]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blame - fs/iomap.c
projects / mirror_ubuntu-bionic-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
f2fs: fix potential overflow
[mirror_ubuntu-bionic-kernel.git] / fs / iomap.c
CommitLineData
ae259a9c
CH		 1/*
2 * Copyright (C) 2010 Red Hat, Inc.
3 * Copyright (c) 2016 Christoph Hellwig.
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms and conditions of the GNU General Public License,
7 * version 2, as published by the Free Software Foundation.
8 *
9 * This program is distributed in the hope it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
12 * more details.
13 */
14#include <linux/module.h>
15#include <linux/compiler.h>
16#include <linux/fs.h>
17#include <linux/iomap.h>
18#include <linux/uaccess.h>
19#include <linux/gfp.h>
20#include <linux/mm.h>
21#include <linux/swap.h>
22#include <linux/pagemap.h>
23#include <linux/file.h>
24#include <linux/uio.h>
25#include <linux/backing-dev.h>
26#include <linux/buffer_head.h>
ff6a9292 27#include <linux/task_io_accounting_ops.h>
9a286f0e 28#include <linux/dax.h>
f361bf4a
IM		 29#include <linux/sched/signal.h>
30
ae259a9c
CH		 31#include "internal.h"
32
ae259a9c
CH		 33/*
34 * Execute a iomap write on a segment of the mapping that spans a
35 * contiguous range of pages that have identical block mapping state.
36 *
37 * This avoids the need to map pages individually, do individual allocations
38 * for each page and most importantly avoid the need for filesystem specific
39 * locking per page. Instead, all the operations are amortised over the entire
40 * range of pages. It is assumed that the filesystems will lock whatever
41 * resources they require in the iomap_begin call, and release them in the
42 * iomap_end call.
43 */
befb503c 44loff_t
ae259a9c 45iomap_apply(struct inode *inode, loff_t pos, loff_t length, unsigned flags,
8ff6daa1 46 const struct iomap_ops *ops, void *data, iomap_actor_t actor)
ae259a9c
CH		 47{
48 struct iomap iomap = { 0 };
49 loff_t written = 0, ret;
50
51 /*
52 * Need to map a range from start position for length bytes. This can
53 * span multiple pages - it is only guaranteed to return a range of a
54 * single type of pages (e.g. all into a hole, all mapped or all
55 * unwritten). Failure at this point has nothing to undo.
56 *
57 * If allocation is required for this range, reserve the space now so
58 * that the allocation is guaranteed to succeed later on. Once we copy
59 * the data into the page cache pages, then we cannot fail otherwise we
60 * expose transient stale data. If the reserve fails, we can safely
61 * back out at this point as there is nothing to undo.
62 */
63 ret = ops->iomap_begin(inode, pos, length, flags, &iomap);
64 if (ret)
65 return ret;
66 if (WARN_ON(iomap.offset > pos))
67 return -EIO;
68
69 /*
70 * Cut down the length to the one actually provided by the filesystem,
71 * as it might not be able to give us the whole size that we requested.
72 */
73 if (iomap.offset + iomap.length < pos + length)
74 length = iomap.offset + iomap.length - pos;
75
76 /*
77 * Now that we have guaranteed that the space allocation will succeed.
78 * we can do the copy-in page by page without having to worry about
79 * failures exposing transient data.
80 */
81 written = actor(inode, pos, length, data, &iomap);
82
83 /*
84 * Now the data has been copied, commit the range we've copied. This
85 * should not fail unless the filesystem has had a fatal error.
86 */
f20ac7ab
CH		 87 if (ops->iomap_end) {
88 ret = ops->iomap_end(inode, pos, length,
89 written > 0 ? written : 0,
90 flags, &iomap);
91 }
ae259a9c
CH		 92
93 return written ? written : ret;
94}
95
96static void
97iomap_write_failed(struct inode *inode, loff_t pos, unsigned len)
98{
99 loff_t i_size = i_size_read(inode);
100
101 /*
102 * Only truncate newly allocated pages beyoned EOF, even if the
103 * write started inside the existing inode size.
104 */
105 if (pos + len > i_size)
106 truncate_pagecache_range(inode, max(pos, i_size), pos + len);
107}
108
109static int
110iomap_write_begin(struct inode *inode, loff_t pos, unsigned len, unsigned flags,
111 struct page **pagep, struct iomap *iomap)
112{
113 pgoff_t index = pos >> PAGE_SHIFT;
114 struct page *page;
115 int status = 0;
116
117 BUG_ON(pos + len > iomap->offset + iomap->length);
118
d1908f52
MH		 119 if (fatal_signal_pending(current))
120 return -EINTR;
121
ae259a9c
CH		 122 page = grab_cache_page_write_begin(inode->i_mapping, index, flags);
123 if (!page)
124 return -ENOMEM;
125
126 status = __block_write_begin_int(page, pos, len, NULL, iomap);
127 if (unlikely(status)) {
128 unlock_page(page);
129 put_page(page);
130 page = NULL;
131
132 iomap_write_failed(inode, pos, len);
133 }
134
135 *pagep = page;
136 return status;
137}
138
139static int
140iomap_write_end(struct inode *inode, loff_t pos, unsigned len,
141 unsigned copied, struct page *page)
142{
143 int ret;
144
145 ret = generic_write_end(NULL, inode->i_mapping, pos, len,
146 copied, page, NULL);
147 if (ret < len)
148 iomap_write_failed(inode, pos, len);
149 return ret;
150}
151
152static loff_t
153iomap_write_actor(struct inode *inode, loff_t pos, loff_t length, void *data,
154 struct iomap *iomap)
155{
156 struct iov_iter *i = data;
157 long status = 0;
158 ssize_t written = 0;
159 unsigned int flags = AOP_FLAG_NOFS;
160
ae259a9c
CH		 161 do {
162 struct page *page;
163 unsigned long offset; /* Offset into pagecache page */
164 unsigned long bytes; /* Bytes to write to page */
165 size_t copied; /* Bytes copied from user */
166
167 offset = (pos & (PAGE_SIZE - 1));
168 bytes = min_t(unsigned long, PAGE_SIZE - offset,
169 iov_iter_count(i));
170again:
171 if (bytes > length)
172 bytes = length;
173
174 /*
175 * Bring in the user page that we will copy from _first_.
