1 /* 2 * linux/mm/filemap.c 3 * 4 * Copyright (C) 1994-1999 Linus Torvalds 5 */ 6 7 /* 8 * This file handles the generic file mmap semantics used by 9 * most "normal" filesystems (but you don't /have/ to use this: 10 * the NFS filesystem used to do this differently, for example) 11 */ 12 #include <linux/config.h> 13 #include <linux/module.h> 14 #include <linux/slab.h> 15 #include <linux/compiler.h> 16 #include <linux/fs.h> 17 #include <linux/aio.h> 18 #include <linux/kernel_stat.h> 19 #include <linux/mm.h> 20 #include <linux/swap.h> 21 #include <linux/mman.h> 22 #include <linux/pagemap.h> 23 #include <linux/file.h> 24 #include <linux/uio.h> 25 #include <linux/hash.h> 26 #include <linux/writeback.h> 27 #include <linux/pagevec.h> 28 #include <linux/blkdev.h> 29 #include <linux/security.h> 30 /* 31 * This is needed for the following functions: 32 * - try_to_release_page 33 * - block_invalidatepage 34 * - generic_osync_inode 35 * 36 * FIXME: remove all knowledge of the buffer layer from the core VM 37 */ 38 #include <linux/buffer_head.h> /* for generic_osync_inode */ 39 40 #include <asm/uaccess.h> 41 #include <asm/mman.h> 42 43 /* 44 * Shared mappings implemented 30.11.1994. It's not fully working yet, 45 * though. 46 * 47 * Shared mappings now work. 15.8.1995 Bruno. 48 * 49 * finished 'unifying' the page and buffer cache and SMP-threaded the 50 * page-cache, 21.05.1999, Ingo Molnar <mingo@redhat.com> 51 * 52 * SMP-threaded pagemap-LRU 1999, Andrea Arcangeli <andrea@suse.de> 53 */ 54 55 /* 56 * Lock ordering: 57 * 58 * ->i_mmap_lock (vmtruncate) 59 * ->private_lock (__free_pte->__set_page_dirty_buffers) 60 * ->swap_list_lock 61 * ->swap_device_lock (exclusive_swap_page, others) 62 * ->mapping->tree_lock 63 * ->page_map_lock() (try_to_unmap_file) 64 * 65 * ->i_sem 66 * ->i_mmap_lock (truncate->unmap_mapping_range) 67 * 68 * ->mmap_sem 69 * ->i_mmap_lock 70 * ->page_table_lock (various places, mainly in mmap.c) 71 * ->mapping->tree_lock (arch-dependent flush_dcache_mmap_lock) 72 * 73 * ->mmap_sem 74 * ->lock_page (access_process_vm) 75 * 76 * ->mmap_sem 77 * ->i_sem (msync) 78 * 79 * ->i_sem 80 * ->i_alloc_sem (various) 81 * 82 * ->inode_lock 83 * ->sb_lock (fs/fs-writeback.c) 84 * ->mapping->tree_lock (__sync_single_inode) 85 * 86 * ->page_table_lock 87 * ->swap_device_lock (try_to_unmap_one) 88 * ->private_lock (try_to_unmap_one) 89 * ->tree_lock (try_to_unmap_one) 90 * ->zone.lru_lock (follow_page->mark_page_accessed) 91 * ->page_map_lock() (page_add_anon_rmap) 92 * ->tree_lock (page_remove_rmap->set_page_dirty) 93 * ->private_lock (page_remove_rmap->set_page_dirty) 94 * ->inode_lock (page_remove_rmap->set_page_dirty) 95 * ->anon_vma.lock (anon_vma_prepare) 96 * ->inode_lock (zap_pte_range->set_page_dirty) 97 * ->private_lock (zap_pte_range->__set_page_dirty_buffers) 98 * 99 * ->task->proc_lock 100 * ->dcache_lock (proc_pid_lookup) 101 */ 102 103 /* 104 * Remove a page from the page cache and free it. Caller has to make 105 * sure the page is locked and that nobody else uses it - or that usage 106 * is safe. The caller must hold a write_lock on the mapping's tree_lock. 107 */ 108 void __remove_from_page_cache(struct page *page) 109 { 110 struct address_space *mapping = page->mapping; 111 112 radix_tree_delete(&mapping->page_tree, page->index); 113 page->mapping = NULL; 114 mapping->nrpages--; 115 pagecache_acct(-1); 116 } 117 118 void remove_from_page_cache(struct page *page) 119 { 120 struct address_space *mapping = page->mapping; 121 122 if (unlikely(!PageLocked(page))) 123 PAGE_BUG(page); 124 125 spin_lock_irq(&mapping->tree_lock); 126 __remove_from_page_cache(page); 127 spin_unlock_irq(&mapping->tree_lock); 128 } 129 130 static inline int sync_page(struct page *page) 131 { 132 struct address_space *mapping; 133 134 /* 135 * FIXME, fercrissake. What is this barrier here for? 136 */ 137 smp_mb(); 138 mapping = page_mapping(page); 139 if (mapping && mapping->a_ops && mapping->a_ops->sync_page) 140 return mapping->a_ops->sync_page(page); 141 return 0; 142 } 143 144 /** 145 * filemap_fdatawrite - start writeback against all of a mapping's dirty pages 146 * @mapping: address space structure to write 147 * 148 * If sync_mode is WB_SYNC_ALL then this is a "data integrity" operation, as 149 * opposed to a regular memory * cleansing writeback. The difference between 150 * these two operations is that if a dirty page/buffer is encountered, it must 151 * be waited upon, and not just skipped over. 152 */ 153 static int __filemap_fdatawrite(struct address_space *mapping, int sync_mode) 154 { 155 int ret; 156 struct writeback_control wbc = { 157 .sync_mode = sync_mode, 158 .nr_to_write = mapping->nrpages * 2, 159 }; 160 161 if (mapping->backing_dev_info->memory_backed) 162 return 0; 163 164 ret = do_writepages(mapping, &wbc); 165 return ret; 166 } 167 168 int filemap_fdatawrite(struct address_space *mapping) 169 { 170 return __filemap_fdatawrite(mapping, WB_SYNC_ALL); 171 } 172 EXPORT_SYMBOL(filemap_fdatawrite); 173 174 /* 175 * This is a mostly non-blocking flush. Not suitable for data-integrity 176 * purposes - I/O may not be started against all dirty pages. 177 */ 178 int filemap_flush(struct address_space *mapping) 179 { 180 return __filemap_fdatawrite(mapping, WB_SYNC_NONE); 181 } 182 EXPORT_SYMBOL(filemap_flush); 183 184 /* 185 * Wait for writeback to complete against pages indexed by start->end 186 * inclusive 187 */ 188 static int wait_on_page_writeback_range(struct address_space *mapping, 189 pgoff_t start, pgoff_t end) 190 { 191 struct pagevec pvec; 192 int nr_pages; 193 int ret = 0; 194 pgoff_t index; 195 196 if (end < start) 197 return 0; 198 199 pagevec_init(&pvec, 0); 200 index = start; 201 while ((nr_pages = pagevec_lookup_tag(&pvec, mapping, &index, 202 PAGECACHE_TAG_WRITEBACK, 203 min(end - index, (pgoff_t)PAGEVEC_SIZE-1) + 1)) != 0) { 204 unsigned i; 205 206 for (i = 0; i < nr_pages; i++) { 207 struct page *page = pvec.pages[i]; 208 209 wait_on_page_writeback(page); 210 if (PageError(page)) 211 ret = -EIO; 212 } 213 pagevec_release(&pvec); 214 cond_resched(); 215 } 216 217 /* Check for outstanding write errors */ 218 if (test_and_clear_bit(AS_ENOSPC, &mapping->flags)) 219 ret = -ENOSPC; 220 if (test_and_clear_bit(AS_EIO, &mapping->flags)) 221 ret = -EIO; 222 223 return ret; 224 } 225 226 /** 227 * filemap_fdatawait - walk the list of under-writeback pages of the given 228 * address space and wait for all of them. 229 * 230 * @mapping: address space structure to wait for 231 */ 232 int filemap_fdatawait(struct address_space *mapping) 233 { 234 return wait_on_page_writeback_range(mapping, 0, -1); 235 } 236 237 EXPORT_SYMBOL(filemap_fdatawait); 238 239 int filemap_write_and_wait(struct address_space *mapping) 240 { 241 int retval = 0; 242 243 if (mapping->nrpages) { 244 retval = filemap_fdatawrite(mapping); 245 if (retval == 0) 246 retval = filemap_fdatawait(mapping); 247 } 248 return retval; 249 } 250 251 /* 252 * This function is used to add newly allocated pagecache pages: 253 * the page is new, so we can just run SetPageLocked() against it. 254 * The other page state flags were set by rmqueue(). 