xref: /openbmc/linux/fs/xfs/xfs_file.c (revision b24413180f5600bcb3bb70fbed5cf186b60864bd)
1 /*
2  * Copyright (c) 2000-2005 Silicon Graphics, Inc.
3  * All Rights Reserved.
4  *
5  * This program is free software; you can redistribute it and/or
6  * modify it under the terms of the GNU General Public License as
7  * published by the Free Software Foundation.
8  *
9  * This program is distributed in the hope that it would be useful,
10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12  * GNU General Public License for more details.
13  *
14  * You should have received a copy of the GNU General Public License
15  * along with this program; if not, write the Free Software Foundation,
16  * Inc.,  51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
17  */
18 #include "xfs.h"
19 #include "xfs_fs.h"
20 #include "xfs_shared.h"
21 #include "xfs_format.h"
22 #include "xfs_log_format.h"
23 #include "xfs_trans_resv.h"
24 #include "xfs_mount.h"
25 #include "xfs_da_format.h"
26 #include "xfs_da_btree.h"
27 #include "xfs_inode.h"
28 #include "xfs_trans.h"
29 #include "xfs_inode_item.h"
30 #include "xfs_bmap.h"
31 #include "xfs_bmap_util.h"
32 #include "xfs_error.h"
33 #include "xfs_dir2.h"
34 #include "xfs_dir2_priv.h"
35 #include "xfs_ioctl.h"
36 #include "xfs_trace.h"
37 #include "xfs_log.h"
38 #include "xfs_icache.h"
39 #include "xfs_pnfs.h"
40 #include "xfs_iomap.h"
41 #include "xfs_reflink.h"
42 
43 #include <linux/dcache.h>
44 #include <linux/falloc.h>
45 #include <linux/pagevec.h>
46 #include <linux/backing-dev.h>
47 
48 static const struct vm_operations_struct xfs_file_vm_ops;
49 
50 /*
51  * Clear the specified ranges to zero through either the pagecache or DAX.
52  * Holes and unwritten extents will be left as-is as they already are zeroed.
53  */
54 int
55 xfs_zero_range(
56 	struct xfs_inode	*ip,
57 	xfs_off_t		pos,
58 	xfs_off_t		count,
59 	bool			*did_zero)
60 {
61 	return iomap_zero_range(VFS_I(ip), pos, count, did_zero, &xfs_iomap_ops);
62 }
63 
64 int
65 xfs_update_prealloc_flags(
66 	struct xfs_inode	*ip,
67 	enum xfs_prealloc_flags	flags)
68 {
69 	struct xfs_trans	*tp;
70 	int			error;
71 
72 	error = xfs_trans_alloc(ip->i_mount, &M_RES(ip->i_mount)->tr_writeid,
73 			0, 0, 0, &tp);
74 	if (error)
75 		return error;
76 
77 	xfs_ilock(ip, XFS_ILOCK_EXCL);
78 	xfs_trans_ijoin(tp, ip, XFS_ILOCK_EXCL);
79 
80 	if (!(flags & XFS_PREALLOC_INVISIBLE)) {
81 		VFS_I(ip)->i_mode &= ~S_ISUID;
82 		if (VFS_I(ip)->i_mode & S_IXGRP)
83 			VFS_I(ip)->i_mode &= ~S_ISGID;
84 		xfs_trans_ichgtime(tp, ip, XFS_ICHGTIME_MOD | XFS_ICHGTIME_CHG);
85 	}
86 
87 	if (flags & XFS_PREALLOC_SET)
88 		ip->i_d.di_flags |= XFS_DIFLAG_PREALLOC;
89 	if (flags & XFS_PREALLOC_CLEAR)
90 		ip->i_d.di_flags &= ~XFS_DIFLAG_PREALLOC;
91 
92 	xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
93 	if (flags & XFS_PREALLOC_SYNC)
94 		xfs_trans_set_sync(tp);
95 	return xfs_trans_commit(tp);
96 }
97 
98 /*
99  * Fsync operations on directories are much simpler than on regular files,
100  * as there is no file data to flush, and thus also no need for explicit
101  * cache flush operations, and there are no non-transaction metadata updates
102  * on directories either.
103  */
104 STATIC int
105 xfs_dir_fsync(
106 	struct file		*file,
107 	loff_t			start,
108 	loff_t			end,
109 	int			datasync)
110 {
111 	struct xfs_inode	*ip = XFS_I(file->f_mapping->host);
112 	struct xfs_mount	*mp = ip->i_mount;
113 	xfs_lsn_t		lsn = 0;
114 
115 	trace_xfs_dir_fsync(ip);
116 
117 	xfs_ilock(ip, XFS_ILOCK_SHARED);
118 	if (xfs_ipincount(ip))
119 		lsn = ip->i_itemp->ili_last_lsn;
120 	xfs_iunlock(ip, XFS_ILOCK_SHARED);
121 
122 	if (!lsn)
123 		return 0;
124 	return _xfs_log_force_lsn(mp, lsn, XFS_LOG_SYNC, NULL);
125 }
126 
127 STATIC int
128 xfs_file_fsync(
129 	struct file		*file,
130 	loff_t			start,
131 	loff_t			end,
132 	int			datasync)
133 {
134 	struct inode		*inode = file->f_mapping->host;
135 	struct xfs_inode	*ip = XFS_I(inode);
136 	struct xfs_mount	*mp = ip->i_mount;
137 	int			error = 0;
138 	int			log_flushed = 0;
139 	xfs_lsn_t		lsn = 0;
140 
141 	trace_xfs_file_fsync(ip);
142 
143 	error = file_write_and_wait_range(file, start, end);
144 	if (error)
145 		return error;
146 
147 	if (XFS_FORCED_SHUTDOWN(mp))
148 		return -EIO;
149 
150 	xfs_iflags_clear(ip, XFS_ITRUNCATED);
151 
152 	/*
153 	 * If we have an RT and/or log subvolume we need to make sure to flush
154 	 * the write cache the device used for file data first.  This is to
155 	 * ensure newly written file data make it to disk before logging the new
156 	 * inode size in case of an extending write.
