1*4882a593Smuzhiyun // SPDX-License-Identifier: GPL-2.0-only
2*4882a593Smuzhiyun /*
3*4882a593Smuzhiyun * This file is part of UBIFS.
4*4882a593Smuzhiyun *
5*4882a593Smuzhiyun * Copyright (C) 2006-2008 Nokia Corporation.
6*4882a593Smuzhiyun *
7*4882a593Smuzhiyun * Authors: Adrian Hunter
8*4882a593Smuzhiyun * Artem Bityutskiy (Битюцкий Артём)
9*4882a593Smuzhiyun */
10*4882a593Smuzhiyun
11*4882a593Smuzhiyun /*
12*4882a593Smuzhiyun * This file implements functions that manage the running of the commit process.
13*4882a593Smuzhiyun * Each affected module has its own functions to accomplish their part in the
14*4882a593Smuzhiyun * commit and those functions are called here.
15*4882a593Smuzhiyun *
16*4882a593Smuzhiyun * The commit is the process whereby all updates to the index and LEB properties
17*4882a593Smuzhiyun * are written out together and the journal becomes empty. This keeps the
18*4882a593Smuzhiyun * file system consistent - at all times the state can be recreated by reading
19*4882a593Smuzhiyun * the index and LEB properties and then replaying the journal.
20*4882a593Smuzhiyun *
21*4882a593Smuzhiyun * The commit is split into two parts named "commit start" and "commit end".
22*4882a593Smuzhiyun * During commit start, the commit process has exclusive access to the journal
23*4882a593Smuzhiyun * by holding the commit semaphore down for writing. As few I/O operations as
24*4882a593Smuzhiyun * possible are performed during commit start, instead the nodes that are to be
25*4882a593Smuzhiyun * written are merely identified. During commit end, the commit semaphore is no
26*4882a593Smuzhiyun * longer held and the journal is again in operation, allowing users to continue
27*4882a593Smuzhiyun * to use the file system while the bulk of the commit I/O is performed. The
28*4882a593Smuzhiyun * purpose of this two-step approach is to prevent the commit from causing any
29*4882a593Smuzhiyun * latency blips. Note that in any case, the commit does not prevent lookups
30*4882a593Smuzhiyun * (as permitted by the TNC mutex), or access to VFS data structures e.g. page
31*4882a593Smuzhiyun * cache.
32*4882a593Smuzhiyun */
33*4882a593Smuzhiyun
34*4882a593Smuzhiyun #include <linux/freezer.h>
35*4882a593Smuzhiyun #include <linux/kthread.h>
36*4882a593Smuzhiyun #include <linux/slab.h>
37*4882a593Smuzhiyun #include "ubifs.h"
38*4882a593Smuzhiyun
39*4882a593Smuzhiyun /*
40*4882a593Smuzhiyun * nothing_to_commit - check if there is nothing to commit.
41*4882a593Smuzhiyun * @c: UBIFS file-system description object
42*4882a593Smuzhiyun *
43*4882a593Smuzhiyun * This is a helper function which checks if there is anything to commit. It is
44*4882a593Smuzhiyun * used as an optimization to avoid starting the commit if it is not really
45*4882a593Smuzhiyun * necessary. Indeed, the commit operation always assumes flash I/O (e.g.,
46*4882a593Smuzhiyun * writing the commit start node to the log), and it is better to avoid doing
47*4882a593Smuzhiyun * this unnecessarily. E.g., 'ubifs_sync_fs()' runs the commit, but if there is
48*4882a593Smuzhiyun * nothing to commit, it is more optimal to avoid any flash I/O.
49*4882a593Smuzhiyun *
50*4882a593Smuzhiyun * This function has to be called with @c->commit_sem locked for writing -
51*4882a593Smuzhiyun * this function does not take LPT/TNC locks because the @c->commit_sem
52*4882a593Smuzhiyun * guarantees that we have exclusive access to the TNC and LPT data structures.
53*4882a593Smuzhiyun *
54*4882a593Smuzhiyun * This function returns %1 if there is nothing to commit and %0 otherwise.
55*4882a593Smuzhiyun */
nothing_to_commit(struct ubifs_info * c)56*4882a593Smuzhiyun static int nothing_to_commit(struct ubifs_info *c)
57*4882a593Smuzhiyun {
58*4882a593Smuzhiyun /*
59*4882a593Smuzhiyun * During mounting or remounting from R/O mode to R/W mode we may
60*4882a593Smuzhiyun * commit for various recovery-related reasons.
61*4882a593Smuzhiyun */
62*4882a593Smuzhiyun if (c->mounting || c->remounting_rw)
63*4882a593Smuzhiyun return 0;
64*4882a593Smuzhiyun
65*4882a593Smuzhiyun /*
66*4882a593Smuzhiyun * If the root TNC node is dirty, we definitely have something to
67*4882a593Smuzhiyun * commit.
68*4882a593Smuzhiyun */
69*4882a593Smuzhiyun if (c->zroot.znode && ubifs_zn_dirty(c->zroot.znode))
70*4882a593Smuzhiyun return 0;
71*4882a593Smuzhiyun
72*4882a593Smuzhiyun /*
73*4882a593Smuzhiyun * Even though the TNC is clean, the LPT tree may have dirty nodes. For
74*4882a593Smuzhiyun * example, this may happen if the budgeting subsystem invoked GC to
75*4882a593Smuzhiyun * make some free space, and the GC found an LEB with only dirty and
76*4882a593Smuzhiyun * free space. In this case GC would just change the lprops of this
77*4882a593Smuzhiyun * LEB (by turning all space into free space) and unmap it.
78*4882a593Smuzhiyun */
79*4882a593Smuzhiyun if (c->nroot && test_bit(DIRTY_CNODE, &c->nroot->flags))
80*4882a593Smuzhiyun return 0;
81*4882a593Smuzhiyun
82*4882a593Smuzhiyun ubifs_assert(c, atomic_long_read(&c->dirty_zn_cnt) == 0);
83*4882a593Smuzhiyun ubifs_assert(c, c->dirty_pn_cnt == 0);
84*4882a593Smuzhiyun ubifs_assert(c, c->dirty_nn_cnt == 0);
85*4882a593Smuzhiyun
86*4882a593Smuzhiyun return 1;
87*4882a593Smuzhiyun }
88*4882a593Smuzhiyun
89*4882a593Smuzhiyun /**
90*4882a593Smuzhiyun * do_commit - commit the journal.
