1 /** 2 * dir.c - NTFS kernel directory operations. Part of the Linux-NTFS project. 3 * 4 * Copyright (c) 2001-2007 Anton Altaparmakov 5 * Copyright (c) 2002 Richard Russon 6 * 7 * This program/include file is free software; you can redistribute it and/or 8 * modify it under the terms of the GNU General Public License as published 9 * by the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * This program/include file is distributed in the hope that it will be 13 * useful, but WITHOUT ANY WARRANTY; without even the implied warranty 14 * of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program (in the main directory of the Linux-NTFS 19 * distribution in the file COPYING); if not, write to the Free Software 20 * Foundation,Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 21 */ 22 23 #include <linux/buffer_head.h> 24 #include <linux/slab.h> 25 26 #include "dir.h" 27 #include "aops.h" 28 #include "attrib.h" 29 #include "mft.h" 30 #include "debug.h" 31 #include "ntfs.h" 32 33 /** 34 * The little endian Unicode string $I30 as a global constant. 35 */ 36 ntfschar I30[5] = { cpu_to_le16('$'), cpu_to_le16('I'), 37 cpu_to_le16('3'), cpu_to_le16('0'), 0 }; 38 39 /** 40 * ntfs_lookup_inode_by_name - find an inode in a directory given its name 41 * @dir_ni: ntfs inode of the directory in which to search for the name 42 * @uname: Unicode name for which to search in the directory 43 * @uname_len: length of the name @uname in Unicode characters 44 * @res: return the found file name if necessary (see below) 45 * 46 * Look for an inode with name @uname in the directory with inode @dir_ni. 47 * ntfs_lookup_inode_by_name() walks the contents of the directory looking for 48 * the Unicode name. If the name is found in the directory, the corresponding 49 * inode number (>= 0) is returned as a mft reference in cpu format, i.e. it 50 * is a 64-bit number containing the sequence number. 51 * 52 * On error, a negative value is returned corresponding to the error code. In 53 * particular if the inode is not found -ENOENT is returned. Note that you 54 * can't just check the return value for being negative, you have to check the 55 * inode number for being negative which you can extract using MREC(return 56 * value). 57 * 58 * Note, @uname_len does not include the (optional) terminating NULL character. 59 * 60 * Note, we look for a case sensitive match first but we also look for a case 61 * insensitive match at the same time. If we find a case insensitive match, we 62 * save that for the case that we don't find an exact match, where we return 63 * the case insensitive match and setup @res (which we allocate!) with the mft 64 * reference, the file name type, length and with a copy of the little endian 65 * Unicode file name itself. If we match a file name which is in the DOS name 66 * space, we only return the mft reference and file name type in @res. 67 * ntfs_lookup() then uses this to find the long file name in the inode itself. 68 * This is to avoid polluting the dcache with short file names. We want them to 69 * work but we don't care for how quickly one can access them. This also fixes 70 * the dcache aliasing issues. 71 * 72 * Locking: - Caller must hold i_mutex on the directory. 73 * - Each page cache page in the index allocation mapping must be 74 * locked whilst being accessed otherwise we may find a corrupt 75 * page due to it being under ->writepage at the moment which 76 * applies the mst protection fixups before writing out and then 77 * removes them again after the write is complete after which it 78 * unlocks the page. 79 */ ntfs_lookup_inode_by_name(ntfs_inode * dir_ni,const ntfschar * uname,const int uname_len,ntfs_name ** res)80 MFT_REF ntfs_lookup_inode_by_name(ntfs_inode *dir_ni, const ntfschar *uname, 81 const int uname_len, ntfs_name **res) 82 { 83 ntfs_volume *vol = dir_ni->vol; 84 struct super_block *sb = vol->sb; 85 MFT_RECORD *m; 86 INDEX_ROOT *ir; 87 INDEX_ENTRY *ie; 88 INDEX_ALLOCATION *ia; 89 u8 *index_end; 90 u64 mref; 91 ntfs_attr_search_ctx *ctx; 92 int err, rc; 93 VCN vcn, old_vcn; 94 struct address_space *ia_mapping; 95 struct page *page; 96 u8 *kaddr; 97 ntfs_name *name = NULL; 98 99 BUG_ON(!S_ISDIR(VFS_I(dir_ni)->i_mode)); 100 BUG_ON(NInoAttr(dir_ni)); 101 /* Get hold of the mft record for the directory. */ 102 m = map_mft_record(dir_ni); 103 if (IS_ERR(m)) { 104 ntfs_error(sb, "map_mft_record() failed with error code %ld.", 105 -PTR_ERR(m)); 106 return ERR_MREF(PTR_ERR(m)); 107 } 108 ctx = ntfs_attr_get_search_ctx(dir_ni, m); 109 if (unlikely(!ctx)) { 110 err = -ENOMEM; 111 goto err_out; 112 } 113 /* Find the index root attribute in the mft record. */ 114 err = ntfs_attr_lookup(AT_INDEX_ROOT, I30, 4, CASE_SENSITIVE, 0, NULL, 115 0, ctx); 116 if (unlikely(err)) { 117 if (err == -ENOENT) { 118 ntfs_error(sb, "Index root attribute missing in " 119 "directory inode 0x%lx.", 120 dir_ni->mft_no); 121 err = -EIO; 122 } 123 goto err_out; 124 } 125 /* Get to the index root value (it's been verified in read_inode). */ 126 ir = (INDEX_ROOT*)((u8*)ctx->attr + 127 le16_to_cpu(ctx->attr->data.resident.value_offset)); 128 index_end = (u8*)&ir->index + le32_to_cpu(ir->index.index_length); 129 /* The first index entry. */ 130 ie = (INDEX_ENTRY*)((u8*)&ir->index + 131 le32_to_cpu(ir->index.entries_offset)); 132 /* 133 * Loop until we exceed valid memory (corruption case) or until we 134 * reach the last entry. 135 */ 136 for (;; ie = (INDEX_ENTRY*)((u8*)ie + le16_to_cpu(ie->length))) { 137 /* Bounds checks. */ 138 if ((u8*)ie < (u8*)ctx->mrec || (u8*)ie + 139 sizeof(INDEX_ENTRY_HEADER) > index_end || 140 (u8*)ie + le16_to_cpu(ie->key_length) > 141 index_end) 142 goto dir_err_out; 143 /* 144 * The last entry cannot contain a name. It can however contain 145 * a pointer to a child node in the B+tree so we just break out. 146 */ 147 if (ie->flags & INDEX_ENTRY_END) 148 break; 149 /* 150 * We perform a case sensitive comparison and if that matches 151 * we are done and return the mft reference of the inode (i.e. 152 * the inode number together with the sequence number for 153 * consistency checking). We convert it to cpu format before 154 * returning. 155 */ 156 if (ntfs_are_names_equal(uname, uname_len, 157 (ntfschar*)&ie->key.file_name.file_name, 158 ie->key.file_name.file_name_length, 159 CASE_SENSITIVE, vol->upcase, vol->upcase_len)) { 160 found_it: 161 /* 162 * We have a perfect match, so we don't need to care 163 * about having matched imperfectly before, so we can 164 * free name and set *res to NULL. 165 * However, if the perfect match is a short file name, 166 * we need to signal this through *res, so that 167 * ntfs_lookup() can fix dcache aliasing issues. 