1 #ifndef IOU_CORE_H
2 #define IOU_CORE_H
3
4 #include <linux/errno.h>
5 #include <linux/lockdep.h>
6 #include <linux/resume_user_mode.h>
7 #include <linux/kasan.h>
8 #include <linux/poll.h>
9 #include <linux/io_uring_types.h>
10 #include <uapi/linux/eventpoll.h>
11 #include "alloc_cache.h"
12 #include "io-wq.h"
13 #include "slist.h"
14 #include "filetable.h"
15 #include "opdef.h"
16
17 #ifndef CREATE_TRACE_POINTS
18 #include <trace/events/io_uring.h>
19 #endif
20
21 enum {
22 IOU_OK = 0,
23 IOU_ISSUE_SKIP_COMPLETE = -EIOCBQUEUED,
24
25 /*
26 * Requeue the task_work to restart operations on this request. The
27 * actual value isn't important, should just be not an otherwise
28 * valid error code, yet less than -MAX_ERRNO and valid internally.
29 */
30 IOU_REQUEUE = -3072,
31
32 /*
33 * Intended only when both IO_URING_F_MULTISHOT is passed
34 * to indicate to the poll runner that multishot should be
35 * removed and the result is set on req->cqe.res.
36 */
37 IOU_STOP_MULTISHOT = -ECANCELED,
38 };
39
40 struct io_wait_queue {
41 struct wait_queue_entry wq;
42 struct io_ring_ctx *ctx;
43 unsigned cq_tail;
44 unsigned cq_min_tail;
45 unsigned nr_timeouts;
46 int hit_timeout;
47 ktime_t min_timeout;
48 ktime_t timeout;
49 struct hrtimer t;
50
51 #ifdef CONFIG_NET_RX_BUSY_POLL
52 ktime_t napi_busy_poll_dt;
53 bool napi_prefer_busy_poll;
54 #endif
55 };
56
io_should_wake(struct io_wait_queue * iowq)57 static inline bool io_should_wake(struct io_wait_queue *iowq)
58 {
59 struct io_ring_ctx *ctx = iowq->ctx;
60 int dist = READ_ONCE(ctx->rings->cq.tail) - (int) iowq->cq_tail;
61
62 /*
63 * Wake up if we have enough events, or if a timeout occurred since we
64 * started waiting. For timeouts, we always want to return to userspace,
65 * regardless of event count.
66 */
67 return dist >= 0 || atomic_read(&ctx->cq_timeouts) != iowq->nr_timeouts;
68 }
69
70 #define IORING_MAX_ENTRIES 32768
71 #define IORING_MAX_CQ_ENTRIES (2 * IORING_MAX_ENTRIES)
72
73 unsigned long rings_size(unsigned int flags, unsigned int sq_entries,
74 unsigned int cq_entries, size_t *sq_offset);
75 int io_uring_fill_params(unsigned entries, struct io_uring_params *p);
76 bool io_cqe_cache_refill(struct io_ring_ctx *ctx, bool overflow);
77 int io_run_task_work_sig(struct io_ring_ctx *ctx);
78 void io_req_defer_failed(struct io_kiocb *req, s32 res);
79 bool io_post_aux_cqe(struct io_ring_ctx *ctx, u64 user_data, s32 res, u32 cflags);
80 void io_add_aux_cqe(struct io_ring_ctx *ctx, u64 user_data, s32 res, u32 cflags);
81 bool io_req_post_cqe(struct io_kiocb *req, s32 res, u32 cflags);
82 void __io_commit_cqring_flush(struct io_ring_ctx *ctx);
83
