1 /*
2 * journal.c --- code for handling the "ext3" journal
3 *
4 * Copyright (C) 2000 Andreas Dilger
5 * Copyright (C) 2000 Theodore Ts'o
6 *
7 * Parts of the code are based on fs/jfs/journal.c by Stephen C. Tweedie
8 * Copyright (C) 1999 Red Hat Software
9 *
10 * This file may be redistributed under the terms of the
11 * GNU General Public License version 2 or at your discretion
12 * any later version.
13 */
14
15 #ifdef HAVE_SYS_MOUNT_H
16 #include <sys/param.h>
17 #include <sys/mount.h>
18 #define MNT_FL (MS_MGC_VAL | MS_RDONLY)
19 #endif
20 #ifdef HAVE_SYS_STAT_H
21 #include <sys/stat.h>
22 #endif
23
24 #define E2FSCK_INCLUDE_INLINE_FUNCS
25 #include "jfs_user.h"
26 #include "problem.h"
27 #include "uuid/uuid.h"
28
29 #ifdef CONFIG_JBD_DEBUG /* Enabled by configure --enable-jfs-debug */
30 static int bh_count = 0;
31 #endif
32
33 /*
34 * Define USE_INODE_IO to use the inode_io.c / fileio.c codepaths.
35 * This creates a larger static binary, and a smaller binary using
36 * shared libraries. It's also probably slightly less CPU-efficient,
37 * which is why it's not on by default. But, it's a good way of
38 * testing the functions in inode_io.c and fileio.c.
39 */
40 #undef USE_INODE_IO
41
42 /* Kernel compatibility functions for handling the journal. These allow us
43 * to use the recovery.c file virtually unchanged from the kernel, so we
44 * don't have to do much to keep kernel and user recovery in sync.
45 */
journal_bmap(journal_t * journal,blk_t block,unsigned long * phys)46 int journal_bmap(journal_t *journal, blk_t block, unsigned long *phys)
47 {
48 #ifdef USE_INODE_IO
49 *phys = block;
50 return 0;
51 #else
52 struct inode *inode = journal->j_inode;
53 errcode_t retval;
54 blk_t pblk;
55
56 if (!inode) {
57 *phys = block;
58 return 0;
59 }
60
61 retval= ext2fs_bmap(inode->i_ctx->fs, inode->i_ino,
62 &inode->i_ext2, NULL, 0, block, &pblk);
63 *phys = pblk;
64 return (retval);
65 #endif
66 }
67
getblk(kdev_t kdev,blk_t blocknr,int blocksize)68 struct buffer_head *getblk(kdev_t kdev, blk_t blocknr, int blocksize)
69 {
70 struct buffer_head *bh;
71 int bufsize = sizeof(*bh) + kdev->k_ctx->fs->blocksize -
72 sizeof(bh->b_data);
73
74 bh = e2fsck_allocate_memory(kdev->k_ctx, bufsize, "block buffer");
75 if (!bh)
76 return NULL;
77
78 #ifdef CONFIG_JBD_DEBUG
79 if (journal_enable_debug >= 3)
80 bh_count++;
81 #endif
82 jfs_debug(4, "getblk for block %lu (%d bytes)(total %d)\n",
83 (unsigned long) blocknr, blocksize, bh_count);
84
85 bh->b_ctx = kdev->k_ctx;
86 if (kdev->k_dev == K_DEV_FS)
87 bh->b_io = kdev->k_ctx->fs->io;
88 else
89 bh->b_io = kdev->k_ctx->journal_io;
90 bh->b_size = blocksize;
91 bh->b_blocknr = blocknr;
92
93 return bh;
94 }
95
sync_blockdev(kdev_t kdev)96 void sync_blockdev(kdev_t kdev)
97 {
98 io_channel io;
99
100 if (kdev->k_dev == K_DEV_FS)
101 io = kdev->k_ctx->fs->io;
102 else
103 io = kdev->k_ctx->journal_io;
104
105 io_channel_flush(io);
106 }
107
ll_rw_block(int rw,int nr,struct buffer_head * bhp[])108 void ll_rw_block(int rw, int nr, struct buffer_head *bhp[])
109 {
110 int retval;
111 struct buffer_head *bh;
112
113 for (; nr > 0; --nr) {
114 bh = *bhp++;
115 if (rw == READ && !bh->b_uptodate) {
116 jfs_debug(3, "reading block %lu/%p\n",
117 (unsigned long) bh->b_blocknr, (void *) bh);
118 retval = io_channel_read_blk(bh->b_io,
119 bh->b_blocknr,
120 1, bh->b_data);
121 if (retval) {
122 com_err(bh->b_ctx->device_name, retval,
123 "while reading block %lu\n",
124 (unsigned long) bh->b_blocknr);
125 bh->b_err = retval;
126 continue;
127 }
128 bh->b_uptodate = 1;
129 } else if (rw == WRITE && bh->b_dirty) {
130 jfs_debug(3, "writing block %lu/%p\n",
131 (unsigned long) bh->b_blocknr, (void *) bh);
132 retval = io_channel_write_blk(bh->b_io,
133 bh->b_blocknr,
134 1, bh->b_data);
135 if (retval) {
136 com_err(bh->b_ctx->device_name, retval,
137 "while writing block %lu\n",
138 (unsigned long) bh->b_blocknr);
