1 /* 2 * Resizable virtual memory filesystem for Linux. 3 * 4 * Copyright (C) 2000 Linus Torvalds. 5 * 2000 Transmeta Corp. 6 * 2000-2001 Christoph Rohland 7 * 2000-2001 SAP AG 8 * 2002 Red Hat Inc. 9 * Copyright (C) 2002-2005 Hugh Dickins. 10 * Copyright (C) 2002-2005 VERITAS Software Corporation. 11 * Copyright (C) 2004 Andi Kleen, SuSE Labs 12 * 13 * Extended attribute support for tmpfs: 14 * Copyright (c) 2004, Luke Kenneth Casson Leighton <lkcl@lkcl.net> 15 * Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com> 16 * 17 * tiny-shmem: 18 * Copyright (c) 2004, 2008 Matt Mackall <mpm@selenic.com> 19 * 20 * This file is released under the GPL. 21 */ 22 23 #include <linux/fs.h> 24 #include <linux/init.h> 25 #include <linux/vfs.h> 26 #include <linux/mount.h> 27 #include <linux/pagemap.h> 28 #include <linux/file.h> 29 #include <linux/mm.h> 30 #include <linux/module.h> 31 #include <linux/percpu_counter.h> 32 #include <linux/swap.h> 33 34 static struct vfsmount *shm_mnt; 35 36 #ifdef CONFIG_SHMEM 37 /* 38 * This virtual memory filesystem is heavily based on the ramfs. It 39 * extends ramfs by the ability to use swap and honor resource limits 40 * which makes it a completely usable filesystem. 41 */ 42 43 #include <linux/xattr.h> 44 #include <linux/exportfs.h> 45 #include <linux/posix_acl.h> 46 #include <linux/generic_acl.h> 47 #include <linux/mman.h> 48 #include <linux/string.h> 49 #include <linux/slab.h> 50 #include <linux/backing-dev.h> 51 #include <linux/shmem_fs.h> 52 #include <linux/writeback.h> 53 #include <linux/blkdev.h> 54 #include <linux/security.h> 55 #include <linux/swapops.h> 56 #include <linux/mempolicy.h> 57 #include <linux/namei.h> 58 #include <linux/ctype.h> 59 #include <linux/migrate.h> 60 #include <linux/highmem.h> 61 #include <linux/seq_file.h> 62 #include <linux/magic.h> 63 64 #include <asm/uaccess.h> 65 #include <asm/div64.h> 66 #include <asm/pgtable.h> 67 68 /* 69 * The maximum size of a shmem/tmpfs file is limited by the maximum size of 70 * its triple-indirect swap vector - see illustration at shmem_swp_entry(). 71 * 72 * With 4kB page size, maximum file size is just over 2TB on a 32-bit kernel, 73 * but one eighth of that on a 64-bit kernel. With 8kB page size, maximum 74 * file size is just over 4TB on a 64-bit kernel, but 16TB on a 32-bit kernel, 75 * MAX_LFS_FILESIZE being then more restrictive than swap vector layout. 76 * 77 * We use / and * instead of shifts in the definitions below, so that the swap 78 * vector can be tested with small even values (e.g. 20) for ENTRIES_PER_PAGE. 79 */ 80 #define ENTRIES_PER_PAGE (PAGE_CACHE_SIZE/sizeof(unsigned long)) 81 #define ENTRIES_PER_PAGEPAGE ((unsigned long long)ENTRIES_PER_PAGE*ENTRIES_PER_PAGE) 82 83 #define SHMSWP_MAX_INDEX (SHMEM_NR_DIRECT + (ENTRIES_PER_PAGEPAGE/2) * (ENTRIES_PER_PAGE+1)) 84 #define SHMSWP_MAX_BYTES (SHMSWP_MAX_INDEX << PAGE_CACHE_SHIFT) 85 86 #define SHMEM_MAX_BYTES min_t(unsigned long long, SHMSWP_MAX_BYTES, MAX_LFS_FILESIZE) 87 #define SHMEM_MAX_INDEX ((unsigned long)((SHMEM_MAX_BYTES+1) >> PAGE_CACHE_SHIFT)) 88 89 #define BLOCKS_PER_PAGE (PAGE_CACHE_SIZE/512) 90 #define VM_ACCT(size) (PAGE_CACHE_ALIGN(size) >> PAGE_SHIFT) 91 92 /* info->flags needs VM_flags to handle pagein/truncate races efficiently */ 93 #define SHMEM_PAGEIN VM_READ 94 #define SHMEM_TRUNCATE VM_WRITE 95 96 /* Definition to limit shmem_truncate's steps between cond_rescheds */ 97 #define LATENCY_LIMIT 64 98 99 /* Pretend that each entry is of this size in directory's i_size */ 100 #define BOGO_DIRENT_SIZE 20 101 102 struct shmem_xattr { 103 struct list_head list; /* anchored by shmem_inode_info->xattr_list */ 104 char *name; /* xattr name */ 105 size_t size; 106 char value[0]; 107 }; 108 109 /* Flag allocation requirements to shmem_getpage and shmem_swp_alloc */ 110 enum sgp_type { 111 SGP_READ, /* don't exceed i_size, don't allocate page */ 112 SGP_CACHE, /* don't exceed i_size, may allocate page */ 113 SGP_DIRTY, /* like SGP_CACHE, but set new page dirty */ 114 SGP_WRITE, /* may exceed i_size, may allocate page */ 115 }; 116 117 #ifdef CONFIG_TMPFS 118 static unsigned long shmem_default_max_blocks(void) 119 { 120 return totalram_pages / 2; 121 } 122 123 static unsigned long shmem_default_max_inodes(void) 124 { 125 return min(totalram_pages - totalhigh_pages, totalram_pages / 2); 126 } 127 #endif 128 129 static int shmem_getpage(struct inode *inode, unsigned long idx, 130 struct page **pagep, enum sgp_type sgp, int *type); 131 132 static inline struct page *shmem_dir_alloc(gfp_t gfp_mask) 133 { 134 /* 135 * The above definition of ENTRIES_PER_PAGE, and the use of 136 * BLOCKS_PER_PAGE on indirect pages, assume PAGE_CACHE_SIZE: 137 * might be reconsidered if it ever diverges from PAGE_SIZE. 138 * 139 * Mobility flags are masked out as swap vectors cannot move 140 */ 141 return alloc_pages((gfp_mask & ~GFP_MOVABLE_MASK) | __GFP_ZERO, 142 PAGE_CACHE_SHIFT-PAGE_SHIFT); 143 } 144 145 static inline void shmem_dir_free(struct page *page) 146 { 147 __free_pages(page, PAGE_CACHE_SHIFT-PAGE_SHIFT); 148 } 149 150 static struct page **shmem_dir_map(struct page *page) 151 { 152 return (struct page **)kmap_atomic(page, KM_USER0); 153 } 154 155 static inline void shmem_dir_unmap(struct page **dir) 156 { 157 kunmap_atomic(dir, KM_USER0); 158 } 159 160 static swp_entry_t *shmem_swp_map(struct page *page) 161 { 162 return (swp_entry_t *)kmap_atomic(page, KM_USER1); 163 } 164 165 static inline void shmem_swp_balance_unmap(void) 166 { 167 /* 168 * When passing a pointer to an i_direct entry, to code which 169 * also handles indirect entries and so will shmem_swp_unmap, 170 * we must arrange for the preempt count to remain in balance. 171 * What kmap_atomic of a lowmem page does depends on config 172 * and architecture, so pretend to kmap_atomic some lowmem page. 173 */ 174 (void) kmap_atomic(ZERO_PAGE(0), KM_USER1); 175 } 176 177 static inline void shmem_swp_unmap(swp_entry_t *entry) 178 { 179 kunmap_atomic(entry, KM_USER1); 180 } 181 182 static inline struct shmem_sb_info *SHMEM_SB(struct super_block *sb) 183 { 184 return sb->s_fs_info; 185 } 186 187 /* 188 * shmem_file_setup pre-accounts the whole fixed size of a VM object, 189 * for shared memory and for shared anonymous (/dev/zero) mappings 190 * (unless MAP_NORESERVE and sysctl_overcommit_memory <= 1), 191 * consistent with the pre-accounting of private mappings ... 192 */ 193 static inline int shmem_acct_size(unsigned long flags, loff_t size) 194 { 195 return (flags & VM_NORESERVE) ? 196 0 : security_vm_enough_memory_kern(VM_ACCT(size)); 197 } 198 199 static inline void shmem_unacct_size(unsigned long flags, loff_t size) 200 { 201 if (!(flags & VM_NORESERVE)) 202 vm_unacct_memory(VM_ACCT(size)); 203 } 204 205 /* 206 * ... whereas tmpfs objects are accounted incrementally as 207 * pages are allocated, in order to allow huge sparse files. 208 * shmem_getpage reports shmem_acct_block failure as -ENOSPC not -ENOMEM, 209 * so that a failure on a sparse tmpfs mapping will give SIGBUS not OOM. 210 */ 211 static inline int shmem_acct_block(unsigned long flags) 212 { 213 return (flags & VM_NORESERVE) ? 214 security_vm_enough_memory_kern(VM_ACCT(PAGE_CACHE_SIZE)) : 0; 215 } 216 217 static inline void shmem_unacct_blocks(unsigned long flags, long pages) 218 { 219 if (flags & VM_NORESERVE) 220 vm_unacct_memory(pages * VM_ACCT(PAGE_CACHE_SIZE)); 221 } 222 223 static const struct super_operations shmem_ops; 224 static const struct address_space_operations shmem_aops; 225 static const struct file_operations shmem_file_operations; 226 static const struct inode_operations shmem_inode_operations; 227 static const struct inode_operations shmem_dir_inode_operations; 228 static const struct inode_operations shmem_special_inode_operations; 229 static const struct vm_operations_struct shmem_vm_ops; 230 231 static struct backing_dev_info shmem_backing_dev_info __read_mostly = { 232 .ra_pages = 0, /* No readahead */ 233 .capabilities = BDI_CAP_NO_ACCT_AND_WRITEBACK | BDI_CAP_SWAP_BACKED, 234 }; 235 236 static LIST_HEAD(shmem_swaplist); 237 static DEFINE_MUTEX(shmem_swaplist_mutex); 238 239 static void shmem_free_blocks(struct inode *inode, long pages) 240 { 241 struct shmem_sb_info *sbinfo = SHMEM_SB(inode->i_sb); 242 if (sbinfo->max_blocks) { 243 percpu_counter_add(&sbinfo->used_blocks, -pages); 244 spin_lock(&inode->i_lock); 245 inode->i_blocks -= pages*BLOCKS_PER_PAGE; 246 spin_unlock(&inode->i_lock); 247 } 248 } 249 250 static int shmem_reserve_inode(struct super_block *sb) 251 { 252 struct shmem_sb_info *sbinfo = SHMEM_SB(sb); 253 if (sbinfo->max_inodes) { 254 spin_lock(&sbinfo->stat_lock); 255 if (!sbinfo->free_inodes) { 256 spin_unlock(&sbinfo->stat_lock); 257 return -ENOSPC; 258 } 259 sbinfo->free_inodes--; 260 spin_unlock(&sbinfo->stat_lock); 261 } 262 return 0; 263 } 264 265 static void shmem_free_inode(struct super_block *sb) 266 { 267 struct shmem_sb_info *sbinfo = SHMEM_SB(sb); 268 if (sbinfo->max_inodes) { 269 spin_lock(&sbinfo->stat_lock); 270 sbinfo->free_inodes++; 271 spin_unlock(&sbinfo->stat_lock); 272 } 273 } 274 275 /** 276 * shmem_recalc_inode - recalculate the size of an inode 277 * @inode: inode to recalc 278 * 279 * We have to calculate the free blocks since the mm can drop 280 * undirtied hole pages behind our back. 281 * 282 * But normally info->alloced == inode->i_mapping->nrpages + info->swapped 283 * So mm freed is info->alloced - (inode->i_mapping->nrpages + info->swapped) 284 * 285 * It has to be called with the spinlock held. 286 */ 287 static void shmem_recalc_inode(struct inode *inode) 288 { 289 struct shmem_inode_info *info = SHMEM_I(inode); 290 long freed; 291 292 freed = info->alloced - info->swapped - inode->i_mapping->nrpages; 293 if (freed > 0) { 294 info->alloced -= freed; 295 shmem_unacct_blocks(info->flags, freed); 296 shmem_free_blocks(inode, freed); 297 } 298 } 299 300 /** 301 * shmem_swp_entry - find the swap vector position in the info structure 302 * @info: info structure for the inode 303 * @index: index of the page to find 304 * @page: optional page to add to the structure. Has to be preset to 305 * all zeros 306 * 307 * If there is no space allocated yet it will return NULL when 308 * page is NULL, else it will use the page for the needed block, 309 * setting it to NULL on return to indicate that it has been used. 310 * 311 * The swap vector is organized the following way: 312 * 313 * There are SHMEM_NR_DIRECT entries directly stored in the 314 * shmem_inode_info structure. So small files do not need an addional 315 * allocation. 