1 /* 2 * logfile.c - NTFS kernel journal handling. Part of the Linux-NTFS project. 3 * 4 * Copyright (c) 2002-2007 Anton Altaparmakov 5 * 6 * This program/include file is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License as published 8 * by the Free Software Foundation; either version 2 of the License, or 9 * (at your option) any later version. 10 * 11 * This program/include file is distributed in the hope that it will be 12 * useful, but WITHOUT ANY WARRANTY; without even the implied warranty 13 * of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 * GNU General Public License for more details. 15 * 16 * You should have received a copy of the GNU General Public License 17 * along with this program (in the main directory of the Linux-NTFS 18 * distribution in the file COPYING); if not, write to the Free Software 19 * Foundation,Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 20 */ 21 22 #ifdef NTFS_RW 23 24 #include <linux/types.h> 25 #include <linux/fs.h> 26 #include <linux/highmem.h> 27 #include <linux/buffer_head.h> 28 #include <linux/bitops.h> 29 30 #include "attrib.h" 31 #include "aops.h" 32 #include "debug.h" 33 #include "logfile.h" 34 #include "malloc.h" 35 #include "volume.h" 36 #include "ntfs.h" 37 38 /** 39 * ntfs_check_restart_page_header - check the page header for consistency 40 * @vi: $LogFile inode to which the restart page header belongs 41 * @rp: restart page header to check 42 * @pos: position in @vi at which the restart page header resides 43 * 44 * Check the restart page header @rp for consistency and return 'true' if it is 45 * consistent and 'false' otherwise. 46 * 47 * This function only needs NTFS_BLOCK_SIZE bytes in @rp, i.e. it does not 48 * require the full restart page. 49 */ 50 static bool ntfs_check_restart_page_header(struct inode *vi, 51 RESTART_PAGE_HEADER *rp, s64 pos) 52 { 53 u32 logfile_system_page_size, logfile_log_page_size; 54 u16 ra_ofs, usa_count, usa_ofs, usa_end = 0; 55 bool have_usa = true; 56 57 ntfs_debug("Entering."); 58 /* 59 * If the system or log page sizes are smaller than the ntfs block size 60 * or either is not a power of 2 we cannot handle this log file. 61 */ 62 logfile_system_page_size = le32_to_cpu(rp->system_page_size); 63 logfile_log_page_size = le32_to_cpu(rp->log_page_size); 64 if (logfile_system_page_size < NTFS_BLOCK_SIZE || 65 logfile_log_page_size < NTFS_BLOCK_SIZE || 66 logfile_system_page_size & 67 (logfile_system_page_size - 1) || 68 logfile_log_page_size & (logfile_log_page_size - 1)) { 69 ntfs_error(vi->i_sb, "$LogFile uses unsupported page size."); 70 return false; 71 } 72 /* 73 * We must be either at !pos (1st restart page) or at pos = system page 74 * size (2nd restart page). 75 */ 76 if (pos && pos != logfile_system_page_size) { 77 ntfs_error(vi->i_sb, "Found restart area in incorrect " 78 "position in $LogFile."); 79 return false; 80 } 81 /* We only know how to handle version 1.1. */ 82 if (sle16_to_cpu(rp->major_ver) != 1 || 83 sle16_to_cpu(rp->minor_ver) != 1) { 84 ntfs_error(vi->i_sb, "$LogFile version %i.%i is not " 85 "supported. (This driver supports version " 86 "1.1 only.)", (int)sle16_to_cpu(rp->major_ver), 87 (int)sle16_to_cpu(rp->minor_ver)); 88 return false; 89 } 90 /* 91 * If chkdsk has been run the restart page may not be protected by an 92 * update sequence array. 