1 /* 2 * Resizable virtual memory filesystem for Linux. 3 * 4 * Copyright (C) 2000 Linus Torvalds. 5 * 2000 Transmeta Corp. 6 * 2000-2001 Christoph Rohland 7 * 2000-2001 SAP AG 8 * 2002 Red Hat Inc. 9 * Copyright (C) 2002-2011 Hugh Dickins. 10 * Copyright (C) 2011 Google Inc. 11 * Copyright (C) 2002-2005 VERITAS Software Corporation. 12 * Copyright (C) 2004 Andi Kleen, SuSE Labs 13 * 14 * Extended attribute support for tmpfs: 15 * Copyright (c) 2004, Luke Kenneth Casson Leighton <lkcl@lkcl.net> 16 * Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com> 17 * 18 * tiny-shmem: 19 * Copyright (c) 2004, 2008 Matt Mackall <mpm@selenic.com> 20 * 21 * This file is released under the GPL. 22 */ 23 24 #include <linux/fs.h> 25 #include <linux/init.h> 26 #include <linux/vfs.h> 27 #include <linux/mount.h> 28 #include <linux/pagemap.h> 29 #include <linux/file.h> 30 #include <linux/mm.h> 31 #include <linux/export.h> 32 #include <linux/swap.h> 33 34 static struct vfsmount *shm_mnt; 35 36 #ifdef CONFIG_SHMEM 37 /* 38 * This virtual memory filesystem is heavily based on the ramfs. It 39 * extends ramfs by the ability to use swap and honor resource limits 40 * which makes it a completely usable filesystem. 41 */ 42 43 #include <linux/xattr.h> 44 #include <linux/exportfs.h> 45 #include <linux/posix_acl.h> 46 #include <linux/generic_acl.h> 47 #include <linux/mman.h> 48 #include <linux/string.h> 49 #include <linux/slab.h> 50 #include <linux/backing-dev.h> 51 #include <linux/shmem_fs.h> 52 #include <linux/writeback.h> 53 #include <linux/blkdev.h> 54 #include <linux/pagevec.h> 55 #include <linux/percpu_counter.h> 56 #include <linux/splice.h> 57 #include <linux/security.h> 58 #include <linux/swapops.h> 59 #include <linux/mempolicy.h> 60 #include <linux/namei.h> 61 #include <linux/ctype.h> 62 #include <linux/migrate.h> 63 #include <linux/highmem.h> 64 #include <linux/seq_file.h> 65 #include <linux/magic.h> 66 67 #include <asm/uaccess.h> 68 #include <asm/pgtable.h> 69 70 #define BLOCKS_PER_PAGE (PAGE_CACHE_SIZE/512) 71 #define VM_ACCT(size) (PAGE_CACHE_ALIGN(size) >> PAGE_SHIFT) 72 73 /* Pretend that each entry is of this size in directory's i_size */ 74 #define BOGO_DIRENT_SIZE 20 75 76 /* Symlink up to this size is kmalloc'ed instead of using a swappable page */ 77 #define SHORT_SYMLINK_LEN 128 78 79 struct shmem_xattr { 80 struct list_head list; /* anchored by shmem_inode_info->xattr_list */ 81 char *name; /* xattr name */ 82 size_t size; 83 char value[0]; 84 }; 85 86 /* Flag allocation requirements to shmem_getpage */ 87 enum sgp_type { 88 SGP_READ, /* don't exceed i_size, don't allocate page */ 89 SGP_CACHE, /* don't exceed i_size, may allocate page */ 90 SGP_DIRTY, /* like SGP_CACHE, but set new page dirty */ 91 SGP_WRITE, /* may exceed i_size, may allocate page */ 92 }; 93 94 #ifdef CONFIG_TMPFS 95 static unsigned long shmem_default_max_blocks(void) 96 { 97 return totalram_pages / 2; 98 } 99 100 static unsigned long shmem_default_max_inodes(void) 101 { 102 return min(totalram_pages - totalhigh_pages, totalram_pages / 2); 103 } 104 #endif 105 106 static int shmem_getpage_gfp(struct inode *inode, pgoff_t index, 107 struct page **pagep, enum sgp_type sgp, gfp_t gfp, int *fault_type); 108 109 static inline int shmem_getpage(struct inode *inode, pgoff_t index, 110 struct page **pagep, enum sgp_type sgp, int *fault_type) 111 { 112 return shmem_getpage_gfp(inode, index, pagep, sgp, 113 mapping_gfp_mask(inode->i_mapping), fault_type); 114 } 115 116 static inline struct shmem_sb_info *SHMEM_SB(struct super_block *sb) 117 { 118 return sb->s_fs_info; 119 } 120 121 /* 122 * shmem_file_setup pre-accounts the whole fixed size of a VM object, 123 * for shared memory and for shared anonymous (/dev/zero) mappings 124 * (unless MAP_NORESERVE and sysctl_overcommit_memory <= 1), 125 * consistent with the pre-accounting of private mappings ... 126 */ 127 static inline int shmem_acct_size(unsigned long flags, loff_t size) 128 { 129 return (flags & VM_NORESERVE) ? 130 0 : security_vm_enough_memory_kern(VM_ACCT(size)); 131 } 132 133 static inline void shmem_unacct_size(unsigned long flags, loff_t size) 134 { 135 if (!(flags & VM_NORESERVE)) 136 vm_unacct_memory(VM_ACCT(size)); 137 } 138 139 /* 140 * ... whereas tmpfs objects are accounted incrementally as 141 * pages are allocated, in order to allow huge sparse files. 142 * shmem_getpage reports shmem_acct_block failure as -ENOSPC not -ENOMEM, 143 * so that a failure on a sparse tmpfs mapping will give SIGBUS not OOM. 144 */ 145 static inline int shmem_acct_block(unsigned long flags) 146 { 147 return (flags & VM_NORESERVE) ? 148 security_vm_enough_memory_kern(VM_ACCT(PAGE_CACHE_SIZE)) : 0; 149 } 150 151 static inline void shmem_unacct_blocks(unsigned long flags, long pages) 152 { 153 if (flags & VM_NORESERVE) 154 vm_unacct_memory(pages * VM_ACCT(PAGE_CACHE_SIZE)); 155 } 156 157 static const struct super_operations shmem_ops; 158 static const struct address_space_operations shmem_aops; 159 static const struct file_operations shmem_file_operations; 160 static const struct inode_operations shmem_inode_operations; 161 static const struct inode_operations shmem_dir_inode_operations; 162 static const struct inode_operations shmem_special_inode_operations; 163 static const struct vm_operations_struct shmem_vm_ops; 164 165 static struct backing_dev_info shmem_backing_dev_info __read_mostly = { 166 .ra_pages = 0, /* No readahead */ 167 .capabilities = BDI_CAP_NO_ACCT_AND_WRITEBACK | BDI_CAP_SWAP_BACKED, 168 }; 169 170 static LIST_HEAD(shmem_swaplist); 171 static DEFINE_MUTEX(shmem_swaplist_mutex); 172 173 static int shmem_reserve_inode(struct super_block *sb) 174 { 175 struct shmem_sb_info *sbinfo = SHMEM_SB(sb); 176 if (sbinfo->max_inodes) { 177 spin_lock(&sbinfo->stat_lock); 178 if (!sbinfo->free_inodes) { 179 spin_unlock(&sbinfo->stat_lock); 180 return -ENOSPC; 181 } 182 sbinfo->free_inodes--; 183 spin_unlock(&sbinfo->stat_lock); 184 } 185 return 0; 186 } 187 188 static void shmem_free_inode(struct super_block *sb) 189 { 190 struct shmem_sb_info *sbinfo = SHMEM_SB(sb); 191 if (sbinfo->max_inodes) { 192 spin_lock(&sbinfo->stat_lock); 193 sbinfo->free_inodes++; 194 spin_unlock(&sbinfo->stat_lock); 195 } 196 } 197 198 /** 199 * shmem_recalc_inode - recalculate the block usage of an inode 200 * @inode: inode to recalc 201 * 202 * We have to calculate the free blocks since the mm can drop 203 * undirtied hole pages behind our back. 204 * 205 * But normally info->alloced == inode->i_mapping->nrpages + info->swapped 206 * So mm freed is info->alloced - (inode->i_mapping->nrpages + info->swapped) 207 * 208 * It has to be called with the spinlock held. 209 */ 210 static void shmem_recalc_inode(struct inode *inode) 211 { 212 struct shmem_inode_info *info = SHMEM_I(inode); 213 long freed; 214 215 freed = info->alloced - info->swapped - inode->i_mapping->nrpages; 216 if (freed > 0) { 217 struct shmem_sb_info *sbinfo = SHMEM_SB(inode->i_sb); 218 if (sbinfo->max_blocks) 219 percpu_counter_add(&sbinfo->used_blocks, -freed); 220 info->alloced -= freed; 221 inode->i_blocks -= freed * BLOCKS_PER_PAGE; 222 shmem_unacct_blocks(info->flags, freed); 223 } 224 } 225 226 /* 227 * Replace item expected in radix tree by a new item, while holding tree lock. 228 */ 229 static int shmem_radix_tree_replace(struct address_space *mapping, 230 pgoff_t index, void *expected, void *replacement) 231 { 232 void **pslot; 233 void *item = NULL; 234 235 VM_BUG_ON(!expected); 236 pslot = radix_tree_lookup_slot(&mapping->page_tree, index); 237 if (pslot) 238 item = radix_tree_deref_slot_protected(pslot, 239 &mapping->tree_lock); 240 if (item != expected) 241 return -ENOENT; 242 if (replacement) 243 radix_tree_replace_slot(pslot, replacement); 244 else 245 radix_tree_delete(&mapping->page_tree, index); 246 return 0; 247 } 248 249 /* 250 * Like add_to_page_cache_locked, but error if expected item has gone. 251 */ 252 static int shmem_add_to_page_cache(struct page *page, 253 struct address_space *mapping, 254 pgoff_t index, gfp_t gfp, void *expected) 255 { 256 int error = 0; 257 258 VM_BUG_ON(!PageLocked(page)); 259 VM_BUG_ON(!PageSwapBacked(page)); 260 261 if (!expected) 262 error = radix_tree_preload(gfp & GFP_RECLAIM_MASK); 263 if (!error) { 264 page_cache_get(page); 265 page->mapping = mapping; 266 page->index = index; 267 268 spin_lock_irq(&mapping->tree_lock); 269 if (!expected) 270 error = radix_tree_insert(&mapping->page_tree, 271 index, page); 272 else 273 error = shmem_radix_tree_replace(mapping, index, 274 expected, page); 275 if (!error) { 276 mapping->nrpages++; 277 __inc_zone_page_state(page, NR_FILE_PAGES); 278 __inc_zone_page_state(page, NR_SHMEM); 279 spin_unlock_irq(&mapping->tree_lock); 280 } else { 281 page->mapping = NULL; 282 spin_unlock_irq(&mapping->tree_lock); 283 page_cache_release(page); 284 } 285 if (!expected) 286 radix_tree_preload_end(); 287 } 288 if (error) 289 mem_cgroup_uncharge_cache_page(page); 290 return error; 291 } 292 293 /* 294 * Like delete_from_page_cache, but substitutes swap for page. 295 */ 296 static void shmem_delete_from_page_cache(struct page *page, void *radswap) 297 { 298 struct address_space *mapping = page->mapping; 299 int error; 300 301 spin_lock_irq(&mapping->tree_lock); 302 error = shmem_radix_tree_replace(mapping, page->index, page, radswap); 303 page->mapping = NULL; 304 mapping->nrpages--; 305 __dec_zone_page_state(page, NR_FILE_PAGES); 306 __dec_zone_page_state(page, NR_SHMEM); 307 spin_unlock_irq(&mapping->tree_lock); 308 page_cache_release(page); 309 BUG_ON(error); 310 } 311 312 /* 313 * Like find_get_pages, but collecting swap entries as well as pages. 