mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2026-04-03 12:05:13 +02:00
1098bb8d52
[ Upstream commitca76bb226b] Patch series "nilfs2: protect busy buffer heads from being force-cleared". This series fixes the buffer head state inconsistency issues reported by syzbot that occurs when the filesystem is corrupted and falls back to read-only, and the associated buffer head use-after-free issue. This patch (of 2): Syzbot has reported that after nilfs2 detects filesystem corruption and falls back to read-only, inconsistencies in the buffer state may occur. One of the inconsistencies is that when nilfs2 calls mark_buffer_dirty() to set a data or metadata buffer as dirty, but it detects that the buffer is not in the uptodate state: WARNING: CPU: 0 PID: 6049 at fs/buffer.c:1177 mark_buffer_dirty+0x2e5/0x520 fs/buffer.c:1177 ... Call Trace: <TASK> nilfs_palloc_commit_alloc_entry+0x4b/0x160 fs/nilfs2/alloc.c:598 nilfs_ifile_create_inode+0x1dd/0x3a0 fs/nilfs2/ifile.c:73 nilfs_new_inode+0x254/0x830 fs/nilfs2/inode.c:344 nilfs_mkdir+0x10d/0x340 fs/nilfs2/namei.c:218 vfs_mkdir+0x2f9/0x4f0 fs/namei.c:4257 do_mkdirat+0x264/0x3a0 fs/namei.c:4280 __do_sys_mkdirat fs/namei.c:4295 [inline] __se_sys_mkdirat fs/namei.c:4293 [inline] __x64_sys_mkdirat+0x87/0xa0 fs/namei.c:4293 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f The other is when nilfs_btree_propagate(), which propagates the dirty state to the ancestor nodes of a b-tree that point to a dirty buffer, detects that the origin buffer is not dirty, even though it should be: WARNING: CPU: 0 PID: 5245 at fs/nilfs2/btree.c:2089 nilfs_btree_propagate+0xc79/0xdf0 fs/nilfs2/btree.c:2089 ... Call Trace: <TASK> nilfs_bmap_propagate+0x75/0x120 fs/nilfs2/bmap.c:345 nilfs_collect_file_data+0x4d/0xd0 fs/nilfs2/segment.c:587 nilfs_segctor_apply_buffers+0x184/0x340 fs/nilfs2/segment.c:1006 nilfs_segctor_scan_file+0x28c/0xa50 fs/nilfs2/segment.c:1045 nilfs_segctor_collect_blocks fs/nilfs2/segment.c:1216 [inline] nilfs_segctor_collect fs/nilfs2/segment.c:1540 [inline] nilfs_segctor_do_construct+0x1c28/0x6b90 fs/nilfs2/segment.c:2115 nilfs_segctor_construct+0x181/0x6b0 fs/nilfs2/segment.c:2479 nilfs_segctor_thread_construct fs/nilfs2/segment.c:2587 [inline] nilfs_segctor_thread+0x69e/0xe80 fs/nilfs2/segment.c:2701 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 </TASK> Both of these issues are caused by the callbacks that handle the page/folio write requests, forcibly clear various states, including the working state of the buffers they hold, at unexpected times when they detect read-only fallback. Fix these issues by checking if the buffer is referenced before clearing the page/folio state, and skipping the clear if it is. Link: https://lkml.kernel.org/r/20250107200202.6432-1-konishi.ryusuke@gmail.com Link: https://lkml.kernel.org/r/20250107200202.6432-2-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Reported-by: syzbot+b2b14916b77acf8626d7@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=b2b14916b77acf8626d7 Reported-by: syzbot+d98fd19acd08b36ff422@syzkaller.appspotmail.com Link: https://syzkaller.appspot.com/bug?extid=d98fd19acd08b36ff422 Fixes:8c26c4e269("nilfs2: fix issue with flush kernel thread after remount in RO mode because of driver's internal error or metadata corruption") Tested-by: syzbot+b2b14916b77acf8626d7@syzkaller.appspotmail.com Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Sasha Levin <sashal@kernel.org>
568 lines
14 KiB
C
568 lines
14 KiB
C
// SPDX-License-Identifier: GPL-2.0+
|
|
/*
|
|
* Buffer/page management specific to NILFS
|
|
*
|
|
* Copyright (C) 2005-2008 Nippon Telegraph and Telephone Corporation.
|
|
*
|
|
* Written by Ryusuke Konishi and Seiji Kihara.
