1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright (c) 2000-2006 Silicon Graphics, Inc. 4 * Copyright (c) 2012-2013 Red Hat, Inc. 5 * All rights reserved. 6 */ 7 #include "xfs.h" 8 #include "xfs_fs.h" 9 #include "xfs_format.h" 10 #include "xfs_log_format.h" 11 #include "xfs_shared.h" 12 #include "xfs_trans_resv.h" 13 #include "xfs_mount.h" 14 #include "xfs_inode.h" 15 #include "xfs_error.h" 16 #include "xfs_trans.h" 17 #include "xfs_buf_item.h" 18 #include "xfs_log.h" 19 20 21 /* 22 * Each contiguous block has a header, so it is not just a simple pathlen 23 * to FSB conversion. 24 */ 25 int 26 xfs_symlink_blocks( 27 struct xfs_mount *mp, 28 int pathlen) 29 { 30 int buflen = XFS_SYMLINK_BUF_SPACE(mp, mp->m_sb.sb_blocksize); 31 32 return (pathlen + buflen - 1) / buflen; 33 } 34 35 int 36 xfs_symlink_hdr_set( 37 struct xfs_mount *mp, 38 xfs_ino_t ino, 39 uint32_t offset, 40 uint32_t size, 41 struct xfs_buf *bp) 42 { 43 struct xfs_dsymlink_hdr *dsl = bp->b_addr; 44 45 if (!xfs_has_crc(mp)) 46 return 0; 47 48 memset(dsl, 0, sizeof(struct xfs_dsymlink_hdr)); 49 dsl->sl_magic = cpu_to_be32(XFS_SYMLINK_MAGIC); 50 dsl->sl_offset = cpu_to_be32(offset); 51 dsl->sl_bytes = cpu_to_be32(size); 52 uuid_copy(&dsl->sl_uuid, &mp->m_sb.sb_meta_uuid); 53 dsl->sl_owner = cpu_to_be64(ino); 54 dsl->sl_blkno = cpu_to_be64(xfs_buf_daddr(bp)); 55 bp->b_ops = &xfs_symlink_buf_ops; 56 57 return sizeof(struct xfs_dsymlink_hdr); 58 } 59 60 /* 61 * Checking of the symlink header is split into two parts. the verifier does 62 * CRC, location and bounds checking, the unpacking function checks the path 63 * parameters and owner. 64 */ 65 bool 66 xfs_symlink_hdr_ok( 67 xfs_ino_t ino, 68 uint32_t offset, 69 uint32_t size, 70 struct xfs_buf *bp) 71 { 72 struct xfs_dsymlink_hdr *dsl = bp->b_addr; 73 74 if (offset != be32_to_cpu(dsl->sl_offset)) 75 return false; 76 if (size != be32_to_cpu(dsl->sl_bytes)) 77 return false; 78 if (ino != be64_to_cpu(dsl->sl_owner)) 79 return false; 80 81 /* ok */ 82 return true; 83 } 84 85 static xfs_failaddr_t 86 xfs_symlink_verify( 87 struct xfs_buf *bp) 88 { 89 struct xfs_mount *mp = bp->b_mount; 90 struct xfs_dsymlink_hdr *dsl = bp->b_addr; 91 92 /* no verification of non-crc buffers */ 93 if (!xfs_has_crc(mp)) 94 return NULL; 95 96 if (!xfs_verify_magic(bp, dsl->sl_magic)) 97 return __this_address; 98 if (!uuid_equal(&dsl->sl_uuid, &mp->m_sb.sb_meta_uuid)) 99 return __this_address; 100 if (xfs_buf_daddr(bp) != be64_to_cpu(dsl->sl_blkno)) 101 return __this_address; 102 if (be32_to_cpu(dsl->sl_offset) + 103 be32_to_cpu(dsl->sl_bytes) >= XFS_SYMLINK_MAXLEN) 104 return __this_address; 105 if (dsl->sl_owner == 0) 106 return __this_address; 107 if (!xfs_log_check_lsn(mp, be64_to_cpu(dsl->sl_lsn))) 108 return __this_address; 109 110 return NULL; 111 } 112 113 static void 114 xfs_symlink_read_verify( 115 struct xfs_buf *bp) 116 { 117 struct xfs_mount *mp = bp->b_mount; 118 xfs_failaddr_t fa; 119 120 /* no verification of non-crc buffers */ 121 if (!xfs_has_crc(mp)) 122 return; 123 