93 */ 94 if (ntfs_is_chkd_record(rp->magic) && !le16_to_cpu(rp->usa_count)) { 95 have_usa = false; 96 goto skip_usa_checks; 97 } 98 /* Verify the size of the update sequence array. */ 99 usa_count = 1 + (logfile_system_page_size >> NTFS_BLOCK_SIZE_BITS); 100 if (usa_count != le16_to_cpu(rp->usa_count)) { 101 ntfs_error(vi->i_sb, "$LogFile restart page specifies " 102 "inconsistent update sequence array count."); 103 return false; 104 } 105 /* Verify the position of the update sequence array. */ 106 usa_ofs = le16_to_cpu(rp->usa_ofs); 107 usa_end = usa_ofs + usa_count * sizeof(u16); 108 if (usa_ofs < sizeof(RESTART_PAGE_HEADER) || 109 usa_end > NTFS_BLOCK_SIZE - sizeof(u16)) { 110 ntfs_error(vi->i_sb, "$LogFile restart page specifies " 111 "inconsistent update sequence array offset."); 112 return false; 113 } 114 skip_usa_checks: 115 /* 116 * Verify the position of the restart area. It must be: 117 * - aligned to 8-byte boundary, 118 * - after the update sequence array, and 119 * - within the system page size. 120 */ 121 ra_ofs = le16_to_cpu(rp->restart_area_offset); 122 if (ra_ofs & 7 || (have_usa ? ra_ofs < usa_end : 123 ra_ofs < sizeof(RESTART_PAGE_HEADER)) || 124 ra_ofs > logfile_system_page_size) { 125 ntfs_error(vi->i_sb, "$LogFile restart page specifies " 126 "inconsistent restart area offset."); 127 return false; 128 } 129 /* 130 * Only restart pages modified by chkdsk are allowed to have chkdsk_lsn 131 * set. 132 */ 133 if (!ntfs_is_chkd_record(rp->magic) && sle64_to_cpu(rp->chkdsk_lsn)) { 134 ntfs_error(vi->i_sb, "$LogFile restart page is not modified " 135 "by chkdsk but a chkdsk LSN is specified."); 136 return false; 137 } 138 ntfs_debug("Done."); 139 return true; 140 } 141 142 /** 143 * ntfs_check_restart_area - check the restart area for consistency 144 * @vi: $LogFile inode to which the restart page belongs 145 * @rp: restart page whose restart area to check 146 * 147 * Check the restart area of the restart page @rp for consistency and return 148 * 'true' if it is consistent and 'false' otherwise. 149 * 150 * This function assumes that the restart page header has already been 151 * consistency checked. 152 * 153 * This function only needs NTFS_BLOCK_SIZE bytes in @rp, i.e. it does not 154 * require the full restart page. 155 */ 156 static bool ntfs_check_restart_area(struct inode *vi, RESTART_PAGE_HEADER *rp) 157 { 158 u64 file_size; 159 RESTART_AREA *ra; 160 u16 ra_ofs, ra_len, ca_ofs; 161 u8 fs_bits; 162 163 ntfs_debug("Entering."); 164 ra_ofs = le16_to_cpu(rp->restart_area_offset); 165 ra = (RESTART_AREA*)((u8*)rp + ra_ofs); 166 /* 167 * Everything before ra->file_size must be before the first word 168 * protected by an update sequence number. This ensures that it is 169 * safe to access ra->client_array_offset. 170 */ 171 if (ra_ofs + offsetof(RESTART_AREA, file_size) > 172 NTFS_BLOCK_SIZE - sizeof(u16)) { 173 ntfs_error(vi->i_sb, "$LogFile restart area specifies " 174 "inconsistent file offset."); 175 return false; 176 } 177 /* 178 * Now that we can access ra->client_array_offset, make sure everything 179 * up to the log client array is before the first word protected by an 180 * update sequence number. This ensures we can access all of the 181 * restart area elements safely. Also, the client array offset must be 182 * aligned to an 8-byte boundary. 183 */ 184 ca_ofs = le16_to_cpu(ra->client_array_offset); 185 if (((ca_ofs + 7) & ~7) != ca_ofs || 186 ra_ofs + ca_ofs > NTFS_BLOCK_SIZE - sizeof(u16)) { 187 ntfs_error(vi->i_sb, "$LogFile restart area specifies " 188 "inconsistent client array offset."); 189 return false; 190 } 191 /* 192 * The restart area must end within the system page size both when 193 * calculated manually and as specified by ra->restart_area_length. 194 * Also, the calculated length must not exceed the specified length. 195 */ 196 ra_len = ca_ofs + le16_to_cpu(ra->log_clients) * 197 sizeof(LOG_CLIENT_RECORD); 198 if (ra_ofs + ra_len > le32_to_cpu(rp->system_page_size) || 199 ra_ofs + le16_to_cpu(ra->restart_area_length) > 200 le32_to_cpu(rp->system_page_size) || 201 ra_len > le16_to_cpu(ra->restart_area_length)) { 202 ntfs_error(vi->i_sb, "$LogFile restart area is out of bounds " 203 "of the system page size specified by the " 204 "restart page header and/or the specified " 205 "restart area length is inconsistent."); 206 return false; 207 } 208 /* 209 * The ra->client_free_list and ra->client_in_use_list must be either 210 * LOGFILE_NO_CLIENT or less than ra->log_clients or they are 211 * overflowing the client array. 