Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | The text below describes the locking rules for VFS-related methods. |
2 | It is (believed to be) up-to-date. *Please*, if you change anything in | |
3 | prototypes or locking protocols - update this file. And update the relevant | |
4 | instances in the tree, don't leave that to maintainers of filesystems/devices/ | |
5 | etc. At the very least, put the list of dubious cases in the end of this file. | |
6 | Don't turn it into log - maintainers of out-of-the-tree code are supposed to | |
7 | be able to use diff(1). | |
8 | Thing currently missing here: socket operations. Alexey? | |
9 | ||
10 | --------------------------- dentry_operations -------------------------- | |
11 | prototypes: | |
12 | int (*d_revalidate)(struct dentry *, int); | |
13 | int (*d_hash) (struct dentry *, struct qstr *); | |
14 | int (*d_compare) (struct dentry *, struct qstr *, struct qstr *); | |
15 | int (*d_delete)(struct dentry *); | |
16 | void (*d_release)(struct dentry *); | |
17 | void (*d_iput)(struct dentry *, struct inode *); | |
c23fbb6b | 18 | char *(*d_dname)((struct dentry *dentry, char *buffer, int buflen); |
1da177e4 LT |
19 | |
20 | locking rules: | |
21 | none have BKL | |
22 | dcache_lock rename_lock ->d_lock may block | |
23 | d_revalidate: no no no yes | |
24 | d_hash no no no yes | |
25 | d_compare: no yes no no | |
26 | d_delete: yes no yes no | |
27 | d_release: no no no yes | |
28 | d_iput: no no no yes | |
c23fbb6b | 29 | d_dname: no no no no |
1da177e4 LT |
30 | |
31 | --------------------------- inode_operations --------------------------- | |
32 | prototypes: | |
33 | int (*create) (struct inode *,struct dentry *,int, struct nameidata *); | |
34 | struct dentry * (*lookup) (struct inode *,struct dentry *, struct nameid | |
35 | ata *); | |
36 | int (*link) (struct dentry *,struct inode *,struct dentry *); | |
37 | int (*unlink) (struct inode *,struct dentry *); | |
38 | int (*symlink) (struct inode *,struct dentry *,const char *); | |
39 | int (*mkdir) (struct inode *,struct dentry *,int); | |
40 | int (*rmdir) (struct inode *,struct dentry *); | |
41 | int (*mknod) (struct inode *,struct dentry *,int,dev_t); | |
42 | int (*rename) (struct inode *, struct dentry *, | |
43 | struct inode *, struct dentry *); | |
44 | int (*readlink) (struct dentry *, char __user *,int); | |
45 | int (*follow_link) (struct dentry *, struct nameidata *); | |
46 | void (*truncate) (struct inode *); | |
47 | int (*permission) (struct inode *, int, struct nameidata *); | |
48 | int (*setattr) (struct dentry *, struct iattr *); | |
49 | int (*getattr) (struct vfsmount *, struct dentry *, struct kstat *); | |
50 | int (*setxattr) (struct dentry *, const char *,const void *,size_t,int); | |
51 | ssize_t (*getxattr) (struct dentry *, const char *, void *, size_t); | |
52 | ssize_t (*listxattr) (struct dentry *, char *, size_t); | |
53 | int (*removexattr) (struct dentry *, const char *); | |
54 | ||
55 | locking rules: | |
56 | all may block, none have BKL | |
a7bc02f4 | 57 | i_mutex(inode) |
1da177e4 LT |
58 | lookup: yes |
59 | create: yes | |
60 | link: yes (both) | |
61 | mknod: yes | |
62 | symlink: yes | |
63 | mkdir: yes | |
64 | unlink: yes (both) | |
65 | rmdir: yes (both) (see below) | |
66 | rename: yes (all) (see below) | |
67 | readlink: no | |
68 | follow_link: no | |
69 | truncate: yes (see below) | |
70 | setattr: yes | |
71 | permission: no | |
72 | getattr: no | |
73 | setxattr: yes | |
74 | getxattr: no | |
75 | listxattr: no | |
76 | removexattr: yes | |
a7bc02f4 | 77 | Additionally, ->rmdir(), ->unlink() and ->rename() have ->i_mutex on |
1da177e4 LT |
78 | victim. |
79 | cross-directory ->rename() has (per-superblock) ->s_vfs_rename_sem. | |
80 | ->truncate() is never called directly - it's a callback, not a | |
81 | method. It's called by vmtruncate() - library function normally used by | |
82 | ->setattr(). Locking information above applies to that call (i.e. is | |
