|  | The text below describes the locking rules for VFS-related methods. | 
|  | It is (believed to be) up-to-date. *Please*, if you change anything in | 
|  | prototypes or locking protocols - update this file. And update the relevant | 
|  | instances in the tree, don't leave that to maintainers of filesystems/devices/ | 
|  | etc. At the very least, put the list of dubious cases in the end of this file. | 
|  | Don't turn it into log - maintainers of out-of-the-tree code are supposed to | 
|  | be able to use diff(1). | 
|  | Thing currently missing here: socket operations. Alexey? | 
|  |  | 
|  | --------------------------- dentry_operations -------------------------- | 
|  | prototypes: | 
|  | int (*d_revalidate)(struct dentry *, int); | 
|  | int (*d_hash) (struct dentry *, struct qstr *); | 
|  | int (*d_compare) (struct dentry *, struct qstr *, struct qstr *); | 
|  | int (*d_delete)(struct dentry *); | 
|  | void (*d_release)(struct dentry *); | 
|  | void (*d_iput)(struct dentry *, struct inode *); | 
|  | char *(*d_dname)((struct dentry *dentry, char *buffer, int buflen); | 
|  |  | 
|  | locking rules: | 
|  | none have BKL | 
|  | dcache_lock	rename_lock	->d_lock	may block | 
|  | d_revalidate:	no		no		no		yes | 
|  | d_hash		no		no		no		yes | 
|  | d_compare:	no		yes		no		no | 
|  | d_delete:	yes		no		yes		no | 
|  | d_release:	no		no		no		yes | 
|  | d_iput:		no		no		no		yes | 
|  | d_dname:	no		no		no		no | 
|  |  | 
|  | --------------------------- inode_operations --------------------------- | 
|  | prototypes: | 
|  | int (*create) (struct inode *,struct dentry *,int, struct nameidata *); | 
|  | struct dentry * (*lookup) (struct inode *,struct dentry *, struct nameid | 
|  | ata *); | 
|  | int (*link) (struct dentry *,struct inode *,struct dentry *); | 
|  | int (*unlink) (struct inode *,struct dentry *); | 
|  | int (*symlink) (struct inode *,struct dentry *,const char *); | 
|  | int (*mkdir) (struct inode *,struct dentry *,int); | 
|  | int (*rmdir) (struct inode *,struct dentry *); | 
|  | int (*mknod) (struct inode *,struct dentry *,int,dev_t); | 
|  | int (*rename) (struct inode *, struct dentry *, | 
|  | struct inode *, struct dentry *); | 
|  | int (*readlink) (struct dentry *, char __user *,int); | 
|  | int (*follow_link) (struct dentry *, struct nameidata *); | 
|  | void (*truncate) (struct inode *); | 
|  | int (*permission) (struct inode *, int, struct nameidata *); | 
|  | int (*setattr) (struct dentry *, struct iattr *); | 
|  | int (*getattr) (struct vfsmount *, struct dentry *, struct kstat *); | 
|  | int (*setxattr) (struct dentry *, const char *,const void *,size_t,int); | 
|  | ssize_t (*getxattr) (struct dentry *, const char *, void *, size_t); | 
|  | ssize_t (*listxattr) (struct dentry *, char *, size_t); | 
|  | int (*removexattr) (struct dentry *, const char *); | 
|  |  | 
|  | locking rules: | 
|  | all may block, none have BKL | 
|  | i_mutex(inode) | 
|  | lookup:		yes | 
|  | create:		yes | 
|  | link:		yes (both) | 
|  | mknod:		yes | 
|  | symlink:	yes | 
|  | mkdir:		yes | 
|  | unlink:		yes (both) | 
|  | rmdir:		yes (both)	(see below) | 
|  | rename:		yes (all)	(see below) | 
|  | readlink:	no | 
|  | follow_link:	no | 
|  | truncate:	yes		(see below) | 
|  | setattr:	yes | 
|  | permission:	no | 
|  | getattr:	no | 
|  | setxattr:	yes | 
|  | getxattr:	no | 
|  | listxattr:	no | 
|  | removexattr:	yes | 
|  | Additionally, ->rmdir(), ->unlink() and ->rename() have ->i_mutex on | 
|  | victim. | 
|  | cross-directory ->rename() has (per-superblock) ->s_vfs_rename_sem. | 