124 if (!xfs_buf_verify_cksum(bp, XFS_SYMLINK_CRC_OFF)) 125 xfs_verifier_error(bp, -EFSBADCRC, __this_address); 126 else { 127 fa = xfs_symlink_verify(bp); 128 if (fa) 129 xfs_verifier_error(bp, -EFSCORRUPTED, fa); 130 } 131 } 132 133 static void 134 xfs_symlink_write_verify( 135 struct xfs_buf *bp) 136 { 137 struct xfs_mount *mp = bp->b_mount; 138 struct xfs_buf_log_item *bip = bp->b_log_item; 139 xfs_failaddr_t fa; 140 141 /* no verification of non-crc buffers */ 142 if (!xfs_has_crc(mp)) 143 return; 144 145 fa = xfs_symlink_verify(bp); 146 if (fa) { 147 xfs_verifier_error(bp, -EFSCORRUPTED, fa); 148 return; 149 } 150 151 if (bip) { 152 struct xfs_dsymlink_hdr *dsl = bp->b_addr; 153 dsl->sl_lsn = cpu_to_be64(bip->bli_item.li_lsn); 154 } 155 xfs_buf_update_cksum(bp, XFS_SYMLINK_CRC_OFF); 156 } 157 158 const struct xfs_buf_ops xfs_symlink_buf_ops = { 159 .name = "xfs_symlink", 160 .magic = { 0, cpu_to_be32(XFS_SYMLINK_MAGIC) }, 161 .verify_read = xfs_symlink_read_verify, 162 .verify_write = xfs_symlink_write_verify, 163 .verify_struct = xfs_symlink_verify, 164 }; 165 166 void 167 xfs_symlink_local_to_remote( 168 struct xfs_trans *tp, 169 struct xfs_buf *bp, 170 struct xfs_inode *ip, 171 struct xfs_ifork *ifp) 172 { 173 struct xfs_mount *mp = ip->i_mount; 174 char *buf; 175 176 xfs_trans_buf_set_type(tp, bp, XFS_BLFT_SYMLINK_BUF); 177 178 if (!xfs_has_crc(mp)) { 179 bp->b_ops = NULL; 180 memcpy(bp->b_addr, ifp->if_u1.if_data, ifp->if_bytes); 181 xfs_trans_log_buf(tp, bp, 0, ifp->if_bytes - 1); 182 return; 183 } 184 185 /* 186 * As this symlink fits in an inode literal area, it must also fit in 187 * the smallest buffer the filesystem supports. 188 */ 189 ASSERT(BBTOB(bp->b_length) >= 190 ifp->if_bytes + sizeof(struct xfs_dsymlink_hdr)); 191 192 bp->b_ops = &xfs_symlink_buf_ops; 193 194 buf = bp->b_addr; 195 buf += xfs_symlink_hdr_set(mp, ip->i_ino, 0, ifp->if_bytes, bp); 196 memcpy(buf, ifp->if_u1.if_data, ifp->if_bytes); 197 xfs_trans_log_buf(tp, bp, 0, sizeof(struct xfs_dsymlink_hdr) + 198 ifp->if_bytes - 1); 199 } 200 201 /* 202 * Verify the in-memory consistency of an inline symlink data fork. This 203 * does not do on-disk format checks. 204 */ 205 xfs_failaddr_t 206 xfs_symlink_shortform_verify( 207 struct xfs_inode *ip) 208 { 209 struct xfs_ifork *ifp = xfs_ifork_ptr(ip, XFS_DATA_FORK); 210 char *sfp = (char *)ifp->if_u1.if_data; 211 int size = ifp->if_bytes; 212 char *endp = sfp + size; 213 214 ASSERT(ifp->if_format == XFS_DINODE_FMT_LOCAL); 215 216 /* 217 * Zero length symlinks should never occur in memory as they are 218 * never allowed to exist on disk. 219 */ 220 if (!size) 221 return __this_address; 222 223 /* No negative sizes or overly long symlink targets. */ 224 if (size < 0 || size > XFS_SYMLINK_MAXLEN) 225 return __this_address; 226 227 /* No NULLs in the target either. */ 228 if (memchr(sfp, 0, size - 1)) 229 return __this_address; 230 231 /* We /did/ null-terminate the buffer, right? */ 232 if (*endp != 0) 233 return __this_address; 234 return NULL; 235 } 236