1 /* 2 * Copyright (c) 2000-2005 Silicon Graphics, Inc. 3 * Copyright (c) 2013 Red Hat, Inc. 4 * All Rights Reserved. 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License as 8 * published by the Free Software Foundation. 9 * 10 * This program is distributed in the hope that it would be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program; if not, write the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 18 */ 19 #include "xfs.h" 20 #include "xfs_fs.h" 21 #include "xfs_shared.h" 22 #include "xfs_format.h" 23 #include "xfs_log_format.h" 24 #include "xfs_trans_resv.h" 25 #include "xfs_bit.h" 26 #include "xfs_mount.h" 27 #include "xfs_defer.h" 28 #include "xfs_da_format.h" 29 #include "xfs_da_btree.h" 30 #include "xfs_inode.h" 31 #include "xfs_alloc.h" 32 #include "xfs_trans.h" 33 #include "xfs_inode_item.h" 34 #include "xfs_bmap.h" 35 #include "xfs_bmap_util.h" 36 #include "xfs_attr.h" 37 #include "xfs_attr_leaf.h" 38 #include "xfs_attr_remote.h" 39 #include "xfs_trans_space.h" 40 #include "xfs_trace.h" 41 #include "xfs_cksum.h" 42 #include "xfs_buf_item.h" 43 #include "xfs_error.h" 44 45 #define ATTR_RMTVALUE_MAPSIZE 1 /* # of map entries at once */ 46 47 /* 48 * Each contiguous block has a header, so it is not just a simple attribute 49 * length to FSB conversion. 50 */ 51 int 52 xfs_attr3_rmt_blocks( 53 struct xfs_mount *mp, 54 int attrlen) 55 { 56 if (xfs_sb_version_hascrc(&mp->m_sb)) { 57 int buflen = XFS_ATTR3_RMT_BUF_SPACE(mp, mp->m_sb.sb_blocksize); 58 return (attrlen + buflen - 1) / buflen; 59 } 60 return XFS_B_TO_FSB(mp, attrlen); 61 } 62 63 /* 64 * Checking of the remote attribute header is split into two parts. The verifier 65 * does CRC, location and bounds checking, the unpacking function checks the 66 * attribute parameters and owner. 67 */ 68 static xfs_failaddr_t 69 xfs_attr3_rmt_hdr_ok( 70 void *ptr, 71 xfs_ino_t ino, 72 uint32_t offset, 73 uint32_t size, 74 xfs_daddr_t bno) 75 { 76 struct xfs_attr3_rmt_hdr *rmt = ptr; 77 78 if (bno != be64_to_cpu(rmt->rm_blkno)) 79 return __this_address; 80 if (offset != be32_to_cpu(rmt->rm_offset)) 81 return __this_address; 82 if (size != be32_to_cpu(rmt->rm_bytes)) 83 return __this_address; 84 if (ino != be64_to_cpu(rmt->rm_owner)) 85 return __this_address; 86 87 /* ok */ 88 return NULL; 89 } 90 91 static xfs_failaddr_t 92 xfs_attr3_rmt_verify( 93 struct xfs_mount *mp, 94 void *ptr, 95 int fsbsize, 96 xfs_daddr_t bno) 97 { 98 struct xfs_attr3_rmt_hdr *rmt = ptr; 99 100 if (!xfs_sb_version_hascrc(&mp->m_sb)) 101 return __this_address; 102 if (rmt->rm_magic != cpu_to_be32(XFS_ATTR3_RMT_MAGIC)) 103 return __this_address; 104 if (!uuid_equal(&rmt->rm_uuid, &mp->m_sb.sb_meta_uuid)) 105 return __this_address; 106 if (be64_to_cpu(rmt->rm_blkno) != bno) 107 return __this_address; 108 if (be32_to_cpu(rmt->rm_bytes) > fsbsize - sizeof(*rmt)) 109 return __this_address; 110 if (be32_to_cpu(rmt->rm_offset) + 111 