xref: /freebsd/sys/vm/vnode_pager.c (revision 357378bbdedf24ce2b90e9bd831af4a9db3ec70a)
1 /*-
2  * SPDX-License-Identifier: BSD-4-Clause
3  *
4  * Copyright (c) 1990 University of Utah.
5  * Copyright (c) 1991 The Regents of the University of California.
6  * All rights reserved.
7  * Copyright (c) 1993, 1994 John S. Dyson
8  * Copyright (c) 1995, David Greenman
9  *
10  * This code is derived from software contributed to Berkeley by
11  * the Systems Programming Group of the University of Utah Computer
12  * Science Department.
13  *
14  * Redistribution and use in source and binary forms, with or without
15  * modification, are permitted provided that the following conditions
16  * are met:
17  * 1. Redistributions of source code must retain the above copyright
18  *    notice, this list of conditions and the following disclaimer.
19  * 2. Redistributions in binary form must reproduce the above copyright
20  *    notice, this list of conditions and the following disclaimer in the
21  *    documentation and/or other materials provided with the distribution.
22  * 3. All advertising materials mentioning features or use of this software
23  *    must display the following acknowledgement:
24  *	This product includes software developed by the University of
25  *	California, Berkeley and its contributors.
26  * 4. Neither the name of the University nor the names of its contributors
27  *    may be used to endorse or promote products derived from this software
28  *    without specific prior written permission.
29  *
30  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
31  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
32  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
33  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
34  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
35  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
36  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
37  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
38  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
39  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
40  * SUCH DAMAGE.
41  */
42 
43 /*
44  * Page to/from files (vnodes).
45  */
46 
47 /*
48  * TODO:
49  *	Implement VOP_GETPAGES/PUTPAGES interface for filesystems. Will
50  *	greatly re-simplify the vnode_pager.
51  */
52 
53 #include <sys/cdefs.h>
54 #include "opt_vm.h"
55 
56 #include <sys/param.h>
57 #include <sys/kernel.h>
58 #include <sys/systm.h>
59 #include <sys/sysctl.h>
60 #include <sys/proc.h>
61 #include <sys/vnode.h>
62 #include <sys/mount.h>
63 #include <sys/bio.h>
64 #include <sys/buf.h>
65 #include <sys/vmmeter.h>
66 #include <sys/ktr.h>
67 #include <sys/limits.h>
68 #include <sys/conf.h>
69 #include <sys/refcount.h>
70 #include <sys/rwlock.h>
71 #include <sys/sf_buf.h>
72 #include <sys/domainset.h>
73 #include <sys/user.h>
74 
75 #include <machine/atomic.h>
76 
77 #include <vm/vm.h>
78 #include <vm/vm_param.h>
79 #include <vm/vm_object.h>
80 #include <vm/vm_page.h>
81 #include <vm/vm_pager.h>
82 #include <vm/vm_map.h>
83 #include <vm/vnode_pager.h>
84 #include <vm/vm_extern.h>
85 #include <vm/uma.h>
86 
87 static int vnode_pager_addr(struct vnode *vp, vm_ooffset_t address,
88     daddr_t *rtaddress, int *run);
89 static int vnode_pager_input_smlfs(vm_object_t object, vm_page_t m);
90 static int vnode_pager_input_old(vm_object_t object, vm_page_t m);
91 static void vnode_pager_dealloc(vm_object_t);
92 static int vnode_pager_getpages(vm_object_t, vm_page_t *, int, int *, int *);
93 static int vnode_pager_getpages_async(vm_object_t, vm_page_t *, int, int *,
94     int *, vop_getpages_iodone_t, void *);
95 static void vnode_pager_putpages(vm_object_t, vm_page_t *, int, int, int *);
96 static boolean_t vnode_pager_haspage(vm_object_t, vm_pindex_t, int *, int *);
97 static vm_object_t vnode_pager_alloc(void *, vm_ooffset_t, vm_prot_t,
98     vm_ooffset_t, struct ucred *cred);
99 static int vnode_pager_generic_getpages_done(struct buf *);
100 static void vnode_pager_generic_getpages_done_async(struct buf *);
101 static void vnode_pager_update_writecount(vm_object_t, vm_offset_t,
102     vm_offset_t);
103 static void vnode_pager_release_writecount(vm_object_t, vm_offset_t,
104     vm_offset_t);
105 static void vnode_pager_getvp(vm_object_t, struct vnode **, bool *);
106 
107 const struct pagerops vnodepagerops = {
108 	.pgo_kvme_type = KVME_TYPE_VNODE,
109 	.pgo_alloc =	vnode_pager_alloc,
110 	.pgo_dealloc =	vnode_pager_dealloc,
111 	.pgo_getpages =	vnode_pager_getpages,
112 	.pgo_getpages_async = vnode_pager_getpages_async,
113 	.pgo_putpages =	vnode_pager_putpages,
114 	.pgo_haspage =	vnode_pager_haspage,
115 	.pgo_update_writecount = vnode_pager_update_writecount,
116 	.pgo_release_writecount = vnode_pager_release_writecount,
117 	.pgo_set_writeable_dirty = vm_object_set_writeable_dirty_,
118 	.pgo_mightbedirty = vm_object_mightbedirty_,
119 	.pgo_getvp = vnode_pager_getvp,
120 };
121 
122 static struct domainset *vnode_domainset = NULL;
123 
124 SYSCTL_PROC(_debug, OID_AUTO, vnode_domainset,
125     CTLTYPE_STRING | CTLFLAG_MPSAFE | CTLFLAG_RW, &vnode_domainset, 0,
126     sysctl_handle_domainset, "A", "Default vnode NUMA policy");
127 
128 static int nvnpbufs;
129 SYSCTL_INT(_vm, OID_AUTO, vnode_pbufs, CTLFLAG_RDTUN | CTLFLAG_NOFETCH,
130     &nvnpbufs, 0, "number of physical buffers allocated for vnode pager");
131 
132 static uma_zone_t vnode_pbuf_zone;
133 
134 static void
135 vnode_pager_init(void *dummy)
136 {
137 
138 #ifdef __LP64__
139 	nvnpbufs = nswbuf * 2;
140 #else
141 	nvnpbufs = nswbuf / 2;
142 #endif
143 	TUNABLE_INT_FETCH("vm.vnode_pbufs", &nvnpbufs);
144 	vnode_pbuf_zone = pbuf_zsecond_create("vnpbuf", nvnpbufs);
145 }
146 SYSINIT(vnode_pager, SI_SUB_CPU, SI_ORDER_ANY, vnode_pager_init, NULL);
147 
148 /* Create the VM system backing object for this vnode */
149 static int
150 vnode_create_vobject_any(struct vnode *vp, off_t isize, struct thread *td)
151 {
152 	vm_object_t object;
153 	vm_ooffset_t size;
154 	bool last;
155 
156 	object = vp->v_object;
157 	if (object != NULL)
158 		return (0);
159 
160 	if (isize == VNODE_NO_SIZE) {
161 		if (vn_getsize_locked(vp, &size, td->td_ucred) != 0)
162 			return (0);
163 	} else {
164 		size = isize;
165 	}
166 
167 	object = vnode_pager_alloc(vp, size, 0, 0, td->td_ucred);
168 	/*
169 	 * Dereference the reference we just created.  This assumes
170 	 * that the object is associated with the vp.  We still have
171 	 * to serialize with vnode_pager_dealloc() for the last
172 	 * potential reference.
173 	 */
174 	VM_OBJECT_RLOCK(object);
175 	last = refcount_release(&object->ref_count);
176 	VM_OBJECT_RUNLOCK(object);
177 	if (last)
178 		vrele(vp);
179 
180 	VNASSERT(vp->v_object != NULL, vp, ("%s: NULL object", __func__));
181 
182 	return (0);
183 }
184 
185 int
186 vnode_create_vobject(struct vnode *vp, off_t isize, struct thread *td)
187 {
188 	VNASSERT(!vn_isdisk(vp), vp, ("%s: disk vnode", __func__));
189 	VNASSERT(isize == VNODE_NO_SIZE || isize >= 0, vp,
190 	    ("%s: invalid size (%jd)", __func__, (intmax_t)isize));
191 
192 	if (!vn_canvmio(vp))
193 		return (0);
194 
195 	return (vnode_create_vobject_any(vp, isize, td));
196 }
197 
198 int
199 vnode_create_disk_vobject(struct vnode *vp, off_t isize, struct thread *td)
200 {
201 	VNASSERT(isize > 0, vp, ("%s: invalid size (%jd)", __func__,
202 	    (intmax_t)isize));
203 
204 	return (vnode_create_vobject_any(vp, isize, td));
205 }
206 
207 void
208 vnode_destroy_vobject(struct vnode *vp)
209 {
210 	struct vm_object *obj;
211 
212 	obj = vp->v_object;
213 	if (obj == NULL || obj->handle != vp)
214 		return;
215 	ASSERT_VOP_ELOCKED(vp, "vnode_destroy_vobject");
216 	VM_OBJECT_WLOCK(obj);
217 	MPASS(obj->type == OBJT_VNODE);
218 	umtx_shm_object_terminated(obj);
219 	if (obj->ref_count == 0) {
220 		KASSERT((obj->flags & OBJ_DEAD) == 0,
221 		   ("vnode_destroy_vobject: Terminating dead object"));
222 		vm_object_set_flag(obj, OBJ_DEAD);
223 
224 		/*
225 		 * Clean pages and flush buffers.
