2 * Resizable virtual memory filesystem for Linux.
4 * Copyright (C) 2000 Linus Torvalds.
6 * 2000-2001 Christoph Rohland
9 * Copyright (C) 2002-2011 Hugh Dickins.
10 * Copyright (C) 2011 Google Inc.
11 * Copyright (C) 2002-2005 VERITAS Software Corporation.
12 * Copyright (C) 2004 Andi Kleen, SuSE Labs
14 * Extended attribute support for tmpfs:
15 * Copyright (c) 2004, Luke Kenneth Casson Leighton <lkcl@lkcl.net>
16 * Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com>
19 * Copyright (c) 2004, 2008 Matt Mackall <mpm@selenic.com>
21 * This file is released under the GPL.
25 #include <linux/init.h>
26 #include <linux/vfs.h>
27 #include <linux/mount.h>
28 #include <linux/ramfs.h>
29 #include <linux/pagemap.h>
30 #include <linux/file.h>
32 #include <linux/export.h>
33 #include <linux/swap.h>
34 #include <linux/aio.h>
36 static struct vfsmount *shm_mnt;
40 * This virtual memory filesystem is heavily based on the ramfs. It
41 * extends ramfs by the ability to use swap and honor resource limits
42 * which makes it a completely usable filesystem.
45 #include <linux/xattr.h>
46 #include <linux/exportfs.h>
47 #include <linux/posix_acl.h>
48 #include <linux/posix_acl_xattr.h>
49 #include <linux/mman.h>
50 #include <linux/string.h>
51 #include <linux/slab.h>
52 #include <linux/backing-dev.h>
53 #include <linux/shmem_fs.h>
54 #include <linux/writeback.h>
55 #include <linux/blkdev.h>
56 #include <linux/pagevec.h>
57 #include <linux/percpu_counter.h>
58 #include <linux/falloc.h>
59 #include <linux/splice.h>
60 #include <linux/security.h>
61 #include <linux/swapops.h>
62 #include <linux/mempolicy.h>
63 #include <linux/namei.h>
64 #include <linux/ctype.h>
65 #include <linux/migrate.h>
66 #include <linux/highmem.h>
67 #include <linux/seq_file.h>
68 #include <linux/magic.h>
70 #include <asm/uaccess.h>
71 #include <asm/pgtable.h>
73 #define BLOCKS_PER_PAGE (PAGE_CACHE_SIZE/512)
74 #define VM_ACCT(size) (PAGE_CACHE_ALIGN(size) >> PAGE_SHIFT)
76 /* Pretend that each entry is of this size in directory's i_size */
77 #define BOGO_DIRENT_SIZE 20
79 /* Symlink up to this size is kmalloc'ed instead of using a swappable page */
80 #define SHORT_SYMLINK_LEN 128
83 * shmem_fallocate communicates with shmem_fault or shmem_writepage via
84 * inode->i_private (with i_mutex making sure that it has only one user at
85 * a time): we would prefer not to enlarge the shmem inode just for that.
88 int mode; /* FALLOC_FL mode currently operating */
89 pgoff_t start; /* start of range currently being fallocated */
90 pgoff_t next; /* the next page offset to be fallocated */
91 pgoff_t nr_falloced; /* how many new pages have been fallocated */
92 pgoff_t nr_unswapped; /* how often writepage refused to swap out */
95 /* Flag allocation requirements to shmem_getpage */
97 SGP_READ, /* don't exceed i_size, don't allocate page */
98 SGP_CACHE, /* don't exceed i_size, may allocate page */
99 SGP_DIRTY, /* like SGP_CACHE, but set new page dirty */
100 SGP_WRITE, /* may exceed i_size, may allocate !Uptodate page */
101 SGP_FALLOC, /* like SGP_WRITE, but make existing page Uptodate */
105 static unsigned long shmem_default_max_blocks(void)
107 return totalram_pages / 2;
110 static unsigned long shmem_default_max_inodes(void)
112 return min(totalram_pages - totalhigh_pages, totalram_pages / 2);
116 static bool shmem_should_replace_page(struct page *page, gfp_t gfp);
117 static int shmem_replace_page(struct page **pagep, gfp_t gfp,
118 struct shmem_inode_info *info, pgoff_t index);
119 static int shmem_getpage_gfp(struct inode *inode, pgoff_t index,
120 struct page **pagep, enum sgp_type sgp, gfp_t gfp, int *fault_type);
122 static inline int shmem_getpage(struct inode *inode, pgoff_t index,
123 struct page **pagep, enum sgp_type sgp, int *fault_type)
125 return shmem_getpage_gfp(inode, index, pagep, sgp,
126 mapping_gfp_mask(inode->i_mapping), fault_type);
129 static inline struct shmem_sb_info *SHMEM_SB(struct super_block *sb)
131 return sb->s_fs_info;
135 * shmem_file_setup pre-accounts the whole fixed size of a VM object,
136 * for shared memory and for shared anonymous (/dev/zero) mappings
137 * (unless MAP_NORESERVE and sysctl_overcommit_memory <= 1),
138 * consistent with the pre-accounting of private mappings ...
140 static inline int shmem_acct_size(unsigned long flags, loff_t size)
142 return (flags & VM_NORESERVE) ?
143 0 : security_vm_enough_memory_mm(current->mm, VM_ACCT(size));
146 static inline void shmem_unacct_size(unsigned long flags, loff_t size)
148 if (!(flags & VM_NORESERVE))
149 vm_unacct_memory(VM_ACCT(size));
152 static inline int shmem_reacct_size(unsigned long flags,
153 loff_t oldsize, loff_t newsize)
155 if (!(flags & VM_NORESERVE)) {
156 if (VM_ACCT(newsize) > VM_ACCT(oldsize))
157 return security_vm_enough_memory_mm(current->mm,
158 VM_ACCT(newsize) - VM_ACCT(oldsize));
159 else if (VM_ACCT(newsize) < VM_ACCT(oldsize))
160 vm_unacct_memory(VM_ACCT(oldsize) - VM_ACCT(newsize));
166 * ... whereas tmpfs objects are accounted incrementally as
167 * pages are allocated, in order to allow huge sparse files.
168 * shmem_getpage reports shmem_acct_block failure as -ENOSPC not -ENOMEM,
169 * so that a failure on a sparse tmpfs mapping will give SIGBUS not OOM.
171 static inline int shmem_acct_block(unsigned long flags)
173 return (flags & VM_NORESERVE) ?
174 security_vm_enough_memory_mm(current->mm, VM_ACCT(PAGE_CACHE_SIZE)) : 0;
177 static inline void shmem_unacct_blocks(unsigned long flags, long pages)
179 if (flags & VM_NORESERVE)
180 vm_unacct_memory(pages * VM_ACCT(PAGE_CACHE_SIZE));
183 static const struct super_operations shmem_ops;
184 static const struct address_space_operations shmem_aops;
185 static const struct file_operations shmem_file_operations;
186 static const struct inode_operations shmem_inode_operations;
187 static const struct inode_operations shmem_dir_inode_operations;
188 static const struct inode_operations shmem_special_inode_operations;
189 static const struct vm_operations_struct shmem_vm_ops;
191 static struct backing_dev_info shmem_backing_dev_info __read_mostly = {
192 .ra_pages = 0, /* No readahead */
193 .capabilities = BDI_CAP_NO_ACCT_AND_WRITEBACK | BDI_CAP_SWAP_BACKED,
196 static LIST_HEAD(shmem_swaplist);
197 static DEFINE_MUTEX(shmem_swaplist_mutex);
199 static int shmem_reserve_inode(struct super_block *sb)
201 struct shmem_sb_info *sbinfo = SHMEM_SB(sb);
202 if (sbinfo->max_inodes) {
203 spin_lock(&sbinfo->stat_lock);
204 if (!sbinfo->free_inodes) {
205 spin_unlock(&sbinfo->stat_lock);
208 sbinfo->free_inodes--;
209 spin_unlock(&sbinfo->stat_lock);
214 static void shmem_free_inode(struct super_block *sb)
216 struct shmem_sb_info *sbinfo = SHMEM_SB(sb);
217 if (sbinfo->max_inodes) {
218 spin_lock(&sbinfo->stat_lock);
219 sbinfo->free_inodes++;
220 spin_unlock(&sbinfo->stat_lock);
225 * shmem_recalc_inode - recalculate the block usage of an inode
226 * @inode: inode to recalc
228 * We have to calculate the free blocks since the mm can drop
229 * undirtied hole pages behind our back.
231 * But normally info->alloced == inode->i_mapping->nrpages + info->swapped
232 * So mm freed is info->alloced - (inode->i_mapping->nrpages + info->swapped)
234 * It has to be called with the spinlock held.
236 static void shmem_recalc_inode(struct inode *inode)
238 struct shmem_inode_info *info = SHMEM_I(inode);
241 freed = info->alloced - info->swapped - inode->i_mapping->nrpages;
243 struct shmem_sb_info *sbinfo = SHMEM_SB(inode->i_sb);
244 if (sbinfo->max_blocks)
245 percpu_counter_add(&sbinfo->used_blocks, -freed);
246 info->alloced -= freed;
247 inode->i_blocks -= freed * BLOCKS_PER_PAGE;
248 shmem_unacct_blocks(info->flags, freed);
253 * Replace item expected in radix tree by a new item, while holding tree lock.
255 static int shmem_radix_tree_replace(struct address_space *mapping,
256 pgoff_t index, void *expected, void *replacement)
261 VM_BUG_ON(!expected);
262 VM_BUG_ON(!replacement);
263 pslot = radix_tree_lookup_slot(&mapping->page_tree, index);
266 item = radix_tree_deref_slot_protected(pslot, &mapping->tree_lock);
267 if (item != expected)
269 radix_tree_replace_slot(pslot, replacement);
274 * Sometimes, before we decide whether to proceed or to fail, we must check
275 * that an entry was not already brought back from swap by a racing thread.
277 * Checking page is not enough: by the time a SwapCache page is locked, it
278 * might be reused, and again be SwapCache, using the same swap as before.
280 static bool shmem_confirm_swap(struct address_space *mapping,
281 pgoff_t index, swp_entry_t swap)
286 item = radix_tree_lookup(&mapping->page_tree, index);
288 return item == swp_to_radix_entry(swap);
292 * Like add_to_page_cache_locked, but error if expected item has gone.
294 static int shmem_add_to_page_cache(struct page *page,
295 struct address_space *mapping,
296 pgoff_t index, gfp_t gfp, void *expected)
300 VM_BUG_ON_PAGE(!PageLocked(page), page);
301 VM_BUG_ON_PAGE(!PageSwapBacked(page), page);
303 page_cache_get(page);
304 page->mapping = mapping;
307 spin_lock_irq(&mapping->tree_lock);
309 error = radix_tree_insert(&mapping->page_tree, index, page);
311 error = shmem_radix_tree_replace(mapping, index, expected,
315 __inc_zone_page_state(page, NR_FILE_PAGES);
316 __inc_zone_page_state(page, NR_SHMEM);
317 spin_unlock_irq(&mapping->tree_lock);
319 page->mapping = NULL;
320 spin_unlock_irq(&mapping->tree_lock);
321 page_cache_release(page);
327 * Like delete_from_page_cache, but substitutes swap for page.
