xref: /linux/fs/ceph/file.c (revision 4b024225c4a8245e6ecc66ce1df1eaf2ebeb4acb)
1 // SPDX-License-Identifier: GPL-2.0
2 #include <linux/ceph/ceph_debug.h>
3 #include <linux/ceph/striper.h>
4 
5 #include <linux/module.h>
6 #include <linux/sched.h>
7 #include <linux/slab.h>
8 #include <linux/file.h>
9 #include <linux/mount.h>
10 #include <linux/namei.h>
11 #include <linux/writeback.h>
12 #include <linux/falloc.h>
13 #include <linux/iversion.h>
14 
15 #include "super.h"
16 #include "mds_client.h"
17 #include "cache.h"
18 #include "io.h"
19 
20 static __le32 ceph_flags_sys2wire(u32 flags)
21 {
22 	u32 wire_flags = 0;
23 
24 	switch (flags & O_ACCMODE) {
25 	case O_RDONLY:
26 		wire_flags |= CEPH_O_RDONLY;
27 		break;
28 	case O_WRONLY:
29 		wire_flags |= CEPH_O_WRONLY;
30 		break;
31 	case O_RDWR:
32 		wire_flags |= CEPH_O_RDWR;
33 		break;
34 	}
35 
36 	flags &= ~O_ACCMODE;
37 
38 #define ceph_sys2wire(a) if (flags & a) { wire_flags |= CEPH_##a; flags &= ~a; }
39 
40 	ceph_sys2wire(O_CREAT);
41 	ceph_sys2wire(O_EXCL);
42 	ceph_sys2wire(O_TRUNC);
43 	ceph_sys2wire(O_DIRECTORY);
44 	ceph_sys2wire(O_NOFOLLOW);
45 
46 #undef ceph_sys2wire
47 
48 	if (flags)
49 		dout("unused open flags: %x\n", flags);
50 
51 	return cpu_to_le32(wire_flags);
52 }
53 
54 /*
55  * Ceph file operations
56  *
57  * Implement basic open/close functionality, and implement
58  * read/write.
59  *
60  * We implement three modes of file I/O:
61  *  - buffered uses the generic_file_aio_{read,write} helpers
62  *
63  *  - synchronous is used when there is multi-client read/write
64  *    sharing, avoids the page cache, and synchronously waits for an
65  *    ack from the OSD.
66  *
67  *  - direct io takes the variant of the sync path that references
68  *    user pages directly.
69  *
70  * fsync() flushes and waits on dirty pages, but just queues metadata
71  * for writeback: since the MDS can recover size and mtime there is no
72  * need to wait for MDS acknowledgement.
73  */
74 
75 /*
76  * How many pages to get in one call to iov_iter_get_pages().  This
77  * determines the size of the on-stack array used as a buffer.
78  */
79 #define ITER_GET_BVECS_PAGES	64
80 
81 static ssize_t __iter_get_bvecs(struct iov_iter *iter, size_t maxsize,
82 				struct bio_vec *bvecs)
83 {
84 	size_t size = 0;
85 	int bvec_idx = 0;
86 
87 	if (maxsize > iov_iter_count(iter))
88 		maxsize = iov_iter_count(iter);
89 
90 	while (size < maxsize) {
91 		struct page *pages[ITER_GET_BVECS_PAGES];
92 		ssize_t bytes;
93 		size_t start;
94 		int idx = 0;
95 
96 		bytes = iov_iter_get_pages(iter, pages, maxsize - size,
97 					   ITER_GET_BVECS_PAGES, &start);
98 		if (bytes < 0)
99 			return size ?: bytes;
100 
101 		iov_iter_advance(iter, bytes);
102 		size += bytes;
103 
104 		for ( ; bytes; idx++, bvec_idx++) {
105 			struct bio_vec bv = {
106 				.bv_page = pages[idx],
107 				.bv_len = min_t(int, bytes, PAGE_SIZE - start),
108 				.bv_offset = start,
109 			};
110 
111 			bvecs[bvec_idx] = bv;
112 			bytes -= bv.bv_len;
113 			start = 0;
114 		}
115 	}
116 
117 	return size;
118 }
119 
120 /*
121  * iov_iter_get_pages() only considers one iov_iter segment, no matter
122  * what maxsize or maxpages are given.  For ITER_BVEC that is a single
123  * page.
124  *
125  * Attempt to get up to @maxsize bytes worth of pages from @iter.
126  * Return the number of bytes in the created bio_vec array, or an error.
127  */
128 static ssize_t iter_get_bvecs_alloc(struct iov_iter *iter, size_t maxsize,
129 				    struct bio_vec **bvecs, int *num_bvecs)
130 {
131 	struct bio_vec *bv;
132 	size_t orig_count = iov_iter_count(iter);
133 	ssize_t bytes;
134 	int npages;
135 
136 	iov_iter_truncate(iter, maxsize);
137 	npages = iov_iter_npages(iter, INT_MAX);
138 	iov_iter_reexpand(iter, orig_count);
139 
140 	/*
141 	 * __iter_get_bvecs() may populate only part of the array -- zero it
142 	 * out.
143 	 */
144 	bv = kvmalloc_array(npages, sizeof(*bv), GFP_KERNEL | __GFP_ZERO);
145 	if (!bv)
146 		return -ENOMEM;
147 
148 	bytes = __iter_get_bvecs(iter, maxsize, bv);
149 	if (bytes < 0) {
150 		/*
151 		 * No pages were pinned -- just free the array.
152 		 */
153 		kvfree(bv);
154 		return bytes;
155 	}
156 
157 	*bvecs = bv;
158 	*num_bvecs = npages;
159 	return bytes;
160 }
161 
162 static void put_bvecs(struct bio_vec *bvecs, int num_bvecs, bool should_dirty)
163 {
164 	int i;
165 
166 	for (i = 0; i < num_bvecs; i++) {
167 		if (bvecs[i].bv_page) {
168 			if (should_dirty)
169 				set_page_dirty_lock(bvecs[i].bv_page);
170 			put_page(bvecs[i].bv_page);
171 		}
172 	}
173 	kvfree(bvecs);
174 }
175 
176 /*
177  * Prepare an open request.  Preallocate ceph_cap to avoid an
178  * inopportune ENOMEM later.
179  */
180 static struct ceph_mds_request *
181 prepare_open_request(struct super_block *sb, int flags, int create_mode)
182 {
183 	struct ceph_fs_client *fsc = ceph_sb_to_client(sb);
184 	struct ceph_mds_client *mdsc = fsc->mdsc;
185 	struct ceph_mds_request *req;
186 	int want_auth = USE_ANY_MDS;
187 	int op = (flags & O_CREAT) ? CEPH_MDS_OP_CREATE : CEPH_MDS_OP_OPEN;
188 
189 	if (flags & (O_WRONLY|O_RDWR|O_CREAT|O_TRUNC))
190 		want_auth = USE_AUTH_MDS;
191 
192 	req = ceph_mdsc_create_request(mdsc, op, want_auth);
193 	if (IS_ERR(req))
194 		goto out;
195 	req->r_fmode = ceph_flags_to_mode(flags);
196 	req->r_args.open.flags = ceph_flags_sys2wire(flags);
197 	req->r_args.open.mode = cpu_to_le32(create_mode);
198 out:
199 	return req;
200 }
201 
202 static int ceph_init_file_info(struct inode *inode, struct file *file,
203 					int fmode, bool isdir)
204 {
205 	struct ceph_inode_info *ci = ceph_inode(inode);
206 	struct ceph_file_info *fi;
207 
208 	dout("%s %p %p 0%o (%s)\n", __func__, inode, file,
209 			inode->i_mode, isdir ? "dir" : "regular");
210 	BUG_ON(inode->i_fop->release != ceph_release);
211 
212 	if (isdir) {
213 		struct ceph_dir_file_info *dfi =
214 			kmem_cache_zalloc(ceph_dir_file_cachep, GFP_KERNEL);
215 		if (!dfi) {
216 			ceph_put_fmode(ci, fmode); /* clean up */
217 			return -ENOMEM;
218 		}
219 
220 		file->private_data = dfi;
221 		fi = &dfi->file_info;
222 		dfi->next_offset = 2;
223 		dfi->readdir_cache_idx = -1;
224 	} else {
225 		fi = kmem_cache_zalloc(ceph_file_cachep, GFP_KERNEL);
226 		if (!fi) {
227 			ceph_put_fmode(ci, fmode); /* clean up */
228 			return -ENOMEM;
229 		}
230 
231 		file->private_data = fi;
232 	}
233 
234 	fi->fmode = fmode;
235 	spin_lock_init(&fi->rw_contexts_lock);
236 	INIT_LIST_HEAD(&fi->rw_contexts);
237 	fi->meta_err = errseq_sample(&ci->i_meta_err);
238 	fi->filp_gen = READ_ONCE(ceph_inode_to_client(inode)->filp_gen);
239 
240 	return 0;
241 }
242 
243 /*
244  * initialize private struct file data.
245  * if we fail, clean up by dropping fmode reference on the ceph_inode
246  */
247 static int ceph_init_file(struct inode *inode, struct file *file, int fmode)
248 {
249 	int ret = 0;
250 
251 	switch (inode->i_mode & S_IFMT) {
252 	case S_IFREG:
253 		ceph_fscache_register_inode_cookie(inode);
254 		ceph_fscache_file_set_cookie(inode, file);
255 		/* fall through */
256 	case S_IFDIR:
257 		ret = ceph_init_file_info(inode, file, fmode,
258 						S_ISDIR(inode->i_mode));
259 		if (ret)
260 			return ret;
261 		break;
262 
263 	case S_IFLNK:
264 		dout("init_file %p %p 0%o (symlink)\n", inode, file,
265 		     inode->i_mode);
266 		ceph_put_fmode(ceph_inode(inode), fmode); /* clean up */
267 		break;
268 
269 	default:
270 		dout("init_file %p %p 0%o (special)\n", inode, file,
271 		     inode->i_mode);
272 		/*
273 		 * we need to drop the open ref now, since we don't
274 		 * have .release set to ceph_release.
275 		 */
276 		ceph_put_fmode(ceph_inode(inode), fmode); /* clean up */
277 		BUG_ON(inode->i_fop->release == ceph_release);
278 
279 		/* call the proper open fop */
280 		ret = inode->i_fop->open(inode, file);
281 	}
282 	return ret;
283 }
284 
285 /*
286  * try renew caps after session gets killed.
