Line data Source code
1 : // SPDX-License-Identifier: GPL-2.0+
2 : /*
3 : * linux/fs/jbd2/transaction.c
4 : *
5 : * Written by Stephen C. Tweedie <sct@redhat.com>, 1998
6 : *
7 : * Copyright 1998 Red Hat corp --- All Rights Reserved
8 : *
9 : * Generic filesystem transaction handling code; part of the ext2fs
10 : * journaling system.
11 : *
12 : * This file manages transactions (compound commits managed by the
13 : * journaling code) and handles (individual atomic operations by the
14 : * filesystem).
15 : */
16 :
17 : #include <linux/time.h>
18 : #include <linux/fs.h>
19 : #include <linux/jbd2.h>
20 : #include <linux/errno.h>
21 : #include <linux/slab.h>
22 : #include <linux/timer.h>
23 : #include <linux/mm.h>
24 : #include <linux/highmem.h>
25 : #include <linux/hrtimer.h>
26 : #include <linux/backing-dev.h>
27 : #include <linux/bug.h>
28 : #include <linux/module.h>
29 : #include <linux/sched/mm.h>
30 :
31 : #include <trace/events/jbd2.h>
32 :
33 : static void __jbd2_journal_temp_unlink_buffer(struct journal_head *jh);
34 : static void __jbd2_journal_unfile_buffer(struct journal_head *jh);
35 :
36 : static struct kmem_cache *transaction_cache;
37 12 : int __init jbd2_journal_init_transaction_cache(void)
38 : {
39 12 : J_ASSERT(!transaction_cache);
40 12 : transaction_cache = kmem_cache_create("jbd2_transaction_s",
41 : sizeof(transaction_t),
42 : 0,
43 : SLAB_HWCACHE_ALIGN|SLAB_TEMPORARY,
44 : NULL);
45 12 : if (!transaction_cache) {
46 0 : pr_emerg("JBD2: failed to create transaction cache\n");
47 0 : return -ENOMEM;
48 : }
49 : return 0;
50 : }
51 :
52 0 : void jbd2_journal_destroy_transaction_cache(void)
53 : {
54 0 : kmem_cache_destroy(transaction_cache);
55 0 : transaction_cache = NULL;
56 0 : }
57 :
58 47498187 : void jbd2_journal_free_transaction(transaction_t *transaction)
59 : {
60 47498187 : if (unlikely(ZERO_OR_NULL_PTR(transaction)))
61 : return;
62 204980 : kmem_cache_free(transaction_cache, transaction);
63 : }
64 :
65 : /*
66 : * Base amount of descriptor blocks we reserve for each transaction.
67 : */
68 202469 : static int jbd2_descriptor_blocks_per_trans(journal_t *journal)
69 : {
70 202469 : int tag_space = journal->j_blocksize - sizeof(journal_header_t);
71 202469 : int tags_per_block;
72 :
73 : /* Subtract UUID */
74 202469 : tag_space -= 16;
75 202469 : if (jbd2_journal_has_csum_v2or3(journal))
76 202007 : tag_space -= sizeof(struct jbd2_journal_block_tail);
77 : /* Commit code leaves a slack space of 16 bytes at the end of block */
78 202469 : tags_per_block = (tag_space - 16) / journal_tag_bytes(journal);
79 : /*
80 : * Revoke descriptors are accounted separately so we need to reserve
81 : * space for commit block and normal transaction descriptor blocks.
82 : */
83 202469 : return 1 + DIV_ROUND_UP(journal->j_max_transaction_buffers,
84 : tags_per_block);
85 : }
86 :
87 : /*
88 : * jbd2_get_transaction: obtain a new transaction_t object.
89 : *
90 : * Simply initialise a new transaction. Initialize it in
91 : * RUNNING state and add it to the current journal (which should not
92 : * have an existing running transaction: we only make a new transaction
93 : * once we have started to commit the old one).
94 : *
95 : * Preconditions:
96 : * The journal MUST be locked. We don't perform atomic mallocs on the
97 : * new transaction and we can't block without protecting against other
98 : * processes trying to touch the journal while it is in transition.
99 : *
100 : */
101 :
102 202469 : static void jbd2_get_transaction(journal_t *journal,
103 : transaction_t *transaction)
104 : {
105 202469 : transaction->t_journal = journal;
106 202469 : transaction->t_state = T_RUNNING;
107 202469 : transaction->t_start_time = ktime_get();
108 202469 : transaction->t_tid = journal->j_transaction_sequence++;
109 202469 : transaction->t_expires = jiffies + journal->j_commit_interval;
110 202469 : atomic_set(&transaction->t_updates, 0);
111 202469 : atomic_set(&transaction->t_outstanding_credits,
112 202469 : jbd2_descriptor_blocks_per_trans(journal) +
113 : atomic_read(&journal->j_reserved_credits));
114 202469 : atomic_set(&transaction->t_outstanding_revokes, 0);
115 202469 : atomic_set(&transaction->t_handle_count, 0);
116 202469 : INIT_LIST_HEAD(&transaction->t_inode_list);
117 202469 : INIT_LIST_HEAD(&transaction->t_private_list);
118 :
119 : /* Set up the commit timer for the new transaction. */
120 202469 : journal->j_commit_timer.expires = round_jiffies_up(transaction->t_expires);
121 202469 : add_timer(&journal->j_commit_timer);
122 :
123 202469 : J_ASSERT(journal->j_running_transaction == NULL);
124 202469 : journal->j_running_transaction = transaction;
125 202469 : transaction->t_max_wait = 0;
126 202469 : transaction->t_start = jiffies;
127 202469 : transaction->t_requested = 0;
128 202469 : }
129 :
130 : /*
131 : * Handle management.
132 : *
133 : * A handle_t is an object which represents a single atomic update to a
134 : * filesystem, and which tracks all of the modifications which form part
135 : * of that one update.
136 : */
137 :
138 : /*
139 : * Update transaction's maximum wait time, if debugging is enabled.
140 : *
141 : * t_max_wait is carefully updated here with use of atomic compare exchange.
142 : * Note that there could be multiplre threads trying to do this simultaneously
143 : * hence using cmpxchg to avoid any use of locks in this case.
144 : * With this t_max_wait can be updated w/o enabling jbd2_journal_enable_debug.
145 : */
146 47424554 : static inline void update_t_max_wait(transaction_t *transaction,
147 : unsigned long ts)
148 : {
149 47424554 : unsigned long oldts, newts;
150 :
151 47424554 : if (time_after(transaction->t_start, ts)) {
152 124012 : newts = jbd2_time_diff(ts, transaction->t_start);
153 124012 : oldts = READ_ONCE(transaction->t_max_wait);
154 137193 : while (oldts < newts)
155 13181 : oldts = cmpxchg(&transaction->t_max_wait, oldts, newts);
156 : }
157 47424554 : }
158 :
159 : /*
160 : * Wait until running transaction passes to T_FLUSH state and new transaction
161 : * can thus be started. Also starts the commit if needed. The function expects
162 : * running transaction to exist and releases j_state_lock.
163 : */
164 126295 : static void wait_transaction_locked(journal_t *journal)
165 : __releases(journal->j_state_lock)
166 : {
167 126295 : DEFINE_WAIT(wait);
168 126295 : int need_to_start;
169 126295 : tid_t tid = journal->j_running_transaction->t_tid;
170 :
171 126295 : prepare_to_wait_exclusive(&journal->j_wait_transaction_locked, &wait,
172 : TASK_UNINTERRUPTIBLE);
173 127507 : need_to_start = !tid_geq(journal->j_commit_request, tid);
174 127507 : read_unlock(&journal->j_state_lock);
175 127484 : if (need_to_start)
176 592 : jbd2_log_start_commit(journal, tid);
177 127484 : jbd2_might_wait_for_commit(journal);
178 127484 : schedule();
179 126962 : finish_wait(&journal->j_wait_transaction_locked, &wait);
180 126337 : }
181 :
182 : /*
183 : * Wait until running transaction transitions from T_SWITCH to T_FLUSH
184 : * state and new transaction can thus be started. The function releases
185 : * j_state_lock.
186 : */
187 89 : static void wait_transaction_switching(journal_t *journal)
188 : __releases(journal->j_state_lock)
189 : {
190 89 : DEFINE_WAIT(wait);
191 :
192 178 : if (WARN_ON(!journal->j_running_transaction ||
193 : journal->j_running_transaction->t_state != T_SWITCH)) {
194 0 : read_unlock(&journal->j_state_lock);
195 0 : return;
196 : }
197 89 : prepare_to_wait_exclusive(&journal->j_wait_transaction_locked, &wait,
198 : TASK_UNINTERRUPTIBLE);
199 89 : read_unlock(&journal->j_state_lock);
200 : /*
201 : * We don't call jbd2_might_wait_for_commit() here as there's no
202 : * waiting for outstanding handles happening anymore in T_SWITCH state
203 : * and handling of reserved handles actually relies on that for
204 : * correctness.
205 : */
206 89 : schedule();
207 89 : finish_wait(&journal->j_wait_transaction_locked, &wait);
208 : }
209 :
210 1175021 : static void sub_reserved_credits(journal_t *journal, int blocks)
211 : {
212 1175021 : atomic_sub(blocks, &journal->j_reserved_credits);
213 1175019 : wake_up(&journal->j_wait_reserved);
214 1175088 : }
215 :
216 : /*
217 : * Wait until we can add credits for handle to the running transaction. Called
218 : * with j_state_lock held for reading. Returns 0 if handle joined the running
219 : * transaction. Returns 1 if we had to wait, j_state_lock is dropped, and
220 : * caller must retry.
221 : *
222 : * Note: because j_state_lock may be dropped depending on the return
223 : * value, we need to fake out sparse so ti doesn't complain about a
224 : * locking imbalance. Callers of add_transaction_credits will need to
225 : * make a similar accomodation.
226 : */
227 46519610 : static int add_transaction_credits(journal_t *journal, int blocks,
228 : int rsv_blocks)
229 : __must_hold(&journal->j_state_lock)
230 : {
231 46519610 : transaction_t *t = journal->j_running_transaction;
232 46519610 : int needed;
233 46519610 : int total = blocks + rsv_blocks;
234 :
235 : /*
236 : * If the current transaction is locked down for commit, wait
237 : * for the lock to be released.
238 : */
239 46519610 : if (t->t_state != T_RUNNING) {
240 63554 : WARN_ON_ONCE(t->t_state >= T_FLUSH);
241 63554 : wait_transaction_locked(journal);
242 63554 : __acquire(&journal->j_state_lock); /* fake out sparse */
243 63554 : return 1;
244 : }
245 :
246 : /*
247 : * If there is not enough space left in the log to write all
248 : * potential buffers requested by this operation, we need to
249 : * stall pending a log checkpoint to free some more log space.
250 : */
251 46456056 : needed = atomic_add_return(total, &t->t_outstanding_credits);
252 46540381 : if (needed > journal->j_max_transaction_buffers) {
253 : /*
254 : * If the current transaction is already too large,
255 : * then start to commit it: we can then go back and
256 : * attach this handle to a new transaction.
257 : */
258 62802 : atomic_sub(total, &t->t_outstanding_credits);
259 :
260 : /*
261 : * Is the number of reserved credits in the current transaction too
262 : * big to fit this handle? Wait until reserved credits are freed.
263 : */
264 62934 : if (atomic_read(&journal->j_reserved_credits) + total >
265 62934 : journal->j_max_transaction_buffers) {
266 0 : read_unlock(&journal->j_state_lock);
267 0 : jbd2_might_wait_for_commit(journal);
268 0 : wait_event(journal->j_wait_reserved,
269 : atomic_read(&journal->j_reserved_credits) + total <=
270 : journal->j_max_transaction_buffers);
271 0 : __acquire(&journal->j_state_lock); /* fake out sparse */
272 0 : return 1;
273 : }
274 :
275 62934 : wait_transaction_locked(journal);
276 62934 : __acquire(&journal->j_state_lock); /* fake out sparse */
277 62934 : return 1;
278 : }
279 :
280 : /*
281 : * The commit code assumes that it can get enough log space
282 : * without forcing a checkpoint. This is *critical* for
283 : * correctness: a checkpoint of a buffer which is also
284 : * associated with a committing transaction creates a deadlock,
285 : * so commit simply cannot force through checkpoints.
286 : *
287 : * We must therefore ensure the necessary space in the journal
288 : * *before* starting to dirty potentially checkpointed buffers
289 : * in the new transaction.
290 : */
291 48430344 : if (jbd2_log_space_left(journal) < journal->j_max_transaction_buffers) {
292 156031 : atomic_sub(total, &t->t_outstanding_credits);
293 156293 : read_unlock(&journal->j_state_lock);
294 156182 : jbd2_might_wait_for_commit(journal);
295 156182 : write_lock(&journal->j_state_lock);
296 157210 : if (jbd2_log_space_left(journal) <
297 157210 : journal->j_max_transaction_buffers)
298 157204 : __jbd2_log_wait_for_space(journal);
299 157210 : write_unlock(&journal->j_state_lock);
300 157210 : __acquire(&journal->j_state_lock); /* fake out sparse */
301 157210 : return 1;
302 : }
303 :
304 : /* No reservation? We are done... */
305 46321548 : if (!rsv_blocks)
306 : return 0;
307 :
308 1174890 : needed = atomic_add_return(rsv_blocks, &journal->j_reserved_credits);
309 : /* We allow at most half of a transaction to be reserved */
310 1174959 : if (needed > journal->j_max_transaction_buffers / 2) {
311 38406 : sub_reserved_credits(journal, rsv_blocks);
312 38344 : atomic_sub(total, &t->t_outstanding_credits);
313 38368 : read_unlock(&journal->j_state_lock);
314 38434 : jbd2_might_wait_for_commit(journal);
315 2880216 : wait_event(journal->j_wait_reserved,
316 : atomic_read(&journal->j_reserved_credits) + rsv_blocks
317 : <= journal->j_max_transaction_buffers / 2);
318 38390 : __acquire(&journal->j_state_lock); /* fake out sparse */
319 38390 : return 1;
320 : }
321 : return 0;
322 : }
323 :
324 : /*
325 : * start_this_handle: Given a handle, deal with any locking or stalling
326 : * needed to make sure that there is enough journal space for the handle
327 : * to begin. Attach the handle to a transaction and set up the
328 : * transaction's buffer credits.
329 : */
330 :
331 47379767 : static int start_this_handle(journal_t *journal, handle_t *handle,
332 : gfp_t gfp_mask)
333 : {
334 47379767 : transaction_t *transaction, *new_transaction = NULL;
335 47379767 : int blocks = handle->h_total_credits;
336 47379767 : int rsv_blocks = 0;
337 47379767 : unsigned long ts = jiffies;
338 :
339 47379767 : if (handle->h_rsv_handle)
340 1136681 : rsv_blocks = handle->h_rsv_handle->h_total_credits;
341 :
342 : /*
343 : * Limit the number of reserved credits to 1/2 of maximum transaction
344 : * size and limit the number of total credits to not exceed maximum
345 : * transaction size per operation.