176 * Otherwise there's a nasty deadlock on copying from the
177 * same page as we're writing to, without it being marked
178 * up-to-date.
179 *
180 * Not only is this an optimisation, but it is also required
181 * to check that the address is actually valid, when atomic
182 * usercopies are used, below.
183 */
184 if (unlikely(iov_iter_fault_in_readable(i, bytes))) {
185 status = -EFAULT;
186 break;
187 }
188
189 status = iomap_write_begin(inode, pos, bytes, flags, &page,
190 iomap);
191 if (unlikely(status))
192 break;
193
194 if (mapping_writably_mapped(inode->i_mapping))
195 flush_dcache_page(page);
196
ae259a9c 197 copied = iov_iter_copy_from_user_atomic(page, i, offset, bytes);
ae259a9c
CH		 198
199 flush_dcache_page(page);
ae259a9c
CH		 200
201 status = iomap_write_end(inode, pos, bytes, copied, page);
202 if (unlikely(status < 0))
203 break;
204 copied = status;
205
206 cond_resched();
207
208 iov_iter_advance(i, copied);
209 if (unlikely(copied == 0)) {
210 /*
211 * If we were unable to copy any data at all, we must
212 * fall back to a single segment length write.
213 *
214 * If we didn't fallback here, we could livelock
215 * because not all segments in the iov can be copied at
216 * once without a pagefault.
217 */
218 bytes = min_t(unsigned long, PAGE_SIZE - offset,
219 iov_iter_single_seg_count(i));
220 goto again;
221 }
222 pos += copied;
223 written += copied;
224 length -= copied;
225
226 balance_dirty_pages_ratelimited(inode->i_mapping);
227 } while (iov_iter_count(i) && length);
228
229 return written ? written : status;
230}
231
232ssize_t
233iomap_file_buffered_write(struct kiocb *iocb, struct iov_iter *iter,
8ff6daa1 234 const struct iomap_ops *ops)
ae259a9c
CH		 235{
236 struct inode *inode = iocb->ki_filp->f_mapping->host;
237 loff_t pos = iocb->ki_pos, ret = 0, written = 0;
238
239 while (iov_iter_count(iter)) {
240 ret = iomap_apply(inode, pos, iov_iter_count(iter),
241 IOMAP_WRITE, ops, iter, iomap_write_actor);
242 if (ret <= 0)
243 break;
244 pos += ret;
245 written += ret;
246 }
247
248 return written ? written : ret;
249}
250EXPORT_SYMBOL_GPL(iomap_file_buffered_write);
251
5f4e5752
CH		 252static struct page *
253__iomap_read_page(struct inode *inode, loff_t offset)
254{
255 struct address_space *mapping = inode->i_mapping;
256 struct page *page;
257
258 page = read_mapping_page(mapping, offset >> PAGE_SHIFT, NULL);
259 if (IS_ERR(page))
260 return page;
261 if (!PageUptodate(page)) {
262 put_page(page);
263 return ERR_PTR(-EIO);
264 }
265 return page;
266}
267
268static loff_t
269iomap_dirty_actor(struct inode *inode, loff_t pos, loff_t length, void *data,
270 struct iomap *iomap)
271{
272 long status = 0;
273 ssize_t written = 0;
274
275 do {
276 struct page *page, *rpage;
277 unsigned long offset; /* Offset into pagecache page */
278 unsigned long bytes; /* Bytes to write to page */
279
280 offset = (pos & (PAGE_SIZE - 1));
e28ae8e4 281 bytes = min_t(loff_t, PAGE_SIZE - offset, length);
5f4e5752
CH		 282
283 rpage = __iomap_read_page(inode, pos);
284 if (IS_ERR(rpage))
285 return PTR_ERR(rpage);
286
287 status = iomap_write_begin(inode, pos, bytes,
c718a975 288 AOP_FLAG_NOFS, &page, iomap);
5f4e5752
CH		 289 put_page(rpage);
290 if (unlikely(status))
291 return status;
292
293 WARN_ON_ONCE(!PageUptodate(page));
294
295 status = iomap_write_end(inode, pos, bytes, bytes, page);
296 if (unlikely(status <= 0)) {
297 if (WARN_ON_ONCE(status == 0))
298 return -EIO;
299 return status;
300 }
301
302 cond_resched();
303
304 pos += status;
305 written += status;
306 length -= status;
307
308 balance_dirty_pages_ratelimited(inode->i_mapping);
309 } while (length);
310
311 return written;
312}
313
314int
315iomap_file_dirty(struct inode *inode, loff_t pos, loff_t len,
8ff6daa1 316 const struct iomap_ops *ops)