83 | inherited from ->setattr() - vmtruncate() is used when ATTR_SIZE had been | |
84 | passed). | |
85 | ||
86 | See Documentation/filesystems/directory-locking for more detailed discussion | |
87 | of the locking scheme for directory operations. | |
88 | ||
89 | --------------------------- super_operations --------------------------- | |
90 | prototypes: | |
91 | struct inode *(*alloc_inode)(struct super_block *sb); | |
92 | void (*destroy_inode)(struct inode *); | |
1da177e4 LT |
93 | void (*dirty_inode) (struct inode *); |
94 | int (*write_inode) (struct inode *, int); | |
336fb3b9 AV |
95 | int (*drop_inode) (struct inode *); |
96 | void (*evict_inode) (struct inode *); | |
1da177e4 LT |
97 | void (*put_super) (struct super_block *); |
98 | void (*write_super) (struct super_block *); | |
99 | int (*sync_fs)(struct super_block *sb, int wait); | |
c4be0c1d TS |
100 | int (*freeze_fs) (struct super_block *); |
101 | int (*unfreeze_fs) (struct super_block *); | |
726c3342 | 102 | int (*statfs) (struct dentry *, struct kstatfs *); |
1da177e4 | 103 | int (*remount_fs) (struct super_block *, int *, char *); |
1da177e4 LT |
104 | void (*umount_begin) (struct super_block *); |
105 | int (*show_options)(struct seq_file *, struct vfsmount *); | |
106 | ssize_t (*quota_read)(struct super_block *, int, char *, size_t, loff_t); | |
107 | ssize_t (*quota_write)(struct super_block *, int, const char *, size_t, loff_t); | |
108 | ||
109 | locking rules: | |
336fb3b9 | 110 | All may block [not true, see below] |
7e325d3a CH |
111 | None have BKL |
112 | s_umount | |
113 | alloc_inode: | |
114 | destroy_inode: | |
115 | dirty_inode: (must not sleep) | |
116 | write_inode: | |
117 | drop_inode: !!!inode_lock!!! | |
336fb3b9 | 118 | evict_inode: |
7e325d3a CH |
119 | put_super: write |
120 | write_super: read | |
121 | sync_fs: read | |
122 | freeze_fs: read | |
123 | unfreeze_fs: read | |
336fb3b9 AV |
124 | statfs: maybe(read) (see below) |
125 | remount_fs: write | |
7e325d3a CH |
126 | umount_begin: no |
127 | show_options: no (namespace_sem) | |
128 | quota_read: no (see below) | |
129 | quota_write: no (see below) | |
1da177e4 | 130 | |
336fb3b9 AV |
131 | ->statfs() has s_umount (shared) when called by ustat(2) (native or |
132 | compat), but that's an accident of bad API; s_umount is used to pin | |
133 | the superblock down when we only have dev_t given us by userland to | |
134 | identify the superblock. Everything else (statfs(), fstatfs(), etc.) | |
135 | doesn't hold it when calling ->statfs() - superblock is pinned down | |
136 | by resolving the pathname passed to syscall. | |
1da177e4 LT |
137 | ->quota_read() and ->quota_write() functions are both guaranteed to |
138 | be the only ones operating on the quota file by the quota code (via | |
139 | dqio_sem) (unless an admin really wants to screw up something and | |
140 | writes to quota files with quotas on). For other details about locking | |
141 | see also dquot_operations section. | |
142 | ||
143 | --------------------------- file_system_type --------------------------- | |
144 | prototypes: | |
5d8b2ebf JC |
145 | int (*get_sb) (struct file_system_type *, int, |
146 | const char *, void *, struct vfsmount *); | |
1da177e4 LT |
147 | void (*kill_sb) (struct super_block *); |
148 | locking rules: | |
149 | may block BKL | |
adaae721 CH |
150 | get_sb yes no |
151 | kill_sb yes no | |
1da177e4 | 152 | |
454e2398 DH |
153 | ->get_sb() returns error or 0 with locked superblock attached to the vfsmount |
154 | (exclusive on ->s_umount). | |
1da177e4 LT |
155 | ->kill_sb() takes a write-locked superblock, does all shutdown work on it, |
156 | unlocks and drops the reference. | |
157 | ||
158 | --------------------------- address_space_operations -------------------------- | |
159 | prototypes: | |
160 | int (*writepage)(struct page *page, struct writeback_control *wbc); | |
161 | int (*readpage)(struct file *, struct page *); | |
162 | int (*sync_page)(struct page *); | |
