2005-04-16 22:20:36 +00:00
|
|
|
/*
|
|
|
|
* Copyright (c) 2002 Red Hat, Inc. All rights reserved.
|
|
|
|
*
|
|
|
|
* This software may be freely redistributed under the terms of the
|
|
|
|
* GNU General Public License.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
|
|
*
|
2008-06-06 05:46:18 +00:00
|
|
|
* Authors: David Woodhouse <dwmw2@infradead.org>
|
2005-04-16 22:20:36 +00:00
|
|
|
* David Howells <dhowells@redhat.com>
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <linux/kernel.h>
|
|
|
|
#include <linux/module.h>
|
|
|
|
#include <linux/init.h>
|
|
|
|
#include <linux/fs.h>
|
|
|
|
#include <linux/pagemap.h>
|
Detach sched.h from mm.h
First thing mm.h does is including sched.h solely for can_do_mlock() inline
function which has "current" dereference inside. By dealing with can_do_mlock()
mm.h can be detached from sched.h which is good. See below, why.
This patch
a) removes unconditional inclusion of sched.h from mm.h
b) makes can_do_mlock() normal function in mm/mlock.c
c) exports can_do_mlock() to not break compilation
d) adds sched.h inclusions back to files that were getting it indirectly.
e) adds less bloated headers to some files (asm/signal.h, jiffies.h) that were
getting them indirectly
Net result is:
a) mm.h users would get less code to open, read, preprocess, parse, ... if
they don't need sched.h
b) sched.h stops being dependency for significant number of files:
on x86_64 allmodconfig touching sched.h results in recompile of 4083 files,
after patch it's only 3744 (-8.3%).
Cross-compile tested on
all arm defconfigs, all mips defconfigs, all powerpc defconfigs,
alpha alpha-up
arm
i386 i386-up i386-defconfig i386-allnoconfig
ia64 ia64-up
m68k
mips
parisc parisc-up
powerpc powerpc-up
s390 s390-up
sparc sparc-up
sparc64 sparc64-up
um-x86_64
x86_64 x86_64-up x86_64-defconfig x86_64-allnoconfig
as well as my two usual configs.
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-05-20 21:22:52 +00:00
|
|
|
#include <linux/sched.h>
|
2010-08-11 08:38:04 +00:00
|
|
|
#include <linux/mount.h>
|
|
|
|
#include <linux/namei.h>
|
2017-12-11 11:35:11 +00:00
|
|
|
#include <linux/iversion.h>
|
2005-04-16 22:20:36 +00:00
|
|
|
#include "internal.h"
|
|
|
|
|
2017-07-06 14:50:27 +00:00
|
|
|
static const struct inode_operations afs_symlink_inode_operations = {
|
|
|
|
.get_link = page_get_link,
|
|
|
|
.listxattr = afs_listxattr,
|
|
|
|
};
|
|
|
|
|
2019-04-25 13:26:52 +00:00
|
|
|
static noinline void dump_vnode(struct afs_vnode *vnode, struct afs_vnode *parent_vnode)
|
|
|
|
{
|
|
|
|
static unsigned long once_only;
|
|
|
|
|
|
|
|
pr_warn("kAFS: AFS vnode with undefined type %u\n",
|
|
|
|
vnode->status.type);
|
|
|
|
pr_warn("kAFS: A=%d m=%o s=%llx v=%llx\n",
|
|
|
|
vnode->status.abort_code,
|
|
|
|
vnode->status.mode,
|
|
|
|
vnode->status.size,
|
|
|
|
vnode->status.data_version);
|
|
|
|
pr_warn("kAFS: vnode %llx:%llx:%x\n",
|
|
|
|
vnode->fid.vid,
|
|
|
|
vnode->fid.vnode,
|
|
|
|
vnode->fid.unique);
|
|
|
|
if (parent_vnode)
|
|
|
|
pr_warn("kAFS: dir %llx:%llx:%x\n",
|
|
|
|
parent_vnode->fid.vid,
|
|
|
|
parent_vnode->fid.vnode,
|
|
|
|
parent_vnode->fid.unique);
|
|
|
|
|
|
|
|
if (!test_and_set_bit(0, &once_only))
|
|
|
|
dump_stack();
|
|
|
|
}
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
/*
|
2018-04-06 13:17:24 +00:00
|
|
|
* Initialise an inode from the vnode status.
|
2005-04-16 22:20:36 +00:00
|
|
|
*/
|
2019-04-25 13:26:52 +00:00
|
|
|
static int afs_inode_init_from_status(struct afs_vnode *vnode, struct key *key,
|
|
|
|
struct afs_vnode *parent_vnode)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
|
|
|
struct inode *inode = AFS_VNODE_TO_I(vnode);
|
|
|
|
|
2007-04-26 22:59:35 +00:00
|
|
|
_debug("FS: ft=%d lk=%d sz=%llu ver=%Lu mod=%hu",
|
2005-04-16 22:20:36 +00:00
|
|
|
vnode->status.type,
|
|
|
|
vnode->status.nlink,
|
2007-04-26 23:06:22 +00:00
|
|
|
(unsigned long long) vnode->status.size,
|
2007-04-26 22:55:03 +00:00
|
|
|
vnode->status.data_version,
|
2005-04-16 22:20:36 +00:00
|
|
|
vnode->status.mode);
|
|
|
|
|
2017-11-02 15:27:49 +00:00
|
|
|
read_seqlock_excl(&vnode->cb_lock);
|
|
|
|
|
2018-04-06 13:17:24 +00:00
|
|
|
afs_update_inode_from_status(vnode, &vnode->status, NULL,
|
|
|
|
AFS_VNODE_NOT_YET_SET);
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
switch (vnode->status.type) {
|
|
|
|
case AFS_FTYPE_FILE:
|
|
|
|
inode->i_mode = S_IFREG | vnode->status.mode;
|
|
|
|
inode->i_op = &afs_file_inode_operations;
|
2007-04-26 22:57:07 +00:00
|
|
|
inode->i_fop = &afs_file_operations;
|
afs: Fix directory handling
AFS directories are structured blobs that are downloaded just like files
and then parsed by the lookup and readdir code and, as such, are currently
handled in the pagecache like any other file, with the entire directory
content being thrown away each time the directory changes.
However, since the blob is a known structure and since the data version
counter on a directory increases by exactly one for each change committed
to that directory, we can actually edit the directory locally rather than
fetching it from the server after each locally-induced change.
What we can't do, though, is mix data from the server and data from the
client since the server is technically at liberty to rearrange or compress
a directory if it sees fit, provided it updates the data version number
when it does so and breaks the callback (ie. sends a notification).
Further, lookup with lookup-ahead, readdir and, when it arrives, local
editing are likely want to scan the whole of a directory.
So directory handling needs to be improved to maintain the coherency of the
directory blob prior to permitting local directory editing.
To this end:
(1) If any directory page gets discarded, invalidate and reread the entire
directory.
(2) If readpage notes that if when it fetches a single page that the
version number has changed, the entire directory is flagged for
invalidation.
(3) Read as much of the directory in one go as we can.
Note that this removes local caching of directories in fscache for the
moment as we can't pass the pages to fscache_read_or_alloc_pages() since
page->lru is in use by the LRU.
Signed-off-by: David Howells <dhowells@redhat.com>
2018-04-06 13:17:25 +00:00
|
|
|
inode->i_mapping->a_ops = &afs_fs_aops;
|
2005-04-16 22:20:36 +00:00
|
|
|
break;
|
|
|
|
case AFS_FTYPE_DIR:
|
|
|
|
inode->i_mode = S_IFDIR | vnode->status.mode;
|
|
|
|
inode->i_op = &afs_dir_inode_operations;
|
|
|
|
inode->i_fop = &afs_dir_file_operations;
|
afs: Fix directory handling
AFS directories are structured blobs that are downloaded just like files
and then parsed by the lookup and readdir code and, as such, are currently
handled in the pagecache like any other file, with the entire directory
content being thrown away each time the directory changes.
However, since the blob is a known structure and since the data version
counter on a directory increases by exactly one for each change committed
to that directory, we can actually edit the directory locally rather than
fetching it from the server after each locally-induced change.
What we can't do, though, is mix data from the server and data from the
client since the server is technically at liberty to rearrange or compress
a directory if it sees fit, provided it updates the data version number
when it does so and breaks the callback (ie. sends a notification).
Further, lookup with lookup-ahead, readdir and, when it arrives, local
editing are likely want to scan the whole of a directory.
So directory handling needs to be improved to maintain the coherency of the
directory blob prior to permitting local directory editing.
To this end:
(1) If any directory page gets discarded, invalidate and reread the entire
directory.
(2) If readpage notes that if when it fetches a single page that the
version number has changed, the entire directory is flagged for
invalidation.
(3) Read as much of the directory in one go as we can.
Note that this removes local caching of directories in fscache for the
moment as we can't pass the pages to fscache_read_or_alloc_pages() since
page->lru is in use by the LRU.
Signed-off-by: David Howells <dhowells@redhat.com>
2018-04-06 13:17:25 +00:00
|
|
|
inode->i_mapping->a_ops = &afs_dir_aops;
|
2005-04-16 22:20:36 +00:00
|
|
|
break;
|
|
|
|
case AFS_FTYPE_SYMLINK:
|
2017-03-16 16:27:45 +00:00
|
|
|
/* Symlinks with a mode of 0644 are actually mountpoints. */
|
|
|
|
if ((vnode->status.mode & 0777) == 0644) {
|
|
|
|
inode->i_flags |= S_AUTOMOUNT;
|
|
|
|
|
|
|
|
set_bit(AFS_VNODE_MOUNTPOINT, &vnode->flags);
|
|
|
|
|
|
|
|
inode->i_mode = S_IFDIR | 0555;
|
|
|
|
inode->i_op = &afs_mntpt_inode_operations;
|
|
|
|
inode->i_fop = &afs_mntpt_file_operations;
|
afs: Fix directory handling
AFS directories are structured blobs that are downloaded just like files
and then parsed by the lookup and readdir code and, as such, are currently
handled in the pagecache like any other file, with the entire directory
content being thrown away each time the directory changes.
However, since the blob is a known structure and since the data version
counter on a directory increases by exactly one for each change committed
to that directory, we can actually edit the directory locally rather than
fetching it from the server after each locally-induced change.
What we can't do, though, is mix data from the server and data from the
client since the server is technically at liberty to rearrange or compress
a directory if it sees fit, provided it updates the data version number
when it does so and breaks the callback (ie. sends a notification).
Further, lookup with lookup-ahead, readdir and, when it arrives, local
editing are likely want to scan the whole of a directory.
So directory handling needs to be improved to maintain the coherency of the
directory blob prior to permitting local directory editing.
To this end:
(1) If any directory page gets discarded, invalidate and reread the entire
directory.
(2) If readpage notes that if when it fetches a single page that the
version number has changed, the entire directory is flagged for
invalidation.
(3) Read as much of the directory in one go as we can.
Note that this removes local caching of directories in fscache for the
moment as we can't pass the pages to fscache_read_or_alloc_pages() since
page->lru is in use by the LRU.
Signed-off-by: David Howells <dhowells@redhat.com>
2018-04-06 13:17:25 +00:00
|
|
|
inode->i_mapping->a_ops = &afs_fs_aops;
|
2017-03-16 16:27:45 +00:00
|
|
|
} else {
|
|
|
|
inode->i_mode = S_IFLNK | vnode->status.mode;
|
2017-07-06 14:50:27 +00:00
|
|
|
inode->i_op = &afs_symlink_inode_operations;
|
afs: Fix directory handling
AFS directories are structured blobs that are downloaded just like files
and then parsed by the lookup and readdir code and, as such, are currently
handled in the pagecache like any other file, with the entire directory
content being thrown away each time the directory changes.
However, since the blob is a known structure and since the data version
counter on a directory increases by exactly one for each change committed
to that directory, we can actually edit the directory locally rather than
fetching it from the server after each locally-induced change.
What we can't do, though, is mix data from the server and data from the
client since the server is technically at liberty to rearrange or compress
a directory if it sees fit, provided it updates the data version number
when it does so and breaks the callback (ie. sends a notification).
Further, lookup with lookup-ahead, readdir and, when it arrives, local
editing are likely want to scan the whole of a directory.
So directory handling needs to be improved to maintain the coherency of the
directory blob prior to permitting local directory editing.
To this end:
(1) If any directory page gets discarded, invalidate and reread the entire
directory.
(2) If readpage notes that if when it fetches a single page that the
version number has changed, the entire directory is flagged for
invalidation.
(3) Read as much of the directory in one go as we can.
Note that this removes local caching of directories in fscache for the
moment as we can't pass the pages to fscache_read_or_alloc_pages() since
page->lru is in use by the LRU.
Signed-off-by: David Howells <dhowells@redhat.com>
2018-04-06 13:17:25 +00:00
|
|
|
inode->i_mapping->a_ops = &afs_fs_aops;
|
2017-03-16 16:27:45 +00:00
|
|
|
}
|
2015-11-17 06:07:57 +00:00
|
|
|
inode_nohighmem(inode);
|
2005-04-16 22:20:36 +00:00
|
|
|
break;
|
|
|
|
default:
|
2019-04-25 13:26:52 +00:00
|
|
|
dump_vnode(vnode, parent_vnode);
|
2017-11-02 15:27:49 +00:00
|
|
|
read_sequnlock_excl(&vnode->cb_lock);
|
2018-10-19 23:57:56 +00:00
|
|
|
return afs_protocol_error(NULL, -EBADMSG, afs_eproto_file_type);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
2019-04-25 15:04:37 +00:00
|
|
|
/*
|
|
|
|
* Estimate 512 bytes blocks used, rounded up to nearest 1K
|
|
|
|
* for consistency with other AFS clients.
|
|
|
|
*/
|
|
|
|
inode->i_blocks = ((i_size_read(inode) + 1023) >> 10) << 1;
|
2018-04-06 13:17:24 +00:00
|
|
|
vnode->invalid_before = vnode->status.data_version;
|
2017-11-02 15:27:49 +00:00
|
|
|
|
|
|
|
read_sequnlock_excl(&vnode->cb_lock);
|
2005-04-16 22:20:36 +00:00
|
|
|
return 0;
|
2007-04-26 22:49:28 +00:00
|
|
|
}
|
2005-04-16 22:20:36 +00:00
|
|
|
|
afs: Overhaul volume and server record caching and fileserver rotation
The current code assumes that volumes and servers are per-cell and are
never shared, but this is not enforced, and, indeed, public cells do exist
that are aliases of each other. Further, an organisation can, say, set up
a public cell and a private cell with overlapping, but not identical, sets
of servers. The difference is purely in the database attached to the VL
servers.
The current code will malfunction if it sees a server in two cells as it
assumes global address -> server record mappings and that each server is in
just one cell.