5f4e5752
CH		 317{
318 loff_t ret;
319
320 while (len) {
321 ret = iomap_apply(inode, pos, len, IOMAP_WRITE, ops, NULL,
322 iomap_dirty_actor);
323 if (ret <= 0)
324 return ret;
325 pos += ret;
326 len -= ret;
327 }
328
329 return 0;
330}
331EXPORT_SYMBOL_GPL(iomap_file_dirty);
332
ae259a9c
CH		 333static int iomap_zero(struct inode *inode, loff_t pos, unsigned offset,
334 unsigned bytes, struct iomap *iomap)
335{
336 struct page *page;
337 int status;
338
c718a975
TH		 339 status = iomap_write_begin(inode, pos, bytes, AOP_FLAG_NOFS, &page,
340 iomap);
ae259a9c
CH		 341 if (status)
342 return status;
343
344 zero_user(page, offset, bytes);
345 mark_page_accessed(page);
346
347 return iomap_write_end(inode, pos, bytes, bytes, page);
348}
349
9a286f0e
CH		 350static int iomap_dax_zero(loff_t pos, unsigned offset, unsigned bytes,
351 struct iomap *iomap)
352{
19fe5f64
AG		 353 sector_t sector = (iomap->addr +
354 (pos & PAGE_MASK) - iomap->offset) >> 9;
9a286f0e 355
cccbce67
DW		 356 return __dax_zero_page_range(iomap->bdev, iomap->dax_dev, sector,
357 offset, bytes);
9a286f0e
CH		 358}
359
ae259a9c
CH		 360static loff_t
361iomap_zero_range_actor(struct inode *inode, loff_t pos, loff_t count,
362 void *data, struct iomap *iomap)
363{
364 bool *did_zero = data;
365 loff_t written = 0;
366 int status;
367
368 /* already zeroed? we're done. */
369 if (iomap->type == IOMAP_HOLE || iomap->type == IOMAP_UNWRITTEN)
370 return count;
371
372 do {
373 unsigned offset, bytes;
374
375 offset = pos & (PAGE_SIZE - 1); /* Within page */
e28ae8e4 376 bytes = min_t(loff_t, PAGE_SIZE - offset, count);
ae259a9c 377
9a286f0e
CH		 378 if (IS_DAX(inode))
379 status = iomap_dax_zero(pos, offset, bytes, iomap);
380 else
381 status = iomap_zero(inode, pos, offset, bytes, iomap);
ae259a9c
CH		 382 if (status < 0)
383 return status;
384
385 pos += bytes;
386 count -= bytes;
387 written += bytes;
388 if (did_zero)
389 *did_zero = true;
390 } while (count > 0);
391
392 return written;
393}
394
395int
396iomap_zero_range(struct inode *inode, loff_t pos, loff_t len, bool *did_zero,
8ff6daa1 397 const struct iomap_ops *ops)
ae259a9c
CH		 398{
399 loff_t ret;
400
401 while (len > 0) {
402 ret = iomap_apply(inode, pos, len, IOMAP_ZERO,
403 ops, did_zero, iomap_zero_range_actor);
404 if (ret <= 0)
405 return ret;
406
407 pos += ret;
408 len -= ret;
409 }
410
411 return 0;
412}
413EXPORT_SYMBOL_GPL(iomap_zero_range);
414
415int
416iomap_truncate_page(struct inode *inode, loff_t pos, bool *did_zero,
8ff6daa1 417 const struct iomap_ops *ops)
ae259a9c 418{
93407472
FF		 419 unsigned int blocksize = i_blocksize(inode);
420 unsigned int off = pos & (blocksize - 1);
ae259a9c
CH		 421
422 /* Block boundary? Nothing to do */
423 if (!off)
424 return 0;
425 return iomap_zero_range(inode, pos, blocksize - off, did_zero, ops);
426}
427EXPORT_SYMBOL_GPL(iomap_truncate_page);
428
429static loff_t
430iomap_page_mkwrite_actor(struct inode *inode, loff_t pos, loff_t length,
431 void *data, struct iomap *iomap)
432{
433 struct page *page = data;
434 int ret;
435
c663e29f 436 ret = __block_write_begin_int(page, pos, length, NULL, iomap);
ae259a9c
CH		 437 if (ret)
438 return ret;
439
440 block_commit_write(page, 0, length);
441 return length;
442}
443
11bac800 444int iomap_page_mkwrite(struct vm_fault *vmf, const struct iomap_ops *ops)
ae259a9c
CH		 445{
446 struct page *page = vmf->page;
11bac800 447 struct inode *inode = file_inode(vmf->vma->vm_file);
ae259a9c
CH		 448 unsigned long length;
449 loff_t offset, size;
450 ssize_t ret;
451
452 lock_page(page);
453 size = i_size_read(inode);
454 if ((page->mapping != inode->i_mapping) ||
455 (page_offset(page) > size)) {
456 /* We overload EFAULT to mean page got truncated */
457 ret = -EFAULT;
458 goto out_unlock;
459 }
460
