1	// SPDX-License-Identifier: GPL-2.0
2	/*
3	*
4	* Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved.
5	*
6	*/
7
8	#include <linux/blkdev.h>
9	#include <linux/buffer_head.h>
10	#include <linux/fs.h>
11	#include <linux/kernel.h>
12	#include <linux/nls.h>
13
14	#include "debug.h"
15	#include "ntfs.h"
16	#include "ntfs_fs.h"
17
18	// clang-format off
19	const struct cpu_str NAME_MFT = {
20	4, 0, { '$', 'M', 'F', 'T' },
21	};
22	const struct cpu_str NAME_MIRROR = {
23	8, 0, { '$', 'M', 'F', 'T', 'M', 'i', 'r', 'r' },
24	};
25	const struct cpu_str NAME_LOGFILE = {
26	8, 0, { '$', 'L', 'o', 'g', 'F', 'i', 'l', 'e' },
27	};
28	const struct cpu_str NAME_VOLUME = {
29	7, 0, { '$', 'V', 'o', 'l', 'u', 'm', 'e' },
30	};
31	const struct cpu_str NAME_ATTRDEF = {
32	8, 0, { '$', 'A', 't', 't', 'r', 'D', 'e', 'f' },
33	};
34	const struct cpu_str NAME_ROOT = {
35	1, 0, { '.' },
36	};
37	const struct cpu_str NAME_BITMAP = {
38	7, 0, { '$', 'B', 'i', 't', 'm', 'a', 'p' },
39	};
40	const struct cpu_str NAME_BOOT = {
41	5, 0, { '$', 'B', 'o', 'o', 't' },
42	};
43	const struct cpu_str NAME_BADCLUS = {
44	8, 0, { '$', 'B', 'a', 'd', 'C', 'l', 'u', 's' },
45	};
46	const struct cpu_str NAME_QUOTA = {
47	6, 0, { '$', 'Q', 'u', 'o', 't', 'a' },
48	};
49	const struct cpu_str NAME_SECURE = {
50	7, 0, { '$', 'S', 'e', 'c', 'u', 'r', 'e' },
51	};
52	const struct cpu_str NAME_UPCASE = {
53	7, 0, { '$', 'U', 'p', 'C', 'a', 's', 'e' },
54	};
55	const struct cpu_str NAME_EXTEND = {
56	7, 0, { '$', 'E', 'x', 't', 'e', 'n', 'd' },
57	};
58	const struct cpu_str NAME_OBJID = {
59	6, 0, { '$', 'O', 'b', 'j', 'I', 'd' },
60	};
61	const struct cpu_str NAME_REPARSE = {
62	8, 0, { '$', 'R', 'e', 'p', 'a', 'r', 's', 'e' },
63	};
64	const struct cpu_str NAME_USNJRNL = {
65	8, 0, { '$', 'U', 's', 'n', 'J', 'r', 'n', 'l' },
66	};
67	const __le16 BAD_NAME[4] = {
68	cpu_to_le16('$'), cpu_to_le16('B'), cpu_to_le16('a'), cpu_to_le16('d'),
69	};
70	const __le16 I30_NAME[4] = {
71	cpu_to_le16('$'), cpu_to_le16('I'), cpu_to_le16('3'), cpu_to_le16('0'),
72	};
73	const __le16 SII_NAME[4] = {
74	cpu_to_le16('$'), cpu_to_le16('S'), cpu_to_le16('I'), cpu_to_le16('I'),
75	};
76	const __le16 SDH_NAME[4] = {
77	cpu_to_le16('$'), cpu_to_le16('S'), cpu_to_le16('D'), cpu_to_le16('H'),
78	};
79	const __le16 SDS_NAME[4] = {
80	cpu_to_le16('$'), cpu_to_le16('S'), cpu_to_le16('D'), cpu_to_le16('S'),
81	};
82	const __le16 SO_NAME[2] = {
83	cpu_to_le16('$'), cpu_to_le16('O'),
84	};
85	const __le16 SQ_NAME[2] = {
86	cpu_to_le16('$'), cpu_to_le16('Q'),
87	};
88	const __le16 SR_NAME[2] = {
89	cpu_to_le16('$'), cpu_to_le16('R'),
90	};
91
92	#ifdef CONFIG_NTFS3_LZX_XPRESS
93	const __le16 WOF_NAME[17] = {
94	cpu_to_le16('W'), cpu_to_le16('o'), cpu_to_le16('f'), cpu_to_le16('C'),
95	cpu_to_le16('o'), cpu_to_le16('m'), cpu_to_le16('p'), cpu_to_le16('r'),
96	cpu_to_le16('e'), cpu_to_le16('s'), cpu_to_le16('s'), cpu_to_le16('e'),
97	cpu_to_le16('d'), cpu_to_le16('D'), cpu_to_le16('a'), cpu_to_le16('t'),
98	cpu_to_le16('a'),
99	};
100	#endif
101
102	static const __le16 CON_NAME[3] = {
103	cpu_to_le16('C'), cpu_to_le16('O'), cpu_to_le16('N'),
104	};
105
106	static const __le16 NUL_NAME[3] = {
107	cpu_to_le16('N'), cpu_to_le16('U'), cpu_to_le16('L'),
108	};
109
110	static const __le16 AUX_NAME[3] = {
111	cpu_to_le16('A'), cpu_to_le16('U'), cpu_to_le16('X'),
112	};
113
114	static const __le16 PRN_NAME[3] = {
115	cpu_to_le16('P'), cpu_to_le16('R'), cpu_to_le16('N'),
116	};
117
118	static const __le16 COM_NAME[3] = {
119	cpu_to_le16('C'), cpu_to_le16('O'), cpu_to_le16('M'),
120	};
121
122	static const __le16 LPT_NAME[3] = {
123	cpu_to_le16('L'), cpu_to_le16('P'), cpu_to_le16('T'),
124	};
125
126	// clang-format on
127
128	/*
129	* ntfs_fix_pre_write - Insert fixups into @rhdr before writing to disk.
130	*/
131	bool ntfs_fix_pre_write(struct NTFS_RECORD_HEADER *rhdr, size_t bytes)
132	{
133	u16 *fixup, *ptr;
134	u16 sample;
135	u16 fo = le16_to_cpu(rhdr->fix_off);
136	u16 fn = le16_to_cpu(rhdr->fix_num);
137
138	if ((fo & 1) || fo + fn * sizeof(short) > SECTOR_SIZE || !fn-- ||
139	fn * SECTOR_SIZE > bytes) {
140	return false;
141	}
142
143	/* Get fixup pointer. */
144	fixup = Add2Ptr(rhdr, fo);
145
146	if (*fixup >= 0x7FFF)
147	*fixup = 1;
148	else
149	*fixup += 1;
150
151	sample = *fixup;
152
153	ptr = Add2Ptr(rhdr, SECTOR_SIZE - sizeof(short));
154
155	while (fn--) {
156	*++fixup = *ptr;
157	*ptr = sample;
158	ptr += SECTOR_SIZE / sizeof(short);
159	}
160	return true;
161	}
162
163	/*
164	* ntfs_fix_post_read - Remove fixups after reading from disk.
165	*
166	* Return: < 0 if error, 0 if ok, 1 if need to update fixups.
167	*/
168	int ntfs_fix_post_read(struct NTFS_RECORD_HEADER *rhdr, size_t bytes,
169	bool simple)
170	{
171	int ret;
172	u16 *fixup, *ptr;
173	u16 sample, fo, fn;
174
175	fo = le16_to_cpu(rhdr->fix_off);
176	fn = simple ? ((bytes >> SECTOR_SHIFT) + 1) :
177	le16_to_cpu(rhdr->fix_num);
178
179	/* Check errors. */
180	if ((fo & 1) || fo + fn * sizeof(short) > SECTOR_SIZE || !fn-- ||
181	fn * SECTOR_SIZE > bytes) {
182	return -E_NTFS_CORRUPT;
183	}
184
185	/* Get fixup pointer. */
186	fixup = Add2Ptr(rhdr, fo);
187	sample = *fixup;
188	ptr = Add2Ptr(rhdr, SECTOR_SIZE - sizeof(short));
189	ret = 0;
190
191	while (fn--) {
192	/* Test current word. */
193	if (*ptr != sample) {
194	/* Fixup does not match! Is it serious error? */
195	ret = -E_NTFS_FIXUP;
196	}
197
198	/* Replace fixup. */
199	*ptr = *++fixup;
200	ptr += SECTOR_SIZE / sizeof(short);
201	}
202
203	return ret;
204	}
205
206	/*
207	* ntfs_extend_init - Load $Extend file.
208	*/
209	int ntfs_extend_init(struct ntfs_sb_info *sbi)
210	{
211	int err;
212	struct super_block *sb = sbi->sb;
213	struct inode *inode, *inode2;
214	struct MFT_REF ref;
215
216	if (sbi->volume.major_ver < 3) {
217	ntfs_notice(sb, "Skip $Extend 'cause NTFS version");
218	return 0;
219	}
220
221	ref.low = cpu_to_le32(MFT_REC_EXTEND);
222	ref.high = 0;
223	ref.seq = cpu_to_le16(MFT_REC_EXTEND);
224	inode = ntfs_iget5(sb, ref: &ref, name: &NAME_EXTEND);
225	if (IS_ERR(ptr: inode)) {
226	err = PTR_ERR(ptr: inode);
227	ntfs_err(sb, "Failed to load $Extend (%d).", err);
228	inode = NULL;
229	goto out;
230	}
231
232	/* If ntfs_iget5() reads from disk it never returns bad inode. */
233	if (!S_ISDIR(inode->i_mode)) {
234	err = -EINVAL;
235	goto out;
236	}
237
238	/* Try to find $ObjId */
239	inode2 = dir_search_u(dir: inode, uni: &NAME_OBJID, NULL);
240	if (inode2 && !IS_ERR(ptr: inode2)) {
241	if (is_bad_inode(inode2)) {
242	iput(inode2);
243	} else {
244	sbi->objid.ni = ntfs_i(inode: inode2);
245	sbi->objid_no = inode2->i_ino;
246	}
247	}
248
249	/* Try to find $Quota */
250	inode2 = dir_search_u(dir: inode, uni: &NAME_QUOTA, NULL);
251	if (inode2 && !IS_ERR(ptr: inode2)) {
252	sbi->quota_no = inode2->i_ino;
253	iput(inode2);
254	}
255
256	/* Try to find $Reparse */
257	inode2 = dir_search_u(dir: inode, uni: &NAME_REPARSE, NULL);
258	if (inode2 && !IS_ERR(ptr: inode2)) {
259	sbi->reparse.ni = ntfs_i(inode: inode2);
260	sbi->reparse_no = inode2->i_ino;
261	}
262
263	/* Try to find $UsnJrnl */
264	inode2 = dir_search_u(dir: inode, uni: &NAME_USNJRNL, NULL);
265	if (inode2 && !IS_ERR(ptr: inode2)) {
266	sbi->usn_jrnl_no = inode2->i_ino;
267	iput(inode2);
268	}
269
270	err = 0;
271	out:
272	iput(inode);
273	return err;
274	}
275
276	int ntfs_loadlog_and_replay(struct ntfs_inode *ni, struct ntfs_sb_info *sbi)
277	{
278	int err = 0;
279	struct super_block *sb = sbi->sb;
280	bool initialized = false;
281	struct MFT_REF ref;
282	struct inode *inode;
283
284	/* Check for 4GB. */
285	if (ni->vfs_inode.i_size >= 0x100000000ull) {
286	ntfs_err(sb, "\x24LogFile is large than 4G.");
287	err = -EINVAL;
288	goto out;
289	}
290
291	sbi->flags |= NTFS_FLAGS_LOG_REPLAYING;
292
293	ref.low = cpu_to_le32(MFT_REC_MFT);
294	ref.high = 0;
295	ref.seq = cpu_to_le16(1);
296
297	inode = ntfs_iget5(sb, ref: &ref, NULL);
298
299	if (IS_ERR(ptr: inode))
300	inode = NULL;
301
302	if (!inode) {
303	/* Try to use MFT copy. */
304	u64 t64 = sbi->mft.lbo;
305
306	sbi->mft.lbo = sbi->mft.lbo2;
307	inode = ntfs_iget5(sb, ref: &ref, NULL);
308	sbi->mft.lbo = t64;
309	if (IS_ERR(ptr: inode))
310	inode = NULL;
311	}
312
313	if (!inode) {
314	err = -EINVAL;
315	ntfs_err(sb, "Failed to load $MFT.");
316	goto out;
317	}
318
319	sbi->mft.ni = ntfs_i(inode);
320
321	/* LogFile should not contains attribute list. */
322	err = ni_load_all_mi(ni: sbi->mft.ni);
323	if (!err)
324	err = log_replay(ni, initialized: &initialized);
325
326	iput(inode);
327	sbi->mft.ni = NULL;
328
329	sync_blockdev(bdev: sb->s_bdev);
330	invalidate_bdev(bdev: sb->s_bdev);
331
332	if (sbi->flags & NTFS_FLAGS_NEED_REPLAY) {
333	err = 0;
334	goto out;
335	}
336
337	if (sb_rdonly(sb) || !initialized)
338	goto out;
339
340	/* Fill LogFile by '-1' if it is initialized. */
341	err = ntfs_bio_fill_1(sbi, run: &ni->file.run);
342
343	out:
344	sbi->flags &= ~NTFS_FLAGS_LOG_REPLAYING;
345
346	return err;
347	}
348
349	/*
350	* ntfs_look_for_free_space - Look for a free space in bitmap.
