/*-
* Copyright (c) 2003,2006,2008 The NetBSD Foundation, Inc.
* All rights reserved.
*
* This code is derived from software contributed to The NetBSD Foundation
* by Wasabi Systems, Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
#undef WAPBL_DEBUG
#ifdef WAPBL_DEBUG
int ffs_wapbl_debug = 1;
#define DPRINTF(fmt, args...) \
do { \
if (ffs_wapbl_debug) \
printf("%s:%d "fmt, __func__ , __LINE__, ##args); \
} while (/* CONSTCOND */0)
#else
#define DPRINTF(fmt, args...) \
do { \
/* nothing */ \
} while (/* CONSTCOND */0)
#endif
static int ffs_superblock_layout(struct fs *);
static int wapbl_log_position(struct mount *, struct fs *, struct vnode *,
daddr_t *, size_t *, size_t *, uint64_t *);
static int wapbl_create_infs_log(struct mount *, struct fs *, struct vnode *,
daddr_t *, size_t *, uint64_t *);
static void wapbl_find_log_start(struct mount *, struct vnode *, off_t,
daddr_t *, daddr_t *, size_t *);
static int wapbl_remove_log(struct mount *);
static int wapbl_allocate_log_file(struct mount *, struct vnode *,
daddr_t *, size_t *, uint64_t *);
/*
* Return the super block layout format - UFS1 or UFS2.
* WAPBL only works with UFS2 layout (which is still available
* with FFSv1).
*
* XXX Should this be in ufs/ffs/fs.h? Same style of check is
* also used in ffs_alloc.c in a few places.
*/
static int
ffs_superblock_layout(struct fs *fs)
{
if ((fs->fs_magic == FS_UFS1_MAGIC) &&
((fs->fs_old_flags & FS_FLAGS_UPDATED) == 0))
return 1;
else
return 2;
}
/*
* This function is invoked after a log is replayed to
* disk to perform logical cleanup actions as described by
* the log
*/
void
ffs_wapbl_replay_finish(struct mount *mp)
{
struct wapbl_replay *wr = mp->mnt_wapbl_replay;
int i;
int error;
/*
* The journal may have left partially allocated inodes in mode
* zero. This may occur if a crash occurs between the node
* allocation in ffs_nodeallocg and when the node is properly
* initialized in ufs_makeinode. If so, just deallocate them.
*/
if (ip->i_mode == 0) {
error = UFS_WAPBL_BEGIN(mp);
if (error) {
printf("%s: %s: "
"unable to cleanup inode %" PRIu32 "\n",
__func__, VFSTOUFS(mp)->um_fs->fs_fsmnt,
wr->wr_inodes[i].wr_inumber);
} else {
ffs_vfree(vp, ip->i_number,
wr->wr_inodes[i].wr_imode);
UFS_WAPBL_END(mp);
}
}
vput(vp);
}
wapbl_replay_stop(wr);
wapbl_replay_free(wr);
mp->mnt_wapbl_replay = NULL;
}
/* Callback for wapbl */
void
ffs_wapbl_sync_metadata(struct mount *mp, struct wapbl_dealloc *fdealloc)
{
struct ufsmount *ump = VFSTOUFS(mp);
struct fs *fs = ump->um_fs;
int error __diagused;
struct wapbl_dealloc *wd;
UFS_WAPBL_JLOCK_ASSERT(ump->um_mountp);
for (wd = fdealloc; wd != NULL; wd = TAILQ_NEXT(wd, wd_entries)) {
/*
* blkfree errors are unreported, might silently fail
* if it cannot read the cylinder group block
*/
ffs_blkfree(fs, ump->um_devvp,
FFS_DBTOFSB(fs, wd->wd_blkno), wd->wd_len, -1);
}
for (wd = fdealloc; wd != NULL; wd = TAILQ_NEXT(wd, wd_entries)) {
/*
* Since the above blkfree may have failed, this blkalloc might
* fail as well, so don't check its error. Note that if the
* blkfree succeeded above, then this shouldn't fail because
* the buffer will be locked in the current transaction.
