1 /*
2 * This file is part of UBIFS.
3 *
4 * Copyright (C) 2006-2008 Nokia Corporation.
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License version 2 as published by
8 * the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
13 * more details.
14 *
15 * You should have received a copy of the GNU General Public License along with
16 * this program; if not, write to the Free Software Foundation, Inc., 51
17 * Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
18 *
19 * Authors: Adrian Hunter
20 * Artem Bityutskiy (Битюцкий Артём)
21 */
22
23 /*
24 * This file implements the budgeting sub-system which is responsible for UBIFS
25 * space management.
26 *
27 * Factors such as compression, wasted space at the ends of LEBs, space in other
28 * journal heads, the effect of updates on the index, and so on, make it
29 * impossible to accurately predict the amount of space needed. Consequently
30 * approximations are used.
31 */
32
33 #include "ubifs.h"
34 #include <linux/writeback.h>
35 #include <linux/math64.h>
36
37 /*
38 * When pessimistic budget calculations say that there is no enough space,
39 * UBIFS starts writing back dirty inodes and pages, doing garbage collection,
40 * or committing. The below constant defines maximum number of times UBIFS
41 * repeats the operations.
42 */
43 #define MAX_MKSPC_RETRIES 3
44
45 /*
46 * The below constant defines amount of dirty pages which should be written
47 * back at when trying to shrink the liability.
48 */
49 #define NR_TO_WRITE 16
50
51 /**
52 * shrink_liability - write-back some dirty pages/inodes.
53 * @c: UBIFS file-system description object
54 * @nr_to_write: how many dirty pages to write-back
55 *
56 * This function shrinks UBIFS liability by means of writing back some amount
57 * of dirty inodes and their pages.
58 *
59 * Note, this function synchronizes even VFS inodes which are locked
60 * (@i_mutex) by the caller of the budgeting function, because write-back does
61 * not touch @i_mutex.
62 */
shrink_liability(struct ubifs_info * c,int nr_to_write)63 static void shrink_liability(struct ubifs_info *c, int nr_to_write)
64 {
65 down_read(&c->vfs_sb->s_umount);
66 writeback_inodes_sb(c->vfs_sb, WB_REASON_FS_FREE_SPACE);
67 up_read(&c->vfs_sb->s_umount);
68 }
69
70 /**
71 * run_gc - run garbage collector.
72 * @c: UBIFS file-system description object
73 *
74 * This function runs garbage collector to make some more free space. Returns
75 * zero if a free LEB has been produced, %-EAGAIN if commit is required, and a
76 * negative error code in case of failure.
77 */
run_gc(struct ubifs_info * c)78 static int run_gc(struct ubifs_info *c)
79 {
80 int err, lnum;
81
82 /* Make some free space by garbage-collecting dirty space */
83 down_read(&c->commit_sem);
84 lnum = ubifs_garbage_collect(c, 1);
85 up_read(&c->commit_sem);
86 if (lnum < 0)
87 return lnum;
88
89 /* GC freed one LEB, return it to lprops */
90 dbg_budg("GC freed LEB %d", lnum);
91 err = ubifs_return_leb(c, lnum);
92 if (err)
93 return err;
94 return 0;
95 }
96
97 /**
98 * get_liability - calculate current liability.
99 * @c: UBIFS file-system description object
100 *
101 * This function calculates and returns current UBIFS liability, i.e. the
102 * amount of bytes UBIFS has "promised" to write to the media.
103 */
get_liability(struct ubifs_info * c)104 static long long get_liability(struct ubifs_info *c)
105 {
106 long long liab;
107
108 spin_lock(&c->space_lock);
109 liab = c->bi.idx_growth + c->bi.data_growth + c->bi.dd_growth;
110 spin_unlock(&c->space_lock);
111 return liab;
112 }
113
114 /**
115 * make_free_space - make more free space on the file-system.
116 * @c: UBIFS file-system description object
117 *
118 * This function is called when an operation cannot be budgeted because there
119 * is supposedly no free space. But in most cases there is some free space:
120 * o budgeting is pessimistic, so it always budgets more than it is actually
121 * needed, so shrinking the liability is one way to make free space - the
122 * cached data will take less space then it was budgeted for;
123 * o GC may turn some dark space into free space (budgeting treats dark space
124 * as not available);
125 * o commit may free some LEB, i.e., turn freeable LEBs into free LEBs.
