1 /* 2 * This file is part of UBIFS. 3 * 4 * Copyright (C) 2006-2008 Nokia Corporation. 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms of the GNU General Public License version 2 as published by 8 * the Free Software Foundation. 9 * 10 * This program is distributed in the hope that it will be useful, but WITHOUT 11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for 13 * more details. 14 * 15 * You should have received a copy of the GNU General Public License along with 16 * this program; if not, write to the Free Software Foundation, Inc., 51 17 * Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 18 * 19 * Authors: Artem Bityutskiy (Битюцкий Артём) 20 * Adrian Hunter 21 */ 22 23 /* 24 * This file implements UBIFS superblock. The superblock is stored at the first 25 * LEB of the volume and is never changed by UBIFS. Only user-space tools may 26 * change it. The superblock node mostly contains geometry information. 27 */ 28 29 #include "ubifs.h" 30 #include <linux/slab.h> 31 #include <linux/math64.h> 32 #include <linux/uuid.h> 33 34 /* 35 * Default journal size in logical eraseblocks as a percent of total 36 * flash size. 37 */ 38 #define DEFAULT_JNL_PERCENT 5 39 40 /* Default maximum journal size in bytes */ 41 #define DEFAULT_MAX_JNL (32*1024*1024) 42 43 /* Default indexing tree fanout */ 44 #define DEFAULT_FANOUT 8 45 46 /* Default number of data journal heads */ 47 #define DEFAULT_JHEADS_CNT 1 48 49 /* Default positions of different LEBs in the main area */ 50 #define DEFAULT_IDX_LEB 0 51 #define DEFAULT_DATA_LEB 1 52 #define DEFAULT_GC_LEB 2 53 54 /* Default number of LEB numbers in LPT's save table */ 55 #define DEFAULT_LSAVE_CNT 256 56 57 /* Default reserved pool size as a percent of maximum free space */ 58 #define DEFAULT_RP_PERCENT 5 59 60 /* The default maximum size of reserved pool in bytes */ 61 #define DEFAULT_MAX_RP_SIZE (5*1024*1024) 62 63 /* Default time granularity in nanoseconds */ 64 #define DEFAULT_TIME_GRAN 1000000000 65 66 static int get_default_compressor(struct ubifs_info *c) 67 { 68 if (ubifs_compr_present(c, UBIFS_COMPR_LZO)) 69 return UBIFS_COMPR_LZO; 70 71 if (ubifs_compr_present(c, UBIFS_COMPR_ZLIB)) 72 return UBIFS_COMPR_ZLIB; 73 74 return UBIFS_COMPR_NONE; 75 } 76 77 /** 78 * create_default_filesystem - format empty UBI volume. 79 * @c: UBIFS file-system description object 80 * 81 * This function creates default empty file-system. Returns zero in case of 82 * success and a negative error code in case of failure. 83 */ 84 static int create_default_filesystem(struct ubifs_info *c) 85 { 86 struct ubifs_sb_node *sup; 87 struct ubifs_mst_node *mst; 88 struct ubifs_idx_node *idx; 89 struct ubifs_branch *br; 90 struct ubifs_ino_node *ino; 91 struct ubifs_cs_node *cs; 92 union ubifs_key key; 93 int err, tmp, jnl_lebs, log_lebs, max_buds, main_lebs, main_first; 94 int lpt_lebs, lpt_first, orph_lebs, big_lpt, ino_waste, sup_flags = 0; 95 int min_leb_cnt = UBIFS_MIN_LEB_CNT; 96 int idx_node_size; 97 long long tmp64, main_bytes; 98 __le64 tmp_le64; 99 __le32 tmp_le32; 100 struct timespec64 ts; 101 u8 hash[UBIFS_HASH_ARR_SZ]; 102 u8 hash_lpt[UBIFS_HASH_ARR_SZ]; 103 104 /* Some functions called from here depend on the @c->key_len filed */ 105 c->key_len = UBIFS_SK_LEN; 106 107 /* 108 * First of all, we have to calculate default file-system geometry - 109 * log size, journal size, etc. 110 */ 111 if (c->leb_cnt < 0x7FFFFFFF / DEFAULT_JNL_PERCENT) 112 /* We can first multiply then divide and have no overflow */ 113 jnl_lebs = c->leb_cnt * DEFAULT_JNL_PERCENT / 100; 114 else 115 jnl_lebs = (c->leb_cnt / 100) * DEFAULT_JNL_PERCENT; 116 117 if (jnl_lebs < UBIFS_MIN_JNL_LEBS) 118 jnl_lebs = UBIFS_MIN_JNL_LEBS; 119 if (jnl_lebs * c->leb_size > DEFAULT_MAX_JNL) 120 jnl_lebs = DEFAULT_MAX_JNL / c->leb_size; 121 122 /* 123 * The log should be large enough to fit reference nodes for all bud 124 * LEBs. Because buds do not have to start from the beginning of LEBs 125 * (half of the LEB may contain committed data), the log should 126 * generally be larger, make it twice as large. 