84 struct file *io_file_get_normal(struct io_kiocb *req, int fd);
85 struct file *io_file_get_fixed(struct io_kiocb *req, int fd,
86 unsigned issue_flags);
87
88 void __io_req_task_work_add(struct io_kiocb *req, unsigned flags);
89 void io_req_task_work_add_remote(struct io_kiocb *req, struct io_ring_ctx *ctx,
90 unsigned flags);
91 void io_req_task_queue(struct io_kiocb *req);
92 void io_req_task_complete(struct io_kiocb *req, io_tw_token_t tw);
93 void io_req_task_queue_fail(struct io_kiocb *req, int ret);
94 void io_req_task_submit(struct io_kiocb *req, io_tw_token_t tw);
95 struct llist_node *io_handle_tw_list(struct llist_node *node, unsigned int *count, unsigned int max_entries);
96 struct llist_node *tctx_task_work_run(struct io_uring_task *tctx, unsigned int max_entries, unsigned int *count);
97 void tctx_task_work(struct callback_head *cb);
98 __cold void io_uring_cancel_generic(bool cancel_all, struct io_sq_data *sqd);
99 int io_uring_alloc_task_context(struct task_struct *task,
100 struct io_ring_ctx *ctx);
101
102 int io_ring_add_registered_file(struct io_uring_task *tctx, struct file *file,
103 int start, int end);
104 void io_req_queue_iowq(struct io_kiocb *req);
105
106 int io_poll_issue(struct io_kiocb *req, io_tw_token_t tw);
107 int io_submit_sqes(struct io_ring_ctx *ctx, unsigned int nr);
108 int io_do_iopoll(struct io_ring_ctx *ctx, bool force_nonspin);
109 void __io_submit_flush_completions(struct io_ring_ctx *ctx);
110
111 struct io_wq_work *io_wq_free_work(struct io_wq_work *work);
112 void io_wq_submit_work(struct io_wq_work *work);
113
114 void io_free_req(struct io_kiocb *req);
115 void io_queue_next(struct io_kiocb *req);
116 void io_task_refs_refill(struct io_uring_task *tctx);
117 bool __io_alloc_req_refill(struct io_ring_ctx *ctx);
118
119 bool io_match_task_safe(struct io_kiocb *head, struct io_uring_task *tctx,
120 bool cancel_all);
121
122 void io_activate_pollwq(struct io_ring_ctx *ctx);
123
io_lockdep_assert_cq_locked(struct io_ring_ctx * ctx)124 static inline void io_lockdep_assert_cq_locked(struct io_ring_ctx *ctx)
125 {
126 #if defined(CONFIG_PROVE_LOCKING)
127 lockdep_assert(in_task());
128
129 if (ctx->flags & IORING_SETUP_DEFER_TASKRUN)
130 lockdep_assert_held(&ctx->uring_lock);
131
132 if (ctx->flags & IORING_SETUP_IOPOLL) {
133 lockdep_assert_held(&ctx->uring_lock);
134 } else if (!ctx->task_complete) {
135 lockdep_assert_held(&ctx->completion_lock);
136 } else if (ctx->submitter_task) {
137 /*
138 * ->submitter_task may be NULL and we can still post a CQE,
139 * if the ring has been setup with IORING_SETUP_R_DISABLED.
140 * Not from an SQE, as those cannot be submitted, but via
141 * updating tagged resources.
