mirror of
https://github.com/edk2-porting/linux-next.git
synced 2025-01-07 13:13:57 +08:00
f8417b481c
If non rpc-based layout driver return bad length of data, nfs retries by calling rpc_restart_call_prepare() that cause an NULL reference panic. This patch lets nfs retry through MDS for non rpc-based layout driver return bad length of data. [13034.883329] BUG: unable to handle kernel NULL pointer dereference at (null) [13034.884902] IP: [<ffffffffa00db372>] rpc_restart_call_prepare+0x62/0x90 [sunrpc] [13034.886558] PGD 0 [13034.888126] Oops: 0000 [#1] KASAN [13034.889710] Modules linked in: blocklayoutdriver(OE) nfsv4(OE) nfs(OE) fscache(E) nfsd(OE) xfs libcrc32c coretemp btrfs crct10dif_pclmul crc32_pclmul crc32c_intel ghash_clmulni_intel ppdev vmw_balloon auth_rpcgss shpchp nfs_acl lockd vmw_vmci parport_pc xor raid6_pq grace parport sunrpc i2c_piix4 vmwgfx drm_kms_helper ttm drm mptspi e1000 serio_raw scsi_transport_spi mptscsih mptbase ata_generic pata_acpi [last unloaded: fscache] [13034.898260] CPU: 0 PID: 10112 Comm: kworker/0:1 Tainted: G OE 4.3.0-rc5+ #279 [13034.899932] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 07/02/2015 [13034.903342] Workqueue: events bl_read_cleanup [blocklayoutdriver] [13034.905059] task: ffff88006a9148c0 ti: ffff880035e90000 task.ti: ffff880035e90000 [13034.906827] RIP: 0010:[<ffffffffa00db372>] [<ffffffffa00db372>] rpc_restart_call_prepare+0x62/0x90 [sunrpc] [13034.910522] RSP: 0018:ffff880035e97b58 EFLAGS: 00010282 [13034.912378] RAX: fffffbfff04a5a94 RBX: ffff880068fe4858 RCX: 0000000000000003 [13034.914339] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: 0000000000000282 [13034.916236] RBP: ffff880035e97b68 R08: 0000000000000001 R09: 0000000000000001 [13034.918229] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000 [13034.920007] R13: ffff880068fe4858 R14: ffff880068fe4a60 R15: 0000000000001000 [13034.921845] FS: 0000000000000000(0000) GS:ffffffff82247000(0000) knlGS:0000000000000000 [13034.923645] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [13034.925525] CR2: 0000000000000000 CR3: 00000000063dd000 CR4: 00000000001406f0 [13034.932808] Stack: [13034.934813] ffff880068fe4780 0000000000001000 ffff880035e97ba8 ffffffffa08800d2 [13034.936675] ffffffffa088029d ffff880068fe4780 ffff880068fe4858 ffffffffa089c0a0 [13034.938593] ffff880068fe47e0 ffff88005d59faf0 ffff880035e97be0 ffffffffa087e08f [13034.940454] Call Trace: [13034.942388] [<ffffffffa08800d2>] nfs_readpage_result+0x112/0x200 [nfs] [13034.944317] [<ffffffffa088029d>] ? nfs_readpage_done+0xdd/0x160 [nfs] [13034.946267] [<ffffffffa087e08f>] nfs_pgio_result+0x9f/0x120 [nfs] [13034.948166] [<ffffffffa09266cc>] pnfs_ld_read_done+0x7c/0x1e0 [nfsv4] [13034.950247] [<ffffffffa03b07ee>] bl_read_cleanup+0x2e/0x60 [blocklayoutdriver] [13034.952156] [<ffffffff810ebf62>] process_one_work+0x412/0x870 [13034.954102] [<ffffffff810ebe84>] ? process_one_work+0x334/0x870 [13034.955949] [<ffffffff810ebb50>] ? queue_delayed_work_on+0x40/0x40 [13034.957985] [<ffffffff810ec441>] worker_thread+0x81/0x6a0 [13034.959817] [<ffffffff810ec3c0>] ? process_one_work+0x870/0x870 [13034.961785] [<ffffffff810f43bd>] kthread+0x17d/0x1a0 [13034.963544] [<ffffffff810f4240>] ? kthread_create_on_node+0x330/0x330 [13034.965479] [<ffffffff81100428>] ? finish_task_switch+0x88/0x220 [13034.967223] [<ffffffff810f4240>] ? kthread_create_on_node+0x330/0x330 [13034.968929] [<ffffffff81b6ae5f>] ret_from_fork+0x3f/0x70 [13034.970534] [<ffffffff810f4240>] ? kthread_create_on_node+0x330/0x330 [13034.972176] Code: c7 43 50 40 84 0d a0 e8 3d fe 1c e1 48 8d 7b 58 c7 83 e4 00 00 00 00 00 00 00 e8 ca fe 1c e1 4c 8b 63 58 4c 89 e7 e8 be fe 1c e1 <49> 83 3c 24 00 74 12 48 c7 43 50 f0 a2 0e a0 b8 01 00 00 00 5b [13034.977148] RIP [<ffffffffa00db372>] rpc_restart_call_prepare+0x62/0x90 [sunrpc] [13034.978780] RSP <ffff880035e97b58> [13034.980399] CR2: 0000000000000000 Signed-off-by: Kinglong Mee <kinglongmee@gmail.com> Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
456 lines
11 KiB
C
456 lines
11 KiB
C
/*
|
|
* linux/fs/nfs/read.c
|
|
*
|
|
* Block I/O for NFS
|
|
*
|
|
* Partial copy of Linus' read cache modifications to fs/nfs/file.c
|
|
* modified for async RPC by okir@monad.swb.de
|
|
*/
|
|
|
|
#include <linux/time.h>
|
|
#include <linux/kernel.h>
|
|
#include <linux/errno.h>
|
|
#include <linux/fcntl.h>
|
|
#include <linux/stat.h>
|
|
#include <linux/mm.h>
|
|
#include <linux/slab.h>
|
|
#include <linux/pagemap.h>
|
|
#include <linux/sunrpc/clnt.h>
|
|
#include <linux/nfs_fs.h>
|
|
#include <linux/nfs_page.h>
|
|
#include <linux/module.h>
|
|
|
|
#include "nfs4_fs.h"
|
|
#include "internal.h"
|
|
#include "iostat.h"
|
|
#include "fscache.h"
|
|
#include "pnfs.h"
|
|
|
|
#define NFSDBG_FACILITY NFSDBG_PAGECACHE
|
|
|
|
static const struct nfs_pgio_completion_ops nfs_async_read_completion_ops;
|
|
static const struct nfs_rw_ops nfs_rw_read_ops;
|
|
|
|
static struct kmem_cache *nfs_rdata_cachep;
|
|
|
|
static struct nfs_pgio_header *nfs_readhdr_alloc(void)
|
|
{
|
|
return kmem_cache_zalloc(nfs_rdata_cachep, GFP_KERNEL);
|
|
}
|
|
|
|
static void nfs_readhdr_free(struct nfs_pgio_header *rhdr)
|
|
{
|
|
kmem_cache_free(nfs_rdata_cachep, rhdr);
|
|
}
|
|
|
|
static
|
|
int nfs_return_empty_page(struct page *page)
|
|
{
|
|
zero_user(page, 0, PAGE_CACHE_SIZE);
|
|
SetPageUptodate(page);
|
|
unlock_page(page);
|
|
return 0;
|
|
}
|
|
|
|
void nfs_pageio_init_read(struct nfs_pageio_descriptor *pgio,
|
|
struct inode *inode, bool force_mds,
|
|
const struct nfs_pgio_completion_ops *compl_ops)
|
|
{
|
|
struct nfs_server *server = NFS_SERVER(inode);
|
|