be32_to_cpu(rmt->rm_bytes) > XFS_XATTR_SIZE_MAX) 112 return __this_address; 113 if (rmt->rm_owner == 0) 114 return __this_address; 115 116 return NULL; 117 } 118 119 static int 120 __xfs_attr3_rmt_read_verify( 121 struct xfs_buf *bp, 122 bool check_crc, 123 xfs_failaddr_t *failaddr) 124 { 125 struct xfs_mount *mp = bp->b_target->bt_mount; 126 char *ptr; 127 int len; 128 xfs_daddr_t bno; 129 int blksize = mp->m_attr_geo->blksize; 130 131 /* no verification of non-crc buffers */ 132 if (!xfs_sb_version_hascrc(&mp->m_sb)) 133 return 0; 134 135 ptr = bp->b_addr; 136 bno = bp->b_bn; 137 len = BBTOB(bp->b_length); 138 ASSERT(len >= blksize); 139 140 while (len > 0) { 141 if (check_crc && 142 !xfs_verify_cksum(ptr, blksize, XFS_ATTR3_RMT_CRC_OFF)) { 143 *failaddr = __this_address; 144 return -EFSBADCRC; 145 } 146 *failaddr = xfs_attr3_rmt_verify(mp, ptr, blksize, bno); 147 if (*failaddr) 148 return -EFSCORRUPTED; 149 len -= blksize; 150 ptr += blksize; 151 bno += BTOBB(blksize); 152 } 153 154 if (len != 0) { 155 *failaddr = __this_address; 156 return -EFSCORRUPTED; 157 } 158 159 return 0; 160 } 161 162 static void 163 xfs_attr3_rmt_read_verify( 164 struct xfs_buf *bp) 165 { 166 xfs_failaddr_t fa; 167 int error; 168 169 error = __xfs_attr3_rmt_read_verify(bp, true, &fa); 170 if (error) 171 xfs_verifier_error(bp, error, fa); 172 } 173 174 static xfs_failaddr_t 175 xfs_attr3_rmt_verify_struct( 176 struct xfs_buf *bp) 177 { 178 xfs_failaddr_t fa; 179 int error; 180 181 error = __xfs_attr3_rmt_read_verify(bp, false, &fa); 182 return error ? fa : NULL; 183 } 184 185 static void 186 xfs_attr3_rmt_write_verify( 187 struct xfs_buf *bp) 188 { 189 struct xfs_mount *mp = bp->b_target->bt_mount; 190 xfs_failaddr_t fa; 191 int blksize = mp->m_attr_geo->blksize; 192 char *ptr; 193 int len; 194 xfs_daddr_t bno; 195 196 /* no verification of non-crc buffers */ 197 if (!xfs_sb_version_hascrc(&mp->m_sb)) 198 return; 199 200 ptr = bp->b_addr; 201 bno = bp->b_bn; 202 len = BBTOB(bp->b_length); 203 ASSERT(len >= blksize); 204 205 while (len > 0) { 206 struct xfs_attr3_rmt_hdr *rmt = (struct xfs_attr3_rmt_hdr *)ptr; 207 208 fa = xfs_attr3_rmt_verify(mp, ptr, blksize, bno); 209 if (fa) { 210 xfs_verifier_error(bp, -EFSCORRUPTED, fa); 211 return; 212 } 213 214 /* 215 * Ensure we aren't writing bogus LSNs to disk. See 216 * xfs_attr3_rmt_hdr_set() for the explanation. 217 */ 218 if (rmt->rm_lsn != cpu_to_be64(NULLCOMMITLSN)) { 219 xfs_verifier_error(bp, -EFSCORRUPTED, __this_address); 220 return; 221 } 222 xfs_update_cksum(ptr, blksize, XFS_ATTR3_RMT_CRC_OFF); 223 224 len -= blksize; 225 ptr += blksize; 226 bno += BTOBB(blksize); 227 } 228 229 if (len != 0) 230 xfs_verifier_error(bp, -EFSCORRUPTED, __this_address); 231 } 232 233 const struct xfs_buf_ops xfs_attr3_rmt_buf_ops = { 234 .name = "xfs_attr3_rmt", 235 .verify_read = xfs_attr3_rmt_read_verify, 236 .verify_write = xfs_attr3_rmt_write_verify, 237 .verify_struct = xfs_attr3_rmt_verify_struct, 238 }; 239 240 STATIC int 241 xfs_attr3_rmt_hdr_set( 242 struct xfs_mount *mp, 243 void *ptr, 244 xfs_ino_t ino, 245 uint32_t offset, 246 uint32_t size, 247 xfs_daddr_t bno) 248 { 249 struct xfs_attr3_rmt_hdr *rmt = ptr; 250 251 if (!xfs_sb_version_hascrc(&mp->m_sb)) 252 return 0; 253 254 rmt->rm_magic = cpu_to_be32(XFS_ATTR3_RMT_MAGIC); 255 rmt->rm_offset = cpu_to_be32(offset); 256 rmt->rm_bytes = cpu_to_be32(size); 257 uuid_copy(&rmt->rm_uuid, &mp->m_sb.sb_meta_uuid); 258 rmt->rm_owner = cpu_to_be64(ino); 259 rmt->rm_blkno = cpu_to_be64(bno); 260 261 /* 262 * Remote attribute blocks are written synchronously, so we don't 263 * have an LSN that we can stamp in them that makes any sense to log 264 * recovery. To ensure that log recovery handles overwrites of these 265 * blocks sanely (i.e. once they've been freed and reallocated as some 266 * other type of metadata) we need to ensure that the LSN has a value 267 * that tells log recovery to ignore the LSN and overwrite the buffer 268 * with whatever is in it's log. To do this, we use the magic 269 * NULLCOMMITLSN to indicate that the LSN is invalid. 270 */ 271 rmt->rm_lsn = cpu_to_be64(NULLCOMMITLSN); 272 273 return sizeof(struct xfs_attr3_rmt_hdr); 274 } 275 276 /* 277 * Helper functions to copy attribute data in and out of the one disk extents 278 */ 279 STATIC int 280 xfs_attr_rmtval_copyout( 281 struct xfs_mount *mp, 282 struct xfs_buf *bp, 283 xfs_ino_t ino, 284 int *offset, 285 int *valuelen, 286 uint8_t **dst) 287 { 288 char *src = bp->b_addr; 289 xfs_daddr_t bno = bp->b_bn; 290 int len = BBTOB(bp->b_length); 291 int blksize = mp->m_attr_geo->blksize; 292 293 ASSERT(len >= blksize); 294 295 while (len > 0 && *valuelen > 0) { 296 int hdr_size = 0; 297 int byte_cnt = XFS_ATTR3_RMT_BUF_SPACE(mp, blksize); 298 299 byte_cnt = min(*valuelen, byte_cnt); 300 301 if (xfs_sb_version_hascrc(&mp->m_sb)) { 302 if (xfs_attr3_rmt_hdr_ok(src, ino, *offset, 303 byte_cnt, bno)) { 304 xfs_alert(mp, 305 "remote attribute header mismatch bno/off/len/owner (0x%llx/0x%x/Ox%x/0x%llx)", 306 bno, *offset, byte_cnt, ino); 307 return -EFSCORRUPTED; 308 } 309 hdr_size = sizeof(struct xfs_attr3_rmt_hdr); 310 } 311 312 memcpy(*dst, src + hdr_size, byte_cnt); 313 314 /* roll buffer forwards */ 315 len -= blksize; 316 src += blksize; 317 bno += BTOBB(blksize); 318 319 /* roll attribute data forwards */ 320 *valuelen -= byte_cnt; 321 *dst += byte_cnt; 322 *offset += byte_cnt; 323 } 324 return 0; 325 } 326 327 STATIC void 328 xfs_attr_rmtval_copyin( 329 struct xfs_mount *mp, 330 struct xfs_buf *bp, 331 xfs_ino_t ino, 332 int *offset, 333 int *valuelen, 334 uint8_t **src) 335 { 336 char *dst = bp->b_addr; 337 xfs_daddr_t bno = bp->b_bn; 338 int len = BBTOB(bp->b_length); 339 int blksize = mp->m_attr_geo->blksize; 340 341 ASSERT(len >= blksize); 342 343 while (len > 0 && *valuelen > 0) { 344 int hdr_size; 345 int byte_cnt = XFS_ATTR3_RMT_BUF_SPACE(mp, blksize); 346 347 byte_cnt = min(*valuelen, byte_cnt); 348 hdr_size = xfs_attr3_rmt_hdr_set(mp, dst, ino, *offset, 349 byte_cnt, bno); 350 351 memcpy(dst + hdr_size, *src, byte_cnt); 352 353 /* 354 * If this is the last block, zero the remainder of it. 355 * Check that we are actually the last block, too. 356 */ 357 if (byte_cnt + hdr_size < blksize) { 358 ASSERT(*valuelen - byte_cnt == 0); 359 ASSERT(len == blksize); 360 memset(dst + hdr_size + byte_cnt, 0, 361 blksize - hdr_size - byte_cnt); 362 } 363 364 /* roll buffer forwards */ 365 len -= blksize; 366 dst += blksize; 367 bno += BTOBB(blksize); 368 369 /* roll attribute data forwards */ 370 *valuelen -= byte_cnt; 371 *src += byte_cnt; 372 *offset += byte_cnt; 373 } 374 } 375 376 /* 377 * Read the value associated with an attribute from the out-of-line buffer 378 * that we stored it in. 379 */ 380 int 381 xfs_attr_rmtval_get( 382 struct xfs_da_args *args) 383 { 384 struct xfs_bmbt_irec map[ATTR_RMTVALUE_MAPSIZE]; 385 struct xfs_mount *mp = args->dp->i_mount; 386 struct xfs_buf *bp; 387 xfs_dablk_t lblkno = args->rmtblkno; 388 uint8_t *dst = args->value; 389 int valuelen; 390 int nmap; 391 int error; 392 int blkcnt = args->rmtblkcnt; 393 int i; 394 int offset = 0; 395 396 trace_xfs_attr_rmtval_get(args); 397 398 ASSERT(!(args->flags & ATTR_KERNOVAL)); 399 ASSERT(args->rmtvaluelen == args->valuelen); 400 401 valuelen = args->rmtvaluelen; 402 while (valuelen > 0) { 403 nmap = ATTR_RMTVALUE_MAPSIZE; 404 error = xfs_bmapi_read(args->dp, (xfs_fileoff_t)lblkno, 405 blkcnt, map, &nmap, 406 XFS_BMAPI_ATTRFORK); 407 if (error) 408 return error; 409 ASSERT(nmap >= 1); 410 411 for (i = 0; (i < nmap) && (valuelen > 0); i++) { 412 xfs_daddr_t dblkno; 413 int dblkcnt; 414 415 ASSERT((map[i].br_startblock != DELAYSTARTBLOCK) && 416 (map[i].br_startblock != HOLESTARTBLOCK)); 417 dblkno = XFS_FSB_TO_DADDR(mp, map[i].br_startblock); 418 dblkcnt = XFS_FSB_TO_BB(mp, map[i].br_blockcount); 419 error = xfs_trans_read_buf(mp, args->trans, 420 mp->m_ddev_targp, 421 dblkno, dblkcnt, 0, &bp, 422 &xfs_attr3_rmt_buf_ops); 423 if (error) 424 return error; 425 426 error = xfs_attr_rmtval_copyout(mp, bp, args->dp->i_ino, 427 &offset, &valuelen, 428 &dst); 429 xfs_trans_brelse(args->trans, bp); 430 if (error) 431 return error; 432 433 /* roll attribute extent map forwards */ 434 lblkno += map[i].br_blockcount; 435 blkcnt -= map[i].br_blockcount; 436 } 437 } 438 ASSERT(valuelen == 0); 439 return 0; 440 } 441 442 /* 443 * Write the value associated with an attribute into the out-of-line buffer 444 * that we have defined for it. 445 */ 446 int 447 xfs_attr_rmtval_set( 448 struct xfs_da_args *args) 449 { 450 struct xfs_inode *dp = args->dp; 451 struct xfs_mount *mp = dp->i_mount; 452 struct xfs_bmbt_irec map; 453 xfs_dablk_t lblkno; 454 xfs_fileoff_t lfileoff = 0; 455 uint8_t *src = args->value; 456 int blkcnt; 457 int valuelen; 458 int nmap; 459 int error; 460 int offset = 0; 461 462 trace_xfs_attr_rmtval_set(args); 463 464 /* 465 * Find a "hole" in the attribute address space large enough for 466 * us to drop the new attribute's value into. Because CRC enable 467 * attributes have headers, we can't just do a straight byte to FSB 468 * conversion and have to take the header space into account. 