91*4882a593Smuzhiyun * @c: UBIFS file-system description object
92*4882a593Smuzhiyun *
93*4882a593Smuzhiyun * This function implements UBIFS commit. It has to be called with commit lock
94*4882a593Smuzhiyun * locked. Returns zero in case of success and a negative error code in case of
95*4882a593Smuzhiyun * failure.
96*4882a593Smuzhiyun */
do_commit(struct ubifs_info * c)97*4882a593Smuzhiyun static int do_commit(struct ubifs_info *c)
98*4882a593Smuzhiyun {
99*4882a593Smuzhiyun int err, new_ltail_lnum, old_ltail_lnum, i;
100*4882a593Smuzhiyun struct ubifs_zbranch zroot;
101*4882a593Smuzhiyun struct ubifs_lp_stats lst;
102*4882a593Smuzhiyun
103*4882a593Smuzhiyun dbg_cmt("start");
104*4882a593Smuzhiyun ubifs_assert(c, !c->ro_media && !c->ro_mount);
105*4882a593Smuzhiyun
106*4882a593Smuzhiyun if (c->ro_error) {
107*4882a593Smuzhiyun err = -EROFS;
108*4882a593Smuzhiyun goto out_up;
109*4882a593Smuzhiyun }
110*4882a593Smuzhiyun
111*4882a593Smuzhiyun if (nothing_to_commit(c)) {
112*4882a593Smuzhiyun up_write(&c->commit_sem);
113*4882a593Smuzhiyun err = 0;
114*4882a593Smuzhiyun goto out_cancel;
115*4882a593Smuzhiyun }
116*4882a593Smuzhiyun
117*4882a593Smuzhiyun /* Sync all write buffers (necessary for recovery) */
118*4882a593Smuzhiyun for (i = 0; i < c->jhead_cnt; i++) {
119*4882a593Smuzhiyun err = ubifs_wbuf_sync(&c->jheads[i].wbuf);
120*4882a593Smuzhiyun if (err)
121*4882a593Smuzhiyun goto out_up;
122*4882a593Smuzhiyun }
123*4882a593Smuzhiyun
124*4882a593Smuzhiyun c->cmt_no += 1;
125*4882a593Smuzhiyun err = ubifs_gc_start_commit(c);
126*4882a593Smuzhiyun if (err)
127*4882a593Smuzhiyun goto out_up;
128*4882a593Smuzhiyun err = dbg_check_lprops(c);
129*4882a593Smuzhiyun if (err)
130*4882a593Smuzhiyun goto out_up;
131*4882a593Smuzhiyun err = ubifs_log_start_commit(c, &new_ltail_lnum);
132*4882a593Smuzhiyun if (err)
133*4882a593Smuzhiyun goto out_up;
134*4882a593Smuzhiyun err = ubifs_tnc_start_commit(c, &zroot);
135*4882a593Smuzhiyun if (err)
136*4882a593Smuzhiyun goto out_up;
137*4882a593Smuzhiyun err = ubifs_lpt_start_commit(c);
138*4882a593Smuzhiyun if (err)
139*4882a593Smuzhiyun goto out_up;
140*4882a593Smuzhiyun err = ubifs_orphan_start_commit(c);
141*4882a593Smuzhiyun if (err)
142*4882a593Smuzhiyun goto out_up;
143*4882a593Smuzhiyun
144*4882a593Smuzhiyun ubifs_get_lp_stats(c, &lst);
145*4882a593Smuzhiyun
146*4882a593Smuzhiyun up_write(&c->commit_sem);
147*4882a593Smuzhiyun
148*4882a593Smuzhiyun err = ubifs_tnc_end_commit(c);
149*4882a593Smuzhiyun if (err)
150*4882a593Smuzhiyun goto out;
151*4882a593Smuzhiyun err = ubifs_lpt_end_commit(c);
152*4882a593Smuzhiyun if (err)
153*4882a593Smuzhiyun goto out;
154*4882a593Smuzhiyun err = ubifs_orphan_end_commit(c);
155*4882a593Smuzhiyun if (err)
156*4882a593Smuzhiyun goto out;
157*4882a593Smuzhiyun err = dbg_check_old_index(c, &zroot);
158*4882a593Smuzhiyun if (err)
159*4882a593Smuzhiyun goto out;
160*4882a593Smuzhiyun
161*4882a593Smuzhiyun c->mst_node->cmt_no = cpu_to_le64(c->cmt_no);
162*4882a593Smuzhiyun c->mst_node->log_lnum = cpu_to_le32(new_ltail_lnum);
163*4882a593Smuzhiyun c->mst_node->root_lnum = cpu_to_le32(zroot.lnum);
164*4882a593Smuzhiyun c->mst_node->root_offs = cpu_to_le32(zroot.offs);
165*4882a593Smuzhiyun c->mst_node->root_len = cpu_to_le32(zroot.len);
166*4882a593Smuzhiyun c->mst_node->ihead_lnum = cpu_to_le32(c->ihead_lnum);
167*4882a593Smuzhiyun c->mst_node->ihead_offs = cpu_to_le32(c->ihead_offs);
168*4882a593Smuzhiyun c->mst_node->index_size = cpu_to_le64(c->bi.old_idx_sz);
169*4882a593Smuzhiyun c->mst_node->lpt_lnum = cpu_to_le32(c->lpt_lnum);
170*4882a593Smuzhiyun c->mst_node->lpt_offs = cpu_to_le32(c->lpt_offs);
171*4882a593Smuzhiyun c->mst_node->nhead_lnum = cpu_to_le32(c->nhead_lnum);
172*4882a593Smuzhiyun c->mst_node->nhead_offs = cpu_to_le32(c->nhead_offs);
173*4882a593Smuzhiyun c->mst_node->ltab_lnum = cpu_to_le32(c->ltab_lnum);
174*4882a593Smuzhiyun c->mst_node->ltab_offs = cpu_to_le32(c->ltab_offs);
175*4882a593Smuzhiyun c->mst_node->lsave_lnum = cpu_to_le32(c->lsave_lnum);
176*4882a593Smuzhiyun c->mst_node->lsave_offs = cpu_to_le32(c->lsave_offs);
