1// SPDX-License-Identifier: GPL-2.0
2/*
3 * linux/fs/super.c
4 *
5 * Copyright (C) 1991, 1992 Linus Torvalds
6 *
7 * super.c contains code to handle: - mount structures
8 * - super-block tables
9 * - filesystem drivers list
10 * - mount system call
11 * - umount system call
12 * - ustat system call
13 *
14 * GK 2/5/95 - Changed to support mounting the root fs via NFS
15 *
16 * Added kerneld support: Jacques Gelinas and Bjorn Ekwall
17 * Added change_root: Werner Almesberger & Hans Lermen, Feb '96
18 * Added options to /proc/mounts:
19 * Torbjörn Lindh (torbjorn.lindh@gopta.se), April 14, 1996.
20 * Added devfs support: Richard Gooch <rgooch@atnf.csiro.au>, 13-JAN-1998
21 * Heavily rewritten for 'one fs - one tree' dcache architecture. AV, Mar 2000
22 */
23
24#include <linux/export.h>
25#include <linux/slab.h>
26#include <linux/blkdev.h>
27#include <linux/mount.h>
28#include <linux/security.h>
29#include <linux/writeback.h> /* for the emergency remount stuff */
30#include <linux/idr.h>
31#include <linux/mutex.h>
32#include <linux/backing-dev.h>
33#include <linux/rculist_bl.h>
34#include <linux/fscrypt.h>
35#include <linux/fsnotify.h>
36#include <linux/lockdep.h>
37#include <linux/user_namespace.h>
38#include <linux/fs_context.h>
39#include <uapi/linux/mount.h>
40#include "internal.h"
41
42static int thaw_super_locked(struct super_block *sb, enum freeze_holder who);
43
44static LIST_HEAD(super_blocks);
45static DEFINE_SPINLOCK(sb_lock);
46
47static char *sb_writers_name[SB_FREEZE_LEVELS] = {
48 "sb_writers",
49 "sb_pagefaults",
50 "sb_internal",
51};
52
53static inline void __super_lock(struct super_block *sb, bool excl)
54{
55 if (excl)
56 down_write(sem: &sb->s_umount);
57 else
58 down_read(sem: &sb->s_umount);
59}
60
61static inline void super_unlock(struct super_block *sb, bool excl)
62{
63 if (excl)
64 up_write(sem: &sb->s_umount);
65 else
66 up_read(sem: &sb->s_umount);
67}
68
69static inline void __super_lock_excl(struct super_block *sb)
70{
71 __super_lock(sb, excl: true);
72}
73
74static inline void super_unlock_excl(struct super_block *sb)
75{
76 super_unlock(sb, excl: true);
77}
78
79static inline void super_unlock_shared(struct super_block *sb)
80{
81 super_unlock(sb, excl: false);
82}
83
84static inline bool wait_born(struct super_block *sb)
85{
86 unsigned int flags;
87
88 /*
89 * Pairs with smp_store_release() in super_wake() and ensures
90 * that we see SB_BORN or SB_DYING after we're woken.
91 */
92 flags = smp_load_acquire(&sb->s_flags);
93 return flags & (SB_BORN | SB_DYING);
94}
95
96/**
97 * super_lock - wait for superblock to become ready and lock it
98 * @sb: superblock to wait for
99 * @excl: whether exclusive access is required
100 *
101 * If the superblock has neither passed through vfs_get_tree() or
102 * generic_shutdown_super() yet wait for it to happen. Either superblock
103 * creation will succeed and SB_BORN is set by vfs_get_tree() or we're
104 * woken and we'll see SB_DYING.
105 *
106 * The caller must have acquired a temporary reference on @sb->s_count.
107 *
108 * Return: This returns true if SB_BORN was set, false if SB_DYING was
109 * set. The function acquires s_umount and returns with it held.
110 */
111static __must_check bool super_lock(struct super_block *sb, bool excl)
112{
113
114 lockdep_assert_not_held(&sb->s_umount);
115
116relock:
117 __super_lock(sb, excl);
118
119 /*
120 * Has gone through generic_shutdown_super() in the meantime.
121 * @sb->s_root is NULL and @sb->s_active is 0. No one needs to
122 * grab a reference to this. Tell them so.
123 */
124 if (sb->s_flags & SB_DYING)
125 return false;
126
127 /* Has called ->get_tree() successfully. */
128 if (sb->s_flags & SB_BORN)
129 return true;
130
131 super_unlock(sb, excl);
132
133 /* wait until the superblock is ready or dying */
134 wait_var_event(&sb->s_flags, wait_born(sb));
135
136 /*
137 * Neither SB_BORN nor SB_DYING are ever unset so we never loop.
138 * Just reacquire @sb->s_umount for the caller.
139 */
140 goto relock;
141}
142
143/* wait and acquire read-side of @sb->s_umount */
144static inline bool super_lock_shared(struct super_block *sb)
145{
146 return super_lock(sb, excl: false);
147}
148
149/* wait and acquire write-side of @sb->s_umount */
150static inline bool super_lock_excl(struct super_block *sb)
151{
152 return super_lock(sb, excl: true);
153}
154
155/* wake waiters */
156#define SUPER_WAKE_FLAGS (SB_BORN | SB_DYING | SB_DEAD)
157static void super_wake(struct super_block *sb, unsigned int flag)
158{
159 WARN_ON_ONCE((flag & ~SUPER_WAKE_FLAGS));
160 WARN_ON_ONCE(hweight32(flag & SUPER_WAKE_FLAGS) > 1);
161
162 /*
163 * Pairs with smp_load_acquire() in super_lock() to make sure
164 * all initializations in the superblock are seen by the user
165 * seeing SB_BORN sent.
166 */
167 smp_store_release(&sb->s_flags, sb->s_flags | flag);
168 /*
169 * Pairs with the barrier in prepare_to_wait_event() to make sure
170 * ___wait_var_event() either sees SB_BORN set or
171 * waitqueue_active() check in wake_up_var() sees the waiter.
172 */
173 smp_mb();
174 wake_up_var(var: &sb->s_flags);
175}
176
177/*
178 * One thing we have to be careful of with a per-sb shrinker is that we don't
179 * drop the last active reference to the superblock from within the shrinker.
180 * If that happens we could trigger unregistering the shrinker from within the
181 * shrinker path and that leads to deadlock on the shrinker_mutex. Hence we
182 * take a passive reference to the superblock to avoid this from occurring.
183 */
184static unsigned long super_cache_scan(struct shrinker *shrink,
185 struct shrink_control *sc)
186{
187 struct super_block *sb;
188 long fs_objects = 0;
189 long total_objects;
190 long freed = 0;
191 long dentries;
192 long inodes;
193
194 sb = shrink->private_data;
195
196 /*
197 * Deadlock avoidance. We may hold various FS locks, and we don't want
198 * to recurse into the FS that called us in clear_inode() and friends..
199 */
200 if (!(sc->gfp_mask & __GFP_FS))
201 return SHRINK_STOP;
202
203 if (!super_trylock_shared(sb))
204 return SHRINK_STOP;
205
206 if (sb->s_op->nr_cached_objects)
207 fs_objects = sb->s_op->nr_cached_objects(sb, sc);
208
209 inodes = list_lru_shrink_count(lru: &sb->s_inode_lru, sc);
210 dentries = list_lru_shrink_count(lru: &sb->s_dentry_lru, sc);
211 total_objects = dentries + inodes + fs_objects + 1;
212 if (!total_objects)
213 total_objects = 1;
214
215 /* proportion the scan between the caches */
216 dentries = mult_frac(sc->nr_to_scan, dentries, total_objects);
217 inodes = mult_frac(sc->nr_to_scan, inodes, total_objects);
218 fs_objects = mult_frac(sc->nr_to_scan, fs_objects, total_objects);
219
220 /*
221 * prune the dcache first as the icache is pinned by it, then
222 * prune the icache, followed by the filesystem specific caches
223 *
224 * Ensure that we always scan at least one object - memcg kmem
225 * accounting uses this to fully empty the caches.
226 */
227 sc->nr_to_scan = dentries + 1;
228 freed = prune_dcache_sb(sb, sc);
229 sc->nr_to_scan = inodes + 1;
230 freed += prune_icache_sb(sb, sc);
231
232 if (fs_objects) {
233 sc->nr_to_scan = fs_objects + 1;
234 freed += sb->s_op->free_cached_objects(sb, sc);
235 }
236
237 super_unlock_shared(sb);
238 return freed;
239}
240
241static unsigned long super_cache_count(struct shrinker *shrink,
242 struct shrink_control *sc)
243{
244 struct super_block *sb;
245 long total_objects = 0;
246
247 sb = shrink->private_data;
248
249 /*
250 * We don't call super_trylock_shared() here as it is a scalability
251 * bottleneck, so we're exposed to partial setup state. The shrinker
252 * rwsem does not protect filesystem operations backing
253 * list_lru_shrink_count() or s_op->nr_cached_objects(). Counts can
254 * change between super_cache_count and super_cache_scan, so we really
255 * don't need locks here.
256 *
257 * However, if we are currently mounting the superblock, the underlying
258 * filesystem might be in a state of partial construction and hence it
259 * is dangerous to access it. super_trylock_shared() uses a SB_BORN check
260 * to avoid this situation, so do the same here. The memory barrier is
261 * matched with the one in mount_fs() as we don't hold locks here.
