1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * linux/fs/ext4/file.c
4 *
5 * Copyright (C) 1992, 1993, 1994, 1995
6 * Remy Card (card@masi.ibp.fr)
7 * Laboratoire MASI - Institut Blaise Pascal
8 * Universite Pierre et Marie Curie (Paris VI)
9 *
10 * from
11 *
12 * linux/fs/minix/file.c
13 *
14 * Copyright (C) 1991, 1992 Linus Torvalds
15 *
16 * ext4 fs regular file handling primitives
17 *
18 * 64-bit file support on 64-bit platforms by Jakub Jelinek
19 * (jj@sunsite.ms.mff.cuni.cz)
20 */
21
22 #include <linux/time.h>
23 #include <linux/fs.h>
24 #include <linux/iomap.h>
25 #include <linux/mount.h>
26 #include <linux/path.h>
27 #include <linux/dax.h>
28 #include <linux/quotaops.h>
29 #include <linux/pagevec.h>
30 #include <linux/uio.h>
31 #include <linux/mman.h>
32 #include <linux/backing-dev.h>
33 #include "ext4.h"
34 #include "ext4_jbd2.h"
35 #include "xattr.h"
36 #include "acl.h"
37 #include "truncate.h"
38
ext4_dio_supported(struct kiocb * iocb,struct iov_iter * iter)39 static bool ext4_dio_supported(struct kiocb *iocb, struct iov_iter *iter)
40 {
41 struct inode *inode = file_inode(iocb->ki_filp);
42
43 if (!fscrypt_dio_supported(iocb, iter))
44 return false;
45 if (fsverity_active(inode))
46 return false;
47 if (ext4_should_journal_data(inode))
48 return false;
49 if (ext4_has_inline_data(inode))
50 return false;
51 return true;
52 }
53
ext4_dio_read_iter(struct kiocb * iocb,struct iov_iter * to)54 static ssize_t ext4_dio_read_iter(struct kiocb *iocb, struct iov_iter *to)
55 {
56 ssize_t ret;
57 struct inode *inode = file_inode(iocb->ki_filp);
58
59 if (iocb->ki_flags & IOCB_NOWAIT) {
60 if (!inode_trylock_shared(inode))
61 return -EAGAIN;
62 } else {
63 inode_lock_shared(inode);
64 }
65
66 if (!ext4_dio_supported(iocb, to)) {
67 inode_unlock_shared(inode);
68 /*
69 * Fallback to buffered I/O if the operation being performed on
70 * the inode is not supported by direct I/O. The IOCB_DIRECT
71 * flag needs to be cleared here in order to ensure that the
72 * direct I/O path within generic_file_read_iter() is not
73 * taken.
74 */
75 iocb->ki_flags &= ~IOCB_DIRECT;
76 return generic_file_read_iter(iocb, to);
77 }
78
79 ret = iomap_dio_rw(iocb, to, &ext4_iomap_ops, NULL,
80 is_sync_kiocb(iocb));
81 inode_unlock_shared(inode);
82
83 file_accessed(iocb->ki_filp);
84 return ret;
85 }
86
87 #ifdef CONFIG_FS_DAX
ext4_dax_read_iter(struct kiocb * iocb,struct iov_iter * to)88 static ssize_t ext4_dax_read_iter(struct kiocb *iocb, struct iov_iter *to)
89 {
90 struct inode *inode = file_inode(iocb->ki_filp);
91 ssize_t ret;
92
93 if (iocb->ki_flags & IOCB_NOWAIT) {
94 if (!inode_trylock_shared(inode))
95 return -EAGAIN;
96 } else {
97 inode_lock_shared(inode);
98 }
99 /*
100 * Recheck under inode lock - at this point we are sure it cannot
101 * change anymore
102 */
103 if (!IS_DAX(inode)) {
104 inode_unlock_shared(inode);
105 /* Fallback to buffered IO in case we cannot support DAX */
106 return generic_file_read_iter(iocb, to);
107 }
108 ret = dax_iomap_rw(iocb, to, &ext4_iomap_ops);
109 inode_unlock_shared(inode);
110
111 file_accessed(iocb->ki_filp);
112 return ret;
113 }
114 #endif
115
ext4_file_read_iter(struct kiocb * iocb,struct iov_iter * to)116 static ssize_t ext4_file_read_iter(struct kiocb *iocb, struct iov_iter *to)
117 {
118 struct inode *inode = file_inode(iocb->ki_filp);
119
120 if (unlikely(ext4_forced_shutdown(EXT4_SB(inode->i_sb))))
121 return -EIO;
122
123 if (!iov_iter_count(to))
124 return 0; /* skip atime */
125
126 #ifdef CONFIG_FS_DAX
127 if (IS_DAX(inode))
128 return ext4_dax_read_iter(iocb, to);
129 #endif
130 if (iocb->ki_flags & IOCB_DIRECT)
131 return ext4_dio_read_iter(iocb, to);
132
133 return generic_file_read_iter(iocb, to);
134 }
135
136 /*
137 * Called when an inode is released. Note that this is different
138 * from ext4_file_open: open gets called at every open, but release
139 * gets called only when /all/ the files are closed.
