file.c source code [linux/fs/ubifs/file.c]

1	// SPDX-License-Identifier: GPL-2.0-only
2	/*
3	* This file is part of UBIFS.
4	*
5	* Copyright (C) 2006-2008 Nokia Corporation.
6	*
7	* Authors: Artem Bityutskiy (Битюцкий Артём)
8	* Adrian Hunter
9	*/
10
11	/*
12	* This file implements VFS file and inode operations for regular files, device
13	* nodes and symlinks as well as address space operations.
14	*
15	* UBIFS uses 2 page flags: @PG_private and @PG_checked. @PG_private is set if
16	* the page is dirty and is used for optimization purposes - dirty pages are
17	* not budgeted so the flag shows that 'ubifs_write_end()' should not release
18	* the budget for this page. The @PG_checked flag is set if full budgeting is
19	* required for the page e.g., when it corresponds to a file hole or it is
20	* beyond the file size. The budgeting is done in 'ubifs_write_begin()', because
21	* it is OK to fail in this function, and the budget is released in
22	* 'ubifs_write_end()'. So the @PG_private and @PG_checked flags carry
23	* information about how the page was budgeted, to make it possible to release
24	* the budget properly.
25	*
26	* A thing to keep in mind: inode @i_mutex is locked in most VFS operations we
27	* implement. However, this is not true for 'ubifs_writepage()', which may be
28	* called with @i_mutex unlocked. For example, when flusher thread is doing
29	* background write-back, it calls 'ubifs_writepage()' with unlocked @i_mutex.
30	* At "normal" work-paths the @i_mutex is locked in 'ubifs_writepage()', e.g.
31	* in the "sys_write -> alloc_pages -> direct reclaim path". So, in
32	* 'ubifs_writepage()' we are only guaranteed that the page is locked.
33	*
34	* Similarly, @i_mutex is not always locked in 'ubifs_read_folio()', e.g., the
35	* read-ahead path does not lock it ("sys_read -> generic_file_aio_read ->
36	* ondemand_readahead -> read_folio"). In case of readahead, @I_SYNC flag is not
37	* set as well. However, UBIFS disables readahead.
38	*/
39
40	#include "ubifs.h"
41	#include <linux/mount.h>
42	#include <linux/slab.h>
43	#include <linux/migrate.h>
44
45	static int read_block(struct inode inode, void* addr, unsigned* int block,
46	struct ubifs_data_node *dn)
47	{
48	struct ubifs_info *c = inode->i_sb->s_fs_info;
49	int err, len, out_len;
50	union ubifs_key key;
51	unsigned int dlen;
52
53	data_key_init(c, key: &key, inum: inode->i_ino, block);
54	err = ubifs_tnc_lookup(c, key: &key, node: dn);
55	if (err) {
56	if (err == -ENOENT)
57	/ Not found, so it must be a hole /
58	memset(addr, `0`, UBIFS_BLOCK_SIZE);
59	return err;
60	}
61
62	ubifs_assert(c, le64_to_cpu(dn->ch.sqnum) >
63	ubifs_inode(inode)->creat_sqnum);
64	len = le32_to_cpu(dn->size);
65	if (len <= `0` \|\| len > UBIFS_BLOCK_SIZE)
66	goto dump;
67
68	dlen = le32_to_cpu(dn->ch.len) - UBIFS_DATA_NODE_SZ;
69
70	if (IS_ENCRYPTED(inode)) {
71	err = ubifs_decrypt(inode, dn, out_len: &dlen, block);
72	if (err)
73	goto dump;
74	}
75
76	out_len = UBIFS_BLOCK_SIZE;
77	err = ubifs_decompress(c, buf: &dn->data, len: dlen, out: addr, out_len: &out_len,
78	le16_to_cpu(dn->compr_type));
79	if (err \|\| len != out_len)
80	goto dump;
81
82	/*
83	* Data length can be less than a full block, even for blocks that are
84	* not the last in the file (e.g., as a result of making a hole and
85	* appending data). Ensure that the remainder is zeroed out.
86	*/
87	if (len < UBIFS_BLOCK_SIZE)
88	memset(addr + len, `0`, UBIFS_BLOCK_SIZE - len);
89
90	return `0`;
91
92	dump:
93	ubifs_err(c, fmt: "bad data node (block %u, inode %lu)",
94	block, inode->i_ino);
95	ubifs_dump_node(c, node: dn, UBIFS_MAX_DATA_NODE_SZ);
96	return -EINVAL;
97	}
98
99	static int do_readpage(struct folio *folio)
100	{
101	void *addr;
102	int err = `0`, i;
103	unsigned int block, beyond;
104	struct ubifs_data_node *dn = NULL;
105	struct inode *inode = folio->mapping->host;
106	struct ubifs_info *c = inode->i_sb->s_fs_info;
107	loff_t i_size = i_size_read(inode);
108
109	dbg_gen("ino %lu, pg %lu, i_size %lld, flags %#lx",
110	inode->i_ino, folio->index, i_size, folio->flags);
111	ubifs_assert(c, !folio_test_checked(folio));
112	ubifs_assert(c, !folio->private);
113
114	addr = kmap_local_folio(folio, offset: `0`);
115
116	block = folio->index << UBIFS_BLOCKS_PER_PAGE_SHIFT;
117	beyond = (i_size + UBIFS_BLOCK_SIZE - `1`) >> UBIFS_BLOCK_SHIFT;
118	if (block >= beyond) {
119	/ Reading beyond inode /
120	folio_set_checked(folio);
121	addr = folio_zero_tail(folio, offset: `0`, kaddr: addr);
122	goto out;
123	}
124
125	dn = kmalloc(UBIFS_MAX_DATA_NODE_SZ, GFP_NOFS);
126	if (!dn) {
127	err = -ENOMEM;
128	goto out;
129	}
130
131	i = `0`;
132	while (`1`) {
133	int ret;
134
135	if (block >= beyond) {
136	/ Reading beyond inode /
137	err = -ENOENT;
138	memset(addr, `0`, UBIFS_BLOCK_SIZE);
139	} else {
140	ret = read_block(inode, addr, block, dn);
141	if (ret) {
142	err = ret;
143	if (err != -ENOENT)
144	break;
145	} else if (block + `1` == beyond) {
146	int dlen = le32_to_cpu(dn->size);
147	int ilen = i_size & (UBIFS_BLOCK_SIZE - `1`);
148
149	if (ilen && ilen < dlen)
150	memset(addr + ilen, `0`, dlen - ilen);
151	}
152	}
153	if (++i >= (UBIFS_BLOCKS_PER_PAGE << folio_order(folio)))
154	break;
155	block += `1`;
156	addr += UBIFS_BLOCK_SIZE;
157	if (folio_test_highmem(folio) && (offset_in_page(addr) == `0`)) {
158	kunmap_local(addr - UBIFS_BLOCK_SIZE);
159	addr = kmap_local_folio(folio, offset: i * UBIFS_BLOCK_SIZE);
160	}
161	}
162
163	if (err) {
164	struct ubifs_info *c = inode->i_sb->s_fs_info;
165	if (err == -ENOENT) {
166	/ Not found, so it must be a hole /
167	folio_set_checked(folio);
168	dbg_gen("hole");
169	err = `0`;
170	} else {
171	ubifs_err(c, fmt: "cannot read page %lu of inode %lu, error %d",
172	folio->index, inode->i_ino, err);
173	}
174	}
175
176	out:
177	kfree(objp: dn);
178	if (!err)
179	folio_mark_uptodate(folio);
180	flush_dcache_folio(folio);
181	kunmap_local(addr);
182	return err;
183	}
184
185	/**
186	* release_new_page_budget - release budget of a new page.
187	* @c: UBIFS file-system description object
188	*
189	* This is a helper function which releases budget corresponding to the budget
190	* of one new page of data.
191	*/
192	static void release_new_page_budget(struct ubifs_info *c)
193	{
194	struct ubifs_budget_req req = { .recalculate = `1`, .new_page = `1` };
195
196	ubifs_release_budget(c, req: &req);
197	}
198
199	/**
200	* release_existing_page_budget - release budget of an existing page.
