ceph: fix null pointer dereference
[linux-3.10.git] / fs / ceph / mds_client.c
1 #include <linux/ceph/ceph_debug.h>
2
3 #include <linux/fs.h>
4 #include <linux/wait.h>
5 #include <linux/slab.h>
6 #include <linux/sched.h>
7 #include <linux/debugfs.h>
8 #include <linux/seq_file.h>
9
10 #include "super.h"
11 #include "mds_client.h"
12
13 #include <linux/ceph/ceph_features.h>
14 #include <linux/ceph/messenger.h>
15 #include <linux/ceph/decode.h>
16 #include <linux/ceph/pagelist.h>
17 #include <linux/ceph/auth.h>
18 #include <linux/ceph/debugfs.h>
19
20 /*
21  * A cluster of MDS (metadata server) daemons is responsible for
22  * managing the file system namespace (the directory hierarchy and
23  * inodes) and for coordinating shared access to storage.  Metadata is
24  * partitioning hierarchically across a number of servers, and that
25  * partition varies over time as the cluster adjusts the distribution
26  * in order to balance load.
27  *
28  * The MDS client is primarily responsible to managing synchronous
29  * metadata requests for operations like open, unlink, and so forth.
30  * If there is a MDS failure, we find out about it when we (possibly
31  * request and) receive a new MDS map, and can resubmit affected
32  * requests.
33  *
34  * For the most part, though, we take advantage of a lossless
35  * communications channel to the MDS, and do not need to worry about
36  * timing out or resubmitting requests.
37  *
38  * We maintain a stateful "session" with each MDS we interact with.
39  * Within each session, we sent periodic heartbeat messages to ensure
40  * any capabilities or leases we have been issues remain valid.  If
41  * the session times out and goes stale, our leases and capabilities
42  * are no longer valid.
43  */
44
45 struct ceph_reconnect_state {
46         struct ceph_pagelist *pagelist;
47         bool flock;
48 };
49
50 static void __wake_requests(struct ceph_mds_client *mdsc,
51                             struct list_head *head);
52
53 static const struct ceph_connection_operations mds_con_ops;
54
55
56 /*
57  * mds reply parsing
58  */
59
60 /*
61  * parse individual inode info
62  */
63 static int parse_reply_info_in(void **p, void *end,
64                                struct ceph_mds_reply_info_in *info,
65                                int features)
66 {
67         int err = -EIO;
68
69         info->in = *p;
70         *p += sizeof(struct ceph_mds_reply_inode) +
71                 sizeof(*info->in->fragtree.splits) *
72                 le32_to_cpu(info->in->fragtree.nsplits);
73
74         ceph_decode_32_safe(p, end, info->symlink_len, bad);
75         ceph_decode_need(p, end, info->symlink_len, bad);
76         info->symlink = *p;
77         *p += info->symlink_len;
78
79         if (features & CEPH_FEATURE_DIRLAYOUTHASH)
80                 ceph_decode_copy_safe(p, end, &info->dir_layout,
81                                       sizeof(info->dir_layout), bad);
82         else
83                 memset(&info->dir_layout, 0, sizeof(info->dir_layout));
84
85         ceph_decode_32_safe(p, end, info->xattr_len, bad);
86         ceph_decode_need(p, end, info->xattr_len, bad);
87         info->xattr_data = *p;
88         *p += info->xattr_len;
89         return 0;
90 bad:
91         return err;
92 }
93
94 /*
95  * parse a normal reply, which may contain a (dir+)dentry and/or a
96  * target inode.
97  */
98 static int parse_reply_info_trace(void **p, void *end,
99                                   struct ceph_mds_reply_info_parsed *info,
100                                   int features)
101 {
102         int err;
103
104         if (info->head->is_dentry) {
105                 err = parse_reply_info_in(p, end, &info->diri, features);
106                 if (err < 0)
107                         goto out_bad;
108
109                 if (unlikely(*p + sizeof(*info->dirfrag) > end))
110                         goto bad;
111                 info->dirfrag = *p;
112                 *p += sizeof(*info->dirfrag) +
113                         sizeof(u32)*le32_to_cpu(info->dirfrag->ndist);
114                 if (unlikely(*p > end))
115                         goto bad;
116
117                 ceph_decode_32_safe(p, end, info->dname_len, bad);
118                 ceph_decode_need(p, end, info->dname_len, bad);
119                 info->dname = *p;
120                 *p += info->dname_len;
121                 info->dlease = *p;
122                 *p += sizeof(*info->dlease);
123         }
124
125         if (info->head->is_target) {
126                 err = parse_reply_info_in(p, end, &info->targeti, features);
127                 if (err < 0)
128                         goto out_bad;
129         }
130
131         if (unlikely(*p != end))
132                 goto bad;
133         return 0;
134
135 bad:
136         err = -EIO;
137 out_bad:
138         pr_err("problem parsing mds trace %d\n", err);
139         return err;
140 }
141
142 /*
143  * parse readdir results
144  */
145 static int parse_reply_info_dir(void **p, void *end,
146                                 struct ceph_mds_reply_info_parsed *info,
147                                 int features)
148 {
149         u32 num, i = 0;
150         int err;
151
152         info->dir_dir = *p;
153         if (*p + sizeof(*info->dir_dir) > end)
154                 goto bad;
155         *p += sizeof(*info->dir_dir) +
156                 sizeof(u32)*le32_to_cpu(info->dir_dir->ndist);
157         if (*p > end)
158                 goto bad;
159
160         ceph_decode_need(p, end, sizeof(num) + 2, bad);
161         num = ceph_decode_32(p);
162         info->dir_end = ceph_decode_8(p);
163         info->dir_complete = ceph_decode_8(p);
164         if (num == 0)
165                 goto done;
166
167         /* alloc large array */
168         info->dir_nr = num;
169         info->dir_in = kcalloc(num, sizeof(*info->dir_in) +
170                                sizeof(*info->dir_dname) +
171                                sizeof(*info->dir_dname_len) +
172                                sizeof(*info->dir_dlease),
173                                GFP_NOFS);
174         if (info->dir_in == NULL) {
175                 err = -ENOMEM;
176                 goto out_bad;
177         }
178         info->dir_dname = (void *)(info->dir_in + num);
179         info->dir_dname_len = (void *)(info->dir_dname + num);
180         info->dir_dlease = (void *)(info->dir_dname_len + num);
181
182         while (num) {
183                 /* dentry */
184                 ceph_decode_need(p, end, sizeof(u32)*2, bad);
185                 info->dir_dname_len[i] = ceph_decode_32(p);
186                 ceph_decode_need(p, end, info->dir_dname_len[i], bad);
187                 info->dir_dname[i] = *p;
188                 *p += info->dir_dname_len[i];
189                 dout("parsed dir dname '%.*s'\n", info->dir_dname_len[i],
190                      info->dir_dname[i]);
191                 info->dir_dlease[i] = *p;
192                 *p += sizeof(struct ceph_mds_reply_lease);
193
194                 /* inode */
195                 err = parse_reply_info_in(p, end, &info->dir_in[i], features);
196                 if (err < 0)
197                         goto out_bad;
198                 i++;
199                 num--;
200         }
201
202 done:
203         if (*p != end)
204                 goto bad;
205         return 0;
206
207 bad:
208         err = -EIO;
209 out_bad:
210         pr_err("problem parsing dir contents %d\n", err);
211         return err;
212 }
213
214 /*
215  * parse fcntl F_GETLK results
216  */
217 static int parse_reply_info_filelock(void **p, void *end,
218                                      struct ceph_mds_reply_info_parsed *info,
219                                      int features)
220 {
221         if (*p + sizeof(*info->filelock_reply) > end)
222                 goto bad;
223
224         info->filelock_reply = *p;
225         *p += sizeof(*info->filelock_reply);
226
227         if (unlikely(*p != end))
228                 goto bad;
229         return 0;
230
231 bad:
232         return -EIO;
233 }
234
235 /*
236  * parse create results
237  */
238 static int parse_reply_info_create(void **p, void *end,
239                                   struct ceph_mds_reply_info_parsed *info,
240                                   int features)
241 {
242         if (features & CEPH_FEATURE_REPLY_CREATE_INODE) {
243                 if (*p == end) {
244                         info->has_create_ino = false;
245                 } else {
246                         info->has_create_ino = true;
247                         info->ino = ceph_decode_64(p);
248                 }
249         }
250
251         if (unlikely(*p != end))
252                 goto bad;
253         return 0;
254
255 bad:
256         return -EIO;
257 }
258
259 /*
260  * parse extra results
261  */
262 static int parse_reply_info_extra(void **p, void *end,
263                                   struct ceph_mds_reply_info_parsed *info,
264                                   int features)
265 {
266         if (info->head->op == CEPH_MDS_OP_GETFILELOCK)
267                 return parse_reply_info_filelock(p, end, info, features);
268         else if (info->head->op == CEPH_MDS_OP_READDIR ||
269                  info->head->op == CEPH_MDS_OP_LSSNAP)
270                 return parse_reply_info_dir(p, end, info, features);
271         else if (info->head->op == CEPH_MDS_OP_CREATE)
272                 return parse_reply_info_create(p, end, info, features);
273         else
274                 return -EIO;
275 }
276
277 /*
278  * parse entire mds reply
279  */
280 static int parse_reply_info(struct ceph_msg *msg,
281                             struct ceph_mds_reply_info_parsed *info,
282                             int features)
283 {
284         void *p, *end;
285         u32 len;
286         int err;
287
288         info->head = msg->front.iov_base;
289         p = msg->front.iov_base + sizeof(struct ceph_mds_reply_head);
290         end = p + msg->front.iov_len - sizeof(struct ceph_mds_reply_head);
291
292         /* trace */
293         ceph_decode_32_safe(&p, end, len, bad);
294         if (len > 0) {
295                 ceph_decode_need(&p, end, len, bad);
296                 err = parse_reply_info_trace(&p, p+len, info, features);
297                 if (err < 0)
298                         goto out_bad;
299         }
300
301         /* extra */
302         ceph_decode_32_safe(&p, end, len, bad);
303         if (len > 0) {
304                 ceph_decode_need(&p, end, len, bad);
305                 err = parse_reply_info_extra(&p, p+len, info, features);
306                 if (err < 0)
307                         goto out_bad;
308         }
309
310         /* snap blob */
311         ceph_decode_32_safe(&p, end, len, bad);
312         info->snapblob_len = len;
313         info->snapblob = p;
314         p += len;
315
316         if (p != end)
317                 goto bad;
318         return 0;
319
320 bad:
321         err = -EIO;
322 out_bad:
323         pr_err("mds parse_reply err %d\n", err);
324         return err;
325 }
326
327 static void destroy_reply_info(struct ceph_mds_reply_info_parsed *info)
328 {
329         kfree(info->dir_in);
330 }
331
332
333 /*
334  * sessions
335  */
336 static const char *session_state_name(int s)
337 {
338         switch (s) {
339         case CEPH_MDS_SESSION_NEW: return "new";
340         case CEPH_MDS_SESSION_OPENING: return "opening";
341         case CEPH_MDS_SESSION_OPEN: return "open";
342         case CEPH_MDS_SESSION_HUNG: return "hung";
343         case CEPH_MDS_SESSION_CLOSING: return "closing";
344         case CEPH_MDS_SESSION_RESTARTING: return "restarting";
345         case CEPH_MDS_SESSION_RECONNECTING: return "reconnecting";
346         default: return "???";
347         }
348 }
349
350 static struct ceph_mds_session *get_session(struct ceph_mds_session *s)
351 {
352         if (atomic_inc_not_zero(&s->s_ref)) {
353                 dout("mdsc get_session %p %d -> %d\n", s,
354                      atomic_read(&s->s_ref)-1, atomic_read(&s->s_ref));
355                 return s;
356         } else {
357                 dout("mdsc get_session %p 0 -- FAIL", s);
358                 return NULL;
359         }
360 }
361
362 void ceph_put_mds_session(struct ceph_mds_session *s)
363 {
364         dout("mdsc put_session %p %d -> %d\n", s,
365              atomic_read(&s->s_ref), atomic_read(&s->s_ref)-1);
366         if (atomic_dec_and_test(&s->s_ref)) {
367                 if (s->s_auth.authorizer)
368                         ceph_auth_destroy_authorizer(
369                                 s->s_mdsc->fsc->client->monc.auth,
370                                 s->s_auth.authorizer);
371                 kfree(s);
372         }
373 }
374
375 /*
376  * called under mdsc->mutex
377  */
378 struct ceph_mds_session *__ceph_lookup_mds_session(struct ceph_mds_client *mdsc,
379                                                    int mds)
380 {
381         struct ceph_mds_session *session;
382
383         if (mds >= mdsc->max_sessions || mdsc->sessions[mds] == NULL)
384                 return NULL;
385         session = mdsc->sessions[mds];
386         dout("lookup_mds_session %p %d\n", session,
387              atomic_read(&session->s_ref));
388         get_session(session);
389         return session;
390 }
391
392 static bool __have_session(struct ceph_mds_client *mdsc, int mds)
393 {
394         if (mds >= mdsc->max_sessions)
395                 return false;
396         return mdsc->sessions[mds];
397 }
398
399 static int __verify_registered_session(struct ceph_mds_client *mdsc,
400                                        struct ceph_mds_session *s)
401 {
402         if (s->s_mds >= mdsc->max_sessions ||
403             mdsc->sessions[s->s_mds] != s)
404                 return -ENOENT;
405         return 0;
406 }
407
408 /*
409  * create+register a new session for given mds.
410  * called under mdsc->mutex.
411  */
412 static struct ceph_mds_session *register_session(struct ceph_mds_client *mdsc,
413                                                  int mds)
414 {
415         struct ceph_mds_session *s;
416
417         if (mds >= mdsc->mdsmap->m_max_mds)
418                 return ERR_PTR(-EINVAL);
419
420         s = kzalloc(sizeof(*s), GFP_NOFS);
421         if (!s)
422                 return ERR_PTR(-ENOMEM);
423         s->s_mdsc = mdsc;
424         s->s_mds = mds;
425         s->s_state = CEPH_MDS_SESSION_NEW;
426         s->s_ttl = 0;
427         s->s_seq = 0;
428         mutex_init(&s->s_mutex);
429
430         ceph_con_init(&s->s_con, s, &mds_con_ops, &mdsc->fsc->client->msgr);
431
432         spin_lock_init(&s->s_gen_ttl_lock);
433         s->s_cap_gen = 0;
434         s->s_cap_ttl = jiffies - 1;
435
436         spin_lock_init(&s->s_cap_lock);
437         s->s_renew_requested = 0;
438         s->s_renew_seq = 0;
439         INIT_LIST_HEAD(&s->s_caps);
440         s->s_nr_caps = 0;
441         s->s_trim_caps = 0;
442         atomic_set(&s->s_ref, 1);
443         INIT_LIST_HEAD(&s->s_waiting);
444         INIT_LIST_HEAD(&s->s_unsafe);
445         s->s_num_cap_releases = 0;
446         s->s_cap_iterator = NULL;
447         INIT_LIST_HEAD(&s->s_cap_releases);
448         INIT_LIST_HEAD(&s->s_cap_releases_done);
449         INIT_LIST_HEAD(&s->s_cap_flushing);
450         INIT_LIST_HEAD(&s->s_cap_snaps_flushing);
451
452         dout("register_session mds%d\n", mds);
453         if (mds >= mdsc->max_sessions) {
454                 int newmax = 1 << get_count_order(mds+1);
455                 struct ceph_mds_session **sa;
456
457                 dout("register_session realloc to %d\n", newmax);
458                 sa = kcalloc(newmax, sizeof(void *), GFP_NOFS);
459                 if (sa == NULL)
460                         goto fail_realloc;
461                 if (mdsc->sessions) {
462                         memcpy(sa, mdsc->sessions,
463                                mdsc->max_sessions * sizeof(void *));
464                         kfree(mdsc->sessions);
465                 }
466                 mdsc->sessions = sa;
467                 mdsc->max_sessions = newmax;
468         }
469         mdsc->sessions[mds] = s;
470         atomic_inc(&s->s_ref);  /* one ref to sessions[], one to caller */
471
472         ceph_con_open(&s->s_con, CEPH_ENTITY_TYPE_MDS, mds,
473                       ceph_mdsmap_get_addr(mdsc->mdsmap, mds));
474
475         return s;
476
477 fail_realloc:
478         kfree(s);
479         return ERR_PTR(-ENOMEM);
480 }
481
482 /*
483  * called under mdsc->mutex
484  */
485 static void __unregister_session(struct ceph_mds_client *mdsc,
486                                struct ceph_mds_session *s)
487 {
488         dout("__unregister_session mds%d %p\n", s->s_mds, s);
489         BUG_ON(mdsc->sessions[s->s_mds] != s);
490         mdsc->sessions[s->s_mds] = NULL;
491         ceph_con_close(&s->s_con);
492         ceph_put_mds_session(s);
493 }
494
495 /*
496  * drop session refs in request.
