xref: /openbmc/linux/fs/xfs/libxfs/xfs_attr_remote.c (revision b802fb99ae964681d1754428f67970911e0476e9)
1 /*
2  * Copyright (c) 2000-2005 Silicon Graphics, Inc.
3  * Copyright (c) 2013 Red Hat, Inc.
4  * All Rights Reserved.
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public License as
8  * published by the Free Software Foundation.
9  *
10  * This program is distributed in the hope that it would be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program; if not, write the Free Software Foundation,
17  * Inc.,  51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
18  */
19 #include "xfs.h"
20 #include "xfs_fs.h"
21 #include "xfs_shared.h"
22 #include "xfs_format.h"
23 #include "xfs_log_format.h"
24 #include "xfs_trans_resv.h"
25 #include "xfs_bit.h"
26 #include "xfs_mount.h"
27 #include "xfs_da_format.h"
28 #include "xfs_da_btree.h"
29 #include "xfs_inode.h"
30 #include "xfs_alloc.h"
31 #include "xfs_trans.h"
32 #include "xfs_inode_item.h"
33 #include "xfs_bmap.h"
34 #include "xfs_bmap_util.h"
35 #include "xfs_attr.h"
36 #include "xfs_attr_leaf.h"
37 #include "xfs_attr_remote.h"
38 #include "xfs_trans_space.h"
39 #include "xfs_trace.h"
40 #include "xfs_cksum.h"
41 #include "xfs_buf_item.h"
42 #include "xfs_error.h"
43 
44 #define ATTR_RMTVALUE_MAPSIZE	1	/* # of map entries at once */
45 
46 /*
47  * Each contiguous block has a header, so it is not just a simple attribute
48  * length to FSB conversion.
49  */
50 int
51 xfs_attr3_rmt_blocks(
52 	struct xfs_mount *mp,
53 	int		attrlen)
54 {
55 	if (xfs_sb_version_hascrc(&mp->m_sb)) {
56 		int buflen = XFS_ATTR3_RMT_BUF_SPACE(mp, mp->m_sb.sb_blocksize);
57 		return (attrlen + buflen - 1) / buflen;
58 	}
59 	return XFS_B_TO_FSB(mp, attrlen);
60 }
61 
62 /*
63  * Checking of the remote attribute header is split into two parts. The verifier
64  * does CRC, location and bounds checking, the unpacking function checks the
65  * attribute parameters and owner.
66  */
67 static bool
68 xfs_attr3_rmt_hdr_ok(
69 	void			*ptr,
70 	xfs_ino_t		ino,
71 	uint32_t		offset,
72 	uint32_t		size,
73 	xfs_daddr_t		bno)
74 {
75 	struct xfs_attr3_rmt_hdr *rmt = ptr;
76 
77 	if (bno != be64_to_cpu(rmt->rm_blkno))
78 		return false;
79 	if (offset != be32_to_cpu(rmt->rm_offset))
80 		return false;
81 	if (size != be32_to_cpu(rmt->rm_bytes))
82 		return false;
83 	if (ino != be64_to_cpu(rmt->rm_owner))
84 		return false;
85 
86 	/* ok */
87 	return true;
88 }
89 
90 static bool
91 xfs_attr3_rmt_verify(
92 	struct xfs_mount	*mp,
93 	void			*ptr,
94 	int			fsbsize,
95 	xfs_daddr_t		bno)
96 {
97 	struct xfs_attr3_rmt_hdr *rmt = ptr;
98 
99 	if (!xfs_sb_version_hascrc(&mp->m_sb))
100 		return false;
101 	if (rmt->rm_magic != cpu_to_be32(XFS_ATTR3_RMT_MAGIC))
102 		return false;
103 	if (!uuid_equal(&rmt->rm_uuid, &mp->m_sb.sb_meta_uuid))
104 		return false;
105 	if (be64_to_cpu(rmt->rm_blkno) != bno)
106 		return false;
107 	if (be32_to_cpu(rmt->rm_bytes) > fsbsize - sizeof(*rmt))
108 		return false;
109 	if (be32_to_cpu(rmt->rm_offset) +
110 				be32_to_cpu(rmt->rm_bytes) > XFS_XATTR_SIZE_MAX)
111 		return false;
112 	if (rmt->rm_owner == 0)
113 		return false;
114 
115 	return true;
116 }
117 
118 static void
119 xfs_attr3_rmt_read_verify(
120 	struct xfs_buf	*bp)
121 {
122 	struct xfs_mount *mp = bp->b_target->bt_mount;
