332 lines
8.4 KiB
C
332 lines
8.4 KiB
C
// SPDX-License-Identifier: GPL-2.0
|
|
/*
|
|
* Copyright (c) 2022 Fujitsu. All Rights Reserved.
|
|
*/
|
|
|
|
#include "xfs.h"
|
|
#include "xfs_shared.h"
|
|
#include "xfs_format.h"
|
|
#include "xfs_log_format.h"
|
|
#include "xfs_trans_resv.h"
|
|
#include "xfs_mount.h"
|
|
#include "xfs_alloc.h"
|
|
#include "xfs_bit.h"
|
|
#include "xfs_btree.h"
|
|
#include "xfs_inode.h"
|
|
#include "xfs_icache.h"
|
|
#include "xfs_rmap.h"
|
|
#include "xfs_rmap_btree.h"
|
|
#include "xfs_rtalloc.h"
|
|
#include "xfs_trans.h"
|
|
#include "xfs_ag.h"
|
|
|
|
#include <linux/mm.h>
|
|
#include <linux/dax.h>
|
|
#include <linux/fs.h>
|
|
|
|
struct xfs_failure_info {
|
|
xfs_agblock_t startblock;
|
|
xfs_extlen_t blockcount;
|
|
int mf_flags;
|
|
bool want_shutdown;
|
|
};
|
|
|
|
static pgoff_t
|
|
xfs_failure_pgoff(
|
|
struct xfs_mount *mp,
|
|
const struct xfs_rmap_irec *rec,
|
|
const struct xfs_failure_info *notify)
|
|
{
|
|
loff_t pos = XFS_FSB_TO_B(mp, rec->rm_offset);
|
|
|
|
if (notify->startblock > rec->rm_startblock)
|
|
pos += XFS_FSB_TO_B(mp,
|
|
notify->startblock - rec->rm_startblock);
|
|
return pos >> PAGE_SHIFT;
|
|
}
|
|
|
|
static unsigned long
|
|
xfs_failure_pgcnt(
|
|
struct xfs_mount *mp,
|
|
const struct xfs_rmap_irec *rec,
|
|
const struct xfs_failure_info *notify)
|
|
{
|
|
xfs_agblock_t end_rec;
|
|
xfs_agblock_t end_notify;
|
|
xfs_agblock_t start_cross;
|
|
xfs_agblock_t end_cross;
|
|
|
|
start_cross = max(rec->rm_startblock, notify->startblock);
|
|
|
|
end_rec = rec->rm_startblock + rec->rm_blockcount;
|
|
end_notify = notify->startblock + notify->blockcount;
|
|
end_cross = min(end_rec, end_notify);
|
|
|
|
return XFS_FSB_TO_B(mp, end_cross - start_cross) >> PAGE_SHIFT;
|
|
}
|
|
|
|
static int
|
|
xfs_dax_failure_fn(
|
|
struct xfs_btree_cur *cur,
|
|
const struct xfs_rmap_irec *rec,
|
|
void *data)
|
|
{
|
|
struct xfs_mount *mp = cur->bc_mp;
|
|
struct xfs_inode *ip;
|
|
struct xfs_failure_info *notify = data;
|
|
struct address_space *mapping;
|
|
pgoff_t pgoff;
|
|
unsigned long pgcnt;
|
|
int error = 0;
|
|
|
|
if (XFS_RMAP_NON_INODE_OWNER(rec->rm_owner) ||
|
|
(rec->rm_flags & (XFS_RMAP_ATTR_FORK | XFS_RMAP_BMBT_BLOCK))) {
|
|
/* Continue the query because this isn't a failure. */
|
|
if (notify->mf_flags & MF_MEM_PRE_REMOVE)
|
|
return 0;
|
|
notify->want_shutdown = true;
|
|
return 0;
|
|
}
|
|
|
|
/* Get files that incore, filter out others that are not in use. */
|
|
error = xfs_iget(mp, cur->bc_tp, rec->rm_owner, XFS_IGET_INCORE,
|
|
0, &ip);
|
|
/* Continue the rmap query if the inode isn't incore */
|
|
if (error == -ENODATA)
|
|
return 0;
|
|
if (error) {
|
|
notify->want_shutdown = true;
|
|
return 0;
|
|
}
|
|
|
|
mapping = VFS_I(ip)->i_mapping;
|
|
pgoff = xfs_failure_pgoff(mp, rec, notify);
|
|
pgcnt = xfs_failure_pgcnt(mp, rec, notify);
|
|
|
|
/* Continue the rmap query if the inode isn't a dax file. */
|
|
if (dax_mapping(mapping))
|
|
error = mf_dax_kill_procs(mapping, pgoff, pgcnt,
|
|
notify->mf_flags);
|
|
|
|
/* Invalidate the cache in dax pages. */
|
|
if (notify->mf_flags & MF_MEM_PRE_REMOVE)
|
|
invalidate_inode_pages2_range(mapping, pgoff,
|
|
pgoff + pgcnt - 1);
|
|
|
|
xfs_irele(ip);
|
|
return error;
|
|
}
|
|
|
|
static int
|
|
xfs_dax_notify_failure_freeze(
|
|
struct xfs_mount *mp)
|
|
{
|
|
struct super_block *sb = mp->m_super;
|
|
int error;
|
|
|
|
error = freeze_super(sb, FREEZE_HOLDER_KERNEL);
|
|
if (error)
|
|
xfs_emerg(mp, "already frozen by kernel, err=%d", error);
|
|
|
|
return error;
|
|
}
|
|
|
|
static void
|
|
xfs_dax_notify_failure_thaw(
|
|
struct xfs_mount *mp,
|
|
bool kernel_frozen)
|
|
{
|
|
struct super_block *sb = mp->m_super;
|
|
int error;
|
|
|
|
if (kernel_frozen) {
|
|
error = thaw_super(sb, FREEZE_HOLDER_KERNEL);
|
|
if (error)
|
|
xfs_emerg(mp, "still frozen after notify failure, err=%d",
|
|
error);
|
|
}
|
|
|
|
/*
|
|
* Also thaw userspace call anyway because the device is about to be
|
|
* removed immediately.
