1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * This file is part of UBIFS. 4 * 5 * Copyright (C) 2006-2008 Nokia Corporation. 6 * 7 * Authors: Adrian Hunter 8 * Artem Bityutskiy (Битюцкий Артём) 9 */ 10 11 /* This file implements TNC functions for committing */ 12 13 #include <linux/random.h> 14 #include "ubifs.h" 15 16 /** 17 * make_idx_node - make an index node for fill-the-gaps method of TNC commit. 18 * @c: UBIFS file-system description object 19 * @idx: buffer in which to place new index node 20 * @znode: znode from which to make new index node 21 * @lnum: LEB number where new index node will be written 22 * @offs: offset where new index node will be written 23 * @len: length of new index node 24 */ 25 static int make_idx_node(struct ubifs_info *c, struct ubifs_idx_node *idx, 26 struct ubifs_znode *znode, int lnum, int offs, int len) 27 { 28 struct ubifs_znode *zp; 29 u8 hash[UBIFS_HASH_ARR_SZ]; 30 int i, err; 31 32 /* Make index node */ 33 idx->ch.node_type = UBIFS_IDX_NODE; 34 idx->child_cnt = cpu_to_le16(znode->child_cnt); 35 idx->level = cpu_to_le16(znode->level); 36 for (i = 0; i < znode->child_cnt; i++) { 37 struct ubifs_branch *br = ubifs_idx_branch(c, idx, i); 38 struct ubifs_zbranch *zbr = &znode->zbranch[i]; 39 40 key_write_idx(c, &zbr->key, &br->key); 41 br->lnum = cpu_to_le32(zbr->lnum); 42 br->offs = cpu_to_le32(zbr->offs); 43 br->len = cpu_to_le32(zbr->len); 44 ubifs_copy_hash(c, zbr->hash, ubifs_branch_hash(c, br)); 45 if (!zbr->lnum || !zbr->len) { 46 ubifs_err(c, "bad ref in znode"); 47 ubifs_dump_znode(c, znode); 48 if (zbr->znode) 49 ubifs_dump_znode(c, zbr->znode); 50 51 return -EINVAL; 52 } 53 } 54 ubifs_prepare_node(c, idx, len, 0); 55 ubifs_node_calc_hash(c, idx, hash); 56 57 znode->lnum = lnum; 58 znode->offs = offs; 59 znode->len = len; 60 61 err = insert_old_idx_znode(c, znode); 62 63 /* Update the parent */ 64 zp = znode->parent; 65 if (zp) { 66 struct ubifs_zbranch *zbr; 67 68 zbr = &zp->zbranch[znode->iip]; 69 zbr->lnum = lnum; 70 zbr->offs = offs; 71 zbr->len = len; 72 ubifs_copy_hash(c, hash, zbr->hash); 73 } else { 74 c->zroot.lnum = lnum; 75 c->zroot.offs = offs; 76 c->zroot.len = len; 77 ubifs_copy_hash(c, hash, c->zroot.hash); 78 } 79 c->calc_idx_sz += ALIGN(len, 8); 80 81 atomic_long_dec(&c->dirty_zn_cnt); 82 83 ubifs_assert(c, ubifs_zn_dirty(znode)); 84 ubifs_assert(c, ubifs_zn_cow(znode)); 85 86 /* 87 * Note, unlike 'write_index()' we do not add memory barriers here 88 * because this function is called with @c->tnc_mutex locked. 89 */ 90 __clear_bit(DIRTY_ZNODE, &znode->flags); 91 __clear_bit(COW_ZNODE, &znode->flags); 92 93 return err; 94 } 95 96 /** 97 * fill_gap - make index nodes in gaps in dirty index LEBs. 98 * @c: UBIFS file-system description object 99 * @lnum: LEB number that gap appears in 100 * @gap_start: offset of start of gap 101 * @gap_end: offset of end of gap 102 * @dirt: adds dirty space to this 103 * 104 * This function returns the number of index nodes written into the gap. 105 */ 106 static int fill_gap(struct ubifs_info *c, int lnum, int gap_start, int gap_end, 107 int *dirt) 108 { 109 int len, gap_remains, gap_pos, written, pad_len; 110 111 ubifs_assert(c, (gap_start & 7) == 0); 112 ubifs_assert(c, (gap_end & 7) == 0); 113 ubifs_assert(c, gap_end >= gap_start); 114 115 gap_remains = gap_end - gap_start; 116 if (!gap_remains) 117 return 0; 118 gap_pos = gap_start; 119 written = 0; 120 while (c->enext) { 121 len = ubifs_idx_node_sz(c, c->enext->child_cnt); 122 if (len < gap_remains) { 123 struct ubifs_znode *znode = c->enext; 124 const int alen = ALIGN(len, 8); 125 int err; 126 127 ubifs_assert(c, alen <= gap_remains); 128 err = make_idx_node(c, c->ileb_buf + gap_pos, znode, 129 lnum, gap_pos, len); 130 if (err) 131 return err; 132 gap_remains -= alen; 133 gap_pos += alen; 134 c->enext = znode->cnext; 135 if (c->enext == c->cnext) 136 c->enext = NULL; 137 written += 1; 138 } else 139 break; 140 } 141 if (gap_end == c->leb_size) { 142 c->ileb_len = ALIGN(gap_pos, c->min_io_size); 143 /* Pad to end of min_io_size */ 144 pad_len = c->ileb_len - gap_pos; 145 } else 146 /* Pad to end of gap */ 147 pad_len = gap_remains; 148 dbg_gc("LEB %d:%d to %d len %d nodes written %d wasted bytes %d", 149 lnum, gap_start, gap_end, gap_end - gap_start, written, pad_len); 150 ubifs_pad(c, c->ileb_buf + gap_pos, pad_len); 151 *dirt += pad_len; 152 return written; 153 } 154 155 /** 156 * find_old_idx - find an index node obsoleted since the last commit start. 157 * @c: UBIFS file-system description object 158 * @lnum: LEB number of obsoleted index node 159 * @offs: offset of obsoleted index node 160 * 161 * Returns %1 if found and %0 otherwise. 162 */ 163 static int find_old_idx(struct ubifs_info *c, int lnum, int offs) 164 { 165 struct ubifs_old_idx *o; 166 struct rb_node *p; 167 168 p = c->old_idx.rb_node; 169 while (p) { 170 o = rb_entry(p, struct ubifs_old_idx, rb); 171 if (lnum < o->lnum) 172 p = p->rb_left; 173 else if (lnum > o->lnum) 174 p = p->rb_right; 175 else if (offs < o->offs) 176 p = p->rb_left; 177 else if (offs > o->offs) 178 p = p->rb_right; 179 else 180 return 1; 181 } 182 return 0; 183 } 184 185 /** 186 * is_idx_node_in_use - determine if an index node can be overwritten. 187 * @c: UBIFS file-system description object 188 * @key: key of index node 189 * @level: index node level 190 * @lnum: LEB number of index node 191 * @offs: offset of index node 192 * 193 * If @key / @lnum / @offs identify an index node that was not part of the old 194 * index, then this function returns %0 (obsolete). Else if the index node was 195 * part of the old index but is now dirty %1 is returned, else if it is clean %2 196 * is returned. A negative error code is returned on failure. 197 */ 198 static int is_idx_node_in_use(struct ubifs_info *c, union ubifs_key *key, 199 int level, int lnum, int offs) 200 { 201 int ret; 202 203 ret = is_idx_node_in_tnc(c, key, level, lnum, offs); 204 if (ret < 0) 205 return ret; /* Error code */ 206 if (ret == 0) 207 if (find_old_idx(c, lnum, offs)) 208 return 1; 209 return ret; 210 } 211 212 /** 213 * layout_leb_in_gaps - layout index nodes using in-the-gaps method. 214 * @c: UBIFS file-system description object 215 * @p: return LEB number in @c->gap_lebs[p] 216 * 217 * This function lays out new index nodes for dirty znodes using in-the-gaps 218 * method of TNC commit. 219 * This function merely puts the next znode into the next gap, making no attempt 220 * to try to maximise the number of znodes that fit. 221 * This function returns the number of index nodes written into the gaps, or a 222 * negative error code on failure. 223 */ 224 static int layout_leb_in_gaps(struct ubifs_info *c, int p) 225 { 226 struct ubifs_scan_leb *sleb; 227 struct ubifs_scan_node *snod; 228 int lnum, dirt = 0, gap_start, gap_end, err, written, tot_written; 229 230 tot_written = 0; 231 /* Get an index LEB with lots of obsolete index nodes */ 232 lnum = ubifs_find_dirty_idx_leb(c); 233 if (lnum < 0) 234 /* 235 * There also may be dirt in the index head that could be 236 * filled, however we do not check there at present. 237 */ 238 return lnum; /* Error code */ 239 c->gap_lebs[p] = lnum; 240 dbg_gc("LEB %d", lnum); 241 /* 242 * Scan the index LEB. We use the generic scan for this even though 243 * it is more comprehensive and less efficient than is needed for this 244 * purpose. 