497  *
498  * should be last request ref, or hold mdsc->mutex
499  */
500 static void put_request_session(struct ceph_mds_request *req)
501 {
502         if (req->r_session) {
503                 ceph_put_mds_session(req->r_session);
504                 req->r_session = NULL;
505         }
506 }
507
508 void ceph_mdsc_release_request(struct kref *kref)
509 {
510         struct ceph_mds_request *req = container_of(kref,
511                                                     struct ceph_mds_request,
512                                                     r_kref);
513         if (req->r_request)
514                 ceph_msg_put(req->r_request);
515         if (req->r_reply) {
516                 ceph_msg_put(req->r_reply);
517                 destroy_reply_info(&req->r_reply_info);
518         }
519         if (req->r_inode) {
520                 ceph_put_cap_refs(ceph_inode(req->r_inode), CEPH_CAP_PIN);
521                 iput(req->r_inode);
522         }
523         if (req->r_locked_dir)
524                 ceph_put_cap_refs(ceph_inode(req->r_locked_dir), CEPH_CAP_PIN);
525         if (req->r_target_inode)
526                 iput(req->r_target_inode);
527         if (req->r_dentry)
528                 dput(req->r_dentry);
529         if (req->r_old_dentry) {
530                 /*
531                  * track (and drop pins for) r_old_dentry_dir
532                  * separately, since r_old_dentry's d_parent may have
533                  * changed between the dir mutex being dropped and
534                  * this request being freed.
535                  */
536                 ceph_put_cap_refs(ceph_inode(req->r_old_dentry_dir),
537                                   CEPH_CAP_PIN);
538                 dput(req->r_old_dentry);
539                 iput(req->r_old_dentry_dir);
540         }
541         kfree(req->r_path1);
542         kfree(req->r_path2);
543         put_request_session(req);
544         ceph_unreserve_caps(req->r_mdsc, &req->r_caps_reservation);
545         kfree(req);
546 }
547
548 /*
549  * lookup session, bump ref if found.
550  *
551  * called under mdsc->mutex.
552  */
553 static struct ceph_mds_request *__lookup_request(struct ceph_mds_client *mdsc,
554                                              u64 tid)
555 {
556         struct ceph_mds_request *req;
557         struct rb_node *n = mdsc->request_tree.rb_node;
558
559         while (n) {
560                 req = rb_entry(n, struct ceph_mds_request, r_node);
561                 if (tid < req->r_tid)
562                         n = n->rb_left;
563                 else if (tid > req->r_tid)
564                         n = n->rb_right;
565                 else {
566                         ceph_mdsc_get_request(req);
567                         return req;
568                 }
569         }
570         return NULL;
571 }
572
573 static void __insert_request(struct ceph_mds_client *mdsc,
574                              struct ceph_mds_request *new)
575 {
576         struct rb_node **p = &mdsc->request_tree.rb_node;
577         struct rb_node *parent = NULL;
578         struct ceph_mds_request *req = NULL;
579
580         while (*p) {
581                 parent = *p;
582                 req = rb_entry(parent, struct ceph_mds_request, r_node);
583                 if (new->r_tid < req->r_tid)
584                         p = &(*p)->rb_left;
585                 else if (new->r_tid > req->r_tid)
586                         p = &(*p)->rb_right;
587                 else
588                         BUG();
589         }
590
591         rb_link_node(&new->r_node, parent, p);
592         rb_insert_color(&new->r_node, &mdsc->request_tree);
593 }
594
595 /*
596  * Register an in-flight request, and assign a tid.  Link to directory
597  * are modifying (if any).
598  *
599  * Called under mdsc->mutex.
600  */
601 static void __register_request(struct ceph_mds_client *mdsc,
602                                struct ceph_mds_request *req,
603                                struct inode *dir)
604 {
605         req->r_tid = ++mdsc->last_tid;
606         if (req->r_num_caps)
607                 ceph_reserve_caps(mdsc, &req->r_caps_reservation,
608                                   req->r_num_caps);
609         dout("__register_request %p tid %lld\n", req, req->r_tid);
610         ceph_mdsc_get_request(req);
611         __insert_request(mdsc, req);
612
613         req->r_uid = current_fsuid();
614         req->r_gid = current_fsgid();
615
616         if (dir) {
617                 struct ceph_inode_info *ci = ceph_inode(dir);
618
619                 ihold(dir);
620                 spin_lock(&ci->i_unsafe_lock);
621                 req->r_unsafe_dir = dir;
622                 list_add_tail(&req->r_unsafe_dir_item, &ci->i_unsafe_dirops);
623                 spin_unlock(&ci->i_unsafe_lock);
624         }
625 }
626
627 static void __unregister_request(struct ceph_mds_client *mdsc,
628                                  struct ceph_mds_request *req)
629 {
630         dout("__unregister_request %p tid %lld\n", req, req->r_tid);
631         rb_erase(&req->r_node, &mdsc->request_tree);
632         RB_CLEAR_NODE(&req->r_node);
633
634         if (req->r_unsafe_dir) {
635                 struct ceph_inode_info *ci = ceph_inode(req->r_unsafe_dir);
636
637                 spin_lock(&ci->i_unsafe_lock);
638                 list_del_init(&req->r_unsafe_dir_item);
639                 spin_unlock(&ci->i_unsafe_lock);
640
641                 iput(req->r_unsafe_dir);
642                 req->r_unsafe_dir = NULL;
643         }
644
645         complete_all(&req->r_safe_completion);
646
647         ceph_mdsc_put_request(req);
648 }
649
650 /*
651  * Choose mds to send request to next.  If there is a hint set in the
652  * request (e.g., due to a prior forward hint from the mds), use that.
653  * Otherwise, consult frag tree and/or caps to identify the
654  * appropriate mds.  If all else fails, choose randomly.
655  *
656  * Called under mdsc->mutex.
657  */
658 static struct dentry *get_nonsnap_parent(struct dentry *dentry)
659 {
660         /*
661          * we don't need to worry about protecting the d_parent access
662          * here because we never renaming inside the snapped namespace
663          * except to resplice to another snapdir, and either the old or new
664          * result is a valid result.
665          */
666         while (!IS_ROOT(dentry) && ceph_snap(dentry->d_inode) != CEPH_NOSNAP)
667                 dentry = dentry->d_parent;
668         return dentry;
669 }
670
671 static int __choose_mds(struct ceph_mds_client *mdsc,
672                         struct ceph_mds_request *req)
673 {
674         struct inode *inode;
675         struct ceph_inode_info *ci;
676         struct ceph_cap *cap;
677         int mode = req->r_direct_mode;
678         int mds = -1;
679         u32 hash = req->r_direct_hash;
680         bool is_hash = req->r_direct_is_hash;
681
682         /*
683          * is there a specific mds we should try?  ignore hint if we have
684          * no session and the mds is not up (active or recovering).
685          */
686         if (req->r_resend_mds >= 0 &&
687             (__have_session(mdsc, req->r_resend_mds) ||
688              ceph_mdsmap_get_state(mdsc->mdsmap, req->r_resend_mds) > 0)) {
689                 dout("choose_mds using resend_mds mds%d\n",
690                      req->r_resend_mds);
691                 return req->r_resend_mds;
692         }
693
694         if (mode == USE_RANDOM_MDS)
695                 goto random;
696
697         inode = NULL;
698         if (req->r_inode) {
699                 inode = req->r_inode;
700         } else if (req->r_dentry) {
701                 /* ignore race with rename; old or new d_parent is okay */
702                 struct dentry *parent = req->r_dentry->d_parent;
703                 struct inode *dir = parent->d_inode;
704
705                 if (dir->i_sb != mdsc->fsc->sb) {
706                         /* not this fs! */
707                         inode = req->r_dentry->d_inode;
708                 } else if (ceph_snap(dir) != CEPH_NOSNAP) {
709                         /* direct snapped/virtual snapdir requests
710                          * based on parent dir inode */
711                         struct dentry *dn = get_nonsnap_parent(parent);
712                         inode = dn->d_inode;
713                         dout("__choose_mds using nonsnap parent %p\n", inode);
714                 } else if (req->r_dentry->d_inode) {
715                         /* dentry target */
716                         inode = req->r_dentry->d_inode;
717                 } else {
718                         /* dir + name */
719                         inode = dir;
720                         hash = ceph_dentry_hash(dir, req->r_dentry);
721                         is_hash = true;
722                 }
723         }
724
725         dout("__choose_mds %p is_hash=%d (%d) mode %d\n", inode, (int)is_hash,
726              (int)hash, mode);
727         if (!inode)
728                 goto random;
729         ci = ceph_inode(inode);
730
731         if (is_hash && S_ISDIR(inode->i_mode)) {
732                 struct ceph_inode_frag frag;
733                 int found;
734
735                 ceph_choose_frag(ci, hash, &frag, &found);
736                 if (found) {
737                         if (mode == USE_ANY_MDS && frag.ndist > 0) {
738                                 u8 r;
739
740                                 /* choose a random replica */
741                                 get_random_bytes(&r, 1);
742                                 r %= frag.ndist;
743                                 mds = frag.dist[r];
744                                 dout("choose_mds %p %llx.%llx "
745                                      "frag %u mds%d (%d/%d)\n",
746                                      inode, ceph_vinop(inode),
747                                      frag.frag, mds,
748                                      (int)r, frag.ndist);
749                                 if (ceph_mdsmap_get_state(mdsc->mdsmap, mds) >=
750                                     CEPH_MDS_STATE_ACTIVE)
751                                         return mds;
752                         }
753
754                         /* since this file/dir wasn't known to be
755                          * replicated, then we want to look for the
756                          * authoritative mds. */
757                         mode = USE_AUTH_MDS;
758                         if (frag.mds >= 0) {
759                                 /* choose auth mds */
760                                 mds = frag.mds;
761                                 dout("choose_mds %p %llx.%llx "
762                                      "frag %u mds%d (auth)\n",
763                                      inode, ceph_vinop(inode), frag.frag, mds);
764                                 if (ceph_mdsmap_get_state(mdsc->mdsmap, mds) >=
765                                     CEPH_MDS_STATE_ACTIVE)
766                                         return mds;
767                         }
768                 }
769         }
770
771         spin_lock(&ci->i_ceph_lock);
772         cap = NULL;
773         if (mode == USE_AUTH_MDS)
774                 cap = ci->i_auth_cap;
775         if (!cap && !RB_EMPTY_ROOT(&ci->i_caps))
776                 cap = rb_entry(rb_first(&ci->i_caps), struct ceph_cap, ci_node);
777         if (!cap) {
778                 spin_unlock(&ci->i_ceph_lock);
779                 goto random;
780         }
781         mds = cap->session->s_mds;
782         dout("choose_mds %p %llx.%llx mds%d (%scap %p)\n",
783              inode, ceph_vinop(inode), mds,
784              cap == ci->i_auth_cap ? "auth " : "", cap);
785         spin_unlock(&ci->i_ceph_lock);
786         return mds;
787
788 random:
789         mds = ceph_mdsmap_get_random_mds(mdsc->mdsmap);
790         dout("choose_mds chose random mds%d\n", mds);
791         return mds;
792 }
793
794
795 /*
796  * session messages
797  */
798 static struct ceph_msg *create_session_msg(u32 op, u64 seq)
799 {
800         struct ceph_msg *msg;
801         struct ceph_mds_session_head *h;
802
803         msg = ceph_msg_new(CEPH_MSG_CLIENT_SESSION, sizeof(*h), GFP_NOFS,
804                            false);
805         if (!msg) {
806                 pr_err("create_session_msg ENOMEM creating msg\n");
807                 return NULL;
808         }
809         h = msg->front.iov_base;
810         h->op = cpu_to_le32(op);
811         h->seq = cpu_to_le64(seq);
812         return msg;
813 }
814
815 /*
816  * send session open request.
817  *
818  * called under mdsc->mutex
819  */
820 static int __open_session(struct ceph_mds_client *mdsc,
821                           struct ceph_mds_session *session)
822 {
823         struct ceph_msg *msg;
824         int mstate;
825         int mds = session->s_mds;
826
827         /* wait for mds to go active? */
828         mstate = ceph_mdsmap_get_state(mdsc->mdsmap, mds);
829         dout("open_session to mds%d (%s)\n", mds,
830              ceph_mds_state_name(mstate));
831         session->s_state = CEPH_MDS_SESSION_OPENING;
832         session->s_renew_requested = jiffies;
833
834         /* send connect message */
835         msg = create_session_msg(CEPH_SESSION_REQUEST_OPEN, session->s_seq);
836         if (!msg)
837                 return -ENOMEM;
838         ceph_con_send(&session->s_con, msg);
839         return 0;
840 }
841
842 /*
843  * open sessions for any export targets for the given mds
844  *
845  * called under mdsc->mutex
846  */
847 static void __open_export_target_sessions(struct ceph_mds_client *mdsc,
848                                           struct ceph_mds_session *session)
849 {
850         struct ceph_mds_info *mi;
851         struct ceph_mds_session *ts;
852         int i, mds = session->s_mds;
853         int target;
854
855         if (mds >= mdsc->mdsmap->m_max_mds)
856                 return;
857         mi = &mdsc->mdsmap->m_info[mds];
858         dout("open_export_target_sessions for mds%d (%d targets)\n",
859              session->s_mds, mi->num_export_targets);
860
861         for (i = 0; i < mi->num_export_targets; i++) {
862                 target = mi->export_targets[i];
863                 ts = __ceph_lookup_mds_session(mdsc, target);
864                 if (!ts) {
865                         ts = register_session(mdsc, target);
866                         if (IS_ERR(ts))
867                                 return;
868                 }
869                 if (session->s_state == CEPH_MDS_SESSION_NEW ||
870                     session->s_state == CEPH_MDS_SESSION_CLOSING)
871                         __open_session(mdsc, session);
872                 else
873                         dout(" mds%d target mds%d %p is %s\n", session->s_mds,
874                              i, ts, session_state_name(ts->s_state));
875                 ceph_put_mds_session(ts);
876         }
877 }
878
879 void ceph_mdsc_open_export_target_sessions(struct ceph_mds_client *mdsc,
880                                            struct ceph_mds_session *session)
881 {
882         mutex_lock(&mdsc->mutex);
883         __open_export_target_sessions(mdsc, session);
884         mutex_unlock(&mdsc->mutex);
885 }
886
887 /*
888  * session caps
889  */
890
891 /*
892  * Free preallocated cap messages assigned to this session
893  */
894 static void cleanup_cap_releases(struct ceph_mds_session *session)
895 {
896         struct ceph_msg *msg;
897
898         spin_lock(&session->s_cap_lock);
899         while (!list_empty(&session->s_cap_releases)) {
900                 msg = list_first_entry(&session->s_cap_releases,
901                                        struct ceph_msg, list_head);
902                 list_del_init(&msg->list_head);
903                 ceph_msg_put(msg);
904         }
905         while (!list_empty(&session->s_cap_releases_done)) {
906                 msg = list_first_entry(&session->s_cap_releases_done,
907                                        struct ceph_msg, list_head);
908                 list_del_init(&msg->list_head);
909                 ceph_msg_put(msg);
910         }
911         spin_unlock(&session->s_cap_lock);
912 }
913
914 /*
915  * Helper to safely iterate over all caps associated with a session, with
916  * special care taken to handle a racing __ceph_remove_cap().
917  *
918  * Caller must hold session s_mutex.