329 static void shmem_delete_from_page_cache(struct page *page, void *radswap)
331 struct address_space *mapping = page->mapping;
334 spin_lock_irq(&mapping->tree_lock);
335 error = shmem_radix_tree_replace(mapping, page->index, page, radswap);
336 page->mapping = NULL;
338 __dec_zone_page_state(page, NR_FILE_PAGES);
339 __dec_zone_page_state(page, NR_SHMEM);
340 spin_unlock_irq(&mapping->tree_lock);
341 page_cache_release(page);
346 * Remove swap entry from radix tree, free the swap and its page cache.
348 static int shmem_free_swap(struct address_space *mapping,
349 pgoff_t index, void *radswap)
353 spin_lock_irq(&mapping->tree_lock);
354 old = radix_tree_delete_item(&mapping->page_tree, index, radswap);
355 spin_unlock_irq(&mapping->tree_lock);
358 free_swap_and_cache(radix_to_swp_entry(radswap));
363 * SysV IPC SHM_UNLOCK restore Unevictable pages to their evictable lists.
365 void shmem_unlock_mapping(struct address_space *mapping)
368 pgoff_t indices[PAGEVEC_SIZE];
371 pagevec_init(&pvec, 0);
373 * Minor point, but we might as well stop if someone else SHM_LOCKs it.
375 while (!mapping_unevictable(mapping)) {
377 * Avoid pagevec_lookup(): find_get_pages() returns 0 as if it
378 * has finished, if it hits a row of PAGEVEC_SIZE swap entries.
380 pvec.nr = find_get_entries(mapping, index,
381 PAGEVEC_SIZE, pvec.pages, indices);
384 index = indices[pvec.nr - 1] + 1;
385 pagevec_remove_exceptionals(&pvec);
386 check_move_unevictable_pages(pvec.pages, pvec.nr);
387 pagevec_release(&pvec);
393 * Remove range of pages and swap entries from radix tree, and free them.
394 * If !unfalloc, truncate or punch hole; if unfalloc, undo failed fallocate.
396 static void shmem_undo_range(struct inode *inode, loff_t lstart, loff_t lend,
399 struct address_space *mapping = inode->i_mapping;
400 struct shmem_inode_info *info = SHMEM_I(inode);
401 pgoff_t start = (lstart + PAGE_CACHE_SIZE - 1) >> PAGE_CACHE_SHIFT;
402 pgoff_t end = (lend + 1) >> PAGE_CACHE_SHIFT;
403 unsigned int partial_start = lstart & (PAGE_CACHE_SIZE - 1);
404 unsigned int partial_end = (lend + 1) & (PAGE_CACHE_SIZE - 1);
406 pgoff_t indices[PAGEVEC_SIZE];
407 long nr_swaps_freed = 0;
412 end = -1; /* unsigned, so actually very big */
414 pagevec_init(&pvec, 0);
416 while (index < end) {
417 pvec.nr = find_get_entries(mapping, index,
418 min(end - index, (pgoff_t)PAGEVEC_SIZE),
419 pvec.pages, indices);
422 for (i = 0; i < pagevec_count(&pvec); i++) {
423 struct page *page = pvec.pages[i];
429 if (radix_tree_exceptional_entry(page)) {
432 nr_swaps_freed += !shmem_free_swap(mapping,
437 if (!trylock_page(page))
439 if (!unfalloc || !PageUptodate(page)) {
440 if (page->mapping == mapping) {
441 VM_BUG_ON_PAGE(PageWriteback(page), page);
442 truncate_inode_page(mapping, page);
447 pagevec_remove_exceptionals(&pvec);
448 pagevec_release(&pvec);
454 struct page *page = NULL;
455 shmem_getpage(inode, start - 1, &page, SGP_READ, NULL);
457 unsigned int top = PAGE_CACHE_SIZE;
462 zero_user_segment(page, partial_start, top);
463 set_page_dirty(page);
465 page_cache_release(page);
469 struct page *page = NULL;
470 shmem_getpage(inode, end, &page, SGP_READ, NULL);
472 zero_user_segment(page, 0, partial_end);
473 set_page_dirty(page);
475 page_cache_release(page);
485 pvec.nr = find_get_entries(mapping, index,
486 min(end - index, (pgoff_t)PAGEVEC_SIZE),
487 pvec.pages, indices);
489 if (index == start || unfalloc)
494 if ((index == start || unfalloc) && indices[0] >= end) {
495 pagevec_remove_exceptionals(&pvec);
496 pagevec_release(&pvec);
499 for (i = 0; i < pagevec_count(&pvec); i++) {
500 struct page *page = pvec.pages[i];
506 if (radix_tree_exceptional_entry(page)) {
509 nr_swaps_freed += !shmem_free_swap(mapping,
515 if (!unfalloc || !PageUptodate(page)) {
516 if (page->mapping == mapping) {
517 VM_BUG_ON_PAGE(PageWriteback(page), page);
518 truncate_inode_page(mapping, page);
523 pagevec_remove_exceptionals(&pvec);
524 pagevec_release(&pvec);
528 spin_lock(&info->lock);
529 info->swapped -= nr_swaps_freed;
530 shmem_recalc_inode(inode);
531 spin_unlock(&info->lock);
534 void shmem_truncate_range(struct inode *inode, loff_t lstart, loff_t lend)
536 shmem_undo_range(inode, lstart, lend, false);
537 inode->i_ctime = inode->i_mtime = CURRENT_TIME;
539 EXPORT_SYMBOL_GPL(shmem_truncate_range);
541 static int shmem_setattr(struct dentry *dentry, struct iattr *attr)
543 struct inode *inode = dentry->d_inode;
546 error = inode_change_ok(inode, attr);
550 if (S_ISREG(inode->i_mode) && (attr->ia_valid & ATTR_SIZE)) {
551 loff_t oldsize = inode->i_size;
552 loff_t newsize = attr->ia_size;
554 if (newsize != oldsize) {
555 error = shmem_reacct_size(SHMEM_I(inode)->flags,
559 i_size_write(inode, newsize);
560 inode->i_ctime = inode->i_mtime = CURRENT_TIME;
562 if (newsize < oldsize) {
563 loff_t holebegin = round_up(newsize, PAGE_SIZE);
564 unmap_mapping_range(inode->i_mapping, holebegin, 0, 1);
565 shmem_truncate_range(inode, newsize, (loff_t)-1);
566 /* unmap again to remove racily COWed private pages */
567 unmap_mapping_range(inode->i_mapping, holebegin, 0, 1);
571 setattr_copy(inode, attr);
572 if (attr->ia_valid & ATTR_MODE)
573 error = posix_acl_chmod(inode, inode->i_mode);
577 static void shmem_evict_inode(struct inode *inode)
579 struct shmem_inode_info *info = SHMEM_I(inode);
581 if (inode->i_mapping->a_ops == &shmem_aops) {
582 shmem_unacct_size(info->flags, inode->i_size);
584 shmem_truncate_range(inode, 0, (loff_t)-1);
585 if (!list_empty(&info->swaplist)) {
586 mutex_lock(&shmem_swaplist_mutex);
587 list_del_init(&info->swaplist);
588 mutex_unlock(&shmem_swaplist_mutex);
591 kfree(info->symlink);
593 simple_xattrs_free(&info->xattrs);
594 WARN_ON(inode->i_blocks);
595 shmem_free_inode(inode->i_sb);
600 * If swap found in inode, free it and move page from swapcache to filecache.
602 static int shmem_unuse_inode(struct shmem_inode_info *info,
603 swp_entry_t swap, struct page **pagep)
605 struct address_space *mapping = info->vfs_inode.i_mapping;
611 radswap = swp_to_radix_entry(swap);
612 index = radix_tree_locate_item(&mapping->page_tree, radswap);
617 * Move _head_ to start search for next from here.
618 * But be careful: shmem_evict_inode checks list_empty without taking
619 * mutex, and there's an instant in list_move_tail when info->swaplist
620 * would appear empty, if it were the only one on shmem_swaplist.
622 if (shmem_swaplist.next != &info->swaplist)
623 list_move_tail(&shmem_swaplist, &info->swaplist);
625 gfp = mapping_gfp_mask(mapping);
626 if (shmem_should_replace_page(*pagep, gfp)) {
627 mutex_unlock(&shmem_swaplist_mutex);
628 error = shmem_replace_page(pagep, gfp, info, index);
629 mutex_lock(&shmem_swaplist_mutex);
631 * We needed to drop mutex to make that restrictive page
632 * allocation, but the inode might have been freed while we
633 * dropped it: although a racing shmem_evict_inode() cannot
634 * complete without emptying the radix_tree, our page lock
635 * on this swapcache page is not enough to prevent that -
636 * free_swap_and_cache() of our swap entry will only
637 * trylock_page(), removing swap from radix_tree whatever.
639 * We must not proceed to shmem_add_to_page_cache() if the
640 * inode has been freed, but of course we cannot rely on
641 * inode or mapping or info to check that. However, we can
642 * safely check if our swap entry is still in use (and here
643 * it can't have got reused for another page): if it's still
644 * in use, then the inode cannot have been freed yet, and we
645 * can safely proceed (if it's no longer in use, that tells
646 * nothing about the inode, but we don't need to unuse swap).
648 if (!page_swapcount(*pagep))
653 * We rely on shmem_swaplist_mutex, not only to protect the swaplist,
654 * but also to hold up shmem_evict_inode(): so inode cannot be freed
655 * beneath us (pagelock doesn't help until the page is in pagecache).
658 error = shmem_add_to_page_cache(*pagep, mapping, index,
659 GFP_NOWAIT, radswap);
660 if (error != -ENOMEM) {
662 * Truncation and eviction use free_swap_and_cache(), which
663 * only does trylock page: if we raced, best clean up here.
665 delete_from_swap_cache(*pagep);
666 set_page_dirty(*pagep);
668 spin_lock(&info->lock);
670 spin_unlock(&info->lock);
673 error = 1; /* not an error, but entry was found */
679 * Search through swapped inodes to find and replace swap by page.
681 int shmem_unuse(swp_entry_t swap, struct page *page)
683 struct list_head *this, *next;
684 struct shmem_inode_info *info;
685 struct mem_cgroup *memcg;
690 * There's a faint possibility that swap page was replaced before
691 * caller locked it: caller will come back later with the right page.
693 if (unlikely(!PageSwapCache(page) || page_private(page) != swap.val))
697 * Charge page using GFP_KERNEL while we can wait, before taking
698 * the shmem_swaplist_mutex which might hold up shmem_writepage().
699 * Charged back to the user (not to caller) when swap account is used.
701 error = mem_cgroup_try_charge(page, current->mm, GFP_KERNEL, &memcg);
704 /* No radix_tree_preload: swap entry keeps a place for page in tree */
706 mutex_lock(&shmem_swaplist_mutex);
707 list_for_each_safe(this, next, &shmem_swaplist) {
708 info = list_entry(this, struct shmem_inode_info, swaplist);
710 found = shmem_unuse_inode(info, swap, &page);
712 list_del_init(&info->swaplist);
717 mutex_unlock(&shmem_swaplist_mutex);
721 mem_cgroup_cancel_charge(page, memcg);
723 mem_cgroup_commit_charge(page, memcg, true);
726 page_cache_release(page);
731 * Move the page from the page cache to the swap cache.