*/
ffs_blkalloc_ump(ump, FFS_DBTOFSB(fs, wd->wd_blkno),
wd->wd_len);
}
}
static int
wapbl_remove_log(struct mount *mp)
{
struct ufsmount *ump = VFSTOUFS(mp);
struct fs *fs = ump->um_fs;
struct vnode *vp;
struct inode *ip;
ino_t log_ino;
int error;
/* If super block layout is too old to support WAPBL, return */
if (ffs_superblock_layout(fs) < 2)
return 0;
/* If all the log locators are 0, just clean up */
if (fs->fs_journallocs[0] == 0 &&
fs->fs_journallocs[1] == 0 &&
fs->fs_journallocs[2] == 0 &&
fs->fs_journallocs[3] == 0) {
DPRINTF("empty locators, just clear\n");
goto done;
}
/*
* Make sure we don't carry over any delayed write
* buffers when updating to log. Need to turn off
* async termporarily, to prevent ffs_sync() writes
* themselves being turned into delayed writes.
*/
if (mp->mnt_flag & MNT_UPDATE) {
int saveflag = mp->mnt_flag & MNT_ASYNC;
mp->mnt_flag &= ~MNT_ASYNC;
ffs_sync(mp, MNT_WAIT, FSCRED);
mp->mnt_flag |= saveflag;
}
/*
* It is recommended that you finish replay with logging enabled.
* However, even if logging is not enabled, the remaining log
* replay should be safely recoverable with an fsck, so perform
* it anyway.
*/
if ((fs->fs_ronly == 0) && mp->mnt_wapbl_replay) {
int saveflag = mp->mnt_flag & MNT_RDONLY;
/*
* Make sure MNT_RDONLY is not set so that the inode
* cleanup in ufs_inactive will actually do its work.
*/
mp->mnt_flag &= ~MNT_RDONLY;
ffs_wapbl_replay_finish(mp);
mp->mnt_flag |= saveflag;
KASSERT(fs->fs_ronly == 0);
}
int
ffs_wapbl_stop(struct mount *mp, int force)
{
struct ufsmount *ump = VFSTOUFS(mp);
struct fs *fs = ump->um_fs;
int error;
if (mp->mnt_wapbl) {
KDASSERT(fs->fs_ronly == 0);
/*
* Make sure turning off FS_DOWAPBL is only removed
* as the only change in the final flush since otherwise
* a transaction may reorder writes.
*/
error = wapbl_flush(mp->mnt_wapbl, 1);
if (error && !force)
return error;
if (error && force)
goto forceout;
error = UFS_WAPBL_BEGIN(mp);
if (error && !force)
return error;
if (error && force)
goto forceout;
KASSERT(fs->fs_flags & FS_DOWAPBL);
fs->fs_flags &= ~FS_DOWAPBL;
error = ffs_sbupdate(ump, MNT_WAIT);
KASSERT(error == 0); /* XXX a bit drastic! */
UFS_WAPBL_END(mp);
forceout:
error = wapbl_stop(mp->mnt_wapbl, force);
if (error) {
KASSERT(!force);
fs->fs_flags |= FS_DOWAPBL;
return error;
}
fs->fs_flags &= ~FS_DOWAPBL; /* Repeat in case of forced error */
mp->mnt_wapbl = NULL;
int
ffs_wapbl_replay_start(struct mount *mp, struct fs *fs, struct vnode *devvp)
{
int error;
daddr_t off;
size_t count;
size_t blksize;
uint64_t extradata;
/*
* WAPBL needs UFS2 format super block, if we got here with a
* UFS1 format super block something is amiss...
*/
if (ffs_superblock_layout(fs) < 2)
return EINVAL;
/*
* If the superblock doesn't already have a recorded journal location
* then we allocate the journal in one of two positions:
*
* - At the end of the partition after the filesystem if there's
* enough space. "Enough space" is defined as >= 1MB of journal
* per 1GB of filesystem or 64MB, whichever is smaller.
*
* - Inside the filesystem. We try to allocate a contiguous journal
* based on the total filesystem size - the target is 1MB of journal
* per 1GB of filesystem, up to a maximum journal size of 64MB. As
* a worst case allowing for fragmentation, we'll allocate a journal
* 1/4 of the desired size but never smaller than 1MB.
*
* XXX In the future if we allow for non-contiguous journal files we
* can tighten the above restrictions.
*
* XXX
* These seems like a lot of duplication both here and in some of
* the userland tools (fsck_ffs, dumpfs, tunefs) with similar
* "switch (fs_journal_location)" constructs. Can we centralise
* this sort of code somehow/somewhere?