140 */
ext4_release_file(struct inode * inode,struct file * filp)141 static int ext4_release_file(struct inode *inode, struct file *filp)
142 {
143 if (ext4_test_inode_state(inode, EXT4_STATE_DA_ALLOC_CLOSE)) {
144 ext4_alloc_da_blocks(inode);
145 ext4_clear_inode_state(inode, EXT4_STATE_DA_ALLOC_CLOSE);
146 }
147 /* if we are the last writer on the inode, drop the block reservation */
148 if ((filp->f_mode & FMODE_WRITE) &&
149 (atomic_read(&inode->i_writecount) == 1) &&
150 !EXT4_I(inode)->i_reserved_data_blocks) {
151 down_write(&EXT4_I(inode)->i_data_sem);
152 ext4_discard_preallocations(inode, 0);
153 up_write(&EXT4_I(inode)->i_data_sem);
154 }
155 if (is_dx(inode) && filp->private_data)
156 ext4_htree_free_dir_info(filp->private_data);
157
158 return 0;
159 }
160
161 /*
162 * This tests whether the IO in question is block-aligned or not.
163 * Ext4 utilizes unwritten extents when hole-filling during direct IO, and they
164 * are converted to written only after the IO is complete. Until they are
165 * mapped, these blocks appear as holes, so dio_zero_block() will assume that
166 * it needs to zero out portions of the start and/or end block. If 2 AIO
167 * threads are at work on the same unwritten block, they must be synchronized
168 * or one thread will zero the other's data, causing corruption.
169 */
170 static bool
ext4_unaligned_io(struct inode * inode,struct iov_iter * from,loff_t pos)171 ext4_unaligned_io(struct inode *inode, struct iov_iter *from, loff_t pos)
172 {
173 struct super_block *sb = inode->i_sb;
174 unsigned long blockmask = sb->s_blocksize - 1;
175
176 if ((pos | iov_iter_alignment(from)) & blockmask)
177 return true;
178
179 return false;
180 }
181
182 static bool
ext4_extending_io(struct inode * inode,loff_t offset,size_t len)183 ext4_extending_io(struct inode *inode, loff_t offset, size_t len)
184 {
185 if (offset + len > i_size_read(inode) ||
186 offset + len > EXT4_I(inode)->i_disksize)
187 return true;
188 return false;
189 }
190
191 /* Is IO overwriting allocated and initialized blocks? */
ext4_overwrite_io(struct inode * inode,loff_t pos,loff_t len)192 static bool ext4_overwrite_io(struct inode *inode, loff_t pos, loff_t len)
193 {
194 struct ext4_map_blocks map;
195 unsigned int blkbits = inode->i_blkbits;
196 int err, blklen;
197
198 if (pos + len > i_size_read(inode))
199 return false;
200
201 map.m_lblk = pos >> blkbits;
202 map.m_len = EXT4_MAX_BLOCKS(len, pos, blkbits);
203 blklen = map.m_len;
204
205 err = ext4_map_blocks(NULL, inode, &map, 0);
206 /*
207 * 'err==len' means that all of the blocks have been preallocated,
208 * regardless of whether they have been initialized or not. To exclude
209 * unwritten extents, we need to check m_flags.
210 */
211 return err == blklen && (map.m_flags & EXT4_MAP_MAPPED);
212 }
213
ext4_generic_write_checks(struct kiocb * iocb,struct iov_iter * from)214 static ssize_t ext4_generic_write_checks(struct kiocb *iocb,
215 struct iov_iter *from)
216 {
217 struct inode *inode = file_inode(iocb->ki_filp);
218 ssize_t ret;
219
220 if (unlikely(IS_IMMUTABLE(inode)))
221 return -EPERM;
222
223 ret = generic_write_checks(iocb, from);
224 if (ret <= 0)
225 return ret;
226
227 /*
228 * If we have encountered a bitmap-format file, the size limit
229 * is smaller than s_maxbytes, which is for extent-mapped files.
