1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Copyright (c) 2000-2005 Silicon Graphics, Inc.
4 * All Rights Reserved.
5 */
6 #include "xfs_platform.h"
7 #include "xfs_fs.h"
8 #include "xfs_shared.h"
9 #include "xfs_format.h"
10 #include "xfs_log_format.h"
11 #include "xfs_trans_resv.h"
12 #include "xfs_mount.h"
13 #include "xfs_inode.h"
14 #include "xfs_trans.h"
15 #include "xfs_trans_priv.h"
16 #include "xfs_inode_item.h"
17 #include "xfs_quota.h"
18 #include "xfs_trace.h"
19 #include "xfs_icache.h"
20 #include "xfs_bmap_util.h"
21 #include "xfs_dquot_item.h"
22 #include "xfs_dquot.h"
23 #include "xfs_reflink.h"
24 #include "xfs_ialloc.h"
25 #include "xfs_ag.h"
26 #include "xfs_log_priv.h"
27 #include "xfs_health.h"
28 #include "xfs_da_format.h"
29 #include "xfs_dir2.h"
30 #include "xfs_metafile.h"
31
32 #include <linux/iversion.h>
33
34 /* Radix tree tags for incore inode tree. */
35
36 /* inode is to be reclaimed */
37 #define XFS_ICI_RECLAIM_TAG 0
38 /* Inode has speculative preallocations (posteof or cow) to clean. */
39 #define XFS_ICI_BLOCKGC_TAG 1
40
41 /*
42 * The goal for walking incore inodes. These can correspond with incore inode
43 * radix tree tags when convenient. Avoid existing XFS_IWALK namespace.
44 */
45 enum xfs_icwalk_goal {
46 /* Goals directly associated with tagged inodes. */
47 XFS_ICWALK_BLOCKGC = XFS_ICI_BLOCKGC_TAG,
48 XFS_ICWALK_RECLAIM = XFS_ICI_RECLAIM_TAG,
49 };
50
51 static int xfs_icwalk(struct xfs_mount *mp,
52 enum xfs_icwalk_goal goal, struct xfs_icwalk *icw);
53 static int xfs_icwalk_ag(struct xfs_perag *pag,
54 enum xfs_icwalk_goal goal, struct xfs_icwalk *icw);
55
56 /*
57 * Private inode cache walk flags for struct xfs_icwalk. Must not
58 * coincide with XFS_ICWALK_FLAGS_VALID.
59 */
60
61 /* Stop scanning after icw_scan_limit inodes. */
62 #define XFS_ICWALK_FLAG_SCAN_LIMIT (1U << 28)
63
64 #define XFS_ICWALK_FLAG_RECLAIM_SICK (1U << 27)
65 #define XFS_ICWALK_FLAG_UNION (1U << 26) /* union filter algorithm */
66
67 #define XFS_ICWALK_PRIVATE_FLAGS (XFS_ICWALK_FLAG_SCAN_LIMIT | \
68 XFS_ICWALK_FLAG_RECLAIM_SICK | \
69 XFS_ICWALK_FLAG_UNION)
70
71 /* Marks for the perag xarray */
72 #define XFS_PERAG_RECLAIM_MARK XA_MARK_0
73 #define XFS_PERAG_BLOCKGC_MARK XA_MARK_1
74
ici_tag_to_mark(unsigned int tag)75 static inline xa_mark_t ici_tag_to_mark(unsigned int tag)
76 {
77 if (tag == XFS_ICI_RECLAIM_TAG)
78 return XFS_PERAG_RECLAIM_MARK;
79 ASSERT(tag == XFS_ICI_BLOCKGC_TAG);
80 return XFS_PERAG_BLOCKGC_MARK;
81 }
82
83 /*
84 * Allocate and initialise an xfs_inode.
85 */
86 struct xfs_inode *
xfs_inode_alloc(struct xfs_mount * mp,xfs_ino_t ino)87 xfs_inode_alloc(
88 struct xfs_mount *mp,
89 xfs_ino_t ino)
90 {
91 struct xfs_inode *ip;
92
93 /*
94 * XXX: If this didn't occur in transactions, we could drop GFP_NOFAIL
95 * and return NULL here on ENOMEM.
96 */
97 ip = alloc_inode_sb(mp->m_super, xfs_inode_cache, GFP_KERNEL | __GFP_NOFAIL);
98
99 if (inode_init_always(mp->m_super, VFS_I(ip))) {
100 kmem_cache_free(xfs_inode_cache, ip);
101 return NULL;
102 }
103
104 /* VFS doesn't initialise i_mode! */
105 VFS_I(ip)->i_mode = 0;
106 mapping_set_folio_min_order(VFS_I(ip)->i_mapping,
107 M_IGEO(mp)->min_folio_order);
108
109 XFS_STATS_INC(mp, xs_inodes_active);
110 ASSERT(atomic_read(&ip->i_pincount) == 0);
111 ASSERT(ip->i_ino == 0);
112
113 /* initialise the xfs inode */
114 ip->i_ino = ino;
115 ip->i_mount = mp;
116 memset(&ip->i_imap, 0, sizeof(struct xfs_imap));
117 ip->i_cowfp = NULL;
118 memset(&ip->i_af, 0, sizeof(ip->i_af));
119 ip->i_af.if_format = XFS_DINODE_FMT_EXTENTS;
120 memset(&ip->i_df, 0, sizeof(ip->i_df));
121 ip->i_flags = 0;
122 ip->i_delayed_blks = 0;
123 ip->i_diflags2 = mp->m_ino_geo.new_diflags2;
124 ip->i_nblocks = 0;
125 ip->i_forkoff = 0;
126 ip->i_sick = 0;
127 ip->i_checked = 0;
128 INIT_WORK(&ip->i_ioend_work, xfs_end_io);
129 INIT_LIST_HEAD(&ip->i_ioend_list);
130 spin_lock_init(&ip->i_ioend_lock);
131 ip->i_next_unlinked = NULLAGINO;
132 ip->i_prev_unlinked = 0;
133
134 return ip;
135 }
136
137 STATIC void
xfs_inode_free_callback(struct rcu_head * head)138 xfs_inode_free_callback(
139 struct rcu_head *head)
140 {
141 struct inode *inode = container_of(head, struct inode, i_rcu);
142 struct xfs_inode *ip = XFS_I(inode);
143
144 switch (VFS_I(ip)->i_mode & S_IFMT) {
145 case S_IFREG:
146 case S_IFDIR:
147 case S_IFLNK:
148 xfs_idestroy_fork(&ip->i_df);
149 break;
150 }
151
152 xfs_ifork_zap_attr(ip);
153
154 if (ip->i_cowfp) {
155 xfs_idestroy_fork(ip->i_cowfp);
156 kmem_cache_free(xfs_ifork_cache, ip->i_cowfp);
157 }
158 if (ip->i_itemp) {
159 ASSERT(!test_bit(XFS_LI_IN_AIL,
160 &ip->i_itemp->ili_item.li_flags));
161 xfs_inode_item_destroy(ip);
162 }
163
164 kmem_cache_free(xfs_inode_cache, ip);
165 }
166
167 static void
__xfs_inode_free(struct xfs_inode * ip)168 __xfs_inode_free(
169 struct xfs_inode *ip)
170 {
171 /* asserts to verify all state is correct here */
172 ASSERT(atomic_read(&ip->i_pincount) == 0);
173 ASSERT(!ip->i_itemp || list_empty(&ip->i_itemp->ili_item.li_bio_list));
174 if (xfs_is_metadir_inode(ip))
175 XFS_STATS_DEC(ip->i_mount, xs_inodes_meta);
176 else
177 XFS_STATS_DEC(ip->i_mount, xs_inodes_active);
178
179 call_rcu(&VFS_I(ip)->i_rcu, xfs_inode_free_callback);
180 }
181
182 void
xfs_inode_free(struct xfs_inode * ip)183 xfs_inode_free(
184 struct xfs_inode *ip)
185 {
186 ASSERT(!xfs_iflags_test(ip, XFS_IFLUSHING));
187
188 /*
189 * Because we use RCU freeing we need to ensure the inode always
190 * appears to be reclaimed with an invalid inode number when in the
191 * free state. The ip->i_flags_lock provides the barrier against lookup
192 * races.
193 */
194 spin_lock(&ip->i_flags_lock);
195 ip->i_flags = XFS_IRECLAIM;
196 ip->i_ino = 0;
197 spin_unlock(&ip->i_flags_lock);
198
199 __xfs_inode_free(ip);
200 }
201
202 /*
203 * Queue background inode reclaim work if there are reclaimable inodes and there
204 * isn't reclaim work already scheduled or in progress.
205 */
206 static void
xfs_reclaim_work_queue(struct xfs_mount * mp)207 xfs_reclaim_work_queue(
208 struct xfs_mount *mp)
209 {
210
211 rcu_read_lock();
212 if (xfs_group_marked(mp, XG_TYPE_AG, XFS_PERAG_RECLAIM_MARK)) {
213 queue_delayed_work(mp->m_reclaim_workqueue, &mp->m_reclaim_work,
214 msecs_to_jiffies(xfs_syncd_centisecs / 6 * 10));
215 }
216 rcu_read_unlock();
217 }
218
219 /*
220 * Background scanning to trim preallocated space. This is queued based on the
221 * 'speculative_prealloc_lifetime' tunable (5m by default).
222 */
223 static inline void
xfs_blockgc_queue(struct xfs_perag * pag)224 xfs_blockgc_queue(
225 struct xfs_perag *pag)
226 {
227 struct xfs_mount *mp = pag_mount(pag);
228
229 if (!xfs_is_blockgc_enabled(mp))
230 return;
231
232 rcu_read_lock();
233 if (radix_tree_tagged(&pag->pag_ici_root, XFS_ICI_BLOCKGC_TAG))
234 queue_delayed_work(mp->m_blockgc_wq, &pag->pag_blockgc_work,
235 secs_to_jiffies(xfs_blockgc_secs));
236 rcu_read_unlock();
237 }
238
239 /* Set a tag on both the AG incore inode tree and the AG radix tree. */
240 static void
xfs_perag_set_inode_tag(struct xfs_perag * pag,xfs_agino_t agino,unsigned int tag)241 xfs_perag_set_inode_tag(
242 struct xfs_perag *pag,
243 xfs_agino_t agino,
244 unsigned int tag)
245 {
246 bool was_tagged;
247
248 lockdep_assert_held(&pag->pag_ici_lock);
249
250 was_tagged = radix_tree_tagged(&pag->pag_ici_root, tag);
251 radix_tree_tag_set(&pag->pag_ici_root, agino, tag);
252
253 if (tag == XFS_ICI_RECLAIM_TAG)
254 pag->pag_ici_reclaimable++;
255
256 if (was_tagged)
257 return;
258
259 /* propagate the tag up into the pag xarray tree */
260 xfs_group_set_mark(pag_group(pag), ici_tag_to_mark(tag));
261
262 /* start background work */
263 switch (tag) {
264 case XFS_ICI_RECLAIM_TAG:
265 xfs_reclaim_work_queue(pag_mount(pag));
266 break;
267 case XFS_ICI_BLOCKGC_TAG:
268 xfs_blockgc_queue(pag);
269 break;
270 }
271
272 trace_xfs_perag_set_inode_tag(pag, _RET_IP_);
273 }
274
275 /* Clear a tag on both the AG incore inode tree and the AG radix tree. */
276 static void
xfs_perag_clear_inode_tag(struct xfs_perag * pag,xfs_agino_t agino,unsigned int tag)277 xfs_perag_clear_inode_tag(
278 struct xfs_perag *pag,
279 xfs_agino_t agino,
280 unsigned int tag)
281 {
282 lockdep_assert_held(&pag->pag_ici_lock);
283
284 /*
285 * Reclaim can signal (with a null agino) that it cleared its own tag
286 * by removing the inode from the radix tree.
