1 | // SPDX-License-Identifier: GPL-2.0-only |
2 | /* |
3 | * This file is part of UBIFS. |
4 | * |
5 | * Copyright (C) 2006-2008 Nokia Corporation. |
6 | * |
7 | * Authors: Artem Bityutskiy (Битюцкий Артём) |
8 | * Adrian Hunter |
9 | */ |
10 | |
11 | /* |
12 | * This file implements UBIFS journal. |
13 | * |
14 | * The journal consists of 2 parts - the log and bud LEBs. The log has fixed |
15 | * length and position, while a bud logical eraseblock is any LEB in the main |
16 | * area. Buds contain file system data - data nodes, inode nodes, etc. The log |
17 | * contains only references to buds and some other stuff like commit |
18 | * start node. The idea is that when we commit the journal, we do |
19 | * not copy the data, the buds just become indexed. Since after the commit the |
20 | * nodes in bud eraseblocks become leaf nodes of the file system index tree, we |
21 | * use term "bud". Analogy is obvious, bud eraseblocks contain nodes which will |
22 | * become leafs in the future. |
23 | * |
24 | * The journal is multi-headed because we want to write data to the journal as |
25 | * optimally as possible. It is nice to have nodes belonging to the same inode |
26 | * in one LEB, so we may write data owned by different inodes to different |
27 | * journal heads, although at present only one data head is used. |
28 | * |
29 | * For recovery reasons, the base head contains all inode nodes, all directory |
30 | * entry nodes and all truncate nodes. This means that the other heads contain |
31 | * only data nodes. |
32 | * |
33 | * Bud LEBs may be half-indexed. For example, if the bud was not full at the |
34 | * time of commit, the bud is retained to continue to be used in the journal, |
35 | * even though the "front" of the LEB is now indexed. In that case, the log |
36 | * reference contains the offset where the bud starts for the purposes of the |
37 | * journal. |
38 | * |
39 | * The journal size has to be limited, because the larger is the journal, the |
40 | * longer it takes to mount UBIFS (scanning the journal) and the more memory it |
41 | * takes (indexing in the TNC). |
42 | * |
43 | * All the journal write operations like 'ubifs_jnl_update()' here, which write |
44 | * multiple UBIFS nodes to the journal at one go, are atomic with respect to |
45 | * unclean reboots. Should the unclean reboot happen, the recovery code drops |
46 | * all the nodes. |
47 | */ |
48 | |
49 | #include "ubifs.h" |
50 | |
51 | /** |
52 | * zero_ino_node_unused - zero out unused fields of an on-flash inode node. |
53 | * @ino: the inode to zero out |
54 | */ |
55 | static inline void zero_ino_node_unused(struct ubifs_ino_node *ino) |
56 | { |
57 | memset(ino->padding1, 0, 4); |
58 | memset(ino->padding2, 0, 26); |
59 | } |
60 | |
61 | /** |
62 | * zero_dent_node_unused - zero out unused fields of an on-flash directory |
63 | * entry node. |
64 | * @dent: the directory entry to zero out |
65 | */ |
66 | static inline void zero_dent_node_unused(struct ubifs_dent_node *dent) |
67 | { |
68 | dent->padding1 = 0; |
69 | } |
70 | |
71 | /** |
72 | * zero_trun_node_unused - zero out unused fields of an on-flash truncation |
73 | * node. |
74 | * @trun: the truncation node to zero out |
75 | */ |
76 | static inline void zero_trun_node_unused(struct ubifs_trun_node *trun) |
77 | { |
78 | memset(trun->padding, 0, 12); |
79 | } |
80 | |
81 | static void ubifs_add_auth_dirt(struct ubifs_info *c, int lnum) |
82 | { |
83 | if (ubifs_authenticated(c)) |
84 | ubifs_add_dirt(c, lnum, dirty: ubifs_auth_node_sz(c)); |
85 | } |
86 | |
87 | /** |
88 | * reserve_space - reserve space in the journal. |
89 | * @c: UBIFS file-system description object |
90 | * @jhead: journal head number |
91 | * @len: node length |
92 | * |
93 | * This function reserves space in journal head @head. If the reservation |
94 | * succeeded, the journal head stays locked and later has to be unlocked using |
95 | * 'release_head()'. Returns zero in case of success, %-EAGAIN if commit has to |
96 | * be done, and other negative error codes in case of other failures. |
97 | */ |
98 | static int reserve_space(struct ubifs_info *c, int jhead, int len) |
99 | { |
100 | int err = 0, err1, retries = 0, avail, lnum, offs, squeeze; |
101 | struct ubifs_wbuf *wbuf = &c->jheads[jhead].wbuf; |
102 | |
103 | /* |
104 | * Typically, the base head has smaller nodes written to it, so it is |
105 | * better to try to allocate space at the ends of eraseblocks. This is |
106 | * what the squeeze parameter does. |
107 | */ |
108 | ubifs_assert(c, !c->ro_media && !c->ro_mount); |
109 | squeeze = (jhead == BASEHD); |
110 | again: |
111 | mutex_lock_nested(lock: &wbuf->io_mutex, subclass: wbuf->jhead); |
112 | |
113 | if (c->ro_error) { |
114 | err = -EROFS; |
115 | goto out_unlock; |
116 | } |
117 | |
118 | avail = c->leb_size - wbuf->offs - wbuf->used; |
119 | if (wbuf->lnum != -1 && avail >= len) |
120 | return 0; |
121 | |
122 | /* |
123 | * Write buffer wasn't seek'ed or there is no enough space - look for an |
124 | * LEB with some empty space. |
125 | */ |
126 | lnum = ubifs_find_free_space(c, min_space: len, offs: &offs, squeeze); |
127 | if (lnum >= 0) |
128 | goto out; |
129 | |
130 | err = lnum; |
131 | if (err != -ENOSPC) |
132 | goto out_unlock; |
133 | |
134 | /* |
135 | * No free space, we have to run garbage collector to make |
136 | * some. But the write-buffer mutex has to be unlocked because |
137 | * GC also takes it. |
138 | */ |
139 | dbg_jnl("no free space in jhead %s, run GC" , dbg_jhead(jhead)); |
140 | mutex_unlock(lock: &wbuf->io_mutex); |
141 | |
142 | lnum = ubifs_garbage_collect(c, anyway: 0); |
143 | if (lnum < 0) { |
144 | err = lnum; |
145 | if (err != -ENOSPC) |
146 | return err; |
147 | |
148 | /* |
149 | * GC could not make a free LEB. But someone else may |
150 | * have allocated new bud for this journal head, |
151 | * because we dropped @wbuf->io_mutex, so try once |
152 | * again. |
153 | */ |
154 | dbg_jnl("GC couldn't make a free LEB for jhead %s" , |
155 | dbg_jhead(jhead)); |
156 | if (retries++ < 2) { |
157 | dbg_jnl("retry (%d)" , retries); |
158 | goto again; |
159 | } |
160 | |
161 | dbg_jnl("return -ENOSPC" ); |
162 | return err; |
163 | } |
164 | |
165 | mutex_lock_nested(lock: &wbuf->io_mutex, subclass: wbuf->jhead); |
166 | dbg_jnl("got LEB %d for jhead %s" , lnum, dbg_jhead(jhead)); |
167 | avail = c->leb_size - wbuf->offs - wbuf->used; |
168 | |
169 | if (wbuf->lnum != -1 && avail >= len) { |
170 | /* |
171 | * Someone else has switched the journal head and we have |
172 | * enough space now. This happens when more than one process is |
173 | * trying to write to the same journal head at the same time. |
174 | */ |
175 | dbg_jnl("return LEB %d back, already have LEB %d:%d" , |
176 | lnum, wbuf->lnum, wbuf->offs + wbuf->used); |
177 | err = ubifs_return_leb(c, lnum); |
178 | if (err) |
179 | goto out_unlock; |
180 | return 0; |
181 | } |
182 | |
183 | offs = 0; |
184 | |
185 | out: |
186 | /* |
187 | * Make sure we synchronize the write-buffer before we add the new bud |
188 | * to the log. Otherwise we may have a power cut after the log |
189 | * reference node for the last bud (@lnum) is written but before the |
190 | * write-buffer data are written to the next-to-last bud |
191 | * (@wbuf->lnum). And the effect would be that the recovery would see |
192 | * that there is corruption in the next-to-last bud. |
193 | */ |
194 | err = ubifs_wbuf_sync_nolock(wbuf); |
195 | if (err) |
196 | goto out_return; |
197 | err = ubifs_add_bud_to_log(c, jhead, lnum, offs); |
198 | if (err) |
199 | goto out_return; |
200 | err = ubifs_wbuf_seek_nolock(wbuf, lnum, offs); |
201 | if (err) |
202 | goto out_unlock; |
203 | |
204 | return 0; |
205 | |
206 | out_unlock: |
207 | mutex_unlock(lock: &wbuf->io_mutex); |
208 | return err; |
209 | |
210 | out_return: |
211 | /* An error occurred and the LEB has to be returned to lprops */ |
212 | ubifs_assert(c, err < 0); |
213 | err1 = ubifs_return_leb(c, lnum); |
214 | if (err1 && err == -EAGAIN) |
215 | /* |
216 | * Return original error code only if it is not %-EAGAIN, |
217 | * which is not really an error. Otherwise, return the error |
218 | * code of 'ubifs_return_leb()'. |
219 | */ |
220 | err = err1; |
221 | mutex_unlock(lock: &wbuf->io_mutex); |
222 | return err; |
223 | } |
224 | |
225 | static int ubifs_hash_nodes(struct ubifs_info *c, void *node, |
226 | int len, struct shash_desc *hash) |
227 | { |
228 | int auth_node_size = ubifs_auth_node_sz(c); |
229 | int err; |
230 | |
231 | while (1) { |
232 | const struct ubifs_ch *ch = node; |
233 | int nodelen = le32_to_cpu(ch->len); |
234 | |
235 | ubifs_assert(c, len >= auth_node_size); |
236 | |
237 | if (len == auth_node_size) |
238 | break; |
239 | |
240 | ubifs_assert(c, len > nodelen); |
241 | ubifs_assert(c, ch->magic == cpu_to_le32(UBIFS_NODE_MAGIC)); |
242 | |