127 */ 128 tmp = 2 * (c->ref_node_alsz * jnl_lebs) + c->leb_size - 1; 129 log_lebs = tmp / c->leb_size; 130 /* Plus one LEB reserved for commit */ 131 log_lebs += 1; 132 if (c->leb_cnt - min_leb_cnt > 8) { 133 /* And some extra space to allow writes while committing */ 134 log_lebs += 1; 135 min_leb_cnt += 1; 136 } 137 138 max_buds = jnl_lebs - log_lebs; 139 if (max_buds < UBIFS_MIN_BUD_LEBS) 140 max_buds = UBIFS_MIN_BUD_LEBS; 141 142 /* 143 * Orphan nodes are stored in a separate area. One node can store a lot 144 * of orphan inode numbers, but when new orphan comes we just add a new 145 * orphan node. At some point the nodes are consolidated into one 146 * orphan node. 147 */ 148 orph_lebs = UBIFS_MIN_ORPH_LEBS; 149 if (c->leb_cnt - min_leb_cnt > 1) 150 /* 151 * For debugging purposes it is better to have at least 2 152 * orphan LEBs, because the orphan subsystem would need to do 153 * consolidations and would be stressed more. 154 */ 155 orph_lebs += 1; 156 157 main_lebs = c->leb_cnt - UBIFS_SB_LEBS - UBIFS_MST_LEBS - log_lebs; 158 main_lebs -= orph_lebs; 159 160 lpt_first = UBIFS_LOG_LNUM + log_lebs; 161 c->lsave_cnt = DEFAULT_LSAVE_CNT; 162 c->max_leb_cnt = c->leb_cnt; 163 err = ubifs_create_dflt_lpt(c, &main_lebs, lpt_first, &lpt_lebs, 164 &big_lpt, hash_lpt); 165 if (err) 166 return err; 167 168 dbg_gen("LEB Properties Tree created (LEBs %d-%d)", lpt_first, 169 lpt_first + lpt_lebs - 1); 170 171 main_first = c->leb_cnt - main_lebs; 172 173 sup = kzalloc(ALIGN(UBIFS_SB_NODE_SZ, c->min_io_size), GFP_KERNEL); 174 mst = kzalloc(c->mst_node_alsz, GFP_KERNEL); 175 idx_node_size = ubifs_idx_node_sz(c, 1); 176 idx = kzalloc(ALIGN(tmp, c->min_io_size), GFP_KERNEL); 177 ino = kzalloc(ALIGN(UBIFS_INO_NODE_SZ, c->min_io_size), GFP_KERNEL); 178 cs = kzalloc(ALIGN(UBIFS_CS_NODE_SZ, c->min_io_size), GFP_KERNEL); 179 180 if (!sup || !mst || !idx || !ino || !cs) { 181 err = -ENOMEM; 182 goto out; 183 } 184 185 /* Create default superblock */ 186 187 tmp64 = (long long)max_buds * c->leb_size; 188 if (big_lpt) 189 sup_flags |= UBIFS_FLG_BIGLPT; 190 sup_flags |= UBIFS_FLG_DOUBLE_HASH; 191 192 if (ubifs_authenticated(c)) { 193 sup_flags |= UBIFS_FLG_AUTHENTICATION; 194 sup->hash_algo = cpu_to_le16(c->auth_hash_algo); 195 err = ubifs_hmac_wkm(c, sup->hmac_wkm); 196 if (err) 197 goto out; 198 } else { 199 sup->hash_algo = 0xffff; 200 } 201 202 sup->ch.node_type = UBIFS_SB_NODE; 203 sup->key_hash = UBIFS_KEY_HASH_R5; 204 sup->flags = cpu_to_le32(sup_flags); 205 sup->min_io_size = cpu_to_le32(c->min_io_size); 206 sup->leb_size = cpu_to_le32(c->leb_size); 207 sup->leb_cnt = cpu_to_le32(c->leb_cnt); 208 sup->max_leb_cnt = cpu_to_le32(c->max_leb_cnt); 209 sup->max_bud_bytes = cpu_to_le64(tmp64); 210 sup->log_lebs = cpu_to_le32(log_lebs); 211 sup->lpt_lebs = cpu_to_le32(lpt_lebs); 212 sup->orph_lebs = cpu_to_le32(orph_lebs); 213 sup->jhead_cnt = cpu_to_le32(DEFAULT_JHEADS_CNT); 214 sup->fanout = cpu_to_le32(DEFAULT_FANOUT); 215 sup->lsave_cnt = cpu_to_le32(c->lsave_cnt); 216 sup->fmt_version = cpu_to_le32(UBIFS_FORMAT_VERSION); 217 sup->time_gran = cpu_to_le32(DEFAULT_TIME_GRAN); 218 if (c->mount_opts.override_compr) 219 sup->default_compr = cpu_to_le16(c->mount_opts.compr_type); 220 else 221 sup->default_compr = cpu_to_le16(get_default_compressor(c)); 222 