262 */
263 if (!(sb->s_flags & SB_BORN))
264 return 0;
265 smp_rmb();
266
267 if (sb->s_op && sb->s_op->nr_cached_objects)
268 total_objects = sb->s_op->nr_cached_objects(sb, sc);
269
270 total_objects += list_lru_shrink_count(lru: &sb->s_dentry_lru, sc);
271 total_objects += list_lru_shrink_count(lru: &sb->s_inode_lru, sc);
272
273 if (!total_objects)
274 return SHRINK_EMPTY;
275
276 total_objects = vfs_pressure_ratio(val: total_objects);
277 return total_objects;
278}
279
280static void destroy_super_work(struct work_struct *work)
281{
282 struct super_block *s = container_of(work, struct super_block,
283 destroy_work);
284 int i;
285
286 for (i = 0; i < SB_FREEZE_LEVELS; i++)
287 percpu_free_rwsem(&s->s_writers.rw_sem[i]);
288 kfree(objp: s);
289}
290
291static void destroy_super_rcu(struct rcu_head *head)
292{
293 struct super_block *s = container_of(head, struct super_block, rcu);
294 INIT_WORK(&s->destroy_work, destroy_super_work);
295 schedule_work(work: &s->destroy_work);
296}
297
298/* Free a superblock that has never been seen by anyone */
299static void destroy_unused_super(struct super_block *s)
300{
301 if (!s)
302 return;
303 super_unlock_excl(sb: s);
304 list_lru_destroy(lru: &s->s_dentry_lru);
305 list_lru_destroy(lru: &s->s_inode_lru);
306 security_sb_free(sb: s);
307 put_user_ns(ns: s->s_user_ns);
308 kfree(objp: s->s_subtype);
309 shrinker_free(shrinker: s->s_shrink);
310 /* no delays needed */
311 destroy_super_work(work: &s->destroy_work);
312}
313
314/**
315 * alloc_super - create new superblock
316 * @type: filesystem type superblock should belong to
317 * @flags: the mount flags
318 * @user_ns: User namespace for the super_block
319 *
320 * Allocates and initializes a new &struct super_block. alloc_super()
321 * returns a pointer new superblock or %NULL if allocation had failed.
322 */
323static struct super_block *alloc_super(struct file_system_type *type, int flags,
324 struct user_namespace *user_ns)
325{
326 struct super_block *s = kzalloc(size: sizeof(struct super_block), GFP_USER);
327 static const struct super_operations default_op;
328 int i;
329
330 if (!s)
331 return NULL;
332
333 INIT_LIST_HEAD(list: &s->s_mounts);
334 s->s_user_ns = get_user_ns(ns: user_ns);
335 init_rwsem(&s->s_umount);
336 lockdep_set_class(&s->s_umount, &type->s_umount_key);
337 /*
338 * sget() can have s_umount recursion.
339 *
340 * When it cannot find a suitable sb, it allocates a new
341 * one (this one), and tries again to find a suitable old
342 * one.
343 *
344 * In case that succeeds, it will acquire the s_umount
345 * lock of the old one. Since these are clearly distrinct
346 * locks, and this object isn't exposed yet, there's no
347 * risk of deadlocks.
348 *
349 * Annotate this by putting this lock in a different
350 * subclass.
351 */
352 down_write_nested(sem: &s->s_umount, SINGLE_DEPTH_NESTING);
353
354 if (security_sb_alloc(sb: s))
355 goto fail;
356
357 for (i = 0; i < SB_FREEZE_LEVELS; i++) {
358 if (__percpu_init_rwsem(&s->s_writers.rw_sem[i],
359 sb_writers_name[i],
360 &type->s_writers_key[i]))
361 goto fail;
362 }
363 s->s_bdi = &noop_backing_dev_info;
364 s->s_flags = flags;
365 if (s->s_user_ns != &init_user_ns)
366 s->s_iflags |= SB_I_NODEV;
367 INIT_HLIST_NODE(h: &s->s_instances);
368 INIT_HLIST_BL_HEAD(&s->s_roots);
369 mutex_init(&s->s_sync_lock);
370 INIT_LIST_HEAD(list: &s->s_inodes);
371 spin_lock_init(&s->s_inode_list_lock);
372 INIT_LIST_HEAD(list: &s->s_inodes_wb);
373 spin_lock_init(&s->s_inode_wblist_lock);
374
375 s->s_count = 1;
376 atomic_set(v: &s->s_active, i: 1);
377 mutex_init(&s->s_vfs_rename_mutex);
378 lockdep_set_class(&s->s_vfs_rename_mutex, &type->s_vfs_rename_key);
379 init_rwsem(&s->s_dquot.dqio_sem);
380 s->s_maxbytes = MAX_NON_LFS;
381 s->s_op = &default_op;
382 s->s_time_gran = 1000000000;
383 s->s_time_min = TIME64_MIN;
384 s->s_time_max = TIME64_MAX;
385
386 s->s_shrink = shrinker_alloc(SHRINKER_NUMA_AWARE | SHRINKER_MEMCG_AWARE,
387 fmt: "sb-%s", type->name);
388 if (!s->s_shrink)
389 goto fail;
390
391 s->s_shrink->scan_objects = super_cache_scan;
392 s->s_shrink->count_objects = super_cache_count;
393 s->s_shrink->batch = 1024;
394 s->s_shrink->private_data = s;
395
396 if (list_lru_init_memcg(&s->s_dentry_lru, s->s_shrink))
397 goto fail;
398 if (list_lru_init_memcg(&s->s_inode_lru, s->s_shrink))
399 goto fail;
400 return s;
401
402fail:
403 destroy_unused_super(s);
404 return NULL;
405}
406
407/* Superblock refcounting */
408
409/*
410 * Drop a superblock's refcount. The caller must hold sb_lock.
411 */
412static void __put_super(struct super_block *s)
413{
414 if (!--s->s_count) {
415 list_del_init(entry: &s->s_list);
416 WARN_ON(s->s_dentry_lru.node);
417 WARN_ON(s->s_inode_lru.node);
418 WARN_ON(!list_empty(&s->s_mounts));
419 security_sb_free(sb: s);
420 put_user_ns(ns: s->s_user_ns);
421 kfree(objp: s->s_subtype);
422 call_rcu(head: &s->rcu, func: destroy_super_rcu);
423 }
424}
425
426/**
427 * put_super - drop a temporary reference to superblock
428 * @sb: superblock in question
429 *
430 * Drops a temporary reference, frees superblock if there's no
431 * references left.
432 */
433void put_super(struct super_block *sb)
434{
435 spin_lock(lock: &sb_lock);
436 __put_super(s: sb);
437 spin_unlock(lock: &sb_lock);
438}
439
440static void kill_super_notify(struct super_block *sb)
441{
442 lockdep_assert_not_held(&sb->s_umount);
443
444 /* already notified earlier */
445 if (sb->s_flags & SB_DEAD)
446 return;
447
448 /*
449 * Remove it from @fs_supers so it isn't found by new
450 * sget{_fc}() walkers anymore. Any concurrent mounter still
451 * managing to grab a temporary reference is guaranteed to
452 * already see SB_DYING and will wait until we notify them about
453 * SB_DEAD.
454 */
455 spin_lock(lock: &sb_lock);
456 hlist_del_init(n: &sb->s_instances);
457 spin_unlock(lock: &sb_lock);
458
459 /*
460 * Let concurrent mounts know that this thing is really dead.
461 * We don't need @sb->s_umount here as every concurrent caller
462 * will see SB_DYING and either discard the superblock or wait
463 * for SB_DEAD.
464 */
465 super_wake(sb, SB_DEAD);
466}
467
468/**
469 * deactivate_locked_super - drop an active reference to superblock
470 * @s: superblock to deactivate
471 *
472 * Drops an active reference to superblock, converting it into a temporary
473 * one if there is no other active references left. In that case we
474 * tell fs driver to shut it down and drop the temporary reference we
475 * had just acquired.
476 *
477 * Caller holds exclusive lock on superblock; that lock is released.
478 */
479void deactivate_locked_super(struct super_block *s)
480{
481 struct file_system_type *fs = s->s_type;
482 if (atomic_dec_and_test(v: &s->s_active)) {
483 shrinker_free(shrinker: s->s_shrink);
484 fs->kill_sb(s);
485
486 kill_super_notify(sb: s);
487
488 /*
489 * Since list_lru_destroy() may sleep, we cannot call it from
490 * put_super(), where we hold the sb_lock. Therefore we destroy
491 * the lru lists right now.
492 */
493 list_lru_destroy(lru: &s->s_dentry_lru);
494 list_lru_destroy(lru: &s->s_inode_lru);
495
496 put_filesystem(fs);
497 put_super(sb: s);
498 } else {
499 super_unlock_excl(sb: s);
500 }
501}
502
503EXPORT_SYMBOL(deactivate_locked_super);
504
505/**
506 * deactivate_super - drop an active reference to superblock
507 * @s: superblock to deactivate
508 *
509 * Variant of deactivate_locked_super(), except that superblock is *not*
510 * locked by caller. If we are going to drop the final active reference,
511 * lock will be acquired prior to that.
512 */
513void deactivate_super(struct super_block *s)
514{
515 if (!atomic_add_unless(v: &s->s_active, a: -1, u: 1)) {
516 __super_lock_excl(sb: s);
517 deactivate_locked_super(s);
518 }
519}
520
521EXPORT_SYMBOL(deactivate_super);
522
523/**
524 * grab_super - acquire an active reference
525 * @s: reference we are trying to make active
526 *
527 * Tries to acquire an active reference. grab_super() is used when we
528 * had just found a superblock in super_blocks or fs_type->fs_supers
529 * and want to turn it into a full-blown active reference. grab_super()
530 * is called with sb_lock held and drops it. Returns 1 in case of
531 * success, 0 if we had failed (superblock contents was already dead or
532 * dying when grab_super() had been called). Note that this is only
533 * called for superblocks not in rundown mode (== ones still on ->fs_supers
534 * of their type), so increment of ->s_count is OK here.
535 */
536static int grab_super(struct super_block *s) __releases(sb_lock)
537{
538 bool born;
539
540 s->s_count++;
541 spin_unlock(lock: &sb_lock);
542 born = super_lock_excl(sb: s);
543 if (born && atomic_inc_not_zero(v: &s->s_active)) {
544 put_super(sb: s);
545 return 1;
546 }
547 super_unlock_excl(sb: s);
548 put_super(sb: s);
549 return 0;
550}
551
552static inline bool wait_dead(struct super_block *sb)
553{
554 unsigned int flags;
555
556 /*
557 * Pairs with memory barrier in super_wake() and ensures
558 * that we see SB_DEAD after we're woken.