Further, each server may have multiple addresses - and may have addresses
of different families (IPv4 and IPv6, say).
To this end, the following structural changes are made:
(1) Server record management is overhauled:
(a) Server records are made independent of cell. The namespace keeps
track of them, volume records have lists of them and each vnode
has a server on which its callback interest currently resides.
(b) The cell record no longer keeps a list of servers known to be in
that cell.
(c) The server records are now kept in a flat list because there's no
single address to sort on.
(d) Server records are now keyed by their UUID within the namespace.
(e) The addresses for a server are obtained with the VL.GetAddrsU
rather than with VL.GetEntryByName, using the server's UUID as a
parameter.
(f) Cached server records are garbage collected after a period of
non-use and are counted out of existence before purging is allowed
to complete. This protects the work functions against rmmod.
(g) The servers list is now in /proc/fs/afs/servers.
(2) Volume record management is overhauled:
(a) An RCU-replaceable server list is introduced. This tracks both
servers and their coresponding callback interests.
(b) The superblock is now keyed on cell record and numeric volume ID.
(c) The volume record is now tied to the superblock which mounts it,
and is activated when mounted and deactivated when unmounted.
This makes it easier to handle the cache cookie without causing a
double-use in fscache.
(d) The volume record is loaded from the VLDB using VL.GetEntryByNameU
to get the server UUID list.
(e) The volume name is updated if it is seen to have changed when the
volume is updated (the update is keyed on the volume ID).
(3) The vlocation record is got rid of and VLDB records are no longer
cached. Sufficient information is stored in the volume record, though
an update to a volume record is now no longer shared between related
volumes (volumes come in bundles of three: R/W, R/O and backup).
and the following procedural changes are made:
(1) The fileserver cursor introduced previously is now fleshed out and
used to iterate over fileservers and their addresses.
(2) Volume status is checked during iteration, and the server list is
replaced if a change is detected.
(3) Server status is checked during iteration, and the address list is
replaced if a change is detected.
(4) The abort code is saved into the address list cursor and -ECONNABORTED
returned in afs_make_call() if a remote abort happened rather than
translating the abort into an error message. This allows actions to
be taken depending on the abort code more easily.
(a) If a VMOVED abort is seen then this is handled by rechecking the
volume and restarting the iteration.
(b) If a VBUSY, VRESTARTING or VSALVAGING abort is seen then this is
handled by sleeping for a short period and retrying and/or trying
other servers that might serve that volume. A message is also
displayed once until the condition has cleared.
(c) If a VOFFLINE abort is seen, then this is handled as VBUSY for the
moment.
(d) If a VNOVOL abort is seen, the volume is rechecked in the VLDB to
see if it has been deleted; if not, the fileserver is probably
indicating that the volume couldn't be attached and needs
salvaging.
(e) If statfs() sees one of these aborts, it does not sleep, but
rather returns an error, so as not to block the umount program.
(5) The fileserver iteration functions in vnode.c are now merged into
their callers and more heavily macroised around the cursor. vnode.c
is removed.
(6) Operations on a particular vnode are serialised on that vnode because
the server will lock that vnode whilst it operates on it, so a second
op sent will just have to wait.
(7) Fileservers are probed with FS.GetCapabilities before being used.
This is where service upgrade will be done.
(8) A callback interest on a fileserver is set up before an FS operation
is performed and passed through to afs_make_call() so that it can be
set on the vnode if the operation returns a callback. The callback
interest is passed through to afs_iget() also so that it can be set
there too.
In general, record updating is done on an as-needed basis when we try to
access servers, volumes or vnodes rather than offloading it to work items
and special threads.
Notes:
(1) Pre AFS-3.4 servers are no longer supported, though this can be added
back if necessary (AFS-3.4 was released in 1998).
(2) VBUSY is retried forever for the moment at intervals of 1s.
(3) /proc/fs/afs/<cell>/servers no longer exists.
Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-02 15:27:50 +00:00
|
|
|
/*
|
|
|
|
* Fetch file status from the volume.
|
|
|
|
*/
|
2018-04-06 13:17:24 +00:00
|
|
|
int afs_fetch_status(struct afs_vnode *vnode, struct key *key, bool new_inode)
|
afs: Overhaul volume and server record caching and fileserver rotation
The current code assumes that volumes and servers are per-cell and are
never shared, but this is not enforced, and, indeed, public cells do exist
that are aliases of each other. Further, an organisation can, say, set up
a public cell and a private cell with overlapping, but not identical, sets
of servers. The difference is purely in the database attached to the VL
servers.
The current code will malfunction if it sees a server in two cells as it
assumes global address -> server record mappings and that each server is in
just one cell.
Further, each server may have multiple addresses - and may have addresses
of different families (IPv4 and IPv6, say).
To this end, the following structural changes are made:
(1) Server record management is overhauled:
(a) Server records are made independent of cell. The namespace keeps
track of them, volume records have lists of them and each vnode
has a server on which its callback interest currently resides.
(b) The cell record no longer keeps a list of servers known to be in
that cell.
(c) The server records are now kept in a flat list because there's no
single address to sort on.
(d) Server records are now keyed by their UUID within the namespace.
(e) The addresses for a server are obtained with the VL.GetAddrsU
rather than with VL.GetEntryByName, using the server's UUID as a
parameter.
(f) Cached server records are garbage collected after a period of
non-use and are counted out of existence before purging is allowed
to complete. This protects the work functions against rmmod.
(g) The servers list is now in /proc/fs/afs/servers.
(2) Volume record management is overhauled:
(a) An RCU-replaceable server list is introduced. This tracks both
servers and their coresponding callback interests.
(b) The superblock is now keyed on cell record and numeric volume ID.
(c) The volume record is now tied to the superblock which mounts it,
and is activated when mounted and deactivated when unmounted.
This makes it easier to handle the cache cookie without causing a
double-use in fscache.
(d) The volume record is loaded from the VLDB using VL.GetEntryByNameU
to get the server UUID list.
(e) The volume name is updated if it is seen to have changed when the
volume is updated (the update is keyed on the volume ID).
(3) The vlocation record is got rid of and VLDB records are no longer
cached. Sufficient information is stored in the volume record, though
an update to a volume record is now no longer shared between related
volumes (volumes come in bundles of three: R/W, R/O and backup).
and the following procedural changes are made:
(1) The fileserver cursor introduced previously is now fleshed out and
used to iterate over fileservers and their addresses.
(2) Volume status is checked during iteration, and the server list is
replaced if a change is detected.
(3) Server status is checked during iteration, and the address list is
replaced if a change is detected.
(4) The abort code is saved into the address list cursor and -ECONNABORTED
returned in afs_make_call() if a remote abort happened rather than
translating the abort into an error message. This allows actions to
be taken depending on the abort code more easily.
(a) If a VMOVED abort is seen then this is handled by rechecking the
volume and restarting the iteration.
(b) If a VBUSY, VRESTARTING or VSALVAGING abort is seen then this is
handled by sleeping for a short period and retrying and/or trying
other servers that might serve that volume. A message is also
displayed once until the condition has cleared.
(c) If a VOFFLINE abort is seen, then this is handled as VBUSY for the
moment.
(d) If a VNOVOL abort is seen, the volume is rechecked in the VLDB to
see if it has been deleted; if not, the fileserver is probably
indicating that the volume couldn't be attached and needs
salvaging.
(e) If statfs() sees one of these aborts, it does not sleep, but
rather returns an error, so as not to block the umount program.
(5) The fileserver iteration functions in vnode.c are now merged into
their callers and more heavily macroised around the cursor. vnode.c
is removed.
(6) Operations on a particular vnode are serialised on that vnode because
the server will lock that vnode whilst it operates on it, so a second
op sent will just have to wait.
(7) Fileservers are probed with FS.GetCapabilities before being used.
This is where service upgrade will be done.
(8) A callback interest on a fileserver is set up before an FS operation
is performed and passed through to afs_make_call() so that it can be
set on the vnode if the operation returns a callback. The callback
interest is passed through to afs_iget() also so that it can be set
there too.
In general, record updating is done on an as-needed basis when we try to
access servers, volumes or vnodes rather than offloading it to work items
and special threads.
Notes:
(1) Pre AFS-3.4 servers are no longer supported, though this can be added
back if necessary (AFS-3.4 was released in 1998).
(2) VBUSY is retried forever for the moment at intervals of 1s.
(3) /proc/fs/afs/<cell>/servers no longer exists.
Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-02 15:27:50 +00:00
|
|
|
{
|
|
|
|
struct afs_fs_cursor fc;
|
|
|
|
int ret;
|
|
|
|
|
2018-10-19 23:57:57 +00:00
|
|
|
_enter("%s,{%llx:%llu.%u,S=%lx}",
|
afs: Overhaul volume and server record caching and fileserver rotation
The current code assumes that volumes and servers are per-cell and are
never shared, but this is not enforced, and, indeed, public cells do exist
that are aliases of each other. Further, an organisation can, say, set up
a public cell and a private cell with overlapping, but not identical, sets
of servers. The difference is purely in the database attached to the VL
servers.
The current code will malfunction if it sees a server in two cells as it
assumes global address -> server record mappings and that each server is in
just one cell.
Further, each server may have multiple addresses - and may have addresses
of different families (IPv4 and IPv6, say).
To this end, the following structural changes are made:
(1) Server record management is overhauled:
(a) Server records are made independent of cell. The namespace keeps
track of them, volume records have lists of them and each vnode
has a server on which its callback interest currently resides.
(b) The cell record no longer keeps a list of servers known to be in
that cell.
(c) The server records are now kept in a flat list because there's no
single address to sort on.
(d) Server records are now keyed by their UUID within the namespace.
(e) The addresses for a server are obtained with the VL.GetAddrsU
rather than with VL.GetEntryByName, using the server's UUID as a
parameter.
(f) Cached server records are garbage collected after a period of
non-use and are counted out of existence before purging is allowed
to complete. This protects the work functions against rmmod.
(g) The servers list is now in /proc/fs/afs/servers.
(2) Volume record management is overhauled:
(a) An RCU-replaceable server list is introduced. This tracks both
servers and their coresponding callback interests.
(b) The superblock is now keyed on cell record and numeric volume ID.
(c) The volume record is now tied to the superblock which mounts it,
and is activated when mounted and deactivated when unmounted.
This makes it easier to handle the cache cookie without causing a
double-use in fscache.
(d) The volume record is loaded from the VLDB using VL.GetEntryByNameU
to get the server UUID list.
(e) The volume name is updated if it is seen to have changed when the
volume is updated (the update is keyed on the volume ID).
(3) The vlocation record is got rid of and VLDB records are no longer
cached. Sufficient information is stored in the volume record, though
an update to a volume record is now no longer shared between related
volumes (volumes come in bundles of three: R/W, R/O and backup).
and the following procedural changes are made:
(1) The fileserver cursor introduced previously is now fleshed out and
used to iterate over fileservers and their addresses.
(2) Volume status is checked during iteration, and the server list is
replaced if a change is detected.
(3) Server status is checked during iteration, and the address list is
replaced if a change is detected.
(4) The abort code is saved into the address list cursor and -ECONNABORTED
returned in afs_make_call() if a remote abort happened rather than
translating the abort into an error message. This allows actions to
be taken depending on the abort code more easily.
(a) If a VMOVED abort is seen then this is handled by rechecking the
volume and restarting the iteration.
(b) If a VBUSY, VRESTARTING or VSALVAGING abort is seen then this is
handled by sleeping for a short period and retrying and/or trying
other servers that might serve that volume. A message is also
displayed once until the condition has cleared.
(c) If a VOFFLINE abort is seen, then this is handled as VBUSY for the
moment.
(d) If a VNOVOL abort is seen, the volume is rechecked in the VLDB to
see if it has been deleted; if not, the fileserver is probably
indicating that the volume couldn't be attached and needs
salvaging.
(e) If statfs() sees one of these aborts, it does not sleep, but
rather returns an error, so as not to block the umount program.
(5) The fileserver iteration functions in vnode.c are now merged into
their callers and more heavily macroised around the cursor. vnode.c
is removed.
(6) Operations on a particular vnode are serialised on that vnode because
the server will lock that vnode whilst it operates on it, so a second
op sent will just have to wait.
(7) Fileservers are probed with FS.GetCapabilities before being used.
This is where service upgrade will be done.
(8) A callback interest on a fileserver is set up before an FS operation
is performed and passed through to afs_make_call() so that it can be
set on the vnode if the operation returns a callback. The callback
interest is passed through to afs_iget() also so that it can be set
there too.
In general, record updating is done on an as-needed basis when we try to
access servers, volumes or vnodes rather than offloading it to work items
and special threads.
Notes:
(1) Pre AFS-3.4 servers are no longer supported, though this can be added
back if necessary (AFS-3.4 was released in 1998).
(2) VBUSY is retried forever for the moment at intervals of 1s.
(3) /proc/fs/afs/<cell>/servers no longer exists.
Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-02 15:27:50 +00:00
|
|
|
vnode->volume->name,
|
|
|
|
vnode->fid.vid, vnode->fid.vnode, vnode->fid.unique,
|
|
|
|
vnode->flags);
|
|
|
|
|
|
|
|
ret = -ERESTARTSYS;
|
afs: Make some RPC operations non-interruptible
Make certain RPC operations non-interruptible, including:
(*) Set attributes
(*) Store data
We don't want to get interrupted during a flush on close, flush on
unlock, writeback or an inode update, leaving us in a state where we
still need to do the writeback or update.
(*) Extend lock
(*) Release lock
We don't want to get lock extension interrupted as the file locks on
the server are time-limited. Interruption during lock release is less
of an issue since the lock is time-limited, but it's better to
complete the release to avoid a several-minute wait to recover it.
*Setting* the lock isn't a problem if it's interrupted since we can
just return to the user and tell them they were interrupted - at
which point they can elect to retry.
(*) Silly unlink
We want to remove silly unlink files if we can, rather than leaving
them for the salvager to clear up.
Note that whilst these calls are no longer interruptible, they do have
timeouts on them, so if the server stops responding the call will fail with
something like ETIME or ECONNRESET.
Without this, the following:
kAFS: Unexpected error from FS.StoreData -512
appears in dmesg when a pending store data gets interrupted and some
processes may just hang.
Additionally, make the code that checks/updates the server record ignore
failure due to interruption if the main call is uninterruptible and if the
server has an address list. The next op will check it again since the
expiration time on the old list has past.
