1 /*
2 * Copyright (c) 2000-2005 Silicon Graphics, Inc.
3 * Copyright (c) 2013 Red Hat, Inc.
4 * All Rights Reserved.
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License as
8 * published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it would be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
18 */
19 #include "xfs.h"
20 #include "xfs_fs.h"
21 #include "xfs_shared.h"
22 #include "xfs_format.h"
23 #include "xfs_log_format.h"
24 #include "xfs_trans_resv.h"
25 #include "xfs_bit.h"
26 #include "xfs_mount.h"
27 #include "xfs_defer.h"
28 #include "xfs_da_format.h"
29 #include "xfs_da_btree.h"
30 #include "xfs_inode.h"
31 #include "xfs_alloc.h"
32 #include "xfs_trans.h"
33 #include "xfs_inode_item.h"
34 #include "xfs_bmap.h"
35 #include "xfs_bmap_util.h"
36 #include "xfs_attr.h"
37 #include "xfs_attr_leaf.h"
38 #include "xfs_attr_remote.h"
39 #include "xfs_trans_space.h"
40 #include "xfs_trace.h"
41 #include "xfs_cksum.h"
42 #include "xfs_buf_item.h"
43 #include "xfs_error.h"
44
45 #define ATTR_RMTVALUE_MAPSIZE 1 /* # of map entries at once */
46
47 /*
48 * Each contiguous block has a header, so it is not just a simple attribute
49 * length to FSB conversion.
50 */
51 int
xfs_attr3_rmt_blocks(struct xfs_mount * mp,int attrlen)52 xfs_attr3_rmt_blocks(
53 struct xfs_mount *mp,
54 int attrlen)
55 {
56 if (xfs_sb_version_hascrc(&mp->m_sb)) {
57 int buflen = XFS_ATTR3_RMT_BUF_SPACE(mp, mp->m_sb.sb_blocksize);
58 return (attrlen + buflen - 1) / buflen;
59 }
60 return XFS_B_TO_FSB(mp, attrlen);
61 }
62
63 /*
64 * Checking of the remote attribute header is split into two parts. The verifier
65 * does CRC, location and bounds checking, the unpacking function checks the
66 * attribute parameters and owner.
67 */
68 static bool
xfs_attr3_rmt_hdr_ok(void * ptr,xfs_ino_t ino,uint32_t offset,uint32_t size,xfs_daddr_t bno)69 xfs_attr3_rmt_hdr_ok(
70 void *ptr,
71 xfs_ino_t ino,
72 uint32_t offset,
73 uint32_t size,
74 xfs_daddr_t bno)
75 {
76 struct xfs_attr3_rmt_hdr *rmt = ptr;
77
78 if (bno != be64_to_cpu(rmt->rm_blkno))
79 return false;
80 if (offset != be32_to_cpu(rmt->rm_offset))
81 return false;
82 if (size != be32_to_cpu(rmt->rm_bytes))
83 return false;
84 if (ino != be64_to_cpu(rmt->rm_owner))
85 return false;
86
87 /* ok */
88 return true;
89 }
90
91 static bool
xfs_attr3_rmt_verify(struct xfs_mount * mp,void * ptr,int fsbsize,xfs_daddr_t bno)92 xfs_attr3_rmt_verify(
