1 /*- 2 * Copyright 1998, 2000 Marshall Kirk McKusick. All Rights Reserved. 3 * 4 * The soft updates code is derived from the appendix of a University 5 * of Michigan technical report (Gregory R. Ganger and Yale N. Patt, 6 * "Soft Updates: A Solution to the Metadata Update Problem in File 7 * Systems", CSE-TR-254-95, August 1995). 8 * 9 * Further information about soft updates can be obtained from: 10 * 11 * Marshall Kirk McKusick http://www.mckusick.com/softdep/ 12 * 1614 Oxford Street mckusick@mckusick.com 13 * Berkeley, CA 94709-1608 +1-510-843-9542 14 * USA 15 * 16 * Redistribution and use in source and binary forms, with or without 17 * modification, are permitted provided that the following conditions 18 * are met: 19 * 20 * 1. Redistributions of source code must retain the above copyright 21 * notice, this list of conditions and the following disclaimer. 22 * 2. Redistributions in binary form must reproduce the above copyright 23 * notice, this list of conditions and the following disclaimer in the 24 * documentation and/or other materials provided with the distribution. 25 * 26 * THIS SOFTWARE IS PROVIDED BY MARSHALL KIRK MCKUSICK ``AS IS'' AND ANY 27 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 28 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 29 * DISCLAIMED. IN NO EVENT SHALL MARSHALL KIRK MCKUSICK BE LIABLE FOR 30 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)softdep.h 9.7 (McKusick) 6/21/00 39 * $FreeBSD$ 40 */ 41 42 #include <sys/queue.h> 43 44 /* 45 * Allocation dependencies are handled with undo/redo on the in-memory 46 * copy of the data. A particular data dependency is eliminated when 47 * it is ALLCOMPLETE: that is ATTACHED, DEPCOMPLETE, and COMPLETE. 48 * 49 * The ATTACHED flag means that the data is not currently being written 50 * to disk. 51 * 52 * The UNDONE flag means that the data has been rolled back to a safe 53 * state for writing to the disk. When the I/O completes, the data is 54 * restored to its current form and the state reverts to ATTACHED. 55 * The data must be locked throughout the rollback, I/O, and roll 56 * forward so that the rolled back information is never visible to 57 * user processes. 58 * 59 * The COMPLETE flag indicates that the item has been written. For example, 60 * a dependency that requires that an inode be written will be marked 61 * COMPLETE after the inode has been written to disk. 62 * 63 * The DEPCOMPLETE flag indicates the completion of any other 64 * dependencies such as the writing of a cylinder group map has been 65 * completed. A dependency structure may be freed only when both it 66 * and its dependencies have completed and any rollbacks that are in 67 * progress have finished as indicated by the set of ALLCOMPLETE flags 68 * all being set. 69 * 70 * The two MKDIR flags indicate additional dependencies that must be done 71 * when creating a new directory. MKDIR_BODY is cleared when the directory 72 * data block containing the "." and ".." entries has been written. 73 * MKDIR_PARENT is cleared when the parent inode with the increased link 74 * count for ".." has been written. When both MKDIR flags have been 75 * cleared, the DEPCOMPLETE flag is set to indicate that the directory 76 * dependencies have been completed. The writing of the directory inode 77 * itself sets the COMPLETE flag which then allows the directory entry for 78 * the new directory to be written to disk. The RMDIR flag marks a dirrem 79 * structure as representing the removal of a directory rather than a 80 * file. When the removal dependencies are completed, additional work needs 81 * to be done* (an additional decrement of the associated inode, and a 82 * decrement of the parent inode). 83 * 84 * The DIRCHG flag marks a diradd structure as representing the changing 85 * of an existing entry rather than the addition of a new one. When 86 * the update is complete the dirrem associated with the inode for 87 * the old name must be added to the worklist to do the necessary 88 * reference count decrement. 89 * 90 * The GOINGAWAY flag indicates that the data structure is frozen from 91 * further change until its dependencies have been completed and its 92 * resources freed after which it will be discarded. 93 * 94 * The IOSTARTED flag prevents multiple calls to the I/O start routine from 95 * doing multiple rollbacks. 96 * 97 * The NEWBLOCK flag marks pagedep structures that have just been allocated, 98 * so must be claimed by the inode before all dependencies are complete. 99 * 100 * The INPROGRESS flag marks worklist structures that are still on the 101 * worklist, but are being considered for action by some process. 102 * 103 * The UFS1FMT flag indicates that the inode being processed is a ufs1 format. 104 * 105 * The EXTDATA flag indicates that the allocdirect describes an 106 * extended-attributes dependency. 107 * 108 * The ONWORKLIST flag shows whether the structure is currently linked 109 * onto a worklist. 110 * 111 * The UNLINK* flags track the progress of updating the on-disk linked 112 * list of active but unlinked inodes. When an inode is first unlinked 113 * it is marked as UNLINKED. When its on-disk di_freelink has been 114 * written its UNLINKNEXT flags is set. When its predecessor in the 115 * list has its di_freelink pointing at us its UNLINKPREV is set. 116 * When the on-disk list can reach it from the superblock, its 117 * UNLINKONLIST flag is set. Once all of these flags are set, it 118 * is safe to let its last name be removed. 