212 */ 213 if ((ra->client_free_list != LOGFILE_NO_CLIENT && 214 le16_to_cpu(ra->client_free_list) >= 215 le16_to_cpu(ra->log_clients)) || 216 (ra->client_in_use_list != LOGFILE_NO_CLIENT && 217 le16_to_cpu(ra->client_in_use_list) >= 218 le16_to_cpu(ra->log_clients))) { 219 ntfs_error(vi->i_sb, "$LogFile restart area specifies " 220 "overflowing client free and/or in use lists."); 221 return false; 222 } 223 /* 224 * Check ra->seq_number_bits against ra->file_size for consistency. 225 * We cannot just use ffs() because the file size is not a power of 2. 226 */ 227 file_size = (u64)sle64_to_cpu(ra->file_size); 228 fs_bits = 0; 229 while (file_size) { 230 file_size >>= 1; 231 fs_bits++; 232 } 233 if (le32_to_cpu(ra->seq_number_bits) != 67 - fs_bits) { 234 ntfs_error(vi->i_sb, "$LogFile restart area specifies " 235 "inconsistent sequence number bits."); 236 return false; 237 } 238 /* The log record header length must be a multiple of 8. */ 239 if (((le16_to_cpu(ra->log_record_header_length) + 7) & ~7) != 240 le16_to_cpu(ra->log_record_header_length)) { 241 ntfs_error(vi->i_sb, "$LogFile restart area specifies " 242 "inconsistent log record header length."); 243 return false; 244 } 245 /* Dito for the log page data offset. */ 246 if (((le16_to_cpu(ra->log_page_data_offset) + 7) & ~7) != 247 le16_to_cpu(ra->log_page_data_offset)) { 248 ntfs_error(vi->i_sb, "$LogFile restart area specifies " 249 "inconsistent log page data offset."); 250 return false; 251 } 252 ntfs_debug("Done."); 253 return true; 254 } 255 256 /** 257 * ntfs_check_log_client_array - check the log client array for consistency 258 * @vi: $LogFile inode to which the restart page belongs 259 * @rp: restart page whose log client array to check 260 * 261 * Check the log client array of the restart page @rp for consistency and 262 * return 'true' if it is consistent and 'false' otherwise. 263 * 264 * This function assumes that the restart page header and the restart area have 265 * already been consistency checked. 266 * 267 * Unlike ntfs_check_restart_page_header() and ntfs_check_restart_area(), this 268 * function needs @rp->system_page_size bytes in @rp, i.e. it requires the full 269 * restart page and the page must be multi sector transfer deprotected. 270 */ 271 static bool ntfs_check_log_client_array(struct inode *vi, 272 RESTART_PAGE_HEADER *rp) 273 { 274 RESTART_AREA *ra; 275 LOG_CLIENT_RECORD *ca, *cr; 276 u16 nr_clients, idx; 277 bool in_free_list, idx_is_first; 278 279 ntfs_debug("Entering."); 280 ra = (RESTART_AREA*)((u8*)rp + le16_to_cpu(rp->restart_area_offset)); 281 ca = (LOG_CLIENT_RECORD*)((u8*)ra + 282 le16_to_cpu(ra->client_array_offset)); 283 /* 284 * Check the ra->client_free_list first and then check the 285 * ra->client_in_use_list. Check each of the log client records in 286 * each of the lists and check that the array does not overflow the 287 * ra->log_clients value. Also keep track of the number of records 288 * visited as there cannot be more than ra->log_clients records and 289 * that way we detect eventual loops in within a list. 290 */ 291 nr_clients = le16_to_cpu(ra->log_clients); 292 idx = le16_to_cpu(ra->client_free_list); 293 in_free_list = true; 294 check_list: 295 for (idx_is_first = true; idx != LOGFILE_NO_CLIENT_CPU; nr_clients--, 296 idx = le16_to_cpu(cr->next_client)) { 297 if (!nr_clients || idx >= le16_to_cpu(ra->log_clients)) 298 goto err_out; 299 /* Set @cr to the current log client record. */ 300 cr = ca + idx; 301 /* The first log client record must not have a prev_client. */ 302 if (idx_is_first) { 303 if (cr->prev_client != LOGFILE_NO_CLIENT) 