919  */
920 static int iterate_session_caps(struct ceph_mds_session *session,
921                                  int (*cb)(struct inode *, struct ceph_cap *,
922                                             void *), void *arg)
923 {
924         struct list_head *p;
925         struct ceph_cap *cap;
926         struct inode *inode, *last_inode = NULL;
927         struct ceph_cap *old_cap = NULL;
928         int ret;
929
930         dout("iterate_session_caps %p mds%d\n", session, session->s_mds);
931         spin_lock(&session->s_cap_lock);
932         p = session->s_caps.next;
933         while (p != &session->s_caps) {
934                 cap = list_entry(p, struct ceph_cap, session_caps);
935                 inode = igrab(&cap->ci->vfs_inode);
936                 if (!inode) {
937                         p = p->next;
938                         continue;
939                 }
940                 session->s_cap_iterator = cap;
941                 spin_unlock(&session->s_cap_lock);
942
943                 if (last_inode) {
944                         iput(last_inode);
945                         last_inode = NULL;
946                 }
947                 if (old_cap) {
948                         ceph_put_cap(session->s_mdsc, old_cap);
949                         old_cap = NULL;
950                 }
951
952                 ret = cb(inode, cap, arg);
953                 last_inode = inode;
954
955                 spin_lock(&session->s_cap_lock);
956                 p = p->next;
957                 if (cap->ci == NULL) {
958                         dout("iterate_session_caps  finishing cap %p removal\n",
959                              cap);
960                         BUG_ON(cap->session != session);
961                         list_del_init(&cap->session_caps);
962                         session->s_nr_caps--;
963                         cap->session = NULL;
964                         old_cap = cap;  /* put_cap it w/o locks held */
965                 }
966                 if (ret < 0)
967                         goto out;
968         }
969         ret = 0;
970 out:
971         session->s_cap_iterator = NULL;
972         spin_unlock(&session->s_cap_lock);
973
974         if (last_inode)
975                 iput(last_inode);
976         if (old_cap)
977                 ceph_put_cap(session->s_mdsc, old_cap);
978
979         return ret;
980 }
981
982 static int remove_session_caps_cb(struct inode *inode, struct ceph_cap *cap,
983                                   void *arg)
984 {
985         struct ceph_inode_info *ci = ceph_inode(inode);
986         int drop = 0;
987
988         dout("removing cap %p, ci is %p, inode is %p\n",
989              cap, ci, &ci->vfs_inode);
990         spin_lock(&ci->i_ceph_lock);
991         __ceph_remove_cap(cap);
992         if (!__ceph_is_any_real_caps(ci)) {
993                 struct ceph_mds_client *mdsc =
994                         ceph_sb_to_client(inode->i_sb)->mdsc;
995
996                 spin_lock(&mdsc->cap_dirty_lock);
997                 if (!list_empty(&ci->i_dirty_item)) {
998                         pr_info(" dropping dirty %s state for %p %lld\n",
999                                 ceph_cap_string(ci->i_dirty_caps),
1000                                 inode, ceph_ino(inode));
1001                         ci->i_dirty_caps = 0;
1002                         list_del_init(&ci->i_dirty_item);
1003                         drop = 1;
1004                 }
1005                 if (!list_empty(&ci->i_flushing_item)) {
1006                         pr_info(" dropping dirty+flushing %s state for %p %lld\n",
1007                                 ceph_cap_string(ci->i_flushing_caps),
1008                                 inode, ceph_ino(inode));
1009                         ci->i_flushing_caps = 0;
1010                         list_del_init(&ci->i_flushing_item);
1011                         mdsc->num_cap_flushing--;
1012                         drop = 1;
1013                 }
1014                 if (drop && ci->i_wrbuffer_ref) {
1015                         pr_info(" dropping dirty data for %p %lld\n",
1016                                 inode, ceph_ino(inode));
1017                         ci->i_wrbuffer_ref = 0;
1018                         ci->i_wrbuffer_ref_head = 0;
1019                         drop++;
1020                 }
1021                 spin_unlock(&mdsc->cap_dirty_lock);
1022         }
1023         spin_unlock(&ci->i_ceph_lock);
1024         while (drop--)
1025                 iput(inode);
1026         return 0;
1027 }
1028
1029 /*
1030  * caller must hold session s_mutex
1031  */
1032 static void remove_session_caps(struct ceph_mds_session *session)
1033 {
1034         dout("remove_session_caps on %p\n", session);
1035         iterate_session_caps(session, remove_session_caps_cb, NULL);
1036         BUG_ON(session->s_nr_caps > 0);
1037         BUG_ON(!list_empty(&session->s_cap_flushing));
1038         cleanup_cap_releases(session);
1039 }
1040
1041 /*
1042  * wake up any threads waiting on this session's caps.  if the cap is
1043  * old (didn't get renewed on the client reconnect), remove it now.
1044  *
1045  * caller must hold s_mutex.
1046  */
1047 static int wake_up_session_cb(struct inode *inode, struct ceph_cap *cap,
1048                               void *arg)
1049 {
1050         struct ceph_inode_info *ci = ceph_inode(inode);
1051
1052         wake_up_all(&ci->i_cap_wq);
1053         if (arg) {
1054                 spin_lock(&ci->i_ceph_lock);
1055                 ci->i_wanted_max_size = 0;
1056                 ci->i_requested_max_size = 0;
1057                 spin_unlock(&ci->i_ceph_lock);
1058         }
1059         return 0;
1060 }
1061
1062 static void wake_up_session_caps(struct ceph_mds_session *session,
1063                                  int reconnect)
1064 {
1065         dout("wake_up_session_caps %p mds%d\n", session, session->s_mds);
1066         iterate_session_caps(session, wake_up_session_cb,
1067                              (void *)(unsigned long)reconnect);
1068 }
1069
1070 /*
1071  * Send periodic message to MDS renewing all currently held caps.  The
1072  * ack will reset the expiration for all caps from this session.
1073  *
1074  * caller holds s_mutex
1075  */
1076 static int send_renew_caps(struct ceph_mds_client *mdsc,
1077                            struct ceph_mds_session *session)
1078 {
1079         struct ceph_msg *msg;
1080         int state;
1081
1082         if (time_after_eq(jiffies, session->s_cap_ttl) &&
1083             time_after_eq(session->s_cap_ttl, session->s_renew_requested))
1084                 pr_info("mds%d caps stale\n", session->s_mds);
1085         session->s_renew_requested = jiffies;
1086
1087         /* do not try to renew caps until a recovering mds has reconnected
1088          * with its clients. */
1089         state = ceph_mdsmap_get_state(mdsc->mdsmap, session->s_mds);
1090         if (state < CEPH_MDS_STATE_RECONNECT) {
1091                 dout("send_renew_caps ignoring mds%d (%s)\n",
1092                      session->s_mds, ceph_mds_state_name(state));
1093                 return 0;
1094         }
1095
1096         dout("send_renew_caps to mds%d (%s)\n", session->s_mds,
1097                 ceph_mds_state_name(state));
1098         msg = create_session_msg(CEPH_SESSION_REQUEST_RENEWCAPS,
1099                                  ++session->s_renew_seq);
1100         if (!msg)
1101                 return -ENOMEM;
1102         ceph_con_send(&session->s_con, msg);
1103         return 0;
1104 }
1105
1106 /*
1107  * Note new cap ttl, and any transition from stale -> not stale (fresh?).
1108  *
1109  * Called under session->s_mutex
1110  */
1111 static void renewed_caps(struct ceph_mds_client *mdsc,
1112                          struct ceph_mds_session *session, int is_renew)
1113 {
1114         int was_stale;
1115         int wake = 0;
1116
1117         spin_lock(&session->s_cap_lock);
1118         was_stale = is_renew && time_after_eq(jiffies, session->s_cap_ttl);
1119
1120         session->s_cap_ttl = session->s_renew_requested +
1121                 mdsc->mdsmap->m_session_timeout*HZ;
1122
1123         if (was_stale) {
1124                 if (time_before(jiffies, session->s_cap_ttl)) {
1125                         pr_info("mds%d caps renewed\n", session->s_mds);
1126                         wake = 1;
1127                 } else {
1128                         pr_info("mds%d caps still stale\n", session->s_mds);
1129                 }
1130         }
1131         dout("renewed_caps mds%d ttl now %lu, was %s, now %s\n",
1132              session->s_mds, session->s_cap_ttl, was_stale ? "stale" : "fresh",
1133              time_before(jiffies, session->s_cap_ttl) ? "stale" : "fresh");
1134         spin_unlock(&session->s_cap_lock);
1135
1136         if (wake)
1137                 wake_up_session_caps(session, 0);
1138 }
1139
1140 /*
1141  * send a session close request
1142  */
1143 static int request_close_session(struct ceph_mds_client *mdsc,
1144                                  struct ceph_mds_session *session)
1145 {
1146         struct ceph_msg *msg;
1147
1148         dout("request_close_session mds%d state %s seq %lld\n",
1149              session->s_mds, session_state_name(session->s_state),
1150              session->s_seq);
1151         msg = create_session_msg(CEPH_SESSION_REQUEST_CLOSE, session->s_seq);
1152         if (!msg)
1153                 return -ENOMEM;
1154         ceph_con_send(&session->s_con, msg);
1155         return 0;
1156 }
1157
1158 /*
1159  * Called with s_mutex held.
1160  */
1161 static int __close_session(struct ceph_mds_client *mdsc,
1162                          struct ceph_mds_session *session)
1163 {
1164         if (session->s_state >= CEPH_MDS_SESSION_CLOSING)
1165                 return 0;
1166         session->s_state = CEPH_MDS_SESSION_CLOSING;
1167         return request_close_session(mdsc, session);
1168 }
1169
1170 /*
1171  * Trim old(er) caps.
1172  *
1173  * Because we can't cache an inode without one or more caps, we do
1174  * this indirectly: if a cap is unused, we prune its aliases, at which
1175  * point the inode will hopefully get dropped to.
1176  *
1177  * Yes, this is a bit sloppy.  Our only real goal here is to respond to
1178  * memory pressure from the MDS, though, so it needn't be perfect.
1179  */
1180 static int trim_caps_cb(struct inode *inode, struct ceph_cap *cap, void *arg)
1181 {
1182         struct ceph_mds_session *session = arg;
1183         struct ceph_inode_info *ci = ceph_inode(inode);
1184         int used, oissued, mine;
1185
1186         if (session->s_trim_caps <= 0)
1187                 return -1;
1188
1189         spin_lock(&ci->i_ceph_lock);
1190         mine = cap->issued | cap->implemented;
1191         used = __ceph_caps_used(ci);
1192         oissued = __ceph_caps_issued_other(ci, cap);
1193
1194         dout("trim_caps_cb %p cap %p mine %s oissued %s used %s\n",
1195              inode, cap, ceph_cap_string(mine), ceph_cap_string(oissued),
1196              ceph_cap_string(used));
1197         if (ci->i_dirty_caps)
1198                 goto out;   /* dirty caps */
1199         if ((used & ~oissued) & mine)
1200                 goto out;   /* we need these caps */
1201
1202         session->s_trim_caps--;
1203         if (oissued) {
1204                 /* we aren't the only cap.. just remove us */
1205                 __queue_cap_release(session, ceph_ino(inode), cap->cap_id,
1206                                     cap->mseq, cap->issue_seq);
1207                 __ceph_remove_cap(cap);
1208         } else {
1209                 /* try to drop referring dentries */
1210                 spin_unlock(&ci->i_ceph_lock);
1211                 d_prune_aliases(inode);
1212                 dout("trim_caps_cb %p cap %p  pruned, count now %d\n",
1213                      inode, cap, atomic_read(&inode->i_count));
1214                 return 0;
1215         }
1216
1217 out:
1218         spin_unlock(&ci->i_ceph_lock);
1219         return 0;
1220 }
1221
1222 /*
1223  * Trim session cap count down to some max number.
1224  */
1225 static int trim_caps(struct ceph_mds_client *mdsc,
1226                      struct ceph_mds_session *session,
1227                      int max_caps)
1228 {
1229         int trim_caps = session->s_nr_caps - max_caps;
1230
1231         dout("trim_caps mds%d start: %d / %d, trim %d\n",
1232              session->s_mds, session->s_nr_caps, max_caps, trim_caps);
1233         if (trim_caps > 0) {
1234                 session->s_trim_caps = trim_caps;
1235                 iterate_session_caps(session, trim_caps_cb, session);
1236                 dout("trim_caps mds%d done: %d / %d, trimmed %d\n",
1237                      session->s_mds, session->s_nr_caps, max_caps,
1238                         trim_caps - session->s_trim_caps);
1239                 session->s_trim_caps = 0;
1240         }
1241         return 0;
1242 }
1243
1244 /*
1245  * Allocate cap_release messages.  If there is a partially full message
1246  * in the queue, try to allocate enough to cover it's remainder, so that
1247  * we can send it immediately.
1248  *
1249  * Called under s_mutex.
1250  */
1251 int ceph_add_cap_releases(struct ceph_mds_client *mdsc,
1252                           struct ceph_mds_session *session)
1253 {
1254         struct ceph_msg *msg, *partial = NULL;
1255         struct ceph_mds_cap_release *head;
1256         int err = -ENOMEM;
1257         int extra = mdsc->fsc->mount_options->cap_release_safety;
1258         int num;
1259
1260         dout("add_cap_releases %p mds%d extra %d\n", session, session->s_mds,
1261              extra);
1262
1263         spin_lock(&session->s_cap_lock);
1264
1265         if (!list_empty(&session->s_cap_releases)) {
1266                 msg = list_first_entry(&session->s_cap_releases,
1267                                        struct ceph_msg,
1268                                  list_head);
1269                 head = msg->front.iov_base;
1270                 num = le32_to_cpu(head->num);
1271                 if (num) {
1272                         dout(" partial %p with (%d/%d)\n", msg, num,
1273                              (int)CEPH_CAPS_PER_RELEASE);
1274                         extra += CEPH_CAPS_PER_RELEASE - num;
1275                         partial = msg;
1276                 }
1277         }
1278         while (session->s_num_cap_releases < session->s_nr_caps + extra) {
1279                 spin_unlock(&session->s_cap_lock);
1280                 msg = ceph_msg_new(CEPH_MSG_CLIENT_CAPRELEASE, PAGE_CACHE_SIZE,
1281                                    GFP_NOFS, false);
1282                 if (!msg)
1283                         goto out_unlocked;
1284                 dout("add_cap_releases %p msg %p now %d\n", session, msg,
1285                      (int)msg->front.iov_len);
1286                 head = msg->front.iov_base;
1287                 head->num = cpu_to_le32(0);
1288                 msg->front.iov_len = sizeof(*head);
1289                 spin_lock(&session->s_cap_lock);
1290                 list_add(&msg->list_head, &session->s_cap_releases);
1291                 session->s_num_cap_releases += CEPH_CAPS_PER_RELEASE;
1292         }
1293
1294         if (partial) {
1295                 head = partial->front.iov_base;
1296                 num = le32_to_cpu(head->num);
1297                 dout(" queueing partial %p with %d/%d\n", partial, num,
1298                      (int)CEPH_CAPS_PER_RELEASE);
1299                 list_move_tail(&partial->list_head,
1300                                &session->s_cap_releases_done);
1301                 session->s_num_cap_releases -= CEPH_CAPS_PER_RELEASE - num;
1302         }
1303         err = 0;
1304         spin_unlock(&session->s_cap_lock);
1305 out_unlocked:
1306         return err;
1307 }
1308
1309 /*
1310  * flush all dirty inode data to disk.
1311  *
1312  * returns true if we've flushed through want_flush_seq
1313  */
1314 static int check_cap_flush(struct ceph_mds_client *mdsc, u64 want_flush_seq)
1315 {
1316         int mds, ret = 1;
1317
1318         dout("check_cap_flush want %lld\n", want_flush_seq);
1319         mutex_lock(&mdsc->mutex);
1320         for (mds = 0; ret && mds < mdsc->max_sessions; mds++) {
1321                 struct ceph_mds_session *session = mdsc->sessions[mds];
1322
1323                 if (!session)
1324                         continue;
1325                 get_session(session);
1326                 mutex_unlock(&mdsc->mutex);
1327
1328                 mutex_lock(&session->s_mutex);
1329                 if (!list_empty(&session->s_cap_flushing)) {
1330                         struct ceph_inode_info *ci =
1331                                 list_entry(session->s_cap_flushing.next,
1332                                            struct ceph_inode_info,
1333                                            i_flushing_item);
1334                         struct inode *inode = &ci->vfs_inode;
1335
1336                         spin_lock(&ci->i_ceph_lock);
1337                         if (ci->i_cap_flush_seq <= want_flush_seq) {
1338                                 dout("check_cap_flush still flushing %p "
1339                                      "seq %lld <= %lld to mds%d\n", inode,
1340                                      ci->i_cap_flush_seq, want_flush_seq,
1341                                      session->s_mds);
1342                                 ret = 0;
1343                         }
1344                         spin_unlock(&ci->i_ceph_lock);
1345                 }
1346                 mutex_unlock(&session->s_mutex);
1347                 ceph_put_mds_session(session);
1348
1349                 if (!ret)
1350                         return ret;
1351                 mutex_lock(&mdsc->mutex);
1352         }
1353
1354         mutex_unlock(&mdsc->mutex);
1355         dout("check_cap_flush ok, flushed thru %lld\n", want_flush_seq);
1356         return ret;
1357 }
1358
1359 /*
1360  * called under s_mutex
1361  */
1362 void ceph_send_cap_releases(struct ceph_mds_client *mdsc,
1363                             struct ceph_mds_session *session)
1364 {
1365         struct ceph_msg *msg;
1366
1367         dout("send_cap_releases mds%d\n", session->s_mds);
1368         spin_lock(&session->s_cap_lock);
1369         while (!list_empty(&session->s_cap_releases_done)) {
1370                 msg = list_first_entry(&session->s_cap_releases_done,
1371                                  struct ceph_msg, list_head);
1372                 list_del_init(&msg->list_head);
1373                 spin_unlock(&session->s_cap_lock);
1374                 msg->hdr.front_len = cpu_to_le32(msg->front.iov_len);
1375                 dout("send_cap_releases mds%d %p\n", session->s_mds, msg);
1376                 ceph_con_send(&session->s_con, msg);
1377                 spin_lock(&session->s_cap_lock);
1378         }
1379         spin_unlock(&session->s_cap_lock);
1380 }
1381
1382 static void discard_cap_releases(struct ceph_mds_client *mdsc,
1383                                  struct ceph_mds_session *session)
1384 {
1385         struct ceph_msg *msg;
1386         struct ceph_mds_cap_release *head;
1387         unsigned num;
1388
1389         dout("discard_cap_releases mds%d\n", session->s_mds);
1390         spin_lock(&session->s_cap_lock);
1391
1392         /* zero out the in-progress message */
1393         msg = list_first_entry(&session->s_cap_releases,
1394                                struct ceph_msg, list_head);
1395         head = msg->front.iov_base;
1396         num = le32_to_cpu(head->num);
1397         dout("discard_cap_releases mds%d %p %u\n", session->s_mds, msg, num);
1398         head->num = cpu_to_le32(0);
1399         session->s_num_cap_releases += num;
1400
1401         /* requeue completed messages */
1402         while (!list_empty(&session->s_cap_releases_done)) {
1403                 msg = list_first_entry(&session->s_cap_releases_done,
1404                                  struct ceph_msg, list_head);
1405                 list_del_init(&msg->list_head);
1406
1407                 head = msg->front.iov_base;
1408                 num = le32_to_cpu(head->num);
1409                 dout("discard_cap_releases mds%d %p %u\n", session->s_mds, msg,
1410                      num);
1411                 session->s_num_cap_releases += num;
1412                 head->num = cpu_to_le32(0);
1413                 msg->front.iov_len = sizeof(*head);
1414                 list_add(&msg->list_head, &session->s_cap_releases);
1415         }
1416
1417         spin_unlock(&session->s_cap_lock);
1418 }
1419
1420 /*
1421  * requests
1422  */
1423
1424 /*
1425  * Create an mds request.