201	* @c: UBIFS file-system description object
202	*
203	* This is a helper function which releases budget corresponding to the budget
204	* of changing one page of data which already exists on the flash media.
205	*/
206	static void release_existing_page_budget(struct ubifs_info *c)
207	{
208	struct ubifs_budget_req req = { .dd_growth = c->bi.page_budget};
209
210	ubifs_release_budget(c, req: &req);
211	}
212
213	static int write_begin_slow(struct address_space *mapping,
214	loff_t pos, unsigned len, struct page **pagep)
215	{
216	struct inode *inode = mapping->host;
217	struct ubifs_info *c = inode->i_sb->s_fs_info;
218	pgoff_t index = pos >> PAGE_SHIFT;
219	struct ubifs_budget_req req = { .new_page = `1` };
220	int err, appending = !!(pos + len > inode->i_size);
221	struct folio *folio;
222
223	dbg_gen("ino %lu, pos %llu, len %u, i_size %lld",
224	inode->i_ino, pos, len, inode->i_size);
225
226	/*
227	* At the slow path we have to budget before locking the folio, because
228	* budgeting may force write-back, which would wait on locked folios and
229	* deadlock if we had the folio locked. At this point we do not know
230	* anything about the folio, so assume that this is a new folio which is
231	* written to a hole. This corresponds to largest budget. Later the
232	* budget will be amended if this is not true.
233	*/
234	if (appending)
235	/ We are appending data, budget for inode change /
236	req.dirtied_ino = `1`;
237
238	err = ubifs_budget_space(c, req: &req);
239	if (unlikely(err))
240	return err;
241
242	folio = __filemap_get_folio(mapping, index, FGP_WRITEBEGIN,
243	gfp: mapping_gfp_mask(mapping));
244	if (IS_ERR(ptr: folio)) {
245	ubifs_release_budget(c, req: &req);
246	return PTR_ERR(ptr: folio);
247	}
248
249	if (!folio_test_uptodate(folio)) {
250	if (pos == folio_pos(folio) && len >= folio_size(folio))
251	folio_set_checked(folio);
252	else {
253	err = do_readpage(folio);
254	if (err) {
255	folio_unlock(folio);
256	folio_put(folio);
257	ubifs_release_budget(c, req: &req);
258	return err;
259	}
260	}
261	}
262
263	if (folio->private)
264	/*
265	* The folio is dirty, which means it was budgeted twice:
266	* o first time the budget was allocated by the task which
267	* made the folio dirty and set the private field;
268	* o and then we budgeted for it for the second time at the
269	* very beginning of this function.
270	*
271	* So what we have to do is to release the folio budget we
272	* allocated.
273	*/
274	release_new_page_budget(c);
275	else if (!folio_test_checked(folio))
276	/*
277	* We are changing a folio which already exists on the media.
278	* This means that changing the folio does not make the amount
279	* of indexing information larger, and this part of the budget
280	* which we have already acquired may be released.
281	*/
282	ubifs_convert_page_budget(c);
283
284	if (appending) {
285	struct ubifs_inode *ui = ubifs_inode(inode);
286
287	/*
288	* 'ubifs_write_end()' is optimized from the fast-path part of
289	* 'ubifs_write_begin()' and expects the @ui_mutex to be locked
290	* if data is appended.
291	*/
292	mutex_lock(&ui->ui_mutex);
293	if (ui->dirty)
294	/*
295	* The inode is dirty already, so we may free the
296	* budget we allocated.
297	*/
298	ubifs_release_dirty_inode_budget(c, ui);
299	}
300
301	*pagep = &folio->page;
302	return `0`;
303	}
304
305	/**
306	* allocate_budget - allocate budget for 'ubifs_write_begin()'.
307	* @c: UBIFS file-system description object
308	* @folio: folio to allocate budget for
309	* @ui: UBIFS inode object the page belongs to
310	* @appending: non-zero if the page is appended
311	*
312	* This is a helper function for 'ubifs_write_begin()' which allocates budget
313	* for the operation. The budget is allocated differently depending on whether
314	* this is appending, whether the page is dirty or not, and so on. This
315	* function leaves the @ui->ui_mutex locked in case of appending.
316	*
317	* Returns: %0 in case of success and %-ENOSPC in case of failure.
318	*/
319	static int allocate_budget(struct ubifs_info c, struct* folio *folio,
320	struct ubifs_inode ui, int* appending)
321	{
322	struct ubifs_budget_req req = { .fast = `1` };
323
324	if (folio->private) {
325	if (!appending)
326	/*
327	* The folio is dirty and we are not appending, which
328	* means no budget is needed at all.
329	*/
330	return `0`;
331
332	mutex_lock(&ui->ui_mutex);
333	if (ui->dirty)
334	/*
335	* The page is dirty and we are appending, so the inode
336	* has to be marked as dirty. However, it is already
337	* dirty, so we do not need any budget. We may return,
338	* but @ui->ui_mutex hast to be left locked because we
339	* should prevent write-back from flushing the inode
340	* and freeing the budget. The lock will be released in
341	* 'ubifs_write_end()'.
342	*/
343	return `0`;
344
345	/*
346	* The page is dirty, we are appending, the inode is clean, so
347	* we need to budget the inode change.
348	*/
349	req.dirtied_ino = `1`;
350	} else {
351	if (folio_test_checked(folio))
352	/*
353	* The page corresponds to a hole and does not
354	* exist on the media. So changing it makes
355	* the amount of indexing information
356	* larger, and we have to budget for a new
357	* page.
358	*/
359	req.new_page = `1`;
360	else
361	/*
362	* Not a hole, the change will not add any new
363	* indexing information, budget for page
364	* change.
365	*/
366	req.dirtied_page = `1`;
367
368	if (appending) {
369	mutex_lock(&ui->ui_mutex);
370	if (!ui->dirty)
371	/*
372	* The inode is clean but we will have to mark
373	* it as dirty because we are appending. This
374	* needs a budget.
375	*/
376	req.dirtied_ino = `1`;
377	}
378	}
379
380	return ubifs_budget_space(c, req: &req);
381	}
382
383	/*
384	* This function is called when a page of data is going to be written. Since
385	* the page of data will not necessarily go to the flash straight away, UBIFS
386	* has to reserve space on the media for it, which is done by means of
387	* budgeting.
388	*
389	* This is the hot-path of the file-system and we are trying to optimize it as
390	* much as possible. For this reasons it is split on 2 parts - slow and fast.
391	*
392	* There many budgeting cases:
393	* o a new page is appended - we have to budget for a new page and for
394	* changing the inode; however, if the inode is already dirty, there is
395	* no need to budget for it;
396	* o an existing clean page is changed - we have budget for it; if the page
397	* does not exist on the media (a hole), we have to budget for a new
398	* page; otherwise, we may budget for changing an existing page; the
399	* difference between these cases is that changing an existing page does
400	* not introduce anything new to the FS indexing information, so it does
401	* not grow, and smaller budget is acquired in this case;
402	* o an existing dirty page is changed - no need to budget at all, because
403	* the page budget has been acquired by earlier, when the page has been
404	* marked dirty.
405	*
406	* UBIFS budgeting sub-system may force write-back if it thinks there is no
407	* space to reserve. This imposes some locking restrictions and makes it
408	* impossible to take into account the above cases, and makes it impossible to
409	* optimize budgeting.
410	*
411	* The solution for this is that the fast path of 'ubifs_write_begin()' assumes
412	* there is a plenty of flash space and the budget will be acquired quickly,
413	* without forcing write-back. The slow path does not make this assumption.
