1 /* 2 * This file is part of UBIFS. 3 * 4 * Copyright (C) 2006-2008 Nokia Corporation. 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms of the GNU General Public License version 2 as published by 8 * the Free Software Foundation. 9 * 10 * This program is distributed in the hope that it will be useful, but WITHOUT 11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for 13 * more details. 14 * 15 * You should have received a copy of the GNU General Public License along with 16 * this program; if not, write to the Free Software Foundation, Inc., 51 17 * Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 18 * 19 * Authors: Adrian Hunter 20 * Artem Bityutskiy (Битюцкий Артём) 21 */ 22 23 /* This file implements TNC functions for committing */ 24 25 #include <linux/random.h> 26 #include "ubifs.h" 27 28 /** 29 * make_idx_node - make an index node for fill-the-gaps method of TNC commit. 30 * @c: UBIFS file-system description object 31 * @idx: buffer in which to place new index node 32 * @znode: znode from which to make new index node 33 * @lnum: LEB number where new index node will be written 34 * @offs: offset where new index node will be written 35 * @len: length of new index node 36 */ 37 static int make_idx_node(struct ubifs_info *c, struct ubifs_idx_node *idx, 38 struct ubifs_znode *znode, int lnum, int offs, int len) 39 { 40 struct ubifs_znode *zp; 41 int i, err; 42 43 /* Make index node */ 44 idx->ch.node_type = UBIFS_IDX_NODE; 45 idx->child_cnt = cpu_to_le16(znode->child_cnt); 46 idx->level = cpu_to_le16(znode->level); 47 for (i = 0; i < znode->child_cnt; i++) { 48 struct ubifs_branch *br = ubifs_idx_branch(c, idx, i); 49 struct ubifs_zbranch *zbr = &znode->zbranch[i]; 50 51 key_write_idx(c, &zbr->key, &br->key); 52 br->lnum = cpu_to_le32(zbr->lnum); 53 br->offs = cpu_to_le32(zbr->offs); 54 br->len = cpu_to_le32(zbr->len); 55 if (!zbr->lnum || !zbr->len) { 56 ubifs_err(c, "bad ref in znode"); 57 ubifs_dump_znode(c, znode); 58 if (zbr->znode) 59 ubifs_dump_znode(c, zbr->znode); 60 61 return -EINVAL; 62 } 63 } 64 ubifs_prepare_node(c, idx, len, 0); 65 66 znode->lnum = lnum; 67 znode->offs = offs; 68 znode->len = len; 69 70 err = insert_old_idx_znode(c, znode); 71 72 /* Update the parent */ 73 zp = znode->parent; 74 if (zp) { 75 struct ubifs_zbranch *zbr; 76 77 zbr = &zp->zbranch[znode->iip]; 78 zbr->lnum = lnum; 79 zbr->offs = offs; 80 zbr->len = len; 81 } else { 82 c->zroot.lnum = lnum; 83 c->zroot.offs = offs; 84 c->zroot.len = len; 85 } 86 c->calc_idx_sz += ALIGN(len, 8); 87 88 atomic_long_dec(&c->dirty_zn_cnt); 89 90 ubifs_assert(ubifs_zn_dirty(znode)); 91 ubifs_assert(ubifs_zn_cow(znode)); 92 93 /* 94 * Note, unlike 'write_index()' we do not add memory barriers here 95 * because this function is called with @c->tnc_mutex locked. 96 */ 97 __clear_bit(DIRTY_ZNODE, &znode->flags); 98 __clear_bit(COW_ZNODE, &znode->flags); 99 100 return err; 101 } 102 103 /** 104 * fill_gap - make index nodes in gaps in dirty index LEBs. 105 * @c: UBIFS file-system description object 106 * @lnum: LEB number that gap appears in 107 * @gap_start: offset of start of gap 108 * @gap_end: offset of end of gap 109 * @dirt: adds dirty space to this 110 * 111 * This function returns the number of index nodes written into the gap. 112 */ 113 static int fill_gap(struct ubifs_info *c, int lnum, int gap_start, int gap_end, 114 int *dirt) 115 { 116 int len, gap_remains, gap_pos, written, pad_len; 117 118 ubifs_assert((gap_start & 7) == 0); 119 ubifs_assert((gap_end & 7) == 0); 120 ubifs_assert(gap_end >= gap_start); 121 122 gap_remains = gap_end - gap_start; 123 if (!gap_remains) 124 return 0; 125 gap_pos = gap_start; 126 written = 0; 127 while (c->enext) { 128 