255 * 256 * This function does not add the page to the LRU. The caller must do that. 257 */ 258 int add_to_page_cache(struct page *page, struct address_space *mapping, 259 pgoff_t offset, int gfp_mask) 260 { 261 int error = radix_tree_preload(gfp_mask & ~__GFP_HIGHMEM); 262 263 if (error == 0) { 264 spin_lock_irq(&mapping->tree_lock); 265 error = radix_tree_insert(&mapping->page_tree, offset, page); 266 if (!error) { 267 page_cache_get(page); 268 SetPageLocked(page); 269 page->mapping = mapping; 270 page->index = offset; 271 mapping->nrpages++; 272 pagecache_acct(1); 273 } 274 spin_unlock_irq(&mapping->tree_lock); 275 radix_tree_preload_end(); 276 } 277 return error; 278 } 279 280 EXPORT_SYMBOL(add_to_page_cache); 281 282 int add_to_page_cache_lru(struct page *page, struct address_space *mapping, 283 pgoff_t offset, int gfp_mask) 284 { 285 int ret = add_to_page_cache(page, mapping, offset, gfp_mask); 286 if (ret == 0) 287 lru_cache_add(page); 288 return ret; 289 } 290 291 /* 292 * In order to wait for pages to become available there must be 293 * waitqueues associated with pages. By using a hash table of 294 * waitqueues where the bucket discipline is to maintain all 295 * waiters on the same queue and wake all when any of the pages 296 * become available, and for the woken contexts to check to be 297 * sure the appropriate page became available, this saves space 298 * at a cost of "thundering herd" phenomena during rare hash 299 * collisions. 300 */ 301 struct page_wait_queue { 302 struct page *page; 303 int bit; 304 wait_queue_t wait; 305 }; 306 307 static int page_wake_function(wait_queue_t *wait, unsigned mode, int sync, void *key) 308 { 309 struct page *page = key; 310 struct page_wait_queue *wq; 311 312 wq = container_of(wait, struct page_wait_queue, wait); 313 if (wq->page != page || test_bit(wq->bit, &page->flags)) 314 return 0; 315 else 316 return autoremove_wake_function(wait, mode, sync, NULL); 317 } 318 319 #define __DEFINE_PAGE_WAIT(name, p, b, f) \ 320 struct page_wait_queue name = { \ 321 .page = p, \ 322 .bit = b, \ 323 .wait = { \ 324 .task = current, \ 325 .func = page_wake_function, \ 326 .flags = f, \ 327 .task_list = LIST_HEAD_INIT(name.wait.task_list),\ 328 }, \ 329 } 330 331 #define DEFINE_PAGE_WAIT(name, p, b) __DEFINE_PAGE_WAIT(name, p, b, 0) 332 #define DEFINE_PAGE_WAIT_EXCLUSIVE(name, p, b) \ 333 __DEFINE_PAGE_WAIT(name, p, b, WQ_FLAG_EXCLUSIVE) 334 335 static wait_queue_head_t *page_waitqueue(struct page *page) 336 { 337 const struct zone *zone = page_zone(page); 338 339 return &zone->wait_table[hash_ptr(page, zone->wait_table_bits)]; 340 } 341 342 static void wake_up_page(struct page *page) 343 { 344 const unsigned int mode = TASK_UNINTERRUPTIBLE | TASK_INTERRUPTIBLE; 345 wait_queue_head_t *waitqueue = page_waitqueue(page); 346 347 if (waitqueue_active(waitqueue)) 348 __wake_up(waitqueue, mode, 1, page); 349 } 350 351 void fastcall wait_on_page_bit(struct page *page, int bit_nr) 352 { 353 wait_queue_head_t *waitqueue = page_waitqueue(page); 354 DEFINE_PAGE_WAIT(wait, page, bit_nr); 355 356 do { 357 prepare_to_wait(waitqueue, &wait.wait, TASK_UNINTERRUPTIBLE); 358 if (test_bit(bit_nr, &page->flags)) { 359 sync_page(page); 360 io_schedule(); 361 } 362 } while (test_bit(bit_nr, &page->flags)); 363 finish_wait(waitqueue, &wait.wait); 364 } 365 366 EXPORT_SYMBOL(wait_on_page_bit); 367 368 /** 369 * unlock_page() - unlock a locked page 370 * 371 * @page: the page 372 * 373 * Unlocks the page and wakes up sleepers in ___wait_on_page_locked(). 374 * Also wakes sleepers in wait_on_page_writeback() because the wakeup 375 * mechananism between PageLocked pages and PageWriteback pages is shared. 376 * But that's OK - sleepers in wait_on_page_writeback() just go back to sleep. 377 * 378 * The first mb is necessary to safely close the critical section opened by the 379 * TestSetPageLocked(), the second mb is necessary to enforce ordering between 380 * the clear_bit and the read of the waitqueue (to avoid SMP races with a 381 * parallel wait_on_page_locked()). 382 */ 383 void fastcall unlock_page(struct page *page) 384 { 385 smp_mb__before_clear_bit(); 386 if (!TestClearPageLocked(page)) 387 BUG(); 388 smp_mb__after_clear_bit(); 389 wake_up_page(page); 390 } 391 392 EXPORT_SYMBOL(unlock_page); 393 EXPORT_SYMBOL(lock_page); 394 395 /* 396 * End writeback against a page. 397 */ 398 void end_page_writeback(struct page *page) 399 { 400 if (!TestClearPageReclaim(page) || rotate_reclaimable_page(page)) { 401 if (!test_clear_page_writeback(page)) 402 BUG(); 403 smp_mb__after_clear_bit(); 404 } 405 wake_up_page(page); 406 } 407 408 EXPORT_SYMBOL(end_page_writeback); 409 410 /* 411 * Get a lock on the page, assuming we need to sleep to get it. 412 * 413 * Ugly: running sync_page() in state TASK_UNINTERRUPTIBLE is scary. If some 414 * random driver's requestfn sets TASK_RUNNING, we could busywait. However 415 * chances are that on the second loop, the block layer's plug list is empty, 416 * so sync_page() will then return in state TASK_UNINTERRUPTIBLE. 417 */ 418 void fastcall __lock_page(struct page *page) 419 { 420 wait_queue_head_t *wqh = page_waitqueue(page); 421 DEFINE_PAGE_WAIT_EXCLUSIVE(wait, page, PG_locked); 422 423 while (TestSetPageLocked(page)) { 424 prepare_to_wait_exclusive(wqh, &wait.wait, TASK_UNINTERRUPTIBLE); 425 if (PageLocked(page)) { 426 sync_page(page); 427 io_schedule(); 428 } 429 } 430 finish_wait(wqh, &wait.wait); 431 } 432 433 EXPORT_SYMBOL(__lock_page); 434 435 /* 436 * a rather lightweight function, finding and getting a reference to a 437 * hashed page atomically. 438 */ 439 struct page * find_get_page(struct address_space *mapping, unsigned long offset) 440 { 441 struct page *page; 442 443 spin_lock_irq(&mapping->tree_lock); 444 page = radix_tree_lookup(&mapping->page_tree, offset); 445 if (page) 446 page_cache_get(page); 447 spin_unlock_irq(&mapping->tree_lock); 448 return page; 449 } 450 451 EXPORT_SYMBOL(find_get_page); 452 453 /* 454 * Same as above, but trylock it instead of incrementing the count. 455 */ 456 struct page *find_trylock_page(struct address_space *mapping, unsigned long offset) 457 { 458 struct page *page; 459 460 spin_lock_irq(&mapping->tree_lock); 461 page = radix_tree_lookup(&mapping->page_tree, offset); 462 if (page && TestSetPageLocked(page)) 463 page = NULL; 464 spin_unlock_irq(&mapping->tree_lock); 465 return page; 466 } 467 468 EXPORT_SYMBOL(find_trylock_page); 469 470 /** 471 * find_lock_page - locate, pin and lock a pagecache page 472 * 473 * @mapping - the address_space to search 474 * @offset - the page index 475 * 476 * Locates the desired pagecache page, locks it, increments its reference 477 * count and returns its address. 478 * 479 * Returns zero if the page was not present. find_lock_page() may sleep. 480 */ 481 struct page *find_lock_page(struct address_space *mapping, 482 unsigned long offset) 483 { 484 struct page *page; 485 486 spin_lock_irq(&mapping->tree_lock); 487 repeat: 488 page = radix_tree_lookup(&mapping->page_tree, offset); 489 if (page) { 490 page_cache_get(page); 491 if (TestSetPageLocked(page)) { 492 spin_unlock_irq(&mapping->tree_lock); 493 lock_page(page); 494 spin_lock_irq(&mapping->tree_lock); 495 496 /* Has the page been truncated while we slept? */ 497 if (page->mapping != mapping || page->index != offset) { 498 unlock_page(page); 499 page_cache_release(page); 500 goto repeat; 501 } 502 } 503 } 504 spin_unlock_irq(&mapping->tree_lock); 505 return page; 506 } 507 508 EXPORT_SYMBOL(find_lock_page); 509 510 /** 511 * find_or_create_page - locate or add a pagecache page 512 * 513 * @mapping - the page's address_space 514 * @index - the page's index into the mapping 515 * @gfp_mask - page allocation mode 516 * 517 * Locates a page in the pagecache. If the page is not present, a new page 518 * is allocated using @gfp_mask and is added to the pagecache and to the VM's 519 * LRU list. The returned page is locked and has its reference count 520 * incremented. 