243 | err = ubifs_shash_update(c, desc: hash, buf: (void *)node, len: nodelen); |
244 | if (err) |
245 | return err; |
246 | |
247 | node += ALIGN(nodelen, 8); |
248 | len -= ALIGN(nodelen, 8); |
249 | } |
250 | |
251 | return ubifs_prepare_auth_node(c, node, inhash: hash); |
252 | } |
253 | |
254 | /** |
255 | * write_head - write data to a journal head. |
256 | * @c: UBIFS file-system description object |
257 | * @jhead: journal head |
258 | * @buf: buffer to write |
259 | * @len: length to write |
260 | * @lnum: LEB number written is returned here |
261 | * @offs: offset written is returned here |
262 | * @sync: non-zero if the write-buffer has to by synchronized |
263 | * |
264 | * This function writes data to the reserved space of journal head @jhead. |
265 | * Returns zero in case of success and a negative error code in case of |
266 | * failure. |
267 | */ |
268 | static int write_head(struct ubifs_info *c, int jhead, void *buf, int len, |
269 | int *lnum, int *offs, int sync) |
270 | { |
271 | int err; |
272 | struct ubifs_wbuf *wbuf = &c->jheads[jhead].wbuf; |
273 | |
274 | ubifs_assert(c, jhead != GCHD); |
275 | |
276 | *lnum = c->jheads[jhead].wbuf.lnum; |
277 | *offs = c->jheads[jhead].wbuf.offs + c->jheads[jhead].wbuf.used; |
278 | dbg_jnl("jhead %s, LEB %d:%d, len %d" , |
279 | dbg_jhead(jhead), *lnum, *offs, len); |
280 | |
281 | if (ubifs_authenticated(c)) { |
282 | err = ubifs_hash_nodes(c, node: buf, len, hash: c->jheads[jhead].log_hash); |
283 | if (err) |
284 | return err; |
285 | } |
286 | |
287 | err = ubifs_wbuf_write_nolock(wbuf, buf, len); |
288 | if (err) |
289 | return err; |
290 | if (sync) |
291 | err = ubifs_wbuf_sync_nolock(wbuf); |
292 | return err; |
293 | } |
294 | |
295 | /** |
296 | * __queue_and_wait - queue a task and wait until the task is waked up. |
297 | * @c: UBIFS file-system description object |
298 | * |
299 | * This function adds current task in queue and waits until the task is waked |
300 | * up. This function should be called with @c->reserve_space_wq locked. |
301 | */ |
302 | static void __queue_and_wait(struct ubifs_info *c) |
303 | { |
304 | DEFINE_WAIT(wait); |
305 | |
306 | __add_wait_queue_entry_tail_exclusive(wq_head: &c->reserve_space_wq, wq_entry: &wait); |
307 | set_current_state(TASK_UNINTERRUPTIBLE); |
308 | spin_unlock(lock: &c->reserve_space_wq.lock); |
309 | |
310 | schedule(); |
311 | finish_wait(wq_head: &c->reserve_space_wq, wq_entry: &wait); |
312 | } |
313 | |
314 | /** |
315 | * wait_for_reservation - try queuing current task to wait until waked up. |
316 | * @c: UBIFS file-system description object |
317 | * |
318 | * This function queues current task to wait until waked up, if queuing is |
319 | * started(@c->need_wait_space is not %0). Returns %true if current task is |
320 | * added in queue, otherwise %false is returned. |
321 | */ |
322 | static bool wait_for_reservation(struct ubifs_info *c) |
323 | { |
324 | if (likely(atomic_read(&c->need_wait_space) == 0)) |
325 | /* Quick path to check whether queuing is started. */ |
326 | return false; |
327 | |
328 | spin_lock(lock: &c->reserve_space_wq.lock); |
329 | if (atomic_read(v: &c->need_wait_space) == 0) { |
330 | /* Queuing is not started, don't queue current task. */ |
331 | spin_unlock(lock: &c->reserve_space_wq.lock); |
332 | return false; |
333 | } |
334 | |
335 | __queue_and_wait(c); |
336 | return true; |
337 | } |
338 | |
339 | /** |
340 | * wake_up_reservation - wake up first task in queue or stop queuing. |
341 | * @c: UBIFS file-system description object |
342 | * |
343 | * This function wakes up the first task in queue if it exists, or stops |
344 | * queuing if no tasks in queue. |
345 | */ |
346 | static void wake_up_reservation(struct ubifs_info *c) |
347 | { |
348 | spin_lock(lock: &c->reserve_space_wq.lock); |
349 | if (waitqueue_active(wq_head: &c->reserve_space_wq)) |
350 | wake_up_locked(&c->reserve_space_wq); |
351 | else |
352 | /* |
353 | * Compared with wait_for_reservation(), set @c->need_wait_space |
354 | * under the protection of wait queue lock, which can avoid that |
355 | * @c->need_wait_space is set to 0 after new task queued. |
356 | */ |
357 | atomic_set(v: &c->need_wait_space, i: 0); |
358 | spin_unlock(lock: &c->reserve_space_wq.lock); |
359 | } |
360 | |
361 | /** |
362 | * wake_up_reservation - add current task in queue or start queuing. |
363 | * @c: UBIFS file-system description object |
364 | * |
365 | * This function starts queuing if queuing is not started, otherwise adds |
366 | * current task in queue. |
367 | */ |
368 | static void add_or_start_queue(struct ubifs_info *c) |
369 | { |
370 | spin_lock(lock: &c->reserve_space_wq.lock); |
371 | if (atomic_cmpxchg(v: &c->need_wait_space, old: 0, new: 1) == 0) { |
372 | /* Starts queuing, task can go on directly. */ |
373 | spin_unlock(lock: &c->reserve_space_wq.lock); |
374 | return; |
375 | } |
376 | |
377 | /* |
378 | * There are at least two tasks have retried more than 32 times |
379 | * at certain point, first task has started queuing, just queue |
380 | * the left tasks. |
381 | */ |
382 | __queue_and_wait(c); |
383 | } |
384 | |
385 | /** |
386 | * make_reservation - reserve journal space. |
387 | * @c: UBIFS file-system description object |
388 | * @jhead: journal head |
389 | * @len: how many bytes to reserve |
390 | * |
391 | * This function makes space reservation in journal head @jhead. The function |
392 | * takes the commit lock and locks the journal head, and the caller has to |
393 | * unlock the head and finish the reservation with 'finish_reservation()'. |
394 | * Returns zero in case of success and a negative error code in case of |
395 | * failure. |
396 | * |
397 | * Note, the journal head may be unlocked as soon as the data is written, while |
398 | * the commit lock has to be released after the data has been added to the |
399 | * TNC. |
400 | */ |
401 | static int make_reservation(struct ubifs_info *c, int jhead, int len) |
402 | { |
403 | int err, cmt_retries = 0, nospc_retries = 0; |
404 | bool blocked = wait_for_reservation(c); |
405 | |
406 | again: |
407 | down_read(sem: &c->commit_sem); |
408 | err = reserve_space(c, jhead, len); |
409 | if (!err) { |
410 | /* c->commit_sem will get released via finish_reservation(). */ |
411 | goto out_wake_up; |
412 | } |
413 | up_read(sem: &c->commit_sem); |
414 | |
415 | if (err == -ENOSPC) { |
416 | /* |
417 | * GC could not make any progress. We should try to commit |
418 | * because it could make some dirty space and GC would make |
419 | * progress, so make the error -EAGAIN so that the below |
420 | * will commit and re-try. |
421 | */ |
422 | nospc_retries++; |
423 | dbg_jnl("no space, retry" ); |
424 | err = -EAGAIN; |
425 | } |
426 | |
427 | if (err != -EAGAIN) |
428 | goto out; |
429 | |
430 | /* |
431 | * -EAGAIN means that the journal is full or too large, or the above |
432 | * code wants to do one commit. Do this and re-try. |
433 | */ |
434 | if (cmt_retries > 128) { |
435 | /* |
436 | * This should not happen unless: |
437 | * 1. The journal size limitations are too tough. |
438 | * 2. The budgeting is incorrect. We always have to be able to |
439 | * write to the media, because all operations are budgeted. |
440 | * Deletions are not budgeted, though, but we reserve an |
441 | * extra LEB for them. |
442 | */ |
443 | ubifs_err(c, fmt: "stuck in space allocation, nospc_retries %d" , |
444 | nospc_retries); |
445 | err = -ENOSPC; |
446 | goto out; |
447 | } else if (cmt_retries > 32) { |
448 | /* |
449 | * It's almost impossible to happen, unless there are many tasks |
450 | * making reservation concurrently and someone task has retried |
451 | * gc + commit for many times, generated available space during |
452 | * this period are grabbed by other tasks. |
453 | * But if it happens, start queuing up all tasks that will make |
454 | * space reservation, then there is only one task making space |
455 | * reservation at any time, and it can always make success under |
456 | * the premise of correct budgeting. |
457 | */ |
458 | ubifs_warn(c, fmt: "too many space allocation cmt_retries (%d) " |
459 | "nospc_retries (%d), start queuing tasks" , |
460 | cmt_retries, nospc_retries); |
461 | |
462 | if (!blocked) { |
463 | blocked = true; |
464 | add_or_start_queue(c); |
465 | } |
466 | } |
467 | |
468 | dbg_jnl("-EAGAIN, commit and retry (retried %d times)" , |
469 | cmt_retries); |
470 | cmt_retries += 1; |
471 | |
472 | err = ubifs_run_commit(c); |
473 | if (err) |
474 | goto out_wake_up; |
475 | goto again; |
476 | |
477 | out: |
478 | ubifs_err(c, fmt: "cannot reserve %d bytes in jhead %d, error %d" , |
479 | len, jhead, err); |
480 | if (err == -ENOSPC) { |
481 | /* This are some budgeting problems, print useful information */ |
482 | down_write(sem: &c->commit_sem); |
483 | dump_stack(); |
484 | ubifs_dump_budg(c, bi: &c->bi); |