559 */
560 flags = smp_load_acquire(&sb->s_flags);
561 return flags & SB_DEAD;
562}
563
564/**
565 * grab_super_dead - acquire an active reference to a superblock
566 * @sb: superblock to acquire
567 *
568 * Acquire a temporary reference on a superblock and try to trade it for
569 * an active reference. This is used in sget{_fc}() to wait for a
570 * superblock to either become SB_BORN or for it to pass through
571 * sb->kill() and be marked as SB_DEAD.
572 *
573 * Return: This returns true if an active reference could be acquired,
574 * false if not.
575 */
576static bool grab_super_dead(struct super_block *sb)
577{
578
579 sb->s_count++;
580 if (grab_super(s: sb)) {
581 put_super(sb);
582 lockdep_assert_held(&sb->s_umount);
583 return true;
584 }
585 wait_var_event(&sb->s_flags, wait_dead(sb));
586 lockdep_assert_not_held(&sb->s_umount);
587 put_super(sb);
588 return false;
589}
590
591/*
592 * super_trylock_shared - try to grab ->s_umount shared
593 * @sb: reference we are trying to grab
594 *
595 * Try to prevent fs shutdown. This is used in places where we
596 * cannot take an active reference but we need to ensure that the
597 * filesystem is not shut down while we are working on it. It returns
598 * false if we cannot acquire s_umount or if we lose the race and
599 * filesystem already got into shutdown, and returns true with the s_umount
600 * lock held in read mode in case of success. On successful return,
601 * the caller must drop the s_umount lock when done.
602 *
603 * Note that unlike get_super() et.al. this one does *not* bump ->s_count.
604 * The reason why it's safe is that we are OK with doing trylock instead
605 * of down_read(). There's a couple of places that are OK with that, but
606 * it's very much not a general-purpose interface.
607 */
608bool super_trylock_shared(struct super_block *sb)
609{
610 if (down_read_trylock(sem: &sb->s_umount)) {
611 if (!(sb->s_flags & SB_DYING) && sb->s_root &&
612 (sb->s_flags & SB_BORN))
613 return true;
614 super_unlock_shared(sb);
615 }
616
617 return false;
618}
619
620/**
621 * retire_super - prevents superblock from being reused
622 * @sb: superblock to retire
623 *
624 * The function marks superblock to be ignored in superblock test, which
625 * prevents it from being reused for any new mounts. If the superblock has
626 * a private bdi, it also unregisters it, but doesn't reduce the refcount
627 * of the superblock to prevent potential races. The refcount is reduced
628 * by generic_shutdown_super(). The function can not be called
629 * concurrently with generic_shutdown_super(). It is safe to call the
630 * function multiple times, subsequent calls have no effect.
631 *
632 * The marker will affect the re-use only for block-device-based
633 * superblocks. Other superblocks will still get marked if this function
634 * is used, but that will not affect their reusability.
635 */
636void retire_super(struct super_block *sb)
637{
638 WARN_ON(!sb->s_bdev);
639 __super_lock_excl(sb);
640 if (sb->s_iflags & SB_I_PERSB_BDI) {
641 bdi_unregister(bdi: sb->s_bdi);
642 sb->s_iflags &= ~SB_I_PERSB_BDI;
643 }
644 sb->s_iflags |= SB_I_RETIRED;
645 super_unlock_excl(sb);
646}
647EXPORT_SYMBOL(retire_super);
648
649/**
650 * generic_shutdown_super - common helper for ->kill_sb()
651 * @sb: superblock to kill
652 *
653 * generic_shutdown_super() does all fs-independent work on superblock
654 * shutdown. Typical ->kill_sb() should pick all fs-specific objects
655 * that need destruction out of superblock, call generic_shutdown_super()
656 * and release aforementioned objects. Note: dentries and inodes _are_
657 * taken care of and do not need specific handling.
658 *
659 * Upon calling this function, the filesystem may no longer alter or
660 * rearrange the set of dentries belonging to this super_block, nor may it
661 * change the attachments of dentries to inodes.
662 */
663void generic_shutdown_super(struct super_block *sb)
664{
665 const struct super_operations *sop = sb->s_op;
666
667 if (sb->s_root) {
668 shrink_dcache_for_umount(sb);
669 sync_filesystem(sb);
670 sb->s_flags &= ~SB_ACTIVE;
671
672 cgroup_writeback_umount();
673
674 /* Evict all inodes with zero refcount. */
675 evict_inodes(sb);
676
677 /*
678 * Clean up and evict any inodes that still have references due
679 * to fsnotify or the security policy.
680 */
681 fsnotify_sb_delete(sb);
682 security_sb_delete(sb);
683
684 /*
685 * Now that all potentially-encrypted inodes have been evicted,
686 * the fscrypt keyring can be destroyed.
687 */
688 fscrypt_destroy_keyring(sb);
689
690 if (sb->s_dio_done_wq) {
691 destroy_workqueue(wq: sb->s_dio_done_wq);
692 sb->s_dio_done_wq = NULL;
693 }
694
695 if (sop->put_super)
696 sop->put_super(sb);
697
698 if (CHECK_DATA_CORRUPTION(!list_empty(&sb->s_inodes),
699 "VFS: Busy inodes after unmount of %s (%s)",
700 sb->s_id, sb->s_type->name)) {
701 /*
702 * Adding a proper bailout path here would be hard, but
703 * we can at least make it more likely that a later
704 * iput_final() or such crashes cleanly.
705 */
706 struct inode *inode;
707
708 spin_lock(lock: &sb->s_inode_list_lock);
709 list_for_each_entry(inode, &sb->s_inodes, i_sb_list) {
710 inode->i_op = VFS_PTR_POISON;
711 inode->i_sb = VFS_PTR_POISON;
712 inode->i_mapping = VFS_PTR_POISON;
713 }
714 spin_unlock(lock: &sb->s_inode_list_lock);
715 }
716 }
717 /*
718 * Broadcast to everyone that grabbed a temporary reference to this
719 * superblock before we removed it from @fs_supers that the superblock
720 * is dying. Every walker of @fs_supers outside of sget{_fc}() will now
721 * discard this superblock and treat it as dead.
722 *
723 * We leave the superblock on @fs_supers so it can be found by
724 * sget{_fc}() until we passed sb->kill_sb().
725 */
726 super_wake(sb, SB_DYING);
727 super_unlock_excl(sb);
728 if (sb->s_bdi != &noop_backing_dev_info) {
729 if (sb->s_iflags & SB_I_PERSB_BDI)
730 bdi_unregister(bdi: sb->s_bdi);
731 bdi_put(bdi: sb->s_bdi);
732 sb->s_bdi = &noop_backing_dev_info;
733 }
734}
735
736EXPORT_SYMBOL(generic_shutdown_super);
737
738bool mount_capable(struct fs_context *fc)
739{
740 if (!(fc->fs_type->fs_flags & FS_USERNS_MOUNT))
741 return capable(CAP_SYS_ADMIN);
742 else
743 return ns_capable(ns: fc->user_ns, CAP_SYS_ADMIN);
744}
745
746/**
747 * sget_fc - Find or create a superblock
748 * @fc: Filesystem context.
749 * @test: Comparison callback
750 * @set: Setup callback
751 *
752 * Create a new superblock or find an existing one.
753 *
754 * The @test callback is used to find a matching existing superblock.
755 * Whether or not the requested parameters in @fc are taken into account
756 * is specific to the @test callback that is used. They may even be
757 * completely ignored.
758 *
759 * If an extant superblock is matched, it will be returned unless:
760 *
761 * (1) the namespace the filesystem context @fc and the extant
762 * superblock's namespace differ
763 *
764 * (2) the filesystem context @fc has requested that reusing an extant
765 * superblock is not allowed
766 *
767 * In both cases EBUSY will be returned.
768 *
769 * If no match is made, a new superblock will be allocated and basic
770 * initialisation will be performed (s_type, s_fs_info and s_id will be
771 * set and the @set callback will be invoked), the superblock will be
772 * published and it will be returned in a partially constructed state
773 * with SB_BORN and SB_ACTIVE as yet unset.
774 *
775 * Return: On success, an extant or newly created superblock is
776 * returned. On failure an error pointer is returned.
777 */
778struct super_block *sget_fc(struct fs_context *fc,
779 int (*test)(struct super_block *, struct fs_context *),
780 int (*set)(struct super_block *, struct fs_context *))
781{
782 struct super_block *s = NULL;
783 struct super_block *old;
784 struct user_namespace *user_ns = fc->global ? &init_user_ns : fc->user_ns;
785 int err;
786
787retry:
788 spin_lock(lock: &sb_lock);
789 if (test) {
790 hlist_for_each_entry(old, &fc->fs_type->fs_supers, s_instances) {
791 if (test(old, fc))
792 goto share_extant_sb;
793 }
794 }
795 if (!s) {
796 spin_unlock(lock: &sb_lock);
797 s = alloc_super(type: fc->fs_type, flags: fc->sb_flags, user_ns);
798 if (!s)
799 return ERR_PTR(error: -ENOMEM);
800 goto retry;
801 }
802
803 s->s_fs_info = fc->s_fs_info;
804 err = set(s, fc);
805 if (err) {
806 s->s_fs_info = NULL;
807 spin_unlock(lock: &sb_lock);
808 destroy_unused_super(s);
809 return ERR_PTR(error: err);
810 }
811 fc->s_fs_info = NULL;
812 s->s_type = fc->fs_type;
813 s->s_iflags |= fc->s_iflags;
814 strscpy(p: s->s_id, q: s->s_type->name, size: sizeof(s->s_id));
815 /*
816 * Make the superblock visible on @super_blocks and @fs_supers.