|  | ->truncate() is never called directly - it's a callback, not a | 
|  | method. It's called by vmtruncate() - library function normally used by | 
|  | ->setattr(). Locking information above applies to that call (i.e. is | 
|  | inherited from ->setattr() - vmtruncate() is used when ATTR_SIZE had been | 
|  | passed). | 
|  |  | 
|  | See Documentation/filesystems/directory-locking for more detailed discussion | 
|  | of the locking scheme for directory operations. | 
|  |  | 
|  | --------------------------- super_operations --------------------------- | 
|  | prototypes: | 
|  | struct inode *(*alloc_inode)(struct super_block *sb); | 
|  | void (*destroy_inode)(struct inode *); | 
|  | void (*dirty_inode) (struct inode *); | 
|  | int (*write_inode) (struct inode *, int); | 
|  | int (*drop_inode) (struct inode *); | 
|  | void (*evict_inode) (struct inode *); | 
|  | void (*put_super) (struct super_block *); | 
|  | void (*write_super) (struct super_block *); | 
|  | int (*sync_fs)(struct super_block *sb, int wait); | 
|  | int (*freeze_fs) (struct super_block *); | 
|  | int (*unfreeze_fs) (struct super_block *); | 
|  | int (*statfs) (struct dentry *, struct kstatfs *); | 
|  | int (*remount_fs) (struct super_block *, int *, char *); | 
|  | void (*umount_begin) (struct super_block *); | 
|  | int (*show_options)(struct seq_file *, struct vfsmount *); | 
|  | ssize_t (*quota_read)(struct super_block *, int, char *, size_t, loff_t); | 
|  | ssize_t (*quota_write)(struct super_block *, int, const char *, size_t, loff_t); | 
|  |  | 
|  | locking rules: | 
|  | All may block [not true, see below] | 
|  | None have BKL | 
|  | s_umount | 
|  | alloc_inode: | 
|  | destroy_inode: | 
|  | dirty_inode:				(must not sleep) | 
|  | write_inode: | 
|  | drop_inode:				!!!inode_lock!!! | 
|  | evict_inode: | 
|  | put_super:		write | 
|  | write_super:		read | 
|  | sync_fs:		read | 
|  | freeze_fs:		read | 
|  | unfreeze_fs:		read | 
|  | statfs:			maybe(read)	(see below) | 
|  | remount_fs:		write | 
|  | umount_begin:		no | 
|  | show_options:		no		(namespace_sem) | 
|  | quota_read:		no		(see below) | 
|  | quota_write:		no		(see below) | 
|  |  | 
|  | ->statfs() has s_umount (shared) when called by ustat(2) (native or | 
|  | compat), but that's an accident of bad API; s_umount is used to pin | 
|  | the superblock down when we only have dev_t given us by userland to | 
|  | identify the superblock.  Everything else (statfs(), fstatfs(), etc.) | 
|  | doesn't hold it when calling ->statfs() - superblock is pinned down | 
|  | by resolving the pathname passed to syscall. | 
|  | ->quota_read() and ->quota_write() functions are both guaranteed to | 
|  | be the only ones operating on the quota file by the quota code (via | 
|  | dqio_sem) (unless an admin really wants to screw up something and | 
|  | writes to quota files with quotas on). For other details about locking | 
|  | see also dquot_operations section. | 
|  |  | 
|  | --------------------------- file_system_type --------------------------- | 
|  | prototypes: | 
|  | int (*get_sb) (struct file_system_type *, int, | 
|  | const char *, void *, struct vfsmount *); | 
|  | void (*kill_sb) (struct super_block *); | 
|  | locking rules: | 
|  | may block	BKL | 
|  | get_sb		yes		no | 
|  | kill_sb		yes		no | 
|  |  | 
|  | ->get_sb() returns error or 0 with locked superblock attached to the vfsmount | 
|  | (exclusive on ->s_umount). | 
|  | ->kill_sb() takes a write-locked superblock, does all shutdown work on it, | 
|  | unlocks and drops the reference. | 
|  |  | 
|  | --------------------------- address_space_operations -------------------------- | 