287  */
288 int ceph_renew_caps(struct inode *inode)
289 {
290 	struct ceph_mds_client *mdsc = ceph_sb_to_client(inode->i_sb)->mdsc;
291 	struct ceph_inode_info *ci = ceph_inode(inode);
292 	struct ceph_mds_request *req;
293 	int err, flags, wanted;
294 
295 	spin_lock(&ci->i_ceph_lock);
296 	wanted = __ceph_caps_file_wanted(ci);
297 	if (__ceph_is_any_real_caps(ci) &&
298 	    (!(wanted & CEPH_CAP_ANY_WR) || ci->i_auth_cap)) {
299 		int issued = __ceph_caps_issued(ci, NULL);
300 		spin_unlock(&ci->i_ceph_lock);
301 		dout("renew caps %p want %s issued %s updating mds_wanted\n",
302 		     inode, ceph_cap_string(wanted), ceph_cap_string(issued));
303 		ceph_check_caps(ci, 0, NULL);
304 		return 0;
305 	}
306 	spin_unlock(&ci->i_ceph_lock);
307 
308 	flags = 0;
309 	if ((wanted & CEPH_CAP_FILE_RD) && (wanted & CEPH_CAP_FILE_WR))
310 		flags = O_RDWR;
311 	else if (wanted & CEPH_CAP_FILE_RD)
312 		flags = O_RDONLY;
313 	else if (wanted & CEPH_CAP_FILE_WR)
314 		flags = O_WRONLY;
315 #ifdef O_LAZY
316 	if (wanted & CEPH_CAP_FILE_LAZYIO)
317 		flags |= O_LAZY;
318 #endif
319 
320 	req = prepare_open_request(inode->i_sb, flags, 0);
321 	if (IS_ERR(req)) {
322 		err = PTR_ERR(req);
323 		goto out;
324 	}
325 
326 	req->r_inode = inode;
327 	ihold(inode);
328 	req->r_num_caps = 1;
329 	req->r_fmode = -1;
330 
331 	err = ceph_mdsc_do_request(mdsc, NULL, req);
332 	ceph_mdsc_put_request(req);
333 out:
334 	dout("renew caps %p open result=%d\n", inode, err);
335 	return err < 0 ? err : 0;
336 }
337 
338 /*
339  * If we already have the requisite capabilities, we can satisfy
340  * the open request locally (no need to request new caps from the
341  * MDS).  We do, however, need to inform the MDS (asynchronously)
342  * if our wanted caps set expands.
343  */
344 int ceph_open(struct inode *inode, struct file *file)
345 {
346 	struct ceph_inode_info *ci = ceph_inode(inode);
347 	struct ceph_fs_client *fsc = ceph_sb_to_client(inode->i_sb);
348 	struct ceph_mds_client *mdsc = fsc->mdsc;
349 	struct ceph_mds_request *req;
350 	struct ceph_file_info *fi = file->private_data;
351 	int err;
352 	int flags, fmode, wanted;
353 
354 	if (fi) {
355 		dout("open file %p is already opened\n", file);
356 		return 0;
357 	}
358 
359 	/* filter out O_CREAT|O_EXCL; vfs did that already.  yuck. */
360 	flags = file->f_flags & ~(O_CREAT|O_EXCL);
361 	if (S_ISDIR(inode->i_mode))
362 		flags = O_DIRECTORY;  /* mds likes to know */
363 
364 	dout("open inode %p ino %llx.%llx file %p flags %d (%d)\n", inode,
365 	     ceph_vinop(inode), file, flags, file->f_flags);
366 	fmode = ceph_flags_to_mode(flags);
367 	wanted = ceph_caps_for_mode(fmode);
368 
369 	/* snapped files are read-only */
370 	if (ceph_snap(inode) != CEPH_NOSNAP && (file->f_mode & FMODE_WRITE))
371 		return -EROFS;
372 
373 	/* trivially open snapdir */
374 	if (ceph_snap(inode) == CEPH_SNAPDIR) {
375 		spin_lock(&ci->i_ceph_lock);
376 		__ceph_get_fmode(ci, fmode);
377 		spin_unlock(&ci->i_ceph_lock);
378 		return ceph_init_file(inode, file, fmode);
379 	}
380 
381 	/*
382 	 * No need to block if we have caps on the auth MDS (for
383 	 * write) or any MDS (for read).  Update wanted set
384 	 * asynchronously.
385 	 */
386 	spin_lock(&ci->i_ceph_lock);
387 	if (__ceph_is_any_real_caps(ci) &&
388 	    (((fmode & CEPH_FILE_MODE_WR) == 0) || ci->i_auth_cap)) {
389 		int mds_wanted = __ceph_caps_mds_wanted(ci, true);
390 		int issued = __ceph_caps_issued(ci, NULL);
391 
392 		dout("open %p fmode %d want %s issued %s using existing\n",
393 		     inode, fmode, ceph_cap_string(wanted),
394 		     ceph_cap_string(issued));
395 		__ceph_get_fmode(ci, fmode);
396 		spin_unlock(&ci->i_ceph_lock);
397 
398 		/* adjust wanted? */
399 		if ((issued & wanted) != wanted &&
400 		    (mds_wanted & wanted) != wanted &&
401 		    ceph_snap(inode) != CEPH_SNAPDIR)
402 			ceph_check_caps(ci, 0, NULL);
403 
404 		return ceph_init_file(inode, file, fmode);
405 	} else if (ceph_snap(inode) != CEPH_NOSNAP &&
406 		   (ci->i_snap_caps & wanted) == wanted) {
407 		__ceph_get_fmode(ci, fmode);
408 		spin_unlock(&ci->i_ceph_lock);
409 		return ceph_init_file(inode, file, fmode);
410 	}
411 
412 	spin_unlock(&ci->i_ceph_lock);
413 
414 	dout("open fmode %d wants %s\n", fmode, ceph_cap_string(wanted));
415 	req = prepare_open_request(inode->i_sb, flags, 0);
416 	if (IS_ERR(req)) {
417 		err = PTR_ERR(req);
418 		goto out;
419 	}
420 	req->r_inode = inode;
421 	ihold(inode);
422 
423 	req->r_num_caps = 1;
424 	err = ceph_mdsc_do_request(mdsc, NULL, req);
425 	if (!err)
426 		err = ceph_init_file(inode, file, req->r_fmode);
427 	ceph_mdsc_put_request(req);
428 	dout("open result=%d on %llx.%llx\n", err, ceph_vinop(inode));
429 out:
430 	return err;
431 }
432 
433 
434 /*
435  * Do a lookup + open with a single request.  If we get a non-existent
436  * file or symlink, return 1 so the VFS can retry.
437  */
438 int ceph_atomic_open(struct inode *dir, struct dentry *dentry,
439 		     struct file *file, unsigned flags, umode_t mode)
440 {
441 	struct ceph_fs_client *fsc = ceph_sb_to_client(dir->i_sb);
442 	struct ceph_mds_client *mdsc = fsc->mdsc;
443 	struct ceph_mds_request *req;
444 	struct dentry *dn;
445 	struct ceph_acl_sec_ctx as_ctx = {};
446 	int mask;
447 	int err;
448 
449 	dout("atomic_open %p dentry %p '%pd' %s flags %d mode 0%o\n",
450 	     dir, dentry, dentry,
451 	     d_unhashed(dentry) ? "unhashed" : "hashed", flags, mode);
452 
453 	if (dentry->d_name.len > NAME_MAX)
454 		return -ENAMETOOLONG;
455 
456 	if (flags & O_CREAT) {
457 		if (ceph_quota_is_max_files_exceeded(dir))
458 			return -EDQUOT;
459 		err = ceph_pre_init_acls(dir, &mode, &as_ctx);
460 		if (err < 0)
461 			return err;
462 		err = ceph_security_init_secctx(dentry, mode, &as_ctx);
463 		if (err < 0)
464 			goto out_ctx;
465 	}
466 
467 	/* do the open */
468 	req = prepare_open_request(dir->i_sb, flags, mode);
469 	if (IS_ERR(req)) {
470 		err = PTR_ERR(req);
471 		goto out_ctx;
472 	}
473 	req->r_dentry = dget(dentry);
474 	req->r_num_caps = 2;
475 	if (flags & O_CREAT) {
476 		req->r_dentry_drop = CEPH_CAP_FILE_SHARED | CEPH_CAP_AUTH_EXCL;
477 		req->r_dentry_unless = CEPH_CAP_FILE_EXCL;
478 		if (as_ctx.pagelist) {
479 			req->r_pagelist = as_ctx.pagelist;
480 			as_ctx.pagelist = NULL;
481 		}
482 	}
483 
484        mask = CEPH_STAT_CAP_INODE | CEPH_CAP_AUTH_SHARED;
485        if (ceph_security_xattr_wanted(dir))
486                mask |= CEPH_CAP_XATTR_SHARED;
487        req->r_args.open.mask = cpu_to_le32(mask);
488 
489 	req->r_parent = dir;
490 	set_bit(CEPH_MDS_R_PARENT_LOCKED, &req->r_req_flags);
491 	err = ceph_mdsc_do_request(mdsc,
492 				   (flags & (O_CREAT|O_TRUNC)) ? dir : NULL,
493 				   req);
494 	err = ceph_handle_snapdir(req, dentry, err);
495 	if (err)
496 		goto out_req;
497 
498 	if ((flags & O_CREAT) && !req->r_reply_info.head->is_dentry)
499 		err = ceph_handle_notrace_create(dir, dentry);
500 
501 	if (d_in_lookup(dentry)) {
502 		dn = ceph_finish_lookup(req, dentry, err);
503 		if (IS_ERR(dn))
504 			err = PTR_ERR(dn);
505 	} else {
506 		/* we were given a hashed negative dentry */
507 		dn = NULL;
508 	}
509 	if (err)
510 		goto out_req;
511 	if (dn || d_really_is_negative(dentry) || d_is_symlink(dentry)) {
512 		/* make vfs retry on splice, ENOENT, or symlink */
513 		dout("atomic_open finish_no_open on dn %p\n", dn);
514 		err = finish_no_open(file, dn);
515 	} else {
516 		dout("atomic_open finish_open on dn %p\n", dn);
517 		if (req->r_op == CEPH_MDS_OP_CREATE && req->r_reply_info.has_create_ino) {
518 			ceph_init_inode_acls(d_inode(dentry), &as_ctx);
519 			file->f_mode |= FMODE_CREATED;
520 		}
521 		err = finish_open(file, dentry, ceph_open);
522 	}
523 out_req:
524 	if (!req->r_err && req->r_target_inode)
525 		ceph_put_fmode(ceph_inode(req->r_target_inode), req->r_fmode);
526 	ceph_mdsc_put_request(req);
527 out_ctx:
528 	ceph_release_acl_sec_ctx(&as_ctx);
529 	dout("atomic_open result=%d\n", err);
530 	return err;
531 }
532 
533 int ceph_release(struct inode *inode, struct file *file)
534 {
535 	struct ceph_inode_info *ci = ceph_inode(inode);
536 
537 	if (S_ISDIR(inode->i_mode)) {
538 		struct ceph_dir_file_info *dfi = file->private_data;
539 		dout("release inode %p dir file %p\n", inode, file);
540 		WARN_ON(!list_empty(&dfi->file_info.rw_contexts));
541 
542 		ceph_put_fmode(ci, dfi->file_info.fmode);
543 
544 		if (dfi->last_readdir)
545 			ceph_mdsc_put_request(dfi->last_readdir);
546 		kfree(dfi->last_name);
547 		kfree(dfi->dir_info);
548 		kmem_cache_free(ceph_dir_file_cachep, dfi);
549 	} else {
550 		struct ceph_file_info *fi = file->private_data;
551 		dout("release inode %p regular file %p\n", inode, file);
552 		WARN_ON(!list_empty(&fi->rw_contexts));
553 
554 		ceph_put_fmode(ci, fi->fmode);
555 		kmem_cache_free(ceph_file_cachep, fi);
556 	}
557 
558 	/* wake up anyone waiting for caps on this inode */
559 	wake_up_all(&ci->i_cap_wq);
560 	return 0;
561 }
562 
563 enum {
564 	HAVE_RETRIED = 1,
565 	CHECK_EOF =    2,
566 	READ_INLINE =  3,
567 };
568 
569 /*
570  * Completely synchronous read and write methods.  Direct from __user
571  * buffer to osd, or directly to user pages (if O_DIRECT).