245 */ 246 sleb = ubifs_scan(c, lnum, 0, c->ileb_buf, 0); 247 c->ileb_len = 0; 248 if (IS_ERR(sleb)) 249 return PTR_ERR(sleb); 250 gap_start = 0; 251 list_for_each_entry(snod, &sleb->nodes, list) { 252 struct ubifs_idx_node *idx; 253 int in_use, level; 254 255 ubifs_assert(c, snod->type == UBIFS_IDX_NODE); 256 idx = snod->node; 257 key_read(c, ubifs_idx_key(c, idx), &snod->key); 258 level = le16_to_cpu(idx->level); 259 /* Determine if the index node is in use (not obsolete) */ 260 in_use = is_idx_node_in_use(c, &snod->key, level, lnum, 261 snod->offs); 262 if (in_use < 0) { 263 ubifs_scan_destroy(sleb); 264 return in_use; /* Error code */ 265 } 266 if (in_use) { 267 if (in_use == 1) 268 dirt += ALIGN(snod->len, 8); 269 /* 270 * The obsolete index nodes form gaps that can be 271 * overwritten. This gap has ended because we have 272 * found an index node that is still in use 273 * i.e. not obsolete 274 */ 275 gap_end = snod->offs; 276 /* Try to fill gap */ 277 written = fill_gap(c, lnum, gap_start, gap_end, &dirt); 278 if (written < 0) { 279 ubifs_scan_destroy(sleb); 280 return written; /* Error code */ 281 } 282 tot_written += written; 283 gap_start = ALIGN(snod->offs + snod->len, 8); 284 } 285 } 286 ubifs_scan_destroy(sleb); 287 c->ileb_len = c->leb_size; 288 gap_end = c->leb_size; 289 /* Try to fill gap */ 290 written = fill_gap(c, lnum, gap_start, gap_end, &dirt); 291 if (written < 0) 292 return written; /* Error code */ 293 tot_written += written; 294 if (tot_written == 0) { 295 struct ubifs_lprops lp; 296 297 dbg_gc("LEB %d wrote %d index nodes", lnum, tot_written); 298 err = ubifs_read_one_lp(c, lnum, &lp); 299 if (err) 300 return err; 301 if (lp.free == c->leb_size) { 302 /* 303 * We must have snatched this LEB from the idx_gc list 304 * so we need to correct the free and dirty space. 305 */ 306 err = ubifs_change_one_lp(c, lnum, 307 c->leb_size - c->ileb_len, 308 dirt, 0, 0, 0); 309 if (err) 310 return err; 311 } 312 return 0; 313 } 314 err = ubifs_change_one_lp(c, lnum, c->leb_size - c->ileb_len, dirt, 315 0, 0, 0); 316 if (err) 317 return err; 318 err = ubifs_leb_change(c, lnum, c->ileb_buf, c->ileb_len); 319 if (err) 320 return err; 321 dbg_gc("LEB %d wrote %d index nodes", lnum, tot_written); 322 return tot_written; 323 } 324 325 /** 326 * get_leb_cnt - calculate the number of empty LEBs needed to commit. 327 * @c: UBIFS file-system description object 328 * @cnt: number of znodes to commit 329 * 330 * This function returns the number of empty LEBs needed to commit @cnt znodes 331 * to the current index head. The number is not exact and may be more than 332 * needed. 333 */ 334 static int get_leb_cnt(struct ubifs_info *c, int cnt) 335 { 336 int d; 337 338 /* Assume maximum index node size (i.e. overestimate space needed) */ 339 cnt -= (c->leb_size - c->ihead_offs) / c->max_idx_node_sz; 340 if (cnt < 0) 341 cnt = 0; 342 d = c->leb_size / c->max_idx_node_sz; 343 return DIV_ROUND_UP(cnt, d); 344 } 345 346 /** 347 * layout_in_gaps - in-the-gaps method of committing TNC. 348 * @c: UBIFS file-system description object 349 * @cnt: number of dirty znodes to commit. 350 * 351 * This function lays out new index nodes for dirty znodes using in-the-gaps 352 * method of TNC commit. 353 * 354 * This function returns %0 on success and a negative error code on failure. 355 */ 356 static int layout_in_gaps(struct ubifs_info *c, int cnt) 357 { 358 int err, leb_needed_cnt, written, p = 0, old_idx_lebs, *gap_lebs; 359 360 dbg_gc("%d znodes to write", cnt); 361 362 c->gap_lebs = kmalloc_objs(int, c->lst.idx_lebs + 1, GFP_NOFS); 363 if (!c->gap_lebs) 364 return -ENOMEM; 365 366 old_idx_lebs = c->lst.idx_lebs; 367 do { 368 ubifs_assert(c, p < c->lst.idx_lebs); 369 written = layout_leb_in_gaps(c, p); 370 if (written < 0) { 371 err = written; 372 if (err != -ENOSPC) { 373 kfree(c->gap_lebs); 374 c->gap_lebs = NULL; 375 return err; 376 } 377 if (!dbg_is_chk_index(c)) { 378 /* 379 * Do not print scary warnings if the debugging 380 * option which forces in-the-gaps is enabled. 