2005-04-16 15:20:36 -07:00
/*
2006-09-04 15:41:16 +02:00
* Copyright ( C ) 2001 Jens Axboe < axboe @ kernel . dk >
2005-04-16 15:20:36 -07:00
*
* This program is free software ; you can redistribute it and / or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
*
* You should have received a copy of the GNU General Public Licens
* along with this program ; if not , write to the Free Software
* Foundation , Inc . , 59 Temple Place , Suite 330 , Boston , MA 02111 -
*
*/
# include <linux/mm.h>
# include <linux/swap.h>
# include <linux/bio.h>
# include <linux/blkdev.h>
2013-05-07 16:19:08 -07:00
# include <linux/uio.h>
2012-03-05 13:15:27 -08:00
# include <linux/iocontext.h>
2005-04-16 15:20:36 -07:00
# include <linux/slab.h>
# include <linux/init.h>
# include <linux/kernel.h>
2011-11-16 23:57:37 -05:00
# include <linux/export.h>
2005-04-16 15:20:36 -07:00
# include <linux/mempool.h>
# include <linux/workqueue.h>
2012-03-05 13:15:27 -08:00
# include <linux/cgroup.h>
2005-06-20 14:06:52 +02:00
# include <scsi/sg.h> /* for struct sg_iovec */
2005-04-16 15:20:36 -07:00
tracing/events: convert block trace points to TRACE_EVENT()
TRACE_EVENT is a more generic way to define tracepoints. Doing so adds
these new capabilities to this tracepoint:
- zero-copy and per-cpu splice() tracing
- binary tracing without printf overhead
- structured logging records exposed under /debug/tracing/events
- trace events embedded in function tracer output and other plugins
- user-defined, per tracepoint filter expressions
...
Cons:
- no dev_t info for the output of plug, unplug_timer and unplug_io events.
no dev_t info for getrq and sleeprq events if bio == NULL.
no dev_t info for rq_abort,...,rq_requeue events if rq->rq_disk == NULL.
This is mainly because we can't get the deivce from a request queue.
But this may change in the future.
- A packet command is converted to a string in TP_assign, not TP_print.
While blktrace do the convertion just before output.
Since pc requests should be rather rare, this is not a big issue.
- In blktrace, an event can have 2 different print formats, but a TRACE_EVENT
has a unique format, which means we have some unused data in a trace entry.
The overhead is minimized by using __dynamic_array() instead of __array().
I've benchmarked the ioctl blktrace vs the splice based TRACE_EVENT tracing:
dd dd + ioctl blktrace dd + TRACE_EVENT (splice)
1 7.36s, 42.7 MB/s 7.50s, 42.0 MB/s 7.41s, 42.5 MB/s
2 7.43s, 42.3 MB/s 7.48s, 42.1 MB/s 7.43s, 42.4 MB/s
3 7.38s, 42.6 MB/s 7.45s, 42.2 MB/s 7.41s, 42.5 MB/s
So the overhead of tracing is very small, and no regression when using
those trace events vs blktrace.
And the binary output of TRACE_EVENT is much smaller than blktrace:
# ls -l -h
-rw-r--r-- 1 root root 8.8M 06-09 13:24 sda.blktrace.0
-rw-r--r-- 1 root root 195K 06-09 13:24 sda.blktrace.1
-rw-r--r-- 1 root root 2.7M 06-09 13:25 trace_splice.out
Following are some comparisons between TRACE_EVENT and blktrace:
plug:
kjournald-480 [000] 303.084981: block_plug: [kjournald]
kjournald-480 [000] 303.084981: 8,0 P N [kjournald]
unplug_io:
kblockd/0-118 [000] 300.052973: block_unplug_io: [kblockd/0] 1
kblockd/0-118 [000] 300.052974: 8,0 U N [kblockd/0] 1
remap:
kjournald-480 [000] 303.085042: block_remap: 8,0 W 102736992 + 8 <- (8,8) 33384
kjournald-480 [000] 303.085043: 8,0 A W 102736992 + 8 <- (8,8) 33384
bio_backmerge:
kjournald-480 [000] 303.085086: block_bio_backmerge: 8,0 W 102737032 + 8 [kjournald]
kjournald-480 [000] 303.085086: 8,0 M W 102737032 + 8 [kjournald]
getrq:
kjournald-480 [000] 303.084974: block_getrq: 8,0 W 102736984 + 8 [kjournald]
kjournald-480 [000] 303.084975: 8,0 G W 102736984 + 8 [kjournald]
bash-2066 [001] 1072.953770: 8,0 G N [bash]
bash-2066 [001] 1072.953773: block_getrq: 0,0 N 0 + 0 [bash]
rq_complete:
konsole-2065 [001] 300.053184: block_rq_complete: 8,0 W () 103669040 + 16 [0]
konsole-2065 [001] 300.053191: 8,0 C W 103669040 + 16 [0]
ksoftirqd/1-7 [001] 1072.953811: 8,0 C N (5a 00 08 00 00 00 00 00 24 00) [0]
ksoftirqd/1-7 [001] 1072.953813: block_rq_complete: 0,0 N (5a 00 08 00 00 00 00 00 24 00) 0 + 0 [0]
rq_insert:
kjournald-480 [000] 303.084985: block_rq_insert: 8,0 W 0 () 102736984 + 8 [kjournald]
kjournald-480 [000] 303.084986: 8,0 I W 102736984 + 8 [kjournald]
Changelog from v2 -> v3:
- use the newly introduced __dynamic_array().
Changelog from v1 -> v2:
- use __string() instead of __array() to minimize the memory required
to store hex dump of rq->cmd().
- support large pc requests.
- add missing blk_fill_rwbs_rq() in block_rq_requeue TRACE_EVENT.
- some cleanups.
Signed-off-by: Li Zefan <lizf@cn.fujitsu.com>
LKML-Reference: <4A2DF669.5070905@cn.fujitsu.com>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
2009-06-09 13:43:05 +08:00
# include <trace/events/block.h>
2008-11-26 11:59:56 +01:00
2008-12-23 12:42:54 +01:00
/*
* Test patch to inline a certain number of bi_io_vec ' s inside the bio
* itself , to shrink a bio data allocation from two mempool calls to one
*/
# define BIO_INLINE_VECS 4
2005-04-16 15:20:36 -07:00
/*
* if you change this list , also change bvec_alloc or things will
* break badly ! cannot be bigger than what you can fit into an
* unsigned short
*/
# define BV(x) { .nr_vecs = x, .name = "biovec-"__stringify(x) }
2011-03-08 08:28:01 +01:00
static struct biovec_slab bvec_slabs [ BIOVEC_NR_POOLS ] __read_mostly = {
2005-04-16 15:20:36 -07:00
BV ( 1 ) , BV ( 4 ) , BV ( 16 ) , BV ( 64 ) , BV ( 128 ) , BV ( BIO_MAX_PAGES ) ,
} ;
# undef BV
/*
* fs_bio_set is the bio_set containing bio and iovec memory pools used by
* IO code that does not need private memory pools .
*/
2008-06-17 18:59:56 +02:00
struct bio_set * fs_bio_set ;
2012-09-06 15:35:01 -07:00
EXPORT_SYMBOL ( fs_bio_set ) ;
2005-04-16 15:20:36 -07:00
2008-12-10 15:35:05 +01:00
/*
* Our slab pool management
*/
struct bio_slab {
struct kmem_cache * slab ;
unsigned int slab_ref ;
unsigned int slab_size ;
char name [ 8 ] ;
} ;
static DEFINE_MUTEX ( bio_slab_lock ) ;
static struct bio_slab * bio_slabs ;
static unsigned int bio_slab_nr , bio_slab_max ;
static struct kmem_cache * bio_find_or_create_slab ( unsigned int extra_size )
{
unsigned int sz = sizeof ( struct bio ) + extra_size ;
struct kmem_cache * slab = NULL ;
2012-08-09 15:19:25 +02:00
struct bio_slab * bslab , * new_bio_slabs ;
2012-10-22 21:53:36 +02:00
unsigned int new_bio_slab_max ;
2008-12-10 15:35:05 +01:00
unsigned int i , entry = - 1 ;
mutex_lock ( & bio_slab_lock ) ;
i = 0 ;
while ( i < bio_slab_nr ) {
2010-01-19 14:07:09 +01:00
bslab = & bio_slabs [ i ] ;
2008-12-10 15:35:05 +01:00
if ( ! bslab - > slab & & entry = = - 1 )
entry = i ;
else if ( bslab - > slab_size = = sz ) {
slab = bslab - > slab ;
bslab - > slab_ref + + ;
break ;
}
i + + ;
}
if ( slab )
goto out_unlock ;
if ( bio_slab_nr = = bio_slab_max & & entry = = - 1 ) {
2012-10-22 21:53:36 +02:00
new_bio_slab_max = bio_slab_max < < 1 ;
2012-08-09 15:19:25 +02:00
new_bio_slabs = krealloc ( bio_slabs ,
2012-10-22 21:53:36 +02:00
new_bio_slab_max * sizeof ( struct bio_slab ) ,
2012-08-09 15:19:25 +02:00
GFP_KERNEL ) ;
if ( ! new_bio_slabs )
2008-12-10 15:35:05 +01:00
goto out_unlock ;
2012-10-22 21:53:36 +02:00
bio_slab_max = new_bio_slab_max ;
2012-08-09 15:19:25 +02:00
bio_slabs = new_bio_slabs ;
2008-12-10 15:35:05 +01:00
}
if ( entry = = - 1 )
entry = bio_slab_nr + + ;
bslab = & bio_slabs [ entry ] ;
snprintf ( bslab - > name , sizeof ( bslab - > name ) , " bio-%d " , entry ) ;
slab = kmem_cache_create ( bslab - > name , sz , 0 , SLAB_HWCACHE_ALIGN , NULL ) ;
if ( ! slab )
goto out_unlock ;
2011-03-22 16:33:54 -07:00
printk ( KERN_INFO " bio: create slab <%s> at %d \n " , bslab - > name , entry ) ;
2008-12-10 15:35:05 +01:00
bslab - > slab = slab ;
bslab - > slab_ref = 1 ;
bslab - > slab_size = sz ;
out_unlock :
mutex_unlock ( & bio_slab_lock ) ;
return slab ;
}
static void bio_put_slab ( struct bio_set * bs )
{
struct bio_slab * bslab = NULL ;
unsigned int i ;
mutex_lock ( & bio_slab_lock ) ;
for ( i = 0 ; i < bio_slab_nr ; i + + ) {
if ( bs - > bio_slab = = bio_slabs [ i ] . slab ) {
bslab = & bio_slabs [ i ] ;
break ;
}
}
if ( WARN ( ! bslab , KERN_ERR " bio: unable to find slab! \n " ) )
goto out ;
WARN_ON ( ! bslab - > slab_ref ) ;
if ( - - bslab - > slab_ref )
goto out ;
kmem_cache_destroy ( bslab - > slab ) ;
bslab - > slab = NULL ;
out :
mutex_unlock ( & bio_slab_lock ) ;
}
2008-06-30 20:04:41 +02:00
unsigned int bvec_nr_vecs ( unsigned short idx )
{
return bvec_slabs [ idx ] . nr_vecs ;
}
2012-10-12 15:29:33 -07:00
void bvec_free ( mempool_t * pool , struct bio_vec * bv , unsigned int idx )
2008-12-10 15:35:05 +01:00
{
BIO_BUG_ON ( idx > = BIOVEC_NR_POOLS ) ;
if ( idx = = BIOVEC_MAX_IDX )
2012-10-12 15:29:33 -07:00
mempool_free ( bv , pool ) ;
2008-12-10 15:35:05 +01:00
else {
struct biovec_slab * bvs = bvec_slabs + idx ;
kmem_cache_free ( bvs - > slab , bv ) ;
}
}
2012-10-12 15:29:33 -07:00
struct bio_vec * bvec_alloc ( gfp_t gfp_mask , int nr , unsigned long * idx ,
mempool_t * pool )
2005-04-16 15:20:36 -07:00
{
struct bio_vec * bvl ;
2008-12-11 11:53:43 +01:00
/*
* see comment near bvec_array define !
*/
switch ( nr ) {
case 1 :
* idx = 0 ;
break ;
case 2 . . . 4 :
* idx = 1 ;
break ;
case 5 . . . 16 :
* idx = 2 ;
break ;
case 17 . . . 64 :
* idx = 3 ;
break ;
case 65 . . . 128 :
* idx = 4 ;
break ;
case 129 . . . BIO_MAX_PAGES :
* idx = 5 ;
break ;
default :
return NULL ;
}
/*
* idx now points to the pool we want to allocate from . only the
* 1 - vec entry pool is mempool backed .
*/
if ( * idx = = BIOVEC_MAX_IDX ) {
fallback :
2012-10-12 15:29:33 -07:00
bvl = mempool_alloc ( pool , gfp_mask ) ;
2008-12-11 11:53:43 +01:00
} else {
struct biovec_slab * bvs = bvec_slabs + * idx ;
gfp_t __gfp_mask = gfp_mask & ~ ( __GFP_WAIT | __GFP_IO ) ;
2008-09-11 13:17:37 +02:00
/*
2008-12-11 11:53:43 +01:00
* Make this allocation restricted and don ' t dump info on
* allocation failures , since we ' ll fallback to the mempool
* in case of failure .
2008-09-11 13:17:37 +02:00
*/
2008-12-11 11:53:43 +01:00
__gfp_mask | = __GFP_NOMEMALLOC | __GFP_NORETRY | __GFP_NOWARN ;
2005-04-16 15:20:36 -07:00
2008-09-11 13:17:37 +02:00
/*
2008-12-11 11:53:43 +01:00
* Try a slab allocation . If this fails and __GFP_WAIT
* is set , retry with the 1 - entry mempool
2008-09-11 13:17:37 +02:00
*/
2008-12-11 11:53:43 +01:00
bvl = kmem_cache_alloc ( bvs - > slab , __gfp_mask ) ;
if ( unlikely ( ! bvl & & ( gfp_mask & __GFP_WAIT ) ) ) {
* idx = BIOVEC_MAX_IDX ;
goto fallback ;
}
}
2005-04-16 15:20:36 -07:00
return bvl ;
}
2012-09-06 15:35:00 -07:00
static void __bio_free ( struct bio * bio )
2005-04-16 15:20:36 -07:00
{
2012-09-06 15:35:00 -07:00
bio_disassociate_task ( bio ) ;
2005-04-16 15:20:36 -07:00
2008-06-30 20:04:41 +02:00
if ( bio_integrity ( bio ) )
2012-09-06 15:34:56 -07:00
bio_integrity_free ( bio ) ;
2012-09-06 15:35:00 -07:00
}
2008-06-30 20:04:41 +02:00
2012-09-06 15:35:00 -07:00
static void bio_free ( struct bio * bio )
{
struct bio_set * bs = bio - > bi_pool ;
void * p ;
__bio_free ( bio ) ;
if ( bs ) {
2012-05-25 13:03:11 -07:00
if ( bio_flagged ( bio , BIO_OWNS_VEC ) )
2012-10-12 15:29:33 -07:00
bvec_free ( bs - > bvec_pool , bio - > bi_io_vec , BIO_POOL_IDX ( bio ) ) ;
2012-09-06 15:35:00 -07:00
/*
* If we have front padding , adjust the bio pointer before freeing
*/
p = bio ;
2008-12-10 15:35:05 +01:00
p - = bs - > front_pad ;
2012-09-06 15:35:00 -07:00
mempool_free ( p , bs - > bio_pool ) ;
} else {
/* Bio was allocated by bio_kmalloc() */
kfree ( bio ) ;
}
2005-09-06 15:16:42 -07:00
}
2006-01-14 13:20:43 -08:00
void bio_init ( struct bio * bio )
2005-04-16 15:20:36 -07:00
{
2007-07-18 13:14:03 +02:00
memset ( bio , 0 , sizeof ( * bio ) ) ;
2005-04-16 15:20:36 -07:00
bio - > bi_flags = 1 < < BIO_UPTODATE ;
2013-11-23 18:34:15 -08:00
atomic_set ( & bio - > bi_remaining , 1 ) ;
2005-04-16 15:20:36 -07:00
atomic_set ( & bio - > bi_cnt , 1 ) ;
}
2009-09-26 16:19:21 +02:00
EXPORT_SYMBOL ( bio_init ) ;
2005-04-16 15:20:36 -07:00
2012-09-06 15:34:58 -07:00
/**
* bio_reset - reinitialize a bio
* @ bio : bio to reset
*
* Description :
* After calling bio_reset ( ) , @ bio will be in the same state as a freshly
* allocated bio returned bio bio_alloc_bioset ( ) - the only fields that are
* preserved are the ones that are initialized by bio_alloc_bioset ( ) . See
* comment in struct bio .
