xref: /openbmc/linux/block/bio.c (revision 612cf4d2)
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  * Copyright (C) 2001 Jens Axboe <axboe@kernel.dk>
4  */
5 #include <linux/mm.h>
6 #include <linux/swap.h>
7 #include <linux/bio.h>
8 #include <linux/blkdev.h>
9 #include <linux/uio.h>
10 #include <linux/iocontext.h>
11 #include <linux/slab.h>
12 #include <linux/init.h>
13 #include <linux/kernel.h>
14 #include <linux/export.h>
15 #include <linux/mempool.h>
16 #include <linux/workqueue.h>
17 #include <linux/cgroup.h>
18 #include <linux/highmem.h>
19 #include <linux/sched/sysctl.h>
20 #include <linux/blk-crypto.h>
21 #include <linux/xarray.h>
22 
23 #include <trace/events/block.h>
24 #include "blk.h"
25 #include "blk-rq-qos.h"
26 #include "blk-cgroup.h"
27 
28 #define ALLOC_CACHE_THRESHOLD	16
29 #define ALLOC_CACHE_SLACK	64
30 #define ALLOC_CACHE_MAX		256
31 
32 struct bio_alloc_cache {
33 	struct bio		*free_list;
34 	struct bio		*free_list_irq;
35 	unsigned int		nr;
36 	unsigned int		nr_irq;
37 };
38 
39 static struct biovec_slab {
40 	int nr_vecs;
41 	char *name;
42 	struct kmem_cache *slab;
43 } bvec_slabs[] __read_mostly = {
44 	{ .nr_vecs = 16, .name = "biovec-16" },
45 	{ .nr_vecs = 64, .name = "biovec-64" },
46 	{ .nr_vecs = 128, .name = "biovec-128" },
47 	{ .nr_vecs = BIO_MAX_VECS, .name = "biovec-max" },
48 };
49 
50 static struct biovec_slab *biovec_slab(unsigned short nr_vecs)
51 {
52 	switch (nr_vecs) {
53 	/* smaller bios use inline vecs */
54 	case 5 ... 16:
55 		return &bvec_slabs[0];
56 	case 17 ... 64:
57 		return &bvec_slabs[1];
58 	case 65 ... 128:
59 		return &bvec_slabs[2];
60 	case 129 ... BIO_MAX_VECS:
61 		return &bvec_slabs[3];
62 	default:
63 		BUG();
64 		return NULL;
65 	}
66 }
67 
68 /*
69  * fs_bio_set is the bio_set containing bio and iovec memory pools used by
70  * IO code that does not need private memory pools.
71  */
72 struct bio_set fs_bio_set;
73 EXPORT_SYMBOL(fs_bio_set);
74 
75 /*
76  * Our slab pool management
77  */
78 struct bio_slab {
79 	struct kmem_cache *slab;
80 	unsigned int slab_ref;
81 	unsigned int slab_size;
82 	char name[8];
83 };
84 static DEFINE_MUTEX(bio_slab_lock);
85 static DEFINE_XARRAY(bio_slabs);
86 
87 static struct bio_slab *create_bio_slab(unsigned int size)
88 {
89 	struct bio_slab *bslab = kzalloc(sizeof(*bslab), GFP_KERNEL);
90 
91 	if (!bslab)
92 		return NULL;
93 
94 	snprintf(bslab->name, sizeof(bslab->name), "bio-%d", size);
95 	bslab->slab = kmem_cache_create(bslab->name, size,
96 			ARCH_KMALLOC_MINALIGN,
97 			SLAB_HWCACHE_ALIGN | SLAB_TYPESAFE_BY_RCU, NULL);
98 	if (!bslab->slab)
99 		goto fail_alloc_slab;
100 
101 	bslab->slab_ref = 1;
102 	bslab->slab_size = size;
103 
104 	if (!xa_err(xa_store(&bio_slabs, size, bslab, GFP_KERNEL)))
105 		return bslab;
106 
107 	kmem_cache_destroy(bslab->slab);
108 
109 fail_alloc_slab:
110 	kfree(bslab);
111 	return NULL;
112 }
113 
114 static inline unsigned int bs_bio_slab_size(struct bio_set *bs)
115 {
116 	return bs->front_pad + sizeof(struct bio) + bs->back_pad;
117 }
118 
119 static struct kmem_cache *bio_find_or_create_slab(struct bio_set *bs)
120 {
121 	unsigned int size = bs_bio_slab_size(bs);
122 	struct bio_slab *bslab;
123 
124 	mutex_lock(&bio_slab_lock);
125 	bslab = xa_load(&bio_slabs, size);
126 	if (bslab)
127 		bslab->slab_ref++;
128 	else
129 		bslab = create_bio_slab(size);
130 	mutex_unlock(&bio_slab_lock);
131 
132 	if (bslab)
133 		return bslab->slab;
134 	return NULL;
135 }
136 
137 static void bio_put_slab(struct bio_set *bs)
138 {
139 	struct bio_slab *bslab = NULL;
140 	unsigned int slab_size = bs_bio_slab_size(bs);
141 
142 	mutex_lock(&bio_slab_lock);
143 
144 	bslab = xa_load(&bio_slabs, slab_size);
145 	if (WARN(!bslab, KERN_ERR "bio: unable to find slab!\n"))
146 		goto out;
147 
148 	WARN_ON_ONCE(bslab->slab != bs->bio_slab);
149 
150 	WARN_ON(!bslab->slab_ref);
151 
152 	if (--bslab->slab_ref)
153 		goto out;
154 
155 	xa_erase(&bio_slabs, slab_size);
156 
157 	kmem_cache_destroy(bslab->slab);
158 	kfree(bslab);
159 
160 out:
161 	mutex_unlock(&bio_slab_lock);
162 }
163 
164 void bvec_free(mempool_t *pool, struct bio_vec *bv, unsigned short nr_vecs)
165 {
166 	BUG_ON(nr_vecs > BIO_MAX_VECS);
167 
168 	if (nr_vecs == BIO_MAX_VECS)
169 		mempool_free(bv, pool);
170 	else if (nr_vecs > BIO_INLINE_VECS)
171 		kmem_cache_free(biovec_slab(nr_vecs)->slab, bv);
172 }
173 
174 /*
175  * Make the first allocation restricted and don't dump info on allocation
176  * failures, since we'll fall back to the mempool in case of failure.
177  */
178 static inline gfp_t bvec_alloc_gfp(gfp_t gfp)
179 {
180 	return (gfp & ~(__GFP_DIRECT_RECLAIM | __GFP_IO)) |
181 		__GFP_NOMEMALLOC | __GFP_NORETRY | __GFP_NOWARN;
182 }
183 
184 struct bio_vec *bvec_alloc(mempool_t *pool, unsigned short *nr_vecs,
185 		gfp_t gfp_mask)
186 {
187 	struct biovec_slab *bvs = biovec_slab(*nr_vecs);
188 
189 	if (WARN_ON_ONCE(!bvs))
190 		return NULL;
191 
192 	/*
193 	 * Upgrade the nr_vecs request to take full advantage of the allocation.
194 	 * We also rely on this in the bvec_free path.
195 	 */
196 	*nr_vecs = bvs->nr_vecs;
197 
198 	/*
199 	 * Try a slab allocation first for all smaller allocations.  If that
200 	 * fails and __GFP_DIRECT_RECLAIM is set retry with the mempool.
201 	 * The mempool is sized to handle up to BIO_MAX_VECS entries.
202 	 */
203 	if (*nr_vecs < BIO_MAX_VECS) {
204 		struct bio_vec *bvl;
205 
206 		bvl = kmem_cache_alloc(bvs->slab, bvec_alloc_gfp(gfp_mask));
207 		if (likely(bvl) || !(gfp_mask & __GFP_DIRECT_RECLAIM))
208 			return bvl;
209 		*nr_vecs = BIO_MAX_VECS;
210 	}
211 
212 	return mempool_alloc(pool, gfp_mask);
213 }
214 
215 void bio_uninit(struct bio *bio)
216 {
217 #ifdef CONFIG_BLK_CGROUP
218 	if (bio->bi_blkg) {
219 		blkg_put(bio->bi_blkg);
220 		bio->bi_blkg = NULL;
221 	}
222 #endif
223 	if (bio_integrity(bio))
224 		bio_integrity_free(bio);
225 
226 	bio_crypt_free_ctx(bio);
227 }
228 EXPORT_SYMBOL(bio_uninit);
229 
230 static void bio_free(struct bio *bio)
231 {
232 	struct bio_set *bs = bio->bi_pool;
233 	void *p = bio;
234 
235 	WARN_ON_ONCE(!bs);
236 
237 	bio_uninit(bio);
238 	bvec_free(&bs->bvec_pool, bio->bi_io_vec, bio->bi_max_vecs);
239 	mempool_free(p - bs->front_pad, &bs->bio_pool);
240 }
241 
242 /*
243  * Users of this function have their own bio allocation. Subsequently,
244  * they must remember to pair any call to bio_init() with bio_uninit()
245  * when IO has completed, or when the bio is released.