139 bh->b_err = retval;
140 continue;
141 }
142 bh->b_dirty = 0;
143 bh->b_uptodate = 1;
144 } else {
145 jfs_debug(3, "no-op %s for block %lu\n",
146 rw == READ ? "read" : "write",
147 (unsigned long) bh->b_blocknr);
148 }
149 }
150 }
151
mark_buffer_dirty(struct buffer_head * bh)152 void mark_buffer_dirty(struct buffer_head *bh)
153 {
154 bh->b_dirty = 1;
155 }
156
mark_buffer_clean(struct buffer_head * bh)157 static void mark_buffer_clean(struct buffer_head * bh)
158 {
159 bh->b_dirty = 0;
160 }
161
brelse(struct buffer_head * bh)162 void brelse(struct buffer_head *bh)
163 {
164 if (bh->b_dirty)
165 ll_rw_block(WRITE, 1, &bh);
166 jfs_debug(3, "freeing block %lu/%p (total %d)\n",
167 (unsigned long) bh->b_blocknr, (void *) bh, --bh_count);
168 ext2fs_free_mem(&bh);
169 }
170
buffer_uptodate(struct buffer_head * bh)171 int buffer_uptodate(struct buffer_head *bh)
172 {
173 return bh->b_uptodate;
174 }
175
mark_buffer_uptodate(struct buffer_head * bh,int val)176 void mark_buffer_uptodate(struct buffer_head *bh, int val)
177 {
178 bh->b_uptodate = val;
179 }
180
wait_on_buffer(struct buffer_head * bh)181 void wait_on_buffer(struct buffer_head *bh)
182 {
183 if (!bh->b_uptodate)
184 ll_rw_block(READ, 1, &bh);
185 }
186
187
e2fsck_clear_recover(e2fsck_t ctx,int error)188 static void e2fsck_clear_recover(e2fsck_t ctx, int error)
189 {
190 ctx->fs->super->s_feature_incompat &= ~EXT3_FEATURE_INCOMPAT_RECOVER;
191
192 /* if we had an error doing journal recovery, we need a full fsck */
193 if (error)
194 ctx->fs->super->s_state &= ~EXT2_VALID_FS;
195 ext2fs_mark_super_dirty(ctx->fs);
196 }
197
198 /*
199 * This is a helper function to check the validity of the journal.
200 */
201 struct process_block_struct {
202 e2_blkcnt_t last_block;
203 };
204
process_journal_block(ext2_filsys fs,blk_t * block_nr,e2_blkcnt_t blockcnt,blk_t ref_block EXT2FS_ATTR ((unused)),int ref_offset EXT2FS_ATTR ((unused)),void * priv_data)205 static int process_journal_block(ext2_filsys fs,
206 blk_t *block_nr,
207 e2_blkcnt_t blockcnt,
208 blk_t ref_block EXT2FS_ATTR((unused)),
209 int ref_offset EXT2FS_ATTR((unused)),
210 void *priv_data)
211 {
212 struct process_block_struct *p;
213 blk_t blk = *block_nr;
214
215 p = (struct process_block_struct *) priv_data;
216
217 if (!blk || blk < fs->super->s_first_data_block ||
218 blk >= fs->super->s_blocks_count)
219 return BLOCK_ABORT;
220
221 if (blockcnt >= 0)
222 p->last_block = blockcnt;
223 return 0;
224 }
225
e2fsck_get_journal(e2fsck_t ctx,journal_t ** ret_journal)226 static errcode_t e2fsck_get_journal(e2fsck_t ctx, journal_t **ret_journal)
227 {
228 struct process_block_struct pb;
229 struct ext2_super_block *sb = ctx->fs->super;
230 struct ext2_super_block jsuper;
231 struct problem_context pctx;
232 struct buffer_head *bh;
233 struct inode *j_inode = NULL;
234 struct kdev_s *dev_fs = NULL, *dev_journal;
235 const char *journal_name = 0;
236 journal_t *journal = NULL;
237 errcode_t retval = 0;
238 io_manager io_ptr = 0;
239 unsigned long start = 0;
240 int ext_journal = 0;
241 int tried_backup_jnl = 0;
242
243 clear_problem_context(&pctx);
244
245 journal = e2fsck_allocate_memory(ctx, sizeof(journal_t), "journal");
246 if (!journal) {
247 return EXT2_ET_NO_MEMORY;
248 }
249
250 dev_fs = e2fsck_allocate_memory(ctx, 2*sizeof(struct kdev_s), "kdev");
251 if (!dev_fs) {
252 retval = EXT2_ET_NO_MEMORY;
253 goto errout;
254 }
255 dev_journal = dev_fs+1;
256
257 dev_fs->k_ctx = dev_journal->k_ctx = ctx;
258 dev_fs->k_dev = K_DEV_FS;
259 dev_journal->k_dev = K_DEV_JOURNAL;
260
261 journal->j_dev = dev_journal;
262 journal->j_fs_dev = dev_fs;
263 journal->j_inode = NULL;
264 journal->j_blocksize = ctx->fs->blocksize;
265
266 if (uuid_is_null(sb->s_journal_uuid)) {
267 if (!sb->s_journal_inum) {
268 retval = EXT2_ET_BAD_INODE_NUM;
269 goto errout;
270 }
271 j_inode = e2fsck_allocate_memory(ctx, sizeof(*j_inode),
272 "journal inode");
273 if (!j_inode) {