*/
void bio_reset ( struct bio * bio )
{
unsigned long flags = bio - > bi_flags & ( ~ 0UL < < BIO_RESET_BITS ) ;
2012-09-06 15:35:00 -07:00
__bio_free ( bio ) ;
2012-09-06 15:34:58 -07:00
memset ( bio , 0 , BIO_RESET_BYTES ) ;
bio - > bi_flags = flags | ( 1 < < BIO_UPTODATE ) ;
2013-11-23 18:34:15 -08:00
atomic_set ( & bio - > bi_remaining , 1 ) ;
2012-09-06 15:34:58 -07:00
}
EXPORT_SYMBOL ( bio_reset ) ;
2013-11-23 18:34:15 -08:00
static void bio_chain_endio ( struct bio * bio , int error )
{
bio_endio ( bio - > bi_private , error ) ;
bio_put ( bio ) ;
}
/**
* bio_chain - chain bio completions
*
* The caller won ' t have a bi_end_io called when @ bio completes - instead ,
* @ parent ' s bi_end_io won ' t be called until both @ parent and @ bio have
* completed ; the chained bio will also be freed when it completes .
*
* The caller must not set bi_private or bi_end_io in @ bio .
*/
void bio_chain ( struct bio * bio , struct bio * parent )
{
BUG_ON ( bio - > bi_private | | bio - > bi_end_io ) ;
bio - > bi_private = parent ;
bio - > bi_end_io = bio_chain_endio ;
atomic_inc ( & parent - > bi_remaining ) ;
}
EXPORT_SYMBOL ( bio_chain ) ;
block: Avoid deadlocks with bio allocation by stacking drivers
Previously, if we ever try to allocate more than once from the same bio
set while running under generic_make_request() (i.e. a stacking block
driver), we risk deadlock.
This is because of the code in generic_make_request() that converts
recursion to iteration; any bios we submit won't actually be submitted
(so they can complete and eventually be freed) until after we return -
this means if we allocate a second bio, we're blocking the first one
from ever being freed.
Thus if enough threads call into a stacking block driver at the same
time with bios that need multiple splits, and the bio_set's reserve gets
used up, we deadlock.
This can be worked around in the driver code - we could check if we're
running under generic_make_request(), then mask out __GFP_WAIT when we
go to allocate a bio, and if the allocation fails punt to workqueue and
retry the allocation.
But this is tricky and not a generic solution. This patch solves it for
all users by inverting the previously described technique. We allocate a
rescuer workqueue for each bio_set, and then in the allocation code if
there are bios on current->bio_list we would be blocking, we punt them
to the rescuer workqueue to be submitted.
This guarantees forward progress for bio allocations under
generic_make_request() provided each bio is submitted before allocating
the next, and provided the bios are freed after they complete.
Note that this doesn't do anything for allocation from other mempools.
Instead of allocating per bio data structures from a mempool, code
should use bio_set's front_pad.
Tested it by forcing the rescue codepath to be taken (by disabling the
first GFP_NOWAIT) attempt, and then ran it with bcache (which does a lot
of arbitrary bio splitting) and verified that the rescuer was being
invoked.
Signed-off-by: Kent Overstreet <koverstreet@google.com>
CC: Jens Axboe <axboe@kernel.dk>
Acked-by: Tejun Heo <tj@kernel.org>
Reviewed-by: Muthukumar Ratty <muthur@gmail.com>
2012-09-10 14:33:46 -07:00
static void bio_alloc_rescue ( struct work_struct * work )
{
struct bio_set * bs = container_of ( work , struct bio_set , rescue_work ) ;
struct bio * bio ;
while ( 1 ) {
spin_lock ( & bs - > rescue_lock ) ;
bio = bio_list_pop ( & bs - > rescue_list ) ;
spin_unlock ( & bs - > rescue_lock ) ;
if ( ! bio )
break ;
generic_make_request ( bio ) ;
}
}
static void punt_bios_to_rescuer ( struct bio_set * bs )
{
struct bio_list punt , nopunt ;
struct bio * bio ;
/*
* In order to guarantee forward progress we must punt only bios that
* were allocated from this bio_set ; otherwise , if there was a bio on
* there for a stacking driver higher up in the stack , processing it
* could require allocating bios from this bio_set , and doing that from
* our own rescuer would be bad .
*
* Since bio lists are singly linked , pop them all instead of trying to
* remove from the middle of the list :
*/
bio_list_init ( & punt ) ;
bio_list_init ( & nopunt ) ;
while ( ( bio = bio_list_pop ( current - > bio_list ) ) )
bio_list_add ( bio - > bi_pool = = bs ? & punt : & nopunt , bio ) ;
* current - > bio_list = nopunt ;
spin_lock ( & bs - > rescue_lock ) ;
bio_list_merge ( & bs - > rescue_list , & punt ) ;
spin_unlock ( & bs - > rescue_lock ) ;
queue_work ( bs - > rescue_workqueue , & bs - > rescue_work ) ;
}
2005-04-16 15:20:36 -07:00
/**
* bio_alloc_bioset - allocate a bio for I / O
* @ gfp_mask : the GFP_ mask given to the slab allocator
* @ nr_iovecs : number of iovecs to pre - allocate
2010-01-15 12:05:07 +02:00
* @ bs : the bio_set to allocate from .
2005-04-16 15:20:36 -07:00
*
* Description :
2012-09-06 15:35:01 -07:00
* If @ bs is NULL , uses kmalloc ( ) to allocate the bio ; else the allocation is
* backed by the @ bs ' s mempool .
*
* When @ bs is not NULL , if % __GFP_WAIT is set then bio_alloc will always be
* able to allocate a bio . This is due to the mempool guarantees . To make this
* work , callers must never allocate more than 1 bio at a time from this pool .
* Callers that need to allocate more than 1 bio must always submit the
* previously allocated bio for IO before attempting to allocate a new one .
* Failure to do so can cause deadlocks under memory pressure .
*
block: Avoid deadlocks with bio allocation by stacking drivers
Previously, if we ever try to allocate more than once from the same bio
set while running under generic_make_request() (i.e. a stacking block
driver), we risk deadlock.
This is because of the code in generic_make_request() that converts
recursion to iteration; any bios we submit won't actually be submitted
(so they can complete and eventually be freed) until after we return -
this means if we allocate a second bio, we're blocking the first one
from ever being freed.
Thus if enough threads call into a stacking block driver at the same
time with bios that need multiple splits, and the bio_set's reserve gets
used up, we deadlock.
This can be worked around in the driver code - we could check if we're
running under generic_make_request(), then mask out __GFP_WAIT when we
go to allocate a bio, and if the allocation fails punt to workqueue and
retry the allocation.
But this is tricky and not a generic solution. This patch solves it for
all users by inverting the previously described technique. We allocate a
rescuer workqueue for each bio_set, and then in the allocation code if
there are bios on current->bio_list we would be blocking, we punt them
to the rescuer workqueue to be submitted.
This guarantees forward progress for bio allocations under
generic_make_request() provided each bio is submitted before allocating
the next, and provided the bios are freed after they complete.
Note that this doesn't do anything for allocation from other mempools.
Instead of allocating per bio data structures from a mempool, code
should use bio_set's front_pad.
Tested it by forcing the rescue codepath to be taken (by disabling the
first GFP_NOWAIT) attempt, and then ran it with bcache (which does a lot
of arbitrary bio splitting) and verified that the rescuer was being
invoked.
Signed-off-by: Kent Overstreet <koverstreet@google.com>
CC: Jens Axboe <axboe@kernel.dk>
Acked-by: Tejun Heo <tj@kernel.org>
Reviewed-by: Muthukumar Ratty <muthur@gmail.com>
2012-09-10 14:33:46 -07:00
* Note that when running under generic_make_request ( ) ( i . e . any block
* driver ) , bios are not submitted until after you return - see the code in
* generic_make_request ( ) that converts recursion into iteration , to prevent
* stack overflows .
*
* This would normally mean allocating multiple bios under
* generic_make_request ( ) would be susceptible to deadlocks , but we have
* deadlock avoidance code that resubmits any blocked bios from a rescuer
* thread .
*
* However , we do not guarantee forward progress for allocations from other
* mempools . Doing multiple allocations from the same mempool under
* generic_make_request ( ) should be avoided - instead , use bio_set ' s front_pad
* for per bio allocations .
*
2012-09-06 15:35:01 -07:00
* RETURNS :
* Pointer to new bio on success , NULL on failure .
*/
2005-10-07 07:46:04 +01:00
struct bio * bio_alloc_bioset ( gfp_t gfp_mask , int nr_iovecs , struct bio_set * bs )
2005-04-16 15:20:36 -07:00
{
block: Avoid deadlocks with bio allocation by stacking drivers
Previously, if we ever try to allocate more than once from the same bio
set while running under generic_make_request() (i.e. a stacking block
driver), we risk deadlock.
This is because of the code in generic_make_request() that converts
recursion to iteration; any bios we submit won't actually be submitted
(so they can complete and eventually be freed) until after we return -
this means if we allocate a second bio, we're blocking the first one
from ever being freed.
Thus if enough threads call into a stacking block driver at the same
time with bios that need multiple splits, and the bio_set's reserve gets
used up, we deadlock.
This can be worked around in the driver code - we could check if we're
running under generic_make_request(), then mask out __GFP_WAIT when we
go to allocate a bio, and if the allocation fails punt to workqueue and
retry the allocation.
But this is tricky and not a generic solution. This patch solves it for
all users by inverting the previously described technique. We allocate a
rescuer workqueue for each bio_set, and then in the allocation code if
there are bios on current->bio_list we would be blocking, we punt them
to the rescuer workqueue to be submitted.
This guarantees forward progress for bio allocations under
generic_make_request() provided each bio is submitted before allocating
the next, and provided the bios are freed after they complete.
Note that this doesn't do anything for allocation from other mempools.
Instead of allocating per bio data structures from a mempool, code
should use bio_set's front_pad.
Tested it by forcing the rescue codepath to be taken (by disabling the
first GFP_NOWAIT) attempt, and then ran it with bcache (which does a lot
of arbitrary bio splitting) and verified that the rescuer was being
invoked.
Signed-off-by: Kent Overstreet <koverstreet@google.com>
CC: Jens Axboe <axboe@kernel.dk>
Acked-by: Tejun Heo <tj@kernel.org>
Reviewed-by: Muthukumar Ratty <muthur@gmail.com>
2012-09-10 14:33:46 -07:00
gfp_t saved_gfp = gfp_mask ;
2012-09-06 15:35:01 -07:00
unsigned front_pad ;
unsigned inline_vecs ;
2009-04-15 19:50:51 +02:00
unsigned long idx = BIO_POOL_NONE ;
2009-02-21 11:16:36 +01:00
struct bio_vec * bvl = NULL ;
2009-04-15 19:50:51 +02:00
struct bio * bio ;
void * p ;
2012-09-06 15:35:01 -07:00
if ( ! bs ) {
if ( nr_iovecs > UIO_MAXIOV )
return NULL ;
p = kmalloc ( sizeof ( struct bio ) +
nr_iovecs * sizeof ( struct bio_vec ) ,
gfp_mask ) ;
front_pad = 0 ;
inline_vecs = nr_iovecs ;
} else {
block: Avoid deadlocks with bio allocation by stacking drivers
Previously, if we ever try to allocate more than once from the same bio
set while running under generic_make_request() (i.e. a stacking block
driver), we risk deadlock.
This is because of the code in generic_make_request() that converts
recursion to iteration; any bios we submit won't actually be submitted
(so they can complete and eventually be freed) until after we return -
this means if we allocate a second bio, we're blocking the first one
from ever being freed.
Thus if enough threads call into a stacking block driver at the same
time with bios that need multiple splits, and the bio_set's reserve gets
used up, we deadlock.
This can be worked around in the driver code - we could check if we're
running under generic_make_request(), then mask out __GFP_WAIT when we
go to allocate a bio, and if the allocation fails punt to workqueue and
retry the allocation.
But this is tricky and not a generic solution. This patch solves it for
all users by inverting the previously described technique. We allocate a
rescuer workqueue for each bio_set, and then in the allocation code if
there are bios on current->bio_list we would be blocking, we punt them
to the rescuer workqueue to be submitted.
This guarantees forward progress for bio allocations under
generic_make_request() provided each bio is submitted before allocating
the next, and provided the bios are freed after they complete.
Note that this doesn't do anything for allocation from other mempools.
Instead of allocating per bio data structures from a mempool, code
should use bio_set's front_pad.
Tested it by forcing the rescue codepath to be taken (by disabling the
first GFP_NOWAIT) attempt, and then ran it with bcache (which does a lot
of arbitrary bio splitting) and verified that the rescuer was being
invoked.
Signed-off-by: Kent Overstreet <koverstreet@google.com>
CC: Jens Axboe <axboe@kernel.dk>
Acked-by: Tejun Heo <tj@kernel.org>
Reviewed-by: Muthukumar Ratty <muthur@gmail.com>
2012-09-10 14:33:46 -07:00
/*
* generic_make_request ( ) converts recursion to iteration ; this
* means if we ' re running beneath it , any bios we allocate and
* submit will not be submitted ( and thus freed ) until after we
* return .
*
* This exposes us to a potential deadlock if we allocate
* multiple bios from the same bio_set ( ) while running
* underneath generic_make_request ( ) . If we were to allocate
* multiple bios ( say a stacking block driver that was splitting
* bios ) , we would deadlock if we exhausted the mempool ' s
* reserve .
*
* We solve this , and guarantee forward progress , with a rescuer
* workqueue per bio_set . If we go to allocate and there are
* bios on current - > bio_list , we first try the allocation
* without __GFP_WAIT ; if that fails , we punt those bios we
* would be blocking to the rescuer workqueue before we retry
* with the original gfp_flags .
*/
if ( current - > bio_list & & ! bio_list_empty ( current - > bio_list ) )
gfp_mask & = ~ __GFP_WAIT ;
2012-09-06 15:35:01 -07:00
p = mempool_alloc ( bs - > bio_pool , gfp_mask ) ;
block: Avoid deadlocks with bio allocation by stacking drivers
Previously, if we ever try to allocate more than once from the same bio
set while running under generic_make_request() (i.e. a stacking block
driver), we risk deadlock.
This is because of the code in generic_make_request() that converts
recursion to iteration; any bios we submit won't actually be submitted
(so they can complete and eventually be freed) until after we return -
this means if we allocate a second bio, we're blocking the first one
from ever being freed.
