1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * This file is part of UBIFS.
4 *
5 * Copyright (C) 2006-2008 Nokia Corporation.
6 *
7 * Authors: Adrian Hunter
8 * Artem Bityutskiy (Битюцкий Артём)
9 */
10
11 /*
12 * This file implements TNC (Tree Node Cache) which caches indexing nodes of
13 * the UBIFS B-tree.
14 *
15 * At the moment the locking rules of the TNC tree are quite simple and
16 * straightforward. We just have a mutex and lock it when we traverse the
17 * tree. If a znode is not in memory, we read it from flash while still having
18 * the mutex locked.
19 */
20
21 #include <linux/crc32.h>
22 #include <linux/slab.h>
23 #include "ubifs.h"
24
25 static int try_read_node(const struct ubifs_info *c, void *buf, int type,
26 struct ubifs_zbranch *zbr);
27 static int fallible_read_node(struct ubifs_info *c, const union ubifs_key *key,
28 struct ubifs_zbranch *zbr, void *node);
29
30 /*
31 * Returned codes of 'matches_name()' and 'fallible_matches_name()' functions.
32 * @NAME_LESS: name corresponding to the first argument is less than second
33 * @NAME_MATCHES: names match
34 * @NAME_GREATER: name corresponding to the second argument is greater than
35 * first
36 * @NOT_ON_MEDIA: node referred by zbranch does not exist on the media
37 *
38 * These constants were introduce to improve readability.
39 */
40 enum {
41 NAME_LESS = 0,
42 NAME_MATCHES = 1,
43 NAME_GREATER = 2,
44 NOT_ON_MEDIA = 3,
45 };
46
do_insert_old_idx(struct ubifs_info * c,struct ubifs_old_idx * old_idx)47 static void do_insert_old_idx(struct ubifs_info *c,
48 struct ubifs_old_idx *old_idx)
49 {
50 struct ubifs_old_idx *o;
51 struct rb_node **p, *parent = NULL;
52
53 p = &c->old_idx.rb_node;
54 while (*p) {
55 parent = *p;
56 o = rb_entry(parent, struct ubifs_old_idx, rb);
57 if (old_idx->lnum < o->lnum)
58 p = &(*p)->rb_left;
59 else if (old_idx->lnum > o->lnum)
60 p = &(*p)->rb_right;
61 else if (old_idx->offs < o->offs)
62 p = &(*p)->rb_left;
63 else if (old_idx->offs > o->offs)
64 p = &(*p)->rb_right;
65 else {
66 ubifs_err(c, "old idx added twice!");
67 kfree(old_idx);
68 }
69 }
70 rb_link_node(&old_idx->rb, parent, p);
71 rb_insert_color(&old_idx->rb, &c->old_idx);
72 }
73
74 /**
75 * insert_old_idx - record an index node obsoleted since the last commit start.
76 * @c: UBIFS file-system description object
77 * @lnum: LEB number of obsoleted index node
78 * @offs: offset of obsoleted index node
79 *
80 * Returns %0 on success, and a negative error code on failure.
81 *
82 * For recovery, there must always be a complete intact version of the index on
83 * flash at all times. That is called the "old index". It is the index as at the
84 * time of the last successful commit. Many of the index nodes in the old index
85 * may be dirty, but they must not be erased until the next successful commit
86 * (at which point that index becomes the old index).
87 *
88 * That means that the garbage collection and the in-the-gaps method of
89 * committing must be able to determine if an index node is in the old index.
90 * Most of the old index nodes can be found by looking up the TNC using the
91 * 'lookup_znode()' function. However, some of the old index nodes may have
92 * been deleted from the current index or may have been changed so much that
93 * they cannot be easily found. In those cases, an entry is added to an RB-tree.
94 * That is what this function does. The RB-tree is ordered by LEB number and
95 * offset because they uniquely identify the old index node.
96 */
insert_old_idx(struct ubifs_info * c,int lnum,int offs)97 static int insert_old_idx(struct ubifs_info *c, int lnum, int offs)
98 {
99 struct ubifs_old_idx *old_idx;
100
101 old_idx = kmalloc(sizeof(struct ubifs_old_idx), GFP_NOFS);
102 if (unlikely(!old_idx))
103 return -ENOMEM;
104 old_idx->lnum = lnum;
105 old_idx->offs = offs;
106 do_insert_old_idx(c, old_idx);
107
108 return 0;
109 }
110
111 /**
112 * insert_old_idx_znode - record a znode obsoleted since last commit start.
113 * @c: UBIFS file-system description object
114 * @znode: znode of obsoleted index node
115 *
116 * Returns %0 on success, and a negative error code on failure.
117 */
insert_old_idx_znode(struct ubifs_info * c,struct ubifs_znode * znode)118 int insert_old_idx_znode(struct ubifs_info *c, struct ubifs_znode *znode)
119 {
120 if (znode->parent) {
121 struct ubifs_zbranch *zbr;
122
123 zbr = &znode->parent->zbranch[znode->iip];
124 if (zbr->len)
125 return insert_old_idx(c, zbr->lnum, zbr->offs);
126 } else
127 if (c->zroot.len)
128 return insert_old_idx(c, c->zroot.lnum,
129 c->zroot.offs);
130 return 0;
131 }
132
133 /**
134 * ins_clr_old_idx_znode - record a znode obsoleted since last commit start.
135 * @c: UBIFS file-system description object
136 * @znode: znode of obsoleted index node
137 *
138 * Returns %0 on success, and a negative error code on failure.
139 */
ins_clr_old_idx_znode(struct ubifs_info * c,struct ubifs_znode * znode)140 static int ins_clr_old_idx_znode(struct ubifs_info *c,
141 struct ubifs_znode *znode)
142 {
143 int err;
144
145 if (znode->parent) {
146 struct ubifs_zbranch *zbr;
147
148 zbr = &znode->parent->zbranch[znode->iip];
149 if (zbr->len) {
150 err = insert_old_idx(c, zbr->lnum, zbr->offs);
151 if (err)
152 return err;
153 zbr->lnum = 0;
154 zbr->offs = 0;
155 zbr->len = 0;
156 }
157 } else
158 if (c->zroot.len) {
159 err = insert_old_idx(c, c->zroot.lnum, c->zroot.offs);
160 if (err)
161 return err;
162 c->zroot.lnum = 0;
163 c->zroot.offs = 0;
164 c->zroot.len = 0;
165 }
166 return 0;
167 }
168
169 /**
170 * destroy_old_idx - destroy the old_idx RB-tree.
171 * @c: UBIFS file-system description object
172 *
173 * During start commit, the old_idx RB-tree is used to avoid overwriting index
174 * nodes that were in the index last commit but have since been deleted. This
175 * is necessary for recovery i.e. the old index must be kept intact until the
176 * new index is successfully written. The old-idx RB-tree is used for the
177 * in-the-gaps method of writing index nodes and is destroyed every commit.
178 */
destroy_old_idx(struct ubifs_info * c)179 void destroy_old_idx(struct ubifs_info *c)
180 {
181 struct ubifs_old_idx *old_idx, *n;
182
183 rbtree_postorder_for_each_entry_safe(old_idx, n, &c->old_idx, rb)
184 kfree(old_idx);
185
186 c->old_idx = RB_ROOT;
187 }
188
189 /**
190 * copy_znode - copy a dirty znode.
191 * @c: UBIFS file-system description object
192 * @znode: znode to copy
193 *
194 * A dirty znode being committed may not be changed, so it is copied.
195 */
copy_znode(struct ubifs_info * c,struct ubifs_znode * znode)196 static struct ubifs_znode *copy_znode(struct ubifs_info *c,
197 struct ubifs_znode *znode)
198 {
199 struct ubifs_znode *zn;
200
201 zn = kmemdup(znode, c->max_znode_sz, GFP_NOFS);
202 if (unlikely(!zn))
203 return ERR_PTR(-ENOMEM);
204
205 zn->cnext = NULL;
206 __set_bit(DIRTY_ZNODE, &zn->flags);
207 __clear_bit(COW_ZNODE, &zn->flags);
208
209 return zn;
210 }
211
212 /**
213 * add_idx_dirt - add dirt due to a dirty znode.
214 * @c: UBIFS file-system description object
215 * @lnum: LEB number of index node
216 * @dirt: size of index node
217 *
218 * This function updates lprops dirty space and the new size of the index.
219 */
add_idx_dirt(struct ubifs_info * c,int lnum,int dirt)220 static int add_idx_dirt(struct ubifs_info *c, int lnum, int dirt)
221 {
222 c->calc_idx_sz -= ALIGN(dirt, 8);
223 return ubifs_add_dirt(c, lnum, dirt);
224 }
225
226 /**
227 * replace_znode - replace old znode with new znode.
228 * @c: UBIFS file-system description object
229 * @new_zn: new znode
230 * @old_zn: old znode
231 * @zbr: the branch of parent znode
232 *
233 * Replace old znode with new znode in TNC.
234 */
replace_znode(struct ubifs_info * c,struct ubifs_znode * new_zn,struct ubifs_znode * old_zn,struct ubifs_zbranch * zbr)235 static void replace_znode(struct ubifs_info *c, struct ubifs_znode *new_zn,
236 struct ubifs_znode *old_zn, struct ubifs_zbranch *zbr)
237 {
238 ubifs_assert(c, !ubifs_zn_obsolete(old_zn));
239 __set_bit(OBSOLETE_ZNODE, &old_zn->flags);
240
241 if (old_zn->level != 0) {
242 int i;
243 const int n = new_zn->child_cnt;
244
245 /* The children now have new parent */
246 for (i = 0; i < n; i++) {
247 struct ubifs_zbranch *child = &new_zn->zbranch[i];
248
249 if (child->znode)
250 child->znode->parent = new_zn;
251 }
252 }
253
254 zbr->znode = new_zn;
255 zbr->lnum = 0;
256 zbr->offs = 0;
257 zbr->len = 0;
258
259 atomic_long_inc(&c->dirty_zn_cnt);
260 }
261
262 /**
263 * dirty_cow_znode - ensure a znode is not being committed.
264 * @c: UBIFS file-system description object
265 * @zbr: branch of znode to check
266 *
267 * Returns dirtied znode on success or negative error code on failure.
268 */
dirty_cow_znode(struct ubifs_info * c,struct ubifs_zbranch * zbr)269 static struct ubifs_znode *dirty_cow_znode(struct ubifs_info *c,
270 struct ubifs_zbranch *zbr)
271 {
272 struct ubifs_znode *znode = zbr->znode;
273 struct ubifs_znode *zn;
274 int err;
275
276 if (!ubifs_zn_cow(znode)) {
277 /* znode is not being committed */
278 if (!test_and_set_bit(DIRTY_ZNODE, &znode->flags)) {
279 atomic_long_inc(&c->dirty_zn_cnt);
280 atomic_long_dec(&c->clean_zn_cnt);
281 atomic_long_dec(&ubifs_clean_zn_cnt);
282 err = add_idx_dirt(c, zbr->lnum, zbr->len);
283 if (unlikely(err))
284 return ERR_PTR(err);
285 }
286 return znode;
287 }
288
289 zn = copy_znode(c, znode);
290 if (IS_ERR(zn))
291 return zn;
292
293 if (zbr->len) {
294 struct ubifs_old_idx *old_idx;
295
296 old_idx = kmalloc(sizeof(struct ubifs_old_idx), GFP_NOFS);
297 if (unlikely(!old_idx)) {
298 err = -ENOMEM;
299 goto out;
300 }
301 old_idx->lnum = zbr->lnum;
302 old_idx->offs = zbr->offs;
303
304 err = add_idx_dirt(c, zbr->lnum, zbr->len);
305 if (err) {
306 kfree(old_idx);
307 goto out;
308 }
309
310 do_insert_old_idx(c, old_idx);
311 }
312
313 replace_znode(c, zn, znode, zbr);
314
315 return zn;
316
317 out:
318 kfree(zn);
319 return ERR_PTR(err);
320 }
321
322 /**
323 * lnc_add - add a leaf node to the leaf node cache.
324 * @c: UBIFS file-system description object
325 * @zbr: zbranch of leaf node
326 * @node: leaf node
327 *
328 * Leaf nodes are non-index nodes directory entry nodes or data nodes. The
329 * purpose of the leaf node cache is to save re-reading the same leaf node over
330 * and over again. Most things are cached by VFS, however the file system must
331 * cache directory entries for readdir and for resolving hash collisions. The
332 * present implementation of the leaf node cache is extremely simple, and
333 * allows for error returns that are not used but that may be needed if a more
334 * complex implementation is created.
335 *
336 * Note, this function does not add the @node object to LNC directly, but
337 * allocates a copy of the object and adds the copy to LNC. The reason for this
338 * is that @node has been allocated outside of the TNC subsystem and will be
339 * used with @c->tnc_mutex unlock upon return from the TNC subsystem. But LNC
340 * may be changed at any time, e.g. freed by the shrinker.
341 */
lnc_add(struct ubifs_info * c,struct ubifs_zbranch * zbr,const void * node)342 static int lnc_add(struct ubifs_info *c, struct ubifs_zbranch *zbr,
343 const void *node)
344 {
345 int err;
346 void *lnc_node;
347 const struct ubifs_dent_node *dent = node;
348
349 ubifs_assert(c, !zbr->leaf);
350 ubifs_assert(c, zbr->len != 0);
351 ubifs_assert(c, is_hash_key(c, &zbr->key));
352
353 err = ubifs_validate_entry(c, dent);
354 if (err) {
355 dump_stack();
356 ubifs_dump_node(c, dent, zbr->len);
357 return err;
358 }
359
360 lnc_node = kmemdup(node, zbr->len, GFP_NOFS);
361 if (!lnc_node)
362 /* We don't have to have the cache, so no error */
363 return 0;
364
365 zbr->leaf = lnc_node;
366 return 0;
367 }
368
369 /**
370 * lnc_add_directly - add a leaf node to the leaf-node-cache.
371 * @c: UBIFS file-system description object
372 * @zbr: zbranch of leaf node
373 * @node: leaf node
374 *
375 * This function is similar to 'lnc_add()', but it does not create a copy of
376 * @node but inserts @node to TNC directly.
377 */
lnc_add_directly(struct ubifs_info * c,struct ubifs_zbranch * zbr,void * node)378 static int lnc_add_directly(struct ubifs_info *c, struct ubifs_zbranch *zbr,
379 void *node)
380 {
381 int err;
382
383 ubifs_assert(c, !zbr->leaf);
384 ubifs_assert(c, zbr->len != 0);
385
386 err = ubifs_validate_entry(c, node);
387 if (err) {
388 dump_stack();
389 ubifs_dump_node(c, node, zbr->len);
390 return err;
391 }
392
393 zbr->leaf = node;
394 return 0;
395 }
396
397 /**
398 * lnc_free - remove a leaf node from the leaf node cache.
399 * @zbr: zbranch of leaf node
400 */
lnc_free(struct ubifs_zbranch * zbr)401 static void lnc_free(struct ubifs_zbranch *zbr)
402 {
403 if (!zbr->leaf)
404 return;
405 kfree(zbr->leaf);
406 zbr->leaf = NULL;
407 }
408
409 /**
410 * tnc_read_hashed_node - read a "hashed" leaf node.
411 * @c: UBIFS file-system description object
412 * @zbr: key and position of the node
413 * @node: node is returned here
414 *
415 * This function reads a "hashed" node defined by @zbr from the leaf node cache
416 * (in it is there) or from the hash media, in which case the node is also
417 * added to LNC. Returns zero in case of success or a negative error
418 * code in case of failure.
419 */
tnc_read_hashed_node(struct ubifs_info * c,struct ubifs_zbranch * zbr,void * node)420 static int tnc_read_hashed_node(struct ubifs_info *c, struct ubifs_zbranch *zbr,
421 void *node)
422 {
423 int err;
424
425 ubifs_assert(c, is_hash_key(c, &zbr->key));
426
427 if (zbr->leaf) {
428 /* Read from the leaf node cache */
429 ubifs_assert(c, zbr->len != 0);
430 memcpy(node, zbr->leaf, zbr->len);
431 return 0;
432 }
433
434 if (c->replaying) {
435 err = fallible_read_node(c, &zbr->key, zbr, node);
436 /*
437 * When the node was not found, return -ENOENT, 0 otherwise.
438 * Negative return codes stay as-is.
439 */
440 if (err == 0)
441 err = -ENOENT;
442 else if (err == 1)
443 err = 0;
444 } else {
445 err = ubifs_tnc_read_node(c, zbr, node);
446 }
447 if (err)
448 return err;
449
450 /* Add the node to the leaf node cache */
451 err = lnc_add(c, zbr, node);
452 return err;
453 }
454
455 /**
456 * try_read_node - read a node if it is a node.