177*4882a593Smuzhiyun c->mst_node->lscan_lnum = cpu_to_le32(c->lscan_lnum);
178*4882a593Smuzhiyun c->mst_node->empty_lebs = cpu_to_le32(lst.empty_lebs);
179*4882a593Smuzhiyun c->mst_node->idx_lebs = cpu_to_le32(lst.idx_lebs);
180*4882a593Smuzhiyun c->mst_node->total_free = cpu_to_le64(lst.total_free);
181*4882a593Smuzhiyun c->mst_node->total_dirty = cpu_to_le64(lst.total_dirty);
182*4882a593Smuzhiyun c->mst_node->total_used = cpu_to_le64(lst.total_used);
183*4882a593Smuzhiyun c->mst_node->total_dead = cpu_to_le64(lst.total_dead);
184*4882a593Smuzhiyun c->mst_node->total_dark = cpu_to_le64(lst.total_dark);
185*4882a593Smuzhiyun if (c->no_orphs)
186*4882a593Smuzhiyun c->mst_node->flags |= cpu_to_le32(UBIFS_MST_NO_ORPHS);
187*4882a593Smuzhiyun else
188*4882a593Smuzhiyun c->mst_node->flags &= ~cpu_to_le32(UBIFS_MST_NO_ORPHS);
189*4882a593Smuzhiyun
190*4882a593Smuzhiyun old_ltail_lnum = c->ltail_lnum;
191*4882a593Smuzhiyun err = ubifs_log_end_commit(c, new_ltail_lnum);
192*4882a593Smuzhiyun if (err)
193*4882a593Smuzhiyun goto out;
194*4882a593Smuzhiyun
195*4882a593Smuzhiyun err = ubifs_log_post_commit(c, old_ltail_lnum);
196*4882a593Smuzhiyun if (err)
197*4882a593Smuzhiyun goto out;
198*4882a593Smuzhiyun err = ubifs_gc_end_commit(c);
199*4882a593Smuzhiyun if (err)
200*4882a593Smuzhiyun goto out;
201*4882a593Smuzhiyun err = ubifs_lpt_post_commit(c);
202*4882a593Smuzhiyun if (err)
203*4882a593Smuzhiyun goto out;
204*4882a593Smuzhiyun
205*4882a593Smuzhiyun out_cancel:
206*4882a593Smuzhiyun spin_lock(&c->cs_lock);
207*4882a593Smuzhiyun c->cmt_state = COMMIT_RESTING;
208*4882a593Smuzhiyun wake_up(&c->cmt_wq);
209*4882a593Smuzhiyun dbg_cmt("commit end");
210*4882a593Smuzhiyun spin_unlock(&c->cs_lock);
211*4882a593Smuzhiyun return 0;
212*4882a593Smuzhiyun
213*4882a593Smuzhiyun out_up:
214*4882a593Smuzhiyun up_write(&c->commit_sem);
215*4882a593Smuzhiyun out:
216*4882a593Smuzhiyun ubifs_err(c, "commit failed, error %d", err);
217*4882a593Smuzhiyun spin_lock(&c->cs_lock);
218*4882a593Smuzhiyun c->cmt_state = COMMIT_BROKEN;
219*4882a593Smuzhiyun wake_up(&c->cmt_wq);
220*4882a593Smuzhiyun spin_unlock(&c->cs_lock);
221*4882a593Smuzhiyun ubifs_ro_mode(c, err);
222*4882a593Smuzhiyun return err;
223*4882a593Smuzhiyun }
224*4882a593Smuzhiyun
225*4882a593Smuzhiyun /**
226*4882a593Smuzhiyun * run_bg_commit - run background commit if it is needed.
227*4882a593Smuzhiyun * @c: UBIFS file-system description object
228*4882a593Smuzhiyun *
229*4882a593Smuzhiyun * This function runs background commit if it is needed. Returns zero in case
230*4882a593Smuzhiyun * of success and a negative error code in case of failure.
231*4882a593Smuzhiyun */
run_bg_commit(struct ubifs_info * c)232*4882a593Smuzhiyun static int run_bg_commit(struct ubifs_info *c)
233*4882a593Smuzhiyun {
234*4882a593Smuzhiyun spin_lock(&c->cs_lock);
235*4882a593Smuzhiyun /*
236*4882a593Smuzhiyun * Run background commit only if background commit was requested or if
237*4882a593Smuzhiyun * commit is required.
238*4882a593Smuzhiyun */
239*4882a593Smuzhiyun if (c->cmt_state != COMMIT_BACKGROUND &&
240*4882a593Smuzhiyun c->cmt_state != COMMIT_REQUIRED)
241*4882a593Smuzhiyun goto out;
242*4882a593Smuzhiyun spin_unlock(&c->cs_lock);
243*4882a593Smuzhiyun
244*4882a593Smuzhiyun down_write(&c->commit_sem);
245*4882a593Smuzhiyun spin_lock(&c->cs_lock);
246*4882a593Smuzhiyun if (c->cmt_state == COMMIT_REQUIRED)
247*4882a593Smuzhiyun c->cmt_state = COMMIT_RUNNING_REQUIRED;
248*4882a593Smuzhiyun else if (c->cmt_state == COMMIT_BACKGROUND)
249*4882a593Smuzhiyun c->cmt_state = COMMIT_RUNNING_BACKGROUND;
250*4882a593Smuzhiyun else
251*4882a593Smuzhiyun goto out_cmt_unlock;
252*4882a593Smuzhiyun spin_unlock(&c->cs_lock);
253*4882a593Smuzhiyun
254*4882a593Smuzhiyun return do_commit(c);
255*4882a593Smuzhiyun
256*4882a593Smuzhiyun out_cmt_unlock:
257*4882a593Smuzhiyun up_write(&c->commit_sem);
258*4882a593Smuzhiyun out:
259*4882a593Smuzhiyun spin_unlock(&c->cs_lock);
260*4882a593Smuzhiyun return 0;
261*4882a593Smuzhiyun }
262*4882a593Smuzhiyun
263*4882a593Smuzhiyun /**
264*4882a593Smuzhiyun * ubifs_bg_thread - UBIFS background thread function.