163 | int (*writepages)(struct address_space *, struct writeback_control *); | |
164 | int (*set_page_dirty)(struct page *page); | |
165 | int (*readpages)(struct file *filp, struct address_space *mapping, | |
166 | struct list_head *pages, unsigned nr_pages); | |
4e02ed4b NP |
167 | int (*write_begin)(struct file *, struct address_space *mapping, |
168 | loff_t pos, unsigned len, unsigned flags, | |
169 | struct page **pagep, void **fsdata); | |
170 | int (*write_end)(struct file *, struct address_space *mapping, | |
171 | loff_t pos, unsigned len, unsigned copied, | |
172 | struct page *page, void *fsdata); | |
1da177e4 LT |
173 | sector_t (*bmap)(struct address_space *, sector_t); |
174 | int (*invalidatepage) (struct page *, unsigned long); | |
175 | int (*releasepage) (struct page *, int); | |
176 | int (*direct_IO)(int, struct kiocb *, const struct iovec *iov, | |
177 | loff_t offset, unsigned long nr_segs); | |
e3db7691 | 178 | int (*launder_page) (struct page *); |
1da177e4 LT |
179 | |
180 | locking rules: | |
181 | All except set_page_dirty may block | |
182 | ||
ca0dbd86 | 183 | BKL PageLocked(page) i_mutex |
1da177e4 LT |
184 | writepage: no yes, unlocks (see below) |
185 | readpage: no yes, unlocks | |
186 | sync_page: no maybe | |
187 | writepages: no | |
188 | set_page_dirty no no | |
189 | readpages: no | |
afddba49 NP |
190 | write_begin: no locks the page yes |
191 | write_end: no yes, unlocks yes | |
192 | perform_write: no n/a yes | |
fe36adf4 | 193 | bmap: no |
1da177e4 LT |
194 | invalidatepage: no yes |
195 | releasepage: no yes | |
196 | direct_IO: no | |
e3db7691 | 197 | launder_page: no yes |
1da177e4 | 198 | |
4e02ed4b | 199 | ->write_begin(), ->write_end(), ->sync_page() and ->readpage() |
1da177e4 LT |
200 | may be called from the request handler (/dev/loop). |
201 | ||
202 | ->readpage() unlocks the page, either synchronously or via I/O | |
203 | completion. | |
204 | ||
205 | ->readpages() populates the pagecache with the passed pages and starts | |
206 | I/O against them. They come unlocked upon I/O completion. | |
207 | ||
208 | ->writepage() is used for two purposes: for "memory cleansing" and for | |
209 | "sync". These are quite different operations and the behaviour may differ | |
210 | depending upon the mode. | |
211 | ||
212 | If writepage is called for sync (wbc->sync_mode != WBC_SYNC_NONE) then | |
213 | it *must* start I/O against the page, even if that would involve | |
214 | blocking on in-progress I/O. | |
215 | ||
216 | If writepage is called for memory cleansing (sync_mode == | |
217 | WBC_SYNC_NONE) then its role is to get as much writeout underway as | |
218 | possible. So writepage should try to avoid blocking against | |
219 | currently-in-progress I/O. | |
220 | ||
221 | If the filesystem is not called for "sync" and it determines that it | |
222 | would need to block against in-progress I/O to be able to start new I/O | |
223 | against the page the filesystem should redirty the page with | |
224 | redirty_page_for_writepage(), then unlock the page and return zero. | |
225 | This may also be done to avoid internal deadlocks, but rarely. | |
226 | ||
3a4fa0a2 | 227 | If the filesystem is called for sync then it must wait on any |
1da177e4 LT |
228 | in-progress I/O and then start new I/O. |
229 | ||
2054606a ND |
230 | The filesystem should unlock the page synchronously, before returning to the |
231 | caller, unless ->writepage() returns special WRITEPAGE_ACTIVATE | |
232 | value. WRITEPAGE_ACTIVATE means that page cannot really be written out | |
233 | currently, and VM should stop calling ->writepage() on this page for some | |
234 | time. VM does this by moving page to the head of the active list, hence the | |
235 | name. | |
1da177e4 LT |
236 | |
237 | Unless the filesystem is going to redirty_page_for_writepage(), unlock the page | |
238 | and return zero, writepage *must* run set_page_writeback() against the page, | |
239 | followed by unlocking it. Once set_page_writeback() has been run against the | |