len = ubifs_idx_node_sz(c, c->enext->child_cnt); 129 if (len < gap_remains) { 130 struct ubifs_znode *znode = c->enext; 131 const int alen = ALIGN(len, 8); 132 int err; 133 134 ubifs_assert(alen <= gap_remains); 135 err = make_idx_node(c, c->ileb_buf + gap_pos, znode, 136 lnum, gap_pos, len); 137 if (err) 138 return err; 139 gap_remains -= alen; 140 gap_pos += alen; 141 c->enext = znode->cnext; 142 if (c->enext == c->cnext) 143 c->enext = NULL; 144 written += 1; 145 } else 146 break; 147 } 148 if (gap_end == c->leb_size) { 149 c->ileb_len = ALIGN(gap_pos, c->min_io_size); 150 /* Pad to end of min_io_size */ 151 pad_len = c->ileb_len - gap_pos; 152 } else 153 /* Pad to end of gap */ 154 pad_len = gap_remains; 155 dbg_gc("LEB %d:%d to %d len %d nodes written %d wasted bytes %d", 156 lnum, gap_start, gap_end, gap_end - gap_start, written, pad_len); 157 ubifs_pad(c, c->ileb_buf + gap_pos, pad_len); 158 *dirt += pad_len; 159 return written; 160 } 161 162 /** 163 * find_old_idx - find an index node obsoleted since the last commit start. 164 * @c: UBIFS file-system description object 165 * @lnum: LEB number of obsoleted index node 166 * @offs: offset of obsoleted index node 167 * 168 * Returns %1 if found and %0 otherwise. 169 */ 170 static int find_old_idx(struct ubifs_info *c, int lnum, int offs) 171 { 172 struct ubifs_old_idx *o; 173 struct rb_node *p; 174 175 p = c->old_idx.rb_node; 176 while (p) { 177 o = rb_entry(p, struct ubifs_old_idx, rb); 178 if (lnum < o->lnum) 179 p = p->rb_left; 180 else if (lnum > o->lnum) 181 p = p->rb_right; 182 else if (offs < o->offs) 183 p = p->rb_left; 184 else if (offs > o->offs) 185 p = p->rb_right; 186 else 187 return 1; 188 } 189 return 0; 190 } 191 192 /** 193 * is_idx_node_in_use - determine if an index node can be overwritten. 194 * @c: UBIFS file-system description object 195 * @key: key of index node 196 * @level: index node level 197 * @lnum: LEB number of index node 198 * @offs: offset of index node 199 * 200 * If @key / @lnum / @offs identify an index node that was not part of the old 201 * index, then this function returns %0 (obsolete). Else if the index node was 202 * part of the old index but is now dirty %1 is returned, else if it is clean %2 203 * is returned. A negative error code is returned on failure. 204 */ 205 static int is_idx_node_in_use(struct ubifs_info *c, union ubifs_key *key, 206 int level, int lnum, int offs) 207 { 208 int ret; 209 210 ret = is_idx_node_in_tnc(c, key, level, lnum, offs); 211 if (ret < 0) 212 return ret; /* Error code */ 213 if (ret == 0) 214 if (find_old_idx(c, lnum, offs)) 215 return 1; 216 return ret; 217 } 218 219 /** 220 * layout_leb_in_gaps - layout index nodes using in-the-gaps method. 221 * @c: UBIFS file-system description object 222 * @p: return LEB number here 223 * 224 * This function lays out new index nodes for dirty znodes using in-the-gaps 225 * method of TNC commit. 226 * This function merely puts the next znode into the next gap, making no attempt 227 * to try to maximise the number of znodes that fit. 228 * This function returns the number of index nodes written into the gaps, or a 229 * negative error code on failure. 230 */ 231 static int layout_leb_in_gaps(struct ubifs_info *c, int *p) 232 { 233 struct ubifs_scan_leb *sleb; 234 struct ubifs_scan_node *snod; 235 int lnum, dirt = 0, gap_start, gap_end, err, written, tot_written; 236 237 tot_written = 0; 238 /* Get an index LEB with lots of obsolete index nodes */ 239 lnum = ubifs_find_dirty_idx_leb(c); 240 if (lnum < 0) 241 /* 242 * There also may be dirt in the index head that could be 243 * filled, however we do not check there at present. 