|  | prototypes: | 
|  | int (*writepage)(struct page *page, struct writeback_control *wbc); | 
|  | int (*readpage)(struct file *, struct page *); | 
|  | int (*sync_page)(struct page *); | 
|  | int (*writepages)(struct address_space *, struct writeback_control *); | 
|  | int (*set_page_dirty)(struct page *page); | 
|  | int (*readpages)(struct file *filp, struct address_space *mapping, | 
|  | struct list_head *pages, unsigned nr_pages); | 
|  | int (*write_begin)(struct file *, struct address_space *mapping, | 
|  | loff_t pos, unsigned len, unsigned flags, | 
|  | struct page **pagep, void **fsdata); | 
|  | int (*write_end)(struct file *, struct address_space *mapping, | 
|  | loff_t pos, unsigned len, unsigned copied, | 
|  | struct page *page, void *fsdata); | 
|  | sector_t (*bmap)(struct address_space *, sector_t); | 
|  | int (*invalidatepage) (struct page *, unsigned long); | 
|  | int (*releasepage) (struct page *, int); | 
|  | int (*direct_IO)(int, struct kiocb *, const struct iovec *iov, | 
|  | loff_t offset, unsigned long nr_segs); | 
|  | int (*launder_page) (struct page *); | 
|  |  | 
|  | locking rules: | 
|  | All except set_page_dirty may block | 
|  |  | 
|  | BKL	PageLocked(page)	i_mutex | 
|  | writepage:		no	yes, unlocks (see below) | 
|  | readpage:		no	yes, unlocks | 
|  | sync_page:		no	maybe | 
|  | writepages:		no | 
|  | set_page_dirty		no	no | 
|  | readpages:		no | 
|  | write_begin:		no	locks the page		yes | 
|  | write_end:		no	yes, unlocks		yes | 
|  | perform_write:		no	n/a			yes | 
|  | bmap:			no | 
|  | invalidatepage:		no	yes | 
|  | releasepage:		no	yes | 
|  | direct_IO:		no | 
|  | launder_page:		no	yes | 
|  |  | 
|  | ->write_begin(), ->write_end(), ->sync_page() and ->readpage() | 
|  | may be called from the request handler (/dev/loop). | 
|  |  | 
|  | ->readpage() unlocks the page, either synchronously or via I/O | 
|  | completion. | 
|  |  | 
|  | ->readpages() populates the pagecache with the passed pages and starts | 
|  | I/O against them.  They come unlocked upon I/O completion. | 
|  |  | 
|  | ->writepage() is used for two purposes: for "memory cleansing" and for | 
|  | "sync".  These are quite different operations and the behaviour may differ | 
|  | depending upon the mode. | 
|  |  | 
|  | If writepage is called for sync (wbc->sync_mode != WBC_SYNC_NONE) then | 
|  | it *must* start I/O against the page, even if that would involve | 
|  | blocking on in-progress I/O. | 
|  |  | 
|  | If writepage is called for memory cleansing (sync_mode == | 
|  | WBC_SYNC_NONE) then its role is to get as much writeout underway as | 
|  | possible.  So writepage should try to avoid blocking against | 
|  | currently-in-progress I/O. | 
|  |  | 
|  | If the filesystem is not called for "sync" and it determines that it | 
|  | would need to block against in-progress I/O to be able to start new I/O | 
|  | against the page the filesystem should redirty the page with | 
|  | redirty_page_for_writepage(), then unlock the page and return zero. | 
|  | This may also be done to avoid internal deadlocks, but rarely. | 
|  |  | 
|  | If the filesystem is called for sync then it must wait on any | 
|  | in-progress I/O and then start new I/O. | 
|  |  | 
|  | The filesystem should unlock the page synchronously, before returning to the | 
|  | caller, unless ->writepage() returns special WRITEPAGE_ACTIVATE | 
|  | value. WRITEPAGE_ACTIVATE means that page cannot really be written out | 
|  | currently, and VM should stop calling ->writepage() on this page for some | 