93 struct xfs_mount *mp,
94 void *ptr,
95 int fsbsize,
96 xfs_daddr_t bno)
97 {
98 struct xfs_attr3_rmt_hdr *rmt = ptr;
99
100 if (!xfs_sb_version_hascrc(&mp->m_sb))
101 return false;
102 if (rmt->rm_magic != cpu_to_be32(XFS_ATTR3_RMT_MAGIC))
103 return false;
104 if (!uuid_equal(&rmt->rm_uuid, &mp->m_sb.sb_meta_uuid))
105 return false;
106 if (be64_to_cpu(rmt->rm_blkno) != bno)
107 return false;
108 if (be32_to_cpu(rmt->rm_bytes) > fsbsize - sizeof(*rmt))
109 return false;
110 if (be32_to_cpu(rmt->rm_offset) +
111 be32_to_cpu(rmt->rm_bytes) > XFS_XATTR_SIZE_MAX)
112 return false;
113 if (rmt->rm_owner == 0)
114 return false;
115
116 return true;
117 }
118
119 static void
xfs_attr3_rmt_read_verify(struct xfs_buf * bp)120 xfs_attr3_rmt_read_verify(
121 struct xfs_buf *bp)
122 {
123 struct xfs_mount *mp = bp->b_target->bt_mount;
124 char *ptr;
125 int len;
126 xfs_daddr_t bno;
127 int blksize = mp->m_attr_geo->blksize;
128
129 /* no verification of non-crc buffers */
130 if (!xfs_sb_version_hascrc(&mp->m_sb))
131 return;
132
133 ptr = bp->b_addr;
134 bno = bp->b_bn;
135 len = BBTOB(bp->b_length);
136 ASSERT(len >= blksize);
137
138 while (len > 0) {
139 if (!xfs_verify_cksum(ptr, blksize, XFS_ATTR3_RMT_CRC_OFF)) {
140 xfs_buf_ioerror(bp, -EFSBADCRC);
141 break;
142 }
143 if (!xfs_attr3_rmt_verify(mp, ptr, blksize, bno)) {
144 xfs_buf_ioerror(bp, -EFSCORRUPTED);
145 break;
146 }
147 len -= blksize;
148 ptr += blksize;
149 bno += BTOBB(blksize);
150 }
151
152 if (bp->b_error)
153 xfs_verifier_error(bp);
154 else
155 ASSERT(len == 0);
156 }
157
158 static void
xfs_attr3_rmt_write_verify(struct xfs_buf * bp)159 xfs_attr3_rmt_write_verify(
160 struct xfs_buf *bp)
161 {
162 struct xfs_mount *mp = bp->b_target->bt_mount;
163 int blksize = mp->m_attr_geo->blksize;
164 char *ptr;
165 int len;
166 xfs_daddr_t bno;
167
168 /* no verification of non-crc buffers */
169 if (!xfs_sb_version_hascrc(&mp->m_sb))
170 return;
171
172 ptr = bp->b_addr;
173 bno = bp->b_bn;
174 len = BBTOB(bp->b_length);
175 ASSERT(len >= blksize);
176
177 while (len > 0) {
178 struct xfs_attr3_rmt_hdr *rmt = (struct xfs_attr3_rmt_hdr *)ptr;
179
180 if (!xfs_attr3_rmt_verify(mp, ptr, blksize, bno)) {
181 xfs_buf_ioerror(bp, -EFSCORRUPTED);
182 xfs_verifier_error(bp);
183 return;
184 }
185
186 /*
187 * Ensure we aren't writing bogus LSNs to disk. See
188 * xfs_attr3_rmt_hdr_set() for the explanation.