Fixes: d2ddc776a458 ("afs: Overhaul volume and server record caching and fileserver rotation")
Reported-by: Jonathan Billings <jsbillings@jsbillings.org>
Reported-by: Marc Dionne <marc.dionne@auristor.com>
Signed-off-by: David Howells <dhowells@redhat.com>
2019-05-08 15:16:31 +00:00
|
|
|
if (afs_begin_vnode_operation(&fc, vnode, key, true)) {
|
afs: Overhaul volume and server record caching and fileserver rotation
The current code assumes that volumes and servers are per-cell and are
never shared, but this is not enforced, and, indeed, public cells do exist
that are aliases of each other. Further, an organisation can, say, set up
a public cell and a private cell with overlapping, but not identical, sets
of servers. The difference is purely in the database attached to the VL
servers.
The current code will malfunction if it sees a server in two cells as it
assumes global address -> server record mappings and that each server is in
just one cell.
Further, each server may have multiple addresses - and may have addresses
of different families (IPv4 and IPv6, say).
To this end, the following structural changes are made:
(1) Server record management is overhauled:
(a) Server records are made independent of cell. The namespace keeps
track of them, volume records have lists of them and each vnode
has a server on which its callback interest currently resides.
(b) The cell record no longer keeps a list of servers known to be in
that cell.
(c) The server records are now kept in a flat list because there's no
single address to sort on.
(d) Server records are now keyed by their UUID within the namespace.
(e) The addresses for a server are obtained with the VL.GetAddrsU
rather than with VL.GetEntryByName, using the server's UUID as a
parameter.
(f) Cached server records are garbage collected after a period of
non-use and are counted out of existence before purging is allowed
to complete. This protects the work functions against rmmod.
(g) The servers list is now in /proc/fs/afs/servers.
(2) Volume record management is overhauled:
(a) An RCU-replaceable server list is introduced. This tracks both
servers and their coresponding callback interests.
(b) The superblock is now keyed on cell record and numeric volume ID.
(c) The volume record is now tied to the superblock which mounts it,
and is activated when mounted and deactivated when unmounted.
This makes it easier to handle the cache cookie without causing a
double-use in fscache.
(d) The volume record is loaded from the VLDB using VL.GetEntryByNameU
to get the server UUID list.
(e) The volume name is updated if it is seen to have changed when the
volume is updated (the update is keyed on the volume ID).
(3) The vlocation record is got rid of and VLDB records are no longer
cached. Sufficient information is stored in the volume record, though
an update to a volume record is now no longer shared between related
volumes (volumes come in bundles of three: R/W, R/O and backup).
and the following procedural changes are made:
(1) The fileserver cursor introduced previously is now fleshed out and
used to iterate over fileservers and their addresses.
(2) Volume status is checked during iteration, and the server list is
replaced if a change is detected.
(3) Server status is checked during iteration, and the address list is
replaced if a change is detected.
(4) The abort code is saved into the address list cursor and -ECONNABORTED
returned in afs_make_call() if a remote abort happened rather than
translating the abort into an error message. This allows actions to
be taken depending on the abort code more easily.
(a) If a VMOVED abort is seen then this is handled by rechecking the
volume and restarting the iteration.
(b) If a VBUSY, VRESTARTING or VSALVAGING abort is seen then this is
handled by sleeping for a short period and retrying and/or trying
other servers that might serve that volume. A message is also
displayed once until the condition has cleared.
(c) If a VOFFLINE abort is seen, then this is handled as VBUSY for the
moment.
(d) If a VNOVOL abort is seen, the volume is rechecked in the VLDB to
see if it has been deleted; if not, the fileserver is probably
indicating that the volume couldn't be attached and needs
salvaging.
(e) If statfs() sees one of these aborts, it does not sleep, but
rather returns an error, so as not to block the umount program.
(5) The fileserver iteration functions in vnode.c are now merged into
their callers and more heavily macroised around the cursor. vnode.c
is removed.
(6) Operations on a particular vnode are serialised on that vnode because
the server will lock that vnode whilst it operates on it, so a second
op sent will just have to wait.
(7) Fileservers are probed with FS.GetCapabilities before being used.
This is where service upgrade will be done.
(8) A callback interest on a fileserver is set up before an FS operation
is performed and passed through to afs_make_call() so that it can be
set on the vnode if the operation returns a callback. The callback
interest is passed through to afs_iget() also so that it can be set
there too.
In general, record updating is done on an as-needed basis when we try to
access servers, volumes or vnodes rather than offloading it to work items
and special threads.
Notes:
(1) Pre AFS-3.4 servers are no longer supported, though this can be added
back if necessary (AFS-3.4 was released in 1998).
(2) VBUSY is retried forever for the moment at intervals of 1s.
(3) /proc/fs/afs/<cell>/servers no longer exists.
Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-02 15:27:50 +00:00
|
|
|
while (afs_select_fileserver(&fc)) {
|
2018-05-12 21:31:33 +00:00
|
|
|
fc.cb_break = afs_calc_vnode_cb_break(vnode);
|
2018-04-06 13:17:24 +00:00
|
|
|
afs_fs_fetch_file_status(&fc, NULL, new_inode);
|
afs: Overhaul volume and server record caching and fileserver rotation
The current code assumes that volumes and servers are per-cell and are
never shared, but this is not enforced, and, indeed, public cells do exist
that are aliases of each other. Further, an organisation can, say, set up
a public cell and a private cell with overlapping, but not identical, sets
of servers. The difference is purely in the database attached to the VL
servers.
The current code will malfunction if it sees a server in two cells as it
assumes global address -> server record mappings and that each server is in
just one cell.
Further, each server may have multiple addresses - and may have addresses
of different families (IPv4 and IPv6, say).
To this end, the following structural changes are made:
(1) Server record management is overhauled:
(a) Server records are made independent of cell. The namespace keeps
track of them, volume records have lists of them and each vnode
has a server on which its callback interest currently resides.
(b) The cell record no longer keeps a list of servers known to be in
that cell.
(c) The server records are now kept in a flat list because there's no
single address to sort on.
(d) Server records are now keyed by their UUID within the namespace.
(e) The addresses for a server are obtained with the VL.GetAddrsU
rather than with VL.GetEntryByName, using the server's UUID as a
parameter.
(f) Cached server records are garbage collected after a period of
non-use and are counted out of existence before purging is allowed
to complete. This protects the work functions against rmmod.
(g) The servers list is now in /proc/fs/afs/servers.
(2) Volume record management is overhauled:
(a) An RCU-replaceable server list is introduced. This tracks both
servers and their coresponding callback interests.
(b) The superblock is now keyed on cell record and numeric volume ID.
(c) The volume record is now tied to the superblock which mounts it,
and is activated when mounted and deactivated when unmounted.
This makes it easier to handle the cache cookie without causing a
double-use in fscache.
(d) The volume record is loaded from the VLDB using VL.GetEntryByNameU
to get the server UUID list.
(e) The volume name is updated if it is seen to have changed when the
volume is updated (the update is keyed on the volume ID).
(3) The vlocation record is got rid of and VLDB records are no longer
cached. Sufficient information is stored in the volume record, though
an update to a volume record is now no longer shared between related
volumes (volumes come in bundles of three: R/W, R/O and backup).
and the following procedural changes are made:
(1) The fileserver cursor introduced previously is now fleshed out and
used to iterate over fileservers and their addresses.
(2) Volume status is checked during iteration, and the server list is
replaced if a change is detected.
(3) Server status is checked during iteration, and the address list is
replaced if a change is detected.
(4) The abort code is saved into the address list cursor and -ECONNABORTED
returned in afs_make_call() if a remote abort happened rather than
translating the abort into an error message. This allows actions to
be taken depending on the abort code more easily.
(a) If a VMOVED abort is seen then this is handled by rechecking the
volume and restarting the iteration.
(b) If a VBUSY, VRESTARTING or VSALVAGING abort is seen then this is
handled by sleeping for a short period and retrying and/or trying
other servers that might serve that volume. A message is also
displayed once until the condition has cleared.
(c) If a VOFFLINE abort is seen, then this is handled as VBUSY for the
moment.
(d) If a VNOVOL abort is seen, the volume is rechecked in the VLDB to
see if it has been deleted; if not, the fileserver is probably
indicating that the volume couldn't be attached and needs
salvaging.
(e) If statfs() sees one of these aborts, it does not sleep, but
rather returns an error, so as not to block the umount program.
(5) The fileserver iteration functions in vnode.c are now merged into
their callers and more heavily macroised around the cursor. vnode.c
is removed.
(6) Operations on a particular vnode are serialised on that vnode because
the server will lock that vnode whilst it operates on it, so a second
op sent will just have to wait.
(7) Fileservers are probed with FS.GetCapabilities before being used.
This is where service upgrade will be done.
(8) A callback interest on a fileserver is set up before an FS operation
is performed and passed through to afs_make_call() so that it can be
set on the vnode if the operation returns a callback. The callback
interest is passed through to afs_iget() also so that it can be set
there too.
In general, record updating is done on an as-needed basis when we try to
access servers, volumes or vnodes rather than offloading it to work items
and special threads.
Notes:
(1) Pre AFS-3.4 servers are no longer supported, though this can be added
back if necessary (AFS-3.4 was released in 1998).
(2) VBUSY is retried forever for the moment at intervals of 1s.
(3) /proc/fs/afs/<cell>/servers no longer exists.
Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-02 15:27:50 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
afs_check_for_remote_deletion(&fc, fc.vnode);
|
|
|
|
afs_vnode_commit_status(&fc, vnode, fc.cb_break);
|
|
|
|
ret = afs_end_vnode_operation(&fc);
|
|
|
|
}
|
|
|
|
|
|
|
|
_leave(" = %d", ret);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
/*
|
|
|
|
* iget5() comparator
|
|
|
|
*/
|
2017-11-02 15:27:49 +00:00
|
|
|
int afs_iget5_test(struct inode *inode, void *opaque)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
|
|
|
struct afs_iget_data *data = opaque;
|
2018-10-19 23:57:57 +00:00
|
|
|
struct afs_vnode *vnode = AFS_FS_I(inode);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2018-10-19 23:57:57 +00:00
|
|
|
return memcmp(&vnode->fid, &data->fid, sizeof(data->fid)) == 0;
|
2007-04-26 22:49:28 +00:00
|
|
|
}
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2010-08-11 08:38:04 +00:00
|
|
|
/*
|
|
|
|
* iget5() comparator for inode created by autocell operations
|
|
|
|
*
|
|
|
|
* These pseudo inodes don't match anything.
|
|
|
|
*/
|
2018-02-06 06:26:30 +00:00
|
|
|
static int afs_iget5_pseudo_dir_test(struct inode *inode, void *opaque)
|
2010-08-11 08:38:04 +00:00
|
|
|
{
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
/*
|
|
|
|
* iget5() inode initialiser
|
|
|
|
*/
|
|
|
|
static int afs_iget5_set(struct inode *inode, void *opaque)
|
|
|
|
{
|
|
|
|
struct afs_iget_data *data = opaque;
|
|
|
|
struct afs_vnode *vnode = AFS_FS_I(inode);
|
|
|
|
|
|
|
|
vnode->fid = data->fid;
|
|
|
|
vnode->volume = data->volume;
|
|
|
|
|
2018-10-19 23:57:57 +00:00
|
|
|
/* YFS supports 96-bit vnode IDs, but Linux only supports
|
|
|
|
* 64-bit inode numbers.
|
|
|
|
*/
|
|
|
|
inode->i_ino = data->fid.vnode;
|
|
|
|
inode->i_generation = data->fid.unique;
|
2005-04-16 22:20:36 +00:00
|
|
|
return 0;
|
2007-04-26 22:49:28 +00:00
|
|
|
}
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2010-08-11 08:38:04 +00:00
|
|
|
/*
|
2018-02-06 06:26:30 +00:00
|
|
|
* Create an inode for a dynamic root directory or an autocell dynamic
|
|
|
|
* automount dir.
|
2010-08-11 08:38:04 +00:00
|
|
|
*/
|
2018-02-06 06:26:30 +00:00
|
|
|
struct inode *afs_iget_pseudo_dir(struct super_block *sb, bool root)
|
2010-08-11 08:38:04 +00:00
|
|
|
{
|
|
|
|
struct afs_iget_data data;
|
|
|
|
struct afs_super_info *as;
|
|
|
|
struct afs_vnode *vnode;
|
|
|
|
struct inode *inode;
|
|
|
|
static atomic_t afs_autocell_ino;
|
|
|
|
|
2018-02-06 06:26:30 +00:00
|
|
|
_enter("");
|
2010-08-11 08:38:04 +00:00
|
|
|
|
|
|
|
as = sb->s_fs_info;
|
2018-02-06 06:26:30 +00:00
|
|
|
if (as->volume) {
|
|
|
|
data.volume = as->volume;
|
|
|
|
data.fid.vid = as->volume->vid;
|
|
|
|
}
|
|
|
|
if (root) {
|
|
|
|
data.fid.vnode = 1;
|
|
|
|
data.fid.unique = 1;
|
|
|
|
} else {
|
|
|
|
data.fid.vnode = atomic_inc_return(&afs_autocell_ino);
|
|
|
|
data.fid.unique = 0;
|
|
|
|
}
|
2010-08-11 08:38:04 +00:00
|
|
|
|
2018-02-06 06:26:30 +00:00
|
|
|
inode = iget5_locked(sb, data.fid.vnode,
|
|
|
|
afs_iget5_pseudo_dir_test, afs_iget5_set,
|
2010-08-11 08:38:04 +00:00
|
|
|
&data);
|
|
|
|
if (!inode) {
|
|
|
|
_leave(" = -ENOMEM");
|
|
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
}
|
|
|
|
|
2018-10-19 23:57:57 +00:00
|
|
|
_debug("GOT INODE %p { ino=%lu, vl=%llx, vn=%llx, u=%x }",
|
2010-08-11 08:38:04 +00:00
|
|
|
inode, inode->i_ino, data.fid.vid, data.fid.vnode,
|
|
|
|
data.fid.unique);
|
|
|
|
|
|
|
|
vnode = AFS_FS_I(inode);
|
|
|
|
|
|
|
|
/* there shouldn't be an existing inode */
|
|
|
|
BUG_ON(!(inode->i_state & I_NEW));
|
|
|
|
|
|
|
|
inode->i_size = 0;
|
|
|
|
inode->i_mode = S_IFDIR | S_IRUGO | S_IXUGO;
|
2018-02-06 06:26:30 +00:00
|
|
|
if (root) {
|
|
|
|
inode->i_op = &afs_dynroot_inode_operations;
|
|
|
|
inode->i_fop = &afs_dynroot_file_operations;
|
|
|
|
} else {
|
|
|
|
inode->i_op = &afs_autocell_inode_operations;
|
|
|
|
}
|
2011-10-28 12:13:29 +00:00
|
|
|
set_nlink(inode, 2);
|
2012-02-08 00:20:48 +00:00
|
|
|
inode->i_uid = GLOBAL_ROOT_UID;
|
|
|
|
inode->i_gid = GLOBAL_ROOT_GID;
|
2019-04-13 07:37:36 +00:00
|
|
|
inode->i_ctime = inode->i_atime = inode->i_mtime = current_time(inode);
|
2010-08-11 08:38:04 +00:00
|
|
|
inode->i_blocks = 0;
|
2017-12-11 11:35:11 +00:00
|
|
|
inode_set_iversion_raw(inode, 0);
|
2010-08-11 08:38:04 +00:00
|
|
|
inode->i_generation = 0;
|
|
|
|
|
|
|
|
set_bit(AFS_VNODE_PSEUDODIR, &vnode->flags);
|
2018-02-06 06:26:30 +00:00
|
|
|
if (!root) {
|
|
|
|
set_bit(AFS_VNODE_MOUNTPOINT, &vnode->flags);
|
|
|
|
inode->i_flags |= S_AUTOMOUNT;
|
|
|
|
}
|
|
|
|
|
|
|
|
inode->i_flags |= S_NOATIME;
|
2010-08-11 08:38:04 +00:00
|
|
|
unlock_new_inode(inode);
|
|
|
|
_leave(" = %p", inode);
|
|
|
|
return inode;
|
|
|
|
}
|
|
|
|
|
2018-04-04 12:41:28 +00:00
|
|
|
/*
|
|
|
|
* Get a cache cookie for an inode.
|
|
|
|
*/
|
|
|
|
static void afs_get_inode_cache(struct afs_vnode *vnode)
|
|
|
|
{
|
|
|
|
#ifdef CONFIG_AFS_FSCACHE
|
|
|
|
struct {
|
|
|
|
u32 vnode_id;
|
|
|
|
u32 unique;
|
|
|
|
u32 vnode_id_ext[2]; /* Allow for a 96-bit key */
|
|
|
|
} __packed key;
|
|
|
|
struct afs_vnode_cache_aux aux;
|
|
|
|
|
afs: Fix directory handling
AFS directories are structured blobs that are downloaded just like files
and then parsed by the lookup and readdir code and, as such, are currently
handled in the pagecache like any other file, with the entire directory
content being thrown away each time the directory changes.