240 | page, write I/O can be submitted and the write I/O completion handler must run | |
241 | end_page_writeback() once the I/O is complete. If no I/O is submitted, the | |
242 | filesystem must run end_page_writeback() against the page before returning from | |
243 | writepage. | |
244 | ||
245 | That is: after 2.5.12, pages which are under writeout are *not* locked. Note, | |
246 | if the filesystem needs the page to be locked during writeout, that is ok, too, | |
247 | the page is allowed to be unlocked at any point in time between the calls to | |
248 | set_page_writeback() and end_page_writeback(). | |
249 | ||
250 | Note, failure to run either redirty_page_for_writepage() or the combination of | |
251 | set_page_writeback()/end_page_writeback() on a page submitted to writepage | |
252 | will leave the page itself marked clean but it will be tagged as dirty in the | |
253 | radix tree. This incoherency can lead to all sorts of hard-to-debug problems | |
254 | in the filesystem like having dirty inodes at umount and losing written data. | |
255 | ||
256 | ->sync_page() locking rules are not well-defined - usually it is called | |
257 | with lock on page, but that is not guaranteed. Considering the currently | |
258 | existing instances of this method ->sync_page() itself doesn't look | |
259 | well-defined... | |
260 | ||
261 | ->writepages() is used for periodic writeback and for syscall-initiated | |
262 | sync operations. The address_space should start I/O against at least | |
263 | *nr_to_write pages. *nr_to_write must be decremented for each page which is | |
264 | written. The address_space implementation may write more (or less) pages | |
265 | than *nr_to_write asks for, but it should try to be reasonably close. If | |
266 | nr_to_write is NULL, all dirty pages must be written. | |
267 | ||
268 | writepages should _only_ write pages which are present on | |
269 | mapping->io_pages. | |
270 | ||
271 | ->set_page_dirty() is called from various places in the kernel | |
272 | when the target page is marked as needing writeback. It may be called | |
273 | under spinlock (it cannot block) and is sometimes called with the page | |
274 | not locked. | |
275 | ||
276 | ->bmap() is currently used by legacy ioctl() (FIBMAP) provided by some | |
277 | filesystems and by the swapper. The latter will eventually go away. All | |
278 | instances do not actually need the BKL. Please, keep it that way and don't | |
279 | breed new callers. | |
280 | ||
281 | ->invalidatepage() is called when the filesystem must attempt to drop | |
282 | some or all of the buffers from the page when it is being truncated. It | |
283 | returns zero on success. If ->invalidatepage is zero, the kernel uses | |
284 | block_invalidatepage() instead. | |
285 | ||
286 | ->releasepage() is called when the kernel is about to try to drop the | |
287 | buffers from the page in preparation for freeing it. It returns zero to | |
288 | indicate that the buffers are (or may be) freeable. If ->releasepage is zero, | |
289 | the kernel assumes that the fs has no private interest in the buffers. | |
290 | ||
e3db7691 TM |
291 | ->launder_page() may be called prior to releasing a page if |
292 | it is still found to be dirty. It returns zero if the page was successfully | |
293 | cleaned, or an error value if not. Note that in order to prevent the page | |
294 | getting mapped back in and redirtied, it needs to be kept locked | |
295 | across the entire operation. | |
296 | ||
1da177e4 LT |
297 | Note: currently almost all instances of address_space methods are |
298 | using BKL for internal serialization and that's one of the worst sources | |
299 | of contention. Normally they are calling library functions (in fs/buffer.c) | |
300 | and pass foo_get_block() as a callback (on local block-based filesystems, | |
301 | indeed). BKL is not needed for library stuff and is usually taken by | |