123 	char		*ptr;
124 	int		len;
125 	xfs_daddr_t	bno;
126 	int		blksize = mp->m_attr_geo->blksize;
127 
128 	/* no verification of non-crc buffers */
129 	if (!xfs_sb_version_hascrc(&mp->m_sb))
130 		return;
131 
132 	ptr = bp->b_addr;
133 	bno = bp->b_bn;
134 	len = BBTOB(bp->b_length);
135 	ASSERT(len >= blksize);
136 
137 	while (len > 0) {
138 		if (!xfs_verify_cksum(ptr, blksize, XFS_ATTR3_RMT_CRC_OFF)) {
139 			xfs_buf_ioerror(bp, -EFSBADCRC);
140 			break;
141 		}
142 		if (!xfs_attr3_rmt_verify(mp, ptr, blksize, bno)) {
143 			xfs_buf_ioerror(bp, -EFSCORRUPTED);
144 			break;
145 		}
146 		len -= blksize;
147 		ptr += blksize;
148 		bno += BTOBB(blksize);
149 	}
150 
151 	if (bp->b_error)
152 		xfs_verifier_error(bp);
153 	else
154 		ASSERT(len == 0);
155 }
156 
157 static void
158 xfs_attr3_rmt_write_verify(
159 	struct xfs_buf	*bp)
160 {
161 	struct xfs_mount *mp = bp->b_target->bt_mount;
162 	int		blksize = mp->m_attr_geo->blksize;
163 	char		*ptr;
164 	int		len;
165 	xfs_daddr_t	bno;
166 
167 	/* no verification of non-crc buffers */
168 	if (!xfs_sb_version_hascrc(&mp->m_sb))
169 		return;
170 
171 	ptr = bp->b_addr;
172 	bno = bp->b_bn;
173 	len = BBTOB(bp->b_length);
174 	ASSERT(len >= blksize);
175 
176 	while (len > 0) {
177 		struct xfs_attr3_rmt_hdr *rmt = (struct xfs_attr3_rmt_hdr *)ptr;
178 
179 		if (!xfs_attr3_rmt_verify(mp, ptr, blksize, bno)) {
180 			xfs_buf_ioerror(bp, -EFSCORRUPTED);
181 			xfs_verifier_error(bp);
182 			return;
183 		}
184 
185 		/*
186 		 * Ensure we aren't writing bogus LSNs to disk. See
187 		 * xfs_attr3_rmt_hdr_set() for the explanation.
188 		 */
189 		if (rmt->rm_lsn != cpu_to_be64(NULLCOMMITLSN)) {
190 			xfs_buf_ioerror(bp, -EFSCORRUPTED);
191 			xfs_verifier_error(bp);
192 			return;
193 		}
194 		xfs_update_cksum(ptr, blksize, XFS_ATTR3_RMT_CRC_OFF);
195 
196 		len -= blksize;
197 		ptr += blksize;
198 		bno += BTOBB(blksize);
199 	}
200 	ASSERT(len == 0);
201 }
202 
203 const struct xfs_buf_ops xfs_attr3_rmt_buf_ops = {
204 	.name = "xfs_attr3_rmt",
205 	.verify_read = xfs_attr3_rmt_read_verify,
206 	.verify_write = xfs_attr3_rmt_write_verify,
207 };
208 
209 STATIC int
210 xfs_attr3_rmt_hdr_set(
211 	struct xfs_mount	*mp,
212 	void			*ptr,
213 	xfs_ino_t		ino,
214 	uint32_t		offset,
215 	uint32_t		size,
216 	xfs_daddr_t		bno)
217 {
218 	struct xfs_attr3_rmt_hdr *rmt = ptr;
219 
220 	if (!xfs_sb_version_hascrc(&mp->m_sb))
221 		return 0;
222 
223 	rmt->rm_magic = cpu_to_be32(XFS_ATTR3_RMT_MAGIC);
224 	rmt->rm_offset = cpu_to_be32(offset);
225 	rmt->rm_bytes = cpu_to_be32(size);
226 	uuid_copy(&rmt->rm_uuid, &mp->m_sb.sb_meta_uuid);
227 	rmt->rm_owner = cpu_to_be64(ino);
228 	rmt->rm_blkno = cpu_to_be64(bno);
229 
230 	/*
231 	 * Remote attribute blocks are written synchronously, so we don't
232 	 * have an LSN that we can stamp in them that makes any sense to log
233 	 * recovery. To ensure that log recovery handles overwrites of these
234 	 * blocks sanely (i.e. once they've been freed and reallocated as some
235 	 * other type of metadata) we need to ensure that the LSN has a value
236 	 * that tells log recovery to ignore the LSN and overwrite the buffer
237 	 * with whatever is in it's log. To do this, we use the magic
238 	 * NULLCOMMITLSN to indicate that the LSN is invalid.
