2 * Copyright (c) 2004 The DragonFly Project. All rights reserved.
4 * This code is derived from software contributed to The DragonFly Project
5 * by Matthew Dillon <dillon@backplane.com>
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
17 * 3. Neither the name of The DragonFly Project nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific, prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
24 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
27 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
28 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
29 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
31 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 * $DragonFly: src/sys/kern/vfs_journal.c,v 1.25 2006/05/06 06:38:38 dillon Exp $
37 * Each mount point may have zero or more independantly configured journals
38 * attached to it. Each journal is represented by a memory FIFO and worker
39 * thread. Journal events are streamed through the FIFO to the thread,
40 * batched up (typically on one-second intervals), and written out by the
43 * Journal vnode ops are executed instead of mnt_vn_norm_ops when one or
44 * more journals have been installed on a mount point. It becomes the
45 * responsibility of the journal op to call the underlying normal op as
48 * The journaling protocol is intended to evolve into a two-way stream
49 * whereby transaction IDs can be acknowledged by the journaling target
50 * when the data has been committed to hard storage. Both implicit and
51 * explicit acknowledgement schemes will be supported, depending on the
52 * sophistication of the journaling stream, plus resynchronization and
53 * restart when a journaling stream is interrupted. This information will
54 * also be made available to journaling-aware filesystems to allow better
55 * management of their own physical storage synchronization mechanisms as
56 * well as to allow such filesystems to take direct advantage of the kernel's
57 * journaling layer so they don't have to roll their own.
59 * In addition, the worker thread will have access to much larger
60 * spooling areas then the memory buffer is able to provide by e.g.
61 * reserving swap space, in order to absorb potentially long interruptions
62 * of off-site journaling streams, and to prevent 'slow' off-site linkages
63 * from radically slowing down local filesystem operations.
65 * Because of the non-trivial algorithms the journaling system will be
66 * required to support, use of a worker thread is mandatory. Efficiencies
67 * are maintained by utilitizing the memory FIFO to batch transactions when
68 * possible, reducing the number of gratuitous thread switches and taking
69 * advantage of cpu caches through the use of shorter batched code paths
70 * rather then trying to do everything in the context of the process
71 * originating the filesystem op. In the future the memory FIFO can be
72 * made per-cpu to remove BGL or other locking requirements.
74 #include <sys/param.h>
75 #include <sys/systm.h>
78 #include <sys/kernel.h>
79 #include <sys/queue.h>
81 #include <sys/malloc.h>
82 #include <sys/mount.h>
83 #include <sys/unistd.h>
84 #include <sys/vnode.h>
86 #include <sys/mountctl.h>
87 #include <sys/journal.h>
90 #include <sys/msfbuf.h>
91 #include <sys/socket.h>
92 #include <sys/socketvar.h>
94 #include <machine/limits.h>
97 #include <vm/vm_object.h>
98 #include <vm/vm_page.h>
99 #include <vm/vm_pager.h>
100 #include <vm/vnode_pager.h>
102 #include <sys/file2.h>
103 #include <sys/thread2.h>
105 static int journal_attach(struct mount *mp);
106 static void journal_detach(struct mount *mp);
107 static int journal_install_vfs_journal(struct mount *mp, struct file *fp,
108 const struct mountctl_install_journal *info);
109 static int journal_restart_vfs_journal(struct mount *mp, struct file *fp,
110 const struct mountctl_restart_journal *info);
111 static int journal_remove_vfs_journal(struct mount *mp,
112 const struct mountctl_remove_journal *info);
113 static int journal_restart(struct mount *mp, struct file *fp,
114 struct journal *jo, int flags);
115 static int journal_destroy(struct mount *mp, struct journal *jo, int flags);
116 static int journal_resync_vfs_journal(struct mount *mp, const void *ctl);
117 static int journal_status_vfs_journal(struct mount *mp,
118 const struct mountctl_status_journal *info,
119 struct mountctl_journal_ret_status *rstat,
120 int buflen, int *res);
121 static void journal_create_threads(struct journal *jo);
122 static void journal_destroy_threads(struct journal *jo, int flags);
123 static void journal_wthread(void *info);
124 static void journal_rthread(void *info);
126 static void *journal_reserve(struct journal *jo,
127 struct journal_rawrecbeg **rawpp,
128 int16_t streamid, int bytes);
129 static void *journal_extend(struct journal *jo,
130 struct journal_rawrecbeg **rawpp,
131 int truncbytes, int bytes, int *newstreamrecp);
132 static void journal_abort(struct journal *jo,
133 struct journal_rawrecbeg **rawpp);
134 static void journal_commit(struct journal *jo,
135 struct journal_rawrecbeg **rawpp,
136 int bytes, int closeout);
138 static void jrecord_init(struct journal *jo,
139 struct jrecord *jrec, int16_t streamid);
140 static struct journal_subrecord *jrecord_push(
141 struct jrecord *jrec, int16_t rectype);
142 static void jrecord_pop(struct jrecord *jrec, struct journal_subrecord *parent);
143 static struct journal_subrecord *jrecord_write(struct jrecord *jrec,
144 int16_t rectype, int bytes);
145 static void jrecord_data(struct jrecord *jrec, const void *buf, int bytes);
146 static void jrecord_done(struct jrecord *jrec, int abortit);
147 static void jrecord_undo_file(struct jrecord *jrec, struct vnode *vp,
148 int jrflags, off_t off, off_t bytes);
150 static int journal_setattr(struct vop_setattr_args *ap);
151 static int journal_write(struct vop_write_args *ap);
152 static int journal_fsync(struct vop_fsync_args *ap);
153 static int journal_putpages(struct vop_putpages_args *ap);
154 static int journal_setacl(struct vop_setacl_args *ap);
155 static int journal_setextattr(struct vop_setextattr_args *ap);
156 static int journal_ncreate(struct vop_ncreate_args *ap);
157 static int journal_nmknod(struct vop_nmknod_args *ap);
158 static int journal_nlink(struct vop_nlink_args *ap);
159 static int journal_nsymlink(struct vop_nsymlink_args *ap);
160 static int journal_nwhiteout(struct vop_nwhiteout_args *ap);
161 static int journal_nremove(struct vop_nremove_args *ap);
162 static int journal_nmkdir(struct vop_nmkdir_args *ap);
163 static int journal_nrmdir(struct vop_nrmdir_args *ap);
164 static int journal_nrename(struct vop_nrename_args *ap);
166 #define JRUNDO_SIZE 0x00000001
167 #define JRUNDO_UID 0x00000002
168 #define JRUNDO_GID 0x00000004
169 #define JRUNDO_FSID 0x00000008
170 #define JRUNDO_MODES 0x00000010
171 #define JRUNDO_INUM 0x00000020
172 #define JRUNDO_ATIME 0x00000040
173 #define JRUNDO_MTIME 0x00000080
174 #define JRUNDO_CTIME 0x00000100
175 #define JRUNDO_GEN 0x00000200
176 #define JRUNDO_FLAGS 0x00000400
177 #define JRUNDO_UDEV 0x00000800
178 #define JRUNDO_NLINK 0x00001000
179 #define JRUNDO_FILEDATA 0x00010000
180 #define JRUNDO_GETVP 0x00020000
181 #define JRUNDO_CONDLINK 0x00040000 /* write file data if link count 1 */
182 #define JRUNDO_VATTR (JRUNDO_SIZE|JRUNDO_UID|JRUNDO_GID|JRUNDO_FSID|\
183 JRUNDO_MODES|JRUNDO_INUM|JRUNDO_ATIME|JRUNDO_MTIME|\
184 JRUNDO_CTIME|JRUNDO_GEN|JRUNDO_FLAGS|JRUNDO_UDEV|\
186 #define JRUNDO_ALL (JRUNDO_VATTR|JRUNDO_FILEDATA)
188 static struct vnodeopv_entry_desc journal_vnodeop_entries[] = {
189 { &vop_default_desc, vop_journal_operate_ap },
190 { &vop_mountctl_desc, (void *)journal_mountctl },
191 { &vop_setattr_desc, (void *)journal_setattr },
192 { &vop_write_desc, (void *)journal_write },
193 { &vop_fsync_desc, (void *)journal_fsync },
194 { &vop_putpages_desc, (void *)journal_putpages },
195 { &vop_setacl_desc, (void *)journal_setacl },
196 { &vop_setextattr_desc, (void *)journal_setextattr },
197 { &vop_ncreate_desc, (void *)journal_ncreate },
198 { &vop_nmknod_desc, (void *)journal_nmknod },
199 { &vop_nlink_desc, (void *)journal_nlink },
200 { &vop_nsymlink_desc, (void *)journal_nsymlink },
201 { &vop_nwhiteout_desc, (void *)journal_nwhiteout },
202 { &vop_nremove_desc, (void *)journal_nremove },
203 { &vop_nmkdir_desc, (void *)journal_nmkdir },
204 { &vop_nrmdir_desc, (void *)journal_nrmdir },
205 { &vop_nrename_desc, (void *)journal_nrename },
209 static MALLOC_DEFINE(M_JOURNAL, "journal", "Journaling structures");
210 static MALLOC_DEFINE(M_JFIFO, "journal-fifo", "Journal FIFO");
213 journal_mountctl(struct vop_mountctl_args *ap)
218 mp = ap->a_head.a_ops->vv_mount;
221 if (mp->mnt_vn_journal_ops == NULL) {
223 case MOUNTCTL_INSTALL_VFS_JOURNAL:
224 error = journal_attach(mp);
225 if (error == 0 && ap->a_ctllen != sizeof(struct mountctl_install_journal))
227 if (error == 0 && ap->a_fp == NULL)
230 error = journal_install_vfs_journal(mp, ap->a_fp, ap->a_ctl);
231 if (TAILQ_EMPTY(&mp->mnt_jlist))
234 case MOUNTCTL_RESTART_VFS_JOURNAL:
235 case MOUNTCTL_REMOVE_VFS_JOURNAL:
236 case MOUNTCTL_RESYNC_VFS_JOURNAL:
237 case MOUNTCTL_STATUS_VFS_JOURNAL:
246 case MOUNTCTL_INSTALL_VFS_JOURNAL:
247 if (ap->a_ctllen != sizeof(struct mountctl_install_journal))
249 if (error == 0 && ap->a_fp == NULL)
252 error = journal_install_vfs_journal(mp, ap->a_fp, ap->a_ctl);
254 case MOUNTCTL_RESTART_VFS_JOURNAL:
255 if (ap->a_ctllen != sizeof(struct mountctl_restart_journal))
257 if (error == 0 && ap->a_fp == NULL)
260 error = journal_restart_vfs_journal(mp, ap->a_fp, ap->a_ctl);
262 case MOUNTCTL_REMOVE_VFS_JOURNAL:
263 if (ap->a_ctllen != sizeof(struct mountctl_remove_journal))
266 error = journal_remove_vfs_journal(mp, ap->a_ctl);
267 if (TAILQ_EMPTY(&mp->mnt_jlist))
270 case MOUNTCTL_RESYNC_VFS_JOURNAL:
271 if (ap->a_ctllen != 0)
273 error = journal_resync_vfs_journal(mp, ap->a_ctl);
275 case MOUNTCTL_STATUS_VFS_JOURNAL:
276 if (ap->a_ctllen != sizeof(struct mountctl_status_journal))
279 error = journal_status_vfs_journal(mp, ap->a_ctl,
280 ap->a_buf, ap->a_buflen, ap->a_res);
292 * High level mount point setup. When a
295 journal_attach(struct mount *mp)
297 vfs_add_vnodeops(mp, &mp->mnt_vn_journal_ops,
298 journal_vnodeop_entries, 0);
303 journal_detach(struct mount *mp)
305 if (mp->mnt_vn_journal_ops)
306 vfs_rm_vnodeops(&mp->mnt_vn_journal_ops);
310 * Install a journal on a mount point. Each journal has an associated worker
311 * thread which is responsible for buffering and spooling the data to the
312 * target. A mount point may have multiple journals attached to it. An
313 * initial start record is generated when the journal is associated.