1426  */
1427 struct ceph_mds_request *
1428 ceph_mdsc_create_request(struct ceph_mds_client *mdsc, int op, int mode)
1429 {
1430         struct ceph_mds_request *req = kzalloc(sizeof(*req), GFP_NOFS);
1431
1432         if (!req)
1433                 return ERR_PTR(-ENOMEM);
1434
1435         mutex_init(&req->r_fill_mutex);
1436         req->r_mdsc = mdsc;
1437         req->r_started = jiffies;
1438         req->r_resend_mds = -1;
1439         INIT_LIST_HEAD(&req->r_unsafe_dir_item);
1440         req->r_fmode = -1;
1441         kref_init(&req->r_kref);
1442         INIT_LIST_HEAD(&req->r_wait);
1443         init_completion(&req->r_completion);
1444         init_completion(&req->r_safe_completion);
1445         INIT_LIST_HEAD(&req->r_unsafe_item);
1446
1447         req->r_op = op;
1448         req->r_direct_mode = mode;
1449         return req;
1450 }
1451
1452 /*
1453  * return oldest (lowest) request, tid in request tree, 0 if none.
1454  *
1455  * called under mdsc->mutex.
1456  */
1457 static struct ceph_mds_request *__get_oldest_req(struct ceph_mds_client *mdsc)
1458 {
1459         if (RB_EMPTY_ROOT(&mdsc->request_tree))
1460                 return NULL;
1461         return rb_entry(rb_first(&mdsc->request_tree),
1462                         struct ceph_mds_request, r_node);
1463 }
1464
1465 static u64 __get_oldest_tid(struct ceph_mds_client *mdsc)
1466 {
1467         struct ceph_mds_request *req = __get_oldest_req(mdsc);
1468
1469         if (req)
1470                 return req->r_tid;
1471         return 0;
1472 }
1473
1474 /*
1475  * Build a dentry's path.  Allocate on heap; caller must kfree.  Based
1476  * on build_path_from_dentry in fs/cifs/dir.c.
1477  *
1478  * If @stop_on_nosnap, generate path relative to the first non-snapped
1479  * inode.
1480  *
1481  * Encode hidden .snap dirs as a double /, i.e.
1482  *   foo/.snap/bar -> foo//bar
1483  */
1484 char *ceph_mdsc_build_path(struct dentry *dentry, int *plen, u64 *base,
1485                            int stop_on_nosnap)
1486 {
1487         struct dentry *temp;
1488         char *path;
1489         int len, pos;
1490         unsigned seq;
1491
1492         if (dentry == NULL)
1493                 return ERR_PTR(-EINVAL);
1494
1495 retry:
1496         len = 0;
1497         seq = read_seqbegin(&rename_lock);
1498         rcu_read_lock();
1499         for (temp = dentry; !IS_ROOT(temp);) {
1500                 struct inode *inode = temp->d_inode;
1501                 if (inode && ceph_snap(inode) == CEPH_SNAPDIR)
1502                         len++;  /* slash only */
1503                 else if (stop_on_nosnap && inode &&
1504                          ceph_snap(inode) == CEPH_NOSNAP)
1505                         break;
1506                 else
1507                         len += 1 + temp->d_name.len;
1508                 temp = temp->d_parent;
1509         }
1510         rcu_read_unlock();
1511         if (len)
1512                 len--;  /* no leading '/' */
1513
1514         path = kmalloc(len+1, GFP_NOFS);
1515         if (path == NULL)
1516                 return ERR_PTR(-ENOMEM);
1517         pos = len;
1518         path[pos] = 0;  /* trailing null */
1519         rcu_read_lock();
1520         for (temp = dentry; !IS_ROOT(temp) && pos != 0; ) {
1521                 struct inode *inode;
1522
1523                 spin_lock(&temp->d_lock);
1524                 inode = temp->d_inode;
1525                 if (inode && ceph_snap(inode) == CEPH_SNAPDIR) {
1526                         dout("build_path path+%d: %p SNAPDIR\n",
1527                              pos, temp);
1528                 } else if (stop_on_nosnap && inode &&
1529                            ceph_snap(inode) == CEPH_NOSNAP) {
1530                         spin_unlock(&temp->d_lock);
1531                         break;
1532                 } else {
1533                         pos -= temp->d_name.len;
1534                         if (pos < 0) {
1535                                 spin_unlock(&temp->d_lock);
1536                                 break;
1537                         }
1538                         strncpy(path + pos, temp->d_name.name,
1539                                 temp->d_name.len);
1540                 }
1541                 spin_unlock(&temp->d_lock);
1542                 if (pos)
1543                         path[--pos] = '/';
1544                 temp = temp->d_parent;
1545         }
1546         rcu_read_unlock();
1547         if (pos != 0 || read_seqretry(&rename_lock, seq)) {
1548                 pr_err("build_path did not end path lookup where "
1549                        "expected, namelen is %d, pos is %d\n", len, pos);
1550                 /* presumably this is only possible if racing with a
1551                    rename of one of the parent directories (we can not
1552                    lock the dentries above us to prevent this, but
1553                    retrying should be harmless) */
1554                 kfree(path);
1555                 goto retry;
1556         }
1557
1558         *base = ceph_ino(temp->d_inode);
1559         *plen = len;
1560         dout("build_path on %p %d built %llx '%.*s'\n",
1561              dentry, dentry->d_count, *base, len, path);
1562         return path;
1563 }
1564
1565 static int build_dentry_path(struct dentry *dentry,
1566                              const char **ppath, int *ppathlen, u64 *pino,
1567                              int *pfreepath)
1568 {
1569         char *path;
1570
1571         if (ceph_snap(dentry->d_parent->d_inode) == CEPH_NOSNAP) {
1572                 *pino = ceph_ino(dentry->d_parent->d_inode);
1573                 *ppath = dentry->d_name.name;
1574                 *ppathlen = dentry->d_name.len;
1575                 return 0;
1576         }
1577         path = ceph_mdsc_build_path(dentry, ppathlen, pino, 1);
1578         if (IS_ERR(path))
1579                 return PTR_ERR(path);
1580         *ppath = path;
1581         *pfreepath = 1;
1582         return 0;
1583 }
1584
1585 static int build_inode_path(struct inode *inode,
1586                             const char **ppath, int *ppathlen, u64 *pino,
1587                             int *pfreepath)
1588 {
1589         struct dentry *dentry;
1590         char *path;
1591
1592         if (ceph_snap(inode) == CEPH_NOSNAP) {
1593                 *pino = ceph_ino(inode);
1594                 *ppathlen = 0;
1595                 return 0;
1596         }
1597         dentry = d_find_alias(inode);
1598         path = ceph_mdsc_build_path(dentry, ppathlen, pino, 1);
1599         dput(dentry);
1600         if (IS_ERR(path))
1601                 return PTR_ERR(path);
1602         *ppath = path;
1603         *pfreepath = 1;
1604         return 0;
1605 }
1606
1607 /*
1608  * request arguments may be specified via an inode *, a dentry *, or
1609  * an explicit ino+path.
1610  */
1611 static int set_request_path_attr(struct inode *rinode, struct dentry *rdentry,
1612                                   const char *rpath, u64 rino,
1613                                   const char **ppath, int *pathlen,
1614                                   u64 *ino, int *freepath)
1615 {
1616         int r = 0;
1617
1618         if (rinode) {
1619                 r = build_inode_path(rinode, ppath, pathlen, ino, freepath);
1620                 dout(" inode %p %llx.%llx\n", rinode, ceph_ino(rinode),
1621                      ceph_snap(rinode));
1622         } else if (rdentry) {
1623                 r = build_dentry_path(rdentry, ppath, pathlen, ino, freepath);
1624                 dout(" dentry %p %llx/%.*s\n", rdentry, *ino, *pathlen,
1625                      *ppath);
1626         } else if (rpath || rino) {
1627                 *ino = rino;
1628                 *ppath = rpath;
1629                 *pathlen = rpath ? strlen(rpath) : 0;
1630                 dout(" path %.*s\n", *pathlen, rpath);
1631         }
1632
1633         return r;
1634 }
1635
1636 /*
1637  * called under mdsc->mutex
1638  */
1639 static struct ceph_msg *create_request_message(struct ceph_mds_client *mdsc,
1640                                                struct ceph_mds_request *req,
1641                                                int mds)
1642 {
1643         struct ceph_msg *msg;
1644         struct ceph_mds_request_head *head;
1645         const char *path1 = NULL;
1646         const char *path2 = NULL;
1647         u64 ino1 = 0, ino2 = 0;
1648         int pathlen1 = 0, pathlen2 = 0;
1649         int freepath1 = 0, freepath2 = 0;
1650         int len;
1651         u16 releases;
1652         void *p, *end;
1653         int ret;
1654
1655         ret = set_request_path_attr(req->r_inode, req->r_dentry,
1656                               req->r_path1, req->r_ino1.ino,
1657                               &path1, &pathlen1, &ino1, &freepath1);
1658         if (ret < 0) {
1659                 msg = ERR_PTR(ret);
1660                 goto out;
1661         }
1662
1663         ret = set_request_path_attr(NULL, req->r_old_dentry,
1664                               req->r_path2, req->r_ino2.ino,
1665                               &path2, &pathlen2, &ino2, &freepath2);
1666         if (ret < 0) {
1667                 msg = ERR_PTR(ret);
1668                 goto out_free1;
1669         }
1670
1671         len = sizeof(*head) +
1672                 pathlen1 + pathlen2 + 2*(1 + sizeof(u32) + sizeof(u64));
1673
1674         /* calculate (max) length for cap releases */
1675         len += sizeof(struct ceph_mds_request_release) *
1676                 (!!req->r_inode_drop + !!req->r_dentry_drop +
1677                  !!req->r_old_inode_drop + !!req->r_old_dentry_drop);
1678         if (req->r_dentry_drop)
1679                 len += req->r_dentry->d_name.len;
1680         if (req->r_old_dentry_drop)
1681                 len += req->r_old_dentry->d_name.len;
1682
1683         msg = ceph_msg_new(CEPH_MSG_CLIENT_REQUEST, len, GFP_NOFS, false);
1684         if (!msg) {
1685                 msg = ERR_PTR(-ENOMEM);
1686                 goto out_free2;
1687         }
1688
1689         msg->hdr.tid = cpu_to_le64(req->r_tid);
1690
1691         head = msg->front.iov_base;
1692         p = msg->front.iov_base + sizeof(*head);
1693         end = msg->front.iov_base + msg->front.iov_len;
1694
1695         head->mdsmap_epoch = cpu_to_le32(mdsc->mdsmap->m_epoch);
1696         head->op = cpu_to_le32(req->r_op);
1697         head->caller_uid = cpu_to_le32(from_kuid(&init_user_ns, req->r_uid));
1698         head->caller_gid = cpu_to_le32(from_kgid(&init_user_ns, req->r_gid));
1699         head->args = req->r_args;
1700
1701         ceph_encode_filepath(&p, end, ino1, path1);
1702         ceph_encode_filepath(&p, end, ino2, path2);
1703
1704         /* make note of release offset, in case we need to replay */
1705         req->r_request_release_offset = p - msg->front.iov_base;
1706
1707         /* cap releases */
1708         releases = 0;
1709         if (req->r_inode_drop)
1710                 releases += ceph_encode_inode_release(&p,
1711                       req->r_inode ? req->r_inode : req->r_dentry->d_inode,
1712                       mds, req->r_inode_drop, req->r_inode_unless, 0);
1713         if (req->r_dentry_drop)
1714                 releases += ceph_encode_dentry_release(&p, req->r_dentry,
1715                        mds, req->r_dentry_drop, req->r_dentry_unless);
1716         if (req->r_old_dentry_drop)
1717                 releases += ceph_encode_dentry_release(&p, req->r_old_dentry,
1718                        mds, req->r_old_dentry_drop, req->r_old_dentry_unless);
1719         if (req->r_old_inode_drop)
1720                 releases += ceph_encode_inode_release(&p,
1721                       req->r_old_dentry->d_inode,
1722                       mds, req->r_old_inode_drop, req->r_old_inode_unless, 0);
1723         head->num_releases = cpu_to_le16(releases);
1724
1725         BUG_ON(p > end);
1726         msg->front.iov_len = p - msg->front.iov_base;
1727         msg->hdr.front_len = cpu_to_le32(msg->front.iov_len);
1728
1729         if (req->r_data_len) {
1730                 /* outbound data set only by ceph_sync_setxattr() */
1731                 BUG_ON(!req->r_pages);
1732                 ceph_msg_data_add_pages(msg, req->r_pages, req->r_data_len, 0);
1733         }
1734
1735         msg->hdr.data_len = cpu_to_le32(req->r_data_len);
1736         msg->hdr.data_off = cpu_to_le16(0);
1737
1738 out_free2:
1739         if (freepath2)
1740                 kfree((char *)path2);
1741 out_free1:
1742         if (freepath1)
1743                 kfree((char *)path1);
1744 out:
1745         return msg;
1746 }
1747
1748 /*
1749  * called under mdsc->mutex if error, under no mutex if
1750  * success.
1751  */
1752 static void complete_request(struct ceph_mds_client *mdsc,
1753                              struct ceph_mds_request *req)
1754 {
1755         if (req->r_callback)
1756                 req->r_callback(mdsc, req);
1757         else
1758                 complete_all(&req->r_completion);
1759 }
1760
1761 /*
1762  * called under mdsc->mutex
1763  */
1764 static int __prepare_send_request(struct ceph_mds_client *mdsc,
1765                                   struct ceph_mds_request *req,
1766                                   int mds)
1767 {
1768         struct ceph_mds_request_head *rhead;
1769         struct ceph_msg *msg;
1770         int flags = 0;
1771
1772         req->r_attempts++;
1773         if (req->r_inode) {
1774                 struct ceph_cap *cap =
1775                         ceph_get_cap_for_mds(ceph_inode(req->r_inode), mds);
1776
1777                 if (cap)
1778                         req->r_sent_on_mseq = cap->mseq;
1779                 else
1780                         req->r_sent_on_mseq = -1;
1781         }
1782         dout("prepare_send_request %p tid %lld %s (attempt %d)\n", req,
1783              req->r_tid, ceph_mds_op_name(req->r_op), req->r_attempts);
1784
1785         if (req->r_got_unsafe) {
1786                 /*
1787                  * Replay.  Do not regenerate message (and rebuild
1788                  * paths, etc.); just use the original message.
1789                  * Rebuilding paths will break for renames because
1790                  * d_move mangles the src name.
1791                  */
1792                 msg = req->r_request;
1793                 rhead = msg->front.iov_base;
1794
1795                 flags = le32_to_cpu(rhead->flags);
1796                 flags |= CEPH_MDS_FLAG_REPLAY;
1797                 rhead->flags = cpu_to_le32(flags);
1798
1799                 if (req->r_target_inode)
1800                         rhead->ino = cpu_to_le64(ceph_ino(req->r_target_inode));
1801
1802                 rhead->num_retry = req->r_attempts - 1;
1803
1804                 /* remove cap/dentry releases from message */
1805                 rhead->num_releases = 0;
1806                 msg->hdr.front_len = cpu_to_le32(req->r_request_release_offset);
1807                 msg->front.iov_len = req->r_request_release_offset;
1808                 return 0;
1809         }
1810
1811         if (req->r_request) {
1812                 ceph_msg_put(req->r_request);
1813                 req->r_request = NULL;
1814         }
1815         msg = create_request_message(mdsc, req, mds);
1816         if (IS_ERR(msg)) {
1817                 req->r_err = PTR_ERR(msg);
1818                 complete_request(mdsc, req);
1819                 return PTR_ERR(msg);
1820         }
1821         req->r_request = msg;
1822
1823         rhead = msg->front.iov_base;
1824         rhead->oldest_client_tid = cpu_to_le64(__get_oldest_tid(mdsc));
1825         if (req->r_got_unsafe)
1826                 flags |= CEPH_MDS_FLAG_REPLAY;
1827         if (req->r_locked_dir)
1828                 flags |= CEPH_MDS_FLAG_WANT_DENTRY;
1829         rhead->flags = cpu_to_le32(flags);
1830         rhead->num_fwd = req->r_num_fwd;
1831         rhead->num_retry = req->r_attempts - 1;
1832         rhead->ino = 0;
1833
1834         dout(" r_locked_dir = %p\n", req->r_locked_dir);
1835         return 0;
1836 }
1837
1838 /*
1839  * send request, or put it on the appropriate wait list.