Thus if enough threads call into a stacking block driver at the same
time with bios that need multiple splits, and the bio_set's reserve gets
used up, we deadlock.
This can be worked around in the driver code - we could check if we're
running under generic_make_request(), then mask out __GFP_WAIT when we
go to allocate a bio, and if the allocation fails punt to workqueue and
retry the allocation.
But this is tricky and not a generic solution. This patch solves it for
all users by inverting the previously described technique. We allocate a
rescuer workqueue for each bio_set, and then in the allocation code if
there are bios on current->bio_list we would be blocking, we punt them
to the rescuer workqueue to be submitted.
This guarantees forward progress for bio allocations under
generic_make_request() provided each bio is submitted before allocating
the next, and provided the bios are freed after they complete.
Note that this doesn't do anything for allocation from other mempools.
Instead of allocating per bio data structures from a mempool, code
should use bio_set's front_pad.
Tested it by forcing the rescue codepath to be taken (by disabling the
first GFP_NOWAIT) attempt, and then ran it with bcache (which does a lot
of arbitrary bio splitting) and verified that the rescuer was being
invoked.
Signed-off-by: Kent Overstreet <koverstreet@google.com>
CC: Jens Axboe <axboe@kernel.dk>
Acked-by: Tejun Heo <tj@kernel.org>
Reviewed-by: Muthukumar Ratty <muthur@gmail.com>
2012-09-10 14:33:46 -07:00
if ( ! p & & gfp_mask ! = saved_gfp ) {
punt_bios_to_rescuer ( bs ) ;
gfp_mask = saved_gfp ;
p = mempool_alloc ( bs - > bio_pool , gfp_mask ) ;
}
2012-09-06 15:35:01 -07:00
front_pad = bs - > front_pad ;
inline_vecs = BIO_INLINE_VECS ;
}
2009-04-15 19:50:51 +02:00
if ( unlikely ( ! p ) )
return NULL ;
2005-04-16 15:20:36 -07:00
2012-09-06 15:35:01 -07:00
bio = p + front_pad ;
2009-02-21 11:16:36 +01:00
bio_init ( bio ) ;
2012-09-06 15:35:01 -07:00
if ( nr_iovecs > inline_vecs ) {
2012-10-12 15:29:33 -07:00
bvl = bvec_alloc ( gfp_mask , nr_iovecs , & idx , bs - > bvec_pool ) ;
block: Avoid deadlocks with bio allocation by stacking drivers
Previously, if we ever try to allocate more than once from the same bio
set while running under generic_make_request() (i.e. a stacking block
driver), we risk deadlock.
This is because of the code in generic_make_request() that converts
recursion to iteration; any bios we submit won't actually be submitted
(so they can complete and eventually be freed) until after we return -
this means if we allocate a second bio, we're blocking the first one
from ever being freed.
Thus if enough threads call into a stacking block driver at the same
time with bios that need multiple splits, and the bio_set's reserve gets
used up, we deadlock.
This can be worked around in the driver code - we could check if we're
running under generic_make_request(), then mask out __GFP_WAIT when we
go to allocate a bio, and if the allocation fails punt to workqueue and
retry the allocation.
But this is tricky and not a generic solution. This patch solves it for
all users by inverting the previously described technique. We allocate a
rescuer workqueue for each bio_set, and then in the allocation code if
there are bios on current->bio_list we would be blocking, we punt them
to the rescuer workqueue to be submitted.
This guarantees forward progress for bio allocations under
generic_make_request() provided each bio is submitted before allocating
the next, and provided the bios are freed after they complete.
Note that this doesn't do anything for allocation from other mempools.
Instead of allocating per bio data structures from a mempool, code
should use bio_set's front_pad.
Tested it by forcing the rescue codepath to be taken (by disabling the
first GFP_NOWAIT) attempt, and then ran it with bcache (which does a lot
of arbitrary bio splitting) and verified that the rescuer was being
invoked.
Signed-off-by: Kent Overstreet <koverstreet@google.com>
CC: Jens Axboe <axboe@kernel.dk>
Acked-by: Tejun Heo <tj@kernel.org>
Reviewed-by: Muthukumar Ratty <muthur@gmail.com>
2012-09-10 14:33:46 -07:00
if ( ! bvl & & gfp_mask ! = saved_gfp ) {
punt_bios_to_rescuer ( bs ) ;
gfp_mask = saved_gfp ;
2012-10-12 15:29:33 -07:00
bvl = bvec_alloc ( gfp_mask , nr_iovecs , & idx , bs - > bvec_pool ) ;
block: Avoid deadlocks with bio allocation by stacking drivers
Previously, if we ever try to allocate more than once from the same bio
set while running under generic_make_request() (i.e. a stacking block
driver), we risk deadlock.
This is because of the code in generic_make_request() that converts
recursion to iteration; any bios we submit won't actually be submitted
(so they can complete and eventually be freed) until after we return -
this means if we allocate a second bio, we're blocking the first one
from ever being freed.
Thus if enough threads call into a stacking block driver at the same
time with bios that need multiple splits, and the bio_set's reserve gets
used up, we deadlock.
This can be worked around in the driver code - we could check if we're
running under generic_make_request(), then mask out __GFP_WAIT when we
go to allocate a bio, and if the allocation fails punt to workqueue and
retry the allocation.
But this is tricky and not a generic solution. This patch solves it for
all users by inverting the previously described technique. We allocate a
rescuer workqueue for each bio_set, and then in the allocation code if
there are bios on current->bio_list we would be blocking, we punt them
to the rescuer workqueue to be submitted.
This guarantees forward progress for bio allocations under
generic_make_request() provided each bio is submitted before allocating
the next, and provided the bios are freed after they complete.
Note that this doesn't do anything for allocation from other mempools.
Instead of allocating per bio data structures from a mempool, code
should use bio_set's front_pad.
Tested it by forcing the rescue codepath to be taken (by disabling the
first GFP_NOWAIT) attempt, and then ran it with bcache (which does a lot
of arbitrary bio splitting) and verified that the rescuer was being
invoked.
Signed-off-by: Kent Overstreet <koverstreet@google.com>
CC: Jens Axboe <axboe@kernel.dk>
Acked-by: Tejun Heo <tj@kernel.org>
Reviewed-by: Muthukumar Ratty <muthur@gmail.com>
2012-09-10 14:33:46 -07:00
}
2009-02-21 11:16:36 +01:00
if ( unlikely ( ! bvl ) )
goto err_free ;
2012-05-25 13:03:11 -07:00
bio - > bi_flags | = 1 < < BIO_OWNS_VEC ;
2012-09-06 15:35:01 -07:00
} else if ( nr_iovecs ) {
bvl = bio - > bi_inline_vecs ;
2005-04-16 15:20:36 -07:00
}
2012-09-06 15:35:01 -07:00
bio - > bi_pool = bs ;
2009-02-21 11:16:36 +01:00
bio - > bi_flags | = idx < < BIO_POOL_OFFSET ;
bio - > bi_max_vecs = nr_iovecs ;
bio - > bi_io_vec = bvl ;
2005-04-16 15:20:36 -07:00
return bio ;
2009-02-21 11:16:36 +01:00
err_free :
2009-04-15 19:50:51 +02:00
mempool_free ( p , bs - > bio_pool ) ;
2009-02-21 11:16:36 +01:00
return NULL ;
2005-04-16 15:20:36 -07:00
}
2009-09-26 16:19:21 +02:00
EXPORT_SYMBOL ( bio_alloc_bioset ) ;
2005-04-16 15:20:36 -07:00
void zero_fill_bio ( struct bio * bio )
{
unsigned long flags ;
2013-11-23 17:19:00 -08:00
struct bio_vec bv ;
struct bvec_iter iter ;
2005-04-16 15:20:36 -07:00
2013-11-23 17:19:00 -08:00
bio_for_each_segment ( bv , bio , iter ) {
char * data = bvec_kmap_irq ( & bv , & flags ) ;
memset ( data , 0 , bv . bv_len ) ;
flush_dcache_page ( bv . bv_page ) ;
2005-04-16 15:20:36 -07:00
bvec_kunmap_irq ( data , & flags ) ;
}
}
EXPORT_SYMBOL ( zero_fill_bio ) ;
/**
* bio_put - release a reference to a bio
* @ bio : bio to release reference to
*
* Description :
* Put a reference to a & struct bio , either one you have gotten with
2009-11-02 11:39:22 +01:00
* bio_alloc , bio_get or bio_clone . The last put of a bio will free it .
2005-04-16 15:20:36 -07:00
* */
void bio_put ( struct bio * bio )
{
BIO_BUG_ON ( ! atomic_read ( & bio - > bi_cnt ) ) ;
/*
* last put frees it
*/
2012-09-06 15:35:00 -07:00
if ( atomic_dec_and_test ( & bio - > bi_cnt ) )
bio_free ( bio ) ;
2005-04-16 15:20:36 -07:00
}
2009-09-26 16:19:21 +02:00
EXPORT_SYMBOL ( bio_put ) ;
2005-04-16 15:20:36 -07:00
2007-07-24 09:28:11 +02:00
inline int bio_phys_segments ( struct request_queue * q , struct bio * bio )
2005-04-16 15:20:36 -07:00
{
if ( unlikely ( ! bio_flagged ( bio , BIO_SEG_VALID ) ) )
blk_recount_segments ( q , bio ) ;
return bio - > bi_phys_segments ;
}
2009-09-26 16:19:21 +02:00
EXPORT_SYMBOL ( bio_phys_segments ) ;
2005-04-16 15:20:36 -07:00
2013-11-23 18:19:27 -08:00
/**
* __bio_clone_fast - clone a bio that shares the original bio ' s biovec
* @ bio : destination bio
* @ bio_src : bio to clone
*
* Clone a & bio . Caller will own the returned bio , but not
* the actual data it points to . Reference count of returned
* bio will be one .
*
* Caller must ensure that @ bio_src is not freed before @ bio .
*/
void __bio_clone_fast ( struct bio * bio , struct bio * bio_src )
{
BUG_ON ( bio - > bi_pool & & BIO_POOL_IDX ( bio ) ! = BIO_POOL_NONE ) ;
/*
* most users will be overriding - > bi_bdev with a new target ,
* so we don ' t set nor calculate new physical / hw segment counts here
*/
bio - > bi_bdev = bio_src - > bi_bdev ;
bio - > bi_flags | = 1 < < BIO_CLONED ;
bio - > bi_rw = bio_src - > bi_rw ;
bio - > bi_iter = bio_src - > bi_iter ;
bio - > bi_io_vec = bio_src - > bi_io_vec ;
}
EXPORT_SYMBOL ( __bio_clone_fast ) ;
/**
* bio_clone_fast - clone a bio that shares the original bio ' s biovec
* @ bio : bio to clone
* @ gfp_mask : allocation priority
* @ bs : bio_set to allocate from
*
* Like __bio_clone_fast , only also allocates the returned bio
*/
struct bio * bio_clone_fast ( struct bio * bio , gfp_t gfp_mask , struct bio_set * bs )
{
struct bio * b ;
b = bio_alloc_bioset ( gfp_mask , 0 , bs ) ;
if ( ! b )
return NULL ;
__bio_clone_fast ( b , bio ) ;
if ( bio_integrity ( bio ) ) {
int ret ;
ret = bio_integrity_clone ( b , bio , gfp_mask ) ;
if ( ret < 0 ) {
bio_put ( b ) ;
return NULL ;
}
}
return b ;
}
EXPORT_SYMBOL ( bio_clone_fast ) ;
2005-04-16 15:20:36 -07:00
/**
2013-11-23 17:26:46 -08:00
* bio_clone_bioset - clone a bio
* @ bio_src : bio to clone
2005-04-16 15:20:36 -07:00
* @ gfp_mask : allocation priority
2012-09-06 15:35:02 -07:00
* @ bs : bio_set to allocate from
2005-04-16 15:20:36 -07:00
*
2013-11-23 17:26:46 -08:00
* Clone bio . Caller will own the returned bio , but not the actual data it
* points to . Reference count of returned bio will be one .
2005-04-16 15:20:36 -07:00
*/
2013-11-23 17:26:46 -08:00
struct bio * bio_clone_bioset ( struct bio * bio_src , gfp_t gfp_mask ,
2012-09-06 15:35:02 -07:00
struct bio_set * bs )
2005-04-16 15:20:36 -07:00
{
2013-11-23 17:26:46 -08:00
unsigned nr_iovecs = 0 ;
struct bvec_iter iter ;
struct bio_vec bv ;
struct bio * bio ;
2005-04-16 15:20:36 -07:00
2013-11-23 17:26:46 -08:00
/*
* Pre immutable biovecs , __bio_clone ( ) used to just do a memcpy from
* bio_src - > bi_io_vec to bio - > bi_io_vec .
*
* We can ' t do that anymore , because :
*
* - The point of cloning the biovec is to produce a bio with a biovec
* the caller can modify : bi_idx and bi_bvec_done should be 0.
*
* - The original bio could ' ve had more than BIO_MAX_PAGES biovecs ; if
* we tried to clone the whole thing bio_alloc_bioset ( ) would fail .
* But the clone should succeed as long as the number of biovecs we
* actually need to allocate is fewer than BIO_MAX_PAGES .
*
* - Lastly , bi_vcnt should not be looked at or relied upon by code
* that does not own the bio - reason being drivers don ' t use it for
* iterating over the biovec anymore , so expecting it to be kept up
* to date ( i . e . for clones that share the parent biovec ) is just
* asking for trouble and would force extra work on
* __bio_clone_fast ( ) anyways .
*/
bio_for_each_segment ( bv , bio_src , iter )
nr_iovecs + + ;
bio = bio_alloc_bioset ( gfp_mask , nr_iovecs , bs ) ;
if ( ! bio )
2008-06-30 20:04:41 +02:00
return NULL ;
2013-11-23 17:26:46 -08:00
bio - > bi_bdev = bio_src - > bi_bdev ;
bio - > bi_rw = bio_src - > bi_rw ;
bio - > bi_iter . bi_sector = bio_src - > bi_iter . bi_sector ;
bio - > bi_iter . bi_size = bio_src - > bi_iter . bi_size ;
2008-06-30 20:04:41 +02:00
2013-11-23 17:26:46 -08:00
bio_for_each_segment ( bv , bio_src , iter )
bio - > bi_io_vec [ bio - > bi_vcnt + + ] = bv ;
2008-06-30 20:04:41 +02:00
2013-11-23 17:26:46 -08:00
if ( bio_integrity ( bio_src ) ) {
int ret ;
2008-06-30 20:04:41 +02:00
2013-11-23 17:26:46 -08:00
ret = bio_integrity_clone ( bio , bio_src , gfp_mask ) ;
2009-03-09 10:42:45 +01:00
if ( ret < 0 ) {
2013-11-23 17:26:46 -08:00
bio_put ( bio ) ;
2008-06-30 20:04:41 +02:00
return NULL ;
2009-03-09 10:42:45 +01:00
}
2005-09-06 15:16:42 -07:00
}
2005-04-16 15:20:36 -07:00
2013-11-23 17:26:46 -08:00
return bio ;
2005-04-16 15:20:36 -07:00
}
2012-09-06 15:35:02 -07:00
EXPORT_SYMBOL ( bio_clone_bioset ) ;
2005-04-16 15:20:36 -07:00
/**
* bio_get_nr_vecs - return approx number of vecs
* @ bdev : I / O target
*
* Return the approximate number of pages we can send to this target .