168 * As an optimization we just reuse an existing 169 * allocation of *res. 170 */ 171 if (ie->key.file_name.file_name_type == FILE_NAME_DOS) { 172 if (!name) { 173 name = kmalloc(sizeof(ntfs_name), 174 GFP_NOFS); 175 if (!name) { 176 err = -ENOMEM; 177 goto err_out; 178 } 179 } 180 name->mref = le64_to_cpu( 181 ie->data.dir.indexed_file); 182 name->type = FILE_NAME_DOS; 183 name->len = 0; 184 *res = name; 185 } else { 186 kfree(name); 187 *res = NULL; 188 } 189 mref = le64_to_cpu(ie->data.dir.indexed_file); 190 ntfs_attr_put_search_ctx(ctx); 191 unmap_mft_record(dir_ni); 192 return mref; 193 } 194 /* 195 * For a case insensitive mount, we also perform a case 196 * insensitive comparison (provided the file name is not in the 197 * POSIX namespace). If the comparison matches, and the name is 198 * in the WIN32 namespace, we cache the filename in *res so 199 * that the caller, ntfs_lookup(), can work on it. If the 200 * comparison matches, and the name is in the DOS namespace, we 201 * only cache the mft reference and the file name type (we set 202 * the name length to zero for simplicity). 203 */ 204 if (!NVolCaseSensitive(vol) && 205 ie->key.file_name.file_name_type && 206 ntfs_are_names_equal(uname, uname_len, 207 (ntfschar*)&ie->key.file_name.file_name, 208 ie->key.file_name.file_name_length, 209 IGNORE_CASE, vol->upcase, vol->upcase_len)) { 210 int name_size = sizeof(ntfs_name); 211 u8 type = ie->key.file_name.file_name_type; 212 u8 len = ie->key.file_name.file_name_length; 213 214 /* Only one case insensitive matching name allowed. */ 215 if (name) { 216 ntfs_error(sb, "Found already allocated name " 217 "in phase 1. Please run chkdsk " 218 "and if that doesn't find any " 219 "errors please report you saw " 220 "this message to " 221 "linux-ntfs-dev@lists." 222 "sourceforge.net."); 223 goto dir_err_out; 224 } 225 226 if (type != FILE_NAME_DOS) 227 name_size += len * sizeof(ntfschar); 228 name = kmalloc(name_size, GFP_NOFS); 229 if (!name) { 230 err = -ENOMEM; 231 goto err_out; 232 } 233 name->mref = le64_to_cpu(ie->data.dir.indexed_file); 234 name->type = type; 235 if (type != FILE_NAME_DOS) { 236 name->len = len; 237 memcpy(name->name, ie->key.file_name.file_name, 238 len * sizeof(ntfschar)); 239 } else 240 name->len = 0; 241 *res = name; 242 } 243 /* 244 * Not a perfect match, need to do full blown collation so we 245 * know which way in the B+tree we have to go. 246 */ 247 rc = ntfs_collate_names(uname, uname_len, 248 (ntfschar*)&ie->key.file_name.file_name, 249 ie->key.file_name.file_name_length, 1, 250 IGNORE_CASE, vol->upcase, vol->upcase_len); 251 /* 252 * If uname collates before the name of the current entry, there 253 * is definitely no such name in this index but we might need to 254 * descend into the B+tree so we just break out of the loop. 255 */ 256 if (rc == -1) 257 break; 258 /* The names are not equal, continue the search. */ 259 if (rc) 260 continue; 261 /* 262 * Names match with case insensitive comparison, now try the 263 * case sensitive comparison, which is required for proper 264 * collation. 265 */ 266 rc = ntfs_collate_names(uname, uname_len, 267 (ntfschar*)&ie->key.file_name.file_name, 268 ie->key.file_name.file_name_length, 1, 269 CASE_SENSITIVE, vol->upcase, vol->upcase_len); 270 if (rc == -1) 271 break; 272 if (rc) 273 continue; 274 /* 275 * Perfect match, this will never happen as the 276 * ntfs_are_names_equal() call will have gotten a match but we 277 * still treat it correctly. 278 */ 279 goto found_it; 280 } 281 /* 282 * We have finished with this index without success. Check for the 283 * presence of a child node and if not present return -ENOENT, unless 284 * we have got a matching name cached in name in which case return the 285 * mft reference associated with it. 286 */ 287 if (!(ie->flags & INDEX_ENTRY_NODE)) { 288 if (name) { 289 ntfs_attr_put_search_ctx(ctx); 290 unmap_mft_record(dir_ni); 291 return name->mref; 292 } 293 ntfs_debug("Entry not found."); 294 err = -ENOENT; 295 goto err_out; 296 } /* Child node present, descend into it. */ 297 /* Consistency check: Verify that an index allocation exists. */ 298 if (!NInoIndexAllocPresent(dir_ni)) { 299 ntfs_error(sb, "No index allocation attribute but index entry " 300 "requires one. Directory inode 0x%lx is " 301 "corrupt or driver bug.", dir_ni->mft_no); 302 goto err_out; 303 } 304 /* Get the starting vcn of the index_block holding the child node. */ 305 vcn = sle64_to_cpup((sle64*)((u8*)ie + le16_to_cpu(ie->length) - 8)); 306 ia_mapping = VFS_I(dir_ni)->i_mapping; 307 /* 308 * We are done with the index root and the mft record. Release them, 309 * otherwise we deadlock with ntfs_map_page(). 310 */ 311 ntfs_attr_put_search_ctx(ctx); 312 unmap_mft_record(dir_ni); 313 m = NULL; 314 ctx = NULL; 315 descend_into_child_node: 316 /* 317 * Convert vcn to index into the index allocation attribute in units 318 * of PAGE_CACHE_SIZE and map the page cache page, reading it from 319 * disk if necessary. 320 */ 321 page = ntfs_map_page(ia_mapping, vcn << 322 dir_ni->itype.index.vcn_size_bits >> PAGE_CACHE_SHIFT); 323 if (IS_ERR(page)) { 324 ntfs_error(sb, "Failed to map directory index page, error %ld.", 325 -PTR_ERR(page)); 326 err = PTR_ERR(page); 327 goto err_out; 328 } 329 lock_page(page); 330 kaddr = (u8*)page_address(page); 331 fast_descend_into_child_node: 332 /* Get to the index allocation block. */ 333 ia = (INDEX_ALLOCATION*)(kaddr + ((vcn << 334 dir_ni->itype.index.vcn_size_bits) & ~PAGE_CACHE_MASK)); 335 /* Bounds checks. */ 336 if ((u8*)ia < kaddr || (u8*)ia > kaddr + PAGE_CACHE_SIZE) { 337 ntfs_error(sb, "Out of bounds check failed. Corrupt directory " 338 "inode 0x%lx or driver bug.", dir_ni->mft_no); 339 goto unm_err_out; 340 } 341 /* Catch multi sector transfer fixup errors. */ 342 if (unlikely(!ntfs_is_indx_record(ia->magic))) { 343 ntfs_error(sb, "Directory index record with vcn 0x%llx is " 344 "corrupt. Corrupt inode 0x%lx. Run chkdsk.", 345 (unsigned long long)vcn, dir_ni->mft_no); 346 goto unm_err_out; 347 } 348 if (sle64_to_cpu(ia->index_block_vcn) != vcn) { 349 ntfs_error(sb, "Actual VCN (0x%llx) of index buffer is " 350 "different from expected VCN (0x%llx). " 351 "Directory inode 0x%lx is corrupt or driver " 352 "bug.", (unsigned long long) 353 sle64_to_cpu(ia->index_block_vcn), 354 (unsigned long long)vcn, dir_ni->mft_no); 355 goto unm_err_out; 356 } 357 if (le32_to_cpu(ia->index.allocated_size) + 0x18 != 358 dir_ni->itype.index.block_size) { 359 ntfs_error(sb, "Index buffer (VCN 0x%llx) of directory inode " 360 "0x%lx has a size (%u) differing from the " 361 "directory specified size (%u). Directory " 362 "inode is corrupt or driver bug.", 363 (unsigned long long)vcn, dir_ni->mft_no, 364 le32_to_cpu(ia->index.allocated_size) + 0x18, 365 dir_ni->itype.index.block_size); 366 goto unm_err_out; 367 } 368 index_end = (u8*)ia + dir_ni->itype.index.block_size; 369 if (index_end > kaddr + PAGE_CACHE_SIZE) { 370 ntfs_error(sb, "Index buffer (VCN 0x%llx) of directory inode " 371 "0x%lx crosses page boundary. Impossible! " 372 "Cannot access! This is probably a bug in the " 373 "driver.", (unsigned long long)vcn, 374 dir_ni->mft_no); 375 goto unm_err_out; 376 } 377 index_end = (u8*)&ia->index + le32_to_cpu(ia->index.index_length); 378 if (index_end > (u8*)ia + dir_ni->itype.index.block_size) { 379 ntfs_error(sb, "Size of index buffer (VCN 0x%llx) of directory " 380 "inode 0x%lx exceeds maximum size.", 381 (unsigned long long)vcn, dir_ni->mft_no); 382 goto unm_err_out; 383 } 384 /* The first index entry. */ 385 ie = (INDEX_ENTRY*)((u8*)&ia->index + 386 le32_to_cpu(ia->index.entries_offset)); 387 /* 388 * Iterate similar to above big loop but applied to index buffer, thus 389 * loop until we exceed valid memory (corruption case) or until we 390 * reach the last entry. 