Merge tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4

	ext4_group_t ngroups = ext4_get_groups_count(sb);

	struct ext4_group_desc *desc;

	struct ext4_sb_info *sbi = EXT4_SB(sb);

	struct buffer_head *bh_p;

	if (block_group >= ngroups) {

		ext4_error(sb, "block_group >= groups_count - block_group = %u,"

	group_desc = block_group >> EXT4_DESC_PER_BLOCK_BITS(sb);

	offset = block_group & (EXT4_DESC_PER_BLOCK(sb) - 1);

	if (!sbi->s_group_desc[group_desc]) {

	bh_p = sbi_array_rcu_deref(sbi, s_group_desc, group_desc);

	/*

	 * sbi_array_rcu_deref returns with rcu unlocked, this is ok since

	 * the pointer being dereferenced won't be dereferenced again. By

	 * looking at the usage in add_new_gdb() the value isn't modified,

	 * just the pointer, and so it remains valid.

	 */

	if (!bh_p) {

		ext4_error(sb, "Group descriptor not loaded - "

			   "block_group = %u, group_desc = %u, desc = %u",

			   block_group, group_desc, offset);

	}

	desc = (struct ext4_group_desc *)(

		(__u8 *)sbi->s_group_desc[group_desc]->b_data +

		(__u8 *)bh_p->b_data +

		offset * EXT4_DESC_SIZE(sb));

	if (bh)

		*bh = sbi->s_group_desc[group_desc];

		*bh = bh_p;

	return desc;

}

	loff_t s_bitmap_maxbytes;	/* max bytes for bitmap files */

	struct buffer_head * s_sbh;	/* Buffer containing the super block */

	struct ext4_super_block *s_es;	/* Pointer to the super block in the buffer */

	struct buffer_head **s_group_desc;

	struct buffer_head * __rcu *s_group_desc;

	unsigned int s_mount_opt;

	unsigned int s_mount_opt2;

	unsigned int s_mount_flags;

#endif

	/* for buddy allocator */

	struct ext4_group_info ***s_group_info;

	struct ext4_group_info ** __rcu *s_group_info;

	struct inode *s_buddy_cache;

	spinlock_t s_md_lock;

	unsigned short *s_mb_offsets;

	unsigned int s_extent_max_zeroout_kb;

	unsigned int s_log_groups_per_flex;

	struct flex_groups *s_flex_groups;

	struct flex_groups * __rcu *s_flex_groups;

	ext4_group_t s_flex_groups_allocated;

	/* workqueue for reserved extent conversions (buffered io) */

	struct ratelimit_state s_warning_ratelimit_state;

	struct ratelimit_state s_msg_ratelimit_state;

	/* Barrier between changing inodes' journal flags and writepages ops. */

	struct percpu_rw_semaphore s_journal_flag_rwsem;

	/*

	 * Barrier between writepages ops and changing any inode's JOURNAL_DATA

	 * or EXTENTS flag.

	 */

	struct percpu_rw_semaphore s_writepages_rwsem;

	struct dax_device *s_daxdev;

#ifdef CONFIG_EXT4_DEBUG

	unsigned long s_simulate_fail;

		 ino <= le32_to_cpu(EXT4_SB(sb)->s_es->s_inodes_count));

}

/*

 * Returns: sbi->field[index]

 * Used to access an array element from the following sbi fields which require

 * rcu protection to avoid dereferencing an invalid pointer due to reassignment

 * - s_group_desc

 * - s_group_info

 * - s_flex_group

 */

#define sbi_array_rcu_deref(sbi, field, index)				   \

({									   \

	typeof(*((sbi)->field)) _v;					   \

	rcu_read_lock();						   \

	_v = ((typeof(_v)*)rcu_dereference((sbi)->field))[index];	   \

	rcu_read_unlock();						   \

	_v;								   \

})

/*

 * Simulate_fail codes

 */

extern bool ext4_empty_dir(struct inode *inode);

/* resize.c */

extern void ext4_kvfree_array_rcu(void *to_free);

extern int ext4_group_add(struct super_block *sb,

				struct ext4_new_group_data *input);

extern int ext4_group_extend(struct super_block *sb,

struct ext4_group_info *ext4_get_group_info(struct super_block *sb,

					    ext4_group_t group)