142 */
143 if (!percpu_ref_is_dying(&ctx->refs))
144 lockdep_assert(current == ctx->submitter_task);
145 }
146 #endif
147 }
148
io_is_compat(struct io_ring_ctx * ctx)149 static inline bool io_is_compat(struct io_ring_ctx *ctx)
150 {
151 return IS_ENABLED(CONFIG_COMPAT) && unlikely(ctx->compat);
152 }
153
io_req_task_work_add(struct io_kiocb * req)154 static inline void io_req_task_work_add(struct io_kiocb *req)
155 {
156 __io_req_task_work_add(req, 0);
157 }
158
io_submit_flush_completions(struct io_ring_ctx * ctx)159 static inline void io_submit_flush_completions(struct io_ring_ctx *ctx)
160 {
161 if (!wq_list_empty(&ctx->submit_state.compl_reqs) ||
162 ctx->submit_state.cq_flush)
163 __io_submit_flush_completions(ctx);
164 }
165
166 #define io_for_each_link(pos, head) \
167 for (pos = (head); pos; pos = pos->link)
168
io_get_cqe_overflow(struct io_ring_ctx * ctx,struct io_uring_cqe ** ret,bool overflow)169 static inline bool io_get_cqe_overflow(struct io_ring_ctx *ctx,
170 struct io_uring_cqe **ret,
171 bool overflow)
172 {
173 io_lockdep_assert_cq_locked(ctx);
174
175 if (unlikely(ctx->cqe_cached >= ctx->cqe_sentinel)) {
176 if (unlikely(!io_cqe_cache_refill(ctx, overflow)))
177 return false;
178 }
179 *ret = ctx->cqe_cached;
180 ctx->cached_cq_tail++;
181 ctx->cqe_cached++;
182 if (ctx->flags & IORING_SETUP_CQE32)
183 ctx->cqe_cached++;
184 return true;
185 }
186
io_get_cqe(struct io_ring_ctx * ctx,struct io_uring_cqe ** ret)187 static inline bool io_get_cqe(struct io_ring_ctx *ctx, struct io_uring_cqe **ret)
188 {
189 return io_get_cqe_overflow(ctx, ret, false);
190 }
191
io_fill_cqe_req(struct io_ring_ctx * ctx,struct io_kiocb * req)192 static __always_inline bool io_fill_cqe_req(struct io_ring_ctx *ctx,
193 struct io_kiocb *req)
194 {
195 struct io_uring_cqe *cqe;
196
197 /*
198 * If we can't get a cq entry, userspace overflowed the
199 * submission (by quite a lot). Increment the overflow count in
200 * the ring.
201 */
202 if (unlikely(!io_get_cqe(ctx, &cqe)))
203 return false;
204
205
206 memcpy(cqe, &req->cqe, sizeof(*cqe));
207 if (ctx->flags & IORING_SETUP_CQE32) {
208 memcpy(cqe->big_cqe, &req->big_cqe, sizeof(*cqe));
209 memset(&req->big_cqe, 0, sizeof(req->big_cqe));
210 }
211
212 if (trace_io_uring_complete_enabled())
213 trace_io_uring_complete(req->ctx, req, cqe);
214 return true;
215 }
216
req_set_fail(struct io_kiocb * req)217 static inline void req_set_fail(struct io_kiocb *req)
218 {
219 req->flags |= REQ_F_FAIL;
220 if (req->flags & REQ_F_CQE_SKIP) {
221 req->flags &= ~REQ_F_CQE_SKIP;
222 req->flags |= REQ_F_SKIP_LINK_CQES;
223 }
224 }
225
io_req_set_res(struct io_kiocb * req,s32 res,u32 cflags)226 static inline void io_req_set_res(struct io_kiocb *req, s32 res, u32 cflags)
227 {
228 req->cqe.res = res;
229 req->cqe.flags = cflags;
230 }
231
io_uring_alloc_async_data(struct io_alloc_cache * cache,struct io_kiocb * req)232 static inline void *io_uring_alloc_async_data(struct io_alloc_cache *cache,
233 struct io_kiocb *req)
234 {
235 if (cache) {
236 req->async_data = io_cache_alloc(cache, GFP_KERNEL);
237 } else {
238 const struct io_issue_def *def = &io_issue_defs[req->opcode];
239
240 WARN_ON_ONCE(!def->async_size);
241 req->async_data = kmalloc(def->async_size, GFP_KERNEL);
242 }
243 if (req->async_data)
244 req->flags |= REQ_F_ASYNC_DATA;
245 return req->async_data;
246 }
247
req_has_async_data(struct io_kiocb * req)248 static inline bool req_has_async_data(struct io_kiocb *req)
249 {
250 return req->flags & REQ_F_ASYNC_DATA;
251 }
252
io_put_file(struct io_kiocb * req)253 static inline void io_put_file(struct io_kiocb *req)
254 {
255 if (!(req->flags & REQ_F_FIXED_FILE) && req->file)
256 fput(req->file);
257 }
258
io_ring_submit_unlock(struct io_ring_ctx * ctx,unsigned issue_flags)259 static inline void io_ring_submit_unlock(struct io_ring_ctx *ctx,
260 unsigned issue_flags)
261 {
262 lockdep_assert_held(&ctx->uring_lock);
263 if (unlikely(issue_flags & IO_URING_F_UNLOCKED))
264 mutex_unlock(&ctx->uring_lock);
265 }
266
io_ring_submit_lock(struct io_ring_ctx * ctx,unsigned issue_flags)267 static inline void io_ring_submit_lock(struct io_ring_ctx *ctx,
268 unsigned issue_flags)
269 {
270 /*
271 * "Normal" inline submissions always hold the uring_lock, since we
272 * grab it from the system call. Same is true for the SQPOLL offload.