381 */ 382 ubifs_warn(c, "out of space"); 383 ubifs_dump_budg(c, &c->bi); 384 ubifs_dump_lprops(c); 385 } 386 /* Try to commit anyway */ 387 break; 388 } 389 p++; 390 cnt -= written; 391 leb_needed_cnt = get_leb_cnt(c, cnt); 392 dbg_gc("%d znodes remaining, need %d LEBs, have %d", cnt, 393 leb_needed_cnt, c->ileb_cnt); 394 /* 395 * Dynamically change the size of @c->gap_lebs to prevent 396 * oob, because @c->lst.idx_lebs could be increased by 397 * function @get_idx_gc_leb (called by layout_leb_in_gaps-> 398 * ubifs_find_dirty_idx_leb) during loop. Only enlarge 399 * @c->gap_lebs when needed. 400 * 401 */ 402 if (leb_needed_cnt > c->ileb_cnt && p >= old_idx_lebs && 403 old_idx_lebs < c->lst.idx_lebs) { 404 old_idx_lebs = c->lst.idx_lebs; 405 gap_lebs = krealloc(c->gap_lebs, sizeof(int) * 406 (old_idx_lebs + 1), GFP_NOFS); 407 if (!gap_lebs) { 408 kfree(c->gap_lebs); 409 c->gap_lebs = NULL; 410 return -ENOMEM; 411 } 412 c->gap_lebs = gap_lebs; 413 } 414 } while (leb_needed_cnt > c->ileb_cnt); 415 416 c->gap_lebs[p] = -1; 417 return 0; 418 } 419 420 /** 421 * layout_in_empty_space - layout index nodes in empty space. 422 * @c: UBIFS file-system description object 423 * 424 * This function lays out new index nodes for dirty znodes using empty LEBs. 425 * 426 * This function returns %0 on success and a negative error code on failure. 427 */ 428 static int layout_in_empty_space(struct ubifs_info *c) 429 { 430 struct ubifs_znode *znode, *cnext, *zp; 431 int lnum, offs, len, next_len, buf_len, buf_offs, used, avail; 432 int wlen, blen, err; 433 434 cnext = c->enext; 435 if (!cnext) 436 return 0; 437 438 lnum = c->ihead_lnum; 439 buf_offs = c->ihead_offs; 440 441 buf_len = ubifs_idx_node_sz(c, c->fanout); 442 buf_len = ALIGN(buf_len, c->min_io_size); 443 used = 0; 444 avail = buf_len; 445 446 /* Ensure there is enough room for first write */ 447 next_len = ubifs_idx_node_sz(c, cnext->child_cnt); 448 if (buf_offs + next_len > c->leb_size) 449 lnum = -1; 450 451 while (1) { 452 znode = cnext; 453 454 len = ubifs_idx_node_sz(c, znode->child_cnt); 455 456 /* Determine the index node position */ 457 if (lnum == -1) { 458 if (c->ileb_nxt >= c->ileb_cnt) { 459 ubifs_err(c, "out of space"); 460 return -ENOSPC; 461 } 462 lnum = c->ilebs[c->ileb_nxt++]; 463 buf_offs = 0; 464 used = 0; 465 avail = buf_len; 466 } 467 468 offs = buf_offs + used; 469 470 znode->lnum = lnum; 471 znode->offs = offs; 472 znode->len = len; 473 474 /* Update the parent */ 475 zp = znode->parent; 476 if (zp) { 477 struct ubifs_zbranch *zbr; 478 int i; 479 480 i = znode->iip; 481 zbr = &zp->zbranch[i]; 482 zbr->lnum = lnum; 483 zbr->offs = offs; 484 zbr->len = len; 485 } else { 486 c->zroot.lnum = lnum; 487 c->zroot.offs = offs; 488 c->zroot.len = len; 489 } 490 c->calc_idx_sz += ALIGN(len, 8); 491 492 /* 493 * Once lprops is updated, we can decrease the dirty znode count 494 * but it is easier to just do it here. 495 */ 496 atomic_long_dec(&c->dirty_zn_cnt); 497 498 /* 499 * Calculate the next index node length to see if there is 500 * enough room for it 501 */ 502 cnext = znode->cnext; 503 if (cnext == c->cnext) 504 next_len = 0; 505 else 506 next_len = ubifs_idx_node_sz(c, cnext->child_cnt); 507 508 /* Update buffer positions */ 509 wlen = used + len; 510 used += ALIGN(len, 8); 511 avail -= ALIGN(len, 8); 512 513 if (next_len != 0 && 514 buf_offs + used + next_len <= c->leb_size && 515 avail > 0) 516 continue; 517 518 if (avail <= 0 && next_len && 519 buf_offs + used + next_len <= c->leb_size) 520 blen = buf_len; 521 else 522 blen = ALIGN(wlen, c->min_io_size); 523 524 /* The buffer is full or there are no more znodes to do */ 525 buf_offs += blen; 526 if (next_len) { 527 if (buf_offs + next_len > c->leb_size) { 528 err = ubifs_update_one_lp(c, lnum, 529 c->leb_size - buf_offs, blen - used, 530 0, 0); 531 if (err) 532 return err; 533 lnum = -1; 534 } 535 used -= blen; 536 if (used < 0) 537 used = 0; 538 avail = buf_len - used; 539 continue; 540 } 541 err = ubifs_update_one_lp(c, lnum, c->leb_size - buf_offs, 542 blen - used, 0, 0); 543 if (err) 544 return err; 545 break; 546 } 547 548 c->dbg->new_ihead_lnum = lnum; 549 c->dbg->new_ihead_offs = buf_offs; 550 551 return 0; 552 } 553 554 /** 555 * layout_commit - determine positions of index nodes to commit. 