However, since the blob is a known structure and since the data version
counter on a directory increases by exactly one for each change committed
to that directory, we can actually edit the directory locally rather than
fetching it from the server after each locally-induced change.
What we can't do, though, is mix data from the server and data from the
client since the server is technically at liberty to rearrange or compress
a directory if it sees fit, provided it updates the data version number
when it does so and breaks the callback (ie. sends a notification).
Further, lookup with lookup-ahead, readdir and, when it arrives, local
editing are likely want to scan the whole of a directory.
So directory handling needs to be improved to maintain the coherency of the
directory blob prior to permitting local directory editing.
To this end:
(1) If any directory page gets discarded, invalidate and reread the entire
directory.
(2) If readpage notes that if when it fetches a single page that the
version number has changed, the entire directory is flagged for
invalidation.
(3) Read as much of the directory in one go as we can.
Note that this removes local caching of directories in fscache for the
moment as we can't pass the pages to fscache_read_or_alloc_pages() since
page->lru is in use by the LRU.
Signed-off-by: David Howells <dhowells@redhat.com>
2018-04-06 13:17:25 +00:00
|
|
|
if (vnode->status.type == AFS_FTYPE_DIR) {
|
|
|
|
vnode->cache = NULL;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2018-04-04 12:41:28 +00:00
|
|
|
key.vnode_id = vnode->fid.vnode;
|
|
|
|
key.unique = vnode->fid.unique;
|
2018-10-19 23:57:57 +00:00
|
|
|
key.vnode_id_ext[0] = vnode->fid.vnode >> 32;
|
|
|
|
key.vnode_id_ext[1] = vnode->fid.vnode_hi;
|
2018-04-04 12:41:28 +00:00
|
|
|
aux.data_version = vnode->status.data_version;
|
|
|
|
|
|
|
|
vnode->cache = fscache_acquire_cookie(vnode->volume->cache,
|
|
|
|
&afs_vnode_cache_index_def,
|
|
|
|
&key, sizeof(key),
|
|
|
|
&aux, sizeof(aux),
|
2018-04-04 12:41:28 +00:00
|
|
|
vnode, vnode->status.size, true);
|
2018-04-04 12:41:28 +00:00
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
/*
|
|
|
|
* inode retrieval
|
|
|
|
*/
|
2007-04-26 22:59:35 +00:00
|
|
|
struct inode *afs_iget(struct super_block *sb, struct key *key,
|
|
|
|
struct afs_fid *fid, struct afs_file_status *status,
|
2019-04-25 13:26:52 +00:00
|
|
|
struct afs_callback *cb, struct afs_cb_interest *cbi,
|
|
|
|
struct afs_vnode *parent_vnode)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
|
|
|
struct afs_iget_data data = { .fid = *fid };
|
|
|
|
struct afs_super_info *as;
|
|
|
|
struct afs_vnode *vnode;
|
|
|
|
struct inode *inode;
|
|
|
|
int ret;
|
|
|
|
|
2018-10-19 23:57:57 +00:00
|
|
|
_enter(",{%llx:%llu.%u},,", fid->vid, fid->vnode, fid->unique);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
as = sb->s_fs_info;
|
|
|
|
data.volume = as->volume;
|
|
|
|
|
|
|
|
inode = iget5_locked(sb, fid->vnode, afs_iget5_test, afs_iget5_set,
|
|
|
|
&data);
|
|
|
|
if (!inode) {
|
|
|
|
_leave(" = -ENOMEM");
|
2007-04-26 22:55:03 +00:00
|
|
|
return ERR_PTR(-ENOMEM);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
2018-10-19 23:57:57 +00:00
|
|
|
_debug("GOT INODE %p { vl=%llx vn=%llx, u=%x }",
|
2007-04-26 22:55:03 +00:00
|
|
|
inode, fid->vid, fid->vnode, fid->unique);
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
vnode = AFS_FS_I(inode);
|
|
|
|
|
|
|
|
/* deal with an existing inode */
|
|
|
|
if (!(inode->i_state & I_NEW)) {
|
2007-04-26 22:55:03 +00:00
|
|
|
_leave(" = %p", inode);
|
|
|
|
return inode;
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
2007-04-26 22:59:35 +00:00
|
|
|
if (!status) {
|
|
|
|
/* it's a remotely extant inode */
|
2018-04-06 13:17:24 +00:00
|
|
|
ret = afs_fetch_status(vnode, key, true);
|
2007-04-26 22:59:35 +00:00
|
|
|
if (ret < 0)
|
|
|
|
goto bad_inode;
|
|
|
|
} else {
|
|
|
|
/* it's an inode we just created */
|
|
|
|
memcpy(&vnode->status, status, sizeof(vnode->status));
|
|
|
|
|
|
|
|
if (!cb) {
|
|
|
|
/* it's a symlink we just created (the fileserver
|
|
|
|
* didn't give us a callback) */
|
|
|
|
vnode->cb_version = 0;
|
|
|
|
vnode->cb_type = 0;
|
2018-10-19 23:57:58 +00:00
|
|
|
vnode->cb_expires_at = ktime_get();
|
2007-04-26 22:59:35 +00:00
|
|
|
} else {
|
|
|
|
vnode->cb_version = cb->version;
|
|
|
|
vnode->cb_type = cb->type;
|
2018-10-19 23:57:58 +00:00
|
|
|
vnode->cb_expires_at = cb->expires_at;
|
afs: Overhaul volume and server record caching and fileserver rotation
The current code assumes that volumes and servers are per-cell and are
never shared, but this is not enforced, and, indeed, public cells do exist
that are aliases of each other. Further, an organisation can, say, set up
a public cell and a private cell with overlapping, but not identical, sets
of servers. The difference is purely in the database attached to the VL
servers.
The current code will malfunction if it sees a server in two cells as it
assumes global address -> server record mappings and that each server is in
just one cell.
Further, each server may have multiple addresses - and may have addresses
of different families (IPv4 and IPv6, say).
To this end, the following structural changes are made:
(1) Server record management is overhauled:
(a) Server records are made independent of cell. The namespace keeps
track of them, volume records have lists of them and each vnode
has a server on which its callback interest currently resides.
(b) The cell record no longer keeps a list of servers known to be in
that cell.
(c) The server records are now kept in a flat list because there's no
single address to sort on.
(d) Server records are now keyed by their UUID within the namespace.
(e) The addresses for a server are obtained with the VL.GetAddrsU
rather than with VL.GetEntryByName, using the server's UUID as a
parameter.
(f) Cached server records are garbage collected after a period of
non-use and are counted out of existence before purging is allowed
to complete. This protects the work functions against rmmod.
(g) The servers list is now in /proc/fs/afs/servers.
(2) Volume record management is overhauled:
(a) An RCU-replaceable server list is introduced. This tracks both
servers and their coresponding callback interests.
(b) The superblock is now keyed on cell record and numeric volume ID.
(c) The volume record is now tied to the superblock which mounts it,
and is activated when mounted and deactivated when unmounted.
This makes it easier to handle the cache cookie without causing a
double-use in fscache.
(d) The volume record is loaded from the VLDB using VL.GetEntryByNameU
to get the server UUID list.
(e) The volume name is updated if it is seen to have changed when the
volume is updated (the update is keyed on the volume ID).
(3) The vlocation record is got rid of and VLDB records are no longer
cached. Sufficient information is stored in the volume record, though
an update to a volume record is now no longer shared between related
volumes (volumes come in bundles of three: R/W, R/O and backup).
and the following procedural changes are made:
(1) The fileserver cursor introduced previously is now fleshed out and
used to iterate over fileservers and their addresses.
(2) Volume status is checked during iteration, and the server list is
replaced if a change is detected.
(3) Server status is checked during iteration, and the address list is
replaced if a change is detected.
(4) The abort code is saved into the address list cursor and -ECONNABORTED
returned in afs_make_call() if a remote abort happened rather than
translating the abort into an error message. This allows actions to
be taken depending on the abort code more easily.
(a) If a VMOVED abort is seen then this is handled by rechecking the
volume and restarting the iteration.
(b) If a VBUSY, VRESTARTING or VSALVAGING abort is seen then this is
handled by sleeping for a short period and retrying and/or trying
other servers that might serve that volume. A message is also
displayed once until the condition has cleared.
(c) If a VOFFLINE abort is seen, then this is handled as VBUSY for the
moment.
(d) If a VNOVOL abort is seen, the volume is rechecked in the VLDB to
see if it has been deleted; if not, the fileserver is probably
indicating that the volume couldn't be attached and needs
salvaging.
(e) If statfs() sees one of these aborts, it does not sleep, but
rather returns an error, so as not to block the umount program.
(5) The fileserver iteration functions in vnode.c are now merged into
their callers and more heavily macroised around the cursor. vnode.c
is removed.
(6) Operations on a particular vnode are serialised on that vnode because
the server will lock that vnode whilst it operates on it, so a second
op sent will just have to wait.
(7) Fileservers are probed with FS.GetCapabilities before being used.
This is where service upgrade will be done.
(8) A callback interest on a fileserver is set up before an FS operation
is performed and passed through to afs_make_call() so that it can be
set on the vnode if the operation returns a callback. The callback
interest is passed through to afs_iget() also so that it can be set
there too.
In general, record updating is done on an as-needed basis when we try to
access servers, volumes or vnodes rather than offloading it to work items
and special threads.
Notes:
(1) Pre AFS-3.4 servers are no longer supported, though this can be added
back if necessary (AFS-3.4 was released in 1998).
(2) VBUSY is retried forever for the moment at intervals of 1s.
(3) /proc/fs/afs/<cell>/servers no longer exists.
Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-02 15:27:50 +00:00
|
|
|
vnode->cb_interest = afs_get_cb_interest(cbi);
|
2017-11-02 15:27:49 +00:00
|
|
|
set_bit(AFS_VNODE_CB_PROMISED, &vnode->flags);
|
2007-04-26 22:59:35 +00:00
|
|
|
}
|
2017-11-02 15:27:49 +00:00
|
|
|
|
|
|
|
vnode->cb_expires_at += ktime_get_real_seconds();
|
2007-04-26 22:59:35 +00:00
|
|
|
}
|
|
|
|
|
2019-04-25 13:26:52 +00:00
|
|
|
ret = afs_inode_init_from_status(vnode, key, parent_vnode);
|
2007-04-26 22:55:03 +00:00
|
|
|
if (ret < 0)
|
2005-04-16 22:20:36 +00:00
|
|
|
goto bad_inode;
|
|
|
|
|
2018-04-06 13:17:24 +00:00
|
|
|
afs_get_inode_cache(vnode);
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
/* success */
|
2007-04-26 22:59:35 +00:00
|
|
|
clear_bit(AFS_VNODE_UNSET, &vnode->flags);
|
2007-04-26 22:55:03 +00:00
|
|
|
inode->i_flags |= S_NOATIME;
|
2005-04-16 22:20:36 +00:00
|
|
|
unlock_new_inode(inode);
|
2007-04-26 22:55:03 +00:00
|
|
|
_leave(" = %p [CB { v=%u t=%u }]", inode, vnode->cb_version, vnode->cb_type);
|
|
|
|
return inode;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
/* failure */
|
2007-04-26 22:49:28 +00:00
|
|
|
bad_inode:
|
2008-02-07 08:15:28 +00:00
|
|
|
iget_failed(inode);
|
2005-04-16 22:20:36 +00:00
|
|
|
_leave(" = %d [bad]", ret);
|
2007-04-26 22:55:03 +00:00
|
|
|
return ERR_PTR(ret);
|
2007-04-26 22:49:28 +00:00
|
|
|
}
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2007-05-09 09:33:45 +00:00
|
|
|
/*
|
|
|
|
* mark the data attached to an inode as obsolete due to a write on the server
|
|
|
|
* - might also want to ditch all the outstanding writes and dirty pages
|
|
|
|
*/
|
|
|
|
void afs_zap_data(struct afs_vnode *vnode)
|
|
|
|
{
|
2018-10-19 23:57:57 +00:00
|
|
|
_enter("{%llx:%llu}", vnode->fid.vid, vnode->fid.vnode);
|
2007-05-09 09:33:45 +00:00
|
|
|
|
2018-04-04 12:41:25 +00:00
|
|
|
#ifdef CONFIG_AFS_FSCACHE
|
|
|
|
fscache_invalidate(vnode->cache);
|
|
|
|
#endif
|
|
|
|
|
2007-05-09 09:33:45 +00:00
|
|
|
/* nuke all the non-dirty pages that aren't locked, mapped or being
|
2007-05-11 05:22:20 +00:00
|
|
|
* written back in a regular file and completely discard the pages in a
|
|
|
|
* directory or symlink */
|
|
|
|
if (S_ISREG(vnode->vfs_inode.i_mode))
|
|
|
|
invalidate_remote_inode(&vnode->vfs_inode);
|
|
|
|
else
|
|
|
|
invalidate_inode_pages2(vnode->vfs_inode.i_mapping);
|
2007-05-09 09:33:45 +00:00
|
|
|
}
|
|
|
|
|
2007-04-26 22:59:35 +00:00
|
|
|
/*
|
|
|
|
* validate a vnode/inode
|
|
|
|
* - there are several things we need to check
|
|
|
|
* - parent dir data changes (rm, rmdir, rename, mkdir, create, link,
|
|
|
|
* symlink)
|
|
|
|
* - parent dir metadata changed (security changes)
|
|
|
|
* - dentry data changed (write, truncate)
|
|
|
|
* - dentry metadata changed (security changes)
|
|
|
|
*/
|
|
|
|
int afs_validate(struct afs_vnode *vnode, struct key *key)
|
|
|
|
{
|
2017-11-02 15:27:49 +00:00
|
|
|
time64_t now = ktime_get_real_seconds();
|
2018-11-13 23:20:21 +00:00
|
|
|
bool valid;
|
2007-04-26 22:59:35 +00:00
|
|
|
int ret;
|
|
|
|
|
2018-10-19 23:57:57 +00:00
|
|
|
_enter("{v={%llx:%llu} fl=%lx},%x",
|
2007-04-26 22:59:35 +00:00
|
|
|
vnode->fid.vid, vnode->fid.vnode, vnode->flags,
|
|
|
|
key_serial(key));
|
|
|
|
|
2017-11-02 15:27:49 +00:00
|
|
|
/* Quickly check the callback state. Ideally, we'd use read_seqbegin
|
|
|
|
* here, but we have no way to pass the net namespace to the RCU
|
|
|
|
* cleanup for the server record.
