xref: /openbmc/linux/fs/ceph/file.c (revision 31eeb6b0)
1 // SPDX-License-Identifier: GPL-2.0
2 #include <linux/ceph/ceph_debug.h>
3 #include <linux/ceph/striper.h>
4 
5 #include <linux/module.h>
6 #include <linux/sched.h>
7 #include <linux/slab.h>
8 #include <linux/file.h>
9 #include <linux/mount.h>
10 #include <linux/namei.h>
11 #include <linux/writeback.h>
12 #include <linux/falloc.h>
13 #include <linux/iversion.h>
14 #include <linux/ktime.h>
15 
16 #include "super.h"
17 #include "mds_client.h"
18 #include "cache.h"
19 #include "io.h"
20 #include "metric.h"
21 
22 static __le32 ceph_flags_sys2wire(u32 flags)
23 {
24 	u32 wire_flags = 0;
25 
26 	switch (flags & O_ACCMODE) {
27 	case O_RDONLY:
28 		wire_flags |= CEPH_O_RDONLY;
29 		break;
30 	case O_WRONLY:
31 		wire_flags |= CEPH_O_WRONLY;
32 		break;
33 	case O_RDWR:
34 		wire_flags |= CEPH_O_RDWR;
35 		break;
36 	}
37 
38 	flags &= ~O_ACCMODE;
39 
40 #define ceph_sys2wire(a) if (flags & a) { wire_flags |= CEPH_##a; flags &= ~a; }
41 
42 	ceph_sys2wire(O_CREAT);
43 	ceph_sys2wire(O_EXCL);
44 	ceph_sys2wire(O_TRUNC);
45 	ceph_sys2wire(O_DIRECTORY);
46 	ceph_sys2wire(O_NOFOLLOW);
47 
48 #undef ceph_sys2wire
49 
50 	if (flags)
51 		dout("unused open flags: %x\n", flags);
52 
53 	return cpu_to_le32(wire_flags);
54 }
55 
56 /*
57  * Ceph file operations
58  *
59  * Implement basic open/close functionality, and implement
60  * read/write.
61  *
62  * We implement three modes of file I/O:
63  *  - buffered uses the generic_file_aio_{read,write} helpers
64  *
65  *  - synchronous is used when there is multi-client read/write
66  *    sharing, avoids the page cache, and synchronously waits for an
67  *    ack from the OSD.
68  *
69  *  - direct io takes the variant of the sync path that references
70  *    user pages directly.
71  *
72  * fsync() flushes and waits on dirty pages, but just queues metadata
73  * for writeback: since the MDS can recover size and mtime there is no
74  * need to wait for MDS acknowledgement.
75  */
76 
77 /*
78  * How many pages to get in one call to iov_iter_get_pages().  This
79  * determines the size of the on-stack array used as a buffer.
80  */
81 #define ITER_GET_BVECS_PAGES	64
82 
83 static ssize_t __iter_get_bvecs(struct iov_iter *iter, size_t maxsize,
84 				struct bio_vec *bvecs)
85 {
86 	size_t size = 0;
87 	int bvec_idx = 0;
88 
89 	if (maxsize > iov_iter_count(iter))
90 		maxsize = iov_iter_count(iter);
91 
92 	while (size < maxsize) {
93 		struct page *pages[ITER_GET_BVECS_PAGES];
94 		ssize_t bytes;
95 		size_t start;
96 		int idx = 0;
97 
98 		bytes = iov_iter_get_pages(iter, pages, maxsize - size,
99 					   ITER_GET_BVECS_PAGES, &start);
100 		if (bytes < 0)
101 			return size ?: bytes;
102 
103 		iov_iter_advance(iter, bytes);
104 		size += bytes;
105 
106 		for ( ; bytes; idx++, bvec_idx++) {
107 			struct bio_vec bv = {
108 				.bv_page = pages[idx],
109 				.bv_len = min_t(int, bytes, PAGE_SIZE - start),
110 				.bv_offset = start,
111 			};
112 
113 			bvecs[bvec_idx] = bv;
114 			bytes -= bv.bv_len;
115 			start = 0;
116 		}
117 	}
118 
119 	return size;
120 }
121 
122 /*
123  * iov_iter_get_pages() only considers one iov_iter segment, no matter
124  * what maxsize or maxpages are given.  For ITER_BVEC that is a single
125  * page.
126  *
127  * Attempt to get up to @maxsize bytes worth of pages from @iter.
128  * Return the number of bytes in the created bio_vec array, or an error.
129  */
130 static ssize_t iter_get_bvecs_alloc(struct iov_iter *iter, size_t maxsize,
131 				    struct bio_vec **bvecs, int *num_bvecs)
132 {
133 	struct bio_vec *bv;
134 	size_t orig_count = iov_iter_count(iter);
135 	ssize_t bytes;
136 	int npages;
137 
138 	iov_iter_truncate(iter, maxsize);
139 	npages = iov_iter_npages(iter, INT_MAX);
140 	iov_iter_reexpand(iter, orig_count);
141 
142 	/*
143 	 * __iter_get_bvecs() may populate only part of the array -- zero it
144 	 * out.
145 	 */
146 	bv = kvmalloc_array(npages, sizeof(*bv), GFP_KERNEL | __GFP_ZERO);
147 	if (!bv)
148 		return -ENOMEM;
149 
150 	bytes = __iter_get_bvecs(iter, maxsize, bv);
151 	if (bytes < 0) {
152 		/*
153 		 * No pages were pinned -- just free the array.
154 		 */
155 		kvfree(bv);
156 		return bytes;
157 	}
158 
159 	*bvecs = bv;
160 	*num_bvecs = npages;
161 	return bytes;
162 }
163 
164 static void put_bvecs(struct bio_vec *bvecs, int num_bvecs, bool should_dirty)
165 {
166 	int i;
167 
168 	for (i = 0; i < num_bvecs; i++) {
169 		if (bvecs[i].bv_page) {
170 			if (should_dirty)
171 				set_page_dirty_lock(bvecs[i].bv_page);
172 			put_page(bvecs[i].bv_page);
173 		}
174 	}
175 	kvfree(bvecs);
176 }
177 
178 /*
179  * Prepare an open request.  Preallocate ceph_cap to avoid an
180  * inopportune ENOMEM later.
181  */
182 static struct ceph_mds_request *
183 prepare_open_request(struct super_block *sb, int flags, int create_mode)
184 {
185 	struct ceph_mds_client *mdsc = ceph_sb_to_mdsc(sb);
186 	struct ceph_mds_request *req;
187 	int want_auth = USE_ANY_MDS;
188 	int op = (flags & O_CREAT) ? CEPH_MDS_OP_CREATE : CEPH_MDS_OP_OPEN;
189 
190 	if (flags & (O_WRONLY|O_RDWR|O_CREAT|O_TRUNC))
191 		want_auth = USE_AUTH_MDS;
192 
193 	req = ceph_mdsc_create_request(mdsc, op, want_auth);
194 	if (IS_ERR(req))
195 		goto out;
196 	req->r_fmode = ceph_flags_to_mode(flags);
197 	req->r_args.open.flags = ceph_flags_sys2wire(flags);
198 	req->r_args.open.mode = cpu_to_le32(create_mode);
199 out:
200 	return req;
201 }
202 
203 static int ceph_init_file_info(struct inode *inode, struct file *file,
204 					int fmode, bool isdir)
205 {
206 	struct ceph_inode_info *ci = ceph_inode(inode);
207 	struct ceph_mount_options *opt =
208 		ceph_inode_to_client(&ci->vfs_inode)->mount_options;
209 	struct ceph_file_info *fi;
210 
211 	dout("%s %p %p 0%o (%s)\n", __func__, inode, file,
212 			inode->i_mode, isdir ? "dir" : "regular");
213 	BUG_ON(inode->i_fop->release != ceph_release);
214 
215 	if (isdir) {
216 		struct ceph_dir_file_info *dfi =
217 			kmem_cache_zalloc(ceph_dir_file_cachep, GFP_KERNEL);
218 		if (!dfi)
219 			return -ENOMEM;
220 
221 		file->private_data = dfi;
222 		fi = &dfi->file_info;
223 		dfi->next_offset = 2;
224 		dfi->readdir_cache_idx = -1;
225 	} else {
226 		fi = kmem_cache_zalloc(ceph_file_cachep, GFP_KERNEL);
227 		if (!fi)
228 			return -ENOMEM;
229 
230 		if (opt->flags & CEPH_MOUNT_OPT_NOPAGECACHE)
231 			fi->flags |= CEPH_F_SYNC;
232 
233 		file->private_data = fi;
234 	}
235 
236 	ceph_get_fmode(ci, fmode, 1);
237 	fi->fmode = fmode;
238 
239 	spin_lock_init(&fi->rw_contexts_lock);
240 	INIT_LIST_HEAD(&fi->rw_contexts);
241 	fi->filp_gen = READ_ONCE(ceph_inode_to_client(inode)->filp_gen);
242 
243 	return 0;
244 }
245 
246 /*
247  * initialize private struct file data.
248  * if we fail, clean up by dropping fmode reference on the ceph_inode
249  */
250 static int ceph_init_file(struct inode *inode, struct file *file, int fmode)
251 {
252 	int ret = 0;
253 
254 	switch (inode->i_mode & S_IFMT) {
255 	case S_IFREG:
256 		ceph_fscache_use_cookie(inode, file->f_mode & FMODE_WRITE);
257 		fallthrough;
258 	case S_IFDIR:
259 		ret = ceph_init_file_info(inode, file, fmode,
260 						S_ISDIR(inode->i_mode));
261 		break;
262 
263 	case S_IFLNK:
264 		dout("init_file %p %p 0%o (symlink)\n", inode, file,
265 		     inode->i_mode);
266 		break;
267 
268 	default:
269 		dout("init_file %p %p 0%o (special)\n", inode, file,
270 		     inode->i_mode);
271 		/*
272 		 * we need to drop the open ref now, since we don't
273 		 * have .release set to ceph_release.
274 		 */
275 		BUG_ON(inode->i_fop->release == ceph_release);
276 
277 		/* call the proper open fop */
278 		ret = inode->i_fop->open(inode, file);
279 	}
280 	return ret;
281 }
282 
283 /*
284  * try renew caps after session gets killed.
285  */
286 int ceph_renew_caps(struct inode *inode, int fmode)
287 {
288 	struct ceph_mds_client *mdsc = ceph_sb_to_mdsc(inode->i_sb);
289 	struct ceph_inode_info *ci = ceph_inode(inode);
290 	struct ceph_mds_request *req;
291 	int err, flags, wanted;
292 
293 	spin_lock(&ci->i_ceph_lock);
294 	__ceph_touch_fmode(ci, mdsc, fmode);
295 	wanted = __ceph_caps_file_wanted(ci);
296 	if (__ceph_is_any_real_caps(ci) &&
297 	    (!(wanted & CEPH_CAP_ANY_WR) || ci->i_auth_cap)) {
298 		int issued = __ceph_caps_issued(ci, NULL);
299 		spin_unlock(&ci->i_ceph_lock);
300 		dout("renew caps %p want %s issued %s updating mds_wanted\n",
301 		     inode, ceph_cap_string(wanted), ceph_cap_string(issued));
302 		ceph_check_caps(ci, 0, NULL);
303 		return 0;
304 	}
305 	spin_unlock(&ci->i_ceph_lock);
306 
307 	flags = 0;
308 	if ((wanted & CEPH_CAP_FILE_RD) && (wanted & CEPH_CAP_FILE_WR))
309 		flags = O_RDWR;
310 	else if (wanted & CEPH_CAP_FILE_RD)
311 		flags = O_RDONLY;
312 	else if (wanted & CEPH_CAP_FILE_WR)
313 		flags = O_WRONLY;
314 #ifdef O_LAZY
315 	if (wanted & CEPH_CAP_FILE_LAZYIO)
316 		flags |= O_LAZY;
317 #endif
318 
319 	req = prepare_open_request(inode->i_sb, flags, 0);
320 	if (IS_ERR(req)) {
321 		err = PTR_ERR(req);
322 		goto out;
323 	}
324 
325 	req->r_inode = inode;
326 	ihold(inode);
327 	req->r_num_caps = 1;
328 
329 	err = ceph_mdsc_do_request(mdsc, NULL, req);
330 	ceph_mdsc_put_request(req);
331 out:
332 	dout("renew caps %p open result=%d\n", inode, err);
333 	return err < 0 ? err : 0;
334 }
335 
336 /*
337  * If we already have the requisite capabilities, we can satisfy
338  * the open request locally (no need to request new caps from the
339  * MDS).  We do, however, need to inform the MDS (asynchronously)
340  * if our wanted caps set expands.