316 journal_install_vfs_journal(struct mount *mp, struct file *fp,
317 const struct mountctl_install_journal *info)
324 jo = malloc(sizeof(struct journal), M_JOURNAL, M_WAITOK|M_ZERO);
325 bcopy(info->id, jo->id, sizeof(jo->id));
326 jo->flags = info->flags & ~(MC_JOURNAL_WACTIVE | MC_JOURNAL_RACTIVE |
327 MC_JOURNAL_STOP_REQ);
330 * Memory FIFO size, round to nearest power of 2
332 if (info->membufsize) {
333 if (info->membufsize < 65536)
335 else if (info->membufsize > 128 * 1024 * 1024)
336 size = 128 * 1024 * 1024;
338 size = (int)info->membufsize;
343 while (jo->fifo.size < size)
347 * Other parameters. If not specified the starting transaction id
348 * will be the current date.
351 jo->transid = info->transid;
355 jo->transid = ((int64_t)ts.tv_sec << 30) | ts.tv_nsec;
361 * Allocate the memory FIFO
363 jo->fifo.mask = jo->fifo.size - 1;
364 jo->fifo.membase = malloc(jo->fifo.size, M_JFIFO, M_WAITOK|M_ZERO|M_NULLOK);
365 if (jo->fifo.membase == NULL)
369 * Create the worker threads and generate the association record.
375 journal_create_threads(jo);
376 jrecord_init(jo, &jrec, JREC_STREAMID_DISCONT);
377 jrecord_write(&jrec, JTYPE_ASSOCIATE, 0);
378 jrecord_done(&jrec, 0);
379 TAILQ_INSERT_TAIL(&mp->mnt_jlist, jo, jentry);
385 * Restart a journal with a new descriptor. The existing reader and writer
386 * threads are terminated and a new descriptor is associated with the
387 * journal. The FIFO rindex is reset to xindex and the threads are then
391 journal_restart_vfs_journal(struct mount *mp, struct file *fp,
392 const struct mountctl_restart_journal *info)
397 TAILQ_FOREACH(jo, &mp->mnt_jlist, jentry) {
398 if (bcmp(jo->id, info->id, sizeof(jo->id)) == 0)
402 error = journal_restart(mp, fp, jo, info->flags);
409 journal_restart(struct mount *mp, struct file *fp,
410 struct journal *jo, int flags)
418 * Record the fact that we are doing a restart in the journal.
419 * XXX it isn't safe to do this if the journal is being restarted
420 * because it was locked up and the writer thread has already exited.
422 jrecord_init(jo, &jrec, JREC_STREAMID_RESTART);
423 jrecord_write(&jrec, JTYPE_DISASSOCIATE, 0);
424 jrecord_done(&jrec, 0);
428 * Stop the reader and writer threads and clean up the current
431 printf("RESTART WITH FP %p KILLING %p\n", fp, jo->fp);
432 journal_destroy_threads(jo, flags);
438 * Associate the new descriptor, reset the FIFO index, and recreate
443 jo->fifo.rindex = jo->fifo.xindex;
444 journal_create_threads(jo);
450 * Disassociate a journal from a mount point and terminate its worker thread.
451 * A final termination record is written out before the file pointer is
455 journal_remove_vfs_journal(struct mount *mp,
456 const struct mountctl_remove_journal *info)
461 TAILQ_FOREACH(jo, &mp->mnt_jlist, jentry) {
462 if (bcmp(jo->id, info->id, sizeof(jo->id)) == 0)
466 error = journal_destroy(mp, jo, info->flags);
473 * Remove all journals associated with a mount point. Usually called
474 * by the umount code.
477 journal_remove_all_journals(struct mount *mp, int flags)
481 while ((jo = TAILQ_FIRST(&mp->mnt_jlist)) != NULL) {
482 journal_destroy(mp, jo, flags);
487 journal_destroy(struct mount *mp, struct journal *jo, int flags)
491 TAILQ_REMOVE(&mp->mnt_jlist, jo, jentry);
493 jrecord_init(jo, &jrec, JREC_STREAMID_DISCONT);
494 jrecord_write(&jrec, JTYPE_DISASSOCIATE, 0);
495 jrecord_done(&jrec, 0);
497 journal_destroy_threads(jo, flags);
501 if (jo->fifo.membase)
502 free(jo->fifo.membase, M_JFIFO);
508 journal_resync_vfs_journal(struct mount *mp, const void *ctl)
514 journal_status_vfs_journal(struct mount *mp,
515 const struct mountctl_status_journal *info,
516 struct mountctl_journal_ret_status *rstat,
517 int buflen, int *res)
525 TAILQ_FOREACH(jo, &mp->mnt_jlist, jentry) {
526 if (info->index == MC_JOURNAL_INDEX_ID) {
527 if (bcmp(jo->id, info->id, sizeof(jo->id)) != 0)
529 } else if (info->index >= 0) {
530 if (info->index < index)
532 } else if (info->index != MC_JOURNAL_INDEX_ALL) {
535 if (buflen < sizeof(*rstat)) {
537 rstat[-1].flags |= MC_JOURNAL_STATUS_MORETOCOME;
542 bzero(rstat, sizeof(*rstat));
543 rstat->recsize = sizeof(*rstat);
544 bcopy(jo->id, rstat->id, sizeof(jo->id));
545 rstat->index = index;
546 rstat->membufsize = jo->fifo.size;
547 rstat->membufused = jo->fifo.windex - jo->fifo.xindex;
548 rstat->membufunacked = jo->fifo.rindex - jo->fifo.xindex;
549 rstat->bytessent = jo->total_acked;
550 rstat->fifostalls = jo->fifostalls;
553 *res += sizeof(*rstat);
554 buflen -= sizeof(*rstat);
560 journal_create_threads(struct journal *jo)
562 jo->flags &= ~(MC_JOURNAL_STOP_REQ | MC_JOURNAL_STOP_IMM);
563 jo->flags |= MC_JOURNAL_WACTIVE;
564 lwkt_create(journal_wthread, jo, NULL, &jo->wthread,
565 TDF_STOPREQ, -1, "journal w:%.*s", JIDMAX, jo->id);
566 lwkt_setpri(&jo->wthread, TDPRI_KERN_DAEMON);
567 lwkt_schedule(&jo->wthread);
569 if (jo->flags & MC_JOURNAL_WANT_FULLDUPLEX) {
570 jo->flags |= MC_JOURNAL_RACTIVE;
571 lwkt_create(journal_rthread, jo, NULL, &jo->rthread,
572 TDF_STOPREQ, -1, "journal r:%.*s", JIDMAX, jo->id);
573 lwkt_setpri(&jo->rthread, TDPRI_KERN_DAEMON);
574 lwkt_schedule(&jo->rthread);
579 journal_destroy_threads(struct journal *jo, int flags)
583 jo->flags |= MC_JOURNAL_STOP_REQ | (flags & MC_JOURNAL_STOP_IMM);
586 while (jo->flags & (MC_JOURNAL_WACTIVE | MC_JOURNAL_RACTIVE)) {
587 tsleep(jo, 0, "jwait", hz);
588 if (++wcount % 10 == 0) {
589 printf("Warning: journal %s waiting for descriptors to close\n",
595 * XXX SMP - threads should move to cpu requesting the restart or
596 * termination before finishing up to properly interlock.
598 tsleep(jo, 0, "jwait", hz);
599 lwkt_free_thread(&jo->wthread);
600 if (jo->flags & MC_JOURNAL_WANT_FULLDUPLEX)
601 lwkt_free_thread(&jo->rthread);
605 * The per-journal worker thread is responsible for writing out the
606 * journal's FIFO to the target stream.
609 journal_wthread(void *info)
611 struct journal *jo = info;
612 struct journal_rawrecbeg *rawp;
620 * Calculate the number of bytes available to write. This buffer
621 * area may contain reserved records so we can't just write it out
622 * without further checks.
624 bytes = jo->fifo.windex - jo->fifo.rindex;
627 * sleep if no bytes are available or if an incomplete record is
628 * encountered (it needs to be filled in before we can write it
629 * out), and skip any pad records that we encounter.
632 if (jo->flags & MC_JOURNAL_STOP_REQ)
634 tsleep(&jo->fifo, 0, "jfifo", hz);
639 * Sleep if we can not go any further due to hitting an incomplete
640 * record. This case should occur rarely but may have to be better
643 rawp = (void *)(jo->fifo.membase + (jo->fifo.rindex & jo->fifo.mask));
644 if (rawp->begmagic == JREC_INCOMPLETEMAGIC) {
645 tsleep(&jo->fifo, 0, "jpad", hz);
650 * Skip any pad records. We do not write out pad records if we can
653 if (rawp->streamid == JREC_STREAMID_PAD) {
654 if ((jo->flags & MC_JOURNAL_WANT_FULLDUPLEX) == 0) {
655 if (jo->fifo.rindex == jo->fifo.xindex) {
656 jo->fifo.xindex += (rawp->recsize + 15) & ~15;
657 jo->total_acked += (rawp->recsize + 15) & ~15;
660 jo->fifo.rindex += (rawp->recsize + 15) & ~15;
661 jo->total_acked += bytes;
662 KKASSERT(jo->fifo.windex - jo->fifo.rindex >= 0);
667 * 'bytes' is the amount of data that can potentially be written out.
668 * Calculate 'res', the amount of data that can actually be written
669 * out. res is bounded either by hitting the end of the physical
670 * memory buffer or by hitting an incomplete record. Incomplete
671 * records often occur due to the way the space reservation model
675 avail = jo->fifo.size - (jo->fifo.rindex & jo->fifo.mask);
676 while (res < bytes && rawp->begmagic == JREC_BEGMAGIC) {
677 res += (rawp->recsize + 15) & ~15;
679 KKASSERT(res == avail);
682 rawp = (void *)((char *)rawp + ((rawp->recsize + 15) & ~15));
686 * Issue the write and deal with any errors or other conditions.
687 * For now assume blocking I/O. Since we are record-aware the
688 * code cannot yet handle partial writes.