556 * @c: UBIFS file-system description object 557 * @no_space: indicates that insufficient empty LEBs were allocated 558 * @cnt: number of znodes to commit 559 * 560 * Calculate and update the positions of index nodes to commit. If there were 561 * an insufficient number of empty LEBs allocated, then index nodes are placed 562 * into the gaps created by obsolete index nodes in non-empty index LEBs. For 563 * this purpose, an obsolete index node is one that was not in the index as at 564 * the end of the last commit. To write "in-the-gaps" requires that those index 565 * LEBs are updated atomically in-place. 566 */ 567 static int layout_commit(struct ubifs_info *c, int no_space, int cnt) 568 { 569 int err; 570 571 if (no_space) { 572 err = layout_in_gaps(c, cnt); 573 if (err) 574 return err; 575 } 576 err = layout_in_empty_space(c); 577 return err; 578 } 579 580 /** 581 * find_first_dirty - find first dirty znode. 582 * @znode: znode to begin searching from 583 */ 584 static struct ubifs_znode *find_first_dirty(struct ubifs_znode *znode) 585 { 586 int i, cont; 587 588 if (!znode) 589 return NULL; 590 591 while (1) { 592 if (znode->level == 0) { 593 if (ubifs_zn_dirty(znode)) 594 return znode; 595 return NULL; 596 } 597 cont = 0; 598 for (i = 0; i < znode->child_cnt; i++) { 599 struct ubifs_zbranch *zbr = &znode->zbranch[i]; 600 601 if (zbr->znode && ubifs_zn_dirty(zbr->znode)) { 602 znode = zbr->znode; 603 cont = 1; 604 break; 605 } 606 } 607 if (!cont) { 608 if (ubifs_zn_dirty(znode)) 609 return znode; 610 return NULL; 611 } 612 } 613 } 614 615 /** 616 * find_next_dirty - find next dirty znode. 617 * @znode: znode to begin searching from 618 */ 619 static struct ubifs_znode *find_next_dirty(struct ubifs_znode *znode) 620 { 621 int n = znode->iip + 1; 622 623 znode = znode->parent; 624 if (!znode) 625 return NULL; 626 for (; n < znode->child_cnt; n++) { 627 struct ubifs_zbranch *zbr = &znode->zbranch[n]; 628 629 if (zbr->znode && ubifs_zn_dirty(zbr->znode)) 630 return find_first_dirty(zbr->znode); 631 } 632 return znode; 633 } 634 635 /** 636 * get_znodes_to_commit - create list of dirty znodes to commit. 637 * @c: UBIFS file-system description object 638 * 639 * This function returns the number of znodes to commit. 640 */ 641 static int get_znodes_to_commit(struct ubifs_info *c) 642 { 643 struct ubifs_znode *znode, *cnext; 644 int cnt = 0; 645 646 c->cnext = find_first_dirty(c->zroot.znode); 647 znode = c->enext = c->cnext; 648 if (!znode) { 649 dbg_cmt("no znodes to commit"); 650 return 0; 651 } 652 cnt += 1; 653 while (1) { 654 ubifs_assert(c, !ubifs_zn_cow(znode)); 655 __set_bit(COW_ZNODE, &znode->flags); 656 znode->alt = 0; 657 cnext = find_next_dirty(znode); 658 if (!cnext) { 659 ubifs_assert(c, !znode->parent); 660 znode->cparent = NULL; 661 znode->cnext = c->cnext; 662 break; 663 } 664 znode->cparent = znode->parent; 665 znode->ciip = znode->iip; 666 znode->cnext = cnext; 667 znode = cnext; 668 cnt += 1; 669 } 670 dbg_cmt("committing %d znodes", cnt); 671 ubifs_assert(c, cnt == atomic_long_read(&c->dirty_zn_cnt)); 672 return cnt; 673 } 674 675 /** 676 * alloc_idx_lebs - allocate empty LEBs to be used to commit. 677 * @c: UBIFS file-system description object 678 * @cnt: number of znodes to commit 679 * 680 * This function returns %-ENOSPC if it cannot allocate a sufficient number of 681 * empty LEBs. %0 is returned on success, otherwise a negative error code 682 * is returned. 