|  | time. VM does this by moving page to the head of the active list, hence the | 
|  | name. | 
|  |  | 
|  | Unless the filesystem is going to redirty_page_for_writepage(), unlock the page | 
|  | and return zero, writepage *must* run set_page_writeback() against the page, | 
|  | followed by unlocking it.  Once set_page_writeback() has been run against the | 
|  | page, write I/O can be submitted and the write I/O completion handler must run | 
|  | end_page_writeback() once the I/O is complete.  If no I/O is submitted, the | 
|  | filesystem must run end_page_writeback() against the page before returning from | 
|  | writepage. | 
|  |  | 
|  | That is: after 2.5.12, pages which are under writeout are *not* locked.  Note, | 
|  | if the filesystem needs the page to be locked during writeout, that is ok, too, | 
|  | the page is allowed to be unlocked at any point in time between the calls to | 
|  | set_page_writeback() and end_page_writeback(). | 
|  |  | 
|  | Note, failure to run either redirty_page_for_writepage() or the combination of | 
|  | set_page_writeback()/end_page_writeback() on a page submitted to writepage | 
|  | will leave the page itself marked clean but it will be tagged as dirty in the | 
|  | radix tree.  This incoherency can lead to all sorts of hard-to-debug problems | 
|  | in the filesystem like having dirty inodes at umount and losing written data. | 
|  |  | 
|  | ->sync_page() locking rules are not well-defined - usually it is called | 
|  | with lock on page, but that is not guaranteed. Considering the currently | 
|  | existing instances of this method ->sync_page() itself doesn't look | 
|  | well-defined... | 
|  |  | 
|  | ->writepages() is used for periodic writeback and for syscall-initiated | 
|  | sync operations.  The address_space should start I/O against at least | 
|  | *nr_to_write pages.  *nr_to_write must be decremented for each page which is | 
|  | written.  The address_space implementation may write more (or less) pages | 
|  | than *nr_to_write asks for, but it should try to be reasonably close.  If | 
|  | nr_to_write is NULL, all dirty pages must be written. | 
|  |  | 
|  | writepages should _only_ write pages which are present on | 
|  | mapping->io_pages. | 
|  |  | 
|  | ->set_page_dirty() is called from various places in the kernel | 
|  | when the target page is marked as needing writeback.  It may be called | 
|  | under spinlock (it cannot block) and is sometimes called with the page | 
|  | not locked. | 
|  |  | 
|  | ->bmap() is currently used by legacy ioctl() (FIBMAP) provided by some | 
|  | filesystems and by the swapper. The latter will eventually go away. All | 
|  | instances do not actually need the BKL. Please, keep it that way and don't | 
|  | breed new callers. | 
|  |  | 
|  | ->invalidatepage() is called when the filesystem must attempt to drop | 
|  | some or all of the buffers from the page when it is being truncated.  It | 
|  | returns zero on success.  If ->invalidatepage is zero, the kernel uses | 
|  | block_invalidatepage() instead. | 
|  |  | 
|  | ->releasepage() is called when the kernel is about to try to drop the | 
|  | buffers from the page in preparation for freeing it.  It returns zero to | 
|  | indicate that the buffers are (or may be) freeable.  If ->releasepage is zero, | 
|  | the kernel assumes that the fs has no private interest in the buffers. | 
|  |  | 
|  | ->launder_page() may be called prior to releasing a page if | 
|  | it is still found to be dirty. It returns zero if the page was successfully | 
|  | cleaned, or an error value if not. Note that in order to prevent the page | 