226 		 */
227 		vm_object_page_clean(obj, 0, 0, OBJPC_SYNC);
228 		VM_OBJECT_WUNLOCK(obj);
229 
230 		vinvalbuf(vp, V_SAVE, 0, 0);
231 
232 		BO_LOCK(&vp->v_bufobj);
233 		vp->v_bufobj.bo_flag |= BO_DEAD;
234 		BO_UNLOCK(&vp->v_bufobj);
235 
236 		VM_OBJECT_WLOCK(obj);
237 		vm_object_terminate(obj);
238 	} else {
239 		/*
240 		 * Woe to the process that tries to page now :-).
241 		 */
242 		vm_pager_deallocate(obj);
243 		VM_OBJECT_WUNLOCK(obj);
244 	}
245 	KASSERT(vp->v_object == NULL, ("vp %p obj %p", vp, vp->v_object));
246 }
247 
248 /*
249  * Allocate (or lookup) pager for a vnode.
250  * Handle is a vnode pointer.
251  */
252 vm_object_t
253 vnode_pager_alloc(void *handle, vm_ooffset_t size, vm_prot_t prot,
254     vm_ooffset_t offset, struct ucred *cred)
255 {
256 	vm_object_t object;
257 	struct vnode *vp;
258 
259 	/*
260 	 * Pageout to vnode, no can do yet.
261 	 */
262 	if (handle == NULL)
263 		return (NULL);
264 
265 	vp = (struct vnode *)handle;
266 	ASSERT_VOP_LOCKED(vp, "vnode_pager_alloc");
267 	VNPASS(vp->v_usecount > 0, vp);
268 retry:
269 	object = vp->v_object;
270 
271 	if (object == NULL) {
272 		/*
273 		 * Add an object of the appropriate size
274 		 */
275 		object = vm_object_allocate(OBJT_VNODE,
276 		    OFF_TO_IDX(round_page(size)));
277 
278 		object->un_pager.vnp.vnp_size = size;
279 		object->un_pager.vnp.writemappings = 0;
280 		object->domain.dr_policy = vnode_domainset;
281 		object->handle = handle;
282 		if ((vp->v_vflag & VV_VMSIZEVNLOCK) != 0) {
283 			VM_OBJECT_WLOCK(object);
284 			vm_object_set_flag(object, OBJ_SIZEVNLOCK);
285 			VM_OBJECT_WUNLOCK(object);
286 		}
287 		VI_LOCK(vp);
288 		if (vp->v_object != NULL) {
289 			/*
290 			 * Object has been created while we were allocating.
291 			 */
292 			VI_UNLOCK(vp);
293 			VM_OBJECT_WLOCK(object);
294 			KASSERT(object->ref_count == 1,
295 			    ("leaked ref %p %d", object, object->ref_count));
296 			object->type = OBJT_DEAD;
297 			refcount_init(&object->ref_count, 0);
298 			VM_OBJECT_WUNLOCK(object);
299 			vm_object_destroy(object);
300 			goto retry;
301 		}
302 		vp->v_object = object;
303 		VI_UNLOCK(vp);
304 		vrefact(vp);
305 	} else {
306 		vm_object_reference(object);
307 #if VM_NRESERVLEVEL > 0
308 		if ((object->flags & OBJ_COLORED) == 0) {
309 			VM_OBJECT_WLOCK(object);
310 			vm_object_color(object, 0);
311 			VM_OBJECT_WUNLOCK(object);
312 		}
313 #endif
314 	}
315 	return (object);
316 }
317 
318 /*
319  *	The object must be locked.
320  */
321 static void
322 vnode_pager_dealloc(vm_object_t object)
323 {
324 	struct vnode *vp;
325 	int refs;
326 
327 	vp = object->handle;
328 	if (vp == NULL)
329 		panic("vnode_pager_dealloc: pager already dealloced");
330 
331 	VM_OBJECT_ASSERT_WLOCKED(object);
332 	vm_object_pip_wait(object, "vnpdea");
333 	refs = object->ref_count;
334 
335 	object->handle = NULL;
336 	object->type = OBJT_DEAD;
337 	ASSERT_VOP_ELOCKED(vp, "vnode_pager_dealloc");
338 	if (object->un_pager.vnp.writemappings > 0) {
339 		object->un_pager.vnp.writemappings = 0;
340 		VOP_ADD_WRITECOUNT_CHECKED(vp, -1);
341 		CTR3(KTR_VFS, "%s: vp %p v_writecount decreased to %d",
342 		    __func__, vp, vp->v_writecount);
343 	}
344 	vp->v_object = NULL;
345 	VI_LOCK(vp);
346 
347 	/*
348 	 * vm_map_entry_set_vnode_text() cannot reach this vnode by
349 	 * following object->handle.  Clear all text references now.
350 	 * This also clears the transient references from
351 	 * kern_execve(), which is fine because dead_vnodeops uses nop
352 	 * for VOP_UNSET_TEXT().
353 	 */
354 	if (vp->v_writecount < 0)
355 		vp->v_writecount = 0;
356 	VI_UNLOCK(vp);
357 	VM_OBJECT_WUNLOCK(object);
358 	if (refs > 0)
359 		vunref(vp);
360 	VM_OBJECT_WLOCK(object);
361 }
362 
363 static boolean_t
364 vnode_pager_haspage(vm_object_t object, vm_pindex_t pindex, int *before,
365     int *after)
366 {
367 	struct vnode *vp = object->handle;
368 	daddr_t bn;
369 	uintptr_t lockstate;
370 	int err;
371 	daddr_t reqblock;
372 	int poff;
373 	int bsize;
374 	int pagesperblock, blocksperpage;
375 
376 	VM_OBJECT_ASSERT_LOCKED(object);
377 	/*
378 	 * If no vp or vp is doomed or marked transparent to VM, we do not
379 	 * have the page.
380 	 */
381 	if (vp == NULL || VN_IS_DOOMED(vp))
382 		return FALSE;
383 	/*
384 	 * If the offset is beyond end of file we do
385 	 * not have the page.
386 	 */
387 	if (IDX_TO_OFF(pindex) >= object->un_pager.vnp.vnp_size)
388 		return FALSE;
389 
390 	bsize = vp->v_mount->mnt_stat.f_iosize;
391 	pagesperblock = bsize / PAGE_SIZE;
392 	blocksperpage = 0;
393 	if (pagesperblock > 0) {
394 		reqblock = pindex / pagesperblock;
395 	} else {
396 		blocksperpage = (PAGE_SIZE / bsize);
397 		reqblock = pindex * blocksperpage;
398 	}
399 	lockstate = VM_OBJECT_DROP(object);
400 	err = VOP_BMAP(vp, reqblock, NULL, &bn, after, before);
401 	VM_OBJECT_PICKUP(object, lockstate);
402 	if (err)
403 		return TRUE;
404 	if (bn == -1)
405 		return FALSE;
406 	if (pagesperblock > 0) {
407 		poff = pindex - (reqblock * pagesperblock);
408 		if (before) {
409 			*before *= pagesperblock;
410 			*before += poff;
411 		}
412 		if (after) {
413 			/*
414 			 * The BMAP vop can report a partial block in the
415 			 * 'after', but must not report blocks after EOF.
416 			 * Assert the latter, and truncate 'after' in case
417 			 * of the former.
418 			 */
419 			KASSERT((reqblock + *after) * pagesperblock <
420 			    roundup2(object->size, pagesperblock),
421 			    ("%s: reqblock %jd after %d size %ju", __func__,
422 			    (intmax_t )reqblock, *after,
423 			    (uintmax_t )object->size));
424 			*after *= pagesperblock;
425 			*after += pagesperblock - (poff + 1);
426 			if (pindex + *after >= object->size)
427 				*after = object->size - 1 - pindex;
428 		}
429 	} else {
430 		if (before) {
431 			*before /= blocksperpage;
432 		}
433 
434 		if (after) {
435 			*after /= blocksperpage;
436 		}
437 	}
438 	return TRUE;
439 }
440 
441 /*
442  * Internal routine clearing partial-page content
443  */
444 static void
445 vnode_pager_subpage_purge(struct vm_page *m, int base, int end)
446 {
447 	int size;
448 
449 	KASSERT(end > base && end <= PAGE_SIZE,
450 	    ("%s: start %d end %d", __func__, base, end));
451 	size = end - base;
452 
453 	/*
454 	 * Clear out partial-page garbage in case
455 	 * the page has been mapped.
456 	 */
457 	pmap_zero_page_area(m, base, size);
458 
459 	/*
460 	 * Update the valid bits to reflect the blocks
461 	 * that have been zeroed.  Some of these valid
462 	 * bits may have already been set.