304 goto err_out; 305 idx_is_first = false; 306 } 307 } 308 /* Switch to and check the in use list if we just did the free list. */ 309 if (in_free_list) { 310 in_free_list = false; 311 idx = le16_to_cpu(ra->client_in_use_list); 312 goto check_list; 313 } 314 ntfs_debug("Done."); 315 return true; 316 err_out: 317 ntfs_error(vi->i_sb, "$LogFile log client array is corrupt."); 318 return false; 319 } 320 321 /** 322 * ntfs_check_and_load_restart_page - check the restart page for consistency 323 * @vi: $LogFile inode to which the restart page belongs 324 * @rp: restart page to check 325 * @pos: position in @vi at which the restart page resides 326 * @wrp: [OUT] copy of the multi sector transfer deprotected restart page 327 * @lsn: [OUT] set to the current logfile lsn on success 328 * 329 * Check the restart page @rp for consistency and return 0 if it is consistent 330 * and -errno otherwise. The restart page may have been modified by chkdsk in 331 * which case its magic is CHKD instead of RSTR. 332 * 333 * This function only needs NTFS_BLOCK_SIZE bytes in @rp, i.e. it does not 334 * require the full restart page. 335 * 336 * If @wrp is not NULL, on success, *@wrp will point to a buffer containing a 337 * copy of the complete multi sector transfer deprotected page. On failure, 338 * *@wrp is undefined. 339 * 340 * Simillarly, if @lsn is not NULL, on succes *@lsn will be set to the current 341 * logfile lsn according to this restart page. On failure, *@lsn is undefined. 342 * 343 * The following error codes are defined: 344 * -EINVAL - The restart page is inconsistent. 345 * -ENOMEM - Not enough memory to load the restart page. 346 * -EIO - Failed to reading from $LogFile. 347 */ 348 static int ntfs_check_and_load_restart_page(struct inode *vi, 349 RESTART_PAGE_HEADER *rp, s64 pos, RESTART_PAGE_HEADER **wrp, 350 LSN *lsn) 351 { 352 RESTART_AREA *ra; 353 RESTART_PAGE_HEADER *trp; 354 int size, err; 355 356 ntfs_debug("Entering."); 357 /* Check the restart page header for consistency. */ 358 if (!ntfs_check_restart_page_header(vi, rp, pos)) { 359 /* Error output already done inside the function. */ 360 return -EINVAL; 361 } 362 /* Check the restart area for consistency. */ 363 if (!ntfs_check_restart_area(vi, rp)) { 364 /* Error output already done inside the function. */ 365 return -EINVAL; 366 } 367 ra = (RESTART_AREA*)((u8*)rp + le16_to_cpu(rp->restart_area_offset)); 368 /* 369 * Allocate a buffer to store the whole restart page so we can multi 370 * sector transfer deprotect it. 371 */ 372 trp = ntfs_malloc_nofs(le32_to_cpu(rp->system_page_size)); 373 if (!trp) { 374 ntfs_error(vi->i_sb, "Failed to allocate memory for $LogFile " 375 "restart page buffer."); 376 return -ENOMEM; 377 } 378 /* 379 * Read the whole of the restart page into the buffer. If it fits 380 * completely inside @rp, just copy it from there. Otherwise map all 381 * the required pages and copy the data from them. 382 */ 383 size = PAGE_CACHE_SIZE - (pos & ~PAGE_CACHE_MASK); 384 if (size >= le32_to_cpu(rp->system_page_size)) { 385 memcpy(trp, rp, le32_to_cpu(rp->system_page_size)); 386 } else { 387 pgoff_t idx; 388 struct page *page; 389 int have_read, to_read; 390 391 /* First copy what we already have in @rp. */ 392 memcpy(trp, rp, size); 393 /* Copy the remaining data one page at a time. */ 394 have_read = size; 395 to_read = le32_to_cpu(rp->system_page_size) - size; 396 idx = (pos + size) >> PAGE_CACHE_SHIFT; 397 BUG_ON((pos + size) & ~PAGE_CACHE_MASK); 398 do { 399 page = ntfs_map_page(vi->i_mapping, idx); 400 if (IS_ERR(page)) { 401 ntfs_error(vi->i_sb, "Error mapping $LogFile " 402 "page (index %lu).", idx); 403 err = PTR_ERR(page); 404 if (err != -EIO && err != -ENOMEM) 405 err = -EIO; 406 goto err_out; 407 } 408 size = min_t(int, to_read, PAGE_CACHE_SIZE); 409 memcpy((u8*)trp + have_read, page_address(page), size); 410 ntfs_unmap_page(page); 411 have_read += size; 412 to_read -= size; 413 idx++; 414 } while (to_read > 0); 415 } 416 /* 417 * Perform the multi sector transfer deprotection on the buffer if the 418 * restart page is protected. 