273 * The only exception is when we've detached the request and issue it
274 * from an async worker thread, grab the lock for that case.
275 */
276 if (unlikely(issue_flags & IO_URING_F_UNLOCKED))
277 mutex_lock(&ctx->uring_lock);
278 lockdep_assert_held(&ctx->uring_lock);
279 }
280
io_commit_cqring(struct io_ring_ctx * ctx)281 static inline void io_commit_cqring(struct io_ring_ctx *ctx)
282 {
283 /* order cqe stores with ring update */
284 smp_store_release(&ctx->rings->cq.tail, ctx->cached_cq_tail);
285 }
286
io_poll_wq_wake(struct io_ring_ctx * ctx)287 static inline void io_poll_wq_wake(struct io_ring_ctx *ctx)
288 {
289 if (wq_has_sleeper(&ctx->poll_wq))
290 __wake_up(&ctx->poll_wq, TASK_NORMAL, 0,
291 poll_to_key(EPOLL_URING_WAKE | EPOLLIN));
292 }
293
io_cqring_wake(struct io_ring_ctx * ctx)294 static inline void io_cqring_wake(struct io_ring_ctx *ctx)
295 {
296 /*
297 * Trigger waitqueue handler on all waiters on our waitqueue. This
298 * won't necessarily wake up all the tasks, io_should_wake() will make
299 * that decision.
300 *
301 * Pass in EPOLLIN|EPOLL_URING_WAKE as the poll wakeup key. The latter
302 * set in the mask so that if we recurse back into our own poll
303 * waitqueue handlers, we know we have a dependency between eventfd or
304 * epoll and should terminate multishot poll at that point.
305 */
306 if (wq_has_sleeper(&ctx->cq_wait))
307 __wake_up(&ctx->cq_wait, TASK_NORMAL, 0,
308 poll_to_key(EPOLL_URING_WAKE | EPOLLIN));
309 }
310
io_sqring_full(struct io_ring_ctx * ctx)311 static inline bool io_sqring_full(struct io_ring_ctx *ctx)
312 {
313 struct io_rings *r = ctx->rings;
314
315 /*
316 * SQPOLL must use the actual sqring head, as using the cached_sq_head
317 * is race prone if the SQPOLL thread has grabbed entries but not yet
318 * committed them to the ring. For !SQPOLL, this doesn't matter, but
319 * since this helper is just used for SQPOLL sqring waits (or POLLOUT),
320 * just read the actual sqring head unconditionally.
