1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
|
// SPDX-License-Identifier: GPL-2.0
/*
* Copyright (C) 2010, 2023 Red Hat, Inc.
* All Rights Reserved.
*/
#include "xfs.h"
#include "xfs_shared.h"
#include "xfs_format.h"
#include "xfs_log_format.h"
#include "xfs_trans_resv.h"
#include "xfs_mount.h"
#include "xfs_btree.h"
#include "xfs_alloc_btree.h"
#include "xfs_alloc.h"
#include "xfs_discard.h"
#include "xfs_error.h"
#include "xfs_extent_busy.h"
#include "xfs_trace.h"
#include "xfs_log.h"
#include "xfs_ag.h"
/*
* Notes on an efficient, low latency fstrim algorithm
*
* We need to walk the filesystem free space and issue discards on the free
* space that meet the search criteria (size and location). We cannot issue
* discards on extents that might be in use, or are so recently in use they are
* still marked as busy. To serialise against extent state changes whilst we are
* gathering extents to trim, we must hold the AGF lock to lock out other
* allocations and extent free operations that might change extent state.
*
* However, we cannot just hold the AGF for the entire AG free space walk whilst
* we issue discards on each free space that is found. Storage devices can have
* extremely slow discard implementations (e.g. ceph RBD) and so walking a
* couple of million free extents and issuing synchronous discards on each
* extent can take a *long* time. Whilst we are doing this walk, nothing else
* can access the AGF, and we can stall transactions and hence the log whilst
* modifications wait for the AGF lock to be released. This can lead hung tasks
* kicking the hung task timer and rebooting the system. This is bad.
*
* Hence we need to take a leaf from the bulkstat playbook. It takes the AGI
* lock, gathers a range of inode cluster buffers that are allocated, drops the
* AGI lock and then reads all the inode cluster buffers and processes them. It
* loops doing this, using a cursor to keep track of where it is up to in the AG
* for each iteration to restart the INOBT lookup from.
*
* We can't do this exactly with free space - once we drop the AGF lock, the
* state of the free extent is out of our control and we cannot run a discard
* safely on it in this situation. Unless, of course, we've marked the free
* extent as busy and undergoing a discard operation whilst we held the AGF
* locked.
*
* This is exactly how online discard works - free extents are marked busy when
* they are freed, and once the extent free has been committed to the journal,
* the busy extent record is marked as "undergoing discard" and the discard is
* then issued on the free extent. Once the discard completes, the busy extent
* record is removed and the extent is able to be allocated again.
*
* In the context of fstrim, if we find a free extent we need to discard, we
* don't have to discard it immediately. All we need to do it record that free
* extent as being busy and under discard, and all the allocation routines will
* now avoid trying to allocate it. Hence if we mark the extent as busy under
* the AGF lock, we can safely discard it without holding the AGF lock because
* nothing will attempt to allocate that free space until the discard completes.
*
* This also allows us to issue discards asynchronously like we do with online
* discard, and so for fast devices fstrim will run much faster as we can have
* multiple discard operations in flight at once, as well as pipeline the free
* extent search so that it overlaps in flight discard IO.
*/
struct workqueue_struct *xfs_discard_wq;
static void
xfs_discard_endio_work(
struct work_struct *work)
{
struct xfs_busy_extents *extents =
container_of(work, struct xfs_busy_extents, endio_work);
xfs_extent_busy_clear(extents->mount, &extents->extent_list, false);
kmem_free(extents->owner);
}
/*
* Queue up the actual completion to a thread to avoid IRQ-safe locking for
* pagb_lock.
*/
static void
xfs_discard_endio(
struct bio *bio)
{
struct xfs_busy_extents *extents = bio->bi_private;
INIT_WORK(&extents->endio_work, xfs_discard_endio_work);
queue_work(xfs_discard_wq, &extents->endio_work);
bio_put(bio);
}
/*
* Walk the discard list and issue discards on all the busy extents in the
* list. We plug and chain the bios so that we only need a single completion
* call to clear all the busy extents once the discards are complete.