189 */
190 if (rmt->rm_lsn != cpu_to_be64(NULLCOMMITLSN)) {
191 xfs_buf_ioerror(bp, -EFSCORRUPTED);
192 xfs_verifier_error(bp);
193 return;
194 }
195 xfs_update_cksum(ptr, blksize, XFS_ATTR3_RMT_CRC_OFF);
196
197 len -= blksize;
198 ptr += blksize;
199 bno += BTOBB(blksize);
200 }
201 ASSERT(len == 0);
202 }
203
204 const struct xfs_buf_ops xfs_attr3_rmt_buf_ops = {
205 .name = "xfs_attr3_rmt",
206 .verify_read = xfs_attr3_rmt_read_verify,
207 .verify_write = xfs_attr3_rmt_write_verify,
208 };
209
210 STATIC int
xfs_attr3_rmt_hdr_set(struct xfs_mount * mp,void * ptr,xfs_ino_t ino,uint32_t offset,uint32_t size,xfs_daddr_t bno)211 xfs_attr3_rmt_hdr_set(
212 struct xfs_mount *mp,
213 void *ptr,
214 xfs_ino_t ino,
215 uint32_t offset,
216 uint32_t size,
217 xfs_daddr_t bno)
218 {
219 struct xfs_attr3_rmt_hdr *rmt = ptr;
220
221 if (!xfs_sb_version_hascrc(&mp->m_sb))
222 return 0;
223
224 rmt->rm_magic = cpu_to_be32(XFS_ATTR3_RMT_MAGIC);
225 rmt->rm_offset = cpu_to_be32(offset);
226 rmt->rm_bytes = cpu_to_be32(size);
227 uuid_copy(&rmt->rm_uuid, &mp->m_sb.sb_meta_uuid);
228 rmt->rm_owner = cpu_to_be64(ino);
229 rmt->rm_blkno = cpu_to_be64(bno);
230
231 /*
232 * Remote attribute blocks are written synchronously, so we don't
233 * have an LSN that we can stamp in them that makes any sense to log
234 * recovery. To ensure that log recovery handles overwrites of these
235 * blocks sanely (i.e. once they've been freed and reallocated as some
236 * other type of metadata) we need to ensure that the LSN has a value
237 * that tells log recovery to ignore the LSN and overwrite the buffer
238 * with whatever is in it's log. To do this, we use the magic
239 * NULLCOMMITLSN to indicate that the LSN is invalid.
240 */
241 rmt->rm_lsn = cpu_to_be64(NULLCOMMITLSN);
242
243 return sizeof(struct xfs_attr3_rmt_hdr);
244 }
245
246 /*
247 * Helper functions to copy attribute data in and out of the one disk extents
248 */
249 STATIC int
xfs_attr_rmtval_copyout(struct xfs_mount * mp,struct xfs_buf * bp,xfs_ino_t ino,int * offset,int * valuelen,__uint8_t ** dst)250 xfs_attr_rmtval_copyout(
251 struct xfs_mount *mp,
252 struct xfs_buf *bp,
253 xfs_ino_t ino,
254 int *offset,
255 int *valuelen,
256 __uint8_t **dst)
257 {
258 char *src = bp->b_addr;
259 xfs_daddr_t bno = bp->b_bn;
260 int len = BBTOB(bp->b_length);
261 int blksize = mp->m_attr_geo->blksize;
262
263 ASSERT(len >= blksize);
264
265 while (len > 0 && *valuelen > 0) {
266 int hdr_size = 0;
267 int byte_cnt = XFS_ATTR3_RMT_BUF_SPACE(mp, blksize);
268
269 byte_cnt = min(*valuelen, byte_cnt);
270
271 if (xfs_sb_version_hascrc(&mp->m_sb)) {
272 if (!xfs_attr3_rmt_hdr_ok(src, ino, *offset,
273 byte_cnt, bno)) {
274 xfs_alert(mp,
275 "remote attribute header mismatch bno/off/len/owner (0x%llx/0x%x/Ox%x/0x%llx)",
276 bno, *offset, byte_cnt, ino);
277 return -EFSCORRUPTED;
278 }
279 hdr_size = sizeof(struct xfs_attr3_rmt_hdr);
280 }
281
282 memcpy(*dst, src + hdr_size, byte_cnt);
283
284 /* roll buffer forwards */
285 len -= blksize;
286 src += blksize;
287 bno += BTOBB(blksize);
288
289 /* roll attribute data forwards */
290 *valuelen -= byte_cnt;
291 *dst += byte_cnt;
292 *offset += byte_cnt;
293 }
294 return 0;
295 }
296
297 STATIC void
xfs_attr_rmtval_copyin(struct xfs_mount * mp,struct xfs_buf * bp,xfs_ino_t ino,int * offset,int * valuelen,__uint8_t ** src)298 xfs_attr_rmtval_copyin(
299 struct xfs_mount *mp,
300 struct xfs_buf *bp,
301 xfs_ino_t ino,
302 int *offset,
303 int *valuelen,
304 __uint8_t **src)
305 {
306 char *dst = bp->b_addr;
307 xfs_daddr_t bno = bp->b_bn;
308 int len = BBTOB(bp->b_length);
309 int blksize = mp->m_attr_geo->blksize;
310
311 ASSERT(len >= blksize);
312
313 while (len > 0 && *valuelen > 0) {
314 int hdr_size;
315 int byte_cnt = XFS_ATTR3_RMT_BUF_SPACE(mp, blksize);
316
317 byte_cnt = min(*valuelen, byte_cnt);
318 hdr_size = xfs_attr3_rmt_hdr_set(mp, dst, ino, *offset,
319 byte_cnt, bno);
320
321 memcpy(dst + hdr_size, *src, byte_cnt);
322
323 /*
324 * If this is the last block, zero the remainder of it.