463 	 */
464 	vm_page_set_valid_range(m, base, size);
465 
466 	/*
467 	 * Round up "base" to the next block boundary so
468 	 * that the dirty bit for a partially zeroed
469 	 * block is not cleared.
470 	 */
471 	base = roundup2(base, DEV_BSIZE);
472 	end = rounddown2(end, DEV_BSIZE);
473 
474 	if (end > base) {
475 		/*
476 		 * Clear out partial-page dirty bits.
477 		 *
478 		 * note that we do not clear out the
479 		 * valid bits.  This would prevent
480 		 * bogus_page replacement from working
481 		 * properly.
482 		 */
483 		vm_page_clear_dirty(m, base, end - base);
484 	}
485 
486 }
487 
488 /*
489  * Lets the VM system know about a change in size for a file.
490  * We adjust our own internal size and flush any cached pages in
491  * the associated object that are affected by the size change.
492  *
493  * Note: this routine may be invoked as a result of a pager put
494  * operation (possibly at object termination time), so we must be careful.
495  */
496 void
497 vnode_pager_setsize(struct vnode *vp, vm_ooffset_t nsize)
498 {
499 	vm_object_t object;
500 	vm_page_t m;
501 	vm_pindex_t nobjsize;
502 
503 	if ((object = vp->v_object) == NULL)
504 		return;
505 #ifdef DEBUG_VFS_LOCKS
506 	{
507 		struct mount *mp;
508 
509 		mp = vp->v_mount;
510 		if (mp != NULL && (mp->mnt_kern_flag & MNTK_VMSETSIZE_BUG) == 0)
511 			assert_vop_elocked(vp,
512 			    "vnode_pager_setsize and not locked vnode");
513 	}
514 #endif
515 	VM_OBJECT_WLOCK(object);
516 	if (object->type == OBJT_DEAD) {
517 		VM_OBJECT_WUNLOCK(object);
518 		return;
519 	}
520 	KASSERT(object->type == OBJT_VNODE,
521 	    ("not vnode-backed object %p", object));
522 	if (nsize == object->un_pager.vnp.vnp_size) {
523 		/*
524 		 * Hasn't changed size
525 		 */
526 		VM_OBJECT_WUNLOCK(object);
527 		return;
528 	}
529 	nobjsize = OFF_TO_IDX(nsize + PAGE_MASK);
530 	if (nsize < object->un_pager.vnp.vnp_size) {
531 		/*
532 		 * File has shrunk. Toss any cached pages beyond the new EOF.
533 		 */
534 		if (nobjsize < object->size)
535 			vm_object_page_remove(object, nobjsize, object->size,
536 			    0);
537 		/*
538 		 * this gets rid of garbage at the end of a page that is now
539 		 * only partially backed by the vnode.
540 		 *
541 		 * XXX for some reason (I don't know yet), if we take a
542 		 * completely invalid page and mark it partially valid
543 		 * it can screw up NFS reads, so we don't allow the case.
544 		 */
545 		if (!(nsize & PAGE_MASK))
546 			goto out;
547 		m = vm_page_grab(object, OFF_TO_IDX(nsize), VM_ALLOC_NOCREAT);
548 		if (m == NULL)
549 			goto out;
550 		if (!vm_page_none_valid(m))
551 			vnode_pager_subpage_purge(m, (int)nsize & PAGE_MASK,
552 			    PAGE_SIZE);
553 		vm_page_xunbusy(m);
554 	}
555 out:
556 #if defined(__powerpc__) && !defined(__powerpc64__)
557 	object->un_pager.vnp.vnp_size = nsize;
558 #else
559 	atomic_store_64(&object->un_pager.vnp.vnp_size, nsize);
560 #endif
561 	object->size = nobjsize;
562 	VM_OBJECT_WUNLOCK(object);
563 }
564 
565 /*
566  * Lets the VM system know about the purged range for a file. We toss away any
567  * cached pages in the associated object that are affected by the purge
568  * operation. Partial-page area not aligned to page boundaries will be zeroed
569  * and the dirty blocks in DEV_BSIZE unit within a page will not be flushed.
570  */
571 void
572 vnode_pager_purge_range(struct vnode *vp, vm_ooffset_t start, vm_ooffset_t end)
573 {
574 	struct vm_page *m;
575 	struct vm_object *object;
576 	vm_pindex_t pi, pistart, piend;
577 	bool same_page;
578 	int base, pend;
579 
580 	ASSERT_VOP_LOCKED(vp, "vnode_pager_purge_range");
581 
582 	object = vp->v_object;
583 	pi = start + PAGE_MASK < start ? OBJ_MAX_SIZE :
584 	    OFF_TO_IDX(start + PAGE_MASK);
585 	pistart = OFF_TO_IDX(start);
586 	piend = end == 0 ? OBJ_MAX_SIZE : OFF_TO_IDX(end);
587 	same_page = pistart == piend;
588 	if ((end != 0 && end <= start) || object == NULL)
589 		return;
590 
591 	VM_OBJECT_WLOCK(object);
592 
593 	if (pi < piend)
594 		vm_object_page_remove(object, pi, piend, 0);
595 
596 	if ((start & PAGE_MASK) != 0) {
597 		base = (int)start & PAGE_MASK;
598 		pend = same_page ? (int)end & PAGE_MASK : PAGE_SIZE;
599 		m = vm_page_grab(object, pistart, VM_ALLOC_NOCREAT);
600 		if (m != NULL) {
601 			if (!vm_page_none_valid(m))
602 				vnode_pager_subpage_purge(m, base, pend);
603 			vm_page_xunbusy(m);
604 		}
605 		if (same_page)
606 			goto out;
607 	}
608 	if ((end & PAGE_MASK) != 0) {
609 		base = same_page ? (int)start & PAGE_MASK : 0 ;
610 		pend = (int)end & PAGE_MASK;
611 		m = vm_page_grab(object, piend, VM_ALLOC_NOCREAT);
612 		if (m != NULL) {
613 			if (!vm_page_none_valid(m))
614 				vnode_pager_subpage_purge(m, base, pend);
615 			vm_page_xunbusy(m);
616 		}
617 	}
618 out:
619 	VM_OBJECT_WUNLOCK(object);
620 }
621 
622 /*
623  * calculate the linear (byte) disk address of specified virtual
624  * file address
625  */
626 static int
627 vnode_pager_addr(struct vnode *vp, vm_ooffset_t address, daddr_t *rtaddress,
628     int *run)
629 {
630 	int bsize;
631 	int err;
632 	daddr_t vblock;
633 	daddr_t voffset;
634 
635 	if (VN_IS_DOOMED(vp))
636 		return -1;
637 
638 	bsize = vp->v_mount->mnt_stat.f_iosize;
639 	vblock = address / bsize;
640 	voffset = address % bsize;
641 
642 	err = VOP_BMAP(vp, vblock, NULL, rtaddress, run, NULL);
643 	if (err == 0) {
644 		if (*rtaddress != -1)
645 			*rtaddress += voffset / DEV_BSIZE;
646 		if (run) {
647 			*run += 1;
648 			*run *= bsize / PAGE_SIZE;
649 			*run -= voffset / PAGE_SIZE;
650 		}
651 	}
652 
653 	return (err);
654 }
655 
656 static void
657 vnode_pager_input_bdone(struct buf *bp)
658 {
659 	runningbufwakeup(bp);
660 	bdone(bp);
661 }
662 
663 /*
664  * small block filesystem vnode pager input
665  */
666 static int
667 vnode_pager_input_smlfs(vm_object_t object, vm_page_t m)
668 {
669 	struct vnode *vp;
670 	struct bufobj *bo;
671 	struct buf *bp;
672 	struct sf_buf *sf;
673 	daddr_t fileaddr;
674 	vm_offset_t bsize;
675 	vm_page_bits_t bits;
676 	int error, i;
677 
678 	error = 0;
679 	vp = object->handle;
680 	if (VN_IS_DOOMED(vp))
681 		return VM_PAGER_BAD;
682 
683 	bsize = vp->v_mount->mnt_stat.f_iosize;
684 
685 	VOP_BMAP(vp, 0, &bo, 0, NULL, NULL);
686 
687 	sf = sf_buf_alloc(m, 0);
688 
689 	for (i = 0; i < PAGE_SIZE / bsize; i++) {
690 		vm_ooffset_t address;
691 
692 		bits = vm_page_bits(i * bsize, bsize);
693 		if (m->valid & bits)
694 			continue;
695 
696 		address = IDX_TO_OFF(m->pindex) + i * bsize;
697 		if (address >= object->un_pager.vnp.vnp_size) {
698 			fileaddr = -1;
699 		} else {
700 			error = vnode_pager_addr(vp, address, &fileaddr, NULL);
701 			if (error)
702 				break;
703 		}
704 		if (fileaddr != -1) {
705 			bp = uma_zalloc(vnode_pbuf_zone, M_WAITOK);
706 
707 			/* build a minimal buffer header */
708 			bp->b_iocmd = BIO_READ;