316 * 317 * For pages with index > SHMEM_NR_DIRECT there is the pointer 318 * i_indirect which points to a page which holds in the first half 319 * doubly indirect blocks, in the second half triple indirect blocks: 320 * 321 * For an artificial ENTRIES_PER_PAGE = 4 this would lead to the 322 * following layout (for SHMEM_NR_DIRECT == 16): 323 * 324 * i_indirect -> dir --> 16-19 325 * | +-> 20-23 326 * | 327 * +-->dir2 --> 24-27 328 * | +-> 28-31 329 * | +-> 32-35 330 * | +-> 36-39 331 * | 332 * +-->dir3 --> 40-43 333 * +-> 44-47 334 * +-> 48-51 335 * +-> 52-55 336 */ 337 static swp_entry_t *shmem_swp_entry(struct shmem_inode_info *info, unsigned long index, struct page **page) 338 { 339 unsigned long offset; 340 struct page **dir; 341 struct page *subdir; 342 343 if (index < SHMEM_NR_DIRECT) { 344 shmem_swp_balance_unmap(); 345 return info->i_direct+index; 346 } 347 if (!info->i_indirect) { 348 if (page) { 349 info->i_indirect = *page; 350 *page = NULL; 351 } 352 return NULL; /* need another page */ 353 } 354 355 index -= SHMEM_NR_DIRECT; 356 offset = index % ENTRIES_PER_PAGE; 357 index /= ENTRIES_PER_PAGE; 358 dir = shmem_dir_map(info->i_indirect); 359 360 if (index >= ENTRIES_PER_PAGE/2) { 361 index -= ENTRIES_PER_PAGE/2; 362 dir += ENTRIES_PER_PAGE/2 + index/ENTRIES_PER_PAGE; 363 index %= ENTRIES_PER_PAGE; 364 subdir = *dir; 365 if (!subdir) { 366 if (page) { 367 *dir = *page; 368 *page = NULL; 369 } 370 shmem_dir_unmap(dir); 371 return NULL; /* need another page */ 372 } 373 shmem_dir_unmap(dir); 374 dir = shmem_dir_map(subdir); 375 } 376 377 dir += index; 378 subdir = *dir; 379 if (!subdir) { 380 if (!page || !(subdir = *page)) { 381 shmem_dir_unmap(dir); 382 return NULL; /* need a page */ 383 } 384 *dir = subdir; 385 *page = NULL; 386 } 387 shmem_dir_unmap(dir); 388 return shmem_swp_map(subdir) + offset; 389 } 390 391 static void shmem_swp_set(struct shmem_inode_info *info, swp_entry_t *entry, unsigned long value) 392 { 393 long incdec = value? 1: -1; 394 395 entry->val = value; 396 info->swapped += incdec; 397 if ((unsigned long)(entry - info->i_direct) >= SHMEM_NR_DIRECT) { 398 struct page *page = kmap_atomic_to_page(entry); 399 set_page_private(page, page_private(page) + incdec); 400 } 401 } 402 403 /** 404 * shmem_swp_alloc - get the position of the swap entry for the page. 405 * @info: info structure for the inode 406 * @index: index of the page to find 407 * @sgp: check and recheck i_size? skip allocation? 408 * 409 * If the entry does not exist, allocate it. 410 */ 411 static swp_entry_t *shmem_swp_alloc(struct shmem_inode_info *info, unsigned long index, enum sgp_type sgp) 412 { 413 struct inode *inode = &info->vfs_inode; 414 struct shmem_sb_info *sbinfo = SHMEM_SB(inode->i_sb); 415 struct page *page = NULL; 416 swp_entry_t *entry; 417 418 if (sgp != SGP_WRITE && 419 ((loff_t) index << PAGE_CACHE_SHIFT) >= i_size_read(inode)) 420 return ERR_PTR(-EINVAL); 421 422 while (!(entry = shmem_swp_entry(info, index, &page))) { 423 if (sgp == SGP_READ) 424 return shmem_swp_map(ZERO_PAGE(0)); 425 /* 426 * Test used_blocks against 1 less max_blocks, since we have 1 data 427 * page (and perhaps indirect index pages) yet to allocate: 428 * a waste to allocate index if we cannot allocate data. 429 */ 430 if (sbinfo->max_blocks) { 431 if (percpu_counter_compare(&sbinfo->used_blocks, 432 sbinfo->max_blocks - 1) >= 0) 433 return ERR_PTR(-ENOSPC); 434 percpu_counter_inc(&sbinfo->used_blocks); 435 spin_lock(&inode->i_lock); 436 inode->i_blocks += BLOCKS_PER_PAGE; 437 spin_unlock(&inode->i_lock); 438 } 439 440 spin_unlock(&info->lock); 441 page = shmem_dir_alloc(mapping_gfp_mask(inode->i_mapping)); 442 spin_lock(&info->lock); 443 444 if (!page) { 445 shmem_free_blocks(inode, 1); 446 return ERR_PTR(-ENOMEM); 447 } 448 if (sgp != SGP_WRITE && 449 ((loff_t) index << PAGE_CACHE_SHIFT) >= i_size_read(inode)) { 450 entry = ERR_PTR(-EINVAL); 451 break; 452 } 453 if (info->next_index <= index) 454 info->next_index = index + 1; 455 } 456 if (page) { 457 /* another task gave its page, or truncated the file */ 458 shmem_free_blocks(inode, 1); 459 shmem_dir_free(page); 460 } 461 if (info->next_index <= index && !IS_ERR(entry)) 462 info->next_index = index + 1; 463 return entry; 464 } 465 466 /** 467 * shmem_free_swp - free some swap entries in a directory 468 * @dir: pointer to the directory 469 * @edir: pointer after last entry of the directory 470 * @punch_lock: pointer to spinlock when needed for the holepunch case 471 */ 472 static int shmem_free_swp(swp_entry_t *dir, swp_entry_t *edir, 473 spinlock_t *punch_lock) 474 { 475 spinlock_t *punch_unlock = NULL; 476 swp_entry_t *ptr; 477 int freed = 0; 478 479 for (ptr = dir; ptr < edir; ptr++) { 480 if (ptr->val) { 481 if (unlikely(punch_lock)) { 482 punch_unlock = punch_lock; 483 punch_lock = NULL; 484 spin_lock(punch_unlock); 485 if (!ptr->val) 486 continue; 487 } 488 free_swap_and_cache(*ptr); 489 *ptr = (swp_entry_t){0}; 490 freed++; 491 } 492 } 493 if (punch_unlock) 494 spin_unlock(punch_unlock); 495 return freed; 496 } 497 498 static int shmem_map_and_free_swp(struct page *subdir, int offset, 499 int limit, struct page ***dir, spinlock_t *punch_lock) 500 { 501 swp_entry_t *ptr; 502 int freed = 0; 503 504 ptr = shmem_swp_map(subdir); 505 for (; offset < limit; offset += LATENCY_LIMIT) { 506 int size = limit - offset; 507 if (size > LATENCY_LIMIT) 508 size = LATENCY_LIMIT; 509 freed += shmem_free_swp(ptr+offset, ptr+offset+size, 510 punch_lock); 511 if (need_resched()) { 512 shmem_swp_unmap(ptr); 513 if (*dir) { 514 shmem_dir_unmap(*dir); 515 *dir = NULL; 516 } 517 cond_resched(); 518 ptr = shmem_swp_map(subdir); 519 } 520 } 521 shmem_swp_unmap(ptr); 522 return freed; 523 } 524 525 static void shmem_free_pages(struct list_head *next) 526 { 527 struct page *page; 528 int freed = 0; 529 530 do { 531 page = container_of(next, struct page, lru); 532 next = next->next; 533 shmem_dir_free(page); 534 freed++; 535 if (freed >= LATENCY_LIMIT) { 536 cond_resched(); 537 freed = 0; 538 } 539 } while (next); 540 } 541 542 static void shmem_truncate_range(struct inode *inode, loff_t start, loff_t end) 543 { 544 struct shmem_inode_info *info = SHMEM_I(inode); 545 unsigned long idx; 546 unsigned long size; 547 unsigned long limit; 548 unsigned long stage; 549 unsigned long diroff; 550 struct page **dir; 551 struct page *topdir; 552 struct page *middir; 553 struct page *subdir; 554 swp_entry_t *ptr; 555 LIST_HEAD(pages_to_free); 556 long nr_pages_to_free = 0; 557 long nr_swaps_freed = 0; 558 int offset; 559 int freed; 560 int punch_hole; 561 spinlock_t *needs_lock; 562 spinlock_t *punch_lock; 563 unsigned long upper_limit; 564 565 inode->i_ctime = inode->i_mtime = CURRENT_TIME; 566 idx = (start + PAGE_CACHE_SIZE - 1) >> PAGE_CACHE_SHIFT; 567 if (idx >= info->next_index) 568 return; 569 570 spin_lock(&info->lock); 571 info->flags |= SHMEM_TRUNCATE; 572 if (likely(end == (loff_t) -1)) { 573 limit = info->next_index; 574 upper_limit = SHMEM_MAX_INDEX; 575 info->next_index = idx; 576 needs_lock = NULL; 577 punch_hole = 0; 578 } else { 579 if (end + 1 >= inode->i_size) { /* we may free a little more */ 580 limit = (inode->i_size + PAGE_CACHE_SIZE - 1) >> 581 PAGE_CACHE_SHIFT; 582 upper_limit = SHMEM_MAX_INDEX; 583 } else { 584 limit = (end + 1) >> PAGE_CACHE_SHIFT; 585 upper_limit = limit; 586 } 587 needs_lock = &info->lock; 588 punch_hole = 1; 589 } 590 591 topdir = info->i_indirect; 592 if (topdir && idx <= SHMEM_NR_DIRECT && !punch_hole) { 593 info->i_indirect = NULL; 594 nr_pages_to_free++; 595 list_add(&topdir->lru, &pages_to_free); 596 } 597 spin_unlock(&info->lock); 598 599 if (info->swapped && idx < SHMEM_NR_DIRECT) { 600 ptr = info->i_direct; 601 size = limit; 602 if (size > SHMEM_NR_DIRECT) 603 size = SHMEM_NR_DIRECT; 604 nr_swaps_freed = shmem_free_swp(ptr+idx, ptr+size, needs_lock); 605 } 606 607 /* 608 * If there are no indirect blocks or we are punching a hole 609 * below indirect blocks, nothing to be done. 610 */ 611 if (!topdir || limit <= SHMEM_NR_DIRECT) 612 goto done2; 613 614 /* 615 * The truncation case has already dropped info->lock, and we're safe 616 * because i_size and next_index have already been lowered, preventing 617 * access beyond. But in the punch_hole case, we still need to take 618 * the lock when updating the swap directory, because there might be 619 * racing accesses by shmem_getpage(SGP_CACHE), shmem_unuse_inode or 620 * shmem_writepage. However, whenever we find we can remove a whole 621 * directory page (not at the misaligned start or end of the range), 622 * we first NULLify its pointer in the level above, and then have no 623 * need to take the lock when updating its contents: needs_lock and 624 * punch_lock (either pointing to info->lock or NULL) manage this. 625 */ 626 627 upper_limit -= SHMEM_NR_DIRECT; 628 limit -= SHMEM_NR_DIRECT; 629 idx = (idx > SHMEM_NR_DIRECT)? (idx - SHMEM_NR_DIRECT): 0; 630 offset = idx % ENTRIES_PER_PAGE; 631 idx -= offset; 632 633 dir = shmem_dir_map(topdir); 634 stage = ENTRIES_PER_PAGEPAGE/2; 635 if (idx < ENTRIES_PER_PAGEPAGE/2) { 636 middir = topdir; 637 diroff = idx/ENTRIES_PER_PAGE; 638 } else { 639 dir += ENTRIES_PER_PAGE/2; 640 dir += (idx - ENTRIES_PER_PAGEPAGE/2)/ENTRIES_PER_PAGEPAGE; 641 while (stage <= idx) 642 stage += ENTRIES_PER_PAGEPAGE; 643 middir = *dir; 644 if (*dir) { 645 diroff = ((idx - ENTRIES_PER_PAGEPAGE/2) % 646 ENTRIES_PER_PAGEPAGE) / ENTRIES_PER_PAGE; 647 if (!diroff && !offset && upper_limit >= stage) { 648 if (needs_lock) { 649 spin_lock(needs_lock); 650 *dir = NULL; 651 spin_unlock(needs_lock); 652 needs_lock = NULL; 653 } else 654 *dir = NULL; 655 nr_pages_to_free++; 656 list_add(&middir->lru, &pages_to_free); 657 } 658 shmem_dir_unmap(dir); 659 dir = shmem_dir_map(middir); 660 } else { 661 diroff = 0; 662 offset = 0; 663 idx = stage; 664 } 665 } 666 667 for (; idx < limit; idx += ENTRIES_PER_PAGE, diroff++) { 668 if (unlikely(idx == stage)) { 669 shmem_dir_unmap(dir); 670 dir = shmem_dir_map(topdir) + 671 ENTRIES_PER_PAGE/2 + idx/ENTRIES_PER_PAGEPAGE; 672 while (!*dir) { 673 dir++; 674 idx += ENTRIES_PER_PAGEPAGE; 675 if (idx >= limit) 676 goto done1; 677 } 678 stage = idx + ENTRIES_PER_PAGEPAGE; 679 middir = *dir; 680 if (punch_hole) 681 needs_lock = &info->lock; 682 if (upper_limit >= stage) { 683 if (needs_lock) { 684 spin_lock(needs_lock); 685 *dir = NULL; 686 spin_unlock(needs_lock); 687 needs_lock = NULL; 688 } else 689 *dir = NULL; 690 nr_pages_to_free++; 691 list_add(&middir->lru, &pages_to_free); 692 } 693 shmem_dir_unmap(dir); 694 cond_resched(); 695 dir = shmem_dir_map(middir); 696 diroff = 0; 697 } 698 punch_lock = needs_lock; 699 subdir = dir[diroff]; 700 if (subdir && !offset && upper_limit-idx >= ENTRIES_PER_PAGE) { 701 if (needs_lock) { 702 spin_lock(needs_lock); 703 dir[diroff] = NULL; 704 spin_unlock(needs_lock); 705 punch_lock = NULL; 706 } else 707 dir[diroff] = NULL; 708 nr_pages_to_free++; 709 list_add(&subdir->lru, &pages_to_free); 710 } 711 if (subdir && page_private(subdir) /* has swap entries */) { 712 size = limit - idx; 713 if (size > ENTRIES_PER_PAGE) 714 size = ENTRIES_PER_PAGE; 715 freed = shmem_map_and_free_swp(subdir, 716 offset, size, &dir, punch_lock); 717 if (!dir) 718 dir = shmem_dir_map(middir); 719 nr_swaps_freed += freed; 720 if (offset || punch_lock) { 721 spin_lock(&info->lock); 722 set_page_private(subdir, 723 page_private(subdir) - freed); 724 spin_unlock(&info->lock); 725 } else 726 BUG_ON(page_private(subdir) != freed); 727 } 728 offset = 0; 729 } 730 done1: 731 shmem_dir_unmap(dir); 732 done2: 733 if (inode->i_mapping->nrpages && (info->flags & SHMEM_PAGEIN)) { 734 /* 735 * Call truncate_inode_pages again: racing shmem_unuse_inode 736 * may have swizzled a page in from swap since 737 * truncate_pagecache or generic_delete_inode did it, before we 738 * lowered next_index. Also, though shmem_getpage checks 739 * i_size before adding to cache, no recheck after: so fix the 740 * narrow window there too. 741 * 742 * Recalling truncate_inode_pages_range and unmap_mapping_range 743 * every time for punch_hole (which never got a chance to clear 744 * SHMEM_PAGEIN at the start of vmtruncate_range) is expensive, 745 * yet hardly ever necessary: try to optimize them out later. 