* There ' s no guarantee that you will be able to fit this number of pages
* into a bio , it does not account for dynamic restrictions that vary
* on offset .
*/
int bio_get_nr_vecs ( struct block_device * bdev )
{
2007-07-24 09:28:11 +02:00
struct request_queue * q = bdev_get_queue ( bdev ) ;
2012-05-11 16:36:44 +02:00
int nr_pages ;
nr_pages = min_t ( unsigned ,
2012-02-08 22:07:18 +01:00
queue_max_segments ( q ) ,
queue_max_sectors ( q ) / ( PAGE_SIZE > > 9 ) + 1 ) ;
2012-05-11 16:36:44 +02:00
return min_t ( unsigned , nr_pages , BIO_MAX_PAGES ) ;
2005-04-16 15:20:36 -07:00
}
2009-09-26 16:19:21 +02:00
EXPORT_SYMBOL ( bio_get_nr_vecs ) ;
2005-04-16 15:20:36 -07:00
2007-07-24 09:28:11 +02:00
static int __bio_add_page ( struct request_queue * q , struct bio * bio , struct page
2005-12-05 02:37:06 -06:00
* page , unsigned int len , unsigned int offset ,
2013-11-18 22:11:42 +09:00
unsigned int max_sectors )
2005-04-16 15:20:36 -07:00
{
int retried_segments = 0 ;
struct bio_vec * bvec ;
/*
* cloned bio must not modify vec list
*/
if ( unlikely ( bio_flagged ( bio , BIO_CLONED ) ) )
return 0 ;
2013-10-11 15:44:27 -07:00
if ( ( ( bio - > bi_iter . bi_size + len ) > > 9 ) > max_sectors )
2005-04-16 15:20:36 -07:00
return 0 ;
2006-01-06 09:43:28 +01:00
/*
* For filesystems with a blocksize smaller than the pagesize
* we will often be called with the same page as last time and
* a consecutive offset . Optimize this special case .
*/
if ( bio - > bi_vcnt > 0 ) {
struct bio_vec * prev = & bio - > bi_io_vec [ bio - > bi_vcnt - 1 ] ;
if ( page = = prev - > bv_page & &
offset = = prev - > bv_offset + prev - > bv_len ) {
2010-01-27 22:44:36 +03:00
unsigned int prev_bv_len = prev - > bv_len ;
2006-01-06 09:43:28 +01:00
prev - > bv_len + = len ;
2008-07-03 09:53:43 +02:00
if ( q - > merge_bvec_fn ) {
struct bvec_merge_data bvm = {
2010-01-27 22:44:36 +03:00
/* prev_bvec is already charged in
bi_size , discharge it in order to
simulate merging updated prev_bvec
as new bvec . */
2008-07-03 09:53:43 +02:00
. bi_bdev = bio - > bi_bdev ,
2013-10-11 15:44:27 -07:00
. bi_sector = bio - > bi_iter . bi_sector ,
. bi_size = bio - > bi_iter . bi_size -
prev_bv_len ,
2008-07-03 09:53:43 +02:00
. bi_rw = bio - > bi_rw ,
} ;
2010-03-03 06:28:06 +03:00
if ( q - > merge_bvec_fn ( q , & bvm , prev ) < prev - > bv_len ) {
2008-07-03 09:53:43 +02:00
prev - > bv_len - = len ;
return 0 ;
}
2006-01-06 09:43:28 +01:00
}
goto done ;
}
}
if ( bio - > bi_vcnt > = bio - > bi_max_vecs )
2005-04-16 15:20:36 -07:00
return 0 ;
/*
* we might lose a segment or two here , but rather that than
* make this too complex .
*/
2010-02-26 00:20:39 -05:00
while ( bio - > bi_phys_segments > = queue_max_segments ( q ) ) {
2005-04-16 15:20:36 -07:00
if ( retried_segments )
return 0 ;
retried_segments = 1 ;
blk_recount_segments ( q , bio ) ;
}
/*
* setup the new entry , we might clear it again later if we
* cannot add the page
*/
bvec = & bio - > bi_io_vec [ bio - > bi_vcnt ] ;
bvec - > bv_page = page ;
bvec - > bv_len = len ;
bvec - > bv_offset = offset ;
/*
* if queue has other restrictions ( eg varying max sector size
* depending on offset ) , it can specify a merge_bvec_fn in the
* queue to get further control
*/
if ( q - > merge_bvec_fn ) {
2008-07-03 09:53:43 +02:00
struct bvec_merge_data bvm = {
. bi_bdev = bio - > bi_bdev ,
2013-10-11 15:44:27 -07:00
. bi_sector = bio - > bi_iter . bi_sector ,
. bi_size = bio - > bi_iter . bi_size ,
2008-07-03 09:53:43 +02:00
. bi_rw = bio - > bi_rw ,
} ;
2005-04-16 15:20:36 -07:00
/*
* merge_bvec_fn ( ) returns number of bytes it can accept
* at this offset
*/
2010-03-03 06:28:06 +03:00
if ( q - > merge_bvec_fn ( q , & bvm , bvec ) < bvec - > bv_len ) {
2005-04-16 15:20:36 -07:00
bvec - > bv_page = NULL ;
bvec - > bv_len = 0 ;
bvec - > bv_offset = 0 ;
return 0 ;
}
}
/* If we may be able to merge these biovecs, force a recount */
2008-08-15 10:15:19 +02:00
if ( bio - > bi_vcnt & & ( BIOVEC_PHYS_MERGEABLE ( bvec - 1 , bvec ) ) )
2005-04-16 15:20:36 -07:00
bio - > bi_flags & = ~ ( 1 < < BIO_SEG_VALID ) ;
bio - > bi_vcnt + + ;
bio - > bi_phys_segments + + ;
2006-01-06 09:43:28 +01:00
done :
2013-10-11 15:44:27 -07:00
bio - > bi_iter . bi_size + = len ;
2005-04-16 15:20:36 -07:00
return len ;
}
2005-11-11 05:30:27 -06:00
/**
* bio_add_pc_page - attempt to add page to bio
2006-01-31 15:24:34 +01:00
* @ q : the target queue
2005-11-11 05:30:27 -06:00
* @ bio : destination bio
* @ page : page to add
* @ len : vec entry length
* @ offset : vec entry offset
*
* Attempt to add a page to the bio_vec maplist . This can fail for a
2011-05-27 14:52:09 +02:00
* number of reasons , such as the bio being full or target block device
* limitations . The target block device must allow bio ' s up to PAGE_SIZE ,
* so it is always possible to add a single page to an empty bio .
*
* This should only be used by REQ_PC bios .
2005-11-11 05:30:27 -06:00
*/
2007-07-24 09:28:11 +02:00
int bio_add_pc_page ( struct request_queue * q , struct bio * bio , struct page * page ,
2005-11-11 05:30:27 -06:00
unsigned int len , unsigned int offset )
{
2009-05-22 17:17:50 -04:00
return __bio_add_page ( q , bio , page , len , offset ,
queue_max_hw_sectors ( q ) ) ;
2005-11-11 05:30:27 -06:00
}
2009-09-26 16:19:21 +02:00
EXPORT_SYMBOL ( bio_add_pc_page ) ;
2005-11-11 05:30:27 -06:00
2005-04-16 15:20:36 -07:00
/**
* bio_add_page - attempt to add page to bio
* @ bio : destination bio
* @ page : page to add
* @ len : vec entry length
* @ offset : vec entry offset
*
* Attempt to add a page to the bio_vec maplist . This can fail for a
2011-05-27 14:52:09 +02:00
* number of reasons , such as the bio being full or target block device
* limitations . The target block device must allow bio ' s up to PAGE_SIZE ,
* so it is always possible to add a single page to an empty bio .
2005-04-16 15:20:36 -07:00
*/
int bio_add_page ( struct bio * bio , struct page * page , unsigned int len ,
unsigned int offset )
{
2005-12-05 02:37:06 -06:00
struct request_queue * q = bdev_get_queue ( bio - > bi_bdev ) ;
2009-05-22 17:17:50 -04:00
return __bio_add_page ( q , bio , page , len , offset , queue_max_sectors ( q ) ) ;
2005-04-16 15:20:36 -07:00
}
2009-09-26 16:19:21 +02:00
EXPORT_SYMBOL ( bio_add_page ) ;
2005-04-16 15:20:36 -07:00
2012-09-10 14:41:12 -07:00
struct submit_bio_ret {
struct completion event ;
int error ;
} ;
static void submit_bio_wait_endio ( struct bio * bio , int error )
{
struct submit_bio_ret * ret = bio - > bi_private ;
ret - > error = error ;
complete ( & ret - > event ) ;
}
/**
* submit_bio_wait - submit a bio , and wait until it completes
* @ rw : whether to % READ or % WRITE , or maybe to % READA ( read ahead )
* @ bio : The & struct bio which describes the I / O
*
* Simple wrapper around submit_bio ( ) . Returns 0 on success , or the error from
* bio_endio ( ) on failure .
*/
int submit_bio_wait ( int rw , struct bio * bio )
{
struct submit_bio_ret ret ;
rw | = REQ_SYNC ;
init_completion ( & ret . event ) ;
bio - > bi_private = & ret ;
bio - > bi_end_io = submit_bio_wait_endio ;
submit_bio ( rw , bio ) ;
wait_for_completion ( & ret . event ) ;
return ret . error ;
}
EXPORT_SYMBOL ( submit_bio_wait ) ;
2012-09-28 13:17:55 -07:00
/**
* bio_advance - increment / complete a bio by some number of bytes
* @ bio : bio to advance
* @ bytes : number of bytes to complete
*
* This updates bi_sector , bi_size and bi_idx ; if the number of bytes to
* complete doesn ' t align with a bvec boundary , then bv_len and bv_offset will
* be updated on the last bvec as well .
*
* @ bio will then represent the remaining , uncompleted portion of the io .
*/
void bio_advance ( struct bio * bio , unsigned bytes )
{
if ( bio_integrity ( bio ) )
bio_integrity_advance ( bio , bytes ) ;
2013-08-07 14:26:21 -07:00
bio_advance_iter ( bio , & bio - > bi_iter , bytes ) ;
2012-09-28 13:17:55 -07:00
}
EXPORT_SYMBOL ( bio_advance ) ;
2012-09-10 14:03:28 -07:00
/**
* bio_alloc_pages - allocates a single page for each bvec in a bio
* @ bio : bio to allocate pages for
* @ gfp_mask : flags for allocation
*
* Allocates pages up to @ bio - > bi_vcnt .
*
* Returns 0 on success , - ENOMEM on failure . On failure , any allocated pages are
* freed .
*/
int bio_alloc_pages ( struct bio * bio , gfp_t gfp_mask )
{
int i ;
struct bio_vec * bv ;
bio_for_each_segment_all ( bv , bio , i ) {
bv - > bv_page = alloc_page ( gfp_mask ) ;
if ( ! bv - > bv_page ) {
while ( - - bv > = bio - > bi_io_vec )
__free_page ( bv - > bv_page ) ;
return - ENOMEM ;
}
}
return 0 ;
}
EXPORT_SYMBOL ( bio_alloc_pages ) ;
2012-09-10 13:57:51 -07:00
/**
* bio_copy_data - copy contents of data buffers from one chain of bios to
* another
* @ src : source bio list
* @ dst : destination bio list
*
* If @ src and @ dst are single bios , bi_next must be NULL - otherwise , treats
* @ src and @ dst as linked lists of bios .
*
* Stops when it reaches the end of either @ src or @ dst - that is , copies
* min ( src - > bi_size , dst - > bi_size ) bytes ( or the equivalent for lists of bios ) .
*/
void bio_copy_data ( struct bio * dst , struct bio * src )
{
2013-08-07 14:26:39 -07:00
struct bvec_iter src_iter , dst_iter ;
struct bio_vec src_bv , dst_bv ;
2012-09-10 13:57:51 -07:00
void * src_p , * dst_p ;
2013-08-07 14:26:39 -07:00
unsigned bytes ;
2012-09-10 13:57:51 -07:00
2013-08-07 14:26:39 -07:00
src_iter = src - > bi_iter ;
dst_iter = dst - > bi_iter ;
2012-09-10 13:57:51 -07:00
while ( 1 ) {
2013-08-07 14:26:39 -07:00
if ( ! src_iter . bi_size ) {
src = src - > bi_next ;
if ( ! src )
break ;
2012-09-10 13:57:51 -07:00
2013-08-07 14:26:39 -07:00
src_iter = src - > bi_iter ;
2012-09-10 13:57:51 -07:00
}
2013-08-07 14:26:39 -07:00
if ( ! dst_iter . bi_size ) {
dst = dst - > bi_next ;
if ( ! dst )
break ;
2012-09-10 13:57:51 -07:00
2013-08-07 14:26:39 -07:00
dst_iter = dst - > bi_iter ;
2012-09-10 13:57:51 -07:00
}
2013-08-07 14:26:39 -07:00
src_bv = bio_iter_iovec ( src , src_iter ) ;
dst_bv = bio_iter_iovec ( dst , dst_iter ) ;
bytes = min ( src_bv . bv_len , dst_bv . bv_len ) ;
2012-09-10 13:57:51 -07:00
2013-08-07 14:26:39 -07:00
src_p = kmap_atomic ( src_bv . bv_page ) ;
dst_p = kmap_atomic ( dst_bv . bv_page ) ;
2012-09-10 13:57:51 -07:00
2013-08-07 14:26:39 -07:00
memcpy ( dst_p + dst_bv . bv_offset ,
src_p + src_bv . bv_offset ,
2012-09-10 13:57:51 -07:00
bytes ) ;
kunmap_atomic ( dst_p ) ;
kunmap_atomic ( src_p ) ;
2013-08-07 14:26:39 -07:00
bio_advance_iter ( src , & src_iter , bytes ) ;
bio_advance_iter ( dst , & dst_iter , bytes ) ;
2012-09-10 13:57:51 -07:00
}
}
EXPORT_SYMBOL ( bio_copy_data ) ;
2005-04-16 15:20:36 -07:00
struct bio_map_data {
2008-08-28 16:17:06 +09:00
int nr_sgvecs ;
int is_our_pages ;
2013-11-22 19:39:06 -08:00
struct sg_iovec sgvecs [ ] ;
2005-04-16 15:20:36 -07:00
} ;
2008-04-11 12:56:49 +02:00
static void bio_set_map_data ( struct bio_map_data * bmd , struct bio * bio ,
2008-08-28 16:17:06 +09:00
struct sg_iovec * iov , int iov_count ,
int is_our_pages )
2005-04-16 15:20:36 -07:00
{
2008-04-11 12:56:49 +02:00
memcpy ( bmd - > sgvecs , iov , sizeof ( struct sg_iovec ) * iov_count ) ;
bmd - > nr_sgvecs = iov_count ;
2008-08-28 16:17:06 +09:00
bmd - > is_our_pages = is_our_pages ;
2005-04-16 15:20:36 -07:00
bio - > bi_private = bmd ;
}
2011-11-16 09:21:50 +01:00
static struct bio_map_data * bio_alloc_map_data ( int nr_segs ,
unsigned int iov_count ,
2008-08-25 20:36:08 +02:00
gfp_t gfp_mask )
2005-04-16 15:20:36 -07:00
{
2010-10-29 11:46:56 -06:00
if ( iov_count > UIO_MAXIOV )
return NULL ;
2005-04-16 15:20:36 -07:00
2013-11-22 19:39:06 -08:00
return kmalloc ( sizeof ( struct bio_map_data ) +
sizeof ( struct sg_iovec ) * iov_count , gfp_mask ) ;
2005-04-16 15:20:36 -07:00
}
2013-11-22 19:39:06 -08:00
static int __bio_copy_iov ( struct bio * bio , struct sg_iovec * iov , int iov_count ,
2009-07-09 14:46:53 +02:00
int to_user , int from_user , int do_free_page )
2008-04-11 12:56:49 +02:00
{
int ret = 0 , i ;
struct bio_vec * bvec ;
int iov_idx = 0 ;
unsigned int iov_off = 0 ;
2013-02-06 12:23:11 -08:00
bio_for_each_segment_all ( bvec , bio , i ) {
2008-04-11 12:56:49 +02:00
char * bv_addr = page_address ( bvec - > bv_page ) ;
2013-11-22 19:39:06 -08:00
unsigned int bv_len = bvec - > bv_len ;
2008-04-11 12:56:49 +02:00
while ( bv_len & & iov_idx < iov_count ) {
unsigned int bytes ;
2009-06-10 12:57:07 -07:00
char __user * iov_addr ;
2008-04-11 12:56:49 +02:00
bytes = min_t ( unsigned int ,
iov [ iov_idx ] . iov_len - iov_off , bv_len ) ;
iov_addr = iov [ iov_idx ] . iov_base + iov_off ;
if ( ! ret ) {
2009-07-09 14:46:53 +02:00
if ( to_user )
2008-04-11 12:56:49 +02:00
ret = copy_to_user ( iov_addr , bv_addr ,
bytes ) ;
2009-07-09 14:46:53 +02:00
if ( from_user )
ret = copy_from_user ( bv_addr , iov_addr ,
bytes ) ;
2008-04-11 12:56:49 +02:00
if ( ret )
ret = - EFAULT ;
}
bv_len - = bytes ;
bv_addr + = bytes ;
iov_addr + = bytes ;
iov_off + = bytes ;
if ( iov [ iov_idx ] . iov_len = = iov_off ) {
iov_idx + + ;
iov_off = 0 ;
}
}
2008-08-28 16:17:06 +09:00
if ( do_free_page )
2008-04-11 12:56:49 +02:00
__free_page ( bvec - > bv_page ) ;
}
return ret ;
}
2005-04-16 15:20:36 -07:00
/**
* bio_uncopy_user - finish previously mapped bio
* @ bio : bio being terminated
*
* Free pages allocated from bio_copy_user ( ) and write back data
* to user space in case of a read .
