1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright (c) 2000-2006 Silicon Graphics, Inc. 4 * Copyright (c) 2012-2013 Red Hat, Inc. 5 * All rights reserved. 6 */ 7 #include "xfs.h" 8 #include "xfs_fs.h" 9 #include "xfs_format.h" 10 #include "xfs_log_format.h" 11 #include "xfs_shared.h" 12 #include "xfs_trans_resv.h" 13 #include "xfs_mount.h" 14 #include "xfs_inode.h" 15 #include "xfs_error.h" 16 #include "xfs_trans.h" 17 #include "xfs_buf_item.h" 18 #include "xfs_log.h" 19 20 21 /* 22 * Each contiguous block has a header, so it is not just a simple pathlen 23 * to FSB conversion. 24 */ 25 int 26 xfs_symlink_blocks( 27 struct xfs_mount *mp, 28 int pathlen) 29 { 30 int buflen = XFS_SYMLINK_BUF_SPACE(mp, mp->m_sb.sb_blocksize); 31 32 return (pathlen + buflen - 1) / buflen; 33 } 34 35 int 36 xfs_symlink_hdr_set( 37 struct xfs_mount *mp, 38 xfs_ino_t ino, 39 uint32_t offset, 40 uint32_t size, 41 struct xfs_buf *bp) 42 { 43 struct xfs_dsymlink_hdr *dsl = bp->b_addr; 44 45 if (!xfs_has_crc(mp)) 46 return 0; 47 48 memset(dsl, 0, sizeof(struct xfs_dsymlink_hdr)); 49 dsl->sl_magic = cpu_to_be32(XFS_SYMLINK_MAGIC); 50 dsl->sl_offset = cpu_to_be32(offset); 51 dsl->sl_bytes = cpu_to_be32(size); 52 uuid_copy(&dsl->sl_uuid, &mp->m_sb.sb_meta_uuid); 53 dsl->sl_owner = cpu_to_be64(ino); 54 dsl->sl_blkno = cpu_to_be64(xfs_buf_daddr(bp)); 55 bp->b_ops = &xfs_symlink_buf_ops; 56 57 return sizeof(struct xfs_dsymlink_hdr); 58 } 59 60 /* 61 * Checking of the symlink header is split into two parts. the verifier does 62 * CRC, location and bounds checking, the unpacking function checks the path 63 * parameters and owner. 64 */ 65 bool 66 xfs_symlink_hdr_ok( 67 xfs_ino_t ino, 68 uint32_t offset, 69 uint32_t size, 70 struct xfs_buf *bp) 71 { 72 struct xfs_dsymlink_hdr *dsl = bp->b_addr; 73 74 if (offset != be32_to_cpu(dsl->sl_offset)) 75 return false; 76 if (size != be32_to_cpu(dsl->sl_bytes)) 77 return false; 78 if (ino != be64_to_cpu(dsl->sl_owner)) 79 return false; 80 81 /* ok */ 82 return true; 83 } 84 85 static xfs_failaddr_t 86 xfs_symlink_verify( 87 struct xfs_buf *bp) 88 { 89 struct xfs_mount *mp = bp->b_mount; 90 struct xfs_dsymlink_hdr *dsl = bp->b_addr; 91 92 if (!xfs_has_crc(mp)) 93 return __this_address; 94 if (!xfs_verify_magic(bp, dsl->sl_magic)) 95 return __this_address; 96 if (!uuid_equal(&dsl->sl_uuid, &mp->m_sb.sb_meta_uuid)) 97 return __this_address; 98 if (xfs_buf_daddr(bp) != be64_to_cpu(dsl->sl_blkno)) 99 return __this_address; 100 if (be32_to_cpu(dsl->sl_offset) + 101 be32_to_cpu(dsl->sl_bytes) >= XFS_SYMLINK_MAXLEN) 102 return __this_address; 103 if (dsl->sl_owner == 0) 104 return __this_address; 105 if (!xfs_log_check_lsn(mp, be64_to_cpu(dsl->sl_lsn))) 106 return __this_address; 107 108 return NULL; 109 } 110 111 static void 112 xfs_symlink_read_verify( 113 struct xfs_buf *bp) 114 { 115 struct xfs_mount *mp = bp->b_mount; 116 xfs_failaddr_t fa; 117 118 /* no verification of non-crc buffers */ 119 if (!xfs_has_crc(mp)) 120 return; 121 122 if (!xfs_buf_verify_cksum(bp, XFS_SYMLINK_CRC_OFF)) 123 xfs_verifier_error(bp, -EFSBADCRC, __this_address); 124 else { 125 fa = xfs_symlink_verify(bp); 126 if (fa) 127 xfs_verifier_error(bp, -EFSCORRUPTED, fa); 128 } 129 } 130 131 static void 132 xfs_symlink_write_verify( 133 struct xfs_buf *bp) 134 { 135 struct xfs_mount *mp = bp->b_mount; 136 struct xfs_buf_log_item *bip = bp->b_log_item; 137 xfs_failaddr_t fa; 138 139 /* no verification of non-crc buffers */ 140 if (!xfs_has_crc(mp)) 141 return; 142 143 fa = xfs_symlink_verify(bp); 144 if (fa) { 145 xfs_verifier_error(bp, -EFSCORRUPTED, fa); 146 return; 147 } 148 149 if (bip) { 150 struct xfs_dsymlink_hdr *dsl = bp->b_addr; 151 dsl->sl_lsn = cpu_to_be64(bip->bli_item.li_lsn); 152 } 153 xfs_buf_update_cksum(bp, XFS_SYMLINK_CRC_OFF); 154 } 155 156 const struct xfs_buf_ops xfs_symlink_buf_ops = { 157 .name = "xfs_symlink", 158 .magic = { 0, cpu_to_be32(XFS_SYMLINK_MAGIC) }, 159 .verify_read = xfs_symlink_read_verify, 160 .verify_write = xfs_symlink_write_verify, 161 .verify_struct = xfs_symlink_verify, 162 }; 163 164 void 165 xfs_symlink_local_to_remote( 166 struct xfs_trans *tp, 167 struct xfs_buf *bp, 168 struct xfs_inode *ip, 169 struct xfs_ifork *ifp) 170 { 171 struct xfs_mount *mp = ip->i_mount; 172 char *buf; 173 174 xfs_trans_buf_set_type(tp, bp, XFS_BLFT_SYMLINK_BUF); 175 176 if (!xfs_has_crc(mp)) { 177 bp->b_ops = NULL; 178 memcpy(bp->b_addr, ifp->if_u1.if_data, ifp->if_bytes); 179 xfs_trans_log_buf(tp, bp, 0, ifp->if_bytes - 1); 180 return; 181 } 182 183 /* 184 * As this symlink fits in an inode literal area, it must also fit in 185 * the smallest buffer the filesystem supports. 186 */ 187 ASSERT(BBTOB(bp->b_length) >= 188 ifp->if_bytes + sizeof(struct xfs_dsymlink_hdr)); 189 190 bp->b_ops = &xfs_symlink_buf_ops; 191 192 buf = bp->b_addr; 193 buf += xfs_symlink_hdr_set(mp, ip->i_ino, 0, ifp->if_bytes, bp); 194 memcpy(buf, ifp->if_u1.if_data, ifp->if_bytes); 195 xfs_trans_log_buf(tp, bp, 0, sizeof(struct xfs_dsymlink_hdr) + 196 ifp->if_bytes - 1); 197 } 198 199 /* 200 * Verify the in-memory consistency of an inline symlink data fork. This 201 * does not do on-disk format checks. 202 */ 203 xfs_failaddr_t 204 xfs_symlink_shortform_verify( 205 struct xfs_inode *ip) 206 { 207 struct xfs_ifork *ifp = XFS_IFORK_PTR(ip, XFS_DATA_FORK); 208 char *sfp = (char *)ifp->if_u1.if_data; 209 int size = ifp->if_bytes; 210 char *endp = sfp + size; 211 212 ASSERT(ifp->if_format == XFS_DINODE_FMT_LOCAL); 213 214 /* 215 * Zero length symlinks should never occur in memory as they are 216 * never allowed to exist on disk. 217 */ 218 if (!size) 219 return __this_address; 220 221 /* No negative sizes or overly long symlink targets. */ 222 if (size < 0 || size > XFS_SYMLINK_MAXLEN) 223 return __this_address; 224 225 /* No NULLs in the target either. */ 226 if (memchr(sfp, 0, size - 1)) 227 return __this_address; 228 229 /* We /did/ null-terminate the buffer, right? */ 230 if (*endp != 0) 231 return __this_address; 232 return NULL; 233 } 234