817 * It's in a nascent state and users should wait on SB_BORN or
818 * SB_DYING to be set.
819 */
820 list_add_tail(new: &s->s_list, head: &super_blocks);
821 hlist_add_head(n: &s->s_instances, h: &s->s_type->fs_supers);
822 spin_unlock(lock: &sb_lock);
823 get_filesystem(fs: s->s_type);
824 shrinker_register(shrinker: s->s_shrink);
825 return s;
826
827share_extant_sb:
828 if (user_ns != old->s_user_ns || fc->exclusive) {
829 spin_unlock(lock: &sb_lock);
830 destroy_unused_super(s);
831 if (fc->exclusive)
832 warnfc(fc, "reusing existing filesystem not allowed");
833 else
834 warnfc(fc, "reusing existing filesystem in another namespace not allowed");
835 return ERR_PTR(error: -EBUSY);
836 }
837 if (!grab_super_dead(sb: old))
838 goto retry;
839 destroy_unused_super(s);
840 return old;
841}
842EXPORT_SYMBOL(sget_fc);
843
844/**
845 * sget - find or create a superblock
846 * @type: filesystem type superblock should belong to
847 * @test: comparison callback
848 * @set: setup callback
849 * @flags: mount flags
850 * @data: argument to each of them
851 */
852struct super_block *sget(struct file_system_type *type,
853 int (*test)(struct super_block *,void *),
854 int (*set)(struct super_block *,void *),
855 int flags,
856 void *data)
857{
858 struct user_namespace *user_ns = current_user_ns();
859 struct super_block *s = NULL;
860 struct super_block *old;
861 int err;
862
863 /* We don't yet pass the user namespace of the parent
864 * mount through to here so always use &init_user_ns
865 * until that changes.
866 */
867 if (flags & SB_SUBMOUNT)
868 user_ns = &init_user_ns;
869
870retry:
871 spin_lock(lock: &sb_lock);
872 if (test) {
873 hlist_for_each_entry(old, &type->fs_supers, s_instances) {
874 if (!test(old, data))
875 continue;
876 if (user_ns != old->s_user_ns) {
877 spin_unlock(lock: &sb_lock);
878 destroy_unused_super(s);
879 return ERR_PTR(error: -EBUSY);
880 }
881 if (!grab_super_dead(sb: old))
882 goto retry;
883 destroy_unused_super(s);
884 return old;
885 }
886 }
887 if (!s) {
888 spin_unlock(lock: &sb_lock);
889 s = alloc_super(type, flags: (flags & ~SB_SUBMOUNT), user_ns);
890 if (!s)
891 return ERR_PTR(error: -ENOMEM);
892 goto retry;
893 }
894
895 err = set(s, data);
896 if (err) {
897 spin_unlock(lock: &sb_lock);
898 destroy_unused_super(s);
899 return ERR_PTR(error: err);
900 }
901 s->s_type = type;
902 strscpy(p: s->s_id, q: type->name, size: sizeof(s->s_id));
903 list_add_tail(new: &s->s_list, head: &super_blocks);
904 hlist_add_head(n: &s->s_instances, h: &type->fs_supers);
905 spin_unlock(lock: &sb_lock);
906 get_filesystem(fs: type);
907 shrinker_register(shrinker: s->s_shrink);
908 return s;
909}
910EXPORT_SYMBOL(sget);
911
912void drop_super(struct super_block *sb)
913{
914 super_unlock_shared(sb);
915 put_super(sb);
916}
917
918EXPORT_SYMBOL(drop_super);
919
920void drop_super_exclusive(struct super_block *sb)
921{
922 super_unlock_excl(sb);
923 put_super(sb);
924}
925EXPORT_SYMBOL(drop_super_exclusive);
926
927static void __iterate_supers(void (*f)(struct super_block *))
928{
929 struct super_block *sb, *p = NULL;
930
931 spin_lock(lock: &sb_lock);
932 list_for_each_entry(sb, &super_blocks, s_list) {
933 /* Pairs with memory marrier in super_wake(). */
934 if (smp_load_acquire(&sb->s_flags) & SB_DYING)
935 continue;
936 sb->s_count++;
937 spin_unlock(lock: &sb_lock);
938
939 f(sb);
940
941 spin_lock(lock: &sb_lock);
942 if (p)
943 __put_super(s: p);
944 p = sb;
945 }
946 if (p)
947 __put_super(s: p);
948 spin_unlock(lock: &sb_lock);
949}
950/**
951 * iterate_supers - call function for all active superblocks
952 * @f: function to call
953 * @arg: argument to pass to it
954 *
955 * Scans the superblock list and calls given function, passing it
956 * locked superblock and given argument.
957 */
958void iterate_supers(void (*f)(struct super_block *, void *), void *arg)
959{
960 struct super_block *sb, *p = NULL;
961
962 spin_lock(lock: &sb_lock);
963 list_for_each_entry(sb, &super_blocks, s_list) {
964 bool born;
965
966 sb->s_count++;
967 spin_unlock(lock: &sb_lock);
968
969 born = super_lock_shared(sb);
970 if (born && sb->s_root)
971 f(sb, arg);
972 super_unlock_shared(sb);
973
974 spin_lock(lock: &sb_lock);
975 if (p)
976 __put_super(s: p);
977 p = sb;
978 }
979 if (p)
980 __put_super(s: p);
981 spin_unlock(lock: &sb_lock);
982}
983
984/**
985 * iterate_supers_type - call function for superblocks of given type
986 * @type: fs type
987 * @f: function to call
988 * @arg: argument to pass to it
989 *
990 * Scans the superblock list and calls given function, passing it
991 * locked superblock and given argument.
992 */
993void iterate_supers_type(struct file_system_type *type,
994 void (*f)(struct super_block *, void *), void *arg)
995{
996 struct super_block *sb, *p = NULL;
997
998 spin_lock(lock: &sb_lock);
999 hlist_for_each_entry(sb, &type->fs_supers, s_instances) {
1000 bool born;
1001
1002 sb->s_count++;
1003 spin_unlock(lock: &sb_lock);
1004
1005 born = super_lock_shared(sb);
1006 if (born && sb->s_root)
1007 f(sb, arg);
1008 super_unlock_shared(sb);
1009
1010 spin_lock(lock: &sb_lock);
1011 if (p)
1012 __put_super(s: p);
1013 p = sb;
1014 }
1015 if (p)
1016 __put_super(s: p);
1017 spin_unlock(lock: &sb_lock);
1018}
1019
1020EXPORT_SYMBOL(iterate_supers_type);
1021
1022/**
1023 * get_active_super - get an active reference to the superblock of a device
1024 * @bdev: device to get the superblock for
1025 *
1026 * Scans the superblock list and finds the superblock of the file system
1027 * mounted on the device given. Returns the superblock with an active
1028 * reference or %NULL if none was found.
1029 */
1030struct super_block *get_active_super(struct block_device *bdev)
1031{
1032 struct super_block *sb;
1033
1034 if (!bdev)
1035 return NULL;
1036
1037 spin_lock(lock: &sb_lock);
1038 list_for_each_entry(sb, &super_blocks, s_list) {
1039 if (sb->s_bdev == bdev) {
1040 if (!grab_super(s: sb))
1041 return NULL;
1042 super_unlock_excl(sb);
1043 return sb;
1044 }
1045 }
1046 spin_unlock(lock: &sb_lock);
1047 return NULL;
1048}
1049
1050struct super_block *user_get_super(dev_t dev, bool excl)
1051{
1052 struct super_block *sb;
1053
1054 spin_lock(lock: &sb_lock);
1055 list_for_each_entry(sb, &super_blocks, s_list) {
1056 if (sb->s_dev == dev) {
1057 bool born;
1058
1059 sb->s_count++;
1060 spin_unlock(lock: &sb_lock);
1061 /* still alive? */
1062 born = super_lock(sb, excl);
1063 if (born && sb->s_root)
1064 return sb;
1065 super_unlock(sb, excl);
1066 /* nope, got unmounted */
1067 spin_lock(lock: &sb_lock);
1068 __put_super(s: sb);
1069 break;
1070 }
1071 }
1072 spin_unlock(lock: &sb_lock);
1073 return NULL;
1074}
1075
1076/**
1077 * reconfigure_super - asks filesystem to change superblock parameters
1078 * @fc: The superblock and configuration
1079 *
1080 * Alters the configuration parameters of a live superblock.
1081 */
1082int reconfigure_super(struct fs_context *fc)
1083{
1084 struct super_block *sb = fc->root->d_sb;
1085 int retval;
1086 bool remount_ro = false;
1087 bool remount_rw = false;
1088 bool force = fc->sb_flags & SB_FORCE;
1089
1090 if (fc->sb_flags_mask & ~MS_RMT_MASK)
1091 return -EINVAL;
1092 if (sb->s_writers.frozen != SB_UNFROZEN)
1093 return -EBUSY;
1094
1095 retval = security_sb_remount(sb, mnt_opts: fc->security);
1096 if (retval)
1097 return retval;
1098
1099 if (fc->sb_flags_mask & SB_RDONLY) {
1100#ifdef CONFIG_BLOCK
1101 if (!(fc->sb_flags & SB_RDONLY) && sb->s_bdev &&
1102 bdev_read_only(bdev: sb->s_bdev))
1103 return -EACCES;
1104#endif
1105 remount_rw = !(fc->sb_flags & SB_RDONLY) && sb_rdonly(sb);
1106 remount_ro = (fc->sb_flags & SB_RDONLY) && !sb_rdonly(sb);
1107 }
1108
1109 if (remount_ro) {
1110 if (!hlist_empty(h: &sb->s_pins)) {
1111 super_unlock_excl(sb);
1112 group_pin_kill(p: &sb->s_pins);
1113 __super_lock_excl(sb);
1114 if (!sb->s_root)
1115 return 0;
1116 if (sb->s_writers.frozen != SB_UNFROZEN)
1117 return -EBUSY;
1118 remount_ro = !sb_rdonly(sb);
1119 }
1120 }
1121 shrink_dcache_sb(sb);
1122
1123 /* If we are reconfiguring to RDONLY and current sb is read/write,
1124 * make sure there are no files open for writing.