302 | foo_get_block(). It's an overkill, since block bitmaps can be protected by | |
303 | internal fs locking and real critical areas are much smaller than the areas | |
304 | filesystems protect now. | |
305 | ||
306 | ----------------------- file_lock_operations ------------------------------ | |
307 | prototypes: | |
308 | void (*fl_insert)(struct file_lock *); /* lock insertion callback */ | |
309 | void (*fl_remove)(struct file_lock *); /* lock removal callback */ | |
310 | void (*fl_copy_lock)(struct file_lock *, struct file_lock *); | |
311 | void (*fl_release_private)(struct file_lock *); | |
312 | ||
313 | ||
314 | locking rules: | |
315 | BKL may block | |
316 | fl_insert: yes no | |
317 | fl_remove: yes no | |
318 | fl_copy_lock: yes no | |
319 | fl_release_private: yes yes | |
320 | ||
321 | ----------------------- lock_manager_operations --------------------------- | |
322 | prototypes: | |
323 | int (*fl_compare_owner)(struct file_lock *, struct file_lock *); | |
324 | void (*fl_notify)(struct file_lock *); /* unblock callback */ | |
325 | void (*fl_copy_lock)(struct file_lock *, struct file_lock *); | |
326 | void (*fl_release_private)(struct file_lock *); | |
327 | void (*fl_break)(struct file_lock *); /* break_lease callback */ | |
328 | ||
329 | locking rules: | |
330 | BKL may block | |
331 | fl_compare_owner: yes no | |
332 | fl_notify: yes no | |
333 | fl_copy_lock: yes no | |
334 | fl_release_private: yes yes | |
335 | fl_break: yes no | |
336 | ||
337 | Currently only NFSD and NLM provide instances of this class. None of the | |
338 | them block. If you have out-of-tree instances - please, show up. Locking | |
339 | in that area will change. | |
340 | --------------------------- buffer_head ----------------------------------- | |
341 | prototypes: | |
342 | void (*b_end_io)(struct buffer_head *bh, int uptodate); | |
343 | ||
344 | locking rules: | |
345 | called from interrupts. In other words, extreme care is needed here. | |
346 | bh is locked, but that's all warranties we have here. Currently only RAID1, | |
347 | highmem, fs/buffer.c, and fs/ntfs/aops.c are providing these. Block devices | |
348 | call this method upon the IO completion. | |
349 | ||
350 | --------------------------- block_device_operations ----------------------- | |
351 | prototypes: | |
e1455d1b CH |
352 | int (*open) (struct block_device *, fmode_t); |
353 | int (*release) (struct gendisk *, fmode_t); | |
354 | int (*ioctl) (struct block_device *, fmode_t, unsigned, unsigned long); | |
355 | int (*compat_ioctl) (struct block_device *, fmode_t, unsigned, unsigned long); | |
356 | int (*direct_access) (struct block_device *, sector_t, void **, unsigned long *); | |
1da177e4 | 357 | int (*media_changed) (struct gendisk *); |
e1455d1b | 358 | void (*unlock_native_capacity) (struct gendisk *); |
1da177e4 | 359 | int (*revalidate_disk) (struct gendisk *); |
e1455d1b CH |
360 | int (*getgeo)(struct block_device *, struct hd_geometry *); |
361 | void (*swap_slot_free_notify) (struct block_device *, unsigned long); | |
1da177e4 LT |
362 | |
363 | locking rules: | |
e1455d1b CH |
364 | BKL bd_mutex |
365 | open: no yes | |
366 | release: no yes | |
367 | ioctl: no no | |
368 | compat_ioctl: no no | |
369 | direct_access: no no | |
1da177e4 | 370 | media_changed: no no |
e1455d1b | 371 | unlock_native_capacity: no no |
1da177e4 | 372 | revalidate_disk: no no |
e1455d1b CH |
373 | getgeo: no no |
374 | swap_slot_free_notify: no no (see below) | |
375 | ||
376 | media_changed, unlock_native_capacity and revalidate_disk are called only from | |
377 | check_disk_change(). | |
378 | ||
379 | swap_slot_free_notify is called with swap_lock and sometimes the page lock | |
380 | held. | |
1da177e4 | 381 | |
1da177e4 LT |
382 | |
383 | --------------------------- file_operations ------------------------------- | |
384 | prototypes: | |
385 | loff_t (*llseek) (struct file *, loff_t, int); | |
386 | ssize_t (*read) (struct file *, char __user *, size_t, loff_t *); | |