244 */ 245 return lnum; /* Error code */ 246 *p = lnum; 247 dbg_gc("LEB %d", lnum); 248 /* 249 * Scan the index LEB. We use the generic scan for this even though 250 * it is more comprehensive and less efficient than is needed for this 251 * purpose. 252 */ 253 sleb = ubifs_scan(c, lnum, 0, c->ileb_buf, 0); 254 c->ileb_len = 0; 255 if (IS_ERR(sleb)) 256 return PTR_ERR(sleb); 257 gap_start = 0; 258 list_for_each_entry(snod, &sleb->nodes, list) { 259 struct ubifs_idx_node *idx; 260 int in_use, level; 261 262 ubifs_assert(snod->type == UBIFS_IDX_NODE); 263 idx = snod->node; 264 key_read(c, ubifs_idx_key(c, idx), &snod->key); 265 level = le16_to_cpu(idx->level); 266 /* Determine if the index node is in use (not obsolete) */ 267 in_use = is_idx_node_in_use(c, &snod->key, level, lnum, 268 snod->offs); 269 if (in_use < 0) { 270 ubifs_scan_destroy(sleb); 271 return in_use; /* Error code */ 272 } 273 if (in_use) { 274 if (in_use == 1) 275 dirt += ALIGN(snod->len, 8); 276 /* 277 * The obsolete index nodes form gaps that can be 278 * overwritten. This gap has ended because we have 279 * found an index node that is still in use 280 * i.e. not obsolete 281 */ 282 gap_end = snod->offs; 283 /* Try to fill gap */ 284 written = fill_gap(c, lnum, gap_start, gap_end, &dirt); 285 if (written < 0) { 286 ubifs_scan_destroy(sleb); 287 return written; /* Error code */ 288 } 289 tot_written += written; 290 gap_start = ALIGN(snod->offs + snod->len, 8); 291 } 292 } 293 ubifs_scan_destroy(sleb); 294 c->ileb_len = c->leb_size; 295 gap_end = c->leb_size; 296 /* Try to fill gap */ 297 written = fill_gap(c, lnum, gap_start, gap_end, &dirt); 298 if (written < 0) 299 return written; /* Error code */ 300 tot_written += written; 301 if (tot_written == 0) { 302 struct ubifs_lprops lp; 303 304 dbg_gc("LEB %d wrote %d index nodes", lnum, tot_written); 305 err = ubifs_read_one_lp(c, lnum, &lp); 306 if (err) 307 return err; 308 if (lp.free == c->leb_size) { 309 /* 310 * We must have snatched this LEB from the idx_gc list 311 * so we need to correct the free and dirty space. 312 */ 313 err = ubifs_change_one_lp(c, lnum, 314 c->leb_size - c->ileb_len, 315 dirt, 0, 0, 0); 316 if (err) 317 return err; 318 } 319 return 0; 320 } 321 err = ubifs_change_one_lp(c, lnum, c->leb_size - c->ileb_len, dirt, 322 0, 0, 0); 323 if (err) 324 return err; 325 err = ubifs_leb_change(c, lnum, c->ileb_buf, c->ileb_len); 326 if (err) 327 return err; 328 dbg_gc("LEB %d wrote %d index nodes", lnum, tot_written); 329 return tot_written; 330 } 331 332 /** 333 * get_leb_cnt - calculate the number of empty LEBs needed to commit. 334 * @c: UBIFS file-system description object 335 * @cnt: number of znodes to commit 336 * 337 * This function returns the number of empty LEBs needed to commit @cnt znodes 338 * to the current index head. The number is not exact and may be more than 339 * needed. 340 */ 341 static int get_leb_cnt(struct ubifs_info *c, int cnt) 342 { 343 int d; 344 345 /* Assume maximum index node size (i.e. overestimate space needed) */ 346 cnt -= (c->leb_size - c->ihead_offs) / c->max_idx_node_sz; 347 if (cnt < 0) 348 cnt = 0; 349 d = c->leb_size / c->max_idx_node_sz; 350 return DIV_ROUND_UP(cnt, d); 351 } 352 353 /** 354 * layout_in_gaps - in-the-gaps method of committing TNC. 355 * @c: UBIFS file-system description object 356 * @cnt: number of dirty znodes to commit. 357 * 358 * This function lays out new index nodes for dirty znodes using in-the-gaps 359 * method of TNC commit. 360 * 361 * This function returns %0 on success and a negative error code on failure. 