341  */
342 int ceph_open(struct inode *inode, struct file *file)
343 {
344 	struct ceph_inode_info *ci = ceph_inode(inode);
345 	struct ceph_fs_client *fsc = ceph_sb_to_client(inode->i_sb);
346 	struct ceph_mds_client *mdsc = fsc->mdsc;
347 	struct ceph_mds_request *req;
348 	struct ceph_file_info *fi = file->private_data;
349 	int err;
350 	int flags, fmode, wanted;
351 
352 	if (fi) {
353 		dout("open file %p is already opened\n", file);
354 		return 0;
355 	}
356 
357 	/* filter out O_CREAT|O_EXCL; vfs did that already.  yuck. */
358 	flags = file->f_flags & ~(O_CREAT|O_EXCL);
359 	if (S_ISDIR(inode->i_mode))
360 		flags = O_DIRECTORY;  /* mds likes to know */
361 
362 	dout("open inode %p ino %llx.%llx file %p flags %d (%d)\n", inode,
363 	     ceph_vinop(inode), file, flags, file->f_flags);
364 	fmode = ceph_flags_to_mode(flags);
365 	wanted = ceph_caps_for_mode(fmode);
366 
367 	/* snapped files are read-only */
368 	if (ceph_snap(inode) != CEPH_NOSNAP && (file->f_mode & FMODE_WRITE))
369 		return -EROFS;
370 
371 	/* trivially open snapdir */
372 	if (ceph_snap(inode) == CEPH_SNAPDIR) {
373 		return ceph_init_file(inode, file, fmode);
374 	}
375 
376 	/*
377 	 * No need to block if we have caps on the auth MDS (for
378 	 * write) or any MDS (for read).  Update wanted set
379 	 * asynchronously.
380 	 */
381 	spin_lock(&ci->i_ceph_lock);
382 	if (__ceph_is_any_real_caps(ci) &&
383 	    (((fmode & CEPH_FILE_MODE_WR) == 0) || ci->i_auth_cap)) {
384 		int mds_wanted = __ceph_caps_mds_wanted(ci, true);
385 		int issued = __ceph_caps_issued(ci, NULL);
386 
387 		dout("open %p fmode %d want %s issued %s using existing\n",
388 		     inode, fmode, ceph_cap_string(wanted),
389 		     ceph_cap_string(issued));
390 		__ceph_touch_fmode(ci, mdsc, fmode);
391 		spin_unlock(&ci->i_ceph_lock);
392 
393 		/* adjust wanted? */
394 		if ((issued & wanted) != wanted &&
395 		    (mds_wanted & wanted) != wanted &&
396 		    ceph_snap(inode) != CEPH_SNAPDIR)
397 			ceph_check_caps(ci, 0, NULL);
398 
399 		return ceph_init_file(inode, file, fmode);
400 	} else if (ceph_snap(inode) != CEPH_NOSNAP &&
401 		   (ci->i_snap_caps & wanted) == wanted) {
402 		__ceph_touch_fmode(ci, mdsc, fmode);
403 		spin_unlock(&ci->i_ceph_lock);
404 		return ceph_init_file(inode, file, fmode);
405 	}
406 
407 	spin_unlock(&ci->i_ceph_lock);
408 
409 	dout("open fmode %d wants %s\n", fmode, ceph_cap_string(wanted));
410 	req = prepare_open_request(inode->i_sb, flags, 0);
411 	if (IS_ERR(req)) {
412 		err = PTR_ERR(req);
413 		goto out;
414 	}
415 	req->r_inode = inode;
416 	ihold(inode);
417 
418 	req->r_num_caps = 1;
419 	err = ceph_mdsc_do_request(mdsc, NULL, req);
420 	if (!err)
421 		err = ceph_init_file(inode, file, req->r_fmode);
422 	ceph_mdsc_put_request(req);
423 	dout("open result=%d on %llx.%llx\n", err, ceph_vinop(inode));
424 out:
425 	return err;
426 }
427 
428 /* Clone the layout from a synchronous create, if the dir now has Dc caps */
429 static void
430 cache_file_layout(struct inode *dst, struct inode *src)
431 {
432 	struct ceph_inode_info *cdst = ceph_inode(dst);
433 	struct ceph_inode_info *csrc = ceph_inode(src);
434 
435 	spin_lock(&cdst->i_ceph_lock);
436 	if ((__ceph_caps_issued(cdst, NULL) & CEPH_CAP_DIR_CREATE) &&
437 	    !ceph_file_layout_is_valid(&cdst->i_cached_layout)) {
438 		memcpy(&cdst->i_cached_layout, &csrc->i_layout,
439 			sizeof(cdst->i_cached_layout));
440 		rcu_assign_pointer(cdst->i_cached_layout.pool_ns,
441 				   ceph_try_get_string(csrc->i_layout.pool_ns));
442 	}
443 	spin_unlock(&cdst->i_ceph_lock);
444 }
445 
446 /*
447  * Try to set up an async create. We need caps, a file layout, and inode number,
448  * and either a lease on the dentry or complete dir info. If any of those
449  * criteria are not satisfied, then return false and the caller can go
450  * synchronous.
451  */
452 static int try_prep_async_create(struct inode *dir, struct dentry *dentry,
453 				 struct ceph_file_layout *lo, u64 *pino)
454 {
455 	struct ceph_inode_info *ci = ceph_inode(dir);
456 	struct ceph_dentry_info *di = ceph_dentry(dentry);
457 	int got = 0, want = CEPH_CAP_FILE_EXCL | CEPH_CAP_DIR_CREATE;
458 	u64 ino;
459 
460 	spin_lock(&ci->i_ceph_lock);
461 	/* No auth cap means no chance for Dc caps */
462 	if (!ci->i_auth_cap)
463 		goto no_async;
464 
465 	/* Any delegated inos? */
466 	if (xa_empty(&ci->i_auth_cap->session->s_delegated_inos))
467 		goto no_async;
468 
469 	if (!ceph_file_layout_is_valid(&ci->i_cached_layout))
470 		goto no_async;
471 
472 	if ((__ceph_caps_issued(ci, NULL) & want) != want)
473 		goto no_async;
474 
475 	if (d_in_lookup(dentry)) {
476 		if (!__ceph_dir_is_complete(ci))
477 			goto no_async;
478 		spin_lock(&dentry->d_lock);
479 		di->lease_shared_gen = atomic_read(&ci->i_shared_gen);
480 		spin_unlock(&dentry->d_lock);
481 	} else if (atomic_read(&ci->i_shared_gen) !=
482 		   READ_ONCE(di->lease_shared_gen)) {
483 		goto no_async;
484 	}
485 
486 	ino = ceph_get_deleg_ino(ci->i_auth_cap->session);
487 	if (!ino)
488 		goto no_async;
489 
490 	*pino = ino;
491 	ceph_take_cap_refs(ci, want, false);
492 	memcpy(lo, &ci->i_cached_layout, sizeof(*lo));
493 	rcu_assign_pointer(lo->pool_ns,
494 			   ceph_try_get_string(ci->i_cached_layout.pool_ns));
495 	got = want;
496 no_async:
497 	spin_unlock(&ci->i_ceph_lock);
498 	return got;
499 }
500 
501 static void restore_deleg_ino(struct inode *dir, u64 ino)
502 {
503 	struct ceph_inode_info *ci = ceph_inode(dir);
504 	struct ceph_mds_session *s = NULL;
505 
506 	spin_lock(&ci->i_ceph_lock);
507 	if (ci->i_auth_cap)
508 		s = ceph_get_mds_session(ci->i_auth_cap->session);
509 	spin_unlock(&ci->i_ceph_lock);
510 	if (s) {
511 		int err = ceph_restore_deleg_ino(s, ino);
512 		if (err)
513 			pr_warn("ceph: unable to restore delegated ino 0x%llx to session: %d\n",
514 				ino, err);
515 		ceph_put_mds_session(s);
516 	}
517 }
518 
519 static void ceph_async_create_cb(struct ceph_mds_client *mdsc,
520                                  struct ceph_mds_request *req)
521 {
522 	int result = req->r_err ? req->r_err :
523 			le32_to_cpu(req->r_reply_info.head->result);
524 
525 	if (result == -EJUKEBOX)
526 		goto out;
527 
528 	mapping_set_error(req->r_parent->i_mapping, result);
529 
530 	if (result) {
531 		struct dentry *dentry = req->r_dentry;
532 		struct inode *inode = d_inode(dentry);
533 		int pathlen = 0;
534 		u64 base = 0;
535 		char *path = ceph_mdsc_build_path(req->r_dentry, &pathlen,
536 						  &base, 0);
537 
538 		ceph_dir_clear_complete(req->r_parent);
539 		if (!d_unhashed(dentry))
540 			d_drop(dentry);
541 
542 		ceph_inode_shutdown(inode);
543 
544 		pr_warn("ceph: async create failure path=(%llx)%s result=%d!\n",
545 			base, IS_ERR(path) ? "<<bad>>" : path, result);
546 		ceph_mdsc_free_path(path, pathlen);
547 	}
548 
549 	if (req->r_target_inode) {
550 		struct ceph_inode_info *ci = ceph_inode(req->r_target_inode);
551 		u64 ino = ceph_vino(req->r_target_inode).ino;
552 
553 		if (req->r_deleg_ino != ino)
554 			pr_warn("%s: inode number mismatch! err=%d deleg_ino=0x%llx target=0x%llx\n",
555 				__func__, req->r_err, req->r_deleg_ino, ino);
556 		mapping_set_error(req->r_target_inode->i_mapping, result);
557 
558 		spin_lock(&ci->i_ceph_lock);
559 		if (ci->i_ceph_flags & CEPH_I_ASYNC_CREATE) {
560 			ci->i_ceph_flags &= ~CEPH_I_ASYNC_CREATE;
561 			wake_up_bit(&ci->i_ceph_flags, CEPH_ASYNC_CREATE_BIT);
562 		}
563 		ceph_kick_flushing_inode_caps(req->r_session, ci);
564 		spin_unlock(&ci->i_ceph_lock);
565 	} else if (!result) {
566 		pr_warn("%s: no req->r_target_inode for 0x%llx\n", __func__,
567 			req->r_deleg_ino);
568 	}
569 out:
570 	ceph_mdsc_release_dir_caps(req);
571 }
572 
573 static int ceph_finish_async_create(struct inode *dir, struct dentry *dentry,
574 				    struct file *file, umode_t mode,
575 				    struct ceph_mds_request *req,
576 				    struct ceph_acl_sec_ctx *as_ctx,
577 				    struct ceph_file_layout *lo)
578 {
579 	int ret;
580 	char xattr_buf[4];
581 	struct ceph_mds_reply_inode in = { };
582 	struct ceph_mds_reply_info_in iinfo = { .in = &in };
583 	struct ceph_inode_info *ci = ceph_inode(dir);
584 	struct inode *inode;
585 	struct timespec64 now;
586 	struct ceph_mds_client *mdsc = ceph_sb_to_mdsc(dir->i_sb);
587 	struct ceph_vino vino = { .ino = req->r_deleg_ino,
588 				  .snap = CEPH_NOSNAP };
589 
590 	ktime_get_real_ts64(&now);
591 
592 	inode = ceph_get_inode(dentry->d_sb, vino);
593 	if (IS_ERR(inode))
594 		return PTR_ERR(inode);
595 
596 	iinfo.inline_version = CEPH_INLINE_NONE;
597 	iinfo.change_attr = 1;
598 	ceph_encode_timespec64(&iinfo.btime, &now);
599 
600 	iinfo.xattr_len = ARRAY_SIZE(xattr_buf);
601 	iinfo.xattr_data = xattr_buf;
602 	memset(iinfo.xattr_data, 0, iinfo.xattr_len);
603 
604 	in.ino = cpu_to_le64(vino.ino);
605 	in.snapid = cpu_to_le64(CEPH_NOSNAP);
606 	in.version = cpu_to_le64(1);	// ???
607 	in.cap.caps = in.cap.wanted = cpu_to_le32(CEPH_CAP_ALL_FILE);
608 	in.cap.cap_id = cpu_to_le64(1);
609 	in.cap.realm = cpu_to_le64(ci->i_snap_realm->ino);
610 	in.cap.flags = CEPH_CAP_FLAG_AUTH;
611 	in.ctime = in.mtime = in.atime = iinfo.btime;
612 	in.truncate_seq = cpu_to_le32(1);
613 	in.truncate_size = cpu_to_le64(-1ULL);
614 	in.xattr_version = cpu_to_le64(1);
615 	in.uid = cpu_to_le32(from_kuid(&init_user_ns, current_fsuid()));
616 	if (dir->i_mode & S_ISGID) {
617 		in.gid = cpu_to_le32(from_kgid(&init_user_ns, dir->i_gid));
618 
619 		/* Directories always inherit the setgid bit. */
620 		if (S_ISDIR(mode))
621 			mode |= S_ISGID;
622 		else if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP) &&
623 			 !in_group_p(dir->i_gid) &&
624 			 !capable_wrt_inode_uidgid(&init_user_ns, dir, CAP_FSETID))
625 			mode &= ~S_ISGID;
626 	} else {
627 		in.gid = cpu_to_le32(from_kgid(&init_user_ns, current_fsgid()));
628 	}
629 	in.mode = cpu_to_le32((u32)mode);
630 
631 	in.nlink = cpu_to_le32(1);
632 	in.max_size = cpu_to_le64(lo->stripe_unit);
633 
634 	ceph_file_layout_to_legacy(lo, &in.layout);
635 
636 	down_read(&mdsc->snap_rwsem);
637 	ret = ceph_fill_inode(inode, NULL, &iinfo, NULL, req->r_session,
638 			      req->r_fmode, NULL);
639 	up_read(&mdsc->snap_rwsem);
640 	if (ret) {
641 		dout("%s failed to fill inode: %d\n", __func__, ret);
642 		ceph_dir_clear_complete(dir);
643 		if (!d_unhashed(dentry))
644 			d_drop(dentry);
645 		if (inode->i_state & I_NEW)
646 			discard_new_inode(inode);
647 	} else {
648 		struct dentry *dn;
649 
650 		dout("%s d_adding new inode 0x%llx to 0x%llx/%s\n", __func__,
651 			vino.ino, ceph_ino(dir), dentry->d_name.name);
652 		ceph_dir_clear_ordered(dir);
653 		ceph_init_inode_acls(inode, as_ctx);
654 		if (inode->i_state & I_NEW) {
655 			/*
656 			 * If it's not I_NEW, then someone created this before
657 			 * we got here. Assume the server is aware of it at
658 			 * that point and don't worry about setting
659 			 * CEPH_I_ASYNC_CREATE.