|  | getting mapped back in and redirtied, it needs to be kept locked | 
|  | across the entire operation. | 
|  |  | 
|  | Note: currently almost all instances of address_space methods are | 
|  | using BKL for internal serialization and that's one of the worst sources | 
|  | of contention. Normally they are calling library functions (in fs/buffer.c) | 
|  | and pass foo_get_block() as a callback (on local block-based filesystems, | 
|  | indeed). BKL is not needed for library stuff and is usually taken by | 
|  | foo_get_block(). It's an overkill, since block bitmaps can be protected by | 
|  | internal fs locking and real critical areas are much smaller than the areas | 
|  | filesystems protect now. | 
|  |  | 
|  | ----------------------- file_lock_operations ------------------------------ | 
|  | prototypes: | 
|  | void (*fl_insert)(struct file_lock *);	/* lock insertion callback */ | 
|  | void (*fl_remove)(struct file_lock *);	/* lock removal callback */ | 
|  | void (*fl_copy_lock)(struct file_lock *, struct file_lock *); | 
|  | void (*fl_release_private)(struct file_lock *); | 
|  |  | 
|  |  | 
|  | locking rules: | 
|  | BKL	may block | 
|  | fl_insert:		yes	no | 
|  | fl_remove:		yes	no | 
|  | fl_copy_lock:		yes	no | 
|  | fl_release_private:	yes	yes | 
|  |  | 
|  | ----------------------- lock_manager_operations --------------------------- | 
|  | prototypes: | 
|  | int (*fl_compare_owner)(struct file_lock *, struct file_lock *); | 
|  | void (*fl_notify)(struct file_lock *);  /* unblock callback */ | 
|  | void (*fl_copy_lock)(struct file_lock *, struct file_lock *); | 
|  | void (*fl_release_private)(struct file_lock *); | 
|  | void (*fl_break)(struct file_lock *); /* break_lease callback */ | 
|  |  | 
|  | locking rules: | 
|  | BKL	may block | 
|  | fl_compare_owner:	yes	no | 
|  | fl_notify:		yes	no | 
|  | fl_copy_lock:		yes	no | 
|  | fl_release_private:	yes	yes | 
|  | fl_break:		yes	no | 
|  |  | 
|  | Currently only NFSD and NLM provide instances of this class. None of the | 
|  | them block. If you have out-of-tree instances - please, show up. Locking | 
|  | in that area will change. | 
|  | --------------------------- buffer_head ----------------------------------- | 
|  | prototypes: | 
|  | void (*b_end_io)(struct buffer_head *bh, int uptodate); | 
|  |  | 
|  | locking rules: | 
|  | called from interrupts. In other words, extreme care is needed here. | 
|  | bh is locked, but that's all warranties we have here. Currently only RAID1, | 
|  | highmem, fs/buffer.c, and fs/ntfs/aops.c are providing these. Block devices | 
|  | call this method upon the IO completion. | 
|  |  | 
|  | --------------------------- block_device_operations ----------------------- | 
|  | prototypes: | 
|  | int (*open) (struct inode *, struct file *); | 
|  | int (*release) (struct inode *, struct file *); | 
|  | int (*ioctl) (struct inode *, struct file *, unsigned, unsigned long); | 
|  | int (*media_changed) (struct gendisk *); | 
|  | int (*revalidate_disk) (struct gendisk *); | 
|  |  | 
|  | locking rules: | 
|  | BKL	bd_sem | 
|  | open:			yes	yes | 
|  | release:		yes	yes | 
|  | ioctl:			yes	no | 
|  | media_changed:		no	no | 
|  | revalidate_disk:	no	no | 
|  |  | 
|  | The last two are called only from check_disk_change(). | 
|  |  | 
|  | --------------------------- file_operations ------------------------------- | 
|  | prototypes: | 
|  | loff_t (*llseek) (struct file *, loff_t, int); | 
|  | ssize_t (*read) (struct file *, char __user *, size_t, loff_t *); | 
|  | ssize_t (*write) (struct file *, const char __user *, size_t, loff_t *); | 
