1 /*
2 * journal.c --- code for handling the "ext3" journal
3 *
4 * Copyright (C) 2000 Andreas Dilger
5 * Copyright (C) 2000 Theodore Ts'o
6 *
7 * Parts of the code are based on fs/jfs/journal.c by Stephen C. Tweedie
8 * Copyright (C) 1999 Red Hat Software
9 *
10 * This file may be redistributed under the terms of the
11 * GNU General Public License version 2 or at your discretion
12 * any later version.
13 */
14
15 #ifdef HAVE_SYS_MOUNT_H
16 #include <sys/param.h>
17 #include <sys/mount.h>
18 #define MNT_FL (MS_MGC_VAL | MS_RDONLY)
19 #endif
20 #ifdef HAVE_SYS_STAT_H
21 #include <sys/stat.h>
22 #endif
23
24 #define E2FSCK_INCLUDE_INLINE_FUNCS
25 #include "jfs_user.h"
26 #include "problem.h"
27 #include "uuid/uuid.h"
28
29 #ifdef CONFIG_JBD_DEBUG /* Enabled by configure --enable-jfs-debug */
30 static int bh_count = 0;
31 #endif
32
33 /*
34 * Define USE_INODE_IO to use the inode_io.c / fileio.c codepaths.
35 * This creates a larger static binary, and a smaller binary using
36 * shared libraries. It's also probably slightly less CPU-efficient,
37 * which is why it's not on by default. But, it's a good way of
38 * testing the functions in inode_io.c and fileio.c.
39 */
40 #undef USE_INODE_IO
41
42 /* Kernel compatibility functions for handling the journal. These allow us
43 * to use the recovery.c file virtually unchanged from the kernel, so we
44 * don't have to do much to keep kernel and user recovery in sync.
45 */
journal_bmap(journal_t * journal,blk_t block,unsigned long * phys)46 int journal_bmap(journal_t *journal, blk_t block, unsigned long *phys)
47 {
48 #ifdef USE_INODE_IO
49 *phys = block;
50 return 0;
51 #else
52 struct inode *inode = journal->j_inode;
53 errcode_t retval;
54 blk_t pblk;
55
56 if (!inode) {
57 *phys = block;
58 return 0;
59 }
60
61 retval= ext2fs_bmap(inode->i_ctx->fs, inode->i_ino,
62 &inode->i_ext2, NULL, 0, block, &pblk);
63 *phys = pblk;
64 return (retval);
65 #endif
66 }
67
getblk(kdev_t kdev,blk_t blocknr,int blocksize)68 struct buffer_head *getblk(kdev_t kdev, blk_t blocknr, int blocksize)
69 {
70 struct buffer_head *bh;
71
72 bh = e2fsck_allocate_memory(kdev->k_ctx, sizeof(*bh), "block buffer");
73 if (!bh)
74 return NULL;
75
76 jfs_debug(4, "getblk for block %lu (%d bytes)(total %d)\n",
77 (unsigned long) blocknr, blocksize, ++bh_count);
78
79 bh->b_ctx = kdev->k_ctx;
80 if (kdev->k_dev == K_DEV_FS)
81 bh->b_io = kdev->k_ctx->fs->io;
82 else
83 bh->b_io = kdev->k_ctx->journal_io;
84 bh->b_size = blocksize;
85 bh->b_blocknr = blocknr;
86
87 return bh;
88 }
89
sync_blockdev(kdev_t kdev)90 void sync_blockdev(kdev_t kdev)
91 {
92 io_channel io;
93
94 if (kdev->k_dev == K_DEV_FS)
95 io = kdev->k_ctx->fs->io;
96 else
97 io = kdev->k_ctx->journal_io;
98
99 io_channel_flush(io);
100 }
101
ll_rw_block(int rw,int nr,struct buffer_head * bhp[])102 void ll_rw_block(int rw, int nr, struct buffer_head *bhp[])
103 {
104 int retval;
105 struct buffer_head *bh;
106
107 for (; nr > 0; --nr) {
108 bh = *bhp++;
109 if (rw == READ && !bh->b_uptodate) {
110 jfs_debug(3, "reading block %lu/%p\n",
111 (unsigned long) bh->b_blocknr, (void *) bh);
112 retval = io_channel_read_blk(bh->b_io,
113 bh->b_blocknr,
114 1, bh->b_data);
115 if (retval) {
116 com_err(bh->b_ctx->device_name, retval,
117 "while reading block %lu\n",
118 (unsigned long) bh->b_blocknr);
119 bh->b_err = retval;
120 continue;
121 }
122 bh->b_uptodate = 1;
123 } else if (rw == WRITE && bh->b_dirty) {
124 jfs_debug(3, "writing block %lu/%p\n",
125 (unsigned long) bh->b_blocknr, (void *) bh);
126 retval = io_channel_write_blk(bh->b_io,
127 bh->b_blocknr,
128 1, bh->b_data);
129 if (retval) {
130 com_err(bh->b_ctx->device_name, retval,
131 "while writing block %lu\n",
132 (unsigned long) bh->b_blocknr);
133 bh->b_err = retval;
134 continue;
135 }
136 bh->b_dirty = 0;
137 bh->b_uptodate = 1;
138 } else {
139 jfs_debug(3, "no-op %s for block %lu\n",