414	*/
415	static int ubifs_write_begin(struct file file, struct* address_space *mapping,
416	loff_t pos, unsigned len,
417	struct page *pagep, void* **fsdata)
418	{
419	struct inode *inode = mapping->host;
420	struct ubifs_info *c = inode->i_sb->s_fs_info;
421	struct ubifs_inode *ui = ubifs_inode(inode);
422	pgoff_t index = pos >> PAGE_SHIFT;
423	int err, appending = !!(pos + len > inode->i_size);
424	int skipped_read = `0`;
425	struct folio *folio;
426
427	ubifs_assert(c, ubifs_inode(inode)->ui_size == inode->i_size);
428	ubifs_assert(c, !c->ro_media && !c->ro_mount);
429
430	if (unlikely(c->ro_error))
431	return -EROFS;
432
433	/ Try out the fast-path part first /
434	folio = __filemap_get_folio(mapping, index, FGP_WRITEBEGIN,
435	gfp: mapping_gfp_mask(mapping));
436	if (IS_ERR(ptr: folio))
437	return PTR_ERR(ptr: folio);
438
439	if (!folio_test_uptodate(folio)) {
440	/ The page is not loaded from the flash /
441	if (pos == folio_pos(folio) && len >= folio_size(folio)) {
442	/*
443	* We change whole page so no need to load it. But we
444	* do not know whether this page exists on the media or
445	* not, so we assume the latter because it requires
446	* larger budget. The assumption is that it is better
447	* to budget a bit more than to read the page from the
448	* media. Thus, we are setting the @PG_checked flag
449	* here.
450	*/
451	folio_set_checked(folio);
452	skipped_read = `1`;
453	} else {
454	err = do_readpage(folio);
455	if (err) {
456	folio_unlock(folio);
457	folio_put(folio);
458	return err;
459	}
460	}
461	}
462
463	err = allocate_budget(c, folio, ui, appending);
464	if (unlikely(err)) {
465	ubifs_assert(c, err == -ENOSPC);
466	/*
467	* If we skipped reading the page because we were going to
468	* write all of it, then it is not up to date.
469	*/
470	if (skipped_read)
471	folio_clear_checked(folio);
472	/*
473	* Budgeting failed which means it would have to force
474	* write-back but didn't, because we set the @fast flag in the
475	* request. Write-back cannot be done now, while we have the
476	* page locked, because it would deadlock. Unlock and free
477	* everything and fall-back to slow-path.
478	*/
479	if (appending) {
480	ubifs_assert(c, mutex_is_locked(&ui->ui_mutex));
481	mutex_unlock(lock: &ui->ui_mutex);
482	}
483	folio_unlock(folio);
484	folio_put(folio);
485
486	return write_begin_slow(mapping, pos, len, pagep);
487	}
488
489	/*
490	* Whee, we acquired budgeting quickly - without involving
491	* garbage-collection, committing or forcing write-back. We return
492	* with @ui->ui_mutex locked if we are appending pages, and unlocked
493	* otherwise. This is an optimization (slightly hacky though).
494	*/
495	*pagep = &folio->page;
496	return `0`;
497	}
498
499	/**
500	* cancel_budget - cancel budget.
501	* @c: UBIFS file-system description object
502	* @folio: folio to cancel budget for
503	* @ui: UBIFS inode object the page belongs to
504	* @appending: non-zero if the page is appended
505	*
506	* This is a helper function for a page write operation. It unlocks the
507	* @ui->ui_mutex in case of appending.
508	*/
509	static void cancel_budget(struct ubifs_info c, struct* folio *folio,
510	struct ubifs_inode ui, int* appending)
511	{
512	if (appending) {
513	if (!ui->dirty)
514	ubifs_release_dirty_inode_budget(c, ui);
515	mutex_unlock(lock: &ui->ui_mutex);
516	}
517	if (!folio->private) {
518	if (folio_test_checked(folio))
519	release_new_page_budget(c);
520	else
521	release_existing_page_budget(c);
522	}
523	}
524
525	static int ubifs_write_end(struct file file, struct* address_space *mapping,
526	loff_t pos, unsigned len, unsigned copied,
527	struct page page, void* *fsdata)
528	{
529	struct folio *folio = page_folio(page);
530	struct inode *inode = mapping->host;
531	struct ubifs_inode *ui = ubifs_inode(inode);
532	struct ubifs_info *c = inode->i_sb->s_fs_info;
533	loff_t end_pos = pos + len;
534	int appending = !!(end_pos > inode->i_size);
535
536	dbg_gen("ino %lu, pos %llu, pg %lu, len %u, copied %d, i_size %lld",
537	inode->i_ino, pos, folio->index, len, copied, inode->i_size);
538
539	if (unlikely(copied < len && !folio_test_uptodate(folio))) {
540	/*
541	* VFS copied less data to the folio than it intended and
542	* declared in its '->write_begin()' call via the @len
543	* argument. If the folio was not up-to-date,
544	* the 'ubifs_write_begin()' function did
545	* not load it from the media (for optimization reasons). This
546	* means that part of the folio contains garbage. So read the
547	* folio now.
548	*/
549	dbg_gen("copied %d instead of %d, read page and repeat",
550	copied, len);
551	cancel_budget(c, folio, ui, appending);
552	folio_clear_checked(folio);
553
554	/*
555	* Return 0 to force VFS to repeat the whole operation, or the
556	* error code if 'do_readpage()' fails.
557	*/
558	copied = do_readpage(folio);
559	goto out;
560	}
561
562	if (len == folio_size(folio))
563	folio_mark_uptodate(folio);
564
565	if (!folio->private) {
566	folio_attach_private(folio, data: (void *)`1`);
567	atomic_long_inc(v: &c->dirty_pg_cnt);
568	filemap_dirty_folio(mapping, folio);
569	}
570
571	if (appending) {
572	i_size_write(inode, i_size: end_pos);
573	ui->ui_size = end_pos;
574	/*
575	* We do not set @I_DIRTY_PAGES (which means that
576	* the inode has dirty pages), this was done in
577	* filemap_dirty_folio().
578	*/
579	__mark_inode_dirty(inode, I_DIRTY_DATASYNC);
580	ubifs_assert(c, mutex_is_locked(&ui->ui_mutex));
581	mutex_unlock(lock: &ui->ui_mutex);
582	}
583
584	out:
585	folio_unlock(folio);
586	folio_put(folio);
587	return copied;
588	}
589
590	/**
591	* populate_page - copy data nodes into a page for bulk-read.
592	* @c: UBIFS file-system description object
593	* @folio: folio
594	* @bu: bulk-read information
595	* @n: next zbranch slot
596	*
597	* Returns: %0 on success and a negative error code on failure.
