1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * This file is part of UBIFS.
4 *
5 * Copyright (C) 2006-2008 Nokia Corporation.
6 *
7 * Authors: Artem Bityutskiy (Битюцкий Артём)
8 * Adrian Hunter
9 */
10
11/*
12 * This file implements VFS file and inode operations for regular files, device
13 * nodes and symlinks as well as address space operations.
14 *
15 * UBIFS uses 2 page flags: @PG_private and @PG_checked. @PG_private is set if
16 * the page is dirty and is used for optimization purposes - dirty pages are
17 * not budgeted so the flag shows that 'ubifs_write_end()' should not release
18 * the budget for this page. The @PG_checked flag is set if full budgeting is
19 * required for the page e.g., when it corresponds to a file hole or it is
20 * beyond the file size. The budgeting is done in 'ubifs_write_begin()', because
21 * it is OK to fail in this function, and the budget is released in
22 * 'ubifs_write_end()'. So the @PG_private and @PG_checked flags carry
23 * information about how the page was budgeted, to make it possible to release
24 * the budget properly.
25 *
26 * A thing to keep in mind: inode @i_mutex is locked in most VFS operations we
27 * implement. However, this is not true for 'ubifs_writepage()', which may be
28 * called with @i_mutex unlocked. For example, when flusher thread is doing
29 * background write-back, it calls 'ubifs_writepage()' with unlocked @i_mutex.
30 * At "normal" work-paths the @i_mutex is locked in 'ubifs_writepage()', e.g.
31 * in the "sys_write -> alloc_pages -> direct reclaim path". So, in
32 * 'ubifs_writepage()' we are only guaranteed that the page is locked.
33 *
34 * Similarly, @i_mutex is not always locked in 'ubifs_read_folio()', e.g., the
35 * read-ahead path does not lock it ("sys_read -> generic_file_aio_read ->
36 * ondemand_readahead -> read_folio"). In case of readahead, @I_SYNC flag is not
37 * set as well. However, UBIFS disables readahead.
38 */
39
40#include "ubifs.h"
41#include <linux/mount.h>
42#include <linux/slab.h>
43#include <linux/migrate.h>
44
45static int read_block(struct inode *inode, void *addr, unsigned int block,
46 struct ubifs_data_node *dn)
47{
48 struct ubifs_info *c = inode->i_sb->s_fs_info;
49 int err, len, out_len;
50 union ubifs_key key;
51 unsigned int dlen;
52
53 data_key_init(c, key: &key, inum: inode->i_ino, block);
54 err = ubifs_tnc_lookup(c, key: &key, node: dn);
55 if (err) {
56 if (err == -ENOENT)
57 /* Not found, so it must be a hole */
58 memset(addr, 0, UBIFS_BLOCK_SIZE);
59 return err;
60 }
61
62 ubifs_assert(c, le64_to_cpu(dn->ch.sqnum) >
63 ubifs_inode(inode)->creat_sqnum);
64 len = le32_to_cpu(dn->size);
65 if (len <= 0 || len > UBIFS_BLOCK_SIZE)
66 goto dump;
67
68 dlen = le32_to_cpu(dn->ch.len) - UBIFS_DATA_NODE_SZ;
69
70 if (IS_ENCRYPTED(inode)) {
71 err = ubifs_decrypt(inode, dn, out_len: &dlen, block);
72 if (err)
73 goto dump;
74 }
75
76 out_len = UBIFS_BLOCK_SIZE;
77 err = ubifs_decompress(c, buf: &dn->data, len: dlen, out: addr, out_len: &out_len,
78 le16_to_cpu(dn->compr_type));
79 if (err || len != out_len)
80 goto dump;
81
82 /*
83 * Data length can be less than a full block, even for blocks that are
84 * not the last in the file (e.g., as a result of making a hole and
85 * appending data). Ensure that the remainder is zeroed out.
86 */
87 if (len < UBIFS_BLOCK_SIZE)
88 memset(addr + len, 0, UBIFS_BLOCK_SIZE - len);
89
90 return 0;
91
92dump:
93 ubifs_err(c, fmt: "bad data node (block %u, inode %lu)",
94 block, inode->i_ino);
95 ubifs_dump_node(c, node: dn, UBIFS_MAX_DATA_NODE_SZ);
96 return -EINVAL;
97}
98
99static int do_readpage(struct page *page)
100{
101 void *addr;
102 int err = 0, i;
103 unsigned int block, beyond;
104 struct ubifs_data_node *dn;
105 struct inode *inode = page->mapping->host;
106 struct ubifs_info *c = inode->i_sb->s_fs_info;
107 loff_t i_size = i_size_read(inode);
108
109 dbg_gen("ino %lu, pg %lu, i_size %lld, flags %#lx",
110 inode->i_ino, page->index, i_size, page->flags);
111 ubifs_assert(c, !PageChecked(page));
112 ubifs_assert(c, !PagePrivate(page));
113
114 addr = kmap(page);
115
116 block = page->index << UBIFS_BLOCKS_PER_PAGE_SHIFT;
117 beyond = (i_size + UBIFS_BLOCK_SIZE - 1) >> UBIFS_BLOCK_SHIFT;
118 if (block >= beyond) {
119 /* Reading beyond inode */
120 SetPageChecked(page);
121 memset(addr, 0, PAGE_SIZE);
122 goto out;
123 }
124
125 dn = kmalloc(UBIFS_MAX_DATA_NODE_SZ, GFP_NOFS);
126 if (!dn) {
127 err = -ENOMEM;
128 goto error;
129 }
130
131 i = 0;
132 while (1) {
133 int ret;
134
135 if (block >= beyond) {
136 /* Reading beyond inode */
137 err = -ENOENT;
138 memset(addr, 0, UBIFS_BLOCK_SIZE);
139 } else {
140 ret = read_block(inode, addr, block, dn);
141 if (ret) {
142 err = ret;
143 if (err != -ENOENT)
144 break;
145 } else if (block + 1 == beyond) {
146 int dlen = le32_to_cpu(dn->size);
147 int ilen = i_size & (UBIFS_BLOCK_SIZE - 1);
148
149 if (ilen && ilen < dlen)
150 memset(addr + ilen, 0, dlen - ilen);
151 }
152 }
153 if (++i >= UBIFS_BLOCKS_PER_PAGE)
154 break;
155 block += 1;
156 addr += UBIFS_BLOCK_SIZE;
157 }
158 if (err) {
159 struct ubifs_info *c = inode->i_sb->s_fs_info;
160 if (err == -ENOENT) {
161 /* Not found, so it must be a hole */
162 SetPageChecked(page);
163 dbg_gen("hole");
164 goto out_free;
165 }
166 ubifs_err(c, fmt: "cannot read page %lu of inode %lu, error %d",
167 page->index, inode->i_ino, err);
168 goto error;
169 }
170
171out_free:
172 kfree(objp: dn);
173out:
174 SetPageUptodate(page);
175 ClearPageError(page);
176 flush_dcache_page(page);
177 kunmap(page);
178 return 0;
179
180error:
181 kfree(objp: dn);
182 ClearPageUptodate(page);
183 SetPageError(page);
184 flush_dcache_page(page);
185 kunmap(page);
186 return err;
187}
188
189/**
190 * release_new_page_budget - release budget of a new page.
191 * @c: UBIFS file-system description object
192 *
193 * This is a helper function which releases budget corresponding to the budget
194 * of one new page of data.
195 */
196static void release_new_page_budget(struct ubifs_info *c)
197{
198 struct ubifs_budget_req req = { .recalculate = 1, .new_page = 1 };
199
200 ubifs_release_budget(c, req: &req);
201}
202
203/**
204 * release_existing_page_budget - release budget of an existing page.
205 * @c: UBIFS file-system description object
206 *
207 * This is a helper function which releases budget corresponding to the budget
208 * of changing one page of data which already exists on the flash media.