246  */
247 void bio_init(struct bio *bio, struct block_device *bdev, struct bio_vec *table,
248 	      unsigned short max_vecs, blk_opf_t opf)
249 {
250 	bio->bi_next = NULL;
251 	bio->bi_bdev = bdev;
252 	bio->bi_opf = opf;
253 	bio->bi_flags = 0;
254 	bio->bi_ioprio = 0;
255 	bio->bi_status = 0;
256 	bio->bi_iter.bi_sector = 0;
257 	bio->bi_iter.bi_size = 0;
258 	bio->bi_iter.bi_idx = 0;
259 	bio->bi_iter.bi_bvec_done = 0;
260 	bio->bi_end_io = NULL;
261 	bio->bi_private = NULL;
262 #ifdef CONFIG_BLK_CGROUP
263 	bio->bi_blkg = NULL;
264 	bio->bi_issue.value = 0;
265 	if (bdev)
266 		bio_associate_blkg(bio);
267 #ifdef CONFIG_BLK_CGROUP_IOCOST
268 	bio->bi_iocost_cost = 0;
269 #endif
270 #endif
271 #ifdef CONFIG_BLK_INLINE_ENCRYPTION
272 	bio->bi_crypt_context = NULL;
273 #endif
274 #ifdef CONFIG_BLK_DEV_INTEGRITY
275 	bio->bi_integrity = NULL;
276 #endif
277 	bio->bi_vcnt = 0;
278 
279 	atomic_set(&bio->__bi_remaining, 1);
280 	atomic_set(&bio->__bi_cnt, 1);
281 	bio->bi_cookie = BLK_QC_T_NONE;
282 
283 	bio->bi_max_vecs = max_vecs;
284 	bio->bi_io_vec = table;
285 	bio->bi_pool = NULL;
286 }
287 EXPORT_SYMBOL(bio_init);
288 
289 /**
290  * bio_reset - reinitialize a bio
291  * @bio:	bio to reset
292  * @bdev:	block device to use the bio for
293  * @opf:	operation and flags for bio
294  *
295  * Description:
296  *   After calling bio_reset(), @bio will be in the same state as a freshly
297  *   allocated bio returned bio bio_alloc_bioset() - the only fields that are
298  *   preserved are the ones that are initialized by bio_alloc_bioset(). See
299  *   comment in struct bio.
300  */
301 void bio_reset(struct bio *bio, struct block_device *bdev, blk_opf_t opf)
302 {
303 	bio_uninit(bio);
304 	memset(bio, 0, BIO_RESET_BYTES);
305 	atomic_set(&bio->__bi_remaining, 1);
306 	bio->bi_bdev = bdev;
307 	if (bio->bi_bdev)
308 		bio_associate_blkg(bio);
309 	bio->bi_opf = opf;
310 }
311 EXPORT_SYMBOL(bio_reset);
312 
313 static struct bio *__bio_chain_endio(struct bio *bio)
314 {
315 	struct bio *parent = bio->bi_private;
316 
317 	if (bio->bi_status && !parent->bi_status)
318 		parent->bi_status = bio->bi_status;
319 	bio_put(bio);
320 	return parent;
321 }
322 
323 static void bio_chain_endio(struct bio *bio)
324 {
325 	bio_endio(__bio_chain_endio(bio));
326 }
327 
328 /**
329  * bio_chain - chain bio completions
330  * @bio: the target bio
331  * @parent: the parent bio of @bio
332  *
333  * The caller won't have a bi_end_io called when @bio completes - instead,
334  * @parent's bi_end_io won't be called until both @parent and @bio have
335  * completed; the chained bio will also be freed when it completes.
336  *
337  * The caller must not set bi_private or bi_end_io in @bio.
338  */
339 void bio_chain(struct bio *bio, struct bio *parent)
340 {
341 	BUG_ON(bio->bi_private || bio->bi_end_io);
342 
343 	bio->bi_private = parent;
344 	bio->bi_end_io	= bio_chain_endio;
345 	bio_inc_remaining(parent);
346 }
347 EXPORT_SYMBOL(bio_chain);
348 
349 struct bio *blk_next_bio(struct bio *bio, struct block_device *bdev,
350 		unsigned int nr_pages, blk_opf_t opf, gfp_t gfp)
351 {
352 	struct bio *new = bio_alloc(bdev, nr_pages, opf, gfp);
353 
354 	if (bio) {
355 		bio_chain(bio, new);
356 		submit_bio(bio);
357 	}
358 
359 	return new;
360 }
361 EXPORT_SYMBOL_GPL(blk_next_bio);
362 
363 static void bio_alloc_rescue(struct work_struct *work)
364 {
365 	struct bio_set *bs = container_of(work, struct bio_set, rescue_work);
366 	struct bio *bio;
367 
368 	while (1) {
369 		spin_lock(&bs->rescue_lock);
370 		bio = bio_list_pop(&bs->rescue_list);
371 		spin_unlock(&bs->rescue_lock);
372 
373 		if (!bio)
374 			break;
375 
376 		submit_bio_noacct(bio);
377 	}
378 }
379 
380 static void punt_bios_to_rescuer(struct bio_set *bs)
381 {
382 	struct bio_list punt, nopunt;
383 	struct bio *bio;
384 
385 	if (WARN_ON_ONCE(!bs->rescue_workqueue))
386 		return;
387 	/*
388 	 * In order to guarantee forward progress we must punt only bios that
389 	 * were allocated from this bio_set; otherwise, if there was a bio on
390 	 * there for a stacking driver higher up in the stack, processing it
391 	 * could require allocating bios from this bio_set, and doing that from
392 	 * our own rescuer would be bad.
393 	 *
394 	 * Since bio lists are singly linked, pop them all instead of trying to
395 	 * remove from the middle of the list:
396 	 */
397 
398 	bio_list_init(&punt);
399 	bio_list_init(&nopunt);
400 
401 	while ((bio = bio_list_pop(&current->bio_list[0])))
402 		bio_list_add(bio->bi_pool == bs ? &punt : &nopunt, bio);
403 	current->bio_list[0] = nopunt;
404 
405 	bio_list_init(&nopunt);
406 	while ((bio = bio_list_pop(&current->bio_list[1])))
407 		bio_list_add(bio->bi_pool == bs ? &punt : &nopunt, bio);
408 	current->bio_list[1] = nopunt;
409 
410 	spin_lock(&bs->rescue_lock);
411 	bio_list_merge(&bs->rescue_list, &punt);
412 	spin_unlock(&bs->rescue_lock);
413 
414 	queue_work(bs->rescue_workqueue, &bs->rescue_work);
415 }
416 
417 static void bio_alloc_irq_cache_splice(struct bio_alloc_cache *cache)
418 {
419 	unsigned long flags;
420 
421 	/* cache->free_list must be empty */
422 	if (WARN_ON_ONCE(cache->free_list))
423 		return;
424 
425 	local_irq_save(flags);
426 	cache->free_list = cache->free_list_irq;
427 	cache->free_list_irq = NULL;
428 	cache->nr += cache->nr_irq;
429 	cache->nr_irq = 0;
430 	local_irq_restore(flags);
431 }
432 
433 static struct bio *bio_alloc_percpu_cache(struct block_device *bdev,
434 		unsigned short nr_vecs, blk_opf_t opf, gfp_t gfp,
435 		struct bio_set *bs)
436 {
437 	struct bio_alloc_cache *cache;
438 	struct bio *bio;
439 
440 	cache = per_cpu_ptr(bs->cache, get_cpu());
441 	if (!cache->free_list) {
442 		if (READ_ONCE(cache->nr_irq) >= ALLOC_CACHE_THRESHOLD)
443 			bio_alloc_irq_cache_splice(cache);
444 		if (!cache->free_list) {
445 			put_cpu();
446 			return NULL;
447 		}
448 	}
449 	bio = cache->free_list;
450 	cache->free_list = bio->bi_next;
451 	cache->nr--;
452 	put_cpu();
453 
454 	bio_init(bio, bdev, nr_vecs ? bio->bi_inline_vecs : NULL, nr_vecs, opf);
455 	bio->bi_pool = bs;
456 	return bio;
457 }
458 
459 /**
460  * bio_alloc_bioset - allocate a bio for I/O
461  * @bdev:	block device to allocate the bio for (can be %NULL)
462  * @nr_vecs:	number of bvecs to pre-allocate
463  * @opf:	operation and flags for bio
464  * @gfp_mask:   the GFP_* mask given to the slab allocator
465  * @bs:		the bio_set to allocate from.
466  *
467  * Allocate a bio from the mempools in @bs.
468  *
469  * If %__GFP_DIRECT_RECLAIM is set then bio_alloc will always be able to
470  * allocate a bio.  This is due to the mempool guarantees.  To make this work,
471  * callers must never allocate more than 1 bio at a time from the general pool.
472  * Callers that need to allocate more than 1 bio must always submit the
473  * previously allocated bio for IO before attempting to allocate a new one.
474  * Failure to do so can cause deadlocks under memory pressure.
475  *
476  * Note that when running under submit_bio_noacct() (i.e. any block driver),
477  * bios are not submitted until after you return - see the code in
478  * submit_bio_noacct() that converts recursion into iteration, to prevent
479  * stack overflows.