126 *
127 * So this function tries to do the above. Returns %-EAGAIN if some free space
128 * was presumably made and the caller has to re-try budgeting the operation.
129 * Returns %-ENOSPC if it couldn't do more free space, and other negative error
130 * codes on failures.
131 */
make_free_space(struct ubifs_info * c)132 static int make_free_space(struct ubifs_info *c)
133 {
134 int err, retries = 0;
135 long long liab1, liab2;
136
137 do {
138 liab1 = get_liability(c);
139 /*
140 * We probably have some dirty pages or inodes (liability), try
141 * to write them back.
142 */
143 dbg_budg("liability %lld, run write-back", liab1);
144 shrink_liability(c, NR_TO_WRITE);
145
146 liab2 = get_liability(c);
147 if (liab2 < liab1)
148 return -EAGAIN;
149
150 dbg_budg("new liability %lld (not shrunk)", liab2);
151
152 /* Liability did not shrink again, try GC */
153 dbg_budg("Run GC");
154 err = run_gc(c);
155 if (!err)
156 return -EAGAIN;
157
158 if (err != -EAGAIN && err != -ENOSPC)
159 /* Some real error happened */
160 return err;
161
162 dbg_budg("Run commit (retries %d)", retries);
163 err = ubifs_run_commit(c);
164 if (err)
165 return err;
166 } while (retries++ < MAX_MKSPC_RETRIES);
167
168 return -ENOSPC;
169 }
170
171 /**
172 * ubifs_calc_min_idx_lebs - calculate amount of LEBs for the index.
173 * @c: UBIFS file-system description object
174 *
175 * This function calculates and returns the number of LEBs which should be kept
176 * for index usage.
177 */
ubifs_calc_min_idx_lebs(struct ubifs_info * c)178 int ubifs_calc_min_idx_lebs(struct ubifs_info *c)
179 {
180 int idx_lebs;
181 long long idx_size;
182
183 idx_size = c->bi.old_idx_sz + c->bi.idx_growth + c->bi.uncommitted_idx;
184 /* And make sure we have thrice the index size of space reserved */
185 idx_size += idx_size << 1;
186 /*
187 * We do not maintain 'old_idx_size' as 'old_idx_lebs'/'old_idx_bytes'
188 * pair, nor similarly the two variables for the new index size, so we
189 * have to do this costly 64-bit division on fast-path.
190 */
191 idx_lebs = div_u64(idx_size + c->idx_leb_size - 1, c->idx_leb_size);
192 /*
193 * The index head is not available for the in-the-gaps method, so add an
194 * extra LEB to compensate.
195 */
196 idx_lebs += 1;
197 if (idx_lebs < MIN_INDEX_LEBS)
198 idx_lebs = MIN_INDEX_LEBS;
199 return idx_lebs;
200 }
201
202 /**
203 * ubifs_calc_available - calculate available FS space.
204 * @c: UBIFS file-system description object
205 * @min_idx_lebs: minimum number of LEBs reserved for the index
206 *
207 * This function calculates and returns amount of FS space available for use.
208 */
ubifs_calc_available(const struct ubifs_info * c,int min_idx_lebs)209 long long ubifs_calc_available(const struct ubifs_info *c, int min_idx_lebs)
210 {
211 int subtract_lebs;
212 long long available;
213
214 available = c->main_bytes - c->lst.total_used;
215
216 /*
217 * Now 'available' contains theoretically available flash space
218 * assuming there is no index, so we have to subtract the space which
219 * is reserved for the index.
220 */
221 subtract_lebs = min_idx_lebs;
222
223 /* Take into account that GC reserves one LEB for its own needs */
224 subtract_lebs += 1;
225
226 /*
227 * Since different write types go to different heads, we should
228 * reserve one leb for each head.
229 */
230 subtract_lebs += c->jhead_cnt;
231
232 /* We also reserve one LEB for deletions, which bypass budgeting */
233 subtract_lebs += 1;
234
235 available -= (long long)subtract_lebs * c->leb_size;
236
237 /* Subtract the dead space which is not available for use */
238 available -= c->lst.total_dead;
239
240 /*
241 * Subtract dark space, which might or might not be usable - it depends
242 * on the data which we have on the media and which will be written. If
243 * this is a lot of uncompressed or not-compressible data, the dark
244 * space cannot be used.