230 */
231 if (!(ext4_test_inode_flag(inode, EXT4_INODE_EXTENTS))) {
232 struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb);
233
234 if (iocb->ki_pos >= sbi->s_bitmap_maxbytes)
235 return -EFBIG;
236 iov_iter_truncate(from, sbi->s_bitmap_maxbytes - iocb->ki_pos);
237 }
238
239 return iov_iter_count(from);
240 }
241
ext4_write_checks(struct kiocb * iocb,struct iov_iter * from)242 static ssize_t ext4_write_checks(struct kiocb *iocb, struct iov_iter *from)
243 {
244 ssize_t ret, count;
245
246 count = ext4_generic_write_checks(iocb, from);
247 if (count <= 0)
248 return count;
249
250 ret = file_modified(iocb->ki_filp);
251 if (ret)
252 return ret;
253 return count;
254 }
255
ext4_buffered_write_iter(struct kiocb * iocb,struct iov_iter * from)256 static ssize_t ext4_buffered_write_iter(struct kiocb *iocb,
257 struct iov_iter *from)
258 {
259 ssize_t ret;
260 struct inode *inode = file_inode(iocb->ki_filp);
261
262 if (iocb->ki_flags & IOCB_NOWAIT)
263 return -EOPNOTSUPP;
264
265 inode_lock(inode);
266 ret = ext4_write_checks(iocb, from);
267 if (ret <= 0)
268 goto out;
269
270 current->backing_dev_info = inode_to_bdi(inode);
271 ret = generic_perform_write(iocb->ki_filp, from, iocb->ki_pos);
272 current->backing_dev_info = NULL;
273
274 out:
275 inode_unlock(inode);
276 if (likely(ret > 0)) {
277 iocb->ki_pos += ret;
278 ret = generic_write_sync(iocb, ret);
279 }
280
281 return ret;
282 }
283
ext4_handle_inode_extension(struct inode * inode,loff_t offset,ssize_t written,size_t count)284 static ssize_t ext4_handle_inode_extension(struct inode *inode, loff_t offset,
285 ssize_t written, size_t count)
286 {
287 handle_t *handle;
288 bool truncate = false;
289 u8 blkbits = inode->i_blkbits;
290 ext4_lblk_t written_blk, end_blk;
291 int ret;
292
293 /*
294 * Note that EXT4_I(inode)->i_disksize can get extended up to
295 * inode->i_size while the I/O was running due to writeback of delalloc
296 * blocks. But, the code in ext4_iomap_alloc() is careful to use
297 * zeroed/unwritten extents if this is possible; thus we won't leave
298 * uninitialized blocks in a file even if we didn't succeed in writing
299 * as much as we intended.
300 */
301 WARN_ON_ONCE(i_size_read(inode) < EXT4_I(inode)->i_disksize);
302 if (offset + count <= EXT4_I(inode)->i_disksize) {
303 /*
304 * We need to ensure that the inode is removed from the orphan
305 * list if it has been added prematurely, due to writeback of
306 * delalloc blocks.
307 */
308 if (!list_empty(&EXT4_I(inode)->i_orphan) && inode->i_nlink) {
309 handle = ext4_journal_start(inode, EXT4_HT_INODE, 2);
310
311 if (IS_ERR(handle)) {
312 ext4_orphan_del(NULL, inode);
313 return PTR_ERR(handle);
314 }
315
316 ext4_orphan_del(handle, inode);
317 ext4_journal_stop(handle);
318 }
319
320 return written;
321 }
322
323 if (written < 0)
324 goto truncate;
325
326 handle = ext4_journal_start(inode, EXT4_HT_INODE, 2);
327 if (IS_ERR(handle)) {
328 written = PTR_ERR(handle);
329 goto truncate;
330 }
331
332 if (ext4_update_inode_size(inode, offset + written)) {
333 ret = ext4_mark_inode_dirty(handle, inode);
334 if (unlikely(ret)) {
335 written = ret;
336 ext4_journal_stop(handle);
337 goto truncate;
338 }
339 }
340
341 /*
342 * We may need to truncate allocated but not written blocks beyond EOF.