480  *
481  * This would normally mean allocating multiple bios under submit_bio_noacct()
482  * would be susceptible to deadlocks, but we have
483  * deadlock avoidance code that resubmits any blocked bios from a rescuer
484  * thread.
485  *
486  * However, we do not guarantee forward progress for allocations from other
487  * mempools. Doing multiple allocations from the same mempool under
488  * submit_bio_noacct() should be avoided - instead, use bio_set's front_pad
489  * for per bio allocations.
490  *
491  * Returns: Pointer to new bio on success, NULL on failure.
492  */
493 struct bio *bio_alloc_bioset(struct block_device *bdev, unsigned short nr_vecs,
494 			     blk_opf_t opf, gfp_t gfp_mask,
495 			     struct bio_set *bs)
496 {
497 	gfp_t saved_gfp = gfp_mask;
498 	struct bio *bio;
499 	void *p;
500 
501 	/* should not use nobvec bioset for nr_vecs > 0 */
502 	if (WARN_ON_ONCE(!mempool_initialized(&bs->bvec_pool) && nr_vecs > 0))
503 		return NULL;
504 
505 	if (opf & REQ_ALLOC_CACHE) {
506 		if (bs->cache && nr_vecs <= BIO_INLINE_VECS) {
507 			bio = bio_alloc_percpu_cache(bdev, nr_vecs, opf,
508 						     gfp_mask, bs);
509 			if (bio)
510 				return bio;
511 			/*
512 			 * No cached bio available, bio returned below marked with
513 			 * REQ_ALLOC_CACHE to particpate in per-cpu alloc cache.
514 			 */
515 		} else {
516 			opf &= ~REQ_ALLOC_CACHE;
517 		}
518 	}
519 
520 	/*
521 	 * submit_bio_noacct() converts recursion to iteration; this means if
522 	 * we're running beneath it, any bios we allocate and submit will not be
523 	 * submitted (and thus freed) until after we return.
524 	 *
525 	 * This exposes us to a potential deadlock if we allocate multiple bios
526 	 * from the same bio_set() while running underneath submit_bio_noacct().
527 	 * If we were to allocate multiple bios (say a stacking block driver
528 	 * that was splitting bios), we would deadlock if we exhausted the
529 	 * mempool's reserve.
530 	 *
531 	 * We solve this, and guarantee forward progress, with a rescuer
532 	 * workqueue per bio_set. If we go to allocate and there are bios on
533 	 * current->bio_list, we first try the allocation without
534 	 * __GFP_DIRECT_RECLAIM; if that fails, we punt those bios we would be
535 	 * blocking to the rescuer workqueue before we retry with the original
536 	 * gfp_flags.
537 	 */
538 	if (current->bio_list &&
539 	    (!bio_list_empty(&current->bio_list[0]) ||
540 	     !bio_list_empty(&current->bio_list[1])) &&
541 	    bs->rescue_workqueue)
542 		gfp_mask &= ~__GFP_DIRECT_RECLAIM;
543 
544 	p = mempool_alloc(&bs->bio_pool, gfp_mask);
545 	if (!p && gfp_mask != saved_gfp) {
546 		punt_bios_to_rescuer(bs);
547 		gfp_mask = saved_gfp;
548 		p = mempool_alloc(&bs->bio_pool, gfp_mask);
549 	}
550 	if (unlikely(!p))
551 		return NULL;
552 	if (!mempool_is_saturated(&bs->bio_pool))
553 		opf &= ~REQ_ALLOC_CACHE;
554 
555 	bio = p + bs->front_pad;
556 	if (nr_vecs > BIO_INLINE_VECS) {
557 		struct bio_vec *bvl = NULL;
558 
559 		bvl = bvec_alloc(&bs->bvec_pool, &nr_vecs, gfp_mask);
560 		if (!bvl && gfp_mask != saved_gfp) {
561 			punt_bios_to_rescuer(bs);
562 			gfp_mask = saved_gfp;
563 			bvl = bvec_alloc(&bs->bvec_pool, &nr_vecs, gfp_mask);
564 		}
565 		if (unlikely(!bvl))
566 			goto err_free;
567 
568 		bio_init(bio, bdev, bvl, nr_vecs, opf);
569 	} else if (nr_vecs) {
570 		bio_init(bio, bdev, bio->bi_inline_vecs, BIO_INLINE_VECS, opf);
571 	} else {
572 		bio_init(bio, bdev, NULL, 0, opf);
573 	}
574 
575 	bio->bi_pool = bs;
576 	return bio;
577 
578 err_free:
579 	mempool_free(p, &bs->bio_pool);
580 	return NULL;
581 }
582 EXPORT_SYMBOL(bio_alloc_bioset);
583 
584 /**
585  * bio_kmalloc - kmalloc a bio
586  * @nr_vecs:	number of bio_vecs to allocate
587  * @gfp_mask:   the GFP_* mask given to the slab allocator
588  *
589  * Use kmalloc to allocate a bio (including bvecs).  The bio must be initialized
590  * using bio_init() before use.  To free a bio returned from this function use
591  * kfree() after calling bio_uninit().  A bio returned from this function can
592  * be reused by calling bio_uninit() before calling bio_init() again.
593  *
594  * Note that unlike bio_alloc() or bio_alloc_bioset() allocations from this
595  * function are not backed by a mempool can fail.  Do not use this function
596  * for allocations in the file system I/O path.
597  *
598  * Returns: Pointer to new bio on success, NULL on failure.
599  */
600 struct bio *bio_kmalloc(unsigned short nr_vecs, gfp_t gfp_mask)
601 {
602 	struct bio *bio;
603 
604 	if (nr_vecs > UIO_MAXIOV)
605 		return NULL;
606 	return kmalloc(struct_size(bio, bi_inline_vecs, nr_vecs), gfp_mask);
607 }
608 EXPORT_SYMBOL(bio_kmalloc);
609 
610 void zero_fill_bio(struct bio *bio)
611 {
612 	struct bio_vec bv;
613 	struct bvec_iter iter;
614 
615 	bio_for_each_segment(bv, bio, iter)
616 		memzero_bvec(&bv);
617 }
618 EXPORT_SYMBOL(zero_fill_bio);
619 
620 /**
621  * bio_truncate - truncate the bio to small size of @new_size
622  * @bio:	the bio to be truncated
623  * @new_size:	new size for truncating the bio
624  *
625  * Description:
626  *   Truncate the bio to new size of @new_size. If bio_op(bio) is
627  *   REQ_OP_READ, zero the truncated part. This function should only
628  *   be used for handling corner cases, such as bio eod.
629  */
630 static void bio_truncate(struct bio *bio, unsigned new_size)
631 {
632 	struct bio_vec bv;
633 	struct bvec_iter iter;
634 	unsigned int done = 0;
635 	bool truncated = false;
636 
637 	if (new_size >= bio->bi_iter.bi_size)
638 		return;
639 
640 	if (bio_op(bio) != REQ_OP_READ)
641 		goto exit;
642 
643 	bio_for_each_segment(bv, bio, iter) {
644 		if (done + bv.bv_len > new_size) {
645 			unsigned offset;
646 
647 			if (!truncated)
648 				offset = new_size - done;
649 			else
650 				offset = 0;
651 			zero_user(bv.bv_page, bv.bv_offset + offset,
652 				  bv.bv_len - offset);
653 			truncated = true;
654 		}
655 		done += bv.bv_len;
656 	}
657 
658  exit:
659 	/*
660 	 * Don't touch bvec table here and make it really immutable, since
661 	 * fs bio user has to retrieve all pages via bio_for_each_segment_all
662 	 * in its .end_bio() callback.
663 	 *
664 	 * It is enough to truncate bio by updating .bi_size since we can make
665 	 * correct bvec with the updated .bi_size for drivers.
666 	 */
667 	bio->bi_iter.bi_size = new_size;
668 }
669 
670 /**
671  * guard_bio_eod - truncate a BIO to fit the block device
672  * @bio:	bio to truncate
673  *
674  * This allows us to do IO even on the odd last sectors of a device, even if the
675  * block size is some multiple of the physical sector size.
676  *
677  * We'll just truncate the bio to the size of the device, and clear the end of
678  * the buffer head manually.  Truly out-of-range accesses will turn into actual
679  * I/O errors, this only handles the "we need to be able to do I/O at the final
680  * sector" case.
681  */
682 void guard_bio_eod(struct bio *bio)
683 {
684 	sector_t maxsector = bdev_nr_sectors(bio->bi_bdev);
685 
686 	if (!maxsector)
687 		return;
688 
689 	/*
690 	 * If the *whole* IO is past the end of the device,
691 	 * let it through, and the IO layer will turn it into
692 	 * an EIO.