274 retval = EXT2_ET_NO_MEMORY;
275 goto errout;
276 }
277
278 j_inode->i_ctx = ctx;
279 j_inode->i_ino = sb->s_journal_inum;
280
281 if ((retval = ext2fs_read_inode(ctx->fs,
282 sb->s_journal_inum,
283 &j_inode->i_ext2))) {
284 try_backup_journal:
285 if (sb->s_jnl_backup_type != EXT3_JNL_BACKUP_BLOCKS ||
286 tried_backup_jnl)
287 goto errout;
288 memset(&j_inode->i_ext2, 0, sizeof(struct ext2_inode));
289 memcpy(&j_inode->i_ext2.i_block[0], sb->s_jnl_blocks,
290 EXT2_N_BLOCKS*4);
291 j_inode->i_ext2.i_size = sb->s_jnl_blocks[16];
292 j_inode->i_ext2.i_links_count = 1;
293 j_inode->i_ext2.i_mode = LINUX_S_IFREG | 0600;
294 e2fsck_use_inode_shortcuts(ctx, 1);
295 ctx->stashed_ino = j_inode->i_ino;
296 ctx->stashed_inode = &j_inode->i_ext2;
297 tried_backup_jnl++;
298 }
299 if (!j_inode->i_ext2.i_links_count ||
300 !LINUX_S_ISREG(j_inode->i_ext2.i_mode)) {
301 retval = EXT2_ET_NO_JOURNAL;
302 goto try_backup_journal;
303 }
304 if (j_inode->i_ext2.i_size / journal->j_blocksize <
305 JFS_MIN_JOURNAL_BLOCKS) {
306 retval = EXT2_ET_JOURNAL_TOO_SMALL;
307 goto try_backup_journal;
308 }
309 pb.last_block = -1;
310 retval = ext2fs_block_iterate2(ctx->fs, j_inode->i_ino,
311 BLOCK_FLAG_HOLE, 0,
312 process_journal_block, &pb);
313 if ((pb.last_block+1) * ctx->fs->blocksize <
314 j_inode->i_ext2.i_size) {
315 retval = EXT2_ET_JOURNAL_TOO_SMALL;
316 goto try_backup_journal;
317 }
318 if (tried_backup_jnl && !(ctx->options & E2F_OPT_READONLY)) {
319 retval = ext2fs_write_inode(ctx->fs, sb->s_journal_inum,
320 &j_inode->i_ext2);
321 if (retval)
322 goto errout;
323 }
324
325 journal->j_maxlen = j_inode->i_ext2.i_size / journal->j_blocksize;
326
327 #ifdef USE_INODE_IO
328 retval = ext2fs_inode_io_intern2(ctx->fs, sb->s_journal_inum,
329 &j_inode->i_ext2,
330 &journal_name);
331 if (retval)
332 goto errout;
333
334 io_ptr = inode_io_manager;
335 #else
336 journal->j_inode = j_inode;
337 ctx->journal_io = ctx->fs->io;
338 if ((retval = journal_bmap(journal, 0, &start)) != 0)
339 goto errout;
340 #endif
341 } else {
342 ext_journal = 1;
343 if (!ctx->journal_name) {
344 char uuid[37];
345
346 uuid_unparse(sb->s_journal_uuid, uuid);
347 ctx->journal_name = blkid_get_devname(ctx->blkid,
348 "UUID", uuid);
349 if (!ctx->journal_name)
350 ctx->journal_name = blkid_devno_to_devname(sb->s_journal_dev);
351 }
352 journal_name = ctx->journal_name;
353
354 if (!journal_name) {
355 fix_problem(ctx, PR_0_CANT_FIND_JOURNAL, &pctx);
356 retval = EXT2_ET_LOAD_EXT_JOURNAL;
357 goto errout;
358 }
359
360 jfs_debug(1, "Using journal file %s\n", journal_name);
361 io_ptr = unix_io_manager;
362 }
363
364 #if 0
365 test_io_backing_manager = io_ptr;
366 io_ptr = test_io_manager;
367 #endif
368 #ifndef USE_INODE_IO
369 if (ext_journal)
370 #endif
371 retval = io_ptr->open(journal_name,
372 IO_FLAG_RW | IO_FLAG_EXCLUSIVE,
373 &ctx->journal_io);
374 if (retval)
375 goto errout;
376
377 io_channel_set_blksize(ctx->journal_io, ctx->fs->blocksize);
378
379 if (ext_journal) {
380 if (ctx->fs->blocksize == 1024)
381 start = 1;
382 bh = getblk(dev_journal, start, ctx->fs->blocksize);
383 if (!bh) {
384 retval = EXT2_ET_NO_MEMORY;
385 goto errout;
386 }
387 ll_rw_block(READ, 1, &bh);
388 if ((retval = bh->b_err) != 0) {
389 brelse(bh);
390 goto errout;
391 }
392 memcpy(&jsuper, start ? bh->b_data : bh->b_data + 1024,
393 sizeof(jsuper));
394 brelse(bh);
395 #ifdef WORDS_BIGENDIAN
396 if (jsuper.s_magic == ext2fs_swab16(EXT2_SUPER_MAGIC))
397 ext2fs_swap_super(&jsuper);
398 #endif
399 if (jsuper.s_magic != EXT2_SUPER_MAGIC ||
400 !(jsuper.s_feature_incompat & EXT3_FEATURE_INCOMPAT_JOURNAL_DEV)) {
401 fix_problem(ctx, PR_0_EXT_JOURNAL_BAD_SUPER, &pctx);
402 retval = EXT2_ET_LOAD_EXT_JOURNAL;
403 goto errout;
404 }
405 /* Make sure the journal UUID is correct */
406 if (memcmp(jsuper.s_uuid, ctx->fs->super->s_journal_uuid,
407 sizeof(jsuper.s_uuid))) {
408 fix_problem(ctx, PR_0_JOURNAL_BAD_UUID, &pctx);