391 */ 392 for (;; ie = (INDEX_ENTRY*)((u8*)ie + le16_to_cpu(ie->length))) { 393 /* Bounds check. */ 394 if ((u8*)ie < (u8*)ia || (u8*)ie + 395 sizeof(INDEX_ENTRY_HEADER) > index_end || 396 (u8*)ie + le16_to_cpu(ie->key_length) > 397 index_end) { 398 ntfs_error(sb, "Index entry out of bounds in " 399 "directory inode 0x%lx.", 400 dir_ni->mft_no); 401 goto unm_err_out; 402 } 403 /* 404 * The last entry cannot contain a name. It can however contain 405 * a pointer to a child node in the B+tree so we just break out. 406 */ 407 if (ie->flags & INDEX_ENTRY_END) 408 break; 409 /* 410 * We perform a case sensitive comparison and if that matches 411 * we are done and return the mft reference of the inode (i.e. 412 * the inode number together with the sequence number for 413 * consistency checking). We convert it to cpu format before 414 * returning. 415 */ 416 if (ntfs_are_names_equal(uname, uname_len, 417 (ntfschar*)&ie->key.file_name.file_name, 418 ie->key.file_name.file_name_length, 419 CASE_SENSITIVE, vol->upcase, vol->upcase_len)) { 420 found_it2: 421 /* 422 * We have a perfect match, so we don't need to care 423 * about having matched imperfectly before, so we can 424 * free name and set *res to NULL. 425 * However, if the perfect match is a short file name, 426 * we need to signal this through *res, so that 427 * ntfs_lookup() can fix dcache aliasing issues. 428 * As an optimization we just reuse an existing 429 * allocation of *res. 430 */ 431 if (ie->key.file_name.file_name_type == FILE_NAME_DOS) { 432 if (!name) { 433 name = kmalloc(sizeof(ntfs_name), 434 GFP_NOFS); 435 if (!name) { 436 err = -ENOMEM; 437 goto unm_err_out; 438 } 439 } 440 name->mref = le64_to_cpu( 441 ie->data.dir.indexed_file); 442 name->type = FILE_NAME_DOS; 443 name->len = 0; 444 *res = name; 445 } else { 446 kfree(name); 447 *res = NULL; 448 } 449 mref = le64_to_cpu(ie->data.dir.indexed_file); 450 unlock_page(page); 451 ntfs_unmap_page(page); 452 return mref; 453 } 454 /* 455 * For a case insensitive mount, we also perform a case 456 * insensitive comparison (provided the file name is not in the 457 * POSIX namespace). If the comparison matches, and the name is 458 * in the WIN32 namespace, we cache the filename in *res so 459 * that the caller, ntfs_lookup(), can work on it. If the 460 * comparison matches, and the name is in the DOS namespace, we 461 * only cache the mft reference and the file name type (we set 462 * the name length to zero for simplicity). 463 */ 464 if (!NVolCaseSensitive(vol) && 465 ie->key.file_name.file_name_type && 466 ntfs_are_names_equal(uname, uname_len, 467 (ntfschar*)&ie->key.file_name.file_name, 468 ie->key.file_name.file_name_length, 469 IGNORE_CASE, vol->upcase, vol->upcase_len)) { 470 int name_size = sizeof(ntfs_name); 471 u8 type = ie->key.file_name.file_name_type; 472 u8 len = ie->key.file_name.file_name_length; 473 474 /* Only one case insensitive matching name allowed. */ 475 if (name) { 476 ntfs_error(sb, "Found already allocated name " 477 "in phase 2. Please run chkdsk " 478 "and if that doesn't find any " 479 "errors please report you saw " 480 "this message to " 481 "linux-ntfs-dev@lists." 482 "sourceforge.net."); 483 unlock_page(page); 484 ntfs_unmap_page(page); 485 goto dir_err_out; 486 } 487 488 if (type != FILE_NAME_DOS) 489 name_size += len * sizeof(ntfschar); 490 name = kmalloc(name_size, GFP_NOFS); 491 if (!name) { 492 err = -ENOMEM; 493 goto unm_err_out; 494 } 495 name->mref = le64_to_cpu(ie->data.dir.indexed_file); 496 name->type = type; 497 if (type != FILE_NAME_DOS) { 498 name->len = len; 499 memcpy(name->name, ie->key.file_name.file_name, 500 len * sizeof(ntfschar)); 501 } else 502 name->len = 0; 503 *res = name; 504 } 505 /* 506 * Not a perfect match, need to do full blown collation so we 507 * know which way in the B+tree we have to go. 508 */ 509 rc = ntfs_collate_names(uname, uname_len, 510 (ntfschar*)&ie->key.file_name.file_name, 511 ie->key.file_name.file_name_length, 1, 512 IGNORE_CASE, vol->upcase, vol->upcase_len); 513 /* 514 * If uname collates before the name of the current entry, there 515 * is definitely no such name in this index but we might need to 516 * descend into the B+tree so we just break out of the loop. 517 */ 518 if (rc == -1) 519 break; 520 /* The names are not equal, continue the search. */ 521 if (rc) 522 continue; 523 /* 524 * Names match with case insensitive comparison, now try the 525 * case sensitive comparison, which is required for proper 526 * collation. 527 */ 528 rc = ntfs_collate_names(uname, uname_len, 529 (ntfschar*)&ie->key.file_name.file_name, 530 ie->key.file_name.file_name_length, 1, 531 CASE_SENSITIVE, vol->upcase, vol->upcase_len); 532 if (rc == -1) 533 break; 534 if (rc) 535 continue; 536 /* 537 * Perfect match, this will never happen as the 538 * ntfs_are_names_equal() call will have gotten a match but we 539 * still treat it correctly. 540 */ 541 goto found_it2; 542 } 543 /* 544 * We have finished with this index buffer without success. Check for 545 * the presence of a child node. 546 */ 547 if (ie->flags & INDEX_ENTRY_NODE) { 548 if ((ia->index.flags & NODE_MASK) == LEAF_NODE) { 549 ntfs_error(sb, "Index entry with child node found in " 550 "a leaf node in directory inode 0x%lx.", 551 dir_ni->mft_no); 552 goto unm_err_out; 553 } 554 /* Child node present, descend into it. */ 555 old_vcn = vcn; 556 vcn = sle64_to_cpup((sle64*)((u8*)ie + 557 le16_to_cpu(ie->length) - 8)); 558 if (vcn >= 0) { 559 /* If vcn is in the same page cache page as old_vcn we 560 * recycle the mapped page. */ 561 if (old_vcn << vol->cluster_size_bits >> 562 PAGE_CACHE_SHIFT == vcn << 563 vol->cluster_size_bits >> 564 PAGE_CACHE_SHIFT) 565 goto fast_descend_into_child_node; 566 unlock_page(page); 567 ntfs_unmap_page(page); 568 goto descend_into_child_node; 569 } 570 ntfs_error(sb, "Negative child node vcn in directory inode " 571 "0x%lx.", dir_ni->mft_no); 572 goto unm_err_out; 573 } 574 /* 575 * No child node present, return -ENOENT, unless we have got a matching 576 * name cached in name in which case return the mft reference 577 * associated with it. 578 */ 579 if (name) { 580 unlock_page(page); 581 ntfs_unmap_page(page); 582 return name->mref; 583 } 584 ntfs_debug("Entry not found."); 585 err = -ENOENT; 586 unm_err_out: 587 unlock_page(page); 588 ntfs_unmap_page(page); 589 err_out: 590 if (!err) 591 err = -EIO; 592 if (ctx) 593 ntfs_attr_put_search_ctx(ctx); 594 if (m) 595 unmap_mft_record(dir_ni); 596 if (name) { 597 kfree(name); 598 *res = NULL; 599 } 600 return ERR_MREF(err); 601 dir_err_out: 602 ntfs_error(sb, "Corrupt directory. Aborting lookup."); 603 goto err_out; 604 } 605 606 #if 0 607 608 // TODO: (AIA) 609 // The algorithm embedded in this code will be required for the time when we 610 // want to support adding of entries to directories, where we require correct 611 // collation of file names in order not to cause corruption of the filesystem. 