746 */ 747 truncate_inode_pages_range(inode->i_mapping, start, end); 748 if (punch_hole) 749 unmap_mapping_range(inode->i_mapping, start, 750 end - start, 1); 751 } 752 753 spin_lock(&info->lock); 754 info->flags &= ~SHMEM_TRUNCATE; 755 info->swapped -= nr_swaps_freed; 756 if (nr_pages_to_free) 757 shmem_free_blocks(inode, nr_pages_to_free); 758 shmem_recalc_inode(inode); 759 spin_unlock(&info->lock); 760 761 /* 762 * Empty swap vector directory pages to be freed? 763 */ 764 if (!list_empty(&pages_to_free)) { 765 pages_to_free.prev->next = NULL; 766 shmem_free_pages(pages_to_free.next); 767 } 768 } 769 770 static int shmem_notify_change(struct dentry *dentry, struct iattr *attr) 771 { 772 struct inode *inode = dentry->d_inode; 773 loff_t newsize = attr->ia_size; 774 int error; 775 776 error = inode_change_ok(inode, attr); 777 if (error) 778 return error; 779 780 if (S_ISREG(inode->i_mode) && (attr->ia_valid & ATTR_SIZE) 781 && newsize != inode->i_size) { 782 struct page *page = NULL; 783 784 if (newsize < inode->i_size) { 785 /* 786 * If truncating down to a partial page, then 787 * if that page is already allocated, hold it 788 * in memory until the truncation is over, so 789 * truncate_partial_page cannot miss it were 790 * it assigned to swap. 791 */ 792 if (newsize & (PAGE_CACHE_SIZE-1)) { 793 (void) shmem_getpage(inode, 794 newsize >> PAGE_CACHE_SHIFT, 795 &page, SGP_READ, NULL); 796 if (page) 797 unlock_page(page); 798 } 799 /* 800 * Reset SHMEM_PAGEIN flag so that shmem_truncate can 801 * detect if any pages might have been added to cache 802 * after truncate_inode_pages. But we needn't bother 803 * if it's being fully truncated to zero-length: the 804 * nrpages check is efficient enough in that case. 805 */ 806 if (newsize) { 807 struct shmem_inode_info *info = SHMEM_I(inode); 808 spin_lock(&info->lock); 809 info->flags &= ~SHMEM_PAGEIN; 810 spin_unlock(&info->lock); 811 } 812 } 813 814 /* XXX(truncate): truncate_setsize should be called last */ 815 truncate_setsize(inode, newsize); 816 if (page) 817 page_cache_release(page); 818 shmem_truncate_range(inode, newsize, (loff_t)-1); 819 } 820 821 setattr_copy(inode, attr); 822 #ifdef CONFIG_TMPFS_POSIX_ACL 823 if (attr->ia_valid & ATTR_MODE) 824 error = generic_acl_chmod(inode); 825 #endif 826 return error; 827 } 828 829 static void shmem_evict_inode(struct inode *inode) 830 { 831 struct shmem_inode_info *info = SHMEM_I(inode); 832 struct shmem_xattr *xattr, *nxattr; 833 834 if (inode->i_mapping->a_ops == &shmem_aops) { 835 truncate_inode_pages(inode->i_mapping, 0); 836 shmem_unacct_size(info->flags, inode->i_size); 837 inode->i_size = 0; 838 shmem_truncate_range(inode, 0, (loff_t)-1); 839 if (!list_empty(&info->swaplist)) { 840 mutex_lock(&shmem_swaplist_mutex); 841 list_del_init(&info->swaplist); 842 mutex_unlock(&shmem_swaplist_mutex); 843 } 844 } 845 846 list_for_each_entry_safe(xattr, nxattr, &info->xattr_list, list) { 847 kfree(xattr->name); 848 kfree(xattr); 849 } 850 BUG_ON(inode->i_blocks); 851 shmem_free_inode(inode->i_sb); 852 end_writeback(inode); 853 } 854 855 static inline int shmem_find_swp(swp_entry_t entry, swp_entry_t *dir, swp_entry_t *edir) 856 { 857 swp_entry_t *ptr; 858 859 for (ptr = dir; ptr < edir; ptr++) { 860 if (ptr->val == entry.val) 861 return ptr - dir; 862 } 863 return -1; 864 } 865 866 static int shmem_unuse_inode(struct shmem_inode_info *info, swp_entry_t entry, struct page *page) 867 { 868 struct address_space *mapping; 869 unsigned long idx; 870 unsigned long size; 871 unsigned long limit; 872 unsigned long stage; 873 struct page **dir; 874 struct page *subdir; 875 swp_entry_t *ptr; 876 int offset; 877 int error; 878 879 idx = 0; 880 ptr = info->i_direct; 881 spin_lock(&info->lock); 882 if (!info->swapped) { 883 list_del_init(&info->swaplist); 884 goto lost2; 885 } 886 limit = info->next_index; 887 size = limit; 888 if (size > SHMEM_NR_DIRECT) 889 size = SHMEM_NR_DIRECT; 890 offset = shmem_find_swp(entry, ptr, ptr+size); 891 if (offset >= 0) { 892 shmem_swp_balance_unmap(); 893 goto found; 894 } 895 if (!info->i_indirect) 896 goto lost2; 897 898 dir = shmem_dir_map(info->i_indirect); 899 stage = SHMEM_NR_DIRECT + ENTRIES_PER_PAGEPAGE/2; 900 901 for (idx = SHMEM_NR_DIRECT; idx < limit; idx += ENTRIES_PER_PAGE, dir++) { 902 if (unlikely(idx == stage)) { 903 shmem_dir_unmap(dir-1); 904 if (cond_resched_lock(&info->lock)) { 905 /* check it has not been truncated */ 906 if (limit > info->next_index) { 907 limit = info->next_index; 908 if (idx >= limit) 909 goto lost2; 910 } 911 } 912 dir = shmem_dir_map(info->i_indirect) + 913 ENTRIES_PER_PAGE/2 + idx/ENTRIES_PER_PAGEPAGE; 914 while (!*dir) { 915 dir++; 916 idx += ENTRIES_PER_PAGEPAGE; 917 if (idx >= limit) 918 goto lost1; 919 } 920 stage = idx + ENTRIES_PER_PAGEPAGE; 921 subdir = *dir; 922 shmem_dir_unmap(dir); 923 dir = shmem_dir_map(subdir); 924 } 925 subdir = *dir; 926 if (subdir && page_private(subdir)) { 927 ptr = shmem_swp_map(subdir); 928 size = limit - idx; 929 if (size > ENTRIES_PER_PAGE) 930 size = ENTRIES_PER_PAGE; 931 offset = shmem_find_swp(entry, ptr, ptr+size); 932 shmem_swp_unmap(ptr); 933 if (offset >= 0) { 934 shmem_dir_unmap(dir); 935 ptr = shmem_swp_map(subdir); 936 goto found; 937 } 938 } 939 } 940 lost1: 941 shmem_dir_unmap(dir-1); 942 lost2: 943 spin_unlock(&info->lock); 944 return 0; 945 found: 946 idx += offset; 947 ptr += offset; 948 949 /* 950 * Move _head_ to start search for next from here. 951 * But be careful: shmem_evict_inode checks list_empty without taking 952 * mutex, and there's an instant in list_move_tail when info->swaplist 953 * would appear empty, if it were the only one on shmem_swaplist. We 954 * could avoid doing it if inode NULL; or use this minor optimization. 955 */ 956 if (shmem_swaplist.next != &info->swaplist) 957 list_move_tail(&shmem_swaplist, &info->swaplist); 958 959 /* 960 * We rely on shmem_swaplist_mutex, not only to protect the swaplist, 961 * but also to hold up shmem_evict_inode(): so inode cannot be freed 962 * beneath us (pagelock doesn't help until the page is in pagecache). 963 */ 964 mapping = info->vfs_inode.i_mapping; 965 error = add_to_page_cache_locked(page, mapping, idx, GFP_NOWAIT); 966 /* which does mem_cgroup_uncharge_cache_page on error */ 967 968 if (error == -EEXIST) { 969 struct page *filepage = find_get_page(mapping, idx); 970 error = 1; 971 if (filepage) { 972 /* 973 * There might be a more uptodate page coming down 974 * from a stacked writepage: forget our swappage if so. 975 */ 976 if (PageUptodate(filepage)) 977 error = 0; 978 page_cache_release(filepage); 979 } 980 } 981 if (!error) { 982 delete_from_swap_cache(page); 983 set_page_dirty(page); 984 info->flags |= SHMEM_PAGEIN; 985 shmem_swp_set(info, ptr, 0); 986 swap_free(entry); 987 error = 1; /* not an error, but entry was found */ 988 } 989 shmem_swp_unmap(ptr); 990 spin_unlock(&info->lock); 991 return error; 992 } 993 994 /* 995 * shmem_unuse() search for an eventually swapped out shmem page. 996 */ 997 int shmem_unuse(swp_entry_t entry, struct page *page) 998 { 999 struct list_head *p, *next; 1000 struct shmem_inode_info *info; 1001 int found = 0; 1002 int error; 1003 1004 /* 1005 * Charge page using GFP_KERNEL while we can wait, before taking 1006 * the shmem_swaplist_mutex which might hold up shmem_writepage(). 1007 * Charged back to the user (not to caller) when swap account is used. 1008 * add_to_page_cache() will be called with GFP_NOWAIT. 1009 */ 1010 error = mem_cgroup_cache_charge(page, current->mm, GFP_KERNEL); 1011 if (error) 1012 goto out; 1013 /* 1014 * Try to preload while we can wait, to not make a habit of 1015 * draining atomic reserves; but don't latch on to this cpu, 1016 * it's okay if sometimes we get rescheduled after this. 1017 */ 1018 error = radix_tree_preload(GFP_KERNEL); 1019 if (error) 1020 goto uncharge; 1021 radix_tree_preload_end(); 1022 1023 mutex_lock(&shmem_swaplist_mutex); 1024 list_for_each_safe(p, next, &shmem_swaplist) { 1025 info = list_entry(p, struct shmem_inode_info, swaplist); 1026 found = shmem_unuse_inode(info, entry, page); 1027 cond_resched(); 1028 if (found) 1029 break; 1030 } 1031 mutex_unlock(&shmem_swaplist_mutex); 1032 1033 uncharge: 1034 if (!found) 1035 mem_cgroup_uncharge_cache_page(page); 1036 if (found < 0) 1037 error = found; 1038 out: 1039 unlock_page(page); 1040 page_cache_release(page); 1041 return error; 1042 } 1043 1044 /* 1045 * Move the page from the page cache to the swap cache. 1046 */ 1047 static int shmem_writepage(struct page *page, struct writeback_control *wbc) 1048 { 1049 struct shmem_inode_info *info; 1050 swp_entry_t *entry, swap; 1051 struct address_space *mapping; 1052 unsigned long index; 1053 struct inode *inode; 1054 1055 BUG_ON(!PageLocked(page)); 1056 mapping = page->mapping; 1057 index = page->index; 1058 inode = mapping->host; 1059 info = SHMEM_I(inode); 1060 if (info->flags & VM_LOCKED) 1061 goto redirty; 1062 if (!total_swap_pages) 1063 goto redirty; 1064 1065 /* 1066 * shmem_backing_dev_info's capabilities prevent regular writeback or 1067 * sync from ever calling shmem_writepage; but a stacking filesystem 1068 * may use the ->writepage of its underlying filesystem, in which case 1069 * tmpfs should write out to swap only in response to memory pressure, 1070 * and not for the writeback threads or sync. However, in those cases, 1071 * we do still want to check if there's a redundant swappage to be 1072 * discarded. 1073 */ 1074 if (wbc->for_reclaim) 1075 swap = get_swap_page(); 1076 else 1077 swap.val = 0; 1078 1079 /* 1080 * Add inode to shmem_unuse()'s list of swapped-out inodes, 1081 * if it's not already there. Do it now because we cannot take 1082 * mutex while holding spinlock, and must do so before the page 1083 * is moved to swap cache, when its pagelock no longer protects 1084 * the inode from eviction. But don't unlock the mutex until 1085 * we've taken the spinlock, because shmem_unuse_inode() will 1086 * prune a !swapped inode from the swaplist under both locks. 1087 */ 1088 if (swap.val) { 1089 mutex_lock(&shmem_swaplist_mutex); 1090 if (list_empty(&info->swaplist)) 1091 list_add_tail(&info->swaplist, &shmem_swaplist); 1092 } 1093 1094 spin_lock(&info->lock); 1095 if (swap.val) 1096 mutex_unlock(&shmem_swaplist_mutex); 1097 1098 if (index >= info->next_index) { 1099 BUG_ON(!