362 */ 363 static int layout_in_gaps(struct ubifs_info *c, int cnt) 364 { 365 int err, leb_needed_cnt, written, *p; 366 367 dbg_gc("%d znodes to write", cnt); 368 369 c->gap_lebs = kmalloc(sizeof(int) * (c->lst.idx_lebs + 1), GFP_NOFS); 370 if (!c->gap_lebs) 371 return -ENOMEM; 372 373 p = c->gap_lebs; 374 do { 375 ubifs_assert(p < c->gap_lebs + c->lst.idx_lebs); 376 written = layout_leb_in_gaps(c, p); 377 if (written < 0) { 378 err = written; 379 if (err != -ENOSPC) { 380 kfree(c->gap_lebs); 381 c->gap_lebs = NULL; 382 return err; 383 } 384 if (!dbg_is_chk_index(c)) { 385 /* 386 * Do not print scary warnings if the debugging 387 * option which forces in-the-gaps is enabled. 388 */ 389 ubifs_warn(c, "out of space"); 390 ubifs_dump_budg(c, &c->bi); 391 ubifs_dump_lprops(c); 392 } 393 /* Try to commit anyway */ 394 break; 395 } 396 p++; 397 cnt -= written; 398 leb_needed_cnt = get_leb_cnt(c, cnt); 399 dbg_gc("%d znodes remaining, need %d LEBs, have %d", cnt, 400 leb_needed_cnt, c->ileb_cnt); 401 } while (leb_needed_cnt > c->ileb_cnt); 402 403 *p = -1; 404 return 0; 405 } 406 407 /** 408 * layout_in_empty_space - layout index nodes in empty space. 409 * @c: UBIFS file-system description object 410 * 411 * This function lays out new index nodes for dirty znodes using empty LEBs. 412 * 413 * This function returns %0 on success and a negative error code on failure. 414 */ 415 static int layout_in_empty_space(struct ubifs_info *c) 416 { 417 struct ubifs_znode *znode, *cnext, *zp; 418 int lnum, offs, len, next_len, buf_len, buf_offs, used, avail; 419 int wlen, blen, err; 420 421 cnext = c->enext; 422 if (!cnext) 423 return 0; 424 425 lnum = c->ihead_lnum; 426 buf_offs = c->ihead_offs; 427 428 buf_len = ubifs_idx_node_sz(c, c->fanout); 429 buf_len = ALIGN(buf_len, c->min_io_size); 430 used = 0; 431 avail = buf_len; 432 433 /* Ensure there is enough room for first write */ 434 next_len = ubifs_idx_node_sz(c, cnext->child_cnt); 435 if (buf_offs + next_len > c->leb_size) 436 lnum = -1; 437 438 while (1) { 439 znode = cnext; 440 441 len = ubifs_idx_node_sz(c, znode->child_cnt); 442 443 /* Determine the index node position */ 444 if (lnum == -1) { 445 if (c->ileb_nxt >= c->ileb_cnt) { 446 ubifs_err(c, "out of space"); 447 return -ENOSPC; 448 } 449 lnum = c->ilebs[c->ileb_nxt++]; 450 buf_offs = 0; 451 used = 0; 452 avail = buf_len; 453 } 454 455 offs = buf_offs + used; 456 457 znode->lnum = lnum; 458 znode->offs = offs; 459 znode->len = len; 460 461 /* Update the parent */ 462 zp = znode->parent; 463 if (zp) { 464 struct ubifs_zbranch *zbr; 465 int i; 466 467 i = znode->iip; 468 zbr = &zp->zbranch[i]; 469 zbr->lnum = lnum; 470 zbr->offs = offs; 471 zbr->len = len; 472 } else { 473 c->zroot.lnum = lnum; 474 c->zroot.offs = offs; 475 c->zroot.len = len; 476 } 477 c->calc_idx_sz += ALIGN(len, 8); 478 479 /* 480 * Once lprops is updated, we can decrease the dirty znode count 481 * but it is easier to just do it here. 482 */ 483 atomic_long_dec(&c->dirty_zn_cnt); 484 485 /* 486 * Calculate the next index node length to see if there is 487 * enough room for it 488 */ 489 cnext = znode->cnext; 490 if (cnext == c->cnext) 491 next_len = 0; 492 else 493 next_len = ubifs_idx_node_sz(c, cnext->child_cnt); 494 495 /* Update buffer positions */ 496 wlen = used + len; 497 used += ALIGN(len, 8); 498 avail -= ALIGN(len, 8); 499 500 if (next_len != 0 && 501 buf_offs + used + next_len <= c->leb_size && 502 avail > 0) 503 continue; 504 505 if (avail <= 0 && next_len && 506 buf_offs + used + next_len <= c->leb_size) 507 blen = buf_len; 508 else 509 blen = ALIGN(wlen, c->min_io_size); 510 511 /* The buffer is full or there are no more znodes to do */ 512 buf_offs += blen; 513 if (next_len) { 514 if (buf_offs + next_len > c->leb_size) { 515 err = ubifs_update_one_lp(c, lnum, 516 c->leb_size - buf_offs, blen - used, 517 0, 0); 518 if (err) 519 return err; 520 lnum = -1; 521 } 522 used -= blen; 523 if (used < 0) 524 used = 0; 525 avail = buf_len - used; 526 continue; 527 } 528 err = ubifs_update_one_lp(c, lnum, c->leb_size - buf_offs, 529 blen - used, 0, 0); 530 if (err) 531 return err; 532 break; 533 } 534 535 c->dbg->new_ihead_lnum = lnum; 536 c->dbg->new_ihead_offs = buf_offs; 537 538 return 0; 539 } 540 541 /** 542 * layout_commit - determine positions of index nodes to commit. 