325 * Check that we are actually the last block, too.
326 */
327 if (byte_cnt + hdr_size < blksize) {
328 ASSERT(*valuelen - byte_cnt == 0);
329 ASSERT(len == blksize);
330 memset(dst + hdr_size + byte_cnt, 0,
331 blksize - hdr_size - byte_cnt);
332 }
333
334 /* roll buffer forwards */
335 len -= blksize;
336 dst += blksize;
337 bno += BTOBB(blksize);
338
339 /* roll attribute data forwards */
340 *valuelen -= byte_cnt;
341 *src += byte_cnt;
342 *offset += byte_cnt;
343 }
344 }
345
346 /*
347 * Read the value associated with an attribute from the out-of-line buffer
348 * that we stored it in.
349 */
350 int
xfs_attr_rmtval_get(struct xfs_da_args * args)351 xfs_attr_rmtval_get(
352 struct xfs_da_args *args)
353 {
354 struct xfs_bmbt_irec map[ATTR_RMTVALUE_MAPSIZE];
355 struct xfs_mount *mp = args->dp->i_mount;
356 struct xfs_buf *bp;
357 xfs_dablk_t lblkno = args->rmtblkno;
358 __uint8_t *dst = args->value;
359 int valuelen;
360 int nmap;
361 int error;
362 int blkcnt = args->rmtblkcnt;
363 int i;
364 int offset = 0;
365
366 trace_xfs_attr_rmtval_get(args);
367
368 ASSERT(!(args->flags & ATTR_KERNOVAL));
369 ASSERT(args->rmtvaluelen == args->valuelen);
370
371 valuelen = args->rmtvaluelen;
372 while (valuelen > 0) {
373 nmap = ATTR_RMTVALUE_MAPSIZE;
374 error = xfs_bmapi_read(args->dp, (xfs_fileoff_t)lblkno,
375 blkcnt, map, &nmap,
376 XFS_BMAPI_ATTRFORK);
377 if (error)
378 return error;
379 ASSERT(nmap >= 1);
380
381 for (i = 0; (i < nmap) && (valuelen > 0); i++) {
382 xfs_daddr_t dblkno;
383 int dblkcnt;
384
385 ASSERT((map[i].br_startblock != DELAYSTARTBLOCK) &&
386 (map[i].br_startblock != HOLESTARTBLOCK));
387 dblkno = XFS_FSB_TO_DADDR(mp, map[i].br_startblock);
388 dblkcnt = XFS_FSB_TO_BB(mp, map[i].br_blockcount);
389 error = xfs_trans_read_buf(mp, NULL, mp->m_ddev_targp,
390 dblkno, dblkcnt, 0, &bp,
391 &xfs_attr3_rmt_buf_ops);
392 if (error)
393 return error;
394
395 error = xfs_attr_rmtval_copyout(mp, bp, args->dp->i_ino,
396 &offset, &valuelen,
397 &dst);
398 xfs_buf_relse(bp);
399 if (error)
400 return error;
401
402 /* roll attribute extent map forwards */
403 lblkno += map[i].br_blockcount;
404 blkcnt -= map[i].br_blockcount;
405 }
406 }
407 ASSERT(valuelen == 0);
408 return 0;
409 }
410
411 /*
412 * Write the value associated with an attribute into the out-of-line buffer
413 * that we have defined for it.
