1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * linux/fs/ext4/file.c
4 *
5 * Copyright (C) 1992, 1993, 1994, 1995
6 * Remy Card (card@masi.ibp.fr)
7 * Laboratoire MASI - Institut Blaise Pascal
8 * Universite Pierre et Marie Curie (Paris VI)
9 *
10 * from
11 *
12 * linux/fs/minix/file.c
13 *
14 * Copyright (C) 1991, 1992 Linus Torvalds
15 *
16 * ext4 fs regular file handling primitives
17 *
18 * 64-bit file support on 64-bit platforms by Jakub Jelinek
19 * (jj@sunsite.ms.mff.cuni.cz)
20 */
21
22 #include <linux/time.h>
23 #include <linux/fs.h>
24 #include <linux/iomap.h>
25 #include <linux/mount.h>
26 #include <linux/path.h>
27 #include <linux/dax.h>
28 #include <linux/quotaops.h>
29 #include <linux/pagevec.h>
30 #include <linux/uio.h>
31 #include <linux/mman.h>
32 #include <linux/backing-dev.h>
33 #include "ext4.h"
34 #include "ext4_jbd2.h"
35 #include "xattr.h"
36 #include "acl.h"
37 #include "truncate.h"
38
ext4_dio_supported(struct inode * inode)39 static bool ext4_dio_supported(struct inode *inode)
40 {
41 if (IS_ENABLED(CONFIG_FS_ENCRYPTION) && IS_ENCRYPTED(inode))
42 return false;
43 if (fsverity_active(inode))
44 return false;
45 if (ext4_should_journal_data(inode))
46 return false;
47 if (ext4_has_inline_data(inode))
48 return false;
49 return true;
50 }
51
ext4_dio_read_iter(struct kiocb * iocb,struct iov_iter * to)52 static ssize_t ext4_dio_read_iter(struct kiocb *iocb, struct iov_iter *to)
53 {
54 ssize_t ret;
55 struct inode *inode = file_inode(iocb->ki_filp);
56
57 if (iocb->ki_flags & IOCB_NOWAIT) {
58 if (!inode_trylock_shared(inode))
59 return -EAGAIN;
60 } else {
61 inode_lock_shared(inode);
62 }
63
64 if (!ext4_dio_supported(inode)) {
65 inode_unlock_shared(inode);
66 /*
67 * Fallback to buffered I/O if the operation being performed on
68 * the inode is not supported by direct I/O. The IOCB_DIRECT
69 * flag needs to be cleared here in order to ensure that the
70 * direct I/O path within generic_file_read_iter() is not
71 * taken.
72 */
73 iocb->ki_flags &= ~IOCB_DIRECT;
74 return generic_file_read_iter(iocb, to);
75 }
76
77 ret = iomap_dio_rw(iocb, to, &ext4_iomap_ops, NULL,
78 is_sync_kiocb(iocb));
79 inode_unlock_shared(inode);
80
81 file_accessed(iocb->ki_filp);
82 return ret;
83 }
84
85 #ifdef CONFIG_FS_DAX
ext4_dax_read_iter(struct kiocb * iocb,struct iov_iter * to)86 static ssize_t ext4_dax_read_iter(struct kiocb *iocb, struct iov_iter *to)
87 {
88 struct inode *inode = file_inode(iocb->ki_filp);
89 ssize_t ret;
90
91 if (iocb->ki_flags & IOCB_NOWAIT) {
92 if (!inode_trylock_shared(inode))
93 return -EAGAIN;
94 } else {
95 inode_lock_shared(inode);
96 }
97 /*
98 * Recheck under inode lock - at this point we are sure it cannot
99 * change anymore
100 */
101 if (!IS_DAX(inode)) {
102 inode_unlock_shared(inode);
103 /* Fallback to buffered IO in case we cannot support DAX */
104 return generic_file_read_iter(iocb, to);
105 }
106 ret = dax_iomap_rw(iocb, to, &ext4_iomap_ops);
107 inode_unlock_shared(inode);
108
109 file_accessed(iocb->ki_filp);
110 return ret;
111 }
112 #endif
113
ext4_file_read_iter(struct kiocb * iocb,struct iov_iter * to)114 static ssize_t ext4_file_read_iter(struct kiocb *iocb, struct iov_iter *to)
115 {
116 struct inode *inode = file_inode(iocb->ki_filp);
117
118 if (unlikely(ext4_forced_shutdown(EXT4_SB(inode->i_sb))))
119 return -EIO;
120
121 if (!iov_iter_count(to))
122 return 0; /* skip atime */
123
124 #ifdef CONFIG_FS_DAX
125 if (IS_DAX(inode))
126 return ext4_dax_read_iter(iocb, to);
127 #endif
128 if (iocb->ki_flags & IOCB_DIRECT)
129 return ext4_dio_read_iter(iocb, to);
130
131 return generic_file_read_iter(iocb, to);
132 }
133
134 /*
135 * Called when an inode is released. Note that this is different
136 * from ext4_file_open: open gets called at every open, but release
137 * gets called only when /all/ the files are closed.