287 */
288 if (agino != NULLAGINO)
289 radix_tree_tag_clear(&pag->pag_ici_root, agino, tag);
290 else
291 ASSERT(tag == XFS_ICI_RECLAIM_TAG);
292
293 if (tag == XFS_ICI_RECLAIM_TAG)
294 pag->pag_ici_reclaimable--;
295
296 if (radix_tree_tagged(&pag->pag_ici_root, tag))
297 return;
298
299 /* clear the tag from the pag xarray */
300 xfs_group_clear_mark(pag_group(pag), ici_tag_to_mark(tag));
301 trace_xfs_perag_clear_inode_tag(pag, _RET_IP_);
302 }
303
304 /*
305 * Find the next AG after @pag, or the first AG if @pag is NULL.
306 */
307 static struct xfs_perag *
xfs_perag_grab_next_tag(struct xfs_mount * mp,struct xfs_perag * pag,int tag)308 xfs_perag_grab_next_tag(
309 struct xfs_mount *mp,
310 struct xfs_perag *pag,
311 int tag)
312 {
313 return to_perag(xfs_group_grab_next_mark(mp,
314 pag ? pag_group(pag) : NULL,
315 ici_tag_to_mark(tag), XG_TYPE_AG));
316 }
317
318 /*
319 * When we recycle a reclaimable inode, we need to re-initialise the VFS inode
320 * part of the structure. This is made more complex by the fact we store
321 * information about the on-disk values in the VFS inode and so we can't just
322 * overwrite the values unconditionally. Hence we save the parameters we
323 * need to retain across reinitialisation, and rewrite them into the VFS inode
324 * after reinitialisation even if it fails.
325 */
326 static int
xfs_reinit_inode(struct xfs_mount * mp,struct inode * inode)327 xfs_reinit_inode(
328 struct xfs_mount *mp,
329 struct inode *inode)
330 {
331 int error;
332 uint32_t nlink = inode->i_nlink;
333 uint32_t generation = inode->i_generation;
334 uint64_t version = inode_peek_iversion(inode);
335 umode_t mode = inode->i_mode;
336 dev_t dev = inode->i_rdev;
337 kuid_t uid = inode->i_uid;
338 kgid_t gid = inode->i_gid;
339 unsigned long state = inode_state_read_once(inode);
340
341 error = inode_init_always(mp->m_super, inode);
342
343 set_nlink(inode, nlink);
344 inode->i_generation = generation;
345 inode_set_iversion_queried(inode, version);
346 inode->i_mode = mode;
347 inode->i_rdev = dev;
348 inode->i_uid = uid;
349 inode->i_gid = gid;
350 inode_state_assign_raw(inode, state);
351 mapping_set_folio_min_order(inode->i_mapping,
352 M_IGEO(mp)->min_folio_order);
353 return error;
354 }
355
356 /*
357 * Carefully nudge an inode whose VFS state has been torn down back into a
358 * usable state. Drops the i_flags_lock and the rcu read lock.
359 */
360 static int
xfs_iget_recycle(struct xfs_perag * pag,struct xfs_inode * ip)361 xfs_iget_recycle(
362 struct xfs_perag *pag,
363 struct xfs_inode *ip)
364 {
365 struct xfs_mount *mp = ip->i_mount;
366 struct inode *inode = VFS_I(ip);
367 int error;
368
369 trace_xfs_iget_recycle(ip);
370
371 ASSERT(!rwsem_is_locked(&inode->i_rwsem));
372 error = xfs_reinit_inode(mp, inode);
373 xfs_iunlock(ip, XFS_ILOCK_EXCL);
374 if (error) {
375 /*
376 * Re-initializing the inode failed, and we are in deep
377 * trouble. Try to re-add it to the reclaim list.
378 */
379 rcu_read_lock();
380 spin_lock(&ip->i_flags_lock);
381 ip->i_flags &= ~(XFS_INEW | XFS_IRECLAIM);
382 ASSERT(ip->i_flags & XFS_IRECLAIMABLE);
383 spin_unlock(&ip->i_flags_lock);
384 rcu_read_unlock();
385
386 trace_xfs_iget_recycle_fail(ip);
387 return error;
388 }
389
390 spin_lock(&pag->pag_ici_lock);
391 spin_lock(&ip->i_flags_lock);
392
393 /*
394 * Clear the per-lifetime state in the inode as we are now effectively
395 * a new inode and need to return to the initial state before reuse
396 * occurs.
397 */
398 ip->i_flags &= ~XFS_IRECLAIM_RESET_FLAGS;
399 ip->i_flags |= XFS_INEW;
400 xfs_perag_clear_inode_tag(pag, XFS_INO_TO_AGINO(mp, ip->i_ino),
401 XFS_ICI_RECLAIM_TAG);
402 inode_state_assign_raw(inode, I_NEW);
403 spin_unlock(&ip->i_flags_lock);
404 spin_unlock(&pag->pag_ici_lock);
405
406 return 0;
407 }
408
409 /*
410 * If we are allocating a new inode, then check what was returned is
411 * actually a free, empty inode. If we are not allocating an inode,
412 * then check we didn't find a free inode.
413 *
414 * Returns:
415 * 0 if the inode free state matches the lookup context
416 * -ENOENT if the inode is free and we are not allocating
417 * -EFSCORRUPTED if there is any state mismatch at all
418 */
419 static int
xfs_iget_check_free_state(struct xfs_inode * ip,int flags)420 xfs_iget_check_free_state(
421 struct xfs_inode *ip,
422 int flags)
423 {
424 if (flags & XFS_IGET_CREATE) {
425 /* should be a free inode */
426 if (VFS_I(ip)->i_mode != 0) {
427 xfs_warn(ip->i_mount,
428 "Corruption detected! Free inode 0x%llx not marked free! (mode 0x%x)",
429 ip->i_ino, VFS_I(ip)->i_mode);
430 xfs_agno_mark_sick(ip->i_mount,
431 XFS_INO_TO_AGNO(ip->i_mount, ip->i_ino),
432 XFS_SICK_AG_INOBT);
433 return -EFSCORRUPTED;
434 }
435
436 if (ip->i_nblocks != 0) {
437 xfs_warn(ip->i_mount,
438 "Corruption detected! Free inode 0x%llx has blocks allocated!",
439 ip->i_ino);
440 xfs_agno_mark_sick(ip->i_mount,
441 XFS_INO_TO_AGNO(ip->i_mount, ip->i_ino),
442 XFS_SICK_AG_INOBT);
443 return -EFSCORRUPTED;
444 }
445 return 0;
446 }
447
448 /* should be an allocated inode */
449 if (VFS_I(ip)->i_mode == 0)
450 return -ENOENT;
451
452 return 0;
453 }
454
455 /* Make all pending inactivation work start immediately. */
456 static bool
xfs_inodegc_queue_all(struct xfs_mount * mp)457 xfs_inodegc_queue_all(
458 struct xfs_mount *mp)
459 {
460 struct xfs_inodegc *gc;
461 int cpu;
462 bool ret = false;
463
464 for_each_cpu(cpu, &mp->m_inodegc_cpumask) {
465 gc = per_cpu_ptr(mp->m_inodegc, cpu);
466 if (!llist_empty(&gc->list)) {
467 mod_delayed_work_on(cpu, mp->m_inodegc_wq, &gc->work, 0);
468 ret = true;
469 }
470 }
471
472 return ret;
473 }
474
475 /* Wait for all queued work and collect errors */
476 static int
xfs_inodegc_wait_all(struct xfs_mount * mp)477 xfs_inodegc_wait_all(
478 struct xfs_mount *mp)
479 {
480 int cpu;
481 int error = 0;
482
483 flush_workqueue(mp->m_inodegc_wq);
484 for_each_cpu(cpu, &mp->m_inodegc_cpumask) {
485 struct xfs_inodegc *gc;
486
487 gc = per_cpu_ptr(mp->m_inodegc, cpu);
488 if (gc->error && !error)
489 error = gc->error;
490 gc->error = 0;
491 }
492
493 return error;
494 }
495
496 /*
497 * Check the validity of the inode we just found it the cache
498 */
499 static int
xfs_iget_cache_hit(struct xfs_perag * pag,struct xfs_inode * ip,xfs_ino_t ino,int flags,int lock_flags)500 xfs_iget_cache_hit(
501 struct xfs_perag *pag,
502 struct xfs_inode *ip,
503 xfs_ino_t ino,
504 int flags,
505 int lock_flags) __releases(RCU)
506 {
507 struct inode *inode = VFS_I(ip);
508 struct xfs_mount *mp = ip->i_mount;
509 int error;
510
511 /*
512 * check for re-use of an inode within an RCU grace period due to the
513 * radix tree nodes not being updated yet. We monitor for this by
514 * setting the inode number to zero before freeing the inode structure.
515 * If the inode has been reallocated and set up, then the inode number
516 * will not match, so check for that, too.
517 */
518 spin_lock(&ip->i_flags_lock);
519 if (ip->i_ino != ino)
520 goto out_skip;
521
522 /*
523 * If we are racing with another cache hit that is currently
524 * instantiating this inode or currently recycling it out of
525 * reclaimable state, wait for the initialisation to complete
526 * before continuing.
527 *
528 * If we're racing with the inactivation worker we also want to wait.
529 * If we're creating a new file, it's possible that the worker
530 * previously marked the inode as free on disk but hasn't finished
531 * updating the incore state yet. The AGI buffer will be dirty and
532 * locked to the icreate transaction, so a synchronous push of the
533 * inodegc workers would result in deadlock. For a regular iget, the
534 * worker is running already, so we might as well wait.
535 *
536 * XXX(hch): eventually we should do something equivalent to
537 * wait_on_inode to wait for these flags to be cleared
538 * instead of polling for it.
539 */
540 if (ip->i_flags & (XFS_INEW | XFS_IRECLAIM | XFS_INACTIVATING))
541 goto out_skip;
542
543 if (ip->i_flags & XFS_NEED_INACTIVE) {
544 /* Unlinked inodes cannot be re-grabbed. */
545 if (VFS_I(ip)->i_nlink == 0) {
546 error = -ENOENT;
547 goto out_error;
548 }
549 goto out_inodegc_flush;
550 }
551
552 /*
553 * Check the inode free state is valid. This also detects lookup
554 * racing with unlinks.
555 */
556 error = xfs_iget_check_free_state(ip, flags);
557 if (error)
558 goto out_error;
559
560 /* Skip inodes that have no vfs state. */
561 if ((flags & XFS_IGET_INCORE) &&
562 (ip->i_flags & XFS_IRECLAIMABLE))
563 goto out_skip;
564
565 /* The inode fits the selection criteria; process it. */
566 if (ip->i_flags & XFS_IRECLAIMABLE) {
567 /*
568 * We need to make it look like the inode is being reclaimed to
569 * prevent the actual reclaim workers from stomping over us
570 * while we recycle the inode. We can't clear the radix tree
571 * tag yet as it requires pag_ici_lock to be held exclusive.
572 */
573 if (!xfs_ilock_nowait(ip, XFS_ILOCK_EXCL))
574 goto out_skip;
575 ip->i_flags |= XFS_IRECLAIM;
576 spin_unlock(&ip->i_flags_lock);
577 rcu_read_unlock();
578
579 error = xfs_iget_recycle(pag, ip);
580 if (error)
581 return error;
582 } else {
583 /* If the VFS inode is being torn down, pause and try again. */
584 if (!igrab(inode))
585 goto out_skip;
586
587 /* We've got a live one. */
588 spin_unlock(&ip->i_flags_lock);
589 rcu_read_unlock();
590 trace_xfs_iget_hit(ip);
591 }
592
593 if (lock_flags != 0)
594 xfs_ilock(ip, lock_flags);
595
596 if (!(flags & XFS_IGET_INCORE))
597 xfs_iflags_clear(ip, XFS_ISTALE);
598 XFS_STATS_INC(mp, xs_ig_found);
599
600 return 0;
601
602 out_skip:
603 trace_xfs_iget_skip(ip);
604 XFS_STATS_INC(mp, xs_ig_frecycle);
605 error = -EAGAIN;
606 out_error:
607 spin_unlock(&ip->i_flags_lock);
608 rcu_read_unlock();
609 return error;
610
611 out_inodegc_flush:
612 spin_unlock(&ip->i_flags_lock);
613 rcu_read_unlock();
614 /*
615 * Do not wait for the workers, because the caller could hold an AGI
616 * buffer lock. We're just going to sleep in a loop anyway.