*/
int bio_uncopy_user ( struct bio * bio )
{
struct bio_map_data * bmd = bio - > bi_private ;
[SCSI] sg: Fix user memory corruption when SG_IO is interrupted by a signal
There is a nasty bug in the SCSI SG_IO ioctl that in some circumstances
leads to one process writing data into the address space of some other
random unrelated process if the ioctl is interrupted by a signal.
What happens is the following:
- A process issues an SG_IO ioctl with direction DXFER_FROM_DEV (ie the
underlying SCSI command will transfer data from the SCSI device to
the buffer provided in the ioctl)
- Before the command finishes, a signal is sent to the process waiting
in the ioctl. This will end up waking up the sg_ioctl() code:
result = wait_event_interruptible(sfp->read_wait,
(srp_done(sfp, srp) || sdp->detached));
but neither srp_done() nor sdp->detached is true, so we end up just
setting srp->orphan and returning to userspace:
srp->orphan = 1;
write_unlock_irq(&sfp->rq_list_lock);
return result; /* -ERESTARTSYS because signal hit process */
At this point the original process is done with the ioctl and
blithely goes ahead handling the signal, reissuing the ioctl, etc.
- Eventually, the SCSI command issued by the first ioctl finishes and
ends up in sg_rq_end_io(). At the end of that function, we run through:
write_lock_irqsave(&sfp->rq_list_lock, iflags);
if (unlikely(srp->orphan)) {
if (sfp->keep_orphan)
srp->sg_io_owned = 0;
else
done = 0;
}
srp->done = done;
write_unlock_irqrestore(&sfp->rq_list_lock, iflags);
if (likely(done)) {
/* Now wake up any sg_read() that is waiting for this
* packet.
*/
wake_up_interruptible(&sfp->read_wait);
kill_fasync(&sfp->async_qp, SIGPOLL, POLL_IN);
kref_put(&sfp->f_ref, sg_remove_sfp);
} else {
INIT_WORK(&srp->ew.work, sg_rq_end_io_usercontext);
schedule_work(&srp->ew.work);
}
Since srp->orphan *is* set, we set done to 0 (assuming the
userspace app has not set keep_orphan via an SG_SET_KEEP_ORPHAN
ioctl), and therefore we end up scheduling sg_rq_end_io_usercontext()
to run in a workqueue.
- In workqueue context we go through sg_rq_end_io_usercontext() ->
sg_finish_rem_req() -> blk_rq_unmap_user() -> ... ->
bio_uncopy_user() -> __bio_copy_iov() -> copy_to_user().
The key point here is that we are doing copy_to_user() on a
workqueue -- that is, we're on a kernel thread with current->mm
equal to whatever random previous user process was scheduled before
this kernel thread. So we end up copying whatever data the SCSI
command returned to the virtual address of the buffer passed into
the original ioctl, but it's quite likely we do this copying into a
different address space!
As suggested by James Bottomley <James.Bottomley@hansenpartnership.com>,
add a check for current->mm (which is NULL if we're on a kernel thread
without a real userspace address space) in bio_uncopy_user(), and skip
the copy if we're on a kernel thread.
There's no reason that I can think of for any caller of bio_uncopy_user()
to want to do copying on a kernel thread with a random active userspace
address space.
Huge thanks to Costa Sapuntzakis <costa@purestorage.com> for the
original pointer to this bug in the sg code.
Signed-off-by: Roland Dreier <roland@purestorage.com>
Tested-by: David Milburn <dmilburn@redhat.com>
Cc: Jens Axboe <axboe@kernel.dk>
Cc: <stable@vger.kernel.org>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
2013-08-05 17:55:01 -07:00
struct bio_vec * bvec ;
int ret = 0 , i ;
2005-04-16 15:20:36 -07:00
[SCSI] sg: Fix user memory corruption when SG_IO is interrupted by a signal
There is a nasty bug in the SCSI SG_IO ioctl that in some circumstances
leads to one process writing data into the address space of some other
random unrelated process if the ioctl is interrupted by a signal.
What happens is the following:
- A process issues an SG_IO ioctl with direction DXFER_FROM_DEV (ie the
underlying SCSI command will transfer data from the SCSI device to
the buffer provided in the ioctl)
- Before the command finishes, a signal is sent to the process waiting
in the ioctl. This will end up waking up the sg_ioctl() code:
result = wait_event_interruptible(sfp->read_wait,
(srp_done(sfp, srp) || sdp->detached));
but neither srp_done() nor sdp->detached is true, so we end up just
setting srp->orphan and returning to userspace:
srp->orphan = 1;
write_unlock_irq(&sfp->rq_list_lock);
return result; /* -ERESTARTSYS because signal hit process */
At this point the original process is done with the ioctl and
blithely goes ahead handling the signal, reissuing the ioctl, etc.
- Eventually, the SCSI command issued by the first ioctl finishes and
ends up in sg_rq_end_io(). At the end of that function, we run through:
write_lock_irqsave(&sfp->rq_list_lock, iflags);
if (unlikely(srp->orphan)) {
if (sfp->keep_orphan)
srp->sg_io_owned = 0;
else
done = 0;
}
srp->done = done;
write_unlock_irqrestore(&sfp->rq_list_lock, iflags);
if (likely(done)) {
/* Now wake up any sg_read() that is waiting for this
* packet.
*/
wake_up_interruptible(&sfp->read_wait);
kill_fasync(&sfp->async_qp, SIGPOLL, POLL_IN);
kref_put(&sfp->f_ref, sg_remove_sfp);
} else {
INIT_WORK(&srp->ew.work, sg_rq_end_io_usercontext);
schedule_work(&srp->ew.work);
}
Since srp->orphan *is* set, we set done to 0 (assuming the
userspace app has not set keep_orphan via an SG_SET_KEEP_ORPHAN
ioctl), and therefore we end up scheduling sg_rq_end_io_usercontext()
to run in a workqueue.
- In workqueue context we go through sg_rq_end_io_usercontext() ->
sg_finish_rem_req() -> blk_rq_unmap_user() -> ... ->
bio_uncopy_user() -> __bio_copy_iov() -> copy_to_user().
The key point here is that we are doing copy_to_user() on a
workqueue -- that is, we're on a kernel thread with current->mm
equal to whatever random previous user process was scheduled before
this kernel thread. So we end up copying whatever data the SCSI
command returned to the virtual address of the buffer passed into
the original ioctl, but it's quite likely we do this copying into a
different address space!
As suggested by James Bottomley <James.Bottomley@hansenpartnership.com>,
add a check for current->mm (which is NULL if we're on a kernel thread
without a real userspace address space) in bio_uncopy_user(), and skip
the copy if we're on a kernel thread.
There's no reason that I can think of for any caller of bio_uncopy_user()
to want to do copying on a kernel thread with a random active userspace
address space.
Huge thanks to Costa Sapuntzakis <costa@purestorage.com> for the
original pointer to this bug in the sg code.
Signed-off-by: Roland Dreier <roland@purestorage.com>
Tested-by: David Milburn <dmilburn@redhat.com>
Cc: Jens Axboe <axboe@kernel.dk>
Cc: <stable@vger.kernel.org>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
2013-08-05 17:55:01 -07:00
if ( ! bio_flagged ( bio , BIO_NULL_MAPPED ) ) {
/*
* if we ' re in a workqueue , the request is orphaned , so
* don ' t copy into a random user address space , just free .
*/
if ( current - > mm )
2013-11-22 19:39:06 -08:00
ret = __bio_copy_iov ( bio , bmd - > sgvecs , bmd - > nr_sgvecs ,
bio_data_dir ( bio ) = = READ ,
[SCSI] sg: Fix user memory corruption when SG_IO is interrupted by a signal
There is a nasty bug in the SCSI SG_IO ioctl that in some circumstances
leads to one process writing data into the address space of some other
random unrelated process if the ioctl is interrupted by a signal.
What happens is the following:
- A process issues an SG_IO ioctl with direction DXFER_FROM_DEV (ie the
underlying SCSI command will transfer data from the SCSI device to
the buffer provided in the ioctl)
- Before the command finishes, a signal is sent to the process waiting
in the ioctl. This will end up waking up the sg_ioctl() code:
result = wait_event_interruptible(sfp->read_wait,
(srp_done(sfp, srp) || sdp->detached));
but neither srp_done() nor sdp->detached is true, so we end up just
setting srp->orphan and returning to userspace:
srp->orphan = 1;
write_unlock_irq(&sfp->rq_list_lock);
return result; /* -ERESTARTSYS because signal hit process */
At this point the original process is done with the ioctl and
blithely goes ahead handling the signal, reissuing the ioctl, etc.
- Eventually, the SCSI command issued by the first ioctl finishes and
ends up in sg_rq_end_io(). At the end of that function, we run through:
write_lock_irqsave(&sfp->rq_list_lock, iflags);
if (unlikely(srp->orphan)) {
if (sfp->keep_orphan)
srp->sg_io_owned = 0;
else
done = 0;
}
srp->done = done;
write_unlock_irqrestore(&sfp->rq_list_lock, iflags);
if (likely(done)) {
/* Now wake up any sg_read() that is waiting for this
* packet.
*/
wake_up_interruptible(&sfp->read_wait);
kill_fasync(&sfp->async_qp, SIGPOLL, POLL_IN);
kref_put(&sfp->f_ref, sg_remove_sfp);
} else {
INIT_WORK(&srp->ew.work, sg_rq_end_io_usercontext);
schedule_work(&srp->ew.work);
}
Since srp->orphan *is* set, we set done to 0 (assuming the
userspace app has not set keep_orphan via an SG_SET_KEEP_ORPHAN
ioctl), and therefore we end up scheduling sg_rq_end_io_usercontext()
to run in a workqueue.
- In workqueue context we go through sg_rq_end_io_usercontext() ->
sg_finish_rem_req() -> blk_rq_unmap_user() -> ... ->
bio_uncopy_user() -> __bio_copy_iov() -> copy_to_user().
The key point here is that we are doing copy_to_user() on a
workqueue -- that is, we're on a kernel thread with current->mm
equal to whatever random previous user process was scheduled before
this kernel thread. So we end up copying whatever data the SCSI
command returned to the virtual address of the buffer passed into
the original ioctl, but it's quite likely we do this copying into a
different address space!
As suggested by James Bottomley <James.Bottomley@hansenpartnership.com>,
add a check for current->mm (which is NULL if we're on a kernel thread
without a real userspace address space) in bio_uncopy_user(), and skip
the copy if we're on a kernel thread.
There's no reason that I can think of for any caller of bio_uncopy_user()
to want to do copying on a kernel thread with a random active userspace
address space.
Huge thanks to Costa Sapuntzakis <costa@purestorage.com> for the
original pointer to this bug in the sg code.
Signed-off-by: Roland Dreier <roland@purestorage.com>
Tested-by: David Milburn <dmilburn@redhat.com>
Cc: Jens Axboe <axboe@kernel.dk>
Cc: <stable@vger.kernel.org>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
2013-08-05 17:55:01 -07:00
0 , bmd - > is_our_pages ) ;
else if ( bmd - > is_our_pages )
bio_for_each_segment_all ( bvec , bio , i )
__free_page ( bvec - > bv_page ) ;
}
2013-11-22 19:39:06 -08:00
kfree ( bmd ) ;
2005-04-16 15:20:36 -07:00
bio_put ( bio ) ;
return ret ;
}
2009-09-26 16:19:21 +02:00
EXPORT_SYMBOL ( bio_uncopy_user ) ;
2005-04-16 15:20:36 -07:00
/**
2008-04-11 12:56:49 +02:00
* bio_copy_user_iov - copy user data to bio
2005-04-16 15:20:36 -07:00
* @ q : destination block queue
2008-08-28 16:17:06 +09:00
* @ map_data : pointer to the rq_map_data holding pages ( if necessary )
2008-04-11 12:56:49 +02:00
* @ iov : the iovec .
* @ iov_count : number of elements in the iovec
2005-04-16 15:20:36 -07:00
* @ write_to_vm : bool indicating writing to pages or not
2008-08-28 16:17:05 +09:00
* @ gfp_mask : memory allocation flags
2005-04-16 15:20:36 -07:00
*
* Prepares and returns a bio for indirect user io , bouncing data
* to / from kernel pages as necessary . Must be paired with
* call bio_uncopy_user ( ) on io completion .