660 			 */
661 			ceph_inode(inode)->i_ceph_flags = CEPH_I_ASYNC_CREATE;
662 			unlock_new_inode(inode);
663 		}
664 		if (d_in_lookup(dentry) || d_really_is_negative(dentry)) {
665 			if (!d_unhashed(dentry))
666 				d_drop(dentry);
667 			dn = d_splice_alias(inode, dentry);
668 			WARN_ON_ONCE(dn && dn != dentry);
669 		}
670 		file->f_mode |= FMODE_CREATED;
671 		ret = finish_open(file, dentry, ceph_open);
672 	}
673 	return ret;
674 }
675 
676 /*
677  * Do a lookup + open with a single request.  If we get a non-existent
678  * file or symlink, return 1 so the VFS can retry.
679  */
680 int ceph_atomic_open(struct inode *dir, struct dentry *dentry,
681 		     struct file *file, unsigned flags, umode_t mode)
682 {
683 	struct ceph_fs_client *fsc = ceph_sb_to_client(dir->i_sb);
684 	struct ceph_mds_client *mdsc = fsc->mdsc;
685 	struct ceph_mds_request *req;
686 	struct dentry *dn;
687 	struct ceph_acl_sec_ctx as_ctx = {};
688 	bool try_async = ceph_test_mount_opt(fsc, ASYNC_DIROPS);
689 	int mask;
690 	int err;
691 
692 	dout("atomic_open %p dentry %p '%pd' %s flags %d mode 0%o\n",
693 	     dir, dentry, dentry,
694 	     d_unhashed(dentry) ? "unhashed" : "hashed", flags, mode);
695 
696 	if (dentry->d_name.len > NAME_MAX)
697 		return -ENAMETOOLONG;
698 
699 	if (flags & O_CREAT) {
700 		if (ceph_quota_is_max_files_exceeded(dir))
701 			return -EDQUOT;
702 		err = ceph_pre_init_acls(dir, &mode, &as_ctx);
703 		if (err < 0)
704 			return err;
705 		err = ceph_security_init_secctx(dentry, mode, &as_ctx);
706 		if (err < 0)
707 			goto out_ctx;
708 	} else if (!d_in_lookup(dentry)) {
709 		/* If it's not being looked up, it's negative */
710 		return -ENOENT;
711 	}
712 retry:
713 	/* do the open */
714 	req = prepare_open_request(dir->i_sb, flags, mode);
715 	if (IS_ERR(req)) {
716 		err = PTR_ERR(req);
717 		goto out_ctx;
718 	}
719 	req->r_dentry = dget(dentry);
720 	req->r_num_caps = 2;
721 	mask = CEPH_STAT_CAP_INODE | CEPH_CAP_AUTH_SHARED;
722 	if (ceph_security_xattr_wanted(dir))
723 		mask |= CEPH_CAP_XATTR_SHARED;
724 	req->r_args.open.mask = cpu_to_le32(mask);
725 	req->r_parent = dir;
726 	ihold(dir);
727 
728 	if (flags & O_CREAT) {
729 		struct ceph_file_layout lo;
730 
731 		req->r_dentry_drop = CEPH_CAP_FILE_SHARED | CEPH_CAP_AUTH_EXCL;
732 		req->r_dentry_unless = CEPH_CAP_FILE_EXCL;
733 		if (as_ctx.pagelist) {
734 			req->r_pagelist = as_ctx.pagelist;
735 			as_ctx.pagelist = NULL;
736 		}
737 		if (try_async &&
738 		    (req->r_dir_caps =
739 		      try_prep_async_create(dir, dentry, &lo,
740 					    &req->r_deleg_ino))) {
741 			set_bit(CEPH_MDS_R_ASYNC, &req->r_req_flags);
742 			req->r_args.open.flags |= cpu_to_le32(CEPH_O_EXCL);
743 			req->r_callback = ceph_async_create_cb;
744 			err = ceph_mdsc_submit_request(mdsc, dir, req);
745 			if (!err) {
746 				err = ceph_finish_async_create(dir, dentry,
747 							file, mode, req,
748 							&as_ctx, &lo);
749 			} else if (err == -EJUKEBOX) {
750 				restore_deleg_ino(dir, req->r_deleg_ino);
751 				ceph_mdsc_put_request(req);
752 				try_async = false;
753 				goto retry;
754 			}
755 			goto out_req;
756 		}
757 	}
758 
759 	set_bit(CEPH_MDS_R_PARENT_LOCKED, &req->r_req_flags);
760 	err = ceph_mdsc_do_request(mdsc,
761 				   (flags & (O_CREAT|O_TRUNC)) ? dir : NULL,
762 				   req);
763 	if (err == -ENOENT) {
764 		dentry = ceph_handle_snapdir(req, dentry);
765 		if (IS_ERR(dentry)) {
766 			err = PTR_ERR(dentry);
767 			goto out_req;
768 		}
769 		err = 0;
770 	}
771 
772 	if (!err && (flags & O_CREAT) && !req->r_reply_info.head->is_dentry)
773 		err = ceph_handle_notrace_create(dir, dentry);
774 
775 	if (d_in_lookup(dentry)) {
776 		dn = ceph_finish_lookup(req, dentry, err);
777 		if (IS_ERR(dn))
778 			err = PTR_ERR(dn);
779 	} else {
780 		/* we were given a hashed negative dentry */
781 		dn = NULL;
782 	}
783 	if (err)
784 		goto out_req;
785 	if (dn || d_really_is_negative(dentry) || d_is_symlink(dentry)) {
786 		/* make vfs retry on splice, ENOENT, or symlink */
787 		dout("atomic_open finish_no_open on dn %p\n", dn);
788 		err = finish_no_open(file, dn);
789 	} else {
790 		dout("atomic_open finish_open on dn %p\n", dn);
791 		if (req->r_op == CEPH_MDS_OP_CREATE && req->r_reply_info.has_create_ino) {
792 			struct inode *newino = d_inode(dentry);
793 
794 			cache_file_layout(dir, newino);
795 			ceph_init_inode_acls(newino, &as_ctx);
796 			file->f_mode |= FMODE_CREATED;
797 		}
798 		err = finish_open(file, dentry, ceph_open);
799 	}
800 out_req:
801 	ceph_mdsc_put_request(req);
802 out_ctx:
803 	ceph_release_acl_sec_ctx(&as_ctx);
804 	dout("atomic_open result=%d\n", err);
805 	return err;
806 }
807 
808 int ceph_release(struct inode *inode, struct file *file)
809 {
810 	struct ceph_inode_info *ci = ceph_inode(inode);
811 
812 	if (S_ISDIR(inode->i_mode)) {
813 		struct ceph_dir_file_info *dfi = file->private_data;
814 		dout("release inode %p dir file %p\n", inode, file);
815 		WARN_ON(!list_empty(&dfi->file_info.rw_contexts));
816 
817 		ceph_put_fmode(ci, dfi->file_info.fmode, 1);
818 
819 		if (dfi->last_readdir)
820 			ceph_mdsc_put_request(dfi->last_readdir);
821 		kfree(dfi->last_name);
822 		kfree(dfi->dir_info);
823 		kmem_cache_free(ceph_dir_file_cachep, dfi);
824 	} else {
825 		struct ceph_file_info *fi = file->private_data;
826 		dout("release inode %p regular file %p\n", inode, file);
827 		WARN_ON(!list_empty(&fi->rw_contexts));
828 
829 		ceph_fscache_unuse_cookie(inode, file->f_mode & FMODE_WRITE);
830 		ceph_put_fmode(ci, fi->fmode, 1);
831 
832 		kmem_cache_free(ceph_file_cachep, fi);
833 	}
834 
835 	/* wake up anyone waiting for caps on this inode */
836 	wake_up_all(&ci->i_cap_wq);
837 	return 0;
838 }
839 
840 enum {
841 	HAVE_RETRIED = 1,
842 	CHECK_EOF =    2,
843 	READ_INLINE =  3,
844 };
845 
846 /*
847  * Completely synchronous read and write methods.  Direct from __user
848  * buffer to osd, or directly to user pages (if O_DIRECT).
849  *
850  * If the read spans object boundary, just do multiple reads.  (That's not
851  * atomic, but good enough for now.)
852  *
853  * If we get a short result from the OSD, check against i_size; we need to
854  * only return a short read to the caller if we hit EOF.
855  */
856 static ssize_t ceph_sync_read(struct kiocb *iocb, struct iov_iter *to,
857 			      int *retry_op)
858 {
859 	struct file *file = iocb->ki_filp;
860 	struct inode *inode = file_inode(file);
861 	struct ceph_inode_info *ci = ceph_inode(inode);
862 	struct ceph_fs_client *fsc = ceph_inode_to_client(inode);
863 	struct ceph_osd_client *osdc = &fsc->client->osdc;
864 	ssize_t ret;
865 	u64 off = iocb->ki_pos;
866 	u64 len = iov_iter_count(to);
867 	u64 i_size = i_size_read(inode);
868 
869 	dout("sync_read on file %p %llu~%u %s\n", file, off, (unsigned)len,
870 	     (file->f_flags & O_DIRECT) ? "O_DIRECT" : "");
871 
872 	if (!len)
873 		return 0;
874 	/*
875 	 * flush any page cache pages in this range.  this
876 	 * will make concurrent normal and sync io slow,
877 	 * but it will at least behave sensibly when they are
878 	 * in sequence.