1840  */
1841 static int __do_request(struct ceph_mds_client *mdsc,
1842                         struct ceph_mds_request *req)
1843 {
1844         struct ceph_mds_session *session = NULL;
1845         int mds = -1;
1846         int err = -EAGAIN;
1847
1848         if (req->r_err || req->r_got_result) {
1849                 if (req->r_aborted)
1850                         __unregister_request(mdsc, req);
1851                 goto out;
1852         }
1853
1854         if (req->r_timeout &&
1855             time_after_eq(jiffies, req->r_started + req->r_timeout)) {
1856                 dout("do_request timed out\n");
1857                 err = -EIO;
1858                 goto finish;
1859         }
1860
1861         put_request_session(req);
1862
1863         mds = __choose_mds(mdsc, req);
1864         if (mds < 0 ||
1865             ceph_mdsmap_get_state(mdsc->mdsmap, mds) < CEPH_MDS_STATE_ACTIVE) {
1866                 dout("do_request no mds or not active, waiting for map\n");
1867                 list_add(&req->r_wait, &mdsc->waiting_for_map);
1868                 goto out;
1869         }
1870
1871         /* get, open session */
1872         session = __ceph_lookup_mds_session(mdsc, mds);
1873         if (!session) {
1874                 session = register_session(mdsc, mds);
1875                 if (IS_ERR(session)) {
1876                         err = PTR_ERR(session);
1877                         goto finish;
1878                 }
1879         }
1880         req->r_session = get_session(session);
1881
1882         dout("do_request mds%d session %p state %s\n", mds, session,
1883              session_state_name(session->s_state));
1884         if (session->s_state != CEPH_MDS_SESSION_OPEN &&
1885             session->s_state != CEPH_MDS_SESSION_HUNG) {
1886                 if (session->s_state == CEPH_MDS_SESSION_NEW ||
1887                     session->s_state == CEPH_MDS_SESSION_CLOSING)
1888                         __open_session(mdsc, session);
1889                 list_add(&req->r_wait, &session->s_waiting);
1890                 goto out_session;
1891         }
1892
1893         /* send request */
1894         req->r_resend_mds = -1;   /* forget any previous mds hint */
1895
1896         if (req->r_request_started == 0)   /* note request start time */
1897                 req->r_request_started = jiffies;
1898
1899         err = __prepare_send_request(mdsc, req, mds);
1900         if (!err) {
1901                 ceph_msg_get(req->r_request);
1902                 ceph_con_send(&session->s_con, req->r_request);
1903         }
1904
1905 out_session:
1906         ceph_put_mds_session(session);
1907 out:
1908         return err;
1909
1910 finish:
1911         req->r_err = err;
1912         complete_request(mdsc, req);
1913         goto out;
1914 }
1915
1916 /*
1917  * called under mdsc->mutex
1918  */
1919 static void __wake_requests(struct ceph_mds_client *mdsc,
1920                             struct list_head *head)
1921 {
1922         struct ceph_mds_request *req;
1923         LIST_HEAD(tmp_list);
1924
1925         list_splice_init(head, &tmp_list);
1926
1927         while (!list_empty(&tmp_list)) {
1928                 req = list_entry(tmp_list.next,
1929                                  struct ceph_mds_request, r_wait);
1930                 list_del_init(&req->r_wait);
1931                 dout(" wake request %p tid %llu\n", req, req->r_tid);
1932                 __do_request(mdsc, req);
1933         }
1934 }
1935
1936 /*
1937  * Wake up threads with requests pending for @mds, so that they can
1938  * resubmit their requests to a possibly different mds.
1939  */
1940 static void kick_requests(struct ceph_mds_client *mdsc, int mds)
1941 {
1942         struct ceph_mds_request *req;
1943         struct rb_node *p;
1944
1945         dout("kick_requests mds%d\n", mds);
1946         for (p = rb_first(&mdsc->request_tree); p; p = rb_next(p)) {
1947                 req = rb_entry(p, struct ceph_mds_request, r_node);
1948                 if (req->r_got_unsafe)
1949                         continue;
1950                 if (req->r_session &&
1951                     req->r_session->s_mds == mds) {
1952                         dout(" kicking tid %llu\n", req->r_tid);
1953                         __do_request(mdsc, req);
1954                 }
1955         }
1956 }
1957
1958 void ceph_mdsc_submit_request(struct ceph_mds_client *mdsc,
1959                               struct ceph_mds_request *req)
1960 {
1961         dout("submit_request on %p\n", req);
1962         mutex_lock(&mdsc->mutex);
1963         __register_request(mdsc, req, NULL);
1964         __do_request(mdsc, req);
1965         mutex_unlock(&mdsc->mutex);
1966 }
1967
1968 /*
1969  * Synchrously perform an mds request.  Take care of all of the
1970  * session setup, forwarding, retry details.
1971  */
1972 int ceph_mdsc_do_request(struct ceph_mds_client *mdsc,
1973                          struct inode *dir,
1974                          struct ceph_mds_request *req)
1975 {
1976         int err;
1977
1978         dout("do_request on %p\n", req);
1979
1980         /* take CAP_PIN refs for r_inode, r_locked_dir, r_old_dentry */
1981         if (req->r_inode)
1982                 ceph_get_cap_refs(ceph_inode(req->r_inode), CEPH_CAP_PIN);
1983         if (req->r_locked_dir)
1984                 ceph_get_cap_refs(ceph_inode(req->r_locked_dir), CEPH_CAP_PIN);
1985         if (req->r_old_dentry)
1986                 ceph_get_cap_refs(ceph_inode(req->r_old_dentry_dir),
1987                                   CEPH_CAP_PIN);
1988
1989         /* issue */
1990         mutex_lock(&mdsc->mutex);
1991         __register_request(mdsc, req, dir);
1992         __do_request(mdsc, req);
1993
1994         if (req->r_err) {
1995                 err = req->r_err;
1996                 __unregister_request(mdsc, req);
1997                 dout("do_request early error %d\n", err);
1998                 goto out;
1999         }
2000
2001         /* wait */
2002         mutex_unlock(&mdsc->mutex);
2003         dout("do_request waiting\n");
2004         if (req->r_timeout) {
2005                 err = (long)wait_for_completion_killable_timeout(
2006                         &req->r_completion, req->r_timeout);
2007                 if (err == 0)
2008                         err = -EIO;
2009         } else {
2010                 err = wait_for_completion_killable(&req->r_completion);
2011         }
2012         dout("do_request waited, got %d\n", err);
2013         mutex_lock(&mdsc->mutex);
2014
2015         /* only abort if we didn't race with a real reply */
2016         if (req->r_got_result) {
2017                 err = le32_to_cpu(req->r_reply_info.head->result);
2018         } else if (err < 0) {
2019                 dout("aborted request %lld with %d\n", req->r_tid, err);
2020
2021                 /*
2022                  * ensure we aren't running concurrently with
2023                  * ceph_fill_trace or ceph_readdir_prepopulate, which
2024                  * rely on locks (dir mutex) held by our caller.
2025                  */
2026                 mutex_lock(&req->r_fill_mutex);
2027                 req->r_err = err;
2028                 req->r_aborted = true;
2029                 mutex_unlock(&req->r_fill_mutex);
2030
2031                 if (req->r_locked_dir &&
2032                     (req->r_op & CEPH_MDS_OP_WRITE))
2033                         ceph_invalidate_dir_request(req);
2034         } else {
2035                 err = req->r_err;
2036         }
2037
2038 out:
2039         mutex_unlock(&mdsc->mutex);
2040         dout("do_request %p done, result %d\n", req, err);
2041         return err;
2042 }
2043
2044 /*
2045  * Invalidate dir's completeness, dentry lease state on an aborted MDS
2046  * namespace request.
2047  */
2048 void ceph_invalidate_dir_request(struct ceph_mds_request *req)
2049 {
2050         struct inode *inode = req->r_locked_dir;
2051
2052         dout("invalidate_dir_request %p (complete, lease(s))\n", inode);
2053
2054         ceph_dir_clear_complete(inode);
2055         if (req->r_dentry)
2056                 ceph_invalidate_dentry_lease(req->r_dentry);
2057         if (req->r_old_dentry)
2058                 ceph_invalidate_dentry_lease(req->r_old_dentry);
2059 }
2060
2061 /*
2062  * Handle mds reply.
2063  *
2064  * We take the session mutex and parse and process the reply immediately.
2065  * This preserves the logical ordering of replies, capabilities, etc., sent
2066  * by the MDS as they are applied to our local cache.
2067  */
2068 static void handle_reply(struct ceph_mds_session *session, struct ceph_msg *msg)
2069 {
2070         struct ceph_mds_client *mdsc = session->s_mdsc;
2071         struct ceph_mds_request *req;
2072         struct ceph_mds_reply_head *head = msg->front.iov_base;
2073         struct ceph_mds_reply_info_parsed *rinfo;  /* parsed reply info */
2074         u64 tid;
2075         int err, result;
2076         int mds = session->s_mds;
2077
2078         if (msg->front.iov_len < sizeof(*head)) {
2079                 pr_err("mdsc_handle_reply got corrupt (short) reply\n");
2080                 ceph_msg_dump(msg);
2081                 return;
2082         }
2083
2084         /* get request, session */
2085         tid = le64_to_cpu(msg->hdr.tid);
2086         mutex_lock(&mdsc->mutex);
2087         req = __lookup_request(mdsc, tid);
2088         if (!req) {
2089                 dout("handle_reply on unknown tid %llu\n", tid);
2090                 mutex_unlock(&mdsc->mutex);
2091                 return;
2092         }
2093         dout("handle_reply %p\n", req);
2094
2095         /* correct session? */
2096         if (req->r_session != session) {
2097                 pr_err("mdsc_handle_reply got %llu on session mds%d"
2098                        " not mds%d\n", tid, session->s_mds,
2099                        req->r_session ? req->r_session->s_mds : -1);
2100                 mutex_unlock(&mdsc->mutex);
2101                 goto out;
2102         }
2103
2104         /* dup? */
2105         if ((req->r_got_unsafe && !head->safe) ||
2106             (req->r_got_safe && head->safe)) {
2107                 pr_warning("got a dup %s reply on %llu from mds%d\n",
2108                            head->safe ? "safe" : "unsafe", tid, mds);
2109                 mutex_unlock(&mdsc->mutex);
2110                 goto out;
2111         }
2112         if (req->r_got_safe && !head->safe) {
2113                 pr_warning("got unsafe after safe on %llu from mds%d\n",
2114                            tid, mds);
2115                 mutex_unlock(&mdsc->mutex);
2116                 goto out;
2117         }
2118
2119         result = le32_to_cpu(head->result);
2120
2121         /*
2122          * Handle an ESTALE
2123          * if we're not talking to the authority, send to them
2124          * if the authority has changed while we weren't looking,
2125          * send to new authority
2126          * Otherwise we just have to return an ESTALE
2127          */
2128         if (result == -ESTALE) {
2129                 dout("got ESTALE on request %llu", req->r_tid);
2130                 if (!req->r_inode) {
2131                         /* do nothing; not an authority problem */
2132                 } else if (req->r_direct_mode != USE_AUTH_MDS) {
2133                         dout("not using auth, setting for that now");
2134                         req->r_direct_mode = USE_AUTH_MDS;
2135                         __do_request(mdsc, req);
2136                         mutex_unlock(&mdsc->mutex);
2137                         goto out;
2138                 } else  {
2139                         struct ceph_inode_info *ci = ceph_inode(req->r_inode);
2140                         struct ceph_cap *cap = NULL;
2141
2142                         if (req->r_session)
2143                                 cap = ceph_get_cap_for_mds(ci,
2144                                                    req->r_session->s_mds);
2145
2146                         dout("already using auth");
2147                         if ((!cap || cap != ci->i_auth_cap) ||
2148                             (cap->mseq != req->r_sent_on_mseq)) {
2149                                 dout("but cap changed, so resending");
2150                                 __do_request(mdsc, req);
2151                                 mutex_unlock(&mdsc->mutex);
2152                                 goto out;
2153                         }
2154                 }
2155                 dout("have to return ESTALE on request %llu", req->r_tid);
2156         }
2157
2158
2159         if (head->safe) {
2160                 req->r_got_safe = true;
2161                 __unregister_request(mdsc, req);
2162
2163                 if (req->r_got_unsafe) {
2164                         /*
2165                          * We already handled the unsafe response, now do the
2166                          * cleanup.  No need to examine the response; the MDS
2167                          * doesn't include any result info in the safe
2168                          * response.  And even if it did, there is nothing
2169                          * useful we could do with a revised return value.
2170                          */
2171                         dout("got safe reply %llu, mds%d\n", tid, mds);
2172                         list_del_init(&req->r_unsafe_item);
2173
2174                         /* last unsafe request during umount? */
2175                         if (mdsc->stopping && !__get_oldest_req(mdsc))
2176                                 complete_all(&mdsc->safe_umount_waiters);
2177                         mutex_unlock(&mdsc->mutex);
2178                         goto out;
2179                 }
2180         } else {
2181                 req->r_got_unsafe = true;
2182                 list_add_tail(&req->r_unsafe_item, &req->r_session->s_unsafe);
2183         }
2184
2185         dout("handle_reply tid %lld result %d\n", tid, result);
2186         rinfo = &req->r_reply_info;
2187         err = parse_reply_info(msg, rinfo, session->s_con.peer_features);
2188         mutex_unlock(&mdsc->mutex);
2189
2190         mutex_lock(&session->s_mutex);
2191         if (err < 0) {
2192                 pr_err("mdsc_handle_reply got corrupt reply mds%d(tid:%lld)\n", mds, tid);
2193                 ceph_msg_dump(msg);
2194                 goto out_err;
2195         }
2196
2197         /* snap trace */
2198         if (rinfo->snapblob_len) {
2199                 down_write(&mdsc->snap_rwsem);
2200                 ceph_update_snap_trace(mdsc, rinfo->snapblob,
2201                                rinfo->snapblob + rinfo->snapblob_len,
2202                                le32_to_cpu(head->op) == CEPH_MDS_OP_RMSNAP);
2203                 downgrade_write(&mdsc->snap_rwsem);
2204         } else {
2205                 down_read(&mdsc->snap_rwsem);
2206         }
2207
2208         /* insert trace into our cache */
2209         mutex_lock(&req->r_fill_mutex);
2210         err = ceph_fill_trace(mdsc->fsc->sb, req, req->r_session);
2211         if (err == 0) {
2212                 if (result == 0 && (req->r_op == CEPH_MDS_OP_READDIR ||
2213                                     req->r_op == CEPH_MDS_OP_LSSNAP) &&
2214                     rinfo->dir_nr)
2215                         ceph_readdir_prepopulate(req, req->r_session);
2216                 ceph_unreserve_caps(mdsc, &req->r_caps_reservation);
2217         }
2218         mutex_unlock(&req->r_fill_mutex);
2219
2220         up_read(&mdsc->snap_rwsem);
2221 out_err:
2222         mutex_lock(&mdsc->mutex);
2223         if (!req->r_aborted) {
2224                 if (err) {
2225                         req->r_err = err;
2226                 } else {
2227                         req->r_reply = msg;
2228                         ceph_msg_get(msg);
2229                         req->r_got_result = true;
2230                 }
2231         } else {
2232                 dout("reply arrived after request %lld was aborted\n", tid);
2233         }
2234         mutex_unlock(&mdsc->mutex);
2235
2236         ceph_add_cap_releases(mdsc, req->r_session);
2237         mutex_unlock(&session->s_mutex);
2238
2239         /* kick calling process */
2240         complete_request(mdsc, req);
2241 out:
2242         ceph_mdsc_put_request(req);
2243         return;
2244 }
2245
2246
2247
2248 /*
2249  * handle mds notification that our request has been forwarded.