617 */
618 if (xfs_is_inodegc_enabled(mp))
619 xfs_inodegc_queue_all(mp);
620 return -EAGAIN;
621 }
622
623 static int
xfs_iget_cache_miss(struct xfs_mount * mp,struct xfs_perag * pag,xfs_trans_t * tp,xfs_ino_t ino,struct xfs_inode ** ipp,int flags,int lock_flags)624 xfs_iget_cache_miss(
625 struct xfs_mount *mp,
626 struct xfs_perag *pag,
627 xfs_trans_t *tp,
628 xfs_ino_t ino,
629 struct xfs_inode **ipp,
630 int flags,
631 int lock_flags)
632 {
633 struct xfs_inode *ip;
634 int error;
635 xfs_agino_t agino = XFS_INO_TO_AGINO(mp, ino);
636
637 ip = xfs_inode_alloc(mp, ino);
638 if (!ip)
639 return -ENOMEM;
640
641 /*
642 * Set XFS_INEW as early as possible so that the health code won't pass
643 * the inode to the fserror code if the ondisk inode cannot be loaded.
644 * We're going to free the xfs_inode immediately if that happens, which
645 * would lead to UAF problems.
646 */
647 xfs_iflags_set(ip, XFS_INEW);
648
649 error = xfs_imap(pag, tp, ip->i_ino, &ip->i_imap, flags);
650 if (error)
651 goto out_destroy;
652
653 /*
654 * For version 5 superblocks, if we are initialising a new inode, we
655 * simply build the new inode core with a random generation number.
656 *
657 * For version 4 (and older) superblocks, log recovery is dependent on
658 * the i_flushiter field being initialised from the current on-disk
659 * value and hence we must also read the inode off disk even when
660 * initializing new inodes.
661 */
662 if (xfs_has_v3inodes(mp) && (flags & XFS_IGET_CREATE)) {
663 VFS_I(ip)->i_generation = get_random_u32();
664 } else {
665 struct xfs_buf *bp;
666
667 error = xfs_imap_to_bp(mp, tp, &ip->i_imap, &bp);
668 if (error)
669 goto out_destroy;
670
671 error = xfs_inode_from_disk(ip,
672 xfs_buf_offset(bp, ip->i_imap.im_boffset));
673 if (!error)
674 xfs_buf_set_ref(bp, XFS_INO_REF);
675 else
676 xfs_inode_mark_sick(ip, XFS_SICK_INO_CORE);
677 xfs_trans_brelse(tp, bp);
678
679 if (error)
680 goto out_destroy;
681 }
682
683 trace_xfs_iget_miss(ip);
684
685 /*
686 * Check the inode free state is valid. This also detects lookup
687 * racing with unlinks.
688 */
689 error = xfs_iget_check_free_state(ip, flags);
690 if (error)
691 goto out_destroy;
692
693 /*
694 * Preload the radix tree so we can insert safely under the
695 * write spinlock. Note that we cannot sleep inside the preload
696 * region.
697 */
698 if (radix_tree_preload(GFP_KERNEL | __GFP_NOLOCKDEP)) {
699 error = -EAGAIN;
700 goto out_destroy;
701 }
702
703 /*
704 * Because the inode hasn't been added to the radix-tree yet it can't
705 * be found by another thread, so we can do the non-sleeping lock here.
706 */
707 if (lock_flags) {
708 if (!xfs_ilock_nowait(ip, lock_flags))
709 BUG();
710 }
711
712 /*
713 * These values must be set before inserting the inode into the radix
714 * tree as the moment it is inserted a concurrent lookup (allowed by the
715 * RCU locking mechanism) can find it and that lookup must see that this
716 * is an inode currently under construction (i.e. that XFS_INEW is set).
717 * The ip->i_flags_lock that protects the XFS_INEW flag forms the
718 * memory barrier that ensures this detection works correctly at lookup
719 * time.
720 */
721 if (flags & XFS_IGET_DONTCACHE)
722 d_mark_dontcache(VFS_I(ip));
723 ip->i_udquot = NULL;
724 ip->i_gdquot = NULL;
725 ip->i_pdquot = NULL;
726
727 /* insert the new inode */
728 spin_lock(&pag->pag_ici_lock);
729 error = radix_tree_insert(&pag->pag_ici_root, agino, ip);
730 if (unlikely(error)) {
731 WARN_ON(error != -EEXIST);
732 XFS_STATS_INC(mp, xs_ig_dup);
733 error = -EAGAIN;
734 goto out_preload_end;
735 }
736 spin_unlock(&pag->pag_ici_lock);
737 radix_tree_preload_end();
738
739 *ipp = ip;
740 return 0;
741
742 out_preload_end:
743 spin_unlock(&pag->pag_ici_lock);
744 radix_tree_preload_end();
745 if (lock_flags)
746 xfs_iunlock(ip, lock_flags);
747 out_destroy:
748 __destroy_inode(VFS_I(ip));
749 xfs_inode_free(ip);
750 return error;
751 }
752
753 /*
754 * Look up an inode by number in the given file system. The inode is looked up
755 * in the cache held in each AG. If the inode is found in the cache, initialise
756 * the vfs inode if necessary.
757 *
758 * If it is not in core, read it in from the file system's device, add it to the
759 * cache and initialise the vfs inode.
760 *
761 * The inode is locked according to the value of the lock_flags parameter.
762 * Inode lookup is only done during metadata operations and not as part of the
763 * data IO path. Hence we only allow locking of the XFS_ILOCK during lookup.
764 */
765 int
xfs_iget(struct xfs_mount * mp,struct xfs_trans * tp,xfs_ino_t ino,uint flags,uint lock_flags,struct xfs_inode ** ipp)766 xfs_iget(
767 struct xfs_mount *mp,
768 struct xfs_trans *tp,
769 xfs_ino_t ino,
770 uint flags,
771 uint lock_flags,
772 struct xfs_inode **ipp)
773 {
774 struct xfs_inode *ip;
775 struct xfs_perag *pag;
776 xfs_agino_t agino;
777 int error;
778
779 ASSERT((lock_flags & (XFS_IOLOCK_EXCL | XFS_IOLOCK_SHARED)) == 0);
780
781 /* reject inode numbers outside existing AGs */
782 if (!xfs_verify_ino(mp, ino))
783 return -EINVAL;
784
785 XFS_STATS_INC(mp, xs_ig_attempts);
786
787 /* get the perag structure and ensure that it's inode capable */
788 pag = xfs_perag_get(mp, XFS_INO_TO_AGNO(mp, ino));
789 agino = XFS_INO_TO_AGINO(mp, ino);
790
791 again:
792 error = 0;
793 rcu_read_lock();
794 ip = radix_tree_lookup(&pag->pag_ici_root, agino);
795
796 if (ip) {
797 error = xfs_iget_cache_hit(pag, ip, ino, flags, lock_flags);
798 if (error)
799 goto out_error_or_again;
800 } else {
801 rcu_read_unlock();
802 if (flags & XFS_IGET_INCORE) {
803 error = -ENODATA;
804 goto out_error_or_again;
805 }
806 XFS_STATS_INC(mp, xs_ig_missed);
807
808 error = xfs_iget_cache_miss(mp, pag, tp, ino, &ip,
809 flags, lock_flags);
810 if (error)
811 goto out_error_or_again;
812 }
813 xfs_perag_put(pag);
814
815 *ipp = ip;
816
817 /*
818 * If we have a real type for an on-disk inode, we can setup the inode
819 * now. If it's a new inode being created, xfs_init_new_inode will
820 * handle it.
821 */
822 if (xfs_iflags_test(ip, XFS_INEW) && VFS_I(ip)->i_mode != 0)
823 xfs_setup_existing_inode(ip);
824 return 0;
825
826 out_error_or_again:
827 if (!(flags & (XFS_IGET_INCORE | XFS_IGET_NORETRY)) &&
828 error == -EAGAIN) {
829 delay(1);
830 goto again;
831 }
832 xfs_perag_put(pag);
833 return error;
834 }
835
836 /*
837 * Get a metadata inode.
838 *
839 * The metafile type must match the file mode exactly, and for files in the
840 * metadata directory tree, it must match the inode's metatype exactly.
841 */
842 int
xfs_trans_metafile_iget(struct xfs_trans * tp,xfs_ino_t ino,enum xfs_metafile_type metafile_type,struct xfs_inode ** ipp)843 xfs_trans_metafile_iget(
844 struct xfs_trans *tp,
845 xfs_ino_t ino,
846 enum xfs_metafile_type metafile_type,
847 struct xfs_inode **ipp)
848 {
849 struct xfs_mount *mp = tp->t_mountp;
850 struct xfs_inode *ip;
851 umode_t mode;
852 int error;
853
854 error = xfs_iget(mp, tp, ino, 0, 0, &ip);
855 if (error == -EFSCORRUPTED || error == -EINVAL)
856 goto whine;
857 if (error)
858 return error;
859
860 if (VFS_I(ip)->i_nlink == 0)
861 goto bad_rele;
862
863 if (metafile_type == XFS_METAFILE_DIR)
864 mode = S_IFDIR;
865 else
866 mode = S_IFREG;
867 if (inode_wrong_type(VFS_I(ip), mode))
868 goto bad_rele;
869 if (xfs_has_metadir(mp)) {
870 if (!xfs_is_metadir_inode(ip))
871 goto bad_rele;
872 if (metafile_type != ip->i_metatype)
873 goto bad_rele;
874 }
875
876 *ipp = ip;
877 return 0;
878 bad_rele:
879 xfs_irele(ip);
880 whine:
881 xfs_err(mp, "metadata inode 0x%llx type %u is corrupt", ino,
882 metafile_type);
883 xfs_fs_mark_sick(mp, XFS_SICK_FS_METADIR);
884 return -EFSCORRUPTED;
885 }
886
887 /* Grab a metadata file if the caller doesn't already have a transaction. */
888 int
xfs_metafile_iget(struct xfs_mount * mp,xfs_ino_t ino,enum xfs_metafile_type metafile_type,struct xfs_inode ** ipp)889 xfs_metafile_iget(
890 struct xfs_mount *mp,
891 xfs_ino_t ino,
892 enum xfs_metafile_type metafile_type,
893 struct xfs_inode **ipp)
894 {
895 struct xfs_trans *tp;
896 int error;
897
898 tp = xfs_trans_alloc_empty(mp);
899 error = xfs_trans_metafile_iget(tp, ino, metafile_type, ipp);
900 xfs_trans_cancel(tp);
901 return error;
902 }
903
904 /*
905 * Grab the inode for reclaim exclusively.
906 *
907 * We have found this inode via a lookup under RCU, so the inode may have
908 * already been freed, or it may be in the process of being recycled by
909 * xfs_iget(). In both cases, the inode will have XFS_IRECLAIM set. If the inode
910 * has been fully recycled by the time we get the i_flags_lock, XFS_IRECLAIMABLE
911 * will not be set. Hence we need to check for both these flag conditions to
912 * avoid inodes that are no longer reclaim candidates.
913 *
914 * Note: checking for other state flags here, under the i_flags_lock or not, is
915 * racy and should be avoided. Those races should be resolved only after we have
916 * ensured that we are able to reclaim this inode and the world can see that we
917 * are going to reclaim it.
918 *
919 * Return true if we grabbed it, false otherwise.