485 | ubifs_dump_lprops(c); |
486 | cmt_retries = dbg_check_lprops(c); |
487 | up_write(sem: &c->commit_sem); |
488 | } |
489 | out_wake_up: |
490 | if (blocked) { |
491 | /* |
492 | * Only tasks that have ever started queuing or ever been queued |
493 | * can wake up other queued tasks, which can make sure that |
494 | * there is only one task waked up to make space reservation. |
495 | * For example: |
496 | * task A task B task C |
497 | * make_reservation make_reservation |
498 | * reserve_space // 0 |
499 | * wake_up_reservation |
500 | * atomic_cmpxchg // 0, start queuing |
501 | * reserve_space |
502 | * wait_for_reservation |
503 | * __queue_and_wait |
504 | * add_wait_queue |
505 | * if (blocked) // false |
506 | * // So that task C won't be waked up to race with task B |
507 | */ |
508 | wake_up_reservation(c); |
509 | } |
510 | return err; |
511 | } |
512 | |
513 | /** |
514 | * release_head - release a journal head. |
515 | * @c: UBIFS file-system description object |
516 | * @jhead: journal head |
517 | * |
518 | * This function releases journal head @jhead which was locked by |
519 | * the 'make_reservation()' function. It has to be called after each successful |
520 | * 'make_reservation()' invocation. |
521 | */ |
522 | static inline void release_head(struct ubifs_info *c, int jhead) |
523 | { |
524 | mutex_unlock(lock: &c->jheads[jhead].wbuf.io_mutex); |
525 | } |
526 | |
527 | /** |
528 | * finish_reservation - finish a reservation. |
529 | * @c: UBIFS file-system description object |
530 | * |
531 | * This function finishes journal space reservation. It must be called after |
532 | * 'make_reservation()'. |
533 | */ |
534 | static void finish_reservation(struct ubifs_info *c) |
535 | { |
536 | up_read(sem: &c->commit_sem); |
537 | } |
538 | |
539 | /** |
540 | * get_dent_type - translate VFS inode mode to UBIFS directory entry type. |
541 | * @mode: inode mode |
542 | */ |
543 | static int get_dent_type(int mode) |
544 | { |
545 | switch (mode & S_IFMT) { |
546 | case S_IFREG: |
547 | return UBIFS_ITYPE_REG; |
548 | case S_IFDIR: |
549 | return UBIFS_ITYPE_DIR; |
550 | case S_IFLNK: |
551 | return UBIFS_ITYPE_LNK; |
552 | case S_IFBLK: |
553 | return UBIFS_ITYPE_BLK; |
554 | case S_IFCHR: |
555 | return UBIFS_ITYPE_CHR; |
556 | case S_IFIFO: |
557 | return UBIFS_ITYPE_FIFO; |
558 | case S_IFSOCK: |
559 | return UBIFS_ITYPE_SOCK; |
560 | default: |
561 | BUG(); |
562 | } |
563 | return 0; |
564 | } |
565 | |
566 | /** |
567 | * pack_inode - pack an inode node. |
568 | * @c: UBIFS file-system description object |
569 | * @ino: buffer in which to pack inode node |
570 | * @inode: inode to pack |
571 | * @last: indicates the last node of the group |
572 | */ |
573 | static void pack_inode(struct ubifs_info *c, struct ubifs_ino_node *ino, |
574 | const struct inode *inode, int last) |
575 | { |
576 | int data_len = 0, last_reference = !inode->i_nlink; |
577 | struct ubifs_inode *ui = ubifs_inode(inode); |
578 | |
579 | ino->ch.node_type = UBIFS_INO_NODE; |
580 | ino_key_init_flash(c, k: &ino->key, inum: inode->i_ino); |
581 | ino->creat_sqnum = cpu_to_le64(ui->creat_sqnum); |
582 | ino->atime_sec = cpu_to_le64(inode_get_atime_sec(inode)); |
583 | ino->atime_nsec = cpu_to_le32(inode_get_atime_nsec(inode)); |
584 | ino->ctime_sec = cpu_to_le64(inode_get_ctime_sec(inode)); |
585 | ino->ctime_nsec = cpu_to_le32(inode_get_ctime_nsec(inode)); |
586 | ino->mtime_sec = cpu_to_le64(inode_get_mtime_sec(inode)); |
587 | ino->mtime_nsec = cpu_to_le32(inode_get_mtime_nsec(inode)); |
588 | ino->uid = cpu_to_le32(i_uid_read(inode)); |
589 | ino->gid = cpu_to_le32(i_gid_read(inode)); |
590 | ino->mode = cpu_to_le32(inode->i_mode); |
591 | ino->flags = cpu_to_le32(ui->flags); |
592 | ino->size = cpu_to_le64(ui->ui_size); |
593 | ino->nlink = cpu_to_le32(inode->i_nlink); |
594 | ino->compr_type = cpu_to_le16(ui->compr_type); |
595 | ino->data_len = cpu_to_le32(ui->data_len); |
596 | ino->xattr_cnt = cpu_to_le32(ui->xattr_cnt); |
597 | ino->xattr_size = cpu_to_le32(ui->xattr_size); |
598 | ino->xattr_names = cpu_to_le32(ui->xattr_names); |
599 | zero_ino_node_unused(ino); |
600 | |
601 | /* |
602 | * Drop the attached data if this is a deletion inode, the data is not |
603 | * needed anymore. |
604 | */ |
605 | if (!last_reference) { |
606 | memcpy(ino->data, ui->data, ui->data_len); |
607 | data_len = ui->data_len; |
608 | } |
609 | |
610 | ubifs_prep_grp_node(c, node: ino, UBIFS_INO_NODE_SZ + data_len, last); |
611 | } |
612 | |
613 | /** |
614 | * mark_inode_clean - mark UBIFS inode as clean. |
615 | * @c: UBIFS file-system description object |
616 | * @ui: UBIFS inode to mark as clean |
617 | * |
618 | * This helper function marks UBIFS inode @ui as clean by cleaning the |
619 | * @ui->dirty flag and releasing its budget. Note, VFS may still treat the |
620 | * inode as dirty and try to write it back, but 'ubifs_write_inode()' would |
621 | * just do nothing. |
622 | */ |
623 | static void mark_inode_clean(struct ubifs_info *c, struct ubifs_inode *ui) |
624 | { |
625 | if (ui->dirty) |
626 | ubifs_release_dirty_inode_budget(c, ui); |
627 | ui->dirty = 0; |
628 | } |
629 | |
630 | static void set_dent_cookie(struct ubifs_info *c, struct ubifs_dent_node *dent) |
631 | { |
632 | if (c->double_hash) |
633 | dent->cookie = (__force __le32) get_random_u32(); |
634 | else |
635 | dent->cookie = 0; |
636 | } |
637 | |
638 | /** |
639 | * ubifs_jnl_update - update inode. |
640 | * @c: UBIFS file-system description object |
641 | * @dir: parent inode or host inode in case of extended attributes |
642 | * @nm: directory entry name |
643 | * @inode: inode to update |
644 | * @deletion: indicates a directory entry deletion i.e unlink or rmdir |
645 | * @xent: non-zero if the directory entry is an extended attribute entry |
646 | * |
647 | * This function updates an inode by writing a directory entry (or extended |
648 | * attribute entry), the inode itself, and the parent directory inode (or the |
649 | * host inode) to the journal. |
650 | * |
651 | * The function writes the host inode @dir last, which is important in case of |
652 | * extended attributes. Indeed, then we guarantee that if the host inode gets |
653 | * synchronized (with 'fsync()'), and the write-buffer it sits in gets flushed, |
654 | * the extended attribute inode gets flushed too. And this is exactly what the |
655 | * user expects - synchronizing the host inode synchronizes its extended |
656 | * attributes. Similarly, this guarantees that if @dir is synchronized, its |
657 | * directory entry corresponding to @nm gets synchronized too. |
658 | * |
659 | * If the inode (@inode) or the parent directory (@dir) are synchronous, this |
660 | * function synchronizes the write-buffer. |
661 | * |
662 | * This function marks the @dir and @inode inodes as clean and returns zero on |
663 | * success. In case of failure, a negative error code is returned. |
664 | */ |
665 | int ubifs_jnl_update(struct ubifs_info *c, const struct inode *dir, |
666 | const struct fscrypt_name *nm, const struct inode *inode, |
667 | int deletion, int xent) |
668 | { |
669 | int err, dlen, ilen, len, lnum, ino_offs, dent_offs, orphan_added = 0; |
670 | int aligned_dlen, aligned_ilen, sync = IS_DIRSYNC(dir); |
671 | int last_reference = !!(deletion && inode->i_nlink == 0); |
672 | struct ubifs_inode *ui = ubifs_inode(inode); |
673 | struct ubifs_inode *host_ui = ubifs_inode(inode: dir); |
674 | struct ubifs_dent_node *dent; |
675 | struct ubifs_ino_node *ino; |
676 | union ubifs_key dent_key, ino_key; |
677 | u8 hash_dent[UBIFS_HASH_ARR_SZ]; |
678 | u8 hash_ino[UBIFS_HASH_ARR_SZ]; |
679 | u8 hash_ino_host[UBIFS_HASH_ARR_SZ]; |
680 | |
681 | ubifs_assert(c, mutex_is_locked(&host_ui->ui_mutex)); |
682 | |
683 | dlen = UBIFS_DENT_NODE_SZ + fname_len(nm) + 1; |
684 | ilen = UBIFS_INO_NODE_SZ; |
685 | |
686 | /* |
687 | * If the last reference to the inode is being deleted, then there is |
688 | * no need to attach and write inode data, it is being deleted anyway. |
689 | * And if the inode is being deleted, no need to synchronize |
690 | * write-buffer even if the inode is synchronous. |
691 | */ |
692 | if (!last_reference) { |
693 | ilen += ui->data_len; |
694 | sync |= IS_SYNC(inode); |
695 | } |
696 | |
697 | aligned_dlen = ALIGN(dlen, 8); |
698 | aligned_ilen = ALIGN(ilen, 8); |
699 | |
700 | len = aligned_dlen + aligned_ilen + UBIFS_INO_NODE_SZ; |
701 | /* Make sure to also account for extended attributes */ |
702 | if (ubifs_authenticated(c)) |
703 | len += ALIGN(host_ui->data_len, 8) + ubifs_auth_node_sz(c); |
704 | else |
705 | len += host_ui->data_len; |
706 | |
707 | dent = kzalloc(size: len, GFP_NOFS); |
708 | if (!dent) |
709 | return -ENOMEM; |
710 | |
711 | /* Make reservation before allocating sequence numbers */ |
712 | err = make_reservation(c, BASEHD, len); |
713 | if (err) |
714 | goto out_free; |
