int jbd2_journal_invalidate_folio(journal_t *journal, struct folio *folio,
  2200. size_t offset, size_t length)
  2201. {
  2202. struct buffer_head *head, *bh, *next;
  2203. unsigned int stop = offset + length;
  2204. unsigned int curr_off = 0;
  2205. int partial_page = (offset || length < folio_size(folio));
  2206. int may_free = 1;
  2207. int ret = 0;
  2208. if (!folio_test_locked(folio))
  2209. BUG();
  2210. head = folio_buffers(folio);
  2211. if (!head)
  2212. return 0;
  2213. BUG_ON(stop > folio_size(folio) || stop < length);
  2214. /* We will potentially be playing with lists other than just the
  2215. * data lists (especially for journaled data mode), so be
  2216. * cautious in our locking. */
  2217. bh = head;
  2218. do {
  2219. unsigned int next_off = curr_off + bh->b_size;
  2220. next = bh->b_this_page;
  2221. if (next_off > stop)
  2222. return 0;
  2223. if (offset <= curr_off) {
  2224. /* This block is wholly outside the truncation point */
  2225. lock_buffer(bh);
  2226. ret = journal_unmap_buffer(journal, bh, partial_page);
  2227. unlock_buffer(bh);
  2228. if (ret < 0)
  2229. return ret;
  2230. may_free &= ret;
  2231. }
  2232. curr_off = next_off;
  2233. bh = next;
  2234. } while (bh != head);
  2235. if (!partial_page) {
  2236. if (may_free && try_to_free_buffers(folio))
  2237. J_ASSERT(!folio_buffers(folio));
  2238. }
  2239. return 0;
  2240. }
  2241. /*
  2242. * File a buffer on the given transaction list.
  2243. */
  2244. void __jbd2_journal_file_buffer(struct journal_head *jh,
  2245. transaction_t *transaction, int jlist)
  2246. {
  2247. struct journal_head **list = NULL;
  2248. int was_dirty = 0;
  2249. struct buffer_head *bh = jh2bh(jh);
  2250. lockdep_assert_held(&jh->b_state_lock);
  2251. assert_spin_locked(&transaction->t_journal->j_list_lock);
  2252. J_ASSERT_JH(jh, jh->b_jlist < BJ_Types);
  2253. J_ASSERT_JH(jh, jh->b_transaction == transaction ||
  2254. jh->b_transaction == NULL);
  2255. if (jh->b_transaction && jh->b_jlist == jlist)
  2256. return;
  2257. if (jlist == BJ_Metadata || jlist == BJ_Reserved ||
  2258. jlist == BJ_Shadow || jlist == BJ_Forget) {
  2259. /*
  2260. * For metadata buffers, we track dirty bit in buffer_jbddirty
  2261. * instead of buffer_dirty. We should not see a dirty bit set
  2262. * here because we clear it in do_get_write_access but e.g.
  2263. * tune2fs can modify the sb and set the dirty bit at any time
  2264. * so we try to gracefully handle that.
  2265. */
  2266. if (buffer_dirty(bh))
  2267. warn_dirty_buffer(bh);
  2268. if (test_clear_buffer_dirty(bh) ||
  2269. test_clear_buffer_jbddirty(bh))
  2270. was_dirty = 1;
  2271. }
  2272. if (jh->b_transaction)
  2273. __jbd2_journal_temp_unlink_buffer(jh);
  2274. else
  2275. jbd2_journal_grab_journal_head(bh);
  2276. jh->b_transaction = transaction;
  2277. switch (jlist) {
  2278. case BJ_None:
  2279. J_ASSERT_JH(jh, !jh->b_committed_data);
  2280. J_ASSERT_JH(jh, !jh->b_frozen_data);
  2281. return;
  2282. case BJ_Metadata:
  2283. transaction->t_nr_buffers++;
  2284. list = &transaction->t_buffers;
  2285. break;
  2286. case BJ_Forget:
  2287. list = &transaction->t_forget;
  2288. break;
  2289. case BJ_Shadow:
  2290. list = &transaction->t_shadow_list;
  2291. break;
  2292. case BJ_Reserved:
  2293. list = &transaction->t_reserved_list;
  2294. break;
  2295. }
  2296. __blist_add_buffer(list, jh);
  2297. jh->b_jlist = jlist;
  2298. if (was_dirty)
  2299. set_buffer_jbddirty(bh);
  2300. }
  2301. void jbd2_journal_file_buffer(struct journal_head *jh,
  2302. transaction_t *transaction, int jlist)
  2303. {
  2304. spin_lock(&jh->b_state_lock);
  2305. spin_lock(&transaction->t_journal->j_list_lock);
  2306. __jbd2_journal_file_buffer(jh, transaction, jlist);
  2307. spin_unlock(&transaction->t_journal->j_list_lock);
  2308. spin_unlock(&jh->b_state_lock);
  2309. }
  2310. /*
  2311. * Remove a buffer from its current buffer list in preparation for
  2312. * dropping it from its current transaction entirely. If the buffer has
  2313. * already started to be used by a subsequent transaction, refile the
  2314. * buffer on that transaction's metadata list.