733 static int shmem_writepage(struct page *page, struct writeback_control *wbc)
735 struct shmem_inode_info *info;
736 struct address_space *mapping;
741 BUG_ON(!PageLocked(page));
742 mapping = page->mapping;
744 inode = mapping->host;
745 info = SHMEM_I(inode);
746 if (info->flags & VM_LOCKED)
748 if (!total_swap_pages)
752 * shmem_backing_dev_info's capabilities prevent regular writeback or
753 * sync from ever calling shmem_writepage; but a stacking filesystem
754 * might use ->writepage of its underlying filesystem, in which case
755 * tmpfs should write out to swap only in response to memory pressure,
756 * and not for the writeback threads or sync.
758 if (!wbc->for_reclaim) {
759 WARN_ON_ONCE(1); /* Still happens? Tell us about it! */
764 * This is somewhat ridiculous, but without plumbing a SWAP_MAP_FALLOC
765 * value into swapfile.c, the only way we can correctly account for a
766 * fallocated page arriving here is now to initialize it and write it.
768 * That's okay for a page already fallocated earlier, but if we have
769 * not yet completed the fallocation, then (a) we want to keep track
770 * of this page in case we have to undo it, and (b) it may not be a
771 * good idea to continue anyway, once we're pushing into swap. So
772 * reactivate the page, and let shmem_fallocate() quit when too many.
774 if (!PageUptodate(page)) {
775 if (inode->i_private) {
776 struct shmem_falloc *shmem_falloc;
777 spin_lock(&inode->i_lock);
778 shmem_falloc = inode->i_private;
780 !shmem_falloc->mode &&
781 index >= shmem_falloc->start &&
782 index < shmem_falloc->next)
783 shmem_falloc->nr_unswapped++;
786 spin_unlock(&inode->i_lock);
790 clear_highpage(page);
791 flush_dcache_page(page);
792 SetPageUptodate(page);
795 swap = get_swap_page();
800 * Add inode to shmem_unuse()'s list of swapped-out inodes,
801 * if it's not already there. Do it now before the page is
802 * moved to swap cache, when its pagelock no longer protects
803 * the inode from eviction. But don't unlock the mutex until
804 * we've incremented swapped, because shmem_unuse_inode() will
805 * prune a !swapped inode from the swaplist under this mutex.
807 mutex_lock(&shmem_swaplist_mutex);
808 if (list_empty(&info->swaplist))
809 list_add_tail(&info->swaplist, &shmem_swaplist);
811 if (add_to_swap_cache(page, swap, GFP_ATOMIC) == 0) {
812 swap_shmem_alloc(swap);
813 shmem_delete_from_page_cache(page, swp_to_radix_entry(swap));
815 spin_lock(&info->lock);
817 shmem_recalc_inode(inode);
818 spin_unlock(&info->lock);
820 mutex_unlock(&shmem_swaplist_mutex);
821 BUG_ON(page_mapped(page));
822 swap_writepage(page, wbc);
826 mutex_unlock(&shmem_swaplist_mutex);
827 swapcache_free(swap);
829 set_page_dirty(page);
830 if (wbc->for_reclaim)
831 return AOP_WRITEPAGE_ACTIVATE; /* Return with page locked */
838 static void shmem_show_mpol(struct seq_file *seq, struct mempolicy *mpol)
842 if (!mpol || mpol->mode == MPOL_DEFAULT)
843 return; /* show nothing */
845 mpol_to_str(buffer, sizeof(buffer), mpol);
847 seq_printf(seq, ",mpol=%s", buffer);
850 static struct mempolicy *shmem_get_sbmpol(struct shmem_sb_info *sbinfo)
852 struct mempolicy *mpol = NULL;
854 spin_lock(&sbinfo->stat_lock); /* prevent replace/use races */
857 spin_unlock(&sbinfo->stat_lock);
861 #endif /* CONFIG_TMPFS */
863 static struct page *shmem_swapin(swp_entry_t swap, gfp_t gfp,
864 struct shmem_inode_info *info, pgoff_t index)
866 struct vm_area_struct pvma;
869 /* Create a pseudo vma that just contains the policy */
871 /* Bias interleave by inode number to distribute better across nodes */
872 pvma.vm_pgoff = index + info->vfs_inode.i_ino;
874 pvma.vm_policy = mpol_shared_policy_lookup(&info->policy, index);
876 page = swapin_readahead(swap, gfp, &pvma, 0);
878 /* Drop reference taken by mpol_shared_policy_lookup() */
879 mpol_cond_put(pvma.vm_policy);
884 static struct page *shmem_alloc_page(gfp_t gfp,
885 struct shmem_inode_info *info, pgoff_t index)
887 struct vm_area_struct pvma;
890 /* Create a pseudo vma that just contains the policy */
892 /* Bias interleave by inode number to distribute better across nodes */
893 pvma.vm_pgoff = index + info->vfs_inode.i_ino;
895 pvma.vm_policy = mpol_shared_policy_lookup(&info->policy, index);
897 page = alloc_page_vma(gfp, &pvma, 0);
899 /* Drop reference taken by mpol_shared_policy_lookup() */
900 mpol_cond_put(pvma.vm_policy);
904 #else /* !CONFIG_NUMA */
906 static inline void shmem_show_mpol(struct seq_file *seq, struct mempolicy *mpol)
909 #endif /* CONFIG_TMPFS */
911 static inline struct page *shmem_swapin(swp_entry_t swap, gfp_t gfp,
912 struct shmem_inode_info *info, pgoff_t index)
914 return swapin_readahead(swap, gfp, NULL, 0);
917 static inline struct page *shmem_alloc_page(gfp_t gfp,
918 struct shmem_inode_info *info, pgoff_t index)
920 return alloc_page(gfp);
922 #endif /* CONFIG_NUMA */
924 #if !defined(CONFIG_NUMA) || !defined(CONFIG_TMPFS)
925 static inline struct mempolicy *shmem_get_sbmpol(struct shmem_sb_info *sbinfo)
932 * When a page is moved from swapcache to shmem filecache (either by the
933 * usual swapin of shmem_getpage_gfp(), or by the less common swapoff of
934 * shmem_unuse_inode()), it may have been read in earlier from swap, in
935 * ignorance of the mapping it belongs to. If that mapping has special
936 * constraints (like the gma500 GEM driver, which requires RAM below 4GB),
937 * we may need to copy to a suitable page before moving to filecache.
939 * In a future release, this may well be extended to respect cpuset and
940 * NUMA mempolicy, and applied also to anonymous pages in do_swap_page();
941 * but for now it is a simple matter of zone.
943 static bool shmem_should_replace_page(struct page *page, gfp_t gfp)
945 return page_zonenum(page) > gfp_zone(gfp);
948 static int shmem_replace_page(struct page **pagep, gfp_t gfp,
949 struct shmem_inode_info *info, pgoff_t index)
951 struct page *oldpage, *newpage;
952 struct address_space *swap_mapping;
957 swap_index = page_private(oldpage);
958 swap_mapping = page_mapping(oldpage);
961 * We have arrived here because our zones are constrained, so don't
962 * limit chance of success by further cpuset and node constraints.
964 gfp &= ~GFP_CONSTRAINT_MASK;
965 newpage = shmem_alloc_page(gfp, info, index);
969 page_cache_get(newpage);
970 copy_highpage(newpage, oldpage);
971 flush_dcache_page(newpage);
973 __set_page_locked(newpage);
974 SetPageUptodate(newpage);
975 SetPageSwapBacked(newpage);
976 set_page_private(newpage, swap_index);
977 SetPageSwapCache(newpage);
980 * Our caller will very soon move newpage out of swapcache, but it's
981 * a nice clean interface for us to replace oldpage by newpage there.
983 spin_lock_irq(&swap_mapping->tree_lock);
984 error = shmem_radix_tree_replace(swap_mapping, swap_index, oldpage,
987 __inc_zone_page_state(newpage, NR_FILE_PAGES);
988 __dec_zone_page_state(oldpage, NR_FILE_PAGES);
990 spin_unlock_irq(&swap_mapping->tree_lock);
992 if (unlikely(error)) {
994 * Is this possible? I think not, now that our callers check
995 * both PageSwapCache and page_private after getting page lock;
996 * but be defensive. Reverse old to newpage for clear and free.
1000 mem_cgroup_migrate(oldpage, newpage, false);
1001 lru_cache_add_anon(newpage);
1005 ClearPageSwapCache(oldpage);
1006 set_page_private(oldpage, 0);
1008 unlock_page(oldpage);
1009 page_cache_release(oldpage);
1010 page_cache_release(oldpage);
1015 * shmem_getpage_gfp - find page in cache, or get from swap, or allocate
1017 * If we allocate a new one we do not mark it dirty. That's up to the
1018 * vm. If we swap it in we mark it dirty since we also free the swap
1019 * entry since a page cannot live in both the swap and page cache
1021 static int shmem_getpage_gfp(struct inode *inode, pgoff_t index,
1022 struct page **pagep, enum sgp_type sgp, gfp_t gfp, int *fault_type)
1024 struct address_space *mapping = inode->i_mapping;
1025 struct shmem_inode_info *info;
1026 struct shmem_sb_info *sbinfo;
1027 struct mem_cgroup *memcg;
1034 if (index > (MAX_LFS_FILESIZE >> PAGE_CACHE_SHIFT))
1038 page = find_lock_entry(mapping, index);
1039 if (radix_tree_exceptional_entry(page)) {
1040 swap = radix_to_swp_entry(page);
1044 if (sgp != SGP_WRITE && sgp != SGP_FALLOC &&
1045 ((loff_t)index << PAGE_CACHE_SHIFT) >= i_size_read(inode)) {
1050 /* fallocated page? */
1051 if (page && !PageUptodate(page)) {
1052 if (sgp != SGP_READ)
1055 page_cache_release(page);
1058 if (page || (sgp == SGP_READ && !swap.val)) {
1064 * Fast cache lookup did not find it:
1065 * bring it back from swap or allocate.
1067 info = SHMEM_I(inode);
1068 sbinfo = SHMEM_SB(inode->i_sb);
1071 /* Look it up and read it in.. */
1072 page = lookup_swap_cache(swap);
1074 /* here we actually do the io */
1076 *fault_type |= VM_FAULT_MAJOR;
1077 page = shmem_swapin(swap, gfp, info, index);
1084 /* We have to do this with page locked to prevent races */
1086 if (!PageSwapCache(page) || page_private(page) != swap.val ||
1087 !shmem_confirm_swap(mapping, index, swap)) {
1088 error = -EEXIST; /* try again */
1091 if (!PageUptodate(page)) {
1095 wait_on_page_writeback(page);
1097 if (shmem_should_replace_page(page, gfp)) {
1098 error = shmem_replace_page(&page, gfp, info, index);
1103 error = mem_cgroup_try_charge(page, current->mm, gfp, &memcg);
1105 error = shmem_add_to_page_cache(page, mapping, index,
1106 gfp, swp_to_radix_entry(swap));
1108 * We already confirmed swap under page lock, and make
1109 * no memory allocation here, so usually no possibility
1110 * of error; but free_swap_and_cache() only trylocks a
1111 * page, so it is just possible that the entry has been
1112 * truncated or holepunched since swap was confirmed.