351	*/
352	int ntfs_look_for_free_space(struct ntfs_sb_info *sbi, CLST lcn, CLST len,
353	CLST *new_lcn, CLST *new_len,
354	enum ALLOCATE_OPT opt)
355	{
356	int err;
357	CLST alen;
358	struct super_block *sb = sbi->sb;
359	size_t alcn, zlen, zeroes, zlcn, zlen2, ztrim, new_zlen;
360	struct wnd_bitmap *wnd = &sbi->used.bitmap;
361
362	down_write_nested(sem: &wnd->rw_lock, subclass: BITMAP_MUTEX_CLUSTERS);
363	if (opt & ALLOCATE_MFT) {
364	zlen = wnd_zone_len(wnd);
365
366	if (!zlen) {
367	err = ntfs_refresh_zone(sbi);
368	if (err)
369	goto up_write;
370
371	zlen = wnd_zone_len(wnd);
372	}
373
374	if (!zlen) {
375	ntfs_err(sbi->sb, "no free space to extend mft");
376	err = -ENOSPC;
377	goto up_write;
378	}
379
380	lcn = wnd_zone_bit(wnd);
381	alen = min_t(CLST, len, zlen);
382
383	wnd_zone_set(wnd, Lcn: lcn + alen, Len: zlen - alen);
384
385	err = wnd_set_used(wnd, bit: lcn, bits: alen);
386	if (err)
387	goto up_write;
388
389	alcn = lcn;
390	goto space_found;
391	}
392	/*
393	* 'Cause cluster 0 is always used this value means that we should use
394	* cached value of 'next_free_lcn' to improve performance.
395	*/
396	if (!lcn)
397	lcn = sbi->used.next_free_lcn;
398
399	if (lcn >= wnd->nbits)
400	lcn = 0;
401
402	alen = wnd_find(wnd, to_alloc: len, hint: lcn, BITMAP_FIND_MARK_AS_USED, allocated: &alcn);
403	if (alen)
404	goto space_found;
405
406	/* Try to use clusters from MftZone. */
407	zlen = wnd_zone_len(wnd);
408	zeroes = wnd_zeroes(wnd);
409
410	/* Check too big request */
411	if (len > zeroes + zlen || zlen <= NTFS_MIN_MFT_ZONE) {
412	err = -ENOSPC;
413	goto up_write;
414	}
415
416	/* How many clusters to cat from zone. */
417	zlcn = wnd_zone_bit(wnd);
418	zlen2 = zlen >> 1;
419	ztrim = clamp_val(len, zlen2, zlen);
420	new_zlen = max_t(size_t, zlen - ztrim, NTFS_MIN_MFT_ZONE);
421
422	wnd_zone_set(wnd, Lcn: zlcn, Len: new_zlen);
423
424	/* Allocate continues clusters. */
425	alen = wnd_find(wnd, to_alloc: len, hint: 0,
426	BITMAP_FIND_MARK_AS_USED | BITMAP_FIND_FULL, allocated: &alcn);
427	if (!alen) {
428	err = -ENOSPC;
429	goto up_write;
430	}
431
432	space_found:
433	err = 0;
434	*new_len = alen;
435	*new_lcn = alcn;
436
437	ntfs_unmap_meta(sb, lcn: alcn, len: alen);
438
439	/* Set hint for next requests. */
440	if (!(opt & ALLOCATE_MFT))
441	sbi->used.next_free_lcn = alcn + alen;
442	up_write:
443	up_write(sem: &wnd->rw_lock);
444	return err;
445	}
446
447	/*
448	* ntfs_check_for_free_space
449	*
450	* Check if it is possible to allocate 'clen' clusters and 'mlen' Mft records
451	*/
452	bool ntfs_check_for_free_space(struct ntfs_sb_info *sbi, CLST clen, CLST mlen)
453	{
454	size_t free, zlen, avail;
455	struct wnd_bitmap *wnd;
456
457	wnd = &sbi->used.bitmap;
458	down_read_nested(sem: &wnd->rw_lock, subclass: BITMAP_MUTEX_CLUSTERS);
459	free = wnd_zeroes(wnd);
460	zlen = min_t(size_t, NTFS_MIN_MFT_ZONE, wnd_zone_len(wnd));
461	up_read(sem: &wnd->rw_lock);
462
463	if (free < zlen + clen)
464	return false;
465
466	avail = free - (zlen + clen);
467
468	wnd = &sbi->mft.bitmap;
469	down_read_nested(sem: &wnd->rw_lock, subclass: BITMAP_MUTEX_MFT);
470	free = wnd_zeroes(wnd);
471	zlen = wnd_zone_len(wnd);
472	up_read(sem: &wnd->rw_lock);
473
474	if (free >= zlen + mlen)
475	return true;
476
477	return avail >= bytes_to_cluster(sbi, size: mlen << sbi->record_bits);
478	}
479
480	/*
481	* ntfs_extend_mft - Allocate additional MFT records.
482	*
483	* sbi->mft.bitmap is locked for write.
484	*
485	* NOTE: recursive:
486	* ntfs_look_free_mft ->
487	* ntfs_extend_mft ->
488	* attr_set_size ->
489	* ni_insert_nonresident ->
490	* ni_insert_attr ->
491	* ni_ins_attr_ext ->
492	* ntfs_look_free_mft ->
493	* ntfs_extend_mft
494	*
495	* To avoid recursive always allocate space for two new MFT records
496	* see attrib.c: "at least two MFT to avoid recursive loop".
497	*/
498	static int ntfs_extend_mft(struct ntfs_sb_info *sbi)
499	{
500	int err;
501	struct ntfs_inode *ni = sbi->mft.ni;
502	size_t new_mft_total;
503	u64 new_mft_bytes, new_bitmap_bytes;
504	struct ATTRIB *attr;
505	struct wnd_bitmap *wnd = &sbi->mft.bitmap;
506
507	new_mft_total = ALIGN(wnd->nbits + NTFS_MFT_INCREASE_STEP, 128);
508	new_mft_bytes = (u64)new_mft_total << sbi->record_bits;
509
510	/* Step 1: Resize $MFT::DATA. */
511	down_write(sem: &ni->file.run_lock);
512	err = attr_set_size(ni, type: ATTR_DATA, NULL, name_len: 0, run: &ni->file.run,
513	new_size: new_mft_bytes, NULL, keep_prealloc: false, ret: &attr);
514
515	if (err) {
516	up_write(sem: &ni->file.run_lock);
517	goto out;
518	}
519
520	attr->nres.valid_size = attr->nres.data_size;
521	new_mft_total = le64_to_cpu(attr->nres.alloc_size) >> sbi->record_bits;
522	ni->mi.dirty = true;
523
524	/* Step 2: Resize $MFT::BITMAP. */
525	new_bitmap_bytes = bitmap_size(bits: new_mft_total);
526
527	err = attr_set_size(ni, type: ATTR_BITMAP, NULL, name_len: 0, run: &sbi->mft.bitmap.run,
528	new_size: new_bitmap_bytes, new_valid: &new_bitmap_bytes, keep_prealloc: true, NULL);
529
530	/* Refresh MFT Zone if necessary. */
531	down_write_nested(sem: &sbi->used.bitmap.rw_lock, subclass: BITMAP_MUTEX_CLUSTERS);
532
533	ntfs_refresh_zone(sbi);
534
535	up_write(sem: &sbi->used.bitmap.rw_lock);
536	up_write(sem: &ni->file.run_lock);
537
538	if (err)
539	goto out;
540
541	err = wnd_extend(wnd, new_bits: new_mft_total);
542
543	if (err)
544	goto out;
545
546	ntfs_clear_mft_tail(sbi, from: sbi->mft.used, to: new_mft_total);
547
548	err = _ni_write_inode(&ni->vfs_inode, 0);
549	out:
550	return err;
551	}
552
553	/*
554	* ntfs_look_free_mft - Look for a free MFT record.
555	*/
556	int ntfs_look_free_mft(struct ntfs_sb_info *sbi, CLST *rno, bool mft,
557	struct ntfs_inode *ni, struct mft_inode **mi)
558	{
559	int err = 0;
560	size_t zbit, zlen, from, to, fr;
561	size_t mft_total;
562	struct MFT_REF ref;
563	struct super_block *sb = sbi->sb;
564	struct wnd_bitmap *wnd = &sbi->mft.bitmap;
565	u32 ir;
566
567	static_assert(sizeof(sbi->mft.reserved_bitmap) * 8 >=
568	MFT_REC_FREE - MFT_REC_RESERVED);
569
570	if (!mft)
571	down_write_nested(sem: &wnd->rw_lock, subclass: BITMAP_MUTEX_MFT);
572
573	zlen = wnd_zone_len(wnd);
574
575	/* Always reserve space for MFT. */
576	if (zlen) {
577	if (mft) {
578	zbit = wnd_zone_bit(wnd);
579	*rno = zbit;
580	wnd_zone_set(wnd, Lcn: zbit + 1, Len: zlen - 1);
581	}
582	goto found;
583	}
584
585	/* No MFT zone. Find the nearest to '0' free MFT. */
586	if (!wnd_find(wnd, to_alloc: 1, hint: MFT_REC_FREE, flags: 0, allocated: &zbit)) {
587	/* Resize MFT */
588	mft_total = wnd->nbits;
589
590	err = ntfs_extend_mft(sbi);
591	if (!err) {
592	zbit = mft_total;
593	goto reserve_mft;
594	}
595
596	if (!mft || MFT_REC_FREE == sbi->mft.next_reserved)
597	goto out;
598
599	err = 0;
600
601	/*
602	* Look for free record reserved area [11-16) ==
603	* [MFT_REC_RESERVED, MFT_REC_FREE ) MFT bitmap always
604	* marks it as used.