598	*/
599	static int populate_page(struct ubifs_info c, struct* folio *folio,
600	struct bu_info bu, int* *n)
601	{
602	int i = `0`, nn = *n, offs = bu->zbranch[`0`].offs, hole = `0`, read = `0`;
603	struct inode *inode = folio->mapping->host;
604	loff_t i_size = i_size_read(inode);
605	unsigned int page_block;
606	void addr, zaddr;
607	pgoff_t end_index;
608
609	dbg_gen("ino %lu, pg %lu, i_size %lld, flags %#lx",
610	inode->i_ino, folio->index, i_size, folio->flags);
611
612	addr = zaddr = kmap_local_folio(folio, offset: `0`);
613
614	end_index = (i_size - `1`) >> PAGE_SHIFT;
615	if (!i_size \|\| folio->index > end_index) {
616	hole = `1`;
617	addr = folio_zero_tail(folio, offset: `0`, kaddr: addr);
618	goto out_hole;
619	}
620
621	page_block = folio->index << UBIFS_BLOCKS_PER_PAGE_SHIFT;
622	while (`1`) {
623	int err, len, out_len, dlen;
624
625	if (nn >= bu->cnt) {
626	hole = `1`;
627	memset(addr, `0`, UBIFS_BLOCK_SIZE);
628	} else if (key_block(c, key: &bu->zbranch[nn].key) == page_block) {
629	struct ubifs_data_node *dn;
630
631	dn = bu->buf + (bu->zbranch[nn].offs - offs);
632
633	ubifs_assert(c, le64_to_cpu(dn->ch.sqnum) >
634	ubifs_inode(inode)->creat_sqnum);
635
636	len = le32_to_cpu(dn->size);
637	if (len <= `0` \|\| len > UBIFS_BLOCK_SIZE)
638	goto out_err;
639
640	dlen = le32_to_cpu(dn->ch.len) - UBIFS_DATA_NODE_SZ;
641	out_len = UBIFS_BLOCK_SIZE;
642
643	if (IS_ENCRYPTED(inode)) {
644	err = ubifs_decrypt(inode, dn, out_len: &dlen, block: page_block);
645	if (err)
646	goto out_err;
647	}
648
649	err = ubifs_decompress(c, buf: &dn->data, len: dlen, out: addr, out_len: &out_len,
650	le16_to_cpu(dn->compr_type));
651	if (err \|\| len != out_len)
652	goto out_err;
653
654	if (len < UBIFS_BLOCK_SIZE)
655	memset(addr + len, `0`, UBIFS_BLOCK_SIZE - len);
656
657	nn += `1`;
658	read = (i << UBIFS_BLOCK_SHIFT) + len;
659	} else if (key_block(c, key: &bu->zbranch[nn].key) < page_block) {
660	nn += `1`;
661	continue;
662	} else {
663	hole = `1`;
664	memset(addr, `0`, UBIFS_BLOCK_SIZE);
665	}
666	if (++i >= UBIFS_BLOCKS_PER_PAGE)
667	break;
668	addr += UBIFS_BLOCK_SIZE;
669	page_block += `1`;
670	if (folio_test_highmem(folio) && (offset_in_page(addr) == `0`)) {
671	kunmap_local(addr - UBIFS_BLOCK_SIZE);
672	addr = kmap_local_folio(folio, offset: i * UBIFS_BLOCK_SIZE);
673	}
674	}
675
676	if (end_index == folio->index) {
677	int len = i_size & (PAGE_SIZE - `1`);
678
679	if (len && len < read)
680	memset(zaddr + len, `0`, read - len);
681	}
682
683	out_hole:
684	if (hole) {
685	folio_set_checked(folio);
686	dbg_gen("hole");
687	}
688
689	folio_mark_uptodate(folio);
690	flush_dcache_folio(folio);
691	kunmap_local(addr);
692	*n = nn;
693	return `0`;
694
695	out_err:
696	flush_dcache_folio(folio);
697	kunmap_local(addr);
698	ubifs_err(c, fmt: "bad data node (block %u, inode %lu)",
699	page_block, inode->i_ino);
700	return -EINVAL;
701	}
702
703	/**
704	* ubifs_do_bulk_read - do bulk-read.
705	* @c: UBIFS file-system description object
706	* @bu: bulk-read information
707	* @folio1: first folio to read
708	*
709	* Returns: %1 if the bulk-read is done, otherwise %0 is returned.
710	*/
711	static int ubifs_do_bulk_read(struct ubifs_info c, struct* bu_info *bu,
712	struct folio *folio1)
713	{
714	pgoff_t offset = folio1->index, end_index;
715	struct address_space *mapping = folio1->mapping;
716	struct inode *inode = mapping->host;
717	struct ubifs_inode *ui = ubifs_inode(inode);
718	int err, page_idx, page_cnt, ret = `0`, n = `0`;
719	int allocate = bu->buf ? `0` : `1`;
720	loff_t isize;
721	gfp_t ra_gfp_mask = readahead_gfp_mask(x: mapping) & ~__GFP_FS;
722
723	err = ubifs_tnc_get_bu_keys(c, bu);
724	if (err)
725	goto out_warn;
726
727	if (bu->eof) {
728	/ Turn off bulk-read at the end of the file /
729	ui->read_in_a_row = `1`;
730	ui->bulk_read = `0`;
731	}
732
733	page_cnt = bu->blk_cnt >> UBIFS_BLOCKS_PER_PAGE_SHIFT;
734	if (!page_cnt) {
735	/*
736	* This happens when there are multiple blocks per page and the
737	* blocks for the first page we are looking for, are not
738	* together. If all the pages were like this, bulk-read would
739	* reduce performance, so we turn it off for a while.
740	*/
741	goto out_bu_off;
742	}
743
744	if (bu->cnt) {
745	if (allocate) {
746	/*
747	* Allocate bulk-read buffer depending on how many data
748	* nodes we are going to read.
749	*/
750	bu->buf_len = bu->zbranch[bu->cnt - `1`].offs +
751	bu->zbranch[bu->cnt - `1`].len -
752	bu->zbranch[`0`].offs;
753	ubifs_assert(c, bu->buf_len > `0`);
754	ubifs_assert(c, bu->buf_len <= c->leb_size);
755	bu->buf = kmalloc(size: bu->buf_len, GFP_NOFS \| __GFP_NOWARN);
756	if (!bu->buf)
757	goto out_bu_off;
758	}
759
760	err = ubifs_tnc_bulk_read(c, bu);
761	if (err)
762	goto out_warn;
763	}
764
765	err = populate_page(c, folio: folio1, bu, n: &n);
766	if (err)
767	goto out_warn;
768
769	folio_unlock(folio: folio1);
770	ret = `1`;
771
772	isize = i_size_read(inode);
773	if (isize == `0`)
774	goto out_free;
775	end_index = ((isize - `1`) >> PAGE_SHIFT);
776
777	for (page_idx = `1`; page_idx < page_cnt; page_idx++) {
778	pgoff_t page_offset = offset + page_idx;
779	struct folio *folio;
780
781	if (page_offset > end_index)
782	break;
783	folio = __filemap_get_folio(mapping, index: page_offset,
784	FGP_LOCK\|FGP_ACCESSED\|FGP_CREAT\|FGP_NOWAIT,
785	gfp: ra_gfp_mask);
786	if (IS_ERR(ptr: folio))
787	break;
788	if (!folio_test_uptodate(folio))
789	err = populate_page(c, folio, bu, n: &n);
790	folio_unlock(folio);
791	folio_put(folio);
792	if (err)
793	break;
794	}
795
796	ui->last_page_read = offset + page_idx - `1`;
797
798	out_free:
799	if (allocate)
800	kfree(objp: bu->buf);
801	return ret;
802
803	out_warn:
804	ubifs_warn(c, fmt: "ignoring error %d and skipping bulk-read", err);
805	goto out_free;
806
807	out_bu_off:
808	ui->read_in_a_row = ui->bulk_read = `0`;
809	goto out_free;
810	}
811
812	/**
813	* ubifs_bulk_read - determine whether to bulk-read and, if so, do it.
814	* @folio: folio from which to start bulk-read.
815	*
816	* Some flash media are capable of reading sequentially at faster rates. UBIFS
817	* bulk-read facility is designed to take advantage of that, by reading in one
818	* go consecutive data nodes that are also located consecutively in the same
819	* LEB.
820	*
821	* Returns: %1 if a bulk-read is done and %0 otherwise.
822	*/
823	static int ubifs_bulk_read(struct folio *folio)
824	{
825	struct inode *inode = folio->mapping->host;
826	struct ubifs_info *c = inode->i_sb->s_fs_info;
827	struct ubifs_inode *ui = ubifs_inode(inode);
828	pgoff_t index = folio->index, last_page_read = ui->last_page_read;
829	struct bu_info *bu;
830	int err = `0`, allocated = `0`;
831
832	ui->last_page_read = index;
833	if (!c->bulk_read)
834	return `0`;
835
836	/*
837	* Bulk-read is protected by @ui->ui_mutex, but it is an optimization,
838	* so don't bother if we cannot lock the mutex.
839	*/
840	if (!mutex_trylock(lock: &ui->ui_mutex))
841	return `0`;
842
843	if (index != last_page_read + `1`) {
844	/ Turn off bulk-read if we stop reading sequentially /
845	ui->read_in_a_row = `1`;
846	if (ui->bulk_read)
847	ui->bulk_read = `0`;
848	goto out_unlock;
849	}
850
851	if (!ui->bulk_read) {
852	ui->read_in_a_row += `1`;
853	if (ui->read_in_a_row < `3`)
854	goto out_unlock;
855	/ Three reads in a row, so switch on bulk-read /
856	ui->bulk_read = `1`;
857	}
858
859	/*
860	* If possible, try to use pre-allocated bulk-read information, which
861	* is protected by @c->bu_mutex.