419 */ 420 if ((!ntfs_is_chkd_record(trp->magic) || le16_to_cpu(trp->usa_count)) 421 && post_read_mst_fixup((NTFS_RECORD*)trp, 422 le32_to_cpu(rp->system_page_size))) { 423 /* 424 * A multi sector tranfer error was detected. We only need to 425 * abort if the restart page contents exceed the multi sector 426 * transfer fixup of the first sector. 427 */ 428 if (le16_to_cpu(rp->restart_area_offset) + 429 le16_to_cpu(ra->restart_area_length) > 430 NTFS_BLOCK_SIZE - sizeof(u16)) { 431 ntfs_error(vi->i_sb, "Multi sector transfer error " 432 "detected in $LogFile restart page."); 433 err = -EINVAL; 434 goto err_out; 435 } 436 } 437 /* 438 * If the restart page is modified by chkdsk or there are no active 439 * logfile clients, the logfile is consistent. Otherwise, need to 440 * check the log client records for consistency, too. 441 */ 442 err = 0; 443 if (ntfs_is_rstr_record(rp->magic) && 444 ra->client_in_use_list != LOGFILE_NO_CLIENT) { 445 if (!ntfs_check_log_client_array(vi, trp)) { 446 err = -EINVAL; 447 goto err_out; 448 } 449 } 450 if (lsn) { 451 if (ntfs_is_rstr_record(rp->magic)) 452 *lsn = sle64_to_cpu(ra->current_lsn); 453 else /* if (ntfs_is_chkd_record(rp->magic)) */ 454 *lsn = sle64_to_cpu(rp->chkdsk_lsn); 455 } 456 ntfs_debug("Done."); 457 if (wrp) 458 *wrp = trp; 459 else { 460 err_out: 461 ntfs_free(trp); 462 } 463 return err; 464 } 465 466 /** 467 * ntfs_check_logfile - check the journal for consistency 468 * @log_vi: struct inode of loaded journal $LogFile to check 469 * @rp: [OUT] on success this is a copy of the current restart page 470 * 471 * Check the $LogFile journal for consistency and return 'true' if it is 472 * consistent and 'false' if not. On success, the current restart page is 473 * returned in *@rp. Caller must call ntfs_free(*@rp) when finished with it. 474 * 475 * At present we only check the two restart pages and ignore the log record 476 * pages. 477 * 478 * Note that the MstProtected flag is not set on the $LogFile inode and hence 479 * when reading pages they are not deprotected. This is because we do not know 480 * if the $LogFile was created on a system with a different page size to ours 481 * yet and mst deprotection would fail if our page size is smaller. 482 */ 483 bool ntfs_check_logfile(struct inode *log_vi, RESTART_PAGE_HEADER **rp) 484 { 485 s64 size, pos; 486 LSN rstr1_lsn, rstr2_lsn; 487 ntfs_volume *vol = NTFS_SB(log_vi->i_sb); 488 struct address_space *mapping = log_vi->i_mapping; 489 struct page *page = NULL; 490 u8 *kaddr = NULL; 491 RESTART_PAGE_HEADER *rstr1_ph = NULL; 492 RESTART_PAGE_HEADER *rstr2_ph = NULL; 493 int log_page_size, log_page_mask, err; 494 bool logfile_is_empty = true; 495 u8 log_page_bits; 496 497 ntfs_debug("Entering."); 498 /* An empty $LogFile must have been clean before it got emptied. */ 499 if (NVolLogFileEmpty(vol)) 500 goto is_empty; 501 size = i_size_read(log_vi); 502 /* Make sure the file doesn't exceed the maximum allowed size. */ 503 if (size > MaxLogFileSize) 504 size = MaxLogFileSize; 505 /* 506 * Truncate size to a multiple of the page cache size or the default 507 * log page size if the page cache size is between the default log page 508 * log page size if the page cache size is between the default log page 509 * size and twice that. 510 */ 511 if (PAGE_CACHE_SIZE >= DefaultLogPageSize && PAGE_CACHE_SIZE <= 512 DefaultLogPageSize * 2) 513 log_page_size = DefaultLogPageSize; 514 else 515 log_page_size = PAGE_CACHE_SIZE; 516 log_page_mask = log_page_size - 1; 517 /* 518 * Use ntfs_ffs() instead of ffs() to enable the compiler to 519 * optimize log_page_size and log_page_bits into constants. 