457 * @c: UBIFS file-system description object
458 * @buf: buffer to read to
459 * @type: node type
460 * @zbr: the zbranch describing the node to read
461 *
462 * This function tries to read a node of known type and length, checks it and
463 * stores it in @buf. This function returns %1 if a node is present and %0 if
464 * a node is not present. A negative error code is returned for I/O errors.
465 * This function performs that same function as ubifs_read_node except that
466 * it does not require that there is actually a node present and instead
467 * the return code indicates if a node was read.
468 *
469 * Note, this function does not check CRC of data nodes if @c->no_chk_data_crc
470 * is true (it is controlled by corresponding mount option). However, if
471 * @c->mounting or @c->remounting_rw is true (we are mounting or re-mounting to
472 * R/W mode), @c->no_chk_data_crc is ignored and CRC is checked. This is
473 * because during mounting or re-mounting from R/O mode to R/W mode we may read
474 * journal nodes (when replying the journal or doing the recovery) and the
475 * journal nodes may potentially be corrupted, so checking is required.
476 */
try_read_node(const struct ubifs_info * c,void * buf,int type,struct ubifs_zbranch * zbr)477 static int try_read_node(const struct ubifs_info *c, void *buf, int type,
478 struct ubifs_zbranch *zbr)
479 {
480 int len = zbr->len;
481 int lnum = zbr->lnum;
482 int offs = zbr->offs;
483 int err, node_len;
484 struct ubifs_ch *ch = buf;
485 uint32_t crc, node_crc;
486
487 dbg_io("LEB %d:%d, %s, length %d", lnum, offs, dbg_ntype(type), len);
488
489 err = ubifs_leb_read(c, lnum, buf, offs, len, 1);
490 if (err) {
491 ubifs_err(c, "cannot read node type %d from LEB %d:%d, error %d",
492 type, lnum, offs, err);
493 return err;
494 }
495
496 if (le32_to_cpu(ch->magic) != UBIFS_NODE_MAGIC)
497 return 0;
498
499 if (ch->node_type != type)
500 return 0;
501
502 node_len = le32_to_cpu(ch->len);
503 if (node_len != len)
504 return 0;
505
506 if (type != UBIFS_DATA_NODE || !c->no_chk_data_crc || c->mounting ||
507 c->remounting_rw) {
508 crc = crc32(UBIFS_CRC32_INIT, buf + 8, node_len - 8);
509 node_crc = le32_to_cpu(ch->crc);
510 if (crc != node_crc)
511 return 0;
512 }
513
514 err = ubifs_node_check_hash(c, buf, zbr->hash);
515 if (err) {
516 ubifs_bad_hash(c, buf, zbr->hash, lnum, offs);
517 return 0;
518 }
519
520 return 1;
521 }
522
523 /**
524 * fallible_read_node - try to read a leaf node.
525 * @c: UBIFS file-system description object
526 * @key: key of node to read
527 * @zbr: position of node
528 * @node: node returned
529 *
530 * This function tries to read a node and returns %1 if the node is read, %0
531 * if the node is not present, and a negative error code in the case of error.
532 */
fallible_read_node(struct ubifs_info * c,const union ubifs_key * key,struct ubifs_zbranch * zbr,void * node)533 static int fallible_read_node(struct ubifs_info *c, const union ubifs_key *key,
534 struct ubifs_zbranch *zbr, void *node)
535 {
536 int ret;
537
538 dbg_tnck(key, "LEB %d:%d, key ", zbr->lnum, zbr->offs);
539
540 ret = try_read_node(c, node, key_type(c, key), zbr);
541 if (ret == 1) {
542 union ubifs_key node_key;
543 struct ubifs_dent_node *dent = node;
544
545 /* All nodes have key in the same place */
546 key_read(c, &dent->key, &node_key);
547 if (keys_cmp(c, key, &node_key) != 0)
548 ret = 0;
549 }
550 if (ret == 0 && c->replaying)
551 dbg_mntk(key, "dangling branch LEB %d:%d len %d, key ",
552 zbr->lnum, zbr->offs, zbr->len);
553 return ret;
554 }
555
556 /**
557 * matches_name - determine if a direntry or xattr entry matches a given name.
558 * @c: UBIFS file-system description object
559 * @zbr: zbranch of dent
560 * @nm: name to match
561 *
562 * This function checks if xentry/direntry referred by zbranch @zbr matches name
563 * @nm. Returns %NAME_MATCHES if it does, %NAME_LESS if the name referred by
564 * @zbr is less than @nm, and %NAME_GREATER if it is greater than @nm. In case
565 * of failure, a negative error code is returned.
566 */
matches_name(struct ubifs_info * c,struct ubifs_zbranch * zbr,const struct fscrypt_name * nm)567 static int matches_name(struct ubifs_info *c, struct ubifs_zbranch *zbr,
568 const struct fscrypt_name *nm)
569 {
570 struct ubifs_dent_node *dent;
571 int nlen, err;
572
573 /* If possible, match against the dent in the leaf node cache */
574 if (!zbr->leaf) {
575 dent = kmalloc(zbr->len, GFP_NOFS);
576 if (!dent)
577 return -ENOMEM;
578
579 err = ubifs_tnc_read_node(c, zbr, dent);
580 if (err)
581 goto out_free;
582
583 /* Add the node to the leaf node cache */
584 err = lnc_add_directly(c, zbr, dent);
585 if (err)
586 goto out_free;
587 } else
588 dent = zbr->leaf;
589
590 nlen = le16_to_cpu(dent->nlen);
591 err = memcmp(dent->name, fname_name(nm), min_t(int, nlen, fname_len(nm)));
592 if (err == 0) {
593 if (nlen == fname_len(nm))
594 return NAME_MATCHES;
595 else if (nlen < fname_len(nm))
596 return NAME_LESS;
597 else
598 return NAME_GREATER;
599 } else if (err < 0)
600 return NAME_LESS;
601 else
602 return NAME_GREATER;
603
604 out_free:
605 kfree(dent);
606 return err;
607 }
608
609 /**
610 * get_znode - get a TNC znode that may not be loaded yet.
611 * @c: UBIFS file-system description object
612 * @znode: parent znode
613 * @n: znode branch slot number
614 *
615 * This function returns the znode or a negative error code.
616 */
get_znode(struct ubifs_info * c,struct ubifs_znode * znode,int n)617 static struct ubifs_znode *get_znode(struct ubifs_info *c,
618 struct ubifs_znode *znode, int n)
619 {
620 struct ubifs_zbranch *zbr;
621
622 zbr = &znode->zbranch[n];
623 if (zbr->znode)
624 znode = zbr->znode;
625 else
626 znode = ubifs_load_znode(c, zbr, znode, n);
627 return znode;
628 }
629
630 /**
631 * tnc_next - find next TNC entry.
632 * @c: UBIFS file-system description object
633 * @zn: znode is passed and returned here
634 * @n: znode branch slot number is passed and returned here
635 *
636 * This function returns %0 if the next TNC entry is found, %-ENOENT if there is
637 * no next entry, or a negative error code otherwise.
638 */
tnc_next(struct ubifs_info * c,struct ubifs_znode ** zn,int * n)639 static int tnc_next(struct ubifs_info *c, struct ubifs_znode **zn, int *n)
640 {
641 struct ubifs_znode *znode = *zn;
642 int nn = *n;
643
644 nn += 1;
645 if (nn < znode->child_cnt) {
646 *n = nn;
647 return 0;
648 }
649 while (1) {
650 struct ubifs_znode *zp;
651
652 zp = znode->parent;
653 if (!zp)
654 return -ENOENT;
655 nn = znode->iip + 1;
656 znode = zp;
657 if (nn < znode->child_cnt) {
658 znode = get_znode(c, znode, nn);
659 if (IS_ERR(znode))
660 return PTR_ERR(znode);
661 while (znode->level != 0) {
662 znode = get_znode(c, znode, 0);
663 if (IS_ERR(znode))
664 return PTR_ERR(znode);
665 }
666 nn = 0;
667 break;
668 }
669 }
670 *zn = znode;
671 *n = nn;
672 return 0;
673 }
674
675 /**
676 * tnc_prev - find previous TNC entry.
677 * @c: UBIFS file-system description object
678 * @zn: znode is returned here
679 * @n: znode branch slot number is passed and returned here
680 *
681 * This function returns %0 if the previous TNC entry is found, %-ENOENT if
682 * there is no next entry, or a negative error code otherwise.
683 */
tnc_prev(struct ubifs_info * c,struct ubifs_znode ** zn,int * n)684 static int tnc_prev(struct ubifs_info *c, struct ubifs_znode **zn, int *n)
685 {
686 struct ubifs_znode *znode = *zn;
687 int nn = *n;
688
689 if (nn > 0) {
690 *n = nn - 1;
691 return 0;
692 }
693 while (1) {
694 struct ubifs_znode *zp;
695
696 zp = znode->parent;
697 if (!zp)
698 return -ENOENT;
699 nn = znode->iip - 1;
700 znode = zp;
701 if (nn >= 0) {
702 znode = get_znode(c, znode, nn);
703 if (IS_ERR(znode))
704 return PTR_ERR(znode);
705 while (znode->level != 0) {
706 nn = znode->child_cnt - 1;
707 znode = get_znode(c, znode, nn);
708 if (IS_ERR(znode))
709 return PTR_ERR(znode);
710 }
711 nn = znode->child_cnt - 1;
712 break;
713 }
714 }
715 *zn = znode;
716 *n = nn;
717 return 0;
718 }
719
720 /**
721 * resolve_collision - resolve a collision.
722 * @c: UBIFS file-system description object
723 * @key: key of a directory or extended attribute entry
724 * @zn: znode is returned here
725 * @n: zbranch number is passed and returned here
726 * @nm: name of the entry
727 *
728 * This function is called for "hashed" keys to make sure that the found key
729 * really corresponds to the looked up node (directory or extended attribute
730 * entry). It returns %1 and sets @zn and @n if the collision is resolved.
731 * %0 is returned if @nm is not found and @zn and @n are set to the previous
732 * entry, i.e. to the entry after which @nm could follow if it were in TNC.
733 * This means that @n may be set to %-1 if the leftmost key in @zn is the
734 * previous one. A negative error code is returned on failures.
735 */
resolve_collision(struct ubifs_info * c,const union ubifs_key * key,struct ubifs_znode ** zn,int * n,const struct fscrypt_name * nm)736 static int resolve_collision(struct ubifs_info *c, const union ubifs_key *key,
737 struct ubifs_znode **zn, int *n,
738 const struct fscrypt_name *nm)
739 {
740 int err;
741
742 err = matches_name(c, &(*zn)->zbranch[*n], nm);
743 if (unlikely(err < 0))
744 return err;
745 if (err == NAME_MATCHES)
746 return 1;
747
748 if (err == NAME_GREATER) {
749 /* Look left */
750 while (1) {
751 err = tnc_prev(c, zn, n);
752 if (err == -ENOENT) {
753 ubifs_assert(c, *n == 0);
754 *n = -1;
755 return 0;
756 }
757 if (err < 0)
758 return err;
759 if (keys_cmp(c, &(*zn)->zbranch[*n].key, key)) {
760 /*
761 * We have found the branch after which we would
762 * like to insert, but inserting in this znode
763 * may still be wrong. Consider the following 3
764 * znodes, in the case where we are resolving a
765 * collision with Key2.
766 *
767 * znode zp
768 * ----------------------
769 * level 1 | Key0 | Key1 |
770 * -----------------------
771 * | |
772 * znode za | | znode zb
773 * ------------ ------------
774 * level 0 | Key0 | | Key2 |
775 * ------------ ------------
776 *
777 * The lookup finds Key2 in znode zb. Lets say
778 * there is no match and the name is greater so
779 * we look left. When we find Key0, we end up
780 * here. If we return now, we will insert into
781 * znode za at slot n = 1. But that is invalid
782 * according to the parent's keys. Key2 must
783 * be inserted into znode zb.
784 *
785 * Note, this problem is not relevant for the
786 * case when we go right, because
787 * 'tnc_insert()' would correct the parent key.
788 */
789 if (*n == (*zn)->child_cnt - 1) {
790 err = tnc_next(c, zn, n);
791 if (err) {
792 /* Should be impossible */
793 ubifs_assert(c, 0);
794 if (err == -ENOENT)
795 err = -EINVAL;
796 return err;
797 }
798 ubifs_assert(c, *n == 0);
799 *n = -1;
800 }
801 return 0;
802 }
803 err = matches_name(c, &(*zn)->zbranch[*n], nm);
804 if (err < 0)
805 return err;
806 if (err == NAME_LESS)
807 return 0;
808 if (err == NAME_MATCHES)
809 return 1;
810 ubifs_assert(c, err == NAME_GREATER);
811 }
812 } else {
813 int nn = *n;
814 struct ubifs_znode *znode = *zn;
815
816 /* Look right */
817 while (1) {
818 err = tnc_next(c, &znode, &nn);
819 if (err == -ENOENT)
820 return 0;
821 if (err < 0)
822 return err;
823 if (keys_cmp(c, &znode->zbranch[nn].key, key))
824 return 0;
825 err = matches_name(c, &znode->zbranch[nn], nm);
826 if (err < 0)
827 return err;
828 if (err == NAME_GREATER)
829 return 0;
830 *zn = znode;
831 *n = nn;
832 if (err == NAME_MATCHES)
833 return 1;
834 ubifs_assert(c, err == NAME_LESS);
835 }
836 }
837 }
838
839 /**
840 * fallible_matches_name - determine if a dent matches a given name.
841 * @c: UBIFS file-system description object
842 * @zbr: zbranch of dent
843 * @nm: name to match
844 *
845 * This is a "fallible" version of 'matches_name()' function which does not
846 * panic if the direntry/xentry referred by @zbr does not exist on the media.
847 *
848 * This function checks if xentry/direntry referred by zbranch @zbr matches name
849 * @nm. Returns %NAME_MATCHES it does, %NAME_LESS if the name referred by @zbr
850 * is less than @nm, %NAME_GREATER if it is greater than @nm, and @NOT_ON_MEDIA
851 * if xentry/direntry referred by @zbr does not exist on the media. A negative
852 * error code is returned in case of failure.
853 */
fallible_matches_name(struct ubifs_info * c,struct ubifs_zbranch * zbr,const struct fscrypt_name * nm)854 static int fallible_matches_name(struct ubifs_info *c,
855 struct ubifs_zbranch *zbr,
856 const struct fscrypt_name *nm)
857 {
858 struct ubifs_dent_node *dent;
859 int nlen, err;
860
861 /* If possible, match against the dent in the leaf node cache */
862 if (!zbr->leaf) {
863 dent = kmalloc(zbr->len, GFP_NOFS);
864 if (!dent)
865 return -ENOMEM;
866
867 err = fallible_read_node(c, &zbr->key, zbr, dent);
868 if (err < 0)
869 goto out_free;
870 if (err == 0) {
871 /* The node was not present */
872 err = NOT_ON_MEDIA;
873 goto out_free;
874 }
875 ubifs_assert(c, err == 1);
876
877 err = lnc_add_directly(c, zbr, dent);
878 if (err)
879 goto out_free;
880 } else
881 dent = zbr->leaf;
882
883 nlen = le16_to_cpu(dent->nlen);
884 err = memcmp(dent->name, fname_name(nm), min_t(int, nlen, fname_len(nm)));
885 if (err == 0) {
886 if (nlen == fname_len(nm))
887 return NAME_MATCHES;
888 else if (nlen < fname_len(nm))
889 return NAME_LESS;
890 else
891 return NAME_GREATER;
892 } else if (err < 0)
893 return NAME_LESS;
894 else
895 return NAME_GREATER;
896
897 out_free:
898 kfree(dent);
899 return err;
900 }
901
902 /**
903 * fallible_resolve_collision - resolve a collision even if nodes are missing.
904 * @c: UBIFS file-system description object
905 * @key: key
906 * @zn: znode is returned here
907 * @n: branch number is passed and returned here
908 * @nm: name of directory entry
909 * @adding: indicates caller is adding a key to the TNC
910 *
911 * This is a "fallible" version of the 'resolve_collision()' function which
912 * does not panic if one of the nodes referred to by TNC does not exist on the
913 * media. This may happen when replaying the journal if a deleted node was
914 * Garbage-collected and the commit was not done. A branch that refers to a node
915 * that is not present is called a dangling branch. The following are the return
916 * codes for this function:
917 * o if @nm was found, %1 is returned and @zn and @n are set to the found
918 * branch;
919 * o if we are @adding and @nm was not found, %0 is returned;
920 * o if we are not @adding and @nm was not found, but a dangling branch was
921 * found, then %1 is returned and @zn and @n are set to the dangling branch;
922 * o a negative error code is returned in case of failure.