461 /* page is wholly or partially inside EOF */
462 if (((page->index + 1) << PAGE_SHIFT) > size)
463 length = size & ~PAGE_MASK;
464 else
465 length = PAGE_SIZE;
466
467 offset = page_offset(page);
468 while (length > 0) {
9484ab1b
JK		 469 ret = iomap_apply(inode, offset, length,
470 IOMAP_WRITE | IOMAP_FAULT, ops, page,
471 iomap_page_mkwrite_actor);
ae259a9c
CH		 472 if (unlikely(ret <= 0))
473 goto out_unlock;
474 offset += ret;
475 length -= ret;
476 }
477
478 set_page_dirty(page);
479 wait_for_stable_page(page);
e7647fb4 480 return VM_FAULT_LOCKED;
ae259a9c
CH		 481out_unlock:
482 unlock_page(page);
e7647fb4 483 return block_page_mkwrite_return(ret);
ae259a9c
CH		 484}
485EXPORT_SYMBOL_GPL(iomap_page_mkwrite);
8be9f564
CH		 486
487struct fiemap_ctx {
488 struct fiemap_extent_info *fi;
489 struct iomap prev;
490};
491
492static int iomap_to_fiemap(struct fiemap_extent_info *fi,
493 struct iomap *iomap, u32 flags)
494{
495 switch (iomap->type) {
496 case IOMAP_HOLE:
497 /* skip holes */
498 return 0;
499 case IOMAP_DELALLOC:
500 flags |= FIEMAP_EXTENT_DELALLOC | FIEMAP_EXTENT_UNKNOWN;
501 break;
502 case IOMAP_UNWRITTEN:
503 flags |= FIEMAP_EXTENT_UNWRITTEN;
504 break;
505 case IOMAP_MAPPED:
506 break;
507 }
508
17de0a9f
CH		 509 if (iomap->flags & IOMAP_F_MERGED)
510 flags |= FIEMAP_EXTENT_MERGED;
e43c460d
DW		 511 if (iomap->flags & IOMAP_F_SHARED)
512 flags |= FIEMAP_EXTENT_SHARED;
9ca250a5
AG		 513 if (iomap->flags & IOMAP_F_DATA_INLINE)
514 flags |= FIEMAP_EXTENT_DATA_INLINE;
17de0a9f 515
8be9f564 516 return fiemap_fill_next_extent(fi, iomap->offset,
19fe5f64 517 iomap->addr != IOMAP_NULL_ADDR ? iomap->addr : 0,
17de0a9f 518 iomap->length, flags);
8be9f564
CH		 519}
520
521static loff_t
522iomap_fiemap_actor(struct inode *inode, loff_t pos, loff_t length, void *data,
523 struct iomap *iomap)
524{
525 struct fiemap_ctx *ctx = data;
526 loff_t ret = length;
527
528 if (iomap->type == IOMAP_HOLE)
529 return length;
530
531 ret = iomap_to_fiemap(ctx->fi, &ctx->prev, 0);
532 ctx->prev = *iomap;
533 switch (ret) {
534 case 0: /* success */
535 return length;
536 case 1: /* extent array full */
537 return 0;
538 default:
539 return ret;
540 }
541}
542
543int iomap_fiemap(struct inode *inode, struct fiemap_extent_info *fi,
8ff6daa1 544 loff_t start, loff_t len, const struct iomap_ops *ops)
8be9f564
CH		 545{
546 struct fiemap_ctx ctx;
547 loff_t ret;
548
549 memset(&ctx, 0, sizeof(ctx));
550 ctx.fi = fi;
551 ctx.prev.type = IOMAP_HOLE;
552
553 ret = fiemap_check_flags(fi, FIEMAP_FLAG_SYNC);
554 if (ret)
555 return ret;
556
8896b8f6
DC		 557 if (fi->fi_flags & FIEMAP_FLAG_SYNC) {
558 ret = filemap_write_and_wait(inode->i_mapping);
559 if (ret)
560 return ret;
561 }
8be9f564
CH		 562
563 while (len > 0) {
d33fd776 564 ret = iomap_apply(inode, start, len, IOMAP_REPORT, ops, &ctx,
8be9f564 565 iomap_fiemap_actor);
ac2dc058
DC		 566 /* inode with no (attribute) mapping will give ENOENT */
567 if (ret == -ENOENT)
568 break;
8be9f564
CH		 569 if (ret < 0)
570 return ret;
571 if (ret == 0)
572 break;
573
574 start += ret;
575 len -= ret;
576 }
577
578 if (ctx.prev.type != IOMAP_HOLE) {
579 ret = iomap_to_fiemap(fi, &ctx.prev, FIEMAP_EXTENT_LAST);
580 if (ret < 0)
581 return ret;
582 }
583
584 return 0;
585}
586EXPORT_SYMBOL_GPL(iomap_fiemap);
ff6a9292 587
0ed3b0d4
AG		 588static loff_t
589iomap_seek_hole_actor(struct inode *inode, loff_t offset, loff_t length,
590 void *data, struct iomap *iomap)
591{
592 switch (iomap->type) {
593 case IOMAP_UNWRITTEN:
594 offset = page_cache_seek_hole_data(inode, offset, length,
595 SEEK_HOLE);
596 if (offset < 0)
597 return length;
598 /* fall through */
599 case IOMAP_HOLE:
600 *(loff_t *)data = offset;
601 return 0;
602 default:
603 return length;
604 }
605}
606
607loff_t