409 retval = EXT2_ET_LOAD_EXT_JOURNAL;
410 goto errout;
411 }
412
413 journal->j_maxlen = jsuper.s_blocks_count;
414 start++;
415 }
416
417 if (!(bh = getblk(dev_journal, start, journal->j_blocksize))) {
418 retval = EXT2_ET_NO_MEMORY;
419 goto errout;
420 }
421
422 journal->j_sb_buffer = bh;
423 journal->j_superblock = (journal_superblock_t *)bh->b_data;
424
425 #ifdef USE_INODE_IO
426 if (j_inode)
427 ext2fs_free_mem(&j_inode);
428 #endif
429
430 *ret_journal = journal;
431 e2fsck_use_inode_shortcuts(ctx, 0);
432 return 0;
433
434 errout:
435 e2fsck_use_inode_shortcuts(ctx, 0);
436 if (dev_fs)
437 ext2fs_free_mem(&dev_fs);
438 if (j_inode)
439 ext2fs_free_mem(&j_inode);
440 if (journal)
441 ext2fs_free_mem(&journal);
442 return retval;
443 }
444
e2fsck_journal_fix_bad_inode(e2fsck_t ctx,struct problem_context * pctx)445 static errcode_t e2fsck_journal_fix_bad_inode(e2fsck_t ctx,
446 struct problem_context *pctx)
447 {
448 struct ext2_super_block *sb = ctx->fs->super;
449 int recover = ctx->fs->super->s_feature_incompat &
450 EXT3_FEATURE_INCOMPAT_RECOVER;
451 int has_journal = ctx->fs->super->s_feature_compat &
452 EXT3_FEATURE_COMPAT_HAS_JOURNAL;
453
454 if (has_journal || sb->s_journal_inum) {
455 /* The journal inode is bogus, remove and force full fsck */
456 pctx->ino = sb->s_journal_inum;
457 if (fix_problem(ctx, PR_0_JOURNAL_BAD_INODE, pctx)) {
458 if (has_journal && sb->s_journal_inum)
459 printf("*** ext3 journal has been deleted - "
460 "filesystem is now ext2 only ***\n\n");
461 sb->s_feature_compat &= ~EXT3_FEATURE_COMPAT_HAS_JOURNAL;
462 sb->s_journal_inum = 0;
463 ctx->flags |= E2F_FLAG_JOURNAL_INODE;
464 ctx->fs->flags &= ~EXT2_FLAG_MASTER_SB_ONLY;
465 e2fsck_clear_recover(ctx, 1);
466 return 0;
467 }
468 return EXT2_ET_BAD_INODE_NUM;
469 } else if (recover) {
470 if (fix_problem(ctx, PR_0_JOURNAL_RECOVER_SET, pctx)) {
471 e2fsck_clear_recover(ctx, 1);
472 return 0;
473 }
474 return EXT2_ET_UNSUPP_FEATURE;
475 }
476 return 0;
477 }
478
479 #define V1_SB_SIZE 0x0024
clear_v2_journal_fields(journal_t * journal)480 static void clear_v2_journal_fields(journal_t *journal)
481 {
482 e2fsck_t ctx = journal->j_dev->k_ctx;
483 struct problem_context pctx;
484
485 clear_problem_context(&pctx);
486
487 if (!fix_problem(ctx, PR_0_CLEAR_V2_JOURNAL, &pctx))
488 return;
489
490 memset(((char *) journal->j_superblock) + V1_SB_SIZE, 0,
491 ctx->fs->blocksize-V1_SB_SIZE);
492 mark_buffer_dirty(journal->j_sb_buffer);
493 }
494
495
e2fsck_journal_load(journal_t * journal)496 static errcode_t e2fsck_journal_load(journal_t *journal)
497 {
498 e2fsck_t ctx = journal->j_dev->k_ctx;
499 journal_superblock_t *jsb;
500 struct buffer_head *jbh = journal->j_sb_buffer;
501 struct problem_context pctx;
502
503 clear_problem_context(&pctx);
504
505 ll_rw_block(READ, 1, &jbh);
506 if (jbh->b_err) {
507 com_err(ctx->device_name, jbh->b_err,
508 _("reading journal superblock\n"));
509 return jbh->b_err;
510 }
511
512 jsb = journal->j_superblock;
513 /* If we don't even have JFS_MAGIC, we probably have a wrong inode */
514 if (jsb->s_header.h_magic != htonl(JFS_MAGIC_NUMBER))
515 return e2fsck_journal_fix_bad_inode(ctx, &pctx);
516
517 switch (ntohl(jsb->s_header.h_blocktype)) {
518 case JFS_SUPERBLOCK_V1:
519 journal->j_format_version = 1;
520 if (jsb->s_feature_compat ||
521 jsb->s_feature_incompat ||
522 jsb->s_feature_ro_compat ||
523 jsb->s_nr_users)
524 clear_v2_journal_fields(journal);
525 break;
526
527 case JFS_SUPERBLOCK_V2:
528 journal->j_format_version = 2;
529 if (ntohl(jsb->s_nr_users) > 1 &&
530 uuid_is_null(ctx->fs->super->s_journal_uuid))
531 clear_v2_journal_fields(journal);
532 if (ntohl(jsb->s_nr_users) > 1) {
533 fix_problem(ctx, PR_0_JOURNAL_UNSUPP_MULTIFS, &pctx);
534 return EXT2_ET_JOURNAL_UNSUPP_VERSION;
535 }
536 break;
537
538 /*
539 * These should never appear in a journal super block, so if
540 * they do, the journal is badly corrupted.