612 613 /** 614 * ntfs_lookup_inode_by_name - find an inode in a directory given its name 615 * @dir_ni: ntfs inode of the directory in which to search for the name 616 * @uname: Unicode name for which to search in the directory 617 * @uname_len: length of the name @uname in Unicode characters 618 * 619 * Look for an inode with name @uname in the directory with inode @dir_ni. 620 * ntfs_lookup_inode_by_name() walks the contents of the directory looking for 621 * the Unicode name. If the name is found in the directory, the corresponding 622 * inode number (>= 0) is returned as a mft reference in cpu format, i.e. it 623 * is a 64-bit number containing the sequence number. 624 * 625 * On error, a negative value is returned corresponding to the error code. In 626 * particular if the inode is not found -ENOENT is returned. Note that you 627 * can't just check the return value for being negative, you have to check the 628 * inode number for being negative which you can extract using MREC(return 629 * value). 630 * 631 * Note, @uname_len does not include the (optional) terminating NULL character. 632 */ 633 u64 ntfs_lookup_inode_by_name(ntfs_inode *dir_ni, const ntfschar *uname, 634 const int uname_len) 635 { 636 ntfs_volume *vol = dir_ni->vol; 637 struct super_block *sb = vol->sb; 638 MFT_RECORD *m; 639 INDEX_ROOT *ir; 640 INDEX_ENTRY *ie; 641 INDEX_ALLOCATION *ia; 642 u8 *index_end; 643 u64 mref; 644 ntfs_attr_search_ctx *ctx; 645 int err, rc; 646 IGNORE_CASE_BOOL ic; 647 VCN vcn, old_vcn; 648 struct address_space *ia_mapping; 649 struct page *page; 650 u8 *kaddr; 651 652 /* Get hold of the mft record for the directory. */ 653 m = map_mft_record(dir_ni); 654 if (IS_ERR(m)) { 655 ntfs_error(sb, "map_mft_record() failed with error code %ld.", 656 -PTR_ERR(m)); 657 return ERR_MREF(PTR_ERR(m)); 658 } 659 ctx = ntfs_attr_get_search_ctx(dir_ni, m); 660 if (!ctx) { 661 err = -ENOMEM; 662 goto err_out; 663 } 664 /* Find the index root attribute in the mft record. */ 665 err = ntfs_attr_lookup(AT_INDEX_ROOT, I30, 4, CASE_SENSITIVE, 0, NULL, 666 0, ctx); 667 if (unlikely(err)) { 668 if (err == -ENOENT) { 669 ntfs_error(sb, "Index root attribute missing in " 670 "directory inode 0x%lx.", 671 dir_ni->mft_no); 672 err = -EIO; 673 } 674 goto err_out; 675 } 676 /* Get to the index root value (it's been verified in read_inode). */ 677 ir = (INDEX_ROOT*)((u8*)ctx->attr + 678 le16_to_cpu(ctx->attr->data.resident.value_offset)); 679 index_end = (u8*)&ir->index + le32_to_cpu(ir->index.index_length); 680 /* The first index entry. */ 681 ie = (INDEX_ENTRY*)((u8*)&ir->index + 682 le32_to_cpu(ir->index.entries_offset)); 683 /* 684 * Loop until we exceed valid memory (corruption case) or until we 685 * reach the last entry. 686 */ 687 for (;; ie = (INDEX_ENTRY*)((u8*)ie + le16_to_cpu(ie->length))) { 688 /* Bounds checks. */ 689 if ((u8*)ie < (u8*)ctx->mrec || (u8*)ie + 690 sizeof(INDEX_ENTRY_HEADER) > index_end || 691 (u8*)ie + le16_to_cpu(ie->key_length) > 692 index_end) 693 goto dir_err_out; 694 /* 695 * The last entry cannot contain a name. It can however contain 696 * a pointer to a child node in the B+tree so we just break out. 697 */ 698 if (ie->flags & INDEX_ENTRY_END) 699 break; 700 /* 701 * If the current entry has a name type of POSIX, the name is 702 * case sensitive and not otherwise. This has the effect of us 703 * not being able to access any POSIX file names which collate 704 * after the non-POSIX one when they only differ in case, but 705 * anyone doing screwy stuff like that deserves to burn in 706 * hell... Doing that kind of stuff on NT4 actually causes 707 * corruption on the partition even when using SP6a and Linux 708 * is not involved at all. 709 */ 710 ic = ie->key.file_name.file_name_type ? IGNORE_CASE : 711 CASE_SENSITIVE; 712 /* 713 * If the names match perfectly, we are done and return the 714 * mft reference of the inode (i.e. the inode number together 715 * with the sequence number for consistency checking. We 716 * convert it to cpu format before returning. 717 */ 718 if (ntfs_are_names_equal(uname, uname_len, 719 (ntfschar*)&ie->key.file_name.file_name, 720 ie->key.file_name.file_name_length, ic, 721 vol->upcase, vol->upcase_len)) { 722 found_it: 723 mref = le64_to_cpu(ie->data.dir.indexed_file); 724 ntfs_attr_put_search_ctx(ctx); 725 unmap_mft_record(dir_ni); 726 return mref; 727 } 728 /* 729 * Not a perfect match, need to do full blown collation so we 730 * know which way in the B+tree we have to go. 731 */ 732 rc = ntfs_collate_names(uname, uname_len, 733 (ntfschar*)&ie->key.file_name.file_name, 734 ie->key.file_name.file_name_length, 1, 735 IGNORE_CASE, vol->upcase, vol->upcase_len); 736 /* 737 * If uname collates before the name of the current entry, there 738 * is definitely no such name in this index but we might need to 739 * descend into the B+tree so we just break out of the loop. 740 */ 741 if (rc == -1) 742 break; 743 /* The names are not equal, continue the search. */ 744 if (rc) 745 continue; 746 /* 747 * Names match with case insensitive comparison, now try the 748 * case sensitive comparison, which is required for proper 749 * collation. 750 */ 751 rc = ntfs_collate_names(uname, uname_len, 752 (ntfschar*)&ie->key.file_name.file_name, 753 ie->key.file_name.file_name_length, 1, 754 CASE_SENSITIVE, vol->upcase, vol->upcase_len); 755 if (rc == -1) 756 break; 757 if (rc) 758 continue; 759 /* 760 * Perfect match, this will never happen as the 761 * ntfs_are_names_equal() call will have gotten a match but we 762 * still treat it correctly. 763 */ 764 goto found_it; 765 } 766 /* 767 * We have finished with this index without success. Check for the 768 * presence of a child node. 769 */ 770 if (!(ie->flags & INDEX_ENTRY_NODE)) { 771 /* No child node, return -ENOENT. */ 772 err = -ENOENT; 773 goto err_out; 774 } /* Child node present, descend into it. */ 775 /* Consistency check: Verify that an index allocation exists. */ 776 if (!NInoIndexAllocPresent(dir_ni)) { 777 ntfs_error(sb, "No index allocation attribute but index entry " 778 "requires one. Directory inode 0x%lx is " 779 "corrupt or driver bug.", dir_ni->mft_no); 780 goto err_out; 781 } 782 /* Get the starting vcn of the index_block holding the child node. */ 783 vcn = sle64_to_cpup((u8*)ie + le16_to_cpu(ie->length) - 8); 784 ia_mapping = VFS_I(dir_ni)->i_mapping; 785 /* 786 * We are done with the index root and the mft record. Release them, 787 * otherwise we deadlock with ntfs_map_page(). 788 */ 789 ntfs_attr_put_search_ctx(ctx); 790 unmap_mft_record(dir_ni); 791 m = NULL; 792 ctx = NULL; 793 descend_into_child_node: 794 /* 795 * Convert vcn to index into the index allocation attribute in units 796 * of PAGE_CACHE_SIZE and map the page cache page, reading it from 797 * disk if necessary. 