|
|
|
|
*/
|
|
|
|
read_seqlock_excl(&vnode->cb_lock);
|
|
|
|
|
|
|
|
if (test_bit(AFS_VNODE_CB_PROMISED, &vnode->flags)) {
|
2018-05-12 21:31:33 +00:00
|
|
|
if (vnode->cb_s_break != vnode->cb_interest->server->cb_s_break ||
|
|
|
|
vnode->cb_v_break != vnode->volume->cb_v_break) {
|
2017-11-02 15:27:49 +00:00
|
|
|
vnode->cb_s_break = vnode->cb_interest->server->cb_s_break;
|
2018-05-12 21:31:33 +00:00
|
|
|
vnode->cb_v_break = vnode->volume->cb_v_break;
|
|
|
|
valid = false;
|
2019-05-14 10:52:03 +00:00
|
|
|
} else if (test_bit(AFS_VNODE_ZAP_DATA, &vnode->flags)) {
|
2018-11-13 23:20:21 +00:00
|
|
|
valid = false;
|
2019-05-14 10:52:03 +00:00
|
|
|
} else if (vnode->cb_expires_at - 10 <= now) {
|
2018-11-13 23:20:21 +00:00
|
|
|
valid = false;
|
|
|
|
} else {
|
2018-05-12 21:31:33 +00:00
|
|
|
valid = true;
|
2007-04-26 22:59:35 +00:00
|
|
|
}
|
2017-11-02 15:27:49 +00:00
|
|
|
} else if (test_bit(AFS_VNODE_DELETED, &vnode->flags)) {
|
|
|
|
valid = true;
|
2018-11-13 23:20:21 +00:00
|
|
|
} else {
|
|
|
|
vnode->cb_v_break = vnode->volume->cb_v_break;
|
|
|
|
valid = false;
|
2007-04-26 22:59:35 +00:00
|
|
|
}
|
|
|
|
|
2017-11-02 15:27:49 +00:00
|
|
|
read_sequnlock_excl(&vnode->cb_lock);
|
2018-01-02 10:02:19 +00:00
|
|
|
|
|
|
|
if (test_bit(AFS_VNODE_DELETED, &vnode->flags))
|
|
|
|
clear_nlink(&vnode->vfs_inode);
|
|
|
|
|
2017-11-02 15:27:49 +00:00
|
|
|
if (valid)
|
2007-04-26 22:59:35 +00:00
|
|
|
goto valid;
|
|
|
|
|
2018-04-27 19:46:22 +00:00
|
|
|
down_write(&vnode->validate_lock);
|
2007-04-26 22:59:35 +00:00
|
|
|
|
|
|
|
/* if the promise has expired, we need to check the server again to get
|
|
|
|
* a new promise - note that if the (parent) directory's metadata was
|
|
|
|
* changed then the security may be different and we may no longer have
|
|
|
|
* access */
|
2017-11-02 15:27:49 +00:00
|
|
|
if (!test_bit(AFS_VNODE_CB_PROMISED, &vnode->flags)) {
|
2007-04-26 22:59:35 +00:00
|
|
|
_debug("not promised");
|
2018-04-06 13:17:24 +00:00
|
|
|
ret = afs_fetch_status(vnode, key, false);
|
2017-11-02 15:27:49 +00:00
|
|
|
if (ret < 0) {
|
|
|
|
if (ret == -ENOENT) {
|
|
|
|
set_bit(AFS_VNODE_DELETED, &vnode->flags);
|
|
|
|
ret = -ESTALE;
|
|
|
|
}
|
2007-04-26 22:59:35 +00:00
|
|
|
goto error_unlock;
|
2017-11-02 15:27:49 +00:00
|
|
|
}
|
2007-04-26 22:59:35 +00:00
|
|
|
_debug("new promise [fl=%lx]", vnode->flags);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (test_bit(AFS_VNODE_DELETED, &vnode->flags)) {
|
|
|
|
_debug("file already deleted");
|
|
|
|
ret = -ESTALE;
|
|
|
|
goto error_unlock;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* if the vnode's data version number changed then its contents are
|
|
|
|
* different */
|
2007-05-09 09:33:45 +00:00
|
|
|
if (test_and_clear_bit(AFS_VNODE_ZAP_DATA, &vnode->flags))
|
|
|
|
afs_zap_data(vnode);
|
2018-04-27 19:46:22 +00:00
|
|
|
up_write(&vnode->validate_lock);
|
2007-04-26 22:59:35 +00:00
|
|
|
valid:
|
|
|
|
_leave(" = 0");
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
error_unlock:
|
2018-04-27 19:46:22 +00:00
|
|
|
up_write(&vnode->validate_lock);
|
2007-04-26 22:59:35 +00:00
|
|
|
_leave(" = %d", ret);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
/*
|
|
|
|
* read the attributes of an inode
|
|
|
|
*/
|
statx: Add a system call to make enhanced file info available
Add a system call to make extended file information available, including
file creation and some attribute flags where available through the
underlying filesystem.
The getattr inode operation is altered to take two additional arguments: a
u32 request_mask and an unsigned int flags that indicate the
synchronisation mode. This change is propagated to the vfs_getattr*()
function.
Functions like vfs_stat() are now inline wrappers around new functions
vfs_statx() and vfs_statx_fd() to reduce stack usage.
========
OVERVIEW
========
The idea was initially proposed as a set of xattrs that could be retrieved
with getxattr(), but the general preference proved to be for a new syscall
with an extended stat structure.
A number of requests were gathered for features to be included. The
following have been included:
(1) Make the fields a consistent size on all arches and make them large.
(2) Spare space, request flags and information flags are provided for
future expansion.
(3) Better support for the y2038 problem [Arnd Bergmann] (tv_sec is an
__s64).
(4) Creation time: The SMB protocol carries the creation time, which could
be exported by Samba, which will in turn help CIFS make use of
FS-Cache as that can be used for coherency data (stx_btime).
This is also specified in NFSv4 as a recommended attribute and could
be exported by NFSD [Steve French].
(5) Lightweight stat: Ask for just those details of interest, and allow a
netfs (such as NFS) to approximate anything not of interest, possibly
without going to the server [Trond Myklebust, Ulrich Drepper, Andreas
Dilger] (AT_STATX_DONT_SYNC).
(6) Heavyweight stat: Force a netfs to go to the server, even if it thinks
its cached attributes are up to date [Trond Myklebust]
(AT_STATX_FORCE_SYNC).
And the following have been left out for future extension:
(7) Data version number: Could be used by userspace NFS servers [Aneesh
Kumar].
Can also be used to modify fill_post_wcc() in NFSD which retrieves
i_version directly, but has just called vfs_getattr(). It could get
it from the kstat struct if it used vfs_xgetattr() instead.
(There's disagreement on the exact semantics of a single field, since
not all filesystems do this the same way).
(8) BSD stat compatibility: Including more fields from the BSD stat such
as creation time (st_btime) and inode generation number (st_gen)
[Jeremy Allison, Bernd Schubert].
(9) Inode generation number: Useful for FUSE and userspace NFS servers
[Bernd Schubert].
(This was asked for but later deemed unnecessary with the
open-by-handle capability available and caused disagreement as to
whether it's a security hole or not).
(10) Extra coherency data may be useful in making backups [Andreas Dilger].
(No particular data were offered, but things like last backup
timestamp, the data version number and the DOS archive bit would come
into this category).
(11) Allow the filesystem to indicate what it can/cannot provide: A
filesystem can now say it doesn't support a standard stat feature if
that isn't available, so if, for instance, inode numbers or UIDs don't
exist or are fabricated locally...
(This requires a separate system call - I have an fsinfo() call idea
for this).
(12) Store a 16-byte volume ID in the superblock that can be returned in
struct xstat [Steve French].
(Deferred to fsinfo).
(13) Include granularity fields in the time data to indicate the
granularity of each of the times (NFSv4 time_delta) [Steve French].
(Deferred to fsinfo).
(14) FS_IOC_GETFLAGS value. These could be translated to BSD's st_flags.
Note that the Linux IOC flags are a mess and filesystems such as Ext4
define flags that aren't in linux/fs.h, so translation in the kernel
may be a necessity (or, possibly, we provide the filesystem type too).
(Some attributes are made available in stx_attributes, but the general
feeling was that the IOC flags were to ext[234]-specific and shouldn't
be exposed through statx this way).
(15) Mask of features available on file (eg: ACLs, seclabel) [Brad Boyer,
Michael Kerrisk].
(Deferred, probably to fsinfo. Finding out if there's an ACL or
seclabal might require extra filesystem operations).
(16) Femtosecond-resolution timestamps [Dave Chinner].
(A __reserved field has been left in the statx_timestamp struct for
this - if there proves to be a need).
(17) A set multiple attributes syscall to go with this.
===============
NEW SYSTEM CALL
===============
The new system call is:
int ret = statx(int dfd,
const char *filename,
unsigned int flags,
unsigned int mask,
struct statx *buffer);
The dfd, filename and flags parameters indicate the file to query, in a
similar way to fstatat(). There is no equivalent of lstat() as that can be
emulated with statx() by passing AT_SYMLINK_NOFOLLOW in flags. There is
also no equivalent of fstat() as that can be emulated by passing a NULL
filename to statx() with the fd of interest in dfd.
Whether or not statx() synchronises the attributes with the backing store
can be controlled by OR'ing a value into the flags argument (this typically
only affects network filesystems):
(1) AT_STATX_SYNC_AS_STAT tells statx() to behave as stat() does in this
respect.
(2) AT_STATX_FORCE_SYNC will require a network filesystem to synchronise
its attributes with the server - which might require data writeback to
occur to get the timestamps correct.
(3) AT_STATX_DONT_SYNC will suppress synchronisation with the server in a
network filesystem. The resulting values should be considered
approximate.
mask is a bitmask indicating the fields in struct statx that are of
interest to the caller. The user should set this to STATX_BASIC_STATS to
get the basic set returned by stat(). It should be noted that asking for
more information may entail extra I/O operations.
buffer points to the destination for the data. This must be 256 bytes in
size.
======================
MAIN ATTRIBUTES RECORD
======================
The following structures are defined in which to return the main attribute
set:
struct statx_timestamp {
__s64 tv_sec;
__s32 tv_nsec;
__s32 __reserved;
};
struct statx {
__u32 stx_mask;
__u32 stx_blksize;
__u64 stx_attributes;
__u32 stx_nlink;
__u32 stx_uid;
__u32 stx_gid;
__u16 stx_mode;
__u16 __spare0[1];
__u64 stx_ino;
__u64 stx_size;
__u64 stx_blocks;
__u64 __spare1[1];
struct statx_timestamp stx_atime;
struct statx_timestamp stx_btime;
struct statx_timestamp stx_ctime;
struct statx_timestamp stx_mtime;
__u32 stx_rdev_major;
__u32 stx_rdev_minor;
__u32 stx_dev_major;
__u32 stx_dev_minor;
__u64 __spare2[14];
};
The defined bits in request_mask and stx_mask are:
STATX_TYPE Want/got stx_mode & S_IFMT
STATX_MODE Want/got stx_mode & ~S_IFMT
STATX_NLINK Want/got stx_nlink
STATX_UID Want/got stx_uid
STATX_GID Want/got stx_gid
STATX_ATIME Want/got stx_atime{,_ns}
STATX_MTIME Want/got stx_mtime{,_ns}
STATX_CTIME Want/got stx_ctime{,_ns}
STATX_INO Want/got stx_ino
STATX_SIZE Want/got stx_size
STATX_BLOCKS Want/got stx_blocks
STATX_BASIC_STATS [The stuff in the normal stat struct]
STATX_BTIME Want/got stx_btime{,_ns}
STATX_ALL [All currently available stuff]
stx_btime is the file creation time, stx_mask is a bitmask indicating the
data provided and __spares*[] are where as-yet undefined fields can be
placed.
Time fields are structures with separate seconds and nanoseconds fields
plus a reserved field in case we want to add even finer resolution. Note
that times will be negative if before 1970; in such a case, the nanosecond
fields will also be negative if not zero.
The bits defined in the stx_attributes field convey information about a
file, how it is accessed, where it is and what it does. The following
attributes map to FS_*_FL flags and are the same numerical value:
STATX_ATTR_COMPRESSED File is compressed by the fs
STATX_ATTR_IMMUTABLE File is marked immutable
STATX_ATTR_APPEND File is append-only
STATX_ATTR_NODUMP File is not to be dumped
STATX_ATTR_ENCRYPTED File requires key to decrypt in fs
Within the kernel, the supported flags are listed by:
KSTAT_ATTR_FS_IOC_FLAGS
[Are any other IOC flags of sufficient general interest to be exposed
through this interface?]
New flags include:
STATX_ATTR_AUTOMOUNT Object is an automount trigger
These are for the use of GUI tools that might want to mark files specially,
depending on what they are.
Fields in struct statx come in a number of classes:
(0) stx_dev_*, stx_blksize.
These are local system information and are always available.