343 */
344 written_blk = ALIGN(offset + written, 1 << blkbits);
345 end_blk = ALIGN(offset + count, 1 << blkbits);
346 if (written_blk < end_blk && ext4_can_truncate(inode))
347 truncate = true;
348
349 /*
350 * Remove the inode from the orphan list if it has been extended and
351 * everything went OK.
352 */
353 if (!truncate && inode->i_nlink)
354 ext4_orphan_del(handle, inode);
355 ext4_journal_stop(handle);
356
357 if (truncate) {
358 truncate:
359 ext4_truncate_failed_write(inode);
360 /*
361 * If the truncate operation failed early, then the inode may
362 * still be on the orphan list. In that case, we need to try
363 * remove the inode from the in-memory linked list.
364 */
365 if (inode->i_nlink)
366 ext4_orphan_del(NULL, inode);
367 }
368
369 return written;
370 }
371
ext4_dio_write_end_io(struct kiocb * iocb,ssize_t size,int error,unsigned int flags)372 static int ext4_dio_write_end_io(struct kiocb *iocb, ssize_t size,
373 int error, unsigned int flags)
374 {
375 loff_t pos = iocb->ki_pos;
376 struct inode *inode = file_inode(iocb->ki_filp);
377
378 if (error)
379 return error;
380
381 if (size && flags & IOMAP_DIO_UNWRITTEN) {
382 error = ext4_convert_unwritten_extents(NULL, inode, pos, size);
383 if (error < 0)
384 return error;
385 }
386 /*
387 * If we are extending the file, we have to update i_size here before
388 * page cache gets invalidated in iomap_dio_rw(). Otherwise racing
389 * buffered reads could zero out too much from page cache pages. Update
390 * of on-disk size will happen later in ext4_dio_write_iter() where
391 * we have enough information to also perform orphan list handling etc.
392 * Note that we perform all extending writes synchronously under
393 * i_rwsem held exclusively so i_size update is safe here in that case.
394 * If the write was not extending, we cannot see pos > i_size here
395 * because operations reducing i_size like truncate wait for all
396 * outstanding DIO before updating i_size.
397 */
398 pos += size;
399 if (pos > i_size_read(inode))
400 i_size_write(inode, pos);
401
402 return 0;
403 }
404
405 static const struct iomap_dio_ops ext4_dio_write_ops = {
406 .end_io = ext4_dio_write_end_io,
407 };
408
409 /*
410 * The intention here is to start with shared lock acquired then see if any
411 * condition requires an exclusive inode lock. If yes, then we restart the
412 * whole operation by releasing the shared lock and acquiring exclusive lock.
413 *
414 * - For unaligned_io we never take shared lock as it may cause data corruption
415 * when two unaligned IO tries to modify the same block e.g. while zeroing.
416 *
417 * - For extending writes case we don't take the shared lock, since it requires
418 * updating inode i_disksize and/or orphan handling with exclusive lock.
419 *
420 * - shared locking will only be true mostly with overwrites. Otherwise we will
421 * switch to exclusive i_rwsem lock.
422 */
ext4_dio_write_checks(struct kiocb * iocb,struct iov_iter * from,bool * ilock_shared,bool * extend)423 static ssize_t ext4_dio_write_checks(struct kiocb *iocb, struct iov_iter *from,
424 bool *ilock_shared, bool *extend)
425 {
426 struct file *file = iocb->ki_filp;
427 struct inode *inode = file_inode(file);
428 loff_t offset;
429 size_t count;
430 ssize_t ret;
431
432 restart:
433 ret = ext4_generic_write_checks(iocb, from);
434 if (ret <= 0)
435 goto out;
436
437 offset = iocb->ki_pos;
438 count = ret;
439 if (ext4_extending_io(inode, offset, count))
440 *extend = true;
441 /*
442 * Determine whether the IO operation will overwrite allocated
443 * and initialized blocks.
444 * We need exclusive i_rwsem for changing security info
445 * in file_modified().