314 */ 315 static unsigned shmem_find_get_pages_and_swap(struct address_space *mapping, 316 pgoff_t start, unsigned int nr_pages, 317 struct page **pages, pgoff_t *indices) 318 { 319 unsigned int i; 320 unsigned int ret; 321 unsigned int nr_found; 322 323 rcu_read_lock(); 324 restart: 325 nr_found = radix_tree_gang_lookup_slot(&mapping->page_tree, 326 (void ***)pages, indices, start, nr_pages); 327 ret = 0; 328 for (i = 0; i < nr_found; i++) { 329 struct page *page; 330 repeat: 331 page = radix_tree_deref_slot((void **)pages[i]); 332 if (unlikely(!page)) 333 continue; 334 if (radix_tree_exception(page)) { 335 if (radix_tree_deref_retry(page)) 336 goto restart; 337 /* 338 * Otherwise, we must be storing a swap entry 339 * here as an exceptional entry: so return it 340 * without attempting to raise page count. 341 */ 342 goto export; 343 } 344 if (!page_cache_get_speculative(page)) 345 goto repeat; 346 347 /* Has the page moved? */ 348 if (unlikely(page != *((void **)pages[i]))) { 349 page_cache_release(page); 350 goto repeat; 351 } 352 export: 353 indices[ret] = indices[i]; 354 pages[ret] = page; 355 ret++; 356 } 357 if (unlikely(!ret && nr_found)) 358 goto restart; 359 rcu_read_unlock(); 360 return ret; 361 } 362 363 /* 364 * Remove swap entry from radix tree, free the swap and its page cache. 365 */ 366 static int shmem_free_swap(struct address_space *mapping, 367 pgoff_t index, void *radswap) 368 { 369 int error; 370 371 spin_lock_irq(&mapping->tree_lock); 372 error = shmem_radix_tree_replace(mapping, index, radswap, NULL); 373 spin_unlock_irq(&mapping->tree_lock); 374 if (!error) 375 free_swap_and_cache(radix_to_swp_entry(radswap)); 376 return error; 377 } 378 379 /* 380 * Pagevec may contain swap entries, so shuffle up pages before releasing. 381 */ 382 static void shmem_pagevec_release(struct pagevec *pvec) 383 { 384 int i, j; 385 386 for (i = 0, j = 0; i < pagevec_count(pvec); i++) { 387 struct page *page = pvec->pages[i]; 388 if (!radix_tree_exceptional_entry(page)) 389 pvec->pages[j++] = page; 390 } 391 pvec->nr = j; 392 pagevec_release(pvec); 393 } 394 395 /* 396 * Remove range of pages and swap entries from radix tree, and free them. 397 */ 398 void shmem_truncate_range(struct inode *inode, loff_t lstart, loff_t lend) 399 { 400 struct address_space *mapping = inode->i_mapping; 401 struct shmem_inode_info *info = SHMEM_I(inode); 402 pgoff_t start = (lstart + PAGE_CACHE_SIZE - 1) >> PAGE_CACHE_SHIFT; 403 unsigned partial = lstart & (PAGE_CACHE_SIZE - 1); 404 pgoff_t end = (lend >> PAGE_CACHE_SHIFT); 405 struct pagevec pvec; 406 pgoff_t indices[PAGEVEC_SIZE]; 407 long nr_swaps_freed = 0; 408 pgoff_t index; 409 int i; 410 411 BUG_ON((lend & (PAGE_CACHE_SIZE - 1)) != (PAGE_CACHE_SIZE - 1)); 412 413 pagevec_init(&pvec, 0); 414 index = start; 415 while (index <= end) { 416 pvec.nr = shmem_find_get_pages_and_swap(mapping, index, 417 min(end - index, (pgoff_t)PAGEVEC_SIZE - 1) + 1, 418 pvec.pages, indices); 419 if (!pvec.nr) 420 break; 421 mem_cgroup_uncharge_start(); 422 for (i = 0; i < pagevec_count(&pvec); i++) { 423 struct page *page = pvec.pages[i]; 424 425 index = indices[i]; 426 if (index > end) 427 break; 428 429 if (radix_tree_exceptional_entry(page)) { 430 nr_swaps_freed += !shmem_free_swap(mapping, 431 index, page); 432 continue; 433 } 434 435 if (!trylock_page(page)) 436 continue; 437 if (page->mapping == mapping) { 438 VM_BUG_ON(PageWriteback(page)); 439 truncate_inode_page(mapping, page); 440 } 441 unlock_page(page); 442 } 443 shmem_pagevec_release(&pvec); 444 mem_cgroup_uncharge_end(); 445 cond_resched(); 446 index++; 447 } 448 449 if (partial) { 450 struct page *page = NULL; 451 shmem_getpage(inode, start - 1, &page, SGP_READ, NULL); 452 if (page) { 453 zero_user_segment(page, partial, PAGE_CACHE_SIZE); 454 set_page_dirty(page); 455 unlock_page(page); 456 page_cache_release(page); 457 } 458 } 459 460 index = start; 461 for ( ; ; ) { 462 cond_resched(); 463 pvec.nr = shmem_find_get_pages_and_swap(mapping, index, 464 min(end - index, (pgoff_t)PAGEVEC_SIZE - 1) + 1, 465 pvec.pages, indices); 466 if (!pvec.nr) { 467 if (index == start) 468 break; 469 index = start; 470 continue; 471 } 472 if (index == start && indices[0] > end) { 473 shmem_pagevec_release(&pvec); 474 break; 475 } 476 mem_cgroup_uncharge_start(); 477 for (i = 0; i < pagevec_count(&pvec); i++) { 478 struct page *page = pvec.pages[i]; 479 480 index = indices[i]; 481 if (index > end) 482 break; 483 484 if (radix_tree_exceptional_entry(page)) { 485 nr_swaps_freed += !shmem_free_swap(mapping, 486 index, page); 487 continue; 488 } 489 490 lock_page(page); 491 if (page->mapping == mapping) { 492 VM_BUG_ON(PageWriteback(page)); 493 truncate_inode_page(mapping, page); 494 } 495 unlock_page(page); 496 } 497 shmem_pagevec_release(&pvec); 498 mem_cgroup_uncharge_end(); 499 index++; 500 } 501 502 spin_lock(&info->lock); 503 info->swapped -= nr_swaps_freed; 504 shmem_recalc_inode(inode); 505 spin_unlock(&info->lock); 506 507 inode->i_ctime = inode->i_mtime = CURRENT_TIME; 508 } 509 EXPORT_SYMBOL_GPL(shmem_truncate_range); 510 511 static int shmem_setattr(struct dentry *dentry, struct iattr *attr) 512 { 513 struct inode *inode = dentry->d_inode; 514 int error; 515 516 error = inode_change_ok(inode, attr); 517 if (error) 518 return error; 519 520 if (S_ISREG(inode->i_mode) && (attr->ia_valid & ATTR_SIZE)) { 521 loff_t oldsize = inode->i_size; 522 loff_t newsize = attr->ia_size; 523 524 if (newsize != oldsize) { 525 i_size_write(inode, newsize); 526 inode->i_ctime = inode->i_mtime = CURRENT_TIME; 527 } 528 if (newsize < oldsize) { 529 loff_t holebegin = round_up(newsize, PAGE_SIZE); 530 unmap_mapping_range(inode->i_mapping, holebegin, 0, 1); 531 shmem_truncate_range(inode, newsize, (loff_t)-1); 532 /* unmap again to remove racily COWed private pages */ 533 unmap_mapping_range(inode->i_mapping, holebegin, 0, 1); 534 } 535 } 536 537 setattr_copy(inode, attr); 538 #ifdef CONFIG_TMPFS_POSIX_ACL 539 if (attr->ia_valid & ATTR_MODE) 540 error = generic_acl_chmod(inode); 541 #endif 542 return error; 543 } 544 545 static void shmem_evict_inode(struct inode *inode) 546 { 547 struct shmem_inode_info *info = SHMEM_I(inode); 548 struct shmem_xattr *xattr, *nxattr; 549 550 if (inode->i_mapping->a_ops == &shmem_aops) { 551 shmem_unacct_size(info->flags, inode->i_size); 552 inode->i_size = 0; 553 shmem_truncate_range(inode, 0, (loff_t)-1); 554 if (!list_empty(&info->swaplist)) { 555 mutex_lock(&shmem_swaplist_mutex); 556 list_del_init(&info->swaplist); 557 mutex_unlock(&shmem_swaplist_mutex); 558 } 559 } else 560 kfree(info->symlink); 561 562 list_for_each_entry_safe(xattr, nxattr, &info->xattr_list, list) { 563 kfree(xattr->name); 564 kfree(xattr); 565 } 566 BUG_ON(inode->i_blocks); 567 shmem_free_inode(inode->i_sb); 568 end_writeback(inode); 569 } 570 571 /* 572 * If swap found in inode, free it and move page from swapcache to filecache. 573 */ 574 static int shmem_unuse_inode(struct shmem_inode_info *info, 575 swp_entry_t swap, struct page *page) 576 { 577 struct address_space *mapping = info->vfs_inode.i_mapping; 578 void *radswap; 579 pgoff_t index; 580 int error; 581 582 radswap = swp_to_radix_entry(swap); 583 index = radix_tree_locate_item(&mapping->page_tree, radswap); 584 if (index == -1) 585 return 0; 586 587 /* 588 * Move _head_ to start search for next from here. 589 * But be careful: shmem_evict_inode checks list_empty without taking 590 * mutex, and there's an instant in list_move_tail when info->swaplist 591 * would appear empty, if it were the only one on shmem_swaplist. 592 */ 593 if (shmem_swaplist.next != &info->swaplist) 594 list_move_tail(&shmem_swaplist, &info->swaplist); 595 596 /* 597 * We rely on shmem_swaplist_mutex, not only to protect the swaplist, 598 * but also to hold up shmem_evict_inode(): so inode cannot be freed 599 * beneath us (pagelock doesn't help until the page is in pagecache). 600 */ 601 error = shmem_add_to_page_cache(page, mapping, index, 602 GFP_NOWAIT, radswap); 603 /* which does mem_cgroup_uncharge_cache_page on error */ 604 605 if (error != -ENOMEM) { 606 /* 607 * Truncation and eviction use free_swap_and_cache(), which 608 * only does trylock page: if we raced, best clean up here. 609 */ 610 delete_from_swap_cache(page); 611 set_page_dirty(page); 612 if (!error) { 613 spin_lock(&info->lock); 614 info->swapped--; 615 spin_unlock(&info->lock); 616 swap_free(swap); 617 } 618 error = 1; /* not an error, but entry was found */ 619 } 620 return error; 621 } 622 623 /* 624 * Search through swapped inodes to find and replace swap by page. 625 */ 626 int shmem_unuse(swp_entry_t swap, struct page *page) 627 { 628 struct list_head *this, *next; 629 struct shmem_inode_info *info; 630 int found = 0; 631 int error; 632 633 /* 634 * Charge page using GFP_KERNEL while we can wait, before taking 635 * the shmem_swaplist_mutex which might hold up shmem_writepage(). 