709 			bp->b_iodone = vnode_pager_input_bdone;
710 			KASSERT(bp->b_rcred == NOCRED, ("leaking read ucred"));
711 			KASSERT(bp->b_wcred == NOCRED, ("leaking write ucred"));
712 			bp->b_rcred = crhold(curthread->td_ucred);
713 			bp->b_wcred = crhold(curthread->td_ucred);
714 			bp->b_data = (caddr_t)sf_buf_kva(sf) + i * bsize;
715 			bp->b_blkno = fileaddr;
716 			pbgetbo(bo, bp);
717 			bp->b_vp = vp;
718 			bp->b_bcount = bsize;
719 			bp->b_bufsize = bsize;
720 			bp->b_runningbufspace = bp->b_bufsize;
721 			atomic_add_long(&runningbufspace, bp->b_runningbufspace);
722 
723 			/* do the input */
724 			bp->b_iooffset = dbtob(bp->b_blkno);
725 			bstrategy(bp);
726 
727 			bwait(bp, PVM, "vnsrd");
728 
729 			if ((bp->b_ioflags & BIO_ERROR) != 0) {
730 				KASSERT(bp->b_error != 0,
731 				    ("%s: buf error but b_error == 0\n", __func__));
732 				error = bp->b_error;
733 			}
734 
735 			/*
736 			 * free the buffer header back to the swap buffer pool
737 			 */
738 			bp->b_vp = NULL;
739 			pbrelbo(bp);
740 			uma_zfree(vnode_pbuf_zone, bp);
741 			if (error)
742 				break;
743 		} else
744 			bzero((caddr_t)sf_buf_kva(sf) + i * bsize, bsize);
745 		KASSERT((m->dirty & bits) == 0,
746 		    ("vnode_pager_input_smlfs: page %p is dirty", m));
747 		vm_page_bits_set(m, &m->valid, bits);
748 	}
749 	sf_buf_free(sf);
750 	if (error) {
751 		return VM_PAGER_ERROR;
752 	}
753 	return VM_PAGER_OK;
754 }
755 
756 /*
757  * old style vnode pager input routine
758  */
759 static int
760 vnode_pager_input_old(vm_object_t object, vm_page_t m)
761 {
762 	struct uio auio;
763 	struct iovec aiov;
764 	int error;
765 	int size;
766 	struct sf_buf *sf;
767 	struct vnode *vp;
768 
769 	VM_OBJECT_ASSERT_WLOCKED(object);
770 	error = 0;
771 
772 	/*
773 	 * Return failure if beyond current EOF
774 	 */
775 	if (IDX_TO_OFF(m->pindex) >= object->un_pager.vnp.vnp_size) {
776 		return VM_PAGER_BAD;
777 	} else {
778 		size = PAGE_SIZE;
779 		if (IDX_TO_OFF(m->pindex) + size > object->un_pager.vnp.vnp_size)
780 			size = object->un_pager.vnp.vnp_size - IDX_TO_OFF(m->pindex);
781 		vp = object->handle;
782 		VM_OBJECT_WUNLOCK(object);
783 
784 		/*
785 		 * Allocate a kernel virtual address and initialize so that
786 		 * we can use VOP_READ/WRITE routines.
787 		 */
788 		sf = sf_buf_alloc(m, 0);
789 
790 		aiov.iov_base = (caddr_t)sf_buf_kva(sf);
791 		aiov.iov_len = size;
792 		auio.uio_iov = &aiov;
793 		auio.uio_iovcnt = 1;
794 		auio.uio_offset = IDX_TO_OFF(m->pindex);
795 		auio.uio_segflg = UIO_SYSSPACE;
796 		auio.uio_rw = UIO_READ;
797 		auio.uio_resid = size;
798 		auio.uio_td = curthread;
799 
800 		error = VOP_READ(vp, &auio, 0, curthread->td_ucred);
801 		if (!error) {
802 			int count = size - auio.uio_resid;
803 
804 			if (count == 0)
805 				error = EINVAL;
806 			else if (count != PAGE_SIZE)
807 				bzero((caddr_t)sf_buf_kva(sf) + count,
808 				    PAGE_SIZE - count);
809 		}
810 		sf_buf_free(sf);
811 
812 		VM_OBJECT_WLOCK(object);
813 	}
814 	KASSERT(m->dirty == 0, ("vnode_pager_input_old: page %p is dirty", m));
815 	if (!error)
816 		vm_page_valid(m);
817 	return error ? VM_PAGER_ERROR : VM_PAGER_OK;
818 }
819 
820 /*
821  * generic vnode pager input routine
822  */
823 
824 /*
825  * Local media VFS's that do not implement their own VOP_GETPAGES
826  * should have their VOP_GETPAGES call to vnode_pager_generic_getpages()
827  * to implement the previous behaviour.
828  *
829  * All other FS's should use the bypass to get to the local media
830  * backing vp's VOP_GETPAGES.
831  */
832 static int
833 vnode_pager_getpages(vm_object_t object, vm_page_t *m, int count, int *rbehind,
834     int *rahead)
835 {
836 	struct vnode *vp;
837 	int rtval;
838 
839 	/* Handle is stable with paging in progress. */
840 	vp = object->handle;
841 	rtval = VOP_GETPAGES(vp, m, count, rbehind, rahead);
842 	KASSERT(rtval != EOPNOTSUPP,
843 	    ("vnode_pager: FS getpages not implemented\n"));
844 	return rtval;
845 }
846 
847 static int
848 vnode_pager_getpages_async(vm_object_t object, vm_page_t *m, int count,
849     int *rbehind, int *rahead, vop_getpages_iodone_t iodone, void *arg)
850 {
851 	struct vnode *vp;
852 	int rtval;
853 
854 	vp = object->handle;
855 	rtval = VOP_GETPAGES_ASYNC(vp, m, count, rbehind, rahead, iodone, arg);
856 	KASSERT(rtval != EOPNOTSUPP,
857 	    ("vnode_pager: FS getpages_async not implemented\n"));
858 	return (rtval);
859 }
860 
861 /*
862  * The implementation of VOP_GETPAGES() and VOP_GETPAGES_ASYNC() for
863  * local filesystems, where partially valid pages can only occur at
864  * the end of file.
865  */
866 int
867 vnode_pager_local_getpages(struct vop_getpages_args *ap)
868 {
869 
870 	return (vnode_pager_generic_getpages(ap->a_vp, ap->a_m, ap->a_count,
871 	    ap->a_rbehind, ap->a_rahead, NULL, NULL));
872 }
873 
874 int
875 vnode_pager_local_getpages_async(struct vop_getpages_async_args *ap)
876 {
877 	int error;
878 
879 	error = vnode_pager_generic_getpages(ap->a_vp, ap->a_m, ap->a_count,
880 	    ap->a_rbehind, ap->a_rahead, ap->a_iodone, ap->a_arg);
881 	if (error != 0 && ap->a_iodone != NULL)
882 		ap->a_iodone(ap->a_arg, ap->a_m, ap->a_count, error);
883 	return (error);
884 }
885 
886 /*
887  * This is now called from local media FS's to operate against their
888  * own vnodes if they fail to implement VOP_GETPAGES.
889  */
890 int
891 vnode_pager_generic_getpages(struct vnode *vp, vm_page_t *m, int count,
892     int *a_rbehind, int *a_rahead, vop_getpages_iodone_t iodone, void *arg)
893 {
894 	vm_object_t object;
895 	struct bufobj *bo;
896 	struct buf *bp;
897 	off_t foff;
898 #ifdef INVARIANTS
899 	off_t blkno0;
900 #endif
901 	int bsize, pagesperblock;
902 	int error, before, after, rbehind, rahead, poff, i;
903 	int bytecount, secmask;
904 
905 	KASSERT(vp->v_type != VCHR && vp->v_type != VBLK,
906 	    ("%s does not support devices", __func__));
907 
908 	if (VN_IS_DOOMED(vp))
909 		return (VM_PAGER_BAD);
910 
911 	object = vp->v_object;
912 	foff = IDX_TO_OFF(m[0]->pindex);
913 	bsize = vp->v_mount->mnt_stat.f_iosize;
914 	pagesperblock = bsize / PAGE_SIZE;
915 
916 	KASSERT(foff < object->un_pager.vnp.vnp_size,
917 	    ("%s: page %p offset beyond vp %p size", __func__, m[0], vp));
918 	KASSERT(count <= atop(maxphys),
919 	    ("%s: requested %d pages", __func__, count));
920 
921 	/*
922 	 * The last page has valid blocks.  Invalid part can only
923 	 * exist at the end of file, and the page is made fully valid
924 	 * by zeroing in vm_pager_get_pages().
925 	 */
926 	if (!vm_page_none_valid(m[count - 1]) && --count == 0) {
927 		if (iodone != NULL)
928 			iodone(arg, m, 1, 0);
929 		return (VM_PAGER_OK);
930 	}
931 
932 	bp = uma_zalloc(vnode_pbuf_zone, M_WAITOK);
933 	MPASS((bp->b_flags & B_MAXPHYS) != 0);
934 
935 	/*
936 	 * Get the underlying device blocks for the file with VOP_BMAP().