683 */ 684 static int alloc_idx_lebs(struct ubifs_info *c, int cnt) 685 { 686 int i, leb_cnt, lnum; 687 688 c->ileb_cnt = 0; 689 c->ileb_nxt = 0; 690 leb_cnt = get_leb_cnt(c, cnt); 691 dbg_cmt("need about %d empty LEBS for TNC commit", leb_cnt); 692 if (!leb_cnt) 693 return 0; 694 c->ilebs = kmalloc_objs(int, leb_cnt, GFP_NOFS); 695 if (!c->ilebs) 696 return -ENOMEM; 697 for (i = 0; i < leb_cnt; i++) { 698 lnum = ubifs_find_free_leb_for_idx(c); 699 if (lnum < 0) 700 return lnum; 701 c->ilebs[c->ileb_cnt++] = lnum; 702 dbg_cmt("LEB %d", lnum); 703 } 704 if (dbg_is_chk_index(c) && !get_random_u32_below(8)) 705 return -ENOSPC; 706 return 0; 707 } 708 709 /** 710 * free_unused_idx_lebs - free unused LEBs that were allocated for the commit. 711 * @c: UBIFS file-system description object 712 * 713 * It is possible that we allocate more empty LEBs for the commit than we need. 714 * This functions frees the surplus. 715 * 716 * This function returns %0 on success and a negative error code on failure. 717 */ 718 static int free_unused_idx_lebs(struct ubifs_info *c) 719 { 720 int i, err = 0, lnum, er; 721 722 for (i = c->ileb_nxt; i < c->ileb_cnt; i++) { 723 lnum = c->ilebs[i]; 724 dbg_cmt("LEB %d", lnum); 725 er = ubifs_change_one_lp(c, lnum, LPROPS_NC, LPROPS_NC, 0, 726 LPROPS_INDEX | LPROPS_TAKEN, 0); 727 if (!err) 728 err = er; 729 } 730 return err; 731 } 732 733 /** 734 * free_idx_lebs - free unused LEBs after commit end. 735 * @c: UBIFS file-system description object 736 * 737 * This function returns %0 on success and a negative error code on failure. 738 */ 739 static int free_idx_lebs(struct ubifs_info *c) 740 { 741 int err; 742 743 err = free_unused_idx_lebs(c); 744 kfree(c->ilebs); 745 c->ilebs = NULL; 746 return err; 747 } 748 749 /** 750 * ubifs_tnc_start_commit - start TNC commit. 751 * @c: UBIFS file-system description object 752 * @zroot: new index root position is returned here 753 * 754 * This function prepares the list of indexing nodes to commit and lays out 755 * their positions on flash. If there is not enough free space it uses the 756 * in-gap commit method. Returns zero in case of success and a negative error 757 * code in case of failure. 758 */ 759 int ubifs_tnc_start_commit(struct ubifs_info *c, struct ubifs_zbranch *zroot) 760 { 761 int err = 0, cnt; 762 763 mutex_lock(&c->tnc_mutex); 764 err = dbg_check_tnc(c, 1); 765 if (err) 766 goto out; 767 cnt = get_znodes_to_commit(c); 768 if (cnt != 0) { 769 int no_space = 0; 770 771 err = alloc_idx_lebs(c, cnt); 772 if (err == -ENOSPC) 773 no_space = 1; 774 else if (err) 775 goto out_free; 776 err = layout_commit(c, no_space, cnt); 777 if (err) 778 goto out_free; 779 ubifs_assert(c, atomic_long_read(&c->dirty_zn_cnt) == 0); 780 err = free_unused_idx_lebs(c); 781 if (err) 782 goto out; 783 } 784 destroy_old_idx(c); 785 memcpy(zroot, &c->zroot, sizeof(struct ubifs_zbranch)); 786 787 err = ubifs_save_dirty_idx_lnums(c); 788 if (err) 789 goto out; 790 791 spin_lock(&c->space_lock); 792 /* 793 * Although we have not finished committing yet, update size of the 794 * committed index ('c->bi.old_idx_sz') and zero out the index growth 795 * budget. It is OK to do this now, because we've reserved all the 796 * space which is needed to commit the index, and it is save for the 797 * budgeting subsystem to assume the index is already committed, 798 * even though it is not. 799 */ 800 ubifs_assert(c, c->bi.min_idx_lebs == ubifs_calc_min_idx_lebs(c)); 801 c->bi.old_idx_sz = c->calc_idx_sz; 802 c->bi.uncommitted_idx = 0; 803 c->bi.min_idx_lebs = ubifs_calc_min_idx_lebs(c); 804 spin_unlock(&c->space_lock); 805 mutex_unlock(&c->tnc_mutex); 806 807 dbg_cmt("number of index LEBs %d", c->lst.idx_lebs); 808 dbg_cmt("size of index %llu", c->calc_idx_sz); 809 return err; 810 811 out_free: 812 free_idx_lebs(c); 813 out: 814 mutex_unlock(&c->tnc_mutex); 815 return err; 816 } 817 818 /** 819 * write_index - write index nodes. 