605	*/
606	if (!sbi->mft.reserved_bitmap) {
607	/* Once per session create internal bitmap for 5 bits. */
608	sbi->mft.reserved_bitmap = 0xFF;
609
610	ref.high = 0;
611	for (ir = MFT_REC_RESERVED; ir < MFT_REC_FREE; ir++) {
612	struct inode *i;
613	struct ntfs_inode *ni;
614	struct MFT_REC *mrec;
615
616	ref.low = cpu_to_le32(ir);
617	ref.seq = cpu_to_le16(ir);
618
619	i = ntfs_iget5(sb, ref: &ref, NULL);
620	if (IS_ERR(ptr: i)) {
621	next:
622	ntfs_notice(
623	sb,
624	"Invalid reserved record %x",
625	ref.low);
626	continue;
627	}
628	if (is_bad_inode(i)) {
629	iput(i);
630	goto next;
631	}
632
633	ni = ntfs_i(inode: i);
634
635	mrec = ni->mi.mrec;
636
637	if (!is_rec_base(rec: mrec))
638	goto next;
639
640	if (mrec->hard_links)
641	goto next;
642
643	if (!ni_std(ni))
644	goto next;
645
646	if (ni_find_attr(ni, NULL, NULL, type: ATTR_NAME,
647	NULL, name_len: 0, NULL, NULL))
648	goto next;
649
650	__clear_bit(ir - MFT_REC_RESERVED,
651	&sbi->mft.reserved_bitmap);
652	}
653	}
654
655	/* Scan 5 bits for zero. Bit 0 == MFT_REC_RESERVED */
656	zbit = find_next_zero_bit(addr: &sbi->mft.reserved_bitmap,
657	size: MFT_REC_FREE, offset: MFT_REC_RESERVED);
658	if (zbit >= MFT_REC_FREE) {
659	sbi->mft.next_reserved = MFT_REC_FREE;
660	goto out;
661	}
662
663	zlen = 1;
664	sbi->mft.next_reserved = zbit;
665	} else {
666	reserve_mft:
667	zlen = zbit == MFT_REC_FREE ? (MFT_REC_USER - MFT_REC_FREE) : 4;
668	if (zbit + zlen > wnd->nbits)
669	zlen = wnd->nbits - zbit;
670
671	while (zlen > 1 && !wnd_is_free(wnd, bit: zbit, bits: zlen))
672	zlen -= 1;
673
674	/* [zbit, zbit + zlen) will be used for MFT itself. */
675	from = sbi->mft.used;
676	if (from < zbit)
677	from = zbit;
678	to = zbit + zlen;
679	if (from < to) {
680	ntfs_clear_mft_tail(sbi, from, to);
681	sbi->mft.used = to;
682	}
683	}
684
685	if (mft) {
686	*rno = zbit;
687	zbit += 1;
688	zlen -= 1;
689	}
690
691	wnd_zone_set(wnd, Lcn: zbit, Len: zlen);
692
693	found:
694	if (!mft) {
695	/* The request to get record for general purpose. */
696	if (sbi->mft.next_free < MFT_REC_USER)
697	sbi->mft.next_free = MFT_REC_USER;
698
699	for (;;) {
700	if (sbi->mft.next_free >= sbi->mft.bitmap.nbits) {
701	} else if (!wnd_find(wnd, to_alloc: 1, hint: MFT_REC_USER, flags: 0, allocated: &fr)) {
702	sbi->mft.next_free = sbi->mft.bitmap.nbits;
703	} else {
704	*rno = fr;
705	sbi->mft.next_free = *rno + 1;
706	break;
707	}
708
709	err = ntfs_extend_mft(sbi);
710	if (err)
711	goto out;
712	}
713	}
714
715	if (ni && !ni_add_subrecord(ni, rno: *rno, mi)) {
716	err = -ENOMEM;
717	goto out;
718	}
719
720	/* We have found a record that are not reserved for next MFT. */
721	if (*rno >= MFT_REC_FREE)
722	wnd_set_used(wnd, bit: *rno, bits: 1);
723	else if (*rno >= MFT_REC_RESERVED && sbi->mft.reserved_bitmap_inited)
724	__set_bit(*rno - MFT_REC_RESERVED, &sbi->mft.reserved_bitmap);
725
726	out:
727	if (!mft)
728	up_write(sem: &wnd->rw_lock);
729
730	return err;
731	}
732
733	/*
734	* ntfs_mark_rec_free - Mark record as free.
735	* is_mft - true if we are changing MFT
736	*/
737	void ntfs_mark_rec_free(struct ntfs_sb_info *sbi, CLST rno, bool is_mft)
738	{
739	struct wnd_bitmap *wnd = &sbi->mft.bitmap;
740
741	if (!is_mft)
742	down_write_nested(sem: &wnd->rw_lock, subclass: BITMAP_MUTEX_MFT);
743	if (rno >= wnd->nbits)
744	goto out;
745
746	if (rno >= MFT_REC_FREE) {
747	if (!wnd_is_used(wnd, bit: rno, bits: 1))
748	ntfs_set_state(sbi, dirty: NTFS_DIRTY_ERROR);
749	else
750	wnd_set_free(wnd, bit: rno, bits: 1);
751	} else if (rno >= MFT_REC_RESERVED && sbi->mft.reserved_bitmap_inited) {
752	__clear_bit(rno - MFT_REC_RESERVED, &sbi->mft.reserved_bitmap);
753	}
754
755	if (rno < wnd_zone_bit(wnd))
756	wnd_zone_set(wnd, Lcn: rno, Len: 1);
757	else if (rno < sbi->mft.next_free && rno >= MFT_REC_USER)
758	sbi->mft.next_free = rno;
759
760	out:
761	if (!is_mft)
762	up_write(sem: &wnd->rw_lock);
763	}
764
765	/*
766	* ntfs_clear_mft_tail - Format empty records [from, to).
767	*
768	* sbi->mft.bitmap is locked for write.
769	*/
770	int ntfs_clear_mft_tail(struct ntfs_sb_info *sbi, size_t from, size_t to)
771	{
772	int err;
773	u32 rs;
774	u64 vbo;
775	struct runs_tree *run;
776	struct ntfs_inode *ni;
777
778	if (from >= to)
779	return 0;
780
781	rs = sbi->record_size;
782	ni = sbi->mft.ni;
783	run = &ni->file.run;
784
785	down_read(sem: &ni->file.run_lock);
786	vbo = (u64)from * rs;
787	for (; from < to; from++, vbo += rs) {
788	struct ntfs_buffers nb;
789
790	err = ntfs_get_bh(sbi, run, vbo, bytes: rs, nb: &nb);
791	if (err)
792	goto out;
793
794	err = ntfs_write_bh(sbi, rhdr: &sbi->new_rec->rhdr, nb: &nb, sync: 0);
795	nb_put(nb: &nb);
796	if (err)
797	goto out;
798	}
799
800	out:
801	sbi->mft.used = from;
802	up_read(sem: &ni->file.run_lock);
803	return err;
804	}
805
806	/*
807	* ntfs_refresh_zone - Refresh MFT zone.
808	*
809	* sbi->used.bitmap is locked for rw.
810	* sbi->mft.bitmap is locked for write.
811	* sbi->mft.ni->file.run_lock for write.
812	*/
813	int ntfs_refresh_zone(struct ntfs_sb_info *sbi)
814	{
815	CLST lcn, vcn, len;
816	size_t lcn_s, zlen;
817	struct wnd_bitmap *wnd = &sbi->used.bitmap;
818	struct ntfs_inode *ni = sbi->mft.ni;
819
820	/* Do not change anything unless we have non empty MFT zone. */
821	if (wnd_zone_len(wnd))
822	return 0;
823
824	vcn = bytes_to_cluster(sbi,
825	size: (u64)sbi->mft.bitmap.nbits << sbi->record_bits);
826
827	if (!run_lookup_entry(run: &ni->file.run, vcn: vcn - 1, lcn: &lcn, len: &len, NULL))
828	lcn = SPARSE_LCN;
829
830	/* We should always find Last Lcn for MFT. */
831	if (lcn == SPARSE_LCN)
832	return -EINVAL;
833
834	lcn_s = lcn + 1;
835
836	/* Try to allocate clusters after last MFT run. */
837	zlen = wnd_find(wnd, to_alloc: sbi->zone_max, hint: lcn_s, flags: 0, allocated: &lcn_s);
838	wnd_zone_set(wnd, Lcn: lcn_s, Len: zlen);
839
840	return 0;
841	}
842
843	/*
844	* ntfs_update_mftmirr - Update $MFTMirr data.
845	*/
846	void ntfs_update_mftmirr(struct ntfs_sb_info *sbi, int wait)
847	{
848	int err;
849	struct super_block *sb = sbi->sb;
850	u32 blocksize, bytes;
851	sector_t block1, block2;
852
853	/*
854	* sb can be NULL here. In this case sbi->flags should be 0 too.
855	*/
856	if (!sb || !(sbi->flags & NTFS_FLAGS_MFTMIRR) ||
857	unlikely(ntfs3_forced_shutdown(sb)))
858	return;
859
860	blocksize = sb->s_blocksize;
861	bytes = sbi->mft.recs_mirr << sbi->record_bits;
862	block1 = sbi->mft.lbo >> sb->s_blocksize_bits;
863	block2 = sbi->mft.lbo2 >> sb->s_blocksize_bits;
864
865	for (; bytes >= blocksize; bytes -= blocksize) {
866	struct buffer_head *bh1, *bh2;
867
868	bh1 = sb_bread(sb, block: block1++);
869	if (!bh1)
870	return;
871
872	bh2 = sb_getblk(sb, block: block2++);
873	if (!bh2) {
874	put_bh(bh: bh1);
875	return;
876	}
877
878	if (buffer_locked(bh: bh2))
879	__wait_on_buffer(bh2);
880
881	lock_buffer(bh: bh2);
882	memcpy(bh2->b_data, bh1->b_data, blocksize);
883	set_buffer_uptodate(bh2);
884	mark_buffer_dirty(bh: bh2);
885	unlock_buffer(bh: bh2);
886
887	put_bh(bh: bh1);
888	bh1 = NULL;
889
890	err = wait ? sync_dirty_buffer(bh: bh2) : 0;
891
892	put_bh(bh: bh2);
893	if (err)
894	return;
895	}
896
897	sbi->flags &= ~NTFS_FLAGS_MFTMIRR;
898	}
899
900	/*
901	* ntfs_bad_inode
902	*
903	* Marks inode as bad and marks fs as 'dirty'
904	*/
905	void ntfs_bad_inode(struct inode *inode, const char *hint)
906	{
907	struct ntfs_sb_info *sbi = inode->i_sb->s_fs_info;
908
909	ntfs_inode_err(inode, "%s", hint);
910	make_bad_inode(inode);
911	ntfs_set_state(sbi, dirty: NTFS_DIRTY_ERROR);
912	}
913
914	/*
915	* ntfs_set_state
916	*
917	* Mount: ntfs_set_state(NTFS_DIRTY_DIRTY)
918	* Umount: ntfs_set_state(NTFS_DIRTY_CLEAR)
919	* NTFS error: ntfs_set_state(NTFS_DIRTY_ERROR)
920	*/
921	int ntfs_set_state(struct ntfs_sb_info *sbi, enum NTFS_DIRTY_FLAGS dirty)
922	{
923	int err;
924	struct ATTRIB *attr;
925	struct VOLUME_INFO *info;
926	struct mft_inode *mi;
927	struct ntfs_inode *ni;
928	__le16 info_flags;
929
930	/*
931	* Do not change state if fs was real_dirty.
932	* Do not change state if fs already dirty(clear).
933	* Do not change any thing if mounted read only.
934	*/
935	if (sbi->volume.real_dirty || sb_rdonly(sb: sbi->sb))
936	return 0;
937
938	/* Check cached value. */
939	if ((dirty == NTFS_DIRTY_CLEAR ? 0 : VOLUME_FLAG_DIRTY) ==
940	(sbi->volume.flags & VOLUME_FLAG_DIRTY))
941	return 0;
942
943	ni = sbi->volume.ni;
944	if (!ni)
945	return -EINVAL;
946
947	mutex_lock_nested(lock: &ni->ni_lock, subclass: NTFS_INODE_MUTEX_DIRTY);
948
949	attr = ni_find_attr(ni, NULL, NULL, type: ATTR_VOL_INFO, NULL, name_len: 0, NULL, mi: &mi);
950	if (!attr) {
951	err = -EINVAL;
952	goto out;
953	}
954
955	info = resident_data_ex(attr, SIZEOF_ATTRIBUTE_VOLUME_INFO);
956	if (!info) {
957	err = -EINVAL;
958	goto out;
959	}
960
961	info_flags = info->flags;
962
963	switch (dirty) {
964	case NTFS_DIRTY_ERROR:
965	ntfs_notice(sbi->sb, "Mark volume as dirty due to NTFS errors");
966	sbi->volume.real_dirty = true;
967	fallthrough;
968	case NTFS_DIRTY_DIRTY:
969	info->flags |= VOLUME_FLAG_DIRTY;
970	break;
971	case NTFS_DIRTY_CLEAR:
972	info->flags &= ~VOLUME_FLAG_DIRTY;
973	break;
974	}
975	/* Cache current volume flags. */
976	if (info_flags != info->flags) {
977	sbi->volume.flags = info->flags;
978	mi->dirty = true;
979	}
980	err = 0;
981
982	out:
983	ni_unlock(ni);
984	if (err)
985	return err;
986
987	mark_inode_dirty_sync(inode: &ni->vfs_inode);
988	/* verify(!ntfs_update_mftmirr()); */
989
990	/* write mft record on disk. */
991	err = _ni_write_inode(&ni->vfs_inode, 1);
992
993	return err;
994	}
995
996	/*
997	* security_hash - Calculates a hash of security descriptor.
998	*/
999	static inline __le32 security_hash(const void *sd, size_t bytes)
1000	{
1001	u32 hash = 0;
1002	const __le32 *ptr = sd;
1003
1004	bytes >>= 2;
1005	while (bytes--)
1006	hash = ((hash >> 0x1D) | (hash << 3)) + le32_to_cpu(*ptr++);
1007	return cpu_to_le32(hash);
1008	}
1009
1010	/*
1011	* simple wrapper for sb_bread_unmovable.