608iomap_seek_hole(struct inode *inode, loff_t offset, const struct iomap_ops *ops)
609{
610 loff_t size = i_size_read(inode);
611 loff_t length = size - offset;
612 loff_t ret;
613
d6ab17f2
DW		 614 /* Nothing to be found before or beyond the end of the file. */
615 if (offset < 0 || offset >= size)
0ed3b0d4
AG		 616 return -ENXIO;
617
618 while (length > 0) {
619 ret = iomap_apply(inode, offset, length, IOMAP_REPORT, ops,
620 &offset, iomap_seek_hole_actor);
621 if (ret < 0)
622 return ret;
623 if (ret == 0)
624 break;
625
626 offset += ret;
627 length -= ret;
628 }
629
630 return offset;
631}
632EXPORT_SYMBOL_GPL(iomap_seek_hole);
633
634static loff_t
635iomap_seek_data_actor(struct inode *inode, loff_t offset, loff_t length,
636 void *data, struct iomap *iomap)
637{
638 switch (iomap->type) {
639 case IOMAP_HOLE:
640 return length;
641 case IOMAP_UNWRITTEN:
642 offset = page_cache_seek_hole_data(inode, offset, length,
643 SEEK_DATA);
644 if (offset < 0)
645 return length;
646 /*FALLTHRU*/
647 default:
648 *(loff_t *)data = offset;
649 return 0;
650 }
651}
652
653loff_t
654iomap_seek_data(struct inode *inode, loff_t offset, const struct iomap_ops *ops)
655{
656 loff_t size = i_size_read(inode);
657 loff_t length = size - offset;
658 loff_t ret;
659
d6ab17f2
DW		 660 /* Nothing to be found before or beyond the end of the file. */
661 if (offset < 0 || offset >= size)
0ed3b0d4
AG		 662 return -ENXIO;
663
664 while (length > 0) {
665 ret = iomap_apply(inode, offset, length, IOMAP_REPORT, ops,
666 &offset, iomap_seek_data_actor);
667 if (ret < 0)
668 return ret;
669 if (ret == 0)
670 break;
671
672 offset += ret;
673 length -= ret;
674 }
675
676 if (length <= 0)
677 return -ENXIO;
678 return offset;
679}
680EXPORT_SYMBOL_GPL(iomap_seek_data);
681
ff6a9292
CH		 682/*
683 * Private flags for iomap_dio, must not overlap with the public ones in
684 * iomap.h:
685 */
686#define IOMAP_DIO_WRITE (1 << 30)
687#define IOMAP_DIO_DIRTY (1 << 31)
688
689struct iomap_dio {
690 struct kiocb *iocb;
691 iomap_dio_end_io_t *end_io;
692 loff_t i_size;
693 loff_t size;
694 atomic_t ref;
695 unsigned flags;
696 int error;
1e7e86dd 697 bool wait_for_completion;
ff6a9292
CH		 698
699 union {
700 /* used during submission and for synchronous completion: */
701 struct {
702 struct iov_iter *iter;
703 struct task_struct *waiter;
704 struct request_queue *last_queue;
705 blk_qc_t cookie;
706 } submit;
707
708 /* used for aio completion: */
709 struct {
710 struct work_struct work;
711 } aio;
712 };
713};
714
715static ssize_t iomap_dio_complete(struct iomap_dio *dio)
716{
717 struct kiocb *iocb = dio->iocb;
332391a9 718 struct inode *inode = file_inode(iocb->ki_filp);
5e25c269 719 loff_t offset = iocb->ki_pos;
ff6a9292
CH		 720 ssize_t ret;
721
722 if (dio->end_io) {
723 ret = dio->end_io(iocb,
724 dio->error ? dio->error : dio->size,
725 dio->flags);
726 } else {
727 ret = dio->error;
728 }
729
730 if (likely(!ret)) {
731 ret = dio->size;
732 /* check for short read */
5e25c269 733 if (offset + ret > dio->i_size &&
ff6a9292 734 !(dio->flags & IOMAP_DIO_WRITE))
5e25c269 735 ret = dio->i_size - offset;
ff6a9292
CH		 736 iocb->ki_pos += ret;
737 }
738
5e25c269
EG		 739 /*
740 * Try again to invalidate clean pages which might have been cached by
741 * non-direct readahead, or faulted in by get_user_pages() if the source
742 * of the write was an mmap'ed region of the file we're writing. Either
743 * one is a pretty crazy thing to do, so we don't support it 100%. If
744 * this invalidation fails, tough, the write still worked...
745 *
746 * And this page cache invalidation has to be after dio->end_io(), as
747 * some filesystems convert unwritten extents to real allocations in
748 * end_io() when necessary, otherwise a racing buffer read would cache
749 * zeros from unwritten extents.