937 	 * If the file system doesn't support VOP_BMAP, use old way of
938 	 * getting pages via VOP_READ.
939 	 */
940 	error = VOP_BMAP(vp, foff / bsize, &bo, &bp->b_blkno, &after, &before);
941 	if (error == EOPNOTSUPP) {
942 		uma_zfree(vnode_pbuf_zone, bp);
943 		VM_OBJECT_WLOCK(object);
944 		for (i = 0; i < count; i++) {
945 			VM_CNT_INC(v_vnodein);
946 			VM_CNT_INC(v_vnodepgsin);
947 			error = vnode_pager_input_old(object, m[i]);
948 			if (error)
949 				break;
950 		}
951 		VM_OBJECT_WUNLOCK(object);
952 		return (error);
953 	} else if (error != 0) {
954 		uma_zfree(vnode_pbuf_zone, bp);
955 		return (VM_PAGER_ERROR);
956 	}
957 
958 	/*
959 	 * If the file system supports BMAP, but blocksize is smaller
960 	 * than a page size, then use special small filesystem code.
961 	 */
962 	if (pagesperblock == 0) {
963 		uma_zfree(vnode_pbuf_zone, bp);
964 		for (i = 0; i < count; i++) {
965 			VM_CNT_INC(v_vnodein);
966 			VM_CNT_INC(v_vnodepgsin);
967 			error = vnode_pager_input_smlfs(object, m[i]);
968 			if (error)
969 				break;
970 		}
971 		return (error);
972 	}
973 
974 	/*
975 	 * A sparse file can be encountered only for a single page request,
976 	 * which may not be preceded by call to vm_pager_haspage().
977 	 */
978 	if (bp->b_blkno == -1) {
979 		KASSERT(count == 1,
980 		    ("%s: array[%d] request to a sparse file %p", __func__,
981 		    count, vp));
982 		uma_zfree(vnode_pbuf_zone, bp);
983 		pmap_zero_page(m[0]);
984 		KASSERT(m[0]->dirty == 0, ("%s: page %p is dirty",
985 		    __func__, m[0]));
986 		vm_page_valid(m[0]);
987 		return (VM_PAGER_OK);
988 	}
989 
990 #ifdef INVARIANTS
991 	blkno0 = bp->b_blkno;
992 #endif
993 	bp->b_blkno += (foff % bsize) / DEV_BSIZE;
994 
995 	/* Recalculate blocks available after/before to pages. */
996 	poff = (foff % bsize) / PAGE_SIZE;
997 	before *= pagesperblock;
998 	before += poff;
999 	after *= pagesperblock;
1000 	after += pagesperblock - (poff + 1);
1001 	if (m[0]->pindex + after >= object->size)
1002 		after = object->size - 1 - m[0]->pindex;
1003 	KASSERT(count <= after + 1, ("%s: %d pages asked, can do only %d",
1004 	    __func__, count, after + 1));
1005 	after -= count - 1;
1006 
1007 	/* Trim requested rbehind/rahead to possible values. */
1008 	rbehind = a_rbehind ? *a_rbehind : 0;
1009 	rahead = a_rahead ? *a_rahead : 0;
1010 	rbehind = min(rbehind, before);
1011 	rbehind = min(rbehind, m[0]->pindex);
1012 	rahead = min(rahead, after);
1013 	rahead = min(rahead, object->size - m[count - 1]->pindex);
1014 	/*
1015 	 * Check that total amount of pages fit into buf.  Trim rbehind and
1016 	 * rahead evenly if not.
1017 	 */
1018 	if (rbehind + rahead + count > atop(maxphys)) {
1019 		int trim, sum;
1020 
1021 		trim = rbehind + rahead + count - atop(maxphys) + 1;
1022 		sum = rbehind + rahead;
1023 		if (rbehind == before) {
1024 			/* Roundup rbehind trim to block size. */
1025 			rbehind -= roundup(trim * rbehind / sum, pagesperblock);
1026 			if (rbehind < 0)
1027 				rbehind = 0;
1028 		} else
1029 			rbehind -= trim * rbehind / sum;
1030 		rahead -= trim * rahead / sum;
1031 	}
1032 	KASSERT(rbehind + rahead + count <= atop(maxphys),
1033 	    ("%s: behind %d ahead %d count %d maxphys %lu", __func__,
1034 	    rbehind, rahead, count, maxphys));
1035 
1036 	/*
1037 	 * Fill in the bp->b_pages[] array with requested and optional
1038 	 * read behind or read ahead pages.  Read behind pages are looked
1039 	 * up in a backward direction, down to a first cached page.  Same
1040 	 * for read ahead pages, but there is no need to shift the array
1041 	 * in case of encountering a cached page.
1042 	 */
1043 	i = bp->b_npages = 0;
1044 	if (rbehind) {
1045 		vm_pindex_t startpindex, tpindex;
1046 		vm_page_t p;
1047 
1048 		VM_OBJECT_WLOCK(object);
1049 		startpindex = m[0]->pindex - rbehind;
1050 		if ((p = TAILQ_PREV(m[0], pglist, listq)) != NULL &&
1051 		    p->pindex >= startpindex)
1052 			startpindex = p->pindex + 1;
1053 
1054 		/* tpindex is unsigned; beware of numeric underflow. */
1055 		for (tpindex = m[0]->pindex - 1;
1056 		    tpindex >= startpindex && tpindex < m[0]->pindex;
1057 		    tpindex--, i++) {
1058 			p = vm_page_alloc(object, tpindex, VM_ALLOC_NORMAL);
1059 			if (p == NULL) {
1060 				/* Shift the array. */
1061 				for (int j = 0; j < i; j++)
1062 					bp->b_pages[j] = bp->b_pages[j +
1063 					    tpindex + 1 - startpindex];
1064 				break;
1065 			}
1066 			bp->b_pages[tpindex - startpindex] = p;
1067 		}
1068 
1069 		bp->b_pgbefore = i;
1070 		bp->b_npages += i;
1071 		bp->b_blkno -= IDX_TO_OFF(i) / DEV_BSIZE;
1072 	} else
1073 		bp->b_pgbefore = 0;
1074 
1075 	/* Requested pages. */
1076 	for (int j = 0; j < count; j++, i++)
1077 		bp->b_pages[i] = m[j];
1078 	bp->b_npages += count;
1079 
1080 	if (rahead) {
1081 		vm_pindex_t endpindex, tpindex;
1082 		vm_page_t p;
1083 
1084 		if (!VM_OBJECT_WOWNED(object))
1085 			VM_OBJECT_WLOCK(object);
1086 		endpindex = m[count - 1]->pindex + rahead + 1;
1087 		if ((p = TAILQ_NEXT(m[count - 1], listq)) != NULL &&
1088 		    p->pindex < endpindex)
1089 			endpindex = p->pindex;
1090 		if (endpindex > object->size)
1091 			endpindex = object->size;
1092 
1093 		for (tpindex = m[count - 1]->pindex + 1;
1094 		    tpindex < endpindex; i++, tpindex++) {
1095 			p = vm_page_alloc(object, tpindex, VM_ALLOC_NORMAL);
1096 			if (p == NULL)
1097 				break;
1098 			bp->b_pages[i] = p;
1099 		}
1100 
1101 		bp->b_pgafter = i - bp->b_npages;
1102 		bp->b_npages = i;
1103 	} else
1104 		bp->b_pgafter = 0;
1105 
1106 	if (VM_OBJECT_WOWNED(object))
1107 		VM_OBJECT_WUNLOCK(object);
1108 
1109 	/* Report back actual behind/ahead read. */
1110 	if (a_rbehind)
1111 		*a_rbehind = bp->b_pgbefore;
1112 	if (a_rahead)
1113 		*a_rahead = bp->b_pgafter;
1114 
1115 #ifdef INVARIANTS
1116 	KASSERT(bp->b_npages <= atop(maxphys),
1117 	    ("%s: buf %p overflowed", __func__, bp));
1118 	for (int j = 1, prev = 0; j < bp->b_npages; j++) {
1119 		if (bp->b_pages[j] == bogus_page)
1120 			continue;
1121 		KASSERT(bp->b_pages[j]->pindex - bp->b_pages[prev]->pindex ==
1122 		    j - prev, ("%s: pages array not consecutive, bp %p",
1123 		     __func__, bp));
1124 		prev = j;
1125 	}
1126 #endif
1127 
1128 	/*
1129 	 * Recalculate first offset and bytecount with regards to read behind.
1130 	 * Truncate bytecount to vnode real size and round up physical size
1131 	 * for real devices.
1132 	 */
1133 	foff = IDX_TO_OFF(bp->b_pages[0]->pindex);
1134 	bytecount = bp->b_npages << PAGE_SHIFT;
1135 	if ((foff + bytecount) > object->un_pager.vnp.vnp_size)
1136 		bytecount = object->un_pager.vnp.vnp_size - foff;
1137 	secmask = bo->bo_bsize - 1;
1138 	KASSERT(secmask < PAGE_SIZE && secmask > 0,
1139 	    ("%s: sector size %d too large", __func__, secmask + 1));
1140 	bytecount = (bytecount + secmask) & ~secmask;
1141 
1142 	/*
1143 	 * And map the pages to be read into the kva, if the filesystem
1144 	 * requires mapped buffers.