879 	 */
880 	ret = filemap_write_and_wait_range(inode->i_mapping,
881 					   off, off + len - 1);
882 	if (ret < 0)
883 		return ret;
884 
885 	ret = 0;
886 	while ((len = iov_iter_count(to)) > 0) {
887 		struct ceph_osd_request *req;
888 		struct page **pages;
889 		int num_pages;
890 		size_t page_off;
891 		bool more;
892 		int idx;
893 		size_t left;
894 
895 		req = ceph_osdc_new_request(osdc, &ci->i_layout,
896 					ci->i_vino, off, &len, 0, 1,
897 					CEPH_OSD_OP_READ, CEPH_OSD_FLAG_READ,
898 					NULL, ci->i_truncate_seq,
899 					ci->i_truncate_size, false);
900 		if (IS_ERR(req)) {
901 			ret = PTR_ERR(req);
902 			break;
903 		}
904 
905 		more = len < iov_iter_count(to);
906 
907 		num_pages = calc_pages_for(off, len);
908 		page_off = off & ~PAGE_MASK;
909 		pages = ceph_alloc_page_vector(num_pages, GFP_KERNEL);
910 		if (IS_ERR(pages)) {
911 			ceph_osdc_put_request(req);
912 			ret = PTR_ERR(pages);
913 			break;
914 		}
915 
916 		osd_req_op_extent_osd_data_pages(req, 0, pages, len, page_off,
917 						 false, false);
918 		ret = ceph_osdc_start_request(osdc, req, false);
919 		if (!ret)
920 			ret = ceph_osdc_wait_request(osdc, req);
921 
922 		ceph_update_read_metrics(&fsc->mdsc->metric,
923 					 req->r_start_latency,
924 					 req->r_end_latency,
925 					 len, ret);
926 
927 		ceph_osdc_put_request(req);
928 
929 		i_size = i_size_read(inode);
930 		dout("sync_read %llu~%llu got %zd i_size %llu%s\n",
931 		     off, len, ret, i_size, (more ? " MORE" : ""));
932 
933 		if (ret == -ENOENT)
934 			ret = 0;
935 		if (ret >= 0 && ret < len && (off + ret < i_size)) {
936 			int zlen = min(len - ret, i_size - off - ret);
937 			int zoff = page_off + ret;
938 			dout("sync_read zero gap %llu~%llu\n",
939                              off + ret, off + ret + zlen);
940 			ceph_zero_page_vector_range(zoff, zlen, pages);
941 			ret += zlen;
942 		}
943 
944 		idx = 0;
945 		left = ret > 0 ? ret : 0;
946 		while (left > 0) {
947 			size_t len, copied;
948 			page_off = off & ~PAGE_MASK;
949 			len = min_t(size_t, left, PAGE_SIZE - page_off);
950 			SetPageUptodate(pages[idx]);
951 			copied = copy_page_to_iter(pages[idx++],
952 						   page_off, len, to);
953 			off += copied;
954 			left -= copied;
955 			if (copied < len) {
956 				ret = -EFAULT;
957 				break;
958 			}
959 		}
960 		ceph_release_page_vector(pages, num_pages);
961 
962 		if (ret < 0) {
963 			if (ret == -EBLOCKLISTED)
964 				fsc->blocklisted = true;
965 			break;
966 		}
967 
968 		if (off >= i_size || !more)
969 			break;
970 	}
971 
972 	if (off > iocb->ki_pos) {
973 		if (off >= i_size) {
974 			*retry_op = CHECK_EOF;
975 			ret = i_size - iocb->ki_pos;
976 			iocb->ki_pos = i_size;
977 		} else {
978 			ret = off - iocb->ki_pos;
979 			iocb->ki_pos = off;
980 		}
981 	}
982 
983 	dout("sync_read result %zd retry_op %d\n", ret, *retry_op);
984 	return ret;
985 }
986 
987 struct ceph_aio_request {
988 	struct kiocb *iocb;
989 	size_t total_len;
990 	bool write;
991 	bool should_dirty;
992 	int error;
993 	struct list_head osd_reqs;
994 	unsigned num_reqs;
995 	atomic_t pending_reqs;
996 	struct timespec64 mtime;
997 	struct ceph_cap_flush *prealloc_cf;
998 };
999 
1000 struct ceph_aio_work {
1001 	struct work_struct work;
1002 	struct ceph_osd_request *req;
1003 };
1004 
1005 static void ceph_aio_retry_work(struct work_struct *work);
1006 
1007 static void ceph_aio_complete(struct inode *inode,
1008 			      struct ceph_aio_request *aio_req)
1009 {
1010 	struct ceph_inode_info *ci = ceph_inode(inode);
1011 	int ret;
1012 
1013 	if (!atomic_dec_and_test(&aio_req->pending_reqs))
1014 		return;
1015 
1016 	if (aio_req->iocb->ki_flags & IOCB_DIRECT)
1017 		inode_dio_end(inode);
1018 
1019 	ret = aio_req->error;
1020 	if (!ret)
1021 		ret = aio_req->total_len;
1022 
1023 	dout("ceph_aio_complete %p rc %d\n", inode, ret);
1024 
1025 	if (ret >= 0 && aio_req->write) {
1026 		int dirty;
1027 
1028 		loff_t endoff = aio_req->iocb->ki_pos + aio_req->total_len;
1029 		if (endoff > i_size_read(inode)) {
1030 			if (ceph_inode_set_size(inode, endoff))
1031 				ceph_check_caps(ci, CHECK_CAPS_AUTHONLY, NULL);
1032 		}
1033 
1034 		spin_lock(&ci->i_ceph_lock);
1035 		ci->i_inline_version = CEPH_INLINE_NONE;
1036 		dirty = __ceph_mark_dirty_caps(ci, CEPH_CAP_FILE_WR,
1037 					       &aio_req->prealloc_cf);
1038 		spin_unlock(&ci->i_ceph_lock);
1039 		if (dirty)
1040 			__mark_inode_dirty(inode, dirty);
1041 
1042 	}
1043 
1044 	ceph_put_cap_refs(ci, (aio_req->write ? CEPH_CAP_FILE_WR :
1045 						CEPH_CAP_FILE_RD));
1046 
1047 	aio_req->iocb->ki_complete(aio_req->iocb, ret);
1048 
1049 	ceph_free_cap_flush(aio_req->prealloc_cf);
1050 	kfree(aio_req);
1051 }
1052 
1053 static void ceph_aio_complete_req(struct ceph_osd_request *req)
1054 {
1055 	int rc = req->r_result;
1056 	struct inode *inode = req->r_inode;
1057 	struct ceph_aio_request *aio_req = req->r_priv;
1058 	struct ceph_osd_data *osd_data = osd_req_op_extent_osd_data(req, 0);
1059 	struct ceph_client_metric *metric = &ceph_sb_to_mdsc(inode->i_sb)->metric;
1060 	unsigned int len = osd_data->bvec_pos.iter.bi_size;
1061 
1062 	BUG_ON(osd_data->type != CEPH_OSD_DATA_TYPE_BVECS);
1063 	BUG_ON(!osd_data->num_bvecs);
1064 
1065 	dout("ceph_aio_complete_req %p rc %d bytes %u\n", inode, rc, len);
1066 
1067 	if (rc == -EOLDSNAPC) {
1068 		struct ceph_aio_work *aio_work;
1069 		BUG_ON(!aio_req->write);
1070 
1071 		aio_work = kmalloc(sizeof(*aio_work), GFP_NOFS);
1072 		if (aio_work) {
1073 			INIT_WORK(&aio_work->work, ceph_aio_retry_work);
1074 			aio_work->req = req;
1075 			queue_work(ceph_inode_to_client(inode)->inode_wq,
1076 				   &aio_work->work);
1077 			return;
1078 		}
1079 		rc = -ENOMEM;
1080 	} else if (!aio_req->write) {
1081 		if (rc == -ENOENT)
1082 			rc = 0;
1083 		if (rc >= 0 && len > rc) {
1084 			struct iov_iter i;
1085 			int zlen = len - rc;
1086 
1087 			/*
1088 			 * If read is satisfied by single OSD request,
1089 			 * it can pass EOF. Otherwise read is within
1090 			 * i_size.
1091 			 */
1092 			if (aio_req->num_reqs == 1) {
1093 				loff_t i_size = i_size_read(inode);
1094 				loff_t endoff = aio_req->iocb->ki_pos + rc;
1095 				if (endoff < i_size)
1096 					zlen = min_t(size_t, zlen,
1097 						     i_size - endoff);
1098 				aio_req->total_len = rc + zlen;
1099 			}
1100 
1101 			iov_iter_bvec(&i, READ, osd_data->bvec_pos.bvecs,
1102 				      osd_data->num_bvecs, len);
1103 			iov_iter_advance(&i, rc);
1104 			iov_iter_zero(zlen, &i);
1105 		}
1106 	}
1107 
1108 	/* r_start_latency == 0 means the request was not submitted */
1109 	if (req->r_start_latency) {
1110 		if (aio_req->write)
1111 			ceph_update_write_metrics(metric, req->r_start_latency,
1112 						  req->r_end_latency, len, rc);
1113 		else
1114 			ceph_update_read_metrics(metric, req->r_start_latency,
1115 						 req->r_end_latency, len, rc);
1116 	}
1117 
1118 	put_bvecs(osd_data->bvec_pos.bvecs, osd_data->num_bvecs,
1119 		  aio_req->should_dirty);
1120 	ceph_osdc_put_request(req);
1121 
1122 	if (rc < 0)
1123 		cmpxchg(&aio_req->error, 0, rc);
1124 
1125 	ceph_aio_complete(inode, aio_req);
1126 	return;
1127 }
1128 
1129 static void ceph_aio_retry_work(struct work_struct *work)
1130 {
1131 	struct ceph_aio_work *aio_work =
1132 		container_of(work, struct ceph_aio_work, work);
1133 	struct ceph_osd_request *orig_req = aio_work->req;
1134 	struct ceph_aio_request *aio_req = orig_req->r_priv;
1135 	struct inode *inode = orig_req->r_inode;
1136 	struct ceph_inode_info *ci = ceph_inode(inode);
1137 	struct ceph_snap_context *snapc;
1138 	struct ceph_osd_request *req;
1139 	int ret;
1140 
1141 	spin_lock(&ci->i_ceph_lock);
1142 	if (__ceph_have_pending_cap_snap(ci)) {
1143 		struct ceph_cap_snap *capsnap =
1144 			list_last_entry(&ci->i_cap_snaps,
1145 					struct ceph_cap_snap,
1146 					ci_item);
1147 		snapc = ceph_get_snap_context(capsnap->context);
1148 	} else {
1149 		BUG_ON(!ci->i_head_snapc);
1150 		snapc = ceph_get_snap_context(ci->i_head_snapc);
1151 	}
1152 	spin_unlock(&ci->i_ceph_lock);
1153 
1154 	req = ceph_osdc_alloc_request(orig_req->r_osdc, snapc, 1,
1155 			false, GFP_NOFS);
1156 	if (!req) {
1157 		ret = -ENOMEM;
1158 		req = orig_req;
1159 		goto out;
1160 	}
1161 
1162 	req->r_flags = /* CEPH_OSD_FLAG_ORDERSNAP | */ CEPH_OSD_FLAG_WRITE;
1163 	ceph_oloc_copy(&req->r_base_oloc, &orig_req->r_base_oloc);
1164 	ceph_oid_copy(&req->r_base_oid, &orig_req->r_base_oid);
1165 
1166 	req->r_ops[0] = orig_req->r_ops[0];
1167 
1168 	req->r_mtime = aio_req->mtime;
1169 	req->r_data_offset = req->r_ops[0].extent.offset;
1170 
1171 	ret = ceph_osdc_alloc_messages(req, GFP_NOFS);
1172 	if (ret) {
1173 		ceph_osdc_put_request(req);
1174 		req = orig_req;
1175 		goto out;
1176 	}
1177 
1178 	ceph_osdc_put_request(orig_req);
1179 
1180 	req->r_callback = ceph_aio_complete_req;
1181 	req->r_inode = inode;
1182 	req->r_priv = aio_req;
1183 
1184 	ret = ceph_osdc_start_request(req->r_osdc, req, false);
1185 out:
1186 	if (ret < 0) {
1187 		req->r_result = ret;
1188 		ceph_aio_complete_req(req);
1189 	}
1190 
1191 	ceph_put_snap_context(snapc);
1192 	kfree(aio_work);
1193 }
1194 
1195 static ssize_t
1196 ceph_direct_read_write(struct kiocb *iocb, struct iov_iter *iter,
1197 		       struct ceph_snap_context *snapc,
1198 		       struct ceph_cap_flush **pcf)
1199 {
1200 	struct file *file = iocb->ki_filp;
1201 	struct inode *inode = file_inode(file);
1202 	struct ceph_inode_info *ci = ceph_inode(inode);
1203 	struct ceph_fs_client *fsc = ceph_inode_to_client(inode);
1204 	struct ceph_client_metric *metric = &fsc->mdsc->metric;
1205 	struct ceph_vino vino;
1206 	struct ceph_osd_request *req;
1207 	struct bio_vec *bvecs;
1208 	struct ceph_aio_request *aio_req = NULL;
1209 	int num_pages = 0;
1210 	int flags;
1211 	int ret = 0;
1212 	struct timespec64 mtime = current_time(inode);
1213 	size_t count = iov_iter_count(iter);
1214 	loff_t pos = iocb->ki_pos;
1215 	bool write = iov_iter_rw(iter) == WRITE;
1216 	bool should_dirty = !write && iter_is_iovec(iter);
1217 
1218 	if (write && ceph_snap(file_inode(file)) != CEPH_NOSNAP)
1219 		return -EROFS;
1220 
1221 	dout("sync_direct_%s on file %p %lld~%u snapc %p seq %lld\n",
1222 	     (write ? "write" : "read"), file, pos, (unsigned)count,
1223 	     snapc, snapc ? snapc->seq : 0);
1224 
1225 	if (write) {
1226 		int ret2;
1227 
1228 		ceph_fscache_invalidate(inode, true);
1229 
1230 		ret2 = invalidate_inode_pages2_range(inode->i_mapping,
1231 					pos >> PAGE_SHIFT,
1232 					(pos + count - 1) >> PAGE_SHIFT);
1233 		if (ret2 < 0)
1234 			dout("invalidate_inode_pages2_range returned %d\n", ret2);
1235 
1236 		flags = /* CEPH_OSD_FLAG_ORDERSNAP | */ CEPH_OSD_FLAG_WRITE;
1237 	} else {
1238 		flags = CEPH_OSD_FLAG_READ;
1239 	}
1240 
1241 	while (iov_iter_count(iter) > 0) {
1242 		u64 size = iov_iter_count(iter);
1243 		ssize_t len;
1244 
1245 		if (write)
1246 			size = min_t(u64, size, fsc->mount_options->wsize);
1247 		else
1248 			size = min_t(u64, size, fsc->mount_options->rsize);
1249 
1250 		vino = ceph_vino(inode);
1251 		req = ceph_osdc_new_request(&fsc->client->osdc, &ci->i_layout,
1252 					    vino, pos, &size, 0,
1253 					    1,
1254 					    write ? CEPH_OSD_OP_WRITE :
1255 						    CEPH_OSD_OP_READ,
1256 					    flags, snapc,
1257 					    ci->i_truncate_seq,
1258 					    ci->i_truncate_size,
1259 					    false);
1260 		if (IS_ERR(req)) {
1261 			ret = PTR_ERR(req);
1262 			break;
1263 		}
1264 
1265 		len = iter_get_bvecs_alloc(iter, size, &bvecs, &num_pages);
1266 		if (len < 0) {
1267 			ceph_osdc_put_request(req);
1268 			ret = len;
1269 			break;
1270 		}
1271 		if (len != size)
1272 			osd_req_op_extent_update(req, 0, len);
1273 
1274 		/*
1275 		 * To simplify error handling, allow AIO when IO within i_size
1276 		 * or IO can be satisfied by single OSD request.
1277 		 */
1278 		if (pos == iocb->ki_pos && !is_sync_kiocb(iocb) &&
1279 		    (len == count || pos + count <= i_size_read(inode))) {
1280 			aio_req = kzalloc(sizeof(*aio_req), GFP_KERNEL);
1281 			if (aio_req) {
1282 				aio_req->iocb = iocb;
1283 				aio_req->write = write;
1284 				aio_req->should_dirty = should_dirty;
1285 				INIT_LIST_HEAD(&aio_req->osd_reqs);
1286 				if (write) {
1287 					aio_req->mtime = mtime;
1288 					swap(aio_req->prealloc_cf, *pcf);
1289 				}
1290 			}
1291 			/* ignore error */
1292 		}
1293 
1294 		if (write) {
1295 			/*
1296 			 * throw out any page cache pages in this range. this
1297 			 * may block.