*/
2008-08-28 16:17:06 +09:00
struct bio * bio_copy_user_iov ( struct request_queue * q ,
struct rq_map_data * map_data ,
struct sg_iovec * iov , int iov_count ,
int write_to_vm , gfp_t gfp_mask )
2005-04-16 15:20:36 -07:00
{
struct bio_map_data * bmd ;
struct bio_vec * bvec ;
struct page * page ;
struct bio * bio ;
int i , ret ;
2008-04-11 12:56:49 +02:00
int nr_pages = 0 ;
unsigned int len = 0 ;
2008-12-18 14:49:37 +09:00
unsigned int offset = map_data ? map_data - > offset & ~ PAGE_MASK : 0 ;
2005-04-16 15:20:36 -07:00
2008-04-11 12:56:49 +02:00
for ( i = 0 ; i < iov_count ; i + + ) {
unsigned long uaddr ;
unsigned long end ;
unsigned long start ;
uaddr = ( unsigned long ) iov [ i ] . iov_base ;
end = ( uaddr + iov [ i ] . iov_len + PAGE_SIZE - 1 ) > > PAGE_SHIFT ;
start = uaddr > > PAGE_SHIFT ;
2010-11-10 14:36:25 +01:00
/*
* Overflow , abort
*/
if ( end < start )
return ERR_PTR ( - EINVAL ) ;
2008-04-11 12:56:49 +02:00
nr_pages + = end - start ;
len + = iov [ i ] . iov_len ;
}
2009-04-28 20:24:29 +02:00
if ( offset )
nr_pages + + ;
2008-08-28 16:17:05 +09:00
bmd = bio_alloc_map_data ( nr_pages , iov_count , gfp_mask ) ;
2005-04-16 15:20:36 -07:00
if ( ! bmd )
return ERR_PTR ( - ENOMEM ) ;
ret = - ENOMEM ;
2009-04-15 22:10:27 +09:00
bio = bio_kmalloc ( gfp_mask , nr_pages ) ;
2005-04-16 15:20:36 -07:00
if ( ! bio )
goto out_bmd ;
2010-08-07 18:20:39 +02:00
if ( ! write_to_vm )
bio - > bi_rw | = REQ_WRITE ;
2005-04-16 15:20:36 -07:00
ret = 0 ;
2008-12-18 14:49:37 +09:00
if ( map_data ) {
2008-12-18 14:49:36 +09:00
nr_pages = 1 < < map_data - > page_order ;
2008-12-18 14:49:37 +09:00
i = map_data - > offset / PAGE_SIZE ;
}
2005-04-16 15:20:36 -07:00
while ( len ) {
2008-12-18 14:49:36 +09:00
unsigned int bytes = PAGE_SIZE ;
2005-04-16 15:20:36 -07:00
2008-12-18 14:49:37 +09:00
bytes - = offset ;
2005-04-16 15:20:36 -07:00
if ( bytes > len )
bytes = len ;
2008-08-28 16:17:06 +09:00
if ( map_data ) {
2008-12-18 14:49:36 +09:00
if ( i = = map_data - > nr_entries * nr_pages ) {
2008-08-28 16:17:06 +09:00
ret = - ENOMEM ;
break ;
}
2008-12-18 14:49:36 +09:00
page = map_data - > pages [ i / nr_pages ] ;
page + = ( i % nr_pages ) ;
i + + ;
} else {
2008-08-28 16:17:06 +09:00
page = alloc_page ( q - > bounce_gfp | gfp_mask ) ;
2008-12-18 14:49:36 +09:00
if ( ! page ) {
ret = - ENOMEM ;
break ;
}
2005-04-16 15:20:36 -07:00
}
2008-12-18 14:49:37 +09:00
if ( bio_add_pc_page ( q , bio , page , bytes , offset ) < bytes )
2005-04-16 15:20:36 -07:00
break ;
len - = bytes ;
2008-12-18 14:49:37 +09:00
offset = 0 ;
2005-04-16 15:20:36 -07:00
}
if ( ret )
goto cleanup ;
/*
* success
*/
2009-07-09 14:46:53 +02:00
if ( ( ! write_to_vm & & ( ! map_data | | ! map_data - > null_mapped ) ) | |
( map_data & & map_data - > from_user ) ) {
2013-11-22 19:39:06 -08:00
ret = __bio_copy_iov ( bio , iov , iov_count , 0 , 1 , 0 ) ;
2008-04-11 12:56:49 +02:00
if ( ret )
goto cleanup ;
2005-04-16 15:20:36 -07:00
}
2008-08-28 16:17:06 +09:00
bio_set_map_data ( bmd , bio , iov , iov_count , map_data ? 0 : 1 ) ;
2005-04-16 15:20:36 -07:00
return bio ;
cleanup :
2008-08-28 16:17:06 +09:00
if ( ! map_data )
2013-02-06 12:23:11 -08:00
bio_for_each_segment_all ( bvec , bio , i )
2008-08-28 16:17:06 +09:00
__free_page ( bvec - > bv_page ) ;
2005-04-16 15:20:36 -07:00
bio_put ( bio ) ;
out_bmd :
2013-11-22 19:39:06 -08:00
kfree ( bmd ) ;
2005-04-16 15:20:36 -07:00
return ERR_PTR ( ret ) ;
}
2008-04-11 12:56:49 +02:00
/**
* bio_copy_user - copy user data to bio
* @ q : destination block queue
2008-08-28 16:17:06 +09:00
* @ map_data : pointer to the rq_map_data holding pages ( if necessary )
2008-04-11 12:56:49 +02:00
* @ uaddr : start of user address
* @ len : length in bytes
* @ write_to_vm : bool indicating writing to pages or not
2008-08-28 16:17:05 +09:00
* @ gfp_mask : memory allocation flags
2008-04-11 12:56:49 +02:00
*
* Prepares and returns a bio for indirect user io , bouncing data
* to / from kernel pages as necessary . Must be paired with
* call bio_uncopy_user ( ) on io completion .
*/
2008-08-28 16:17:06 +09:00
struct bio * bio_copy_user ( struct request_queue * q , struct rq_map_data * map_data ,
unsigned long uaddr , unsigned int len ,
int write_to_vm , gfp_t gfp_mask )
2008-04-11 12:56:49 +02:00
{
struct sg_iovec iov ;
iov . iov_base = ( void __user * ) uaddr ;
iov . iov_len = len ;
2008-08-28 16:17:06 +09:00
return bio_copy_user_iov ( q , map_data , & iov , 1 , write_to_vm , gfp_mask ) ;
2008-04-11 12:56:49 +02:00
}
2009-09-26 16:19:21 +02:00
EXPORT_SYMBOL ( bio_copy_user ) ;
2008-04-11 12:56:49 +02:00
2007-07-24 09:28:11 +02:00
static struct bio * __bio_map_user_iov ( struct request_queue * q ,
2005-06-20 14:06:52 +02:00
struct block_device * bdev ,
struct sg_iovec * iov , int iov_count ,
2008-08-28 16:17:05 +09:00
int write_to_vm , gfp_t gfp_mask )
2005-04-16 15:20:36 -07:00
{
2005-06-20 14:06:52 +02:00
int i , j ;
int nr_pages = 0 ;
2005-04-16 15:20:36 -07:00
struct page * * pages ;
struct bio * bio ;
2005-06-20 14:06:52 +02:00
int cur_page = 0 ;
int ret , offset ;
2005-04-16 15:20:36 -07:00
2005-06-20 14:06:52 +02:00
for ( i = 0 ; i < iov_count ; i + + ) {
unsigned long uaddr = ( unsigned long ) iov [ i ] . iov_base ;
unsigned long len = iov [ i ] . iov_len ;
unsigned long end = ( uaddr + len + PAGE_SIZE - 1 ) > > PAGE_SHIFT ;
unsigned long start = uaddr > > PAGE_SHIFT ;
2010-11-10 14:36:25 +01:00
/*
* Overflow , abort
*/
if ( end < start )
return ERR_PTR ( - EINVAL ) ;
2005-06-20 14:06:52 +02:00
nr_pages + = end - start ;
/*
2006-12-01 10:40:20 +01:00
* buffer must be aligned to at least hardsector size for now
2005-06-20 14:06:52 +02:00
*/
2006-12-01 10:40:20 +01:00
if ( uaddr & queue_dma_alignment ( q ) )
2005-06-20 14:06:52 +02:00
return ERR_PTR ( - EINVAL ) ;
}
if ( ! nr_pages )
2005-04-16 15:20:36 -07:00
return ERR_PTR ( - EINVAL ) ;
2009-04-15 22:10:27 +09:00
bio = bio_kmalloc ( gfp_mask , nr_pages ) ;
2005-04-16 15:20:36 -07:00
if ( ! bio )
return ERR_PTR ( - ENOMEM ) ;
ret = - ENOMEM ;
2008-08-28 16:17:05 +09:00
pages = kcalloc ( nr_pages , sizeof ( struct page * ) , gfp_mask ) ;
2005-04-16 15:20:36 -07:00
if ( ! pages )
goto out ;
2005-06-20 14:06:52 +02:00
for ( i = 0 ; i < iov_count ; i + + ) {
unsigned long uaddr = ( unsigned long ) iov [ i ] . iov_base ;
unsigned long len = iov [ i ] . iov_len ;
unsigned long end = ( uaddr + len + PAGE_SIZE - 1 ) > > PAGE_SHIFT ;
unsigned long start = uaddr > > PAGE_SHIFT ;
const int local_nr_pages = end - start ;
const int page_limit = cur_page + local_nr_pages ;
2010-11-10 14:36:25 +01:00
2008-07-25 19:45:25 -07:00
ret = get_user_pages_fast ( uaddr , local_nr_pages ,
write_to_vm , & pages [ cur_page ] ) ;
2006-06-16 13:02:29 +02:00
if ( ret < local_nr_pages ) {
ret = - EFAULT ;
2005-06-20 14:06:52 +02:00
goto out_unmap ;
2006-06-16 13:02:29 +02:00
}
2005-06-20 14:06:52 +02:00
offset = uaddr & ~ PAGE_MASK ;
for ( j = cur_page ; j < page_limit ; j + + ) {
unsigned int bytes = PAGE_SIZE - offset ;
if ( len < = 0 )
break ;
if ( bytes > len )
bytes = len ;
/*
* sorry . . .
*/
2005-12-05 02:37:06 -06:00
if ( bio_add_pc_page ( q , bio , pages [ j ] , bytes , offset ) <
bytes )
2005-06-20 14:06:52 +02:00
break ;
len - = bytes ;
offset = 0 ;
}
2005-04-16 15:20:36 -07:00
2005-06-20 14:06:52 +02:00
cur_page = j ;
2005-04-16 15:20:36 -07:00
/*
2005-06-20 14:06:52 +02:00
* release the pages we didn ' t map into the bio , if any
2005-04-16 15:20:36 -07:00
*/
2005-06-20 14:06:52 +02:00
while ( j < page_limit )
page_cache_release ( pages [ j + + ] ) ;
2005-04-16 15:20:36 -07:00
}
kfree ( pages ) ;
/*
* set data direction , and check if mapped pages need bouncing
*/
if ( ! write_to_vm )
2010-08-07 18:20:39 +02:00
bio - > bi_rw | = REQ_WRITE ;
2005-04-16 15:20:36 -07:00
2005-06-20 14:06:52 +02:00
bio - > bi_bdev = bdev ;
2005-04-16 15:20:36 -07:00
bio - > bi_flags | = ( 1 < < BIO_USER_MAPPED ) ;
return bio ;
2005-06-20 14:06:52 +02:00
out_unmap :
for ( i = 0 ; i < nr_pages ; i + + ) {
if ( ! pages [ i ] )
break ;
page_cache_release ( pages [ i ] ) ;
}
out :
2005-04-16 15:20:36 -07:00
kfree ( pages ) ;
bio_put ( bio ) ;
return ERR_PTR ( ret ) ;
}
/**
* bio_map_user - map user address into bio
2007-07-24 09:28:11 +02:00
* @ q : the struct request_queue for the bio
2005-04-16 15:20:36 -07:00
* @ bdev : destination block device
* @ uaddr : start of user address
* @ len : length in bytes
* @ write_to_vm : bool indicating writing to pages or not
2008-08-28 16:17:05 +09:00
* @ gfp_mask : memory allocation flags
2005-04-16 15:20:36 -07:00
*
* Map the user space address into a bio suitable for io to a block
* device . Returns an error pointer in case of error .
*/
2007-07-24 09:28:11 +02:00
struct bio * bio_map_user ( struct request_queue * q , struct block_device * bdev ,
2008-08-28 16:17:05 +09:00
unsigned long uaddr , unsigned int len , int write_to_vm ,
gfp_t gfp_mask )
2005-06-20 14:06:52 +02:00
{
struct sg_iovec iov ;
2005-09-09 16:53:56 +01:00
iov . iov_base = ( void __user * ) uaddr ;
2005-06-20 14:06:52 +02:00
iov . iov_len = len ;
2008-08-28 16:17:05 +09:00
return bio_map_user_iov ( q , bdev , & iov , 1 , write_to_vm , gfp_mask ) ;
2005-06-20 14:06:52 +02:00
}
2009-09-26 16:19:21 +02:00
EXPORT_SYMBOL ( bio_map_user ) ;
2005-06-20 14:06:52 +02:00
/**
* bio_map_user_iov - map user sg_iovec table into bio
2007-07-24 09:28:11 +02:00
* @ q : the struct request_queue for the bio
2005-06-20 14:06:52 +02:00
* @ bdev : destination block device
* @ iov : the iovec .
* @ iov_count : number of elements in the iovec
* @ write_to_vm : bool indicating writing to pages or not
2008-08-28 16:17:05 +09:00
* @ gfp_mask : memory allocation flags
2005-06-20 14:06:52 +02:00
*
* Map the user space address into a bio suitable for io to a block
* device . Returns an error pointer in case of error .
*/
2007-07-24 09:28:11 +02:00
struct bio * bio_map_user_iov ( struct request_queue * q , struct block_device * bdev ,
2005-06-20 14:06:52 +02:00
struct sg_iovec * iov , int iov_count ,
2008-08-28 16:17:05 +09:00
int write_to_vm , gfp_t gfp_mask )
2005-04-16 15:20:36 -07:00
{
struct bio * bio ;
2008-08-28 16:17:05 +09:00
bio = __bio_map_user_iov ( q , bdev , iov , iov_count , write_to_vm ,
gfp_mask ) ;
2005-04-16 15:20:36 -07:00
if ( IS_ERR ( bio ) )
return bio ;
/*
* subtle - - if __bio_map_user ( ) ended up bouncing a bio ,
* it would normally disappear when its bi_end_io is run .
* however , we need it for the unmap , so grab an extra
* reference to it
*/
bio_get ( bio ) ;
2006-12-01 10:40:55 +01:00
return bio ;
2005-04-16 15:20:36 -07:00
}
static void __bio_unmap_user ( struct bio * bio )
{
struct bio_vec * bvec ;
int i ;
/*
* make sure we dirty pages we wrote to
*/
2013-02-06 12:23:11 -08:00
bio_for_each_segment_all ( bvec , bio , i ) {
2005-04-16 15:20:36 -07:00
if ( bio_data_dir ( bio ) = = READ )
set_page_dirty_lock ( bvec - > bv_page ) ;
page_cache_release ( bvec - > bv_page ) ;
}
bio_put ( bio ) ;
}
/**
* bio_unmap_user - unmap a bio
* @ bio : the bio being unmapped
*
* Unmap a bio previously mapped by bio_map_user ( ) . Must be called with
* a process context .
*
* bio_unmap_user ( ) may sleep .