521 * 522 * find_or_create_page() may sleep, even if @gfp_flags specifies an atomic 523 * allocation! 524 * 525 * find_or_create_page() returns the desired page's address, or zero on 526 * memory exhaustion. 527 */ 528 struct page *find_or_create_page(struct address_space *mapping, 529 unsigned long index, unsigned int gfp_mask) 530 { 531 struct page *page, *cached_page = NULL; 532 int err; 533 repeat: 534 page = find_lock_page(mapping, index); 535 if (!page) { 536 if (!cached_page) { 537 cached_page = alloc_page(gfp_mask); 538 if (!cached_page) 539 return NULL; 540 } 541 err = add_to_page_cache_lru(cached_page, mapping, 542 index, gfp_mask); 543 if (!err) { 544 page = cached_page; 545 cached_page = NULL; 546 } else if (err == -EEXIST) 547 goto repeat; 548 } 549 if (cached_page) 550 page_cache_release(cached_page); 551 return page; 552 } 553 554 EXPORT_SYMBOL(find_or_create_page); 555 556 /** 557 * find_get_pages - gang pagecache lookup 558 * @mapping: The address_space to search 559 * @start: The starting page index 560 * @nr_pages: The maximum number of pages 561 * @pages: Where the resulting pages are placed 562 * 563 * find_get_pages() will search for and return a group of up to 564 * @nr_pages pages in the mapping. The pages are placed at @pages. 565 * find_get_pages() takes a reference against the returned pages. 566 * 567 * The search returns a group of mapping-contiguous pages with ascending 568 * indexes. There may be holes in the indices due to not-present pages. 569 * 570 * find_get_pages() returns the number of pages which were found. 571 */ 572 unsigned find_get_pages(struct address_space *mapping, pgoff_t start, 573 unsigned int nr_pages, struct page **pages) 574 { 575 unsigned int i; 576 unsigned int ret; 577 578 spin_lock_irq(&mapping->tree_lock); 579 ret = radix_tree_gang_lookup(&mapping->page_tree, 580 (void **)pages, start, nr_pages); 581 for (i = 0; i < ret; i++) 582 page_cache_get(pages[i]); 583 spin_unlock_irq(&mapping->tree_lock); 584 return ret; 585 } 586 587 /* 588 * Like find_get_pages, except we only return pages which are tagged with 589 * `tag'. We update *index to index the next page for the traversal. 590 */ 591 unsigned find_get_pages_tag(struct address_space *mapping, pgoff_t *index, 592 int tag, unsigned int nr_pages, struct page **pages) 593 { 594 unsigned int i; 595 unsigned int ret; 596 597 spin_lock_irq(&mapping->tree_lock); 598 ret = radix_tree_gang_lookup_tag(&mapping->page_tree, 599 (void **)pages, *index, nr_pages, tag); 600 for (i = 0; i < ret; i++) 601 page_cache_get(pages[i]); 602 if (ret) 603 *index = pages[ret - 1]->index + 1; 604 spin_unlock_irq(&mapping->tree_lock); 605 return ret; 606 } 607 608 /* 609 * Same as grab_cache_page, but do not wait if the page is unavailable. 610 * This is intended for speculative data generators, where the data can 611 * be regenerated if the page couldn't be grabbed. This routine should 612 * be safe to call while holding the lock for another page. 613 * 614 * Clear __GFP_FS when allocating the page to avoid recursion into the fs 615 * and deadlock against the caller's locked page. 616 */ 617 struct page * 618 grab_cache_page_nowait(struct address_space *mapping, unsigned long index) 619 { 620 struct page *page = find_get_page(mapping, index); 621 int gfp_mask; 622 623 if (page) { 624 if (!TestSetPageLocked(page)) 625 return page; 626 page_cache_release(page); 627 return NULL; 628 } 629 gfp_mask = mapping_gfp_mask(mapping) & ~__GFP_FS; 630 page = alloc_pages(gfp_mask, 0); 631 if (page && add_to_page_cache_lru(page, mapping, index, gfp_mask)) { 632 page_cache_release(page); 633 page = NULL; 634 } 635 return page; 636 } 637 638 EXPORT_SYMBOL(grab_cache_page_nowait); 639 640 /* 641 * This is a generic file read routine, and uses the 642 * mapping->a_ops->readpage() function for the actual low-level 643 * stuff. 644 * 645 * This is really ugly. But the goto's actually try to clarify some 646 * of the logic when it comes to error handling etc. 647 * - note the struct file * is only passed for the use of readpage 648 */ 649 void do_generic_mapping_read(struct address_space *mapping, 650 struct file_ra_state *_ra, 651 struct file * filp, 652 loff_t *ppos, 653 read_descriptor_t * desc, 654 read_actor_t actor) 655 { 656 struct inode *inode = mapping->host; 657 unsigned long index, end_index, offset; 658 loff_t isize; 659 struct page *cached_page; 660 int error; 661 struct file_ra_state ra = *_ra; 662 663 cached_page = NULL; 664 index = *ppos >> PAGE_CACHE_SHIFT; 665 offset = *ppos & ~PAGE_CACHE_MASK; 666 667 isize = i_size_read(inode); 668 end_index = isize >> PAGE_CACHE_SHIFT; 669 if (index > end_index) 670 goto out; 671 672 for (;;) { 673 struct page *page; 674 unsigned long nr, ret; 675 676 cond_resched(); 677 page_cache_readahead(mapping, &ra, filp, index); 678 679 find_page: 680 page = find_get_page(mapping, index); 681 if (unlikely(page == NULL)) { 682 handle_ra_miss(mapping, &ra, index); 683 goto no_cached_page; 684 } 685 if (!PageUptodate(page)) 686 goto page_not_up_to_date; 687 page_ok: 688 /* nr is the maximum number of bytes to copy from this page */ 689 nr = PAGE_CACHE_SIZE; 690 if (index == end_index) { 691 nr = isize & ~PAGE_CACHE_MASK; 692 if (nr <= offset) { 693 page_cache_release(page); 694 goto out; 695 } 696 } 697 nr = nr - offset; 698 699 /* If users can be writing to this page using arbitrary 700 * virtual addresses, take care about potential aliasing 701 * before reading the page on the kernel side. 702 */ 703 if (mapping_writably_mapped(mapping)) 704 flush_dcache_page(page); 705 706 /* 707 * Mark the page accessed if we read the beginning. 708 */ 709 if (!offset) 710 mark_page_accessed(page); 711 712 /* 713 * Ok, we have the page, and it's up-to-date, so 714 * now we can copy it to user space... 715 * 716 * The actor routine returns how many bytes were actually used.. 717 * NOTE! This may not be the same as how much of a user buffer 718 * we filled up (we may be padding etc), so we can only update 719 * "pos" here (the actor routine has to update the user buffer 720 * pointers and the remaining count). 721 */ 722 ret = actor(desc, page, offset, nr); 723 offset += ret; 724 index += offset >> PAGE_CACHE_SHIFT; 725 offset &= ~PAGE_CACHE_MASK; 726 727 page_cache_release(page); 728 if (ret == nr && desc->count) 729 continue; 730 goto out; 731 732 page_not_up_to_date: 733 /* Get exclusive access to the page ... */ 734 lock_page(page); 735 736 /* Did it get unhashed before we got the lock? */ 737 if (!page->mapping) { 738 unlock_page(page); 739 page_cache_release(page); 740 continue; 741 } 742 743 /* Did somebody else fill it already? */ 744 if (PageUptodate(page)) { 745 unlock_page(page); 746 goto page_ok; 747 } 748 749 readpage: 750 /* Start the actual read. The read will unlock the page. */ 751 error = mapping->a_ops->readpage(filp, page); 752 753 if (unlikely(error)) 754 goto readpage_error; 755 756 if (!PageUptodate(page)) { 757 wait_on_page_locked(page); 758 if (!PageUptodate(page)) { 759 error = -EIO; 760 goto readpage_error; 761 } 762 } 763 764 /* 765 * i_size must be checked after we have done ->readpage. 