119 */ 120 #define ATTACHED 0x000001 121 #define UNDONE 0x000002 122 #define COMPLETE 0x000004 123 #define DEPCOMPLETE 0x000008 124 #define MKDIR_PARENT 0x000010 /* diradd, mkdir, jaddref, jsegdep only */ 125 #define MKDIR_BODY 0x000020 /* diradd, mkdir, jaddref only */ 126 #define RMDIR 0x000040 /* dirrem only */ 127 #define DIRCHG 0x000080 /* diradd, dirrem only */ 128 #define GOINGAWAY 0x000100 /* indirdep, jremref only */ 129 #define IOSTARTED 0x000200 /* inodedep, pagedep, bmsafemap only */ 130 #define UNUSED400 0x000400 /* currently available. */ 131 #define NEWBLOCK 0x000800 /* pagedep, jaddref only */ 132 #define INPROGRESS 0x001000 /* dirrem, freeblks, freefrag, freefile only */ 133 #define UFS1FMT 0x002000 /* indirdep only */ 134 #define EXTDATA 0x004000 /* allocdirect only */ 135 #define ONWORKLIST 0x008000 136 #define IOWAITING 0x010000 /* Thread is waiting for IO to complete. */ 137 #define ONDEPLIST 0x020000 /* Structure is on a dependency list. */ 138 #define UNLINKED 0x040000 /* inodedep has been unlinked. */ 139 #define UNLINKNEXT 0x080000 /* inodedep has valid di_freelink */ 140 #define UNLINKPREV 0x100000 /* inodedep is pointed at in the unlink list */ 141 #define UNLINKONLIST 0x200000 /* inodedep is in the unlinked list on disk */ 142 #define UNLINKLINKS (UNLINKNEXT | UNLINKPREV) 143 144 #define ALLCOMPLETE (ATTACHED | COMPLETE | DEPCOMPLETE) 145 146 /* 147 * The workitem queue. 148 * 149 * It is sometimes useful and/or necessary to clean up certain dependencies 150 * in the background rather than during execution of an application process 151 * or interrupt service routine. To realize this, we append dependency 152 * structures corresponding to such tasks to a "workitem" queue. In a soft 153 * updates implementation, most pending workitems should not wait for more 154 * than a couple of seconds, so the filesystem syncer process awakens once 155 * per second to process the items on the queue. 156 */ 157 158 /* LIST_HEAD(workhead, worklist); -- declared in buf.h */ 159 160 /* 161 * Each request can be linked onto a work queue through its worklist structure. 162 * To avoid the need for a pointer to the structure itself, this structure 163 * MUST be declared FIRST in each type in which it appears! If more than one 164 * worklist is needed in the structure, then a wk_data field must be added 165 * and the macros below changed to use it. 166 */ 167 struct worklist { 168 LIST_ENTRY(worklist) wk_list; /* list of work requests */ 169 struct mount *wk_mp; /* Mount we live in */ 170 unsigned int wk_type:8, /* type of request */ 171 wk_state:24; /* state flags */ 172 }; 173 #define WK_DATA(wk) ((void *)(wk)) 174 #define WK_PAGEDEP(wk) ((struct pagedep *)(wk)) 175 #define WK_INODEDEP(wk) ((struct inodedep *)(wk)) 176 #define WK_BMSAFEMAP(wk) ((struct bmsafemap *)(wk)) 177 #define WK_NEWBLK(wk) ((struct newblk *)(wk)) 178 #define WK_ALLOCDIRECT(wk) ((struct allocdirect *)(wk)) 179 #define WK_INDIRDEP(wk) ((struct indirdep *)(wk)) 180 #define WK_ALLOCINDIR(wk) ((struct allocindir *)(wk)) 181 #define WK_FREEFRAG(wk) ((struct freefrag *)(wk)) 182 #define WK_FREEBLKS(wk) ((struct freeblks *)(wk)) 183 #define WK_FREEWORK(wk) ((struct freework *)(wk)) 184 #define WK_FREEFILE(wk) ((struct freefile *)(wk)) 185 #define WK_DIRADD(wk) ((struct diradd *)(wk)) 186 #define WK_MKDIR(wk) ((struct mkdir *)(wk)) 187 #define WK_DIRREM(wk) ((struct dirrem *)(wk)) 188 #define WK_NEWDIRBLK(wk) ((struct newdirblk *)(wk)) 189 #define WK_JADDREF(wk) ((struct jaddref *)(wk)) 190 #define WK_JREMREF(wk) ((struct jremref *)(wk)) 191 #define WK_JMVREF(wk) ((struct jmvref *)(wk)) 192 #define WK_JSEGDEP(wk) ((struct jsegdep *)(wk)) 193 #define WK_JSEG(wk) ((struct jseg *)(wk)) 194 #define WK_JNEWBLK(wk) ((struct jnewblk *)(wk)) 195 #define WK_JFREEBLK(wk) ((struct jfreeblk *)(wk)) 196 #define WK_FREEDEP(wk) ((struct freedep *)(wk)) 197 #define WK_JFREEFRAG(wk) ((struct jfreefrag *)(wk)) 198 #define WK_SBDEP(wk) ((struct sbdep *)wk) 199 #define WK_JTRUNC(wk) ((struct jtrunc *)(wk)) 200 201 /* 202 * Various types of lists 203 */ 204 LIST_HEAD(dirremhd, dirrem); 205 LIST_HEAD(diraddhd, diradd); 206 LIST_HEAD(newblkhd, newblk); 207 LIST_HEAD(inodedephd, inodedep); 208 LIST_HEAD(allocindirhd, allocindir); 209 LIST_HEAD(allocdirecthd, allocdirect); 210 TAILQ_HEAD(allocdirectlst, allocdirect); 211 LIST_HEAD(indirdephd, indirdep); 212 LIST_HEAD(jaddrefhd, jaddref); 213 LIST_HEAD(jremrefhd, jremref); 214 LIST_HEAD(jmvrefhd, jmvref); 215 LIST_HEAD(jnewblkhd, jnewblk); 216 LIST_HEAD(jfreeblkhd, jfreeblk); 217 LIST_HEAD(freeworkhd, freework); 218 TAILQ_HEAD(jseglst, jseg); 219 TAILQ_HEAD(inoreflst, inoref); 220 221 /* 222 * The "pagedep" structure tracks the various dependencies related to 223 * a particular directory page. If a directory page has any dependencies, 224 * it will have a pagedep linked to its associated buffer. The 225 * pd_dirremhd list holds the list of dirrem requests which decrement 226 * inode reference counts. These requests are processed after the 227 * directory page with the corresponding zero'ed entries has been 228 * written. The pd_diraddhd list maintains the list of diradd requests 229 * which cannot be committed until their corresponding inode has been 230 * written to disk. Because a directory may have many new entries 231 * being created, several lists are maintained hashed on bits of the 232 * offset of the entry into the directory page to keep the lists from 233 * getting too long. Once a new directory entry has been cleared to 234 * be written, it is moved to the pd_pendinghd list. After the new 235 * entry has been written to disk it is removed from the pd_pendinghd 236 * list, any removed operations are done, and the dependency structure 237 * is freed. 