920 */
921 static bool
xfs_reclaim_igrab(struct xfs_inode * ip,struct xfs_icwalk * icw)922 xfs_reclaim_igrab(
923 struct xfs_inode *ip,
924 struct xfs_icwalk *icw)
925 {
926 ASSERT(rcu_read_lock_held());
927
928 spin_lock(&ip->i_flags_lock);
929 if (!__xfs_iflags_test(ip, XFS_IRECLAIMABLE) ||
930 __xfs_iflags_test(ip, XFS_IRECLAIM)) {
931 /* not a reclaim candidate. */
932 spin_unlock(&ip->i_flags_lock);
933 return false;
934 }
935
936 /* Don't reclaim a sick inode unless the caller asked for it. */
937 if (ip->i_sick &&
938 (!icw || !(icw->icw_flags & XFS_ICWALK_FLAG_RECLAIM_SICK))) {
939 spin_unlock(&ip->i_flags_lock);
940 return false;
941 }
942
943 __xfs_iflags_set(ip, XFS_IRECLAIM);
944 spin_unlock(&ip->i_flags_lock);
945 return true;
946 }
947
948 /*
949 * Inode reclaim is non-blocking, so the default action if progress cannot be
950 * made is to "requeue" the inode for reclaim by unlocking it and clearing the
951 * XFS_IRECLAIM flag. If we are in a shutdown state, we don't care about
952 * blocking anymore and hence we can wait for the inode to be able to reclaim
953 * it.
954 *
955 * We do no IO here - if callers require inodes to be cleaned they must push the
956 * AIL first to trigger writeback of dirty inodes. This enables writeback to be
957 * done in the background in a non-blocking manner, and enables memory reclaim
958 * to make progress without blocking.
959 */
960 static void
xfs_reclaim_inode(struct xfs_inode * ip,struct xfs_perag * pag)961 xfs_reclaim_inode(
962 struct xfs_inode *ip,
963 struct xfs_perag *pag)
964 {
965 xfs_ino_t ino = ip->i_ino; /* for radix_tree_delete */
966
967 if (!xfs_ilock_nowait(ip, XFS_ILOCK_EXCL))
968 goto out;
969 if (xfs_iflags_test_and_set(ip, XFS_IFLUSHING))
970 goto out_iunlock;
971
972 /*
973 * Check for log shutdown because aborting the inode can move the log
974 * tail and corrupt in memory state. This is fine if the log is shut
975 * down, but if the log is still active and only the mount is shut down
976 * then the in-memory log tail movement caused by the abort can be
977 * incorrectly propagated to disk.
978 */
979 if (xlog_is_shutdown(ip->i_mount->m_log)) {
980 xfs_iunpin_wait(ip);
981 /*
982 * Avoid a ABBA deadlock on the inode cluster buffer vs
983 * concurrent xfs_ifree_cluster() trying to mark the inode
984 * stale. We don't need the inode locked to run the flush abort
985 * code, but the flush abort needs to lock the cluster buffer.
986 */
987 xfs_iunlock(ip, XFS_ILOCK_EXCL);
988 xfs_iflush_shutdown_abort(ip);
989 xfs_ilock(ip, XFS_ILOCK_EXCL);
990 goto reclaim;
991 }
992 if (xfs_ipincount(ip))
993 goto out_clear_flush;
994 if (!xfs_inode_clean(ip))
995 goto out_clear_flush;
996
997 xfs_iflags_clear(ip, XFS_IFLUSHING);
998 reclaim:
999 trace_xfs_inode_reclaiming(ip);
1000
1001 /*
1002 * Because we use RCU freeing we need to ensure the inode always appears
1003 * to be reclaimed with an invalid inode number when in the free state.
1004 * We do this as early as possible under the ILOCK so that
1005 * xfs_iflush_cluster() and xfs_ifree_cluster() can be guaranteed to
1006 * detect races with us here. By doing this, we guarantee that once
1007 * xfs_iflush_cluster() or xfs_ifree_cluster() has locked XFS_ILOCK that
1008 * it will see either a valid inode that will serialise correctly, or it
1009 * will see an invalid inode that it can skip.
1010 */
1011 spin_lock(&ip->i_flags_lock);
1012 ip->i_flags = XFS_IRECLAIM;
1013 ip->i_ino = 0;
1014 ip->i_sick = 0;
1015 ip->i_checked = 0;
1016 spin_unlock(&ip->i_flags_lock);
1017
1018 ASSERT(!ip->i_itemp || ip->i_itemp->ili_item.li_buf == NULL);
1019 xfs_iunlock(ip, XFS_ILOCK_EXCL);
1020
1021 XFS_STATS_INC(ip->i_mount, xs_ig_reclaims);
1022 /*
1023 * Remove the inode from the per-AG radix tree.
1024 *
1025 * Because radix_tree_delete won't complain even if the item was never
1026 * added to the tree assert that it's been there before to catch
1027 * problems with the inode life time early on.
1028 */
1029 spin_lock(&pag->pag_ici_lock);
1030 if (!radix_tree_delete(&pag->pag_ici_root,
1031 XFS_INO_TO_AGINO(ip->i_mount, ino)))
1032 ASSERT(0);
1033 xfs_perag_clear_inode_tag(pag, NULLAGINO, XFS_ICI_RECLAIM_TAG);
1034 spin_unlock(&pag->pag_ici_lock);
1035
1036 /*
1037 * Here we do an (almost) spurious inode lock in order to coordinate
1038 * with inode cache radix tree lookups. This is because the lookup
1039 * can reference the inodes in the cache without taking references.
1040 *
1041 * We make that OK here by ensuring that we wait until the inode is
1042 * unlocked after the lookup before we go ahead and free it.
1043 */
1044 xfs_ilock(ip, XFS_ILOCK_EXCL);
1045 ASSERT(!ip->i_udquot && !ip->i_gdquot && !ip->i_pdquot);
1046 xfs_iunlock(ip, XFS_ILOCK_EXCL);
1047 ASSERT(xfs_inode_clean(ip));
1048
1049 __xfs_inode_free(ip);
1050 return;
1051
1052 out_clear_flush:
1053 xfs_iflags_clear(ip, XFS_IFLUSHING);
1054 out_iunlock:
1055 xfs_iunlock(ip, XFS_ILOCK_EXCL);
1056 out:
1057 xfs_iflags_clear(ip, XFS_IRECLAIM);
1058 }
1059
1060 /* Reclaim sick inodes if we're unmounting or the fs went down. */
1061 static inline bool
xfs_want_reclaim_sick(struct xfs_mount * mp)1062 xfs_want_reclaim_sick(
1063 struct xfs_mount *mp)
1064 {
1065 return xfs_is_unmounting(mp) || xfs_has_norecovery(mp) ||
1066 xfs_is_shutdown(mp);
1067 }
1068
1069 void
xfs_reclaim_inodes(struct xfs_mount * mp)1070 xfs_reclaim_inodes(
1071 struct xfs_mount *mp)
1072 {
1073 struct xfs_icwalk icw = {
1074 .icw_flags = 0,
1075 };
1076
1077 if (xfs_want_reclaim_sick(mp))
1078 icw.icw_flags |= XFS_ICWALK_FLAG_RECLAIM_SICK;
1079
1080 while (xfs_group_marked(mp, XG_TYPE_AG, XFS_PERAG_RECLAIM_MARK)) {
1081 xfs_ail_push_all_sync(mp->m_ail);
1082 xfs_icwalk(mp, XFS_ICWALK_RECLAIM, &icw);
1083 }
1084 }
1085
1086 /*
1087 * The shrinker infrastructure determines how many inodes we should scan for
1088 * reclaim. We want as many clean inodes ready to reclaim as possible, so we
1089 * push the AIL here. We also want to proactively free up memory if we can to
1090 * minimise the amount of work memory reclaim has to do so we kick the
1091 * background reclaim if it isn't already scheduled.
1092 */
1093 long
xfs_reclaim_inodes_nr(struct xfs_mount * mp,unsigned long nr_to_scan)1094 xfs_reclaim_inodes_nr(
1095 struct xfs_mount *mp,
1096 unsigned long nr_to_scan)
1097 {
1098 struct xfs_icwalk icw = {
1099 .icw_flags = XFS_ICWALK_FLAG_SCAN_LIMIT,
1100 .icw_scan_limit = min_t(unsigned long, LONG_MAX, nr_to_scan),
1101 };
1102
1103 if (xfs_want_reclaim_sick(mp))
1104 icw.icw_flags |= XFS_ICWALK_FLAG_RECLAIM_SICK;
1105
1106 /* kick background reclaimer and push the AIL */
1107 xfs_reclaim_work_queue(mp);
1108 xfs_ail_push_all(mp->m_ail);
1109
1110 xfs_icwalk(mp, XFS_ICWALK_RECLAIM, &icw);
1111 return 0;
1112 }
1113
1114 /*
1115 * Return the number of reclaimable inodes in the filesystem for
1116 * the shrinker to determine how much to reclaim.
1117 */
1118 long
xfs_reclaim_inodes_count(struct xfs_mount * mp)1119 xfs_reclaim_inodes_count(
1120 struct xfs_mount *mp)
1121 {
1122 XA_STATE (xas, &mp->m_groups[XG_TYPE_AG].xa, 0);
1123 long reclaimable = 0;
1124 struct xfs_perag *pag;
1125
1126 rcu_read_lock();
1127 xas_for_each_marked(&xas, pag, ULONG_MAX, XFS_PERAG_RECLAIM_MARK) {
1128 trace_xfs_reclaim_inodes_count(pag, _THIS_IP_);
1129 reclaimable += pag->pag_ici_reclaimable;
1130 }
1131 rcu_read_unlock();
1132
1133 return reclaimable;
1134 }
1135
1136 STATIC bool
xfs_icwalk_match_id(struct xfs_inode * ip,struct xfs_icwalk * icw)1137 xfs_icwalk_match_id(
1138 struct xfs_inode *ip,
1139 struct xfs_icwalk *icw)
1140 {
1141 if ((icw->icw_flags & XFS_ICWALK_FLAG_UID) &&
1142 !uid_eq(VFS_I(ip)->i_uid, icw->icw_uid))
1143 return false;
1144
1145 if ((icw->icw_flags & XFS_ICWALK_FLAG_GID) &&
1146 !gid_eq(VFS_I(ip)->i_gid, icw->icw_gid))
1147 return false;
1148
1149 if ((icw->icw_flags & XFS_ICWALK_FLAG_PRID) &&
1150 ip->i_projid != icw->icw_prid)
1151 return false;
1152
1153 return true;
1154 }
1155
1156 /*
1157 * A union-based inode filtering algorithm. Process the inode if any of the
1158 * criteria match. This is for global/internal scans only.
1159 */
1160 STATIC bool
xfs_icwalk_match_id_union(struct xfs_inode * ip,struct xfs_icwalk * icw)1161 xfs_icwalk_match_id_union(
1162 struct xfs_inode *ip,
1163 struct xfs_icwalk *icw)
1164 {
1165 if ((icw->icw_flags & XFS_ICWALK_FLAG_UID) &&
1166 uid_eq(VFS_I(ip)->i_uid, icw->icw_uid))
1167 return true;
1168
1169 if ((icw->icw_flags & XFS_ICWALK_FLAG_GID) &&
1170 gid_eq(VFS_I(ip)->i_gid, icw->icw_gid))
1171 return true;
1172
1173 if ((icw->icw_flags & XFS_ICWALK_FLAG_PRID) &&
1174 ip->i_projid == icw->icw_prid)
1175 return true;
1176
1177 return false;
1178 }
1179
1180 /*
1181 * Is this inode @ip eligible for eof/cow block reclamation, given some
1182 * filtering parameters @icw? The inode is eligible if @icw is null or
1183 * if the predicate functions match.