157 	 */
158 	if (XFS_IS_REALTIME_INODE(ip))
159 		xfs_blkdev_issue_flush(mp->m_rtdev_targp);
160 	else if (mp->m_logdev_targp != mp->m_ddev_targp)
161 		xfs_blkdev_issue_flush(mp->m_ddev_targp);
162 
163 	/*
164 	 * All metadata updates are logged, which means that we just have to
165 	 * flush the log up to the latest LSN that touched the inode. If we have
166 	 * concurrent fsync/fdatasync() calls, we need them to all block on the
167 	 * log force before we clear the ili_fsync_fields field. This ensures
168 	 * that we don't get a racing sync operation that does not wait for the
169 	 * metadata to hit the journal before returning. If we race with
170 	 * clearing the ili_fsync_fields, then all that will happen is the log
171 	 * force will do nothing as the lsn will already be on disk. We can't
172 	 * race with setting ili_fsync_fields because that is done under
173 	 * XFS_ILOCK_EXCL, and that can't happen because we hold the lock shared
174 	 * until after the ili_fsync_fields is cleared.
175 	 */
176 	xfs_ilock(ip, XFS_ILOCK_SHARED);
177 	if (xfs_ipincount(ip)) {
178 		if (!datasync ||
179 		    (ip->i_itemp->ili_fsync_fields & ~XFS_ILOG_TIMESTAMP))
180 			lsn = ip->i_itemp->ili_last_lsn;
181 	}
182 
183 	if (lsn) {
184 		error = _xfs_log_force_lsn(mp, lsn, XFS_LOG_SYNC, &log_flushed);
185 		ip->i_itemp->ili_fsync_fields = 0;
186 	}
187 	xfs_iunlock(ip, XFS_ILOCK_SHARED);
188 
189 	/*
190 	 * If we only have a single device, and the log force about was
191 	 * a no-op we might have to flush the data device cache here.
192 	 * This can only happen for fdatasync/O_DSYNC if we were overwriting
193 	 * an already allocated file and thus do not have any metadata to
194 	 * commit.
195 	 */
196 	if (!log_flushed && !XFS_IS_REALTIME_INODE(ip) &&
197 	    mp->m_logdev_targp == mp->m_ddev_targp)
198 		xfs_blkdev_issue_flush(mp->m_ddev_targp);
199 
200 	return error;
201 }
202 
203 STATIC ssize_t
204 xfs_file_dio_aio_read(
205 	struct kiocb		*iocb,
206 	struct iov_iter		*to)
207 {
208 	struct xfs_inode	*ip = XFS_I(file_inode(iocb->ki_filp));
209 	size_t			count = iov_iter_count(to);
210 	ssize_t			ret;
211 
212 	trace_xfs_file_direct_read(ip, count, iocb->ki_pos);
213 
214 	if (!count)
215 		return 0; /* skip atime */
216 
217 	file_accessed(iocb->ki_filp);
218 
219 	xfs_ilock(ip, XFS_IOLOCK_SHARED);
220 	ret = iomap_dio_rw(iocb, to, &xfs_iomap_ops, NULL);
221 	xfs_iunlock(ip, XFS_IOLOCK_SHARED);
222 
223 	return ret;
224 }
225 
226 static noinline ssize_t
227 xfs_file_dax_read(
228 	struct kiocb		*iocb,
229 	struct iov_iter		*to)
230 {
231 	struct xfs_inode	*ip = XFS_I(iocb->ki_filp->f_mapping->host);
232 	size_t			count = iov_iter_count(to);
233 	ssize_t			ret = 0;
234 
235 	trace_xfs_file_dax_read(ip, count, iocb->ki_pos);
236 
237 	if (!count)
238 		return 0; /* skip atime */
239 
240 	if (!xfs_ilock_nowait(ip, XFS_IOLOCK_SHARED)) {
241 		if (iocb->ki_flags & IOCB_NOWAIT)
242 			return -EAGAIN;
243 		xfs_ilock(ip, XFS_IOLOCK_SHARED);
244 	}
245 	ret = dax_iomap_rw(iocb, to, &xfs_iomap_ops);
246 	xfs_iunlock(ip, XFS_IOLOCK_SHARED);
247 
248 	file_accessed(iocb->ki_filp);
249 	return ret;
250 }
251 
252 STATIC ssize_t
253 xfs_file_buffered_aio_read(
254 	struct kiocb		*iocb,
255 	struct iov_iter		*to)
256 {
257 	struct xfs_inode	*ip = XFS_I(file_inode(iocb->ki_filp));
258 	ssize_t			ret;
259 
260 	trace_xfs_file_buffered_read(ip, iov_iter_count(to), iocb->ki_pos);
261 
262 	if (!xfs_ilock_nowait(ip, XFS_IOLOCK_SHARED)) {
263 		if (iocb->ki_flags & IOCB_NOWAIT)
264 			return -EAGAIN;
265 		xfs_ilock(ip, XFS_IOLOCK_SHARED);
266 	}
267 	ret = generic_file_read_iter(iocb, to);
268 	xfs_iunlock(ip, XFS_IOLOCK_SHARED);
269 
270 	return ret;
271 }
272 
273 STATIC ssize_t
274 xfs_file_read_iter(
275 	struct kiocb		*iocb,
276 	struct iov_iter		*to)
277 {
278 	struct inode		*inode = file_inode(iocb->ki_filp);
279 	struct xfs_mount	*mp = XFS_I(inode)->i_mount;
280 	ssize_t			ret = 0;
281 
282 	XFS_STATS_INC(mp, xs_read_calls);
283 
284 	if (XFS_FORCED_SHUTDOWN(mp))
285 		return -EIO;
286 
287 	if (IS_DAX(inode))
288 		ret = xfs_file_dax_read(iocb, to);
289 	else if (iocb->ki_flags & IOCB_DIRECT)
290 		ret = xfs_file_dio_aio_read(iocb, to);
291 	else
292 		ret = xfs_file_buffered_aio_read(iocb, to);
293 
294 	if (ret > 0)
295 		XFS_STATS_ADD(mp, xs_read_bytes, ret);
296 	return ret;
297 }
298 
299 /*
300  * Zero any on disk space between the current EOF and the new, larger EOF.