  2315. *
  2316. * Called under j_list_lock
  2317. * Called under jh->b_state_lock
  2318. *
  2319. * When this function returns true, there's no next transaction to refile to
  2320. * and the caller has to drop jh reference through
  2321. * jbd2_journal_put_journal_head().
  2322. */
  2323. bool __jbd2_journal_refile_buffer(struct journal_head *jh)
  2324. {
  2325. int was_dirty, jlist;
  2326. struct buffer_head *bh = jh2bh(jh);
  2327. lockdep_assert_held(&jh->b_state_lock);
  2328. if (jh->b_transaction)
  2329. assert_spin_locked(&jh->b_transaction->t_journal->j_list_lock);
  2330. /* If the buffer is now unused, just drop it. */
  2331. if (jh->b_next_transaction == NULL) {
  2332. __jbd2_journal_unfile_buffer(jh);
  2333. return true;
  2334. }
  2335. /*
  2336. * It has been modified by a later transaction: add it to the new
  2337. * transaction's metadata list.
  2338. */
  2339. was_dirty = test_clear_buffer_jbddirty(bh);
  2340. __jbd2_journal_temp_unlink_buffer(jh);
  2341. /*
  2342. * b_transaction must be set, otherwise the new b_transaction won't
  2343. * be holding jh reference
  2344. */
  2345. J_ASSERT_JH(jh, jh->b_transaction != NULL);
  2346. /*
  2347. * We set b_transaction here because b_next_transaction will inherit
  2348. * our jh reference and thus __jbd2_journal_file_buffer() must not
  2349. * take a new one.
  2350. */
  2351. WRITE_ONCE(jh->b_transaction, jh->b_next_transaction);
  2352. WRITE_ONCE(jh->b_next_transaction, NULL);
  2353. if (buffer_freed(bh))
  2354. jlist = BJ_Forget;
  2355. else if (jh->b_modified)
  2356. jlist = BJ_Metadata;
  2357. else
  2358. jlist = BJ_Reserved;
  2359. __jbd2_journal_file_buffer(jh, jh->b_transaction, jlist);
  2360. J_ASSERT_JH(jh, jh->b_transaction->t_state == T_RUNNING);
  2361. if (was_dirty)
  2362. set_buffer_jbddirty(bh);
  2363. return false;
  2364. }
  2365. /*
  2366. * __jbd2_journal_refile_buffer() with necessary locking added. We take our
  2367. * bh reference so that we can safely unlock bh.
  2368. *
  2369. * The jh and bh may be freed by this call.
  2370. */
  2371. void jbd2_journal_refile_buffer(journal_t *journal, struct journal_head *jh)
  2372. {
  2373. bool drop;
  2374. spin_lock(&jh->b_state_lock);
  2375. spin_lock(&journal->j_list_lock);
  2376. drop = __jbd2_journal_refile_buffer(jh);
  2377. spin_unlock(&jh->b_state_lock);
  2378. spin_unlock(&journal->j_list_lock);
  2379. if (drop)
  2380. jbd2_journal_put_journal_head(jh);
  2381. }
  2382. /*
  2383. * File inode in the inode list of the handle's transaction
  2384. */
  2385. static int jbd2_journal_file_inode(handle_t *handle, struct jbd2_inode *jinode,
  2386. unsigned long flags, loff_t start_byte, loff_t end_byte)
  2387. {
  2388. transaction_t *transaction = handle->h_transaction;
  2389. journal_t *journal;
  2390. if (is_handle_aborted(handle))
  2391. return -EROFS;
  2392. journal = transaction->t_journal;
  2393. jbd2_debug(4, "Adding inode %lu, tid:%d\n", jinode->i_vfs_inode->i_ino,
  2394. transaction->t_tid);
  2395. spin_lock(&journal->j_list_lock);
  2396. jinode->i_flags |= flags;
  2397. if (jinode->i_dirty_end) {
  2398. jinode->i_dirty_start = min(jinode->i_dirty_start, start_byte);
  2399. jinode->i_dirty_end = max(jinode->i_dirty_end, end_byte);
  2400. } else {
  2401. jinode->i_dirty_start = start_byte;
  2402. jinode->i_dirty_end = end_byte;
  2403. }
  2404. /* Is inode already attached where we need it? */
  2405. if (jinode->i_transaction == transaction ||
  2406. jinode->i_next_transaction == transaction)
  2407. goto done;
  2408. /*
  2409. * We only ever set this variable to 1 so the test is safe. Since
