1 /* 2 * linux/fs/jbd2/journal.c 3 * 4 * Written by Stephen C. Tweedie <sct@redhat.com>, 1998 5 * 6 * Copyright 1998 Red Hat corp --- All Rights Reserved 7 * 8 * This file is part of the Linux kernel and is made available under 9 * the terms of the GNU General Public License, version 2, or at your 10 * option, any later version, incorporated herein by reference. 11 * 12 * Generic filesystem journal-writing code; part of the ext2fs 13 * journaling system. 14 * 15 * This file manages journals: areas of disk reserved for logging 16 * transactional updates. This includes the kernel journaling thread 17 * which is responsible for scheduling updates to the log. 18 * 19 * We do not actually manage the physical storage of the journal in this 20 * file: that is left to a per-journal policy function, which allows us 21 * to store the journal within a filesystem-specified area for ext2 22 * journaling (ext2 can use a reserved inode for storing the log). 23 */ 24 25 #include <linux/module.h> 26 #include <linux/time.h> 27 #include <linux/fs.h> 28 #include <linux/jbd2.h> 29 #include <linux/errno.h> 30 #include <linux/slab.h> 31 #include <linux/init.h> 32 #include <linux/mm.h> 33 #include <linux/freezer.h> 34 #include <linux/pagemap.h> 35 #include <linux/kthread.h> 36 #include <linux/poison.h> 37 #include <linux/proc_fs.h> 38 #include <linux/debugfs.h> 39 40 #include <asm/uaccess.h> 41 #include <asm/page.h> 42 43 EXPORT_SYMBOL(jbd2_journal_start); 44 EXPORT_SYMBOL(jbd2_journal_restart); 45 EXPORT_SYMBOL(jbd2_journal_extend); 46 EXPORT_SYMBOL(jbd2_journal_stop); 47 EXPORT_SYMBOL(jbd2_journal_lock_updates); 48 EXPORT_SYMBOL(jbd2_journal_unlock_updates); 49 EXPORT_SYMBOL(jbd2_journal_get_write_access); 50 EXPORT_SYMBOL(jbd2_journal_get_create_access); 51 EXPORT_SYMBOL(jbd2_journal_get_undo_access); 52 EXPORT_SYMBOL(jbd2_journal_dirty_data); 53 EXPORT_SYMBOL(jbd2_journal_dirty_metadata); 54 EXPORT_SYMBOL(jbd2_journal_release_buffer); 55 EXPORT_SYMBOL(jbd2_journal_forget); 56 #if 0 57 EXPORT_SYMBOL(journal_sync_buffer); 58 #endif 59 EXPORT_SYMBOL(jbd2_journal_flush); 60 EXPORT_SYMBOL(jbd2_journal_revoke); 61 62 EXPORT_SYMBOL(jbd2_journal_init_dev); 63 EXPORT_SYMBOL(jbd2_journal_init_inode); 64 EXPORT_SYMBOL(jbd2_journal_update_format); 65 EXPORT_SYMBOL(jbd2_journal_check_used_features); 66 EXPORT_SYMBOL(jbd2_journal_check_available_features); 67 EXPORT_SYMBOL(jbd2_journal_set_features); 68 EXPORT_SYMBOL(jbd2_journal_create); 69 EXPORT_SYMBOL(jbd2_journal_load); 70 EXPORT_SYMBOL(jbd2_journal_destroy); 71 EXPORT_SYMBOL(jbd2_journal_update_superblock); 72 EXPORT_SYMBOL(jbd2_journal_abort); 73 EXPORT_SYMBOL(jbd2_journal_errno); 74 EXPORT_SYMBOL(jbd2_journal_ack_err); 75 EXPORT_SYMBOL(jbd2_journal_clear_err); 76 EXPORT_SYMBOL(jbd2_log_wait_commit); 77 EXPORT_SYMBOL(jbd2_journal_start_commit); 78 EXPORT_SYMBOL(jbd2_journal_force_commit_nested); 79 EXPORT_SYMBOL(jbd2_journal_wipe); 80 EXPORT_SYMBOL(jbd2_journal_blocks_per_page); 81 EXPORT_SYMBOL(jbd2_journal_invalidatepage); 82 EXPORT_SYMBOL(jbd2_journal_try_to_free_buffers); 83 EXPORT_SYMBOL(jbd2_journal_force_commit); 84 85 static int journal_convert_superblock_v1(journal_t *, journal_superblock_t *); 86 static void __journal_abort_soft (journal_t *journal, int errno); 87 88 /* 89 * Helper function used to manage commit timeouts 90 */ 91 92 static void commit_timeout(unsigned long __data) 93 { 94 struct task_struct * p = (struct task_struct *) __data; 95 96 wake_up_process(p); 97 } 98 99 /* 100 * kjournald2: The main thread function used to manage a logging device 101 * journal. 102 * 103 * This kernel thread is responsible for two things: 104 * 105 * 1) COMMIT: Every so often we need to commit the current state of the 106 * filesystem to disk. The journal thread is responsible for writing 107 * all of the metadata buffers to disk. 108 * 109 * 2) CHECKPOINT: We cannot reuse a used section of the log file until all 110 * of the data in that part of the log has been rewritten elsewhere on 111 * the disk. Flushing these old buffers to reclaim space in the log is 112 * known as checkpointing, and this thread is responsible for that job. 113 */ 114 115 static int kjournald2(void *arg) 116 { 117 journal_t *journal = arg; 118 transaction_t *transaction; 119 120 /* 121 * Set up an interval timer which can be used to trigger a commit wakeup 122 * after the commit interval expires 123 */ 124 setup_timer(&journal->j_commit_timer, commit_timeout, 125 (unsigned long)current); 126 127 /* Record that the journal thread is running */ 128 journal->j_task = current; 129 wake_up(&journal->j_wait_done_commit); 130 131 printk(KERN_INFO "kjournald2 starting. Commit interval %ld seconds\n", 132 journal->j_commit_interval / HZ); 133 134 /* 135 * And now, wait forever for commit wakeup events. 136 */ 137 spin_lock(&journal->j_state_lock); 138 139 loop: 140 if (journal->j_flags & JBD2_UNMOUNT) 141 goto end_loop; 142 143 jbd_debug(1, "commit_sequence=%d, commit_request=%d\n", 144 journal->j_commit_sequence, journal->j_commit_request); 145 146 if (journal->j_commit_sequence != journal->j_commit_request) { 147 jbd_debug(1, "OK, requests differ\n"); 148 spin_unlock(&journal->j_state_lock); 149 del_timer_sync(&journal->j_commit_timer); 150 jbd2_journal_commit_transaction(journal); 151 spin_lock(&journal->j_state_lock); 152 goto loop; 153 } 154 155 wake_up(&journal->j_wait_done_commit); 156 if (freezing(current)) { 157 /* 158 * The simpler the better. Flushing journal isn't a 159 * good idea, because that depends on threads that may 160 * be already stopped. 161 */ 162 jbd_debug(1, "Now suspending kjournald2\n"); 163 spin_unlock(&journal->j_state_lock); 164 refrigerator(); 165 spin_lock(&journal->j_state_lock); 166 } else { 167 /* 168 * We assume on resume that commits are already there, 169 * so we don't sleep 170 */ 171 DEFINE_WAIT(wait); 172 int should_sleep = 1; 173 174 prepare_to_wait(&journal->j_wait_commit, &wait, 175 TASK_INTERRUPTIBLE); 176 if (journal->j_commit_sequence != journal->j_commit_request) 177 should_sleep = 0; 178 transaction = journal->j_running_transaction; 179 if (transaction && time_after_eq(jiffies, 180 transaction->t_expires)) 181 should_sleep = 0; 182 if (journal->j_flags & JBD2_UNMOUNT) 183 should_sleep = 0; 184 if (should_sleep) { 185 spin_unlock(&journal->j_state_lock); 186 schedule(); 187 spin_lock(&journal->j_state_lock); 188 } 189 finish_wait(&journal->j_wait_commit, &wait); 190 } 191 192 jbd_debug(1, "kjournald2 wakes\n"); 193 194 /* 195 * Were we woken up by a commit wakeup event? 196 */ 197 transaction = journal->j_running_transaction; 198 if (transaction && time_after_eq(jiffies, transaction->t_expires)) { 199 journal->j_commit_request = transaction->t_tid; 200 jbd_debug(1, "woke because of timeout\n"); 201 } 202 goto loop; 203 204 end_loop: 205 spin_unlock(&journal->j_state_lock); 206 del_timer_sync(&journal->j_commit_timer); 207 journal->j_task = NULL; 208 wake_up(&journal->j_wait_done_commit); 209 jbd_debug(1, "Journal thread exiting.\n"); 210 return 0; 211 } 212 213 static int jbd2_journal_start_thread(journal_t *journal) 214 { 215 struct task_struct *t; 216 217 t = kthread_run(kjournald2, journal, "kjournald2"); 218 if (IS_ERR(t)) 219 return PTR_ERR(t); 220 221 wait_event(journal->j_wait_done_commit, journal->j_task != 0); 222 return 0; 223 } 224 225 static void journal_kill_thread(journal_t *journal) 226 { 227 spin_lock(&journal->j_state_lock); 228 journal->j_flags |= JBD2_UNMOUNT; 229 230 while (journal->j_task) { 231 wake_up(&journal->j_wait_commit); 232 spin_unlock(&journal->j_state_lock); 233 wait_event(journal->j_wait_done_commit, journal->j_task == 0); 234 spin_lock(&journal->j_state_lock); 235 } 236 spin_unlock(&journal->j_state_lock); 237 } 238 239 /* 240 * jbd2_journal_write_metadata_buffer: write a metadata buffer to the journal. 