301  *
302  * This handles the normal case of zeroing the remainder of the last block in
303  * the file and the unusual case of zeroing blocks out beyond the size of the
304  * file.  This second case only happens with fixed size extents and when the
305  * system crashes before the inode size was updated but after blocks were
306  * allocated.
307  *
308  * Expects the iolock to be held exclusive, and will take the ilock internally.
309  */
310 int					/* error (positive) */
311 xfs_zero_eof(
312 	struct xfs_inode	*ip,
313 	xfs_off_t		offset,		/* starting I/O offset */
314 	xfs_fsize_t		isize,		/* current inode size */
315 	bool			*did_zeroing)
316 {
317 	ASSERT(xfs_isilocked(ip, XFS_IOLOCK_EXCL));
318 	ASSERT(offset > isize);
319 
320 	trace_xfs_zero_eof(ip, isize, offset - isize);
321 	return xfs_zero_range(ip, isize, offset - isize, did_zeroing);
322 }
323 
324 /*
325  * Common pre-write limit and setup checks.
326  *
327  * Called with the iolocked held either shared and exclusive according to
328  * @iolock, and returns with it held.  Might upgrade the iolock to exclusive
329  * if called for a direct write beyond i_size.
330  */
331 STATIC ssize_t
332 xfs_file_aio_write_checks(
333 	struct kiocb		*iocb,
334 	struct iov_iter		*from,
335 	int			*iolock)
336 {
337 	struct file		*file = iocb->ki_filp;
338 	struct inode		*inode = file->f_mapping->host;
339 	struct xfs_inode	*ip = XFS_I(inode);
340 	ssize_t			error = 0;
341 	size_t			count = iov_iter_count(from);
342 	bool			drained_dio = false;
343 
344 restart:
345 	error = generic_write_checks(iocb, from);
346 	if (error <= 0)
347 		return error;
348 
349 	error = xfs_break_layouts(inode, iolock);
350 	if (error)
351 		return error;
352 
353 	/*
354 	 * For changing security info in file_remove_privs() we need i_rwsem
355 	 * exclusively.
356 	 */
357 	if (*iolock == XFS_IOLOCK_SHARED && !IS_NOSEC(inode)) {
358 		xfs_iunlock(ip, *iolock);
359 		*iolock = XFS_IOLOCK_EXCL;
360 		xfs_ilock(ip, *iolock);
361 		goto restart;
362 	}
363 	/*
364 	 * If the offset is beyond the size of the file, we need to zero any
365 	 * blocks that fall between the existing EOF and the start of this
366 	 * write.  If zeroing is needed and we are currently holding the
367 	 * iolock shared, we need to update it to exclusive which implies
368 	 * having to redo all checks before.
369 	 *
370 	 * We need to serialise against EOF updates that occur in IO
371 	 * completions here. We want to make sure that nobody is changing the
372 	 * size while we do this check until we have placed an IO barrier (i.e.
373 	 * hold the XFS_IOLOCK_EXCL) that prevents new IO from being dispatched.
374 	 * The spinlock effectively forms a memory barrier once we have the
375 	 * XFS_IOLOCK_EXCL so we are guaranteed to see the latest EOF value
376 	 * and hence be able to correctly determine if we need to run zeroing.
377 	 */
378 	spin_lock(&ip->i_flags_lock);
379 	if (iocb->ki_pos > i_size_read(inode)) {
380 		spin_unlock(&ip->i_flags_lock);
381 		if (!drained_dio) {
382 			if (*iolock == XFS_IOLOCK_SHARED) {
383 				xfs_iunlock(ip, *iolock);
384 				*iolock = XFS_IOLOCK_EXCL;
385 				xfs_ilock(ip, *iolock);
386 				iov_iter_reexpand(from, count);
387 			}
388 			/*
389 			 * We now have an IO submission barrier in place, but
390 			 * AIO can do EOF updates during IO completion and hence
391 			 * we now need to wait for all of them to drain. Non-AIO
392 			 * DIO will have drained before we are given the
393 			 * XFS_IOLOCK_EXCL, and so for most cases this wait is a
394 			 * no-op.
395 			 */
396 			inode_dio_wait(inode);
397 			drained_dio = true;
398 			goto restart;
399 		}
400 		error = xfs_zero_eof(ip, iocb->ki_pos, i_size_read(inode), NULL);
401 		if (error)
402 			return error;
403 	} else
404 		spin_unlock(&ip->i_flags_lock);
405 
406 	/*
407 	 * Updating the timestamps will grab the ilock again from
408 	 * xfs_fs_dirty_inode, so we have to call it after dropping the
409 	 * lock above.  Eventually we should look into a way to avoid
410 	 * the pointless lock roundtrip.
411 	 */
412 	if (likely(!(file->f_mode & FMODE_NOCMTIME))) {
413 		error = file_update_time(file);
414 		if (error)
415 			return error;
416 	}
417 
418 	/*
419 	 * If we're writing the file then make sure to clear the setuid and
420 	 * setgid bits if the process is not being run by root.  This keeps
421 	 * people from modifying setuid and setgid binaries.