766 * 767 * Checking i_size after the readpage allows us to calculate 768 * the correct value for "nr", which means the zero-filled 769 * part of the page is not copied back to userspace (unless 770 * another truncate extends the file - this is desired though). 771 */ 772 isize = i_size_read(inode); 773 end_index = isize >> PAGE_CACHE_SHIFT; 774 if (index > end_index) { 775 page_cache_release(page); 776 goto out; 777 } 778 goto page_ok; 779 780 readpage_error: 781 /* UHHUH! A synchronous read error occurred. Report it */ 782 desc->error = error; 783 page_cache_release(page); 784 goto out; 785 786 no_cached_page: 787 /* 788 * Ok, it wasn't cached, so we need to create a new 789 * page.. 790 */ 791 if (!cached_page) { 792 cached_page = page_cache_alloc_cold(mapping); 793 if (!cached_page) { 794 desc->error = -ENOMEM; 795 goto out; 796 } 797 } 798 error = add_to_page_cache_lru(cached_page, mapping, 799 index, GFP_KERNEL); 800 if (error) { 801 if (error == -EEXIST) 802 goto find_page; 803 desc->error = error; 804 goto out; 805 } 806 page = cached_page; 807 cached_page = NULL; 808 goto readpage; 809 } 810 811 out: 812 *_ra = ra; 813 814 *ppos = ((loff_t) index << PAGE_CACHE_SHIFT) + offset; 815 if (cached_page) 816 page_cache_release(cached_page); 817 file_accessed(filp); 818 } 819 820 EXPORT_SYMBOL(do_generic_mapping_read); 821 822 int file_read_actor(read_descriptor_t *desc, struct page *page, 823 unsigned long offset, unsigned long size) 824 { 825 char *kaddr; 826 unsigned long left, count = desc->count; 827 828 if (size > count) 829 size = count; 830 831 /* 832 * Faults on the destination of a read are common, so do it before 833 * taking the kmap. 834 */ 835 if (!fault_in_pages_writeable(desc->arg.buf, size)) { 836 kaddr = kmap_atomic(page, KM_USER0); 837 left = __copy_to_user(desc->arg.buf, kaddr + offset, size); 838 kunmap_atomic(kaddr, KM_USER0); 839 if (left == 0) 840 goto success; 841 } 842 843 /* Do it the slow way */ 844 kaddr = kmap(page); 845 left = __copy_to_user(desc->arg.buf, kaddr + offset, size); 846 kunmap(page); 847 848 if (left) { 849 size -= left; 850 desc->error = -EFAULT; 851 } 852 success: 853 desc->count = count - size; 854 desc->written += size; 855 desc->arg.buf += size; 856 return size; 857 } 858 859 /* 860 * This is the "read()" routine for all filesystems 861 * that can use the page cache directly. 862 */ 863 ssize_t 864 __generic_file_aio_read(struct kiocb *iocb, const struct iovec *iov, 865 unsigned long nr_segs, loff_t *ppos) 866 { 867 struct file *filp = iocb->ki_filp; 868 ssize_t retval; 869 unsigned long seg; 870 size_t count; 871 872 count = 0; 873 for (seg = 0; seg < nr_segs; seg++) { 874 const struct iovec *iv = &iov[seg]; 875 876 /* 877 * If any segment has a negative length, or the cumulative 878 * length ever wraps negative then return -EINVAL. 879 */ 880 count += iv->iov_len; 881 if (unlikely((ssize_t)(count|iv->iov_len) < 0)) 882 return -EINVAL; 883 if (access_ok(VERIFY_WRITE, iv->iov_base, iv->iov_len)) 884 continue; 885 if (seg == 0) 886 return -EFAULT; 887 nr_segs = seg; 888 count -= iv->iov_len; /* This segment is no good */ 889 break; 890 } 891 892 /* coalesce the iovecs and go direct-to-BIO for O_DIRECT */ 893 if (filp->f_flags & O_DIRECT) { 894 loff_t pos = *ppos, size; 895 struct address_space *mapping; 896 struct inode *inode; 897 898 mapping = filp->f_mapping; 899 inode = mapping->host; 900 retval = 0; 901 if (!count) 902 goto out; /* skip atime */ 903 size = i_size_read(inode); 904 if (pos < size) { 905 retval = generic_file_direct_IO(READ, iocb, 906 iov, pos, nr_segs); 907 if (retval >= 0 && !is_sync_kiocb(iocb)) 908 retval = -EIOCBQUEUED; 909 if (retval > 0) 910 *ppos = pos + retval; 911 } 912 file_accessed(filp); 913 goto out; 914 } 915 916 retval = 0; 917 if (count) { 918 for (seg = 0; seg < nr_segs; seg++) { 919 read_descriptor_t desc; 920 921 desc.written = 0; 922 desc.arg.buf = iov[seg].iov_base; 923 desc.count = iov[seg].iov_len; 924 if (desc.count == 0) 925 continue; 926 desc.error = 0; 927 do_generic_file_read(filp,ppos,&desc,file_read_actor); 928 retval += desc.written; 929 if (!retval) { 930 retval = desc.error; 931 break; 932 } 933 } 934 } 935 out: 936 return retval; 937 } 938 939 EXPORT_SYMBOL(__generic_file_aio_read); 940 941 ssize_t 942 generic_file_aio_read(struct kiocb *iocb, char __user *buf, size_t count, loff_t pos) 943 { 944 struct iovec local_iov = { .iov_base = buf, .iov_len = count }; 945 946 BUG_ON(iocb->ki_pos != pos); 947 return __generic_file_aio_read(iocb, &local_iov, 1, &iocb->ki_pos); 948 } 949 950 EXPORT_SYMBOL(generic_file_aio_read); 951 952 ssize_t 953 generic_file_read(struct file *filp, char __user *buf, size_t count, loff_t *ppos) 954 { 955 struct iovec local_iov = { .iov_base = buf, .iov_len = count }; 956 struct kiocb kiocb; 957 ssize_t ret; 958 959 init_sync_kiocb(&kiocb, filp); 960 ret = __generic_file_aio_read(&kiocb, &local_iov, 1, ppos); 961 if (-EIOCBQUEUED == ret) 962 ret = wait_on_sync_kiocb(&kiocb); 963 return ret; 964 } 965 966 EXPORT_SYMBOL(generic_file_read); 967 968 int file_send_actor(read_descriptor_t * desc, struct page *page, unsigned long offset, unsigned long size) 969 { 970 ssize_t written; 971 unsigned long count = desc->count; 972 struct file *file = desc->arg.data; 973 974 if (size > count) 975 size = count; 976 977 written = file->f_op->sendpage(file, page, offset, 978 size, &file->f_pos, size<count); 979 if (written < 0) { 980 desc->error = written; 981 written = 0; 982 } 983 desc->count = count - written; 984 desc->written += written; 985 return written; 986 } 987 988 ssize_t generic_file_sendfile(struct file *in_file, loff_t *ppos, 989 size_t count, read_actor_t actor, void *target) 990 { 991 read_descriptor_t desc; 992 993 if (!count) 994 return 0; 995 996 desc.written = 0; 997 desc.count = count; 998 desc.arg.data = target; 999 desc.error = 0; 1000 1001 do_generic_file_read(in_file, ppos, &desc, actor); 1002 if (desc.written) 1003 return desc.written; 1004 return desc.error; 1005 } 1006 1007 EXPORT_SYMBOL(generic_file_sendfile); 1008 1009 static ssize_t 1010 do_readahead(struct address_space *mapping, struct file *filp, 1011 unsigned long index, unsigned long nr) 1012 { 1013 if (!mapping || !mapping->a_ops || !mapping->a_ops->readpage) 1014 return -EINVAL; 1015 1016 force_page_cache_readahead(mapping, filp, index, 1017 max_sane_readahead(nr)); 1018 return 0; 1019 } 1020 1021 asmlinkage ssize_t sys_readahead(int fd, loff_t offset, size_t count) 1022 { 1023 ssize_t ret; 1024 struct file *file; 1025 1026 ret = -EBADF; 1027 file = fget(fd); 1028 if (file) { 1029 if (file->f_mode & FMODE_READ) { 1030 struct address_space *mapping = file->f_mapping; 1031 unsigned long start = offset >> PAGE_CACHE_SHIFT; 1032 unsigned long end = (offset + count - 1) >> PAGE_CACHE_SHIFT; 1033 unsigned long len = end - start + 1; 1034 ret = do_readahead(mapping, file, start, len); 1035 } 1036 fput(file); 1037 } 1038 return ret; 1039 } 1040 1041 #ifdef CONFIG_MMU 1042 /* 1043 * This adds the requested page to the page cache if it isn't already there, 1044 * and schedules an I/O to read in its contents from disk. 1045 */ 1046 static int FASTCALL(page_cache_read(struct file * file, unsigned long offset)); 1047 static int fastcall page_cache_read(struct file * file, unsigned long offset) 1048 { 1049 struct address_space *mapping = file->f_mapping; 1050 struct page *page; 1051 int error; 1052 1053 page = page_cache_alloc_cold(mapping); 1054 if (!page) 1055 return -ENOMEM; 1056 1057 error = add_to_page_cache_lru(page, mapping, offset, GFP_KERNEL); 1058 if (!error) { 1059 error = mapping->a_ops->readpage(file, page); 1060 page_cache_release(page); 1061 return error; 1062 } 1063 1064 /* 1065 * We arrive here in the unlikely event that someone 1066 * raced with us and added our page to the cache first 1067 * or we are out of memory for radix-tree nodes. 