1298 			 */
1299 			truncate_inode_pages_range(inode->i_mapping, pos,
1300 						   PAGE_ALIGN(pos + len) - 1);
1301 
1302 			req->r_mtime = mtime;
1303 		}
1304 
1305 		osd_req_op_extent_osd_data_bvecs(req, 0, bvecs, num_pages, len);
1306 
1307 		if (aio_req) {
1308 			aio_req->total_len += len;
1309 			aio_req->num_reqs++;
1310 			atomic_inc(&aio_req->pending_reqs);
1311 
1312 			req->r_callback = ceph_aio_complete_req;
1313 			req->r_inode = inode;
1314 			req->r_priv = aio_req;
1315 			list_add_tail(&req->r_private_item, &aio_req->osd_reqs);
1316 
1317 			pos += len;
1318 			continue;
1319 		}
1320 
1321 		ret = ceph_osdc_start_request(req->r_osdc, req, false);
1322 		if (!ret)
1323 			ret = ceph_osdc_wait_request(&fsc->client->osdc, req);
1324 
1325 		if (write)
1326 			ceph_update_write_metrics(metric, req->r_start_latency,
1327 						  req->r_end_latency, len, ret);
1328 		else
1329 			ceph_update_read_metrics(metric, req->r_start_latency,
1330 						 req->r_end_latency, len, ret);
1331 
1332 		size = i_size_read(inode);
1333 		if (!write) {
1334 			if (ret == -ENOENT)
1335 				ret = 0;
1336 			if (ret >= 0 && ret < len && pos + ret < size) {
1337 				struct iov_iter i;
1338 				int zlen = min_t(size_t, len - ret,
1339 						 size - pos - ret);
1340 
1341 				iov_iter_bvec(&i, READ, bvecs, num_pages, len);
1342 				iov_iter_advance(&i, ret);
1343 				iov_iter_zero(zlen, &i);
1344 				ret += zlen;
1345 			}
1346 			if (ret >= 0)
1347 				len = ret;
1348 		}
1349 
1350 		put_bvecs(bvecs, num_pages, should_dirty);
1351 		ceph_osdc_put_request(req);
1352 		if (ret < 0)
1353 			break;
1354 
1355 		pos += len;
1356 		if (!write && pos >= size)
1357 			break;
1358 
1359 		if (write && pos > size) {
1360 			if (ceph_inode_set_size(inode, pos))
1361 				ceph_check_caps(ceph_inode(inode),
1362 						CHECK_CAPS_AUTHONLY,
1363 						NULL);
1364 		}
1365 	}
1366 
1367 	if (aio_req) {
1368 		LIST_HEAD(osd_reqs);
1369 
1370 		if (aio_req->num_reqs == 0) {
1371 			kfree(aio_req);
1372 			return ret;
1373 		}
1374 
1375 		ceph_get_cap_refs(ci, write ? CEPH_CAP_FILE_WR :
1376 					      CEPH_CAP_FILE_RD);
1377 
1378 		list_splice(&aio_req->osd_reqs, &osd_reqs);
1379 		inode_dio_begin(inode);
1380 		while (!list_empty(&osd_reqs)) {
1381 			req = list_first_entry(&osd_reqs,
1382 					       struct ceph_osd_request,
1383 					       r_private_item);
1384 			list_del_init(&req->r_private_item);
1385 			if (ret >= 0)
1386 				ret = ceph_osdc_start_request(req->r_osdc,
1387 							      req, false);
1388 			if (ret < 0) {
1389 				req->r_result = ret;
1390 				ceph_aio_complete_req(req);
1391 			}
1392 		}
1393 		return -EIOCBQUEUED;
1394 	}
1395 
1396 	if (ret != -EOLDSNAPC && pos > iocb->ki_pos) {
1397 		ret = pos - iocb->ki_pos;
1398 		iocb->ki_pos = pos;
1399 	}
1400 	return ret;
1401 }
1402 
1403 /*
1404  * Synchronous write, straight from __user pointer or user pages.
1405  *
1406  * If write spans object boundary, just do multiple writes.  (For a
1407  * correct atomic write, we should e.g. take write locks on all
1408  * objects, rollback on failure, etc.)
1409  */
1410 static ssize_t
1411 ceph_sync_write(struct kiocb *iocb, struct iov_iter *from, loff_t pos,
1412 		struct ceph_snap_context *snapc)
1413 {
1414 	struct file *file = iocb->ki_filp;
1415 	struct inode *inode = file_inode(file);
1416 	struct ceph_inode_info *ci = ceph_inode(inode);
1417 	struct ceph_fs_client *fsc = ceph_inode_to_client(inode);
1418 	struct ceph_vino vino;
1419 	struct ceph_osd_request *req;
1420 	struct page **pages;
1421 	u64 len;
1422 	int num_pages;
1423 	int written = 0;
1424 	int flags;
1425 	int ret;
1426 	bool check_caps = false;
1427 	struct timespec64 mtime = current_time(inode);
1428 	size_t count = iov_iter_count(from);
1429 
1430 	if (ceph_snap(file_inode(file)) != CEPH_NOSNAP)
1431 		return -EROFS;
1432 
1433 	dout("sync_write on file %p %lld~%u snapc %p seq %lld\n",
1434 	     file, pos, (unsigned)count, snapc, snapc->seq);
1435 
1436 	ret = filemap_write_and_wait_range(inode->i_mapping,
1437 					   pos, pos + count - 1);
1438 	if (ret < 0)
1439 		return ret;
1440 
1441 	ceph_fscache_invalidate(inode, false);
1442 	ret = invalidate_inode_pages2_range(inode->i_mapping,
1443 					    pos >> PAGE_SHIFT,
1444 					    (pos + count - 1) >> PAGE_SHIFT);
1445 	if (ret < 0)
1446 		dout("invalidate_inode_pages2_range returned %d\n", ret);
1447 
1448 	flags = /* CEPH_OSD_FLAG_ORDERSNAP | */ CEPH_OSD_FLAG_WRITE;
1449 
1450 	while ((len = iov_iter_count(from)) > 0) {
1451 		size_t left;
1452 		int n;
1453 
1454 		vino = ceph_vino(inode);
1455 		req = ceph_osdc_new_request(&fsc->client->osdc, &ci->i_layout,
1456 					    vino, pos, &len, 0, 1,
1457 					    CEPH_OSD_OP_WRITE, flags, snapc,
1458 					    ci->i_truncate_seq,
1459 					    ci->i_truncate_size,
1460 					    false);
1461 		if (IS_ERR(req)) {
1462 			ret = PTR_ERR(req);
1463 			break;
1464 		}
1465 
1466 		/*
1467 		 * write from beginning of first page,
1468 		 * regardless of io alignment
1469 		 */
1470 		num_pages = (len + PAGE_SIZE - 1) >> PAGE_SHIFT;
1471 
1472 		pages = ceph_alloc_page_vector(num_pages, GFP_KERNEL);
1473 		if (IS_ERR(pages)) {
1474 			ret = PTR_ERR(pages);
1475 			goto out;
1476 		}
1477 
1478 		left = len;
1479 		for (n = 0; n < num_pages; n++) {
1480 			size_t plen = min_t(size_t, left, PAGE_SIZE);
1481 			ret = copy_page_from_iter(pages[n], 0, plen, from);
1482 			if (ret != plen) {
1483 				ret = -EFAULT;
1484 				break;
1485 			}
1486 			left -= ret;
1487 		}
1488 
1489 		if (ret < 0) {
1490 			ceph_release_page_vector(pages, num_pages);
1491 			goto out;
1492 		}
1493 
1494 		req->r_inode = inode;
1495 
1496 		osd_req_op_extent_osd_data_pages(req, 0, pages, len, 0,
1497 						false, true);
1498 
1499 		req->r_mtime = mtime;
1500 		ret = ceph_osdc_start_request(&fsc->client->osdc, req, false);
1501 		if (!ret)
1502 			ret = ceph_osdc_wait_request(&fsc->client->osdc, req);
1503 
1504 		ceph_update_write_metrics(&fsc->mdsc->metric, req->r_start_latency,
1505 					  req->r_end_latency, len, ret);
1506 out:
1507 		ceph_osdc_put_request(req);
1508 		if (ret != 0) {
1509 			ceph_set_error_write(ci);
1510 			break;
1511 		}
1512 
1513 		ceph_clear_error_write(ci);
1514 		pos += len;
1515 		written += len;
1516 		if (pos > i_size_read(inode)) {
1517 			check_caps = ceph_inode_set_size(inode, pos);
1518 			if (check_caps)
1519 				ceph_check_caps(ceph_inode(inode),
1520 						CHECK_CAPS_AUTHONLY,
1521 						NULL);
1522 		}
1523 
1524 	}
1525 
1526 	if (ret != -EOLDSNAPC && written > 0) {
1527 		ret = written;
1528 		iocb->ki_pos = pos;
1529 	}
1530 	return ret;
1531 }
1532 
1533 /*
1534  * Wrap generic_file_aio_read with checks for cap bits on the inode.
1535  * Atomically grab references, so that those bits are not released
1536  * back to the MDS mid-read.
1537  *
1538  * Hmm, the sync read case isn't actually async... should it be?
1539  */
1540 static ssize_t ceph_read_iter(struct kiocb *iocb, struct iov_iter *to)
1541 {
1542 	struct file *filp = iocb->ki_filp;
1543 	struct ceph_file_info *fi = filp->private_data;
1544 	size_t len = iov_iter_count(to);
1545 	struct inode *inode = file_inode(filp);
1546 	struct ceph_inode_info *ci = ceph_inode(inode);
1547 	bool direct_lock = iocb->ki_flags & IOCB_DIRECT;
1548 	ssize_t ret;
1549 	int want = 0, got = 0;
1550 	int retry_op = 0, read = 0;
1551 
1552 again:
1553 	dout("aio_read %p %llx.%llx %llu~%u trying to get caps on %p\n",
1554 	     inode, ceph_vinop(inode), iocb->ki_pos, (unsigned)len, inode);
1555 
1556 	if (ceph_inode_is_shutdown(inode))
1557 		return -ESTALE;
1558 
1559 	if (direct_lock)
1560 		ceph_start_io_direct(inode);
1561 	else
1562 		ceph_start_io_read(inode);
1563 
1564 	if (!(fi->flags & CEPH_F_SYNC) && !direct_lock)
1565 		want |= CEPH_CAP_FILE_CACHE;
1566 	if (fi->fmode & CEPH_FILE_MODE_LAZY)
1567 		want |= CEPH_CAP_FILE_LAZYIO;
1568 
1569 	ret = ceph_get_caps(filp, CEPH_CAP_FILE_RD, want, -1, &got);
1570 	if (ret < 0) {
1571 		if (direct_lock)
1572 			ceph_end_io_direct(inode);
1573 		else
1574 			ceph_end_io_read(inode);
1575 		return ret;
1576 	}
1577 
1578 	if ((got & (CEPH_CAP_FILE_CACHE|CEPH_CAP_FILE_LAZYIO)) == 0 ||
1579 	    (iocb->ki_flags & IOCB_DIRECT) ||
1580 	    (fi->flags & CEPH_F_SYNC)) {
1581 
1582 		dout("aio_sync_read %p %llx.%llx %llu~%u got cap refs on %s\n",
1583 		     inode, ceph_vinop(inode), iocb->ki_pos, (unsigned)len,
1584 		     ceph_cap_string(got));
1585 
1586 		if (ci->i_inline_version == CEPH_INLINE_NONE) {
1587 			if (!retry_op && (iocb->ki_flags & IOCB_DIRECT)) {
1588 				ret = ceph_direct_read_write(iocb, to,
1589 							     NULL, NULL);
1590 				if (ret >= 0 && ret < len)
1591 					retry_op = CHECK_EOF;
1592 			} else {
1593 				ret = ceph_sync_read(iocb, to, &retry_op);
1594 			}
1595 		} else {
1596 			retry_op = READ_INLINE;
1597 		}
1598 	} else {
1599 		CEPH_DEFINE_RW_CONTEXT(rw_ctx, got);
1600 		dout("aio_read %p %llx.%llx %llu~%u got cap refs on %s\n",
1601 		     inode, ceph_vinop(inode), iocb->ki_pos, (unsigned)len,
1602 		     ceph_cap_string(got));
1603 		ceph_add_rw_context(fi, &rw_ctx);
1604 		ret = generic_file_read_iter(iocb, to);
1605 		ceph_del_rw_context(fi, &rw_ctx);
1606 	}
1607 
1608 	dout("aio_read %p %llx.%llx dropping cap refs on %s = %d\n",
1609 	     inode, ceph_vinop(inode), ceph_cap_string(got), (int)ret);
1610 	ceph_put_cap_refs(ci, got);
1611 
1612 	if (direct_lock)
1613 		ceph_end_io_direct(inode);
1614 	else
1615 		ceph_end_io_read(inode);
1616 
1617 	if (retry_op > HAVE_RETRIED && ret >= 0) {
1618 		int statret;
1619 		struct page *page = NULL;
1620 		loff_t i_size;
1621 		if (retry_op == READ_INLINE) {
1622 			page = __page_cache_alloc(GFP_KERNEL);
1623 			if (!page)
1624 				return -ENOMEM;
1625 		}
1626 
1627 		statret = __ceph_do_getattr(inode, page,
1628 					    CEPH_STAT_CAP_INLINE_DATA, !!page);
1629 		if (statret < 0) {
1630 			if (page)
1631 				__free_page(page);
1632 			if (statret == -ENODATA) {
1633 				BUG_ON(retry_op != READ_INLINE);
1634 				goto again;
1635 			}
1636 			return statret;
1637 		}
1638 
1639 		i_size = i_size_read(inode);
1640 		if (retry_op == READ_INLINE) {
1641 			BUG_ON(ret > 0 || read > 0);
1642 			if (iocb->ki_pos < i_size &&
1643 			    iocb->ki_pos < PAGE_SIZE) {
1644 				loff_t end = min_t(loff_t, i_size,
1645 						   iocb->ki_pos + len);
1646 				end = min_t(loff_t, end, PAGE_SIZE);
1647 				if (statret < end)
1648 					zero_user_segment(page, statret, end);
1649 				ret = copy_page_to_iter(page,
1650 						iocb->ki_pos & ~PAGE_MASK,
1651 						end - iocb->ki_pos, to);
1652 				iocb->ki_pos += ret;
1653 				read += ret;
1654 			}
1655 			if (iocb->ki_pos < i_size && read < len) {
1656 				size_t zlen = min_t(size_t, len - read,
1657 						    i_size - iocb->ki_pos);
1658 				ret = iov_iter_zero(zlen, to);
1659 				iocb->ki_pos += ret;
1660 				read += ret;
1661 			}
1662 			__free_pages(page, 0);
1663 			return read;
1664 		}
1665 
1666 		/* hit EOF or hole? */
1667 		if (retry_op == CHECK_EOF && iocb->ki_pos < i_size &&
1668 		    ret < len) {
1669 			dout("sync_read hit hole, ppos %lld < size %lld"
1670 			     ", reading more\n", iocb->ki_pos, i_size);
1671 
1672 			read += ret;
1673 			len -= ret;
1674 			retry_op = HAVE_RETRIED;
1675 			goto again;
1676 		}
1677 	}
1678 
1679 	if (ret >= 0)
1680 		ret += read;
1681 
1682 	return ret;
1683 }
1684 
1685 /*
1686  * Take cap references to avoid releasing caps to MDS mid-write.