1125 */
1126 if (remount_ro) {
1127 if (force) {
1128 sb_start_ro_state_change(sb);
1129 } else {
1130 retval = sb_prepare_remount_readonly(sb);
1131 if (retval)
1132 return retval;
1133 }
1134 } else if (remount_rw) {
1135 /*
1136 * Protect filesystem's reconfigure code from writes from
1137 * userspace until reconfigure finishes.
1138 */
1139 sb_start_ro_state_change(sb);
1140 }
1141
1142 if (fc->ops->reconfigure) {
1143 retval = fc->ops->reconfigure(fc);
1144 if (retval) {
1145 if (!force)
1146 goto cancel_readonly;
1147 /* If forced remount, go ahead despite any errors */
1148 WARN(1, "forced remount of a %s fs returned %i\n",
1149 sb->s_type->name, retval);
1150 }
1151 }
1152
1153 WRITE_ONCE(sb->s_flags, ((sb->s_flags & ~fc->sb_flags_mask) |
1154 (fc->sb_flags & fc->sb_flags_mask)));
1155 sb_end_ro_state_change(sb);
1156
1157 /*
1158 * Some filesystems modify their metadata via some other path than the
1159 * bdev buffer cache (eg. use a private mapping, or directories in
1160 * pagecache, etc). Also file data modifications go via their own
1161 * mappings. So If we try to mount readonly then copy the filesystem
1162 * from bdev, we could get stale data, so invalidate it to give a best
1163 * effort at coherency.
1164 */
1165 if (remount_ro && sb->s_bdev)
1166 invalidate_bdev(bdev: sb->s_bdev);
1167 return 0;
1168
1169cancel_readonly:
1170 sb_end_ro_state_change(sb);
1171 return retval;
1172}
1173
1174static void do_emergency_remount_callback(struct super_block *sb)
1175{
1176 bool born = super_lock_excl(sb);
1177
1178 if (born && sb->s_root && sb->s_bdev && !sb_rdonly(sb)) {
1179 struct fs_context *fc;
1180
1181 fc = fs_context_for_reconfigure(dentry: sb->s_root,
1182 SB_RDONLY | SB_FORCE, SB_RDONLY);
1183 if (!IS_ERR(ptr: fc)) {
1184 if (parse_monolithic_mount_data(fc, NULL) == 0)
1185 (void)reconfigure_super(fc);
1186 put_fs_context(fc);
1187 }
1188 }
1189 super_unlock_excl(sb);
1190}
1191
1192static void do_emergency_remount(struct work_struct *work)
1193{
1194 __iterate_supers(f: do_emergency_remount_callback);
1195 kfree(objp: work);
1196 printk("Emergency Remount complete\n");
1197}
1198
1199void emergency_remount(void)
1200{
1201 struct work_struct *work;
1202
1203 work = kmalloc(size: sizeof(*work), GFP_ATOMIC);
1204 if (work) {
1205 INIT_WORK(work, do_emergency_remount);
1206 schedule_work(work);
1207 }
1208}
1209
1210static void do_thaw_all_callback(struct super_block *sb)
1211{
1212 bool born = super_lock_excl(sb);
1213
1214 if (born && sb->s_root) {
1215 if (IS_ENABLED(CONFIG_BLOCK))
1216 while (sb->s_bdev && !thaw_bdev(bdev: sb->s_bdev))
1217 pr_warn("Emergency Thaw on %pg\n", sb->s_bdev);
1218 thaw_super_locked(sb, who: FREEZE_HOLDER_USERSPACE);
1219 } else {
1220 super_unlock_excl(sb);
1221 }
1222}
1223
1224static void do_thaw_all(struct work_struct *work)
1225{
1226 __iterate_supers(f: do_thaw_all_callback);
1227 kfree(objp: work);
1228 printk(KERN_WARNING "Emergency Thaw complete\n");
1229}
1230
1231/**
1232 * emergency_thaw_all -- forcibly thaw every frozen filesystem
1233 *
1234 * Used for emergency unfreeze of all filesystems via SysRq
1235 */
1236void emergency_thaw_all(void)
1237{
1238 struct work_struct *work;
1239
1240 work = kmalloc(size: sizeof(*work), GFP_ATOMIC);
1241 if (work) {
1242 INIT_WORK(work, do_thaw_all);
1243 schedule_work(work);
1244 }
1245}
1246
1247static DEFINE_IDA(unnamed_dev_ida);
1248
1249/**
1250 * get_anon_bdev - Allocate a block device for filesystems which don't have one.
1251 * @p: Pointer to a dev_t.
1252 *
1253 * Filesystems which don't use real block devices can call this function
1254 * to allocate a virtual block device.
1255 *
1256 * Context: Any context. Frequently called while holding sb_lock.
1257 * Return: 0 on success, -EMFILE if there are no anonymous bdevs left
1258 * or -ENOMEM if memory allocation failed.
1259 */
1260int get_anon_bdev(dev_t *p)
1261{
1262 int dev;
1263
1264 /*
1265 * Many userspace utilities consider an FSID of 0 invalid.
1266 * Always return at least 1 from get_anon_bdev.
1267 */
1268 dev = ida_alloc_range(&unnamed_dev_ida, min: 1, max: (1 << MINORBITS) - 1,
1269 GFP_ATOMIC);
1270 if (dev == -ENOSPC)
1271 dev = -EMFILE;
1272 if (dev < 0)
1273 return dev;
1274
1275 *p = MKDEV(0, dev);
1276 return 0;
1277}
1278EXPORT_SYMBOL(get_anon_bdev);
1279
1280void free_anon_bdev(dev_t dev)
1281{
1282 ida_free(&unnamed_dev_ida, MINOR(dev));
1283}
1284EXPORT_SYMBOL(free_anon_bdev);
1285
1286int set_anon_super(struct super_block *s, void *data)
1287{
1288 return get_anon_bdev(&s->s_dev);
1289}
1290EXPORT_SYMBOL(set_anon_super);
1291
1292void kill_anon_super(struct super_block *sb)
1293{
1294 dev_t dev = sb->s_dev;
1295 generic_shutdown_super(sb);
1296 kill_super_notify(sb);
1297 free_anon_bdev(dev);
1298}
1299EXPORT_SYMBOL(kill_anon_super);
1300
1301void kill_litter_super(struct super_block *sb)
1302{
1303 if (sb->s_root)
1304 d_genocide(sb->s_root);
1305 kill_anon_super(sb);
1306}
1307EXPORT_SYMBOL(kill_litter_super);
1308
1309int set_anon_super_fc(struct super_block *sb, struct fs_context *fc)
1310{
1311 return set_anon_super(sb, NULL);
1312}
1313EXPORT_SYMBOL(set_anon_super_fc);
1314
1315static int test_keyed_super(struct super_block *sb, struct fs_context *fc)
1316{
1317 return sb->s_fs_info == fc->s_fs_info;
1318}
1319
1320static int test_single_super(struct super_block *s, struct fs_context *fc)
1321{
1322 return 1;
1323}
1324
1325static int vfs_get_super(struct fs_context *fc,
1326 int (*test)(struct super_block *, struct fs_context *),
1327 int (*fill_super)(struct super_block *sb,
1328 struct fs_context *fc))
1329{
1330 struct super_block *sb;
1331 int err;
1332
1333 sb = sget_fc(fc, test, set_anon_super_fc);
1334 if (IS_ERR(ptr: sb))
1335 return PTR_ERR(ptr: sb);
1336
1337 if (!sb->s_root) {
1338 err = fill_super(sb, fc);
1339 if (err)
1340 goto error;
1341
1342 sb->s_flags |= SB_ACTIVE;
1343 }
1344
1345 fc->root = dget(dentry: sb->s_root);
1346 return 0;
1347
1348error:
1349 deactivate_locked_super(sb);
1350 return err;
1351}
1352
1353int get_tree_nodev(struct fs_context *fc,
1354 int (*fill_super)(struct super_block *sb,
1355 struct fs_context *fc))
1356{
1357 return vfs_get_super(fc, NULL, fill_super);
1358}
1359EXPORT_SYMBOL(get_tree_nodev);
1360
1361int get_tree_single(struct fs_context *fc,
1362 int (*fill_super)(struct super_block *sb,
1363 struct fs_context *fc))
1364{
1365 return vfs_get_super(fc, test: test_single_super, fill_super);
1366}
1367EXPORT_SYMBOL(get_tree_single);
1368
1369int get_tree_keyed(struct fs_context *fc,
1370 int (*fill_super)(struct super_block *sb,
1371 struct fs_context *fc),
1372 void *key)
1373{
1374 fc->s_fs_info = key;
1375 return vfs_get_super(fc, test: test_keyed_super, fill_super);
1376}
1377EXPORT_SYMBOL(get_tree_keyed);
1378
1379static int set_bdev_super(struct super_block *s, void *data)
1380{
1381 s->s_dev = *(dev_t *)data;
1382 return 0;
1383}
1384
1385static int super_s_dev_set(struct super_block *s, struct fs_context *fc)
1386{
1387 return set_bdev_super(s, data: fc->sget_key);
1388}
1389
1390static int super_s_dev_test(struct super_block *s, struct fs_context *fc)
1391{
1392 return !(s->s_iflags & SB_I_RETIRED) &&
1393 s->s_dev == *(dev_t *)fc->sget_key;
1394}
1395
1396/**
1397 * sget_dev - Find or create a superblock by device number
1398 * @fc: Filesystem context.
1399 * @dev: device number
1400 *
1401 * Find or create a superblock using the provided device number that
1402 * will be stored in fc->sget_key.