820 * @c: UBIFS file-system description object 821 * 822 * This function writes the index nodes whose positions were laid out in the 823 * layout_in_empty_space function. 824 */ 825 static int write_index(struct ubifs_info *c) 826 { 827 struct ubifs_idx_node *idx; 828 struct ubifs_znode *znode, *cnext; 829 int i, lnum, offs, len, next_len, buf_len, buf_offs, used; 830 int avail, wlen, err, lnum_pos = 0, blen, nxt_offs; 831 832 cnext = c->enext; 833 if (!cnext) 834 return 0; 835 836 /* 837 * Always write index nodes to the index head so that index nodes and 838 * other types of nodes are never mixed in the same erase block. 839 */ 840 lnum = c->ihead_lnum; 841 buf_offs = c->ihead_offs; 842 843 /* Allocate commit buffer */ 844 buf_len = ALIGN(c->max_idx_node_sz, c->min_io_size); 845 used = 0; 846 avail = buf_len; 847 848 /* Ensure there is enough room for first write */ 849 next_len = ubifs_idx_node_sz(c, cnext->child_cnt); 850 if (buf_offs + next_len > c->leb_size) { 851 err = ubifs_update_one_lp(c, lnum, LPROPS_NC, 0, 0, 852 LPROPS_TAKEN); 853 if (err) 854 return err; 855 lnum = -1; 856 } 857 858 while (1) { 859 u8 hash[UBIFS_HASH_ARR_SZ]; 860 861 cond_resched(); 862 863 znode = cnext; 864 idx = c->cbuf + used; 865 866 /* Make index node */ 867 idx->ch.node_type = UBIFS_IDX_NODE; 868 idx->child_cnt = cpu_to_le16(znode->child_cnt); 869 idx->level = cpu_to_le16(znode->level); 870 for (i = 0; i < znode->child_cnt; i++) { 871 struct ubifs_branch *br = ubifs_idx_branch(c, idx, i); 872 struct ubifs_zbranch *zbr = &znode->zbranch[i]; 873 874 key_write_idx(c, &zbr->key, &br->key); 875 br->lnum = cpu_to_le32(zbr->lnum); 876 br->offs = cpu_to_le32(zbr->offs); 877 br->len = cpu_to_le32(zbr->len); 878 ubifs_copy_hash(c, zbr->hash, ubifs_branch_hash(c, br)); 879 if (!zbr->lnum || !zbr->len) { 880 ubifs_err(c, "bad ref in znode"); 881 ubifs_dump_znode(c, znode); 882 if (zbr->znode) 883 ubifs_dump_znode(c, zbr->znode); 884 885 return -EINVAL; 886 } 887 } 888 len = ubifs_idx_node_sz(c, znode->child_cnt); 889 ubifs_prepare_node(c, idx, len, 0); 890 ubifs_node_calc_hash(c, idx, hash); 891 892 mutex_lock(&c->tnc_mutex); 893 894 if (znode->cparent) 895 ubifs_copy_hash(c, hash, 896 znode->cparent->zbranch[znode->ciip].hash); 897 898 if (znode->parent) { 899 if (!ubifs_zn_obsolete(znode)) 900 ubifs_copy_hash(c, hash, 901 znode->parent->zbranch[znode->iip].hash); 902 } else { 903 ubifs_copy_hash(c, hash, c->zroot.hash); 904 } 905 906 mutex_unlock(&c->tnc_mutex); 907 908 /* Determine the index node position */ 909 if (lnum == -1) { 910 lnum = c->ilebs[lnum_pos++]; 911 buf_offs = 0; 912 used = 0; 913 avail = buf_len; 914 } 915 offs = buf_offs + used; 916 917 if (lnum != znode->lnum || offs != znode->offs || 918 len != znode->len) { 919 ubifs_err(c, "inconsistent znode posn"); 920 return -EINVAL; 921 } 922 923 /* Grab some stuff from znode while we still can */ 924 cnext = znode->cnext; 925 926 ubifs_assert(c, ubifs_zn_dirty(znode)); 927 ubifs_assert(c, ubifs_zn_cow(znode)); 928 929 /* 930 * It is important that other threads should see %DIRTY_ZNODE 931 * flag cleared before %COW_ZNODE. Specifically, it matters in 932 * the 'dirty_cow_znode()' function. This is the reason for the 933 * first barrier. Also, we want the bit changes to be seen to 934 * other threads ASAP, to avoid unnecessary copying, which is 935 * the reason for the second barrier. 936 */ 937 clear_bit(DIRTY_ZNODE, &znode->flags); 938 smp_mb__before_atomic(); 939 clear_bit(COW_ZNODE, &znode->flags); 940 smp_mb__after_atomic(); 941 942 /* 943 * We have marked the znode as clean but have not updated the 944 * @c->clean_zn_cnt counter. If this znode becomes dirty again 945 * before 'free_obsolete_znodes()' is called, then 946 * @c->clean_zn_cnt will be decremented before it gets 947 * incremented (resulting in 2 decrements for the same znode). 948 * This means that @c->clean_zn_cnt may become negative for a 949 * while. 