245 */
246 available -= c->lst.total_dark;
247
248 /*
249 * However, there is more dark space. The index may be bigger than
250 * @min_idx_lebs. Those extra LEBs are assumed to be available, but
251 * their dark space is not included in total_dark, so it is subtracted
252 * here.
253 */
254 if (c->lst.idx_lebs > min_idx_lebs) {
255 subtract_lebs = c->lst.idx_lebs - min_idx_lebs;
256 available -= subtract_lebs * c->dark_wm;
257 }
258
259 /* The calculations are rough and may end up with a negative number */
260 return available > 0 ? available : 0;
261 }
262
263 /**
264 * can_use_rp - check whether the user is allowed to use reserved pool.
265 * @c: UBIFS file-system description object
266 *
267 * UBIFS has so-called "reserved pool" which is flash space reserved
268 * for the superuser and for uses whose UID/GID is recorded in UBIFS superblock.
269 * This function checks whether current user is allowed to use reserved pool.
270 * Returns %1 current user is allowed to use reserved pool and %0 otherwise.
271 */
can_use_rp(struct ubifs_info * c)272 static int can_use_rp(struct ubifs_info *c)
273 {
274 if (uid_eq(current_fsuid(), c->rp_uid) || capable(CAP_SYS_RESOURCE) ||
275 (!gid_eq(c->rp_gid, GLOBAL_ROOT_GID) && in_group_p(c->rp_gid)))
276 return 1;
277 return 0;
278 }
279
280 /**
281 * do_budget_space - reserve flash space for index and data growth.
282 * @c: UBIFS file-system description object
283 *
284 * This function makes sure UBIFS has enough free LEBs for index growth and
285 * data.
286 *
287 * When budgeting index space, UBIFS reserves thrice as many LEBs as the index
288 * would take if it was consolidated and written to the flash. This guarantees
289 * that the "in-the-gaps" commit method always succeeds and UBIFS will always
290 * be able to commit dirty index. So this function basically adds amount of
291 * budgeted index space to the size of the current index, multiplies this by 3,
292 * and makes sure this does not exceed the amount of free LEBs.
293 *
294 * Notes about @c->bi.min_idx_lebs and @c->lst.idx_lebs variables:
295 * o @c->lst.idx_lebs is the number of LEBs the index currently uses. It might
296 * be large, because UBIFS does not do any index consolidation as long as
297 * there is free space. IOW, the index may take a lot of LEBs, but the LEBs
298 * will contain a lot of dirt.
299 * o @c->bi.min_idx_lebs is the number of LEBS the index presumably takes. IOW,
300 * the index may be consolidated to take up to @c->bi.min_idx_lebs LEBs.
301 *
302 * This function returns zero in case of success, and %-ENOSPC in case of
303 * failure.
304 */
do_budget_space(struct ubifs_info * c)305 static int do_budget_space(struct ubifs_info *c)
306 {
307 long long outstanding, available;
308 int lebs, rsvd_idx_lebs, min_idx_lebs;
309
310 /* First budget index space */
311 min_idx_lebs = ubifs_calc_min_idx_lebs(c);
312
313 /* Now 'min_idx_lebs' contains number of LEBs to reserve */
314 if (min_idx_lebs > c->lst.idx_lebs)
315 rsvd_idx_lebs = min_idx_lebs - c->lst.idx_lebs;
316 else
317 rsvd_idx_lebs = 0;
318
319 /*
320 * The number of LEBs that are available to be used by the index is:
321 *
322 * @c->lst.empty_lebs + @c->freeable_cnt + @c->idx_gc_cnt -
323 * @c->lst.taken_empty_lebs
324 *
325 * @c->lst.empty_lebs are available because they are empty.
326 * @c->freeable_cnt are available because they contain only free and
327 * dirty space, @c->idx_gc_cnt are available because they are index
328 * LEBs that have been garbage collected and are awaiting the commit
329 * before they can be used. And the in-the-gaps method will grab these
330 * if it needs them. @c->lst.taken_empty_lebs are empty LEBs that have
331 * already been allocated for some purpose.
332 *
333 * Note, @c->idx_gc_cnt is included to both @c->lst.empty_lebs (because
334 * these LEBs are empty) and to @c->lst.taken_empty_lebs (because they
335 * are taken until after the commit).