1113 * shmem_undo_range() will have done some of the
1114 * unaccounting, now delete_from_swap_cache() will do
1115 * the rest (including mem_cgroup_uncharge_swapcache).
1116 * Reset swap.val? No, leave it so "failed" goes back to
1117 * "repeat": reading a hole and writing should succeed.
1120 mem_cgroup_cancel_charge(page, memcg);
1121 delete_from_swap_cache(page);
1127 mem_cgroup_commit_charge(page, memcg, true);
1129 spin_lock(&info->lock);
1131 shmem_recalc_inode(inode);
1132 spin_unlock(&info->lock);
1134 delete_from_swap_cache(page);
1135 set_page_dirty(page);
1139 if (shmem_acct_block(info->flags)) {
1143 if (sbinfo->max_blocks) {
1144 if (percpu_counter_compare(&sbinfo->used_blocks,
1145 sbinfo->max_blocks) >= 0) {
1149 percpu_counter_inc(&sbinfo->used_blocks);
1152 page = shmem_alloc_page(gfp, info, index);
1158 __SetPageSwapBacked(page);
1159 __set_page_locked(page);
1160 error = mem_cgroup_try_charge(page, current->mm, gfp, &memcg);
1163 error = radix_tree_maybe_preload(gfp & GFP_RECLAIM_MASK);
1165 error = shmem_add_to_page_cache(page, mapping, index,
1167 radix_tree_preload_end();
1170 mem_cgroup_cancel_charge(page, memcg);
1173 mem_cgroup_commit_charge(page, memcg, false);
1174 lru_cache_add_anon(page);
1176 spin_lock(&info->lock);
1178 inode->i_blocks += BLOCKS_PER_PAGE;
1179 shmem_recalc_inode(inode);
1180 spin_unlock(&info->lock);
1184 * Let SGP_FALLOC use the SGP_WRITE optimization on a new page.
1186 if (sgp == SGP_FALLOC)
1190 * Let SGP_WRITE caller clear ends if write does not fill page;
1191 * but SGP_FALLOC on a page fallocated earlier must initialize
1192 * it now, lest undo on failure cancel our earlier guarantee.
1194 if (sgp != SGP_WRITE) {
1195 clear_highpage(page);
1196 flush_dcache_page(page);
1197 SetPageUptodate(page);
1199 if (sgp == SGP_DIRTY)
1200 set_page_dirty(page);
1203 /* Perhaps the file has been truncated since we checked */
1204 if (sgp != SGP_WRITE && sgp != SGP_FALLOC &&
1205 ((loff_t)index << PAGE_CACHE_SHIFT) >= i_size_read(inode)) {
1219 info = SHMEM_I(inode);
1220 ClearPageDirty(page);
1221 delete_from_page_cache(page);
1222 spin_lock(&info->lock);
1224 inode->i_blocks -= BLOCKS_PER_PAGE;
1225 spin_unlock(&info->lock);
1227 sbinfo = SHMEM_SB(inode->i_sb);
1228 if (sbinfo->max_blocks)
1229 percpu_counter_add(&sbinfo->used_blocks, -1);
1231 shmem_unacct_blocks(info->flags, 1);
1233 if (swap.val && error != -EINVAL &&
1234 !shmem_confirm_swap(mapping, index, swap))
1239 page_cache_release(page);
1241 if (error == -ENOSPC && !once++) {
1242 info = SHMEM_I(inode);
1243 spin_lock(&info->lock);
1244 shmem_recalc_inode(inode);
1245 spin_unlock(&info->lock);
1248 if (error == -EEXIST) /* from above or from radix_tree_insert */
1253 static int shmem_fault(struct vm_area_struct *vma, struct vm_fault *vmf)
1255 struct inode *inode = file_inode(vma->vm_file);
1257 int ret = VM_FAULT_LOCKED;
1260 * Trinity finds that probing a hole which tmpfs is punching can
1261 * prevent the hole-punch from ever completing: which in turn
1262 * locks writers out with its hold on i_mutex. So refrain from
1263 * faulting pages into the hole while it's being punched, and
1264 * wait on i_mutex to be released if vmf->flags permits.
1266 if (unlikely(inode->i_private)) {
1267 struct shmem_falloc *shmem_falloc;
1269 spin_lock(&inode->i_lock);
1270 shmem_falloc = inode->i_private;
1271 if (!shmem_falloc ||
1272 shmem_falloc->mode != FALLOC_FL_PUNCH_HOLE ||
1273 vmf->pgoff < shmem_falloc->start ||
1274 vmf->pgoff >= shmem_falloc->next)
1275 shmem_falloc = NULL;
1276 spin_unlock(&inode->i_lock);
1278 * i_lock has protected us from taking shmem_falloc seriously
1279 * once return from shmem_fallocate() went back up that stack.
1280 * i_lock does not serialize with i_mutex at all, but it does
1281 * not matter if sometimes we wait unnecessarily, or sometimes
1282 * miss out on waiting: we just need to make those cases rare.
1285 if ((vmf->flags & FAULT_FLAG_ALLOW_RETRY) &&
1286 !(vmf->flags & FAULT_FLAG_RETRY_NOWAIT)) {
1287 up_read(&vma->vm_mm->mmap_sem);
1288 mutex_lock(&inode->i_mutex);
1289 mutex_unlock(&inode->i_mutex);
1290 return VM_FAULT_RETRY;
1292 /* cond_resched? Leave that to GUP or return to user */
1293 return VM_FAULT_NOPAGE;
1297 error = shmem_getpage(inode, vmf->pgoff, &vmf->page, SGP_CACHE, &ret);
1299 return ((error == -ENOMEM) ? VM_FAULT_OOM : VM_FAULT_SIGBUS);
1301 if (ret & VM_FAULT_MAJOR) {
1302 count_vm_event(PGMAJFAULT);
1303 mem_cgroup_count_vm_event(vma->vm_mm, PGMAJFAULT);
1309 static int shmem_set_policy(struct vm_area_struct *vma, struct mempolicy *mpol)
1311 struct inode *inode = file_inode(vma->vm_file);
1312 return mpol_set_shared_policy(&SHMEM_I(inode)->policy, vma, mpol);
1315 static struct mempolicy *shmem_get_policy(struct vm_area_struct *vma,
1318 struct inode *inode = file_inode(vma->vm_file);
1321 index = ((addr - vma->vm_start) >> PAGE_SHIFT) + vma->vm_pgoff;
1322 return mpol_shared_policy_lookup(&SHMEM_I(inode)->policy, index);
1326 int shmem_lock(struct file *file, int lock, struct user_struct *user)
1328 struct inode *inode = file_inode(file);
1329 struct shmem_inode_info *info = SHMEM_I(inode);
1330 int retval = -ENOMEM;
1332 spin_lock(&info->lock);
1333 if (lock && !(info->flags & VM_LOCKED)) {
1334 if (!user_shm_lock(inode->i_size, user))
1336 info->flags |= VM_LOCKED;
1337 mapping_set_unevictable(file->f_mapping);
1339 if (!lock && (info->flags & VM_LOCKED) && user) {
1340 user_shm_unlock(inode->i_size, user);
1341 info->flags &= ~VM_LOCKED;
1342 mapping_clear_unevictable(file->f_mapping);
1347 spin_unlock(&info->lock);
1351 static int shmem_mmap(struct file *file, struct vm_area_struct *vma)
1353 file_accessed(file);
1354 vma->vm_ops = &shmem_vm_ops;
1358 static struct inode *shmem_get_inode(struct super_block *sb, const struct inode *dir,
1359 umode_t mode, dev_t dev, unsigned long flags)
1361 struct inode *inode;
1362 struct shmem_inode_info *info;
1363 struct shmem_sb_info *sbinfo = SHMEM_SB(sb);
1365 if (shmem_reserve_inode(sb))
1368 inode = new_inode(sb);
1370 inode->i_ino = get_next_ino();
1371 inode_init_owner(inode, dir, mode);
1372 inode->i_blocks = 0;
1373 inode->i_mapping->backing_dev_info = &shmem_backing_dev_info;
1374 inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME;
1375 inode->i_generation = get_seconds();
1376 info = SHMEM_I(inode);
1377 memset(info, 0, (char *)inode - (char *)info);
1378 spin_lock_init(&info->lock);
1379 info->flags = flags & VM_NORESERVE;
1380 INIT_LIST_HEAD(&info->swaplist);
1381 simple_xattrs_init(&info->xattrs);
1382 cache_no_acl(inode);
1384 switch (mode & S_IFMT) {
1386 inode->i_op = &shmem_special_inode_operations;
1387 init_special_inode(inode, mode, dev);
1390 inode->i_mapping->a_ops = &shmem_aops;
1391 inode->i_op = &shmem_inode_operations;
1392 inode->i_fop = &shmem_file_operations;
1393 mpol_shared_policy_init(&info->policy,
1394 shmem_get_sbmpol(sbinfo));
1398 /* Some things misbehave if size == 0 on a directory */
1399 inode->i_size = 2 * BOGO_DIRENT_SIZE;
1400 inode->i_op = &shmem_dir_inode_operations;
1401 inode->i_fop = &simple_dir_operations;
1405 * Must not load anything in the rbtree,
1406 * mpol_free_shared_policy will not be called.
1408 mpol_shared_policy_init(&info->policy, NULL);
1412 shmem_free_inode(sb);
1416 bool shmem_mapping(struct address_space *mapping)
1418 return mapping->backing_dev_info == &shmem_backing_dev_info;
1422 static const struct inode_operations shmem_symlink_inode_operations;
1423 static const struct inode_operations shmem_short_symlink_operations;
1425 #ifdef CONFIG_TMPFS_XATTR
1426 static int shmem_initxattrs(struct inode *, const struct xattr *, void *);
1428 #define shmem_initxattrs NULL
1432 shmem_write_begin(struct file *file, struct address_space *mapping,
1433 loff_t pos, unsigned len, unsigned flags,
1434 struct page **pagep, void **fsdata)
1437 struct inode *inode = mapping->host;
1438 pgoff_t index = pos >> PAGE_CACHE_SHIFT;
1439 ret = shmem_getpage(inode, index, pagep, SGP_WRITE, NULL);
1440 if (ret == 0 && *pagep)
1441 init_page_accessed(*pagep);
1446 shmem_write_end(struct file *file, struct address_space *mapping,
1447 loff_t pos, unsigned len, unsigned copied,
1448 struct page *page, void *fsdata)
1450 struct inode *inode = mapping->host;
1452 if (pos + copied > inode->i_size)
1453 i_size_write(inode, pos + copied);
1455 if (!PageUptodate(page)) {
1456 if (copied < PAGE_CACHE_SIZE) {
1457 unsigned from = pos & (PAGE_CACHE_SIZE - 1);
1458 zero_user_segments(page, 0, from,
1459 from + copied, PAGE_CACHE_SIZE);
1461 SetPageUptodate(page);
1463 set_page_dirty(page);
1465 page_cache_release(page);
1470 static ssize_t shmem_file_read_iter(struct kiocb *iocb, struct iov_iter *to)
1472 struct file *file = iocb->ki_filp;
1473 struct inode *inode = file_inode(file);
1474 struct address_space *mapping = inode->i_mapping;
1476 unsigned long offset;
1477 enum sgp_type sgp = SGP_READ;
1480 loff_t *ppos = &iocb->ki_pos;
1483 * Might this read be for a stacking filesystem? Then when reading
1484 * holes of a sparse file, we actually need to allocate those pages,
1485 * and even mark them dirty, so it cannot exceed the max_blocks limit.