1068 */ 1069 page_cache_release(page); 1070 return error == -EEXIST ? 0 : error; 1071 } 1072 1073 #define MMAP_LOTSAMISS (100) 1074 1075 /* 1076 * filemap_nopage() is invoked via the vma operations vector for a 1077 * mapped memory region to read in file data during a page fault. 1078 * 1079 * The goto's are kind of ugly, but this streamlines the normal case of having 1080 * it in the page cache, and handles the special cases reasonably without 1081 * having a lot of duplicated code. 1082 */ 1083 struct page * filemap_nopage(struct vm_area_struct * area, unsigned long address, int *type) 1084 { 1085 int error; 1086 struct file *file = area->vm_file; 1087 struct address_space *mapping = file->f_mapping; 1088 struct file_ra_state *ra = &file->f_ra; 1089 struct inode *inode = mapping->host; 1090 struct page *page; 1091 unsigned long size, pgoff, endoff; 1092 int did_readaround = 0, majmin = VM_FAULT_MINOR; 1093 1094 pgoff = ((address - area->vm_start) >> PAGE_CACHE_SHIFT) + area->vm_pgoff; 1095 endoff = ((area->vm_end - area->vm_start) >> PAGE_CACHE_SHIFT) + area->vm_pgoff; 1096 1097 retry_all: 1098 size = (i_size_read(inode) + PAGE_CACHE_SIZE - 1) >> PAGE_CACHE_SHIFT; 1099 if (pgoff >= size) 1100 goto outside_data_content; 1101 1102 /* If we don't want any read-ahead, don't bother */ 1103 if (VM_RandomReadHint(area)) 1104 goto no_cached_page; 1105 1106 /* 1107 * The "size" of the file, as far as mmap is concerned, isn't bigger 1108 * than the mapping 1109 */ 1110 if (size > endoff) 1111 size = endoff; 1112 1113 /* 1114 * The readahead code wants to be told about each and every page 1115 * so it can build and shrink its windows appropriately 1116 * 1117 * For sequential accesses, we use the generic readahead logic. 1118 */ 1119 if (VM_SequentialReadHint(area)) 1120 page_cache_readahead(mapping, ra, file, pgoff); 1121 1122 /* 1123 * Do we have something in the page cache already? 1124 */ 1125 retry_find: 1126 page = find_get_page(mapping, pgoff); 1127 if (!page) { 1128 unsigned long ra_pages; 1129 1130 if (VM_SequentialReadHint(area)) { 1131 handle_ra_miss(mapping, ra, pgoff); 1132 goto no_cached_page; 1133 } 1134 ra->mmap_miss++; 1135 1136 /* 1137 * Do we miss much more than hit in this file? If so, 1138 * stop bothering with read-ahead. It will only hurt. 1139 */ 1140 if (ra->mmap_miss > ra->mmap_hit + MMAP_LOTSAMISS) 1141 goto no_cached_page; 1142 1143 /* 1144 * To keep the pgmajfault counter straight, we need to 1145 * check did_readaround, as this is an inner loop. 1146 */ 1147 if (!did_readaround) { 1148 majmin = VM_FAULT_MAJOR; 1149 inc_page_state(pgmajfault); 1150 } 1151 did_readaround = 1; 1152 ra_pages = max_sane_readahead(file->f_ra.ra_pages); 1153 if (ra_pages) { 1154 pgoff_t start = 0; 1155 1156 if (pgoff > ra_pages / 2) 1157 start = pgoff - ra_pages / 2; 1158 do_page_cache_readahead(mapping, file, start, ra_pages); 1159 } 1160 page = find_get_page(mapping, pgoff); 1161 if (!page) 1162 goto no_cached_page; 1163 } 1164 1165 if (!did_readaround) 1166 ra->mmap_hit++; 1167 1168 /* 1169 * Ok, found a page in the page cache, now we need to check 1170 * that it's up-to-date. 1171 */ 1172 if (!PageUptodate(page)) 1173 goto page_not_uptodate; 1174 1175 success: 1176 /* 1177 * Found the page and have a reference on it. 1178 */ 1179 mark_page_accessed(page); 1180 if (type) 1181 *type = majmin; 1182 return page; 1183 1184 outside_data_content: 1185 /* 1186 * An external ptracer can access pages that normally aren't 1187 * accessible.. 1188 */ 1189 if (area->vm_mm == current->mm) 1190 return NULL; 1191 /* Fall through to the non-read-ahead case */ 1192 no_cached_page: 1193 /* 1194 * We're only likely to ever get here if MADV_RANDOM is in 1195 * effect. 1196 */ 1197 error = page_cache_read(file, pgoff); 1198 1199 /* 1200 * The page we want has now been added to the page cache. 1201 * In the unlikely event that someone removed it in the 1202 * meantime, we'll just come back here and read it again. 1203 */ 1204 if (error >= 0) 1205 goto retry_find; 1206 1207 /* 1208 * An error return from page_cache_read can result if the 1209 * system is low on memory, or a problem occurs while trying 1210 * to schedule I/O. 1211 */ 1212 if (error == -ENOMEM) 1213 return NOPAGE_OOM; 1214 return NULL; 1215 1216 page_not_uptodate: 1217 if (!did_readaround) { 1218 majmin = VM_FAULT_MAJOR; 1219 inc_page_state(pgmajfault); 1220 } 1221 lock_page(page); 1222 1223 /* Did it get unhashed while we waited for it? */ 1224 if (!page->mapping) { 1225 unlock_page(page); 1226 page_cache_release(page); 1227 goto retry_all; 1228 } 1229 1230 /* Did somebody else get it up-to-date? */ 1231 if (PageUptodate(page)) { 1232 unlock_page(page); 1233 goto success; 1234 } 1235 1236 if (!mapping->a_ops->readpage(file, page)) { 1237 wait_on_page_locked(page); 1238 if (PageUptodate(page)) 1239 goto success; 1240 } 1241 1242 /* 1243 * Umm, take care of errors if the page isn't up-to-date. 1244 * Try to re-read it _once_. We do this synchronously, 1245 * because there really aren't any performance issues here 1246 * and we need to check for errors. 1247 */ 1248 lock_page(page); 1249 1250 /* Somebody truncated the page on us? */ 1251 if (!page->mapping) { 1252 unlock_page(page); 1253 page_cache_release(page); 1254 goto retry_all; 1255 } 1256 1257 /* Somebody else successfully read it in? */ 1258 if (PageUptodate(page)) { 1259 unlock_page(page); 1260 goto success; 1261 } 1262 ClearPageError(page); 1263 if (!mapping->a_ops->readpage(file, page)) { 1264 wait_on_page_locked(page); 1265 if (PageUptodate(page)) 1266 goto success; 1267 } 1268 1269 /* 1270 * Things didn't work out. Return zero to tell the 1271 * mm layer so, possibly freeing the page cache page first. 1272 */ 1273 page_cache_release(page); 1274 return NULL; 1275 } 1276 1277 EXPORT_SYMBOL(filemap_nopage); 1278 1279 static struct page * filemap_getpage(struct file *file, unsigned long pgoff, 1280 int nonblock) 1281 { 1282 struct address_space *mapping = file->f_mapping; 1283 struct page *page; 1284 int error; 1285 1286 /* 1287 * Do we have something in the page cache already? 1288 */ 1289 retry_find: 1290 page = find_get_page(mapping, pgoff); 1291 if (!page) { 1292 if (nonblock) 1293 return NULL; 1294 goto no_cached_page; 1295 } 1296 1297 /* 1298 * Ok, found a page in the page cache, now we need to check 1299 * that it's up-to-date. 1300 */ 1301 if (!PageUptodate(page)) 1302 goto page_not_uptodate; 1303 1304 success: 1305 /* 1306 * Found the page and have a reference on it. 1307 */ 1308 mark_page_accessed(page); 1309 return page; 1310 1311 no_cached_page: 1312 error = page_cache_read(file, pgoff); 1313 1314 /* 1315 * The page we want has now been added to the page cache. 1316 * In the unlikely event that someone removed it in the 1317 * meantime, we'll just come back here and read it again. 