(1) stx_mode, stx_nlinks, stx_uid, stx_gid, stx_[amc]time, stx_ino,
stx_size, stx_blocks.
These will be returned whether the caller asks for them or not. The
corresponding bits in stx_mask will be set to indicate whether they
actually have valid values.
If the caller didn't ask for them, then they may be approximated. For
example, NFS won't waste any time updating them from the server,
unless as a byproduct of updating something requested.
If the values don't actually exist for the underlying object (such as
UID or GID on a DOS file), then the bit won't be set in the stx_mask,
even if the caller asked for the value. In such a case, the returned
value will be a fabrication.
Note that there are instances where the type might not be valid, for
instance Windows reparse points.
(2) stx_rdev_*.
This will be set only if stx_mode indicates we're looking at a
blockdev or a chardev, otherwise will be 0.
(3) stx_btime.
Similar to (1), except this will be set to 0 if it doesn't exist.
=======
TESTING
=======
The following test program can be used to test the statx system call:
samples/statx/test-statx.c
Just compile and run, passing it paths to the files you want to examine.
The file is built automatically if CONFIG_SAMPLES is enabled.
Here's some example output. Firstly, an NFS directory that crosses to
another FSID. Note that the AUTOMOUNT attribute is set because transiting
this directory will cause d_automount to be invoked by the VFS.
[root@andromeda ~]# /tmp/test-statx -A /warthog/data
statx(/warthog/data) = 0
results=7ff
Size: 4096 Blocks: 8 IO Block: 1048576 directory
Device: 00:26 Inode: 1703937 Links: 125
Access: (3777/drwxrwxrwx) Uid: 0 Gid: 4041
Access: 2016-11-24 09:02:12.219699527+0000
Modify: 2016-11-17 10:44:36.225653653+0000
Change: 2016-11-17 10:44:36.225653653+0000
Attributes: 0000000000001000 (-------- -------- -------- -------- -------- -------- ---m---- --------)
Secondly, the result of automounting on that directory.
[root@andromeda ~]# /tmp/test-statx /warthog/data
statx(/warthog/data) = 0
results=7ff
Size: 4096 Blocks: 8 IO Block: 1048576 directory
Device: 00:27 Inode: 2 Links: 125
Access: (3777/drwxrwxrwx) Uid: 0 Gid: 4041
Access: 2016-11-24 09:02:12.219699527+0000
Modify: 2016-11-17 10:44:36.225653653+0000
Change: 2016-11-17 10:44:36.225653653+0000
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2017-01-31 16:46:22 +00:00
|
|
|
int afs_getattr(const struct path *path, struct kstat *stat,
|
|
|
|
u32 request_mask, unsigned int query_flags)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
statx: Add a system call to make enhanced file info available
Add a system call to make extended file information available, including
file creation and some attribute flags where available through the
underlying filesystem.
The getattr inode operation is altered to take two additional arguments: a
u32 request_mask and an unsigned int flags that indicate the
synchronisation mode. This change is propagated to the vfs_getattr*()
function.
Functions like vfs_stat() are now inline wrappers around new functions
vfs_statx() and vfs_statx_fd() to reduce stack usage.
========
OVERVIEW
========
The idea was initially proposed as a set of xattrs that could be retrieved
with getxattr(), but the general preference proved to be for a new syscall
with an extended stat structure.
A number of requests were gathered for features to be included. The
following have been included:
(1) Make the fields a consistent size on all arches and make them large.
(2) Spare space, request flags and information flags are provided for
future expansion.
(3) Better support for the y2038 problem [Arnd Bergmann] (tv_sec is an
__s64).
(4) Creation time: The SMB protocol carries the creation time, which could
be exported by Samba, which will in turn help CIFS make use of
FS-Cache as that can be used for coherency data (stx_btime).
This is also specified in NFSv4 as a recommended attribute and could
be exported by NFSD [Steve French].
(5) Lightweight stat: Ask for just those details of interest, and allow a
netfs (such as NFS) to approximate anything not of interest, possibly
without going to the server [Trond Myklebust, Ulrich Drepper, Andreas
Dilger] (AT_STATX_DONT_SYNC).
(6) Heavyweight stat: Force a netfs to go to the server, even if it thinks
its cached attributes are up to date [Trond Myklebust]
(AT_STATX_FORCE_SYNC).
And the following have been left out for future extension:
(7) Data version number: Could be used by userspace NFS servers [Aneesh
Kumar].
Can also be used to modify fill_post_wcc() in NFSD which retrieves
i_version directly, but has just called vfs_getattr(). It could get
it from the kstat struct if it used vfs_xgetattr() instead.
(There's disagreement on the exact semantics of a single field, since
not all filesystems do this the same way).
(8) BSD stat compatibility: Including more fields from the BSD stat such
as creation time (st_btime) and inode generation number (st_gen)
[Jeremy Allison, Bernd Schubert].
(9) Inode generation number: Useful for FUSE and userspace NFS servers
[Bernd Schubert].
(This was asked for but later deemed unnecessary with the
open-by-handle capability available and caused disagreement as to
whether it's a security hole or not).
(10) Extra coherency data may be useful in making backups [Andreas Dilger].
(No particular data were offered, but things like last backup
timestamp, the data version number and the DOS archive bit would come
into this category).
(11) Allow the filesystem to indicate what it can/cannot provide: A
filesystem can now say it doesn't support a standard stat feature if
that isn't available, so if, for instance, inode numbers or UIDs don't
exist or are fabricated locally...
(This requires a separate system call - I have an fsinfo() call idea
for this).
(12) Store a 16-byte volume ID in the superblock that can be returned in
struct xstat [Steve French].
(Deferred to fsinfo).
(13) Include granularity fields in the time data to indicate the
granularity of each of the times (NFSv4 time_delta) [Steve French].
(Deferred to fsinfo).
(14) FS_IOC_GETFLAGS value. These could be translated to BSD's st_flags.
Note that the Linux IOC flags are a mess and filesystems such as Ext4
define flags that aren't in linux/fs.h, so translation in the kernel
may be a necessity (or, possibly, we provide the filesystem type too).
(Some attributes are made available in stx_attributes, but the general
feeling was that the IOC flags were to ext[234]-specific and shouldn't
be exposed through statx this way).
(15) Mask of features available on file (eg: ACLs, seclabel) [Brad Boyer,
Michael Kerrisk].
(Deferred, probably to fsinfo. Finding out if there's an ACL or
seclabal might require extra filesystem operations).
(16) Femtosecond-resolution timestamps [Dave Chinner].
(A __reserved field has been left in the statx_timestamp struct for
this - if there proves to be a need).
(17) A set multiple attributes syscall to go with this.
===============
NEW SYSTEM CALL
===============
The new system call is:
int ret = statx(int dfd,
const char *filename,
unsigned int flags,
unsigned int mask,
struct statx *buffer);
The dfd, filename and flags parameters indicate the file to query, in a
similar way to fstatat(). There is no equivalent of lstat() as that can be
emulated with statx() by passing AT_SYMLINK_NOFOLLOW in flags. There is
also no equivalent of fstat() as that can be emulated by passing a NULL
filename to statx() with the fd of interest in dfd.
Whether or not statx() synchronises the attributes with the backing store
can be controlled by OR'ing a value into the flags argument (this typically
only affects network filesystems):
(1) AT_STATX_SYNC_AS_STAT tells statx() to behave as stat() does in this
respect.
(2) AT_STATX_FORCE_SYNC will require a network filesystem to synchronise
its attributes with the server - which might require data writeback to
occur to get the timestamps correct.
(3) AT_STATX_DONT_SYNC will suppress synchronisation with the server in a
network filesystem. The resulting values should be considered
approximate.
mask is a bitmask indicating the fields in struct statx that are of
interest to the caller. The user should set this to STATX_BASIC_STATS to
get the basic set returned by stat(). It should be noted that asking for
more information may entail extra I/O operations.
buffer points to the destination for the data. This must be 256 bytes in
size.
======================
MAIN ATTRIBUTES RECORD
======================
The following structures are defined in which to return the main attribute
set:
struct statx_timestamp {
__s64 tv_sec;
__s32 tv_nsec;
__s32 __reserved;
};
struct statx {
__u32 stx_mask;
__u32 stx_blksize;
__u64 stx_attributes;
__u32 stx_nlink;
__u32 stx_uid;
__u32 stx_gid;
__u16 stx_mode;
__u16 __spare0[1];
__u64 stx_ino;
__u64 stx_size;
__u64 stx_blocks;
__u64 __spare1[1];
struct statx_timestamp stx_atime;
struct statx_timestamp stx_btime;
struct statx_timestamp stx_ctime;
struct statx_timestamp stx_mtime;
__u32 stx_rdev_major;
__u32 stx_rdev_minor;
__u32 stx_dev_major;
__u32 stx_dev_minor;
__u64 __spare2[14];
};
The defined bits in request_mask and stx_mask are:
STATX_TYPE Want/got stx_mode & S_IFMT
STATX_MODE Want/got stx_mode & ~S_IFMT
STATX_NLINK Want/got stx_nlink
STATX_UID Want/got stx_uid
STATX_GID Want/got stx_gid
STATX_ATIME Want/got stx_atime{,_ns}
STATX_MTIME Want/got stx_mtime{,_ns}
STATX_CTIME Want/got stx_ctime{,_ns}
STATX_INO Want/got stx_ino
STATX_SIZE Want/got stx_size
STATX_BLOCKS Want/got stx_blocks
STATX_BASIC_STATS [The stuff in the normal stat struct]
STATX_BTIME Want/got stx_btime{,_ns}
STATX_ALL [All currently available stuff]
stx_btime is the file creation time, stx_mask is a bitmask indicating the
data provided and __spares*[] are where as-yet undefined fields can be
placed.
Time fields are structures with separate seconds and nanoseconds fields
plus a reserved field in case we want to add even finer resolution. Note
that times will be negative if before 1970; in such a case, the nanosecond
fields will also be negative if not zero.
The bits defined in the stx_attributes field convey information about a
file, how it is accessed, where it is and what it does. The following
attributes map to FS_*_FL flags and are the same numerical value:
STATX_ATTR_COMPRESSED File is compressed by the fs
STATX_ATTR_IMMUTABLE File is marked immutable
STATX_ATTR_APPEND File is append-only
STATX_ATTR_NODUMP File is not to be dumped
STATX_ATTR_ENCRYPTED File requires key to decrypt in fs
Within the kernel, the supported flags are listed by:
KSTAT_ATTR_FS_IOC_FLAGS
[Are any other IOC flags of sufficient general interest to be exposed
through this interface?]
New flags include:
STATX_ATTR_AUTOMOUNT Object is an automount trigger
These are for the use of GUI tools that might want to mark files specially,
depending on what they are.
Fields in struct statx come in a number of classes:
(0) stx_dev_*, stx_blksize.
These are local system information and are always available.
(1) stx_mode, stx_nlinks, stx_uid, stx_gid, stx_[amc]time, stx_ino,
stx_size, stx_blocks.
These will be returned whether the caller asks for them or not. The
corresponding bits in stx_mask will be set to indicate whether they
actually have valid values.
If the caller didn't ask for them, then they may be approximated. For
example, NFS won't waste any time updating them from the server,
unless as a byproduct of updating something requested.
If the values don't actually exist for the underlying object (such as
UID or GID on a DOS file), then the bit won't be set in the stx_mask,
even if the caller asked for the value. In such a case, the returned
value will be a fabrication.
Note that there are instances where the type might not be valid, for
instance Windows reparse points.
(2) stx_rdev_*.
This will be set only if stx_mode indicates we're looking at a
blockdev or a chardev, otherwise will be 0.
(3) stx_btime.
Similar to (1), except this will be set to 0 if it doesn't exist.
=======
TESTING
=======
The following test program can be used to test the statx system call:
samples/statx/test-statx.c
Just compile and run, passing it paths to the files you want to examine.
The file is built automatically if CONFIG_SAMPLES is enabled.
Here's some example output. Firstly, an NFS directory that crosses to
another FSID. Note that the AUTOMOUNT attribute is set because transiting
this directory will cause d_automount to be invoked by the VFS.
[root@andromeda ~]# /tmp/test-statx -A /warthog/data
statx(/warthog/data) = 0
results=7ff
Size: 4096 Blocks: 8 IO Block: 1048576 directory
Device: 00:26 Inode: 1703937 Links: 125
Access: (3777/drwxrwxrwx) Uid: 0 Gid: 4041
Access: 2016-11-24 09:02:12.219699527+0000
Modify: 2016-11-17 10:44:36.225653653+0000
Change: 2016-11-17 10:44:36.225653653+0000
Attributes: 0000000000001000 (-------- -------- -------- -------- -------- -------- ---m---- --------)
Secondly, the result of automounting on that directory.