346 : */
347 47379767 : if ((rsv_blocks > journal->j_max_transaction_buffers / 2) ||
348 47379767 : (rsv_blocks + blocks > journal->j_max_transaction_buffers)) {
349 0 : printk(KERN_ERR "JBD2: %s wants too many credits "
350 : "credits:%d rsv_credits:%d max:%d\n",
351 : current->comm, blocks, rsv_blocks,
352 : journal->j_max_transaction_buffers);
353 0 : WARN_ON(1);
354 0 : return -ENOSPC;
355 : }
356 :
357 47379767 : alloc_transaction:
358 : /*
359 : * This check is racy but it is just an optimization of allocating new
360 : * transaction early if there are high chances we'll need it. If we
361 : * guess wrong, we'll retry or free unused transaction.
362 : */
363 47386513 : if (!data_race(journal->j_running_transaction)) {
364 : /*
365 : * If __GFP_FS is not present, then we may be being called from
366 : * inside the fs writeback layer, so we MUST NOT fail.
367 : */
368 204818 : if ((gfp_mask & __GFP_FS) == 0)
369 204815 : gfp_mask |= __GFP_NOFAIL;
370 204818 : new_transaction = kmem_cache_zalloc(transaction_cache,
371 : gfp_mask);
372 204785 : if (!new_transaction)
373 : return -ENOMEM;
374 : }
375 :
376 47386480 : jbd2_debug(3, "New handle %p going live.\n", handle);
377 :
378 : /*
379 : * We need to hold j_state_lock until t_updates has been incremented,
380 : * for proper journal barrier handling
381 : */
382 : repeat:
383 47912281 : read_lock(&journal->j_state_lock);
384 47840846 : BUG_ON(journal->j_flags & JBD2_UNMOUNT);
385 47840846 : if (is_journal_aborted(journal) ||
386 47840846 : (journal->j_errno != 0 && !(journal->j_flags & JBD2_ACK_ERR))) {
387 0 : read_unlock(&journal->j_state_lock);
388 0 : jbd2_journal_free_transaction(new_transaction);
389 0 : return -EROFS;
390 : }
391 :
392 : /*
393 : * Wait on the journal's transaction barrier if necessary. Specifically
394 : * we allow reserved handles to proceed because otherwise commit could
395 : * deadlock on page writeback not being able to complete.
396 : */
397 47840846 : if (!handle->h_reserved && journal->j_barrier_count) {
398 1 : read_unlock(&journal->j_state_lock);
399 2 : wait_event(journal->j_wait_transaction_locked,
400 : journal->j_barrier_count == 0);
401 1 : goto repeat;
402 : }
403 :
404 47840845 : if (!journal->j_running_transaction) {
405 209789 : read_unlock(&journal->j_state_lock);
406 209921 : if (!new_transaction)
407 6746 : goto alloc_transaction;
408 203175 : write_lock(&journal->j_state_lock);
409 203258 : if (!journal->j_running_transaction &&
410 202469 : (handle->h_reserved || !journal->j_barrier_count)) {
411 202469 : jbd2_get_transaction(journal, new_transaction);
412 202469 : new_transaction = NULL;
413 : }
414 203258 : write_unlock(&journal->j_state_lock);
415 203258 : goto repeat;
416 : }
417 :
418 47631056 : transaction = journal->j_running_transaction;
419 :
420 47631056 : if (!handle->h_reserved) {
421 : /* We may have dropped j_state_lock - restart in that case */
422 46534282 : if (add_transaction_credits(journal, blocks, rsv_blocks)) {
423 : /*
424 : * add_transaction_credits releases
425 : * j_state_lock on a non-zero return
426 : */
427 322453 : __release(&journal->j_state_lock);
428 322453 : goto repeat;
429 : }
430 : } else {
431 : /*
432 : * We have handle reserved so we are allowed to join T_LOCKED
433 : * transaction and we don't have to check for transaction size
434 : * and journal space. But we still have to wait while running
435 : * transaction is being switched to a committing one as it
436 : * won't wait for any handles anymore.
437 : */
438 1096774 : if (transaction->t_state == T_SWITCH) {
439 89 : wait_transaction_switching(journal);
440 89 : goto repeat;
441 : }
442 1096685 : sub_reserved_credits(journal, blocks);
443 1096685 : handle->h_reserved = 0;
444 : }
445 :
446 : /* OK, account for the buffers that this operation expects to
447 : * use and add the handle to the running transaction.
448 : */
449 47414505 : update_t_max_wait(transaction, ts);
450 47418111 : handle->h_transaction = transaction;
451 47418111 : handle->h_requested_credits = blocks;
452 47418111 : handle->h_revoke_credits_requested = handle->h_revoke_credits;
453 47418111 : handle->h_start_jiffies = jiffies;
454 47418111 : atomic_inc(&transaction->t_updates);
455 47444067 : atomic_inc(&transaction->t_handle_count);
456 47420823 : jbd2_debug(4, "Handle %p given %d credits (total %d, free %lu)\n",
457 : handle, blocks,
458 : atomic_read(&transaction->t_outstanding_credits),
459 : jbd2_log_space_left(journal));
460 47420823 : read_unlock(&journal->j_state_lock);
461 47341049 : current->journal_info = handle;
462 :
463 47341049 : rwsem_acquire_read(&journal->j_trans_commit_map, 0, 0, _THIS_IP_);
464 47341049 : jbd2_journal_free_transaction(new_transaction);
465 : /*
466 : * Ensure that no allocations done while the transaction is open are
467 : * going to recurse back to the fs layer.
468 : */
469 47299209 : handle->saved_alloc_context = memalloc_nofs_save();
470 47299209 : return 0;
471 : }
472 :
473 : /* Allocate a new handle. This should probably be in a slab... */
474 47338959 : static handle_t *new_handle(int nblocks)
475 : {
476 47338959 : handle_t *handle = jbd2_alloc_handle(GFP_NOFS);
477 47389175 : if (!handle)
478 : return NULL;
479 47389175 : handle->h_total_credits = nblocks;
480 47389175 : handle->h_ref = 1;
481 :
482 47389175 : return handle;
483 : }
484 :
485 54808425 : handle_t *jbd2__journal_start(journal_t *journal, int nblocks, int rsv_blocks,
486 : int revoke_records, gfp_t gfp_mask,
487 : unsigned int type, unsigned int line_no)
488 : {
489 54808425 : handle_t *handle = journal_current_handle();
490 54808425 : int err;
491 :
492 54808425 : if (!journal)
493 : return ERR_PTR(-EROFS);
494 :
495 54808425 : if (handle) {
496 8563920 : J_ASSERT(handle->h_transaction->t_journal == journal);
497 8563920 : handle->h_ref++;
498 8563920 : return handle;
499 : }
500 :
501 46244505 : nblocks += DIV_ROUND_UP(revoke_records,
502 : journal->j_revoke_records_per_block);
503 46244505 : handle = new_handle(nblocks);
504 46248237 : if (!handle)
505 : return ERR_PTR(-ENOMEM);
506 46248237 : if (rsv_blocks) {
507 1136685 : handle_t *rsv_handle;
508 :
509 1136685 : rsv_handle = new_handle(rsv_blocks);
510 1136675 : if (!rsv_handle) {
511 0 : jbd2_free_handle(handle);
512 0 : return ERR_PTR(-ENOMEM);
513 : }
514 1136675 : rsv_handle->h_reserved = 1;
515 1136675 : rsv_handle->h_journal = journal;
516 1136675 : handle->h_rsv_handle = rsv_handle;
517 : }
518 46248227 : handle->h_revoke_credits = revoke_records;
519 :
520 46248227 : err = start_this_handle(journal, handle, gfp_mask);
521 46226363 : if (err < 0) {
522 0 : if (handle->h_rsv_handle)
523 0 : jbd2_free_handle(handle->h_rsv_handle);
524 0 : jbd2_free_handle(handle);
525 0 : return ERR_PTR(err);
526 : }
527 46226363 : handle->h_type = type;
528 46226363 : handle->h_line_no = line_no;
529 46226363 : trace_jbd2_handle_start(journal->j_fs_dev->bd_dev,
530 46226363 : handle->h_transaction->t_tid, type,
531 : line_no, nblocks);
532 :
533 46226363 : return handle;
534 : }
535 : EXPORT_SYMBOL(jbd2__journal_start);
536 :
537 :
538 : /**
539 : * jbd2_journal_start() - Obtain a new handle.
540 : * @journal: Journal to start transaction on.
541 : * @nblocks: number of block buffer we might modify
542 : *
543 : * We make sure that the transaction can guarantee at least nblocks of
544 : * modified buffers in the log. We block until the log can guarantee
545 : * that much space. Additionally, if rsv_blocks > 0, we also create another
546 : * handle with rsv_blocks reserved blocks in the journal. This handle is
547 : * stored in h_rsv_handle. It is not attached to any particular transaction
548 : * and thus doesn't block transaction commit. If the caller uses this reserved
549 : * handle, it has to set h_rsv_handle to NULL as otherwise jbd2_journal_stop()
550 : * on the parent handle will dispose the reserved one. Reserved handle has to
551 : * be converted to a normal handle using jbd2_journal_start_reserved() before
552 : * it can be used.
553 : *
554 : * Return a pointer to a newly allocated handle, or an ERR_PTR() value
555 : * on failure.
556 : */
557 417 : handle_t *jbd2_journal_start(journal_t *journal, int nblocks)
558 : {
559 417 : return jbd2__journal_start(journal, nblocks, 0, 0, GFP_NOFS, 0, 0);
560 : }
561 : EXPORT_SYMBOL(jbd2_journal_start);
562 :
563 40014 : static void __jbd2_journal_unreserve_handle(handle_t *handle, transaction_t *t)
564 : {
565 40014 : journal_t *journal = handle->h_journal;
566 :
567 40014 : WARN_ON(!handle->h_reserved);
568 40014 : sub_reserved_credits(journal, handle->h_total_credits);
569 40014 : if (t)
570 40014 : atomic_sub(handle->h_total_credits, &t->t_outstanding_credits);
571 40014 : }
572 :
573 0 : void jbd2_journal_free_reserved(handle_t *handle)
574 : {
575 0 : journal_t *journal = handle->h_journal;
576 :
577 : /* Get j_state_lock to pin running transaction if it exists */
578 0 : read_lock(&journal->j_state_lock);
579 0 : __jbd2_journal_unreserve_handle(handle, journal->j_running_transaction);
580 0 : read_unlock(&journal->j_state_lock);
581 0 : jbd2_free_handle(handle);
582 0 : }
583 : EXPORT_SYMBOL(jbd2_journal_free_reserved);
584 :
585 : /**
586 : * jbd2_journal_start_reserved() - start reserved handle
587 : * @handle: handle to start
588 : * @type: for handle statistics
589 : * @line_no: for handle statistics
590 : *
591 : * Start handle that has been previously reserved with jbd2_journal_reserve().
592 : * This attaches @handle to the running transaction (or creates one if there's
593 : * not transaction running). Unlike jbd2_journal_start() this function cannot
594 : * block on journal commit, checkpointing, or similar stuff. It can block on
595 : * memory allocation or frozen journal though.
596 : *
597 : * Return 0 on success, non-zero on error - handle is freed in that case.
598 : */
599 1096685 : int jbd2_journal_start_reserved(handle_t *handle, unsigned int type,
600 : unsigned int line_no)
601 : {
602 1096685 : journal_t *journal = handle->h_journal;
603 1096685 : int ret = -EIO;
604 :
605 1096685 : if (WARN_ON(!handle->h_reserved)) {
606 : /* Someone passed in normal handle? Just stop it. */
607 0 : jbd2_journal_stop(handle);
608 0 : return ret;
609 : }
610 : /*
611 : * Usefulness of mixing of reserved and unreserved handles is
612 : * questionable. So far nobody seems to need it so just error out.
613 : */
614 1096685 : if (WARN_ON(current->journal_info)) {
615 0 : jbd2_journal_free_reserved(handle);
616 0 : return ret;
617 : }
618 :
619 1096685 : handle->h_journal = NULL;
620 : /*
621 : * GFP_NOFS is here because callers are likely from writeback or
622 : * similarly constrained call sites
623 : */
624 1096685 : ret = start_this_handle(journal, handle, GFP_NOFS);
625 1096685 : if (ret < 0) {
626 0 : handle->h_journal = journal;
627 0 : jbd2_journal_free_reserved(handle);
628 0 : return ret;
629 : }
630 1096685 : handle->h_type = type;
631 1096685 : handle->h_line_no = line_no;
632 1096685 : trace_jbd2_handle_start(journal->j_fs_dev->bd_dev,
633 1096685 : handle->h_transaction->t_tid, type,
634 : line_no, handle->h_total_credits);
635 1096685 : return 0;
636 : }
637 : EXPORT_SYMBOL(jbd2_journal_start_reserved);
638 :
639 : /**
640 : * jbd2_journal_extend() - extend buffer credits.
641 : * @handle: handle to 'extend'
642 : * @nblocks: nr blocks to try to extend by.
643 : * @revoke_records: number of revoke records to try to extend by.
644 : *
645 : * Some transactions, such as large extends and truncates, can be done
646 : * atomically all at once or in several stages. The operation requests
647 : * a credit for a number of buffer modifications in advance, but can
648 : * extend its credit if it needs more.
649 : *
650 : * jbd2_journal_extend tries to give the running handle more buffer credits.
651 : * It does not guarantee that allocation - this is a best-effort only.
652 : * The calling process MUST be able to deal cleanly with a failure to
653 : * extend here.
654 : *
655 : * Return 0 on success, non-zero on failure.
656 : *
657 : * return code < 0 implies an error
658 : * return code > 0 implies normal transaction-full status.
659 : */
660 58529 : int jbd2_journal_extend(handle_t *handle, int nblocks, int revoke_records)
661 : {
662 58529 : transaction_t *transaction = handle->h_transaction;
663 58529 : journal_t *journal;
664 58529 : int result;
665 58529 : int wanted;
666 :
667 117058 : if (is_handle_aborted(handle))
668 : return -EROFS;
669 58529 : journal = transaction->t_journal;
670 :
671 58529 : result = 1;
672 :
673 58529 : read_lock(&journal->j_state_lock);
674 :
675 : /* Don't extend a locked-down transaction! */
676 58529 : if (transaction->t_state != T_RUNNING) {
677 120 : jbd2_debug(3, "denied handle %p %d blocks: "
678 : "transaction not running\n", handle, nblocks);
679 120 : goto error_out;
680 : }
681 :
682 58409 : nblocks += DIV_ROUND_UP(
683 : handle->h_revoke_credits_requested + revoke_records,
684 58409 : journal->j_revoke_records_per_block) -
685 58409 : DIV_ROUND_UP(
686 : handle->h_revoke_credits_requested,
687 : journal->j_revoke_records_per_block);
688 58409 : wanted = atomic_add_return(nblocks,
689 : &transaction->t_outstanding_credits);
690 :
691 58409 : if (wanted > journal->j_max_transaction_buffers) {
692 5 : jbd2_debug(3, "denied handle %p %d blocks: "
693 : "transaction too large\n", handle, nblocks);
694 5 : atomic_sub(nblocks, &transaction->t_outstanding_credits);
695 5 : goto error_out;
696 : }
697 :
698 58404 : trace_jbd2_handle_extend(journal->j_fs_dev->bd_dev,
699 : transaction->t_tid,
700 58404 : handle->h_type, handle->h_line_no,
701 : handle->h_total_credits,
702 : nblocks);
703 :
704 58404 : handle->h_total_credits += nblocks;
705 58404 : handle->h_requested_credits += nblocks;
706 58404 : handle->h_revoke_credits += revoke_records;
707 58404 : handle->h_revoke_credits_requested += revoke_records;
708 58404 : result = 0;
709 :
710 58404 : jbd2_debug(3, "extended handle %p by %d\n", handle, nblocks);
711 58529 : error_out:
712 58529 : read_unlock(&journal->j_state_lock);
713 58529 : return result;
714 : }
715 :
716 47414371 : static void stop_this_handle(handle_t *handle)
717 : {
718 47414371 : transaction_t *transaction = handle->h_transaction;
719 47414371 : journal_t *journal = transaction->t_journal;
720 47414371 : int revokes;
721 :
722 47414371 : J_ASSERT(journal_current_handle() == handle);
723 47414371 : J_ASSERT(atomic_read(&transaction->t_updates) > 0);
724 47414371 : current->journal_info = NULL;
725 : /*
726 : * Subtract necessary revoke descriptor blocks from handle credits. We
727 : * take care to account only for revoke descriptor blocks the
728 : * transaction will really need as large sequences of transactions with
729 : * small numbers of revokes are relatively common.
