projects / linux-2.6-block.git / blob
? search:


324bf35ec4dd65631d75771fc77fdd70869ca26c
[linux-2.6-block.git] / drivers / block / rbd.c
1
2 /*
3    rbd.c -- Export ceph rados objects as a Linux block device
4
5
6    based on drivers/block/osdblk.c:
7
8    Copyright 2009 Red Hat, Inc.
9
10    This program is free software; you can redistribute it and/or modify
11    it under the terms of the GNU General Public License as published by
12    the Free Software Foundation.
13
14    This program is distributed in the hope that it will be useful,
15    but WITHOUT ANY WARRANTY; without even the implied warranty of
16    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17    GNU General Public License for more details.
18
19    You should have received a copy of the GNU General Public License
20    along with this program; see the file COPYING.  If not, write to
21    the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
22
23
24
25    For usage instructions, please refer to:
26
27                  Documentation/ABI/testing/sysfs-bus-rbd
28
29  */
30
31 #include <linux/ceph/libceph.h>
32 #include <linux/ceph/osd_client.h>
33 #include <linux/ceph/mon_client.h>
34 #include <linux/ceph/decode.h>
35 #include <linux/parser.h>
36 #include <linux/bsearch.h>
37
38 #include <linux/kernel.h>
39 #include <linux/device.h>
40 #include <linux/module.h>
41 #include <linux/blk-mq.h>
42 #include <linux/fs.h>
43 #include <linux/blkdev.h>
44 #include <linux/slab.h>
45 #include <linux/idr.h>
46 #include <linux/workqueue.h>
47
48 #include "rbd_types.h"
49
50 #define RBD_DEBUG       /* Activate rbd_assert() calls */
51
52 /*
53  * The basic unit of block I/O is a sector.  It is interpreted in a
54  * number of contexts in Linux (blk, bio, genhd), but the default is
55  * universally 512 bytes.  These symbols are just slightly more
56  * meaningful than the bare numbers they represent.
57  */
58 #define SECTOR_SHIFT    9
59 #define SECTOR_SIZE     (1ULL << SECTOR_SHIFT)
60
61 /*
62  * Increment the given counter and return its updated value.
63  * If the counter is already 0 it will not be incremented.
64  * If the counter is already at its maximum value returns
65  * -EINVAL without updating it.
66  */
67 static int atomic_inc_return_safe(atomic_t *v)
68 {
69         unsigned int counter;
70
71         counter = (unsigned int)__atomic_add_unless(v, 1, 0);
72         if (counter <= (unsigned int)INT_MAX)
73                 return (int)counter;
74
75         atomic_dec(v);
76
77         return -EINVAL;
78 }
79
80 /* Decrement the counter.  Return the resulting value, or -EINVAL */
81 static int atomic_dec_return_safe(atomic_t *v)
82 {
83         int counter;
84
85         counter = atomic_dec_return(v);
86         if (counter >= 0)
87                 return counter;
88
89         atomic_inc(v);
90
91         return -EINVAL;
92 }
93
94 #define RBD_DRV_NAME "rbd"
95
96 #define RBD_MINORS_PER_MAJOR            256
97 #define RBD_SINGLE_MAJOR_PART_SHIFT     4
98
99 #define RBD_SNAP_DEV_NAME_PREFIX        "snap_"
100 #define RBD_MAX_SNAP_NAME_LEN   \
101                         (NAME_MAX - (sizeof (RBD_SNAP_DEV_NAME_PREFIX) - 1))
102
103 #define RBD_MAX_SNAP_COUNT      510     /* allows max snapc to fit in 4KB */
104
105 #define RBD_SNAP_HEAD_NAME      "-"
106
107 #define BAD_SNAP_INDEX  U32_MAX         /* invalid index into snap array */
108
109 /* This allows a single page to hold an image name sent by OSD */
110 #define RBD_IMAGE_NAME_LEN_MAX  (PAGE_SIZE - sizeof (__le32) - 1)
111 #define RBD_IMAGE_ID_LEN_MAX    64
112
113 #define RBD_OBJ_PREFIX_LEN_MAX  64
114
115 /* Feature bits */
116
117 #define RBD_FEATURE_LAYERING    (1<<0)
118 #define RBD_FEATURE_STRIPINGV2  (1<<1)
119 #define RBD_FEATURES_ALL \
120             (RBD_FEATURE_LAYERING | RBD_FEATURE_STRIPINGV2)
121
122 /* Features supported by this (client software) implementation. */
123
124 #define RBD_FEATURES_SUPPORTED  (RBD_FEATURES_ALL)
125
126 /*
127  * An RBD device name will be "rbd#", where the "rbd" comes from
128  * RBD_DRV_NAME above, and # is a unique integer identifier.
129  * MAX_INT_FORMAT_WIDTH is used in ensuring DEV_NAME_LEN is big
130  * enough to hold all possible device names.
131  */
132 #define DEV_NAME_LEN            32
133 #define MAX_INT_FORMAT_WIDTH    ((5 * sizeof (int)) / 2 + 1)
134
135 /*
136  * block device image metadata (in-memory version)
137  */
138 struct rbd_image_header {
139         /* These six fields never change for a given rbd image */
140         char *object_prefix;
141         __u8 obj_order;
142         __u8 crypt_type;
143         __u8 comp_type;
144         u64 stripe_unit;
145         u64 stripe_count;
146         u64 features;           /* Might be changeable someday? */
147
148         /* The remaining fields need to be updated occasionally */
149         u64 image_size;
150         struct ceph_snap_context *snapc;
151         char *snap_names;       /* format 1 only */
152         u64 *snap_sizes;        /* format 1 only */
153 };
154
155 /*
156  * An rbd image specification.
157  *
158  * The tuple (pool_id, image_id, snap_id) is sufficient to uniquely
159  * identify an image.  Each rbd_dev structure includes a pointer to
160  * an rbd_spec structure that encapsulates this identity.
161  *
162  * Each of the id's in an rbd_spec has an associated name.  For a
163  * user-mapped image, the names are supplied and the id's associated
164  * with them are looked up.  For a layered image, a parent image is
165  * defined by the tuple, and the names are looked up.
166  *
167  * An rbd_dev structure contains a parent_spec pointer which is
168  * non-null if the image it represents is a child in a layered
169  * image.  This pointer will refer to the rbd_spec structure used
170  * by the parent rbd_dev for its own identity (i.e., the structure
171  * is shared between the parent and child).
172  *
173  * Since these structures are populated once, during the discovery
174  * phase of image construction, they are effectively immutable so
175  * we make no effort to synchronize access to them.
176  *
177  * Note that code herein does not assume the image name is known (it
178  * could be a null pointer).
179  */
180 struct rbd_spec {
181         u64             pool_id;
182         const char      *pool_name;
183
184         const char      *image_id;
185         const char      *image_name;
186
187         u64             snap_id;
188         const char      *snap_name;
189
190         struct kref     kref;
191 };
192
193 /*
194  * an instance of the client.  multiple devices may share an rbd client.
195  */
196 struct rbd_client {
197         struct ceph_client      *client;
198         struct kref             kref;
199         struct list_head        node;
200 };
201
202 struct rbd_img_request;
203 typedef void (*rbd_img_callback_t)(struct rbd_img_request *);
204
205 #define BAD_WHICH       U32_MAX         /* Good which or bad which, which? */
206
207 struct rbd_obj_request;
208 typedef void (*rbd_obj_callback_t)(struct rbd_obj_request *);
209
210 enum obj_request_type {
211         OBJ_REQUEST_NODATA, OBJ_REQUEST_BIO, OBJ_REQUEST_PAGES
212 };
213
214 enum obj_operation_type {
215         OBJ_OP_WRITE,
216         OBJ_OP_READ,
217         OBJ_OP_DISCARD,
218 };
219
220 enum obj_req_flags {
221         OBJ_REQ_DONE,           /* completion flag: not done = 0, done = 1 */
222         OBJ_REQ_IMG_DATA,       /* object usage: standalone = 0, image = 1 */
223         OBJ_REQ_KNOWN,          /* EXISTS flag valid: no = 0, yes = 1 */
224         OBJ_REQ_EXISTS,         /* target exists: no = 0, yes = 1 */
225 };
226
227 struct rbd_obj_request {
228         const char              *object_name;
229         u64                     offset;         /* object start byte */
230         u64                     length;         /* bytes from offset */
231         unsigned long           flags;
232
233         /*
234          * An object request associated with an image will have its
235          * img_data flag set; a standalone object request will not.
236          *
237          * A standalone object request will have which == BAD_WHICH
238          * and a null obj_request pointer.
239          *
240          * An object request initiated in support of a layered image
241          * object (to check for its existence before a write) will
242          * have which == BAD_WHICH and a non-null obj_request pointer.
243          *
244          * Finally, an object request for rbd image data will have
245          * which != BAD_WHICH, and will have a non-null img_request
246          * pointer.  The value of which will be in the range
247          * 0..(img_request->obj_request_count-1).
248          */
249         union {
250                 struct rbd_obj_request  *obj_request;   /* STAT op */
251                 struct {
252                         struct rbd_img_request  *img_request;
253                         u64                     img_offset;
254                         /* links for img_request->obj_requests list */
255                         struct list_head        links;
256                 };
257         };
258         u32                     which;          /* posn image request list */
259
260         enum obj_request_type   type;
261         union {
262                 struct bio      *bio_list;
263                 struct {
264                         struct page     **pages;
265                         u32             page_count;
266                 };
267         };
268         struct page             **copyup_pages;
269         u32                     copyup_page_count;
270
271         struct ceph_osd_request *osd_req;
272
273         u64                     xferred;        /* bytes transferred */
274         int                     result;
275
276         rbd_obj_callback_t      callback;
277         struct completion       completion;
278
279         struct kref             kref;
280 };
281
282 enum img_req_flags {
283         IMG_REQ_WRITE,          /* I/O direction: read = 0, write = 1 */
284         IMG_REQ_CHILD,          /* initiator: block = 0, child image = 1 */
285         IMG_REQ_LAYERED,        /* ENOENT handling: normal = 0, layered = 1 */
286         IMG_REQ_DISCARD,        /* discard: normal = 0, discard request = 1 */
287 };
288
289 struct rbd_img_request {
290         struct rbd_device       *rbd_dev;
291         u64                     offset; /* starting image byte offset */
292         u64                     length; /* byte count from offset */
293         unsigned long           flags;
294         union {
295                 u64                     snap_id;        /* for reads */
296                 struct ceph_snap_context *snapc;        /* for writes */
297         };
298         union {
299                 struct request          *rq;            /* block request */
300                 struct rbd_obj_request  *obj_request;   /* obj req initiator */
301         };
302         struct page             **copyup_pages;
303         u32                     copyup_page_count;
304         spinlock_t              completion_lock;/* protects next_completion */
305         u32                     next_completion;
306         rbd_img_callback_t      callback;
307         u64                     xferred;/* aggregate bytes transferred */
308         int                     result; /* first nonzero obj_request result */
309
310         u32                     obj_request_count;
311         struct list_head        obj_requests;   /* rbd_obj_request structs */
312
313         struct kref             kref;
314 };
315
316 #define for_each_obj_request(ireq, oreq) \
317         list_for_each_entry(oreq, &(ireq)->obj_requests, links)
318 #define for_each_obj_request_from(ireq, oreq) \
319         list_for_each_entry_from(oreq, &(ireq)->obj_requests, links)
320 #define for_each_obj_request_safe(ireq, oreq, n) \
321         list_for_each_entry_safe_reverse(oreq, n, &(ireq)->obj_requests, links)
322
323 struct rbd_mapping {
324         u64                     size;
325         u64                     features;
326         bool                    read_only;
327 };
328
329 /*
330  * a single device
331  */
332 struct rbd_device {
333         int                     dev_id;         /* blkdev unique id */
334
335         int                     major;          /* blkdev assigned major */
336         int                     minor;
337         struct gendisk          *disk;          /* blkdev's gendisk and rq */
338
339         u32                     image_format;   /* Either 1 or 2 */
340         struct rbd_client       *rbd_client;
341
342         char                    name[DEV_NAME_LEN]; /* blkdev name, e.g. rbd3 */
343
344         spinlock_t              lock;           /* queue, flags, open_count */
345
346         struct rbd_image_header header;
347         unsigned long           flags;          /* possibly lock protected */
348         struct rbd_spec         *spec;
349         struct rbd_options      *opts;
350
351         char                    *header_name;
352
353         struct ceph_file_layout layout;
354
355         struct ceph_osd_event   *watch_event;
356         struct rbd_obj_request  *watch_request;
357
358         struct rbd_spec         *parent_spec;
359         u64                     parent_overlap;
360         atomic_t                parent_ref;
361         struct rbd_device       *parent;
362
363         /* Block layer tags. */
364         struct blk_mq_tag_set   tag_set;
365
366         /* protects updating the header */
367         struct rw_semaphore     header_rwsem;
368
369         struct rbd_mapping      mapping;
370
371         struct list_head        node;
372
373         /* sysfs related */
374         struct device           dev;
375         unsigned long           open_count;     /* protected by lock */
376 };
377
378 /*
379  * Flag bits for rbd_dev->flags.  If atomicity is required,
380  * rbd_dev->lock is used to protect access.
381  *
382  * Currently, only the "removing" flag (which is coupled with the
383  * "open_count" field) requires atomic access.
384  */
385 enum rbd_dev_flags {
386         RBD_DEV_FLAG_EXISTS,    /* mapped snapshot has not been deleted */
387         RBD_DEV_FLAG_REMOVING,  /* this mapping is being removed */
388 };
389
390 static DEFINE_MUTEX(client_mutex);      /* Serialize client creation */
391
392 static LIST_HEAD(rbd_dev_list);    /* devices */
393 static DEFINE_SPINLOCK(rbd_dev_list_lock);
394
395 static LIST_HEAD(rbd_client_list);              /* clients */
396 static DEFINE_SPINLOCK(rbd_client_list_lock);
397
398 /* Slab caches for frequently-allocated structures */
399
400 static struct kmem_cache        *rbd_img_request_cache;
401 static struct kmem_cache        *rbd_obj_request_cache;
402 static struct kmem_cache        *rbd_segment_name_cache;
403
404 static int rbd_major;
405 static DEFINE_IDA(rbd_dev_id_ida);
406
407 static struct workqueue_struct *rbd_wq;
408
409 /*
410  * Default to false for now, as single-major requires >= 0.75 version of
411  * userspace rbd utility.
412  */
413 static bool single_major = false;
414 module_param(single_major, bool, S_IRUGO);
415 MODULE_PARM_DESC(single_major, "Use a single major number for all rbd devices (default: false)");
416
417 static int rbd_img_request_submit(struct rbd_img_request *img_request);
418
419 static void rbd_dev_device_release(struct device *dev);
420
421 static ssize_t rbd_add(struct bus_type *bus, const char *buf,
422                        size_t count);
423 static ssize_t rbd_remove(struct bus_type *bus, const char *buf,
424                           size_t count);
425 static ssize_t rbd_add_single_major(struct bus_type *bus, const char *buf,
426                                     size_t count);
427 static ssize_t rbd_remove_single_major(struct bus_type *bus, const char *buf,
428                                        size_t count);
429 static int rbd_dev_image_probe(struct rbd_device *rbd_dev, bool mapping);
430 static void rbd_spec_put(struct rbd_spec *spec);
431
432 static int rbd_dev_id_to_minor(int dev_id)
433 {
434         return dev_id << RBD_SINGLE_MAJOR_PART_SHIFT;
435 }
436
437 static int minor_to_rbd_dev_id(int minor)
438 {
439         return minor >> RBD_SINGLE_MAJOR_PART_SHIFT;
440 }
441
442 static BUS_ATTR(add, S_IWUSR, NULL, rbd_add);
443 static BUS_ATTR(remove, S_IWUSR, NULL, rbd_remove);
444 static BUS_ATTR(add_single_major, S_IWUSR, NULL, rbd_add_single_major);
445 static BUS_ATTR(remove_single_major, S_IWUSR, NULL, rbd_remove_single_major);
446
447 static struct attribute *rbd_bus_attrs[] = {
448         &bus_attr_add.attr,
449         &bus_attr_remove.attr,
450         &bus_attr_add_single_major.attr,
451         &bus_attr_remove_single_major.attr,
452         NULL,
453 };
454
455 static umode_t rbd_bus_is_visible(struct kobject *kobj,
456                                   struct attribute *attr, int index)
457 {
458         if (!single_major &&
459             (attr == &bus_attr_add_single_major.attr ||
460              attr == &bus_attr_remove_single_major.attr))
461                 return 0;
462
463         return attr->mode;
464 }
465
466 static const struct attribute_group rbd_bus_group = {
467         .attrs = rbd_bus_attrs,
468         .is_visible = rbd_bus_is_visible,
469 };
470 __ATTRIBUTE_GROUPS(rbd_bus);
471
472 static struct bus_type rbd_bus_type = {
473         .name           = "rbd",
474         .bus_groups     = rbd_bus_groups,
475 };
476
477 static void rbd_root_dev_release(struct device *dev)
478 {
479 }
480
481 static struct device rbd_root_dev = {
482         .init_name =    "rbd",
483         .release =      rbd_root_dev_release,
484 };
485
486 static __printf(2, 3)
487 void rbd_warn(struct rbd_device *rbd_dev, const char *fmt, ...)
488 {
489         struct va_format vaf;
490         va_list args;
491
492         va_start(args, fmt);
493         vaf.fmt = fmt;
494         vaf.va = &args;
495
496         if (!rbd_dev)
497                 printk(KERN_WARNING "%s: %pV\n", RBD_DRV_NAME, &vaf);
498         else if (rbd_dev->disk)
499                 printk(KERN_WARNING "%s: %s: %pV\n",
500                         RBD_DRV_NAME, rbd_dev->disk->disk_name, &vaf);
501         else if (rbd_dev->spec && rbd_dev->spec->image_name)
502                 printk(KERN_WARNING "%s: image %s: %pV\n",
503                         RBD_DRV_NAME, rbd_dev->spec->image_name, &vaf);
504         else if (rbd_dev->spec && rbd_dev->spec->image_id)
505                 printk(KERN_WARNING "%s: id %s: %pV\n",
506                         RBD_DRV_NAME, rbd_dev->spec->image_id, &vaf);
507         else    /* punt */
508                 printk(KERN_WARNING "%s: rbd_dev %p: %pV\n",
509                         RBD_DRV_NAME, rbd_dev, &vaf);
510         va_end(args);
511 }
512
513 #ifdef RBD_DEBUG
514 #define rbd_assert(expr)                                                \
515                 if (unlikely(!(expr))) {                                \
516                         printk(KERN_ERR "\nAssertion failure in %s() "  \
517                                                 "at line %d:\n\n"       \
518                                         "\trbd_assert(%s);\n\n",        \
519                                         __func__, __LINE__, #expr);     \
520                         BUG();                                          \
521                 }
522 #else /* !RBD_DEBUG */
523 #  define rbd_assert(expr)      ((void) 0)
524 #endif /* !RBD_DEBUG */
525
526 static void rbd_osd_copyup_callback(struct rbd_obj_request *obj_request);
527 static int rbd_img_obj_request_submit(struct rbd_obj_request *obj_request);
528 static void rbd_img_parent_read(struct rbd_obj_request *obj_request);
529 static void rbd_dev_remove_parent(struct rbd_device *rbd_dev);
530
531 static int rbd_dev_refresh(struct rbd_device *rbd_dev);
532 static int rbd_dev_v2_header_onetime(struct rbd_device *rbd_dev);
533 static int rbd_dev_header_info(struct rbd_device *rbd_dev);
534 static int rbd_dev_v2_parent_info(struct rbd_device *rbd_dev);
535 static const char *rbd_dev_v2_snap_name(struct rbd_device *rbd_dev,
536                                         u64 snap_id);
537 static int _rbd_dev_v2_snap_size(struct rbd_device *rbd_dev, u64 snap_id,
538                                 u8 *order, u64 *snap_size);
539 static int _rbd_dev_v2_snap_features(struct rbd_device *rbd_dev, u64 snap_id,
540                 u64 *snap_features);
541 static u64 rbd_snap_id_by_name(struct rbd_device *rbd_dev, const char *name);
542
543 static int rbd_open(struct block_device *bdev, fmode_t mode)
544 {
545         struct rbd_device *rbd_dev = bdev->bd_disk->private_data;
546         bool removing = false;
547
548         if ((mode & FMODE_WRITE) && rbd_dev->mapping.read_only)
549                 return -EROFS;
550
551         spin_lock_irq(&rbd_dev->lock);
552         if (test_bit(RBD_DEV_FLAG_REMOVING, &rbd_dev->flags))
553                 removing = true;
554         else
555                 rbd_dev->open_count++;
556         spin_unlock_irq(&rbd_dev->lock);
557         if (removing)
558                 return -ENOENT;
559
560         (void) get_device(&rbd_dev->dev);
561
562         return 0;
563 }
564
565 static void rbd_release(struct gendisk *disk, fmode_t mode)
566 {
567         struct rbd_device *rbd_dev = disk->private_data;
568         unsigned long open_count_before;
569
570         spin_lock_irq(&rbd_dev->lock);
571         open_count_before = rbd_dev->open_count--;
572         spin_unlock_irq(&rbd_dev->lock);
573         rbd_assert(open_count_before > 0);
574
575         put_device(&rbd_dev->dev);
576 }
577
578 static int rbd_ioctl_set_ro(struct rbd_device *rbd_dev, unsigned long arg)
579 {
580         int ret = 0;
581         int val;
582         bool ro;
583         bool ro_changed = false;
584
585         /* get_user() may sleep, so call it before taking rbd_dev->lock */
586         if (get_user(val, (int __user *)(arg)))
587                 return -EFAULT;
588
589         ro = val ? true : false;
590         /* Snapshot doesn't allow to write*/
591         if (rbd_dev->spec->snap_id != CEPH_NOSNAP && !ro)
592                 return -EROFS;
593
594         spin_lock_irq(&rbd_dev->lock);
595         /* prevent others open this device */
596         if (rbd_dev->open_count > 1) {
597                 ret = -EBUSY;
598                 goto out;
599         }
600
601         if (rbd_dev->mapping.read_only != ro) {
602                 rbd_dev->mapping.read_only = ro;
603                 ro_changed = true;
604         }
605
606 out:
607         spin_unlock_irq(&rbd_dev->lock);
608         /* set_disk_ro() may sleep, so call it after releasing rbd_dev->lock */
609         if (ret == 0 && ro_changed)
610                 set_disk_ro(rbd_dev->disk, ro ? 1 : 0);
611
612         return ret;
613 }
614
615 static int rbd_ioctl(struct block_device *bdev, fmode_t mode,
616                         unsigned int cmd, unsigned long arg)
617 {
618         struct rbd_device *rbd_dev = bdev->bd_disk->private_data;
619         int ret = 0;
620
621         switch (cmd) {
622         case BLKROSET:
623                 ret = rbd_ioctl_set_ro(rbd_dev, arg);
624                 break;
625         default:
626                 ret = -ENOTTY;
627         }
628
629         return ret;
630 }
631
632 #ifdef CONFIG_COMPAT
633 static int rbd_compat_ioctl(struct block_device *bdev, fmode_t mode,
634                                 unsigned int cmd, unsigned long arg)
635 {
636         return rbd_ioctl(bdev, mode, cmd, arg);
637 }
638 #endif /* CONFIG_COMPAT */
639
640 static const struct block_device_operations rbd_bd_ops = {
641         .owner                  = THIS_MODULE,
642         .open                   = rbd_open,
643         .release                = rbd_release,
644         .ioctl                  = rbd_ioctl,
645 #ifdef CONFIG_COMPAT
646         .compat_ioctl           = rbd_compat_ioctl,
647 #endif
648 };
649
650 /*
651  * Initialize an rbd client instance.  Success or not, this function
652  * consumes ceph_opts.  Caller holds client_mutex.
653  */
654 static struct rbd_client *rbd_client_create(struct ceph_options *ceph_opts)
655 {
656         struct rbd_client *rbdc;
657         int ret = -ENOMEM;
658
659         dout("%s:\n", __func__);
660         rbdc = kmalloc(sizeof(struct rbd_client), GFP_KERNEL);
661         if (!rbdc)
662                 goto out_opt;
663
664         kref_init(&rbdc->kref);
665         INIT_LIST_HEAD(&rbdc->node);
666
667         rbdc->client = ceph_create_client(ceph_opts, rbdc, 0, 0);
668         if (IS_ERR(rbdc->client))
669                 goto out_rbdc;
670         ceph_opts = NULL; /* Now rbdc->client is responsible for ceph_opts */
671
672         ret = ceph_open_session(rbdc->client);
673         if (ret < 0)
674                 goto out_client;
675
676         spin_lock(&rbd_client_list_lock);
677         list_add_tail(&rbdc->node, &rbd_client_list);
678         spin_unlock(&rbd_client_list_lock);
679
680         dout("%s: rbdc %p\n", __func__, rbdc);
681
682         return rbdc;
683 out_client:
684         ceph_destroy_client(rbdc->client);
685 out_rbdc:
686         kfree(rbdc);
687 out_opt:
688         if (ceph_opts)
689                 ceph_destroy_options(ceph_opts);
690         dout("%s: error %d\n", __func__, ret);
691
692         return ERR_PTR(ret);
693 }
694
695 static struct rbd_client *__rbd_get_client(struct rbd_client *rbdc)
696 {
697         kref_get(&rbdc->kref);
698
699         return rbdc;
700 }
701
702 /*
703  * Find a ceph client with specific addr and configuration.  If
704  * found, bump its reference count.
