]> git.kernelconcepts.de Git - karo-tx-linux.git/blob - drivers/block/rbd.c
projects / karo-tx-linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
ASoC: sti-asoc-card: update tdm mode
[karo-tx-linux.git] / drivers / block / rbd.c
1
2 /*
3    rbd.c -- Export ceph rados objects as a Linux block device
4
5
6    based on drivers/block/osdblk.c:
7
8    Copyright 2009 Red Hat, Inc.
9
10    This program is free software; you can redistribute it and/or modify
11    it under the terms of the GNU General Public License as published by
12    the Free Software Foundation.
13
14    This program is distributed in the hope that it will be useful,
15    but WITHOUT ANY WARRANTY; without even the implied warranty of
16    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17    GNU General Public License for more details.
18
19    You should have received a copy of the GNU General Public License
20    along with this program; see the file COPYING.  If not, write to
21    the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
22
23
24
25    For usage instructions, please refer to:
26
27                  Documentation/ABI/testing/sysfs-bus-rbd
28
29  */
30
31 #include <linux/ceph/libceph.h>
32 #include <linux/ceph/osd_client.h>
33 #include <linux/ceph/mon_client.h>
34 #include <linux/ceph/decode.h>
35 #include <linux/parser.h>
36 #include <linux/bsearch.h>
37
38 #include <linux/kernel.h>
39 #include <linux/device.h>
40 #include <linux/module.h>
41 #include <linux/blk-mq.h>
42 #include <linux/fs.h>
43 #include <linux/blkdev.h>
44 #include <linux/slab.h>
45 #include <linux/idr.h>
46 #include <linux/workqueue.h>
47
48 #include "rbd_types.h"
49
50 #define RBD_DEBUG       /* Activate rbd_assert() calls */
51
52 /*
53  * The basic unit of block I/O is a sector.  It is interpreted in a
54  * number of contexts in Linux (blk, bio, genhd), but the default is
55  * universally 512 bytes.  These symbols are just slightly more
56  * meaningful than the bare numbers they represent.
57  */
58 #define SECTOR_SHIFT    9
59 #define SECTOR_SIZE     (1ULL << SECTOR_SHIFT)
60
61 /*
62  * Increment the given counter and return its updated value.
63  * If the counter is already 0 it will not be incremented.
64  * If the counter is already at its maximum value returns
65  * -EINVAL without updating it.
66  */
67 static int atomic_inc_return_safe(atomic_t *v)
68 {
69         unsigned int counter;
70
71         counter = (unsigned int)__atomic_add_unless(v, 1, 0);
72         if (counter <= (unsigned int)INT_MAX)
73                 return (int)counter;
74
75         atomic_dec(v);
76
77         return -EINVAL;
78 }
79
80 /* Decrement the counter.  Return the resulting value, or -EINVAL */
81 static int atomic_dec_return_safe(atomic_t *v)
82 {
83         int counter;
84
85         counter = atomic_dec_return(v);
86         if (counter >= 0)
87                 return counter;
88
89         atomic_inc(v);
90
91         return -EINVAL;
92 }
93
94 #define RBD_DRV_NAME "rbd"
95
96 #define RBD_MINORS_PER_MAJOR            256
97 #define RBD_SINGLE_MAJOR_PART_SHIFT     4
98
99 #define RBD_MAX_PARENT_CHAIN_LEN        16
100
101 #define RBD_SNAP_DEV_NAME_PREFIX        "snap_"
102 #define RBD_MAX_SNAP_NAME_LEN   \
103                         (NAME_MAX - (sizeof (RBD_SNAP_DEV_NAME_PREFIX) - 1))
104
105 #define RBD_MAX_SNAP_COUNT      510     /* allows max snapc to fit in 4KB */
106
107 #define RBD_SNAP_HEAD_NAME      "-"
108
109 #define BAD_SNAP_INDEX  U32_MAX         /* invalid index into snap array */
110
111 /* This allows a single page to hold an image name sent by OSD */
112 #define RBD_IMAGE_NAME_LEN_MAX  (PAGE_SIZE - sizeof (__le32) - 1)
113 #define RBD_IMAGE_ID_LEN_MAX    64
114
115 #define RBD_OBJ_PREFIX_LEN_MAX  64
116
117 /* Feature bits */
118
119 #define RBD_FEATURE_LAYERING    (1<<0)
120 #define RBD_FEATURE_STRIPINGV2  (1<<1)
121 #define RBD_FEATURES_ALL \
122             (RBD_FEATURE_LAYERING | RBD_FEATURE_STRIPINGV2)
123
124 /* Features supported by this (client software) implementation. */
125
126 #define RBD_FEATURES_SUPPORTED  (RBD_FEATURES_ALL)
127
128 /*
129  * An RBD device name will be "rbd#", where the "rbd" comes from
130  * RBD_DRV_NAME above, and # is a unique integer identifier.
131  * MAX_INT_FORMAT_WIDTH is used in ensuring DEV_NAME_LEN is big
132  * enough to hold all possible device names.
133  */
134 #define DEV_NAME_LEN            32
135 #define MAX_INT_FORMAT_WIDTH    ((5 * sizeof (int)) / 2 + 1)
136
137 /*
138  * block device image metadata (in-memory version)
139  */
140 struct rbd_image_header {
141         /* These six fields never change for a given rbd image */
142         char *object_prefix;
143         __u8 obj_order;
144         __u8 crypt_type;
145         __u8 comp_type;
146         u64 stripe_unit;
147         u64 stripe_count;
148         u64 features;           /* Might be changeable someday? */
149
150         /* The remaining fields need to be updated occasionally */
151         u64 image_size;
152         struct ceph_snap_context *snapc;
153         char *snap_names;       /* format 1 only */
154         u64 *snap_sizes;        /* format 1 only */
155 };
156
157 /*
158  * An rbd image specification.
159  *
160  * The tuple (pool_id, image_id, snap_id) is sufficient to uniquely
161  * identify an image.  Each rbd_dev structure includes a pointer to
162  * an rbd_spec structure that encapsulates this identity.
163  *
164  * Each of the id's in an rbd_spec has an associated name.  For a
165  * user-mapped image, the names are supplied and the id's associated
166  * with them are looked up.  For a layered image, a parent image is
167  * defined by the tuple, and the names are looked up.
168  *
169  * An rbd_dev structure contains a parent_spec pointer which is
170  * non-null if the image it represents is a child in a layered
171  * image.  This pointer will refer to the rbd_spec structure used
172  * by the parent rbd_dev for its own identity (i.e., the structure
173  * is shared between the parent and child).
174  *
175  * Since these structures are populated once, during the discovery
176  * phase of image construction, they are effectively immutable so
177  * we make no effort to synchronize access to them.
178  *
179  * Note that code herein does not assume the image name is known (it
180  * could be a null pointer).
181  */
182 struct rbd_spec {
183         u64             pool_id;
184         const char      *pool_name;
185
186         const char      *image_id;
187         const char      *image_name;
188
189         u64             snap_id;
190         const char      *snap_name;
191
192         struct kref     kref;
193 };
194
195 /*
196  * an instance of the client.  multiple devices may share an rbd client.
197  */
198 struct rbd_client {
199         struct ceph_client      *client;
200         struct kref             kref;
201         struct list_head        node;
202 };
203
204 struct rbd_img_request;
205 typedef void (*rbd_img_callback_t)(struct rbd_img_request *);
206
207 #define BAD_WHICH       U32_MAX         /* Good which or bad which, which? */
208
209 struct rbd_obj_request;
210 typedef void (*rbd_obj_callback_t)(struct rbd_obj_request *);
211
212 enum obj_request_type {
213         OBJ_REQUEST_NODATA, OBJ_REQUEST_BIO, OBJ_REQUEST_PAGES
214 };
215
216 enum obj_operation_type {
217         OBJ_OP_WRITE,
218         OBJ_OP_READ,
219         OBJ_OP_DISCARD,
220 };
221
222 enum obj_req_flags {
223         OBJ_REQ_DONE,           /* completion flag: not done = 0, done = 1 */
224         OBJ_REQ_IMG_DATA,       /* object usage: standalone = 0, image = 1 */
225         OBJ_REQ_KNOWN,          /* EXISTS flag valid: no = 0, yes = 1 */
226         OBJ_REQ_EXISTS,         /* target exists: no = 0, yes = 1 */
227 };
228
229 struct rbd_obj_request {
230         const char              *object_name;
231         u64                     offset;         /* object start byte */
232         u64                     length;         /* bytes from offset */
233         unsigned long           flags;
234
235         /*
236          * An object request associated with an image will have its
237          * img_data flag set; a standalone object request will not.
238          *
239          * A standalone object request will have which == BAD_WHICH
240          * and a null obj_request pointer.
241          *
242          * An object request initiated in support of a layered image
243          * object (to check for its existence before a write) will
244          * have which == BAD_WHICH and a non-null obj_request pointer.
245          *
246          * Finally, an object request for rbd image data will have
247          * which != BAD_WHICH, and will have a non-null img_request
248          * pointer.  The value of which will be in the range
249          * 0..(img_request->obj_request_count-1).
250          */
251         union {
252                 struct rbd_obj_request  *obj_request;   /* STAT op */
253                 struct {
254                         struct rbd_img_request  *img_request;
255                         u64                     img_offset;
256                         /* links for img_request->obj_requests list */
257                         struct list_head        links;
258                 };
259         };
260         u32                     which;          /* posn image request list */
261
262         enum obj_request_type   type;
263         union {
264                 struct bio      *bio_list;
265                 struct {
266                         struct page     **pages;
267                         u32             page_count;
268                 };
269         };
270         struct page             **copyup_pages;
271         u32                     copyup_page_count;
272
273         struct ceph_osd_request *osd_req;
274
275         u64                     xferred;        /* bytes transferred */
276         int                     result;
277
278         rbd_obj_callback_t      callback;
279         struct completion       completion;
280
281         struct kref             kref;
282 };
283
284 enum img_req_flags {
285         IMG_REQ_WRITE,          /* I/O direction: read = 0, write = 1 */
286         IMG_REQ_CHILD,          /* initiator: block = 0, child image = 1 */
287         IMG_REQ_LAYERED,        /* ENOENT handling: normal = 0, layered = 1 */
288         IMG_REQ_DISCARD,        /* discard: normal = 0, discard request = 1 */
289 };
290
291 struct rbd_img_request {
292         struct rbd_device       *rbd_dev;
293         u64                     offset; /* starting image byte offset */
294         u64                     length; /* byte count from offset */
295         unsigned long           flags;
296         union {
297                 u64                     snap_id;        /* for reads */
298                 struct ceph_snap_context *snapc;        /* for writes */
299         };
300         union {
301                 struct request          *rq;            /* block request */
302                 struct rbd_obj_request  *obj_request;   /* obj req initiator */
303         };
304         struct page             **copyup_pages;
305         u32                     copyup_page_count;
306         spinlock_t              completion_lock;/* protects next_completion */
307         u32                     next_completion;
308         rbd_img_callback_t      callback;
309         u64                     xferred;/* aggregate bytes transferred */
310         int                     result; /* first nonzero obj_request result */
311
312         u32                     obj_request_count;
313         struct list_head        obj_requests;   /* rbd_obj_request structs */
314
315         struct kref             kref;
316 };
317
318 #define for_each_obj_request(ireq, oreq) \
319         list_for_each_entry(oreq, &(ireq)->obj_requests, links)
320 #define for_each_obj_request_from(ireq, oreq) \
321         list_for_each_entry_from(oreq, &(ireq)->obj_requests, links)
322 #define for_each_obj_request_safe(ireq, oreq, n) \
323         list_for_each_entry_safe_reverse(oreq, n, &(ireq)->obj_requests, links)
324
325 struct rbd_mapping {
326         u64                     size;
327         u64                     features;
328         bool                    read_only;
329 };
330
331 /*
332  * a single device
333  */
334 struct rbd_device {
335         int                     dev_id;         /* blkdev unique id */
336
337         int                     major;          /* blkdev assigned major */
338         int                     minor;
339         struct gendisk          *disk;          /* blkdev's gendisk and rq */
340
341         u32                     image_format;   /* Either 1 or 2 */
342         struct rbd_client       *rbd_client;
343
344         char                    name[DEV_NAME_LEN]; /* blkdev name, e.g. rbd3 */
345
346         spinlock_t              lock;           /* queue, flags, open_count */
347
348         struct rbd_image_header header;
349         unsigned long           flags;          /* possibly lock protected */
350         struct rbd_spec         *spec;
351         struct rbd_options      *opts;
352
353         char                    *header_name;
354
355         struct ceph_file_layout layout;
356
357         struct ceph_osd_event   *watch_event;
358         struct rbd_obj_request  *watch_request;
359
360         struct rbd_spec         *parent_spec;
361         u64                     parent_overlap;
362         atomic_t                parent_ref;
363         struct rbd_device       *parent;
364
365         /* Block layer tags. */
366         struct blk_mq_tag_set   tag_set;
367
368         /* protects updating the header */
369         struct rw_semaphore     header_rwsem;
370
371         struct rbd_mapping      mapping;
372
373         struct list_head        node;
374
375         /* sysfs related */
376         struct device           dev;
377         unsigned long           open_count;     /* protected by lock */
378 };
379
380 /*
381  * Flag bits for rbd_dev->flags.  If atomicity is required,
382  * rbd_dev->lock is used to protect access.
383  *
384  * Currently, only the "removing" flag (which is coupled with the
385  * "open_count" field) requires atomic access.
386  */
387 enum rbd_dev_flags {
388         RBD_DEV_FLAG_EXISTS,    /* mapped snapshot has not been deleted */
389         RBD_DEV_FLAG_REMOVING,  /* this mapping is being removed */
390 };
391
392 static DEFINE_MUTEX(client_mutex);      /* Serialize client creation */
393
394 static LIST_HEAD(rbd_dev_list);    /* devices */
395 static DEFINE_SPINLOCK(rbd_dev_list_lock);
396
397 static LIST_HEAD(rbd_client_list);              /* clients */
398 static DEFINE_SPINLOCK(rbd_client_list_lock);
399
400 /* Slab caches for frequently-allocated structures */
401
402 static struct kmem_cache        *rbd_img_request_cache;
403 static struct kmem_cache        *rbd_obj_request_cache;
404 static struct kmem_cache        *rbd_segment_name_cache;
405
406 static int rbd_major;
407 static DEFINE_IDA(rbd_dev_id_ida);
408
409 static struct workqueue_struct *rbd_wq;
410
411 /*
412  * Default to false for now, as single-major requires >= 0.75 version of
413  * userspace rbd utility.
414  */
415 static bool single_major = false;
416 module_param(single_major, bool, S_IRUGO);
417 MODULE_PARM_DESC(single_major, "Use a single major number for all rbd devices (default: false)");
418
419 static int rbd_img_request_submit(struct rbd_img_request *img_request);
420
421 static ssize_t rbd_add(struct bus_type *bus, const char *buf,
422                        size_t count);
423 static ssize_t rbd_remove(struct bus_type *bus, const char *buf,
424                           size_t count);
425 static ssize_t rbd_add_single_major(struct bus_type *bus, const char *buf,
426                                     size_t count);
427 static ssize_t rbd_remove_single_major(struct bus_type *bus, const char *buf,
428                                        size_t count);
429 static int rbd_dev_image_probe(struct rbd_device *rbd_dev, int depth);
430 static void rbd_spec_put(struct rbd_spec *spec);
431
432 static int rbd_dev_id_to_minor(int dev_id)
433 {
434         return dev_id << RBD_SINGLE_MAJOR_PART_SHIFT;
435 }
436
437 static int minor_to_rbd_dev_id(int minor)
438 {
439         return minor >> RBD_SINGLE_MAJOR_PART_SHIFT;
440 }
441
442 static BUS_ATTR(add, S_IWUSR, NULL, rbd_add);
443 static BUS_ATTR(remove, S_IWUSR, NULL, rbd_remove);
444 static BUS_ATTR(add_single_major, S_IWUSR, NULL, rbd_add_single_major);
445 static BUS_ATTR(remove_single_major, S_IWUSR, NULL, rbd_remove_single_major);
446
447 static struct attribute *rbd_bus_attrs[] = {
448         &bus_attr_add.attr,
449         &bus_attr_remove.attr,
450         &bus_attr_add_single_major.attr,
451         &bus_attr_remove_single_major.attr,
452         NULL,
453 };
454
455 static umode_t rbd_bus_is_visible(struct kobject *kobj,
456                                   struct attribute *attr, int index)
457 {
458         if (!single_major &&
459             (attr == &bus_attr_add_single_major.attr ||
460              attr == &bus_attr_remove_single_major.attr))
461                 return 0;
462
463         return attr->mode;
464 }
465
466 static const struct attribute_group rbd_bus_group = {
467         .attrs = rbd_bus_attrs,
468         .is_visible = rbd_bus_is_visible,
469 };
470 __ATTRIBUTE_GROUPS(rbd_bus);
471
472 static struct bus_type rbd_bus_type = {
473         .name           = "rbd",
474         .bus_groups     = rbd_bus_groups,
475 };
476
477 static void rbd_root_dev_release(struct device *dev)
478 {
479 }
480
481 static struct device rbd_root_dev = {
482         .init_name =    "rbd",
483         .release =      rbd_root_dev_release,
484 };
485
486 static __printf(2, 3)
487 void rbd_warn(struct rbd_device *rbd_dev, const char *fmt, ...)
488 {
489         struct va_format vaf;
490         va_list args;
491
492         va_start(args, fmt);
493         vaf.fmt = fmt;
494         vaf.va = &args;
495
496         if (!rbd_dev)
497                 printk(KERN_WARNING "%s: %pV\n", RBD_DRV_NAME, &vaf);
498         else if (rbd_dev->disk)
499                 printk(KERN_WARNING "%s: %s: %pV\n",
500                         RBD_DRV_NAME, rbd_dev->disk->disk_name, &vaf);
501         else if (rbd_dev->spec && rbd_dev->spec->image_name)
502                 printk(KERN_WARNING "%s: image %s: %pV\n",
503                         RBD_DRV_NAME, rbd_dev->spec->image_name, &vaf);
504         else if (rbd_dev->spec && rbd_dev->spec->image_id)
505                 printk(KERN_WARNING "%s: id %s: %pV\n",
506                         RBD_DRV_NAME, rbd_dev->spec->image_id, &vaf);
507         else    /* punt */
508                 printk(KERN_WARNING "%s: rbd_dev %p: %pV\n",
509                         RBD_DRV_NAME, rbd_dev, &vaf);
510         va_end(args);
511 }
512
513 #ifdef RBD_DEBUG
514 #define rbd_assert(expr)                                                \
515                 if (unlikely(!(expr))) {                                \
516                         printk(KERN_ERR "\nAssertion failure in %s() "  \
517                                                 "at line %d:\n\n"       \
518                                         "\trbd_assert(%s);\n\n",        \
519                                         __func__, __LINE__, #expr);     \
520                         BUG();                                          \
521                 }
522 #else /* !RBD_DEBUG */
523 #  define rbd_assert(expr)      ((void) 0)
524 #endif /* !RBD_DEBUG */
525
526 static void rbd_osd_copyup_callback(struct rbd_obj_request *obj_request);
527 static int rbd_img_obj_request_submit(struct rbd_obj_request *obj_request);
528 static void rbd_img_parent_read(struct rbd_obj_request *obj_request);
529 static void rbd_dev_remove_parent(struct rbd_device *rbd_dev);
530
531 static int rbd_dev_refresh(struct rbd_device *rbd_dev);
532 static int rbd_dev_v2_header_onetime(struct rbd_device *rbd_dev);
533 static int rbd_dev_header_info(struct rbd_device *rbd_dev);
534 static int rbd_dev_v2_parent_info(struct rbd_device *rbd_dev);
535 static const char *rbd_dev_v2_snap_name(struct rbd_device *rbd_dev,
536                                         u64 snap_id);
537 static int _rbd_dev_v2_snap_size(struct rbd_device *rbd_dev, u64 snap_id,
538                                 u8 *order, u64 *snap_size);
539 static int _rbd_dev_v2_snap_features(struct rbd_device *rbd_dev, u64 snap_id,
540                 u64 *snap_features);
541 static u64 rbd_snap_id_by_name(struct rbd_device *rbd_dev, const char *name);
542
543 static int rbd_open(struct block_device *bdev, fmode_t mode)
544 {
545         struct rbd_device *rbd_dev = bdev->bd_disk->private_data;
546         bool removing = false;
547
548         if ((mode & FMODE_WRITE) && rbd_dev->mapping.read_only)
549                 return -EROFS;
550
551         spin_lock_irq(&rbd_dev->lock);
552         if (test_bit(RBD_DEV_FLAG_REMOVING, &rbd_dev->flags))
553                 removing = true;
554         else
555                 rbd_dev->open_count++;
556         spin_unlock_irq(&rbd_dev->lock);
557         if (removing)
558                 return -ENOENT;
559
560         (void) get_device(&rbd_dev->dev);
561
562         return 0;
563 }
564
565 static void rbd_release(struct gendisk *disk, fmode_t mode)
566 {
567         struct rbd_device *rbd_dev = disk->private_data;
568         unsigned long open_count_before;
569
570         spin_lock_irq(&rbd_dev->lock);
571         open_count_before = rbd_dev->open_count--;
572         spin_unlock_irq(&rbd_dev->lock);
573         rbd_assert(open_count_before > 0);
574
575         put_device(&rbd_dev->dev);
576 }
577
578 static int rbd_ioctl_set_ro(struct rbd_device *rbd_dev, unsigned long arg)
579 {
580         int ret = 0;
581         int val;
582         bool ro;
583         bool ro_changed = false;
584
585         /* get_user() may sleep, so call it before taking rbd_dev->lock */
586         if (get_user(val, (int __user *)(arg)))
587                 return -EFAULT;
588
589         ro = val ? true : false;
590         /* Snapshot doesn't allow to write*/
591         if (rbd_dev->spec->snap_id != CEPH_NOSNAP && !ro)
592                 return -EROFS;
593
594         spin_lock_irq(&rbd_dev->lock);
595         /* prevent others open this device */
596         if (rbd_dev->open_count > 1) {
597                 ret = -EBUSY;
598                 goto out;
599         }
600
601         if (rbd_dev->mapping.read_only != ro) {
602                 rbd_dev->mapping.read_only = ro;
603                 ro_changed = true;
604         }
605
606 out:
607         spin_unlock_irq(&rbd_dev->lock);
608         /* set_disk_ro() may sleep, so call it after releasing rbd_dev->lock */
609         if (ret == 0 && ro_changed)
610                 set_disk_ro(rbd_dev->disk, ro ? 1 : 0);
611
612         return ret;
613 }
614
615 static int rbd_ioctl(struct block_device *bdev, fmode_t mode,
616                         unsigned int cmd, unsigned long arg)
617 {
618         struct rbd_device *rbd_dev = bdev->bd_disk->private_data;
619         int ret = 0;
620
621         switch (cmd) {
622         case BLKROSET:
623                 ret = rbd_ioctl_set_ro(rbd_dev, arg);
624                 break;
625         default:
626                 ret = -ENOTTY;
627         }
628
629         return ret;
630 }
631
632 #ifdef CONFIG_COMPAT
633 static int rbd_compat_ioctl(struct block_device *bdev, fmode_t mode,
634                                 unsigned int cmd, unsigned long arg)
635 {
636         return rbd_ioctl(bdev, mode, cmd, arg);
637 }
638 #endif /* CONFIG_COMPAT */
639
640 static const struct block_device_operations rbd_bd_ops = {
641         .owner                  = THIS_MODULE,
642         .open                   = rbd_open,
643         .release                = rbd_release,
644         .ioctl                  = rbd_ioctl,
645 #ifdef CONFIG_COMPAT
646         .compat_ioctl           = rbd_compat_ioctl,
647 #endif
648 };
649
650 /*
651  * Initialize an rbd client instance.  Success or not, this function
652  * consumes ceph_opts.  Caller holds client_mutex.
653  */
654 static struct rbd_client *rbd_client_create(struct ceph_options *ceph_opts)
655 {
656         struct rbd_client *rbdc;
657         int ret = -ENOMEM;
658
659         dout("%s:\n", __func__);
660         rbdc = kmalloc(sizeof(struct rbd_client), GFP_KERNEL);
661         if (!rbdc)
662                 goto out_opt;
663
664         kref_init(&rbdc->kref);
665         INIT_LIST_HEAD(&rbdc->node);
666
667         rbdc->client = ceph_create_client(ceph_opts, rbdc, 0, 0);
668         if (IS_ERR(rbdc->client))
669                 goto out_rbdc;
670         ceph_opts = NULL; /* Now rbdc->client is responsible for ceph_opts */
671
672         ret = ceph_open_session(rbdc->client);
673         if (ret < 0)
674                 goto out_client;
675
676         spin_lock(&rbd_client_list_lock);
677         list_add_tail(&rbdc->node, &rbd_client_list);
678         spin_unlock(&rbd_client_list_lock);
679
680         dout("%s: rbdc %p\n", __func__, rbdc);
681
682         return rbdc;
683 out_client:
684         ceph_destroy_client(rbdc->client);
685 out_rbdc:
686         kfree(rbdc);
687 out_opt:
688         if (ceph_opts)
689                 ceph_destroy_options(ceph_opts);
690         dout("%s: error %d\n", __func__, ret);
691
692         return ERR_PTR(ret);
693 }
694
695 static struct rbd_client *__rbd_get_client(struct rbd_client *rbdc)
696 {
697         kref_get(&rbdc->kref);
698
699         return rbdc;
700 }
701
702 /*
703  * Find a ceph client with specific addr and configuration.  If
704  * found, bump its reference count.