265*4882a593Smuzhiyun * @info: points to the file-system description object
266*4882a593Smuzhiyun *
267*4882a593Smuzhiyun * This function implements various file-system background activities:
268*4882a593Smuzhiyun * o when a write-buffer timer expires it synchronizes the appropriate
269*4882a593Smuzhiyun * write-buffer;
270*4882a593Smuzhiyun * o when the journal is about to be full, it starts in-advance commit.
271*4882a593Smuzhiyun *
272*4882a593Smuzhiyun * Note, other stuff like background garbage collection may be added here in
273*4882a593Smuzhiyun * future.
274*4882a593Smuzhiyun */
ubifs_bg_thread(void * info)275*4882a593Smuzhiyun int ubifs_bg_thread(void *info)
276*4882a593Smuzhiyun {
277*4882a593Smuzhiyun int err;
278*4882a593Smuzhiyun struct ubifs_info *c = info;
279*4882a593Smuzhiyun
280*4882a593Smuzhiyun ubifs_msg(c, "background thread \"%s\" started, PID %d",
281*4882a593Smuzhiyun c->bgt_name, current->pid);
282*4882a593Smuzhiyun set_freezable();
283*4882a593Smuzhiyun
284*4882a593Smuzhiyun while (1) {
285*4882a593Smuzhiyun if (kthread_should_stop())
286*4882a593Smuzhiyun break;
287*4882a593Smuzhiyun
288*4882a593Smuzhiyun if (try_to_freeze())
289*4882a593Smuzhiyun continue;
290*4882a593Smuzhiyun
291*4882a593Smuzhiyun set_current_state(TASK_INTERRUPTIBLE);
292*4882a593Smuzhiyun /* Check if there is something to do */
293*4882a593Smuzhiyun if (!c->need_bgt) {
294*4882a593Smuzhiyun /*
295*4882a593Smuzhiyun * Nothing prevents us from going sleep now and
296*4882a593Smuzhiyun * be never woken up and block the task which
297*4882a593Smuzhiyun * could wait in 'kthread_stop()' forever.
298*4882a593Smuzhiyun */
299*4882a593Smuzhiyun if (kthread_should_stop())
300*4882a593Smuzhiyun break;
301*4882a593Smuzhiyun schedule();
302*4882a593Smuzhiyun continue;
303*4882a593Smuzhiyun } else
304*4882a593Smuzhiyun __set_current_state(TASK_RUNNING);
305*4882a593Smuzhiyun
306*4882a593Smuzhiyun c->need_bgt = 0;
307*4882a593Smuzhiyun err = ubifs_bg_wbufs_sync(c);
308*4882a593Smuzhiyun if (err)
309*4882a593Smuzhiyun ubifs_ro_mode(c, err);
310*4882a593Smuzhiyun
311*4882a593Smuzhiyun run_bg_commit(c);
312*4882a593Smuzhiyun cond_resched();
313*4882a593Smuzhiyun }
314*4882a593Smuzhiyun
315*4882a593Smuzhiyun ubifs_msg(c, "background thread \"%s\" stops", c->bgt_name);
316*4882a593Smuzhiyun return 0;
317*4882a593Smuzhiyun }
318*4882a593Smuzhiyun
319*4882a593Smuzhiyun /**
320*4882a593Smuzhiyun * ubifs_commit_required - set commit state to "required".
321*4882a593Smuzhiyun * @c: UBIFS file-system description object
322*4882a593Smuzhiyun *
323*4882a593Smuzhiyun * This function is called if a commit is required but cannot be done from the
324*4882a593Smuzhiyun * calling function, so it is just flagged instead.
325*4882a593Smuzhiyun */
ubifs_commit_required(struct ubifs_info * c)326*4882a593Smuzhiyun void ubifs_commit_required(struct ubifs_info *c)
327*4882a593Smuzhiyun {
328*4882a593Smuzhiyun spin_lock(&c->cs_lock);
329*4882a593Smuzhiyun switch (c->cmt_state) {
330*4882a593Smuzhiyun case COMMIT_RESTING:
331*4882a593Smuzhiyun case COMMIT_BACKGROUND:
332*4882a593Smuzhiyun dbg_cmt("old: %s, new: %s", dbg_cstate(c->cmt_state),
333*4882a593Smuzhiyun dbg_cstate(COMMIT_REQUIRED));
334*4882a593Smuzhiyun c->cmt_state = COMMIT_REQUIRED;
335*4882a593Smuzhiyun break;
336*4882a593Smuzhiyun case COMMIT_RUNNING_BACKGROUND:
337*4882a593Smuzhiyun dbg_cmt("old: %s, new: %s", dbg_cstate(c->cmt_state),
338*4882a593Smuzhiyun dbg_cstate(COMMIT_RUNNING_REQUIRED));
339*4882a593Smuzhiyun c->cmt_state = COMMIT_RUNNING_REQUIRED;
340*4882a593Smuzhiyun break;
341*4882a593Smuzhiyun case COMMIT_REQUIRED:
342*4882a593Smuzhiyun case COMMIT_RUNNING_REQUIRED:
343*4882a593Smuzhiyun case COMMIT_BROKEN:
344*4882a593Smuzhiyun break;
345*4882a593Smuzhiyun }
346*4882a593Smuzhiyun spin_unlock(&c->cs_lock);
347*4882a593Smuzhiyun }
348*4882a593Smuzhiyun
349*4882a593Smuzhiyun /**
350*4882a593Smuzhiyun * ubifs_request_bg_commit - notify the background thread to do a commit.
351*4882a593Smuzhiyun * @c: UBIFS file-system description object
352*4882a593Smuzhiyun *
353*4882a593Smuzhiyun * This function is called if the journal is full enough to make a commit
354*4882a593Smuzhiyun * worthwhile, so background thread is kicked to start it.