730 : */
731 47414371 : revokes = handle->h_revoke_credits_requested - handle->h_revoke_credits;
732 47414371 : if (revokes) {
733 262414 : int t_revokes, revoke_descriptors;
734 262414 : int rr_per_blk = journal->j_revoke_records_per_block;
735 :
736 262414 : WARN_ON_ONCE(DIV_ROUND_UP(revokes, rr_per_blk)
737 : > handle->h_total_credits);
738 262414 : t_revokes = atomic_add_return(revokes,
739 : &transaction->t_outstanding_revokes);
740 262420 : revoke_descriptors =
741 262420 : DIV_ROUND_UP(t_revokes, rr_per_blk) -
742 262420 : DIV_ROUND_UP(t_revokes - revokes, rr_per_blk);
743 262420 : handle->h_total_credits -= revoke_descriptors;
744 : }
745 47414377 : atomic_sub(handle->h_total_credits,
746 : &transaction->t_outstanding_credits);
747 47439784 : if (handle->h_rsv_handle)
748 40014 : __jbd2_journal_unreserve_handle(handle->h_rsv_handle,
749 : transaction);
750 47439784 : if (atomic_dec_and_test(&transaction->t_updates))
751 34948952 : wake_up(&journal->j_wait_updates);
752 :
753 47453228 : rwsem_release(&journal->j_trans_commit_map, _THIS_IP_);
754 : /*
755 : * Scope of the GFP_NOFS context is over here and so we can restore the
756 : * original alloc context.
757 : */
758 47453228 : memalloc_nofs_restore(handle->saved_alloc_context);
759 47453228 : }
760 :
761 : /**
762 : * jbd2__journal_restart() - restart a handle .
763 : * @handle: handle to restart
764 : * @nblocks: nr credits requested
765 : * @revoke_records: number of revoke record credits requested
766 : * @gfp_mask: memory allocation flags (for start_this_handle)
767 : *
768 : * Restart a handle for a multi-transaction filesystem
769 : * operation.
770 : *
771 : * If the jbd2_journal_extend() call above fails to grant new buffer credits
772 : * to a running handle, a call to jbd2_journal_restart will commit the
773 : * handle's transaction so far and reattach the handle to a new
774 : * transaction capable of guaranteeing the requested number of
775 : * credits. We preserve reserved handle if there's any attached to the
776 : * passed in handle.
777 : */
778 68 : int jbd2__journal_restart(handle_t *handle, int nblocks, int revoke_records,
779 : gfp_t gfp_mask)
780 : {
781 68 : transaction_t *transaction = handle->h_transaction;
782 68 : journal_t *journal;
783 68 : tid_t tid;
784 68 : int need_to_start;
785 68 : int ret;
786 :
787 : /* If we've had an abort of any type, don't even think about
788 : * actually doing the restart! */
789 136 : if (is_handle_aborted(handle))
790 : return 0;
791 68 : journal = transaction->t_journal;
792 68 : tid = transaction->t_tid;
793 :
794 : /*
795 : * First unlink the handle from its current transaction, and start the
796 : * commit on that.
797 : */
798 68 : jbd2_debug(2, "restarting handle %p\n", handle);
799 68 : stop_this_handle(handle);
800 68 : handle->h_transaction = NULL;
801 :
802 : /*
803 : * TODO: If we use READ_ONCE / WRITE_ONCE for j_commit_request we can
804 : * get rid of pointless j_state_lock traffic like this.
805 : */
806 68 : read_lock(&journal->j_state_lock);
807 68 : need_to_start = !tid_geq(journal->j_commit_request, tid);
808 68 : read_unlock(&journal->j_state_lock);
809 68 : if (need_to_start)
810 0 : jbd2_log_start_commit(journal, tid);
811 68 : handle->h_total_credits = nblocks +
812 68 : DIV_ROUND_UP(revoke_records,
813 : journal->j_revoke_records_per_block);
814 68 : handle->h_revoke_credits = revoke_records;
815 68 : ret = start_this_handle(journal, handle, gfp_mask);
816 204 : trace_jbd2_handle_restart(journal->j_fs_dev->bd_dev,
817 68 : ret ? 0 : handle->h_transaction->t_tid,
818 68 : handle->h_type, handle->h_line_no,
819 : handle->h_total_credits);
820 68 : return ret;
821 : }
822 : EXPORT_SYMBOL(jbd2__journal_restart);
823 :
824 :
825 0 : int jbd2_journal_restart(handle_t *handle, int nblocks)
826 : {
827 0 : return jbd2__journal_restart(handle, nblocks, 0, GFP_NOFS);
828 : }
829 : EXPORT_SYMBOL(jbd2_journal_restart);
830 :
831 : /*
832 : * Waits for any outstanding t_updates to finish.
833 : * This is called with write j_state_lock held.
834 : */
835 202936 : void jbd2_journal_wait_updates(journal_t *journal)
836 : {
837 202936 : DEFINE_WAIT(wait);
838 :
839 6188 : while (1) {
840 : /*
841 : * Note that the running transaction can get freed under us if
842 : * this transaction is getting committed in
843 : * jbd2_journal_commit_transaction() ->
844 : * jbd2_journal_free_transaction(). This can only happen when we
845 : * release j_state_lock -> schedule() -> acquire j_state_lock.
846 : * Hence we should everytime retrieve new j_running_transaction
847 : * value (after j_state_lock release acquire cycle), else it may
848 : * lead to use-after-free of old freed transaction.
849 : */
850 209124 : transaction_t *transaction = journal->j_running_transaction;
851 :
852 209124 : if (!transaction)
853 : break;
854 :
855 208721 : prepare_to_wait(&journal->j_wait_updates, &wait,
856 : TASK_UNINTERRUPTIBLE);
857 208724 : if (!atomic_read(&transaction->t_updates)) {
858 202536 : finish_wait(&journal->j_wait_updates, &wait);
859 202536 : break;
860 : }
861 6188 : write_unlock(&journal->j_state_lock);
862 6188 : schedule();
863 6188 : finish_wait(&journal->j_wait_updates, &wait);
864 6188 : write_lock(&journal->j_state_lock);
865 : }
866 202937 : }
867 :
868 : /**
869 : * jbd2_journal_lock_updates () - establish a transaction barrier.
870 : * @journal: Journal to establish a barrier on.
871 : *
872 : * This locks out any further updates from being started, and blocks
873 : * until all existing updates have completed, returning only once the
874 : * journal is in a quiescent state with no updates running.
875 : *
876 : * The journal lock should not be held on entry.
877 : */
878 470 : void jbd2_journal_lock_updates(journal_t *journal)
879 : {
880 470 : jbd2_might_wait_for_commit(journal);
881 :
882 470 : write_lock(&journal->j_state_lock);
883 470 : ++journal->j_barrier_count;
884 :
885 : /* Wait until there are no reserved handles */
886 470 : if (atomic_read(&journal->j_reserved_credits)) {
887 2 : write_unlock(&journal->j_state_lock);
888 21 : wait_event(journal->j_wait_reserved,
889 : atomic_read(&journal->j_reserved_credits) == 0);
890 2 : write_lock(&journal->j_state_lock);
891 : }
892 :
893 : /* Wait until there are no running t_updates */
894 470 : jbd2_journal_wait_updates(journal);
895 :
896 470 : write_unlock(&journal->j_state_lock);
897 :
898 : /*
899 : * We have now established a barrier against other normal updates, but
900 : * we also need to barrier against other jbd2_journal_lock_updates() calls
901 : * to make sure that we serialise special journal-locked operations
902 : * too.
903 : */
904 470 : mutex_lock(&journal->j_barrier);
905 470 : }
906 :
907 : /**
908 : * jbd2_journal_unlock_updates () - release barrier
909 : * @journal: Journal to release the barrier on.
910 : *
911 : * Release a transaction barrier obtained with jbd2_journal_lock_updates().
912 : *
913 : * Should be called without the journal lock held.
914 : */
915 470 : void jbd2_journal_unlock_updates (journal_t *journal)
916 : {
917 470 : J_ASSERT(journal->j_barrier_count != 0);
918 :
919 470 : mutex_unlock(&journal->j_barrier);
920 470 : write_lock(&journal->j_state_lock);
921 470 : --journal->j_barrier_count;
922 470 : write_unlock(&journal->j_state_lock);
923 470 : wake_up_all(&journal->j_wait_transaction_locked);
924 470 : }
925 :
926 : static void warn_dirty_buffer(struct buffer_head *bh)
927 : {
928 0 : printk(KERN_WARNING
929 : "JBD2: Spotted dirty metadata buffer (dev = %pg, blocknr = %llu). "
930 : "There's a risk of filesystem corruption in case of system "
931 : "crash.\n",
932 : bh->b_bdev, (unsigned long long)bh->b_blocknr);
933 0 : }
934 :
935 : /* Call t_frozen trigger and copy buffer data into jh->b_frozen_data. */
936 21851 : static void jbd2_freeze_jh_data(struct journal_head *jh)
937 : {
938 21851 : struct page *page;
939 21851 : int offset;
940 21851 : char *source;
941 21851 : struct buffer_head *bh = jh2bh(jh);
942 :
943 43695 : J_EXPECT_JH(jh, buffer_uptodate(bh), "Possible IO failure.\n");
944 21844 : page = bh->b_page;
945 21844 : offset = offset_in_page(bh->b_data);
946 21844 : source = kmap_atomic(page);
947 : /* Fire data frozen trigger just before we copy the data */
948 21824 : jbd2_buffer_frozen_trigger(jh, source + offset, jh->b_triggers);
949 43628 : memcpy(jh->b_frozen_data, source + offset, bh->b_size);
950 21814 : kunmap_atomic(source);
951 :
952 : /*
953 : * Now that the frozen data is saved off, we need to store any matching
954 : * triggers.
955 : */
956 21834 : jh->b_frozen_triggers = jh->b_triggers;
957 21834 : }
958 :
959 : /*
960 : * If the buffer is already part of the current transaction, then there
961 : * is nothing we need to do. If it is already part of a prior
962 : * transaction which we are still committing to disk, then we need to
963 : * make sure that we do not overwrite the old copy: we do copy-out to
964 : * preserve the copy going to disk. We also account the buffer against
965 : * the handle's metadata buffer credits (unless the buffer is already
966 : * part of the transaction, that is).
967 : *
968 : */
969 : static int
970 2993149 : do_get_write_access(handle_t *handle, struct journal_head *jh,
971 : int force_copy)
972 : {
973 2993149 : struct buffer_head *bh;
974 2993149 : transaction_t *transaction = handle->h_transaction;
975 2993149 : journal_t *journal;
976 2993149 : int error;
977 2993149 : char *frozen_buffer = NULL;
978 2993149 : unsigned long start_lock, time_lock;
979 :
980 2993149 : journal = transaction->t_journal;
981 :
982 2993149 : jbd2_debug(5, "journal_head %p, force_copy %d\n", jh, force_copy);
983 :
984 3156808 : JBUFFER_TRACE(jh, "entry");
985 : repeat:
986 3156808 : bh = jh2bh(jh);
987 :
988 : /* @@@ Need to check for errors here at some point. */
989 :
990 3156808 : start_lock = jiffies;
991 3156808 : lock_buffer(bh);
992 3157623 : spin_lock(&jh->b_state_lock);
993 :
994 : /* If it takes too long to lock the buffer, trace it */
995 3157703 : time_lock = jbd2_time_diff(start_lock, jiffies);
996 3157703 : if (time_lock > HZ/10)
997 32 : trace_jbd2_lock_buffer_stall(bh->b_bdev->bd_dev,
998 32 : jiffies_to_msecs(time_lock));
999 :
1000 : /* We now hold the buffer lock so it is safe to query the buffer
1001 : * state. Is the buffer dirty?
1002 : *
1003 : * If so, there are two possibilities. The buffer may be
1004 : * non-journaled, and undergoing a quite legitimate writeback.
1005 : * Otherwise, it is journaled, and we don't expect dirty buffers
1006 : * in that state (the buffers should be marked JBD_Dirty
1007 : * instead.) So either the IO is being done under our own
1008 : * control and this is a bug, or it's a third party IO such as
1009 : * dump(8) (which may leave the buffer scheduled for read ---
1010 : * ie. locked but not dirty) or tune2fs (which may actually have
1011 : * the buffer dirtied, ugh.) */
1012 :
1013 6315406 : if (buffer_dirty(bh) && jh->b_transaction) {
1014 0 : warn_dirty_buffer(bh);
1015 : /*
1016 : * We need to clean the dirty flag and we must do it under the
1017 : * buffer lock to be sure we don't race with running write-out.
1018 : */
1019 0 : JBUFFER_TRACE(jh, "Journalling dirty buffer");
1020 0 : clear_buffer_dirty(bh);
1021 : /*
1022 : * The buffer is going to be added to BJ_Reserved list now and
1023 : * nothing guarantees jbd2_journal_dirty_metadata() will be
1024 : * ever called for it. So we need to set jbddirty bit here to
1025 : * make sure the buffer is dirtied and written out when the
1026 : * journaling machinery is done with it.
1027 : */
1028 0 : set_buffer_jbddirty(bh);
1029 : }
1030 :
1031 3157703 : error = -EROFS;
1032 6315111 : if (is_handle_aborted(handle)) {
1033 296 : spin_unlock(&jh->b_state_lock);
1034 1 : unlock_buffer(bh);
1035 1 : goto out;
1036 : }
1037 3157407 : error = 0;
1038 :
1039 : /*
1040 : * The buffer is already part of this transaction if b_transaction or
1041 : * b_next_transaction points to it
1042 : */
1043 3157407 : if (jh->b_transaction == transaction ||
1044 3148301 : jh->b_next_transaction == transaction) {
1045 74954 : unlock_buffer(bh);
1046 74987 : goto done;
1047 : }
1048 :
1049 : /*
1050 : * this is the first time this transaction is touching this buffer,
1051 : * reset the modified flag
1052 : */
1053 3082453 : jh->b_modified = 0;
1054 :
1055 : /*
1056 : * If the buffer is not journaled right now, we need to make sure it
1057 : * doesn't get written to disk before the caller actually commits the
1058 : * new data
1059 : */
1060 3082453 : if (!jh->b_transaction) {
1061 2607049 : JBUFFER_TRACE(jh, "no transaction");
1062 2607049 : J_ASSERT_JH(jh, !jh->b_next_transaction);
1063 2607049 : JBUFFER_TRACE(jh, "file as BJ_Reserved");
1064 : /*
1065 : * Make sure all stores to jh (b_modified, b_frozen_data) are
1066 : * visible before attaching it to the running transaction.