690 * We bump rindex prior to issuing the write to avoid racing
691 * the acknowledgement coming back (which could prevent the ack
692 * from bumping xindex). Restarts are always based on xindex so
693 * we do not try to undo the rindex if an error occurs.
695 * XXX EWOULDBLOCK/NBIO
696 * XXX notification on failure
697 * XXX permanent verses temporary failures
698 * XXX two-way acknowledgement stream in the return direction / xindex
701 jo->fifo.rindex += bytes;
702 error = fp_write(jo->fp,
703 jo->fifo.membase + ((jo->fifo.rindex - bytes) & jo->fifo.mask),
706 printf("journal_thread(%s) write, error %d\n", jo->id, error);
709 KKASSERT(res == bytes);
713 * Advance rindex. If the journal stream is not full duplex we also
714 * advance xindex, otherwise the rjournal thread is responsible for
717 if ((jo->flags & MC_JOURNAL_WANT_FULLDUPLEX) == 0) {
718 jo->fifo.xindex += bytes;
719 jo->total_acked += bytes;
721 KKASSERT(jo->fifo.windex - jo->fifo.rindex >= 0);
722 if ((jo->flags & MC_JOURNAL_WANT_FULLDUPLEX) == 0) {
723 if (jo->flags & MC_JOURNAL_WWAIT) {
724 jo->flags &= ~MC_JOURNAL_WWAIT; /* XXX hysteresis */
725 wakeup(&jo->fifo.windex);
729 fp_shutdown(jo->fp, SHUT_WR);
730 jo->flags &= ~MC_JOURNAL_WACTIVE;
732 wakeup(&jo->fifo.windex);
736 * A second per-journal worker thread is created for two-way journaling
737 * streams to deal with the return acknowledgement stream.
740 journal_rthread(void *info)
742 struct journal_rawrecbeg *rawp;
743 struct journal_ackrecord ack;
744 struct journal *jo = info;
755 * We have been asked to stop
757 if (jo->flags & MC_JOURNAL_STOP_REQ)
761 * If we have no active transaction id, get one from the return
765 error = fp_read(jo->fp, &ack, sizeof(ack), &count, 1);
767 printf("fp_read ack error %d count %d\n", error, count);
769 if (error || count != sizeof(ack))
772 printf("read error %d on receive stream\n", error);
775 if (ack.rbeg.begmagic != JREC_BEGMAGIC ||
776 ack.rend.endmagic != JREC_ENDMAGIC
778 printf("bad begmagic or endmagic on receive stream\n");
781 transid = ack.rbeg.transid;
785 * Calculate the number of unacknowledged bytes. If there are no
786 * unacknowledged bytes then unsent data was acknowledged, report,
787 * sleep a bit, and loop in that case. This should not happen
788 * normally. The ack record is thrown away.
790 bytes = jo->fifo.rindex - jo->fifo.xindex;
793 printf("warning: unsent data acknowledged transid %08llx\n", transid);
794 tsleep(&jo->fifo.xindex, 0, "jrseq", hz);
800 * Since rindex has advanced, the record pointed to by xindex
801 * must be a valid record.
803 rawp = (void *)(jo->fifo.membase + (jo->fifo.xindex & jo->fifo.mask));
804 KKASSERT(rawp->begmagic == JREC_BEGMAGIC);
805 KKASSERT(rawp->recsize <= bytes);
808 * The target can acknowledge several records at once.
810 if (rawp->transid < transid) {
812 printf("ackskip %08llx/%08llx\n", rawp->transid, transid);
814 jo->fifo.xindex += (rawp->recsize + 15) & ~15;
815 jo->total_acked += (rawp->recsize + 15) & ~15;
816 if (jo->flags & MC_JOURNAL_WWAIT) {
817 jo->flags &= ~MC_JOURNAL_WWAIT; /* XXX hysteresis */
818 wakeup(&jo->fifo.windex);
822 if (rawp->transid == transid) {
824 printf("ackskip %08llx/%08llx\n", rawp->transid, transid);
826 jo->fifo.xindex += (rawp->recsize + 15) & ~15;
827 jo->total_acked += (rawp->recsize + 15) & ~15;
828 if (jo->flags & MC_JOURNAL_WWAIT) {
829 jo->flags &= ~MC_JOURNAL_WWAIT; /* XXX hysteresis */
830 wakeup(&jo->fifo.windex);
835 printf("warning: unsent data(2) acknowledged transid %08llx\n", transid);
838 jo->flags &= ~MC_JOURNAL_RACTIVE;
840 wakeup(&jo->fifo.windex);
844 * This builds a pad record which the journaling thread will skip over. Pad
845 * records are required when we are unable to reserve sufficient stream space
846 * due to insufficient space at the end of the physical memory fifo.
848 * Even though the record is not transmitted, a normal transid must be
849 * assigned to it so link recovery operations after a failure work properly.
853 journal_build_pad(struct journal_rawrecbeg *rawp, int recsize, int64_t transid)
855 struct journal_rawrecend *rendp;
857 KKASSERT((recsize & 15) == 0 && recsize >= 16);
859 rawp->streamid = JREC_STREAMID_PAD;
860 rawp->recsize = recsize; /* must be 16-byte aligned */
861 rawp->transid = transid;
863 * WARNING, rendp may overlap rawp->transid. This is necessary to
864 * allow PAD records to fit in 16 bytes. Use cpu_ccfence() to
865 * hopefully cause the compiler to not make any assumptions.
867 rendp = (void *)((char *)rawp + rawp->recsize - sizeof(*rendp));
868 rendp->endmagic = JREC_ENDMAGIC;
870 rendp->recsize = rawp->recsize;
873 * Set the begin magic last. This is what will allow the journal
874 * thread to write the record out. Use a store fence to prevent
875 * compiler and cpu reordering of the writes.
878 rawp->begmagic = JREC_BEGMAGIC;
882 * Wake up the worker thread if the FIFO is more then half full or if
883 * someone is waiting for space to be freed up. Otherwise let the
884 * heartbeat deal with it. Being able to avoid waking up the worker
885 * is the key to the journal's cpu performance.
889 journal_commit_wakeup(struct journal *jo)
893 avail = jo->fifo.size - (jo->fifo.windex - jo->fifo.xindex);
894 KKASSERT(avail >= 0);
895 if ((avail < (jo->fifo.size >> 1)) || (jo->flags & MC_JOURNAL_WWAIT))
900 * Create a new BEGIN stream record with the specified streamid and the
901 * specified amount of payload space. *rawpp will be set to point to the
902 * base of the new stream record and a pointer to the base of the payload
903 * space will be returned. *rawpp does not need to be pre-NULLd prior to
904 * making this call. The raw record header will be partially initialized.
906 * A stream can be extended, aborted, or committed by other API calls
907 * below. This may result in a sequence of potentially disconnected
908 * stream records to be output to the journaling target. The first record
909 * (the one created by this function) will be marked JREC_STREAMCTL_BEGIN,
910 * while the last record on commit or abort will be marked JREC_STREAMCTL_END
911 * (and possibly also JREC_STREAMCTL_ABORTED). The last record could wind
912 * up being the same as the first, in which case the bits are all set in
915 * The stream record is created in an incomplete state by setting the begin
916 * magic to JREC_INCOMPLETEMAGIC. This prevents the worker thread from
917 * flushing the fifo past our record until we have finished populating it.
918 * Other threads can reserve and operate on their own space without stalling
919 * but the stream output will stall until we have completed operations. The
920 * memory FIFO is intended to be large enough to absorb such situations
921 * without stalling out other threads.
925 journal_reserve(struct journal *jo, struct journal_rawrecbeg **rawpp,
926 int16_t streamid, int bytes)
928 struct journal_rawrecbeg *rawp;
934 * Add header and trailer overheads to the passed payload. Note that
935 * the passed payload size need not be aligned in any way.
937 bytes += sizeof(struct journal_rawrecbeg);
938 bytes += sizeof(struct journal_rawrecend);
942 * First, check boundary conditions. If the request would wrap around
943 * we have to skip past the ending block and return to the beginning
944 * of the FIFO's buffer. Calculate 'req' which is the actual number
945 * of bytes being reserved, including wrap-around dead space.
947 * Neither 'bytes' or 'req' are aligned.
949 * Note that availtoend is not truncated to avail and so cannot be
950 * used to determine whether the reservation is possible by itself.
951 * Also, since all fifo ops are 16-byte aligned, we can check
952 * the size before calculating the aligned size.
954 availtoend = jo->fifo.size - (jo->fifo.windex & jo->fifo.mask);
955 KKASSERT((availtoend & 15) == 0);
956 if (bytes > availtoend)
957 req = bytes + availtoend; /* add pad to end */
962 * Next calculate the total available space and see if it is
963 * sufficient. We cannot overwrite previously buffered data
964 * past xindex because otherwise we would not be able to restart
965 * a broken link at the target's last point of commit.
967 avail = jo->fifo.size - (jo->fifo.windex - jo->fifo.xindex);
968 KKASSERT(avail >= 0 && (avail & 15) == 0);
971 /* XXX MC_JOURNAL_STOP_IMM */
972 jo->flags |= MC_JOURNAL_WWAIT;
974 tsleep(&jo->fifo.windex, 0, "jwrite", 0);
979 * Create a pad record for any dead space and create an incomplete
980 * record for the live space, then return a pointer to the
981 * contiguous buffer space that was requested.
983 * NOTE: The worker thread will not flush past an incomplete
984 * record, so the reserved space can be filled in at-will. The
985 * journaling code must also be aware the reserved sections occuring
986 * after this one will also not be written out even if completed
987 * until this one is completed.
989 * The transaction id must accomodate real and potential pad creation.
991 rawp = (void *)(jo->fifo.membase + (jo->fifo.windex & jo->fifo.mask));
993 journal_build_pad(rawp, availtoend, jo->transid);
995 rawp = (void *)jo->fifo.membase;
997 rawp->begmagic = JREC_INCOMPLETEMAGIC; /* updated by abort/commit */
998 rawp->recsize = bytes; /* (unaligned size) */
999 rawp->streamid = streamid | JREC_STREAMCTL_BEGIN;
1000 rawp->transid = jo->transid;
1004 * Issue a memory barrier to guarentee that the record data has been
1005 * properly initialized before we advance the write index and return
1006 * a pointer to the reserved record. Otherwise the worker thread
1007 * could accidently run past us.
1009 * Note that stream records are always 16-byte aligned.
1012 jo->fifo.windex += (req + 15) & ~15;
1022 * Attempt to extend the stream record by <bytes> worth of payload space.
1024 * If it is possible to extend the existing stream record no truncation
1025 * occurs and the record is extended as specified. A pointer to the
1026 * truncation offset within the payload space is returned.
1028 * If it is not possible to do this the existing stream record is truncated
1029 * and committed, and a new stream record of size <bytes> is created. A
1030 * pointer to the base of the new stream record's payload space is returned.
1032 * *rawpp is set to the new reservation in the case of a new record but
1033 * the caller cannot depend on a comparison with the old rawp to determine if
1034 * this case occurs because we could end up using the same memory FIFO
1035 * offset for the new stream record. Use *newstreamrecp instead.