(info->flags & SHMEM_TRUNCATE)); 1100 goto unlock; 1101 } 1102 entry = shmem_swp_entry(info, index, NULL); 1103 if (entry->val) { 1104 /* 1105 * The more uptodate page coming down from a stacked 1106 * writepage should replace our old swappage. 1107 */ 1108 free_swap_and_cache(*entry); 1109 shmem_swp_set(info, entry, 0); 1110 } 1111 shmem_recalc_inode(inode); 1112 1113 if (swap.val && add_to_swap_cache(page, swap, GFP_ATOMIC) == 0) { 1114 delete_from_page_cache(page); 1115 shmem_swp_set(info, entry, swap.val); 1116 shmem_swp_unmap(entry); 1117 swap_shmem_alloc(swap); 1118 spin_unlock(&info->lock); 1119 BUG_ON(page_mapped(page)); 1120 swap_writepage(page, wbc); 1121 return 0; 1122 } 1123 1124 shmem_swp_unmap(entry); 1125 unlock: 1126 spin_unlock(&info->lock); 1127 /* 1128 * add_to_swap_cache() doesn't return -EEXIST, so we can safely 1129 * clear SWAP_HAS_CACHE flag. 1130 */ 1131 swapcache_free(swap, NULL); 1132 redirty: 1133 set_page_dirty(page); 1134 if (wbc->for_reclaim) 1135 return AOP_WRITEPAGE_ACTIVATE; /* Return with page locked */ 1136 unlock_page(page); 1137 return 0; 1138 } 1139 1140 #ifdef CONFIG_NUMA 1141 #ifdef CONFIG_TMPFS 1142 static void shmem_show_mpol(struct seq_file *seq, struct mempolicy *mpol) 1143 { 1144 char buffer[64]; 1145 1146 if (!mpol || mpol->mode == MPOL_DEFAULT) 1147 return; /* show nothing */ 1148 1149 mpol_to_str(buffer, sizeof(buffer), mpol, 1); 1150 1151 seq_printf(seq, ",mpol=%s", buffer); 1152 } 1153 1154 static struct mempolicy *shmem_get_sbmpol(struct shmem_sb_info *sbinfo) 1155 { 1156 struct mempolicy *mpol = NULL; 1157 if (sbinfo->mpol) { 1158 spin_lock(&sbinfo->stat_lock); /* prevent replace/use races */ 1159 mpol = sbinfo->mpol; 1160 mpol_get(mpol); 1161 spin_unlock(&sbinfo->stat_lock); 1162 } 1163 return mpol; 1164 } 1165 #endif /* CONFIG_TMPFS */ 1166 1167 static struct page *shmem_swapin(swp_entry_t entry, gfp_t gfp, 1168 struct shmem_inode_info *info, unsigned long idx) 1169 { 1170 struct mempolicy mpol, *spol; 1171 struct vm_area_struct pvma; 1172 struct page *page; 1173 1174 spol = mpol_cond_copy(&mpol, 1175 mpol_shared_policy_lookup(&info->policy, idx)); 1176 1177 /* Create a pseudo vma that just contains the policy */ 1178 pvma.vm_start = 0; 1179 pvma.vm_pgoff = idx; 1180 pvma.vm_ops = NULL; 1181 pvma.vm_policy = spol; 1182 page = swapin_readahead(entry, gfp, &pvma, 0); 1183 return page; 1184 } 1185 1186 static struct page *shmem_alloc_page(gfp_t gfp, 1187 struct shmem_inode_info *info, unsigned long idx) 1188 { 1189 struct vm_area_struct pvma; 1190 1191 /* Create a pseudo vma that just contains the policy */ 1192 pvma.vm_start = 0; 1193 pvma.vm_pgoff = idx; 1194 pvma.vm_ops = NULL; 1195 pvma.vm_policy = mpol_shared_policy_lookup(&info->policy, idx); 1196 1197 /* 1198 * alloc_page_vma() will drop the shared policy reference 1199 */ 1200 return alloc_page_vma(gfp, &pvma, 0); 1201 } 1202 #else /* !CONFIG_NUMA */ 1203 #ifdef CONFIG_TMPFS 1204 static inline void shmem_show_mpol(struct seq_file *seq, struct mempolicy *p) 1205 { 1206 } 1207 #endif /* CONFIG_TMPFS */ 1208 1209 static inline struct page *shmem_swapin(swp_entry_t entry, gfp_t gfp, 1210 struct shmem_inode_info *info, unsigned long idx) 1211 { 1212 return swapin_readahead(entry, gfp, NULL, 0); 1213 } 1214 1215 static inline struct page *shmem_alloc_page(gfp_t gfp, 1216 struct shmem_inode_info *info, unsigned long idx) 1217 { 1218 return alloc_page(gfp); 1219 } 1220 #endif /* CONFIG_NUMA */ 1221 1222 #if !defined(CONFIG_NUMA) || !defined(CONFIG_TMPFS) 1223 static inline struct mempolicy *shmem_get_sbmpol(struct shmem_sb_info *sbinfo) 1224 { 1225 return NULL; 1226 } 1227 #endif 1228 1229 /* 1230 * shmem_getpage - either get the page from swap or allocate a new one 1231 * 1232 * If we allocate a new one we do not mark it dirty. That's up to the 1233 * vm. If we swap it in we mark it dirty since we also free the swap 1234 * entry since a page cannot live in both the swap and page cache 1235 */ 1236 static int shmem_getpage(struct inode *inode, unsigned long idx, 1237 struct page **pagep, enum sgp_type sgp, int *type) 1238 { 1239 struct address_space *mapping = inode->i_mapping; 1240 struct shmem_inode_info *info = SHMEM_I(inode); 1241 struct shmem_sb_info *sbinfo; 1242 struct page *filepage = *pagep; 1243 struct page *swappage; 1244 struct page *prealloc_page = NULL; 1245 swp_entry_t *entry; 1246 swp_entry_t swap; 1247 gfp_t gfp; 1248 int error; 1249 1250 if (idx >= SHMEM_MAX_INDEX) 1251 return -EFBIG; 1252 1253 if (type) 1254 *type = 0; 1255 1256 /* 1257 * Normally, filepage is NULL on entry, and either found 1258 * uptodate immediately, or allocated and zeroed, or read 1259 * in under swappage, which is then assigned to filepage. 1260 * But shmem_readpage (required for splice) passes in a locked 1261 * filepage, which may be found not uptodate by other callers 1262 * too, and may need to be copied from the swappage read in. 1263 */ 1264 repeat: 1265 if (!filepage) 1266 filepage = find_lock_page(mapping, idx); 1267 if (filepage && PageUptodate(filepage)) 1268 goto done; 1269 gfp = mapping_gfp_mask(mapping); 1270 if (!filepage) { 1271 /* 1272 * Try to preload while we can wait, to not make a habit of 1273 * draining atomic reserves; but don't latch on to this cpu. 1274 */ 1275 error = radix_tree_preload(gfp & ~__GFP_HIGHMEM); 1276 if (error) 1277 goto failed; 1278 radix_tree_preload_end(); 1279 if (sgp != SGP_READ && !prealloc_page) { 1280 /* We don't care if this fails */ 1281 prealloc_page = shmem_alloc_page(gfp, info, idx); 1282 if (prealloc_page) { 1283 if (mem_cgroup_cache_charge(prealloc_page, 1284 current->mm, GFP_KERNEL)) { 1285 page_cache_release(prealloc_page); 1286 prealloc_page = NULL; 1287 } 1288 } 1289 } 1290 } 1291 error = 0; 1292 1293 spin_lock(&info->lock); 1294 shmem_recalc_inode(inode); 1295 entry = shmem_swp_alloc(info, idx, sgp); 1296 if (IS_ERR(entry)) { 1297 spin_unlock(&info->lock); 1298 error = PTR_ERR(entry); 1299 goto failed; 1300 } 1301 swap = *entry; 1302 1303 if (swap.val) { 1304 /* Look it up and read it in.. */ 1305 swappage = lookup_swap_cache(swap); 1306 if (!swappage) { 1307 shmem_swp_unmap(entry); 1308 spin_unlock(&info->lock); 1309 /* here we actually do the io */ 1310 if (type) 1311 *type |= VM_FAULT_MAJOR; 1312 swappage = shmem_swapin(swap, gfp, info, idx); 1313 if (!swappage) { 1314 spin_lock(&info->lock); 1315 entry = shmem_swp_alloc(info, idx, sgp); 1316 if (IS_ERR(entry)) 1317 error = PTR_ERR(entry); 1318 else { 1319 if (entry->val == swap.val) 1320 error = -ENOMEM; 1321 shmem_swp_unmap(entry); 1322 } 1323 spin_unlock(&info->lock); 1324 if (error) 1325 goto failed; 1326 goto repeat; 1327 } 1328 wait_on_page_locked(swappage); 1329 page_cache_release(swappage); 1330 goto repeat; 1331 } 1332 1333 /* We have to do this with page locked to prevent races */ 1334 if (!trylock_page(swappage)) { 1335 shmem_swp_unmap(entry); 1336 spin_unlock(&info->lock); 1337 wait_on_page_locked(swappage); 1338 page_cache_release(swappage); 1339 goto repeat; 1340 } 1341 if (PageWriteback(swappage)) { 1342 shmem_swp_unmap(entry); 1343 spin_unlock(&info->lock); 1344 wait_on_page_writeback(swappage); 1345 unlock_page(swappage); 1346 page_cache_release(swappage); 1347 goto repeat; 1348 } 1349 if (!PageUptodate(swappage)) { 1350 shmem_swp_unmap(entry); 1351 spin_unlock(&info->lock); 1352 unlock_page(swappage); 1353 page_cache_release(swappage); 1354 error = -EIO; 1355 goto failed; 1356 } 1357 1358 if (filepage) { 1359 shmem_swp_set(info, entry, 0); 1360 shmem_swp_unmap(entry); 1361 delete_from_swap_cache(swappage); 1362 spin_unlock(&info->lock); 1363 copy_highpage(filepage, swappage); 1364 unlock_page(swappage); 1365 page_cache_release(swappage); 1366 flush_dcache_page(filepage); 1367 SetPageUptodate(filepage); 1368 set_page_dirty(filepage); 1369 swap_free(swap); 1370 } else if (!(error = add_to_page_cache_locked(swappage, mapping, 1371 idx, GFP_NOWAIT))) { 1372 info->flags |= SHMEM_PAGEIN; 1373 shmem_swp_set(info, entry, 0); 1374 shmem_swp_unmap(entry); 1375 delete_from_swap_cache(swappage); 1376 spin_unlock(&info->lock); 1377 filepage = swappage; 1378 set_page_dirty(filepage); 1379 swap_free(swap); 1380 } else { 1381 shmem_swp_unmap(entry); 1382 spin_unlock(&info->lock); 1383 if (error == -ENOMEM) { 1384 /* 1385 * reclaim from proper memory cgroup and 1386 * call memcg's OOM if needed. 1387 */ 1388 error = mem_cgroup_shmem_charge_fallback( 1389 swappage, 1390 current->mm, 1391 gfp); 1392 if (error) { 1393 unlock_page(swappage); 1394 page_cache_release(swappage); 1395 goto failed; 1396 } 1397 } 1398 unlock_page(swappage); 1399 page_cache_release(swappage); 1400 goto repeat; 1401 } 1402 } else if (sgp == SGP_READ && !filepage) { 1403 shmem_swp_unmap(entry); 1404 filepage = find_get_page(mapping, idx); 1405 if (filepage && 1406 (!PageUptodate(filepage) || !trylock_page(filepage))) { 1407 spin_unlock(&info->lock); 1408 wait_on_page_locked(filepage); 1409 page_cache_release(filepage); 1410 filepage = NULL; 1411 goto repeat; 1412 } 1413 spin_unlock(&info->lock); 1414 } else { 1415 shmem_swp_unmap(entry); 1416 sbinfo = SHMEM_SB(inode->i_sb); 1417 if (sbinfo->max_blocks) { 1418 if (percpu_counter_compare(&sbinfo->used_blocks, 1419 sbinfo->max_blocks) >= 0 || 1420 shmem_acct_block(info->flags)) 1421 goto nospace; 1422 percpu_counter_inc(&sbinfo->used_blocks); 1423 spin_lock(&inode->i_lock); 1424 inode->i_blocks += BLOCKS_PER_PAGE; 1425 spin_unlock(&inode->i_lock); 1426 } else if (shmem_acct_block(info->flags)) 1427 goto nospace; 1428 1429 if (!filepage) { 1430 int ret; 1431 1432 if (!prealloc_page) { 1433 spin_unlock(&info->lock); 1434 filepage = shmem_alloc_page(gfp, info, idx); 1435 if (!filepage) { 1436 shmem_unacct_blocks(info->flags, 1); 1437 shmem_free_blocks(inode, 1); 1438 error = -ENOMEM; 1439 goto failed; 1440 } 1441 SetPageSwapBacked(filepage); 1442 1443 /* 1444 * Precharge page while we can wait, compensate 1445 * after 1446 */ 1447 error = mem_cgroup_cache_charge(filepage, 1448 current->mm, GFP_KERNEL); 1449 if (error) { 1450 page_cache_release(filepage); 1451 shmem_unacct_blocks(info->flags, 1); 1452 shmem_free_blocks(inode, 1); 1453 filepage = NULL; 1454 goto failed; 1455 } 1456 1457 spin_lock(&info->lock); 1458 } else { 1459 filepage = prealloc_page; 1460 prealloc_page = NULL; 1461 SetPageSwapBacked(filepage); 1462 } 1463 1464 entry = shmem_swp_alloc(info, idx, sgp); 1465 if (IS_ERR(entry)) 1466 error = PTR_ERR(entry); 1467 else { 1468 swap = *entry; 1469 shmem_swp_unmap(entry); 1470 } 1471 ret = error || swap.val; 1472 if (ret) 1473 mem_cgroup_uncharge_cache_page(filepage); 1474 else 1475 ret = add_to_page_cache_lru(filepage, mapping, 1476 idx, GFP_NOWAIT); 1477 /* 1478 * At add_to_page_cache_lru() failure, uncharge will 1479 * be done automatically. 