541 */
542 case JFS_DESCRIPTOR_BLOCK:
543 case JFS_COMMIT_BLOCK:
544 case JFS_REVOKE_BLOCK:
545 return EXT2_ET_CORRUPT_SUPERBLOCK;
546
547 /* If we don't understand the superblock major type, but there
548 * is a magic number, then it is likely to be a new format we
549 * just don't understand, so leave it alone. */
550 default:
551 return EXT2_ET_JOURNAL_UNSUPP_VERSION;
552 }
553
554 if (JFS_HAS_INCOMPAT_FEATURE(journal, ~JFS_KNOWN_INCOMPAT_FEATURES))
555 return EXT2_ET_UNSUPP_FEATURE;
556
557 if (JFS_HAS_RO_COMPAT_FEATURE(journal, ~JFS_KNOWN_ROCOMPAT_FEATURES))
558 return EXT2_ET_RO_UNSUPP_FEATURE;
559
560 /* We have now checked whether we know enough about the journal
561 * format to be able to proceed safely, so any other checks that
562 * fail we should attempt to recover from. */
563 if (jsb->s_blocksize != htonl(journal->j_blocksize)) {
564 com_err(ctx->program_name, EXT2_ET_CORRUPT_SUPERBLOCK,
565 _("%s: no valid journal superblock found\n"),
566 ctx->device_name);
567 return EXT2_ET_CORRUPT_SUPERBLOCK;
568 }
569
570 if (ntohl(jsb->s_maxlen) < journal->j_maxlen)
571 journal->j_maxlen = ntohl(jsb->s_maxlen);
572 else if (ntohl(jsb->s_maxlen) > journal->j_maxlen) {
573 com_err(ctx->program_name, EXT2_ET_CORRUPT_SUPERBLOCK,
574 _("%s: journal too short\n"),
575 ctx->device_name);
576 return EXT2_ET_CORRUPT_SUPERBLOCK;
577 }
578
579 journal->j_tail_sequence = ntohl(jsb->s_sequence);
580 journal->j_transaction_sequence = journal->j_tail_sequence;
581 journal->j_tail = ntohl(jsb->s_start);
582 journal->j_first = ntohl(jsb->s_first);
583 journal->j_last = ntohl(jsb->s_maxlen);
584
585 return 0;
586 }
587
e2fsck_journal_reset_super(e2fsck_t ctx,journal_superblock_t * jsb,journal_t * journal)588 static void e2fsck_journal_reset_super(e2fsck_t ctx, journal_superblock_t *jsb,
589 journal_t *journal)
590 {
591 char *p;
592 union {
593 uuid_t uuid;
594 __u32 val[4];
595 } u;
596 __u32 new_seq = 0;
597 int i;
598
599 /* Leave a valid existing V1 superblock signature alone.
600 * Anything unrecognisable we overwrite with a new V2
601 * signature. */
602
603 if (jsb->s_header.h_magic != htonl(JFS_MAGIC_NUMBER) ||
604 jsb->s_header.h_blocktype != htonl(JFS_SUPERBLOCK_V1)) {
605 jsb->s_header.h_magic = htonl(JFS_MAGIC_NUMBER);
606 jsb->s_header.h_blocktype = htonl(JFS_SUPERBLOCK_V2);
607 }
608
609 /* Zero out everything else beyond the superblock header */
610
611 p = ((char *) jsb) + sizeof(journal_header_t);
612 memset (p, 0, ctx->fs->blocksize-sizeof(journal_header_t));
613
614 jsb->s_blocksize = htonl(ctx->fs->blocksize);
615 jsb->s_maxlen = htonl(journal->j_maxlen);
616 jsb->s_first = htonl(1);
617
618 /* Initialize the journal sequence number so that there is "no"
619 * chance we will find old "valid" transactions in the journal.
620 * This avoids the need to zero the whole journal (slow to do,
621 * and risky when we are just recovering the filesystem).
622 */
623 uuid_generate(u.uuid);
624 for (i = 0; i < 4; i ++)
625 new_seq ^= u.val[i];
626 jsb->s_sequence = htonl(new_seq);
627
628 mark_buffer_dirty(journal->j_sb_buffer);
629 ll_rw_block(WRITE, 1, &journal->j_sb_buffer);
630 }
631
e2fsck_journal_fix_corrupt_super(e2fsck_t ctx,journal_t * journal,struct problem_context * pctx)632 static errcode_t e2fsck_journal_fix_corrupt_super(e2fsck_t ctx,
633 journal_t *journal,
634 struct problem_context *pctx)
635 {
636 struct ext2_super_block *sb = ctx->fs->super;
637 int recover = ctx->fs->super->s_feature_incompat &
638 EXT3_FEATURE_INCOMPAT_RECOVER;
639
640 if (sb->s_feature_compat & EXT3_FEATURE_COMPAT_HAS_JOURNAL) {
641 if (fix_problem(ctx, PR_0_JOURNAL_BAD_SUPER, pctx)) {
642 e2fsck_journal_reset_super(ctx, journal->j_superblock,
643 journal);
644 journal->j_transaction_sequence = 1;
645 e2fsck_clear_recover(ctx, recover);
646 return 0;
647 }
648 return EXT2_ET_CORRUPT_SUPERBLOCK;
649 } else if (e2fsck_journal_fix_bad_inode(ctx, pctx))
650 return EXT2_ET_CORRUPT_SUPERBLOCK;
651
652 return 0;
653 }
654
e2fsck_journal_release(e2fsck_t ctx,journal_t * journal,int reset,int drop)655 static void e2fsck_journal_release(e2fsck_t ctx, journal_t *journal,
656 int reset, int drop)
657 {
658 journal_superblock_t *jsb;
659
660 if (drop)
661 mark_buffer_clean(journal->j_sb_buffer);
662 else if (!(ctx->options & E2F_OPT_READONLY)) {
663 jsb = journal->j_superblock;
664 jsb->s_sequence = htonl(journal->j_transaction_sequence);
665 if (reset)
666 jsb->s_start = 0; /* this marks the journal as empty */
667 mark_buffer_dirty(journal->j_sb_buffer);
668 }
669 brelse(journal->j_sb_buffer);
670
671 if (ctx->journal_io) {
672 if (ctx->fs && ctx->fs->io != ctx->journal_io)
673 io_channel_close(ctx->journal_io);
674 ctx->journal_io = 0;
675 }
676
677 #ifndef USE_INODE_IO
678 if (journal->j_inode)
679 ext2fs_free_mem(&journal->j_inode);
680 #endif
681 if (journal->j_fs_dev)
682 ext2fs_free_mem(&journal->j_fs_dev);
683 ext2fs_free_mem(&journal);
684 }
685
686 /*
687 * This function makes sure that the superblock fields regarding the
688 * journal are consistent.