1038 journal_extend(struct journal *jo, struct journal_rawrecbeg **rawpp,
1039 int truncbytes, int bytes, int *newstreamrecp)
1041 struct journal_rawrecbeg *rawp;
1052 osize = (rawp->recsize + 15) & ~15;
1053 nsize = (rawp->recsize + bytes + 15) & ~15;
1054 wbase = (char *)rawp - jo->fifo.membase;
1057 * If the aligned record size does not change we can trivially adjust
1060 if (nsize == osize) {
1061 rawp->recsize += bytes;
1062 return((char *)(rawp + 1) + truncbytes);
1066 * If the fifo's write index hasn't been modified since we made the
1067 * reservation and we do not hit any boundary conditions, we can
1068 * trivially make the record smaller or larger.
1070 if ((jo->fifo.windex & jo->fifo.mask) == wbase + osize) {
1071 availtoend = jo->fifo.size - wbase;
1072 avail = jo->fifo.size - (jo->fifo.windex - jo->fifo.xindex) + osize;
1073 KKASSERT((availtoend & 15) == 0);
1074 KKASSERT((avail & 15) == 0);
1075 if (nsize <= avail && nsize <= availtoend) {
1076 jo->fifo.windex += nsize - osize;
1077 rawp->recsize += bytes;
1078 return((char *)(rawp + 1) + truncbytes);
1083 * It was not possible to extend the buffer. Commit the current
1084 * buffer and create a new one. We manually clear the BEGIN mark that
1085 * journal_reserve() creates (because this is a continuing record, not
1086 * the start of a new stream).
1088 streamid = rawp->streamid & JREC_STREAMID_MASK;
1089 journal_commit(jo, rawpp, truncbytes, 0);
1090 rptr = journal_reserve(jo, rawpp, streamid, bytes);
1092 rawp->streamid &= ~JREC_STREAMCTL_BEGIN;
1098 * Abort a journal record. If the transaction record represents a stream
1099 * BEGIN and we can reverse the fifo's write index we can simply reverse
1100 * index the entire record, as if it were never reserved in the first place.
1102 * Otherwise we set the JREC_STREAMCTL_ABORTED bit and commit the record
1103 * with the payload truncated to 0 bytes.
1106 journal_abort(struct journal *jo, struct journal_rawrecbeg **rawpp)
1108 struct journal_rawrecbeg *rawp;
1112 osize = (rawp->recsize + 15) & ~15;
1114 if ((rawp->streamid & JREC_STREAMCTL_BEGIN) &&
1115 (jo->fifo.windex & jo->fifo.mask) ==
1116 (char *)rawp - jo->fifo.membase + osize)
1118 jo->fifo.windex -= osize;
1121 rawp->streamid |= JREC_STREAMCTL_ABORTED;
1122 journal_commit(jo, rawpp, 0, 1);
1127 * Commit a journal record and potentially truncate it to the specified
1128 * number of payload bytes. If you do not want to truncate the record,
1129 * simply pass -1 for the bytes parameter. Do not pass rawp->recsize, that
1130 * field includes header and trailer and will not be correct. Note that
1131 * passing 0 will truncate the entire data payload of the record.
1133 * The logical stream is terminated by this function.
1135 * If truncation occurs, and it is not possible to physically optimize the
1136 * memory FIFO due to other threads having reserved space after ours,
1137 * the remaining reserved space will be covered by a pad record.
1140 journal_commit(struct journal *jo, struct journal_rawrecbeg **rawpp,
1141 int bytes, int closeout)
1143 struct journal_rawrecbeg *rawp;
1144 struct journal_rawrecend *rendp;
1151 KKASSERT((char *)rawp >= jo->fifo.membase &&
1152 (char *)rawp + rawp->recsize <= jo->fifo.membase + jo->fifo.size);
1153 KKASSERT(((intptr_t)rawp & 15) == 0);
1156 * Truncate the record if necessary. If the FIFO write index as still
1157 * at the end of our record we can optimally backindex it. Otherwise
1158 * we have to insert a pad record to cover the dead space.
1160 * We calculate osize which is the 16-byte-aligned original recsize.
1161 * We calculate nsize which is the 16-byte-aligned new recsize.
1163 * Due to alignment issues or in case the passed truncation bytes is
1164 * the same as the original payload, nsize may be equal to osize even
1165 * if the committed bytes is less then the originally reserved bytes.
1168 KKASSERT(bytes >= 0 && bytes <= rawp->recsize - sizeof(struct journal_rawrecbeg) - sizeof(struct journal_rawrecend));
1169 osize = (rawp->recsize + 15) & ~15;
1170 rawp->recsize = bytes + sizeof(struct journal_rawrecbeg) +
1171 sizeof(struct journal_rawrecend);
1172 nsize = (rawp->recsize + 15) & ~15;
1173 KKASSERT(nsize <= osize);
1174 if (osize == nsize) {
1176 } else if ((jo->fifo.windex & jo->fifo.mask) == (char *)rawp - jo->fifo.membase + osize) {
1177 /* we are able to backindex the fifo */
1178 jo->fifo.windex -= osize - nsize;
1180 /* we cannot backindex the fifo, emplace a pad in the dead space */
1181 journal_build_pad((void *)((char *)rawp + nsize), osize - nsize,
1187 * Fill in the trailer. Note that unlike pad records, the trailer will
1188 * never overlap the header.
1190 rendp = (void *)((char *)rawp +
1191 ((rawp->recsize + 15) & ~15) - sizeof(*rendp));
1192 rendp->endmagic = JREC_ENDMAGIC;
1193 rendp->recsize = rawp->recsize;
1194 rendp->check = 0; /* XXX check word, disabled for now */
1197 * Fill in begmagic last. This will allow the worker thread to proceed.
1198 * Use a memory barrier to guarentee write ordering. Mark the stream
1199 * as terminated if closeout is set. This is the typical case.
1202 rawp->streamid |= JREC_STREAMCTL_END;
1203 cpu_sfence(); /* memory and compiler barrier */
1204 rawp->begmagic = JREC_BEGMAGIC;
1206 journal_commit_wakeup(jo);
1209 /************************************************************************
1210 * PARALLEL TRANSACTION SUPPORT ROUTINES *
1211 ************************************************************************
1213 * JRECLIST_*() - routines which create and iterate over jrecord structures,
1214 * because a mount point may have multiple attached journals.
1218 * Initialize the passed jrecord_list and create a jrecord for each
1219 * journal we need to write to. Unnecessary mallocs are avoided by
1220 * using the passed jrecord structure as the first jrecord in the list.
1221 * A starting transaction is pushed for each jrecord.
1223 * Returns non-zero if any of the journals require undo records.
1227 jreclist_init(struct mount *mp, struct jrecord_list *jreclist,
1228 struct jrecord *jreccache, int16_t rectype)
1231 struct jrecord *jrec;
1235 TAILQ_INIT(jreclist);
1236 TAILQ_FOREACH(jo, &mp->mnt_jlist, jentry) {
1240 jrec = malloc(sizeof(*jrec), M_JOURNAL, M_WAITOK);
1241 jrecord_init(jo, jrec, -1);
1242 jrec->user_save = jrecord_push(jrec, rectype);
1243 TAILQ_INSERT_TAIL(jreclist, jrec, user_entry);
1244 if (jo->flags & MC_JOURNAL_WANT_REVERSABLE)
1252 * Terminate the journaled transactions started by jreclist_init(). If
1253 * an error occured, the transaction records will be aborted.
1257 jreclist_done(struct jrecord_list *jreclist, int error)
1259 struct jrecord *jrec;
1262 TAILQ_FOREACH(jrec, jreclist, user_entry) {
1263 jrecord_pop(jrec, jrec->user_save);
1264 jrecord_done(jrec, error);
1267 while ((jrec = TAILQ_FIRST(jreclist)) != NULL) {
1268 TAILQ_REMOVE(jreclist, jrec, user_entry);
1270 free(jrec, M_JOURNAL);
1276 * This procedure writes out UNDO records for available reversable
1279 * XXX could use improvement. There is no need to re-read the file
1284 jreclist_undo_file(struct jrecord_list *jreclist, struct vnode *vp,
1285 int jrflags, off_t off, off_t bytes)
1287 struct jrecord *jrec;
1291 if (jrflags & JRUNDO_GETVP)
1292 error = vget(vp, LK_SHARED);
1294 TAILQ_FOREACH(jrec, jreclist, user_entry) {
1295 if (jrec->jo->flags & MC_JOURNAL_WANT_REVERSABLE) {
1296 jrecord_undo_file(jrec, vp, jrflags, off, bytes);
1300 if (error == 0 && jrflags & JRUNDO_GETVP)
1304 /************************************************************************
1305 * TRANSACTION SUPPORT ROUTINES *
1306 ************************************************************************
1308 * JRECORD_*() - routines to create subrecord transactions and embed them
1309 * in the logical streams managed by the journal_*() routines.
1312 static int16_t sid = JREC_STREAMID_JMIN;
1315 * Initialize the passed jrecord structure and start a new stream transaction
1316 * by reserving an initial build space in the journal's memory FIFO.
1319 jrecord_init(struct journal *jo, struct jrecord *jrec, int16_t streamid)
1321 bzero(jrec, sizeof(*jrec));
1324 streamid = sid++; /* XXX need to track stream ids! */
1325 if (sid == JREC_STREAMID_JMAX)
1326 sid = JREC_STREAMID_JMIN;
1328 jrec->streamid = streamid;
1329 jrec->stream_residual = JREC_DEFAULTSIZE;
1330 jrec->stream_reserved = jrec->stream_residual;
1332 journal_reserve(jo, &jrec->rawp, streamid, jrec->stream_reserved);
1336 * Push a recursive record type. All pushes should have matching pops.
1337 * The old parent is returned and the newly pushed record becomes the
1338 * new parent. Note that the old parent's pointer may already be invalid
1339 * or may become invalid if jrecord_write() had to build a new stream
1340 * record, so the caller should not mess with the returned pointer in
1341 * any way other then to save it.
1344 struct journal_subrecord *
1345 jrecord_push(struct jrecord *jrec, int16_t rectype)
1347 struct journal_subrecord *save;
1349 save = jrec->parent;
1350 jrec->parent = jrecord_write(jrec, rectype|JMASK_NESTED, 0);
1352 KKASSERT(jrec->parent != NULL);
1354 ++jrec->pushptrgood; /* cleared on flush */
1359 * Pop a previously pushed sub-transaction. We must set JMASK_LAST
1360 * on the last record written within the subtransaction. If the last
1361 * record written is not accessible or if the subtransaction is empty,
1362 * we must write out a pad record with JMASK_LAST set before popping.
1364 * When popping a subtransaction the parent record's recsize field
1365 * will be properly set. If the parent pointer is no longer valid
1366 * (which can occur if the data has already been flushed out to the
1367 * stream), the protocol spec allows us to leave it 0.