1184 */
1185 static bool
xfs_icwalk_match(struct xfs_inode * ip,struct xfs_icwalk * icw)1186 xfs_icwalk_match(
1187 struct xfs_inode *ip,
1188 struct xfs_icwalk *icw)
1189 {
1190 bool match;
1191
1192 if (!icw)
1193 return true;
1194
1195 if (icw->icw_flags & XFS_ICWALK_FLAG_UNION)
1196 match = xfs_icwalk_match_id_union(ip, icw);
1197 else
1198 match = xfs_icwalk_match_id(ip, icw);
1199 if (!match)
1200 return false;
1201
1202 /* skip the inode if the file size is too small */
1203 if ((icw->icw_flags & XFS_ICWALK_FLAG_MINFILESIZE) &&
1204 XFS_ISIZE(ip) < icw->icw_min_file_size)
1205 return false;
1206
1207 return true;
1208 }
1209
1210 /*
1211 * This is a fast pass over the inode cache to try to get reclaim moving on as
1212 * many inodes as possible in a short period of time. It kicks itself every few
1213 * seconds, as well as being kicked by the inode cache shrinker when memory
1214 * goes low.
1215 */
1216 void
xfs_reclaim_worker(struct work_struct * work)1217 xfs_reclaim_worker(
1218 struct work_struct *work)
1219 {
1220 struct xfs_mount *mp = container_of(to_delayed_work(work),
1221 struct xfs_mount, m_reclaim_work);
1222
1223 xfs_icwalk(mp, XFS_ICWALK_RECLAIM, NULL);
1224 xfs_reclaim_work_queue(mp);
1225 }
1226
1227 STATIC int
xfs_inode_free_eofblocks(struct xfs_inode * ip,struct xfs_icwalk * icw,unsigned int * lockflags)1228 xfs_inode_free_eofblocks(
1229 struct xfs_inode *ip,
1230 struct xfs_icwalk *icw,
1231 unsigned int *lockflags)
1232 {
1233 bool wait;
1234
1235 wait = icw && (icw->icw_flags & XFS_ICWALK_FLAG_SYNC);
1236
1237 if (!xfs_iflags_test(ip, XFS_IEOFBLOCKS))
1238 return 0;
1239
1240 /*
1241 * If the mapping is dirty the operation can block and wait for some
1242 * time. Unless we are waiting, skip it.
1243 */
1244 if (!wait && mapping_tagged(VFS_I(ip)->i_mapping, PAGECACHE_TAG_DIRTY))
1245 return 0;
1246
1247 if (!xfs_icwalk_match(ip, icw))
1248 return 0;
1249
1250 /*
1251 * If the caller is waiting, return -EAGAIN to keep the background
1252 * scanner moving and revisit the inode in a subsequent pass.
1253 */
1254 if (!xfs_ilock_nowait(ip, XFS_IOLOCK_EXCL)) {
1255 if (wait)
1256 return -EAGAIN;
1257 return 0;
1258 }
1259 *lockflags |= XFS_IOLOCK_EXCL;
1260
1261 if (xfs_can_free_eofblocks(ip))
1262 return xfs_free_eofblocks(ip);
1263
1264 /* inode could be preallocated */
1265 trace_xfs_inode_free_eofblocks_invalid(ip);
1266 xfs_inode_clear_eofblocks_tag(ip);
1267 return 0;
1268 }
1269
1270 static void
xfs_blockgc_set_iflag(struct xfs_inode * ip,unsigned long iflag)1271 xfs_blockgc_set_iflag(
1272 struct xfs_inode *ip,
1273 unsigned long iflag)
1274 {
1275 struct xfs_mount *mp = ip->i_mount;
1276 struct xfs_perag *pag;
1277
1278 ASSERT((iflag & ~(XFS_IEOFBLOCKS | XFS_ICOWBLOCKS)) == 0);
1279
1280 /*
1281 * Don't bother locking the AG and looking up in the radix trees
1282 * if we already know that we have the tag set.
1283 */
1284 if (ip->i_flags & iflag)
1285 return;
1286 spin_lock(&ip->i_flags_lock);
1287 ip->i_flags |= iflag;
1288 spin_unlock(&ip->i_flags_lock);
1289
1290 pag = xfs_perag_get(mp, XFS_INO_TO_AGNO(mp, ip->i_ino));
1291 spin_lock(&pag->pag_ici_lock);
1292
1293 xfs_perag_set_inode_tag(pag, XFS_INO_TO_AGINO(mp, ip->i_ino),
1294 XFS_ICI_BLOCKGC_TAG);
1295
1296 spin_unlock(&pag->pag_ici_lock);
1297 xfs_perag_put(pag);
1298 }
1299
1300 void
xfs_inode_set_eofblocks_tag(xfs_inode_t * ip)1301 xfs_inode_set_eofblocks_tag(
1302 xfs_inode_t *ip)
1303 {
1304 trace_xfs_inode_set_eofblocks_tag(ip);
1305 return xfs_blockgc_set_iflag(ip, XFS_IEOFBLOCKS);
1306 }
1307
1308 static void
xfs_blockgc_clear_iflag(struct xfs_inode * ip,unsigned long iflag)1309 xfs_blockgc_clear_iflag(
1310 struct xfs_inode *ip,
1311 unsigned long iflag)
1312 {
1313 struct xfs_mount *mp = ip->i_mount;
1314 struct xfs_perag *pag;
1315 bool clear_tag;
1316
1317 ASSERT((iflag & ~(XFS_IEOFBLOCKS | XFS_ICOWBLOCKS)) == 0);
1318
1319 spin_lock(&ip->i_flags_lock);
1320 ip->i_flags &= ~iflag;
1321 clear_tag = (ip->i_flags & (XFS_IEOFBLOCKS | XFS_ICOWBLOCKS)) == 0;
1322 spin_unlock(&ip->i_flags_lock);
1323
1324 if (!clear_tag)
1325 return;
1326
1327 pag = xfs_perag_get(mp, XFS_INO_TO_AGNO(mp, ip->i_ino));
1328 spin_lock(&pag->pag_ici_lock);
1329
1330 xfs_perag_clear_inode_tag(pag, XFS_INO_TO_AGINO(mp, ip->i_ino),
1331 XFS_ICI_BLOCKGC_TAG);
1332
1333 spin_unlock(&pag->pag_ici_lock);
1334 xfs_perag_put(pag);
1335 }
1336
1337 void
xfs_inode_clear_eofblocks_tag(xfs_inode_t * ip)1338 xfs_inode_clear_eofblocks_tag(
1339 xfs_inode_t *ip)
1340 {
1341 trace_xfs_inode_clear_eofblocks_tag(ip);
1342 return xfs_blockgc_clear_iflag(ip, XFS_IEOFBLOCKS);
1343 }
1344
1345 /*
1346 * Prepare to free COW fork blocks from an inode.
1347 */
1348 static bool
xfs_prep_free_cowblocks(struct xfs_inode * ip,struct xfs_icwalk * icw)1349 xfs_prep_free_cowblocks(
1350 struct xfs_inode *ip,
1351 struct xfs_icwalk *icw)
1352 {
1353 bool sync;
1354
1355 sync = icw && (icw->icw_flags & XFS_ICWALK_FLAG_SYNC);
1356
1357 /*
1358 * Just clear the tag if we have an empty cow fork or none at all. It's
1359 * possible the inode was fully unshared since it was originally tagged.
1360 */
1361 if (!xfs_inode_has_cow_data(ip)) {
1362 trace_xfs_inode_free_cowblocks_invalid(ip);
1363 xfs_inode_clear_cowblocks_tag(ip);
1364 return false;
1365 }
1366
1367 /*
1368 * A cowblocks trim of an inode can have a significant effect on
1369 * fragmentation even when a reasonable COW extent size hint is set.
1370 * Therefore, we prefer to not process cowblocks unless they are clean
1371 * and idle. We can never process a cowblocks inode that is dirty or has
1372 * in-flight I/O under any circumstances, because outstanding writeback
1373 * or dio expects targeted COW fork blocks exist through write
1374 * completion where they can be remapped into the data fork.
1375 *
1376 * Therefore, the heuristic used here is to never process inodes
1377 * currently opened for write from background (i.e. non-sync) scans. For
1378 * sync scans, use the pagecache/dio state of the inode to ensure we
1379 * never free COW fork blocks out from under pending I/O.
1380 */
1381 if (!sync && inode_is_open_for_write(VFS_I(ip)))
1382 return false;
1383 return xfs_can_free_cowblocks(ip);
1384 }
1385
1386 /*
1387 * Automatic CoW Reservation Freeing
1388 *
1389 * These functions automatically garbage collect leftover CoW reservations
1390 * that were made on behalf of a cowextsize hint when we start to run out
1391 * of quota or when the reservations sit around for too long. If the file
1392 * has dirty pages or is undergoing writeback, its CoW reservations will
1393 * be retained.
1394 *
1395 * The actual garbage collection piggybacks off the same code that runs
1396 * the speculative EOF preallocation garbage collector.
1397 */
1398 STATIC int
xfs_inode_free_cowblocks(struct xfs_inode * ip,struct xfs_icwalk * icw,unsigned int * lockflags)1399 xfs_inode_free_cowblocks(
1400 struct xfs_inode *ip,
1401 struct xfs_icwalk *icw,
1402 unsigned int *lockflags)
1403 {
1404 bool wait;
1405 int ret = 0;
1406
1407 wait = icw && (icw->icw_flags & XFS_ICWALK_FLAG_SYNC);
1408
1409 if (!xfs_iflags_test(ip, XFS_ICOWBLOCKS))
1410 return 0;
1411
1412 if (!xfs_prep_free_cowblocks(ip, icw))
1413 return 0;
1414
1415 if (!xfs_icwalk_match(ip, icw))
1416 return 0;
1417
1418 /*
1419 * If the caller is waiting, return -EAGAIN to keep the background
1420 * scanner moving and revisit the inode in a subsequent pass.
1421 */
1422 if (!(*lockflags & XFS_IOLOCK_EXCL) &&
1423 !xfs_ilock_nowait(ip, XFS_IOLOCK_EXCL)) {
1424 if (wait)
1425 return -EAGAIN;
1426 return 0;
1427 }
1428 *lockflags |= XFS_IOLOCK_EXCL;
1429
1430 if (!xfs_ilock_nowait(ip, XFS_MMAPLOCK_EXCL)) {
1431 if (wait)
1432 return -EAGAIN;
1433 return 0;
1434 }
1435 *lockflags |= XFS_MMAPLOCK_EXCL;
1436
1437 /*
1438 * Check again, nobody else should be able to dirty blocks or change
1439 * the reflink iflag now that we have the first two locks held.
1440 */
1441 if (xfs_prep_free_cowblocks(ip, icw))
1442 ret = xfs_reflink_cancel_cow_range(ip, 0, NULLFILEOFF, false);
1443 return ret;
1444 }
1445
1446 void
xfs_inode_set_cowblocks_tag(xfs_inode_t * ip)1447 xfs_inode_set_cowblocks_tag(
1448 xfs_inode_t *ip)
1449 {
1450 trace_xfs_inode_set_cowblocks_tag(ip);
1451 return xfs_blockgc_set_iflag(ip, XFS_ICOWBLOCKS);
1452 }
1453
1454 void
xfs_inode_clear_cowblocks_tag(xfs_inode_t * ip)1455 xfs_inode_clear_cowblocks_tag(
1456 xfs_inode_t *ip)
1457 {
1458 trace_xfs_inode_clear_cowblocks_tag(ip);
1459 return xfs_blockgc_clear_iflag(ip, XFS_ICOWBLOCKS);
1460 }
1461
1462 /* Disable post-EOF and CoW block auto-reclamation. */
1463 void
xfs_blockgc_stop(struct xfs_mount * mp)1464 xfs_blockgc_stop(
1465 struct xfs_mount *mp)
1466 {
1467 struct xfs_perag *pag = NULL;
1468
1469 if (!xfs_clear_blockgc_enabled(mp))
1470 return;
1471
1472 while ((pag = xfs_perag_next(mp, pag)))
1473 cancel_delayed_work_sync(&pag->pag_blockgc_work);
1474 trace_xfs_blockgc_stop(mp, __return_address);
1475 }
1476
1477 /* Enable post-EOF and CoW block auto-reclamation. */
1478 void
xfs_blockgc_start(struct xfs_mount * mp)1479 xfs_blockgc_start(
1480 struct xfs_mount *mp)
1481 {
1482 struct xfs_perag *pag = NULL;
1483
1484 if (xfs_set_blockgc_enabled(mp))
1485 return;
1486
1487 trace_xfs_blockgc_start(mp, __return_address);
1488 while ((pag = xfs_perag_grab_next_tag(mp, pag, XFS_ICI_BLOCKGC_TAG)))
1489 xfs_blockgc_queue(pag);
1490 }
1491
1492 /* Don't try to run block gc on an inode that's in any of these states. */
1493 #define XFS_BLOCKGC_NOGRAB_IFLAGS (XFS_INEW | \
1494 XFS_NEED_INACTIVE | \
1495 XFS_INACTIVATING | \
1496 XFS_IRECLAIMABLE | \
1497 XFS_IRECLAIM)
1498 /*
1499 * Decide if the given @ip is eligible for garbage collection of speculative
1500 * preallocations, and grab it if so. Returns true if it's ready to go or
1501 * false if we should just ignore it.