862	*/
863	if (mutex_trylock(lock: &c->bu_mutex))
864	bu = &c->bu;
865	else {
866	bu = kmalloc(size: sizeof(struct bu_info), GFP_NOFS \| __GFP_NOWARN);
867	if (!bu)
868	goto out_unlock;
869
870	bu->buf = NULL;
871	allocated = `1`;
872	}
873
874	bu->buf_len = c->max_bu_buf_len;
875	data_key_init(c, key: &bu->key, inum: inode->i_ino,
876	block: folio->index << UBIFS_BLOCKS_PER_PAGE_SHIFT);
877	err = ubifs_do_bulk_read(c, bu, folio1: folio);
878
879	if (!allocated)
880	mutex_unlock(lock: &c->bu_mutex);
881	else
882	kfree(objp: bu);
883
884	out_unlock:
885	mutex_unlock(lock: &ui->ui_mutex);
886	return err;
887	}
888
889	static int ubifs_read_folio(struct file file, struct* folio *folio)
890	{
891	if (ubifs_bulk_read(folio))
892	return `0`;
893	do_readpage(folio);
894	folio_unlock(folio);
895	return `0`;
896	}
897
898	static int do_writepage(struct folio *folio, size_t len)
899	{
900	int err = `0`, blen;
901	unsigned int block;
902	void *addr;
903	size_t offset = `0`;
904	union ubifs_key key;
905	struct inode *inode = folio->mapping->host;
906	struct ubifs_info *c = inode->i_sb->s_fs_info;
907
908	#ifdef UBIFS_DEBUG
909	struct ubifs_inode *ui = ubifs_inode(inode);
910	spin_lock(&ui->ui_lock);
911	ubifs_assert(c, folio->index <= ui->synced_i_size >> PAGE_SHIFT);
912	spin_unlock(&ui->ui_lock);
913	#endif
914
915	folio_start_writeback(folio);
916
917	addr = kmap_local_folio(folio, offset);
918	block = folio->index << UBIFS_BLOCKS_PER_PAGE_SHIFT;
919	for (;;) {
920	blen = min_t(size_t, len, UBIFS_BLOCK_SIZE);
921	data_key_init(c, key: &key, inum: inode->i_ino, block);
922	err = ubifs_jnl_write_data(c, inode, key: &key, buf: addr, len: blen);
923	if (err)
924	break;
925	len -= blen;
926	if (!len)
927	break;
928	block += `1`;
929	addr += blen;
930	if (folio_test_highmem(folio) && !offset_in_page(addr)) {
931	kunmap_local(addr - blen);
932	offset += PAGE_SIZE;
933	addr = kmap_local_folio(folio, offset);
934	}
935	}
936	kunmap_local(addr);
937	if (err) {
938	mapping_set_error(mapping: folio->mapping, error: err);
939	ubifs_err(c, fmt: "cannot write folio %lu of inode %lu, error %d",
940	folio->index, inode->i_ino, err);
941	ubifs_ro_mode(c, err);
942	}
943
944	ubifs_assert(c, folio->private != NULL);
945	if (folio_test_checked(folio))
946	release_new_page_budget(c);
947	else
948	release_existing_page_budget(c);
949
950	atomic_long_dec(v: &c->dirty_pg_cnt);
951	folio_detach_private(folio);
952	folio_clear_checked(folio);
953
954	folio_unlock(folio);
955	folio_end_writeback(folio);
956	return err;
957	}
958
959	/*
960	* When writing-back dirty inodes, VFS first writes-back pages belonging to the
961	* inode, then the inode itself. For UBIFS this may cause a problem. Consider a
962	* situation when a we have an inode with size 0, then a megabyte of data is
963	* appended to the inode, then write-back starts and flushes some amount of the
964	* dirty pages, the journal becomes full, commit happens and finishes, and then
965	* an unclean reboot happens. When the file system is mounted next time, the
966	* inode size would still be 0, but there would be many pages which are beyond
967	* the inode size, they would be indexed and consume flash space. Because the
968	* journal has been committed, the replay would not be able to detect this
969	* situation and correct the inode size. This means UBIFS would have to scan
970	* whole index and correct all inode sizes, which is long an unacceptable.
971	*
972	* To prevent situations like this, UBIFS writes pages back only if they are
973	* within the last synchronized inode size, i.e. the size which has been
974	* written to the flash media last time. Otherwise, UBIFS forces inode
975	* write-back, thus making sure the on-flash inode contains current inode size,
976	* and then keeps writing pages back.
977	*
978	* Some locking issues explanation. 'ubifs_writepage()' first is called with
979	* the page locked, and it locks @ui_mutex. However, write-back does take inode
980	* @i_mutex, which means other VFS operations may be run on this inode at the
981	* same time. And the problematic one is truncation to smaller size, from where
982	* we have to call 'truncate_setsize()', which first changes @inode->i_size,
983	* then drops the truncated pages. And while dropping the pages, it takes the
984	* page lock. This means that 'do_truncation()' cannot call 'truncate_setsize()'
985	* with @ui_mutex locked, because it would deadlock with 'ubifs_writepage()'.
986	* This means that @inode->i_size is changed while @ui_mutex is unlocked.
987	*
988	* XXX(truncate): with the new truncate sequence this is not true anymore,
989	* and the calls to truncate_setsize can be move around freely. They should
990	* be moved to the very end of the truncate sequence.
991	*
992	* But in 'ubifs_writepage()' we have to guarantee that we do not write beyond
993	* inode size. How do we do this if @inode->i_size may became smaller while we
994	* are in the middle of 'ubifs_writepage()'? The UBIFS solution is the
995	* @ui->ui_isize "shadow" field which UBIFS uses instead of @inode->i_size
996	* internally and updates it under @ui_mutex.
997	*
998	* Q: why we do not worry that if we race with truncation, we may end up with a
999	* situation when the inode is truncated while we are in the middle of
1000	* 'do_writepage()', so we do write beyond inode size?
1001	* A: If we are in the middle of 'do_writepage()', truncation would be locked
1002	* on the page lock and it would not write the truncated inode node to the
1003	* journal before we have finished.
1004	*/
1005	static int ubifs_writepage(struct folio folio, struct* writeback_control *wbc,
1006	void *data)
1007	{
1008	struct inode *inode = folio->mapping->host;
1009	struct ubifs_info *c = inode->i_sb->s_fs_info;
1010	struct ubifs_inode *ui = ubifs_inode(inode);
1011	loff_t i_size = i_size_read(inode), synced_i_size;
1012	int err, len = folio_size(folio);
1013
1014	dbg_gen("ino %lu, pg %lu, pg flags %#lx",
1015	inode->i_ino, folio->index, folio->flags);
1016	ubifs_assert(c, folio->private != NULL);
1017
1018	/ Is the folio fully outside @i_size? (truncate in progress) /
1019	if (folio_pos(folio) >= i_size) {
1020	err = `0`;
1021	goto out_unlock;
1022	}
1023
1024	spin_lock(lock: &ui->ui_lock);
1025	synced_i_size = ui->synced_i_size;
1026	spin_unlock(lock: &ui->ui_lock);
1027
1028	/ Is the folio fully inside i_size? /
1029	if (folio_pos(folio) + len <= i_size) {
1030	if (folio_pos(folio) >= synced_i_size) {
1031	err = inode->i_sb->s_op->write_inode(inode, NULL);
1032	if (err)
1033	goto out_redirty;
1034	/*
1035	* The inode has been written, but the write-buffer has
1036	* not been synchronized, so in case of an unclean
1037	* reboot we may end up with some pages beyond inode
1038	* size, but they would be in the journal (because
1039	* commit flushes write buffers) and recovery would deal
1040	* with this.
1041	*/
1042	}
1043	return do_writepage(folio, len);
1044	}
1045
1046	/*
1047	* The folio straddles @i_size. It must be zeroed out on each and every
1048	* writepage invocation because it may be mmapped. "A file is mapped
1049	* in multiples of the page size. For a file that is not a multiple of
1050	* the page size, the remaining memory is zeroed when mapped, and
1051	* writes to that region are not written out to the file."
1052	*/
1053	len = i_size - folio_pos(folio);
1054	folio_zero_segment(folio, start: len, xend: folio_size(folio));
1055
1056	if (i_size > synced_i_size) {
1057	err = inode->i_sb->s_op->write_inode(inode, NULL);
1058	if (err)
1059	goto out_redirty;
1060	}
1061
1062	return do_writepage(folio, len);
1063	out_redirty:
1064	/*
1065	* folio_redirty_for_writepage() won't call ubifs_dirty_inode() because
1066	* it passes I_DIRTY_PAGES flag while calling __mark_inode_dirty(), so
1067	* there is no need to do space budget for dirty inode.