520 */ 521 log_page_bits = ntfs_ffs(log_page_size) - 1; 522 size &= ~(s64)(log_page_size - 1); 523 /* 524 * Ensure the log file is big enough to store at least the two restart 525 * pages and the minimum number of log record pages. 526 */ 527 if (size < log_page_size * 2 || (size - log_page_size * 2) >> 528 log_page_bits < MinLogRecordPages) { 529 ntfs_error(vol->sb, "$LogFile is too small."); 530 return false; 531 } 532 /* 533 * Read through the file looking for a restart page. Since the restart 534 * page header is at the beginning of a page we only need to search at 535 * what could be the beginning of a page (for each page size) rather 536 * than scanning the whole file byte by byte. If all potential places 537 * contain empty and uninitialzed records, the log file can be assumed 538 * to be empty. 539 */ 540 for (pos = 0; pos < size; pos <<= 1) { 541 pgoff_t idx = pos >> PAGE_CACHE_SHIFT; 542 if (!page || page->index != idx) { 543 if (page) 544 ntfs_unmap_page(page); 545 page = ntfs_map_page(mapping, idx); 546 if (IS_ERR(page)) { 547 ntfs_error(vol->sb, "Error mapping $LogFile " 548 "page (index %lu).", idx); 549 goto err_out; 550 } 551 } 552 kaddr = (u8*)page_address(page) + (pos & ~PAGE_CACHE_MASK); 553 /* 554 * A non-empty block means the logfile is not empty while an 555 * empty block after a non-empty block has been encountered 556 * means we are done. 557 */ 558 if (!ntfs_is_empty_recordp((le32*)kaddr)) 559 logfile_is_empty = false; 560 else if (!logfile_is_empty) 561 break; 562 /* 563 * A log record page means there cannot be a restart page after 564 * this so no need to continue searching. 565 */ 566 if (ntfs_is_rcrd_recordp((le32*)kaddr)) 567 break; 568 /* If not a (modified by chkdsk) restart page, continue. */ 569 if (!ntfs_is_rstr_recordp((le32*)kaddr) && 570 !ntfs_is_chkd_recordp((le32*)kaddr)) { 571 if (!pos) 572 pos = NTFS_BLOCK_SIZE >> 1; 573 continue; 574 } 575 /* 576 * Check the (modified by chkdsk) restart page for consistency 577 * and get a copy of the complete multi sector transfer 578 * deprotected restart page. 579 */ 580 err = ntfs_check_and_load_restart_page(log_vi, 581 (RESTART_PAGE_HEADER*)kaddr, pos, 582 !rstr1_ph ? &rstr1_ph : &rstr2_ph, 583 !rstr1_ph ? &rstr1_lsn : &rstr2_lsn); 584 if (!err) { 585 /* 586 * If we have now found the first (modified by chkdsk) 587 * restart page, continue looking for the second one. 588 */ 589 if (!pos) { 590 pos = NTFS_BLOCK_SIZE >> 1; 591 continue; 592 } 593 /* 594 * We have now found the second (modified by chkdsk) 595 * restart page, so we can stop looking. 596 */ 597 break; 598 } 599 /* 600 * Error output already done inside the function. Note, we do 601 * not abort if the restart page was invalid as we might still 602 * find a valid one further in the file. 603 */ 604 if (err != -EINVAL) { 605 ntfs_unmap_page(page); 606 goto err_out; 607 } 608 /* Continue looking. */ 609 if (!pos) 610 pos = NTFS_BLOCK_SIZE >> 1; 611 } 612 if (page) 613 ntfs_unmap_page(page); 614 if (logfile_is_empty) { 615 NVolSetLogFileEmpty(vol); 616 is_empty: 617 ntfs_debug("Done. ($LogFile is empty.)"); 618 return true; 619 } 620 if (!rstr1_ph) { 621 BUG_ON(rstr2_ph); 622 ntfs_error(vol->sb, "Did not find any restart pages in " 623 "$LogFile and it was not empty."); 624 return false; 625 } 626 /* If both restart pages were found, use the more recent one. */ 627 if (rstr2_ph) { 628 /* 629 * If the second restart area is more recent, switch to it. 630 * Otherwise just throw it away. 631 */ 632 if (rstr2_lsn > rstr1_lsn) { 633 ntfs_debug("Using second restart page as it is more " 634 "recent."); 635 ntfs_free(rstr1_ph); 636 rstr1_ph = rstr2_ph; 637 /* rstr1_lsn = rstr2_lsn; */ 638 } else { 639 ntfs_debug("Using first restart page as it is