422 	 */
423 	if (!IS_NOSEC(inode))
424 		return file_remove_privs(file);
425 	return 0;
426 }
427 
428 static int
429 xfs_dio_write_end_io(
430 	struct kiocb		*iocb,
431 	ssize_t			size,
432 	unsigned		flags)
433 {
434 	struct inode		*inode = file_inode(iocb->ki_filp);
435 	struct xfs_inode	*ip = XFS_I(inode);
436 	loff_t			offset = iocb->ki_pos;
437 	int			error = 0;
438 
439 	trace_xfs_end_io_direct_write(ip, offset, size);
440 
441 	if (XFS_FORCED_SHUTDOWN(ip->i_mount))
442 		return -EIO;
443 
444 	if (size <= 0)
445 		return size;
446 
447 	if (flags & IOMAP_DIO_COW) {
448 		error = xfs_reflink_end_cow(ip, offset, size);
449 		if (error)
450 			return error;
451 	}
452 
453 	/*
454 	 * Unwritten conversion updates the in-core isize after extent
455 	 * conversion but before updating the on-disk size. Updating isize any
456 	 * earlier allows a racing dio read to find unwritten extents before
457 	 * they are converted.
458 	 */
459 	if (flags & IOMAP_DIO_UNWRITTEN)
460 		return xfs_iomap_write_unwritten(ip, offset, size, true);
461 
462 	/*
463 	 * We need to update the in-core inode size here so that we don't end up
464 	 * with the on-disk inode size being outside the in-core inode size. We
465 	 * have no other method of updating EOF for AIO, so always do it here
466 	 * if necessary.
467 	 *
468 	 * We need to lock the test/set EOF update as we can be racing with
469 	 * other IO completions here to update the EOF. Failing to serialise
470 	 * here can result in EOF moving backwards and Bad Things Happen when
471 	 * that occurs.
472 	 */
473 	spin_lock(&ip->i_flags_lock);
474 	if (offset + size > i_size_read(inode)) {
475 		i_size_write(inode, offset + size);
476 		spin_unlock(&ip->i_flags_lock);
477 		error = xfs_setfilesize(ip, offset, size);
478 	} else {
479 		spin_unlock(&ip->i_flags_lock);
480 	}
481 
482 	return error;
483 }
484 
485 /*
486  * xfs_file_dio_aio_write - handle direct IO writes
487  *
488  * Lock the inode appropriately to prepare for and issue a direct IO write.
489  * By separating it from the buffered write path we remove all the tricky to
490  * follow locking changes and looping.
491  *
492  * If there are cached pages or we're extending the file, we need IOLOCK_EXCL
493  * until we're sure the bytes at the new EOF have been zeroed and/or the cached
494  * pages are flushed out.
495  *
496  * In most cases the direct IO writes will be done holding IOLOCK_SHARED
497  * allowing them to be done in parallel with reads and other direct IO writes.
498  * However, if the IO is not aligned to filesystem blocks, the direct IO layer
499  * needs to do sub-block zeroing and that requires serialisation against other
500  * direct IOs to the same block. In this case we need to serialise the
501  * submission of the unaligned IOs so that we don't get racing block zeroing in
502  * the dio layer.  To avoid the problem with aio, we also need to wait for
503  * outstanding IOs to complete so that unwritten extent conversion is completed
504  * before we try to map the overlapping block. This is currently implemented by
505  * hitting it with a big hammer (i.e. inode_dio_wait()).
506  *
507  * Returns with locks held indicated by @iolock and errors indicated by
508  * negative return values.
509  */
510 STATIC ssize_t
511 xfs_file_dio_aio_write(
512 	struct kiocb		*iocb,
513 	struct iov_iter		*from)
514 {
515 	struct file		*file = iocb->ki_filp;
516 	struct address_space	*mapping = file->f_mapping;
517 	struct inode		*inode = mapping->host;
518 	struct xfs_inode	*ip = XFS_I(inode);
519 	struct xfs_mount	*mp = ip->i_mount;
520 	ssize_t			ret = 0;
521 	int			unaligned_io = 0;
522 	int			iolock;
523 	size_t			count = iov_iter_count(from);
524 	struct xfs_buftarg      *target = XFS_IS_REALTIME_INODE(ip) ?
525 					mp->m_rtdev_targp : mp->m_ddev_targp;
526 
527 	/* DIO must be aligned to device logical sector size */
528 	if ((iocb->ki_pos | count) & target->bt_logical_sectormask)
529 		return -EINVAL;
530 
531 	/*
532 	 * Don't take the exclusive iolock here unless the I/O is unaligned to
533 	 * the file system block size.  We don't need to consider the EOF
534 	 * extension case here because xfs_file_aio_write_checks() will relock
535 	 * the inode as necessary for EOF zeroing cases and fill out the new
536 	 * inode size as appropriate.
537 	 */
538 	if ((iocb->ki_pos & mp->m_blockmask) ||
539 	    ((iocb->ki_pos + count) & mp->m_blockmask)) {
540 		unaligned_io = 1;
541 
542 		/*
543 		 * We can't properly handle unaligned direct I/O to reflink
544 		 * files yet, as we can't unshare a partial block.
545 		 */
546 		if (xfs_is_reflink_inode(ip)) {
547 			trace_xfs_reflink_bounce_dio_write(ip, iocb->ki_pos, count);
548 			return -EREMCHG;
549 		}
550 		iolock = XFS_IOLOCK_EXCL;
551 	} else {
552 		iolock = XFS_IOLOCK_SHARED;
553 	}
554 
555 	if (!xfs_ilock_nowait(ip, iolock)) {
556 		if (iocb->ki_flags & IOCB_NOWAIT)
557 			return -EAGAIN;
558 		xfs_ilock(ip, iolock);
559 	}
560 
561 	ret = xfs_file_aio_write_checks(iocb, from, &iolock);
562 	if (ret)
563 		goto out;
564 	count = iov_iter_count(from);
565 
566 	/*
567 	 * If we are doing unaligned IO, wait for all other IO to drain,
568 	 * otherwise demote the lock if we had to take the exclusive lock
569 	 * for other reasons in xfs_file_aio_write_checks.