715 | |
716 | if (!xent) { |
717 | dent->ch.node_type = UBIFS_DENT_NODE; |
718 | if (fname_name(nm) == NULL) |
719 | dent_key_init_hash(c, key: &dent_key, inum: dir->i_ino, hash: nm->hash); |
720 | else |
721 | dent_key_init(c, key: &dent_key, inum: dir->i_ino, nm); |
722 | } else { |
723 | dent->ch.node_type = UBIFS_XENT_NODE; |
724 | xent_key_init(c, key: &dent_key, inum: dir->i_ino, nm); |
725 | } |
726 | |
727 | key_write(c, from: &dent_key, to: dent->key); |
728 | dent->inum = deletion ? 0 : cpu_to_le64(inode->i_ino); |
729 | dent->type = get_dent_type(mode: inode->i_mode); |
730 | dent->nlen = cpu_to_le16(fname_len(nm)); |
731 | memcpy(dent->name, fname_name(nm), fname_len(nm)); |
732 | dent->name[fname_len(nm)] = '\0'; |
733 | set_dent_cookie(c, dent); |
734 | |
735 | zero_dent_node_unused(dent); |
736 | ubifs_prep_grp_node(c, node: dent, len: dlen, last: 0); |
737 | err = ubifs_node_calc_hash(c, buf: dent, hash: hash_dent); |
738 | if (err) |
739 | goto out_release; |
740 | |
741 | ino = (void *)dent + aligned_dlen; |
742 | pack_inode(c, ino, inode, last: 0); |
743 | err = ubifs_node_calc_hash(c, buf: ino, hash: hash_ino); |
744 | if (err) |
745 | goto out_release; |
746 | |
747 | ino = (void *)ino + aligned_ilen; |
748 | pack_inode(c, ino, inode: dir, last: 1); |
749 | err = ubifs_node_calc_hash(c, buf: ino, hash: hash_ino_host); |
750 | if (err) |
751 | goto out_release; |
752 | |
753 | if (last_reference) { |
754 | err = ubifs_add_orphan(c, inum: inode->i_ino); |
755 | if (err) { |
756 | release_head(c, BASEHD); |
757 | goto out_finish; |
758 | } |
759 | ui->del_cmtno = c->cmt_no; |
760 | orphan_added = 1; |
761 | } |
762 | |
763 | err = write_head(c, BASEHD, buf: dent, len, lnum: &lnum, offs: &dent_offs, sync); |
764 | if (err) |
765 | goto out_release; |
766 | if (!sync) { |
767 | struct ubifs_wbuf *wbuf = &c->jheads[BASEHD].wbuf; |
768 | |
769 | ubifs_wbuf_add_ino_nolock(wbuf, inum: inode->i_ino); |
770 | ubifs_wbuf_add_ino_nolock(wbuf, inum: dir->i_ino); |
771 | } |
772 | release_head(c, BASEHD); |
773 | kfree(objp: dent); |
774 | ubifs_add_auth_dirt(c, lnum); |
775 | |
776 | if (deletion) { |
777 | if (fname_name(nm) == NULL) |
778 | err = ubifs_tnc_remove_dh(c, key: &dent_key, cookie: nm->minor_hash); |
779 | else |
780 | err = ubifs_tnc_remove_nm(c, key: &dent_key, nm); |
781 | if (err) |
782 | goto out_ro; |
783 | err = ubifs_add_dirt(c, lnum, dirty: dlen); |
784 | } else |
785 | err = ubifs_tnc_add_nm(c, key: &dent_key, lnum, offs: dent_offs, len: dlen, |
786 | hash: hash_dent, nm); |
787 | if (err) |
788 | goto out_ro; |
789 | |
790 | /* |
791 | * Note, we do not remove the inode from TNC even if the last reference |
792 | * to it has just been deleted, because the inode may still be opened. |
793 | * Instead, the inode has been added to orphan lists and the orphan |
794 | * subsystem will take further care about it. |
795 | */ |
796 | ino_key_init(c, key: &ino_key, inum: inode->i_ino); |
797 | ino_offs = dent_offs + aligned_dlen; |
798 | err = ubifs_tnc_add(c, key: &ino_key, lnum, offs: ino_offs, len: ilen, hash: hash_ino); |
799 | if (err) |
800 | goto out_ro; |
801 | |
802 | ino_key_init(c, key: &ino_key, inum: dir->i_ino); |
803 | ino_offs += aligned_ilen; |
804 | err = ubifs_tnc_add(c, key: &ino_key, lnum, offs: ino_offs, |
805 | UBIFS_INO_NODE_SZ + host_ui->data_len, hash: hash_ino_host); |
806 | if (err) |
807 | goto out_ro; |
808 | |
809 | finish_reservation(c); |
810 | spin_lock(lock: &ui->ui_lock); |
811 | ui->synced_i_size = ui->ui_size; |
812 | spin_unlock(lock: &ui->ui_lock); |
813 | if (xent) { |
814 | spin_lock(lock: &host_ui->ui_lock); |
815 | host_ui->synced_i_size = host_ui->ui_size; |
816 | spin_unlock(lock: &host_ui->ui_lock); |
817 | } |
818 | mark_inode_clean(c, ui); |
819 | mark_inode_clean(c, ui: host_ui); |
820 | return 0; |
821 | |
822 | out_finish: |
823 | finish_reservation(c); |
824 | out_free: |
825 | kfree(objp: dent); |
826 | return err; |
827 | |
828 | out_release: |
829 | release_head(c, BASEHD); |
830 | kfree(objp: dent); |
831 | out_ro: |
832 | ubifs_ro_mode(c, err); |
833 | if (orphan_added) |
834 | ubifs_delete_orphan(c, inum: inode->i_ino); |
835 | finish_reservation(c); |
836 | return err; |
837 | } |
838 | |
839 | /** |
840 | * ubifs_jnl_write_data - write a data node to the journal. |
841 | * @c: UBIFS file-system description object |
842 | * @inode: inode the data node belongs to |
843 | * @key: node key |
844 | * @buf: buffer to write |
845 | * @len: data length (must not exceed %UBIFS_BLOCK_SIZE) |
846 | * |
847 | * This function writes a data node to the journal. Returns %0 if the data node |
848 | * was successfully written, and a negative error code in case of failure. |
849 | */ |
850 | int ubifs_jnl_write_data(struct ubifs_info *c, const struct inode *inode, |
851 | const union ubifs_key *key, const void *buf, int len) |
852 | { |
853 | struct ubifs_data_node *data; |
854 | int err, lnum, offs, compr_type, out_len, compr_len, auth_len; |
855 | int dlen = COMPRESSED_DATA_NODE_BUF_SZ, allocated = 1; |
856 | int write_len; |
857 | struct ubifs_inode *ui = ubifs_inode(inode); |
858 | bool encrypted = IS_ENCRYPTED(inode); |
859 | u8 hash[UBIFS_HASH_ARR_SZ]; |
860 | |
861 | dbg_jnlk(key, "ino %lu, blk %u, len %d, key " , |
862 | (unsigned long)key_inum(c, key), key_block(c, key), len); |
863 | ubifs_assert(c, len <= UBIFS_BLOCK_SIZE); |
864 | |
865 | if (encrypted) |
866 | dlen += UBIFS_CIPHER_BLOCK_SIZE; |
867 | |
868 | auth_len = ubifs_auth_node_sz(c); |
869 | |
870 | data = kmalloc(size: dlen + auth_len, GFP_NOFS | __GFP_NOWARN); |
871 | if (!data) { |
872 | /* |
873 | * Fall-back to the write reserve buffer. Note, we might be |
874 | * currently on the memory reclaim path, when the kernel is |
875 | * trying to free some memory by writing out dirty pages. The |
876 | * write reserve buffer helps us to guarantee that we are |
877 | * always able to write the data. |
878 | */ |
879 | allocated = 0; |
880 | mutex_lock(&c->write_reserve_mutex); |
881 | data = c->write_reserve_buf; |
882 | } |
883 | |
884 | data->ch.node_type = UBIFS_DATA_NODE; |
885 | key_write(c, from: key, to: &data->key); |
886 | data->size = cpu_to_le32(len); |
887 | |
888 | if (!(ui->flags & UBIFS_COMPR_FL)) |
889 | /* Compression is disabled for this inode */ |
890 | compr_type = UBIFS_COMPR_NONE; |
891 | else |
892 | compr_type = ui->compr_type; |
893 | |
894 | out_len = compr_len = dlen - UBIFS_DATA_NODE_SZ; |
895 | ubifs_compress(c, in_buf: buf, in_len: len, out_buf: &data->data, out_len: &compr_len, compr_type: &compr_type); |
896 | ubifs_assert(c, compr_len <= UBIFS_BLOCK_SIZE); |
897 | |
898 | if (encrypted) { |
899 | err = ubifs_encrypt(inode, dn: data, in_len: compr_len, out_len: &out_len, block: key_block(c, key)); |
900 | if (err) |
901 | goto out_free; |
902 | |
903 | } else { |
904 | data->compr_size = 0; |
905 | out_len = compr_len; |
906 | } |
907 | |
908 | dlen = UBIFS_DATA_NODE_SZ + out_len; |
909 | if (ubifs_authenticated(c)) |
910 | write_len = ALIGN(dlen, 8) + auth_len; |
911 | else |
912 | write_len = dlen; |
913 | |
914 | data->compr_type = cpu_to_le16(compr_type); |
915 | |
916 | /* Make reservation before allocating sequence numbers */ |
917 | err = make_reservation(c, DATAHD, len: write_len); |
918 | if (err) |
919 | goto out_free; |
920 | |
921 | ubifs_prepare_node(c, buf: data, len: dlen, pad: 0); |
922 | err = write_head(c, DATAHD, buf: data, len: write_len, lnum: &lnum, offs: &offs, sync: 0); |
923 | if (err) |
924 | goto out_release; |
925 | |
926 | err = ubifs_node_calc_hash(c, buf: data, hash); |
927 | if (err) |
928 | goto out_release; |
929 | |
930 | ubifs_wbuf_add_ino_nolock(wbuf: &c->jheads[DATAHD].wbuf, inum: key_inum(c, k: key)); |
931 | release_head(c, DATAHD); |
932 | |
933 | ubifs_add_auth_dirt(c, lnum); |
934 | |
935 | err = ubifs_tnc_add(c, key, lnum, offs, len: dlen, hash); |
936 | if (err) |
937 | goto out_ro; |
938 | |
939 | finish_reservation(c); |
940 | if (!allocated) |
941 | mutex_unlock(lock: &c->write_reserve_mutex); |
942 | else |
943 | kfree(objp: data); |
944 | return 0; |
945 | |
946 | out_release: |
947 | release_head(c, DATAHD); |
948 | out_ro: |
949 | ubifs_ro_mode(c, err); |
950 | finish_reservation(c); |
951 | out_free: |
952 | if (!allocated) |
953 | mutex_unlock(lock: &c->write_reserve_mutex); |
954 | else |
955 | kfree(objp: data); |
956 | return err; |
957 | } |
958 | |
959 | /** |
960 | * ubifs_jnl_write_inode - flush inode to the journal. |
961 | * @c: UBIFS file-system description object |
962 | * @inode: inode to flush |
963 | * |
964 | * This function writes inode @inode to the journal. If the inode is |
965 | * synchronous, it also synchronizes the write-buffer. Returns zero in case of |
966 | * success and a negative error code in case of failure. |
967 | */ |
968 | int ubifs_jnl_write_inode(struct ubifs_info *c, const struct inode *inode) |