|
|
*/
|
|
|
|
#include <linux/pagemap.h>
|
|
#include <linux/writeback.h>
|
|
#include <linux/swap.h>
|
|
#include <linux/bitops.h>
|
|
#include <linux/page-flags.h>
|
|
#include <linux/list.h>
|
|
#include <linux/highmem.h>
|
|
#include <linux/pagevec.h>
|
|
#include <linux/gfp.h>
|
|
#include "nilfs.h"
|
|
#include "page.h"
|
|
#include "mdt.h"
|
|
|
|
|
|
#define NILFS_BUFFER_INHERENT_BITS \
|
|
(BIT(BH_Uptodate) | BIT(BH_Mapped) | BIT(BH_NILFS_Node) | \
|
|
BIT(BH_NILFS_Volatile) | BIT(BH_NILFS_Checked))
|
|
|
|
static struct buffer_head *__nilfs_get_folio_block(struct folio *folio,
|
|
unsigned long block, pgoff_t index, int blkbits,
|
|
unsigned long b_state)
|
|
|
|
{
|
|
unsigned long first_block;
|
|
struct buffer_head *bh = folio_buffers(folio);
|
|
|
|
if (!bh)
|
|
bh = create_empty_buffers(folio, 1 << blkbits, b_state);
|
|
|
|
first_block = (unsigned long)index << (PAGE_SHIFT - blkbits);
|
|
bh = get_nth_bh(bh, block - first_block);
|
|
|
|
wait_on_buffer(bh);
|
|
return bh;
|
|
}
|
|
|
|
struct buffer_head *nilfs_grab_buffer(struct inode *inode,
|
|
struct address_space *mapping,
|
|
unsigned long blkoff,
|
|
unsigned long b_state)
|
|
{
|
|
int blkbits = inode->i_blkbits;
|
|
pgoff_t index = blkoff >> (PAGE_SHIFT - blkbits);
|
|
struct folio *folio;
|
|
struct buffer_head *bh;
|
|
|
|
folio = filemap_grab_folio(mapping, index);
|
|
if (IS_ERR(folio))
|
|
return NULL;
|
|
|
|
bh = __nilfs_get_folio_block(folio, blkoff, index, blkbits, b_state);
|
|
if (unlikely(!bh)) {
|
|
folio_unlock(folio);
|
|
folio_put(folio);
|
|
return NULL;
|
|
}
|
|
bh->b_bdev = inode->i_sb->s_bdev;
|
|
return bh;
|
|
}
|
|
|
|
/**
|
|
* nilfs_forget_buffer - discard dirty state
|
|
* @bh: buffer head of the buffer to be discarded
|
|
*/
|
|
void nilfs_forget_buffer(struct buffer_head *bh)
|
|
{
|
|
struct folio *folio = bh->b_folio;
|
|
const unsigned long clear_bits =
|
|
(BIT(BH_Uptodate) | BIT(BH_Dirty) | BIT(BH_Mapped) |
|
|
BIT(BH_Async_Write) | BIT(BH_NILFS_Volatile) |
|
|
BIT(BH_NILFS_Checked) | BIT(BH_NILFS_Redirected) |
|
|
BIT(BH_Delay));
|
|
|
|
lock_buffer(bh);
|
|
set_mask_bits(&bh->b_state, clear_bits, 0);
|
|
if (nilfs_folio_buffers_clean(folio))
|
|
__nilfs_clear_folio_dirty(folio);
|
|
|
|
bh->b_blocknr = -1;
|
|
folio_clear_uptodate(folio);
|
|
folio_clear_mappedtodisk(folio);
|
|
unlock_buffer(bh);
|
|
brelse(bh);
|
|
}
|
|
|
|
/**
|
|
* nilfs_copy_buffer -- copy buffer data and flags
|
|
* @dbh: destination buffer
|
|
* @sbh: source buffer
|
|
*/
|
|
void nilfs_copy_buffer(struct buffer_head *dbh, struct buffer_head *sbh)
|
|
{
|
|
void *kaddr0, *kaddr1;
|
|
unsigned long bits;
|
|
struct page *spage = sbh->b_page, *dpage = dbh->b_page;
|
|
struct buffer_head *bh;
|
|
|
|
kaddr0 = kmap_local_page(spage);
|
|
kaddr1 = kmap_local_page(dpage);
|
|
memcpy(kaddr1 + bh_offset(dbh), kaddr0 + bh_offset(sbh), sbh->b_size);
|
|
kunmap_local(kaddr1);
|
|
kunmap_local(kaddr0);
|
|
|
|
dbh->b_state = sbh->b_state & NILFS_BUFFER_INHERENT_BITS;
|
|
dbh->b_blocknr = sbh->b_blocknr;
|
|
dbh->b_bdev = sbh->b_bdev;
|
|
|
|
bh = dbh;
|
|
bits = sbh->b_state & (BIT(BH_Uptodate) | BIT(BH_Mapped));
|
|
while ((bh = bh->b_this_page) != dbh) {
|
|
lock_buffer(bh);
|
|
bits &= bh->b_state;
|
|
unlock_buffer(bh);
|
|
}
|
|
if (bits & BIT(BH_Uptodate))
|
|
SetPageUptodate(dpage);
|
|
else
|
|
ClearPageUptodate(dpage);
|
|
if (bits & BIT(BH_Mapped))
|
|
SetPageMappedToDisk(dpage);
|
|
else
|
|
ClearPageMappedToDisk(dpage);
|
|
}
|
|
|
|
/**
|
|
* nilfs_folio_buffers_clean - Check if a folio has dirty buffers or not.
