2 * Copyright (c) 2000-2006 Silicon Graphics, Inc.
5 * This program is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU General Public License as
7 * published by the Free Software Foundation.
9 * This program is distributed in the hope that it would be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write the Free Software Foundation,
16 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 #include "xfs_types.h"
24 #include "xfs_trans.h"
28 #include "xfs_dmapi.h"
29 #include "xfs_mount.h"
30 #include "xfs_bmap_btree.h"
31 #include "xfs_alloc_btree.h"
32 #include "xfs_ialloc_btree.h"
33 #include "xfs_dir2_sf.h"
34 #include "xfs_attr_sf.h"
35 #include "xfs_dinode.h"
36 #include "xfs_inode.h"
37 #include "xfs_inode_item.h"
38 #include "xfs_itable.h"
39 #include "xfs_btree.h"
40 #include "xfs_alloc.h"
41 #include "xfs_ialloc.h"
44 #include "xfs_error.h"
45 #include "xfs_buf_item.h"
49 * This is a subroutine for xfs_write() and other writers (xfs_ioctl)
50 * which clears the setuid and setgid bits when a file is written.
53 xfs_write_clear_setuid(
61 tp = xfs_trans_alloc(mp, XFS_TRANS_WRITEID);
62 if ((error = xfs_trans_reserve(tp, 0,
63 XFS_WRITEID_LOG_RES(mp),
65 xfs_trans_cancel(tp, 0);
68 xfs_ilock(ip, XFS_ILOCK_EXCL);
69 xfs_trans_ijoin(tp, ip, XFS_ILOCK_EXCL);
70 xfs_trans_ihold(tp, ip);
71 ip->i_d.di_mode &= ~S_ISUID;
74 * Note that we don't have to worry about mandatory
75 * file locking being disabled here because we only
76 * clear the S_ISGID bit if the Group execute bit is
77 * on, but if it was on then mandatory locking wouldn't
80 if (ip->i_d.di_mode & S_IXGRP) {
81 ip->i_d.di_mode &= ~S_ISGID;
83 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
84 xfs_trans_set_sync(tp);
85 error = xfs_trans_commit(tp, 0);
86 xfs_iunlock(ip, XFS_ILOCK_EXCL);
91 * Handle logging requirements of various synchronous types of write.
94 xfs_write_sync_logforce(
101 * If we're treating this as O_DSYNC and we have not updated the
102 * size, force the log.
104 if (!(mp->m_flags & XFS_MOUNT_OSYNCISOSYNC) &&
105 !(ip->i_update_size)) {
106 xfs_inode_log_item_t *iip = ip->i_itemp;
109 * If an allocation transaction occurred
110 * without extending the size, then we have to force
111 * the log up the proper point to ensure that the
112 * allocation is permanent. We can't count on
113 * the fact that buffered writes lock out direct I/O
114 * writes - the direct I/O write could have extended
115 * the size nontransactionally, then finished before
116 * we started. xfs_write_file will think that the file
117 * didn't grow but the update isn't safe unless the
118 * size change is logged.
120 * Force the log if we've committed a transaction
121 * against the inode or if someone else has and
122 * the commit record hasn't gone to disk (e.g.
123 * the inode is pinned). This guarantees that
124 * all changes affecting the inode are permanent
127 if (iip && iip->ili_last_lsn) {
128 error = _xfs_log_force(mp, iip->ili_last_lsn,
129 XFS_LOG_FORCE | XFS_LOG_SYNC, NULL);
130 } else if (xfs_ipincount(ip) > 0) {
131 error = _xfs_log_force(mp, (xfs_lsn_t)0,
132 XFS_LOG_FORCE | XFS_LOG_SYNC, NULL);
139 * O_SYNC or O_DSYNC _with_ a size update are handled
142 * If the write was synchronous then we need to make
143 * sure that the inode modification time is permanent.
144 * We'll have updated the timestamp above, so here
145 * we use a synchronous transaction to log the inode.
146 * It's not fast, but it's necessary.
148 * If this a dsync write and the size got changed
149 * non-transactionally, then we need to ensure that
150 * the size change gets logged in a synchronous
153 tp = xfs_trans_alloc(mp, XFS_TRANS_WRITE_SYNC);
154 if ((error = xfs_trans_reserve(tp, 0,
155 XFS_SWRITE_LOG_RES(mp),
157 /* Transaction reserve failed */
158 xfs_trans_cancel(tp, 0);
160 /* Transaction reserve successful */
161 xfs_ilock(ip, XFS_ILOCK_EXCL);
162 xfs_trans_ijoin(tp, ip, XFS_ILOCK_EXCL);
163 xfs_trans_ihold(tp, ip);
164 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
165 xfs_trans_set_sync(tp);
166 error = xfs_trans_commit(tp, 0);
167 xfs_iunlock(ip, XFS_ILOCK_EXCL);
175 * Force a shutdown of the filesystem instantly while keeping
176 * the filesystem consistent. We don't do an unmount here; just shutdown
177 * the shop, make sure that absolutely nothing persistent happens to
178 * this filesystem after this point.
181 xfs_do_force_shutdown(
189 logerror = flags & SHUTDOWN_LOG_IO_ERROR;
191 if (!(flags & SHUTDOWN_FORCE_UMOUNT)) {
192 cmn_err(CE_NOTE, "xfs_force_shutdown(%s,0x%x) called from "
193 "line %d of file %s. Return address = 0x%p",
194 mp->m_fsname, flags, lnnum, fname, __return_address);
197 * No need to duplicate efforts.