572  *
573  * If the read spans object boundary, just do multiple reads.  (That's not
574  * atomic, but good enough for now.)
575  *
576  * If we get a short result from the OSD, check against i_size; we need to
577  * only return a short read to the caller if we hit EOF.
578  */
579 static ssize_t ceph_sync_read(struct kiocb *iocb, struct iov_iter *to,
580 			      int *retry_op)
581 {
582 	struct file *file = iocb->ki_filp;
583 	struct inode *inode = file_inode(file);
584 	struct ceph_inode_info *ci = ceph_inode(inode);
585 	struct ceph_fs_client *fsc = ceph_inode_to_client(inode);
586 	struct ceph_osd_client *osdc = &fsc->client->osdc;
587 	ssize_t ret;
588 	u64 off = iocb->ki_pos;
589 	u64 len = iov_iter_count(to);
590 
591 	dout("sync_read on file %p %llu~%u %s\n", file, off, (unsigned)len,
592 	     (file->f_flags & O_DIRECT) ? "O_DIRECT" : "");
593 
594 	if (!len)
595 		return 0;
596 	/*
597 	 * flush any page cache pages in this range.  this
598 	 * will make concurrent normal and sync io slow,
599 	 * but it will at least behave sensibly when they are
600 	 * in sequence.
601 	 */
602 	ret = filemap_write_and_wait_range(inode->i_mapping,
603 					   off, off + len - 1);
604 	if (ret < 0)
605 		return ret;
606 
607 	ret = 0;
608 	while ((len = iov_iter_count(to)) > 0) {
609 		struct ceph_osd_request *req;
610 		struct page **pages;
611 		int num_pages;
612 		size_t page_off;
613 		u64 i_size;
614 		bool more;
615 
616 		req = ceph_osdc_new_request(osdc, &ci->i_layout,
617 					ci->i_vino, off, &len, 0, 1,
618 					CEPH_OSD_OP_READ, CEPH_OSD_FLAG_READ,
619 					NULL, ci->i_truncate_seq,
620 					ci->i_truncate_size, false);
621 		if (IS_ERR(req)) {
622 			ret = PTR_ERR(req);
623 			break;
624 		}
625 
626 		more = len < iov_iter_count(to);
627 
628 		if (unlikely(iov_iter_is_pipe(to))) {
629 			ret = iov_iter_get_pages_alloc(to, &pages, len,
630 						       &page_off);
631 			if (ret <= 0) {
632 				ceph_osdc_put_request(req);
633 				ret = -ENOMEM;
634 				break;
635 			}
636 			num_pages = DIV_ROUND_UP(ret + page_off, PAGE_SIZE);
637 			if (ret < len) {
638 				len = ret;
639 				osd_req_op_extent_update(req, 0, len);
640 				more = false;
641 			}
642 		} else {
643 			num_pages = calc_pages_for(off, len);
644 			page_off = off & ~PAGE_MASK;
645 			pages = ceph_alloc_page_vector(num_pages, GFP_KERNEL);
646 			if (IS_ERR(pages)) {
647 				ceph_osdc_put_request(req);
648 				ret = PTR_ERR(pages);
649 				break;
650 			}
651 		}
652 
653 		osd_req_op_extent_osd_data_pages(req, 0, pages, len, page_off,
654 						 false, false);
655 		ret = ceph_osdc_start_request(osdc, req, false);
656 		if (!ret)
657 			ret = ceph_osdc_wait_request(osdc, req);
658 		ceph_osdc_put_request(req);
659 
660 		i_size = i_size_read(inode);
661 		dout("sync_read %llu~%llu got %zd i_size %llu%s\n",
662 		     off, len, ret, i_size, (more ? " MORE" : ""));
663 
664 		if (ret == -ENOENT)
665 			ret = 0;
666 		if (ret >= 0 && ret < len && (off + ret < i_size)) {
667 			int zlen = min(len - ret, i_size - off - ret);
668 			int zoff = page_off + ret;
669 			dout("sync_read zero gap %llu~%llu\n",
670                              off + ret, off + ret + zlen);
671 			ceph_zero_page_vector_range(zoff, zlen, pages);
672 			ret += zlen;
673 		}
674 
675 		if (unlikely(iov_iter_is_pipe(to))) {
676 			if (ret > 0) {
677 				iov_iter_advance(to, ret);
678 				off += ret;
679 			} else {
680 				iov_iter_advance(to, 0);
681 			}
682 			ceph_put_page_vector(pages, num_pages, false);
683 		} else {
684 			int idx = 0;
685 			size_t left = ret > 0 ? ret : 0;
686 			while (left > 0) {
687 				size_t len, copied;
688 				page_off = off & ~PAGE_MASK;
689 				len = min_t(size_t, left, PAGE_SIZE - page_off);
690 				copied = copy_page_to_iter(pages[idx++],
691 							   page_off, len, to);
692 				off += copied;
693 				left -= copied;
694 				if (copied < len) {
695 					ret = -EFAULT;
696 					break;
697 				}
698 			}
699 			ceph_release_page_vector(pages, num_pages);
700 		}
701 
702 		if (ret < 0) {
703 			if (ret == -EBLACKLISTED)
704 				fsc->blacklisted = true;
705 			break;
706 		}
707 
708 		if (off >= i_size || !more)
709 			break;
710 	}
711 
712 	if (off > iocb->ki_pos) {
713 		if (ret >= 0 &&
714 		    iov_iter_count(to) > 0 && off >= i_size_read(inode))
715 			*retry_op = CHECK_EOF;
716 		ret = off - iocb->ki_pos;
717 		iocb->ki_pos = off;
718 	}
719 
720 	dout("sync_read result %zd retry_op %d\n", ret, *retry_op);
721 	return ret;
722 }
723 
724 struct ceph_aio_request {
725 	struct kiocb *iocb;
726 	size_t total_len;
727 	bool write;
728 	bool should_dirty;
729 	int error;
730 	struct list_head osd_reqs;
731 	unsigned num_reqs;
732 	atomic_t pending_reqs;
733 	struct timespec64 mtime;
734 	struct ceph_cap_flush *prealloc_cf;
735 };
736 
737 struct ceph_aio_work {
738 	struct work_struct work;
739 	struct ceph_osd_request *req;
740 };
741 
742 static void ceph_aio_retry_work(struct work_struct *work);
743 
744 static void ceph_aio_complete(struct inode *inode,
745 			      struct ceph_aio_request *aio_req)
746 {
747 	struct ceph_inode_info *ci = ceph_inode(inode);
748 	int ret;
749 
750 	if (!atomic_dec_and_test(&aio_req->pending_reqs))
751 		return;
752 
753 	ret = aio_req->error;
754 	if (!ret)
755 		ret = aio_req->total_len;
756 
757 	dout("ceph_aio_complete %p rc %d\n", inode, ret);
758 
759 	if (ret >= 0 && aio_req->write) {
760 		int dirty;
761 
762 		loff_t endoff = aio_req->iocb->ki_pos + aio_req->total_len;
763 		if (endoff > i_size_read(inode)) {
764 			if (ceph_inode_set_size(inode, endoff))
765 				ceph_check_caps(ci, CHECK_CAPS_AUTHONLY, NULL);
766 		}
767 
768 		spin_lock(&ci->i_ceph_lock);
769 		ci->i_inline_version = CEPH_INLINE_NONE;
770 		dirty = __ceph_mark_dirty_caps(ci, CEPH_CAP_FILE_WR,
771 					       &aio_req->prealloc_cf);
772 		spin_unlock(&ci->i_ceph_lock);
773 		if (dirty)
774 			__mark_inode_dirty(inode, dirty);
775 
776 	}
777 
778 	ceph_put_cap_refs(ci, (aio_req->write ? CEPH_CAP_FILE_WR :
779 						CEPH_CAP_FILE_RD));
780 
781 	aio_req->iocb->ki_complete(aio_req->iocb, ret, 0);
782 
783 	ceph_free_cap_flush(aio_req->prealloc_cf);
784 	kfree(aio_req);
785 }
786 
787 static void ceph_aio_complete_req(struct ceph_osd_request *req)
788 {
789 	int rc = req->r_result;
790 	struct inode *inode = req->r_inode;
791 	struct ceph_aio_request *aio_req = req->r_priv;
792 	struct ceph_osd_data *osd_data = osd_req_op_extent_osd_data(req, 0);
793 
794 	BUG_ON(osd_data->type != CEPH_OSD_DATA_TYPE_BVECS);
795 	BUG_ON(!osd_data->num_bvecs);
796 
797 	dout("ceph_aio_complete_req %p rc %d bytes %u\n",
798 	     inode, rc, osd_data->bvec_pos.iter.bi_size);
799 
800 	if (rc == -EOLDSNAPC) {
801 		struct ceph_aio_work *aio_work;
802 		BUG_ON(!aio_req->write);
803 
804 		aio_work = kmalloc(sizeof(*aio_work), GFP_NOFS);
805 		if (aio_work) {
806 			INIT_WORK(&aio_work->work, ceph_aio_retry_work);
807 			aio_work->req = req;
808 			queue_work(ceph_inode_to_client(inode)->inode_wq,
809 				   &aio_work->work);
810 			return;
811 		}
812 		rc = -ENOMEM;
813 	} else if (!aio_req->write) {
814 		if (rc == -ENOENT)
815 			rc = 0;
816 		if (rc >= 0 && osd_data->bvec_pos.iter.bi_size > rc) {
817 			struct iov_iter i;
818 			int zlen = osd_data->bvec_pos.iter.bi_size - rc;
819 
820 			/*
821 			 * If read is satisfied by single OSD request,
822 			 * it can pass EOF. Otherwise read is within
823 			 * i_size.