138 */
ext4_release_file(struct inode * inode,struct file * filp)139 static int ext4_release_file(struct inode *inode, struct file *filp)
140 {
141 if (ext4_test_inode_state(inode, EXT4_STATE_DA_ALLOC_CLOSE)) {
142 ext4_alloc_da_blocks(inode);
143 ext4_clear_inode_state(inode, EXT4_STATE_DA_ALLOC_CLOSE);
144 }
145 /* if we are the last writer on the inode, drop the block reservation */
146 if ((filp->f_mode & FMODE_WRITE) &&
147 (atomic_read(&inode->i_writecount) == 1) &&
148 !EXT4_I(inode)->i_reserved_data_blocks) {
149 down_write(&EXT4_I(inode)->i_data_sem);
150 ext4_discard_preallocations(inode, 0);
151 up_write(&EXT4_I(inode)->i_data_sem);
152 }
153 if (is_dx(inode) && filp->private_data)
154 ext4_htree_free_dir_info(filp->private_data);
155
156 return 0;
157 }
158
159 /*
160 * This tests whether the IO in question is block-aligned or not.
161 * Ext4 utilizes unwritten extents when hole-filling during direct IO, and they
162 * are converted to written only after the IO is complete. Until they are
163 * mapped, these blocks appear as holes, so dio_zero_block() will assume that
164 * it needs to zero out portions of the start and/or end block. If 2 AIO
165 * threads are at work on the same unwritten block, they must be synchronized
166 * or one thread will zero the other's data, causing corruption.
167 */
168 static bool
ext4_unaligned_io(struct inode * inode,struct iov_iter * from,loff_t pos)169 ext4_unaligned_io(struct inode *inode, struct iov_iter *from, loff_t pos)
170 {
171 struct super_block *sb = inode->i_sb;
172 unsigned long blockmask = sb->s_blocksize - 1;
173
174 if ((pos | iov_iter_alignment(from)) & blockmask)
175 return true;
176
177 return false;
178 }
179
180 static bool
ext4_extending_io(struct inode * inode,loff_t offset,size_t len)181 ext4_extending_io(struct inode *inode, loff_t offset, size_t len)
182 {
183 if (offset + len > i_size_read(inode) ||
184 offset + len > EXT4_I(inode)->i_disksize)
185 return true;
186 return false;
187 }
188
189 /* Is IO overwriting allocated and initialized blocks? */
ext4_overwrite_io(struct inode * inode,loff_t pos,loff_t len)190 static bool ext4_overwrite_io(struct inode *inode, loff_t pos, loff_t len)
191 {
192 struct ext4_map_blocks map;
193 unsigned int blkbits = inode->i_blkbits;
194 int err, blklen;
195
196 if (pos + len > i_size_read(inode))
197 return false;
198
199 map.m_lblk = pos >> blkbits;
200 map.m_len = EXT4_MAX_BLOCKS(len, pos, blkbits);
201 blklen = map.m_len;
202
203 err = ext4_map_blocks(NULL, inode, &map, 0);
204 /*
205 * 'err==len' means that all of the blocks have been preallocated,
206 * regardless of whether they have been initialized or not. To exclude
207 * unwritten extents, we need to check m_flags.
208 */
209 return err == blklen && (map.m_flags & EXT4_MAP_MAPPED);
210 }
211
ext4_generic_write_checks(struct kiocb * iocb,struct iov_iter * from)212 static ssize_t ext4_generic_write_checks(struct kiocb *iocb,
213 struct iov_iter *from)
214 {
215 struct inode *inode = file_inode(iocb->ki_filp);
216 ssize_t ret;
217
218 if (unlikely(IS_IMMUTABLE(inode)))
219 return -EPERM;
220
221 ret = generic_write_checks(iocb, from);
222 if (ret <= 0)
223 return ret;
224
225 /*
226 * If we have encountered a bitmap-format file, the size limit
227 * is smaller than s_maxbytes, which is for extent-mapped files.