950 * 951 * Q: why we cannot increment @c->clean_zn_cnt? 952 * A: because we do not have the @c->tnc_mutex locked, and the 953 * following code would be racy and buggy: 954 * 955 * if (!ubifs_zn_obsolete(znode)) { 956 * atomic_long_inc(&c->clean_zn_cnt); 957 * atomic_long_inc(&ubifs_clean_zn_cnt); 958 * } 959 * 960 * Thus, we just delay the @c->clean_zn_cnt update until we 961 * have the mutex locked. 962 */ 963 964 /* Do not access znode from this point on */ 965 966 /* Update buffer positions */ 967 wlen = used + len; 968 used += ALIGN(len, 8); 969 avail -= ALIGN(len, 8); 970 971 /* 972 * Calculate the next index node length to see if there is 973 * enough room for it 974 */ 975 if (cnext == c->cnext) 976 next_len = 0; 977 else 978 next_len = ubifs_idx_node_sz(c, cnext->child_cnt); 979 980 nxt_offs = buf_offs + used + next_len; 981 if (next_len && nxt_offs <= c->leb_size) { 982 if (avail > 0) 983 continue; 984 else 985 blen = buf_len; 986 } else { 987 wlen = ALIGN(wlen, 8); 988 blen = ALIGN(wlen, c->min_io_size); 989 ubifs_pad(c, c->cbuf + wlen, blen - wlen); 990 } 991 992 /* The buffer is full or there are no more znodes to do */ 993 err = ubifs_leb_write(c, lnum, c->cbuf, buf_offs, blen); 994 if (err) 995 return err; 996 buf_offs += blen; 997 if (next_len) { 998 if (nxt_offs > c->leb_size) { 999 err = ubifs_update_one_lp(c, lnum, LPROPS_NC, 0, 1000 0, LPROPS_TAKEN); 1001 if (err) 1002 return err; 1003 lnum = -1; 1004 } 1005 used -= blen; 1006 if (used < 0) 1007 used = 0; 1008 avail = buf_len - used; 1009 memmove(c->cbuf, c->cbuf + blen, used); 1010 continue; 1011 } 1012 break; 1013 } 1014 1015 if (lnum != c->dbg->new_ihead_lnum || 1016 buf_offs != c->dbg->new_ihead_offs) { 1017 ubifs_err(c, "inconsistent ihead"); 1018 return -EINVAL; 1019 } 1020 1021 c->ihead_lnum = lnum; 1022 c->ihead_offs = buf_offs; 1023 1024 return 0; 1025 } 1026 1027 /** 1028 * free_obsolete_znodes - free obsolete znodes. 1029 * @c: UBIFS file-system description object 1030 * 1031 * At the end of commit end, obsolete znodes are freed. 1032 */ 1033 static void free_obsolete_znodes(struct ubifs_info *c) 1034 { 1035 struct ubifs_znode *znode, *cnext; 1036 1037 cnext = c->cnext; 1038 do { 1039 znode = cnext; 1040 cnext = znode->cnext; 1041 if (ubifs_zn_obsolete(znode)) 1042 kfree(znode); 1043 else { 1044 znode->cnext = NULL; 1045 atomic_long_inc(&c->clean_zn_cnt); 1046 atomic_long_inc(&ubifs_clean_zn_cnt); 1047 } 1048 } while (cnext != c->cnext); 1049 } 1050 1051 /** 1052 * return_gap_lebs - return LEBs used by the in-gap commit method. 1053 * @c: UBIFS file-system description object 1054 * 1055 * This function clears the "taken" flag for the LEBs which were used by the 1056 * "commit in-the-gaps" method. 1057 */ 1058 static int return_gap_lebs(struct ubifs_info *c) 1059 { 1060 int *p, err; 1061 1062 if (!c->gap_lebs) 1063 return 0; 1064 1065 dbg_cmt(""); 1066 for (p = c->gap_lebs; *p != -1; p++) { 1067 err = ubifs_change_one_lp(c, *p, LPROPS_NC, LPROPS_NC, 0, 1068 LPROPS_TAKEN, 0); 1069 if (err) 1070 return err; 1071 } 1072 1073 kfree(c->gap_lebs); 1074 c->gap_lebs = NULL; 1075 return 0; 1076 } 1077 1078 /** 1079 * ubifs_tnc_end_commit - update the TNC for commit end. 1080 * @c: UBIFS file-system description object 1081 * 1082 * Write the dirty znodes. 1083 */ 1084 int ubifs_tnc_end_commit(struct ubifs_info *c) 1085 { 1086 int err; 1087 1088 if (!c->cnext) 1089 return 0; 1090 1091 err = return_gap_lebs(c); 1092 if (err) 1093 return err; 1094 1095 err = write_index(c); 1096 if (err) 1097 return err; 1098 1099 mutex_lock(&c->tnc_mutex); 1100 1101 dbg_cmt("TNC height is %d", c->zroot.znode->level + 1); 1102 1103 free_obsolete_znodes(c); 1104 1105 c->cnext = NULL; 1106 kfree(c->ilebs); 1107 c->ilebs = NULL; 1108 1109 mutex_unlock(&c->tnc_mutex); 1110 1111 return 0; 1112 } 1113