923 */
fallible_resolve_collision(struct ubifs_info * c,const union ubifs_key * key,struct ubifs_znode ** zn,int * n,const struct fscrypt_name * nm,int adding)924 static int fallible_resolve_collision(struct ubifs_info *c,
925 const union ubifs_key *key,
926 struct ubifs_znode **zn, int *n,
927 const struct fscrypt_name *nm,
928 int adding)
929 {
930 struct ubifs_znode *o_znode = NULL, *znode = *zn;
931 int o_n, err, cmp, unsure = 0, nn = *n;
932
933 cmp = fallible_matches_name(c, &znode->zbranch[nn], nm);
934 if (unlikely(cmp < 0))
935 return cmp;
936 if (cmp == NAME_MATCHES)
937 return 1;
938 if (cmp == NOT_ON_MEDIA) {
939 o_znode = znode;
940 o_n = nn;
941 /*
942 * We are unlucky and hit a dangling branch straight away.
943 * Now we do not really know where to go to find the needed
944 * branch - to the left or to the right. Well, let's try left.
945 */
946 unsure = 1;
947 } else if (!adding)
948 unsure = 1; /* Remove a dangling branch wherever it is */
949
950 if (cmp == NAME_GREATER || unsure) {
951 /* Look left */
952 while (1) {
953 err = tnc_prev(c, zn, n);
954 if (err == -ENOENT) {
955 ubifs_assert(c, *n == 0);
956 *n = -1;
957 break;
958 }
959 if (err < 0)
960 return err;
961 if (keys_cmp(c, &(*zn)->zbranch[*n].key, key)) {
962 /* See comments in 'resolve_collision()' */
963 if (*n == (*zn)->child_cnt - 1) {
964 err = tnc_next(c, zn, n);
965 if (err) {
966 /* Should be impossible */
967 ubifs_assert(c, 0);
968 if (err == -ENOENT)
969 err = -EINVAL;
970 return err;
971 }
972 ubifs_assert(c, *n == 0);
973 *n = -1;
974 }
975 break;
976 }
977 err = fallible_matches_name(c, &(*zn)->zbranch[*n], nm);
978 if (err < 0)
979 return err;
980 if (err == NAME_MATCHES)
981 return 1;
982 if (err == NOT_ON_MEDIA) {
983 o_znode = *zn;
984 o_n = *n;
985 continue;
986 }
987 if (!adding)
988 continue;
989 if (err == NAME_LESS)
990 break;
991 else
992 unsure = 0;
993 }
994 }
995
996 if (cmp == NAME_LESS || unsure) {
997 /* Look right */
998 *zn = znode;
999 *n = nn;
1000 while (1) {
1001 err = tnc_next(c, &znode, &nn);
1002 if (err == -ENOENT)
1003 break;
1004 if (err < 0)
1005 return err;
1006 if (keys_cmp(c, &znode->zbranch[nn].key, key))
1007 break;
1008 err = fallible_matches_name(c, &znode->zbranch[nn], nm);
1009 if (err < 0)
1010 return err;
1011 if (err == NAME_GREATER)
1012 break;
1013 *zn = znode;
1014 *n = nn;
1015 if (err == NAME_MATCHES)
1016 return 1;
1017 if (err == NOT_ON_MEDIA) {
1018 o_znode = znode;
1019 o_n = nn;
1020 }
1021 }
1022 }
1023
1024 /* Never match a dangling branch when adding */
1025 if (adding || !o_znode)
1026 return 0;
1027
1028 dbg_mntk(key, "dangling match LEB %d:%d len %d key ",
1029 o_znode->zbranch[o_n].lnum, o_znode->zbranch[o_n].offs,
1030 o_znode->zbranch[o_n].len);
1031 *zn = o_znode;
1032 *n = o_n;
1033 return 1;
1034 }
1035
1036 /**
1037 * matches_position - determine if a zbranch matches a given position.
1038 * @zbr: zbranch of dent
1039 * @lnum: LEB number of dent to match
1040 * @offs: offset of dent to match
1041 *
1042 * This function returns %1 if @lnum:@offs matches, and %0 otherwise.
1043 */
matches_position(struct ubifs_zbranch * zbr,int lnum,int offs)1044 static int matches_position(struct ubifs_zbranch *zbr, int lnum, int offs)
1045 {
1046 if (zbr->lnum == lnum && zbr->offs == offs)
1047 return 1;
1048 else
1049 return 0;
1050 }
1051
1052 /**
1053 * resolve_collision_directly - resolve a collision directly.
1054 * @c: UBIFS file-system description object
1055 * @key: key of directory entry
1056 * @zn: znode is passed and returned here
1057 * @n: zbranch number is passed and returned here
1058 * @lnum: LEB number of dent node to match
1059 * @offs: offset of dent node to match
1060 *
1061 * This function is used for "hashed" keys to make sure the found directory or
1062 * extended attribute entry node is what was looked for. It is used when the
1063 * flash address of the right node is known (@lnum:@offs) which makes it much
1064 * easier to resolve collisions (no need to read entries and match full
1065 * names). This function returns %1 and sets @zn and @n if the collision is
1066 * resolved, %0 if @lnum:@offs is not found and @zn and @n are set to the
1067 * previous directory entry. Otherwise a negative error code is returned.
1068 */
resolve_collision_directly(struct ubifs_info * c,const union ubifs_key * key,struct ubifs_znode ** zn,int * n,int lnum,int offs)1069 static int resolve_collision_directly(struct ubifs_info *c,
1070 const union ubifs_key *key,
1071 struct ubifs_znode **zn, int *n,
1072 int lnum, int offs)
1073 {
1074 struct ubifs_znode *znode;
1075 int nn, err;
1076
1077 znode = *zn;
1078 nn = *n;
1079 if (matches_position(&znode->zbranch[nn], lnum, offs))
1080 return 1;
1081
1082 /* Look left */
1083 while (1) {
1084 err = tnc_prev(c, &znode, &nn);
1085 if (err == -ENOENT)
1086 break;
1087 if (err < 0)
1088 return err;
1089 if (keys_cmp(c, &znode->zbranch[nn].key, key))
1090 break;
1091 if (matches_position(&znode->zbranch[nn], lnum, offs)) {
1092 *zn = znode;
1093 *n = nn;
1094 return 1;
1095 }
1096 }
1097
1098 /* Look right */
1099 znode = *zn;
1100 nn = *n;
1101 while (1) {
1102 err = tnc_next(c, &znode, &nn);
1103 if (err == -ENOENT)
1104 return 0;
1105 if (err < 0)
1106 return err;
1107 if (keys_cmp(c, &znode->zbranch[nn].key, key))
1108 return 0;
1109 *zn = znode;
1110 *n = nn;
1111 if (matches_position(&znode->zbranch[nn], lnum, offs))
1112 return 1;
1113 }
1114 }
1115
1116 /**
1117 * dirty_cow_bottom_up - dirty a znode and its ancestors.
1118 * @c: UBIFS file-system description object
1119 * @znode: znode to dirty
1120 *
1121 * If we do not have a unique key that resides in a znode, then we cannot
1122 * dirty that znode from the top down (i.e. by using lookup_level0_dirty)
1123 * This function records the path back to the last dirty ancestor, and then
1124 * dirties the znodes on that path.
1125 */
dirty_cow_bottom_up(struct ubifs_info * c,struct ubifs_znode * znode)1126 static struct ubifs_znode *dirty_cow_bottom_up(struct ubifs_info *c,
1127 struct ubifs_znode *znode)
1128 {
1129 struct ubifs_znode *zp;
1130 int *path = c->bottom_up_buf, p = 0;
1131
1132 ubifs_assert(c, c->zroot.znode);
1133 ubifs_assert(c, znode);
1134 if (c->zroot.znode->level > BOTTOM_UP_HEIGHT) {
1135 kfree(c->bottom_up_buf);
1136 c->bottom_up_buf = kmalloc_array(c->zroot.znode->level,
1137 sizeof(int),
1138 GFP_NOFS);
1139 if (!c->bottom_up_buf)
1140 return ERR_PTR(-ENOMEM);
1141 path = c->bottom_up_buf;
1142 }
1143 if (c->zroot.znode->level) {
1144 /* Go up until parent is dirty */
1145 while (1) {
1146 int n;
1147
1148 zp = znode->parent;
1149 if (!zp)
1150 break;
1151 n = znode->iip;
1152 ubifs_assert(c, p < c->zroot.znode->level);
1153 path[p++] = n;
1154 if (!zp->cnext && ubifs_zn_dirty(znode))
1155 break;
1156 znode = zp;
1157 }
1158 }
1159
1160 /* Come back down, dirtying as we go */
1161 while (1) {
1162 struct ubifs_zbranch *zbr;
1163
1164 zp = znode->parent;
1165 if (zp) {
1166 ubifs_assert(c, path[p - 1] >= 0);
1167 ubifs_assert(c, path[p - 1] < zp->child_cnt);
1168 zbr = &zp->zbranch[path[--p]];
1169 znode = dirty_cow_znode(c, zbr);
1170 } else {
1171 ubifs_assert(c, znode == c->zroot.znode);
1172 znode = dirty_cow_znode(c, &c->zroot);
1173 }
1174 if (IS_ERR(znode) || !p)
1175 break;
1176 ubifs_assert(c, path[p - 1] >= 0);
1177 ubifs_assert(c, path[p - 1] < znode->child_cnt);
1178 znode = znode->zbranch[path[p - 1]].znode;
1179 }
1180
1181 return znode;
1182 }
1183
1184 /**
1185 * ubifs_lookup_level0 - search for zero-level znode.
1186 * @c: UBIFS file-system description object
1187 * @key: key to lookup
1188 * @zn: znode is returned here
1189 * @n: znode branch slot number is returned here
1190 *
1191 * This function looks up the TNC tree and search for zero-level znode which
1192 * refers key @key. The found zero-level znode is returned in @zn. There are 3
1193 * cases:
1194 * o exact match, i.e. the found zero-level znode contains key @key, then %1
1195 * is returned and slot number of the matched branch is stored in @n;
1196 * o not exact match, which means that zero-level znode does not contain
1197 * @key, then %0 is returned and slot number of the closest branch or %-1
1198 * is stored in @n; In this case calling tnc_next() is mandatory.
1199 * o @key is so small that it is even less than the lowest key of the
1200 * leftmost zero-level node, then %0 is returned and %0 is stored in @n.
1201 *
1202 * Note, when the TNC tree is traversed, some znodes may be absent, then this
1203 * function reads corresponding indexing nodes and inserts them to TNC. In
1204 * case of failure, a negative error code is returned.
1205 */
ubifs_lookup_level0(struct ubifs_info * c,const union ubifs_key * key,struct ubifs_znode ** zn,int * n)1206 int ubifs_lookup_level0(struct ubifs_info *c, const union ubifs_key *key,
1207 struct ubifs_znode **zn, int *n)
1208 {
1209 int err, exact;
1210 struct ubifs_znode *znode;
1211 time64_t time = ktime_get_seconds();
1212
1213 dbg_tnck(key, "search key ");
1214 ubifs_assert(c, key_type(c, key) < UBIFS_INVALID_KEY);
1215
1216 znode = c->zroot.znode;
1217 if (unlikely(!znode)) {
1218 znode = ubifs_load_znode(c, &c->zroot, NULL, 0);
1219 if (IS_ERR(znode))
1220 return PTR_ERR(znode);
1221 }
1222
1223 znode->time = time;
1224
1225 while (1) {
1226 struct ubifs_zbranch *zbr;
1227
1228 exact = ubifs_search_zbranch(c, znode, key, n);
1229
1230 if (znode->level == 0)
1231 break;
1232
1233 if (*n < 0)
1234 *n = 0;
1235 zbr = &znode->zbranch[*n];
1236
1237 if (zbr->znode) {
1238 znode->time = time;
1239 znode = zbr->znode;
1240 continue;
1241 }
1242
1243 /* znode is not in TNC cache, load it from the media */
1244 znode = ubifs_load_znode(c, zbr, znode, *n);
1245 if (IS_ERR(znode))
1246 return PTR_ERR(znode);
1247 }
1248
1249 *zn = znode;
1250 if (exact || !is_hash_key(c, key) || *n != -1) {
1251 dbg_tnc("found %d, lvl %d, n %d", exact, znode->level, *n);
1252 return exact;
1253 }
1254
1255 /*
1256 * Here is a tricky place. We have not found the key and this is a
1257 * "hashed" key, which may collide. The rest of the code deals with
1258 * situations like this:
1259 *
1260 * | 3 | 5 |
1261 * / \
1262 * | 3 | 5 | | 6 | 7 | (x)
1263 *
1264 * Or more a complex example:
1265 *
1266 * | 1 | 5 |
1267 * / \
1268 * | 1 | 3 | | 5 | 8 |
1269 * \ /
1270 * | 5 | 5 | | 6 | 7 | (x)
1271 *
1272 * In the examples, if we are looking for key "5", we may reach nodes
1273 * marked with "(x)". In this case what we have do is to look at the
1274 * left and see if there is "5" key there. If there is, we have to
1275 * return it.
1276 *
1277 * Note, this whole situation is possible because we allow to have
1278 * elements which are equivalent to the next key in the parent in the
1279 * children of current znode. For example, this happens if we split a
1280 * znode like this: | 3 | 5 | 5 | 6 | 7 |, which results in something
1281 * like this:
1282 * | 3 | 5 |
1283 * / \
1284 * | 3 | 5 | | 5 | 6 | 7 |
1285 * ^
1286 * And this becomes what is at the first "picture" after key "5" marked
1287 * with "^" is removed. What could be done is we could prohibit
1288 * splitting in the middle of the colliding sequence. Also, when
1289 * removing the leftmost key, we would have to correct the key of the
1290 * parent node, which would introduce additional complications. Namely,
1291 * if we changed the leftmost key of the parent znode, the garbage
1292 * collector would be unable to find it (GC is doing this when GC'ing
1293 * indexing LEBs). Although we already have an additional RB-tree where
1294 * we save such changed znodes (see 'ins_clr_old_idx_znode()') until
1295 * after the commit. But anyway, this does not look easy to implement
1296 * so we did not try this.
1297 */
1298 err = tnc_prev(c, &znode, n);
1299 if (err == -ENOENT) {
1300 dbg_tnc("found 0, lvl %d, n -1", znode->level);
1301 *n = -1;
1302 return 0;
1303 }
1304 if (unlikely(err < 0))
1305 return err;
1306 if (keys_cmp(c, key, &znode->zbranch[*n].key)) {
1307 dbg_tnc("found 0, lvl %d, n -1", znode->level);
1308 *n = -1;
1309 return 0;
1310 }
1311
1312 dbg_tnc("found 1, lvl %d, n %d", znode->level, *n);
1313 *zn = znode;
1314 return 1;
1315 }
1316
1317 /**
1318 * lookup_level0_dirty - search for zero-level znode dirtying.
1319 * @c: UBIFS file-system description object
1320 * @key: key to lookup
1321 * @zn: znode is returned here
1322 * @n: znode branch slot number is returned here
1323 *
1324 * This function looks up the TNC tree and search for zero-level znode which
1325 * refers key @key. The found zero-level znode is returned in @zn. There are 3
1326 * cases:
1327 * o exact match, i.e. the found zero-level znode contains key @key, then %1
1328 * is returned and slot number of the matched branch is stored in @n;
1329 * o not exact match, which means that zero-level znode does not contain @key
1330 * then %0 is returned and slot number of the closed branch is stored in
1331 * @n;
1332 * o @key is so small that it is even less than the lowest key of the
1333 * leftmost zero-level node, then %0 is returned and %-1 is stored in @n.
1334 *
1335 * Additionally all znodes in the path from the root to the located zero-level
1336 * znode are marked as dirty.
1337 *
1338 * Note, when the TNC tree is traversed, some znodes may be absent, then this
1339 * function reads corresponding indexing nodes and inserts them to TNC. In
1340 * case of failure, a negative error code is returned.
1341 */
lookup_level0_dirty(struct ubifs_info * c,const union ubifs_key * key,struct ubifs_znode ** zn,int * n)1342 static int lookup_level0_dirty(struct ubifs_info *c, const union ubifs_key *key,
1343 struct ubifs_znode **zn, int *n)
1344 {
1345 int err, exact;
1346 struct ubifs_znode *znode;
1347 time64_t time = ktime_get_seconds();
1348
1349 dbg_tnck(key, "search and dirty key ");
1350
1351 znode = c->zroot.znode;
1352 if (unlikely(!znode)) {
1353 znode = ubifs_load_znode(c, &c->zroot, NULL, 0);
1354 if (IS_ERR(znode))
1355 return PTR_ERR(znode);
1356 }
1357
1358 znode = dirty_cow_znode(c, &c->zroot);
1359 if (IS_ERR(znode))
1360 return PTR_ERR(znode);
1361
1362 znode->time = time;
1363
1364 while (1) {
1365 struct ubifs_zbranch *zbr;
1366
1367 exact = ubifs_search_zbranch(c, znode, key, n);
1368
1369 if (znode->level == 0)
1370 break;
1371
1372 if (*n < 0)
1373 *n = 0;
1374 zbr = &znode->zbranch[*n];
1375
1376 if (zbr->znode) {
1377 znode->time = time;
1378 znode = dirty_cow_znode(c, zbr);
1379 if (IS_ERR(znode))
1380 return PTR_ERR(znode);
1381 continue;
1382 }
1383
1384 /* znode is not in TNC cache, load it from the media */
1385 znode = ubifs_load_znode(c, zbr, znode, *n);
1386 if (IS_ERR(znode))
1387 return PTR_ERR(znode);
1388 znode = dirty_cow_znode(c, zbr);
1389 if (IS_ERR(znode))
1390 return PTR_ERR(znode);
1391 }
1392
1393 *zn = znode;
1394 if (exact || !is_hash_key(c, key) || *n != -1) {
1395 dbg_tnc("found %d, lvl %d, n %d", exact, znode->level, *n);
1396 return exact;
1397 }
1398
1399 /*
1400 * See huge comment at 'lookup_level0_dirty()' what is the rest of the
1401 * code.