750 */
751 if (!dio->error &&
752 (dio->flags & IOMAP_DIO_WRITE) && inode->i_mapping->nrpages) {
753 int err;
754 err = invalidate_inode_pages2_range(inode->i_mapping,
755 offset >> PAGE_SHIFT,
756 (offset + dio->size - 1) >> PAGE_SHIFT);
cd1d8f81
DW		 757 if (err)
758 dio_warn_stale_pagecache(iocb->ki_filp);
5e25c269
EG		 759 }
760
ff6a9292
CH		 761 inode_dio_end(file_inode(iocb->ki_filp));
762 kfree(dio);
763
764 return ret;
765}
766
767static void iomap_dio_complete_work(struct work_struct *work)
768{
769 struct iomap_dio *dio = container_of(work, struct iomap_dio, aio.work);
770 struct kiocb *iocb = dio->iocb;
771 bool is_write = (dio->flags & IOMAP_DIO_WRITE);
772 ssize_t ret;
773
774 ret = iomap_dio_complete(dio);
775 if (is_write && ret > 0)
776 ret = generic_write_sync(iocb, ret);
777 iocb->ki_complete(iocb, ret, 0);
778}
779
780/*
781 * Set an error in the dio if none is set yet. We have to use cmpxchg
782 * as the submission context and the completion context(s) can race to
783 * update the error.
784 */
785static inline void iomap_dio_set_error(struct iomap_dio *dio, int ret)
786{
787 cmpxchg(&dio->error, 0, ret);
788}
789
790static void iomap_dio_bio_end_io(struct bio *bio)
791{
792 struct iomap_dio *dio = bio->bi_private;
793 bool should_dirty = (dio->flags & IOMAP_DIO_DIRTY);
794
4e4cbee9
CH		 795 if (bio->bi_status)
796 iomap_dio_set_error(dio, blk_status_to_errno(bio->bi_status));
ff6a9292
CH		 797
798 if (atomic_dec_and_test(&dio->ref)) {
1e7e86dd 799 if (dio->wait_for_completion) {
ff6a9292 800 struct task_struct *waiter = dio->submit.waiter;
ff6a9292
CH		 801 WRITE_ONCE(dio->submit.waiter, NULL);
802 wake_up_process(waiter);
803 } else if (dio->flags & IOMAP_DIO_WRITE) {
804 struct inode *inode = file_inode(dio->iocb->ki_filp);
805
806 INIT_WORK(&dio->aio.work, iomap_dio_complete_work);
807 queue_work(inode->i_sb->s_dio_done_wq, &dio->aio.work);
808 } else {
809 iomap_dio_complete_work(&dio->aio.work);
810 }
811 }
812
813 if (should_dirty) {
814 bio_check_pages_dirty(bio);
815 } else {
816 struct bio_vec *bvec;
817 int i;
818
819 bio_for_each_segment_all(bvec, bio, i)
820 put_page(bvec->bv_page);
821 bio_put(bio);
822 }
823}
824
825static blk_qc_t
826iomap_dio_zero(struct iomap_dio *dio, struct iomap *iomap, loff_t pos,
827 unsigned len)
828{
829 struct page *page = ZERO_PAGE(0);
830 struct bio *bio;
831
832 bio = bio_alloc(GFP_KERNEL, 1);
74d46992 833 bio_set_dev(bio, iomap->bdev);
ff6a9292 834 bio->bi_iter.bi_sector =
19fe5f64 835 (iomap->addr + pos - iomap->offset) >> 9;
ff6a9292
CH		 836 bio->bi_private = dio;
837 bio->bi_end_io = iomap_dio_bio_end_io;
838
839 get_page(page);
840 if (bio_add_page(bio, page, len, 0) != len)
841 BUG();
5cc60aee 842 bio_set_op_attrs(bio, REQ_OP_WRITE, REQ_SYNC | REQ_IDLE);
ff6a9292
CH		 843
844 atomic_inc(&dio->ref);
845 return submit_bio(bio);
846}
847
848static loff_t
849iomap_dio_actor(struct inode *inode, loff_t pos, loff_t length,
850 void *data, struct iomap *iomap)
851{
852 struct iomap_dio *dio = data;
93407472
FF		 853 unsigned int blkbits = blksize_bits(bdev_logical_block_size(iomap->bdev));
854 unsigned int fs_block_size = i_blocksize(inode), pad;
855 unsigned int align = iov_iter_alignment(dio->submit.iter);
ff6a9292
CH		 856 struct iov_iter iter;
857 struct bio *bio;
858 bool need_zeroout = false;
6df5a04f 859 int nr_pages, ret = 0;
cfe057f7 860 size_t copied = 0;
ff6a9292
CH		 861
862 if ((pos | length | align) & ((1 << blkbits) - 1))
863 return -EINVAL;
864
865 switch (iomap->type) {
866 case IOMAP_HOLE:
867 if (WARN_ON_ONCE(dio->flags & IOMAP_DIO_WRITE))
868 return -EIO;
869 /*FALLTHRU*/
870 case IOMAP_UNWRITTEN:
871 if (!(dio->flags & IOMAP_DIO_WRITE)) {
cfe057f7 872 length = iov_iter_zero(length, dio->submit.iter);
ff6a9292
CH		 873 dio->size += length;
874 return length;
875 }
876 dio->flags |= IOMAP_DIO_UNWRITTEN;
877 need_zeroout = true;
878 break;
879 case IOMAP_MAPPED:
880 if (iomap->flags & IOMAP_F_SHARED)
881 dio->flags |= IOMAP_DIO_COW;
882 if (iomap->flags & IOMAP_F_NEW)
883 need_zeroout = true;
884 break;
885 default:
886 WARN_ON_ONCE(1);
887 return -EIO;
888 }
889
890 /*
891 * Operate on a partial iter trimmed to the extent we were called for.