1067 : * Paired with barrier in jbd2_write_access_granted()
1068 : */
1069 2607049 : smp_wmb();
1070 2607012 : spin_lock(&journal->j_list_lock);
1071 2607865 : if (test_clear_buffer_dirty(bh)) {
1072 : /*
1073 : * Execute buffer dirty clearing and jh->b_transaction
1074 : * assignment under journal->j_list_lock locked to
1075 : * prevent bh being removed from checkpoint list if
1076 : * the buffer is in an intermediate state (not dirty
1077 : * and jh->b_transaction is NULL).
1078 : */
1079 1395458 : JBUFFER_TRACE(jh, "Journalling dirty buffer");
1080 1395458 : set_buffer_jbddirty(bh);
1081 : }
1082 2607865 : __jbd2_journal_file_buffer(jh, transaction, BJ_Reserved);
1083 2607865 : spin_unlock(&journal->j_list_lock);
1084 2607865 : unlock_buffer(bh);
1085 2607860 : goto done;
1086 : }
1087 475404 : unlock_buffer(bh);
1088 :
1089 : /*
1090 : * If there is already a copy-out version of this buffer, then we don't
1091 : * need to make another one
1092 : */
1093 475524 : if (jh->b_frozen_data) {
1094 0 : JBUFFER_TRACE(jh, "has frozen data");
1095 0 : J_ASSERT_JH(jh, jh->b_next_transaction == NULL);
1096 0 : goto attach_next;
1097 : }
1098 :
1099 475524 : JBUFFER_TRACE(jh, "owned by older transaction");
1100 475524 : J_ASSERT_JH(jh, jh->b_next_transaction == NULL);
1101 475524 : J_ASSERT_JH(jh, jh->b_transaction == journal->j_committing_transaction);
1102 :
1103 : /*
1104 : * There is one case we have to be very careful about. If the
1105 : * committing transaction is currently writing this buffer out to disk
1106 : * and has NOT made a copy-out, then we cannot modify the buffer
1107 : * contents at all right now. The essence of copy-out is that it is
1108 : * the extra copy, not the primary copy, which gets journaled. If the
1109 : * primary copy is already going to disk then we cannot do copy-out
1110 : * here.
1111 : */
1112 951048 : if (buffer_shadow(bh)) {
1113 142111 : JBUFFER_TRACE(jh, "on shadow: sleep");
1114 142111 : spin_unlock(&jh->b_state_lock);
1115 142135 : wait_on_bit_io(&bh->b_state, BH_Shadow, TASK_UNINTERRUPTIBLE);
1116 141271 : goto repeat;
1117 : }
1118 :
1119 : /*
1120 : * Only do the copy if the currently-owning transaction still needs it.
1121 : * If buffer isn't on BJ_Metadata list, the committing transaction is
1122 : * past that stage (here we use the fact that BH_Shadow is set under
1123 : * bh_state lock together with refiling to BJ_Shadow list and at this
1124 : * point we know the buffer doesn't have BH_Shadow set).
1125 : *
1126 : * Subtle point, though: if this is a get_undo_access, then we will be
1127 : * relying on the frozen_data to contain the new value of the
1128 : * committed_data record after the transaction, so we HAVE to force the
1129 : * frozen_data copy in that case.
1130 : */
1131 333413 : if (jh->b_jlist == BJ_Metadata || force_copy) {
1132 44320 : JBUFFER_TRACE(jh, "generate frozen data");
1133 44320 : if (!frozen_buffer) {
1134 22448 : JBUFFER_TRACE(jh, "allocate memory for buffer");
1135 22448 : spin_unlock(&jh->b_state_lock);
1136 22465 : frozen_buffer = jbd2_alloc(jh2bh(jh)->b_size,
1137 : GFP_NOFS | __GFP_NOFAIL);
1138 22388 : goto repeat;
1139 : }
1140 21872 : jh->b_frozen_data = frozen_buffer;
1141 21872 : frozen_buffer = NULL;
1142 21872 : jbd2_freeze_jh_data(jh);
1143 : }
1144 289093 : attach_next:
1145 : /*
1146 : * Make sure all stores to jh (b_modified, b_frozen_data) are visible
1147 : * before attaching it to the running transaction. Paired with barrier
1148 : * in jbd2_write_access_granted()
1149 : */
1150 310925 : smp_wmb();
1151 310898 : jh->b_next_transaction = transaction;
1152 :
1153 2993745 : done:
1154 2993745 : spin_unlock(&jh->b_state_lock);
1155 :
1156 : /*
1157 : * If we are about to journal a buffer, then any revoke pending on it is
1158 : * no longer valid
1159 : */
1160 2993679 : jbd2_journal_cancel_revoke(handle, jh);
1161 :
1162 2993588 : out:
1163 2993588 : if (unlikely(frozen_buffer)) /* It's usually NULL */
1164 594 : jbd2_free(frozen_buffer, bh->b_size);
1165 :
1166 2993588 : JBUFFER_TRACE(jh, "exit");
1167 2993588 : return error;
1168 : }
1169 :
1170 : /* Fast check whether buffer is already attached to the required transaction */
1171 116223431 : static bool jbd2_write_access_granted(handle_t *handle, struct buffer_head *bh,
1172 : bool undo)
1173 : {
1174 116223431 : struct journal_head *jh;
1175 116223431 : bool ret = false;
1176 :
1177 : /* Dirty buffers require special handling... */
1178 232446862 : if (buffer_dirty(bh))
1179 : return false;
1180 :
1181 : /*
1182 : * RCU protects us from dereferencing freed pages. So the checks we do
1183 : * are guaranteed not to oops. However the jh slab object can get freed
1184 : * & reallocated while we work with it. So we have to be careful. When
1185 : * we see jh attached to the running transaction, we know it must stay
1186 : * so until the transaction is committed. Thus jh won't be freed and
1187 : * will be attached to the same bh while we run. However it can
1188 : * happen jh gets freed, reallocated, and attached to the transaction
1189 : * just after we get pointer to it from bh. So we have to be careful
1190 : * and recheck jh still belongs to our bh before we return success.
1191 : */
1192 114821522 : rcu_read_lock();
1193 229756794 : if (!buffer_jbd(bh))
1194 1056919 : goto out;
1195 : /* This should be bh2jh() but that doesn't work with inline functions */
1196 113821478 : jh = READ_ONCE(bh->b_private);
1197 113821478 : if (!jh)
1198 0 : goto out;
1199 : /* For undo access buffer must have data copied */
1200 113821478 : if (undo && !jh->b_committed_data)
1201 0 : goto out;
1202 113821478 : if (READ_ONCE(jh->b_transaction) != handle->h_transaction &&
1203 3479408 : READ_ONCE(jh->b_next_transaction) != handle->h_transaction)
1204 543923 : goto out;
1205 : /*
1206 : * There are two reasons for the barrier here:
1207 : * 1) Make sure to fetch b_bh after we did previous checks so that we
1208 : * detect when jh went through free, realloc, attach to transaction
1209 : * while we were checking. Paired with implicit barrier in that path.
1210 : * 2) So that access to bh done after jbd2_write_access_granted()
1211 : * doesn't get reordered and see inconsistent state of concurrent
1212 : * do_get_write_access().
1213 : */
1214 113277555 : smp_mb();
1215 113457758 : if (unlikely(jh->b_bh != bh))
1216 0 : goto out;
1217 : ret = true;
1218 115058600 : out:
1219 115058600 : rcu_read_unlock();
1220 115058600 : return ret;
1221 : }
1222 :
1223 : /**
1224 : * jbd2_journal_get_write_access() - notify intent to modify a buffer
1225 : * for metadata (not data) update.
1226 : * @handle: transaction to add buffer modifications to
1227 : * @bh: bh to be used for metadata writes
1228 : *
1229 : * Returns: error code or 0 on success.
1230 : *
1231 : * In full data journalling mode the buffer may be of type BJ_AsyncData,
1232 : * because we're ``write()ing`` a buffer which is also part of a shared mapping.
1233 : */
1234 :
1235 116249526 : int jbd2_journal_get_write_access(handle_t *handle, struct buffer_head *bh)
1236 : {
1237 116249526 : struct journal_head *jh;
1238 116249526 : int rc;
1239 :
1240 232499052 : if (is_handle_aborted(handle))
1241 : return -EROFS;
1242 :
1243 116249526 : if (jbd2_write_access_granted(handle, bh, false))
1244 : return 0;
1245 :
1246 2992876 : jh = jbd2_journal_add_journal_head(bh);
1247 : /* We do not want to get caught playing with fields which the
1248 : * log thread also manipulates. Make sure that the buffer
1249 : * completes any outstanding IO before proceeding. */
1250 2993413 : rc = do_get_write_access(handle, jh, 0);
1251 2993579 : jbd2_journal_put_journal_head(jh);
1252 2993579 : return rc;
1253 : }
1254 :
1255 :
1256 : /*
1257 : * When the user wants to journal a newly created buffer_head
1258 : * (ie. getblk() returned a new buffer and we are going to populate it
1259 : * manually rather than reading off disk), then we need to keep the
1260 : * buffer_head locked until it has been completely filled with new
1261 : * data. In this case, we should be able to make the assertion that
1262 : * the bh is not already part of an existing transaction.
1263 : *
1264 : * The buffer should already be locked by the caller by this point.
1265 : * There is no lock ranking violation: it was a newly created,
1266 : * unlocked buffer beforehand. */
1267 :
1268 : /**
1269 : * jbd2_journal_get_create_access () - notify intent to use newly created bh
1270 : * @handle: transaction to new buffer to
1271 : * @bh: new buffer.
1272 : *
1273 : * Call this if you create a new bh.
1274 : */
1275 397871 : int jbd2_journal_get_create_access(handle_t *handle, struct buffer_head *bh)
1276 : {
1277 397871 : transaction_t *transaction = handle->h_transaction;
1278 397871 : journal_t *journal;
1279 397871 : struct journal_head *jh = jbd2_journal_add_journal_head(bh);
1280 398622 : int err;
1281 :
1282 398622 : jbd2_debug(5, "journal_head %p\n", jh);
1283 398622 : err = -EROFS;
1284 797244 : if (is_handle_aborted(handle))
1285 0 : goto out;
1286 398622 : journal = transaction->t_journal;
1287 398622 : err = 0;
1288 :
1289 398622 : JBUFFER_TRACE(jh, "entry");
1290 : /*
1291 : * The buffer may already belong to this transaction due to pre-zeroing
1292 : * in the filesystem's new_block code. It may also be on the previous,
1293 : * committing transaction's lists, but it HAS to be in Forget state in
1294 : * that case: the transaction must have deleted the buffer for it to be
1295 : * reused here.
1296 : */
1297 398622 : spin_lock(&jh->b_state_lock);
1298 398234 : J_ASSERT_JH(jh, (jh->b_transaction == transaction ||
1299 : jh->b_transaction == NULL ||
1300 : (jh->b_transaction == journal->j_committing_transaction &&
1301 : jh->b_jlist == BJ_Forget)));
1302 :
1303 398234 : J_ASSERT_JH(jh, jh->b_next_transaction == NULL);
1304 796468 : J_ASSERT_JH(jh, buffer_locked(jh2bh(jh)));
1305 :
1306 398234 : if (jh->b_transaction == NULL) {
1307 : /*
1308 : * Previous jbd2_journal_forget() could have left the buffer
1309 : * with jbddirty bit set because it was being committed. When
1310 : * the commit finished, we've filed the buffer for
1311 : * checkpointing and marked it dirty. Now we are reallocating
1312 : * the buffer so the transaction freeing it must have
1313 : * committed and so it's safe to clear the dirty bit.
1314 : */
1315 398234 : clear_buffer_dirty(jh2bh(jh));
1316 : /* first access by this transaction */
1317 398640 : jh->b_modified = 0;
1318 :
1319 398640 : JBUFFER_TRACE(jh, "file as BJ_Reserved");
1320 398640 : spin_lock(&journal->j_list_lock);
1321 398723 : __jbd2_journal_file_buffer(jh, transaction, BJ_Reserved);
1322 398723 : spin_unlock(&journal->j_list_lock);
1323 0 : } else if (jh->b_transaction == journal->j_committing_transaction) {
1324 : /* first access by this transaction */
1325 0 : jh->b_modified = 0;
1326 :
1327 0 : JBUFFER_TRACE(jh, "set next transaction");
1328 0 : spin_lock(&journal->j_list_lock);
1329 0 : jh->b_next_transaction = transaction;
1330 0 : spin_unlock(&journal->j_list_lock);
1331 : }
1332 398723 : spin_unlock(&jh->b_state_lock);
1333 :
1334 : /*
1335 : * akpm: I added this. ext3_alloc_branch can pick up new indirect
1336 : * blocks which contain freed but then revoked metadata. We need
1337 : * to cancel the revoke in case we end up freeing it yet again
1338 : * and the reallocating as data - this would cause a second revoke,
1339 : * which hits an assertion error.
1340 : */
1341 398723 : JBUFFER_TRACE(jh, "cancelling revoke");
1342 398723 : jbd2_journal_cancel_revoke(handle, jh);
1343 398707 : out:
1344 398707 : jbd2_journal_put_journal_head(jh);
1345 398694 : return err;
1346 : }
1347 :
1348 : /**
1349 : * jbd2_journal_get_undo_access() - Notify intent to modify metadata with
1350 : * non-rewindable consequences
1351 : * @handle: transaction
1352 : * @bh: buffer to undo
1353 : *
1354 : * Sometimes there is a need to distinguish between metadata which has
1355 : * been committed to disk and that which has not. The ext3fs code uses
1356 : * this for freeing and allocating space, we have to make sure that we
1357 : * do not reuse freed space until the deallocation has been committed,
1358 : * since if we overwrote that space we would make the delete
1359 : * un-rewindable in case of a crash.
1360 : *
1361 : * To deal with that, jbd2_journal_get_undo_access requests write access to a
1362 : * buffer for parts of non-rewindable operations such as delete
1363 : * operations on the bitmaps. The journaling code must keep a copy of
1364 : * the buffer's contents prior to the undo_access call until such time
1365 : * as we know that the buffer has definitely been committed to disk.
1366 : *
1367 : * We never need to know which transaction the committed data is part
1368 : * of, buffers touched here are guaranteed to be dirtied later and so
1369 : * will be committed to a new transaction in due course, at which point
1370 : * we can discard the old committed data pointer.
1371 : *
1372 : * Returns error number or 0 on success.
1373 : */
1374 0 : int jbd2_journal_get_undo_access(handle_t *handle, struct buffer_head *bh)
1375 : {
1376 0 : int err;
1377 0 : struct journal_head *jh;
1378 0 : char *committed_data = NULL;
1379 :
1380 0 : if (is_handle_aborted(handle))
1381 : return -EROFS;
1382 :
1383 0 : if (jbd2_write_access_granted(handle, bh, true))
1384 : return 0;
1385 :
1386 0 : jh = jbd2_journal_add_journal_head(bh);
1387 0 : JBUFFER_TRACE(jh, "entry");
1388 :
1389 : /*
1390 : * Do this first --- it can drop the journal lock, so we want to
1391 : * make sure that obtaining the committed_data is done
1392 : * atomically wrt. completion of any outstanding commits.