336 *
337 * Note, @c->lst.taken_empty_lebs may temporarily be higher by one
338 * because of the way we serialize LEB allocations and budgeting. See a
339 * comment in 'ubifs_find_free_space()'.
340 */
341 lebs = c->lst.empty_lebs + c->freeable_cnt + c->idx_gc_cnt -
342 c->lst.taken_empty_lebs;
343 if (unlikely(rsvd_idx_lebs > lebs)) {
344 dbg_budg("out of indexing space: min_idx_lebs %d (old %d), rsvd_idx_lebs %d",
345 min_idx_lebs, c->bi.min_idx_lebs, rsvd_idx_lebs);
346 return -ENOSPC;
347 }
348
349 available = ubifs_calc_available(c, min_idx_lebs);
350 outstanding = c->bi.data_growth + c->bi.dd_growth;
351
352 if (unlikely(available < outstanding)) {
353 dbg_budg("out of data space: available %lld, outstanding %lld",
354 available, outstanding);
355 return -ENOSPC;
356 }
357
358 if (available - outstanding <= c->rp_size && !can_use_rp(c))
359 return -ENOSPC;
360
361 c->bi.min_idx_lebs = min_idx_lebs;
362 return 0;
363 }
364
365 /**
366 * calc_idx_growth - calculate approximate index growth from budgeting request.
367 * @c: UBIFS file-system description object
368 * @req: budgeting request
369 *
370 * For now we assume each new node adds one znode. But this is rather poor
371 * approximation, though.
372 */
calc_idx_growth(const struct ubifs_info * c,const struct ubifs_budget_req * req)373 static int calc_idx_growth(const struct ubifs_info *c,
374 const struct ubifs_budget_req *req)
375 {
376 int znodes;
377
378 znodes = req->new_ino + (req->new_page << UBIFS_BLOCKS_PER_PAGE_SHIFT) +
379 req->new_dent;
380 return znodes * c->max_idx_node_sz;
381 }
382
383 /**
384 * calc_data_growth - calculate approximate amount of new data from budgeting
385 * request.
386 * @c: UBIFS file-system description object
387 * @req: budgeting request
388 */
calc_data_growth(const struct ubifs_info * c,const struct ubifs_budget_req * req)389 static int calc_data_growth(const struct ubifs_info *c,
390 const struct ubifs_budget_req *req)
391 {
392 int data_growth;
393
394 data_growth = req->new_ino ? c->bi.inode_budget : 0;
395 if (req->new_page)
396 data_growth += c->bi.page_budget;
397 if (req->new_dent)
398 data_growth += c->bi.dent_budget;
399 data_growth += req->new_ino_d;
400 return data_growth;
401 }
402
403 /**
404 * calc_dd_growth - calculate approximate amount of data which makes other data
405 * dirty from budgeting request.
406 * @c: UBIFS file-system description object
407 * @req: budgeting request
408 */
calc_dd_growth(const struct ubifs_info * c,const struct ubifs_budget_req * req)409 static int calc_dd_growth(const struct ubifs_info *c,
410 const struct ubifs_budget_req *req)
411 {
412 int dd_growth;
413
414 dd_growth = req->dirtied_page ? c->bi.page_budget : 0;
415
416 if (req->dirtied_ino)
417 dd_growth += c->bi.inode_budget * req->dirtied_ino;
418 if (req->mod_dent)
419 dd_growth += c->bi.dent_budget;
420 dd_growth += req->dirtied_ino_d;
421 return dd_growth;
422 }
423
424 /**
425 * ubifs_budget_space - ensure there is enough space to complete an operation.
426 * @c: UBIFS file-system description object
427 * @req: budget request
428 *
429 * This function allocates budget for an operation. It uses pessimistic
430 * approximation of how much flash space the operation needs. The goal of this
431 * function is to make sure UBIFS always has flash space to flush all dirty
432 * pages, dirty inodes, and dirty znodes (liability). This function may force
433 * commit, garbage-collection or write-back. Returns zero in case of success,
434 * %-ENOSPC if there is no free space and other negative error codes in case of
435 * failures.