705  */
706 static struct rbd_client *rbd_client_find(struct ceph_options *ceph_opts)
707 {
708         struct rbd_client *client_node;
709         bool found = false;
710
711         if (ceph_opts->flags & CEPH_OPT_NOSHARE)
712                 return NULL;
713
714         spin_lock(&rbd_client_list_lock);
715         list_for_each_entry(client_node, &rbd_client_list, node) {
716                 if (!ceph_compare_options(ceph_opts, client_node->client)) {
717                         __rbd_get_client(client_node);
718
719                         found = true;
720                         break;
721                 }
722         }
723         spin_unlock(&rbd_client_list_lock);
724
725         return found ? client_node : NULL;
726 }
727
728 /*
729  * (Per device) rbd map options
730  */
731 enum {
732         Opt_queue_depth,
733         Opt_last_int,
734         /* int args above */
735         Opt_last_string,
736         /* string args above */
737         Opt_read_only,
738         Opt_read_write,
739         Opt_err
740 };
741
742 static match_table_t rbd_opts_tokens = {
743         {Opt_queue_depth, "queue_depth=%d"},
744         /* int args above */
745         /* string args above */
746         {Opt_read_only, "read_only"},
747         {Opt_read_only, "ro"},          /* Alternate spelling */
748         {Opt_read_write, "read_write"},
749         {Opt_read_write, "rw"},         /* Alternate spelling */
750         {Opt_err, NULL}
751 };
752
753 struct rbd_options {
754         int     queue_depth;
755         bool    read_only;
756 };
757
758 #define RBD_QUEUE_DEPTH_DEFAULT BLKDEV_MAX_RQ
759 #define RBD_READ_ONLY_DEFAULT   false
760
761 static int parse_rbd_opts_token(char *c, void *private)
762 {
763         struct rbd_options *rbd_opts = private;
764         substring_t argstr[MAX_OPT_ARGS];
765         int token, intval, ret;
766
767         token = match_token(c, rbd_opts_tokens, argstr);
768         if (token < Opt_last_int) {
769                 ret = match_int(&argstr[0], &intval);
770                 if (ret < 0) {
771                         pr_err("bad mount option arg (not int) at '%s'\n", c);
772                         return ret;
773                 }
774                 dout("got int token %d val %d\n", token, intval);
775         } else if (token > Opt_last_int && token < Opt_last_string) {
776                 dout("got string token %d val %s\n", token, argstr[0].from);
777         } else {
778                 dout("got token %d\n", token);
779         }
780
781         switch (token) {
782         case Opt_queue_depth:
783                 if (intval < 1) {
784                         pr_err("queue_depth out of range\n");
785                         return -EINVAL;
786                 }
787                 rbd_opts->queue_depth = intval;
788                 break;
789         case Opt_read_only:
790                 rbd_opts->read_only = true;
791                 break;
792         case Opt_read_write:
793                 rbd_opts->read_only = false;
794                 break;
795         default:
796                 /* libceph prints "bad option" msg */
797                 return -EINVAL;
798         }
799
800         return 0;
801 }
802
803 static char* obj_op_name(enum obj_operation_type op_type)
804 {
805         switch (op_type) {
806         case OBJ_OP_READ:
807                 return "read";
808         case OBJ_OP_WRITE:
809                 return "write";
810         case OBJ_OP_DISCARD:
811                 return "discard";
812         default:
813                 return "???";
814         }
815 }
816
817 /*
818  * Get a ceph client with specific addr and configuration, if one does
819  * not exist create it.  Either way, ceph_opts is consumed by this
820  * function.
821  */
822 static struct rbd_client *rbd_get_client(struct ceph_options *ceph_opts)
823 {
824         struct rbd_client *rbdc;
825
826         mutex_lock_nested(&client_mutex, SINGLE_DEPTH_NESTING);
827         rbdc = rbd_client_find(ceph_opts);
828         if (rbdc)       /* using an existing client */
829                 ceph_destroy_options(ceph_opts);
830         else
831                 rbdc = rbd_client_create(ceph_opts);
832         mutex_unlock(&client_mutex);
833
834         return rbdc;
835 }
836
837 /*
838  * Destroy ceph client
839  *
840  * Caller must hold rbd_client_list_lock.
841  */
842 static void rbd_client_release(struct kref *kref)
843 {
844         struct rbd_client *rbdc = container_of(kref, struct rbd_client, kref);
845
846         dout("%s: rbdc %p\n", __func__, rbdc);
847         spin_lock(&rbd_client_list_lock);
848         list_del(&rbdc->node);
849         spin_unlock(&rbd_client_list_lock);
850
851         ceph_destroy_client(rbdc->client);
852         kfree(rbdc);
853 }
854
855 /*
856  * Drop reference to ceph client node. If it's not referenced anymore, release
857  * it.
858  */
859 static void rbd_put_client(struct rbd_client *rbdc)
860 {
861         if (rbdc)
862                 kref_put(&rbdc->kref, rbd_client_release);
863 }
864
865 static bool rbd_image_format_valid(u32 image_format)
866 {
867         return image_format == 1 || image_format == 2;
868 }
869
870 static bool rbd_dev_ondisk_valid(struct rbd_image_header_ondisk *ondisk)
871 {
872         size_t size;
873         u32 snap_count;
874
875         /* The header has to start with the magic rbd header text */
876         if (memcmp(&ondisk->text, RBD_HEADER_TEXT, sizeof (RBD_HEADER_TEXT)))
877                 return false;
878
879         /* The bio layer requires at least sector-sized I/O */
880
881         if (ondisk->options.order < SECTOR_SHIFT)
882                 return false;
883
884         /* If we use u64 in a few spots we may be able to loosen this */
885
886         if (ondisk->options.order > 8 * sizeof (int) - 1)
887                 return false;
888
889         /*
890          * The size of a snapshot header has to fit in a size_t, and
891          * that limits the number of snapshots.
892          */
893         snap_count = le32_to_cpu(ondisk->snap_count);
894         size = SIZE_MAX - sizeof (struct ceph_snap_context);
895         if (snap_count > size / sizeof (__le64))
896                 return false;
897
898         /*
899          * Not only that, but the size of the entire the snapshot
900          * header must also be representable in a size_t.
901          */
902         size -= snap_count * sizeof (__le64);
903         if ((u64) size < le64_to_cpu(ondisk->snap_names_len))
904                 return false;
905
906         return true;
907 }
908
909 /*
910  * Fill an rbd image header with information from the given format 1
911  * on-disk header.
912  */
913 static int rbd_header_from_disk(struct rbd_device *rbd_dev,
914                                  struct rbd_image_header_ondisk *ondisk)
915 {
916         struct rbd_image_header *header = &rbd_dev->header;
917         bool first_time = header->object_prefix == NULL;
918         struct ceph_snap_context *snapc;
919         char *object_prefix = NULL;
920         char *snap_names = NULL;
921         u64 *snap_sizes = NULL;
922         u32 snap_count;
923         size_t size;
924         int ret = -ENOMEM;
925         u32 i;
926
927         /* Allocate this now to avoid having to handle failure below */
928
929         if (first_time) {
930                 size_t len;
931
932                 len = strnlen(ondisk->object_prefix,
933                                 sizeof (ondisk->object_prefix));
934                 object_prefix = kmalloc(len + 1, GFP_KERNEL);
935                 if (!object_prefix)
936                         return -ENOMEM;
937                 memcpy(object_prefix, ondisk->object_prefix, len);
938                 object_prefix[len] = '\0';
939         }
940
941         /* Allocate the snapshot context and fill it in */
942
943         snap_count = le32_to_cpu(ondisk->snap_count);
944         snapc = ceph_create_snap_context(snap_count, GFP_KERNEL);
945         if (!snapc)
946                 goto out_err;
947         snapc->seq = le64_to_cpu(ondisk->snap_seq);
948         if (snap_count) {
949                 struct rbd_image_snap_ondisk *snaps;
950                 u64 snap_names_len = le64_to_cpu(ondisk->snap_names_len);
951
952                 /* We'll keep a copy of the snapshot names... */
953
954                 if (snap_names_len > (u64)SIZE_MAX)
955                         goto out_2big;
956                 snap_names = kmalloc(snap_names_len, GFP_KERNEL);
957                 if (!snap_names)
958                         goto out_err;
959
960                 /* ...as well as the array of their sizes. */
961
962                 size = snap_count * sizeof (*header->snap_sizes);
963                 snap_sizes = kmalloc(size, GFP_KERNEL);
964                 if (!snap_sizes)
965                         goto out_err;
966
967                 /*
968                  * Copy the names, and fill in each snapshot's id
969                  * and size.
970                  *
971                  * Note that rbd_dev_v1_header_info() guarantees the
972                  * ondisk buffer we're working with has
973                  * snap_names_len bytes beyond the end of the
974                  * snapshot id array, this memcpy() is safe.
975                  */
976                 memcpy(snap_names, &ondisk->snaps[snap_count], snap_names_len);
977                 snaps = ondisk->snaps;
978                 for (i = 0; i < snap_count; i++) {
979                         snapc->snaps[i] = le64_to_cpu(snaps[i].id);
980                         snap_sizes[i] = le64_to_cpu(snaps[i].image_size);
981                 }
982         }
983
984         /* We won't fail any more, fill in the header */
985
986         if (first_time) {
987                 header->object_prefix = object_prefix;
988                 header->obj_order = ondisk->options.order;
989                 header->crypt_type = ondisk->options.crypt_type;
990                 header->comp_type = ondisk->options.comp_type;
991                 /* The rest aren't used for format 1 images */
992                 header->stripe_unit = 0;
993                 header->stripe_count = 0;
994                 header->features = 0;
995         } else {
996                 ceph_put_snap_context(header->snapc);
997                 kfree(header->snap_names);
998                 kfree(header->snap_sizes);
999         }
1000
1001         /* The remaining fields always get updated (when we refresh) */
1002
1003         header->image_size = le64_to_cpu(ondisk->image_size);
1004         header->snapc = snapc;
1005         header->snap_names = snap_names;
1006         header->snap_sizes = snap_sizes;
1007
1008         return 0;
1009 out_2big:
1010         ret = -EIO;
1011 out_err:
1012         kfree(snap_sizes);
1013         kfree(snap_names);
1014         ceph_put_snap_context(snapc);
1015         kfree(object_prefix);
1016
1017         return ret;
1018 }
1019
1020 static const char *_rbd_dev_v1_snap_name(struct rbd_device *rbd_dev, u32 which)
1021 {
1022         const char *snap_name;
1023
1024         rbd_assert(which < rbd_dev->header.snapc->num_snaps);
1025
1026         /* Skip over names until we find the one we are looking for */
1027
1028         snap_name = rbd_dev->header.snap_names;
1029         while (which--)
1030                 snap_name += strlen(snap_name) + 1;
1031
1032         return kstrdup(snap_name, GFP_KERNEL);
1033 }
1034
1035 /*
1036  * Snapshot id comparison function for use with qsort()/bsearch().
1037  * Note that result is for snapshots in *descending* order.
1038  */
1039 static int snapid_compare_reverse(const void *s1, const void *s2)
1040 {
1041         u64 snap_id1 = *(u64 *)s1;
1042         u64 snap_id2 = *(u64 *)s2;
1043
1044         if (snap_id1 < snap_id2)
1045                 return 1;
1046         return snap_id1 == snap_id2 ? 0 : -1;
1047 }
1048
1049 /*
1050  * Search a snapshot context to see if the given snapshot id is
1051  * present.
1052  *
1053  * Returns the position of the snapshot id in the array if it's found,
1054  * or BAD_SNAP_INDEX otherwise.
1055  *
1056  * Note: The snapshot array is in kept sorted (by the osd) in
1057  * reverse order, highest snapshot id first.
1058  */
1059 static u32 rbd_dev_snap_index(struct rbd_device *rbd_dev, u64 snap_id)
1060 {
1061         struct ceph_snap_context *snapc = rbd_dev->header.snapc;
1062         u64 *found;
1063
1064         found = bsearch(&snap_id, &snapc->snaps, snapc->num_snaps,
1065                                 sizeof (snap_id), snapid_compare_reverse);
1066
1067         return found ? (u32)(found - &snapc->snaps[0]) : BAD_SNAP_INDEX;
1068 }
1069
1070 static const char *rbd_dev_v1_snap_name(struct rbd_device *rbd_dev,
1071                                         u64 snap_id)
1072 {
1073         u32 which;
1074         const char *snap_name;
1075
1076         which = rbd_dev_snap_index(rbd_dev, snap_id);
1077         if (which == BAD_SNAP_INDEX)
1078                 return ERR_PTR(-ENOENT);
1079
1080         snap_name = _rbd_dev_v1_snap_name(rbd_dev, which);
1081         return snap_name ? snap_name : ERR_PTR(-ENOMEM);
1082 }
1083
1084 static const char *rbd_snap_name(struct rbd_device *rbd_dev, u64 snap_id)
1085 {
1086         if (snap_id == CEPH_NOSNAP)
1087                 return RBD_SNAP_HEAD_NAME;
1088
1089         rbd_assert(rbd_image_format_valid(rbd_dev->image_format));
1090         if (rbd_dev->image_format == 1)
1091                 return rbd_dev_v1_snap_name(rbd_dev, snap_id);
1092
1093         return rbd_dev_v2_snap_name(rbd_dev, snap_id);
1094 }
1095
1096 static int rbd_snap_size(struct rbd_device *rbd_dev, u64 snap_id,
1097                                 u64 *snap_size)
1098 {
1099         rbd_assert(rbd_image_format_valid(rbd_dev->image_format));
1100         if (snap_id == CEPH_NOSNAP) {
1101                 *snap_size = rbd_dev->header.image_size;
1102         } else if (rbd_dev->image_format == 1) {
1103                 u32 which;
1104
1105                 which = rbd_dev_snap_index(rbd_dev, snap_id);
1106                 if (which == BAD_SNAP_INDEX)
1107                         return -ENOENT;
1108
1109                 *snap_size = rbd_dev->header.snap_sizes[which];
1110         } else {
1111                 u64 size = 0;
1112                 int ret;
1113
1114                 ret = _rbd_dev_v2_snap_size(rbd_dev, snap_id, NULL, &size);
1115                 if (ret)
1116                         return ret;
1117
1118                 *snap_size = size;
1119         }
1120         return 0;
1121 }
1122
1123 static int rbd_snap_features(struct rbd_device *rbd_dev, u64 snap_id,
1124                         u64 *snap_features)
1125 {
1126         rbd_assert(rbd_image_format_valid(rbd_dev->image_format));
1127         if (snap_id == CEPH_NOSNAP) {
1128                 *snap_features = rbd_dev->header.features;
1129         } else if (rbd_dev->image_format == 1) {
1130                 *snap_features = 0;     /* No features for format 1 */
1131         } else {
1132                 u64 features = 0;
1133                 int ret;
1134
1135                 ret = _rbd_dev_v2_snap_features(rbd_dev, snap_id, &features);
1136                 if (ret)
1137                         return ret;
1138
1139                 *snap_features = features;
1140         }
1141         return 0;
1142 }
1143
1144 static int rbd_dev_mapping_set(struct rbd_device *rbd_dev)
1145 {
1146         u64 snap_id = rbd_dev->spec->snap_id;
1147         u64 size = 0;
1148         u64 features = 0;
1149         int ret;
1150
1151         ret = rbd_snap_size(rbd_dev, snap_id, &size);
1152         if (ret)
1153                 return ret;
1154         ret = rbd_snap_features(rbd_dev, snap_id, &features);
1155         if (ret)
1156                 return ret;
1157
1158         rbd_dev->mapping.size = size;
1159         rbd_dev->mapping.features = features;
1160
1161         return 0;
1162 }
1163
1164 static void rbd_dev_mapping_clear(struct rbd_device *rbd_dev)
1165 {
1166         rbd_dev->mapping.size = 0;
1167         rbd_dev->mapping.features = 0;
1168 }
1169
1170 static void rbd_segment_name_free(const char *name)
1171 {
1172         /* The explicit cast here is needed to drop the const qualifier */
1173
1174         kmem_cache_free(rbd_segment_name_cache, (void *)name);
1175 }
1176
1177 static const char *rbd_segment_name(struct rbd_device *rbd_dev, u64 offset)
1178 {
1179         char *name;
1180         u64 segment;
1181         int ret;
1182         char *name_format;
1183
1184         name = kmem_cache_alloc(rbd_segment_name_cache, GFP_NOIO);
1185         if (!name)
1186                 return NULL;
1187         segment = offset >> rbd_dev->header.obj_order;
1188         name_format = "%s.%012llx";
1189         if (rbd_dev->image_format == 2)
1190                 name_format = "%s.%016llx";
1191         ret = snprintf(name, CEPH_MAX_OID_NAME_LEN + 1, name_format,
1192                         rbd_dev->header.object_prefix, segment);
1193         if (ret < 0 || ret > CEPH_MAX_OID_NAME_LEN) {
1194                 pr_err("error formatting segment name for #%llu (%d)\n",
1195                         segment, ret);
1196                 rbd_segment_name_free(name);
1197                 name = NULL;
1198         }
1199
1200         return name;
1201 }
1202
1203 static u64 rbd_segment_offset(struct rbd_device *rbd_dev, u64 offset)
1204 {
1205         u64 segment_size = (u64) 1 << rbd_dev->header.obj_order;
1206
1207         return offset & (segment_size - 1);
1208 }
1209
1210 static u64 rbd_segment_length(struct rbd_device *rbd_dev,
1211                                 u64 offset, u64 length)
1212 {
1213         u64 segment_size = (u64) 1 << rbd_dev->header.obj_order;
1214
1215         offset &= segment_size - 1;
1216
1217         rbd_assert(length <= U64_MAX - offset);
1218         if (offset + length > segment_size)
1219                 length = segment_size - offset;
1220
1221         return length;
1222 }
1223
1224 /*
1225  * returns the size of an object in the image
1226  */
1227 static u64 rbd_obj_bytes(struct rbd_image_header *header)
1228 {
1229         return 1 << header->obj_order;
1230 }
1231
1232 /*
1233  * bio helpers
1234  */
1235
1236 static void bio_chain_put(struct bio *chain)
1237 {
1238         struct bio *tmp;
1239
1240         while (chain) {
1241                 tmp = chain;
1242                 chain = chain->bi_next;
1243                 bio_put(tmp);
1244         }
1245 }
1246
1247 /*
1248  * zeros a bio chain, starting at specific offset
1249  */
1250 static void zero_bio_chain(struct bio *chain, int start_ofs)
1251 {
1252         struct bio_vec bv;
1253         struct bvec_iter iter;
1254         unsigned long flags;
1255         void *buf;
1256         int pos = 0;
1257
1258         while (chain) {
1259                 bio_for_each_segment(bv, chain, iter) {
1260                         if (pos + bv.bv_len > start_ofs) {
1261                                 int remainder = max(start_ofs - pos, 0);
1262                                 buf = bvec_kmap_irq(&bv, &flags);
1263                                 memset(buf + remainder, 0,
1264                                        bv.bv_len - remainder);
1265                                 flush_dcache_page(bv.bv_page);
1266                                 bvec_kunmap_irq(buf, &flags);
1267                         }
1268                         pos += bv.bv_len;
1269                 }
1270
1271                 chain = chain->bi_next;
1272         }
1273 }
1274
1275 /*
1276  * similar to zero_bio_chain(), zeros data defined by a page array,
1277  * starting at the given byte offset from the start of the array and
1278  * continuing up to the given end offset.  The pages array is
1279  * assumed to be big enough to hold all bytes up to the end.
1280  */
1281 static void zero_pages(struct page **pages, u64 offset, u64 end)
1282 {
1283         struct page **page = &pages[offset >> PAGE_SHIFT];
1284
1285         rbd_assert(end > offset);
1286         rbd_assert(end - offset <= (u64)SIZE_MAX);
1287         while (offset < end) {
1288                 size_t page_offset;
1289                 size_t length;
1290                 unsigned long flags;
1291                 void *kaddr;
1292
1293                 page_offset = offset & ~PAGE_MASK;
1294                 length = min_t(size_t, PAGE_SIZE - page_offset, end - offset);
1295                 local_irq_save(flags);
1296                 kaddr = kmap_atomic(*page);
1297                 memset(kaddr + page_offset, 0, length);
1298                 flush_dcache_page(*page);
1299                 kunmap_atomic(kaddr);
1300                 local_irq_restore(flags);
1301
1302                 offset += length;
1303                 page++;
1304         }
1305 }
1306
1307 /*
1308  * Clone a portion of a bio, starting at the given byte offset
1309  * and continuing for the number of bytes indicated.
1310  */
1311 static struct bio *bio_clone_range(struct bio *bio_src,
1312                                         unsigned int offset,
1313                                         unsigned int len,
1314                                         gfp_t gfpmask)
1315 {
1316         struct bio *bio;
1317
1318         bio = bio_clone(bio_src, gfpmask);
1319         if (!bio)
1320                 return NULL;    /* ENOMEM */
1321
1322         bio_advance(bio, offset);
1323         bio->bi_iter.bi_size = len;
1324
1325         return bio;
1326 }
1327
1328 /*
1329  * Clone a portion of a bio chain, starting at the given byte offset
1330  * into the first bio in the source chain and continuing for the
1331  * number of bytes indicated.  The result is another bio chain of
1332  * exactly the given length, or a null pointer on error.
1333  *
1334  * The bio_src and offset parameters are both in-out.  On entry they
1335  * refer to the first source bio and the offset into that bio where
1336  * the start of data to be cloned is located.
1337  *
1338  * On return, bio_src is updated to refer to the bio in the source
1339  * chain that contains first un-cloned byte, and *offset will
1340  * contain the offset of that byte within that bio.
1341  */
1342 static struct bio *bio_chain_clone_range(struct bio **bio_src,
1343                                         unsigned int *offset,
1344                                         unsigned int len,
1345                                         gfp_t gfpmask)
1346 {
1347         struct bio *bi = *bio_src;
1348         unsigned int off = *offset;
1349         struct bio *chain = NULL;
1350         struct bio **end;
1351
1352         /* Build up a chain of clone bios up to the limit */
1353
1354         if (!bi || off >= bi->bi_iter.bi_size || !len)
1355                 return NULL;            /* Nothing to clone */
1356
1357         end = &chain;
1358         while (len) {
1359                 unsigned int bi_size;
1360                 struct bio *bio;
1361
1362                 if (!bi) {
1363                         rbd_warn(NULL, "bio_chain exhausted with %u left", len);
1364                         goto out_err;   /* EINVAL; ran out of bio's */
1365                 }
1366                 bi_size = min_t(unsigned int, bi->bi_iter.bi_size - off, len);
1367                 bio = bio_clone_range(bi, off, bi_size, gfpmask);
1368                 if (!bio)
1369                         goto out_err;   /* ENOMEM */
1370
1371                 *end = bio;
1372                 end = &bio->bi_next;
1373
1374                 off += bi_size;
1375                 if (off == bi->bi_iter.bi_size) {
1376                         bi = bi->bi_next;
1377                         off = 0;
1378                 }
1379                 len -= bi_size;
1380         }
1381         *bio_src = bi;
1382         *offset = off;
1383
1384         return chain;
1385 out_err:
1386         bio_chain_put(chain);
1387
1388         return NULL;
1389 }
1390
1391 /*
1392  * The default/initial value for all object request flags is 0.  For
1393  * each flag, once its value is set to 1 it is never reset to 0
1394  * again.
1395  */
1396 static void obj_request_img_data_set(struct rbd_obj_request *obj_request)
1397 {
1398         if (test_and_set_bit(OBJ_REQ_IMG_DATA, &obj_request->flags)) {
1399                 struct rbd_device *rbd_dev;
1400
1401                 rbd_dev = obj_request->img_request->rbd_dev;
1402                 rbd_warn(rbd_dev, "obj_request %p already marked img_data",
1403                         obj_request);
1404         }
1405 }
1406
1407 static bool obj_request_img_data_test(struct rbd_obj_request *obj_request)
1408 {
1409         smp_mb();
1410         return test_bit(OBJ_REQ_IMG_DATA, &obj_request->flags) != 0;
1411 }
1412
1413 static void obj_request_done_set(struct rbd_obj_request *obj_request)
1414 {
1415         if (test_and_set_bit(OBJ_REQ_DONE, &obj_request->flags)) {
1416                 struct rbd_device *rbd_dev = NULL;
1417
1418                 if (obj_request_img_data_test(obj_request))
1419                         rbd_dev = obj_request->img_request->rbd_dev;
1420                 rbd_warn(rbd_dev, "obj_request %p already marked done",
1421                         obj_request);
1422         }
1423 }
1424
1425 static bool obj_request_done_test(struct rbd_obj_request *obj_request)
1426 {
1427         smp_mb();
1428         return test_bit(OBJ_REQ_DONE, &obj_request->flags) != 0;
1429 }
1430
1431 /*
1432  * This sets the KNOWN flag after (possibly) setting the EXISTS
1433  * flag.  The latter is set based on the "exists" value provided.
1434  *
1435  * Note that for our purposes once an object exists it never goes
1436  * away again.  It's possible that the response from two existence
1437  * checks are separated by the creation of the target object, and
1438  * the first ("doesn't exist") response arrives *after* the second
1439  * ("does exist").  In that case we ignore the second one.