1480 */ 1481 if (ret) { 1482 spin_unlock(&info->lock); 1483 page_cache_release(filepage); 1484 shmem_unacct_blocks(info->flags, 1); 1485 shmem_free_blocks(inode, 1); 1486 filepage = NULL; 1487 if (error) 1488 goto failed; 1489 goto repeat; 1490 } 1491 info->flags |= SHMEM_PAGEIN; 1492 } 1493 1494 info->alloced++; 1495 spin_unlock(&info->lock); 1496 clear_highpage(filepage); 1497 flush_dcache_page(filepage); 1498 SetPageUptodate(filepage); 1499 if (sgp == SGP_DIRTY) 1500 set_page_dirty(filepage); 1501 } 1502 done: 1503 *pagep = filepage; 1504 error = 0; 1505 goto out; 1506 1507 nospace: 1508 /* 1509 * Perhaps the page was brought in from swap between find_lock_page 1510 * and taking info->lock? We allow for that at add_to_page_cache_lru, 1511 * but must also avoid reporting a spurious ENOSPC while working on a 1512 * full tmpfs. (When filepage has been passed in to shmem_getpage, it 1513 * is already in page cache, which prevents this race from occurring.) 1514 */ 1515 if (!filepage) { 1516 struct page *page = find_get_page(mapping, idx); 1517 if (page) { 1518 spin_unlock(&info->lock); 1519 page_cache_release(page); 1520 goto repeat; 1521 } 1522 } 1523 spin_unlock(&info->lock); 1524 error = -ENOSPC; 1525 failed: 1526 if (*pagep != filepage) { 1527 unlock_page(filepage); 1528 page_cache_release(filepage); 1529 } 1530 out: 1531 if (prealloc_page) { 1532 mem_cgroup_uncharge_cache_page(prealloc_page); 1533 page_cache_release(prealloc_page); 1534 } 1535 return error; 1536 } 1537 1538 static int shmem_fault(struct vm_area_struct *vma, struct vm_fault *vmf) 1539 { 1540 struct inode *inode = vma->vm_file->f_path.dentry->d_inode; 1541 int error; 1542 int ret; 1543 1544 if (((loff_t)vmf->pgoff << PAGE_CACHE_SHIFT) >= i_size_read(inode)) 1545 return VM_FAULT_SIGBUS; 1546 1547 error = shmem_getpage(inode, vmf->pgoff, &vmf->page, SGP_CACHE, &ret); 1548 if (error) 1549 return ((error == -ENOMEM) ? VM_FAULT_OOM : VM_FAULT_SIGBUS); 1550 if (ret & VM_FAULT_MAJOR) { 1551 count_vm_event(PGMAJFAULT); 1552 mem_cgroup_count_vm_event(vma->vm_mm, PGMAJFAULT); 1553 } 1554 return ret | VM_FAULT_LOCKED; 1555 } 1556 1557 #ifdef CONFIG_NUMA 1558 static int shmem_set_policy(struct vm_area_struct *vma, struct mempolicy *new) 1559 { 1560 struct inode *i = vma->vm_file->f_path.dentry->d_inode; 1561 return mpol_set_shared_policy(&SHMEM_I(i)->policy, vma, new); 1562 } 1563 1564 static struct mempolicy *shmem_get_policy(struct vm_area_struct *vma, 1565 unsigned long addr) 1566 { 1567 struct inode *i = vma->vm_file->f_path.dentry->d_inode; 1568 unsigned long idx; 1569 1570 idx = ((addr - vma->vm_start) >> PAGE_SHIFT) + vma->vm_pgoff; 1571 return mpol_shared_policy_lookup(&SHMEM_I(i)->policy, idx); 1572 } 1573 #endif 1574 1575 int shmem_lock(struct file *file, int lock, struct user_struct *user) 1576 { 1577 struct inode *inode = file->f_path.dentry->d_inode; 1578 struct shmem_inode_info *info = SHMEM_I(inode); 1579 int retval = -ENOMEM; 1580 1581 spin_lock(&info->lock); 1582 if (lock && !(info->flags & VM_LOCKED)) { 1583 if (!user_shm_lock(inode->i_size, user)) 1584 goto out_nomem; 1585 info->flags |= VM_LOCKED; 1586 mapping_set_unevictable(file->f_mapping); 1587 } 1588 if (!lock && (info->flags & VM_LOCKED) && user) { 1589 user_shm_unlock(inode->i_size, user); 1590 info->flags &= ~VM_LOCKED; 1591 mapping_clear_unevictable(file->f_mapping); 1592 scan_mapping_unevictable_pages(file->f_mapping); 1593 } 1594 retval = 0; 1595 1596 out_nomem: 1597 spin_unlock(&info->lock); 1598 return retval; 1599 } 1600 1601 static int shmem_mmap(struct file *file, struct vm_area_struct *vma) 1602 { 1603 file_accessed(file); 1604 vma->vm_ops = &shmem_vm_ops; 1605 vma->vm_flags |= VM_CAN_NONLINEAR; 1606 return 0; 1607 } 1608 1609 static struct inode *shmem_get_inode(struct super_block *sb, const struct inode *dir, 1610 int mode, dev_t dev, unsigned long flags) 1611 { 1612 struct inode *inode; 1613 struct shmem_inode_info *info; 1614 struct shmem_sb_info *sbinfo = SHMEM_SB(sb); 1615 1616 if (shmem_reserve_inode(sb)) 1617 return NULL; 1618 1619 inode = new_inode(sb); 1620 if (inode) { 1621 inode->i_ino = get_next_ino(); 1622 inode_init_owner(inode, dir, mode); 1623 inode->i_blocks = 0; 1624 inode->i_mapping->backing_dev_info = &shmem_backing_dev_info; 1625 inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME; 1626 inode->i_generation = get_seconds(); 1627 info = SHMEM_I(inode); 1628 memset(info, 0, (char *)inode - (char *)info); 1629 spin_lock_init(&info->lock); 1630 info->flags = flags & VM_NORESERVE; 1631 INIT_LIST_HEAD(&info->swaplist); 1632 INIT_LIST_HEAD(&info->xattr_list); 1633 cache_no_acl(inode); 1634 1635 switch (mode & S_IFMT) { 1636 default: 1637 inode->i_op = &shmem_special_inode_operations; 1638 init_special_inode(inode, mode, dev); 1639 break; 1640 case S_IFREG: 1641 inode->i_mapping->a_ops = &shmem_aops; 1642 inode->i_op = &shmem_inode_operations; 1643 inode->i_fop = &shmem_file_operations; 1644 mpol_shared_policy_init(&info->policy, 1645 shmem_get_sbmpol(sbinfo)); 1646 break; 1647 case S_IFDIR: 1648 inc_nlink(inode); 1649 /* Some things misbehave if size == 0 on a directory */ 1650 inode->i_size = 2 * BOGO_DIRENT_SIZE; 1651 inode->i_op = &shmem_dir_inode_operations; 1652 inode->i_fop = &simple_dir_operations; 1653 break; 1654 case S_IFLNK: 1655 /* 1656 * Must not load anything in the rbtree, 1657 * mpol_free_shared_policy will not be called. 1658 */ 1659 mpol_shared_policy_init(&info->policy, NULL); 1660 break; 1661 } 1662 } else 1663 shmem_free_inode(sb); 1664 return inode; 1665 } 1666 1667 #ifdef CONFIG_TMPFS 1668 static const struct inode_operations shmem_symlink_inode_operations; 1669 static const struct inode_operations shmem_symlink_inline_operations; 1670 1671 /* 1672 * Normally tmpfs avoids the use of shmem_readpage and shmem_write_begin; 1673 * but providing them allows a tmpfs file to be used for splice, sendfile, and 1674 * below the loop driver, in the generic fashion that many filesystems support. 1675 */ 1676 static int shmem_readpage(struct file *file, struct page *page) 1677 { 1678 struct inode *inode = page->mapping->host; 1679 int error = shmem_getpage(inode, page->index, &page, SGP_CACHE, NULL); 1680 unlock_page(page); 1681 return error; 1682 } 1683 1684 static int 1685 shmem_write_begin(struct file *file, struct address_space *mapping, 1686 loff_t pos, unsigned len, unsigned flags, 1687 struct page **pagep, void **fsdata) 1688 { 1689 struct inode *inode = mapping->host; 1690 pgoff_t index = pos >> PAGE_CACHE_SHIFT; 1691 *pagep = NULL; 1692 return shmem_getpage(inode, index, pagep, SGP_WRITE, NULL); 1693 } 1694 1695 static int 1696 shmem_write_end(struct file *file, struct address_space *mapping, 1697 loff_t pos, unsigned len, unsigned copied, 1698 struct page *page, void *fsdata) 1699 { 1700 struct inode *inode = mapping->host; 1701 1702 if (pos + copied > inode->i_size) 1703 i_size_write(inode, pos + copied); 1704 1705 set_page_dirty(page); 1706 unlock_page(page); 1707 page_cache_release(page); 1708 1709 return copied; 1710 } 1711 1712 static void do_shmem_file_read(struct file *filp, loff_t *ppos, read_descriptor_t *desc, read_actor_t actor) 1713 { 1714 struct inode *inode = filp->f_path.dentry->d_inode; 1715 struct address_space *mapping = inode->i_mapping; 1716 unsigned long index, offset; 1717 enum sgp_type sgp = SGP_READ; 1718 1719 /* 1720 * Might this read be for a stacking filesystem? Then when reading 1721 * holes of a sparse file, we actually need to allocate those pages, 1722 * and even mark them dirty, so it cannot exceed the max_blocks limit. 1723 */ 1724 if (segment_eq(get_fs(), KERNEL_DS)) 1725 sgp = SGP_DIRTY; 1726 1727 index = *ppos >> PAGE_CACHE_SHIFT; 1728 offset = *ppos & ~PAGE_CACHE_MASK; 1729 1730 for (;;) { 1731 struct page *page = NULL; 1732 unsigned long end_index, nr, ret; 1733 loff_t i_size = i_size_read(inode); 1734 1735 end_index = i_size >> PAGE_CACHE_SHIFT; 1736 if (index > end_index) 1737 break; 1738 if (index == end_index) { 1739 nr = i_size & ~PAGE_CACHE_MASK; 1740 if (nr <= offset) 1741 break; 1742 } 1743 1744 desc->error = shmem_getpage(inode, index, &page, sgp, NULL); 1745 if (desc->error) { 1746 if (desc->error == -EINVAL) 1747 desc->error = 0; 1748 break; 1749 } 1750 if (page) 1751 unlock_page(page); 1752 1753 /* 1754 * We must evaluate after, since reads (unlike writes) 1755 * are called without i_mutex protection against truncate 1756 */ 1757 nr = PAGE_CACHE_SIZE; 1758 i_size = i_size_read(inode); 1759 end_index = i_size >> PAGE_CACHE_SHIFT; 1760 if (index == end_index) { 1761 nr = i_size & ~PAGE_CACHE_MASK; 1762 if (nr <= offset) { 1763 if (page) 1764 page_cache_release(page); 1765 break; 1766 } 1767 } 1768 nr -= offset; 1769 1770 if (page) { 1771 /* 1772 * If users can be writing to this page using arbitrary 1773 * virtual addresses, take care about potential aliasing 1774 * before reading the page on the kernel side. 1775 */ 1776 if (mapping_writably_mapped(mapping)) 1777 flush_dcache_page(page); 1778 /* 1779 * Mark the page accessed if we read the beginning. 1780 */ 1781 if (!offset) 1782 mark_page_accessed(page); 1783 } else { 1784 page = ZERO_PAGE(0); 1785 page_cache_get(page); 1786 } 1787 1788 /* 1789 * Ok, we have the page, and it's up-to-date, so 1790 * now we can copy it to user space... 1791 * 1792 * The actor routine returns how many bytes were actually used.. 1793 * NOTE! This may not be the same as how much of a user buffer 1794 * we filled up (we may be padding etc), so we can only update 1795 * "pos" here (the actor routine has to update the user buffer 1796 * pointers and the remaining count). 