1487 if (segment_eq(get_fs(), KERNEL_DS))
1490 index = *ppos >> PAGE_CACHE_SHIFT;
1491 offset = *ppos & ~PAGE_CACHE_MASK;
1494 struct page *page = NULL;
1496 unsigned long nr, ret;
1497 loff_t i_size = i_size_read(inode);
1499 end_index = i_size >> PAGE_CACHE_SHIFT;
1500 if (index > end_index)
1502 if (index == end_index) {
1503 nr = i_size & ~PAGE_CACHE_MASK;
1508 error = shmem_getpage(inode, index, &page, sgp, NULL);
1510 if (error == -EINVAL)
1518 * We must evaluate after, since reads (unlike writes)
1519 * are called without i_mutex protection against truncate
1521 nr = PAGE_CACHE_SIZE;
1522 i_size = i_size_read(inode);
1523 end_index = i_size >> PAGE_CACHE_SHIFT;
1524 if (index == end_index) {
1525 nr = i_size & ~PAGE_CACHE_MASK;
1528 page_cache_release(page);
1536 * If users can be writing to this page using arbitrary
1537 * virtual addresses, take care about potential aliasing
1538 * before reading the page on the kernel side.
1540 if (mapping_writably_mapped(mapping))
1541 flush_dcache_page(page);
1543 * Mark the page accessed if we read the beginning.
1546 mark_page_accessed(page);
1548 page = ZERO_PAGE(0);
1549 page_cache_get(page);
1553 * Ok, we have the page, and it's up-to-date, so
1554 * now we can copy it to user space...
1556 ret = copy_page_to_iter(page, offset, nr, to);
1559 index += offset >> PAGE_CACHE_SHIFT;
1560 offset &= ~PAGE_CACHE_MASK;
1562 page_cache_release(page);
1563 if (!iov_iter_count(to))
1572 *ppos = ((loff_t) index << PAGE_CACHE_SHIFT) + offset;
1573 file_accessed(file);
1574 return retval ? retval : error;
1577 static ssize_t shmem_file_splice_read(struct file *in, loff_t *ppos,
1578 struct pipe_inode_info *pipe, size_t len,
1581 struct address_space *mapping = in->f_mapping;
1582 struct inode *inode = mapping->host;
1583 unsigned int loff, nr_pages, req_pages;
1584 struct page *pages[PIPE_DEF_BUFFERS];
1585 struct partial_page partial[PIPE_DEF_BUFFERS];
1587 pgoff_t index, end_index;
1590 struct splice_pipe_desc spd = {
1593 .nr_pages_max = PIPE_DEF_BUFFERS,
1595 .ops = &page_cache_pipe_buf_ops,
1596 .spd_release = spd_release_page,
1599 isize = i_size_read(inode);
1600 if (unlikely(*ppos >= isize))
1603 left = isize - *ppos;
1604 if (unlikely(left < len))
1607 if (splice_grow_spd(pipe, &spd))
1610 index = *ppos >> PAGE_CACHE_SHIFT;
1611 loff = *ppos & ~PAGE_CACHE_MASK;
1612 req_pages = (len + loff + PAGE_CACHE_SIZE - 1) >> PAGE_CACHE_SHIFT;
1613 nr_pages = min(req_pages, spd.nr_pages_max);
1615 spd.nr_pages = find_get_pages_contig(mapping, index,
1616 nr_pages, spd.pages);
1617 index += spd.nr_pages;
1620 while (spd.nr_pages < nr_pages) {
1621 error = shmem_getpage(inode, index, &page, SGP_CACHE, NULL);
1625 spd.pages[spd.nr_pages++] = page;
1629 index = *ppos >> PAGE_CACHE_SHIFT;
1630 nr_pages = spd.nr_pages;
1633 for (page_nr = 0; page_nr < nr_pages; page_nr++) {
1634 unsigned int this_len;
1639 this_len = min_t(unsigned long, len, PAGE_CACHE_SIZE - loff);
1640 page = spd.pages[page_nr];
1642 if (!PageUptodate(page) || page->mapping != mapping) {
1643 error = shmem_getpage(inode, index, &page,
1648 page_cache_release(spd.pages[page_nr]);
1649 spd.pages[page_nr] = page;
1652 isize = i_size_read(inode);
1653 end_index = (isize - 1) >> PAGE_CACHE_SHIFT;
1654 if (unlikely(!isize || index > end_index))
1657 if (end_index == index) {
1660 plen = ((isize - 1) & ~PAGE_CACHE_MASK) + 1;
1664 this_len = min(this_len, plen - loff);
1668 spd.partial[page_nr].offset = loff;
1669 spd.partial[page_nr].len = this_len;
1676 while (page_nr < nr_pages)
1677 page_cache_release(spd.pages[page_nr++]);
1680 error = splice_to_pipe(pipe, &spd);
1682 splice_shrink_spd(&spd);
1692 * llseek SEEK_DATA or SEEK_HOLE through the radix_tree.
1694 static pgoff_t shmem_seek_hole_data(struct address_space *mapping,
1695 pgoff_t index, pgoff_t end, int whence)
1698 struct pagevec pvec;
1699 pgoff_t indices[PAGEVEC_SIZE];
1703 pagevec_init(&pvec, 0);
1704 pvec.nr = 1; /* start small: we may be there already */
1706 pvec.nr = find_get_entries(mapping, index,
1707 pvec.nr, pvec.pages, indices);
1709 if (whence == SEEK_DATA)
1713 for (i = 0; i < pvec.nr; i++, index++) {
1714 if (index < indices[i]) {
1715 if (whence == SEEK_HOLE) {
1721 page = pvec.pages[i];
1722 if (page && !radix_tree_exceptional_entry(page)) {
1723 if (!PageUptodate(page))
1727 (page && whence == SEEK_DATA) ||
1728 (!page && whence == SEEK_HOLE)) {
1733 pagevec_remove_exceptionals(&pvec);
1734 pagevec_release(&pvec);
1735 pvec.nr = PAGEVEC_SIZE;
1741 static loff_t shmem_file_llseek(struct file *file, loff_t offset, int whence)
1743 struct address_space *mapping = file->f_mapping;
1744 struct inode *inode = mapping->host;
1748 if (whence != SEEK_DATA && whence != SEEK_HOLE)
1749 return generic_file_llseek_size(file, offset, whence,
1750 MAX_LFS_FILESIZE, i_size_read(inode));
1751 mutex_lock(&inode->i_mutex);
1752 /* We're holding i_mutex so we can access i_size directly */
1756 else if (offset >= inode->i_size)
1759 start = offset >> PAGE_CACHE_SHIFT;
1760 end = (inode->i_size + PAGE_CACHE_SIZE - 1) >> PAGE_CACHE_SHIFT;
1761 new_offset = shmem_seek_hole_data(mapping, start, end, whence);
1762 new_offset <<= PAGE_CACHE_SHIFT;
1763 if (new_offset > offset) {
1764 if (new_offset < inode->i_size)
1765 offset = new_offset;
1766 else if (whence == SEEK_DATA)
1769 offset = inode->i_size;
1774 offset = vfs_setpos(file, offset, MAX_LFS_FILESIZE);
1775 mutex_unlock(&inode->i_mutex);
1779 static long shmem_fallocate(struct file *file, int mode, loff_t offset,
1782 struct inode *inode = file_inode(file);
1783 struct shmem_sb_info *sbinfo = SHMEM_SB(inode->i_sb);
1784 struct shmem_falloc shmem_falloc;
1785 pgoff_t start, index, end;
1788 if (mode & ~(FALLOC_FL_KEEP_SIZE | FALLOC_FL_PUNCH_HOLE))
1791 mutex_lock(&inode->i_mutex);
1793 shmem_falloc.mode = mode & ~FALLOC_FL_KEEP_SIZE;
1795 if (mode & FALLOC_FL_PUNCH_HOLE) {
1796 struct address_space *mapping = file->f_mapping;
1797 loff_t unmap_start = round_up(offset, PAGE_SIZE);
1798 loff_t unmap_end = round_down(offset + len, PAGE_SIZE) - 1;
1800 shmem_falloc.start = unmap_start >> PAGE_SHIFT;
1801 shmem_falloc.next = (unmap_end + 1) >> PAGE_SHIFT;
1802 spin_lock(&inode->i_lock);
1803 inode->i_private = &shmem_falloc;
1804 spin_unlock(&inode->i_lock);
1806 if ((u64)unmap_end > (u64)unmap_start)
1807 unmap_mapping_range(mapping, unmap_start,
1808 1 + unmap_end - unmap_start, 0);
1809 shmem_truncate_range(inode, offset, offset + len - 1);
1810 /* No need to unmap again: hole-punching leaves COWed pages */
1815 /* We need to check rlimit even when FALLOC_FL_KEEP_SIZE */
1816 error = inode_newsize_ok(inode, offset + len);
1820 start = offset >> PAGE_CACHE_SHIFT;
1821 end = (offset + len + PAGE_CACHE_SIZE - 1) >> PAGE_CACHE_SHIFT;
1822 /* Try to avoid a swapstorm if len is impossible to satisfy */
1823 if (sbinfo->max_blocks && end - start > sbinfo->max_blocks) {
1828 shmem_falloc.start = start;
1829 shmem_falloc.next = start;
1830 shmem_falloc.nr_falloced = 0;
1831 shmem_falloc.nr_unswapped = 0;
1832 spin_lock(&inode->i_lock);
1833 inode->i_private = &shmem_falloc;
1834 spin_unlock(&inode->i_lock);
1836 for (index = start; index < end; index++) {
1840 * Good, the fallocate(2) manpage permits EINTR: we may have
1841 * been interrupted because we are using up too much memory.
1843 if (signal_pending(current))
1845 else if (shmem_falloc.nr_unswapped > shmem_falloc.nr_falloced)
1848 error = shmem_getpage(inode, index, &page, SGP_FALLOC,
1851 /* Remove the !PageUptodate pages we added */
1852 shmem_undo_range(inode,
1853 (loff_t)start << PAGE_CACHE_SHIFT,
1854 (loff_t)index << PAGE_CACHE_SHIFT, true);
1859 * Inform shmem_writepage() how far we have reached.
1860 * No need for lock or barrier: we have the page lock.
1862 shmem_falloc.next++;
1863 if (!PageUptodate(page))
1864 shmem_falloc.nr_falloced++;
1867 * If !PageUptodate, leave it that way so that freeable pages
1868 * can be recognized if we need to rollback on error later.
1869 * But set_page_dirty so that memory pressure will swap rather
1870 * than free the pages we are allocating (and SGP_CACHE pages
1871 * might still be clean: we now need to mark those dirty too).