1440  */
1441 static void obj_request_existence_set(struct rbd_obj_request *obj_request,
1442                                 bool exists)
1443 {
1444         if (exists)
1445                 set_bit(OBJ_REQ_EXISTS, &obj_request->flags);
1446         set_bit(OBJ_REQ_KNOWN, &obj_request->flags);
1447         smp_mb();
1448 }
1449
1450 static bool obj_request_known_test(struct rbd_obj_request *obj_request)
1451 {
1452         smp_mb();
1453         return test_bit(OBJ_REQ_KNOWN, &obj_request->flags) != 0;
1454 }
1455
1456 static bool obj_request_exists_test(struct rbd_obj_request *obj_request)
1457 {
1458         smp_mb();
1459         return test_bit(OBJ_REQ_EXISTS, &obj_request->flags) != 0;
1460 }
1461
1462 static bool obj_request_overlaps_parent(struct rbd_obj_request *obj_request)
1463 {
1464         struct rbd_device *rbd_dev = obj_request->img_request->rbd_dev;
1465
1466         return obj_request->img_offset <
1467             round_up(rbd_dev->parent_overlap, rbd_obj_bytes(&rbd_dev->header));
1468 }
1469
1470 static void rbd_obj_request_get(struct rbd_obj_request *obj_request)
1471 {
1472         dout("%s: obj %p (was %d)\n", __func__, obj_request,
1473                 atomic_read(&obj_request->kref.refcount));
1474         kref_get(&obj_request->kref);
1475 }
1476
1477 static void rbd_obj_request_destroy(struct kref *kref);
1478 static void rbd_obj_request_put(struct rbd_obj_request *obj_request)
1479 {
1480         rbd_assert(obj_request != NULL);
1481         dout("%s: obj %p (was %d)\n", __func__, obj_request,
1482                 atomic_read(&obj_request->kref.refcount));
1483         kref_put(&obj_request->kref, rbd_obj_request_destroy);
1484 }
1485
1486 static void rbd_img_request_get(struct rbd_img_request *img_request)
1487 {
1488         dout("%s: img %p (was %d)\n", __func__, img_request,
1489              atomic_read(&img_request->kref.refcount));
1490         kref_get(&img_request->kref);
1491 }
1492
1493 static bool img_request_child_test(struct rbd_img_request *img_request);
1494 static void rbd_parent_request_destroy(struct kref *kref);
1495 static void rbd_img_request_destroy(struct kref *kref);
1496 static void rbd_img_request_put(struct rbd_img_request *img_request)
1497 {
1498         rbd_assert(img_request != NULL);
1499         dout("%s: img %p (was %d)\n", __func__, img_request,
1500                 atomic_read(&img_request->kref.refcount));
1501         if (img_request_child_test(img_request))
1502                 kref_put(&img_request->kref, rbd_parent_request_destroy);
1503         else
1504                 kref_put(&img_request->kref, rbd_img_request_destroy);
1505 }
1506
1507 static inline void rbd_img_obj_request_add(struct rbd_img_request *img_request,
1508                                         struct rbd_obj_request *obj_request)
1509 {
1510         rbd_assert(obj_request->img_request == NULL);
1511
1512         /* Image request now owns object's original reference */
1513         obj_request->img_request = img_request;
1514         obj_request->which = img_request->obj_request_count;
1515         rbd_assert(!obj_request_img_data_test(obj_request));
1516         obj_request_img_data_set(obj_request);
1517         rbd_assert(obj_request->which != BAD_WHICH);
1518         img_request->obj_request_count++;
1519         list_add_tail(&obj_request->links, &img_request->obj_requests);
1520         dout("%s: img %p obj %p w=%u\n", __func__, img_request, obj_request,
1521                 obj_request->which);
1522 }
1523
1524 static inline void rbd_img_obj_request_del(struct rbd_img_request *img_request,
1525                                         struct rbd_obj_request *obj_request)
1526 {
1527         rbd_assert(obj_request->which != BAD_WHICH);
1528
1529         dout("%s: img %p obj %p w=%u\n", __func__, img_request, obj_request,
1530                 obj_request->which);
1531         list_del(&obj_request->links);
1532         rbd_assert(img_request->obj_request_count > 0);
1533         img_request->obj_request_count--;
1534         rbd_assert(obj_request->which == img_request->obj_request_count);
1535         obj_request->which = BAD_WHICH;
1536         rbd_assert(obj_request_img_data_test(obj_request));
1537         rbd_assert(obj_request->img_request == img_request);
1538         obj_request->img_request = NULL;
1539         obj_request->callback = NULL;
1540         rbd_obj_request_put(obj_request);
1541 }
1542
1543 static bool obj_request_type_valid(enum obj_request_type type)
1544 {
1545         switch (type) {
1546         case OBJ_REQUEST_NODATA:
1547         case OBJ_REQUEST_BIO:
1548         case OBJ_REQUEST_PAGES:
1549                 return true;
1550         default:
1551                 return false;
1552         }
1553 }
1554
1555 static int rbd_obj_request_submit(struct ceph_osd_client *osdc,
1556                                 struct rbd_obj_request *obj_request)
1557 {
1558         dout("%s %p\n", __func__, obj_request);
1559         return ceph_osdc_start_request(osdc, obj_request->osd_req, false);
1560 }
1561
1562 static void rbd_obj_request_end(struct rbd_obj_request *obj_request)
1563 {
1564         dout("%s %p\n", __func__, obj_request);
1565         ceph_osdc_cancel_request(obj_request->osd_req);
1566 }
1567
1568 /*
1569  * Wait for an object request to complete.  If interrupted, cancel the
1570  * underlying osd request.
1571  *
1572  * @timeout: in jiffies, 0 means "wait forever"
1573  */
1574 static int __rbd_obj_request_wait(struct rbd_obj_request *obj_request,
1575                                   unsigned long timeout)
1576 {
1577         long ret;
1578
1579         dout("%s %p\n", __func__, obj_request);
1580         ret = wait_for_completion_interruptible_timeout(
1581                                         &obj_request->completion,
1582                                         ceph_timeout_jiffies(timeout));
1583         if (ret <= 0) {
1584                 if (ret == 0)
1585                         ret = -ETIMEDOUT;
1586                 rbd_obj_request_end(obj_request);
1587         } else {
1588                 ret = 0;
1589         }
1590
1591         dout("%s %p ret %d\n", __func__, obj_request, (int)ret);
1592         return ret;
1593 }
1594
1595 static int rbd_obj_request_wait(struct rbd_obj_request *obj_request)
1596 {
1597         return __rbd_obj_request_wait(obj_request, 0);
1598 }
1599
1600 static int rbd_obj_request_wait_timeout(struct rbd_obj_request *obj_request,
1601                                         unsigned long timeout)
1602 {
1603         return __rbd_obj_request_wait(obj_request, timeout);
1604 }
1605
1606 static void rbd_img_request_complete(struct rbd_img_request *img_request)
1607 {
1608
1609         dout("%s: img %p\n", __func__, img_request);
1610
1611         /*
1612          * If no error occurred, compute the aggregate transfer
1613          * count for the image request.  We could instead use
1614          * atomic64_cmpxchg() to update it as each object request
1615          * completes; not clear which way is better off hand.
1616          */
1617         if (!img_request->result) {
1618                 struct rbd_obj_request *obj_request;
1619                 u64 xferred = 0;
1620
1621                 for_each_obj_request(img_request, obj_request)
1622                         xferred += obj_request->xferred;
1623                 img_request->xferred = xferred;
1624         }
1625
1626         if (img_request->callback)
1627                 img_request->callback(img_request);
1628         else
1629                 rbd_img_request_put(img_request);
1630 }
1631
1632 /*
1633  * The default/initial value for all image request flags is 0.  Each
1634  * is conditionally set to 1 at image request initialization time
1635  * and currently never change thereafter.
1636  */
1637 static void img_request_write_set(struct rbd_img_request *img_request)
1638 {
1639         set_bit(IMG_REQ_WRITE, &img_request->flags);
1640         smp_mb();
1641 }
1642
1643 static bool img_request_write_test(struct rbd_img_request *img_request)
1644 {
1645         smp_mb();
1646         return test_bit(IMG_REQ_WRITE, &img_request->flags) != 0;
1647 }
1648
1649 /*
1650  * Set the discard flag when the img_request is an discard request
1651  */
1652 static void img_request_discard_set(struct rbd_img_request *img_request)
1653 {
1654         set_bit(IMG_REQ_DISCARD, &img_request->flags);
1655         smp_mb();
1656 }
1657
1658 static bool img_request_discard_test(struct rbd_img_request *img_request)
1659 {
1660         smp_mb();
1661         return test_bit(IMG_REQ_DISCARD, &img_request->flags) != 0;
1662 }
1663
1664 static void img_request_child_set(struct rbd_img_request *img_request)
1665 {
1666         set_bit(IMG_REQ_CHILD, &img_request->flags);
1667         smp_mb();
1668 }
1669
1670 static void img_request_child_clear(struct rbd_img_request *img_request)
1671 {
1672         clear_bit(IMG_REQ_CHILD, &img_request->flags);
1673         smp_mb();
1674 }
1675
1676 static bool img_request_child_test(struct rbd_img_request *img_request)
1677 {
1678         smp_mb();
1679         return test_bit(IMG_REQ_CHILD, &img_request->flags) != 0;
1680 }
1681
1682 static void img_request_layered_set(struct rbd_img_request *img_request)
1683 {
1684         set_bit(IMG_REQ_LAYERED, &img_request->flags);
1685         smp_mb();
1686 }
1687
1688 static void img_request_layered_clear(struct rbd_img_request *img_request)
1689 {
1690         clear_bit(IMG_REQ_LAYERED, &img_request->flags);
1691         smp_mb();
1692 }
1693
1694 static bool img_request_layered_test(struct rbd_img_request *img_request)
1695 {
1696         smp_mb();
1697         return test_bit(IMG_REQ_LAYERED, &img_request->flags) != 0;
1698 }
1699
1700 static enum obj_operation_type
1701 rbd_img_request_op_type(struct rbd_img_request *img_request)
1702 {
1703         if (img_request_write_test(img_request))
1704                 return OBJ_OP_WRITE;
1705         else if (img_request_discard_test(img_request))
1706                 return OBJ_OP_DISCARD;
1707         else
1708                 return OBJ_OP_READ;
1709 }
1710
1711 static void
1712 rbd_img_obj_request_read_callback(struct rbd_obj_request *obj_request)
1713 {
1714         u64 xferred = obj_request->xferred;
1715         u64 length = obj_request->length;
1716
1717         dout("%s: obj %p img %p result %d %llu/%llu\n", __func__,
1718                 obj_request, obj_request->img_request, obj_request->result,
1719                 xferred, length);
1720         /*
1721          * ENOENT means a hole in the image.  We zero-fill the entire
1722          * length of the request.  A short read also implies zero-fill
1723          * to the end of the request.  An error requires the whole
1724          * length of the request to be reported finished with an error
1725          * to the block layer.  In each case we update the xferred
1726          * count to indicate the whole request was satisfied.
1727          */
1728         rbd_assert(obj_request->type != OBJ_REQUEST_NODATA);
1729         if (obj_request->result == -ENOENT) {
1730                 if (obj_request->type == OBJ_REQUEST_BIO)
1731                         zero_bio_chain(obj_request->bio_list, 0);
1732                 else
1733                         zero_pages(obj_request->pages, 0, length);
1734                 obj_request->result = 0;
1735         } else if (xferred < length && !obj_request->result) {
1736                 if (obj_request->type == OBJ_REQUEST_BIO)
1737                         zero_bio_chain(obj_request->bio_list, xferred);
1738                 else
1739                         zero_pages(obj_request->pages, xferred, length);
1740         }
1741         obj_request->xferred = length;
1742         obj_request_done_set(obj_request);
1743 }
1744
1745 static void rbd_obj_request_complete(struct rbd_obj_request *obj_request)
1746 {
1747         dout("%s: obj %p cb %p\n", __func__, obj_request,
1748                 obj_request->callback);
1749         if (obj_request->callback)
1750                 obj_request->callback(obj_request);
1751         else
1752                 complete_all(&obj_request->completion);
1753 }
1754
1755 static void rbd_osd_trivial_callback(struct rbd_obj_request *obj_request)
1756 {
1757         dout("%s: obj %p\n", __func__, obj_request);
1758         obj_request_done_set(obj_request);
1759 }
1760
1761 static void rbd_osd_read_callback(struct rbd_obj_request *obj_request)
1762 {
1763         struct rbd_img_request *img_request = NULL;
1764         struct rbd_device *rbd_dev = NULL;
1765         bool layered = false;
1766
1767         if (obj_request_img_data_test(obj_request)) {
1768                 img_request = obj_request->img_request;
1769                 layered = img_request && img_request_layered_test(img_request);
1770                 rbd_dev = img_request->rbd_dev;
1771         }
1772
1773         dout("%s: obj %p img %p result %d %llu/%llu\n", __func__,
1774                 obj_request, img_request, obj_request->result,
1775                 obj_request->xferred, obj_request->length);
1776         if (layered && obj_request->result == -ENOENT &&
1777                         obj_request->img_offset < rbd_dev->parent_overlap)
1778                 rbd_img_parent_read(obj_request);
1779         else if (img_request)
1780                 rbd_img_obj_request_read_callback(obj_request);
1781         else
1782                 obj_request_done_set(obj_request);
1783 }
1784
1785 static void rbd_osd_write_callback(struct rbd_obj_request *obj_request)
1786 {
1787         dout("%s: obj %p result %d %llu\n", __func__, obj_request,
1788                 obj_request->result, obj_request->length);
1789         /*
1790          * There is no such thing as a successful short write.  Set
1791          * it to our originally-requested length.
1792          */
1793         obj_request->xferred = obj_request->length;
1794         obj_request_done_set(obj_request);
1795 }
1796
1797 static void rbd_osd_discard_callback(struct rbd_obj_request *obj_request)
1798 {
1799         dout("%s: obj %p result %d %llu\n", __func__, obj_request,
1800                 obj_request->result, obj_request->length);
1801         /*
1802          * There is no such thing as a successful short discard.  Set
1803          * it to our originally-requested length.
1804          */
1805         obj_request->xferred = obj_request->length;
1806         /* discarding a non-existent object is not a problem */
1807         if (obj_request->result == -ENOENT)
1808                 obj_request->result = 0;
1809         obj_request_done_set(obj_request);
1810 }
1811
1812 /*
1813  * For a simple stat call there's nothing to do.  We'll do more if
1814  * this is part of a write sequence for a layered image.
1815  */
1816 static void rbd_osd_stat_callback(struct rbd_obj_request *obj_request)
1817 {
1818         dout("%s: obj %p\n", __func__, obj_request);
1819         obj_request_done_set(obj_request);
1820 }
1821
1822 static void rbd_osd_call_callback(struct rbd_obj_request *obj_request)
1823 {
1824         dout("%s: obj %p\n", __func__, obj_request);
1825
1826         if (obj_request_img_data_test(obj_request))
1827                 rbd_osd_copyup_callback(obj_request);
1828         else
1829                 obj_request_done_set(obj_request);
1830 }
1831
1832 static void rbd_osd_req_callback(struct ceph_osd_request *osd_req,
1833                                 struct ceph_msg *msg)
1834 {
1835         struct rbd_obj_request *obj_request = osd_req->r_priv;
1836         u16 opcode;
1837
1838         dout("%s: osd_req %p msg %p\n", __func__, osd_req, msg);
1839         rbd_assert(osd_req == obj_request->osd_req);
1840         if (obj_request_img_data_test(obj_request)) {
1841                 rbd_assert(obj_request->img_request);
1842                 rbd_assert(obj_request->which != BAD_WHICH);
1843         } else {
1844                 rbd_assert(obj_request->which == BAD_WHICH);
1845         }
1846
1847         if (osd_req->r_result < 0)
1848                 obj_request->result = osd_req->r_result;
1849
1850         rbd_assert(osd_req->r_num_ops <= CEPH_OSD_MAX_OP);
1851
1852         /*
1853          * We support a 64-bit length, but ultimately it has to be
1854          * passed to the block layer, which just supports a 32-bit
1855          * length field.
1856          */
1857         obj_request->xferred = osd_req->r_reply_op_len[0];
1858         rbd_assert(obj_request->xferred < (u64)UINT_MAX);
1859
1860         opcode = osd_req->r_ops[0].op;
1861         switch (opcode) {
1862         case CEPH_OSD_OP_READ:
1863                 rbd_osd_read_callback(obj_request);
1864                 break;
1865         case CEPH_OSD_OP_SETALLOCHINT:
1866                 rbd_assert(osd_req->r_ops[1].op == CEPH_OSD_OP_WRITE);
1867                 /* fall through */
1868         case CEPH_OSD_OP_WRITE:
1869                 rbd_osd_write_callback(obj_request);
1870                 break;
1871         case CEPH_OSD_OP_STAT:
1872                 rbd_osd_stat_callback(obj_request);
1873                 break;
1874         case CEPH_OSD_OP_DELETE:
1875         case CEPH_OSD_OP_TRUNCATE:
1876         case CEPH_OSD_OP_ZERO:
1877                 rbd_osd_discard_callback(obj_request);
1878                 break;
1879         case CEPH_OSD_OP_CALL:
1880                 rbd_osd_call_callback(obj_request);
1881                 break;
1882         case CEPH_OSD_OP_NOTIFY_ACK:
1883         case CEPH_OSD_OP_WATCH:
1884                 rbd_osd_trivial_callback(obj_request);
1885                 break;
1886         default:
1887                 rbd_warn(NULL, "%s: unsupported op %hu",
1888                         obj_request->object_name, (unsigned short) opcode);
1889                 break;
1890         }
1891
1892         if (obj_request_done_test(obj_request))
1893                 rbd_obj_request_complete(obj_request);
1894 }
1895
1896 static void rbd_osd_req_format_read(struct rbd_obj_request *obj_request)
1897 {
1898         struct rbd_img_request *img_request = obj_request->img_request;
1899         struct ceph_osd_request *osd_req = obj_request->osd_req;
1900         u64 snap_id;
1901
1902         rbd_assert(osd_req != NULL);
1903
1904         snap_id = img_request ? img_request->snap_id : CEPH_NOSNAP;
1905         ceph_osdc_build_request(osd_req, obj_request->offset,
1906                         NULL, snap_id, NULL);
1907 }
1908
1909 static void rbd_osd_req_format_write(struct rbd_obj_request *obj_request)
1910 {
1911         struct rbd_img_request *img_request = obj_request->img_request;
1912         struct ceph_osd_request *osd_req = obj_request->osd_req;
1913         struct ceph_snap_context *snapc;
1914         struct timespec mtime = CURRENT_TIME;
1915
1916         rbd_assert(osd_req != NULL);
1917
1918         snapc = img_request ? img_request->snapc : NULL;
1919         ceph_osdc_build_request(osd_req, obj_request->offset,
1920                         snapc, CEPH_NOSNAP, &mtime);
1921 }
1922
1923 /*
1924  * Create an osd request.  A read request has one osd op (read).
1925  * A write request has either one (watch) or two (hint+write) osd ops.
1926  * (All rbd data writes are prefixed with an allocation hint op, but
1927  * technically osd watch is a write request, hence this distinction.)
1928  */
1929 static struct ceph_osd_request *rbd_osd_req_create(
1930                                         struct rbd_device *rbd_dev,
1931                                         enum obj_operation_type op_type,
1932                                         unsigned int num_ops,
1933                                         struct rbd_obj_request *obj_request)
1934 {
1935         struct ceph_snap_context *snapc = NULL;
1936         struct ceph_osd_client *osdc;
1937         struct ceph_osd_request *osd_req;
1938
1939         if (obj_request_img_data_test(obj_request) &&
1940                 (op_type == OBJ_OP_DISCARD || op_type == OBJ_OP_WRITE)) {
1941                 struct rbd_img_request *img_request = obj_request->img_request;
1942                 if (op_type == OBJ_OP_WRITE) {
1943                         rbd_assert(img_request_write_test(img_request));
1944                 } else {
1945                         rbd_assert(img_request_discard_test(img_request));
1946                 }
1947                 snapc = img_request->snapc;
1948         }
1949
1950         rbd_assert(num_ops == 1 || ((op_type == OBJ_OP_WRITE) && num_ops == 2));
1951
1952         /* Allocate and initialize the request, for the num_ops ops */
1953
1954         osdc = &rbd_dev->rbd_client->client->osdc;
1955         osd_req = ceph_osdc_alloc_request(osdc, snapc, num_ops, false,
1956                                           GFP_ATOMIC);
1957         if (!osd_req)
1958                 return NULL;    /* ENOMEM */
1959
1960         if (op_type == OBJ_OP_WRITE || op_type == OBJ_OP_DISCARD)
1961                 osd_req->r_flags = CEPH_OSD_FLAG_WRITE | CEPH_OSD_FLAG_ONDISK;
1962         else
1963                 osd_req->r_flags = CEPH_OSD_FLAG_READ;
1964
1965         osd_req->r_callback = rbd_osd_req_callback;
1966         osd_req->r_priv = obj_request;
1967
1968         osd_req->r_base_oloc.pool = ceph_file_layout_pg_pool(rbd_dev->layout);
1969         ceph_oid_set_name(&osd_req->r_base_oid, obj_request->object_name);
1970
1971         return osd_req;
1972 }
1973
1974 /*
1975  * Create a copyup osd request based on the information in the object
1976  * request supplied.  A copyup request has two or three osd ops, a
1977  * copyup method call, potentially a hint op, and a write or truncate
1978  * or zero op.
1979  */
1980 static struct ceph_osd_request *
1981 rbd_osd_req_create_copyup(struct rbd_obj_request *obj_request)
1982 {
1983         struct rbd_img_request *img_request;
1984         struct ceph_snap_context *snapc;
1985         struct rbd_device *rbd_dev;
1986         struct ceph_osd_client *osdc;
1987         struct ceph_osd_request *osd_req;
1988         int num_osd_ops = 3;
1989
1990         rbd_assert(obj_request_img_data_test(obj_request));
1991         img_request = obj_request->img_request;
1992         rbd_assert(img_request);
1993         rbd_assert(img_request_write_test(img_request) ||
1994                         img_request_discard_test(img_request));
1995
1996         if (img_request_discard_test(img_request))
1997                 num_osd_ops = 2;
1998
1999         /* Allocate and initialize the request, for all the ops */
2000
2001         snapc = img_request->snapc;
2002         rbd_dev = img_request->rbd_dev;
2003         osdc = &rbd_dev->rbd_client->client->osdc;
2004         osd_req = ceph_osdc_alloc_request(osdc, snapc, num_osd_ops,
2005                                                 false, GFP_ATOMIC);
2006         if (!osd_req)
2007                 return NULL;    /* ENOMEM */
2008
2009         osd_req->r_flags = CEPH_OSD_FLAG_WRITE | CEPH_OSD_FLAG_ONDISK;
2010         osd_req->r_callback = rbd_osd_req_callback;
2011         osd_req->r_priv = obj_request;
2012
2013         osd_req->r_base_oloc.pool = ceph_file_layout_pg_pool(rbd_dev->layout);
2014         ceph_oid_set_name(&osd_req->r_base_oid, obj_request->object_name);
2015
2016         return osd_req;
2017 }
2018
2019
2020 static void rbd_osd_req_destroy(struct ceph_osd_request *osd_req)
2021 {
2022         ceph_osdc_put_request(osd_req);
2023 }
2024
2025 /* object_name is assumed to be a non-null pointer and NUL-terminated */
2026
2027 static struct rbd_obj_request *rbd_obj_request_create(const char *object_name,
2028                                                 u64 offset, u64 length,
2029                                                 enum obj_request_type type)
2030 {
2031         struct rbd_obj_request *obj_request;
2032         size_t size;
2033         char *name;
2034
2035         rbd_assert(obj_request_type_valid(type));
2036
2037         size = strlen(object_name) + 1;
2038         name = kmalloc(size, GFP_NOIO);
2039         if (!name)
2040                 return NULL;
2041
2042         obj_request = kmem_cache_zalloc(rbd_obj_request_cache, GFP_NOIO);
2043         if (!obj_request) {
2044                 kfree(name);
2045                 return NULL;
2046         }
2047
2048         obj_request->object_name = memcpy(name, object_name, size);
2049         obj_request->offset = offset;
2050         obj_request->length = length;
2051         obj_request->flags = 0;
2052         obj_request->which = BAD_WHICH;
2053         obj_request->type = type;
2054         INIT_LIST_HEAD(&obj_request->links);
2055         init_completion(&obj_request->completion);
2056         kref_init(&obj_request->kref);
2057
2058         dout("%s: \"%s\" %llu/%llu %d -> obj %p\n", __func__, object_name,
2059                 offset, length, (int)type, obj_request);
2060
2061         return obj_request;
2062 }
2063
2064 static void rbd_obj_request_destroy(struct kref *kref)
2065 {
2066         struct rbd_obj_request *obj_request;
2067
2068         obj_request = container_of(kref, struct rbd_obj_request, kref);
2069
2070         dout("%s: obj %p\n", __func__, obj_request);
2071
2072         rbd_assert(obj_request->img_request == NULL);
2073         rbd_assert(obj_request->which == BAD_WHICH);
2074
2075         if (obj_request->osd_req)
2076                 rbd_osd_req_destroy(obj_request->osd_req);
2077
2078         rbd_assert(obj_request_type_valid(obj_request->type));
2079         switch (obj_request->type) {
2080         case OBJ_REQUEST_NODATA:
2081                 break;          /* Nothing to do */
2082         case OBJ_REQUEST_BIO:
2083                 if (obj_request->bio_list)
2084                         bio_chain_put(obj_request->bio_list);
2085                 break;
2086         case OBJ_REQUEST_PAGES:
2087                 if (obj_request->pages)
2088                         ceph_release_page_vector(obj_request->pages,
2089                                                 obj_request->page_count);
2090                 break;
2091         }
2092
2093         kfree(obj_request->object_name);
2094         obj_request->object_name = NULL;
2095         kmem_cache_free(rbd_obj_request_cache, obj_request);
2096 }
2097
2098 /* It's OK to call this for a device with no parent */
2099
2100 static void rbd_spec_put(struct rbd_spec *spec);
2101 static void rbd_dev_unparent(struct rbd_device *rbd_dev)
2102 {
2103         rbd_dev_remove_parent(rbd_dev);
2104         rbd_spec_put(rbd_dev->parent_spec);
2105         rbd_dev->parent_spec = NULL;
2106         rbd_dev->parent_overlap = 0;
2107 }
2108
2109 /*
2110  * Parent image reference counting is used to determine when an
2111  * image's parent fields can be safely torn down--after there are no
2112  * more in-flight requests to the parent image.  When the last
2113  * reference is dropped, cleaning them up is safe.
2114  */
2115 static void rbd_dev_parent_put(struct rbd_device *rbd_dev)
2116 {
2117         int counter;
2118
2119         if (!rbd_dev->parent_spec)
2120                 return;
2121
2122         counter = atomic_dec_return_safe(&rbd_dev->parent_ref);
2123         if (counter > 0)
2124                 return;
2125
2126         /* Last reference; clean up parent data structures */
2127
2128         if (!counter)
2129                 rbd_dev_unparent(rbd_dev);
2130         else
2131                 rbd_warn(rbd_dev, "parent reference underflow");
2132 }
2133
2134 /*
2135  * If an image has a non-zero parent overlap, get a reference to its
2136  * parent.
2137  *
2138  * Returns true if the rbd device has a parent with a non-zero
2139  * overlap and a reference for it was successfully taken, or
2140  * false otherwise.
2141  */
2142 static bool rbd_dev_parent_get(struct rbd_device *rbd_dev)
2143 {
2144         int counter = 0;
2145
2146         if (!rbd_dev->parent_spec)
2147                 return false;
2148
2149         down_read(&rbd_dev->header_rwsem);
2150         if (rbd_dev->parent_overlap)
2151                 counter = atomic_inc_return_safe(&rbd_dev->parent_ref);
2152         up_read(&rbd_dev->header_rwsem);
2153
2154         if (counter < 0)
2155                 rbd_warn(rbd_dev, "parent reference overflow");
2156
2157         return counter > 0;
2158 }
2159
2160 /*
2161  * Caller is responsible for filling in the list of object requests
2162  * that comprises the image request, and the Linux request pointer
2163  * (if there is one).