209 */
210static void release_existing_page_budget(struct ubifs_info *c)
211{
212 struct ubifs_budget_req req = { .dd_growth = c->bi.page_budget};
213
214 ubifs_release_budget(c, req: &req);
215}
216
217static int write_begin_slow(struct address_space *mapping,
218 loff_t pos, unsigned len, struct page **pagep)
219{
220 struct inode *inode = mapping->host;
221 struct ubifs_info *c = inode->i_sb->s_fs_info;
222 pgoff_t index = pos >> PAGE_SHIFT;
223 struct ubifs_budget_req req = { .new_page = 1 };
224 int err, appending = !!(pos + len > inode->i_size);
225 struct page *page;
226
227 dbg_gen("ino %lu, pos %llu, len %u, i_size %lld",
228 inode->i_ino, pos, len, inode->i_size);
229
230 /*
231 * At the slow path we have to budget before locking the page, because
232 * budgeting may force write-back, which would wait on locked pages and
233 * deadlock if we had the page locked. At this point we do not know
234 * anything about the page, so assume that this is a new page which is
235 * written to a hole. This corresponds to largest budget. Later the
236 * budget will be amended if this is not true.
237 */
238 if (appending)
239 /* We are appending data, budget for inode change */
240 req.dirtied_ino = 1;
241
242 err = ubifs_budget_space(c, req: &req);
243 if (unlikely(err))
244 return err;
245
246 page = grab_cache_page_write_begin(mapping, index);
247 if (unlikely(!page)) {
248 ubifs_release_budget(c, req: &req);
249 return -ENOMEM;
250 }
251
252 if (!PageUptodate(page)) {
253 if (!(pos & ~PAGE_MASK) && len == PAGE_SIZE)
254 SetPageChecked(page);
255 else {
256 err = do_readpage(page);
257 if (err) {
258 unlock_page(page);
259 put_page(page);
260 ubifs_release_budget(c, req: &req);
261 return err;
262 }
263 }
264
265 SetPageUptodate(page);
266 ClearPageError(page);
267 }
268
269 if (PagePrivate(page))
270 /*
271 * The page is dirty, which means it was budgeted twice:
272 * o first time the budget was allocated by the task which
273 * made the page dirty and set the PG_private flag;
274 * o and then we budgeted for it for the second time at the
275 * very beginning of this function.
276 *
277 * So what we have to do is to release the page budget we
278 * allocated.
279 */
280 release_new_page_budget(c);
281 else if (!PageChecked(page))
282 /*
283 * We are changing a page which already exists on the media.
284 * This means that changing the page does not make the amount
285 * of indexing information larger, and this part of the budget
286 * which we have already acquired may be released.
287 */
288 ubifs_convert_page_budget(c);
289
290 if (appending) {
291 struct ubifs_inode *ui = ubifs_inode(inode);
292
293 /*
294 * 'ubifs_write_end()' is optimized from the fast-path part of
295 * 'ubifs_write_begin()' and expects the @ui_mutex to be locked
296 * if data is appended.
297 */
298 mutex_lock(&ui->ui_mutex);
299 if (ui->dirty)
300 /*
301 * The inode is dirty already, so we may free the
302 * budget we allocated.
303 */
304 ubifs_release_dirty_inode_budget(c, ui);
305 }
306
307 *pagep = page;
308 return 0;
309}
310
311/**
312 * allocate_budget - allocate budget for 'ubifs_write_begin()'.
313 * @c: UBIFS file-system description object
314 * @page: page to allocate budget for
315 * @ui: UBIFS inode object the page belongs to
316 * @appending: non-zero if the page is appended
317 *
318 * This is a helper function for 'ubifs_write_begin()' which allocates budget
319 * for the operation. The budget is allocated differently depending on whether
320 * this is appending, whether the page is dirty or not, and so on. This
321 * function leaves the @ui->ui_mutex locked in case of appending. Returns zero
322 * in case of success and %-ENOSPC in case of failure.
323 */
324static int allocate_budget(struct ubifs_info *c, struct page *page,
325 struct ubifs_inode *ui, int appending)
326{
327 struct ubifs_budget_req req = { .fast = 1 };
328
329 if (PagePrivate(page)) {
330 if (!appending)
331 /*
332 * The page is dirty and we are not appending, which
333 * means no budget is needed at all.
334 */
335 return 0;
336
337 mutex_lock(&ui->ui_mutex);
338 if (ui->dirty)
339 /*
340 * The page is dirty and we are appending, so the inode
341 * has to be marked as dirty. However, it is already
342 * dirty, so we do not need any budget. We may return,
343 * but @ui->ui_mutex hast to be left locked because we
344 * should prevent write-back from flushing the inode
345 * and freeing the budget. The lock will be released in
346 * 'ubifs_write_end()'.
347 */
348 return 0;
349
350 /*
351 * The page is dirty, we are appending, the inode is clean, so
352 * we need to budget the inode change.
353 */
354 req.dirtied_ino = 1;
355 } else {
356 if (PageChecked(page))
357 /*
358 * The page corresponds to a hole and does not
359 * exist on the media. So changing it makes
360 * make the amount of indexing information
361 * larger, and we have to budget for a new
362 * page.
363 */
364 req.new_page = 1;
365 else
366 /*
367 * Not a hole, the change will not add any new
368 * indexing information, budget for page
369 * change.
370 */
371 req.dirtied_page = 1;
372
373 if (appending) {
374 mutex_lock(&ui->ui_mutex);
375 if (!ui->dirty)
376 /*
377 * The inode is clean but we will have to mark
378 * it as dirty because we are appending. This
379 * needs a budget.
380 */
381 req.dirtied_ino = 1;
382 }
383 }
384
385 return ubifs_budget_space(c, req: &req);
386}
387
388/*
389 * This function is called when a page of data is going to be written. Since
390 * the page of data will not necessarily go to the flash straight away, UBIFS
391 * has to reserve space on the media for it, which is done by means of
392 * budgeting.
393 *
394 * This is the hot-path of the file-system and we are trying to optimize it as
395 * much as possible. For this reasons it is split on 2 parts - slow and fast.
396 *
397 * There many budgeting cases:
398 * o a new page is appended - we have to budget for a new page and for
399 * changing the inode; however, if the inode is already dirty, there is
400 * no need to budget for it;
401 * o an existing clean page is changed - we have budget for it; if the page
402 * does not exist on the media (a hole), we have to budget for a new
403 * page; otherwise, we may budget for changing an existing page; the
404 * difference between these cases is that changing an existing page does
405 * not introduce anything new to the FS indexing information, so it does
406 * not grow, and smaller budget is acquired in this case;
407 * o an existing dirty page is changed - no need to budget at all, because
408 * the page budget has been acquired by earlier, when the page has been
409 * marked dirty.
410 *
411 * UBIFS budgeting sub-system may force write-back if it thinks there is no
412 * space to reserve. This imposes some locking restrictions and makes it
413 * impossible to take into account the above cases, and makes it impossible to
414 * optimize budgeting.
415 *
416 * The solution for this is that the fast path of 'ubifs_write_begin()' assumes
417 * there is a plenty of flash space and the budget will be acquired quickly,
418 * without forcing write-back. The slow path does not make this assumption.