228 */
229 if (!(ext4_test_inode_flag(inode, EXT4_INODE_EXTENTS))) {
230 struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb);
231
232 if (iocb->ki_pos >= sbi->s_bitmap_maxbytes)
233 return -EFBIG;
234 iov_iter_truncate(from, sbi->s_bitmap_maxbytes - iocb->ki_pos);
235 }
236
237 return iov_iter_count(from);
238 }
239
ext4_write_checks(struct kiocb * iocb,struct iov_iter * from)240 static ssize_t ext4_write_checks(struct kiocb *iocb, struct iov_iter *from)
241 {
242 ssize_t ret, count;
243
244 count = ext4_generic_write_checks(iocb, from);
245 if (count <= 0)
246 return count;
247
248 ret = file_modified(iocb->ki_filp);
249 if (ret)
250 return ret;
251 return count;
252 }
253
ext4_buffered_write_iter(struct kiocb * iocb,struct iov_iter * from)254 static ssize_t ext4_buffered_write_iter(struct kiocb *iocb,
255 struct iov_iter *from)
256 {
257 ssize_t ret;
258 struct inode *inode = file_inode(iocb->ki_filp);
259
260 if (iocb->ki_flags & IOCB_NOWAIT)
261 return -EOPNOTSUPP;
262
263 inode_lock(inode);
264 ret = ext4_write_checks(iocb, from);
265 if (ret <= 0)
266 goto out;
267
268 current->backing_dev_info = inode_to_bdi(inode);
269 ret = generic_perform_write(iocb->ki_filp, from, iocb->ki_pos);
270 current->backing_dev_info = NULL;
271
272 out:
273 inode_unlock(inode);
274 if (likely(ret > 0)) {
275 iocb->ki_pos += ret;
276 ret = generic_write_sync(iocb, ret);
277 }
278
279 return ret;
280 }
281
ext4_handle_inode_extension(struct inode * inode,loff_t offset,ssize_t written,size_t count)282 static ssize_t ext4_handle_inode_extension(struct inode *inode, loff_t offset,
283 ssize_t written, size_t count)
284 {
285 handle_t *handle;
286 bool truncate = false;
287 u8 blkbits = inode->i_blkbits;
288 ext4_lblk_t written_blk, end_blk;
289 int ret;
290
291 /*
292 * Note that EXT4_I(inode)->i_disksize can get extended up to
293 * inode->i_size while the I/O was running due to writeback of delalloc
294 * blocks. But, the code in ext4_iomap_alloc() is careful to use
295 * zeroed/unwritten extents if this is possible; thus we won't leave
296 * uninitialized blocks in a file even if we didn't succeed in writing
297 * as much as we intended.
298 */
299 WARN_ON_ONCE(i_size_read(inode) < EXT4_I(inode)->i_disksize);
300 if (offset + count <= EXT4_I(inode)->i_disksize) {
301 /*
302 * We need to ensure that the inode is removed from the orphan
303 * list if it has been added prematurely, due to writeback of
304 * delalloc blocks.
305 */
306 if (!list_empty(&EXT4_I(inode)->i_orphan) && inode->i_nlink) {
307 handle = ext4_journal_start(inode, EXT4_HT_INODE, 2);
308
309 if (IS_ERR(handle)) {
310 ext4_orphan_del(NULL, inode);
311 return PTR_ERR(handle);
312 }
313
314 ext4_orphan_del(handle, inode);
315 ext4_journal_stop(handle);
316 }
317
318 return written;
319 }
320
321 if (written < 0)
322 goto truncate;
323
324 handle = ext4_journal_start(inode, EXT4_HT_INODE, 2);
325 if (IS_ERR(handle)) {
326 written = PTR_ERR(handle);
327 goto truncate;
328 }
329
330 if (ext4_update_inode_size(inode, offset + written)) {
331 ret = ext4_mark_inode_dirty(handle, inode);
332 if (unlikely(ret)) {
333 written = ret;
334 ext4_journal_stop(handle);
335 goto truncate;
336 }
337 }
338
339 /*
340 * We may need to truncate allocated but not written blocks beyond EOF.
341 */
342 written_blk = ALIGN(offset + written, 1 << blkbits);
343 end_blk = ALIGN(offset + count, 1 << blkbits);
344 if (written_blk < end_blk && ext4_can_truncate(inode))
345 truncate = true;
346
347 /*
348 * Remove the inode from the orphan list if it has been extended and
349 * everything went OK.