798 */ 799 page = ntfs_map_page(ia_mapping, vcn << 800 dir_ni->itype.index.vcn_size_bits >> PAGE_CACHE_SHIFT); 801 if (IS_ERR(page)) { 802 ntfs_error(sb, "Failed to map directory index page, error %ld.", 803 -PTR_ERR(page)); 804 err = PTR_ERR(page); 805 goto err_out; 806 } 807 lock_page(page); 808 kaddr = (u8*)page_address(page); 809 fast_descend_into_child_node: 810 /* Get to the index allocation block. */ 811 ia = (INDEX_ALLOCATION*)(kaddr + ((vcn << 812 dir_ni->itype.index.vcn_size_bits) & ~PAGE_CACHE_MASK)); 813 /* Bounds checks. */ 814 if ((u8*)ia < kaddr || (u8*)ia > kaddr + PAGE_CACHE_SIZE) { 815 ntfs_error(sb, "Out of bounds check failed. Corrupt directory " 816 "inode 0x%lx or driver bug.", dir_ni->mft_no); 817 goto unm_err_out; 818 } 819 /* Catch multi sector transfer fixup errors. */ 820 if (unlikely(!ntfs_is_indx_record(ia->magic))) { 821 ntfs_error(sb, "Directory index record with vcn 0x%llx is " 822 "corrupt. Corrupt inode 0x%lx. Run chkdsk.", 823 (unsigned long long)vcn, dir_ni->mft_no); 824 goto unm_err_out; 825 } 826 if (sle64_to_cpu(ia->index_block_vcn) != vcn) { 827 ntfs_error(sb, "Actual VCN (0x%llx) of index buffer is " 828 "different from expected VCN (0x%llx). " 829 "Directory inode 0x%lx is corrupt or driver " 830 "bug.", (unsigned long long) 831 sle64_to_cpu(ia->index_block_vcn), 832 (unsigned long long)vcn, dir_ni->mft_no); 833 goto unm_err_out; 834 } 835 if (le32_to_cpu(ia->index.allocated_size) + 0x18 != 836 dir_ni->itype.index.block_size) { 837 ntfs_error(sb, "Index buffer (VCN 0x%llx) of directory inode " 838 "0x%lx has a size (%u) differing from the " 839 "directory specified size (%u). Directory " 840 "inode is corrupt or driver bug.", 841 (unsigned long long)vcn, dir_ni->mft_no, 842 le32_to_cpu(ia->index.allocated_size) + 0x18, 843 dir_ni->itype.index.block_size); 844 goto unm_err_out; 845 } 846 index_end = (u8*)ia + dir_ni->itype.index.block_size; 847 if (index_end > kaddr + PAGE_CACHE_SIZE) { 848 ntfs_error(sb, "Index buffer (VCN 0x%llx) of directory inode " 849 "0x%lx crosses page boundary. Impossible! " 850 "Cannot access! This is probably a bug in the " 851 "driver.", (unsigned long long)vcn, 852 dir_ni->mft_no); 853 goto unm_err_out; 854 } 855 index_end = (u8*)&ia->index + le32_to_cpu(ia->index.index_length); 856 if (index_end > (u8*)ia + dir_ni->itype.index.block_size) { 857 ntfs_error(sb, "Size of index buffer (VCN 0x%llx) of directory " 858 "inode 0x%lx exceeds maximum size.", 859 (unsigned long long)vcn, dir_ni->mft_no); 860 goto unm_err_out; 861 } 862 /* The first index entry. */ 863 ie = (INDEX_ENTRY*)((u8*)&ia->index + 864 le32_to_cpu(ia->index.entries_offset)); 865 /* 866 * Iterate similar to above big loop but applied to index buffer, thus 867 * loop until we exceed valid memory (corruption case) or until we 868 * reach the last entry. 869 */ 870 for (;; ie = (INDEX_ENTRY*)((u8*)ie + le16_to_cpu(ie->length))) { 871 /* Bounds check. */ 872 if ((u8*)ie < (u8*)ia || (u8*)ie + 873 sizeof(INDEX_ENTRY_HEADER) > index_end || 874 (u8*)ie + le16_to_cpu(ie->key_length) > 875 index_end) { 876 ntfs_error(sb, "Index entry out of bounds in " 877 "directory inode 0x%lx.", 878 dir_ni->mft_no); 879 goto unm_err_out; 880 } 881 /* 882 * The last entry cannot contain a name. It can however contain 883 * a pointer to a child node in the B+tree so we just break out. 884 */ 885 if (ie->flags & INDEX_ENTRY_END) 886 break; 887 /* 888 * If the current entry has a name type of POSIX, the name is 889 * case sensitive and not otherwise. This has the effect of us 890 * not being able to access any POSIX file names which collate 891 * after the non-POSIX one when they only differ in case, but 892 * anyone doing screwy stuff like that deserves to burn in 893 * hell... Doing that kind of stuff on NT4 actually causes 894 * corruption on the partition even when using SP6a and Linux 895 * is not involved at all. 896 */ 897 ic = ie->key.file_name.file_name_type ? IGNORE_CASE : 898 CASE_SENSITIVE; 899 /* 900 * If the names match perfectly, we are done and return the 901 * mft reference of the inode (i.e. the inode number together 902 * with the sequence number for consistency checking. We 903 * convert it to cpu format before returning. 904 */ 905 if (ntfs_are_names_equal(uname, uname_len, 906 (ntfschar*)&ie->key.file_name.file_name, 907 ie->key.file_name.file_name_length, ic, 908 vol->upcase, vol->upcase_len)) { 909 found_it2: 910 mref = le64_to_cpu(ie->data.dir.indexed_file); 911 unlock_page(page); 912 ntfs_unmap_page(page); 913 return mref; 914 } 915 /* 916 * Not a perfect match, need to do full blown collation so we 917 * know which way in the B+tree we have to go. 918 */ 919 rc = ntfs_collate_names(uname, uname_len, 920 (ntfschar*)&ie->key.file_name.file_name, 921 ie->key.file_name.file_name_length, 1, 922 IGNORE_CASE, vol->upcase, vol->upcase_len); 923 /* 924 * If uname collates before the name of the current entry, there 925 * is definitely no such name in this index but we might need to 926 * descend into the B+tree so we just break out of the loop. 927 */ 928 if (rc == -1) 929 break; 930 /* The names are not equal, continue the search. */ 931 if (rc) 932 continue; 933 /* 934 * Names match with case insensitive comparison, now try the 935 * case sensitive comparison, which is required for proper 936 * collation. 937 */ 938 rc = ntfs_collate_names(uname, uname_len, 939 (ntfschar*)&ie->key.file_name.file_name, 940 ie->key.file_name.file_name_length, 1, 941 CASE_SENSITIVE, vol->upcase, vol->upcase_len); 942 if (rc == -1) 943 break; 944 if (rc) 945 continue; 946 /* 947 * Perfect match, this will never happen as the 948 * ntfs_are_names_equal() call will have gotten a match but we 949 * still treat it correctly. 950 */ 951 goto found_it2; 952 } 953 /* 954 * We have finished with this index buffer without success. Check for 955 * the presence of a child node. 956 */ 957 if (ie->flags & INDEX_ENTRY_NODE) { 958 if ((ia->index.flags & NODE_MASK) == LEAF_NODE) { 959 ntfs_error(sb, "Index entry with child node found in " 960 "a leaf node in directory inode 0x%lx.", 961 dir_ni->mft_no); 962 goto unm_err_out; 963 } 964 /* Child node present, descend into it. */ 965 old_vcn = vcn; 966 vcn = sle64_to_cpup((u8*)ie + le16_to_cpu(ie->length) - 8); 967 if (vcn >= 0) { 968 /* If vcn is in the same page cache page as old_vcn we 969 * recycle the mapped page. */ 970 if (old_vcn << vol->cluster_size_bits >> 971 PAGE_CACHE_SHIFT == vcn << 972 vol->cluster_size_bits >> 973 PAGE_CACHE_SHIFT) 974 goto fast_descend_into_child_node; 975 unlock_page(page); 976 ntfs_unmap_page(page); 977 goto descend_into_child_node; 978 } 979 ntfs_error(sb, "Negative child node vcn in directory inode " 980 "0x%lx.", dir_ni->mft_no); 981 goto unm_err_out; 982 } 983 /* No child node, return -ENOENT. */ 984 ntfs_debug("Entry not found."); 985 err = -ENOENT; 986 unm_err_out: 987 unlock_page(page); 988 ntfs_unmap_page(page); 989 err_out: 990 if (!err) 991 err = -EIO; 992 if (ctx) 993 ntfs_attr_put_search_ctx(ctx); 994 if (m) 995 unmap_mft_record(dir_ni); 996 return ERR_MREF(err); 997 dir_err_out: 998 ntfs_error(sb, "Corrupt directory. Aborting lookup."); 999 goto err_out; 1000 } 1001 1002 #endif 1003 1004 /** 1005 * ntfs_filldir - ntfs specific filldir method 1006 * @vol: current ntfs volume 1007 * @fpos: position in the directory 1008 * @ndir: ntfs inode of current directory 1009 * @ia_page: page in which the index allocation buffer @ie is in resides 1010 * @ie: current index entry 1011 * @name: buffer to use for the converted name 1012 * @dirent: vfs filldir callback context 1013 * @filldir: vfs filldir callback 1014 * 1015 * Convert the Unicode @name to the loaded NLS and pass it to the @filldir 1016 * callback. 