1402 */
1403 err = tnc_prev(c, &znode, n);
1404 if (err == -ENOENT) {
1405 *n = -1;
1406 dbg_tnc("found 0, lvl %d, n -1", znode->level);
1407 return 0;
1408 }
1409 if (unlikely(err < 0))
1410 return err;
1411 if (keys_cmp(c, key, &znode->zbranch[*n].key)) {
1412 *n = -1;
1413 dbg_tnc("found 0, lvl %d, n -1", znode->level);
1414 return 0;
1415 }
1416
1417 if (znode->cnext || !ubifs_zn_dirty(znode)) {
1418 znode = dirty_cow_bottom_up(c, znode);
1419 if (IS_ERR(znode))
1420 return PTR_ERR(znode);
1421 }
1422
1423 dbg_tnc("found 1, lvl %d, n %d", znode->level, *n);
1424 *zn = znode;
1425 return 1;
1426 }
1427
1428 /**
1429 * maybe_leb_gced - determine if a LEB may have been garbage collected.
1430 * @c: UBIFS file-system description object
1431 * @lnum: LEB number
1432 * @gc_seq1: garbage collection sequence number
1433 *
1434 * This function determines if @lnum may have been garbage collected since
1435 * sequence number @gc_seq1. If it may have been then %1 is returned, otherwise
1436 * %0 is returned.
1437 */
maybe_leb_gced(struct ubifs_info * c,int lnum,int gc_seq1)1438 static int maybe_leb_gced(struct ubifs_info *c, int lnum, int gc_seq1)
1439 {
1440 int gc_seq2, gced_lnum;
1441
1442 gced_lnum = c->gced_lnum;
1443 smp_rmb();
1444 gc_seq2 = c->gc_seq;
1445 /* Same seq means no GC */
1446 if (gc_seq1 == gc_seq2)
1447 return 0;
1448 /* Different by more than 1 means we don't know */
1449 if (gc_seq1 + 1 != gc_seq2)
1450 return 1;
1451 /*
1452 * We have seen the sequence number has increased by 1. Now we need to
1453 * be sure we read the right LEB number, so read it again.
1454 */
1455 smp_rmb();
1456 if (gced_lnum != c->gced_lnum)
1457 return 1;
1458 /* Finally we can check lnum */
1459 if (gced_lnum == lnum)
1460 return 1;
1461 return 0;
1462 }
1463
1464 /**
1465 * ubifs_tnc_locate - look up a file-system node and return it and its location.
1466 * @c: UBIFS file-system description object
1467 * @key: node key to lookup
1468 * @node: the node is returned here
1469 * @lnum: LEB number is returned here
1470 * @offs: offset is returned here
1471 *
1472 * This function looks up and reads node with key @key. The caller has to make
1473 * sure the @node buffer is large enough to fit the node. Returns zero in case
1474 * of success, %-ENOENT if the node was not found, and a negative error code in
1475 * case of failure. The node location can be returned in @lnum and @offs.
1476 */
ubifs_tnc_locate(struct ubifs_info * c,const union ubifs_key * key,void * node,int * lnum,int * offs)1477 int ubifs_tnc_locate(struct ubifs_info *c, const union ubifs_key *key,
1478 void *node, int *lnum, int *offs)
1479 {
1480 int found, n, err, safely = 0, gc_seq1;
1481 struct ubifs_znode *znode;
1482 struct ubifs_zbranch zbr, *zt;
1483
1484 again:
1485 mutex_lock(&c->tnc_mutex);
1486 found = ubifs_lookup_level0(c, key, &znode, &n);
1487 if (!found) {
1488 err = -ENOENT;
1489 goto out;
1490 } else if (found < 0) {
1491 err = found;
1492 goto out;
1493 }
1494 zt = &znode->zbranch[n];
1495 if (lnum) {
1496 *lnum = zt->lnum;
1497 *offs = zt->offs;
1498 }
1499 if (is_hash_key(c, key)) {
1500 /*
1501 * In this case the leaf node cache gets used, so we pass the
1502 * address of the zbranch and keep the mutex locked
1503 */
1504 err = tnc_read_hashed_node(c, zt, node);
1505 goto out;
1506 }
1507 if (safely) {
1508 err = ubifs_tnc_read_node(c, zt, node);
1509 goto out;
1510 }
1511 /* Drop the TNC mutex prematurely and race with garbage collection */
1512 zbr = znode->zbranch[n];
1513 gc_seq1 = c->gc_seq;
1514 mutex_unlock(&c->tnc_mutex);
1515
1516 if (ubifs_get_wbuf(c, zbr.lnum)) {
1517 /* We do not GC journal heads */
1518 err = ubifs_tnc_read_node(c, &zbr, node);
1519 return err;
1520 }
1521
1522 err = fallible_read_node(c, key, &zbr, node);
1523 if (err <= 0 || maybe_leb_gced(c, zbr.lnum, gc_seq1)) {
1524 /*
1525 * The node may have been GC'ed out from under us so try again
1526 * while keeping the TNC mutex locked.
1527 */
1528 safely = 1;
1529 goto again;
1530 }
1531 return 0;
1532
1533 out:
1534 mutex_unlock(&c->tnc_mutex);
1535 return err;
1536 }
1537
1538 /**
1539 * ubifs_tnc_get_bu_keys - lookup keys for bulk-read.
1540 * @c: UBIFS file-system description object
1541 * @bu: bulk-read parameters and results
1542 *
1543 * Lookup consecutive data node keys for the same inode that reside
1544 * consecutively in the same LEB. This function returns zero in case of success
1545 * and a negative error code in case of failure.
1546 *
1547 * Note, if the bulk-read buffer length (@bu->buf_len) is known, this function
1548 * makes sure bulk-read nodes fit the buffer. Otherwise, this function prepares
1549 * maximum possible amount of nodes for bulk-read.
1550 */
ubifs_tnc_get_bu_keys(struct ubifs_info * c,struct bu_info * bu)1551 int ubifs_tnc_get_bu_keys(struct ubifs_info *c, struct bu_info *bu)
1552 {
1553 int n, err = 0, lnum = -1, offs;
1554 int len;
1555 unsigned int block = key_block(c, &bu->key);
1556 struct ubifs_znode *znode;
1557
1558 bu->cnt = 0;
1559 bu->blk_cnt = 0;
1560 bu->eof = 0;
1561
1562 mutex_lock(&c->tnc_mutex);
1563 /* Find first key */
1564 err = ubifs_lookup_level0(c, &bu->key, &znode, &n);
1565 if (err < 0)
1566 goto out;
1567 if (err) {
1568 /* Key found */
1569 len = znode->zbranch[n].len;
1570 /* The buffer must be big enough for at least 1 node */
1571 if (len > bu->buf_len) {
1572 err = -EINVAL;
1573 goto out;
1574 }
1575 /* Add this key */
1576 bu->zbranch[bu->cnt++] = znode->zbranch[n];
1577 bu->blk_cnt += 1;
1578 lnum = znode->zbranch[n].lnum;
1579 offs = ALIGN(znode->zbranch[n].offs + len, 8);
1580 }
1581 while (1) {
1582 struct ubifs_zbranch *zbr;
1583 union ubifs_key *key;
1584 unsigned int next_block;
1585
1586 /* Find next key */
1587 err = tnc_next(c, &znode, &n);
1588 if (err)
1589 goto out;
1590 zbr = &znode->zbranch[n];
1591 key = &zbr->key;
1592 /* See if there is another data key for this file */
1593 if (key_inum(c, key) != key_inum(c, &bu->key) ||
1594 key_type(c, key) != UBIFS_DATA_KEY) {
1595 err = -ENOENT;
1596 goto out;
1597 }
1598 if (lnum < 0) {
1599 /* First key found */
1600 lnum = zbr->lnum;
1601 offs = ALIGN(zbr->offs + zbr->len, 8);
1602 len = zbr->len;
1603 if (len > bu->buf_len) {
1604 err = -EINVAL;
1605 goto out;
1606 }
1607 } else {
1608 /*
1609 * The data nodes must be in consecutive positions in
1610 * the same LEB.
1611 */
1612 if (zbr->lnum != lnum || zbr->offs != offs)
1613 goto out;
1614 offs += ALIGN(zbr->len, 8);
1615 len = ALIGN(len, 8) + zbr->len;
1616 /* Must not exceed buffer length */
1617 if (len > bu->buf_len)
1618 goto out;
1619 }
1620 /* Allow for holes */
1621 next_block = key_block(c, key);
1622 bu->blk_cnt += (next_block - block - 1);
1623 if (bu->blk_cnt >= UBIFS_MAX_BULK_READ)
1624 goto out;
1625 block = next_block;
1626 /* Add this key */
1627 bu->zbranch[bu->cnt++] = *zbr;
1628 bu->blk_cnt += 1;
1629 /* See if we have room for more */
1630 if (bu->cnt >= UBIFS_MAX_BULK_READ)
1631 goto out;
1632 if (bu->blk_cnt >= UBIFS_MAX_BULK_READ)
1633 goto out;
1634 }
1635 out:
1636 if (err == -ENOENT) {
1637 bu->eof = 1;
1638 err = 0;
1639 }
1640 bu->gc_seq = c->gc_seq;
1641 mutex_unlock(&c->tnc_mutex);
1642 if (err)
1643 return err;
1644 /*
1645 * An enormous hole could cause bulk-read to encompass too many
1646 * page cache pages, so limit the number here.
1647 */
1648 if (bu->blk_cnt > UBIFS_MAX_BULK_READ)
1649 bu->blk_cnt = UBIFS_MAX_BULK_READ;
1650 /*
1651 * Ensure that bulk-read covers a whole number of page cache
1652 * pages.
1653 */
1654 if (UBIFS_BLOCKS_PER_PAGE == 1 ||
1655 !(bu->blk_cnt & (UBIFS_BLOCKS_PER_PAGE - 1)))
1656 return 0;
1657 if (bu->eof) {
1658 /* At the end of file we can round up */
1659 bu->blk_cnt += UBIFS_BLOCKS_PER_PAGE - 1;
1660 return 0;
1661 }
1662 /* Exclude data nodes that do not make up a whole page cache page */
1663 block = key_block(c, &bu->key) + bu->blk_cnt;
1664 block &= ~(UBIFS_BLOCKS_PER_PAGE - 1);
1665 while (bu->cnt) {
1666 if (key_block(c, &bu->zbranch[bu->cnt - 1].key) < block)
1667 break;
1668 bu->cnt -= 1;
1669 }
1670 return 0;
1671 }
1672
1673 /**
1674 * read_wbuf - bulk-read from a LEB with a wbuf.
1675 * @wbuf: wbuf that may overlap the read
1676 * @buf: buffer into which to read
1677 * @len: read length
1678 * @lnum: LEB number from which to read
1679 * @offs: offset from which to read
1680 *
1681 * This functions returns %0 on success or a negative error code on failure.
1682 */
read_wbuf(struct ubifs_wbuf * wbuf,void * buf,int len,int lnum,int offs)1683 static int read_wbuf(struct ubifs_wbuf *wbuf, void *buf, int len, int lnum,
1684 int offs)
1685 {
1686 const struct ubifs_info *c = wbuf->c;
1687 int rlen, overlap;
1688
1689 dbg_io("LEB %d:%d, length %d", lnum, offs, len);
1690 ubifs_assert(c, wbuf && lnum >= 0 && lnum < c->leb_cnt && offs >= 0);
1691 ubifs_assert(c, !(offs & 7) && offs < c->leb_size);
1692 ubifs_assert(c, offs + len <= c->leb_size);
1693
1694 spin_lock(&wbuf->lock);
1695 overlap = (lnum == wbuf->lnum && offs + len > wbuf->offs);
1696 if (!overlap) {
1697 /* We may safely unlock the write-buffer and read the data */
1698 spin_unlock(&wbuf->lock);
1699 return ubifs_leb_read(c, lnum, buf, offs, len, 0);
1700 }
1701
1702 /* Don't read under wbuf */
1703 rlen = wbuf->offs - offs;
1704 if (rlen < 0)
1705 rlen = 0;
1706
1707 /* Copy the rest from the write-buffer */
1708 memcpy(buf + rlen, wbuf->buf + offs + rlen - wbuf->offs, len - rlen);
1709 spin_unlock(&wbuf->lock);
1710
1711 if (rlen > 0)
1712 /* Read everything that goes before write-buffer */
1713 return ubifs_leb_read(c, lnum, buf, offs, rlen, 0);
1714
1715 return 0;
1716 }
1717
1718 /**
1719 * validate_data_node - validate data nodes for bulk-read.
1720 * @c: UBIFS file-system description object
1721 * @buf: buffer containing data node to validate
1722 * @zbr: zbranch of data node to validate
1723 *
1724 * This functions returns %0 on success or a negative error code on failure.
1725 */
validate_data_node(struct ubifs_info * c,void * buf,struct ubifs_zbranch * zbr)1726 static int validate_data_node(struct ubifs_info *c, void *buf,
1727 struct ubifs_zbranch *zbr)
1728 {
1729 union ubifs_key key1;
1730 struct ubifs_ch *ch = buf;
1731 int err, len;
1732
1733 if (ch->node_type != UBIFS_DATA_NODE) {
1734 ubifs_err(c, "bad node type (%d but expected %d)",
1735 ch->node_type, UBIFS_DATA_NODE);
1736 goto out_err;
1737 }
1738
1739 err = ubifs_check_node(c, buf, zbr->len, zbr->lnum, zbr->offs, 0, 0);
1740 if (err) {
1741 ubifs_err(c, "expected node type %d", UBIFS_DATA_NODE);
1742 goto out;
1743 }
1744
1745 err = ubifs_node_check_hash(c, buf, zbr->hash);
1746 if (err) {
1747 ubifs_bad_hash(c, buf, zbr->hash, zbr->lnum, zbr->offs);
1748 return err;
1749 }
1750
1751 len = le32_to_cpu(ch->len);
1752 if (len != zbr->len) {
1753 ubifs_err(c, "bad node length %d, expected %d", len, zbr->len);
1754 goto out_err;
1755 }
1756
1757 /* Make sure the key of the read node is correct */
1758 key_read(c, buf + UBIFS_KEY_OFFSET, &key1);
1759 if (!keys_eq(c, &zbr->key, &key1)) {
1760 ubifs_err(c, "bad key in node at LEB %d:%d",
1761 zbr->lnum, zbr->offs);
1762 dbg_tnck(&zbr->key, "looked for key ");
1763 dbg_tnck(&key1, "found node's key ");
1764 goto out_err;
1765 }
1766
1767 return 0;
1768
1769 out_err:
1770 err = -EINVAL;
1771 out:
1772 ubifs_err(c, "bad node at LEB %d:%d", zbr->lnum, zbr->offs);
1773 ubifs_dump_node(c, buf, zbr->len);
1774 dump_stack();
1775 return err;
1776 }
1777
1778 /**
1779 * ubifs_tnc_bulk_read - read a number of data nodes in one go.
1780 * @c: UBIFS file-system description object
1781 * @bu: bulk-read parameters and results
1782 *
1783 * This functions reads and validates the data nodes that were identified by the
1784 * 'ubifs_tnc_get_bu_keys()' function. This functions returns %0 on success,
1785 * -EAGAIN to indicate a race with GC, or another negative error code on
1786 * failure.