  2410. * t_need_data_flush is likely to be set, we do the test to save some
  2411. * cacheline bouncing
  2412. */
  2413. if (!transaction->t_need_data_flush)
  2414. transaction->t_need_data_flush = 1;
  2415. /* On some different transaction's list - should be
  2416. * the committing one */
  2417. if (jinode->i_transaction) {
  2418. J_ASSERT(jinode->i_next_transaction == NULL);
  2419. J_ASSERT(jinode->i_transaction ==
  2420. journal->j_committing_transaction);
  2421. jinode->i_next_transaction = transaction;
  2422. goto done;
  2423. }
  2424. /* Not on any transaction list... */
  2425. J_ASSERT(!jinode->i_next_transaction);
  2426. jinode->i_transaction = transaction;
  2427. list_add(&jinode->i_list, &transaction->t_inode_list);
  2428. done:
  2429. spin_unlock(&journal->j_list_lock);
  2430. return 0;
  2431. }
  2432. int jbd2_journal_inode_ranged_write(handle_t *handle,
  2433. struct jbd2_inode *jinode, loff_t start_byte, loff_t length)
  2434. {
  2435. return jbd2_journal_file_inode(handle, jinode,
  2436. JI_WRITE_DATA | JI_WAIT_DATA, start_byte,
  2437. start_byte + length - 1);
  2438. }
  2439. int jbd2_journal_inode_ranged_wait(handle_t *handle, struct jbd2_inode *jinode,
  2440. loff_t start_byte, loff_t length)
  2441. {
  2442. return jbd2_journal_file_inode(handle, jinode, JI_WAIT_DATA,
  2443. start_byte, start_byte + length - 1);
  2444. }
  2445. /*
  2446. * File truncate and transaction commit interact with each other in a
  2447. * non-trivial way. If a transaction writing data block A is
  2448. * committing, we cannot discard the data by truncate until we have
  2449. * written them. Otherwise if we crashed after the transaction with
  2450. * write has committed but before the transaction with truncate has
  2451. * committed, we could see stale data in block A. This function is a
  2452. * helper to solve this problem. It starts writeout of the truncated
  2453. * part in case it is in the committing transaction.
  2454. *
  2455. * Filesystem code must call this function when inode is journaled in
  2456. * ordered mode before truncation happens and after the inode has been
  2457. * placed on orphan list with the new inode size. The second condition
  2458. * avoids the race that someone writes new data and we start
  2459. * committing the transaction after this function has been called but
  2460. * before a transaction for truncate is started (and furthermore it
  2461. * allows us to optimize the case where the addition to orphan list
  2462. * happens in the same transaction as write --- we don't have to write
  2463. * any data in such case).
  2464. */
  2465. int jbd2_journal_begin_ordered_truncate(journal_t *journal,
  2466. struct jbd2_inode *jinode,
  2467. loff_t new_size)
  2468. {
  2469. transaction_t *inode_trans, *commit_trans;
  2470. int ret = 0;
  2471. /* This is a quick check to avoid locking if not necessary */
  2472. if (!jinode->i_transaction)
  2473. goto out;
  2474. /* Locks are here just to force reading of recent values, it is
  2475. * enough that the transaction was not committing before we started
  2476. * a transaction adding the inode to orphan list */
  2477. read_lock(&journal->j_state_lock);
  2478. commit_trans = journal->j_committing_transaction;
  2479. read_unlock(&journal->j_state_lock);
  2480. spin_lock(&journal->j_list_lock);
  2481. inode_trans = jinode->i_transaction;
  2482. spin_unlock(&journal->j_list_lock);
  2483. if (inode_trans == commit_trans) {
  2484. ret = filemap_fdatawrite_range(jinode->i_vfs_inode->i_mapping,
  2485. new_size, LLONG_MAX);
  2486. if (ret)
  2487. jbd2_journal_abort(journal, ret);
  2488. }
  2489. out:
  2490. return ret;
  2491. }