689 */
e2fsck_check_ext3_journal(e2fsck_t ctx)690 int e2fsck_check_ext3_journal(e2fsck_t ctx)
691 {
692 struct ext2_super_block *sb = ctx->fs->super;
693 journal_t *journal;
694 int recover = ctx->fs->super->s_feature_incompat &
695 EXT3_FEATURE_INCOMPAT_RECOVER;
696 struct problem_context pctx;
697 problem_t problem;
698 int reset = 0, force_fsck = 0;
699 int retval;
700
701 /* If we don't have any journal features, don't do anything more */
702 if (!(sb->s_feature_compat & EXT3_FEATURE_COMPAT_HAS_JOURNAL) &&
703 !recover && sb->s_journal_inum == 0 && sb->s_journal_dev == 0 &&
704 uuid_is_null(sb->s_journal_uuid))
705 return 0;
706
707 clear_problem_context(&pctx);
708 pctx.num = sb->s_journal_inum;
709
710 retval = e2fsck_get_journal(ctx, &journal);
711 if (retval) {
712 if ((retval == EXT2_ET_BAD_INODE_NUM) ||
713 (retval == EXT2_ET_BAD_BLOCK_NUM) ||
714 (retval == EXT2_ET_JOURNAL_TOO_SMALL) ||
715 (retval == EXT2_ET_NO_JOURNAL))
716 return e2fsck_journal_fix_bad_inode(ctx, &pctx);
717 return retval;
718 }
719
720 retval = e2fsck_journal_load(journal);
721 if (retval) {
722 if ((retval == EXT2_ET_CORRUPT_SUPERBLOCK) ||
723 ((retval == EXT2_ET_UNSUPP_FEATURE) &&
724 (!fix_problem(ctx, PR_0_JOURNAL_UNSUPP_INCOMPAT,
725 &pctx))) ||
726 ((retval == EXT2_ET_RO_UNSUPP_FEATURE) &&
727 (!fix_problem(ctx, PR_0_JOURNAL_UNSUPP_ROCOMPAT,
728 &pctx))) ||
729 ((retval == EXT2_ET_JOURNAL_UNSUPP_VERSION) &&
730 (!fix_problem(ctx, PR_0_JOURNAL_UNSUPP_VERSION, &pctx))))
731 retval = e2fsck_journal_fix_corrupt_super(ctx, journal,
732 &pctx);
733 e2fsck_journal_release(ctx, journal, 0, 1);
734 return retval;
735 }
736
737 /*
738 * We want to make the flags consistent here. We will not leave with
739 * needs_recovery set but has_journal clear. We can't get in a loop
740 * with -y, -n, or -p, only if a user isn't making up their mind.
741 */
742 no_has_journal:
743 if (!(sb->s_feature_compat & EXT3_FEATURE_COMPAT_HAS_JOURNAL)) {
744 recover = sb->s_feature_incompat & EXT3_FEATURE_INCOMPAT_RECOVER;
745 pctx.str = "inode";
746 if (fix_problem(ctx, PR_0_JOURNAL_HAS_JOURNAL, &pctx)) {
747 if (recover &&
748 !fix_problem(ctx, PR_0_JOURNAL_RECOVER_SET, &pctx))
749 goto no_has_journal;
750 /*
751 * Need a full fsck if we are releasing a
752 * journal stored on a reserved inode.
753 */
754 force_fsck = recover ||
755 (sb->s_journal_inum < EXT2_FIRST_INODE(sb));
756 /* Clear all of the journal fields */
757 sb->s_journal_inum = 0;
758 sb->s_journal_dev = 0;
759 memset(sb->s_journal_uuid, 0,
760 sizeof(sb->s_journal_uuid));
761 e2fsck_clear_recover(ctx, force_fsck);
762 } else if (!(ctx->options & E2F_OPT_READONLY)) {
763 sb->s_feature_compat |= EXT3_FEATURE_COMPAT_HAS_JOURNAL;
764 ctx->fs->flags &= ~EXT2_FLAG_MASTER_SB_ONLY;
765 ext2fs_mark_super_dirty(ctx->fs);
766 }
767 }
768
769 if (sb->s_feature_compat & EXT3_FEATURE_COMPAT_HAS_JOURNAL &&
770 !(sb->s_feature_incompat & EXT3_FEATURE_INCOMPAT_RECOVER) &&
771 journal->j_superblock->s_start != 0) {
772 /* Print status information */
773 fix_problem(ctx, PR_0_JOURNAL_RECOVERY_CLEAR, &pctx);
774 if (ctx->superblock)
775 problem = PR_0_JOURNAL_RUN_DEFAULT;
776 else
777 problem = PR_0_JOURNAL_RUN;
778 if (fix_problem(ctx, problem, &pctx)) {
779 ctx->options |= E2F_OPT_FORCE;
780 sb->s_feature_incompat |=
781 EXT3_FEATURE_INCOMPAT_RECOVER;
782 ext2fs_mark_super_dirty(ctx->fs);
783 } else if (fix_problem(ctx,
784 PR_0_JOURNAL_RESET_JOURNAL, &pctx)) {
785 reset = 1;
786 sb->s_state &= ~EXT2_VALID_FS;
787 ext2fs_mark_super_dirty(ctx->fs);
788 }
789 /*
790 * If the user answers no to the above question, we
791 * ignore the fact that journal apparently has data;
792 * accidentally replaying over valid data would be far
793 * worse than skipping a questionable recovery.