693 	 */
694 	if (unlikely(bio->bi_iter.bi_sector >= maxsector))
695 		return;
696 
697 	maxsector -= bio->bi_iter.bi_sector;
698 	if (likely((bio->bi_iter.bi_size >> 9) <= maxsector))
699 		return;
700 
701 	bio_truncate(bio, maxsector << 9);
702 }
703 
704 static int __bio_alloc_cache_prune(struct bio_alloc_cache *cache,
705 				   unsigned int nr)
706 {
707 	unsigned int i = 0;
708 	struct bio *bio;
709 
710 	while ((bio = cache->free_list) != NULL) {
711 		cache->free_list = bio->bi_next;
712 		cache->nr--;
713 		bio_free(bio);
714 		if (++i == nr)
715 			break;
716 	}
717 	return i;
718 }
719 
720 static void bio_alloc_cache_prune(struct bio_alloc_cache *cache,
721 				  unsigned int nr)
722 {
723 	nr -= __bio_alloc_cache_prune(cache, nr);
724 	if (!READ_ONCE(cache->free_list)) {
725 		bio_alloc_irq_cache_splice(cache);
726 		__bio_alloc_cache_prune(cache, nr);
727 	}
728 }
729 
730 static int bio_cpu_dead(unsigned int cpu, struct hlist_node *node)
731 {
732 	struct bio_set *bs;
733 
734 	bs = hlist_entry_safe(node, struct bio_set, cpuhp_dead);
735 	if (bs->cache) {
736 		struct bio_alloc_cache *cache = per_cpu_ptr(bs->cache, cpu);
737 
738 		bio_alloc_cache_prune(cache, -1U);
739 	}
740 	return 0;
741 }
742 
743 static void bio_alloc_cache_destroy(struct bio_set *bs)
744 {
745 	int cpu;
746 
747 	if (!bs->cache)
748 		return;
749 
750 	cpuhp_state_remove_instance_nocalls(CPUHP_BIO_DEAD, &bs->cpuhp_dead);
751 	for_each_possible_cpu(cpu) {
752 		struct bio_alloc_cache *cache;
753 
754 		cache = per_cpu_ptr(bs->cache, cpu);
755 		bio_alloc_cache_prune(cache, -1U);
756 	}
757 	free_percpu(bs->cache);
758 	bs->cache = NULL;
759 }
760 
761 static inline void bio_put_percpu_cache(struct bio *bio)
762 {
763 	struct bio_alloc_cache *cache;
764 
765 	cache = per_cpu_ptr(bio->bi_pool->cache, get_cpu());
766 	if (READ_ONCE(cache->nr_irq) + cache->nr > ALLOC_CACHE_MAX) {
767 		put_cpu();
768 		bio_free(bio);
769 		return;
770 	}
771 
772 	bio_uninit(bio);
773 
774 	if ((bio->bi_opf & REQ_POLLED) && !WARN_ON_ONCE(in_interrupt())) {
775 		bio->bi_next = cache->free_list;
776 		cache->free_list = bio;
777 		cache->nr++;
778 	} else {
779 		unsigned long flags;
780 
781 		local_irq_save(flags);
782 		bio->bi_next = cache->free_list_irq;
783 		cache->free_list_irq = bio;
784 		cache->nr_irq++;
785 		local_irq_restore(flags);
786 	}
787 	put_cpu();
788 }
789 
790 /**
791  * bio_put - release a reference to a bio
792  * @bio:   bio to release reference to
793  *
794  * Description:
795  *   Put a reference to a &struct bio, either one you have gotten with
796  *   bio_alloc, bio_get or bio_clone_*. The last put of a bio will free it.
797  **/
798 void bio_put(struct bio *bio)
799 {
800 	if (unlikely(bio_flagged(bio, BIO_REFFED))) {
801 		BUG_ON(!atomic_read(&bio->__bi_cnt));
802 		if (!atomic_dec_and_test(&bio->__bi_cnt))
803 			return;
804 	}
805 	if (bio->bi_opf & REQ_ALLOC_CACHE)
806 		bio_put_percpu_cache(bio);
807 	else
808 		bio_free(bio);
809 }
810 EXPORT_SYMBOL(bio_put);
811 
812 static int __bio_clone(struct bio *bio, struct bio *bio_src, gfp_t gfp)
813 {
814 	bio_set_flag(bio, BIO_CLONED);
815 	bio->bi_ioprio = bio_src->bi_ioprio;
816 	bio->bi_iter = bio_src->bi_iter;
817 
818 	if (bio->bi_bdev) {
819 		if (bio->bi_bdev == bio_src->bi_bdev &&
820 		    bio_flagged(bio_src, BIO_REMAPPED))
821 			bio_set_flag(bio, BIO_REMAPPED);
822 		bio_clone_blkg_association(bio, bio_src);
823 	}
824 
825 	if (bio_crypt_clone(bio, bio_src, gfp) < 0)
826 		return -ENOMEM;
827 	if (bio_integrity(bio_src) &&
828 	    bio_integrity_clone(bio, bio_src, gfp) < 0)
829 		return -ENOMEM;
830 	return 0;
831 }
832 
833 /**
834  * bio_alloc_clone - clone a bio that shares the original bio's biovec
835  * @bdev: block_device to clone onto
836  * @bio_src: bio to clone from
837  * @gfp: allocation priority
838  * @bs: bio_set to allocate from
839  *
840  * Allocate a new bio that is a clone of @bio_src. The caller owns the returned
841  * bio, but not the actual data it points to.
842  *
843  * The caller must ensure that the return bio is not freed before @bio_src.
844  */
845 struct bio *bio_alloc_clone(struct block_device *bdev, struct bio *bio_src,
846 		gfp_t gfp, struct bio_set *bs)
847 {
848 	struct bio *bio;
849 
850 	bio = bio_alloc_bioset(bdev, 0, bio_src->bi_opf, gfp, bs);
851 	if (!bio)
852 		return NULL;
853 
854 	if (__bio_clone(bio, bio_src, gfp) < 0) {
855 		bio_put(bio);
856 		return NULL;
857 	}
858 	bio->bi_io_vec = bio_src->bi_io_vec;
859 
860 	return bio;
861 }
862 EXPORT_SYMBOL(bio_alloc_clone);
863 
864 /**
865  * bio_init_clone - clone a bio that shares the original bio's biovec
866  * @bdev: block_device to clone onto
867  * @bio: bio to clone into
868  * @bio_src: bio to clone from
869  * @gfp: allocation priority
870  *
871  * Initialize a new bio in caller provided memory that is a clone of @bio_src.
872  * The caller owns the returned bio, but not the actual data it points to.
873  *
874  * The caller must ensure that @bio_src is not freed before @bio.
875  */
876 int bio_init_clone(struct block_device *bdev, struct bio *bio,
877 		struct bio *bio_src, gfp_t gfp)
878 {
879 	int ret;
880 
881 	bio_init(bio, bdev, bio_src->bi_io_vec, 0, bio_src->bi_opf);
882 	ret = __bio_clone(bio, bio_src, gfp);
883 	if (ret)
884 		bio_uninit(bio);
885 	return ret;
886 }
887 EXPORT_SYMBOL(bio_init_clone);
888 
889 /**
890  * bio_full - check if the bio is full
891  * @bio:	bio to check
892  * @len:	length of one segment to be added
893  *
894  * Return true if @bio is full and one segment with @len bytes can't be
895  * added to the bio, otherwise return false
896  */
897 static inline bool bio_full(struct bio *bio, unsigned len)
898 {
899 	if (bio->bi_vcnt >= bio->bi_max_vecs)
900 		return true;
901 	if (bio->bi_iter.bi_size > UINT_MAX - len)
902 		return true;
903 	return false;
904 }
905 
906 static inline bool page_is_mergeable(const struct bio_vec *bv,
907 		struct page *page, unsigned int len, unsigned int off,
908 		bool *same_page)
909 {
910 	size_t bv_end = bv->bv_offset + bv->bv_len;
911 	phys_addr_t vec_end_addr = page_to_phys(bv->bv_page) + bv_end - 1;
912 	phys_addr_t page_addr = page_to_phys(page);
913 
914 	if (vec_end_addr + 1 != page_addr + off)
915 		return false;
916 	if (xen_domain() && !xen_biovec_phys_mergeable(bv, page))
917 		return false;
918 	if (!zone_device_pages_have_same_pgmap(bv->bv_page, page))
919 		return false;
920 
921 	*same_page = ((vec_end_addr & PAGE_MASK) == page_addr);
922 	if (*same_page)
923 		return true;
924 	else if (IS_ENABLED(CONFIG_KMSAN))
925 		return false;
926 	return (bv->bv_page + bv_end / PAGE_SIZE) == (page + off / PAGE_SIZE);
927 }
928 
929 /**
930  * __bio_try_merge_page - try appending data to an existing bvec.
931  * @bio: destination bio
932  * @page: start page to add
933  * @len: length of the data to add
934  * @off: offset of the data relative to @page
935  * @same_page: return if the segment has been merged inside the same page
936  *
937  * Try to add the data at @page + @off to the last bvec of @bio.  This is a
938  * useful optimisation for file systems with a block size smaller than the
939  * page size.
940  *
941  * Warn if (@len, @off) crosses pages in case that @same_page is true.
942  *
943  * Return %true on success or %false on failure.