543 * @c: UBIFS file-system description object 544 * @no_space: indicates that insufficient empty LEBs were allocated 545 * @cnt: number of znodes to commit 546 * 547 * Calculate and update the positions of index nodes to commit. If there were 548 * an insufficient number of empty LEBs allocated, then index nodes are placed 549 * into the gaps created by obsolete index nodes in non-empty index LEBs. For 550 * this purpose, an obsolete index node is one that was not in the index as at 551 * the end of the last commit. To write "in-the-gaps" requires that those index 552 * LEBs are updated atomically in-place. 553 */ 554 static int layout_commit(struct ubifs_info *c, int no_space, int cnt) 555 { 556 int err; 557 558 if (no_space) { 559 err = layout_in_gaps(c, cnt); 560 if (err) 561 return err; 562 } 563 err = layout_in_empty_space(c); 564 return err; 565 } 566 567 /** 568 * find_first_dirty - find first dirty znode. 569 * @znode: znode to begin searching from 570 */ 571 static struct ubifs_znode *find_first_dirty(struct ubifs_znode *znode) 572 { 573 int i, cont; 574 575 if (!znode) 576 return NULL; 577 578 while (1) { 579 if (znode->level == 0) { 580 if (ubifs_zn_dirty(znode)) 581 return znode; 582 return NULL; 583 } 584 cont = 0; 585 for (i = 0; i < znode->child_cnt; i++) { 586 struct ubifs_zbranch *zbr = &znode->zbranch[i]; 587 588 if (zbr->znode && ubifs_zn_dirty(zbr->znode)) { 589 znode = zbr->znode; 590 cont = 1; 591 break; 592 } 593 } 594 if (!cont) { 595 if (ubifs_zn_dirty(znode)) 596 return znode; 597 return NULL; 598 } 599 } 600 } 601 602 /** 603 * find_next_dirty - find next dirty znode. 604 * @znode: znode to begin searching from 605 */ 606 static struct ubifs_znode *find_next_dirty(struct ubifs_znode *znode) 607 { 608 int n = znode->iip + 1; 609 610 znode = znode->parent; 611 if (!znode) 612 return NULL; 613 for (; n < znode->child_cnt; n++) { 614 struct ubifs_zbranch *zbr = &znode->zbranch[n]; 615 616 if (zbr->znode && ubifs_zn_dirty(zbr->znode)) 617 return find_first_dirty(zbr->znode); 618 } 619 return znode; 620 } 621 622 /** 623 * get_znodes_to_commit - create list of dirty znodes to commit. 624 * @c: UBIFS file-system description object 625 * 626 * This function returns the number of znodes to commit. 627 */ 628 static int get_znodes_to_commit(struct ubifs_info *c) 629 { 630 struct ubifs_znode *znode, *cnext; 631 int cnt = 0; 632 633 c->cnext = find_first_dirty(c->zroot.znode); 634 znode = c->enext = c->cnext; 635 if (!znode) { 636 dbg_cmt("no znodes to commit"); 637 return 0; 638 } 639 cnt += 1; 640 while (1) { 641 ubifs_assert(!ubifs_zn_cow(znode)); 642 __set_bit(COW_ZNODE, &znode->flags); 643 znode->alt = 0; 644 cnext = find_next_dirty(znode); 645 if (!cnext) { 646 znode->cnext = c->cnext; 647 break; 648 } 649 znode->cnext = cnext; 650 znode = cnext; 651 cnt += 1; 652 } 653 dbg_cmt("committing %d znodes", cnt); 654 ubifs_assert(cnt == atomic_long_read(&c->dirty_zn_cnt)); 655 return cnt; 656 } 657 658 /** 659 * alloc_idx_lebs - allocate empty LEBs to be used to commit. 660 * @c: UBIFS file-system description object 661 * @cnt: number of znodes to commit 662 * 663 * This function returns %-ENOSPC if it cannot allocate a sufficient number of 664 * empty LEBs. %0 is returned on success, otherwise a negative error code 665 * is returned. 