1393 : */
1394 0 : err = do_get_write_access(handle, jh, 1);
1395 0 : if (err)
1396 0 : goto out;
1397 :
1398 0 : repeat:
1399 0 : if (!jh->b_committed_data)
1400 0 : committed_data = jbd2_alloc(jh2bh(jh)->b_size,
1401 : GFP_NOFS|__GFP_NOFAIL);
1402 :
1403 0 : spin_lock(&jh->b_state_lock);
1404 0 : if (!jh->b_committed_data) {
1405 : /* Copy out the current buffer contents into the
1406 : * preserved, committed copy. */
1407 0 : JBUFFER_TRACE(jh, "generate b_committed data");
1408 0 : if (!committed_data) {
1409 0 : spin_unlock(&jh->b_state_lock);
1410 0 : goto repeat;
1411 : }
1412 :
1413 0 : jh->b_committed_data = committed_data;
1414 0 : committed_data = NULL;
1415 0 : memcpy(jh->b_committed_data, bh->b_data, bh->b_size);
1416 : }
1417 0 : spin_unlock(&jh->b_state_lock);
1418 0 : out:
1419 0 : jbd2_journal_put_journal_head(jh);
1420 0 : if (unlikely(committed_data))
1421 0 : jbd2_free(committed_data, bh->b_size);
1422 : return err;
1423 : }
1424 :
1425 : /**
1426 : * jbd2_journal_set_triggers() - Add triggers for commit writeout
1427 : * @bh: buffer to trigger on
1428 : * @type: struct jbd2_buffer_trigger_type containing the trigger(s).
1429 : *
1430 : * Set any triggers on this journal_head. This is always safe, because
1431 : * triggers for a committing buffer will be saved off, and triggers for
1432 : * a running transaction will match the buffer in that transaction.
1433 : *
1434 : * Call with NULL to clear the triggers.
1435 : */
1436 0 : void jbd2_journal_set_triggers(struct buffer_head *bh,
1437 : struct jbd2_buffer_trigger_type *type)
1438 : {
1439 0 : struct journal_head *jh = jbd2_journal_grab_journal_head(bh);
1440 :
1441 0 : if (WARN_ON_ONCE(!jh))
1442 : return;
1443 0 : jh->b_triggers = type;
1444 0 : jbd2_journal_put_journal_head(jh);
1445 : }
1446 :
1447 3184027 : void jbd2_buffer_frozen_trigger(struct journal_head *jh, void *mapped_data,
1448 : struct jbd2_buffer_trigger_type *triggers)
1449 : {
1450 3184027 : struct buffer_head *bh = jh2bh(jh);
1451 :
1452 3184027 : if (!triggers || !triggers->t_frozen)
1453 : return;
1454 :
1455 0 : triggers->t_frozen(triggers, bh, mapped_data, bh->b_size);
1456 : }
1457 :
1458 169 : void jbd2_buffer_abort_trigger(struct journal_head *jh,
1459 : struct jbd2_buffer_trigger_type *triggers)
1460 : {
1461 169 : if (!triggers || !triggers->t_abort)
1462 : return;
1463 :
1464 0 : triggers->t_abort(triggers, jh2bh(jh));
1465 : }
1466 :
1467 : /**
1468 : * jbd2_journal_dirty_metadata() - mark a buffer as containing dirty metadata
1469 : * @handle: transaction to add buffer to.
1470 : * @bh: buffer to mark
1471 : *
1472 : * mark dirty metadata which needs to be journaled as part of the current
1473 : * transaction.
1474 : *
1475 : * The buffer must have previously had jbd2_journal_get_write_access()
1476 : * called so that it has a valid journal_head attached to the buffer
1477 : * head.
1478 : *
1479 : * The buffer is placed on the transaction's metadata list and is marked
1480 : * as belonging to the transaction.
1481 : *
1482 : * Returns error number or 0 on success.
1483 : *
1484 : * Special care needs to be taken if the buffer already belongs to the
1485 : * current committing transaction (in which case we should have frozen
1486 : * data present for that commit). In that case, we don't relink the
1487 : * buffer: that only gets done when the old transaction finally
1488 : * completes its commit.
1489 : */
1490 114250345 : int jbd2_journal_dirty_metadata(handle_t *handle, struct buffer_head *bh)
1491 : {
1492 114250345 : transaction_t *transaction = handle->h_transaction;
1493 114250345 : journal_t *journal;
1494 114250345 : struct journal_head *jh;
1495 114250345 : int ret = 0;
1496 :
1497 228500690 : if (!buffer_jbd(bh))
1498 : return -EUCLEAN;
1499 :
1500 : /*
1501 : * We don't grab jh reference here since the buffer must be part
1502 : * of the running transaction.
1503 : */
1504 114250345 : jh = bh2jh(bh);
1505 114250345 : jbd2_debug(5, "journal_head %p\n", jh);
1506 114250345 : JBUFFER_TRACE(jh, "entry");
1507 :
1508 : /*
1509 : * This and the following assertions are unreliable since we may see jh
1510 : * in inconsistent state unless we grab bh_state lock. But this is
1511 : * crucial to catch bugs so let's do a reliable check until the
1512 : * lockless handling is fully proven.
1513 : */
1514 114250345 : if (data_race(jh->b_transaction != transaction &&
1515 : jh->b_next_transaction != transaction)) {
1516 0 : spin_lock(&jh->b_state_lock);
1517 0 : J_ASSERT_JH(jh, jh->b_transaction == transaction ||
1518 : jh->b_next_transaction == transaction);
1519 0 : spin_unlock(&jh->b_state_lock);
1520 : }
1521 114250345 : if (jh->b_modified == 1) {
1522 : /* If it's in our transaction it must be in BJ_Metadata list. */
1523 110948275 : if (data_race(jh->b_transaction == transaction &&
1524 : jh->b_jlist != BJ_Metadata)) {
1525 144 : spin_lock(&jh->b_state_lock);
1526 144 : if (jh->b_transaction == transaction &&
1527 144 : jh->b_jlist != BJ_Metadata)
1528 0 : pr_err("JBD2: assertion failure: h_type=%u "
1529 : "h_line_no=%u block_no=%llu jlist=%u\n",
1530 : handle->h_type, handle->h_line_no,
1531 : (unsigned long long) bh->b_blocknr,
1532 : jh->b_jlist);
1533 144 : J_ASSERT_JH(jh, jh->b_transaction != transaction ||
1534 : jh->b_jlist == BJ_Metadata);
1535 144 : spin_unlock(&jh->b_state_lock);
1536 : }
1537 110948275 : goto out;
1538 : }
1539 :
1540 3302070 : journal = transaction->t_journal;
1541 3302070 : spin_lock(&jh->b_state_lock);
1542 :
1543 6601008 : if (is_handle_aborted(handle)) {
1544 : /*
1545 : * Check journal aborting with @jh->b_state_lock locked,
1546 : * since 'jh->b_transaction' could be replaced with
1547 : * 'jh->b_next_transaction' during old transaction
1548 : * committing if journal aborted, which may fail
1549 : * assertion on 'jh->b_frozen_data == NULL'.
1550 : */
1551 0 : ret = -EROFS;
1552 0 : goto out_unlock_bh;
1553 : }
1554 :
1555 3300504 : if (jh->b_modified == 0) {
1556 : /*
1557 : * This buffer's got modified and becoming part
1558 : * of the transaction. This needs to be done
1559 : * once a transaction -bzzz
1560 : */
1561 3300096 : if (WARN_ON_ONCE(jbd2_handle_buffer_credits(handle) <= 0)) {
1562 0 : ret = -ENOSPC;
1563 0 : goto out_unlock_bh;
1564 : }
1565 3300096 : jh->b_modified = 1;
1566 3300096 : handle->h_total_credits--;
1567 : }
1568 :
1569 : /*
1570 : * fastpath, to avoid expensive locking. If this buffer is already
1571 : * on the running transaction's metadata list there is nothing to do.
1572 : * Nobody can take it off again because there is a handle open.
1573 : * I _think_ we're OK here with SMP barriers - a mistaken decision will
1574 : * result in this test being false, so we go in and take the locks.
1575 : */
1576 3300504 : if (jh->b_transaction == transaction && jh->b_jlist == BJ_Metadata) {
1577 128 : JBUFFER_TRACE(jh, "fastpath");
1578 128 : if (unlikely(jh->b_transaction !=
1579 : journal->j_running_transaction)) {
1580 0 : printk(KERN_ERR "JBD2: %s: "
1581 : "jh->b_transaction (%llu, %p, %u) != "
1582 : "journal->j_running_transaction (%p, %u)\n",
1583 : journal->j_devname,
1584 : (unsigned long long) bh->b_blocknr,
1585 : jh->b_transaction,
1586 : jh->b_transaction ? jh->b_transaction->t_tid : 0,
1587 : journal->j_running_transaction,
1588 : journal->j_running_transaction ?
1589 : journal->j_running_transaction->t_tid : 0);
1590 0 : ret = -EINVAL;
1591 : }
1592 128 : goto out_unlock_bh;
1593 : }
1594 :
1595 3300376 : set_buffer_jbddirty(bh);
1596 :
1597 : /*
1598 : * Metadata already on the current transaction list doesn't
1599 : * need to be filed. Metadata on another transaction's list must
1600 : * be committing, and will be refiled once the commit completes:
1601 : * leave it alone for now.
1602 : */
1603 3301514 : if (jh->b_transaction != transaction) {
1604 308674 : JBUFFER_TRACE(jh, "already on other transaction");
1605 308674 : if (unlikely(((jh->b_transaction !=
1606 : journal->j_committing_transaction)) ||
1607 : (jh->b_next_transaction != transaction))) {
1608 0 : printk(KERN_ERR "jbd2_journal_dirty_metadata: %s: "
1609 : "bad jh for block %llu: "
1610 : "transaction (%p, %u), "
1611 : "jh->b_transaction (%p, %u), "
1612 : "jh->b_next_transaction (%p, %u), jlist %u\n",
1613 : journal->j_devname,
1614 : (unsigned long long) bh->b_blocknr,
1615 : transaction, transaction->t_tid,
1616 : jh->b_transaction,
1617 : jh->b_transaction ?
1618 : jh->b_transaction->t_tid : 0,
1619 : jh->b_next_transaction,
1620 : jh->b_next_transaction ?
1621 : jh->b_next_transaction->t_tid : 0,
1622 : jh->b_jlist);
1623 0 : WARN_ON(1);
1624 : ret = -EINVAL;
1625 : }
1626 : /* And this case is illegal: we can't reuse another
1627 : * transaction's data buffer, ever. */
1628 308674 : goto out_unlock_bh;
1629 : }
1630 :
1631 : /* That test should have eliminated the following case: */
1632 2992840 : J_ASSERT_JH(jh, jh->b_frozen_data == NULL);
1633 :
1634 2992840 : JBUFFER_TRACE(jh, "file as BJ_Metadata");
1635 2992840 : spin_lock(&journal->j_list_lock);
1636 2994179 : __jbd2_journal_file_buffer(jh, transaction, BJ_Metadata);
1637 2994179 : spin_unlock(&journal->j_list_lock);
1638 3302981 : out_unlock_bh:
1639 3302981 : spin_unlock(&jh->b_state_lock);
1640 : out:
1641 : JBUFFER_TRACE(jh, "exit");
1642 : return ret;
1643 : }
1644 :
1645 : /**
1646 : * jbd2_journal_forget() - bforget() for potentially-journaled buffers.
1647 : * @handle: transaction handle
1648 : * @bh: bh to 'forget'
1649 : *
1650 : * We can only do the bforget if there are no commits pending against the
1651 : * buffer. If the buffer is dirty in the current running transaction we
1652 : * can safely unlink it.
1653 : *
1654 : * bh may not be a journalled buffer at all - it may be a non-JBD
1655 : * buffer which came off the hashtable. Check for this.
1656 : *
1657 : * Decrements bh->b_count by one.
1658 : *
1659 : * Allow this call even if the handle has aborted --- it may be part of
1660 : * the caller's cleanup after an abort.
1661 : */
1662 273496 : int jbd2_journal_forget(handle_t *handle, struct buffer_head *bh)
1663 : {
1664 273496 : transaction_t *transaction = handle->h_transaction;
1665 273496 : journal_t *journal;
1666 273496 : struct journal_head *jh;
1667 273496 : int drop_reserve = 0;
1668 273496 : int err = 0;
1669 273496 : int was_modified = 0;
1670 :
1671 546992 : if (is_handle_aborted(handle))
1672 : return -EROFS;
1673 273496 : journal = transaction->t_journal;
1674 :
1675 273496 : BUFFER_TRACE(bh, "entry");
1676 :
1677 273496 : jh = jbd2_journal_grab_journal_head(bh);
1678 273494 : if (!jh) {
1679 61448 : __bforget(bh);
1680 61448 : return 0;
1681 : }
1682 :
1683 212046 : spin_lock(&jh->b_state_lock);
1684 :
1685 : /* Critical error: attempting to delete a bitmap buffer, maybe?
1686 : * Don't do any jbd operations, and return an error. */
1687 212070 : if (!J_EXPECT_JH(jh, !jh->b_committed_data,
1688 : "inconsistent data on disk")) {
1689 0 : err = -EIO;
1690 0 : goto drop;
1691 : }
1692 :
1693 : /* keep track of whether or not this transaction modified us */
1694 212052 : was_modified = jh->b_modified;
1695 :
1696 : /*
1697 : * The buffer's going from the transaction, we must drop
1698 : * all references -bzzz
1699 : */
1700 212052 : jh->b_modified = 0;
1701 :
1702 212052 : if (jh->b_transaction == transaction) {
1703 122130 : J_ASSERT_JH(jh, !jh->b_frozen_data);
1704 :
1705 : /* If we are forgetting a buffer which is already part
1706 : * of this transaction, then we can just drop it from
1707 : * the transaction immediately. */
1708 122130 : clear_buffer_dirty(bh);
1709 122159 : clear_buffer_jbddirty(bh);
1710 :
1711 122147 : JBUFFER_TRACE(jh, "belongs to current transaction: unfile");
1712 :
1713 : /*
1714 : * we only want to drop a reference if this transaction
1715 : * modified the buffer
1716 : */
1717 122147 : if (was_modified)
1718 117805 : drop_reserve = 1;
1719 :
1720 : /*
1721 : * We are no longer going to journal this buffer.
1722 : * However, the commit of this transaction is still
1723 : * important to the buffer: the delete that we are now
1724 : * processing might obsolete an old log entry, so by
1725 : * committing, we can satisfy the buffer's checkpoint.
1726 : *
1727 : * So, if we have a checkpoint on the buffer, we should
1728 : * now refile the buffer on our BJ_Forget list so that
1729 : * we know to remove the checkpoint after we commit.