350 */
351 if (!truncate && inode->i_nlink)
352 ext4_orphan_del(handle, inode);
353 ext4_journal_stop(handle);
354
355 if (truncate) {
356 truncate:
357 ext4_truncate_failed_write(inode);
358 /*
359 * If the truncate operation failed early, then the inode may
360 * still be on the orphan list. In that case, we need to try
361 * remove the inode from the in-memory linked list.
362 */
363 if (inode->i_nlink)
364 ext4_orphan_del(NULL, inode);
365 }
366
367 return written;
368 }
369
ext4_dio_write_end_io(struct kiocb * iocb,ssize_t size,int error,unsigned int flags)370 static int ext4_dio_write_end_io(struct kiocb *iocb, ssize_t size,
371 int error, unsigned int flags)
372 {
373 loff_t pos = iocb->ki_pos;
374 struct inode *inode = file_inode(iocb->ki_filp);
375
376 if (error)
377 return error;
378
379 if (size && flags & IOMAP_DIO_UNWRITTEN) {
380 error = ext4_convert_unwritten_extents(NULL, inode, pos, size);
381 if (error < 0)
382 return error;
383 }
384 /*
385 * If we are extending the file, we have to update i_size here before
386 * page cache gets invalidated in iomap_dio_rw(). Otherwise racing
387 * buffered reads could zero out too much from page cache pages. Update
388 * of on-disk size will happen later in ext4_dio_write_iter() where
389 * we have enough information to also perform orphan list handling etc.
390 * Note that we perform all extending writes synchronously under
391 * i_rwsem held exclusively so i_size update is safe here in that case.
392 * If the write was not extending, we cannot see pos > i_size here
393 * because operations reducing i_size like truncate wait for all
394 * outstanding DIO before updating i_size.
395 */
396 pos += size;
397 if (pos > i_size_read(inode))
398 i_size_write(inode, pos);
399
400 return 0;
401 }
402
403 static const struct iomap_dio_ops ext4_dio_write_ops = {
404 .end_io = ext4_dio_write_end_io,
405 };
406
407 /*
408 * The intention here is to start with shared lock acquired then see if any
409 * condition requires an exclusive inode lock. If yes, then we restart the
410 * whole operation by releasing the shared lock and acquiring exclusive lock.
411 *
412 * - For unaligned_io we never take shared lock as it may cause data corruption
413 * when two unaligned IO tries to modify the same block e.g. while zeroing.
414 *
415 * - For extending writes case we don't take the shared lock, since it requires
416 * updating inode i_disksize and/or orphan handling with exclusive lock.
417 *
418 * - shared locking will only be true mostly with overwrites. Otherwise we will
419 * switch to exclusive i_rwsem lock.
420 */
ext4_dio_write_checks(struct kiocb * iocb,struct iov_iter * from,bool * ilock_shared,bool * extend)421 static ssize_t ext4_dio_write_checks(struct kiocb *iocb, struct iov_iter *from,
422 bool *ilock_shared, bool *extend)
423 {
424 struct file *file = iocb->ki_filp;
425 struct inode *inode = file_inode(file);
426 loff_t offset;
427 size_t count;
428 ssize_t ret;
429
430 restart:
431 ret = ext4_generic_write_checks(iocb, from);
432 if (ret <= 0)
433 goto out;
434
435 offset = iocb->ki_pos;
436 count = ret;
437 if (ext4_extending_io(inode, offset, count))
438 *extend = true;
439 /*
440 * Determine whether the IO operation will overwrite allocated
441 * and initialized blocks.
442 * We need exclusive i_rwsem for changing security info
443 * in file_modified().
444 */
445 if (*ilock_shared && (!IS_NOSEC(inode) || *extend ||
446 !ext4_overwrite_io(inode, offset, count))) {
447 if (iocb->ki_flags & IOCB_NOWAIT) {
448 ret = -EAGAIN;
449 goto out;
450 }
451 inode_unlock_shared(inode);
452 *ilock_shared = false;
453 inode_lock(inode);
454 goto restart;
455 }
456
457 ret = file_modified(file);
458 if (ret < 0)
459 goto out;
460
461 return count;
462 out:
463 if (*ilock_shared)
464 inode_unlock_shared(inode);
465 else
466 inode_unlock(inode);
467 return ret;
468 }
469
ext4_dio_write_iter(struct kiocb * iocb,struct iov_iter * from)470 static ssize_t ext4_dio_write_iter(struct kiocb *iocb, struct iov_iter *from)
471 {
472 ssize_t ret;
473 handle_t *handle;
474 struct inode *inode = file_inode(iocb->ki_filp);
475 loff_t offset = iocb->ki_pos;
476 size_t count = iov_iter_count(from);
477 const struct iomap_ops *iomap_ops = &ext4_iomap_ops;
478 bool extend = false, unaligned_io = false;
479 bool ilock_shared = true;
480
481 /*
482 * We initially start with shared inode lock unless it is
483 * unaligned IO which needs exclusive lock anyways.