705  */
706 static struct rbd_client *rbd_client_find(struct ceph_options *ceph_opts)
707 {
708         struct rbd_client *client_node;
709         bool found = false;
710
711         if (ceph_opts->flags & CEPH_OPT_NOSHARE)
712                 return NULL;
713
714         spin_lock(&rbd_client_list_lock);
715         list_for_each_entry(client_node, &rbd_client_list, node) {
716                 if (!ceph_compare_options(ceph_opts, client_node->client)) {
717                         __rbd_get_client(client_node);
718
719                         found = true;
720                         break;
721                 }
722         }
723         spin_unlock(&rbd_client_list_lock);
724
725         return found ? client_node : NULL;
726 }
727
728 /*
729  * (Per device) rbd map options
730  */
731 enum {
732         Opt_queue_depth,
733         Opt_last_int,
734         /* int args above */
735         Opt_last_string,
736         /* string args above */
737         Opt_read_only,
738         Opt_read_write,
739         Opt_err
740 };
741
742 static match_table_t rbd_opts_tokens = {
743         {Opt_queue_depth, "queue_depth=%d"},
744         /* int args above */
745         /* string args above */
746         {Opt_read_only, "read_only"},
747         {Opt_read_only, "ro"},          /* Alternate spelling */
748         {Opt_read_write, "read_write"},
749         {Opt_read_write, "rw"},         /* Alternate spelling */
750         {Opt_err, NULL}
751 };
752
753 struct rbd_options {
754         int     queue_depth;
755         bool    read_only;
756 };
757
758 #define RBD_QUEUE_DEPTH_DEFAULT BLKDEV_MAX_RQ
759 #define RBD_READ_ONLY_DEFAULT   false
760
761 static int parse_rbd_opts_token(char *c, void *private)
762 {
763         struct rbd_options *rbd_opts = private;
764         substring_t argstr[MAX_OPT_ARGS];
765         int token, intval, ret;
766
767         token = match_token(c, rbd_opts_tokens, argstr);
768         if (token < Opt_last_int) {
769                 ret = match_int(&argstr[0], &intval);
770                 if (ret < 0) {
771                         pr_err("bad mount option arg (not int) at '%s'\n", c);
772                         return ret;
773                 }
774                 dout("got int token %d val %d\n", token, intval);
775         } else if (token > Opt_last_int && token < Opt_last_string) {
776                 dout("got string token %d val %s\n", token, argstr[0].from);
777         } else {
778                 dout("got token %d\n", token);
779         }
780
781         switch (token) {
782         case Opt_queue_depth:
783                 if (intval < 1) {
784                         pr_err("queue_depth out of range\n");
785                         return -EINVAL;
786                 }
787                 rbd_opts->queue_depth = intval;
788                 break;
789         case Opt_read_only:
790                 rbd_opts->read_only = true;
791                 break;
792         case Opt_read_write:
793                 rbd_opts->read_only = false;
794                 break;
795         default:
796                 /* libceph prints "bad option" msg */
797                 return -EINVAL;
798         }
799
800         return 0;
801 }
802
803 static char* obj_op_name(enum obj_operation_type op_type)
804 {
805         switch (op_type) {
806         case OBJ_OP_READ:
807                 return "read";
808         case OBJ_OP_WRITE:
809                 return "write";
810         case OBJ_OP_DISCARD:
811                 return "discard";
812         default:
813                 return "???";
814         }
815 }
816
817 /*
818  * Get a ceph client with specific addr and configuration, if one does
819  * not exist create it.  Either way, ceph_opts is consumed by this
820  * function.
821  */
822 static struct rbd_client *rbd_get_client(struct ceph_options *ceph_opts)
823 {
824         struct rbd_client *rbdc;
825
826         mutex_lock_nested(&client_mutex, SINGLE_DEPTH_NESTING);
827         rbdc = rbd_client_find(ceph_opts);
828         if (rbdc)       /* using an existing client */
829                 ceph_destroy_options(ceph_opts);
830         else
831                 rbdc = rbd_client_create(ceph_opts);
832         mutex_unlock(&client_mutex);
833
834         return rbdc;
835 }
836
837 /*
838  * Destroy ceph client
839  *
840  * Caller must hold rbd_client_list_lock.
841  */
842 static void rbd_client_release(struct kref *kref)
843 {
844         struct rbd_client *rbdc = container_of(kref, struct rbd_client, kref);
845
846         dout("%s: rbdc %p\n", __func__, rbdc);
847         spin_lock(&rbd_client_list_lock);
848         list_del(&rbdc->node);
849         spin_unlock(&rbd_client_list_lock);
850
851         ceph_destroy_client(rbdc->client);
852         kfree(rbdc);
853 }
854
855 /*
856  * Drop reference to ceph client node. If it's not referenced anymore, release
857  * it.
858  */
859 static void rbd_put_client(struct rbd_client *rbdc)
860 {
861         if (rbdc)
862                 kref_put(&rbdc->kref, rbd_client_release);
863 }
864
865 static bool rbd_image_format_valid(u32 image_format)
866 {
867         return image_format == 1 || image_format == 2;
868 }
869
870 static bool rbd_dev_ondisk_valid(struct rbd_image_header_ondisk *ondisk)
871 {
872         size_t size;
873         u32 snap_count;
874
875         /* The header has to start with the magic rbd header text */
876         if (memcmp(&ondisk->text, RBD_HEADER_TEXT, sizeof (RBD_HEADER_TEXT)))
877                 return false;
878
879         /* The bio layer requires at least sector-sized I/O */
880
881         if (ondisk->options.order < SECTOR_SHIFT)
882                 return false;
883
884         /* If we use u64 in a few spots we may be able to loosen this */
885
886         if (ondisk->options.order > 8 * sizeof (int) - 1)
887                 return false;
888
889         /*
890          * The size of a snapshot header has to fit in a size_t, and
891          * that limits the number of snapshots.
892          */
893         snap_count = le32_to_cpu(ondisk->snap_count);
894         size = SIZE_MAX - sizeof (struct ceph_snap_context);
895         if (snap_count > size / sizeof (__le64))
896                 return false;
897
898         /*
899          * Not only that, but the size of the entire the snapshot
900          * header must also be representable in a size_t.
901          */
902         size -= snap_count * sizeof (__le64);
903         if ((u64) size < le64_to_cpu(ondisk->snap_names_len))
904                 return false;
905
906         return true;
907 }
908
909 /*
910  * Fill an rbd image header with information from the given format 1
911  * on-disk header.
912  */
913 static int rbd_header_from_disk(struct rbd_device *rbd_dev,
914                                  struct rbd_image_header_ondisk *ondisk)
915 {
916         struct rbd_image_header *header = &rbd_dev->header;
917         bool first_time = header->object_prefix == NULL;
918         struct ceph_snap_context *snapc;
919         char *object_prefix = NULL;
920         char *snap_names = NULL;
921         u64 *snap_sizes = NULL;
922         u32 snap_count;
923         size_t size;
924         int ret = -ENOMEM;
925         u32 i;
926
927         /* Allocate this now to avoid having to handle failure below */
928
929         if (first_time) {
930                 size_t len;
931
932                 len = strnlen(ondisk->object_prefix,
933                                 sizeof (ondisk->object_prefix));
934                 object_prefix = kmalloc(len + 1, GFP_KERNEL);
935                 if (!object_prefix)
936                         return -ENOMEM;
937                 memcpy(object_prefix, ondisk->object_prefix, len);
938                 object_prefix[len] = '\0';
939         }
940
941         /* Allocate the snapshot context and fill it in */
942
943         snap_count = le32_to_cpu(ondisk->snap_count);
944         snapc = ceph_create_snap_context(snap_count, GFP_KERNEL);
945         if (!snapc)
946                 goto out_err;
947         snapc->seq = le64_to_cpu(ondisk->snap_seq);
948         if (snap_count) {
949                 struct rbd_image_snap_ondisk *snaps;
950                 u64 snap_names_len = le64_to_cpu(ondisk->snap_names_len);
951
952                 /* We'll keep a copy of the snapshot names... */
953
954                 if (snap_names_len > (u64)SIZE_MAX)
955                         goto out_2big;
956                 snap_names = kmalloc(snap_names_len, GFP_KERNEL);
957                 if (!snap_names)
958                         goto out_err;
959
960                 /* ...as well as the array of their sizes. */
961
962                 size = snap_count * sizeof (*header->snap_sizes);
963                 snap_sizes = kmalloc(size, GFP_KERNEL);
964                 if (!snap_sizes)
965                         goto out_err;
966
967                 /*
968                  * Copy the names, and fill in each snapshot's id
969                  * and size.
970                  *
971                  * Note that rbd_dev_v1_header_info() guarantees the
972                  * ondisk buffer we're working with has
973                  * snap_names_len bytes beyond the end of the
974                  * snapshot id array, this memcpy() is safe.
975                  */
976                 memcpy(snap_names, &ondisk->snaps[snap_count], snap_names_len);
977                 snaps = ondisk->snaps;
978                 for (i = 0; i < snap_count; i++) {
979                         snapc->snaps[i] = le64_to_cpu(snaps[i].id);
980                         snap_sizes[i] = le64_to_cpu(snaps[i].image_size);
981                 }
982         }
983
984         /* We won't fail any more, fill in the header */
985
986         if (first_time) {
987                 header->object_prefix = object_prefix;
988                 header->obj_order = ondisk->options.order;
989                 header->crypt_type = ondisk->options.crypt_type;
990                 header->comp_type = ondisk->options.comp_type;
991                 /* The rest aren't used for format 1 images */
992                 header->stripe_unit = 0;
993                 header->stripe_count = 0;
994                 header->features = 0;
995         } else {
996                 ceph_put_snap_context(header->snapc);
997                 kfree(header->snap_names);
998                 kfree(header->snap_sizes);
999         }
1000
1001         /* The remaining fields always get updated (when we refresh) */
1002
1003         header->image_size = le64_to_cpu(ondisk->image_size);
1004         header->snapc = snapc;
1005         header->snap_names = snap_names;
1006         header->snap_sizes = snap_sizes;
1007
1008         return 0;
1009 out_2big:
1010         ret = -EIO;
1011 out_err:
1012         kfree(snap_sizes);
1013         kfree(snap_names);
1014         ceph_put_snap_context(snapc);
1015         kfree(object_prefix);
1016
1017         return ret;
1018 }
1019
1020 static const char *_rbd_dev_v1_snap_name(struct rbd_device *rbd_dev, u32 which)
1021 {
1022         const char *snap_name;
1023
1024         rbd_assert(which < rbd_dev->header.snapc->num_snaps);
1025
1026         /* Skip over names until we find the one we are looking for */
1027
1028         snap_name = rbd_dev->header.snap_names;
1029         while (which--)
1030                 snap_name += strlen(snap_name) + 1;
1031
1032         return kstrdup(snap_name, GFP_KERNEL);
1033 }
1034
1035 /*
1036  * Snapshot id comparison function for use with qsort()/bsearch().
1037  * Note that result is for snapshots in *descending* order.
1038  */
1039 static int snapid_compare_reverse(const void *s1, const void *s2)
1040 {
1041         u64 snap_id1 = *(u64 *)s1;
1042         u64 snap_id2 = *(u64 *)s2;
1043
1044         if (snap_id1 < snap_id2)
1045                 return 1;
1046         return snap_id1 == snap_id2 ? 0 : -1;
1047 }
1048
1049 /*
1050  * Search a snapshot context to see if the given snapshot id is
1051  * present.
1052  *
1053  * Returns the position of the snapshot id in the array if it's found,
1054  * or BAD_SNAP_INDEX otherwise.
1055  *
1056  * Note: The snapshot array is in kept sorted (by the osd) in
1057  * reverse order, highest snapshot id first.
1058  */
1059 static u32 rbd_dev_snap_index(struct rbd_device *rbd_dev, u64 snap_id)
1060 {
1061         struct ceph_snap_context *snapc = rbd_dev->header.snapc;
1062         u64 *found;
1063
1064         found = bsearch(&snap_id, &snapc->snaps, snapc->num_snaps,
1065                                 sizeof (snap_id), snapid_compare_reverse);
1066
1067         return found ? (u32)(found - &snapc->snaps[0]) : BAD_SNAP_INDEX;
1068 }
1069
1070 static const char *rbd_dev_v1_snap_name(struct rbd_device *rbd_dev,
1071                                         u64 snap_id)
1072 {
1073         u32 which;
1074         const char *snap_name;
1075
1076         which = rbd_dev_snap_index(rbd_dev, snap_id);
1077         if (which == BAD_SNAP_INDEX)
1078                 return ERR_PTR(-ENOENT);
1079
1080         snap_name = _rbd_dev_v1_snap_name(rbd_dev, which);
1081         return snap_name ? snap_name : ERR_PTR(-ENOMEM);
1082 }
1083
1084 static const char *rbd_snap_name(struct rbd_device *rbd_dev, u64 snap_id)
1085 {
1086         if (snap_id == CEPH_NOSNAP)
1087                 return RBD_SNAP_HEAD_NAME;
1088
1089         rbd_assert(rbd_image_format_valid(rbd_dev->image_format));
1090         if (rbd_dev->image_format == 1)
1091                 return rbd_dev_v1_snap_name(rbd_dev, snap_id);
1092
1093         return rbd_dev_v2_snap_name(rbd_dev, snap_id);
1094 }
1095
1096 static int rbd_snap_size(struct rbd_device *rbd_dev, u64 snap_id,
1097                                 u64 *snap_size)
1098 {
1099         rbd_assert(rbd_image_format_valid(rbd_dev->image_format));
1100         if (snap_id == CEPH_NOSNAP) {
1101                 *snap_size = rbd_dev->header.image_size;
1102         } else if (rbd_dev->image_format == 1) {
1103                 u32 which;
1104
1105                 which = rbd_dev_snap_index(rbd_dev, snap_id);
1106                 if (which == BAD_SNAP_INDEX)
1107                         return -ENOENT;
1108
1109                 *snap_size = rbd_dev->header.snap_sizes[which];
1110         } else {
1111                 u64 size = 0;
1112                 int ret;
1113
1114                 ret = _rbd_dev_v2_snap_size(rbd_dev, snap_id, NULL, &size);
1115                 if (ret)
1116                         return ret;
1117
1118                 *snap_size = size;
1119         }
1120         return 0;
1121 }
1122
1123 static int rbd_snap_features(struct rbd_device *rbd_dev, u64 snap_id,
1124                         u64 *snap_features)
1125 {
1126         rbd_assert(rbd_image_format_valid(rbd_dev->image_format));
1127         if (snap_id == CEPH_NOSNAP) {
1128                 *snap_features = rbd_dev->header.features;
1129         } else if (rbd_dev->image_format == 1) {
1130                 *snap_features = 0;     /* No features for format 1 */
1131         } else {
1132                 u64 features = 0;
1133                 int ret;
1134
1135                 ret = _rbd_dev_v2_snap_features(rbd_dev, snap_id, &features);
1136                 if (ret)
1137                         return ret;
1138
1139                 *snap_features = features;
1140         }
1141         return 0;
1142 }
1143
1144 static int rbd_dev_mapping_set(struct rbd_device *rbd_dev)
1145 {
1146         u64 snap_id = rbd_dev->spec->snap_id;
1147         u64 size = 0;
1148         u64 features = 0;
1149         int ret;
1150
1151         ret = rbd_snap_size(rbd_dev, snap_id, &size);
1152         if (ret)
1153                 return ret;
1154         ret = rbd_snap_features(rbd_dev, snap_id, &features);
1155         if (ret)
1156                 return ret;
1157
1158         rbd_dev->mapping.size = size;
1159         rbd_dev->mapping.features = features;
1160
1161         return 0;
1162 }
1163
1164 static void rbd_dev_mapping_clear(struct rbd_device *rbd_dev)
1165 {
1166         rbd_dev->mapping.size = 0;
1167         rbd_dev->mapping.features = 0;
1168 }
1169
1170 static void rbd_segment_name_free(const char *name)
1171 {
1172         /* The explicit cast here is needed to drop the const qualifier */
1173
1174         kmem_cache_free(rbd_segment_name_cache, (void *)name);
1175 }
1176
1177 static const char *rbd_segment_name(struct rbd_device *rbd_dev, u64 offset)
1178 {
1179         char *name;
1180         u64 segment;
1181         int ret;
1182         char *name_format;
1183
1184         name = kmem_cache_alloc(rbd_segment_name_cache, GFP_NOIO);
1185         if (!name)
1186                 return NULL;
1187         segment = offset >> rbd_dev->header.obj_order;
1188         name_format = "%s.%012llx";
1189         if (rbd_dev->image_format == 2)
1190                 name_format = "%s.%016llx";
1191         ret = snprintf(name, CEPH_MAX_OID_NAME_LEN + 1, name_format,
1192                         rbd_dev->header.object_prefix, segment);
1193         if (ret < 0 || ret > CEPH_MAX_OID_NAME_LEN) {
1194                 pr_err("error formatting segment name for #%llu (%d)\n",
1195                         segment, ret);
1196                 rbd_segment_name_free(name);
1197                 name = NULL;
1198         }
1199
1200         return name;
1201 }
1202
1203 static u64 rbd_segment_offset(struct rbd_device *rbd_dev, u64 offset)
1204 {
1205         u64 segment_size = (u64) 1 << rbd_dev->header.obj_order;
1206
1207         return offset & (segment_size - 1);
1208 }
1209
1210 static u64 rbd_segment_length(struct rbd_device *rbd_dev,
1211                                 u64 offset, u64 length)
1212 {
1213         u64 segment_size = (u64) 1 << rbd_dev->header.obj_order;
1214
1215         offset &= segment_size - 1;
1216
1217         rbd_assert(length <= U64_MAX - offset);
1218         if (offset + length > segment_size)
1219                 length = segment_size - offset;
1220
1221         return length;
1222 }
1223
1224 /*
1225  * returns the size of an object in the image
1226  */
1227 static u64 rbd_obj_bytes(struct rbd_image_header *header)
1228 {
1229         return 1 << header->obj_order;
1230 }
1231
1232 /*
1233  * bio helpers
1234  */
1235
1236 static void bio_chain_put(struct bio *chain)
1237 {
1238         struct bio *tmp;
1239
1240         while (chain) {
1241                 tmp = chain;
1242                 chain = chain->bi_next;
1243                 bio_put(tmp);
1244         }
1245 }
1246
1247 /*
1248  * zeros a bio chain, starting at specific offset
1249  */
1250 static void zero_bio_chain(struct bio *chain, int start_ofs)
1251 {
1252         struct bio_vec bv;
1253         struct bvec_iter iter;
1254         unsigned long flags;
1255         void *buf;
1256         int pos = 0;
1257
1258         while (chain) {
1259                 bio_for_each_segment(bv, chain, iter) {
1260                         if (pos + bv.bv_len > start_ofs) {
1261                                 int remainder = max(start_ofs - pos, 0);
1262                                 buf = bvec_kmap_irq(&bv, &flags);
1263                                 memset(buf + remainder, 0,
1264                                        bv.bv_len - remainder);
1265                                 flush_dcache_page(bv.bv_page);
1266                                 bvec_kunmap_irq(buf, &flags);
1267                         }
1268                         pos += bv.bv_len;
1269                 }
1270
1271                 chain = chain->bi_next;
1272         }
1273 }
1274
1275 /*
1276  * similar to zero_bio_chain(), zeros data defined by a page array,
1277  * starting at the given byte offset from the start of the array and
1278  * continuing up to the given end offset.  The pages array is
1279  * assumed to be big enough to hold all bytes up to the end.
1280  */
1281 static void zero_pages(struct page **pages, u64 offset, u64 end)
1282 {
1283         struct page **page = &pages[offset >> PAGE_SHIFT];
1284
1285         rbd_assert(end > offset);
1286         rbd_assert(end - offset <= (u64)SIZE_MAX);
1287         while (offset < end) {
1288                 size_t page_offset;
1289                 size_t length;
1290                 unsigned long flags;
1291                 void *kaddr;
1292
1293                 page_offset = offset & ~PAGE_MASK;
1294                 length = min_t(size_t, PAGE_SIZE - page_offset, end - offset);
1295                 local_irq_save(flags);
1296                 kaddr = kmap_atomic(*page);
1297                 memset(kaddr + page_offset, 0, length);
1298                 flush_dcache_page(*page);
1299                 kunmap_atomic(kaddr);
1300                 local_irq_restore(flags);
1301
1302                 offset += length;
1303                 page++;
1304         }
1305 }
1306
1307 /*
1308  * Clone a portion of a bio, starting at the given byte offset
1309  * and continuing for the number of bytes indicated.
1310  */
1311 static struct bio *bio_clone_range(struct bio *bio_src,
1312                                         unsigned int offset,
1313                                         unsigned int len,
1314                                         gfp_t gfpmask)
1315 {
1316         struct bio *bio;
1317
1318         bio = bio_clone(bio_src, gfpmask);
1319         if (!bio)
1320                 return NULL;    /* ENOMEM */
1321
1322         bio_advance(bio, offset);
1323         bio->bi_iter.bi_size = len;
1324
1325         return bio;
1326 }
1327
1328 /*
1329  * Clone a portion of a bio chain, starting at the given byte offset
1330  * into the first bio in the source chain and continuing for the
1331  * number of bytes indicated.  The result is another bio chain of
1332  * exactly the given length, or a null pointer on error.
1333  *
1334  * The bio_src and offset parameters are both in-out.  On entry they
1335  * refer to the first source bio and the offset into that bio where
1336  * the start of data to be cloned is located.
1337  *
1338  * On return, bio_src is updated to refer to the bio in the source
1339  * chain that contains first un-cloned byte, and *offset will
1340  * contain the offset of that byte within that bio.
1341  */
1342 static struct bio *bio_chain_clone_range(struct bio **bio_src,
1343                                         unsigned int *offset,
1344                                         unsigned int len,
1345                                         gfp_t gfpmask)
1346 {
1347         struct bio *bi = *bio_src;
1348         unsigned int off = *offset;
1349         struct bio *chain = NULL;
1350         struct bio **end;
1351
1352         /* Build up a chain of clone bios up to the limit */
1353
1354         if (!bi || off >= bi->bi_iter.bi_size || !len)
1355                 return NULL;            /* Nothing to clone */
1356
1357         end = &chain;
1358         while (len) {
1359                 unsigned int bi_size;
1360                 struct bio *bio;
1361
1362                 if (!bi) {
1363                         rbd_warn(NULL, "bio_chain exhausted with %u left", len);
1364                         goto out_err;   /* EINVAL; ran out of bio's */
1365                 }
1366                 bi_size = min_t(unsigned int, bi->bi_iter.bi_size - off, len);
1367                 bio = bio_clone_range(bi, off, bi_size, gfpmask);
1368                 if (!bio)
1369                         goto out_err;   /* ENOMEM */
1370
1371                 *end = bio;
1372                 end = &bio->bi_next;
1373
1374                 off += bi_size;
1375                 if (off == bi->bi_iter.bi_size) {
1376                         bi = bi->bi_next;
1377                         off = 0;
1378                 }
1379                 len -= bi_size;
1380         }
1381         *bio_src = bi;
1382         *offset = off;
1383
1384         return chain;
1385 out_err:
1386         bio_chain_put(chain);
1387
1388         return NULL;
1389 }
1390
1391 /*
1392  * The default/initial value for all object request flags is 0.  For
1393  * each flag, once its value is set to 1 it is never reset to 0
1394  * again.
1395  */
1396 static void obj_request_img_data_set(struct rbd_obj_request *obj_request)
1397 {
1398         if (test_and_set_bit(OBJ_REQ_IMG_DATA, &obj_request->flags)) {
1399                 struct rbd_device *rbd_dev;
1400
1401                 rbd_dev = obj_request->img_request->rbd_dev;
1402                 rbd_warn(rbd_dev, "obj_request %p already marked img_data",
1403                         obj_request);
1404         }
1405 }
1406
1407 static bool obj_request_img_data_test(struct rbd_obj_request *obj_request)
1408 {
1409         smp_mb();
1410         return test_bit(OBJ_REQ_IMG_DATA, &obj_request->flags) != 0;
1411 }
1412
1413 static void obj_request_done_set(struct rbd_obj_request *obj_request)
1414 {
1415         if (test_and_set_bit(OBJ_REQ_DONE, &obj_request->flags)) {
1416                 struct rbd_device *rbd_dev = NULL;
1417
1418                 if (obj_request_img_data_test(obj_request))
1419                         rbd_dev = obj_request->img_request->rbd_dev;
1420                 rbd_warn(rbd_dev, "obj_request %p already marked done",
1421                         obj_request);
1422         }
1423 }
1424
1425 static bool obj_request_done_test(struct rbd_obj_request *obj_request)
1426 {
1427         smp_mb();
1428         return test_bit(OBJ_REQ_DONE, &obj_request->flags) != 0;
1429 }
1430
1431 /*
1432  * This sets the KNOWN flag after (possibly) setting the EXISTS
1433  * flag.  The latter is set based on the "exists" value provided.
1434  *
1435  * Note that for our purposes once an object exists it never goes
1436  * away again.  It's possible that the response from two existence
1437  * checks are separated by the creation of the target object, and
1438  * the first ("doesn't exist") response arrives *after* the second
1439  * ("does exist").  In that case we ignore the second one.