1369 * The saved parent pointer which we restore may or may not be valid,
1370 * and if not valid may or may not be NULL, depending on the value
1374 jrecord_pop(struct jrecord *jrec, struct journal_subrecord *save)
1376 struct journal_subrecord *last;
1378 KKASSERT(jrec->pushcount > 0);
1379 KKASSERT(jrec->residual == 0);
1382 * Set JMASK_LAST on the last record we wrote at the current
1383 * level. If last is NULL we either no longer have access to the
1384 * record or the subtransaction was empty and we must write out a pad
1387 if ((last = jrec->last) == NULL) {
1388 jrecord_write(jrec, JLEAF_PAD|JMASK_LAST, 0);
1389 last = jrec->last; /* reload after possible flush */
1391 last->rectype |= JMASK_LAST;
1395 * pushptrgood tells us how many levels of parent record pointers
1396 * are valid. The jrec only stores the current parent record pointer
1397 * (and it is only valid if pushptrgood != 0). The higher level parent
1398 * record pointers are saved by the routines calling jrecord_push() and
1399 * jrecord_pop(). These pointers may become stale and we determine
1400 * that fact by tracking the count of valid parent pointers with
1401 * pushptrgood. Pointers become invalid when their related stream
1402 * record gets pushed out.
1404 * If no pointer is available (the data has already been pushed out),
1405 * then no fixup of e.g. the length field is possible for non-leaf
1406 * nodes. The protocol allows for this situation by placing a larger
1407 * burden on the program scanning the stream on the other end.
1414 * (pop B) see NOTE B
1415 * (pop A) see NOTE A
1417 * NOTE B: This pop sets LAST in node Z if the node is still accessible,
1418 * else a PAD record is appended and LAST is set in that.
1420 * This pop sets the record size in parentB if parentB is still
1421 * accessible, else the record size is left 0 (the scanner must
1424 * This pop sets the new 'last' record to parentB, the pointer
1425 * to which may or may not still be accessible.
1427 * NOTE A: This pop sets LAST in parentB if the node is still accessible,
1428 * else a PAD record is appended and LAST is set in that.
1430 * This pop sets the record size in parentA if parentA is still
1431 * accessible, else the record size is left 0 (the scanner must
1434 * This pop sets the new 'last' record to parentA, the pointer
1435 * to which may or may not still be accessible.
1437 * Also note that the last record in the stream transaction, which in
1438 * the above example is parentA, does not currently have the LAST bit
1441 * The current parent becomes the last record relative to the
1442 * saved parent passed into us. It's validity is based on
1443 * whether pushptrgood is non-zero prior to decrementing. The saved
1444 * parent becomes the new parent, and its validity is based on whether
1445 * pushptrgood is non-zero after decrementing.
1447 * The old jrec->parent may be NULL if it is no longer accessible.
1448 * If pushptrgood is non-zero, however, it is guarenteed to not
1449 * be NULL (since no flush occured).
1451 jrec->last = jrec->parent;
1453 if (jrec->pushptrgood) {
1454 KKASSERT(jrec->last != NULL && last != NULL);
1455 if (--jrec->pushptrgood == 0) {
1456 jrec->parent = NULL; /* 'save' contains garbage or NULL */
1458 KKASSERT(save != NULL);
1459 jrec->parent = save; /* 'save' must not be NULL */
1463 * Set the record size in the old parent. 'last' still points to
1464 * the original last record in the subtransaction being popped,
1465 * jrec->last points to the old parent (which became the last
1466 * record relative to the new parent being popped into).
1468 jrec->last->recsize = (char *)last + last->recsize - (char *)jrec->last;
1470 jrec->parent = NULL;
1471 KKASSERT(jrec->last == NULL);
1476 * Write out a leaf record, including associated data.
1480 jrecord_leaf(struct jrecord *jrec, int16_t rectype, void *ptr, int bytes)
1482 jrecord_write(jrec, rectype, bytes);
1483 jrecord_data(jrec, ptr, bytes);
1487 * Write a leaf record out and return a pointer to its base. The leaf
1488 * record may contain potentially megabytes of data which is supplied
1489 * in jrecord_data() calls. The exact amount must be specified in this
1492 * THE RETURNED SUBRECORD POINTER IS ONLY VALID IMMEDIATELY AFTER THE
1493 * CALL AND MAY BECOME INVALID AT ANY TIME. ONLY THE PUSH/POP CODE SHOULD
1494 * USE THE RETURN VALUE.
1497 struct journal_subrecord *
1498 jrecord_write(struct jrecord *jrec, int16_t rectype, int bytes)
1500 struct journal_subrecord *last;
1504 * Try to catch some obvious errors. Nesting records must specify a
1505 * size of 0, and there should be no left-overs from previous operations
1506 * (such as incomplete data writeouts).
1508 KKASSERT(bytes == 0 || (rectype & JMASK_NESTED) == 0);
1509 KKASSERT(jrec->residual == 0);
1512 * Check to see if the current stream record has enough room for
1513 * the new subrecord header. If it doesn't we extend the current
1516 * This may have the side effect of pushing out the current stream record
1517 * and creating a new one. We must adjust our stream tracking fields
1520 if (jrec->stream_residual < sizeof(struct journal_subrecord)) {
1521 jrec->stream_ptr = journal_extend(jrec->jo, &jrec->rawp,
1522 jrec->stream_reserved - jrec->stream_residual,
1523 JREC_DEFAULTSIZE, &pusheditout);
1526 * If a pushout occured, the pushed out stream record was
1527 * truncated as specified and the new record is exactly the
1528 * extension size specified.
1530 jrec->stream_reserved = JREC_DEFAULTSIZE;
1531 jrec->stream_residual = JREC_DEFAULTSIZE;
1532 jrec->parent = NULL; /* no longer accessible */
1533 jrec->pushptrgood = 0; /* restored parents in pops no good */
1536 * If no pushout occured the stream record is NOT truncated and
1539 jrec->stream_reserved += JREC_DEFAULTSIZE;
1540 jrec->stream_residual += JREC_DEFAULTSIZE;
1543 last = (void *)jrec->stream_ptr;
1544 last->rectype = rectype;
1548 * We may not know the record size for recursive records and the
1549 * header may become unavailable due to limited FIFO space. Write
1550 * -1 to indicate this special case.
1552 if ((rectype & JMASK_NESTED) && bytes == 0)
1555 last->recsize = sizeof(struct journal_subrecord) + bytes;
1557 jrec->residual = bytes; /* remaining data to be posted */
1558 jrec->residual_align = -bytes & 7; /* post-data alignment required */
1559 jrec->stream_ptr += sizeof(*last); /* current write pointer */
1560 jrec->stream_residual -= sizeof(*last); /* space remaining in stream */
1565 * Write out the data associated with a leaf record. Any number of calls
1566 * to this routine may be made as long as the byte count adds up to the
1567 * amount originally specified in jrecord_write().
1569 * The act of writing out the leaf data may result in numerous stream records
1570 * being pushed out. Callers should be aware that even the associated
1571 * subrecord header may become inaccessible due to stream record pushouts.
1574 jrecord_data(struct jrecord *jrec, const void *buf, int bytes)
1579 KKASSERT(bytes >= 0 && bytes <= jrec->residual);
1582 * Push out stream records as long as there is insufficient room to hold
1583 * the remaining data.
1585 while (jrec->stream_residual < bytes) {
1587 * Fill in any remaining space in the current stream record.
1589 bcopy(buf, jrec->stream_ptr, jrec->stream_residual);
1590 buf = (const char *)buf + jrec->stream_residual;
1591 bytes -= jrec->stream_residual;
1592 /*jrec->stream_ptr += jrec->stream_residual;*/
1593 jrec->residual -= jrec->stream_residual;
1594 jrec->stream_residual = 0;
1597 * Try to extend the current stream record, but no more then 1/4
1598 * the size of the FIFO.
1600 extsize = jrec->jo->fifo.size >> 2;
1601 if (extsize > bytes)
1602 extsize = (bytes + 15) & ~15;
1604 jrec->stream_ptr = journal_extend(jrec->jo, &jrec->rawp,
1605 jrec->stream_reserved - jrec->stream_residual,
1606 extsize, &pusheditout);
1608 jrec->stream_reserved = extsize;
1609 jrec->stream_residual = extsize;
1610 jrec->parent = NULL; /* no longer accessible */
1611 jrec->last = NULL; /* no longer accessible */
1612 jrec->pushptrgood = 0; /* restored parents in pops no good */
1614 jrec->stream_reserved += extsize;
1615 jrec->stream_residual += extsize;
1620 * Push out any remaining bytes into the current stream record.
1623 bcopy(buf, jrec->stream_ptr, bytes);
1624 jrec->stream_ptr += bytes;
1625 jrec->stream_residual -= bytes;
1626 jrec->residual -= bytes;
1630 * Handle data alignment requirements for the subrecord. Because the
1631 * stream record's data space is more strictly aligned, it must already
1632 * have sufficient space to hold any subrecord alignment slop.
1634 if (jrec->residual == 0 && jrec->residual_align) {
1635 KKASSERT(jrec->residual_align <= jrec->stream_residual);
1636 bzero(jrec->stream_ptr, jrec->residual_align);
1637 jrec->stream_ptr += jrec->residual_align;
1638 jrec->stream_residual -= jrec->residual_align;
1639 jrec->residual_align = 0;
1644 * We are finished with the transaction. This closes the transaction created
1645 * by jrecord_init().
1647 * NOTE: If abortit is not set then we must be at the top level with no
1648 * residual subrecord data left to output.
1650 * If abortit is set then we can be in any state, all pushes will be
1651 * popped and it is ok for there to be residual data. This works
1652 * because the virtual stream itself is truncated. Scanners must deal
1653 * with this situation.
1655 * The stream record will be committed or aborted as specified and jrecord
1656 * resources will be cleaned up.
1659 jrecord_done(struct jrecord *jrec, int abortit)
1661 KKASSERT(jrec->rawp != NULL);
1664 journal_abort(jrec->jo, &jrec->rawp);
1666 KKASSERT(jrec->pushcount == 0 && jrec->residual == 0);
1667 journal_commit(jrec->jo, &jrec->rawp,
1668 jrec->stream_reserved - jrec->stream_residual, 1);
1672 * jrec should not be used beyond this point without another init,
1673 * but clean up some fields to ensure that we panic if it is.
1675 * Note that jrec->rawp is NULLd out by journal_abort/journal_commit.
1678 jrec->stream_ptr = NULL;
1681 /************************************************************************
1682 * LOW LEVEL RECORD SUPPORT ROUTINES *
1683 ************************************************************************
1685 * These routine create low level recursive and leaf subrecords representing
1686 * common filesystem structures.
1690 * Write out a filename path relative to the base of the mount point.
1691 * rectype is typically JLEAF_PATH{1,2,3,4}.
1694 jrecord_write_path(struct jrecord *jrec, int16_t rectype, struct namecache *ncp)
1696 char buf[64]; /* local buffer if it fits, else malloced */
1700 struct namecache *scan;
1703 * Pass 1 - figure out the number of bytes required. Include terminating
1704 * \0 on last element and '/' separator on other elements.