[root@andromeda ~]# /tmp/test-statx /warthog/data
statx(/warthog/data) = 0
results=7ff
Size: 4096 Blocks: 8 IO Block: 1048576 directory
Device: 00:27 Inode: 2 Links: 125
Access: (3777/drwxrwxrwx) Uid: 0 Gid: 4041
Access: 2016-11-24 09:02:12.219699527+0000
Modify: 2016-11-17 10:44:36.225653653+0000
Change: 2016-11-17 10:44:36.225653653+0000
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2017-01-31 16:46:22 +00:00
|
|
|
struct inode *inode = d_inode(path->dentry);
|
2017-11-02 15:27:49 +00:00
|
|
|
struct afs_vnode *vnode = AFS_FS_I(inode);
|
|
|
|
int seq = 0;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2011-06-13 23:45:44 +00:00
|
|
|
_enter("{ ino=%lu v=%u }", inode->i_ino, inode->i_generation);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2017-11-02 15:27:49 +00:00
|
|
|
do {
|
|
|
|
read_seqbegin_or_lock(&vnode->cb_lock, &seq);
|
|
|
|
generic_fillattr(inode, stat);
|
|
|
|
} while (need_seqretry(&vnode->cb_lock, seq));
|
|
|
|
|
|
|
|
done_seqretry(&vnode->cb_lock, seq);
|
2005-04-16 22:20:36 +00:00
|
|
|
return 0;
|
2007-04-26 22:49:28 +00:00
|
|
|
}
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2010-08-11 08:38:04 +00:00
|
|
|
/*
|
|
|
|
* discard an AFS inode
|
|
|
|
*/
|
|
|
|
int afs_drop_inode(struct inode *inode)
|
|
|
|
{
|
|
|
|
_enter("");
|
|
|
|
|
|
|
|
if (test_bit(AFS_VNODE_PSEUDODIR, &AFS_FS_I(inode)->flags))
|
|
|
|
return generic_delete_inode(inode);
|
|
|
|
else
|
|
|
|
return generic_drop_inode(inode);
|
|
|
|
}
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
/*
|
|
|
|
* clear an AFS inode
|
|
|
|
*/
|
2010-06-07 18:34:48 +00:00
|
|
|
void afs_evict_inode(struct inode *inode)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
|
|
|
struct afs_vnode *vnode;
|
|
|
|
|
|
|
|
vnode = AFS_FS_I(inode);
|
|
|
|
|
2018-10-19 23:57:57 +00:00
|
|
|
_enter("{%llx:%llu.%d}",
|
2007-04-26 22:59:35 +00:00
|
|
|
vnode->fid.vid,
|
2005-04-16 22:20:36 +00:00
|
|
|
vnode->fid.vnode,
|
2017-11-02 15:27:49 +00:00
|
|
|
vnode->fid.unique);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2007-04-26 22:55:03 +00:00
|
|
|
_debug("CLEAR INODE %p", inode);
|
|
|
|
|
|
|
|
ASSERTCMP(inode->i_ino, ==, vnode->fid.vnode);
|
|
|
|
|
2014-04-03 21:47:49 +00:00
|
|
|
truncate_inode_pages_final(&inode->i_data);
|
2012-05-03 12:48:02 +00:00
|
|
|
clear_inode(inode);
|
2010-06-07 18:34:48 +00:00
|
|
|
|
2017-11-02 15:27:49 +00:00
|
|
|
if (vnode->cb_interest) {
|
|
|
|
afs_put_cb_interest(afs_i2net(inode), vnode->cb_interest);
|
|
|
|
vnode->cb_interest = NULL;
|
2007-04-26 22:55:03 +00:00
|
|
|
}
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2017-11-02 15:27:52 +00:00
|
|
|
while (!list_empty(&vnode->wb_keys)) {
|
|
|
|
struct afs_wb_key *wbk = list_entry(vnode->wb_keys.next,
|
|
|
|
struct afs_wb_key, vnode_link);
|
|
|
|
list_del(&wbk->vnode_link);
|
|
|
|
afs_put_wb_key(wbk);
|
|
|
|
}
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2009-04-03 15:42:41 +00:00
|
|
|
#ifdef CONFIG_AFS_FSCACHE
|
2018-04-04 12:41:28 +00:00
|
|
|
{
|
|
|
|
struct afs_vnode_cache_aux aux;
|
|
|
|
|
|
|
|
aux.data_version = vnode->status.data_version;
|
|
|
|
fscache_relinquish_cookie(vnode->cache, &aux,
|
|
|
|
test_bit(AFS_VNODE_DELETED, &vnode->flags));
|
|
|
|
vnode->cache = NULL;
|
|
|
|
}
|
2005-04-16 22:20:36 +00:00
|
|
|
#endif
|
|
|
|
|
2019-05-15 11:09:17 +00:00
|
|
|
afs_prune_wb_keys(vnode);
|
2018-04-09 20:12:31 +00:00
|
|
|
afs_put_permits(rcu_access_pointer(vnode->permit_cache));
|
2019-04-25 13:26:51 +00:00
|
|
|
key_put(vnode->silly_key);
|
|
|
|
vnode->silly_key = NULL;
|
2019-01-09 17:23:54 +00:00
|
|
|
key_put(vnode->lock_key);
|
|
|
|
vnode->lock_key = NULL;
|
2005-04-16 22:20:36 +00:00
|
|
|
_leave("");
|
2007-04-26 22:49:28 +00:00
|
|
|
}
|
AFS: implement basic file write support
Implement support for writing to regular AFS files, including:
(1) write
(2) truncate
(3) fsync, fdatasync
(4) chmod, chown, chgrp, utime.
AFS writeback attempts to batch writes into as chunks as large as it can manage
up to the point that it writes back 65535 pages in one chunk or it meets a
locked page.
Furthermore, if a page has been written to using a particular key, then should
another write to that page use some other key, the first write will be flushed
before the second is allowed to take place. If the first write fails due to a
security error, then the page will be scrapped and reread before the second
write takes place.
If a page is dirty and the callback on it is broken by the server, then the
dirty data is not discarded (same behaviour as NFS).
Shared-writable mappings are not supported by this patch.
[akpm@linux-foundation.org: fix a bunch of warnings]
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-05-09 09:33:46 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* set the attributes of an inode
|
|
|
|
*/
|
|
|
|
int afs_setattr(struct dentry *dentry, struct iattr *attr)
|
|
|
|
{
|
afs: Overhaul volume and server record caching and fileserver rotation
The current code assumes that volumes and servers are per-cell and are
never shared, but this is not enforced, and, indeed, public cells do exist
that are aliases of each other. Further, an organisation can, say, set up
a public cell and a private cell with overlapping, but not identical, sets
of servers. The difference is purely in the database attached to the VL
servers.
The current code will malfunction if it sees a server in two cells as it
assumes global address -> server record mappings and that each server is in
just one cell.
Further, each server may have multiple addresses - and may have addresses
of different families (IPv4 and IPv6, say).
To this end, the following structural changes are made:
(1) Server record management is overhauled:
(a) Server records are made independent of cell. The namespace keeps
track of them, volume records have lists of them and each vnode
has a server on which its callback interest currently resides.
(b) The cell record no longer keeps a list of servers known to be in
that cell.
(c) The server records are now kept in a flat list because there's no
single address to sort on.
(d) Server records are now keyed by their UUID within the namespace.
(e) The addresses for a server are obtained with the VL.GetAddrsU
rather than with VL.GetEntryByName, using the server's UUID as a
parameter.
(f) Cached server records are garbage collected after a period of
non-use and are counted out of existence before purging is allowed
to complete. This protects the work functions against rmmod.
(g) The servers list is now in /proc/fs/afs/servers.
(2) Volume record management is overhauled:
(a) An RCU-replaceable server list is introduced. This tracks both
servers and their coresponding callback interests.
(b) The superblock is now keyed on cell record and numeric volume ID.
(c) The volume record is now tied to the superblock which mounts it,
and is activated when mounted and deactivated when unmounted.
This makes it easier to handle the cache cookie without causing a
double-use in fscache.
(d) The volume record is loaded from the VLDB using VL.GetEntryByNameU
to get the server UUID list.
(e) The volume name is updated if it is seen to have changed when the
volume is updated (the update is keyed on the volume ID).
(3) The vlocation record is got rid of and VLDB records are no longer
cached. Sufficient information is stored in the volume record, though
an update to a volume record is now no longer shared between related
volumes (volumes come in bundles of three: R/W, R/O and backup).
and the following procedural changes are made:
(1) The fileserver cursor introduced previously is now fleshed out and
used to iterate over fileservers and their addresses.
(2) Volume status is checked during iteration, and the server list is
replaced if a change is detected.
(3) Server status is checked during iteration, and the address list is
replaced if a change is detected.
(4) The abort code is saved into the address list cursor and -ECONNABORTED
returned in afs_make_call() if a remote abort happened rather than
translating the abort into an error message. This allows actions to
be taken depending on the abort code more easily.
(a) If a VMOVED abort is seen then this is handled by rechecking the
volume and restarting the iteration.
(b) If a VBUSY, VRESTARTING or VSALVAGING abort is seen then this is
handled by sleeping for a short period and retrying and/or trying
other servers that might serve that volume. A message is also
displayed once until the condition has cleared.
(c) If a VOFFLINE abort is seen, then this is handled as VBUSY for the
moment.
(d) If a VNOVOL abort is seen, the volume is rechecked in the VLDB to
see if it has been deleted; if not, the fileserver is probably
indicating that the volume couldn't be attached and needs
salvaging.
(e) If statfs() sees one of these aborts, it does not sleep, but
rather returns an error, so as not to block the umount program.
(5) The fileserver iteration functions in vnode.c are now merged into
their callers and more heavily macroised around the cursor. vnode.c
is removed.
(6) Operations on a particular vnode are serialised on that vnode because
the server will lock that vnode whilst it operates on it, so a second
op sent will just have to wait.
(7) Fileservers are probed with FS.GetCapabilities before being used.
This is where service upgrade will be done.
(8) A callback interest on a fileserver is set up before an FS operation
is performed and passed through to afs_make_call() so that it can be
set on the vnode if the operation returns a callback. The callback
interest is passed through to afs_iget() also so that it can be set
there too.
In general, record updating is done on an as-needed basis when we try to
access servers, volumes or vnodes rather than offloading it to work items
and special threads.
Notes:
(1) Pre AFS-3.4 servers are no longer supported, though this can be added
back if necessary (AFS-3.4 was released in 1998).
(2) VBUSY is retried forever for the moment at intervals of 1s.
(3) /proc/fs/afs/<cell>/servers no longer exists.
Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-02 15:27:50 +00:00
|
|
|
struct afs_fs_cursor fc;
|
2015-03-17 22:25:59 +00:00
|
|
|
struct afs_vnode *vnode = AFS_FS_I(d_inode(dentry));
|
AFS: implement basic file write support
Implement support for writing to regular AFS files, including:
(1) write
(2) truncate
(3) fsync, fdatasync
(4) chmod, chown, chgrp, utime.
AFS writeback attempts to batch writes into as chunks as large as it can manage
up to the point that it writes back 65535 pages in one chunk or it meets a
locked page.
Furthermore, if a page has been written to using a particular key, then should
another write to that page use some other key, the first write will be flushed
before the second is allowed to take place. If the first write fails due to a
security error, then the page will be scrapped and reread before the second
write takes place.
If a page is dirty and the callback on it is broken by the server, then the
dirty data is not discarded (same behaviour as NFS).
Shared-writable mappings are not supported by this patch.
[akpm@linux-foundation.org: fix a bunch of warnings]
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-05-09 09:33:46 +00:00
|
|
|
struct key *key;
|
|
|
|
int ret;
|
|
|
|
|
2018-10-19 23:57:57 +00:00
|
|
|
_enter("{%llx:%llu},{n=%pd},%x",
|
2014-10-22 00:11:25 +00:00
|
|
|
vnode->fid.vid, vnode->fid.vnode, dentry,
|
AFS: implement basic file write support
Implement support for writing to regular AFS files, including:
(1) write
(2) truncate
(3) fsync, fdatasync
(4) chmod, chown, chgrp, utime.
AFS writeback attempts to batch writes into as chunks as large as it can manage
up to the point that it writes back 65535 pages in one chunk or it meets a
locked page.
Furthermore, if a page has been written to using a particular key, then should
another write to that page use some other key, the first write will be flushed
before the second is allowed to take place. If the first write fails due to a
security error, then the page will be scrapped and reread before the second
write takes place.
If a page is dirty and the callback on it is broken by the server, then the
dirty data is not discarded (same behaviour as NFS).
Shared-writable mappings are not supported by this patch.
[akpm@linux-foundation.org: fix a bunch of warnings]
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-05-09 09:33:46 +00:00
|
|
|
attr->ia_valid);
|
|
|
|
|
|
|
|
if (!(attr->ia_valid & (ATTR_SIZE | ATTR_MODE | ATTR_UID | ATTR_GID |
|
|
|
|
ATTR_MTIME))) {
|
|
|
|
_leave(" = 0 [unsupported]");
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* flush any dirty data outstanding on a regular file */
|
2017-11-02 15:27:52 +00:00
|
|
|
if (S_ISREG(vnode->vfs_inode.i_mode))
|
AFS: implement basic file write support
Implement support for writing to regular AFS files, including:
(1) write
(2) truncate
(3) fsync, fdatasync
(4) chmod, chown, chgrp, utime.
AFS writeback attempts to batch writes into as chunks as large as it can manage
up to the point that it writes back 65535 pages in one chunk or it meets a
locked page.
Furthermore, if a page has been written to using a particular key, then should
another write to that page use some other key, the first write will be flushed
before the second is allowed to take place. If the first write fails due to a
security error, then the page will be scrapped and reread before the second
write takes place.
If a page is dirty and the callback on it is broken by the server, then the
dirty data is not discarded (same behaviour as NFS).
Shared-writable mappings are not supported by this patch.
[akpm@linux-foundation.org: fix a bunch of warnings]
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-05-09 09:33:46 +00:00
|
|
|
filemap_write_and_wait(vnode->vfs_inode.i_mapping);
|
|
|
|
|
|
|
|
if (attr->ia_valid & ATTR_FILE) {
|
2017-11-02 15:27:52 +00:00
|
|
|
key = afs_file_key(attr->ia_file);
|
AFS: implement basic file write support
Implement support for writing to regular AFS files, including:
(1) write
(2) truncate
(3) fsync, fdatasync
(4) chmod, chown, chgrp, utime.
AFS writeback attempts to batch writes into as chunks as large as it can manage
up to the point that it writes back 65535 pages in one chunk or it meets a
locked page.
Furthermore, if a page has been written to using a particular key, then should
another write to that page use some other key, the first write will be flushed
before the second is allowed to take place. If the first write fails due to a
security error, then the page will be scrapped and reread before the second
write takes place.
If a page is dirty and the callback on it is broken by the server, then the
dirty data is not discarded (same behaviour as NFS).
Shared-writable mappings are not supported by this patch.
[akpm@linux-foundation.org: fix a bunch of warnings]
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-05-09 09:33:46 +00:00
|
|
|
} else {
|
|
|
|
key = afs_request_key(vnode->volume->cell);
|
|
|
|
if (IS_ERR(key)) {
|
|
|
|
ret = PTR_ERR(key);
|
|
|
|
goto error;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
afs: Overhaul volume and server record caching and fileserver rotation
The current code assumes that volumes and servers are per-cell and are
never shared, but this is not enforced, and, indeed, public cells do exist
that are aliases of each other. Further, an organisation can, say, set up
a public cell and a private cell with overlapping, but not identical, sets
of servers. The difference is purely in the database attached to the VL
servers.
The current code will malfunction if it sees a server in two cells as it
assumes global address -> server record mappings and that each server is in
just one cell.
Further, each server may have multiple addresses - and may have addresses
of different families (IPv4 and IPv6, say).
To this end, the following structural changes are made:
(1) Server record management is overhauled:
(a) Server records are made independent of cell. The namespace keeps
track of them, volume records have lists of them and each vnode
has a server on which its callback interest currently resides.
(b) The cell record no longer keeps a list of servers known to be in
that cell.
(c) The server records are now kept in a flat list because there's no
single address to sort on.
(d) Server records are now keyed by their UUID within the namespace.
(e) The addresses for a server are obtained with the VL.GetAddrsU
rather than with VL.GetEntryByName, using the server's UUID as a
parameter.
(f) Cached server records are garbage collected after a period of
non-use and are counted out of existence before purging is allowed
to complete. This protects the work functions against rmmod.
(g) The servers list is now in /proc/fs/afs/servers.
(2) Volume record management is overhauled:
(a) An RCU-replaceable server list is introduced. This tracks both
servers and their coresponding callback interests.
(b) The superblock is now keyed on cell record and numeric volume ID.