238 */ 239 #define DAHASHSZ 5 240 #define DIRADDHASH(offset) (((offset) >> 2) % DAHASHSZ) 241 struct pagedep { 242 struct worklist pd_list; /* page buffer */ 243 # define pd_state pd_list.wk_state /* check for multiple I/O starts */ 244 LIST_ENTRY(pagedep) pd_hash; /* hashed lookup */ 245 ino_t pd_ino; /* associated file */ 246 ufs_lbn_t pd_lbn; /* block within file */ 247 struct newdirblk *pd_newdirblk; /* associated newdirblk if NEWBLOCK */ 248 struct dirremhd pd_dirremhd; /* dirrem's waiting for page */ 249 struct diraddhd pd_diraddhd[DAHASHSZ]; /* diradd dir entry updates */ 250 struct diraddhd pd_pendinghd; /* directory entries awaiting write */ 251 struct jmvrefhd pd_jmvrefhd; /* Dependent journal writes. */ 252 }; 253 254 /* 255 * The "inodedep" structure tracks the set of dependencies associated 256 * with an inode. One task that it must manage is delayed operations 257 * (i.e., work requests that must be held until the inodedep's associated 258 * inode has been written to disk). Getting an inode from its incore 259 * state to the disk requires two steps to be taken by the filesystem 260 * in this order: first the inode must be copied to its disk buffer by 261 * the VOP_UPDATE operation; second the inode's buffer must be written 262 * to disk. To ensure that both operations have happened in the required 263 * order, the inodedep maintains two lists. Delayed operations are 264 * placed on the id_inowait list. When the VOP_UPDATE is done, all 265 * operations on the id_inowait list are moved to the id_bufwait list. 266 * When the buffer is written, the items on the id_bufwait list can be 267 * safely moved to the work queue to be processed. A second task of the 268 * inodedep structure is to track the status of block allocation within 269 * the inode. Each block that is allocated is represented by an 270 * "allocdirect" structure (see below). It is linked onto the id_newinoupdt 271 * list until both its contents and its allocation in the cylinder 272 * group map have been written to disk. Once these dependencies have been 273 * satisfied, it is removed from the id_newinoupdt list and any followup 274 * actions such as releasing the previous block or fragment are placed 275 * on the id_inowait list. When an inode is updated (a VOP_UPDATE is 276 * done), the "inodedep" structure is linked onto the buffer through 277 * its worklist. Thus, it will be notified when the buffer is about 278 * to be written and when it is done. At the update time, all the 279 * elements on the id_newinoupdt list are moved to the id_inoupdt list 280 * since those changes are now relevant to the copy of the inode in the 281 * buffer. Also at update time, the tasks on the id_inowait list are 282 * moved to the id_bufwait list so that they will be executed when 283 * the updated inode has been written to disk. When the buffer containing 284 * the inode is written to disk, any updates listed on the id_inoupdt 285 * list are rolled back as they are not yet safe. Following the write, 286 * the changes are once again rolled forward and any actions on the 287 * id_bufwait list are processed (since those actions are now safe). 288 * The entries on the id_inoupdt and id_newinoupdt lists must be kept 289 * sorted by logical block number to speed the calculation of the size 290 * of the rolled back inode (see explanation in initiate_write_inodeblock). 291 * When a directory entry is created, it is represented by a diradd. 292 * The diradd is added to the id_inowait list as it cannot be safely 293 * written to disk until the inode that it represents is on disk. After 294 * the inode is written, the id_bufwait list is processed and the diradd 295 * entries are moved to the id_pendinghd list where they remain until 296 * the directory block containing the name has been written to disk. 297 * The purpose of keeping the entries on the id_pendinghd list is so that 298 * the softdep_fsync function can find and push the inode's directory 299 * name(s) as part of the fsync operation for that file. 300 */ 301 struct inodedep { 302 struct worklist id_list; /* buffer holding inode block */ 303 # define id_state id_list.wk_state /* inode dependency state */ 304 LIST_ENTRY(inodedep) id_hash; /* hashed lookup */ 305 TAILQ_ENTRY(inodedep) id_unlinked; /* Unlinked but ref'd inodes */ 306 struct fs *id_fs; /* associated filesystem */ 307 ino_t id_ino; /* dependent inode */ 308 nlink_t id_nlinkdelta; /* saved effective link count */ 309 nlink_t id_savednlink; /* Link saved during rollback */ 310 LIST_ENTRY(inodedep) id_deps; /* bmsafemap's list of inodedep's */ 311 struct bmsafemap *id_bmsafemap; /* related bmsafemap (if pending) */ 312 struct diradd *id_mkdiradd; /* diradd for a mkdir. */ 313 struct inoreflst id_inoreflst; /* Inode reference adjustments. */ 314 long id_savedextsize; /* ext size saved during rollback */ 315 off_t id_savedsize; /* file size saved during rollback */ 316 struct dirremhd id_dirremhd; /* Removals pending. */ 317 struct workhead id_pendinghd; /* entries awaiting directory write */ 318 struct workhead id_bufwait; /* operations after inode written */ 319 struct workhead id_inowait; /* operations waiting inode update */ 320 struct allocdirectlst id_inoupdt; /* updates before inode written */ 321 struct allocdirectlst id_newinoupdt; /* updates when inode written */ 322 struct allocdirectlst id_extupdt; /* extdata updates pre-inode write */ 323 struct allocdirectlst id_newextupdt; /* extdata updates at ino write */ 324 union { 325 struct ufs1_dinode *idu_savedino1; /* saved ufs1_dinode contents */ 326 struct ufs2_dinode *idu_savedino2; /* saved ufs2_dinode contents */ 327 } id_un; 328 }; 329 #define id_savedino1 id_un.idu_savedino1 330 #define id_savedino2 id_un.idu_savedino2 331 332 /* 333 * A "bmsafemap" structure maintains a list of dependency structures 334 * that depend on the update of a particular cylinder group map. 335 * It has lists for newblks, allocdirects, allocindirs, and inodedeps. 336 * It is attached to the buffer of a cylinder group block when any of 337 * these things are allocated from the cylinder group. It is freed 338 * after the cylinder group map is written and the state of its 339 * dependencies are updated with DEPCOMPLETE to indicate that it has 340 * been processed. 