570 	 */
571 	if (unaligned_io) {
572 		/* If we are going to wait for other DIO to finish, bail */
573 		if (iocb->ki_flags & IOCB_NOWAIT) {
574 			if (atomic_read(&inode->i_dio_count))
575 				return -EAGAIN;
576 		} else {
577 			inode_dio_wait(inode);
578 		}
579 	} else if (iolock == XFS_IOLOCK_EXCL) {
580 		xfs_ilock_demote(ip, XFS_IOLOCK_EXCL);
581 		iolock = XFS_IOLOCK_SHARED;
582 	}
583 
584 	trace_xfs_file_direct_write(ip, count, iocb->ki_pos);
585 	ret = iomap_dio_rw(iocb, from, &xfs_iomap_ops, xfs_dio_write_end_io);
586 out:
587 	xfs_iunlock(ip, iolock);
588 
589 	/*
590 	 * No fallback to buffered IO on errors for XFS, direct IO will either
591 	 * complete fully or fail.
592 	 */
593 	ASSERT(ret < 0 || ret == count);
594 	return ret;
595 }
596 
597 static noinline ssize_t
598 xfs_file_dax_write(
599 	struct kiocb		*iocb,
600 	struct iov_iter		*from)
601 {
602 	struct inode		*inode = iocb->ki_filp->f_mapping->host;
603 	struct xfs_inode	*ip = XFS_I(inode);
604 	int			iolock = XFS_IOLOCK_EXCL;
605 	ssize_t			ret, error = 0;
606 	size_t			count;
607 	loff_t			pos;
608 
609 	if (!xfs_ilock_nowait(ip, iolock)) {
610 		if (iocb->ki_flags & IOCB_NOWAIT)
611 			return -EAGAIN;
612 		xfs_ilock(ip, iolock);
613 	}
614 
615 	ret = xfs_file_aio_write_checks(iocb, from, &iolock);
616 	if (ret)
617 		goto out;
618 
619 	pos = iocb->ki_pos;
620 	count = iov_iter_count(from);
621 
622 	trace_xfs_file_dax_write(ip, count, pos);
623 	ret = dax_iomap_rw(iocb, from, &xfs_iomap_ops);
624 	if (ret > 0 && iocb->ki_pos > i_size_read(inode)) {
625 		i_size_write(inode, iocb->ki_pos);
626 		error = xfs_setfilesize(ip, pos, ret);
627 	}
628 out:
629 	xfs_iunlock(ip, iolock);
630 	return error ? error : ret;
631 }
632 
633 STATIC ssize_t
634 xfs_file_buffered_aio_write(
635 	struct kiocb		*iocb,
636 	struct iov_iter		*from)
637 {
638 	struct file		*file = iocb->ki_filp;
639 	struct address_space	*mapping = file->f_mapping;
640 	struct inode		*inode = mapping->host;
641 	struct xfs_inode	*ip = XFS_I(inode);
642 	ssize_t			ret;
643 	int			enospc = 0;
644 	int			iolock;
645 
646 	if (iocb->ki_flags & IOCB_NOWAIT)
647 		return -EOPNOTSUPP;
648 
649 write_retry:
650 	iolock = XFS_IOLOCK_EXCL;
651 	xfs_ilock(ip, iolock);
652 
653 	ret = xfs_file_aio_write_checks(iocb, from, &iolock);
654 	if (ret)
655 		goto out;
656 
657 	/* We can write back this queue in page reclaim */
658 	current->backing_dev_info = inode_to_bdi(inode);
659 
660 	trace_xfs_file_buffered_write(ip, iov_iter_count(from), iocb->ki_pos);
661 	ret = iomap_file_buffered_write(iocb, from, &xfs_iomap_ops);
662 	if (likely(ret >= 0))
663 		iocb->ki_pos += ret;
664 
665 	/*
666 	 * If we hit a space limit, try to free up some lingering preallocated
667 	 * space before returning an error. In the case of ENOSPC, first try to
668 	 * write back all dirty inodes to free up some of the excess reserved
669 	 * metadata space. This reduces the chances that the eofblocks scan
670 	 * waits on dirty mappings. Since xfs_flush_inodes() is serialized, this
671 	 * also behaves as a filter to prevent too many eofblocks scans from
672 	 * running at the same time.
673 	 */
674 	if (ret == -EDQUOT && !enospc) {
675 		xfs_iunlock(ip, iolock);
676 		enospc = xfs_inode_free_quota_eofblocks(ip);
677 		if (enospc)
678 			goto write_retry;
679 		enospc = xfs_inode_free_quota_cowblocks(ip);
680 		if (enospc)
681 			goto write_retry;
682 		iolock = 0;
683 	} else if (ret == -ENOSPC && !enospc) {
684 		struct xfs_eofblocks eofb = {0};
685 
686 		enospc = 1;
687 		xfs_flush_inodes(ip->i_mount);
688 
689 		xfs_iunlock(ip, iolock);
690 		eofb.eof_flags = XFS_EOF_FLAGS_SYNC;
691 		xfs_icache_free_eofblocks(ip->i_mount, &eofb);
692 		xfs_icache_free_cowblocks(ip->i_mount, &eofb);
693 		goto write_retry;
694 	}
695 
696 	current->backing_dev_info = NULL;
697 out:
698 	if (iolock)
699 		xfs_iunlock(ip, iolock);
700 	return ret;
701 }
702 
703 STATIC ssize_t
704 xfs_file_write_iter(
705 	struct kiocb		*iocb,
706 	struct iov_iter		*from)
707 {
708 	struct file		*file = iocb->ki_filp;
709 	struct address_space	*mapping = file->f_mapping;
710 	struct inode		*inode = mapping->host;
711 	struct xfs_inode	*ip = XFS_I(inode);
712 	ssize_t			ret;
713 	size_t			ocount = iov_iter_count(from);
714 
715 	XFS_STATS_INC(ip->i_mount, xs_write_calls);
716 
717 	if (ocount == 0)
718 		return 0;
719 
720 	if (XFS_FORCED_SHUTDOWN(ip->i_mount))
721 		return -EIO;
722 
723 	if (IS_DAX(inode))
724 		ret = xfs_file_dax_write(iocb, from);
725 	else if (iocb->ki_flags & IOCB_DIRECT) {
726 		/*
727 		 * Allow a directio write to fall back to a buffered
728 		 * write *only* in the case that we're doing a reflink
729 		 * CoW.  In all other directio scenarios we do not
730 		 * allow an operation to fall back to buffered mode.