223 generate_random_uuid(sup->uuid); 224 225 main_bytes = (long long)main_lebs * c->leb_size; 226 tmp64 = div_u64(main_bytes * DEFAULT_RP_PERCENT, 100); 227 if (tmp64 > DEFAULT_MAX_RP_SIZE) 228 tmp64 = DEFAULT_MAX_RP_SIZE; 229 sup->rp_size = cpu_to_le64(tmp64); 230 sup->ro_compat_version = cpu_to_le32(UBIFS_RO_COMPAT_VERSION); 231 232 dbg_gen("default superblock created at LEB 0:0"); 233 234 /* Create default master node */ 235 236 mst->ch.node_type = UBIFS_MST_NODE; 237 mst->log_lnum = cpu_to_le32(UBIFS_LOG_LNUM); 238 mst->highest_inum = cpu_to_le64(UBIFS_FIRST_INO); 239 mst->cmt_no = 0; 240 mst->root_lnum = cpu_to_le32(main_first + DEFAULT_IDX_LEB); 241 mst->root_offs = 0; 242 tmp = ubifs_idx_node_sz(c, 1); 243 mst->root_len = cpu_to_le32(tmp); 244 mst->gc_lnum = cpu_to_le32(main_first + DEFAULT_GC_LEB); 245 mst->ihead_lnum = cpu_to_le32(main_first + DEFAULT_IDX_LEB); 246 mst->ihead_offs = cpu_to_le32(ALIGN(tmp, c->min_io_size)); 247 mst->index_size = cpu_to_le64(ALIGN(tmp, 8)); 248 mst->lpt_lnum = cpu_to_le32(c->lpt_lnum); 249 mst->lpt_offs = cpu_to_le32(c->lpt_offs); 250 mst->nhead_lnum = cpu_to_le32(c->nhead_lnum); 251 mst->nhead_offs = cpu_to_le32(c->nhead_offs); 252 mst->ltab_lnum = cpu_to_le32(c->ltab_lnum); 253 mst->ltab_offs = cpu_to_le32(c->ltab_offs); 254 mst->lsave_lnum = cpu_to_le32(c->lsave_lnum); 255 mst->lsave_offs = cpu_to_le32(c->lsave_offs); 256 mst->lscan_lnum = cpu_to_le32(main_first); 257 mst->empty_lebs = cpu_to_le32(main_lebs - 2); 258 mst->idx_lebs = cpu_to_le32(1); 259 mst->leb_cnt = cpu_to_le32(c->leb_cnt); 260 ubifs_copy_hash(c, hash_lpt, mst->hash_lpt); 261 262 /* Calculate lprops statistics */ 263 tmp64 = main_bytes; 264 tmp64 -= ALIGN(ubifs_idx_node_sz(c, 1), c->min_io_size); 265 tmp64 -= ALIGN(UBIFS_INO_NODE_SZ, c->min_io_size); 266 mst->total_free = cpu_to_le64(tmp64); 267 268 tmp64 = ALIGN(ubifs_idx_node_sz(c, 1), c->min_io_size); 269 ino_waste = ALIGN(UBIFS_INO_NODE_SZ, c->min_io_size) - 270 UBIFS_INO_NODE_SZ; 271 tmp64 += ino_waste; 272 tmp64 -= ALIGN(ubifs_idx_node_sz(c, 1), 8); 273 mst->total_dirty = cpu_to_le64(tmp64); 274 275 /* The indexing LEB does not contribute to dark space */ 276 tmp64 = ((long long)(c->main_lebs - 1) * c->dark_wm); 277 mst->total_dark = cpu_to_le64(tmp64); 278 279 mst->total_used = cpu_to_le64(UBIFS_INO_NODE_SZ); 280 281 dbg_gen("default master node created at LEB %d:0", UBIFS_MST_LNUM); 282 283 /* Create the root indexing node */ 284 285 c->key_fmt = UBIFS_SIMPLE_KEY_FMT; 286 c->key_hash = key_r5_hash; 287 288 idx->ch.node_type = UBIFS_IDX_NODE; 289 idx->child_cnt = cpu_to_le16(1); 290 ino_key_init(c, &key, UBIFS_ROOT_INO); 291 br = ubifs_idx_branch(c, idx, 0); 292 key_write_idx(c, &key, &br->key); 293 br->lnum = cpu_to_le32(main_first + DEFAULT_DATA_LEB); 294 br->len = cpu_to_le32(UBIFS_INO_NODE_SZ); 295 296 dbg_gen("default root indexing node created LEB %d:0", 297 main_first + DEFAULT_IDX_LEB); 298 299 /* Create default root inode */ 300 301 ino_key_init_flash(c, &ino->key, UBIFS_ROOT_INO); 302 ino->ch.node_type = UBIFS_INO_NODE; 303 ino->creat_sqnum = cpu_to_le64(++c->max_sqnum); 304 ino->nlink = cpu_to_le32(2); 305 306 ktime_get_real_ts64(&ts); 307 ts = timespec64_trunc(ts, DEFAULT_TIME_GRAN); 308 tmp_le64 = cpu_to_le64(ts.tv_sec); 309 ino->atime_sec = tmp_le64; 310 ino->ctime_sec = tmp_le64; 311 ino->mtime_sec = tmp_le64; 312 tmp_le32 = cpu_to_le32(ts.tv_nsec); 313 ino->atime_nsec = tmp_le32; 314 ino->ctime_nsec = tmp_le32; 315 ino->mtime_nsec = tmp_le32; 316 ino->mode = cpu_to_le32(S_IFDIR | S_IRUGO | S_IWUSR | S_IXUGO); 317 ino->size = cpu_to_le64(UBIFS_INO_NODE_SZ); 318 319 /* Set compression enabled by default */ 320 ino->flags = cpu_to_le32(UBIFS_COMPR_FL); 