HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage()
[linux/fpc-iii.git] / fs / logfs / inode.c
blobaf49e2d6941a7c2f8120ee3ca99095e0bb2ea767
1 /*
2 * fs/logfs/inode.c - inode handling code
4 * As should be obvious for Linux kernel code, license is GPLv2
6 * Copyright (c) 2005-2008 Joern Engel <joern@logfs.org>
7 */
8 #include "logfs.h"
9 #include <linux/slab.h>
10 #include <linux/writeback.h>
11 #include <linux/backing-dev.h>
14 * How soon to reuse old inode numbers? LogFS doesn't store deleted inodes
15 * on the medium. It therefore also lacks a method to store the previous
16 * generation number for deleted inodes. Instead a single generation number
17 * is stored which will be used for new inodes. Being just a 32bit counter,
18 * this can obvious wrap relatively quickly. So we only reuse inodes if we
19 * know that a fair number of inodes can be created before we have to increment
20 * the generation again - effectively adding some bits to the counter.
21 * But being too aggressive here means we keep a very large and very sparse
22 * inode file, wasting space on indirect blocks.
23 * So what is a good value? Beats me. 64k seems moderately bad on both
24 * fronts, so let's use that for now...
26 * NFS sucks, as everyone already knows.
28 #define INOS_PER_WRAP (0x10000)
31 * Logfs' requirement to read inodes for garbage collection makes life a bit
32 * harder. GC may have to read inodes that are in I_FREEING state, when they
33 * are being written out - and waiting for GC to make progress, naturally.
35 * So we cannot just call iget() or some variant of it, but first have to check
36 * whether the inode in question might be in I_FREEING state. Therefore we
37 * maintain our own per-sb list of "almost deleted" inodes and check against
38 * that list first. Normally this should be at most 1-2 entries long.
40 * Also, inodes have logfs-specific reference counting on top of what the vfs
41 * does. When .destroy_inode is called, normally the reference count will drop
42 * to zero and the inode gets deleted. But if GC accessed the inode, its
43 * refcount will remain nonzero and final deletion will have to wait.
45 * As a result we have two sets of functions to get/put inodes:
46 * logfs_safe_iget/logfs_safe_iput - safe to call from GC context
47 * logfs_iget/iput - normal version
49 static struct kmem_cache *logfs_inode_cache;
51 static DEFINE_SPINLOCK(logfs_inode_lock);
53 static void logfs_inode_setops(struct inode *inode)
55 switch (inode->i_mode & S_IFMT) {
56 case S_IFDIR:
57 inode->i_op = &logfs_dir_iops;
58 inode->i_fop = &logfs_dir_fops;
59 inode->i_mapping->a_ops = &logfs_reg_aops;
60 break;
61 case S_IFREG:
62 inode->i_op = &logfs_reg_iops;
63 inode->i_fop = &logfs_reg_fops;
64 inode->i_mapping->a_ops = &logfs_reg_aops;
65 break;
66 case S_IFLNK:
67 inode->i_op = &logfs_symlink_iops;
68 inode->i_mapping->a_ops = &logfs_reg_aops;
69 break;
70 case S_IFSOCK: /* fall through */
71 case S_IFBLK: /* fall through */
72 case S_IFCHR: /* fall through */
73 case S_IFIFO:
74 init_special_inode(inode, inode->i_mode, inode->i_rdev);
75 break;
76 default:
77 BUG();
81 static struct inode *__logfs_iget(struct super_block *sb, ino_t ino)
83 struct inode *inode = iget_locked(sb, ino);
84 int err;
86 if (!inode)
87 return ERR_PTR(-ENOMEM);
88 if (!(inode->i_state & I_NEW))
89 return inode;
91 err = logfs_read_inode(inode);
92 if (err || inode->i_nlink == 0) {
93 /* inode->i_nlink == 0 can be true when called from
94 * block validator */
95 /* set i_nlink to 0 to prevent caching */
96 clear_nlink(inode);
97 logfs_inode(inode)->li_flags |= LOGFS_IF_ZOMBIE;
98 iget_failed(inode);
99 if (!err)
100 err = -ENOENT;
101 return ERR_PTR(err);
104 logfs_inode_setops(inode);
105 unlock_new_inode(inode);
106 return inode;
109 struct inode *logfs_iget(struct super_block *sb, ino_t ino)
111 BUG_ON(ino == LOGFS_INO_MASTER);
112 BUG_ON(ino == LOGFS_INO_SEGFILE);
113 return __logfs_iget(sb, ino);
117 * is_cached is set to 1 if we hand out a cached inode, 0 otherwise.