|
|
* @folio: Folio to be checked.
|
|
*
|
|
* nilfs_folio_buffers_clean() returns false if the folio has dirty buffers.
|
|
* Otherwise, it returns true.
|
|
*/
|
|
bool nilfs_folio_buffers_clean(struct folio *folio)
|
|
{
|
|
struct buffer_head *bh, *head;
|
|
|
|
bh = head = folio_buffers(folio);
|
|
do {
|
|
if (buffer_dirty(bh))
|
|
return false;
|
|
bh = bh->b_this_page;
|
|
} while (bh != head);
|
|
return true;
|
|
}
|
|
|
|
void nilfs_folio_bug(struct folio *folio)
|
|
{
|
|
struct buffer_head *bh, *head;
|
|
struct address_space *m;
|
|
unsigned long ino;
|
|
|
|
if (unlikely(!folio)) {
|
|
printk(KERN_CRIT "NILFS_FOLIO_BUG(NULL)\n");
|
|
return;
|
|
}
|
|
|
|
m = folio->mapping;
|
|
ino = m ? m->host->i_ino : 0;
|
|
|
|
printk(KERN_CRIT "NILFS_FOLIO_BUG(%p): cnt=%d index#=%llu flags=0x%lx "
|
|
"mapping=%p ino=%lu\n",
|
|
folio, folio_ref_count(folio),
|
|
(unsigned long long)folio->index, folio->flags, m, ino);
|
|
|
|
head = folio_buffers(folio);
|
|
if (head) {
|
|
int i = 0;
|
|
|
|
bh = head;
|
|
do {
|
|
printk(KERN_CRIT
|
|
" BH[%d] %p: cnt=%d block#=%llu state=0x%lx\n",
|
|
i++, bh, atomic_read(&bh->b_count),
|
|
(unsigned long long)bh->b_blocknr, bh->b_state);
|
|
bh = bh->b_this_page;
|
|
} while (bh != head);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* nilfs_copy_folio -- copy the folio with buffers
|
|
* @dst: destination folio
|
|
* @src: source folio
|
|
* @copy_dirty: flag whether to copy dirty states on the folio's buffer heads.
|
|
*
|
|
* This function is for both data folios and btnode folios. The dirty flag
|
|
* should be treated by caller. The folio must not be under i/o.