2164  */
2165 static struct rbd_img_request *rbd_img_request_create(
2166                                         struct rbd_device *rbd_dev,
2167                                         u64 offset, u64 length,
2168                                         enum obj_operation_type op_type,
2169                                         struct ceph_snap_context *snapc)
2170 {
2171         struct rbd_img_request *img_request;
2172
2173         img_request = kmem_cache_alloc(rbd_img_request_cache, GFP_NOIO);
2174         if (!img_request)
2175                 return NULL;
2176
2177         img_request->rq = NULL;
2178         img_request->rbd_dev = rbd_dev;
2179         img_request->offset = offset;
2180         img_request->length = length;
2181         img_request->flags = 0;
2182         if (op_type == OBJ_OP_DISCARD) {
2183                 img_request_discard_set(img_request);
2184                 img_request->snapc = snapc;
2185         } else if (op_type == OBJ_OP_WRITE) {
2186                 img_request_write_set(img_request);
2187                 img_request->snapc = snapc;
2188         } else {
2189                 img_request->snap_id = rbd_dev->spec->snap_id;
2190         }
2191         if (rbd_dev_parent_get(rbd_dev))
2192                 img_request_layered_set(img_request);
2193         spin_lock_init(&img_request->completion_lock);
2194         img_request->next_completion = 0;
2195         img_request->callback = NULL;
2196         img_request->result = 0;
2197         img_request->obj_request_count = 0;
2198         INIT_LIST_HEAD(&img_request->obj_requests);
2199         kref_init(&img_request->kref);
2200
2201         dout("%s: rbd_dev %p %s %llu/%llu -> img %p\n", __func__, rbd_dev,
2202                 obj_op_name(op_type), offset, length, img_request);
2203
2204         return img_request;
2205 }
2206
2207 static void rbd_img_request_destroy(struct kref *kref)
2208 {
2209         struct rbd_img_request *img_request;
2210         struct rbd_obj_request *obj_request;
2211         struct rbd_obj_request *next_obj_request;
2212
2213         img_request = container_of(kref, struct rbd_img_request, kref);
2214
2215         dout("%s: img %p\n", __func__, img_request);
2216
2217         for_each_obj_request_safe(img_request, obj_request, next_obj_request)
2218                 rbd_img_obj_request_del(img_request, obj_request);
2219         rbd_assert(img_request->obj_request_count == 0);
2220
2221         if (img_request_layered_test(img_request)) {
2222                 img_request_layered_clear(img_request);
2223                 rbd_dev_parent_put(img_request->rbd_dev);
2224         }
2225
2226         if (img_request_write_test(img_request) ||
2227                 img_request_discard_test(img_request))
2228                 ceph_put_snap_context(img_request->snapc);
2229
2230         kmem_cache_free(rbd_img_request_cache, img_request);
2231 }
2232
2233 static struct rbd_img_request *rbd_parent_request_create(
2234                                         struct rbd_obj_request *obj_request,
2235                                         u64 img_offset, u64 length)
2236 {
2237         struct rbd_img_request *parent_request;
2238         struct rbd_device *rbd_dev;
2239
2240         rbd_assert(obj_request->img_request);
2241         rbd_dev = obj_request->img_request->rbd_dev;
2242
2243         parent_request = rbd_img_request_create(rbd_dev->parent, img_offset,
2244                                                 length, OBJ_OP_READ, NULL);
2245         if (!parent_request)
2246                 return NULL;
2247
2248         img_request_child_set(parent_request);
2249         rbd_obj_request_get(obj_request);
2250         parent_request->obj_request = obj_request;
2251
2252         return parent_request;
2253 }
2254
2255 static void rbd_parent_request_destroy(struct kref *kref)
2256 {
2257         struct rbd_img_request *parent_request;
2258         struct rbd_obj_request *orig_request;
2259
2260         parent_request = container_of(kref, struct rbd_img_request, kref);
2261         orig_request = parent_request->obj_request;
2262
2263         parent_request->obj_request = NULL;
2264         rbd_obj_request_put(orig_request);
2265         img_request_child_clear(parent_request);
2266
2267         rbd_img_request_destroy(kref);
2268 }
2269
2270 static bool rbd_img_obj_end_request(struct rbd_obj_request *obj_request)
2271 {
2272         struct rbd_img_request *img_request;
2273         unsigned int xferred;
2274         int result;
2275         bool more;
2276
2277         rbd_assert(obj_request_img_data_test(obj_request));
2278         img_request = obj_request->img_request;
2279
2280         rbd_assert(obj_request->xferred <= (u64)UINT_MAX);
2281         xferred = (unsigned int)obj_request->xferred;
2282         result = obj_request->result;
2283         if (result) {
2284                 struct rbd_device *rbd_dev = img_request->rbd_dev;
2285                 enum obj_operation_type op_type;
2286
2287                 if (img_request_discard_test(img_request))
2288                         op_type = OBJ_OP_DISCARD;
2289                 else if (img_request_write_test(img_request))
2290                         op_type = OBJ_OP_WRITE;
2291                 else
2292                         op_type = OBJ_OP_READ;
2293
2294                 rbd_warn(rbd_dev, "%s %llx at %llx (%llx)",
2295                         obj_op_name(op_type), obj_request->length,
2296                         obj_request->img_offset, obj_request->offset);
2297                 rbd_warn(rbd_dev, "  result %d xferred %x",
2298                         result, xferred);
2299                 if (!img_request->result)
2300                         img_request->result = result;
2301                 /*
2302                  * Need to end I/O on the entire obj_request worth of
2303                  * bytes in case of error.
2304                  */
2305                 xferred = obj_request->length;
2306         }
2307
2308         /* Image object requests don't own their page array */
2309
2310         if (obj_request->type == OBJ_REQUEST_PAGES) {
2311                 obj_request->pages = NULL;
2312                 obj_request->page_count = 0;
2313         }
2314
2315         if (img_request_child_test(img_request)) {
2316                 rbd_assert(img_request->obj_request != NULL);
2317                 more = obj_request->which < img_request->obj_request_count - 1;
2318         } else {
2319                 rbd_assert(img_request->rq != NULL);
2320
2321                 more = blk_update_request(img_request->rq, result, xferred);
2322                 if (!more)
2323                         __blk_mq_end_request(img_request->rq, result);
2324         }
2325
2326         return more;
2327 }
2328
2329 static void rbd_img_obj_callback(struct rbd_obj_request *obj_request)
2330 {
2331         struct rbd_img_request *img_request;
2332         u32 which = obj_request->which;
2333         bool more = true;
2334
2335         rbd_assert(obj_request_img_data_test(obj_request));
2336         img_request = obj_request->img_request;
2337
2338         dout("%s: img %p obj %p\n", __func__, img_request, obj_request);
2339         rbd_assert(img_request != NULL);
2340         rbd_assert(img_request->obj_request_count > 0);
2341         rbd_assert(which != BAD_WHICH);
2342         rbd_assert(which < img_request->obj_request_count);
2343
2344         spin_lock_irq(&img_request->completion_lock);
2345         if (which != img_request->next_completion)
2346                 goto out;
2347
2348         for_each_obj_request_from(img_request, obj_request) {
2349                 rbd_assert(more);
2350                 rbd_assert(which < img_request->obj_request_count);
2351
2352                 if (!obj_request_done_test(obj_request))
2353                         break;
2354                 more = rbd_img_obj_end_request(obj_request);
2355                 which++;
2356         }
2357
2358         rbd_assert(more ^ (which == img_request->obj_request_count));
2359         img_request->next_completion = which;
2360 out:
2361         spin_unlock_irq(&img_request->completion_lock);
2362         rbd_img_request_put(img_request);
2363
2364         if (!more)
2365                 rbd_img_request_complete(img_request);
2366 }
2367
2368 /*
2369  * Add individual osd ops to the given ceph_osd_request and prepare
2370  * them for submission. num_ops is the current number of
2371  * osd operations already to the object request.
2372  */
2373 static void rbd_img_obj_request_fill(struct rbd_obj_request *obj_request,
2374                                 struct ceph_osd_request *osd_request,
2375                                 enum obj_operation_type op_type,
2376                                 unsigned int num_ops)
2377 {
2378         struct rbd_img_request *img_request = obj_request->img_request;
2379         struct rbd_device *rbd_dev = img_request->rbd_dev;
2380         u64 object_size = rbd_obj_bytes(&rbd_dev->header);
2381         u64 offset = obj_request->offset;
2382         u64 length = obj_request->length;
2383         u64 img_end;
2384         u16 opcode;
2385
2386         if (op_type == OBJ_OP_DISCARD) {
2387                 if (!offset && length == object_size &&
2388                     (!img_request_layered_test(img_request) ||
2389                      !obj_request_overlaps_parent(obj_request))) {
2390                         opcode = CEPH_OSD_OP_DELETE;
2391                 } else if ((offset + length == object_size)) {
2392                         opcode = CEPH_OSD_OP_TRUNCATE;
2393                 } else {
2394                         down_read(&rbd_dev->header_rwsem);
2395                         img_end = rbd_dev->header.image_size;
2396                         up_read(&rbd_dev->header_rwsem);
2397
2398                         if (obj_request->img_offset + length == img_end)
2399                                 opcode = CEPH_OSD_OP_TRUNCATE;
2400                         else
2401                                 opcode = CEPH_OSD_OP_ZERO;
2402                 }
2403         } else if (op_type == OBJ_OP_WRITE) {
2404                 opcode = CEPH_OSD_OP_WRITE;
2405                 osd_req_op_alloc_hint_init(osd_request, num_ops,
2406                                         object_size, object_size);
2407                 num_ops++;
2408         } else {
2409                 opcode = CEPH_OSD_OP_READ;
2410         }
2411
2412         if (opcode == CEPH_OSD_OP_DELETE)
2413                 osd_req_op_init(osd_request, num_ops, opcode, 0);
2414         else
2415                 osd_req_op_extent_init(osd_request, num_ops, opcode,
2416                                        offset, length, 0, 0);
2417
2418         if (obj_request->type == OBJ_REQUEST_BIO)
2419                 osd_req_op_extent_osd_data_bio(osd_request, num_ops,
2420                                         obj_request->bio_list, length);
2421         else if (obj_request->type == OBJ_REQUEST_PAGES)
2422                 osd_req_op_extent_osd_data_pages(osd_request, num_ops,
2423                                         obj_request->pages, length,
2424                                         offset & ~PAGE_MASK, false, false);
2425
2426         /* Discards are also writes */
2427         if (op_type == OBJ_OP_WRITE || op_type == OBJ_OP_DISCARD)
2428                 rbd_osd_req_format_write(obj_request);
2429         else
2430                 rbd_osd_req_format_read(obj_request);
2431 }
2432
2433 /*
2434  * Split up an image request into one or more object requests, each
2435  * to a different object.  The "type" parameter indicates whether
2436  * "data_desc" is the pointer to the head of a list of bio
2437  * structures, or the base of a page array.  In either case this
2438  * function assumes data_desc describes memory sufficient to hold
2439  * all data described by the image request.
2440  */
2441 static int rbd_img_request_fill(struct rbd_img_request *img_request,
2442                                         enum obj_request_type type,
2443                                         void *data_desc)
2444 {
2445         struct rbd_device *rbd_dev = img_request->rbd_dev;
2446         struct rbd_obj_request *obj_request = NULL;
2447         struct rbd_obj_request *next_obj_request;
2448         struct bio *bio_list = NULL;
2449         unsigned int bio_offset = 0;
2450         struct page **pages = NULL;
2451         enum obj_operation_type op_type;
2452         u64 img_offset;
2453         u64 resid;
2454
2455         dout("%s: img %p type %d data_desc %p\n", __func__, img_request,
2456                 (int)type, data_desc);
2457
2458         img_offset = img_request->offset;
2459         resid = img_request->length;
2460         rbd_assert(resid > 0);
2461         op_type = rbd_img_request_op_type(img_request);
2462
2463         if (type == OBJ_REQUEST_BIO) {
2464                 bio_list = data_desc;
2465                 rbd_assert(img_offset ==
2466                            bio_list->bi_iter.bi_sector << SECTOR_SHIFT);
2467         } else if (type == OBJ_REQUEST_PAGES) {
2468                 pages = data_desc;
2469         }
2470
2471         while (resid) {
2472                 struct ceph_osd_request *osd_req;
2473                 const char *object_name;
2474                 u64 offset;
2475                 u64 length;
2476
2477                 object_name = rbd_segment_name(rbd_dev, img_offset);
2478                 if (!object_name)
2479                         goto out_unwind;
2480                 offset = rbd_segment_offset(rbd_dev, img_offset);
2481                 length = rbd_segment_length(rbd_dev, img_offset, resid);
2482                 obj_request = rbd_obj_request_create(object_name,
2483                                                 offset, length, type);
2484                 /* object request has its own copy of the object name */
2485                 rbd_segment_name_free(object_name);
2486                 if (!obj_request)
2487                         goto out_unwind;
2488
2489                 /*
2490                  * set obj_request->img_request before creating the
2491                  * osd_request so that it gets the right snapc
2492                  */
2493                 rbd_img_obj_request_add(img_request, obj_request);
2494
2495                 if (type == OBJ_REQUEST_BIO) {
2496                         unsigned int clone_size;
2497
2498                         rbd_assert(length <= (u64)UINT_MAX);
2499                         clone_size = (unsigned int)length;
2500                         obj_request->bio_list =
2501                                         bio_chain_clone_range(&bio_list,
2502                                                                 &bio_offset,
2503                                                                 clone_size,
2504                                                                 GFP_ATOMIC);
2505                         if (!obj_request->bio_list)
2506                                 goto out_unwind;
2507                 } else if (type == OBJ_REQUEST_PAGES) {
2508                         unsigned int page_count;
2509
2510                         obj_request->pages = pages;
2511                         page_count = (u32)calc_pages_for(offset, length);
2512                         obj_request->page_count = page_count;
2513                         if ((offset + length) & ~PAGE_MASK)
2514                                 page_count--;   /* more on last page */
2515                         pages += page_count;
2516                 }
2517
2518                 osd_req = rbd_osd_req_create(rbd_dev, op_type,
2519                                         (op_type == OBJ_OP_WRITE) ? 2 : 1,
2520                                         obj_request);
2521                 if (!osd_req)
2522                         goto out_unwind;
2523
2524                 obj_request->osd_req = osd_req;
2525                 obj_request->callback = rbd_img_obj_callback;
2526                 obj_request->img_offset = img_offset;
2527
2528                 rbd_img_obj_request_fill(obj_request, osd_req, op_type, 0);
2529
2530                 rbd_img_request_get(img_request);
2531
2532                 img_offset += length;
2533                 resid -= length;
2534         }
2535
2536         return 0;
2537
2538 out_unwind:
2539         for_each_obj_request_safe(img_request, obj_request, next_obj_request)
2540                 rbd_img_obj_request_del(img_request, obj_request);
2541
2542         return -ENOMEM;
2543 }
2544
2545 static void
2546 rbd_osd_copyup_callback(struct rbd_obj_request *obj_request)
2547 {
2548         struct rbd_img_request *img_request;
2549         struct rbd_device *rbd_dev;
2550         struct page **pages;
2551         u32 page_count;
2552
2553         dout("%s: obj %p\n", __func__, obj_request);
2554
2555         rbd_assert(obj_request->type == OBJ_REQUEST_BIO ||
2556                 obj_request->type == OBJ_REQUEST_NODATA);
2557         rbd_assert(obj_request_img_data_test(obj_request));
2558         img_request = obj_request->img_request;
2559         rbd_assert(img_request);
2560
2561         rbd_dev = img_request->rbd_dev;
2562         rbd_assert(rbd_dev);
2563
2564         pages = obj_request->copyup_pages;
2565         rbd_assert(pages != NULL);
2566         obj_request->copyup_pages = NULL;
2567         page_count = obj_request->copyup_page_count;
2568         rbd_assert(page_count);
2569         obj_request->copyup_page_count = 0;
2570         ceph_release_page_vector(pages, page_count);
2571
2572         /*
2573          * We want the transfer count to reflect the size of the
2574          * original write request.  There is no such thing as a
2575          * successful short write, so if the request was successful
2576          * we can just set it to the originally-requested length.
2577          */
2578         if (!obj_request->result)
2579                 obj_request->xferred = obj_request->length;
2580
2581         obj_request_done_set(obj_request);
2582 }
2583
2584 static void
2585 rbd_img_obj_parent_read_full_callback(struct rbd_img_request *img_request)
2586 {
2587         struct rbd_obj_request *orig_request;
2588         struct ceph_osd_request *osd_req;
2589         struct ceph_osd_client *osdc;
2590         struct rbd_device *rbd_dev;
2591         struct page **pages;
2592         enum obj_operation_type op_type;
2593         u32 page_count;
2594         int img_result;
2595         u64 parent_length;
2596
2597         rbd_assert(img_request_child_test(img_request));
2598
2599         /* First get what we need from the image request */
2600
2601         pages = img_request->copyup_pages;
2602         rbd_assert(pages != NULL);
2603         img_request->copyup_pages = NULL;
2604         page_count = img_request->copyup_page_count;
2605         rbd_assert(page_count);
2606         img_request->copyup_page_count = 0;
2607
2608         orig_request = img_request->obj_request;
2609         rbd_assert(orig_request != NULL);
2610         rbd_assert(obj_request_type_valid(orig_request->type));
2611         img_result = img_request->result;
2612         parent_length = img_request->length;
2613         rbd_assert(parent_length == img_request->xferred);
2614         rbd_img_request_put(img_request);
2615
2616         rbd_assert(orig_request->img_request);
2617         rbd_dev = orig_request->img_request->rbd_dev;
2618         rbd_assert(rbd_dev);
2619
2620         /*
2621          * If the overlap has become 0 (most likely because the
2622          * image has been flattened) we need to free the pages
2623          * and re-submit the original write request.
2624          */
2625         if (!rbd_dev->parent_overlap) {
2626                 struct ceph_osd_client *osdc;
2627
2628                 ceph_release_page_vector(pages, page_count);
2629                 osdc = &rbd_dev->rbd_client->client->osdc;
2630                 img_result = rbd_obj_request_submit(osdc, orig_request);
2631                 if (!img_result)
2632                         return;
2633         }
2634
2635         if (img_result)
2636                 goto out_err;
2637
2638         /*
2639          * The original osd request is of no use to use any more.
2640          * We need a new one that can hold the three ops in a copyup
2641          * request.  Allocate the new copyup osd request for the
2642          * original request, and release the old one.
2643          */
2644         img_result = -ENOMEM;
2645         osd_req = rbd_osd_req_create_copyup(orig_request);
2646         if (!osd_req)
2647                 goto out_err;
2648         rbd_osd_req_destroy(orig_request->osd_req);
2649         orig_request->osd_req = osd_req;
2650         orig_request->copyup_pages = pages;
2651         orig_request->copyup_page_count = page_count;
2652
2653         /* Initialize the copyup op */
2654
2655         osd_req_op_cls_init(osd_req, 0, CEPH_OSD_OP_CALL, "rbd", "copyup");
2656         osd_req_op_cls_request_data_pages(osd_req, 0, pages, parent_length, 0,
2657                                                 false, false);
2658
2659         /* Add the other op(s) */
2660
2661         op_type = rbd_img_request_op_type(orig_request->img_request);
2662         rbd_img_obj_request_fill(orig_request, osd_req, op_type, 1);
2663
2664         /* All set, send it off. */
2665
2666         osdc = &rbd_dev->rbd_client->client->osdc;
2667         img_result = rbd_obj_request_submit(osdc, orig_request);
2668         if (!img_result)
2669                 return;
2670 out_err:
2671         /* Record the error code and complete the request */
2672
2673         orig_request->result = img_result;
2674         orig_request->xferred = 0;
2675         obj_request_done_set(orig_request);
2676         rbd_obj_request_complete(orig_request);
2677 }
2678
2679 /*
2680  * Read from the parent image the range of data that covers the
2681  * entire target of the given object request.  This is used for
2682  * satisfying a layered image write request when the target of an
2683  * object request from the image request does not exist.
2684  *
2685  * A page array big enough to hold the returned data is allocated
2686  * and supplied to rbd_img_request_fill() as the "data descriptor."
2687  * When the read completes, this page array will be transferred to
2688  * the original object request for the copyup operation.
2689  *
2690  * If an error occurs, record it as the result of the original
2691  * object request and mark it done so it gets completed.
2692  */
2693 static int rbd_img_obj_parent_read_full(struct rbd_obj_request *obj_request)
2694 {
2695         struct rbd_img_request *img_request = NULL;
2696         struct rbd_img_request *parent_request = NULL;
2697         struct rbd_device *rbd_dev;
2698         u64 img_offset;
2699         u64 length;
2700         struct page **pages = NULL;
2701         u32 page_count;
2702         int result;
2703
2704         rbd_assert(obj_request_img_data_test(obj_request));
2705         rbd_assert(obj_request_type_valid(obj_request->type));
2706
2707         img_request = obj_request->img_request;
2708         rbd_assert(img_request != NULL);
2709         rbd_dev = img_request->rbd_dev;
2710         rbd_assert(rbd_dev->parent != NULL);
2711
2712         /*
2713          * Determine the byte range covered by the object in the
2714          * child image to which the original request was to be sent.
2715          */
2716         img_offset = obj_request->img_offset - obj_request->offset;
2717         length = (u64)1 << rbd_dev->header.obj_order;
2718
2719         /*
2720          * There is no defined parent data beyond the parent
2721          * overlap, so limit what we read at that boundary if
2722          * necessary.
2723          */
2724         if (img_offset + length > rbd_dev->parent_overlap) {
2725                 rbd_assert(img_offset < rbd_dev->parent_overlap);
2726                 length = rbd_dev->parent_overlap - img_offset;
2727         }
2728
2729         /*
2730          * Allocate a page array big enough to receive the data read
2731          * from the parent.
2732          */
2733         page_count = (u32)calc_pages_for(0, length);
2734         pages = ceph_alloc_page_vector(page_count, GFP_KERNEL);
2735         if (IS_ERR(pages)) {
2736                 result = PTR_ERR(pages);
2737                 pages = NULL;
2738                 goto out_err;
2739         }
2740
2741         result = -ENOMEM;
2742         parent_request = rbd_parent_request_create(obj_request,
2743                                                 img_offset, length);
2744         if (!parent_request)
2745                 goto out_err;
2746
2747         result = rbd_img_request_fill(parent_request, OBJ_REQUEST_PAGES, pages);
2748         if (result)
2749                 goto out_err;
2750         parent_request->copyup_pages = pages;
2751         parent_request->copyup_page_count = page_count;
2752
2753         parent_request->callback = rbd_img_obj_parent_read_full_callback;
2754         result = rbd_img_request_submit(parent_request);
2755         if (!result)
2756                 return 0;
2757
2758         parent_request->copyup_pages = NULL;
2759         parent_request->copyup_page_count = 0;
2760         parent_request->obj_request = NULL;
2761         rbd_obj_request_put(obj_request);
2762 out_err:
2763         if (pages)
2764                 ceph_release_page_vector(pages, page_count);
2765         if (parent_request)
2766                 rbd_img_request_put(parent_request);
2767         obj_request->result = result;
2768         obj_request->xferred = 0;
2769         obj_request_done_set(obj_request);
2770
2771         return result;
2772 }
2773
2774 static void rbd_img_obj_exists_callback(struct rbd_obj_request *obj_request)
2775 {
2776         struct rbd_obj_request *orig_request;
2777         struct rbd_device *rbd_dev;
2778         int result;
2779
2780         rbd_assert(!obj_request_img_data_test(obj_request));
2781
2782         /*
2783          * All we need from the object request is the original
2784          * request and the result of the STAT op.  Grab those, then
2785          * we're done with the request.
2786          */
2787         orig_request = obj_request->obj_request;
2788         obj_request->obj_request = NULL;
2789         rbd_obj_request_put(orig_request);
2790         rbd_assert(orig_request);
2791         rbd_assert(orig_request->img_request);
2792
2793         result = obj_request->result;
2794         obj_request->result = 0;
2795
2796         dout("%s: obj %p for obj %p result %d %llu/%llu\n", __func__,
2797                 obj_request, orig_request, result,
2798                 obj_request->xferred, obj_request->length);
2799         rbd_obj_request_put(obj_request);
2800
2801         /*
2802          * If the overlap has become 0 (most likely because the
2803          * image has been flattened) we need to free the pages
2804          * and re-submit the original write request.
2805          */
2806         rbd_dev = orig_request->img_request->rbd_dev;
2807         if (!rbd_dev->parent_overlap) {
2808                 struct ceph_osd_client *osdc;
2809
2810                 osdc = &rbd_dev->rbd_client->client->osdc;
2811                 result = rbd_obj_request_submit(osdc, orig_request);
2812                 if (!result)
2813                         return;
2814         }
2815
2816         /*
2817          * Our only purpose here is to determine whether the object
2818          * exists, and we don't want to treat the non-existence as
2819          * an error.  If something else comes back, transfer the
2820          * error to the original request and complete it now.
2821          */
2822         if (!result) {
2823                 obj_request_existence_set(orig_request, true);
2824         } else if (result == -ENOENT) {
2825                 obj_request_existence_set(orig_request, false);
2826         } else if (result) {
2827                 orig_request->result = result;
2828                 goto out;
2829         }
2830
2831         /*
2832          * Resubmit the original request now that we have recorded
2833          * whether the target object exists.
2834          */
2835         orig_request->result = rbd_img_obj_request_submit(orig_request);
2836 out:
2837         if (orig_request->result)
2838                 rbd_obj_request_complete(orig_request);
2839 }
2840
2841 static int rbd_img_obj_exists_submit(struct rbd_obj_request *obj_request)
2842 {
2843         struct rbd_obj_request *stat_request;
2844         struct rbd_device *rbd_dev;
2845         struct ceph_osd_client *osdc;
2846         struct page **pages = NULL;
2847         u32 page_count;
2848         size_t size;
2849         int ret;
2850
2851         /*
2852          * The response data for a STAT call consists of:
2853          *     le64 length;
2854          *     struct {
2855          *         le32 tv_sec;
2856          *         le32 tv_nsec;
2857          *     } mtime;
2858          */
2859         size = sizeof (__le64) + sizeof (__le32) + sizeof (__le32);
2860         page_count = (u32)calc_pages_for(0, size);
2861         pages = ceph_alloc_page_vector(page_count, GFP_KERNEL);
2862         if (IS_ERR(pages))
2863                 return PTR_ERR(pages);
2864
2865         ret = -ENOMEM;
2866         stat_request = rbd_obj_request_create(obj_request->object_name, 0, 0,
2867                                                         OBJ_REQUEST_PAGES);
2868         if (!stat_request)
2869                 goto out;
2870
2871         rbd_obj_request_get(obj_request);
2872         stat_request->obj_request = obj_request;
2873         stat_request->pages = pages;
2874         stat_request->page_count = page_count;
2875
2876         rbd_assert(obj_request->img_request);
2877         rbd_dev = obj_request->img_request->rbd_dev;
2878         stat_request->osd_req = rbd_osd_req_create(rbd_dev, OBJ_OP_READ, 1,
2879                                                    stat_request);
2880         if (!stat_request->osd_req)
2881                 goto out;
2882         stat_request->callback = rbd_img_obj_exists_callback;
2883
2884         osd_req_op_init(stat_request->osd_req, 0, CEPH_OSD_OP_STAT, 0);
2885         osd_req_op_raw_data_in_pages(stat_request->osd_req, 0, pages, size, 0,
2886                                         false, false);
2887         rbd_osd_req_format_read(stat_request);
2888
2889         osdc = &rbd_dev->rbd_client->client->osdc;
2890         ret = rbd_obj_request_submit(osdc, stat_request);
2891 out:
2892         if (ret)
2893                 rbd_obj_request_put(obj_request);
2894
2895         return ret;
2896 }
2897
2898 static bool img_obj_request_simple(struct rbd_obj_request *obj_request)
2899 {
2900         struct rbd_img_request *img_request;
2901         struct rbd_device *rbd_dev;
2902
2903         rbd_assert(obj_request_img_data_test(obj_request));
2904
2905         img_request = obj_request->img_request;
2906         rbd_assert(img_request);
2907         rbd_dev = img_request->rbd_dev;
2908
2909         /* Reads */
2910         if (!img_request_write_test(img_request) &&
2911             !img_request_discard_test(img_request))
2912                 return true;
2913
2914         /* Non-layered writes */
2915         if (!img_request_layered_test(img_request))
2916                 return true;
2917
2918         /*
2919          * Layered writes outside of the parent overlap range don't
2920          * share any data with the parent.