321 */
322 return READ_ONCE(r->sq.tail) - READ_ONCE(r->sq.head) == ctx->sq_entries;
323 }
324
io_sqring_entries(struct io_ring_ctx * ctx)325 static inline unsigned int io_sqring_entries(struct io_ring_ctx *ctx)
326 {
327 struct io_rings *rings = ctx->rings;
328 unsigned int entries;
329
330 /* make sure SQ entry isn't read before tail */
331 entries = smp_load_acquire(&rings->sq.tail) - ctx->cached_sq_head;
332 return min(entries, ctx->sq_entries);
333 }
334
io_run_task_work(void)335 static inline int io_run_task_work(void)
336 {
337 bool ret = false;
338
339 /*
340 * Always check-and-clear the task_work notification signal. With how
341 * signaling works for task_work, we can find it set with nothing to
342 * run. We need to clear it for that case, like get_signal() does.
343 */
344 if (test_thread_flag(TIF_NOTIFY_SIGNAL))
345 clear_notify_signal();
346 /*
347 * PF_IO_WORKER never returns to userspace, so check here if we have
348 * notify work that needs processing.
349 */
350 if (current->flags & PF_IO_WORKER) {
351 if (test_thread_flag(TIF_NOTIFY_RESUME)) {
352 __set_current_state(TASK_RUNNING);
353 resume_user_mode_work(NULL);
354 }
355 if (current->io_uring) {
356 unsigned int count = 0;
357
358 __set_current_state(TASK_RUNNING);
359 tctx_task_work_run(current->io_uring, UINT_MAX, &count);
360 if (count)
361 ret = true;
362 }
363 }
364 if (task_work_pending(current)) {
365 __set_current_state(TASK_RUNNING);
366 task_work_run();
367 ret = true;
368 }
369
370 return ret;
371 }
372
io_local_work_pending(struct io_ring_ctx * ctx)373 static inline bool io_local_work_pending(struct io_ring_ctx *ctx)
374 {
375 return !llist_empty(&ctx->work_llist) || !llist_empty(&ctx->retry_llist);
376 }
377
io_task_work_pending(struct io_ring_ctx * ctx)378 static inline bool io_task_work_pending(struct io_ring_ctx *ctx)
379 {
380 return task_work_pending(current) || io_local_work_pending(ctx);
381 }
382
io_tw_lock(struct io_ring_ctx * ctx,io_tw_token_t tw)383 static inline void io_tw_lock(struct io_ring_ctx *ctx, io_tw_token_t tw)
384 {
385 lockdep_assert_held(&ctx->uring_lock);
386 }
387
388 /*
389 * Don't complete immediately but use deferred completion infrastructure.
390 * Protected by ->uring_lock and can only be used either with
391 * IO_URING_F_COMPLETE_DEFER or inside a tw handler holding the mutex.
392 */
io_req_complete_defer(struct io_kiocb * req)393 static inline void io_req_complete_defer(struct io_kiocb *req)
394 __must_hold(&req->ctx->uring_lock)
395 {
396 struct io_submit_state *state = &req->ctx->submit_state;
397
398 lockdep_assert_held(&req->ctx->uring_lock);
399
400 wq_list_add_tail(&req->comp_list, &state->compl_reqs);
401 }
402
io_commit_cqring_flush(struct io_ring_ctx * ctx)403 static inline void io_commit_cqring_flush(struct io_ring_ctx *ctx)
404 {
405 if (unlikely(ctx->off_timeout_used || ctx->drain_active ||
406 ctx->has_evfd || ctx->poll_activated))
407 __io_commit_cqring_flush(ctx);
408 }
409
io_get_task_refs(int nr)410 static inline void io_get_task_refs(int nr)
411 {
412 struct io_uring_task *tctx = current->io_uring;
413
414 tctx->cached_refs -= nr;
415 if (unlikely(tctx->cached_refs < 0))
416 io_task_refs_refill(tctx);