1318 */ 1319 if (error >= 0) 1320 goto retry_find; 1321 1322 /* 1323 * An error return from page_cache_read can result if the 1324 * system is low on memory, or a problem occurs while trying 1325 * to schedule I/O. 1326 */ 1327 return NULL; 1328 1329 page_not_uptodate: 1330 lock_page(page); 1331 1332 /* Did it get unhashed while we waited for it? */ 1333 if (!page->mapping) { 1334 unlock_page(page); 1335 goto err; 1336 } 1337 1338 /* Did somebody else get it up-to-date? */ 1339 if (PageUptodate(page)) { 1340 unlock_page(page); 1341 goto success; 1342 } 1343 1344 if (!mapping->a_ops->readpage(file, page)) { 1345 wait_on_page_locked(page); 1346 if (PageUptodate(page)) 1347 goto success; 1348 } 1349 1350 /* 1351 * Umm, take care of errors if the page isn't up-to-date. 1352 * Try to re-read it _once_. We do this synchronously, 1353 * because there really aren't any performance issues here 1354 * and we need to check for errors. 1355 */ 1356 lock_page(page); 1357 1358 /* Somebody truncated the page on us? */ 1359 if (!page->mapping) { 1360 unlock_page(page); 1361 goto err; 1362 } 1363 /* Somebody else successfully read it in? */ 1364 if (PageUptodate(page)) { 1365 unlock_page(page); 1366 goto success; 1367 } 1368 1369 ClearPageError(page); 1370 if (!mapping->a_ops->readpage(file, page)) { 1371 wait_on_page_locked(page); 1372 if (PageUptodate(page)) 1373 goto success; 1374 } 1375 1376 /* 1377 * Things didn't work out. Return zero to tell the 1378 * mm layer so, possibly freeing the page cache page first. 1379 */ 1380 err: 1381 page_cache_release(page); 1382 1383 return NULL; 1384 } 1385 1386 static int filemap_populate(struct vm_area_struct *vma, 1387 unsigned long addr, 1388 unsigned long len, 1389 pgprot_t prot, 1390 unsigned long pgoff, 1391 int nonblock) 1392 { 1393 struct file *file = vma->vm_file; 1394 struct address_space *mapping = file->f_mapping; 1395 struct inode *inode = mapping->host; 1396 unsigned long size; 1397 struct mm_struct *mm = vma->vm_mm; 1398 struct page *page; 1399 int err; 1400 1401 if (!nonblock) 1402 force_page_cache_readahead(mapping, vma->vm_file, 1403 pgoff, len >> PAGE_CACHE_SHIFT); 1404 1405 repeat: 1406 size = (i_size_read(inode) + PAGE_CACHE_SIZE - 1) >> PAGE_CACHE_SHIFT; 1407 if (pgoff + (len >> PAGE_CACHE_SHIFT) > size) 1408 return -EINVAL; 1409 1410 page = filemap_getpage(file, pgoff, nonblock); 1411 if (!page && !nonblock) 1412 return -ENOMEM; 1413 if (page) { 1414 err = install_page(mm, vma, addr, page, prot); 1415 if (err) { 1416 page_cache_release(page); 1417 return err; 1418 } 1419 } else { 1420 err = install_file_pte(mm, vma, addr, pgoff, prot); 1421 if (err) 1422 return err; 1423 } 1424 1425 len -= PAGE_SIZE; 1426 addr += PAGE_SIZE; 1427 pgoff++; 1428 if (len) 1429 goto repeat; 1430 1431 return 0; 1432 } 1433 1434 static struct vm_operations_struct generic_file_vm_ops = { 1435 .nopage = filemap_nopage, 1436 .populate = filemap_populate, 1437 }; 1438 1439 /* This is used for a general mmap of a disk file */ 1440 1441 int generic_file_mmap(struct file * file, struct vm_area_struct * vma) 1442 { 1443 struct address_space *mapping = file->f_mapping; 1444 1445 if (!mapping->a_ops->readpage) 1446 return -ENOEXEC; 1447 file_accessed(file); 1448 vma->vm_ops = &generic_file_vm_ops; 1449 return 0; 1450 } 1451 1452 /* 1453 * This is for filesystems which do not implement ->writepage. 1454 */ 1455 int generic_file_readonly_mmap(struct file *file, struct vm_area_struct *vma) 1456 { 1457 if ((vma->vm_flags & VM_SHARED) && (vma->vm_flags & VM_MAYWRITE)) 1458 return -EINVAL; 1459 return generic_file_mmap(file, vma); 1460 } 1461 #else 1462 int generic_file_mmap(struct file * file, struct vm_area_struct * vma) 1463 { 1464 return -ENOSYS; 1465 } 1466 int generic_file_readonly_mmap(struct file * file, struct vm_area_struct * vma) 1467 { 1468 return -ENOSYS; 1469 } 1470 #endif /* CONFIG_MMU */ 1471 1472 EXPORT_SYMBOL(generic_file_mmap); 1473 EXPORT_SYMBOL(generic_file_readonly_mmap); 1474 1475 static inline struct page *__read_cache_page(struct address_space *mapping, 1476 unsigned long index, 1477 int (*filler)(void *,struct page*), 1478 void *data) 1479 { 1480 struct page *page, *cached_page = NULL; 1481 int err; 1482 repeat: 1483 page = find_get_page(mapping, index); 1484 if (!page) { 1485 if (!cached_page) { 1486 cached_page = page_cache_alloc_cold(mapping); 1487 if (!cached_page) 1488 return ERR_PTR(-ENOMEM); 1489 } 1490 err = add_to_page_cache_lru(cached_page, mapping, 1491 index, GFP_KERNEL); 1492 if (err == -EEXIST) 1493 goto repeat; 1494 if (err < 0) { 1495 /* Presumably ENOMEM for radix tree node */ 1496 page_cache_release(cached_page); 1497 return ERR_PTR(err); 1498 } 1499 page = cached_page; 1500 cached_page = NULL; 1501 err = filler(data, page); 1502 if (err < 0) { 1503 page_cache_release(page); 1504 page = ERR_PTR(err); 1505 } 1506 } 1507 if (cached_page) 1508 page_cache_release(cached_page); 1509 return page; 1510 } 1511 1512 /* 1513 * Read into the page cache. If a page already exists, 1514 * and PageUptodate() is not set, try to fill the page. 1515 */ 1516 struct page *read_cache_page(struct address_space *mapping, 1517 unsigned long index, 1518 int (*filler)(void *,struct page*), 1519 void *data) 1520 { 1521 struct page *page; 1522 int err; 1523 1524 retry: 1525 page = __read_cache_page(mapping, index, filler, data); 1526 if (IS_ERR(page)) 1527 goto out; 1528 mark_page_accessed(page); 1529 if (PageUptodate(page)) 1530 goto out; 1531 1532 lock_page(page); 1533 if (!page->mapping) { 1534 unlock_page(page); 1535 page_cache_release(page); 1536 goto retry; 1537 } 1538 if (PageUptodate(page)) { 1539 unlock_page(page); 1540 goto out; 1541 } 1542 err = filler(data, page); 1543 if (err < 0) { 1544 page_cache_release(page); 1545 page = ERR_PTR(err); 1546 } 1547 out: 1548 return page; 1549 } 1550 1551 EXPORT_SYMBOL(read_cache_page); 1552 1553 /* 1554 * If the page was newly created, increment its refcount and add it to the 1555 * caller's lru-buffering pagevec. This function is specifically for 1556 * generic_file_write(). 1557 */ 1558 static inline struct page * 1559 __grab_cache_page(struct address_space *mapping, unsigned long index, 1560 struct page **cached_page, struct pagevec *lru_pvec) 1561 { 1562 int err; 1563 struct page *page; 1564 repeat: 1565 page = find_lock_page(mapping, index); 1566 if (!page) { 1567 if (!*cached_page) { 1568 *cached_page = page_cache_alloc(mapping); 1569 if (!*cached_page) 1570 return NULL; 1571 } 1572 err = add_to_page_cache(*cached_page, mapping, 1573 index, GFP_KERNEL); 1574 if (err == -EEXIST) 1575 goto repeat; 1576 if (err == 0) { 1577 page = *cached_page; 1578 page_cache_get(page); 1579 if (!pagevec_add(lru_pvec, page)) 1580 __pagevec_lru_add(lru_pvec); 1581 *cached_page = NULL; 1582 } 1583 } 1584 return page; 1585 } 1586 1587 /* 1588 * The logic we want is 1589 * 1590 * if suid or (sgid and xgrp) 1591 * remove privs 1592 */ 1593 int remove_suid(struct dentry *dentry) 1594 { 1595 mode_t mode = dentry->d_inode->i_mode; 1596 int kill = 0; 1597 int result = 0; 1598 1599 /* suid always must be killed */ 1600 if (unlikely(mode & S_ISUID)) 1601 kill = ATTR_KILL_SUID; 1602 1603 /* 1604 * sgid without any exec bits is just a mandatory locking mark; leave 1605 * it alone. If some exec bits are set, it's a real sgid; kill it. 1606 */ 1607 if (unlikely((mode & S_ISGID) && (mode & S_IXGRP))) 1608 kill |= ATTR_KILL_SGID; 1609 1610 if (unlikely(kill && !capable(CAP_FSETID))) { 1611 struct iattr newattrs; 1612 1613 newattrs.ia_valid = ATTR_FORCE | kill; 1614 result = notify_change(dentry, &newattrs); 1615 } 1616 return result; 1617 } 1618 EXPORT_SYMBOL(remove_suid); 1619 1620 /* 1621 * Copy as much as we can into the page and return the number of bytes which 1622 * were sucessfully copied. If a fault is encountered then clear the page 1623 * out to (offset+bytes) and return the number of bytes which were copied. 