more " 640 "recent."); 641 ntfs_free(rstr2_ph); 642 } 643 rstr2_ph = NULL; 644 } 645 /* All consistency checks passed. */ 646 if (rp) 647 *rp = rstr1_ph; 648 else 649 ntfs_free(rstr1_ph); 650 ntfs_debug("Done."); 651 return true; 652 err_out: 653 if (rstr1_ph) 654 ntfs_free(rstr1_ph); 655 return false; 656 } 657 658 /** 659 * ntfs_is_logfile_clean - check in the journal if the volume is clean 660 * @log_vi: struct inode of loaded journal $LogFile to check 661 * @rp: copy of the current restart page 662 * 663 * Analyze the $LogFile journal and return 'true' if it indicates the volume was 664 * shutdown cleanly and 'false' if not. 665 * 666 * At present we only look at the two restart pages and ignore the log record 667 * pages. This is a little bit crude in that there will be a very small number 668 * of cases where we think that a volume is dirty when in fact it is clean. 669 * This should only affect volumes that have not been shutdown cleanly but did 670 * not have any pending, non-check-pointed i/o, i.e. they were completely idle 671 * at least for the five seconds preceeding the unclean shutdown. 672 * 673 * This function assumes that the $LogFile journal has already been consistency 674 * checked by a call to ntfs_check_logfile() and in particular if the $LogFile 675 * is empty this function requires that NVolLogFileEmpty() is true otherwise an 676 * empty volume will be reported as dirty. 677 */ 678 bool ntfs_is_logfile_clean(struct inode *log_vi, const RESTART_PAGE_HEADER *rp) 679 { 680 ntfs_volume *vol = NTFS_SB(log_vi->i_sb); 681 RESTART_AREA *ra; 682 683 ntfs_debug("Entering."); 684 /* An empty $LogFile must have been clean before it got emptied. */ 685 if (NVolLogFileEmpty(vol)) { 686 ntfs_debug("Done. ($LogFile is empty.)"); 687 return true; 688 } 689 BUG_ON(!rp); 690 if (!ntfs_is_rstr_record(rp->magic) && 691 !ntfs_is_chkd_record(rp->magic)) { 692 ntfs_error(vol->sb, "Restart page buffer is invalid. This is " 693 "probably a bug in that the $LogFile should " 694 "have been consistency checked before calling " 695 "this function."); 696 return false; 697 } 698 ra = (RESTART_AREA*)((u8*)rp + le16_to_cpu(rp->restart_area_offset)); 699 /* 700 * If the $LogFile has active clients, i.e. it is open, and we do not 701 * have the RESTART_VOLUME_IS_CLEAN bit set in the restart area flags, 702 * we assume there was an unclean shutdown. 703 */ 704 if (ra->client_in_use_list != LOGFILE_NO_CLIENT && 705 !(ra->flags & RESTART_VOLUME_IS_CLEAN)) { 706 ntfs_debug("Done. $LogFile indicates a dirty shutdown."); 707 return false; 708 } 709 /* $LogFile indicates a clean shutdown. */ 710 ntfs_debug("Done. $LogFile indicates a clean shutdown."); 711 return true; 712 } 713 714 /** 715 * ntfs_empty_logfile - empty the contents of the $LogFile journal 716 * @log_vi: struct inode of loaded journal $LogFile to empty 717 * 718 * Empty the contents of the $LogFile journal @log_vi and return 'true' on 719 * success and 'false' on error. 720 * 721 * This function assumes that the $LogFile journal has already been consistency 722 * checked by a call to ntfs_check_logfile() and that ntfs_is_logfile_clean() 723 * has been used to ensure that the $LogFile is clean. 724 */ 725 bool ntfs_empty_logfile(struct inode *log_vi) 726 { 727 VCN vcn, end_vcn; 728 ntfs_inode *log_ni = NTFS_I(log_vi); 729 ntfs_volume *vol = log_ni->vol; 730 struct super_block *sb = vol->sb; 731 runlist_element *rl; 732 unsigned long flags; 733 unsigned block_size, block_size_bits; 734 int err; 735 bool should_wait = true; 736 737 ntfs_debug("Entering."); 738 if (NVolLogFileEmpty(vol)) { 739 ntfs_debug("Done."); 740 return true; 741 } 742 /* 743 * We cannot use ntfs_attr_set() because we may be still in the middle 744 * of a mount operation. Thus we do the emptying by hand by first 745 * zapping the page cache