1012	*/
1013	struct buffer_head *ntfs_bread(struct super_block *sb, sector_t block)
1014	{
1015	struct ntfs_sb_info *sbi = sb->s_fs_info;
1016	struct buffer_head *bh;
1017
1018	if (unlikely(block >= sbi->volume.blocks)) {
1019	/* prevent generic message "attempt to access beyond end of device" */
1020	ntfs_err(sb, "try to read out of volume at offset 0x%llx",
1021	(u64)block << sb->s_blocksize_bits);
1022	return NULL;
1023	}
1024
1025	bh = sb_bread_unmovable(sb, block);
1026	if (bh)
1027	return bh;
1028
1029	ntfs_err(sb, "failed to read volume at offset 0x%llx",
1030	(u64)block << sb->s_blocksize_bits);
1031	return NULL;
1032	}
1033
1034	int ntfs_sb_read(struct super_block *sb, u64 lbo, size_t bytes, void *buffer)
1035	{
1036	struct block_device *bdev = sb->s_bdev;
1037	u32 blocksize = sb->s_blocksize;
1038	u64 block = lbo >> sb->s_blocksize_bits;
1039	u32 off = lbo & (blocksize - 1);
1040	u32 op = blocksize - off;
1041
1042	for (; bytes; block += 1, off = 0, op = blocksize) {
1043	struct buffer_head *bh = __bread(bdev, block, size: blocksize);
1044
1045	if (!bh)
1046	return -EIO;
1047
1048	if (op > bytes)
1049	op = bytes;
1050
1051	memcpy(buffer, bh->b_data + off, op);
1052
1053	put_bh(bh);
1054
1055	bytes -= op;
1056	buffer = Add2Ptr(buffer, op);
1057	}
1058
1059	return 0;
1060	}
1061
1062	int ntfs_sb_write(struct super_block *sb, u64 lbo, size_t bytes,
1063	const void *buf, int wait)
1064	{
1065	u32 blocksize = sb->s_blocksize;
1066	struct block_device *bdev = sb->s_bdev;
1067	sector_t block = lbo >> sb->s_blocksize_bits;
1068	u32 off = lbo & (blocksize - 1);
1069	u32 op = blocksize - off;
1070	struct buffer_head *bh;
1071
1072	if (!wait && (sb->s_flags & SB_SYNCHRONOUS))
1073	wait = 1;
1074
1075	for (; bytes; block += 1, off = 0, op = blocksize) {
1076	if (op > bytes)
1077	op = bytes;
1078
1079	if (op < blocksize) {
1080	bh = __bread(bdev, block, size: blocksize);
1081	if (!bh) {
1082	ntfs_err(sb, "failed to read block %llx",
1083	(u64)block);
1084	return -EIO;
1085	}
1086	} else {
1087	bh = __getblk(bdev, block, size: blocksize);
1088	if (!bh)
1089	return -ENOMEM;
1090	}
1091
1092	if (buffer_locked(bh))
1093	__wait_on_buffer(bh);
1094
1095	lock_buffer(bh);
1096	if (buf) {
1097	memcpy(bh->b_data + off, buf, op);
1098	buf = Add2Ptr(buf, op);
1099	} else {
1100	memset(bh->b_data + off, -1, op);
1101	}
1102
1103	set_buffer_uptodate(bh);
1104	mark_buffer_dirty(bh);
1105	unlock_buffer(bh);
1106
1107	if (wait) {
1108	int err = sync_dirty_buffer(bh);
1109
1110	if (err) {
1111	ntfs_err(
1112	sb,
1113	"failed to sync buffer at block %llx, error %d",
1114	(u64)block, err);
1115	put_bh(bh);
1116	return err;
1117	}
1118	}
1119
1120	put_bh(bh);
1121
1122	bytes -= op;
1123	}
1124	return 0;
1125	}
1126
1127	int ntfs_sb_write_run(struct ntfs_sb_info *sbi, const struct runs_tree *run,
1128	u64 vbo, const void *buf, size_t bytes, int sync)
1129	{
1130	struct super_block *sb = sbi->sb;
1131	u8 cluster_bits = sbi->cluster_bits;
1132	u32 off = vbo & sbi->cluster_mask;
1133	CLST lcn, clen, vcn = vbo >> cluster_bits, vcn_next;
1134	u64 lbo, len;
1135	size_t idx;
1136
1137	if (!run_lookup_entry(run, vcn, lcn: &lcn, len: &clen, index: &idx))
1138	return -ENOENT;
1139
1140	if (lcn == SPARSE_LCN)
1141	return -EINVAL;
1142
1143	lbo = ((u64)lcn << cluster_bits) + off;
1144	len = ((u64)clen << cluster_bits) - off;
1145
1146	for (;;) {
1147	u32 op = min_t(u64, len, bytes);
1148	int err = ntfs_sb_write(sb, lbo, bytes: op, buf, wait: sync);
1149
1150	if (err)
1151	return err;
1152
1153	bytes -= op;
1154	if (!bytes)
1155	break;
1156
1157	vcn_next = vcn + clen;
1158	if (!run_get_entry(run, index: ++idx, vcn: &vcn, lcn: &lcn, len: &clen) ||
1159	vcn != vcn_next)
1160	return -ENOENT;
1161
1162	if (lcn == SPARSE_LCN)
1163	return -EINVAL;
1164
1165	if (buf)
1166	buf = Add2Ptr(buf, op);
1167
1168	lbo = ((u64)lcn << cluster_bits);
1169	len = ((u64)clen << cluster_bits);
1170	}
1171
1172	return 0;
1173	}
1174
1175	struct buffer_head *ntfs_bread_run(struct ntfs_sb_info *sbi,
1176	const struct runs_tree *run, u64 vbo)
1177	{
1178	struct super_block *sb = sbi->sb;
1179	u8 cluster_bits = sbi->cluster_bits;
1180	CLST lcn;
1181	u64 lbo;
1182
1183	if (!run_lookup_entry(run, vcn: vbo >> cluster_bits, lcn: &lcn, NULL, NULL))
1184	return ERR_PTR(error: -ENOENT);
1185
1186	lbo = ((u64)lcn << cluster_bits) + (vbo & sbi->cluster_mask);
1187
1188	return ntfs_bread(sb, block: lbo >> sb->s_blocksize_bits);
1189	}
1190
1191	int ntfs_read_run_nb(struct ntfs_sb_info *sbi, const struct runs_tree *run,
1192	u64 vbo, void *buf, u32 bytes, struct ntfs_buffers *nb)
1193	{
1194	int err;
1195	struct super_block *sb = sbi->sb;
1196	u32 blocksize = sb->s_blocksize;
1197	u8 cluster_bits = sbi->cluster_bits;
1198	u32 off = vbo & sbi->cluster_mask;
1199	u32 nbh = 0;
1200	CLST vcn_next, vcn = vbo >> cluster_bits;
1201	CLST lcn, clen;
1202	u64 lbo, len;
1203	size_t idx;
1204	struct buffer_head *bh;
1205
1206	if (!run) {
1207	/* First reading of $Volume + $MFTMirr + $LogFile goes here. */
1208	if (vbo > MFT_REC_VOL * sbi->record_size) {
1209	err = -ENOENT;
1210	goto out;
1211	}
1212
1213	/* Use absolute boot's 'MFTCluster' to read record. */
1214	lbo = vbo + sbi->mft.lbo;
1215	len = sbi->record_size;
1216	} else if (!run_lookup_entry(run, vcn, lcn: &lcn, len: &clen, index: &idx)) {
1217	err = -ENOENT;
1218	goto out;
1219	} else {
1220	if (lcn == SPARSE_LCN) {
1221	err = -EINVAL;
1222	goto out;
1223	}
1224
1225	lbo = ((u64)lcn << cluster_bits) + off;
1226	len = ((u64)clen << cluster_bits) - off;
1227	}
1228
1229	off = lbo & (blocksize - 1);
1230	if (nb) {
1231	nb->off = off;
1232	nb->bytes = bytes;
1233	}
1234
1235	for (;;) {
1236	u32 len32 = len >= bytes ? bytes : len;
1237	sector_t block = lbo >> sb->s_blocksize_bits;
1238
1239	do {
1240	u32 op = blocksize - off;
1241
1242	if (op > len32)
1243	op = len32;
1244
1245	bh = ntfs_bread(sb, block);
1246	if (!bh) {
1247	err = -EIO;
1248	goto out;
1249	}
1250
1251	if (buf) {
1252	memcpy(buf, bh->b_data + off, op);
1253	buf = Add2Ptr(buf, op);
1254	}
1255
1256	if (!nb) {
1257	put_bh(bh);
1258	} else if (nbh >= ARRAY_SIZE(nb->bh)) {
1259	err = -EINVAL;
1260	goto out;
1261	} else {
1262	nb->bh[nbh++] = bh;
1263	nb->nbufs = nbh;
1264	}
1265
1266	bytes -= op;
1267	if (!bytes)
1268	return 0;
1269	len32 -= op;
1270	block += 1;
1271	off = 0;
1272
1273	} while (len32);
1274
1275	vcn_next = vcn + clen;
1276	if (!run_get_entry(run, index: ++idx, vcn: &vcn, lcn: &lcn, len: &clen) ||
1277	vcn != vcn_next) {
1278	err = -ENOENT;
1279	goto out;
1280	}
1281
1282	if (lcn == SPARSE_LCN) {
1283	err = -EINVAL;
1284	goto out;
1285	}
1286
1287	lbo = ((u64)lcn << cluster_bits);
1288	len = ((u64)clen << cluster_bits);
1289	}
1290
1291	out:
1292	if (!nbh)
1293	return err;
1294
1295	while (nbh) {
1296	put_bh(bh: nb->bh[--nbh]);
1297	nb->bh[nbh] = NULL;
1298	}
1299
1300	nb->nbufs = 0;
1301	return err;
1302	}
1303
1304	/*
1305	* ntfs_read_bh
1306	*
1307	* Return: < 0 if error, 0 if ok, -E_NTFS_FIXUP if need to update fixups.