1502 */
1503 static bool
xfs_blockgc_igrab(struct xfs_inode * ip)1504 xfs_blockgc_igrab(
1505 struct xfs_inode *ip)
1506 {
1507 struct inode *inode = VFS_I(ip);
1508
1509 ASSERT(rcu_read_lock_held());
1510
1511 /* Check for stale RCU freed inode */
1512 spin_lock(&ip->i_flags_lock);
1513 if (!ip->i_ino)
1514 goto out_unlock_noent;
1515
1516 if (ip->i_flags & XFS_BLOCKGC_NOGRAB_IFLAGS)
1517 goto out_unlock_noent;
1518 spin_unlock(&ip->i_flags_lock);
1519
1520 /* nothing to sync during shutdown */
1521 if (xfs_is_shutdown(ip->i_mount))
1522 return false;
1523
1524 /* If we can't grab the inode, it must on it's way to reclaim. */
1525 if (!igrab(inode))
1526 return false;
1527
1528 /* inode is valid */
1529 return true;
1530
1531 out_unlock_noent:
1532 spin_unlock(&ip->i_flags_lock);
1533 return false;
1534 }
1535
1536 /* Scan one incore inode for block preallocations that we can remove. */
1537 static int
xfs_blockgc_scan_inode(struct xfs_inode * ip,struct xfs_icwalk * icw)1538 xfs_blockgc_scan_inode(
1539 struct xfs_inode *ip,
1540 struct xfs_icwalk *icw)
1541 {
1542 unsigned int lockflags = 0;
1543 int error;
1544
1545 error = xfs_inode_free_eofblocks(ip, icw, &lockflags);
1546 if (error)
1547 goto unlock;
1548
1549 error = xfs_inode_free_cowblocks(ip, icw, &lockflags);
1550 unlock:
1551 if (lockflags)
1552 xfs_iunlock(ip, lockflags);
1553 xfs_irele(ip);
1554 return error;
1555 }
1556
1557 /* Background worker that trims preallocated space. */
1558 void
xfs_blockgc_worker(struct work_struct * work)1559 xfs_blockgc_worker(
1560 struct work_struct *work)
1561 {
1562 struct xfs_perag *pag = container_of(to_delayed_work(work),
1563 struct xfs_perag, pag_blockgc_work);
1564 struct xfs_mount *mp = pag_mount(pag);
1565 int error;
1566
1567 trace_xfs_blockgc_worker(mp, __return_address);
1568
1569 error = xfs_icwalk_ag(pag, XFS_ICWALK_BLOCKGC, NULL);
1570 if (error)
1571 xfs_info(mp, "AG %u preallocation gc worker failed, err=%d",
1572 pag_agno(pag), error);
1573 xfs_blockgc_queue(pag);
1574 }
1575
1576 /*
1577 * Try to free space in the filesystem by purging inactive inodes, eofblocks
1578 * and cowblocks.
1579 */
1580 int
xfs_blockgc_free_space(struct xfs_mount * mp,struct xfs_icwalk * icw)1581 xfs_blockgc_free_space(
1582 struct xfs_mount *mp,
1583 struct xfs_icwalk *icw)
1584 {
1585 int error;
1586
1587 trace_xfs_blockgc_free_space(mp, icw, _RET_IP_);
1588
1589 error = xfs_icwalk(mp, XFS_ICWALK_BLOCKGC, icw);
1590 if (error)
1591 return error;
1592
1593 return xfs_inodegc_flush(mp);
1594 }
1595
1596 /*
1597 * Reclaim all the free space that we can by scheduling the background blockgc
1598 * and inodegc workers immediately and waiting for them all to clear.
1599 */
1600 int
xfs_blockgc_flush_all(struct xfs_mount * mp)1601 xfs_blockgc_flush_all(
1602 struct xfs_mount *mp)
1603 {
1604 struct xfs_perag *pag = NULL;
1605
1606 trace_xfs_blockgc_flush_all(mp, __return_address);
1607
1608 /*
1609 * For each blockgc worker, move its queue time up to now. If it wasn't
1610 * queued, it will not be requeued. Then flush whatever is left.
1611 */
1612 while ((pag = xfs_perag_grab_next_tag(mp, pag, XFS_ICI_BLOCKGC_TAG)))
1613 mod_delayed_work(mp->m_blockgc_wq, &pag->pag_blockgc_work, 0);
1614
1615 while ((pag = xfs_perag_grab_next_tag(mp, pag, XFS_ICI_BLOCKGC_TAG)))
1616 flush_delayed_work(&pag->pag_blockgc_work);
1617
1618 return xfs_inodegc_flush(mp);
1619 }
1620
1621 /*
1622 * Run cow/eofblocks scans on the supplied dquots. We don't know exactly which
1623 * quota caused an allocation failure, so we make a best effort by including
1624 * each quota under low free space conditions (less than 1% free space) in the
1625 * scan.
1626 *
1627 * Callers must not hold any inode's ILOCK. If requesting a synchronous scan
1628 * (XFS_ICWALK_FLAG_SYNC), the caller also must not hold any inode's IOLOCK or
1629 * MMAPLOCK.
1630 */
1631 int
xfs_blockgc_free_dquots(struct xfs_mount * mp,struct xfs_dquot * udqp,struct xfs_dquot * gdqp,struct xfs_dquot * pdqp,unsigned int iwalk_flags)1632 xfs_blockgc_free_dquots(
1633 struct xfs_mount *mp,
1634 struct xfs_dquot *udqp,
1635 struct xfs_dquot *gdqp,
1636 struct xfs_dquot *pdqp,
1637 unsigned int iwalk_flags)
1638 {
1639 struct xfs_icwalk icw = {0};
1640 bool do_work = false;
1641
1642 if (!udqp && !gdqp && !pdqp)
1643 return 0;
1644
1645 /*
1646 * Run a scan to free blocks using the union filter to cover all
1647 * applicable quotas in a single scan.
1648 */
1649 icw.icw_flags = XFS_ICWALK_FLAG_UNION | iwalk_flags;
1650
1651 if (XFS_IS_UQUOTA_ENFORCED(mp) && udqp && xfs_dquot_lowsp(udqp)) {
1652 icw.icw_uid = make_kuid(mp->m_super->s_user_ns, udqp->q_id);
1653 icw.icw_flags |= XFS_ICWALK_FLAG_UID;
1654 do_work = true;
1655 }
1656
1657 if (XFS_IS_UQUOTA_ENFORCED(mp) && gdqp && xfs_dquot_lowsp(gdqp)) {
1658 icw.icw_gid = make_kgid(mp->m_super->s_user_ns, gdqp->q_id);
1659 icw.icw_flags |= XFS_ICWALK_FLAG_GID;
1660 do_work = true;
1661 }
1662
1663 if (XFS_IS_PQUOTA_ENFORCED(mp) && pdqp && xfs_dquot_lowsp(pdqp)) {
1664 icw.icw_prid = pdqp->q_id;
1665 icw.icw_flags |= XFS_ICWALK_FLAG_PRID;
1666 do_work = true;
1667 }
1668
1669 if (!do_work)
1670 return 0;
1671
1672 return xfs_blockgc_free_space(mp, &icw);
1673 }
1674
1675 /* Run cow/eofblocks scans on the quotas attached to the inode. */
1676 int
xfs_blockgc_free_quota(struct xfs_inode * ip,unsigned int iwalk_flags)1677 xfs_blockgc_free_quota(
1678 struct xfs_inode *ip,
1679 unsigned int iwalk_flags)
1680 {
1681 return xfs_blockgc_free_dquots(ip->i_mount,
1682 xfs_inode_dquot(ip, XFS_DQTYPE_USER),
1683 xfs_inode_dquot(ip, XFS_DQTYPE_GROUP),
1684 xfs_inode_dquot(ip, XFS_DQTYPE_PROJ), iwalk_flags);
1685 }
1686
1687 /* XFS Inode Cache Walking Code */
1688
1689 /*
1690 * The inode lookup is done in batches to keep the amount of lock traffic and
1691 * radix tree lookups to a minimum. The batch size is a trade off between
1692 * lookup reduction and stack usage. This is in the reclaim path, so we can't
1693 * be too greedy.
1694 */
1695 #define XFS_LOOKUP_BATCH 32
1696
1697
1698 /*
1699 * Decide if we want to grab this inode in anticipation of doing work towards
1700 * the goal.
1701 */
1702 static inline bool
xfs_icwalk_igrab(enum xfs_icwalk_goal goal,struct xfs_inode * ip,struct xfs_icwalk * icw)1703 xfs_icwalk_igrab(
1704 enum xfs_icwalk_goal goal,
1705 struct xfs_inode *ip,
1706 struct xfs_icwalk *icw)
1707 {
1708 switch (goal) {
1709 case XFS_ICWALK_BLOCKGC:
1710 return xfs_blockgc_igrab(ip);
1711 case XFS_ICWALK_RECLAIM:
1712 return xfs_reclaim_igrab(ip, icw);
1713 default:
1714 return false;
1715 }
1716 }
1717
1718 /*
1719 * Process an inode. Each processing function must handle any state changes
1720 * made by the icwalk igrab function. Return -EAGAIN to skip an inode.
1721 */
1722 static inline int
xfs_icwalk_process_inode(enum xfs_icwalk_goal goal,struct xfs_inode * ip,struct xfs_perag * pag,struct xfs_icwalk * icw)1723 xfs_icwalk_process_inode(
1724 enum xfs_icwalk_goal goal,
1725 struct xfs_inode *ip,
1726 struct xfs_perag *pag,
1727 struct xfs_icwalk *icw)
1728 {
1729 int error = 0;
1730
1731 switch (goal) {
1732 case XFS_ICWALK_BLOCKGC:
1733 error = xfs_blockgc_scan_inode(ip, icw);
1734 break;
1735 case XFS_ICWALK_RECLAIM:
1736 xfs_reclaim_inode(ip, pag);
1737 break;
1738 }
1739 return error;
1740 }
1741
1742 /*
1743 * For a given per-AG structure @pag and a goal, grab qualifying inodes and
1744 * process them in some manner.