446 */
447 if (*ilock_shared && (!IS_NOSEC(inode) || *extend ||
448 !ext4_overwrite_io(inode, offset, count))) {
449 if (iocb->ki_flags & IOCB_NOWAIT) {
450 ret = -EAGAIN;
451 goto out;
452 }
453 inode_unlock_shared(inode);
454 *ilock_shared = false;
455 inode_lock(inode);
456 goto restart;
457 }
458
459 ret = file_modified(file);
460 if (ret < 0)
461 goto out;
462
463 return count;
464 out:
465 if (*ilock_shared)
466 inode_unlock_shared(inode);
467 else
468 inode_unlock(inode);
469 return ret;
470 }
471
ext4_dio_write_iter(struct kiocb * iocb,struct iov_iter * from)472 static ssize_t ext4_dio_write_iter(struct kiocb *iocb, struct iov_iter *from)
473 {
474 ssize_t ret;
475 handle_t *handle;
476 struct inode *inode = file_inode(iocb->ki_filp);
477 loff_t offset = iocb->ki_pos;
478 size_t count = iov_iter_count(from);
479 const struct iomap_ops *iomap_ops = &ext4_iomap_ops;
480 bool extend = false, unaligned_io = false;
481 bool ilock_shared = true;
482
483 /*
484 * We initially start with shared inode lock unless it is
485 * unaligned IO which needs exclusive lock anyways.
486 */
487 if (ext4_unaligned_io(inode, from, offset)) {
488 unaligned_io = true;
489 ilock_shared = false;
490 }
491 /*
492 * Quick check here without any i_rwsem lock to see if it is extending
493 * IO. A more reliable check is done in ext4_dio_write_checks() with
494 * proper locking in place.
495 */
496 if (offset + count > i_size_read(inode))
497 ilock_shared = false;
498
499 if (iocb->ki_flags & IOCB_NOWAIT) {
500 if (ilock_shared) {
501 if (!inode_trylock_shared(inode))
502 return -EAGAIN;
503 } else {
504 if (!inode_trylock(inode))
505 return -EAGAIN;
506 }
507 } else {
508 if (ilock_shared)
509 inode_lock_shared(inode);
510 else
511 inode_lock(inode);
512 }
513
514 /* Fallback to buffered I/O if the inode does not support direct I/O. */
515 if (!ext4_dio_supported(iocb, from)) {
516 if (ilock_shared)
517 inode_unlock_shared(inode);
518 else
519 inode_unlock(inode);
520 return ext4_buffered_write_iter(iocb, from);
521 }
522
523 ret = ext4_dio_write_checks(iocb, from, &ilock_shared, &extend);
524 if (ret <= 0)
525 return ret;
526
527 /* if we're going to block and IOCB_NOWAIT is set, return -EAGAIN */
528 if ((iocb->ki_flags & IOCB_NOWAIT) && (unaligned_io || extend)) {
529 ret = -EAGAIN;
530 goto out;
531 }
532 /*
533 * Make sure inline data cannot be created anymore since we are going
534 * to allocate blocks for DIO. We know the inode does not have any
535 * inline data now because ext4_dio_supported() checked for that.
536 */
537 ext4_clear_inode_state(inode, EXT4_STATE_MAY_INLINE_DATA);
538
539 offset = iocb->ki_pos;
540 count = ret;
541
542 /*
543 * Unaligned direct IO must be serialized among each other as zeroing
544 * of partial blocks of two competing unaligned IOs can result in data
545 * corruption.
546 *
547 * So we make sure we don't allow any unaligned IO in flight.
548 * For IOs where we need not wait (like unaligned non-AIO DIO),
549 * below inode_dio_wait() may anyway become a no-op, since we start
550 * with exclusive lock.
551 */
552 if (unaligned_io)
553 inode_dio_wait(inode);
554
555 if (extend) {
556 handle = ext4_journal_start(inode, EXT4_HT_INODE, 2);
557 if (IS_ERR(handle)) {
558 ret = PTR_ERR(handle);
559 goto out;
560 }
561
562 ret = ext4_orphan_add(handle, inode);
563 if (ret) {
564 ext4_journal_stop(handle);
565 goto out;
566 }
567
568 ext4_journal_stop(handle);
569 }
570
571 if (ilock_shared)
572 iomap_ops = &ext4_iomap_overwrite_ops;
573 ret = iomap_dio_rw(iocb, from, iomap_ops, &ext4_dio_write_ops,
574 is_sync_kiocb(iocb) || unaligned_io || extend);
575 if (ret == -ENOTBLK)
576 ret = 0;
577
578 if (extend)
579 ret = ext4_handle_inode_extension(inode, offset, ret, count);
580
581 out:
582 if (ilock_shared)
583 inode_unlock_shared(inode);
584 else
585 inode_unlock(inode);
586
587 if (ret >= 0 && iov_iter_count(from)) {
588 ssize_t err;
589 loff_t endbyte;
590
591 offset = iocb->ki_pos;
592 err = ext4_buffered_write_iter(iocb, from);
593 if (err < 0)
594 return err;
595
596 /*
597 * We need to ensure that the pages within the page cache for
598 * the range covered by this I/O are written to disk and
599 * invalidated. This is in attempt to preserve the expected
600 * direct I/O semantics in the case we fallback to buffered I/O
601 * to complete off the I/O request.