1440  */
1441 static void obj_request_existence_set(struct rbd_obj_request *obj_request,
1442                                 bool exists)
1443 {
1444         if (exists)
1445                 set_bit(OBJ_REQ_EXISTS, &obj_request->flags);
1446         set_bit(OBJ_REQ_KNOWN, &obj_request->flags);
1447         smp_mb();
1448 }
1449
1450 static bool obj_request_known_test(struct rbd_obj_request *obj_request)
1451 {
1452         smp_mb();
1453         return test_bit(OBJ_REQ_KNOWN, &obj_request->flags) != 0;
1454 }
1455
1456 static bool obj_request_exists_test(struct rbd_obj_request *obj_request)
1457 {
1458         smp_mb();
1459         return test_bit(OBJ_REQ_EXISTS, &obj_request->flags) != 0;
1460 }
1461
1462 static bool obj_request_overlaps_parent(struct rbd_obj_request *obj_request)
1463 {
1464         struct rbd_device *rbd_dev = obj_request->img_request->rbd_dev;
1465
1466         return obj_request->img_offset <
1467             round_up(rbd_dev->parent_overlap, rbd_obj_bytes(&rbd_dev->header));
1468 }
1469
1470 static void rbd_obj_request_get(struct rbd_obj_request *obj_request)
1471 {
1472         dout("%s: obj %p (was %d)\n", __func__, obj_request,
1473                 atomic_read(&obj_request->kref.refcount));
1474         kref_get(&obj_request->kref);
1475 }
1476
1477 static void rbd_obj_request_destroy(struct kref *kref);
1478 static void rbd_obj_request_put(struct rbd_obj_request *obj_request)
1479 {
1480         rbd_assert(obj_request != NULL);
1481         dout("%s: obj %p (was %d)\n", __func__, obj_request,
1482                 atomic_read(&obj_request->kref.refcount));
1483         kref_put(&obj_request->kref, rbd_obj_request_destroy);
1484 }
1485
1486 static void rbd_img_request_get(struct rbd_img_request *img_request)
1487 {
1488         dout("%s: img %p (was %d)\n", __func__, img_request,
1489              atomic_read(&img_request->kref.refcount));
1490         kref_get(&img_request->kref);
1491 }
1492
1493 static bool img_request_child_test(struct rbd_img_request *img_request);
1494 static void rbd_parent_request_destroy(struct kref *kref);
1495 static void rbd_img_request_destroy(struct kref *kref);
1496 static void rbd_img_request_put(struct rbd_img_request *img_request)
1497 {
1498         rbd_assert(img_request != NULL);
1499         dout("%s: img %p (was %d)\n", __func__, img_request,
1500                 atomic_read(&img_request->kref.refcount));
1501         if (img_request_child_test(img_request))
1502                 kref_put(&img_request->kref, rbd_parent_request_destroy);
1503         else
1504                 kref_put(&img_request->kref, rbd_img_request_destroy);
1505 }
1506
1507 static inline void rbd_img_obj_request_add(struct rbd_img_request *img_request,
1508                                         struct rbd_obj_request *obj_request)
1509 {
1510         rbd_assert(obj_request->img_request == NULL);
1511
1512         /* Image request now owns object's original reference */
1513         obj_request->img_request = img_request;
1514         obj_request->which = img_request->obj_request_count;
1515         rbd_assert(!obj_request_img_data_test(obj_request));
1516         obj_request_img_data_set(obj_request);
1517         rbd_assert(obj_request->which != BAD_WHICH);
1518         img_request->obj_request_count++;
1519         list_add_tail(&obj_request->links, &img_request->obj_requests);
1520         dout("%s: img %p obj %p w=%u\n", __func__, img_request, obj_request,
1521                 obj_request->which);
1522 }
1523
1524 static inline void rbd_img_obj_request_del(struct rbd_img_request *img_request,
1525                                         struct rbd_obj_request *obj_request)
1526 {
1527         rbd_assert(obj_request->which != BAD_WHICH);
1528
1529         dout("%s: img %p obj %p w=%u\n", __func__, img_request, obj_request,
1530                 obj_request->which);
1531         list_del(&obj_request->links);
1532         rbd_assert(img_request->obj_request_count > 0);
1533         img_request->obj_request_count--;
1534         rbd_assert(obj_request->which == img_request->obj_request_count);
1535         obj_request->which = BAD_WHICH;
1536         rbd_assert(obj_request_img_data_test(obj_request));
1537         rbd_assert(obj_request->img_request == img_request);
1538         obj_request->img_request = NULL;
1539         obj_request->callback = NULL;
1540         rbd_obj_request_put(obj_request);
1541 }
1542
1543 static bool obj_request_type_valid(enum obj_request_type type)
1544 {
1545         switch (type) {
1546         case OBJ_REQUEST_NODATA:
1547         case OBJ_REQUEST_BIO:
1548         case OBJ_REQUEST_PAGES:
1549                 return true;
1550         default:
1551                 return false;
1552         }
1553 }
1554
1555 static int rbd_obj_request_submit(struct ceph_osd_client *osdc,
1556                                 struct rbd_obj_request *obj_request)
1557 {
1558         dout("%s %p\n", __func__, obj_request);
1559         return ceph_osdc_start_request(osdc, obj_request->osd_req, false);
1560 }
1561
1562 static void rbd_obj_request_end(struct rbd_obj_request *obj_request)
1563 {
1564         dout("%s %p\n", __func__, obj_request);
1565         ceph_osdc_cancel_request(obj_request->osd_req);
1566 }
1567
1568 /*
1569  * Wait for an object request to complete.  If interrupted, cancel the
1570  * underlying osd request.
1571  *
1572  * @timeout: in jiffies, 0 means "wait forever"
1573  */
1574 static int __rbd_obj_request_wait(struct rbd_obj_request *obj_request,
1575                                   unsigned long timeout)
1576 {
1577         long ret;
1578
1579         dout("%s %p\n", __func__, obj_request);
1580         ret = wait_for_completion_interruptible_timeout(
1581                                         &obj_request->completion,
1582                                         ceph_timeout_jiffies(timeout));
1583         if (ret <= 0) {
1584                 if (ret == 0)
1585                         ret = -ETIMEDOUT;
1586                 rbd_obj_request_end(obj_request);
1587         } else {
1588                 ret = 0;
1589         }
1590
1591         dout("%s %p ret %d\n", __func__, obj_request, (int)ret);
1592         return ret;
1593 }
1594
1595 static int rbd_obj_request_wait(struct rbd_obj_request *obj_request)
1596 {
1597         return __rbd_obj_request_wait(obj_request, 0);
1598 }
1599
1600 static int rbd_obj_request_wait_timeout(struct rbd_obj_request *obj_request,
1601                                         unsigned long timeout)
1602 {
1603         return __rbd_obj_request_wait(obj_request, timeout);
1604 }
1605
1606 static void rbd_img_request_complete(struct rbd_img_request *img_request)
1607 {
1608
1609         dout("%s: img %p\n", __func__, img_request);
1610
1611         /*
1612          * If no error occurred, compute the aggregate transfer
1613          * count for the image request.  We could instead use
1614          * atomic64_cmpxchg() to update it as each object request
1615          * completes; not clear which way is better off hand.
1616          */
1617         if (!img_request->result) {
1618                 struct rbd_obj_request *obj_request;
1619                 u64 xferred = 0;
1620
1621                 for_each_obj_request(img_request, obj_request)
1622                         xferred += obj_request->xferred;
1623                 img_request->xferred = xferred;
1624         }
1625
1626         if (img_request->callback)
1627                 img_request->callback(img_request);
1628         else
1629                 rbd_img_request_put(img_request);
1630 }
1631
1632 /*
1633  * The default/initial value for all image request flags is 0.  Each
1634  * is conditionally set to 1 at image request initialization time
1635  * and currently never change thereafter.
1636  */
1637 static void img_request_write_set(struct rbd_img_request *img_request)
1638 {
1639         set_bit(IMG_REQ_WRITE, &img_request->flags);
1640         smp_mb();
1641 }
1642
1643 static bool img_request_write_test(struct rbd_img_request *img_request)
1644 {
1645         smp_mb();
1646         return test_bit(IMG_REQ_WRITE, &img_request->flags) != 0;
1647 }
1648
1649 /*
1650  * Set the discard flag when the img_request is an discard request
1651  */
1652 static void img_request_discard_set(struct rbd_img_request *img_request)
1653 {
1654         set_bit(IMG_REQ_DISCARD, &img_request->flags);
1655         smp_mb();
1656 }
1657
1658 static bool img_request_discard_test(struct rbd_img_request *img_request)
1659 {
1660         smp_mb();
1661         return test_bit(IMG_REQ_DISCARD, &img_request->flags) != 0;
1662 }
1663
1664 static void img_request_child_set(struct rbd_img_request *img_request)
1665 {
1666         set_bit(IMG_REQ_CHILD, &img_request->flags);
1667         smp_mb();
1668 }
1669
1670 static void img_request_child_clear(struct rbd_img_request *img_request)
1671 {
1672         clear_bit(IMG_REQ_CHILD, &img_request->flags);
1673         smp_mb();
1674 }
1675
1676 static bool img_request_child_test(struct rbd_img_request *img_request)
1677 {
1678         smp_mb();
1679         return test_bit(IMG_REQ_CHILD, &img_request->flags) != 0;
1680 }
1681
1682 static void img_request_layered_set(struct rbd_img_request *img_request)
1683 {
1684         set_bit(IMG_REQ_LAYERED, &img_request->flags);
1685         smp_mb();
1686 }
1687
1688 static void img_request_layered_clear(struct rbd_img_request *img_request)
1689 {
1690         clear_bit(IMG_REQ_LAYERED, &img_request->flags);
1691         smp_mb();
1692 }
1693
1694 static bool img_request_layered_test(struct rbd_img_request *img_request)
1695 {
1696         smp_mb();
1697         return test_bit(IMG_REQ_LAYERED, &img_request->flags) != 0;
1698 }
1699
1700 static enum obj_operation_type
1701 rbd_img_request_op_type(struct rbd_img_request *img_request)
1702 {
1703         if (img_request_write_test(img_request))
1704                 return OBJ_OP_WRITE;
1705         else if (img_request_discard_test(img_request))
1706                 return OBJ_OP_DISCARD;
1707         else
1708                 return OBJ_OP_READ;
1709 }
1710
1711 static void
1712 rbd_img_obj_request_read_callback(struct rbd_obj_request *obj_request)
1713 {
1714         u64 xferred = obj_request->xferred;
1715         u64 length = obj_request->length;
1716
1717         dout("%s: obj %p img %p result %d %llu/%llu\n", __func__,
1718                 obj_request, obj_request->img_request, obj_request->result,
1719                 xferred, length);
1720         /*
1721          * ENOENT means a hole in the image.  We zero-fill the entire
1722          * length of the request.  A short read also implies zero-fill
1723          * to the end of the request.  An error requires the whole
1724          * length of the request to be reported finished with an error
1725          * to the block layer.  In each case we update the xferred
1726          * count to indicate the whole request was satisfied.
1727          */
1728         rbd_assert(obj_request->type != OBJ_REQUEST_NODATA);
1729         if (obj_request->result == -ENOENT) {
1730                 if (obj_request->type == OBJ_REQUEST_BIO)
1731                         zero_bio_chain(obj_request->bio_list, 0);
1732                 else
1733                         zero_pages(obj_request->pages, 0, length);
1734                 obj_request->result = 0;
1735         } else if (xferred < length && !obj_request->result) {
1736                 if (obj_request->type == OBJ_REQUEST_BIO)
1737                         zero_bio_chain(obj_request->bio_list, xferred);
1738                 else
1739                         zero_pages(obj_request->pages, xferred, length);
1740         }
1741         obj_request->xferred = length;
1742         obj_request_done_set(obj_request);
1743 }
1744
1745 static void rbd_obj_request_complete(struct rbd_obj_request *obj_request)
1746 {
1747         dout("%s: obj %p cb %p\n", __func__, obj_request,
1748                 obj_request->callback);
1749         if (obj_request->callback)
1750                 obj_request->callback(obj_request);
1751         else
1752                 complete_all(&obj_request->completion);
1753 }
1754
1755 static void rbd_osd_trivial_callback(struct rbd_obj_request *obj_request)
1756 {
1757         dout("%s: obj %p\n", __func__, obj_request);
1758         obj_request_done_set(obj_request);
1759 }
1760
1761 static void rbd_osd_read_callback(struct rbd_obj_request *obj_request)
1762 {
1763         struct rbd_img_request *img_request = NULL;
1764         struct rbd_device *rbd_dev = NULL;
1765         bool layered = false;
1766
1767         if (obj_request_img_data_test(obj_request)) {
1768                 img_request = obj_request->img_request;
1769                 layered = img_request && img_request_layered_test(img_request);
1770                 rbd_dev = img_request->rbd_dev;
1771         }
1772
1773         dout("%s: obj %p img %p result %d %llu/%llu\n", __func__,
1774                 obj_request, img_request, obj_request->result,
1775                 obj_request->xferred, obj_request->length);
1776         if (layered && obj_request->result == -ENOENT &&
1777                         obj_request->img_offset < rbd_dev->parent_overlap)
1778                 rbd_img_parent_read(obj_request);
1779         else if (img_request)
1780                 rbd_img_obj_request_read_callback(obj_request);
1781         else
1782                 obj_request_done_set(obj_request);
1783 }
1784
1785 static void rbd_osd_write_callback(struct rbd_obj_request *obj_request)
1786 {
1787         dout("%s: obj %p result %d %llu\n", __func__, obj_request,
1788                 obj_request->result, obj_request->length);
1789         /*
1790          * There is no such thing as a successful short write.  Set
1791          * it to our originally-requested length.
1792          */
1793         obj_request->xferred = obj_request->length;
1794         obj_request_done_set(obj_request);
1795 }
1796
1797 static void rbd_osd_discard_callback(struct rbd_obj_request *obj_request)
1798 {
1799         dout("%s: obj %p result %d %llu\n", __func__, obj_request,
1800                 obj_request->result, obj_request->length);
1801         /*
1802          * There is no such thing as a successful short discard.  Set
1803          * it to our originally-requested length.
1804          */
1805         obj_request->xferred = obj_request->length;
1806         /* discarding a non-existent object is not a problem */
1807         if (obj_request->result == -ENOENT)
1808                 obj_request->result = 0;
1809         obj_request_done_set(obj_request);
1810 }
1811
1812 /*
1813  * For a simple stat call there's nothing to do.  We'll do more if
1814  * this is part of a write sequence for a layered image.
1815  */
1816 static void rbd_osd_stat_callback(struct rbd_obj_request *obj_request)
1817 {
1818         dout("%s: obj %p\n", __func__, obj_request);
1819         obj_request_done_set(obj_request);
1820 }
1821
1822 static void rbd_osd_call_callback(struct rbd_obj_request *obj_request)
1823 {
1824         dout("%s: obj %p\n", __func__, obj_request);
1825
1826         if (obj_request_img_data_test(obj_request))
1827                 rbd_osd_copyup_callback(obj_request);
1828         else
1829                 obj_request_done_set(obj_request);
1830 }
1831
1832 static void rbd_osd_req_callback(struct ceph_osd_request *osd_req,
1833                                 struct ceph_msg *msg)
1834 {
1835         struct rbd_obj_request *obj_request = osd_req->r_priv;
1836         u16 opcode;
1837
1838         dout("%s: osd_req %p msg %p\n", __func__, osd_req, msg);
1839         rbd_assert(osd_req == obj_request->osd_req);
1840         if (obj_request_img_data_test(obj_request)) {
1841                 rbd_assert(obj_request->img_request);
1842                 rbd_assert(obj_request->which != BAD_WHICH);
1843         } else {
1844                 rbd_assert(obj_request->which == BAD_WHICH);
1845         }
1846
1847         if (osd_req->r_result < 0)
1848                 obj_request->result = osd_req->r_result;
1849
1850         /*
1851          * We support a 64-bit length, but ultimately it has to be
1852          * passed to the block layer, which just supports a 32-bit
1853          * length field.
1854          */
1855         obj_request->xferred = osd_req->r_ops[0].outdata_len;
1856         rbd_assert(obj_request->xferred < (u64)UINT_MAX);
1857
1858         opcode = osd_req->r_ops[0].op;
1859         switch (opcode) {
1860         case CEPH_OSD_OP_READ:
1861                 rbd_osd_read_callback(obj_request);
1862                 break;
1863         case CEPH_OSD_OP_SETALLOCHINT:
1864                 rbd_assert(osd_req->r_ops[1].op == CEPH_OSD_OP_WRITE ||
1865                            osd_req->r_ops[1].op == CEPH_OSD_OP_WRITEFULL);
1866                 /* fall through */
1867         case CEPH_OSD_OP_WRITE:
1868         case CEPH_OSD_OP_WRITEFULL:
1869                 rbd_osd_write_callback(obj_request);
1870                 break;
1871         case CEPH_OSD_OP_STAT:
1872                 rbd_osd_stat_callback(obj_request);
1873                 break;
1874         case CEPH_OSD_OP_DELETE:
1875         case CEPH_OSD_OP_TRUNCATE:
1876         case CEPH_OSD_OP_ZERO:
1877                 rbd_osd_discard_callback(obj_request);
1878                 break;
1879         case CEPH_OSD_OP_CALL:
1880                 rbd_osd_call_callback(obj_request);
1881                 break;
1882         case CEPH_OSD_OP_NOTIFY_ACK:
1883         case CEPH_OSD_OP_WATCH:
1884                 rbd_osd_trivial_callback(obj_request);
1885                 break;
1886         default:
1887                 rbd_warn(NULL, "%s: unsupported op %hu",
1888                         obj_request->object_name, (unsigned short) opcode);
1889                 break;
1890         }
1891
1892         if (obj_request_done_test(obj_request))
1893                 rbd_obj_request_complete(obj_request);
1894 }
1895
1896 static void rbd_osd_req_format_read(struct rbd_obj_request *obj_request)
1897 {
1898         struct rbd_img_request *img_request = obj_request->img_request;
1899         struct ceph_osd_request *osd_req = obj_request->osd_req;
1900         u64 snap_id;
1901
1902         rbd_assert(osd_req != NULL);
1903
1904         snap_id = img_request ? img_request->snap_id : CEPH_NOSNAP;
1905         ceph_osdc_build_request(osd_req, obj_request->offset,
1906                         NULL, snap_id, NULL);
1907 }
1908
1909 static void rbd_osd_req_format_write(struct rbd_obj_request *obj_request)
1910 {
1911         struct rbd_img_request *img_request = obj_request->img_request;
1912         struct ceph_osd_request *osd_req = obj_request->osd_req;
1913         struct ceph_snap_context *snapc;
1914         struct timespec mtime = CURRENT_TIME;
1915
1916         rbd_assert(osd_req != NULL);
1917
1918         snapc = img_request ? img_request->snapc : NULL;
1919         ceph_osdc_build_request(osd_req, obj_request->offset,
1920                         snapc, CEPH_NOSNAP, &mtime);
1921 }
1922
1923 /*
1924  * Create an osd request.  A read request has one osd op (read).
1925  * A write request has either one (watch) or two (hint+write) osd ops.
1926  * (All rbd data writes are prefixed with an allocation hint op, but
1927  * technically osd watch is a write request, hence this distinction.)
1928  */
1929 static struct ceph_osd_request *rbd_osd_req_create(
1930                                         struct rbd_device *rbd_dev,
1931                                         enum obj_operation_type op_type,
1932                                         unsigned int num_ops,
1933                                         struct rbd_obj_request *obj_request)
1934 {
1935         struct ceph_snap_context *snapc = NULL;
1936         struct ceph_osd_client *osdc;
1937         struct ceph_osd_request *osd_req;
1938
1939         if (obj_request_img_data_test(obj_request) &&
1940                 (op_type == OBJ_OP_DISCARD || op_type == OBJ_OP_WRITE)) {
1941                 struct rbd_img_request *img_request = obj_request->img_request;
1942                 if (op_type == OBJ_OP_WRITE) {
1943                         rbd_assert(img_request_write_test(img_request));
1944                 } else {
1945                         rbd_assert(img_request_discard_test(img_request));
1946                 }
1947                 snapc = img_request->snapc;
1948         }
1949
1950         rbd_assert(num_ops == 1 || ((op_type == OBJ_OP_WRITE) && num_ops == 2));
1951
1952         /* Allocate and initialize the request, for the num_ops ops */
1953
1954         osdc = &rbd_dev->rbd_client->client->osdc;
1955         osd_req = ceph_osdc_alloc_request(osdc, snapc, num_ops, false,
1956                                           GFP_ATOMIC);
1957         if (!osd_req)
1958                 return NULL;    /* ENOMEM */
1959
1960         if (op_type == OBJ_OP_WRITE || op_type == OBJ_OP_DISCARD)
1961                 osd_req->r_flags = CEPH_OSD_FLAG_WRITE | CEPH_OSD_FLAG_ONDISK;
1962         else
1963                 osd_req->r_flags = CEPH_OSD_FLAG_READ;
1964
1965         osd_req->r_callback = rbd_osd_req_callback;
1966         osd_req->r_priv = obj_request;
1967
1968         osd_req->r_base_oloc.pool = ceph_file_layout_pg_pool(rbd_dev->layout);
1969         ceph_oid_set_name(&osd_req->r_base_oid, obj_request->object_name);
1970
1971         return osd_req;
1972 }
1973
1974 /*
1975  * Create a copyup osd request based on the information in the object
1976  * request supplied.  A copyup request has two or three osd ops, a
1977  * copyup method call, potentially a hint op, and a write or truncate
1978  * or zero op.
1979  */
1980 static struct ceph_osd_request *
1981 rbd_osd_req_create_copyup(struct rbd_obj_request *obj_request)
1982 {
1983         struct rbd_img_request *img_request;
1984         struct ceph_snap_context *snapc;
1985         struct rbd_device *rbd_dev;
1986         struct ceph_osd_client *osdc;
1987         struct ceph_osd_request *osd_req;
1988         int num_osd_ops = 3;
1989
1990         rbd_assert(obj_request_img_data_test(obj_request));
1991         img_request = obj_request->img_request;
1992         rbd_assert(img_request);
1993         rbd_assert(img_request_write_test(img_request) ||
1994                         img_request_discard_test(img_request));
1995
1996         if (img_request_discard_test(img_request))
1997                 num_osd_ops = 2;
1998
1999         /* Allocate and initialize the request, for all the ops */
2000
2001         snapc = img_request->snapc;
2002         rbd_dev = img_request->rbd_dev;
2003         osdc = &rbd_dev->rbd_client->client->osdc;
2004         osd_req = ceph_osdc_alloc_request(osdc, snapc, num_osd_ops,
2005                                                 false, GFP_ATOMIC);
2006         if (!osd_req)
2007                 return NULL;    /* ENOMEM */
2008
2009         osd_req->r_flags = CEPH_OSD_FLAG_WRITE | CEPH_OSD_FLAG_ONDISK;
2010         osd_req->r_callback = rbd_osd_req_callback;
2011         osd_req->r_priv = obj_request;
2012
2013         osd_req->r_base_oloc.pool = ceph_file_layout_pg_pool(rbd_dev->layout);
2014         ceph_oid_set_name(&osd_req->r_base_oid, obj_request->object_name);
2015
2016         return osd_req;
2017 }
2018
2019
2020 static void rbd_osd_req_destroy(struct ceph_osd_request *osd_req)
2021 {
2022         ceph_osdc_put_request(osd_req);
2023 }
2024
2025 /* object_name is assumed to be a non-null pointer and NUL-terminated */
2026
2027 static struct rbd_obj_request *rbd_obj_request_create(const char *object_name,
2028                                                 u64 offset, u64 length,
2029                                                 enum obj_request_type type)
2030 {
2031         struct rbd_obj_request *obj_request;
2032         size_t size;
2033         char *name;
2034
2035         rbd_assert(obj_request_type_valid(type));
2036
2037         size = strlen(object_name) + 1;
2038         name = kmalloc(size, GFP_NOIO);
2039         if (!name)
2040                 return NULL;
2041
2042         obj_request = kmem_cache_zalloc(rbd_obj_request_cache, GFP_NOIO);
2043         if (!obj_request) {
2044                 kfree(name);
2045                 return NULL;
2046         }
2047
2048         obj_request->object_name = memcpy(name, object_name, size);
2049         obj_request->offset = offset;
2050         obj_request->length = length;
2051         obj_request->flags = 0;
2052         obj_request->which = BAD_WHICH;
2053         obj_request->type = type;
2054         INIT_LIST_HEAD(&obj_request->links);
2055         init_completion(&obj_request->completion);
2056         kref_init(&obj_request->kref);
2057
2058         dout("%s: \"%s\" %llu/%llu %d -> obj %p\n", __func__, object_name,
2059                 offset, length, (int)type, obj_request);
2060
2061         return obj_request;
2062 }
2063
2064 static void rbd_obj_request_destroy(struct kref *kref)
2065 {
2066         struct rbd_obj_request *obj_request;
2067
2068         obj_request = container_of(kref, struct rbd_obj_request, kref);
2069
2070         dout("%s: obj %p\n", __func__, obj_request);
2071
2072         rbd_assert(obj_request->img_request == NULL);
2073         rbd_assert(obj_request->which == BAD_WHICH);
2074
2075         if (obj_request->osd_req)
2076                 rbd_osd_req_destroy(obj_request->osd_req);
2077
2078         rbd_assert(obj_request_type_valid(obj_request->type));
2079         switch (obj_request->type) {
2080         case OBJ_REQUEST_NODATA:
2081                 break;          /* Nothing to do */
2082         case OBJ_REQUEST_BIO:
2083                 if (obj_request->bio_list)
2084                         bio_chain_put(obj_request->bio_list);
2085                 break;
2086         case OBJ_REQUEST_PAGES:
2087                 if (obj_request->pages)
2088                         ceph_release_page_vector(obj_request->pages,
2089                                                 obj_request->page_count);
2090                 break;
2091         }
2092
2093         kfree(obj_request->object_name);
2094         obj_request->object_name = NULL;
2095         kmem_cache_free(rbd_obj_request_cache, obj_request);
2096 }
2097
2098 /* It's OK to call this for a device with no parent */
2099
2100 static void rbd_spec_put(struct rbd_spec *spec);
2101 static void rbd_dev_unparent(struct rbd_device *rbd_dev)
2102 {
2103         rbd_dev_remove_parent(rbd_dev);
2104         rbd_spec_put(rbd_dev->parent_spec);
2105         rbd_dev->parent_spec = NULL;
2106         rbd_dev->parent_overlap = 0;
2107 }
2108
2109 /*
2110  * Parent image reference counting is used to determine when an
2111  * image's parent fields can be safely torn down--after there are no
2112  * more in-flight requests to the parent image.  When the last
2113  * reference is dropped, cleaning them up is safe.
2114  */
2115 static void rbd_dev_parent_put(struct rbd_device *rbd_dev)
2116 {
2117         int counter;
2118
2119         if (!rbd_dev->parent_spec)
2120                 return;
2121
2122         counter = atomic_dec_return_safe(&rbd_dev->parent_ref);
2123         if (counter > 0)
2124                 return;
2125
2126         /* Last reference; clean up parent data structures */
2127
2128         if (!counter)
2129                 rbd_dev_unparent(rbd_dev);
2130         else
2131                 rbd_warn(rbd_dev, "parent reference underflow");
2132 }
2133
2134 /*
2135  * If an image has a non-zero parent overlap, get a reference to its
2136  * parent.
2137  *
2138  * Returns true if the rbd device has a parent with a non-zero
2139  * overlap and a reference for it was successfully taken, or
2140  * false otherwise.
2141  */
2142 static bool rbd_dev_parent_get(struct rbd_device *rbd_dev)
2143 {
2144         int counter = 0;
2145
2146         if (!rbd_dev->parent_spec)
2147                 return false;
2148
2149         down_read(&rbd_dev->header_rwsem);
2150         if (rbd_dev->parent_overlap)
2151                 counter = atomic_inc_return_safe(&rbd_dev->parent_ref);
2152         up_read(&rbd_dev->header_rwsem);
2153
2154         if (counter < 0)
2155                 rbd_warn(rbd_dev, "parent reference overflow");
2156
2157         return counter > 0;
2158 }
2159
2160 /*
2161  * Caller is responsible for filling in the list of object requests
2162  * that comprises the image request, and the Linux request pointer
2163  * (if there is one).