1da177e4 | 387 | ssize_t (*write) (struct file *, const char __user *, size_t, loff_t *); |
027445c3 BP |
388 | ssize_t (*aio_read) (struct kiocb *, const struct iovec *, unsigned long, loff_t); |
389 | ssize_t (*aio_write) (struct kiocb *, const struct iovec *, unsigned long, loff_t); | |
1da177e4 LT |
390 | int (*readdir) (struct file *, void *, filldir_t); |
391 | unsigned int (*poll) (struct file *, struct poll_table_struct *); | |
1da177e4 LT |
392 | long (*unlocked_ioctl) (struct file *, unsigned int, unsigned long); |
393 | long (*compat_ioctl) (struct file *, unsigned int, unsigned long); | |
394 | int (*mmap) (struct file *, struct vm_area_struct *); | |
395 | int (*open) (struct inode *, struct file *); | |
396 | int (*flush) (struct file *); | |
397 | int (*release) (struct inode *, struct file *); | |
7ea80859 | 398 | int (*fsync) (struct file *, int datasync); |
1da177e4 LT |
399 | int (*aio_fsync) (struct kiocb *, int datasync); |
400 | int (*fasync) (int, struct file *, int); | |
401 | int (*lock) (struct file *, int, struct file_lock *); | |
402 | ssize_t (*readv) (struct file *, const struct iovec *, unsigned long, | |
403 | loff_t *); | |
404 | ssize_t (*writev) (struct file *, const struct iovec *, unsigned long, | |
405 | loff_t *); | |
406 | ssize_t (*sendfile) (struct file *, loff_t *, size_t, read_actor_t, | |
407 | void __user *); | |
408 | ssize_t (*sendpage) (struct file *, struct page *, int, size_t, | |
409 | loff_t *, int); | |
410 | unsigned long (*get_unmapped_area)(struct file *, unsigned long, | |
411 | unsigned long, unsigned long, unsigned long); | |
412 | int (*check_flags)(int); | |
1da177e4 LT |
413 | }; |
414 | ||
415 | locking rules: | |
5f820f64 | 416 | All may block. |
1da177e4 LT |
417 | BKL |
418 | llseek: no (see below) | |
419 | read: no | |
420 | aio_read: no | |
421 | write: no | |
422 | aio_write: no | |
423 | readdir: no | |
424 | poll: no | |
b19dd42f | 425 | unlocked_ioctl: no |
1da177e4 LT |
426 | compat_ioctl: no |
427 | mmap: no | |
adaae721 | 428 | open: no |
1da177e4 LT |
429 | flush: no |
430 | release: no | |
431 | fsync: no (see below) | |
432 | aio_fsync: no | |
adaae721 | 433 | fasync: no |
1da177e4 LT |
434 | lock: yes |
435 | readv: no | |
436 | writev: no | |
437 | sendfile: no | |
438 | sendpage: no | |
439 | get_unmapped_area: no | |
440 | check_flags: no | |
1da177e4 LT |
441 | |
442 | ->llseek() locking has moved from llseek to the individual llseek | |
443 | implementations. If your fs is not using generic_file_llseek, you | |
444 | need to acquire and release the appropriate locks in your ->llseek(). | |
445 | For many filesystems, it is probably safe to acquire the inode | |
866707fc JB |
446 | mutex or just to use i_size_read() instead. |
447 | Note: this does not protect the file->f_pos against concurrent modifications | |
448 | since this is something the userspace has to take care about. | |
1da177e4 | 449 | |
1da177e4 LT |
450 | Note: ext2_release() was *the* source of contention on fs-intensive |
451 | loads and dropping BKL on ->release() helps to get rid of that (we still | |
452 | grab BKL for cases when we close a file that had been opened r/w, but that | |
453 | can and should be done using the internal locking with smaller critical areas). | |
454 | Current worst offender is ext2_get_block()... | |
455 | ||
76398425 JC |
456 | ->fasync() is called without BKL protection, and is responsible for |
457 | maintaining the FASYNC bit in filp->f_flags. Most instances call | |
458 | fasync_helper(), which does that maintenance, so it's not normally | |
459 | something one needs to worry about. Return values > 0 will be mapped to | |
460 | zero in the VFS layer. | |
1da177e4 LT |
461 | |
462 | ->readdir() and ->ioctl() on directories must be changed. Ideally we would | |
463 | move ->readdir() to inode_operations and use a separate method for directory | |
464 | ->ioctl() or kill the latter completely. One of the problems is that for | |