241 * 242 * Writes a metadata buffer to a given disk block. The actual IO is not 243 * performed but a new buffer_head is constructed which labels the data 244 * to be written with the correct destination disk block. 245 * 246 * Any magic-number escaping which needs to be done will cause a 247 * copy-out here. If the buffer happens to start with the 248 * JBD2_MAGIC_NUMBER, then we can't write it to the log directly: the 249 * magic number is only written to the log for descripter blocks. In 250 * this case, we copy the data and replace the first word with 0, and we 251 * return a result code which indicates that this buffer needs to be 252 * marked as an escaped buffer in the corresponding log descriptor 253 * block. The missing word can then be restored when the block is read 254 * during recovery. 255 * 256 * If the source buffer has already been modified by a new transaction 257 * since we took the last commit snapshot, we use the frozen copy of 258 * that data for IO. If we end up using the existing buffer_head's data 259 * for the write, then we *have* to lock the buffer to prevent anyone 260 * else from using and possibly modifying it while the IO is in 261 * progress. 262 * 263 * The function returns a pointer to the buffer_heads to be used for IO. 264 * 265 * We assume that the journal has already been locked in this function. 266 * 267 * Return value: 268 * <0: Error 269 * >=0: Finished OK 270 * 271 * On success: 272 * Bit 0 set == escape performed on the data 273 * Bit 1 set == buffer copy-out performed (kfree the data after IO) 274 */ 275 276 int jbd2_journal_write_metadata_buffer(transaction_t *transaction, 277 struct journal_head *jh_in, 278 struct journal_head **jh_out, 279 unsigned long long blocknr) 280 { 281 int need_copy_out = 0; 282 int done_copy_out = 0; 283 int do_escape = 0; 284 char *mapped_data; 285 struct buffer_head *new_bh; 286 struct journal_head *new_jh; 287 struct page *new_page; 288 unsigned int new_offset; 289 struct buffer_head *bh_in = jh2bh(jh_in); 290 291 /* 292 * The buffer really shouldn't be locked: only the current committing 293 * transaction is allowed to write it, so nobody else is allowed 294 * to do any IO. 295 * 296 * akpm: except if we're journalling data, and write() output is 297 * also part of a shared mapping, and another thread has 298 * decided to launch a writepage() against this buffer. 299 */ 300 J_ASSERT_BH(bh_in, buffer_jbddirty(bh_in)); 301 302 new_bh = alloc_buffer_head(GFP_NOFS|__GFP_NOFAIL); 303 304 /* 305 * If a new transaction has already done a buffer copy-out, then 306 * we use that version of the data for the commit. 307 */ 308 jbd_lock_bh_state(bh_in); 309 repeat: 310 if (jh_in->b_frozen_data) { 311 done_copy_out = 1; 312 new_page = virt_to_page(jh_in->b_frozen_data); 313 new_offset = offset_in_page(jh_in->b_frozen_data); 314 } else { 315 new_page = jh2bh(jh_in)->b_page; 316 new_offset = offset_in_page(jh2bh(jh_in)->b_data); 317 } 318 319 mapped_data = kmap_atomic(new_page, KM_USER0); 320 /* 321 * Check for escaping 322 */ 323 if (*((__be32 *)(mapped_data + new_offset)) == 324 cpu_to_be32(JBD2_MAGIC_NUMBER)) { 325 need_copy_out = 1; 326 do_escape = 1; 327 } 328 kunmap_atomic(mapped_data, KM_USER0); 329 330 /* 331 * Do we need to do a data copy? 332 */ 333 if (need_copy_out && !done_copy_out) { 334 char *tmp; 335 336 jbd_unlock_bh_state(bh_in); 337 tmp = jbd2_alloc(bh_in->b_size, GFP_NOFS); 338 jbd_lock_bh_state(bh_in); 339 if (jh_in->b_frozen_data) { 340 jbd2_free(tmp, bh_in->b_size); 341 goto repeat; 342 } 343 344 jh_in->b_frozen_data = tmp; 345 mapped_data = kmap_atomic(new_page, KM_USER0); 346 memcpy(tmp, mapped_data + new_offset, jh2bh(jh_in)->b_size); 347 kunmap_atomic(mapped_data, KM_USER0); 348 349 new_page = virt_to_page(tmp); 350 new_offset = offset_in_page(tmp); 351 done_copy_out = 1; 352 } 353 354 /* 355 * Did we need to do an escaping? Now we've done all the 356 * copying, we can finally do so. 357 */ 358 if (do_escape) { 359 mapped_data = kmap_atomic(new_page, KM_USER0); 360 *((unsigned int *)(mapped_data + new_offset)) = 0; 361 kunmap_atomic(mapped_data, KM_USER0); 362 } 363 364 /* keep subsequent assertions sane */ 365 new_bh->b_state = 0; 366 init_buffer(new_bh, NULL, NULL); 367 atomic_set(&new_bh->b_count, 1); 368 jbd_unlock_bh_state(bh_in); 369 370 new_jh = jbd2_journal_add_journal_head(new_bh); /* This sleeps */ 371 372 set_bh_page(new_bh, new_page, new_offset); 373 new_jh->b_transaction = NULL; 374 new_bh->b_size = jh2bh(jh_in)->b_size; 375 new_bh->b_bdev = transaction->t_journal->j_dev; 376 new_bh->b_blocknr = blocknr; 377 set_buffer_mapped(new_bh); 378 set_buffer_dirty(new_bh); 379 380 *jh_out = new_jh; 381 382 /* 383 * The to-be-written buffer needs to get moved to the io queue, 384 * and the original buffer whose contents we are shadowing or 385 * copying is moved to the transaction's shadow queue. 386 */ 387 JBUFFER_TRACE(jh_in, "file as BJ_Shadow"); 388 jbd2_journal_file_buffer(jh_in, transaction, BJ_Shadow); 389 JBUFFER_TRACE(new_jh, "file as BJ_IO"); 390 jbd2_journal_file_buffer(new_jh, transaction, BJ_IO); 391 392 return do_escape | (done_copy_out << 1); 393 } 394 395 /* 396 * Allocation code for the journal file. Manage the space left in the 397 * journal, so that we can begin checkpointing when appropriate. 398 */ 399 400 /* 401 * __jbd2_log_space_left: Return the number of free blocks left in the journal. 402 * 403 * Called with the journal already locked. 404 * 405 * Called under j_state_lock 406 */ 407 408 int __jbd2_log_space_left(journal_t *journal) 409 { 410 int left = journal->j_free; 411 412 assert_spin_locked(&journal->j_state_lock); 413 414 /* 415 * Be pessimistic here about the number of those free blocks which 416 * might be required for log descriptor control blocks. 417 */ 418 419 #define MIN_LOG_RESERVED_BLOCKS 32 /* Allow for rounding errors */ 420 421 left -= MIN_LOG_RESERVED_BLOCKS; 422 423 if (left <= 0) 424 return 0; 425 left -= (left >> 3); 426 return left; 427 } 428 429 /* 430 * Called under j_state_lock. Returns true if a transaction was started. 431 */ 432 int __jbd2_log_start_commit(journal_t *journal, tid_t target) 433 { 434 /* 435 * Are we already doing a recent enough commit? 436 */ 437 if (!tid_geq(journal->j_commit_request, target)) { 438 /* 439 * We want a new commit: OK, mark the request and wakup the 440 * commit thread. We do _not_ do the commit ourselves. 441 */ 442 443 journal->j_commit_request = target; 444 jbd_debug(1, "JBD: requesting commit %d/%d\n", 445 journal->j_commit_request, 446 journal->j_commit_sequence); 447 wake_up(&journal->j_wait_commit); 448 return 1; 449 } 450 return 0; 451 } 452 453 int jbd2_log_start_commit(journal_t *journal, tid_t tid) 454 { 455 int ret; 456 457 spin_lock(&journal->j_state_lock); 458 ret = __jbd2_log_start_commit(journal, tid); 459 spin_unlock(&journal->j_state_lock); 460 return ret; 461 } 462 463 /* 464 * Force and wait upon a commit if the calling process is not within 465 * transaction. This is used for forcing out undo-protected data which contains 466 * bitmaps, when the fs is running out of space. 467 * 468 * We can only force the running transaction if we don't have an active handle; 469 * otherwise, we will deadlock. 470 * 471 * Returns true if a transaction was started. 