1068	*/
1069	folio_redirty_for_writepage(wbc, folio);
1070	out_unlock:
1071	folio_unlock(folio);
1072	return err;
1073	}
1074
1075	static int ubifs_writepages(struct address_space *mapping,
1076	struct writeback_control *wbc)
1077	{
1078	return write_cache_pages(mapping, wbc, writepage: ubifs_writepage, NULL);
1079	}
1080
1081	/**
1082	* do_attr_changes - change inode attributes.
1083	* @inode: inode to change attributes for
1084	* @attr: describes attributes to change
1085	*/
1086	static void do_attr_changes(struct inode inode, const* struct iattr *attr)
1087	{
1088	if (attr->ia_valid & ATTR_UID)
1089	inode->i_uid = attr->ia_uid;
1090	if (attr->ia_valid & ATTR_GID)
1091	inode->i_gid = attr->ia_gid;
1092	if (attr->ia_valid & ATTR_ATIME)
1093	inode_set_atime_to_ts(inode, ts: attr->ia_atime);
1094	if (attr->ia_valid & ATTR_MTIME)
1095	inode_set_mtime_to_ts(inode, ts: attr->ia_mtime);
1096	if (attr->ia_valid & ATTR_CTIME)
1097	inode_set_ctime_to_ts(inode, ts: attr->ia_ctime);
1098	if (attr->ia_valid & ATTR_MODE) {
1099	umode_t mode = attr->ia_mode;
1100
1101	if (!in_group_p(inode->i_gid) && !capable(CAP_FSETID))
1102	mode &= ~S_ISGID;
1103	inode->i_mode = mode;
1104	}
1105	}
1106
1107	/**
1108	* do_truncation - truncate an inode.
1109	* @c: UBIFS file-system description object
1110	* @inode: inode to truncate
1111	* @attr: inode attribute changes description
1112	*
1113	* This function implements VFS '->setattr()' call when the inode is truncated
1114	* to a smaller size.
1115	*
1116	* Returns: %0 in case of success and a negative error code
1117	* in case of failure.
1118	*/
1119	static int do_truncation(struct ubifs_info c, struct* inode *inode,
1120	const struct iattr *attr)
1121	{
1122	int err;
1123	struct ubifs_budget_req req;
1124	loff_t old_size = inode->i_size, new_size = attr->ia_size;
1125	int offset = new_size & (UBIFS_BLOCK_SIZE - `1`), budgeted = `1`;
1126	struct ubifs_inode *ui = ubifs_inode(inode);
1127
1128	dbg_gen("ino %lu, size %lld -> %lld", inode->i_ino, old_size, new_size);
1129	memset(&req, `0`, sizeof(struct ubifs_budget_req));
1130
1131	/*
1132	* If this is truncation to a smaller size, and we do not truncate on a
1133	* block boundary, budget for changing one data block, because the last
1134	* block will be re-written.
1135	*/
1136	if (new_size & (UBIFS_BLOCK_SIZE - `1`))
1137	req.dirtied_page = `1`;
1138
1139	req.dirtied_ino = `1`;
1140	/ A funny way to budget for truncation node /
1141	req.dirtied_ino_d = UBIFS_TRUN_NODE_SZ;
1142	err = ubifs_budget_space(c, req: &req);
1143	if (err) {
1144	/*
1145	* Treat truncations to zero as deletion and always allow them,
1146	* just like we do for '->unlink()'.
1147	*/
1148	if (new_size \|\| err != -ENOSPC)
1149	return err;
1150	budgeted = `0`;
1151	}
1152
1153	truncate_setsize(inode, newsize: new_size);
1154
1155	if (offset) {
1156	pgoff_t index = new_size >> PAGE_SHIFT;
1157	struct folio *folio;
1158
1159	folio = filemap_lock_folio(mapping: inode->i_mapping, index);
1160	if (!IS_ERR(ptr: folio)) {
1161	if (folio_test_dirty(folio)) {
1162	/*
1163	* 'ubifs_jnl_truncate()' will try to truncate
1164	* the last data node, but it contains
1165	* out-of-date data because the page is dirty.
1166	* Write the page now, so that
1167	* 'ubifs_jnl_truncate()' will see an already
1168	* truncated (and up to date) data node.
1169	*/
1170	ubifs_assert(c, folio->private != NULL);
1171
1172	folio_clear_dirty_for_io(folio);
1173	if (UBIFS_BLOCKS_PER_PAGE_SHIFT)
1174	offset = offset_in_folio(folio,
1175	new_size);
1176	err = do_writepage(folio, len: offset);
1177	folio_put(folio);
1178	if (err)
1179	goto out_budg;
1180	/*
1181	* We could now tell 'ubifs_jnl_truncate()' not
1182	* to read the last block.
1183	*/
1184	} else {
1185	/*
1186	* We could 'kmap()' the page and pass the data
1187	* to 'ubifs_jnl_truncate()' to save it from
1188	* having to read it.
1189	*/
1190	folio_unlock(folio);
1191	folio_put(folio);
1192	}
1193	}
1194	}
1195
1196	mutex_lock(&ui->ui_mutex);
1197	ui->ui_size = inode->i_size;
1198	/ Truncation changes inode [mc]time /
1199	inode_set_mtime_to_ts(inode, ts: inode_set_ctime_current(inode));
1200	/ Other attributes may be changed at the same time as well /
1201	do_attr_changes(inode, attr);
1202	err = ubifs_jnl_truncate(c, inode, old_size, new_size);
1203	mutex_unlock(lock: &ui->ui_mutex);
1204
1205	out_budg:
1206	if (budgeted)
1207	ubifs_release_budget(c, req: &req);
1208	else {
1209	c->bi.nospace = c->bi.nospace_rp = `0`;
1210	smp_wmb();
1211	}
1212	return err;
1213	}
1214
1215	/**
1216	* do_setattr - change inode attributes.
1217	* @c: UBIFS file-system description object
1218	* @inode: inode to change attributes for
1219	* @attr: inode attribute changes description
1220	*
1221	* This function implements VFS '->setattr()' call for all cases except
1222	* truncations to smaller size.
1223	*
1224	* Returns: %0 in case of success and a negative
1225	* error code in case of failure.
1226	*/
1227	static int do_setattr(struct ubifs_info c, struct* inode *inode,
1228	const struct iattr *attr)
1229	{
1230	int err, release;
1231	loff_t new_size = attr->ia_size;
1232	struct ubifs_inode *ui = ubifs_inode(inode);
1233	struct ubifs_budget_req req = { .dirtied_ino = `1`,
1234	.dirtied_ino_d = ALIGN(ui->data_len, `8`) };
1235
1236	err = ubifs_budget_space(c, req: &req);
1237	if (err)
1238	return err;
1239
1240	if (attr->ia_valid & ATTR_SIZE) {
1241	dbg_gen("size %lld -> %lld", inode->i_size, new_size);
1242	truncate_setsize(inode, newsize: new_size);
1243	}
1244
1245	mutex_lock(&ui->ui_mutex);
1246	if (attr->ia_valid & ATTR_SIZE) {
1247	/ Truncation changes inode [mc]time /
1248	inode_set_mtime_to_ts(inode, ts: inode_set_ctime_current(inode));
1249	/ 'truncate_setsize()' changed @i_size, update @ui_size /
1250	ui->ui_size = inode->i_size;
1251	}
1252
1253	do_attr_changes(inode, attr);
1254
1255	release = ui->dirty;
1256	if (attr->ia_valid & ATTR_SIZE)
1257	/*
1258	* Inode length changed, so we have to make sure
1259	* @I_DIRTY_DATASYNC is set.