1787 */
ubifs_tnc_bulk_read(struct ubifs_info * c,struct bu_info * bu)1788 int ubifs_tnc_bulk_read(struct ubifs_info *c, struct bu_info *bu)
1789 {
1790 int lnum = bu->zbranch[0].lnum, offs = bu->zbranch[0].offs, len, err, i;
1791 struct ubifs_wbuf *wbuf;
1792 void *buf;
1793
1794 len = bu->zbranch[bu->cnt - 1].offs;
1795 len += bu->zbranch[bu->cnt - 1].len - offs;
1796 if (len > bu->buf_len) {
1797 ubifs_err(c, "buffer too small %d vs %d", bu->buf_len, len);
1798 return -EINVAL;
1799 }
1800
1801 /* Do the read */
1802 wbuf = ubifs_get_wbuf(c, lnum);
1803 if (wbuf)
1804 err = read_wbuf(wbuf, bu->buf, len, lnum, offs);
1805 else
1806 err = ubifs_leb_read(c, lnum, bu->buf, offs, len, 0);
1807
1808 /* Check for a race with GC */
1809 if (maybe_leb_gced(c, lnum, bu->gc_seq))
1810 return -EAGAIN;
1811
1812 if (err && err != -EBADMSG) {
1813 ubifs_err(c, "failed to read from LEB %d:%d, error %d",
1814 lnum, offs, err);
1815 dump_stack();
1816 dbg_tnck(&bu->key, "key ");
1817 return err;
1818 }
1819
1820 /* Validate the nodes read */
1821 buf = bu->buf;
1822 for (i = 0; i < bu->cnt; i++) {
1823 err = validate_data_node(c, buf, &bu->zbranch[i]);
1824 if (err)
1825 return err;
1826 buf = buf + ALIGN(bu->zbranch[i].len, 8);
1827 }
1828
1829 return 0;
1830 }
1831
1832 /**
1833 * do_lookup_nm- look up a "hashed" node.
1834 * @c: UBIFS file-system description object
1835 * @key: node key to lookup
1836 * @node: the node is returned here
1837 * @nm: node name
1838 *
1839 * This function looks up and reads a node which contains name hash in the key.
1840 * Since the hash may have collisions, there may be many nodes with the same
1841 * key, so we have to sequentially look to all of them until the needed one is
1842 * found. This function returns zero in case of success, %-ENOENT if the node
1843 * was not found, and a negative error code in case of failure.
1844 */
do_lookup_nm(struct ubifs_info * c,const union ubifs_key * key,void * node,const struct fscrypt_name * nm)1845 static int do_lookup_nm(struct ubifs_info *c, const union ubifs_key *key,
1846 void *node, const struct fscrypt_name *nm)
1847 {
1848 int found, n, err;
1849 struct ubifs_znode *znode;
1850
1851 dbg_tnck(key, "key ");
1852 mutex_lock(&c->tnc_mutex);
1853 found = ubifs_lookup_level0(c, key, &znode, &n);
1854 if (!found) {
1855 err = -ENOENT;
1856 goto out_unlock;
1857 } else if (found < 0) {
1858 err = found;
1859 goto out_unlock;
1860 }
1861
1862 ubifs_assert(c, n >= 0);
1863
1864 err = resolve_collision(c, key, &znode, &n, nm);
1865 dbg_tnc("rc returned %d, znode %p, n %d", err, znode, n);
1866 if (unlikely(err < 0))
1867 goto out_unlock;
1868 if (err == 0) {
1869 err = -ENOENT;
1870 goto out_unlock;
1871 }
1872
1873 err = tnc_read_hashed_node(c, &znode->zbranch[n], node);
1874
1875 out_unlock:
1876 mutex_unlock(&c->tnc_mutex);
1877 return err;
1878 }
1879
1880 /**
1881 * ubifs_tnc_lookup_nm - look up a "hashed" node.
1882 * @c: UBIFS file-system description object
1883 * @key: node key to lookup
1884 * @node: the node is returned here
1885 * @nm: node name
1886 *
1887 * This function looks up and reads a node which contains name hash in the key.
1888 * Since the hash may have collisions, there may be many nodes with the same
1889 * key, so we have to sequentially look to all of them until the needed one is
1890 * found. This function returns zero in case of success, %-ENOENT if the node
1891 * was not found, and a negative error code in case of failure.
1892 */
ubifs_tnc_lookup_nm(struct ubifs_info * c,const union ubifs_key * key,void * node,const struct fscrypt_name * nm)1893 int ubifs_tnc_lookup_nm(struct ubifs_info *c, const union ubifs_key *key,
1894 void *node, const struct fscrypt_name *nm)
1895 {
1896 int err, len;
1897 const struct ubifs_dent_node *dent = node;
1898
1899 /*
1900 * We assume that in most of the cases there are no name collisions and
1901 * 'ubifs_tnc_lookup()' returns us the right direntry.
1902 */
1903 err = ubifs_tnc_lookup(c, key, node);
1904 if (err)
1905 return err;
1906
1907 len = le16_to_cpu(dent->nlen);
1908 if (fname_len(nm) == len && !memcmp(dent->name, fname_name(nm), len))
1909 return 0;
1910
1911 /*
1912 * Unluckily, there are hash collisions and we have to iterate over
1913 * them look at each direntry with colliding name hash sequentially.
1914 */
1915
1916 return do_lookup_nm(c, key, node, nm);
1917 }
1918
search_dh_cookie(struct ubifs_info * c,const union ubifs_key * key,struct ubifs_dent_node * dent,uint32_t cookie,struct ubifs_znode ** zn,int * n,int exact)1919 static int search_dh_cookie(struct ubifs_info *c, const union ubifs_key *key,
1920 struct ubifs_dent_node *dent, uint32_t cookie,
1921 struct ubifs_znode **zn, int *n, int exact)
1922 {
1923 int err;
1924 struct ubifs_znode *znode = *zn;
1925 struct ubifs_zbranch *zbr;
1926 union ubifs_key *dkey;
1927
1928 if (!exact) {
1929 err = tnc_next(c, &znode, n);
1930 if (err)
1931 return err;
1932 }
1933
1934 for (;;) {
1935 zbr = &znode->zbranch[*n];
1936 dkey = &zbr->key;
1937
1938 if (key_inum(c, dkey) != key_inum(c, key) ||
1939 key_type(c, dkey) != key_type(c, key)) {
1940 return -ENOENT;
1941 }
1942
1943 err = tnc_read_hashed_node(c, zbr, dent);
1944 if (err)
1945 return err;
1946
1947 if (key_hash(c, key) == key_hash(c, dkey) &&
1948 le32_to_cpu(dent->cookie) == cookie) {
1949 *zn = znode;
1950 return 0;
1951 }
1952
1953 err = tnc_next(c, &znode, n);
1954 if (err)
1955 return err;
1956 }
1957 }
1958
do_lookup_dh(struct ubifs_info * c,const union ubifs_key * key,struct ubifs_dent_node * dent,uint32_t cookie)1959 static int do_lookup_dh(struct ubifs_info *c, const union ubifs_key *key,
1960 struct ubifs_dent_node *dent, uint32_t cookie)
1961 {
1962 int n, err;
1963 struct ubifs_znode *znode;
1964 union ubifs_key start_key;
1965
1966 ubifs_assert(c, is_hash_key(c, key));
1967
1968 lowest_dent_key(c, &start_key, key_inum(c, key));
1969
1970 mutex_lock(&c->tnc_mutex);
1971 err = ubifs_lookup_level0(c, &start_key, &znode, &n);
1972 if (unlikely(err < 0))
1973 goto out_unlock;
1974
1975 err = search_dh_cookie(c, key, dent, cookie, &znode, &n, err);
1976
1977 out_unlock:
1978 mutex_unlock(&c->tnc_mutex);
1979 return err;
1980 }
1981
1982 /**
1983 * ubifs_tnc_lookup_dh - look up a "double hashed" node.
1984 * @c: UBIFS file-system description object
1985 * @key: node key to lookup
1986 * @node: the node is returned here
1987 * @cookie: node cookie for collision resolution
1988 *
1989 * This function looks up and reads a node which contains name hash in the key.
1990 * Since the hash may have collisions, there may be many nodes with the same
1991 * key, so we have to sequentially look to all of them until the needed one
1992 * with the same cookie value is found.
1993 * This function returns zero in case of success, %-ENOENT if the node
1994 * was not found, and a negative error code in case of failure.
1995 */
ubifs_tnc_lookup_dh(struct ubifs_info * c,const union ubifs_key * key,void * node,uint32_t cookie)1996 int ubifs_tnc_lookup_dh(struct ubifs_info *c, const union ubifs_key *key,
1997 void *node, uint32_t cookie)
1998 {
1999 int err;
2000 const struct ubifs_dent_node *dent = node;
2001
2002 if (!c->double_hash)
2003 return -EOPNOTSUPP;
2004
2005 /*
2006 * We assume that in most of the cases there are no name collisions and
2007 * 'ubifs_tnc_lookup()' returns us the right direntry.
2008 */
2009 err = ubifs_tnc_lookup(c, key, node);
2010 if (err)
2011 return err;
2012
2013 if (le32_to_cpu(dent->cookie) == cookie)
2014 return 0;
2015
2016 /*
2017 * Unluckily, there are hash collisions and we have to iterate over
2018 * them look at each direntry with colliding name hash sequentially.
2019 */
2020 return do_lookup_dh(c, key, node, cookie);
2021 }
2022
2023 /**
2024 * correct_parent_keys - correct parent znodes' keys.
2025 * @c: UBIFS file-system description object
2026 * @znode: znode to correct parent znodes for
2027 *
2028 * This is a helper function for 'tnc_insert()'. When the key of the leftmost
2029 * zbranch changes, keys of parent znodes have to be corrected. This helper
2030 * function is called in such situations and corrects the keys if needed.
2031 */
correct_parent_keys(const struct ubifs_info * c,struct ubifs_znode * znode)2032 static void correct_parent_keys(const struct ubifs_info *c,
2033 struct ubifs_znode *znode)
2034 {
2035 union ubifs_key *key, *key1;
2036
2037 ubifs_assert(c, znode->parent);
2038 ubifs_assert(c, znode->iip == 0);
2039
2040 key = &znode->zbranch[0].key;
2041 key1 = &znode->parent->zbranch[0].key;
2042
2043 while (keys_cmp(c, key, key1) < 0) {
2044 key_copy(c, key, key1);
2045 znode = znode->parent;
2046 znode->alt = 1;
2047 if (!znode->parent || znode->iip)
2048 break;
2049 key1 = &znode->parent->zbranch[0].key;
2050 }
2051 }
2052
2053 /**
2054 * insert_zbranch - insert a zbranch into a znode.
2055 * @c: UBIFS file-system description object
2056 * @znode: znode into which to insert
2057 * @zbr: zbranch to insert
2058 * @n: slot number to insert to
2059 *
2060 * This is a helper function for 'tnc_insert()'. UBIFS does not allow "gaps" in
2061 * znode's array of zbranches and keeps zbranches consolidated, so when a new
2062 * zbranch has to be inserted to the @znode->zbranches[]' array at the @n-th
2063 * slot, zbranches starting from @n have to be moved right.
2064 */
insert_zbranch(struct ubifs_info * c,struct ubifs_znode * znode,const struct ubifs_zbranch * zbr,int n)2065 static void insert_zbranch(struct ubifs_info *c, struct ubifs_znode *znode,
2066 const struct ubifs_zbranch *zbr, int n)
2067 {
2068 int i;
2069
2070 ubifs_assert(c, ubifs_zn_dirty(znode));
2071
2072 if (znode->level) {
2073 for (i = znode->child_cnt; i > n; i--) {
2074 znode->zbranch[i] = znode->zbranch[i - 1];
2075 if (znode->zbranch[i].znode)
2076 znode->zbranch[i].znode->iip = i;
2077 }
2078 if (zbr->znode)
2079 zbr->znode->iip = n;
2080 } else
2081 for (i = znode->child_cnt; i > n; i--)
2082 znode->zbranch[i] = znode->zbranch[i - 1];
2083
2084 znode->zbranch[n] = *zbr;
2085 znode->child_cnt += 1;
2086
2087 /*
2088 * After inserting at slot zero, the lower bound of the key range of
2089 * this znode may have changed. If this znode is subsequently split
2090 * then the upper bound of the key range may change, and furthermore
2091 * it could change to be lower than the original lower bound. If that
2092 * happens, then it will no longer be possible to find this znode in the
2093 * TNC using the key from the index node on flash. That is bad because
2094 * if it is not found, we will assume it is obsolete and may overwrite
2095 * it. Then if there is an unclean unmount, we will start using the
2096 * old index which will be broken.
2097 *
2098 * So we first mark znodes that have insertions at slot zero, and then
2099 * if they are split we add their lnum/offs to the old_idx tree.
2100 */
2101 if (n == 0)
2102 znode->alt = 1;
2103 }
2104
2105 /**
2106 * tnc_insert - insert a node into TNC.
2107 * @c: UBIFS file-system description object
2108 * @znode: znode to insert into
2109 * @zbr: branch to insert
2110 * @n: slot number to insert new zbranch to
2111 *
2112 * This function inserts a new node described by @zbr into znode @znode. If
2113 * znode does not have a free slot for new zbranch, it is split. Parent znodes
2114 * are splat as well if needed. Returns zero in case of success or a negative
2115 * error code in case of failure.
2116 */
tnc_insert(struct ubifs_info * c,struct ubifs_znode * znode,struct ubifs_zbranch * zbr,int n)2117 static int tnc_insert(struct ubifs_info *c, struct ubifs_znode *znode,
2118 struct ubifs_zbranch *zbr, int n)
2119 {
2120 struct ubifs_znode *zn, *zi, *zp;
2121 int i, keep, move, appending = 0;
2122 union ubifs_key *key = &zbr->key, *key1;
2123
2124 ubifs_assert(c, n >= 0 && n <= c->fanout);
2125
2126 /* Implement naive insert for now */
2127 again:
2128 zp = znode->parent;
2129 if (znode->child_cnt < c->fanout) {
2130 ubifs_assert(c, n != c->fanout);
2131 dbg_tnck(key, "inserted at %d level %d, key ", n, znode->level);
2132
2133 insert_zbranch(c, znode, zbr, n);
2134
2135 /* Ensure parent's key is correct */
2136 if (n == 0 && zp && znode->iip == 0)
2137 correct_parent_keys(c, znode);
2138
2139 return 0;
2140 }
2141
2142 /*
2143 * Unfortunately, @znode does not have more empty slots and we have to
2144 * split it.
2145 */
2146 dbg_tnck(key, "splitting level %d, key ", znode->level);
2147
2148 if (znode->alt)
2149 /*
2150 * We can no longer be sure of finding this znode by key, so we
2151 * record it in the old_idx tree.
2152 */
2153 ins_clr_old_idx_znode(c, znode);
2154
2155 zn = kzalloc(c->max_znode_sz, GFP_NOFS);
2156 if (!zn)
2157 return -ENOMEM;
2158 zn->parent = zp;
2159 zn->level = znode->level;
2160
2161 /* Decide where to split */
2162 if (znode->level == 0 && key_type(c, key) == UBIFS_DATA_KEY) {
2163 /* Try not to split consecutive data keys */
2164 if (n == c->fanout) {
2165 key1 = &znode->zbranch[n - 1].key;
2166 if (key_inum(c, key1) == key_inum(c, key) &&
2167 key_type(c, key1) == UBIFS_DATA_KEY)
2168 appending = 1;
2169 } else
2170 goto check_split;
2171 } else if (appending && n != c->fanout) {
2172 /* Try not to split consecutive data keys */
2173 appending = 0;
2174 check_split:
2175 if (n >= (c->fanout + 1) / 2) {
2176 key1 = &znode->zbranch[0].key;
2177 if (key_inum(c, key1) == key_inum(c, key) &&
2178 key_type(c, key1) == UBIFS_DATA_KEY) {
2179 key1 = &znode->zbranch[n].key;
2180 if (key_inum(c, key1) != key_inum(c, key) ||
2181 key_type(c, key1) != UBIFS_DATA_KEY) {
2182 keep = n;
2183 move = c->fanout - keep;
2184 zi = znode;
2185 goto do_split;
2186 }
2187 }
2188 }
2189 }
2190
2191 if (appending) {
2192 keep = c->fanout;
2193 move = 0;
2194 } else {
2195 keep = (c->fanout + 1) / 2;
2196 move = c->fanout - keep;
2197 }
2198
2199 /*
2200 * Although we don't at present, we could look at the neighbors and see
2201 * if we can move some zbranches there.