472 */ 473 int jbd2_journal_force_commit_nested(journal_t *journal) 474 { 475 transaction_t *transaction = NULL; 476 tid_t tid; 477 478 spin_lock(&journal->j_state_lock); 479 if (journal->j_running_transaction && !current->journal_info) { 480 transaction = journal->j_running_transaction; 481 __jbd2_log_start_commit(journal, transaction->t_tid); 482 } else if (journal->j_committing_transaction) 483 transaction = journal->j_committing_transaction; 484 485 if (!transaction) { 486 spin_unlock(&journal->j_state_lock); 487 return 0; /* Nothing to retry */ 488 } 489 490 tid = transaction->t_tid; 491 spin_unlock(&journal->j_state_lock); 492 jbd2_log_wait_commit(journal, tid); 493 return 1; 494 } 495 496 /* 497 * Start a commit of the current running transaction (if any). Returns true 498 * if a transaction was started, and fills its tid in at *ptid 499 */ 500 int jbd2_journal_start_commit(journal_t *journal, tid_t *ptid) 501 { 502 int ret = 0; 503 504 spin_lock(&journal->j_state_lock); 505 if (journal->j_running_transaction) { 506 tid_t tid = journal->j_running_transaction->t_tid; 507 508 ret = __jbd2_log_start_commit(journal, tid); 509 if (ret && ptid) 510 *ptid = tid; 511 } else if (journal->j_committing_transaction && ptid) { 512 /* 513 * If ext3_write_super() recently started a commit, then we 514 * have to wait for completion of that transaction 515 */ 516 *ptid = journal->j_committing_transaction->t_tid; 517 ret = 1; 518 } 519 spin_unlock(&journal->j_state_lock); 520 return ret; 521 } 522 523 /* 524 * Wait for a specified commit to complete. 525 * The caller may not hold the journal lock. 526 */ 527 int jbd2_log_wait_commit(journal_t *journal, tid_t tid) 528 { 529 int err = 0; 530 531 #ifdef CONFIG_JBD2_DEBUG 532 spin_lock(&journal->j_state_lock); 533 if (!tid_geq(journal->j_commit_request, tid)) { 534 printk(KERN_EMERG 535 "%s: error: j_commit_request=%d, tid=%d\n", 536 __FUNCTION__, journal->j_commit_request, tid); 537 } 538 spin_unlock(&journal->j_state_lock); 539 #endif 540 spin_lock(&journal->j_state_lock); 541 while (tid_gt(tid, journal->j_commit_sequence)) { 542 jbd_debug(1, "JBD: want %d, j_commit_sequence=%d\n", 543 tid, journal->j_commit_sequence); 544 wake_up(&journal->j_wait_commit); 545 spin_unlock(&journal->j_state_lock); 546 wait_event(journal->j_wait_done_commit, 547 !tid_gt(tid, journal->j_commit_sequence)); 548 spin_lock(&journal->j_state_lock); 549 } 550 spin_unlock(&journal->j_state_lock); 551 552 if (unlikely(is_journal_aborted(journal))) { 553 printk(KERN_EMERG "journal commit I/O error\n"); 554 err = -EIO; 555 } 556 return err; 557 } 558 559 /* 560 * Log buffer allocation routines: 561 */ 562 563 int jbd2_journal_next_log_block(journal_t *journal, unsigned long long *retp) 564 { 565 unsigned long blocknr; 566 567 spin_lock(&journal->j_state_lock); 568 J_ASSERT(journal->j_free > 1); 569 570 blocknr = journal->j_head; 571 journal->j_head++; 572 journal->j_free--; 573 if (journal->j_head == journal->j_last) 574 journal->j_head = journal->j_first; 575 spin_unlock(&journal->j_state_lock); 576 return jbd2_journal_bmap(journal, blocknr, retp); 577 } 578 579 /* 580 * Conversion of logical to physical block numbers for the journal 581 * 582 * On external journals the journal blocks are identity-mapped, so 583 * this is a no-op. If needed, we can use j_blk_offset - everything is 584 * ready. 585 */ 586 int jbd2_journal_bmap(journal_t *journal, unsigned long blocknr, 587 unsigned long long *retp) 588 { 589 int err = 0; 590 unsigned long long ret; 591 592 if (journal->j_inode) { 593 ret = bmap(journal->j_inode, blocknr); 594 if (ret) 595 *retp = ret; 596 else { 597 char b[BDEVNAME_SIZE]; 598 599 printk(KERN_ALERT "%s: journal block not found " 600 "at offset %lu on %s\n", 601 __FUNCTION__, 602 blocknr, 603 bdevname(journal->j_dev, b)); 604 err = -EIO; 605 __journal_abort_soft(journal, err); 606 } 607 } else { 608 *retp = blocknr; /* +journal->j_blk_offset */ 609 } 610 return err; 611 } 612 613 /* 614 * We play buffer_head aliasing tricks to write data/metadata blocks to 615 * the journal without copying their contents, but for journal 616 * descriptor blocks we do need to generate bona fide buffers. 617 * 618 * After the caller of jbd2_journal_get_descriptor_buffer() has finished modifying 619 * the buffer's contents they really should run flush_dcache_page(bh->b_page). 620 * But we don't bother doing that, so there will be coherency problems with 621 * mmaps of blockdevs which hold live JBD-controlled filesystems. 622 */ 623 struct journal_head *jbd2_journal_get_descriptor_buffer(journal_t *journal) 624 { 625 struct buffer_head *bh; 626 unsigned long long blocknr; 627 int err; 628 629 err = jbd2_journal_next_log_block(journal, &blocknr); 630 631 if (err) 632 return NULL; 633 634 bh = __getblk(journal->j_dev, blocknr, journal->j_blocksize); 635 lock_buffer(bh); 636 memset(bh->b_data, 0, journal->j_blocksize); 637 set_buffer_uptodate(bh); 638 unlock_buffer(bh); 639 BUFFER_TRACE(bh, "return this buffer"); 640 return jbd2_journal_add_journal_head(bh); 641 } 642 643 /* 644 * Management for journal control blocks: functions to create and 645 * destroy journal_t structures, and to initialise and read existing 646 * journal blocks from disk. */ 647 648 /* First: create and setup a journal_t object in memory. We initialise 649 * very few fields yet: that has to wait until we have created the 650 * journal structures from from scratch, or loaded them from disk. */ 651 652 static journal_t * journal_init_common (void) 653 { 654 journal_t *journal; 655 int err; 656 657 journal = kzalloc(sizeof(*journal), GFP_KERNEL|__GFP_NOFAIL); 658 if (!journal) 659 goto fail; 660 661 init_waitqueue_head(&journal->j_wait_transaction_locked); 662 init_waitqueue_head(&journal->j_wait_logspace); 663 init_waitqueue_head(&journal->j_wait_done_commit); 664 init_waitqueue_head(&journal->j_wait_checkpoint); 665 init_waitqueue_head(&journal->j_wait_commit); 666 init_waitqueue_head(&journal->j_wait_updates); 667 mutex_init(&journal->j_barrier); 668 mutex_init(&journal->j_checkpoint_mutex); 669 spin_lock_init(&journal->j_revoke_lock); 670 spin_lock_init(&journal->j_list_lock); 671 spin_lock_init(&journal->j_state_lock); 672 673 journal->j_commit_interval = (HZ * JBD2_DEFAULT_MAX_COMMIT_AGE); 674 675 /* The journal is marked for error until we succeed with recovery! */ 676 journal->j_flags = JBD2_ABORT; 677 678 /* Set up a default-sized revoke table for the new mount. */ 679 err = jbd2_journal_init_revoke(journal, JOURNAL_REVOKE_DEFAULT_HASH); 680 if (err) { 681 kfree(journal); 682 goto fail; 683 } 684 return journal; 685 fail: 686 return NULL; 687 } 688 689 /* jbd2_journal_init_dev and jbd2_journal_init_inode: 690 * 691 * Create a journal structure assigned some fixed set of disk blocks to 692 * the journal. We don't actually touch those disk blocks yet, but we 693 * need to set up all of the mapping information to tell the journaling 694 * system where the journal blocks are. 695 * 696 */ 697 698 /** 699 * journal_t * jbd2_journal_init_dev() - creates an initialises a journal structure 700 * @bdev: Block device on which to create the journal 701 * @fs_dev: Device which hold journalled filesystem for this journal. 702 * @start: Block nr Start of journal. 703 * @len: Length of the journal in blocks. 704 * @blocksize: blocksize of journalling device 705 * @returns: a newly created journal_t * 706 * 707 * jbd2_journal_init_dev creates a journal which maps a fixed contiguous 708 * range of blocks on an arbitrary block device. 