1308	*/
1309	int ntfs_read_bh(struct ntfs_sb_info *sbi, const struct runs_tree *run, u64 vbo,
1310	struct NTFS_RECORD_HEADER *rhdr, u32 bytes,
1311	struct ntfs_buffers *nb)
1312	{
1313	int err = ntfs_read_run_nb(sbi, run, vbo, buf: rhdr, bytes, nb);
1314
1315	if (err)
1316	return err;
1317	return ntfs_fix_post_read(rhdr, bytes: nb->bytes, simple: true);
1318	}
1319
1320	int ntfs_get_bh(struct ntfs_sb_info *sbi, const struct runs_tree *run, u64 vbo,
1321	u32 bytes, struct ntfs_buffers *nb)
1322	{
1323	int err = 0;
1324	struct super_block *sb = sbi->sb;
1325	u32 blocksize = sb->s_blocksize;
1326	u8 cluster_bits = sbi->cluster_bits;
1327	CLST vcn_next, vcn = vbo >> cluster_bits;
1328	u32 off;
1329	u32 nbh = 0;
1330	CLST lcn, clen;
1331	u64 lbo, len;
1332	size_t idx;
1333
1334	nb->bytes = bytes;
1335
1336	if (!run_lookup_entry(run, vcn, lcn: &lcn, len: &clen, index: &idx)) {
1337	err = -ENOENT;
1338	goto out;
1339	}
1340
1341	off = vbo & sbi->cluster_mask;
1342	lbo = ((u64)lcn << cluster_bits) + off;
1343	len = ((u64)clen << cluster_bits) - off;
1344
1345	nb->off = off = lbo & (blocksize - 1);
1346
1347	for (;;) {
1348	u32 len32 = min_t(u64, len, bytes);
1349	sector_t block = lbo >> sb->s_blocksize_bits;
1350
1351	do {
1352	u32 op;
1353	struct buffer_head *bh;
1354
1355	if (nbh >= ARRAY_SIZE(nb->bh)) {
1356	err = -EINVAL;
1357	goto out;
1358	}
1359
1360	op = blocksize - off;
1361	if (op > len32)
1362	op = len32;
1363
1364	if (op == blocksize) {
1365	bh = sb_getblk(sb, block);
1366	if (!bh) {
1367	err = -ENOMEM;
1368	goto out;
1369	}
1370	if (buffer_locked(bh))
1371	__wait_on_buffer(bh);
1372	set_buffer_uptodate(bh);
1373	} else {
1374	bh = ntfs_bread(sb, block);
1375	if (!bh) {
1376	err = -EIO;
1377	goto out;
1378	}
1379	}
1380
1381	nb->bh[nbh++] = bh;
1382	bytes -= op;
1383	if (!bytes) {
1384	nb->nbufs = nbh;
1385	return 0;
1386	}
1387
1388	block += 1;
1389	len32 -= op;
1390	off = 0;
1391	} while (len32);
1392
1393	vcn_next = vcn + clen;
1394	if (!run_get_entry(run, index: ++idx, vcn: &vcn, lcn: &lcn, len: &clen) ||
1395	vcn != vcn_next) {
1396	err = -ENOENT;
1397	goto out;
1398	}
1399
1400	lbo = ((u64)lcn << cluster_bits);
1401	len = ((u64)clen << cluster_bits);
1402	}
1403
1404	out:
1405	while (nbh) {
1406	put_bh(bh: nb->bh[--nbh]);
1407	nb->bh[nbh] = NULL;
1408	}
1409
1410	nb->nbufs = 0;
1411
1412	return err;
1413	}
1414
1415	int ntfs_write_bh(struct ntfs_sb_info *sbi, struct NTFS_RECORD_HEADER *rhdr,
1416	struct ntfs_buffers *nb, int sync)
1417	{
1418	int err = 0;
1419	struct super_block *sb = sbi->sb;
1420	u32 block_size = sb->s_blocksize;
1421	u32 bytes = nb->bytes;
1422	u32 off = nb->off;
1423	u16 fo = le16_to_cpu(rhdr->fix_off);
1424	u16 fn = le16_to_cpu(rhdr->fix_num);
1425	u32 idx;
1426	__le16 *fixup;
1427	__le16 sample;
1428
1429	if ((fo & 1) || fo + fn * sizeof(short) > SECTOR_SIZE || !fn-- ||
1430	fn * SECTOR_SIZE > bytes) {
1431	return -EINVAL;
1432	}
1433
1434	for (idx = 0; bytes && idx < nb->nbufs; idx += 1, off = 0) {
1435	u32 op = block_size - off;
1436	char *bh_data;
1437	struct buffer_head *bh = nb->bh[idx];
1438	__le16 *ptr, *end_data;
1439
1440	if (op > bytes)
1441	op = bytes;
1442
1443	if (buffer_locked(bh))
1444	__wait_on_buffer(bh);
1445
1446	lock_buffer(bh);
1447
1448	bh_data = bh->b_data + off;
1449	end_data = Add2Ptr(bh_data, op);
1450	memcpy(bh_data, rhdr, op);
1451
1452	if (!idx) {
1453	u16 t16;
1454
1455	fixup = Add2Ptr(bh_data, fo);
1456	sample = *fixup;
1457	t16 = le16_to_cpu(sample);
1458	if (t16 >= 0x7FFF) {
1459	sample = *fixup = cpu_to_le16(1);
1460	} else {
1461	sample = cpu_to_le16(t16 + 1);
1462	*fixup = sample;
1463	}
1464
1465	*(__le16 *)Add2Ptr(rhdr, fo) = sample;
1466	}
1467
1468	ptr = Add2Ptr(bh_data, SECTOR_SIZE - sizeof(short));
1469
1470	do {
1471	*++fixup = *ptr;
1472	*ptr = sample;
1473	ptr += SECTOR_SIZE / sizeof(short);
1474	} while (ptr < end_data);
1475
1476	set_buffer_uptodate(bh);
1477	mark_buffer_dirty(bh);
1478	unlock_buffer(bh);
1479
1480	if (sync) {
1481	int err2 = sync_dirty_buffer(bh);
1482
1483	if (!err && err2)
1484	err = err2;
1485	}
1486
1487	bytes -= op;
1488	rhdr = Add2Ptr(rhdr, op);
1489	}
1490
1491	return err;
1492	}
1493
1494	/*
1495	* ntfs_bio_pages - Read/write pages from/to disk.
1496	*/
1497	int ntfs_bio_pages(struct ntfs_sb_info *sbi, const struct runs_tree *run,
1498	struct page **pages, u32 nr_pages, u64 vbo, u32 bytes,
1499	enum req_op op)
1500	{
1501	int err = 0;
1502	struct bio *new, *bio = NULL;
1503	struct super_block *sb = sbi->sb;
1504	struct block_device *bdev = sb->s_bdev;
1505	struct page *page;
1506	u8 cluster_bits = sbi->cluster_bits;
1507	CLST lcn, clen, vcn, vcn_next;
1508	u32 add, off, page_idx;
1509	u64 lbo, len;
1510	size_t run_idx;
1511	struct blk_plug plug;
1512
1513	if (!bytes)
1514	return 0;
1515
1516	blk_start_plug(&plug);
1517
1518	/* Align vbo and bytes to be 512 bytes aligned. */
1519	lbo = (vbo + bytes + 511) & ~511ull;
1520	vbo = vbo & ~511ull;
1521	bytes = lbo - vbo;
1522
1523	vcn = vbo >> cluster_bits;
1524	if (!run_lookup_entry(run, vcn, lcn: &lcn, len: &clen, index: &run_idx)) {
1525	err = -ENOENT;
1526	goto out;
1527	}
1528	off = vbo & sbi->cluster_mask;
1529	page_idx = 0;
1530	page = pages[0];
1531
1532	for (;;) {
1533	lbo = ((u64)lcn << cluster_bits) + off;
1534	len = ((u64)clen << cluster_bits) - off;
1535	new_bio:
1536	new = bio_alloc(bdev, nr_vecs: nr_pages - page_idx, opf: op, GFP_NOFS);
1537	if (bio) {
1538	bio_chain(bio, new);
1539	submit_bio(bio);
1540	}
1541	bio = new;
1542	bio->bi_iter.bi_sector = lbo >> 9;
1543
1544	while (len) {
1545	off = vbo & (PAGE_SIZE - 1);
1546	add = off + len > PAGE_SIZE ? (PAGE_SIZE - off) : len;
1547
1548	if (bio_add_page(bio, page, len: add, off) < add)
1549	goto new_bio;
1550
1551	if (bytes <= add)
1552	goto out;
1553	bytes -= add;
1554	vbo += add;
1555
1556	if (add + off == PAGE_SIZE) {
1557	page_idx += 1;
1558	if (WARN_ON(page_idx >= nr_pages)) {
1559	err = -EINVAL;
1560	goto out;
1561	}
1562	page = pages[page_idx];
1563	}
1564
1565	if (len <= add)
1566	break;
1567	len -= add;
1568	lbo += add;
1569	}
1570
1571	vcn_next = vcn + clen;
1572	if (!run_get_entry(run, index: ++run_idx, vcn: &vcn, lcn: &lcn, len: &clen) ||
1573	vcn != vcn_next) {
1574	err = -ENOENT;
1575	goto out;
1576	}
1577	off = 0;
1578	}
1579	out:
1580	if (bio) {
1581	if (!err)
1582	err = submit_bio_wait(bio);
1583	bio_put(bio);
1584	}
1585	blk_finish_plug(&plug);
1586
1587	return err;
1588	}
1589
1590	/*
1591	* ntfs_bio_fill_1 - Helper for ntfs_loadlog_and_replay().
1592	*
1593	* Fill on-disk logfile range by (-1)
1594	* this means empty logfile.
1595	*/
1596	int ntfs_bio_fill_1(struct ntfs_sb_info *sbi, const struct runs_tree *run)
1597	{
1598	int err = 0;
1599	struct super_block *sb = sbi->sb;
1600	struct block_device *bdev = sb->s_bdev;
1601	u8 cluster_bits = sbi->cluster_bits;
1602	struct bio *new, *bio = NULL;
1603	CLST lcn, clen;
1604	u64 lbo, len;
1605	size_t run_idx;
1606	struct page *fill;
1607	void *kaddr;
1608	struct blk_plug plug;
1609
1610	fill = alloc_page(GFP_KERNEL);
1611	if (!fill)
1612	return -ENOMEM;
1613
1614	kaddr = kmap_atomic(page: fill);
1615	memset(kaddr, -1, PAGE_SIZE);
1616	kunmap_atomic(kaddr);
1617	flush_dcache_page(page: fill);
1618	lock_page(page: fill);
1619
1620	if (!run_lookup_entry(run, vcn: 0, lcn: &lcn, len: &clen, index: &run_idx)) {
1621	err = -ENOENT;
1622	goto out;
1623	}
1624
1625	/*
1626	* TODO: Try blkdev_issue_write_same.
1627	*/
1628	blk_start_plug(&plug);
1629	do {
1630	lbo = (u64)lcn << cluster_bits;
1631	len = (u64)clen << cluster_bits;
1632	new_bio:
1633	new = bio_alloc(bdev, BIO_MAX_VECS, opf: REQ_OP_WRITE, GFP_NOFS);
1634	if (bio) {
1635	bio_chain(bio, new);
1636	submit_bio(bio);
1637	}
1638	bio = new;
1639	bio->bi_iter.bi_sector = lbo >> 9;
1640
1641	for (;;) {
1642	u32 add = len > PAGE_SIZE ? PAGE_SIZE : len;
1643
1644	if (bio_add_page(bio, page: fill, len: add, off: 0) < add)
1645	goto new_bio;
1646
1647	lbo += add;
1648	if (len <= add)
1649	break;
1650	len -= add;
1651	}
1652	} while (run_get_entry(run, index: ++run_idx, NULL, lcn: &lcn, len: &clen));
1653
1654	if (!err)
1655	err = submit_bio_wait(bio);
1656	bio_put(bio);
1657
1658	blk_finish_plug(&plug);
1659	out:
1660	unlock_page(page: fill);
1661	put_page(page: fill);
1662
1663	return err;
1664	}
1665
1666	int ntfs_vbo_to_lbo(struct ntfs_sb_info *sbi, const struct runs_tree *run,
1667	u64 vbo, u64 *lbo, u64 *bytes)
1668	{
1669	u32 off;
1670	CLST lcn, len;
1671	u8 cluster_bits = sbi->cluster_bits;
1672
1673	if (!run_lookup_entry(run, vcn: vbo >> cluster_bits, lcn: &lcn, len: &len, NULL))
1674	return -ENOENT;
1675
1676	off = vbo & sbi->cluster_mask;
1677	*lbo = lcn == SPARSE_LCN ? -1 : (((u64)lcn << cluster_bits) + off);
1678	*bytes = ((u64)len << cluster_bits) - off;
1679
1680	return 0;
1681	}
1682
1683	struct ntfs_inode *ntfs_new_inode(struct ntfs_sb_info *sbi, CLST rno,
1684	enum RECORD_FLAG flag)
1685	{
1686	int err = 0;
1687	struct super_block *sb = sbi->sb;
1688	struct inode *inode = new_inode(sb);
1689	struct ntfs_inode *ni;
1690
1691	if (!inode)
1692	return ERR_PTR(error: -ENOMEM);
1693
1694	ni = ntfs_i(inode);
1695
1696	err = mi_format_new(mi: &ni->mi, sbi, rno, flags: flag, is_mft: false);
1697	if (err)
1698	goto out;
1699
1700	inode->i_ino = rno;
1701	if (insert_inode_locked(inode) < 0) {
1702	err = -EIO;
1703	goto out;
1704	}
1705
1706	out:
1707	if (err) {
1708	make_bad_inode(inode);
1709	iput(inode);
1710	ni = ERR_PTR(error: err);
1711	}
1712	return ni;
1713	}
1714
1715	/*
1716	* O:BAG:BAD:(A;OICI;FA;;;WD)
1717	* Owner S-1-5-32-544 (Administrators)
1718	* Group S-1-5-32-544 (Administrators)
1719	* ACE: allow S-1-1-0 (Everyone) with FILE_ALL_ACCESS
1720	*/
1721	const u8 s_default_security[] __aligned(8) = {
1722	0x01, 0x00, 0x04, 0x80, 0x30, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00,
1723	0x00, 0x00, 0x00, 0x00, 0x14, 0x00, 0x00, 0x00, 0x02, 0x00, 0x1C, 0x00,
1724	0x01, 0x00, 0x00, 0x00, 0x00, 0x03, 0x14, 0x00, 0xFF, 0x01, 0x1F, 0x00,
1725	0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
1726	0x01, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x20, 0x00, 0x00, 0x00,
1727	0x20, 0x02, 0x00, 0x00, 0x01, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05,
1728	0x20, 0x00, 0x00, 0x00, 0x20, 0x02, 0x00, 0x00,
1729	};
1730
1731	static_assert(sizeof(s_default_security) == 0x50);
1732
1733	static inline u32 sid_length(const struct SID *sid)
1734	{
1735	return struct_size(sid, SubAuthority, sid->SubAuthorityCount);
1736	}
1737
1738	/*
1739	* is_acl_valid
1740	*
1741	* Thanks Mark Harmstone for idea.