{

	 struct ext4_group_info ***grp_info;

	 struct ext4_group_info **grp_info;

	 long indexv, indexh;

	 BUG_ON(group >= EXT4_SB(sb)->s_groups_count);

	 grp_info = EXT4_SB(sb)->s_group_info;

	 indexv = group >> (EXT4_DESC_PER_BLOCK_BITS(sb));

	 indexh = group & ((EXT4_DESC_PER_BLOCK(sb)) - 1);

	 return grp_info[indexv][indexh];

	 grp_info = sbi_array_rcu_deref(EXT4_SB(sb), s_group_info, indexv);

	 return grp_info[indexh];

}

/*

		     !inode_is_locked(inode));

	down_write(&EXT4_I(inode)->i_data_sem);

	if (newsize > EXT4_I(inode)->i_disksize)

		EXT4_I(inode)->i_disksize = newsize;

		WRITE_ONCE(EXT4_I(inode)->i_disksize, newsize);

	up_write(&EXT4_I(inode)->i_data_sem);

}

	percpu_counter_inc(&sbi->s_freeinodes_counter);

	if (sbi->s_log_groups_per_flex) {

		ext4_group_t f = ext4_flex_group(sbi, block_group);

		struct flex_groups *fg;

		atomic_inc(&sbi->s_flex_groups[f].free_inodes);

		fg = sbi_array_rcu_deref(sbi, s_flex_groups,

					 ext4_flex_group(sbi, block_group));

		atomic_inc(&fg->free_inodes);

		if (is_directory)

			atomic_dec(&sbi->s_flex_groups[f].used_dirs);

			atomic_dec(&fg->used_dirs);

	}

	BUFFER_TRACE(bh2, "call ext4_handle_dirty_metadata");

	fatal = ext4_handle_dirty_metadata(handle, NULL, bh2);

			    int flex_size, struct orlov_stats *stats)

{

	struct ext4_group_desc *desc;

	struct flex_groups *flex_group = EXT4_SB(sb)->s_flex_groups;

	if (flex_size > 1) {

		stats->free_inodes = atomic_read(&flex_group[g].free_inodes);

		stats->free_clusters = atomic64_read(&flex_group[g].free_clusters);

		stats->used_dirs = atomic_read(&flex_group[g].used_dirs);

		struct flex_groups *fg = sbi_array_rcu_deref(EXT4_SB(sb),

							     s_flex_groups, g);

		stats->free_inodes = atomic_read(&fg->free_inodes);

		stats->free_clusters = atomic64_read(&fg->free_clusters);

		stats->used_dirs = atomic_read(&fg->used_dirs);

		return;

	}

		if (sbi->s_log_groups_per_flex) {

			ext4_group_t f = ext4_flex_group(sbi, group);

			atomic_inc(&sbi->s_flex_groups[f].used_dirs);

			atomic_inc(&sbi_array_rcu_deref(sbi, s_flex_groups,

							f)->used_dirs);

		}

	}

	if (ext4_has_group_desc_csum(sb)) {

	if (sbi->s_log_groups_per_flex) {

		flex_group = ext4_flex_group(sbi, group);

		atomic_dec(&sbi->s_flex_groups[flex_group].free_inodes);

		atomic_dec(&sbi_array_rcu_deref(sbi, s_flex_groups,

						flex_group)->free_inodes);

	}

	inode->i_ino = ino + group * EXT4_INODES_PER_GROUP(sb);

	 * truncate are avoided by checking i_size under i_data_sem.