436 */
ubifs_budget_space(struct ubifs_info * c,struct ubifs_budget_req * req)437 int ubifs_budget_space(struct ubifs_info *c, struct ubifs_budget_req *req)
438 {
439 int err, idx_growth, data_growth, dd_growth, retried = 0;
440
441 ubifs_assert(c, req->new_page <= 1);
442 ubifs_assert(c, req->dirtied_page <= 1);
443 ubifs_assert(c, req->new_dent <= 1);
444 ubifs_assert(c, req->mod_dent <= 1);
445 ubifs_assert(c, req->new_ino <= 1);
446 ubifs_assert(c, req->new_ino_d <= UBIFS_MAX_INO_DATA);
447 ubifs_assert(c, req->dirtied_ino <= 4);
448 ubifs_assert(c, req->dirtied_ino_d <= UBIFS_MAX_INO_DATA * 4);
449 ubifs_assert(c, !(req->new_ino_d & 7));
450 ubifs_assert(c, !(req->dirtied_ino_d & 7));
451
452 data_growth = calc_data_growth(c, req);
453 dd_growth = calc_dd_growth(c, req);
454 if (!data_growth && !dd_growth)
455 return 0;
456 idx_growth = calc_idx_growth(c, req);
457
458 again:
459 spin_lock(&c->space_lock);
460 ubifs_assert(c, c->bi.idx_growth >= 0);
461 ubifs_assert(c, c->bi.data_growth >= 0);
462 ubifs_assert(c, c->bi.dd_growth >= 0);
463
464 if (unlikely(c->bi.nospace) && (c->bi.nospace_rp || !can_use_rp(c))) {
465 dbg_budg("no space");
466 spin_unlock(&c->space_lock);
467 return -ENOSPC;
468 }
469
470 c->bi.idx_growth += idx_growth;
471 c->bi.data_growth += data_growth;
472 c->bi.dd_growth += dd_growth;
473
474 err = do_budget_space(c);
475 if (likely(!err)) {
476 req->idx_growth = idx_growth;
477 req->data_growth = data_growth;
478 req->dd_growth = dd_growth;
479 spin_unlock(&c->space_lock);
480 return 0;
481 }
482
483 /* Restore the old values */
484 c->bi.idx_growth -= idx_growth;
485 c->bi.data_growth -= data_growth;
486 c->bi.dd_growth -= dd_growth;
487 spin_unlock(&c->space_lock);
488
489 if (req->fast) {
490 dbg_budg("no space for fast budgeting");
491 return err;
492 }
493
494 err = make_free_space(c);
495 cond_resched();
496 if (err == -EAGAIN) {
497 dbg_budg("try again");
498 goto again;
499 } else if (err == -ENOSPC) {
500 if (!retried) {
501 retried = 1;
502 dbg_budg("-ENOSPC, but anyway try once again");
503 goto again;
504 }
505 dbg_budg("FS is full, -ENOSPC");
506 c->bi.nospace = 1;
507 if (can_use_rp(c) || c->rp_size == 0)
508 c->bi.nospace_rp = 1;
509 smp_wmb();
510 } else
511 ubifs_err(c, "cannot budget space, error %d", err);
512 return err;
513 }
514
515 /**
516 * ubifs_release_budget - release budgeted free space.
517 * @c: UBIFS file-system description object
518 * @req: budget request
519 *
520 * This function releases the space budgeted by 'ubifs_budget_space()'. Note,
521 * since the index changes (which were budgeted for in @req->idx_growth) will
522 * only be written to the media on commit, this function moves the index budget
523 * from @c->bi.idx_growth to @c->bi.uncommitted_idx. The latter will be zeroed
524 * by the commit operation.