709 * 710 */ 711 journal_t * jbd2_journal_init_dev(struct block_device *bdev, 712 struct block_device *fs_dev, 713 unsigned long long start, int len, int blocksize) 714 { 715 journal_t *journal = journal_init_common(); 716 struct buffer_head *bh; 717 int n; 718 719 if (!journal) 720 return NULL; 721 722 /* journal descriptor can store up to n blocks -bzzz */ 723 journal->j_blocksize = blocksize; 724 n = journal->j_blocksize / sizeof(journal_block_tag_t); 725 journal->j_wbufsize = n; 726 journal->j_wbuf = kmalloc(n * sizeof(struct buffer_head*), GFP_KERNEL); 727 if (!journal->j_wbuf) { 728 printk(KERN_ERR "%s: Cant allocate bhs for commit thread\n", 729 __FUNCTION__); 730 kfree(journal); 731 journal = NULL; 732 goto out; 733 } 734 journal->j_dev = bdev; 735 journal->j_fs_dev = fs_dev; 736 journal->j_blk_offset = start; 737 journal->j_maxlen = len; 738 739 bh = __getblk(journal->j_dev, start, journal->j_blocksize); 740 J_ASSERT(bh != NULL); 741 journal->j_sb_buffer = bh; 742 journal->j_superblock = (journal_superblock_t *)bh->b_data; 743 out: 744 return journal; 745 } 746 747 /** 748 * journal_t * jbd2_journal_init_inode () - creates a journal which maps to a inode. 749 * @inode: An inode to create the journal in 750 * 751 * jbd2_journal_init_inode creates a journal which maps an on-disk inode as 752 * the journal. The inode must exist already, must support bmap() and 753 * must have all data blocks preallocated. 754 */ 755 journal_t * jbd2_journal_init_inode (struct inode *inode) 756 { 757 struct buffer_head *bh; 758 journal_t *journal = journal_init_common(); 759 int err; 760 int n; 761 unsigned long long blocknr; 762 763 if (!journal) 764 return NULL; 765 766 journal->j_dev = journal->j_fs_dev = inode->i_sb->s_bdev; 767 journal->j_inode = inode; 768 jbd_debug(1, 769 "journal %p: inode %s/%ld, size %Ld, bits %d, blksize %ld\n", 770 journal, inode->i_sb->s_id, inode->i_ino, 771 (long long) inode->i_size, 772 inode->i_sb->s_blocksize_bits, inode->i_sb->s_blocksize); 773 774 journal->j_maxlen = inode->i_size >> inode->i_sb->s_blocksize_bits; 775 journal->j_blocksize = inode->i_sb->s_blocksize; 776 777 /* journal descriptor can store up to n blocks -bzzz */ 778 n = journal->j_blocksize / sizeof(journal_block_tag_t); 779 journal->j_wbufsize = n; 780 journal->j_wbuf = kmalloc(n * sizeof(struct buffer_head*), GFP_KERNEL); 781 if (!journal->j_wbuf) { 782 printk(KERN_ERR "%s: Cant allocate bhs for commit thread\n", 783 __FUNCTION__); 784 kfree(journal); 785 return NULL; 786 } 787 788 err = jbd2_journal_bmap(journal, 0, &blocknr); 789 /* If that failed, give up */ 790 if (err) { 791 printk(KERN_ERR "%s: Cannnot locate journal superblock\n", 792 __FUNCTION__); 793 kfree(journal); 794 return NULL; 795 } 796 797 bh = __getblk(journal->j_dev, blocknr, journal->j_blocksize); 798 J_ASSERT(bh != NULL); 799 journal->j_sb_buffer = bh; 800 journal->j_superblock = (journal_superblock_t *)bh->b_data; 801 802 return journal; 803 } 804 805 /* 806 * If the journal init or create aborts, we need to mark the journal 807 * superblock as being NULL to prevent the journal destroy from writing 808 * back a bogus superblock. 809 */ 810 static void journal_fail_superblock (journal_t *journal) 811 { 812 struct buffer_head *bh = journal->j_sb_buffer; 813 brelse(bh); 814 journal->j_sb_buffer = NULL; 815 } 816 817 /* 818 * Given a journal_t structure, initialise the various fields for 819 * startup of a new journaling session. We use this both when creating 820 * a journal, and after recovering an old journal to reset it for 821 * subsequent use. 822 */ 823 824 static int journal_reset(journal_t *journal) 825 { 826 journal_superblock_t *sb = journal->j_superblock; 827 unsigned long long first, last; 828 829 first = be32_to_cpu(sb->s_first); 830 last = be32_to_cpu(sb->s_maxlen); 831 832 journal->j_first = first; 833 journal->j_last = last; 834 835 journal->j_head = first; 836 journal->j_tail = first; 837 journal->j_free = last - first; 838 839 journal->j_tail_sequence = journal->j_transaction_sequence; 840 journal->j_commit_sequence = journal->j_transaction_sequence - 1; 841 journal->j_commit_request = journal->j_commit_sequence; 842 843 journal->j_max_transaction_buffers = journal->j_maxlen / 4; 844 845 /* Add the dynamic fields and write it to disk. */ 846 jbd2_journal_update_superblock(journal, 1); 847 return jbd2_journal_start_thread(journal); 848 } 849 850 /** 851 * int jbd2_journal_create() - Initialise the new journal file 852 * @journal: Journal to create. This structure must have been initialised 853 * 854 * Given a journal_t structure which tells us which disk blocks we can 855 * use, create a new journal superblock and initialise all of the 856 * journal fields from scratch. 857 **/ 858 int jbd2_journal_create(journal_t *journal) 859 { 860 unsigned long long blocknr; 861 struct buffer_head *bh; 862 journal_superblock_t *sb; 863 int i, err; 864 865 if (journal->j_maxlen < JBD2_MIN_JOURNAL_BLOCKS) { 866 printk (KERN_ERR "Journal length (%d blocks) too short.\n", 867 journal->j_maxlen); 868 journal_fail_superblock(journal); 869 return -EINVAL; 870 } 871 872 if (journal->j_inode == NULL) { 873 /* 874 * We don't know what block to start at! 875 */ 876 printk(KERN_EMERG 877 "%s: creation of journal on external device!\n", 878 __FUNCTION__); 879 BUG(); 880 } 881 882 /* Zero out the entire journal on disk. We cannot afford to 883 have any blocks on disk beginning with JBD2_MAGIC_NUMBER. */ 884 jbd_debug(1, "JBD: Zeroing out journal blocks...\n"); 885 for (i = 0; i < journal->j_maxlen; i++) { 886 err = jbd2_journal_bmap(journal, i, &blocknr); 887 if (err) 888 return err; 889 bh = __getblk(journal->j_dev, blocknr, journal->j_blocksize); 890 lock_buffer(bh); 891 memset (bh->b_data, 0, journal->j_blocksize); 892 BUFFER_TRACE(bh, "marking dirty"); 893 mark_buffer_dirty(bh); 894 BUFFER_TRACE(bh, "marking uptodate"); 895 set_buffer_uptodate(bh); 896 unlock_buffer(bh); 897 __brelse(bh); 898 } 899 900 sync_blockdev(journal->j_dev); 901 jbd_debug(1, "JBD: journal cleared.\n"); 902 903 /* OK, fill in the initial static fields in the new superblock */ 904 sb = journal->j_superblock; 905 906 sb->s_header.h_magic = cpu_to_be32(JBD2_MAGIC_NUMBER); 907 sb->s_header.h_blocktype = cpu_to_be32(JBD2_SUPERBLOCK_V2); 908 909 sb->s_blocksize = cpu_to_be32(journal->j_blocksize); 910 sb->s_maxlen = cpu_to_be32(journal->j_maxlen); 911 sb->s_first = cpu_to_be32(1); 912 913 journal->j_transaction_sequence = 1; 914 915 journal->j_flags &= ~JBD2_ABORT; 916 journal->j_format_version = 2; 917 918 return journal_reset(journal); 919 } 920 921 /** 922 * void jbd2_journal_update_superblock() - Update journal sb on disk. 923 * @journal: The journal to update. 924 * @wait: Set to '0' if you don't want to wait for IO completion. 925 * 926 * Update a journal's dynamic superblock fields and write it to disk, 927 * optionally waiting for the IO to complete. 928 */ 929 void jbd2_journal_update_superblock(journal_t *journal, int wait) 930 { 931 journal_superblock_t *sb = journal->j_superblock; 932 struct buffer_head *bh = journal->j_sb_buffer; 933 934 /* 935 * As a special case, if the on-disk copy is already marked as needing 936 * no recovery (s_start == 0) and there are no outstanding transactions 937 * in the filesystem, then we can safely defer the superblock update 938 * until the next commit by setting JBD2_FLUSHED. This avoids 939 * attempting a write to a potential-readonly device. 