944  */
945 static bool __bio_try_merge_page(struct bio *bio, struct page *page,
946 		unsigned int len, unsigned int off, bool *same_page)
947 {
948 	if (WARN_ON_ONCE(bio_flagged(bio, BIO_CLONED)))
949 		return false;
950 
951 	if (bio->bi_vcnt > 0) {
952 		struct bio_vec *bv = &bio->bi_io_vec[bio->bi_vcnt - 1];
953 
954 		if (page_is_mergeable(bv, page, len, off, same_page)) {
955 			if (bio->bi_iter.bi_size > UINT_MAX - len) {
956 				*same_page = false;
957 				return false;
958 			}
959 			bv->bv_len += len;
960 			bio->bi_iter.bi_size += len;
961 			return true;
962 		}
963 	}
964 	return false;
965 }
966 
967 /*
968  * Try to merge a page into a segment, while obeying the hardware segment
969  * size limit.  This is not for normal read/write bios, but for passthrough
970  * or Zone Append operations that we can't split.
971  */
972 static bool bio_try_merge_hw_seg(struct request_queue *q, struct bio *bio,
973 				 struct page *page, unsigned len,
974 				 unsigned offset, bool *same_page)
975 {
976 	struct bio_vec *bv = &bio->bi_io_vec[bio->bi_vcnt - 1];
977 	unsigned long mask = queue_segment_boundary(q);
978 	phys_addr_t addr1 = page_to_phys(bv->bv_page) + bv->bv_offset;
979 	phys_addr_t addr2 = page_to_phys(page) + offset + len - 1;
980 
981 	if ((addr1 | mask) != (addr2 | mask))
982 		return false;
983 	if (bv->bv_len + len > queue_max_segment_size(q))
984 		return false;
985 	return __bio_try_merge_page(bio, page, len, offset, same_page);
986 }
987 
988 /**
989  * bio_add_hw_page - attempt to add a page to a bio with hw constraints
990  * @q: the target queue
991  * @bio: destination bio
992  * @page: page to add
993  * @len: vec entry length
994  * @offset: vec entry offset
995  * @max_sectors: maximum number of sectors that can be added
996  * @same_page: return if the segment has been merged inside the same page
997  *
998  * Add a page to a bio while respecting the hardware max_sectors, max_segment
999  * and gap limitations.
1000  */
1001 int bio_add_hw_page(struct request_queue *q, struct bio *bio,
1002 		struct page *page, unsigned int len, unsigned int offset,
1003 		unsigned int max_sectors, bool *same_page)
1004 {
1005 	struct bio_vec *bvec;
1006 
1007 	if (WARN_ON_ONCE(bio_flagged(bio, BIO_CLONED)))
1008 		return 0;
1009 
1010 	if (((bio->bi_iter.bi_size + len) >> 9) > max_sectors)
1011 		return 0;
1012 
1013 	if (bio->bi_vcnt > 0) {
1014 		if (bio_try_merge_hw_seg(q, bio, page, len, offset, same_page))
1015 			return len;
1016 
1017 		/*
1018 		 * If the queue doesn't support SG gaps and adding this segment
1019 		 * would create a gap, disallow it.
1020 		 */
1021 		bvec = &bio->bi_io_vec[bio->bi_vcnt - 1];
1022 		if (bvec_gap_to_prev(&q->limits, bvec, offset))
1023 			return 0;
1024 	}
1025 
1026 	if (bio_full(bio, len))
1027 		return 0;
1028 
1029 	if (bio->bi_vcnt >= queue_max_segments(q))
1030 		return 0;
1031 
1032 	bvec = &bio->bi_io_vec[bio->bi_vcnt];
1033 	bvec->bv_page = page;
1034 	bvec->bv_len = len;
1035 	bvec->bv_offset = offset;
1036 	bio->bi_vcnt++;
1037 	bio->bi_iter.bi_size += len;
1038 	return len;
1039 }
1040 
1041 /**
1042  * bio_add_pc_page	- attempt to add page to passthrough bio
1043  * @q: the target queue
1044  * @bio: destination bio
1045  * @page: page to add
1046  * @len: vec entry length
1047  * @offset: vec entry offset
1048  *
1049  * Attempt to add a page to the bio_vec maplist. This can fail for a
1050  * number of reasons, such as the bio being full or target block device
1051  * limitations. The target block device must allow bio's up to PAGE_SIZE,
1052  * so it is always possible to add a single page to an empty bio.
1053  *
1054  * This should only be used by passthrough bios.
1055  */
1056 int bio_add_pc_page(struct request_queue *q, struct bio *bio,
1057 		struct page *page, unsigned int len, unsigned int offset)
1058 {
1059 	bool same_page = false;
1060 	return bio_add_hw_page(q, bio, page, len, offset,
1061 			queue_max_hw_sectors(q), &same_page);
1062 }
1063 EXPORT_SYMBOL(bio_add_pc_page);
1064 
1065 /**
1066  * bio_add_zone_append_page - attempt to add page to zone-append bio
1067  * @bio: destination bio
1068  * @page: page to add
1069  * @len: vec entry length
1070  * @offset: vec entry offset
1071  *
1072  * Attempt to add a page to the bio_vec maplist of a bio that will be submitted
1073  * for a zone-append request. This can fail for a number of reasons, such as the
1074  * bio being full or the target block device is not a zoned block device or
1075  * other limitations of the target block device. The target block device must
1076  * allow bio's up to PAGE_SIZE, so it is always possible to add a single page
1077  * to an empty bio.
1078  *
1079  * Returns: number of bytes added to the bio, or 0 in case of a failure.
1080  */
1081 int bio_add_zone_append_page(struct bio *bio, struct page *page,
1082 			     unsigned int len, unsigned int offset)
1083 {
1084 	struct request_queue *q = bdev_get_queue(bio->bi_bdev);
1085 	bool same_page = false;
1086 
1087 	if (WARN_ON_ONCE(bio_op(bio) != REQ_OP_ZONE_APPEND))
1088 		return 0;
1089 
1090 	if (WARN_ON_ONCE(!bdev_is_zoned(bio->bi_bdev)))
1091 		return 0;
1092 
1093 	return bio_add_hw_page(q, bio, page, len, offset,
1094 			       queue_max_zone_append_sectors(q), &same_page);
1095 }
1096 EXPORT_SYMBOL_GPL(bio_add_zone_append_page);
1097 
1098 /**
1099  * __bio_add_page - add page(s) to a bio in a new segment
1100  * @bio: destination bio
1101  * @page: start page to add
1102  * @len: length of the data to add, may cross pages
1103  * @off: offset of the data relative to @page, may cross pages
1104  *
1105  * Add the data at @page + @off to @bio as a new bvec.  The caller must ensure
1106  * that @bio has space for another bvec.
1107  */
1108 void __bio_add_page(struct bio *bio, struct page *page,
1109 		unsigned int len, unsigned int off)
1110 {
1111 	struct bio_vec *bv = &bio->bi_io_vec[bio->bi_vcnt];
1112 
1113 	WARN_ON_ONCE(bio_flagged(bio, BIO_CLONED));
1114 	WARN_ON_ONCE(bio_full(bio, len));
1115 
1116 	bv->bv_page = page;
1117 	bv->bv_offset = off;
1118 	bv->bv_len = len;
1119 
1120 	bio->bi_iter.bi_size += len;
1121 	bio->bi_vcnt++;
1122 }
1123 EXPORT_SYMBOL_GPL(__bio_add_page);
1124 
1125 /**
1126  *	bio_add_page	-	attempt to add page(s) to bio
1127  *	@bio: destination bio
1128  *	@page: start page to add
1129  *	@len: vec entry length, may cross pages
1130  *	@offset: vec entry offset relative to @page, may cross pages
1131  *
1132  *	Attempt to add page(s) to the bio_vec maplist. This will only fail
1133  *	if either bio->bi_vcnt == bio->bi_max_vecs or it's a cloned bio.
1134  */
1135 int bio_add_page(struct bio *bio, struct page *page,
1136 		 unsigned int len, unsigned int offset)
1137 {
1138 	bool same_page = false;
1139 
1140 	if (!__bio_try_merge_page(bio, page, len, offset, &same_page)) {
1141 		if (bio_full(bio, len))
1142 			return 0;
1143 		__bio_add_page(bio, page, len, offset);
1144 	}
1145 	return len;
1146 }
1147 EXPORT_SYMBOL(bio_add_page);
1148 
1149 /**
1150  * bio_add_folio - Attempt to add part of a folio to a bio.
1151  * @bio: BIO to add to.
1152  * @folio: Folio to add.
1153  * @len: How many bytes from the folio to add.
1154  * @off: First byte in this folio to add.
1155  *
1156  * Filesystems that use folios can call this function instead of calling
1157  * bio_add_page() for each page in the folio.  If @off is bigger than
1158  * PAGE_SIZE, this function can create a bio_vec that starts in a page
1159  * after the bv_page.  BIOs do not support folios that are 4GiB or larger.
1160  *
1161  * Return: Whether the addition was successful.