892 * We'll update the iter in the dio once we're done with this extent.
893 */
894 iter = *dio->submit.iter;
895 iov_iter_truncate(&iter, length);
896
897 nr_pages = iov_iter_npages(&iter, BIO_MAX_PAGES);
898 if (nr_pages <= 0)
899 return nr_pages;
900
901 if (need_zeroout) {
902 /* zero out from the start of the block to the write offset */
903 pad = pos & (fs_block_size - 1);
904 if (pad)
905 iomap_dio_zero(dio, iomap, pos - pad, pad);
906 }
907
908 do {
cfe057f7
AV		 909 size_t n;
910 if (dio->error) {
911 iov_iter_revert(dio->submit.iter, copied);
ff6a9292 912 return 0;
cfe057f7 913 }
ff6a9292
CH		 914
915 bio = bio_alloc(GFP_KERNEL, nr_pages);
74d46992 916 bio_set_dev(bio, iomap->bdev);
ff6a9292 917 bio->bi_iter.bi_sector =
19fe5f64 918 (iomap->addr + pos - iomap->offset) >> 9;
45d06cf7 919 bio->bi_write_hint = dio->iocb->ki_hint;
ff6a9292
CH		 920 bio->bi_private = dio;
921 bio->bi_end_io = iomap_dio_bio_end_io;
922
923 ret = bio_iov_iter_get_pages(bio, &iter);
924 if (unlikely(ret)) {
6df5a04f
DC		 925 /*
926 * We have to stop part way through an IO. We must fall
927 * through to the sub-block tail zeroing here, otherwise
928 * this short IO may expose stale data in the tail of
929 * the block we haven't written data to.
930 */
ff6a9292 931 bio_put(bio);
6df5a04f 932 goto zero_tail;
ff6a9292
CH		 933 }
934
cfe057f7 935 n = bio->bi_iter.bi_size;
ff6a9292 936 if (dio->flags & IOMAP_DIO_WRITE) {
5cc60aee 937 bio_set_op_attrs(bio, REQ_OP_WRITE, REQ_SYNC | REQ_IDLE);
cfe057f7 938 task_io_account_write(n);
ff6a9292
CH		 939 } else {
940 bio_set_op_attrs(bio, REQ_OP_READ, 0);
941 if (dio->flags & IOMAP_DIO_DIRTY)
942 bio_set_pages_dirty(bio);
943 }
944
cfe057f7
AV		 945 iov_iter_advance(dio->submit.iter, n);
946
947 dio->size += n;
948 pos += n;
949 copied += n;
ff6a9292
CH		 950
951 nr_pages = iov_iter_npages(&iter, BIO_MAX_PAGES);
952
953 atomic_inc(&dio->ref);
954
955 dio->submit.last_queue = bdev_get_queue(iomap->bdev);
956 dio->submit.cookie = submit_bio(bio);
957 } while (nr_pages);
958
42cac6f9
DC		 959 /*
960 * We need to zeroout the tail of a sub-block write if the extent type
961 * requires zeroing or the write extends beyond EOF. If we don't zero
962 * the block tail in the latter case, we can expose stale data via mmap
963 * reads of the EOF block.
964 */
6df5a04f 965zero_tail:
42cac6f9
DC		 966 if (need_zeroout ||
967 ((dio->flags & IOMAP_DIO_WRITE) && pos >= i_size_read(inode))) {
ff6a9292
CH		 968 /* zero out from the end of the write to the end of the block */
969 pad = pos & (fs_block_size - 1);
970 if (pad)
971 iomap_dio_zero(dio, iomap, pos, fs_block_size - pad);
972 }
6df5a04f 973 return copied ? copied : ret;
ff6a9292
CH		 974}
975
976ssize_t
8ff6daa1
CH		 977iomap_dio_rw(struct kiocb *iocb, struct iov_iter *iter,
978 const struct iomap_ops *ops, iomap_dio_end_io_t end_io)
ff6a9292
CH		 979{
980 struct address_space *mapping = iocb->ki_filp->f_mapping;
981 struct inode *inode = file_inode(iocb->ki_filp);
982 size_t count = iov_iter_count(iter);
c771c14b
EG		 983 loff_t pos = iocb->ki_pos, start = pos;
984 loff_t end = iocb->ki_pos + count - 1, ret = 0;
ff6a9292 985 unsigned int flags = IOMAP_DIRECT;
305df7cd 986 bool wait_for_completion = is_sync_kiocb(iocb);
ff6a9292
CH		 987 struct blk_plug plug;
988 struct iomap_dio *dio;
989
990 lockdep_assert_held(&inode->i_rwsem);
991
992 if (!count)
993 return 0;
994
995 dio = kmalloc(sizeof(*dio), GFP_KERNEL);
996 if (!dio)
997 return -ENOMEM;
998
999 dio->iocb = iocb;
1000 atomic_set(&dio->ref, 1);
1001 dio->size = 0;
1002 dio->i_size = i_size_read(inode);
1003 dio->end_io = end_io;
1004 dio->error = 0;
1005 dio->flags = 0;
1006
1007 dio->submit.iter = iter;
1e7e86dd
AG		 1008 dio->submit.waiter = current;
1009 dio->submit.cookie = BLK_QC_T_NONE;
1010 dio->submit.last_queue = NULL;
ff6a9292
CH		 1011
1012 if (iov_iter_rw(iter) == READ) {
1013 if (pos >= dio->i_size)
1014 goto out_free_dio;
1015
1016 if (iter->type == ITER_IOVEC)
1017 dio->flags |= IOMAP_DIO_DIRTY;
1018 } else {
1019 dio->flags |= IOMAP_DIO_WRITE;
1020 flags |= IOMAP_WRITE;
1021 }
1022
a38d1243
GR		 1023 if (iocb->ki_flags & IOCB_NOWAIT) {
1024 if (filemap_range_has_page(mapping, start, end)) {
1025 ret = -EAGAIN;
1026 goto out_free_dio;
1027 }
1028 flags |= IOMAP_NOWAIT;
1029 }
1030
55635ba7
AR		 1031 ret = filemap_write_and_wait_range(mapping, start, end);
1032 if (ret)
1033 goto out_free_dio;
ff6a9292 1034
cd1d8f81
DW		 1035 /*
1036 * Try to invalidate cache pages for the range we're direct
1037 * writing. If this invalidation fails, tough, the write will
1038 * still work, but racing two incompatible write paths is a
1039 * pretty crazy thing to do, so we don't support it 100%.