2921          */
2922         if (!obj_request_overlaps_parent(obj_request))
2923                 return true;
2924
2925         /*
2926          * Entire-object layered writes - we will overwrite whatever
2927          * parent data there is anyway.
2928          */
2929         if (!obj_request->offset &&
2930             obj_request->length == rbd_obj_bytes(&rbd_dev->header))
2931                 return true;
2932
2933         /*
2934          * If the object is known to already exist, its parent data has
2935          * already been copied.
2936          */
2937         if (obj_request_known_test(obj_request) &&
2938             obj_request_exists_test(obj_request))
2939                 return true;
2940
2941         return false;
2942 }
2943
2944 static int rbd_img_obj_request_submit(struct rbd_obj_request *obj_request)
2945 {
2946         if (img_obj_request_simple(obj_request)) {
2947                 struct rbd_device *rbd_dev;
2948                 struct ceph_osd_client *osdc;
2949
2950                 rbd_dev = obj_request->img_request->rbd_dev;
2951                 osdc = &rbd_dev->rbd_client->client->osdc;
2952
2953                 return rbd_obj_request_submit(osdc, obj_request);
2954         }
2955
2956         /*
2957          * It's a layered write.  The target object might exist but
2958          * we may not know that yet.  If we know it doesn't exist,
2959          * start by reading the data for the full target object from
2960          * the parent so we can use it for a copyup to the target.
2961          */
2962         if (obj_request_known_test(obj_request))
2963                 return rbd_img_obj_parent_read_full(obj_request);
2964
2965         /* We don't know whether the target exists.  Go find out. */
2966
2967         return rbd_img_obj_exists_submit(obj_request);
2968 }
2969
2970 static int rbd_img_request_submit(struct rbd_img_request *img_request)
2971 {
2972         struct rbd_obj_request *obj_request;
2973         struct rbd_obj_request *next_obj_request;
2974
2975         dout("%s: img %p\n", __func__, img_request);
2976         for_each_obj_request_safe(img_request, obj_request, next_obj_request) {
2977                 int ret;
2978
2979                 ret = rbd_img_obj_request_submit(obj_request);
2980                 if (ret)
2981                         return ret;
2982         }
2983
2984         return 0;
2985 }
2986
2987 static void rbd_img_parent_read_callback(struct rbd_img_request *img_request)
2988 {
2989         struct rbd_obj_request *obj_request;
2990         struct rbd_device *rbd_dev;
2991         u64 obj_end;
2992         u64 img_xferred;
2993         int img_result;
2994
2995         rbd_assert(img_request_child_test(img_request));
2996
2997         /* First get what we need from the image request and release it */
2998
2999         obj_request = img_request->obj_request;
3000         img_xferred = img_request->xferred;
3001         img_result = img_request->result;
3002         rbd_img_request_put(img_request);
3003
3004         /*
3005          * If the overlap has become 0 (most likely because the
3006          * image has been flattened) we need to re-submit the
3007          * original request.
3008          */
3009         rbd_assert(obj_request);
3010         rbd_assert(obj_request->img_request);
3011         rbd_dev = obj_request->img_request->rbd_dev;
3012         if (!rbd_dev->parent_overlap) {
3013                 struct ceph_osd_client *osdc;
3014
3015                 osdc = &rbd_dev->rbd_client->client->osdc;
3016                 img_result = rbd_obj_request_submit(osdc, obj_request);
3017                 if (!img_result)
3018                         return;
3019         }
3020
3021         obj_request->result = img_result;
3022         if (obj_request->result)
3023                 goto out;
3024
3025         /*
3026          * We need to zero anything beyond the parent overlap
3027          * boundary.  Since rbd_img_obj_request_read_callback()
3028          * will zero anything beyond the end of a short read, an
3029          * easy way to do this is to pretend the data from the
3030          * parent came up short--ending at the overlap boundary.
3031          */
3032         rbd_assert(obj_request->img_offset < U64_MAX - obj_request->length);
3033         obj_end = obj_request->img_offset + obj_request->length;
3034         if (obj_end > rbd_dev->parent_overlap) {
3035                 u64 xferred = 0;
3036
3037                 if (obj_request->img_offset < rbd_dev->parent_overlap)
3038                         xferred = rbd_dev->parent_overlap -
3039                                         obj_request->img_offset;
3040
3041                 obj_request->xferred = min(img_xferred, xferred);
3042         } else {
3043                 obj_request->xferred = img_xferred;
3044         }
3045 out:
3046         rbd_img_obj_request_read_callback(obj_request);
3047         rbd_obj_request_complete(obj_request);
3048 }
3049
3050 static void rbd_img_parent_read(struct rbd_obj_request *obj_request)
3051 {
3052         struct rbd_img_request *img_request;
3053         int result;
3054
3055         rbd_assert(obj_request_img_data_test(obj_request));
3056         rbd_assert(obj_request->img_request != NULL);
3057         rbd_assert(obj_request->result == (s32) -ENOENT);
3058         rbd_assert(obj_request_type_valid(obj_request->type));
3059
3060         /* rbd_read_finish(obj_request, obj_request->length); */
3061         img_request = rbd_parent_request_create(obj_request,
3062                                                 obj_request->img_offset,
3063                                                 obj_request->length);
3064         result = -ENOMEM;
3065         if (!img_request)
3066                 goto out_err;
3067
3068         if (obj_request->type == OBJ_REQUEST_BIO)
3069                 result = rbd_img_request_fill(img_request, OBJ_REQUEST_BIO,
3070                                                 obj_request->bio_list);
3071         else
3072                 result = rbd_img_request_fill(img_request, OBJ_REQUEST_PAGES,
3073                                                 obj_request->pages);
3074         if (result)
3075                 goto out_err;
3076
3077         img_request->callback = rbd_img_parent_read_callback;
3078         result = rbd_img_request_submit(img_request);
3079         if (result)
3080                 goto out_err;
3081
3082         return;
3083 out_err:
3084         if (img_request)
3085                 rbd_img_request_put(img_request);
3086         obj_request->result = result;
3087         obj_request->xferred = 0;
3088         obj_request_done_set(obj_request);
3089 }
3090
3091 static int rbd_obj_notify_ack_sync(struct rbd_device *rbd_dev, u64 notify_id)
3092 {
3093         struct rbd_obj_request *obj_request;
3094         struct ceph_osd_client *osdc = &rbd_dev->rbd_client->client->osdc;
3095         int ret;
3096
3097         obj_request = rbd_obj_request_create(rbd_dev->header_name, 0, 0,
3098                                                         OBJ_REQUEST_NODATA);
3099         if (!obj_request)
3100                 return -ENOMEM;
3101
3102         ret = -ENOMEM;
3103         obj_request->osd_req = rbd_osd_req_create(rbd_dev, OBJ_OP_READ, 1,
3104                                                   obj_request);
3105         if (!obj_request->osd_req)
3106                 goto out;
3107
3108         osd_req_op_watch_init(obj_request->osd_req, 0, CEPH_OSD_OP_NOTIFY_ACK,
3109                                         notify_id, 0, 0);
3110         rbd_osd_req_format_read(obj_request);
3111
3112         ret = rbd_obj_request_submit(osdc, obj_request);
3113         if (ret)
3114                 goto out;
3115         ret = rbd_obj_request_wait(obj_request);
3116 out:
3117         rbd_obj_request_put(obj_request);
3118
3119         return ret;
3120 }
3121
3122 static void rbd_watch_cb(u64 ver, u64 notify_id, u8 opcode, void *data)
3123 {
3124         struct rbd_device *rbd_dev = (struct rbd_device *)data;
3125         int ret;
3126
3127         if (!rbd_dev)
3128                 return;
3129
3130         dout("%s: \"%s\" notify_id %llu opcode %u\n", __func__,
3131                 rbd_dev->header_name, (unsigned long long)notify_id,
3132                 (unsigned int)opcode);
3133
3134         /*
3135          * Until adequate refresh error handling is in place, there is
3136          * not much we can do here, except warn.
3137          *
3138          * See http://tracker.ceph.com/issues/5040
3139          */
3140         ret = rbd_dev_refresh(rbd_dev);
3141         if (ret)
3142                 rbd_warn(rbd_dev, "refresh failed: %d", ret);
3143
3144         ret = rbd_obj_notify_ack_sync(rbd_dev, notify_id);
3145         if (ret)
3146                 rbd_warn(rbd_dev, "notify_ack ret %d", ret);
3147 }
3148
3149 /*
3150  * Send a (un)watch request and wait for the ack.  Return a request
3151  * with a ref held on success or error.
3152  */
3153 static struct rbd_obj_request *rbd_obj_watch_request_helper(
3154                                                 struct rbd_device *rbd_dev,
3155                                                 bool watch)
3156 {
3157         struct ceph_osd_client *osdc = &rbd_dev->rbd_client->client->osdc;
3158         struct ceph_options *opts = osdc->client->options;
3159         struct rbd_obj_request *obj_request;
3160         int ret;
3161
3162         obj_request = rbd_obj_request_create(rbd_dev->header_name, 0, 0,
3163                                              OBJ_REQUEST_NODATA);
3164         if (!obj_request)
3165                 return ERR_PTR(-ENOMEM);
3166
3167         obj_request->osd_req = rbd_osd_req_create(rbd_dev, OBJ_OP_WRITE, 1,
3168                                                   obj_request);
3169         if (!obj_request->osd_req) {
3170                 ret = -ENOMEM;
3171                 goto out;
3172         }
3173
3174         osd_req_op_watch_init(obj_request->osd_req, 0, CEPH_OSD_OP_WATCH,
3175                               rbd_dev->watch_event->cookie, 0, watch);
3176         rbd_osd_req_format_write(obj_request);
3177
3178         if (watch)
3179                 ceph_osdc_set_request_linger(osdc, obj_request->osd_req);
3180
3181         ret = rbd_obj_request_submit(osdc, obj_request);
3182         if (ret)
3183                 goto out;
3184
3185         ret = rbd_obj_request_wait_timeout(obj_request, opts->mount_timeout);
3186         if (ret)
3187                 goto out;
3188
3189         ret = obj_request->result;
3190         if (ret) {
3191                 if (watch)
3192                         rbd_obj_request_end(obj_request);
3193                 goto out;
3194         }
3195
3196         return obj_request;
3197
3198 out:
3199         rbd_obj_request_put(obj_request);
3200         return ERR_PTR(ret);
3201 }
3202
3203 /*
3204  * Initiate a watch request, synchronously.
3205  */
3206 static int rbd_dev_header_watch_sync(struct rbd_device *rbd_dev)
3207 {
3208         struct ceph_osd_client *osdc = &rbd_dev->rbd_client->client->osdc;
3209         struct rbd_obj_request *obj_request;
3210         int ret;
3211
3212         rbd_assert(!rbd_dev->watch_event);
3213         rbd_assert(!rbd_dev->watch_request);
3214
3215         ret = ceph_osdc_create_event(osdc, rbd_watch_cb, rbd_dev,
3216                                      &rbd_dev->watch_event);
3217         if (ret < 0)
3218                 return ret;
3219
3220         obj_request = rbd_obj_watch_request_helper(rbd_dev, true);
3221         if (IS_ERR(obj_request)) {
3222                 ceph_osdc_cancel_event(rbd_dev->watch_event);
3223                 rbd_dev->watch_event = NULL;
3224                 return PTR_ERR(obj_request);
3225         }
3226
3227         /*
3228          * A watch request is set to linger, so the underlying osd
3229          * request won't go away until we unregister it.  We retain
3230          * a pointer to the object request during that time (in
3231          * rbd_dev->watch_request), so we'll keep a reference to it.
3232          * We'll drop that reference after we've unregistered it in
3233          * rbd_dev_header_unwatch_sync().
3234          */
3235         rbd_dev->watch_request = obj_request;
3236
3237         return 0;
3238 }
3239
3240 /*
3241  * Tear down a watch request, synchronously.
3242  */
3243 static void rbd_dev_header_unwatch_sync(struct rbd_device *rbd_dev)
3244 {
3245         struct rbd_obj_request *obj_request;
3246
3247         rbd_assert(rbd_dev->watch_event);
3248         rbd_assert(rbd_dev->watch_request);
3249
3250         rbd_obj_request_end(rbd_dev->watch_request);
3251         rbd_obj_request_put(rbd_dev->watch_request);
3252         rbd_dev->watch_request = NULL;
3253
3254         obj_request = rbd_obj_watch_request_helper(rbd_dev, false);
3255         if (!IS_ERR(obj_request))
3256                 rbd_obj_request_put(obj_request);
3257         else
3258                 rbd_warn(rbd_dev, "unable to tear down watch request (%ld)",
3259                          PTR_ERR(obj_request));
3260
3261         ceph_osdc_cancel_event(rbd_dev->watch_event);
3262         rbd_dev->watch_event = NULL;
3263 }
3264
3265 /*
3266  * Synchronous osd object method call.  Returns the number of bytes
3267  * returned in the outbound buffer, or a negative error code.
3268  */
3269 static int rbd_obj_method_sync(struct rbd_device *rbd_dev,
3270                              const char *object_name,
3271                              const char *class_name,
3272                              const char *method_name,
3273                              const void *outbound,
3274                              size_t outbound_size,
3275                              void *inbound,
3276                              size_t inbound_size)
3277 {
3278         struct ceph_osd_client *osdc = &rbd_dev->rbd_client->client->osdc;
3279         struct rbd_obj_request *obj_request;
3280         struct page **pages;
3281         u32 page_count;
3282         int ret;
3283
3284         /*
3285          * Method calls are ultimately read operations.  The result
3286          * should placed into the inbound buffer provided.  They
3287          * also supply outbound data--parameters for the object
3288          * method.  Currently if this is present it will be a
3289          * snapshot id.
3290          */
3291         page_count = (u32)calc_pages_for(0, inbound_size);
3292         pages = ceph_alloc_page_vector(page_count, GFP_KERNEL);
3293         if (IS_ERR(pages))
3294                 return PTR_ERR(pages);
3295
3296         ret = -ENOMEM;
3297         obj_request = rbd_obj_request_create(object_name, 0, inbound_size,
3298                                                         OBJ_REQUEST_PAGES);
3299         if (!obj_request)
3300                 goto out;
3301
3302         obj_request->pages = pages;
3303         obj_request->page_count = page_count;
3304
3305         obj_request->osd_req = rbd_osd_req_create(rbd_dev, OBJ_OP_READ, 1,
3306                                                   obj_request);
3307         if (!obj_request->osd_req)
3308                 goto out;
3309
3310         osd_req_op_cls_init(obj_request->osd_req, 0, CEPH_OSD_OP_CALL,
3311                                         class_name, method_name);
3312         if (outbound_size) {
3313                 struct ceph_pagelist *pagelist;
3314
3315                 pagelist = kmalloc(sizeof (*pagelist), GFP_NOFS);
3316                 if (!pagelist)
3317                         goto out;
3318
3319                 ceph_pagelist_init(pagelist);
3320                 ceph_pagelist_append(pagelist, outbound, outbound_size);
3321                 osd_req_op_cls_request_data_pagelist(obj_request->osd_req, 0,
3322                                                 pagelist);
3323         }
3324         osd_req_op_cls_response_data_pages(obj_request->osd_req, 0,
3325                                         obj_request->pages, inbound_size,
3326                                         0, false, false);
3327         rbd_osd_req_format_read(obj_request);
3328
3329         ret = rbd_obj_request_submit(osdc, obj_request);
3330         if (ret)
3331                 goto out;
3332         ret = rbd_obj_request_wait(obj_request);
3333         if (ret)
3334                 goto out;
3335
3336         ret = obj_request->result;
3337         if (ret < 0)
3338                 goto out;
3339
3340         rbd_assert(obj_request->xferred < (u64)INT_MAX);
3341         ret = (int)obj_request->xferred;
3342         ceph_copy_from_page_vector(pages, inbound, 0, obj_request->xferred);
3343 out:
3344         if (obj_request)
3345                 rbd_obj_request_put(obj_request);
3346         else
3347                 ceph_release_page_vector(pages, page_count);
3348
3349         return ret;
3350 }
3351
3352 static void rbd_queue_workfn(struct work_struct *work)
3353 {
3354         struct request *rq = blk_mq_rq_from_pdu(work);
3355         struct rbd_device *rbd_dev = rq->q->queuedata;
3356         struct rbd_img_request *img_request;
3357         struct ceph_snap_context *snapc = NULL;
3358         u64 offset = (u64)blk_rq_pos(rq) << SECTOR_SHIFT;
3359         u64 length = blk_rq_bytes(rq);
3360         enum obj_operation_type op_type;
3361         u64 mapping_size;
3362         int result;
3363
3364         if (rq->cmd_type != REQ_TYPE_FS) {
3365                 dout("%s: non-fs request type %d\n", __func__,
3366                         (int) rq->cmd_type);
3367                 result = -EIO;
3368                 goto err;
3369         }
3370
3371         if (rq->cmd_flags & REQ_DISCARD)
3372                 op_type = OBJ_OP_DISCARD;
3373         else if (rq->cmd_flags & REQ_WRITE)
3374                 op_type = OBJ_OP_WRITE;
3375         else
3376                 op_type = OBJ_OP_READ;
3377
3378         /* Ignore/skip any zero-length requests */
3379
3380         if (!length) {
3381                 dout("%s: zero-length request\n", __func__);
3382                 result = 0;
3383                 goto err_rq;
3384         }
3385
3386         /* Only reads are allowed to a read-only device */
3387
3388         if (op_type != OBJ_OP_READ) {
3389                 if (rbd_dev->mapping.read_only) {
3390                         result = -EROFS;
3391                         goto err_rq;
3392                 }
3393                 rbd_assert(rbd_dev->spec->snap_id == CEPH_NOSNAP);
3394         }
3395
3396         /*
3397          * Quit early if the mapped snapshot no longer exists.  It's
3398          * still possible the snapshot will have disappeared by the
3399          * time our request arrives at the osd, but there's no sense in
3400          * sending it if we already know.
3401          */
3402         if (!test_bit(RBD_DEV_FLAG_EXISTS, &rbd_dev->flags)) {
3403                 dout("request for non-existent snapshot");
3404                 rbd_assert(rbd_dev->spec->snap_id != CEPH_NOSNAP);
3405                 result = -ENXIO;
3406                 goto err_rq;
3407         }
3408
3409         if (offset && length > U64_MAX - offset + 1) {
3410                 rbd_warn(rbd_dev, "bad request range (%llu~%llu)", offset,
3411                          length);
3412                 result = -EINVAL;
3413                 goto err_rq;    /* Shouldn't happen */
3414         }
3415
3416         blk_mq_start_request(rq);
3417
3418         down_read(&rbd_dev->header_rwsem);
3419         mapping_size = rbd_dev->mapping.size;
3420         if (op_type != OBJ_OP_READ) {
3421                 snapc = rbd_dev->header.snapc;
3422                 ceph_get_snap_context(snapc);
3423         }
3424         up_read(&rbd_dev->header_rwsem);
3425
3426         if (offset + length > mapping_size) {
3427                 rbd_warn(rbd_dev, "beyond EOD (%llu~%llu > %llu)", offset,
3428                          length, mapping_size);
3429                 result = -EIO;
3430                 goto err_rq;
3431         }
3432
3433         img_request = rbd_img_request_create(rbd_dev, offset, length, op_type,
3434                                              snapc);
3435         if (!img_request) {
3436                 result = -ENOMEM;
3437                 goto err_rq;
3438         }
3439         img_request->rq = rq;
3440
3441         if (op_type == OBJ_OP_DISCARD)
3442                 result = rbd_img_request_fill(img_request, OBJ_REQUEST_NODATA,
3443                                               NULL);
3444         else
3445                 result = rbd_img_request_fill(img_request, OBJ_REQUEST_BIO,
3446                                               rq->bio);
3447         if (result)
3448                 goto err_img_request;
3449
3450         result = rbd_img_request_submit(img_request);
3451         if (result)
3452                 goto err_img_request;
3453
3454         return;
3455
3456 err_img_request:
3457         rbd_img_request_put(img_request);
3458 err_rq:
3459         if (result)
3460                 rbd_warn(rbd_dev, "%s %llx at %llx result %d",
3461                          obj_op_name(op_type), length, offset, result);
3462         ceph_put_snap_context(snapc);
3463 err:
3464         blk_mq_end_request(rq, result);
3465 }
3466
3467 static int rbd_queue_rq(struct blk_mq_hw_ctx *hctx,
3468                 const struct blk_mq_queue_data *bd)
3469 {
3470         struct request *rq = bd->rq;
3471         struct work_struct *work = blk_mq_rq_to_pdu(rq);
3472
3473         queue_work(rbd_wq, work);
3474         return BLK_MQ_RQ_QUEUE_OK;
3475 }
3476
3477 /*
3478  * a queue callback. Makes sure that we don't create a bio that spans across
3479  * multiple osd objects. One exception would be with a single page bios,
3480  * which we handle later at bio_chain_clone_range()
3481  */
3482 static int rbd_merge_bvec(struct request_queue *q, struct bvec_merge_data *bmd,
3483                           struct bio_vec *bvec)
3484 {
3485         struct rbd_device *rbd_dev = q->queuedata;
3486         sector_t sector_offset;
3487         sector_t sectors_per_obj;
3488         sector_t obj_sector_offset;
3489         int ret;
3490
3491         /*
3492          * Find how far into its rbd object the partition-relative
3493          * bio start sector is to offset relative to the enclosing
3494          * device.
3495          */
3496         sector_offset = get_start_sect(bmd->bi_bdev) + bmd->bi_sector;
3497         sectors_per_obj = 1 << (rbd_dev->header.obj_order - SECTOR_SHIFT);
3498         obj_sector_offset = sector_offset & (sectors_per_obj - 1);
3499
3500         /*
3501          * Compute the number of bytes from that offset to the end
3502          * of the object.  Account for what's already used by the bio.
3503          */
3504         ret = (int) (sectors_per_obj - obj_sector_offset) << SECTOR_SHIFT;
3505         if (ret > bmd->bi_size)
3506                 ret -= bmd->bi_size;
3507         else
3508                 ret = 0;
3509
3510         /*
3511          * Don't send back more than was asked for.  And if the bio
3512          * was empty, let the whole thing through because:  "Note
3513          * that a block device *must* allow a single page to be
3514          * added to an empty bio."
3515          */
3516         rbd_assert(bvec->bv_len <= PAGE_SIZE);
3517         if (ret > (int) bvec->bv_len || !bmd->bi_size)
3518                 ret = (int) bvec->bv_len;
3519
3520         return ret;
3521 }
3522
3523 static void rbd_free_disk(struct rbd_device *rbd_dev)
3524 {
3525         struct gendisk *disk = rbd_dev->disk;
3526
3527         if (!disk)
3528                 return;
3529
3530         rbd_dev->disk = NULL;
3531         if (disk->flags & GENHD_FL_UP) {
3532                 del_gendisk(disk);
3533                 if (disk->queue)
3534                         blk_cleanup_queue(disk->queue);
3535                 blk_mq_free_tag_set(&rbd_dev->tag_set);
3536         }
3537         put_disk(disk);
3538 }
3539
3540 static int rbd_obj_read_sync(struct rbd_device *rbd_dev,
3541                                 const char *object_name,
3542                                 u64 offset, u64 length, void *buf)
3543
3544 {
3545         struct ceph_osd_client *osdc = &rbd_dev->rbd_client->client->osdc;
3546         struct rbd_obj_request *obj_request;
3547         struct page **pages = NULL;
3548         u32 page_count;
3549         size_t size;
3550         int ret;
3551
3552         page_count = (u32) calc_pages_for(offset, length);
3553         pages = ceph_alloc_page_vector(page_count, GFP_KERNEL);
3554         if (IS_ERR(pages))
3555                 return PTR_ERR(pages);
3556
3557         ret = -ENOMEM;
3558         obj_request = rbd_obj_request_create(object_name, offset, length,
3559                                                         OBJ_REQUEST_PAGES);
3560         if (!obj_request)
3561                 goto out;
3562
3563         obj_request->pages = pages;
3564         obj_request->page_count = page_count;
3565
3566         obj_request->osd_req = rbd_osd_req_create(rbd_dev, OBJ_OP_READ, 1,
3567                                                   obj_request);
3568         if (!obj_request->osd_req)
3569                 goto out;
3570
3571         osd_req_op_extent_init(obj_request->osd_req, 0, CEPH_OSD_OP_READ,
3572                                         offset, length, 0, 0);
3573         osd_req_op_extent_osd_data_pages(obj_request->osd_req, 0,
3574                                         obj_request->pages,
3575                                         obj_request->length,
3576                                         obj_request->offset & ~PAGE_MASK,
3577                                         false, false);
3578         rbd_osd_req_format_read(obj_request);
3579
3580         ret = rbd_obj_request_submit(osdc, obj_request);
3581         if (ret)
3582                 goto out;
3583         ret = rbd_obj_request_wait(obj_request);
3584         if (ret)
3585                 goto out;
3586
3587         ret = obj_request->result;
3588         if (ret < 0)
3589                 goto out;
3590
3591         rbd_assert(obj_request->xferred <= (u64) SIZE_MAX);
3592         size = (size_t) obj_request->xferred;
3593         ceph_copy_from_page_vector(pages, buf, 0, size);
3594         rbd_assert(size <= (size_t)INT_MAX);
3595         ret = (int)size;
3596 out:
3597         if (obj_request)
3598                 rbd_obj_request_put(obj_request);
3599         else
3600                 ceph_release_page_vector(pages, page_count);
3601
3602         return ret;
3603 }
3604
3605 /*
3606  * Read the complete header for the given rbd device.  On successful
3607  * return, the rbd_dev->header field will contain up-to-date
3608  * information about the image.
3609  */
3610 static int rbd_dev_v1_header_info(struct rbd_device *rbd_dev)
3611 {
3612         struct rbd_image_header_ondisk *ondisk = NULL;
3613         u32 snap_count = 0;
3614         u64 names_size = 0;
3615         u32 want_count;
3616         int ret;
3617
3618         /*
3619          * The complete header will include an array of its 64-bit
3620          * snapshot ids, followed by the names of those snapshots as
3621          * a contiguous block of NUL-terminated strings.  Note that
3622          * the number of snapshots could change by the time we read
3623          * it in, in which case we re-read it.