1260	*/
1261	__mark_inode_dirty(inode, I_DIRTY_DATASYNC);
1262	else
1263	mark_inode_dirty_sync(inode);
1264	mutex_unlock(lock: &ui->ui_mutex);
1265
1266	if (release)
1267	ubifs_release_budget(c, req: &req);
1268	if (IS_SYNC(inode))
1269	err = inode->i_sb->s_op->write_inode(inode, NULL);
1270	return err;
1271	}
1272
1273	int ubifs_setattr(struct mnt_idmap idmap, struct* dentry *dentry,
1274	struct iattr *attr)
1275	{
1276	int err;
1277	struct inode *inode = d_inode(dentry);
1278	struct ubifs_info *c = inode->i_sb->s_fs_info;
1279
1280	dbg_gen("ino %lu, mode %#x, ia_valid %#x",
1281	inode->i_ino, inode->i_mode, attr->ia_valid);
1282	err = setattr_prepare(&nop_mnt_idmap, dentry, attr);
1283	if (err)
1284	return err;
1285
1286	err = dbg_check_synced_i_size(c, inode);
1287	if (err)
1288	return err;
1289
1290	err = fscrypt_prepare_setattr(dentry, attr);
1291	if (err)
1292	return err;
1293
1294	if ((attr->ia_valid & ATTR_SIZE) && attr->ia_size < inode->i_size)
1295	/ Truncation to a smaller size /
1296	err = do_truncation(c, inode, attr);
1297	else
1298	err = do_setattr(c, inode, attr);
1299
1300	return err;
1301	}
1302
1303	static void ubifs_invalidate_folio(struct folio *folio, size_t offset,
1304	size_t length)
1305	{
1306	struct inode *inode = folio->mapping->host;
1307	struct ubifs_info *c = inode->i_sb->s_fs_info;
1308
1309	ubifs_assert(c, folio_test_private(folio));
1310	if (offset \|\| length < folio_size(folio))
1311	/ Partial folio remains dirty /
1312	return;
1313
1314	if (folio_test_checked(folio))
1315	release_new_page_budget(c);
1316	else
1317	release_existing_page_budget(c);
1318
1319	atomic_long_dec(v: &c->dirty_pg_cnt);
1320	folio_detach_private(folio);
1321	folio_clear_checked(folio);
1322	}
1323
1324	int ubifs_fsync(struct file file, loff_t start, loff_t end, int* datasync)
1325	{
1326	struct inode *inode = file->f_mapping->host;
1327	struct ubifs_info *c = inode->i_sb->s_fs_info;
1328	int err;
1329
1330	dbg_gen("syncing inode %lu", inode->i_ino);
1331
1332	if (c->ro_mount)
1333	/*
1334	* For some really strange reasons VFS does not filter out
1335	* 'fsync()' for R/O mounted file-systems as per 2.6.39.
1336	*/
1337	return `0`;
1338
1339	err = file_write_and_wait_range(file, start, end);
1340	if (err)
1341	return err;
1342	inode_lock(inode);
1343
1344	/ Synchronize the inode unless this is a 'datasync()' call. /
1345	if (!datasync \|\| (inode->i_state & I_DIRTY_DATASYNC)) {
1346	err = inode->i_sb->s_op->write_inode(inode, NULL);
1347	if (err)
1348	goto out;
1349	}
1350
1351	/*
1352	* Nodes related to this inode may still sit in a write-buffer. Flush
1353	* them.
1354	*/
1355	err = ubifs_sync_wbufs_by_inode(c, inode);
1356	out:
1357	inode_unlock(inode);
1358	return err;
1359	}
1360
1361	/**
1362	* mctime_update_needed - check if mtime or ctime update is needed.
1363	* @inode: the inode to do the check for
1364	* @now: current time
1365	*
1366	* This helper function checks if the inode mtime/ctime should be updated or
1367	* not. If current values of the time-stamps are within the UBIFS inode time
1368	* granularity, they are not updated. This is an optimization.
1369	*
1370	* Returns: %1 if time update is needed, %0 if not
1371	*/
1372	static inline int mctime_update_needed(const struct inode *inode,
1373	const struct timespec64 *now)
1374	{
1375	struct timespec64 ctime = inode_get_ctime(inode);
1376	struct timespec64 mtime = inode_get_mtime(inode);
1377
1378	if (!timespec64_equal(a: &mtime, b: now) \|\| !timespec64_equal(a: &ctime, b: now))
1379	return `1`;
1380	return `0`;
1381	}
1382
1383	/**
1384	* ubifs_update_time - update time of inode.
1385	* @inode: inode to update
1386	* @flags: time updating control flag determines updating
1387	* which time fields of @inode
1388	*
1389	* This function updates time of the inode.
1390	*
1391	* Returns: %0 for success or a negative error code otherwise.
1392	*/
1393	int ubifs_update_time(struct inode inode, int* flags)
1394	{
1395	struct ubifs_inode *ui = ubifs_inode(inode);
1396	struct ubifs_info *c = inode->i_sb->s_fs_info;
1397	struct ubifs_budget_req req = { .dirtied_ino = `1`,
1398	.dirtied_ino_d = ALIGN(ui->data_len, `8`) };
1399	int err, release;
1400
1401	if (!IS_ENABLED(CONFIG_UBIFS_ATIME_SUPPORT)) {
1402	generic_update_time(inode, flags);
1403	return `0`;
1404	}
1405
1406	err = ubifs_budget_space(c, req: &req);
1407	if (err)
1408	return err;
1409
1410	mutex_lock(&ui->ui_mutex);
1411	inode_update_timestamps(inode, flags);
1412	release = ui->dirty;
1413	__mark_inode_dirty(inode, I_DIRTY_SYNC);
1414	mutex_unlock(lock: &ui->ui_mutex);
1415	if (release)
1416	ubifs_release_budget(c, req: &req);
1417	return `0`;
1418	}
1419
1420	/**
1421	* update_mctime - update mtime and ctime of an inode.
1422	* @inode: inode to update
1423	*
1424	* This function updates mtime and ctime of the inode if it is not equivalent to
1425	* current time.
1426	*
1427	* Returns: %0 in case of success and a negative error code in
1428	* case of failure.
1429	*/
1430	static int update_mctime(struct inode *inode)
1431	{
1432	struct timespec64 now = current_time(inode);
1433	struct ubifs_inode *ui = ubifs_inode(inode);
1434	struct ubifs_info *c = inode->i_sb->s_fs_info;
1435
1436	if (mctime_update_needed(inode, now: &now)) {
1437	int err, release;
1438	struct ubifs_budget_req req = { .dirtied_ino = `1`,
1439	.dirtied_ino_d = ALIGN(ui->data_len, `8`) };
1440
1441	err = ubifs_budget_space(c, req: &req);
1442	if (err)
1443	return err;
1444
1445	mutex_lock(&ui->ui_mutex);
1446	inode_set_mtime_to_ts(inode, ts: inode_set_ctime_current(inode));
1447	release = ui->dirty;
1448	mark_inode_dirty_sync(inode);
1449	mutex_unlock(lock: &ui->ui_mutex);
1450	if (release)
1451	ubifs_release_budget(c, req: &req);
1452	}
1453
1454	return `0`;
1455	}
1456
1457	static ssize_t ubifs_write_iter(struct kiocb iocb, struct* iov_iter *from)
1458	{
1459	int err = update_mctime(inode: file_inode(f: iocb->ki_filp));
1460	if (err)
1461	return err;
1462
1463	return generic_file_write_iter(iocb, from);
1464	}
1465
1466	static bool ubifs_dirty_folio(struct address_space *mapping,
1467	struct folio *folio)
1468	{
1469	bool ret;
1470	struct ubifs_info *c = mapping->host->i_sb->s_fs_info;
1471
1472	ret = filemap_dirty_folio(mapping, folio);
1473	/*
1474	* An attempt to dirty a page without budgeting for it - should not
1475	* happen.
1476	*/
1477	ubifs_assert(c, ret == false);
1478	return ret;
1479	}
1480
1481	static bool ubifs_release_folio(struct folio *folio, gfp_t unused_gfp_flags)
1482	{
1483	struct inode *inode = folio->mapping->host;
1484	struct ubifs_info *c = inode->i_sb->s_fs_info;
1485
1486	if (folio_test_writeback(folio))
1487	return false;
1488
1489	/*
1490	* Page is private but not dirty, weird? There is one condition
1491	* making it happened. ubifs_writepage skipped the page because
1492	* page index beyonds isize (for example. truncated by other
1493	* process named A), then the page is invalidated by fadvise64
1494	* syscall before being truncated by process A.