239 	 */
240 	rmt->rm_lsn = cpu_to_be64(NULLCOMMITLSN);
241 
242 	return sizeof(struct xfs_attr3_rmt_hdr);
243 }
244 
245 /*
246  * Helper functions to copy attribute data in and out of the one disk extents
247  */
248 STATIC int
249 xfs_attr_rmtval_copyout(
250 	struct xfs_mount *mp,
251 	struct xfs_buf	*bp,
252 	xfs_ino_t	ino,
253 	int		*offset,
254 	int		*valuelen,
255 	__uint8_t	**dst)
256 {
257 	char		*src = bp->b_addr;
258 	xfs_daddr_t	bno = bp->b_bn;
259 	int		len = BBTOB(bp->b_length);
260 	int		blksize = mp->m_attr_geo->blksize;
261 
262 	ASSERT(len >= blksize);
263 
264 	while (len > 0 && *valuelen > 0) {
265 		int hdr_size = 0;
266 		int byte_cnt = XFS_ATTR3_RMT_BUF_SPACE(mp, blksize);
267 
268 		byte_cnt = min(*valuelen, byte_cnt);
269 
270 		if (xfs_sb_version_hascrc(&mp->m_sb)) {
271 			if (!xfs_attr3_rmt_hdr_ok(src, ino, *offset,
272 						  byte_cnt, bno)) {
273 				xfs_alert(mp,
274 "remote attribute header mismatch bno/off/len/owner (0x%llx/0x%x/Ox%x/0x%llx)",
275 					bno, *offset, byte_cnt, ino);
276 				return -EFSCORRUPTED;
277 			}
278 			hdr_size = sizeof(struct xfs_attr3_rmt_hdr);
279 		}
280 
281 		memcpy(*dst, src + hdr_size, byte_cnt);
282 
283 		/* roll buffer forwards */
284 		len -= blksize;
285 		src += blksize;
286 		bno += BTOBB(blksize);
287 
288 		/* roll attribute data forwards */
289 		*valuelen -= byte_cnt;
290 		*dst += byte_cnt;
291 		*offset += byte_cnt;
292 	}
293 	return 0;
294 }
295 
296 STATIC void
297 xfs_attr_rmtval_copyin(
298 	struct xfs_mount *mp,
299 	struct xfs_buf	*bp,
300 	xfs_ino_t	ino,
301 	int		*offset,
302 	int		*valuelen,
303 	__uint8_t	**src)
304 {
305 	char		*dst = bp->b_addr;
306 	xfs_daddr_t	bno = bp->b_bn;
307 	int		len = BBTOB(bp->b_length);
308 	int		blksize = mp->m_attr_geo->blksize;
309 
310 	ASSERT(len >= blksize);
311 
312 	while (len > 0 && *valuelen > 0) {
313 		int hdr_size;
314 		int byte_cnt = XFS_ATTR3_RMT_BUF_SPACE(mp, blksize);
315 
316 		byte_cnt = min(*valuelen, byte_cnt);
317 		hdr_size = xfs_attr3_rmt_hdr_set(mp, dst, ino, *offset,
318 						 byte_cnt, bno);
319 
320 		memcpy(dst + hdr_size, *src, byte_cnt);
321 
322 		/*
323 		 * If this is the last block, zero the remainder of it.