636 * Charged back to the user (not to caller) when swap account is used. 637 */ 638 error = mem_cgroup_cache_charge(page, current->mm, GFP_KERNEL); 639 if (error) 640 goto out; 641 /* No radix_tree_preload: swap entry keeps a place for page in tree */ 642 643 mutex_lock(&shmem_swaplist_mutex); 644 list_for_each_safe(this, next, &shmem_swaplist) { 645 info = list_entry(this, struct shmem_inode_info, swaplist); 646 if (info->swapped) 647 found = shmem_unuse_inode(info, swap, page); 648 else 649 list_del_init(&info->swaplist); 650 cond_resched(); 651 if (found) 652 break; 653 } 654 mutex_unlock(&shmem_swaplist_mutex); 655 656 if (!found) 657 mem_cgroup_uncharge_cache_page(page); 658 if (found < 0) 659 error = found; 660 out: 661 unlock_page(page); 662 page_cache_release(page); 663 return error; 664 } 665 666 /* 667 * Move the page from the page cache to the swap cache. 668 */ 669 static int shmem_writepage(struct page *page, struct writeback_control *wbc) 670 { 671 struct shmem_inode_info *info; 672 struct address_space *mapping; 673 struct inode *inode; 674 swp_entry_t swap; 675 pgoff_t index; 676 677 BUG_ON(!PageLocked(page)); 678 mapping = page->mapping; 679 index = page->index; 680 inode = mapping->host; 681 info = SHMEM_I(inode); 682 if (info->flags & VM_LOCKED) 683 goto redirty; 684 if (!total_swap_pages) 685 goto redirty; 686 687 /* 688 * shmem_backing_dev_info's capabilities prevent regular writeback or 689 * sync from ever calling shmem_writepage; but a stacking filesystem 690 * might use ->writepage of its underlying filesystem, in which case 691 * tmpfs should write out to swap only in response to memory pressure, 692 * and not for the writeback threads or sync. 693 */ 694 if (!wbc->for_reclaim) { 695 WARN_ON_ONCE(1); /* Still happens? Tell us about it! */ 696 goto redirty; 697 } 698 swap = get_swap_page(); 699 if (!swap.val) 700 goto redirty; 701 702 /* 703 * Add inode to shmem_unuse()'s list of swapped-out inodes, 704 * if it's not already there. Do it now before the page is 705 * moved to swap cache, when its pagelock no longer protects 706 * the inode from eviction. But don't unlock the mutex until 707 * we've incremented swapped, because shmem_unuse_inode() will 708 * prune a !swapped inode from the swaplist under this mutex. 709 */ 710 mutex_lock(&shmem_swaplist_mutex); 711 if (list_empty(&info->swaplist)) 712 list_add_tail(&info->swaplist, &shmem_swaplist); 713 714 if (add_to_swap_cache(page, swap, GFP_ATOMIC) == 0) { 715 swap_shmem_alloc(swap); 716 shmem_delete_from_page_cache(page, swp_to_radix_entry(swap)); 717 718 spin_lock(&info->lock); 719 info->swapped++; 720 shmem_recalc_inode(inode); 721 spin_unlock(&info->lock); 722 723 mutex_unlock(&shmem_swaplist_mutex); 724 BUG_ON(page_mapped(page)); 725 swap_writepage(page, wbc); 726 return 0; 727 } 728 729 mutex_unlock(&shmem_swaplist_mutex); 730 swapcache_free(swap, NULL); 731 redirty: 732 set_page_dirty(page); 733 if (wbc->for_reclaim) 734 return AOP_WRITEPAGE_ACTIVATE; /* Return with page locked */ 735 unlock_page(page); 736 return 0; 737 } 738 739 #ifdef CONFIG_NUMA 740 #ifdef CONFIG_TMPFS 741 static void shmem_show_mpol(struct seq_file *seq, struct mempolicy *mpol) 742 { 743 char buffer[64]; 744 745 if (!mpol || mpol->mode == MPOL_DEFAULT) 746 return; /* show nothing */ 747 748 mpol_to_str(buffer, sizeof(buffer), mpol, 1); 749 750 seq_printf(seq, ",mpol=%s", buffer); 751 } 752 753 static struct mempolicy *shmem_get_sbmpol(struct shmem_sb_info *sbinfo) 754 { 755 struct mempolicy *mpol = NULL; 756 if (sbinfo->mpol) { 757 spin_lock(&sbinfo->stat_lock); /* prevent replace/use races */ 758 mpol = sbinfo->mpol; 759 mpol_get(mpol); 760 spin_unlock(&sbinfo->stat_lock); 761 } 762 return mpol; 763 } 764 #endif /* CONFIG_TMPFS */ 765 766 static struct page *shmem_swapin(swp_entry_t swap, gfp_t gfp, 767 struct shmem_inode_info *info, pgoff_t index) 768 { 769 struct mempolicy mpol, *spol; 770 struct vm_area_struct pvma; 771 772 spol = mpol_cond_copy(&mpol, 773 mpol_shared_policy_lookup(&info->policy, index)); 774 775 /* Create a pseudo vma that just contains the policy */ 776 pvma.vm_start = 0; 777 pvma.vm_pgoff = index; 778 pvma.vm_ops = NULL; 779 pvma.vm_policy = spol; 780 return swapin_readahead(swap, gfp, &pvma, 0); 781 } 782 783 static struct page *shmem_alloc_page(gfp_t gfp, 784 struct shmem_inode_info *info, pgoff_t index) 785 { 786 struct vm_area_struct pvma; 787 788 /* Create a pseudo vma that just contains the policy */ 789 pvma.vm_start = 0; 790 pvma.vm_pgoff = index; 791 pvma.vm_ops = NULL; 792 pvma.vm_policy = mpol_shared_policy_lookup(&info->policy, index); 793 794 /* 795 * alloc_page_vma() will drop the shared policy reference 796 */ 797 return alloc_page_vma(gfp, &pvma, 0); 798 } 799 #else /* !CONFIG_NUMA */ 800 #ifdef CONFIG_TMPFS 801 static inline void shmem_show_mpol(struct seq_file *seq, struct mempolicy *mpol) 802 { 803 } 804 #endif /* CONFIG_TMPFS */ 805 806 static inline struct page *shmem_swapin(swp_entry_t swap, gfp_t gfp, 807 struct shmem_inode_info *info, pgoff_t index) 808 { 809 return swapin_readahead(swap, gfp, NULL, 0); 810 } 811 812 static inline struct page *shmem_alloc_page(gfp_t gfp, 813 struct shmem_inode_info *info, pgoff_t index) 814 { 815 return alloc_page(gfp); 816 } 817 #endif /* CONFIG_NUMA */ 818 819 #if !defined(CONFIG_NUMA) || !defined(CONFIG_TMPFS) 820 static inline struct mempolicy *shmem_get_sbmpol(struct shmem_sb_info *sbinfo) 821 { 822 return NULL; 823 } 824 #endif 825 826 /* 827 * shmem_getpage_gfp - find page in cache, or get from swap, or allocate 828 * 829 * If we allocate a new one we do not mark it dirty. That's up to the 830 * vm. If we swap it in we mark it dirty since we also free the swap 831 * entry since a page cannot live in both the swap and page cache 832 */ 833 static int shmem_getpage_gfp(struct inode *inode, pgoff_t index, 834 struct page **pagep, enum sgp_type sgp, gfp_t gfp, int *fault_type) 835 { 836 struct address_space *mapping = inode->i_mapping; 837 struct shmem_inode_info *info; 838 struct shmem_sb_info *sbinfo; 839 struct page *page; 840 swp_entry_t swap; 841 int error; 842 int once = 0; 843 844 if (index > (MAX_LFS_FILESIZE >> PAGE_CACHE_SHIFT)) 845 return -EFBIG; 846 repeat: 847 swap.val = 0; 848 page = find_lock_page(mapping, index); 849 if (radix_tree_exceptional_entry(page)) { 850 swap = radix_to_swp_entry(page); 851 page = NULL; 852 } 853 854 if (sgp != SGP_WRITE && 855 ((loff_t)index << PAGE_CACHE_SHIFT) >= i_size_read(inode)) { 856 error = -EINVAL; 857 goto failed; 858 } 859 860 if (page || (sgp == SGP_READ && !swap.val)) { 861 /* 862 * Once we can get the page lock, it must be uptodate: 863 * if there were an error in reading back from swap, 864 * the page would not be inserted into the filecache. 865 */ 866 BUG_ON(page && !PageUptodate(page)); 867 *pagep = page; 868 return 0; 869 } 870 871 /* 872 * Fast cache lookup did not find it: 873 * bring it back from swap or allocate. 874 */ 875 info = SHMEM_I(inode); 876 sbinfo = SHMEM_SB(inode->i_sb); 877 878 if (swap.val) { 879 /* Look it up and read it in.. */ 880 page = lookup_swap_cache(swap); 881 if (!page) { 882 /* here we actually do the io */ 883 if (fault_type) 884 *fault_type |= VM_FAULT_MAJOR; 885 page = shmem_swapin(swap, gfp, info, index); 886 if (!page) { 887 error = -ENOMEM; 888 goto failed; 889 } 890 } 891 892 /* We have to do this with page locked to prevent races */ 893 lock_page(page); 894 if (!PageUptodate(page)) { 895 error = -EIO; 896 goto failed; 897 } 898 wait_on_page_writeback(page); 899 900 /* Someone may have already done it for us */ 901 if (page->mapping) { 902 if (page->mapping == mapping && 903 page->index == index) 904 goto done; 905 error = -EEXIST; 906 goto failed; 907 } 908 909 error = mem_cgroup_cache_charge(page, current->mm, 910 gfp & GFP_RECLAIM_MASK); 911 if (!error) 912 error = shmem_add_to_page_cache(page, mapping, index, 913 gfp, swp_to_radix_entry(swap)); 914 if (error) 915 goto failed; 916 917 spin_lock(&info->lock); 918 info->swapped--; 919 shmem_recalc_inode(inode); 920 spin_unlock(&info->lock); 921 922 delete_from_swap_cache(page); 923 set_page_dirty(page); 924 swap_free(swap); 925 926 } else { 927 if (shmem_acct_block(info->flags)) { 928 error = -ENOSPC; 929 goto failed; 930 } 931 if (sbinfo->max_blocks) { 932 if (percpu_counter_compare(&sbinfo->used_blocks, 933 sbinfo->max_blocks) >= 0) { 934 error = -ENOSPC; 935 goto unacct; 936 } 937 percpu_counter_inc(&sbinfo->used_blocks); 938 } 939 940 page = shmem_alloc_page(gfp, info, index); 941 if (!page) { 942 error = -ENOMEM; 943 goto decused; 944 } 945 946 SetPageSwapBacked(page); 947 __set_page_locked(page); 948 error = mem_cgroup_cache_charge(page, current->mm, 949 gfp & GFP_RECLAIM_MASK); 950 if (!error) 951 error = shmem_add_to_page_cache(page, mapping, index, 952 gfp, NULL); 953 if (error) 954 goto decused; 955 lru_cache_add_anon(page); 956 957 spin_lock(&info->lock); 958 info->alloced++; 959 inode->i_blocks += BLOCKS_PER_PAGE; 960 shmem_recalc_inode(inode); 961 spin_unlock(&info->lock); 962 963 clear_highpage(page); 964 flush_dcache_page(page); 965 SetPageUptodate(page); 966 if (sgp == SGP_DIRTY) 967 set_page_dirty(page); 968 } 969 done: 970 /* Perhaps the file has been truncated since we checked */ 971 if (sgp != SGP_WRITE && 972 ((loff_t)index << PAGE_CACHE_SHIFT) >= i_size_read(inode)) { 973 error = -EINVAL; 974 goto trunc; 975 } 976 *pagep = page; 977 return 0; 978 979 /* 980 * Error recovery. 