525 */
ubifs_release_budget(struct ubifs_info * c,struct ubifs_budget_req * req)526 void ubifs_release_budget(struct ubifs_info *c, struct ubifs_budget_req *req)
527 {
528 ubifs_assert(c, req->new_page <= 1);
529 ubifs_assert(c, req->dirtied_page <= 1);
530 ubifs_assert(c, req->new_dent <= 1);
531 ubifs_assert(c, req->mod_dent <= 1);
532 ubifs_assert(c, req->new_ino <= 1);
533 ubifs_assert(c, req->new_ino_d <= UBIFS_MAX_INO_DATA);
534 ubifs_assert(c, req->dirtied_ino <= 4);
535 ubifs_assert(c, req->dirtied_ino_d <= UBIFS_MAX_INO_DATA * 4);
536 ubifs_assert(c, !(req->new_ino_d & 7));
537 ubifs_assert(c, !(req->dirtied_ino_d & 7));
538 if (!req->recalculate) {
539 ubifs_assert(c, req->idx_growth >= 0);
540 ubifs_assert(c, req->data_growth >= 0);
541 ubifs_assert(c, req->dd_growth >= 0);
542 }
543
544 if (req->recalculate) {
545 req->data_growth = calc_data_growth(c, req);
546 req->dd_growth = calc_dd_growth(c, req);
547 req->idx_growth = calc_idx_growth(c, req);
548 }
549
550 if (!req->data_growth && !req->dd_growth)
551 return;
552
553 c->bi.nospace = c->bi.nospace_rp = 0;
554 smp_wmb();
555
556 spin_lock(&c->space_lock);
557 c->bi.idx_growth -= req->idx_growth;
558 c->bi.uncommitted_idx += req->idx_growth;
559 c->bi.data_growth -= req->data_growth;
560 c->bi.dd_growth -= req->dd_growth;
561 c->bi.min_idx_lebs = ubifs_calc_min_idx_lebs(c);
562
563 ubifs_assert(c, c->bi.idx_growth >= 0);
564 ubifs_assert(c, c->bi.data_growth >= 0);
565 ubifs_assert(c, c->bi.dd_growth >= 0);
566 ubifs_assert(c, c->bi.min_idx_lebs < c->main_lebs);
567 ubifs_assert(c, !(c->bi.idx_growth & 7));
568 ubifs_assert(c, !(c->bi.data_growth & 7));
569 ubifs_assert(c, !(c->bi.dd_growth & 7));
570 spin_unlock(&c->space_lock);
571 }
572
573 /**
574 * ubifs_convert_page_budget - convert budget of a new page.
575 * @c: UBIFS file-system description object
576 *
577 * This function converts budget which was allocated for a new page of data to
578 * the budget of changing an existing page of data. The latter is smaller than
579 * the former, so this function only does simple re-calculation and does not
580 * involve any write-back.
581 */
ubifs_convert_page_budget(struct ubifs_info * c)582 void ubifs_convert_page_budget(struct ubifs_info *c)
583 {
584 spin_lock(&c->space_lock);
585 /* Release the index growth reservation */
586 c->bi.idx_growth -= c->max_idx_node_sz << UBIFS_BLOCKS_PER_PAGE_SHIFT;
587 /* Release the data growth reservation */
588 c->bi.data_growth -= c->bi.page_budget;
589 /* Increase the dirty data growth reservation instead */
590 c->bi.dd_growth += c->bi.page_budget;
591 /* And re-calculate the indexing space reservation */
592 c->bi.min_idx_lebs = ubifs_calc_min_idx_lebs(c);
593 spin_unlock(&c->space_lock);
594 }
595
596 /**
597 * ubifs_release_dirty_inode_budget - release dirty inode budget.
598 * @c: UBIFS file-system description object
599 * @ui: UBIFS inode to release the budget for
600 *
601 * This function releases budget corresponding to a dirty inode. It is usually
602 * called when after the inode has been written to the media and marked as
603 * clean. It also causes the "no space" flags to be cleared.
604 */
ubifs_release_dirty_inode_budget(struct ubifs_info * c,struct ubifs_inode * ui)605 void ubifs_release_dirty_inode_budget(struct ubifs_info *c,
606 struct ubifs_inode *ui)
607 {
608 struct ubifs_budget_req req;
609
610 memset(&req, 0, sizeof(struct ubifs_budget_req));
611 /* The "no space" flags will be cleared because dd_growth is > 0 */
612 req.dd_growth = c->bi.inode_budget + ALIGN(ui->data_len, 8);
613 ubifs_release_budget(c, &req);
614 }
615
616 /**
617 * ubifs_reported_space - calculate reported free space.
618 * @c: the UBIFS file-system description object
619 * @free: amount of free space
620 *
621 * This function calculates amount of free space which will be reported to
622 * user-space. User-space application tend to expect that if the file-system
623 * (e.g., via the 'statfs()' call) reports that it has N bytes available, they
624 * are able to write a file of size N. UBIFS attaches node headers to each data
625 * node and it has to write indexing nodes as well. This introduces additional
626 * overhead, and UBIFS has to report slightly less free space to meet the above
627 * expectations.
628 *
629 * This function assumes free space is made up of uncompressed data nodes and
630 * full index nodes (one per data node, tripled because we always allow enough
631 * space to write the index thrice).
632 *
633 * Note, the calculation is pessimistic, which means that most of the time
634 * UBIFS reports less space than it actually has.