2250  */
2251 static void handle_forward(struct ceph_mds_client *mdsc,
2252                            struct ceph_mds_session *session,
2253                            struct ceph_msg *msg)
2254 {
2255         struct ceph_mds_request *req;
2256         u64 tid = le64_to_cpu(msg->hdr.tid);
2257         u32 next_mds;
2258         u32 fwd_seq;
2259         int err = -EINVAL;
2260         void *p = msg->front.iov_base;
2261         void *end = p + msg->front.iov_len;
2262
2263         ceph_decode_need(&p, end, 2*sizeof(u32), bad);
2264         next_mds = ceph_decode_32(&p);
2265         fwd_seq = ceph_decode_32(&p);
2266
2267         mutex_lock(&mdsc->mutex);
2268         req = __lookup_request(mdsc, tid);
2269         if (!req) {
2270                 dout("forward tid %llu to mds%d - req dne\n", tid, next_mds);
2271                 goto out;  /* dup reply? */
2272         }
2273
2274         if (req->r_aborted) {
2275                 dout("forward tid %llu aborted, unregistering\n", tid);
2276                 __unregister_request(mdsc, req);
2277         } else if (fwd_seq <= req->r_num_fwd) {
2278                 dout("forward tid %llu to mds%d - old seq %d <= %d\n",
2279                      tid, next_mds, req->r_num_fwd, fwd_seq);
2280         } else {
2281                 /* resend. forward race not possible; mds would drop */
2282                 dout("forward tid %llu to mds%d (we resend)\n", tid, next_mds);
2283                 BUG_ON(req->r_err);
2284                 BUG_ON(req->r_got_result);
2285                 req->r_num_fwd = fwd_seq;
2286                 req->r_resend_mds = next_mds;
2287                 put_request_session(req);
2288                 __do_request(mdsc, req);
2289         }
2290         ceph_mdsc_put_request(req);
2291 out:
2292         mutex_unlock(&mdsc->mutex);
2293         return;
2294
2295 bad:
2296         pr_err("mdsc_handle_forward decode error err=%d\n", err);
2297 }
2298
2299 /*
2300  * handle a mds session control message
2301  */
2302 static void handle_session(struct ceph_mds_session *session,
2303                            struct ceph_msg *msg)
2304 {
2305         struct ceph_mds_client *mdsc = session->s_mdsc;
2306         u32 op;
2307         u64 seq;
2308         int mds = session->s_mds;
2309         struct ceph_mds_session_head *h = msg->front.iov_base;
2310         int wake = 0;
2311
2312         /* decode */
2313         if (msg->front.iov_len != sizeof(*h))
2314                 goto bad;
2315         op = le32_to_cpu(h->op);
2316         seq = le64_to_cpu(h->seq);
2317
2318         mutex_lock(&mdsc->mutex);
2319         if (op == CEPH_SESSION_CLOSE)
2320                 __unregister_session(mdsc, session);
2321         /* FIXME: this ttl calculation is generous */
2322         session->s_ttl = jiffies + HZ*mdsc->mdsmap->m_session_autoclose;
2323         mutex_unlock(&mdsc->mutex);
2324
2325         mutex_lock(&session->s_mutex);
2326
2327         dout("handle_session mds%d %s %p state %s seq %llu\n",
2328              mds, ceph_session_op_name(op), session,
2329              session_state_name(session->s_state), seq);
2330
2331         if (session->s_state == CEPH_MDS_SESSION_HUNG) {
2332                 session->s_state = CEPH_MDS_SESSION_OPEN;
2333                 pr_info("mds%d came back\n", session->s_mds);
2334         }
2335
2336         switch (op) {
2337         case CEPH_SESSION_OPEN:
2338                 if (session->s_state == CEPH_MDS_SESSION_RECONNECTING)
2339                         pr_info("mds%d reconnect success\n", session->s_mds);
2340                 session->s_state = CEPH_MDS_SESSION_OPEN;
2341                 renewed_caps(mdsc, session, 0);
2342                 wake = 1;
2343                 if (mdsc->stopping)
2344                         __close_session(mdsc, session);
2345                 break;
2346
2347         case CEPH_SESSION_RENEWCAPS:
2348                 if (session->s_renew_seq == seq)
2349                         renewed_caps(mdsc, session, 1);
2350                 break;
2351
2352         case CEPH_SESSION_CLOSE:
2353                 if (session->s_state == CEPH_MDS_SESSION_RECONNECTING)
2354                         pr_info("mds%d reconnect denied\n", session->s_mds);
2355                 remove_session_caps(session);
2356                 wake = 1; /* for good measure */
2357                 wake_up_all(&mdsc->session_close_wq);
2358                 kick_requests(mdsc, mds);
2359                 break;
2360
2361         case CEPH_SESSION_STALE:
2362                 pr_info("mds%d caps went stale, renewing\n",
2363                         session->s_mds);
2364                 spin_lock(&session->s_gen_ttl_lock);
2365                 session->s_cap_gen++;
2366                 session->s_cap_ttl = jiffies - 1;
2367                 spin_unlock(&session->s_gen_ttl_lock);
2368                 send_renew_caps(mdsc, session);
2369                 break;
2370
2371         case CEPH_SESSION_RECALL_STATE:
2372                 trim_caps(mdsc, session, le32_to_cpu(h->max_caps));
2373                 break;
2374
2375         default:
2376                 pr_err("mdsc_handle_session bad op %d mds%d\n", op, mds);
2377                 WARN_ON(1);
2378         }
2379
2380         mutex_unlock(&session->s_mutex);
2381         if (wake) {
2382                 mutex_lock(&mdsc->mutex);
2383                 __wake_requests(mdsc, &session->s_waiting);
2384                 mutex_unlock(&mdsc->mutex);
2385         }
2386         return;
2387
2388 bad:
2389         pr_err("mdsc_handle_session corrupt message mds%d len %d\n", mds,
2390                (int)msg->front.iov_len);
2391         ceph_msg_dump(msg);
2392         return;
2393 }
2394
2395
2396 /*
2397  * called under session->mutex.
2398  */
2399 static void replay_unsafe_requests(struct ceph_mds_client *mdsc,
2400                                    struct ceph_mds_session *session)
2401 {
2402         struct ceph_mds_request *req, *nreq;
2403         int err;
2404
2405         dout("replay_unsafe_requests mds%d\n", session->s_mds);
2406
2407         mutex_lock(&mdsc->mutex);
2408         list_for_each_entry_safe(req, nreq, &session->s_unsafe, r_unsafe_item) {
2409                 err = __prepare_send_request(mdsc, req, session->s_mds);
2410                 if (!err) {
2411                         ceph_msg_get(req->r_request);
2412                         ceph_con_send(&session->s_con, req->r_request);
2413                 }
2414         }
2415         mutex_unlock(&mdsc->mutex);
2416 }
2417
2418 /*
2419  * Encode information about a cap for a reconnect with the MDS.
2420  */
2421 static int encode_caps_cb(struct inode *inode, struct ceph_cap *cap,
2422                           void *arg)
2423 {
2424         union {
2425                 struct ceph_mds_cap_reconnect v2;
2426                 struct ceph_mds_cap_reconnect_v1 v1;
2427         } rec;
2428         size_t reclen;
2429         struct ceph_inode_info *ci;
2430         struct ceph_reconnect_state *recon_state = arg;
2431         struct ceph_pagelist *pagelist = recon_state->pagelist;
2432         char *path;
2433         int pathlen, err;
2434         u64 pathbase;
2435         struct dentry *dentry;
2436
2437         ci = cap->ci;
2438
2439         dout(" adding %p ino %llx.%llx cap %p %lld %s\n",
2440              inode, ceph_vinop(inode), cap, cap->cap_id,
2441              ceph_cap_string(cap->issued));
2442         err = ceph_pagelist_encode_64(pagelist, ceph_ino(inode));
2443         if (err)
2444                 return err;
2445
2446         dentry = d_find_alias(inode);
2447         if (dentry) {
2448                 path = ceph_mdsc_build_path(dentry, &pathlen, &pathbase, 0);
2449                 if (IS_ERR(path)) {
2450                         err = PTR_ERR(path);
2451                         goto out_dput;
2452                 }
2453         } else {
2454                 path = NULL;
2455                 pathlen = 0;
2456         }
2457         err = ceph_pagelist_encode_string(pagelist, path, pathlen);
2458         if (err)
2459                 goto out_free;
2460
2461         spin_lock(&ci->i_ceph_lock);
2462         cap->seq = 0;        /* reset cap seq */
2463         cap->issue_seq = 0;  /* and issue_seq */
2464
2465         if (recon_state->flock) {
2466                 rec.v2.cap_id = cpu_to_le64(cap->cap_id);
2467                 rec.v2.wanted = cpu_to_le32(__ceph_caps_wanted(ci));
2468                 rec.v2.issued = cpu_to_le32(cap->issued);
2469                 rec.v2.snaprealm = cpu_to_le64(ci->i_snap_realm->ino);
2470                 rec.v2.pathbase = cpu_to_le64(pathbase);
2471                 rec.v2.flock_len = 0;
2472                 reclen = sizeof(rec.v2);
2473         } else {
2474                 rec.v1.cap_id = cpu_to_le64(cap->cap_id);
2475                 rec.v1.wanted = cpu_to_le32(__ceph_caps_wanted(ci));
2476                 rec.v1.issued = cpu_to_le32(cap->issued);
2477                 rec.v1.size = cpu_to_le64(inode->i_size);
2478                 ceph_encode_timespec(&rec.v1.mtime, &inode->i_mtime);
2479                 ceph_encode_timespec(&rec.v1.atime, &inode->i_atime);
2480                 rec.v1.snaprealm = cpu_to_le64(ci->i_snap_realm->ino);
2481                 rec.v1.pathbase = cpu_to_le64(pathbase);
2482                 reclen = sizeof(rec.v1);
2483         }
2484         spin_unlock(&ci->i_ceph_lock);
2485
2486         if (recon_state->flock) {
2487                 int num_fcntl_locks, num_flock_locks;
2488                 struct ceph_filelock *flocks;
2489
2490 encode_again:
2491                 lock_flocks();
2492                 ceph_count_locks(inode, &num_fcntl_locks, &num_flock_locks);
2493                 unlock_flocks();
2494                 flocks = kmalloc((num_fcntl_locks+num_flock_locks) *
2495                                  sizeof(struct ceph_filelock), GFP_NOFS);
2496                 if (!flocks) {
2497                         err = -ENOMEM;
2498                         goto out_free;
2499                 }
2500                 lock_flocks();
2501                 err = ceph_encode_locks_to_buffer(inode, flocks,
2502                                                   num_fcntl_locks,
2503                                                   num_flock_locks);
2504                 unlock_flocks();
2505                 if (err) {
2506                         kfree(flocks);
2507                         if (err == -ENOSPC)
2508                                 goto encode_again;
2509                         goto out_free;
2510                 }
2511                 /*
2512                  * number of encoded locks is stable, so copy to pagelist
2513                  */
2514                 rec.v2.flock_len = cpu_to_le32(2*sizeof(u32) +
2515                                     (num_fcntl_locks+num_flock_locks) *
2516                                     sizeof(struct ceph_filelock));
2517                 err = ceph_pagelist_append(pagelist, &rec, reclen);
2518                 if (!err)
2519                         err = ceph_locks_to_pagelist(flocks, pagelist,
2520                                                      num_fcntl_locks,
2521                                                      num_flock_locks);
2522                 kfree(flocks);
2523         } else {
2524                 err = ceph_pagelist_append(pagelist, &rec, reclen);
2525         }
2526 out_free:
2527         kfree(path);
2528 out_dput:
2529         dput(dentry);
2530         return err;
2531 }
2532
2533
2534 /*
2535  * If an MDS fails and recovers, clients need to reconnect in order to
2536  * reestablish shared state.  This includes all caps issued through
2537  * this session _and_ the snap_realm hierarchy.  Because it's not
2538  * clear which snap realms the mds cares about, we send everything we
2539  * know about.. that ensures we'll then get any new info the
2540  * recovering MDS might have.
2541  *
2542  * This is a relatively heavyweight operation, but it's rare.
2543  *
2544  * called with mdsc->mutex held.
2545  */
2546 static void send_mds_reconnect(struct ceph_mds_client *mdsc,
2547                                struct ceph_mds_session *session)
2548 {
2549         struct ceph_msg *reply;
2550         struct rb_node *p;
2551         int mds = session->s_mds;
2552         int err = -ENOMEM;
2553         struct ceph_pagelist *pagelist;
2554         struct ceph_reconnect_state recon_state;
2555
2556         pr_info("mds%d reconnect start\n", mds);
2557
2558         pagelist = kmalloc(sizeof(*pagelist), GFP_NOFS);
2559         if (!pagelist)
2560                 goto fail_nopagelist;
2561         ceph_pagelist_init(pagelist);
2562
2563         reply = ceph_msg_new(CEPH_MSG_CLIENT_RECONNECT, 0, GFP_NOFS, false);
2564         if (!reply)
2565                 goto fail_nomsg;
2566
2567         mutex_lock(&session->s_mutex);
2568         session->s_state = CEPH_MDS_SESSION_RECONNECTING;
2569         session->s_seq = 0;
2570
2571         ceph_con_close(&session->s_con);
2572         ceph_con_open(&session->s_con,
2573                       CEPH_ENTITY_TYPE_MDS, mds,
2574                       ceph_mdsmap_get_addr(mdsc->mdsmap, mds));
2575
2576         /* replay unsafe requests */
2577         replay_unsafe_requests(mdsc, session);
2578
2579         down_read(&mdsc->snap_rwsem);
2580
2581         dout("session %p state %s\n", session,
2582              session_state_name(session->s_state));
2583
2584         /* drop old cap expires; we're about to reestablish that state */
2585         discard_cap_releases(mdsc, session);
2586
2587         /* traverse this session's caps */
2588         err = ceph_pagelist_encode_32(pagelist, session->s_nr_caps);
2589         if (err)
2590                 goto fail;
2591
2592         recon_state.pagelist = pagelist;
2593         recon_state.flock = session->s_con.peer_features & CEPH_FEATURE_FLOCK;
2594         err = iterate_session_caps(session, encode_caps_cb, &recon_state);
2595         if (err < 0)
2596                 goto fail;
2597
2598         /*
2599          * snaprealms.  we provide mds with the ino, seq (version), and
2600          * parent for all of our realms.  If the mds has any newer info,
2601          * it will tell us.
2602          */
2603         for (p = rb_first(&mdsc->snap_realms); p; p = rb_next(p)) {
2604                 struct ceph_snap_realm *realm =
2605                         rb_entry(p, struct ceph_snap_realm, node);
2606                 struct ceph_mds_snaprealm_reconnect sr_rec;
2607
2608                 dout(" adding snap realm %llx seq %lld parent %llx\n",
2609                      realm->ino, realm->seq, realm->parent_ino);
2610                 sr_rec.ino = cpu_to_le64(realm->ino);
2611                 sr_rec.seq = cpu_to_le64(realm->seq);
2612                 sr_rec.parent = cpu_to_le64(realm->parent_ino);
2613                 err = ceph_pagelist_append(pagelist, &sr_rec, sizeof(sr_rec));
2614                 if (err)
2615                         goto fail;
2616         }
2617
2618         if (recon_state.flock)
2619                 reply->hdr.version = cpu_to_le16(2);
2620         if (pagelist->length) {
2621                 /* set up outbound data if we have any */
2622                 reply->hdr.data_len = cpu_to_le32(pagelist->length);
2623                 ceph_msg_data_add_pagelist(reply, pagelist);
2624         }
2625         ceph_con_send(&session->s_con, reply);
2626
2627         mutex_unlock(&session->s_mutex);
2628
2629         mutex_lock(&mdsc->mutex);
2630         __wake_requests(mdsc, &session->s_waiting);
2631         mutex_unlock(&mdsc->mutex);
2632
2633         up_read(&mdsc->snap_rwsem);
2634         return;
2635
2636 fail:
2637         ceph_msg_put(reply);
2638         up_read(&mdsc->snap_rwsem);
2639         mutex_unlock(&session->s_mutex);
2640 fail_nomsg:
2641         ceph_pagelist_release(pagelist);
2642         kfree(pagelist);
2643 fail_nopagelist:
2644         pr_err("error %d preparing reconnect for mds%d\n", err, mds);
2645         return;
2646 }
2647
2648
2649 /*
2650  * compare old and new mdsmaps, kicking requests
2651  * and closing out old connections as necessary
2652  *
2653  * called under mdsc->mutex.