2164  */
2165 static struct rbd_img_request *rbd_img_request_create(
2166                                         struct rbd_device *rbd_dev,
2167                                         u64 offset, u64 length,
2168                                         enum obj_operation_type op_type,
2169                                         struct ceph_snap_context *snapc)
2170 {
2171         struct rbd_img_request *img_request;
2172
2173         img_request = kmem_cache_alloc(rbd_img_request_cache, GFP_NOIO);
2174         if (!img_request)
2175                 return NULL;
2176
2177         img_request->rq = NULL;
2178         img_request->rbd_dev = rbd_dev;
2179         img_request->offset = offset;
2180         img_request->length = length;
2181         img_request->flags = 0;
2182         if (op_type == OBJ_OP_DISCARD) {
2183                 img_request_discard_set(img_request);
2184                 img_request->snapc = snapc;
2185         } else if (op_type == OBJ_OP_WRITE) {
2186                 img_request_write_set(img_request);
2187                 img_request->snapc = snapc;
2188         } else {
2189                 img_request->snap_id = rbd_dev->spec->snap_id;
2190         }
2191         if (rbd_dev_parent_get(rbd_dev))
2192                 img_request_layered_set(img_request);
2193         spin_lock_init(&img_request->completion_lock);
2194         img_request->next_completion = 0;
2195         img_request->callback = NULL;
2196         img_request->result = 0;
2197         img_request->obj_request_count = 0;
2198         INIT_LIST_HEAD(&img_request->obj_requests);
2199         kref_init(&img_request->kref);
2200
2201         dout("%s: rbd_dev %p %s %llu/%llu -> img %p\n", __func__, rbd_dev,
2202                 obj_op_name(op_type), offset, length, img_request);
2203
2204         return img_request;
2205 }
2206
2207 static void rbd_img_request_destroy(struct kref *kref)
2208 {
2209         struct rbd_img_request *img_request;
2210         struct rbd_obj_request *obj_request;
2211         struct rbd_obj_request *next_obj_request;
2212
2213         img_request = container_of(kref, struct rbd_img_request, kref);
2214
2215         dout("%s: img %p\n", __func__, img_request);
2216
2217         for_each_obj_request_safe(img_request, obj_request, next_obj_request)
2218                 rbd_img_obj_request_del(img_request, obj_request);
2219         rbd_assert(img_request->obj_request_count == 0);
2220
2221         if (img_request_layered_test(img_request)) {
2222                 img_request_layered_clear(img_request);
2223                 rbd_dev_parent_put(img_request->rbd_dev);
2224         }
2225
2226         if (img_request_write_test(img_request) ||
2227                 img_request_discard_test(img_request))
2228                 ceph_put_snap_context(img_request->snapc);
2229
2230         kmem_cache_free(rbd_img_request_cache, img_request);
2231 }
2232
2233 static struct rbd_img_request *rbd_parent_request_create(
2234                                         struct rbd_obj_request *obj_request,
2235                                         u64 img_offset, u64 length)
2236 {
2237         struct rbd_img_request *parent_request;
2238         struct rbd_device *rbd_dev;
2239
2240         rbd_assert(obj_request->img_request);
2241         rbd_dev = obj_request->img_request->rbd_dev;
2242
2243         parent_request = rbd_img_request_create(rbd_dev->parent, img_offset,
2244                                                 length, OBJ_OP_READ, NULL);
2245         if (!parent_request)
2246                 return NULL;
2247
2248         img_request_child_set(parent_request);
2249         rbd_obj_request_get(obj_request);
2250         parent_request->obj_request = obj_request;
2251
2252         return parent_request;
2253 }
2254
2255 static void rbd_parent_request_destroy(struct kref *kref)
2256 {
2257         struct rbd_img_request *parent_request;
2258         struct rbd_obj_request *orig_request;
2259
2260         parent_request = container_of(kref, struct rbd_img_request, kref);
2261         orig_request = parent_request->obj_request;
2262
2263         parent_request->obj_request = NULL;
2264         rbd_obj_request_put(orig_request);
2265         img_request_child_clear(parent_request);
2266
2267         rbd_img_request_destroy(kref);
2268 }
2269
2270 static bool rbd_img_obj_end_request(struct rbd_obj_request *obj_request)
2271 {
2272         struct rbd_img_request *img_request;
2273         unsigned int xferred;
2274         int result;
2275         bool more;
2276
2277         rbd_assert(obj_request_img_data_test(obj_request));
2278         img_request = obj_request->img_request;
2279
2280         rbd_assert(obj_request->xferred <= (u64)UINT_MAX);
2281         xferred = (unsigned int)obj_request->xferred;
2282         result = obj_request->result;
2283         if (result) {
2284                 struct rbd_device *rbd_dev = img_request->rbd_dev;
2285                 enum obj_operation_type op_type;
2286
2287                 if (img_request_discard_test(img_request))
2288                         op_type = OBJ_OP_DISCARD;
2289                 else if (img_request_write_test(img_request))
2290                         op_type = OBJ_OP_WRITE;
2291                 else
2292                         op_type = OBJ_OP_READ;
2293
2294                 rbd_warn(rbd_dev, "%s %llx at %llx (%llx)",
2295                         obj_op_name(op_type), obj_request->length,
2296                         obj_request->img_offset, obj_request->offset);
2297                 rbd_warn(rbd_dev, "  result %d xferred %x",
2298                         result, xferred);
2299                 if (!img_request->result)
2300                         img_request->result = result;
2301                 /*
2302                  * Need to end I/O on the entire obj_request worth of
2303                  * bytes in case of error.
2304                  */
2305                 xferred = obj_request->length;
2306         }
2307
2308         /* Image object requests don't own their page array */
2309
2310         if (obj_request->type == OBJ_REQUEST_PAGES) {
2311                 obj_request->pages = NULL;
2312                 obj_request->page_count = 0;
2313         }
2314
2315         if (img_request_child_test(img_request)) {
2316                 rbd_assert(img_request->obj_request != NULL);
2317                 more = obj_request->which < img_request->obj_request_count - 1;
2318         } else {
2319                 rbd_assert(img_request->rq != NULL);
2320
2321                 more = blk_update_request(img_request->rq, result, xferred);
2322                 if (!more)
2323                         __blk_mq_end_request(img_request->rq, result);
2324         }
2325
2326         return more;
2327 }
2328
2329 static void rbd_img_obj_callback(struct rbd_obj_request *obj_request)
2330 {
2331         struct rbd_img_request *img_request;
2332         u32 which = obj_request->which;
2333         bool more = true;
2334
2335         rbd_assert(obj_request_img_data_test(obj_request));
2336         img_request = obj_request->img_request;
2337
2338         dout("%s: img %p obj %p\n", __func__, img_request, obj_request);
2339         rbd_assert(img_request != NULL);
2340         rbd_assert(img_request->obj_request_count > 0);
2341         rbd_assert(which != BAD_WHICH);
2342         rbd_assert(which < img_request->obj_request_count);
2343
2344         spin_lock_irq(&img_request->completion_lock);
2345         if (which != img_request->next_completion)
2346                 goto out;
2347
2348         for_each_obj_request_from(img_request, obj_request) {
2349                 rbd_assert(more);
2350                 rbd_assert(which < img_request->obj_request_count);
2351
2352                 if (!obj_request_done_test(obj_request))
2353                         break;
2354                 more = rbd_img_obj_end_request(obj_request);
2355                 which++;
2356         }
2357
2358         rbd_assert(more ^ (which == img_request->obj_request_count));
2359         img_request->next_completion = which;
2360 out:
2361         spin_unlock_irq(&img_request->completion_lock);
2362         rbd_img_request_put(img_request);
2363
2364         if (!more)
2365                 rbd_img_request_complete(img_request);
2366 }
2367
2368 /*
2369  * Add individual osd ops to the given ceph_osd_request and prepare
2370  * them for submission. num_ops is the current number of
2371  * osd operations already to the object request.
2372  */
2373 static void rbd_img_obj_request_fill(struct rbd_obj_request *obj_request,
2374                                 struct ceph_osd_request *osd_request,
2375                                 enum obj_operation_type op_type,
2376                                 unsigned int num_ops)
2377 {
2378         struct rbd_img_request *img_request = obj_request->img_request;
2379         struct rbd_device *rbd_dev = img_request->rbd_dev;
2380         u64 object_size = rbd_obj_bytes(&rbd_dev->header);
2381         u64 offset = obj_request->offset;
2382         u64 length = obj_request->length;
2383         u64 img_end;
2384         u16 opcode;
2385
2386         if (op_type == OBJ_OP_DISCARD) {
2387                 if (!offset && length == object_size &&
2388                     (!img_request_layered_test(img_request) ||
2389                      !obj_request_overlaps_parent(obj_request))) {
2390                         opcode = CEPH_OSD_OP_DELETE;
2391                 } else if ((offset + length == object_size)) {
2392                         opcode = CEPH_OSD_OP_TRUNCATE;
2393                 } else {
2394                         down_read(&rbd_dev->header_rwsem);
2395                         img_end = rbd_dev->header.image_size;
2396                         up_read(&rbd_dev->header_rwsem);
2397
2398                         if (obj_request->img_offset + length == img_end)
2399                                 opcode = CEPH_OSD_OP_TRUNCATE;
2400                         else
2401                                 opcode = CEPH_OSD_OP_ZERO;
2402                 }
2403         } else if (op_type == OBJ_OP_WRITE) {
2404                 if (!offset && length == object_size)
2405                         opcode = CEPH_OSD_OP_WRITEFULL;
2406                 else
2407                         opcode = CEPH_OSD_OP_WRITE;
2408                 osd_req_op_alloc_hint_init(osd_request, num_ops,
2409                                         object_size, object_size);
2410                 num_ops++;
2411         } else {
2412                 opcode = CEPH_OSD_OP_READ;
2413         }
2414
2415         if (opcode == CEPH_OSD_OP_DELETE)
2416                 osd_req_op_init(osd_request, num_ops, opcode, 0);
2417         else
2418                 osd_req_op_extent_init(osd_request, num_ops, opcode,
2419                                        offset, length, 0, 0);
2420
2421         if (obj_request->type == OBJ_REQUEST_BIO)
2422                 osd_req_op_extent_osd_data_bio(osd_request, num_ops,
2423                                         obj_request->bio_list, length);
2424         else if (obj_request->type == OBJ_REQUEST_PAGES)
2425                 osd_req_op_extent_osd_data_pages(osd_request, num_ops,
2426                                         obj_request->pages, length,
2427                                         offset & ~PAGE_MASK, false, false);
2428
2429         /* Discards are also writes */
2430         if (op_type == OBJ_OP_WRITE || op_type == OBJ_OP_DISCARD)
2431                 rbd_osd_req_format_write(obj_request);
2432         else
2433                 rbd_osd_req_format_read(obj_request);
2434 }
2435
2436 /*
2437  * Split up an image request into one or more object requests, each
2438  * to a different object.  The "type" parameter indicates whether
2439  * "data_desc" is the pointer to the head of a list of bio
2440  * structures, or the base of a page array.  In either case this
2441  * function assumes data_desc describes memory sufficient to hold
2442  * all data described by the image request.
2443  */
2444 static int rbd_img_request_fill(struct rbd_img_request *img_request,
2445                                         enum obj_request_type type,
2446                                         void *data_desc)
2447 {
2448         struct rbd_device *rbd_dev = img_request->rbd_dev;
2449         struct rbd_obj_request *obj_request = NULL;
2450         struct rbd_obj_request *next_obj_request;
2451         struct bio *bio_list = NULL;
2452         unsigned int bio_offset = 0;
2453         struct page **pages = NULL;
2454         enum obj_operation_type op_type;
2455         u64 img_offset;
2456         u64 resid;
2457
2458         dout("%s: img %p type %d data_desc %p\n", __func__, img_request,
2459                 (int)type, data_desc);
2460
2461         img_offset = img_request->offset;
2462         resid = img_request->length;
2463         rbd_assert(resid > 0);
2464         op_type = rbd_img_request_op_type(img_request);
2465
2466         if (type == OBJ_REQUEST_BIO) {
2467                 bio_list = data_desc;
2468                 rbd_assert(img_offset ==
2469                            bio_list->bi_iter.bi_sector << SECTOR_SHIFT);
2470         } else if (type == OBJ_REQUEST_PAGES) {
2471                 pages = data_desc;
2472         }
2473
2474         while (resid) {
2475                 struct ceph_osd_request *osd_req;
2476                 const char *object_name;
2477                 u64 offset;
2478                 u64 length;
2479
2480                 object_name = rbd_segment_name(rbd_dev, img_offset);
2481                 if (!object_name)
2482                         goto out_unwind;
2483                 offset = rbd_segment_offset(rbd_dev, img_offset);
2484                 length = rbd_segment_length(rbd_dev, img_offset, resid);
2485                 obj_request = rbd_obj_request_create(object_name,
2486                                                 offset, length, type);
2487                 /* object request has its own copy of the object name */
2488                 rbd_segment_name_free(object_name);
2489                 if (!obj_request)
2490                         goto out_unwind;
2491
2492                 /*
2493                  * set obj_request->img_request before creating the
2494                  * osd_request so that it gets the right snapc
2495                  */
2496                 rbd_img_obj_request_add(img_request, obj_request);
2497
2498                 if (type == OBJ_REQUEST_BIO) {
2499                         unsigned int clone_size;
2500
2501                         rbd_assert(length <= (u64)UINT_MAX);
2502                         clone_size = (unsigned int)length;
2503                         obj_request->bio_list =
2504                                         bio_chain_clone_range(&bio_list,
2505                                                                 &bio_offset,
2506                                                                 clone_size,
2507                                                                 GFP_ATOMIC);
2508                         if (!obj_request->bio_list)
2509                                 goto out_unwind;
2510                 } else if (type == OBJ_REQUEST_PAGES) {
2511                         unsigned int page_count;
2512
2513                         obj_request->pages = pages;
2514                         page_count = (u32)calc_pages_for(offset, length);
2515                         obj_request->page_count = page_count;
2516                         if ((offset + length) & ~PAGE_MASK)
2517                                 page_count--;   /* more on last page */
2518                         pages += page_count;
2519                 }
2520
2521                 osd_req = rbd_osd_req_create(rbd_dev, op_type,
2522                                         (op_type == OBJ_OP_WRITE) ? 2 : 1,
2523                                         obj_request);
2524                 if (!osd_req)
2525                         goto out_unwind;
2526
2527                 obj_request->osd_req = osd_req;
2528                 obj_request->callback = rbd_img_obj_callback;
2529                 obj_request->img_offset = img_offset;
2530
2531                 rbd_img_obj_request_fill(obj_request, osd_req, op_type, 0);
2532
2533                 rbd_img_request_get(img_request);
2534
2535                 img_offset += length;
2536                 resid -= length;
2537         }
2538
2539         return 0;
2540
2541 out_unwind:
2542         for_each_obj_request_safe(img_request, obj_request, next_obj_request)
2543                 rbd_img_obj_request_del(img_request, obj_request);
2544
2545         return -ENOMEM;
2546 }
2547
2548 static void
2549 rbd_osd_copyup_callback(struct rbd_obj_request *obj_request)
2550 {
2551         struct rbd_img_request *img_request;
2552         struct rbd_device *rbd_dev;
2553         struct page **pages;
2554         u32 page_count;
2555
2556         dout("%s: obj %p\n", __func__, obj_request);
2557
2558         rbd_assert(obj_request->type == OBJ_REQUEST_BIO ||
2559                 obj_request->type == OBJ_REQUEST_NODATA);
2560         rbd_assert(obj_request_img_data_test(obj_request));
2561         img_request = obj_request->img_request;
2562         rbd_assert(img_request);
2563
2564         rbd_dev = img_request->rbd_dev;
2565         rbd_assert(rbd_dev);
2566
2567         pages = obj_request->copyup_pages;
2568         rbd_assert(pages != NULL);
2569         obj_request->copyup_pages = NULL;
2570         page_count = obj_request->copyup_page_count;
2571         rbd_assert(page_count);
2572         obj_request->copyup_page_count = 0;
2573         ceph_release_page_vector(pages, page_count);
2574
2575         /*
2576          * We want the transfer count to reflect the size of the
2577          * original write request.  There is no such thing as a
2578          * successful short write, so if the request was successful
2579          * we can just set it to the originally-requested length.
2580          */
2581         if (!obj_request->result)
2582                 obj_request->xferred = obj_request->length;
2583
2584         obj_request_done_set(obj_request);
2585 }
2586
2587 static void
2588 rbd_img_obj_parent_read_full_callback(struct rbd_img_request *img_request)
2589 {
2590         struct rbd_obj_request *orig_request;
2591         struct ceph_osd_request *osd_req;
2592         struct ceph_osd_client *osdc;
2593         struct rbd_device *rbd_dev;
2594         struct page **pages;
2595         enum obj_operation_type op_type;
2596         u32 page_count;
2597         int img_result;
2598         u64 parent_length;
2599
2600         rbd_assert(img_request_child_test(img_request));
2601
2602         /* First get what we need from the image request */
2603
2604         pages = img_request->copyup_pages;
2605         rbd_assert(pages != NULL);
2606         img_request->copyup_pages = NULL;
2607         page_count = img_request->copyup_page_count;
2608         rbd_assert(page_count);
2609         img_request->copyup_page_count = 0;
2610
2611         orig_request = img_request->obj_request;
2612         rbd_assert(orig_request != NULL);
2613         rbd_assert(obj_request_type_valid(orig_request->type));
2614         img_result = img_request->result;
2615         parent_length = img_request->length;
2616         rbd_assert(parent_length == img_request->xferred);
2617         rbd_img_request_put(img_request);
2618
2619         rbd_assert(orig_request->img_request);
2620         rbd_dev = orig_request->img_request->rbd_dev;
2621         rbd_assert(rbd_dev);
2622
2623         /*
2624          * If the overlap has become 0 (most likely because the
2625          * image has been flattened) we need to free the pages
2626          * and re-submit the original write request.
2627          */
2628         if (!rbd_dev->parent_overlap) {
2629                 struct ceph_osd_client *osdc;
2630
2631                 ceph_release_page_vector(pages, page_count);
2632                 osdc = &rbd_dev->rbd_client->client->osdc;
2633                 img_result = rbd_obj_request_submit(osdc, orig_request);
2634                 if (!img_result)
2635                         return;
2636         }
2637
2638         if (img_result)
2639                 goto out_err;
2640
2641         /*
2642          * The original osd request is of no use to use any more.
2643          * We need a new one that can hold the three ops in a copyup
2644          * request.  Allocate the new copyup osd request for the
2645          * original request, and release the old one.
2646          */
2647         img_result = -ENOMEM;
2648         osd_req = rbd_osd_req_create_copyup(orig_request);
2649         if (!osd_req)
2650                 goto out_err;
2651         rbd_osd_req_destroy(orig_request->osd_req);
2652         orig_request->osd_req = osd_req;
2653         orig_request->copyup_pages = pages;
2654         orig_request->copyup_page_count = page_count;
2655
2656         /* Initialize the copyup op */
2657
2658         osd_req_op_cls_init(osd_req, 0, CEPH_OSD_OP_CALL, "rbd", "copyup");
2659         osd_req_op_cls_request_data_pages(osd_req, 0, pages, parent_length, 0,
2660                                                 false, false);
2661
2662         /* Add the other op(s) */
2663
2664         op_type = rbd_img_request_op_type(orig_request->img_request);
2665         rbd_img_obj_request_fill(orig_request, osd_req, op_type, 1);
2666
2667         /* All set, send it off. */
2668
2669         osdc = &rbd_dev->rbd_client->client->osdc;
2670         img_result = rbd_obj_request_submit(osdc, orig_request);
2671         if (!img_result)
2672                 return;
2673 out_err:
2674         /* Record the error code and complete the request */
2675
2676         orig_request->result = img_result;
2677         orig_request->xferred = 0;
2678         obj_request_done_set(orig_request);
2679         rbd_obj_request_complete(orig_request);
2680 }
2681
2682 /*
2683  * Read from the parent image the range of data that covers the
2684  * entire target of the given object request.  This is used for
2685  * satisfying a layered image write request when the target of an
2686  * object request from the image request does not exist.
2687  *
2688  * A page array big enough to hold the returned data is allocated
2689  * and supplied to rbd_img_request_fill() as the "data descriptor."
2690  * When the read completes, this page array will be transferred to
2691  * the original object request for the copyup operation.
2692  *
2693  * If an error occurs, record it as the result of the original
2694  * object request and mark it done so it gets completed.
2695  */
2696 static int rbd_img_obj_parent_read_full(struct rbd_obj_request *obj_request)
2697 {
2698         struct rbd_img_request *img_request = NULL;
2699         struct rbd_img_request *parent_request = NULL;
2700         struct rbd_device *rbd_dev;
2701         u64 img_offset;
2702         u64 length;
2703         struct page **pages = NULL;
2704         u32 page_count;
2705         int result;
2706
2707         rbd_assert(obj_request_img_data_test(obj_request));
2708         rbd_assert(obj_request_type_valid(obj_request->type));
2709
2710         img_request = obj_request->img_request;
2711         rbd_assert(img_request != NULL);
2712         rbd_dev = img_request->rbd_dev;
2713         rbd_assert(rbd_dev->parent != NULL);
2714
2715         /*
2716          * Determine the byte range covered by the object in the
2717          * child image to which the original request was to be sent.
2718          */
2719         img_offset = obj_request->img_offset - obj_request->offset;
2720         length = (u64)1 << rbd_dev->header.obj_order;
2721
2722         /*
2723          * There is no defined parent data beyond the parent
2724          * overlap, so limit what we read at that boundary if
2725          * necessary.
2726          */
2727         if (img_offset + length > rbd_dev->parent_overlap) {
2728                 rbd_assert(img_offset < rbd_dev->parent_overlap);
2729                 length = rbd_dev->parent_overlap - img_offset;
2730         }
2731
2732         /*
2733          * Allocate a page array big enough to receive the data read
2734          * from the parent.
2735          */
2736         page_count = (u32)calc_pages_for(0, length);
2737         pages = ceph_alloc_page_vector(page_count, GFP_KERNEL);
2738         if (IS_ERR(pages)) {
2739                 result = PTR_ERR(pages);
2740                 pages = NULL;
2741                 goto out_err;
2742         }
2743
2744         result = -ENOMEM;
2745         parent_request = rbd_parent_request_create(obj_request,
2746                                                 img_offset, length);
2747         if (!parent_request)
2748                 goto out_err;
2749
2750         result = rbd_img_request_fill(parent_request, OBJ_REQUEST_PAGES, pages);
2751         if (result)
2752                 goto out_err;
2753         parent_request->copyup_pages = pages;
2754         parent_request->copyup_page_count = page_count;
2755
2756         parent_request->callback = rbd_img_obj_parent_read_full_callback;
2757         result = rbd_img_request_submit(parent_request);
2758         if (!result)
2759                 return 0;
2760
2761         parent_request->copyup_pages = NULL;
2762         parent_request->copyup_page_count = 0;
2763         parent_request->obj_request = NULL;
2764         rbd_obj_request_put(obj_request);
2765 out_err:
2766         if (pages)
2767                 ceph_release_page_vector(pages, page_count);
2768         if (parent_request)
2769                 rbd_img_request_put(parent_request);
2770         obj_request->result = result;
2771         obj_request->xferred = 0;
2772         obj_request_done_set(obj_request);
2773
2774         return result;
2775 }
2776
2777 static void rbd_img_obj_exists_callback(struct rbd_obj_request *obj_request)
2778 {
2779         struct rbd_obj_request *orig_request;
2780         struct rbd_device *rbd_dev;
2781         int result;
2782
2783         rbd_assert(!obj_request_img_data_test(obj_request));
2784
2785         /*
2786          * All we need from the object request is the original
2787          * request and the result of the STAT op.  Grab those, then
2788          * we're done with the request.
2789          */
2790         orig_request = obj_request->obj_request;
2791         obj_request->obj_request = NULL;
2792         rbd_obj_request_put(orig_request);
2793         rbd_assert(orig_request);
2794         rbd_assert(orig_request->img_request);
2795
2796         result = obj_request->result;
2797         obj_request->result = 0;
2798
2799         dout("%s: obj %p for obj %p result %d %llu/%llu\n", __func__,
2800                 obj_request, orig_request, result,
2801                 obj_request->xferred, obj_request->length);
2802         rbd_obj_request_put(obj_request);
2803
2804         /*
2805          * If the overlap has become 0 (most likely because the
2806          * image has been flattened) we need to free the pages
2807          * and re-submit the original write request.
2808          */
2809         rbd_dev = orig_request->img_request->rbd_dev;
2810         if (!rbd_dev->parent_overlap) {
2811                 struct ceph_osd_client *osdc;
2812
2813                 osdc = &rbd_dev->rbd_client->client->osdc;
2814                 result = rbd_obj_request_submit(osdc, orig_request);
2815                 if (!result)
2816                         return;
2817         }
2818
2819         /*
2820          * Our only purpose here is to determine whether the object
2821          * exists, and we don't want to treat the non-existence as
2822          * an error.  If something else comes back, transfer the
2823          * error to the original request and complete it now.
2824          */
2825         if (!result) {
2826                 obj_request_existence_set(orig_request, true);
2827         } else if (result == -ENOENT) {
2828                 obj_request_existence_set(orig_request, false);
2829         } else if (result) {
2830                 orig_request->result = result;
2831                 goto out;
2832         }
2833
2834         /*
2835          * Resubmit the original request now that we have recorded
2836          * whether the target object exists.
2837          */
2838         orig_request->result = rbd_img_obj_request_submit(orig_request);
2839 out:
2840         if (orig_request->result)
2841                 rbd_obj_request_complete(orig_request);
2842 }
2843
2844 static int rbd_img_obj_exists_submit(struct rbd_obj_request *obj_request)
2845 {
2846         struct rbd_obj_request *stat_request;
2847         struct rbd_device *rbd_dev;
2848         struct ceph_osd_client *osdc;
2849         struct page **pages = NULL;
2850         u32 page_count;
2851         size_t size;
2852         int ret;
2853
2854         /*
2855          * The response data for a STAT call consists of:
2856          *     le64 length;
2857          *     struct {
2858          *         le32 tv_sec;
2859          *         le32 tv_nsec;
2860          *     } mtime;
2861          */
2862         size = sizeof (__le64) + sizeof (__le32) + sizeof (__le32);
2863         page_count = (u32)calc_pages_for(0, size);
2864         pages = ceph_alloc_page_vector(page_count, GFP_KERNEL);
2865         if (IS_ERR(pages))
2866                 return PTR_ERR(pages);
2867
2868         ret = -ENOMEM;
2869         stat_request = rbd_obj_request_create(obj_request->object_name, 0, 0,
2870                                                         OBJ_REQUEST_PAGES);
2871         if (!stat_request)
2872                 goto out;
2873
2874         rbd_obj_request_get(obj_request);
2875         stat_request->obj_request = obj_request;
2876         stat_request->pages = pages;
2877         stat_request->page_count = page_count;
2878
2879         rbd_assert(obj_request->img_request);
2880         rbd_dev = obj_request->img_request->rbd_dev;
2881         stat_request->osd_req = rbd_osd_req_create(rbd_dev, OBJ_OP_READ, 1,
2882                                                    stat_request);
2883         if (!stat_request->osd_req)
2884                 goto out;
2885         stat_request->callback = rbd_img_obj_exists_callback;
2886
2887         osd_req_op_init(stat_request->osd_req, 0, CEPH_OSD_OP_STAT, 0);
2888         osd_req_op_raw_data_in_pages(stat_request->osd_req, 0, pages, size, 0,
2889                                         false, false);
2890         rbd_osd_req_format_read(stat_request);
2891
2892         osdc = &rbd_dev->rbd_client->client->osdc;
2893         ret = rbd_obj_request_submit(osdc, stat_request);
2894 out:
2895         if (ret)
2896                 rbd_obj_request_put(obj_request);
2897
2898         return ret;
2899 }
2900
2901 static bool img_obj_request_simple(struct rbd_obj_request *obj_request)
2902 {
2903         struct rbd_img_request *img_request;
2904         struct rbd_device *rbd_dev;
2905
2906         rbd_assert(obj_request_img_data_test(obj_request));
2907
2908         img_request = obj_request->img_request;
2909         rbd_assert(img_request);
2910         rbd_dev = img_request->rbd_dev;
2911
2912         /* Reads */
2913         if (!img_request_write_test(img_request) &&
2914             !img_request_discard_test(img_request))
2915                 return true;
2916
2917         /* Non-layered writes */
2918         if (!img_request_layered_test(img_request))
2919                 return true;
2920
2921         /*
2922          * Layered writes outside of the parent overlap range don't
2923          * share any data with the parent.