|
|
* Both src and dst folio must be locked
|
|
*/
|
|
static void nilfs_copy_folio(struct folio *dst, struct folio *src,
|
|
bool copy_dirty)
|
|
{
|
|
struct buffer_head *dbh, *dbufs, *sbh;
|
|
unsigned long mask = NILFS_BUFFER_INHERENT_BITS;
|
|
|
|
BUG_ON(folio_test_writeback(dst));
|
|
|
|
sbh = folio_buffers(src);
|
|
dbh = folio_buffers(dst);
|
|
if (!dbh)
|
|
dbh = create_empty_buffers(dst, sbh->b_size, 0);
|
|
|
|
if (copy_dirty)
|
|
mask |= BIT(BH_Dirty);
|
|
|
|
dbufs = dbh;
|
|
do {
|
|
lock_buffer(sbh);
|
|
lock_buffer(dbh);
|
|
dbh->b_state = sbh->b_state & mask;
|
|
dbh->b_blocknr = sbh->b_blocknr;
|
|
dbh->b_bdev = sbh->b_bdev;
|
|
sbh = sbh->b_this_page;
|
|
dbh = dbh->b_this_page;
|
|
} while (dbh != dbufs);
|
|
|
|
folio_copy(dst, src);
|
|
|
|
if (folio_test_uptodate(src) && !folio_test_uptodate(dst))
|
|
folio_mark_uptodate(dst);
|
|
else if (!folio_test_uptodate(src) && folio_test_uptodate(dst))
|
|
folio_clear_uptodate(dst);
|
|
if (folio_test_mappedtodisk(src) && !folio_test_mappedtodisk(dst))
|
|
folio_set_mappedtodisk(dst);
|
|
else if (!folio_test_mappedtodisk(src) && folio_test_mappedtodisk(dst))
|
|
folio_clear_mappedtodisk(dst);
|
|
|
|
do {
|
|
unlock_buffer(sbh);
|
|
unlock_buffer(dbh);
|
|
sbh = sbh->b_this_page;
|
|
dbh = dbh->b_this_page;
|
|
} while (dbh != dbufs);
|
|
}
|
|
|
|
int nilfs_copy_dirty_pages(struct address_space *dmap,
|
|
struct address_space *smap)
|
|
{
|
|
struct folio_batch fbatch;
|
|
unsigned int i;
|
|
pgoff_t index = 0;
|
|
int err = 0;
|
|
|
|
folio_batch_init(&fbatch);
|
|
repeat:
|
|
if (!filemap_get_folios_tag(smap, &index, (pgoff_t)-1,
|
|
PAGECACHE_TAG_DIRTY, &fbatch))
|
|
return 0;
|
|
|
|
for (i = 0; i < folio_batch_count(&fbatch); i++) {
|
|
struct folio *folio = fbatch.folios[i], *dfolio;
|
|
|
|
folio_lock(folio);
|
|
if (unlikely(!folio_test_dirty(folio)))
|
|
NILFS_FOLIO_BUG(folio, "inconsistent dirty state");
|
|
|
|
dfolio = filemap_grab_folio(dmap, folio->index);
|
|
if (IS_ERR(dfolio)) {
|
|
/* No empty page is added to the page cache */
|
|
folio_unlock(folio);
|
|
err = PTR_ERR(dfolio);
|
|
break;
|
|
}
|
|
if (unlikely(!folio_buffers(folio)))
|
|
NILFS_FOLIO_BUG(folio,
|
|
"found empty page in dat page cache");
|
|
|
|
nilfs_copy_folio(dfolio, folio, true);
|
|
filemap_dirty_folio(folio_mapping(dfolio), dfolio);
|
|
|
|
folio_unlock(dfolio);
|
|
folio_put(dfolio);
|
|
folio_unlock(folio);
|
|
}
|
|
folio_batch_release(&fbatch);
|
|
cond_resched();
|
|
|
|
if (likely(!err))
|
|
goto repeat;
|
|
return err;
|
|
}
|
|
|
|
/**
|
|
* nilfs_copy_back_pages -- copy back pages to original cache from shadow cache
|
|
* @dmap: destination page cache
|
|
* @smap: source page cache
|
|
*
|
|
* No pages must be added to the cache during this process.
|
|
* This must be ensured by the caller.
|
|
*/
|
|
void nilfs_copy_back_pages(struct address_space *dmap,
|
|
struct address_space *smap)
|
|
{
|
|
struct folio_batch fbatch;
|
|
unsigned int i, n;
|
|
pgoff_t start = 0;
|
|
|
|
folio_batch_init(&fbatch);
|
|
repeat:
|
|
n = filemap_get_folios(smap, &start, ~0UL, &fbatch);
|
|
if (!n)
|
|
return;
|
|
|
|
for (i = 0; i < folio_batch_count(&fbatch); i++) {
|
|
struct folio *folio = fbatch.folios[i], *dfolio;
|
|
pgoff_t index = folio->index;
|
|
|
|
folio_lock(folio);
|
|
dfolio = filemap_lock_folio(dmap, index);
|
|
if (!IS_ERR(dfolio)) {
|
|
/* overwrite existing folio in the destination cache */
|
|
WARN_ON(folio_test_dirty(dfolio));
|
|
nilfs_copy_folio(dfolio, folio, false);
|
|
folio_unlock(dfolio);
|
|
folio_put(dfolio);
|
|
/* Do we not need to remove folio from smap here? */
|
|
} else {
|
|
struct folio *f;
|
|
|
|
/* move the folio to the destination cache */
|
|
xa_lock_irq(&smap->i_pages);
|
|
f = __xa_erase(&smap->i_pages, index);
|
|
WARN_ON(folio != f);