1742	*/
1743	static bool is_acl_valid(const struct ACL *acl, u32 len)
1744	{
1745	const struct ACE_HEADER *ace;
1746	u32 i;
1747	u16 ace_count, ace_size;
1748
1749	if (acl->AclRevision != ACL_REVISION &&
1750	acl->AclRevision != ACL_REVISION_DS) {
1751	/*
1752	* This value should be ACL_REVISION, unless the ACL contains an
1753	* object-specific ACE, in which case this value must be ACL_REVISION_DS.
1754	* All ACEs in an ACL must be at the same revision level.
1755	*/
1756	return false;
1757	}
1758
1759	if (acl->Sbz1)
1760	return false;
1761
1762	if (le16_to_cpu(acl->AclSize) > len)
1763	return false;
1764
1765	if (acl->Sbz2)
1766	return false;
1767
1768	len -= sizeof(struct ACL);
1769	ace = (struct ACE_HEADER *)&acl[1];
1770	ace_count = le16_to_cpu(acl->AceCount);
1771
1772	for (i = 0; i < ace_count; i++) {
1773	if (len < sizeof(struct ACE_HEADER))
1774	return false;
1775
1776	ace_size = le16_to_cpu(ace->AceSize);
1777	if (len < ace_size)
1778	return false;
1779
1780	len -= ace_size;
1781	ace = Add2Ptr(ace, ace_size);
1782	}
1783
1784	return true;
1785	}
1786
1787	bool is_sd_valid(const struct SECURITY_DESCRIPTOR_RELATIVE *sd, u32 len)
1788	{
1789	u32 sd_owner, sd_group, sd_sacl, sd_dacl;
1790
1791	if (len < sizeof(struct SECURITY_DESCRIPTOR_RELATIVE))
1792	return false;
1793
1794	if (sd->Revision != 1)
1795	return false;
1796
1797	if (sd->Sbz1)
1798	return false;
1799
1800	if (!(sd->Control & SE_SELF_RELATIVE))
1801	return false;
1802
1803	sd_owner = le32_to_cpu(sd->Owner);
1804	if (sd_owner) {
1805	const struct SID *owner = Add2Ptr(sd, sd_owner);
1806
1807	if (sd_owner + offsetof(struct SID, SubAuthority) > len)
1808	return false;
1809
1810	if (owner->Revision != 1)
1811	return false;
1812
1813	if (sd_owner + sid_length(sid: owner) > len)
1814	return false;
1815	}
1816
1817	sd_group = le32_to_cpu(sd->Group);
1818	if (sd_group) {
1819	const struct SID *group = Add2Ptr(sd, sd_group);
1820
1821	if (sd_group + offsetof(struct SID, SubAuthority) > len)
1822	return false;
1823
1824	if (group->Revision != 1)
1825	return false;
1826
1827	if (sd_group + sid_length(sid: group) > len)
1828	return false;
1829	}
1830
1831	sd_sacl = le32_to_cpu(sd->Sacl);
1832	if (sd_sacl) {
1833	const struct ACL *sacl = Add2Ptr(sd, sd_sacl);
1834
1835	if (sd_sacl + sizeof(struct ACL) > len)
1836	return false;
1837
1838	if (!is_acl_valid(acl: sacl, len: len - sd_sacl))
1839	return false;
1840	}
1841
1842	sd_dacl = le32_to_cpu(sd->Dacl);
1843	if (sd_dacl) {
1844	const struct ACL *dacl = Add2Ptr(sd, sd_dacl);
1845
1846	if (sd_dacl + sizeof(struct ACL) > len)
1847	return false;
1848
1849	if (!is_acl_valid(acl: dacl, len: len - sd_dacl))
1850	return false;
1851	}
1852
1853	return true;
1854	}
1855
1856	/*
1857	* ntfs_security_init - Load and parse $Secure.
1858	*/
1859	int ntfs_security_init(struct ntfs_sb_info *sbi)
1860	{
1861	int err;
1862	struct super_block *sb = sbi->sb;
1863	struct inode *inode;
1864	struct ntfs_inode *ni;
1865	struct MFT_REF ref;
1866	struct ATTRIB *attr;
1867	struct ATTR_LIST_ENTRY *le;
1868	u64 sds_size;
1869	size_t off;
1870	struct NTFS_DE *ne;
1871	struct NTFS_DE_SII *sii_e;
1872	struct ntfs_fnd *fnd_sii = NULL;
1873	const struct INDEX_ROOT *root_sii;
1874	const struct INDEX_ROOT *root_sdh;
1875	struct ntfs_index *indx_sdh = &sbi->security.index_sdh;
1876	struct ntfs_index *indx_sii = &sbi->security.index_sii;
1877
1878	ref.low = cpu_to_le32(MFT_REC_SECURE);
1879	ref.high = 0;
1880	ref.seq = cpu_to_le16(MFT_REC_SECURE);
1881
1882	inode = ntfs_iget5(sb, ref: &ref, name: &NAME_SECURE);
1883	if (IS_ERR(ptr: inode)) {
1884	err = PTR_ERR(ptr: inode);
1885	ntfs_err(sb, "Failed to load $Secure (%d).", err);
1886	inode = NULL;
1887	goto out;
1888	}
1889
1890	ni = ntfs_i(inode);
1891
1892	le = NULL;
1893
1894	attr = ni_find_attr(ni, NULL, entry_o: &le, type: ATTR_ROOT, name: SDH_NAME,
1895	ARRAY_SIZE(SDH_NAME), NULL, NULL);
1896	if (!attr ||
1897	!(root_sdh = resident_data_ex(attr, datasize: sizeof(struct INDEX_ROOT))) ||
1898	root_sdh->type != ATTR_ZERO ||
1899	root_sdh->rule != NTFS_COLLATION_TYPE_SECURITY_HASH ||
1900	offsetof(struct INDEX_ROOT, ihdr) +
1901	le32_to_cpu(root_sdh->ihdr.used) >
1902	le32_to_cpu(attr->res.data_size)) {
1903	ntfs_err(sb, "$Secure::$SDH is corrupted.");
1904	err = -EINVAL;
1905	goto out;
1906	}
1907
1908	err = indx_init(indx: indx_sdh, sbi, attr, type: INDEX_MUTEX_SDH);
1909	if (err) {
1910	ntfs_err(sb, "Failed to initialize $Secure::$SDH (%d).", err);
1911	goto out;
1912	}
1913
1914	attr = ni_find_attr(ni, attr, entry_o: &le, type: ATTR_ROOT, name: SII_NAME,
1915	ARRAY_SIZE(SII_NAME), NULL, NULL);
1916	if (!attr ||
1917	!(root_sii = resident_data_ex(attr, datasize: sizeof(struct INDEX_ROOT))) ||
1918	root_sii->type != ATTR_ZERO ||
1919	root_sii->rule != NTFS_COLLATION_TYPE_UINT ||
1920	offsetof(struct INDEX_ROOT, ihdr) +
1921	le32_to_cpu(root_sii->ihdr.used) >
1922	le32_to_cpu(attr->res.data_size)) {
1923	ntfs_err(sb, "$Secure::$SII is corrupted.");
1924	err = -EINVAL;
1925	goto out;
1926	}
1927
1928	err = indx_init(indx: indx_sii, sbi, attr, type: INDEX_MUTEX_SII);
1929	if (err) {
1930	ntfs_err(sb, "Failed to initialize $Secure::$SII (%d).", err);
1931	goto out;
1932	}
1933
1934	fnd_sii = fnd_get();
1935	if (!fnd_sii) {
1936	err = -ENOMEM;
1937	goto out;
1938	}
1939
1940	sds_size = inode->i_size;
1941
1942	/* Find the last valid Id. */
1943	sbi->security.next_id = SECURITY_ID_FIRST;
1944	/* Always write new security at the end of bucket. */
1945	sbi->security.next_off =
1946	ALIGN(sds_size - SecurityDescriptorsBlockSize, 16);
1947
1948	off = 0;
1949	ne = NULL;
1950
1951	for (;;) {
1952	u32 next_id;
1953
1954	err = indx_find_raw(indx: indx_sii, ni, root: root_sii, entry: &ne, off: &off, fnd: fnd_sii);
1955	if (err || !ne)
1956	break;
1957
1958	sii_e = (struct NTFS_DE_SII *)ne;
1959	if (le16_to_cpu(ne->view.data_size) < sizeof(sii_e->sec_hdr))
1960	continue;
1961
1962	next_id = le32_to_cpu(sii_e->sec_id) + 1;
1963	if (next_id >= sbi->security.next_id)
1964	sbi->security.next_id = next_id;
1965	}
1966
1967	sbi->security.ni = ni;
1968	inode = NULL;
1969	out:
1970	iput(inode);
1971	fnd_put(fnd: fnd_sii);
1972
1973	return err;
1974	}
1975
1976	/*
1977	* ntfs_get_security_by_id - Read security descriptor by id.
1978	*/
1979	int ntfs_get_security_by_id(struct ntfs_sb_info *sbi, __le32 security_id,
1980	struct SECURITY_DESCRIPTOR_RELATIVE **sd,
1981	size_t *size)
1982	{
1983	int err;
1984	int diff;
1985	struct ntfs_inode *ni = sbi->security.ni;
1986	struct ntfs_index *indx = &sbi->security.index_sii;
1987	void *p = NULL;
1988	struct NTFS_DE_SII *sii_e;
1989	struct ntfs_fnd *fnd_sii;
1990	struct SECURITY_HDR d_security;
1991	const struct INDEX_ROOT *root_sii;
1992	u32 t32;
1993
1994	*sd = NULL;
1995
1996	mutex_lock_nested(lock: &ni->ni_lock, subclass: NTFS_INODE_MUTEX_SECURITY);
1997
1998	fnd_sii = fnd_get();
1999	if (!fnd_sii) {
2000	err = -ENOMEM;
2001	goto out;
2002	}
2003
2004	root_sii = indx_get_root(indx, ni, NULL, NULL);
2005	if (!root_sii) {
2006	err = -EINVAL;
2007	goto out;
2008	}
2009
2010	/* Try to find this SECURITY descriptor in SII indexes. */
2011	err = indx_find(indx, dir: ni, root: root_sii, Key: &security_id, KeyLen: sizeof(security_id),
2012	NULL, diff: &diff, entry: (struct NTFS_DE **)&sii_e, fnd: fnd_sii);
2013	if (err)
2014	goto out;
2015
2016	if (diff)
2017	goto out;
2018
2019	t32 = le32_to_cpu(sii_e->sec_hdr.size);
2020	if (t32 < sizeof(struct SECURITY_HDR)) {
2021	err = -EINVAL;
2022	goto out;
2023	}
2024
2025	if (t32 > sizeof(struct SECURITY_HDR) + 0x10000) {
2026	/* Looks like too big security. 0x10000 - is arbitrary big number. */
2027	err = -EFBIG;
2028	goto out;
2029	}
2030
2031	*size = t32 - sizeof(struct SECURITY_HDR);
2032
2033	p = kmalloc(size: *size, GFP_NOFS);
2034	if (!p) {
2035	err = -ENOMEM;
2036	goto out;
2037	}
2038
2039	err = ntfs_read_run_nb(sbi, run: &ni->file.run,
2040	le64_to_cpu(sii_e->sec_hdr.off), buf: &d_security,
2041	bytes: sizeof(d_security), NULL);
2042	if (err)
2043	goto out;
2044
2045	if (memcmp(p: &d_security, q: &sii_e->sec_hdr, size: sizeof(d_security))) {
2046	err = -EINVAL;
2047	goto out;
2048	}
2049
2050	err = ntfs_read_run_nb(sbi, run: &ni->file.run,
2051	le64_to_cpu(sii_e->sec_hdr.off) +
2052	sizeof(struct SECURITY_HDR),
2053	buf: p, bytes: *size, NULL);
2054	if (err)
2055	goto out;
2056
2057	*sd = p;
2058	p = NULL;
2059
2060	out:
2061	kfree(objp: p);
2062	fnd_put(fnd: fnd_sii);
2063	ni_unlock(ni);
2064
2065	return err;
2066	}
2067
2068	/*
2069	* ntfs_insert_security - Insert security descriptor into $Secure::SDS.
2070	*
2071	* SECURITY Descriptor Stream data is organized into chunks of 256K bytes
2072	* and it contains a mirror copy of each security descriptor. When writing
2073	* to a security descriptor at location X, another copy will be written at
2074	* location (X+256K).