341 */ 342 struct bmsafemap { 343 struct worklist sm_list; /* cylgrp buffer */ 344 # define sm_state sm_list.wk_state 345 int sm_cg; 346 LIST_ENTRY(bmsafemap) sm_hash; /* Hash links. */ 347 struct buf *sm_buf; /* associated buffer */ 348 struct allocdirecthd sm_allocdirecthd; /* allocdirect deps */ 349 struct allocdirecthd sm_allocdirectwr; /* writing allocdirect deps */ 350 struct allocindirhd sm_allocindirhd; /* allocindir deps */ 351 struct allocindirhd sm_allocindirwr; /* writing allocindir deps */ 352 struct inodedephd sm_inodedephd; /* inodedep deps */ 353 struct inodedephd sm_inodedepwr; /* writing inodedep deps */ 354 struct newblkhd sm_newblkhd; /* newblk deps */ 355 struct newblkhd sm_newblkwr; /* writing newblk deps */ 356 struct jaddrefhd sm_jaddrefhd; /* Pending inode allocations. */ 357 struct jnewblkhd sm_jnewblkhd; /* Pending block allocations. */ 358 }; 359 360 /* 361 * A "newblk" structure is attached to a bmsafemap structure when a block 362 * or fragment is allocated from a cylinder group. Its state is set to 363 * DEPCOMPLETE when its cylinder group map is written. It is converted to 364 * an allocdirect or allocindir allocation once the allocator calls the 365 * appropriate setup function. It will initially be linked onto a bmsafemap 366 * list. Once converted it can be linked onto the lists described for 367 * allocdirect or allocindir as described below. 368 */ 369 struct newblk { 370 struct worklist nb_list; /* See comment above. */ 371 # define nb_state nb_list.wk_state 372 LIST_ENTRY(newblk) nb_hash; /* Hashed lookup. */ 373 LIST_ENTRY(newblk) nb_deps; /* Bmsafemap's list of newblks. */ 374 struct jnewblk *nb_jnewblk; /* New block journal entry. */ 375 struct bmsafemap *nb_bmsafemap;/* Cylgrp dep (if pending). */ 376 struct freefrag *nb_freefrag; /* Fragment to be freed (if any). */ 377 struct indirdephd nb_indirdeps; /* Children indirect blocks. */ 378 struct workhead nb_newdirblk; /* Dir block to notify when written. */ 379 struct workhead nb_jwork; /* Journal work pending. */ 380 ufs2_daddr_t nb_newblkno; /* New value of block pointer. */ 381 }; 382 383 /* 384 * An "allocdirect" structure is attached to an "inodedep" when a new block 385 * or fragment is allocated and pointed to by the inode described by 386 * "inodedep". The worklist is linked to the buffer that holds the block. 387 * When the block is first allocated, it is linked to the bmsafemap 388 * structure associated with the buffer holding the cylinder group map 389 * from which it was allocated. When the cylinder group map is written 390 * to disk, ad_state has the DEPCOMPLETE flag set. When the block itself 391 * is written, the COMPLETE flag is set. Once both the cylinder group map 392 * and the data itself have been written, it is safe to write the inode 393 * that claims the block. If there was a previous fragment that had been 394 * allocated before the file was increased in size, the old fragment may 395 * be freed once the inode claiming the new block is written to disk. 396 * This ad_fragfree request is attached to the id_inowait list of the 397 * associated inodedep (pointed to by ad_inodedep) for processing after 398 * the inode is written. When a block is allocated to a directory, an 399 * fsync of a file whose name is within that block must ensure not only 400 * that the block containing the file name has been written, but also 401 * that the on-disk inode references that block. When a new directory 402 * block is created, we allocate a newdirblk structure which is linked 403 * to the associated allocdirect (on its ad_newdirblk list). When the 404 * allocdirect has been satisfied, the newdirblk structure is moved to 405 * the inodedep id_bufwait list of its directory to await the inode 406 * being written. When the inode is written, the directory entries are 407 * fully committed and can be deleted from their pagedep->id_pendinghd 408 * and inodedep->id_pendinghd lists. 409 */ 410 struct allocdirect { 411 struct newblk ad_block; /* Common block logic */ 412 # define ad_state ad_block.nb_list.wk_state /* block pointer state */ 413 TAILQ_ENTRY(allocdirect) ad_next; /* inodedep's list of allocdirect's */ 414 struct inodedep *ad_inodedep; /* associated inodedep */ 415 ufs2_daddr_t ad_oldblkno; /* old value of block pointer */ 416 int ad_offset; /* Pointer offset in parent. */ 417 long ad_newsize; /* size of new block */ 418 long ad_oldsize; /* size of old block */ 419 }; 420 #define ad_newblkno ad_block.nb_newblkno 421 #define ad_freefrag ad_block.nb_freefrag 422 #define ad_newdirblk ad_block.nb_newdirblk 423 424 /* 425 * A single "indirdep" structure manages all allocation dependencies for 426 * pointers in an indirect block. The up-to-date state of the indirect 427 * block is stored in ir_savedata. The set of pointers that may be safely 428 * written to the disk is stored in ir_safecopy. The state field is used 429 * only to track whether the buffer is currently being written (in which 430 * case it is not safe to update ir_safecopy). Ir_deplisthd contains the 431 * list of allocindir structures, one for each block that needs to be 432 * written to disk. Once the block and its bitmap allocation have been 433 * written the safecopy can be updated to reflect the allocation and the 434 * allocindir structure freed. If ir_state indicates that an I/O on the 435 * indirect block is in progress when ir_safecopy is to be updated, the 436 * update is deferred by placing the allocindir on the ir_donehd list. 437 * When the I/O on the indirect block completes, the entries on the 438 * ir_donehd list are processed by updating their corresponding ir_safecopy 439 * pointers and then freeing the allocindir structure. 