981 */ 982 trunc: 983 ClearPageDirty(page); 984 delete_from_page_cache(page); 985 spin_lock(&info->lock); 986 info->alloced--; 987 inode->i_blocks -= BLOCKS_PER_PAGE; 988 spin_unlock(&info->lock); 989 decused: 990 if (sbinfo->max_blocks) 991 percpu_counter_add(&sbinfo->used_blocks, -1); 992 unacct: 993 shmem_unacct_blocks(info->flags, 1); 994 failed: 995 if (swap.val && error != -EINVAL) { 996 struct page *test = find_get_page(mapping, index); 997 if (test && !radix_tree_exceptional_entry(test)) 998 page_cache_release(test); 999 /* Have another try if the entry has changed */ 1000 if (test != swp_to_radix_entry(swap)) 1001 error = -EEXIST; 1002 } 1003 if (page) { 1004 unlock_page(page); 1005 page_cache_release(page); 1006 } 1007 if (error == -ENOSPC && !once++) { 1008 info = SHMEM_I(inode); 1009 spin_lock(&info->lock); 1010 shmem_recalc_inode(inode); 1011 spin_unlock(&info->lock); 1012 goto repeat; 1013 } 1014 if (error == -EEXIST) 1015 goto repeat; 1016 return error; 1017 } 1018 1019 static int shmem_fault(struct vm_area_struct *vma, struct vm_fault *vmf) 1020 { 1021 struct inode *inode = vma->vm_file->f_path.dentry->d_inode; 1022 int error; 1023 int ret = VM_FAULT_LOCKED; 1024 1025 error = shmem_getpage(inode, vmf->pgoff, &vmf->page, SGP_CACHE, &ret); 1026 if (error) 1027 return ((error == -ENOMEM) ? VM_FAULT_OOM : VM_FAULT_SIGBUS); 1028 1029 if (ret & VM_FAULT_MAJOR) { 1030 count_vm_event(PGMAJFAULT); 1031 mem_cgroup_count_vm_event(vma->vm_mm, PGMAJFAULT); 1032 } 1033 return ret; 1034 } 1035 1036 #ifdef CONFIG_NUMA 1037 static int shmem_set_policy(struct vm_area_struct *vma, struct mempolicy *mpol) 1038 { 1039 struct inode *inode = vma->vm_file->f_path.dentry->d_inode; 1040 return mpol_set_shared_policy(&SHMEM_I(inode)->policy, vma, mpol); 1041 } 1042 1043 static struct mempolicy *shmem_get_policy(struct vm_area_struct *vma, 1044 unsigned long addr) 1045 { 1046 struct inode *inode = vma->vm_file->f_path.dentry->d_inode; 1047 pgoff_t index; 1048 1049 index = ((addr - vma->vm_start) >> PAGE_SHIFT) + vma->vm_pgoff; 1050 return mpol_shared_policy_lookup(&SHMEM_I(inode)->policy, index); 1051 } 1052 #endif 1053 1054 int shmem_lock(struct file *file, int lock, struct user_struct *user) 1055 { 1056 struct inode *inode = file->f_path.dentry->d_inode; 1057 struct shmem_inode_info *info = SHMEM_I(inode); 1058 int retval = -ENOMEM; 1059 1060 spin_lock(&info->lock); 1061 if (lock && !(info->flags & VM_LOCKED)) { 1062 if (!user_shm_lock(inode->i_size, user)) 1063 goto out_nomem; 1064 info->flags |= VM_LOCKED; 1065 mapping_set_unevictable(file->f_mapping); 1066 } 1067 if (!lock && (info->flags & VM_LOCKED) && user) { 1068 user_shm_unlock(inode->i_size, user); 1069 info->flags &= ~VM_LOCKED; 1070 mapping_clear_unevictable(file->f_mapping); 1071 /* 1072 * Ensure that a racing putback_lru_page() can see 1073 * the pages of this mapping are evictable when we 1074 * skip them due to !PageLRU during the scan. 1075 */ 1076 smp_mb__after_clear_bit(); 1077 scan_mapping_unevictable_pages(file->f_mapping); 1078 } 1079 retval = 0; 1080 1081 out_nomem: 1082 spin_unlock(&info->lock); 1083 return retval; 1084 } 1085 1086 static int shmem_mmap(struct file *file, struct vm_area_struct *vma) 1087 { 1088 file_accessed(file); 1089 vma->vm_ops = &shmem_vm_ops; 1090 vma->vm_flags |= VM_CAN_NONLINEAR; 1091 return 0; 1092 } 1093 1094 static struct inode *shmem_get_inode(struct super_block *sb, const struct inode *dir, 1095 umode_t mode, dev_t dev, unsigned long flags) 1096 { 1097 struct inode *inode; 1098 struct shmem_inode_info *info; 1099 struct shmem_sb_info *sbinfo = SHMEM_SB(sb); 1100 1101 if (shmem_reserve_inode(sb)) 1102 return NULL; 1103 1104 inode = new_inode(sb); 1105 if (inode) { 1106 inode->i_ino = get_next_ino(); 1107 inode_init_owner(inode, dir, mode); 1108 inode->i_blocks = 0; 1109 inode->i_mapping->backing_dev_info = &shmem_backing_dev_info; 1110 inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME; 1111 inode->i_generation = get_seconds(); 1112 info = SHMEM_I(inode); 1113 memset(info, 0, (char *)inode - (char *)info); 1114 spin_lock_init(&info->lock); 1115 info->flags = flags & VM_NORESERVE; 1116 INIT_LIST_HEAD(&info->swaplist); 1117 INIT_LIST_HEAD(&info->xattr_list); 1118 cache_no_acl(inode); 1119 1120 switch (mode & S_IFMT) { 1121 default: 1122 inode->i_op = &shmem_special_inode_operations; 1123 init_special_inode(inode, mode, dev); 1124 break; 1125 case S_IFREG: 1126 inode->i_mapping->a_ops = &shmem_aops; 1127 inode->i_op = &shmem_inode_operations; 1128 inode->i_fop = &shmem_file_operations; 1129 mpol_shared_policy_init(&info->policy, 1130 shmem_get_sbmpol(sbinfo)); 1131 break; 1132 case S_IFDIR: 1133 inc_nlink(inode); 1134 /* Some things misbehave if size == 0 on a directory */ 1135 inode->i_size = 2 * BOGO_DIRENT_SIZE; 1136 inode->i_op = &shmem_dir_inode_operations; 1137 inode->i_fop = &simple_dir_operations; 1138 break; 1139 case S_IFLNK: 1140 /* 1141 * Must not load anything in the rbtree, 1142 * mpol_free_shared_policy will not be called. 1143 */ 1144 mpol_shared_policy_init(&info->policy, NULL); 1145 break; 1146 } 1147 } else 1148 shmem_free_inode(sb); 1149 return inode; 1150 } 1151 1152 #ifdef CONFIG_TMPFS 1153 static const struct inode_operations shmem_symlink_inode_operations; 1154 static const struct inode_operations shmem_short_symlink_operations; 1155 1156 static int 1157 shmem_write_begin(struct file *file, struct address_space *mapping, 1158 loff_t pos, unsigned len, unsigned flags, 1159 struct page **pagep, void **fsdata) 1160 { 1161 struct inode *inode = mapping->host; 1162 pgoff_t index = pos >> PAGE_CACHE_SHIFT; 1163 return shmem_getpage(inode, index, pagep, SGP_WRITE, NULL); 1164 } 1165 1166 static int 1167 shmem_write_end(struct file *file, struct address_space *mapping, 1168 loff_t pos, unsigned len, unsigned copied, 1169 struct page *page, void *fsdata) 1170 { 1171 struct inode *inode = mapping->host; 1172 1173 if (pos + copied > inode->i_size) 1174 i_size_write(inode, pos + copied); 1175 1176 set_page_dirty(page); 1177 unlock_page(page); 1178 page_cache_release(page); 1179 1180 return copied; 1181 } 1182 1183 static void do_shmem_file_read(struct file *filp, loff_t *ppos, read_descriptor_t *desc, read_actor_t actor) 1184 { 1185 struct inode *inode = filp->f_path.dentry->d_inode; 1186 struct address_space *mapping = inode->i_mapping; 1187 pgoff_t index; 1188 unsigned long offset; 1189 enum sgp_type sgp = SGP_READ; 1190 1191 /* 1192 * Might this read be for a stacking filesystem? Then when reading 1193 * holes of a sparse file, we actually need to allocate those pages, 1194 * and even mark them dirty, so it cannot exceed the max_blocks limit. 1195 */ 1196 if (segment_eq(get_fs(), KERNEL_DS)) 1197 sgp = SGP_DIRTY; 1198 1199 index = *ppos >> PAGE_CACHE_SHIFT; 1200 offset = *ppos & ~PAGE_CACHE_MASK; 1201 1202 for (;;) { 1203 struct page *page = NULL; 1204 pgoff_t end_index; 1205 unsigned long nr, ret; 1206 loff_t i_size = i_size_read(inode); 1207 1208 end_index = i_size >> PAGE_CACHE_SHIFT; 1209 if (index > end_index) 1210 break; 1211 if (index == end_index) { 1212 nr = i_size & ~PAGE_CACHE_MASK; 1213 if (nr <= offset) 1214 break; 1215 } 1216 1217 desc->error = shmem_getpage(inode, index, &page, sgp, NULL); 1218 if (desc->error) { 1219 if (desc->error == -EINVAL) 1220 desc->error = 0; 1221 break; 1222 } 1223 if (page) 1224 unlock_page(page); 1225 1226 /* 1227 * We must evaluate after, since reads (unlike writes) 1228 * are called without i_mutex protection against truncate 1229 */ 1230 nr = PAGE_CACHE_SIZE; 1231 i_size = i_size_read(inode); 1232 end_index = i_size >> PAGE_CACHE_SHIFT; 1233 if (index == end_index) { 1234 nr = i_size & ~PAGE_CACHE_MASK; 1235 if (nr <= offset) { 1236 if (page) 1237 page_cache_release(page); 1238 break; 1239 } 1240 } 1241 nr -= offset; 1242 1243 if (page) { 1244 /* 1245 * If users can be writing to this page using arbitrary 1246 * virtual addresses, take care about potential aliasing 1247 * before reading the page on the kernel side. 1248 */ 1249 if (mapping_writably_mapped(mapping)) 1250 flush_dcache_page(page); 1251 /* 1252 * Mark the page accessed if we read the beginning. 1253 */ 1254 if (!offset) 1255 mark_page_accessed(page); 1256 } else { 1257 page = ZERO_PAGE(0); 1258 page_cache_get(page); 1259 } 1260 1261 /* 1262 * Ok, we have the page, and it's up-to-date, so 1263 * now we can copy it to user space... 1264 * 1265 * The actor routine returns how many bytes were actually used.. 1266 * NOTE! This may not be the same as how much of a user buffer 1267 * we filled up (we may be padding etc), so we can only update 1268 * "pos" here (the actor routine has to update the user buffer 1269 * pointers and the remaining count). 