const struct nfs_pageio_ops *pg_ops = &nfs_pgio_rw_ops;
|
|
|
|
#ifdef CONFIG_NFS_V4_1
|
|
if (server->pnfs_curr_ld && !force_mds)
|
|
pg_ops = server->pnfs_curr_ld->pg_read_ops;
|
|
#endif
|
|
nfs_pageio_init(pgio, inode, pg_ops, compl_ops, &nfs_rw_read_ops,
|
|
server->rsize, 0);
|
|
}
|
|
EXPORT_SYMBOL_GPL(nfs_pageio_init_read);
|
|
|
|
void nfs_pageio_reset_read_mds(struct nfs_pageio_descriptor *pgio)
|
|
{
|
|
struct nfs_pgio_mirror *mirror;
|
|
|
|
if (pgio->pg_ops && pgio->pg_ops->pg_cleanup)
|
|
pgio->pg_ops->pg_cleanup(pgio);
|
|
|
|
pgio->pg_ops = &nfs_pgio_rw_ops;
|
|
|
|
/* read path should never have more than one mirror */
|
|
WARN_ON_ONCE(pgio->pg_mirror_count != 1);
|
|
|
|
mirror = &pgio->pg_mirrors[0];
|
|
mirror->pg_bsize = NFS_SERVER(pgio->pg_inode)->rsize;
|
|
}
|
|
EXPORT_SYMBOL_GPL(nfs_pageio_reset_read_mds);
|
|
|
|
int nfs_readpage_async(struct nfs_open_context *ctx, struct inode *inode,
|
|
struct page *page)
|
|
{
|
|
struct nfs_page *new;
|
|
unsigned int len;
|
|
struct nfs_pageio_descriptor pgio;
|
|
struct nfs_pgio_mirror *pgm;
|
|
|
|
len = nfs_page_length(page);
|
|
if (len == 0)
|
|
return nfs_return_empty_page(page);
|
|
new = nfs_create_request(ctx, page, NULL, 0, len);
|
|
if (IS_ERR(new)) {
|
|
unlock_page(page);
|
|
return PTR_ERR(new);
|
|
}
|
|
if (len < PAGE_CACHE_SIZE)
|
|
zero_user_segment(page, len, PAGE_CACHE_SIZE);
|
|
|
|
nfs_pageio_init_read(&pgio, inode, false,
|
|
&nfs_async_read_completion_ops);
|
|
nfs_pageio_add_request(&pgio, new);
|
|
nfs_pageio_complete(&pgio);
|
|
|
|
/* It doesn't make sense to do mirrored reads! */
|
|
WARN_ON_ONCE(pgio.pg_mirror_count != 1);
|
|
|
|
pgm = &pgio.pg_mirrors[0];
|
|
NFS_I(inode)->read_io += pgm->pg_bytes_written;
|
|
|
|
return 0;
|
|
}
|
|
|
|
static void nfs_readpage_release(struct nfs_page *req)
|
|
{
|
|
struct inode *inode = d_inode(req->wb_context->dentry);
|
|
|
|
dprintk("NFS: read done (%s/%llu %d@%lld)\n", inode->i_sb->s_id,
|
|
(unsigned long long)NFS_FILEID(inode), req->wb_bytes,
|
|
(long long)req_offset(req));
|
|
|
|
if (nfs_page_group_sync_on_bit(req, PG_UNLOCKPAGE)) {
|
|
if (PageUptodate(req->wb_page))
|
|
nfs_readpage_to_fscache(inode, req->wb_page, 0);
|
|
|
|
unlock_page(req->wb_page);
|
|
}
|
|
nfs_release_request(req);
|
|
}
|
|
|
|
static void nfs_page_group_set_uptodate(struct nfs_page *req)
|
|
{
|
|
if (nfs_page_group_sync_on_bit(req, PG_UPTODATE))
|
|
SetPageUptodate(req->wb_page);
|
|
}
|
|
|
|
static void nfs_read_completion(struct nfs_pgio_header *hdr)
|
|
{
|
|
unsigned long bytes = 0;
|
|
|
|
if (test_bit(NFS_IOHDR_REDO, &hdr->flags))
|
|
goto out;
|
|
while (!list_empty(&hdr->pages)) {
|
|
struct nfs_page *req = nfs_list_entry(hdr->pages.next);
|
|
struct page *page = req->wb_page;
|
|
unsigned long start = req->wb_pgbase;
|
|