1730 : */
1731 :
1732 122147 : spin_lock(&journal->j_list_lock);
1733 122167 : if (jh->b_cp_transaction) {
1734 36362 : __jbd2_journal_temp_unlink_buffer(jh);
1735 36362 : __jbd2_journal_file_buffer(jh, transaction, BJ_Forget);
1736 : } else {
1737 85805 : __jbd2_journal_unfile_buffer(jh);
1738 85805 : jbd2_journal_put_journal_head(jh);
1739 : }
1740 122167 : spin_unlock(&journal->j_list_lock);
1741 89922 : } else if (jh->b_transaction) {
1742 1967 : J_ASSERT_JH(jh, (jh->b_transaction ==
1743 : journal->j_committing_transaction));
1744 : /* However, if the buffer is still owned by a prior
1745 : * (committing) transaction, we can't drop it yet... */
1746 1967 : JBUFFER_TRACE(jh, "belongs to older transaction");
1747 : /* ... but we CAN drop it from the new transaction through
1748 : * marking the buffer as freed and set j_next_transaction to
1749 : * the new transaction, so that not only the commit code
1750 : * knows it should clear dirty bits when it is done with the
1751 : * buffer, but also the buffer can be checkpointed only
1752 : * after the new transaction commits. */
1753 :
1754 1967 : set_buffer_freed(bh);
1755 :
1756 1967 : if (!jh->b_next_transaction) {
1757 317 : spin_lock(&journal->j_list_lock);
1758 317 : jh->b_next_transaction = transaction;
1759 317 : spin_unlock(&journal->j_list_lock);
1760 : } else {
1761 1650 : J_ASSERT(jh->b_next_transaction == transaction);
1762 :
1763 : /*
1764 : * only drop a reference if this transaction modified
1765 : * the buffer
1766 : */
1767 1650 : if (was_modified)
1768 920 : drop_reserve = 1;
1769 : }
1770 : } else {
1771 : /*
1772 : * Finally, if the buffer is not belongs to any
1773 : * transaction, we can just drop it now if it has no
1774 : * checkpoint.
1775 : */
1776 87955 : spin_lock(&journal->j_list_lock);
1777 87955 : if (!jh->b_cp_transaction) {
1778 0 : JBUFFER_TRACE(jh, "belongs to none transaction");
1779 0 : spin_unlock(&journal->j_list_lock);
1780 0 : goto drop;
1781 : }
1782 :
1783 : /*
1784 : * Otherwise, if the buffer has been written to disk,
1785 : * it is safe to remove the checkpoint and drop it.
1786 : */
1787 87955 : if (jbd2_journal_try_remove_checkpoint(jh) >= 0) {
1788 183 : spin_unlock(&journal->j_list_lock);
1789 183 : goto drop;
1790 : }
1791 :
1792 : /*
1793 : * The buffer is still not written to disk, we should
1794 : * attach this buffer to current transaction so that the
1795 : * buffer can be checkpointed only after the current
1796 : * transaction commits.
1797 : */
1798 87772 : clear_buffer_dirty(bh);
1799 87772 : __jbd2_journal_file_buffer(jh, transaction, BJ_Forget);
1800 87772 : spin_unlock(&journal->j_list_lock);
1801 : }
1802 212089 : drop:
1803 212089 : __brelse(bh);
1804 212089 : spin_unlock(&jh->b_state_lock);
1805 212089 : jbd2_journal_put_journal_head(jh);
1806 212088 : if (drop_reserve) {
1807 : /* no need to reserve log space for this block -bzzz */
1808 118741 : handle->h_total_credits++;
1809 : }
1810 : return err;
1811 : }
1812 :
1813 : /**
1814 : * jbd2_journal_stop() - complete a transaction
1815 : * @handle: transaction to complete.
1816 : *
1817 : * All done for a particular handle.
1818 : *
1819 : * There is not much action needed here. We just return any remaining
1820 : * buffer credits to the transaction and remove the handle. The only
1821 : * complication is that we need to start a commit operation if the
1822 : * filesystem is marked for synchronous update.
1823 : *
1824 : * jbd2_journal_stop itself will not usually return an error, but it may
1825 : * do so in unusual circumstances. In particular, expect it to
1826 : * return -EIO if a jbd2_journal_abort has been executed since the
1827 : * transaction began.
1828 : */
1829 56030819 : int jbd2_journal_stop(handle_t *handle)
1830 : {
1831 56030819 : transaction_t *transaction = handle->h_transaction;
1832 56030819 : journal_t *journal;
1833 56030819 : int err = 0, wait_for_commit = 0;
1834 56030819 : tid_t tid;
1835 56030819 : pid_t pid;
1836 :
1837 56030819 : if (--handle->h_ref > 0) {
1838 8570923 : jbd2_debug(4, "h_ref %d -> %d\n", handle->h_ref + 1,
1839 : handle->h_ref);
1840 17141846 : if (is_handle_aborted(handle))
1841 : return -EIO;
1842 8570923 : return 0;
1843 : }
1844 47459896 : if (!transaction) {
1845 : /*
1846 : * Handle is already detached from the transaction so there is
1847 : * nothing to do other than free the handle.
1848 : */
1849 0 : memalloc_nofs_restore(handle->saved_alloc_context);
1850 0 : goto free_and_exit;
1851 : }
1852 47459896 : journal = transaction->t_journal;
1853 47459896 : tid = transaction->t_tid;
1854 :
1855 47459896 : if (is_handle_aborted(handle))
1856 1 : err = -EIO;
1857 :
1858 47459896 : jbd2_debug(4, "Handle %p going down\n", handle);
1859 47459896 : trace_jbd2_handle_stats(journal->j_fs_dev->bd_dev,
1860 47459896 : tid, handle->h_type, handle->h_line_no,
1861 47459896 : jiffies - handle->h_start_jiffies,
1862 47459896 : handle->h_sync, handle->h_requested_credits,
1863 47459896 : (handle->h_requested_credits -
1864 47459896 : handle->h_total_credits));
1865 :
1866 : /*
1867 : * Implement synchronous transaction batching. If the handle
1868 : * was synchronous, don't force a commit immediately. Let's
1869 : * yield and let another thread piggyback onto this
1870 : * transaction. Keep doing that while new threads continue to
1871 : * arrive. It doesn't cost much - we're about to run a commit
1872 : * and sleep on IO anyway. Speeds up many-threaded, many-dir
1873 : * operations by 30x or more...
1874 : *
1875 : * We try and optimize the sleep time against what the
1876 : * underlying disk can do, instead of having a static sleep
1877 : * time. This is useful for the case where our storage is so
1878 : * fast that it is more optimal to go ahead and force a flush
1879 : * and wait for the transaction to be committed than it is to
1880 : * wait for an arbitrary amount of time for new writers to
1881 : * join the transaction. We achieve this by measuring how
1882 : * long it takes to commit a transaction, and compare it with
1883 : * how long this transaction has been running, and if run time
1884 : * < commit time then we sleep for the delta and commit. This
1885 : * greatly helps super fast disks that would see slowdowns as
1886 : * more threads started doing fsyncs.
1887 : *
1888 : * But don't do this if this process was the most recent one
1889 : * to perform a synchronous write. We do this to detect the
1890 : * case where a single process is doing a stream of sync
1891 : * writes. No point in waiting for joiners in that case.
1892 : *
1893 : * Setting max_batch_time to 0 disables this completely.
1894 : */
1895 47429473 : pid = current->pid;
1896 47429473 : if (handle->h_sync && journal->j_last_sync_writer != pid &&
1897 37 : journal->j_max_batch_time) {
1898 37 : u64 commit_time, trans_time;
1899 :
1900 37 : journal->j_last_sync_writer = pid;
1901 :
1902 37 : read_lock(&journal->j_state_lock);
1903 37 : commit_time = journal->j_average_commit_time;
1904 37 : read_unlock(&journal->j_state_lock);
1905 :
1906 37 : trans_time = ktime_to_ns(ktime_sub(ktime_get(),
1907 : transaction->t_start_time));
1908 :
1909 37 : commit_time = max_t(u64, commit_time,
1910 : 1000*journal->j_min_batch_time);
1911 37 : commit_time = min_t(u64, commit_time,
1912 : 1000*journal->j_max_batch_time);
1913 :
1914 37 : if (trans_time < commit_time) {
1915 14 : ktime_t expires = ktime_add_ns(ktime_get(),
1916 : commit_time);
1917 14 : set_current_state(TASK_UNINTERRUPTIBLE);
1918 14 : schedule_hrtimeout(&expires, HRTIMER_MODE_ABS);
1919 : }
1920 : }
1921 :
1922 47429473 : if (handle->h_sync)
1923 48 : transaction->t_synchronous_commit = 1;
1924 :
1925 : /*
1926 : * If the handle is marked SYNC, we need to set another commit
1927 : * going! We also want to force a commit if the transaction is too
1928 : * old now.
1929 : */
1930 47429473 : if (handle->h_sync ||
1931 47429425 : time_after_eq(jiffies, transaction->t_expires)) {
1932 : /* Do this even for aborted journals: an abort still
1933 : * completes the commit thread, it just doesn't write
1934 : * anything to disk. */
1935 :
1936 244677 : jbd2_debug(2, "transaction too old, requesting commit for "
1937 : "handle %p\n", handle);
1938 : /* This is non-blocking */
1939 244677 : jbd2_log_start_commit(journal, tid);
1940 :
1941 : /*
1942 : * Special case: JBD2_SYNC synchronous updates require us
1943 : * to wait for the commit to complete.
1944 : */
1945 240829 : if (handle->h_sync && !(current->flags & PF_MEMALLOC))
1946 48 : wait_for_commit = 1;
1947 : }
1948 :
1949 : /*
1950 : * Once stop_this_handle() drops t_updates, the transaction could start
1951 : * committing on us and eventually disappear. So we must not
1952 : * dereference transaction pointer again after calling
1953 : * stop_this_handle().
1954 : */
1955 47425626 : stop_this_handle(handle);
1956 :
1957 47472556 : if (wait_for_commit)
1958 48 : err = jbd2_log_wait_commit(journal, tid);
1959 :
1960 47472508 : free_and_exit:
1961 47472556 : if (handle->h_rsv_handle)
1962 40014 : jbd2_free_handle(handle->h_rsv_handle);
1963 47472556 : jbd2_free_handle(handle);
1964 47472556 : return err;
1965 : }
1966 :
1967 : /*
1968 : *
1969 : * List management code snippets: various functions for manipulating the
1970 : * transaction buffer lists.
1971 : *
1972 : */
1973 :
1974 : /*
1975 : * Append a buffer to a transaction list, given the transaction's list head
1976 : * pointer.
1977 : *
1978 : * j_list_lock is held.
1979 : *
1980 : * jh->b_state_lock is held.
1981 : */
1982 :
1983 : static inline void
1984 : __blist_add_buffer(struct journal_head **list, struct journal_head *jh)
1985 : {
1986 12804691 : if (!*list) {
1987 2543017 : jh->b_tnext = jh->b_tprev = jh;
1988 2543017 : *list = jh;
1989 : } else {
1990 : /* Insert at the tail of the list to preserve order */
1991 10261674 : struct journal_head *first = *list, *last = first->b_tprev;
1992 10261674 : jh->b_tprev = last;
1993 10261674 : jh->b_tnext = first;
1994 10261674 : last->b_tnext = first->b_tprev = jh;
1995 : }
1996 : }
1997 :
1998 : /*
1999 : * Remove a buffer from a transaction list, given the transaction's list
2000 : * head pointer.
2001 : *
2002 : * Called with j_list_lock held, and the journal may not be locked.
2003 : *
2004 : * jh->b_state_lock is held.
2005 : */
2006 :
2007 : static inline void
2008 12804837 : __blist_del_buffer(struct journal_head **list, struct journal_head *jh)
2009 : {
2010 12804837 : if (*list == jh) {
2011 8827896 : *list = jh->b_tnext;
2012 8827896 : if (*list == jh)
2013 2543018 : *list = NULL;
2014 : }
2015 12804837 : jh->b_tprev->b_tnext = jh->b_tnext;
2016 12804837 : jh->b_tnext->b_tprev = jh->b_tprev;
2017 12804837 : }
2018 :
2019 : /*
2020 : * Remove a buffer from the appropriate transaction list.
2021 : *
2022 : * Note that this function can *change* the value of
2023 : * bh->b_transaction->t_buffers, t_forget, t_shadow_list, t_log_list or
2024 : * t_reserved_list. If the caller is holding onto a copy of one of these
2025 : * pointers, it could go bad. Generally the caller needs to re-read the
2026 : * pointer from the transaction_t.
2027 : *
2028 : * Called under j_list_lock.
2029 : */
2030 13152583 : static void __jbd2_journal_temp_unlink_buffer(struct journal_head *jh)
2031 : {
2032 13152583 : struct journal_head **list = NULL;
2033 13152583 : transaction_t *transaction;
2034 13152583 : struct buffer_head *bh = jh2bh(jh);
2035 :
2036 13152583 : lockdep_assert_held(&jh->b_state_lock);
2037 13152583 : transaction = jh->b_transaction;
2038 13152583 : if (transaction)
2039 13152583 : assert_spin_locked(&transaction->t_journal->j_list_lock);
2040 :
2041 13152583 : J_ASSERT_JH(jh, jh->b_jlist < BJ_Types);
2042 13152583 : if (jh->b_jlist != BJ_None)
2043 12804837 : J_ASSERT_JH(jh, transaction != NULL);
2044 :
2045 13152583 : switch (jh->b_jlist) {
2046 : case BJ_None:
2047 : return;
2048 3302194 : case BJ_Metadata:
2049 3302194 : transaction->t_nr_buffers--;
2050 3302194 : J_ASSERT_JH(jh, transaction->t_nr_buffers >= 0);
2051 3302194 : list = &transaction->t_buffers;
2052 3302194 : break;
2053 3310304 : case BJ_Forget:
2054 3310304 : list = &transaction->t_forget;
2055 3310304 : break;
2056 3184203 : case BJ_Shadow:
2057 3184203 : list = &transaction->t_shadow_list;
2058 3184203 : break;
2059 3008136 : case BJ_Reserved:
2060 3008136 : list = &transaction->t_reserved_list;
2061 3008136 : break;
2062 : }
2063 :
2064 12804837 : __blist_del_buffer(list, jh);
2065 12804837 : jh->b_jlist = BJ_None;
2066 12804837 : if (transaction && is_journal_aborted(transaction->t_journal))
2067 645 : clear_buffer_jbddirty(bh);
2068 12804192 : else if (test_clear_buffer_jbddirty(bh))
2069 2876768 : mark_buffer_dirty(bh); /* Expose it to the VM */
2070 : }
2071 :
2072 : /*
2073 : * Remove buffer from all transactions. The caller is responsible for dropping
2074 : * the jh reference that belonged to the transaction.
2075 : *
2076 : * Called with bh_state lock and j_list_lock
2077 : */
2078 3094506 : static void __jbd2_journal_unfile_buffer(struct journal_head *jh)
2079 : {
2080 3094506 : J_ASSERT_JH(jh, jh->b_transaction != NULL);
2081 3094506 : J_ASSERT_JH(jh, jh->b_next_transaction == NULL);
2082 :
2083 3094506 : __jbd2_journal_temp_unlink_buffer(jh);
2084 3094506 : jh->b_transaction = NULL;
2085 3094506 : }
2086 :
2087 0 : void jbd2_journal_unfile_buffer(journal_t *journal, struct journal_head *jh)
2088 : {
2089 0 : struct buffer_head *bh = jh2bh(jh);
2090 :
2091 : /* Get reference so that buffer cannot be freed before we unlock it */
2092 0 : get_bh(bh);
2093 0 : spin_lock(&jh->b_state_lock);
2094 0 : spin_lock(&journal->j_list_lock);
2095 0 : __jbd2_journal_unfile_buffer(jh);
2096 0 : spin_unlock(&journal->j_list_lock);
2097 0 : spin_unlock(&jh->b_state_lock);
2098 0 : jbd2_journal_put_journal_head(jh);
2099 0 : __brelse(bh);
2100 0 : }
2101 :
2102 : /**
2103 : * jbd2_journal_try_to_free_buffers() - try to free page buffers.