324 		 * Check that we are actually the last block, too.
325 		 */
326 		if (byte_cnt + hdr_size < blksize) {
327 			ASSERT(*valuelen - byte_cnt == 0);
328 			ASSERT(len == blksize);
329 			memset(dst + hdr_size + byte_cnt, 0,
330 					blksize - hdr_size - byte_cnt);
331 		}
332 
333 		/* roll buffer forwards */
334 		len -= blksize;
335 		dst += blksize;
336 		bno += BTOBB(blksize);
337 
338 		/* roll attribute data forwards */
339 		*valuelen -= byte_cnt;
340 		*src += byte_cnt;
341 		*offset += byte_cnt;
342 	}
343 }
344 
345 /*
346  * Read the value associated with an attribute from the out-of-line buffer
347  * that we stored it in.
348  */
349 int
350 xfs_attr_rmtval_get(
351 	struct xfs_da_args	*args)
352 {
353 	struct xfs_bmbt_irec	map[ATTR_RMTVALUE_MAPSIZE];
354 	struct xfs_mount	*mp = args->dp->i_mount;
355 	struct xfs_buf		*bp;
356 	xfs_dablk_t		lblkno = args->rmtblkno;
357 	__uint8_t		*dst = args->value;
358 	int			valuelen;
359 	int			nmap;
360 	int			error;
361 	int			blkcnt = args->rmtblkcnt;
362 	int			i;
363 	int			offset = 0;
364 
365 	trace_xfs_attr_rmtval_get(args);
366 
367 	ASSERT(!(args->flags & ATTR_KERNOVAL));
368 	ASSERT(args->rmtvaluelen == args->valuelen);
369 
370 	valuelen = args->rmtvaluelen;
371 	while (valuelen > 0) {
372 		nmap = ATTR_RMTVALUE_MAPSIZE;
373 		error = xfs_bmapi_read(args->dp, (xfs_fileoff_t)lblkno,
374 				       blkcnt, map, &nmap,
375 				       XFS_BMAPI_ATTRFORK);
376 		if (error)
377 			return error;
378 		ASSERT(nmap >= 1);
379 
380 		for (i = 0; (i < nmap) && (valuelen > 0); i++) {
381 			xfs_daddr_t	dblkno;
382 			int		dblkcnt;
383 
384 			ASSERT((map[i].br_startblock != DELAYSTARTBLOCK) &&
385 			       (map[i].br_startblock != HOLESTARTBLOCK));
386 			dblkno = XFS_FSB_TO_DADDR(mp, map[i].br_startblock);
387 			dblkcnt = XFS_FSB_TO_BB(mp, map[i].br_blockcount);
388 			error = xfs_trans_read_buf(mp, NULL, mp->m_ddev_targp,
389 						   dblkno, dblkcnt, 0, &bp,
390 						   &xfs_attr3_rmt_buf_ops);
391 			if (error)
392 				return error;
393 
394 			error = xfs_attr_rmtval_copyout(mp, bp, args->dp->i_ino,
395 							&offset, &valuelen,
396 							&dst);
397 			xfs_buf_relse(bp);
398 			if (error)
399 				return error;
400 
401 			/* roll attribute extent map forwards */
402 			lblkno += map[i].br_blockcount;
403 			blkcnt -= map[i].br_blockcount;
404 		}
405 	}
406 	ASSERT(valuelen == 0);
407 	return 0;
408 }
409 
410 /*
411  * Write the value associated with an attribute into the out-of-line buffer
412  * that we have defined for it.