3624          */
3625         do {
3626                 size_t size;
3627
3628                 kfree(ondisk);
3629
3630                 size = sizeof (*ondisk);
3631                 size += snap_count * sizeof (struct rbd_image_snap_ondisk);
3632                 size += names_size;
3633                 ondisk = kmalloc(size, GFP_KERNEL);
3634                 if (!ondisk)
3635                         return -ENOMEM;
3636
3637                 ret = rbd_obj_read_sync(rbd_dev, rbd_dev->header_name,
3638                                        0, size, ondisk);
3639                 if (ret < 0)
3640                         goto out;
3641                 if ((size_t)ret < size) {
3642                         ret = -ENXIO;
3643                         rbd_warn(rbd_dev, "short header read (want %zd got %d)",
3644                                 size, ret);
3645                         goto out;
3646                 }
3647                 if (!rbd_dev_ondisk_valid(ondisk)) {
3648                         ret = -ENXIO;
3649                         rbd_warn(rbd_dev, "invalid header");
3650                         goto out;
3651                 }
3652
3653                 names_size = le64_to_cpu(ondisk->snap_names_len);
3654                 want_count = snap_count;
3655                 snap_count = le32_to_cpu(ondisk->snap_count);
3656         } while (snap_count != want_count);
3657
3658         ret = rbd_header_from_disk(rbd_dev, ondisk);
3659 out:
3660         kfree(ondisk);
3661
3662         return ret;
3663 }
3664
3665 /*
3666  * Clear the rbd device's EXISTS flag if the snapshot it's mapped to
3667  * has disappeared from the (just updated) snapshot context.
3668  */
3669 static void rbd_exists_validate(struct rbd_device *rbd_dev)
3670 {
3671         u64 snap_id;
3672
3673         if (!test_bit(RBD_DEV_FLAG_EXISTS, &rbd_dev->flags))
3674                 return;
3675
3676         snap_id = rbd_dev->spec->snap_id;
3677         if (snap_id == CEPH_NOSNAP)
3678                 return;
3679
3680         if (rbd_dev_snap_index(rbd_dev, snap_id) == BAD_SNAP_INDEX)
3681                 clear_bit(RBD_DEV_FLAG_EXISTS, &rbd_dev->flags);
3682 }
3683
3684 static void rbd_dev_update_size(struct rbd_device *rbd_dev)
3685 {
3686         sector_t size;
3687         bool removing;
3688
3689         /*
3690          * Don't hold the lock while doing disk operations,
3691          * or lock ordering will conflict with the bdev mutex via:
3692          * rbd_add() -> blkdev_get() -> rbd_open()
3693          */
3694         spin_lock_irq(&rbd_dev->lock);
3695         removing = test_bit(RBD_DEV_FLAG_REMOVING, &rbd_dev->flags);
3696         spin_unlock_irq(&rbd_dev->lock);
3697         /*
3698          * If the device is being removed, rbd_dev->disk has
3699          * been destroyed, so don't try to update its size
3700          */
3701         if (!removing) {
3702                 size = (sector_t)rbd_dev->mapping.size / SECTOR_SIZE;
3703                 dout("setting size to %llu sectors", (unsigned long long)size);
3704                 set_capacity(rbd_dev->disk, size);
3705                 revalidate_disk(rbd_dev->disk);
3706         }
3707 }
3708
3709 static int rbd_dev_refresh(struct rbd_device *rbd_dev)
3710 {
3711         u64 mapping_size;
3712         int ret;
3713
3714         down_write(&rbd_dev->header_rwsem);
3715         mapping_size = rbd_dev->mapping.size;
3716
3717         ret = rbd_dev_header_info(rbd_dev);
3718         if (ret)
3719                 goto out;
3720
3721         /*
3722          * If there is a parent, see if it has disappeared due to the
3723          * mapped image getting flattened.
3724          */
3725         if (rbd_dev->parent) {
3726                 ret = rbd_dev_v2_parent_info(rbd_dev);
3727                 if (ret)
3728                         goto out;
3729         }
3730
3731         if (rbd_dev->spec->snap_id == CEPH_NOSNAP) {
3732                 rbd_dev->mapping.size = rbd_dev->header.image_size;
3733         } else {
3734                 /* validate mapped snapshot's EXISTS flag */
3735                 rbd_exists_validate(rbd_dev);
3736         }
3737
3738 out:
3739         up_write(&rbd_dev->header_rwsem);
3740         if (!ret && mapping_size != rbd_dev->mapping.size)
3741                 rbd_dev_update_size(rbd_dev);
3742
3743         return ret;
3744 }
3745
3746 static int rbd_init_request(void *data, struct request *rq,
3747                 unsigned int hctx_idx, unsigned int request_idx,
3748                 unsigned int numa_node)
3749 {
3750         struct work_struct *work = blk_mq_rq_to_pdu(rq);
3751
3752         INIT_WORK(work, rbd_queue_workfn);
3753         return 0;
3754 }
3755
3756 static struct blk_mq_ops rbd_mq_ops = {
3757         .queue_rq       = rbd_queue_rq,
3758         .map_queue      = blk_mq_map_queue,
3759         .init_request   = rbd_init_request,
3760 };
3761
3762 static int rbd_init_disk(struct rbd_device *rbd_dev)
3763 {
3764         struct gendisk *disk;
3765         struct request_queue *q;
3766         u64 segment_size;
3767         int err;
3768
3769         /* create gendisk info */
3770         disk = alloc_disk(single_major ?
3771                           (1 << RBD_SINGLE_MAJOR_PART_SHIFT) :
3772                           RBD_MINORS_PER_MAJOR);
3773         if (!disk)
3774                 return -ENOMEM;
3775
3776         snprintf(disk->disk_name, sizeof(disk->disk_name), RBD_DRV_NAME "%d",
3777                  rbd_dev->dev_id);
3778         disk->major = rbd_dev->major;
3779         disk->first_minor = rbd_dev->minor;
3780         if (single_major)
3781                 disk->flags |= GENHD_FL_EXT_DEVT;
3782         disk->fops = &rbd_bd_ops;
3783         disk->private_data = rbd_dev;
3784
3785         memset(&rbd_dev->tag_set, 0, sizeof(rbd_dev->tag_set));
3786         rbd_dev->tag_set.ops = &rbd_mq_ops;
3787         rbd_dev->tag_set.queue_depth = rbd_dev->opts->queue_depth;
3788         rbd_dev->tag_set.numa_node = NUMA_NO_NODE;
3789         rbd_dev->tag_set.flags = BLK_MQ_F_SHOULD_MERGE | BLK_MQ_F_SG_MERGE;
3790         rbd_dev->tag_set.nr_hw_queues = 1;
3791         rbd_dev->tag_set.cmd_size = sizeof(struct work_struct);
3792
3793         err = blk_mq_alloc_tag_set(&rbd_dev->tag_set);
3794         if (err)
3795                 goto out_disk;
3796
3797         q = blk_mq_init_queue(&rbd_dev->tag_set);
3798         if (IS_ERR(q)) {
3799                 err = PTR_ERR(q);
3800                 goto out_tag_set;
3801         }
3802
3803         queue_flag_set_unlocked(QUEUE_FLAG_NONROT, q);
3804         /* QUEUE_FLAG_ADD_RANDOM is off by default for blk-mq */
3805
3806         /* set io sizes to object size */
3807         segment_size = rbd_obj_bytes(&rbd_dev->header);
3808         blk_queue_max_hw_sectors(q, segment_size / SECTOR_SIZE);
3809         blk_queue_max_segments(q, segment_size / SECTOR_SIZE);
3810         blk_queue_max_segment_size(q, segment_size);
3811         blk_queue_io_min(q, segment_size);
3812         blk_queue_io_opt(q, segment_size);
3813
3814         /* enable the discard support */
3815         queue_flag_set_unlocked(QUEUE_FLAG_DISCARD, q);
3816         q->limits.discard_granularity = segment_size;
3817         q->limits.discard_alignment = segment_size;
3818         q->limits.max_discard_sectors = segment_size / SECTOR_SIZE;
3819         q->limits.discard_zeroes_data = 1;
3820
3821         blk_queue_merge_bvec(q, rbd_merge_bvec);
3822         disk->queue = q;
3823
3824         q->queuedata = rbd_dev;
3825
3826         rbd_dev->disk = disk;
3827
3828         return 0;
3829 out_tag_set:
3830         blk_mq_free_tag_set(&rbd_dev->tag_set);
3831 out_disk:
3832         put_disk(disk);
3833         return err;
3834 }
3835
3836 /*
3837   sysfs
3838 */
3839
3840 static struct rbd_device *dev_to_rbd_dev(struct device *dev)
3841 {
3842         return container_of(dev, struct rbd_device, dev);
3843 }
3844
3845 static ssize_t rbd_size_show(struct device *dev,
3846                              struct device_attribute *attr, char *buf)
3847 {
3848         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3849
3850         return sprintf(buf, "%llu\n",
3851                 (unsigned long long)rbd_dev->mapping.size);
3852 }
3853
3854 /*
3855  * Note this shows the features for whatever's mapped, which is not
3856  * necessarily the base image.
3857  */
3858 static ssize_t rbd_features_show(struct device *dev,
3859                              struct device_attribute *attr, char *buf)
3860 {
3861         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3862
3863         return sprintf(buf, "0x%016llx\n",
3864                         (unsigned long long)rbd_dev->mapping.features);
3865 }
3866
3867 static ssize_t rbd_major_show(struct device *dev,
3868                               struct device_attribute *attr, char *buf)
3869 {
3870         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3871
3872         if (rbd_dev->major)
3873                 return sprintf(buf, "%d\n", rbd_dev->major);
3874
3875         return sprintf(buf, "(none)\n");
3876 }
3877
3878 static ssize_t rbd_minor_show(struct device *dev,
3879                               struct device_attribute *attr, char *buf)
3880 {
3881         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3882
3883         return sprintf(buf, "%d\n", rbd_dev->minor);
3884 }
3885
3886 static ssize_t rbd_client_id_show(struct device *dev,
3887                                   struct device_attribute *attr, char *buf)
3888 {
3889         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3890
3891         return sprintf(buf, "client%lld\n",
3892                         ceph_client_id(rbd_dev->rbd_client->client));
3893 }
3894
3895 static ssize_t rbd_pool_show(struct device *dev,
3896                              struct device_attribute *attr, char *buf)
3897 {
3898         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3899
3900         return sprintf(buf, "%s\n", rbd_dev->spec->pool_name);
3901 }
3902
3903 static ssize_t rbd_pool_id_show(struct device *dev,
3904                              struct device_attribute *attr, char *buf)
3905 {
3906         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3907
3908         return sprintf(buf, "%llu\n",
3909                         (unsigned long long) rbd_dev->spec->pool_id);
3910 }
3911
3912 static ssize_t rbd_name_show(struct device *dev,
3913                              struct device_attribute *attr, char *buf)
3914 {
3915         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3916
3917         if (rbd_dev->spec->image_name)
3918                 return sprintf(buf, "%s\n", rbd_dev->spec->image_name);
3919
3920         return sprintf(buf, "(unknown)\n");
3921 }
3922
3923 static ssize_t rbd_image_id_show(struct device *dev,
3924                              struct device_attribute *attr, char *buf)
3925 {
3926         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3927
3928         return sprintf(buf, "%s\n", rbd_dev->spec->image_id);
3929 }
3930
3931 /*
3932  * Shows the name of the currently-mapped snapshot (or
3933  * RBD_SNAP_HEAD_NAME for the base image).
3934  */
3935 static ssize_t rbd_snap_show(struct device *dev,
3936                              struct device_attribute *attr,
3937                              char *buf)
3938 {
3939         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3940
3941         return sprintf(buf, "%s\n", rbd_dev->spec->snap_name);
3942 }
3943
3944 /*
3945  * For a v2 image, shows the chain of parent images, separated by empty
3946  * lines.  For v1 images or if there is no parent, shows "(no parent
3947  * image)".
3948  */
3949 static ssize_t rbd_parent_show(struct device *dev,
3950                                struct device_attribute *attr,
3951                                char *buf)
3952 {
3953         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3954         ssize_t count = 0;
3955
3956         if (!rbd_dev->parent)
3957                 return sprintf(buf, "(no parent image)\n");
3958
3959         for ( ; rbd_dev->parent; rbd_dev = rbd_dev->parent) {
3960                 struct rbd_spec *spec = rbd_dev->parent_spec;
3961
3962                 count += sprintf(&buf[count], "%s"
3963                             "pool_id %llu\npool_name %s\n"
3964                             "image_id %s\nimage_name %s\n"
3965                             "snap_id %llu\nsnap_name %s\n"
3966                             "overlap %llu\n",
3967                             !count ? "" : "\n", /* first? */
3968                             spec->pool_id, spec->pool_name,
3969                             spec->image_id, spec->image_name ?: "(unknown)",
3970                             spec->snap_id, spec->snap_name,
3971                             rbd_dev->parent_overlap);
3972         }
3973
3974         return count;
3975 }
3976
3977 static ssize_t rbd_image_refresh(struct device *dev,
3978                                  struct device_attribute *attr,
3979                                  const char *buf,
3980                                  size_t size)
3981 {
3982         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3983         int ret;
3984
3985         ret = rbd_dev_refresh(rbd_dev);
3986         if (ret)
3987                 return ret;
3988
3989         return size;
3990 }
3991
3992 static DEVICE_ATTR(size, S_IRUGO, rbd_size_show, NULL);
3993 static DEVICE_ATTR(features, S_IRUGO, rbd_features_show, NULL);
3994 static DEVICE_ATTR(major, S_IRUGO, rbd_major_show, NULL);
3995 static DEVICE_ATTR(minor, S_IRUGO, rbd_minor_show, NULL);
3996 static DEVICE_ATTR(client_id, S_IRUGO, rbd_client_id_show, NULL);
3997 static DEVICE_ATTR(pool, S_IRUGO, rbd_pool_show, NULL);
3998 static DEVICE_ATTR(pool_id, S_IRUGO, rbd_pool_id_show, NULL);
3999 static DEVICE_ATTR(name, S_IRUGO, rbd_name_show, NULL);
4000 static DEVICE_ATTR(image_id, S_IRUGO, rbd_image_id_show, NULL);
4001 static DEVICE_ATTR(refresh, S_IWUSR, NULL, rbd_image_refresh);
4002 static DEVICE_ATTR(current_snap, S_IRUGO, rbd_snap_show, NULL);
4003 static DEVICE_ATTR(parent, S_IRUGO, rbd_parent_show, NULL);
4004
4005 static struct attribute *rbd_attrs[] = {
4006         &dev_attr_size.attr,
4007         &dev_attr_features.attr,
4008         &dev_attr_major.attr,
4009         &dev_attr_minor.attr,
4010         &dev_attr_client_id.attr,
4011         &dev_attr_pool.attr,
4012         &dev_attr_pool_id.attr,
4013         &dev_attr_name.attr,
4014         &dev_attr_image_id.attr,
4015         &dev_attr_current_snap.attr,
4016         &dev_attr_parent.attr,
4017         &dev_attr_refresh.attr,
4018         NULL
4019 };
4020
4021 static struct attribute_group rbd_attr_group = {
4022         .attrs = rbd_attrs,
4023 };
4024
4025 static const struct attribute_group *rbd_attr_groups[] = {
4026         &rbd_attr_group,
4027         NULL
4028 };
4029
4030 static void rbd_sysfs_dev_release(struct device *dev)
4031 {
4032 }
4033
4034 static struct device_type rbd_device_type = {
4035         .name           = "rbd",
4036         .groups         = rbd_attr_groups,
4037         .release        = rbd_sysfs_dev_release,
4038 };
4039
4040 static struct rbd_spec *rbd_spec_get(struct rbd_spec *spec)
4041 {
4042         kref_get(&spec->kref);
4043
4044         return spec;
4045 }
4046
4047 static void rbd_spec_free(struct kref *kref);
4048 static void rbd_spec_put(struct rbd_spec *spec)
4049 {
4050         if (spec)
4051                 kref_put(&spec->kref, rbd_spec_free);
4052 }
4053
4054 static struct rbd_spec *rbd_spec_alloc(void)
4055 {
4056         struct rbd_spec *spec;
4057
4058         spec = kzalloc(sizeof (*spec), GFP_KERNEL);
4059         if (!spec)
4060                 return NULL;
4061
4062         spec->pool_id = CEPH_NOPOOL;
4063         spec->snap_id = CEPH_NOSNAP;
4064         kref_init(&spec->kref);
4065
4066         return spec;
4067 }
4068
4069 static void rbd_spec_free(struct kref *kref)
4070 {
4071         struct rbd_spec *spec = container_of(kref, struct rbd_spec, kref);
4072
4073         kfree(spec->pool_name);
4074         kfree(spec->image_id);
4075         kfree(spec->image_name);
4076         kfree(spec->snap_name);
4077         kfree(spec);
4078 }
4079
4080 static struct rbd_device *rbd_dev_create(struct rbd_client *rbdc,
4081                                          struct rbd_spec *spec,
4082                                          struct rbd_options *opts)
4083 {
4084         struct rbd_device *rbd_dev;
4085
4086         rbd_dev = kzalloc(sizeof (*rbd_dev), GFP_KERNEL);
4087         if (!rbd_dev)
4088                 return NULL;
4089
4090         spin_lock_init(&rbd_dev->lock);
4091         rbd_dev->flags = 0;
4092         atomic_set(&rbd_dev->parent_ref, 0);
4093         INIT_LIST_HEAD(&rbd_dev->node);
4094         init_rwsem(&rbd_dev->header_rwsem);
4095
4096         rbd_dev->rbd_client = rbdc;
4097         rbd_dev->spec = spec;
4098         rbd_dev->opts = opts;
4099
4100         /* Initialize the layout used for all rbd requests */
4101
4102         rbd_dev->layout.fl_stripe_unit = cpu_to_le32(1 << RBD_MAX_OBJ_ORDER);
4103         rbd_dev->layout.fl_stripe_count = cpu_to_le32(1);
4104         rbd_dev->layout.fl_object_size = cpu_to_le32(1 << RBD_MAX_OBJ_ORDER);
4105         rbd_dev->layout.fl_pg_pool = cpu_to_le32((u32) spec->pool_id);
4106
4107         return rbd_dev;
4108 }
4109
4110 static void rbd_dev_destroy(struct rbd_device *rbd_dev)
4111 {
4112         rbd_put_client(rbd_dev->rbd_client);
4113         rbd_spec_put(rbd_dev->spec);
4114         kfree(rbd_dev->opts);
4115         kfree(rbd_dev);
4116 }
4117
4118 /*
4119  * Get the size and object order for an image snapshot, or if
4120  * snap_id is CEPH_NOSNAP, gets this information for the base
4121  * image.
4122  */
4123 static int _rbd_dev_v2_snap_size(struct rbd_device *rbd_dev, u64 snap_id,
4124                                 u8 *order, u64 *snap_size)
4125 {
4126         __le64 snapid = cpu_to_le64(snap_id);
4127         int ret;
4128         struct {
4129                 u8 order;
4130                 __le64 size;
4131         } __attribute__ ((packed)) size_buf = { 0 };
4132
4133         ret = rbd_obj_method_sync(rbd_dev, rbd_dev->header_name,
4134                                 "rbd", "get_size",
4135                                 &snapid, sizeof (snapid),
4136                                 &size_buf, sizeof (size_buf));
4137         dout("%s: rbd_obj_method_sync returned %d\n", __func__, ret);
4138         if (ret < 0)
4139                 return ret;
4140         if (ret < sizeof (size_buf))
4141                 return -ERANGE;
4142
4143         if (order) {
4144                 *order = size_buf.order;
4145                 dout("  order %u", (unsigned int)*order);
4146         }
4147         *snap_size = le64_to_cpu(size_buf.size);
4148
4149         dout("  snap_id 0x%016llx snap_size = %llu\n",
4150                 (unsigned long long)snap_id,
4151                 (unsigned long long)*snap_size);
4152
4153         return 0;
4154 }
4155
4156 static int rbd_dev_v2_image_size(struct rbd_device *rbd_dev)
4157 {
4158         return _rbd_dev_v2_snap_size(rbd_dev, CEPH_NOSNAP,
4159                                         &rbd_dev->header.obj_order,
4160                                         &rbd_dev->header.image_size);
4161 }
4162
4163 static int rbd_dev_v2_object_prefix(struct rbd_device *rbd_dev)
4164 {
4165         void *reply_buf;
4166         int ret;
4167         void *p;
4168
4169         reply_buf = kzalloc(RBD_OBJ_PREFIX_LEN_MAX, GFP_KERNEL);
4170         if (!reply_buf)
4171                 return -ENOMEM;
4172
4173         ret = rbd_obj_method_sync(rbd_dev, rbd_dev->header_name,
4174                                 "rbd", "get_object_prefix", NULL, 0,
4175                                 reply_buf, RBD_OBJ_PREFIX_LEN_MAX);
4176         dout("%s: rbd_obj_method_sync returned %d\n", __func__, ret);
4177         if (ret < 0)
4178                 goto out;
4179
4180         p = reply_buf;
4181         rbd_dev->header.object_prefix = ceph_extract_encoded_string(&p,
4182                                                 p + ret, NULL, GFP_NOIO);
4183         ret = 0;
4184
4185         if (IS_ERR(rbd_dev->header.object_prefix)) {
4186                 ret = PTR_ERR(rbd_dev->header.object_prefix);
4187                 rbd_dev->header.object_prefix = NULL;
4188         } else {
4189                 dout("  object_prefix = %s\n", rbd_dev->header.object_prefix);
4190         }
4191 out:
4192         kfree(reply_buf);
4193
4194         return ret;
4195 }
4196
4197 static int _rbd_dev_v2_snap_features(struct rbd_device *rbd_dev, u64 snap_id,
4198                 u64 *snap_features)
4199 {
4200         __le64 snapid = cpu_to_le64(snap_id);
4201         struct {
4202                 __le64 features;
4203                 __le64 incompat;
4204         } __attribute__ ((packed)) features_buf = { 0 };
4205         u64 incompat;
4206         int ret;
4207
4208         ret = rbd_obj_method_sync(rbd_dev, rbd_dev->header_name,
4209                                 "rbd", "get_features",
4210                                 &snapid, sizeof (snapid),
4211                                 &features_buf, sizeof (features_buf));
4212         dout("%s: rbd_obj_method_sync returned %d\n", __func__, ret);
4213         if (ret < 0)
4214                 return ret;
4215         if (ret < sizeof (features_buf))
4216                 return -ERANGE;
4217
4218         incompat = le64_to_cpu(features_buf.incompat);
4219         if (incompat & ~RBD_FEATURES_SUPPORTED)
4220                 return -ENXIO;
4221
4222         *snap_features = le64_to_cpu(features_buf.features);
4223
4224         dout("  snap_id 0x%016llx features = 0x%016llx incompat = 0x%016llx\n",
4225                 (unsigned long long)snap_id,
4226                 (unsigned long long)*snap_features,
4227                 (unsigned long long)le64_to_cpu(features_buf.incompat));
4228
4229         return 0;
4230 }
4231
4232 static int rbd_dev_v2_features(struct rbd_device *rbd_dev)
4233 {
4234         return _rbd_dev_v2_snap_features(rbd_dev, CEPH_NOSNAP,
4235                                                 &rbd_dev->header.features);
4236 }
4237
4238 static int rbd_dev_v2_parent_info(struct rbd_device *rbd_dev)
4239 {
4240         struct rbd_spec *parent_spec;
4241         size_t size;
4242         void *reply_buf = NULL;
4243         __le64 snapid;
4244         void *p;
4245         void *end;
4246         u64 pool_id;
4247         char *image_id;
4248         u64 snap_id;
4249         u64 overlap;
4250         int ret;
4251
4252         parent_spec = rbd_spec_alloc();
4253         if (!parent_spec)
4254                 return -ENOMEM;
4255
4256         size = sizeof (__le64) +                                /* pool_id */
4257                 sizeof (__le32) + RBD_IMAGE_ID_LEN_MAX +        /* image_id */
4258                 sizeof (__le64) +                               /* snap_id */
4259                 sizeof (__le64);                                /* overlap */
4260         reply_buf = kmalloc(size, GFP_KERNEL);
4261         if (!reply_buf) {
4262                 ret = -ENOMEM;
4263                 goto out_err;
4264         }
4265
4266         snapid = cpu_to_le64(rbd_dev->spec->snap_id);
4267         ret = rbd_obj_method_sync(rbd_dev, rbd_dev->header_name,
4268                                 "rbd", "get_parent",
4269                                 &snapid, sizeof (snapid),
4270                                 reply_buf, size);
4271         dout("%s: rbd_obj_method_sync returned %d\n", __func__, ret);
4272         if (ret < 0)
4273                 goto out_err;
4274
4275         p = reply_buf;
4276         end = reply_buf + ret;
4277         ret = -ERANGE;
4278         ceph_decode_64_safe(&p, end, pool_id, out_err);
4279         if (pool_id == CEPH_NOPOOL) {
4280                 /*
4281                  * Either the parent never existed, or we have
4282                  * record of it but the image got flattened so it no
4283                  * longer has a parent.  When the parent of a
4284                  * layered image disappears we immediately set the
4285                  * overlap to 0.  The effect of this is that all new
4286                  * requests will be treated as if the image had no
4287                  * parent.
4288                  */
4289                 if (rbd_dev->parent_overlap) {
4290                         rbd_dev->parent_overlap = 0;
4291                         rbd_dev_parent_put(rbd_dev);
4292                         pr_info("%s: clone image has been flattened\n",
4293                                 rbd_dev->disk->disk_name);
4294                 }
4295
4296                 goto out;       /* No parent?  No problem. */
4297         }
4298
4299         /* The ceph file layout needs to fit pool id in 32 bits */
4300
4301         ret = -EIO;
4302         if (pool_id > (u64)U32_MAX) {
4303                 rbd_warn(NULL, "parent pool id too large (%llu > %u)",
4304                         (unsigned long long)pool_id, U32_MAX);
4305                 goto out_err;
4306         }
4307
4308         image_id = ceph_extract_encoded_string(&p, end, NULL, GFP_KERNEL);
4309         if (IS_ERR(image_id)) {
4310                 ret = PTR_ERR(image_id);
4311                 goto out_err;
4312         }
4313         ceph_decode_64_safe(&p, end, snap_id, out_err);
4314         ceph_decode_64_safe(&p, end, overlap, out_err);
4315
4316         /*
4317          * The parent won't change (except when the clone is
4318          * flattened, already handled that).  So we only need to
4319          * record the parent spec we have not already done so.