321 322 dbg_gen("root inode created at LEB %d:0", 323 main_first + DEFAULT_DATA_LEB); 324 325 /* 326 * The first node in the log has to be the commit start node. This is 327 * always the case during normal file-system operation. Write a fake 328 * commit start node to the log. 329 */ 330 331 cs->ch.node_type = UBIFS_CS_NODE; 332 333 err = ubifs_write_node_hmac(c, sup, UBIFS_SB_NODE_SZ, 0, 0, 334 offsetof(struct ubifs_sb_node, hmac)); 335 if (err) 336 goto out; 337 338 err = ubifs_write_node(c, ino, UBIFS_INO_NODE_SZ, 339 main_first + DEFAULT_DATA_LEB, 0); 340 if (err) 341 goto out; 342 343 ubifs_node_calc_hash(c, ino, hash); 344 ubifs_copy_hash(c, hash, ubifs_branch_hash(c, br)); 345 346 err = ubifs_write_node(c, idx, idx_node_size, main_first + DEFAULT_IDX_LEB, 0); 347 if (err) 348 goto out; 349 350 ubifs_node_calc_hash(c, idx, hash); 351 ubifs_copy_hash(c, hash, mst->hash_root_idx); 352 353 err = ubifs_write_node_hmac(c, mst, UBIFS_MST_NODE_SZ, UBIFS_MST_LNUM, 0, 354 offsetof(struct ubifs_mst_node, hmac)); 355 if (err) 356 goto out; 357 358 err = ubifs_write_node_hmac(c, mst, UBIFS_MST_NODE_SZ, UBIFS_MST_LNUM + 1, 359 0, offsetof(struct ubifs_mst_node, hmac)); 360 if (err) 361 goto out; 362 363 err = ubifs_write_node(c, cs, UBIFS_CS_NODE_SZ, UBIFS_LOG_LNUM, 0); 364 if (err) 365 goto out; 366 367 ubifs_msg(c, "default file-system created"); 368 369 err = 0; 370 out: 371 kfree(sup); 372 kfree(mst); 373 kfree(idx); 374 kfree(ino); 375 kfree(cs); 376 377 return err; 378 } 379 380 /** 381 * validate_sb - validate superblock node. 382 * @c: UBIFS file-system description object 383 * @sup: superblock node 384 * 385 * This function validates superblock node @sup. Since most of data was read 386 * from the superblock and stored in @c, the function validates fields in @c 387 * instead. Returns zero in case of success and %-EINVAL in case of validation 388 * failure. 389 */ 390 static int validate_sb(struct ubifs_info *c, struct ubifs_sb_node *sup) 391 { 392 long long max_bytes; 393 int err = 1, min_leb_cnt; 394 395 if (!c->key_hash) { 396 err = 2; 397 goto failed; 398 } 399 400 if (sup->key_fmt != UBIFS_SIMPLE_KEY_FMT) { 401 err = 3; 402 goto failed; 403 } 404 405 if (le32_to_cpu(sup->min_io_size) != c->min_io_size) { 406 ubifs_err(c, "min. I/O unit mismatch: %d in superblock, %d real", 407 le32_to_cpu(sup->min_io_size), c->min_io_size); 408 goto failed; 409 } 410 411 if (le32_to_cpu(sup->leb_size) != c->leb_size) { 412 ubifs_err(c, "LEB size mismatch: %d in superblock, %d real", 413 le32_to_cpu(sup->leb_size), c->leb_size); 414 goto failed; 415 } 416 417 if (c->log_lebs < UBIFS_MIN_LOG_LEBS || 418 c->lpt_lebs < UBIFS_MIN_LPT_LEBS || 419 c->orph_lebs < UBIFS_MIN_ORPH_LEBS || 420 c->main_lebs < UBIFS_MIN_MAIN_LEBS) { 421 err = 4; 422 goto failed; 423 } 424 425 /* 426 * Calculate minimum allowed amount of main area LEBs. This is very 427 * similar to %UBIFS_MIN_LEB_CNT, but we take into account real what we 428 * have just read from the superblock. 429 */ 430 min_leb_cnt = UBIFS_SB_LEBS + UBIFS_MST_LEBS + c->log_lebs; 431 min_leb_cnt += c->lpt_lebs + c->orph_lebs + c->jhead_cnt + 6; 432 433 if (c->leb_cnt < min_leb_cnt || c->leb_cnt > c->vi.size) { 434 ubifs_err(c, "bad LEB count: %d in superblock, %d on UBI volume, %d minimum required", 435 c->leb_cnt, c->vi.size, min_leb_cnt); 436 goto failed; 437 } 438 439 if (c->max_leb_cnt < c->leb_cnt) { 440 ubifs_err(c, "max. LEB count %d less than LEB count %d", 441 c->max_leb_cnt, c->leb_cnt); 442 goto failed; 443 } 444 445 if (c->main_lebs < UBIFS_MIN_MAIN_LEBS) { 446 ubifs_err(c, "too few main LEBs count %d, must be at least %d", 447 c->main_lebs, UBIFS_MIN_MAIN_LEBS); 