1145 	 */
1146 	if ((vp->v_mount->mnt_kern_flag & MNTK_UNMAPPED_BUFS) != 0 &&
1147 	    unmapped_buf_allowed) {
1148 		bp->b_data = unmapped_buf;
1149 		bp->b_offset = 0;
1150 	} else {
1151 		bp->b_data = bp->b_kvabase;
1152 		pmap_qenter((vm_offset_t)bp->b_data, bp->b_pages, bp->b_npages);
1153 	}
1154 
1155 	/* Build a minimal buffer header. */
1156 	bp->b_iocmd = BIO_READ;
1157 	KASSERT(bp->b_rcred == NOCRED, ("leaking read ucred"));
1158 	KASSERT(bp->b_wcred == NOCRED, ("leaking write ucred"));
1159 	bp->b_rcred = crhold(curthread->td_ucred);
1160 	bp->b_wcred = crhold(curthread->td_ucred);
1161 	pbgetbo(bo, bp);
1162 	bp->b_vp = vp;
1163 	bp->b_bcount = bp->b_bufsize = bp->b_runningbufspace = bytecount;
1164 	bp->b_iooffset = dbtob(bp->b_blkno);
1165 	KASSERT(IDX_TO_OFF(m[0]->pindex - bp->b_pages[0]->pindex) ==
1166 	    (blkno0 - bp->b_blkno) * DEV_BSIZE +
1167 	    IDX_TO_OFF(m[0]->pindex) % bsize,
1168 	    ("wrong offsets bsize %d m[0] %ju b_pages[0] %ju "
1169 	    "blkno0 %ju b_blkno %ju", bsize,
1170 	    (uintmax_t)m[0]->pindex, (uintmax_t)bp->b_pages[0]->pindex,
1171 	    (uintmax_t)blkno0, (uintmax_t)bp->b_blkno));
1172 
1173 	atomic_add_long(&runningbufspace, bp->b_runningbufspace);
1174 	VM_CNT_INC(v_vnodein);
1175 	VM_CNT_ADD(v_vnodepgsin, bp->b_npages);
1176 
1177 	if (iodone != NULL) { /* async */
1178 		bp->b_pgiodone = iodone;
1179 		bp->b_caller1 = arg;
1180 		bp->b_iodone = vnode_pager_generic_getpages_done_async;
1181 		bp->b_flags |= B_ASYNC;
1182 		BUF_KERNPROC(bp);
1183 		bstrategy(bp);
1184 		return (VM_PAGER_OK);
1185 	} else {
1186 		bp->b_iodone = bdone;
1187 		bstrategy(bp);
1188 		bwait(bp, PVM, "vnread");
1189 		error = vnode_pager_generic_getpages_done(bp);
1190 		for (i = 0; i < bp->b_npages; i++)
1191 			bp->b_pages[i] = NULL;
1192 		bp->b_vp = NULL;
1193 		pbrelbo(bp);
1194 		uma_zfree(vnode_pbuf_zone, bp);
1195 		return (error != 0 ? VM_PAGER_ERROR : VM_PAGER_OK);
1196 	}
1197 }
1198 
1199 static void
1200 vnode_pager_generic_getpages_done_async(struct buf *bp)
1201 {
1202 	int error;
1203 
1204 	error = vnode_pager_generic_getpages_done(bp);
1205 	/* Run the iodone upon the requested range. */
1206 	bp->b_pgiodone(bp->b_caller1, bp->b_pages + bp->b_pgbefore,
1207 	    bp->b_npages - bp->b_pgbefore - bp->b_pgafter, error);
1208 	for (int i = 0; i < bp->b_npages; i++)
1209 		bp->b_pages[i] = NULL;
1210 	bp->b_vp = NULL;
1211 	pbrelbo(bp);
1212 	uma_zfree(vnode_pbuf_zone, bp);
1213 }
1214 
1215 static int
1216 vnode_pager_generic_getpages_done(struct buf *bp)
1217 {
1218 	vm_object_t object;
1219 	off_t tfoff, nextoff;
1220 	int i, error;
1221 
1222 	KASSERT((bp->b_ioflags & BIO_ERROR) == 0 || bp->b_error != 0,
1223 	    ("%s: buf error but b_error == 0\n", __func__));
1224 	error = (bp->b_ioflags & BIO_ERROR) != 0 ? bp->b_error : 0;
1225 	object = bp->b_vp->v_object;
1226 
1227 	runningbufwakeup(bp);
1228 
1229 	if (error == 0 && bp->b_bcount != bp->b_npages * PAGE_SIZE) {
1230 		if (!buf_mapped(bp)) {
1231 			bp->b_data = bp->b_kvabase;
1232 			pmap_qenter((vm_offset_t)bp->b_data, bp->b_pages,
1233 			    bp->b_npages);
1234 		}
1235 		bzero(bp->b_data + bp->b_bcount,
1236 		    PAGE_SIZE * bp->b_npages - bp->b_bcount);
1237 	}
1238 	if (buf_mapped(bp)) {
1239 		pmap_qremove((vm_offset_t)bp->b_data, bp->b_npages);
1240 		bp->b_data = unmapped_buf;
1241 	}
1242 
1243 	/*
1244 	 * If the read failed, we must free any read ahead/behind pages here.
1245 	 * The requested pages are freed by the caller (for sync requests)
1246 	 * or by the bp->b_pgiodone callback (for async requests).
1247 	 */
1248 	if (error != 0) {
1249 		VM_OBJECT_WLOCK(object);
1250 		for (i = 0; i < bp->b_pgbefore; i++)
1251 			vm_page_free_invalid(bp->b_pages[i]);
1252 		for (i = bp->b_npages - bp->b_pgafter; i < bp->b_npages; i++)
1253 			vm_page_free_invalid(bp->b_pages[i]);
1254 		VM_OBJECT_WUNLOCK(object);
1255 		return (error);
1256 	}
1257 
1258 	/* Read lock to protect size. */
1259 	VM_OBJECT_RLOCK(object);
1260 	for (i = 0, tfoff = IDX_TO_OFF(bp->b_pages[0]->pindex);
1261 	    i < bp->b_npages; i++, tfoff = nextoff) {
1262 		vm_page_t mt;
1263 
1264 		nextoff = tfoff + PAGE_SIZE;
1265 		mt = bp->b_pages[i];
1266 		if (mt == bogus_page)
1267 			continue;
1268 
1269 		if (nextoff <= object->un_pager.vnp.vnp_size) {
1270 			/*
1271 			 * Read filled up entire page.
1272 			 */
1273 			vm_page_valid(mt);
1274 			KASSERT(mt->dirty == 0,
1275 			    ("%s: page %p is dirty", __func__, mt));
1276 			KASSERT(!pmap_page_is_mapped(mt),
1277 			    ("%s: page %p is mapped", __func__, mt));
1278 		} else {
1279 			/*
1280 			 * Read did not fill up entire page.
1281 			 *
1282 			 * Currently we do not set the entire page valid,
1283 			 * we just try to clear the piece that we couldn't
1284 			 * read.
1285 			 */
1286 			vm_page_set_valid_range(mt, 0,
1287 			    object->un_pager.vnp.vnp_size - tfoff);
1288 			KASSERT((mt->dirty & vm_page_bits(0,
1289 			    object->un_pager.vnp.vnp_size - tfoff)) == 0,
1290 			    ("%s: page %p is dirty", __func__, mt));
1291 		}
1292 
1293 		if (i < bp->b_pgbefore || i >= bp->b_npages - bp->b_pgafter)
1294 			vm_page_readahead_finish(mt);
1295 	}
1296 	VM_OBJECT_RUNLOCK(object);
1297 
1298 	return (error);
1299 }
1300 
1301 /*
1302  * EOPNOTSUPP is no longer legal.  For local media VFS's that do not
1303  * implement their own VOP_PUTPAGES, their VOP_PUTPAGES should call to
1304  * vnode_pager_generic_putpages() to implement the previous behaviour.
1305  *
1306  * All other FS's should use the bypass to get to the local media
1307  * backing vp's VOP_PUTPAGES.
1308  */
1309 static void
1310 vnode_pager_putpages(vm_object_t object, vm_page_t *m, int count,
1311     int flags, int *rtvals)
1312 {
1313 	int rtval __diagused;
1314 	struct vnode *vp;
1315 	int bytes = count * PAGE_SIZE;
1316 
1317 	/*
1318 	 * Force synchronous operation if we are extremely low on memory
1319 	 * to prevent a low-memory deadlock.  VOP operations often need to
1320 	 * allocate more memory to initiate the I/O ( i.e. do a BMAP
1321 	 * operation ).  The swapper handles the case by limiting the amount
1322 	 * of asynchronous I/O, but that sort of solution doesn't scale well
1323 	 * for the vnode pager without a lot of work.