2654  */
2655 static void check_new_map(struct ceph_mds_client *mdsc,
2656                           struct ceph_mdsmap *newmap,
2657                           struct ceph_mdsmap *oldmap)
2658 {
2659         int i;
2660         int oldstate, newstate;
2661         struct ceph_mds_session *s;
2662
2663         dout("check_new_map new %u old %u\n",
2664              newmap->m_epoch, oldmap->m_epoch);
2665
2666         for (i = 0; i < oldmap->m_max_mds && i < mdsc->max_sessions; i++) {
2667                 if (mdsc->sessions[i] == NULL)
2668                         continue;
2669                 s = mdsc->sessions[i];
2670                 oldstate = ceph_mdsmap_get_state(oldmap, i);
2671                 newstate = ceph_mdsmap_get_state(newmap, i);
2672
2673                 dout("check_new_map mds%d state %s%s -> %s%s (session %s)\n",
2674                      i, ceph_mds_state_name(oldstate),
2675                      ceph_mdsmap_is_laggy(oldmap, i) ? " (laggy)" : "",
2676                      ceph_mds_state_name(newstate),
2677                      ceph_mdsmap_is_laggy(newmap, i) ? " (laggy)" : "",
2678                      session_state_name(s->s_state));
2679
2680                 if (i >= newmap->m_max_mds ||
2681                     memcmp(ceph_mdsmap_get_addr(oldmap, i),
2682                            ceph_mdsmap_get_addr(newmap, i),
2683                            sizeof(struct ceph_entity_addr))) {
2684                         if (s->s_state == CEPH_MDS_SESSION_OPENING) {
2685                                 /* the session never opened, just close it
2686                                  * out now */
2687                                 __wake_requests(mdsc, &s->s_waiting);
2688                                 __unregister_session(mdsc, s);
2689                         } else {
2690                                 /* just close it */
2691                                 mutex_unlock(&mdsc->mutex);
2692                                 mutex_lock(&s->s_mutex);
2693                                 mutex_lock(&mdsc->mutex);
2694                                 ceph_con_close(&s->s_con);
2695                                 mutex_unlock(&s->s_mutex);
2696                                 s->s_state = CEPH_MDS_SESSION_RESTARTING;
2697                         }
2698
2699                         /* kick any requests waiting on the recovering mds */
2700                         kick_requests(mdsc, i);
2701                 } else if (oldstate == newstate) {
2702                         continue;  /* nothing new with this mds */
2703                 }
2704
2705                 /*
2706                  * send reconnect?
2707                  */
2708                 if (s->s_state == CEPH_MDS_SESSION_RESTARTING &&
2709                     newstate >= CEPH_MDS_STATE_RECONNECT) {
2710                         mutex_unlock(&mdsc->mutex);
2711                         send_mds_reconnect(mdsc, s);
2712                         mutex_lock(&mdsc->mutex);
2713                 }
2714
2715                 /*
2716                  * kick request on any mds that has gone active.
2717                  */
2718                 if (oldstate < CEPH_MDS_STATE_ACTIVE &&
2719                     newstate >= CEPH_MDS_STATE_ACTIVE) {
2720                         if (oldstate != CEPH_MDS_STATE_CREATING &&
2721                             oldstate != CEPH_MDS_STATE_STARTING)
2722                                 pr_info("mds%d recovery completed\n", s->s_mds);
2723                         kick_requests(mdsc, i);
2724                         ceph_kick_flushing_caps(mdsc, s);
2725                         wake_up_session_caps(s, 1);
2726                 }
2727         }
2728
2729         for (i = 0; i < newmap->m_max_mds && i < mdsc->max_sessions; i++) {
2730                 s = mdsc->sessions[i];
2731                 if (!s)
2732                         continue;
2733                 if (!ceph_mdsmap_is_laggy(newmap, i))
2734                         continue;
2735                 if (s->s_state == CEPH_MDS_SESSION_OPEN ||
2736                     s->s_state == CEPH_MDS_SESSION_HUNG ||
2737                     s->s_state == CEPH_MDS_SESSION_CLOSING) {
2738                         dout(" connecting to export targets of laggy mds%d\n",
2739                              i);
2740                         __open_export_target_sessions(mdsc, s);
2741                 }
2742         }
2743 }
2744
2745
2746
2747 /*
2748  * leases
2749  */
2750
2751 /*
2752  * caller must hold session s_mutex, dentry->d_lock
2753  */
2754 void __ceph_mdsc_drop_dentry_lease(struct dentry *dentry)
2755 {
2756         struct ceph_dentry_info *di = ceph_dentry(dentry);
2757
2758         ceph_put_mds_session(di->lease_session);
2759         di->lease_session = NULL;
2760 }
2761
2762 static void handle_lease(struct ceph_mds_client *mdsc,
2763                          struct ceph_mds_session *session,
2764                          struct ceph_msg *msg)
2765 {
2766         struct super_block *sb = mdsc->fsc->sb;
2767         struct inode *inode;
2768         struct dentry *parent, *dentry;
2769         struct ceph_dentry_info *di;
2770         int mds = session->s_mds;
2771         struct ceph_mds_lease *h = msg->front.iov_base;
2772         u32 seq;
2773         struct ceph_vino vino;
2774         struct qstr dname;
2775         int release = 0;
2776
2777         dout("handle_lease from mds%d\n", mds);
2778
2779         /* decode */
2780         if (msg->front.iov_len < sizeof(*h) + sizeof(u32))
2781                 goto bad;
2782         vino.ino = le64_to_cpu(h->ino);
2783         vino.snap = CEPH_NOSNAP;
2784         seq = le32_to_cpu(h->seq);
2785         dname.name = (void *)h + sizeof(*h) + sizeof(u32);
2786         dname.len = msg->front.iov_len - sizeof(*h) - sizeof(u32);
2787         if (dname.len != get_unaligned_le32(h+1))
2788                 goto bad;
2789
2790         mutex_lock(&session->s_mutex);
2791         session->s_seq++;
2792
2793         /* lookup inode */
2794         inode = ceph_find_inode(sb, vino);
2795         dout("handle_lease %s, ino %llx %p %.*s\n",
2796              ceph_lease_op_name(h->action), vino.ino, inode,
2797              dname.len, dname.name);
2798         if (inode == NULL) {
2799                 dout("handle_lease no inode %llx\n", vino.ino);
2800                 goto release;
2801         }
2802
2803         /* dentry */
2804         parent = d_find_alias(inode);
2805         if (!parent) {
2806                 dout("no parent dentry on inode %p\n", inode);
2807                 WARN_ON(1);
2808                 goto release;  /* hrm... */
2809         }
2810         dname.hash = full_name_hash(dname.name, dname.len);
2811         dentry = d_lookup(parent, &dname);
2812         dput(parent);
2813         if (!dentry)
2814                 goto release;
2815
2816         spin_lock(&dentry->d_lock);
2817         di = ceph_dentry(dentry);
2818         switch (h->action) {
2819         case CEPH_MDS_LEASE_REVOKE:
2820                 if (di->lease_session == session) {
2821                         if (ceph_seq_cmp(di->lease_seq, seq) > 0)
2822                                 h->seq = cpu_to_le32(di->lease_seq);
2823                         __ceph_mdsc_drop_dentry_lease(dentry);
2824                 }
2825                 release = 1;
2826                 break;
2827
2828         case CEPH_MDS_LEASE_RENEW:
2829                 if (di->lease_session == session &&
2830                     di->lease_gen == session->s_cap_gen &&
2831                     di->lease_renew_from &&
2832                     di->lease_renew_after == 0) {
2833                         unsigned long duration =
2834                                 le32_to_cpu(h->duration_ms) * HZ / 1000;
2835
2836                         di->lease_seq = seq;
2837                         dentry->d_time = di->lease_renew_from + duration;
2838                         di->lease_renew_after = di->lease_renew_from +
2839                                 (duration >> 1);
2840                         di->lease_renew_from = 0;
2841                 }
2842                 break;
2843         }
2844         spin_unlock(&dentry->d_lock);
2845         dput(dentry);
2846
2847         if (!release)
2848                 goto out;
2849
2850 release:
2851         /* let's just reuse the same message */
2852         h->action = CEPH_MDS_LEASE_REVOKE_ACK;
2853         ceph_msg_get(msg);
2854         ceph_con_send(&session->s_con, msg);
2855
2856 out:
2857         iput(inode);
2858         mutex_unlock(&session->s_mutex);
2859         return;
2860
2861 bad:
2862         pr_err("corrupt lease message\n");
2863         ceph_msg_dump(msg);
2864 }
2865
2866 void ceph_mdsc_lease_send_msg(struct ceph_mds_session *session,
2867                               struct inode *inode,
2868                               struct dentry *dentry, char action,
2869                               u32 seq)
2870 {
2871         struct ceph_msg *msg;
2872         struct ceph_mds_lease *lease;
2873         int len = sizeof(*lease) + sizeof(u32);
2874         int dnamelen = 0;
2875
2876         dout("lease_send_msg inode %p dentry %p %s to mds%d\n",
2877              inode, dentry, ceph_lease_op_name(action), session->s_mds);
2878         dnamelen = dentry->d_name.len;
2879         len += dnamelen;
2880
2881         msg = ceph_msg_new(CEPH_MSG_CLIENT_LEASE, len, GFP_NOFS, false);
2882         if (!msg)
2883                 return;
2884         lease = msg->front.iov_base;
2885         lease->action = action;
2886         lease->ino = cpu_to_le64(ceph_vino(inode).ino);
2887         lease->first = lease->last = cpu_to_le64(ceph_vino(inode).snap);
2888         lease->seq = cpu_to_le32(seq);
2889         put_unaligned_le32(dnamelen, lease + 1);
2890         memcpy((void *)(lease + 1) + 4, dentry->d_name.name, dnamelen);
2891
2892         /*
2893          * if this is a preemptive lease RELEASE, no need to
2894          * flush request stream, since the actual request will
2895          * soon follow.
2896          */
2897         msg->more_to_follow = (action == CEPH_MDS_LEASE_RELEASE);
2898
2899         ceph_con_send(&session->s_con, msg);
2900 }
2901
2902 /*
2903  * Preemptively release a lease we expect to invalidate anyway.
2904  * Pass @inode always, @dentry is optional.
2905  */
2906 void ceph_mdsc_lease_release(struct ceph_mds_client *mdsc, struct inode *inode,
2907                              struct dentry *dentry)
2908 {
2909         struct ceph_dentry_info *di;
2910         struct ceph_mds_session *session;
2911         u32 seq;
2912
2913         BUG_ON(inode == NULL);
2914         BUG_ON(dentry == NULL);
2915
2916         /* is dentry lease valid? */
2917         spin_lock(&dentry->d_lock);
2918         di = ceph_dentry(dentry);
2919         if (!di || !di->lease_session ||
2920             di->lease_session->s_mds < 0 ||
2921             di->lease_gen != di->lease_session->s_cap_gen ||
2922             !time_before(jiffies, dentry->d_time)) {
2923                 dout("lease_release inode %p dentry %p -- "
2924                      "no lease\n",
2925                      inode, dentry);
2926                 spin_unlock(&dentry->d_lock);
2927                 return;
2928         }
2929
2930         /* we do have a lease on this dentry; note mds and seq */
2931         session = ceph_get_mds_session(di->lease_session);
2932         seq = di->lease_seq;
2933         __ceph_mdsc_drop_dentry_lease(dentry);
2934         spin_unlock(&dentry->d_lock);
2935
2936         dout("lease_release inode %p dentry %p to mds%d\n",
2937              inode, dentry, session->s_mds);
2938         ceph_mdsc_lease_send_msg(session, inode, dentry,
2939                                  CEPH_MDS_LEASE_RELEASE, seq);
2940         ceph_put_mds_session(session);
2941 }
2942
2943 /*
2944  * drop all leases (and dentry refs) in preparation for umount
2945  */
2946 static void drop_leases(struct ceph_mds_client *mdsc)
2947 {
2948         int i;
2949
2950         dout("drop_leases\n");
2951         mutex_lock(&mdsc->mutex);
2952         for (i = 0; i < mdsc->max_sessions; i++) {
2953                 struct ceph_mds_session *s = __ceph_lookup_mds_session(mdsc, i);
2954                 if (!s)
2955                         continue;
2956                 mutex_unlock(&mdsc->mutex);
2957                 mutex_lock(&s->s_mutex);
2958                 mutex_unlock(&s->s_mutex);
2959                 ceph_put_mds_session(s);
2960                 mutex_lock(&mdsc->mutex);
2961         }
2962         mutex_unlock(&mdsc->mutex);
2963 }
2964
2965
2966
2967 /*
2968  * delayed work -- periodically trim expired leases, renew caps with mds
2969  */
2970 static void schedule_delayed(struct ceph_mds_client *mdsc)
2971 {
2972         int delay = 5;
2973         unsigned hz = round_jiffies_relative(HZ * delay);
2974         schedule_delayed_work(&mdsc->delayed_work, hz);
2975 }
2976
2977 static void delayed_work(struct work_struct *work)
2978 {
2979         int i;
2980         struct ceph_mds_client *mdsc =
2981                 container_of(work, struct ceph_mds_client, delayed_work.work);
2982         int renew_interval;
2983         int renew_caps;
2984
2985         dout("mdsc delayed_work\n");
2986         ceph_check_delayed_caps(mdsc);
2987
2988         mutex_lock(&mdsc->mutex);
2989         renew_interval = mdsc->mdsmap->m_session_timeout >> 2;
2990         renew_caps = time_after_eq(jiffies, HZ*renew_interval +
2991                                    mdsc->last_renew_caps);
2992         if (renew_caps)
2993                 mdsc->last_renew_caps = jiffies;
2994
2995         for (i = 0; i < mdsc->max_sessions; i++) {
2996                 struct ceph_mds_session *s = __ceph_lookup_mds_session(mdsc, i);
2997                 if (s == NULL)
2998                         continue;
2999                 if (s->s_state == CEPH_MDS_SESSION_CLOSING) {
3000                         dout("resending session close request for mds%d\n",
3001                              s->s_mds);
3002                         request_close_session(mdsc, s);
3003                         ceph_put_mds_session(s);
3004                         continue;
3005                 }
3006                 if (s->s_ttl && time_after(jiffies, s->s_ttl)) {
3007                         if (s->s_state == CEPH_MDS_SESSION_OPEN) {
3008                                 s->s_state = CEPH_MDS_SESSION_HUNG;
3009                                 pr_info("mds%d hung\n", s->s_mds);
3010                         }
3011                 }
3012                 if (s->s_state < CEPH_MDS_SESSION_OPEN) {
3013                         /* this mds is failed or recovering, just wait */
3014                         ceph_put_mds_session(s);
3015                         continue;
3016                 }
3017                 mutex_unlock(&mdsc->mutex);
3018
3019                 mutex_lock(&s->s_mutex);
3020                 if (renew_caps)
3021                         send_renew_caps(mdsc, s);
3022                 else
3023                         ceph_con_keepalive(&s->s_con);
3024                 ceph_add_cap_releases(mdsc, s);
3025                 if (s->s_state == CEPH_MDS_SESSION_OPEN ||
3026                     s->s_state == CEPH_MDS_SESSION_HUNG)
3027                         ceph_send_cap_releases(mdsc, s);
3028                 mutex_unlock(&s->s_mutex);
3029                 ceph_put_mds_session(s);
3030
3031                 mutex_lock(&mdsc->mutex);
3032         }
3033         mutex_unlock(&mdsc->mutex);
3034
3035         schedule_delayed(mdsc);
3036 }
3037
3038 int ceph_mdsc_init(struct ceph_fs_client *fsc)
3039
3040 {
3041         struct ceph_mds_client *mdsc;
3042
3043         mdsc = kzalloc(sizeof(struct ceph_mds_client), GFP_NOFS);
3044         if (!mdsc)
3045                 return -ENOMEM;
3046         mdsc->fsc = fsc;
3047         fsc->mdsc = mdsc;
3048         mutex_init(&mdsc->mutex);
3049         mdsc->mdsmap = kzalloc(sizeof(*mdsc->mdsmap), GFP_NOFS);
3050         if (mdsc->mdsmap == NULL) {
3051                 kfree(mdsc);
3052                 return -ENOMEM;
3053         }
3054
3055         init_completion(&mdsc->safe_umount_waiters);
3056         init_waitqueue_head(&mdsc->session_close_wq);
3057         INIT_LIST_HEAD(&mdsc->waiting_for_map);
3058         mdsc->sessions = NULL;
3059         mdsc->max_sessions = 0;
3060         mdsc->stopping = 0;
3061         init_rwsem(&mdsc->snap_rwsem);
3062         mdsc->snap_realms = RB_ROOT;
3063         INIT_LIST_HEAD(&mdsc->snap_empty);
3064         spin_lock_init(&mdsc->snap_empty_lock);
3065         mdsc->last_tid = 0;
3066         mdsc->request_tree = RB_ROOT;
3067         INIT_DELAYED_WORK(&mdsc->delayed_work, delayed_work);
3068         mdsc->last_renew_caps = jiffies;
3069         INIT_LIST_HEAD(&mdsc->cap_delay_list);
3070         spin_lock_init(&mdsc->cap_delay_lock);
3071         INIT_LIST_HEAD(&mdsc->snap_flush_list);
3072         spin_lock_init(&mdsc->snap_flush_lock);
3073         mdsc->cap_flush_seq = 0;
3074         INIT_LIST_HEAD(&mdsc->cap_dirty);
3075         INIT_LIST_HEAD(&mdsc->cap_dirty_migrating);
3076         mdsc->num_cap_flushing = 0;
3077         spin_lock_init(&mdsc->cap_dirty_lock);
3078         init_waitqueue_head(&mdsc->cap_flushing_wq);
3079         spin_lock_init(&mdsc->dentry_lru_lock);
3080         INIT_LIST_HEAD(&mdsc->dentry_lru);
3081
3082         ceph_caps_init(mdsc);
3083         ceph_adjust_min_caps(mdsc, fsc->min_caps);
3084
3085         return 0;
3086 }
3087
3088 /*
3089  * Wait for safe replies on open mds requests.  If we time out, drop
3090  * all requests from the tree to avoid dangling dentry refs.