448 goto failed; 449 } 450 451 max_bytes = (long long)c->leb_size * UBIFS_MIN_BUD_LEBS; 452 if (c->max_bud_bytes < max_bytes) { 453 ubifs_err(c, "too small journal (%lld bytes), must be at least %lld bytes", 454 c->max_bud_bytes, max_bytes); 455 goto failed; 456 } 457 458 max_bytes = (long long)c->leb_size * c->main_lebs; 459 if (c->max_bud_bytes > max_bytes) { 460 ubifs_err(c, "too large journal size (%lld bytes), only %lld bytes available in the main area", 461 c->max_bud_bytes, max_bytes); 462 goto failed; 463 } 464 465 if (c->jhead_cnt < NONDATA_JHEADS_CNT + 1 || 466 c->jhead_cnt > NONDATA_JHEADS_CNT + UBIFS_MAX_JHEADS) { 467 err = 9; 468 goto failed; 469 } 470 471 if (c->fanout < UBIFS_MIN_FANOUT || 472 ubifs_idx_node_sz(c, c->fanout) > c->leb_size) { 473 err = 10; 474 goto failed; 475 } 476 477 if (c->lsave_cnt < 0 || (c->lsave_cnt > DEFAULT_LSAVE_CNT && 478 c->lsave_cnt > c->max_leb_cnt - UBIFS_SB_LEBS - UBIFS_MST_LEBS - 479 c->log_lebs - c->lpt_lebs - c->orph_lebs)) { 480 err = 11; 481 goto failed; 482 } 483 484 if (UBIFS_SB_LEBS + UBIFS_MST_LEBS + c->log_lebs + c->lpt_lebs + 485 c->orph_lebs + c->main_lebs != c->leb_cnt) { 486 err = 12; 487 goto failed; 488 } 489 490 if (c->default_compr >= UBIFS_COMPR_TYPES_CNT) { 491 err = 13; 492 goto failed; 493 } 494 495 if (c->rp_size < 0 || max_bytes < c->rp_size) { 496 err = 14; 497 goto failed; 498 } 499 500 if (le32_to_cpu(sup->time_gran) > 1000000000 || 501 le32_to_cpu(sup->time_gran) < 1) { 502 err = 15; 503 goto failed; 504 } 505 506 if (!c->double_hash && c->fmt_version >= 5) { 507 err = 16; 508 goto failed; 509 } 510 511 if (c->encrypted && c->fmt_version < 5) { 512 err = 17; 513 goto failed; 514 } 515 516 return 0; 517 518 failed: 519 ubifs_err(c, "bad superblock, error %d", err); 520 ubifs_dump_node(c, sup); 521 return -EINVAL; 522 } 523 524 /** 525 * ubifs_read_sb_node - read superblock node. 526 * @c: UBIFS file-system description object 527 * 528 * This function returns a pointer to the superblock node or a negative error 529 * code. Note, the user of this function is responsible of kfree()'ing the 530 * returned superblock buffer. 531 */ 532 static struct ubifs_sb_node *ubifs_read_sb_node(struct ubifs_info *c) 533 { 534 struct ubifs_sb_node *sup; 535 int err; 536 537 sup = kmalloc(ALIGN(UBIFS_SB_NODE_SZ, c->min_io_size), GFP_NOFS); 538 if (!sup) 539 return ERR_PTR(-ENOMEM); 540 541 err = ubifs_read_node(c, sup, UBIFS_SB_NODE, UBIFS_SB_NODE_SZ, 542 UBIFS_SB_LNUM, 0); 543 if (err) { 544 kfree(sup); 545 return ERR_PTR(err); 546 } 547 548 return sup; 549 } 550 551 static int authenticate_sb_node(struct ubifs_info *c, 552 const struct ubifs_sb_node *sup) 553 { 554 unsigned int sup_flags = le32_to_cpu(sup->flags); 555 u8 hmac_wkm[UBIFS_HMAC_ARR_SZ]; 556 int authenticated = !!(sup_flags & UBIFS_FLG_AUTHENTICATION); 557 int hash_algo; 558 int err; 559 560 if (c->authenticated && !authenticated) { 561 ubifs_err(c, "authenticated FS forced, but found FS without authentication"); 562 return -EINVAL; 563 } 564 565 if (!c->authenticated && authenticated) { 566 ubifs_err(c, "authenticated FS found, but no key given"); 567 return -EINVAL; 568 } 569 570 ubifs_msg(c, "Mounting in %sauthenticated mode", 571 c->authenticated ? "" : "un"); 572 573 if (!c->authenticated) 574 return 0; 575 576 if (!IS_ENABLED(CONFIG_UBIFS_FS_AUTHENTICATION)) 577 return -EOPNOTSUPP; 578 579 hash_algo = le16_to_cpu(sup->hash_algo); 580 if (hash_algo >= HASH_ALGO__LAST) { 581 ubifs_err(c, "superblock uses unknown hash algo %d", 582 hash_algo); 583 return -EINVAL; 584 } 585 586 if (strcmp(hash_algo_name[hash_algo], c->auth_hash_name)) { 587 ubifs_err(c, "This filesystem uses %s for hashing," 588 " but %s is specified", hash_algo_name[hash_algo], 589 c->auth_hash_name); 590 return -EINVAL; 591 } 592 593 err = ubifs_hmac_wkm(c, hmac_wkm); 594 if (err) 595 return err; 596 597 if (ubifs_check_hmac(c, hmac_wkm, sup->hmac_wkm)) { 598 ubifs_err(c, "provided key does not fit"); 599 return -ENOKEY; 600 } 601 602 err = ubifs_node_verify_hmac(c, sup, sizeof(*sup), 603 offsetof(struct ubifs_sb_node, hmac)); 604 if (err) 605 ubifs_err(c, "Failed to authenticate superblock: %d", err); 606 607 return err; 608 } 609 610 /** 611 * ubifs_write_sb_node - write superblock node. 612 * @c: UBIFS file-system description object 613 * @sup: superblock node read with 'ubifs_read_sb_node()' 614 * 615 * This function returns %0 on success and a negative error code on failure. 616 */ 617 int ubifs_write_sb_node(struct ubifs_info *c, struct ubifs_sb_node *sup) 618 { 619 int len = ALIGN(UBIFS_SB_NODE_SZ, c->min_io_size); 620 int err; 621 622 err = ubifs_prepare_node_hmac(c, sup, UBIFS_SB_NODE_SZ, 623 offsetof(struct ubifs_sb_node, hmac), 1); 624 if (err) 625 return err; 626 627 return ubifs_leb_change(c, UBIFS_SB_LNUM, sup, len); 628 } 629 630 /** 631 * ubifs_read_superblock - read superblock. 632 * @c: UBIFS file-system description object 633 * 634 * This function finds, reads and checks the superblock. If an empty UBI volume 635 * is being mounted, this function creates default superblock. Returns zero in 636 * case of success, and a negative error code in case of failure. 637 */ 638 int ubifs_read_superblock(struct ubifs_info *c) 639 { 640 int err, sup_flags; 641 struct ubifs_sb_node *sup; 642 643 if (c->empty) { 644 err = create_default_filesystem(c); 645 if (err) 646 return err; 647 } 648 649 sup = ubifs_read_sb_node(c); 650 if (IS_ERR(sup)) 651 return PTR_ERR(sup); 652 653 c->sup_node = sup; 654 655 c->fmt_version = le32_to_cpu(sup->fmt_version); 656 c->ro_compat_version = le32_to_cpu(sup->ro_compat_version); 657 658 /* 659 * The software supports all previous versions but not future versions, 660 * due to the unavailability of time-travelling equipment. 661 */ 662 if (c->fmt_version > UBIFS_FORMAT_VERSION) { 663 ubifs_assert(c, !c->ro_media || c->ro_mount); 664 if (!c->ro_mount || 665 c->ro_compat_version > UBIFS_RO_COMPAT_VERSION) { 666 ubifs_err(c, "on-flash format version is w%d/r%d, but software only supports up to version w%d/r%d", 667 c->fmt_version, c->ro_compat_version, 668 UBIFS_FORMAT_VERSION, 669 UBIFS_RO_COMPAT_VERSION); 670 if (c->ro_compat_version <= UBIFS_RO_COMPAT_VERSION) { 671 ubifs_msg(c, "only R/O mounting is possible"); 672 err = -EROFS; 673 } else 674 err = -EINVAL; 675 goto out; 676 } 677 678 /* 679 * The FS is mounted R/O, and the media format is 680 * R/O-compatible with the UBIFS implementation, so we can 681 * mount. 682 */ 683 c->rw_incompat = 1; 684 } 685 686 if (c->fmt_version < 3) { 687 ubifs_err(c, "on-flash format version %d is not supported", 688 c->fmt_version); 689 err = -EINVAL; 690 goto out; 691 } 692 693 switch (sup->key_hash) { 694 case UBIFS_KEY_HASH_R5: 695 c->key_hash = key_r5_hash; 696 c->key_hash_type = UBIFS_KEY_HASH_R5; 697 break; 698 699 case UBIFS_KEY_HASH_TEST: 700 c->key_hash = key_test_hash; 701 c->key_hash_type = UBIFS_KEY_HASH_TEST; 702 break; 703 } 704 705 c->key_fmt = sup->key_fmt; 706 707 switch (c->key_fmt) { 708 case UBIFS_SIMPLE_KEY_FMT: 709 c->key_len = UBIFS_SK_LEN; 710 break; 711 default: 712 ubifs_err(c, "unsupported key format"); 713 err = -EINVAL; 714 goto out; 715 } 716 717 c->leb_cnt = le32_to_cpu(sup->leb_cnt); 718 c->max_leb_cnt = le32_to_cpu(sup->max_leb_cnt); 719 c->max_bud_bytes = le64_to_cpu(sup->max_bud_bytes); 720 c->log_lebs = le32_to_cpu(sup->log_lebs); 721 