731 		 */
732 		ret = xfs_file_dio_aio_write(iocb, from);
733 		if (ret == -EREMCHG)
734 			goto buffered;
735 	} else {
736 buffered:
737 		ret = xfs_file_buffered_aio_write(iocb, from);
738 	}
739 
740 	if (ret > 0) {
741 		XFS_STATS_ADD(ip->i_mount, xs_write_bytes, ret);
742 
743 		/* Handle various SYNC-type writes */
744 		ret = generic_write_sync(iocb, ret);
745 	}
746 	return ret;
747 }
748 
749 #define	XFS_FALLOC_FL_SUPPORTED						\
750 		(FALLOC_FL_KEEP_SIZE | FALLOC_FL_PUNCH_HOLE |		\
751 		 FALLOC_FL_COLLAPSE_RANGE | FALLOC_FL_ZERO_RANGE |	\
752 		 FALLOC_FL_INSERT_RANGE | FALLOC_FL_UNSHARE_RANGE)
753 
754 STATIC long
755 xfs_file_fallocate(
756 	struct file		*file,
757 	int			mode,
758 	loff_t			offset,
759 	loff_t			len)
760 {
761 	struct inode		*inode = file_inode(file);
762 	struct xfs_inode	*ip = XFS_I(inode);
763 	long			error;
764 	enum xfs_prealloc_flags	flags = 0;
765 	uint			iolock = XFS_IOLOCK_EXCL;
766 	loff_t			new_size = 0;
767 	bool			do_file_insert = false;
768 
769 	if (!S_ISREG(inode->i_mode))
770 		return -EINVAL;
771 	if (mode & ~XFS_FALLOC_FL_SUPPORTED)
772 		return -EOPNOTSUPP;
773 
774 	xfs_ilock(ip, iolock);
775 	error = xfs_break_layouts(inode, &iolock);
776 	if (error)
777 		goto out_unlock;
778 
779 	xfs_ilock(ip, XFS_MMAPLOCK_EXCL);
780 	iolock |= XFS_MMAPLOCK_EXCL;
781 
782 	if (mode & FALLOC_FL_PUNCH_HOLE) {
783 		error = xfs_free_file_space(ip, offset, len);
784 		if (error)
785 			goto out_unlock;
786 	} else if (mode & FALLOC_FL_COLLAPSE_RANGE) {
787 		unsigned int blksize_mask = i_blocksize(inode) - 1;
788 
789 		if (offset & blksize_mask || len & blksize_mask) {
790 			error = -EINVAL;
791 			goto out_unlock;
792 		}
793 
794 		/*
795 		 * There is no need to overlap collapse range with EOF,
796 		 * in which case it is effectively a truncate operation
797 		 */
798 		if (offset + len >= i_size_read(inode)) {
799 			error = -EINVAL;
800 			goto out_unlock;
801 		}
802 
803 		new_size = i_size_read(inode) - len;
804 
805 		error = xfs_collapse_file_space(ip, offset, len);
806 		if (error)
807 			goto out_unlock;
808 	} else if (mode & FALLOC_FL_INSERT_RANGE) {
809 		unsigned int blksize_mask = i_blocksize(inode) - 1;
810 
811 		new_size = i_size_read(inode) + len;
812 		if (offset & blksize_mask || len & blksize_mask) {
813 			error = -EINVAL;
814 			goto out_unlock;
815 		}
816 
817 		/* check the new inode size does not wrap through zero */
818 		if (new_size > inode->i_sb->s_maxbytes) {
819 			error = -EFBIG;
820 			goto out_unlock;
821 		}
822 
823 		/* Offset should be less than i_size */
824 		if (offset >= i_size_read(inode)) {
825 			error = -EINVAL;
826 			goto out_unlock;
827 		}
828 		do_file_insert = true;
829 	} else {
830 		flags |= XFS_PREALLOC_SET;
831 
832 		if (!(mode & FALLOC_FL_KEEP_SIZE) &&
833 		    offset + len > i_size_read(inode)) {
834 			new_size = offset + len;
835 			error = inode_newsize_ok(inode, new_size);
836 			if (error)
837 				goto out_unlock;
838 		}
839 
840 		if (mode & FALLOC_FL_ZERO_RANGE)
841 			error = xfs_zero_file_space(ip, offset, len);
842 		else {
843 			if (mode & FALLOC_FL_UNSHARE_RANGE) {
844 				error = xfs_reflink_unshare(ip, offset, len);
845 				if (error)
846 					goto out_unlock;
847 			}
848 			error = xfs_alloc_file_space(ip, offset, len,
849 						     XFS_BMAPI_PREALLOC);
850 		}
851 		if (error)
852 			goto out_unlock;
853 	}
854 
855 	if (file->f_flags & O_DSYNC)
856 		flags |= XFS_PREALLOC_SYNC;
857 
858 	error = xfs_update_prealloc_flags(ip, flags);
859 	if (error)
860 		goto out_unlock;
861 
862 	/* Change file size if needed */
863 	if (new_size) {
864 		struct iattr iattr;
865 
866 		iattr.ia_valid = ATTR_SIZE;
867 		iattr.ia_size = new_size;
868 		error = xfs_vn_setattr_size(file_dentry(file), &iattr);
869 		if (error)
870 			goto out_unlock;
871 	}
872 
873 	/*
874 	 * Perform hole insertion now that the file size has been
875 	 * updated so that if we crash during the operation we don't
876 	 * leave shifted extents past EOF and hence losing access to
877 	 * the data that is contained within them.