3091  */
3092 static void wait_requests(struct ceph_mds_client *mdsc)
3093 {
3094         struct ceph_mds_request *req;
3095         struct ceph_fs_client *fsc = mdsc->fsc;
3096
3097         mutex_lock(&mdsc->mutex);
3098         if (__get_oldest_req(mdsc)) {
3099                 mutex_unlock(&mdsc->mutex);
3100
3101                 dout("wait_requests waiting for requests\n");
3102                 wait_for_completion_timeout(&mdsc->safe_umount_waiters,
3103                                     fsc->client->options->mount_timeout * HZ);
3104
3105                 /* tear down remaining requests */
3106                 mutex_lock(&mdsc->mutex);
3107                 while ((req = __get_oldest_req(mdsc))) {
3108                         dout("wait_requests timed out on tid %llu\n",
3109                              req->r_tid);
3110                         __unregister_request(mdsc, req);
3111                 }
3112         }
3113         mutex_unlock(&mdsc->mutex);
3114         dout("wait_requests done\n");
3115 }
3116
3117 /*
3118  * called before mount is ro, and before dentries are torn down.
3119  * (hmm, does this still race with new lookups?)
3120  */
3121 void ceph_mdsc_pre_umount(struct ceph_mds_client *mdsc)
3122 {
3123         dout("pre_umount\n");
3124         mdsc->stopping = 1;
3125
3126         drop_leases(mdsc);
3127         ceph_flush_dirty_caps(mdsc);
3128         wait_requests(mdsc);
3129
3130         /*
3131          * wait for reply handlers to drop their request refs and
3132          * their inode/dcache refs
3133          */
3134         ceph_msgr_flush();
3135 }
3136
3137 /*
3138  * wait for all write mds requests to flush.
3139  */
3140 static void wait_unsafe_requests(struct ceph_mds_client *mdsc, u64 want_tid)
3141 {
3142         struct ceph_mds_request *req = NULL, *nextreq;
3143         struct rb_node *n;
3144
3145         mutex_lock(&mdsc->mutex);
3146         dout("wait_unsafe_requests want %lld\n", want_tid);
3147 restart:
3148         req = __get_oldest_req(mdsc);
3149         while (req && req->r_tid <= want_tid) {
3150                 /* find next request */
3151                 n = rb_next(&req->r_node);
3152                 if (n)
3153                         nextreq = rb_entry(n, struct ceph_mds_request, r_node);
3154                 else
3155                         nextreq = NULL;
3156                 if ((req->r_op & CEPH_MDS_OP_WRITE)) {
3157                         /* write op */
3158                         ceph_mdsc_get_request(req);
3159                         if (nextreq)
3160                                 ceph_mdsc_get_request(nextreq);
3161                         mutex_unlock(&mdsc->mutex);
3162                         dout("wait_unsafe_requests  wait on %llu (want %llu)\n",
3163                              req->r_tid, want_tid);
3164                         wait_for_completion(&req->r_safe_completion);
3165                         mutex_lock(&mdsc->mutex);
3166                         ceph_mdsc_put_request(req);
3167                         if (!nextreq)
3168                                 break;  /* next dne before, so we're done! */
3169                         if (RB_EMPTY_NODE(&nextreq->r_node)) {
3170                                 /* next request was removed from tree */
3171                                 ceph_mdsc_put_request(nextreq);
3172                                 goto restart;
3173                         }
3174                         ceph_mdsc_put_request(nextreq);  /* won't go away */
3175                 }
3176                 req = nextreq;
3177         }
3178         mutex_unlock(&mdsc->mutex);
3179         dout("wait_unsafe_requests done\n");
3180 }
3181
3182 void ceph_mdsc_sync(struct ceph_mds_client *mdsc)
3183 {
3184         u64 want_tid, want_flush;
3185
3186         if (mdsc->fsc->mount_state == CEPH_MOUNT_SHUTDOWN)
3187                 return;
3188
3189         dout("sync\n");
3190         mutex_lock(&mdsc->mutex);
3191         want_tid = mdsc->last_tid;
3192         want_flush = mdsc->cap_flush_seq;
3193         mutex_unlock(&mdsc->mutex);
3194         dout("sync want tid %lld flush_seq %lld\n", want_tid, want_flush);
3195
3196         ceph_flush_dirty_caps(mdsc);
3197
3198         wait_unsafe_requests(mdsc, want_tid);
3199         wait_event(mdsc->cap_flushing_wq, check_cap_flush(mdsc, want_flush));
3200 }
3201
3202 /*
3203  * true if all sessions are closed, or we force unmount
3204  */
3205 static bool done_closing_sessions(struct ceph_mds_client *mdsc)
3206 {
3207         int i, n = 0;
3208
3209         if (mdsc->fsc->mount_state == CEPH_MOUNT_SHUTDOWN)
3210                 return true;
3211
3212         mutex_lock(&mdsc->mutex);
3213         for (i = 0; i < mdsc->max_sessions; i++)
3214                 if (mdsc->sessions[i])
3215                         n++;
3216         mutex_unlock(&mdsc->mutex);
3217         return n == 0;
3218 }
3219
3220 /*
3221  * called after sb is ro.
3222  */
3223 void ceph_mdsc_close_sessions(struct ceph_mds_client *mdsc)
3224 {
3225         struct ceph_mds_session *session;
3226         int i;
3227         struct ceph_fs_client *fsc = mdsc->fsc;
3228         unsigned long timeout = fsc->client->options->mount_timeout * HZ;
3229
3230         dout("close_sessions\n");
3231
3232         /* close sessions */
3233         mutex_lock(&mdsc->mutex);
3234         for (i = 0; i < mdsc->max_sessions; i++) {
3235                 session = __ceph_lookup_mds_session(mdsc, i);
3236                 if (!session)
3237                         continue;
3238                 mutex_unlock(&mdsc->mutex);
3239                 mutex_lock(&session->s_mutex);
3240                 __close_session(mdsc, session);
3241                 mutex_unlock(&session->s_mutex);
3242                 ceph_put_mds_session(session);
3243                 mutex_lock(&mdsc->mutex);
3244         }
3245         mutex_unlock(&mdsc->mutex);
3246
3247         dout("waiting for sessions to close\n");
3248         wait_event_timeout(mdsc->session_close_wq, done_closing_sessions(mdsc),
3249                            timeout);
3250
3251         /* tear down remaining sessions */
3252         mutex_lock(&mdsc->mutex);
3253         for (i = 0; i < mdsc->max_sessions; i++) {
3254                 if (mdsc->sessions[i]) {
3255                         session = get_session(mdsc->sessions[i]);
3256                         __unregister_session(mdsc, session);
3257                         mutex_unlock(&mdsc->mutex);
3258                         mutex_lock(&session->s_mutex);
3259                         remove_session_caps(session);
3260                         mutex_unlock(&session->s_mutex);
3261                         ceph_put_mds_session(session);
3262                         mutex_lock(&mdsc->mutex);
3263                 }
3264         }
3265         WARN_ON(!list_empty(&mdsc->cap_delay_list));
3266         mutex_unlock(&mdsc->mutex);
3267
3268         ceph_cleanup_empty_realms(mdsc);
3269
3270         cancel_delayed_work_sync(&mdsc->delayed_work); /* cancel timer */
3271
3272         dout("stopped\n");
3273 }
3274
3275 static void ceph_mdsc_stop(struct ceph_mds_client *mdsc)
3276 {
3277         dout("stop\n");
3278         cancel_delayed_work_sync(&mdsc->delayed_work); /* cancel timer */
3279         if (mdsc->mdsmap)
3280                 ceph_mdsmap_destroy(mdsc->mdsmap);
3281         kfree(mdsc->sessions);
3282         ceph_caps_finalize(mdsc);
3283 }
3284
3285 void ceph_mdsc_destroy(struct ceph_fs_client *fsc)
3286 {
3287         struct ceph_mds_client *mdsc = fsc->mdsc;
3288
3289         dout("mdsc_destroy %p\n", mdsc);
3290         ceph_mdsc_stop(mdsc);
3291
3292         /* flush out any connection work with references to us */
3293         ceph_msgr_flush();
3294
3295         fsc->mdsc = NULL;
3296         kfree(mdsc);
3297         dout("mdsc_destroy %p done\n", mdsc);
3298 }
3299
3300
3301 /*
3302  * handle mds map update.
3303  */
3304 void ceph_mdsc_handle_map(struct ceph_mds_client *mdsc, struct ceph_msg *msg)
3305 {
3306         u32 epoch;
3307         u32 maplen;
3308         void *p = msg->front.iov_base;
3309         void *end = p + msg->front.iov_len;
3310         struct ceph_mdsmap *newmap, *oldmap;
3311         struct ceph_fsid fsid;
3312         int err = -EINVAL;
3313
3314         ceph_decode_need(&p, end, sizeof(fsid)+2*sizeof(u32), bad);
3315         ceph_decode_copy(&p, &fsid, sizeof(fsid));
3316         if (ceph_check_fsid(mdsc->fsc->client, &fsid) < 0)
3317                 return;
3318         epoch = ceph_decode_32(&p);
3319         maplen = ceph_decode_32(&p);
3320         dout("handle_map epoch %u len %d\n", epoch, (int)maplen);
3321
3322         /* do we need it? */
3323         ceph_monc_got_mdsmap(&mdsc->fsc->client->monc, epoch);
3324         mutex_lock(&mdsc->mutex);
3325         if (mdsc->mdsmap && epoch <= mdsc->mdsmap->m_epoch) {
3326                 dout("handle_map epoch %u <= our %u\n",
3327                      epoch, mdsc->mdsmap->m_epoch);
3328                 mutex_unlock(&mdsc->mutex);
3329                 return;
3330         }
3331
3332         newmap = ceph_mdsmap_decode(&p, end);
3333         if (IS_ERR(newmap)) {
3334                 err = PTR_ERR(newmap);
3335                 goto bad_unlock;
3336         }
3337
3338         /* swap into place */
3339         if (mdsc->mdsmap) {
3340                 oldmap = mdsc->mdsmap;
3341                 mdsc->mdsmap = newmap;
3342                 check_new_map(mdsc, newmap, oldmap);
3343                 ceph_mdsmap_destroy(oldmap);
3344         } else {
3345                 mdsc->mdsmap = newmap;  /* first mds map */
3346         }
3347         mdsc->fsc->sb->s_maxbytes = mdsc->mdsmap->m_max_file_size;
3348
3349         __wake_requests(mdsc, &mdsc->waiting_for_map);
3350
3351         mutex_unlock(&mdsc->mutex);
3352         schedule_delayed(mdsc);
3353         return;
3354
3355 bad_unlock:
3356         mutex_unlock(&mdsc->mutex);
3357 bad:
3358         pr_err("error decoding mdsmap %d\n", err);
3359         return;
3360 }
3361
3362 static struct ceph_connection *con_get(struct ceph_connection *con)
3363 {
3364         struct ceph_mds_session *s = con->private;
3365
3366         if (get_session(s)) {
3367                 dout("mdsc con_get %p ok (%d)\n", s, atomic_read(&s->s_ref));
3368                 return con;
3369         }
3370         dout("mdsc con_get %p FAIL\n", s);
3371         return NULL;
3372 }
3373
3374 static void con_put(struct ceph_connection *con)
3375 {
3376         struct ceph_mds_session *s = con->private;
3377
3378         dout("mdsc con_put %p (%d)\n", s, atomic_read(&s->s_ref) - 1);
3379         ceph_put_mds_session(s);
3380 }
3381
3382 /*
3383  * if the client is unresponsive for long enough, the mds will kill
3384  * the session entirely.
3385  */
3386 static void peer_reset(struct ceph_connection *con)
3387 {
3388         struct ceph_mds_session *s = con->private;
3389         struct ceph_mds_client *mdsc = s->s_mdsc;
3390
3391         pr_warning("mds%d closed our session\n", s->s_mds);
3392         send_mds_reconnect(mdsc, s);
3393 }
3394
3395 static void dispatch(struct ceph_connection *con, struct ceph_msg *msg)
3396 {
3397         struct ceph_mds_session *s = con->private;
3398         struct ceph_mds_client *mdsc = s->s_mdsc;
3399         int type = le16_to_cpu(msg->hdr.type);
3400
3401         mutex_lock(&mdsc->mutex);
3402         if (__verify_registered_session(mdsc, s) < 0) {
3403                 mutex_unlock(&mdsc->mutex);
3404                 goto out;
3405         }
3406         mutex_unlock(&mdsc->mutex);
3407
3408         switch (type) {
3409         case CEPH_MSG_MDS_MAP:
3410                 ceph_mdsc_handle_map(mdsc, msg);
3411                 break;
3412         case CEPH_MSG_CLIENT_SESSION:
3413                 handle_session(s, msg);
3414                 break;
3415         case CEPH_MSG_CLIENT_REPLY:
3416                 handle_reply(s, msg);
3417                 break;
3418         case CEPH_MSG_CLIENT_REQUEST_FORWARD:
3419                 handle_forward(mdsc, s, msg);
3420                 break;
3421         case CEPH_MSG_CLIENT_CAPS:
3422                 ceph_handle_caps(s, msg);
3423                 break;
3424         case CEPH_MSG_CLIENT_SNAP:
3425                 ceph_handle_snap(mdsc, s, msg);
3426                 break;
3427         case CEPH_MSG_CLIENT_LEASE:
3428                 handle_lease(mdsc, s, msg);
3429                 break;
3430
3431         default:
3432                 pr_err("received unknown message type %d %s\n", type,
3433                        ceph_msg_type_name(type));
3434         }
3435 out:
3436         ceph_msg_put(msg);
3437 }
3438
3439 /*
3440  * authentication
3441  */
3442
3443 /*
3444  * Note: returned pointer is the address of a structure that's
3445  * managed separately.  Caller must *not* attempt to free it.
3446  */
3447 static struct ceph_auth_handshake *get_authorizer(struct ceph_connection *con,
3448                                         int *proto, int force_new)
3449 {
3450         struct ceph_mds_session *s = con->private;
3451         struct ceph_mds_client *mdsc = s->s_mdsc;
3452         struct ceph_auth_client *ac = mdsc->fsc->client->monc.auth;
3453         struct ceph_auth_handshake *auth = &s->s_auth;
3454
3455         if (force_new && auth->authorizer) {
3456                 ceph_auth_destroy_authorizer(ac, auth->authorizer);
3457                 auth->authorizer = NULL;
3458         }
3459         if (!auth->authorizer) {
3460                 int ret = ceph_auth_create_authorizer(ac, CEPH_ENTITY_TYPE_MDS,
3461                                                       auth);
3462                 if (ret)
3463                         return ERR_PTR(ret);
3464         } else {
3465                 int ret = ceph_auth_update_authorizer(ac, CEPH_ENTITY_TYPE_MDS,
3466                                                       auth);
3467                 if (ret)
3468                         return ERR_PTR(ret);
3469         }
3470         *proto = ac->protocol;
3471
3472         return auth;
3473 }
3474
3475
3476 static int verify_authorizer_reply(struct ceph_connection *con, int len)
3477 {
3478         struct ceph_mds_session *s = con->private;
3479         struct ceph_mds_client *mdsc = s->s_mdsc;
3480         struct ceph_auth_client *ac = mdsc->fsc->client->monc.auth;
3481
3482         return ceph_auth_verify_authorizer_reply(ac, s->s_auth.authorizer, len);
3483 }
3484
3485 static int invalidate_authorizer(struct ceph_connection *con)
3486 {
3487         struct ceph_mds_session *s = con->private;
3488         struct ceph_mds_client *mdsc = s->s_mdsc;
3489         struct ceph_auth_client *ac = mdsc->fsc->client->monc.auth;
3490
3491         ceph_auth_invalidate_authorizer(ac, CEPH_ENTITY_TYPE_MDS);
3492
3493         return ceph_monc_validate_auth(&mdsc->fsc->client->monc);
3494 }
3495
3496 static struct ceph_msg *mds_alloc_msg(struct ceph_connection *con,
3497                                 struct ceph_msg_header *hdr, int *skip)
3498 {
3499         struct ceph_msg *msg;
3500         int type = (int) le16_to_cpu(hdr->type);
3501         int front_len = (int) le32_to_cpu(hdr->front_len);
3502
3503         if (con->in_msg)
3504                 return con->in_msg;
3505
3506         *skip = 0;
3507         msg = ceph_msg_new(type, front_len, GFP_NOFS, false);
3508         if (!msg) {
3509                 pr_err("unable to allocate msg type %d len %d\n",
3510                        type, front_len);
3511                 return NULL;
3512         }
3513
3514         return msg;
3515 }
3516
3517 static const struct ceph_connection_operations mds_con_ops = {
3518         .get = con_get,
3519         .put = con_put,
3520         .dispatch = dispatch,
3521         .get_authorizer = get_authorizer,
3522         .verify_authorizer_reply = verify_authorizer_reply,
3523         .invalidate_authorizer = invalidate_authorizer,
3524         .peer_reset = peer_reset,
3525         .alloc_msg = mds_alloc_msg,
3526 };
3527
3528 /* eof */