969 | { |
970 | int err, lnum, offs; |
971 | struct ubifs_ino_node *ino, *ino_start; |
972 | struct ubifs_inode *ui = ubifs_inode(inode); |
973 | int sync = 0, write_len = 0, ilen = UBIFS_INO_NODE_SZ; |
974 | int last_reference = !inode->i_nlink; |
975 | int kill_xattrs = ui->xattr_cnt && last_reference; |
976 | u8 hash[UBIFS_HASH_ARR_SZ]; |
977 | |
978 | dbg_jnl("ino %lu, nlink %u" , inode->i_ino, inode->i_nlink); |
979 | |
980 | /* |
981 | * If the inode is being deleted, do not write the attached data. No |
982 | * need to synchronize the write-buffer either. |
983 | */ |
984 | if (!last_reference) { |
985 | ilen += ui->data_len; |
986 | sync = IS_SYNC(inode); |
987 | } else if (kill_xattrs) { |
988 | write_len += UBIFS_INO_NODE_SZ * ui->xattr_cnt; |
989 | } |
990 | |
991 | if (ubifs_authenticated(c)) |
992 | write_len += ALIGN(ilen, 8) + ubifs_auth_node_sz(c); |
993 | else |
994 | write_len += ilen; |
995 | |
996 | ino_start = ino = kmalloc(size: write_len, GFP_NOFS); |
997 | if (!ino) |
998 | return -ENOMEM; |
999 | |
1000 | /* Make reservation before allocating sequence numbers */ |
1001 | err = make_reservation(c, BASEHD, len: write_len); |
1002 | if (err) |
1003 | goto out_free; |
1004 | |
1005 | if (kill_xattrs) { |
1006 | union ubifs_key key; |
1007 | struct fscrypt_name nm = {0}; |
1008 | struct inode *xino; |
1009 | struct ubifs_dent_node *xent, *pxent = NULL; |
1010 | |
1011 | if (ui->xattr_cnt > ubifs_xattr_max_cnt(c)) { |
1012 | err = -EPERM; |
1013 | ubifs_err(c, fmt: "Cannot delete inode, it has too much xattrs!" ); |
1014 | goto out_release; |
1015 | } |
1016 | |
1017 | lowest_xent_key(c, key: &key, inum: inode->i_ino); |
1018 | while (1) { |
1019 | xent = ubifs_tnc_next_ent(c, key: &key, nm: &nm); |
1020 | if (IS_ERR(ptr: xent)) { |
1021 | err = PTR_ERR(ptr: xent); |
1022 | if (err == -ENOENT) |
1023 | break; |
1024 | |
1025 | kfree(objp: pxent); |
1026 | goto out_release; |
1027 | } |
1028 | |
1029 | fname_name(&nm) = xent->name; |
1030 | fname_len(&nm) = le16_to_cpu(xent->nlen); |
1031 | |
1032 | xino = ubifs_iget(sb: c->vfs_sb, le64_to_cpu(xent->inum)); |
1033 | if (IS_ERR(ptr: xino)) { |
1034 | err = PTR_ERR(ptr: xino); |
1035 | ubifs_err(c, fmt: "dead directory entry '%s', error %d" , |
1036 | xent->name, err); |
1037 | ubifs_ro_mode(c, err); |
1038 | kfree(objp: pxent); |
1039 | kfree(objp: xent); |
1040 | goto out_release; |
1041 | } |
1042 | ubifs_assert(c, ubifs_inode(xino)->xattr); |
1043 | |
1044 | clear_nlink(inode: xino); |
1045 | pack_inode(c, ino, inode: xino, last: 0); |
1046 | ino = (void *)ino + UBIFS_INO_NODE_SZ; |
1047 | iput(xino); |
1048 | |
1049 | kfree(objp: pxent); |
1050 | pxent = xent; |
1051 | key_read(c, from: &xent->key, to: &key); |
1052 | } |
1053 | kfree(objp: pxent); |
1054 | } |
1055 | |
1056 | pack_inode(c, ino, inode, last: 1); |
1057 | err = ubifs_node_calc_hash(c, buf: ino, hash); |
1058 | if (err) |
1059 | goto out_release; |
1060 | |
1061 | err = write_head(c, BASEHD, buf: ino_start, len: write_len, lnum: &lnum, offs: &offs, sync); |
1062 | if (err) |
1063 | goto out_release; |
1064 | if (!sync) |
1065 | ubifs_wbuf_add_ino_nolock(wbuf: &c->jheads[BASEHD].wbuf, |
1066 | inum: inode->i_ino); |
1067 | release_head(c, BASEHD); |
1068 | |
1069 | if (last_reference) { |
1070 | err = ubifs_tnc_remove_ino(c, inum: inode->i_ino); |
1071 | if (err) |
1072 | goto out_ro; |
1073 | ubifs_delete_orphan(c, inum: inode->i_ino); |
1074 | err = ubifs_add_dirt(c, lnum, dirty: write_len); |
1075 | } else { |
1076 | union ubifs_key key; |
1077 | |
1078 | ubifs_add_auth_dirt(c, lnum); |
1079 | |
1080 | ino_key_init(c, key: &key, inum: inode->i_ino); |
1081 | err = ubifs_tnc_add(c, key: &key, lnum, offs, len: ilen, hash); |
1082 | } |
1083 | if (err) |
1084 | goto out_ro; |
1085 | |
1086 | finish_reservation(c); |
1087 | spin_lock(lock: &ui->ui_lock); |
1088 | ui->synced_i_size = ui->ui_size; |
1089 | spin_unlock(lock: &ui->ui_lock); |
1090 | kfree(objp: ino_start); |
1091 | return 0; |
1092 | |
1093 | out_release: |
1094 | release_head(c, BASEHD); |
1095 | out_ro: |
1096 | ubifs_ro_mode(c, err); |
1097 | finish_reservation(c); |
1098 | out_free: |
1099 | kfree(objp: ino_start); |
1100 | return err; |
1101 | } |
1102 | |
1103 | /** |
1104 | * ubifs_jnl_delete_inode - delete an inode. |
1105 | * @c: UBIFS file-system description object |
1106 | * @inode: inode to delete |
1107 | * |
1108 | * This function deletes inode @inode which includes removing it from orphans, |
1109 | * deleting it from TNC and, in some cases, writing a deletion inode to the |
1110 | * journal. |
1111 | * |
1112 | * When regular file inodes are unlinked or a directory inode is removed, the |
1113 | * 'ubifs_jnl_update()' function writes a corresponding deletion inode and |
1114 | * direntry to the media, and adds the inode to orphans. After this, when the |
1115 | * last reference to this inode has been dropped, this function is called. In |
1116 | * general, it has to write one more deletion inode to the media, because if |
1117 | * a commit happened between 'ubifs_jnl_update()' and |
1118 | * 'ubifs_jnl_delete_inode()', the deletion inode is not in the journal |
1119 | * anymore, and in fact it might not be on the flash anymore, because it might |
1120 | * have been garbage-collected already. And for optimization reasons UBIFS does |
1121 | * not read the orphan area if it has been unmounted cleanly, so it would have |
1122 | * no indication in the journal that there is a deleted inode which has to be |
1123 | * removed from TNC. |
1124 | * |
1125 | * However, if there was no commit between 'ubifs_jnl_update()' and |
1126 | * 'ubifs_jnl_delete_inode()', then there is no need to write the deletion |
1127 | * inode to the media for the second time. And this is quite a typical case. |
1128 | * |
1129 | * This function returns zero in case of success and a negative error code in |
1130 | * case of failure. |
1131 | */ |
1132 | int ubifs_jnl_delete_inode(struct ubifs_info *c, const struct inode *inode) |
1133 | { |
1134 | int err; |
1135 | struct ubifs_inode *ui = ubifs_inode(inode); |
1136 | |
1137 | ubifs_assert(c, inode->i_nlink == 0); |
1138 | |
1139 | if (ui->xattr_cnt || ui->del_cmtno != c->cmt_no) |
1140 | /* A commit happened for sure or inode hosts xattrs */ |
1141 | return ubifs_jnl_write_inode(c, inode); |
1142 | |
1143 | down_read(sem: &c->commit_sem); |
1144 | /* |
1145 | * Check commit number again, because the first test has been done |
1146 | * without @c->commit_sem, so a commit might have happened. |
1147 | */ |
1148 | if (ui->del_cmtno != c->cmt_no) { |
1149 | up_read(sem: &c->commit_sem); |
1150 | return ubifs_jnl_write_inode(c, inode); |
1151 | } |
1152 | |
1153 | err = ubifs_tnc_remove_ino(c, inum: inode->i_ino); |
1154 | if (err) |
1155 | ubifs_ro_mode(c, err); |
1156 | else |
1157 | ubifs_delete_orphan(c, inum: inode->i_ino); |
1158 | up_read(sem: &c->commit_sem); |
1159 | return err; |
1160 | } |
1161 | |
1162 | /** |
1163 | * ubifs_jnl_xrename - cross rename two directory entries. |
1164 | * @c: UBIFS file-system description object |
1165 | * @fst_dir: parent inode of 1st directory entry to exchange |
1166 | * @fst_inode: 1st inode to exchange |
1167 | * @fst_nm: name of 1st inode to exchange |
1168 | * @snd_dir: parent inode of 2nd directory entry to exchange |
1169 | * @snd_inode: 2nd inode to exchange |
1170 | * @snd_nm: name of 2nd inode to exchange |
1171 | * @sync: non-zero if the write-buffer has to be synchronized |
1172 | * |
1173 | * This function implements the cross rename operation which may involve |
1174 | * writing 2 inodes and 2 directory entries. It marks the written inodes as clean |
1175 | * and returns zero on success. In case of failure, a negative error code is |
1176 | * returned. |
1177 | */ |
1178 | int ubifs_jnl_xrename(struct ubifs_info *c, const struct inode *fst_dir, |
1179 | const struct inode *fst_inode, |
1180 | const struct fscrypt_name *fst_nm, |
1181 | const struct inode *snd_dir, |
1182 | const struct inode *snd_inode, |
1183 | const struct fscrypt_name *snd_nm, int sync) |
1184 | { |
1185 | union ubifs_key key; |
1186 | struct ubifs_dent_node *dent1, *dent2; |
1187 | int err, dlen1, dlen2, lnum, offs, len, plen = UBIFS_INO_NODE_SZ; |
1188 | int aligned_dlen1, aligned_dlen2; |
1189 | int twoparents = (fst_dir != snd_dir); |
1190 | void *p; |
1191 | u8 hash_dent1[UBIFS_HASH_ARR_SZ]; |
1192 | u8 hash_dent2[UBIFS_HASH_ARR_SZ]; |
1193 | u8 hash_p1[UBIFS_HASH_ARR_SZ]; |
1194 | u8 hash_p2[UBIFS_HASH_ARR_SZ]; |
1195 | |
1196 | ubifs_assert(c, ubifs_inode(fst_dir)->data_len == 0); |
1197 | ubifs_assert(c, ubifs_inode(snd_dir)->data_len == 0); |
1198 | ubifs_assert(c, mutex_is_locked(&ubifs_inode(fst_dir)->ui_mutex)); |
1199 | ubifs_assert(c, mutex_is_locked(&ubifs_inode(snd_dir)->ui_mutex)); |
1200 | |
1201 | dlen1 = UBIFS_DENT_NODE_SZ + fname_len(snd_nm) + 1; |