1687  *
1688  * If we are synchronous, and write with an old snap context, the OSD
1689  * may return EOLDSNAPC.  In that case, retry the write.. _after_
1690  * dropping our cap refs and allowing the pending snap to logically
1691  * complete _before_ this write occurs.
1692  *
1693  * If we are near ENOSPC, write synchronously.
1694  */
1695 static ssize_t ceph_write_iter(struct kiocb *iocb, struct iov_iter *from)
1696 {
1697 	struct file *file = iocb->ki_filp;
1698 	struct ceph_file_info *fi = file->private_data;
1699 	struct inode *inode = file_inode(file);
1700 	struct ceph_inode_info *ci = ceph_inode(inode);
1701 	struct ceph_fs_client *fsc = ceph_inode_to_client(inode);
1702 	struct ceph_osd_client *osdc = &fsc->client->osdc;
1703 	struct ceph_cap_flush *prealloc_cf;
1704 	ssize_t count, written = 0;
1705 	int err, want = 0, got;
1706 	bool direct_lock = false;
1707 	u32 map_flags;
1708 	u64 pool_flags;
1709 	loff_t pos;
1710 	loff_t limit = max(i_size_read(inode), fsc->max_file_size);
1711 
1712 	if (ceph_inode_is_shutdown(inode))
1713 		return -ESTALE;
1714 
1715 	if (ceph_snap(inode) != CEPH_NOSNAP)
1716 		return -EROFS;
1717 
1718 	prealloc_cf = ceph_alloc_cap_flush();
1719 	if (!prealloc_cf)
1720 		return -ENOMEM;
1721 
1722 	if ((iocb->ki_flags & (IOCB_DIRECT | IOCB_APPEND)) == IOCB_DIRECT)
1723 		direct_lock = true;
1724 
1725 retry_snap:
1726 	if (direct_lock)
1727 		ceph_start_io_direct(inode);
1728 	else
1729 		ceph_start_io_write(inode);
1730 
1731 	/* We can write back this queue in page reclaim */
1732 	current->backing_dev_info = inode_to_bdi(inode);
1733 
1734 	if (iocb->ki_flags & IOCB_APPEND) {
1735 		err = ceph_do_getattr(inode, CEPH_STAT_CAP_SIZE, false);
1736 		if (err < 0)
1737 			goto out;
1738 	}
1739 
1740 	err = generic_write_checks(iocb, from);
1741 	if (err <= 0)
1742 		goto out;
1743 
1744 	pos = iocb->ki_pos;
1745 	if (unlikely(pos >= limit)) {
1746 		err = -EFBIG;
1747 		goto out;
1748 	} else {
1749 		iov_iter_truncate(from, limit - pos);
1750 	}
1751 
1752 	count = iov_iter_count(from);
1753 	if (ceph_quota_is_max_bytes_exceeded(inode, pos + count)) {
1754 		err = -EDQUOT;
1755 		goto out;
1756 	}
1757 
1758 	down_read(&osdc->lock);
1759 	map_flags = osdc->osdmap->flags;
1760 	pool_flags = ceph_pg_pool_flags(osdc->osdmap, ci->i_layout.pool_id);
1761 	up_read(&osdc->lock);
1762 	if ((map_flags & CEPH_OSDMAP_FULL) ||
1763 	    (pool_flags & CEPH_POOL_FLAG_FULL)) {
1764 		err = -ENOSPC;
1765 		goto out;
1766 	}
1767 
1768 	err = file_remove_privs(file);
1769 	if (err)
1770 		goto out;
1771 
1772 	if (ci->i_inline_version != CEPH_INLINE_NONE) {
1773 		err = ceph_uninline_data(file, NULL);
1774 		if (err < 0)
1775 			goto out;
1776 	}
1777 
1778 	dout("aio_write %p %llx.%llx %llu~%zd getting caps. i_size %llu\n",
1779 	     inode, ceph_vinop(inode), pos, count, i_size_read(inode));
1780 	if (!(fi->flags & CEPH_F_SYNC) && !direct_lock)
1781 		want |= CEPH_CAP_FILE_BUFFER;
1782 	if (fi->fmode & CEPH_FILE_MODE_LAZY)
1783 		want |= CEPH_CAP_FILE_LAZYIO;
1784 	got = 0;
1785 	err = ceph_get_caps(file, CEPH_CAP_FILE_WR, want, pos + count, &got);
1786 	if (err < 0)
1787 		goto out;
1788 
1789 	err = file_update_time(file);
1790 	if (err)
1791 		goto out_caps;
1792 
1793 	inode_inc_iversion_raw(inode);
1794 
1795 	dout("aio_write %p %llx.%llx %llu~%zd got cap refs on %s\n",
1796 	     inode, ceph_vinop(inode), pos, count, ceph_cap_string(got));
1797 
1798 	if ((got & (CEPH_CAP_FILE_BUFFER|CEPH_CAP_FILE_LAZYIO)) == 0 ||
1799 	    (iocb->ki_flags & IOCB_DIRECT) || (fi->flags & CEPH_F_SYNC) ||
1800 	    (ci->i_ceph_flags & CEPH_I_ERROR_WRITE)) {
1801 		struct ceph_snap_context *snapc;
1802 		struct iov_iter data;
1803 
1804 		spin_lock(&ci->i_ceph_lock);
1805 		if (__ceph_have_pending_cap_snap(ci)) {
1806 			struct ceph_cap_snap *capsnap =
1807 					list_last_entry(&ci->i_cap_snaps,
1808 							struct ceph_cap_snap,
1809 							ci_item);
1810 			snapc = ceph_get_snap_context(capsnap->context);
1811 		} else {
1812 			BUG_ON(!ci->i_head_snapc);
1813 			snapc = ceph_get_snap_context(ci->i_head_snapc);
1814 		}
1815 		spin_unlock(&ci->i_ceph_lock);
1816 
1817 		/* we might need to revert back to that point */
1818 		data = *from;
1819 		if (iocb->ki_flags & IOCB_DIRECT)
1820 			written = ceph_direct_read_write(iocb, &data, snapc,
1821 							 &prealloc_cf);
1822 		else
1823 			written = ceph_sync_write(iocb, &data, pos, snapc);
1824 		if (direct_lock)
1825 			ceph_end_io_direct(inode);
1826 		else
1827 			ceph_end_io_write(inode);
1828 		if (written > 0)
1829 			iov_iter_advance(from, written);
1830 		ceph_put_snap_context(snapc);
1831 	} else {
1832 		/*
1833 		 * No need to acquire the i_truncate_mutex. Because
1834 		 * the MDS revokes Fwb caps before sending truncate
1835 		 * message to us. We can't get Fwb cap while there
1836 		 * are pending vmtruncate. So write and vmtruncate
1837 		 * can not run at the same time
1838 		 */
1839 		written = generic_perform_write(file, from, pos);
1840 		if (likely(written >= 0))
1841 			iocb->ki_pos = pos + written;
1842 		ceph_end_io_write(inode);
1843 	}
1844 
1845 	if (written >= 0) {
1846 		int dirty;
1847 
1848 		spin_lock(&ci->i_ceph_lock);
1849 		ci->i_inline_version = CEPH_INLINE_NONE;
1850 		dirty = __ceph_mark_dirty_caps(ci, CEPH_CAP_FILE_WR,
1851 					       &prealloc_cf);
1852 		spin_unlock(&ci->i_ceph_lock);
1853 		if (dirty)
1854 			__mark_inode_dirty(inode, dirty);
1855 		if (ceph_quota_is_max_bytes_approaching(inode, iocb->ki_pos))
1856 			ceph_check_caps(ci, 0, NULL);
1857 	}
1858 
1859 	dout("aio_write %p %llx.%llx %llu~%u  dropping cap refs on %s\n",
1860 	     inode, ceph_vinop(inode), pos, (unsigned)count,
1861 	     ceph_cap_string(got));
1862 	ceph_put_cap_refs(ci, got);
1863 
1864 	if (written == -EOLDSNAPC) {
1865 		dout("aio_write %p %llx.%llx %llu~%u" "got EOLDSNAPC, retrying\n",
1866 		     inode, ceph_vinop(inode), pos, (unsigned)count);
1867 		goto retry_snap;
1868 	}
1869 
1870 	if (written >= 0) {
1871 		if ((map_flags & CEPH_OSDMAP_NEARFULL) ||
1872 		    (pool_flags & CEPH_POOL_FLAG_NEARFULL))
1873 			iocb->ki_flags |= IOCB_DSYNC;
1874 		written = generic_write_sync(iocb, written);
1875 	}
1876 
1877 	goto out_unlocked;
1878 out_caps:
1879 	ceph_put_cap_refs(ci, got);
1880 out:
1881 	if (direct_lock)
1882 		ceph_end_io_direct(inode);
1883 	else
1884 		ceph_end_io_write(inode);
1885 out_unlocked:
1886 	ceph_free_cap_flush(prealloc_cf);
1887 	current->backing_dev_info = NULL;
1888 	return written ? written : err;
1889 }
1890 
1891 /*
1892  * llseek.  be sure to verify file size on SEEK_END.