1709 scan && (scan->nc_flag & NCF_MOUNTPT) == 0;
1710 scan = scan->nc_parent
1712 pathlen += scan->nc_nlen + 1;
1715 if (pathlen <= sizeof(buf))
1718 base = malloc(pathlen, M_TEMP, M_INTWAIT);
1721 * Pass 2 - generate the path buffer
1725 scan && (scan->nc_flag & NCF_MOUNTPT) == 0;
1726 scan = scan->nc_parent
1728 if (scan->nc_nlen >= index) {
1733 if (index == pathlen)
1736 base[--index] = '/';
1737 index -= scan->nc_nlen;
1738 bcopy(scan->nc_name, base + index, scan->nc_nlen);
1740 jrecord_leaf(jrec, rectype, base + index, pathlen - index);
1746 * Write out a file attribute structure. While somewhat inefficient, using
1747 * a recursive data structure is the most portable and extensible way.
1750 jrecord_write_vattr(struct jrecord *jrec, struct vattr *vat)
1754 save = jrecord_push(jrec, JTYPE_VATTR);
1755 if (vat->va_type != VNON)
1756 jrecord_leaf(jrec, JLEAF_VTYPE, &vat->va_type, sizeof(vat->va_type));
1757 if (vat->va_mode != (mode_t)VNOVAL)
1758 jrecord_leaf(jrec, JLEAF_MODES, &vat->va_mode, sizeof(vat->va_mode));
1759 if (vat->va_nlink != VNOVAL)
1760 jrecord_leaf(jrec, JLEAF_NLINK, &vat->va_nlink, sizeof(vat->va_nlink));
1761 if (vat->va_uid != VNOVAL)
1762 jrecord_leaf(jrec, JLEAF_UID, &vat->va_uid, sizeof(vat->va_uid));
1763 if (vat->va_gid != VNOVAL)
1764 jrecord_leaf(jrec, JLEAF_GID, &vat->va_gid, sizeof(vat->va_gid));
1765 if (vat->va_fsid != VNOVAL)
1766 jrecord_leaf(jrec, JLEAF_FSID, &vat->va_fsid, sizeof(vat->va_fsid));
1767 if (vat->va_fileid != VNOVAL)
1768 jrecord_leaf(jrec, JLEAF_INUM, &vat->va_fileid, sizeof(vat->va_fileid));
1769 if (vat->va_size != VNOVAL)
1770 jrecord_leaf(jrec, JLEAF_SIZE, &vat->va_size, sizeof(vat->va_size));
1771 if (vat->va_atime.tv_sec != VNOVAL)
1772 jrecord_leaf(jrec, JLEAF_ATIME, &vat->va_atime, sizeof(vat->va_atime));
1773 if (vat->va_mtime.tv_sec != VNOVAL)
1774 jrecord_leaf(jrec, JLEAF_MTIME, &vat->va_mtime, sizeof(vat->va_mtime));
1775 if (vat->va_ctime.tv_sec != VNOVAL)
1776 jrecord_leaf(jrec, JLEAF_CTIME, &vat->va_ctime, sizeof(vat->va_ctime));
1777 if (vat->va_gen != VNOVAL)
1778 jrecord_leaf(jrec, JLEAF_GEN, &vat->va_gen, sizeof(vat->va_gen));
1779 if (vat->va_flags != VNOVAL)
1780 jrecord_leaf(jrec, JLEAF_FLAGS, &vat->va_flags, sizeof(vat->va_flags));
1781 if (vat->va_rdev != VNOVAL)
1782 jrecord_leaf(jrec, JLEAF_UDEV, &vat->va_rdev, sizeof(vat->va_rdev));
1784 if (vat->va_filerev != VNOVAL)
1785 jrecord_leaf(jrec, JLEAF_FILEREV, &vat->va_filerev, sizeof(vat->va_filerev));
1787 jrecord_pop(jrec, save);
1791 * Write out the creds used to issue a file operation. If a process is
1792 * available write out additional tracking information related to the
1795 * XXX additional tracking info
1799 jrecord_write_cred(struct jrecord *jrec, struct thread *td, struct ucred *cred)
1804 save = jrecord_push(jrec, JTYPE_CRED);
1805 jrecord_leaf(jrec, JLEAF_UID, &cred->cr_uid, sizeof(cred->cr_uid));
1806 jrecord_leaf(jrec, JLEAF_GID, &cred->cr_gid, sizeof(cred->cr_gid));
1807 if (td && (p = td->td_proc) != NULL) {
1808 jrecord_leaf(jrec, JLEAF_PID, &p->p_pid, sizeof(p->p_pid));
1809 jrecord_leaf(jrec, JLEAF_COMM, p->p_comm, sizeof(p->p_comm));
1811 jrecord_pop(jrec, save);
1815 * Write out information required to identify a vnode
1817 * XXX this needs work. We should write out the inode number as well,
1818 * and in fact avoid writing out the file path for seqential writes
1819 * occuring within e.g. a certain period of time.
1822 jrecord_write_vnode_ref(struct jrecord *jrec, struct vnode *vp)
1824 struct namecache *ncp;
1826 TAILQ_FOREACH(ncp, &vp->v_namecache, nc_vnode) {
1827 if ((ncp->nc_flag & (NCF_UNRESOLVED|NCF_DESTROYED)) == 0)
1831 jrecord_write_path(jrec, JLEAF_PATH_REF, ncp);
1835 jrecord_write_vnode_link(struct jrecord *jrec, struct vnode *vp,
1836 struct namecache *notncp)
1838 struct namecache *ncp;
1840 TAILQ_FOREACH(ncp, &vp->v_namecache, nc_vnode) {
1843 if ((ncp->nc_flag & (NCF_UNRESOLVED|NCF_DESTROYED)) == 0)
1847 jrecord_write_path(jrec, JLEAF_PATH_REF, ncp);
1852 * Write out the current contents of the file within the specified
1853 * range. This is typically called from within an UNDO section. A
1854 * locked vnode must be passed.
1857 jrecord_write_filearea(struct jrecord *jrec, struct vnode *vp,
1858 off_t begoff, off_t endoff)
1864 * Write out the data represented by a pagelist
1867 jrecord_write_pagelist(struct jrecord *jrec, int16_t rectype,
1868 struct vm_page **pglist, int *rtvals, int pgcount,
1871 struct msf_buf *msf;
1877 while (i < pgcount) {
1879 * Find the next valid section. Skip any invalid elements
1881 if (rtvals[i] != VM_PAGER_OK) {
1883 offset += PAGE_SIZE;
1888 * Figure out how big the valid section is, capping I/O at what the
1889 * MSFBUF can represent.
1892 while (i < pgcount && i - b != XIO_INTERNAL_PAGES &&
1893 rtvals[i] == VM_PAGER_OK
1902 error = msf_map_pagelist(&msf, pglist + b, i - b, 0);
1904 printf("RECORD PUTPAGES %d\n", msf_buf_bytes(msf));
1905 jrecord_leaf(jrec, JLEAF_SEEKPOS, &offset, sizeof(offset));
1906 jrecord_leaf(jrec, rectype,
1907 msf_buf_kva(msf), msf_buf_bytes(msf));
1910 printf("jrecord_write_pagelist: mapping failure\n");
1912 offset += (off_t)(i - b) << PAGE_SHIFT;
1918 * Write out the data represented by a UIO.
1921 struct jrecord *jrec;
1925 static int jrecord_write_uio_callback(void *info, char *buf, int bytes);
1928 jrecord_write_uio(struct jrecord *jrec, int16_t rectype, struct uio *uio)
1930 struct jwuio_info info = { jrec, rectype };
1933 if (uio->uio_segflg != UIO_NOCOPY) {
1934 jrecord_leaf(jrec, JLEAF_SEEKPOS, &uio->uio_offset,
1935 sizeof(uio->uio_offset));
1936 error = msf_uio_iterate(uio, jrecord_write_uio_callback, &info);
1938 printf("XXX warning uio iterate failed %d\n", error);
1943 jrecord_write_uio_callback(void *info_arg, char *buf, int bytes)
1945 struct jwuio_info *info = info_arg;
1947 jrecord_leaf(info->jrec, info->rectype, buf, bytes);
1952 jrecord_file_data(struct jrecord *jrec, struct vnode *vp,
1953 off_t off, off_t bytes)
1955 const int bufsize = 8192;
1960 buf = malloc(bufsize, M_JOURNAL, M_WAITOK);
1961 jrecord_leaf(jrec, JLEAF_SEEKPOS, &off, sizeof(off));
1963 n = (bytes > bufsize) ? bufsize : (int)bytes;
1964 error = vn_rdwr(UIO_READ, vp, buf, n, off, UIO_SYSSPACE, IO_NODELOCKED,
1965 proc0.p_ucred, NULL);
1967 jrecord_leaf(jrec, JLEAF_ERROR, &error, sizeof(error));
1970 jrecord_leaf(jrec, JLEAF_FILEDATA, buf, n);
1974 free(buf, M_JOURNAL);
1977 /************************************************************************
1978 * LOW LEVEL UNDO SUPPORT ROUTINE *
1979 ************************************************************************
1981 * This function is used to support UNDO records. It will generate an
1982 * appropriate record with the requested portion of the file data. Note
1983 * that file data is only recorded if JRUNDO_FILEDATA is passed. If bytes
1984 * is -1, it will be set to the size of the file.
1987 jrecord_undo_file(struct jrecord *jrec, struct vnode *vp, int jrflags,
1988 off_t off, off_t bytes)
1991 void *save1; /* warning, save pointers do not always remain valid */
1996 * Setup. Start the UNDO record, obtain a shared lock on the vnode,
1997 * and retrieve attribute info.
1999 save1 = jrecord_push(jrec, JTYPE_UNDO);
2000 error = VOP_GETATTR(vp, &attr);
2005 * Generate UNDO records as requested.