824 			 */
825 			if (aio_req->num_reqs == 1) {
826 				loff_t i_size = i_size_read(inode);
827 				loff_t endoff = aio_req->iocb->ki_pos + rc;
828 				if (endoff < i_size)
829 					zlen = min_t(size_t, zlen,
830 						     i_size - endoff);
831 				aio_req->total_len = rc + zlen;
832 			}
833 
834 			iov_iter_bvec(&i, READ, osd_data->bvec_pos.bvecs,
835 				      osd_data->num_bvecs,
836 				      osd_data->bvec_pos.iter.bi_size);
837 			iov_iter_advance(&i, rc);
838 			iov_iter_zero(zlen, &i);
839 		}
840 	}
841 
842 	put_bvecs(osd_data->bvec_pos.bvecs, osd_data->num_bvecs,
843 		  aio_req->should_dirty);
844 	ceph_osdc_put_request(req);
845 
846 	if (rc < 0)
847 		cmpxchg(&aio_req->error, 0, rc);
848 
849 	ceph_aio_complete(inode, aio_req);
850 	return;
851 }
852 
853 static void ceph_aio_retry_work(struct work_struct *work)
854 {
855 	struct ceph_aio_work *aio_work =
856 		container_of(work, struct ceph_aio_work, work);
857 	struct ceph_osd_request *orig_req = aio_work->req;
858 	struct ceph_aio_request *aio_req = orig_req->r_priv;
859 	struct inode *inode = orig_req->r_inode;
860 	struct ceph_inode_info *ci = ceph_inode(inode);
861 	struct ceph_snap_context *snapc;
862 	struct ceph_osd_request *req;
863 	int ret;
864 
865 	spin_lock(&ci->i_ceph_lock);
866 	if (__ceph_have_pending_cap_snap(ci)) {
867 		struct ceph_cap_snap *capsnap =
868 			list_last_entry(&ci->i_cap_snaps,
869 					struct ceph_cap_snap,
870 					ci_item);
871 		snapc = ceph_get_snap_context(capsnap->context);
872 	} else {
873 		BUG_ON(!ci->i_head_snapc);
874 		snapc = ceph_get_snap_context(ci->i_head_snapc);
875 	}
876 	spin_unlock(&ci->i_ceph_lock);
877 
878 	req = ceph_osdc_alloc_request(orig_req->r_osdc, snapc, 1,
879 			false, GFP_NOFS);
880 	if (!req) {
881 		ret = -ENOMEM;
882 		req = orig_req;
883 		goto out;
884 	}
885 
886 	req->r_flags = /* CEPH_OSD_FLAG_ORDERSNAP | */ CEPH_OSD_FLAG_WRITE;
887 	ceph_oloc_copy(&req->r_base_oloc, &orig_req->r_base_oloc);
888 	ceph_oid_copy(&req->r_base_oid, &orig_req->r_base_oid);
889 
890 	req->r_ops[0] = orig_req->r_ops[0];
891 
892 	req->r_mtime = aio_req->mtime;
893 	req->r_data_offset = req->r_ops[0].extent.offset;
894 
895 	ret = ceph_osdc_alloc_messages(req, GFP_NOFS);
896 	if (ret) {
897 		ceph_osdc_put_request(req);
898 		req = orig_req;
899 		goto out;
900 	}
901 
902 	ceph_osdc_put_request(orig_req);
903 
904 	req->r_callback = ceph_aio_complete_req;
905 	req->r_inode = inode;
906 	req->r_priv = aio_req;
907 
908 	ret = ceph_osdc_start_request(req->r_osdc, req, false);
909 out:
910 	if (ret < 0) {
911 		req->r_result = ret;
912 		ceph_aio_complete_req(req);
913 	}
914 
915 	ceph_put_snap_context(snapc);
916 	kfree(aio_work);
917 }
918 
919 static ssize_t
920 ceph_direct_read_write(struct kiocb *iocb, struct iov_iter *iter,
921 		       struct ceph_snap_context *snapc,
922 		       struct ceph_cap_flush **pcf)
923 {
924 	struct file *file = iocb->ki_filp;
925 	struct inode *inode = file_inode(file);
926 	struct ceph_inode_info *ci = ceph_inode(inode);
927 	struct ceph_fs_client *fsc = ceph_inode_to_client(inode);
928 	struct ceph_vino vino;
929 	struct ceph_osd_request *req;
930 	struct bio_vec *bvecs;
931 	struct ceph_aio_request *aio_req = NULL;
932 	int num_pages = 0;
933 	int flags;
934 	int ret = 0;
935 	struct timespec64 mtime = current_time(inode);
936 	size_t count = iov_iter_count(iter);
937 	loff_t pos = iocb->ki_pos;
938 	bool write = iov_iter_rw(iter) == WRITE;
939 	bool should_dirty = !write && iter_is_iovec(iter);
940 
941 	if (write && ceph_snap(file_inode(file)) != CEPH_NOSNAP)
942 		return -EROFS;
943 
944 	dout("sync_direct_%s on file %p %lld~%u snapc %p seq %lld\n",
945 	     (write ? "write" : "read"), file, pos, (unsigned)count,
946 	     snapc, snapc ? snapc->seq : 0);
947 
948 	if (write) {
949 		int ret2 = invalidate_inode_pages2_range(inode->i_mapping,
950 					pos >> PAGE_SHIFT,
951 					(pos + count - 1) >> PAGE_SHIFT);
952 		if (ret2 < 0)
953 			dout("invalidate_inode_pages2_range returned %d\n", ret2);
954 
955 		flags = /* CEPH_OSD_FLAG_ORDERSNAP | */ CEPH_OSD_FLAG_WRITE;
956 	} else {
957 		flags = CEPH_OSD_FLAG_READ;
958 	}
959 
960 	while (iov_iter_count(iter) > 0) {
961 		u64 size = iov_iter_count(iter);
962 		ssize_t len;
963 
964 		if (write)
965 			size = min_t(u64, size, fsc->mount_options->wsize);
966 		else
967 			size = min_t(u64, size, fsc->mount_options->rsize);
968 
969 		vino = ceph_vino(inode);
970 		req = ceph_osdc_new_request(&fsc->client->osdc, &ci->i_layout,
971 					    vino, pos, &size, 0,
972 					    1,
973 					    write ? CEPH_OSD_OP_WRITE :
974 						    CEPH_OSD_OP_READ,
975 					    flags, snapc,
976 					    ci->i_truncate_seq,
977 					    ci->i_truncate_size,
978 					    false);
979 		if (IS_ERR(req)) {
980 			ret = PTR_ERR(req);
981 			break;
982 		}
983 
984 		len = iter_get_bvecs_alloc(iter, size, &bvecs, &num_pages);
985 		if (len < 0) {
986 			ceph_osdc_put_request(req);
987 			ret = len;
988 			break;
989 		}
990 		if (len != size)
991 			osd_req_op_extent_update(req, 0, len);
992 
993 		/*
994 		 * To simplify error handling, allow AIO when IO within i_size
995 		 * or IO can be satisfied by single OSD request.
996 		 */
997 		if (pos == iocb->ki_pos && !is_sync_kiocb(iocb) &&
998 		    (len == count || pos + count <= i_size_read(inode))) {
999 			aio_req = kzalloc(sizeof(*aio_req), GFP_KERNEL);
1000 			if (aio_req) {
1001 				aio_req->iocb = iocb;
1002 				aio_req->write = write;
1003 				aio_req->should_dirty = should_dirty;
1004 				INIT_LIST_HEAD(&aio_req->osd_reqs);
1005 				if (write) {
1006 					aio_req->mtime = mtime;
1007 					swap(aio_req->prealloc_cf, *pcf);
1008 				}
1009 			}
1010 			/* ignore error */
1011 		}
1012 
1013 		if (write) {
1014 			/*
1015 			 * throw out any page cache pages in this range. this
1016 			 * may block.
1017 			 */
1018 			truncate_inode_pages_range(inode->i_mapping, pos,
1019 						   PAGE_ALIGN(pos + len) - 1);
1020 
1021 			req->r_mtime = mtime;
1022 		}
1023 
1024 		osd_req_op_extent_osd_data_bvecs(req, 0, bvecs, num_pages, len);
1025 
1026 		if (aio_req) {
1027 			aio_req->total_len += len;
1028 			aio_req->num_reqs++;
1029 			atomic_inc(&aio_req->pending_reqs);
1030 
1031 			req->r_callback = ceph_aio_complete_req;
1032 			req->r_inode = inode;
1033 			req->r_priv = aio_req;
1034 			list_add_tail(&req->r_private_item, &aio_req->osd_reqs);
1035 
1036 			pos += len;
1037 			continue;
1038 		}
1039 
1040 		ret = ceph_osdc_start_request(req->r_osdc, req, false);
1041 		if (!ret)
1042 			ret = ceph_osdc_wait_request(&fsc->client->osdc, req);
1043 
1044 		size = i_size_read(inode);
1045 		if (!write) {
1046 			if (ret == -ENOENT)
1047 				ret = 0;
1048 			if (ret >= 0 && ret < len && pos + ret < size) {
1049 				struct iov_iter i;
1050 				int zlen = min_t(size_t, len - ret,
1051 						 size - pos - ret);
1052 
1053 				iov_iter_bvec(&i, READ, bvecs, num_pages, len);
1054 				iov_iter_advance(&i, ret);
1055 				iov_iter_zero(zlen, &i);
1056 				ret += zlen;
1057 			}
1058 			if (ret >= 0)
1059 				len = ret;
1060 		}
1061 
1062 		put_bvecs(bvecs, num_pages, should_dirty);
1063 		ceph_osdc_put_request(req);
1064 		if (ret < 0)
1065 			break;
1066 
1067 		pos += len;
1068 		if (!write && pos >= size)
1069 			break;
1070 
1071 		if (write && pos > size) {
1072 			if (ceph_inode_set_size(inode, pos))
1073 				ceph_check_caps(ceph_inode(inode),
1074 						CHECK_CAPS_AUTHONLY,
1075 						NULL);
1076 		}
1077 	}
1078 
1079 	if (aio_req) {
1080 		LIST_HEAD(osd_reqs);
1081 
1082 		if (aio_req->num_reqs == 0) {
1083 			kfree(aio_req);
1084 			return ret;
1085 		}
1086 
1087 		ceph_get_cap_refs(ci, write ? CEPH_CAP_FILE_WR :
1088 					      CEPH_CAP_FILE_RD);
1089 
1090 		list_splice(&aio_req->osd_reqs, &osd_reqs);
1091 		while (!list_empty(&osd_reqs)) {
1092 			req = list_first_entry(&osd_reqs,
1093 					       struct ceph_osd_request,
1094 					       r_private_item);
1095 			list_del_init(&req->r_private_item);
1096 			if (ret >= 0)
1097 				ret = ceph_osdc_start_request(req->r_osdc,
1098 							      req, false);
1099 			if (ret < 0) {
1100 				req->r_result = ret;
1101 				ceph_aio_complete_req(req);
1102 			}
1103 		}
1104 		return -EIOCBQUEUED;
1105 	}
1106 
1107 	if (ret != -EOLDSNAPC && pos > iocb->ki_pos) {
1108 		ret = pos - iocb->ki_pos;
1109 		iocb->ki_pos = pos;
1110 	}
1111 	return ret;
1112 }
1113 
1114 /*
1115  * Synchronous write, straight from __user pointer or user pages.
1116  *
1117  * If write spans object boundary, just do multiple writes.  (For a
1118  * correct atomic write, we should e.g. take write locks on all
1119  * objects, rollback on failure, etc.)