|
|
smap->nrpages--;
|
|
xa_unlock_irq(&smap->i_pages);
|
|
|
|
xa_lock_irq(&dmap->i_pages);
|
|
f = __xa_store(&dmap->i_pages, index, folio, GFP_NOFS);
|
|
if (unlikely(f)) {
|
|
/* Probably -ENOMEM */
|
|
folio->mapping = NULL;
|
|
folio_put(folio);
|
|
} else {
|
|
folio->mapping = dmap;
|
|
dmap->nrpages++;
|
|
if (folio_test_dirty(folio))
|
|
__xa_set_mark(&dmap->i_pages, index,
|
|
PAGECACHE_TAG_DIRTY);
|
|
}
|
|
xa_unlock_irq(&dmap->i_pages);
|
|
}
|
|
folio_unlock(folio);
|
|
}
|
|
folio_batch_release(&fbatch);
|
|
cond_resched();
|
|
|
|
goto repeat;
|
|
}
|
|
|
|
/**
|
|
* nilfs_clear_dirty_pages - discard dirty pages in address space
|
|
* @mapping: address space with dirty pages for discarding
|
|
*/
|
|
void nilfs_clear_dirty_pages(struct address_space *mapping)
|
|
{
|
|
struct folio_batch fbatch;
|
|
unsigned int i;
|
|
pgoff_t index = 0;
|
|
|
|
folio_batch_init(&fbatch);
|
|
|
|
while (filemap_get_folios_tag(mapping, &index, (pgoff_t)-1,
|
|
PAGECACHE_TAG_DIRTY, &fbatch)) {
|
|
for (i = 0; i < folio_batch_count(&fbatch); i++) {
|
|
struct folio *folio = fbatch.folios[i];
|
|
|
|
folio_lock(folio);
|
|
|
|
/*
|
|
* This folio may have been removed from the address
|
|
* space by truncation or invalidation when the lock
|
|
* was acquired. Skip processing in that case.
|
|
*/
|
|
if (likely(folio->mapping == mapping))
|
|
nilfs_clear_folio_dirty(folio);
|
|
|
|
folio_unlock(folio);
|
|
}
|
|
folio_batch_release(&fbatch);
|
|
cond_resched();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* nilfs_clear_folio_dirty - discard dirty folio
|
|
* @folio: dirty folio that will be discarded
|
|
*
|
|
* nilfs_clear_folio_dirty() clears working states including dirty state for
|
|
* the folio and its buffers. If the folio has buffers, clear only if it is
|
|
* confirmed that none of the buffer heads are busy (none have valid
|
|
* references and none are locked).
|
|
*/
|
|
void nilfs_clear_folio_dirty(struct folio *folio)
|
|
{
|
|
struct buffer_head *bh, *head;
|
|
|
|
BUG_ON(!folio_test_locked(folio));
|
|
|
|
head = folio_buffers(folio);
|
|
if (head) {
|
|
const unsigned long clear_bits =
|
|
(BIT(BH_Uptodate) | BIT(BH_Dirty) | BIT(BH_Mapped) |
|
|
BIT(BH_Async_Write) | BIT(BH_NILFS_Volatile) |
|
|
BIT(BH_NILFS_Checked) | BIT(BH_NILFS_Redirected) |
|
|
BIT(BH_Delay));
|
|
bool busy, invalidated = false;
|
|
|
|
recheck_buffers:
|
|
busy = false;
|
|
bh = head;
|
|
do {
|
|
if (atomic_read(&bh->b_count) | buffer_locked(bh)) {
|
|
busy = true;
|
|
break;
|
|
}
|
|
} while (bh = bh->b_this_page, bh != head);
|
|
|
|
if (busy) {
|
|
if (invalidated)
|
|
return;
|
|
invalidate_bh_lrus();
|
|
invalidated = true;
|
|
goto recheck_buffers;
|
|
}
|
|
|
|
bh = head;
|
|
do {
|
|
lock_buffer(bh);
|
|
set_mask_bits(&bh->b_state, clear_bits, 0);
|
|
unlock_buffer(bh);
|
|
} while (bh = bh->b_this_page, bh != head);
|
|
}
|
|
|
|
folio_clear_uptodate(folio);
|
|
folio_clear_mappedtodisk(folio);
|
|
folio_clear_checked(folio);
|
|
__nilfs_clear_folio_dirty(folio);
|
|
}
|
|
|
|
unsigned int nilfs_page_count_clean_buffers(struct page *page,
|
|
unsigned int from, unsigned int to)
|
|
{
|
|
unsigned int block_start, block_end;
|
|
struct buffer_head *bh, *head;
|
|
unsigned int nc = 0;
|
|
|
|
for (bh = head = page_buffers(page), block_start = 0;
|
|
bh != head || !block_start;
|
|
block_start = block_end, bh = bh->b_this_page) {
|
|
block_end = block_start + bh->b_size;
|
|
if (block_end > from && block_start < to && !buffer_dirty(bh))
|
|
nc++;
|
|
}
|
|
return nc;
|
|
}
|
|
|
|
/*
|
|
* NILFS2 needs clear_page_dirty() in the following two cases:
|
|
*
|
|
* 1) For B-tree node pages and data pages of DAT file, NILFS2 clears dirty
|
|
* flag of pages when it copies back pages from shadow cache to the
|
|
* original cache.