unsigned long end = req->wb_pgbase + req->wb_bytes;
|
|
|
|
if (test_bit(NFS_IOHDR_EOF, &hdr->flags)) {
|
|
/* note: regions of the page not covered by a
|
|
* request are zeroed in nfs_readpage_async /
|
|
* readpage_async_filler */
|
|
if (bytes > hdr->good_bytes) {
|
|
/* nothing in this request was good, so zero
|
|
* the full extent of the request */
|
|
zero_user_segment(page, start, end);
|
|
|
|
} else if (hdr->good_bytes - bytes < req->wb_bytes) {
|
|
/* part of this request has good bytes, but
|
|
* not all. zero the bad bytes */
|
|
start += hdr->good_bytes - bytes;
|
|
WARN_ON(start < req->wb_pgbase);
|
|
zero_user_segment(page, start, end);
|
|
}
|
|
}
|
|
bytes += req->wb_bytes;
|
|
if (test_bit(NFS_IOHDR_ERROR, &hdr->flags)) {
|
|
if (bytes <= hdr->good_bytes)
|
|
nfs_page_group_set_uptodate(req);
|
|
} else
|
|
nfs_page_group_set_uptodate(req);
|
|
nfs_list_remove_request(req);
|
|
nfs_readpage_release(req);
|
|
}
|
|
out:
|
|
hdr->release(hdr);
|
|
}
|
|
|
|
static void nfs_initiate_read(struct nfs_pgio_header *hdr,
|
|
struct rpc_message *msg,
|
|
const struct nfs_rpc_ops *rpc_ops,
|
|
struct rpc_task_setup *task_setup_data, int how)
|
|
{
|
|
struct inode *inode = hdr->inode;
|
|
int swap_flags = IS_SWAPFILE(inode) ? NFS_RPC_SWAPFLAGS : 0;
|
|
|
|
task_setup_data->flags |= swap_flags;
|
|
rpc_ops->read_setup(hdr, msg);
|
|
}
|
|
|
|
static void
|
|
nfs_async_read_error(struct list_head *head)
|
|
{
|
|
struct nfs_page *req;
|
|
|
|
while (!list_empty(head)) {
|
|
req = nfs_list_entry(head->next);
|
|
nfs_list_remove_request(req);
|
|
nfs_readpage_release(req);
|
|
}
|
|
}
|
|
|
|
static const struct nfs_pgio_completion_ops nfs_async_read_completion_ops = {
|
|
.error_cleanup = nfs_async_read_error,
|
|
.completion = nfs_read_completion,
|
|
};
|
|
|
|
/*
|
|
* This is the callback from RPC telling us whether a reply was
|
|
* received or some error occurred (timeout or socket shutdown).
|
|
*/
|
|
static int nfs_readpage_done(struct rpc_task *task,
|
|
struct nfs_pgio_header *hdr,
|
|
struct inode *inode)
|
|
{
|
|
int status = NFS_PROTO(inode)->read_done(task, hdr);
|
|
if (status != 0)
|
|
return status;
|
|
|
|
nfs_add_stats(inode, NFSIOS_SERVERREADBYTES, hdr->res.count);
|
|
|
|
if (task->tk_status == -ESTALE) {
|
|
set_bit(NFS_INO_STALE, &NFS_I(inode)->flags);
|
|
nfs_mark_for_revalidate(inode);
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
static void nfs_readpage_retry(struct rpc_task *task,
|
|
struct nfs_pgio_header *hdr)
|
|
{
|
|
struct nfs_pgio_args *argp = &hdr->args;
|
|
struct nfs_pgio_res *resp = &hdr->res;
|
|
|
|
/* This is a short read! */
|
|
nfs_inc_stats(hdr->inode, NFSIOS_SHORTREAD);
|
|
/* Has the server at least made some progress? */
|
|
if (resp->count == 0) {
|
|
nfs_set_pgio_error(hdr, -EIO, argp->offset);
|
|
return;
|
|
}
|
|
|
|