414 */
415 int
xfs_attr_rmtval_set(struct xfs_da_args * args)416 xfs_attr_rmtval_set(
417 struct xfs_da_args *args)
418 {
419 struct xfs_inode *dp = args->dp;
420 struct xfs_mount *mp = dp->i_mount;
421 struct xfs_bmbt_irec map;
422 xfs_dablk_t lblkno;
423 xfs_fileoff_t lfileoff = 0;
424 __uint8_t *src = args->value;
425 int blkcnt;
426 int valuelen;
427 int nmap;
428 int error;
429 int offset = 0;
430
431 trace_xfs_attr_rmtval_set(args);
432
433 /*
434 * Find a "hole" in the attribute address space large enough for
435 * us to drop the new attribute's value into. Because CRC enable
436 * attributes have headers, we can't just do a straight byte to FSB
437 * conversion and have to take the header space into account.
438 */
439 blkcnt = xfs_attr3_rmt_blocks(mp, args->rmtvaluelen);
440 error = xfs_bmap_first_unused(args->trans, args->dp, blkcnt, &lfileoff,
441 XFS_ATTR_FORK);
442 if (error)
443 return error;
444
445 args->rmtblkno = lblkno = (xfs_dablk_t)lfileoff;
446 args->rmtblkcnt = blkcnt;
447
448 /*
449 * Roll through the "value", allocating blocks on disk as required.
450 */
451 while (blkcnt > 0) {
452 /*
453 * Allocate a single extent, up to the size of the value.
454 *
455 * Note that we have to consider this a data allocation as we
456 * write the remote attribute without logging the contents.
457 * Hence we must ensure that we aren't using blocks that are on
458 * the busy list so that we don't overwrite blocks which have
459 * recently been freed but their transactions are not yet
460 * committed to disk. If we overwrite the contents of a busy
461 * extent and then crash then the block may not contain the
462 * correct metadata after log recovery occurs.
463 */
464 xfs_defer_init(args->dfops, args->firstblock);
465 nmap = 1;
466 error = xfs_bmapi_write(args->trans, dp, (xfs_fileoff_t)lblkno,
467 blkcnt, XFS_BMAPI_ATTRFORK, args->firstblock,
468 args->total, &map, &nmap, args->dfops);
469 if (!error)
470 error = xfs_defer_finish(&args->trans, args->dfops, dp);
471 if (error) {
472 args->trans = NULL;
473 xfs_defer_cancel(args->dfops);
474 return error;
475 }
476
477 ASSERT(nmap == 1);
478 ASSERT((map.br_startblock != DELAYSTARTBLOCK) &&
479 (map.br_startblock != HOLESTARTBLOCK));
480 lblkno += map.br_blockcount;
481 blkcnt -= map.br_blockcount;
482
483 /*
484 * Start the next trans in the chain.
485 */
486 error = xfs_trans_roll(&args->trans, dp);
487 if (error)
488 return error;
489 }
490
491 /*
492 * Roll through the "value", copying the attribute value to the
493 * already-allocated blocks. Blocks are written synchronously
494 * so that we can know they are all on disk before we turn off
495 * the INCOMPLETE flag.