*/
void bio_unmap_user ( struct bio * bio )
{
__bio_unmap_user ( bio ) ;
bio_put ( bio ) ;
}
2009-09-26 16:19:21 +02:00
EXPORT_SYMBOL ( bio_unmap_user ) ;
2005-04-16 15:20:36 -07:00
2007-09-27 12:47:43 +02:00
static void bio_map_kern_endio ( struct bio * bio , int err )
2005-06-20 14:05:27 +02:00
{
bio_put ( bio ) ;
}
2007-07-24 09:28:11 +02:00
static struct bio * __bio_map_kern ( struct request_queue * q , void * data ,
2005-10-21 03:20:48 -04:00
unsigned int len , gfp_t gfp_mask )
2005-06-20 14:04:44 +02:00
{
unsigned long kaddr = ( unsigned long ) data ;
unsigned long end = ( kaddr + len + PAGE_SIZE - 1 ) > > PAGE_SHIFT ;
unsigned long start = kaddr > > PAGE_SHIFT ;
const int nr_pages = end - start ;
int offset , i ;
struct bio * bio ;
2009-04-15 22:10:27 +09:00
bio = bio_kmalloc ( gfp_mask , nr_pages ) ;
2005-06-20 14:04:44 +02:00
if ( ! bio )
return ERR_PTR ( - ENOMEM ) ;
offset = offset_in_page ( kaddr ) ;
for ( i = 0 ; i < nr_pages ; i + + ) {
unsigned int bytes = PAGE_SIZE - offset ;
if ( len < = 0 )
break ;
if ( bytes > len )
bytes = len ;
2005-12-05 02:37:06 -06:00
if ( bio_add_pc_page ( q , bio , virt_to_page ( data ) , bytes ,
offset ) < bytes )
2005-06-20 14:04:44 +02:00
break ;
data + = bytes ;
len - = bytes ;
offset = 0 ;
}
2005-06-20 14:05:27 +02:00
bio - > bi_end_io = bio_map_kern_endio ;
2005-06-20 14:04:44 +02:00
return bio ;
}
/**
* bio_map_kern - map kernel address into bio
2007-07-24 09:28:11 +02:00
* @ q : the struct request_queue for the bio
2005-06-20 14:04:44 +02:00
* @ data : pointer to buffer to map
* @ len : length in bytes
* @ gfp_mask : allocation flags for bio allocation
*
* Map the kernel address into a bio suitable for io to a block
* device . Returns an error pointer in case of error .
*/
2007-07-24 09:28:11 +02:00
struct bio * bio_map_kern ( struct request_queue * q , void * data , unsigned int len ,
2005-10-21 03:20:48 -04:00
gfp_t gfp_mask )
2005-06-20 14:04:44 +02:00
{
struct bio * bio ;
bio = __bio_map_kern ( q , data , len , gfp_mask ) ;
if ( IS_ERR ( bio ) )
return bio ;
2013-10-11 15:44:27 -07:00
if ( bio - > bi_iter . bi_size = = len )
2005-06-20 14:04:44 +02:00
return bio ;
/*
* Don ' t support partial mappings .
*/
bio_put ( bio ) ;
return ERR_PTR ( - EINVAL ) ;
}
2009-09-26 16:19:21 +02:00
EXPORT_SYMBOL ( bio_map_kern ) ;
2005-06-20 14:04:44 +02:00
2008-04-25 12:47:50 +02:00
static void bio_copy_kern_endio ( struct bio * bio , int err )
{
struct bio_vec * bvec ;
const int read = bio_data_dir ( bio ) = = READ ;
2008-08-25 20:36:08 +02:00
struct bio_map_data * bmd = bio - > bi_private ;
2008-04-25 12:47:50 +02:00
int i ;
2008-08-25 20:36:08 +02:00
char * p = bmd - > sgvecs [ 0 ] . iov_base ;
2008-04-25 12:47:50 +02:00
2013-02-06 12:23:11 -08:00
bio_for_each_segment_all ( bvec , bio , i ) {
2008-04-25 12:47:50 +02:00
char * addr = page_address ( bvec - > bv_page ) ;
2009-05-19 18:33:06 +09:00
if ( read )
2013-11-22 19:39:06 -08:00
memcpy ( p , addr , bvec - > bv_len ) ;
2008-04-25 12:47:50 +02:00
__free_page ( bvec - > bv_page ) ;
2013-11-22 19:39:06 -08:00
p + = bvec - > bv_len ;
2008-04-25 12:47:50 +02:00
}
2013-11-22 19:39:06 -08:00
kfree ( bmd ) ;
2008-04-25 12:47:50 +02:00
bio_put ( bio ) ;
}
/**
* bio_copy_kern - copy kernel address into bio
* @ q : the struct request_queue for the bio
* @ data : pointer to buffer to copy
* @ len : length in bytes
* @ gfp_mask : allocation flags for bio and page allocation
2008-04-30 09:08:54 +02:00
* @ reading : data direction is READ
2008-04-25 12:47:50 +02:00
*
* copy the kernel address into a bio suitable for io to a block
* device . Returns an error pointer in case of error .
*/
struct bio * bio_copy_kern ( struct request_queue * q , void * data , unsigned int len ,
gfp_t gfp_mask , int reading )
{
struct bio * bio ;
struct bio_vec * bvec ;
2008-08-28 15:05:57 +09:00
int i ;
2008-04-25 12:47:50 +02:00
2008-08-28 15:05:57 +09:00
bio = bio_copy_user ( q , NULL , ( unsigned long ) data , len , 1 , gfp_mask ) ;
if ( IS_ERR ( bio ) )
return bio ;
2008-04-25 12:47:50 +02:00
if ( ! reading ) {
void * p = data ;
2013-02-06 12:23:11 -08:00
bio_for_each_segment_all ( bvec , bio , i ) {
2008-04-25 12:47:50 +02:00
char * addr = page_address ( bvec - > bv_page ) ;
memcpy ( addr , p , bvec - > bv_len ) ;
p + = bvec - > bv_len ;
}
}
bio - > bi_end_io = bio_copy_kern_endio ;
2008-08-25 20:36:08 +02:00
2008-04-25 12:47:50 +02:00
return bio ;
}
2009-09-26 16:19:21 +02:00
EXPORT_SYMBOL ( bio_copy_kern ) ;
2008-04-25 12:47:50 +02:00
2005-04-16 15:20:36 -07:00
/*
* bio_set_pages_dirty ( ) and bio_check_pages_dirty ( ) are support functions
* for performing direct - IO in BIOs .
*
* The problem is that we cannot run set_page_dirty ( ) from interrupt context
* because the required locks are not interrupt - safe . So what we can do is to
* mark the pages dirty _before_ performing IO . And in interrupt context ,
* check that the pages are still dirty . If so , fine . If not , redirty them
* in process context .
*
* We special - case compound pages here : normally this means reads into hugetlb
* pages . The logic in here doesn ' t really work right for compound pages
* because the VM does not uniformly chase down the head page in all cases .
* But dirtiness of compound pages is pretty meaningless anyway : the VM doesn ' t
* handle them at all . So we skip compound pages here at an early stage .
*
* Note that this code is very hard to test under normal circumstances because
* direct - io pins the pages with get_user_pages ( ) . This makes
* is_page_cache_freeable return false , and the VM will not clean the pages .
2012-07-25 18:12:08 +03:00
* But other code ( eg , flusher threads ) could clean the pages if they are mapped
2005-04-16 15:20:36 -07:00
* pagecache .
*
* Simply disabling the call to bio_set_pages_dirty ( ) is a good way to test the
* deferred bio dirtying paths .
*/
/*
* bio_set_pages_dirty ( ) will mark all the bio ' s pages as dirty .
*/
void bio_set_pages_dirty ( struct bio * bio )
{
2012-09-05 15:22:02 -07:00
struct bio_vec * bvec ;
2005-04-16 15:20:36 -07:00
int i ;
2012-09-05 15:22:02 -07:00
bio_for_each_segment_all ( bvec , bio , i ) {
struct page * page = bvec - > bv_page ;
2005-04-16 15:20:36 -07:00
if ( page & & ! PageCompound ( page ) )
set_page_dirty_lock ( page ) ;
}
}
2008-02-18 13:48:32 +01:00
static void bio_release_pages ( struct bio * bio )
2005-04-16 15:20:36 -07:00
{
2012-09-05 15:22:02 -07:00
struct bio_vec * bvec ;
2005-04-16 15:20:36 -07:00
int i ;
2012-09-05 15:22:02 -07:00
bio_for_each_segment_all ( bvec , bio , i ) {
struct page * page = bvec - > bv_page ;
2005-04-16 15:20:36 -07:00
if ( page )
put_page ( page ) ;
}
}
/*
* bio_check_pages_dirty ( ) will check that all the BIO ' s pages are still dirty .
* If they are , then fine . If , however , some pages are clean then they must
* have been written out during the direct - IO read . So we take another ref on
* the BIO and the offending pages and re - dirty the pages in process context .
*
* It is expected that bio_check_pages_dirty ( ) will wholly own the BIO from
* here on . It will run one page_cache_release ( ) against each page and will
* run one bio_put ( ) against the BIO .
*/
2006-11-22 14:55:48 +00:00
static void bio_dirty_fn ( struct work_struct * work ) ;
2005-04-16 15:20:36 -07:00
2006-11-22 14:55:48 +00:00
static DECLARE_WORK ( bio_dirty_work , bio_dirty_fn ) ;
2005-04-16 15:20:36 -07:00
static DEFINE_SPINLOCK ( bio_dirty_lock ) ;
static struct bio * bio_dirty_list ;
/*
* This runs in process context
*/
2006-11-22 14:55:48 +00:00
static void bio_dirty_fn ( struct work_struct * work )
2005-04-16 15:20:36 -07:00
{
unsigned long flags ;
struct bio * bio ;
spin_lock_irqsave ( & bio_dirty_lock , flags ) ;
bio = bio_dirty_list ;
bio_dirty_list = NULL ;
spin_unlock_irqrestore ( & bio_dirty_lock , flags ) ;
while ( bio ) {
struct bio * next = bio - > bi_private ;
bio_set_pages_dirty ( bio ) ;
bio_release_pages ( bio ) ;
bio_put ( bio ) ;
bio = next ;
}
}
void bio_check_pages_dirty ( struct bio * bio )
{
2012-09-05 15:22:02 -07:00
struct bio_vec * bvec ;
2005-04-16 15:20:36 -07:00
int nr_clean_pages = 0 ;
int i ;
2012-09-05 15:22:02 -07:00
bio_for_each_segment_all ( bvec , bio , i ) {
struct page * page = bvec - > bv_page ;
2005-04-16 15:20:36 -07:00
if ( PageDirty ( page ) | | PageCompound ( page ) ) {
page_cache_release ( page ) ;
2012-09-05 15:22:02 -07:00
bvec - > bv_page = NULL ;
2005-04-16 15:20:36 -07:00
} else {
nr_clean_pages + + ;
}
}
if ( nr_clean_pages ) {
unsigned long flags ;
spin_lock_irqsave ( & bio_dirty_lock , flags ) ;
bio - > bi_private = bio_dirty_list ;
bio_dirty_list = bio ;
spin_unlock_irqrestore ( & bio_dirty_lock , flags ) ;
schedule_work ( & bio_dirty_work ) ;
} else {
bio_put ( bio ) ;
}
}
2009-11-26 09:16:19 +01:00
# if ARCH_IMPLEMENTS_FLUSH_DCACHE_PAGE
void bio_flush_dcache_pages ( struct bio * bi )
{
2013-11-23 17:19:00 -08:00
struct bio_vec bvec ;
struct bvec_iter iter ;
2009-11-26 09:16:19 +01:00
2013-11-23 17:19:00 -08:00
bio_for_each_segment ( bvec , bi , iter )
flush_dcache_page ( bvec . bv_page ) ;
2009-11-26 09:16:19 +01:00
}
EXPORT_SYMBOL ( bio_flush_dcache_pages ) ;
# endif
2005-04-16 15:20:36 -07:00
/**
* bio_endio - end I / O on a bio
* @ bio : bio
* @ error : error , if any
*
* Description :
2007-09-27 12:47:43 +02:00
* bio_endio ( ) will end I / O on the whole bio . bio_endio ( ) is the
2007-09-27 12:46:13 +02:00
* preferred way to end I / O on a bio , it takes care of clearing
* BIO_UPTODATE on error . @ error is 0 on success , and and one of the
* established - Exxxx ( - EIO , for instance ) error values in case
2011-03-30 22:57:33 -03:00
* something went wrong . No one should call bi_end_io ( ) directly on a
2007-09-27 12:46:13 +02:00
* bio unless they own it and thus know that it has an end_io
* function .
2005-04-16 15:20:36 -07:00
* */
2007-09-27 12:47:43 +02:00
void bio_endio ( struct bio * bio , int error )
2005-04-16 15:20:36 -07:00
{
2013-11-23 18:34:15 -08:00
while ( bio ) {
BUG_ON ( atomic_read ( & bio - > bi_remaining ) < = 0 ) ;
if ( error )
clear_bit ( BIO_UPTODATE , & bio - > bi_flags ) ;
else if ( ! test_bit ( BIO_UPTODATE , & bio - > bi_flags ) )
error = - EIO ;
if ( ! atomic_dec_and_test ( & bio - > bi_remaining ) )
return ;
2005-04-16 15:20:36 -07:00
2013-11-23 18:34:15 -08:00
/*
* Need to have a real endio function for chained bios ,
* otherwise various corner cases will break ( like stacking
* block devices that save / restore bi_end_io ) - however , we want
* to avoid unbounded recursion and blowing the stack . Tail call
* optimization would handle this , but compiling with frame
* pointers also disables gcc ' s sibling call optimization .
*/
if ( bio - > bi_end_io = = bio_chain_endio ) {
struct bio * parent = bio - > bi_private ;
bio_put ( bio ) ;
bio = parent ;
} else {
if ( bio - > bi_end_io )
bio - > bi_end_io ( bio , error ) ;
bio = NULL ;
}
}
2005-04-16 15:20:36 -07:00
}
2009-09-26 16:19:21 +02:00
EXPORT_SYMBOL ( bio_endio ) ;
2005-04-16 15:20:36 -07:00
2013-11-23 18:34:15 -08:00
/**
* bio_endio_nodec - end I / O on a bio , without decrementing bi_remaining
* @ bio : bio
* @ error : error , if any
*
* For code that has saved and restored bi_end_io ; thing hard before using this
* function , probably you should ' ve cloned the entire bio .
* */
void bio_endio_nodec ( struct bio * bio , int error )
{
atomic_inc ( & bio - > bi_remaining ) ;
bio_endio ( bio , error ) ;
}
EXPORT_SYMBOL ( bio_endio_nodec ) ;
2013-11-23 18:21:01 -08:00
/**
* bio_split - split a bio
* @ bio : bio to split
* @ sectors : number of sectors to split from the front of @ bio
* @ gfp : gfp mask
* @ bs : bio set to allocate from
*
* Allocates and returns a new bio which represents @ sectors from the start of
* @ bio , and updates @ bio to represent the remaining sectors .
*
* The newly allocated bio will point to @ bio ' s bi_io_vec ; it is the caller ' s
* responsibility to ensure that @ bio is not freed before the split .
*/
struct bio * bio_split ( struct bio * bio , int sectors ,
gfp_t gfp , struct bio_set * bs )
{
struct bio * split = NULL ;
BUG_ON ( sectors < = 0 ) ;
BUG_ON ( sectors > = bio_sectors ( bio ) ) ;
split = bio_clone_fast ( bio , gfp , bs ) ;
if ( ! split )
return NULL ;
split - > bi_iter . bi_size = sectors < < 9 ;
if ( bio_integrity ( split ) )
bio_integrity_trim ( split , 0 , sectors ) ;
bio_advance ( bio , split - > bi_iter . bi_size ) ;
return split ;
}
EXPORT_SYMBOL ( bio_split ) ;
2013-08-07 11:14:32 -07:00
/**
* bio_trim - trim a bio
* @ bio : bio to trim
* @ offset : number of sectors to trim from the front of @ bio
* @ size : size we want to trim @ bio to , in sectors
*/
void bio_trim ( struct bio * bio , int offset , int size )
{
/* 'bio' is a cloned bio which we need to trim to match
* the given offset and size .