355*4882a593Smuzhiyun */
ubifs_request_bg_commit(struct ubifs_info * c)356*4882a593Smuzhiyun void ubifs_request_bg_commit(struct ubifs_info *c)
357*4882a593Smuzhiyun {
358*4882a593Smuzhiyun spin_lock(&c->cs_lock);
359*4882a593Smuzhiyun if (c->cmt_state == COMMIT_RESTING) {
360*4882a593Smuzhiyun dbg_cmt("old: %s, new: %s", dbg_cstate(c->cmt_state),
361*4882a593Smuzhiyun dbg_cstate(COMMIT_BACKGROUND));
362*4882a593Smuzhiyun c->cmt_state = COMMIT_BACKGROUND;
363*4882a593Smuzhiyun spin_unlock(&c->cs_lock);
364*4882a593Smuzhiyun ubifs_wake_up_bgt(c);
365*4882a593Smuzhiyun } else
366*4882a593Smuzhiyun spin_unlock(&c->cs_lock);
367*4882a593Smuzhiyun }
368*4882a593Smuzhiyun
369*4882a593Smuzhiyun /**
370*4882a593Smuzhiyun * wait_for_commit - wait for commit.
371*4882a593Smuzhiyun * @c: UBIFS file-system description object
372*4882a593Smuzhiyun *
373*4882a593Smuzhiyun * This function sleeps until the commit operation is no longer running.
374*4882a593Smuzhiyun */
wait_for_commit(struct ubifs_info * c)375*4882a593Smuzhiyun static int wait_for_commit(struct ubifs_info *c)
376*4882a593Smuzhiyun {
377*4882a593Smuzhiyun dbg_cmt("pid %d goes sleep", current->pid);
378*4882a593Smuzhiyun
379*4882a593Smuzhiyun /*
380*4882a593Smuzhiyun * The following sleeps if the condition is false, and will be woken
381*4882a593Smuzhiyun * when the commit ends. It is possible, although very unlikely, that we
382*4882a593Smuzhiyun * will wake up and see the subsequent commit running, rather than the
383*4882a593Smuzhiyun * one we were waiting for, and go back to sleep. However, we will be
384*4882a593Smuzhiyun * woken again, so there is no danger of sleeping forever.
385*4882a593Smuzhiyun */
386*4882a593Smuzhiyun wait_event(c->cmt_wq, c->cmt_state != COMMIT_RUNNING_BACKGROUND &&
387*4882a593Smuzhiyun c->cmt_state != COMMIT_RUNNING_REQUIRED);
388*4882a593Smuzhiyun dbg_cmt("commit finished, pid %d woke up", current->pid);
389*4882a593Smuzhiyun return 0;
390*4882a593Smuzhiyun }
391*4882a593Smuzhiyun
392*4882a593Smuzhiyun /**
393*4882a593Smuzhiyun * ubifs_run_commit - run or wait for commit.
394*4882a593Smuzhiyun * @c: UBIFS file-system description object
395*4882a593Smuzhiyun *
396*4882a593Smuzhiyun * This function runs commit and returns zero in case of success and a negative
397*4882a593Smuzhiyun * error code in case of failure.
398*4882a593Smuzhiyun */
ubifs_run_commit(struct ubifs_info * c)399*4882a593Smuzhiyun int ubifs_run_commit(struct ubifs_info *c)
400*4882a593Smuzhiyun {
401*4882a593Smuzhiyun int err = 0;
402*4882a593Smuzhiyun
403*4882a593Smuzhiyun spin_lock(&c->cs_lock);
404*4882a593Smuzhiyun if (c->cmt_state == COMMIT_BROKEN) {
405*4882a593Smuzhiyun err = -EROFS;
406*4882a593Smuzhiyun goto out;
407*4882a593Smuzhiyun }
408*4882a593Smuzhiyun
409*4882a593Smuzhiyun if (c->cmt_state == COMMIT_RUNNING_BACKGROUND)
410*4882a593Smuzhiyun /*
411*4882a593Smuzhiyun * We set the commit state to 'running required' to indicate
412*4882a593Smuzhiyun * that we want it to complete as quickly as possible.
413*4882a593Smuzhiyun */
414*4882a593Smuzhiyun c->cmt_state = COMMIT_RUNNING_REQUIRED;
415*4882a593Smuzhiyun
416*4882a593Smuzhiyun if (c->cmt_state == COMMIT_RUNNING_REQUIRED) {
417*4882a593Smuzhiyun spin_unlock(&c->cs_lock);
418*4882a593Smuzhiyun return wait_for_commit(c);
419*4882a593Smuzhiyun }
420*4882a593Smuzhiyun spin_unlock(&c->cs_lock);
421*4882a593Smuzhiyun
422*4882a593Smuzhiyun /* Ok, the commit is indeed needed */
423*4882a593Smuzhiyun
424*4882a593Smuzhiyun down_write(&c->commit_sem);
425*4882a593Smuzhiyun spin_lock(&c->cs_lock);
426*4882a593Smuzhiyun /*
427*4882a593Smuzhiyun * Since we unlocked 'c->cs_lock', the state may have changed, so
428*4882a593Smuzhiyun * re-check it.
429*4882a593Smuzhiyun */
430*4882a593Smuzhiyun if (c->cmt_state == COMMIT_BROKEN) {
431*4882a593Smuzhiyun err = -EROFS;
432*4882a593Smuzhiyun goto out_cmt_unlock;
433*4882a593Smuzhiyun }
434*4882a593Smuzhiyun
435*4882a593Smuzhiyun if (c->cmt_state == COMMIT_RUNNING_BACKGROUND)
436*4882a593Smuzhiyun c->cmt_state = COMMIT_RUNNING_REQUIRED;
437*4882a593Smuzhiyun
438*4882a593Smuzhiyun if (c->cmt_state == COMMIT_RUNNING_REQUIRED) {
439*4882a593Smuzhiyun up_write(&c->commit_sem);
440*4882a593Smuzhiyun spin_unlock(&c->cs_lock);
441*4882a593Smuzhiyun return wait_for_commit(c);
442*4882a593Smuzhiyun }
443*4882a593Smuzhiyun c->cmt_state = COMMIT_RUNNING_REQUIRED;
444*4882a593Smuzhiyun spin_unlock(&c->cs_lock);
445*4882a593Smuzhiyun
446*4882a593Smuzhiyun err = do_commit(c);
447*4882a593Smuzhiyun return err;
448*4882a593Smuzhiyun
449*4882a593Smuzhiyun out_cmt_unlock:
450*4882a593Smuzhiyun up_write(&c->commit_sem);
451*4882a593Smuzhiyun out:
452*4882a593Smuzhiyun spin_unlock(&c->cs_lock);
453*4882a593Smuzhiyun return err;
454*4882a593Smuzhiyun }
455*4882a593Smuzhiyun
456*4882a593Smuzhiyun /**
457*4882a593Smuzhiyun * ubifs_gc_should_commit - determine if it is time for GC to run commit.