|  | ssize_t (*aio_read) (struct kiocb *, const struct iovec *, unsigned long, loff_t); | 
|  | ssize_t (*aio_write) (struct kiocb *, const struct iovec *, unsigned long, loff_t); | 
|  | int (*readdir) (struct file *, void *, filldir_t); | 
|  | unsigned int (*poll) (struct file *, struct poll_table_struct *); | 
|  | long (*unlocked_ioctl) (struct file *, unsigned int, unsigned long); | 
|  | long (*compat_ioctl) (struct file *, unsigned int, unsigned long); | 
|  | int (*mmap) (struct file *, struct vm_area_struct *); | 
|  | int (*open) (struct inode *, struct file *); | 
|  | int (*flush) (struct file *); | 
|  | int (*release) (struct inode *, struct file *); | 
|  | int (*fsync) (struct file *, int datasync); | 
|  | int (*aio_fsync) (struct kiocb *, int datasync); | 
|  | int (*fasync) (int, struct file *, int); | 
|  | int (*lock) (struct file *, int, struct file_lock *); | 
|  | ssize_t (*readv) (struct file *, const struct iovec *, unsigned long, | 
|  | loff_t *); | 
|  | ssize_t (*writev) (struct file *, const struct iovec *, unsigned long, | 
|  | loff_t *); | 
|  | ssize_t (*sendfile) (struct file *, loff_t *, size_t, read_actor_t, | 
|  | void __user *); | 
|  | ssize_t (*sendpage) (struct file *, struct page *, int, size_t, | 
|  | loff_t *, int); | 
|  | unsigned long (*get_unmapped_area)(struct file *, unsigned long, | 
|  | unsigned long, unsigned long, unsigned long); | 
|  | int (*check_flags)(int); | 
|  | }; | 
|  |  | 
|  | locking rules: | 
|  | All may block. | 
|  | BKL | 
|  | llseek:			no	(see below) | 
|  | read:			no | 
|  | aio_read:		no | 
|  | write:			no | 
|  | aio_write:		no | 
|  | readdir: 		no | 
|  | poll:			no | 
|  | unlocked_ioctl:		no | 
|  | compat_ioctl:		no | 
|  | mmap:			no | 
|  | open:			no | 
|  | flush:			no | 
|  | release:		no | 
|  | fsync:			no	(see below) | 
|  | aio_fsync:		no | 
|  | fasync:			no | 
|  | lock:			yes | 
|  | readv:			no | 
|  | writev:			no | 
|  | sendfile:		no | 
|  | sendpage:		no | 
|  | get_unmapped_area:	no | 
|  | check_flags:		no | 
|  |  | 
|  | ->llseek() locking has moved from llseek to the individual llseek | 
|  | implementations.  If your fs is not using generic_file_llseek, you | 
|  | need to acquire and release the appropriate locks in your ->llseek(). | 
|  | For many filesystems, it is probably safe to acquire the inode | 
|  | mutex or just to use i_size_read() instead. | 
|  | Note: this does not protect the file->f_pos against concurrent modifications | 
|  | since this is something the userspace has to take care about. | 
|  |  | 
|  | Note: ext2_release() was *the* source of contention on fs-intensive | 
|  | loads and dropping BKL on ->release() helps to get rid of that (we still | 
|  | grab BKL for cases when we close a file that had been opened r/w, but that | 
|  | can and should be done using the internal locking with smaller critical areas). | 
|  | Current worst offender is ext2_get_block()... | 
|  |  | 
|  | ->fasync() is called without BKL protection, and is responsible for | 
|  | maintaining the FASYNC bit in filp->f_flags.  Most instances call | 
|  | fasync_helper(), which does that maintenance, so it's not normally | 
|  | something one needs to worry about.  Return values > 0 will be mapped to | 
|  | zero in the VFS layer. | 
|  |  | 
|  | ->readdir() and ->ioctl() on directories must be changed. Ideally we would | 
|  | move ->readdir() to inode_operations and use a separate method for directory | 
|  | ->ioctl() or kill the latter completely. One of the problems is that for | 
|  | anything that resembles union-mount we won't have a struct file for all | 