440 */ 441 struct indirdep { 442 struct worklist ir_list; /* buffer holding indirect block */ 443 # define ir_state ir_list.wk_state /* indirect block pointer state */ 444 LIST_ENTRY(indirdep) ir_next; /* alloc{direct,indir} list */ 445 caddr_t ir_saveddata; /* buffer cache contents */ 446 struct buf *ir_savebp; /* buffer holding safe copy */ 447 struct allocindirhd ir_completehd; /* waiting for indirdep complete */ 448 struct allocindirhd ir_writehd; /* Waiting for the pointer write. */ 449 struct allocindirhd ir_donehd; /* done waiting to update safecopy */ 450 struct allocindirhd ir_deplisthd; /* allocindir deps for this block */ 451 struct jnewblkhd ir_jnewblkhd; /* Canceled block allocations. */ 452 struct workhead ir_jwork; /* Journal work pending. */ 453 }; 454 455 /* 456 * An "allocindir" structure is attached to an "indirdep" when a new block 457 * is allocated and pointed to by the indirect block described by the 458 * "indirdep". The worklist is linked to the buffer that holds the new block. 459 * When the block is first allocated, it is linked to the bmsafemap 460 * structure associated with the buffer holding the cylinder group map 461 * from which it was allocated. When the cylinder group map is written 462 * to disk, ai_state has the DEPCOMPLETE flag set. When the block itself 463 * is written, the COMPLETE flag is set. Once both the cylinder group map 464 * and the data itself have been written, it is safe to write the entry in 465 * the indirect block that claims the block; the "allocindir" dependency 466 * can then be freed as it is no longer applicable. 467 */ 468 struct allocindir { 469 struct newblk ai_block; /* Common block area */ 470 # define ai_state ai_block.nb_list.wk_state /* indirect pointer state */ 471 LIST_ENTRY(allocindir) ai_next; /* indirdep's list of allocindir's */ 472 struct indirdep *ai_indirdep; /* address of associated indirdep */ 473 ufs2_daddr_t ai_oldblkno; /* old value of block pointer */ 474 int ai_offset; /* Pointer offset in parent. */ 475 }; 476 #define ai_newblkno ai_block.nb_newblkno 477 #define ai_freefrag ai_block.nb_freefrag 478 #define ai_newdirblk ai_block.nb_newdirblk 479 480 /* 481 * The allblk union is used to size the newblk structure on allocation so 482 * that it may be any one of three types. 483 */ 484 union allblk { 485 struct allocindir ab_allocindir; 486 struct allocdirect ab_allocdirect; 487 struct newblk ab_newblk; 488 }; 489 490 /* 491 * A "freefrag" structure is attached to an "inodedep" when a previously 492 * allocated fragment is replaced with a larger fragment, rather than extended. 493 * The "freefrag" structure is constructed and attached when the replacement 494 * block is first allocated. It is processed after the inode claiming the 495 * bigger block that replaces it has been written to disk. 496 */ 497 struct freefrag { 498 struct worklist ff_list; /* id_inowait or delayed worklist */ 499 # define ff_state ff_list.wk_state 500 struct worklist *ff_jdep; /* Associated journal entry. */ 501 struct workhead ff_jwork; /* Journal work pending. */ 502 ufs2_daddr_t ff_blkno; /* fragment physical block number */ 503 long ff_fragsize; /* size of fragment being deleted */ 504 ino_t ff_inum; /* owning inode number */ 505 }; 506 507 /* 508 * A "freeblks" structure is attached to an "inodedep" when the 509 * corresponding file's length is reduced to zero. It records all 510 * the information needed to free the blocks of a file after its 511 * zero'ed inode has been written to disk. The actual work is done 512 * by child freework structures which are responsible for individual 513 * inode pointers while freeblks is responsible for retiring the 514 * entire operation when it is complete and holding common members. 515 */ 516 struct freeblks { 517 struct worklist fb_list; /* id_inowait or delayed worklist */ 518 # define fb_state fb_list.wk_state /* inode and dirty block state */ 519 struct jfreeblkhd fb_jfreeblkhd; /* Journal entries pending */ 520 struct workhead fb_freeworkhd; /* Work items pending */ 521 struct workhead fb_jwork; /* Journal work pending */ 522 ino_t fb_previousinum; /* inode of previous owner of blocks */ 523 uid_t fb_uid; /* uid of previous owner of blocks */ 524 struct vnode *fb_devvp; /* filesystem device vnode */ 525 ufs2_daddr_t fb_chkcnt; /* used to check cnt of blks released */ 526 int fb_ref; /* Children outstanding. */ 527 }; 528 529 /* 530 * A "freework" structure handles the release of a tree of blocks or a single 531 * block. Each indirect block in a tree is allocated its own freework 532 * structure so that the indirect block may be freed only when all of its 533 * children are freed. In this way we enforce the rule that an allocated 534 * block must have a valid path to a root that is journaled. Each child 535 * block acquires a reference and when the ref hits zero the parent ref 536 * is decremented. If there is no parent the freeblks ref is decremented. 537 */ 538 struct freework { 539 struct worklist fw_list; /* Delayed worklist. */ 540 # define fw_state fw_list.wk_state 541 LIST_ENTRY(freework) fw_next; /* For seg journal list. */ 542 struct jnewblk *fw_jnewblk; /* Journal entry to cancel. */ 543 struct freeblks *fw_freeblks; /* Root of operation. */ 544 struct freework *fw_parent; /* Parent indirect. */ 545 ufs2_daddr_t fw_blkno; /* Our block #. */ 546 ufs_lbn_t fw_lbn; /* Original lbn before free. */ 547 int fw_frags; /* Number of frags. */ 548 int fw_ref; /* Number of children out. */ 549 int fw_off; /* Current working position. */ 550 struct workhead fw_jwork; /* Journal work pending. */ 551 }; 552 553 /* 554 * A "freedep" structure is allocated to track the completion of a bitmap 555 * write for a freework. One freedep may cover many freed blocks so long 556 * as they reside in the same cylinder group. When the cg is written 557 * the freedep decrements the ref on the freework which may permit it 558 * to be freed as well. 559 */ 560 struct freedep { 561 struct worklist fd_list; /* Delayed worklist. */ 562 struct freework *fd_freework; /* Parent freework. */ 563 }; 564 565 /* 566 * A "freefile" structure is attached to an inode when its 567 * link count is reduced to zero. It marks the inode as free in 568 * the cylinder group map after the zero'ed inode has been written 569 * to disk and any associated blocks and fragments have been freed. 