|
|
*/
|
|
thaw_super(sb, FREEZE_HOLDER_USERSPACE);
|
|
}
|
|
|
|
static int
|
|
xfs_dax_notify_ddev_failure(
|
|
struct xfs_mount *mp,
|
|
xfs_daddr_t daddr,
|
|
xfs_daddr_t bblen,
|
|
int mf_flags)
|
|
{
|
|
struct xfs_failure_info notify = { .mf_flags = mf_flags };
|
|
struct xfs_trans *tp = NULL;
|
|
struct xfs_btree_cur *cur = NULL;
|
|
struct xfs_buf *agf_bp = NULL;
|
|
int error = 0;
|
|
bool kernel_frozen = false;
|
|
xfs_fsblock_t fsbno = XFS_DADDR_TO_FSB(mp, daddr);
|
|
xfs_agnumber_t agno = XFS_FSB_TO_AGNO(mp, fsbno);
|
|
xfs_fsblock_t end_fsbno = XFS_DADDR_TO_FSB(mp,
|
|
daddr + bblen - 1);
|
|
xfs_agnumber_t end_agno = XFS_FSB_TO_AGNO(mp, end_fsbno);
|
|
|
|
if (mf_flags & MF_MEM_PRE_REMOVE) {
|
|
xfs_info(mp, "Device is about to be removed!");
|
|
/*
|
|
* Freeze fs to prevent new mappings from being created.
|
|
* - Keep going on if others already hold the kernel forzen.
|
|
* - Keep going on if other errors too because this device is
|
|
* starting to fail.
|
|
* - If kernel frozen state is hold successfully here, thaw it
|
|
* here as well at the end.
|
|
*/
|
|
kernel_frozen = xfs_dax_notify_failure_freeze(mp) == 0;
|
|
}
|
|
|
|
error = xfs_trans_alloc_empty(mp, &tp);
|
|
if (error)
|
|
goto out;
|
|
|
|
for (; agno <= end_agno; agno++) {
|
|
struct xfs_rmap_irec ri_low = { };
|
|
struct xfs_rmap_irec ri_high;
|
|
struct xfs_agf *agf;
|
|
struct xfs_perag *pag;
|
|
xfs_agblock_t range_agend;
|
|
|
|
pag = xfs_perag_get(mp, agno);
|
|
error = xfs_alloc_read_agf(pag, tp, 0, &agf_bp);
|
|
if (error) {
|
|
xfs_perag_put(pag);
|
|
break;
|
|
}
|
|
|
|
cur = xfs_rmapbt_init_cursor(mp, tp, agf_bp, pag);
|
|
|
|
/*
|
|
* Set the rmap range from ri_low to ri_high, which represents
|
|
* a [start, end] where we looking for the files or metadata.