*/
static int
wapbl_log_position(struct mount *mp, struct fs *fs, struct vnode *devvp,
daddr_t *startp, size_t *countp, size_t *blksizep, uint64_t *extradatap)
{
struct ufsmount *ump = VFSTOUFS(mp);
daddr_t logstart, logend, desired_logsize;
uint64_t numsecs;
unsigned secsize;
int error, location;
/* Is there space after after filesystem on partition for log? */
logstart = FFS_FSBTODB(fs, fs->fs_size);
error = getdisksize(devvp, &numsecs, &secsize);
if (error)
return error;
KDASSERT(secsize != 0);
logend = btodb(numsecs * secsize);
if (dbtob(logend - logstart) >= desired_logsize) {
DPRINTF("enough space, use end-of-partition log\n");
if ((error = wapbl_allocate_log_file(mp, vp,
startp, countp, extradatap)) != 0) {
/*
* If we couldn't allocate the space for the log file,
* remove the inode by setting its link count back to
* zero and bail.
*/
ip->i_nlink = 0;
DIP_ASSIGN(ip, nlink, 0);
vput(vp);
return error;
}
/*
* Now that we have the place-holder inode for the journal,
* we don't need the vnode ever again.
*/
vput(vp);
/*
* Find a suitable location for the journal in the filesystem.
*
* Our strategy here is to look for a contiguous block of free space
* at least "logfile" MB in size (plus room for any indirect blocks).
* We start at the middle of the filesystem and check each cylinder
* group working outwards. If "logfile" MB is not available as a
* single contiguous chunk, then return the address and size of the
* largest chunk found.
*
* XXX
* At what stage does the search fail? Is if the largest space we could
* find is less than a quarter the requested space reasonable? If the
* search fails entirely, return a block address if "0" it indicate this.
*/
static void
wapbl_find_log_start(struct mount *mp, struct vnode *vp, off_t logsize,
daddr_t *addr, daddr_t *indir_addr, size_t *size)
{
struct ufsmount *ump = VFSTOUFS(mp);
struct fs *fs = ump->um_fs;
struct vnode *devvp = ump->um_devvp;
struct cg *cgp;
struct buf *bp;
uint8_t *blksfree;
daddr_t blkno, best_addr, start_addr;
daddr_t desired_blks, min_desired_blks;
daddr_t freeblks, best_blks;
int bpcg, cg, error, fixedsize, indir_blks, n, s;
const int needswap = UFS_FSNEEDSWAP(fs);
/*
* If a specific size wasn't requested, allow for a smaller log
* if we're really tight for space...
*/
min_desired_blks = desired_blks;
if (!fixedsize)
min_desired_blks = desired_blks / 4;
/* Look at number of blocks per CG. If it's too small, bail early. */
bpcg = ffs_fragstoblks(fs, fs->fs_fpg);
if (min_desired_blks > bpcg) {
printf("%s: %s: cylinder group size of %" PRId64 " MB "
" is not big enough for journal\n", __func__, fs->fs_fsmnt,
ffs_lblktosize(fs, bpcg) / (1024 * 1024));
goto bad;
}
/*
* Start with the middle cylinder group, and search outwards in
* both directions until we either find the requested log size
* or reach the start/end of the file system. If we reach the
* start/end without finding enough space for the full requested
* log size, use the largest extent found if it is large enough
* to satisfy the our minimum size.
*
* XXX
* Can we just use the cluster contigsum stuff (esp on UFS2)
* here to simplify this search code?
*/
best_addr = 0;
best_blks = 0;
for (cg = fs->fs_ncg / 2, s = 0, n = 1;
best_blks < desired_blks && cg >= 0 && cg < fs->fs_ncg;
s++, n = -n, cg += n * s) {
DPRINTF("check cg %d of %d\n", cg, fs->fs_ncg);
error = bread(devvp, FFS_FSBTODB(fs, cgtod(fs, cg)),
fs->fs_cgsize, 0, &bp);
if (error) {
continue;
}
cgp = (struct cg *)bp->b_data;
if (!cg_chkmagic(cgp, UFS_FSNEEDSWAP(fs))) {
brelse(bp, 0);
continue;
}
blksfree = cg_blksfree(cgp, needswap);
for (blkno = 0; blkno < bpcg;) {
/* look for next free block */
/* XXX use scanc() and fragtbl[] here? */
for (; blkno < bpcg - min_desired_blks; blkno++)
if (ffs_isblock(fs, blksfree, blkno))
break;
/* past end of search space in this CG? */
if (blkno >= bpcg - min_desired_blks)
break;
/* count how many free blocks in this extent */
start_addr = blkno;
for (freeblks = 0; blkno < bpcg; blkno++, freeblks++)
if (!ffs_isblock(fs, blksfree, blkno))
break;