1873 set_page_dirty(page);
1875 page_cache_release(page);
1879 if (!(mode & FALLOC_FL_KEEP_SIZE) && offset + len > inode->i_size)
1880 i_size_write(inode, offset + len);
1881 inode->i_ctime = CURRENT_TIME;
1883 spin_lock(&inode->i_lock);
1884 inode->i_private = NULL;
1885 spin_unlock(&inode->i_lock);
1887 mutex_unlock(&inode->i_mutex);
1891 static int shmem_statfs(struct dentry *dentry, struct kstatfs *buf)
1893 struct shmem_sb_info *sbinfo = SHMEM_SB(dentry->d_sb);
1895 buf->f_type = TMPFS_MAGIC;
1896 buf->f_bsize = PAGE_CACHE_SIZE;
1897 buf->f_namelen = NAME_MAX;
1898 if (sbinfo->max_blocks) {
1899 buf->f_blocks = sbinfo->max_blocks;
1901 buf->f_bfree = sbinfo->max_blocks -
1902 percpu_counter_sum(&sbinfo->used_blocks);
1904 if (sbinfo->max_inodes) {
1905 buf->f_files = sbinfo->max_inodes;
1906 buf->f_ffree = sbinfo->free_inodes;
1908 /* else leave those fields 0 like simple_statfs */
1913 * File creation. Allocate an inode, and we're done..
1916 shmem_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev)
1918 struct inode *inode;
1919 int error = -ENOSPC;
1921 inode = shmem_get_inode(dir->i_sb, dir, mode, dev, VM_NORESERVE);
1923 error = simple_acl_create(dir, inode);
1926 error = security_inode_init_security(inode, dir,
1928 shmem_initxattrs, NULL);
1929 if (error && error != -EOPNOTSUPP)
1933 dir->i_size += BOGO_DIRENT_SIZE;
1934 dir->i_ctime = dir->i_mtime = CURRENT_TIME;
1935 d_instantiate(dentry, inode);
1936 dget(dentry); /* Extra count - pin the dentry in core */
1945 shmem_tmpfile(struct inode *dir, struct dentry *dentry, umode_t mode)
1947 struct inode *inode;
1948 int error = -ENOSPC;
1950 inode = shmem_get_inode(dir->i_sb, dir, mode, 0, VM_NORESERVE);
1952 error = security_inode_init_security(inode, dir,
1954 shmem_initxattrs, NULL);
1955 if (error && error != -EOPNOTSUPP)
1957 error = simple_acl_create(dir, inode);
1960 d_tmpfile(dentry, inode);
1968 static int shmem_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
1972 if ((error = shmem_mknod(dir, dentry, mode | S_IFDIR, 0)))
1978 static int shmem_create(struct inode *dir, struct dentry *dentry, umode_t mode,
1981 return shmem_mknod(dir, dentry, mode | S_IFREG, 0);
1987 static int shmem_link(struct dentry *old_dentry, struct inode *dir, struct dentry *dentry)
1989 struct inode *inode = old_dentry->d_inode;
1993 * No ordinary (disk based) filesystem counts links as inodes;
1994 * but each new link needs a new dentry, pinning lowmem, and
1995 * tmpfs dentries cannot be pruned until they are unlinked.
1997 ret = shmem_reserve_inode(inode->i_sb);
2001 dir->i_size += BOGO_DIRENT_SIZE;
2002 inode->i_ctime = dir->i_ctime = dir->i_mtime = CURRENT_TIME;
2004 ihold(inode); /* New dentry reference */
2005 dget(dentry); /* Extra pinning count for the created dentry */
2006 d_instantiate(dentry, inode);
2011 static int shmem_unlink(struct inode *dir, struct dentry *dentry)
2013 struct inode *inode = dentry->d_inode;
2015 if (inode->i_nlink > 1 && !S_ISDIR(inode->i_mode))
2016 shmem_free_inode(inode->i_sb);
2018 dir->i_size -= BOGO_DIRENT_SIZE;
2019 inode->i_ctime = dir->i_ctime = dir->i_mtime = CURRENT_TIME;
2021 dput(dentry); /* Undo the count from "create" - this does all the work */
2025 static int shmem_rmdir(struct inode *dir, struct dentry *dentry)
2027 if (!simple_empty(dentry))
2030 drop_nlink(dentry->d_inode);
2032 return shmem_unlink(dir, dentry);
2036 * The VFS layer already does all the dentry stuff for rename,
2037 * we just have to decrement the usage count for the target if
2038 * it exists so that the VFS layer correctly free's it when it
2041 static int shmem_rename(struct inode *old_dir, struct dentry *old_dentry, struct inode *new_dir, struct dentry *new_dentry)
2043 struct inode *inode = old_dentry->d_inode;
2044 int they_are_dirs = S_ISDIR(inode->i_mode);
2046 if (!simple_empty(new_dentry))
2049 if (new_dentry->d_inode) {
2050 (void) shmem_unlink(new_dir, new_dentry);
2052 drop_nlink(old_dir);
2053 } else if (they_are_dirs) {
2054 drop_nlink(old_dir);
2058 old_dir->i_size -= BOGO_DIRENT_SIZE;
2059 new_dir->i_size += BOGO_DIRENT_SIZE;
2060 old_dir->i_ctime = old_dir->i_mtime =
2061 new_dir->i_ctime = new_dir->i_mtime =
2062 inode->i_ctime = CURRENT_TIME;
2066 static int shmem_symlink(struct inode *dir, struct dentry *dentry, const char *symname)
2070 struct inode *inode;
2073 struct shmem_inode_info *info;
2075 len = strlen(symname) + 1;
2076 if (len > PAGE_CACHE_SIZE)
2077 return -ENAMETOOLONG;
2079 inode = shmem_get_inode(dir->i_sb, dir, S_IFLNK|S_IRWXUGO, 0, VM_NORESERVE);
2083 error = security_inode_init_security(inode, dir, &dentry->d_name,
2084 shmem_initxattrs, NULL);
2086 if (error != -EOPNOTSUPP) {
2093 info = SHMEM_I(inode);
2094 inode->i_size = len-1;
2095 if (len <= SHORT_SYMLINK_LEN) {
2096 info->symlink = kmemdup(symname, len, GFP_KERNEL);
2097 if (!info->symlink) {
2101 inode->i_op = &shmem_short_symlink_operations;
2103 error = shmem_getpage(inode, 0, &page, SGP_WRITE, NULL);
2108 inode->i_mapping->a_ops = &shmem_aops;
2109 inode->i_op = &shmem_symlink_inode_operations;
2110 kaddr = kmap_atomic(page);
2111 memcpy(kaddr, symname, len);
2112 kunmap_atomic(kaddr);
2113 SetPageUptodate(page);
2114 set_page_dirty(page);
2116 page_cache_release(page);
2118 dir->i_size += BOGO_DIRENT_SIZE;
2119 dir->i_ctime = dir->i_mtime = CURRENT_TIME;
2120 d_instantiate(dentry, inode);
2125 static void *shmem_follow_short_symlink(struct dentry *dentry, struct nameidata *nd)
2127 nd_set_link(nd, SHMEM_I(dentry->d_inode)->symlink);
2131 static void *shmem_follow_link(struct dentry *dentry, struct nameidata *nd)
2133 struct page *page = NULL;
2134 int error = shmem_getpage(dentry->d_inode, 0, &page, SGP_READ, NULL);
2135 nd_set_link(nd, error ? ERR_PTR(error) : kmap(page));
2141 static void shmem_put_link(struct dentry *dentry, struct nameidata *nd, void *cookie)
2143 if (!IS_ERR(nd_get_link(nd))) {
2144 struct page *page = cookie;
2146 mark_page_accessed(page);
2147 page_cache_release(page);
2151 #ifdef CONFIG_TMPFS_XATTR
2153 * Superblocks without xattr inode operations may get some security.* xattr
2154 * support from the LSM "for free". As soon as we have any other xattrs
2155 * like ACLs, we also need to implement the security.* handlers at
2156 * filesystem level, though.
2160 * Callback for security_inode_init_security() for acquiring xattrs.
2162 static int shmem_initxattrs(struct inode *inode,
2163 const struct xattr *xattr_array,
2166 struct shmem_inode_info *info = SHMEM_I(inode);
2167 const struct xattr *xattr;
2168 struct simple_xattr *new_xattr;
2171 for (xattr = xattr_array; xattr->name != NULL; xattr++) {
2172 new_xattr = simple_xattr_alloc(xattr->value, xattr->value_len);
2176 len = strlen(xattr->name) + 1;
2177 new_xattr->name = kmalloc(XATTR_SECURITY_PREFIX_LEN + len,
2179 if (!new_xattr->name) {
2184 memcpy(new_xattr->name, XATTR_SECURITY_PREFIX,
2185 XATTR_SECURITY_PREFIX_LEN);
2186 memcpy(new_xattr->name + XATTR_SECURITY_PREFIX_LEN,
2189 simple_xattr_list_add(&info->xattrs, new_xattr);
2195 static const struct xattr_handler *shmem_xattr_handlers[] = {
2196 #ifdef CONFIG_TMPFS_POSIX_ACL
2197 &posix_acl_access_xattr_handler,
2198 &posix_acl_default_xattr_handler,
2203 static int shmem_xattr_validate(const char *name)
2205 struct { const char *prefix; size_t len; } arr[] = {
2206 { XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN },
2207 { XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN }
2211 for (i = 0; i < ARRAY_SIZE(arr); i++) {
2212 size_t preflen = arr[i].len;
2213 if (strncmp(name, arr[i].prefix, preflen) == 0) {
2222 static ssize_t shmem_getxattr(struct dentry *dentry, const char *name,
2223 void *buffer, size_t size)
2225 struct shmem_inode_info *info = SHMEM_I(dentry->d_inode);
2229 * If this is a request for a synthetic attribute in the system.*
2230 * namespace use the generic infrastructure to resolve a handler
2231 * for it via sb->s_xattr.
2233 if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN))
2234 return generic_getxattr(dentry, name, buffer, size);
2236 err = shmem_xattr_validate(name);
2240 return simple_xattr_get(&info->xattrs, name, buffer, size);
2243 static int shmem_setxattr(struct dentry *dentry, const char *name,
2244 const void *value, size_t size, int flags)
2246 struct shmem_inode_info *info = SHMEM_I(dentry->d_inode);
2250 * If this is a request for a synthetic attribute in the system.*
2251 * namespace use the generic infrastructure to resolve a handler
2252 * for it via sb->s_xattr.
2254 if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN))
2255 return generic_setxattr(dentry, name, value, size, flags);
2257 err = shmem_xattr_validate(name);
2261 return simple_xattr_set(&info->xattrs, name, value, size, flags);
2264 static int shmem_removexattr(struct dentry *dentry, const char *name)
2266 struct shmem_inode_info *info = SHMEM_I(dentry->d_inode);
2270 * If this is a request for a synthetic attribute in the system.*
2271 * namespace use the generic infrastructure to resolve a handler
2272 * for it via sb->s_xattr.