1797 */ 1798 ret = actor(desc, page, offset, nr); 1799 offset += ret; 1800 index += offset >> PAGE_CACHE_SHIFT; 1801 offset &= ~PAGE_CACHE_MASK; 1802 1803 page_cache_release(page); 1804 if (ret != nr || !desc->count) 1805 break; 1806 1807 cond_resched(); 1808 } 1809 1810 *ppos = ((loff_t) index << PAGE_CACHE_SHIFT) + offset; 1811 file_accessed(filp); 1812 } 1813 1814 static ssize_t shmem_file_aio_read(struct kiocb *iocb, 1815 const struct iovec *iov, unsigned long nr_segs, loff_t pos) 1816 { 1817 struct file *filp = iocb->ki_filp; 1818 ssize_t retval; 1819 unsigned long seg; 1820 size_t count; 1821 loff_t *ppos = &iocb->ki_pos; 1822 1823 retval = generic_segment_checks(iov, &nr_segs, &count, VERIFY_WRITE); 1824 if (retval) 1825 return retval; 1826 1827 for (seg = 0; seg < nr_segs; seg++) { 1828 read_descriptor_t desc; 1829 1830 desc.written = 0; 1831 desc.arg.buf = iov[seg].iov_base; 1832 desc.count = iov[seg].iov_len; 1833 if (desc.count == 0) 1834 continue; 1835 desc.error = 0; 1836 do_shmem_file_read(filp, ppos, &desc, file_read_actor); 1837 retval += desc.written; 1838 if (desc.error) { 1839 retval = retval ?: desc.error; 1840 break; 1841 } 1842 if (desc.count > 0) 1843 break; 1844 } 1845 return retval; 1846 } 1847 1848 static int shmem_statfs(struct dentry *dentry, struct kstatfs *buf) 1849 { 1850 struct shmem_sb_info *sbinfo = SHMEM_SB(dentry->d_sb); 1851 1852 buf->f_type = TMPFS_MAGIC; 1853 buf->f_bsize = PAGE_CACHE_SIZE; 1854 buf->f_namelen = NAME_MAX; 1855 if (sbinfo->max_blocks) { 1856 buf->f_blocks = sbinfo->max_blocks; 1857 buf->f_bavail = buf->f_bfree = 1858 sbinfo->max_blocks - percpu_counter_sum(&sbinfo->used_blocks); 1859 } 1860 if (sbinfo->max_inodes) { 1861 buf->f_files = sbinfo->max_inodes; 1862 buf->f_ffree = sbinfo->free_inodes; 1863 } 1864 /* else leave those fields 0 like simple_statfs */ 1865 return 0; 1866 } 1867 1868 /* 1869 * File creation. Allocate an inode, and we're done.. 1870 */ 1871 static int 1872 shmem_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev) 1873 { 1874 struct inode *inode; 1875 int error = -ENOSPC; 1876 1877 inode = shmem_get_inode(dir->i_sb, dir, mode, dev, VM_NORESERVE); 1878 if (inode) { 1879 error = security_inode_init_security(inode, dir, 1880 &dentry->d_name, NULL, 1881 NULL, NULL); 1882 if (error) { 1883 if (error != -EOPNOTSUPP) { 1884 iput(inode); 1885 return error; 1886 } 1887 } 1888 #ifdef CONFIG_TMPFS_POSIX_ACL 1889 error = generic_acl_init(inode, dir); 1890 if (error) { 1891 iput(inode); 1892 return error; 1893 } 1894 #else 1895 error = 0; 1896 #endif 1897 dir->i_size += BOGO_DIRENT_SIZE; 1898 dir->i_ctime = dir->i_mtime = CURRENT_TIME; 1899 d_instantiate(dentry, inode); 1900 dget(dentry); /* Extra count - pin the dentry in core */ 1901 } 1902 return error; 1903 } 1904 1905 static int shmem_mkdir(struct inode *dir, struct dentry *dentry, int mode) 1906 { 1907 int error; 1908 1909 if ((error = shmem_mknod(dir, dentry, mode | S_IFDIR, 0))) 1910 return error; 1911 inc_nlink(dir); 1912 return 0; 1913 } 1914 1915 static int shmem_create(struct inode *dir, struct dentry *dentry, int mode, 1916 struct nameidata *nd) 1917 { 1918 return shmem_mknod(dir, dentry, mode | S_IFREG, 0); 1919 } 1920 1921 /* 1922 * Link a file.. 1923 */ 1924 static int shmem_link(struct dentry *old_dentry, struct inode *dir, struct dentry *dentry) 1925 { 1926 struct inode *inode = old_dentry->d_inode; 1927 int ret; 1928 1929 /* 1930 * No ordinary (disk based) filesystem counts links as inodes; 1931 * but each new link needs a new dentry, pinning lowmem, and 1932 * tmpfs dentries cannot be pruned until they are unlinked. 1933 */ 1934 ret = shmem_reserve_inode(inode->i_sb); 1935 if (ret) 1936 goto out; 1937 1938 dir->i_size += BOGO_DIRENT_SIZE; 1939 inode->i_ctime = dir->i_ctime = dir->i_mtime = CURRENT_TIME; 1940 inc_nlink(inode); 1941 ihold(inode); /* New dentry reference */ 1942 dget(dentry); /* Extra pinning count for the created dentry */ 1943 d_instantiate(dentry, inode); 1944 out: 1945 return ret; 1946 } 1947 1948 static int shmem_unlink(struct inode *dir, struct dentry *dentry) 1949 { 1950 struct inode *inode = dentry->d_inode; 1951 1952 if (inode->i_nlink > 1 && !S_ISDIR(inode->i_mode)) 1953 shmem_free_inode(inode->i_sb); 1954 1955 dir->i_size -= BOGO_DIRENT_SIZE; 1956 inode->i_ctime = dir->i_ctime = dir->i_mtime = CURRENT_TIME; 1957 drop_nlink(inode); 1958 dput(dentry); /* Undo the count from "create" - this does all the work */ 1959 return 0; 1960 } 1961 1962 static int shmem_rmdir(struct inode *dir, struct dentry *dentry) 1963 { 1964 if (!simple_empty(dentry)) 1965 return -ENOTEMPTY; 1966 1967 drop_nlink(dentry->d_inode); 1968 drop_nlink(dir); 1969 return shmem_unlink(dir, dentry); 1970 } 1971 1972 /* 1973 * The VFS layer already does all the dentry stuff for rename, 1974 * we just have to decrement the usage count for the target if 1975 * it exists so that the VFS layer correctly free's it when it 1976 * gets overwritten. 1977 */ 1978 static int shmem_rename(struct inode *old_dir, struct dentry *old_dentry, struct inode *new_dir, struct dentry *new_dentry) 1979 { 1980 struct inode *inode = old_dentry->d_inode; 1981 int they_are_dirs = S_ISDIR(inode->i_mode); 1982 1983 if (!simple_empty(new_dentry)) 1984 return -ENOTEMPTY; 1985 1986 if (new_dentry->d_inode) { 1987 (void) shmem_unlink(new_dir, new_dentry); 1988 if (they_are_dirs) 1989 drop_nlink(old_dir); 1990 } else if (they_are_dirs) { 1991 drop_nlink(old_dir); 1992 inc_nlink(new_dir); 1993 } 1994 1995 old_dir->i_size -= BOGO_DIRENT_SIZE; 1996 new_dir->i_size += BOGO_DIRENT_SIZE; 1997 old_dir->i_ctime = old_dir->i_mtime = 1998 new_dir->i_ctime = new_dir->i_mtime = 1999 inode->i_ctime = CURRENT_TIME; 2000 return 0; 2001 } 2002 2003 static int shmem_symlink(struct inode *dir, struct dentry *dentry, const char *symname) 2004 { 2005 int error; 2006 int len; 2007 struct inode *inode; 2008 struct page *page = NULL; 2009 char *kaddr; 2010 struct shmem_inode_info *info; 2011 2012 len = strlen(symname) + 1; 2013 if (len > PAGE_CACHE_SIZE) 2014 return -ENAMETOOLONG; 2015 2016 inode = shmem_get_inode(dir->i_sb, dir, S_IFLNK|S_IRWXUGO, 0, VM_NORESERVE); 2017 if (!inode) 2018 return -ENOSPC; 2019 2020 error = security_inode_init_security(inode, dir, &dentry->d_name, NULL, 2021 NULL, NULL); 2022 if (error) { 2023 if (error != -EOPNOTSUPP) { 2024 iput(inode); 2025 return error; 2026 } 2027 error = 0; 2028 } 2029 2030 info = SHMEM_I(inode); 2031 inode->i_size = len-1; 2032 if (len <= SHMEM_SYMLINK_INLINE_LEN) { 2033 /* do it inline */ 2034 memcpy(info->inline_symlink, symname, len); 2035 inode->i_op = &shmem_symlink_inline_operations; 2036 } else { 2037 error = shmem_getpage(inode, 0, &page, SGP_WRITE, NULL); 2038 if (error) { 2039 iput(inode); 2040 return error; 2041 } 2042 inode->i_mapping->a_ops = &shmem_aops; 2043 inode->i_op = &shmem_symlink_inode_operations; 2044 kaddr = kmap_atomic(page, KM_USER0); 2045 memcpy(kaddr, symname, len); 2046 kunmap_atomic(kaddr, KM_USER0); 2047 set_page_dirty(page); 2048 unlock_page(page); 2049 page_cache_release(page); 2050 } 2051 dir->i_size += BOGO_DIRENT_SIZE; 2052 dir->i_ctime = dir->i_mtime = CURRENT_TIME; 2053 d_instantiate(dentry, inode); 2054 dget(dentry); 2055 return 0; 2056 } 2057 2058 static void *shmem_follow_link_inline(struct dentry *dentry, struct nameidata *nd) 2059 { 2060 nd_set_link(nd, SHMEM_I(dentry->d_inode)->inline_symlink); 2061 return NULL; 2062 } 2063 2064 static void *shmem_follow_link(struct dentry *dentry, struct nameidata *nd) 2065 { 2066 struct page *page = NULL; 2067 int res = shmem_getpage(dentry->d_inode, 0, &page, SGP_READ, NULL); 2068 nd_set_link(nd, res ? ERR_PTR(res) : kmap(page)); 2069 if (page) 2070 unlock_page(page); 2071 return page; 2072 } 2073 2074 static void shmem_put_link(struct dentry *dentry, struct nameidata *nd, void *cookie) 2075 { 2076 if (!IS_ERR(nd_get_link(nd))) { 2077 struct page *page = cookie; 2078 kunmap(page); 2079 mark_page_accessed(page); 2080 page_cache_release(page); 2081 } 2082 } 2083 2084 #ifdef CONFIG_TMPFS_XATTR 2085 /* 2086 * Superblocks without xattr inode operations may get some security.* xattr 2087 * support from the LSM "for free". As soon as we have any other xattrs 2088 * like ACLs, we also need to implement the security.* handlers at 2089 * filesystem level, though. 2090 */ 2091 2092 static int shmem_xattr_get(struct dentry *dentry, const char *name, 2093 void *buffer, size_t size) 2094 { 2095 struct shmem_inode_info *info; 2096 struct shmem_xattr *xattr; 2097 int ret = -ENODATA; 2098 2099 info = SHMEM_I(dentry->d_inode); 2100 2101 spin_lock(&info->lock); 2102 list_for_each_entry(xattr, &info->xattr_list, list) { 2103 if (strcmp(name, xattr->name)) 2104 continue; 2105 2106 ret = xattr->size; 2107 if (buffer) { 2108 if (size < xattr->size) 2109 ret = -ERANGE; 2110 else 2111 memcpy(buffer, xattr->value, xattr->size); 2112 } 2113 break; 2114 } 2115 spin_unlock(&info->lock); 2116 return ret; 2117 } 2118 2119 static int shmem_xattr_set(struct dentry *dentry, const char *name, 2120 const void *value, size_t size, int flags) 2121 { 2122 struct inode *inode = dentry->d_inode; 2123 struct shmem_inode_info *info = SHMEM_I(inode); 2124 struct shmem_xattr *xattr; 2125 struct shmem_xattr *new_xattr = NULL; 2126 size_t len; 2127 int err = 0; 2128 2129 /* value == NULL means remove */ 2130 if (value) { 2131 /* wrap around? */ 2132 len = sizeof(*new_xattr) + size; 2133 if (len <= sizeof(*new_xattr)) 2134 return -ENOMEM; 2135 2136 new_xattr = kmalloc(len, GFP_KERNEL); 2137 if (!new_xattr) 2138 return -ENOMEM; 2139 2140 new_xattr->name = kstrdup(name, GFP_KERNEL); 2141 if (!new_xattr->name) { 2142 kfree(new_xattr); 2143 return -ENOMEM; 2144 } 2145 2146 new_xattr->size = size; 2147 memcpy(new_xattr->value, value, size); 2148 } 2149 2150 spin_lock(&info->lock); 2151 list_for_each_entry(xattr, &info->xattr_list, list) { 2152 if (!strcmp(name, xattr->name)) { 2153 if (flags & XATTR_CREATE) { 2154 xattr = new_xattr; 2155 err = -EEXIST; 2156 } else if (new_xattr) { 2157 list_replace(&xattr->list, &new_xattr->list); 2158 } else { 2159 list_del(&xattr->list); 2160 } 2161 goto out; 2162 } 2163 } 2164 if (flags & XATTR_REPLACE) { 2165 xattr = new_xattr; 2166 err = -ENODATA; 2167 } else { 2168 list_add(&new_xattr->list, &info->xattr_list); 2169 xattr = NULL; 2170 } 2171 out: 2172 spin_unlock(&info->lock); 2173 if (xattr) 2174 kfree(xattr->name); 2175 kfree(xattr); 2176 return err; 2177 } 2178 2179 2180 static const struct xattr_handler *shmem_xattr_handlers[] = { 2181 #ifdef CONFIG_TMPFS_POSIX_ACL 2182 &generic_acl_access_handler, 2183 &generic_acl_default_handler, 2184 #endif 2185 NULL 2186 }; 2187 2188 static int shmem_xattr_validate(const char *name) 2189 { 2190 struct { const char *prefix; size_t len; } arr[] = { 2191 { XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN }, 2192 { XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN } 2193 }; 2194 int i; 2195 2196 for (i = 0; i < ARRAY_SIZE(arr); i++) { 2197 size_t preflen = arr[i].len; 2198 if (strncmp(name, arr[i].prefix, preflen) == 0) { 2199 if (!name[preflen]) 2200 return -EINVAL; 2201 return 0; 2202 } 2203 } 2204 return -EOPNOTSUPP; 2205 } 2206 2207 static ssize_t shmem_getxattr(struct dentry *dentry, const char *name, 2208 void *buffer, size_t size) 2209 { 2210 int err; 2211 2212 /* 2213 * If this is a request for a synthetic attribute in the system.* 2214 * namespace use the generic infrastructure to resolve a handler 2215 * for it via sb->s_xattr. 2216 */ 2217 if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) 2218 return generic_getxattr(dentry, name, buffer, size); 2219 2220 err = shmem_xattr_validate(name); 2221 if (err) 2222 return err; 2223 2224 return shmem_xattr_get(dentry, name, buffer, size); 2225 } 2226 2227 static int shmem_setxattr(struct dentry *dentry, const char *name, 2228 const void *value, size_t size, int flags) 2229 { 2230 int err; 2231 2232 /* 2233 * If this is a request for a synthetic attribute in the system.* 2234 * namespace use the generic infrastructure to resolve a handler 2235 * for it via sb->s_xattr. 2236 */ 2237 if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) 2238 return generic_setxattr(dentry, name, value, size, flags); 2239 2240 err = shmem_xattr_validate(name); 2241 if (err) 2242 return err; 2243 2244 if (size == 0) 2245 value = ""; /* empty EA, do not remove */ 2246 2247 return shmem_xattr_set(dentry, name, value, size, flags); 2248 2249 } 2250 2251 static int shmem_removexattr(struct dentry *dentry, const char *name) 2252 { 2253 int err; 2254 2255 /* 2256 * If this is a request for a synthetic attribute in the system.