2007 if (jrflags & JRUNDO_VATTR) {
2008 save2 = jrecord_push(jrec, JTYPE_VATTR);
2009 jrecord_leaf(jrec, JLEAF_VTYPE, &attr.va_type, sizeof(attr.va_type));
2010 if ((jrflags & JRUNDO_NLINK) && attr.va_nlink != VNOVAL)
2011 jrecord_leaf(jrec, JLEAF_NLINK, &attr.va_nlink, sizeof(attr.va_nlink));
2012 if ((jrflags & JRUNDO_SIZE) && attr.va_size != VNOVAL)
2013 jrecord_leaf(jrec, JLEAF_SIZE, &attr.va_size, sizeof(attr.va_size));
2014 if ((jrflags & JRUNDO_UID) && attr.va_uid != VNOVAL)
2015 jrecord_leaf(jrec, JLEAF_UID, &attr.va_uid, sizeof(attr.va_uid));
2016 if ((jrflags & JRUNDO_GID) && attr.va_gid != VNOVAL)
2017 jrecord_leaf(jrec, JLEAF_GID, &attr.va_gid, sizeof(attr.va_gid));
2018 if ((jrflags & JRUNDO_FSID) && attr.va_fsid != VNOVAL)
2019 jrecord_leaf(jrec, JLEAF_FSID, &attr.va_fsid, sizeof(attr.va_fsid));
2020 if ((jrflags & JRUNDO_MODES) && attr.va_mode != (mode_t)VNOVAL)
2021 jrecord_leaf(jrec, JLEAF_MODES, &attr.va_mode, sizeof(attr.va_mode));
2022 if ((jrflags & JRUNDO_INUM) && attr.va_fileid != VNOVAL)
2023 jrecord_leaf(jrec, JLEAF_INUM, &attr.va_fileid, sizeof(attr.va_fileid));
2024 if ((jrflags & JRUNDO_ATIME) && attr.va_atime.tv_sec != VNOVAL)
2025 jrecord_leaf(jrec, JLEAF_ATIME, &attr.va_atime, sizeof(attr.va_atime));
2026 if ((jrflags & JRUNDO_MTIME) && attr.va_mtime.tv_sec != VNOVAL)
2027 jrecord_leaf(jrec, JLEAF_MTIME, &attr.va_mtime, sizeof(attr.va_mtime));
2028 if ((jrflags & JRUNDO_CTIME) && attr.va_ctime.tv_sec != VNOVAL)
2029 jrecord_leaf(jrec, JLEAF_CTIME, &attr.va_ctime, sizeof(attr.va_ctime));
2030 if ((jrflags & JRUNDO_GEN) && attr.va_gen != VNOVAL)
2031 jrecord_leaf(jrec, JLEAF_GEN, &attr.va_gen, sizeof(attr.va_gen));
2032 if ((jrflags & JRUNDO_FLAGS) && attr.va_flags != VNOVAL)
2033 jrecord_leaf(jrec, JLEAF_FLAGS, &attr.va_flags, sizeof(attr.va_flags));
2034 if ((jrflags & JRUNDO_UDEV) && attr.va_rdev != VNOVAL)
2035 jrecord_leaf(jrec, JLEAF_UDEV, &attr.va_rdev, sizeof(attr.va_rdev));
2036 jrecord_pop(jrec, save2);
2040 * Output the file data being overwritten by reading the file and
2041 * writing it out to the journal prior to the write operation. We
2042 * do not need to write out data past the current file EOF.
2044 * XXX support JRUNDO_CONDLINK - do not write out file data for files
2045 * with a link count > 1. The undo code needs to locate the inode and
2046 * regenerate the hardlink.
2048 if ((jrflags & JRUNDO_FILEDATA) && attr.va_type == VREG) {
2049 if (attr.va_size != VNOVAL) {
2051 bytes = attr.va_size - off;
2052 if (off + bytes > attr.va_size)
2053 bytes = attr.va_size - off;
2055 jrecord_file_data(jrec, vp, off, bytes);
2060 if ((jrflags & JRUNDO_FILEDATA) && attr.va_type == VLNK) {
2065 buf = malloc(PATH_MAX, M_JOURNAL, M_WAITOK);
2066 aiov.iov_base = buf;
2067 aiov.iov_len = PATH_MAX;
2068 auio.uio_iov = &aiov;
2069 auio.uio_iovcnt = 1;
2070 auio.uio_offset = 0;
2071 auio.uio_rw = UIO_READ;
2072 auio.uio_segflg = UIO_SYSSPACE;
2073 auio.uio_td = curthread;
2074 auio.uio_resid = PATH_MAX;
2075 error = VOP_READLINK(vp, &auio, proc0.p_ucred);
2077 jrecord_leaf(jrec, JLEAF_SYMLINKDATA, buf,
2078 PATH_MAX - auio.uio_resid);
2080 free(buf, M_JOURNAL);
2084 jrecord_leaf(jrec, JLEAF_ERROR, &error, sizeof(error));
2085 jrecord_pop(jrec, save1);
2088 /************************************************************************
2090 ************************************************************************
2092 * These are function shims replacing the normal filesystem ops. We become
2093 * responsible for calling the underlying filesystem ops. We have the choice
2094 * of executing the underlying op first and then generating the journal entry,
2095 * or starting the journal entry, executing the underlying op, and then
2096 * either completing or aborting it.
2098 * The journal is supposed to be a high-level entity, which generally means
2099 * identifying files by name rather then by inode. Supplying both allows
2100 * the journal to be used both for inode-number-compatible 'mirrors' and
2101 * for simple filesystem replication.
2103 * Writes are particularly difficult to deal with because a single write may
2104 * represent a hundred megabyte buffer or more, and both writes and truncations
2105 * require the 'old' data to be written out as well as the new data if the
2106 * log is reversable. Other issues:
2108 * - How to deal with operations on unlinked files (no path available),
2109 * but which may still be filesystem visible due to hard links.
2111 * - How to deal with modifications made via a memory map.
2113 * - Future cache coherency support will require cache coherency API calls
2114 * both prior to and after the call to the underlying VFS.
2116 * ALSO NOTE: We do not have to shim compatibility VOPs like MKDIR which have
2117 * new VFS equivalents (NMKDIR).
2121 * Journal vop_settattr { a_vp, a_vap, a_cred, a_td }
2125 journal_setattr(struct vop_setattr_args *ap)
2127 struct jrecord_list jreclist;
2128 struct jrecord jreccache;
2129 struct jrecord *jrec;
2134 mp = ap->a_head.a_ops->vv_mount;
2135 if (jreclist_init(mp, &jreclist, &jreccache, JTYPE_SETATTR)) {
2136 jreclist_undo_file(&jreclist, ap->a_vp, JRUNDO_VATTR, 0, 0);
2138 error = vop_journal_operate_ap(&ap->a_head);
2140 TAILQ_FOREACH(jrec, &jreclist, user_entry) {
2141 jrecord_write_cred(jrec, curthread, ap->a_cred);
2142 jrecord_write_vnode_ref(jrec, ap->a_vp);
2143 save = jrecord_push(jrec, JTYPE_REDO);
2144 jrecord_write_vattr(jrec, ap->a_vap);
2145 jrecord_pop(jrec, save);
2148 jreclist_done(&jreclist, error);
2153 * Journal vop_write { a_vp, a_uio, a_ioflag, a_cred }
2157 journal_write(struct vop_write_args *ap)
2159 struct jrecord_list jreclist;
2160 struct jrecord jreccache;
2161 struct jrecord *jrec;
2163 struct uio uio_copy;
2164 struct iovec uio_one_iovec;
2169 * This is really nasty. UIO's don't retain sufficient information to
2170 * be reusable once they've gone through the VOP chain. The iovecs get
2171 * cleared, so we have to copy the UIO.
2173 * XXX fix the UIO code to not destroy iov's during a scan so we can
2174 * reuse the uio over and over again.
2176 * XXX UNDO code needs to journal the old data prior to the write.
2178 uio_copy = *ap->a_uio;
2179 if (uio_copy.uio_iovcnt == 1) {
2180 uio_one_iovec = ap->a_uio->uio_iov[0];
2181 uio_copy.uio_iov = &uio_one_iovec;
2183 uio_copy.uio_iov = malloc(uio_copy.uio_iovcnt * sizeof(struct iovec),
2184 M_JOURNAL, M_WAITOK);
2185 bcopy(ap->a_uio->uio_iov, uio_copy.uio_iov,
2186 uio_copy.uio_iovcnt * sizeof(struct iovec));
2190 * Write out undo data. Note that uio_offset is incorrect if
2191 * IO_APPEND is set, but fortunately we have no undo file data to
2192 * write out in that case.
2194 mp = ap->a_head.a_ops->vv_mount;
2195 if (jreclist_init(mp, &jreclist, &jreccache, JTYPE_WRITE)) {
2196 if (ap->a_ioflag & IO_APPEND) {
2197 jreclist_undo_file(&jreclist, ap->a_vp, JRUNDO_SIZE|JRUNDO_MTIME, 0, 0);
2199 jreclist_undo_file(&jreclist, ap->a_vp,
2200 JRUNDO_FILEDATA|JRUNDO_SIZE|JRUNDO_MTIME,
2201 uio_copy.uio_offset, uio_copy.uio_resid);
2204 error = vop_journal_operate_ap(&ap->a_head);
2207 * XXX bad hack to figure out the offset for O_APPEND writes (note:
2208 * uio field state after the VFS operation).
2210 uio_copy.uio_offset = ap->a_uio->uio_offset -
2211 (uio_copy.uio_resid - ap->a_uio->uio_resid);
2214 * Output the write data to the journal.
2217 TAILQ_FOREACH(jrec, &jreclist, user_entry) {
2218 jrecord_write_cred(jrec, NULL, ap->a_cred);
2219 jrecord_write_vnode_ref(jrec, ap->a_vp);
2220 save = jrecord_push(jrec, JTYPE_REDO);
2221 jrecord_write_uio(jrec, JLEAF_FILEDATA, &uio_copy);
2222 jrecord_pop(jrec, save);
2225 jreclist_done(&jreclist, error);
2227 if (uio_copy.uio_iov != &uio_one_iovec)
2228 free(uio_copy.uio_iov, M_JOURNAL);
2233 * Journal vop_fsync { a_vp, a_waitfor, a_td }
2237 journal_fsync(struct vop_fsync_args *ap)
2245 error = vop_journal_operate_ap(&ap->a_head);
2247 mp = ap->a_head.a_ops->vv_mount;
2249 TAILQ_FOREACH(jo, &mp->mnt_jlist, jentry) {
2250 /* XXX synchronize pending journal records */
2258 * Journal vop_putpages { a_vp, a_m, a_count, a_sync, a_rtvals, a_offset }
2260 * note: a_count is in bytes.