878 	 */
879 	if (do_file_insert)
880 		error = xfs_insert_file_space(ip, offset, len);
881 
882 out_unlock:
883 	xfs_iunlock(ip, iolock);
884 	return error;
885 }
886 
887 STATIC int
888 xfs_file_clone_range(
889 	struct file	*file_in,
890 	loff_t		pos_in,
891 	struct file	*file_out,
892 	loff_t		pos_out,
893 	u64		len)
894 {
895 	return xfs_reflink_remap_range(file_in, pos_in, file_out, pos_out,
896 				     len, false);
897 }
898 
899 STATIC ssize_t
900 xfs_file_dedupe_range(
901 	struct file	*src_file,
902 	u64		loff,
903 	u64		len,
904 	struct file	*dst_file,
905 	u64		dst_loff)
906 {
907 	int		error;
908 
909 	error = xfs_reflink_remap_range(src_file, loff, dst_file, dst_loff,
910 				     len, true);
911 	if (error)
912 		return error;
913 	return len;
914 }
915 
916 STATIC int
917 xfs_file_open(
918 	struct inode	*inode,
919 	struct file	*file)
920 {
921 	if (!(file->f_flags & O_LARGEFILE) && i_size_read(inode) > MAX_NON_LFS)
922 		return -EFBIG;
923 	if (XFS_FORCED_SHUTDOWN(XFS_M(inode->i_sb)))
924 		return -EIO;
925 	file->f_mode |= FMODE_NOWAIT;
926 	return 0;
927 }
928 
929 STATIC int
930 xfs_dir_open(
931 	struct inode	*inode,
932 	struct file	*file)
933 {
934 	struct xfs_inode *ip = XFS_I(inode);
935 	int		mode;
936 	int		error;
937 
938 	error = xfs_file_open(inode, file);
939 	if (error)
940 		return error;
941 
942 	/*
943 	 * If there are any blocks, read-ahead block 0 as we're almost
944 	 * certain to have the next operation be a read there.
945 	 */
946 	mode = xfs_ilock_data_map_shared(ip);
947 	if (ip->i_d.di_nextents > 0)
948 		error = xfs_dir3_data_readahead(ip, 0, -1);
949 	xfs_iunlock(ip, mode);
950 	return error;
951 }
952 
953 STATIC int
954 xfs_file_release(
955 	struct inode	*inode,
956 	struct file	*filp)
957 {
958 	return xfs_release(XFS_I(inode));
959 }
960 
961 STATIC int
962 xfs_file_readdir(
963 	struct file	*file,
964 	struct dir_context *ctx)
965 {
966 	struct inode	*inode = file_inode(file);
967 	xfs_inode_t	*ip = XFS_I(inode);
968 	size_t		bufsize;
969 
970 	/*
971 	 * The Linux API doesn't pass down the total size of the buffer
972 	 * we read into down to the filesystem.  With the filldir concept
973 	 * it's not needed for correct information, but the XFS dir2 leaf
974 	 * code wants an estimate of the buffer size to calculate it's
975 	 * readahead window and size the buffers used for mapping to
976 	 * physical blocks.
977 	 *
978 	 * Try to give it an estimate that's good enough, maybe at some
979 	 * point we can change the ->readdir prototype to include the
980 	 * buffer size.  For now we use the current glibc buffer size.
981 	 */
982 	bufsize = (size_t)min_t(loff_t, 32768, ip->i_d.di_size);
983 
984 	return xfs_readdir(NULL, ip, ctx, bufsize);
985 }
986 
987 STATIC loff_t
988 xfs_file_llseek(
989 	struct file	*file,
990 	loff_t		offset,
991 	int		whence)
992 {
993 	struct inode		*inode = file->f_mapping->host;
994 
995 	if (XFS_FORCED_SHUTDOWN(XFS_I(inode)->i_mount))
996 		return -EIO;
997 
998 	switch (whence) {
999 	default:
1000 		return generic_file_llseek(file, offset, whence);
1001 	case SEEK_HOLE:
1002 		offset = iomap_seek_hole(inode, offset, &xfs_iomap_ops);
1003 		break;
1004 	case SEEK_DATA:
1005 		offset = iomap_seek_data(inode, offset, &xfs_iomap_ops);
1006 		break;
1007 	}
1008 
1009 	if (offset < 0)
1010 		return offset;
1011 	return vfs_setpos(file, offset, inode->i_sb->s_maxbytes);
1012 }
1013 
1014 /*
1015  * Locking for serialisation of IO during page faults. This results in a lock
1016  * ordering of:
1017  *
1018  * mmap_sem (MM)
1019  *   sb_start_pagefault(vfs, freeze)
1020  *     i_mmaplock (XFS - truncate serialisation)
1021  *       page_lock (MM)
1022  *         i_lock (XFS - extent map serialisation)
1023  */
1024 static int
1025 __xfs_filemap_fault(
1026 	struct vm_fault		*vmf,
1027 	enum page_entry_size	pe_size,
1028 	bool			write_fault)
1029 {
1030 	struct inode		*inode = file_inode(vmf->vma->vm_file);
1031 	struct xfs_inode	*ip = XFS_I(inode);
1032 	int			ret;
1033 
1034 	trace_xfs_filemap_fault(ip, pe_size, write_fault);
1035 
1036 	if (write_fault) {
1037 		sb_start_pagefault(inode->i_sb);