570 */ 571 struct freefile { 572 struct worklist fx_list; /* id_inowait or delayed worklist */ 573 mode_t fx_mode; /* mode of inode */ 574 ino_t fx_oldinum; /* inum of the unlinked file */ 575 struct vnode *fx_devvp; /* filesystem device vnode */ 576 struct workhead fx_jwork; /* journal work pending. */ 577 }; 578 579 /* 580 * A "diradd" structure is linked to an "inodedep" id_inowait list when a 581 * new directory entry is allocated that references the inode described 582 * by "inodedep". When the inode itself is written (either the initial 583 * allocation for new inodes or with the increased link count for 584 * existing inodes), the COMPLETE flag is set in da_state. If the entry 585 * is for a newly allocated inode, the "inodedep" structure is associated 586 * with a bmsafemap which prevents the inode from being written to disk 587 * until the cylinder group has been updated. Thus the da_state COMPLETE 588 * flag cannot be set until the inode bitmap dependency has been removed. 589 * When creating a new file, it is safe to write the directory entry that 590 * claims the inode once the referenced inode has been written. Since 591 * writing the inode clears the bitmap dependencies, the DEPCOMPLETE flag 592 * in the diradd can be set unconditionally when creating a file. When 593 * creating a directory, there are two additional dependencies described by 594 * mkdir structures (see their description below). When these dependencies 595 * are resolved the DEPCOMPLETE flag is set in the diradd structure. 596 * If there are multiple links created to the same inode, there will be 597 * a separate diradd structure created for each link. The diradd is 598 * linked onto the pg_diraddhd list of the pagedep for the directory 599 * page that contains the entry. When a directory page is written, 600 * the pg_diraddhd list is traversed to rollback any entries that are 601 * not yet ready to be written to disk. If a directory entry is being 602 * changed (by rename) rather than added, the DIRCHG flag is set and 603 * the da_previous entry points to the entry that will be "removed" 604 * once the new entry has been committed. During rollback, entries 605 * with da_previous are replaced with the previous inode number rather 606 * than zero. 607 * 608 * The overlaying of da_pagedep and da_previous is done to keep the 609 * structure down. If a da_previous entry is present, the pointer to its 610 * pagedep is available in the associated dirrem entry. If the DIRCHG flag 611 * is set, the da_previous entry is valid; if not set the da_pagedep entry 612 * is valid. The DIRCHG flag never changes; it is set when the structure 613 * is created if appropriate and is never cleared. 614 */ 615 struct diradd { 616 struct worklist da_list; /* id_inowait or id_pendinghd list */ 617 # define da_state da_list.wk_state /* state of the new directory entry */ 618 LIST_ENTRY(diradd) da_pdlist; /* pagedep holding directory block */ 619 doff_t da_offset; /* offset of new dir entry in dir blk */ 620 ino_t da_newinum; /* inode number for the new dir entry */ 621 union { 622 struct dirrem *dau_previous; /* entry being replaced in dir change */ 623 struct pagedep *dau_pagedep; /* pagedep dependency for addition */ 624 } da_un; 625 struct workhead da_jwork; /* Journal work awaiting completion. */ 626 }; 627 #define da_previous da_un.dau_previous 628 #define da_pagedep da_un.dau_pagedep 629 630 /* 631 * Two "mkdir" structures are needed to track the additional dependencies 632 * associated with creating a new directory entry. Normally a directory 633 * addition can be committed as soon as the newly referenced inode has been 634 * written to disk with its increased link count. When a directory is 635 * created there are two additional dependencies: writing the directory 636 * data block containing the "." and ".." entries (MKDIR_BODY) and writing 637 * the parent inode with the increased link count for ".." (MKDIR_PARENT). 638 * These additional dependencies are tracked by two mkdir structures that 639 * reference the associated "diradd" structure. When they have completed, 640 * they set the DEPCOMPLETE flag on the diradd so that it knows that its 641 * extra dependencies have been completed. The md_state field is used only 642 * to identify which type of dependency the mkdir structure is tracking. 643 * It is not used in the mainline code for any purpose other than consistency 644 * checking. All the mkdir structures in the system are linked together on 645 * a list. This list is needed so that a diradd can find its associated 646 * mkdir structures and deallocate them if it is prematurely freed (as for 647 * example if a mkdir is immediately followed by a rmdir of the same directory). 648 * Here, the free of the diradd must traverse the list to find the associated 649 * mkdir structures that reference it. The deletion would be faster if the 650 * diradd structure were simply augmented to have two pointers that referenced 651 * the associated mkdir's. However, this would increase the size of the diradd 652 * structure to speed a very infrequent operation. 653 */ 654 struct mkdir { 655 struct worklist md_list; /* id_inowait or buffer holding dir */ 656 # define md_state md_list.wk_state /* type: MKDIR_PARENT or MKDIR_BODY */ 657 struct diradd *md_diradd; /* associated diradd */ 658 struct jaddref *md_jaddref; /* dependent jaddref. */ 659 struct buf *md_buf; /* MKDIR_BODY: buffer holding dir */ 660 LIST_ENTRY(mkdir) md_mkdirs; /* list of all mkdirs */ 661 }; 662 663 /* 664 * A "dirrem" structure describes an operation to decrement the link 665 * count on an inode. The dirrem structure is attached to the pg_dirremhd 666 * list of the pagedep for the directory page that contains the entry. 