458*4882a593Smuzhiyun * @c: UBIFS file-system description object
459*4882a593Smuzhiyun *
460*4882a593Smuzhiyun * This function is called by garbage collection to determine if commit should
461*4882a593Smuzhiyun * be run. If commit state is @COMMIT_BACKGROUND, which means that the journal
462*4882a593Smuzhiyun * is full enough to start commit, this function returns true. It is not
463*4882a593Smuzhiyun * absolutely necessary to commit yet, but it feels like this should be better
464*4882a593Smuzhiyun * then to keep doing GC. This function returns %1 if GC has to initiate commit
465*4882a593Smuzhiyun * and %0 if not.
466*4882a593Smuzhiyun */
ubifs_gc_should_commit(struct ubifs_info * c)467*4882a593Smuzhiyun int ubifs_gc_should_commit(struct ubifs_info *c)
468*4882a593Smuzhiyun {
469*4882a593Smuzhiyun int ret = 0;
470*4882a593Smuzhiyun
471*4882a593Smuzhiyun spin_lock(&c->cs_lock);
472*4882a593Smuzhiyun if (c->cmt_state == COMMIT_BACKGROUND) {
473*4882a593Smuzhiyun dbg_cmt("commit required now");
474*4882a593Smuzhiyun c->cmt_state = COMMIT_REQUIRED;
475*4882a593Smuzhiyun } else
476*4882a593Smuzhiyun dbg_cmt("commit not requested");
477*4882a593Smuzhiyun if (c->cmt_state == COMMIT_REQUIRED)
478*4882a593Smuzhiyun ret = 1;
479*4882a593Smuzhiyun spin_unlock(&c->cs_lock);
480*4882a593Smuzhiyun return ret;
481*4882a593Smuzhiyun }
482*4882a593Smuzhiyun
483*4882a593Smuzhiyun /*
484*4882a593Smuzhiyun * Everything below is related to debugging.
485*4882a593Smuzhiyun */
486*4882a593Smuzhiyun
487*4882a593Smuzhiyun /**
488*4882a593Smuzhiyun * struct idx_node - hold index nodes during index tree traversal.
489*4882a593Smuzhiyun * @list: list
490*4882a593Smuzhiyun * @iip: index in parent (slot number of this indexing node in the parent
491*4882a593Smuzhiyun * indexing node)
492*4882a593Smuzhiyun * @upper_key: all keys in this indexing node have to be less or equivalent to
493*4882a593Smuzhiyun * this key
494*4882a593Smuzhiyun * @idx: index node (8-byte aligned because all node structures must be 8-byte
495*4882a593Smuzhiyun * aligned)
496*4882a593Smuzhiyun */
497*4882a593Smuzhiyun struct idx_node {
498*4882a593Smuzhiyun struct list_head list;
499*4882a593Smuzhiyun int iip;
500*4882a593Smuzhiyun union ubifs_key upper_key;
501*4882a593Smuzhiyun struct ubifs_idx_node idx __aligned(8);
502*4882a593Smuzhiyun };
503*4882a593Smuzhiyun
504*4882a593Smuzhiyun /**
505*4882a593Smuzhiyun * dbg_old_index_check_init - get information for the next old index check.
506*4882a593Smuzhiyun * @c: UBIFS file-system description object
507*4882a593Smuzhiyun * @zroot: root of the index
508*4882a593Smuzhiyun *
509*4882a593Smuzhiyun * This function records information about the index that will be needed for the
510*4882a593Smuzhiyun * next old index check i.e. 'dbg_check_old_index()'.
511*4882a593Smuzhiyun *
512*4882a593Smuzhiyun * This function returns %0 on success and a negative error code on failure.
513*4882a593Smuzhiyun */
dbg_old_index_check_init(struct ubifs_info * c,struct ubifs_zbranch * zroot)514*4882a593Smuzhiyun int dbg_old_index_check_init(struct ubifs_info *c, struct ubifs_zbranch *zroot)
515*4882a593Smuzhiyun {
516*4882a593Smuzhiyun struct ubifs_idx_node *idx;
517*4882a593Smuzhiyun int lnum, offs, len, err = 0;
518*4882a593Smuzhiyun struct ubifs_debug_info *d = c->dbg;
519*4882a593Smuzhiyun
520*4882a593Smuzhiyun d->old_zroot = *zroot;
521*4882a593Smuzhiyun lnum = d->old_zroot.lnum;
522*4882a593Smuzhiyun offs = d->old_zroot.offs;
523*4882a593Smuzhiyun len = d->old_zroot.len;
524*4882a593Smuzhiyun
525*4882a593Smuzhiyun idx = kmalloc(c->max_idx_node_sz, GFP_NOFS);
526*4882a593Smuzhiyun if (!idx)
527*4882a593Smuzhiyun return -ENOMEM;
528*4882a593Smuzhiyun
529*4882a593Smuzhiyun err = ubifs_read_node(c, idx, UBIFS_IDX_NODE, len, lnum, offs);
530*4882a593Smuzhiyun if (err)
531*4882a593Smuzhiyun goto out;
532*4882a593Smuzhiyun
533*4882a593Smuzhiyun d->old_zroot_level = le16_to_cpu(idx->level);
534*4882a593Smuzhiyun d->old_zroot_sqnum = le64_to_cpu(idx->ch.sqnum);
535*4882a593Smuzhiyun out:
536*4882a593Smuzhiyun kfree(idx);
537*4882a593Smuzhiyun return err;
538*4882a593Smuzhiyun }
539*4882a593Smuzhiyun
540*4882a593Smuzhiyun /**
541*4882a593Smuzhiyun * dbg_check_old_index - check the old copy of the index.