2264 journal_putpages(struct vop_putpages_args *ap)
2266 struct jrecord_list jreclist;
2267 struct jrecord jreccache;
2268 struct jrecord *jrec;
2273 mp = ap->a_head.a_ops->vv_mount;
2274 if (jreclist_init(mp, &jreclist, &jreccache, JTYPE_PUTPAGES) &&
2277 jreclist_undo_file(&jreclist, ap->a_vp,
2278 JRUNDO_FILEDATA|JRUNDO_SIZE|JRUNDO_MTIME,
2279 ap->a_offset, btoc(ap->a_count));
2281 error = vop_journal_operate_ap(&ap->a_head);
2282 if (error == 0 && ap->a_count > 0) {
2283 TAILQ_FOREACH(jrec, &jreclist, user_entry) {
2284 jrecord_write_vnode_ref(jrec, ap->a_vp);
2285 save = jrecord_push(jrec, JTYPE_REDO);
2286 jrecord_write_pagelist(jrec, JLEAF_FILEDATA, ap->a_m, ap->a_rtvals,
2287 btoc(ap->a_count), ap->a_offset);
2288 jrecord_pop(jrec, save);
2291 jreclist_done(&jreclist, error);
2296 * Journal vop_setacl { a_vp, a_type, a_aclp, a_cred, a_td }
2300 journal_setacl(struct vop_setacl_args *ap)
2302 struct jrecord_list jreclist;
2303 struct jrecord jreccache;
2304 struct jrecord *jrec;
2308 mp = ap->a_head.a_ops->vv_mount;
2309 jreclist_init(mp, &jreclist, &jreccache, JTYPE_SETACL);
2310 error = vop_journal_operate_ap(&ap->a_head);
2312 TAILQ_FOREACH(jrec, &jreclist, user_entry) {
2314 if ((jo->flags & MC_JOURNAL_WANT_REVERSABLE))
2315 jrecord_undo_file(jrec, ap->a_vp, JRUNDO_XXX, 0, 0);
2317 jrecord_write_cred(jrec, curthread, ap->a_cred);
2318 jrecord_write_vnode_ref(jrec, ap->a_vp);
2320 save = jrecord_push(jrec, JTYPE_REDO);
2321 /* XXX type, aclp */
2322 jrecord_pop(jrec, save);
2326 jreclist_done(&jreclist, error);
2331 * Journal vop_setextattr { a_vp, a_name, a_uio, a_cred, a_td }
2335 journal_setextattr(struct vop_setextattr_args *ap)
2337 struct jrecord_list jreclist;
2338 struct jrecord jreccache;
2339 struct jrecord *jrec;
2344 mp = ap->a_head.a_ops->vv_mount;
2345 jreclist_init(mp, &jreclist, &jreccache, JTYPE_SETEXTATTR);
2346 error = vop_journal_operate_ap(&ap->a_head);
2348 TAILQ_FOREACH(jrec, &jreclist, user_entry) {
2350 if ((jo->flags & MC_JOURNAL_WANT_REVERSABLE))
2351 jrecord_undo_file(jrec, ap->a_vp, JRUNDO_XXX, 0, 0);
2353 jrecord_write_cred(jrec, curthread, ap->a_cred);
2354 jrecord_write_vnode_ref(jrec, ap->a_vp);
2355 jrecord_leaf(jrec, JLEAF_ATTRNAME, ap->a_name, strlen(ap->a_name));
2356 save = jrecord_push(jrec, JTYPE_REDO);
2357 jrecord_write_uio(jrec, JLEAF_FILEDATA, ap->a_uio);
2358 jrecord_pop(jrec, save);
2361 jreclist_done(&jreclist, error);
2366 * Journal vop_ncreate { a_ncp, a_vpp, a_cred, a_vap }
2370 journal_ncreate(struct vop_ncreate_args *ap)
2372 struct jrecord_list jreclist;
2373 struct jrecord jreccache;
2374 struct jrecord *jrec;
2379 mp = ap->a_head.a_ops->vv_mount;
2380 jreclist_init(mp, &jreclist, &jreccache, JTYPE_CREATE);
2381 error = vop_journal_operate_ap(&ap->a_head);
2383 TAILQ_FOREACH(jrec, &jreclist, user_entry) {
2384 jrecord_write_cred(jrec, NULL, ap->a_cred);
2385 jrecord_write_path(jrec, JLEAF_PATH1, ap->a_ncp);
2387 jrecord_write_vnode_ref(jrec, *ap->a_vpp);
2388 save = jrecord_push(jrec, JTYPE_REDO);
2389 jrecord_write_vattr(jrec, ap->a_vap);
2390 jrecord_pop(jrec, save);
2393 jreclist_done(&jreclist, error);
2398 * Journal vop_nmknod { a_ncp, a_vpp, a_cred, a_vap }
2402 journal_nmknod(struct vop_nmknod_args *ap)
2404 struct jrecord_list jreclist;
2405 struct jrecord jreccache;
2406 struct jrecord *jrec;
2411 mp = ap->a_head.a_ops->vv_mount;
2412 jreclist_init(mp, &jreclist, &jreccache, JTYPE_MKNOD);
2413 error = vop_journal_operate_ap(&ap->a_head);
2415 TAILQ_FOREACH(jrec, &jreclist, user_entry) {
2416 jrecord_write_cred(jrec, NULL, ap->a_cred);
2417 jrecord_write_path(jrec, JLEAF_PATH1, ap->a_ncp);
2418 save = jrecord_push(jrec, JTYPE_REDO);
2419 jrecord_write_vattr(jrec, ap->a_vap);
2420 jrecord_pop(jrec, save);
2422 jrecord_write_vnode_ref(jrec, *ap->a_vpp);
2425 jreclist_done(&jreclist, error);
2430 * Journal vop_nlink { a_ncp, a_vp, a_cred }
2434 journal_nlink(struct vop_nlink_args *ap)
2436 struct jrecord_list jreclist;
2437 struct jrecord jreccache;
2438 struct jrecord *jrec;
2443 mp = ap->a_head.a_ops->vv_mount;
2444 jreclist_init(mp, &jreclist, &jreccache, JTYPE_LINK);
2445 error = vop_journal_operate_ap(&ap->a_head);
2447 TAILQ_FOREACH(jrec, &jreclist, user_entry) {
2448 jrecord_write_cred(jrec, NULL, ap->a_cred);
2449 jrecord_write_path(jrec, JLEAF_PATH1, ap->a_ncp);
2450 /* XXX PATH to VP and inode number */
2451 /* XXX this call may not record the correct path when
2452 * multiple paths are available */
2453 save = jrecord_push(jrec, JTYPE_REDO);
2454 jrecord_write_vnode_link(jrec, ap->a_vp, ap->a_ncp);
2455 jrecord_pop(jrec, save);
2458 jreclist_done(&jreclist, error);
2463 * Journal vop_symlink { a_ncp, a_vpp, a_cred, a_vap, a_target }
2467 journal_nsymlink(struct vop_nsymlink_args *ap)
2469 struct jrecord_list jreclist;
2470 struct jrecord jreccache;
2471 struct jrecord *jrec;
2476 mp = ap->a_head.a_ops->vv_mount;
2477 jreclist_init(mp, &jreclist, &jreccache, JTYPE_SYMLINK);
2478 error = vop_journal_operate_ap(&ap->a_head);
2480 TAILQ_FOREACH(jrec, &jreclist, user_entry) {
2481 jrecord_write_cred(jrec, NULL, ap->a_cred);
2482 jrecord_write_path(jrec, JLEAF_PATH1, ap->a_ncp);
2483 save = jrecord_push(jrec, JTYPE_REDO);
2484 jrecord_leaf(jrec, JLEAF_SYMLINKDATA,
2485 ap->a_target, strlen(ap->a_target));
2486 jrecord_pop(jrec, save);
2488 jrecord_write_vnode_ref(jrec, *ap->a_vpp);
2491 jreclist_done(&jreclist, error);
2496 * Journal vop_nwhiteout { a_ncp, a_cred, a_flags }
2500 journal_nwhiteout(struct vop_nwhiteout_args *ap)
2502 struct jrecord_list jreclist;
2503 struct jrecord jreccache;
2504 struct jrecord *jrec;
2508 mp = ap->a_head.a_ops->vv_mount;
2509 jreclist_init(mp, &jreclist, &jreccache, JTYPE_WHITEOUT);
2510 error = vop_journal_operate_ap(&ap->a_head);
2512 TAILQ_FOREACH(jrec, &jreclist, user_entry) {
2513 jrecord_write_cred(jrec, NULL, ap->a_cred);
2514 jrecord_write_path(jrec, JLEAF_PATH1, ap->a_ncp);
2517 jreclist_done(&jreclist, error);
2522 * Journal vop_nremove { a_ncp, a_cred }
2526 journal_nremove(struct vop_nremove_args *ap)
2528 struct jrecord_list jreclist;
2529 struct jrecord jreccache;
2530 struct jrecord *jrec;
2534 mp = ap->a_head.a_ops->vv_mount;
2535 if (jreclist_init(mp, &jreclist, &jreccache, JTYPE_REMOVE) &&
2538 jreclist_undo_file(&jreclist, ap->a_ncp->nc_vp,
2539 JRUNDO_ALL|JRUNDO_GETVP|JRUNDO_CONDLINK, 0, -1);
2541 error = vop_journal_operate_ap(&ap->a_head);
2543 TAILQ_FOREACH(jrec, &jreclist, user_entry) {
2544 jrecord_write_cred(jrec, NULL, ap->a_cred);
2545 jrecord_write_path(jrec, JLEAF_PATH1, ap->a_ncp);
2548 jreclist_done(&jreclist, error);
2553 * Journal vop_nmkdir { a_ncp, a_vpp, a_cred, a_vap }
2557 journal_nmkdir(struct vop_nmkdir_args *ap)
2559 struct jrecord_list jreclist;
2560 struct jrecord jreccache;
2561 struct jrecord *jrec;
2565 mp = ap->a_head.a_ops->vv_mount;
2566 jreclist_init(mp, &jreclist, &jreccache, JTYPE_MKDIR);
2567 error = vop_journal_operate_ap(&ap->a_head);
2569 TAILQ_FOREACH(jrec, &jreclist, user_entry) {
2571 if (jo->flags & MC_JOURNAL_WANT_AUDIT) {
2572 jrecord_write_audit(jrec);
2575 jrecord_write_path(jrec, JLEAF_PATH1, ap->a_ncp);
2576 jrecord_write_cred(jrec, NULL, ap->a_cred);
2577 jrecord_write_vattr(jrec, ap->a_vap);
2578 jrecord_write_path(jrec, JLEAF_PATH1, ap->a_ncp);
2580 jrecord_write_vnode_ref(jrec, *ap->a_vpp);
2583 jreclist_done(&jreclist, error);
2588 * Journal vop_nrmdir { a_ncp, a_cred }
2592 journal_nrmdir(struct vop_nrmdir_args *ap)
2594 struct jrecord_list jreclist;
2595 struct jrecord jreccache;
2596 struct jrecord *jrec;
2600 mp = ap->a_head.a_ops->vv_mount;
2601 if (jreclist_init(mp, &jreclist, &jreccache, JTYPE_RMDIR)) {
2602 jreclist_undo_file(&jreclist, ap->a_ncp->nc_vp,
2603 JRUNDO_VATTR|JRUNDO_GETVP, 0, 0);
2605 error = vop_journal_operate_ap(&ap->a_head);
2607 TAILQ_FOREACH(jrec, &jreclist, user_entry) {
2608 jrecord_write_cred(jrec, NULL, ap->a_cred);
2609 jrecord_write_path(jrec, JLEAF_PATH1, ap->a_ncp);
2612 jreclist_done(&jreclist, error);
2617 * Journal vop_nrename { a_fncp, a_tncp, a_cred }
2621 journal_nrename(struct vop_nrename_args *ap)
2623 struct jrecord_list jreclist;
2624 struct jrecord jreccache;
2625 struct jrecord *jrec;
2629 mp = ap->a_head.a_ops->vv_mount;
2630 if (jreclist_init(mp, &jreclist, &jreccache, JTYPE_RENAME) &&
2633 jreclist_undo_file(&jreclist, ap->a_tncp->nc_vp,
2634 JRUNDO_ALL|JRUNDO_GETVP|JRUNDO_CONDLINK, 0, -1);
2636 error = vop_journal_operate_ap(&ap->a_head);
2638 TAILQ_FOREACH(jrec, &jreclist, user_entry) {
2639 jrecord_write_cred(jrec, NULL, ap->a_cred);
2640 jrecord_write_path(jrec, JLEAF_PATH1, ap->a_fncp);
2641 jrecord_write_path(jrec, JLEAF_PATH2, ap->a_tncp);
2644 jreclist_done(&jreclist, error);
projects / dragonfly.git / blob