602 */
603 ret += err;
604 endbyte = offset + err - 1;
605 err = filemap_write_and_wait_range(iocb->ki_filp->f_mapping,
606 offset, endbyte);
607 if (!err)
608 invalidate_mapping_pages(iocb->ki_filp->f_mapping,
609 offset >> PAGE_SHIFT,
610 endbyte >> PAGE_SHIFT);
611 }
612
613 return ret;
614 }
615
616 #ifdef CONFIG_FS_DAX
617 static ssize_t
ext4_dax_write_iter(struct kiocb * iocb,struct iov_iter * from)618 ext4_dax_write_iter(struct kiocb *iocb, struct iov_iter *from)
619 {
620 ssize_t ret;
621 size_t count;
622 loff_t offset;
623 handle_t *handle;
624 bool extend = false;
625 struct inode *inode = file_inode(iocb->ki_filp);
626
627 if (iocb->ki_flags & IOCB_NOWAIT) {
628 if (!inode_trylock(inode))
629 return -EAGAIN;
630 } else {
631 inode_lock(inode);
632 }
633
634 ret = ext4_write_checks(iocb, from);
635 if (ret <= 0)
636 goto out;
637
638 offset = iocb->ki_pos;
639 count = iov_iter_count(from);
640
641 if (offset + count > EXT4_I(inode)->i_disksize) {
642 handle = ext4_journal_start(inode, EXT4_HT_INODE, 2);
643 if (IS_ERR(handle)) {
644 ret = PTR_ERR(handle);
645 goto out;
646 }
647
648 ret = ext4_orphan_add(handle, inode);
649 if (ret) {
650 ext4_journal_stop(handle);
651 goto out;
652 }
653
654 extend = true;
655 ext4_journal_stop(handle);
656 }
657
658 ret = dax_iomap_rw(iocb, from, &ext4_iomap_ops);
659
660 if (extend)
661 ret = ext4_handle_inode_extension(inode, offset, ret, count);
662 out:
663 inode_unlock(inode);
664 if (ret > 0)
665 ret = generic_write_sync(iocb, ret);
666 return ret;
667 }
668 #endif
669
670 static ssize_t
ext4_file_write_iter(struct kiocb * iocb,struct iov_iter * from)671 ext4_file_write_iter(struct kiocb *iocb, struct iov_iter *from)
672 {
673 struct inode *inode = file_inode(iocb->ki_filp);
674
675 if (unlikely(ext4_forced_shutdown(EXT4_SB(inode->i_sb))))
676 return -EIO;
677
678 #ifdef CONFIG_FS_DAX
679 if (IS_DAX(inode))
680 return ext4_dax_write_iter(iocb, from);
681 #endif
682 if (iocb->ki_flags & IOCB_DIRECT)
683 return ext4_dio_write_iter(iocb, from);
684 else
685 return ext4_buffered_write_iter(iocb, from);
686 }
687
688 #ifdef CONFIG_FS_DAX
ext4_dax_huge_fault(struct vm_fault * vmf,enum page_entry_size pe_size)689 static vm_fault_t ext4_dax_huge_fault(struct vm_fault *vmf,
690 enum page_entry_size pe_size)
691 {
692 int error = 0;
693 vm_fault_t result;
694 int retries = 0;
695 handle_t *handle = NULL;
696 struct inode *inode = file_inode(vmf->vma->vm_file);
697 struct super_block *sb = inode->i_sb;
698
699 /*
700 * We have to distinguish real writes from writes which will result in a
701 * COW page; COW writes should *not* poke the journal (the file will not
702 * be changed). Doing so would cause unintended failures when mounted
703 * read-only.
704 *
705 * We check for VM_SHARED rather than vmf->cow_page since the latter is
706 * unset for pe_size != PE_SIZE_PTE (i.e. only in do_cow_fault); for
707 * other sizes, dax_iomap_fault will handle splitting / fallback so that
708 * we eventually come back with a COW page.