1017 * 1018 * If @ia_page is not NULL it is the locked page containing the index 1019 * allocation block containing the index entry @ie. 1020 * 1021 * Note, we drop (and then reacquire) the page lock on @ia_page across the 1022 * @filldir() call otherwise we would deadlock with NFSd when it calls ->lookup 1023 * since ntfs_lookup() will lock the same page. As an optimization, we do not 1024 * retake the lock if we are returning a non-zero value as ntfs_readdir() 1025 * would need to drop the lock immediately anyway. 1026 */ ntfs_filldir(ntfs_volume * vol,loff_t fpos,ntfs_inode * ndir,struct page * ia_page,INDEX_ENTRY * ie,u8 * name,void * dirent,filldir_t filldir)1027 static inline int ntfs_filldir(ntfs_volume *vol, loff_t fpos, 1028 ntfs_inode *ndir, struct page *ia_page, INDEX_ENTRY *ie, 1029 u8 *name, void *dirent, filldir_t filldir) 1030 { 1031 unsigned long mref; 1032 int name_len, rc; 1033 unsigned dt_type; 1034 FILE_NAME_TYPE_FLAGS name_type; 1035 1036 name_type = ie->key.file_name.file_name_type; 1037 if (name_type == FILE_NAME_DOS) { 1038 ntfs_debug("Skipping DOS name space entry."); 1039 return 0; 1040 } 1041 if (MREF_LE(ie->data.dir.indexed_file) == FILE_root) { 1042 ntfs_debug("Skipping root directory self reference entry."); 1043 return 0; 1044 } 1045 if (MREF_LE(ie->data.dir.indexed_file) < FILE_first_user && 1046 !NVolShowSystemFiles(vol)) { 1047 ntfs_debug("Skipping system file."); 1048 return 0; 1049 } 1050 name_len = ntfs_ucstonls(vol, (ntfschar*)&ie->key.file_name.file_name, 1051 ie->key.file_name.file_name_length, &name, 1052 NTFS_MAX_NAME_LEN * NLS_MAX_CHARSET_SIZE + 1); 1053 if (name_len <= 0) { 1054 ntfs_warning(vol->sb, "Skipping unrepresentable inode 0x%llx.", 1055 (long long)MREF_LE(ie->data.dir.indexed_file)); 1056 return 0; 1057 } 1058 if (ie->key.file_name.file_attributes & 1059 FILE_ATTR_DUP_FILE_NAME_INDEX_PRESENT) 1060 dt_type = DT_DIR; 1061 else 1062 dt_type = DT_REG; 1063 mref = MREF_LE(ie->data.dir.indexed_file); 1064 /* 1065 * Drop the page lock otherwise we deadlock with NFS when it calls 1066 * ->lookup since ntfs_lookup() will lock the same page. 1067 */ 1068 if (ia_page) 1069 unlock_page(ia_page); 1070 ntfs_debug("Calling filldir for %s with len %i, fpos 0x%llx, inode " 1071 "0x%lx, DT_%s.", name, name_len, fpos, mref, 1072 dt_type == DT_DIR ? "DIR" : "REG"); 1073 rc = filldir(dirent, name, name_len, fpos, mref, dt_type); 1074 /* Relock the page but not if we are aborting ->readdir. */ 1075 if (!rc && ia_page) 1076 lock_page(ia_page); 1077 return rc; 1078 } 1079 1080 /* 1081 * We use the same basic approach as the old NTFS driver, i.e. we parse the 1082 * index root entries and then the index allocation entries that are marked 1083 * as in use in the index bitmap. 1084 * 1085 * While this will return the names in random order this doesn't matter for 1086 * ->readdir but OTOH results in a faster ->readdir. 1087 * 1088 * VFS calls ->readdir without BKL but with i_mutex held. This protects the VFS 1089 * parts (e.g. ->f_pos and ->i_size, and it also protects against directory 1090 * modifications). 1091 * 1092 * Locking: - Caller must hold i_mutex on the directory. 1093 * - Each page cache page in the index allocation mapping must be 1094 * locked whilst being accessed otherwise we may find a corrupt 1095 * page due to it being under ->writepage at the moment which 1096 * applies the mst protection fixups before writing out and then 1097 * removes them again after the write is complete after which it 1098 * unlocks the page. 1099 */ ntfs_readdir(struct file * filp,void * dirent,filldir_t filldir)1100 static int ntfs_readdir(struct file *filp, void *dirent, filldir_t filldir) 1101 { 1102 s64 ia_pos, ia_start, prev_ia_pos, bmp_pos; 1103 loff_t fpos, i_size; 1104 struct inode *bmp_vi, *vdir = filp->f_path.dentry->d_inode; 1105 struct super_block *sb = vdir->i_sb; 1106 ntfs_inode *ndir = NTFS_I(vdir); 1107 ntfs_volume *vol = NTFS_SB(sb); 1108 MFT_RECORD *m; 1109 INDEX_ROOT *ir = NULL; 1110 INDEX_ENTRY *ie; 1111 INDEX_ALLOCATION *ia; 1112 u8 *name = NULL; 1113 int rc, err, ir_pos, cur_bmp_pos; 1114 struct address_space *ia_mapping, *bmp_mapping; 1115 struct page *bmp_page = NULL, *ia_page = NULL; 1116 u8 *kaddr, *bmp, *index_end; 1117 ntfs_attr_search_ctx *ctx; 1118 1119 fpos = filp->f_pos; 1120 ntfs_debug("Entering for inode 0x%lx, fpos 0x%llx.", 1121 vdir->i_ino, fpos); 1122 rc = err = 0; 1123 /* Are we at end of dir yet? */ 1124 i_size = i_size_read(vdir); 1125 if (fpos >= i_size + vol->mft_record_size) 1126 goto done; 1127 /* Emulate . and .. for all directories. */ 1128 if (!fpos) { 1129 ntfs_debug("Calling filldir for . with len 1, fpos 0x0, " 1130 "inode 0x%lx, DT_DIR.", vdir->i_ino); 1131 rc = filldir(dirent, ".", 1, fpos, vdir->i_ino, DT_DIR); 1132 if (rc) 1133 goto done; 1134 fpos++; 1135 } 1136 if (fpos == 1) { 1137 ntfs_debug("Calling filldir for .. with len 2, fpos 0x1, " 1138 "inode 0x%lx, DT_DIR.", 1139 (unsigned long)parent_ino(filp->f_path.dentry)); 1140 rc = filldir(dirent, "..", 2, fpos, 1141 parent_ino(filp->f_path.dentry), DT_DIR); 1142 if (rc) 1143 goto done; 1144 fpos++; 1145 } 1146 m = NULL; 1147 ctx = NULL; 1148 /* 1149 * Allocate a buffer to store the current name being processed 1150 * converted to format determined by current NLS. 1151 */ 1152 name = kmalloc(NTFS_MAX_NAME_LEN * NLS_MAX_CHARSET_SIZE + 1, GFP_NOFS); 1153 if (unlikely(!name)) { 1154 err = -ENOMEM; 1155 goto err_out; 1156 } 1157 /* Are we jumping straight into the index allocation attribute? */ 1158 if (fpos >= vol->mft_record_size) 1159 goto skip_index_root; 1160 /* Get hold of the mft record for the directory. */ 1161 m = map_mft_record(ndir); 1162 if (IS_ERR(m)) { 1163 err = PTR_ERR(m); 1164 m = NULL; 1165 goto err_out; 1166 } 1167 ctx = ntfs_attr_get_search_ctx(ndir, m); 1168 if (unlikely(!ctx)) { 1169 err = -ENOMEM; 1170 goto err_out; 1171 } 1172 /* Get the offset into the index root attribute. */ 1173 ir_pos = (s64)fpos; 1174 /* Find the index root attribute in the mft record. */ 1175 err = ntfs_attr_lookup(AT_INDEX_ROOT, I30, 4, CASE_SENSITIVE, 0, NULL, 1176 0, ctx); 1177 if (unlikely(err)) { 1178 ntfs_error(sb, "Index root attribute missing in directory " 1179 "inode 0x%lx.", vdir->i_ino); 1180 goto err_out; 1181 } 1182 /* 1183 * Copy the index root attribute value to a buffer so that we can put 1184 * the search context and unmap the mft record before calling the 1185 * filldir() callback. We need to do this because of NFSd which calls 1186 * ->lookup() from its filldir callback() and this causes NTFS to 1187 * deadlock as ntfs_lookup() maps the mft record of the directory and 1188 * we have got it mapped here already. The only solution is for us to 1189 * unmap the mft record here so that a call to ntfs_lookup() is able to 1190 * map the mft record without deadlocking. 