484 */
485 if (ext4_unaligned_io(inode, from, offset)) {
486 unaligned_io = true;
487 ilock_shared = false;
488 }
489 /*
490 * Quick check here without any i_rwsem lock to see if it is extending
491 * IO. A more reliable check is done in ext4_dio_write_checks() with
492 * proper locking in place.
493 */
494 if (offset + count > i_size_read(inode))
495 ilock_shared = false;
496
497 if (iocb->ki_flags & IOCB_NOWAIT) {
498 if (ilock_shared) {
499 if (!inode_trylock_shared(inode))
500 return -EAGAIN;
501 } else {
502 if (!inode_trylock(inode))
503 return -EAGAIN;
504 }
505 } else {
506 if (ilock_shared)
507 inode_lock_shared(inode);
508 else
509 inode_lock(inode);
510 }
511
512 /* Fallback to buffered I/O if the inode does not support direct I/O. */
513 if (!ext4_dio_supported(inode)) {
514 if (ilock_shared)
515 inode_unlock_shared(inode);
516 else
517 inode_unlock(inode);
518 return ext4_buffered_write_iter(iocb, from);
519 }
520
521 ret = ext4_dio_write_checks(iocb, from, &ilock_shared, &extend);
522 if (ret <= 0)
523 return ret;
524
525 /* if we're going to block and IOCB_NOWAIT is set, return -EAGAIN */
526 if ((iocb->ki_flags & IOCB_NOWAIT) && (unaligned_io || extend)) {
527 ret = -EAGAIN;
528 goto out;
529 }
530 /*
531 * Make sure inline data cannot be created anymore since we are going
532 * to allocate blocks for DIO. We know the inode does not have any
533 * inline data now because ext4_dio_supported() checked for that.
534 */
535 ext4_clear_inode_state(inode, EXT4_STATE_MAY_INLINE_DATA);
536
537 offset = iocb->ki_pos;
538 count = ret;
539
540 /*
541 * Unaligned direct IO must be serialized among each other as zeroing
542 * of partial blocks of two competing unaligned IOs can result in data
543 * corruption.
544 *
545 * So we make sure we don't allow any unaligned IO in flight.
546 * For IOs where we need not wait (like unaligned non-AIO DIO),
547 * below inode_dio_wait() may anyway become a no-op, since we start
548 * with exclusive lock.
549 */
550 if (unaligned_io)
551 inode_dio_wait(inode);
552
553 if (extend) {
554 handle = ext4_journal_start(inode, EXT4_HT_INODE, 2);
555 if (IS_ERR(handle)) {
556 ret = PTR_ERR(handle);
557 goto out;
558 }
559
560 ret = ext4_orphan_add(handle, inode);
561 if (ret) {
562 ext4_journal_stop(handle);
563 goto out;
564 }
565
566 ext4_journal_stop(handle);
567 }
568
569 if (ilock_shared)
570 iomap_ops = &ext4_iomap_overwrite_ops;
571 ret = iomap_dio_rw(iocb, from, iomap_ops, &ext4_dio_write_ops,
572 is_sync_kiocb(iocb) || unaligned_io || extend);
573 if (ret == -ENOTBLK)
574 ret = 0;
575
576 if (extend)
577 ret = ext4_handle_inode_extension(inode, offset, ret, count);
578
579 out:
580 if (ilock_shared)
581 inode_unlock_shared(inode);
582 else
583 inode_unlock(inode);
584
585 if (ret >= 0 && iov_iter_count(from)) {
586 ssize_t err;
587 loff_t endbyte;
588
589 offset = iocb->ki_pos;
590 err = ext4_buffered_write_iter(iocb, from);
591 if (err < 0)
592 return err;
593
594 /*
595 * We need to ensure that the pages within the page cache for
596 * the range covered by this I/O are written to disk and
597 * invalidated. This is in attempt to preserve the expected
598 * direct I/O semantics in the case we fallback to buffered I/O
599 * to complete off the I/O request.