2202 */
2203
2204 if (n < keep) {
2205 /* Insert into existing znode */
2206 zi = znode;
2207 move += 1;
2208 keep -= 1;
2209 } else {
2210 /* Insert into new znode */
2211 zi = zn;
2212 n -= keep;
2213 /* Re-parent */
2214 if (zn->level != 0)
2215 zbr->znode->parent = zn;
2216 }
2217
2218 do_split:
2219
2220 __set_bit(DIRTY_ZNODE, &zn->flags);
2221 atomic_long_inc(&c->dirty_zn_cnt);
2222
2223 zn->child_cnt = move;
2224 znode->child_cnt = keep;
2225
2226 dbg_tnc("moving %d, keeping %d", move, keep);
2227
2228 /* Move zbranch */
2229 for (i = 0; i < move; i++) {
2230 zn->zbranch[i] = znode->zbranch[keep + i];
2231 /* Re-parent */
2232 if (zn->level != 0)
2233 if (zn->zbranch[i].znode) {
2234 zn->zbranch[i].znode->parent = zn;
2235 zn->zbranch[i].znode->iip = i;
2236 }
2237 }
2238
2239 /* Insert new key and branch */
2240 dbg_tnck(key, "inserting at %d level %d, key ", n, zn->level);
2241
2242 insert_zbranch(c, zi, zbr, n);
2243
2244 /* Insert new znode (produced by spitting) into the parent */
2245 if (zp) {
2246 if (n == 0 && zi == znode && znode->iip == 0)
2247 correct_parent_keys(c, znode);
2248
2249 /* Locate insertion point */
2250 n = znode->iip + 1;
2251
2252 /* Tail recursion */
2253 zbr->key = zn->zbranch[0].key;
2254 zbr->znode = zn;
2255 zbr->lnum = 0;
2256 zbr->offs = 0;
2257 zbr->len = 0;
2258 znode = zp;
2259
2260 goto again;
2261 }
2262
2263 /* We have to split root znode */
2264 dbg_tnc("creating new zroot at level %d", znode->level + 1);
2265
2266 zi = kzalloc(c->max_znode_sz, GFP_NOFS);
2267 if (!zi)
2268 return -ENOMEM;
2269
2270 zi->child_cnt = 2;
2271 zi->level = znode->level + 1;
2272
2273 __set_bit(DIRTY_ZNODE, &zi->flags);
2274 atomic_long_inc(&c->dirty_zn_cnt);
2275
2276 zi->zbranch[0].key = znode->zbranch[0].key;
2277 zi->zbranch[0].znode = znode;
2278 zi->zbranch[0].lnum = c->zroot.lnum;
2279 zi->zbranch[0].offs = c->zroot.offs;
2280 zi->zbranch[0].len = c->zroot.len;
2281 zi->zbranch[1].key = zn->zbranch[0].key;
2282 zi->zbranch[1].znode = zn;
2283
2284 c->zroot.lnum = 0;
2285 c->zroot.offs = 0;
2286 c->zroot.len = 0;
2287 c->zroot.znode = zi;
2288
2289 zn->parent = zi;
2290 zn->iip = 1;
2291 znode->parent = zi;
2292 znode->iip = 0;
2293
2294 return 0;
2295 }
2296
2297 /**
2298 * ubifs_tnc_add - add a node to TNC.
2299 * @c: UBIFS file-system description object
2300 * @key: key to add
2301 * @lnum: LEB number of node
2302 * @offs: node offset
2303 * @len: node length
2304 * @hash: The hash over the node
2305 *
2306 * This function adds a node with key @key to TNC. The node may be new or it may
2307 * obsolete some existing one. Returns %0 on success or negative error code on
2308 * failure.
2309 */
ubifs_tnc_add(struct ubifs_info * c,const union ubifs_key * key,int lnum,int offs,int len,const u8 * hash)2310 int ubifs_tnc_add(struct ubifs_info *c, const union ubifs_key *key, int lnum,
2311 int offs, int len, const u8 *hash)
2312 {
2313 int found, n, err = 0;
2314 struct ubifs_znode *znode;
2315
2316 mutex_lock(&c->tnc_mutex);
2317 dbg_tnck(key, "%d:%d, len %d, key ", lnum, offs, len);
2318 found = lookup_level0_dirty(c, key, &znode, &n);
2319 if (!found) {
2320 struct ubifs_zbranch zbr;
2321
2322 zbr.znode = NULL;
2323 zbr.lnum = lnum;
2324 zbr.offs = offs;
2325 zbr.len = len;
2326 ubifs_copy_hash(c, hash, zbr.hash);
2327 key_copy(c, key, &zbr.key);
2328 err = tnc_insert(c, znode, &zbr, n + 1);
2329 } else if (found == 1) {
2330 struct ubifs_zbranch *zbr = &znode->zbranch[n];
2331
2332 lnc_free(zbr);
2333 err = ubifs_add_dirt(c, zbr->lnum, zbr->len);
2334 zbr->lnum = lnum;
2335 zbr->offs = offs;
2336 zbr->len = len;
2337 ubifs_copy_hash(c, hash, zbr->hash);
2338 } else
2339 err = found;
2340 if (!err)
2341 err = dbg_check_tnc(c, 0);
2342 mutex_unlock(&c->tnc_mutex);
2343
2344 return err;
2345 }
2346
2347 /**
2348 * ubifs_tnc_replace - replace a node in the TNC only if the old node is found.
2349 * @c: UBIFS file-system description object
2350 * @key: key to add
2351 * @old_lnum: LEB number of old node
2352 * @old_offs: old node offset
2353 * @lnum: LEB number of node
2354 * @offs: node offset
2355 * @len: node length
2356 *
2357 * This function replaces a node with key @key in the TNC only if the old node
2358 * is found. This function is called by garbage collection when node are moved.
2359 * Returns %0 on success or negative error code on failure.
2360 */
ubifs_tnc_replace(struct ubifs_info * c,const union ubifs_key * key,int old_lnum,int old_offs,int lnum,int offs,int len)2361 int ubifs_tnc_replace(struct ubifs_info *c, const union ubifs_key *key,
2362 int old_lnum, int old_offs, int lnum, int offs, int len)
2363 {
2364 int found, n, err = 0;
2365 struct ubifs_znode *znode;
2366
2367 mutex_lock(&c->tnc_mutex);
2368 dbg_tnck(key, "old LEB %d:%d, new LEB %d:%d, len %d, key ", old_lnum,
2369 old_offs, lnum, offs, len);
2370 found = lookup_level0_dirty(c, key, &znode, &n);
2371 if (found < 0) {
2372 err = found;
2373 goto out_unlock;
2374 }
2375
2376 if (found == 1) {
2377 struct ubifs_zbranch *zbr = &znode->zbranch[n];
2378
2379 found = 0;
2380 if (zbr->lnum == old_lnum && zbr->offs == old_offs) {
2381 lnc_free(zbr);
2382 err = ubifs_add_dirt(c, zbr->lnum, zbr->len);
2383 if (err)
2384 goto out_unlock;
2385 zbr->lnum = lnum;
2386 zbr->offs = offs;
2387 zbr->len = len;
2388 found = 1;
2389 } else if (is_hash_key(c, key)) {
2390 found = resolve_collision_directly(c, key, &znode, &n,
2391 old_lnum, old_offs);
2392 dbg_tnc("rc returned %d, znode %p, n %d, LEB %d:%d",
2393 found, znode, n, old_lnum, old_offs);
2394 if (found < 0) {
2395 err = found;
2396 goto out_unlock;
2397 }
2398
2399 if (found) {
2400 /* Ensure the znode is dirtied */
2401 if (znode->cnext || !ubifs_zn_dirty(znode)) {
2402 znode = dirty_cow_bottom_up(c, znode);
2403 if (IS_ERR(znode)) {
2404 err = PTR_ERR(znode);
2405 goto out_unlock;
2406 }
2407 }
2408 zbr = &znode->zbranch[n];
2409 lnc_free(zbr);
2410 err = ubifs_add_dirt(c, zbr->lnum,
2411 zbr->len);
2412 if (err)
2413 goto out_unlock;
2414 zbr->lnum = lnum;
2415 zbr->offs = offs;
2416 zbr->len = len;
2417 }
2418 }
2419 }
2420
2421 if (!found)
2422 err = ubifs_add_dirt(c, lnum, len);
2423
2424 if (!err)
2425 err = dbg_check_tnc(c, 0);
2426
2427 out_unlock:
2428 mutex_unlock(&c->tnc_mutex);
2429 return err;
2430 }
2431
2432 /**
2433 * ubifs_tnc_add_nm - add a "hashed" node to TNC.
2434 * @c: UBIFS file-system description object
2435 * @key: key to add
2436 * @lnum: LEB number of node
2437 * @offs: node offset
2438 * @len: node length
2439 * @hash: The hash over the node
2440 * @nm: node name
2441 *
2442 * This is the same as 'ubifs_tnc_add()' but it should be used with keys which
2443 * may have collisions, like directory entry keys.
2444 */
ubifs_tnc_add_nm(struct ubifs_info * c,const union ubifs_key * key,int lnum,int offs,int len,const u8 * hash,const struct fscrypt_name * nm)2445 int ubifs_tnc_add_nm(struct ubifs_info *c, const union ubifs_key *key,
2446 int lnum, int offs, int len, const u8 *hash,
2447 const struct fscrypt_name *nm)
2448 {
2449 int found, n, err = 0;
2450 struct ubifs_znode *znode;
2451
2452 mutex_lock(&c->tnc_mutex);
2453 dbg_tnck(key, "LEB %d:%d, key ", lnum, offs);
2454 found = lookup_level0_dirty(c, key, &znode, &n);
2455 if (found < 0) {
2456 err = found;
2457 goto out_unlock;
2458 }
2459
2460 if (found == 1) {
2461 if (c->replaying)
2462 found = fallible_resolve_collision(c, key, &znode, &n,
2463 nm, 1);
2464 else
2465 found = resolve_collision(c, key, &znode, &n, nm);
2466 dbg_tnc("rc returned %d, znode %p, n %d", found, znode, n);
2467 if (found < 0) {
2468 err = found;
2469 goto out_unlock;
2470 }
2471
2472 /* Ensure the znode is dirtied */
2473 if (znode->cnext || !ubifs_zn_dirty(znode)) {
2474 znode = dirty_cow_bottom_up(c, znode);
2475 if (IS_ERR(znode)) {
2476 err = PTR_ERR(znode);
2477 goto out_unlock;
2478 }
2479 }
2480
2481 if (found == 1) {
2482 struct ubifs_zbranch *zbr = &znode->zbranch[n];
2483
2484 lnc_free(zbr);
2485 err = ubifs_add_dirt(c, zbr->lnum, zbr->len);
2486 zbr->lnum = lnum;
2487 zbr->offs = offs;
2488 zbr->len = len;
2489 ubifs_copy_hash(c, hash, zbr->hash);
2490 goto out_unlock;
2491 }
2492 }
2493
2494 if (!found) {
2495 struct ubifs_zbranch zbr;
2496
2497 zbr.znode = NULL;
2498 zbr.lnum = lnum;
2499 zbr.offs = offs;
2500 zbr.len = len;
2501 ubifs_copy_hash(c, hash, zbr.hash);
2502 key_copy(c, key, &zbr.key);
2503 err = tnc_insert(c, znode, &zbr, n + 1);
2504 if (err)
2505 goto out_unlock;
2506 if (c->replaying) {
2507 /*
2508 * We did not find it in the index so there may be a
2509 * dangling branch still in the index. So we remove it
2510 * by passing 'ubifs_tnc_remove_nm()' the same key but
2511 * an unmatchable name.
2512 */
2513 struct fscrypt_name noname = { .disk_name = { .name = "", .len = 1 } };
2514
2515 err = dbg_check_tnc(c, 0);
2516 mutex_unlock(&c->tnc_mutex);
2517 if (err)
2518 return err;
2519 return ubifs_tnc_remove_nm(c, key, &noname);
2520 }
2521 }
2522
2523 out_unlock:
2524 if (!err)
2525 err = dbg_check_tnc(c, 0);
2526 mutex_unlock(&c->tnc_mutex);
2527 return err;
2528 }
2529
2530 /**
2531 * tnc_delete - delete a znode form TNC.
2532 * @c: UBIFS file-system description object
2533 * @znode: znode to delete from
2534 * @n: zbranch slot number to delete
2535 *
2536 * This function deletes a leaf node from @n-th slot of @znode. Returns zero in
2537 * case of success and a negative error code in case of failure.
2538 */
tnc_delete(struct ubifs_info * c,struct ubifs_znode * znode,int n)2539 static int tnc_delete(struct ubifs_info *c, struct ubifs_znode *znode, int n)
2540 {
2541 struct ubifs_zbranch *zbr;
2542 struct ubifs_znode *zp;
2543 int i, err;
2544
2545 /* Delete without merge for now */
2546 ubifs_assert(c, znode->level == 0);
2547 ubifs_assert(c, n >= 0 && n < c->fanout);
2548 dbg_tnck(&znode->zbranch[n].key, "deleting key ");
2549
2550 zbr = &znode->zbranch[n];
2551 lnc_free(zbr);
2552
2553 err = ubifs_add_dirt(c, zbr->lnum, zbr->len);
2554 if (err) {
2555 ubifs_dump_znode(c, znode);
2556 return err;
2557 }
2558
2559 /* We do not "gap" zbranch slots */
2560 for (i = n; i < znode->child_cnt - 1; i++)
2561 znode->zbranch[i] = znode->zbranch[i + 1];
2562 znode->child_cnt -= 1;
2563
2564 if (znode->child_cnt > 0)
2565 return 0;
2566
2567 /*
2568 * This was the last zbranch, we have to delete this znode from the
2569 * parent.
2570 */
2571
2572 do {
2573 ubifs_assert(c, !ubifs_zn_obsolete(znode));
2574 ubifs_assert(c, ubifs_zn_dirty(znode));
2575
2576 zp = znode->parent;
2577 n = znode->iip;
2578
2579 atomic_long_dec(&c->dirty_zn_cnt);
2580
2581 err = insert_old_idx_znode(c, znode);
2582 if (err)
2583 return err;
2584
2585 if (znode->cnext) {
2586 __set_bit(OBSOLETE_ZNODE, &znode->flags);
2587 atomic_long_inc(&c->clean_zn_cnt);
2588 atomic_long_inc(&ubifs_clean_zn_cnt);
2589 } else
2590 kfree(znode);
2591 znode = zp;
2592 } while (znode->child_cnt == 1); /* while removing last child */
2593
2594 /* Remove from znode, entry n - 1 */
2595 znode->child_cnt -= 1;
2596 ubifs_assert(c, znode->level != 0);
2597 for (i = n; i < znode->child_cnt; i++) {
2598 znode->zbranch[i] = znode->zbranch[i + 1];
2599 if (znode->zbranch[i].znode)
2600 znode->zbranch[i].znode->iip = i;
2601 }
2602
2603 /*
2604 * If this is the root and it has only 1 child then
2605 * collapse the tree.
2606 */
2607 if (!znode->parent) {
2608 while (znode->child_cnt == 1 && znode->level != 0) {
2609 zp = znode;
2610 zbr = &znode->zbranch[0];
2611 znode = get_znode(c, znode, 0);
2612 if (IS_ERR(znode))
2613 return PTR_ERR(znode);
2614 znode = dirty_cow_znode(c, zbr);
2615 if (IS_ERR(znode))
2616 return PTR_ERR(znode);
2617 znode->parent = NULL;
2618 znode->iip = 0;
2619 if (c->zroot.len) {
2620 err = insert_old_idx(c, c->zroot.lnum,
2621 c->zroot.offs);
2622 if (err)
2623 return err;
2624 }
2625 c->zroot.lnum = zbr->lnum;
2626 c->zroot.offs = zbr->offs;
2627 c->zroot.len = zbr->len;
2628 c->zroot.znode = znode;
2629 ubifs_assert(c, !ubifs_zn_obsolete(zp));
2630 ubifs_assert(c, ubifs_zn_dirty(zp));
2631 atomic_long_dec(&c->dirty_zn_cnt);
2632
2633 if (zp->cnext) {
2634 __set_bit(OBSOLETE_ZNODE, &zp->flags);
2635 atomic_long_inc(&c->clean_zn_cnt);
2636 atomic_long_inc(&ubifs_clean_zn_cnt);
2637 } else
2638 kfree(zp);
2639 }
2640 }
2641
2642 return 0;
2643 }
2644
2645 /**
2646 * ubifs_tnc_remove - remove an index entry of a node.
2647 * @c: UBIFS file-system description object
2648 * @key: key of node
2649 *
2650 * Returns %0 on success or negative error code on failure.
2651 */
ubifs_tnc_remove(struct ubifs_info * c,const union ubifs_key * key)2652 int ubifs_tnc_remove(struct ubifs_info *c, const union ubifs_key *key)
2653 {
2654 int found, n, err = 0;
2655 struct ubifs_znode *znode;
2656
2657 mutex_lock(&c->tnc_mutex);
2658 dbg_tnck(key, "key ");
2659 found = lookup_level0_dirty(c, key, &znode, &n);
2660 if (found < 0) {
2661 err = found;
2662 goto out_unlock;
2663 }
2664 if (found == 1)
2665 err = tnc_delete(c, znode, n);
2666 if (!err)
2667 err = dbg_check_tnc(c, 0);
2668
2669 out_unlock:
2670 mutex_unlock(&c->tnc_mutex);
2671 return err;
2672 }
2673
2674 /**
2675 * ubifs_tnc_remove_nm - remove an index entry for a "hashed" node.