2104 : * @journal: journal for operation
2105 : * @folio: Folio to detach data from.
2106 : *
2107 : * For all the buffers on this page,
2108 : * if they are fully written out ordered data, move them onto BUF_CLEAN
2109 : * so try_to_free_buffers() can reap them.
2110 : *
2111 : * This function returns non-zero if we wish try_to_free_buffers()
2112 : * to be called. We do this if the page is releasable by try_to_free_buffers().
2113 : * We also do it if the page has locked or dirty buffers and the caller wants
2114 : * us to perform sync or async writeout.
2115 : *
2116 : * This complicates JBD locking somewhat. We aren't protected by the
2117 : * BKL here. We wish to remove the buffer from its committing or
2118 : * running transaction's ->t_datalist via __jbd2_journal_unfile_buffer.
2119 : *
2120 : * This may *change* the value of transaction_t->t_datalist, so anyone
2121 : * who looks at t_datalist needs to lock against this function.
2122 : *
2123 : * Even worse, someone may be doing a jbd2_journal_dirty_data on this
2124 : * buffer. So we need to lock against that. jbd2_journal_dirty_data()
2125 : * will come out of the lock with the buffer dirty, which makes it
2126 : * ineligible for release here.
2127 : *
2128 : * Who else is affected by this? hmm... Really the only contender
2129 : * is do_get_write_access() - it could be looking at the buffer while
2130 : * journal_try_to_free_buffer() is changing its state. But that
2131 : * cannot happen because we never reallocate freed data as metadata
2132 : * while the data is part of a transaction. Yes?
2133 : *
2134 : * Return false on failure, true on success
2135 : */
2136 33397127 : bool jbd2_journal_try_to_free_buffers(journal_t *journal, struct folio *folio)
2137 : {
2138 33397127 : struct buffer_head *head;
2139 33397127 : struct buffer_head *bh;
2140 33397127 : bool ret = false;
2141 :
2142 33397127 : J_ASSERT(folio_test_locked(folio));
2143 :
2144 33396547 : head = folio_buffers(folio);
2145 33396547 : bh = head;
2146 33397405 : do {
2147 33397405 : struct journal_head *jh;
2148 :
2149 : /*
2150 : * We take our own ref against the journal_head here to avoid
2151 : * having to add tons of locking around each instance of
2152 : * jbd2_journal_put_journal_head().
2153 : */
2154 33397405 : jh = jbd2_journal_grab_journal_head(bh);
2155 33403036 : if (!jh)
2156 33403036 : continue;
2157 :
2158 0 : spin_lock(&jh->b_state_lock);
2159 0 : if (!jh->b_transaction && !jh->b_next_transaction) {
2160 0 : spin_lock(&journal->j_list_lock);
2161 : /* Remove written-back checkpointed metadata buffer */
2162 0 : if (jh->b_cp_transaction != NULL)
2163 0 : jbd2_journal_try_remove_checkpoint(jh);
2164 0 : spin_unlock(&journal->j_list_lock);
2165 : }
2166 0 : spin_unlock(&jh->b_state_lock);
2167 0 : jbd2_journal_put_journal_head(jh);
2168 0 : if (buffer_jbd(bh))
2169 0 : goto busy;
2170 33403036 : } while ((bh = bh->b_this_page) != head);
2171 :
2172 33402178 : ret = try_to_free_buffers(folio);
2173 33401251 : busy:
2174 33401251 : return ret;
2175 : }
2176 :
2177 : /*
2178 : * This buffer is no longer needed. If it is on an older transaction's
2179 : * checkpoint list we need to record it on this transaction's forget list
2180 : * to pin this buffer (and hence its checkpointing transaction) down until
2181 : * this transaction commits. If the buffer isn't on a checkpoint list, we
2182 : * release it.
2183 : * Returns non-zero if JBD no longer has an interest in the buffer.
2184 : *
2185 : * Called under j_list_lock.
2186 : *
2187 : * Called under jh->b_state_lock.
2188 : */
2189 0 : static int __dispose_buffer(struct journal_head *jh, transaction_t *transaction)
2190 : {
2191 0 : int may_free = 1;
2192 0 : struct buffer_head *bh = jh2bh(jh);
2193 :
2194 0 : if (jh->b_cp_transaction) {
2195 0 : JBUFFER_TRACE(jh, "on running+cp transaction");
2196 0 : __jbd2_journal_temp_unlink_buffer(jh);
2197 : /*
2198 : * We don't want to write the buffer anymore, clear the
2199 : * bit so that we don't confuse checks in
2200 : * __journal_file_buffer
2201 : */
2202 0 : clear_buffer_dirty(bh);
2203 0 : __jbd2_journal_file_buffer(jh, transaction, BJ_Forget);
2204 0 : may_free = 0;
2205 : } else {
2206 0 : JBUFFER_TRACE(jh, "on running transaction");
2207 0 : __jbd2_journal_unfile_buffer(jh);
2208 0 : jbd2_journal_put_journal_head(jh);
2209 : }
2210 0 : return may_free;
2211 : }
2212 :
2213 : /*
2214 : * jbd2_journal_invalidate_folio
2215 : *
2216 : * This code is tricky. It has a number of cases to deal with.
2217 : *
2218 : * There are two invariants which this code relies on:
2219 : *
2220 : * i_size must be updated on disk before we start calling invalidate_folio
2221 : * on the data.
2222 : *
2223 : * This is done in ext3 by defining an ext3_setattr method which
2224 : * updates i_size before truncate gets going. By maintaining this
2225 : * invariant, we can be sure that it is safe to throw away any buffers
2226 : * attached to the current transaction: once the transaction commits,
2227 : * we know that the data will not be needed.
2228 : *
2229 : * Note however that we can *not* throw away data belonging to the
2230 : * previous, committing transaction!
2231 : *
2232 : * Any disk blocks which *are* part of the previous, committing
2233 : * transaction (and which therefore cannot be discarded immediately) are
2234 : * not going to be reused in the new running transaction
2235 : *
2236 : * The bitmap committed_data images guarantee this: any block which is
2237 : * allocated in one transaction and removed in the next will be marked
2238 : * as in-use in the committed_data bitmap, so cannot be reused until
2239 : * the next transaction to delete the block commits. This means that
2240 : * leaving committing buffers dirty is quite safe: the disk blocks
2241 : * cannot be reallocated to a different file and so buffer aliasing is
2242 : * not possible.
2243 : *
2244 : *
2245 : * The above applies mainly to ordered data mode. In writeback mode we
2246 : * don't make guarantees about the order in which data hits disk --- in
2247 : * particular we don't guarantee that new dirty data is flushed before
2248 : * transaction commit --- so it is always safe just to discard data
2249 : * immediately in that mode. --sct
2250 : */
2251 :
2252 : /*
2253 : * The journal_unmap_buffer helper function returns zero if the buffer
2254 : * concerned remains pinned as an anonymous buffer belonging to an older
2255 : * transaction.
2256 : *
2257 : * We're outside-transaction here. Either or both of j_running_transaction
2258 : * and j_committing_transaction may be NULL.
2259 : */
2260 1198 : static int journal_unmap_buffer(journal_t *journal, struct buffer_head *bh,
2261 : int partial_page)
2262 : {
2263 1198 : transaction_t *transaction;
2264 1198 : struct journal_head *jh;
2265 1198 : int may_free = 1;
2266 :
2267 1198 : BUFFER_TRACE(bh, "entry");
2268 :
2269 : /*
2270 : * It is safe to proceed here without the j_list_lock because the
2271 : * buffers cannot be stolen by try_to_free_buffers as long as we are
2272 : * holding the page lock. --sct
2273 : */
2274 :
2275 1198 : jh = jbd2_journal_grab_journal_head(bh);
2276 1198 : if (!jh)
2277 1198 : goto zap_buffer_unlocked;
2278 :
2279 : /* OK, we have data buffer in journaled mode */
2280 0 : write_lock(&journal->j_state_lock);
2281 0 : spin_lock(&jh->b_state_lock);
2282 0 : spin_lock(&journal->j_list_lock);
2283 :
2284 : /*
2285 : * We cannot remove the buffer from checkpoint lists until the
2286 : * transaction adding inode to orphan list (let's call it T)
2287 : * is committed. Otherwise if the transaction changing the
2288 : * buffer would be cleaned from the journal before T is
2289 : * committed, a crash will cause that the correct contents of
2290 : * the buffer will be lost. On the other hand we have to
2291 : * clear the buffer dirty bit at latest at the moment when the
2292 : * transaction marking the buffer as freed in the filesystem
2293 : * structures is committed because from that moment on the
2294 : * block can be reallocated and used by a different page.
2295 : * Since the block hasn't been freed yet but the inode has
2296 : * already been added to orphan list, it is safe for us to add
2297 : * the buffer to BJ_Forget list of the newest transaction.
2298 : *
2299 : * Also we have to clear buffer_mapped flag of a truncated buffer
2300 : * because the buffer_head may be attached to the page straddling
2301 : * i_size (can happen only when blocksize < pagesize) and thus the
2302 : * buffer_head can be reused when the file is extended again. So we end
2303 : * up keeping around invalidated buffers attached to transactions'
2304 : * BJ_Forget list just to stop checkpointing code from cleaning up
2305 : * the transaction this buffer was modified in.
2306 : */
2307 0 : transaction = jh->b_transaction;
2308 0 : if (transaction == NULL) {
2309 : /* First case: not on any transaction. If it
2310 : * has no checkpoint link, then we can zap it:
2311 : * it's a writeback-mode buffer so we don't care
2312 : * if it hits disk safely. */
2313 0 : if (!jh->b_cp_transaction) {
2314 0 : JBUFFER_TRACE(jh, "not on any transaction: zap");
2315 0 : goto zap_buffer;
2316 : }
2317 :
2318 0 : if (!buffer_dirty(bh)) {
2319 : /* bdflush has written it. We can drop it now */
2320 0 : __jbd2_journal_remove_checkpoint(jh);
2321 0 : goto zap_buffer;
2322 : }
2323 :
2324 : /* OK, it must be in the journal but still not
2325 : * written fully to disk: it's metadata or
2326 : * journaled data... */
2327 :
2328 0 : if (journal->j_running_transaction) {
2329 : /* ... and once the current transaction has
2330 : * committed, the buffer won't be needed any
2331 : * longer. */
2332 0 : JBUFFER_TRACE(jh, "checkpointed: add to BJ_Forget");
2333 0 : may_free = __dispose_buffer(jh,
2334 : journal->j_running_transaction);
2335 0 : goto zap_buffer;
2336 : } else {
2337 : /* There is no currently-running transaction. So the
2338 : * orphan record which we wrote for this file must have
2339 : * passed into commit. We must attach this buffer to
2340 : * the committing transaction, if it exists. */
2341 0 : if (journal->j_committing_transaction) {
2342 0 : JBUFFER_TRACE(jh, "give to committing trans");
2343 0 : may_free = __dispose_buffer(jh,
2344 : journal->j_committing_transaction);
2345 0 : goto zap_buffer;
2346 : } else {
2347 : /* The orphan record's transaction has
2348 : * committed. We can cleanse this buffer */
2349 0 : clear_buffer_jbddirty(bh);
2350 0 : __jbd2_journal_remove_checkpoint(jh);
2351 0 : goto zap_buffer;
2352 : }
2353 : }
2354 0 : } else if (transaction == journal->j_committing_transaction) {
2355 0 : JBUFFER_TRACE(jh, "on committing transaction");
2356 : /*
2357 : * The buffer is committing, we simply cannot touch
2358 : * it. If the page is straddling i_size we have to wait
2359 : * for commit and try again.
2360 : */
2361 0 : if (partial_page) {
2362 0 : spin_unlock(&journal->j_list_lock);
2363 0 : spin_unlock(&jh->b_state_lock);
2364 0 : write_unlock(&journal->j_state_lock);
2365 0 : jbd2_journal_put_journal_head(jh);
2366 : /* Already zapped buffer? Nothing to do... */
2367 0 : if (!bh->b_bdev)
2368 : return 0;
2369 0 : return -EBUSY;
2370 : }
2371 : /*
2372 : * OK, buffer won't be reachable after truncate. We just clear
2373 : * b_modified to not confuse transaction credit accounting, and
2374 : * set j_next_transaction to the running transaction (if there
2375 : * is one) and mark buffer as freed so that commit code knows
2376 : * it should clear dirty bits when it is done with the buffer.
2377 : */
2378 0 : set_buffer_freed(bh);
2379 0 : if (journal->j_running_transaction && buffer_jbddirty(bh))
2380 0 : jh->b_next_transaction = journal->j_running_transaction;
2381 0 : jh->b_modified = 0;
2382 0 : spin_unlock(&journal->j_list_lock);
2383 0 : spin_unlock(&jh->b_state_lock);
2384 0 : write_unlock(&journal->j_state_lock);
2385 0 : jbd2_journal_put_journal_head(jh);
2386 0 : return 0;
2387 : } else {
2388 : /* Good, the buffer belongs to the running transaction.
2389 : * We are writing our own transaction's data, not any
2390 : * previous one's, so it is safe to throw it away
2391 : * (remember that we expect the filesystem to have set
2392 : * i_size already for this truncate so recovery will not
2393 : * expose the disk blocks we are discarding here.) */
2394 0 : J_ASSERT_JH(jh, transaction == journal->j_running_transaction);
2395 0 : JBUFFER_TRACE(jh, "on running transaction");
2396 0 : may_free = __dispose_buffer(jh, transaction);
2397 : }
2398 :
2399 0 : zap_buffer:
2400 : /*
2401 : * This is tricky. Although the buffer is truncated, it may be reused
2402 : * if blocksize < pagesize and it is attached to the page straddling
2403 : * EOF. Since the buffer might have been added to BJ_Forget list of the
2404 : * running transaction, journal_get_write_access() won't clear
2405 : * b_modified and credit accounting gets confused. So clear b_modified
2406 : * here.
2407 : */
2408 0 : jh->b_modified = 0;
2409 0 : spin_unlock(&journal->j_list_lock);
2410 0 : spin_unlock(&jh->b_state_lock);
2411 0 : write_unlock(&journal->j_state_lock);
2412 0 : jbd2_journal_put_journal_head(jh);
2413 1198 : zap_buffer_unlocked:
2414 1198 : clear_buffer_dirty(bh);
2415 2396 : J_ASSERT_BH(bh, !buffer_jbddirty(bh));
2416 1198 : clear_buffer_mapped(bh);
2417 1198 : clear_buffer_req(bh);
2418 1198 : clear_buffer_new(bh);
2419 1198 : clear_buffer_delay(bh);
2420 1198 : clear_buffer_unwritten(bh);
2421 1198 : bh->b_bdev = NULL;
2422 1198 : return may_free;
2423 : }
2424 :
2425 : /**
2426 : * jbd2_journal_invalidate_folio()
2427 : * @journal: journal to use for flush...