600 */
601 ret += err;
602 endbyte = offset + err - 1;
603 err = filemap_write_and_wait_range(iocb->ki_filp->f_mapping,
604 offset, endbyte);
605 if (!err)
606 invalidate_mapping_pages(iocb->ki_filp->f_mapping,
607 offset >> PAGE_SHIFT,
608 endbyte >> PAGE_SHIFT);
609 }
610
611 return ret;
612 }
613
614 #ifdef CONFIG_FS_DAX
615 static ssize_t
ext4_dax_write_iter(struct kiocb * iocb,struct iov_iter * from)616 ext4_dax_write_iter(struct kiocb *iocb, struct iov_iter *from)
617 {
618 ssize_t ret;
619 size_t count;
620 loff_t offset;
621 handle_t *handle;
622 bool extend = false;
623 struct inode *inode = file_inode(iocb->ki_filp);
624
625 if (iocb->ki_flags & IOCB_NOWAIT) {
626 if (!inode_trylock(inode))
627 return -EAGAIN;
628 } else {
629 inode_lock(inode);
630 }
631
632 ret = ext4_write_checks(iocb, from);
633 if (ret <= 0)
634 goto out;
635
636 offset = iocb->ki_pos;
637 count = iov_iter_count(from);
638
639 if (offset + count > EXT4_I(inode)->i_disksize) {
640 handle = ext4_journal_start(inode, EXT4_HT_INODE, 2);
641 if (IS_ERR(handle)) {
642 ret = PTR_ERR(handle);
643 goto out;
644 }
645
646 ret = ext4_orphan_add(handle, inode);
647 if (ret) {
648 ext4_journal_stop(handle);
649 goto out;
650 }
651
652 extend = true;
653 ext4_journal_stop(handle);
654 }
655
656 ret = dax_iomap_rw(iocb, from, &ext4_iomap_ops);
657
658 if (extend)
659 ret = ext4_handle_inode_extension(inode, offset, ret, count);
660 out:
661 inode_unlock(inode);
662 if (ret > 0)
663 ret = generic_write_sync(iocb, ret);
664 return ret;
665 }
666 #endif
667
668 static ssize_t
ext4_file_write_iter(struct kiocb * iocb,struct iov_iter * from)669 ext4_file_write_iter(struct kiocb *iocb, struct iov_iter *from)
670 {
671 struct inode *inode = file_inode(iocb->ki_filp);
672
673 if (unlikely(ext4_forced_shutdown(EXT4_SB(inode->i_sb))))
674 return -EIO;
675
676 #ifdef CONFIG_FS_DAX
677 if (IS_DAX(inode))
678 return ext4_dax_write_iter(iocb, from);
679 #endif
680 if (iocb->ki_flags & IOCB_DIRECT)
681 return ext4_dio_write_iter(iocb, from);
682 else
683 return ext4_buffered_write_iter(iocb, from);
684 }
685
686 #ifdef CONFIG_FS_DAX
ext4_dax_huge_fault(struct vm_fault * vmf,enum page_entry_size pe_size)687 static vm_fault_t ext4_dax_huge_fault(struct vm_fault *vmf,
688 enum page_entry_size pe_size)
689 {
690 int error = 0;
691 vm_fault_t result;
692 int retries = 0;
693 handle_t *handle = NULL;
694 struct inode *inode = file_inode(vmf->vma->vm_file);
695 struct super_block *sb = inode->i_sb;
696
697 /*
698 * We have to distinguish real writes from writes which will result in a
699 * COW page; COW writes should *not* poke the journal (the file will not
700 * be changed). Doing so would cause unintended failures when mounted
701 * read-only.
702 *
703 * We check for VM_SHARED rather than vmf->cow_page since the latter is
704 * unset for pe_size != PE_SIZE_PTE (i.e. only in do_cow_fault); for
705 * other sizes, dax_iomap_fault will handle splitting / fallback so that
706 * we eventually come back with a COW page.