118 * this allows logfs_iput to do the right thing later
120 struct inode *logfs_safe_iget(struct super_block *sb, ino_t ino, int *is_cached)
122 struct logfs_super *super = logfs_super(sb);
123 struct logfs_inode *li;
125 if (ino == LOGFS_INO_MASTER)
126 return super->s_master_inode;
127 if (ino == LOGFS_INO_SEGFILE)
128 return super->s_segfile_inode;
130 spin_lock(&logfs_inode_lock);
131 list_for_each_entry(li, &super->s_freeing_list, li_freeing_list)
132 if (li->vfs_inode.i_ino == ino) {
133 li->li_refcount++;
134 spin_unlock(&logfs_inode_lock);
135 *is_cached = 1;
136 return &li->vfs_inode;
138 spin_unlock(&logfs_inode_lock);
140 *is_cached = 0;
141 return __logfs_iget(sb, ino);
144 static void logfs_i_callback(struct rcu_head *head)
146 struct inode *inode = container_of(head, struct inode, i_rcu);
147 kmem_cache_free(logfs_inode_cache, logfs_inode(inode));
150 static void __logfs_destroy_inode(struct inode *inode)
152 struct logfs_inode *li = logfs_inode(inode);
154 BUG_ON(li->li_block);
155 list_del(&li->li_freeing_list);
156 call_rcu(&inode->i_rcu, logfs_i_callback);
159 static void __logfs_destroy_meta_inode(struct inode *inode)
161 struct logfs_inode *li = logfs_inode(inode);
162 BUG_ON(li->li_block);
163 call_rcu(&inode->i_rcu, logfs_i_callback);
166 static void logfs_destroy_inode(struct inode *inode)
168 struct logfs_inode *li = logfs_inode(inode);
170 if (inode->i_ino < LOGFS_RESERVED_INOS) {
172 * The reserved inodes are never destroyed unless we are in
173 * unmont path.
175 __logfs_destroy_meta_inode(inode);
176 return;
179 BUG_ON(list_empty(&li->li_freeing_list));
180 spin_lock(&logfs_inode_lock);
181 li->li_refcount--;
182 if (li->li_refcount == 0)
183 __logfs_destroy_inode(inode);
184 spin_unlock(&logfs_inode_lock);
187 void logfs_safe_iput(struct inode *inode, int is_cached)
189 if (inode->i_ino == LOGFS_INO_MASTER)
190 return;
191 if (inode->i_ino == LOGFS_INO_SEGFILE)
192 return;
194 if (is_cached) {
195 logfs_destroy_inode(inode);
196 return;
199 iput(inode);
202 static void logfs_init_inode(struct super_block *sb, struct inode *inode)
204 struct logfs_inode *li = logfs_inode(inode);
205 int i;
207 li->li_flags = 0;
208 li->li_height = 0;
209 li->li_used_bytes = 0;
210 li->li_block = NULL;
211 i_uid_write(inode, 0);
212 i_gid_write(inode, 0);
213 inode->i_size = 0;
214 inode->i_blocks = 0;
215 inode->i_ctime = CURRENT_TIME;
216 inode->i_mtime = CURRENT_TIME;
217 li->li_refcount = 1;
218 INIT_LIST_HEAD(&li->li_freeing_list);
220 for (i = 0; i < LOGFS_EMBEDDED_FIELDS; i++)
221 li->li_data[i] = 0;
223 return;
226 static struct inode *logfs_alloc_inode(struct super_block *sb)
228 struct logfs_inode *li;
230 li = kmem_cache_alloc(logfs_inode_cache, GFP_NOFS);
231 if (!li)
232 return NULL;
233 logfs_init_inode(sb, &li->vfs_inode);
234 return &li->vfs_inode;
238 * In logfs inodes are written to an inode file. The inode file, like any
239 * other file, is managed with a inode. The inode file's inode, aka master
240 * inode, requires special handling in several respects. First, it cannot be
241 * written to the inode file, so it is stored in the journal instead.
243 * Secondly, this inode cannot be written back and destroyed before all other
244 * inodes have been written. The ordering is important. Linux' VFS is happily
245 * unaware of the ordering constraint and would ordinarily destroy the master
246 * inode at umount time while other inodes are still in use and dirty. Not
247 * good.
249 * So logfs makes sure the master inode is not written until all other inodes
250 * have been destroyed. Sadly, this method has another side-effect. The VFS
251 * will notice one remaining inode and print a frightening warning message.
252 * Worse, it is impossible to judge whether such a warning was caused by the
253 * master inode or any other inodes have leaked as well.
255 * Our attempt of solving this is with logfs_new_meta_inode() below. Its
256 * purpose is to create a new inode that will not trigger the warning if such
257 * an inode is still in use. An ugly hack, no doubt. Suggections for
258 * improvement are welcome.
260 * AV: that's what ->put_super() is for...