469 */ 470 blkcnt = xfs_attr3_rmt_blocks(mp, args->rmtvaluelen); 471 error = xfs_bmap_first_unused(args->trans, args->dp, blkcnt, &lfileoff, 472 XFS_ATTR_FORK); 473 if (error) 474 return error; 475 476 args->rmtblkno = lblkno = (xfs_dablk_t)lfileoff; 477 args->rmtblkcnt = blkcnt; 478 479 /* 480 * Roll through the "value", allocating blocks on disk as required. 481 */ 482 while (blkcnt > 0) { 483 /* 484 * Allocate a single extent, up to the size of the value. 485 * 486 * Note that we have to consider this a data allocation as we 487 * write the remote attribute without logging the contents. 488 * Hence we must ensure that we aren't using blocks that are on 489 * the busy list so that we don't overwrite blocks which have 490 * recently been freed but their transactions are not yet 491 * committed to disk. If we overwrite the contents of a busy 492 * extent and then crash then the block may not contain the 493 * correct metadata after log recovery occurs. 494 */ 495 xfs_defer_init(args->dfops, args->firstblock); 496 nmap = 1; 497 error = xfs_bmapi_write(args->trans, dp, (xfs_fileoff_t)lblkno, 498 blkcnt, XFS_BMAPI_ATTRFORK, args->firstblock, 499 args->total, &map, &nmap, args->dfops); 500 if (error) 501 goto out_defer_cancel; 502 xfs_defer_ijoin(args->dfops, dp); 503 error = xfs_defer_finish(&args->trans, args->dfops); 504 if (error) 505 goto out_defer_cancel; 506 507 ASSERT(nmap == 1); 508 ASSERT((map.br_startblock != DELAYSTARTBLOCK) && 509 (map.br_startblock != HOLESTARTBLOCK)); 510 lblkno += map.br_blockcount; 511 blkcnt -= map.br_blockcount; 512 513 /* 514 * Start the next trans in the chain. 515 */ 516 error = xfs_trans_roll_inode(&args->trans, dp); 517 if (error) 518 return error; 519 } 520 521 /* 522 * Roll through the "value", copying the attribute value to the 523 * already-allocated blocks. Blocks are written synchronously 524 * so that we can know they are all on disk before we turn off 525 * the INCOMPLETE flag. 526 */ 527 lblkno = args->rmtblkno; 528 blkcnt = args->rmtblkcnt; 529 valuelen = args->rmtvaluelen; 530 while (valuelen > 0) { 531 struct xfs_buf *bp; 532 xfs_daddr_t dblkno; 533 int dblkcnt; 534 535 ASSERT(blkcnt > 0); 536 537 xfs_defer_init(args->dfops, args->firstblock); 538 nmap = 1; 539 error = xfs_bmapi_read(dp, (xfs_fileoff_t)lblkno, 540 blkcnt, &map, &nmap, 541 XFS_BMAPI_ATTRFORK); 542 if (error) 543 return error; 544 ASSERT(nmap == 1); 545 ASSERT((map.br_startblock != DELAYSTARTBLOCK) && 546 (map.br_startblock != HOLESTARTBLOCK)); 547 548 dblkno = XFS_FSB_TO_DADDR(mp, map.br_startblock), 