465 | anything that resembles union-mount we won't have a struct file for all | |
466 | components. And there are other reasons why the current interface is a mess... | |
467 | ||
1da177e4 LT |
468 | ->read on directories probably must go away - we should just enforce -EISDIR |
469 | in sys_read() and friends. | |
470 | ||
a7bc02f4 | 471 | ->fsync() has i_mutex on inode. |
1da177e4 LT |
472 | |
473 | --------------------------- dquot_operations ------------------------------- | |
474 | prototypes: | |
1da177e4 LT |
475 | int (*write_dquot) (struct dquot *); |
476 | int (*acquire_dquot) (struct dquot *); | |
477 | int (*release_dquot) (struct dquot *); | |
478 | int (*mark_dirty) (struct dquot *); | |
479 | int (*write_info) (struct super_block *, int); | |
480 | ||
481 | These operations are intended to be more or less wrapping functions that ensure | |
482 | a proper locking wrt the filesystem and call the generic quota operations. | |
483 | ||
484 | What filesystem should expect from the generic quota functions: | |
485 | ||
486 | FS recursion Held locks when called | |
1da177e4 LT |
487 | write_dquot: yes dqonoff_sem or dqptr_sem |
488 | acquire_dquot: yes dqonoff_sem or dqptr_sem | |
489 | release_dquot: yes dqonoff_sem or dqptr_sem | |
490 | mark_dirty: no - | |
491 | write_info: yes dqonoff_sem | |
492 | ||
493 | FS recursion means calling ->quota_read() and ->quota_write() from superblock | |
494 | operations. | |
495 | ||
1da177e4 LT |
496 | More details about quota locking can be found in fs/dquot.c. |
497 | ||
498 | --------------------------- vm_operations_struct ----------------------------- | |
499 | prototypes: | |
500 | void (*open)(struct vm_area_struct*); | |
501 | void (*close)(struct vm_area_struct*); | |
d0217ac0 | 502 | int (*fault)(struct vm_area_struct*, struct vm_fault *); |
c2ec175c | 503 | int (*page_mkwrite)(struct vm_area_struct *, struct vm_fault *); |
28b2ee20 | 504 | int (*access)(struct vm_area_struct *, unsigned long, void*, int, int); |
1da177e4 LT |
505 | |
506 | locking rules: | |
ed2f2f9b | 507 | BKL mmap_sem PageLocked(page) |
1da177e4 LT |
508 | open: no yes |
509 | close: no yes | |
b827e496 NP |
510 | fault: no yes can return with page locked |
511 | page_mkwrite: no yes can return with page locked | |
28b2ee20 | 512 | access: no yes |
ed2f2f9b | 513 | |
b827e496 NP |
514 | ->fault() is called when a previously not present pte is about |
515 | to be faulted in. The filesystem must find and return the page associated | |
516 | with the passed in "pgoff" in the vm_fault structure. If it is possible that | |
517 | the page may be truncated and/or invalidated, then the filesystem must lock | |
518 | the page, then ensure it is not already truncated (the page lock will block | |
519 | subsequent truncate), and then return with VM_FAULT_LOCKED, and the page | |
520 | locked. The VM will unlock the page. | |
521 | ||
522 | ->page_mkwrite() is called when a previously read-only pte is | |
523 | about to become writeable. The filesystem again must ensure that there are | |
524 | no truncate/invalidate races, and then return with the page locked. If | |
525 | the page has been truncated, the filesystem should not look up a new page | |
526 | like the ->fault() handler, but simply return with VM_FAULT_NOPAGE, which | |
527 | will cause the VM to retry the fault. | |
1da177e4 | 528 | |
28b2ee20 RR |
529 | ->access() is called when get_user_pages() fails in |
530 | acces_process_vm(), typically used to debug a process through | |
531 | /proc/pid/mem or ptrace. This function is needed only for | |
532 | VM_IO | VM_PFNMAP VMAs. | |
533 | ||
1da177e4 LT |
534 | ================================================================================ |
535 | Dubious stuff | |
536 | ||
537 | (if you break something or notice that it is broken and do not fix it yourself | |
538 | - at least put it here) | |
539 | ||
540 | ipc/shm.c::shm_delete() - may need BKL. | |
541 | ->read() and ->write() in many drivers are (probably) missing BKL. |