635 */
ubifs_reported_space(const struct ubifs_info * c,long long free)636 long long ubifs_reported_space(const struct ubifs_info *c, long long free)
637 {
638 int divisor, factor, f;
639
640 /*
641 * Reported space size is @free * X, where X is UBIFS block size
642 * divided by UBIFS block size + all overhead one data block
643 * introduces. The overhead is the node header + indexing overhead.
644 *
645 * Indexing overhead calculations are based on the following formula:
646 * I = N/(f - 1) + 1, where I - number of indexing nodes, N - number
647 * of data nodes, f - fanout. Because effective UBIFS fanout is twice
648 * as less than maximum fanout, we assume that each data node
649 * introduces 3 * @c->max_idx_node_sz / (@c->fanout/2 - 1) bytes.
650 * Note, the multiplier 3 is because UBIFS reserves thrice as more space
651 * for the index.
652 */
653 f = c->fanout > 3 ? c->fanout >> 1 : 2;
654 factor = UBIFS_BLOCK_SIZE;
655 divisor = UBIFS_MAX_DATA_NODE_SZ;
656 divisor += (c->max_idx_node_sz * 3) / (f - 1);
657 free *= factor;
658 return div_u64(free, divisor);
659 }
660
661 /**
662 * ubifs_get_free_space_nolock - return amount of free space.
663 * @c: UBIFS file-system description object
664 *
665 * This function calculates amount of free space to report to user-space.
666 *
667 * Because UBIFS may introduce substantial overhead (the index, node headers,
668 * alignment, wastage at the end of LEBs, etc), it cannot report real amount of
669 * free flash space it has (well, because not all dirty space is reclaimable,
670 * UBIFS does not actually know the real amount). If UBIFS did so, it would
671 * bread user expectations about what free space is. Users seem to accustomed
672 * to assume that if the file-system reports N bytes of free space, they would
673 * be able to fit a file of N bytes to the FS. This almost works for
674 * traditional file-systems, because they have way less overhead than UBIFS.
675 * So, to keep users happy, UBIFS tries to take the overhead into account.
676 */
ubifs_get_free_space_nolock(struct ubifs_info * c)677 long long ubifs_get_free_space_nolock(struct ubifs_info *c)
678 {
679 int rsvd_idx_lebs, lebs;
680 long long available, outstanding, free;
681
682 ubifs_assert(c, c->bi.min_idx_lebs == ubifs_calc_min_idx_lebs(c));
683 outstanding = c->bi.data_growth + c->bi.dd_growth;
684 available = ubifs_calc_available(c, c->bi.min_idx_lebs);
685
686 /*
687 * When reporting free space to user-space, UBIFS guarantees that it is
688 * possible to write a file of free space size. This means that for
689 * empty LEBs we may use more precise calculations than
690 * 'ubifs_calc_available()' is using. Namely, we know that in empty
691 * LEBs we would waste only @c->leb_overhead bytes, not @c->dark_wm.
692 * Thus, amend the available space.
693 *
694 * Note, the calculations below are similar to what we have in
695 * 'do_budget_space()', so refer there for comments.
696 */
697 if (c->bi.min_idx_lebs > c->lst.idx_lebs)
698 rsvd_idx_lebs = c->bi.min_idx_lebs - c->lst.idx_lebs;
699 else
700 rsvd_idx_lebs = 0;
701 lebs = c->lst.empty_lebs + c->freeable_cnt + c->idx_gc_cnt -
702 c->lst.taken_empty_lebs;
703 lebs -= rsvd_idx_lebs;
704 available += lebs * (c->dark_wm - c->leb_overhead);
705
706 if (available > outstanding)
707 free = ubifs_reported_space(c, available - outstanding);
708 else
709 free = 0;
710 return free;
711 }
712
713 /**
714 * ubifs_get_free_space - return amount of free space.
715 * @c: UBIFS file-system description object
716 *
717 * This function calculates and returns amount of free space to report to
718 * user-space.
719 */
ubifs_get_free_space(struct ubifs_info * c)720 long long ubifs_get_free_space(struct ubifs_info *c)
721 {
722 long long free;
723
724 spin_lock(&c->space_lock);
725 free = ubifs_get_free_space_nolock(c);
726 spin_unlock(&c->space_lock);
727
728 return free;
729 }
730