542*4882a593Smuzhiyun * @c: UBIFS file-system description object
543*4882a593Smuzhiyun * @zroot: root of the new index
544*4882a593Smuzhiyun *
545*4882a593Smuzhiyun * In order to be able to recover from an unclean unmount, a complete copy of
546*4882a593Smuzhiyun * the index must exist on flash. This is the "old" index. The commit process
547*4882a593Smuzhiyun * must write the "new" index to flash without overwriting or destroying any
548*4882a593Smuzhiyun * part of the old index. This function is run at commit end in order to check
549*4882a593Smuzhiyun * that the old index does indeed exist completely intact.
550*4882a593Smuzhiyun *
551*4882a593Smuzhiyun * This function returns %0 on success and a negative error code on failure.
552*4882a593Smuzhiyun */
dbg_check_old_index(struct ubifs_info * c,struct ubifs_zbranch * zroot)553*4882a593Smuzhiyun int dbg_check_old_index(struct ubifs_info *c, struct ubifs_zbranch *zroot)
554*4882a593Smuzhiyun {
555*4882a593Smuzhiyun int lnum, offs, len, err = 0, last_level, child_cnt;
556*4882a593Smuzhiyun int first = 1, iip;
557*4882a593Smuzhiyun struct ubifs_debug_info *d = c->dbg;
558*4882a593Smuzhiyun union ubifs_key lower_key, upper_key, l_key, u_key;
559*4882a593Smuzhiyun unsigned long long last_sqnum;
560*4882a593Smuzhiyun struct ubifs_idx_node *idx;
561*4882a593Smuzhiyun struct list_head list;
562*4882a593Smuzhiyun struct idx_node *i;
563*4882a593Smuzhiyun size_t sz;
564*4882a593Smuzhiyun
565*4882a593Smuzhiyun if (!dbg_is_chk_index(c))
566*4882a593Smuzhiyun return 0;
567*4882a593Smuzhiyun
568*4882a593Smuzhiyun INIT_LIST_HEAD(&list);
569*4882a593Smuzhiyun
570*4882a593Smuzhiyun sz = sizeof(struct idx_node) + ubifs_idx_node_sz(c, c->fanout) -
571*4882a593Smuzhiyun UBIFS_IDX_NODE_SZ;
572*4882a593Smuzhiyun
573*4882a593Smuzhiyun /* Start at the old zroot */
574*4882a593Smuzhiyun lnum = d->old_zroot.lnum;
575*4882a593Smuzhiyun offs = d->old_zroot.offs;
576*4882a593Smuzhiyun len = d->old_zroot.len;
577*4882a593Smuzhiyun iip = 0;
578*4882a593Smuzhiyun
579*4882a593Smuzhiyun /*
580*4882a593Smuzhiyun * Traverse the index tree preorder depth-first i.e. do a node and then
581*4882a593Smuzhiyun * its subtrees from left to right.
582*4882a593Smuzhiyun */
583*4882a593Smuzhiyun while (1) {
584*4882a593Smuzhiyun struct ubifs_branch *br;
585*4882a593Smuzhiyun
586*4882a593Smuzhiyun /* Get the next index node */
587*4882a593Smuzhiyun i = kmalloc(sz, GFP_NOFS);
588*4882a593Smuzhiyun if (!i) {
589*4882a593Smuzhiyun err = -ENOMEM;
590*4882a593Smuzhiyun goto out_free;
591*4882a593Smuzhiyun }
592*4882a593Smuzhiyun i->iip = iip;
593*4882a593Smuzhiyun /* Keep the index nodes on our path in a linked list */
594*4882a593Smuzhiyun list_add_tail(&i->list, &list);
595*4882a593Smuzhiyun /* Read the index node */
596*4882a593Smuzhiyun idx = &i->idx;
597*4882a593Smuzhiyun err = ubifs_read_node(c, idx, UBIFS_IDX_NODE, len, lnum, offs);
598*4882a593Smuzhiyun if (err)
599*4882a593Smuzhiyun goto out_free;
600*4882a593Smuzhiyun /* Validate index node */
601*4882a593Smuzhiyun child_cnt = le16_to_cpu(idx->child_cnt);
602*4882a593Smuzhiyun if (child_cnt < 1 || child_cnt > c->fanout) {
603*4882a593Smuzhiyun err = 1;
604*4882a593Smuzhiyun goto out_dump;
605*4882a593Smuzhiyun }
606*4882a593Smuzhiyun if (first) {
607*4882a593Smuzhiyun first = 0;
608*4882a593Smuzhiyun /* Check root level and sqnum */
609*4882a593Smuzhiyun if (le16_to_cpu(idx->level) != d->old_zroot_level) {
610*4882a593Smuzhiyun err = 2;
611*4882a593Smuzhiyun goto out_dump;
612*4882a593Smuzhiyun }
613*4882a593Smuzhiyun if (le64_to_cpu(idx->ch.sqnum) != d->old_zroot_sqnum) {
614*4882a593Smuzhiyun err = 3;
615*4882a593Smuzhiyun goto out_dump;
616*4882a593Smuzhiyun }
617*4882a593Smuzhiyun /* Set last values as though root had a parent */
618*4882a593Smuzhiyun last_level = le16_to_cpu(idx->level) + 1;
619*4882a593Smuzhiyun last_sqnum = le64_to_cpu(idx->ch.sqnum) + 1;
620*4882a593Smuzhiyun key_read(c, ubifs_idx_key(c, idx), &lower_key);
621*4882a593Smuzhiyun highest_ino_key(c, &upper_key, INUM_WATERMARK);
622*4882a593Smuzhiyun }
623*4882a593Smuzhiyun key_copy(c, &upper_key, &i->upper_key);
624*4882a593Smuzhiyun if (le16_to_cpu(idx->level) != last_level - 1) {
625*4882a593Smuzhiyun err = 3;
626*4882a593Smuzhiyun goto out_dump;
627*4882a593Smuzhiyun }
628*4882a593Smuzhiyun /*
629*4882a593Smuzhiyun * The index is always written bottom up hence a child's sqnum
630*4882a593Smuzhiyun * is always less than the parents.