419 */
420static int ubifs_write_begin(struct file *file, struct address_space *mapping,
421 loff_t pos, unsigned len,
422 struct page **pagep, void **fsdata)
423{
424 struct inode *inode = mapping->host;
425 struct ubifs_info *c = inode->i_sb->s_fs_info;
426 struct ubifs_inode *ui = ubifs_inode(inode);
427 pgoff_t index = pos >> PAGE_SHIFT;
428 int err, appending = !!(pos + len > inode->i_size);
429 int skipped_read = 0;
430 struct page *page;
431
432 ubifs_assert(c, ubifs_inode(inode)->ui_size == inode->i_size);
433 ubifs_assert(c, !c->ro_media && !c->ro_mount);
434
435 if (unlikely(c->ro_error))
436 return -EROFS;
437
438 /* Try out the fast-path part first */
439 page = grab_cache_page_write_begin(mapping, index);
440 if (unlikely(!page))
441 return -ENOMEM;
442
443 if (!PageUptodate(page)) {
444 /* The page is not loaded from the flash */
445 if (!(pos & ~PAGE_MASK) && len == PAGE_SIZE) {
446 /*
447 * We change whole page so no need to load it. But we
448 * do not know whether this page exists on the media or
449 * not, so we assume the latter because it requires
450 * larger budget. The assumption is that it is better
451 * to budget a bit more than to read the page from the
452 * media. Thus, we are setting the @PG_checked flag
453 * here.
454 */
455 SetPageChecked(page);
456 skipped_read = 1;
457 } else {
458 err = do_readpage(page);
459 if (err) {
460 unlock_page(page);
461 put_page(page);
462 return err;
463 }
464 }
465
466 SetPageUptodate(page);
467 ClearPageError(page);
468 }
469
470 err = allocate_budget(c, page, ui, appending);
471 if (unlikely(err)) {
472 ubifs_assert(c, err == -ENOSPC);
473 /*
474 * If we skipped reading the page because we were going to
475 * write all of it, then it is not up to date.
476 */
477 if (skipped_read) {
478 ClearPageChecked(page);
479 ClearPageUptodate(page);
480 }
481 /*
482 * Budgeting failed which means it would have to force
483 * write-back but didn't, because we set the @fast flag in the
484 * request. Write-back cannot be done now, while we have the
485 * page locked, because it would deadlock. Unlock and free
486 * everything and fall-back to slow-path.
487 */
488 if (appending) {
489 ubifs_assert(c, mutex_is_locked(&ui->ui_mutex));
490 mutex_unlock(lock: &ui->ui_mutex);
491 }
492 unlock_page(page);
493 put_page(page);
494
495 return write_begin_slow(mapping, pos, len, pagep);
496 }
497
498 /*
499 * Whee, we acquired budgeting quickly - without involving
500 * garbage-collection, committing or forcing write-back. We return
501 * with @ui->ui_mutex locked if we are appending pages, and unlocked
502 * otherwise. This is an optimization (slightly hacky though).
503 */
504 *pagep = page;
505 return 0;
506
507}
508
509/**
510 * cancel_budget - cancel budget.
511 * @c: UBIFS file-system description object
512 * @page: page to cancel budget for
513 * @ui: UBIFS inode object the page belongs to
514 * @appending: non-zero if the page is appended
515 *
516 * This is a helper function for a page write operation. It unlocks the
517 * @ui->ui_mutex in case of appending.
518 */
519static void cancel_budget(struct ubifs_info *c, struct page *page,
520 struct ubifs_inode *ui, int appending)
521{
522 if (appending) {
523 if (!ui->dirty)
524 ubifs_release_dirty_inode_budget(c, ui);
525 mutex_unlock(lock: &ui->ui_mutex);
526 }
527 if (!PagePrivate(page)) {
528 if (PageChecked(page))
529 release_new_page_budget(c);
530 else
531 release_existing_page_budget(c);
532 }
533}
534
535static int ubifs_write_end(struct file *file, struct address_space *mapping,
536 loff_t pos, unsigned len, unsigned copied,
537 struct page *page, void *fsdata)
538{
539 struct inode *inode = mapping->host;
540 struct ubifs_inode *ui = ubifs_inode(inode);
541 struct ubifs_info *c = inode->i_sb->s_fs_info;
542 loff_t end_pos = pos + len;
543 int appending = !!(end_pos > inode->i_size);
544
545 dbg_gen("ino %lu, pos %llu, pg %lu, len %u, copied %d, i_size %lld",
546 inode->i_ino, pos, page->index, len, copied, inode->i_size);
547
548 if (unlikely(copied < len && len == PAGE_SIZE)) {
549 /*
550 * VFS copied less data to the page that it intended and
551 * declared in its '->write_begin()' call via the @len
552 * argument. If the page was not up-to-date, and @len was
553 * @PAGE_SIZE, the 'ubifs_write_begin()' function did
554 * not load it from the media (for optimization reasons). This
555 * means that part of the page contains garbage. So read the
556 * page now.
557 */
558 dbg_gen("copied %d instead of %d, read page and repeat",
559 copied, len);
560 cancel_budget(c, page, ui, appending);
561 ClearPageChecked(page);
562
563 /*
564 * Return 0 to force VFS to repeat the whole operation, or the
565 * error code if 'do_readpage()' fails.
566 */
567 copied = do_readpage(page);
568 goto out;
569 }
570
571 if (!PagePrivate(page)) {
572 attach_page_private(page, data: (void *)1);
573 atomic_long_inc(v: &c->dirty_pg_cnt);
574 __set_page_dirty_nobuffers(page);
575 }
576
577 if (appending) {
578 i_size_write(inode, i_size: end_pos);
579 ui->ui_size = end_pos;
580 /*
581 * Note, we do not set @I_DIRTY_PAGES (which means that the
582 * inode has dirty pages), this has been done in
583 * '__set_page_dirty_nobuffers()'.
584 */
585 __mark_inode_dirty(inode, I_DIRTY_DATASYNC);
586 ubifs_assert(c, mutex_is_locked(&ui->ui_mutex));
587 mutex_unlock(lock: &ui->ui_mutex);
588 }
589
590out:
591 unlock_page(page);
592 put_page(page);
593 return copied;
594}
595
596/**
597 * populate_page - copy data nodes into a page for bulk-read.
598 * @c: UBIFS file-system description object
599 * @page: page
600 * @bu: bulk-read information
601 * @n: next zbranch slot
602 *
603 * This function returns %0 on success and a negative error code on failure.
604 */
605static int populate_page(struct ubifs_info *c, struct page *page,
606 struct bu_info *bu, int *n)
607{
608 int i = 0, nn = *n, offs = bu->zbranch[0].offs, hole = 0, read = 0;
609 struct inode *inode = page->mapping->host;
610 loff_t i_size = i_size_read(inode);
611 unsigned int page_block;
612 void *addr, *zaddr;
613 pgoff_t end_index;
614
615 dbg_gen("ino %lu, pg %lu, i_size %lld, flags %#lx",
616 inode->i_ino, page->index, i_size, page->flags);
617
618 addr = zaddr = kmap(page);
619
620 end_index = (i_size - 1) >> PAGE_SHIFT;
621 if (!i_size || page->index > end_index) {
622 hole = 1;
623 memset(addr, 0, PAGE_SIZE);
624 goto out_hole;
625 }
626
627 page_block = page->index << UBIFS_BLOCKS_PER_PAGE_SHIFT;
628 while (1) {
629 int err, len, out_len, dlen;
630
631 if (nn >= bu->cnt) {
632 hole = 1;
633 memset(addr, 0, UBIFS_BLOCK_SIZE);
634 } else if (key_block(c, key: &bu->zbranch[nn].key) == page_block) {
635 struct ubifs_data_node *dn;
636
637 dn = bu->buf + (bu->zbranch[nn].offs - offs);
638
639 ubifs_assert(c, le64_to_cpu(dn->ch.sqnum) >
640 ubifs_inode(inode)->creat_sqnum);
641
642 len = le32_to_cpu(dn->size);
643 if (len <= 0 || len > UBIFS_BLOCK_SIZE)
644 goto out_err;
645
646 dlen = le32_to_cpu(dn->ch.len) - UBIFS_DATA_NODE_SZ;
647 out_len = UBIFS_BLOCK_SIZE;
648
649 if (IS_ENCRYPTED(inode)) {
650 err = ubifs_decrypt(inode, dn, out_len: &dlen, block: page_block);
651 if (err)
652 goto out_err;
653 }
654
655 err = ubifs_decompress(c, buf: &dn->data, len: dlen, out: addr, out_len: &out_len,
656 le16_to_cpu(dn->compr_type));
657 if (err || len != out_len)
658 goto out_err;
659
660 if (len < UBIFS_BLOCK_SIZE)
661 memset(addr + len, 0, UBIFS_BLOCK_SIZE - len);
662
663 nn += 1;
664 read = (i << UBIFS_BLOCK_SHIFT) + len;
665 } else if (key_block(c, key: &bu->zbranch[nn].key) < page_block) {
666 nn += 1;
667 continue;
668 } else {
669 hole = 1;
670 memset(addr, 0, UBIFS_BLOCK_SIZE);
671 }
672 if (++i >= UBIFS_BLOCKS_PER_PAGE)
673 break;
674 addr += UBIFS_BLOCK_SIZE;
675 page_block += 1;
676 }
677
678 if (end_index == page->index) {
679 int len = i_size & (PAGE_SIZE - 1);
680
681 if (len && len < read)
682 memset(zaddr + len, 0, read - len);
683 }
684
685out_hole:
686 if (hole) {
687 SetPageChecked(page);
688 dbg_gen("hole");
689 }
690
691 SetPageUptodate(page);
692 ClearPageError(page);
693 flush_dcache_page(page);
694 kunmap(page);
695 *n = nn;
696 return 0;
697
698out_err:
699 ClearPageUptodate(page);
700 SetPageError(page);
701 flush_dcache_page(page);
702 kunmap(page);
703 ubifs_err(c, fmt: "bad data node (block %u, inode %lu)",
704 page_block, inode->i_ino);
705 return -EINVAL;
706}
707
708/**
709 * ubifs_do_bulk_read - do bulk-read.