1120  */
1121 static ssize_t
1122 ceph_sync_write(struct kiocb *iocb, struct iov_iter *from, loff_t pos,
1123 		struct ceph_snap_context *snapc)
1124 {
1125 	struct file *file = iocb->ki_filp;
1126 	struct inode *inode = file_inode(file);
1127 	struct ceph_inode_info *ci = ceph_inode(inode);
1128 	struct ceph_fs_client *fsc = ceph_inode_to_client(inode);
1129 	struct ceph_vino vino;
1130 	struct ceph_osd_request *req;
1131 	struct page **pages;
1132 	u64 len;
1133 	int num_pages;
1134 	int written = 0;
1135 	int flags;
1136 	int ret;
1137 	bool check_caps = false;
1138 	struct timespec64 mtime = current_time(inode);
1139 	size_t count = iov_iter_count(from);
1140 
1141 	if (ceph_snap(file_inode(file)) != CEPH_NOSNAP)
1142 		return -EROFS;
1143 
1144 	dout("sync_write on file %p %lld~%u snapc %p seq %lld\n",
1145 	     file, pos, (unsigned)count, snapc, snapc->seq);
1146 
1147 	ret = filemap_write_and_wait_range(inode->i_mapping,
1148 					   pos, pos + count - 1);
1149 	if (ret < 0)
1150 		return ret;
1151 
1152 	ret = invalidate_inode_pages2_range(inode->i_mapping,
1153 					    pos >> PAGE_SHIFT,
1154 					    (pos + count - 1) >> PAGE_SHIFT);
1155 	if (ret < 0)
1156 		dout("invalidate_inode_pages2_range returned %d\n", ret);
1157 
1158 	flags = /* CEPH_OSD_FLAG_ORDERSNAP | */ CEPH_OSD_FLAG_WRITE;
1159 
1160 	while ((len = iov_iter_count(from)) > 0) {
1161 		size_t left;
1162 		int n;
1163 
1164 		vino = ceph_vino(inode);
1165 		req = ceph_osdc_new_request(&fsc->client->osdc, &ci->i_layout,
1166 					    vino, pos, &len, 0, 1,
1167 					    CEPH_OSD_OP_WRITE, flags, snapc,
1168 					    ci->i_truncate_seq,
1169 					    ci->i_truncate_size,
1170 					    false);
1171 		if (IS_ERR(req)) {
1172 			ret = PTR_ERR(req);
1173 			break;
1174 		}
1175 
1176 		/*
1177 		 * write from beginning of first page,
1178 		 * regardless of io alignment
1179 		 */
1180 		num_pages = (len + PAGE_SIZE - 1) >> PAGE_SHIFT;
1181 
1182 		pages = ceph_alloc_page_vector(num_pages, GFP_KERNEL);
1183 		if (IS_ERR(pages)) {
1184 			ret = PTR_ERR(pages);
1185 			goto out;
1186 		}
1187 
1188 		left = len;
1189 		for (n = 0; n < num_pages; n++) {
1190 			size_t plen = min_t(size_t, left, PAGE_SIZE);
1191 			ret = copy_page_from_iter(pages[n], 0, plen, from);
1192 			if (ret != plen) {
1193 				ret = -EFAULT;
1194 				break;
1195 			}
1196 			left -= ret;
1197 		}
1198 
1199 		if (ret < 0) {
1200 			ceph_release_page_vector(pages, num_pages);
1201 			goto out;
1202 		}
1203 
1204 		req->r_inode = inode;
1205 
1206 		osd_req_op_extent_osd_data_pages(req, 0, pages, len, 0,
1207 						false, true);
1208 
1209 		req->r_mtime = mtime;
1210 		ret = ceph_osdc_start_request(&fsc->client->osdc, req, false);
1211 		if (!ret)
1212 			ret = ceph_osdc_wait_request(&fsc->client->osdc, req);
1213 
1214 out:
1215 		ceph_osdc_put_request(req);
1216 		if (ret != 0) {
1217 			ceph_set_error_write(ci);
1218 			break;
1219 		}
1220 
1221 		ceph_clear_error_write(ci);
1222 		pos += len;
1223 		written += len;
1224 		if (pos > i_size_read(inode)) {
1225 			check_caps = ceph_inode_set_size(inode, pos);
1226 			if (check_caps)
1227 				ceph_check_caps(ceph_inode(inode),
1228 						CHECK_CAPS_AUTHONLY,
1229 						NULL);
1230 		}
1231 
1232 	}
1233 
1234 	if (ret != -EOLDSNAPC && written > 0) {
1235 		ret = written;
1236 		iocb->ki_pos = pos;
1237 	}
1238 	return ret;
1239 }
1240 
1241 /*
1242  * Wrap generic_file_aio_read with checks for cap bits on the inode.
1243  * Atomically grab references, so that those bits are not released
1244  * back to the MDS mid-read.
1245  *
1246  * Hmm, the sync read case isn't actually async... should it be?
1247  */
1248 static ssize_t ceph_read_iter(struct kiocb *iocb, struct iov_iter *to)
1249 {
1250 	struct file *filp = iocb->ki_filp;
1251 	struct ceph_file_info *fi = filp->private_data;
1252 	size_t len = iov_iter_count(to);
1253 	struct inode *inode = file_inode(filp);
1254 	struct ceph_inode_info *ci = ceph_inode(inode);
1255 	struct page *pinned_page = NULL;
1256 	ssize_t ret;
1257 	int want, got = 0;
1258 	int retry_op = 0, read = 0;
1259 
1260 again:
1261 	dout("aio_read %p %llx.%llx %llu~%u trying to get caps on %p\n",
1262 	     inode, ceph_vinop(inode), iocb->ki_pos, (unsigned)len, inode);
1263 
1264 	if (fi->fmode & CEPH_FILE_MODE_LAZY)
1265 		want = CEPH_CAP_FILE_CACHE | CEPH_CAP_FILE_LAZYIO;
1266 	else
1267 		want = CEPH_CAP_FILE_CACHE;
1268 	ret = ceph_get_caps(filp, CEPH_CAP_FILE_RD, want, -1,
1269 			    &got, &pinned_page);
1270 	if (ret < 0)
1271 		return ret;
1272 
1273 	if ((got & (CEPH_CAP_FILE_CACHE|CEPH_CAP_FILE_LAZYIO)) == 0 ||
1274 	    (iocb->ki_flags & IOCB_DIRECT) ||
1275 	    (fi->flags & CEPH_F_SYNC)) {
1276 
1277 		dout("aio_sync_read %p %llx.%llx %llu~%u got cap refs on %s\n",
1278 		     inode, ceph_vinop(inode), iocb->ki_pos, (unsigned)len,
1279 		     ceph_cap_string(got));
1280 
1281 		if (ci->i_inline_version == CEPH_INLINE_NONE) {
1282 			if (!retry_op && (iocb->ki_flags & IOCB_DIRECT)) {
1283 				ceph_start_io_direct(inode);
1284 				ret = ceph_direct_read_write(iocb, to,
1285 							     NULL, NULL);
1286 				ceph_end_io_direct(inode);
1287 				if (ret >= 0 && ret < len)
1288 					retry_op = CHECK_EOF;
1289 			} else {
1290 				ceph_start_io_read(inode);
1291 				ret = ceph_sync_read(iocb, to, &retry_op);
1292 				ceph_end_io_read(inode);
1293 			}
1294 		} else {
1295 			retry_op = READ_INLINE;
1296 		}
1297 	} else {
1298 		CEPH_DEFINE_RW_CONTEXT(rw_ctx, got);
1299 		dout("aio_read %p %llx.%llx %llu~%u got cap refs on %s\n",
1300 		     inode, ceph_vinop(inode), iocb->ki_pos, (unsigned)len,
1301 		     ceph_cap_string(got));
1302 		ceph_add_rw_context(fi, &rw_ctx);
1303 		ceph_start_io_read(inode);
1304 		ret = generic_file_read_iter(iocb, to);
1305 		ceph_end_io_read(inode);
1306 		ceph_del_rw_context(fi, &rw_ctx);
1307 	}
1308 	dout("aio_read %p %llx.%llx dropping cap refs on %s = %d\n",
1309 	     inode, ceph_vinop(inode), ceph_cap_string(got), (int)ret);
1310 	if (pinned_page) {
1311 		put_page(pinned_page);
1312 		pinned_page = NULL;
1313 	}
1314 	ceph_put_cap_refs(ci, got);
1315 	if (retry_op > HAVE_RETRIED && ret >= 0) {
1316 		int statret;
1317 		struct page *page = NULL;
1318 		loff_t i_size;
1319 		if (retry_op == READ_INLINE) {
1320 			page = __page_cache_alloc(GFP_KERNEL);
1321 			if (!page)
1322 				return -ENOMEM;
1323 		}
1324 
1325 		statret = __ceph_do_getattr(inode, page,
1326 					    CEPH_STAT_CAP_INLINE_DATA, !!page);
1327 		if (statret < 0) {
1328 			if (page)
1329 				__free_page(page);
1330 			if (statret == -ENODATA) {
1331 				BUG_ON(retry_op != READ_INLINE);
1332 				goto again;
1333 			}
1334 			return statret;
1335 		}
1336 
1337 		i_size = i_size_read(inode);
1338 		if (retry_op == READ_INLINE) {
1339 			BUG_ON(ret > 0 || read > 0);
1340 			if (iocb->ki_pos < i_size &&
1341 			    iocb->ki_pos < PAGE_SIZE) {
1342 				loff_t end = min_t(loff_t, i_size,
1343 						   iocb->ki_pos + len);
1344 				end = min_t(loff_t, end, PAGE_SIZE);
1345 				if (statret < end)
1346 					zero_user_segment(page, statret, end);
1347 				ret = copy_page_to_iter(page,
1348 						iocb->ki_pos & ~PAGE_MASK,
1349 						end - iocb->ki_pos, to);
1350 				iocb->ki_pos += ret;
1351 				read += ret;
1352 			}
1353 			if (iocb->ki_pos < i_size && read < len) {
1354 				size_t zlen = min_t(size_t, len - read,
1355 						    i_size - iocb->ki_pos);
1356 				ret = iov_iter_zero(zlen, to);
1357 				iocb->ki_pos += ret;
1358 				read += ret;
1359 			}
1360 			__free_pages(page, 0);
1361 			return read;
1362 		}
1363 
1364 		/* hit EOF or hole? */
1365 		if (retry_op == CHECK_EOF && iocb->ki_pos < i_size &&
1366 		    ret < len) {
1367 			dout("sync_read hit hole, ppos %lld < size %lld"
1368 			     ", reading more\n", iocb->ki_pos, i_size);
1369 
1370 			read += ret;
1371 			len -= ret;
1372 			retry_op = HAVE_RETRIED;
1373 			goto again;
1374 		}
1375 	}
1376 
1377 	if (ret >= 0)
1378 		ret += read;
1379 
1380 	return ret;
1381 }
1382 
1383 /*
1384  * Take cap references to avoid releasing caps to MDS mid-write.
1385  *
1386  * If we are synchronous, and write with an old snap context, the OSD
1387  * may return EOLDSNAPC.  In that case, retry the write.. _after_
1388  * dropping our cap refs and allowing the pending snap to logically
1389  * complete _before_ this write occurs.
1390  *
1391  * If we are near ENOSPC, write synchronously.