631*4882a593Smuzhiyun */
632*4882a593Smuzhiyun if (le64_to_cpu(idx->ch.sqnum) >= last_sqnum) {
633*4882a593Smuzhiyun err = 4;
634*4882a593Smuzhiyun goto out_dump;
635*4882a593Smuzhiyun }
636*4882a593Smuzhiyun /* Check key range */
637*4882a593Smuzhiyun key_read(c, ubifs_idx_key(c, idx), &l_key);
638*4882a593Smuzhiyun br = ubifs_idx_branch(c, idx, child_cnt - 1);
639*4882a593Smuzhiyun key_read(c, &br->key, &u_key);
640*4882a593Smuzhiyun if (keys_cmp(c, &lower_key, &l_key) > 0) {
641*4882a593Smuzhiyun err = 5;
642*4882a593Smuzhiyun goto out_dump;
643*4882a593Smuzhiyun }
644*4882a593Smuzhiyun if (keys_cmp(c, &upper_key, &u_key) < 0) {
645*4882a593Smuzhiyun err = 6;
646*4882a593Smuzhiyun goto out_dump;
647*4882a593Smuzhiyun }
648*4882a593Smuzhiyun if (keys_cmp(c, &upper_key, &u_key) == 0)
649*4882a593Smuzhiyun if (!is_hash_key(c, &u_key)) {
650*4882a593Smuzhiyun err = 7;
651*4882a593Smuzhiyun goto out_dump;
652*4882a593Smuzhiyun }
653*4882a593Smuzhiyun /* Go to next index node */
654*4882a593Smuzhiyun if (le16_to_cpu(idx->level) == 0) {
655*4882a593Smuzhiyun /* At the bottom, so go up until can go right */
656*4882a593Smuzhiyun while (1) {
657*4882a593Smuzhiyun /* Drop the bottom of the list */
658*4882a593Smuzhiyun list_del(&i->list);
659*4882a593Smuzhiyun kfree(i);
660*4882a593Smuzhiyun /* No more list means we are done */
661*4882a593Smuzhiyun if (list_empty(&list))
662*4882a593Smuzhiyun goto out;
663*4882a593Smuzhiyun /* Look at the new bottom */
664*4882a593Smuzhiyun i = list_entry(list.prev, struct idx_node,
665*4882a593Smuzhiyun list);
666*4882a593Smuzhiyun idx = &i->idx;
667*4882a593Smuzhiyun /* Can we go right */
668*4882a593Smuzhiyun if (iip + 1 < le16_to_cpu(idx->child_cnt)) {
669*4882a593Smuzhiyun iip = iip + 1;
670*4882a593Smuzhiyun break;
671*4882a593Smuzhiyun } else
672*4882a593Smuzhiyun /* Nope, so go up again */
673*4882a593Smuzhiyun iip = i->iip;
674*4882a593Smuzhiyun }
675*4882a593Smuzhiyun } else
676*4882a593Smuzhiyun /* Go down left */
677*4882a593Smuzhiyun iip = 0;
678*4882a593Smuzhiyun /*
679*4882a593Smuzhiyun * We have the parent in 'idx' and now we set up for reading the
680*4882a593Smuzhiyun * child pointed to by slot 'iip'.
681*4882a593Smuzhiyun */
682*4882a593Smuzhiyun last_level = le16_to_cpu(idx->level);
683*4882a593Smuzhiyun last_sqnum = le64_to_cpu(idx->ch.sqnum);
684*4882a593Smuzhiyun br = ubifs_idx_branch(c, idx, iip);
685*4882a593Smuzhiyun lnum = le32_to_cpu(br->lnum);
686*4882a593Smuzhiyun offs = le32_to_cpu(br->offs);
687*4882a593Smuzhiyun len = le32_to_cpu(br->len);
688*4882a593Smuzhiyun key_read(c, &br->key, &lower_key);
689*4882a593Smuzhiyun if (iip + 1 < le16_to_cpu(idx->child_cnt)) {
690*4882a593Smuzhiyun br = ubifs_idx_branch(c, idx, iip + 1);
691*4882a593Smuzhiyun key_read(c, &br->key, &upper_key);
692*4882a593Smuzhiyun } else
693*4882a593Smuzhiyun key_copy(c, &i->upper_key, &upper_key);
694*4882a593Smuzhiyun }
695*4882a593Smuzhiyun out:
696*4882a593Smuzhiyun err = dbg_old_index_check_init(c, zroot);
697*4882a593Smuzhiyun if (err)
698*4882a593Smuzhiyun goto out_free;
699*4882a593Smuzhiyun
700*4882a593Smuzhiyun return 0;
701*4882a593Smuzhiyun
702*4882a593Smuzhiyun out_dump:
703*4882a593Smuzhiyun ubifs_err(c, "dumping index node (iip=%d)", i->iip);
704*4882a593Smuzhiyun ubifs_dump_node(c, idx);
705*4882a593Smuzhiyun list_del(&i->list);
706*4882a593Smuzhiyun kfree(i);
707*4882a593Smuzhiyun if (!list_empty(&list)) {
708*4882a593Smuzhiyun i = list_entry(list.prev, struct idx_node, list);
709*4882a593Smuzhiyun ubifs_err(c, "dumping parent index node");
710*4882a593Smuzhiyun ubifs_dump_node(c, &i->idx);
711*4882a593Smuzhiyun }
712*4882a593Smuzhiyun out_free:
713*4882a593Smuzhiyun while (!list_empty(&list)) {
714*4882a593Smuzhiyun i = list_entry(list.next, struct idx_node, list);
715*4882a593Smuzhiyun list_del(&i->list);
716*4882a593Smuzhiyun kfree(i);
717*4882a593Smuzhiyun }
718*4882a593Smuzhiyun ubifs_err(c, "failed, error %d", err);
719*4882a593Smuzhiyun if (err > 0)
720*4882a593Smuzhiyun err = -EINVAL;
721*4882a593Smuzhiyun return err;
722*4882a593Smuzhiyun }
723