140 rw == READ ? "read" : "write",
141 (unsigned long) bh->b_blocknr);
142 }
143 }
144 }
145
mark_buffer_dirty(struct buffer_head * bh)146 void mark_buffer_dirty(struct buffer_head *bh)
147 {
148 bh->b_dirty = 1;
149 }
150
mark_buffer_clean(struct buffer_head * bh)151 static void mark_buffer_clean(struct buffer_head * bh)
152 {
153 bh->b_dirty = 0;
154 }
155
brelse(struct buffer_head * bh)156 void brelse(struct buffer_head *bh)
157 {
158 if (bh->b_dirty)
159 ll_rw_block(WRITE, 1, &bh);
160 jfs_debug(3, "freeing block %lu/%p (total %d)\n",
161 (unsigned long) bh->b_blocknr, (void *) bh, --bh_count);
162 ext2fs_free_mem(&bh);
163 }
164
buffer_uptodate(struct buffer_head * bh)165 int buffer_uptodate(struct buffer_head *bh)
166 {
167 return bh->b_uptodate;
168 }
169
mark_buffer_uptodate(struct buffer_head * bh,int val)170 void mark_buffer_uptodate(struct buffer_head *bh, int val)
171 {
172 bh->b_uptodate = val;
173 }
174
wait_on_buffer(struct buffer_head * bh)175 void wait_on_buffer(struct buffer_head *bh)
176 {
177 if (!bh->b_uptodate)
178 ll_rw_block(READ, 1, &bh);
179 }
180
181
e2fsck_clear_recover(e2fsck_t ctx,int error)182 static void e2fsck_clear_recover(e2fsck_t ctx, int error)
183 {
184 ctx->fs->super->s_feature_incompat &= ~EXT3_FEATURE_INCOMPAT_RECOVER;
185
186 /* if we had an error doing journal recovery, we need a full fsck */
187 if (error)
188 ctx->fs->super->s_state &= ~EXT2_VALID_FS;
189 ext2fs_mark_super_dirty(ctx->fs);
190 }
191
192 /*
193 * This is a helper function to check the validity of the journal.
194 */
195 struct process_block_struct {
196 e2_blkcnt_t last_block;
197 };
198
process_journal_block(ext2_filsys fs,blk_t * block_nr,e2_blkcnt_t blockcnt,blk_t ref_block EXT2FS_ATTR ((unused)),int ref_offset EXT2FS_ATTR ((unused)),void * priv_data)199 static int process_journal_block(ext2_filsys fs,
200 blk_t *block_nr,
201 e2_blkcnt_t blockcnt,
202 blk_t ref_block EXT2FS_ATTR((unused)),
203 int ref_offset EXT2FS_ATTR((unused)),
204 void *priv_data)
205 {
206 struct process_block_struct *p;
207 blk_t blk = *block_nr;
208
209 p = (struct process_block_struct *) priv_data;
210
211 if (blk < fs->super->s_first_data_block ||
212 blk >= fs->super->s_blocks_count)
213 return BLOCK_ABORT;
214
215 if (blockcnt >= 0)
216 p->last_block = blockcnt;
217 return 0;
218 }
219
e2fsck_get_journal(e2fsck_t ctx,journal_t ** ret_journal)220 static errcode_t e2fsck_get_journal(e2fsck_t ctx, journal_t **ret_journal)
221 {
222 struct process_block_struct pb;
223 struct ext2_super_block *sb = ctx->fs->super;
224 struct ext2_super_block jsuper;
225 struct problem_context pctx;
226 struct buffer_head *bh;
227 struct inode *j_inode = NULL;
228 struct kdev_s *dev_fs = NULL, *dev_journal;
229 const char *journal_name = 0;
230 journal_t *journal = NULL;
231 errcode_t retval = 0;
232 io_manager io_ptr = 0;
233 unsigned long start = 0;
234 int ext_journal = 0;
235 int tried_backup_jnl = 0;
236
237 clear_problem_context(&pctx);
238
239 journal = e2fsck_allocate_memory(ctx, sizeof(journal_t), "journal");
240 if (!journal) {
241 return EXT2_ET_NO_MEMORY;
242 }
243
244 dev_fs = e2fsck_allocate_memory(ctx, 2*sizeof(struct kdev_s), "kdev");
245 if (!dev_fs) {
246 retval = EXT2_ET_NO_MEMORY;
247 goto errout;
248 }
249 dev_journal = dev_fs+1;
250
251 dev_fs->k_ctx = dev_journal->k_ctx = ctx;
252 dev_fs->k_dev = K_DEV_FS;
253 dev_journal->k_dev = K_DEV_JOURNAL;
254
255 journal->j_dev = dev_journal;
256 journal->j_fs_dev = dev_fs;
257 journal->j_inode = NULL;
258 journal->j_blocksize = ctx->fs->blocksize;
259
260 if (uuid_is_null(sb->s_journal_uuid)) {
261 if (!sb->s_journal_inum) {
262 retval = EXT2_ET_BAD_INODE_NUM;
263 goto errout;
264 }
265 j_inode = e2fsck_allocate_memory(ctx, sizeof(*j_inode),
266 "journal inode");
267 if (!j_inode) {
268 retval = EXT2_ET_NO_MEMORY;
269 goto errout;
270 }
271
272 j_inode->i_ctx = ctx;