666 */ 667 static int alloc_idx_lebs(struct ubifs_info *c, int cnt) 668 { 669 int i, leb_cnt, lnum; 670 671 c->ileb_cnt = 0; 672 c->ileb_nxt = 0; 673 leb_cnt = get_leb_cnt(c, cnt); 674 dbg_cmt("need about %d empty LEBS for TNC commit", leb_cnt); 675 if (!leb_cnt) 676 return 0; 677 c->ilebs = kmalloc(leb_cnt * sizeof(int), GFP_NOFS); 678 if (!c->ilebs) 679 return -ENOMEM; 680 for (i = 0; i < leb_cnt; i++) { 681 lnum = ubifs_find_free_leb_for_idx(c); 682 if (lnum < 0) 683 return lnum; 684 c->ilebs[c->ileb_cnt++] = lnum; 685 dbg_cmt("LEB %d", lnum); 686 } 687 if (dbg_is_chk_index(c) && !(prandom_u32() & 7)) 688 return -ENOSPC; 689 return 0; 690 } 691 692 /** 693 * free_unused_idx_lebs - free unused LEBs that were allocated for the commit. 694 * @c: UBIFS file-system description object 695 * 696 * It is possible that we allocate more empty LEBs for the commit than we need. 697 * This functions frees the surplus. 698 * 699 * This function returns %0 on success and a negative error code on failure. 700 */ 701 static int free_unused_idx_lebs(struct ubifs_info *c) 702 { 703 int i, err = 0, lnum, er; 704 705 for (i = c->ileb_nxt; i < c->ileb_cnt; i++) { 706 lnum = c->ilebs[i]; 707 dbg_cmt("LEB %d", lnum); 708 er = ubifs_change_one_lp(c, lnum, LPROPS_NC, LPROPS_NC, 0, 709 LPROPS_INDEX | LPROPS_TAKEN, 0); 710 if (!err) 711 err = er; 712 } 713 return err; 714 } 715 716 /** 717 * free_idx_lebs - free unused LEBs after commit end. 718 * @c: UBIFS file-system description object 719 * 720 * This function returns %0 on success and a negative error code on failure. 721 */ 722 static int free_idx_lebs(struct ubifs_info *c) 723 { 724 int err; 725 726 err = free_unused_idx_lebs(c); 727 kfree(c->ilebs); 728 c->ilebs = NULL; 729 return err; 730 } 731 732 /** 733 * ubifs_tnc_start_commit - start TNC commit. 734 * @c: UBIFS file-system description object 735 * @zroot: new index root position is returned here 736 * 737 * This function prepares the list of indexing nodes to commit and lays out 738 * their positions on flash. If there is not enough free space it uses the 739 * in-gap commit method. Returns zero in case of success and a negative error 740 * code in case of failure. 741 */ 742 int ubifs_tnc_start_commit(struct ubifs_info *c, struct ubifs_zbranch *zroot) 743 { 744 int err = 0, cnt; 745 746 mutex_lock(&c->tnc_mutex); 747 err = dbg_check_tnc(c, 1); 748 if (err) 749 goto out; 750 cnt = get_znodes_to_commit(c); 751 if (cnt != 0) { 752 int no_space = 0; 753 754 err = alloc_idx_lebs(c, cnt); 755 if (err == -ENOSPC) 756 no_space = 1; 757 else if (err) 758 goto out_free; 759 err = layout_commit(c, no_space, cnt); 760 if (err) 761 goto out_free; 762 ubifs_assert(atomic_long_read(&c->dirty_zn_cnt) == 0); 763 err = free_unused_idx_lebs(c); 764 if (err) 765 goto out; 766 } 767 destroy_old_idx(c); 768 memcpy(zroot, &c->zroot, sizeof(struct ubifs_zbranch)); 769 770 err = ubifs_save_dirty_idx_lnums(c); 771 if (err) 772 goto out; 773 774 spin_lock(&c->space_lock); 775 /* 776 * Although we have not finished committing yet, update size of the 777 * committed index ('c->bi.old_idx_sz') and zero out the index growth 778 * budget. It is OK to do this now, because we've reserved all the 779 * space which is needed to commit the index, and it is save for the 780 * budgeting subsystem to assume the index is already committed, 781 * even though it is not. 782 */ 783 ubifs_assert(c->bi.min_idx_lebs == ubifs_calc_min_idx_lebs(c)); 784 c->bi.old_idx_sz = c->calc_idx_sz; 785 c->bi.uncommitted_idx = 0; 786 c->bi.min_idx_lebs = ubifs_calc_min_idx_lebs(c); 787 spin_unlock(&c->space_lock); 788 mutex_unlock(&c->tnc_mutex); 789 790 dbg_cmt("number of index LEBs %d", c->lst.idx_lebs); 791 dbg_cmt("size of index %llu", c->calc_idx_sz); 792 return err; 793 794 out_free: 795 free_idx_lebs(c); 796 out: 797 mutex_unlock(&c->tnc_mutex); 798 return err; 799 } 800 801 /** 802 * write_index - write index nodes. 