4320          */
4321         if (!rbd_dev->parent_spec) {
4322                 parent_spec->pool_id = pool_id;
4323                 parent_spec->image_id = image_id;
4324                 parent_spec->snap_id = snap_id;
4325                 rbd_dev->parent_spec = parent_spec;
4326                 parent_spec = NULL;     /* rbd_dev now owns this */
4327         } else {
4328                 kfree(image_id);
4329         }
4330
4331         /*
4332          * We always update the parent overlap.  If it's zero we issue
4333          * a warning, as we will proceed as if there was no parent.
4334          */
4335         if (!overlap) {
4336                 if (parent_spec) {
4337                         /* refresh, careful to warn just once */
4338                         if (rbd_dev->parent_overlap)
4339                                 rbd_warn(rbd_dev,
4340                                     "clone now standalone (overlap became 0)");
4341                 } else {
4342                         /* initial probe */
4343                         rbd_warn(rbd_dev, "clone is standalone (overlap 0)");
4344                 }
4345         }
4346         rbd_dev->parent_overlap = overlap;
4347
4348 out:
4349         ret = 0;
4350 out_err:
4351         kfree(reply_buf);
4352         rbd_spec_put(parent_spec);
4353
4354         return ret;
4355 }
4356
4357 static int rbd_dev_v2_striping_info(struct rbd_device *rbd_dev)
4358 {
4359         struct {
4360                 __le64 stripe_unit;
4361                 __le64 stripe_count;
4362         } __attribute__ ((packed)) striping_info_buf = { 0 };
4363         size_t size = sizeof (striping_info_buf);
4364         void *p;
4365         u64 obj_size;
4366         u64 stripe_unit;
4367         u64 stripe_count;
4368         int ret;
4369
4370         ret = rbd_obj_method_sync(rbd_dev, rbd_dev->header_name,
4371                                 "rbd", "get_stripe_unit_count", NULL, 0,
4372                                 (char *)&striping_info_buf, size);
4373         dout("%s: rbd_obj_method_sync returned %d\n", __func__, ret);
4374         if (ret < 0)
4375                 return ret;
4376         if (ret < size)
4377                 return -ERANGE;
4378
4379         /*
4380          * We don't actually support the "fancy striping" feature
4381          * (STRIPINGV2) yet, but if the striping sizes are the
4382          * defaults the behavior is the same as before.  So find
4383          * out, and only fail if the image has non-default values.
4384          */
4385         ret = -EINVAL;
4386         obj_size = (u64)1 << rbd_dev->header.obj_order;
4387         p = &striping_info_buf;
4388         stripe_unit = ceph_decode_64(&p);
4389         if (stripe_unit != obj_size) {
4390                 rbd_warn(rbd_dev, "unsupported stripe unit "
4391                                 "(got %llu want %llu)",
4392                                 stripe_unit, obj_size);
4393                 return -EINVAL;
4394         }
4395         stripe_count = ceph_decode_64(&p);
4396         if (stripe_count != 1) {
4397                 rbd_warn(rbd_dev, "unsupported stripe count "
4398                                 "(got %llu want 1)", stripe_count);
4399                 return -EINVAL;
4400         }
4401         rbd_dev->header.stripe_unit = stripe_unit;
4402         rbd_dev->header.stripe_count = stripe_count;
4403
4404         return 0;
4405 }
4406
4407 static char *rbd_dev_image_name(struct rbd_device *rbd_dev)
4408 {
4409         size_t image_id_size;
4410         char *image_id;
4411         void *p;
4412         void *end;
4413         size_t size;
4414         void *reply_buf = NULL;
4415         size_t len = 0;
4416         char *image_name = NULL;
4417         int ret;
4418
4419         rbd_assert(!rbd_dev->spec->image_name);
4420
4421         len = strlen(rbd_dev->spec->image_id);
4422         image_id_size = sizeof (__le32) + len;
4423         image_id = kmalloc(image_id_size, GFP_KERNEL);
4424         if (!image_id)
4425                 return NULL;
4426
4427         p = image_id;
4428         end = image_id + image_id_size;
4429         ceph_encode_string(&p, end, rbd_dev->spec->image_id, (u32)len);
4430
4431         size = sizeof (__le32) + RBD_IMAGE_NAME_LEN_MAX;
4432         reply_buf = kmalloc(size, GFP_KERNEL);
4433         if (!reply_buf)
4434                 goto out;
4435
4436         ret = rbd_obj_method_sync(rbd_dev, RBD_DIRECTORY,
4437                                 "rbd", "dir_get_name",
4438                                 image_id, image_id_size,
4439                                 reply_buf, size);
4440         if (ret < 0)
4441                 goto out;
4442         p = reply_buf;
4443         end = reply_buf + ret;
4444
4445         image_name = ceph_extract_encoded_string(&p, end, &len, GFP_KERNEL);
4446         if (IS_ERR(image_name))
4447                 image_name = NULL;
4448         else
4449                 dout("%s: name is %s len is %zd\n", __func__, image_name, len);
4450 out:
4451         kfree(reply_buf);
4452         kfree(image_id);
4453
4454         return image_name;
4455 }
4456
4457 static u64 rbd_v1_snap_id_by_name(struct rbd_device *rbd_dev, const char *name)
4458 {
4459         struct ceph_snap_context *snapc = rbd_dev->header.snapc;
4460         const char *snap_name;
4461         u32 which = 0;
4462
4463         /* Skip over names until we find the one we are looking for */
4464
4465         snap_name = rbd_dev->header.snap_names;
4466         while (which < snapc->num_snaps) {
4467                 if (!strcmp(name, snap_name))
4468                         return snapc->snaps[which];
4469                 snap_name += strlen(snap_name) + 1;
4470                 which++;
4471         }
4472         return CEPH_NOSNAP;
4473 }
4474
4475 static u64 rbd_v2_snap_id_by_name(struct rbd_device *rbd_dev, const char *name)
4476 {
4477         struct ceph_snap_context *snapc = rbd_dev->header.snapc;
4478         u32 which;
4479         bool found = false;
4480         u64 snap_id;
4481
4482         for (which = 0; !found && which < snapc->num_snaps; which++) {
4483                 const char *snap_name;
4484
4485                 snap_id = snapc->snaps[which];
4486                 snap_name = rbd_dev_v2_snap_name(rbd_dev, snap_id);
4487                 if (IS_ERR(snap_name)) {
4488                         /* ignore no-longer existing snapshots */
4489                         if (PTR_ERR(snap_name) == -ENOENT)
4490                                 continue;
4491                         else
4492                                 break;
4493                 }
4494                 found = !strcmp(name, snap_name);
4495                 kfree(snap_name);
4496         }
4497         return found ? snap_id : CEPH_NOSNAP;
4498 }
4499
4500 /*
4501  * Assumes name is never RBD_SNAP_HEAD_NAME; returns CEPH_NOSNAP if
4502  * no snapshot by that name is found, or if an error occurs.
4503  */
4504 static u64 rbd_snap_id_by_name(struct rbd_device *rbd_dev, const char *name)
4505 {
4506         if (rbd_dev->image_format == 1)
4507                 return rbd_v1_snap_id_by_name(rbd_dev, name);
4508
4509         return rbd_v2_snap_id_by_name(rbd_dev, name);
4510 }
4511
4512 /*
4513  * An image being mapped will have everything but the snap id.
4514  */
4515 static int rbd_spec_fill_snap_id(struct rbd_device *rbd_dev)
4516 {
4517         struct rbd_spec *spec = rbd_dev->spec;
4518
4519         rbd_assert(spec->pool_id != CEPH_NOPOOL && spec->pool_name);
4520         rbd_assert(spec->image_id && spec->image_name);
4521         rbd_assert(spec->snap_name);
4522
4523         if (strcmp(spec->snap_name, RBD_SNAP_HEAD_NAME)) {
4524                 u64 snap_id;
4525
4526                 snap_id = rbd_snap_id_by_name(rbd_dev, spec->snap_name);
4527                 if (snap_id == CEPH_NOSNAP)
4528                         return -ENOENT;
4529
4530                 spec->snap_id = snap_id;
4531         } else {
4532                 spec->snap_id = CEPH_NOSNAP;
4533         }
4534
4535         return 0;
4536 }
4537
4538 /*
4539  * A parent image will have all ids but none of the names.
4540  *
4541  * All names in an rbd spec are dynamically allocated.  It's OK if we
4542  * can't figure out the name for an image id.
4543  */
4544 static int rbd_spec_fill_names(struct rbd_device *rbd_dev)
4545 {
4546         struct ceph_osd_client *osdc = &rbd_dev->rbd_client->client->osdc;
4547         struct rbd_spec *spec = rbd_dev->spec;
4548         const char *pool_name;
4549         const char *image_name;
4550         const char *snap_name;
4551         int ret;
4552
4553         rbd_assert(spec->pool_id != CEPH_NOPOOL);
4554         rbd_assert(spec->image_id);
4555         rbd_assert(spec->snap_id != CEPH_NOSNAP);
4556
4557         /* Get the pool name; we have to make our own copy of this */
4558
4559         pool_name = ceph_pg_pool_name_by_id(osdc->osdmap, spec->pool_id);
4560         if (!pool_name) {
4561                 rbd_warn(rbd_dev, "no pool with id %llu", spec->pool_id);
4562                 return -EIO;
4563         }
4564         pool_name = kstrdup(pool_name, GFP_KERNEL);
4565         if (!pool_name)
4566                 return -ENOMEM;
4567
4568         /* Fetch the image name; tolerate failure here */
4569
4570         image_name = rbd_dev_image_name(rbd_dev);
4571         if (!image_name)
4572                 rbd_warn(rbd_dev, "unable to get image name");
4573
4574         /* Fetch the snapshot name */
4575
4576         snap_name = rbd_snap_name(rbd_dev, spec->snap_id);
4577         if (IS_ERR(snap_name)) {
4578                 ret = PTR_ERR(snap_name);
4579                 goto out_err;
4580         }
4581
4582         spec->pool_name = pool_name;
4583         spec->image_name = image_name;
4584         spec->snap_name = snap_name;
4585
4586         return 0;
4587
4588 out_err:
4589         kfree(image_name);
4590         kfree(pool_name);
4591         return ret;
4592 }
4593
4594 static int rbd_dev_v2_snap_context(struct rbd_device *rbd_dev)
4595 {
4596         size_t size;
4597         int ret;
4598         void *reply_buf;
4599         void *p;
4600         void *end;
4601         u64 seq;
4602         u32 snap_count;
4603         struct ceph_snap_context *snapc;
4604         u32 i;
4605
4606         /*
4607          * We'll need room for the seq value (maximum snapshot id),
4608          * snapshot count, and array of that many snapshot ids.
4609          * For now we have a fixed upper limit on the number we're
4610          * prepared to receive.
4611          */
4612         size = sizeof (__le64) + sizeof (__le32) +
4613                         RBD_MAX_SNAP_COUNT * sizeof (__le64);
4614         reply_buf = kzalloc(size, GFP_KERNEL);
4615         if (!reply_buf)
4616                 return -ENOMEM;
4617
4618         ret = rbd_obj_method_sync(rbd_dev, rbd_dev->header_name,
4619                                 "rbd", "get_snapcontext", NULL, 0,
4620                                 reply_buf, size);
4621         dout("%s: rbd_obj_method_sync returned %d\n", __func__, ret);
4622         if (ret < 0)
4623                 goto out;
4624
4625         p = reply_buf;
4626         end = reply_buf + ret;
4627         ret = -ERANGE;
4628         ceph_decode_64_safe(&p, end, seq, out);
4629         ceph_decode_32_safe(&p, end, snap_count, out);
4630
4631         /*
4632          * Make sure the reported number of snapshot ids wouldn't go
4633          * beyond the end of our buffer.  But before checking that,
4634          * make sure the computed size of the snapshot context we
4635          * allocate is representable in a size_t.
4636          */
4637         if (snap_count > (SIZE_MAX - sizeof (struct ceph_snap_context))
4638                                  / sizeof (u64)) {
4639                 ret = -EINVAL;
4640                 goto out;
4641         }
4642         if (!ceph_has_room(&p, end, snap_count * sizeof (__le64)))
4643                 goto out;
4644         ret = 0;
4645
4646         snapc = ceph_create_snap_context(snap_count, GFP_KERNEL);
4647         if (!snapc) {
4648                 ret = -ENOMEM;
4649                 goto out;
4650         }
4651         snapc->seq = seq;
4652         for (i = 0; i < snap_count; i++)
4653                 snapc->snaps[i] = ceph_decode_64(&p);
4654
4655         ceph_put_snap_context(rbd_dev->header.snapc);
4656         rbd_dev->header.snapc = snapc;
4657
4658         dout("  snap context seq = %llu, snap_count = %u\n",
4659                 (unsigned long long)seq, (unsigned int)snap_count);
4660 out:
4661         kfree(reply_buf);
4662
4663         return ret;
4664 }
4665
4666 static const char *rbd_dev_v2_snap_name(struct rbd_device *rbd_dev,
4667                                         u64 snap_id)
4668 {
4669         size_t size;
4670         void *reply_buf;
4671         __le64 snapid;
4672         int ret;
4673         void *p;
4674         void *end;
4675         char *snap_name;
4676
4677         size = sizeof (__le32) + RBD_MAX_SNAP_NAME_LEN;
4678         reply_buf = kmalloc(size, GFP_KERNEL);
4679         if (!reply_buf)
4680                 return ERR_PTR(-ENOMEM);
4681
4682         snapid = cpu_to_le64(snap_id);
4683         ret = rbd_obj_method_sync(rbd_dev, rbd_dev->header_name,
4684                                 "rbd", "get_snapshot_name",
4685                                 &snapid, sizeof (snapid),
4686                                 reply_buf, size);
4687         dout("%s: rbd_obj_method_sync returned %d\n", __func__, ret);
4688         if (ret < 0) {
4689                 snap_name = ERR_PTR(ret);
4690                 goto out;
4691         }
4692
4693         p = reply_buf;
4694         end = reply_buf + ret;
4695         snap_name = ceph_extract_encoded_string(&p, end, NULL, GFP_KERNEL);
4696         if (IS_ERR(snap_name))
4697                 goto out;
4698
4699         dout("  snap_id 0x%016llx snap_name = %s\n",
4700                 (unsigned long long)snap_id, snap_name);
4701 out:
4702         kfree(reply_buf);
4703
4704         return snap_name;
4705 }
4706
4707 static int rbd_dev_v2_header_info(struct rbd_device *rbd_dev)
4708 {
4709         bool first_time = rbd_dev->header.object_prefix == NULL;
4710         int ret;
4711
4712         ret = rbd_dev_v2_image_size(rbd_dev);
4713         if (ret)
4714                 return ret;
4715
4716         if (first_time) {
4717                 ret = rbd_dev_v2_header_onetime(rbd_dev);
4718                 if (ret)
4719                         return ret;
4720         }
4721
4722         ret = rbd_dev_v2_snap_context(rbd_dev);
4723         dout("rbd_dev_v2_snap_context returned %d\n", ret);
4724
4725         return ret;
4726 }
4727
4728 static int rbd_dev_header_info(struct rbd_device *rbd_dev)
4729 {
4730         rbd_assert(rbd_image_format_valid(rbd_dev->image_format));
4731
4732         if (rbd_dev->image_format == 1)
4733                 return rbd_dev_v1_header_info(rbd_dev);
4734
4735         return rbd_dev_v2_header_info(rbd_dev);
4736 }
4737
4738 static int rbd_bus_add_dev(struct rbd_device *rbd_dev)
4739 {
4740         struct device *dev;
4741         int ret;
4742
4743         dev = &rbd_dev->dev;
4744         dev->bus = &rbd_bus_type;
4745         dev->type = &rbd_device_type;
4746         dev->parent = &rbd_root_dev;
4747         dev->release = rbd_dev_device_release;
4748         dev_set_name(dev, "%d", rbd_dev->dev_id);
4749         ret = device_register(dev);
4750
4751         return ret;
4752 }
4753
4754 static void rbd_bus_del_dev(struct rbd_device *rbd_dev)
4755 {
4756         device_unregister(&rbd_dev->dev);
4757 }
4758
4759 /*
4760  * Get a unique rbd identifier for the given new rbd_dev, and add
4761  * the rbd_dev to the global list.
4762  */
4763 static int rbd_dev_id_get(struct rbd_device *rbd_dev)
4764 {
4765         int new_dev_id;
4766
4767         new_dev_id = ida_simple_get(&rbd_dev_id_ida,
4768                                     0, minor_to_rbd_dev_id(1 << MINORBITS),
4769                                     GFP_KERNEL);
4770         if (new_dev_id < 0)
4771                 return new_dev_id;
4772
4773         rbd_dev->dev_id = new_dev_id;
4774
4775         spin_lock(&rbd_dev_list_lock);
4776         list_add_tail(&rbd_dev->node, &rbd_dev_list);
4777         spin_unlock(&rbd_dev_list_lock);
4778
4779         dout("rbd_dev %p given dev id %d\n", rbd_dev, rbd_dev->dev_id);
4780
4781         return 0;
4782 }
4783
4784 /*
4785  * Remove an rbd_dev from the global list, and record that its
4786  * identifier is no longer in use.
4787  */
4788 static void rbd_dev_id_put(struct rbd_device *rbd_dev)
4789 {
4790         spin_lock(&rbd_dev_list_lock);
4791         list_del_init(&rbd_dev->node);
4792         spin_unlock(&rbd_dev_list_lock);
4793
4794         ida_simple_remove(&rbd_dev_id_ida, rbd_dev->dev_id);
4795
4796         dout("rbd_dev %p released dev id %d\n", rbd_dev, rbd_dev->dev_id);
4797 }
4798
4799 /*
4800  * Skips over white space at *buf, and updates *buf to point to the
4801  * first found non-space character (if any). Returns the length of
4802  * the token (string of non-white space characters) found.  Note
4803  * that *buf must be terminated with '\0'.
4804  */
4805 static inline size_t next_token(const char **buf)
4806 {
4807         /*
4808         * These are the characters that produce nonzero for
4809         * isspace() in the "C" and "POSIX" locales.
4810         */
4811         const char *spaces = " \f\n\r\t\v";
4812
4813         *buf += strspn(*buf, spaces);   /* Find start of token */
4814
4815         return strcspn(*buf, spaces);   /* Return token length */
4816 }
4817
4818 /*
4819  * Finds the next token in *buf, dynamically allocates a buffer big
4820  * enough to hold a copy of it, and copies the token into the new
4821  * buffer.  The copy is guaranteed to be terminated with '\0'.  Note
4822  * that a duplicate buffer is created even for a zero-length token.
4823  *
4824  * Returns a pointer to the newly-allocated duplicate, or a null
4825  * pointer if memory for the duplicate was not available.  If
4826  * the lenp argument is a non-null pointer, the length of the token
4827  * (not including the '\0') is returned in *lenp.
4828  *
4829  * If successful, the *buf pointer will be updated to point beyond
4830  * the end of the found token.
4831  *
4832  * Note: uses GFP_KERNEL for allocation.
4833  */
4834 static inline char *dup_token(const char **buf, size_t *lenp)
4835 {
4836         char *dup;
4837         size_t len;
4838
4839         len = next_token(buf);
4840         dup = kmemdup(*buf, len + 1, GFP_KERNEL);
4841         if (!dup)
4842                 return NULL;
4843         *(dup + len) = '\0';
4844         *buf += len;
4845
4846         if (lenp)
4847                 *lenp = len;
4848
4849         return dup;
4850 }
4851
4852 /*
4853  * Parse the options provided for an "rbd add" (i.e., rbd image
4854  * mapping) request.  These arrive via a write to /sys/bus/rbd/add,
4855  * and the data written is passed here via a NUL-terminated buffer.
4856  * Returns 0 if successful or an error code otherwise.
4857  *
4858  * The information extracted from these options is recorded in
4859  * the other parameters which return dynamically-allocated
4860  * structures:
4861  *  ceph_opts
4862  *      The address of a pointer that will refer to a ceph options
4863  *      structure.  Caller must release the returned pointer using
4864  *      ceph_destroy_options() when it is no longer needed.
4865  *  rbd_opts
4866  *      Address of an rbd options pointer.  Fully initialized by
4867  *      this function; caller must release with kfree().
4868  *  spec
4869  *      Address of an rbd image specification pointer.  Fully
4870  *      initialized by this function based on parsed options.
4871  *      Caller must release with rbd_spec_put().
4872  *
4873  * The options passed take this form:
4874  *  <mon_addrs> <options> <pool_name> <image_name> [<snap_id>]
4875  * where:
4876  *  <mon_addrs>
4877  *      A comma-separated list of one or more monitor addresses.
4878  *      A monitor address is an ip address, optionally followed
4879  *      by a port number (separated by a colon).
4880  *        I.e.:  ip1[:port1][,ip2[:port2]...]
4881  *  <options>
4882  *      A comma-separated list of ceph and/or rbd options.
4883  *  <pool_name>
4884  *      The name of the rados pool containing the rbd image.
4885  *  <image_name>
4886  *      The name of the image in that pool to map.
4887  *  <snap_id>
4888  *      An optional snapshot id.  If provided, the mapping will
4889  *      present data from the image at the time that snapshot was
4890  *      created.  The image head is used if no snapshot id is
4891  *      provided.  Snapshot mappings are always read-only.
4892  */
4893 static int rbd_add_parse_args(const char *buf,
4894                                 struct ceph_options **ceph_opts,
4895                                 struct rbd_options **opts,
4896                                 struct rbd_spec **rbd_spec)
4897 {
4898         size_t len;
4899         char *options;
4900         const char *mon_addrs;
4901         char *snap_name;
4902         size_t mon_addrs_size;
4903         struct rbd_spec *spec = NULL;
4904         struct rbd_options *rbd_opts = NULL;
4905         struct ceph_options *copts;
4906         int ret;
4907
4908         /* The first four tokens are required */
4909
4910         len = next_token(&buf);
4911         if (!len) {
4912                 rbd_warn(NULL, "no monitor address(es) provided");
4913                 return -EINVAL;
4914         }
4915         mon_addrs = buf;
4916         mon_addrs_size = len + 1;
4917         buf += len;
4918
4919         ret = -EINVAL;
4920         options = dup_token(&buf, NULL);
4921         if (!options)
4922                 return -ENOMEM;
4923         if (!*options) {
4924                 rbd_warn(NULL, "no options provided");
4925                 goto out_err;
4926         }
4927
4928         spec = rbd_spec_alloc();
4929         if (!spec)
4930                 goto out_mem;
4931
4932         spec->pool_name = dup_token(&buf, NULL);
4933         if (!spec->pool_name)
4934                 goto out_mem;
4935         if (!*spec->pool_name) {
4936                 rbd_warn(NULL, "no pool name provided");
4937                 goto out_err;
4938         }
4939
4940         spec->image_name = dup_token(&buf, NULL);
4941         if (!spec->image_name)
4942                 goto out_mem;
4943         if (!*spec->image_name) {
4944                 rbd_warn(NULL, "no image name provided");
4945                 goto out_err;
4946         }
4947
4948         /*
4949          * Snapshot name is optional; default is to use "-"
4950          * (indicating the head/no snapshot).
4951          */
4952         len = next_token(&buf);
4953         if (!len) {
4954                 buf = RBD_SNAP_HEAD_NAME; /* No snapshot supplied */
4955                 len = sizeof (RBD_SNAP_HEAD_NAME) - 1;
4956         } else if (len > RBD_MAX_SNAP_NAME_LEN) {
4957                 ret = -ENAMETOOLONG;
4958                 goto out_err;
4959         }
4960         snap_name = kmemdup(buf, len + 1, GFP_KERNEL);
4961         if (!snap_name)
4962                 goto out_mem;
4963         *(snap_name + len) = '\0';
4964         spec->snap_name = snap_name;
4965
4966         /* Initialize all rbd options to the defaults */
4967
4968         rbd_opts = kzalloc(sizeof (*rbd_opts), GFP_KERNEL);
4969         if (!rbd_opts)
4970                 goto out_mem;
4971
4972         rbd_opts->read_only = RBD_READ_ONLY_DEFAULT;
4973         rbd_opts->queue_depth = RBD_QUEUE_DEPTH_DEFAULT;
4974
4975         copts = ceph_parse_options(options, mon_addrs,
4976                                         mon_addrs + mon_addrs_size - 1,
4977                                         parse_rbd_opts_token, rbd_opts);
4978         if (IS_ERR(copts)) {
4979                 ret = PTR_ERR(copts);
4980                 goto out_err;
4981         }
4982         kfree(options);
4983
4984         *ceph_opts = copts;
4985         *opts = rbd_opts;
4986         *rbd_spec = spec;
4987
4988         return 0;
4989 out_mem:
4990         ret = -ENOMEM;
4991 out_err:
4992         kfree(rbd_opts);
4993         rbd_spec_put(spec);
4994         kfree(options);
4995
4996         return ret;
4997 }
4998
4999 /*
5000  * Return pool id (>= 0) or a negative error code.
5001  */
5002 static int rbd_add_get_pool_id(struct rbd_client *rbdc, const char *pool_name)
5003 {
5004         struct ceph_options *opts = rbdc->client->options;
5005         u64 newest_epoch;
5006         int tries = 0;
5007         int ret;
5008
5009 again:
5010         ret = ceph_pg_poolid_by_name(rbdc->client->osdc.osdmap, pool_name);
5011         if (ret == -ENOENT && tries++ < 1) {
5012                 ret = ceph_monc_do_get_version(&rbdc->client->monc, "osdmap",
5013                                                &newest_epoch);
5014                 if (ret < 0)
5015                         return ret;
5016
5017                 if (rbdc->client->osdc.osdmap->epoch < newest_epoch) {
5018                         ceph_monc_request_next_osdmap(&rbdc->client->monc);
5019                         (void) ceph_monc_wait_osdmap(&rbdc->client->monc,
5020                                                      newest_epoch,
5021                                                      opts->mount_timeout);
5022                         goto again;
5023                 } else {
5024                         /* the osdmap we have is new enough */
5025                         return -ENOENT;
5026                 }
5027         }
5028
5029         return ret;
5030 }
5031
5032 /*
5033  * An rbd format 2 image has a unique identifier, distinct from the
5034  * name given to it by the user.  Internally, that identifier is
5035  * what's used to specify the names of objects related to the image.
5036  *
5037  * A special "rbd id" object is used to map an rbd image name to its
5038  * id.  If that object doesn't exist, then there is no v2 rbd image
5039  * with the supplied name.
5040  *
5041  * This function will record the given rbd_dev's image_id field if
5042  * it can be determined, and in that case will return 0.  If any
5043  * errors occur a negative errno will be returned and the rbd_dev's
5044  * image_id field will be unchanged (and should be NULL).