|
|
*
|
|
* 2) Some B-tree operations like insertion or deletion may dispose buffers
|
|
* in dirty state, and this needs to cancel the dirty state of their pages.
|
|
*/
|
|
void __nilfs_clear_folio_dirty(struct folio *folio)
|
|
{
|
|
struct address_space *mapping = folio->mapping;
|
|
|
|
if (mapping) {
|
|
xa_lock_irq(&mapping->i_pages);
|
|
if (folio_test_dirty(folio)) {
|
|
__xa_clear_mark(&mapping->i_pages, folio->index,
|
|
PAGECACHE_TAG_DIRTY);
|
|
xa_unlock_irq(&mapping->i_pages);
|
|
folio_clear_dirty_for_io(folio);
|
|
return;
|
|
}
|
|
xa_unlock_irq(&mapping->i_pages);
|
|
return;
|
|
}
|
|
folio_clear_dirty(folio);
|
|
}
|
|
|
|
/**
|
|
* nilfs_find_uncommitted_extent - find extent of uncommitted data
|
|
* @inode: inode
|
|
* @start_blk: start block offset (in)
|
|
* @blkoff: start offset of the found extent (out)
|
|
*
|
|
* This function searches an extent of buffers marked "delayed" which
|
|
* starts from a block offset equal to or larger than @start_blk. If
|
|
* such an extent was found, this will store the start offset in
|
|
* @blkoff and return its length in blocks. Otherwise, zero is
|
|
* returned.
|
|
*/
|
|
unsigned long nilfs_find_uncommitted_extent(struct inode *inode,
|
|
sector_t start_blk,
|
|
sector_t *blkoff)
|
|
{
|
|
unsigned int i, nr_folios;
|
|
pgoff_t index;
|
|
unsigned long length = 0;
|
|
struct folio_batch fbatch;
|
|
struct folio *folio;
|
|
|
|
if (inode->i_mapping->nrpages == 0)
|
|
return 0;
|
|
|
|
index = start_blk >> (PAGE_SHIFT - inode->i_blkbits);
|
|
|
|
folio_batch_init(&fbatch);
|
|
|
|
repeat:
|
|
nr_folios = filemap_get_folios_contig(inode->i_mapping, &index, ULONG_MAX,
|
|
&fbatch);
|
|
if (nr_folios == 0)
|
|
return length;
|
|
|
|
i = 0;
|
|
do {
|
|
folio = fbatch.folios[i];
|
|
|
|
folio_lock(folio);
|
|
if (folio_buffers(folio)) {
|
|
struct buffer_head *bh, *head;
|
|
sector_t b;
|
|
|
|
b = folio->index << (PAGE_SHIFT - inode->i_blkbits);
|
|
bh = head = folio_buffers(folio);
|
|
do {
|
|
if (b < start_blk)
|
|
continue;
|
|
if (buffer_delay(bh)) {
|
|
if (length == 0)
|
|
*blkoff = b;
|
|
length++;
|
|
} else if (length > 0) {
|
|
goto out_locked;
|
|
}
|
|
} while (++b, bh = bh->b_this_page, bh != head);
|
|
} else {
|
|
if (length > 0)
|
|
goto out_locked;
|
|
}
|
|
folio_unlock(folio);
|
|
|
|
} while (++i < nr_folios);
|
|
|
|
folio_batch_release(&fbatch);
|
|
cond_resched();
|
|
goto repeat;
|
|
|
|
out_locked:
|
|
folio_unlock(folio);
|
|
folio_batch_release(&fbatch);
|
|
return length;
|
|
}
|