*/
int
xfs_discard_extents(
struct xfs_mount *mp,
struct xfs_busy_extents *extents)
{
struct xfs_extent_busy *busyp;
struct bio *bio = NULL;
struct blk_plug plug;
int error = 0;
blk_start_plug(&plug);
list_for_each_entry(busyp, &extents->extent_list, list) {
trace_xfs_discard_extent(mp, busyp->agno, busyp->bno,
busyp->length);
error = __blkdev_issue_discard(mp->m_ddev_targp->bt_bdev,
XFS_AGB_TO_DADDR(mp, busyp->agno, busyp->bno),
XFS_FSB_TO_BB(mp, busyp->length),
GFP_NOFS, &bio);
if (error && error != -EOPNOTSUPP) {
xfs_info(mp,
"discard failed for extent [0x%llx,%u], error %d",
(unsigned long long)busyp->bno,
busyp->length,
error);
break;
}
}
if (bio) {
bio->bi_private = extents;
bio->bi_end_io = xfs_discard_endio;
submit_bio(bio);
} else {
xfs_discard_endio_work(&extents->endio_work);
}
blk_finish_plug(&plug);
return error;
}
static int
xfs_trim_gather_extents(
struct xfs_perag *pag,
xfs_daddr_t start,
xfs_daddr_t end,
xfs_daddr_t minlen,
struct xfs_alloc_rec_incore *tcur,
struct xfs_busy_extents *extents,
uint64_t *blocks_trimmed)
{
struct xfs_mount *mp = pag->pag_mount;
struct xfs_btree_cur *cur;
struct xfs_buf *agbp;
int error;
int i;
int batch = 100;
/*
* Force out the log. This means any transactions that might have freed
* space before we take the AGF buffer lock are now on disk, and the
* volatile disk cache is flushed.
*/
xfs_log_force(mp, XFS_LOG_SYNC);
error = xfs_alloc_read_agf(pag, NULL, 0, &agbp);
if (error)
return error;
cur = xfs_allocbt_init_cursor(mp, NULL, agbp, pag, XFS_BTNUM_CNT);
/*
* Look up the extent length requested in the AGF and start with it.
*/
if (tcur->ar_startblock == NULLAGBLOCK)
error = xfs_alloc_lookup_ge(cur, 0, tcur->ar_blockcount, &i);
else
error = xfs_alloc_lookup_le(cur, tcur->ar_startblock,
tcur->ar_blockcount, &i);
if (error)
goto out_del_cursor;
if (i == 0) {
/* nothing of that length left in the AG, we are done */
tcur->ar_blockcount = 0;
goto out_del_cursor;
}
/*
* Loop until we are done with all extents that are large
* enough to be worth discarding or we hit batch limits.
*/
while (i) {
xfs_agblock_t fbno;
xfs_extlen_t flen;
xfs_daddr_t dbno;
xfs_extlen_t dlen;
error = xfs_alloc_get_rec(cur, &fbno, &flen, &i);
if (error)
break;
if (XFS_IS_CORRUPT(mp, i != 1)) {
error = -EFSCORRUPTED;
break;
}
if (--batch <= 0) {
/*
* Update the cursor to point at this extent so we
* restart the next batch from this extent.
*/
tcur->ar_startblock = fbno;
tcur->ar_blockcount = flen;
break;
}
/*
* use daddr format for all range/len calculations as that is
* the format the range/len variables are supplied in by
* userspace.
*/
dbno = XFS_AGB_TO_DADDR(mp, pag->pag_agno, fbno);
dlen = XFS_FSB_TO_BB(mp, flen);
/*
* Too small? Give up.
*/
if (dlen < minlen) {
trace_xfs_discard_toosmall(mp, pag->pag_agno, fbno, flen);
tcur->ar_blockcount = 0;
break;
}
/*
* If the extent is entirely outside of the range we are
* supposed to discard skip it. Do not bother to trim
* down partially overlapping ranges for now.
*/
if (dbno + dlen < start || dbno > end) {
trace_xfs_discard_exclude(mp, pag->pag_agno, fbno, flen);
goto next_extent;
}
/*
* If any blocks in the range are still busy, skip the
* discard and try again the next time.
*/
if (xfs_extent_busy_search(mp, pag, fbno, flen)) {
trace_xfs_discard_busy(mp, pag->pag_agno, fbno, flen);
goto next_extent;
}
xfs_extent_busy_insert_discard(pag, fbno, flen,
&extents->extent_list);
*blocks_trimmed += flen;
next_extent:
error = xfs_btree_decrement(cur, 0, &i);
if (error)
break;
/*
* If there's no more records in the tree, we are done. Set the
* cursor block count to 0 to indicate to the caller that there
* is no more extents to search.
*/
if (i == 0)
tcur->ar_blockcount = 0;
}
/*
* If there was an error, release all the gathered busy extents because
* we aren't going to issue a discard on them any more.