1191 */ 1192 rc = le32_to_cpu(ctx->attr->data.resident.value_length); 1193 ir = kmalloc(rc, GFP_NOFS); 1194 if (unlikely(!ir)) { 1195 err = -ENOMEM; 1196 goto err_out; 1197 } 1198 /* Copy the index root value (it has been verified in read_inode). */ 1199 memcpy(ir, (u8*)ctx->attr + 1200 le16_to_cpu(ctx->attr->data.resident.value_offset), rc); 1201 ntfs_attr_put_search_ctx(ctx); 1202 unmap_mft_record(ndir); 1203 ctx = NULL; 1204 m = NULL; 1205 index_end = (u8*)&ir->index + le32_to_cpu(ir->index.index_length); 1206 /* The first index entry. */ 1207 ie = (INDEX_ENTRY*)((u8*)&ir->index + 1208 le32_to_cpu(ir->index.entries_offset)); 1209 /* 1210 * Loop until we exceed valid memory (corruption case) or until we 1211 * reach the last entry or until filldir tells us it has had enough 1212 * or signals an error (both covered by the rc test). 1213 */ 1214 for (;; ie = (INDEX_ENTRY*)((u8*)ie + le16_to_cpu(ie->length))) { 1215 ntfs_debug("In index root, offset 0x%zx.", (u8*)ie - (u8*)ir); 1216 /* Bounds checks. */ 1217 if (unlikely((u8*)ie < (u8*)ir || (u8*)ie + 1218 sizeof(INDEX_ENTRY_HEADER) > index_end || 1219 (u8*)ie + le16_to_cpu(ie->key_length) > 1220 index_end)) 1221 goto err_out; 1222 /* The last entry cannot contain a name. */ 1223 if (ie->flags & INDEX_ENTRY_END) 1224 break; 1225 /* Skip index root entry if continuing previous readdir. */ 1226 if (ir_pos > (u8*)ie - (u8*)ir) 1227 continue; 1228 /* Advance the position even if going to skip the entry. */ 1229 fpos = (u8*)ie - (u8*)ir; 1230 /* Submit the name to the filldir callback. */ 1231 rc = ntfs_filldir(vol, fpos, ndir, NULL, ie, name, dirent, 1232 filldir); 1233 if (rc) { 1234 kfree(ir); 1235 goto abort; 1236 } 1237 } 1238 /* We are done with the index root and can free the buffer. */ 1239 kfree(ir); 1240 ir = NULL; 1241 /* If there is no index allocation attribute we are finished. */ 1242 if (!NInoIndexAllocPresent(ndir)) 1243 goto EOD; 1244 /* Advance fpos to the beginning of the index allocation. */ 1245 fpos = vol->mft_record_size; 1246 skip_index_root: 1247 kaddr = NULL; 1248 prev_ia_pos = -1LL; 1249 /* Get the offset into the index allocation attribute. */ 1250 ia_pos = (s64)fpos - vol->mft_record_size; 1251 ia_mapping = vdir->i_mapping; 1252 ntfs_debug("Inode 0x%lx, getting index bitmap.", vdir->i_ino); 1253 bmp_vi = ntfs_attr_iget(vdir, AT_BITMAP, I30, 4); 1254 if (IS_ERR(bmp_vi)) { 1255 ntfs_error(sb, "Failed to get bitmap attribute."); 1256 err = PTR_ERR(bmp_vi); 1257 goto err_out; 1258 } 1259 bmp_mapping = bmp_vi->i_mapping; 1260 /* Get the starting bitmap bit position and sanity check it. */ 1261 bmp_pos = ia_pos >> ndir->itype.index.block_size_bits; 1262 if (unlikely(bmp_pos >> 3 >= i_size_read(bmp_vi))) { 1263 ntfs_error(sb, "Current index allocation position exceeds " 1264 "index bitmap size."); 1265 goto iput_err_out; 1266 } 1267 /* Get the starting bit position in the current bitmap page. */ 1268 cur_bmp_pos = bmp_pos & ((PAGE_CACHE_SIZE * 8) - 1); 1269 bmp_pos &= ~(u64)((PAGE_CACHE_SIZE * 8) - 1); 1270 get_next_bmp_page: 1271 ntfs_debug("Reading bitmap with page index 0x%llx, bit ofs 0x%llx", 1272 (unsigned long long)bmp_pos >> (3 + PAGE_CACHE_SHIFT), 1273 (unsigned long long)bmp_pos & 1274 (unsigned long long)((PAGE_CACHE_SIZE * 8) - 1)); 1275 bmp_page = ntfs_map_page(bmp_mapping, 1276 bmp_pos >> (3 + PAGE_CACHE_SHIFT)); 1277 if (IS_ERR(bmp_page)) { 1278 ntfs_error(sb, "Reading index bitmap failed."); 1279 err = PTR_ERR(bmp_page); 1280 bmp_page = NULL; 1281 goto iput_err_out; 1282 } 1283 bmp = (u8*)page_address(bmp_page); 1284 /* Find next index block in use. */ 1285 while (!(bmp[cur_bmp_pos >> 3] & (1 << (cur_bmp_pos & 7)))) { 1286 find_next_index_buffer: 1287 cur_bmp_pos++; 1288 /* 1289 * If we have reached the end of the bitmap page, get the next 1290 * page, and put away the old one. 1291 */ 1292 if (unlikely((cur_bmp_pos >> 3) >= PAGE_CACHE_SIZE)) { 1293 ntfs_unmap_page(bmp_page); 1294 bmp_pos += PAGE_CACHE_SIZE * 8; 1295 cur_bmp_pos = 0; 1296 goto get_next_bmp_page; 1297 } 1298 /* If we have reached the end of the bitmap, we are done. */ 1299 if (unlikely(((bmp_pos + cur_bmp_pos) >> 3) >= i_size)) 1300 goto unm_EOD; 1301 ia_pos = (bmp_pos + cur_bmp_pos) << 1302 ndir->itype.index.block_size_bits; 1303 } 1304 ntfs_debug("Handling index buffer 0x%llx.", 1305 (unsigned long long)bmp_pos + cur_bmp_pos); 1306 /* If the current index buffer is in the same page we reuse the page. */ 1307 if ((prev_ia_pos & (s64)PAGE_CACHE_MASK) != 1308 (ia_pos & (s64)PAGE_CACHE_MASK)) { 1309 prev_ia_pos = ia_pos; 1310 if (likely(ia_page != NULL)) { 1311 unlock_page(ia_page); 1312 ntfs_unmap_page(ia_page); 1313 } 1314 /* 1315 * Map the page cache page containing the current ia_pos, 1316 * reading it from disk if necessary. 1317 */ 1318 ia_page = ntfs_map_page(ia_mapping, ia_pos >> PAGE_CACHE_SHIFT); 1319 if (IS_ERR(ia_page)) { 1320 ntfs_error(sb, "Reading index allocation data failed."); 1321 err = PTR_ERR(ia_page); 1322 ia_page = NULL; 1323 goto err_out; 1324 } 1325 lock_page(ia_page); 1326 kaddr = (u8*)page_address(ia_page); 1327 } 1328 /* Get the current index buffer. */ 1329 ia = (INDEX_ALLOCATION*)(kaddr + (ia_pos & ~PAGE_CACHE_MASK & 1330 ~(s64)(ndir->itype.index.block_size - 1))); 1331 /* Bounds checks. */ 1332 if (unlikely((u8*)ia < kaddr || (u8*)ia > kaddr + PAGE_CACHE_SIZE)) { 1333 ntfs_error(sb, "Out of bounds check failed. Corrupt directory " 1334 "inode 0x%lx or driver bug.", vdir->i_ino); 1335 goto err_out; 1336 } 1337 /* Catch multi sector transfer fixup errors. */ 1338 if (unlikely(!ntfs_is_indx_record(ia->magic))) { 1339 ntfs_error(sb, "Directory index record with vcn 0x%llx is " 1340 "corrupt. Corrupt inode 0x%lx. Run chkdsk.", 1341 (unsigned long long)ia_pos >> 1342 ndir->itype.index.vcn_size_bits, vdir->i_ino); 1343 goto err_out; 1344 } 1345 if (unlikely(sle64_to_cpu(ia->index_block_vcn) != (ia_pos & 1346 ~(s64)(ndir->itype.index.block_size - 1)) >> 1347 ndir->itype.index.vcn_size_bits)) { 1348 ntfs_error(sb, "Actual VCN (0x%llx) of index buffer is " 1349 "different from expected VCN (0x%llx). " 1350 "Directory inode 0x%lx is corrupt or driver " 1351 "bug. ", (unsigned long long) 1352 sle64_to_cpu(ia->index_block_vcn), 1353 (unsigned long long)ia_pos >> 1354 ndir->itype.index.vcn_size_bits, vdir->i_ino); 1355 goto err_out; 1356 } 1357 if (unlikely(le32_to_cpu(ia->index.allocated_size) + 0x18 != 1358 ndir->itype.index.block_size)) { 1359 ntfs_error(sb, "Index buffer (VCN 0x%llx) of directory inode " 1360 "0x%lx has a size (%u) differing from the " 1361 "directory specified size (%u). Directory " 1362 "inode is corrupt or driver bug.", 1363 (unsigned long long)ia_pos >> 1364 ndir->itype.index.vcn_size_bits, vdir->i_ino, 1365 le32_to_cpu(ia->index.allocated_size) + 0x18, 1366 ndir->itype.index.block_size); 1367 goto err_out; 1368 } 1369 index_end = (u8*)ia + ndir->itype.index.block_size; 1370 if (unlikely(index_end > kaddr + PAGE_CACHE_SIZE)) { 1371 ntfs_error(sb, "Index buffer (VCN 0x%llx) of directory inode " 1372 "0x%lx crosses page boundary. Impossible! " 1373 "Cannot access! This is probably a bug in the " 1374 "driver.", (unsigned long long)ia_pos >> 1375 ndir->itype.index.vcn_size_bits, vdir->i_ino); 1376 goto err_out; 1377 } 1378 ia_start = ia_pos & ~(s64)(ndir->itype.index.block_size - 1); 1379 index_end = (u8*)&ia->index + le32_to_cpu(ia->index.index_length); 1380 if (unlikely(index_end > (u8*)ia + ndir->itype.index.block_size)) { 1381 ntfs_error(sb, "Size of index buffer (VCN 0x%llx) of directory " 1382 "inode 0x%lx exceeds maximum size.", 1383 (unsigned long long)ia_pos >> 1384 ndir->itype.index.vcn_size_bits, vdir->i_ino); 1385 goto err_out; 1386 } 1387 /* The first index entry in this index buffer. */ 1388 ie = (INDEX_ENTRY*)((u8*)&ia->index + 1389 le32_to_cpu(ia->index.entries_offset)); 1390 /* 1391 * Loop until we exceed valid memory (corruption case) or until we 1392 * reach the last entry or until filldir tells us it has had enough 1393 * or signals an error (both covered by the rc test). 