417 }
418
io_req_cache_empty(struct io_ring_ctx * ctx)419 static inline bool io_req_cache_empty(struct io_ring_ctx *ctx)
420 {
421 return !ctx->submit_state.free_list.next;
422 }
423
424 extern struct kmem_cache *req_cachep;
425
io_extract_req(struct io_ring_ctx * ctx)426 static inline struct io_kiocb *io_extract_req(struct io_ring_ctx *ctx)
427 {
428 struct io_kiocb *req;
429
430 req = container_of(ctx->submit_state.free_list.next, struct io_kiocb, comp_list);
431 wq_stack_extract(&ctx->submit_state.free_list);
432 return req;
433 }
434
io_alloc_req(struct io_ring_ctx * ctx,struct io_kiocb ** req)435 static inline bool io_alloc_req(struct io_ring_ctx *ctx, struct io_kiocb **req)
436 {
437 if (unlikely(io_req_cache_empty(ctx))) {
438 if (!__io_alloc_req_refill(ctx))
439 return false;
440 }
441 *req = io_extract_req(ctx);
442 return true;
443 }
444
io_allowed_defer_tw_run(struct io_ring_ctx * ctx)445 static inline bool io_allowed_defer_tw_run(struct io_ring_ctx *ctx)
446 {
447 return likely(ctx->submitter_task == current);
448 }
449
io_allowed_run_tw(struct io_ring_ctx * ctx)450 static inline bool io_allowed_run_tw(struct io_ring_ctx *ctx)
451 {
452 return likely(!(ctx->flags & IORING_SETUP_DEFER_TASKRUN) ||
453 ctx->submitter_task == current);
454 }
455
456 /*
457 * Terminate the request if either of these conditions are true:
458 *
459 * 1) It's being executed by the original task, but that task is marked
460 * with PF_EXITING as it's exiting.
461 * 2) PF_KTHREAD is set, in which case the invoker of the task_work is
462 * our fallback task_work.
463 */
io_should_terminate_tw(void)464 static inline bool io_should_terminate_tw(void)
465 {
466 return current->flags & (PF_KTHREAD | PF_EXITING);
467 }
468
io_req_queue_tw_complete(struct io_kiocb * req,s32 res)469 static inline void io_req_queue_tw_complete(struct io_kiocb *req, s32 res)
470 {
471 io_req_set_res(req, res, 0);
472 req->io_task_work.func = io_req_task_complete;
473 io_req_task_work_add(req);
474 }
475
476 /*
477 * IORING_SETUP_SQE128 contexts allocate twice the normal SQE size for each
478 * slot.
479 */
uring_sqe_size(struct io_ring_ctx * ctx)480 static inline size_t uring_sqe_size(struct io_ring_ctx *ctx)
481 {
482 if (ctx->flags & IORING_SETUP_SQE128)
483 return 2 * sizeof(struct io_uring_sqe);
484 return sizeof(struct io_uring_sqe);
485 }
486
io_file_can_poll(struct io_kiocb * req)487 static inline bool io_file_can_poll(struct io_kiocb *req)
488 {
489 if (req->flags & REQ_F_CAN_POLL)
490 return true;
491 if (req->file && file_can_poll(req->file)) {
492 req->flags |= REQ_F_CAN_POLL;
493 return true;
494 }
495 return false;
496 }
497
io_get_time(struct io_ring_ctx * ctx)498 static inline ktime_t io_get_time(struct io_ring_ctx *ctx)
499 {
500 if (ctx->clockid == CLOCK_MONOTONIC)
501 return ktime_get();
502
503 return ktime_get_with_offset(ctx->clock_offset);
504 }
505
506 enum {
507 IO_CHECK_CQ_OVERFLOW_BIT,
508 IO_CHECK_CQ_DROPPED_BIT,
509 };
510
io_has_work(struct io_ring_ctx * ctx)511 static inline bool io_has_work(struct io_ring_ctx *ctx)
512 {
513 return test_bit(IO_CHECK_CQ_OVERFLOW_BIT, &ctx->check_cq) ||
514 io_local_work_pending(ctx);
515 }
516 #endif
517