1040 */
55635ba7
AR		 1041 ret = invalidate_inode_pages2_range(mapping,
1042 start >> PAGE_SHIFT, end >> PAGE_SHIFT);
cd1d8f81
DW		 1043 if (ret)
1044 dio_warn_stale_pagecache(iocb->ki_filp);
55635ba7 1045 ret = 0;
ff6a9292 1046
305df7cd 1047 if (iov_iter_rw(iter) == WRITE && !wait_for_completion &&
546e7be8
CR		 1048 !inode->i_sb->s_dio_done_wq) {
1049 ret = sb_init_dio_done_wq(inode->i_sb);
1050 if (ret < 0)
1051 goto out_free_dio;
1052 }
1053
ff6a9292
CH		 1054 inode_dio_begin(inode);
1055
1056 blk_start_plug(&plug);
1057 do {
1058 ret = iomap_apply(inode, pos, count, flags, ops, dio,
1059 iomap_dio_actor);
1060 if (ret <= 0) {
1061 /* magic error code to fall back to buffered I/O */
1e7e86dd 1062 if (ret == -ENOTBLK) {
305df7cd 1063 wait_for_completion = true;
ff6a9292 1064 ret = 0;
1e7e86dd 1065 }
ff6a9292
CH		 1066 break;
1067 }
1068 pos += ret;
a008c31c 1069
4daa5ccb
JK		 1070 if (iov_iter_rw(iter) == READ && pos >= dio->i_size) {
1071 /*
1072 * We only report that we've read data up to i_size.
1073 * Revert iter to a state corresponding to that as
1074 * some callers (such as splice code) rely on it.
1075 */
1076 iov_iter_revert(iter, pos - dio->i_size);
a008c31c 1077 break;
4daa5ccb 1078 }
ff6a9292
CH		 1079 } while ((count = iov_iter_count(iter)) > 0);
1080 blk_finish_plug(&plug);
1081
1082 if (ret < 0)
1083 iomap_dio_set_error(dio, ret);
1084
305df7cd
CH		 1085 /*
1086 * We are about to drop our additional submission reference, which
1087 * might be the last reference to the dio. There are three three
1088 * different ways we can progress here:
1089 *
1090 * (a) If this is the last reference we will always complete and free
1091 * the dio ourselves.
1092 * (b) If this is not the last reference, and we serve an asynchronous
1093 * iocb, we must never touch the dio after the decrement, the
1094 * I/O completion handler will complete and free it.
1095 * (c) If this is not the last reference, but we serve a synchronous
1096 * iocb, the I/O completion handler will wake us up on the drop
1097 * of the final reference, and we will complete and free it here
1098 * after we got woken by the I/O completion handler.
1099 */
1100 dio->wait_for_completion = wait_for_completion;
ff6a9292 1101 if (!atomic_dec_and_test(&dio->ref)) {
305df7cd 1102 if (!wait_for_completion)
ff6a9292
CH		 1103 return -EIOCBQUEUED;
1104
1105 for (;;) {
1106 set_current_state(TASK_UNINTERRUPTIBLE);
1107 if (!READ_ONCE(dio->submit.waiter))
1108 break;
1109
1110 if (!(iocb->ki_flags & IOCB_HIPRI) ||
1111 !dio->submit.last_queue ||
ea435e1b 1112 !blk_poll(dio->submit.last_queue,
5cc60aee 1113 dio->submit.cookie))
ff6a9292
CH		 1114 io_schedule();
1115 }
1116 __set_current_state(TASK_RUNNING);
1117 }
1118
305df7cd 1119 return iomap_dio_complete(dio);
ff6a9292
CH		 1120
1121out_free_dio:
1122 kfree(dio);
1123 return ret;
1124}
1125EXPORT_SYMBOL_GPL(iomap_dio_rw);
ubuntu-bionic-kernel mirror