1394 */ 1395 for (;; ie = (INDEX_ENTRY*)((u8*)ie + le16_to_cpu(ie->length))) { 1396 ntfs_debug("In index allocation, offset 0x%llx.", 1397 (unsigned long long)ia_start + 1398 (unsigned long long)((u8*)ie - (u8*)ia)); 1399 /* Bounds checks. */ 1400 if (unlikely((u8*)ie < (u8*)ia || (u8*)ie + 1401 sizeof(INDEX_ENTRY_HEADER) > index_end || 1402 (u8*)ie + le16_to_cpu(ie->key_length) > 1403 index_end)) 1404 goto err_out; 1405 /* The last entry cannot contain a name. */ 1406 if (ie->flags & INDEX_ENTRY_END) 1407 break; 1408 /* Skip index block entry if continuing previous readdir. */ 1409 if (ia_pos - ia_start > (u8*)ie - (u8*)ia) 1410 continue; 1411 /* Advance the position even if going to skip the entry. */ 1412 fpos = (u8*)ie - (u8*)ia + 1413 (sle64_to_cpu(ia->index_block_vcn) << 1414 ndir->itype.index.vcn_size_bits) + 1415 vol->mft_record_size; 1416 /* 1417 * Submit the name to the @filldir callback. Note, 1418 * ntfs_filldir() drops the lock on @ia_page but it retakes it 1419 * before returning, unless a non-zero value is returned in 1420 * which case the page is left unlocked. 1421 */ 1422 rc = ntfs_filldir(vol, fpos, ndir, ia_page, ie, name, dirent, 1423 filldir); 1424 if (rc) { 1425 /* @ia_page is already unlocked in this case. */ 1426 ntfs_unmap_page(ia_page); 1427 ntfs_unmap_page(bmp_page); 1428 iput(bmp_vi); 1429 goto abort; 1430 } 1431 } 1432 goto find_next_index_buffer; 1433 unm_EOD: 1434 if (ia_page) { 1435 unlock_page(ia_page); 1436 ntfs_unmap_page(ia_page); 1437 } 1438 ntfs_unmap_page(bmp_page); 1439 iput(bmp_vi); 1440 EOD: 1441 /* We are finished, set fpos to EOD. */ 1442 fpos = i_size + vol->mft_record_size; 1443 abort: 1444 kfree(name); 1445 done: 1446 #ifdef DEBUG 1447 if (!rc) 1448 ntfs_debug("EOD, fpos 0x%llx, returning 0.", fpos); 1449 else 1450 ntfs_debug("filldir returned %i, fpos 0x%llx, returning 0.", 1451 rc, fpos); 1452 #endif 1453 filp->f_pos = fpos; 1454 return 0; 1455 err_out: 1456 if (bmp_page) { 1457 ntfs_unmap_page(bmp_page); 1458 iput_err_out: 1459 iput(bmp_vi); 1460 } 1461 if (ia_page) { 1462 unlock_page(ia_page); 1463 ntfs_unmap_page(ia_page); 1464 } 1465 kfree(ir); 1466 kfree(name); 1467 if (ctx) 1468 ntfs_attr_put_search_ctx(ctx); 1469 if (m) 1470 unmap_mft_record(ndir); 1471 if (!err) 1472 err = -EIO; 1473 ntfs_debug("Failed. Returning error code %i.", -err); 1474 filp->f_pos = fpos; 1475 return err; 1476 } 1477 1478 /** 1479 * ntfs_dir_open - called when an inode is about to be opened 1480 * @vi: inode to be opened 1481 * @filp: file structure describing the inode 1482 * 1483 * Limit directory size to the page cache limit on architectures where unsigned 1484 * long is 32-bits. This is the most we can do for now without overflowing the 1485 * page cache page index. Doing it this way means we don't run into problems 1486 * because of existing too large directories. It would be better to allow the 1487 * user to read the accessible part of the directory but I doubt very much 1488 * anyone is going to hit this check on a 32-bit architecture, so there is no 1489 * point in adding the extra complexity required to support this. 1490 * 1491 * On 64-bit architectures, the check is hopefully optimized away by the 1492 * compiler. 1493 */ ntfs_dir_open(struct inode * vi,struct file * filp)1494 static int ntfs_dir_open(struct inode *vi, struct file *filp) 1495 { 1496 if (sizeof(unsigned long) < 8) { 1497 if (i_size_read(vi) > MAX_LFS_FILESIZE) 1498 return -EFBIG; 1499 } 1500 return 0; 1501 } 1502 1503 #ifdef NTFS_RW 1504 1505 /** 1506 * ntfs_dir_fsync - sync a directory to disk 1507 * @filp: directory to be synced 1508 * @dentry: dentry describing the directory to sync 1509 * @datasync: if non-zero only flush user data and not metadata 1510 * 1511 * Data integrity sync of a directory to disk. Used for fsync, fdatasync, and 1512 * msync system calls. This function is based on file.c::ntfs_file_fsync(). 1513 * 1514 * Write the mft record and all associated extent mft records as well as the 1515 * $INDEX_ALLOCATION and $BITMAP attributes and then sync the block device. 1516 * 1517 * If @datasync is true, we do not wait on the inode(s) to be written out 1518 * but we always wait on the page cache pages to be written out. 1519 * 1520 * Note: In the past @filp could be NULL so we ignore it as we don't need it 1521 * anyway. 1522 * 1523 * Locking: Caller must hold i_mutex on the inode. 1524 * 1525 * TODO: We should probably also write all attribute/index inodes associated 1526 * with this inode but since we have no simple way of getting to them we ignore 1527 * this problem for now. We do write the $BITMAP attribute if it is present 1528 * which is the important one for a directory so things are not too bad. 1529 */ ntfs_dir_fsync(struct file * filp,loff_t start,loff_t end,int datasync)1530 static int ntfs_dir_fsync(struct file *filp, loff_t start, loff_t end, 1531 int datasync) 1532 { 1533 struct inode *bmp_vi, *vi = filp->f_mapping->host; 1534 int err, ret; 1535 ntfs_attr na; 1536 1537 ntfs_debug("Entering for inode 0x%lx.", vi->i_ino); 1538 1539 err = filemap_write_and_wait_range(vi->i_mapping, start, end); 1540 if (err) 1541 return err; 1542 mutex_lock(&vi->i_mutex); 1543 1544 BUG_ON(!S_ISDIR(vi->i_mode)); 1545 /* If the bitmap attribute inode is in memory sync it, too. */ 1546 na.mft_no = vi->i_ino; 1547 na.type = AT_BITMAP; 1548 na.name = I30; 1549 na.name_len = 4; 1550 bmp_vi = ilookup5(vi->i_sb, vi->i_ino, (test_t)ntfs_test_inode, &na); 1551 if (bmp_vi) { 1552 write_inode_now(bmp_vi, !datasync); 1553 iput(bmp_vi); 1554 } 1555 ret = __ntfs_write_inode(vi, 1); 1556 write_inode_now(vi, !datasync); 1557 err = sync_blockdev(vi->i_sb->s_bdev); 1558 if (unlikely(err && !ret)) 1559 ret = err; 1560 if (likely(!ret)) 1561 ntfs_debug("Done."); 1562 else 1563 ntfs_warning(vi->i_sb, "Failed to f%ssync inode 0x%lx. Error " 1564 "%u.", datasync ? "data" : "", vi->i_ino, -ret); 1565 mutex_unlock(&vi->i_mutex); 1566 return ret; 1567 } 1568 1569 #endif /* NTFS_RW */ 1570 1571 const struct file_operations ntfs_dir_ops = { 1572 .llseek = generic_file_llseek, /* Seek inside directory. */ 1573 .read = generic_read_dir, /* Return -EISDIR. */ 1574 .readdir = ntfs_readdir, /* Read directory contents. */ 1575 #ifdef NTFS_RW 1576 .fsync = ntfs_dir_fsync, /* Sync a directory to disk. */ 1577 /*.aio_fsync = ,*/ /* Sync all outstanding async 1578 i/o operations on a kiocb. */ 1579 #endif /* NTFS_RW */ 1580 /*.ioctl = ,*/ /* Perform function on the 1581 mounted filesystem. */ 1582 .open = ntfs_dir_open, /* Open directory. */ 1583 }; 1584