273 j_inode->i_ino = sb->s_journal_inum;
274
275 if ((retval = ext2fs_read_inode(ctx->fs,
276 sb->s_journal_inum,
277 &j_inode->i_ext2))) {
278 try_backup_journal:
279 if (sb->s_jnl_backup_type != EXT3_JNL_BACKUP_BLOCKS ||
280 tried_backup_jnl)
281 goto errout;
282 memset(&j_inode->i_ext2, 0, sizeof(struct ext2_inode));
283 memcpy(&j_inode->i_ext2.i_block[0], sb->s_jnl_blocks,
284 EXT2_N_BLOCKS*4);
285 j_inode->i_ext2.i_size = sb->s_jnl_blocks[16];
286 j_inode->i_ext2.i_links_count = 1;
287 j_inode->i_ext2.i_mode = LINUX_S_IFREG | 0600;
288 e2fsck_use_inode_shortcuts(ctx, 1);
289 ctx->stashed_ino = j_inode->i_ino;
290 ctx->stashed_inode = &j_inode->i_ext2;
291 tried_backup_jnl++;
292 }
293 if (!j_inode->i_ext2.i_links_count ||
294 !LINUX_S_ISREG(j_inode->i_ext2.i_mode)) {
295 retval = EXT2_ET_NO_JOURNAL;
296 goto try_backup_journal;
297 }
298 if (j_inode->i_ext2.i_size / journal->j_blocksize <
299 JFS_MIN_JOURNAL_BLOCKS) {
300 retval = EXT2_ET_JOURNAL_TOO_SMALL;
301 goto try_backup_journal;
302 }
303 pb.last_block = -1;
304 retval = ext2fs_block_iterate2(ctx->fs, j_inode->i_ino,
305 BLOCK_FLAG_HOLE, 0,
306 process_journal_block, &pb);
307 if ((pb.last_block+1) * ctx->fs->blocksize <
308 j_inode->i_ext2.i_size) {
309 retval = EXT2_ET_JOURNAL_TOO_SMALL;
310 goto try_backup_journal;
311 }
312 if (tried_backup_jnl && !(ctx->options & E2F_OPT_READONLY)) {
313 retval = ext2fs_write_inode(ctx->fs, sb->s_journal_inum,
314 &j_inode->i_ext2);
315 if (retval)
316 goto errout;
317 }
318
319 journal->j_maxlen = j_inode->i_ext2.i_size / journal->j_blocksize;
320
321 #ifdef USE_INODE_IO
322 retval = ext2fs_inode_io_intern2(ctx->fs, sb->s_journal_inum,
323 &j_inode->i_ext2,
324 &journal_name);
325 if (retval)
326 goto errout;
327
328 io_ptr = inode_io_manager;
329 #else
330 journal->j_inode = j_inode;
331 ctx->journal_io = ctx->fs->io;
332 if ((retval = journal_bmap(journal, 0, &start)) != 0)
333 goto errout;
334 #endif
335 } else {
336 ext_journal = 1;
337 if (!ctx->journal_name) {
338 char uuid[37];
339
340 uuid_unparse(sb->s_journal_uuid, uuid);
341 ctx->journal_name = blkid_get_devname(ctx->blkid,
342 "UUID", uuid);
343 if (!ctx->journal_name)
344 ctx->journal_name = blkid_devno_to_devname(sb->s_journal_dev);
345 }
346 journal_name = ctx->journal_name;
347
348 if (!journal_name) {
349 fix_problem(ctx, PR_0_CANT_FIND_JOURNAL, &pctx);
350 retval = EXT2_ET_LOAD_EXT_JOURNAL;
351 goto errout;
352 }
353
354 jfs_debug(1, "Using journal file %s\n", journal_name);
355 io_ptr = unix_io_manager;
356 }
357
358 #if 0
359 test_io_backing_manager = io_ptr;
360 io_ptr = test_io_manager;
361 #endif
362 #ifndef USE_INODE_IO
363 if (ext_journal)
364 #endif
365 retval = io_ptr->open(journal_name, IO_FLAG_RW,
366 &ctx->journal_io);
367 if (retval)
368 goto errout;
369
370 io_channel_set_blksize(ctx->journal_io, ctx->fs->blocksize);
371
372 if (ext_journal) {
373 if (ctx->fs->blocksize == 1024)
374 start = 1;
375 bh = getblk(dev_journal, start, ctx->fs->blocksize);
376 if (!bh) {
377 retval = EXT2_ET_NO_MEMORY;
378 goto errout;
379 }
380 ll_rw_block(READ, 1, &bh);
381 if ((retval = bh->b_err) != 0) {
382 brelse(bh);
383 goto errout;
384 }
385 memcpy(&jsuper, start ? bh->b_data : bh->b_data + 1024,
386 sizeof(jsuper));
387 brelse(bh);
388 #ifdef EXT2FS_ENABLE_SWAPFS
389 if (jsuper.s_magic == ext2fs_swab16(EXT2_SUPER_MAGIC))
390 ext2fs_swap_super(&jsuper);
391 #endif
392 if (jsuper.s_magic != EXT2_SUPER_MAGIC ||
393 !(jsuper.s_feature_incompat & EXT3_FEATURE_INCOMPAT_JOURNAL_DEV)) {
394 fix_problem(ctx, PR_0_EXT_JOURNAL_BAD_SUPER, &pctx);
395 retval = EXT2_ET_LOAD_EXT_JOURNAL;
396 goto errout;
397 }
398 /* Make sure the journal UUID is correct */
399 if (memcmp(jsuper.s_uuid, ctx->fs->super->s_journal_uuid,
400 sizeof(jsuper.s_uuid))) {
401 fix_problem(ctx, PR_0_JOURNAL_BAD_UUID, &pctx);
402 retval = EXT2_ET_LOAD_EXT_JOURNAL;