710 * @c: UBIFS file-system description object
711 * @bu: bulk-read information
712 * @page1: first page to read
713 *
714 * This function returns %1 if the bulk-read is done, otherwise %0 is returned.
715 */
716static int ubifs_do_bulk_read(struct ubifs_info *c, struct bu_info *bu,
717 struct page *page1)
718{
719 pgoff_t offset = page1->index, end_index;
720 struct address_space *mapping = page1->mapping;
721 struct inode *inode = mapping->host;
722 struct ubifs_inode *ui = ubifs_inode(inode);
723 int err, page_idx, page_cnt, ret = 0, n = 0;
724 int allocate = bu->buf ? 0 : 1;
725 loff_t isize;
726 gfp_t ra_gfp_mask = readahead_gfp_mask(x: mapping) & ~__GFP_FS;
727
728 err = ubifs_tnc_get_bu_keys(c, bu);
729 if (err)
730 goto out_warn;
731
732 if (bu->eof) {
733 /* Turn off bulk-read at the end of the file */
734 ui->read_in_a_row = 1;
735 ui->bulk_read = 0;
736 }
737
738 page_cnt = bu->blk_cnt >> UBIFS_BLOCKS_PER_PAGE_SHIFT;
739 if (!page_cnt) {
740 /*
741 * This happens when there are multiple blocks per page and the
742 * blocks for the first page we are looking for, are not
743 * together. If all the pages were like this, bulk-read would
744 * reduce performance, so we turn it off for a while.
745 */
746 goto out_bu_off;
747 }
748
749 if (bu->cnt) {
750 if (allocate) {
751 /*
752 * Allocate bulk-read buffer depending on how many data
753 * nodes we are going to read.
754 */
755 bu->buf_len = bu->zbranch[bu->cnt - 1].offs +
756 bu->zbranch[bu->cnt - 1].len -
757 bu->zbranch[0].offs;
758 ubifs_assert(c, bu->buf_len > 0);
759 ubifs_assert(c, bu->buf_len <= c->leb_size);
760 bu->buf = kmalloc(size: bu->buf_len, GFP_NOFS | __GFP_NOWARN);
761 if (!bu->buf)
762 goto out_bu_off;
763 }
764
765 err = ubifs_tnc_bulk_read(c, bu);
766 if (err)
767 goto out_warn;
768 }
769
770 err = populate_page(c, page: page1, bu, n: &n);
771 if (err)
772 goto out_warn;
773
774 unlock_page(page: page1);
775 ret = 1;
776
777 isize = i_size_read(inode);
778 if (isize == 0)
779 goto out_free;
780 end_index = ((isize - 1) >> PAGE_SHIFT);
781
782 for (page_idx = 1; page_idx < page_cnt; page_idx++) {
783 pgoff_t page_offset = offset + page_idx;
784 struct page *page;
785
786 if (page_offset > end_index)
787 break;
788 page = pagecache_get_page(mapping, index: page_offset,
789 FGP_LOCK|FGP_ACCESSED|FGP_CREAT|FGP_NOWAIT,
790 gfp: ra_gfp_mask);
791 if (!page)
792 break;
793 if (!PageUptodate(page))
794 err = populate_page(c, page, bu, n: &n);
795 unlock_page(page);
796 put_page(page);
797 if (err)
798 break;
799 }
800
801 ui->last_page_read = offset + page_idx - 1;
802
803out_free:
804 if (allocate)
805 kfree(objp: bu->buf);
806 return ret;
807
808out_warn:
809 ubifs_warn(c, fmt: "ignoring error %d and skipping bulk-read", err);
810 goto out_free;
811
812out_bu_off:
813 ui->read_in_a_row = ui->bulk_read = 0;
814 goto out_free;
815}
816
817/**
818 * ubifs_bulk_read - determine whether to bulk-read and, if so, do it.
819 * @page: page from which to start bulk-read.
820 *
821 * Some flash media are capable of reading sequentially at faster rates. UBIFS
822 * bulk-read facility is designed to take advantage of that, by reading in one
823 * go consecutive data nodes that are also located consecutively in the same
824 * LEB. This function returns %1 if a bulk-read is done and %0 otherwise.
825 */
826static int ubifs_bulk_read(struct page *page)
827{
828 struct inode *inode = page->mapping->host;
829 struct ubifs_info *c = inode->i_sb->s_fs_info;
830 struct ubifs_inode *ui = ubifs_inode(inode);
831 pgoff_t index = page->index, last_page_read = ui->last_page_read;
832 struct bu_info *bu;
833 int err = 0, allocated = 0;
834
835 ui->last_page_read = index;
836 if (!c->bulk_read)
837 return 0;
838
839 /*
840 * Bulk-read is protected by @ui->ui_mutex, but it is an optimization,
841 * so don't bother if we cannot lock the mutex.
842 */
843 if (!mutex_trylock(lock: &ui->ui_mutex))
844 return 0;
845
846 if (index != last_page_read + 1) {
847 /* Turn off bulk-read if we stop reading sequentially */
848 ui->read_in_a_row = 1;
849 if (ui->bulk_read)
850 ui->bulk_read = 0;
851 goto out_unlock;
852 }
853
854 if (!ui->bulk_read) {
855 ui->read_in_a_row += 1;
856 if (ui->read_in_a_row < 3)
857 goto out_unlock;
858 /* Three reads in a row, so switch on bulk-read */
859 ui->bulk_read = 1;
860 }
861
862 /*
863 * If possible, try to use pre-allocated bulk-read information, which
864 * is protected by @c->bu_mutex.