413  */
414 int
415 xfs_attr_rmtval_set(
416 	struct xfs_da_args	*args)
417 {
418 	struct xfs_inode	*dp = args->dp;
419 	struct xfs_mount	*mp = dp->i_mount;
420 	struct xfs_bmbt_irec	map;
421 	xfs_dablk_t		lblkno;
422 	xfs_fileoff_t		lfileoff = 0;
423 	__uint8_t		*src = args->value;
424 	int			blkcnt;
425 	int			valuelen;
426 	int			nmap;
427 	int			error;
428 	int			offset = 0;
429 
430 	trace_xfs_attr_rmtval_set(args);
431 
432 	/*
433 	 * Find a "hole" in the attribute address space large enough for
434 	 * us to drop the new attribute's value into. Because CRC enable
435 	 * attributes have headers, we can't just do a straight byte to FSB
436 	 * conversion and have to take the header space into account.
437 	 */
438 	blkcnt = xfs_attr3_rmt_blocks(mp, args->rmtvaluelen);
439 	error = xfs_bmap_first_unused(args->trans, args->dp, blkcnt, &lfileoff,
440 						   XFS_ATTR_FORK);
441 	if (error)
442 		return error;
443 
444 	args->rmtblkno = lblkno = (xfs_dablk_t)lfileoff;
445 	args->rmtblkcnt = blkcnt;
446 
447 	/*
448 	 * Roll through the "value", allocating blocks on disk as required.
449 	 */
450 	while (blkcnt > 0) {
451 		/*
452 		 * Allocate a single extent, up to the size of the value.
453 		 *
454 		 * Note that we have to consider this a data allocation as we
455 		 * write the remote attribute without logging the contents.
456 		 * Hence we must ensure that we aren't using blocks that are on
457 		 * the busy list so that we don't overwrite blocks which have
458 		 * recently been freed but their transactions are not yet
459 		 * committed to disk. If we overwrite the contents of a busy
460 		 * extent and then crash then the block may not contain the
461 		 * correct metadata after log recovery occurs.
462 		 */
463 		xfs_bmap_init(args->flist, args->firstblock);
464 		nmap = 1;
465 		error = xfs_bmapi_write(args->trans, dp, (xfs_fileoff_t)lblkno,
466 				  blkcnt, XFS_BMAPI_ATTRFORK, args->firstblock,
467 				  args->total, &map, &nmap, args->flist);
468 		if (!error)
469 			error = xfs_bmap_finish(&args->trans, args->flist, dp);
470 		if (error) {
471 			args->trans = NULL;
472 			xfs_bmap_cancel(args->flist);
473 			return error;
474 		}
475 
476 		ASSERT(nmap == 1);
477 		ASSERT((map.br_startblock != DELAYSTARTBLOCK) &&
478 		       (map.br_startblock != HOLESTARTBLOCK));
479 		lblkno += map.br_blockcount;
480 		blkcnt -= map.br_blockcount;
481 
482 		/*
483 		 * Start the next trans in the chain.
484 		 */
485 		error = xfs_trans_roll(&args->trans, dp);
486 		if (error)
487 			return error;
488 	}
489 
490 	/*
491 	 * Roll through the "value", copying the attribute value to the
492 	 * already-allocated blocks.  Blocks are written synchronously
493 	 * so that we can know they are all on disk before we turn off
494 	 * the INCOMPLETE flag.