	 */

	disksize = ((loff_t)mpd->first_page) << PAGE_SHIFT;

	if (disksize > EXT4_I(inode)->i_disksize) {

	if (disksize > READ_ONCE(EXT4_I(inode)->i_disksize)) {

		int err2;

		loff_t i_size;

	if (unlikely(ext4_forced_shutdown(EXT4_SB(inode->i_sb))))

		return -EIO;

	percpu_down_read(&sbi->s_journal_flag_rwsem);

	percpu_down_read(&sbi->s_writepages_rwsem);

	trace_ext4_writepages(inode, wbc);

	/*

out_writepages:

	trace_ext4_writepages_result(inode, wbc, ret,

				     nr_to_write - wbc->nr_to_write);

	percpu_up_read(&sbi->s_journal_flag_rwsem);

	percpu_up_read(&sbi->s_writepages_rwsem);

	return ret;

}

	if (unlikely(ext4_forced_shutdown(EXT4_SB(inode->i_sb))))

		return -EIO;

	percpu_down_read(&sbi->s_journal_flag_rwsem);

	percpu_down_read(&sbi->s_writepages_rwsem);

	trace_ext4_writepages(inode, wbc);

	ret = dax_writeback_mapping_range(mapping, sbi->s_daxdev, wbc);

	trace_ext4_writepages_result(inode, wbc, ret,

				     nr_to_write - wbc->nr_to_write);

	percpu_up_read(&sbi->s_journal_flag_rwsem);

	percpu_up_read(&sbi->s_writepages_rwsem);

	return ret;

}

		}

	}

	percpu_down_write(&sbi->s_journal_flag_rwsem);

	percpu_down_write(&sbi->s_writepages_rwsem);

	jbd2_journal_lock_updates(journal);

	/*

		err = jbd2_journal_flush(journal);

		if (err < 0) {

			jbd2_journal_unlock_updates(journal);

			percpu_up_write(&sbi->s_journal_flag_rwsem);

			percpu_up_write(&sbi->s_writepages_rwsem);

			return err;

		}

		ext4_clear_inode_flag(inode, EXT4_INODE_JOURNAL_DATA);

	ext4_set_aops(inode);

	jbd2_journal_unlock_updates(journal);

	percpu_up_write(&sbi->s_journal_flag_rwsem);

	percpu_up_write(&sbi->s_writepages_rwsem);

	if (val)

		up_write(&EXT4_I(inode)->i_mmap_sem);

{

	struct ext4_sb_info *sbi = EXT4_SB(sb);

	unsigned size;

	struct ext4_group_info ***new_groupinfo;

	struct ext4_group_info ***old_groupinfo, ***new_groupinfo;

	size = (ngroups + EXT4_DESC_PER_BLOCK(sb) - 1) >>

		EXT4_DESC_PER_BLOCK_BITS(sb);

		ext4_msg(sb, KERN_ERR, "can't allocate buddy meta group");

		return -ENOMEM;

	}

	if (sbi->s_group_info) {

		memcpy(new_groupinfo, sbi->s_group_info,

	rcu_read_lock();

	old_groupinfo = rcu_dereference(sbi->s_group_info);

	if (old_groupinfo)

		memcpy(new_groupinfo, old_groupinfo,

		       sbi->s_group_info_size * sizeof(*sbi->s_group_info));

		kvfree(sbi->s_group_info);

	}

	sbi->s_group_info = new_groupinfo;

	rcu_read_unlock();

	rcu_assign_pointer(sbi->s_group_info, new_groupinfo);

	sbi->s_group_info_size = size / sizeof(*sbi->s_group_info);

	if (old_groupinfo)

		ext4_kvfree_array_rcu(old_groupinfo);

	ext4_debug("allocated s_groupinfo array for %d meta_bg's\n", 

		   sbi->s_group_info_size);

	return 0;

{

	int i;

	int metalen = 0;

	int idx = group >> EXT4_DESC_PER_BLOCK_BITS(sb);

	struct ext4_sb_info *sbi = EXT4_SB(sb);

	struct ext4_group_info **meta_group_info;

	struct kmem_cache *cachep = get_groupinfo_cache(sb->s_blocksize_bits);

				 "for a buddy group");

			goto exit_meta_group_info;

		}

		sbi->s_group_info[group >> EXT4_DESC_PER_BLOCK_BITS(sb)] =

			meta_group_info;

		rcu_read_lock();

		rcu_dereference(sbi->s_group_info)[idx] = meta_group_info;

		rcu_read_unlock();