1745 */
1746 static int
xfs_icwalk_ag(struct xfs_perag * pag,enum xfs_icwalk_goal goal,struct xfs_icwalk * icw)1747 xfs_icwalk_ag(
1748 struct xfs_perag *pag,
1749 enum xfs_icwalk_goal goal,
1750 struct xfs_icwalk *icw)
1751 {
1752 struct xfs_mount *mp = pag_mount(pag);
1753 uint32_t first_index;
1754 int last_error = 0;
1755 int skipped;
1756 bool done;
1757 int nr_found;
1758
1759 restart:
1760 done = false;
1761 skipped = 0;
1762 if (goal == XFS_ICWALK_RECLAIM)
1763 first_index = READ_ONCE(pag->pag_ici_reclaim_cursor);
1764 else
1765 first_index = 0;
1766 nr_found = 0;
1767 do {
1768 struct xfs_inode *batch[XFS_LOOKUP_BATCH];
1769 int error = 0;
1770 int i;
1771
1772 rcu_read_lock();
1773
1774 nr_found = radix_tree_gang_lookup_tag(&pag->pag_ici_root,
1775 (void **) batch, first_index,
1776 XFS_LOOKUP_BATCH, goal);
1777 if (!nr_found) {
1778 done = true;
1779 rcu_read_unlock();
1780 break;
1781 }
1782
1783 /*
1784 * Grab the inodes before we drop the lock. if we found
1785 * nothing, nr == 0 and the loop will be skipped.
1786 */
1787 for (i = 0; i < nr_found; i++) {
1788 struct xfs_inode *ip = batch[i];
1789
1790 if (done || !xfs_icwalk_igrab(goal, ip, icw))
1791 batch[i] = NULL;
1792
1793 /*
1794 * Update the index for the next lookup. Catch
1795 * overflows into the next AG range which can occur if
1796 * we have inodes in the last block of the AG and we
1797 * are currently pointing to the last inode.
1798 *
1799 * Because we may see inodes that are from the wrong AG
1800 * due to RCU freeing and reallocation, only update the
1801 * index if it lies in this AG. It was a race that lead
1802 * us to see this inode, so another lookup from the
1803 * same index will not find it again.
1804 */
1805 if (XFS_INO_TO_AGNO(mp, ip->i_ino) != pag_agno(pag))
1806 continue;
1807 first_index = XFS_INO_TO_AGINO(mp, ip->i_ino + 1);
1808 if (first_index < XFS_INO_TO_AGINO(mp, ip->i_ino))
1809 done = true;
1810 }
1811
1812 /* unlock now we've grabbed the inodes. */
1813 rcu_read_unlock();
1814
1815 for (i = 0; i < nr_found; i++) {
1816 if (!batch[i])
1817 continue;
1818 error = xfs_icwalk_process_inode(goal, batch[i], pag,
1819 icw);
1820 if (error == -EAGAIN) {
1821 skipped++;
1822 continue;
1823 }
1824 if (error && last_error != -EFSCORRUPTED)
1825 last_error = error;
1826 }
1827
1828 /* bail out if the filesystem is corrupted. */
1829 if (error == -EFSCORRUPTED)
1830 break;
1831
1832 cond_resched();
1833
1834 if (icw && (icw->icw_flags & XFS_ICWALK_FLAG_SCAN_LIMIT)) {
1835 icw->icw_scan_limit -= XFS_LOOKUP_BATCH;
1836 if (icw->icw_scan_limit <= 0)
1837 break;
1838 }
1839 } while (nr_found && !done);
1840
1841 if (goal == XFS_ICWALK_RECLAIM) {
1842 if (done)
1843 first_index = 0;
1844 WRITE_ONCE(pag->pag_ici_reclaim_cursor, first_index);
1845 }
1846
1847 if (skipped) {
1848 delay(1);
1849 goto restart;
1850 }
1851 return last_error;
1852 }
1853
1854 /* Walk all incore inodes to achieve a given goal. */
1855 static int
xfs_icwalk(struct xfs_mount * mp,enum xfs_icwalk_goal goal,struct xfs_icwalk * icw)1856 xfs_icwalk(
1857 struct xfs_mount *mp,
1858 enum xfs_icwalk_goal goal,
1859 struct xfs_icwalk *icw)
1860 {
1861 struct xfs_perag *pag = NULL;
1862 int error = 0;
1863 int last_error = 0;
1864
1865 while ((pag = xfs_perag_grab_next_tag(mp, pag, goal))) {
1866 error = xfs_icwalk_ag(pag, goal, icw);
1867 if (error) {
1868 last_error = error;
1869 if (error == -EFSCORRUPTED) {
1870 xfs_perag_rele(pag);
1871 break;
1872 }
1873 }
1874 }
1875 return last_error;
1876 BUILD_BUG_ON(XFS_ICWALK_PRIVATE_FLAGS & XFS_ICWALK_FLAGS_VALID);
1877 }
1878
1879 #ifdef DEBUG
1880 static void
xfs_check_delalloc(struct xfs_inode * ip,int whichfork)1881 xfs_check_delalloc(
1882 struct xfs_inode *ip,
1883 int whichfork)
1884 {
1885 struct xfs_ifork *ifp = xfs_ifork_ptr(ip, whichfork);
1886 struct xfs_bmbt_irec got;
1887 struct xfs_iext_cursor icur;
1888
1889 if (!ifp || !xfs_iext_lookup_extent(ip, ifp, 0, &icur, &got))
1890 return;
1891 do {
1892 if (isnullstartblock(got.br_startblock)) {
1893 xfs_warn(ip->i_mount,
1894 "ino %llx %s fork has delalloc extent at [0x%llx:0x%llx]",
1895 ip->i_ino,
1896 whichfork == XFS_DATA_FORK ? "data" : "cow",
1897 got.br_startoff, got.br_blockcount);
1898 }
1899 } while (xfs_iext_next_extent(ifp, &icur, &got));
1900 }
1901 #else
1902 #define xfs_check_delalloc(ip, whichfork) do { } while (0)
1903 #endif
1904
1905 /* Schedule the inode for reclaim. */
1906 static void
xfs_inodegc_set_reclaimable(struct xfs_inode * ip)1907 xfs_inodegc_set_reclaimable(
1908 struct xfs_inode *ip)
1909 {
1910 struct xfs_mount *mp = ip->i_mount;
1911 struct xfs_perag *pag;
1912
1913 if (!xfs_is_shutdown(mp) && ip->i_delayed_blks) {
1914 xfs_check_delalloc(ip, XFS_DATA_FORK);
1915 xfs_check_delalloc(ip, XFS_COW_FORK);
1916 ASSERT(0);
1917 }
1918
1919 pag = xfs_perag_get(mp, XFS_INO_TO_AGNO(mp, ip->i_ino));
1920 spin_lock(&pag->pag_ici_lock);
1921 spin_lock(&ip->i_flags_lock);
1922
1923 trace_xfs_inode_set_reclaimable(ip);
1924 ip->i_flags &= ~(XFS_NEED_INACTIVE | XFS_INACTIVATING);
1925 ip->i_flags |= XFS_IRECLAIMABLE;
1926 xfs_perag_set_inode_tag(pag, XFS_INO_TO_AGINO(mp, ip->i_ino),
1927 XFS_ICI_RECLAIM_TAG);
1928
1929 spin_unlock(&ip->i_flags_lock);
1930 spin_unlock(&pag->pag_ici_lock);
1931 xfs_perag_put(pag);
1932 }
1933
1934 /*
1935 * Free all speculative preallocations and possibly even the inode itself.
1936 * This is the last chance to make changes to an otherwise unreferenced file
1937 * before incore reclamation happens.
1938 */
1939 static int
xfs_inodegc_inactivate(struct xfs_inode * ip)1940 xfs_inodegc_inactivate(
1941 struct xfs_inode *ip)
1942 {
1943 int error;
1944
1945 trace_xfs_inode_inactivating(ip);
1946 error = xfs_inactive(ip);
1947 xfs_inodegc_set_reclaimable(ip);
1948 return error;
1949
1950 }
1951
1952 void
xfs_inodegc_worker(struct work_struct * work)1953 xfs_inodegc_worker(
1954 struct work_struct *work)
1955 {
1956 struct xfs_inodegc *gc = container_of(to_delayed_work(work),
1957 struct xfs_inodegc, work);
1958 struct llist_node *node = llist_del_all(&gc->list);
1959 struct xfs_inode *ip, *n;
1960 struct xfs_mount *mp = gc->mp;
1961 unsigned int nofs_flag;
1962
1963 /*
1964 * Clear the cpu mask bit and ensure that we have seen the latest
1965 * update of the gc structure associated with this CPU. This matches
1966 * with the release semantics used when setting the cpumask bit in
1967 * xfs_inodegc_queue.
1968 */
1969 cpumask_clear_cpu(gc->cpu, &mp->m_inodegc_cpumask);
1970 smp_mb__after_atomic();
1971
1972 WRITE_ONCE(gc->items, 0);
1973
1974 if (!node)
1975 return;
1976
1977 /*
1978 * We can allocate memory here while doing writeback on behalf of
1979 * memory reclaim. To avoid memory allocation deadlocks set the
1980 * task-wide nofs context for the following operations.
1981 */
1982 nofs_flag = memalloc_nofs_save();
1983
1984 ip = llist_entry(node, struct xfs_inode, i_gclist);
1985 trace_xfs_inodegc_worker(mp, READ_ONCE(gc->shrinker_hits));
1986
1987 WRITE_ONCE(gc->shrinker_hits, 0);
1988 llist_for_each_entry_safe(ip, n, node, i_gclist) {
1989 int error;
1990
1991 xfs_iflags_set(ip, XFS_INACTIVATING);
1992 error = xfs_inodegc_inactivate(ip);
1993 if (error && !gc->error)
1994 gc->error = error;
1995 }
1996
1997 memalloc_nofs_restore(nofs_flag);
1998 }
1999
2000 /*
2001 * Expedite all pending inodegc work to run immediately. This does not wait for
2002 * completion of the work.
2003 */
2004 void
xfs_inodegc_push(struct xfs_mount * mp)2005 xfs_inodegc_push(
2006 struct xfs_mount *mp)
2007 {
2008 if (!xfs_is_inodegc_enabled(mp))
2009 return;
2010 trace_xfs_inodegc_push(mp, __return_address);
2011 xfs_inodegc_queue_all(mp);
2012 }
2013
2014 /*
2015 * Force all currently queued inode inactivation work to run immediately and
2016 * wait for the work to finish.
2017 */
2018 int
xfs_inodegc_flush(struct xfs_mount * mp)2019 xfs_inodegc_flush(
2020 struct xfs_mount *mp)
2021 {
2022 xfs_inodegc_push(mp);
2023 trace_xfs_inodegc_flush(mp, __return_address);
2024 return xfs_inodegc_wait_all(mp);
2025 }
2026
2027 /*
2028 * Flush all the pending work and then disable the inode inactivation background
2029 * workers and wait for them to stop. Caller must hold sb->s_umount to
2030 * coordinate changes in the inodegc_enabled state.
2031 */
2032 void
xfs_inodegc_stop(struct xfs_mount * mp)2033 xfs_inodegc_stop(
2034 struct xfs_mount *mp)
2035 {
2036 bool rerun;
2037
2038 if (!xfs_clear_inodegc_enabled(mp))
2039 return;
2040
2041 /*
2042 * Drain all pending inodegc work, including inodes that could be
2043 * queued by racing xfs_inodegc_queue or xfs_inodegc_shrinker_scan
2044 * threads that sample the inodegc state just prior to us clearing it.
2045 * The inodegc flag state prevents new threads from queuing more
2046 * inodes, so we queue pending work items and flush the workqueue until
2047 * all inodegc lists are empty. IOWs, we cannot use drain_workqueue
2048 * here because it does not allow other unserialized mechanisms to
2049 * reschedule inodegc work while this draining is in progress.
2050 */
2051 xfs_inodegc_queue_all(mp);
2052 do {
2053 flush_workqueue(mp->m_inodegc_wq);
2054 rerun = xfs_inodegc_queue_all(mp);
2055 } while (rerun);
2056
2057 trace_xfs_inodegc_stop(mp, __return_address);
2058 }
2059
2060 /*
2061 * Enable the inode inactivation background workers and schedule deferred inode
2062 * inactivation work if there is any. Caller must hold sb->s_umount to
2063 * coordinate changes in the inodegc_enabled state.