1324 	 *
1325 	 * Also, the backing vnode's iodone routine may not wake the pageout
1326 	 * daemon up.  This should be probably be addressed XXX.
1327 	 */
1328 
1329 	if (vm_page_count_min())
1330 		flags |= VM_PAGER_PUT_SYNC;
1331 
1332 	/*
1333 	 * Call device-specific putpages function
1334 	 */
1335 	vp = object->handle;
1336 	VM_OBJECT_WUNLOCK(object);
1337 	rtval = VOP_PUTPAGES(vp, m, bytes, flags, rtvals);
1338 	KASSERT(rtval != EOPNOTSUPP,
1339 	    ("vnode_pager: stale FS putpages\n"));
1340 	VM_OBJECT_WLOCK(object);
1341 }
1342 
1343 static int
1344 vn_off2bidx(vm_ooffset_t offset)
1345 {
1346 
1347 	return ((offset & PAGE_MASK) / DEV_BSIZE);
1348 }
1349 
1350 static bool
1351 vn_dirty_blk(vm_page_t m, vm_ooffset_t offset)
1352 {
1353 
1354 	KASSERT(IDX_TO_OFF(m->pindex) <= offset &&
1355 	    offset < IDX_TO_OFF(m->pindex + 1),
1356 	    ("page %p pidx %ju offset %ju", m, (uintmax_t)m->pindex,
1357 	    (uintmax_t)offset));
1358 	return ((m->dirty & ((vm_page_bits_t)1 << vn_off2bidx(offset))) != 0);
1359 }
1360 
1361 /*
1362  * This is now called from local media FS's to operate against their
1363  * own vnodes if they fail to implement VOP_PUTPAGES.
1364  *
1365  * This is typically called indirectly via the pageout daemon and
1366  * clustering has already typically occurred, so in general we ask the
1367  * underlying filesystem to write the data out asynchronously rather
1368  * then delayed.
1369  */
1370 int
1371 vnode_pager_generic_putpages(struct vnode *vp, vm_page_t *ma, int bytecount,
1372     int flags, int *rtvals)
1373 {
1374 	vm_object_t object;
1375 	vm_page_t m;
1376 	vm_ooffset_t max_offset, next_offset, poffset, prev_offset;
1377 	struct uio auio;
1378 	struct iovec aiov;
1379 	off_t prev_resid, wrsz;
1380 	int count, error, i, maxsize, ncount, pgoff, ppscheck;
1381 	bool in_hole;
1382 	static struct timeval lastfail;
1383 	static int curfail;
1384 
1385 	object = vp->v_object;
1386 	count = bytecount / PAGE_SIZE;
1387 
1388 	for (i = 0; i < count; i++)
1389 		rtvals[i] = VM_PAGER_ERROR;
1390 
1391 	if ((int64_t)ma[0]->pindex < 0) {
1392 		printf("vnode_pager_generic_putpages: "
1393 		    "attempt to write meta-data 0x%jx(%lx)\n",
1394 		    (uintmax_t)ma[0]->pindex, (u_long)ma[0]->dirty);
1395 		rtvals[0] = VM_PAGER_BAD;
1396 		return (VM_PAGER_BAD);
1397 	}
1398 
1399 	maxsize = count * PAGE_SIZE;
1400 	ncount = count;
1401 
1402 	poffset = IDX_TO_OFF(ma[0]->pindex);
1403 
1404 	/*
1405 	 * If the page-aligned write is larger then the actual file we
1406 	 * have to invalidate pages occurring beyond the file EOF.  However,
1407 	 * there is an edge case where a file may not be page-aligned where
1408 	 * the last page is partially invalid.  In this case the filesystem
1409 	 * may not properly clear the dirty bits for the entire page (which
1410 	 * could be VM_PAGE_BITS_ALL due to the page having been mmap()d).
1411 	 * With the page busied we are free to fix up the dirty bits here.
1412 	 *
1413 	 * We do not under any circumstances truncate the valid bits, as
1414 	 * this will screw up bogus page replacement.
1415 	 */
1416 	VM_OBJECT_RLOCK(object);
1417 	if (maxsize + poffset > object->un_pager.vnp.vnp_size) {
1418 		if (object->un_pager.vnp.vnp_size > poffset) {
1419 			maxsize = object->un_pager.vnp.vnp_size - poffset;
1420 			ncount = btoc(maxsize);
1421 			if ((pgoff = (int)maxsize & PAGE_MASK) != 0) {
1422 				pgoff = roundup2(pgoff, DEV_BSIZE);
1423 
1424 				/*
1425 				 * If the page is busy and the following
1426 				 * conditions hold, then the page's dirty
1427 				 * field cannot be concurrently changed by a
1428 				 * pmap operation.
1429 				 */
1430 				m = ma[ncount - 1];
1431 				vm_page_assert_sbusied(m);
1432 				KASSERT(!pmap_page_is_write_mapped(m),
1433 		("vnode_pager_generic_putpages: page %p is not read-only", m));
1434 				MPASS(m->dirty != 0);
1435 				vm_page_clear_dirty(m, pgoff, PAGE_SIZE -
1436 				    pgoff);
1437 			}
1438 		} else {
1439 			maxsize = 0;
1440 			ncount = 0;
1441 		}
1442 		for (i = ncount; i < count; i++)
1443 			rtvals[i] = VM_PAGER_BAD;
1444 	}
1445 	VM_OBJECT_RUNLOCK(object);
1446 
1447 	auio.uio_iov = &aiov;
1448 	auio.uio_segflg = UIO_NOCOPY;
1449 	auio.uio_rw = UIO_WRITE;
1450 	auio.uio_td = NULL;
1451 	max_offset = roundup2(poffset + maxsize, DEV_BSIZE);
1452 
1453 	for (prev_offset = poffset; prev_offset < max_offset;) {
1454 		/* Skip clean blocks. */
1455 		for (in_hole = true; in_hole && prev_offset < max_offset;) {
1456 			m = ma[OFF_TO_IDX(prev_offset - poffset)];
1457 			for (i = vn_off2bidx(prev_offset);
1458 			    i < sizeof(vm_page_bits_t) * NBBY &&
1459 			    prev_offset < max_offset; i++) {
1460 				if (vn_dirty_blk(m, prev_offset)) {
1461 					in_hole = false;
1462 					break;
1463 				}
1464 				prev_offset += DEV_BSIZE;
1465 			}
1466 		}
1467 		if (in_hole)
1468 			goto write_done;
1469 
1470 		/* Find longest run of dirty blocks. */
1471 		for (next_offset = prev_offset; next_offset < max_offset;) {
1472 			m = ma[OFF_TO_IDX(next_offset - poffset)];
1473 			for (i = vn_off2bidx(next_offset);
1474 			    i < sizeof(vm_page_bits_t) * NBBY &&
1475 			    next_offset < max_offset; i++) {
1476 				if (!vn_dirty_blk(m, next_offset))
1477 					goto start_write;
1478 				next_offset += DEV_BSIZE;
1479 			}
1480 		}
1481 start_write:
1482 		if (next_offset > poffset + maxsize)
1483 			next_offset = poffset + maxsize;
1484 		if (prev_offset == next_offset)
1485 			goto write_done;
1486 
1487 		/*
1488 		 * Getting here requires finding a dirty block in the
1489 		 * 'skip clean blocks' loop.
1490 		 */
1491 
1492 		aiov.iov_base = NULL;
1493 		auio.uio_iovcnt = 1;
1494 		auio.uio_offset = prev_offset;
1495 		prev_resid = auio.uio_resid = aiov.iov_len = next_offset -
1496 		    prev_offset;
1497 		error = VOP_WRITE(vp, &auio,
1498 		    vnode_pager_putpages_ioflags(flags), curthread->td_ucred);
1499 
1500 		wrsz = prev_resid - auio.uio_resid;
1501 		if (wrsz == 0) {
1502 			if (ppsratecheck(&lastfail, &curfail, 1) != 0) {
1503 				vn_printf(vp, "vnode_pager_putpages: "
1504 				    "zero-length write at %ju resid %zd\n",
1505 				    auio.uio_offset, auio.uio_resid);
1506 			}
1507 			break;
1508 		}
1509 
1510 		/* Adjust the starting offset for next iteration. */
1511 		prev_offset += wrsz;
1512 		MPASS(auio.uio_offset == prev_offset);
1513 
1514 		ppscheck = 0;
1515 		if (error != 0 && (ppscheck = ppsratecheck(&lastfail,
1516 		    &curfail, 1)) != 0)
1517 			vn_printf(vp, "vnode_pager_putpages: I/O error %d\n",
1518 			    error);
1519 		if (auio.uio_resid != 0 && (ppscheck != 0 ||
1520 		    ppsratecheck(&lastfail, &curfail, 1) != 0))
1521 			vn_printf(vp, "vnode_pager_putpages: residual I/O %zd "
1522 			    "at %ju\n", auio.uio_resid,
1523 			    (uintmax_t)ma[0]->pindex);
1524 		if (error != 0 || auio.uio_resid != 0)
1525 			break;
1526 	}
1527 write_done:
1528 	/* Mark completely processed pages. */
1529 	for (i = 0; i < OFF_TO_IDX(prev_offset - poffset); i++)
1530 		rtvals[i] = VM_PAGER_OK;
1531 	/* Mark partial EOF page. */
1532 	if (prev_offset == poffset + maxsize && (prev_offset & PAGE_MASK) != 0)
1533 		rtvals[i++] = VM_PAGER_OK;
1534 	/* Unwritten pages in range, free bonus if the page is clean. */
1535 	for (; i < ncount; i++)
1536 		rtvals[i] = ma[i]->dirty == 0 ? VM_PAGER_OK : VM_PAGER_ERROR;
1537 	VM_CNT_ADD(v_vnodepgsout, i);
1538 	VM_CNT_INC(v_vnodeout);
1539 	return (rtvals[0]);
1540 }
1541 
1542 int
1543 vnode_pager_putpages_ioflags(int pager_flags)
1544 {
1545 	int ioflags;
1546 
1547 	/*
1548 	 * Pageouts are already clustered, use IO_ASYNC to force a
1549 	 * bawrite() rather then a bdwrite() to prevent paging I/O
1550 	 * from saturating the buffer cache.  Dummy-up the sequential
1551 	 * heuristic to cause large ranges to cluster.  If neither
1552 	 * IO_SYNC or IO_ASYNC is set, the system decides how to
1553 	 * cluster.