2924          */
2925         if (!obj_request_overlaps_parent(obj_request))
2926                 return true;
2927
2928         /*
2929          * Entire-object layered writes - we will overwrite whatever
2930          * parent data there is anyway.
2931          */
2932         if (!obj_request->offset &&
2933             obj_request->length == rbd_obj_bytes(&rbd_dev->header))
2934                 return true;
2935
2936         /*
2937          * If the object is known to already exist, its parent data has
2938          * already been copied.
2939          */
2940         if (obj_request_known_test(obj_request) &&
2941             obj_request_exists_test(obj_request))
2942                 return true;
2943
2944         return false;
2945 }
2946
2947 static int rbd_img_obj_request_submit(struct rbd_obj_request *obj_request)
2948 {
2949         if (img_obj_request_simple(obj_request)) {
2950                 struct rbd_device *rbd_dev;
2951                 struct ceph_osd_client *osdc;
2952
2953                 rbd_dev = obj_request->img_request->rbd_dev;
2954                 osdc = &rbd_dev->rbd_client->client->osdc;
2955
2956                 return rbd_obj_request_submit(osdc, obj_request);
2957         }
2958
2959         /*
2960          * It's a layered write.  The target object might exist but
2961          * we may not know that yet.  If we know it doesn't exist,
2962          * start by reading the data for the full target object from
2963          * the parent so we can use it for a copyup to the target.
2964          */
2965         if (obj_request_known_test(obj_request))
2966                 return rbd_img_obj_parent_read_full(obj_request);
2967
2968         /* We don't know whether the target exists.  Go find out. */
2969
2970         return rbd_img_obj_exists_submit(obj_request);
2971 }
2972
2973 static int rbd_img_request_submit(struct rbd_img_request *img_request)
2974 {
2975         struct rbd_obj_request *obj_request;
2976         struct rbd_obj_request *next_obj_request;
2977
2978         dout("%s: img %p\n", __func__, img_request);
2979         for_each_obj_request_safe(img_request, obj_request, next_obj_request) {
2980                 int ret;
2981
2982                 ret = rbd_img_obj_request_submit(obj_request);
2983                 if (ret)
2984                         return ret;
2985         }
2986
2987         return 0;
2988 }
2989
2990 static void rbd_img_parent_read_callback(struct rbd_img_request *img_request)
2991 {
2992         struct rbd_obj_request *obj_request;
2993         struct rbd_device *rbd_dev;
2994         u64 obj_end;
2995         u64 img_xferred;
2996         int img_result;
2997
2998         rbd_assert(img_request_child_test(img_request));
2999
3000         /* First get what we need from the image request and release it */
3001
3002         obj_request = img_request->obj_request;
3003         img_xferred = img_request->xferred;
3004         img_result = img_request->result;
3005         rbd_img_request_put(img_request);
3006
3007         /*
3008          * If the overlap has become 0 (most likely because the
3009          * image has been flattened) we need to re-submit the
3010          * original request.
3011          */
3012         rbd_assert(obj_request);
3013         rbd_assert(obj_request->img_request);
3014         rbd_dev = obj_request->img_request->rbd_dev;
3015         if (!rbd_dev->parent_overlap) {
3016                 struct ceph_osd_client *osdc;
3017
3018                 osdc = &rbd_dev->rbd_client->client->osdc;
3019                 img_result = rbd_obj_request_submit(osdc, obj_request);
3020                 if (!img_result)
3021                         return;
3022         }
3023
3024         obj_request->result = img_result;
3025         if (obj_request->result)
3026                 goto out;
3027
3028         /*
3029          * We need to zero anything beyond the parent overlap
3030          * boundary.  Since rbd_img_obj_request_read_callback()
3031          * will zero anything beyond the end of a short read, an
3032          * easy way to do this is to pretend the data from the
3033          * parent came up short--ending at the overlap boundary.
3034          */
3035         rbd_assert(obj_request->img_offset < U64_MAX - obj_request->length);
3036         obj_end = obj_request->img_offset + obj_request->length;
3037         if (obj_end > rbd_dev->parent_overlap) {
3038                 u64 xferred = 0;
3039
3040                 if (obj_request->img_offset < rbd_dev->parent_overlap)
3041                         xferred = rbd_dev->parent_overlap -
3042                                         obj_request->img_offset;
3043
3044                 obj_request->xferred = min(img_xferred, xferred);
3045         } else {
3046                 obj_request->xferred = img_xferred;
3047         }
3048 out:
3049         rbd_img_obj_request_read_callback(obj_request);
3050         rbd_obj_request_complete(obj_request);
3051 }
3052
3053 static void rbd_img_parent_read(struct rbd_obj_request *obj_request)
3054 {
3055         struct rbd_img_request *img_request;
3056         int result;
3057
3058         rbd_assert(obj_request_img_data_test(obj_request));
3059         rbd_assert(obj_request->img_request != NULL);
3060         rbd_assert(obj_request->result == (s32) -ENOENT);
3061         rbd_assert(obj_request_type_valid(obj_request->type));
3062
3063         /* rbd_read_finish(obj_request, obj_request->length); */
3064         img_request = rbd_parent_request_create(obj_request,
3065                                                 obj_request->img_offset,
3066                                                 obj_request->length);
3067         result = -ENOMEM;
3068         if (!img_request)
3069                 goto out_err;
3070
3071         if (obj_request->type == OBJ_REQUEST_BIO)
3072                 result = rbd_img_request_fill(img_request, OBJ_REQUEST_BIO,
3073                                                 obj_request->bio_list);
3074         else
3075                 result = rbd_img_request_fill(img_request, OBJ_REQUEST_PAGES,
3076                                                 obj_request->pages);
3077         if (result)
3078                 goto out_err;
3079
3080         img_request->callback = rbd_img_parent_read_callback;
3081         result = rbd_img_request_submit(img_request);
3082         if (result)
3083                 goto out_err;
3084
3085         return;
3086 out_err:
3087         if (img_request)
3088                 rbd_img_request_put(img_request);
3089         obj_request->result = result;
3090         obj_request->xferred = 0;
3091         obj_request_done_set(obj_request);
3092 }
3093
3094 static int rbd_obj_notify_ack_sync(struct rbd_device *rbd_dev, u64 notify_id)
3095 {
3096         struct rbd_obj_request *obj_request;
3097         struct ceph_osd_client *osdc = &rbd_dev->rbd_client->client->osdc;
3098         int ret;
3099
3100         obj_request = rbd_obj_request_create(rbd_dev->header_name, 0, 0,
3101                                                         OBJ_REQUEST_NODATA);
3102         if (!obj_request)
3103                 return -ENOMEM;
3104
3105         ret = -ENOMEM;
3106         obj_request->osd_req = rbd_osd_req_create(rbd_dev, OBJ_OP_READ, 1,
3107                                                   obj_request);
3108         if (!obj_request->osd_req)
3109                 goto out;
3110
3111         osd_req_op_watch_init(obj_request->osd_req, 0, CEPH_OSD_OP_NOTIFY_ACK,
3112                                         notify_id, 0, 0);
3113         rbd_osd_req_format_read(obj_request);
3114
3115         ret = rbd_obj_request_submit(osdc, obj_request);
3116         if (ret)
3117                 goto out;
3118         ret = rbd_obj_request_wait(obj_request);
3119 out:
3120         rbd_obj_request_put(obj_request);
3121
3122         return ret;
3123 }
3124
3125 static void rbd_watch_cb(u64 ver, u64 notify_id, u8 opcode, void *data)
3126 {
3127         struct rbd_device *rbd_dev = (struct rbd_device *)data;
3128         int ret;
3129
3130         if (!rbd_dev)
3131                 return;
3132
3133         dout("%s: \"%s\" notify_id %llu opcode %u\n", __func__,
3134                 rbd_dev->header_name, (unsigned long long)notify_id,
3135                 (unsigned int)opcode);
3136
3137         /*
3138          * Until adequate refresh error handling is in place, there is
3139          * not much we can do here, except warn.
3140          *
3141          * See http://tracker.ceph.com/issues/5040
3142          */
3143         ret = rbd_dev_refresh(rbd_dev);
3144         if (ret)
3145                 rbd_warn(rbd_dev, "refresh failed: %d", ret);
3146
3147         ret = rbd_obj_notify_ack_sync(rbd_dev, notify_id);
3148         if (ret)
3149                 rbd_warn(rbd_dev, "notify_ack ret %d", ret);
3150 }
3151
3152 /*
3153  * Send a (un)watch request and wait for the ack.  Return a request
3154  * with a ref held on success or error.
3155  */
3156 static struct rbd_obj_request *rbd_obj_watch_request_helper(
3157                                                 struct rbd_device *rbd_dev,
3158                                                 bool watch)
3159 {
3160         struct ceph_osd_client *osdc = &rbd_dev->rbd_client->client->osdc;
3161         struct ceph_options *opts = osdc->client->options;
3162         struct rbd_obj_request *obj_request;
3163         int ret;
3164
3165         obj_request = rbd_obj_request_create(rbd_dev->header_name, 0, 0,
3166                                              OBJ_REQUEST_NODATA);
3167         if (!obj_request)
3168                 return ERR_PTR(-ENOMEM);
3169
3170         obj_request->osd_req = rbd_osd_req_create(rbd_dev, OBJ_OP_WRITE, 1,
3171                                                   obj_request);
3172         if (!obj_request->osd_req) {
3173                 ret = -ENOMEM;
3174                 goto out;
3175         }
3176
3177         osd_req_op_watch_init(obj_request->osd_req, 0, CEPH_OSD_OP_WATCH,
3178                               rbd_dev->watch_event->cookie, 0, watch);
3179         rbd_osd_req_format_write(obj_request);
3180
3181         if (watch)
3182                 ceph_osdc_set_request_linger(osdc, obj_request->osd_req);
3183
3184         ret = rbd_obj_request_submit(osdc, obj_request);
3185         if (ret)
3186                 goto out;
3187
3188         ret = rbd_obj_request_wait_timeout(obj_request, opts->mount_timeout);
3189         if (ret)
3190                 goto out;
3191
3192         ret = obj_request->result;
3193         if (ret) {
3194                 if (watch)
3195                         rbd_obj_request_end(obj_request);
3196                 goto out;
3197         }
3198
3199         return obj_request;
3200
3201 out:
3202         rbd_obj_request_put(obj_request);
3203         return ERR_PTR(ret);
3204 }
3205
3206 /*
3207  * Initiate a watch request, synchronously.
3208  */
3209 static int rbd_dev_header_watch_sync(struct rbd_device *rbd_dev)
3210 {
3211         struct ceph_osd_client *osdc = &rbd_dev->rbd_client->client->osdc;
3212         struct rbd_obj_request *obj_request;
3213         int ret;
3214
3215         rbd_assert(!rbd_dev->watch_event);
3216         rbd_assert(!rbd_dev->watch_request);
3217
3218         ret = ceph_osdc_create_event(osdc, rbd_watch_cb, rbd_dev,
3219                                      &rbd_dev->watch_event);
3220         if (ret < 0)
3221                 return ret;
3222
3223         obj_request = rbd_obj_watch_request_helper(rbd_dev, true);
3224         if (IS_ERR(obj_request)) {
3225                 ceph_osdc_cancel_event(rbd_dev->watch_event);
3226                 rbd_dev->watch_event = NULL;
3227                 return PTR_ERR(obj_request);
3228         }
3229
3230         /*
3231          * A watch request is set to linger, so the underlying osd
3232          * request won't go away until we unregister it.  We retain
3233          * a pointer to the object request during that time (in
3234          * rbd_dev->watch_request), so we'll keep a reference to it.
3235          * We'll drop that reference after we've unregistered it in
3236          * rbd_dev_header_unwatch_sync().
3237          */
3238         rbd_dev->watch_request = obj_request;
3239
3240         return 0;
3241 }
3242
3243 /*
3244  * Tear down a watch request, synchronously.
3245  */
3246 static void rbd_dev_header_unwatch_sync(struct rbd_device *rbd_dev)
3247 {
3248         struct rbd_obj_request *obj_request;
3249
3250         rbd_assert(rbd_dev->watch_event);
3251         rbd_assert(rbd_dev->watch_request);
3252
3253         rbd_obj_request_end(rbd_dev->watch_request);
3254         rbd_obj_request_put(rbd_dev->watch_request);
3255         rbd_dev->watch_request = NULL;
3256
3257         obj_request = rbd_obj_watch_request_helper(rbd_dev, false);
3258         if (!IS_ERR(obj_request))
3259                 rbd_obj_request_put(obj_request);
3260         else
3261                 rbd_warn(rbd_dev, "unable to tear down watch request (%ld)",
3262                          PTR_ERR(obj_request));
3263
3264         ceph_osdc_cancel_event(rbd_dev->watch_event);
3265         rbd_dev->watch_event = NULL;
3266 }
3267
3268 /*
3269  * Synchronous osd object method call.  Returns the number of bytes
3270  * returned in the outbound buffer, or a negative error code.
3271  */
3272 static int rbd_obj_method_sync(struct rbd_device *rbd_dev,
3273                              const char *object_name,
3274                              const char *class_name,
3275                              const char *method_name,
3276                              const void *outbound,
3277                              size_t outbound_size,
3278                              void *inbound,
3279                              size_t inbound_size)
3280 {
3281         struct ceph_osd_client *osdc = &rbd_dev->rbd_client->client->osdc;
3282         struct rbd_obj_request *obj_request;
3283         struct page **pages;
3284         u32 page_count;
3285         int ret;
3286
3287         /*
3288          * Method calls are ultimately read operations.  The result
3289          * should placed into the inbound buffer provided.  They
3290          * also supply outbound data--parameters for the object
3291          * method.  Currently if this is present it will be a
3292          * snapshot id.
3293          */
3294         page_count = (u32)calc_pages_for(0, inbound_size);
3295         pages = ceph_alloc_page_vector(page_count, GFP_KERNEL);
3296         if (IS_ERR(pages))
3297                 return PTR_ERR(pages);
3298
3299         ret = -ENOMEM;
3300         obj_request = rbd_obj_request_create(object_name, 0, inbound_size,
3301                                                         OBJ_REQUEST_PAGES);
3302         if (!obj_request)
3303                 goto out;
3304
3305         obj_request->pages = pages;
3306         obj_request->page_count = page_count;
3307
3308         obj_request->osd_req = rbd_osd_req_create(rbd_dev, OBJ_OP_READ, 1,
3309                                                   obj_request);
3310         if (!obj_request->osd_req)
3311                 goto out;
3312
3313         osd_req_op_cls_init(obj_request->osd_req, 0, CEPH_OSD_OP_CALL,
3314                                         class_name, method_name);
3315         if (outbound_size) {
3316                 struct ceph_pagelist *pagelist;
3317
3318                 pagelist = kmalloc(sizeof (*pagelist), GFP_NOFS);
3319                 if (!pagelist)
3320                         goto out;
3321
3322                 ceph_pagelist_init(pagelist);
3323                 ceph_pagelist_append(pagelist, outbound, outbound_size);
3324                 osd_req_op_cls_request_data_pagelist(obj_request->osd_req, 0,
3325                                                 pagelist);
3326         }
3327         osd_req_op_cls_response_data_pages(obj_request->osd_req, 0,
3328                                         obj_request->pages, inbound_size,
3329                                         0, false, false);
3330         rbd_osd_req_format_read(obj_request);
3331
3332         ret = rbd_obj_request_submit(osdc, obj_request);
3333         if (ret)
3334                 goto out;
3335         ret = rbd_obj_request_wait(obj_request);
3336         if (ret)
3337                 goto out;
3338
3339         ret = obj_request->result;
3340         if (ret < 0)
3341                 goto out;
3342
3343         rbd_assert(obj_request->xferred < (u64)INT_MAX);
3344         ret = (int)obj_request->xferred;
3345         ceph_copy_from_page_vector(pages, inbound, 0, obj_request->xferred);
3346 out:
3347         if (obj_request)
3348                 rbd_obj_request_put(obj_request);
3349         else
3350                 ceph_release_page_vector(pages, page_count);
3351
3352         return ret;
3353 }
3354
3355 static void rbd_queue_workfn(struct work_struct *work)
3356 {
3357         struct request *rq = blk_mq_rq_from_pdu(work);
3358         struct rbd_device *rbd_dev = rq->q->queuedata;
3359         struct rbd_img_request *img_request;
3360         struct ceph_snap_context *snapc = NULL;
3361         u64 offset = (u64)blk_rq_pos(rq) << SECTOR_SHIFT;
3362         u64 length = blk_rq_bytes(rq);
3363         enum obj_operation_type op_type;
3364         u64 mapping_size;
3365         int result;
3366
3367         if (rq->cmd_type != REQ_TYPE_FS) {
3368                 dout("%s: non-fs request type %d\n", __func__,
3369                         (int) rq->cmd_type);
3370                 result = -EIO;
3371                 goto err;
3372         }
3373
3374         if (rq->cmd_flags & REQ_DISCARD)
3375                 op_type = OBJ_OP_DISCARD;
3376         else if (rq->cmd_flags & REQ_WRITE)
3377                 op_type = OBJ_OP_WRITE;
3378         else
3379                 op_type = OBJ_OP_READ;
3380
3381         /* Ignore/skip any zero-length requests */
3382
3383         if (!length) {
3384                 dout("%s: zero-length request\n", __func__);
3385                 result = 0;
3386                 goto err_rq;
3387         }
3388
3389         /* Only reads are allowed to a read-only device */
3390
3391         if (op_type != OBJ_OP_READ) {
3392                 if (rbd_dev->mapping.read_only) {
3393                         result = -EROFS;
3394                         goto err_rq;
3395                 }
3396                 rbd_assert(rbd_dev->spec->snap_id == CEPH_NOSNAP);
3397         }
3398
3399         /*
3400          * Quit early if the mapped snapshot no longer exists.  It's
3401          * still possible the snapshot will have disappeared by the
3402          * time our request arrives at the osd, but there's no sense in
3403          * sending it if we already know.
3404          */
3405         if (!test_bit(RBD_DEV_FLAG_EXISTS, &rbd_dev->flags)) {
3406                 dout("request for non-existent snapshot");
3407                 rbd_assert(rbd_dev->spec->snap_id != CEPH_NOSNAP);
3408                 result = -ENXIO;
3409                 goto err_rq;
3410         }
3411
3412         if (offset && length > U64_MAX - offset + 1) {
3413                 rbd_warn(rbd_dev, "bad request range (%llu~%llu)", offset,
3414                          length);
3415                 result = -EINVAL;
3416                 goto err_rq;    /* Shouldn't happen */
3417         }
3418
3419         blk_mq_start_request(rq);
3420
3421         down_read(&rbd_dev->header_rwsem);
3422         mapping_size = rbd_dev->mapping.size;
3423         if (op_type != OBJ_OP_READ) {
3424                 snapc = rbd_dev->header.snapc;
3425                 ceph_get_snap_context(snapc);
3426         }
3427         up_read(&rbd_dev->header_rwsem);
3428
3429         if (offset + length > mapping_size) {
3430                 rbd_warn(rbd_dev, "beyond EOD (%llu~%llu > %llu)", offset,
3431                          length, mapping_size);
3432                 result = -EIO;
3433                 goto err_rq;
3434         }
3435
3436         img_request = rbd_img_request_create(rbd_dev, offset, length, op_type,
3437                                              snapc);
3438         if (!img_request) {
3439                 result = -ENOMEM;
3440                 goto err_rq;
3441         }
3442         img_request->rq = rq;
3443         snapc = NULL; /* img_request consumes a ref */
3444
3445         if (op_type == OBJ_OP_DISCARD)
3446                 result = rbd_img_request_fill(img_request, OBJ_REQUEST_NODATA,
3447                                               NULL);
3448         else
3449                 result = rbd_img_request_fill(img_request, OBJ_REQUEST_BIO,
3450                                               rq->bio);
3451         if (result)
3452                 goto err_img_request;
3453
3454         result = rbd_img_request_submit(img_request);
3455         if (result)
3456                 goto err_img_request;
3457
3458         return;
3459
3460 err_img_request:
3461         rbd_img_request_put(img_request);
3462 err_rq:
3463         if (result)
3464                 rbd_warn(rbd_dev, "%s %llx at %llx result %d",
3465                          obj_op_name(op_type), length, offset, result);
3466         ceph_put_snap_context(snapc);
3467 err:
3468         blk_mq_end_request(rq, result);
3469 }
3470
3471 static int rbd_queue_rq(struct blk_mq_hw_ctx *hctx,
3472                 const struct blk_mq_queue_data *bd)
3473 {
3474         struct request *rq = bd->rq;
3475         struct work_struct *work = blk_mq_rq_to_pdu(rq);
3476
3477         queue_work(rbd_wq, work);
3478         return BLK_MQ_RQ_QUEUE_OK;
3479 }
3480
3481 static void rbd_free_disk(struct rbd_device *rbd_dev)
3482 {
3483         struct gendisk *disk = rbd_dev->disk;
3484
3485         if (!disk)
3486                 return;
3487
3488         rbd_dev->disk = NULL;
3489         if (disk->flags & GENHD_FL_UP) {
3490                 del_gendisk(disk);
3491                 if (disk->queue)
3492                         blk_cleanup_queue(disk->queue);
3493                 blk_mq_free_tag_set(&rbd_dev->tag_set);
3494         }
3495         put_disk(disk);
3496 }
3497
3498 static int rbd_obj_read_sync(struct rbd_device *rbd_dev,
3499                                 const char *object_name,
3500                                 u64 offset, u64 length, void *buf)
3501
3502 {
3503         struct ceph_osd_client *osdc = &rbd_dev->rbd_client->client->osdc;
3504         struct rbd_obj_request *obj_request;
3505         struct page **pages = NULL;
3506         u32 page_count;
3507         size_t size;
3508         int ret;
3509
3510         page_count = (u32) calc_pages_for(offset, length);
3511         pages = ceph_alloc_page_vector(page_count, GFP_KERNEL);
3512         if (IS_ERR(pages))
3513                 return PTR_ERR(pages);
3514
3515         ret = -ENOMEM;
3516         obj_request = rbd_obj_request_create(object_name, offset, length,
3517                                                         OBJ_REQUEST_PAGES);
3518         if (!obj_request)
3519                 goto out;
3520
3521         obj_request->pages = pages;
3522         obj_request->page_count = page_count;
3523
3524         obj_request->osd_req = rbd_osd_req_create(rbd_dev, OBJ_OP_READ, 1,
3525                                                   obj_request);
3526         if (!obj_request->osd_req)
3527                 goto out;
3528
3529         osd_req_op_extent_init(obj_request->osd_req, 0, CEPH_OSD_OP_READ,
3530                                         offset, length, 0, 0);
3531         osd_req_op_extent_osd_data_pages(obj_request->osd_req, 0,
3532                                         obj_request->pages,
3533                                         obj_request->length,
3534                                         obj_request->offset & ~PAGE_MASK,
3535                                         false, false);
3536         rbd_osd_req_format_read(obj_request);
3537
3538         ret = rbd_obj_request_submit(osdc, obj_request);
3539         if (ret)
3540                 goto out;
3541         ret = rbd_obj_request_wait(obj_request);
3542         if (ret)
3543                 goto out;
3544
3545         ret = obj_request->result;
3546         if (ret < 0)
3547                 goto out;
3548
3549         rbd_assert(obj_request->xferred <= (u64) SIZE_MAX);
3550         size = (size_t) obj_request->xferred;
3551         ceph_copy_from_page_vector(pages, buf, 0, size);
3552         rbd_assert(size <= (size_t)INT_MAX);
3553         ret = (int)size;
3554 out:
3555         if (obj_request)
3556                 rbd_obj_request_put(obj_request);
3557         else
3558                 ceph_release_page_vector(pages, page_count);
3559
3560         return ret;
3561 }
3562
3563 /*
3564  * Read the complete header for the given rbd device.  On successful
3565  * return, the rbd_dev->header field will contain up-to-date
3566  * information about the image.
3567  */
3568 static int rbd_dev_v1_header_info(struct rbd_device *rbd_dev)
3569 {
3570         struct rbd_image_header_ondisk *ondisk = NULL;
3571         u32 snap_count = 0;
3572         u64 names_size = 0;
3573         u32 want_count;
3574         int ret;
3575
3576         /*
3577          * The complete header will include an array of its 64-bit
3578          * snapshot ids, followed by the names of those snapshots as
3579          * a contiguous block of NUL-terminated strings.  Note that
3580          * the number of snapshots could change by the time we read
3581          * it in, in which case we re-read it.