794 *
795 * XXX should we abort with a fatal error here? What
796 * will the ext3 kernel code do if a filesystem with
797 * !NEEDS_RECOVERY but with a non-zero
798 * journal->j_superblock->s_start is mounted?
799 */
800 }
801
802 /*
803 * If we don't need to do replay the journal, check to see if
804 * the journal's errno is set; if so, we need to mark the file
805 * system as being corrupt and clear the journal's s_errno.
806 */
807 if (!(sb->s_feature_incompat & EXT3_FEATURE_INCOMPAT_RECOVER) &&
808 journal->j_superblock->s_errno) {
809 ctx->fs->super->s_state |= EXT2_ERROR_FS;
810 ext2fs_mark_super_dirty(ctx->fs);
811 journal->j_superblock->s_errno = 0;
812 mark_buffer_dirty(journal->j_sb_buffer);
813 }
814
815 e2fsck_journal_release(ctx, journal, reset, 0);
816 return retval;
817 }
818
recover_ext3_journal(e2fsck_t ctx)819 static errcode_t recover_ext3_journal(e2fsck_t ctx)
820 {
821 struct problem_context pctx;
822 journal_t *journal;
823 int retval;
824
825 clear_problem_context(&pctx);
826
827 journal_init_revoke_caches();
828 retval = e2fsck_get_journal(ctx, &journal);
829 if (retval)
830 return retval;
831
832 retval = e2fsck_journal_load(journal);
833 if (retval)
834 goto errout;
835
836 retval = journal_init_revoke(journal, 1024);
837 if (retval)
838 goto errout;
839
840 retval = -journal_recover(journal);
841 if (retval)
842 goto errout;
843
844 if (journal->j_failed_commit) {
845 pctx.ino = journal->j_failed_commit;
846 fix_problem(ctx, PR_0_JNL_TXN_CORRUPT, &pctx);
847 journal->j_superblock->s_errno = -EINVAL;
848 mark_buffer_dirty(journal->j_sb_buffer);
849 }
850
851 errout:
852 journal_destroy_revoke(journal);
853 journal_destroy_revoke_caches();
854 e2fsck_journal_release(ctx, journal, 1, 0);
855 return retval;
856 }
857
e2fsck_run_ext3_journal(e2fsck_t ctx)858 int e2fsck_run_ext3_journal(e2fsck_t ctx)
859 {
860 io_manager io_ptr = ctx->fs->io->manager;
861 int blocksize = ctx->fs->blocksize;
862 errcode_t retval, recover_retval;
863 io_stats stats = 0;
864 unsigned long long kbytes_written = 0;
865
866 printf(_("%s: recovering journal\n"), ctx->device_name);
867 if (ctx->options & E2F_OPT_READONLY) {
868 printf(_("%s: won't do journal recovery while read-only\n"),
869 ctx->device_name);
870 return EXT2_ET_FILE_RO;
871 }
872
873 if (ctx->fs->flags & EXT2_FLAG_DIRTY)
874 ext2fs_flush(ctx->fs); /* Force out any modifications */
875
876 recover_retval = recover_ext3_journal(ctx);
877
878 /*
879 * Reload the filesystem context to get up-to-date data from disk
880 * because journal recovery will change the filesystem under us.
881 */
882 if (ctx->fs->super->s_kbytes_written &&
883 ctx->fs->io->manager->get_stats)
884 ctx->fs->io->manager->get_stats(ctx->fs->io, &stats);
885 if (stats && stats->bytes_written)
886 kbytes_written = stats->bytes_written >> 10;
887 ext2fs_free(ctx->fs);
888 retval = ext2fs_open(ctx->filesystem_name, EXT2_FLAG_RW,
889 ctx->superblock, blocksize, io_ptr,
890 &ctx->fs);
891 if (retval) {
892 com_err(ctx->program_name, retval,
893 _("while trying to re-open %s"),
894 ctx->device_name);
895 fatal_error(ctx, 0);
896 }
897 ctx->fs->priv_data = ctx;
898 ctx->fs->now = ctx->now;
899 ctx->fs->flags |= EXT2_FLAG_MASTER_SB_ONLY;
900 ctx->fs->super->s_kbytes_written += kbytes_written;
901
902 /* Set the superblock flags */
903 e2fsck_clear_recover(ctx, recover_retval);
904
905 /*
906 * Do one last sanity check, and propagate journal->s_errno to
907 * the EXT2_ERROR_FS flag in the fs superblock if needed.
908 */
909 retval = e2fsck_check_ext3_journal(ctx);
910 return retval ? retval : recover_retval;
911 }
912
913 /*
914 * This function will move the journal inode from a visible file in
915 * the filesystem directory hierarchy to the reserved inode if necessary.
916 */
917 static const char * const journal_names[] = {
918 ".journal", "journal", ".journal.dat", "journal.dat", 0 };
919
e2fsck_move_ext3_journal(e2fsck_t ctx)920 void e2fsck_move_ext3_journal(e2fsck_t ctx)
921 {
922 struct ext2_super_block *sb = ctx->fs->super;
923 struct problem_context pctx;
924 struct ext2_inode inode;
925 ext2_filsys fs = ctx->fs;
926 ext2_ino_t ino;
927 errcode_t retval;
928 const char * const * cpp;
929 int group, mount_flags;
930
931 clear_problem_context(&pctx);
932
933 /*
934 * If the filesystem is opened read-only, or there is no
935 * journal, then do nothing.