1893  */
1894 static loff_t ceph_llseek(struct file *file, loff_t offset, int whence)
1895 {
1896 	struct inode *inode = file->f_mapping->host;
1897 	struct ceph_fs_client *fsc = ceph_inode_to_client(inode);
1898 	loff_t i_size;
1899 	loff_t ret;
1900 
1901 	inode_lock(inode);
1902 
1903 	if (whence == SEEK_END || whence == SEEK_DATA || whence == SEEK_HOLE) {
1904 		ret = ceph_do_getattr(inode, CEPH_STAT_CAP_SIZE, false);
1905 		if (ret < 0)
1906 			goto out;
1907 	}
1908 
1909 	i_size = i_size_read(inode);
1910 	switch (whence) {
1911 	case SEEK_END:
1912 		offset += i_size;
1913 		break;
1914 	case SEEK_CUR:
1915 		/*
1916 		 * Here we special-case the lseek(fd, 0, SEEK_CUR)
1917 		 * position-querying operation.  Avoid rewriting the "same"
1918 		 * f_pos value back to the file because a concurrent read(),
1919 		 * write() or lseek() might have altered it
1920 		 */
1921 		if (offset == 0) {
1922 			ret = file->f_pos;
1923 			goto out;
1924 		}
1925 		offset += file->f_pos;
1926 		break;
1927 	case SEEK_DATA:
1928 		if (offset < 0 || offset >= i_size) {
1929 			ret = -ENXIO;
1930 			goto out;
1931 		}
1932 		break;
1933 	case SEEK_HOLE:
1934 		if (offset < 0 || offset >= i_size) {
1935 			ret = -ENXIO;
1936 			goto out;
1937 		}
1938 		offset = i_size;
1939 		break;
1940 	}
1941 
1942 	ret = vfs_setpos(file, offset, max(i_size, fsc->max_file_size));
1943 
1944 out:
1945 	inode_unlock(inode);
1946 	return ret;
1947 }
1948 
1949 static inline void ceph_zero_partial_page(
1950 	struct inode *inode, loff_t offset, unsigned size)
1951 {
1952 	struct page *page;
1953 	pgoff_t index = offset >> PAGE_SHIFT;
1954 
1955 	page = find_lock_page(inode->i_mapping, index);
1956 	if (page) {
1957 		wait_on_page_writeback(page);
1958 		zero_user(page, offset & (PAGE_SIZE - 1), size);
1959 		unlock_page(page);
1960 		put_page(page);
1961 	}
1962 }
1963 
1964 static void ceph_zero_pagecache_range(struct inode *inode, loff_t offset,
1965 				      loff_t length)
1966 {
1967 	loff_t nearly = round_up(offset, PAGE_SIZE);
1968 	if (offset < nearly) {
1969 		loff_t size = nearly - offset;
1970 		if (length < size)
1971 			size = length;
1972 		ceph_zero_partial_page(inode, offset, size);
1973 		offset += size;
1974 		length -= size;
1975 	}
1976 	if (length >= PAGE_SIZE) {
1977 		loff_t size = round_down(length, PAGE_SIZE);
1978 		truncate_pagecache_range(inode, offset, offset + size - 1);
1979 		offset += size;
1980 		length -= size;
1981 	}
1982 	if (length)
1983 		ceph_zero_partial_page(inode, offset, length);
1984 }
1985 
1986 static int ceph_zero_partial_object(struct inode *inode,
1987 				    loff_t offset, loff_t *length)
1988 {
1989 	struct ceph_inode_info *ci = ceph_inode(inode);
1990 	struct ceph_fs_client *fsc = ceph_inode_to_client(inode);
1991 	struct ceph_osd_request *req;
1992 	int ret = 0;
1993 	loff_t zero = 0;
1994 	int op;
1995 
1996 	if (!length) {
1997 		op = offset ? CEPH_OSD_OP_DELETE : CEPH_OSD_OP_TRUNCATE;
1998 		length = &zero;
1999 	} else {
2000 		op = CEPH_OSD_OP_ZERO;
2001 	}
2002 
2003 	req = ceph_osdc_new_request(&fsc->client->osdc, &ci->i_layout,
2004 					ceph_vino(inode),
2005 					offset, length,
2006 					0, 1, op,
2007 					CEPH_OSD_FLAG_WRITE,
2008 					NULL, 0, 0, false);
2009 	if (IS_ERR(req)) {
2010 		ret = PTR_ERR(req);
2011 		goto out;
2012 	}
2013 
2014 	req->r_mtime = inode->i_mtime;
2015 	ret = ceph_osdc_start_request(&fsc->client->osdc, req, false);
2016 	if (!ret) {
2017 		ret = ceph_osdc_wait_request(&fsc->client->osdc, req);
2018 		if (ret == -ENOENT)
2019 			ret = 0;
2020 	}
2021 	ceph_osdc_put_request(req);
2022 
2023 out:
2024 	return ret;
2025 }
2026 
2027 static int ceph_zero_objects(struct inode *inode, loff_t offset, loff_t length)
2028 {
2029 	int ret = 0;
2030 	struct ceph_inode_info *ci = ceph_inode(inode);
2031 	s32 stripe_unit = ci->i_layout.stripe_unit;
2032 	s32 stripe_count = ci->i_layout.stripe_count;
2033 	s32 object_size = ci->i_layout.object_size;
2034 	u64 object_set_size = object_size * stripe_count;
2035 	u64 nearly, t;
2036 
2037 	/* round offset up to next period boundary */
2038 	nearly = offset + object_set_size - 1;
2039 	t = nearly;
2040 	nearly -= do_div(t, object_set_size);
2041 
2042 	while (length && offset < nearly) {
2043 		loff_t size = length;
2044 		ret = ceph_zero_partial_object(inode, offset, &size);
2045 		if (ret < 0)
2046 			return ret;
2047 		offset += size;
2048 		length -= size;
2049 	}
2050 	while (length >= object_set_size) {
2051 		int i;
2052 		loff_t pos = offset;
2053 		for (i = 0; i < stripe_count; ++i) {
2054 			ret = ceph_zero_partial_object(inode, pos, NULL);
2055 			if (ret < 0)
2056 				return ret;
2057 			pos += stripe_unit;
2058 		}
2059 		offset += object_set_size;
2060 		length -= object_set_size;
2061 	}
2062 	while (length) {
2063 		loff_t size = length;
2064 		ret = ceph_zero_partial_object(inode, offset, &size);
2065 		if (ret < 0)
2066 			return ret;
2067 		offset += size;
2068 		length -= size;
2069 	}
2070 	return ret;
2071 }
2072 
2073 static long ceph_fallocate(struct file *file, int mode,
2074 				loff_t offset, loff_t length)
2075 {
2076 	struct ceph_file_info *fi = file->private_data;
2077 	struct inode *inode = file_inode(file);
2078 	struct ceph_inode_info *ci = ceph_inode(inode);
2079 	struct ceph_cap_flush *prealloc_cf;
2080 	int want, got = 0;
2081 	int dirty;
2082 	int ret = 0;
2083 	loff_t endoff = 0;
2084 	loff_t size;
2085 
2086 	if (mode != (FALLOC_FL_KEEP_SIZE | FALLOC_FL_PUNCH_HOLE))
2087 		return -EOPNOTSUPP;
2088 
2089 	if (!S_ISREG(inode->i_mode))
2090 		return -EOPNOTSUPP;
2091 
2092 	prealloc_cf = ceph_alloc_cap_flush();
2093 	if (!prealloc_cf)
2094 		return -ENOMEM;
2095 
2096 	inode_lock(inode);
2097 
2098 	if (ceph_snap(inode) != CEPH_NOSNAP) {
2099 		ret = -EROFS;
2100 		goto unlock;
2101 	}
2102 
2103 	if (ci->i_inline_version != CEPH_INLINE_NONE) {
2104 		ret = ceph_uninline_data(file, NULL);
2105 		if (ret < 0)
2106 			goto unlock;
2107 	}
2108 
2109 	size = i_size_read(inode);
2110 
2111 	/* Are we punching a hole beyond EOF? */
2112 	if (offset >= size)
2113 		goto unlock;
2114 	if ((offset + length) > size)
2115 		length = size - offset;
2116 
2117 	if (fi->fmode & CEPH_FILE_MODE_LAZY)
2118 		want = CEPH_CAP_FILE_BUFFER | CEPH_CAP_FILE_LAZYIO;
2119 	else
2120 		want = CEPH_CAP_FILE_BUFFER;
2121 
2122 	ret = ceph_get_caps(file, CEPH_CAP_FILE_WR, want, endoff, &got);
2123 	if (ret < 0)
2124 		goto unlock;
2125 
2126 	filemap_invalidate_lock(inode->i_mapping);
2127 	ceph_fscache_invalidate(inode, false);
2128 	ceph_zero_pagecache_range(inode, offset, length);
2129 	ret = ceph_zero_objects(inode, offset, length);
2130 
2131 	if (!ret) {
2132 		spin_lock(&ci->i_ceph_lock);
2133 		ci->i_inline_version = CEPH_INLINE_NONE;
2134 		dirty = __ceph_mark_dirty_caps(ci, CEPH_CAP_FILE_WR,
2135 					       &prealloc_cf);
2136 		spin_unlock(&ci->i_ceph_lock);
2137 		if (dirty)
2138 			__mark_inode_dirty(inode, dirty);
2139 	}
2140 	filemap_invalidate_unlock(inode->i_mapping);
2141 
2142 	ceph_put_cap_refs(ci, got);
2143 unlock:
2144 	inode_unlock(inode);
2145 	ceph_free_cap_flush(prealloc_cf);
2146 	return ret;
2147 }
2148 
2149 /*
2150  * This function tries to get FILE_WR capabilities for dst_ci and FILE_RD for
2151  * src_ci.  Two attempts are made to obtain both caps, and an error is return if
2152  * this fails; zero is returned on success.
2153  */
2154 static int get_rd_wr_caps(struct file *src_filp, int *src_got,
2155 			  struct file *dst_filp,
2156 			  loff_t dst_endoff, int *dst_got)
2157 {
2158 	int ret = 0;
2159 	bool retrying = false;
2160 
2161 retry_caps:
2162 	ret = ceph_get_caps(dst_filp, CEPH_CAP_FILE_WR, CEPH_CAP_FILE_BUFFER,
2163 			    dst_endoff, dst_got);
2164 	if (ret < 0)
2165 		return ret;
2166 
2167 	/*
2168 	 * Since we're already holding the FILE_WR capability for the dst file,
2169 	 * we would risk a deadlock by using ceph_get_caps.  Thus, we'll do some
2170 	 * retry dance instead to try to get both capabilities.
2171 	 */
2172 	ret = ceph_try_get_caps(file_inode(src_filp),
2173 				CEPH_CAP_FILE_RD, CEPH_CAP_FILE_SHARED,
2174 				false, src_got);
2175 	if (ret <= 0) {
2176 		/* Start by dropping dst_ci caps and getting src_ci caps */
2177 		ceph_put_cap_refs(ceph_inode(file_inode(dst_filp)), *dst_got);
2178 		if (retrying) {
2179 			if (!ret)
2180 				/* ceph_try_get_caps masks EAGAIN */
2181 				ret = -EAGAIN;
2182 			return ret;
2183 		}
2184 		ret = ceph_get_caps(src_filp, CEPH_CAP_FILE_RD,
2185 				    CEPH_CAP_FILE_SHARED, -1, src_got);
2186 		if (ret < 0)
2187 			return ret;
2188 		/*... drop src_ci caps too, and retry */
2189 		ceph_put_cap_refs(ceph_inode(file_inode(src_filp)), *src_got);
2190 		retrying = true;
2191 		goto retry_caps;
2192 	}
2193 	return ret;
2194 }
2195 
2196 static void put_rd_wr_caps(struct ceph_inode_info *src_ci, int src_got,
2197 			   struct ceph_inode_info *dst_ci, int dst_got)
2198 {
2199 	ceph_put_cap_refs(src_ci, src_got);
2200 	ceph_put_cap_refs(dst_ci, dst_got);
2201 }
2202 
2203 /*
2204  * This function does several size-related checks, returning an error if:
2205  *  - source file is smaller than off+len
2206  *  - destination file size is not OK (inode_newsize_ok())
2207  *  - max bytes quotas is exceeded
2208  */
2209 static int is_file_size_ok(struct inode *src_inode, struct inode *dst_inode,
2210 			   loff_t src_off, loff_t dst_off, size_t len)
2211 {
2212 	loff_t size, endoff;
2213 
2214 	size = i_size_read(src_inode);
2215 	/*
2216 	 * Don't copy beyond source file EOF.  Instead of simply setting length
2217 	 * to (size - src_off), just drop to VFS default implementation, as the
2218 	 * local i_size may be stale due to other clients writing to the source
2219 	 * inode.