940 */ 941 if (sb->s_start == 0 && journal->j_tail_sequence == 942 journal->j_transaction_sequence) { 943 jbd_debug(1,"JBD: Skipping superblock update on recovered sb " 944 "(start %ld, seq %d, errno %d)\n", 945 journal->j_tail, journal->j_tail_sequence, 946 journal->j_errno); 947 goto out; 948 } 949 950 spin_lock(&journal->j_state_lock); 951 jbd_debug(1,"JBD: updating superblock (start %ld, seq %d, errno %d)\n", 952 journal->j_tail, journal->j_tail_sequence, journal->j_errno); 953 954 sb->s_sequence = cpu_to_be32(journal->j_tail_sequence); 955 sb->s_start = cpu_to_be32(journal->j_tail); 956 sb->s_errno = cpu_to_be32(journal->j_errno); 957 spin_unlock(&journal->j_state_lock); 958 959 BUFFER_TRACE(bh, "marking dirty"); 960 mark_buffer_dirty(bh); 961 if (wait) 962 sync_dirty_buffer(bh); 963 else 964 ll_rw_block(SWRITE, 1, &bh); 965 966 out: 967 /* If we have just flushed the log (by marking s_start==0), then 968 * any future commit will have to be careful to update the 969 * superblock again to re-record the true start of the log. */ 970 971 spin_lock(&journal->j_state_lock); 972 if (sb->s_start) 973 journal->j_flags &= ~JBD2_FLUSHED; 974 else 975 journal->j_flags |= JBD2_FLUSHED; 976 spin_unlock(&journal->j_state_lock); 977 } 978 979 /* 980 * Read the superblock for a given journal, performing initial 981 * validation of the format. 982 */ 983 984 static int journal_get_superblock(journal_t *journal) 985 { 986 struct buffer_head *bh; 987 journal_superblock_t *sb; 988 int err = -EIO; 989 990 bh = journal->j_sb_buffer; 991 992 J_ASSERT(bh != NULL); 993 if (!buffer_uptodate(bh)) { 994 ll_rw_block(READ, 1, &bh); 995 wait_on_buffer(bh); 996 if (!buffer_uptodate(bh)) { 997 printk (KERN_ERR 998 "JBD: IO error reading journal superblock\n"); 999 goto out; 1000 } 1001 } 1002 1003 sb = journal->j_superblock; 1004 1005 err = -EINVAL; 1006 1007 if (sb->s_header.h_magic != cpu_to_be32(JBD2_MAGIC_NUMBER) || 1008 sb->s_blocksize != cpu_to_be32(journal->j_blocksize)) { 1009 printk(KERN_WARNING "JBD: no valid journal superblock found\n"); 1010 goto out; 1011 } 1012 1013 switch(be32_to_cpu(sb->s_header.h_blocktype)) { 1014 case JBD2_SUPERBLOCK_V1: 1015 journal->j_format_version = 1; 1016 break; 1017 case JBD2_SUPERBLOCK_V2: 1018 journal->j_format_version = 2; 1019 break; 1020 default: 1021 printk(KERN_WARNING "JBD: unrecognised superblock format ID\n"); 1022 goto out; 1023 } 1024 1025 if (be32_to_cpu(sb->s_maxlen) < journal->j_maxlen) 1026 journal->j_maxlen = be32_to_cpu(sb->s_maxlen); 1027 else if (be32_to_cpu(sb->s_maxlen) > journal->j_maxlen) { 1028 printk (KERN_WARNING "JBD: journal file too short\n"); 1029 goto out; 1030 } 1031 1032 return 0; 1033 1034 out: 1035 journal_fail_superblock(journal); 1036 return err; 1037 } 1038 1039 /* 1040 * Load the on-disk journal superblock and read the key fields into the 1041 * journal_t. 1042 */ 1043 1044 static int load_superblock(journal_t *journal) 1045 { 1046 int err; 1047 journal_superblock_t *sb; 1048 1049 err = journal_get_superblock(journal); 1050 if (err) 1051 return err; 1052 1053 sb = journal->j_superblock; 1054 1055 journal->j_tail_sequence = be32_to_cpu(sb->s_sequence); 1056 journal->j_tail = be32_to_cpu(sb->s_start); 1057 journal->j_first = be32_to_cpu(sb->s_first); 1058 journal->j_last = be32_to_cpu(sb->s_maxlen); 1059 journal->j_errno = be32_to_cpu(sb->s_errno); 1060 1061 return 0; 1062 } 1063 1064 1065 /** 1066 * int jbd2_journal_load() - Read journal from disk. 1067 * @journal: Journal to act on. 1068 * 1069 * Given a journal_t structure which tells us which disk blocks contain 1070 * a journal, read the journal from disk to initialise the in-memory 1071 * structures. 1072 */ 1073 int jbd2_journal_load(journal_t *journal) 1074 { 1075 int err; 1076 journal_superblock_t *sb; 1077 1078 err = load_superblock(journal); 1079 if (err) 1080 return err; 1081 1082 sb = journal->j_superblock; 1083 /* If this is a V2 superblock, then we have to check the 1084 * features flags on it. */ 1085 1086 if (journal->j_format_version >= 2) { 1087 if ((sb->s_feature_ro_compat & 1088 ~cpu_to_be32(JBD2_KNOWN_ROCOMPAT_FEATURES)) || 1089 (sb->s_feature_incompat & 1090 ~cpu_to_be32(JBD2_KNOWN_INCOMPAT_FEATURES))) { 1091 printk (KERN_WARNING 1092 "JBD: Unrecognised features on journal\n"); 1093 return -EINVAL; 1094 } 1095 } 1096 1097 /* Let the recovery code check whether it needs to recover any 1098 * data from the journal. */ 1099 if (jbd2_journal_recover(journal)) 1100 goto recovery_error; 1101 1102 /* OK, we've finished with the dynamic journal bits: 1103 * reinitialise the dynamic contents of the superblock in memory 1104 * and reset them on disk. */ 1105 if (journal_reset(journal)) 1106 goto recovery_error; 1107 1108 journal->j_flags &= ~JBD2_ABORT; 1109 journal->j_flags |= JBD2_LOADED; 1110 return 0; 1111 1112 recovery_error: 1113 printk (KERN_WARNING "JBD: recovery failed\n"); 1114 return -EIO; 1115 } 1116 1117 /** 1118 * void jbd2_journal_destroy() - Release a journal_t structure. 1119 * @journal: Journal to act on. 1120 * 1121 * Release a journal_t structure once it is no longer in use by the 1122 * journaled object. 1123 */ 1124 void jbd2_journal_destroy(journal_t *journal) 1125 { 1126 /* Wait for the commit thread to wake up and die. */ 1127 journal_kill_thread(journal); 1128 1129 /* Force a final log commit */ 1130 if (journal->j_running_transaction) 1131 jbd2_journal_commit_transaction(journal); 1132 1133 /* Force any old transactions to disk */ 1134 1135 /* Totally anal locking here... */ 1136 spin_lock(&journal->j_list_lock); 1137 while (journal->j_checkpoint_transactions != NULL) { 1138 spin_unlock(&journal->j_list_lock); 1139 jbd2_log_do_checkpoint(journal); 1140 spin_lock(&journal->j_list_lock); 1141 } 1142 1143 J_ASSERT(journal->j_running_transaction == NULL); 1144 J_ASSERT(journal->j_committing_transaction == NULL); 1145 J_ASSERT(journal->j_checkpoint_transactions == NULL); 1146 spin_unlock(&journal->j_list_lock); 1147 1148 /* We can now mark the journal as empty. */ 1149 journal->j_tail = 0; 1150 journal->j_tail_sequence = ++journal->j_transaction_sequence; 1151 if (journal->j_sb_buffer) { 1152 jbd2_journal_update_superblock(journal, 1); 1153 brelse(journal->j_sb_buffer); 1154 } 1155 1156 if (journal->j_inode) 1157 iput(journal->j_inode); 1158 if (journal->j_revoke) 1159 jbd2_journal_destroy_revoke(journal); 1160 kfree(journal->j_wbuf); 1161 kfree(journal); 1162 } 1163 1164 1165 /** 1166 *int jbd2_journal_check_used_features () - Check if features specified are used. 1167 * @journal: Journal to check. 1168 * @compat: bitmask of compatible features 1169 * @ro: bitmask of features that force read-only mount 1170 * @incompat: bitmask of incompatible features 1171 * 1172 * Check whether the journal uses all of a given set of 1173 * features. Return true (non-zero) if it does. 1174 **/ 1175 1176 int jbd2_journal_check_used_features (journal_t *journal, unsigned long compat, 1177 unsigned long ro, unsigned long incompat) 1178 { 1179 journal_superblock_t *sb; 1180 1181 if (!compat && !ro && !incompat) 1182 return 1; 1183 if (journal->j_format_version == 1) 1184 return 0; 1185 1186 sb = journal->j_superblock; 1187 1188 if (((be32_to_cpu(sb->s_feature_compat) & compat) == compat) && 1189 ((be32_to_cpu(sb->s_feature_ro_compat) & ro) == ro) && 1190 ((be32_to_cpu(sb->s_feature_incompat) & incompat) == incompat)) 1191 return 1; 1192 1193 return 0; 1194 } 1195 1196 /** 1197 * int jbd2_journal_check_available_features() - Check feature set in journalling layer 1198 * @journal: Journal to check. 