803 * @c: UBIFS file-system description object 804 * 805 * This function writes the index nodes whose positions were laid out in the 806 * layout_in_empty_space function. 807 */ 808 static int write_index(struct ubifs_info *c) 809 { 810 struct ubifs_idx_node *idx; 811 struct ubifs_znode *znode, *cnext; 812 int i, lnum, offs, len, next_len, buf_len, buf_offs, used; 813 int avail, wlen, err, lnum_pos = 0, blen, nxt_offs; 814 815 cnext = c->enext; 816 if (!cnext) 817 return 0; 818 819 /* 820 * Always write index nodes to the index head so that index nodes and 821 * other types of nodes are never mixed in the same erase block. 822 */ 823 lnum = c->ihead_lnum; 824 buf_offs = c->ihead_offs; 825 826 /* Allocate commit buffer */ 827 buf_len = ALIGN(c->max_idx_node_sz, c->min_io_size); 828 used = 0; 829 avail = buf_len; 830 831 /* Ensure there is enough room for first write */ 832 next_len = ubifs_idx_node_sz(c, cnext->child_cnt); 833 if (buf_offs + next_len > c->leb_size) { 834 err = ubifs_update_one_lp(c, lnum, LPROPS_NC, 0, 0, 835 LPROPS_TAKEN); 836 if (err) 837 return err; 838 lnum = -1; 839 } 840 841 while (1) { 842 cond_resched(); 843 844 znode = cnext; 845 idx = c->cbuf + used; 846 847 /* Make index node */ 848 idx->ch.node_type = UBIFS_IDX_NODE; 849 idx->child_cnt = cpu_to_le16(znode->child_cnt); 850 idx->level = cpu_to_le16(znode->level); 851 for (i = 0; i < znode->child_cnt; i++) { 852 struct ubifs_branch *br = ubifs_idx_branch(c, idx, i); 853 struct ubifs_zbranch *zbr = &znode->zbranch[i]; 854 855 key_write_idx(c, &zbr->key, &br->key); 856 br->lnum = cpu_to_le32(zbr->lnum); 857 br->offs = cpu_to_le32(zbr->offs); 858 br->len = cpu_to_le32(zbr->len); 859 if (!zbr->lnum || !zbr->len) { 860 ubifs_err(c, "bad ref in znode"); 861 ubifs_dump_znode(c, znode); 862 if (zbr->znode) 863 ubifs_dump_znode(c, zbr->znode); 864 865 return -EINVAL; 866 } 867 } 868 len = ubifs_idx_node_sz(c, znode->child_cnt); 869 ubifs_prepare_node(c, idx, len, 0); 870 871 /* Determine the index node position */ 872 if (lnum == -1) { 873 lnum = c->ilebs[lnum_pos++]; 874 buf_offs = 0; 875 used = 0; 876 avail = buf_len; 877 } 878 offs = buf_offs + used; 879 880 if (lnum != znode->lnum || offs != znode->offs || 881 len != znode->len) { 882 ubifs_err(c, "inconsistent znode posn"); 883 return -EINVAL; 884 } 885 886 /* Grab some stuff from znode while we still can */ 887 cnext = znode->cnext; 888 889 ubifs_assert(ubifs_zn_dirty(znode)); 890 ubifs_assert(ubifs_zn_cow(znode)); 891 892 /* 893 * It is important that other threads should see %DIRTY_ZNODE 894 * flag cleared before %COW_ZNODE. Specifically, it matters in 895 * the 'dirty_cow_znode()' function. This is the reason for the 896 * first barrier. Also, we want the bit changes to be seen to 897 * other threads ASAP, to avoid unnecesarry copying, which is 898 * the reason for the second barrier. 899 */ 900 clear_bit(DIRTY_ZNODE, &znode->flags); 901 smp_mb__before_atomic(); 902 clear_bit(COW_ZNODE, &znode->flags); 903 smp_mb__after_atomic(); 904 905 /* 906 * We have marked the znode as clean but have not updated the 907 * @c->clean_zn_cnt counter. If this znode becomes dirty again 908 * before 'free_obsolete_znodes()' is called, then 909 * @c->clean_zn_cnt will be decremented before it gets 910 * incremented (resulting in 2 decrements for the same znode). 911 * This means that @c->clean_zn_cnt may become negative for a 912 * while. 