667 * It is processed after the directory page with the deleted entry has 668 * been written to disk. 669 */ 670 struct dirrem { 671 struct worklist dm_list; /* delayed worklist */ 672 # define dm_state dm_list.wk_state /* state of the old directory entry */ 673 LIST_ENTRY(dirrem) dm_next; /* pagedep's list of dirrem's */ 674 LIST_ENTRY(dirrem) dm_inonext; /* inodedep's list of dirrem's */ 675 struct jremrefhd dm_jremrefhd; /* Pending remove reference deps. */ 676 ino_t dm_oldinum; /* inum of the removed dir entry */ 677 union { 678 struct pagedep *dmu_pagedep; /* pagedep dependency for remove */ 679 ino_t dmu_dirinum; /* parent inode number (for rmdir) */ 680 } dm_un; 681 struct workhead dm_jwork; /* Journal work awaiting completion. */ 682 }; 683 #define dm_pagedep dm_un.dmu_pagedep 684 #define dm_dirinum dm_un.dmu_dirinum 685 686 /* 687 * A "newdirblk" structure tracks the progress of a newly allocated 688 * directory block from its creation until it is claimed by its on-disk 689 * inode. When a block is allocated to a directory, an fsync of a file 690 * whose name is within that block must ensure not only that the block 691 * containing the file name has been written, but also that the on-disk 692 * inode references that block. When a new directory block is created, 693 * we allocate a newdirblk structure which is linked to the associated 694 * allocdirect (on its ad_newdirblk list). When the allocdirect has been 695 * satisfied, the newdirblk structure is moved to the inodedep id_bufwait 696 * list of its directory to await the inode being written. When the inode 697 * is written, the directory entries are fully committed and can be 698 * deleted from their pagedep->id_pendinghd and inodedep->id_pendinghd 699 * lists. Note that we could track directory blocks allocated to indirect 700 * blocks using a similar scheme with the allocindir structures. Rather 701 * than adding this level of complexity, we simply write those newly 702 * allocated indirect blocks synchronously as such allocations are rare. 703 * In the case of a new directory the . and .. links are tracked with 704 * a mkdir rather than a pagedep. In this case we track the mkdir 705 * so it can be released when it is written. A workhead is used 706 * to simplify canceling a mkdir that is removed by a subsequent dirrem. 707 */ 708 struct newdirblk { 709 struct worklist db_list; /* id_inowait or pg_newdirblk */ 710 # define db_state db_list.wk_state /* unused */ 711 struct pagedep *db_pagedep; /* associated pagedep */ 712 struct workhead db_mkdir; 713 }; 714 715 /* 716 * The inoref structure holds the elements common to jaddref and jremref 717 * so they may easily be queued in-order on the inodedep. 718 */ 719 struct inoref { 720 struct worklist if_list; /* Journal pending or jseg entries. */ 721 # define if_state if_list.wk_state 722 TAILQ_ENTRY(inoref) if_deps; /* Links for inodedep. */ 723 struct jsegdep *if_jsegdep; /* Will track our journal record. */ 724 off_t if_diroff; /* Directory offset. */ 725 ino_t if_ino; /* Inode number. */ 726 ino_t if_parent; /* Parent inode number. */ 727 nlink_t if_nlink; /* nlink before addition. */ 728 uint16_t if_mode; /* File mode, needed for IFMT. */ 729 }; 730 731 /* 732 * A "jaddref" structure tracks a new reference (link count) on an inode 733 * and prevents the link count increase and bitmap allocation until a 734 * journal entry can be written. Once the journal entry is written, 735 * the inode is put on the pendinghd of the bmsafemap and a diradd or 736 * mkdir entry is placed on the bufwait list of the inode. The DEPCOMPLETE 737 * flag is used to indicate that all of the required information for writing 738 * the journal entry is present. MKDIR_BODY and MKDIR_PARENT are used to 739 * differentiate . and .. links from regular file names. NEWBLOCK indicates 740 * a bitmap is still pending. If a new reference is canceled by a delete 741 * prior to writing the journal the jaddref write is canceled and the 742 * structure persists to prevent any disk-visible changes until it is 743 * ultimately released when the file is freed or the link is dropped again. 744 */ 745 struct jaddref { 746 struct inoref ja_ref; /* see inoref above. */ 747 # define ja_list ja_ref.if_list /* Jrnl pending, id_inowait, dm_jwork.*/ 748 # define ja_state ja_ref.if_list.wk_state 749 LIST_ENTRY(jaddref) ja_bmdeps; /* Links for bmsafemap. */ 750 union { 751 struct diradd *jau_diradd; /* Pending diradd. */ 752 struct mkdir *jau_mkdir; /* MKDIR_{PARENT,BODY} */ 753 } ja_un; 754 }; 755 #define ja_diradd ja_un.jau_diradd 756 #define ja_mkdir ja_un.jau_mkdir 757 #define ja_diroff ja_ref.if_diroff 758 #define ja_ino ja_ref.if_ino 759 #define ja_parent ja_ref.if_parent 760 #define ja_mode ja_ref.if_mode 761 762 /* 763 * A "jremref" structure tracks a removed reference (unlink) on an 764 * inode and prevents the directory remove from proceeding until the 765 * journal entry is written. Once the journal has been written the remove 766 * may proceed as normal. 767 */ 768 struct jremref { 769 struct inoref jr_ref; /* see inoref above. */ 770 # define jr_list jr_ref.if_list /* Linked to softdep_journal_pending. */ 771 # define jr_state jr_ref.if_list.wk_state 772 LIST_ENTRY(jremref) jr_deps; /* Links for dirrem. */ 773 struct dirrem *jr_dirrem; /* Back pointer to dirrem. */ 774 }; 775 776 /* 777 * A "jmvref" structure tracks a name relocations within the same 778 * directory block that occur as a result of directory compaction. 