403 goto errout;
404 }
405
406 journal->j_maxlen = jsuper.s_blocks_count;
407 start++;
408 }
409
410 if (!(bh = getblk(dev_journal, start, journal->j_blocksize))) {
411 retval = EXT2_ET_NO_MEMORY;
412 goto errout;
413 }
414
415 journal->j_sb_buffer = bh;
416 journal->j_superblock = (journal_superblock_t *)bh->b_data;
417
418 #ifdef USE_INODE_IO
419 if (j_inode)
420 ext2fs_free_mem(&j_inode);
421 #endif
422
423 *ret_journal = journal;
424 e2fsck_use_inode_shortcuts(ctx, 0);
425 return 0;
426
427 errout:
428 e2fsck_use_inode_shortcuts(ctx, 0);
429 if (dev_fs)
430 ext2fs_free_mem(&dev_fs);
431 if (j_inode)
432 ext2fs_free_mem(&j_inode);
433 if (journal)
434 ext2fs_free_mem(&journal);
435 return retval;
436 }
437
e2fsck_journal_fix_bad_inode(e2fsck_t ctx,struct problem_context * pctx)438 static errcode_t e2fsck_journal_fix_bad_inode(e2fsck_t ctx,
439 struct problem_context *pctx)
440 {
441 struct ext2_super_block *sb = ctx->fs->super;
442 int recover = ctx->fs->super->s_feature_incompat &
443 EXT3_FEATURE_INCOMPAT_RECOVER;
444 int has_journal = ctx->fs->super->s_feature_compat &
445 EXT3_FEATURE_COMPAT_HAS_JOURNAL;
446
447 if (has_journal || sb->s_journal_inum) {
448 /* The journal inode is bogus, remove and force full fsck */
449 pctx->ino = sb->s_journal_inum;
450 if (fix_problem(ctx, PR_0_JOURNAL_BAD_INODE, pctx)) {
451 if (has_journal && sb->s_journal_inum)
452 printf("*** ext3 journal has been deleted - "
453 "filesystem is now ext2 only ***\n\n");
454 sb->s_feature_compat &= ~EXT3_FEATURE_COMPAT_HAS_JOURNAL;
455 sb->s_journal_inum = 0;
456 ctx->flags |= E2F_FLAG_JOURNAL_INODE;
457 ctx->fs->flags &= ~EXT2_FLAG_MASTER_SB_ONLY;
458 e2fsck_clear_recover(ctx, 1);
459 return 0;
460 }
461 return EXT2_ET_BAD_INODE_NUM;
462 } else if (recover) {
463 if (fix_problem(ctx, PR_0_JOURNAL_RECOVER_SET, pctx)) {
464 e2fsck_clear_recover(ctx, 1);
465 return 0;
466 }
467 return EXT2_ET_UNSUPP_FEATURE;
468 }
469 return 0;
470 }
471
472 #define V1_SB_SIZE 0x0024
clear_v2_journal_fields(journal_t * journal)473 static void clear_v2_journal_fields(journal_t *journal)
474 {
475 e2fsck_t ctx = journal->j_dev->k_ctx;
476 struct problem_context pctx;
477
478 clear_problem_context(&pctx);
479
480 if (!fix_problem(ctx, PR_0_CLEAR_V2_JOURNAL, &pctx))
481 return;
482
483 memset(((char *) journal->j_superblock) + V1_SB_SIZE, 0,
484 ctx->fs->blocksize-V1_SB_SIZE);
485 mark_buffer_dirty(journal->j_sb_buffer);
486 }
487
488
e2fsck_journal_load(journal_t * journal)489 static errcode_t e2fsck_journal_load(journal_t *journal)
490 {
491 e2fsck_t ctx = journal->j_dev->k_ctx;
492 journal_superblock_t *jsb;
493 struct buffer_head *jbh = journal->j_sb_buffer;
494 struct problem_context pctx;
495
496 clear_problem_context(&pctx);
497
498 ll_rw_block(READ, 1, &jbh);
499 if (jbh->b_err) {
500 com_err(ctx->device_name, jbh->b_err,
501 _("reading journal superblock\n"));
502 return jbh->b_err;
503 }
504
505 jsb = journal->j_superblock;
506 /* If we don't even have JFS_MAGIC, we probably have a wrong inode */
507 if (jsb->s_header.h_magic != htonl(JFS_MAGIC_NUMBER))
508 return e2fsck_journal_fix_bad_inode(ctx, &pctx);
509
510 switch (ntohl(jsb->s_header.h_blocktype)) {
511 case JFS_SUPERBLOCK_V1:
512 journal->j_format_version = 1;
513 if (jsb->s_feature_compat ||
514 jsb->s_feature_incompat ||
515 jsb->s_feature_ro_compat ||
516 jsb->s_nr_users)
517 clear_v2_journal_fields(journal);
518 break;
519
520 case JFS_SUPERBLOCK_V2:
521 journal->j_format_version = 2;
522 if (ntohl(jsb->s_nr_users) > 1 &&
523 uuid_is_null(ctx->fs->super->s_journal_uuid))
524 clear_v2_journal_fields(journal);
525 if (ntohl(jsb->s_nr_users) > 1) {
526 fix_problem(ctx, PR_0_JOURNAL_UNSUPP_MULTIFS, &pctx);
527 return EXT2_ET_JOURNAL_UNSUPP_VERSION;
528 }
529 break;
530
531 /*
532 * These should never appear in a journal super block, so if
533 * they do, the journal is badly corrupted.