913 * 914 * Q: why we cannot increment @c->clean_zn_cnt? 915 * A: because we do not have the @c->tnc_mutex locked, and the 916 * following code would be racy and buggy: 917 * 918 * if (!ubifs_zn_obsolete(znode)) { 919 * atomic_long_inc(&c->clean_zn_cnt); 920 * atomic_long_inc(&ubifs_clean_zn_cnt); 921 * } 922 * 923 * Thus, we just delay the @c->clean_zn_cnt update until we 924 * have the mutex locked. 925 */ 926 927 /* Do not access znode from this point on */ 928 929 /* Update buffer positions */ 930 wlen = used + len; 931 used += ALIGN(len, 8); 932 avail -= ALIGN(len, 8); 933 934 /* 935 * Calculate the next index node length to see if there is 936 * enough room for it 937 */ 938 if (cnext == c->cnext) 939 next_len = 0; 940 else 941 next_len = ubifs_idx_node_sz(c, cnext->child_cnt); 942 943 nxt_offs = buf_offs + used + next_len; 944 if (next_len && nxt_offs <= c->leb_size) { 945 if (avail > 0) 946 continue; 947 else 948 blen = buf_len; 949 } else { 950 wlen = ALIGN(wlen, 8); 951 blen = ALIGN(wlen, c->min_io_size); 952 ubifs_pad(c, c->cbuf + wlen, blen - wlen); 953 } 954 955 /* The buffer is full or there are no more znodes to do */ 956 err = ubifs_leb_write(c, lnum, c->cbuf, buf_offs, blen); 957 if (err) 958 return err; 959 buf_offs += blen; 960 if (next_len) { 961 if (nxt_offs > c->leb_size) { 962 err = ubifs_update_one_lp(c, lnum, LPROPS_NC, 0, 963 0, LPROPS_TAKEN); 964 if (err) 965 return err; 966 lnum = -1; 967 } 968 used -= blen; 969 if (used < 0) 970 used = 0; 971 avail = buf_len - used; 972 memmove(c->cbuf, c->cbuf + blen, used); 973 continue; 974 } 975 break; 976 } 977 978 if (lnum != c->dbg->new_ihead_lnum || 979 buf_offs != c->dbg->new_ihead_offs) { 980 ubifs_err(c, "inconsistent ihead"); 981 return -EINVAL; 982 } 983 984 c->ihead_lnum = lnum; 985 c->ihead_offs = buf_offs; 986 987 return 0; 988 } 989 990 /** 991 * free_obsolete_znodes - free obsolete znodes. 992 * @c: UBIFS file-system description object 993 * 994 * At the end of commit end, obsolete znodes are freed. 995 */ 996 static void free_obsolete_znodes(struct ubifs_info *c) 997 { 998 struct ubifs_znode *znode, *cnext; 999 1000 cnext = c->cnext; 1001 do { 1002 znode = cnext; 1003 cnext = znode->cnext; 1004 if (ubifs_zn_obsolete(znode)) 1005 kfree(znode); 1006 else { 1007 znode->cnext = NULL; 1008 atomic_long_inc(&c->clean_zn_cnt); 1009 atomic_long_inc(&ubifs_clean_zn_cnt); 1010 } 1011 } while (cnext != c->cnext); 1012 } 1013 1014 /** 1015 * return_gap_lebs - return LEBs used by the in-gap commit method. 1016 * @c: UBIFS file-system description object 1017 * 1018 * This function clears the "taken" flag for the LEBs which were used by the 1019 * "commit in-the-gaps" method. 1020 */ 1021 static int return_gap_lebs(struct ubifs_info *c) 1022 { 1023 int *p, err; 1024 1025 if (!c->gap_lebs) 1026 return 0; 1027 1028 dbg_cmt(""); 1029 for (p = c->gap_lebs; *p != -1; p++) { 1030 err = ubifs_change_one_lp(c, *p, LPROPS_NC, LPROPS_NC, 0, 1031 LPROPS_TAKEN, 0); 1032 if (err) 1033 return err; 1034 } 1035 1036 kfree(c->gap_lebs); 1037 c->gap_lebs = NULL; 1038 return 0; 1039 } 1040 1041 /** 1042 * ubifs_tnc_end_commit - update the TNC for commit end. 1043 * @c: UBIFS file-system description object 1044 * 1045 * Write the dirty znodes. 1046 */ 1047 int ubifs_tnc_end_commit(struct ubifs_info *c) 1048 { 1049 int err; 1050 1051 if (!c->cnext) 1052 return 0; 1053 1054 err = return_gap_lebs(c); 1055 if (err) 1056 return err; 1057 1058 err = write_index(c); 1059 if (err) 1060 return err; 1061 1062 mutex_lock(&c->tnc_mutex); 1063 1064 dbg_cmt("TNC height is %d", c->zroot.znode->level + 1); 1065 1066 free_obsolete_znodes(c); 1067 1068 c->cnext = NULL; 1069 kfree(c->ilebs); 1070 c->ilebs = NULL; 1071 1072 mutex_unlock(&c->tnc_mutex); 1073 1074 return 0; 1075 } 1076