3582          */
3583         do {
3584                 size_t size;
3585
3586                 kfree(ondisk);
3587
3588                 size = sizeof (*ondisk);
3589                 size += snap_count * sizeof (struct rbd_image_snap_ondisk);
3590                 size += names_size;
3591                 ondisk = kmalloc(size, GFP_KERNEL);
3592                 if (!ondisk)
3593                         return -ENOMEM;
3594
3595                 ret = rbd_obj_read_sync(rbd_dev, rbd_dev->header_name,
3596                                        0, size, ondisk);
3597                 if (ret < 0)
3598                         goto out;
3599                 if ((size_t)ret < size) {
3600                         ret = -ENXIO;
3601                         rbd_warn(rbd_dev, "short header read (want %zd got %d)",
3602                                 size, ret);
3603                         goto out;
3604                 }
3605                 if (!rbd_dev_ondisk_valid(ondisk)) {
3606                         ret = -ENXIO;
3607                         rbd_warn(rbd_dev, "invalid header");
3608                         goto out;
3609                 }
3610
3611                 names_size = le64_to_cpu(ondisk->snap_names_len);
3612                 want_count = snap_count;
3613                 snap_count = le32_to_cpu(ondisk->snap_count);
3614         } while (snap_count != want_count);
3615
3616         ret = rbd_header_from_disk(rbd_dev, ondisk);
3617 out:
3618         kfree(ondisk);
3619
3620         return ret;
3621 }
3622
3623 /*
3624  * Clear the rbd device's EXISTS flag if the snapshot it's mapped to
3625  * has disappeared from the (just updated) snapshot context.
3626  */
3627 static void rbd_exists_validate(struct rbd_device *rbd_dev)
3628 {
3629         u64 snap_id;
3630
3631         if (!test_bit(RBD_DEV_FLAG_EXISTS, &rbd_dev->flags))
3632                 return;
3633
3634         snap_id = rbd_dev->spec->snap_id;
3635         if (snap_id == CEPH_NOSNAP)
3636                 return;
3637
3638         if (rbd_dev_snap_index(rbd_dev, snap_id) == BAD_SNAP_INDEX)
3639                 clear_bit(RBD_DEV_FLAG_EXISTS, &rbd_dev->flags);
3640 }
3641
3642 static void rbd_dev_update_size(struct rbd_device *rbd_dev)
3643 {
3644         sector_t size;
3645         bool removing;
3646
3647         /*
3648          * Don't hold the lock while doing disk operations,
3649          * or lock ordering will conflict with the bdev mutex via:
3650          * rbd_add() -> blkdev_get() -> rbd_open()
3651          */
3652         spin_lock_irq(&rbd_dev->lock);
3653         removing = test_bit(RBD_DEV_FLAG_REMOVING, &rbd_dev->flags);
3654         spin_unlock_irq(&rbd_dev->lock);
3655         /*
3656          * If the device is being removed, rbd_dev->disk has
3657          * been destroyed, so don't try to update its size
3658          */
3659         if (!removing) {
3660                 size = (sector_t)rbd_dev->mapping.size / SECTOR_SIZE;
3661                 dout("setting size to %llu sectors", (unsigned long long)size);
3662                 set_capacity(rbd_dev->disk, size);
3663                 revalidate_disk(rbd_dev->disk);
3664         }
3665 }
3666
3667 static int rbd_dev_refresh(struct rbd_device *rbd_dev)
3668 {
3669         u64 mapping_size;
3670         int ret;
3671
3672         down_write(&rbd_dev->header_rwsem);
3673         mapping_size = rbd_dev->mapping.size;
3674
3675         ret = rbd_dev_header_info(rbd_dev);
3676         if (ret)
3677                 goto out;
3678
3679         /*
3680          * If there is a parent, see if it has disappeared due to the
3681          * mapped image getting flattened.
3682          */
3683         if (rbd_dev->parent) {
3684                 ret = rbd_dev_v2_parent_info(rbd_dev);
3685                 if (ret)
3686                         goto out;
3687         }
3688
3689         if (rbd_dev->spec->snap_id == CEPH_NOSNAP) {
3690                 rbd_dev->mapping.size = rbd_dev->header.image_size;
3691         } else {
3692                 /* validate mapped snapshot's EXISTS flag */
3693                 rbd_exists_validate(rbd_dev);
3694         }
3695
3696 out:
3697         up_write(&rbd_dev->header_rwsem);
3698         if (!ret && mapping_size != rbd_dev->mapping.size)
3699                 rbd_dev_update_size(rbd_dev);
3700
3701         return ret;
3702 }
3703
3704 static int rbd_init_request(void *data, struct request *rq,
3705                 unsigned int hctx_idx, unsigned int request_idx,
3706                 unsigned int numa_node)
3707 {
3708         struct work_struct *work = blk_mq_rq_to_pdu(rq);
3709
3710         INIT_WORK(work, rbd_queue_workfn);
3711         return 0;
3712 }
3713
3714 static struct blk_mq_ops rbd_mq_ops = {
3715         .queue_rq       = rbd_queue_rq,
3716         .map_queue      = blk_mq_map_queue,
3717         .init_request   = rbd_init_request,
3718 };
3719
3720 static int rbd_init_disk(struct rbd_device *rbd_dev)
3721 {
3722         struct gendisk *disk;
3723         struct request_queue *q;
3724         u64 segment_size;
3725         int err;
3726
3727         /* create gendisk info */
3728         disk = alloc_disk(single_major ?
3729                           (1 << RBD_SINGLE_MAJOR_PART_SHIFT) :
3730                           RBD_MINORS_PER_MAJOR);
3731         if (!disk)
3732                 return -ENOMEM;
3733
3734         snprintf(disk->disk_name, sizeof(disk->disk_name), RBD_DRV_NAME "%d",
3735                  rbd_dev->dev_id);
3736         disk->major = rbd_dev->major;
3737         disk->first_minor = rbd_dev->minor;
3738         if (single_major)
3739                 disk->flags |= GENHD_FL_EXT_DEVT;
3740         disk->fops = &rbd_bd_ops;
3741         disk->private_data = rbd_dev;
3742
3743         memset(&rbd_dev->tag_set, 0, sizeof(rbd_dev->tag_set));
3744         rbd_dev->tag_set.ops = &rbd_mq_ops;
3745         rbd_dev->tag_set.queue_depth = rbd_dev->opts->queue_depth;
3746         rbd_dev->tag_set.numa_node = NUMA_NO_NODE;
3747         rbd_dev->tag_set.flags = BLK_MQ_F_SHOULD_MERGE | BLK_MQ_F_SG_MERGE;
3748         rbd_dev->tag_set.nr_hw_queues = 1;
3749         rbd_dev->tag_set.cmd_size = sizeof(struct work_struct);
3750
3751         err = blk_mq_alloc_tag_set(&rbd_dev->tag_set);
3752         if (err)
3753                 goto out_disk;
3754
3755         q = blk_mq_init_queue(&rbd_dev->tag_set);
3756         if (IS_ERR(q)) {
3757                 err = PTR_ERR(q);
3758                 goto out_tag_set;
3759         }
3760
3761         queue_flag_set_unlocked(QUEUE_FLAG_NONROT, q);
3762         /* QUEUE_FLAG_ADD_RANDOM is off by default for blk-mq */
3763
3764         /* set io sizes to object size */
3765         segment_size = rbd_obj_bytes(&rbd_dev->header);
3766         blk_queue_max_hw_sectors(q, segment_size / SECTOR_SIZE);
3767         q->limits.max_sectors = queue_max_hw_sectors(q);
3768         blk_queue_max_segments(q, segment_size / SECTOR_SIZE);
3769         blk_queue_max_segment_size(q, segment_size);
3770         blk_queue_io_min(q, segment_size);
3771         blk_queue_io_opt(q, segment_size);
3772
3773         /* enable the discard support */
3774         queue_flag_set_unlocked(QUEUE_FLAG_DISCARD, q);
3775         q->limits.discard_granularity = segment_size;
3776         q->limits.discard_alignment = segment_size;
3777         blk_queue_max_discard_sectors(q, segment_size / SECTOR_SIZE);
3778         q->limits.discard_zeroes_data = 1;
3779
3780         if (!ceph_test_opt(rbd_dev->rbd_client->client, NOCRC))
3781                 q->backing_dev_info.capabilities |= BDI_CAP_STABLE_WRITES;
3782
3783         disk->queue = q;
3784
3785         q->queuedata = rbd_dev;
3786
3787         rbd_dev->disk = disk;
3788
3789         return 0;
3790 out_tag_set:
3791         blk_mq_free_tag_set(&rbd_dev->tag_set);
3792 out_disk:
3793         put_disk(disk);
3794         return err;
3795 }
3796
3797 /*
3798   sysfs
3799 */
3800
3801 static struct rbd_device *dev_to_rbd_dev(struct device *dev)
3802 {
3803         return container_of(dev, struct rbd_device, dev);
3804 }
3805
3806 static ssize_t rbd_size_show(struct device *dev,
3807                              struct device_attribute *attr, char *buf)
3808 {
3809         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3810
3811         return sprintf(buf, "%llu\n",
3812                 (unsigned long long)rbd_dev->mapping.size);
3813 }
3814
3815 /*
3816  * Note this shows the features for whatever's mapped, which is not
3817  * necessarily the base image.
3818  */
3819 static ssize_t rbd_features_show(struct device *dev,
3820                              struct device_attribute *attr, char *buf)
3821 {
3822         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3823
3824         return sprintf(buf, "0x%016llx\n",
3825                         (unsigned long long)rbd_dev->mapping.features);
3826 }
3827
3828 static ssize_t rbd_major_show(struct device *dev,
3829                               struct device_attribute *attr, char *buf)
3830 {
3831         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3832
3833         if (rbd_dev->major)
3834                 return sprintf(buf, "%d\n", rbd_dev->major);
3835
3836         return sprintf(buf, "(none)\n");
3837 }
3838
3839 static ssize_t rbd_minor_show(struct device *dev,
3840                               struct device_attribute *attr, char *buf)
3841 {
3842         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3843
3844         return sprintf(buf, "%d\n", rbd_dev->minor);
3845 }
3846
3847 static ssize_t rbd_client_id_show(struct device *dev,
3848                                   struct device_attribute *attr, char *buf)
3849 {
3850         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3851
3852         return sprintf(buf, "client%lld\n",
3853                         ceph_client_id(rbd_dev->rbd_client->client));
3854 }
3855
3856 static ssize_t rbd_pool_show(struct device *dev,
3857                              struct device_attribute *attr, char *buf)
3858 {
3859         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3860
3861         return sprintf(buf, "%s\n", rbd_dev->spec->pool_name);
3862 }
3863
3864 static ssize_t rbd_pool_id_show(struct device *dev,
3865                              struct device_attribute *attr, char *buf)
3866 {
3867         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3868
3869         return sprintf(buf, "%llu\n",
3870                         (unsigned long long) rbd_dev->spec->pool_id);
3871 }
3872
3873 static ssize_t rbd_name_show(struct device *dev,
3874                              struct device_attribute *attr, char *buf)
3875 {
3876         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3877
3878         if (rbd_dev->spec->image_name)
3879                 return sprintf(buf, "%s\n", rbd_dev->spec->image_name);
3880
3881         return sprintf(buf, "(unknown)\n");
3882 }
3883
3884 static ssize_t rbd_image_id_show(struct device *dev,
3885                              struct device_attribute *attr, char *buf)
3886 {
3887         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3888
3889         return sprintf(buf, "%s\n", rbd_dev->spec->image_id);
3890 }
3891
3892 /*
3893  * Shows the name of the currently-mapped snapshot (or
3894  * RBD_SNAP_HEAD_NAME for the base image).
3895  */
3896 static ssize_t rbd_snap_show(struct device *dev,
3897                              struct device_attribute *attr,
3898                              char *buf)
3899 {
3900         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3901
3902         return sprintf(buf, "%s\n", rbd_dev->spec->snap_name);
3903 }
3904
3905 /*
3906  * For a v2 image, shows the chain of parent images, separated by empty
3907  * lines.  For v1 images or if there is no parent, shows "(no parent
3908  * image)".
3909  */
3910 static ssize_t rbd_parent_show(struct device *dev,
3911                                struct device_attribute *attr,
3912                                char *buf)
3913 {
3914         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3915         ssize_t count = 0;
3916
3917         if (!rbd_dev->parent)
3918                 return sprintf(buf, "(no parent image)\n");
3919
3920         for ( ; rbd_dev->parent; rbd_dev = rbd_dev->parent) {
3921                 struct rbd_spec *spec = rbd_dev->parent_spec;
3922
3923                 count += sprintf(&buf[count], "%s"
3924                             "pool_id %llu\npool_name %s\n"
3925                             "image_id %s\nimage_name %s\n"
3926                             "snap_id %llu\nsnap_name %s\n"
3927                             "overlap %llu\n",
3928                             !count ? "" : "\n", /* first? */
3929                             spec->pool_id, spec->pool_name,
3930                             spec->image_id, spec->image_name ?: "(unknown)",
3931                             spec->snap_id, spec->snap_name,
3932                             rbd_dev->parent_overlap);
3933         }
3934
3935         return count;
3936 }
3937
3938 static ssize_t rbd_image_refresh(struct device *dev,
3939                                  struct device_attribute *attr,
3940                                  const char *buf,
3941                                  size_t size)
3942 {
3943         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
3944         int ret;
3945
3946         ret = rbd_dev_refresh(rbd_dev);
3947         if (ret)
3948                 return ret;
3949
3950         return size;
3951 }
3952
3953 static DEVICE_ATTR(size, S_IRUGO, rbd_size_show, NULL);
3954 static DEVICE_ATTR(features, S_IRUGO, rbd_features_show, NULL);
3955 static DEVICE_ATTR(major, S_IRUGO, rbd_major_show, NULL);
3956 static DEVICE_ATTR(minor, S_IRUGO, rbd_minor_show, NULL);
3957 static DEVICE_ATTR(client_id, S_IRUGO, rbd_client_id_show, NULL);
3958 static DEVICE_ATTR(pool, S_IRUGO, rbd_pool_show, NULL);
3959 static DEVICE_ATTR(pool_id, S_IRUGO, rbd_pool_id_show, NULL);
3960 static DEVICE_ATTR(name, S_IRUGO, rbd_name_show, NULL);
3961 static DEVICE_ATTR(image_id, S_IRUGO, rbd_image_id_show, NULL);
3962 static DEVICE_ATTR(refresh, S_IWUSR, NULL, rbd_image_refresh);
3963 static DEVICE_ATTR(current_snap, S_IRUGO, rbd_snap_show, NULL);
3964 static DEVICE_ATTR(parent, S_IRUGO, rbd_parent_show, NULL);
3965
3966 static struct attribute *rbd_attrs[] = {
3967         &dev_attr_size.attr,
3968         &dev_attr_features.attr,
3969         &dev_attr_major.attr,
3970         &dev_attr_minor.attr,
3971         &dev_attr_client_id.attr,
3972         &dev_attr_pool.attr,
3973         &dev_attr_pool_id.attr,
3974         &dev_attr_name.attr,
3975         &dev_attr_image_id.attr,
3976         &dev_attr_current_snap.attr,
3977         &dev_attr_parent.attr,
3978         &dev_attr_refresh.attr,
3979         NULL
3980 };
3981
3982 static struct attribute_group rbd_attr_group = {
3983         .attrs = rbd_attrs,
3984 };
3985
3986 static const struct attribute_group *rbd_attr_groups[] = {
3987         &rbd_attr_group,
3988         NULL
3989 };
3990
3991 static void rbd_dev_release(struct device *dev);
3992
3993 static struct device_type rbd_device_type = {
3994         .name           = "rbd",
3995         .groups         = rbd_attr_groups,
3996         .release        = rbd_dev_release,
3997 };
3998
3999 static struct rbd_spec *rbd_spec_get(struct rbd_spec *spec)
4000 {
4001         kref_get(&spec->kref);
4002
4003         return spec;
4004 }
4005
4006 static void rbd_spec_free(struct kref *kref);
4007 static void rbd_spec_put(struct rbd_spec *spec)
4008 {
4009         if (spec)
4010                 kref_put(&spec->kref, rbd_spec_free);
4011 }
4012
4013 static struct rbd_spec *rbd_spec_alloc(void)
4014 {
4015         struct rbd_spec *spec;
4016
4017         spec = kzalloc(sizeof (*spec), GFP_KERNEL);
4018         if (!spec)
4019                 return NULL;
4020
4021         spec->pool_id = CEPH_NOPOOL;
4022         spec->snap_id = CEPH_NOSNAP;
4023         kref_init(&spec->kref);
4024
4025         return spec;
4026 }
4027
4028 static void rbd_spec_free(struct kref *kref)
4029 {
4030         struct rbd_spec *spec = container_of(kref, struct rbd_spec, kref);
4031
4032         kfree(spec->pool_name);
4033         kfree(spec->image_id);
4034         kfree(spec->image_name);
4035         kfree(spec->snap_name);
4036         kfree(spec);
4037 }
4038
4039 static void rbd_dev_release(struct device *dev)
4040 {
4041         struct rbd_device *rbd_dev = dev_to_rbd_dev(dev);
4042         bool need_put = !!rbd_dev->opts;
4043
4044         rbd_put_client(rbd_dev->rbd_client);
4045         rbd_spec_put(rbd_dev->spec);
4046         kfree(rbd_dev->opts);
4047         kfree(rbd_dev);
4048
4049         /*
4050          * This is racy, but way better than putting module outside of
4051          * the release callback.  The race window is pretty small, so
4052          * doing something similar to dm (dm-builtin.c) is overkill.
4053          */
4054         if (need_put)
4055                 module_put(THIS_MODULE);
4056 }
4057
4058 static struct rbd_device *rbd_dev_create(struct rbd_client *rbdc,
4059                                          struct rbd_spec *spec,
4060                                          struct rbd_options *opts)
4061 {
4062         struct rbd_device *rbd_dev;
4063
4064         rbd_dev = kzalloc(sizeof (*rbd_dev), GFP_KERNEL);
4065         if (!rbd_dev)
4066                 return NULL;
4067
4068         spin_lock_init(&rbd_dev->lock);
4069         rbd_dev->flags = 0;
4070         atomic_set(&rbd_dev->parent_ref, 0);
4071         INIT_LIST_HEAD(&rbd_dev->node);
4072         init_rwsem(&rbd_dev->header_rwsem);
4073
4074         rbd_dev->dev.bus = &rbd_bus_type;
4075         rbd_dev->dev.type = &rbd_device_type;
4076         rbd_dev->dev.parent = &rbd_root_dev;
4077         device_initialize(&rbd_dev->dev);
4078
4079         rbd_dev->rbd_client = rbdc;
4080         rbd_dev->spec = spec;
4081         rbd_dev->opts = opts;
4082
4083         /* Initialize the layout used for all rbd requests */
4084
4085         rbd_dev->layout.fl_stripe_unit = cpu_to_le32(1 << RBD_MAX_OBJ_ORDER);
4086         rbd_dev->layout.fl_stripe_count = cpu_to_le32(1);
4087         rbd_dev->layout.fl_object_size = cpu_to_le32(1 << RBD_MAX_OBJ_ORDER);
4088         rbd_dev->layout.fl_pg_pool = cpu_to_le32((u32) spec->pool_id);
4089
4090         /*
4091          * If this is a mapping rbd_dev (as opposed to a parent one),
4092          * pin our module.  We have a ref from do_rbd_add(), so use
4093          * __module_get().
4094          */
4095         if (rbd_dev->opts)
4096                 __module_get(THIS_MODULE);
4097
4098         return rbd_dev;
4099 }
4100
4101 static void rbd_dev_destroy(struct rbd_device *rbd_dev)
4102 {
4103         if (rbd_dev)
4104                 put_device(&rbd_dev->dev);
4105 }
4106
4107 /*
4108  * Get the size and object order for an image snapshot, or if
4109  * snap_id is CEPH_NOSNAP, gets this information for the base
4110  * image.
4111  */
4112 static int _rbd_dev_v2_snap_size(struct rbd_device *rbd_dev, u64 snap_id,
4113                                 u8 *order, u64 *snap_size)
4114 {
4115         __le64 snapid = cpu_to_le64(snap_id);
4116         int ret;
4117         struct {
4118                 u8 order;
4119                 __le64 size;
4120         } __attribute__ ((packed)) size_buf = { 0 };
4121
4122         ret = rbd_obj_method_sync(rbd_dev, rbd_dev->header_name,
4123                                 "rbd", "get_size",
4124                                 &snapid, sizeof (snapid),
4125                                 &size_buf, sizeof (size_buf));
4126         dout("%s: rbd_obj_method_sync returned %d\n", __func__, ret);
4127         if (ret < 0)
4128                 return ret;
4129         if (ret < sizeof (size_buf))
4130                 return -ERANGE;
4131
4132         if (order) {
4133                 *order = size_buf.order;
4134                 dout("  order %u", (unsigned int)*order);
4135         }
4136         *snap_size = le64_to_cpu(size_buf.size);
4137
4138         dout("  snap_id 0x%016llx snap_size = %llu\n",
4139                 (unsigned long long)snap_id,
4140                 (unsigned long long)*snap_size);
4141
4142         return 0;
4143 }
4144
4145 static int rbd_dev_v2_image_size(struct rbd_device *rbd_dev)
4146 {
4147         return _rbd_dev_v2_snap_size(rbd_dev, CEPH_NOSNAP,
4148                                         &rbd_dev->header.obj_order,
4149                                         &rbd_dev->header.image_size);
4150 }
4151
4152 static int rbd_dev_v2_object_prefix(struct rbd_device *rbd_dev)
4153 {
4154         void *reply_buf;
4155         int ret;
4156         void *p;
4157
4158         reply_buf = kzalloc(RBD_OBJ_PREFIX_LEN_MAX, GFP_KERNEL);
4159         if (!reply_buf)
4160                 return -ENOMEM;
4161
4162         ret = rbd_obj_method_sync(rbd_dev, rbd_dev->header_name,
4163                                 "rbd", "get_object_prefix", NULL, 0,
4164                                 reply_buf, RBD_OBJ_PREFIX_LEN_MAX);
4165         dout("%s: rbd_obj_method_sync returned %d\n", __func__, ret);
4166         if (ret < 0)
4167                 goto out;
4168
4169         p = reply_buf;
4170         rbd_dev->header.object_prefix = ceph_extract_encoded_string(&p,
4171                                                 p + ret, NULL, GFP_NOIO);
4172         ret = 0;
4173
4174         if (IS_ERR(rbd_dev->header.object_prefix)) {
4175                 ret = PTR_ERR(rbd_dev->header.object_prefix);
4176                 rbd_dev->header.object_prefix = NULL;
4177         } else {
4178                 dout("  object_prefix = %s\n", rbd_dev->header.object_prefix);
4179         }
4180 out:
4181         kfree(reply_buf);
4182
4183         return ret;
4184 }
4185
4186 static int _rbd_dev_v2_snap_features(struct rbd_device *rbd_dev, u64 snap_id,
4187                 u64 *snap_features)
4188 {
4189         __le64 snapid = cpu_to_le64(snap_id);
4190         struct {
4191                 __le64 features;
4192                 __le64 incompat;
4193         } __attribute__ ((packed)) features_buf = { 0 };
4194         u64 incompat;
4195         int ret;
4196
4197         ret = rbd_obj_method_sync(rbd_dev, rbd_dev->header_name,
4198                                 "rbd", "get_features",
4199                                 &snapid, sizeof (snapid),
4200                                 &features_buf, sizeof (features_buf));
4201         dout("%s: rbd_obj_method_sync returned %d\n", __func__, ret);
4202         if (ret < 0)
4203                 return ret;
4204         if (ret < sizeof (features_buf))
4205                 return -ERANGE;
4206
4207         incompat = le64_to_cpu(features_buf.incompat);
4208         if (incompat & ~RBD_FEATURES_SUPPORTED)
4209                 return -ENXIO;
4210
4211         *snap_features = le64_to_cpu(features_buf.features);
4212
4213         dout("  snap_id 0x%016llx features = 0x%016llx incompat = 0x%016llx\n",
4214                 (unsigned long long)snap_id,
4215                 (unsigned long long)*snap_features,
4216                 (unsigned long long)le64_to_cpu(features_buf.incompat));
4217
4218         return 0;
4219 }
4220
4221 static int rbd_dev_v2_features(struct rbd_device *rbd_dev)
4222 {
4223         return _rbd_dev_v2_snap_features(rbd_dev, CEPH_NOSNAP,
4224                                                 &rbd_dev->header.features);
4225 }
4226
4227 static int rbd_dev_v2_parent_info(struct rbd_device *rbd_dev)
4228 {
4229         struct rbd_spec *parent_spec;
4230         size_t size;
4231         void *reply_buf = NULL;
4232         __le64 snapid;
4233         void *p;
4234         void *end;
4235         u64 pool_id;
4236         char *image_id;
4237         u64 snap_id;
4238         u64 overlap;
4239         int ret;
4240
4241         parent_spec = rbd_spec_alloc();
4242         if (!parent_spec)
4243                 return -ENOMEM;
4244
4245         size = sizeof (__le64) +                                /* pool_id */
4246                 sizeof (__le32) + RBD_IMAGE_ID_LEN_MAX +        /* image_id */
4247                 sizeof (__le64) +                               /* snap_id */
4248                 sizeof (__le64);                                /* overlap */
4249         reply_buf = kmalloc(size, GFP_KERNEL);
4250         if (!reply_buf) {
4251                 ret = -ENOMEM;
4252                 goto out_err;
4253         }
4254
4255         snapid = cpu_to_le64(rbd_dev->spec->snap_id);
4256         ret = rbd_obj_method_sync(rbd_dev, rbd_dev->header_name,
4257                                 "rbd", "get_parent",
4258                                 &snapid, sizeof (snapid),
4259                                 reply_buf, size);
4260         dout("%s: rbd_obj_method_sync returned %d\n", __func__, ret);
4261         if (ret < 0)
4262                 goto out_err;
4263
4264         p = reply_buf;
4265         end = reply_buf + ret;
4266         ret = -ERANGE;
4267         ceph_decode_64_safe(&p, end, pool_id, out_err);
4268         if (pool_id == CEPH_NOPOOL) {
4269                 /*
4270                  * Either the parent never existed, or we have
4271                  * record of it but the image got flattened so it no
4272                  * longer has a parent.  When the parent of a
4273                  * layered image disappears we immediately set the
4274                  * overlap to 0.  The effect of this is that all new
4275                  * requests will be treated as if the image had no
4276                  * parent.
4277                  */
4278                 if (rbd_dev->parent_overlap) {
4279                         rbd_dev->parent_overlap = 0;
4280                         rbd_dev_parent_put(rbd_dev);
4281                         pr_info("%s: clone image has been flattened\n",
4282                                 rbd_dev->disk->disk_name);
4283                 }
4284
4285                 goto out;       /* No parent?  No problem. */
4286         }
4287
4288         /* The ceph file layout needs to fit pool id in 32 bits */
4289
4290         ret = -EIO;
4291         if (pool_id > (u64)U32_MAX) {
4292                 rbd_warn(NULL, "parent pool id too large (%llu > %u)",
4293                         (unsigned long long)pool_id, U32_MAX);
4294                 goto out_err;
4295         }
4296
4297         image_id = ceph_extract_encoded_string(&p, end, NULL, GFP_KERNEL);
4298         if (IS_ERR(image_id)) {
4299                 ret = PTR_ERR(image_id);
4300                 goto out_err;
4301         }
4302         ceph_decode_64_safe(&p, end, snap_id, out_err);
4303         ceph_decode_64_safe(&p, end, overlap, out_err);
4304
4305         /*
4306          * The parent won't change (except when the clone is
4307          * flattened, already handled that).  So we only need to
4308          * record the parent spec we have not already done so.