c->lpt_lebs = le32_to_cpu(sup->lpt_lebs); 722 c->orph_lebs = le32_to_cpu(sup->orph_lebs); 723 c->jhead_cnt = le32_to_cpu(sup->jhead_cnt) + NONDATA_JHEADS_CNT; 724 c->fanout = le32_to_cpu(sup->fanout); 725 c->lsave_cnt = le32_to_cpu(sup->lsave_cnt); 726 c->rp_size = le64_to_cpu(sup->rp_size); 727 c->rp_uid = make_kuid(&init_user_ns, le32_to_cpu(sup->rp_uid)); 728 c->rp_gid = make_kgid(&init_user_ns, le32_to_cpu(sup->rp_gid)); 729 sup_flags = le32_to_cpu(sup->flags); 730 if (!c->mount_opts.override_compr) 731 c->default_compr = le16_to_cpu(sup->default_compr); 732 733 c->vfs_sb->s_time_gran = le32_to_cpu(sup->time_gran); 734 memcpy(&c->uuid, &sup->uuid, 16); 735 c->big_lpt = !!(sup_flags & UBIFS_FLG_BIGLPT); 736 c->space_fixup = !!(sup_flags & UBIFS_FLG_SPACE_FIXUP); 737 c->double_hash = !!(sup_flags & UBIFS_FLG_DOUBLE_HASH); 738 c->encrypted = !!(sup_flags & UBIFS_FLG_ENCRYPTION); 739 740 err = authenticate_sb_node(c, sup); 741 if (err) 742 goto out; 743 744 if ((sup_flags & ~UBIFS_FLG_MASK) != 0) { 745 ubifs_err(c, "Unknown feature flags found: %#x", 746 sup_flags & ~UBIFS_FLG_MASK); 747 err = -EINVAL; 748 goto out; 749 } 750 751 if (!IS_ENABLED(CONFIG_FS_ENCRYPTION) && c->encrypted) { 752 ubifs_err(c, "file system contains encrypted files but UBIFS" 753 " was built without crypto support."); 754 err = -EINVAL; 755 goto out; 756 } 757 758 /* Automatically increase file system size to the maximum size */ 759 c->old_leb_cnt = c->leb_cnt; 760 if (c->leb_cnt < c->vi.size && c->leb_cnt < c->max_leb_cnt) { 761 c->leb_cnt = min_t(int, c->max_leb_cnt, c->vi.size); 762 if (c->ro_mount) 763 dbg_mnt("Auto resizing (ro) from %d LEBs to %d LEBs", 764 c->old_leb_cnt, c->leb_cnt); 765 else { 766 dbg_mnt("Auto resizing (sb) from %d LEBs to %d LEBs", 767 c->old_leb_cnt, c->leb_cnt); 768 sup->leb_cnt = cpu_to_le32(c->leb_cnt); 769 err = ubifs_write_sb_node(c, sup); 770 if (err) 771 goto out; 772 c->old_leb_cnt = c->leb_cnt; 773 } 774 } 775 776 c->log_bytes = (long long)c->log_lebs * c->leb_size; 777 c->log_last = UBIFS_LOG_LNUM + c->log_lebs - 1; 778 c->lpt_first = UBIFS_LOG_LNUM + c->log_lebs; 779 c->lpt_last = c->lpt_first + c->lpt_lebs - 1; 780 c->orph_first = c->lpt_last + 1; 781 c->orph_last = c->orph_first + c->orph_lebs - 1; 782 c->main_lebs = c->leb_cnt - UBIFS_SB_LEBS - UBIFS_MST_LEBS; 783 c->main_lebs -= c->log_lebs + c->lpt_lebs + c->orph_lebs; 784 c->main_first = c->leb_cnt - c->main_lebs; 785 786 err = validate_sb(c, sup); 787 out: 788 return err; 789 } 790 791 /** 792 * fixup_leb - fixup/unmap an LEB containing free space. 793 * @c: UBIFS file-system description object 794 * @lnum: the LEB number to fix up 795 * @len: number of used bytes in LEB (starting at offset 0) 796 * 797 * This function reads the contents of the given LEB number @lnum, then fixes 798 * it up, so that empty min. I/O units in the end of LEB are actually erased on 799 * flash (rather than being just all-0xff real data). If the LEB is completely 800 * empty, it is simply unmapped. 801 */ 802 static int fixup_leb(struct ubifs_info *c, int lnum, int len) 803 { 804 int err; 805 806 ubifs_assert(c, len >= 0); 807 ubifs_assert(c, len % c->min_io_size == 0); 808 ubifs_assert(c, len < c->leb_size); 809 810 if (len == 0) { 811 dbg_mnt("unmap empty LEB %d", lnum); 812 return ubifs_leb_unmap(c, lnum); 813 } 814 815 dbg_mnt("fixup LEB %d, data len %d", lnum, len); 816 err = ubifs_leb_read(c, lnum, c->sbuf, 0, len, 1); 817 if (err) 818 return err; 819 820 return ubifs_leb_change(c, lnum, c->sbuf, len); 821 } 822 823 /** 824 * fixup_free_space - find & remap all LEBs containing free space. 