534 */
535 case JFS_DESCRIPTOR_BLOCK:
536 case JFS_COMMIT_BLOCK:
537 case JFS_REVOKE_BLOCK:
538 return EXT2_ET_CORRUPT_SUPERBLOCK;
539
540 /* If we don't understand the superblock major type, but there
541 * is a magic number, then it is likely to be a new format we
542 * just don't understand, so leave it alone. */
543 default:
544 return EXT2_ET_JOURNAL_UNSUPP_VERSION;
545 }
546
547 if (JFS_HAS_INCOMPAT_FEATURE(journal, ~JFS_KNOWN_INCOMPAT_FEATURES))
548 return EXT2_ET_UNSUPP_FEATURE;
549
550 if (JFS_HAS_RO_COMPAT_FEATURE(journal, ~JFS_KNOWN_ROCOMPAT_FEATURES))
551 return EXT2_ET_RO_UNSUPP_FEATURE;
552
553 /* We have now checked whether we know enough about the journal
554 * format to be able to proceed safely, so any other checks that
555 * fail we should attempt to recover from. */
556 if (jsb->s_blocksize != htonl(journal->j_blocksize)) {
557 com_err(ctx->program_name, EXT2_ET_CORRUPT_SUPERBLOCK,
558 _("%s: no valid journal superblock found\n"),
559 ctx->device_name);
560 return EXT2_ET_CORRUPT_SUPERBLOCK;
561 }
562
563 if (ntohl(jsb->s_maxlen) < journal->j_maxlen)
564 journal->j_maxlen = ntohl(jsb->s_maxlen);
565 else if (ntohl(jsb->s_maxlen) > journal->j_maxlen) {
566 com_err(ctx->program_name, EXT2_ET_CORRUPT_SUPERBLOCK,
567 _("%s: journal too short\n"),
568 ctx->device_name);
569 return EXT2_ET_CORRUPT_SUPERBLOCK;
570 }
571
572 journal->j_tail_sequence = ntohl(jsb->s_sequence);
573 journal->j_transaction_sequence = journal->j_tail_sequence;
574 journal->j_tail = ntohl(jsb->s_start);
575 journal->j_first = ntohl(jsb->s_first);
576 journal->j_last = ntohl(jsb->s_maxlen);
577
578 return 0;
579 }
580
e2fsck_journal_reset_super(e2fsck_t ctx,journal_superblock_t * jsb,journal_t * journal)581 static void e2fsck_journal_reset_super(e2fsck_t ctx, journal_superblock_t *jsb,
582 journal_t *journal)
583 {
584 char *p;
585 union {
586 uuid_t uuid;
587 __u32 val[4];
588 } u;
589 __u32 new_seq = 0;
590 int i;
591
592 /* Leave a valid existing V1 superblock signature alone.
593 * Anything unrecognisable we overwrite with a new V2
594 * signature. */
595
596 if (jsb->s_header.h_magic != htonl(JFS_MAGIC_NUMBER) ||
597 jsb->s_header.h_blocktype != htonl(JFS_SUPERBLOCK_V1)) {
598 jsb->s_header.h_magic = htonl(JFS_MAGIC_NUMBER);
599 jsb->s_header.h_blocktype = htonl(JFS_SUPERBLOCK_V2);
600 }
601
602 /* Zero out everything else beyond the superblock header */
603
604 p = ((char *) jsb) + sizeof(journal_header_t);
605 memset (p, 0, ctx->fs->blocksize-sizeof(journal_header_t));
606
607 jsb->s_blocksize = htonl(ctx->fs->blocksize);
608 jsb->s_maxlen = htonl(journal->j_maxlen);
609 jsb->s_first = htonl(1);
610
611 /* Initialize the journal sequence number so that there is "no"
612 * chance we will find old "valid" transactions in the journal.
613 * This avoids the need to zero the whole journal (slow to do,
614 * and risky when we are just recovering the filesystem).
615 */
616 uuid_generate(u.uuid);
617 for (i = 0; i < 4; i ++)
618 new_seq ^= u.val[i];
619 jsb->s_sequence = htonl(new_seq);
620
621 mark_buffer_dirty(journal->j_sb_buffer);
622 ll_rw_block(WRITE, 1, &journal->j_sb_buffer);
623 }
624
e2fsck_journal_fix_corrupt_super(e2fsck_t ctx,journal_t * journal,struct problem_context * pctx)625 static errcode_t e2fsck_journal_fix_corrupt_super(e2fsck_t ctx,
626 journal_t *journal,
627 struct problem_context *pctx)
628 {
629 struct ext2_super_block *sb = ctx->fs->super;
630 int recover = ctx->fs->super->s_feature_incompat &
631 EXT3_FEATURE_INCOMPAT_RECOVER;
632
633 if (sb->s_feature_compat & EXT3_FEATURE_COMPAT_HAS_JOURNAL) {
634 if (fix_problem(ctx, PR_0_JOURNAL_BAD_SUPER, pctx)) {
635 e2fsck_journal_reset_super(ctx, journal->j_superblock,
636 journal);
637 journal->j_transaction_sequence = 1;
638 e2fsck_clear_recover(ctx, recover);
639 return 0;
640 }
641 return EXT2_ET_CORRUPT_SUPERBLOCK;
642 } else if (e2fsck_journal_fix_bad_inode(ctx, pctx))
643 return EXT2_ET_CORRUPT_SUPERBLOCK;
644
645 return 0;
646 }
647
e2fsck_journal_release(e2fsck_t ctx,journal_t * journal,int reset,int drop)648 static void e2fsck_journal_release(e2fsck_t ctx, journal_t *journal,
649 int reset, int drop)
650 {
651 journal_superblock_t *jsb;
652
653 if (drop)
654 mark_buffer_clean(journal->j_sb_buffer);
655 else if (!(ctx->options & E2F_OPT_READONLY)) {
656 jsb = journal->j_superblock;
657 jsb->s_sequence = htonl(journal->j_transaction_sequence);
658 if (reset)
659 jsb->s_start = 0; /* this marks the journal as empty */
660 mark_buffer_dirty(journal->j_sb_buffer);
661 }
662 brelse(journal->j_sb_buffer);
663
664 if (ctx->journal_io) {
665 if (ctx->fs && ctx->fs->io != ctx->journal_io)
666 io_channel_close(ctx->journal_io);
667 ctx->journal_io = 0;
668 }
669
670 #ifndef USE_INODE_IO
671 if (journal->j_inode)
672 ext2fs_free_mem(&journal->j_inode);
673 #endif
674 if (journal->j_fs_dev)
675 ext2fs_free_mem(&journal->j_fs_dev);
676 ext2fs_free_mem(&journal);
677 }
678
679 /*
680 * This function makes sure that the superblock fields regarding the
681 * journal are consistent.