1403 *
1404 * If an extant superblock is matched, then that will be returned with
1405 * an elevated reference count that the caller must transfer or discard.
1406 *
1407 * If no match is made, a new superblock will be allocated and basic
1408 * initialisation will be performed (s_type, s_fs_info, s_id, s_dev will
1409 * be set). The superblock will be published and it will be returned in
1410 * a partially constructed state with SB_BORN and SB_ACTIVE as yet
1411 * unset.
1412 *
1413 * Return: an existing or newly created superblock on success, an error
1414 * pointer on failure.
1415 */
1416struct super_block *sget_dev(struct fs_context *fc, dev_t dev)
1417{
1418 fc->sget_key = &dev;
1419 return sget_fc(fc, super_s_dev_test, super_s_dev_set);
1420}
1421EXPORT_SYMBOL(sget_dev);
1422
1423#ifdef CONFIG_BLOCK
1424/*
1425 * Lock the superblock that is holder of the bdev. Returns the superblock
1426 * pointer if we successfully locked the superblock and it is alive. Otherwise
1427 * we return NULL and just unlock bdev->bd_holder_lock.
1428 *
1429 * The function must be called with bdev->bd_holder_lock and releases it.
1430 */
1431static struct super_block *bdev_super_lock_shared(struct block_device *bdev)
1432 __releases(&bdev->bd_holder_lock)
1433{
1434 struct super_block *sb = bdev->bd_holder;
1435 bool born;
1436
1437 lockdep_assert_held(&bdev->bd_holder_lock);
1438 lockdep_assert_not_held(&sb->s_umount);
1439 lockdep_assert_not_held(&bdev->bd_disk->open_mutex);
1440
1441 /* Make sure sb doesn't go away from under us */
1442 spin_lock(lock: &sb_lock);
1443 sb->s_count++;
1444 spin_unlock(lock: &sb_lock);
1445 mutex_unlock(lock: &bdev->bd_holder_lock);
1446
1447 born = super_lock_shared(sb);
1448 if (!born || !sb->s_root || !(sb->s_flags & SB_ACTIVE)) {
1449 super_unlock_shared(sb);
1450 put_super(sb);
1451 return NULL;
1452 }
1453 /*
1454 * The superblock is active and we hold s_umount, we can drop our
1455 * temporary reference now.
1456 */
1457 put_super(sb);
1458 return sb;
1459}
1460
1461static void fs_bdev_mark_dead(struct block_device *bdev, bool surprise)
1462{
1463 struct super_block *sb;
1464
1465 sb = bdev_super_lock_shared(bdev);
1466 if (!sb)
1467 return;
1468
1469 if (!surprise)
1470 sync_filesystem(sb);
1471 shrink_dcache_sb(sb);
1472 invalidate_inodes(sb);
1473 if (sb->s_op->shutdown)
1474 sb->s_op->shutdown(sb);
1475
1476 super_unlock_shared(sb);
1477}
1478
1479static void fs_bdev_sync(struct block_device *bdev)
1480{
1481 struct super_block *sb;
1482
1483 sb = bdev_super_lock_shared(bdev);
1484 if (!sb)
1485 return;
1486 sync_filesystem(sb);
1487 super_unlock_shared(sb);
1488}
1489
1490const struct blk_holder_ops fs_holder_ops = {
1491 .mark_dead = fs_bdev_mark_dead,
1492 .sync = fs_bdev_sync,
1493};
1494EXPORT_SYMBOL_GPL(fs_holder_ops);
1495
1496int setup_bdev_super(struct super_block *sb, int sb_flags,
1497 struct fs_context *fc)
1498{
1499 blk_mode_t mode = sb_open_mode(sb_flags);
1500 struct bdev_handle *bdev_handle;
1501 struct block_device *bdev;
1502
1503 bdev_handle = bdev_open_by_dev(dev: sb->s_dev, mode, holder: sb, hops: &fs_holder_ops);
1504 if (IS_ERR(ptr: bdev_handle)) {
1505 if (fc)
1506 errorf(fc, "%s: Can't open blockdev", fc->source);
1507 return PTR_ERR(ptr: bdev_handle);
1508 }
1509 bdev = bdev_handle->bdev;
1510
1511 /*
1512 * This really should be in blkdev_get_by_dev, but right now can't due
1513 * to legacy issues that require us to allow opening a block device node
1514 * writable from userspace even for a read-only block device.
1515 */
1516 if ((mode & BLK_OPEN_WRITE) && bdev_read_only(bdev)) {
1517 bdev_release(handle: bdev_handle);
1518 return -EACCES;
1519 }
1520
1521 /*
1522 * Until SB_BORN flag is set, there can be no active superblock
1523 * references and thus no filesystem freezing. get_active_super() will
1524 * just loop waiting for SB_BORN so even freeze_bdev() cannot proceed.
1525 *
1526 * It is enough to check bdev was not frozen before we set s_bdev.
1527 */
1528 mutex_lock(&bdev->bd_fsfreeze_mutex);
1529 if (bdev->bd_fsfreeze_count > 0) {
1530 mutex_unlock(lock: &bdev->bd_fsfreeze_mutex);
1531 if (fc)
1532 warnf(fc, "%pg: Can't mount, blockdev is frozen", bdev);
1533 bdev_release(handle: bdev_handle);
1534 return -EBUSY;
1535 }
1536 spin_lock(lock: &sb_lock);
1537 sb->s_bdev_handle = bdev_handle;
1538 sb->s_bdev = bdev;
1539 sb->s_bdi = bdi_get(bdi: bdev->bd_disk->bdi);
1540 if (bdev_stable_writes(bdev))
1541 sb->s_iflags |= SB_I_STABLE_WRITES;
1542 spin_unlock(lock: &sb_lock);
1543 mutex_unlock(lock: &bdev->bd_fsfreeze_mutex);
1544
1545 snprintf(buf: sb->s_id, size: sizeof(sb->s_id), fmt: "%pg", bdev);
1546 shrinker_debugfs_rename(shrinker: sb->s_shrink, fmt: "sb-%s:%s", sb->s_type->name,
1547 sb->s_id);
1548 sb_set_blocksize(sb, block_size(bdev));
1549 return 0;
1550}
1551EXPORT_SYMBOL_GPL(setup_bdev_super);
1552
1553/**
1554 * get_tree_bdev - Get a superblock based on a single block device
1555 * @fc: The filesystem context holding the parameters
1556 * @fill_super: Helper to initialise a new superblock
1557 */
1558int get_tree_bdev(struct fs_context *fc,
1559 int (*fill_super)(struct super_block *,
1560 struct fs_context *))
1561{
1562 struct super_block *s;
1563 int error = 0;
1564 dev_t dev;
1565
1566 if (!fc->source)
1567 return invalf(fc, "No source specified");
1568
1569 error = lookup_bdev(pathname: fc->source, dev: &dev);
1570 if (error) {
1571 errorf(fc, "%s: Can't lookup blockdev", fc->source);
1572 return error;
1573 }
1574
1575 fc->sb_flags |= SB_NOSEC;
1576 s = sget_dev(fc, dev);
1577 if (IS_ERR(ptr: s))
1578 return PTR_ERR(ptr: s);
1579
1580 if (s->s_root) {
1581 /* Don't summarily change the RO/RW state. */
1582 if ((fc->sb_flags ^ s->s_flags) & SB_RDONLY) {
1583 warnf(fc, "%pg: Can't mount, would change RO state", s->s_bdev);
1584 deactivate_locked_super(s);
1585 return -EBUSY;
1586 }
1587 } else {
1588 /*
1589 * We drop s_umount here because we need to open the bdev and
1590 * bdev->open_mutex ranks above s_umount (blkdev_put() ->
1591 * bdev_mark_dead()). It is safe because we have active sb
1592 * reference and SB_BORN is not set yet.
1593 */
1594 super_unlock_excl(sb: s);
1595 error = setup_bdev_super(s, fc->sb_flags, fc);
1596 __super_lock_excl(sb: s);
1597 if (!error)
1598 error = fill_super(s, fc);
1599 if (error) {
1600 deactivate_locked_super(s);
1601 return error;
1602 }
1603 s->s_flags |= SB_ACTIVE;
1604 }
1605
1606 BUG_ON(fc->root);
1607 fc->root = dget(dentry: s->s_root);
1608 return 0;
1609}
1610EXPORT_SYMBOL(get_tree_bdev);
1611
1612static int test_bdev_super(struct super_block *s, void *data)
1613{
1614 return !(s->s_iflags & SB_I_RETIRED) && s->s_dev == *(dev_t *)data;
1615}
1616
1617struct dentry *mount_bdev(struct file_system_type *fs_type,
1618 int flags, const char *dev_name, void *data,
1619 int (*fill_super)(struct super_block *, void *, int))
1620{
1621 struct super_block *s;
1622 int error;
1623 dev_t dev;
1624
1625 error = lookup_bdev(pathname: dev_name, dev: &dev);
1626 if (error)
1627 return ERR_PTR(error);
1628
1629 flags |= SB_NOSEC;
1630 s = sget(fs_type, test_bdev_super, set_bdev_super, flags, &dev);
1631 if (IS_ERR(ptr: s))
1632 return ERR_CAST(ptr: s);
1633
1634 if (s->s_root) {
1635 if ((flags ^ s->s_flags) & SB_RDONLY) {
1636 deactivate_locked_super(s);
1637 return ERR_PTR(error: -EBUSY);
1638 }
1639 } else {
1640 /*
1641 * We drop s_umount here because we need to open the bdev and
1642 * bdev->open_mutex ranks above s_umount (blkdev_put() ->
1643 * bdev_mark_dead()). It is safe because we have active sb
1644 * reference and SB_BORN is not set yet.