2676 * @c: UBIFS file-system description object
2677 * @key: key of node
2678 * @nm: directory entry name
2679 *
2680 * Returns %0 on success or negative error code on failure.
2681 */
ubifs_tnc_remove_nm(struct ubifs_info * c,const union ubifs_key * key,const struct fscrypt_name * nm)2682 int ubifs_tnc_remove_nm(struct ubifs_info *c, const union ubifs_key *key,
2683 const struct fscrypt_name *nm)
2684 {
2685 int n, err;
2686 struct ubifs_znode *znode;
2687
2688 mutex_lock(&c->tnc_mutex);
2689 dbg_tnck(key, "key ");
2690 err = lookup_level0_dirty(c, key, &znode, &n);
2691 if (err < 0)
2692 goto out_unlock;
2693
2694 if (err) {
2695 if (c->replaying)
2696 err = fallible_resolve_collision(c, key, &znode, &n,
2697 nm, 0);
2698 else
2699 err = resolve_collision(c, key, &znode, &n, nm);
2700 dbg_tnc("rc returned %d, znode %p, n %d", err, znode, n);
2701 if (err < 0)
2702 goto out_unlock;
2703 if (err) {
2704 /* Ensure the znode is dirtied */
2705 if (znode->cnext || !ubifs_zn_dirty(znode)) {
2706 znode = dirty_cow_bottom_up(c, znode);
2707 if (IS_ERR(znode)) {
2708 err = PTR_ERR(znode);
2709 goto out_unlock;
2710 }
2711 }
2712 err = tnc_delete(c, znode, n);
2713 }
2714 }
2715
2716 out_unlock:
2717 if (!err)
2718 err = dbg_check_tnc(c, 0);
2719 mutex_unlock(&c->tnc_mutex);
2720 return err;
2721 }
2722
2723 /**
2724 * ubifs_tnc_remove_dh - remove an index entry for a "double hashed" node.
2725 * @c: UBIFS file-system description object
2726 * @key: key of node
2727 * @cookie: node cookie for collision resolution
2728 *
2729 * Returns %0 on success or negative error code on failure.
2730 */
ubifs_tnc_remove_dh(struct ubifs_info * c,const union ubifs_key * key,uint32_t cookie)2731 int ubifs_tnc_remove_dh(struct ubifs_info *c, const union ubifs_key *key,
2732 uint32_t cookie)
2733 {
2734 int n, err;
2735 struct ubifs_znode *znode;
2736 struct ubifs_dent_node *dent;
2737 struct ubifs_zbranch *zbr;
2738
2739 if (!c->double_hash)
2740 return -EOPNOTSUPP;
2741
2742 mutex_lock(&c->tnc_mutex);
2743 err = lookup_level0_dirty(c, key, &znode, &n);
2744 if (err <= 0)
2745 goto out_unlock;
2746
2747 zbr = &znode->zbranch[n];
2748 dent = kmalloc(UBIFS_MAX_DENT_NODE_SZ, GFP_NOFS);
2749 if (!dent) {
2750 err = -ENOMEM;
2751 goto out_unlock;
2752 }
2753
2754 err = tnc_read_hashed_node(c, zbr, dent);
2755 if (err)
2756 goto out_free;
2757
2758 /* If the cookie does not match, we're facing a hash collision. */
2759 if (le32_to_cpu(dent->cookie) != cookie) {
2760 union ubifs_key start_key;
2761
2762 lowest_dent_key(c, &start_key, key_inum(c, key));
2763
2764 err = ubifs_lookup_level0(c, &start_key, &znode, &n);
2765 if (unlikely(err < 0))
2766 goto out_free;
2767
2768 err = search_dh_cookie(c, key, dent, cookie, &znode, &n, err);
2769 if (err)
2770 goto out_free;
2771 }
2772
2773 if (znode->cnext || !ubifs_zn_dirty(znode)) {
2774 znode = dirty_cow_bottom_up(c, znode);
2775 if (IS_ERR(znode)) {
2776 err = PTR_ERR(znode);
2777 goto out_free;
2778 }
2779 }
2780 err = tnc_delete(c, znode, n);
2781
2782 out_free:
2783 kfree(dent);
2784 out_unlock:
2785 if (!err)
2786 err = dbg_check_tnc(c, 0);
2787 mutex_unlock(&c->tnc_mutex);
2788 return err;
2789 }
2790
2791 /**
2792 * key_in_range - determine if a key falls within a range of keys.
2793 * @c: UBIFS file-system description object
2794 * @key: key to check
2795 * @from_key: lowest key in range
2796 * @to_key: highest key in range
2797 *
2798 * This function returns %1 if the key is in range and %0 otherwise.
2799 */
key_in_range(struct ubifs_info * c,union ubifs_key * key,union ubifs_key * from_key,union ubifs_key * to_key)2800 static int key_in_range(struct ubifs_info *c, union ubifs_key *key,
2801 union ubifs_key *from_key, union ubifs_key *to_key)
2802 {
2803 if (keys_cmp(c, key, from_key) < 0)
2804 return 0;
2805 if (keys_cmp(c, key, to_key) > 0)
2806 return 0;
2807 return 1;
2808 }
2809
2810 /**
2811 * ubifs_tnc_remove_range - remove index entries in range.
2812 * @c: UBIFS file-system description object
2813 * @from_key: lowest key to remove
2814 * @to_key: highest key to remove
2815 *
2816 * This function removes index entries starting at @from_key and ending at
2817 * @to_key. This function returns zero in case of success and a negative error
2818 * code in case of failure.
2819 */
ubifs_tnc_remove_range(struct ubifs_info * c,union ubifs_key * from_key,union ubifs_key * to_key)2820 int ubifs_tnc_remove_range(struct ubifs_info *c, union ubifs_key *from_key,
2821 union ubifs_key *to_key)
2822 {
2823 int i, n, k, err = 0;
2824 struct ubifs_znode *znode;
2825 union ubifs_key *key;
2826
2827 mutex_lock(&c->tnc_mutex);
2828 while (1) {
2829 /* Find first level 0 znode that contains keys to remove */
2830 err = ubifs_lookup_level0(c, from_key, &znode, &n);
2831 if (err < 0)
2832 goto out_unlock;
2833
2834 if (err)
2835 key = from_key;
2836 else {
2837 err = tnc_next(c, &znode, &n);
2838 if (err == -ENOENT) {
2839 err = 0;
2840 goto out_unlock;
2841 }
2842 if (err < 0)
2843 goto out_unlock;
2844 key = &znode->zbranch[n].key;
2845 if (!key_in_range(c, key, from_key, to_key)) {
2846 err = 0;
2847 goto out_unlock;
2848 }
2849 }
2850
2851 /* Ensure the znode is dirtied */
2852 if (znode->cnext || !ubifs_zn_dirty(znode)) {
2853 znode = dirty_cow_bottom_up(c, znode);
2854 if (IS_ERR(znode)) {
2855 err = PTR_ERR(znode);
2856 goto out_unlock;
2857 }
2858 }
2859
2860 /* Remove all keys in range except the first */
2861 for (i = n + 1, k = 0; i < znode->child_cnt; i++, k++) {
2862 key = &znode->zbranch[i].key;
2863 if (!key_in_range(c, key, from_key, to_key))
2864 break;
2865 lnc_free(&znode->zbranch[i]);
2866 err = ubifs_add_dirt(c, znode->zbranch[i].lnum,
2867 znode->zbranch[i].len);
2868 if (err) {
2869 ubifs_dump_znode(c, znode);
2870 goto out_unlock;
2871 }
2872 dbg_tnck(key, "removing key ");
2873 }
2874 if (k) {
2875 for (i = n + 1 + k; i < znode->child_cnt; i++)
2876 znode->zbranch[i - k] = znode->zbranch[i];
2877 znode->child_cnt -= k;
2878 }
2879
2880 /* Now delete the first */
2881 err = tnc_delete(c, znode, n);
2882 if (err)
2883 goto out_unlock;
2884 }
2885
2886 out_unlock:
2887 if (!err)
2888 err = dbg_check_tnc(c, 0);
2889 mutex_unlock(&c->tnc_mutex);
2890 return err;
2891 }
2892
2893 /**
2894 * ubifs_tnc_remove_ino - remove an inode from TNC.
2895 * @c: UBIFS file-system description object
2896 * @inum: inode number to remove
2897 *
2898 * This function remove inode @inum and all the extended attributes associated
2899 * with the anode from TNC and returns zero in case of success or a negative
2900 * error code in case of failure.
2901 */
ubifs_tnc_remove_ino(struct ubifs_info * c,ino_t inum)2902 int ubifs_tnc_remove_ino(struct ubifs_info *c, ino_t inum)
2903 {
2904 union ubifs_key key1, key2;
2905 struct ubifs_dent_node *xent, *pxent = NULL;
2906 struct fscrypt_name nm = {0};
2907
2908 dbg_tnc("ino %lu", (unsigned long)inum);
2909
2910 /*
2911 * Walk all extended attribute entries and remove them together with
2912 * corresponding extended attribute inodes.
2913 */
2914 lowest_xent_key(c, &key1, inum);
2915 while (1) {
2916 ino_t xattr_inum;
2917 int err;
2918
2919 xent = ubifs_tnc_next_ent(c, &key1, &nm);
2920 if (IS_ERR(xent)) {
2921 err = PTR_ERR(xent);
2922 if (err == -ENOENT)
2923 break;
2924 kfree(pxent);
2925 return err;
2926 }
2927
2928 xattr_inum = le64_to_cpu(xent->inum);
2929 dbg_tnc("xent '%s', ino %lu", xent->name,
2930 (unsigned long)xattr_inum);
2931
2932 ubifs_evict_xattr_inode(c, xattr_inum);
2933
2934 fname_name(&nm) = xent->name;
2935 fname_len(&nm) = le16_to_cpu(xent->nlen);
2936 err = ubifs_tnc_remove_nm(c, &key1, &nm);
2937 if (err) {
2938 kfree(pxent);
2939 kfree(xent);
2940 return err;
2941 }
2942
2943 lowest_ino_key(c, &key1, xattr_inum);
2944 highest_ino_key(c, &key2, xattr_inum);
2945 err = ubifs_tnc_remove_range(c, &key1, &key2);
2946 if (err) {
2947 kfree(pxent);
2948 kfree(xent);
2949 return err;
2950 }
2951
2952 kfree(pxent);
2953 pxent = xent;
2954 key_read(c, &xent->key, &key1);
2955 }
2956
2957 kfree(pxent);
2958 lowest_ino_key(c, &key1, inum);
2959 highest_ino_key(c, &key2, inum);
2960
2961 return ubifs_tnc_remove_range(c, &key1, &key2);
2962 }
2963
2964 /**
2965 * ubifs_tnc_next_ent - walk directory or extended attribute entries.
2966 * @c: UBIFS file-system description object
2967 * @key: key of last entry
2968 * @nm: name of last entry found or %NULL
2969 *
2970 * This function finds and reads the next directory or extended attribute entry
2971 * after the given key (@key) if there is one. @nm is used to resolve
2972 * collisions.
2973 *
2974 * If the name of the current entry is not known and only the key is known,
2975 * @nm->name has to be %NULL. In this case the semantics of this function is a
2976 * little bit different and it returns the entry corresponding to this key, not
2977 * the next one. If the key was not found, the closest "right" entry is
2978 * returned.
2979 *
2980 * If the fist entry has to be found, @key has to contain the lowest possible
2981 * key value for this inode and @name has to be %NULL.
2982 *
2983 * This function returns the found directory or extended attribute entry node
2984 * in case of success, %-ENOENT is returned if no entry was found, and a
2985 * negative error code is returned in case of failure.
2986 */
ubifs_tnc_next_ent(struct ubifs_info * c,union ubifs_key * key,const struct fscrypt_name * nm)2987 struct ubifs_dent_node *ubifs_tnc_next_ent(struct ubifs_info *c,
2988 union ubifs_key *key,
2989 const struct fscrypt_name *nm)
2990 {
2991 int n, err, type = key_type(c, key);
2992 struct ubifs_znode *znode;
2993 struct ubifs_dent_node *dent;
2994 struct ubifs_zbranch *zbr;
2995 union ubifs_key *dkey;
2996
2997 dbg_tnck(key, "key ");
2998 ubifs_assert(c, is_hash_key(c, key));
2999
3000 mutex_lock(&c->tnc_mutex);
3001 err = ubifs_lookup_level0(c, key, &znode, &n);
3002 if (unlikely(err < 0))
3003 goto out_unlock;
3004
3005 if (fname_len(nm) > 0) {
3006 if (err) {
3007 /* Handle collisions */
3008 if (c->replaying)
3009 err = fallible_resolve_collision(c, key, &znode, &n,
3010 nm, 0);
3011 else
3012 err = resolve_collision(c, key, &znode, &n, nm);
3013 dbg_tnc("rc returned %d, znode %p, n %d",
3014 err, znode, n);
3015 if (unlikely(err < 0))
3016 goto out_unlock;
3017 }
3018
3019 /* Now find next entry */
3020 err = tnc_next(c, &znode, &n);
3021 if (unlikely(err))
3022 goto out_unlock;
3023 } else {
3024 /*
3025 * The full name of the entry was not given, in which case the
3026 * behavior of this function is a little different and it
3027 * returns current entry, not the next one.
3028 */
3029 if (!err) {
3030 /*
3031 * However, the given key does not exist in the TNC
3032 * tree and @znode/@n variables contain the closest
3033 * "preceding" element. Switch to the next one.
3034 */
3035 err = tnc_next(c, &znode, &n);
3036 if (err)
3037 goto out_unlock;
3038 }
3039 }
3040
3041 zbr = &znode->zbranch[n];
3042 dent = kmalloc(zbr->len, GFP_NOFS);
3043 if (unlikely(!dent)) {
3044 err = -ENOMEM;
3045 goto out_unlock;
3046 }
3047
3048 /*
3049 * The above 'tnc_next()' call could lead us to the next inode, check
3050 * this.
3051 */
3052 dkey = &zbr->key;
3053 if (key_inum(c, dkey) != key_inum(c, key) ||
3054 key_type(c, dkey) != type) {
3055 err = -ENOENT;
3056 goto out_free;
3057 }
3058
3059 err = tnc_read_hashed_node(c, zbr, dent);
3060 if (unlikely(err))
3061 goto out_free;
3062
3063 mutex_unlock(&c->tnc_mutex);
3064 return dent;
3065
3066 out_free:
3067 kfree(dent);
3068 out_unlock:
3069 mutex_unlock(&c->tnc_mutex);
3070 return ERR_PTR(err);
3071 }
3072
3073 /**
3074 * tnc_destroy_cnext - destroy left-over obsolete znodes from a failed commit.
3075 * @c: UBIFS file-system description object
3076 *
3077 * Destroy left-over obsolete znodes from a failed commit.
3078 */
tnc_destroy_cnext(struct ubifs_info * c)3079 static void tnc_destroy_cnext(struct ubifs_info *c)
3080 {
3081 struct ubifs_znode *cnext;
3082
3083 if (!c->cnext)
3084 return;
3085 ubifs_assert(c, c->cmt_state == COMMIT_BROKEN);
3086 cnext = c->cnext;
3087 do {
3088 struct ubifs_znode *znode = cnext;
3089
3090 cnext = cnext->cnext;
3091 if (ubifs_zn_obsolete(znode))
3092 kfree(znode);
3093 else if (!ubifs_zn_cow(znode)) {
3094 /*
3095 * Don't forget to update clean znode count after
3096 * committing failed, because ubifs will check this
3097 * count while closing tnc. Non-obsolete znode could
3098 * be re-dirtied during committing process, so dirty
3099 * flag is untrustable. The flag 'COW_ZNODE' is set
3100 * for each dirty znode before committing, and it is
3101 * cleared as long as the znode become clean, so we
3102 * can statistic clean znode count according to this
3103 * flag.
3104 */
3105 atomic_long_inc(&c->clean_zn_cnt);
3106 atomic_long_inc(&ubifs_clean_zn_cnt);
3107 }
3108 } while (cnext && cnext != c->cnext);
3109 }
3110
3111 /**
3112 * ubifs_tnc_close - close TNC subsystem and free all related resources.
3113 * @c: UBIFS file-system description object
3114 */
ubifs_tnc_close(struct ubifs_info * c)3115 void ubifs_tnc_close(struct ubifs_info *c)
3116 {
3117 tnc_destroy_cnext(c);
3118 if (c->zroot.znode) {
3119 long n, freed;
3120
3121 n = atomic_long_read(&c->clean_zn_cnt);
3122 freed = ubifs_destroy_tnc_subtree(c, c->zroot.znode);
3123 ubifs_assert(c, freed == n);
3124 atomic_long_sub(n, &ubifs_clean_zn_cnt);
3125 }
3126 kfree(c->gap_lebs);
3127 kfree(c->ilebs);
3128 destroy_old_idx(c);
3129 }
3130
3131 /**
3132 * left_znode - get the znode to the left.