* 2257 * namespace use the generic infrastructure to resolve a handler 2258 * for it via sb->s_xattr. 2259 */ 2260 if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) 2261 return generic_removexattr(dentry, name); 2262 2263 err = shmem_xattr_validate(name); 2264 if (err) 2265 return err; 2266 2267 return shmem_xattr_set(dentry, name, NULL, 0, XATTR_REPLACE); 2268 } 2269 2270 static bool xattr_is_trusted(const char *name) 2271 { 2272 return !strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN); 2273 } 2274 2275 static ssize_t shmem_listxattr(struct dentry *dentry, char *buffer, size_t size) 2276 { 2277 bool trusted = capable(CAP_SYS_ADMIN); 2278 struct shmem_xattr *xattr; 2279 struct shmem_inode_info *info; 2280 size_t used = 0; 2281 2282 info = SHMEM_I(dentry->d_inode); 2283 2284 spin_lock(&info->lock); 2285 list_for_each_entry(xattr, &info->xattr_list, list) { 2286 size_t len; 2287 2288 /* skip "trusted." attributes for unprivileged callers */ 2289 if (!trusted && xattr_is_trusted(xattr->name)) 2290 continue; 2291 2292 len = strlen(xattr->name) + 1; 2293 used += len; 2294 if (buffer) { 2295 if (size < used) { 2296 used = -ERANGE; 2297 break; 2298 } 2299 memcpy(buffer, xattr->name, len); 2300 buffer += len; 2301 } 2302 } 2303 spin_unlock(&info->lock); 2304 2305 return used; 2306 } 2307 #endif /* CONFIG_TMPFS_XATTR */ 2308 2309 static const struct inode_operations shmem_symlink_inline_operations = { 2310 .readlink = generic_readlink, 2311 .follow_link = shmem_follow_link_inline, 2312 #ifdef CONFIG_TMPFS_XATTR 2313 .setxattr = shmem_setxattr, 2314 .getxattr = shmem_getxattr, 2315 .listxattr = shmem_listxattr, 2316 .removexattr = shmem_removexattr, 2317 #endif 2318 }; 2319 2320 static const struct inode_operations shmem_symlink_inode_operations = { 2321 .readlink = generic_readlink, 2322 .follow_link = shmem_follow_link, 2323 .put_link = shmem_put_link, 2324 #ifdef CONFIG_TMPFS_XATTR 2325 .setxattr = shmem_setxattr, 2326 .getxattr = shmem_getxattr, 2327 .listxattr = shmem_listxattr, 2328 .removexattr = shmem_removexattr, 2329 #endif 2330 }; 2331 2332 static struct dentry *shmem_get_parent(struct dentry *child) 2333 { 2334 return ERR_PTR(-ESTALE); 2335 } 2336 2337 static int shmem_match(struct inode *ino, void *vfh) 2338 { 2339 __u32 *fh = vfh; 2340 __u64 inum = fh[2]; 2341 inum = (inum << 32) | fh[1]; 2342 return ino->i_ino == inum && fh[0] == ino->i_generation; 2343 } 2344 2345 static struct dentry *shmem_fh_to_dentry(struct super_block *sb, 2346 struct fid *fid, int fh_len, int fh_type) 2347 { 2348 struct inode *inode; 2349 struct dentry *dentry = NULL; 2350 u64 inum = fid->raw[2]; 2351 inum = (inum << 32) | fid->raw[1]; 2352 2353 if (fh_len < 3) 2354 return NULL; 2355 2356 inode = ilookup5(sb, (unsigned long)(inum + fid->raw[0]), 2357 shmem_match, fid->raw); 2358 if (inode) { 2359 dentry = d_find_alias(inode); 2360 iput(inode); 2361 } 2362 2363 return dentry; 2364 } 2365 2366 static int shmem_encode_fh(struct dentry *dentry, __u32 *fh, int *len, 2367 int connectable) 2368 { 2369 struct inode *inode = dentry->d_inode; 2370 2371 if (*len < 3) { 2372 *len = 3; 2373 return 255; 2374 } 2375 2376 if (inode_unhashed(inode)) { 2377 /* Unfortunately insert_inode_hash is not idempotent, 2378 * so as we hash inodes here rather than at creation 2379 * time, we need a lock to ensure we only try 2380 * to do it once 2381 */ 2382 static DEFINE_SPINLOCK(lock); 2383 spin_lock(&lock); 2384 if (inode_unhashed(inode)) 2385 __insert_inode_hash(inode, 2386 inode->i_ino + inode->i_generation); 2387 spin_unlock(&lock); 2388 } 2389 2390 fh[0] = inode->i_generation; 2391 fh[1] = inode->i_ino; 2392 fh[2] = ((__u64)inode->i_ino) >> 32; 2393 2394 *len = 3; 2395 return 1; 2396 } 2397 2398 static const struct export_operations shmem_export_ops = { 2399 .get_parent = shmem_get_parent, 2400 .encode_fh = shmem_encode_fh, 2401 .fh_to_dentry = shmem_fh_to_dentry, 2402 }; 2403 2404 static int shmem_parse_options(char *options, struct shmem_sb_info *sbinfo, 2405 bool remount) 2406 { 2407 char *this_char, *value, *rest; 2408 2409 while (options != NULL) { 2410 this_char = options; 2411 for (;;) { 2412 /* 2413 * NUL-terminate this option: unfortunately, 2414 * mount options form a comma-separated list, 2415 * but mpol's nodelist may also contain commas. 2416 */ 2417 options = strchr(options, ','); 2418 if (options == NULL) 2419 break; 2420 options++; 2421 if (!isdigit(*options)) { 2422 options[-1] = '\0'; 2423 break; 2424 } 2425 } 2426 if (!*this_char) 2427 continue; 2428 if ((value = strchr(this_char,'=')) != NULL) { 2429 *value++ = 0; 2430 } else { 2431 printk(KERN_ERR 2432 "tmpfs: No value for mount option '%s'\n", 2433 this_char); 2434 return 1; 2435 } 2436 2437 if (!strcmp(this_char,"size")) { 2438 unsigned long long size; 2439 size = memparse(value,&rest); 2440 if (*rest == '%') { 2441 size <<= PAGE_SHIFT; 2442 size *= totalram_pages; 2443 do_div(size, 100); 2444 rest++; 2445 } 2446 if (*rest) 2447 goto bad_val; 2448 sbinfo->max_blocks = 2449 DIV_ROUND_UP(size, PAGE_CACHE_SIZE); 2450 } else if (!strcmp(this_char,"nr_blocks")) { 2451 sbinfo->max_blocks = memparse(value, &rest); 2452 if (*rest) 2453 goto bad_val; 2454 } else if (!strcmp(this_char,"nr_inodes")) { 2455 sbinfo->max_inodes = memparse(value, &rest); 2456 if (*rest) 2457 goto bad_val; 2458 } else if (!strcmp(this_char,"mode")) { 2459 if (remount) 2460 continue; 2461 sbinfo->mode = simple_strtoul(value, &rest, 8) & 07777; 2462 if (*rest) 2463 goto bad_val; 2464 } else if (!strcmp(this_char,"uid")) { 2465 if (remount) 2466 continue; 2467 sbinfo->uid = simple_strtoul(value, &rest, 0); 2468 if (*rest) 2469 goto bad_val; 2470 } else if (!strcmp(this_char,"gid")) { 2471 if (remount) 2472 continue; 2473 sbinfo->gid = simple_strtoul(value, &rest, 0); 2474 if (*rest) 2475 goto bad_val; 2476 } else if (!strcmp(this_char,"mpol")) { 2477 if (mpol_parse_str(value, &sbinfo->mpol, 1)) 2478 goto bad_val; 2479 } else { 2480 printk(KERN_ERR "tmpfs: Bad mount option %s\n", 2481 this_char); 2482 return 1; 2483 } 2484 } 2485 return 0; 2486 2487 bad_val: 2488 printk(KERN_ERR "tmpfs: Bad value '%s' for mount option '%s'\n", 2489 value, this_char); 2490 return 1; 2491 2492 } 2493 2494 static int shmem_remount_fs(struct super_block *sb, int *flags, char *data) 2495 { 2496 struct shmem_sb_info *sbinfo = SHMEM_SB(sb); 2497 struct shmem_sb_info config = *sbinfo; 2498 unsigned long inodes; 2499 int error = -EINVAL; 2500 2501 if (shmem_parse_options(data, &config, true)) 2502 return error; 2503 2504 spin_lock(&sbinfo->stat_lock); 2505 inodes = sbinfo->max_inodes - sbinfo->free_inodes; 2506 if (percpu_counter_compare(&sbinfo->used_blocks, config.max_blocks) > 0) 2507 goto out; 2508 if (config.max_inodes < inodes) 2509 goto out; 2510 /* 2511 * Those tests also disallow limited->unlimited while any are in 2512 * use, so i_blocks will always be zero when max_blocks is zero; 2513 * but we must separately disallow unlimited->limited, because 2514 * in that case we have no record of how much is already in use. 2515 */ 2516 if (config.max_blocks && !sbinfo->max_blocks) 2517 goto out; 2518 if (config.max_inodes && !sbinfo->max_inodes) 2519 goto out; 2520 2521 error = 0; 2522 sbinfo->max_blocks = config.max_blocks; 2523 sbinfo->max_inodes = config.max_inodes; 2524 sbinfo->free_inodes = config.max_inodes - inodes; 2525 2526 mpol_put(sbinfo->mpol); 2527 sbinfo->mpol = config.mpol; /* transfers initial ref */ 2528 out: 2529 spin_unlock(&sbinfo->stat_lock); 2530 return error; 2531 } 2532 2533 static int shmem_show_options(struct seq_file *seq, struct vfsmount *vfs) 2534 { 2535 struct shmem_sb_info *sbinfo = SHMEM_SB(vfs->mnt_sb); 2536 2537 if (sbinfo->max_blocks != shmem_default_max_blocks()) 2538 seq_printf(seq, ",size=%luk", 2539 sbinfo->max_blocks << (PAGE_CACHE_SHIFT - 10)); 2540 if (sbinfo->max_inodes != shmem_default_max_inodes()) 2541 seq_printf(seq, ",nr_inodes=%lu", sbinfo->max_inodes); 2542 if (sbinfo->mode != (S_IRWXUGO | S_ISVTX)) 2543 seq_printf(seq, ",mode=%03o", sbinfo->mode); 2544 if (sbinfo->uid != 0) 2545 seq_printf(seq, ",uid=%u", sbinfo->uid); 2546 if (sbinfo->gid != 0) 2547 seq_printf(seq, ",gid=%u", sbinfo->gid); 2548 shmem_show_mpol(seq, sbinfo->mpol); 2549 return 0; 2550 } 2551 #endif /* CONFIG_TMPFS */ 2552 2553 static void shmem_put_super(struct super_block *sb) 2554 { 2555 struct shmem_sb_info *sbinfo = SHMEM_SB(sb); 2556 2557 percpu_counter_destroy(&sbinfo->used_blocks); 2558 kfree(sbinfo); 2559 sb->s_fs_info = NULL; 2560 } 2561 2562 int shmem_fill_super(struct super_block *sb, void *data, int silent) 2563 { 2564 struct inode *inode; 2565 struct dentry *root; 2566 struct shmem_sb_info *sbinfo; 2567 int err = -ENOMEM; 2568 2569 /* Round up to L1_CACHE_BYTES to resist false sharing */ 2570 sbinfo = kzalloc(max((int)sizeof(struct shmem_sb_info), 2571 L1_CACHE_BYTES), GFP_KERNEL); 2572 if (!sbinfo) 2573 return -ENOMEM; 2574 2575 sbinfo->mode = S_IRWXUGO | S_ISVTX; 2576 sbinfo->uid = current_fsuid(); 2577 sbinfo->gid = current_fsgid(); 2578 sb->s_fs_info = sbinfo; 2579 2580 #ifdef CONFIG_TMPFS 2581 /* 2582 * Per default we only allow half of the physical ram per 2583 * tmpfs instance, limiting inodes to one per page of lowmem; 2584 * but the internal instance is left unlimited. 2585 */ 2586 if (!