709 */
710 bool write = (vmf->flags & FAULT_FLAG_WRITE) &&
711 (vmf->vma->vm_flags & VM_SHARED);
712 pfn_t pfn;
713
714 if (write) {
715 sb_start_pagefault(sb);
716 file_update_time(vmf->vma->vm_file);
717 down_read(&EXT4_I(inode)->i_mmap_sem);
718 retry:
719 handle = ext4_journal_start_sb(sb, EXT4_HT_WRITE_PAGE,
720 EXT4_DATA_TRANS_BLOCKS(sb));
721 if (IS_ERR(handle)) {
722 up_read(&EXT4_I(inode)->i_mmap_sem);
723 sb_end_pagefault(sb);
724 return VM_FAULT_SIGBUS;
725 }
726 } else {
727 down_read(&EXT4_I(inode)->i_mmap_sem);
728 }
729 result = dax_iomap_fault(vmf, pe_size, &pfn, &error, &ext4_iomap_ops);
730 if (write) {
731 ext4_journal_stop(handle);
732
733 if ((result & VM_FAULT_ERROR) && error == -ENOSPC &&
734 ext4_should_retry_alloc(sb, &retries))
735 goto retry;
736 /* Handling synchronous page fault? */
737 if (result & VM_FAULT_NEEDDSYNC)
738 result = dax_finish_sync_fault(vmf, pe_size, pfn);
739 up_read(&EXT4_I(inode)->i_mmap_sem);
740 sb_end_pagefault(sb);
741 } else {
742 up_read(&EXT4_I(inode)->i_mmap_sem);
743 }
744
745 return result;
746 }
747
ext4_dax_fault(struct vm_fault * vmf)748 static vm_fault_t ext4_dax_fault(struct vm_fault *vmf)
749 {
750 return ext4_dax_huge_fault(vmf, PE_SIZE_PTE);
751 }
752
753 static const struct vm_operations_struct ext4_dax_vm_ops = {
754 .fault = ext4_dax_fault,
755 .huge_fault = ext4_dax_huge_fault,
756 .page_mkwrite = ext4_dax_fault,
757 .pfn_mkwrite = ext4_dax_fault,
758 };
759 #else
760 #define ext4_dax_vm_ops ext4_file_vm_ops
761 #endif
762
763 static const struct vm_operations_struct ext4_file_vm_ops = {
764 .fault = ext4_filemap_fault,
765 .map_pages = filemap_map_pages,
766 .page_mkwrite = ext4_page_mkwrite,
767 #ifdef CONFIG_SPECULATIVE_PAGE_FAULT
768 .allow_speculation = filemap_allow_speculation,
769 #endif
770 };
771
ext4_file_mmap(struct file * file,struct vm_area_struct * vma)772 static int ext4_file_mmap(struct file *file, struct vm_area_struct *vma)
773 {
774 struct inode *inode = file->f_mapping->host;
775 struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb);
776 struct dax_device *dax_dev = sbi->s_daxdev;
777
778 if (unlikely(ext4_forced_shutdown(sbi)))
779 return -EIO;
780
781 /*
782 * We don't support synchronous mappings for non-DAX files and
783 * for DAX files if underneath dax_device is not synchronous.
784 */
785 if (!daxdev_mapping_supported(vma, dax_dev))
786 return -EOPNOTSUPP;
787
788 file_accessed(file);
789 if (IS_DAX(file_inode(file))) {
790 vma->vm_ops = &ext4_dax_vm_ops;
791 vma->vm_flags |= VM_HUGEPAGE;
792 } else {
793 vma->vm_ops = &ext4_file_vm_ops;
794 }
795 return 0;
796 }
797
ext4_sample_last_mounted(struct super_block * sb,struct vfsmount * mnt)798 static int ext4_sample_last_mounted(struct super_block *sb,
799 struct vfsmount *mnt)
800 {
801 struct ext4_sb_info *sbi = EXT4_SB(sb);
802 struct path path;
803 char buf[64], *cp;
804 handle_t *handle;
805 int err;
806
807 if (likely(ext4_test_mount_flag(sb, EXT4_MF_MNTDIR_SAMPLED)))
808 return 0;
809
810 if (sb_rdonly(sb) || !sb_start_intwrite_trylock(sb))
811 return 0;
812
813 ext4_set_mount_flag(sb, EXT4_MF_MNTDIR_SAMPLED);
814 /*
815 * Sample where the filesystem has been mounted and
816 * store it in the superblock for sysadmin convenience
817 * when trying to sort through large numbers of block
818 * devices or filesystem images.