1199 * @compat: bitmask of compatible features 1200 * @ro: bitmask of features that force read-only mount 1201 * @incompat: bitmask of incompatible features 1202 * 1203 * Check whether the journaling code supports the use of 1204 * all of a given set of features on this journal. Return true 1205 * (non-zero) if it can. */ 1206 1207 int jbd2_journal_check_available_features (journal_t *journal, unsigned long compat, 1208 unsigned long ro, unsigned long incompat) 1209 { 1210 journal_superblock_t *sb; 1211 1212 if (!compat && !ro && !incompat) 1213 return 1; 1214 1215 sb = journal->j_superblock; 1216 1217 /* We can support any known requested features iff the 1218 * superblock is in version 2. Otherwise we fail to support any 1219 * extended sb features. */ 1220 1221 if (journal->j_format_version != 2) 1222 return 0; 1223 1224 if ((compat & JBD2_KNOWN_COMPAT_FEATURES) == compat && 1225 (ro & JBD2_KNOWN_ROCOMPAT_FEATURES) == ro && 1226 (incompat & JBD2_KNOWN_INCOMPAT_FEATURES) == incompat) 1227 return 1; 1228 1229 return 0; 1230 } 1231 1232 /** 1233 * int jbd2_journal_set_features () - Mark a given journal feature in the superblock 1234 * @journal: Journal to act on. 1235 * @compat: bitmask of compatible features 1236 * @ro: bitmask of features that force read-only mount 1237 * @incompat: bitmask of incompatible features 1238 * 1239 * Mark a given journal feature as present on the 1240 * superblock. Returns true if the requested features could be set. 1241 * 1242 */ 1243 1244 int jbd2_journal_set_features (journal_t *journal, unsigned long compat, 1245 unsigned long ro, unsigned long incompat) 1246 { 1247 journal_superblock_t *sb; 1248 1249 if (jbd2_journal_check_used_features(journal, compat, ro, incompat)) 1250 return 1; 1251 1252 if (!jbd2_journal_check_available_features(journal, compat, ro, incompat)) 1253 return 0; 1254 1255 jbd_debug(1, "Setting new features 0x%lx/0x%lx/0x%lx\n", 1256 compat, ro, incompat); 1257 1258 sb = journal->j_superblock; 1259 1260 sb->s_feature_compat |= cpu_to_be32(compat); 1261 sb->s_feature_ro_compat |= cpu_to_be32(ro); 1262 sb->s_feature_incompat |= cpu_to_be32(incompat); 1263 1264 return 1; 1265 } 1266 1267 1268 /** 1269 * int jbd2_journal_update_format () - Update on-disk journal structure. 1270 * @journal: Journal to act on. 1271 * 1272 * Given an initialised but unloaded journal struct, poke about in the 1273 * on-disk structure to update it to the most recent supported version. 1274 */ 1275 int jbd2_journal_update_format (journal_t *journal) 1276 { 1277 journal_superblock_t *sb; 1278 int err; 1279 1280 err = journal_get_superblock(journal); 1281 if (err) 1282 return err; 1283 1284 sb = journal->j_superblock; 1285 1286 switch (be32_to_cpu(sb->s_header.h_blocktype)) { 1287 case JBD2_SUPERBLOCK_V2: 1288 return 0; 1289 case JBD2_SUPERBLOCK_V1: 1290 return journal_convert_superblock_v1(journal, sb); 1291 default: 1292 break; 1293 } 1294 return -EINVAL; 1295 } 1296 1297 static int journal_convert_superblock_v1(journal_t *journal, 1298 journal_superblock_t *sb) 1299 { 1300 int offset, blocksize; 1301 struct buffer_head *bh; 1302 1303 printk(KERN_WARNING 1304 "JBD: Converting superblock from version 1 to 2.\n"); 1305 1306 /* Pre-initialise new fields to zero */ 1307 offset = ((char *) &(sb->s_feature_compat)) - ((char *) sb); 1308 blocksize = be32_to_cpu(sb->s_blocksize); 1309 memset(&sb->s_feature_compat, 0, blocksize-offset); 1310 1311 sb->s_nr_users = cpu_to_be32(1); 1312 sb->s_header.h_blocktype = cpu_to_be32(JBD2_SUPERBLOCK_V2); 1313 journal->j_format_version = 2; 1314 1315 bh = journal->j_sb_buffer; 1316 BUFFER_TRACE(bh, "marking dirty"); 1317 mark_buffer_dirty(bh); 1318 sync_dirty_buffer(bh); 1319 return 0; 1320 } 1321 1322 1323 /** 1324 * int jbd2_journal_flush () - Flush journal 1325 * @journal: Journal to act on. 1326 * 1327 * Flush all data for a given journal to disk and empty the journal. 1328 * Filesystems can use this when remounting readonly to ensure that 1329 * recovery does not need to happen on remount. 1330 */ 1331 1332 int jbd2_journal_flush(journal_t *journal) 1333 { 1334 int err = 0; 1335 transaction_t *transaction = NULL; 1336 unsigned long old_tail; 1337 1338 spin_lock(&journal->j_state_lock); 1339 1340 /* Force everything buffered to the log... */ 1341 if (journal->j_running_transaction) { 1342 transaction = journal->j_running_transaction; 1343 __jbd2_log_start_commit(journal, transaction->t_tid); 1344 } else if (journal->j_committing_transaction) 1345 transaction = journal->j_committing_transaction; 1346 1347 /* Wait for the log commit to complete... */ 1348 if (transaction) { 1349 tid_t tid = transaction->t_tid; 1350 1351 spin_unlock(&journal->j_state_lock); 1352 jbd2_log_wait_commit(journal, tid); 1353 } else { 1354 spin_unlock(&journal->j_state_lock); 1355 } 1356 1357 /* ...and flush everything in the log out to disk. */ 1358 spin_lock(&journal->j_list_lock); 1359 while (!err && journal->j_checkpoint_transactions != NULL) { 1360 spin_unlock(&journal->j_list_lock); 1361 err = jbd2_log_do_checkpoint(journal); 1362 spin_lock(&journal->j_list_lock); 1363 } 1364 spin_unlock(&journal->j_list_lock); 1365 jbd2_cleanup_journal_tail(journal); 1366 1367 /* Finally, mark the journal as really needing no recovery. 1368 * This sets s_start==0 in the underlying superblock, which is 1369 * the magic code for a fully-recovered superblock. Any future 1370 * commits of data to the journal will restore the current 1371 * s_start value. */ 1372 spin_lock(&journal->j_state_lock); 1373 old_tail = journal->j_tail; 1374 journal->j_tail = 0; 1375 spin_unlock(&journal->j_state_lock); 1376 jbd2_journal_update_superblock(journal, 1); 1377 spin_lock(&journal->j_state_lock); 1378 journal->j_tail = old_tail; 1379 1380 J_ASSERT(!journal->j_running_transaction); 1381 J_ASSERT(!journal->j_committing_transaction); 1382 J_ASSERT(!journal->j_checkpoint_transactions); 1383 J_ASSERT(journal->j_head == journal->j_tail); 1384 J_ASSERT(journal->j_tail_sequence == journal->j_transaction_sequence); 1385 spin_unlock(&journal->j_state_lock); 1386 return err; 1387 } 1388 1389 /** 1390 * int jbd2_journal_wipe() - Wipe journal contents 1391 * @journal: Journal to act on. 1392 * @write: flag (see below) 1393 * 1394 * Wipe out all of the contents of a journal, safely. This will produce 1395 * a warning if the journal contains any valid recovery information. 1396 * Must be called between journal_init_*() and jbd2_journal_load(). 1397 * 1398 * If 'write' is non-zero, then we wipe out the journal on disk; otherwise 1399 * we merely suppress recovery. 1400 */ 1401 1402 int jbd2_journal_wipe(journal_t *journal, int write) 1403 { 1404 journal_superblock_t *sb; 1405 int err = 0; 1406 1407 J_ASSERT (!(journal->j_flags & JBD2_LOADED)); 1408 1409 err = load_superblock(journal); 1410 if (err) 1411 return err; 1412 1413 sb = journal->j_superblock; 1414 1415 if (!journal->j_tail) 1416 goto no_recovery; 1417 1418 printk (KERN_WARNING "JBD: %s recovery information on journal\n", 1419 write ? "Clearing" : "Ignoring"); 1420 1421 err = jbd2_journal_skip_recovery(journal); 1422 if (write) 1423 jbd2_journal_update_superblock(journal, 1); 1424 1425 no_recovery: 1426 return err; 1427 } 1428 1429 /* 1430 * journal_dev_name: format a character string to describe on what 1431 * device this journal is present. 1432 */ 1433 1434 static const char *journal_dev_name(journal_t *journal, char *buffer) 1435 { 1436 struct block_device *bdev; 1437 1438 if (journal->j_inode) 1439 bdev = journal->j_inode->i_sb->s_bdev; 1440 else 1441 bdev = journal->j_dev; 1442 1443 return bdevname(bdev, buffer); 1444 } 1445 1446 /* 1447 * Journal abort has very specific semantics, which we describe 1448 * for journal abort. 1449 * 1450 * Two internal function, which provide abort to te jbd layer 1451 * itself are here. 1452 */ 1453 1454 /* 1455 * Quick version for internal journal use (doesn't lock the journal). 1456 * Aborts hard --- we mark the abort as occurred, but do _nothing_ else, 1457 * and don't attempt to make any other journal updates. 1458 */ 1459 void __jbd2_journal_abort_hard(journal_t *journal) 1460 { 1461 transaction_t *transaction; 1462 char b[BDEVNAME_SIZE]; 1463 1464 if (journal->j_flags & JBD2_ABORT) 1465 return; 1466 1467 printk(KERN_ERR "Aborting journal on device %s.