2064 */
2065 void
xfs_inodegc_start(struct xfs_mount * mp)2066 xfs_inodegc_start(
2067 struct xfs_mount *mp)
2068 {
2069 if (xfs_set_inodegc_enabled(mp))
2070 return;
2071
2072 trace_xfs_inodegc_start(mp, __return_address);
2073 xfs_inodegc_queue_all(mp);
2074 }
2075
2076 #ifdef CONFIG_XFS_RT
2077 static inline bool
xfs_inodegc_want_queue_rt_file(struct xfs_inode * ip)2078 xfs_inodegc_want_queue_rt_file(
2079 struct xfs_inode *ip)
2080 {
2081 struct xfs_mount *mp = ip->i_mount;
2082
2083 if (!XFS_IS_REALTIME_INODE(ip) || xfs_has_zoned(mp))
2084 return false;
2085
2086 if (xfs_compare_freecounter(mp, XC_FREE_RTEXTENTS,
2087 mp->m_low_rtexts[XFS_LOWSP_5_PCNT],
2088 XFS_FDBLOCKS_BATCH) < 0)
2089 return true;
2090
2091 return false;
2092 }
2093 #else
2094 # define xfs_inodegc_want_queue_rt_file(ip) (false)
2095 #endif /* CONFIG_XFS_RT */
2096
2097 /*
2098 * Schedule the inactivation worker when:
2099 *
2100 * - We've accumulated more than one inode cluster buffer's worth of inodes.
2101 * - There is less than 5% free space left.
2102 * - Any of the quotas for this inode are near an enforcement limit.
2103 */
2104 static inline bool
xfs_inodegc_want_queue_work(struct xfs_inode * ip,unsigned int items)2105 xfs_inodegc_want_queue_work(
2106 struct xfs_inode *ip,
2107 unsigned int items)
2108 {
2109 struct xfs_mount *mp = ip->i_mount;
2110
2111 if (items > mp->m_ino_geo.inodes_per_cluster)
2112 return true;
2113
2114 if (xfs_compare_freecounter(mp, XC_FREE_BLOCKS,
2115 mp->m_low_space[XFS_LOWSP_5_PCNT],
2116 XFS_FDBLOCKS_BATCH) < 0)
2117 return true;
2118
2119 if (xfs_inodegc_want_queue_rt_file(ip))
2120 return true;
2121
2122 if (xfs_inode_near_dquot_enforcement(ip, XFS_DQTYPE_USER))
2123 return true;
2124
2125 if (xfs_inode_near_dquot_enforcement(ip, XFS_DQTYPE_GROUP))
2126 return true;
2127
2128 if (xfs_inode_near_dquot_enforcement(ip, XFS_DQTYPE_PROJ))
2129 return true;
2130
2131 return false;
2132 }
2133
2134 /*
2135 * Upper bound on the number of inodes in each AG that can be queued for
2136 * inactivation at any given time, to avoid monopolizing the workqueue.
2137 */
2138 #define XFS_INODEGC_MAX_BACKLOG (4 * XFS_INODES_PER_CHUNK)
2139
2140 /*
2141 * Make the frontend wait for inactivations when:
2142 *
2143 * - Memory shrinkers queued the inactivation worker and it hasn't finished.
2144 * - The queue depth exceeds the maximum allowable percpu backlog.
2145 *
2146 * Note: If we are in a NOFS context here (e.g. current thread is running a
2147 * transaction) the we don't want to block here as inodegc progress may require
2148 * filesystem resources we hold to make progress and that could result in a
2149 * deadlock. Hence we skip out of here if we are in a scoped NOFS context.
2150 */
2151 static inline bool
xfs_inodegc_want_flush_work(struct xfs_inode * ip,unsigned int items,unsigned int shrinker_hits)2152 xfs_inodegc_want_flush_work(
2153 struct xfs_inode *ip,
2154 unsigned int items,
2155 unsigned int shrinker_hits)
2156 {
2157 if (current->flags & PF_MEMALLOC_NOFS)
2158 return false;
2159
2160 if (shrinker_hits > 0)
2161 return true;
2162
2163 if (items > XFS_INODEGC_MAX_BACKLOG)
2164 return true;
2165
2166 return false;
2167 }
2168
2169 /*
2170 * Queue a background inactivation worker if there are inodes that need to be
2171 * inactivated and higher level xfs code hasn't disabled the background
2172 * workers.
2173 */
2174 static void
xfs_inodegc_queue(struct xfs_inode * ip)2175 xfs_inodegc_queue(
2176 struct xfs_inode *ip)
2177 {
2178 struct xfs_mount *mp = ip->i_mount;
2179 struct xfs_inodegc *gc;
2180 int items;
2181 unsigned int shrinker_hits;
2182 unsigned int cpu_nr;
2183 unsigned long queue_delay = 1;
2184
2185 trace_xfs_inode_set_need_inactive(ip);
2186 spin_lock(&ip->i_flags_lock);
2187 ip->i_flags |= XFS_NEED_INACTIVE;
2188 spin_unlock(&ip->i_flags_lock);
2189
2190 cpu_nr = get_cpu();
2191 gc = this_cpu_ptr(mp->m_inodegc);
2192 llist_add(&ip->i_gclist, &gc->list);
2193 items = READ_ONCE(gc->items);
2194 WRITE_ONCE(gc->items, items + 1);
2195 shrinker_hits = READ_ONCE(gc->shrinker_hits);
2196
2197 /*
2198 * Ensure the list add is always seen by anyone who finds the cpumask
2199 * bit set. This effectively gives the cpumask bit set operation
2200 * release ordering semantics.
2201 */
2202 smp_mb__before_atomic();
2203 if (!cpumask_test_cpu(cpu_nr, &mp->m_inodegc_cpumask))
2204 cpumask_test_and_set_cpu(cpu_nr, &mp->m_inodegc_cpumask);
2205
2206 /*
2207 * We queue the work while holding the current CPU so that the work
2208 * is scheduled to run on this CPU.
2209 */
2210 if (!xfs_is_inodegc_enabled(mp)) {
2211 put_cpu();
2212 return;
2213 }
2214
2215 if (xfs_inodegc_want_queue_work(ip, items))
2216 queue_delay = 0;
2217
2218 trace_xfs_inodegc_queue(mp, __return_address);
2219 mod_delayed_work_on(current_cpu(), mp->m_inodegc_wq, &gc->work,
2220 queue_delay);
2221 put_cpu();
2222
2223 if (xfs_inodegc_want_flush_work(ip, items, shrinker_hits)) {
2224 trace_xfs_inodegc_throttle(mp, __return_address);
2225 flush_delayed_work(&gc->work);
2226 }
2227 }
2228
2229 /*
2230 * We set the inode flag atomically with the radix tree tag. Once we get tag
2231 * lookups on the radix tree, this inode flag can go away.
2232 *
2233 * We always use background reclaim here because even if the inode is clean, it
2234 * still may be under IO and hence we have wait for IO completion to occur
2235 * before we can reclaim the inode. The background reclaim path handles this
2236 * more efficiently than we can here, so simply let background reclaim tear down
2237 * all inodes.
2238 */
2239 void
xfs_inode_mark_reclaimable(struct xfs_inode * ip)2240 xfs_inode_mark_reclaimable(
2241 struct xfs_inode *ip)
2242 {
2243 struct xfs_mount *mp = ip->i_mount;
2244 bool need_inactive;
2245
2246 XFS_STATS_INC(mp, xs_inode_mark_reclaimable);
2247
2248 /*
2249 * We should never get here with any of the reclaim flags already set.
2250 */
2251 ASSERT_ALWAYS(!xfs_iflags_test(ip, XFS_ALL_IRECLAIM_FLAGS));
2252
2253 need_inactive = xfs_inode_needs_inactive(ip);
2254 if (need_inactive) {
2255 xfs_inodegc_queue(ip);
2256 return;
2257 }
2258
2259 /* Going straight to reclaim, so drop the dquots. */
2260 xfs_qm_dqdetach(ip);
2261 xfs_inodegc_set_reclaimable(ip);
2262 }
2263
2264 /*
2265 * Register a phony shrinker so that we can run background inodegc sooner when
2266 * there's memory pressure. Inactivation does not itself free any memory but
2267 * it does make inodes reclaimable, which eventually frees memory.
2268 *
2269 * The count function, seek value, and batch value are crafted to trigger the
2270 * scan function during the second round of scanning. Hopefully this means
2271 * that we reclaimed enough memory that initiating metadata transactions won't
2272 * make things worse.
2273 */
2274 #define XFS_INODEGC_SHRINKER_COUNT (1UL << DEF_PRIORITY)
2275 #define XFS_INODEGC_SHRINKER_BATCH ((XFS_INODEGC_SHRINKER_COUNT / 2) + 1)
2276
2277 static unsigned long
xfs_inodegc_shrinker_count(struct shrinker * shrink,struct shrink_control * sc)2278 xfs_inodegc_shrinker_count(
2279 struct shrinker *shrink,
2280 struct shrink_control *sc)
2281 {
2282 struct xfs_mount *mp = shrink->private_data;
2283 struct xfs_inodegc *gc;
2284 int cpu;
2285
2286 if (!xfs_is_inodegc_enabled(mp))
2287 return 0;
2288
2289 for_each_cpu(cpu, &mp->m_inodegc_cpumask) {
2290 gc = per_cpu_ptr(mp->m_inodegc, cpu);
2291 if (!llist_empty(&gc->list))
2292 return XFS_INODEGC_SHRINKER_COUNT;
2293 }
2294
2295 return 0;
2296 }
2297
2298 static unsigned long
xfs_inodegc_shrinker_scan(struct shrinker * shrink,struct shrink_control * sc)2299 xfs_inodegc_shrinker_scan(
2300 struct shrinker *shrink,
2301 struct shrink_control *sc)
2302 {
2303 struct xfs_mount *mp = shrink->private_data;
2304 struct xfs_inodegc *gc;
2305 int cpu;
2306 bool no_items = true;
2307
2308 if (!xfs_is_inodegc_enabled(mp))
2309 return SHRINK_STOP;
2310
2311 trace_xfs_inodegc_shrinker_scan(mp, sc, __return_address);
2312
2313 for_each_cpu(cpu, &mp->m_inodegc_cpumask) {
2314 gc = per_cpu_ptr(mp->m_inodegc, cpu);
2315 if (!llist_empty(&gc->list)) {
2316 unsigned int h = READ_ONCE(gc->shrinker_hits);
2317
2318 WRITE_ONCE(gc->shrinker_hits, h + 1);
2319 mod_delayed_work_on(cpu, mp->m_inodegc_wq, &gc->work, 0);
2320 no_items = false;
2321 }
2322 }
2323
2324 /*
2325 * If there are no inodes to inactivate, we don't want the shrinker
2326 * to think there's deferred work to call us back about.
2327 */
2328 if (no_items)
2329 return LONG_MAX;
2330
2331 return SHRINK_STOP;
2332 }
2333
2334 /* Register a shrinker so we can accelerate inodegc and throttle queuing. */
2335 int
xfs_inodegc_register_shrinker(struct xfs_mount * mp)2336 xfs_inodegc_register_shrinker(
2337 struct xfs_mount *mp)
2338 {
2339 mp->m_inodegc_shrinker = shrinker_alloc(SHRINKER_NONSLAB,
2340 "xfs-inodegc:%s",
2341 mp->m_super->s_id);
2342 if (!mp->m_inodegc_shrinker)
2343 return -ENOMEM;
2344
2345 mp->m_inodegc_shrinker->count_objects = xfs_inodegc_shrinker_count;
2346 mp->m_inodegc_shrinker->scan_objects = xfs_inodegc_shrinker_scan;
2347 mp->m_inodegc_shrinker->seeks = 0;
2348 mp->m_inodegc_shrinker->batch = XFS_INODEGC_SHRINKER_BATCH;
2349 mp->m_inodegc_shrinker->private_data = mp;
2350
2351 shrinker_register(mp->m_inodegc_shrinker);
2352
2353 return 0;
2354 }
2355