1554 	 */
1555 	ioflags = IO_VMIO;
1556 	if ((pager_flags & (VM_PAGER_PUT_SYNC | VM_PAGER_PUT_INVAL)) != 0)
1557 		ioflags |= IO_SYNC;
1558 	else if ((pager_flags & VM_PAGER_CLUSTER_OK) == 0)
1559 		ioflags |= IO_ASYNC;
1560 	ioflags |= (pager_flags & VM_PAGER_PUT_INVAL) != 0 ? IO_INVAL: 0;
1561 	ioflags |= (pager_flags & VM_PAGER_PUT_NOREUSE) != 0 ? IO_NOREUSE : 0;
1562 	ioflags |= IO_SEQMAX << IO_SEQSHIFT;
1563 	return (ioflags);
1564 }
1565 
1566 /*
1567  * vnode_pager_undirty_pages().
1568  *
1569  * A helper to mark pages as clean after pageout that was possibly
1570  * done with a short write.  The lpos argument specifies the page run
1571  * length in bytes, and the written argument specifies how many bytes
1572  * were actually written.  eof is the offset past the last valid byte
1573  * in the vnode using the absolute file position of the first byte in
1574  * the run as the base from which it is computed.
1575  */
1576 void
1577 vnode_pager_undirty_pages(vm_page_t *ma, int *rtvals, int written, off_t eof,
1578     int lpos)
1579 {
1580 	int i, pos, pos_devb;
1581 
1582 	if (written == 0 && eof >= lpos)
1583 		return;
1584 	for (i = 0, pos = 0; pos < written; i++, pos += PAGE_SIZE) {
1585 		if (pos < trunc_page(written)) {
1586 			rtvals[i] = VM_PAGER_OK;
1587 			vm_page_undirty(ma[i]);
1588 		} else {
1589 			/* Partially written page. */
1590 			rtvals[i] = VM_PAGER_AGAIN;
1591 			vm_page_clear_dirty(ma[i], 0, written & PAGE_MASK);
1592 		}
1593 	}
1594 	if (eof >= lpos) /* avoid truncation */
1595 		return;
1596 	for (pos = eof, i = OFF_TO_IDX(trunc_page(pos)); pos < lpos; i++) {
1597 		if (pos != trunc_page(pos)) {
1598 			/*
1599 			 * The page contains the last valid byte in
1600 			 * the vnode, mark the rest of the page as
1601 			 * clean, potentially making the whole page
1602 			 * clean.
1603 			 */
1604 			pos_devb = roundup2(pos & PAGE_MASK, DEV_BSIZE);
1605 			vm_page_clear_dirty(ma[i], pos_devb, PAGE_SIZE -
1606 			    pos_devb);
1607 
1608 			/*
1609 			 * If the page was cleaned, report the pageout
1610 			 * on it as successful.  msync() no longer
1611 			 * needs to write out the page, endlessly
1612 			 * creating write requests and dirty buffers.
1613 			 */
1614 			if (ma[i]->dirty == 0)
1615 				rtvals[i] = VM_PAGER_OK;
1616 
1617 			pos = round_page(pos);
1618 		} else {
1619 			/* vm_pageout_flush() clears dirty */
1620 			rtvals[i] = VM_PAGER_BAD;
1621 			pos += PAGE_SIZE;
1622 		}
1623 	}
1624 }
1625 
1626 static void
1627 vnode_pager_update_writecount(vm_object_t object, vm_offset_t start,
1628     vm_offset_t end)
1629 {
1630 	struct vnode *vp;
1631 	vm_ooffset_t old_wm;
1632 
1633 	VM_OBJECT_WLOCK(object);
1634 	if (object->type != OBJT_VNODE) {
1635 		VM_OBJECT_WUNLOCK(object);
1636 		return;
1637 	}
1638 	old_wm = object->un_pager.vnp.writemappings;
1639 	object->un_pager.vnp.writemappings += (vm_ooffset_t)end - start;
1640 	vp = object->handle;
1641 	if (old_wm == 0 && object->un_pager.vnp.writemappings != 0) {
1642 		ASSERT_VOP_LOCKED(vp, "v_writecount inc");
1643 		VOP_ADD_WRITECOUNT_CHECKED(vp, 1);
1644 		CTR3(KTR_VFS, "%s: vp %p v_writecount increased to %d",
1645 		    __func__, vp, vp->v_writecount);
1646 	} else if (old_wm != 0 && object->un_pager.vnp.writemappings == 0) {
1647 		ASSERT_VOP_LOCKED(vp, "v_writecount dec");
1648 		VOP_ADD_WRITECOUNT_CHECKED(vp, -1);
1649 		CTR3(KTR_VFS, "%s: vp %p v_writecount decreased to %d",
1650 		    __func__, vp, vp->v_writecount);
1651 	}
1652 	VM_OBJECT_WUNLOCK(object);
1653 }
1654 
1655 static void
1656 vnode_pager_release_writecount(vm_object_t object, vm_offset_t start,
1657     vm_offset_t end)
1658 {
1659 	struct vnode *vp;
1660 	struct mount *mp;
1661 	vm_offset_t inc;
1662 
1663 	VM_OBJECT_WLOCK(object);
1664 
1665 	/*
1666 	 * First, recheck the object type to account for the race when
1667 	 * the vnode is reclaimed.
1668 	 */
1669 	if (object->type != OBJT_VNODE) {
1670 		VM_OBJECT_WUNLOCK(object);
1671 		return;
1672 	}
1673 
1674 	/*
1675 	 * Optimize for the case when writemappings is not going to
1676 	 * zero.
1677 	 */
1678 	inc = end - start;
1679 	if (object->un_pager.vnp.writemappings != inc) {
1680 		object->un_pager.vnp.writemappings -= inc;
1681 		VM_OBJECT_WUNLOCK(object);
1682 		return;
1683 	}
1684 
1685 	vp = object->handle;
1686 	vhold(vp);
1687 	VM_OBJECT_WUNLOCK(object);
1688 	mp = NULL;
1689 	vn_start_write(vp, &mp, V_WAIT);
1690 	vn_lock(vp, LK_SHARED | LK_RETRY);
1691 
1692 	/*
1693 	 * Decrement the object's writemappings, by swapping the start
1694 	 * and end arguments for vnode_pager_update_writecount().  If
1695 	 * there was not a race with vnode reclaimation, then the
1696 	 * vnode's v_writecount is decremented.
1697 	 */
1698 	vnode_pager_update_writecount(object, end, start);
1699 	VOP_UNLOCK(vp);
1700 	vdrop(vp);
1701 	if (mp != NULL)
1702 		vn_finished_write(mp);
1703 }
1704 
1705 static void
1706 vnode_pager_getvp(vm_object_t object, struct vnode **vpp, bool *vp_heldp)
1707 {
1708 	*vpp = object->handle;
1709 }
1710 
1711 static void
1712 vnode_pager_clean1(struct vnode *vp, int sync_flags)
1713 {
1714 	struct vm_object *obj;
1715 
1716 	ASSERT_VOP_LOCKED(vp, "needs lock for writes");
1717 	obj = vp->v_object;
1718 	if (obj == NULL)
1719 		return;
1720 
1721 	VM_OBJECT_WLOCK(obj);
1722 	vm_object_page_clean(obj, 0, 0, sync_flags);
1723 	VM_OBJECT_WUNLOCK(obj);
1724 }
1725 
1726 void
1727 vnode_pager_clean_sync(struct vnode *vp)
1728 {
1729 	vnode_pager_clean1(vp, OBJPC_SYNC);
1730 }
1731 
1732 void
1733 vnode_pager_clean_async(struct vnode *vp)
1734 {
1735 	vnode_pager_clean1(vp, 0);
1736 }
1737