4309          */
4310         if (!rbd_dev->parent_spec) {
4311                 parent_spec->pool_id = pool_id;
4312                 parent_spec->image_id = image_id;
4313                 parent_spec->snap_id = snap_id;
4314                 rbd_dev->parent_spec = parent_spec;
4315                 parent_spec = NULL;     /* rbd_dev now owns this */
4316         } else {
4317                 kfree(image_id);
4318         }
4319
4320         /*
4321          * We always update the parent overlap.  If it's zero we issue
4322          * a warning, as we will proceed as if there was no parent.
4323          */
4324         if (!overlap) {
4325                 if (parent_spec) {
4326                         /* refresh, careful to warn just once */
4327                         if (rbd_dev->parent_overlap)
4328                                 rbd_warn(rbd_dev,
4329                                     "clone now standalone (overlap became 0)");
4330                 } else {
4331                         /* initial probe */
4332                         rbd_warn(rbd_dev, "clone is standalone (overlap 0)");
4333                 }
4334         }
4335         rbd_dev->parent_overlap = overlap;
4336
4337 out:
4338         ret = 0;
4339 out_err:
4340         kfree(reply_buf);
4341         rbd_spec_put(parent_spec);
4342
4343         return ret;
4344 }
4345
4346 static int rbd_dev_v2_striping_info(struct rbd_device *rbd_dev)
4347 {
4348         struct {
4349                 __le64 stripe_unit;
4350                 __le64 stripe_count;
4351         } __attribute__ ((packed)) striping_info_buf = { 0 };
4352         size_t size = sizeof (striping_info_buf);
4353         void *p;
4354         u64 obj_size;
4355         u64 stripe_unit;
4356         u64 stripe_count;
4357         int ret;
4358
4359         ret = rbd_obj_method_sync(rbd_dev, rbd_dev->header_name,
4360                                 "rbd", "get_stripe_unit_count", NULL, 0,
4361                                 (char *)&striping_info_buf, size);
4362         dout("%s: rbd_obj_method_sync returned %d\n", __func__, ret);
4363         if (ret < 0)
4364                 return ret;
4365         if (ret < size)
4366                 return -ERANGE;
4367
4368         /*
4369          * We don't actually support the "fancy striping" feature
4370          * (STRIPINGV2) yet, but if the striping sizes are the
4371          * defaults the behavior is the same as before.  So find
4372          * out, and only fail if the image has non-default values.
4373          */
4374         ret = -EINVAL;
4375         obj_size = (u64)1 << rbd_dev->header.obj_order;
4376         p = &striping_info_buf;
4377         stripe_unit = ceph_decode_64(&p);
4378         if (stripe_unit != obj_size) {
4379                 rbd_warn(rbd_dev, "unsupported stripe unit "
4380                                 "(got %llu want %llu)",
4381                                 stripe_unit, obj_size);
4382                 return -EINVAL;
4383         }
4384         stripe_count = ceph_decode_64(&p);
4385         if (stripe_count != 1) {
4386                 rbd_warn(rbd_dev, "unsupported stripe count "
4387                                 "(got %llu want 1)", stripe_count);
4388                 return -EINVAL;
4389         }
4390         rbd_dev->header.stripe_unit = stripe_unit;
4391         rbd_dev->header.stripe_count = stripe_count;
4392
4393         return 0;
4394 }
4395
4396 static char *rbd_dev_image_name(struct rbd_device *rbd_dev)
4397 {
4398         size_t image_id_size;
4399         char *image_id;
4400         void *p;
4401         void *end;
4402         size_t size;
4403         void *reply_buf = NULL;
4404         size_t len = 0;
4405         char *image_name = NULL;
4406         int ret;
4407
4408         rbd_assert(!rbd_dev->spec->image_name);
4409
4410         len = strlen(rbd_dev->spec->image_id);
4411         image_id_size = sizeof (__le32) + len;
4412         image_id = kmalloc(image_id_size, GFP_KERNEL);
4413         if (!image_id)
4414                 return NULL;
4415
4416         p = image_id;
4417         end = image_id + image_id_size;
4418         ceph_encode_string(&p, end, rbd_dev->spec->image_id, (u32)len);
4419
4420         size = sizeof (__le32) + RBD_IMAGE_NAME_LEN_MAX;
4421         reply_buf = kmalloc(size, GFP_KERNEL);
4422         if (!reply_buf)
4423                 goto out;
4424
4425         ret = rbd_obj_method_sync(rbd_dev, RBD_DIRECTORY,
4426                                 "rbd", "dir_get_name",
4427                                 image_id, image_id_size,
4428                                 reply_buf, size);
4429         if (ret < 0)
4430                 goto out;
4431         p = reply_buf;
4432         end = reply_buf + ret;
4433
4434         image_name = ceph_extract_encoded_string(&p, end, &len, GFP_KERNEL);
4435         if (IS_ERR(image_name))
4436                 image_name = NULL;
4437         else
4438                 dout("%s: name is %s len is %zd\n", __func__, image_name, len);
4439 out:
4440         kfree(reply_buf);
4441         kfree(image_id);
4442
4443         return image_name;
4444 }
4445
4446 static u64 rbd_v1_snap_id_by_name(struct rbd_device *rbd_dev, const char *name)
4447 {
4448         struct ceph_snap_context *snapc = rbd_dev->header.snapc;
4449         const char *snap_name;
4450         u32 which = 0;
4451
4452         /* Skip over names until we find the one we are looking for */
4453
4454         snap_name = rbd_dev->header.snap_names;
4455         while (which < snapc->num_snaps) {
4456                 if (!strcmp(name, snap_name))
4457                         return snapc->snaps[which];
4458                 snap_name += strlen(snap_name) + 1;
4459                 which++;
4460         }
4461         return CEPH_NOSNAP;
4462 }
4463
4464 static u64 rbd_v2_snap_id_by_name(struct rbd_device *rbd_dev, const char *name)
4465 {
4466         struct ceph_snap_context *snapc = rbd_dev->header.snapc;
4467         u32 which;
4468         bool found = false;
4469         u64 snap_id;
4470
4471         for (which = 0; !found && which < snapc->num_snaps; which++) {
4472                 const char *snap_name;
4473
4474                 snap_id = snapc->snaps[which];
4475                 snap_name = rbd_dev_v2_snap_name(rbd_dev, snap_id);
4476                 if (IS_ERR(snap_name)) {
4477                         /* ignore no-longer existing snapshots */
4478                         if (PTR_ERR(snap_name) == -ENOENT)
4479                                 continue;
4480                         else
4481                                 break;
4482                 }
4483                 found = !strcmp(name, snap_name);
4484                 kfree(snap_name);
4485         }
4486         return found ? snap_id : CEPH_NOSNAP;
4487 }
4488
4489 /*
4490  * Assumes name is never RBD_SNAP_HEAD_NAME; returns CEPH_NOSNAP if
4491  * no snapshot by that name is found, or if an error occurs.
4492  */
4493 static u64 rbd_snap_id_by_name(struct rbd_device *rbd_dev, const char *name)
4494 {
4495         if (rbd_dev->image_format == 1)
4496                 return rbd_v1_snap_id_by_name(rbd_dev, name);
4497
4498         return rbd_v2_snap_id_by_name(rbd_dev, name);
4499 }
4500
4501 /*
4502  * An image being mapped will have everything but the snap id.
4503  */
4504 static int rbd_spec_fill_snap_id(struct rbd_device *rbd_dev)
4505 {
4506         struct rbd_spec *spec = rbd_dev->spec;
4507
4508         rbd_assert(spec->pool_id != CEPH_NOPOOL && spec->pool_name);
4509         rbd_assert(spec->image_id && spec->image_name);
4510         rbd_assert(spec->snap_name);
4511
4512         if (strcmp(spec->snap_name, RBD_SNAP_HEAD_NAME)) {
4513                 u64 snap_id;
4514
4515                 snap_id = rbd_snap_id_by_name(rbd_dev, spec->snap_name);
4516                 if (snap_id == CEPH_NOSNAP)
4517                         return -ENOENT;
4518
4519                 spec->snap_id = snap_id;
4520         } else {
4521                 spec->snap_id = CEPH_NOSNAP;
4522         }
4523
4524         return 0;
4525 }
4526
4527 /*
4528  * A parent image will have all ids but none of the names.
4529  *
4530  * All names in an rbd spec are dynamically allocated.  It's OK if we
4531  * can't figure out the name for an image id.
4532  */
4533 static int rbd_spec_fill_names(struct rbd_device *rbd_dev)
4534 {
4535         struct ceph_osd_client *osdc = &rbd_dev->rbd_client->client->osdc;
4536         struct rbd_spec *spec = rbd_dev->spec;
4537         const char *pool_name;
4538         const char *image_name;
4539         const char *snap_name;
4540         int ret;
4541
4542         rbd_assert(spec->pool_id != CEPH_NOPOOL);
4543         rbd_assert(spec->image_id);
4544         rbd_assert(spec->snap_id != CEPH_NOSNAP);
4545
4546         /* Get the pool name; we have to make our own copy of this */
4547
4548         pool_name = ceph_pg_pool_name_by_id(osdc->osdmap, spec->pool_id);
4549         if (!pool_name) {
4550                 rbd_warn(rbd_dev, "no pool with id %llu", spec->pool_id);
4551                 return -EIO;
4552         }
4553         pool_name = kstrdup(pool_name, GFP_KERNEL);
4554         if (!pool_name)
4555                 return -ENOMEM;
4556
4557         /* Fetch the image name; tolerate failure here */
4558
4559         image_name = rbd_dev_image_name(rbd_dev);
4560         if (!image_name)
4561                 rbd_warn(rbd_dev, "unable to get image name");
4562
4563         /* Fetch the snapshot name */
4564
4565         snap_name = rbd_snap_name(rbd_dev, spec->snap_id);
4566         if (IS_ERR(snap_name)) {
4567                 ret = PTR_ERR(snap_name);
4568                 goto out_err;
4569         }
4570
4571         spec->pool_name = pool_name;
4572         spec->image_name = image_name;
4573         spec->snap_name = snap_name;
4574
4575         return 0;
4576
4577 out_err:
4578         kfree(image_name);
4579         kfree(pool_name);
4580         return ret;
4581 }
4582
4583 static int rbd_dev_v2_snap_context(struct rbd_device *rbd_dev)
4584 {
4585         size_t size;
4586         int ret;
4587         void *reply_buf;
4588         void *p;
4589         void *end;
4590         u64 seq;
4591         u32 snap_count;
4592         struct ceph_snap_context *snapc;
4593         u32 i;
4594
4595         /*
4596          * We'll need room for the seq value (maximum snapshot id),
4597          * snapshot count, and array of that many snapshot ids.
4598          * For now we have a fixed upper limit on the number we're
4599          * prepared to receive.
4600          */
4601         size = sizeof (__le64) + sizeof (__le32) +
4602                         RBD_MAX_SNAP_COUNT * sizeof (__le64);
4603         reply_buf = kzalloc(size, GFP_KERNEL);
4604         if (!reply_buf)
4605                 return -ENOMEM;
4606
4607         ret = rbd_obj_method_sync(rbd_dev, rbd_dev->header_name,
4608                                 "rbd", "get_snapcontext", NULL, 0,
4609                                 reply_buf, size);
4610         dout("%s: rbd_obj_method_sync returned %d\n", __func__, ret);
4611         if (ret < 0)
4612                 goto out;
4613
4614         p = reply_buf;
4615         end = reply_buf + ret;
4616         ret = -ERANGE;
4617         ceph_decode_64_safe(&p, end, seq, out);
4618         ceph_decode_32_safe(&p, end, snap_count, out);
4619
4620         /*
4621          * Make sure the reported number of snapshot ids wouldn't go
4622          * beyond the end of our buffer.  But before checking that,
4623          * make sure the computed size of the snapshot context we
4624          * allocate is representable in a size_t.
4625          */
4626         if (snap_count > (SIZE_MAX - sizeof (struct ceph_snap_context))
4627                                  / sizeof (u64)) {
4628                 ret = -EINVAL;
4629                 goto out;
4630         }
4631         if (!ceph_has_room(&p, end, snap_count * sizeof (__le64)))
4632                 goto out;
4633         ret = 0;
4634
4635         snapc = ceph_create_snap_context(snap_count, GFP_KERNEL);
4636         if (!snapc) {
4637                 ret = -ENOMEM;
4638                 goto out;
4639         }
4640         snapc->seq = seq;
4641         for (i = 0; i < snap_count; i++)
4642                 snapc->snaps[i] = ceph_decode_64(&p);
4643
4644         ceph_put_snap_context(rbd_dev->header.snapc);
4645         rbd_dev->header.snapc = snapc;
4646
4647         dout("  snap context seq = %llu, snap_count = %u\n",
4648                 (unsigned long long)seq, (unsigned int)snap_count);
4649 out:
4650         kfree(reply_buf);
4651
4652         return ret;
4653 }
4654
4655 static const char *rbd_dev_v2_snap_name(struct rbd_device *rbd_dev,
4656                                         u64 snap_id)
4657 {
4658         size_t size;
4659         void *reply_buf;
4660         __le64 snapid;
4661         int ret;
4662         void *p;
4663         void *end;
4664         char *snap_name;
4665
4666         size = sizeof (__le32) + RBD_MAX_SNAP_NAME_LEN;
4667         reply_buf = kmalloc(size, GFP_KERNEL);
4668         if (!reply_buf)
4669                 return ERR_PTR(-ENOMEM);
4670
4671         snapid = cpu_to_le64(snap_id);
4672         ret = rbd_obj_method_sync(rbd_dev, rbd_dev->header_name,
4673                                 "rbd", "get_snapshot_name",
4674                                 &snapid, sizeof (snapid),
4675                                 reply_buf, size);
4676         dout("%s: rbd_obj_method_sync returned %d\n", __func__, ret);
4677         if (ret < 0) {
4678                 snap_name = ERR_PTR(ret);
4679                 goto out;
4680         }
4681
4682         p = reply_buf;
4683         end = reply_buf + ret;
4684         snap_name = ceph_extract_encoded_string(&p, end, NULL, GFP_KERNEL);
4685         if (IS_ERR(snap_name))
4686                 goto out;
4687
4688         dout("  snap_id 0x%016llx snap_name = %s\n",
4689                 (unsigned long long)snap_id, snap_name);
4690 out:
4691         kfree(reply_buf);
4692
4693         return snap_name;
4694 }
4695
4696 static int rbd_dev_v2_header_info(struct rbd_device *rbd_dev)
4697 {
4698         bool first_time = rbd_dev->header.object_prefix == NULL;
4699         int ret;
4700
4701         ret = rbd_dev_v2_image_size(rbd_dev);
4702         if (ret)
4703                 return ret;
4704
4705         if (first_time) {
4706                 ret = rbd_dev_v2_header_onetime(rbd_dev);
4707                 if (ret)
4708                         return ret;
4709         }
4710
4711         ret = rbd_dev_v2_snap_context(rbd_dev);
4712         if (ret && first_time) {
4713                 kfree(rbd_dev->header.object_prefix);
4714                 rbd_dev->header.object_prefix = NULL;
4715         }
4716
4717         return ret;
4718 }
4719
4720 static int rbd_dev_header_info(struct rbd_device *rbd_dev)
4721 {
4722         rbd_assert(rbd_image_format_valid(rbd_dev->image_format));
4723
4724         if (rbd_dev->image_format == 1)
4725                 return rbd_dev_v1_header_info(rbd_dev);
4726
4727         return rbd_dev_v2_header_info(rbd_dev);
4728 }
4729
4730 /*
4731  * Get a unique rbd identifier for the given new rbd_dev, and add
4732  * the rbd_dev to the global list.
4733  */
4734 static int rbd_dev_id_get(struct rbd_device *rbd_dev)
4735 {
4736         int new_dev_id;
4737
4738         new_dev_id = ida_simple_get(&rbd_dev_id_ida,
4739                                     0, minor_to_rbd_dev_id(1 << MINORBITS),
4740                                     GFP_KERNEL);
4741         if (new_dev_id < 0)
4742                 return new_dev_id;
4743
4744         rbd_dev->dev_id = new_dev_id;
4745
4746         spin_lock(&rbd_dev_list_lock);
4747         list_add_tail(&rbd_dev->node, &rbd_dev_list);
4748         spin_unlock(&rbd_dev_list_lock);
4749
4750         dout("rbd_dev %p given dev id %d\n", rbd_dev, rbd_dev->dev_id);
4751
4752         return 0;
4753 }
4754
4755 /*
4756  * Remove an rbd_dev from the global list, and record that its
4757  * identifier is no longer in use.
4758  */
4759 static void rbd_dev_id_put(struct rbd_device *rbd_dev)
4760 {
4761         spin_lock(&rbd_dev_list_lock);
4762         list_del_init(&rbd_dev->node);
4763         spin_unlock(&rbd_dev_list_lock);
4764
4765         ida_simple_remove(&rbd_dev_id_ida, rbd_dev->dev_id);
4766
4767         dout("rbd_dev %p released dev id %d\n", rbd_dev, rbd_dev->dev_id);
4768 }
4769
4770 /*
4771  * Skips over white space at *buf, and updates *buf to point to the
4772  * first found non-space character (if any). Returns the length of
4773  * the token (string of non-white space characters) found.  Note
4774  * that *buf must be terminated with '\0'.
4775  */
4776 static inline size_t next_token(const char **buf)
4777 {
4778         /*
4779         * These are the characters that produce nonzero for
4780         * isspace() in the "C" and "POSIX" locales.
4781         */
4782         const char *spaces = " \f\n\r\t\v";
4783
4784         *buf += strspn(*buf, spaces);   /* Find start of token */
4785
4786         return strcspn(*buf, spaces);   /* Return token length */
4787 }
4788
4789 /*
4790  * Finds the next token in *buf, dynamically allocates a buffer big
4791  * enough to hold a copy of it, and copies the token into the new
4792  * buffer.  The copy is guaranteed to be terminated with '\0'.  Note
4793  * that a duplicate buffer is created even for a zero-length token.
4794  *
4795  * Returns a pointer to the newly-allocated duplicate, or a null
4796  * pointer if memory for the duplicate was not available.  If
4797  * the lenp argument is a non-null pointer, the length of the token
4798  * (not including the '\0') is returned in *lenp.
4799  *
4800  * If successful, the *buf pointer will be updated to point beyond
4801  * the end of the found token.
4802  *
4803  * Note: uses GFP_KERNEL for allocation.
4804  */
4805 static inline char *dup_token(const char **buf, size_t *lenp)
4806 {
4807         char *dup;
4808         size_t len;
4809
4810         len = next_token(buf);
4811         dup = kmemdup(*buf, len + 1, GFP_KERNEL);
4812         if (!dup)
4813                 return NULL;
4814         *(dup + len) = '\0';
4815         *buf += len;
4816
4817         if (lenp)
4818                 *lenp = len;
4819
4820         return dup;
4821 }
4822
4823 /*
4824  * Parse the options provided for an "rbd add" (i.e., rbd image
4825  * mapping) request.  These arrive via a write to /sys/bus/rbd/add,
4826  * and the data written is passed here via a NUL-terminated buffer.
4827  * Returns 0 if successful or an error code otherwise.
4828  *
4829  * The information extracted from these options is recorded in
4830  * the other parameters which return dynamically-allocated
4831  * structures:
4832  *  ceph_opts
4833  *      The address of a pointer that will refer to a ceph options
4834  *      structure.  Caller must release the returned pointer using
4835  *      ceph_destroy_options() when it is no longer needed.
4836  *  rbd_opts
4837  *      Address of an rbd options pointer.  Fully initialized by
4838  *      this function; caller must release with kfree().
4839  *  spec
4840  *      Address of an rbd image specification pointer.  Fully
4841  *      initialized by this function based on parsed options.
4842  *      Caller must release with rbd_spec_put().
4843  *
4844  * The options passed take this form:
4845  *  <mon_addrs> <options> <pool_name> <image_name> [<snap_id>]
4846  * where:
4847  *  <mon_addrs>
4848  *      A comma-separated list of one or more monitor addresses.
4849  *      A monitor address is an ip address, optionally followed
4850  *      by a port number (separated by a colon).
4851  *        I.e.:  ip1[:port1][,ip2[:port2]...]
4852  *  <options>
4853  *      A comma-separated list of ceph and/or rbd options.
4854  *  <pool_name>
4855  *      The name of the rados pool containing the rbd image.
4856  *  <image_name>
4857  *      The name of the image in that pool to map.
4858  *  <snap_id>
4859  *      An optional snapshot id.  If provided, the mapping will
4860  *      present data from the image at the time that snapshot was
4861  *      created.  The image head is used if no snapshot id is
4862  *      provided.  Snapshot mappings are always read-only.
4863  */
4864 static int rbd_add_parse_args(const char *buf,
4865                                 struct ceph_options **ceph_opts,
4866                                 struct rbd_options **opts,
4867                                 struct rbd_spec **rbd_spec)
4868 {
4869         size_t len;
4870         char *options;
4871         const char *mon_addrs;
4872         char *snap_name;
4873         size_t mon_addrs_size;
4874         struct rbd_spec *spec = NULL;
4875         struct rbd_options *rbd_opts = NULL;
4876         struct ceph_options *copts;
4877         int ret;
4878
4879         /* The first four tokens are required */
4880
4881         len = next_token(&buf);
4882         if (!len) {
4883                 rbd_warn(NULL, "no monitor address(es) provided");
4884                 return -EINVAL;
4885         }
4886         mon_addrs = buf;
4887         mon_addrs_size = len + 1;
4888         buf += len;
4889
4890         ret = -EINVAL;
4891         options = dup_token(&buf, NULL);
4892         if (!options)
4893                 return -ENOMEM;
4894         if (!*options) {
4895                 rbd_warn(NULL, "no options provided");
4896                 goto out_err;
4897         }
4898
4899         spec = rbd_spec_alloc();
4900         if (!spec)
4901                 goto out_mem;
4902
4903         spec->pool_name = dup_token(&buf, NULL);
4904         if (!spec->pool_name)
4905                 goto out_mem;
4906         if (!*spec->pool_name) {
4907                 rbd_warn(NULL, "no pool name provided");
4908                 goto out_err;
4909         }
4910
4911         spec->image_name = dup_token(&buf, NULL);
4912         if (!spec->image_name)
4913                 goto out_mem;
4914         if (!*spec->image_name) {
4915                 rbd_warn(NULL, "no image name provided");
4916                 goto out_err;
4917         }
4918
4919         /*
4920          * Snapshot name is optional; default is to use "-"
4921          * (indicating the head/no snapshot).
4922          */
4923         len = next_token(&buf);
4924         if (!len) {
4925                 buf = RBD_SNAP_HEAD_NAME; /* No snapshot supplied */
4926                 len = sizeof (RBD_SNAP_HEAD_NAME) - 1;
4927         } else if (len > RBD_MAX_SNAP_NAME_LEN) {
4928                 ret = -ENAMETOOLONG;
4929                 goto out_err;
4930         }
4931         snap_name = kmemdup(buf, len + 1, GFP_KERNEL);
4932         if (!snap_name)
4933                 goto out_mem;
4934         *(snap_name + len) = '\0';
4935         spec->snap_name = snap_name;
4936
4937         /* Initialize all rbd options to the defaults */
4938
4939         rbd_opts = kzalloc(sizeof (*rbd_opts), GFP_KERNEL);
4940         if (!rbd_opts)
4941                 goto out_mem;
4942
4943         rbd_opts->read_only = RBD_READ_ONLY_DEFAULT;
4944         rbd_opts->queue_depth = RBD_QUEUE_DEPTH_DEFAULT;
4945
4946         copts = ceph_parse_options(options, mon_addrs,
4947                                         mon_addrs + mon_addrs_size - 1,
4948                                         parse_rbd_opts_token, rbd_opts);
4949         if (IS_ERR(copts)) {
4950                 ret = PTR_ERR(copts);
4951                 goto out_err;
4952         }
4953         kfree(options);
4954
4955         *ceph_opts = copts;
4956         *opts = rbd_opts;
4957         *rbd_spec = spec;
4958
4959         return 0;
4960 out_mem:
4961         ret = -ENOMEM;
4962 out_err:
4963         kfree(rbd_opts);
4964         rbd_spec_put(spec);
4965         kfree(options);
4966
4967         return ret;
4968 }
4969
4970 /*
4971  * Return pool id (>= 0) or a negative error code.
4972  */
4973 static int rbd_add_get_pool_id(struct rbd_client *rbdc, const char *pool_name)
4974 {
4975         struct ceph_options *opts = rbdc->client->options;
4976         u64 newest_epoch;
4977         int tries = 0;
4978         int ret;
4979
4980 again:
4981         ret = ceph_pg_poolid_by_name(rbdc->client->osdc.osdmap, pool_name);
4982         if (ret == -ENOENT && tries++ < 1) {
4983                 ret = ceph_monc_do_get_version(&rbdc->client->monc, "osdmap",
4984                                                &newest_epoch);
4985                 if (ret < 0)
4986                         return ret;
4987
4988                 if (rbdc->client->osdc.osdmap->epoch < newest_epoch) {
4989                         ceph_monc_request_next_osdmap(&rbdc->client->monc);
4990                         (void) ceph_monc_wait_osdmap(&rbdc->client->monc,
4991                                                      newest_epoch,
4992                                                      opts->mount_timeout);
4993                         goto again;
4994                 } else {
4995                         /* the osdmap we have is new enough */
4996                         return -ENOENT;
4997                 }
4998         }
4999
5000         return ret;
5001 }
5002
5003 /*
5004  * An rbd format 2 image has a unique identifier, distinct from the
5005  * name given to it by the user.  Internally, that identifier is
5006  * what's used to specify the names of objects related to the image.
5007  *
5008  * A special "rbd id" object is used to map an rbd image name to its
5009  * id.  If that object doesn't exist, then there is no v2 rbd image
5010  * with the supplied name.
5011  *
5012  * This function will record the given rbd_dev's image_id field if
5013  * it can be determined, and in that case will return 0.  If any
5014  * errors occur a negative errno will be returned and the rbd_dev's
5015  * image_id field will be unchanged (and should be NULL).