5045  */
5046 static int rbd_dev_image_id(struct rbd_device *rbd_dev)
5047 {
5048         int ret;
5049         size_t size;
5050         char *object_name;
5051         void *response;
5052         char *image_id;
5053
5054         /*
5055          * When probing a parent image, the image id is already
5056          * known (and the image name likely is not).  There's no
5057          * need to fetch the image id again in this case.  We
5058          * do still need to set the image format though.
5059          */
5060         if (rbd_dev->spec->image_id) {
5061                 rbd_dev->image_format = *rbd_dev->spec->image_id ? 2 : 1;
5062
5063                 return 0;
5064         }
5065
5066         /*
5067          * First, see if the format 2 image id file exists, and if
5068          * so, get the image's persistent id from it.
5069          */
5070         size = sizeof (RBD_ID_PREFIX) + strlen(rbd_dev->spec->image_name);
5071         object_name = kmalloc(size, GFP_NOIO);
5072         if (!object_name)
5073                 return -ENOMEM;
5074         sprintf(object_name, "%s%s", RBD_ID_PREFIX, rbd_dev->spec->image_name);
5075         dout("rbd id object name is %s\n", object_name);
5076
5077         /* Response will be an encoded string, which includes a length */
5078
5079         size = sizeof (__le32) + RBD_IMAGE_ID_LEN_MAX;
5080         response = kzalloc(size, GFP_NOIO);
5081         if (!response) {
5082                 ret = -ENOMEM;
5083                 goto out;
5084         }
5085
5086         /* If it doesn't exist we'll assume it's a format 1 image */
5087
5088         ret = rbd_obj_method_sync(rbd_dev, object_name,
5089                                 "rbd", "get_id", NULL, 0,
5090                                 response, RBD_IMAGE_ID_LEN_MAX);
5091         dout("%s: rbd_obj_method_sync returned %d\n", __func__, ret);
5092         if (ret == -ENOENT) {
5093                 image_id = kstrdup("", GFP_KERNEL);
5094                 ret = image_id ? 0 : -ENOMEM;
5095                 if (!ret)
5096                         rbd_dev->image_format = 1;
5097         } else if (ret >= 0) {
5098                 void *p = response;
5099
5100                 image_id = ceph_extract_encoded_string(&p, p + ret,
5101                                                 NULL, GFP_NOIO);
5102                 ret = PTR_ERR_OR_ZERO(image_id);
5103                 if (!ret)
5104                         rbd_dev->image_format = 2;
5105         }
5106
5107         if (!ret) {
5108                 rbd_dev->spec->image_id = image_id;
5109                 dout("image_id is %s\n", image_id);
5110         }
5111 out:
5112         kfree(response);
5113         kfree(object_name);
5114
5115         return ret;
5116 }
5117
5118 /*
5119  * Undo whatever state changes are made by v1 or v2 header info
5120  * call.
5121  */
5122 static void rbd_dev_unprobe(struct rbd_device *rbd_dev)
5123 {
5124         struct rbd_image_header *header;
5125
5126         rbd_dev_parent_put(rbd_dev);
5127
5128         /* Free dynamic fields from the header, then zero it out */
5129
5130         header = &rbd_dev->header;
5131         ceph_put_snap_context(header->snapc);
5132         kfree(header->snap_sizes);
5133         kfree(header->snap_names);
5134         kfree(header->object_prefix);
5135         memset(header, 0, sizeof (*header));
5136 }
5137
5138 static int rbd_dev_v2_header_onetime(struct rbd_device *rbd_dev)
5139 {
5140         int ret;
5141
5142         ret = rbd_dev_v2_object_prefix(rbd_dev);
5143         if (ret)
5144                 goto out_err;
5145
5146         /*
5147          * Get the and check features for the image.  Currently the
5148          * features are assumed to never change.
5149          */
5150         ret = rbd_dev_v2_features(rbd_dev);
5151         if (ret)
5152                 goto out_err;
5153
5154         /* If the image supports fancy striping, get its parameters */
5155
5156         if (rbd_dev->header.features & RBD_FEATURE_STRIPINGV2) {
5157                 ret = rbd_dev_v2_striping_info(rbd_dev);
5158                 if (ret < 0)
5159                         goto out_err;
5160         }
5161         /* No support for crypto and compression type format 2 images */
5162
5163         return 0;
5164 out_err:
5165         rbd_dev->header.features = 0;
5166         kfree(rbd_dev->header.object_prefix);
5167         rbd_dev->header.object_prefix = NULL;
5168
5169         return ret;
5170 }
5171
5172 static int rbd_dev_probe_parent(struct rbd_device *rbd_dev)
5173 {
5174         struct rbd_device *parent = NULL;
5175         struct rbd_spec *parent_spec;
5176         struct rbd_client *rbdc;
5177         int ret;
5178
5179         if (!rbd_dev->parent_spec)
5180                 return 0;
5181         /*
5182          * We need to pass a reference to the client and the parent
5183          * spec when creating the parent rbd_dev.  Images related by
5184          * parent/child relationships always share both.
5185          */
5186         parent_spec = rbd_spec_get(rbd_dev->parent_spec);
5187         rbdc = __rbd_get_client(rbd_dev->rbd_client);
5188
5189         ret = -ENOMEM;
5190         parent = rbd_dev_create(rbdc, parent_spec, NULL);
5191         if (!parent)
5192                 goto out_err;
5193
5194         ret = rbd_dev_image_probe(parent, false);
5195         if (ret < 0)
5196                 goto out_err;
5197         rbd_dev->parent = parent;
5198         atomic_set(&rbd_dev->parent_ref, 1);
5199
5200         return 0;
5201 out_err:
5202         if (parent) {
5203                 rbd_dev_unparent(rbd_dev);
5204                 rbd_dev_destroy(parent);
5205         } else {
5206                 rbd_put_client(rbdc);
5207                 rbd_spec_put(parent_spec);
5208         }
5209
5210         return ret;
5211 }
5212
5213 static int rbd_dev_device_setup(struct rbd_device *rbd_dev)
5214 {
5215         int ret;
5216
5217         /* Get an id and fill in device name. */
5218
5219         ret = rbd_dev_id_get(rbd_dev);
5220         if (ret)
5221                 return ret;
5222
5223         BUILD_BUG_ON(DEV_NAME_LEN
5224                         < sizeof (RBD_DRV_NAME) + MAX_INT_FORMAT_WIDTH);
5225         sprintf(rbd_dev->name, "%s%d", RBD_DRV_NAME, rbd_dev->dev_id);
5226
5227         /* Record our major and minor device numbers. */
5228
5229         if (!single_major) {
5230                 ret = register_blkdev(0, rbd_dev->name);
5231                 if (ret < 0)
5232                         goto err_out_id;
5233
5234                 rbd_dev->major = ret;
5235                 rbd_dev->minor = 0;
5236         } else {
5237                 rbd_dev->major = rbd_major;
5238                 rbd_dev->minor = rbd_dev_id_to_minor(rbd_dev->dev_id);
5239         }
5240
5241         /* Set up the blkdev mapping. */
5242
5243         ret = rbd_init_disk(rbd_dev);
5244         if (ret)
5245                 goto err_out_blkdev;
5246
5247         ret = rbd_dev_mapping_set(rbd_dev);
5248         if (ret)
5249                 goto err_out_disk;
5250
5251         set_capacity(rbd_dev->disk, rbd_dev->mapping.size / SECTOR_SIZE);
5252         set_disk_ro(rbd_dev->disk, rbd_dev->mapping.read_only);
5253
5254         ret = rbd_bus_add_dev(rbd_dev);
5255         if (ret)
5256                 goto err_out_mapping;
5257
5258         /* Everything's ready.  Announce the disk to the world. */
5259
5260         set_bit(RBD_DEV_FLAG_EXISTS, &rbd_dev->flags);
5261         add_disk(rbd_dev->disk);
5262
5263         pr_info("%s: added with size 0x%llx\n", rbd_dev->disk->disk_name,
5264                 (unsigned long long) rbd_dev->mapping.size);
5265
5266         return ret;
5267
5268 err_out_mapping:
5269         rbd_dev_mapping_clear(rbd_dev);
5270 err_out_disk:
5271         rbd_free_disk(rbd_dev);
5272 err_out_blkdev:
5273         if (!single_major)
5274                 unregister_blkdev(rbd_dev->major, rbd_dev->name);
5275 err_out_id:
5276         rbd_dev_id_put(rbd_dev);
5277         rbd_dev_mapping_clear(rbd_dev);
5278
5279         return ret;
5280 }
5281
5282 static int rbd_dev_header_name(struct rbd_device *rbd_dev)
5283 {
5284         struct rbd_spec *spec = rbd_dev->spec;
5285         size_t size;
5286
5287         /* Record the header object name for this rbd image. */
5288
5289         rbd_assert(rbd_image_format_valid(rbd_dev->image_format));
5290
5291         if (rbd_dev->image_format == 1)
5292                 size = strlen(spec->image_name) + sizeof (RBD_SUFFIX);
5293         else
5294                 size = sizeof (RBD_HEADER_PREFIX) + strlen(spec->image_id);
5295
5296         rbd_dev->header_name = kmalloc(size, GFP_KERNEL);
5297         if (!rbd_dev->header_name)
5298                 return -ENOMEM;
5299
5300         if (rbd_dev->image_format == 1)
5301                 sprintf(rbd_dev->header_name, "%s%s",
5302                         spec->image_name, RBD_SUFFIX);
5303         else
5304                 sprintf(rbd_dev->header_name, "%s%s",
5305                         RBD_HEADER_PREFIX, spec->image_id);
5306         return 0;
5307 }
5308
5309 static void rbd_dev_image_release(struct rbd_device *rbd_dev)
5310 {
5311         rbd_dev_unprobe(rbd_dev);
5312         kfree(rbd_dev->header_name);
5313         rbd_dev->header_name = NULL;
5314         rbd_dev->image_format = 0;
5315         kfree(rbd_dev->spec->image_id);
5316         rbd_dev->spec->image_id = NULL;
5317
5318         rbd_dev_destroy(rbd_dev);
5319 }
5320
5321 /*
5322  * Probe for the existence of the header object for the given rbd
5323  * device.  If this image is the one being mapped (i.e., not a
5324  * parent), initiate a watch on its header object before using that
5325  * object to get detailed information about the rbd image.
5326  */
5327 static int rbd_dev_image_probe(struct rbd_device *rbd_dev, bool mapping)
5328 {
5329         int ret;
5330
5331         /*
5332          * Get the id from the image id object.  Unless there's an
5333          * error, rbd_dev->spec->image_id will be filled in with
5334          * a dynamically-allocated string, and rbd_dev->image_format
5335          * will be set to either 1 or 2.
5336          */
5337         ret = rbd_dev_image_id(rbd_dev);
5338         if (ret)
5339                 return ret;
5340
5341         ret = rbd_dev_header_name(rbd_dev);
5342         if (ret)
5343                 goto err_out_format;
5344
5345         if (mapping) {
5346                 ret = rbd_dev_header_watch_sync(rbd_dev);
5347                 if (ret) {
5348                         if (ret == -ENOENT)
5349                                 pr_info("image %s/%s does not exist\n",
5350                                         rbd_dev->spec->pool_name,
5351                                         rbd_dev->spec->image_name);
5352                         goto out_header_name;
5353                 }
5354         }
5355
5356         ret = rbd_dev_header_info(rbd_dev);
5357         if (ret)
5358                 goto err_out_watch;
5359
5360         /*
5361          * If this image is the one being mapped, we have pool name and
5362          * id, image name and id, and snap name - need to fill snap id.
5363          * Otherwise this is a parent image, identified by pool, image
5364          * and snap ids - need to fill in names for those ids.
5365          */
5366         if (mapping)
5367                 ret = rbd_spec_fill_snap_id(rbd_dev);
5368         else
5369                 ret = rbd_spec_fill_names(rbd_dev);
5370         if (ret) {
5371                 if (ret == -ENOENT)
5372                         pr_info("snap %s/%s@%s does not exist\n",
5373                                 rbd_dev->spec->pool_name,
5374                                 rbd_dev->spec->image_name,
5375                                 rbd_dev->spec->snap_name);
5376                 goto err_out_probe;
5377         }
5378
5379         if (rbd_dev->header.features & RBD_FEATURE_LAYERING) {
5380                 ret = rbd_dev_v2_parent_info(rbd_dev);
5381                 if (ret)
5382                         goto err_out_probe;
5383
5384                 /*
5385                  * Need to warn users if this image is the one being
5386                  * mapped and has a parent.
5387                  */
5388                 if (mapping && rbd_dev->parent_spec)
5389                         rbd_warn(rbd_dev,
5390                                  "WARNING: kernel layering is EXPERIMENTAL!");
5391         }
5392
5393         ret = rbd_dev_probe_parent(rbd_dev);
5394         if (ret)
5395                 goto err_out_probe;
5396
5397         dout("discovered format %u image, header name is %s\n",
5398                 rbd_dev->image_format, rbd_dev->header_name);
5399         return 0;
5400
5401 err_out_probe:
5402         rbd_dev_unprobe(rbd_dev);
5403 err_out_watch:
5404         if (mapping)
5405                 rbd_dev_header_unwatch_sync(rbd_dev);
5406 out_header_name:
5407         kfree(rbd_dev->header_name);
5408         rbd_dev->header_name = NULL;
5409 err_out_format:
5410         rbd_dev->image_format = 0;
5411         kfree(rbd_dev->spec->image_id);
5412         rbd_dev->spec->image_id = NULL;
5413         return ret;
5414 }
5415
5416 static ssize_t do_rbd_add(struct bus_type *bus,
5417                           const char *buf,
5418                           size_t count)
5419 {
5420         struct rbd_device *rbd_dev = NULL;
5421         struct ceph_options *ceph_opts = NULL;
5422         struct rbd_options *rbd_opts = NULL;
5423         struct rbd_spec *spec = NULL;
5424         struct rbd_client *rbdc;
5425         bool read_only;
5426         int rc = -ENOMEM;
5427
5428         if (!try_module_get(THIS_MODULE))
5429                 return -ENODEV;
5430
5431         /* parse add command */
5432         rc = rbd_add_parse_args(buf, &ceph_opts, &rbd_opts, &spec);
5433         if (rc < 0)
5434                 goto err_out_module;
5435
5436         rbdc = rbd_get_client(ceph_opts);
5437         if (IS_ERR(rbdc)) {
5438                 rc = PTR_ERR(rbdc);
5439                 goto err_out_args;
5440         }
5441
5442         /* pick the pool */
5443         rc = rbd_add_get_pool_id(rbdc, spec->pool_name);
5444         if (rc < 0) {
5445                 if (rc == -ENOENT)
5446                         pr_info("pool %s does not exist\n", spec->pool_name);
5447                 goto err_out_client;
5448         }
5449         spec->pool_id = (u64)rc;
5450
5451         /* The ceph file layout needs to fit pool id in 32 bits */
5452
5453         if (spec->pool_id > (u64)U32_MAX) {
5454                 rbd_warn(NULL, "pool id too large (%llu > %u)",
5455                                 (unsigned long long)spec->pool_id, U32_MAX);
5456                 rc = -EIO;
5457                 goto err_out_client;
5458         }
5459
5460         rbd_dev = rbd_dev_create(rbdc, spec, rbd_opts);
5461         if (!rbd_dev)
5462                 goto err_out_client;
5463         rbdc = NULL;            /* rbd_dev now owns this */
5464         spec = NULL;            /* rbd_dev now owns this */
5465         rbd_opts = NULL;        /* rbd_dev now owns this */
5466
5467         rc = rbd_dev_image_probe(rbd_dev, true);
5468         if (rc < 0)
5469                 goto err_out_rbd_dev;
5470
5471         /* If we are mapping a snapshot it must be marked read-only */
5472
5473         read_only = rbd_dev->opts->read_only;
5474         if (rbd_dev->spec->snap_id != CEPH_NOSNAP)
5475                 read_only = true;
5476         rbd_dev->mapping.read_only = read_only;
5477
5478         rc = rbd_dev_device_setup(rbd_dev);
5479         if (rc) {
5480                 /*
5481                  * rbd_dev_header_unwatch_sync() can't be moved into
5482                  * rbd_dev_image_release() without refactoring, see
5483                  * commit 1f3ef78861ac.
5484                  */
5485                 rbd_dev_header_unwatch_sync(rbd_dev);
5486                 rbd_dev_image_release(rbd_dev);
5487                 goto err_out_module;
5488         }
5489
5490         return count;
5491
5492 err_out_rbd_dev:
5493         rbd_dev_destroy(rbd_dev);
5494 err_out_client:
5495         rbd_put_client(rbdc);
5496 err_out_args:
5497         rbd_spec_put(spec);
5498         kfree(rbd_opts);
5499 err_out_module:
5500         module_put(THIS_MODULE);
5501
5502         dout("Error adding device %s\n", buf);
5503
5504         return (ssize_t)rc;
5505 }
5506
5507 static ssize_t rbd_add(struct bus_type *bus,
5508                        const char *buf,
5509                        size_t count)
5510 {
5511         if (single_major)
5512                 return -EINVAL;
5513
5514         return do_rbd_add(bus, buf, count);
5515 }
5516
5517 static ssize_t rbd_add_single_major(struct bus_type *bus,
5518                                     const char *buf,
5519                                     size_t count)
5520 {
5521         return do_rbd_add(bus, buf, count);
5522 }
5523
5524 static void rbd_dev_device_release(struct device *dev)
5525 {
5526         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
5527
5528         rbd_free_disk(rbd_dev);
5529         clear_bit(RBD_DEV_FLAG_EXISTS, &rbd_dev->flags);
5530         rbd_dev_mapping_clear(rbd_dev);
5531         if (!single_major)
5532                 unregister_blkdev(rbd_dev->major, rbd_dev->name);
5533         rbd_dev_id_put(rbd_dev);
5534         rbd_dev_mapping_clear(rbd_dev);
5535 }
5536
5537 static void rbd_dev_remove_parent(struct rbd_device *rbd_dev)
5538 {
5539         while (rbd_dev->parent) {
5540                 struct rbd_device *first = rbd_dev;
5541                 struct rbd_device *second = first->parent;
5542                 struct rbd_device *third;
5543
5544                 /*
5545                  * Follow to the parent with no grandparent and
5546                  * remove it.
5547                  */
5548                 while (second && (third = second->parent)) {
5549                         first = second;
5550                         second = third;
5551                 }
5552                 rbd_assert(second);
5553                 rbd_dev_image_release(second);
5554                 first->parent = NULL;
5555                 first->parent_overlap = 0;
5556
5557                 rbd_assert(first->parent_spec);
5558                 rbd_spec_put(first->parent_spec);
5559                 first->parent_spec = NULL;
5560         }
5561 }
5562
5563 static ssize_t do_rbd_remove(struct bus_type *bus,
5564                              const char *buf,
5565                              size_t count)
5566 {
5567         struct rbd_device *rbd_dev = NULL;
5568         struct list_head *tmp;
5569         int dev_id;
5570         unsigned long ul;
5571         bool already = false;
5572         int ret;
5573
5574         ret = kstrtoul(buf, 10, &ul);
5575         if (ret)
5576                 return ret;
5577
5578         /* convert to int; abort if we lost anything in the conversion */
5579         dev_id = (int)ul;
5580         if (dev_id != ul)
5581                 return -EINVAL;
5582
5583         ret = -ENOENT;
5584         spin_lock(&rbd_dev_list_lock);
5585         list_for_each(tmp, &rbd_dev_list) {
5586                 rbd_dev = list_entry(tmp, struct rbd_device, node);
5587                 if (rbd_dev->dev_id == dev_id) {
5588                         ret = 0;
5589                         break;
5590                 }
5591         }
5592         if (!ret) {
5593                 spin_lock_irq(&rbd_dev->lock);
5594                 if (rbd_dev->open_count)
5595                         ret = -EBUSY;
5596                 else
5597                         already = test_and_set_bit(RBD_DEV_FLAG_REMOVING,
5598                                                         &rbd_dev->flags);
5599                 spin_unlock_irq(&rbd_dev->lock);
5600         }
5601         spin_unlock(&rbd_dev_list_lock);
5602         if (ret < 0 || already)
5603                 return ret;
5604
5605         rbd_dev_header_unwatch_sync(rbd_dev);
5606         /*
5607          * flush remaining watch callbacks - these must be complete
5608          * before the osd_client is shutdown
5609          */
5610         dout("%s: flushing notifies", __func__);
5611         ceph_osdc_flush_notifies(&rbd_dev->rbd_client->client->osdc);
5612
5613         /*
5614          * Don't free anything from rbd_dev->disk until after all
5615          * notifies are completely processed. Otherwise
5616          * rbd_bus_del_dev() will race with rbd_watch_cb(), resulting
5617          * in a potential use after free of rbd_dev->disk or rbd_dev.
5618          */
5619         rbd_bus_del_dev(rbd_dev);
5620         rbd_dev_image_release(rbd_dev);
5621         module_put(THIS_MODULE);
5622
5623         return count;
5624 }
5625
5626 static ssize_t rbd_remove(struct bus_type *bus,
5627                           const char *buf,
5628                           size_t count)
5629 {
5630         if (single_major)
5631                 return -EINVAL;
5632
5633         return do_rbd_remove(bus, buf, count);
5634 }
5635
5636 static ssize_t rbd_remove_single_major(struct bus_type *bus,
5637                                        const char *buf,
5638                                        size_t count)
5639 {
5640         return do_rbd_remove(bus, buf, count);
5641 }
5642
5643 /*
5644  * create control files in sysfs
5645  * /sys/bus/rbd/...
5646  */
5647 static int rbd_sysfs_init(void)
5648 {
5649         int ret;
5650
5651         ret = device_register(&rbd_root_dev);
5652         if (ret < 0)
5653                 return ret;
5654
5655         ret = bus_register(&rbd_bus_type);
5656         if (ret < 0)
5657                 device_unregister(&rbd_root_dev);
5658
5659         return ret;
5660 }
5661
5662 static void rbd_sysfs_cleanup(void)
5663 {
5664         bus_unregister(&rbd_bus_type);
5665         device_unregister(&rbd_root_dev);
5666 }
5667
5668 static int rbd_slab_init(void)
5669 {
5670         rbd_assert(!rbd_img_request_cache);
5671         rbd_img_request_cache = kmem_cache_create("rbd_img_request",
5672                                         sizeof (struct rbd_img_request),
5673                                         __alignof__(struct rbd_img_request),
5674                                         0, NULL);
5675         if (!rbd_img_request_cache)
5676                 return -ENOMEM;
5677
5678         rbd_assert(!rbd_obj_request_cache);
5679         rbd_obj_request_cache = kmem_cache_create("rbd_obj_request",
5680                                         sizeof (struct rbd_obj_request),
5681                                         __alignof__(struct rbd_obj_request),
5682                                         0, NULL);
5683         if (!rbd_obj_request_cache)
5684                 goto out_err;
5685
5686         rbd_assert(!rbd_segment_name_cache);
5687         rbd_segment_name_cache = kmem_cache_create("rbd_segment_name",
5688                                         CEPH_MAX_OID_NAME_LEN + 1, 1, 0, NULL);
5689         if (rbd_segment_name_cache)
5690                 return 0;
5691 out_err:
5692         if (rbd_obj_request_cache) {
5693                 kmem_cache_destroy(rbd_obj_request_cache);
5694                 rbd_obj_request_cache = NULL;
5695         }
5696
5697         kmem_cache_destroy(rbd_img_request_cache);
5698         rbd_img_request_cache = NULL;
5699
5700         return -ENOMEM;
5701 }
5702
5703 static void rbd_slab_exit(void)
5704 {
5705         rbd_assert(rbd_segment_name_cache);
5706         kmem_cache_destroy(rbd_segment_name_cache);
5707         rbd_segment_name_cache = NULL;
5708
5709         rbd_assert(rbd_obj_request_cache);
5710         kmem_cache_destroy(rbd_obj_request_cache);
5711         rbd_obj_request_cache = NULL;
5712
5713         rbd_assert(rbd_img_request_cache);
5714         kmem_cache_destroy(rbd_img_request_cache);
5715         rbd_img_request_cache = NULL;
5716 }
5717
5718 static int __init rbd_init(void)
5719 {
5720         int rc;
5721
5722         if (!libceph_compatible(NULL)) {
5723                 rbd_warn(NULL, "libceph incompatibility (quitting)");
5724                 return -EINVAL;
5725         }
5726
5727         rc = rbd_slab_init();
5728         if (rc)
5729                 return rc;
5730
5731         /*
5732          * The number of active work items is limited by the number of
5733          * rbd devices * queue depth, so leave @max_active at default.
5734          */
5735         rbd_wq = alloc_workqueue(RBD_DRV_NAME, WQ_MEM_RECLAIM, 0);
5736         if (!rbd_wq) {
5737                 rc = -ENOMEM;
5738                 goto err_out_slab;
5739         }
5740
5741         if (single_major) {
5742                 rbd_major = register_blkdev(0, RBD_DRV_NAME);
5743                 if (rbd_major < 0) {
5744                         rc = rbd_major;
5745                         goto err_out_wq;
5746                 }
5747         }
5748
5749         rc = rbd_sysfs_init();
5750         if (rc)
5751                 goto err_out_blkdev;
5752
5753         if (single_major)
5754                 pr_info("loaded (major %d)\n", rbd_major);
5755         else
5756                 pr_info("loaded\n");
5757
5758         return 0;
5759
5760 err_out_blkdev:
5761         if (single_major)
5762                 unregister_blkdev(rbd_major, RBD_DRV_NAME);
5763 err_out_wq:
5764         destroy_workqueue(rbd_wq);
5765 err_out_slab:
5766         rbd_slab_exit();
5767         return rc;
5768 }
5769
5770 static void __exit rbd_exit(void)
5771 {
5772         ida_destroy(&rbd_dev_id_ida);
5773         rbd_sysfs_cleanup();
5774         if (single_major)
5775                 unregister_blkdev(rbd_major, RBD_DRV_NAME);
5776         destroy_workqueue(rbd_wq);
5777         rbd_slab_exit();
5778 }
5779
5780 module_init(rbd_init);
5781 module_exit(rbd_exit);
5782
5783 MODULE_AUTHOR("Alex Elder <elder@inktank.com>");
5784 MODULE_AUTHOR("Sage Weil <sage@newdream.net>");
5785 MODULE_AUTHOR("Yehuda Sadeh <yehuda@hq.newdream.net>");
5786 /* following authorship retained from original osdblk.c */
5787 MODULE_AUTHOR("Jeff Garzik <jeff@garzik.org>");
5788
5789 MODULE_DESCRIPTION("RADOS Block Device (RBD) driver");
5790 MODULE_LICENSE("GPL");
Linux 6.x block layer and io_uring tree(s)