1162  */
1163 bool bio_add_folio(struct bio *bio, struct folio *folio, size_t len,
1164 		   size_t off)
1165 {
1166 	if (len > UINT_MAX || off > UINT_MAX)
1167 		return false;
1168 	return bio_add_page(bio, &folio->page, len, off) > 0;
1169 }
1170 
1171 void __bio_release_pages(struct bio *bio, bool mark_dirty)
1172 {
1173 	struct bvec_iter_all iter_all;
1174 	struct bio_vec *bvec;
1175 
1176 	bio_for_each_segment_all(bvec, bio, iter_all) {
1177 		if (mark_dirty && !PageCompound(bvec->bv_page))
1178 			set_page_dirty_lock(bvec->bv_page);
1179 		put_page(bvec->bv_page);
1180 	}
1181 }
1182 EXPORT_SYMBOL_GPL(__bio_release_pages);
1183 
1184 void bio_iov_bvec_set(struct bio *bio, struct iov_iter *iter)
1185 {
1186 	size_t size = iov_iter_count(iter);
1187 
1188 	WARN_ON_ONCE(bio->bi_max_vecs);
1189 
1190 	if (bio_op(bio) == REQ_OP_ZONE_APPEND) {
1191 		struct request_queue *q = bdev_get_queue(bio->bi_bdev);
1192 		size_t max_sectors = queue_max_zone_append_sectors(q);
1193 
1194 		size = min(size, max_sectors << SECTOR_SHIFT);
1195 	}
1196 
1197 	bio->bi_vcnt = iter->nr_segs;
1198 	bio->bi_io_vec = (struct bio_vec *)iter->bvec;
1199 	bio->bi_iter.bi_bvec_done = iter->iov_offset;
1200 	bio->bi_iter.bi_size = size;
1201 	bio_set_flag(bio, BIO_NO_PAGE_REF);
1202 	bio_set_flag(bio, BIO_CLONED);
1203 }
1204 
1205 static int bio_iov_add_page(struct bio *bio, struct page *page,
1206 		unsigned int len, unsigned int offset)
1207 {
1208 	bool same_page = false;
1209 
1210 	if (!__bio_try_merge_page(bio, page, len, offset, &same_page)) {
1211 		__bio_add_page(bio, page, len, offset);
1212 		return 0;
1213 	}
1214 
1215 	if (same_page)
1216 		put_page(page);
1217 	return 0;
1218 }
1219 
1220 static int bio_iov_add_zone_append_page(struct bio *bio, struct page *page,
1221 		unsigned int len, unsigned int offset)
1222 {
1223 	struct request_queue *q = bdev_get_queue(bio->bi_bdev);
1224 	bool same_page = false;
1225 
1226 	if (bio_add_hw_page(q, bio, page, len, offset,
1227 			queue_max_zone_append_sectors(q), &same_page) != len)
1228 		return -EINVAL;
1229 	if (same_page)
1230 		put_page(page);
1231 	return 0;
1232 }
1233 
1234 #define PAGE_PTRS_PER_BVEC     (sizeof(struct bio_vec) / sizeof(struct page *))
1235 
1236 /**
1237  * __bio_iov_iter_get_pages - pin user or kernel pages and add them to a bio
1238  * @bio: bio to add pages to
1239  * @iter: iov iterator describing the region to be mapped
1240  *
1241  * Pins pages from *iter and appends them to @bio's bvec array. The
1242  * pages will have to be released using put_page() when done.
1243  * For multi-segment *iter, this function only adds pages from the
1244  * next non-empty segment of the iov iterator.
1245  */
1246 static int __bio_iov_iter_get_pages(struct bio *bio, struct iov_iter *iter)
1247 {
1248 	unsigned short nr_pages = bio->bi_max_vecs - bio->bi_vcnt;
1249 	unsigned short entries_left = bio->bi_max_vecs - bio->bi_vcnt;
1250 	struct bio_vec *bv = bio->bi_io_vec + bio->bi_vcnt;
1251 	struct page **pages = (struct page **)bv;
1252 	unsigned int gup_flags = 0;
1253 	ssize_t size, left;
1254 	unsigned len, i = 0;
1255 	size_t offset, trim;
1256 	int ret = 0;
1257 
1258 	/*
1259 	 * Move page array up in the allocated memory for the bio vecs as far as
1260 	 * possible so that we can start filling biovecs from the beginning
1261 	 * without overwriting the temporary page array.
1262 	 */
1263 	BUILD_BUG_ON(PAGE_PTRS_PER_BVEC < 2);
1264 	pages += entries_left * (PAGE_PTRS_PER_BVEC - 1);
1265 
1266 	if (bio->bi_bdev && blk_queue_pci_p2pdma(bio->bi_bdev->bd_disk->queue))
1267 		gup_flags |= FOLL_PCI_P2PDMA;
1268 
1269 	/*
1270 	 * Each segment in the iov is required to be a block size multiple.
1271 	 * However, we may not be able to get the entire segment if it spans
1272 	 * more pages than bi_max_vecs allows, so we have to ALIGN_DOWN the
1273 	 * result to ensure the bio's total size is correct. The remainder of
1274 	 * the iov data will be picked up in the next bio iteration.
1275 	 */
1276 	size = iov_iter_get_pages(iter, pages,
1277 				  UINT_MAX - bio->bi_iter.bi_size,
1278 				  nr_pages, &offset, gup_flags);
1279 	if (unlikely(size <= 0))
1280 		return size ? size : -EFAULT;
1281 
1282 	nr_pages = DIV_ROUND_UP(offset + size, PAGE_SIZE);
1283 
1284 	trim = size & (bdev_logical_block_size(bio->bi_bdev) - 1);
1285 	iov_iter_revert(iter, trim);
1286 
1287 	size -= trim;
1288 	if (unlikely(!size)) {
1289 		ret = -EFAULT;
1290 		goto out;
1291 	}
1292 
1293 	for (left = size, i = 0; left > 0; left -= len, i++) {
1294 		struct page *page = pages[i];
1295 
1296 		len = min_t(size_t, PAGE_SIZE - offset, left);
1297 		if (bio_op(bio) == REQ_OP_ZONE_APPEND) {
1298 			ret = bio_iov_add_zone_append_page(bio, page, len,
1299 					offset);
1300 			if (ret)
1301 				break;
1302 		} else
1303 			bio_iov_add_page(bio, page, len, offset);
1304 
1305 		offset = 0;
1306 	}
1307 
1308 	iov_iter_revert(iter, left);
1309 out:
1310 	while (i < nr_pages)
1311 		put_page(pages[i++]);
1312 
1313 	return ret;
1314 }
1315 
1316 /**
1317  * bio_iov_iter_get_pages - add user or kernel pages to a bio
1318  * @bio: bio to add pages to
1319  * @iter: iov iterator describing the region to be added
1320  *
1321  * This takes either an iterator pointing to user memory, or one pointing to
1322  * kernel pages (BVEC iterator). If we're adding user pages, we pin them and
1323  * map them into the kernel. On IO completion, the caller should put those
1324  * pages. For bvec based iterators bio_iov_iter_get_pages() uses the provided
1325  * bvecs rather than copying them. Hence anyone issuing kiocb based IO needs
1326  * to ensure the bvecs and pages stay referenced until the submitted I/O is
1327  * completed by a call to ->ki_complete() or returns with an error other than
1328  * -EIOCBQUEUED. The caller needs to check if the bio is flagged BIO_NO_PAGE_REF
1329  * on IO completion. If it isn't, then pages should be released.
1330  *
1331  * The function tries, but does not guarantee, to pin as many pages as
1332  * fit into the bio, or are requested in @iter, whatever is smaller. If
1333  * MM encounters an error pinning the requested pages, it stops. Error
1334  * is returned only if 0 pages could be pinned.
1335  */
1336 int bio_iov_iter_get_pages(struct bio *bio, struct iov_iter *iter)
1337 {
1338 	int ret = 0;
1339 
1340 	if (iov_iter_is_bvec(iter)) {
1341 		bio_iov_bvec_set(bio, iter);
1342 		iov_iter_advance(iter, bio->bi_iter.bi_size);
1343 		return 0;
1344 	}
1345 
1346 	do {
1347 		ret = __bio_iov_iter_get_pages(bio, iter);
1348 	} while (!ret && iov_iter_count(iter) && !bio_full(bio, 0));
1349 
1350 	return bio->bi_vcnt ? 0 : ret;
1351 }
1352 EXPORT_SYMBOL_GPL(bio_iov_iter_get_pages);
1353 
1354 static void submit_bio_wait_endio(struct bio *bio)
1355 {
1356 	complete(bio->bi_private);
1357 }
1358 
1359 /**
1360  * submit_bio_wait - submit a bio, and wait until it completes
1361  * @bio: The &struct bio which describes the I/O
1362  *
1363  * Simple wrapper around submit_bio(). Returns 0 on success, or the error from
1364  * bio_endio() on failure.
1365  *
1366  * WARNING: Unlike to how submit_bio() is usually used, this function does not
1367  * result in bio reference to be consumed. The caller must drop the reference
1368  * on his own.