1270 */ 1271 ret = actor(desc, page, offset, nr); 1272 offset += ret; 1273 index += offset >> PAGE_CACHE_SHIFT; 1274 offset &= ~PAGE_CACHE_MASK; 1275 1276 page_cache_release(page); 1277 if (ret != nr || !desc->count) 1278 break; 1279 1280 cond_resched(); 1281 } 1282 1283 *ppos = ((loff_t) index << PAGE_CACHE_SHIFT) + offset; 1284 file_accessed(filp); 1285 } 1286 1287 static ssize_t shmem_file_aio_read(struct kiocb *iocb, 1288 const struct iovec *iov, unsigned long nr_segs, loff_t pos) 1289 { 1290 struct file *filp = iocb->ki_filp; 1291 ssize_t retval; 1292 unsigned long seg; 1293 size_t count; 1294 loff_t *ppos = &iocb->ki_pos; 1295 1296 retval = generic_segment_checks(iov, &nr_segs, &count, VERIFY_WRITE); 1297 if (retval) 1298 return retval; 1299 1300 for (seg = 0; seg < nr_segs; seg++) { 1301 read_descriptor_t desc; 1302 1303 desc.written = 0; 1304 desc.arg.buf = iov[seg].iov_base; 1305 desc.count = iov[seg].iov_len; 1306 if (desc.count == 0) 1307 continue; 1308 desc.error = 0; 1309 do_shmem_file_read(filp, ppos, &desc, file_read_actor); 1310 retval += desc.written; 1311 if (desc.error) { 1312 retval = retval ?: desc.error; 1313 break; 1314 } 1315 if (desc.count > 0) 1316 break; 1317 } 1318 return retval; 1319 } 1320 1321 static ssize_t shmem_file_splice_read(struct file *in, loff_t *ppos, 1322 struct pipe_inode_info *pipe, size_t len, 1323 unsigned int flags) 1324 { 1325 struct address_space *mapping = in->f_mapping; 1326 struct inode *inode = mapping->host; 1327 unsigned int loff, nr_pages, req_pages; 1328 struct page *pages[PIPE_DEF_BUFFERS]; 1329 struct partial_page partial[PIPE_DEF_BUFFERS]; 1330 struct page *page; 1331 pgoff_t index, end_index; 1332 loff_t isize, left; 1333 int error, page_nr; 1334 struct splice_pipe_desc spd = { 1335 .pages = pages, 1336 .partial = partial, 1337 .flags = flags, 1338 .ops = &page_cache_pipe_buf_ops, 1339 .spd_release = spd_release_page, 1340 }; 1341 1342 isize = i_size_read(inode); 1343 if (unlikely(*ppos >= isize)) 1344 return 0; 1345 1346 left = isize - *ppos; 1347 if (unlikely(left < len)) 1348 len = left; 1349 1350 if (splice_grow_spd(pipe, &spd)) 1351 return -ENOMEM; 1352 1353 index = *ppos >> PAGE_CACHE_SHIFT; 1354 loff = *ppos & ~PAGE_CACHE_MASK; 1355 req_pages = (len + loff + PAGE_CACHE_SIZE - 1) >> PAGE_CACHE_SHIFT; 1356 nr_pages = min(req_pages, pipe->buffers); 1357 1358 spd.nr_pages = find_get_pages_contig(mapping, index, 1359 nr_pages, spd.pages); 1360 index += spd.nr_pages; 1361 error = 0; 1362 1363 while (spd.nr_pages < nr_pages) { 1364 error = shmem_getpage(inode, index, &page, SGP_CACHE, NULL); 1365 if (error) 1366 break; 1367 unlock_page(page); 1368 spd.pages[spd.nr_pages++] = page; 1369 index++; 1370 } 1371 1372 index = *ppos >> PAGE_CACHE_SHIFT; 1373 nr_pages = spd.nr_pages; 1374 spd.nr_pages = 0; 1375 1376 for (page_nr = 0; page_nr < nr_pages; page_nr++) { 1377 unsigned int this_len; 1378 1379 if (!len) 1380 break; 1381 1382 this_len = min_t(unsigned long, len, PAGE_CACHE_SIZE - loff); 1383 page = spd.pages[page_nr]; 1384 1385 if (!PageUptodate(page) || page->mapping != mapping) { 1386 error = shmem_getpage(inode, index, &page, 1387 SGP_CACHE, NULL); 1388 if (error) 1389 break; 1390 unlock_page(page); 1391 page_cache_release(spd.pages[page_nr]); 1392 spd.pages[page_nr] = page; 1393 } 1394 1395 isize = i_size_read(inode); 1396 end_index = (isize - 1) >> PAGE_CACHE_SHIFT; 1397 if (unlikely(!isize || index > end_index)) 1398 break; 1399 1400 if (end_index == index) { 1401 unsigned int plen; 1402 1403 plen = ((isize - 1) & ~PAGE_CACHE_MASK) + 1; 1404 if (plen <= loff) 1405 break; 1406 1407 this_len = min(this_len, plen - loff); 1408 len = this_len; 1409 } 1410 1411 spd.partial[page_nr].offset = loff; 1412 spd.partial[page_nr].len = this_len; 1413 len -= this_len; 1414 loff = 0; 1415 spd.nr_pages++; 1416 index++; 1417 } 1418 1419 while (page_nr < nr_pages) 1420 page_cache_release(spd.pages[page_nr++]); 1421 1422 if (spd.nr_pages) 1423 error = splice_to_pipe(pipe, &spd); 1424 1425 splice_shrink_spd(pipe, &spd); 1426 1427 if (error > 0) { 1428 *ppos += error; 1429 file_accessed(in); 1430 } 1431 return error; 1432 } 1433 1434 static int shmem_statfs(struct dentry *dentry, struct kstatfs *buf) 1435 { 1436 struct shmem_sb_info *sbinfo = SHMEM_SB(dentry->d_sb); 1437 1438 buf->f_type = TMPFS_MAGIC; 1439 buf->f_bsize = PAGE_CACHE_SIZE; 1440 buf->f_namelen = NAME_MAX; 1441 if (sbinfo->max_blocks) { 1442 buf->f_blocks = sbinfo->max_blocks; 1443 buf->f_bavail = 1444 buf->f_bfree = sbinfo->max_blocks - 1445 percpu_counter_sum(&sbinfo->used_blocks); 1446 } 1447 if (sbinfo->max_inodes) { 1448 buf->f_files = sbinfo->max_inodes; 1449 buf->f_ffree = sbinfo->free_inodes; 1450 } 1451 /* else leave those fields 0 like simple_statfs */ 1452 return 0; 1453 } 1454 1455 /* 1456 * File creation. Allocate an inode, and we're done.. 1457 */ 1458 static int 1459 shmem_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) 1460 { 1461 struct inode *inode; 1462 int error = -ENOSPC; 1463 1464 inode = shmem_get_inode(dir->i_sb, dir, mode, dev, VM_NORESERVE); 1465 if (inode) { 1466 error = security_inode_init_security(inode, dir, 1467 &dentry->d_name, 1468 NULL, NULL); 1469 if (error) { 1470 if (error != -EOPNOTSUPP) { 1471 iput(inode); 1472 return error; 1473 } 1474 } 1475 #ifdef CONFIG_TMPFS_POSIX_ACL 1476 error = generic_acl_init(inode, dir); 1477 if (error) { 1478 iput(inode); 1479 return error; 1480 } 1481 #else 1482 error = 0; 1483 #endif 1484 dir->i_size += BOGO_DIRENT_SIZE; 1485 dir->i_ctime = dir->i_mtime = CURRENT_TIME; 1486 d_instantiate(dentry, inode); 1487 dget(dentry); /* Extra count - pin the dentry in core */ 1488 } 1489 return error; 1490 } 1491 1492 static int shmem_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) 1493 { 1494 int error; 1495 1496 if ((error = shmem_mknod(dir, dentry, mode | S_IFDIR, 0))) 1497 return error; 1498 inc_nlink(dir); 1499 return 0; 1500 } 1501 1502 static int shmem_create(struct inode *dir, struct dentry *dentry, umode_t mode, 1503 struct nameidata *nd) 1504 { 1505 return shmem_mknod(dir, dentry, mode | S_IFREG, 0); 1506 } 1507 1508 /* 1509 * Link a file.. 1510 */ 1511 static int shmem_link(struct dentry *old_dentry, struct inode *dir, struct dentry *dentry) 1512 { 1513 struct inode *inode = old_dentry->d_inode; 1514 int ret; 1515 1516 /* 1517 * No ordinary (disk based) filesystem counts links as inodes; 1518 * but each new link needs a new dentry, pinning lowmem, and 1519 * tmpfs dentries cannot be pruned until they are unlinked. 1520 */ 1521 ret = shmem_reserve_inode(inode->i_sb); 1522 if (ret) 1523 goto out; 1524 1525 dir->i_size += BOGO_DIRENT_SIZE; 1526 inode->i_ctime = dir->i_ctime = dir->i_mtime = CURRENT_TIME; 1527 inc_nlink(inode); 1528 ihold(inode); /* New dentry reference */ 1529 dget(dentry); /* Extra pinning count for the created dentry */ 1530 d_instantiate(dentry, inode); 1531 out: 1532 return ret; 1533 } 1534 1535 static int shmem_unlink(struct inode *dir, struct dentry *dentry) 1536 { 1537 struct inode *inode = dentry->d_inode; 1538 1539 if (inode->i_nlink > 1 && !S_ISDIR(inode->i_mode)) 1540 shmem_free_inode(inode->i_sb); 1541 1542 dir->i_size -= BOGO_DIRENT_SIZE; 1543 inode->i_ctime = dir->i_ctime = dir->i_mtime = CURRENT_TIME; 1544 drop_nlink(inode); 1545 dput(dentry); /* Undo the count from "create" - this does all the work */ 1546 return 0; 1547 } 1548 1549 static int shmem_rmdir(struct inode *dir, struct dentry *dentry) 1550 { 1551 if (!simple_empty(dentry)) 1552 return -ENOTEMPTY; 1553 1554 drop_nlink(dentry->d_inode); 1555 drop_nlink(dir); 1556 return shmem_unlink(dir, dentry); 1557 } 1558 1559 /* 1560 * The VFS layer already does all the dentry stuff for rename, 1561 * we just have to decrement the usage count for the target if 1562 * it exists so that the VFS layer correctly free's it when it 1563 * gets overwritten. 