819 */
820 memset(buf, 0, sizeof(buf));
821 path.mnt = mnt;
822 path.dentry = mnt->mnt_root;
823 cp = d_path(&path, buf, sizeof(buf));
824 err = 0;
825 if (IS_ERR(cp))
826 goto out;
827
828 handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1);
829 err = PTR_ERR(handle);
830 if (IS_ERR(handle))
831 goto out;
832 BUFFER_TRACE(sbi->s_sbh, "get_write_access");
833 err = ext4_journal_get_write_access(handle, sbi->s_sbh);
834 if (err)
835 goto out_journal;
836 strncpy(sbi->s_es->s_last_mounted, cp,
837 sizeof(sbi->s_es->s_last_mounted));
838 ext4_handle_dirty_super(handle, sb);
839 out_journal:
840 ext4_journal_stop(handle);
841 out:
842 sb_end_intwrite(sb);
843 return err;
844 }
845
ext4_file_open(struct inode * inode,struct file * filp)846 static int ext4_file_open(struct inode *inode, struct file *filp)
847 {
848 int ret;
849
850 if (unlikely(ext4_forced_shutdown(EXT4_SB(inode->i_sb))))
851 return -EIO;
852
853 ret = ext4_sample_last_mounted(inode->i_sb, filp->f_path.mnt);
854 if (ret)
855 return ret;
856
857 ret = fscrypt_file_open(inode, filp);
858 if (ret)
859 return ret;
860
861 ret = fsverity_file_open(inode, filp);
862 if (ret)
863 return ret;
864
865 /*
866 * Set up the jbd2_inode if we are opening the inode for
867 * writing and the journal is present
868 */
869 if (filp->f_mode & FMODE_WRITE) {
870 ret = ext4_inode_attach_jinode(inode);
871 if (ret < 0)
872 return ret;
873 }
874
875 filp->f_mode |= FMODE_NOWAIT | FMODE_BUF_RASYNC;
876 return dquot_file_open(inode, filp);
877 }
878
879 /*
880 * ext4_llseek() handles both block-mapped and extent-mapped maxbytes values
881 * by calling generic_file_llseek_size() with the appropriate maxbytes
882 * value for each.
883 */
ext4_llseek(struct file * file,loff_t offset,int whence)884 loff_t ext4_llseek(struct file *file, loff_t offset, int whence)
885 {
886 struct inode *inode = file->f_mapping->host;
887 loff_t maxbytes;
888
889 if (!(ext4_test_inode_flag(inode, EXT4_INODE_EXTENTS)))
890 maxbytes = EXT4_SB(inode->i_sb)->s_bitmap_maxbytes;
891 else
892 maxbytes = inode->i_sb->s_maxbytes;
893
894 switch (whence) {
895 default:
896 return generic_file_llseek_size(file, offset, whence,
897 maxbytes, i_size_read(inode));
898 case SEEK_HOLE:
899 inode_lock_shared(inode);
900 offset = iomap_seek_hole(inode, offset,
901 &ext4_iomap_report_ops);
902 inode_unlock_shared(inode);
903 break;
904 case SEEK_DATA:
905 inode_lock_shared(inode);
906 offset = iomap_seek_data(inode, offset,
907 &ext4_iomap_report_ops);
908 inode_unlock_shared(inode);
909 break;
910 }
911
912 if (offset < 0)
913 return offset;
914 return vfs_setpos(file, offset, maxbytes);
915 }
916
917 const struct file_operations ext4_file_operations = {
918 .llseek = ext4_llseek,
919 .read_iter = ext4_file_read_iter,
920 .write_iter = ext4_file_write_iter,
921 .iopoll = iomap_dio_iopoll,
922 .unlocked_ioctl = ext4_ioctl,
923 #ifdef CONFIG_COMPAT
924 .compat_ioctl = ext4_compat_ioctl,
925 #endif
926 .mmap = ext4_file_mmap,
927 .mmap_supported_flags = MAP_SYNC,
928 .open = ext4_file_open,
929 .release = ext4_release_file,
930 .fsync = ext4_sync_file,
931 .get_unmapped_area = thp_get_unmapped_area,
932 .splice_read = generic_file_splice_read,
933 .splice_write = iter_file_splice_write,
934 .fallocate = ext4_fallocate,
935 };
936
937 const struct inode_operations ext4_file_inode_operations = {
938 .setattr = ext4_setattr,
939 .getattr = ext4_file_getattr,
940 .listxattr = ext4_listxattr,
941 .get_acl = ext4_get_acl,
942 .set_acl = ext4_set_acl,
943 .fiemap = ext4_fiemap,
944 };
945
946