1645 */
1646 super_unlock_excl(sb: s);
1647 error = setup_bdev_super(s, flags, NULL);
1648 __super_lock_excl(sb: s);
1649 if (!error)
1650 error = fill_super(s, data, flags & SB_SILENT ? 1 : 0);
1651 if (error) {
1652 deactivate_locked_super(s);
1653 return ERR_PTR(error);
1654 }
1655
1656 s->s_flags |= SB_ACTIVE;
1657 }
1658
1659 return dget(dentry: s->s_root);
1660}
1661EXPORT_SYMBOL(mount_bdev);
1662
1663void kill_block_super(struct super_block *sb)
1664{
1665 struct block_device *bdev = sb->s_bdev;
1666
1667 generic_shutdown_super(sb);
1668 if (bdev) {
1669 sync_blockdev(bdev);
1670 bdev_release(handle: sb->s_bdev_handle);
1671 }
1672}
1673
1674EXPORT_SYMBOL(kill_block_super);
1675#endif
1676
1677struct dentry *mount_nodev(struct file_system_type *fs_type,
1678 int flags, void *data,
1679 int (*fill_super)(struct super_block *, void *, int))
1680{
1681 int error;
1682 struct super_block *s = sget(fs_type, NULL, set_anon_super, flags, NULL);
1683
1684 if (IS_ERR(ptr: s))
1685 return ERR_CAST(ptr: s);
1686
1687 error = fill_super(s, data, flags & SB_SILENT ? 1 : 0);
1688 if (error) {
1689 deactivate_locked_super(s);
1690 return ERR_PTR(error);
1691 }
1692 s->s_flags |= SB_ACTIVE;
1693 return dget(dentry: s->s_root);
1694}
1695EXPORT_SYMBOL(mount_nodev);
1696
1697int reconfigure_single(struct super_block *s,
1698 int flags, void *data)
1699{
1700 struct fs_context *fc;
1701 int ret;
1702
1703 /* The caller really need to be passing fc down into mount_single(),
1704 * then a chunk of this can be removed. [Bollocks -- AV]
1705 * Better yet, reconfiguration shouldn't happen, but rather the second
1706 * mount should be rejected if the parameters are not compatible.
1707 */
1708 fc = fs_context_for_reconfigure(dentry: s->s_root, sb_flags: flags, MS_RMT_MASK);
1709 if (IS_ERR(ptr: fc))
1710 return PTR_ERR(ptr: fc);
1711
1712 ret = parse_monolithic_mount_data(fc, data);
1713 if (ret < 0)
1714 goto out;
1715
1716 ret = reconfigure_super(fc);
1717out:
1718 put_fs_context(fc);
1719 return ret;
1720}
1721
1722static int compare_single(struct super_block *s, void *p)
1723{
1724 return 1;
1725}
1726
1727struct dentry *mount_single(struct file_system_type *fs_type,
1728 int flags, void *data,
1729 int (*fill_super)(struct super_block *, void *, int))
1730{
1731 struct super_block *s;
1732 int error;
1733
1734 s = sget(fs_type, compare_single, set_anon_super, flags, NULL);
1735 if (IS_ERR(ptr: s))
1736 return ERR_CAST(ptr: s);
1737 if (!s->s_root) {
1738 error = fill_super(s, data, flags & SB_SILENT ? 1 : 0);
1739 if (!error)
1740 s->s_flags |= SB_ACTIVE;
1741 } else {
1742 error = reconfigure_single(s, flags, data);
1743 }
1744 if (unlikely(error)) {
1745 deactivate_locked_super(s);
1746 return ERR_PTR(error);
1747 }
1748 return dget(dentry: s->s_root);
1749}
1750EXPORT_SYMBOL(mount_single);
1751
1752/**
1753 * vfs_get_tree - Get the mountable root
1754 * @fc: The superblock configuration context.
1755 *
1756 * The filesystem is invoked to get or create a superblock which can then later
1757 * be used for mounting. The filesystem places a pointer to the root to be
1758 * used for mounting in @fc->root.
1759 */
1760int vfs_get_tree(struct fs_context *fc)
1761{
1762 struct super_block *sb;
1763 int error;
1764
1765 if (fc->root)
1766 return -EBUSY;
1767
1768 /* Get the mountable root in fc->root, with a ref on the root and a ref
1769 * on the superblock.
1770 */
1771 error = fc->ops->get_tree(fc);
1772 if (error < 0)
1773 return error;
1774
1775 if (!fc->root) {
1776 pr_err("Filesystem %s get_tree() didn't set fc->root\n",
1777 fc->fs_type->name);
1778 /* We don't know what the locking state of the superblock is -
1779 * if there is a superblock.
1780 */
1781 BUG();
1782 }
1783
1784 sb = fc->root->d_sb;
1785 WARN_ON(!sb->s_bdi);
1786
1787 /*
1788 * super_wake() contains a memory barrier which also care of
1789 * ordering for super_cache_count(). We place it before setting
1790 * SB_BORN as the data dependency between the two functions is
1791 * the superblock structure contents that we just set up, not
1792 * the SB_BORN flag.
1793 */
1794 super_wake(sb, SB_BORN);
1795
1796 error = security_sb_set_mnt_opts(sb, mnt_opts: fc->security, kern_flags: 0, NULL);
1797 if (unlikely(error)) {
1798 fc_drop_locked(fc);
1799 return error;
1800 }
1801
1802 /*
1803 * filesystems should never set s_maxbytes larger than MAX_LFS_FILESIZE
1804 * but s_maxbytes was an unsigned long long for many releases. Throw
1805 * this warning for a little while to try and catch filesystems that
1806 * violate this rule.
1807 */
1808 WARN((sb->s_maxbytes < 0), "%s set sb->s_maxbytes to "
1809 "negative value (%lld)\n", fc->fs_type->name, sb->s_maxbytes);
1810
1811 return 0;
1812}
1813EXPORT_SYMBOL(vfs_get_tree);
1814
1815/*
1816 * Setup private BDI for given superblock. It gets automatically cleaned up
1817 * in generic_shutdown_super().
1818 */
1819int super_setup_bdi_name(struct super_block *sb, char *fmt, ...)
1820{
1821 struct backing_dev_info *bdi;
1822 int err;
1823 va_list args;
1824
1825 bdi = bdi_alloc(NUMA_NO_NODE);
1826 if (!bdi)
1827 return -ENOMEM;
1828
1829 va_start(args, fmt);
1830 err = bdi_register_va(bdi, fmt, args);
1831 va_end(args);
1832 if (err) {
1833 bdi_put(bdi);
1834 return err;
1835 }
1836 WARN_ON(sb->s_bdi != &noop_backing_dev_info);
1837 sb->s_bdi = bdi;
1838 sb->s_iflags |= SB_I_PERSB_BDI;
1839
1840 return 0;
1841}
1842EXPORT_SYMBOL(super_setup_bdi_name);
1843
1844/*
1845 * Setup private BDI for given superblock. I gets automatically cleaned up
1846 * in generic_shutdown_super().
1847 */
1848int super_setup_bdi(struct super_block *sb)
1849{
1850 static atomic_long_t bdi_seq = ATOMIC_LONG_INIT(0);
1851
1852 return super_setup_bdi_name(sb, "%.28s-%ld", sb->s_type->name,
1853 atomic_long_inc_return(v: &bdi_seq));
1854}
1855EXPORT_SYMBOL(super_setup_bdi);
1856
1857/**
1858 * sb_wait_write - wait until all writers to given file system finish
1859 * @sb: the super for which we wait
1860 * @level: type of writers we wait for (normal vs page fault)
1861 *
1862 * This function waits until there are no writers of given type to given file
1863 * system.
1864 */
1865static void sb_wait_write(struct super_block *sb, int level)
1866{
1867 percpu_down_write(sb->s_writers.rw_sem + level-1);
1868}
1869
1870/*
1871 * We are going to return to userspace and forget about these locks, the
1872 * ownership goes to the caller of thaw_super() which does unlock().
1873 */
1874static void lockdep_sb_freeze_release(struct super_block *sb)
1875{
1876 int level;
1877
1878 for (level = SB_FREEZE_LEVELS - 1; level >= 0; level--)
1879 percpu_rwsem_release(sem: sb->s_writers.rw_sem + level, read: 0, _THIS_IP_);
1880}
1881
1882/*
1883 * Tell lockdep we are holding these locks before we call ->unfreeze_fs(sb).
1884 */
1885static void lockdep_sb_freeze_acquire(struct super_block *sb)
1886{
1887 int level;
1888
1889 for (level = 0; level < SB_FREEZE_LEVELS; ++level)
1890 percpu_rwsem_acquire(sem: sb->s_writers.rw_sem + level, read: 0, _THIS_IP_);
1891}
1892
1893static void sb_freeze_unlock(struct super_block *sb, int level)
1894{
1895 for (level--; level >= 0; level--)
1896 percpu_up_write(sb->s_writers.rw_sem + level);
1897}
1898
1899static int wait_for_partially_frozen(struct super_block *sb)
1900{
1901 int ret = 0;
1902
1903 do {
1904 unsigned short old = sb->s_writers.frozen;
1905
1906 up_write(sem: &sb->s_umount);
1907 ret = wait_var_event_killable(&sb->s_writers.frozen,
1908 sb->s_writers.frozen != old);
1909 down_write(sem: &sb->s_umount);
1910 } while (ret == 0 &&
1911 sb->s_writers.frozen != SB_UNFROZEN &&
1912 sb->s_writers.frozen != SB_FREEZE_COMPLETE);
1913
1914 return ret;
1915}
1916
1917/**
1918 * freeze_super - lock the filesystem and force it into a consistent state
1919 * @sb: the super to lock
1920 * @who: context that wants to freeze
1921 *
1922 * Syncs the super to make sure the filesystem is consistent and calls the fs's
1923 * freeze_fs. Subsequent calls to this without first thawing the fs may return
1924 * -EBUSY.
1925 *
1926 * @who should be:
1927 * * %FREEZE_HOLDER_USERSPACE if userspace wants to freeze the fs;
1928 * * %FREEZE_HOLDER_KERNEL if the kernel wants to freeze the fs.