262 struct inode *logfs_new_meta_inode(struct super_block *sb, u64 ino)
264 struct inode *inode;
266 inode = new_inode(sb);
267 if (!inode)
268 return ERR_PTR(-ENOMEM);
270 inode->i_mode = S_IFREG;
271 inode->i_ino = ino;
272 inode->i_data.a_ops = &logfs_reg_aops;
273 mapping_set_gfp_mask(&inode->i_data, GFP_NOFS);
275 return inode;
278 struct inode *logfs_read_meta_inode(struct super_block *sb, u64 ino)
280 struct inode *inode;
281 int err;
283 inode = logfs_new_meta_inode(sb, ino);
284 if (IS_ERR(inode))
285 return inode;
287 err = logfs_read_inode(inode);
288 if (err) {
289 iput(inode);
290 return ERR_PTR(err);
292 logfs_inode_setops(inode);
293 return inode;
296 static int logfs_write_inode(struct inode *inode, struct writeback_control *wbc)
298 int ret;
299 long flags = WF_LOCK;
301 /* Can only happen if creat() failed. Safe to skip. */
302 if (logfs_inode(inode)->li_flags & LOGFS_IF_STILLBORN)
303 return 0;
305 ret = __logfs_write_inode(inode, NULL, flags);
306 LOGFS_BUG_ON(ret, inode->i_sb);
307 return ret;
310 /* called with inode->i_lock held */
311 static int logfs_drop_inode(struct inode *inode)
313 struct logfs_super *super = logfs_super(inode->i_sb);
314 struct logfs_inode *li = logfs_inode(inode);
316 spin_lock(&logfs_inode_lock);
317 list_move(&li->li_freeing_list, &super->s_freeing_list);
318 spin_unlock(&logfs_inode_lock);
319 return generic_drop_inode(inode);
322 static void logfs_set_ino_generation(struct super_block *sb,
323 struct inode *inode)
325 struct logfs_super *super = logfs_super(sb);
326 u64 ino;
328 mutex_lock(&super->s_journal_mutex);
329 ino = logfs_seek_hole(super->s_master_inode, super->s_last_ino + 1);
330 super->s_last_ino = ino;
331 super->s_inos_till_wrap--;
332 if (super->s_inos_till_wrap < 0) {
333 super->s_last_ino = LOGFS_RESERVED_INOS;
334 super->s_generation++;
335 super->s_inos_till_wrap = INOS_PER_WRAP;
337 inode->i_ino = ino;
338 inode->i_generation = super->s_generation;
339 mutex_unlock(&super->s_journal_mutex);
342 struct inode *logfs_new_inode(struct inode *dir, umode_t mode)
344 struct super_block *sb = dir->i_sb;
345 struct inode *inode;
347 inode = new_inode(sb);
348 if (!inode)
349 return ERR_PTR(-ENOMEM);
351 logfs_init_inode(sb, inode);
353 /* inherit parent flags */
354 logfs_inode(inode)->li_flags |=
355 logfs_inode(dir)->li_flags & LOGFS_FL_INHERITED;
357 inode->i_mode = mode;
358 logfs_set_ino_generation(sb, inode);
360 inode_init_owner(inode, dir, mode);
361 logfs_inode_setops(inode);
362 insert_inode_hash(inode);
364 return inode;
367 static void logfs_init_once(void *_li)
369 struct logfs_inode *li = _li;
370 int i;
372 li->li_flags = 0;
373 li->li_used_bytes = 0;
374 li->li_refcount = 1;
375 for (i = 0; i < LOGFS_EMBEDDED_FIELDS; i++)
376 li->li_data[i] = 0;
377 inode_init_once(&li->vfs_inode);
380 static int logfs_sync_fs(struct super_block *sb, int wait)
382 logfs_get_wblocks(sb, NULL, WF_LOCK);
383 logfs_write_anchor(sb);
384 logfs_put_wblocks(sb, NULL, WF_LOCK);
385 return 0;
388 static void logfs_put_super(struct super_block *sb)
390 struct logfs_super *super = logfs_super(sb);
391 /* kill the meta-inodes */
392 iput(super->s_segfile_inode);
393 iput(super->s_master_inode);
394 iput(super->s_mapping_inode);
397 const struct super_operations logfs_super_operations = {
398 .alloc_inode = logfs_alloc_inode,
399 .destroy_inode = logfs_destroy_inode,
400 .evict_inode = logfs_evict_inode,
401 .drop_inode = logfs_drop_inode,
402 .put_super = logfs_put_super,
403 .write_inode = logfs_write_inode,
404 .statfs = logfs_statfs,
405 .sync_fs = logfs_sync_fs,
408 int logfs_init_inode_cache(void)
410 logfs_inode_cache = kmem_cache_create("logfs_inode_cache",
411 sizeof(struct logfs_inode), 0, SLAB_RECLAIM_ACCOUNT,
412 logfs_init_once);
413 if (!logfs_inode_cache)
414 return -ENOMEM;
415 return 0;
418 void logfs_destroy_inode_cache(void)
421 * Make sure all delayed rcu free inodes are flushed before we
422 * destroy cache.
424 rcu_barrier();
425 kmem_cache_destroy(logfs_inode_cache);