1369  */
1370 int submit_bio_wait(struct bio *bio)
1371 {
1372 	DECLARE_COMPLETION_ONSTACK_MAP(done,
1373 			bio->bi_bdev->bd_disk->lockdep_map);
1374 	unsigned long hang_check;
1375 
1376 	bio->bi_private = &done;
1377 	bio->bi_end_io = submit_bio_wait_endio;
1378 	bio->bi_opf |= REQ_SYNC;
1379 	submit_bio(bio);
1380 
1381 	/* Prevent hang_check timer from firing at us during very long I/O */
1382 	hang_check = sysctl_hung_task_timeout_secs;
1383 	if (hang_check)
1384 		while (!wait_for_completion_io_timeout(&done,
1385 					hang_check * (HZ/2)))
1386 			;
1387 	else
1388 		wait_for_completion_io(&done);
1389 
1390 	return blk_status_to_errno(bio->bi_status);
1391 }
1392 EXPORT_SYMBOL(submit_bio_wait);
1393 
1394 void __bio_advance(struct bio *bio, unsigned bytes)
1395 {
1396 	if (bio_integrity(bio))
1397 		bio_integrity_advance(bio, bytes);
1398 
1399 	bio_crypt_advance(bio, bytes);
1400 	bio_advance_iter(bio, &bio->bi_iter, bytes);
1401 }
1402 EXPORT_SYMBOL(__bio_advance);
1403 
1404 void bio_copy_data_iter(struct bio *dst, struct bvec_iter *dst_iter,
1405 			struct bio *src, struct bvec_iter *src_iter)
1406 {
1407 	while (src_iter->bi_size && dst_iter->bi_size) {
1408 		struct bio_vec src_bv = bio_iter_iovec(src, *src_iter);
1409 		struct bio_vec dst_bv = bio_iter_iovec(dst, *dst_iter);
1410 		unsigned int bytes = min(src_bv.bv_len, dst_bv.bv_len);
1411 		void *src_buf = bvec_kmap_local(&src_bv);
1412 		void *dst_buf = bvec_kmap_local(&dst_bv);
1413 
1414 		memcpy(dst_buf, src_buf, bytes);
1415 
1416 		kunmap_local(dst_buf);
1417 		kunmap_local(src_buf);
1418 
1419 		bio_advance_iter_single(src, src_iter, bytes);
1420 		bio_advance_iter_single(dst, dst_iter, bytes);
1421 	}
1422 }
1423 EXPORT_SYMBOL(bio_copy_data_iter);
1424 
1425 /**
1426  * bio_copy_data - copy contents of data buffers from one bio to another
1427  * @src: source bio
1428  * @dst: destination bio
1429  *
1430  * Stops when it reaches the end of either @src or @dst - that is, copies
1431  * min(src->bi_size, dst->bi_size) bytes (or the equivalent for lists of bios).
1432  */
1433 void bio_copy_data(struct bio *dst, struct bio *src)
1434 {
1435 	struct bvec_iter src_iter = src->bi_iter;
1436 	struct bvec_iter dst_iter = dst->bi_iter;
1437 
1438 	bio_copy_data_iter(dst, &dst_iter, src, &src_iter);
1439 }
1440 EXPORT_SYMBOL(bio_copy_data);
1441 
1442 void bio_free_pages(struct bio *bio)
1443 {
1444 	struct bio_vec *bvec;
1445 	struct bvec_iter_all iter_all;
1446 
1447 	bio_for_each_segment_all(bvec, bio, iter_all)
1448 		__free_page(bvec->bv_page);
1449 }
1450 EXPORT_SYMBOL(bio_free_pages);
1451 
1452 /*
1453  * bio_set_pages_dirty() and bio_check_pages_dirty() are support functions
1454  * for performing direct-IO in BIOs.
1455  *
1456  * The problem is that we cannot run set_page_dirty() from interrupt context
1457  * because the required locks are not interrupt-safe.  So what we can do is to
1458  * mark the pages dirty _before_ performing IO.  And in interrupt context,
1459  * check that the pages are still dirty.   If so, fine.  If not, redirty them
1460  * in process context.
1461  *
1462  * We special-case compound pages here: normally this means reads into hugetlb
1463  * pages.  The logic in here doesn't really work right for compound pages
1464  * because the VM does not uniformly chase down the head page in all cases.
1465  * But dirtiness of compound pages is pretty meaningless anyway: the VM doesn't
1466  * handle them at all.  So we skip compound pages here at an early stage.
1467  *
1468  * Note that this code is very hard to test under normal circumstances because
1469  * direct-io pins the pages with get_user_pages().  This makes
1470  * is_page_cache_freeable return false, and the VM will not clean the pages.
1471  * But other code (eg, flusher threads) could clean the pages if they are mapped
1472  * pagecache.
1473  *
1474  * Simply disabling the call to bio_set_pages_dirty() is a good way to test the
1475  * deferred bio dirtying paths.
1476  */
1477 
1478 /*
1479  * bio_set_pages_dirty() will mark all the bio's pages as dirty.
1480  */
1481 void bio_set_pages_dirty(struct bio *bio)
1482 {
1483 	struct bio_vec *bvec;
1484 	struct bvec_iter_all iter_all;
1485 
1486 	bio_for_each_segment_all(bvec, bio, iter_all) {
1487 		if (!PageCompound(bvec->bv_page))
1488 			set_page_dirty_lock(bvec->bv_page);
1489 	}
1490 }
1491 
1492 /*
1493  * bio_check_pages_dirty() will check that all the BIO's pages are still dirty.
1494  * If they are, then fine.  If, however, some pages are clean then they must
1495  * have been written out during the direct-IO read.  So we take another ref on
1496  * the BIO and re-dirty the pages in process context.
1497  *
1498  * It is expected that bio_check_pages_dirty() will wholly own the BIO from
1499  * here on.  It will run one put_page() against each page and will run one
1500  * bio_put() against the BIO.
1501  */
1502 
1503 static void bio_dirty_fn(struct work_struct *work);
1504 
1505 static DECLARE_WORK(bio_dirty_work, bio_dirty_fn);
1506 static DEFINE_SPINLOCK(bio_dirty_lock);
1507 static struct bio *bio_dirty_list;
1508 
1509 /*
1510  * This runs in process context
1511  */
1512 static void bio_dirty_fn(struct work_struct *work)
1513 {
1514 	struct bio *bio, *next;
1515 
1516 	spin_lock_irq(&bio_dirty_lock);
1517 	next = bio_dirty_list;
1518 	bio_dirty_list = NULL;
1519 	spin_unlock_irq(&bio_dirty_lock);
1520 
1521 	while ((bio = next) != NULL) {
1522 		next = bio->bi_private;
1523 
1524 		bio_release_pages(bio, true);
1525 		bio_put(bio);
1526 	}
1527 }
1528 
1529 void bio_check_pages_dirty(struct bio *bio)
1530 {
1531 	struct bio_vec *bvec;
1532 	unsigned long flags;
1533 	struct bvec_iter_all iter_all;
1534 
1535 	bio_for_each_segment_all(bvec, bio, iter_all) {
1536 		if (!PageDirty(bvec->bv_page) && !PageCompound(bvec->bv_page))
1537 			goto defer;
1538 	}
1539 
1540 	bio_release_pages(bio, false);
1541 	bio_put(bio);
1542 	return;
1543 defer:
1544 	spin_lock_irqsave(&bio_dirty_lock, flags);
1545 	bio->bi_private = bio_dirty_list;
1546 	bio_dirty_list = bio;
1547 	spin_unlock_irqrestore(&bio_dirty_lock, flags);
1548 	schedule_work(&bio_dirty_work);
1549 }
1550 
1551 static inline bool bio_remaining_done(struct bio *bio)
1552 {
1553 	/*
1554 	 * If we're not chaining, then ->__bi_remaining is always 1 and
1555 	 * we always end io on the first invocation.
1556 	 */
1557 	if (!bio_flagged(bio, BIO_CHAIN))
1558 		return true;
1559 
1560 	BUG_ON(atomic_read(&bio->__bi_remaining) <= 0);
1561 
1562 	if (atomic_dec_and_test(&bio->__bi_remaining)) {
1563 		bio_clear_flag(bio, BIO_CHAIN);
1564 		return true;
1565 	}
1566 
1567 	return false;
1568 }
1569 
1570 /**
1571  * bio_endio - end I/O on a bio
1572  * @bio:	bio
1573  *
1574  * Description:
1575  *   bio_endio() will end I/O on the whole bio. bio_endio() is the preferred
1576  *   way to end I/O on a bio. No one should call bi_end_io() directly on a
1577  *   bio unless they own it and thus know that it has an end_io function.
1578  *
1579  *   bio_endio() can be called several times on a bio that has been chained
1580  *   using bio_chain().  The ->bi_end_io() function will only be called the
1581  *   last time.
1582  **/
1583 void bio_endio(struct bio *bio)
1584 {
1585 again:
1586 	if (!bio_remaining_done(bio))
1587 		return;
1588 	if (!bio_integrity_endio(bio))
1589 		return;
1590 
1591 	rq_qos_done_bio(bio);
1592 
1593 	if (bio->bi_bdev && bio_flagged(bio, BIO_TRACE_COMPLETION)) {
1594 		trace_block_bio_complete(bdev_get_queue(bio->bi_bdev), bio);
1595 		bio_clear_flag(bio, BIO_TRACE_COMPLETION);
1596 	}
1597 
1598 	/*
1599 	 * Need to have a real endio function for chained bios, otherwise
1600 	 * various corner cases will break (like stacking block devices that
1601 	 * save/restore bi_end_io) - however, we want to avoid unbounded
1602 	 * recursion and blowing the stack. Tail call optimization would
1603 	 * handle this, but compiling with frame pointers also disables
1604 	 * gcc's sibling call optimization.