865 */
866 if (mutex_trylock(lock: &c->bu_mutex))
867 bu = &c->bu;
868 else {
869 bu = kmalloc(size: sizeof(struct bu_info), GFP_NOFS | __GFP_NOWARN);
870 if (!bu)
871 goto out_unlock;
872
873 bu->buf = NULL;
874 allocated = 1;
875 }
876
877 bu->buf_len = c->max_bu_buf_len;
878 data_key_init(c, key: &bu->key, inum: inode->i_ino,
879 block: page->index << UBIFS_BLOCKS_PER_PAGE_SHIFT);
880 err = ubifs_do_bulk_read(c, bu, page1: page);
881
882 if (!allocated)
883 mutex_unlock(lock: &c->bu_mutex);
884 else
885 kfree(objp: bu);
886
887out_unlock:
888 mutex_unlock(lock: &ui->ui_mutex);
889 return err;
890}
891
892static int ubifs_read_folio(struct file *file, struct folio *folio)
893{
894 struct page *page = &folio->page;
895
896 if (ubifs_bulk_read(page))
897 return 0;
898 do_readpage(page);
899 folio_unlock(folio);
900 return 0;
901}
902
903static int do_writepage(struct page *page, int len)
904{
905 int err = 0, i, blen;
906 unsigned int block;
907 void *addr;
908 union ubifs_key key;
909 struct inode *inode = page->mapping->host;
910 struct ubifs_info *c = inode->i_sb->s_fs_info;
911
912#ifdef UBIFS_DEBUG
913 struct ubifs_inode *ui = ubifs_inode(inode);
914 spin_lock(&ui->ui_lock);
915 ubifs_assert(c, page->index <= ui->synced_i_size >> PAGE_SHIFT);
916 spin_unlock(&ui->ui_lock);
917#endif
918
919 /* Update radix tree tags */
920 set_page_writeback(page);
921
922 addr = kmap(page);
923 block = page->index << UBIFS_BLOCKS_PER_PAGE_SHIFT;
924 i = 0;
925 while (len) {
926 blen = min_t(int, len, UBIFS_BLOCK_SIZE);
927 data_key_init(c, key: &key, inum: inode->i_ino, block);
928 err = ubifs_jnl_write_data(c, inode, key: &key, buf: addr, len: blen);
929 if (err)
930 break;
931 if (++i >= UBIFS_BLOCKS_PER_PAGE)
932 break;
933 block += 1;
934 addr += blen;
935 len -= blen;
936 }
937 if (err) {
938 SetPageError(page);
939 ubifs_err(c, fmt: "cannot write page %lu of inode %lu, error %d",
940 page->index, inode->i_ino, err);
941 ubifs_ro_mode(c, err);
942 }
943
944 ubifs_assert(c, PagePrivate(page));
945 if (PageChecked(page))
946 release_new_page_budget(c);
947 else
948 release_existing_page_budget(c);
949
950 atomic_long_dec(v: &c->dirty_pg_cnt);
951 detach_page_private(page);
952 ClearPageChecked(page);
953
954 kunmap(page);
955 unlock_page(page);
956 end_page_writeback(page);
957 return err;
958}
959
960/*
961 * When writing-back dirty inodes, VFS first writes-back pages belonging to the
962 * inode, then the inode itself. For UBIFS this may cause a problem. Consider a
963 * situation when a we have an inode with size 0, then a megabyte of data is
964 * appended to the inode, then write-back starts and flushes some amount of the
965 * dirty pages, the journal becomes full, commit happens and finishes, and then
966 * an unclean reboot happens. When the file system is mounted next time, the
967 * inode size would still be 0, but there would be many pages which are beyond
968 * the inode size, they would be indexed and consume flash space. Because the
969 * journal has been committed, the replay would not be able to detect this
970 * situation and correct the inode size. This means UBIFS would have to scan
971 * whole index and correct all inode sizes, which is long an unacceptable.
972 *
973 * To prevent situations like this, UBIFS writes pages back only if they are
974 * within the last synchronized inode size, i.e. the size which has been
975 * written to the flash media last time. Otherwise, UBIFS forces inode
976 * write-back, thus making sure the on-flash inode contains current inode size,
977 * and then keeps writing pages back.
978 *
979 * Some locking issues explanation. 'ubifs_writepage()' first is called with
980 * the page locked, and it locks @ui_mutex. However, write-back does take inode
981 * @i_mutex, which means other VFS operations may be run on this inode at the
982 * same time. And the problematic one is truncation to smaller size, from where
983 * we have to call 'truncate_setsize()', which first changes @inode->i_size,
984 * then drops the truncated pages. And while dropping the pages, it takes the
985 * page lock. This means that 'do_truncation()' cannot call 'truncate_setsize()'
986 * with @ui_mutex locked, because it would deadlock with 'ubifs_writepage()'.
987 * This means that @inode->i_size is changed while @ui_mutex is unlocked.
988 *
989 * XXX(truncate): with the new truncate sequence this is not true anymore,
990 * and the calls to truncate_setsize can be move around freely. They should
991 * be moved to the very end of the truncate sequence.
992 *
993 * But in 'ubifs_writepage()' we have to guarantee that we do not write beyond
994 * inode size. How do we do this if @inode->i_size may became smaller while we
995 * are in the middle of 'ubifs_writepage()'? The UBIFS solution is the
996 * @ui->ui_isize "shadow" field which UBIFS uses instead of @inode->i_size
997 * internally and updates it under @ui_mutex.
998 *
999 * Q: why we do not worry that if we race with truncation, we may end up with a
1000 * situation when the inode is truncated while we are in the middle of
1001 * 'do_writepage()', so we do write beyond inode size?
1002 * A: If we are in the middle of 'do_writepage()', truncation would be locked
1003 * on the page lock and it would not write the truncated inode node to the
1004 * journal before we have finished.
1005 */
1006static int ubifs_writepage(struct page *page, struct writeback_control *wbc)
1007{
1008 struct inode *inode = page->mapping->host;
1009 struct ubifs_info *c = inode->i_sb->s_fs_info;
1010 struct ubifs_inode *ui = ubifs_inode(inode);
1011 loff_t i_size = i_size_read(inode), synced_i_size;
1012 pgoff_t end_index = i_size >> PAGE_SHIFT;
1013 int err, len = i_size & (PAGE_SIZE - 1);
1014 void *kaddr;
1015
1016 dbg_gen("ino %lu, pg %lu, pg flags %#lx",
1017 inode->i_ino, page->index, page->flags);
1018 ubifs_assert(c, PagePrivate(page));
1019
1020 /* Is the page fully outside @i_size? (truncate in progress) */
1021 if (page->index > end_index || (page->index == end_index && !len)) {
1022 err = 0;
1023 goto out_unlock;
1024 }
1025
1026 spin_lock(lock: &ui->ui_lock);
1027 synced_i_size = ui->synced_i_size;
1028 spin_unlock(lock: &ui->ui_lock);
1029
1030 /* Is the page fully inside @i_size? */
1031 if (page->index < end_index) {
1032 if (page->index >= synced_i_size >> PAGE_SHIFT) {
1033 err = inode->i_sb->s_op->write_inode(inode, NULL);
1034 if (err)
1035 goto out_redirty;
1036 /*
1037 * The inode has been written, but the write-buffer has
1038 * not been synchronized, so in case of an unclean
1039 * reboot we may end up with some pages beyond inode
1040 * size, but they would be in the journal (because
1041 * commit flushes write buffers) and recovery would deal
1042 * with this.
1043 */
1044 }
1045 return do_writepage(page, PAGE_SIZE);
1046 }
1047
1048 /*
1049 * The page straddles @i_size. It must be zeroed out on each and every
1050 * writepage invocation because it may be mmapped. "A file is mapped
1051 * in multiples of the page size. For a file that is not a multiple of
1052 * the page size, the remaining memory is zeroed when mapped, and
1053 * writes to that region are not written out to the file."
1054 */
1055 kaddr = kmap_atomic(page);
1056 memset(kaddr + len, 0, PAGE_SIZE - len);
1057 flush_dcache_page(page);
1058 kunmap_atomic(kaddr);
1059
1060 if (i_size > synced_i_size) {
1061 err = inode->i_sb->s_op->write_inode(inode, NULL);
1062 if (err)
1063 goto out_redirty;
1064 }
1065
1066 return do_writepage(page, len);
1067out_redirty:
1068 /*
1069 * redirty_page_for_writepage() won't call ubifs_dirty_inode() because
1070 * it passes I_DIRTY_PAGES flag while calling __mark_inode_dirty(), so
1071 * there is no need to do space budget for dirty inode.