496 */
497 lblkno = args->rmtblkno;
498 blkcnt = args->rmtblkcnt;
499 valuelen = args->rmtvaluelen;
500 while (valuelen > 0) {
501 struct xfs_buf *bp;
502 xfs_daddr_t dblkno;
503 int dblkcnt;
504
505 ASSERT(blkcnt > 0);
506
507 xfs_defer_init(args->dfops, args->firstblock);
508 nmap = 1;
509 error = xfs_bmapi_read(dp, (xfs_fileoff_t)lblkno,
510 blkcnt, &map, &nmap,
511 XFS_BMAPI_ATTRFORK);
512 if (error)
513 return error;
514 ASSERT(nmap == 1);
515 ASSERT((map.br_startblock != DELAYSTARTBLOCK) &&
516 (map.br_startblock != HOLESTARTBLOCK));
517
518 dblkno = XFS_FSB_TO_DADDR(mp, map.br_startblock),
519 dblkcnt = XFS_FSB_TO_BB(mp, map.br_blockcount);
520
521 bp = xfs_buf_get(mp->m_ddev_targp, dblkno, dblkcnt, 0);
522 if (!bp)
523 return -ENOMEM;
524 bp->b_ops = &xfs_attr3_rmt_buf_ops;
525
526 xfs_attr_rmtval_copyin(mp, bp, args->dp->i_ino, &offset,
527 &valuelen, &src);
528
529 error = xfs_bwrite(bp); /* GROT: NOTE: synchronous write */
530 xfs_buf_relse(bp);
531 if (error)
532 return error;
533
534
535 /* roll attribute extent map forwards */
536 lblkno += map.br_blockcount;
537 blkcnt -= map.br_blockcount;
538 }
539 ASSERT(valuelen == 0);
540 return 0;
541 }
542
543 /*
544 * Remove the value associated with an attribute by deleting the
545 * out-of-line buffer that it is stored on.
546 */
547 int
xfs_attr_rmtval_remove(struct xfs_da_args * args)548 xfs_attr_rmtval_remove(
549 struct xfs_da_args *args)
550 {
551 struct xfs_mount *mp = args->dp->i_mount;
552 xfs_dablk_t lblkno;
553 int blkcnt;
554 int error;
555 int done;
556
557 trace_xfs_attr_rmtval_remove(args);
558
559 /*
560 * Roll through the "value", invalidating the attribute value's blocks.
561 */
562 lblkno = args->rmtblkno;
563 blkcnt = args->rmtblkcnt;
564 while (blkcnt > 0) {
565 struct xfs_bmbt_irec map;
566 struct xfs_buf *bp;
567 xfs_daddr_t dblkno;
568 int dblkcnt;
569 int nmap;
570
571 /*
572 * Try to remember where we decided to put the value.
573 */
574 nmap = 1;
575 error = xfs_bmapi_read(args->dp, (xfs_fileoff_t)lblkno,
576 blkcnt, &map, &nmap, XFS_BMAPI_ATTRFORK);
577 if (error)
578 return error;
579 ASSERT(nmap == 1);
580 ASSERT((map.br_startblock != DELAYSTARTBLOCK) &&
581 (map.br_startblock != HOLESTARTBLOCK));
582
583 dblkno = XFS_FSB_TO_DADDR(mp, map.br_startblock),
584 dblkcnt = XFS_FSB_TO_BB(mp, map.br_blockcount);
585
586 /*
587 * If the "remote" value is in the cache, remove it.
588 */
589 bp = xfs_incore(mp->m_ddev_targp, dblkno, dblkcnt, XBF_TRYLOCK);
590 if (bp) {
591 xfs_buf_stale(bp);
592 xfs_buf_relse(bp);
593 bp = NULL;
594 }
595
596 lblkno += map.br_blockcount;
597 blkcnt -= map.br_blockcount;
598 }
599
600 /*
601 * Keep de-allocating extents until the remote-value region is gone.
602 */
603 lblkno = args->rmtblkno;
604 blkcnt = args->rmtblkcnt;
605 done = 0;
606 while (!done) {
607 xfs_defer_init(args->dfops, args->firstblock);
608 error = xfs_bunmapi(args->trans, args->dp, lblkno, blkcnt,
609 XFS_BMAPI_ATTRFORK, 1, args->firstblock,
610 args->dfops, &done);
611 if (!error)
612 error = xfs_defer_finish(&args->trans, args->dfops,
613 args->dp);
614 if (error) {
615 args->trans = NULL;
616 xfs_defer_cancel(args->dfops);
617 return error;
618 }
619
620 /*
621 * Close out trans and start the next one in the chain.
622 */
623 error = xfs_trans_roll(&args->trans, args->dp);
624 if (error)
625 return error;
626 }
627 return 0;
628 }
629