1564 */ 1565 static int shmem_rename(struct inode *old_dir, struct dentry *old_dentry, struct inode *new_dir, struct dentry *new_dentry) 1566 { 1567 struct inode *inode = old_dentry->d_inode; 1568 int they_are_dirs = S_ISDIR(inode->i_mode); 1569 1570 if (!simple_empty(new_dentry)) 1571 return -ENOTEMPTY; 1572 1573 if (new_dentry->d_inode) { 1574 (void) shmem_unlink(new_dir, new_dentry); 1575 if (they_are_dirs) 1576 drop_nlink(old_dir); 1577 } else if (they_are_dirs) { 1578 drop_nlink(old_dir); 1579 inc_nlink(new_dir); 1580 } 1581 1582 old_dir->i_size -= BOGO_DIRENT_SIZE; 1583 new_dir->i_size += BOGO_DIRENT_SIZE; 1584 old_dir->i_ctime = old_dir->i_mtime = 1585 new_dir->i_ctime = new_dir->i_mtime = 1586 inode->i_ctime = CURRENT_TIME; 1587 return 0; 1588 } 1589 1590 static int shmem_symlink(struct inode *dir, struct dentry *dentry, const char *symname) 1591 { 1592 int error; 1593 int len; 1594 struct inode *inode; 1595 struct page *page; 1596 char *kaddr; 1597 struct shmem_inode_info *info; 1598 1599 len = strlen(symname) + 1; 1600 if (len > PAGE_CACHE_SIZE) 1601 return -ENAMETOOLONG; 1602 1603 inode = shmem_get_inode(dir->i_sb, dir, S_IFLNK|S_IRWXUGO, 0, VM_NORESERVE); 1604 if (!inode) 1605 return -ENOSPC; 1606 1607 error = security_inode_init_security(inode, dir, &dentry->d_name, 1608 NULL, NULL); 1609 if (error) { 1610 if (error != -EOPNOTSUPP) { 1611 iput(inode); 1612 return error; 1613 } 1614 error = 0; 1615 } 1616 1617 info = SHMEM_I(inode); 1618 inode->i_size = len-1; 1619 if (len <= SHORT_SYMLINK_LEN) { 1620 info->symlink = kmemdup(symname, len, GFP_KERNEL); 1621 if (!info->symlink) { 1622 iput(inode); 1623 return -ENOMEM; 1624 } 1625 inode->i_op = &shmem_short_symlink_operations; 1626 } else { 1627 error = shmem_getpage(inode, 0, &page, SGP_WRITE, NULL); 1628 if (error) { 1629 iput(inode); 1630 return error; 1631 } 1632 inode->i_mapping->a_ops = &shmem_aops; 1633 inode->i_op = &shmem_symlink_inode_operations; 1634 kaddr = kmap_atomic(page, KM_USER0); 1635 memcpy(kaddr, symname, len); 1636 kunmap_atomic(kaddr, KM_USER0); 1637 set_page_dirty(page); 1638 unlock_page(page); 1639 page_cache_release(page); 1640 } 1641 dir->i_size += BOGO_DIRENT_SIZE; 1642 dir->i_ctime = dir->i_mtime = CURRENT_TIME; 1643 d_instantiate(dentry, inode); 1644 dget(dentry); 1645 return 0; 1646 } 1647 1648 static void *shmem_follow_short_symlink(struct dentry *dentry, struct nameidata *nd) 1649 { 1650 nd_set_link(nd, SHMEM_I(dentry->d_inode)->symlink); 1651 return NULL; 1652 } 1653 1654 static void *shmem_follow_link(struct dentry *dentry, struct nameidata *nd) 1655 { 1656 struct page *page = NULL; 1657 int error = shmem_getpage(dentry->d_inode, 0, &page, SGP_READ, NULL); 1658 nd_set_link(nd, error ? ERR_PTR(error) : kmap(page)); 1659 if (page) 1660 unlock_page(page); 1661 return page; 1662 } 1663 1664 static void shmem_put_link(struct dentry *dentry, struct nameidata *nd, void *cookie) 1665 { 1666 if (!IS_ERR(nd_get_link(nd))) { 1667 struct page *page = cookie; 1668 kunmap(page); 1669 mark_page_accessed(page); 1670 page_cache_release(page); 1671 } 1672 } 1673 1674 #ifdef CONFIG_TMPFS_XATTR 1675 /* 1676 * Superblocks without xattr inode operations may get some security.* xattr 1677 * support from the LSM "for free". As soon as we have any other xattrs 1678 * like ACLs, we also need to implement the security.* handlers at 1679 * filesystem level, though. 1680 */ 1681 1682 static int shmem_xattr_get(struct dentry *dentry, const char *name, 1683 void *buffer, size_t size) 1684 { 1685 struct shmem_inode_info *info; 1686 struct shmem_xattr *xattr; 1687 int ret = -ENODATA; 1688 1689 info = SHMEM_I(dentry->d_inode); 1690 1691 spin_lock(&info->lock); 1692 list_for_each_entry(xattr, &info->xattr_list, list) { 1693 if (strcmp(name, xattr->name)) 1694 continue; 1695 1696 ret = xattr->size; 1697 if (buffer) { 1698 if (size < xattr->size) 1699 ret = -ERANGE; 1700 else 1701 memcpy(buffer, xattr->value, xattr->size); 1702 } 1703 break; 1704 } 1705 spin_unlock(&info->lock); 1706 return ret; 1707 } 1708 1709 static int shmem_xattr_set(struct dentry *dentry, const char *name, 1710 const void *value, size_t size, int flags) 1711 { 1712 struct inode *inode = dentry->d_inode; 1713 struct shmem_inode_info *info = SHMEM_I(inode); 1714 struct shmem_xattr *xattr; 1715 struct shmem_xattr *new_xattr = NULL; 1716 size_t len; 1717 int err = 0; 1718 1719 /* value == NULL means remove */ 1720 if (value) { 1721 /* wrap around? */ 1722 len = sizeof(*new_xattr) + size; 1723 if (len <= sizeof(*new_xattr)) 1724 return -ENOMEM; 1725 1726 new_xattr = kmalloc(len, GFP_KERNEL); 1727 if (!new_xattr) 1728 return -ENOMEM; 1729 1730 new_xattr->name = kstrdup(name, GFP_KERNEL); 1731 if (!new_xattr->name) { 1732 kfree(new_xattr); 1733 return -ENOMEM; 1734 } 1735 1736 new_xattr->size = size; 1737 memcpy(new_xattr->value, value, size); 1738 } 1739 1740 spin_lock(&info->lock); 1741 list_for_each_entry(xattr, &info->xattr_list, list) { 1742 if (!strcmp(name, xattr->name)) { 1743 if (flags & XATTR_CREATE) { 1744 xattr = new_xattr; 1745 err = -EEXIST; 1746 } else if (new_xattr) { 1747 list_replace(&xattr->list, &new_xattr->list); 1748 } else { 1749 list_del(&xattr->list); 1750 } 1751 goto out; 1752 } 1753 } 1754 if (flags & XATTR_REPLACE) { 1755 xattr = new_xattr; 1756 err = -ENODATA; 1757 } else { 1758 list_add(&new_xattr->list, &info->xattr_list); 1759 xattr = NULL; 1760 } 1761 out: 1762 spin_unlock(&info->lock); 1763 if (xattr) 1764 kfree(xattr->name); 1765 kfree(xattr); 1766 return err; 1767 } 1768 1769 static const struct xattr_handler *shmem_xattr_handlers[] = { 1770 #ifdef CONFIG_TMPFS_POSIX_ACL 1771 &generic_acl_access_handler, 1772 &generic_acl_default_handler, 1773 #endif 1774 NULL 1775 }; 1776 1777 static int shmem_xattr_validate(const char *name) 1778 { 1779 struct { const char *prefix; size_t len; } arr[] = { 1780 { XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN }, 1781 { XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN } 1782 }; 1783 int i; 1784 1785 for (i = 0; i < ARRAY_SIZE(arr); i++) { 1786 size_t preflen = arr[i].len; 1787 if (strncmp(name, arr[i].prefix, preflen) == 0) { 1788 if (!name[preflen]) 1789 return -EINVAL; 1790 return 0; 1791 } 1792 } 1793 return -EOPNOTSUPP; 1794 } 1795 1796 static ssize_t shmem_getxattr(struct dentry *dentry, const char *name, 1797 void *buffer, size_t size) 1798 { 1799 int err; 1800 1801 /* 1802 * If this is a request for a synthetic attribute in the system.* 1803 * namespace use the generic infrastructure to resolve a handler 1804 * for it via sb->s_xattr. 1805 */ 1806 if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) 1807 return generic_getxattr(dentry, name, buffer, size); 1808 1809 err = shmem_xattr_validate(name); 1810 if (err) 1811 return err; 1812 1813 return shmem_xattr_get(dentry, name, buffer, size); 1814 } 1815 1816 static int shmem_setxattr(struct dentry *dentry, const char *name, 1817 const void *value, size_t size, int flags) 1818 { 1819 int err; 1820 1821 /* 1822 * If this is a request for a synthetic attribute in the system.* 1823 * namespace use the generic infrastructure to resolve a handler 1824 * for it via sb->s_xattr. 1825 */ 1826 if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) 1827 return generic_setxattr(dentry, name, value, size, flags); 1828 1829 err = shmem_xattr_validate(name); 1830 if (err) 1831 return err; 1832 1833 if (size == 0) 1834 value = ""; /* empty EA, do not remove */ 1835 1836 return shmem_xattr_set(dentry, name, value, size, flags); 1837 1838 } 1839 1840 static int shmem_removexattr(struct dentry *dentry, const char *name) 1841 { 1842 int err; 1843 1844 /* 1845 * If this is a request for a synthetic attribute in the system.* 1846 * namespace use the generic infrastructure to resolve a handler 1847 * for it via sb->s_xattr. 1848 */ 1849 if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) 1850 return generic_removexattr(dentry, name); 1851 1852 err = shmem_xattr_validate(name); 1853 if (err) 1854 return err; 1855 1856 return shmem_xattr_set(dentry, name, NULL, 0, XATTR_REPLACE); 1857 } 1858 1859 static bool xattr_is_trusted(const char *name) 1860 { 1861 return !strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN); 1862 } 1863 1864 static ssize_t shmem_listxattr(struct dentry *dentry, char *buffer, size_t size) 1865 { 1866 bool trusted = capable(CAP_SYS_ADMIN); 1867 struct shmem_xattr *xattr; 1868 struct shmem_inode_info *info; 1869 size_t used = 0; 1870 1871 info = SHMEM_I(dentry->d_inode); 1872 1873 spin_lock(&info->lock); 1874 list_for_each_entry(xattr, &info->xattr_list, list) { 1875 size_t len; 1876 1877 /* skip "trusted." attributes for unprivileged callers */ 1878 if (!trusted && xattr_is_trusted(xattr->name)) 1879 continue; 1880 1881 len = strlen(xattr->name) + 1; 1882 used += len; 1883 if (buffer) { 1884 if (size < used) { 1885 used = -ERANGE; 1886 break; 1887 } 1888 memcpy(buffer, xattr->name, len); 1889 buffer += len; 1890 } 1891 } 1892 spin_unlock(&info->lock); 1893 1894 return used; 1895 } 1896 #endif /* CONFIG_TMPFS_XATTR */ 1897 1898 static const struct inode_operations shmem_short_symlink_operations = { 1899 .readlink = generic_readlink, 1900 .follow_link = shmem_follow_short_symlink, 1901 #ifdef CONFIG_TMPFS_XATTR 1902 .setxattr = shmem_setxattr, 1903 .getxattr = shmem_getxattr, 1904 .listxattr = shmem_listxattr, 1905 .removexattr = shmem_removexattr, 1906 #endif 1907 }; 1908 1909 static const struct inode_operations shmem_symlink_inode_operations = { 1910 .readlink = generic_readlink, 1911 .follow_link = shmem_follow_link, 1912 .put_link = shmem_put_link, 1913 #ifdef CONFIG_TMPFS_XATTR 1914 .setxattr = shmem_setxattr, 1915 .getxattr = shmem_getxattr, 1916 .listxattr = shmem_listxattr, 1917 .removexattr = shmem_removexattr, 1918 #endif 1919 }; 1920 1921 static struct dentry *shmem_get_parent(struct dentry *child) 1922 { 1923 return ERR_PTR(-ESTALE); 1924 } 1925 1926 static int shmem_match(struct inode *ino, void *vfh) 1927 { 1928 __u32 *fh = vfh; 1929 __u64 inum = fh[2]; 1930 inum = (inum << 32) | fh[1]; 1931 return ino->i_ino == inum && fh[0] == ino->i_generation; 1932 } 1933 1934 static struct dentry *shmem_fh_to_dentry(struct super_block *sb, 1935 struct fid *fid, int fh_len, int fh_type) 1936 { 1937 struct inode *inode; 1938 struct dentry *dentry = NULL; 1939 u64 inum = fid->raw[2]; 1940 inum = (inum << 32) | fid->raw[1]; 