549 dblkcnt = XFS_FSB_TO_BB(mp, map.br_blockcount); 550 551 bp = xfs_buf_get(mp->m_ddev_targp, dblkno, dblkcnt, 0); 552 if (!bp) 553 return -ENOMEM; 554 bp->b_ops = &xfs_attr3_rmt_buf_ops; 555 556 xfs_attr_rmtval_copyin(mp, bp, args->dp->i_ino, &offset, 557 &valuelen, &src); 558 559 error = xfs_bwrite(bp); /* GROT: NOTE: synchronous write */ 560 xfs_buf_relse(bp); 561 if (error) 562 return error; 563 564 565 /* roll attribute extent map forwards */ 566 lblkno += map.br_blockcount; 567 blkcnt -= map.br_blockcount; 568 } 569 ASSERT(valuelen == 0); 570 return 0; 571 out_defer_cancel: 572 xfs_defer_cancel(args->dfops); 573 args->trans = NULL; 574 return error; 575 } 576 577 /* 578 * Remove the value associated with an attribute by deleting the 579 * out-of-line buffer that it is stored on. 580 */ 581 int 582 xfs_attr_rmtval_remove( 583 struct xfs_da_args *args) 584 { 585 struct xfs_mount *mp = args->dp->i_mount; 586 xfs_dablk_t lblkno; 587 int blkcnt; 588 int error; 589 int done; 590 591 trace_xfs_attr_rmtval_remove(args); 592 593 /* 594 * Roll through the "value", invalidating the attribute value's blocks. 595 */ 596 lblkno = args->rmtblkno; 597 blkcnt = args->rmtblkcnt; 598 while (blkcnt > 0) { 599 struct xfs_bmbt_irec map; 600 struct xfs_buf *bp; 601 xfs_daddr_t dblkno; 602 int dblkcnt; 603 int nmap; 604 605 /* 606 * Try to remember where we decided to put the value. 607 */ 608 nmap = 1; 609 error = xfs_bmapi_read(args->dp, (xfs_fileoff_t)lblkno, 610 blkcnt, &map, &nmap, XFS_BMAPI_ATTRFORK); 611 if (error) 612 return error; 613 ASSERT(nmap == 1); 614 ASSERT((map.br_startblock != DELAYSTARTBLOCK) && 615 (map.br_startblock != HOLESTARTBLOCK)); 616 617 dblkno = XFS_FSB_TO_DADDR(mp, map.br_startblock), 618 dblkcnt = XFS_FSB_TO_BB(mp, map.br_blockcount); 619 620 /* 621 * If the "remote" value is in the cache, remove it. 622 */ 623 bp = xfs_incore(mp->m_ddev_targp, dblkno, dblkcnt, XBF_TRYLOCK); 624 if (bp) { 625 xfs_buf_stale(bp); 626 xfs_buf_relse(bp); 627 bp = NULL; 628 } 629 630 lblkno += map.br_blockcount; 631 blkcnt -= map.br_blockcount; 632 } 633 634 /* 635 * Keep de-allocating extents until the remote-value region is gone. 636 */ 637 lblkno = args->rmtblkno; 638 blkcnt = args->rmtblkcnt; 639 done = 0; 640 while (!done) { 641 xfs_defer_init(args->dfops, args->firstblock); 642 error = xfs_bunmapi(args->trans, args->dp, lblkno, blkcnt, 643 XFS_BMAPI_ATTRFORK, 1, args->firstblock, 644 args->dfops, &done); 645 if (error) 646 goto out_defer_cancel; 647 xfs_defer_ijoin(args->dfops, args->dp); 648 error = xfs_defer_finish(&args->trans, args->dfops); 649 if (error) 650 goto out_defer_cancel; 651 652 /* 653 * Close out trans and start the next one in the chain. 654 */ 655 error = xfs_trans_roll_inode(&args->trans, args->dp); 656 if (error) 657 return error; 658 } 659 return 0; 660 out_defer_cancel: 661 xfs_defer_cancel(args->dfops); 662 args->trans = NULL; 663 return error; 664 } 665