1072 */
1073 redirty_page_for_writepage(wbc, page);
1074out_unlock:
1075 unlock_page(page);
1076 return err;
1077}
1078
1079/**
1080 * do_attr_changes - change inode attributes.
1081 * @inode: inode to change attributes for
1082 * @attr: describes attributes to change
1083 */
1084static void do_attr_changes(struct inode *inode, const struct iattr *attr)
1085{
1086 if (attr->ia_valid & ATTR_UID)
1087 inode->i_uid = attr->ia_uid;
1088 if (attr->ia_valid & ATTR_GID)
1089 inode->i_gid = attr->ia_gid;
1090 if (attr->ia_valid & ATTR_ATIME)
1091 inode_set_atime_to_ts(inode, ts: attr->ia_atime);
1092 if (attr->ia_valid & ATTR_MTIME)
1093 inode_set_mtime_to_ts(inode, ts: attr->ia_mtime);
1094 if (attr->ia_valid & ATTR_CTIME)
1095 inode_set_ctime_to_ts(inode, ts: attr->ia_ctime);
1096 if (attr->ia_valid & ATTR_MODE) {
1097 umode_t mode = attr->ia_mode;
1098
1099 if (!in_group_p(inode->i_gid) && !capable(CAP_FSETID))
1100 mode &= ~S_ISGID;
1101 inode->i_mode = mode;
1102 }
1103}
1104
1105/**
1106 * do_truncation - truncate an inode.
1107 * @c: UBIFS file-system description object
1108 * @inode: inode to truncate
1109 * @attr: inode attribute changes description
1110 *
1111 * This function implements VFS '->setattr()' call when the inode is truncated
1112 * to a smaller size. Returns zero in case of success and a negative error code
1113 * in case of failure.
1114 */
1115static int do_truncation(struct ubifs_info *c, struct inode *inode,
1116 const struct iattr *attr)
1117{
1118 int err;
1119 struct ubifs_budget_req req;
1120 loff_t old_size = inode->i_size, new_size = attr->ia_size;
1121 int offset = new_size & (UBIFS_BLOCK_SIZE - 1), budgeted = 1;
1122 struct ubifs_inode *ui = ubifs_inode(inode);
1123
1124 dbg_gen("ino %lu, size %lld -> %lld", inode->i_ino, old_size, new_size);
1125 memset(&req, 0, sizeof(struct ubifs_budget_req));
1126
1127 /*
1128 * If this is truncation to a smaller size, and we do not truncate on a
1129 * block boundary, budget for changing one data block, because the last
1130 * block will be re-written.
1131 */
1132 if (new_size & (UBIFS_BLOCK_SIZE - 1))
1133 req.dirtied_page = 1;
1134
1135 req.dirtied_ino = 1;
1136 /* A funny way to budget for truncation node */
1137 req.dirtied_ino_d = UBIFS_TRUN_NODE_SZ;
1138 err = ubifs_budget_space(c, req: &req);
1139 if (err) {
1140 /*
1141 * Treat truncations to zero as deletion and always allow them,
1142 * just like we do for '->unlink()'.
1143 */
1144 if (new_size || err != -ENOSPC)
1145 return err;
1146 budgeted = 0;
1147 }
1148
1149 truncate_setsize(inode, newsize: new_size);
1150
1151 if (offset) {
1152 pgoff_t index = new_size >> PAGE_SHIFT;
1153 struct page *page;
1154
1155 page = find_lock_page(mapping: inode->i_mapping, index);
1156 if (page) {
1157 if (PageDirty(page)) {
1158 /*
1159 * 'ubifs_jnl_truncate()' will try to truncate
1160 * the last data node, but it contains
1161 * out-of-date data because the page is dirty.
1162 * Write the page now, so that
1163 * 'ubifs_jnl_truncate()' will see an already
1164 * truncated (and up to date) data node.
1165 */
1166 ubifs_assert(c, PagePrivate(page));
1167
1168 clear_page_dirty_for_io(page);
1169 if (UBIFS_BLOCKS_PER_PAGE_SHIFT)
1170 offset = new_size &
1171 (PAGE_SIZE - 1);
1172 err = do_writepage(page, len: offset);
1173 put_page(page);
1174 if (err)
1175 goto out_budg;
1176 /*
1177 * We could now tell 'ubifs_jnl_truncate()' not
1178 * to read the last block.
1179 */
1180 } else {
1181 /*
1182 * We could 'kmap()' the page and pass the data
1183 * to 'ubifs_jnl_truncate()' to save it from
1184 * having to read it.
1185 */
1186 unlock_page(page);
1187 put_page(page);
1188 }
1189 }
1190 }
1191
1192 mutex_lock(&ui->ui_mutex);
1193 ui->ui_size = inode->i_size;
1194 /* Truncation changes inode [mc]time */
1195 inode_set_mtime_to_ts(inode, ts: inode_set_ctime_current(inode));
1196 /* Other attributes may be changed at the same time as well */
1197 do_attr_changes(inode, attr);
1198 err = ubifs_jnl_truncate(c, inode, old_size, new_size);
1199 mutex_unlock(lock: &ui->ui_mutex);
1200
1201out_budg:
1202 if (budgeted)
1203 ubifs_release_budget(c, req: &req);
1204 else {
1205 c->bi.nospace = c->bi.nospace_rp = 0;
1206 smp_wmb();
1207 }
1208 return err;
1209}
1210
1211/**
1212 * do_setattr - change inode attributes.
1213 * @c: UBIFS file-system description object
1214 * @inode: inode to change attributes for
1215 * @attr: inode attribute changes description
1216 *
1217 * This function implements VFS '->setattr()' call for all cases except
1218 * truncations to smaller size. Returns zero in case of success and a negative
1219 * error code in case of failure.
1220 */
1221static int do_setattr(struct ubifs_info *c, struct inode *inode,
1222 const struct iattr *attr)
1223{
1224 int err, release;
1225 loff_t new_size = attr->ia_size;
1226 struct ubifs_inode *ui = ubifs_inode(inode);
1227 struct ubifs_budget_req req = { .dirtied_ino = 1,
1228 .dirtied_ino_d = ALIGN(ui->data_len, 8) };
1229
1230 err = ubifs_budget_space(c, req: &req);
1231 if (err)
1232 return err;
1233
1234 if (attr->ia_valid & ATTR_SIZE) {
1235 dbg_gen("size %lld -> %lld", inode->i_size, new_size);
1236 truncate_setsize(inode, newsize: new_size);
1237 }
1238
1239 mutex_lock(&ui->ui_mutex);
1240 if (attr->ia_valid & ATTR_SIZE) {
1241 /* Truncation changes inode [mc]time */
1242 inode_set_mtime_to_ts(inode, ts: inode_set_ctime_current(inode));
1243 /* 'truncate_setsize()' changed @i_size, update @ui_size */
1244 ui->ui_size = inode->i_size;
1245 }
1246
1247 do_attr_changes(inode, attr);
1248
1249 release = ui->dirty;
1250 if (attr->ia_valid & ATTR_SIZE)
1251 /*
1252 * Inode length changed, so we have to make sure
1253 * @I_DIRTY_DATASYNC is set.