2075	* When writing a security descriptor that will cross the 256K boundary,
2076	* the pointer will be advanced by 256K to skip
2077	* over the mirror portion.
2078	*/
2079	int ntfs_insert_security(struct ntfs_sb_info *sbi,
2080	const struct SECURITY_DESCRIPTOR_RELATIVE *sd,
2081	u32 size_sd, __le32 *security_id, bool *inserted)
2082	{
2083	int err, diff;
2084	struct ntfs_inode *ni = sbi->security.ni;
2085	struct ntfs_index *indx_sdh = &sbi->security.index_sdh;
2086	struct ntfs_index *indx_sii = &sbi->security.index_sii;
2087	struct NTFS_DE_SDH *e;
2088	struct NTFS_DE_SDH sdh_e;
2089	struct NTFS_DE_SII sii_e;
2090	struct SECURITY_HDR *d_security;
2091	u32 new_sec_size = size_sd + sizeof(struct SECURITY_HDR);
2092	u32 aligned_sec_size = ALIGN(new_sec_size, 16);
2093	struct SECURITY_KEY hash_key;
2094	struct ntfs_fnd *fnd_sdh = NULL;
2095	const struct INDEX_ROOT *root_sdh;
2096	const struct INDEX_ROOT *root_sii;
2097	u64 mirr_off, new_sds_size;
2098	u32 next, left;
2099
2100	static_assert((1 << Log2OfSecurityDescriptorsBlockSize) ==
2101	SecurityDescriptorsBlockSize);
2102
2103	hash_key.hash = security_hash(sd, bytes: size_sd);
2104	hash_key.sec_id = SECURITY_ID_INVALID;
2105
2106	if (inserted)
2107	*inserted = false;
2108	*security_id = SECURITY_ID_INVALID;
2109
2110	/* Allocate a temporal buffer. */
2111	d_security = kzalloc(size: aligned_sec_size, GFP_NOFS);
2112	if (!d_security)
2113	return -ENOMEM;
2114
2115	mutex_lock_nested(lock: &ni->ni_lock, subclass: NTFS_INODE_MUTEX_SECURITY);
2116
2117	fnd_sdh = fnd_get();
2118	if (!fnd_sdh) {
2119	err = -ENOMEM;
2120	goto out;
2121	}
2122
2123	root_sdh = indx_get_root(indx: indx_sdh, ni, NULL, NULL);
2124	if (!root_sdh) {
2125	err = -EINVAL;
2126	goto out;
2127	}
2128
2129	root_sii = indx_get_root(indx: indx_sii, ni, NULL, NULL);
2130	if (!root_sii) {
2131	err = -EINVAL;
2132	goto out;
2133	}
2134
2135	/*
2136	* Check if such security already exists.
2137	* Use "SDH" and hash -> to get the offset in "SDS".
2138	*/
2139	err = indx_find(indx: indx_sdh, dir: ni, root: root_sdh, Key: &hash_key, KeyLen: sizeof(hash_key),
2140	param: &d_security->key.sec_id, diff: &diff, entry: (struct NTFS_DE **)&e,
2141	fnd: fnd_sdh);
2142	if (err)
2143	goto out;
2144
2145	while (e) {
2146	if (le32_to_cpu(e->sec_hdr.size) == new_sec_size) {
2147	err = ntfs_read_run_nb(sbi, run: &ni->file.run,
2148	le64_to_cpu(e->sec_hdr.off),
2149	buf: d_security, bytes: new_sec_size, NULL);
2150	if (err)
2151	goto out;
2152
2153	if (le32_to_cpu(d_security->size) == new_sec_size &&
2154	d_security->key.hash == hash_key.hash &&
2155	!memcmp(p: d_security + 1, q: sd, size: size_sd)) {
2156	/* Such security already exists. */
2157	*security_id = d_security->key.sec_id;
2158	err = 0;
2159	goto out;
2160	}
2161	}
2162
2163	err = indx_find_sort(indx: indx_sdh, ni, root: root_sdh,
2164	entry: (struct NTFS_DE **)&e, fnd: fnd_sdh);
2165	if (err)
2166	goto out;
2167
2168	if (!e || e->key.hash != hash_key.hash)
2169	break;
2170	}
2171
2172	/* Zero unused space. */
2173	next = sbi->security.next_off & (SecurityDescriptorsBlockSize - 1);
2174	left = SecurityDescriptorsBlockSize - next;
2175
2176	/* Zero gap until SecurityDescriptorsBlockSize. */
2177	if (left < new_sec_size) {
2178	/* Zero "left" bytes from sbi->security.next_off. */
2179	sbi->security.next_off += SecurityDescriptorsBlockSize + left;
2180	}
2181
2182	/* Zero tail of previous security. */
2183	//used = ni->vfs_inode.i_size & (SecurityDescriptorsBlockSize - 1);
2184
2185	/*
2186	* Example:
2187	* 0x40438 == ni->vfs_inode.i_size
2188	* 0x00440 == sbi->security.next_off
2189	* need to zero [0x438-0x440)
2190	* if (next > used) {
2191	* u32 tozero = next - used;
2192	* zero "tozero" bytes from sbi->security.next_off - tozero
2193	*/
2194
2195	/* Format new security descriptor. */
2196	d_security->key.hash = hash_key.hash;
2197	d_security->key.sec_id = cpu_to_le32(sbi->security.next_id);
2198	d_security->off = cpu_to_le64(sbi->security.next_off);
2199	d_security->size = cpu_to_le32(new_sec_size);
2200	memcpy(d_security + 1, sd, size_sd);
2201
2202	/* Write main SDS bucket. */
2203	err = ntfs_sb_write_run(sbi, run: &ni->file.run, vbo: sbi->security.next_off,
2204	buf: d_security, bytes: aligned_sec_size, sync: 0);
2205
2206	if (err)
2207	goto out;
2208
2209	mirr_off = sbi->security.next_off + SecurityDescriptorsBlockSize;
2210	new_sds_size = mirr_off + aligned_sec_size;
2211
2212	if (new_sds_size > ni->vfs_inode.i_size) {
2213	err = attr_set_size(ni, type: ATTR_DATA, name: SDS_NAME,
2214	ARRAY_SIZE(SDS_NAME), run: &ni->file.run,
2215	new_size: new_sds_size, new_valid: &new_sds_size, keep_prealloc: false, NULL);
2216	if (err)
2217	goto out;
2218	}
2219
2220	/* Write copy SDS bucket. */
2221	err = ntfs_sb_write_run(sbi, run: &ni->file.run, vbo: mirr_off, buf: d_security,
2222	bytes: aligned_sec_size, sync: 0);
2223	if (err)
2224	goto out;
2225
2226	/* Fill SII entry. */
2227	sii_e.de.view.data_off =
2228	cpu_to_le16(offsetof(struct NTFS_DE_SII, sec_hdr));
2229	sii_e.de.view.data_size = cpu_to_le16(sizeof(struct SECURITY_HDR));
2230	sii_e.de.view.res = 0;
2231	sii_e.de.size = cpu_to_le16(sizeof(struct NTFS_DE_SII));
2232	sii_e.de.key_size = cpu_to_le16(sizeof(d_security->key.sec_id));
2233	sii_e.de.flags = 0;
2234	sii_e.de.res = 0;
2235	sii_e.sec_id = d_security->key.sec_id;
2236	memcpy(&sii_e.sec_hdr, d_security, sizeof(struct SECURITY_HDR));
2237
2238	err = indx_insert_entry(indx: indx_sii, ni, new_de: &sii_e.de, NULL, NULL, undo: 0);
2239	if (err)
2240	goto out;
2241
2242	/* Fill SDH entry. */
2243	sdh_e.de.view.data_off =
2244	cpu_to_le16(offsetof(struct NTFS_DE_SDH, sec_hdr));
2245	sdh_e.de.view.data_size = cpu_to_le16(sizeof(struct SECURITY_HDR));
2246	sdh_e.de.view.res = 0;
2247	sdh_e.de.size = cpu_to_le16(SIZEOF_SDH_DIRENTRY);
2248	sdh_e.de.key_size = cpu_to_le16(sizeof(sdh_e.key));
2249	sdh_e.de.flags = 0;
2250	sdh_e.de.res = 0;
2251	sdh_e.key.hash = d_security->key.hash;
2252	sdh_e.key.sec_id = d_security->key.sec_id;
2253	memcpy(&sdh_e.sec_hdr, d_security, sizeof(struct SECURITY_HDR));
2254	sdh_e.magic[0] = cpu_to_le16('I');
2255	sdh_e.magic[1] = cpu_to_le16('I');
2256
2257	fnd_clear(fnd: fnd_sdh);
2258	err = indx_insert_entry(indx: indx_sdh, ni, new_de: &sdh_e.de, param: (void *)(size_t)1,
2259	fnd: fnd_sdh, undo: 0);
2260	if (err)
2261	goto out;
2262
2263	*security_id = d_security->key.sec_id;
2264	if (inserted)
2265	*inserted = true;
2266
2267	/* Update Id and offset for next descriptor. */
2268	sbi->security.next_id += 1;
2269	sbi->security.next_off += aligned_sec_size;
2270
2271	out:
2272	fnd_put(fnd: fnd_sdh);
2273	mark_inode_dirty(inode: &ni->vfs_inode);
2274	ni_unlock(ni);
2275	kfree(objp: d_security);
2276
2277	return err;
2278	}
2279
2280	/*
2281	* ntfs_reparse_init - Load and parse $Extend/$Reparse.
2282	*/
2283	int ntfs_reparse_init(struct ntfs_sb_info *sbi)
2284	{
2285	int err;
2286	struct ntfs_inode *ni = sbi->reparse.ni;
2287	struct ntfs_index *indx = &sbi->reparse.index_r;
2288	struct ATTRIB *attr;
2289	struct ATTR_LIST_ENTRY *le;
2290	const struct INDEX_ROOT *root_r;
2291
2292	if (!ni)
2293	return 0;
2294
2295	le = NULL;
2296	attr = ni_find_attr(ni, NULL, entry_o: &le, type: ATTR_ROOT, name: SR_NAME,
2297	ARRAY_SIZE(SR_NAME), NULL, NULL);
2298	if (!attr) {
2299	err = -EINVAL;
2300	goto out;
2301	}
2302
2303	root_r = resident_data(attr);
2304	if (root_r->type != ATTR_ZERO ||
2305	root_r->rule != NTFS_COLLATION_TYPE_UINTS) {
2306	err = -EINVAL;
2307	goto out;
2308	}
2309
2310	err = indx_init(indx, sbi, attr, type: INDEX_MUTEX_SR);
2311	if (err)
2312	goto out;
2313
2314	out:
2315	return err;
2316	}
2317
2318	/*
2319	* ntfs_objid_init - Load and parse $Extend/$ObjId.