2428 : * @folio: folio to flush
2429 : * @offset: start of the range to invalidate
2430 : * @length: length of the range to invalidate
2431 : *
2432 : * Reap page buffers containing data after in the specified range in page.
2433 : * Can return -EBUSY if buffers are part of the committing transaction and
2434 : * the page is straddling i_size. Caller then has to wait for current commit
2435 : * and try again.
2436 : */
2437 1203 : int jbd2_journal_invalidate_folio(journal_t *journal, struct folio *folio,
2438 : size_t offset, size_t length)
2439 : {
2440 1203 : struct buffer_head *head, *bh, *next;
2441 1203 : unsigned int stop = offset + length;
2442 1203 : unsigned int curr_off = 0;
2443 2401 : int partial_page = (offset || length < folio_size(folio));
2444 1203 : int may_free = 1;
2445 1203 : int ret = 0;
2446 :
2447 1203 : if (!folio_test_locked(folio))
2448 0 : BUG();
2449 1203 : head = folio_buffers(folio);
2450 1203 : if (!head)
2451 : return 0;
2452 :
2453 1203 : BUG_ON(stop > folio_size(folio) || stop < length);
2454 :
2455 : /* We will potentially be playing with lists other than just the
2456 : * data lists (especially for journaled data mode), so be
2457 : * cautious in our locking. */
2458 :
2459 : bh = head;
2460 1203 : do {
2461 1203 : unsigned int next_off = curr_off + bh->b_size;
2462 1203 : next = bh->b_this_page;
2463 :
2464 1203 : if (next_off > stop)
2465 : return 0;
2466 :
2467 1203 : if (offset <= curr_off) {
2468 : /* This block is wholly outside the truncation point */
2469 1198 : lock_buffer(bh);
2470 1198 : ret = journal_unmap_buffer(journal, bh, partial_page);
2471 1198 : unlock_buffer(bh);
2472 1198 : if (ret < 0)
2473 0 : return ret;
2474 1198 : may_free &= ret;
2475 : }
2476 1203 : curr_off = next_off;
2477 1203 : bh = next;
2478 :
2479 1203 : } while (bh != head);
2480 :
2481 1203 : if (!partial_page) {
2482 1198 : if (may_free && try_to_free_buffers(folio))
2483 1198 : J_ASSERT(!folio_buffers(folio));
2484 : }
2485 : return 0;
2486 : }
2487 :
2488 : /*
2489 : * File a buffer on the given transaction list.
2490 : */
2491 12804691 : void __jbd2_journal_file_buffer(struct journal_head *jh,
2492 : transaction_t *transaction, int jlist)
2493 : {
2494 12804691 : struct journal_head **list = NULL;
2495 12804691 : int was_dirty = 0;
2496 12804691 : struct buffer_head *bh = jh2bh(jh);
2497 :
2498 12804691 : lockdep_assert_held(&jh->b_state_lock);
2499 12804691 : assert_spin_locked(&transaction->t_journal->j_list_lock);
2500 :
2501 12804691 : J_ASSERT_JH(jh, jh->b_jlist < BJ_Types);
2502 12804691 : J_ASSERT_JH(jh, jh->b_transaction == transaction ||
2503 : jh->b_transaction == NULL);
2504 :
2505 12804691 : if (jh->b_transaction && jh->b_jlist == jlist)
2506 : return;
2507 :
2508 12804691 : if (jlist == BJ_Metadata || jlist == BJ_Reserved ||
2509 6494507 : jlist == BJ_Shadow || jlist == BJ_Forget) {
2510 : /*
2511 : * For metadata buffers, we track dirty bit in buffer_jbddirty
2512 : * instead of buffer_dirty. We should not see a dirty bit set
2513 : * here because we clear it in do_get_write_access but e.g.
2514 : * tune2fs can modify the sb and set the dirty bit at any time
2515 : * so we try to gracefully handle that.
2516 : */
2517 25609382 : if (buffer_dirty(bh))
2518 0 : warn_dirty_buffer(bh);
2519 25609382 : if (test_clear_buffer_dirty(bh) ||
2520 : test_clear_buffer_jbddirty(bh))
2521 : was_dirty = 1;
2522 : }
2523 :
2524 12804691 : if (jh->b_transaction)
2525 9710331 : __jbd2_journal_temp_unlink_buffer(jh);
2526 : else
2527 3094360 : jbd2_journal_grab_journal_head(bh);
2528 12804691 : jh->b_transaction = transaction;
2529 :
2530 12804691 : switch (jlist) {
2531 0 : case BJ_None:
2532 0 : J_ASSERT_JH(jh, !jh->b_committed_data);
2533 0 : J_ASSERT_JH(jh, !jh->b_frozen_data);
2534 : return;
2535 3302048 : case BJ_Metadata:
2536 3302048 : transaction->t_nr_buffers++;
2537 3302048 : list = &transaction->t_buffers;
2538 3302048 : break;
2539 3310304 : case BJ_Forget:
2540 3310304 : list = &transaction->t_forget;
2541 3310304 : break;
2542 3184203 : case BJ_Shadow:
2543 3184203 : list = &transaction->t_shadow_list;
2544 3184203 : break;
2545 3008136 : case BJ_Reserved:
2546 3008136 : list = &transaction->t_reserved_list;
2547 3008136 : break;
2548 : }
2549 :
2550 12804691 : __blist_add_buffer(list, jh);
2551 12804691 : jh->b_jlist = jlist;
2552 :
2553 12804691 : if (was_dirty)
2554 10758043 : set_buffer_jbddirty(bh);
2555 : }
2556 :
2557 3184203 : void jbd2_journal_file_buffer(struct journal_head *jh,
2558 : transaction_t *transaction, int jlist)
2559 : {
2560 3184203 : spin_lock(&jh->b_state_lock);
2561 3184203 : spin_lock(&transaction->t_journal->j_list_lock);
2562 3184203 : __jbd2_journal_file_buffer(jh, transaction, jlist);
2563 3184203 : spin_unlock(&transaction->t_journal->j_list_lock);
2564 3184203 : spin_unlock(&jh->b_state_lock);
2565 3184203 : }
2566 :
2567 : /*
2568 : * Remove a buffer from its current buffer list in preparation for
2569 : * dropping it from its current transaction entirely. If the buffer has
2570 : * already started to be used by a subsequent transaction, refile the
2571 : * buffer on that transaction's metadata list.
2572 : *
2573 : * Called under j_list_lock
2574 : * Called under jh->b_state_lock
2575 : *
2576 : * When this function returns true, there's no next transaction to refile to
2577 : * and the caller has to drop jh reference through
2578 : * jbd2_journal_put_journal_head().
2579 : */
2580 3320085 : bool __jbd2_journal_refile_buffer(struct journal_head *jh)
2581 : {
2582 3320085 : int was_dirty, jlist;
2583 3320085 : struct buffer_head *bh = jh2bh(jh);
2584 :
2585 3320085 : lockdep_assert_held(&jh->b_state_lock);
2586 3320085 : if (jh->b_transaction)
2587 3320085 : assert_spin_locked(&jh->b_transaction->t_journal->j_list_lock);
2588 :
2589 : /* If the buffer is now unused, just drop it. */
2590 3320085 : if (jh->b_next_transaction == NULL) {
2591 3008701 : __jbd2_journal_unfile_buffer(jh);
2592 3008701 : return true;
2593 : }
2594 :
2595 : /*
2596 : * It has been modified by a later transaction: add it to the new
2597 : * transaction's metadata list.
2598 : */
2599 :
2600 311384 : was_dirty = test_clear_buffer_jbddirty(bh);
2601 311384 : __jbd2_journal_temp_unlink_buffer(jh);
2602 :
2603 : /*
2604 : * b_transaction must be set, otherwise the new b_transaction won't
2605 : * be holding jh reference
2606 : */
2607 311384 : J_ASSERT_JH(jh, jh->b_transaction != NULL);
2608 :
2609 : /*
2610 : * We set b_transaction here because b_next_transaction will inherit
2611 : * our jh reference and thus __jbd2_journal_file_buffer() must not
2612 : * take a new one.
2613 : */
2614 311384 : WRITE_ONCE(jh->b_transaction, jh->b_next_transaction);
2615 311384 : WRITE_ONCE(jh->b_next_transaction, NULL);
2616 622768 : if (buffer_freed(bh))
2617 : jlist = BJ_Forget;
2618 309417 : else if (jh->b_modified)
2619 : jlist = BJ_Metadata;
2620 : else
2621 1548 : jlist = BJ_Reserved;
2622 311384 : __jbd2_journal_file_buffer(jh, jh->b_transaction, jlist);
2623 311384 : J_ASSERT_JH(jh, jh->b_transaction->t_state == T_RUNNING);
2624 :
2625 311384 : if (was_dirty)
2626 311384 : set_buffer_jbddirty(bh);
2627 : return false;
2628 : }
2629 :
2630 : /*
2631 : * __jbd2_journal_refile_buffer() with necessary locking added. We take our
2632 : * bh reference so that we can safely unlock bh.
2633 : *
2634 : * The jh and bh may be freed by this call.
2635 : */
2636 9781 : void jbd2_journal_refile_buffer(journal_t *journal, struct journal_head *jh)
2637 : {
2638 9781 : bool drop;
2639 :
2640 9781 : spin_lock(&jh->b_state_lock);
2641 9781 : spin_lock(&journal->j_list_lock);
2642 9781 : drop = __jbd2_journal_refile_buffer(jh);
2643 9781 : spin_unlock(&jh->b_state_lock);
2644 9781 : spin_unlock(&journal->j_list_lock);
2645 9781 : if (drop)
2646 9781 : jbd2_journal_put_journal_head(jh);
2647 9781 : }
2648 :
2649 : /*
2650 : * File inode in the inode list of the handle's transaction
2651 : */
2652 584585 : static int jbd2_journal_file_inode(handle_t *handle, struct jbd2_inode *jinode,
2653 : unsigned long flags, loff_t start_byte, loff_t end_byte)
2654 : {
2655 584585 : transaction_t *transaction = handle->h_transaction;
2656 584585 : journal_t *journal;
2657 :
2658 1169170 : if (is_handle_aborted(handle))
2659 : return -EROFS;
2660 584585 : journal = transaction->t_journal;
2661 :
2662 584585 : jbd2_debug(4, "Adding inode %lu, tid:%d\n", jinode->i_vfs_inode->i_ino,
2663 : transaction->t_tid);
2664 :
2665 584585 : spin_lock(&journal->j_list_lock);
2666 584756 : jinode->i_flags |= flags;
2667 :
2668 584756 : if (jinode->i_dirty_end) {
2669 424161 : jinode->i_dirty_start = min(jinode->i_dirty_start, start_byte);
2670 424161 : jinode->i_dirty_end = max(jinode->i_dirty_end, end_byte);
2671 : } else {
2672 160595 : jinode->i_dirty_start = start_byte;
2673 160595 : jinode->i_dirty_end = end_byte;
2674 : }
2675 :
2676 : /* Is inode already attached where we need it? */
2677 584756 : if (jinode->i_transaction == transaction ||
2678 161314 : jinode->i_next_transaction == transaction)
2679 424116 : goto done;
2680 :
2681 : /*
2682 : * We only ever set this variable to 1 so the test is safe. Since
2683 : * t_need_data_flush is likely to be set, we do the test to save some
2684 : * cacheline bouncing
2685 : */
2686 160640 : if (!transaction->t_need_data_flush)
2687 107087 : transaction->t_need_data_flush = 1;
2688 : /* On some different transaction's list - should be
2689 : * the committing one */
2690 160640 : if (jinode->i_transaction) {
2691 46 : J_ASSERT(jinode->i_next_transaction == NULL);
2692 46 : J_ASSERT(jinode->i_transaction ==
2693 : journal->j_committing_transaction);
2694 46 : jinode->i_next_transaction = transaction;
2695 46 : goto done;
2696 : }
2697 : /* Not on any transaction list... */
2698 160594 : J_ASSERT(!jinode->i_next_transaction);
2699 160594 : jinode->i_transaction = transaction;
2700 160594 : list_add(&jinode->i_list, &transaction->t_inode_list);
2701 584756 : done:
2702 584756 : spin_unlock(&journal->j_list_lock);
2703 :
2704 584756 : return 0;
2705 : }
2706 :
2707 584455 : int jbd2_journal_inode_ranged_write(handle_t *handle,
2708 : struct jbd2_inode *jinode, loff_t start_byte, loff_t length)
2709 : {
2710 1169002 : return jbd2_journal_file_inode(handle, jinode,
2711 : JI_WRITE_DATA | JI_WAIT_DATA, start_byte,
2712 584455 : start_byte + length - 1);
2713 : }
2714 :
2715 206 : int jbd2_journal_inode_ranged_wait(handle_t *handle, struct jbd2_inode *jinode,
2716 : loff_t start_byte, loff_t length)
2717 : {
2718 412 : return jbd2_journal_file_inode(handle, jinode, JI_WAIT_DATA,
2719 206 : start_byte, start_byte + length - 1);
2720 : }
2721 :
2722 : /*
2723 : * File truncate and transaction commit interact with each other in a
2724 : * non-trivial way. If a transaction writing data block A is
2725 : * committing, we cannot discard the data by truncate until we have
2726 : * written them. Otherwise if we crashed after the transaction with
2727 : * write has committed but before the transaction with truncate has
2728 : * committed, we could see stale data in block A. This function is a
2729 : * helper to solve this problem. It starts writeout of the truncated
2730 : * part in case it is in the committing transaction.
2731 : *
2732 : * Filesystem code must call this function when inode is journaled in
2733 : * ordered mode before truncation happens and after the inode has been
2734 : * placed on orphan list with the new inode size. The second condition
2735 : * avoids the race that someone writes new data and we start
2736 : * committing the transaction after this function has been called but
2737 : * before a transaction for truncate is started (and furthermore it
2738 : * allows us to optimize the case where the addition to orphan list
2739 : * happens in the same transaction as write --- we don't have to write
2740 : * any data in such case).
2741 : */
2742 1886506 : int jbd2_journal_begin_ordered_truncate(journal_t *journal,
2743 : struct jbd2_inode *jinode,
2744 : loff_t new_size)
2745 : {
2746 1886506 : transaction_t *inode_trans, *commit_trans;
2747 1886506 : int ret = 0;
2748 :
2749 : /* This is a quick check to avoid locking if not necessary */
2750 1886506 : if (!jinode->i_transaction)
2751 1798429 : goto out;
2752 : /* Locks are here just to force reading of recent values, it is
2753 : * enough that the transaction was not committing before we started
2754 : * a transaction adding the inode to orphan list */
2755 88077 : read_lock(&journal->j_state_lock);
2756 88077 : commit_trans = journal->j_committing_transaction;
2757 88077 : read_unlock(&journal->j_state_lock);
2758 88077 : spin_lock(&journal->j_list_lock);
2759 88077 : inode_trans = jinode->i_transaction;
2760 88077 : spin_unlock(&journal->j_list_lock);
2761 88077 : if (inode_trans == commit_trans) {
2762 55 : ret = filemap_fdatawrite_range(jinode->i_vfs_inode->i_mapping,
2763 : new_size, LLONG_MAX);
2764 55 : if (ret)
2765 0 : jbd2_journal_abort(journal, ret);
2766 : }
2767 88077 : out:
2768 1886506 : return ret;
2769 : }
|