|
|
*/
|
|
memset(&ri_high, 0xFF, sizeof(ri_high));
|
|
ri_low.rm_startblock = XFS_FSB_TO_AGBNO(mp, fsbno);
|
|
if (agno == end_agno)
|
|
ri_high.rm_startblock = XFS_FSB_TO_AGBNO(mp, end_fsbno);
|
|
|
|
agf = agf_bp->b_addr;
|
|
range_agend = min(be32_to_cpu(agf->agf_length) - 1,
|
|
ri_high.rm_startblock);
|
|
notify.startblock = ri_low.rm_startblock;
|
|
notify.blockcount = range_agend + 1 - ri_low.rm_startblock;
|
|
|
|
error = xfs_rmap_query_range(cur, &ri_low, &ri_high,
|
|
xfs_dax_failure_fn, ¬ify);
|
|
xfs_btree_del_cursor(cur, error);
|
|
xfs_trans_brelse(tp, agf_bp);
|
|
xfs_perag_put(pag);
|
|
if (error)
|
|
break;
|
|
|
|
fsbno = XFS_AGB_TO_FSB(mp, agno + 1, 0);
|
|
}
|
|
|
|
xfs_trans_cancel(tp);
|
|
|
|
/*
|
|
* Shutdown fs from a force umount in pre-remove case which won't fail,
|
|
* so errors can be ignored. Otherwise, shutdown the filesystem with
|
|
* CORRUPT flag if error occured or notify.want_shutdown was set during
|
|
* RMAP querying.
|
|
*/
|
|
if (mf_flags & MF_MEM_PRE_REMOVE)
|
|
xfs_force_shutdown(mp, SHUTDOWN_FORCE_UMOUNT);
|
|
else if (error || notify.want_shutdown) {
|
|
xfs_force_shutdown(mp, SHUTDOWN_CORRUPT_ONDISK);
|
|
if (!error)
|
|
error = -EFSCORRUPTED;
|
|
}
|
|
|
|
out:
|
|
/* Thaw the fs if it has been frozen before. */
|
|
if (mf_flags & MF_MEM_PRE_REMOVE)
|
|
xfs_dax_notify_failure_thaw(mp, kernel_frozen);
|
|
|
|
return error;
|
|
}
|
|
|
|
static int
|
|
xfs_dax_notify_failure(
|
|
struct dax_device *dax_dev,
|
|
u64 offset,
|
|
u64 len,
|
|
int mf_flags)
|
|
{
|
|
struct xfs_mount *mp = dax_holder(dax_dev);
|
|
u64 ddev_start;
|
|
u64 ddev_end;
|
|
|
|
if (!(mp->m_super->s_flags & SB_BORN)) {
|
|
xfs_warn(mp, "filesystem is not ready for notify_failure()!");
|
|
return -EIO;
|
|
}
|
|
|
|
if (mp->m_rtdev_targp && mp->m_rtdev_targp->bt_daxdev == dax_dev) {
|
|
xfs_debug(mp,
|
|
"notify_failure() not supported on realtime device!");
|
|
return -EOPNOTSUPP;
|
|
}
|
|
|
|
if (mp->m_logdev_targp && mp->m_logdev_targp->bt_daxdev == dax_dev &&
|
|
mp->m_logdev_targp != mp->m_ddev_targp) {
|
|
/*
|
|
* In the pre-remove case the failure notification is attempting
|
|
* to trigger a force unmount. The expectation is that the
|
|
* device is still present, but its removal is in progress and
|
|
* can not be cancelled, proceed with accessing the log device.
|
|
*/
|
|
if (mf_flags & MF_MEM_PRE_REMOVE)
|
|
return 0;
|
|
xfs_err(mp, "ondisk log corrupt, shutting down fs!");
|
|
xfs_force_shutdown(mp, SHUTDOWN_CORRUPT_ONDISK);
|
|
return -EFSCORRUPTED;
|
|
}
|
|
|
|
if (!xfs_has_rmapbt(mp)) {
|
|
xfs_debug(mp, "notify_failure() needs rmapbt enabled!");
|
|
return -EOPNOTSUPP;
|
|
}
|
|
|
|
ddev_start = mp->m_ddev_targp->bt_dax_part_off;
|
|
ddev_end = ddev_start + bdev_nr_bytes(mp->m_ddev_targp->bt_bdev) - 1;
|
|
|
|
/* Notify failure on the whole device. */
|
|
if (offset == 0 && len == U64_MAX) {
|
|
offset = ddev_start;
|
|
len = bdev_nr_bytes(mp->m_ddev_targp->bt_bdev);
|
|
}
|
|
|
|
/* Ignore the range out of filesystem area */
|
|
if (offset + len - 1 < ddev_start)
|
|
return -ENXIO;
|
|
if (offset > ddev_end)
|
|
return -ENXIO;
|
|
|
|
/* Calculate the real range when it touches the boundary */
|
|
if (offset > ddev_start)
|
|
offset -= ddev_start;
|
|
else {
|
|
len -= ddev_start - offset;
|
|
offset = 0;
|
|
}
|
|
if (offset + len - 1 > ddev_end)
|
|
len = ddev_end - offset + 1;
|
|
|
|
return xfs_dax_notify_ddev_failure(mp, BTOBB(offset), BTOBB(len),
|
|
mf_flags);
|
|
}
|
|
|
|
const struct dax_holder_operations xfs_dax_holder_operations = {
|
|
.notify_failure = xfs_dax_notify_failure,
|
|
};
|