2274 if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN))
2275 return generic_removexattr(dentry, name);
2277 err = shmem_xattr_validate(name);
2281 return simple_xattr_remove(&info->xattrs, name);
2284 static ssize_t shmem_listxattr(struct dentry *dentry, char *buffer, size_t size)
2286 struct shmem_inode_info *info = SHMEM_I(dentry->d_inode);
2287 return simple_xattr_list(&info->xattrs, buffer, size);
2289 #endif /* CONFIG_TMPFS_XATTR */
2291 static const struct inode_operations shmem_short_symlink_operations = {
2292 .readlink = generic_readlink,
2293 .follow_link = shmem_follow_short_symlink,
2294 #ifdef CONFIG_TMPFS_XATTR
2295 .setxattr = shmem_setxattr,
2296 .getxattr = shmem_getxattr,
2297 .listxattr = shmem_listxattr,
2298 .removexattr = shmem_removexattr,
2302 static const struct inode_operations shmem_symlink_inode_operations = {
2303 .readlink = generic_readlink,
2304 .follow_link = shmem_follow_link,
2305 .put_link = shmem_put_link,
2306 #ifdef CONFIG_TMPFS_XATTR
2307 .setxattr = shmem_setxattr,
2308 .getxattr = shmem_getxattr,
2309 .listxattr = shmem_listxattr,
2310 .removexattr = shmem_removexattr,
2314 static struct dentry *shmem_get_parent(struct dentry *child)
2316 return ERR_PTR(-ESTALE);
2319 static int shmem_match(struct inode *ino, void *vfh)
2323 inum = (inum << 32) | fh[1];
2324 return ino->i_ino == inum && fh[0] == ino->i_generation;
2327 static struct dentry *shmem_fh_to_dentry(struct super_block *sb,
2328 struct fid *fid, int fh_len, int fh_type)
2330 struct inode *inode;
2331 struct dentry *dentry = NULL;
2338 inum = (inum << 32) | fid->raw[1];
2340 inode = ilookup5(sb, (unsigned long)(inum + fid->raw[0]),
2341 shmem_match, fid->raw);
2343 dentry = d_find_alias(inode);
2350 static int shmem_encode_fh(struct inode *inode, __u32 *fh, int *len,
2351 struct inode *parent)
2355 return FILEID_INVALID;
2358 if (inode_unhashed(inode)) {
2359 /* Unfortunately insert_inode_hash is not idempotent,
2360 * so as we hash inodes here rather than at creation
2361 * time, we need a lock to ensure we only try
2364 static DEFINE_SPINLOCK(lock);
2366 if (inode_unhashed(inode))
2367 __insert_inode_hash(inode,
2368 inode->i_ino + inode->i_generation);
2372 fh[0] = inode->i_generation;
2373 fh[1] = inode->i_ino;
2374 fh[2] = ((__u64)inode->i_ino) >> 32;
2380 static const struct export_operations shmem_export_ops = {
2381 .get_parent = shmem_get_parent,
2382 .encode_fh = shmem_encode_fh,
2383 .fh_to_dentry = shmem_fh_to_dentry,
2386 static int shmem_parse_options(char *options, struct shmem_sb_info *sbinfo,
2389 char *this_char, *value, *rest;
2390 struct mempolicy *mpol = NULL;
2394 while (options != NULL) {
2395 this_char = options;
2398 * NUL-terminate this option: unfortunately,
2399 * mount options form a comma-separated list,
2400 * but mpol's nodelist may also contain commas.
2402 options = strchr(options, ',');
2403 if (options == NULL)
2406 if (!isdigit(*options)) {
2413 if ((value = strchr(this_char,'=')) != NULL) {
2417 "tmpfs: No value for mount option '%s'\n",
2422 if (!strcmp(this_char,"size")) {
2423 unsigned long long size;
2424 size = memparse(value,&rest);
2426 size <<= PAGE_SHIFT;
2427 size *= totalram_pages;
2433 sbinfo->max_blocks =
2434 DIV_ROUND_UP(size, PAGE_CACHE_SIZE);
2435 } else if (!strcmp(this_char,"nr_blocks")) {
2436 sbinfo->max_blocks = memparse(value, &rest);
2439 } else if (!strcmp(this_char,"nr_inodes")) {
2440 sbinfo->max_inodes = memparse(value, &rest);
2443 } else if (!strcmp(this_char,"mode")) {
2446 sbinfo->mode = simple_strtoul(value, &rest, 8) & 07777;
2449 } else if (!strcmp(this_char,"uid")) {
2452 uid = simple_strtoul(value, &rest, 0);
2455 sbinfo->uid = make_kuid(current_user_ns(), uid);
2456 if (!uid_valid(sbinfo->uid))
2458 } else if (!strcmp(this_char,"gid")) {
2461 gid = simple_strtoul(value, &rest, 0);
2464 sbinfo->gid = make_kgid(current_user_ns(), gid);
2465 if (!gid_valid(sbinfo->gid))
2467 } else if (!strcmp(this_char,"mpol")) {
2470 if (mpol_parse_str(value, &mpol))
2473 printk(KERN_ERR "tmpfs: Bad mount option %s\n",
2478 sbinfo->mpol = mpol;
2482 printk(KERN_ERR "tmpfs: Bad value '%s' for mount option '%s'\n",
2490 static int shmem_remount_fs(struct super_block *sb, int *flags, char *data)
2492 struct shmem_sb_info *sbinfo = SHMEM_SB(sb);
2493 struct shmem_sb_info config = *sbinfo;
2494 unsigned long inodes;
2495 int error = -EINVAL;
2498 if (shmem_parse_options(data, &config, true))
2501 spin_lock(&sbinfo->stat_lock);
2502 inodes = sbinfo->max_inodes - sbinfo->free_inodes;
2503 if (percpu_counter_compare(&sbinfo->used_blocks, config.max_blocks) > 0)
2505 if (config.max_inodes < inodes)
2508 * Those tests disallow limited->unlimited while any are in use;
2509 * but we must separately disallow unlimited->limited, because
2510 * in that case we have no record of how much is already in use.
2512 if (config.max_blocks && !sbinfo->max_blocks)
2514 if (config.max_inodes && !sbinfo->max_inodes)
2518 sbinfo->max_blocks = config.max_blocks;
2519 sbinfo->max_inodes = config.max_inodes;
2520 sbinfo->free_inodes = config.max_inodes - inodes;
2523 * Preserve previous mempolicy unless mpol remount option was specified.
2526 mpol_put(sbinfo->mpol);
2527 sbinfo->mpol = config.mpol; /* transfers initial ref */
2530 spin_unlock(&sbinfo->stat_lock);
2534 static int shmem_show_options(struct seq_file *seq, struct dentry *root)
2536 struct shmem_sb_info *sbinfo = SHMEM_SB(root->d_sb);
2538 if (sbinfo->max_blocks != shmem_default_max_blocks())
2539 seq_printf(seq, ",size=%luk",
2540 sbinfo->max_blocks << (PAGE_CACHE_SHIFT - 10));
2541 if (sbinfo->max_inodes != shmem_default_max_inodes())
2542 seq_printf(seq, ",nr_inodes=%lu", sbinfo->max_inodes);
2543 if (sbinfo->mode != (S_IRWXUGO | S_ISVTX))
2544 seq_printf(seq, ",mode=%03ho", sbinfo->mode);
2545 if (!uid_eq(sbinfo->uid, GLOBAL_ROOT_UID))
2546 seq_printf(seq, ",uid=%u",
2547 from_kuid_munged(&init_user_ns, sbinfo->uid));
2548 if (!gid_eq(sbinfo->gid, GLOBAL_ROOT_GID))
2549 seq_printf(seq, ",gid=%u",
2550 from_kgid_munged(&init_user_ns, sbinfo->gid));
2551 shmem_show_mpol(seq, sbinfo->mpol);
2554 #endif /* CONFIG_TMPFS */
2556 static void shmem_put_super(struct super_block *sb)
2558 struct shmem_sb_info *sbinfo = SHMEM_SB(sb);
2560 percpu_counter_destroy(&sbinfo->used_blocks);
2561 mpol_put(sbinfo->mpol);
2563 sb->s_fs_info = NULL;
2566 int shmem_fill_super(struct super_block *sb, void *data, int silent)
2568 struct inode *inode;
2569 struct shmem_sb_info *sbinfo;
2572 /* Round up to L1_CACHE_BYTES to resist false sharing */
2573 sbinfo = kzalloc(max((int)sizeof(struct shmem_sb_info),
2574 L1_CACHE_BYTES), GFP_KERNEL);
2578 sbinfo->mode = S_IRWXUGO | S_ISVTX;
2579 sbinfo->uid = current_fsuid();
2580 sbinfo->gid = current_fsgid();
2581 sb->s_fs_info = sbinfo;
2585 * Per default we only allow half of the physical ram per
2586 * tmpfs instance, limiting inodes to one per page of lowmem;
2587 * but the internal instance is left unlimited.