1392  */
1393 static ssize_t ceph_write_iter(struct kiocb *iocb, struct iov_iter *from)
1394 {
1395 	struct file *file = iocb->ki_filp;
1396 	struct ceph_file_info *fi = file->private_data;
1397 	struct inode *inode = file_inode(file);
1398 	struct ceph_inode_info *ci = ceph_inode(inode);
1399 	struct ceph_fs_client *fsc = ceph_inode_to_client(inode);
1400 	struct ceph_cap_flush *prealloc_cf;
1401 	ssize_t count, written = 0;
1402 	int err, want, got;
1403 	loff_t pos;
1404 	loff_t limit = max(i_size_read(inode), fsc->max_file_size);
1405 
1406 	if (ceph_snap(inode) != CEPH_NOSNAP)
1407 		return -EROFS;
1408 
1409 	prealloc_cf = ceph_alloc_cap_flush();
1410 	if (!prealloc_cf)
1411 		return -ENOMEM;
1412 
1413 retry_snap:
1414 	if (iocb->ki_flags & IOCB_DIRECT)
1415 		ceph_start_io_direct(inode);
1416 	else
1417 		ceph_start_io_write(inode);
1418 
1419 	/* We can write back this queue in page reclaim */
1420 	current->backing_dev_info = inode_to_bdi(inode);
1421 
1422 	if (iocb->ki_flags & IOCB_APPEND) {
1423 		err = ceph_do_getattr(inode, CEPH_STAT_CAP_SIZE, false);
1424 		if (err < 0)
1425 			goto out;
1426 	}
1427 
1428 	err = generic_write_checks(iocb, from);
1429 	if (err <= 0)
1430 		goto out;
1431 
1432 	pos = iocb->ki_pos;
1433 	if (unlikely(pos >= limit)) {
1434 		err = -EFBIG;
1435 		goto out;
1436 	} else {
1437 		iov_iter_truncate(from, limit - pos);
1438 	}
1439 
1440 	count = iov_iter_count(from);
1441 	if (ceph_quota_is_max_bytes_exceeded(inode, pos + count)) {
1442 		err = -EDQUOT;
1443 		goto out;
1444 	}
1445 
1446 	err = file_remove_privs(file);
1447 	if (err)
1448 		goto out;
1449 
1450 	err = file_update_time(file);
1451 	if (err)
1452 		goto out;
1453 
1454 	inode_inc_iversion_raw(inode);
1455 
1456 	if (ci->i_inline_version != CEPH_INLINE_NONE) {
1457 		err = ceph_uninline_data(file, NULL);
1458 		if (err < 0)
1459 			goto out;
1460 	}
1461 
1462 	/* FIXME: not complete since it doesn't account for being at quota */
1463 	if (ceph_osdmap_flag(&fsc->client->osdc, CEPH_OSDMAP_FULL)) {
1464 		err = -ENOSPC;
1465 		goto out;
1466 	}
1467 
1468 	dout("aio_write %p %llx.%llx %llu~%zd getting caps. i_size %llu\n",
1469 	     inode, ceph_vinop(inode), pos, count, i_size_read(inode));
1470 	if (fi->fmode & CEPH_FILE_MODE_LAZY)
1471 		want = CEPH_CAP_FILE_BUFFER | CEPH_CAP_FILE_LAZYIO;
1472 	else
1473 		want = CEPH_CAP_FILE_BUFFER;
1474 	got = 0;
1475 	err = ceph_get_caps(file, CEPH_CAP_FILE_WR, want, pos + count,
1476 			    &got, NULL);
1477 	if (err < 0)
1478 		goto out;
1479 
1480 	dout("aio_write %p %llx.%llx %llu~%zd got cap refs on %s\n",
1481 	     inode, ceph_vinop(inode), pos, count, ceph_cap_string(got));
1482 
1483 	if ((got & (CEPH_CAP_FILE_BUFFER|CEPH_CAP_FILE_LAZYIO)) == 0 ||
1484 	    (iocb->ki_flags & IOCB_DIRECT) || (fi->flags & CEPH_F_SYNC) ||
1485 	    (ci->i_ceph_flags & CEPH_I_ERROR_WRITE)) {
1486 		struct ceph_snap_context *snapc;
1487 		struct iov_iter data;
1488 
1489 		spin_lock(&ci->i_ceph_lock);
1490 		if (__ceph_have_pending_cap_snap(ci)) {
1491 			struct ceph_cap_snap *capsnap =
1492 					list_last_entry(&ci->i_cap_snaps,
1493 							struct ceph_cap_snap,
1494 							ci_item);
1495 			snapc = ceph_get_snap_context(capsnap->context);
1496 		} else {
1497 			BUG_ON(!ci->i_head_snapc);
1498 			snapc = ceph_get_snap_context(ci->i_head_snapc);
1499 		}
1500 		spin_unlock(&ci->i_ceph_lock);
1501 
1502 		/* we might need to revert back to that point */
1503 		data = *from;
1504 		if (iocb->ki_flags & IOCB_DIRECT) {
1505 			written = ceph_direct_read_write(iocb, &data, snapc,
1506 							 &prealloc_cf);
1507 			ceph_end_io_direct(inode);
1508 		} else {
1509 			written = ceph_sync_write(iocb, &data, pos, snapc);
1510 			ceph_end_io_write(inode);
1511 		}
1512 		if (written > 0)
1513 			iov_iter_advance(from, written);
1514 		ceph_put_snap_context(snapc);
1515 	} else {
1516 		/*
1517 		 * No need to acquire the i_truncate_mutex. Because
1518 		 * the MDS revokes Fwb caps before sending truncate
1519 		 * message to us. We can't get Fwb cap while there
1520 		 * are pending vmtruncate. So write and vmtruncate
1521 		 * can not run at the same time
1522 		 */
1523 		written = generic_perform_write(file, from, pos);
1524 		if (likely(written >= 0))
1525 			iocb->ki_pos = pos + written;
1526 		ceph_end_io_write(inode);
1527 	}
1528 
1529 	if (written >= 0) {
1530 		int dirty;
1531 
1532 		spin_lock(&ci->i_ceph_lock);
1533 		ci->i_inline_version = CEPH_INLINE_NONE;
1534 		dirty = __ceph_mark_dirty_caps(ci, CEPH_CAP_FILE_WR,
1535 					       &prealloc_cf);
1536 		spin_unlock(&ci->i_ceph_lock);
1537 		if (dirty)
1538 			__mark_inode_dirty(inode, dirty);
1539 		if (ceph_quota_is_max_bytes_approaching(inode, iocb->ki_pos))
1540 			ceph_check_caps(ci, CHECK_CAPS_NODELAY, NULL);
1541 	}
1542 
1543 	dout("aio_write %p %llx.%llx %llu~%u  dropping cap refs on %s\n",
1544 	     inode, ceph_vinop(inode), pos, (unsigned)count,
1545 	     ceph_cap_string(got));
1546 	ceph_put_cap_refs(ci, got);
1547 
1548 	if (written == -EOLDSNAPC) {
1549 		dout("aio_write %p %llx.%llx %llu~%u" "got EOLDSNAPC, retrying\n",
1550 		     inode, ceph_vinop(inode), pos, (unsigned)count);
1551 		goto retry_snap;
1552 	}
1553 
1554 	if (written >= 0) {
1555 		if (ceph_osdmap_flag(&fsc->client->osdc, CEPH_OSDMAP_NEARFULL))
1556 			iocb->ki_flags |= IOCB_DSYNC;
1557 		written = generic_write_sync(iocb, written);
1558 	}
1559 
1560 	goto out_unlocked;
1561 out:
1562 	if (iocb->ki_flags & IOCB_DIRECT)
1563 		ceph_end_io_direct(inode);
1564 	else
1565 		ceph_end_io_write(inode);
1566 out_unlocked:
1567 	ceph_free_cap_flush(prealloc_cf);
1568 	current->backing_dev_info = NULL;
1569 	return written ? written : err;
1570 }
1571 
1572 /*
1573  * llseek.  be sure to verify file size on SEEK_END.