1929 *
1930 * The @who argument distinguishes between the kernel and userspace trying to
1931 * freeze the filesystem. Although there cannot be multiple kernel freezes or
1932 * multiple userspace freezes in effect at any given time, the kernel and
1933 * userspace can both hold a filesystem frozen. The filesystem remains frozen
1934 * until there are no kernel or userspace freezes in effect.
1935 *
1936 * During this function, sb->s_writers.frozen goes through these values:
1937 *
1938 * SB_UNFROZEN: File system is normal, all writes progress as usual.
1939 *
1940 * SB_FREEZE_WRITE: The file system is in the process of being frozen. New
1941 * writes should be blocked, though page faults are still allowed. We wait for
1942 * all writes to complete and then proceed to the next stage.
1943 *
1944 * SB_FREEZE_PAGEFAULT: Freezing continues. Now also page faults are blocked
1945 * but internal fs threads can still modify the filesystem (although they
1946 * should not dirty new pages or inodes), writeback can run etc. After waiting
1947 * for all running page faults we sync the filesystem which will clean all
1948 * dirty pages and inodes (no new dirty pages or inodes can be created when
1949 * sync is running).
1950 *
1951 * SB_FREEZE_FS: The file system is frozen. Now all internal sources of fs
1952 * modification are blocked (e.g. XFS preallocation truncation on inode
1953 * reclaim). This is usually implemented by blocking new transactions for
1954 * filesystems that have them and need this additional guard. After all
1955 * internal writers are finished we call ->freeze_fs() to finish filesystem
1956 * freezing. Then we transition to SB_FREEZE_COMPLETE state. This state is
1957 * mostly auxiliary for filesystems to verify they do not modify frozen fs.
1958 *
1959 * sb->s_writers.frozen is protected by sb->s_umount.
1960 */
1961int freeze_super(struct super_block *sb, enum freeze_holder who)
1962{
1963 int ret;
1964
1965 atomic_inc(v: &sb->s_active);
1966 if (!super_lock_excl(sb))
1967 WARN(1, "Dying superblock while freezing!");
1968
1969retry:
1970 if (sb->s_writers.frozen == SB_FREEZE_COMPLETE) {
1971 if (sb->s_writers.freeze_holders & who) {
1972 deactivate_locked_super(sb);
1973 return -EBUSY;
1974 }
1975
1976 WARN_ON(sb->s_writers.freeze_holders == 0);
1977
1978 /*
1979 * Someone else already holds this type of freeze; share the
1980 * freeze and assign the active ref to the freeze.
1981 */
1982 sb->s_writers.freeze_holders |= who;
1983 super_unlock_excl(sb);
1984 return 0;
1985 }
1986
1987 if (sb->s_writers.frozen != SB_UNFROZEN) {
1988 ret = wait_for_partially_frozen(sb);
1989 if (ret) {
1990 deactivate_locked_super(sb);
1991 return ret;
1992 }
1993
1994 goto retry;
1995 }
1996
1997 if (!(sb->s_flags & SB_BORN)) {
1998 super_unlock_excl(sb);
1999 return 0; /* sic - it's "nothing to do" */
2000 }
2001
2002 if (sb_rdonly(sb)) {
2003 /* Nothing to do really... */
2004 sb->s_writers.freeze_holders |= who;
2005 sb->s_writers.frozen = SB_FREEZE_COMPLETE;
2006 wake_up_var(var: &sb->s_writers.frozen);
2007 super_unlock_excl(sb);
2008 return 0;
2009 }
2010
2011 sb->s_writers.frozen = SB_FREEZE_WRITE;
2012 /* Release s_umount to preserve sb_start_write -> s_umount ordering */
2013 super_unlock_excl(sb);
2014 sb_wait_write(sb, level: SB_FREEZE_WRITE);
2015 if (!super_lock_excl(sb))
2016 WARN(1, "Dying superblock while freezing!");
2017
2018 /* Now we go and block page faults... */
2019 sb->s_writers.frozen = SB_FREEZE_PAGEFAULT;
2020 sb_wait_write(sb, level: SB_FREEZE_PAGEFAULT);
2021
2022 /* All writers are done so after syncing there won't be dirty data */
2023 ret = sync_filesystem(sb);
2024 if (ret) {
2025 sb->s_writers.frozen = SB_UNFROZEN;
2026 sb_freeze_unlock(sb, level: SB_FREEZE_PAGEFAULT);
2027 wake_up_var(var: &sb->s_writers.frozen);
2028 deactivate_locked_super(sb);
2029 return ret;
2030 }
2031
2032 /* Now wait for internal filesystem counter */
2033 sb->s_writers.frozen = SB_FREEZE_FS;
2034 sb_wait_write(sb, level: SB_FREEZE_FS);
2035
2036 if (sb->s_op->freeze_fs) {
2037 ret = sb->s_op->freeze_fs(sb);
2038 if (ret) {
2039 printk(KERN_ERR
2040 "VFS:Filesystem freeze failed\n");
2041 sb->s_writers.frozen = SB_UNFROZEN;
2042 sb_freeze_unlock(sb, level: SB_FREEZE_FS);
2043 wake_up_var(var: &sb->s_writers.frozen);
2044 deactivate_locked_super(sb);
2045 return ret;
2046 }
2047 }
2048 /*
2049 * For debugging purposes so that fs can warn if it sees write activity
2050 * when frozen is set to SB_FREEZE_COMPLETE, and for thaw_super().
2051 */
2052 sb->s_writers.freeze_holders |= who;
2053 sb->s_writers.frozen = SB_FREEZE_COMPLETE;
2054 wake_up_var(var: &sb->s_writers.frozen);
2055 lockdep_sb_freeze_release(sb);
2056 super_unlock_excl(sb);
2057 return 0;
2058}
2059EXPORT_SYMBOL(freeze_super);
2060
2061/*
2062 * Undoes the effect of a freeze_super_locked call. If the filesystem is
2063 * frozen both by userspace and the kernel, a thaw call from either source
2064 * removes that state without releasing the other state or unlocking the
2065 * filesystem.
2066 */
2067static int thaw_super_locked(struct super_block *sb, enum freeze_holder who)
2068{
2069 int error;
2070
2071 if (sb->s_writers.frozen == SB_FREEZE_COMPLETE) {
2072 if (!(sb->s_writers.freeze_holders & who)) {
2073 super_unlock_excl(sb);
2074 return -EINVAL;
2075 }
2076
2077 /*
2078 * Freeze is shared with someone else. Release our hold and
2079 * drop the active ref that freeze_super assigned to the
2080 * freezer.
2081 */
2082 if (sb->s_writers.freeze_holders & ~who) {
2083 sb->s_writers.freeze_holders &= ~who;
2084 deactivate_locked_super(sb);
2085 return 0;
2086 }
2087 } else {
2088 super_unlock_excl(sb);
2089 return -EINVAL;
2090 }
2091
2092 if (sb_rdonly(sb)) {
2093 sb->s_writers.freeze_holders &= ~who;
2094 sb->s_writers.frozen = SB_UNFROZEN;
2095 wake_up_var(var: &sb->s_writers.frozen);
2096 goto out;
2097 }
2098
2099 lockdep_sb_freeze_acquire(sb);
2100
2101 if (sb->s_op->unfreeze_fs) {
2102 error = sb->s_op->unfreeze_fs(sb);
2103 if (error) {
2104 printk(KERN_ERR "VFS:Filesystem thaw failed\n");
2105 lockdep_sb_freeze_release(sb);
2106 super_unlock_excl(sb);
2107 return error;
2108 }
2109 }
2110
2111 sb->s_writers.freeze_holders &= ~who;
2112 sb->s_writers.frozen = SB_UNFROZEN;
2113 wake_up_var(var: &sb->s_writers.frozen);
2114 sb_freeze_unlock(sb, level: SB_FREEZE_FS);
2115out:
2116 deactivate_locked_super(sb);
2117 return 0;
2118}
2119
2120/**
2121 * thaw_super -- unlock filesystem
2122 * @sb: the super to thaw
2123 * @who: context that wants to freeze
2124 *
2125 * Unlocks the filesystem and marks it writeable again after freeze_super()
2126 * if there are no remaining freezes on the filesystem.
2127 *
2128 * @who should be:
2129 * * %FREEZE_HOLDER_USERSPACE if userspace wants to thaw the fs;
2130 * * %FREEZE_HOLDER_KERNEL if the kernel wants to thaw the fs.
2131 */
2132int thaw_super(struct super_block *sb, enum freeze_holder who)
2133{
2134 if (!super_lock_excl(sb))
2135 WARN(1, "Dying superblock while thawing!");
2136 return thaw_super_locked(sb, who);
2137}
2138EXPORT_SYMBOL(thaw_super);
2139
2140/*
2141 * Create workqueue for deferred direct IO completions. We allocate the
2142 * workqueue when it's first needed. This avoids creating workqueue for
2143 * filesystems that don't need it and also allows us to create the workqueue
2144 * late enough so the we can include s_id in the name of the workqueue.
2145 */
2146int sb_init_dio_done_wq(struct super_block *sb)
2147{
2148 struct workqueue_struct *old;
2149 struct workqueue_struct *wq = alloc_workqueue(fmt: "dio/%s",
2150 flags: WQ_MEM_RECLAIM, max_active: 0,
2151 sb->s_id);
2152 if (!wq)
2153 return -ENOMEM;
2154 /*
2155 * This has to be atomic as more DIOs can race to create the workqueue
2156 */
2157 old = cmpxchg(&sb->s_dio_done_wq, NULL, wq);
2158 /* Someone created workqueue before us? Free ours... */
2159 if (old)
2160 destroy_workqueue(wq);
2161 return 0;
2162}
2163EXPORT_SYMBOL_GPL(sb_init_dio_done_wq);
2164

source code of linux/fs/super.c