1624 */ 1625 static inline size_t 1626 filemap_copy_from_user(struct page *page, unsigned long offset, 1627 const char __user *buf, unsigned bytes) 1628 { 1629 char *kaddr; 1630 int left; 1631 1632 kaddr = kmap_atomic(page, KM_USER0); 1633 left = __copy_from_user(kaddr + offset, buf, bytes); 1634 kunmap_atomic(kaddr, KM_USER0); 1635 1636 if (left != 0) { 1637 /* Do it the slow way */ 1638 kaddr = kmap(page); 1639 left = __copy_from_user(kaddr + offset, buf, bytes); 1640 kunmap(page); 1641 } 1642 return bytes - left; 1643 } 1644 1645 static size_t 1646 __filemap_copy_from_user_iovec(char *vaddr, 1647 const struct iovec *iov, size_t base, size_t bytes) 1648 { 1649 size_t copied = 0, left = 0; 1650 1651 while (bytes) { 1652 char __user *buf = iov->iov_base + base; 1653 int copy = min(bytes, iov->iov_len - base); 1654 1655 base = 0; 1656 left = __copy_from_user(vaddr, buf, copy); 1657 copied += copy; 1658 bytes -= copy; 1659 vaddr += copy; 1660 iov++; 1661 1662 if (unlikely(left)) { 1663 /* zero the rest of the target like __copy_from_user */ 1664 if (bytes) 1665 memset(vaddr, 0, bytes); 1666 break; 1667 } 1668 } 1669 return copied - left; 1670 } 1671 1672 /* 1673 * This has the same sideeffects and return value as filemap_copy_from_user(). 1674 * The difference is that on a fault we need to memset the remainder of the 1675 * page (out to offset+bytes), to emulate filemap_copy_from_user()'s 1676 * single-segment behaviour. 1677 */ 1678 static inline size_t 1679 filemap_copy_from_user_iovec(struct page *page, unsigned long offset, 1680 const struct iovec *iov, size_t base, size_t bytes) 1681 { 1682 char *kaddr; 1683 size_t copied; 1684 1685 kaddr = kmap_atomic(page, KM_USER0); 1686 copied = __filemap_copy_from_user_iovec(kaddr + offset, iov, 1687 base, bytes); 1688 kunmap_atomic(kaddr, KM_USER0); 1689 if (copied != bytes) { 1690 kaddr = kmap(page); 1691 copied = __filemap_copy_from_user_iovec(kaddr + offset, iov, 1692 base, bytes); 1693 kunmap(page); 1694 } 1695 return copied; 1696 } 1697 1698 static inline void 1699 filemap_set_next_iovec(const struct iovec **iovp, size_t *basep, size_t bytes) 1700 { 1701 const struct iovec *iov = *iovp; 1702 size_t base = *basep; 1703 1704 while (bytes) { 1705 int copy = min(bytes, iov->iov_len - base); 1706 1707 bytes -= copy; 1708 base += copy; 1709 if (iov->iov_len == base) { 1710 iov++; 1711 base = 0; 1712 } 1713 } 1714 *iovp = iov; 1715 *basep = base; 1716 } 1717 1718 /* 1719 * Performs necessary checks before doing a write 1720 * 1721 * Can adjust writing position aor amount of bytes to write. 1722 * Returns appropriate error code that caller should return or 1723 * zero in case that write should be allowed. 1724 */ 1725 inline int generic_write_checks(struct file *file, loff_t *pos, size_t *count, int isblk) 1726 { 1727 struct inode *inode = file->f_mapping->host; 1728 unsigned long limit = current->rlim[RLIMIT_FSIZE].rlim_cur; 1729 1730 if (unlikely(*pos < 0)) 1731 return -EINVAL; 1732 1733 if (unlikely(file->f_error)) { 1734 int err = file->f_error; 1735 file->f_error = 0; 1736 return err; 1737 } 1738 1739 if (!isblk) { 1740 /* FIXME: this is for backwards compatibility with 2.4 */ 1741 if (file->f_flags & O_APPEND) 1742 *pos = i_size_read(inode); 1743 1744 if (limit != RLIM_INFINITY) { 1745 if (*pos >= limit) { 1746 send_sig(SIGXFSZ, current, 0); 1747 return -EFBIG; 1748 } 1749 if (*count > limit - (typeof(limit))*pos) { 1750 *count = limit - (typeof(limit))*pos; 1751 } 1752 } 1753 } 1754 1755 /* 1756 * LFS rule 1757 */ 1758 if (unlikely(*pos + *count > MAX_NON_LFS && 1759 !(file->f_flags & O_LARGEFILE))) { 1760 if (*pos >= MAX_NON_LFS) { 1761 send_sig(SIGXFSZ, current, 0); 1762 return -EFBIG; 1763 } 1764 if (*count > MAX_NON_LFS - (unsigned long)*pos) { 1765 *count = MAX_NON_LFS - (unsigned long)*pos; 1766 } 1767 } 1768 1769 /* 1770 * Are we about to exceed the fs block limit ? 1771 * 1772 * If we have written data it becomes a short write. If we have 1773 * exceeded without writing data we send a signal and return EFBIG. 1774 * Linus frestrict idea will clean these up nicely.. 1775 */ 1776 if (likely(!isblk)) { 1777 if (unlikely(*pos >= inode->i_sb->s_maxbytes)) { 1778 if (*count || *pos > inode->i_sb->s_maxbytes) { 1779 send_sig(SIGXFSZ, current, 0); 1780 return -EFBIG; 1781 } 1782 /* zero-length writes at ->s_maxbytes are OK */ 1783 } 1784 1785 if (unlikely(*pos + *count > inode->i_sb->s_maxbytes)) 1786 *count = inode->i_sb->s_maxbytes - *pos; 1787 } else { 1788 loff_t isize; 1789 if (bdev_read_only(I_BDEV(inode))) 1790 return -EPERM; 1791 isize = i_size_read(inode); 1792 if (*pos >= isize) { 1793 if (*count || *pos > isize) 1794 return -ENOSPC; 1795 } 1796 1797 if (*pos + *count > isize) 1798 *count = isize - *pos; 1799 } 1800 return 0; 1801 } 1802 1803 EXPORT_SYMBOL(generic_write_checks); 1804 1805 /* 1806 * Write to a file through the page cache. 1807 * Called under i_sem for S_ISREG files. 1808 * 1809 * We put everything into the page cache prior to writing it. This is not a 1810 * problem when writing full pages. With partial pages, however, we first have 1811 * to read the data into the cache, then dirty the page, and finally schedule 1812 * it for writing by marking it dirty. 1813 * okir@monad.swb.de 1814 */ 1815 ssize_t 1816 generic_file_aio_write_nolock(struct kiocb *iocb, const struct iovec *iov, 1817 unsigned long nr_segs, loff_t *ppos) 1818 { 1819 struct file *file = iocb->ki_filp; 1820 struct address_space * mapping = file->f_mapping; 1821 struct address_space_operations *a_ops = mapping->a_ops; 1822 size_t ocount; /* original count */ 1823 size_t count; /* after file limit checks */ 1824 struct inode *inode = mapping->host; 1825 long status = 0; 1826 loff_t pos; 1827 struct page *page; 1828 struct page *cached_page = NULL; 1829 const int isblk = S_ISBLK(inode->i_mode); 1830 ssize_t written; 1831 ssize_t err; 1832 size_t bytes; 1833 struct pagevec lru_pvec; 1834 const struct iovec *cur_iov = iov; /* current iovec */ 1835 size_t iov_base = 0; /* offset in the current iovec */ 1836 unsigned long seg; 1837 char __user *buf; 1838 1839 ocount = 0; 1840 for (seg = 0; seg < nr_segs; seg++) { 1841 const struct iovec *iv = &iov[seg]; 1842 1843 /* 1844 * If any segment has a negative length, or the cumulative 1845 * length ever wraps negative then return -EINVAL. 