707 */
708 bool write = (vmf->flags & FAULT_FLAG_WRITE) &&
709 (vmf->vma->vm_flags & VM_SHARED);
710 pfn_t pfn;
711
712 if (write) {
713 sb_start_pagefault(sb);
714 file_update_time(vmf->vma->vm_file);
715 down_read(&EXT4_I(inode)->i_mmap_sem);
716 retry:
717 handle = ext4_journal_start_sb(sb, EXT4_HT_WRITE_PAGE,
718 EXT4_DATA_TRANS_BLOCKS(sb));
719 if (IS_ERR(handle)) {
720 up_read(&EXT4_I(inode)->i_mmap_sem);
721 sb_end_pagefault(sb);
722 return VM_FAULT_SIGBUS;
723 }
724 } else {
725 down_read(&EXT4_I(inode)->i_mmap_sem);
726 }
727 result = dax_iomap_fault(vmf, pe_size, &pfn, &error, &ext4_iomap_ops);
728 if (write) {
729 ext4_journal_stop(handle);
730
731 if ((result & VM_FAULT_ERROR) && error == -ENOSPC &&
732 ext4_should_retry_alloc(sb, &retries))
733 goto retry;
734 /* Handling synchronous page fault? */
735 if (result & VM_FAULT_NEEDDSYNC)
736 result = dax_finish_sync_fault(vmf, pe_size, pfn);
737 up_read(&EXT4_I(inode)->i_mmap_sem);
738 sb_end_pagefault(sb);
739 } else {
740 up_read(&EXT4_I(inode)->i_mmap_sem);
741 }
742
743 return result;
744 }
745
ext4_dax_fault(struct vm_fault * vmf)746 static vm_fault_t ext4_dax_fault(struct vm_fault *vmf)
747 {
748 return ext4_dax_huge_fault(vmf, PE_SIZE_PTE);
749 }
750
751 static const struct vm_operations_struct ext4_dax_vm_ops = {
752 .fault = ext4_dax_fault,
753 .huge_fault = ext4_dax_huge_fault,
754 .page_mkwrite = ext4_dax_fault,
755 .pfn_mkwrite = ext4_dax_fault,
756 };
757 #else
758 #define ext4_dax_vm_ops ext4_file_vm_ops
759 #endif
760
761 static const struct vm_operations_struct ext4_file_vm_ops = {
762 .fault = ext4_filemap_fault,
763 .map_pages = filemap_map_pages,
764 .page_mkwrite = ext4_page_mkwrite,
765 };
766
ext4_file_mmap(struct file * file,struct vm_area_struct * vma)767 static int ext4_file_mmap(struct file *file, struct vm_area_struct *vma)
768 {
769 struct inode *inode = file->f_mapping->host;
770 struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb);
771 struct dax_device *dax_dev = sbi->s_daxdev;
772
773 if (unlikely(ext4_forced_shutdown(sbi)))
774 return -EIO;
775
776 /*
777 * We don't support synchronous mappings for non-DAX files and
778 * for DAX files if underneath dax_device is not synchronous.
779 */
780 if (!daxdev_mapping_supported(vma, dax_dev))
781 return -EOPNOTSUPP;
782
783 file_accessed(file);
784 if (IS_DAX(file_inode(file))) {
785 vma->vm_ops = &ext4_dax_vm_ops;
786 vma->vm_flags |= VM_HUGEPAGE;
787 } else {
788 vma->vm_ops = &ext4_file_vm_ops;
789 }
790 return 0;
791 }
792
ext4_sample_last_mounted(struct super_block * sb,struct vfsmount * mnt)793 static int ext4_sample_last_mounted(struct super_block *sb,
794 struct vfsmount *mnt)
795 {
796 struct ext4_sb_info *sbi = EXT4_SB(sb);
797 struct path path;
798 char buf[64], *cp;
799 handle_t *handle;
800 int err;
801
802 if (likely(ext4_test_mount_flag(sb, EXT4_MF_MNTDIR_SAMPLED)))
803 return 0;
804
805 if (sb_rdonly(sb) || !sb_start_intwrite_trylock(sb))
806 return 0;
807
808 ext4_set_mount_flag(sb, EXT4_MF_MNTDIR_SAMPLED);
809 /*
810 * Sample where the filesystem has been mounted and
811 * store it in the superblock for sysadmin convenience
812 * when trying to sort through large numbers of block
813 * devices or filesystem images.