\n", 1468 journal_dev_name(journal, b)); 1469 1470 spin_lock(&journal->j_state_lock); 1471 journal->j_flags |= JBD2_ABORT; 1472 transaction = journal->j_running_transaction; 1473 if (transaction) 1474 __jbd2_log_start_commit(journal, transaction->t_tid); 1475 spin_unlock(&journal->j_state_lock); 1476 } 1477 1478 /* Soft abort: record the abort error status in the journal superblock, 1479 * but don't do any other IO. */ 1480 static void __journal_abort_soft (journal_t *journal, int errno) 1481 { 1482 if (journal->j_flags & JBD2_ABORT) 1483 return; 1484 1485 if (!journal->j_errno) 1486 journal->j_errno = errno; 1487 1488 __jbd2_journal_abort_hard(journal); 1489 1490 if (errno) 1491 jbd2_journal_update_superblock(journal, 1); 1492 } 1493 1494 /** 1495 * void jbd2_journal_abort () - Shutdown the journal immediately. 1496 * @journal: the journal to shutdown. 1497 * @errno: an error number to record in the journal indicating 1498 * the reason for the shutdown. 1499 * 1500 * Perform a complete, immediate shutdown of the ENTIRE 1501 * journal (not of a single transaction). This operation cannot be 1502 * undone without closing and reopening the journal. 1503 * 1504 * The jbd2_journal_abort function is intended to support higher level error 1505 * recovery mechanisms such as the ext2/ext3 remount-readonly error 1506 * mode. 1507 * 1508 * Journal abort has very specific semantics. Any existing dirty, 1509 * unjournaled buffers in the main filesystem will still be written to 1510 * disk by bdflush, but the journaling mechanism will be suspended 1511 * immediately and no further transaction commits will be honoured. 1512 * 1513 * Any dirty, journaled buffers will be written back to disk without 1514 * hitting the journal. Atomicity cannot be guaranteed on an aborted 1515 * filesystem, but we _do_ attempt to leave as much data as possible 1516 * behind for fsck to use for cleanup. 1517 * 1518 * Any attempt to get a new transaction handle on a journal which is in 1519 * ABORT state will just result in an -EROFS error return. A 1520 * jbd2_journal_stop on an existing handle will return -EIO if we have 1521 * entered abort state during the update. 1522 * 1523 * Recursive transactions are not disturbed by journal abort until the 1524 * final jbd2_journal_stop, which will receive the -EIO error. 1525 * 1526 * Finally, the jbd2_journal_abort call allows the caller to supply an errno 1527 * which will be recorded (if possible) in the journal superblock. This 1528 * allows a client to record failure conditions in the middle of a 1529 * transaction without having to complete the transaction to record the 1530 * failure to disk. ext3_error, for example, now uses this 1531 * functionality. 1532 * 1533 * Errors which originate from within the journaling layer will NOT 1534 * supply an errno; a null errno implies that absolutely no further 1535 * writes are done to the journal (unless there are any already in 1536 * progress). 1537 * 1538 */ 1539 1540 void jbd2_journal_abort(journal_t *journal, int errno) 1541 { 1542 __journal_abort_soft(journal, errno); 1543 } 1544 1545 /** 1546 * int jbd2_journal_errno () - returns the journal's error state. 1547 * @journal: journal to examine. 1548 * 1549 * This is the errno numbet set with jbd2_journal_abort(), the last 1550 * time the journal was mounted - if the journal was stopped 1551 * without calling abort this will be 0. 1552 * 1553 * If the journal has been aborted on this mount time -EROFS will 1554 * be returned. 1555 */ 1556 int jbd2_journal_errno(journal_t *journal) 1557 { 1558 int err; 1559 1560 spin_lock(&journal->j_state_lock); 1561 if (journal->j_flags & JBD2_ABORT) 1562 err = -EROFS; 1563 else 1564 err = journal->j_errno; 1565 spin_unlock(&journal->j_state_lock); 1566 return err; 1567 } 1568 1569 /** 1570 * int jbd2_journal_clear_err () - clears the journal's error state 1571 * @journal: journal to act on. 1572 * 1573 * An error must be cleared or Acked to take a FS out of readonly 1574 * mode. 1575 */ 1576 int jbd2_journal_clear_err(journal_t *journal) 1577 { 1578 int err = 0; 1579 1580 spin_lock(&journal->j_state_lock); 1581 if (journal->j_flags & JBD2_ABORT) 1582 err = -EROFS; 1583 else 1584 journal->j_errno = 0; 1585 spin_unlock(&journal->j_state_lock); 1586 return err; 1587 } 1588 1589 /** 1590 * void jbd2_journal_ack_err() - Ack journal err. 1591 * @journal: journal to act on. 1592 * 1593 * An error must be cleared or Acked to take a FS out of readonly 1594 * mode. 1595 */ 1596 void jbd2_journal_ack_err(journal_t *journal) 1597 { 1598 spin_lock(&journal->j_state_lock); 1599 if (journal->j_errno) 1600 journal->j_flags |= JBD2_ACK_ERR; 1601 spin_unlock(&journal->j_state_lock); 1602 } 1603 1604 int jbd2_journal_blocks_per_page(struct inode *inode) 1605 { 1606 return 1 << (PAGE_CACHE_SHIFT - inode->i_sb->s_blocksize_bits); 1607 } 1608 1609 /* 1610 * helper functions to deal with 32 or 64bit block numbers. 1611 */ 1612 size_t journal_tag_bytes(journal_t *journal) 1613 { 1614 if (JBD2_HAS_INCOMPAT_FEATURE(journal, JBD2_FEATURE_INCOMPAT_64BIT)) 1615 return JBD2_TAG_SIZE64; 1616 else 1617 return JBD2_TAG_SIZE32; 1618 } 1619 1620 /* 1621 * Journal_head storage management 1622 */ 1623 static struct kmem_cache *jbd2_journal_head_cache; 1624 #ifdef CONFIG_JBD2_DEBUG 1625 static atomic_t nr_journal_heads = ATOMIC_INIT(0); 1626 #endif 1627 1628 static int journal_init_jbd2_journal_head_cache(void) 1629 { 1630 int retval; 1631 1632 J_ASSERT(jbd2_journal_head_cache == 0); 1633 jbd2_journal_head_cache = kmem_cache_create("jbd2_journal_head", 1634 sizeof(struct journal_head), 1635 0, /* offset */ 1636 0, /* flags */ 1637 NULL); /* ctor */ 1638 retval = 0; 1639 if (jbd2_journal_head_cache == 0) { 1640 retval = -ENOMEM; 1641 printk(KERN_EMERG "JBD: no memory for journal_head cache\n"); 1642 } 1643 return retval; 1644 } 1645 1646 static void jbd2_journal_destroy_jbd2_journal_head_cache(void) 1647 { 1648 J_ASSERT(jbd2_journal_head_cache != NULL); 1649 kmem_cache_destroy(jbd2_journal_head_cache); 1650 jbd2_journal_head_cache = NULL; 1651 } 1652 1653 /* 1654 * journal_head splicing and dicing 1655 */ 1656 static struct journal_head *journal_alloc_journal_head(void) 1657 { 1658 struct journal_head *ret; 1659 static unsigned long last_warning; 1660 1661 #ifdef CONFIG_JBD2_DEBUG 1662 atomic_inc(&nr_journal_heads); 1663 #endif 1664 ret = kmem_cache_alloc(jbd2_journal_head_cache, GFP_NOFS); 1665 if (ret == 0) { 1666 jbd_debug(1, "out of memory for journal_head\n"); 1667 if (time_after(jiffies, last_warning + 5*HZ)) { 1668 printk(KERN_NOTICE "ENOMEM in %s, retrying.\n", 1669 __FUNCTION__); 1670 last_warning = jiffies; 1671 } 1672 while (ret == 0) { 1673 yield(); 1674 ret = kmem_cache_alloc(jbd2_journal_head_cache, GFP_NOFS); 1675 } 1676 } 1677 return ret; 1678 } 1679 1680 static void journal_free_journal_head(struct journal_head *jh) 1681 { 1682 #ifdef CONFIG_JBD2_DEBUG 1683 atomic_dec(&nr_journal_heads); 1684 memset(jh, JBD2_POISON_FREE, sizeof(*jh)); 1685 #endif 1686 kmem_cache_free(jbd2_journal_head_cache, jh); 1687 } 1688 1689 /* 1690 * A journal_head is attached to a buffer_head whenever JBD has an 1691 * interest in the buffer. 1692 * 1693 * Whenever a buffer has an attached journal_head, its ->b_state:BH_JBD bit 1694 * is set. This bit is tested in core kernel code where we need to take 1695 * JBD-specific actions. Testing the zeroness of ->b_private is not reliable 1696 * there. 1697 * 1698 * When a buffer has its BH_JBD bit set, its ->b_count is elevated by one. 1699 * 1700 * When a buffer has its BH_JBD bit set it is immune from being released by 1701 * core kernel code, mainly via ->b_count. 