1941 1942 if (fh_len < 3) 1943 return NULL; 1944 1945 inode = ilookup5(sb, (unsigned long)(inum + fid->raw[0]), 1946 shmem_match, fid->raw); 1947 if (inode) { 1948 dentry = d_find_alias(inode); 1949 iput(inode); 1950 } 1951 1952 return dentry; 1953 } 1954 1955 static int shmem_encode_fh(struct dentry *dentry, __u32 *fh, int *len, 1956 int connectable) 1957 { 1958 struct inode *inode = dentry->d_inode; 1959 1960 if (*len < 3) { 1961 *len = 3; 1962 return 255; 1963 } 1964 1965 if (inode_unhashed(inode)) { 1966 /* Unfortunately insert_inode_hash is not idempotent, 1967 * so as we hash inodes here rather than at creation 1968 * time, we need a lock to ensure we only try 1969 * to do it once 1970 */ 1971 static DEFINE_SPINLOCK(lock); 1972 spin_lock(&lock); 1973 if (inode_unhashed(inode)) 1974 __insert_inode_hash(inode, 1975 inode->i_ino + inode->i_generation); 1976 spin_unlock(&lock); 1977 } 1978 1979 fh[0] = inode->i_generation; 1980 fh[1] = inode->i_ino; 1981 fh[2] = ((__u64)inode->i_ino) >> 32; 1982 1983 *len = 3; 1984 return 1; 1985 } 1986 1987 static const struct export_operations shmem_export_ops = { 1988 .get_parent = shmem_get_parent, 1989 .encode_fh = shmem_encode_fh, 1990 .fh_to_dentry = shmem_fh_to_dentry, 1991 }; 1992 1993 static int shmem_parse_options(char *options, struct shmem_sb_info *sbinfo, 1994 bool remount) 1995 { 1996 char *this_char, *value, *rest; 1997 1998 while (options != NULL) { 1999 this_char = options; 2000 for (;;) { 2001 /* 2002 * NUL-terminate this option: unfortunately, 2003 * mount options form a comma-separated list, 2004 * but mpol's nodelist may also contain commas. 2005 */ 2006 options = strchr(options, ','); 2007 if (options == NULL) 2008 break; 2009 options++; 2010 if (!isdigit(*options)) { 2011 options[-1] = '\0'; 2012 break; 2013 } 2014 } 2015 if (!*this_char) 2016 continue; 2017 if ((value = strchr(this_char,'=')) != NULL) { 2018 *value++ = 0; 2019 } else { 2020 printk(KERN_ERR 2021 "tmpfs: No value for mount option '%s'\n", 2022 this_char); 2023 return 1; 2024 } 2025 2026 if (!strcmp(this_char,"size")) { 2027 unsigned long long size; 2028 size = memparse(value,&rest); 2029 if (*rest == '%') { 2030 size <<= PAGE_SHIFT; 2031 size *= totalram_pages; 2032 do_div(size, 100); 2033 rest++; 2034 } 2035 if (*rest) 2036 goto bad_val; 2037 sbinfo->max_blocks = 2038 DIV_ROUND_UP(size, PAGE_CACHE_SIZE); 2039 } else if (!strcmp(this_char,"nr_blocks")) { 2040 sbinfo->max_blocks = memparse(value, &rest); 2041 if (*rest) 2042 goto bad_val; 2043 } else if (!strcmp(this_char,"nr_inodes")) { 2044 sbinfo->max_inodes = memparse(value, &rest); 2045 if (*rest) 2046 goto bad_val; 2047 } else if (!strcmp(this_char,"mode")) { 2048 if (remount) 2049 continue; 2050 sbinfo->mode = simple_strtoul(value, &rest, 8) & 07777; 2051 if (*rest) 2052 goto bad_val; 2053 } else if (!strcmp(this_char,"uid")) { 2054 if (remount) 2055 continue; 2056 sbinfo->uid = simple_strtoul(value, &rest, 0); 2057 if (*rest) 2058 goto bad_val; 2059 } else if (!strcmp(this_char,"gid")) { 2060 if (remount) 2061 continue; 2062 sbinfo->gid = simple_strtoul(value, &rest, 0); 2063 if (*rest) 2064 goto bad_val; 2065 } else if (!strcmp(this_char,"mpol")) { 2066 if (mpol_parse_str(value, &sbinfo->mpol, 1)) 2067 goto bad_val; 2068 } else { 2069 printk(KERN_ERR "tmpfs: Bad mount option %s\n", 2070 this_char); 2071 return 1; 2072 } 2073 } 2074 return 0; 2075 2076 bad_val: 2077 printk(KERN_ERR "tmpfs: Bad value '%s' for mount option '%s'\n", 2078 value, this_char); 2079 return 1; 2080 2081 } 2082 2083 static int shmem_remount_fs(struct super_block *sb, int *flags, char *data) 2084 { 2085 struct shmem_sb_info *sbinfo = SHMEM_SB(sb); 2086 struct shmem_sb_info config = *sbinfo; 2087 unsigned long inodes; 2088 int error = -EINVAL; 2089 2090 if (shmem_parse_options(data, &config, true)) 2091 return error; 2092 2093 spin_lock(&sbinfo->stat_lock); 2094 inodes = sbinfo->max_inodes - sbinfo->free_inodes; 2095 if (percpu_counter_compare(&sbinfo->used_blocks, config.max_blocks) > 0) 2096 goto out; 2097 if (config.max_inodes < inodes) 2098 goto out; 2099 /* 2100 * Those tests disallow limited->unlimited while any are in use; 2101 * but we must separately disallow unlimited->limited, because 2102 * in that case we have no record of how much is already in use. 2103 */ 2104 if (config.max_blocks && !sbinfo->max_blocks) 2105 goto out; 2106 if (config.max_inodes && !sbinfo->max_inodes) 2107 goto out; 2108 2109 error = 0; 2110 sbinfo->max_blocks = config.max_blocks; 2111 sbinfo->max_inodes = config.max_inodes; 2112 sbinfo->free_inodes = config.max_inodes - inodes; 2113 2114 mpol_put(sbinfo->mpol); 2115 sbinfo->mpol = config.mpol; /* transfers initial ref */ 2116 out: 2117 spin_unlock(&sbinfo->stat_lock); 2118 return error; 2119 } 2120 2121 static int shmem_show_options(struct seq_file *seq, struct dentry *root) 2122 { 2123 struct shmem_sb_info *sbinfo = SHMEM_SB(root->d_sb); 2124 2125 if (sbinfo->max_blocks != shmem_default_max_blocks()) 2126 seq_printf(seq, ",size=%luk", 2127 sbinfo->max_blocks << (PAGE_CACHE_SHIFT - 10)); 2128 if (sbinfo->max_inodes != shmem_default_max_inodes()) 2129 seq_printf(seq, ",nr_inodes=%lu", sbinfo->max_inodes); 2130 if (sbinfo->mode != (S_IRWXUGO | S_ISVTX)) 2131 seq_printf(seq, ",mode=%03ho", sbinfo->mode); 2132 if (sbinfo->uid != 0) 2133 seq_printf(seq, ",uid=%u", sbinfo->uid); 2134 if (sbinfo->gid != 0) 2135 seq_printf(seq, ",gid=%u", sbinfo->gid); 2136 shmem_show_mpol(seq, sbinfo->mpol); 2137 return 0; 2138 } 2139 #endif /* CONFIG_TMPFS */ 2140 2141 static void shmem_put_super(struct super_block *sb) 2142 { 2143 struct shmem_sb_info *sbinfo = SHMEM_SB(sb); 2144 2145 percpu_counter_destroy(&sbinfo->used_blocks); 2146 kfree(sbinfo); 2147 sb->s_fs_info = NULL; 2148 } 2149 2150 int shmem_fill_super(struct super_block *sb, void *data, int silent) 2151 { 2152 struct inode *inode; 2153 struct dentry *root; 2154 struct shmem_sb_info *sbinfo; 2155 int err = -ENOMEM; 2156 2157 /* Round up to L1_CACHE_BYTES to resist false sharing */ 2158 sbinfo = kzalloc(max((int)sizeof(struct shmem_sb_info), 2159 L1_CACHE_BYTES), GFP_KERNEL); 2160 if (!sbinfo) 2161 return -ENOMEM; 2162 2163 sbinfo->mode = S_IRWXUGO | S_ISVTX; 2164 sbinfo->uid = current_fsuid(); 2165 sbinfo->gid = current_fsgid(); 2166 sb->s_fs_info = sbinfo; 2167 2168 #ifdef CONFIG_TMPFS 2169 /* 2170 * Per default we only allow half of the physical ram per 2171 * tmpfs instance, limiting inodes to one per page of lowmem; 2172 * but the internal instance is left unlimited. 2173 */ 2174 if (!(sb->s_flags & MS_NOUSER)) { 2175 sbinfo->max_blocks = shmem_default_max_blocks(); 2176 sbinfo->max_inodes = shmem_default_max_inodes(); 2177 if (shmem_parse_options(data, sbinfo, false)) { 2178 err = -EINVAL; 2179 goto failed; 2180 } 2181 } 2182 sb->s_export_op = &shmem_export_ops; 2183 #else 2184 sb->s_flags |= MS_NOUSER; 2185 #endif 2186 2187 spin_lock_init(&sbinfo->stat_lock); 2188 if (percpu_counter_init(&sbinfo->used_blocks, 0)) 2189 goto failed; 2190 sbinfo->free_inodes = sbinfo->max_inodes; 2191 2192 sb->s_maxbytes = MAX_LFS_FILESIZE; 2193 sb->s_blocksize = PAGE_CACHE_SIZE; 2194 sb->s_blocksize_bits = PAGE_CACHE_SHIFT; 2195 sb->s_magic = TMPFS_MAGIC; 2196 sb->s_op = &shmem_ops; 2197 sb->s_time_gran = 1; 2198 #ifdef CONFIG_TMPFS_XATTR 2199 sb->s_xattr = shmem_xattr_handlers; 2200 #endif 2201 #ifdef CONFIG_TMPFS_POSIX_ACL 2202 sb->s_flags |= MS_POSIXACL; 2203 #endif 2204 2205 inode = shmem_get_inode(sb, NULL, S_IFDIR | sbinfo->mode, 0, VM_NORESERVE); 2206 if (!inode) 2207 goto failed; 2208 inode->i_uid = sbinfo->uid; 2209 inode->i_gid = sbinfo->gid; 2210 root = d_alloc_root(inode); 2211 if (!root) 2212 goto failed_iput; 2213 sb->s_root = root; 2214 return 0; 2215 2216 failed_iput: 2217 iput(inode); 2218 failed: 2219 shmem_put_super(sb); 2220 return err; 2221 } 2222 2223 static struct kmem_cache *shmem_inode_cachep; 2224 2225 static struct inode *shmem_alloc_inode(struct super_block *sb) 2226 { 2227 struct shmem_inode_info *info; 2228 info = kmem_cache_alloc(shmem_inode_cachep, GFP_KERNEL); 2229 if (!info) 2230 return NULL; 2231 return &info->vfs_inode; 2232 } 2233 2234 static void shmem_destroy_callback(struct rcu_head *head) 2235 { 2236 struct inode *inode = container_of(head, struct inode, i_rcu); 2237 kmem_cache_free(shmem_inode_cachep, SHMEM_I(inode)); 2238 } 2239 2240 static void shmem_destroy_inode(struct inode *inode) 2241 { 2242 if (S_ISREG(inode->i_mode)) 2243 mpol_free_shared_policy(&SHMEM_I(inode)->policy); 2244 call_rcu(&inode->i_rcu, shmem_destroy_callback); 2245 } 2246 2247 static void shmem_init_inode(void *foo) 2248 { 2249 struct shmem_inode_info *info = foo; 2250 inode_init_once(&info->vfs_inode); 2251 } 2252 2253 static int shmem_init_inodecache(void) 2254 { 2255 shmem_inode_cachep = kmem_cache_create("shmem_inode_cache", 2256 sizeof(struct shmem_inode_info), 2257 0, SLAB_PANIC, shmem_init_inode); 2258 return 0; 2259 } 2260 2261 static void shmem_destroy_inodecache(void) 2262 { 2263 kmem_cache_destroy(shmem_inode_cachep); 2264 } 2265 2266 static const struct address_space_operations shmem_aops = { 2267 .writepage = shmem_writepage, 2268 .set_page_dirty = __set_page_dirty_no_writeback, 2269 #ifdef CONFIG_TMPFS 2270 .write_begin = shmem_write_begin, 2271 .write_end = shmem_write_end, 2272 #endif 2273 .migratepage = migrate_page, 2274 .error_remove_page = generic_error_remove_page, 2275 }; 2276 2277 static const struct file_operations shmem_file_operations = { 2278 .mmap = shmem_mmap, 2279 #ifdef CONFIG_TMPFS 2280 .llseek = generic_file_llseek, 2281 .read = do_sync_read, 2282 .write = do_sync_write, 2283 .aio_read = shmem_file_aio_read, 2284 .aio_write = generic_file_aio_write, 2285 .fsync = noop_fsync, 2286 .splice_read = shmem_file_splice_read, 2287 .splice_write = generic_file_splice_write, 2288 #endif 2289 }; 2290 2291 static const struct inode_operations shmem_inode_operations = { 2292 .setattr = shmem_setattr, 2293 .truncate_range = shmem_truncate_range, 2294 #ifdef CONFIG_TMPFS_XATTR 2295 .setxattr = shmem_setxattr, 2296 .getxattr = shmem_getxattr, 2297 .listxattr = shmem_listxattr, 2298 .removexattr = shmem_removexattr, 2299 #endif 2300 }; 2301 2302 static const struct inode_operations shmem_dir_inode_operations = { 2303 #ifdef CONFIG_TMPFS 2304 .create = shmem_create, 2305 .lookup = simple_lookup, 2306 .link = shmem_link, 2307 .unlink = shmem_unlink, 2308 .symlink = shmem_symlink, 2309 .mkdir = shmem_mkdir, 2310 .rmdir = shmem_rmdir, 2311 .mknod = shmem_mknod, 2312 .rename = shmem_rename, 2313 #endif 2314 #ifdef CONFIG_TMPFS_XATTR 2315 .setxattr = shmem_setxattr, 2316 .getxattr = shmem_getxattr, 2317 .listxattr = shmem_listxattr, 2318 .removexattr = shmem_removexattr, 2319 #endif 2320 #ifdef CONFIG_TMPFS_POSIX_ACL 2321 .setattr = shmem_setattr, 2322 #endif 2323 }; 2324 2325 static const struct inode_operations shmem_special_inode_operations = { 2326 #ifdef CONFIG_TMPFS_XATTR 2327 .setxattr = shmem_setxattr, 2328 .getxattr = shmem_getxattr, 2329 .listxattr = shmem_listxattr, 2330 .removexattr = shmem_removexattr, 2331 #endif 2332 #ifdef CONFIG_TMPFS_POSIX_ACL 2333 .setattr = shmem_setattr, 2334 #endif 2335 }; 2336 2337 static const struct super_operations shmem_ops = { 2338 .alloc_inode = shmem_alloc_inode, 2339 .destroy_inode = shmem_destroy_inode, 2340 #ifdef CONFIG_TMPFS 2341 .statfs = shmem_statfs, 2342 .remount_fs = shmem_remount_fs, 2343 .show_options = shmem_show_options, 2344 #endif 2345 .evict_inode = shmem_evict_inode, 2346 .drop_inode = generic_delete_inode, 2347 .put_super = shmem_put_super, 2348 }; 2349 2350 static const struct vm_operations_struct shmem_vm_ops = { 2351 .fault = shmem_fault, 2352 #ifdef CONFIG_NUMA 2353 .set_policy = shmem_set_policy, 2354 .get_policy = shmem_get_policy, 2355 #endif 2356 }; 2357 2358 static struct dentry *shmem_mount(struct file_system_type *fs_type, 2359 int flags, const char *dev_name, void *data) 2360 { 2361 return mount_nodev(fs_type, flags, data, shmem_fill_super); 2362 } 2363 2364 static struct file_system_type shmem_fs_type = { 2365 .owner = THIS_MODULE, 2366 .name = "tmpfs", 2367 .mount = shmem_mount, 2368 .kill_sb = kill_litter_super, 2369 }; 2370 2371 int __init shmem_init(void) 2372 { 2373 int error; 2374 2375 error = bdi_init(&shmem_backing_dev_info); 2376 if (error) 2377 goto out4; 2378 2379 error = shmem_init_inodecache(); 2380 if (error) 2381 goto out3; 2382 2383 error = register_filesystem(&shmem_fs_type); 2384 if (error) { 2385 printk(KERN_ERR "Could not register tmpfs\n"); 2386 goto out2; 2387 } 2388 2389 shm_mnt = vfs_kern_mount(&shmem_fs_type, MS_NOUSER, 2390 shmem_fs_type.name, NULL); 2391 if (IS_ERR(shm_mnt)) { 2392 error = PTR_ERR(shm_mnt); 2393 printk(KERN_ERR "Could not kern_mount tmpfs\n"); 2394 goto out1; 2395 } 2396 return 0; 2397 2398 out1: 2399 unregister_filesystem(&shmem_fs_type); 2400 out2: 2401 shmem_destroy_inodecache(); 2402 out3: 2403 bdi_destroy(&shmem_backing_dev_info); 2404 out4: 2405 shm_mnt = ERR_PTR(error); 2406 return error; 2407 } 2408 2409 #else /* !CONFIG_SHMEM */ 2410 2411 /* 2412 * tiny-shmem: simple shmemfs and tmpfs using ramfs code 2413 * 2414 * This is intended for small system where the benefits of the full 2415 * shmem code (swap-backed and resource-limited) are outweighed by 2416 * their complexity. On systems without swap this code should be 2417 * effectively equivalent, but much lighter weight. 2418 */ 2419 2420 #include <linux/ramfs.h> 2421 2422 static struct file_system_type shmem_fs_type = { 2423 .name = "tmpfs", 2424 .mount = ramfs_mount, 2425 .kill_sb = kill_litter_super, 2426 }; 2427 2428 int __init shmem_init(void) 2429 { 2430 BUG_ON(register_filesystem(&shmem_fs_type) != 0); 2431 2432 shm_mnt = kern_mount(&shmem_fs_type); 2433 BUG_ON(IS_ERR(shm_mnt)); 2434 2435 return 0; 2436 } 2437 2438 int shmem_unuse(swp_entry_t swap, struct page *page) 2439 { 2440 return 0; 2441 } 2442 2443 int shmem_lock(struct file *file, int lock, struct user_struct *user) 2444 { 2445 return 0; 2446 } 2447 2448 void shmem_truncate_range(struct inode *inode, loff_t lstart, loff_t lend) 2449 { 2450 truncate_inode_pages_range(inode->i_mapping, lstart, lend); 2451 } 2452 EXPORT_SYMBOL_GPL(shmem_truncate_range); 2453 2454 #define shmem_vm_ops generic_file_vm_ops 2455 #define shmem_file_operations ramfs_file_operations 2456 #define shmem_get_inode(sb, dir, mode, dev, flags) ramfs_get_inode(sb, dir, mode, dev) 2457 #define shmem_acct_size(flags, size) 0 2458 #define shmem_unacct_size(flags, size) do {} while (0) 2459 2460 #endif /* CONFIG_SHMEM */ 2461 2462 /* common code */ 2463 2464 /** 2465 * shmem_file_setup - get an unlinked file living in tmpfs 2466 * @name: name for dentry (to be seen in /proc/<pid>/maps 2467 * @size: size to be set for the file 2468 * @flags: VM_NORESERVE suppresses pre-accounting of the entire object size 2469 */ 2470 struct file *shmem_file_setup(const char *name, loff_t size, unsigned long flags) 2471 { 2472 int error; 2473 struct file *file; 2474 struct inode *inode; 2475 struct path path; 2476 struct dentry *root; 2477 struct qstr this; 2478 2479 if (IS_ERR(shm_mnt)) 2480 return (void *)shm_mnt; 2481 2482 if (size < 0 || size > MAX_LFS_FILESIZE) 2483 return ERR_PTR(-EINVAL); 2484 2485 if (shmem_acct_size(flags, size)) 2486 return ERR_PTR(-ENOMEM); 2487 2488 error = -ENOMEM; 2489 this.name = name; 2490 this.len = strlen(name); 2491 this.hash = 0; /* will go */ 2492 root = shm_mnt->mnt_root; 2493 path.dentry = d_alloc(root, &this); 2494 if (!path.dentry) 2495 goto put_memory; 2496 path.mnt = mntget(shm_mnt); 2497 2498 error = -ENOSPC; 2499 inode = shmem_get_inode(root->d_sb, NULL, S_IFREG | S_IRWXUGO, 0, flags); 2500 if (!inode) 2501 goto put_dentry; 2502 2503 d_instantiate(path.dentry, inode); 2504 inode->i_size = size; 2505 clear_nlink(inode); /* It is unlinked */ 2506 #ifndef CONFIG_MMU 2507 error = ramfs_nommu_expand_for_mapping(inode, size); 2508 if (error) 2509 goto put_dentry; 2510 #endif 2511 2512 error = -ENFILE; 2513 file = alloc_file(&path, FMODE_WRITE | FMODE_READ, 2514 &shmem_file_operations); 2515 if (!file) 2516 goto put_dentry; 2517 2518 return file; 2519 2520 put_dentry: 2521 path_put(&path); 2522 put_memory: 2523 shmem_unacct_size(flags, size); 2524 return ERR_PTR(error); 2525 } 2526 EXPORT_SYMBOL_GPL(shmem_file_setup); 2527 2528 /** 2529 * shmem_zero_setup - setup a shared anonymous mapping 2530 * @vma: the vma to be mmapped is prepared by do_mmap_pgoff 2531 */ 2532 int shmem_zero_setup(struct vm_area_struct *vma) 2533 { 2534 struct file *file; 2535 loff_t size = vma->vm_end - vma->vm_start; 2536 2537 file = shmem_file_setup("dev/zero", size, vma->vm_flags); 2538 if (IS_ERR(file)) 2539 return PTR_ERR(file); 2540 2541 if (vma->vm_file) 2542 fput(vma->vm_file); 2543 vma->vm_file = file; 2544 vma->vm_ops = &shmem_vm_ops; 2545 vma->vm_flags |= VM_CAN_NONLINEAR; 2546 return 0; 2547 } 2548 2549 /** 2550 * shmem_read_mapping_page_gfp - read into page cache, using specified page allocation flags. 2551 * @mapping: the page's address_space 2552 * @index: the page index 2553 * @gfp: the page allocator flags to use if allocating 2554 * 2555 * This behaves as a tmpfs "read_cache_page_gfp(mapping, index, gfp)", 2556 * with any new page allocations done using the specified allocation flags. 2557 * But read_cache_page_gfp() uses the ->readpage() method: which does not 2558 * suit tmpfs, since it may have pages in swapcache, and needs to find those 2559 * for itself; although drivers/gpu/drm i915 and ttm rely upon this support. 2560 * 2561 * i915_gem_object_get_pages_gtt() mixes __GFP_NORETRY | __GFP_NOWARN in 2562 * with the mapping_gfp_mask(), to avoid OOMing the machine unnecessarily. 2563 */ 2564 struct page *shmem_read_mapping_page_gfp(struct address_space *mapping, 2565 pgoff_t index, gfp_t gfp) 2566 { 2567 #ifdef CONFIG_SHMEM 2568 struct inode *inode = mapping->host; 2569 struct page *page; 2570 int error; 2571 2572 BUG_ON(mapping->a_ops != &shmem_aops); 2573 error = shmem_getpage_gfp(inode, index, &page, SGP_CACHE, gfp, NULL); 2574 if (error) 2575 page = ERR_PTR(error); 2576 else 2577 unlock_page(page); 2578 return page; 2579 #else 2580 /* 2581 * The tiny !SHMEM case uses ramfs without swap 2582 */ 2583 return read_cache_page_gfp(mapping, index, gfp); 2584 #endif 2585 } 2586 EXPORT_SYMBOL_GPL(shmem_read_mapping_page_gfp); 2587