5016  */
5017 static int rbd_dev_image_id(struct rbd_device *rbd_dev)
5018 {
5019         int ret;
5020         size_t size;
5021         char *object_name;
5022         void *response;
5023         char *image_id;
5024
5025         /*
5026          * When probing a parent image, the image id is already
5027          * known (and the image name likely is not).  There's no
5028          * need to fetch the image id again in this case.  We
5029          * do still need to set the image format though.
5030          */
5031         if (rbd_dev->spec->image_id) {
5032                 rbd_dev->image_format = *rbd_dev->spec->image_id ? 2 : 1;
5033
5034                 return 0;
5035         }
5036
5037         /*
5038          * First, see if the format 2 image id file exists, and if
5039          * so, get the image's persistent id from it.
5040          */
5041         size = sizeof (RBD_ID_PREFIX) + strlen(rbd_dev->spec->image_name);
5042         object_name = kmalloc(size, GFP_NOIO);
5043         if (!object_name)
5044                 return -ENOMEM;
5045         sprintf(object_name, "%s%s", RBD_ID_PREFIX, rbd_dev->spec->image_name);
5046         dout("rbd id object name is %s\n", object_name);
5047
5048         /* Response will be an encoded string, which includes a length */
5049
5050         size = sizeof (__le32) + RBD_IMAGE_ID_LEN_MAX;
5051         response = kzalloc(size, GFP_NOIO);
5052         if (!response) {
5053                 ret = -ENOMEM;
5054                 goto out;
5055         }
5056
5057         /* If it doesn't exist we'll assume it's a format 1 image */
5058
5059         ret = rbd_obj_method_sync(rbd_dev, object_name,
5060                                 "rbd", "get_id", NULL, 0,
5061                                 response, RBD_IMAGE_ID_LEN_MAX);
5062         dout("%s: rbd_obj_method_sync returned %d\n", __func__, ret);
5063         if (ret == -ENOENT) {
5064                 image_id = kstrdup("", GFP_KERNEL);
5065                 ret = image_id ? 0 : -ENOMEM;
5066                 if (!ret)
5067                         rbd_dev->image_format = 1;
5068         } else if (ret >= 0) {
5069                 void *p = response;
5070
5071                 image_id = ceph_extract_encoded_string(&p, p + ret,
5072                                                 NULL, GFP_NOIO);
5073                 ret = PTR_ERR_OR_ZERO(image_id);
5074                 if (!ret)
5075                         rbd_dev->image_format = 2;
5076         }
5077
5078         if (!ret) {
5079                 rbd_dev->spec->image_id = image_id;
5080                 dout("image_id is %s\n", image_id);
5081         }
5082 out:
5083         kfree(response);
5084         kfree(object_name);
5085
5086         return ret;
5087 }
5088
5089 /*
5090  * Undo whatever state changes are made by v1 or v2 header info
5091  * call.
5092  */
5093 static void rbd_dev_unprobe(struct rbd_device *rbd_dev)
5094 {
5095         struct rbd_image_header *header;
5096
5097         rbd_dev_parent_put(rbd_dev);
5098
5099         /* Free dynamic fields from the header, then zero it out */
5100
5101         header = &rbd_dev->header;
5102         ceph_put_snap_context(header->snapc);
5103         kfree(header->snap_sizes);
5104         kfree(header->snap_names);
5105         kfree(header->object_prefix);
5106         memset(header, 0, sizeof (*header));
5107 }
5108
5109 static int rbd_dev_v2_header_onetime(struct rbd_device *rbd_dev)
5110 {
5111         int ret;
5112
5113         ret = rbd_dev_v2_object_prefix(rbd_dev);
5114         if (ret)
5115                 goto out_err;
5116
5117         /*
5118          * Get the and check features for the image.  Currently the
5119          * features are assumed to never change.
5120          */
5121         ret = rbd_dev_v2_features(rbd_dev);
5122         if (ret)
5123                 goto out_err;
5124
5125         /* If the image supports fancy striping, get its parameters */
5126
5127         if (rbd_dev->header.features & RBD_FEATURE_STRIPINGV2) {
5128                 ret = rbd_dev_v2_striping_info(rbd_dev);
5129                 if (ret < 0)
5130                         goto out_err;
5131         }
5132         /* No support for crypto and compression type format 2 images */
5133
5134         return 0;
5135 out_err:
5136         rbd_dev->header.features = 0;
5137         kfree(rbd_dev->header.object_prefix);
5138         rbd_dev->header.object_prefix = NULL;
5139
5140         return ret;
5141 }
5142
5143 /*
5144  * @depth is rbd_dev_image_probe() -> rbd_dev_probe_parent() ->
5145  * rbd_dev_image_probe() recursion depth, which means it's also the
5146  * length of the already discovered part of the parent chain.
5147  */
5148 static int rbd_dev_probe_parent(struct rbd_device *rbd_dev, int depth)
5149 {
5150         struct rbd_device *parent = NULL;
5151         int ret;
5152
5153         if (!rbd_dev->parent_spec)
5154                 return 0;
5155
5156         if (++depth > RBD_MAX_PARENT_CHAIN_LEN) {
5157                 pr_info("parent chain is too long (%d)\n", depth);
5158                 ret = -EINVAL;
5159                 goto out_err;
5160         }
5161
5162         parent = rbd_dev_create(rbd_dev->rbd_client, rbd_dev->parent_spec,
5163                                 NULL);
5164         if (!parent) {
5165                 ret = -ENOMEM;
5166                 goto out_err;
5167         }
5168
5169         /*
5170          * Images related by parent/child relationships always share
5171          * rbd_client and spec/parent_spec, so bump their refcounts.
5172          */
5173         __rbd_get_client(rbd_dev->rbd_client);
5174         rbd_spec_get(rbd_dev->parent_spec);
5175
5176         ret = rbd_dev_image_probe(parent, depth);
5177         if (ret < 0)
5178                 goto out_err;
5179
5180         rbd_dev->parent = parent;
5181         atomic_set(&rbd_dev->parent_ref, 1);
5182         return 0;
5183
5184 out_err:
5185         rbd_dev_unparent(rbd_dev);
5186         rbd_dev_destroy(parent);
5187         return ret;
5188 }
5189
5190 static int rbd_dev_device_setup(struct rbd_device *rbd_dev)
5191 {
5192         int ret;
5193
5194         /* Get an id and fill in device name. */
5195
5196         ret = rbd_dev_id_get(rbd_dev);
5197         if (ret)
5198                 return ret;
5199
5200         BUILD_BUG_ON(DEV_NAME_LEN
5201                         < sizeof (RBD_DRV_NAME) + MAX_INT_FORMAT_WIDTH);
5202         sprintf(rbd_dev->name, "%s%d", RBD_DRV_NAME, rbd_dev->dev_id);
5203
5204         /* Record our major and minor device numbers. */
5205
5206         if (!single_major) {
5207                 ret = register_blkdev(0, rbd_dev->name);
5208                 if (ret < 0)
5209                         goto err_out_id;
5210
5211                 rbd_dev->major = ret;
5212                 rbd_dev->minor = 0;
5213         } else {
5214                 rbd_dev->major = rbd_major;
5215                 rbd_dev->minor = rbd_dev_id_to_minor(rbd_dev->dev_id);
5216         }
5217
5218         /* Set up the blkdev mapping. */
5219
5220         ret = rbd_init_disk(rbd_dev);
5221         if (ret)
5222                 goto err_out_blkdev;
5223
5224         ret = rbd_dev_mapping_set(rbd_dev);
5225         if (ret)
5226                 goto err_out_disk;
5227
5228         set_capacity(rbd_dev->disk, rbd_dev->mapping.size / SECTOR_SIZE);
5229         set_disk_ro(rbd_dev->disk, rbd_dev->mapping.read_only);
5230
5231         dev_set_name(&rbd_dev->dev, "%d", rbd_dev->dev_id);
5232         ret = device_add(&rbd_dev->dev);
5233         if (ret)
5234                 goto err_out_mapping;
5235
5236         /* Everything's ready.  Announce the disk to the world. */
5237
5238         set_bit(RBD_DEV_FLAG_EXISTS, &rbd_dev->flags);
5239         add_disk(rbd_dev->disk);
5240
5241         pr_info("%s: added with size 0x%llx\n", rbd_dev->disk->disk_name,
5242                 (unsigned long long) rbd_dev->mapping.size);
5243
5244         return ret;
5245
5246 err_out_mapping:
5247         rbd_dev_mapping_clear(rbd_dev);
5248 err_out_disk:
5249         rbd_free_disk(rbd_dev);
5250 err_out_blkdev:
5251         if (!single_major)
5252                 unregister_blkdev(rbd_dev->major, rbd_dev->name);
5253 err_out_id:
5254         rbd_dev_id_put(rbd_dev);
5255         return ret;
5256 }
5257
5258 static int rbd_dev_header_name(struct rbd_device *rbd_dev)
5259 {
5260         struct rbd_spec *spec = rbd_dev->spec;
5261         size_t size;
5262
5263         /* Record the header object name for this rbd image. */
5264
5265         rbd_assert(rbd_image_format_valid(rbd_dev->image_format));
5266
5267         if (rbd_dev->image_format == 1)
5268                 size = strlen(spec->image_name) + sizeof (RBD_SUFFIX);
5269         else
5270                 size = sizeof (RBD_HEADER_PREFIX) + strlen(spec->image_id);
5271
5272         rbd_dev->header_name = kmalloc(size, GFP_KERNEL);
5273         if (!rbd_dev->header_name)
5274                 return -ENOMEM;
5275
5276         if (rbd_dev->image_format == 1)
5277                 sprintf(rbd_dev->header_name, "%s%s",
5278                         spec->image_name, RBD_SUFFIX);
5279         else
5280                 sprintf(rbd_dev->header_name, "%s%s",
5281                         RBD_HEADER_PREFIX, spec->image_id);
5282         return 0;
5283 }
5284
5285 static void rbd_dev_image_release(struct rbd_device *rbd_dev)
5286 {
5287         rbd_dev_unprobe(rbd_dev);
5288         kfree(rbd_dev->header_name);
5289         rbd_dev->header_name = NULL;
5290         rbd_dev->image_format = 0;
5291         kfree(rbd_dev->spec->image_id);
5292         rbd_dev->spec->image_id = NULL;
5293
5294         rbd_dev_destroy(rbd_dev);
5295 }
5296
5297 /*
5298  * Probe for the existence of the header object for the given rbd
5299  * device.  If this image is the one being mapped (i.e., not a
5300  * parent), initiate a watch on its header object before using that
5301  * object to get detailed information about the rbd image.
5302  */
5303 static int rbd_dev_image_probe(struct rbd_device *rbd_dev, int depth)
5304 {
5305         int ret;
5306
5307         /*
5308          * Get the id from the image id object.  Unless there's an
5309          * error, rbd_dev->spec->image_id will be filled in with
5310          * a dynamically-allocated string, and rbd_dev->image_format
5311          * will be set to either 1 or 2.
5312          */
5313         ret = rbd_dev_image_id(rbd_dev);
5314         if (ret)
5315                 return ret;
5316
5317         ret = rbd_dev_header_name(rbd_dev);
5318         if (ret)
5319                 goto err_out_format;
5320
5321         if (!depth) {
5322                 ret = rbd_dev_header_watch_sync(rbd_dev);
5323                 if (ret) {
5324                         if (ret == -ENOENT)
5325                                 pr_info("image %s/%s does not exist\n",
5326                                         rbd_dev->spec->pool_name,
5327                                         rbd_dev->spec->image_name);
5328                         goto out_header_name;
5329                 }
5330         }
5331
5332         ret = rbd_dev_header_info(rbd_dev);
5333         if (ret)
5334                 goto err_out_watch;
5335
5336         /*
5337          * If this image is the one being mapped, we have pool name and
5338          * id, image name and id, and snap name - need to fill snap id.
5339          * Otherwise this is a parent image, identified by pool, image
5340          * and snap ids - need to fill in names for those ids.
5341          */
5342         if (!depth)
5343                 ret = rbd_spec_fill_snap_id(rbd_dev);
5344         else
5345                 ret = rbd_spec_fill_names(rbd_dev);
5346         if (ret) {
5347                 if (ret == -ENOENT)
5348                         pr_info("snap %s/%s@%s does not exist\n",
5349                                 rbd_dev->spec->pool_name,
5350                                 rbd_dev->spec->image_name,
5351                                 rbd_dev->spec->snap_name);
5352                 goto err_out_probe;
5353         }
5354
5355         if (rbd_dev->header.features & RBD_FEATURE_LAYERING) {
5356                 ret = rbd_dev_v2_parent_info(rbd_dev);
5357                 if (ret)
5358                         goto err_out_probe;
5359
5360                 /*
5361                  * Need to warn users if this image is the one being
5362                  * mapped and has a parent.
5363                  */
5364                 if (!depth && rbd_dev->parent_spec)
5365                         rbd_warn(rbd_dev,
5366                                  "WARNING: kernel layering is EXPERIMENTAL!");
5367         }
5368
5369         ret = rbd_dev_probe_parent(rbd_dev, depth);
5370         if (ret)
5371                 goto err_out_probe;
5372
5373         dout("discovered format %u image, header name is %s\n",
5374                 rbd_dev->image_format, rbd_dev->header_name);
5375         return 0;
5376
5377 err_out_probe:
5378         rbd_dev_unprobe(rbd_dev);
5379 err_out_watch:
5380         if (!depth)
5381                 rbd_dev_header_unwatch_sync(rbd_dev);
5382 out_header_name:
5383         kfree(rbd_dev->header_name);
5384         rbd_dev->header_name = NULL;
5385 err_out_format:
5386         rbd_dev->image_format = 0;
5387         kfree(rbd_dev->spec->image_id);
5388         rbd_dev->spec->image_id = NULL;
5389         return ret;
5390 }
5391
5392 static ssize_t do_rbd_add(struct bus_type *bus,
5393                           const char *buf,
5394                           size_t count)
5395 {
5396         struct rbd_device *rbd_dev = NULL;
5397         struct ceph_options *ceph_opts = NULL;
5398         struct rbd_options *rbd_opts = NULL;
5399         struct rbd_spec *spec = NULL;
5400         struct rbd_client *rbdc;
5401         bool read_only;
5402         int rc;
5403
5404         if (!try_module_get(THIS_MODULE))
5405                 return -ENODEV;
5406
5407         /* parse add command */
5408         rc = rbd_add_parse_args(buf, &ceph_opts, &rbd_opts, &spec);
5409         if (rc < 0)
5410                 goto out;
5411
5412         rbdc = rbd_get_client(ceph_opts);
5413         if (IS_ERR(rbdc)) {
5414                 rc = PTR_ERR(rbdc);
5415                 goto err_out_args;
5416         }
5417
5418         /* pick the pool */
5419         rc = rbd_add_get_pool_id(rbdc, spec->pool_name);
5420         if (rc < 0) {
5421                 if (rc == -ENOENT)
5422                         pr_info("pool %s does not exist\n", spec->pool_name);
5423                 goto err_out_client;
5424         }
5425         spec->pool_id = (u64)rc;
5426
5427         /* The ceph file layout needs to fit pool id in 32 bits */
5428
5429         if (spec->pool_id > (u64)U32_MAX) {
5430                 rbd_warn(NULL, "pool id too large (%llu > %u)",
5431                                 (unsigned long long)spec->pool_id, U32_MAX);
5432                 rc = -EIO;
5433                 goto err_out_client;
5434         }
5435
5436         rbd_dev = rbd_dev_create(rbdc, spec, rbd_opts);
5437         if (!rbd_dev) {
5438                 rc = -ENOMEM;
5439                 goto err_out_client;
5440         }
5441         rbdc = NULL;            /* rbd_dev now owns this */
5442         spec = NULL;            /* rbd_dev now owns this */
5443         rbd_opts = NULL;        /* rbd_dev now owns this */
5444
5445         rc = rbd_dev_image_probe(rbd_dev, 0);
5446         if (rc < 0)
5447                 goto err_out_rbd_dev;
5448
5449         /* If we are mapping a snapshot it must be marked read-only */
5450
5451         read_only = rbd_dev->opts->read_only;
5452         if (rbd_dev->spec->snap_id != CEPH_NOSNAP)
5453                 read_only = true;
5454         rbd_dev->mapping.read_only = read_only;
5455
5456         rc = rbd_dev_device_setup(rbd_dev);
5457         if (rc) {
5458                 /*
5459                  * rbd_dev_header_unwatch_sync() can't be moved into
5460                  * rbd_dev_image_release() without refactoring, see
5461                  * commit 1f3ef78861ac.
5462                  */
5463                 rbd_dev_header_unwatch_sync(rbd_dev);
5464                 rbd_dev_image_release(rbd_dev);
5465                 goto out;
5466         }
5467
5468         rc = count;
5469 out:
5470         module_put(THIS_MODULE);
5471         return rc;
5472
5473 err_out_rbd_dev:
5474         rbd_dev_destroy(rbd_dev);
5475 err_out_client:
5476         rbd_put_client(rbdc);
5477 err_out_args:
5478         rbd_spec_put(spec);
5479         kfree(rbd_opts);
5480         goto out;
5481 }
5482
5483 static ssize_t rbd_add(struct bus_type *bus,
5484                        const char *buf,
5485                        size_t count)
5486 {
5487         if (single_major)
5488                 return -EINVAL;
5489
5490         return do_rbd_add(bus, buf, count);
5491 }
5492
5493 static ssize_t rbd_add_single_major(struct bus_type *bus,
5494                                     const char *buf,
5495                                     size_t count)
5496 {
5497         return do_rbd_add(bus, buf, count);
5498 }
5499
5500 static void rbd_dev_device_release(struct rbd_device *rbd_dev)
5501 {
5502         rbd_free_disk(rbd_dev);
5503         clear_bit(RBD_DEV_FLAG_EXISTS, &rbd_dev->flags);
5504         device_del(&rbd_dev->dev);
5505         rbd_dev_mapping_clear(rbd_dev);
5506         if (!single_major)
5507                 unregister_blkdev(rbd_dev->major, rbd_dev->name);
5508         rbd_dev_id_put(rbd_dev);
5509 }
5510
5511 static void rbd_dev_remove_parent(struct rbd_device *rbd_dev)
5512 {
5513         while (rbd_dev->parent) {
5514                 struct rbd_device *first = rbd_dev;
5515                 struct rbd_device *second = first->parent;
5516                 struct rbd_device *third;
5517
5518                 /*
5519                  * Follow to the parent with no grandparent and
5520                  * remove it.
5521                  */
5522                 while (second && (third = second->parent)) {
5523                         first = second;
5524                         second = third;
5525                 }
5526                 rbd_assert(second);
5527                 rbd_dev_image_release(second);
5528                 first->parent = NULL;
5529                 first->parent_overlap = 0;
5530
5531                 rbd_assert(first->parent_spec);
5532                 rbd_spec_put(first->parent_spec);
5533                 first->parent_spec = NULL;
5534         }
5535 }
5536
5537 static ssize_t do_rbd_remove(struct bus_type *bus,
5538                              const char *buf,
5539                              size_t count)
5540 {
5541         struct rbd_device *rbd_dev = NULL;
5542         struct list_head *tmp;
5543         int dev_id;
5544         unsigned long ul;
5545         bool already = false;
5546         int ret;
5547
5548         ret = kstrtoul(buf, 10, &ul);
5549         if (ret)
5550                 return ret;
5551
5552         /* convert to int; abort if we lost anything in the conversion */
5553         dev_id = (int)ul;
5554         if (dev_id != ul)
5555                 return -EINVAL;
5556
5557         ret = -ENOENT;
5558         spin_lock(&rbd_dev_list_lock);
5559         list_for_each(tmp, &rbd_dev_list) {
5560                 rbd_dev = list_entry(tmp, struct rbd_device, node);
5561                 if (rbd_dev->dev_id == dev_id) {
5562                         ret = 0;
5563                         break;
5564                 }
5565         }
5566         if (!ret) {
5567                 spin_lock_irq(&rbd_dev->lock);
5568                 if (rbd_dev->open_count)
5569                         ret = -EBUSY;
5570                 else
5571                         already = test_and_set_bit(RBD_DEV_FLAG_REMOVING,
5572                                                         &rbd_dev->flags);
5573                 spin_unlock_irq(&rbd_dev->lock);
5574         }
5575         spin_unlock(&rbd_dev_list_lock);
5576         if (ret < 0 || already)
5577                 return ret;
5578
5579         rbd_dev_header_unwatch_sync(rbd_dev);
5580         /*
5581          * flush remaining watch callbacks - these must be complete
5582          * before the osd_client is shutdown
5583          */
5584         dout("%s: flushing notifies", __func__);
5585         ceph_osdc_flush_notifies(&rbd_dev->rbd_client->client->osdc);
5586
5587         /*
5588          * Don't free anything from rbd_dev->disk until after all
5589          * notifies are completely processed. Otherwise
5590          * rbd_bus_del_dev() will race with rbd_watch_cb(), resulting
5591          * in a potential use after free of rbd_dev->disk or rbd_dev.
5592          */
5593         rbd_dev_device_release(rbd_dev);
5594         rbd_dev_image_release(rbd_dev);
5595
5596         return count;
5597 }
5598
5599 static ssize_t rbd_remove(struct bus_type *bus,
5600                           const char *buf,
5601                           size_t count)
5602 {
5603         if (single_major)
5604                 return -EINVAL;
5605
5606         return do_rbd_remove(bus, buf, count);
5607 }
5608
5609 static ssize_t rbd_remove_single_major(struct bus_type *bus,
5610                                        const char *buf,
5611                                        size_t count)
5612 {
5613         return do_rbd_remove(bus, buf, count);
5614 }
5615
5616 /*
5617  * create control files in sysfs
5618  * /sys/bus/rbd/...
5619  */
5620 static int rbd_sysfs_init(void)
5621 {
5622         int ret;
5623
5624         ret = device_register(&rbd_root_dev);
5625         if (ret < 0)
5626                 return ret;
5627
5628         ret = bus_register(&rbd_bus_type);
5629         if (ret < 0)
5630                 device_unregister(&rbd_root_dev);
5631
5632         return ret;
5633 }
5634
5635 static void rbd_sysfs_cleanup(void)
5636 {
5637         bus_unregister(&rbd_bus_type);
5638         device_unregister(&rbd_root_dev);
5639 }
5640
5641 static int rbd_slab_init(void)
5642 {
5643         rbd_assert(!rbd_img_request_cache);
5644         rbd_img_request_cache = KMEM_CACHE(rbd_img_request, 0);
5645         if (!rbd_img_request_cache)
5646                 return -ENOMEM;
5647
5648         rbd_assert(!rbd_obj_request_cache);
5649         rbd_obj_request_cache = KMEM_CACHE(rbd_obj_request, 0);
5650         if (!rbd_obj_request_cache)
5651                 goto out_err;
5652
5653         rbd_assert(!rbd_segment_name_cache);
5654         rbd_segment_name_cache = kmem_cache_create("rbd_segment_name",
5655                                         CEPH_MAX_OID_NAME_LEN + 1, 1, 0, NULL);
5656         if (rbd_segment_name_cache)
5657                 return 0;
5658 out_err:
5659         kmem_cache_destroy(rbd_obj_request_cache);
5660         rbd_obj_request_cache = NULL;
5661
5662         kmem_cache_destroy(rbd_img_request_cache);
5663         rbd_img_request_cache = NULL;
5664
5665         return -ENOMEM;
5666 }
5667
5668 static void rbd_slab_exit(void)
5669 {
5670         rbd_assert(rbd_segment_name_cache);
5671         kmem_cache_destroy(rbd_segment_name_cache);
5672         rbd_segment_name_cache = NULL;
5673
5674         rbd_assert(rbd_obj_request_cache);
5675         kmem_cache_destroy(rbd_obj_request_cache);
5676         rbd_obj_request_cache = NULL;
5677
5678         rbd_assert(rbd_img_request_cache);
5679         kmem_cache_destroy(rbd_img_request_cache);
5680         rbd_img_request_cache = NULL;
5681 }
5682
5683 static int __init rbd_init(void)
5684 {
5685         int rc;
5686
5687         if (!libceph_compatible(NULL)) {
5688                 rbd_warn(NULL, "libceph incompatibility (quitting)");
5689                 return -EINVAL;
5690         }
5691
5692         rc = rbd_slab_init();
5693         if (rc)
5694                 return rc;
5695
5696         /*
5697          * The number of active work items is limited by the number of
5698          * rbd devices * queue depth, so leave @max_active at default.
5699          */
5700         rbd_wq = alloc_workqueue(RBD_DRV_NAME, WQ_MEM_RECLAIM, 0);
5701         if (!rbd_wq) {
5702                 rc = -ENOMEM;
5703                 goto err_out_slab;
5704         }
5705
5706         if (single_major) {
5707                 rbd_major = register_blkdev(0, RBD_DRV_NAME);
5708                 if (rbd_major < 0) {
5709                         rc = rbd_major;
5710                         goto err_out_wq;
5711                 }
5712         }
5713
5714         rc = rbd_sysfs_init();
5715         if (rc)
5716                 goto err_out_blkdev;
5717
5718         if (single_major)
5719                 pr_info("loaded (major %d)\n", rbd_major);
5720         else
5721                 pr_info("loaded\n");
5722
5723         return 0;
5724
5725 err_out_blkdev:
5726         if (single_major)
5727                 unregister_blkdev(rbd_major, RBD_DRV_NAME);
5728 err_out_wq:
5729         destroy_workqueue(rbd_wq);
5730 err_out_slab:
5731         rbd_slab_exit();
5732         return rc;
5733 }
5734
5735 static void __exit rbd_exit(void)
5736 {
5737         ida_destroy(&rbd_dev_id_ida);
5738         rbd_sysfs_cleanup();
5739         if (single_major)
5740                 unregister_blkdev(rbd_major, RBD_DRV_NAME);
5741         destroy_workqueue(rbd_wq);
5742         rbd_slab_exit();
5743 }
5744
5745 module_init(rbd_init);
5746 module_exit(rbd_exit);
5747
5748 MODULE_AUTHOR("Alex Elder <elder@inktank.com>");
5749 MODULE_AUTHOR("Sage Weil <sage@newdream.net>");
5750 MODULE_AUTHOR("Yehuda Sadeh <yehuda@hq.newdream.net>");
5751 /* following authorship retained from original osdblk.c */
5752 MODULE_AUTHOR("Jeff Garzik <jeff@garzik.org>");
5753
5754 MODULE_DESCRIPTION("RADOS Block Device (RBD) driver");
5755 MODULE_LICENSE("GPL");
Linux kernel for KaRo TX COM modules