1202 | dlen2 = UBIFS_DENT_NODE_SZ + fname_len(fst_nm) + 1; |
1203 | aligned_dlen1 = ALIGN(dlen1, 8); |
1204 | aligned_dlen2 = ALIGN(dlen2, 8); |
1205 | |
1206 | len = aligned_dlen1 + aligned_dlen2 + ALIGN(plen, 8); |
1207 | if (twoparents) |
1208 | len += plen; |
1209 | |
1210 | len += ubifs_auth_node_sz(c); |
1211 | |
1212 | dent1 = kzalloc(size: len, GFP_NOFS); |
1213 | if (!dent1) |
1214 | return -ENOMEM; |
1215 | |
1216 | /* Make reservation before allocating sequence numbers */ |
1217 | err = make_reservation(c, BASEHD, len); |
1218 | if (err) |
1219 | goto out_free; |
1220 | |
1221 | /* Make new dent for 1st entry */ |
1222 | dent1->ch.node_type = UBIFS_DENT_NODE; |
1223 | dent_key_init_flash(c, k: &dent1->key, inum: snd_dir->i_ino, nm: snd_nm); |
1224 | dent1->inum = cpu_to_le64(fst_inode->i_ino); |
1225 | dent1->type = get_dent_type(mode: fst_inode->i_mode); |
1226 | dent1->nlen = cpu_to_le16(fname_len(snd_nm)); |
1227 | memcpy(dent1->name, fname_name(snd_nm), fname_len(snd_nm)); |
1228 | dent1->name[fname_len(snd_nm)] = '\0'; |
1229 | set_dent_cookie(c, dent: dent1); |
1230 | zero_dent_node_unused(dent: dent1); |
1231 | ubifs_prep_grp_node(c, node: dent1, len: dlen1, last: 0); |
1232 | err = ubifs_node_calc_hash(c, buf: dent1, hash: hash_dent1); |
1233 | if (err) |
1234 | goto out_release; |
1235 | |
1236 | /* Make new dent for 2nd entry */ |
1237 | dent2 = (void *)dent1 + aligned_dlen1; |
1238 | dent2->ch.node_type = UBIFS_DENT_NODE; |
1239 | dent_key_init_flash(c, k: &dent2->key, inum: fst_dir->i_ino, nm: fst_nm); |
1240 | dent2->inum = cpu_to_le64(snd_inode->i_ino); |
1241 | dent2->type = get_dent_type(mode: snd_inode->i_mode); |
1242 | dent2->nlen = cpu_to_le16(fname_len(fst_nm)); |
1243 | memcpy(dent2->name, fname_name(fst_nm), fname_len(fst_nm)); |
1244 | dent2->name[fname_len(fst_nm)] = '\0'; |
1245 | set_dent_cookie(c, dent: dent2); |
1246 | zero_dent_node_unused(dent: dent2); |
1247 | ubifs_prep_grp_node(c, node: dent2, len: dlen2, last: 0); |
1248 | err = ubifs_node_calc_hash(c, buf: dent2, hash: hash_dent2); |
1249 | if (err) |
1250 | goto out_release; |
1251 | |
1252 | p = (void *)dent2 + aligned_dlen2; |
1253 | if (!twoparents) { |
1254 | pack_inode(c, ino: p, inode: fst_dir, last: 1); |
1255 | err = ubifs_node_calc_hash(c, buf: p, hash: hash_p1); |
1256 | if (err) |
1257 | goto out_release; |
1258 | } else { |
1259 | pack_inode(c, ino: p, inode: fst_dir, last: 0); |
1260 | err = ubifs_node_calc_hash(c, buf: p, hash: hash_p1); |
1261 | if (err) |
1262 | goto out_release; |
1263 | p += ALIGN(plen, 8); |
1264 | pack_inode(c, ino: p, inode: snd_dir, last: 1); |
1265 | err = ubifs_node_calc_hash(c, buf: p, hash: hash_p2); |
1266 | if (err) |
1267 | goto out_release; |
1268 | } |
1269 | |
1270 | err = write_head(c, BASEHD, buf: dent1, len, lnum: &lnum, offs: &offs, sync); |
1271 | if (err) |
1272 | goto out_release; |
1273 | if (!sync) { |
1274 | struct ubifs_wbuf *wbuf = &c->jheads[BASEHD].wbuf; |
1275 | |
1276 | ubifs_wbuf_add_ino_nolock(wbuf, inum: fst_dir->i_ino); |
1277 | ubifs_wbuf_add_ino_nolock(wbuf, inum: snd_dir->i_ino); |
1278 | } |
1279 | release_head(c, BASEHD); |
1280 | |
1281 | ubifs_add_auth_dirt(c, lnum); |
1282 | |
1283 | dent_key_init(c, key: &key, inum: snd_dir->i_ino, nm: snd_nm); |
1284 | err = ubifs_tnc_add_nm(c, key: &key, lnum, offs, len: dlen1, hash: hash_dent1, nm: snd_nm); |
1285 | if (err) |
1286 | goto out_ro; |
1287 | |
1288 | offs += aligned_dlen1; |
1289 | dent_key_init(c, key: &key, inum: fst_dir->i_ino, nm: fst_nm); |
1290 | err = ubifs_tnc_add_nm(c, key: &key, lnum, offs, len: dlen2, hash: hash_dent2, nm: fst_nm); |
1291 | if (err) |
1292 | goto out_ro; |
1293 | |
1294 | offs += aligned_dlen2; |
1295 | |
1296 | ino_key_init(c, key: &key, inum: fst_dir->i_ino); |
1297 | err = ubifs_tnc_add(c, key: &key, lnum, offs, len: plen, hash: hash_p1); |
1298 | if (err) |
1299 | goto out_ro; |
1300 | |
1301 | if (twoparents) { |
1302 | offs += ALIGN(plen, 8); |
1303 | ino_key_init(c, key: &key, inum: snd_dir->i_ino); |
1304 | err = ubifs_tnc_add(c, key: &key, lnum, offs, len: plen, hash: hash_p2); |
1305 | if (err) |
1306 | goto out_ro; |
1307 | } |
1308 | |
1309 | finish_reservation(c); |
1310 | |
1311 | mark_inode_clean(c, ui: ubifs_inode(inode: fst_dir)); |
1312 | if (twoparents) |
1313 | mark_inode_clean(c, ui: ubifs_inode(inode: snd_dir)); |
1314 | kfree(objp: dent1); |
1315 | return 0; |
1316 | |
1317 | out_release: |
1318 | release_head(c, BASEHD); |
1319 | out_ro: |
1320 | ubifs_ro_mode(c, err); |
1321 | finish_reservation(c); |
1322 | out_free: |
1323 | kfree(objp: dent1); |
1324 | return err; |
1325 | } |
1326 | |
1327 | /** |
1328 | * ubifs_jnl_rename - rename a directory entry. |
1329 | * @c: UBIFS file-system description object |
1330 | * @old_dir: parent inode of directory entry to rename |
1331 | * @old_inode: directory entry's inode to rename |
1332 | * @old_nm: name of the old directory entry to rename |
1333 | * @new_dir: parent inode of directory entry to rename |
1334 | * @new_inode: new directory entry's inode (or directory entry's inode to |
1335 | * replace) |
1336 | * @new_nm: new name of the new directory entry |
1337 | * @whiteout: whiteout inode |
1338 | * @sync: non-zero if the write-buffer has to be synchronized |
1339 | * |
1340 | * This function implements the re-name operation which may involve writing up |
1341 | * to 4 inodes(new inode, whiteout inode, old and new parent directory inodes) |
1342 | * and 2 directory entries. It marks the written inodes as clean and returns |
1343 | * zero on success. In case of failure, a negative error code is returned. |
1344 | */ |
1345 | int ubifs_jnl_rename(struct ubifs_info *c, const struct inode *old_dir, |
1346 | const struct inode *old_inode, |
1347 | const struct fscrypt_name *old_nm, |
1348 | const struct inode *new_dir, |
1349 | const struct inode *new_inode, |
1350 | const struct fscrypt_name *new_nm, |
1351 | const struct inode *whiteout, int sync) |
1352 | { |
1353 | void *p; |
1354 | union ubifs_key key; |
1355 | struct ubifs_dent_node *dent, *dent2; |
1356 | int err, dlen1, dlen2, ilen, wlen, lnum, offs, len, orphan_added = 0; |
1357 | int aligned_dlen1, aligned_dlen2, plen = UBIFS_INO_NODE_SZ; |
1358 | int last_reference = !!(new_inode && new_inode->i_nlink == 0); |
1359 | int move = (old_dir != new_dir); |
1360 | struct ubifs_inode *new_ui, *whiteout_ui; |
1361 | u8 hash_old_dir[UBIFS_HASH_ARR_SZ]; |
1362 | u8 hash_new_dir[UBIFS_HASH_ARR_SZ]; |
1363 | u8 hash_new_inode[UBIFS_HASH_ARR_SZ]; |
1364 | u8 hash_whiteout_inode[UBIFS_HASH_ARR_SZ]; |
1365 | u8 hash_dent1[UBIFS_HASH_ARR_SZ]; |
1366 | u8 hash_dent2[UBIFS_HASH_ARR_SZ]; |
1367 | |
1368 | ubifs_assert(c, ubifs_inode(old_dir)->data_len == 0); |
1369 | ubifs_assert(c, ubifs_inode(new_dir)->data_len == 0); |
1370 | ubifs_assert(c, mutex_is_locked(&ubifs_inode(old_dir)->ui_mutex)); |
1371 | ubifs_assert(c, mutex_is_locked(&ubifs_inode(new_dir)->ui_mutex)); |
1372 | |
1373 | dlen1 = UBIFS_DENT_NODE_SZ + fname_len(new_nm) + 1; |
1374 | dlen2 = UBIFS_DENT_NODE_SZ + fname_len(old_nm) + 1; |
1375 | if (new_inode) { |
1376 | new_ui = ubifs_inode(inode: new_inode); |
1377 | ubifs_assert(c, mutex_is_locked(&new_ui->ui_mutex)); |
1378 | ilen = UBIFS_INO_NODE_SZ; |
1379 | if (!last_reference) |
1380 | ilen += new_ui->data_len; |
1381 | } else |
1382 | ilen = 0; |
1383 | |
1384 | if (whiteout) { |
1385 | whiteout_ui = ubifs_inode(inode: whiteout); |
1386 | ubifs_assert(c, mutex_is_locked(&whiteout_ui->ui_mutex)); |
1387 | ubifs_assert(c, whiteout->i_nlink == 1); |
1388 | ubifs_assert(c, !whiteout_ui->dirty); |
1389 | wlen = UBIFS_INO_NODE_SZ; |
1390 | wlen += whiteout_ui->data_len; |
1391 | } else |
1392 | wlen = 0; |
1393 | |
1394 | aligned_dlen1 = ALIGN(dlen1, 8); |
1395 | aligned_dlen2 = ALIGN(dlen2, 8); |
1396 | len = aligned_dlen1 + aligned_dlen2 + ALIGN(ilen, 8) + |
1397 | ALIGN(wlen, 8) + ALIGN(plen, 8); |
1398 | if (move) |
1399 | len += plen; |
1400 | |
1401 | len += ubifs_auth_node_sz(c); |
1402 | |
1403 | dent = kzalloc(size: len, GFP_NOFS); |
1404 | if (!dent) |
1405 | return -ENOMEM; |
1406 | |
1407 | /* Make reservation before allocating sequence numbers */ |
1408 | err = make_reservation(c, BASEHD, len); |
1409 | if (err) |
1410 | goto out_free; |
1411 | |
1412 | /* Make new dent */ |
1413 | dent->ch.node_type = UBIFS_DENT_NODE; |
1414 | dent_key_init_flash(c, k: &dent->key, inum: new_dir->i_ino, nm: new_nm); |
1415 | dent->inum = cpu_to_le64(old_inode->i_ino); |
1416 | dent->type = get_dent_type(mode: old_inode->i_mode); |
1417 | dent->nlen = cpu_to_le16(fname_len(new_nm)); |
1418 | memcpy(dent->name, fname_name(new_nm), fname_len(new_nm)); |
1419 | dent->name[fname_len(new_nm)] = '\0'; |
1420 | set_dent_cookie(c, dent); |
1421 | zero_dent_node_unused(dent); |
1422 | ubifs_prep_grp_node(c, node: dent, len: dlen1, last: 0); |