1254 */
1255 __mark_inode_dirty(inode, I_DIRTY_DATASYNC);
1256 else
1257 mark_inode_dirty_sync(inode);
1258 mutex_unlock(lock: &ui->ui_mutex);
1259
1260 if (release)
1261 ubifs_release_budget(c, req: &req);
1262 if (IS_SYNC(inode))
1263 err = inode->i_sb->s_op->write_inode(inode, NULL);
1264 return err;
1265}
1266
1267int ubifs_setattr(struct mnt_idmap *idmap, struct dentry *dentry,
1268 struct iattr *attr)
1269{
1270 int err;
1271 struct inode *inode = d_inode(dentry);
1272 struct ubifs_info *c = inode->i_sb->s_fs_info;
1273
1274 dbg_gen("ino %lu, mode %#x, ia_valid %#x",
1275 inode->i_ino, inode->i_mode, attr->ia_valid);
1276 err = setattr_prepare(&nop_mnt_idmap, dentry, attr);
1277 if (err)
1278 return err;
1279
1280 err = dbg_check_synced_i_size(c, inode);
1281 if (err)
1282 return err;
1283
1284 err = fscrypt_prepare_setattr(dentry, attr);
1285 if (err)
1286 return err;
1287
1288 if ((attr->ia_valid & ATTR_SIZE) && attr->ia_size < inode->i_size)
1289 /* Truncation to a smaller size */
1290 err = do_truncation(c, inode, attr);
1291 else
1292 err = do_setattr(c, inode, attr);
1293
1294 return err;
1295}
1296
1297static void ubifs_invalidate_folio(struct folio *folio, size_t offset,
1298 size_t length)
1299{
1300 struct inode *inode = folio->mapping->host;
1301 struct ubifs_info *c = inode->i_sb->s_fs_info;
1302
1303 ubifs_assert(c, folio_test_private(folio));
1304 if (offset || length < folio_size(folio))
1305 /* Partial folio remains dirty */
1306 return;
1307
1308 if (folio_test_checked(folio))
1309 release_new_page_budget(c);
1310 else
1311 release_existing_page_budget(c);
1312
1313 atomic_long_dec(v: &c->dirty_pg_cnt);
1314 folio_detach_private(folio);
1315 folio_clear_checked(folio);
1316}
1317
1318int ubifs_fsync(struct file *file, loff_t start, loff_t end, int datasync)
1319{
1320 struct inode *inode = file->f_mapping->host;
1321 struct ubifs_info *c = inode->i_sb->s_fs_info;
1322 int err;
1323
1324 dbg_gen("syncing inode %lu", inode->i_ino);
1325
1326 if (c->ro_mount)
1327 /*
1328 * For some really strange reasons VFS does not filter out
1329 * 'fsync()' for R/O mounted file-systems as per 2.6.39.
1330 */
1331 return 0;
1332
1333 err = file_write_and_wait_range(file, start, end);
1334 if (err)
1335 return err;
1336 inode_lock(inode);
1337
1338 /* Synchronize the inode unless this is a 'datasync()' call. */
1339 if (!datasync || (inode->i_state & I_DIRTY_DATASYNC)) {
1340 err = inode->i_sb->s_op->write_inode(inode, NULL);
1341 if (err)
1342 goto out;
1343 }
1344
1345 /*
1346 * Nodes related to this inode may still sit in a write-buffer. Flush
1347 * them.
1348 */
1349 err = ubifs_sync_wbufs_by_inode(c, inode);
1350out:
1351 inode_unlock(inode);
1352 return err;
1353}
1354
1355/**
1356 * mctime_update_needed - check if mtime or ctime update is needed.
1357 * @inode: the inode to do the check for
1358 * @now: current time
1359 *
1360 * This helper function checks if the inode mtime/ctime should be updated or
1361 * not. If current values of the time-stamps are within the UBIFS inode time
1362 * granularity, they are not updated. This is an optimization.
1363 */
1364static inline int mctime_update_needed(const struct inode *inode,
1365 const struct timespec64 *now)
1366{
1367 struct timespec64 ctime = inode_get_ctime(inode);
1368 struct timespec64 mtime = inode_get_mtime(inode);
1369
1370 if (!timespec64_equal(a: &mtime, b: now) || !timespec64_equal(a: &ctime, b: now))
1371 return 1;
1372 return 0;
1373}
1374
1375/**
1376 * ubifs_update_time - update time of inode.
1377 * @inode: inode to update
1378 * @time: timespec structure to hold the current time value
1379 * @flags: time updating control flag determines updating
1380 * which time fields of @inode
1381 *
1382 * This function updates time of the inode.
1383 */
1384int ubifs_update_time(struct inode *inode, int flags)
1385{
1386 struct ubifs_inode *ui = ubifs_inode(inode);
1387 struct ubifs_info *c = inode->i_sb->s_fs_info;
1388 struct ubifs_budget_req req = { .dirtied_ino = 1,
1389 .dirtied_ino_d = ALIGN(ui->data_len, 8) };
1390 int err, release;
1391
1392 if (!IS_ENABLED(CONFIG_UBIFS_ATIME_SUPPORT)) {
1393 generic_update_time(inode, flags);
1394 return 0;
1395 }
1396
1397 err = ubifs_budget_space(c, req: &req);
1398 if (err)
1399 return err;
1400
1401 mutex_lock(&ui->ui_mutex);
1402 inode_update_timestamps(inode, flags);
1403 release = ui->dirty;
1404 __mark_inode_dirty(inode, I_DIRTY_SYNC);
1405 mutex_unlock(lock: &ui->ui_mutex);
1406 if (release)
1407 ubifs_release_budget(c, req: &req);
1408 return 0;
1409}
1410
1411/**
1412 * update_mctime - update mtime and ctime of an inode.
1413 * @inode: inode to update
1414 *
1415 * This function updates mtime and ctime of the inode if it is not equivalent to
1416 * current time. Returns zero in case of success and a negative error code in
1417 * case of failure.
1418 */
1419static int update_mctime(struct inode *inode)
1420{
1421 struct timespec64 now = current_time(inode);
1422 struct ubifs_inode *ui = ubifs_inode(inode);
1423 struct ubifs_info *c = inode->i_sb->s_fs_info;
1424
1425 if (mctime_update_needed(inode, now: &now)) {
1426 int err, release;
1427 struct ubifs_budget_req req = { .dirtied_ino = 1,
1428 .dirtied_ino_d = ALIGN(ui->data_len, 8) };
1429
1430 err = ubifs_budget_space(c, req: &req);
1431 if (err)
1432 return err;
1433
1434 mutex_lock(&ui->ui_mutex);
1435 inode_set_mtime_to_ts(inode, ts: inode_set_ctime_current(inode));
1436 release = ui->dirty;
1437 mark_inode_dirty_sync(inode);
1438 mutex_unlock(lock: &ui->ui_mutex);
1439 if (release)
1440 ubifs_release_budget(c, req: &req);
1441 }
1442
1443 return 0;
1444}
1445
1446static ssize_t ubifs_write_iter(struct kiocb *iocb, struct iov_iter *from)
1447{
1448 int err = update_mctime(inode: file_inode(f: iocb->ki_filp));
1449 if (err)
1450 return err;
1451
1452 return generic_file_write_iter(iocb, from);
1453}
1454
1455static bool ubifs_dirty_folio(struct address_space *mapping,
1456 struct folio *folio)
1457{
1458 bool ret;
1459 struct ubifs_info *c = mapping->host->i_sb->s_fs_info;
1460
1461 ret = filemap_dirty_folio(mapping, folio);
1462 /*
1463 * An attempt to dirty a page without budgeting for it - should not
1464 * happen.
1465 */
1466 ubifs_assert(c, ret == false);
1467 return ret;
1468}
1469
1470static bool ubifs_release_folio(struct folio *folio, gfp_t unused_gfp_flags)
1471{
1472 struct inode *inode = folio->mapping->host;
1473 struct ubifs_info *c = inode->i_sb->s_fs_info;
1474
1475 if (folio_test_writeback(folio))
1476 return false;
1477
1478 /*
1479 * Page is private but not dirty, weird? There is one condition
1480 * making it happened. ubifs_writepage skipped the page because
1481 * page index beyonds isize (for example. truncated by other
1482 * process named A), then the page is invalidated by fadvise64
1483 * syscall before being truncated by process A.