/* For non rpc-based layout drivers, retry-through-MDS */
|
|
if (!task->tk_ops) {
|
|
hdr->pnfs_error = -EAGAIN;
|
|
return;
|
|
}
|
|
|
|
/* Yes, so retry the read at the end of the hdr */
|
|
hdr->mds_offset += resp->count;
|
|
argp->offset += resp->count;
|
|
argp->pgbase += resp->count;
|
|
argp->count -= resp->count;
|
|
rpc_restart_call_prepare(task);
|
|
}
|
|
|
|
static void nfs_readpage_result(struct rpc_task *task,
|
|
struct nfs_pgio_header *hdr)
|
|
{
|
|
if (hdr->res.eof) {
|
|
loff_t bound;
|
|
|
|
bound = hdr->args.offset + hdr->res.count;
|
|
spin_lock(&hdr->lock);
|
|
if (bound < hdr->io_start + hdr->good_bytes) {
|
|
set_bit(NFS_IOHDR_EOF, &hdr->flags);
|
|
clear_bit(NFS_IOHDR_ERROR, &hdr->flags);
|
|
hdr->good_bytes = bound - hdr->io_start;
|
|
}
|
|
spin_unlock(&hdr->lock);
|
|
} else if (hdr->res.count < hdr->args.count)
|
|
nfs_readpage_retry(task, hdr);
|
|
}
|
|
|
|
/*
|
|
* Read a page over NFS.
|
|
* We read the page synchronously in the following case:
|
|
* - The error flag is set for this page. This happens only when a
|
|
* previous async read operation failed.
|
|
*/
|
|
int nfs_readpage(struct file *file, struct page *page)
|
|
{
|
|
struct nfs_open_context *ctx;
|
|
struct inode *inode = page_file_mapping(page)->host;
|
|
int error;
|
|
|
|
dprintk("NFS: nfs_readpage (%p %ld@%lu)\n",
|
|
page, PAGE_CACHE_SIZE, page_file_index(page));
|
|
nfs_inc_stats(inode, NFSIOS_VFSREADPAGE);
|
|
nfs_add_stats(inode, NFSIOS_READPAGES, 1);
|
|
|
|
/*
|
|
* Try to flush any pending writes to the file..
|
|
*
|
|
* NOTE! Because we own the page lock, there cannot
|
|
* be any new pending writes generated at this point
|
|
* for this page (other pages can be written to).
|
|
*/
|
|
error = nfs_wb_page(inode, page);
|
|
if (error)
|
|
goto out_unlock;
|
|
if (PageUptodate(page))
|
|
goto out_unlock;
|
|
|
|
error = -ESTALE;
|
|
if (NFS_STALE(inode))
|
|
goto out_unlock;
|
|
|
|
if (file == NULL) {
|
|
error = -EBADF;
|
|
ctx = nfs_find_open_context(inode, NULL, FMODE_READ);
|
|
if (ctx == NULL)
|
|
goto out_unlock;
|
|
} else
|
|
ctx = get_nfs_open_context(nfs_file_open_context(file));
|
|
|
|
if (!IS_SYNC(inode)) {
|
|
error = nfs_readpage_from_fscache(ctx, inode, page);
|
|
if (error == 0)
|
|
goto out;
|
|
}
|
|
|
|
error = nfs_readpage_async(ctx, inode, page);
|
|
|
|
out:
|
|
put_nfs_open_context(ctx);
|
|
return error;
|
|
out_unlock:
|
|
unlock_page(page);
|
|
return error;
|
|
}
|
|
|
|
struct nfs_readdesc {
|
|
struct nfs_pageio_descriptor *pgio;
|
|
struct nfs_open_context *ctx;
|
|
};
|
|
|
|
static int
|
|
readpage_async_filler(void *data, struct page *page)
|
|
{
|
|
struct nfs_readdesc *desc = (struct nfs_readdesc *)data;
|
|
struct nfs_page *new;
|
|
unsigned int len;
|
|
int error;
|
|
|
|
len = nfs_page_length(page);
|
|
if (len == 0)