1423 | err = ubifs_node_calc_hash(c, buf: dent, hash: hash_dent1); |
1424 | if (err) |
1425 | goto out_release; |
1426 | |
1427 | dent2 = (void *)dent + aligned_dlen1; |
1428 | dent2->ch.node_type = UBIFS_DENT_NODE; |
1429 | dent_key_init_flash(c, k: &dent2->key, inum: old_dir->i_ino, nm: old_nm); |
1430 | |
1431 | if (whiteout) { |
1432 | dent2->inum = cpu_to_le64(whiteout->i_ino); |
1433 | dent2->type = get_dent_type(mode: whiteout->i_mode); |
1434 | } else { |
1435 | /* Make deletion dent */ |
1436 | dent2->inum = 0; |
1437 | dent2->type = DT_UNKNOWN; |
1438 | } |
1439 | dent2->nlen = cpu_to_le16(fname_len(old_nm)); |
1440 | memcpy(dent2->name, fname_name(old_nm), fname_len(old_nm)); |
1441 | dent2->name[fname_len(old_nm)] = '\0'; |
1442 | set_dent_cookie(c, dent: dent2); |
1443 | zero_dent_node_unused(dent: dent2); |
1444 | ubifs_prep_grp_node(c, node: dent2, len: dlen2, last: 0); |
1445 | err = ubifs_node_calc_hash(c, buf: dent2, hash: hash_dent2); |
1446 | if (err) |
1447 | goto out_release; |
1448 | |
1449 | p = (void *)dent2 + aligned_dlen2; |
1450 | if (new_inode) { |
1451 | pack_inode(c, ino: p, inode: new_inode, last: 0); |
1452 | err = ubifs_node_calc_hash(c, buf: p, hash: hash_new_inode); |
1453 | if (err) |
1454 | goto out_release; |
1455 | |
1456 | p += ALIGN(ilen, 8); |
1457 | } |
1458 | |
1459 | if (whiteout) { |
1460 | pack_inode(c, ino: p, inode: whiteout, last: 0); |
1461 | err = ubifs_node_calc_hash(c, buf: p, hash: hash_whiteout_inode); |
1462 | if (err) |
1463 | goto out_release; |
1464 | |
1465 | p += ALIGN(wlen, 8); |
1466 | } |
1467 | |
1468 | if (!move) { |
1469 | pack_inode(c, ino: p, inode: old_dir, last: 1); |
1470 | err = ubifs_node_calc_hash(c, buf: p, hash: hash_old_dir); |
1471 | if (err) |
1472 | goto out_release; |
1473 | } else { |
1474 | pack_inode(c, ino: p, inode: old_dir, last: 0); |
1475 | err = ubifs_node_calc_hash(c, buf: p, hash: hash_old_dir); |
1476 | if (err) |
1477 | goto out_release; |
1478 | |
1479 | p += ALIGN(plen, 8); |
1480 | pack_inode(c, ino: p, inode: new_dir, last: 1); |
1481 | err = ubifs_node_calc_hash(c, buf: p, hash: hash_new_dir); |
1482 | if (err) |
1483 | goto out_release; |
1484 | } |
1485 | |
1486 | if (last_reference) { |
1487 | err = ubifs_add_orphan(c, inum: new_inode->i_ino); |
1488 | if (err) { |
1489 | release_head(c, BASEHD); |
1490 | goto out_finish; |
1491 | } |
1492 | new_ui->del_cmtno = c->cmt_no; |
1493 | orphan_added = 1; |
1494 | } |
1495 | |
1496 | err = write_head(c, BASEHD, buf: dent, len, lnum: &lnum, offs: &offs, sync); |
1497 | if (err) |
1498 | goto out_release; |
1499 | if (!sync) { |
1500 | struct ubifs_wbuf *wbuf = &c->jheads[BASEHD].wbuf; |
1501 | |
1502 | ubifs_wbuf_add_ino_nolock(wbuf, inum: new_dir->i_ino); |
1503 | ubifs_wbuf_add_ino_nolock(wbuf, inum: old_dir->i_ino); |
1504 | if (new_inode) |
1505 | ubifs_wbuf_add_ino_nolock(wbuf: &c->jheads[BASEHD].wbuf, |
1506 | inum: new_inode->i_ino); |
1507 | if (whiteout) |
1508 | ubifs_wbuf_add_ino_nolock(wbuf: &c->jheads[BASEHD].wbuf, |
1509 | inum: whiteout->i_ino); |
1510 | } |
1511 | release_head(c, BASEHD); |
1512 | |
1513 | ubifs_add_auth_dirt(c, lnum); |
1514 | |
1515 | dent_key_init(c, key: &key, inum: new_dir->i_ino, nm: new_nm); |
1516 | err = ubifs_tnc_add_nm(c, key: &key, lnum, offs, len: dlen1, hash: hash_dent1, nm: new_nm); |
1517 | if (err) |
1518 | goto out_ro; |
1519 | |
1520 | offs += aligned_dlen1; |
1521 | if (whiteout) { |
1522 | dent_key_init(c, key: &key, inum: old_dir->i_ino, nm: old_nm); |
1523 | err = ubifs_tnc_add_nm(c, key: &key, lnum, offs, len: dlen2, hash: hash_dent2, nm: old_nm); |
1524 | if (err) |
1525 | goto out_ro; |
1526 | } else { |
1527 | err = ubifs_add_dirt(c, lnum, dirty: dlen2); |
1528 | if (err) |
1529 | goto out_ro; |
1530 | |
1531 | dent_key_init(c, key: &key, inum: old_dir->i_ino, nm: old_nm); |
1532 | err = ubifs_tnc_remove_nm(c, key: &key, nm: old_nm); |
1533 | if (err) |
1534 | goto out_ro; |
1535 | } |
1536 | |
1537 | offs += aligned_dlen2; |
1538 | if (new_inode) { |
1539 | ino_key_init(c, key: &key, inum: new_inode->i_ino); |
1540 | err = ubifs_tnc_add(c, key: &key, lnum, offs, len: ilen, hash: hash_new_inode); |
1541 | if (err) |
1542 | goto out_ro; |
1543 | offs += ALIGN(ilen, 8); |
1544 | } |
1545 | |
1546 | if (whiteout) { |
1547 | ino_key_init(c, key: &key, inum: whiteout->i_ino); |
1548 | err = ubifs_tnc_add(c, key: &key, lnum, offs, len: wlen, |
1549 | hash: hash_whiteout_inode); |
1550 | if (err) |
1551 | goto out_ro; |
1552 | offs += ALIGN(wlen, 8); |
1553 | } |
1554 | |
1555 | ino_key_init(c, key: &key, inum: old_dir->i_ino); |
1556 | err = ubifs_tnc_add(c, key: &key, lnum, offs, len: plen, hash: hash_old_dir); |
1557 | if (err) |
1558 | goto out_ro; |
1559 | |
1560 | if (move) { |
1561 | offs += ALIGN(plen, 8); |
1562 | ino_key_init(c, key: &key, inum: new_dir->i_ino); |
1563 | err = ubifs_tnc_add(c, key: &key, lnum, offs, len: plen, hash: hash_new_dir); |
1564 | if (err) |
1565 | goto out_ro; |
1566 | } |
1567 | |
1568 | finish_reservation(c); |
1569 | if (new_inode) { |
1570 | mark_inode_clean(c, ui: new_ui); |
1571 | spin_lock(lock: &new_ui->ui_lock); |
1572 | new_ui->synced_i_size = new_ui->ui_size; |
1573 | spin_unlock(lock: &new_ui->ui_lock); |
1574 | } |
1575 | /* |
1576 | * No need to mark whiteout inode clean. |
1577 | * Whiteout doesn't have non-zero size, no need to update |
1578 | * synced_i_size for whiteout_ui. |
1579 | */ |
1580 | mark_inode_clean(c, ui: ubifs_inode(inode: old_dir)); |
1581 | if (move) |
1582 | mark_inode_clean(c, ui: ubifs_inode(inode: new_dir)); |
1583 | kfree(objp: dent); |
1584 | return 0; |
1585 | |
1586 | out_release: |
1587 | release_head(c, BASEHD); |
1588 | out_ro: |
1589 | ubifs_ro_mode(c, err); |
1590 | if (orphan_added) |
1591 | ubifs_delete_orphan(c, inum: new_inode->i_ino); |
1592 | out_finish: |
1593 | finish_reservation(c); |
1594 | out_free: |
1595 | kfree(objp: dent); |
1596 | return err; |
1597 | } |
1598 | |
1599 | /** |
1600 | * truncate_data_node - re-compress/encrypt a truncated data node. |
1601 | * @c: UBIFS file-system description object |
1602 | * @inode: inode which refers to the data node |
1603 | * @block: data block number |
1604 | * @dn: data node to re-compress |
1605 | * @new_len: new length |
1606 | * @dn_size: size of the data node @dn in memory |
1607 | * |
1608 | * This function is used when an inode is truncated and the last data node of |
1609 | * the inode has to be re-compressed/encrypted and re-written. |
1610 | */ |
1611 | static int truncate_data_node(const struct ubifs_info *c, const struct inode *inode, |
1612 | unsigned int block, struct ubifs_data_node *dn, |
1613 | int *new_len, int dn_size) |
1614 | { |
1615 | void *buf; |
1616 | int err, dlen, compr_type, out_len, data_size; |
1617 | |
1618 | out_len = le32_to_cpu(dn->size); |
1619 | buf = kmalloc_array(n: out_len, WORST_COMPR_FACTOR, GFP_NOFS); |
1620 | if (!buf) |
1621 | return -ENOMEM; |
1622 | |
1623 | dlen = le32_to_cpu(dn->ch.len) - UBIFS_DATA_NODE_SZ; |
1624 | data_size = dn_size - UBIFS_DATA_NODE_SZ; |
1625 | compr_type = le16_to_cpu(dn->compr_type); |
1626 | |
1627 | if (IS_ENCRYPTED(inode)) { |
1628 | err = ubifs_decrypt(inode, dn, out_len: &dlen, block); |
1629 | if (err) |
1630 | goto out; |
1631 | } |
1632 | |
1633 | if (compr_type == UBIFS_COMPR_NONE) { |
1634 | out_len = *new_len; |
1635 | } else { |
1636 | err = ubifs_decompress(c, buf: &dn->data, len: dlen, out: buf, out_len: &out_len, compr_type); |
1637 | if (err) |
1638 | goto out; |
1639 | |
1640 | ubifs_compress(c, in_buf: buf, in_len: *new_len, out_buf: &dn->data, out_len: &out_len, compr_type: &compr_type); |
1641 | } |
1642 | |
1643 | if (IS_ENCRYPTED(inode)) { |
1644 | err = ubifs_encrypt(inode, dn, in_len: out_len, out_len: &data_size, block); |
1645 | if (err) |
1646 | goto out; |
1647 | |
1648 | out_len = data_size; |
1649 | } else { |
1650 | dn->compr_size = 0; |
1651 | } |
1652 | |
1653 | ubifs_assert(c, out_len <= UBIFS_BLOCK_SIZE); |
1654 | dn->compr_type = cpu_to_le16(compr_type); |
1655 | dn->size = cpu_to_le32(*new_len); |
1656 | *new_len = UBIFS_DATA_NODE_SZ + out_len; |
1657 | err = 0; |
1658 | out: |
1659 | kfree(objp: buf); |
1660 | return err; |
1661 | } |
1662 | |
1663 | /** |
1664 | * ubifs_jnl_truncate - update the journal for a truncation. |
1665 | * @c: UBIFS file-system description object |
1666 | * @inode: inode to truncate |
1667 | * @old_size: old size |
1668 | * @new_size: new size |
1669 | * |
1670 | * When the size of a file decreases due to truncation, a truncation node is |
1671 | * written, the journal tree is updated, and the last data block is re-written |
1672 | * if it has been affected. The inode is also updated in order to synchronize |
1673 | * the new inode size. |
1674 | * |
1675 | * This function marks the inode as clean and returns zero on success. In case |
1676 | * of failure, a negative error code is returned. |