*/
size < < = 9 ;
2013-10-11 15:44:27 -07:00
if ( offset = = 0 & & size = = bio - > bi_iter . bi_size )
2013-08-07 11:14:32 -07:00
return ;
clear_bit ( BIO_SEG_VALID , & bio - > bi_flags ) ;
bio_advance ( bio , offset < < 9 ) ;
2013-10-11 15:44:27 -07:00
bio - > bi_iter . bi_size = size ;
2013-08-07 11:14:32 -07:00
}
EXPORT_SYMBOL_GPL ( bio_trim ) ;
2005-04-16 15:20:36 -07:00
/*
* create memory pools for biovec ' s in a bio_set .
* use the global biovec slabs created for general use .
*/
2012-10-12 15:29:33 -07:00
mempool_t * biovec_create_pool ( struct bio_set * bs , int pool_entries )
2005-04-16 15:20:36 -07:00
{
2008-12-11 11:53:43 +01:00
struct biovec_slab * bp = bvec_slabs + BIOVEC_MAX_IDX ;
2005-04-16 15:20:36 -07:00
2012-10-12 15:29:33 -07:00
return mempool_create_slab_pool ( pool_entries , bp - > slab ) ;
2005-04-16 15:20:36 -07:00
}
void bioset_free ( struct bio_set * bs )
{
block: Avoid deadlocks with bio allocation by stacking drivers
Previously, if we ever try to allocate more than once from the same bio
set while running under generic_make_request() (i.e. a stacking block
driver), we risk deadlock.
This is because of the code in generic_make_request() that converts
recursion to iteration; any bios we submit won't actually be submitted
(so they can complete and eventually be freed) until after we return -
this means if we allocate a second bio, we're blocking the first one
from ever being freed.
Thus if enough threads call into a stacking block driver at the same
time with bios that need multiple splits, and the bio_set's reserve gets
used up, we deadlock.
This can be worked around in the driver code - we could check if we're
running under generic_make_request(), then mask out __GFP_WAIT when we
go to allocate a bio, and if the allocation fails punt to workqueue and
retry the allocation.
But this is tricky and not a generic solution. This patch solves it for
all users by inverting the previously described technique. We allocate a
rescuer workqueue for each bio_set, and then in the allocation code if
there are bios on current->bio_list we would be blocking, we punt them
to the rescuer workqueue to be submitted.
This guarantees forward progress for bio allocations under
generic_make_request() provided each bio is submitted before allocating
the next, and provided the bios are freed after they complete.
Note that this doesn't do anything for allocation from other mempools.
Instead of allocating per bio data structures from a mempool, code
should use bio_set's front_pad.
Tested it by forcing the rescue codepath to be taken (by disabling the
first GFP_NOWAIT) attempt, and then ran it with bcache (which does a lot
of arbitrary bio splitting) and verified that the rescuer was being
invoked.
Signed-off-by: Kent Overstreet <koverstreet@google.com>
CC: Jens Axboe <axboe@kernel.dk>
Acked-by: Tejun Heo <tj@kernel.org>
Reviewed-by: Muthukumar Ratty <muthur@gmail.com>
2012-09-10 14:33:46 -07:00
if ( bs - > rescue_workqueue )
destroy_workqueue ( bs - > rescue_workqueue ) ;
2005-04-16 15:20:36 -07:00
if ( bs - > bio_pool )
mempool_destroy ( bs - > bio_pool ) ;
2012-10-12 15:29:33 -07:00
if ( bs - > bvec_pool )
mempool_destroy ( bs - > bvec_pool ) ;
2009-06-26 15:37:49 +02:00
bioset_integrity_free ( bs ) ;
2008-12-10 15:35:05 +01:00
bio_put_slab ( bs ) ;
2005-04-16 15:20:36 -07:00
kfree ( bs ) ;
}
2009-09-26 16:19:21 +02:00
EXPORT_SYMBOL ( bioset_free ) ;
2005-04-16 15:20:36 -07:00
2008-12-10 15:35:05 +01:00
/**
* bioset_create - Create a bio_set
* @ pool_size : Number of bio and bio_vecs to cache in the mempool
* @ front_pad : Number of bytes to allocate in front of the returned bio
*
* Description :
* Set up a bio_set to be used with @ bio_alloc_bioset . Allows the caller
* to ask for a number of bytes to be allocated in front of the bio .
* Front pad allocation is useful for embedding the bio inside
* another structure , to avoid allocating extra data to go with the bio .
* Note that the bio must be embedded at the END of that structure always ,
* or things will break badly .
*/
struct bio_set * bioset_create ( unsigned int pool_size , unsigned int front_pad )
2005-04-16 15:20:36 -07:00
{
2008-12-23 12:42:54 +01:00
unsigned int back_pad = BIO_INLINE_VECS * sizeof ( struct bio_vec ) ;
2008-10-22 20:32:58 +02:00
struct bio_set * bs ;
2005-04-16 15:20:36 -07:00
2008-10-22 20:32:58 +02:00
bs = kzalloc ( sizeof ( * bs ) , GFP_KERNEL ) ;
2005-04-16 15:20:36 -07:00
if ( ! bs )
return NULL ;
2008-12-10 15:35:05 +01:00
bs - > front_pad = front_pad ;
2008-10-22 20:32:58 +02:00
block: Avoid deadlocks with bio allocation by stacking drivers
Previously, if we ever try to allocate more than once from the same bio
set while running under generic_make_request() (i.e. a stacking block
driver), we risk deadlock.
This is because of the code in generic_make_request() that converts
recursion to iteration; any bios we submit won't actually be submitted
(so they can complete and eventually be freed) until after we return -
this means if we allocate a second bio, we're blocking the first one
from ever being freed.
Thus if enough threads call into a stacking block driver at the same
time with bios that need multiple splits, and the bio_set's reserve gets
used up, we deadlock.
This can be worked around in the driver code - we could check if we're
running under generic_make_request(), then mask out __GFP_WAIT when we
go to allocate a bio, and if the allocation fails punt to workqueue and
retry the allocation.
But this is tricky and not a generic solution. This patch solves it for
all users by inverting the previously described technique. We allocate a
rescuer workqueue for each bio_set, and then in the allocation code if
there are bios on current->bio_list we would be blocking, we punt them
to the rescuer workqueue to be submitted.
This guarantees forward progress for bio allocations under
generic_make_request() provided each bio is submitted before allocating
the next, and provided the bios are freed after they complete.
Note that this doesn't do anything for allocation from other mempools.
Instead of allocating per bio data structures from a mempool, code
should use bio_set's front_pad.
Tested it by forcing the rescue codepath to be taken (by disabling the
first GFP_NOWAIT) attempt, and then ran it with bcache (which does a lot
of arbitrary bio splitting) and verified that the rescuer was being
invoked.
Signed-off-by: Kent Overstreet <koverstreet@google.com>
CC: Jens Axboe <axboe@kernel.dk>
Acked-by: Tejun Heo <tj@kernel.org>
Reviewed-by: Muthukumar Ratty <muthur@gmail.com>
2012-09-10 14:33:46 -07:00
spin_lock_init ( & bs - > rescue_lock ) ;
bio_list_init ( & bs - > rescue_list ) ;
INIT_WORK ( & bs - > rescue_work , bio_alloc_rescue ) ;
2008-12-23 12:42:54 +01:00
bs - > bio_slab = bio_find_or_create_slab ( front_pad + back_pad ) ;
2008-12-10 15:35:05 +01:00
if ( ! bs - > bio_slab ) {
kfree ( bs ) ;
return NULL ;
}
bs - > bio_pool = mempool_create_slab_pool ( pool_size , bs - > bio_slab ) ;
2005-04-16 15:20:36 -07:00
if ( ! bs - > bio_pool )
goto bad ;
2012-10-12 15:29:33 -07:00
bs - > bvec_pool = biovec_create_pool ( bs , pool_size ) ;
if ( ! bs - > bvec_pool )
block: Avoid deadlocks with bio allocation by stacking drivers
Previously, if we ever try to allocate more than once from the same bio
set while running under generic_make_request() (i.e. a stacking block
driver), we risk deadlock.
This is because of the code in generic_make_request() that converts
recursion to iteration; any bios we submit won't actually be submitted
(so they can complete and eventually be freed) until after we return -
this means if we allocate a second bio, we're blocking the first one
from ever being freed.
Thus if enough threads call into a stacking block driver at the same
time with bios that need multiple splits, and the bio_set's reserve gets
used up, we deadlock.
This can be worked around in the driver code - we could check if we're
running under generic_make_request(), then mask out __GFP_WAIT when we
go to allocate a bio, and if the allocation fails punt to workqueue and
retry the allocation.
But this is tricky and not a generic solution. This patch solves it for
all users by inverting the previously described technique. We allocate a
rescuer workqueue for each bio_set, and then in the allocation code if
there are bios on current->bio_list we would be blocking, we punt them
to the rescuer workqueue to be submitted.
This guarantees forward progress for bio allocations under
generic_make_request() provided each bio is submitted before allocating
the next, and provided the bios are freed after they complete.
Note that this doesn't do anything for allocation from other mempools.
Instead of allocating per bio data structures from a mempool, code
should use bio_set's front_pad.
Tested it by forcing the rescue codepath to be taken (by disabling the
first GFP_NOWAIT) attempt, and then ran it with bcache (which does a lot
of arbitrary bio splitting) and verified that the rescuer was being
invoked.
Signed-off-by: Kent Overstreet <koverstreet@google.com>
CC: Jens Axboe <axboe@kernel.dk>
Acked-by: Tejun Heo <tj@kernel.org>
Reviewed-by: Muthukumar Ratty <muthur@gmail.com>
2012-09-10 14:33:46 -07:00
goto bad ;
bs - > rescue_workqueue = alloc_workqueue ( " bioset " , WQ_MEM_RECLAIM , 0 ) ;
if ( ! bs - > rescue_workqueue )
goto bad ;
2005-04-16 15:20:36 -07:00
block: Avoid deadlocks with bio allocation by stacking drivers
Previously, if we ever try to allocate more than once from the same bio
set while running under generic_make_request() (i.e. a stacking block
driver), we risk deadlock.
This is because of the code in generic_make_request() that converts
recursion to iteration; any bios we submit won't actually be submitted
(so they can complete and eventually be freed) until after we return -
this means if we allocate a second bio, we're blocking the first one
from ever being freed.
Thus if enough threads call into a stacking block driver at the same
time with bios that need multiple splits, and the bio_set's reserve gets
used up, we deadlock.
This can be worked around in the driver code - we could check if we're
running under generic_make_request(), then mask out __GFP_WAIT when we
go to allocate a bio, and if the allocation fails punt to workqueue and
retry the allocation.
But this is tricky and not a generic solution. This patch solves it for
all users by inverting the previously described technique. We allocate a
rescuer workqueue for each bio_set, and then in the allocation code if
there are bios on current->bio_list we would be blocking, we punt them
to the rescuer workqueue to be submitted.
This guarantees forward progress for bio allocations under
generic_make_request() provided each bio is submitted before allocating
the next, and provided the bios are freed after they complete.
Note that this doesn't do anything for allocation from other mempools.
Instead of allocating per bio data structures from a mempool, code
should use bio_set's front_pad.
Tested it by forcing the rescue codepath to be taken (by disabling the
first GFP_NOWAIT) attempt, and then ran it with bcache (which does a lot
of arbitrary bio splitting) and verified that the rescuer was being
invoked.
Signed-off-by: Kent Overstreet <koverstreet@google.com>
CC: Jens Axboe <axboe@kernel.dk>
Acked-by: Tejun Heo <tj@kernel.org>
Reviewed-by: Muthukumar Ratty <muthur@gmail.com>
2012-09-10 14:33:46 -07:00
return bs ;
2005-04-16 15:20:36 -07:00
bad :
bioset_free ( bs ) ;
return NULL ;
}
2009-09-26 16:19:21 +02:00
EXPORT_SYMBOL ( bioset_create ) ;
2005-04-16 15:20:36 -07:00
2012-03-05 13:15:27 -08:00
# ifdef CONFIG_BLK_CGROUP
/**
* bio_associate_current - associate a bio with % current
* @ bio : target bio
*
* Associate @ bio with % current if it hasn ' t been associated yet . Block
* layer will treat @ bio as if it were issued by % current no matter which
* task actually issues it .
*
* This function takes an extra reference of @ task ' s io_context and blkcg
* which will be put when @ bio is released . The caller must own @ bio ,
* ensure % current - > io_context exists , and is responsible for synchronizing
* calls to this function .
*/
int bio_associate_current ( struct bio * bio )
{
struct io_context * ioc ;
struct cgroup_subsys_state * css ;
if ( bio - > bi_ioc )
return - EBUSY ;
ioc = current - > io_context ;
if ( ! ioc )
return - ENOENT ;
/* acquire active ref on @ioc and associate */
get_io_context_active ( ioc ) ;
bio - > bi_ioc = ioc ;
/* associate blkcg if exists */
rcu_read_lock ( ) ;
2013-08-08 20:11:22 -04:00
css = task_css ( current , blkio_subsys_id ) ;
2012-03-05 13:15:27 -08:00
if ( css & & css_tryget ( css ) )
bio - > bi_css = css ;
rcu_read_unlock ( ) ;
return 0 ;
}
/**
* bio_disassociate_task - undo bio_associate_current ( )
* @ bio : target bio
*/
void bio_disassociate_task ( struct bio * bio )
{
if ( bio - > bi_ioc ) {
put_io_context ( bio - > bi_ioc ) ;
bio - > bi_ioc = NULL ;
}
if ( bio - > bi_css ) {
css_put ( bio - > bi_css ) ;
bio - > bi_css = NULL ;
}
}
# endif /* CONFIG_BLK_CGROUP */
2005-04-16 15:20:36 -07:00
static void __init biovec_init_slabs ( void )
{
int i ;
for ( i = 0 ; i < BIOVEC_NR_POOLS ; i + + ) {
int size ;
struct biovec_slab * bvs = bvec_slabs + i ;
2008-12-05 16:10:29 +01:00
if ( bvs - > nr_vecs < = BIO_INLINE_VECS ) {
bvs - > slab = NULL ;
continue ;
}
2005-04-16 15:20:36 -07:00
size = bvs - > nr_vecs * sizeof ( struct bio_vec ) ;
bvs - > slab = kmem_cache_create ( bvs - > name , size , 0 ,
2007-07-20 10:11:58 +09:00
SLAB_HWCACHE_ALIGN | SLAB_PANIC , NULL ) ;
2005-04-16 15:20:36 -07:00
}
}
static int __init init_bio ( void )
{
2008-12-10 15:35:05 +01:00
bio_slab_max = 2 ;
bio_slab_nr = 0 ;
bio_slabs = kzalloc ( bio_slab_max * sizeof ( struct bio_slab ) , GFP_KERNEL ) ;
if ( ! bio_slabs )
panic ( " bio: can't allocate bios \n " ) ;
2005-04-16 15:20:36 -07:00
2009-06-26 15:37:49 +02:00
bio_integrity_init ( ) ;
2005-04-16 15:20:36 -07:00
biovec_init_slabs ( ) ;
2008-12-10 15:35:05 +01:00
fs_bio_set = bioset_create ( BIO_POOL_SIZE , 0 ) ;
2005-04-16 15:20:36 -07:00
if ( ! fs_bio_set )
panic ( " bio: can't allocate bios \n " ) ;
2011-03-17 11:11:05 +01:00
if ( bioset_integrity_create ( fs_bio_set , BIO_POOL_SIZE ) )
panic ( " bio: can't create integrity pool \n " ) ;
2005-04-16 15:20:36 -07:00
return 0 ;
}
subsys_initcall ( init_bio ) ;