3133 * @c: UBIFS file-system description object
3134 * @znode: znode
3135 *
3136 * This function returns a pointer to the znode to the left of @znode or NULL if
3137 * there is not one. A negative error code is returned on failure.
3138 */
left_znode(struct ubifs_info * c,struct ubifs_znode * znode)3139 static struct ubifs_znode *left_znode(struct ubifs_info *c,
3140 struct ubifs_znode *znode)
3141 {
3142 int level = znode->level;
3143
3144 while (1) {
3145 int n = znode->iip - 1;
3146
3147 /* Go up until we can go left */
3148 znode = znode->parent;
3149 if (!znode)
3150 return NULL;
3151 if (n >= 0) {
3152 /* Now go down the rightmost branch to 'level' */
3153 znode = get_znode(c, znode, n);
3154 if (IS_ERR(znode))
3155 return znode;
3156 while (znode->level != level) {
3157 n = znode->child_cnt - 1;
3158 znode = get_znode(c, znode, n);
3159 if (IS_ERR(znode))
3160 return znode;
3161 }
3162 break;
3163 }
3164 }
3165 return znode;
3166 }
3167
3168 /**
3169 * right_znode - get the znode to the right.
3170 * @c: UBIFS file-system description object
3171 * @znode: znode
3172 *
3173 * This function returns a pointer to the znode to the right of @znode or NULL
3174 * if there is not one. A negative error code is returned on failure.
3175 */
right_znode(struct ubifs_info * c,struct ubifs_znode * znode)3176 static struct ubifs_znode *right_znode(struct ubifs_info *c,
3177 struct ubifs_znode *znode)
3178 {
3179 int level = znode->level;
3180
3181 while (1) {
3182 int n = znode->iip + 1;
3183
3184 /* Go up until we can go right */
3185 znode = znode->parent;
3186 if (!znode)
3187 return NULL;
3188 if (n < znode->child_cnt) {
3189 /* Now go down the leftmost branch to 'level' */
3190 znode = get_znode(c, znode, n);
3191 if (IS_ERR(znode))
3192 return znode;
3193 while (znode->level != level) {
3194 znode = get_znode(c, znode, 0);
3195 if (IS_ERR(znode))
3196 return znode;
3197 }
3198 break;
3199 }
3200 }
3201 return znode;
3202 }
3203
3204 /**
3205 * lookup_znode - find a particular indexing node from TNC.
3206 * @c: UBIFS file-system description object
3207 * @key: index node key to lookup
3208 * @level: index node level
3209 * @lnum: index node LEB number
3210 * @offs: index node offset
3211 *
3212 * This function searches an indexing node by its first key @key and its
3213 * address @lnum:@offs. It looks up the indexing tree by pulling all indexing
3214 * nodes it traverses to TNC. This function is called for indexing nodes which
3215 * were found on the media by scanning, for example when garbage-collecting or
3216 * when doing in-the-gaps commit. This means that the indexing node which is
3217 * looked for does not have to have exactly the same leftmost key @key, because
3218 * the leftmost key may have been changed, in which case TNC will contain a
3219 * dirty znode which still refers the same @lnum:@offs. This function is clever
3220 * enough to recognize such indexing nodes.
3221 *
3222 * Note, if a znode was deleted or changed too much, then this function will
3223 * not find it. For situations like this UBIFS has the old index RB-tree
3224 * (indexed by @lnum:@offs).
3225 *
3226 * This function returns a pointer to the znode found or %NULL if it is not
3227 * found. A negative error code is returned on failure.
3228 */
lookup_znode(struct ubifs_info * c,union ubifs_key * key,int level,int lnum,int offs)3229 static struct ubifs_znode *lookup_znode(struct ubifs_info *c,
3230 union ubifs_key *key, int level,
3231 int lnum, int offs)
3232 {
3233 struct ubifs_znode *znode, *zn;
3234 int n, nn;
3235
3236 ubifs_assert(c, key_type(c, key) < UBIFS_INVALID_KEY);
3237
3238 /*
3239 * The arguments have probably been read off flash, so don't assume
3240 * they are valid.
3241 */
3242 if (level < 0)
3243 return ERR_PTR(-EINVAL);
3244
3245 /* Get the root znode */
3246 znode = c->zroot.znode;
3247 if (!znode) {
3248 znode = ubifs_load_znode(c, &c->zroot, NULL, 0);
3249 if (IS_ERR(znode))
3250 return znode;
3251 }
3252 /* Check if it is the one we are looking for */
3253 if (c->zroot.lnum == lnum && c->zroot.offs == offs)
3254 return znode;
3255 /* Descend to the parent level i.e. (level + 1) */
3256 if (level >= znode->level)
3257 return NULL;
3258 while (1) {
3259 ubifs_search_zbranch(c, znode, key, &n);
3260 if (n < 0) {
3261 /*
3262 * We reached a znode where the leftmost key is greater
3263 * than the key we are searching for. This is the same
3264 * situation as the one described in a huge comment at
3265 * the end of the 'ubifs_lookup_level0()' function. And
3266 * for exactly the same reasons we have to try to look
3267 * left before giving up.
3268 */
3269 znode = left_znode(c, znode);
3270 if (!znode)
3271 return NULL;
3272 if (IS_ERR(znode))
3273 return znode;
3274 ubifs_search_zbranch(c, znode, key, &n);
3275 ubifs_assert(c, n >= 0);
3276 }
3277 if (znode->level == level + 1)
3278 break;
3279 znode = get_znode(c, znode, n);
3280 if (IS_ERR(znode))
3281 return znode;
3282 }
3283 /* Check if the child is the one we are looking for */
3284 if (znode->zbranch[n].lnum == lnum && znode->zbranch[n].offs == offs)
3285 return get_znode(c, znode, n);
3286 /* If the key is unique, there is nowhere else to look */
3287 if (!is_hash_key(c, key))
3288 return NULL;
3289 /*
3290 * The key is not unique and so may be also in the znodes to either
3291 * side.
3292 */
3293 zn = znode;
3294 nn = n;
3295 /* Look left */
3296 while (1) {
3297 /* Move one branch to the left */
3298 if (n)
3299 n -= 1;
3300 else {
3301 znode = left_znode(c, znode);
3302 if (!znode)
3303 break;
3304 if (IS_ERR(znode))
3305 return znode;
3306 n = znode->child_cnt - 1;
3307 }
3308 /* Check it */
3309 if (znode->zbranch[n].lnum == lnum &&
3310 znode->zbranch[n].offs == offs)
3311 return get_znode(c, znode, n);
3312 /* Stop if the key is less than the one we are looking for */
3313 if (keys_cmp(c, &znode->zbranch[n].key, key) < 0)
3314 break;
3315 }
3316 /* Back to the middle */
3317 znode = zn;
3318 n = nn;
3319 /* Look right */
3320 while (1) {
3321 /* Move one branch to the right */
3322 if (++n >= znode->child_cnt) {
3323 znode = right_znode(c, znode);
3324 if (!znode)
3325 break;
3326 if (IS_ERR(znode))
3327 return znode;
3328 n = 0;
3329 }
3330 /* Check it */
3331 if (znode->zbranch[n].lnum == lnum &&
3332 znode->zbranch[n].offs == offs)
3333 return get_znode(c, znode, n);
3334 /* Stop if the key is greater than the one we are looking for */
3335 if (keys_cmp(c, &znode->zbranch[n].key, key) > 0)
3336 break;
3337 }
3338 return NULL;
3339 }
3340
3341 /**
3342 * is_idx_node_in_tnc - determine if an index node is in the TNC.
3343 * @c: UBIFS file-system description object
3344 * @key: key of index node
3345 * @level: index node level
3346 * @lnum: LEB number of index node
3347 * @offs: offset of index node
3348 *
3349 * This function returns %0 if the index node is not referred to in the TNC, %1
3350 * if the index node is referred to in the TNC and the corresponding znode is
3351 * dirty, %2 if an index node is referred to in the TNC and the corresponding
3352 * znode is clean, and a negative error code in case of failure.
3353 *
3354 * Note, the @key argument has to be the key of the first child. Also note,
3355 * this function relies on the fact that 0:0 is never a valid LEB number and
3356 * offset for a main-area node.
3357 */
is_idx_node_in_tnc(struct ubifs_info * c,union ubifs_key * key,int level,int lnum,int offs)3358 int is_idx_node_in_tnc(struct ubifs_info *c, union ubifs_key *key, int level,
3359 int lnum, int offs)
3360 {
3361 struct ubifs_znode *znode;
3362
3363 znode = lookup_znode(c, key, level, lnum, offs);
3364 if (!znode)
3365 return 0;
3366 if (IS_ERR(znode))
3367 return PTR_ERR(znode);
3368
3369 return ubifs_zn_dirty(znode) ? 1 : 2;
3370 }
3371
3372 /**
3373 * is_leaf_node_in_tnc - determine if a non-indexing not is in the TNC.
3374 * @c: UBIFS file-system description object
3375 * @key: node key
3376 * @lnum: node LEB number
3377 * @offs: node offset
3378 *
3379 * This function returns %1 if the node is referred to in the TNC, %0 if it is
3380 * not, and a negative error code in case of failure.
3381 *
3382 * Note, this function relies on the fact that 0:0 is never a valid LEB number
3383 * and offset for a main-area node.
3384 */
is_leaf_node_in_tnc(struct ubifs_info * c,union ubifs_key * key,int lnum,int offs)3385 static int is_leaf_node_in_tnc(struct ubifs_info *c, union ubifs_key *key,
3386 int lnum, int offs)
3387 {
3388 struct ubifs_zbranch *zbr;
3389 struct ubifs_znode *znode, *zn;
3390 int n, found, err, nn;
3391 const int unique = !is_hash_key(c, key);
3392
3393 found = ubifs_lookup_level0(c, key, &znode, &n);
3394 if (found < 0)
3395 return found; /* Error code */
3396 if (!found)
3397 return 0;
3398 zbr = &znode->zbranch[n];
3399 if (lnum == zbr->lnum && offs == zbr->offs)
3400 return 1; /* Found it */
3401 if (unique)
3402 return 0;
3403 /*
3404 * Because the key is not unique, we have to look left
3405 * and right as well
3406 */
3407 zn = znode;
3408 nn = n;
3409 /* Look left */
3410 while (1) {
3411 err = tnc_prev(c, &znode, &n);
3412 if (err == -ENOENT)
3413 break;
3414 if (err)
3415 return err;
3416 if (keys_cmp(c, key, &znode->zbranch[n].key))
3417 break;
3418 zbr = &znode->zbranch[n];
3419 if (lnum == zbr->lnum && offs == zbr->offs)
3420 return 1; /* Found it */
3421 }
3422 /* Look right */
3423 znode = zn;
3424 n = nn;
3425 while (1) {
3426 err = tnc_next(c, &znode, &n);
3427 if (err) {
3428 if (err == -ENOENT)
3429 return 0;
3430 return err;
3431 }
3432 if (keys_cmp(c, key, &znode->zbranch[n].key))
3433 break;
3434 zbr = &znode->zbranch[n];
3435 if (lnum == zbr->lnum && offs == zbr->offs)
3436 return 1; /* Found it */
3437 }
3438 return 0;
3439 }
3440
3441 /**
3442 * ubifs_tnc_has_node - determine whether a node is in the TNC.
3443 * @c: UBIFS file-system description object
3444 * @key: node key
3445 * @level: index node level (if it is an index node)
3446 * @lnum: node LEB number
3447 * @offs: node offset
3448 * @is_idx: non-zero if the node is an index node
3449 *
3450 * This function returns %1 if the node is in the TNC, %0 if it is not, and a
3451 * negative error code in case of failure. For index nodes, @key has to be the
3452 * key of the first child. An index node is considered to be in the TNC only if
3453 * the corresponding znode is clean or has not been loaded.
3454 */
ubifs_tnc_has_node(struct ubifs_info * c,union ubifs_key * key,int level,int lnum,int offs,int is_idx)3455 int ubifs_tnc_has_node(struct ubifs_info *c, union ubifs_key *key, int level,
3456 int lnum, int offs, int is_idx)
3457 {
3458 int err;
3459
3460 mutex_lock(&c->tnc_mutex);
3461 if (is_idx) {
3462 err = is_idx_node_in_tnc(c, key, level, lnum, offs);
3463 if (err < 0)
3464 goto out_unlock;
3465 if (err == 1)
3466 /* The index node was found but it was dirty */
3467 err = 0;
3468 else if (err == 2)
3469 /* The index node was found and it was clean */
3470 err = 1;
3471 else
3472 BUG_ON(err != 0);
3473 } else
3474 err = is_leaf_node_in_tnc(c, key, lnum, offs);
3475
3476 out_unlock:
3477 mutex_unlock(&c->tnc_mutex);
3478 return err;
3479 }
3480
3481 /**
3482 * ubifs_dirty_idx_node - dirty an index node.
3483 * @c: UBIFS file-system description object
3484 * @key: index node key
3485 * @level: index node level
3486 * @lnum: index node LEB number
3487 * @offs: index node offset
3488 *
3489 * This function loads and dirties an index node so that it can be garbage
3490 * collected. The @key argument has to be the key of the first child. This
3491 * function relies on the fact that 0:0 is never a valid LEB number and offset
3492 * for a main-area node. Returns %0 on success and a negative error code on
3493 * failure.
3494 */
ubifs_dirty_idx_node(struct ubifs_info * c,union ubifs_key * key,int level,int lnum,int offs)3495 int ubifs_dirty_idx_node(struct ubifs_info *c, union ubifs_key *key, int level,
3496 int lnum, int offs)
3497 {
3498 struct ubifs_znode *znode;
3499 int err = 0;
3500
3501 mutex_lock(&c->tnc_mutex);
3502 znode = lookup_znode(c, key, level, lnum, offs);
3503 if (!znode)
3504 goto out_unlock;
3505 if (IS_ERR(znode)) {
3506 err = PTR_ERR(znode);
3507 goto out_unlock;
3508 }
3509 znode = dirty_cow_bottom_up(c, znode);
3510 if (IS_ERR(znode)) {
3511 err = PTR_ERR(znode);
3512 goto out_unlock;
3513 }
3514
3515 out_unlock:
3516 mutex_unlock(&c->tnc_mutex);
3517 return err;
3518 }
3519
3520 /**
3521 * dbg_check_inode_size - check if inode size is correct.
3522 * @c: UBIFS file-system description object
3523 * @inode: inode to check
3524 * @size: inode size
3525 *
3526 * This function makes sure that the inode size (@size) is correct and it does
3527 * not have any pages beyond @size. Returns zero if the inode is OK, %-EINVAL
3528 * if it has a data page beyond @size, and other negative error code in case of
3529 * other errors.
3530 */
dbg_check_inode_size(struct ubifs_info * c,const struct inode * inode,loff_t size)3531 int dbg_check_inode_size(struct ubifs_info *c, const struct inode *inode,
3532 loff_t size)
3533 {
3534 int err, n;
3535 union ubifs_key from_key, to_key, *key;
3536 struct ubifs_znode *znode;
3537 unsigned int block;
3538
3539 if (!S_ISREG(inode->i_mode))
3540 return 0;
3541 if (!dbg_is_chk_gen(c))
3542 return 0;
3543
3544 block = (size + UBIFS_BLOCK_SIZE - 1) >> UBIFS_BLOCK_SHIFT;
3545 data_key_init(c, &from_key, inode->i_ino, block);
3546 highest_data_key(c, &to_key, inode->i_ino);
3547
3548 mutex_lock(&c->tnc_mutex);
3549 err = ubifs_lookup_level0(c, &from_key, &znode, &n);
3550 if (err < 0)
3551 goto out_unlock;
3552
3553 if (err) {
3554 key = &from_key;
3555 goto out_dump;
3556 }
3557
3558 err = tnc_next(c, &znode, &n);
3559 if (err == -ENOENT) {
3560 err = 0;
3561 goto out_unlock;
3562 }
3563 if (err < 0)
3564 goto out_unlock;
3565
3566 ubifs_assert(c, err == 0);
3567 key = &znode->zbranch[n].key;
3568 if (!key_in_range(c, key, &from_key, &to_key))
3569 goto out_unlock;
3570
3571 out_dump:
3572 block = key_block(c, key);
3573 ubifs_err(c, "inode %lu has size %lld, but there are data at offset %lld",
3574 (unsigned long)inode->i_ino, size,
3575 ((loff_t)block) << UBIFS_BLOCK_SHIFT);
3576 mutex_unlock(&c->tnc_mutex);
3577 ubifs_dump_inode(c, inode);
3578 dump_stack();
3579 return -EINVAL;
3580
3581 out_unlock:
3582 mutex_unlock(&c->tnc_mutex);
3583 return err;
3584 }
3585