1702 * 1703 * A journal_head may be detached from its buffer_head when the journal_head's 1704 * b_transaction, b_cp_transaction and b_next_transaction pointers are NULL. 1705 * Various places in JBD call jbd2_journal_remove_journal_head() to indicate that the 1706 * journal_head can be dropped if needed. 1707 * 1708 * Various places in the kernel want to attach a journal_head to a buffer_head 1709 * _before_ attaching the journal_head to a transaction. To protect the 1710 * journal_head in this situation, jbd2_journal_add_journal_head elevates the 1711 * journal_head's b_jcount refcount by one. The caller must call 1712 * jbd2_journal_put_journal_head() to undo this. 1713 * 1714 * So the typical usage would be: 1715 * 1716 * (Attach a journal_head if needed. Increments b_jcount) 1717 * struct journal_head *jh = jbd2_journal_add_journal_head(bh); 1718 * ... 1719 * jh->b_transaction = xxx; 1720 * jbd2_journal_put_journal_head(jh); 1721 * 1722 * Now, the journal_head's b_jcount is zero, but it is safe from being released 1723 * because it has a non-zero b_transaction. 1724 */ 1725 1726 /* 1727 * Give a buffer_head a journal_head. 1728 * 1729 * Doesn't need the journal lock. 1730 * May sleep. 1731 */ 1732 struct journal_head *jbd2_journal_add_journal_head(struct buffer_head *bh) 1733 { 1734 struct journal_head *jh; 1735 struct journal_head *new_jh = NULL; 1736 1737 repeat: 1738 if (!buffer_jbd(bh)) { 1739 new_jh = journal_alloc_journal_head(); 1740 memset(new_jh, 0, sizeof(*new_jh)); 1741 } 1742 1743 jbd_lock_bh_journal_head(bh); 1744 if (buffer_jbd(bh)) { 1745 jh = bh2jh(bh); 1746 } else { 1747 J_ASSERT_BH(bh, 1748 (atomic_read(&bh->b_count) > 0) || 1749 (bh->b_page && bh->b_page->mapping)); 1750 1751 if (!new_jh) { 1752 jbd_unlock_bh_journal_head(bh); 1753 goto repeat; 1754 } 1755 1756 jh = new_jh; 1757 new_jh = NULL; /* We consumed it */ 1758 set_buffer_jbd(bh); 1759 bh->b_private = jh; 1760 jh->b_bh = bh; 1761 get_bh(bh); 1762 BUFFER_TRACE(bh, "added journal_head"); 1763 } 1764 jh->b_jcount++; 1765 jbd_unlock_bh_journal_head(bh); 1766 if (new_jh) 1767 journal_free_journal_head(new_jh); 1768 return bh->b_private; 1769 } 1770 1771 /* 1772 * Grab a ref against this buffer_head's journal_head. If it ended up not 1773 * having a journal_head, return NULL 1774 */ 1775 struct journal_head *jbd2_journal_grab_journal_head(struct buffer_head *bh) 1776 { 1777 struct journal_head *jh = NULL; 1778 1779 jbd_lock_bh_journal_head(bh); 1780 if (buffer_jbd(bh)) { 1781 jh = bh2jh(bh); 1782 jh->b_jcount++; 1783 } 1784 jbd_unlock_bh_journal_head(bh); 1785 return jh; 1786 } 1787 1788 static void __journal_remove_journal_head(struct buffer_head *bh) 1789 { 1790 struct journal_head *jh = bh2jh(bh); 1791 1792 J_ASSERT_JH(jh, jh->b_jcount >= 0); 1793 1794 get_bh(bh); 1795 if (jh->b_jcount == 0) { 1796 if (jh->b_transaction == NULL && 1797 jh->b_next_transaction == NULL && 1798 jh->b_cp_transaction == NULL) { 1799 J_ASSERT_JH(jh, jh->b_jlist == BJ_None); 1800 J_ASSERT_BH(bh, buffer_jbd(bh)); 1801 J_ASSERT_BH(bh, jh2bh(jh) == bh); 1802 BUFFER_TRACE(bh, "remove journal_head"); 1803 if (jh->b_frozen_data) { 1804 printk(KERN_WARNING "%s: freeing " 1805 "b_frozen_data\n", 1806 __FUNCTION__); 1807 jbd2_free(jh->b_frozen_data, bh->b_size); 1808 } 1809 if (jh->b_committed_data) { 1810 printk(KERN_WARNING "%s: freeing " 1811 "b_committed_data\n", 1812 __FUNCTION__); 1813 jbd2_free(jh->b_committed_data, bh->b_size); 1814 } 1815 bh->b_private = NULL; 1816 jh->b_bh = NULL; /* debug, really */ 1817 clear_buffer_jbd(bh); 1818 __brelse(bh); 1819 journal_free_journal_head(jh); 1820 } else { 1821 BUFFER_TRACE(bh, "journal_head was locked"); 1822 } 1823 } 1824 } 1825 1826 /* 1827 * jbd2_journal_remove_journal_head(): if the buffer isn't attached to a transaction 1828 * and has a zero b_jcount then remove and release its journal_head. If we did 1829 * see that the buffer is not used by any transaction we also "logically" 1830 * decrement ->b_count. 1831 * 1832 * We in fact take an additional increment on ->b_count as a convenience, 1833 * because the caller usually wants to do additional things with the bh 1834 * after calling here. 1835 * The caller of jbd2_journal_remove_journal_head() *must* run __brelse(bh) at some 1836 * time. Once the caller has run __brelse(), the buffer is eligible for 1837 * reaping by try_to_free_buffers(). 1838 */ 1839 void jbd2_journal_remove_journal_head(struct buffer_head *bh) 1840 { 1841 jbd_lock_bh_journal_head(bh); 1842 __journal_remove_journal_head(bh); 1843 jbd_unlock_bh_journal_head(bh); 1844 } 1845 1846 /* 1847 * Drop a reference on the passed journal_head. If it fell to zero then try to 1848 * release the journal_head from the buffer_head. 1849 */ 1850 void jbd2_journal_put_journal_head(struct journal_head *jh) 1851 { 1852 struct buffer_head *bh = jh2bh(jh); 1853 1854 jbd_lock_bh_journal_head(bh); 1855 J_ASSERT_JH(jh, jh->b_jcount > 0); 1856 --jh->b_jcount; 1857 if (!jh->b_jcount && !jh->b_transaction) { 1858 __journal_remove_journal_head(bh); 1859 __brelse(bh); 1860 } 1861 jbd_unlock_bh_journal_head(bh); 1862 } 1863 1864 /* 1865 * debugfs tunables 1866 */ 1867 #ifdef CONFIG_JBD2_DEBUG 1868 u8 jbd2_journal_enable_debug __read_mostly; 1869 EXPORT_SYMBOL(jbd2_journal_enable_debug); 1870 1871 #define JBD2_DEBUG_NAME "jbd2-debug" 1872 1873 static struct dentry *jbd2_debugfs_dir; 1874 static struct dentry *jbd2_debug; 1875 1876 static void __init jbd2_create_debugfs_entry(void) 1877 { 1878 jbd2_debugfs_dir = debugfs_create_dir("jbd2", NULL); 1879 if (jbd2_debugfs_dir) 1880 jbd2_debug = debugfs_create_u8(JBD2_DEBUG_NAME, S_IRUGO, 1881 jbd2_debugfs_dir, 1882 &jbd2_journal_enable_debug); 1883 } 1884 1885 static void __exit jbd2_remove_debugfs_entry(void) 1886 { 1887 debugfs_remove(jbd2_debug); 1888 debugfs_remove(jbd2_debugfs_dir); 1889 } 1890 1891 #else 1892 1893 static void __init jbd2_create_debugfs_entry(void) 1894 { 1895 } 1896 1897 static void __exit jbd2_remove_debugfs_entry(void) 1898 { 1899 } 1900 1901 #endif 1902 1903 struct kmem_cache *jbd2_handle_cache; 1904 1905 static int __init journal_init_handle_cache(void) 1906 { 1907 jbd2_handle_cache = kmem_cache_create("jbd2_journal_handle", 1908 sizeof(handle_t), 1909 0, /* offset */ 1910 0, /* flags */ 1911 NULL); /* ctor */ 1912 if (jbd2_handle_cache == NULL) { 1913 printk(KERN_EMERG "JBD: failed to create handle cache\n"); 1914 return -ENOMEM; 1915 } 1916 return 0; 1917 } 1918 1919 static void jbd2_journal_destroy_handle_cache(void) 1920 { 1921 if (jbd2_handle_cache) 1922 kmem_cache_destroy(jbd2_handle_cache); 1923 } 1924 1925 /* 1926 * Module startup and shutdown 1927 */ 1928 1929 static int __init journal_init_caches(void) 1930 { 1931 int ret; 1932 1933 ret = jbd2_journal_init_revoke_caches(); 1934 if (ret == 0) 1935 ret = journal_init_jbd2_journal_head_cache(); 1936 if (ret == 0) 1937 ret = journal_init_handle_cache(); 1938 return ret; 1939 } 1940 1941 static void jbd2_journal_destroy_caches(void) 1942 { 1943 jbd2_journal_destroy_revoke_caches(); 1944 jbd2_journal_destroy_jbd2_journal_head_cache(); 1945 jbd2_journal_destroy_handle_cache(); 1946 } 1947 1948 static int __init journal_init(void) 1949 { 1950 int ret; 1951 1952 BUILD_BUG_ON(sizeof(struct journal_superblock_s) != 1024); 1953 1954 ret = journal_init_caches(); 1955 if (ret != 0) 1956 jbd2_journal_destroy_caches(); 1957 jbd2_create_debugfs_entry(); 1958 return ret; 1959 } 1960 1961 static void __exit journal_exit(void) 1962 { 1963 #ifdef CONFIG_JBD2_DEBUG 1964 int n = atomic_read(&nr_journal_heads); 1965 if (n) 1966 printk(KERN_EMERG "JBD: leaked %d journal_heads!\n", n); 1967 #endif 1968 jbd2_remove_debugfs_entry(); 1969 jbd2_journal_destroy_caches(); 1970 } 1971 1972 MODULE_LICENSE("GPL"); 1973 module_init(journal_init); 1974 module_exit(journal_exit); 1975 1976