199 if (XFS_FORCED_SHUTDOWN(mp) && !logerror)
203 * This flags XFS_MOUNT_FS_SHUTDOWN, makes sure that we don't
204 * queue up anybody new on the log reservations, and wakes up
205 * everybody who's sleeping on log reservations to tell them
208 if (xfs_log_force_umount(mp, logerror))
211 if (flags & SHUTDOWN_CORRUPT_INCORE) {
212 xfs_cmn_err(XFS_PTAG_SHUTDOWN_CORRUPT, CE_ALERT, mp,
213 "Corruption of in-memory data detected. Shutting down filesystem: %s",
215 if (XFS_ERRLEVEL_HIGH <= xfs_error_level) {
218 } else if (!(flags & SHUTDOWN_FORCE_UMOUNT)) {
220 xfs_cmn_err(XFS_PTAG_SHUTDOWN_LOGERROR, CE_ALERT, mp,
221 "Log I/O Error Detected. Shutting down filesystem: %s",
223 } else if (flags & SHUTDOWN_DEVICE_REQ) {
224 xfs_cmn_err(XFS_PTAG_SHUTDOWN_IOERROR, CE_ALERT, mp,
225 "All device paths lost. Shutting down filesystem: %s",
227 } else if (!(flags & SHUTDOWN_REMOTE_REQ)) {
228 xfs_cmn_err(XFS_PTAG_SHUTDOWN_IOERROR, CE_ALERT, mp,
229 "I/O Error Detected. Shutting down filesystem: %s",
233 if (!(flags & SHUTDOWN_FORCE_UMOUNT)) {
234 cmn_err(CE_ALERT, "Please umount the filesystem, "
235 "and rectify the problem(s)");
241 * Called when we want to stop a buffer from getting written or read.
242 * We attach the EIO error, muck with its flags, and call biodone
243 * so that the proper iodone callbacks get called.
251 ASSERT(XFS_BUF_ISREAD(bp) || bp->b_iodone);
255 * No need to wait until the buffer is unpinned.
256 * We aren't flushing it.
258 xfs_buftrace("XFS IOERROR", bp);
259 XFS_BUF_ERROR(bp, EIO);
261 * We're calling biodone, so delete B_DONE flag. Either way
262 * we have to call the iodone callback, and calling biodone
263 * probably is the best way since it takes care of
267 XFS_BUF_UNDELAYWRITE(bp);
271 XFS_BUF_CLR_BDSTRAT_FUNC(bp);
278 * Same as xfs_bioerror, except that we are releasing the buffer
279 * here ourselves, and avoiding the biodone call.
280 * This is meant for userdata errors; metadata bufs come with
281 * iodone functions attached, so that we can track down errors.
289 ASSERT(XFS_BUF_IODONE_FUNC(bp) != xfs_buf_iodone_callbacks);
290 ASSERT(XFS_BUF_IODONE_FUNC(bp) != xlog_iodone);
292 xfs_buftrace("XFS IOERRELSE", bp);
293 fl = XFS_BUF_BFLAGS(bp);
295 * No need to wait until the buffer is unpinned.
296 * We aren't flushing it.
298 * chunkhold expects B_DONE to be set, whether
299 * we actually finish the I/O or not. We don't want to
300 * change that interface.
303 XFS_BUF_UNDELAYWRITE(bp);
306 XFS_BUF_CLR_IODONE_FUNC(bp);
307 XFS_BUF_CLR_BDSTRAT_FUNC(bp);
308 if (!(fl & XFS_B_ASYNC)) {
310 * Mark b_error and B_ERROR _both_.
311 * Lot's of chunkcache code assumes that.
312 * There's no reason to mark error for
315 XFS_BUF_ERROR(bp, EIO);
316 XFS_BUF_FINISH_IOWAIT(bp);
324 * Prints out an ALERT message about I/O error.
329 struct xfs_mount *mp,
334 "I/O error in filesystem (\"%s\") meta-data dev %s block 0x%llx"
335 " (\"%s\") error %d buf count %zd",
336 (!mp || !mp->m_fsname) ? "(fs name not set)" : mp->m_fsname,
337 XFS_BUFTARG_NAME(XFS_BUF_TARGET(bp)),
338 (__uint64_t)blkno, func,
339 XFS_BUF_GETERROR(bp), XFS_BUF_COUNT(bp));
343 * This isn't an absolute requirement, but it is
344 * just a good idea to call xfs_read_buf instead of
345 * directly doing a read_buf call. For one, we shouldn't
346 * be doing this disk read if we are in SHUTDOWN state anyway,
347 * so this stops that from happening. Secondly, this does all
348 * the error checking stuff and the brelse if appropriate for
349 * the caller, so the code can be a little leaner.
354 struct xfs_mount *mp,
355 xfs_buftarg_t *target,
365 bp = xfs_buf_read_flags(target, blkno, len, flags);
367 bp = xfs_buf_read(target, blkno, len, flags);
369 return XFS_ERROR(EIO);
370 error = XFS_BUF_GETERROR(bp);
371 if (bp && !error && !XFS_FORCED_SHUTDOWN(mp)) {
376 xfs_ioerror_alert("xfs_read_buf", mp, bp, XFS_BUF_ADDR(bp));
378 error = XFS_ERROR(EIO);
382 XFS_BUF_UNDELAYWRITE(bp);
385 * brelse clears B_ERROR and b_error
394 * Wrapper around bwrite() so that we can trap
395 * write errors, and act accordingly.
399 struct xfs_mount *mp,
405 * XXXsup how does this work for quotas.
407 XFS_BUF_SET_BDSTRAT_FUNC(bp, xfs_bdstrat_cb);
411 if ((error = XFS_bwrite(bp))) {
414 * Cannot put a buftrace here since if the buffer is not
415 * B_HOLD then we will brelse() the buffer before returning
416 * from bwrite and we could be tracing a buffer that has
419 xfs_force_shutdown(mp, SHUTDOWN_META_IO_ERROR);