(c) The volume record is now tied to the superblock which mounts it,
and is activated when mounted and deactivated when unmounted.
This makes it easier to handle the cache cookie without causing a
double-use in fscache.
(d) The volume record is loaded from the VLDB using VL.GetEntryByNameU
to get the server UUID list.
(e) The volume name is updated if it is seen to have changed when the
volume is updated (the update is keyed on the volume ID).
(3) The vlocation record is got rid of and VLDB records are no longer
cached. Sufficient information is stored in the volume record, though
an update to a volume record is now no longer shared between related
volumes (volumes come in bundles of three: R/W, R/O and backup).
and the following procedural changes are made:
(1) The fileserver cursor introduced previously is now fleshed out and
used to iterate over fileservers and their addresses.
(2) Volume status is checked during iteration, and the server list is
replaced if a change is detected.
(3) Server status is checked during iteration, and the address list is
replaced if a change is detected.
(4) The abort code is saved into the address list cursor and -ECONNABORTED
returned in afs_make_call() if a remote abort happened rather than
translating the abort into an error message. This allows actions to
be taken depending on the abort code more easily.
(a) If a VMOVED abort is seen then this is handled by rechecking the
volume and restarting the iteration.
(b) If a VBUSY, VRESTARTING or VSALVAGING abort is seen then this is
handled by sleeping for a short period and retrying and/or trying
other servers that might serve that volume. A message is also
displayed once until the condition has cleared.
(c) If a VOFFLINE abort is seen, then this is handled as VBUSY for the
moment.
(d) If a VNOVOL abort is seen, the volume is rechecked in the VLDB to
see if it has been deleted; if not, the fileserver is probably
indicating that the volume couldn't be attached and needs
salvaging.
(e) If statfs() sees one of these aborts, it does not sleep, but
rather returns an error, so as not to block the umount program.
(5) The fileserver iteration functions in vnode.c are now merged into
their callers and more heavily macroised around the cursor. vnode.c
is removed.
(6) Operations on a particular vnode are serialised on that vnode because
the server will lock that vnode whilst it operates on it, so a second
op sent will just have to wait.
(7) Fileservers are probed with FS.GetCapabilities before being used.
This is where service upgrade will be done.
(8) A callback interest on a fileserver is set up before an FS operation
is performed and passed through to afs_make_call() so that it can be
set on the vnode if the operation returns a callback. The callback
interest is passed through to afs_iget() also so that it can be set
there too.
In general, record updating is done on an as-needed basis when we try to
access servers, volumes or vnodes rather than offloading it to work items
and special threads.
Notes:
(1) Pre AFS-3.4 servers are no longer supported, though this can be added
back if necessary (AFS-3.4 was released in 1998).
(2) VBUSY is retried forever for the moment at intervals of 1s.
(3) /proc/fs/afs/<cell>/servers no longer exists.
Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-02 15:27:50 +00:00
|
|
|
ret = -ERESTARTSYS;
|
afs: Make some RPC operations non-interruptible
Make certain RPC operations non-interruptible, including:
(*) Set attributes
(*) Store data
We don't want to get interrupted during a flush on close, flush on
unlock, writeback or an inode update, leaving us in a state where we
still need to do the writeback or update.
(*) Extend lock
(*) Release lock
We don't want to get lock extension interrupted as the file locks on
the server are time-limited. Interruption during lock release is less
of an issue since the lock is time-limited, but it's better to
complete the release to avoid a several-minute wait to recover it.
*Setting* the lock isn't a problem if it's interrupted since we can
just return to the user and tell them they were interrupted - at
which point they can elect to retry.
(*) Silly unlink
We want to remove silly unlink files if we can, rather than leaving
them for the salvager to clear up.
Note that whilst these calls are no longer interruptible, they do have
timeouts on them, so if the server stops responding the call will fail with
something like ETIME or ECONNRESET.
Without this, the following:
kAFS: Unexpected error from FS.StoreData -512
appears in dmesg when a pending store data gets interrupted and some
processes may just hang.
Additionally, make the code that checks/updates the server record ignore
failure due to interruption if the main call is uninterruptible and if the
server has an address list. The next op will check it again since the
expiration time on the old list has past.
Fixes: d2ddc776a458 ("afs: Overhaul volume and server record caching and fileserver rotation")
Reported-by: Jonathan Billings <jsbillings@jsbillings.org>
Reported-by: Marc Dionne <marc.dionne@auristor.com>
Signed-off-by: David Howells <dhowells@redhat.com>
2019-05-08 15:16:31 +00:00
|
|
|
if (afs_begin_vnode_operation(&fc, vnode, key, false)) {
|
afs: Overhaul volume and server record caching and fileserver rotation
The current code assumes that volumes and servers are per-cell and are
never shared, but this is not enforced, and, indeed, public cells do exist
that are aliases of each other. Further, an organisation can, say, set up
a public cell and a private cell with overlapping, but not identical, sets
of servers. The difference is purely in the database attached to the VL
servers.
The current code will malfunction if it sees a server in two cells as it
assumes global address -> server record mappings and that each server is in
just one cell.
Further, each server may have multiple addresses - and may have addresses
of different families (IPv4 and IPv6, say).
To this end, the following structural changes are made:
(1) Server record management is overhauled:
(a) Server records are made independent of cell. The namespace keeps
track of them, volume records have lists of them and each vnode
has a server on which its callback interest currently resides.
(b) The cell record no longer keeps a list of servers known to be in
that cell.
(c) The server records are now kept in a flat list because there's no
single address to sort on.
(d) Server records are now keyed by their UUID within the namespace.
(e) The addresses for a server are obtained with the VL.GetAddrsU
rather than with VL.GetEntryByName, using the server's UUID as a
parameter.
(f) Cached server records are garbage collected after a period of
non-use and are counted out of existence before purging is allowed
to complete. This protects the work functions against rmmod.
(g) The servers list is now in /proc/fs/afs/servers.
(2) Volume record management is overhauled:
(a) An RCU-replaceable server list is introduced. This tracks both
servers and their coresponding callback interests.
(b) The superblock is now keyed on cell record and numeric volume ID.
(c) The volume record is now tied to the superblock which mounts it,
and is activated when mounted and deactivated when unmounted.
This makes it easier to handle the cache cookie without causing a
double-use in fscache.
(d) The volume record is loaded from the VLDB using VL.GetEntryByNameU
to get the server UUID list.
(e) The volume name is updated if it is seen to have changed when the
volume is updated (the update is keyed on the volume ID).
(3) The vlocation record is got rid of and VLDB records are no longer
cached. Sufficient information is stored in the volume record, though
an update to a volume record is now no longer shared between related
volumes (volumes come in bundles of three: R/W, R/O and backup).
and the following procedural changes are made:
(1) The fileserver cursor introduced previously is now fleshed out and
used to iterate over fileservers and their addresses.
(2) Volume status is checked during iteration, and the server list is
replaced if a change is detected.
(3) Server status is checked during iteration, and the address list is
replaced if a change is detected.
(4) The abort code is saved into the address list cursor and -ECONNABORTED
returned in afs_make_call() if a remote abort happened rather than
translating the abort into an error message. This allows actions to
be taken depending on the abort code more easily.
(a) If a VMOVED abort is seen then this is handled by rechecking the
volume and restarting the iteration.
(b) If a VBUSY, VRESTARTING or VSALVAGING abort is seen then this is
handled by sleeping for a short period and retrying and/or trying
other servers that might serve that volume. A message is also
displayed once until the condition has cleared.
(c) If a VOFFLINE abort is seen, then this is handled as VBUSY for the
moment.
(d) If a VNOVOL abort is seen, the volume is rechecked in the VLDB to
see if it has been deleted; if not, the fileserver is probably
indicating that the volume couldn't be attached and needs
salvaging.
(e) If statfs() sees one of these aborts, it does not sleep, but
rather returns an error, so as not to block the umount program.
(5) The fileserver iteration functions in vnode.c are now merged into
their callers and more heavily macroised around the cursor. vnode.c
is removed.
(6) Operations on a particular vnode are serialised on that vnode because
the server will lock that vnode whilst it operates on it, so a second
op sent will just have to wait.
(7) Fileservers are probed with FS.GetCapabilities before being used.
This is where service upgrade will be done.
(8) A callback interest on a fileserver is set up before an FS operation
is performed and passed through to afs_make_call() so that it can be
set on the vnode if the operation returns a callback. The callback
interest is passed through to afs_iget() also so that it can be set
there too.
In general, record updating is done on an as-needed basis when we try to
access servers, volumes or vnodes rather than offloading it to work items
and special threads.
Notes:
(1) Pre AFS-3.4 servers are no longer supported, though this can be added
back if necessary (AFS-3.4 was released in 1998).
(2) VBUSY is retried forever for the moment at intervals of 1s.
(3) /proc/fs/afs/<cell>/servers no longer exists.
Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-02 15:27:50 +00:00
|
|
|
while (afs_select_fileserver(&fc)) {
|
2018-05-12 21:31:33 +00:00
|
|
|
fc.cb_break = afs_calc_vnode_cb_break(vnode);
|
afs: Overhaul volume and server record caching and fileserver rotation
The current code assumes that volumes and servers are per-cell and are
never shared, but this is not enforced, and, indeed, public cells do exist
that are aliases of each other. Further, an organisation can, say, set up
a public cell and a private cell with overlapping, but not identical, sets
of servers. The difference is purely in the database attached to the VL
servers.
The current code will malfunction if it sees a server in two cells as it
assumes global address -> server record mappings and that each server is in
just one cell.
Further, each server may have multiple addresses - and may have addresses
of different families (IPv4 and IPv6, say).
To this end, the following structural changes are made:
(1) Server record management is overhauled:
(a) Server records are made independent of cell. The namespace keeps
track of them, volume records have lists of them and each vnode
has a server on which its callback interest currently resides.
(b) The cell record no longer keeps a list of servers known to be in
that cell.
(c) The server records are now kept in a flat list because there's no
single address to sort on.
(d) Server records are now keyed by their UUID within the namespace.
(e) The addresses for a server are obtained with the VL.GetAddrsU
rather than with VL.GetEntryByName, using the server's UUID as a
parameter.
(f) Cached server records are garbage collected after a period of
non-use and are counted out of existence before purging is allowed
to complete. This protects the work functions against rmmod.
(g) The servers list is now in /proc/fs/afs/servers.
(2) Volume record management is overhauled:
(a) An RCU-replaceable server list is introduced. This tracks both
servers and their coresponding callback interests.
(b) The superblock is now keyed on cell record and numeric volume ID.
(c) The volume record is now tied to the superblock which mounts it,
and is activated when mounted and deactivated when unmounted.
This makes it easier to handle the cache cookie without causing a
double-use in fscache.
(d) The volume record is loaded from the VLDB using VL.GetEntryByNameU
to get the server UUID list.
(e) The volume name is updated if it is seen to have changed when the
volume is updated (the update is keyed on the volume ID).
(3) The vlocation record is got rid of and VLDB records are no longer
cached. Sufficient information is stored in the volume record, though
an update to a volume record is now no longer shared between related
volumes (volumes come in bundles of three: R/W, R/O and backup).
and the following procedural changes are made:
(1) The fileserver cursor introduced previously is now fleshed out and
used to iterate over fileservers and their addresses.
(2) Volume status is checked during iteration, and the server list is
replaced if a change is detected.
(3) Server status is checked during iteration, and the address list is
replaced if a change is detected.
(4) The abort code is saved into the address list cursor and -ECONNABORTED
returned in afs_make_call() if a remote abort happened rather than
translating the abort into an error message. This allows actions to
be taken depending on the abort code more easily.
(a) If a VMOVED abort is seen then this is handled by rechecking the
volume and restarting the iteration.
(b) If a VBUSY, VRESTARTING or VSALVAGING abort is seen then this is
handled by sleeping for a short period and retrying and/or trying
other servers that might serve that volume. A message is also
displayed once until the condition has cleared.
(c) If a VOFFLINE abort is seen, then this is handled as VBUSY for the
moment.
(d) If a VNOVOL abort is seen, the volume is rechecked in the VLDB to
see if it has been deleted; if not, the fileserver is probably
indicating that the volume couldn't be attached and needs
salvaging.
(e) If statfs() sees one of these aborts, it does not sleep, but
rather returns an error, so as not to block the umount program.
(5) The fileserver iteration functions in vnode.c are now merged into
their callers and more heavily macroised around the cursor. vnode.c
is removed.
(6) Operations on a particular vnode are serialised on that vnode because
the server will lock that vnode whilst it operates on it, so a second
op sent will just have to wait.
(7) Fileservers are probed with FS.GetCapabilities before being used.
This is where service upgrade will be done.
(8) A callback interest on a fileserver is set up before an FS operation
is performed and passed through to afs_make_call() so that it can be
set on the vnode if the operation returns a callback. The callback
interest is passed through to afs_iget() also so that it can be set
there too.
In general, record updating is done on an as-needed basis when we try to
access servers, volumes or vnodes rather than offloading it to work items
and special threads.
Notes:
(1) Pre AFS-3.4 servers are no longer supported, though this can be added
back if necessary (AFS-3.4 was released in 1998).
(2) VBUSY is retried forever for the moment at intervals of 1s.
(3) /proc/fs/afs/<cell>/servers no longer exists.
Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-02 15:27:50 +00:00
|
|
|
afs_fs_setattr(&fc, attr);
|
|
|
|
}
|
|
|
|
|
|
|
|
afs_check_for_remote_deletion(&fc, fc.vnode);
|
|
|
|
afs_vnode_commit_status(&fc, vnode, fc.cb_break);
|
|
|
|
ret = afs_end_vnode_operation(&fc);
|
|
|
|
}
|
|
|
|
|
AFS: implement basic file write support
Implement support for writing to regular AFS files, including:
(1) write
(2) truncate
(3) fsync, fdatasync
(4) chmod, chown, chgrp, utime.
AFS writeback attempts to batch writes into as chunks as large as it can manage
up to the point that it writes back 65535 pages in one chunk or it meets a
locked page.
Furthermore, if a page has been written to using a particular key, then should
another write to that page use some other key, the first write will be flushed
before the second is allowed to take place. If the first write fails due to a
security error, then the page will be scrapped and reread before the second
write takes place.
If a page is dirty and the callback on it is broken by the server, then the
dirty data is not discarded (same behaviour as NFS).
Shared-writable mappings are not supported by this patch.
[akpm@linux-foundation.org: fix a bunch of warnings]
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-05-09 09:33:46 +00:00
|
|
|
if (!(attr->ia_valid & ATTR_FILE))
|
|
|
|
key_put(key);
|
|
|
|
|
|
|
|
error:
|
|
|
|
_leave(" = %d", ret);
|
|
|
|
return ret;
|
|
|
|
}
|