|
|
return nfs_return_empty_page(page);
|
|
|
|
new = nfs_create_request(desc->ctx, page, NULL, 0, len);
|
|
if (IS_ERR(new))
|
|
goto out_error;
|
|
|
|
if (len < PAGE_CACHE_SIZE)
|
|
zero_user_segment(page, len, PAGE_CACHE_SIZE);
|
|
if (!nfs_pageio_add_request(desc->pgio, new)) {
|
|
error = desc->pgio->pg_error;
|
|
goto out_unlock;
|
|
}
|
|
return 0;
|
|
out_error:
|
|
error = PTR_ERR(new);
|
|
out_unlock:
|
|
unlock_page(page);
|
|
return error;
|
|
}
|
|
|
|
int nfs_readpages(struct file *filp, struct address_space *mapping,
|
|
struct list_head *pages, unsigned nr_pages)
|
|
{
|
|
struct nfs_pageio_descriptor pgio;
|
|
struct nfs_pgio_mirror *pgm;
|
|
struct nfs_readdesc desc = {
|
|
.pgio = &pgio,
|
|
};
|
|
struct inode *inode = mapping->host;
|
|
unsigned long npages;
|
|
int ret = -ESTALE;
|
|
|
|
dprintk("NFS: nfs_readpages (%s/%Lu %d)\n",
|
|
inode->i_sb->s_id,
|
|
(unsigned long long)NFS_FILEID(inode),
|
|
nr_pages);
|
|
nfs_inc_stats(inode, NFSIOS_VFSREADPAGES);
|
|
|
|
if (NFS_STALE(inode))
|
|
goto out;
|
|
|
|
if (filp == NULL) {
|
|
desc.ctx = nfs_find_open_context(inode, NULL, FMODE_READ);
|
|
if (desc.ctx == NULL)
|
|
return -EBADF;
|
|
} else
|
|
desc.ctx = get_nfs_open_context(nfs_file_open_context(filp));
|
|
|
|
/* attempt to read as many of the pages as possible from the cache
|
|
* - this returns -ENOBUFS immediately if the cookie is negative
|
|
*/
|
|
ret = nfs_readpages_from_fscache(desc.ctx, inode, mapping,
|
|
pages, &nr_pages);
|
|
if (ret == 0)
|
|
goto read_complete; /* all pages were read */
|
|
|
|
nfs_pageio_init_read(&pgio, inode, false,
|
|
&nfs_async_read_completion_ops);
|
|
|
|
ret = read_cache_pages(mapping, pages, readpage_async_filler, &desc);
|
|
nfs_pageio_complete(&pgio);
|
|
|
|
/* It doesn't make sense to do mirrored reads! */
|
|
WARN_ON_ONCE(pgio.pg_mirror_count != 1);
|
|
|
|
pgm = &pgio.pg_mirrors[0];
|
|
NFS_I(inode)->read_io += pgm->pg_bytes_written;
|
|
npages = (pgm->pg_bytes_written + PAGE_CACHE_SIZE - 1) >>
|
|
PAGE_CACHE_SHIFT;
|
|
nfs_add_stats(inode, NFSIOS_READPAGES, npages);
|
|
read_complete:
|
|
put_nfs_open_context(desc.ctx);
|
|
out:
|
|
return ret;
|
|
}
|
|
|
|
int __init nfs_init_readpagecache(void)
|
|
{
|
|
nfs_rdata_cachep = kmem_cache_create("nfs_read_data",
|
|
sizeof(struct nfs_pgio_header),
|
|
0, SLAB_HWCACHE_ALIGN,
|
|
NULL);
|
|
if (nfs_rdata_cachep == NULL)
|
|
return -ENOMEM;
|
|
|
|
return 0;
|
|
}
|
|
|
|
void nfs_destroy_readpagecache(void)
|
|
{
|
|
kmem_cache_destroy(nfs_rdata_cachep);
|
|
}
|
|
|
|
static const struct nfs_rw_ops nfs_rw_read_ops = {
|
|
.rw_mode = FMODE_READ,
|
|
.rw_alloc_header = nfs_readhdr_alloc,
|
|
.rw_free_header = nfs_readhdr_free,
|
|
.rw_done = nfs_readpage_done,
|
|
.rw_result = nfs_readpage_result,
|
|
.rw_initiate = nfs_initiate_read,
|
|
};
|