682 */
e2fsck_check_ext3_journal(e2fsck_t ctx)683 int e2fsck_check_ext3_journal(e2fsck_t ctx)
684 {
685 struct ext2_super_block *sb = ctx->fs->super;
686 journal_t *journal;
687 int recover = ctx->fs->super->s_feature_incompat &
688 EXT3_FEATURE_INCOMPAT_RECOVER;
689 struct problem_context pctx;
690 problem_t problem;
691 int reset = 0, force_fsck = 0;
692 int retval;
693
694 /* If we don't have any journal features, don't do anything more */
695 if (!(sb->s_feature_compat & EXT3_FEATURE_COMPAT_HAS_JOURNAL) &&
696 !recover && sb->s_journal_inum == 0 && sb->s_journal_dev == 0 &&
697 uuid_is_null(sb->s_journal_uuid))
698 return 0;
699
700 clear_problem_context(&pctx);
701 pctx.num = sb->s_journal_inum;
702
703 retval = e2fsck_get_journal(ctx, &journal);
704 if (retval) {
705 if ((retval == EXT2_ET_BAD_INODE_NUM) ||
706 (retval == EXT2_ET_BAD_BLOCK_NUM) ||
707 (retval == EXT2_ET_JOURNAL_TOO_SMALL) ||
708 (retval == EXT2_ET_NO_JOURNAL))
709 return e2fsck_journal_fix_bad_inode(ctx, &pctx);
710 return retval;
711 }
712
713 retval = e2fsck_journal_load(journal);
714 if (retval) {
715 if ((retval == EXT2_ET_CORRUPT_SUPERBLOCK) ||
716 ((retval == EXT2_ET_UNSUPP_FEATURE) &&
717 (!fix_problem(ctx, PR_0_JOURNAL_UNSUPP_INCOMPAT,
718 &pctx))) ||
719 ((retval == EXT2_ET_RO_UNSUPP_FEATURE) &&
720 (!fix_problem(ctx, PR_0_JOURNAL_UNSUPP_ROCOMPAT,
721 &pctx))) ||
722 ((retval == EXT2_ET_JOURNAL_UNSUPP_VERSION) &&
723 (!fix_problem(ctx, PR_0_JOURNAL_UNSUPP_VERSION, &pctx))))
724 retval = e2fsck_journal_fix_corrupt_super(ctx, journal,
725 &pctx);
726 e2fsck_journal_release(ctx, journal, 0, 1);
727 return retval;
728 }
729
730 /*
731 * We want to make the flags consistent here. We will not leave with
732 * needs_recovery set but has_journal clear. We can't get in a loop
733 * with -y, -n, or -p, only if a user isn't making up their mind.
734 */
735 no_has_journal:
736 if (!(sb->s_feature_compat & EXT3_FEATURE_COMPAT_HAS_JOURNAL)) {
737 recover = sb->s_feature_incompat & EXT3_FEATURE_INCOMPAT_RECOVER;
738 pctx.str = "inode";
739 if (fix_problem(ctx, PR_0_JOURNAL_HAS_JOURNAL, &pctx)) {
740 if (recover &&
741 !fix_problem(ctx, PR_0_JOURNAL_RECOVER_SET, &pctx))
742 goto no_has_journal;
743 /*
744 * Need a full fsck if we are releasing a
745 * journal stored on a reserved inode.