1574  */
1575 static loff_t ceph_llseek(struct file *file, loff_t offset, int whence)
1576 {
1577 	struct inode *inode = file->f_mapping->host;
1578 	struct ceph_fs_client *fsc = ceph_inode_to_client(inode);
1579 	loff_t i_size;
1580 	loff_t ret;
1581 
1582 	inode_lock(inode);
1583 
1584 	if (whence == SEEK_END || whence == SEEK_DATA || whence == SEEK_HOLE) {
1585 		ret = ceph_do_getattr(inode, CEPH_STAT_CAP_SIZE, false);
1586 		if (ret < 0)
1587 			goto out;
1588 	}
1589 
1590 	i_size = i_size_read(inode);
1591 	switch (whence) {
1592 	case SEEK_END:
1593 		offset += i_size;
1594 		break;
1595 	case SEEK_CUR:
1596 		/*
1597 		 * Here we special-case the lseek(fd, 0, SEEK_CUR)
1598 		 * position-querying operation.  Avoid rewriting the "same"
1599 		 * f_pos value back to the file because a concurrent read(),
1600 		 * write() or lseek() might have altered it
1601 		 */
1602 		if (offset == 0) {
1603 			ret = file->f_pos;
1604 			goto out;
1605 		}
1606 		offset += file->f_pos;
1607 		break;
1608 	case SEEK_DATA:
1609 		if (offset < 0 || offset >= i_size) {
1610 			ret = -ENXIO;
1611 			goto out;
1612 		}
1613 		break;
1614 	case SEEK_HOLE:
1615 		if (offset < 0 || offset >= i_size) {
1616 			ret = -ENXIO;
1617 			goto out;
1618 		}
1619 		offset = i_size;
1620 		break;
1621 	}
1622 
1623 	ret = vfs_setpos(file, offset, max(i_size, fsc->max_file_size));
1624 
1625 out:
1626 	inode_unlock(inode);
1627 	return ret;
1628 }
1629 
1630 static inline void ceph_zero_partial_page(
1631 	struct inode *inode, loff_t offset, unsigned size)
1632 {
1633 	struct page *page;
1634 	pgoff_t index = offset >> PAGE_SHIFT;
1635 
1636 	page = find_lock_page(inode->i_mapping, index);
1637 	if (page) {
1638 		wait_on_page_writeback(page);
1639 		zero_user(page, offset & (PAGE_SIZE - 1), size);
1640 		unlock_page(page);
1641 		put_page(page);
1642 	}
1643 }
1644 
1645 static void ceph_zero_pagecache_range(struct inode *inode, loff_t offset,
1646 				      loff_t length)
1647 {
1648 	loff_t nearly = round_up(offset, PAGE_SIZE);
1649 	if (offset < nearly) {
1650 		loff_t size = nearly - offset;
1651 		if (length < size)
1652 			size = length;
1653 		ceph_zero_partial_page(inode, offset, size);
1654 		offset += size;
1655 		length -= size;
1656 	}
1657 	if (length >= PAGE_SIZE) {
1658 		loff_t size = round_down(length, PAGE_SIZE);
1659 		truncate_pagecache_range(inode, offset, offset + size - 1);
1660 		offset += size;
1661 		length -= size;
1662 	}
1663 	if (length)
1664 		ceph_zero_partial_page(inode, offset, length);
1665 }
1666 
1667 static int ceph_zero_partial_object(struct inode *inode,
1668 				    loff_t offset, loff_t *length)
1669 {
1670 	struct ceph_inode_info *ci = ceph_inode(inode);
1671 	struct ceph_fs_client *fsc = ceph_inode_to_client(inode);
1672 	struct ceph_osd_request *req;
1673 	int ret = 0;
1674 	loff_t zero = 0;
1675 	int op;
1676 
1677 	if (!length) {
1678 		op = offset ? CEPH_OSD_OP_DELETE : CEPH_OSD_OP_TRUNCATE;
1679 		length = &zero;
1680 	} else {
1681 		op = CEPH_OSD_OP_ZERO;
1682 	}
1683 
1684 	req = ceph_osdc_new_request(&fsc->client->osdc, &ci->i_layout,
1685 					ceph_vino(inode),
1686 					offset, length,
1687 					0, 1, op,
1688 					CEPH_OSD_FLAG_WRITE,
1689 					NULL, 0, 0, false);
1690 	if (IS_ERR(req)) {
1691 		ret = PTR_ERR(req);
1692 		goto out;
1693 	}
1694 
1695 	req->r_mtime = inode->i_mtime;
1696 	ret = ceph_osdc_start_request(&fsc->client->osdc, req, false);
1697 	if (!ret) {
1698 		ret = ceph_osdc_wait_request(&fsc->client->osdc, req);
1699 		if (ret == -ENOENT)
1700 			ret = 0;
1701 	}
1702 	ceph_osdc_put_request(req);
1703 
1704 out:
1705 	return ret;
1706 }
1707 
1708 static int ceph_zero_objects(struct inode *inode, loff_t offset, loff_t length)
1709 {
1710 	int ret = 0;
1711 	struct ceph_inode_info *ci = ceph_inode(inode);
1712 	s32 stripe_unit = ci->i_layout.stripe_unit;
1713 	s32 stripe_count = ci->i_layout.stripe_count;
1714 	s32 object_size = ci->i_layout.object_size;
1715 	u64 object_set_size = object_size * stripe_count;
1716 	u64 nearly, t;
1717 
1718 	/* round offset up to next period boundary */
1719 	nearly = offset + object_set_size - 1;
1720 	t = nearly;
1721 	nearly -= do_div(t, object_set_size);
1722 
1723 	while (length && offset < nearly) {
1724 		loff_t size = length;
1725 		ret = ceph_zero_partial_object(inode, offset, &size);
1726 		if (ret < 0)
1727 			return ret;
1728 		offset += size;
1729 		length -= size;
1730 	}
1731 	while (length >= object_set_size) {
1732 		int i;
1733 		loff_t pos = offset;
1734 		for (i = 0; i < stripe_count; ++i) {
1735 			ret = ceph_zero_partial_object(inode, pos, NULL);
1736 			if (ret < 0)
1737 				return ret;
1738 			pos += stripe_unit;
1739 		}
1740 		offset += object_set_size;
1741 		length -= object_set_size;
1742 	}
1743 	while (length) {
1744 		loff_t size = length;
1745 		ret = ceph_zero_partial_object(inode, offset, &size);
1746 		if (ret < 0)
1747 			return ret;
1748 		offset += size;
1749 		length -= size;
1750 	}
1751 	return ret;
1752 }
1753 
1754 static long ceph_fallocate(struct file *file, int mode,
1755 				loff_t offset, loff_t length)
1756 {
1757 	struct ceph_file_info *fi = file->private_data;
1758 	struct inode *inode = file_inode(file);
1759 	struct ceph_inode_info *ci = ceph_inode(inode);
1760 	struct ceph_cap_flush *prealloc_cf;
1761 	int want, got = 0;
1762 	int dirty;
1763 	int ret = 0;
1764 	loff_t endoff = 0;
1765 	loff_t size;
1766 
1767 	if (mode != (FALLOC_FL_KEEP_SIZE | FALLOC_FL_PUNCH_HOLE))
1768 		return -EOPNOTSUPP;
1769 
1770 	if (!S_ISREG(inode->i_mode))
1771 		return -EOPNOTSUPP;
1772 
1773 	prealloc_cf = ceph_alloc_cap_flush();
1774 	if (!prealloc_cf)
1775 		return -ENOMEM;
1776 
1777 	inode_lock(inode);
1778 
1779 	if (ceph_snap(inode) != CEPH_NOSNAP) {
1780 		ret = -EROFS;
1781 		goto unlock;
1782 	}
1783 
1784 	if (ci->i_inline_version != CEPH_INLINE_NONE) {
1785 		ret = ceph_uninline_data(file, NULL);
1786 		if (ret < 0)
1787 			goto unlock;
1788 	}
1789 
1790 	size = i_size_read(inode);
1791 
1792 	/* Are we punching a hole beyond EOF? */
1793 	if (offset >= size)
1794 		goto unlock;
1795 	if ((offset + length) > size)
1796 		length = size - offset;
1797 
1798 	if (fi->fmode & CEPH_FILE_MODE_LAZY)
1799 		want = CEPH_CAP_FILE_BUFFER | CEPH_CAP_FILE_LAZYIO;
1800 	else
1801 		want = CEPH_CAP_FILE_BUFFER;
1802 
1803 	ret = ceph_get_caps(file, CEPH_CAP_FILE_WR, want, endoff, &got, NULL);
1804 	if (ret < 0)
1805 		goto unlock;
1806 
1807 	ceph_zero_pagecache_range(inode, offset, length);
1808 	ret = ceph_zero_objects(inode, offset, length);
1809 
1810 	if (!ret) {
1811 		spin_lock(&ci->i_ceph_lock);
1812 		ci->i_inline_version = CEPH_INLINE_NONE;
1813 		dirty = __ceph_mark_dirty_caps(ci, CEPH_CAP_FILE_WR,
1814 					       &prealloc_cf);
1815 		spin_unlock(&ci->i_ceph_lock);
1816 		if (dirty)
1817 			__mark_inode_dirty(inode, dirty);
1818 	}
1819 
1820 	ceph_put_cap_refs(ci, got);
1821 unlock:
1822 	inode_unlock(inode);
1823 	ceph_free_cap_flush(prealloc_cf);
1824 	return ret;
1825 }
1826 
1827 /*
1828  * This function tries to get FILE_WR capabilities for dst_ci and FILE_RD for
1829  * src_ci.  Two attempts are made to obtain both caps, and an error is return if
1830  * this fails; zero is returned on success.
1831  */
1832 static int get_rd_wr_caps(struct file *src_filp, int *src_got,
1833 			  struct file *dst_filp,
1834 			  loff_t dst_endoff, int *dst_got)
1835 {
1836 	int ret = 0;
1837 	bool retrying = false;
1838 
1839 retry_caps:
1840 	ret = ceph_get_caps(dst_filp, CEPH_CAP_FILE_WR, CEPH_CAP_FILE_BUFFER,
1841 			    dst_endoff, dst_got, NULL);
1842 	if (ret < 0)
1843 		return ret;
1844 
1845 	/*
1846 	 * Since we're already holding the FILE_WR capability for the dst file,
1847 	 * we would risk a deadlock by using ceph_get_caps.  Thus, we'll do some
1848 	 * retry dance instead to try to get both capabilities.
1849 	 */
1850 	ret = ceph_try_get_caps(file_inode(src_filp),
1851 				CEPH_CAP_FILE_RD, CEPH_CAP_FILE_SHARED,
1852 				false, src_got);
1853 	if (ret <= 0) {
1854 		/* Start by dropping dst_ci caps and getting src_ci caps */
1855 		ceph_put_cap_refs(ceph_inode(file_inode(dst_filp)), *dst_got);
1856 		if (retrying) {
1857 			if (!ret)
1858 				/* ceph_try_get_caps masks EAGAIN */
1859 				ret = -EAGAIN;
1860 			return ret;
1861 		}
1862 		ret = ceph_get_caps(src_filp, CEPH_CAP_FILE_RD,
1863 				    CEPH_CAP_FILE_SHARED, -1, src_got, NULL);
1864 		if (ret < 0)
1865 			return ret;
1866 		/*... drop src_ci caps too, and retry */
1867 		ceph_put_cap_refs(ceph_inode(file_inode(src_filp)), *src_got);
1868 		retrying = true;
1869 		goto retry_caps;
1870 	}
1871 	return ret;
1872 }
1873 
1874 static void put_rd_wr_caps(struct ceph_inode_info *src_ci, int src_got,
1875 			   struct ceph_inode_info *dst_ci, int dst_got)
1876 {
1877 	ceph_put_cap_refs(src_ci, src_got);
1878 	ceph_put_cap_refs(dst_ci, dst_got);
1879 }
1880 
1881 /*
1882  * This function does several size-related checks, returning an error if:
1883  *  - source file is smaller than off+len
1884  *  - destination file size is not OK (inode_newsize_ok())
1885  *  - max bytes quotas is exceeded
1886  */
1887 static int is_file_size_ok(struct inode *src_inode, struct inode *dst_inode,
1888 			   loff_t src_off, loff_t dst_off, size_t len)
1889 {
1890 	loff_t size, endoff;
1891 
1892 	size = i_size_read(src_inode);
1893 	/*
1894 	 * Don't copy beyond source file EOF.  Instead of simply setting length
1895 	 * to (size - src_off), just drop to VFS default implementation, as the
1896 	 * local i_size may be stale due to other clients writing to the source
1897 	 * inode.
1898 	 */
1899 	if (src_off + len > size) {
1900 		dout("Copy beyond EOF (%llu + %zu > %llu)\n",
1901 		     src_off, len, size);
1902 		return -EOPNOTSUPP;
1903 	}
1904 	size = i_size_read(dst_inode);
1905 
1906 	endoff = dst_off + len;
1907 	if (inode_newsize_ok(dst_inode, endoff))
1908 		return -EOPNOTSUPP;
1909 
1910 	if (ceph_quota_is_max_bytes_exceeded(dst_inode, endoff))
1911 		return -EDQUOT;
1912 
1913 	return 0;
1914 }
1915 
1916 static ssize_t __ceph_copy_file_range(struct file *src_file, loff_t src_off,
1917 				      struct file *dst_file, loff_t dst_off,
1918 				      size_t len, unsigned int flags)
1919 {
1920 	struct inode *src_inode = file_inode(src_file);
1921 	struct inode *dst_inode = file_inode(dst_file);
1922 	struct ceph_inode_info *src_ci = ceph_inode(src_inode);
1923 	struct ceph_inode_info *dst_ci = ceph_inode(dst_inode);
1924 	struct ceph_cap_flush *prealloc_cf;
1925 	struct ceph_fs_client *src_fsc = ceph_inode_to_client(src_inode);
1926 	struct ceph_object_locator src_oloc, dst_oloc;
1927 	struct ceph_object_id src_oid, dst_oid;
1928 	loff_t endoff = 0, size;
1929 	ssize_t ret = -EIO;
1930 	u64 src_objnum, dst_objnum, src_objoff, dst_objoff;
1931 	u32 src_objlen, dst_objlen, object_size;
1932 	int src_got = 0, dst_got = 0, err, dirty;
1933 	bool do_final_copy = false;
1934 
1935 	if (src_inode->i_sb != dst_inode->i_sb) {
1936 		struct ceph_fs_client *dst_fsc = ceph_inode_to_client(dst_inode);
1937 
1938 		if (ceph_fsid_compare(&src_fsc->client->fsid,
1939 				      &dst_fsc->client->fsid)) {
1940 			dout("Copying files across clusters: src: %pU dst: %pU\n",
1941 			     &src_fsc->client->fsid, &dst_fsc->client->fsid);
1942 			return -EXDEV;
1943 		}
1944 	}
1945 	if (ceph_snap(dst_inode) != CEPH_NOSNAP)
1946 		return -EROFS;
1947 
1948 	/*
1949 	 * Some of the checks below will return -EOPNOTSUPP, which will force a
1950 	 * fallback to the default VFS copy_file_range implementation.  This is
1951 	 * desirable in several cases (for ex, the 'len' is smaller than the
1952 	 * size of the objects, or in cases where that would be more
1953 	 * efficient).