*/
if (error)
xfs_extent_busy_clear(mp, &extents->extent_list, false);
out_del_cursor:
xfs_btree_del_cursor(cur, error);
xfs_buf_relse(agbp);
return error;
}
/*
* Iterate the free list gathering extents and discarding them. We need a cursor
* for the repeated iteration of gather/discard loop, so use the longest extent
* we found in the last batch as the key to start the next.
*/
static int
xfs_trim_extents(
struct xfs_perag *pag,
xfs_daddr_t start,
xfs_daddr_t end,
xfs_daddr_t minlen,
uint64_t *blocks_trimmed)
{
struct xfs_alloc_rec_incore tcur = {
.ar_blockcount = pag->pagf_longest,
.ar_startblock = NULLAGBLOCK,
};
int error = 0;
do {
struct xfs_busy_extents *extents;
extents = kzalloc(sizeof(*extents), GFP_KERNEL);
if (!extents) {
error = -ENOMEM;
break;
}
extents->mount = pag->pag_mount;
extents->owner = extents;
INIT_LIST_HEAD(&extents->extent_list);
error = xfs_trim_gather_extents(pag, start, end, minlen,
&tcur, extents, blocks_trimmed);
if (error) {
kfree(extents);
break;
}
/*
* We hand the extent list to the discard function here so the
* discarded extents can be removed from the busy extent list.
* This allows the discards to run asynchronously with gathering
* the next round of extents to discard.
*
* However, we must ensure that we do not reference the extent
* list after this function call, as it may have been freed by
* the time control returns to us.
*/
error = xfs_discard_extents(pag->pag_mount, extents);
if (error)
break;
if (fatal_signal_pending(current)) {
error = -ERESTARTSYS;
break;
}
} while (tcur.ar_blockcount != 0);
return error;
}
/*
* trim a range of the filesystem.
*
* Note: the parameters passed from userspace are byte ranges into the
* filesystem which does not match to the format we use for filesystem block
* addressing. FSB addressing is sparse (AGNO|AGBNO), while the incoming format
* is a linear address range. Hence we need to use DADDR based conversions and
* comparisons for determining the correct offset and regions to trim.
*/
int
xfs_ioc_trim(
struct xfs_mount *mp,
struct fstrim_range __user *urange)
{
struct xfs_perag *pag;
unsigned int granularity =
bdev_discard_granularity(mp->m_ddev_targp->bt_bdev);
struct fstrim_range range;
xfs_daddr_t start, end, minlen;
xfs_agnumber_t agno;
uint64_t blocks_trimmed = 0;
int error, last_error = 0;
if (!capable(CAP_SYS_ADMIN))
return -EPERM;
if (!bdev_max_discard_sectors(mp->m_ddev_targp->bt_bdev))
return -EOPNOTSUPP;
/*
* We haven't recovered the log, so we cannot use our bnobt-guided
* storage zapping commands.
*/
if (xfs_has_norecovery(mp))
return -EROFS;
if (copy_from_user(&range, urange, sizeof(range)))
return -EFAULT;
range.minlen = max_t(u64, granularity, range.minlen);
minlen = BTOBB(range.minlen);
/*
* Truncating down the len isn't actually quite correct, but using
* BBTOB would mean we trivially get overflows for values
* of ULLONG_MAX or slightly lower. And ULLONG_MAX is the default
* used by the fstrim application. In the end it really doesn't
* matter as trimming blocks is an advisory interface.
*/
if (range.start >= XFS_FSB_TO_B(mp, mp->m_sb.sb_dblocks) ||
range.minlen > XFS_FSB_TO_B(mp, mp->m_ag_max_usable) ||
range.len < mp->m_sb.sb_blocksize)
return -EINVAL;
start = BTOBB(range.start);
end = start + BTOBBT(range.len) - 1;
if (end > XFS_FSB_TO_BB(mp, mp->m_sb.sb_dblocks) - 1)
end = XFS_FSB_TO_BB(mp, mp->m_sb.sb_dblocks) - 1;
agno = xfs_daddr_to_agno(mp, start);
for_each_perag_range(mp, agno, xfs_daddr_to_agno(mp, end), pag) {
error = xfs_trim_extents(pag, start, end, minlen,
&blocks_trimmed);
if (error) {
last_error = error;
if (error == -ERESTARTSYS) {
xfs_perag_rele(pag);
break;
}
}
}
if (last_error)
return last_error;
range.len = XFS_FSB_TO_B(mp, blocks_trimmed);
if (copy_to_user(urange, &range, sizeof(range)))
return -EFAULT;
return 0;
}
|