1846 */ 1847 ocount += iv->iov_len; 1848 if (unlikely((ssize_t)(ocount|iv->iov_len) < 0)) 1849 return -EINVAL; 1850 if (access_ok(VERIFY_READ, iv->iov_base, iv->iov_len)) 1851 continue; 1852 if (seg == 0) 1853 return -EFAULT; 1854 nr_segs = seg; 1855 ocount -= iv->iov_len; /* This segment is no good */ 1856 break; 1857 } 1858 1859 count = ocount; 1860 pos = *ppos; 1861 pagevec_init(&lru_pvec, 0); 1862 1863 /* We can write back this queue in page reclaim */ 1864 current->backing_dev_info = mapping->backing_dev_info; 1865 written = 0; 1866 1867 err = generic_write_checks(file, &pos, &count, isblk); 1868 if (err) 1869 goto out; 1870 1871 if (count == 0) 1872 goto out; 1873 1874 err = remove_suid(file->f_dentry); 1875 if (err) 1876 goto out; 1877 1878 inode_update_time(inode, 1); 1879 1880 /* coalesce the iovecs and go direct-to-BIO for O_DIRECT */ 1881 if (unlikely(file->f_flags & O_DIRECT)) { 1882 if (count != ocount) 1883 nr_segs = iov_shorten((struct iovec *)iov, 1884 nr_segs, count); 1885 written = generic_file_direct_IO(WRITE, iocb, 1886 iov, pos, nr_segs); 1887 if (written > 0) { 1888 loff_t end = pos + written; 1889 if (end > i_size_read(inode) && !isblk) { 1890 i_size_write(inode, end); 1891 mark_inode_dirty(inode); 1892 } 1893 *ppos = end; 1894 } 1895 /* 1896 * Sync the fs metadata but not the minor inode changes and 1897 * of course not the data as we did direct DMA for the IO. 1898 * i_sem is held, which protects generic_osync_inode() from 1899 * livelocking. 1900 */ 1901 if (written >= 0 && file->f_flags & O_SYNC) 1902 status = generic_osync_inode(inode, mapping, OSYNC_METADATA); 1903 if (written == count && !is_sync_kiocb(iocb)) 1904 written = -EIOCBQUEUED; 1905 if (written < 0 || written == count) 1906 goto out_status; 1907 /* 1908 * direct-io write to a hole: fall through to buffered I/O 1909 * for completing the rest of the request. 1910 */ 1911 pos += written; 1912 count -= written; 1913 } 1914 1915 buf = iov->iov_base + written; /* handle partial DIO write */ 1916 do { 1917 unsigned long index; 1918 unsigned long offset; 1919 size_t copied; 1920 1921 offset = (pos & (PAGE_CACHE_SIZE -1)); /* Within page */ 1922 index = pos >> PAGE_CACHE_SHIFT; 1923 bytes = PAGE_CACHE_SIZE - offset; 1924 if (bytes > count) 1925 bytes = count; 1926 1927 /* 1928 * Bring in the user page that we will copy from _first_. 1929 * Otherwise there's a nasty deadlock on copying from the 1930 * same page as we're writing to, without it being marked 1931 * up-to-date. 1932 */ 1933 fault_in_pages_readable(buf, bytes); 1934 1935 page = __grab_cache_page(mapping,index,&cached_page,&lru_pvec); 1936 if (!page) { 1937 status = -ENOMEM; 1938 break; 1939 } 1940 1941 status = a_ops->prepare_write(file, page, offset, offset+bytes); 1942 if (unlikely(status)) { 1943 loff_t isize = i_size_read(inode); 1944 /* 1945 * prepare_write() may have instantiated a few blocks 1946 * outside i_size. Trim these off again. 1947 */ 1948 unlock_page(page); 1949 page_cache_release(page); 1950 if (pos + bytes > isize) 1951 vmtruncate(inode, isize); 1952 break; 1953 } 1954 if (likely(nr_segs == 1)) 1955 copied = filemap_copy_from_user(page, offset, 1956 buf, bytes); 1957 else 1958 copied = filemap_copy_from_user_iovec(page, offset, 1959 cur_iov, iov_base, bytes); 1960 flush_dcache_page(page); 1961 status = a_ops->commit_write(file, page, offset, offset+bytes); 1962 if (likely(copied > 0)) { 1963 if (!status) 1964 status = copied; 1965 1966 if (status >= 0) { 1967 written += status; 1968 count -= status; 1969 pos += status; 1970 buf += status; 1971 if (unlikely(nr_segs > 1)) 1972 filemap_set_next_iovec(&cur_iov, 1973 &iov_base, status); 1974 } 1975 } 1976 if (unlikely(copied != bytes)) 1977 if (status >= 0) 1978 status = -EFAULT; 1979 unlock_page(page); 1980 mark_page_accessed(page); 1981 page_cache_release(page); 1982 if (status < 0) 1983 break; 1984 balance_dirty_pages_ratelimited(mapping); 1985 cond_resched(); 1986 } while (count); 1987 *ppos = pos; 1988 1989 if (cached_page) 1990 page_cache_release(cached_page); 1991 1992 /* 1993 * For now, when the user asks for O_SYNC, we'll actually give O_DSYNC 1994 */ 1995 if (status >= 0) { 1996 if ((file->f_flags & O_SYNC) || IS_SYNC(inode)) 1997 status = generic_osync_inode(inode, mapping, 1998 OSYNC_METADATA|OSYNC_DATA); 1999 } 2000 2001 /* 2002 * If we get here for O_DIRECT writes then we must have fallen through 2003 * to buffered writes (block instantiation inside i_size). So we sync 2004 * the file data here, to try to honour O_DIRECT expectations. 2005 */ 2006 if (unlikely(file->f_flags & O_DIRECT) && written) 2007 status = filemap_write_and_wait(mapping); 2008 2009 out_status: 2010 err = written ? written : status; 2011 out: 2012 pagevec_lru_add(&lru_pvec); 2013 current->backing_dev_info = NULL; 2014 return err; 2015 } 2016 2017 EXPORT_SYMBOL(generic_file_aio_write_nolock); 2018 2019 ssize_t 2020 generic_file_write_nolock(struct file *file, const struct iovec *iov, 2021 unsigned long nr_segs, loff_t *ppos) 2022 { 2023 struct kiocb kiocb; 2024 ssize_t ret; 2025 2026 init_sync_kiocb(&kiocb, file); 2027 ret = generic_file_aio_write_nolock(&kiocb, iov, nr_segs, ppos); 2028 if (-EIOCBQUEUED == ret) 2029 ret = wait_on_sync_kiocb(&kiocb); 2030 return ret; 2031 } 2032 2033 EXPORT_SYMBOL(generic_file_write_nolock); 2034 2035 ssize_t generic_file_aio_write(struct kiocb *iocb, const char __user *buf, 2036 size_t count, loff_t pos) 2037 { 2038 struct file *file = iocb->ki_filp; 2039 struct inode *inode = file->f_mapping->host; 2040 ssize_t err; 2041 struct iovec local_iov = { .iov_base = (void __user *)buf, .iov_len = count }; 2042 2043 BUG_ON(iocb->ki_pos != pos); 2044 2045 down(&inode->i_sem); 2046 err = generic_file_aio_write_nolock(iocb, &local_iov, 1, 2047 &iocb->ki_pos); 2048 up(&inode->i_sem); 2049 2050 return err; 2051 } 2052 2053 EXPORT_SYMBOL(generic_file_aio_write); 2054 2055 ssize_t generic_file_write(struct file *file, const char __user *buf, 2056 size_t count, loff_t *ppos) 2057 { 2058 struct inode *inode = file->f_mapping->host; 2059 ssize_t err; 2060 struct iovec local_iov = { .iov_base = (void __user *)buf, .iov_len = count }; 2061 2062 down(&inode->i_sem); 2063 err = generic_file_write_nolock(file, &local_iov, 1, ppos); 2064 up(&inode->i_sem); 2065 2066 return err; 2067 } 2068 2069 EXPORT_SYMBOL(generic_file_write); 2070 2071 ssize_t generic_file_readv(struct file *filp, const struct iovec *iov, 2072 unsigned long nr_segs, loff_t *ppos) 2073 { 2074 struct kiocb kiocb; 2075 ssize_t ret; 2076 2077 init_sync_kiocb(&kiocb, filp); 2078 ret = __generic_file_aio_read(&kiocb, iov, nr_segs, ppos); 2079 if (-EIOCBQUEUED == ret) 2080 ret = wait_on_sync_kiocb(&kiocb); 2081 return ret; 2082 } 2083 2084 EXPORT_SYMBOL(generic_file_readv); 2085 2086 ssize_t generic_file_writev(struct file *file, const struct iovec *iov, 2087 unsigned long nr_segs, loff_t * ppos) 2088 { 2089 struct inode *inode = file->f_mapping->host; 2090 ssize_t ret; 2091 2092 down(&inode->i_sem); 2093 ret = generic_file_write_nolock(file, iov, nr_segs, ppos); 2094 up(&inode->i_sem); 2095 return ret; 2096 } 2097 2098 EXPORT_SYMBOL(generic_file_writev); 2099 2100 /* 2101 * Called under i_sem for writes to S_ISREG files 2102 */ 2103 ssize_t 2104 generic_file_direct_IO(int rw, struct kiocb *iocb, const struct iovec *iov, 2105 loff_t offset, unsigned long nr_segs) 2106 { 2107 struct file *file = iocb->ki_filp; 2108 struct address_space *mapping = file->f_mapping; 2109 ssize_t retval; 2110 2111 retval = filemap_write_and_wait(mapping); 2112 if (retval == 0) { 2113 retval = mapping->a_ops->direct_IO(rw, iocb, iov, 2114 offset, nr_segs); 2115 if (rw == WRITE && mapping->nrpages) 2116 invalidate_inode_pages2(mapping); 2117 } 2118 return retval; 2119 } 2120 2121 EXPORT_SYMBOL_GPL(generic_file_direct_IO); 2122
This page was automatically generated by LXR 0.3.1. • Linux is a registered trademark of Linus Torvalds