746 */
747 force_fsck = recover ||
748 (sb->s_journal_inum < EXT2_FIRST_INODE(sb));
749 /* Clear all of the journal fields */
750 sb->s_journal_inum = 0;
751 sb->s_journal_dev = 0;
752 memset(sb->s_journal_uuid, 0,
753 sizeof(sb->s_journal_uuid));
754 e2fsck_clear_recover(ctx, force_fsck);
755 } else if (!(ctx->options & E2F_OPT_READONLY)) {
756 sb->s_feature_compat |= EXT3_FEATURE_COMPAT_HAS_JOURNAL;
757 ctx->fs->flags &= ~EXT2_FLAG_MASTER_SB_ONLY;
758 ext2fs_mark_super_dirty(ctx->fs);
759 }
760 }
761
762 if (sb->s_feature_compat & EXT3_FEATURE_COMPAT_HAS_JOURNAL &&
763 !(sb->s_feature_incompat & EXT3_FEATURE_INCOMPAT_RECOVER) &&
764 journal->j_superblock->s_start != 0) {
765 /* Print status information */
766 fix_problem(ctx, PR_0_JOURNAL_RECOVERY_CLEAR, &pctx);
767 if (ctx->superblock)
768 problem = PR_0_JOURNAL_RUN_DEFAULT;
769 else
770 problem = PR_0_JOURNAL_RUN;
771 if (fix_problem(ctx, problem, &pctx)) {
772 ctx->options |= E2F_OPT_FORCE;
773 sb->s_feature_incompat |=
774 EXT3_FEATURE_INCOMPAT_RECOVER;
775 ext2fs_mark_super_dirty(ctx->fs);
776 } else if (fix_problem(ctx,
777 PR_0_JOURNAL_RESET_JOURNAL, &pctx)) {
778 reset = 1;
779 sb->s_state &= ~EXT2_VALID_FS;
780 ext2fs_mark_super_dirty(ctx->fs);
781 }
782 /*
783 * If the user answers no to the above question, we
784 * ignore the fact that journal apparently has data;
785 * accidentally replaying over valid data would be far
786 * worse than skipping a questionable recovery.
787 *
788 * XXX should we abort with a fatal error here? What
789 * will the ext3 kernel code do if a filesystem with
790 * !NEEDS_RECOVERY but with a non-zero
791 * journal->j_superblock->s_start is mounted?
792 */
793 }
794
795 e2fsck_journal_release(ctx, journal, reset, 0);
796 return retval;
797 }
798
recover_ext3_journal(e2fsck_t ctx)799 static errcode_t recover_ext3_journal(e2fsck_t ctx)
800 {
801 journal_t *journal;
802 int retval;
803
804 journal_init_revoke_caches();
805 retval = e2fsck_get_journal(ctx, &journal);
806 if (retval)
807 return retval;
808
809 retval = e2fsck_journal_load(journal);
810 if (retval)
811 goto errout;
812
813 retval = journal_init_revoke(journal, 1024);
814 if (retval)
815 goto errout;
816
817 retval = -journal_recover(journal);
818 if (retval)
819 goto errout;
820
821 if (journal->j_superblock->s_errno) {
822 ctx->fs->super->s_state |= EXT2_ERROR_FS;
823 ext2fs_mark_super_dirty(ctx->fs);
824 journal->j_superblock->s_errno = 0;
825 mark_buffer_dirty(journal->j_sb_buffer);
826 }
827
828 errout:
829 journal_destroy_revoke(journal);
830 journal_destroy_revoke_caches();
831 e2fsck_journal_release(ctx, journal, 1, 0);
832 return retval;
833 }
834
e2fsck_run_ext3_journal(e2fsck_t ctx)835 int e2fsck_run_ext3_journal(e2fsck_t ctx)
836 {
837 io_manager io_ptr = ctx->fs->io->manager;
838 int blocksize = ctx->fs->blocksize;
839 errcode_t retval, recover_retval;
840
841 printf(_("%s: recovering journal\n"), ctx->device_name);
842 if (ctx->options & E2F_OPT_READONLY) {
843 printf(_("%s: won't do journal recovery while read-only\n"),
844 ctx->device_name);
845 return EXT2_ET_FILE_RO;
846 }
847
848 if (ctx->fs->flags & EXT2_FLAG_DIRTY)
849 ext2fs_flush(ctx->fs); /* Force out any modifications */
850
851 recover_retval = recover_ext3_journal(ctx);
852
853 /*
854 * Reload the filesystem context to get up-to-date data from disk
855 * because journal recovery will change the filesystem under us.
856 */
857 ext2fs_close(ctx->fs);
858 retval = ext2fs_open(ctx->filesystem_name, EXT2_FLAG_RW,
859 ctx->superblock, blocksize, io_ptr,
860 &ctx->fs);
861
862 if (retval) {
863 com_err(ctx->program_name, retval,
864 _("while trying to re-open %s"),
865 ctx->device_name);
866 fatal_error(ctx, 0);
867 }
868 ctx->fs->priv_data = ctx;
869 ctx->fs->now = ctx->now;
870 ctx->fs->flags |= EXT2_FLAG_MASTER_SB_ONLY;
871
872 /* Set the superblock flags */
873 e2fsck_clear_recover(ctx, recover_retval);
874 return recover_retval;
875 }
876
877 /*
878 * This function will move the journal inode from a visible file in
879 * the filesystem directory hierarchy to the reserved inode if necessary.
880 */
881 static const char * const journal_names[] = {
882 ".journal", "journal", ".journal.dat", "journal.dat", 0 };
883
e2fsck_move_ext3_journal(e2fsck_t ctx)884 void e2fsck_move_ext3_journal(e2fsck_t ctx)
885 {
886 struct ext2_super_block *sb = ctx->fs->super;
887 struct problem_context pctx;
888 struct ext2_inode inode;
889 ext2_filsys fs = ctx->fs;
890 ext2_ino_t ino;
891 errcode_t retval;
892 const char * const * cpp;
893 int group, mount_flags;
894
895 clear_problem_context(&pctx);
896
897 /*
898 * If the filesystem is opened read-only, or there is no
899 * journal, then do nothing.