825 * @c: UBIFS file-system description object 826 * 827 * This function walks through all LEBs in the filesystem and fiexes up those 828 * containing free/empty space. 829 */ 830 static int fixup_free_space(struct ubifs_info *c) 831 { 832 int lnum, err = 0; 833 struct ubifs_lprops *lprops; 834 835 ubifs_get_lprops(c); 836 837 /* Fixup LEBs in the master area */ 838 for (lnum = UBIFS_MST_LNUM; lnum < UBIFS_LOG_LNUM; lnum++) { 839 err = fixup_leb(c, lnum, c->mst_offs + c->mst_node_alsz); 840 if (err) 841 goto out; 842 } 843 844 /* Unmap unused log LEBs */ 845 lnum = ubifs_next_log_lnum(c, c->lhead_lnum); 846 while (lnum != c->ltail_lnum) { 847 err = fixup_leb(c, lnum, 0); 848 if (err) 849 goto out; 850 lnum = ubifs_next_log_lnum(c, lnum); 851 } 852 853 /* 854 * Fixup the log head which contains the only a CS node at the 855 * beginning. 856 */ 857 err = fixup_leb(c, c->lhead_lnum, 858 ALIGN(UBIFS_CS_NODE_SZ, c->min_io_size)); 859 if (err) 860 goto out; 861 862 /* Fixup LEBs in the LPT area */ 863 for (lnum = c->lpt_first; lnum <= c->lpt_last; lnum++) { 864 int free = c->ltab[lnum - c->lpt_first].free; 865 866 if (free > 0) { 867 err = fixup_leb(c, lnum, c->leb_size - free); 868 if (err) 869 goto out; 870 } 871 } 872 873 /* Unmap LEBs in the orphans area */ 874 for (lnum = c->orph_first; lnum <= c->orph_last; lnum++) { 875 err = fixup_leb(c, lnum, 0); 876 if (err) 877 goto out; 878 } 879 880 /* Fixup LEBs in the main area */ 881 for (lnum = c->main_first; lnum < c->leb_cnt; lnum++) { 882 lprops = ubifs_lpt_lookup(c, lnum); 883 if (IS_ERR(lprops)) { 884 err = PTR_ERR(lprops); 885 goto out; 886 } 887 888 if (lprops->free > 0) { 889 err = fixup_leb(c, lnum, c->leb_size - lprops->free); 890 if (err) 891 goto out; 892 } 893 } 894 895 out: 896 ubifs_release_lprops(c); 897 return err; 898 } 899 900 /** 901 * ubifs_fixup_free_space - find & fix all LEBs with free space. 902 * @c: UBIFS file-system description object 903 * 904 * This function fixes up LEBs containing free space on first mount, if the 905 * appropriate flag was set when the FS was created. Each LEB with one or more 906 * empty min. I/O unit (i.e. free-space-count > 0) is re-written, to make sure 907 * the free space is actually erased. E.g., this is necessary for some NAND 908 * chips, since the free space may have been programmed like real "0xff" data 909 * (generating a non-0xff ECC), causing future writes to the not-really-erased 910 * NAND pages to behave badly. After the space is fixed up, the superblock flag 911 * is cleared, so that this is skipped for all future mounts. 912 */ 913 int ubifs_fixup_free_space(struct ubifs_info *c) 914 { 915 int err; 916 struct ubifs_sb_node *sup = c->sup_node; 917 918 ubifs_assert(c, c->space_fixup); 919 ubifs_assert(c, !c->ro_mount); 920 921 ubifs_msg(c, "start fixing up free space"); 922 923 err = fixup_free_space(c); 924 if (err) 925 return err; 926 927 /* Free-space fixup is no longer required */ 928 c->space_fixup = 0; 929 sup->flags &= cpu_to_le32(~UBIFS_FLG_SPACE_FIXUP); 930 931 err = ubifs_write_sb_node(c, sup); 932 if (err) 933 return err; 934 935 ubifs_msg(c, "free space fixup complete"); 936 return err; 937 } 938 939 int ubifs_enable_encryption(struct ubifs_info *c) 940 { 941 int err; 942 struct ubifs_sb_node *sup = c->sup_node; 943 944 if (!IS_ENABLED(CONFIG_FS_ENCRYPTION)) 945 return -EOPNOTSUPP; 946 947 if (c->encrypted) 948 return 0; 949 950 if (c->ro_mount || c->ro_media) 951 return -EROFS; 952 953 if (c->fmt_version < 5) { 954 ubifs_err(c, "on-flash format version 5 is needed for encryption"); 955 return -EINVAL; 956 } 957 958 sup->flags |= cpu_to_le32(UBIFS_FLG_ENCRYPTION); 959 960 err = ubifs_write_sb_node(c, sup); 961 if (!err) 962 c->encrypted = 1; 963 964 return err; 965 } 966