1605 	 */
1606 	if (bio->bi_end_io == bio_chain_endio) {
1607 		bio = __bio_chain_endio(bio);
1608 		goto again;
1609 	}
1610 
1611 	blk_throtl_bio_endio(bio);
1612 	/* release cgroup info */
1613 	bio_uninit(bio);
1614 	if (bio->bi_end_io)
1615 		bio->bi_end_io(bio);
1616 }
1617 EXPORT_SYMBOL(bio_endio);
1618 
1619 /**
1620  * bio_split - split a bio
1621  * @bio:	bio to split
1622  * @sectors:	number of sectors to split from the front of @bio
1623  * @gfp:	gfp mask
1624  * @bs:		bio set to allocate from
1625  *
1626  * Allocates and returns a new bio which represents @sectors from the start of
1627  * @bio, and updates @bio to represent the remaining sectors.
1628  *
1629  * Unless this is a discard request the newly allocated bio will point
1630  * to @bio's bi_io_vec. It is the caller's responsibility to ensure that
1631  * neither @bio nor @bs are freed before the split bio.
1632  */
1633 struct bio *bio_split(struct bio *bio, int sectors,
1634 		      gfp_t gfp, struct bio_set *bs)
1635 {
1636 	struct bio *split;
1637 
1638 	BUG_ON(sectors <= 0);
1639 	BUG_ON(sectors >= bio_sectors(bio));
1640 
1641 	/* Zone append commands cannot be split */
1642 	if (WARN_ON_ONCE(bio_op(bio) == REQ_OP_ZONE_APPEND))
1643 		return NULL;
1644 
1645 	split = bio_alloc_clone(bio->bi_bdev, bio, gfp, bs);
1646 	if (!split)
1647 		return NULL;
1648 
1649 	split->bi_iter.bi_size = sectors << 9;
1650 
1651 	if (bio_integrity(split))
1652 		bio_integrity_trim(split);
1653 
1654 	bio_advance(bio, split->bi_iter.bi_size);
1655 
1656 	if (bio_flagged(bio, BIO_TRACE_COMPLETION))
1657 		bio_set_flag(split, BIO_TRACE_COMPLETION);
1658 
1659 	return split;
1660 }
1661 EXPORT_SYMBOL(bio_split);
1662 
1663 /**
1664  * bio_trim - trim a bio
1665  * @bio:	bio to trim
1666  * @offset:	number of sectors to trim from the front of @bio
1667  * @size:	size we want to trim @bio to, in sectors
1668  *
1669  * This function is typically used for bios that are cloned and submitted
1670  * to the underlying device in parts.
1671  */
1672 void bio_trim(struct bio *bio, sector_t offset, sector_t size)
1673 {
1674 	if (WARN_ON_ONCE(offset > BIO_MAX_SECTORS || size > BIO_MAX_SECTORS ||
1675 			 offset + size > bio_sectors(bio)))
1676 		return;
1677 
1678 	size <<= 9;
1679 	if (offset == 0 && size == bio->bi_iter.bi_size)
1680 		return;
1681 
1682 	bio_advance(bio, offset << 9);
1683 	bio->bi_iter.bi_size = size;
1684 
1685 	if (bio_integrity(bio))
1686 		bio_integrity_trim(bio);
1687 }
1688 EXPORT_SYMBOL_GPL(bio_trim);
1689 
1690 /*
1691  * create memory pools for biovec's in a bio_set.
1692  * use the global biovec slabs created for general use.
1693  */
1694 int biovec_init_pool(mempool_t *pool, int pool_entries)
1695 {
1696 	struct biovec_slab *bp = bvec_slabs + ARRAY_SIZE(bvec_slabs) - 1;
1697 
1698 	return mempool_init_slab_pool(pool, pool_entries, bp->slab);
1699 }
1700 
1701 /*
1702  * bioset_exit - exit a bioset initialized with bioset_init()
1703  *
1704  * May be called on a zeroed but uninitialized bioset (i.e. allocated with
1705  * kzalloc()).
1706  */
1707 void bioset_exit(struct bio_set *bs)
1708 {
1709 	bio_alloc_cache_destroy(bs);
1710 	if (bs->rescue_workqueue)
1711 		destroy_workqueue(bs->rescue_workqueue);
1712 	bs->rescue_workqueue = NULL;
1713 
1714 	mempool_exit(&bs->bio_pool);
1715 	mempool_exit(&bs->bvec_pool);
1716 
1717 	bioset_integrity_free(bs);
1718 	if (bs->bio_slab)
1719 		bio_put_slab(bs);
1720 	bs->bio_slab = NULL;
1721 }
1722 EXPORT_SYMBOL(bioset_exit);
1723 
1724 /**
1725  * bioset_init - Initialize a bio_set
1726  * @bs:		pool to initialize
1727  * @pool_size:	Number of bio and bio_vecs to cache in the mempool
1728  * @front_pad:	Number of bytes to allocate in front of the returned bio
1729  * @flags:	Flags to modify behavior, currently %BIOSET_NEED_BVECS
1730  *              and %BIOSET_NEED_RESCUER
1731  *
1732  * Description:
1733  *    Set up a bio_set to be used with @bio_alloc_bioset. Allows the caller
1734  *    to ask for a number of bytes to be allocated in front of the bio.
1735  *    Front pad allocation is useful for embedding the bio inside
1736  *    another structure, to avoid allocating extra data to go with the bio.
1737  *    Note that the bio must be embedded at the END of that structure always,
1738  *    or things will break badly.
1739  *    If %BIOSET_NEED_BVECS is set in @flags, a separate pool will be allocated
1740  *    for allocating iovecs.  This pool is not needed e.g. for bio_init_clone().
1741  *    If %BIOSET_NEED_RESCUER is set, a workqueue is created which can be used
1742  *    to dispatch queued requests when the mempool runs out of space.
1743  *
1744  */
1745 int bioset_init(struct bio_set *bs,
1746 		unsigned int pool_size,
1747 		unsigned int front_pad,
1748 		int flags)
1749 {
1750 	bs->front_pad = front_pad;
1751 	if (flags & BIOSET_NEED_BVECS)
1752 		bs->back_pad = BIO_INLINE_VECS * sizeof(struct bio_vec);
1753 	else
1754 		bs->back_pad = 0;
1755 
1756 	spin_lock_init(&bs->rescue_lock);
1757 	bio_list_init(&bs->rescue_list);
1758 	INIT_WORK(&bs->rescue_work, bio_alloc_rescue);
1759 
1760 	bs->bio_slab = bio_find_or_create_slab(bs);
1761 	if (!bs->bio_slab)
1762 		return -ENOMEM;
1763 
1764 	if (mempool_init_slab_pool(&bs->bio_pool, pool_size, bs->bio_slab))
1765 		goto bad;
1766 
1767 	if ((flags & BIOSET_NEED_BVECS) &&
1768 	    biovec_init_pool(&bs->bvec_pool, pool_size))
1769 		goto bad;
1770 
1771 	if (flags & BIOSET_NEED_RESCUER) {
1772 		bs->rescue_workqueue = alloc_workqueue("bioset",
1773 							WQ_MEM_RECLAIM, 0);
1774 		if (!bs->rescue_workqueue)
1775 			goto bad;
1776 	}
1777 	if (flags & BIOSET_PERCPU_CACHE) {
1778 		bs->cache = alloc_percpu(struct bio_alloc_cache);
1779 		if (!bs->cache)
1780 			goto bad;
1781 		cpuhp_state_add_instance_nocalls(CPUHP_BIO_DEAD, &bs->cpuhp_dead);
1782 	}
1783 
1784 	return 0;
1785 bad:
1786 	bioset_exit(bs);
1787 	return -ENOMEM;
1788 }
1789 EXPORT_SYMBOL(bioset_init);
1790 
1791 static int __init init_bio(void)
1792 {
1793 	int i;
1794 
1795 	bio_integrity_init();
1796 
1797 	for (i = 0; i < ARRAY_SIZE(bvec_slabs); i++) {
1798 		struct biovec_slab *bvs = bvec_slabs + i;
1799 
1800 		bvs->slab = kmem_cache_create(bvs->name,
1801 				bvs->nr_vecs * sizeof(struct bio_vec), 0,
1802 				SLAB_HWCACHE_ALIGN | SLAB_PANIC, NULL);
1803 	}
1804 
1805 	cpuhp_setup_state_multi(CPUHP_BIO_DEAD, "block/bio:dead", NULL,
1806 					bio_cpu_dead);
1807 
1808 	if (bioset_init(&fs_bio_set, BIO_POOL_SIZE, 0,
1809 			BIOSET_NEED_BVECS | BIOSET_PERCPU_CACHE))
1810 		panic("bio: can't allocate bios\n");
1811 
1812 	if (bioset_integrity_create(&fs_bio_set, BIO_POOL_SIZE))
1813 		panic("bio: can't create integrity pool\n");
1814 
1815 	return 0;
1816 }
1817 subsys_initcall(init_bio);
1818