	}

	meta_group_info =

		sbi->s_group_info[group >> EXT4_DESC_PER_BLOCK_BITS(sb)];

	meta_group_info = sbi_array_rcu_deref(sbi, s_group_info, idx);

	i = group & (EXT4_DESC_PER_BLOCK(sb) - 1);

	meta_group_info[i] = kmem_cache_zalloc(cachep, GFP_NOFS);

exit_group_info:

	/* If a meta_group_info table has been allocated, release it now */

	if (group % EXT4_DESC_PER_BLOCK(sb) == 0) {

		kfree(sbi->s_group_info[group >> EXT4_DESC_PER_BLOCK_BITS(sb)]);

		sbi->s_group_info[group >> EXT4_DESC_PER_BLOCK_BITS(sb)] = NULL;

		struct ext4_group_info ***group_info;

		rcu_read_lock();

		group_info = rcu_dereference(sbi->s_group_info);

		kfree(group_info[idx]);

		group_info[idx] = NULL;

		rcu_read_unlock();

	}

exit_meta_group_info:

	return -ENOMEM;

	struct ext4_sb_info *sbi = EXT4_SB(sb);

	int err;

	struct ext4_group_desc *desc;

	struct ext4_group_info ***group_info;

	struct kmem_cache *cachep;

	err = ext4_mb_alloc_groupinfo(sb, ngroups);

	while (i-- > 0)

		kmem_cache_free(cachep, ext4_get_group_info(sb, i));

	i = sbi->s_group_info_size;

	rcu_read_lock();

	group_info = rcu_dereference(sbi->s_group_info);

	while (i-- > 0)

		kfree(sbi->s_group_info[i]);

		kfree(group_info[i]);

	rcu_read_unlock();

	iput(sbi->s_buddy_cache);

err_freesgi:

	kvfree(sbi->s_group_info);

	rcu_read_lock();

	kvfree(rcu_dereference(sbi->s_group_info));

	rcu_read_unlock();

	return -ENOMEM;

}

	ext4_group_t ngroups = ext4_get_groups_count(sb);

	ext4_group_t i;

	int num_meta_group_infos;

	struct ext4_group_info *grinfo;

	struct ext4_group_info *grinfo, ***group_info;

	struct ext4_sb_info *sbi = EXT4_SB(sb);

	struct kmem_cache *cachep = get_groupinfo_cache(sb->s_blocksize_bits);

		num_meta_group_infos = (ngroups +

				EXT4_DESC_PER_BLOCK(sb) - 1) >>

			EXT4_DESC_PER_BLOCK_BITS(sb);

		rcu_read_lock();

		group_info = rcu_dereference(sbi->s_group_info);

		for (i = 0; i < num_meta_group_infos; i++)

			kfree(sbi->s_group_info[i]);

		kvfree(sbi->s_group_info);

			kfree(group_info[i]);

		kvfree(group_info);

		rcu_read_unlock();

	}

	kfree(sbi->s_mb_offsets);

	kfree(sbi->s_mb_maxs);

		ext4_group_t flex_group = ext4_flex_group(sbi,

							  ac->ac_b_ex.fe_group);

		atomic64_sub(ac->ac_b_ex.fe_len,

			     &sbi->s_flex_groups[flex_group].free_clusters);

			     &sbi_array_rcu_deref(sbi, s_flex_groups,

						  flex_group)->free_clusters);

	}

	err = ext4_handle_dirty_metadata(handle, NULL, bitmap_bh);

	if (sbi->s_log_groups_per_flex) {

		ext4_group_t flex_group = ext4_flex_group(sbi, block_group);

		atomic64_add(count_clusters,

			     &sbi->s_flex_groups[flex_group].free_clusters);

			     &sbi_array_rcu_deref(sbi, s_flex_groups,

						  flex_group)->free_clusters);

	}

	/*

	if (sbi->s_log_groups_per_flex) {

		ext4_group_t flex_group = ext4_flex_group(sbi, block_group);

		atomic64_add(clusters_freed,

			     &sbi->s_flex_groups[flex_group].free_clusters);

			     &sbi_array_rcu_deref(sbi, s_flex_groups,

						  flex_group)->free_clusters);

	}

	ext4_mb_unload_buddy(&e4b);