2589 if (!(sb->s_flags & MS_KERNMOUNT)) {
2590 sbinfo->max_blocks = shmem_default_max_blocks();
2591 sbinfo->max_inodes = shmem_default_max_inodes();
2592 if (shmem_parse_options(data, sbinfo, false)) {
2597 sb->s_flags |= MS_NOUSER;
2599 sb->s_export_op = &shmem_export_ops;
2600 sb->s_flags |= MS_NOSEC;
2602 sb->s_flags |= MS_NOUSER;
2605 spin_lock_init(&sbinfo->stat_lock);
2606 if (percpu_counter_init(&sbinfo->used_blocks, 0))
2608 sbinfo->free_inodes = sbinfo->max_inodes;
2610 sb->s_maxbytes = MAX_LFS_FILESIZE;
2611 sb->s_blocksize = PAGE_CACHE_SIZE;
2612 sb->s_blocksize_bits = PAGE_CACHE_SHIFT;
2613 sb->s_magic = TMPFS_MAGIC;
2614 sb->s_op = &shmem_ops;
2615 sb->s_time_gran = 1;
2616 #ifdef CONFIG_TMPFS_XATTR
2617 sb->s_xattr = shmem_xattr_handlers;
2619 #ifdef CONFIG_TMPFS_POSIX_ACL
2620 sb->s_flags |= MS_POSIXACL;
2623 inode = shmem_get_inode(sb, NULL, S_IFDIR | sbinfo->mode, 0, VM_NORESERVE);
2626 inode->i_uid = sbinfo->uid;
2627 inode->i_gid = sbinfo->gid;
2628 sb->s_root = d_make_root(inode);
2634 shmem_put_super(sb);
2638 static struct kmem_cache *shmem_inode_cachep;
2640 static struct inode *shmem_alloc_inode(struct super_block *sb)
2642 struct shmem_inode_info *info;
2643 info = kmem_cache_alloc(shmem_inode_cachep, GFP_KERNEL);
2646 return &info->vfs_inode;
2649 static void shmem_destroy_callback(struct rcu_head *head)
2651 struct inode *inode = container_of(head, struct inode, i_rcu);
2652 kmem_cache_free(shmem_inode_cachep, SHMEM_I(inode));
2655 static void shmem_destroy_inode(struct inode *inode)
2657 if (S_ISREG(inode->i_mode))
2658 mpol_free_shared_policy(&SHMEM_I(inode)->policy);
2659 call_rcu(&inode->i_rcu, shmem_destroy_callback);
2662 static void shmem_init_inode(void *foo)
2664 struct shmem_inode_info *info = foo;
2665 inode_init_once(&info->vfs_inode);
2668 static int shmem_init_inodecache(void)
2670 shmem_inode_cachep = kmem_cache_create("shmem_inode_cache",
2671 sizeof(struct shmem_inode_info),
2672 0, SLAB_PANIC, shmem_init_inode);
2676 static void shmem_destroy_inodecache(void)
2678 kmem_cache_destroy(shmem_inode_cachep);
2681 static const struct address_space_operations shmem_aops = {
2682 .writepage = shmem_writepage,
2683 .set_page_dirty = __set_page_dirty_no_writeback,
2685 .write_begin = shmem_write_begin,
2686 .write_end = shmem_write_end,
2688 .migratepage = migrate_page,
2689 .error_remove_page = generic_error_remove_page,
2692 static const struct file_operations shmem_file_operations = {
2695 .llseek = shmem_file_llseek,
2696 .read = new_sync_read,
2697 .write = new_sync_write,
2698 .read_iter = shmem_file_read_iter,
2699 .write_iter = generic_file_write_iter,
2700 .fsync = noop_fsync,
2701 .splice_read = shmem_file_splice_read,
2702 .splice_write = iter_file_splice_write,
2703 .fallocate = shmem_fallocate,
2707 static const struct inode_operations shmem_inode_operations = {
2708 .setattr = shmem_setattr,
2709 #ifdef CONFIG_TMPFS_XATTR
2710 .setxattr = shmem_setxattr,
2711 .getxattr = shmem_getxattr,
2712 .listxattr = shmem_listxattr,
2713 .removexattr = shmem_removexattr,
2714 .set_acl = simple_set_acl,
2718 static const struct inode_operations shmem_dir_inode_operations = {
2720 .create = shmem_create,
2721 .lookup = simple_lookup,
2723 .unlink = shmem_unlink,
2724 .symlink = shmem_symlink,
2725 .mkdir = shmem_mkdir,
2726 .rmdir = shmem_rmdir,
2727 .mknod = shmem_mknod,
2728 .rename = shmem_rename,
2729 .tmpfile = shmem_tmpfile,
2731 #ifdef CONFIG_TMPFS_XATTR
2732 .setxattr = shmem_setxattr,
2733 .getxattr = shmem_getxattr,
2734 .listxattr = shmem_listxattr,
2735 .removexattr = shmem_removexattr,
2737 #ifdef CONFIG_TMPFS_POSIX_ACL
2738 .setattr = shmem_setattr,
2739 .set_acl = simple_set_acl,
2743 static const struct inode_operations shmem_special_inode_operations = {
2744 #ifdef CONFIG_TMPFS_XATTR
2745 .setxattr = shmem_setxattr,
2746 .getxattr = shmem_getxattr,
2747 .listxattr = shmem_listxattr,
2748 .removexattr = shmem_removexattr,
2750 #ifdef CONFIG_TMPFS_POSIX_ACL
2751 .setattr = shmem_setattr,
2752 .set_acl = simple_set_acl,
2756 static const struct super_operations shmem_ops = {
2757 .alloc_inode = shmem_alloc_inode,
2758 .destroy_inode = shmem_destroy_inode,
2760 .statfs = shmem_statfs,
2761 .remount_fs = shmem_remount_fs,
2762 .show_options = shmem_show_options,
2764 .evict_inode = shmem_evict_inode,
2765 .drop_inode = generic_delete_inode,
2766 .put_super = shmem_put_super,
2769 static const struct vm_operations_struct shmem_vm_ops = {
2770 .fault = shmem_fault,
2771 .map_pages = filemap_map_pages,
2773 .set_policy = shmem_set_policy,
2774 .get_policy = shmem_get_policy,
2776 .remap_pages = generic_file_remap_pages,
2779 static struct dentry *shmem_mount(struct file_system_type *fs_type,
2780 int flags, const char *dev_name, void *data)
2782 return mount_nodev(fs_type, flags, data, shmem_fill_super);
2785 static struct file_system_type shmem_fs_type = {
2786 .owner = THIS_MODULE,
2788 .mount = shmem_mount,
2789 .kill_sb = kill_litter_super,
2790 .fs_flags = FS_USERNS_MOUNT,
2793 int __init shmem_init(void)
2797 /* If rootfs called this, don't re-init */
2798 if (shmem_inode_cachep)
2801 error = bdi_init(&shmem_backing_dev_info);
2805 error = shmem_init_inodecache();
2809 error = register_filesystem(&shmem_fs_type);
2811 printk(KERN_ERR "Could not register tmpfs\n");
2815 shm_mnt = kern_mount(&shmem_fs_type);
2816 if (IS_ERR(shm_mnt)) {
2817 error = PTR_ERR(shm_mnt);
2818 printk(KERN_ERR "Could not kern_mount tmpfs\n");
2824 unregister_filesystem(&shmem_fs_type);
2826 shmem_destroy_inodecache();
2828 bdi_destroy(&shmem_backing_dev_info);
2830 shm_mnt = ERR_PTR(error);
2834 #else /* !CONFIG_SHMEM */
2837 * tiny-shmem: simple shmemfs and tmpfs using ramfs code
2839 * This is intended for small system where the benefits of the full
2840 * shmem code (swap-backed and resource-limited) are outweighed by
2841 * their complexity. On systems without swap this code should be
2842 * effectively equivalent, but much lighter weight.
2845 static struct file_system_type shmem_fs_type = {
2847 .mount = ramfs_mount,
2848 .kill_sb = kill_litter_super,
2849 .fs_flags = FS_USERNS_MOUNT,
2852 int __init shmem_init(void)
2854 BUG_ON(register_filesystem(&shmem_fs_type) != 0);
2856 shm_mnt = kern_mount(&shmem_fs_type);
2857 BUG_ON(IS_ERR(shm_mnt));
2862 int shmem_unuse(swp_entry_t swap, struct page *page)
2867 int shmem_lock(struct file *file, int lock, struct user_struct *user)
2872 void shmem_unlock_mapping(struct address_space *mapping)
2876 void shmem_truncate_range(struct inode *inode, loff_t lstart, loff_t lend)
2878 truncate_inode_pages_range(inode->i_mapping, lstart, lend);
2880 EXPORT_SYMBOL_GPL(shmem_truncate_range);
2882 #define shmem_vm_ops generic_file_vm_ops
2883 #define shmem_file_operations ramfs_file_operations
2884 #define shmem_get_inode(sb, dir, mode, dev, flags) ramfs_get_inode(sb, dir, mode, dev)
2885 #define shmem_acct_size(flags, size) 0
2886 #define shmem_unacct_size(flags, size) do {} while (0)
2888 #endif /* CONFIG_SHMEM */
2892 static struct dentry_operations anon_ops = {
2893 .d_dname = simple_dname
2896 static struct file *__shmem_file_setup(const char *name, loff_t size,
2897 unsigned long flags, unsigned int i_flags)
2900 struct inode *inode;
2902 struct super_block *sb;
2905 if (IS_ERR(shm_mnt))
2906 return ERR_CAST(shm_mnt);
2908 if (size < 0 || size > MAX_LFS_FILESIZE)
2909 return ERR_PTR(-EINVAL);
2911 if (shmem_acct_size(flags, size))
2912 return ERR_PTR(-ENOMEM);
2914 res = ERR_PTR(-ENOMEM);
2916 this.len = strlen(name);
2917 this.hash = 0; /* will go */
2918 sb = shm_mnt->mnt_sb;
2919 path.mnt = mntget(shm_mnt);
2920 path.dentry = d_alloc_pseudo(sb, &this);
2923 d_set_d_op(path.dentry, &anon_ops);
2925 res = ERR_PTR(-ENOSPC);
2926 inode = shmem_get_inode(sb, NULL, S_IFREG | S_IRWXUGO, 0, flags);
2930 inode->i_flags |= i_flags;
2931 d_instantiate(path.dentry, inode);
2932 inode->i_size = size;
2933 clear_nlink(inode); /* It is unlinked */
2934 res = ERR_PTR(ramfs_nommu_expand_for_mapping(inode, size));
2938 res = alloc_file(&path, FMODE_WRITE | FMODE_READ,
2939 &shmem_file_operations);
2946 shmem_unacct_size(flags, size);
2953 * shmem_kernel_file_setup - get an unlinked file living in tmpfs which must be
2954 * kernel internal. There will be NO LSM permission checks against the
2955 * underlying inode. So users of this interface must do LSM checks at a
2956 * higher layer. The one user is the big_key implementation. LSM checks
2957 * are provided at the key level rather than the inode level.
2958 * @name: name for dentry (to be seen in /proc/<pid>/maps
2959 * @size: size to be set for the file
2960 * @flags: VM_NORESERVE suppresses pre-accounting of the entire object size
2962 struct file *shmem_kernel_file_setup(const char *name, loff_t size, unsigned long flags)
2964 return __shmem_file_setup(name, size, flags, S_PRIVATE);
2968 * shmem_file_setup - get an unlinked file living in tmpfs
2969 * @name: name for dentry (to be seen in /proc/<pid>/maps
2970 * @size: size to be set for the file
2971 * @flags: VM_NORESERVE suppresses pre-accounting of the entire object size
2973 struct file *shmem_file_setup(const char *name, loff_t size, unsigned long flags)
2975 return __shmem_file_setup(name, size, flags, 0);
2977 EXPORT_SYMBOL_GPL(shmem_file_setup);
2980 * shmem_zero_setup - setup a shared anonymous mapping
2981 * @vma: the vma to be mmapped is prepared by do_mmap_pgoff
2983 int shmem_zero_setup(struct vm_area_struct *vma)
2986 loff_t size = vma->vm_end - vma->vm_start;
2988 file = shmem_file_setup("dev/zero", size, vma->vm_flags);
2990 return PTR_ERR(file);
2994 vma->vm_file = file;
2995 vma->vm_ops = &shmem_vm_ops;
3000 * shmem_read_mapping_page_gfp - read into page cache, using specified page allocation flags.
3001 * @mapping: the page's address_space
3002 * @index: the page index
3003 * @gfp: the page allocator flags to use if allocating
3005 * This behaves as a tmpfs "read_cache_page_gfp(mapping, index, gfp)",
3006 * with any new page allocations done using the specified allocation flags.
3007 * But read_cache_page_gfp() uses the ->readpage() method: which does not
3008 * suit tmpfs, since it may have pages in swapcache, and needs to find those
3009 * for itself; although drivers/gpu/drm i915 and ttm rely upon this support.
3011 * i915_gem_object_get_pages_gtt() mixes __GFP_NORETRY | __GFP_NOWARN in
3012 * with the mapping_gfp_mask(), to avoid OOMing the machine unnecessarily.
3014 struct page *shmem_read_mapping_page_gfp(struct address_space *mapping,
3015 pgoff_t index, gfp_t gfp)
3018 struct inode *inode = mapping->host;
3022 BUG_ON(mapping->a_ops != &shmem_aops);
3023 error = shmem_getpage_gfp(inode, index, &page, SGP_CACHE, gfp, NULL);
3025 page = ERR_PTR(error);
3031 * The tiny !SHMEM case uses ramfs without swap
3033 return read_cache_page_gfp(mapping, index, gfp);
3036 EXPORT_SYMBOL_GPL(shmem_read_mapping_page_gfp);
projects / karo-tx-linux.git / blob