779 * It prevents the updated directory entry from being written to disk 780 * until the journal entry is written. Once the journal has been 781 * written the compacted directory may be written to disk. 782 */ 783 struct jmvref { 784 struct worklist jm_list; /* Linked to softdep_journal_pending. */ 785 LIST_ENTRY(jmvref) jm_deps; /* Jmvref on pagedep. */ 786 struct pagedep *jm_pagedep; /* Back pointer to pagedep. */ 787 ino_t jm_parent; /* Containing directory inode number. */ 788 ino_t jm_ino; /* Inode number of our entry. */ 789 off_t jm_oldoff; /* Our old offset in directory. */ 790 off_t jm_newoff; /* Our new offset in directory. */ 791 }; 792 793 /* 794 * A "jnewblk" structure tracks a newly allocated block or fragment and 795 * prevents the direct or indirect block pointer as well as the cg bitmap 796 * from being written until it is logged. After it is logged the jsegdep 797 * is attached to the allocdirect or allocindir until the operation is 798 * completed or reverted. If the operation is reverted prior to the journal 799 * write the jnewblk structure is maintained to prevent the bitmaps from 800 * reaching the disk. Ultimately the jnewblk structure will be passed 801 * to the free routine as the in memory cg is modified back to the free 802 * state at which time it can be released. It may be held on any of the 803 * fx_jwork, fw_jwork, fb_jwork, ff_jwork, nb_jwork, or ir_jwork lists. 804 */ 805 struct jnewblk { 806 struct worklist jn_list; /* See lists above. */ 807 # define jn_state jn_list.wk_state 808 struct jsegdep *jn_jsegdep; /* Will track our journal record. */ 809 LIST_ENTRY(jnewblk) jn_deps; /* Jnewblks on sm_jnewblkhd. */ 810 LIST_ENTRY(jnewblk) jn_indirdeps; /* Jnewblks on ir_jnewblkhd. */ 811 struct worklist *jn_dep; /* Dependency to ref completed seg. */ 812 ino_t jn_ino; /* Ino to which allocated. */ 813 ufs_lbn_t jn_lbn; /* Lbn to which allocated. */ 814 ufs2_daddr_t jn_blkno; /* Blkno allocated */ 815 int jn_oldfrags; /* Previous fragments when extended. */ 816 int jn_frags; /* Number of fragments. */ 817 }; 818 819 /* 820 * A "jfreeblk" structure tracks the journal write for freeing a block 821 * or tree of blocks. The block pointer must not be cleared in the inode 822 * or indirect prior to the jfreeblk being written to the journal. 823 */ 824 struct jfreeblk { 825 struct worklist jf_list; /* Linked to softdep_journal_pending. */ 826 # define jf_state jf_list.wk_state 827 struct jsegdep *jf_jsegdep; /* Will track our journal record. */ 828 struct freeblks *jf_freeblks; /* Back pointer to freeblks. */ 829 LIST_ENTRY(jfreeblk) jf_deps; /* Jfreeblk on fb_jfreeblkhd. */ 830 ino_t jf_ino; /* Ino from which blocks freed. */ 831 ufs_lbn_t jf_lbn; /* Lbn from which blocks freed. */ 832 ufs2_daddr_t jf_blkno; /* Blkno being freed. */ 833 int jf_frags; /* Number of frags being freed. */ 834 }; 835 836 /* 837 * A "jfreefrag" tracks the freeing of a single block when a fragment is 838 * extended or an indirect page is replaced. It is not part of a larger 839 * freeblks operation. 840 */ 841 struct jfreefrag { 842 struct worklist fr_list; /* Linked to softdep_journal_pending. */ 843 # define fr_state fr_list.wk_state 844 struct jsegdep *fr_jsegdep; /* Will track our journal record. */ 845 struct freefrag *fr_freefrag; /* Back pointer to freefrag. */ 846 ino_t fr_ino; /* Ino from which frag freed. */ 847 ufs_lbn_t fr_lbn; /* Lbn from which frag freed. */ 848 ufs2_daddr_t fr_blkno; /* Blkno being freed. */ 849 int fr_frags; /* Size of frag being freed. */ 850 }; 851 852 /* 853 * A "jtrunc" journals the intent to truncate an inode to a non-zero 854 * value. This is done synchronously prior to the synchronous partial 855 * truncation process. The jsegdep is not released until the truncation 856 * is complete and the truncated inode is fsync'd. 857 */ 858 struct jtrunc { 859 struct worklist jt_list; /* Linked to softdep_journal_pending. */ 860 struct jsegdep *jt_jsegdep; /* Will track our journal record. */ 861 ino_t jt_ino; /* Ino being truncated. */ 862 off_t jt_size; /* Final file size. */ 863 int jt_extsize; /* Final extent size. */ 864 }; 865 866 /* 867 * A "jsegdep" structure tracks a single reference to a written journal 868 * segment so the journal space can be reclaimed when all dependencies 869 * have been written. It can hang off of id_inowait, dm_jwork, da_jwork, 870 * nb_jwork, ff_jwork, or fb_jwork lists. 871 */ 872 struct jsegdep { 873 struct worklist jd_list; /* See above for lists. */ 874 # define jd_state jd_list.wk_state 875 struct jseg *jd_seg; /* Our journal record. */ 876 }; 877 878 /* 879 * A "jseg" structure contains all of the journal records written in a 880 * single disk write. The jaddref and jremref structures are linked into 881 * js_entries so thay may be completed when the write completes. The 882 * js_entries also include the write dependency structures: jmvref, 883 * jnewblk, jfreeblk, jfreefrag, and jtrunc. The js_refs field counts 884 * the number of entries on the js_entries list. Thus there is a single 885 * jseg entry to describe each journal write. 886 */ 887 struct jseg { 888 struct worklist js_list; /* b_deps link for journal */ 889 # define js_state js_list.wk_state 890 struct workhead js_entries; /* Entries awaiting write */ 891 LIST_HEAD(, freework) js_indirs;/* List of indirects in this seg. */ 892 TAILQ_ENTRY(jseg) js_next; /* List of all unfinished segments. */ 893 struct jblocks *js_jblocks; /* Back pointer to block/seg list */ 894 struct buf *js_buf; /* Buffer while unwritten */ 895 uint64_t js_seq; /* Journal record sequence number. */ 896 uint64_t js_oldseq; /* Oldest valid sequence number. */ 897 int js_size; /* Size of journal record in bytes. */ 898 int js_cnt; /* Total items allocated. */ 899 int js_refs; /* Count of js_entries items. */ 900 }; 901 902 /* 903 * A 'sbdep' structure tracks the head of the free inode list and 904 * superblock writes. This makes sure the superblock is always pointing at 905 * the first possible unlinked inode for the suj recovery process. If a 906 * block write completes and we discover a new head is available the buf 907 * is dirtied and the dep is kept. See the description of the UNLINK* 908 * flags above for more details. 909 */ 910 struct sbdep { 911 struct worklist sb_list; /* b_dep linkage */ 912 struct fs *sb_fs; /* Filesystem pointer within buf. */ 913 struct ufsmount *sb_ump; /* Our mount structure */ 914 }; 915