1038 		file_update_time(vmf->vma->vm_file);
1039 	}
1040 
1041 	xfs_ilock(XFS_I(inode), XFS_MMAPLOCK_SHARED);
1042 	if (IS_DAX(inode)) {
1043 		ret = dax_iomap_fault(vmf, pe_size, &xfs_iomap_ops);
1044 	} else {
1045 		if (write_fault)
1046 			ret = iomap_page_mkwrite(vmf, &xfs_iomap_ops);
1047 		else
1048 			ret = filemap_fault(vmf);
1049 	}
1050 	xfs_iunlock(XFS_I(inode), XFS_MMAPLOCK_SHARED);
1051 
1052 	if (write_fault)
1053 		sb_end_pagefault(inode->i_sb);
1054 	return ret;
1055 }
1056 
1057 static int
1058 xfs_filemap_fault(
1059 	struct vm_fault		*vmf)
1060 {
1061 	/* DAX can shortcut the normal fault path on write faults! */
1062 	return __xfs_filemap_fault(vmf, PE_SIZE_PTE,
1063 			IS_DAX(file_inode(vmf->vma->vm_file)) &&
1064 			(vmf->flags & FAULT_FLAG_WRITE));
1065 }
1066 
1067 static int
1068 xfs_filemap_huge_fault(
1069 	struct vm_fault		*vmf,
1070 	enum page_entry_size	pe_size)
1071 {
1072 	if (!IS_DAX(file_inode(vmf->vma->vm_file)))
1073 		return VM_FAULT_FALLBACK;
1074 
1075 	/* DAX can shortcut the normal fault path on write faults! */
1076 	return __xfs_filemap_fault(vmf, pe_size,
1077 			(vmf->flags & FAULT_FLAG_WRITE));
1078 }
1079 
1080 static int
1081 xfs_filemap_page_mkwrite(
1082 	struct vm_fault		*vmf)
1083 {
1084 	return __xfs_filemap_fault(vmf, PE_SIZE_PTE, true);
1085 }
1086 
1087 /*
1088  * pfn_mkwrite was originally inteneded to ensure we capture time stamp
1089  * updates on write faults. In reality, it's need to serialise against
1090  * truncate similar to page_mkwrite. Hence we cycle the XFS_MMAPLOCK_SHARED
1091  * to ensure we serialise the fault barrier in place.
1092  */
1093 static int
1094 xfs_filemap_pfn_mkwrite(
1095 	struct vm_fault		*vmf)
1096 {
1097 
1098 	struct inode		*inode = file_inode(vmf->vma->vm_file);
1099 	struct xfs_inode	*ip = XFS_I(inode);
1100 	int			ret = VM_FAULT_NOPAGE;
1101 	loff_t			size;
1102 
1103 	trace_xfs_filemap_pfn_mkwrite(ip);
1104 
1105 	sb_start_pagefault(inode->i_sb);
1106 	file_update_time(vmf->vma->vm_file);
1107 
1108 	/* check if the faulting page hasn't raced with truncate */
1109 	xfs_ilock(ip, XFS_MMAPLOCK_SHARED);
1110 	size = (i_size_read(inode) + PAGE_SIZE - 1) >> PAGE_SHIFT;
1111 	if (vmf->pgoff >= size)
1112 		ret = VM_FAULT_SIGBUS;
1113 	else if (IS_DAX(inode))
1114 		ret = dax_iomap_fault(vmf, PE_SIZE_PTE, &xfs_iomap_ops);
1115 	xfs_iunlock(ip, XFS_MMAPLOCK_SHARED);
1116 	sb_end_pagefault(inode->i_sb);
1117 	return ret;
1118 
1119 }
1120 
1121 static const struct vm_operations_struct xfs_file_vm_ops = {
1122 	.fault		= xfs_filemap_fault,
1123 	.huge_fault	= xfs_filemap_huge_fault,
1124 	.map_pages	= filemap_map_pages,
1125 	.page_mkwrite	= xfs_filemap_page_mkwrite,
1126 	.pfn_mkwrite	= xfs_filemap_pfn_mkwrite,
1127 };
1128 
1129 STATIC int
1130 xfs_file_mmap(
1131 	struct file	*filp,
1132 	struct vm_area_struct *vma)
1133 {
1134 	file_accessed(filp);
1135 	vma->vm_ops = &xfs_file_vm_ops;
1136 	if (IS_DAX(file_inode(filp)))
1137 		vma->vm_flags |= VM_MIXEDMAP | VM_HUGEPAGE;
1138 	return 0;
1139 }
1140 
1141 const struct file_operations xfs_file_operations = {
1142 	.llseek		= xfs_file_llseek,
1143 	.read_iter	= xfs_file_read_iter,
1144 	.write_iter	= xfs_file_write_iter,
1145 	.splice_read	= generic_file_splice_read,
1146 	.splice_write	= iter_file_splice_write,
1147 	.unlocked_ioctl	= xfs_file_ioctl,
1148 #ifdef CONFIG_COMPAT
1149 	.compat_ioctl	= xfs_file_compat_ioctl,
1150 #endif
1151 	.mmap		= xfs_file_mmap,
1152 	.open		= xfs_file_open,
1153 	.release	= xfs_file_release,
1154 	.fsync		= xfs_file_fsync,
1155 	.get_unmapped_area = thp_get_unmapped_area,
1156 	.fallocate	= xfs_file_fallocate,
1157 	.clone_file_range = xfs_file_clone_range,
1158 	.dedupe_file_range = xfs_file_dedupe_range,
1159 };
1160 
1161 const struct file_operations xfs_dir_file_operations = {
1162 	.open		= xfs_dir_open,
1163 	.read		= generic_read_dir,
1164 	.iterate_shared	= xfs_file_readdir,
1165 	.llseek		= generic_file_llseek,
1166 	.unlocked_ioctl	= xfs_file_ioctl,
1167 #ifdef CONFIG_COMPAT
1168 	.compat_ioctl	= xfs_file_compat_ioctl,
1169 #endif
1170 	.fsync		= xfs_dir_fsync,
1171 };
1172