1484 */
1485 ubifs_assert(c, folio_test_private(folio));
1486 if (folio_test_checked(folio))
1487 release_new_page_budget(c);
1488 else
1489 release_existing_page_budget(c);
1490
1491 atomic_long_dec(v: &c->dirty_pg_cnt);
1492 folio_detach_private(folio);
1493 folio_clear_checked(folio);
1494 return true;
1495}
1496
1497/*
1498 * mmap()d file has taken write protection fault and is being made writable.
1499 * UBIFS must ensure page is budgeted for.
1500 */
1501static vm_fault_t ubifs_vm_page_mkwrite(struct vm_fault *vmf)
1502{
1503 struct page *page = vmf->page;
1504 struct inode *inode = file_inode(f: vmf->vma->vm_file);
1505 struct ubifs_info *c = inode->i_sb->s_fs_info;
1506 struct timespec64 now = current_time(inode);
1507 struct ubifs_budget_req req = { .new_page = 1 };
1508 int err, update_time;
1509
1510 dbg_gen("ino %lu, pg %lu, i_size %lld", inode->i_ino, page->index,
1511 i_size_read(inode));
1512 ubifs_assert(c, !c->ro_media && !c->ro_mount);
1513
1514 if (unlikely(c->ro_error))
1515 return VM_FAULT_SIGBUS; /* -EROFS */
1516
1517 /*
1518 * We have not locked @page so far so we may budget for changing the
1519 * page. Note, we cannot do this after we locked the page, because
1520 * budgeting may cause write-back which would cause deadlock.
1521 *
1522 * At the moment we do not know whether the page is dirty or not, so we
1523 * assume that it is not and budget for a new page. We could look at
1524 * the @PG_private flag and figure this out, but we may race with write
1525 * back and the page state may change by the time we lock it, so this
1526 * would need additional care. We do not bother with this at the
1527 * moment, although it might be good idea to do. Instead, we allocate
1528 * budget for a new page and amend it later on if the page was in fact
1529 * dirty.
1530 *
1531 * The budgeting-related logic of this function is similar to what we
1532 * do in 'ubifs_write_begin()' and 'ubifs_write_end()'. Glance there
1533 * for more comments.
1534 */
1535 update_time = mctime_update_needed(inode, now: &now);
1536 if (update_time)
1537 /*
1538 * We have to change inode time stamp which requires extra
1539 * budgeting.
1540 */
1541 req.dirtied_ino = 1;
1542
1543 err = ubifs_budget_space(c, req: &req);
1544 if (unlikely(err)) {
1545 if (err == -ENOSPC)
1546 ubifs_warn(c, fmt: "out of space for mmapped file (inode number %lu)",
1547 inode->i_ino);
1548 return VM_FAULT_SIGBUS;
1549 }
1550
1551 lock_page(page);
1552 if (unlikely(page->mapping != inode->i_mapping ||
1553 page_offset(page) > i_size_read(inode))) {
1554 /* Page got truncated out from underneath us */
1555 goto sigbus;
1556 }
1557
1558 if (PagePrivate(page))
1559 release_new_page_budget(c);
1560 else {
1561 if (!PageChecked(page))
1562 ubifs_convert_page_budget(c);
1563 attach_page_private(page, data: (void *)1);
1564 atomic_long_inc(v: &c->dirty_pg_cnt);
1565 __set_page_dirty_nobuffers(page);
1566 }
1567
1568 if (update_time) {
1569 int release;
1570 struct ubifs_inode *ui = ubifs_inode(inode);
1571
1572 mutex_lock(&ui->ui_mutex);
1573 inode_set_mtime_to_ts(inode, ts: inode_set_ctime_current(inode));
1574 release = ui->dirty;
1575 mark_inode_dirty_sync(inode);
1576 mutex_unlock(lock: &ui->ui_mutex);
1577 if (release)
1578 ubifs_release_dirty_inode_budget(c, ui);
1579 }
1580
1581 wait_for_stable_page(page);
1582 return VM_FAULT_LOCKED;
1583
1584sigbus:
1585 unlock_page(page);
1586 ubifs_release_budget(c, req: &req);
1587 return VM_FAULT_SIGBUS;
1588}
1589
1590static const struct vm_operations_struct ubifs_file_vm_ops = {
1591 .fault = filemap_fault,
1592 .map_pages = filemap_map_pages,
1593 .page_mkwrite = ubifs_vm_page_mkwrite,
1594};
1595
1596static int ubifs_file_mmap(struct file *file, struct vm_area_struct *vma)
1597{
1598 int err;
1599
1600 err = generic_file_mmap(file, vma);
1601 if (err)
1602 return err;
1603 vma->vm_ops = &ubifs_file_vm_ops;
1604
1605 if (IS_ENABLED(CONFIG_UBIFS_ATIME_SUPPORT))
1606 file_accessed(file);
1607
1608 return 0;
1609}
1610
1611static const char *ubifs_get_link(struct dentry *dentry,
1612 struct inode *inode,
1613 struct delayed_call *done)
1614{
1615 struct ubifs_inode *ui = ubifs_inode(inode);
1616
1617 if (!IS_ENCRYPTED(inode))
1618 return ui->data;
1619
1620 if (!dentry)
1621 return ERR_PTR(error: -ECHILD);
1622
1623 return fscrypt_get_symlink(inode, caddr: ui->data, max_size: ui->data_len, done);
1624}
1625
1626static int ubifs_symlink_getattr(struct mnt_idmap *idmap,
1627 const struct path *path, struct kstat *stat,
1628 u32 request_mask, unsigned int query_flags)
1629{
1630 ubifs_getattr(idmap, path, stat, request_mask, flags: query_flags);
1631
1632 if (IS_ENCRYPTED(d_inode(path->dentry)))
1633 return fscrypt_symlink_getattr(path, stat);
1634 return 0;
1635}
1636
1637const struct address_space_operations ubifs_file_address_operations = {
1638 .read_folio = ubifs_read_folio,
1639 .writepage = ubifs_writepage,
1640 .write_begin = ubifs_write_begin,
1641 .write_end = ubifs_write_end,
1642 .invalidate_folio = ubifs_invalidate_folio,
1643 .dirty_folio = ubifs_dirty_folio,
1644 .migrate_folio = filemap_migrate_folio,
1645 .release_folio = ubifs_release_folio,
1646};
1647
1648const struct inode_operations ubifs_file_inode_operations = {
1649 .setattr = ubifs_setattr,
1650 .getattr = ubifs_getattr,
1651 .listxattr = ubifs_listxattr,
1652 .update_time = ubifs_update_time,
1653 .fileattr_get = ubifs_fileattr_get,
1654 .fileattr_set = ubifs_fileattr_set,
1655};
1656
1657const struct inode_operations ubifs_symlink_inode_operations = {
1658 .get_link = ubifs_get_link,
1659 .setattr = ubifs_setattr,
1660 .getattr = ubifs_symlink_getattr,
1661 .listxattr = ubifs_listxattr,
1662 .update_time = ubifs_update_time,
1663};
1664
1665const struct file_operations ubifs_file_operations = {
1666 .llseek = generic_file_llseek,
1667 .read_iter = generic_file_read_iter,
1668 .write_iter = ubifs_write_iter,
1669 .mmap = ubifs_file_mmap,
1670 .fsync = ubifs_fsync,
1671 .unlocked_ioctl = ubifs_ioctl,
1672 .splice_read = filemap_splice_read,
1673 .splice_write = iter_file_splice_write,
1674 .open = fscrypt_file_open,
1675#ifdef CONFIG_COMPAT
1676 .compat_ioctl = ubifs_compat_ioctl,
1677#endif
1678};
1679

source code of linux/fs/ubifs/file.c