pages for the $LogFile/$DATA attribute and 746 * then emptying each of the buffers in each of the clusters specified 747 * by the runlist by hand. 748 */ 749 block_size = sb->s_blocksize; 750 block_size_bits = sb->s_blocksize_bits; 751 vcn = 0; 752 read_lock_irqsave(&log_ni->size_lock, flags); 753 end_vcn = (log_ni->initialized_size + vol->cluster_size_mask) >> 754 vol->cluster_size_bits; 755 read_unlock_irqrestore(&log_ni->size_lock, flags); 756 truncate_inode_pages(log_vi->i_mapping, 0); 757 down_write(&log_ni->runlist.lock); 758 rl = log_ni->runlist.rl; 759 if (unlikely(!rl || vcn < rl->vcn || !rl->length)) { 760 map_vcn: 761 err = ntfs_map_runlist_nolock(log_ni, vcn, NULL); 762 if (err) { 763 ntfs_error(sb, "Failed to map runlist fragment (error " 764 "%d).", -err); 765 goto err; 766 } 767 rl = log_ni->runlist.rl; 768 BUG_ON(!rl || vcn < rl->vcn || !rl->length); 769 } 770 /* Seek to the runlist element containing @vcn. */ 771 while (rl->length && vcn >= rl[1].vcn) 772 rl++; 773 do { 774 LCN lcn; 775 sector_t block, end_block; 776 s64 len; 777 778 /* 779 * If this run is not mapped map it now and start again as the 780 * runlist will have been updated. 781 */ 782 lcn = rl->lcn; 783 if (unlikely(lcn == LCN_RL_NOT_MAPPED)) { 784 vcn = rl->vcn; 785 goto map_vcn; 786 } 787 /* If this run is not valid abort with an error. */ 788 if (unlikely(!rl->length || lcn < LCN_HOLE)) 789 goto rl_err; 790 /* Skip holes. */ 791 if (lcn == LCN_HOLE) 792 continue; 793 block = lcn << vol->cluster_size_bits >> block_size_bits; 794 len = rl->length; 795 if (rl[1].vcn > end_vcn) 796 len = end_vcn - rl->vcn; 797 end_block = (lcn + len) << vol->cluster_size_bits >> 798 block_size_bits; 799 /* Iterate over the blocks in the run and empty them. */ 800 do { 801 struct buffer_head *bh; 802 803 /* Obtain the buffer, possibly not uptodate. */ 804 bh = sb_getblk(sb, block); 805 BUG_ON(!bh); 806 /* Setup buffer i/o submission. */ 807 lock_buffer(bh); 808 bh->b_end_io = end_buffer_write_sync; 809 get_bh(bh); 810 /* Set the entire contents of the buffer to 0xff. */ 811 memset(bh->b_data, -1, block_size); 812 if (!buffer_uptodate(bh)) 813 set_buffer_uptodate(bh); 814 if (buffer_dirty(bh)) 815 clear_buffer_dirty(bh); 816 /* 817 * Submit the buffer and wait for i/o to complete but 818 * only for the first buffer so we do not miss really 819 * serious i/o errors. Once the first buffer has 820 * completed ignore errors afterwards as we can assume 821 * that if one buffer worked all of them will work. 822 */ 823 submit_bh(WRITE, bh); 824 if (should_wait) { 825 should_wait = false; 826 wait_on_buffer(bh); 827 if (unlikely(!buffer_uptodate(bh))) 828 goto io_err; 829 } 830 brelse(bh); 831 } while (++block < end_block); 832 } while ((++rl)->vcn < end_vcn); 833 up_write(&log_ni->runlist.lock); 834 /* 835 * Zap the pages again just in case any got instantiated whilst we were 836 * emptying the blocks by hand. FIXME: We may not have completed 837 * writing to all the buffer heads yet so this may happen too early. 838 * We really should use a kernel thread to do the emptying 839 * asynchronously and then we can also set the volume dirty and output 840 * an error message if emptying should fail. 841 */ 842 truncate_inode_pages(log_vi->i_mapping, 0); 843 /* Set the flag so we do not have to do it again on remount. */ 844 NVolSetLogFileEmpty(vol); 845 ntfs_debug("Done."); 846 return true; 847 io_err: 848 ntfs_error(sb, "Failed to write buffer. Unmount and run chkdsk."); 849 goto dirty_err; 850 rl_err: 851 ntfs_error(sb, "Runlist is corrupt. Unmount and run chkdsk."); 852 dirty_err: 853 NVolSetErrors(vol); 854 err = -EIO; 855 err: 856 up_write(&log_ni->runlist.lock); 857 ntfs_error(sb, "Failed to fill $LogFile with 0xff bytes (error %d).", 858 -err); 859 return false; 860 } 861 862 #endif /* NTFS_RW */ 863