2220 	 */
2221 	if (src_off + len > size) {
2222 		dout("Copy beyond EOF (%llu + %zu > %llu)\n",
2223 		     src_off, len, size);
2224 		return -EOPNOTSUPP;
2225 	}
2226 	size = i_size_read(dst_inode);
2227 
2228 	endoff = dst_off + len;
2229 	if (inode_newsize_ok(dst_inode, endoff))
2230 		return -EOPNOTSUPP;
2231 
2232 	if (ceph_quota_is_max_bytes_exceeded(dst_inode, endoff))
2233 		return -EDQUOT;
2234 
2235 	return 0;
2236 }
2237 
2238 static struct ceph_osd_request *
2239 ceph_alloc_copyfrom_request(struct ceph_osd_client *osdc,
2240 			    u64 src_snapid,
2241 			    struct ceph_object_id *src_oid,
2242 			    struct ceph_object_locator *src_oloc,
2243 			    struct ceph_object_id *dst_oid,
2244 			    struct ceph_object_locator *dst_oloc,
2245 			    u32 truncate_seq, u64 truncate_size)
2246 {
2247 	struct ceph_osd_request *req;
2248 	int ret;
2249 	u32 src_fadvise_flags =
2250 		CEPH_OSD_OP_FLAG_FADVISE_SEQUENTIAL |
2251 		CEPH_OSD_OP_FLAG_FADVISE_NOCACHE;
2252 	u32 dst_fadvise_flags =
2253 		CEPH_OSD_OP_FLAG_FADVISE_SEQUENTIAL |
2254 		CEPH_OSD_OP_FLAG_FADVISE_DONTNEED;
2255 
2256 	req = ceph_osdc_alloc_request(osdc, NULL, 1, false, GFP_KERNEL);
2257 	if (!req)
2258 		return ERR_PTR(-ENOMEM);
2259 
2260 	req->r_flags = CEPH_OSD_FLAG_WRITE;
2261 
2262 	ceph_oloc_copy(&req->r_t.base_oloc, dst_oloc);
2263 	ceph_oid_copy(&req->r_t.base_oid, dst_oid);
2264 
2265 	ret = osd_req_op_copy_from_init(req, src_snapid, 0,
2266 					src_oid, src_oloc,
2267 					src_fadvise_flags,
2268 					dst_fadvise_flags,
2269 					truncate_seq,
2270 					truncate_size,
2271 					CEPH_OSD_COPY_FROM_FLAG_TRUNCATE_SEQ);
2272 	if (ret)
2273 		goto out;
2274 
2275 	ret = ceph_osdc_alloc_messages(req, GFP_KERNEL);
2276 	if (ret)
2277 		goto out;
2278 
2279 	return req;
2280 
2281 out:
2282 	ceph_osdc_put_request(req);
2283 	return ERR_PTR(ret);
2284 }
2285 
2286 static ssize_t ceph_do_objects_copy(struct ceph_inode_info *src_ci, u64 *src_off,
2287 				    struct ceph_inode_info *dst_ci, u64 *dst_off,
2288 				    struct ceph_fs_client *fsc,
2289 				    size_t len, unsigned int flags)
2290 {
2291 	struct ceph_object_locator src_oloc, dst_oloc;
2292 	struct ceph_object_id src_oid, dst_oid;
2293 	struct ceph_osd_client *osdc;
2294 	struct ceph_osd_request *req;
2295 	size_t bytes = 0;
2296 	u64 src_objnum, src_objoff, dst_objnum, dst_objoff;
2297 	u32 src_objlen, dst_objlen;
2298 	u32 object_size = src_ci->i_layout.object_size;
2299 	int ret;
2300 
2301 	src_oloc.pool = src_ci->i_layout.pool_id;
2302 	src_oloc.pool_ns = ceph_try_get_string(src_ci->i_layout.pool_ns);
2303 	dst_oloc.pool = dst_ci->i_layout.pool_id;
2304 	dst_oloc.pool_ns = ceph_try_get_string(dst_ci->i_layout.pool_ns);
2305 	osdc = &fsc->client->osdc;
2306 
2307 	while (len >= object_size) {
2308 		ceph_calc_file_object_mapping(&src_ci->i_layout, *src_off,
2309 					      object_size, &src_objnum,
2310 					      &src_objoff, &src_objlen);
2311 		ceph_calc_file_object_mapping(&dst_ci->i_layout, *dst_off,
2312 					      object_size, &dst_objnum,
2313 					      &dst_objoff, &dst_objlen);
2314 		ceph_oid_init(&src_oid);
2315 		ceph_oid_printf(&src_oid, "%llx.%08llx",
2316 				src_ci->i_vino.ino, src_objnum);
2317 		ceph_oid_init(&dst_oid);
2318 		ceph_oid_printf(&dst_oid, "%llx.%08llx",
2319 				dst_ci->i_vino.ino, dst_objnum);
2320 		/* Do an object remote copy */
2321 		req = ceph_alloc_copyfrom_request(osdc, src_ci->i_vino.snap,
2322 						  &src_oid, &src_oloc,
2323 						  &dst_oid, &dst_oloc,
2324 						  dst_ci->i_truncate_seq,
2325 						  dst_ci->i_truncate_size);
2326 		if (IS_ERR(req))
2327 			ret = PTR_ERR(req);
2328 		else {
2329 			ceph_osdc_start_request(osdc, req, false);
2330 			ret = ceph_osdc_wait_request(osdc, req);
2331 			ceph_update_copyfrom_metrics(&fsc->mdsc->metric,
2332 						     req->r_start_latency,
2333 						     req->r_end_latency,
2334 						     object_size, ret);
2335 			ceph_osdc_put_request(req);
2336 		}
2337 		if (ret) {
2338 			if (ret == -EOPNOTSUPP) {
2339 				fsc->have_copy_from2 = false;
2340 				pr_notice("OSDs don't support copy-from2; disabling copy offload\n");
2341 			}
2342 			dout("ceph_osdc_copy_from returned %d\n", ret);
2343 			if (!bytes)
2344 				bytes = ret;
2345 			goto out;
2346 		}
2347 		len -= object_size;
2348 		bytes += object_size;
2349 		*src_off += object_size;
2350 		*dst_off += object_size;
2351 	}
2352 
2353 out:
2354 	ceph_oloc_destroy(&src_oloc);
2355 	ceph_oloc_destroy(&dst_oloc);
2356 	return bytes;
2357 }
2358 
2359 static ssize_t __ceph_copy_file_range(struct file *src_file, loff_t src_off,
2360 				      struct file *dst_file, loff_t dst_off,
2361 				      size_t len, unsigned int flags)
2362 {
2363 	struct inode *src_inode = file_inode(src_file);
2364 	struct inode *dst_inode = file_inode(dst_file);
2365 	struct ceph_inode_info *src_ci = ceph_inode(src_inode);
2366 	struct ceph_inode_info *dst_ci = ceph_inode(dst_inode);
2367 	struct ceph_cap_flush *prealloc_cf;
2368 	struct ceph_fs_client *src_fsc = ceph_inode_to_client(src_inode);
2369 	loff_t size;
2370 	ssize_t ret = -EIO, bytes;
2371 	u64 src_objnum, dst_objnum, src_objoff, dst_objoff;
2372 	u32 src_objlen, dst_objlen;
2373 	int src_got = 0, dst_got = 0, err, dirty;
2374 
2375 	if (src_inode->i_sb != dst_inode->i_sb) {
2376 		struct ceph_fs_client *dst_fsc = ceph_inode_to_client(dst_inode);
2377 
2378 		if (ceph_fsid_compare(&src_fsc->client->fsid,
2379 				      &dst_fsc->client->fsid)) {
2380 			dout("Copying files across clusters: src: %pU dst: %pU\n",
2381 			     &src_fsc->client->fsid, &dst_fsc->client->fsid);
2382 			return -EXDEV;
2383 		}
2384 	}
2385 	if (ceph_snap(dst_inode) != CEPH_NOSNAP)
2386 		return -EROFS;
2387 
2388 	/*
2389 	 * Some of the checks below will return -EOPNOTSUPP, which will force a
2390 	 * fallback to the default VFS copy_file_range implementation.  This is
2391 	 * desirable in several cases (for ex, the 'len' is smaller than the
2392 	 * size of the objects, or in cases where that would be more
2393 	 * efficient).
2394 	 */
2395 
2396 	if (ceph_test_mount_opt(src_fsc, NOCOPYFROM))
2397 		return -EOPNOTSUPP;
2398 
2399 	if (!src_fsc->have_copy_from2)
2400 		return -EOPNOTSUPP;
2401 
2402 	/*
2403 	 * Striped file layouts require that we copy partial objects, but the
2404 	 * OSD copy-from operation only supports full-object copies.  Limit
2405 	 * this to non-striped file layouts for now.
2406 	 */
2407 	if ((src_ci->i_layout.stripe_unit != dst_ci->i_layout.stripe_unit) ||
2408 	    (src_ci->i_layout.stripe_count != 1) ||
2409 	    (dst_ci->i_layout.stripe_count != 1) ||
2410 	    (src_ci->i_layout.object_size != dst_ci->i_layout.object_size)) {
2411 		dout("Invalid src/dst files layout\n");
2412 		return -EOPNOTSUPP;
2413 	}
2414 
2415 	if (len < src_ci->i_layout.object_size)
2416 		return -EOPNOTSUPP; /* no remote copy will be done */
2417 
2418 	prealloc_cf = ceph_alloc_cap_flush();
2419 	if (!prealloc_cf)
2420 		return -ENOMEM;
2421 
2422 	/* Start by sync'ing the source and destination files */
2423 	ret = file_write_and_wait_range(src_file, src_off, (src_off + len));
2424 	if (ret < 0) {
2425 		dout("failed to write src file (%zd)\n", ret);
2426 		goto out;
2427 	}
2428 	ret = file_write_and_wait_range(dst_file, dst_off, (dst_off + len));
2429 	if (ret < 0) {
2430 		dout("failed to write dst file (%zd)\n", ret);
2431 		goto out;
2432 	}
2433 
2434 	/*
2435 	 * We need FILE_WR caps for dst_ci and FILE_RD for src_ci as other
2436 	 * clients may have dirty data in their caches.  And OSDs know nothing
2437 	 * about caps, so they can't safely do the remote object copies.
2438 	 */
2439 	err = get_rd_wr_caps(src_file, &src_got,
2440 			     dst_file, (dst_off + len), &dst_got);
2441 	if (err < 0) {
2442 		dout("get_rd_wr_caps returned %d\n", err);
2443 		ret = -EOPNOTSUPP;
2444 		goto out;
2445 	}
2446 
2447 	ret = is_file_size_ok(src_inode, dst_inode, src_off, dst_off, len);
2448 	if (ret < 0)
2449 		goto out_caps;
2450 
2451 	/* Drop dst file cached pages */
2452 	ceph_fscache_invalidate(dst_inode, false);
2453 	ret = invalidate_inode_pages2_range(dst_inode->i_mapping,
2454 					    dst_off >> PAGE_SHIFT,
2455 					    (dst_off + len) >> PAGE_SHIFT);
2456 	if (ret < 0) {
2457 		dout("Failed to invalidate inode pages (%zd)\n", ret);
2458 		ret = 0; /* XXX */
2459 	}
2460 	ceph_calc_file_object_mapping(&src_ci->i_layout, src_off,
2461 				      src_ci->i_layout.object_size,
2462 				      &src_objnum, &src_objoff, &src_objlen);
2463 	ceph_calc_file_object_mapping(&dst_ci->i_layout, dst_off,
2464 				      dst_ci->i_layout.object_size,
2465 				      &dst_objnum, &dst_objoff, &dst_objlen);
2466 	/* object-level offsets need to the same */
2467 	if (src_objoff != dst_objoff) {
2468 		ret = -EOPNOTSUPP;
2469 		goto out_caps;
2470 	}
2471 
2472 	/*
2473 	 * Do a manual copy if the object offset isn't object aligned.
2474 	 * 'src_objlen' contains the bytes left until the end of the object,
2475 	 * starting at the src_off
2476 	 */
2477 	if (src_objoff) {
2478 		dout("Initial partial copy of %u bytes\n", src_objlen);
2479 
2480 		/*
2481 		 * we need to temporarily drop all caps as we'll be calling
2482 		 * {read,write}_iter, which will get caps again.
2483 		 */
2484 		put_rd_wr_caps(src_ci, src_got, dst_ci, dst_got);
2485 		ret = do_splice_direct(src_file, &src_off, dst_file,
2486 				       &dst_off, src_objlen, flags);
2487 		/* Abort on short copies or on error */
2488 		if (ret < src_objlen) {
2489 			dout("Failed partial copy (%zd)\n", ret);
2490 			goto out;
2491 		}
2492 		len -= ret;
2493 		err = get_rd_wr_caps(src_file, &src_got,
2494 				     dst_file, (dst_off + len), &dst_got);
2495 		if (err < 0)
2496 			goto out;
2497 		err = is_file_size_ok(src_inode, dst_inode,
2498 				      src_off, dst_off, len);
2499 		if (err < 0)
2500 			goto out_caps;
2501 	}
2502 
2503 	size = i_size_read(dst_inode);
2504 	bytes = ceph_do_objects_copy(src_ci, &src_off, dst_ci, &dst_off,
2505 				     src_fsc, len, flags);
2506 	if (bytes <= 0) {
2507 		if (!ret)
2508 			ret = bytes;
2509 		goto out_caps;
2510 	}
2511 	dout("Copied %zu bytes out of %zu\n", bytes, len);
2512 	len -= bytes;
2513 	ret += bytes;
2514 
2515 	file_update_time(dst_file);
2516 	inode_inc_iversion_raw(dst_inode);
2517 
2518 	if (dst_off > size) {
2519 		/* Let the MDS know about dst file size change */
2520 		if (ceph_inode_set_size(dst_inode, dst_off) ||
2521 		    ceph_quota_is_max_bytes_approaching(dst_inode, dst_off))
2522 			ceph_check_caps(dst_ci, CHECK_CAPS_AUTHONLY, NULL);
2523 	}
2524 	/* Mark Fw dirty */
2525 	spin_lock(&dst_ci->i_ceph_lock);
2526 	dst_ci->i_inline_version = CEPH_INLINE_NONE;
2527 	dirty = __ceph_mark_dirty_caps(dst_ci, CEPH_CAP_FILE_WR, &prealloc_cf);
2528 	spin_unlock(&dst_ci->i_ceph_lock);
2529 	if (dirty)
2530 		__mark_inode_dirty(dst_inode, dirty);
2531 
2532 out_caps:
2533 	put_rd_wr_caps(src_ci, src_got, dst_ci, dst_got);
2534 
2535 	/*
2536 	 * Do the final manual copy if we still have some bytes left, unless
2537 	 * there were errors in remote object copies (len >= object_size).
2538 	 */
2539 	if (len && (len < src_ci->i_layout.object_size)) {
2540 		dout("Final partial copy of %zu bytes\n", len);
2541 		bytes = do_splice_direct(src_file, &src_off, dst_file,
2542 					 &dst_off, len, flags);
2543 		if (bytes > 0)
2544 			ret += bytes;
2545 		else
2546 			dout("Failed partial copy (%zd)\n", bytes);
2547 	}
2548 
2549 out:
2550 	ceph_free_cap_flush(prealloc_cf);
2551 
2552 	return ret;
2553 }
2554 
2555 static ssize_t ceph_copy_file_range(struct file *src_file, loff_t src_off,
2556 				    struct file *dst_file, loff_t dst_off,
2557 				    size_t len, unsigned int flags)
2558 {
2559 	ssize_t ret;
2560 
2561 	ret = __ceph_copy_file_range(src_file, src_off, dst_file, dst_off,
2562 				     len, flags);
2563 
2564 	if (ret == -EOPNOTSUPP || ret == -EXDEV)
2565 		ret = generic_copy_file_range(src_file, src_off, dst_file,
2566 					      dst_off, len, flags);
2567 	return ret;
2568 }
2569 
2570 const struct file_operations ceph_file_fops = {
2571 	.open = ceph_open,
2572 	.release = ceph_release,
2573 	.llseek = ceph_llseek,
2574 	.read_iter = ceph_read_iter,
2575 	.write_iter = ceph_write_iter,
2576 	.mmap = ceph_mmap,
2577 	.fsync = ceph_fsync,
2578 	.lock = ceph_lock,
2579 	.setlease = simple_nosetlease,
2580 	.flock = ceph_flock,
2581 	.splice_read = generic_file_splice_read,
2582 	.splice_write = iter_file_splice_write,
2583 	.unlocked_ioctl = ceph_ioctl,
2584 	.compat_ioctl = compat_ptr_ioctl,
2585 	.fallocate	= ceph_fallocate,
2586 	.copy_file_range = ceph_copy_file_range,
2587 };
2588