1954 	 */
1955 
1956 	if (ceph_test_mount_opt(src_fsc, NOCOPYFROM))
1957 		return -EOPNOTSUPP;
1958 
1959 	if ((src_ci->i_layout.stripe_unit != dst_ci->i_layout.stripe_unit) ||
1960 	    (src_ci->i_layout.stripe_count != dst_ci->i_layout.stripe_count) ||
1961 	    (src_ci->i_layout.object_size != dst_ci->i_layout.object_size))
1962 		return -EOPNOTSUPP;
1963 
1964 	if (len < src_ci->i_layout.object_size)
1965 		return -EOPNOTSUPP; /* no remote copy will be done */
1966 
1967 	prealloc_cf = ceph_alloc_cap_flush();
1968 	if (!prealloc_cf)
1969 		return -ENOMEM;
1970 
1971 	/* Start by sync'ing the source and destination files */
1972 	ret = file_write_and_wait_range(src_file, src_off, (src_off + len));
1973 	if (ret < 0) {
1974 		dout("failed to write src file (%zd)\n", ret);
1975 		goto out;
1976 	}
1977 	ret = file_write_and_wait_range(dst_file, dst_off, (dst_off + len));
1978 	if (ret < 0) {
1979 		dout("failed to write dst file (%zd)\n", ret);
1980 		goto out;
1981 	}
1982 
1983 	/*
1984 	 * We need FILE_WR caps for dst_ci and FILE_RD for src_ci as other
1985 	 * clients may have dirty data in their caches.  And OSDs know nothing
1986 	 * about caps, so they can't safely do the remote object copies.
1987 	 */
1988 	err = get_rd_wr_caps(src_file, &src_got,
1989 			     dst_file, (dst_off + len), &dst_got);
1990 	if (err < 0) {
1991 		dout("get_rd_wr_caps returned %d\n", err);
1992 		ret = -EOPNOTSUPP;
1993 		goto out;
1994 	}
1995 
1996 	ret = is_file_size_ok(src_inode, dst_inode, src_off, dst_off, len);
1997 	if (ret < 0)
1998 		goto out_caps;
1999 
2000 	size = i_size_read(dst_inode);
2001 	endoff = dst_off + len;
2002 
2003 	/* Drop dst file cached pages */
2004 	ret = invalidate_inode_pages2_range(dst_inode->i_mapping,
2005 					    dst_off >> PAGE_SHIFT,
2006 					    endoff >> PAGE_SHIFT);
2007 	if (ret < 0) {
2008 		dout("Failed to invalidate inode pages (%zd)\n", ret);
2009 		ret = 0; /* XXX */
2010 	}
2011 	src_oloc.pool = src_ci->i_layout.pool_id;
2012 	src_oloc.pool_ns = ceph_try_get_string(src_ci->i_layout.pool_ns);
2013 	dst_oloc.pool = dst_ci->i_layout.pool_id;
2014 	dst_oloc.pool_ns = ceph_try_get_string(dst_ci->i_layout.pool_ns);
2015 
2016 	ceph_calc_file_object_mapping(&src_ci->i_layout, src_off,
2017 				      src_ci->i_layout.object_size,
2018 				      &src_objnum, &src_objoff, &src_objlen);
2019 	ceph_calc_file_object_mapping(&dst_ci->i_layout, dst_off,
2020 				      dst_ci->i_layout.object_size,
2021 				      &dst_objnum, &dst_objoff, &dst_objlen);
2022 	/* object-level offsets need to the same */
2023 	if (src_objoff != dst_objoff) {
2024 		ret = -EOPNOTSUPP;
2025 		goto out_caps;
2026 	}
2027 
2028 	/*
2029 	 * Do a manual copy if the object offset isn't object aligned.
2030 	 * 'src_objlen' contains the bytes left until the end of the object,
2031 	 * starting at the src_off
2032 	 */
2033 	if (src_objoff) {
2034 		/*
2035 		 * we need to temporarily drop all caps as we'll be calling
2036 		 * {read,write}_iter, which will get caps again.
2037 		 */
2038 		put_rd_wr_caps(src_ci, src_got, dst_ci, dst_got);
2039 		ret = do_splice_direct(src_file, &src_off, dst_file,
2040 				       &dst_off, src_objlen, flags);
2041 		if (ret < 0) {
2042 			dout("do_splice_direct returned %d\n", err);
2043 			goto out;
2044 		}
2045 		len -= ret;
2046 		err = get_rd_wr_caps(src_file, &src_got,
2047 				     dst_file, (dst_off + len), &dst_got);
2048 		if (err < 0)
2049 			goto out;
2050 		err = is_file_size_ok(src_inode, dst_inode,
2051 				      src_off, dst_off, len);
2052 		if (err < 0)
2053 			goto out_caps;
2054 	}
2055 	object_size = src_ci->i_layout.object_size;
2056 	while (len >= object_size) {
2057 		ceph_calc_file_object_mapping(&src_ci->i_layout, src_off,
2058 					      object_size, &src_objnum,
2059 					      &src_objoff, &src_objlen);
2060 		ceph_calc_file_object_mapping(&dst_ci->i_layout, dst_off,
2061 					      object_size, &dst_objnum,
2062 					      &dst_objoff, &dst_objlen);
2063 		ceph_oid_init(&src_oid);
2064 		ceph_oid_printf(&src_oid, "%llx.%08llx",
2065 				src_ci->i_vino.ino, src_objnum);
2066 		ceph_oid_init(&dst_oid);
2067 		ceph_oid_printf(&dst_oid, "%llx.%08llx",
2068 				dst_ci->i_vino.ino, dst_objnum);
2069 		/* Do an object remote copy */
2070 		err = ceph_osdc_copy_from(
2071 			&src_fsc->client->osdc,
2072 			src_ci->i_vino.snap, 0,
2073 			&src_oid, &src_oloc,
2074 			CEPH_OSD_OP_FLAG_FADVISE_SEQUENTIAL |
2075 			CEPH_OSD_OP_FLAG_FADVISE_NOCACHE,
2076 			&dst_oid, &dst_oloc,
2077 			CEPH_OSD_OP_FLAG_FADVISE_SEQUENTIAL |
2078 			CEPH_OSD_OP_FLAG_FADVISE_DONTNEED, 0);
2079 		if (err) {
2080 			dout("ceph_osdc_copy_from returned %d\n", err);
2081 			if (!ret)
2082 				ret = err;
2083 			goto out_caps;
2084 		}
2085 		len -= object_size;
2086 		src_off += object_size;
2087 		dst_off += object_size;
2088 		ret += object_size;
2089 	}
2090 
2091 	if (len)
2092 		/* We still need one final local copy */
2093 		do_final_copy = true;
2094 
2095 	file_update_time(dst_file);
2096 	inode_inc_iversion_raw(dst_inode);
2097 
2098 	if (endoff > size) {
2099 		int caps_flags = 0;
2100 
2101 		/* Let the MDS know about dst file size change */
2102 		if (ceph_quota_is_max_bytes_approaching(dst_inode, endoff))
2103 			caps_flags |= CHECK_CAPS_NODELAY;
2104 		if (ceph_inode_set_size(dst_inode, endoff))
2105 			caps_flags |= CHECK_CAPS_AUTHONLY;
2106 		if (caps_flags)
2107 			ceph_check_caps(dst_ci, caps_flags, NULL);
2108 	}
2109 	/* Mark Fw dirty */
2110 	spin_lock(&dst_ci->i_ceph_lock);
2111 	dst_ci->i_inline_version = CEPH_INLINE_NONE;
2112 	dirty = __ceph_mark_dirty_caps(dst_ci, CEPH_CAP_FILE_WR, &prealloc_cf);
2113 	spin_unlock(&dst_ci->i_ceph_lock);
2114 	if (dirty)
2115 		__mark_inode_dirty(dst_inode, dirty);
2116 
2117 out_caps:
2118 	put_rd_wr_caps(src_ci, src_got, dst_ci, dst_got);
2119 
2120 	if (do_final_copy) {
2121 		err = do_splice_direct(src_file, &src_off, dst_file,
2122 				       &dst_off, len, flags);
2123 		if (err < 0) {
2124 			dout("do_splice_direct returned %d\n", err);
2125 			goto out;
2126 		}
2127 		len -= err;
2128 		ret += err;
2129 	}
2130 
2131 out:
2132 	ceph_free_cap_flush(prealloc_cf);
2133 
2134 	return ret;
2135 }
2136 
2137 static ssize_t ceph_copy_file_range(struct file *src_file, loff_t src_off,
2138 				    struct file *dst_file, loff_t dst_off,
2139 				    size_t len, unsigned int flags)
2140 {
2141 	ssize_t ret;
2142 
2143 	ret = __ceph_copy_file_range(src_file, src_off, dst_file, dst_off,
2144 				     len, flags);
2145 
2146 	if (ret == -EOPNOTSUPP || ret == -EXDEV)
2147 		ret = generic_copy_file_range(src_file, src_off, dst_file,
2148 					      dst_off, len, flags);
2149 	return ret;
2150 }
2151 
2152 const struct file_operations ceph_file_fops = {
2153 	.open = ceph_open,
2154 	.release = ceph_release,
2155 	.llseek = ceph_llseek,
2156 	.read_iter = ceph_read_iter,
2157 	.write_iter = ceph_write_iter,
2158 	.mmap = ceph_mmap,
2159 	.fsync = ceph_fsync,
2160 	.lock = ceph_lock,
2161 	.flock = ceph_flock,
2162 	.splice_read = generic_file_splice_read,
2163 	.splice_write = iter_file_splice_write,
2164 	.unlocked_ioctl = ceph_ioctl,
2165 	.compat_ioctl	= ceph_ioctl,
2166 	.fallocate	= ceph_fallocate,
2167 	.copy_file_range = ceph_copy_file_range,
2168 };
2169