(sb->s_flags & MS_NOUSER)) { 2587 sbinfo->max_blocks = shmem_default_max_blocks(); 2588 sbinfo->max_inodes = shmem_default_max_inodes(); 2589 if (shmem_parse_options(data, sbinfo, false)) { 2590 err = -EINVAL; 2591 goto failed; 2592 } 2593 } 2594 sb->s_export_op = &shmem_export_ops; 2595 #else 2596 sb->s_flags |= MS_NOUSER; 2597 #endif 2598 2599 spin_lock_init(&sbinfo->stat_lock); 2600 if (percpu_counter_init(&sbinfo->used_blocks, 0)) 2601 goto failed; 2602 sbinfo->free_inodes = sbinfo->max_inodes; 2603 2604 sb->s_maxbytes = SHMEM_MAX_BYTES; 2605 sb->s_blocksize = PAGE_CACHE_SIZE; 2606 sb->s_blocksize_bits = PAGE_CACHE_SHIFT; 2607 sb->s_magic = TMPFS_MAGIC; 2608 sb->s_op = &shmem_ops; 2609 sb->s_time_gran = 1; 2610 #ifdef CONFIG_TMPFS_XATTR 2611 sb->s_xattr = shmem_xattr_handlers; 2612 #endif 2613 #ifdef CONFIG_TMPFS_POSIX_ACL 2614 sb->s_flags |= MS_POSIXACL; 2615 #endif 2616 2617 inode = shmem_get_inode(sb, NULL, S_IFDIR | sbinfo->mode, 0, VM_NORESERVE); 2618 if (!inode) 2619 goto failed; 2620 inode->i_uid = sbinfo->uid; 2621 inode->i_gid = sbinfo->gid; 2622 root = d_alloc_root(inode); 2623 if (!root) 2624 goto failed_iput; 2625 sb->s_root = root; 2626 return 0; 2627 2628 failed_iput: 2629 iput(inode); 2630 failed: 2631 shmem_put_super(sb); 2632 return err; 2633 } 2634 2635 static struct kmem_cache *shmem_inode_cachep; 2636 2637 static struct inode *shmem_alloc_inode(struct super_block *sb) 2638 { 2639 struct shmem_inode_info *p; 2640 p = (struct shmem_inode_info *)kmem_cache_alloc(shmem_inode_cachep, GFP_KERNEL); 2641 if (!p) 2642 return NULL; 2643 return &p->vfs_inode; 2644 } 2645 2646 static void shmem_i_callback(struct rcu_head *head) 2647 { 2648 struct inode *inode = container_of(head, struct inode, i_rcu); 2649 INIT_LIST_HEAD(&inode->i_dentry); 2650 kmem_cache_free(shmem_inode_cachep, SHMEM_I(inode)); 2651 } 2652 2653 static void shmem_destroy_inode(struct inode *inode) 2654 { 2655 if ((inode->i_mode & S_IFMT) == S_IFREG) { 2656 /* only struct inode is valid if it's an inline symlink */ 2657 mpol_free_shared_policy(&SHMEM_I(inode)->policy); 2658 } 2659 call_rcu(&inode->i_rcu, shmem_i_callback); 2660 } 2661 2662 static void init_once(void *foo) 2663 { 2664 struct shmem_inode_info *p = (struct shmem_inode_info *) foo; 2665 2666 inode_init_once(&p->vfs_inode); 2667 } 2668 2669 static int init_inodecache(void) 2670 { 2671 shmem_inode_cachep = kmem_cache_create("shmem_inode_cache", 2672 sizeof(struct shmem_inode_info), 2673 0, SLAB_PANIC, init_once); 2674 return 0; 2675 } 2676 2677 static void destroy_inodecache(void) 2678 { 2679 kmem_cache_destroy(shmem_inode_cachep); 2680 } 2681 2682 static const struct address_space_operations shmem_aops = { 2683 .writepage = shmem_writepage, 2684 .set_page_dirty = __set_page_dirty_no_writeback, 2685 #ifdef CONFIG_TMPFS 2686 .readpage = shmem_readpage, 2687 .write_begin = shmem_write_begin, 2688 .write_end = shmem_write_end, 2689 #endif 2690 .migratepage = migrate_page, 2691 .error_remove_page = generic_error_remove_page, 2692 }; 2693 2694 static const struct file_operations shmem_file_operations = { 2695 .mmap = shmem_mmap, 2696 #ifdef CONFIG_TMPFS 2697 .llseek = generic_file_llseek, 2698 .read = do_sync_read, 2699 .write = do_sync_write, 2700 .aio_read = shmem_file_aio_read, 2701 .aio_write = generic_file_aio_write, 2702 .fsync = noop_fsync, 2703 .splice_read = generic_file_splice_read, 2704 .splice_write = generic_file_splice_write, 2705 #endif 2706 }; 2707 2708 static const struct inode_operations shmem_inode_operations = { 2709 .setattr = shmem_notify_change, 2710 .truncate_range = shmem_truncate_range, 2711 #ifdef CONFIG_TMPFS_XATTR 2712 .setxattr = shmem_setxattr, 2713 .getxattr = shmem_getxattr, 2714 .listxattr = shmem_listxattr, 2715 .removexattr = shmem_removexattr, 2716 #endif 2717 #ifdef CONFIG_TMPFS_POSIX_ACL 2718 .check_acl = generic_check_acl, 2719 #endif 2720 2721 }; 2722 2723 static const struct inode_operations shmem_dir_inode_operations = { 2724 #ifdef CONFIG_TMPFS 2725 .create = shmem_create, 2726 .lookup = simple_lookup, 2727 .link = shmem_link, 2728 .unlink = shmem_unlink, 2729 .symlink = shmem_symlink, 2730 .mkdir = shmem_mkdir, 2731 .rmdir = shmem_rmdir, 2732 .mknod = shmem_mknod, 2733 .rename = shmem_rename, 2734 #endif 2735 #ifdef CONFIG_TMPFS_XATTR 2736 .setxattr = shmem_setxattr, 2737 .getxattr = shmem_getxattr, 2738 .listxattr = shmem_listxattr, 2739 .removexattr = shmem_removexattr, 2740 #endif 2741 #ifdef CONFIG_TMPFS_POSIX_ACL 2742 .setattr = shmem_notify_change, 2743 .check_acl = generic_check_acl, 2744 #endif 2745 }; 2746 2747 static const struct inode_operations shmem_special_inode_operations = { 2748 #ifdef CONFIG_TMPFS_XATTR 2749 .setxattr = shmem_setxattr, 2750 .getxattr = shmem_getxattr, 2751 .listxattr = shmem_listxattr, 2752 .removexattr = shmem_removexattr, 2753 #endif 2754 #ifdef CONFIG_TMPFS_POSIX_ACL 2755 .setattr = shmem_notify_change, 2756 .check_acl = generic_check_acl, 2757 #endif 2758 }; 2759 2760 static const struct super_operations shmem_ops = { 2761 .alloc_inode = shmem_alloc_inode, 2762 .destroy_inode = shmem_destroy_inode, 2763 #ifdef CONFIG_TMPFS 2764 .statfs = shmem_statfs, 2765 .remount_fs = shmem_remount_fs, 2766 .show_options = shmem_show_options, 2767 #endif 2768 .evict_inode = shmem_evict_inode, 2769 .drop_inode = generic_delete_inode, 2770 .put_super = shmem_put_super, 2771 }; 2772 2773 static const struct vm_operations_struct shmem_vm_ops = { 2774 .fault = shmem_fault, 2775 #ifdef CONFIG_NUMA 2776 .set_policy = shmem_set_policy, 2777 .get_policy = shmem_get_policy, 2778 #endif 2779 }; 2780 2781 2782 static struct dentry *shmem_mount(struct file_system_type *fs_type, 2783 int flags, const char *dev_name, void *data) 2784 { 2785 return mount_nodev(fs_type, flags, data, shmem_fill_super); 2786 } 2787 2788 static struct file_system_type tmpfs_fs_type = { 2789 .owner = THIS_MODULE, 2790 .name = "tmpfs", 2791 .mount = shmem_mount, 2792 .kill_sb = kill_litter_super, 2793 }; 2794 2795 int __init init_tmpfs(void) 2796 { 2797 int error; 2798 2799 error = bdi_init(&shmem_backing_dev_info); 2800 if (error) 2801 goto out4; 2802 2803 error = init_inodecache(); 2804 if (error) 2805 goto out3; 2806 2807 error = register_filesystem(&tmpfs_fs_type); 2808 if (error) { 2809 printk(KERN_ERR "Could not register tmpfs\n"); 2810 goto out2; 2811 } 2812 2813 shm_mnt = vfs_kern_mount(&tmpfs_fs_type, MS_NOUSER, 2814 tmpfs_fs_type.name, NULL); 2815 if (IS_ERR(shm_mnt)) { 2816 error = PTR_ERR(shm_mnt); 2817 printk(KERN_ERR "Could not kern_mount tmpfs\n"); 2818 goto out1; 2819 } 2820 return 0; 2821 2822 out1: 2823 unregister_filesystem(&tmpfs_fs_type); 2824 out2: 2825 destroy_inodecache(); 2826 out3: 2827 bdi_destroy(&shmem_backing_dev_info); 2828 out4: 2829 shm_mnt = ERR_PTR(error); 2830 return error; 2831 } 2832 2833 #ifdef CONFIG_CGROUP_MEM_RES_CTLR 2834 /** 2835 * mem_cgroup_get_shmem_target - find a page or entry assigned to the shmem file 2836 * @inode: the inode to be searched 2837 * @pgoff: the offset to be searched 2838 * @pagep: the pointer for the found page to be stored 2839 * @ent: the pointer for the found swap entry to be stored 2840 * 2841 * If a page is found, refcount of it is incremented. Callers should handle 2842 * these refcount. 2843 */ 2844 void mem_cgroup_get_shmem_target(struct inode *inode, pgoff_t pgoff, 2845 struct page **pagep, swp_entry_t *ent) 2846 { 2847 swp_entry_t entry = { .val = 0 }, *ptr; 2848 struct page *page = NULL; 2849 struct shmem_inode_info *info = SHMEM_I(inode); 2850 2851 if ((pgoff << PAGE_CACHE_SHIFT) >= i_size_read(inode)) 2852 goto out; 2853 2854 spin_lock(&info->lock); 2855 ptr = shmem_swp_entry(info, pgoff, NULL); 2856 #ifdef CONFIG_SWAP 2857 if (ptr && ptr->val) { 2858 entry.val = ptr->val; 2859 page = find_get_page(&swapper_space, entry.val); 2860 } else 2861 #endif 2862 page = find_get_page(inode->i_mapping, pgoff); 2863 if (ptr) 2864 shmem_swp_unmap(ptr); 2865 spin_unlock(&info->lock); 2866 out: 2867 *pagep = page; 2868 *ent = entry; 2869 } 2870 #endif 2871 2872 #else /* !CONFIG_SHMEM */ 2873 2874 /* 2875 * tiny-shmem: simple shmemfs and tmpfs using ramfs code 2876 * 2877 * This is intended for small system where the benefits of the full 2878 * shmem code (swap-backed and resource-limited) are outweighed by 2879 * their complexity. On systems without swap this code should be 2880 * effectively equivalent, but much lighter weight. 2881 */ 2882 2883 #include <linux/ramfs.h> 2884 2885 static struct file_system_type tmpfs_fs_type = { 2886 .name = "tmpfs", 2887 .mount = ramfs_mount, 2888 .kill_sb = kill_litter_super, 2889 }; 2890 2891 int __init init_tmpfs(void) 2892 { 2893 BUG_ON(register_filesystem(&tmpfs_fs_type) != 0); 2894 2895 shm_mnt = kern_mount(&tmpfs_fs_type); 2896 BUG_ON(IS_ERR(shm_mnt)); 2897 2898 return 0; 2899 } 2900 2901 int shmem_unuse(swp_entry_t entry, struct page *page) 2902 { 2903 return 0; 2904 } 2905 2906 int shmem_lock(struct file *file, int lock, struct user_struct *user) 2907 { 2908 return 0; 2909 } 2910 2911 #ifdef CONFIG_CGROUP_MEM_RES_CTLR 2912 /** 2913 * mem_cgroup_get_shmem_target - find a page or entry assigned to the shmem file 2914 * @inode: the inode to be searched 2915 * @pgoff: the offset to be searched 2916 * @pagep: the pointer for the found page to be stored 2917 * @ent: the pointer for the found swap entry to be stored 2918 * 2919 * If a page is found, refcount of it is incremented. Callers should handle 2920 * these refcount. 2921 */ 2922 void mem_cgroup_get_shmem_target(struct inode *inode, pgoff_t pgoff, 2923 struct page **pagep, swp_entry_t *ent) 2924 { 2925 struct page *page = NULL; 2926 2927 if ((pgoff << PAGE_CACHE_SHIFT) >= i_size_read(inode)) 2928 goto out; 2929 page = find_get_page(inode->i_mapping, pgoff); 2930 out: 2931 *pagep = page; 2932 *ent = (swp_entry_t){ .val = 0 }; 2933 } 2934 #endif 2935 2936 #define shmem_vm_ops generic_file_vm_ops 2937 #define shmem_file_operations ramfs_file_operations 2938 #define shmem_get_inode(sb, dir, mode, dev, flags) ramfs_get_inode(sb, dir, mode, dev) 2939 #define shmem_acct_size(flags, size) 0 2940 #define shmem_unacct_size(flags, size) do {} while (0) 2941 #define SHMEM_MAX_BYTES MAX_LFS_FILESIZE 2942 2943 #endif /* CONFIG_SHMEM */ 2944 2945 /* common code */ 2946 2947 /** 2948 * shmem_file_setup - get an unlinked file living in tmpfs 2949 * @name: name for dentry (to be seen in /proc/<pid>/maps 2950 * @size: size to be set for the file 2951 * @flags: VM_NORESERVE suppresses pre-accounting of the entire object size 2952 */ 2953 struct file *shmem_file_setup(const char *name, loff_t size, unsigned long flags) 2954 { 2955 int error; 2956 struct file *file; 2957 struct inode *inode; 2958 struct path path; 2959 struct dentry *root; 2960 struct qstr this; 2961 2962 if (IS_ERR(shm_mnt)) 2963 return (void *)shm_mnt; 2964 2965 if (size < 0 || size > SHMEM_MAX_BYTES) 2966 return ERR_PTR(-EINVAL); 2967 2968 if (shmem_acct_size(flags, size)) 2969 return ERR_PTR(-ENOMEM); 2970 2971 error = -ENOMEM; 2972 this.name = name; 2973 this.len = strlen(name); 2974 this.hash = 0; /* will go */ 2975 root = shm_mnt->mnt_root; 2976 path.dentry = d_alloc(root, &this); 2977 if (!path.dentry) 2978 goto put_memory; 2979 path.mnt = mntget(shm_mnt); 2980 2981 error = -ENOSPC; 2982 inode = shmem_get_inode(root->d_sb, NULL, S_IFREG | S_IRWXUGO, 0, flags); 2983 if (!inode) 2984 goto put_dentry; 2985 2986 d_instantiate(path.dentry, inode); 2987 inode->i_size = size; 2988 inode->i_nlink = 0; /* It is unlinked */ 2989 #ifndef CONFIG_MMU 2990 error = ramfs_nommu_expand_for_mapping(inode, size); 2991 if (error) 2992 goto put_dentry; 2993 #endif 2994 2995 error = -ENFILE; 2996 file = alloc_file(&path, FMODE_WRITE | FMODE_READ, 2997 &shmem_file_operations); 2998 if (!file) 2999 goto put_dentry; 3000 3001 return file; 3002 3003 put_dentry: 3004 path_put(&path); 3005 put_memory: 3006 shmem_unacct_size(flags, size); 3007 return ERR_PTR(error); 3008 } 3009 EXPORT_SYMBOL_GPL(shmem_file_setup); 3010 3011 /** 3012 * shmem_zero_setup - setup a shared anonymous mapping 3013 * @vma: the vma to be mmapped is prepared by do_mmap_pgoff 3014 */ 3015 int shmem_zero_setup(struct vm_area_struct *vma) 3016 { 3017 struct file *file; 3018 loff_t size = vma->vm_end - vma->vm_start; 3019 3020 file = shmem_file_setup("dev/zero", size, vma->vm_flags); 3021 if (IS_ERR(file)) 3022 return PTR_ERR(file); 3023 3024 if (vma->vm_file) 3025 fput(vma->vm_file); 3026 vma->vm_file = file; 3027 vma->vm_ops = &shmem_vm_ops; 3028 vma->vm_flags |= VM_CAN_NONLINEAR; 3029 return 0; 3030 } 3031