900 */
901 if ((ctx->options & E2F_OPT_READONLY) ||
902 (sb->s_journal_inum == 0) ||
903 !(sb->s_feature_compat & EXT3_FEATURE_COMPAT_HAS_JOURNAL))
904 return;
905
906 /*
907 * Read in the journal inode
908 */
909 if (ext2fs_read_inode(fs, sb->s_journal_inum, &inode) != 0)
910 return;
911
912 /*
913 * If it's necessary to backup the journal inode, do so.
914 */
915 if ((sb->s_jnl_backup_type == 0) ||
916 ((sb->s_jnl_backup_type == EXT3_JNL_BACKUP_BLOCKS) &&
917 memcmp(inode.i_block, sb->s_jnl_blocks, EXT2_N_BLOCKS*4))) {
918 if (fix_problem(ctx, PR_0_BACKUP_JNL, &pctx)) {
919 memcpy(sb->s_jnl_blocks, inode.i_block,
920 EXT2_N_BLOCKS*4);
921 sb->s_jnl_blocks[16] = inode.i_size;
922 sb->s_jnl_backup_type = EXT3_JNL_BACKUP_BLOCKS;
923 ext2fs_mark_super_dirty(fs);
924 fs->flags &= ~EXT2_FLAG_MASTER_SB_ONLY;
925 }
926 }
927
928 /*
929 * If the journal is already the hidden inode, then do nothing
930 */
931 if (sb->s_journal_inum == EXT2_JOURNAL_INO)
932 return;
933
934 /*
935 * The journal inode had better have only one link and not be readable.
936 */
937 if (inode.i_links_count != 1)
938 return;
939
940 /*
941 * If the filesystem is mounted, or we can't tell whether
942 * or not it's mounted, do nothing.
943 */
944 retval = ext2fs_check_if_mounted(ctx->filesystem_name, &mount_flags);
945 if (retval || (mount_flags & EXT2_MF_MOUNTED))
946 return;
947
948 /*
949 * If we can't find the name of the journal inode, then do
950 * nothing.
951 */
952 for (cpp = journal_names; *cpp; cpp++) {
953 retval = ext2fs_lookup(fs, EXT2_ROOT_INO, *cpp,
954 strlen(*cpp), 0, &ino);
955 if ((retval == 0) && (ino == sb->s_journal_inum))
956 break;
957 }
958 if (*cpp == 0)
959 return;
960
961 /* We need the inode bitmap to be loaded */
962 retval = ext2fs_read_bitmaps(fs);
963 if (retval)
964 return;
965
966 pctx.str = *cpp;
967 if (!fix_problem(ctx, PR_0_MOVE_JOURNAL, &pctx))
968 return;
969
970 /*
971 * OK, we've done all the checks, let's actually move the
972 * journal inode. Errors at this point mean we need to force
973 * an ext2 filesystem check.
974 */
975 if ((retval = ext2fs_unlink(fs, EXT2_ROOT_INO, *cpp, ino, 0)) != 0)
976 goto err_out;
977 if ((retval = ext2fs_write_inode(fs, EXT2_JOURNAL_INO, &inode)) != 0)
978 goto err_out;
979 sb->s_journal_inum = EXT2_JOURNAL_INO;
980 ext2fs_mark_super_dirty(fs);
981 fs->flags &= ~EXT2_FLAG_MASTER_SB_ONLY;
982 inode.i_links_count = 0;
983 inode.i_dtime = ctx->now;
984 if ((retval = ext2fs_write_inode(fs, ino, &inode)) != 0)
985 goto err_out;
986
987 group = ext2fs_group_of_ino(fs, ino);
988 ext2fs_unmark_inode_bitmap(fs->inode_map, ino);
989 ext2fs_mark_ib_dirty(fs);
990 fs->group_desc[group].bg_free_inodes_count++;
991 fs->super->s_free_inodes_count++;
992 return;
993
994 err_out:
995 pctx.errcode = retval;
996 fix_problem(ctx, PR_0_ERR_MOVE_JOURNAL, &pctx);
997 fs->super->s_state &= ~EXT2_VALID_FS;
998 ext2fs_mark_super_dirty(fs);
999 return;
1000 }
1001
1002 /*
1003 * This function makes sure the superblock hint for the external
1004 * journal is correct.
1005 */
e2fsck_fix_ext3_journal_hint(e2fsck_t ctx)1006 int e2fsck_fix_ext3_journal_hint(e2fsck_t ctx)
1007 {
1008 struct ext2_super_block *sb = ctx->fs->super;
1009 struct problem_context pctx;
1010 char uuid[37], *journal_name;
1011 struct stat st;
1012
1013 if (!(sb->s_feature_compat & EXT3_FEATURE_COMPAT_HAS_JOURNAL) ||
1014 uuid_is_null(sb->s_journal_uuid))
1015 return 0;
1016
1017 uuid_unparse(sb->s_journal_uuid, uuid);
1018 journal_name = blkid_get_devname(ctx->blkid, "UUID", uuid);
1019 if (!journal_name)
1020 return 0;
1021
1022 if (stat(journal_name, &st) < 0)
1023 return 0;
1024
1025 if (st.st_rdev != sb->s_journal_dev) {
1026 clear_problem_context(&pctx);
1027 pctx.num = st.st_rdev;
1028 if (fix_problem(ctx, PR_0_EXTERNAL_JOURNAL_HINT, &pctx)) {
1029 sb->s_journal_dev = st.st_rdev;
1030 ext2fs_mark_super_dirty(ctx->fs);
1031 }
1032 }
1033
1034 free(journal_name);
1035 return 0;
1036 }
1037