2320	*/
2321	int ntfs_objid_init(struct ntfs_sb_info *sbi)
2322	{
2323	int err;
2324	struct ntfs_inode *ni = sbi->objid.ni;
2325	struct ntfs_index *indx = &sbi->objid.index_o;
2326	struct ATTRIB *attr;
2327	struct ATTR_LIST_ENTRY *le;
2328	const struct INDEX_ROOT *root;
2329
2330	if (!ni)
2331	return 0;
2332
2333	le = NULL;
2334	attr = ni_find_attr(ni, NULL, entry_o: &le, type: ATTR_ROOT, name: SO_NAME,
2335	ARRAY_SIZE(SO_NAME), NULL, NULL);
2336	if (!attr) {
2337	err = -EINVAL;
2338	goto out;
2339	}
2340
2341	root = resident_data(attr);
2342	if (root->type != ATTR_ZERO ||
2343	root->rule != NTFS_COLLATION_TYPE_UINTS) {
2344	err = -EINVAL;
2345	goto out;
2346	}
2347
2348	err = indx_init(indx, sbi, attr, type: INDEX_MUTEX_SO);
2349	if (err)
2350	goto out;
2351
2352	out:
2353	return err;
2354	}
2355
2356	int ntfs_objid_remove(struct ntfs_sb_info *sbi, struct GUID *guid)
2357	{
2358	int err;
2359	struct ntfs_inode *ni = sbi->objid.ni;
2360	struct ntfs_index *indx = &sbi->objid.index_o;
2361
2362	if (!ni)
2363	return -EINVAL;
2364
2365	mutex_lock_nested(lock: &ni->ni_lock, subclass: NTFS_INODE_MUTEX_OBJID);
2366
2367	err = indx_delete_entry(indx, ni, key: guid, key_len: sizeof(*guid), NULL);
2368
2369	mark_inode_dirty(inode: &ni->vfs_inode);
2370	ni_unlock(ni);
2371
2372	return err;
2373	}
2374
2375	int ntfs_insert_reparse(struct ntfs_sb_info *sbi, __le32 rtag,
2376	const struct MFT_REF *ref)
2377	{
2378	int err;
2379	struct ntfs_inode *ni = sbi->reparse.ni;
2380	struct ntfs_index *indx = &sbi->reparse.index_r;
2381	struct NTFS_DE_R re;
2382
2383	if (!ni)
2384	return -EINVAL;
2385
2386	memset(&re, 0, sizeof(re));
2387
2388	re.de.view.data_off = cpu_to_le16(offsetof(struct NTFS_DE_R, zero));
2389	re.de.size = cpu_to_le16(sizeof(struct NTFS_DE_R));
2390	re.de.key_size = cpu_to_le16(sizeof(re.key));
2391
2392	re.key.ReparseTag = rtag;
2393	memcpy(&re.key.ref, ref, sizeof(*ref));
2394
2395	mutex_lock_nested(lock: &ni->ni_lock, subclass: NTFS_INODE_MUTEX_REPARSE);
2396
2397	err = indx_insert_entry(indx, ni, new_de: &re.de, NULL, NULL, undo: 0);
2398
2399	mark_inode_dirty(inode: &ni->vfs_inode);
2400	ni_unlock(ni);
2401
2402	return err;
2403	}
2404
2405	int ntfs_remove_reparse(struct ntfs_sb_info *sbi, __le32 rtag,
2406	const struct MFT_REF *ref)
2407	{
2408	int err, diff;
2409	struct ntfs_inode *ni = sbi->reparse.ni;
2410	struct ntfs_index *indx = &sbi->reparse.index_r;
2411	struct ntfs_fnd *fnd = NULL;
2412	struct REPARSE_KEY rkey;
2413	struct NTFS_DE_R *re;
2414	struct INDEX_ROOT *root_r;
2415
2416	if (!ni)
2417	return -EINVAL;
2418
2419	rkey.ReparseTag = rtag;
2420	rkey.ref = *ref;
2421
2422	mutex_lock_nested(lock: &ni->ni_lock, subclass: NTFS_INODE_MUTEX_REPARSE);
2423
2424	if (rtag) {
2425	err = indx_delete_entry(indx, ni, key: &rkey, key_len: sizeof(rkey), NULL);
2426	goto out1;
2427	}
2428
2429	fnd = fnd_get();
2430	if (!fnd) {
2431	err = -ENOMEM;
2432	goto out1;
2433	}
2434
2435	root_r = indx_get_root(indx, ni, NULL, NULL);
2436	if (!root_r) {
2437	err = -EINVAL;
2438	goto out;
2439	}
2440
2441	/* 1 - forces to ignore rkey.ReparseTag when comparing keys. */
2442	err = indx_find(indx, dir: ni, root: root_r, Key: &rkey, KeyLen: sizeof(rkey), param: (void *)1, diff: &diff,
2443	entry: (struct NTFS_DE **)&re, fnd);
2444	if (err)
2445	goto out;
2446
2447	if (memcmp(p: &re->key.ref, q: ref, size: sizeof(*ref))) {
2448	/* Impossible. Looks like volume corrupt? */
2449	goto out;
2450	}
2451
2452	memcpy(&rkey, &re->key, sizeof(rkey));
2453
2454	fnd_put(fnd);
2455	fnd = NULL;
2456
2457	err = indx_delete_entry(indx, ni, key: &rkey, key_len: sizeof(rkey), NULL);
2458	if (err)
2459	goto out;
2460
2461	out:
2462	fnd_put(fnd);
2463
2464	out1:
2465	mark_inode_dirty(inode: &ni->vfs_inode);
2466	ni_unlock(ni);
2467
2468	return err;
2469	}
2470
2471	static inline void ntfs_unmap_and_discard(struct ntfs_sb_info *sbi, CLST lcn,
2472	CLST len)
2473	{
2474	ntfs_unmap_meta(sb: sbi->sb, lcn, len);
2475	ntfs_discard(sbi, Lcn: lcn, Len: len);
2476	}
2477
2478	void mark_as_free_ex(struct ntfs_sb_info *sbi, CLST lcn, CLST len, bool trim)
2479	{
2480	CLST end, i, zone_len, zlen;
2481	struct wnd_bitmap *wnd = &sbi->used.bitmap;
2482	bool dirty = false;
2483
2484	down_write_nested(sem: &wnd->rw_lock, subclass: BITMAP_MUTEX_CLUSTERS);
2485	if (!wnd_is_used(wnd, bit: lcn, bits: len)) {
2486	/* mark volume as dirty out of wnd->rw_lock */
2487	dirty = true;
2488
2489	end = lcn + len;
2490	len = 0;
2491	for (i = lcn; i < end; i++) {
2492	if (wnd_is_used(wnd, bit: i, bits: 1)) {
2493	if (!len)
2494	lcn = i;
2495	len += 1;
2496	continue;
2497	}
2498
2499	if (!len)
2500	continue;
2501
2502	if (trim)
2503	ntfs_unmap_and_discard(sbi, lcn, len);
2504
2505	wnd_set_free(wnd, bit: lcn, bits: len);
2506	len = 0;
2507	}
2508
2509	if (!len)
2510	goto out;
2511	}
2512
2513	if (trim)
2514	ntfs_unmap_and_discard(sbi, lcn, len);
2515	wnd_set_free(wnd, bit: lcn, bits: len);
2516
2517	/* append to MFT zone, if possible. */
2518	zone_len = wnd_zone_len(wnd);
2519	zlen = min(zone_len + len, sbi->zone_max);
2520
2521	if (zlen == zone_len) {
2522	/* MFT zone already has maximum size. */
2523	} else if (!zone_len) {
2524	/* Create MFT zone only if 'zlen' is large enough. */
2525	if (zlen == sbi->zone_max)
2526	wnd_zone_set(wnd, Lcn: lcn, Len: zlen);
2527	} else {
2528	CLST zone_lcn = wnd_zone_bit(wnd);
2529
2530	if (lcn + len == zone_lcn) {
2531	/* Append into head MFT zone. */
2532	wnd_zone_set(wnd, Lcn: lcn, Len: zlen);
2533	} else if (zone_lcn + zone_len == lcn) {
2534	/* Append into tail MFT zone. */
2535	wnd_zone_set(wnd, Lcn: zone_lcn, Len: zlen);
2536	}
2537	}
2538
2539	out:
2540	up_write(sem: &wnd->rw_lock);
2541	if (dirty)
2542	ntfs_set_state(sbi, dirty: NTFS_DIRTY_ERROR);
2543	}
2544
2545	/*
2546	* run_deallocate - Deallocate clusters.
2547	*/
2548	int run_deallocate(struct ntfs_sb_info *sbi, const struct runs_tree *run,
2549	bool trim)
2550	{
2551	CLST lcn, len;
2552	size_t idx = 0;
2553
2554	while (run_get_entry(run, index: idx++, NULL, lcn: &lcn, len: &len)) {
2555	if (lcn == SPARSE_LCN)
2556	continue;
2557
2558	mark_as_free_ex(sbi, lcn, len, trim);
2559	}
2560
2561	return 0;
2562	}
2563
2564	static inline bool name_has_forbidden_chars(const struct le_str *fname)
2565	{
2566	int i, ch;
2567
2568	/* check for forbidden chars */
2569	for (i = 0; i < fname->len; ++i) {
2570	ch = le16_to_cpu(fname->name[i]);
2571
2572	/* control chars */
2573	if (ch < 0x20)
2574	return true;
2575
2576	switch (ch) {
2577	/* disallowed by Windows */
2578	case '\\':
2579	case '/':
2580	case ':':
2581	case '*':
2582	case '?':
2583	case '<':
2584	case '>':
2585	case '|':
2586	case '\"':
2587	return true;
2588
2589	default:
2590	/* allowed char */
2591	break;
2592	}
2593	}
2594
2595	/* file names cannot end with space or . */
2596	if (fname->len > 0) {
2597	ch = le16_to_cpu(fname->name[fname->len - 1]);
2598	if (ch == ' ' || ch == '.')
2599	return true;
2600	}
2601
2602	return false;
2603	}
2604
2605	static inline bool is_reserved_name(const struct ntfs_sb_info *sbi,
2606	const struct le_str *fname)
2607	{
2608	int port_digit;
2609	const __le16 *name = fname->name;
2610	int len = fname->len;
2611	const u16 *upcase = sbi->upcase;
2612
2613	/* check for 3 chars reserved names (device names) */
2614	/* name by itself or with any extension is forbidden */
2615	if (len == 3 || (len > 3 && le16_to_cpu(name[3]) == '.'))
2616	if (!ntfs_cmp_names(s1: name, l1: 3, s2: CON_NAME, l2: 3, upcase, bothcase: false) ||
2617	!ntfs_cmp_names(s1: name, l1: 3, s2: NUL_NAME, l2: 3, upcase, bothcase: false) ||
2618	!ntfs_cmp_names(s1: name, l1: 3, s2: AUX_NAME, l2: 3, upcase, bothcase: false) ||
2619	!ntfs_cmp_names(s1: name, l1: 3, s2: PRN_NAME, l2: 3, upcase, bothcase: false))
2620	return true;
2621
2622	/* check for 4 chars reserved names (port name followed by 1..9) */
2623	/* name by itself or with any extension is forbidden */
2624	if (len == 4 || (len > 4 && le16_to_cpu(name[4]) == '.')) {
2625	port_digit = le16_to_cpu(name[3]);
2626	if (port_digit >= '1' && port_digit <= '9')
2627	if (!ntfs_cmp_names(s1: name, l1: 3, s2: COM_NAME, l2: 3, upcase,
2628	bothcase: false) ||
2629	!ntfs_cmp_names(s1: name, l1: 3, s2: LPT_NAME, l2: 3, upcase,
2630	bothcase: false))
2631	return true;
2632	}
2633
2634	return false;
2635	}
2636
2637	/*
2638	* valid_windows_name - Check if a file name is valid in Windows.
2639	*/
2640	bool valid_windows_name(struct ntfs_sb_info *sbi, const struct le_str *fname)
2641	{
2642	return !name_has_forbidden_chars(fname) &&
2643	!is_reserved_name(sbi, fname);
2644	}
2645
2646	/*
2647	* ntfs_set_label - updates current ntfs label.
2648	*/
2649	int ntfs_set_label(struct ntfs_sb_info *sbi, u8 *label, int len)
2650	{
2651	int err;
2652	struct ATTRIB *attr;
2653	struct ntfs_inode *ni = sbi->volume.ni;
2654	const u8 max_ulen = 0x80; /* TODO: use attrdef to get maximum length */
2655	/* Allocate PATH_MAX bytes. */
2656	struct cpu_str *uni = __getname();
2657
2658	if (!uni)
2659	return -ENOMEM;
2660
2661	err = ntfs_nls_to_utf16(sbi, name: label, name_len: len, uni, max_ulen: (PATH_MAX - 2) / 2,
2662	endian: UTF16_LITTLE_ENDIAN);
2663	if (err < 0)
2664	goto out;
2665
2666	if (uni->len > max_ulen) {
2667	ntfs_warn(sbi->sb, "new label is too long");
2668	err = -EFBIG;
2669	goto out;
2670	}
2671
2672	ni_lock(ni);
2673
2674	/* Ignore any errors. */
2675	ni_remove_attr(ni, type: ATTR_LABEL, NULL, name_len: 0, base_only: false, NULL);
2676
2677	err = ni_insert_resident(ni, data_size: uni->len * sizeof(u16), type: ATTR_LABEL, NULL,
2678	name_len: 0, new_attr: &attr, NULL, NULL);
2679	if (err < 0)
2680	goto unlock_out;
2681
2682	/* write new label in on-disk struct. */
2683	memcpy(resident_data(attr), uni->name, uni->len * sizeof(u16));
2684
2685	/* update cached value of current label. */
2686	if (len >= ARRAY_SIZE(sbi->volume.label))
2687	len = ARRAY_SIZE(sbi->volume.label) - 1;
2688	memcpy(sbi->volume.label, label, len);
2689	sbi->volume.label[len] = 0;
2690	mark_inode_dirty_sync(inode: &ni->vfs_inode);
2691
2692	unlock_out:
2693	ni_unlock(ni);
2694
2695	if (!err)
2696	err = _ni_write_inode(&ni->vfs_inode, 0);
2697
2698	out:
2699	__putname(uni);
2700	return err;
2701	}