495 	 */
496 	lblkno = args->rmtblkno;
497 	blkcnt = args->rmtblkcnt;
498 	valuelen = args->rmtvaluelen;
499 	while (valuelen > 0) {
500 		struct xfs_buf	*bp;
501 		xfs_daddr_t	dblkno;
502 		int		dblkcnt;
503 
504 		ASSERT(blkcnt > 0);
505 
506 		xfs_bmap_init(args->flist, args->firstblock);
507 		nmap = 1;
508 		error = xfs_bmapi_read(dp, (xfs_fileoff_t)lblkno,
509 				       blkcnt, &map, &nmap,
510 				       XFS_BMAPI_ATTRFORK);
511 		if (error)
512 			return error;
513 		ASSERT(nmap == 1);
514 		ASSERT((map.br_startblock != DELAYSTARTBLOCK) &&
515 		       (map.br_startblock != HOLESTARTBLOCK));
516 
517 		dblkno = XFS_FSB_TO_DADDR(mp, map.br_startblock),
518 		dblkcnt = XFS_FSB_TO_BB(mp, map.br_blockcount);
519 
520 		bp = xfs_buf_get(mp->m_ddev_targp, dblkno, dblkcnt, 0);
521 		if (!bp)
522 			return -ENOMEM;
523 		bp->b_ops = &xfs_attr3_rmt_buf_ops;
524 
525 		xfs_attr_rmtval_copyin(mp, bp, args->dp->i_ino, &offset,
526 				       &valuelen, &src);
527 
528 		error = xfs_bwrite(bp);	/* GROT: NOTE: synchronous write */
529 		xfs_buf_relse(bp);
530 		if (error)
531 			return error;
532 
533 
534 		/* roll attribute extent map forwards */
535 		lblkno += map.br_blockcount;
536 		blkcnt -= map.br_blockcount;
537 	}
538 	ASSERT(valuelen == 0);
539 	return 0;
540 }
541 
542 /*
543  * Remove the value associated with an attribute by deleting the
544  * out-of-line buffer that it is stored on.
545  */
546 int
547 xfs_attr_rmtval_remove(
548 	struct xfs_da_args	*args)
549 {
550 	struct xfs_mount	*mp = args->dp->i_mount;
551 	xfs_dablk_t		lblkno;
552 	int			blkcnt;
553 	int			error;
554 	int			done;
555 
556 	trace_xfs_attr_rmtval_remove(args);
557 
558 	/*
559 	 * Roll through the "value", invalidating the attribute value's blocks.
560 	 */
561 	lblkno = args->rmtblkno;
562 	blkcnt = args->rmtblkcnt;
563 	while (blkcnt > 0) {
564 		struct xfs_bmbt_irec	map;
565 		struct xfs_buf		*bp;
566 		xfs_daddr_t		dblkno;
567 		int			dblkcnt;
568 		int			nmap;
569 
570 		/*
571 		 * Try to remember where we decided to put the value.
572 		 */
573 		nmap = 1;
574 		error = xfs_bmapi_read(args->dp, (xfs_fileoff_t)lblkno,
575 				       blkcnt, &map, &nmap, XFS_BMAPI_ATTRFORK);
576 		if (error)
577 			return error;
578 		ASSERT(nmap == 1);
579 		ASSERT((map.br_startblock != DELAYSTARTBLOCK) &&
580 		       (map.br_startblock != HOLESTARTBLOCK));
581 
582 		dblkno = XFS_FSB_TO_DADDR(mp, map.br_startblock),
583 		dblkcnt = XFS_FSB_TO_BB(mp, map.br_blockcount);
584 
585 		/*
586 		 * If the "remote" value is in the cache, remove it.
587 		 */
588 		bp = xfs_incore(mp->m_ddev_targp, dblkno, dblkcnt, XBF_TRYLOCK);
589 		if (bp) {
590 			xfs_buf_stale(bp);
591 			xfs_buf_relse(bp);
592 			bp = NULL;
593 		}
594 
595 		lblkno += map.br_blockcount;
596 		blkcnt -= map.br_blockcount;
597 	}
598 
599 	/*
600 	 * Keep de-allocating extents until the remote-value region is gone.
601 	 */
602 	lblkno = args->rmtblkno;
603 	blkcnt = args->rmtblkcnt;
604 	done = 0;
605 	while (!done) {
606 		xfs_bmap_init(args->flist, args->firstblock);
607 		error = xfs_bunmapi(args->trans, args->dp, lblkno, blkcnt,
608 				    XFS_BMAPI_ATTRFORK, 1, args->firstblock,
609 				    args->flist, &done);
610 		if (!error)
611 			error = xfs_bmap_finish(&args->trans, args->flist,
612 						args->dp);
613 		if (error) {
614 			args->trans = NULL;
615 			xfs_bmap_cancel(args->flist);
616 			return error;
617 		}
618 
619 		/*
620 		 * Close out trans and start the next one in the chain.
621 		 */
622 		error = xfs_trans_roll(&args->trans, args->dp);
623 		if (error)
624 			return error;
625 	}
626 	return 0;
627 }
628