|  | components. And there are other reasons why the current interface is a mess... | 
|  |  | 
|  | ->read on directories probably must go away - we should just enforce -EISDIR | 
|  | in sys_read() and friends. | 
|  |  | 
|  | ->fsync() has i_mutex on inode. | 
|  |  | 
|  | --------------------------- dquot_operations ------------------------------- | 
|  | prototypes: | 
|  | int (*write_dquot) (struct dquot *); | 
|  | int (*acquire_dquot) (struct dquot *); | 
|  | int (*release_dquot) (struct dquot *); | 
|  | int (*mark_dirty) (struct dquot *); | 
|  | int (*write_info) (struct super_block *, int); | 
|  |  | 
|  | These operations are intended to be more or less wrapping functions that ensure | 
|  | a proper locking wrt the filesystem and call the generic quota operations. | 
|  |  | 
|  | What filesystem should expect from the generic quota functions: | 
|  |  | 
|  | FS recursion	Held locks when called | 
|  | write_dquot:	yes		dqonoff_sem or dqptr_sem | 
|  | acquire_dquot:	yes		dqonoff_sem or dqptr_sem | 
|  | release_dquot:	yes		dqonoff_sem or dqptr_sem | 
|  | mark_dirty:	no		- | 
|  | write_info:	yes		dqonoff_sem | 
|  |  | 
|  | FS recursion means calling ->quota_read() and ->quota_write() from superblock | 
|  | operations. | 
|  |  | 
|  | More details about quota locking can be found in fs/dquot.c. | 
|  |  | 
|  | --------------------------- vm_operations_struct ----------------------------- | 
|  | prototypes: | 
|  | void (*open)(struct vm_area_struct*); | 
|  | void (*close)(struct vm_area_struct*); | 
|  | int (*fault)(struct vm_area_struct*, struct vm_fault *); | 
|  | int (*page_mkwrite)(struct vm_area_struct *, struct vm_fault *); | 
|  | int (*access)(struct vm_area_struct *, unsigned long, void*, int, int); | 
|  |  | 
|  | locking rules: | 
|  | BKL	mmap_sem	PageLocked(page) | 
|  | open:		no	yes | 
|  | close:		no	yes | 
|  | fault:		no	yes		can return with page locked | 
|  | page_mkwrite:	no	yes		can return with page locked | 
|  | access:		no	yes | 
|  |  | 
|  | ->fault() is called when a previously not present pte is about | 
|  | to be faulted in. The filesystem must find and return the page associated | 
|  | with the passed in "pgoff" in the vm_fault structure. If it is possible that | 
|  | the page may be truncated and/or invalidated, then the filesystem must lock | 
|  | the page, then ensure it is not already truncated (the page lock will block | 
|  | subsequent truncate), and then return with VM_FAULT_LOCKED, and the page | 
|  | locked. The VM will unlock the page. | 
|  |  | 
|  | ->page_mkwrite() is called when a previously read-only pte is | 
|  | about to become writeable. The filesystem again must ensure that there are | 
|  | no truncate/invalidate races, and then return with the page locked. If | 
|  | the page has been truncated, the filesystem should not look up a new page | 
|  | like the ->fault() handler, but simply return with VM_FAULT_NOPAGE, which | 
|  | will cause the VM to retry the fault. | 
|  |  | 
|  | ->access() is called when get_user_pages() fails in | 
|  | acces_process_vm(), typically used to debug a process through | 
|  | /proc/pid/mem or ptrace.  This function is needed only for | 
|  | VM_IO | VM_PFNMAP VMAs. | 
|  |  | 
|  | ================================================================================ | 
|  | Dubious stuff | 
|  |  | 
|  | (if you break something or notice that it is broken and do not fix it yourself | 
|  | - at least put it here) | 
|  |  | 
|  | ipc/shm.c::shm_delete() - may need BKL. | 
|  | ->read() and ->write() in many drivers are (probably) missing BKL. |