1495	*/
1496	ubifs_assert(c, folio_test_private(folio));
1497	if (folio_test_checked(folio))
1498	release_new_page_budget(c);
1499	else
1500	release_existing_page_budget(c);
1501
1502	atomic_long_dec(v: &c->dirty_pg_cnt);
1503	folio_detach_private(folio);
1504	folio_clear_checked(folio);
1505	return true;
1506	}
1507
1508	/*
1509	* mmap()d file has taken write protection fault and is being made writable.
1510	* UBIFS must ensure page is budgeted for.
1511	*/
1512	static vm_fault_t ubifs_vm_page_mkwrite(struct vm_fault *vmf)
1513	{
1514	struct folio *folio = page_folio(vmf->page);
1515	struct inode *inode = file_inode(f: vmf->vma->vm_file);
1516	struct ubifs_info *c = inode->i_sb->s_fs_info;
1517	struct timespec64 now = current_time(inode);
1518	struct ubifs_budget_req req = { .new_page = `1` };
1519	int err, update_time;
1520
1521	dbg_gen("ino %lu, pg %lu, i_size %lld", inode->i_ino, folio->index,
1522	i_size_read(inode));
1523	ubifs_assert(c, !c->ro_media && !c->ro_mount);
1524
1525	if (unlikely(c->ro_error))
1526	return VM_FAULT_SIGBUS; / -EROFS /
1527
1528	/*
1529	* We have not locked @folio so far so we may budget for changing the
1530	* folio. Note, we cannot do this after we locked the folio, because
1531	* budgeting may cause write-back which would cause deadlock.
1532	*
1533	* At the moment we do not know whether the folio is dirty or not, so we
1534	* assume that it is not and budget for a new folio. We could look at
1535	* the @PG_private flag and figure this out, but we may race with write
1536	* back and the folio state may change by the time we lock it, so this
1537	* would need additional care. We do not bother with this at the
1538	* moment, although it might be good idea to do. Instead, we allocate
1539	* budget for a new folio and amend it later on if the folio was in fact
1540	* dirty.
1541	*
1542	* The budgeting-related logic of this function is similar to what we
1543	* do in 'ubifs_write_begin()' and 'ubifs_write_end()'. Glance there
1544	* for more comments.
1545	*/
1546	update_time = mctime_update_needed(inode, now: &now);
1547	if (update_time)
1548	/*
1549	* We have to change inode time stamp which requires extra
1550	* budgeting.
1551	*/
1552	req.dirtied_ino = `1`;
1553
1554	err = ubifs_budget_space(c, req: &req);
1555	if (unlikely(err)) {
1556	if (err == -ENOSPC)
1557	ubifs_warn(c, fmt: "out of space for mmapped file (inode number %lu)",
1558	inode->i_ino);
1559	return VM_FAULT_SIGBUS;
1560	}
1561
1562	folio_lock(folio);
1563	if (unlikely(folio->mapping != inode->i_mapping \|\|
1564	folio_pos(folio) >= i_size_read(inode))) {
1565	/ Folio got truncated out from underneath us /
1566	goto sigbus;
1567	}
1568
1569	if (folio->private)
1570	release_new_page_budget(c);
1571	else {
1572	if (!folio_test_checked(folio))
1573	ubifs_convert_page_budget(c);
1574	folio_attach_private(folio, data: (void *)`1`);
1575	atomic_long_inc(v: &c->dirty_pg_cnt);
1576	filemap_dirty_folio(mapping: folio->mapping, folio);
1577	}
1578
1579	if (update_time) {
1580	int release;
1581	struct ubifs_inode *ui = ubifs_inode(inode);
1582
1583	mutex_lock(&ui->ui_mutex);
1584	inode_set_mtime_to_ts(inode, ts: inode_set_ctime_current(inode));
1585	release = ui->dirty;
1586	mark_inode_dirty_sync(inode);
1587	mutex_unlock(lock: &ui->ui_mutex);
1588	if (release)
1589	ubifs_release_dirty_inode_budget(c, ui);
1590	}
1591
1592	folio_wait_stable(folio);
1593	return VM_FAULT_LOCKED;
1594
1595	sigbus:
1596	folio_unlock(folio);
1597	ubifs_release_budget(c, req: &req);
1598	return VM_FAULT_SIGBUS;
1599	}
1600
1601	static const struct vm_operations_struct ubifs_file_vm_ops = {
1602	.fault = filemap_fault,
1603	.map_pages = filemap_map_pages,
1604	.page_mkwrite = ubifs_vm_page_mkwrite,
1605	};
1606
1607	static int ubifs_file_mmap(struct file file, struct* vm_area_struct *vma)
1608	{
1609	int err;
1610
1611	err = generic_file_mmap(file, vma);
1612	if (err)
1613	return err;
1614	vma->vm_ops = &ubifs_file_vm_ops;
1615
1616	if (IS_ENABLED(CONFIG_UBIFS_ATIME_SUPPORT))
1617	file_accessed(file);
1618
1619	return `0`;
1620	}
1621
1622	static const char ubifs_get_link(struct* dentry *dentry,
1623	struct inode *inode,
1624	struct delayed_call *done)
1625	{
1626	struct ubifs_inode *ui = ubifs_inode(inode);
1627
1628	if (!IS_ENCRYPTED(inode))
1629	return ui->data;
1630
1631	if (!dentry)
1632	return ERR_PTR(error: -ECHILD);
1633
1634	return fscrypt_get_symlink(inode, caddr: ui->data, max_size: ui->data_len, done);
1635	}
1636
1637	static int ubifs_symlink_getattr(struct mnt_idmap *idmap,
1638	const struct path path, struct* kstat *stat,
1639	u32 request_mask, unsigned int query_flags)
1640	{
1641	ubifs_getattr(idmap, path, stat, request_mask, flags: query_flags);
1642
1643	if (IS_ENCRYPTED(d_inode(path->dentry)))
1644	return fscrypt_symlink_getattr(path, stat);
1645	return `0`;
1646	}
1647
1648	const struct address_space_operations ubifs_file_address_operations = {
1649	.read_folio = ubifs_read_folio,
1650	.writepages = ubifs_writepages,
1651	.write_begin = ubifs_write_begin,
1652	.write_end = ubifs_write_end,
1653	.invalidate_folio = ubifs_invalidate_folio,
1654	.dirty_folio = ubifs_dirty_folio,
1655	.migrate_folio = filemap_migrate_folio,
1656	.release_folio = ubifs_release_folio,
1657	};
1658
1659	const struct inode_operations ubifs_file_inode_operations = {
1660	.setattr = ubifs_setattr,
1661	.getattr = ubifs_getattr,
1662	.listxattr = ubifs_listxattr,
1663	.update_time = ubifs_update_time,
1664	.fileattr_get = ubifs_fileattr_get,
1665	.fileattr_set = ubifs_fileattr_set,
1666	};
1667
1668	const struct inode_operations ubifs_symlink_inode_operations = {
1669	.get_link = ubifs_get_link,
1670	.setattr = ubifs_setattr,
1671	.getattr = ubifs_symlink_getattr,
1672	.listxattr = ubifs_listxattr,
1673	.update_time = ubifs_update_time,
1674	};
1675
1676	const struct file_operations ubifs_file_operations = {
1677	.llseek = generic_file_llseek,
1678	.read_iter = generic_file_read_iter,
1679	.write_iter = ubifs_write_iter,
1680	.mmap = ubifs_file_mmap,
1681	.fsync = ubifs_fsync,
1682	.unlocked_ioctl = ubifs_ioctl,
1683	.splice_read = filemap_splice_read,
1684	.splice_write = iter_file_splice_write,
1685	.open = fscrypt_file_open,
1686	#ifdef CONFIG_COMPAT
1687	.compat_ioctl = ubifs_compat_ioctl,
1688	#endif
1689	};
1690

source code of linux/fs/ubifs/file.c