814 */
815 memset(buf, 0, sizeof(buf));
816 path.mnt = mnt;
817 path.dentry = mnt->mnt_root;
818 cp = d_path(&path, buf, sizeof(buf));
819 err = 0;
820 if (IS_ERR(cp))
821 goto out;
822
823 handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1);
824 err = PTR_ERR(handle);
825 if (IS_ERR(handle))
826 goto out;
827 BUFFER_TRACE(sbi->s_sbh, "get_write_access");
828 err = ext4_journal_get_write_access(handle, sbi->s_sbh);
829 if (err)
830 goto out_journal;
831 lock_buffer(sbi->s_sbh);
832 strncpy(sbi->s_es->s_last_mounted, cp,
833 sizeof(sbi->s_es->s_last_mounted));
834 ext4_superblock_csum_set(sb);
835 unlock_buffer(sbi->s_sbh);
836 ext4_handle_dirty_metadata(handle, NULL, sbi->s_sbh);
837 out_journal:
838 ext4_journal_stop(handle);
839 out:
840 sb_end_intwrite(sb);
841 return err;
842 }
843
ext4_file_open(struct inode * inode,struct file * filp)844 static int ext4_file_open(struct inode *inode, struct file *filp)
845 {
846 int ret;
847
848 if (unlikely(ext4_forced_shutdown(EXT4_SB(inode->i_sb))))
849 return -EIO;
850
851 ret = ext4_sample_last_mounted(inode->i_sb, filp->f_path.mnt);
852 if (ret)
853 return ret;
854
855 ret = fscrypt_file_open(inode, filp);
856 if (ret)
857 return ret;
858
859 ret = fsverity_file_open(inode, filp);
860 if (ret)
861 return ret;
862
863 /*
864 * Set up the jbd2_inode if we are opening the inode for
865 * writing and the journal is present
866 */
867 if (filp->f_mode & FMODE_WRITE) {
868 ret = ext4_inode_attach_jinode(inode);
869 if (ret < 0)
870 return ret;
871 }
872
873 filp->f_mode |= FMODE_NOWAIT | FMODE_BUF_RASYNC;
874 return dquot_file_open(inode, filp);
875 }
876
877 /*
878 * ext4_llseek() handles both block-mapped and extent-mapped maxbytes values
879 * by calling generic_file_llseek_size() with the appropriate maxbytes
880 * value for each.
881 */
ext4_llseek(struct file * file,loff_t offset,int whence)882 loff_t ext4_llseek(struct file *file, loff_t offset, int whence)
883 {
884 struct inode *inode = file->f_mapping->host;
885 loff_t maxbytes;
886
887 if (!(ext4_test_inode_flag(inode, EXT4_INODE_EXTENTS)))
888 maxbytes = EXT4_SB(inode->i_sb)->s_bitmap_maxbytes;
889 else
890 maxbytes = inode->i_sb->s_maxbytes;
891
892 switch (whence) {
893 default:
894 return generic_file_llseek_size(file, offset, whence,
895 maxbytes, i_size_read(inode));
896 case SEEK_HOLE:
897 inode_lock_shared(inode);
898 offset = iomap_seek_hole(inode, offset,
899 &ext4_iomap_report_ops);
900 inode_unlock_shared(inode);
901 break;
902 case SEEK_DATA:
903 inode_lock_shared(inode);
904 offset = iomap_seek_data(inode, offset,
905 &ext4_iomap_report_ops);
906 inode_unlock_shared(inode);
907 break;
908 }
909
910 if (offset < 0)
911 return offset;
912 return vfs_setpos(file, offset, maxbytes);
913 }
914
915 const struct file_operations ext4_file_operations = {
916 .llseek = ext4_llseek,
917 .read_iter = ext4_file_read_iter,
918 .write_iter = ext4_file_write_iter,
919 .iopoll = iomap_dio_iopoll,
920 .unlocked_ioctl = ext4_ioctl,
921 #ifdef CONFIG_COMPAT
922 .compat_ioctl = ext4_compat_ioctl,
923 #endif
924 .mmap = ext4_file_mmap,
925 .mmap_supported_flags = MAP_SYNC,
926 .open = ext4_file_open,
927 .release = ext4_release_file,
928 .fsync = ext4_sync_file,
929 .get_unmapped_area = thp_get_unmapped_area,
930 .splice_read = generic_file_splice_read,
931 .splice_write = iter_file_splice_write,
932 .fallocate = ext4_fallocate,
933 };
934
935 const struct inode_operations ext4_file_inode_operations = {
936 .setattr = ext4_setattr,
937 .getattr = ext4_file_getattr,
938 .listxattr = ext4_listxattr,
939 .get_acl = ext4_get_acl,
940 .set_acl = ext4_set_acl,
941 .fiemap = ext4_fiemap,
942 };
943
944