936 */
937 if ((ctx->options & E2F_OPT_READONLY) ||
938 (sb->s_journal_inum == 0) ||
939 !(sb->s_feature_compat & EXT3_FEATURE_COMPAT_HAS_JOURNAL))
940 return;
941
942 /*
943 * Read in the journal inode
944 */
945 if (ext2fs_read_inode(fs, sb->s_journal_inum, &inode) != 0)
946 return;
947
948 /*
949 * If it's necessary to backup the journal inode, do so.
950 */
951 if ((sb->s_jnl_backup_type == 0) ||
952 ((sb->s_jnl_backup_type == EXT3_JNL_BACKUP_BLOCKS) &&
953 memcmp(inode.i_block, sb->s_jnl_blocks, EXT2_N_BLOCKS*4))) {
954 if (fix_problem(ctx, PR_0_BACKUP_JNL, &pctx)) {
955 memcpy(sb->s_jnl_blocks, inode.i_block,
956 EXT2_N_BLOCKS*4);
957 sb->s_jnl_blocks[16] = inode.i_size;
958 sb->s_jnl_backup_type = EXT3_JNL_BACKUP_BLOCKS;
959 ext2fs_mark_super_dirty(fs);
960 fs->flags &= ~EXT2_FLAG_MASTER_SB_ONLY;
961 }
962 }
963
964 /*
965 * If the journal is already the hidden inode, then do nothing
966 */
967 if (sb->s_journal_inum == EXT2_JOURNAL_INO)
968 return;
969
970 /*
971 * The journal inode had better have only one link and not be readable.
972 */
973 if (inode.i_links_count != 1)
974 return;
975
976 /*
977 * If the filesystem is mounted, or we can't tell whether
978 * or not it's mounted, do nothing.
979 */
980 retval = ext2fs_check_if_mounted(ctx->filesystem_name, &mount_flags);
981 if (retval || (mount_flags & EXT2_MF_MOUNTED))
982 return;
983
984 /*
985 * If we can't find the name of the journal inode, then do
986 * nothing.
987 */
988 for (cpp = journal_names; *cpp; cpp++) {
989 retval = ext2fs_lookup(fs, EXT2_ROOT_INO, *cpp,
990 strlen(*cpp), 0, &ino);
991 if ((retval == 0) && (ino == sb->s_journal_inum))
992 break;
993 }
994 if (*cpp == 0)
995 return;
996
997 /* We need the inode bitmap to be loaded */
998 retval = ext2fs_read_bitmaps(fs);
999 if (retval)
1000 return;
1001
1002 pctx.str = *cpp;
1003 if (!fix_problem(ctx, PR_0_MOVE_JOURNAL, &pctx))
1004 return;
1005
1006 /*
1007 * OK, we've done all the checks, let's actually move the
1008 * journal inode. Errors at this point mean we need to force
1009 * an ext2 filesystem check.
1010 */
1011 if ((retval = ext2fs_unlink(fs, EXT2_ROOT_INO, *cpp, ino, 0)) != 0)
1012 goto err_out;
1013 if ((retval = ext2fs_write_inode(fs, EXT2_JOURNAL_INO, &inode)) != 0)
1014 goto err_out;
1015 sb->s_journal_inum = EXT2_JOURNAL_INO;
1016 ext2fs_mark_super_dirty(fs);
1017 fs->flags &= ~EXT2_FLAG_MASTER_SB_ONLY;
1018 inode.i_links_count = 0;
1019 inode.i_dtime = ctx->now;
1020 if ((retval = ext2fs_write_inode(fs, ino, &inode)) != 0)
1021 goto err_out;
1022
1023 group = ext2fs_group_of_ino(fs, ino);
1024 ext2fs_unmark_inode_bitmap(fs->inode_map, ino);
1025 ext2fs_mark_ib_dirty(fs);
1026 fs->group_desc[group].bg_free_inodes_count++;
1027 ext2fs_group_desc_csum_set(fs, group);
1028 fs->super->s_free_inodes_count++;
1029 return;
1030
1031 err_out:
1032 pctx.errcode = retval;
1033 fix_problem(ctx, PR_0_ERR_MOVE_JOURNAL, &pctx);
1034 fs->super->s_state &= ~EXT2_VALID_FS;
1035 ext2fs_mark_super_dirty(fs);
1036 return;
1037 }
1038
1039 /*
1040 * This function makes sure the superblock hint for the external
1041 * journal is correct.
1042 */
e2fsck_fix_ext3_journal_hint(e2fsck_t ctx)1043 int e2fsck_fix_ext3_journal_hint(e2fsck_t ctx)
1044 {
1045 struct ext2_super_block *sb = ctx->fs->super;
1046 struct problem_context pctx;
1047 char uuid[37], *journal_name;
1048 struct stat st;
1049
1050 if (!(sb->s_feature_compat & EXT3_FEATURE_COMPAT_HAS_JOURNAL) ||
1051 uuid_is_null(sb->s_journal_uuid))
1052 return 0;
1053
1054 uuid_unparse(sb->s_journal_uuid, uuid);
1055 journal_name = blkid_get_devname(ctx->blkid, "UUID", uuid);
1056 if (!journal_name)
1057 return 0;
1058
1059 if (stat(journal_name, &st) < 0)
1060 return 0;
1061
1062 if (st.st_rdev != sb->s_journal_dev) {
1063 clear_problem_context(&pctx);
1064 pctx.num = st.st_rdev;
1065 if (fix_problem(ctx, PR_0_EXTERNAL_JOURNAL_HINT, &pctx)) {
1066 sb->s_journal_dev = st.st_rdev;
1067 ext2fs_mark_super_dirty(ctx->fs);
1068 }
1069 }
1070
1071 free(journal_name);
1072 return 0;
1073 }
1074