1677 | */ |
1678 | int ubifs_jnl_truncate(struct ubifs_info *c, const struct inode *inode, |
1679 | loff_t old_size, loff_t new_size) |
1680 | { |
1681 | union ubifs_key key, to_key; |
1682 | struct ubifs_ino_node *ino; |
1683 | struct ubifs_trun_node *trun; |
1684 | struct ubifs_data_node *dn; |
1685 | int err, dlen, len, lnum, offs, bit, sz, sync = IS_SYNC(inode); |
1686 | int dn_size; |
1687 | struct ubifs_inode *ui = ubifs_inode(inode); |
1688 | ino_t inum = inode->i_ino; |
1689 | unsigned int blk; |
1690 | u8 hash_ino[UBIFS_HASH_ARR_SZ]; |
1691 | u8 hash_dn[UBIFS_HASH_ARR_SZ]; |
1692 | |
1693 | dbg_jnl("ino %lu, size %lld -> %lld" , |
1694 | (unsigned long)inum, old_size, new_size); |
1695 | ubifs_assert(c, !ui->data_len); |
1696 | ubifs_assert(c, S_ISREG(inode->i_mode)); |
1697 | ubifs_assert(c, mutex_is_locked(&ui->ui_mutex)); |
1698 | |
1699 | dn_size = COMPRESSED_DATA_NODE_BUF_SZ; |
1700 | |
1701 | if (IS_ENCRYPTED(inode)) |
1702 | dn_size += UBIFS_CIPHER_BLOCK_SIZE; |
1703 | |
1704 | sz = UBIFS_TRUN_NODE_SZ + UBIFS_INO_NODE_SZ + |
1705 | dn_size + ubifs_auth_node_sz(c); |
1706 | |
1707 | ino = kmalloc(size: sz, GFP_NOFS); |
1708 | if (!ino) |
1709 | return -ENOMEM; |
1710 | |
1711 | trun = (void *)ino + UBIFS_INO_NODE_SZ; |
1712 | trun->ch.node_type = UBIFS_TRUN_NODE; |
1713 | trun->inum = cpu_to_le32(inum); |
1714 | trun->old_size = cpu_to_le64(old_size); |
1715 | trun->new_size = cpu_to_le64(new_size); |
1716 | zero_trun_node_unused(trun); |
1717 | |
1718 | dlen = new_size & (UBIFS_BLOCK_SIZE - 1); |
1719 | if (dlen) { |
1720 | /* Get last data block so it can be truncated */ |
1721 | dn = (void *)trun + UBIFS_TRUN_NODE_SZ; |
1722 | blk = new_size >> UBIFS_BLOCK_SHIFT; |
1723 | data_key_init(c, key: &key, inum, block: blk); |
1724 | dbg_jnlk(&key, "last block key " ); |
1725 | err = ubifs_tnc_lookup(c, key: &key, node: dn); |
1726 | if (err == -ENOENT) |
1727 | dlen = 0; /* Not found (so it is a hole) */ |
1728 | else if (err) |
1729 | goto out_free; |
1730 | else { |
1731 | int dn_len = le32_to_cpu(dn->size); |
1732 | |
1733 | if (dn_len <= 0 || dn_len > UBIFS_BLOCK_SIZE) { |
1734 | ubifs_err(c, fmt: "bad data node (block %u, inode %lu)" , |
1735 | blk, inode->i_ino); |
1736 | ubifs_dump_node(c, node: dn, node_len: dn_size); |
1737 | err = -EUCLEAN; |
1738 | goto out_free; |
1739 | } |
1740 | |
1741 | if (dn_len <= dlen) |
1742 | dlen = 0; /* Nothing to do */ |
1743 | else { |
1744 | err = truncate_data_node(c, inode, block: blk, dn, |
1745 | new_len: &dlen, dn_size); |
1746 | if (err) |
1747 | goto out_free; |
1748 | } |
1749 | } |
1750 | } |
1751 | |
1752 | /* Must make reservation before allocating sequence numbers */ |
1753 | len = UBIFS_TRUN_NODE_SZ + UBIFS_INO_NODE_SZ; |
1754 | |
1755 | if (ubifs_authenticated(c)) |
1756 | len += ALIGN(dlen, 8) + ubifs_auth_node_sz(c); |
1757 | else |
1758 | len += dlen; |
1759 | |
1760 | err = make_reservation(c, BASEHD, len); |
1761 | if (err) |
1762 | goto out_free; |
1763 | |
1764 | pack_inode(c, ino, inode, last: 0); |
1765 | err = ubifs_node_calc_hash(c, buf: ino, hash: hash_ino); |
1766 | if (err) |
1767 | goto out_release; |
1768 | |
1769 | ubifs_prep_grp_node(c, node: trun, UBIFS_TRUN_NODE_SZ, last: dlen ? 0 : 1); |
1770 | if (dlen) { |
1771 | ubifs_prep_grp_node(c, node: dn, len: dlen, last: 1); |
1772 | err = ubifs_node_calc_hash(c, buf: dn, hash: hash_dn); |
1773 | if (err) |
1774 | goto out_release; |
1775 | } |
1776 | |
1777 | err = write_head(c, BASEHD, buf: ino, len, lnum: &lnum, offs: &offs, sync); |
1778 | if (err) |
1779 | goto out_release; |
1780 | if (!sync) |
1781 | ubifs_wbuf_add_ino_nolock(wbuf: &c->jheads[BASEHD].wbuf, inum); |
1782 | release_head(c, BASEHD); |
1783 | |
1784 | ubifs_add_auth_dirt(c, lnum); |
1785 | |
1786 | if (dlen) { |
1787 | sz = offs + UBIFS_INO_NODE_SZ + UBIFS_TRUN_NODE_SZ; |
1788 | err = ubifs_tnc_add(c, key: &key, lnum, offs: sz, len: dlen, hash: hash_dn); |
1789 | if (err) |
1790 | goto out_ro; |
1791 | } |
1792 | |
1793 | ino_key_init(c, key: &key, inum); |
1794 | err = ubifs_tnc_add(c, key: &key, lnum, offs, UBIFS_INO_NODE_SZ, hash: hash_ino); |
1795 | if (err) |
1796 | goto out_ro; |
1797 | |
1798 | err = ubifs_add_dirt(c, lnum, UBIFS_TRUN_NODE_SZ); |
1799 | if (err) |
1800 | goto out_ro; |
1801 | |
1802 | bit = new_size & (UBIFS_BLOCK_SIZE - 1); |
1803 | blk = (new_size >> UBIFS_BLOCK_SHIFT) + (bit ? 1 : 0); |
1804 | data_key_init(c, key: &key, inum, block: blk); |
1805 | |
1806 | bit = old_size & (UBIFS_BLOCK_SIZE - 1); |
1807 | blk = (old_size >> UBIFS_BLOCK_SHIFT) - (bit ? 0 : 1); |
1808 | data_key_init(c, key: &to_key, inum, block: blk); |
1809 | |
1810 | err = ubifs_tnc_remove_range(c, from_key: &key, to_key: &to_key); |
1811 | if (err) |
1812 | goto out_ro; |
1813 | |
1814 | finish_reservation(c); |
1815 | spin_lock(lock: &ui->ui_lock); |
1816 | ui->synced_i_size = ui->ui_size; |
1817 | spin_unlock(lock: &ui->ui_lock); |
1818 | mark_inode_clean(c, ui); |
1819 | kfree(objp: ino); |
1820 | return 0; |
1821 | |
1822 | out_release: |
1823 | release_head(c, BASEHD); |
1824 | out_ro: |
1825 | ubifs_ro_mode(c, err); |
1826 | finish_reservation(c); |
1827 | out_free: |
1828 | kfree(objp: ino); |
1829 | return err; |
1830 | } |
1831 | |
1832 | |
1833 | /** |
1834 | * ubifs_jnl_delete_xattr - delete an extended attribute. |
1835 | * @c: UBIFS file-system description object |
1836 | * @host: host inode |
1837 | * @inode: extended attribute inode |
1838 | * @nm: extended attribute entry name |
1839 | * |
1840 | * This function delete an extended attribute which is very similar to |
1841 | * un-linking regular files - it writes a deletion xentry, a deletion inode and |
1842 | * updates the target inode. Returns zero in case of success and a negative |
1843 | * error code in case of failure. |
1844 | */ |
1845 | int ubifs_jnl_delete_xattr(struct ubifs_info *c, const struct inode *host, |
1846 | const struct inode *inode, |
1847 | const struct fscrypt_name *nm) |
1848 | { |
1849 | int err, xlen, hlen, len, lnum, xent_offs, aligned_xlen, write_len; |
1850 | struct ubifs_dent_node *xent; |
1851 | struct ubifs_ino_node *ino; |
1852 | union ubifs_key xent_key, key1, key2; |
1853 | int sync = IS_DIRSYNC(host); |
1854 | struct ubifs_inode *host_ui = ubifs_inode(inode: host); |
1855 | u8 hash[UBIFS_HASH_ARR_SZ]; |
1856 | |
1857 | ubifs_assert(c, inode->i_nlink == 0); |
1858 | ubifs_assert(c, mutex_is_locked(&host_ui->ui_mutex)); |
1859 | |
1860 | /* |
1861 | * Since we are deleting the inode, we do not bother to attach any data |
1862 | * to it and assume its length is %UBIFS_INO_NODE_SZ. |
1863 | */ |
1864 | xlen = UBIFS_DENT_NODE_SZ + fname_len(nm) + 1; |
1865 | aligned_xlen = ALIGN(xlen, 8); |
1866 | hlen = host_ui->data_len + UBIFS_INO_NODE_SZ; |
1867 | len = aligned_xlen + UBIFS_INO_NODE_SZ + ALIGN(hlen, 8); |
1868 | |
1869 | write_len = len + ubifs_auth_node_sz(c); |
1870 | |
1871 | xent = kzalloc(size: write_len, GFP_NOFS); |
1872 | if (!xent) |
1873 | return -ENOMEM; |
1874 | |
1875 | /* Make reservation before allocating sequence numbers */ |
1876 | err = make_reservation(c, BASEHD, len: write_len); |
1877 | if (err) { |
1878 | kfree(objp: xent); |
1879 | return err; |
1880 | } |
1881 | |
1882 | xent->ch.node_type = UBIFS_XENT_NODE; |
1883 | xent_key_init(c, key: &xent_key, inum: host->i_ino, nm); |
1884 | key_write(c, from: &xent_key, to: xent->key); |
1885 | xent->inum = 0; |
1886 | xent->type = get_dent_type(mode: inode->i_mode); |
1887 | xent->nlen = cpu_to_le16(fname_len(nm)); |
1888 | memcpy(xent->name, fname_name(nm), fname_len(nm)); |
1889 | xent->name[fname_len(nm)] = '\0'; |
1890 | zero_dent_node_unused(dent: xent); |
1891 | ubifs_prep_grp_node(c, node: xent, len: xlen, last: 0); |
1892 | |
1893 | ino = (void *)xent + aligned_xlen; |
1894 | pack_inode(c, ino, inode, last: 0); |
1895 | ino = (void *)ino + UBIFS_INO_NODE_SZ; |
1896 | pack_inode(c, ino, inode: host, last: 1); |
1897 | err = ubifs_node_calc_hash(c, buf: ino, hash); |
1898 | if (err) |
1899 | goto out_release; |
1900 | |
1901 | err = write_head(c, BASEHD, buf: xent, len: write_len, lnum: &lnum, offs: &xent_offs, sync); |
1902 | if (!sync && !err) |
1903 | ubifs_wbuf_add_ino_nolock(wbuf: &c->jheads[BASEHD].wbuf, inum: host->i_ino); |
1904 | release_head(c, BASEHD); |
1905 | |
1906 | ubifs_add_auth_dirt(c, lnum); |
1907 | kfree(objp: xent); |
1908 | if (err) |
1909 | goto out_ro; |
1910 | |
1911 | /* Remove the extended attribute entry from TNC */ |
1912 | err = ubifs_tnc_remove_nm(c, key: &xent_key, nm); |
1913 | if (err) |
1914 | goto out_ro; |
1915 | err = ubifs_add_dirt(c, lnum, dirty: xlen); |
1916 | if (err) |
1917 | goto out_ro; |
1918 | |
1919 | /* |
1920 | * Remove all nodes belonging to the extended attribute inode from TNC. |
1921 | * Well, there actually must be only one node - the inode itself. |
1922 | */ |
1923 | lowest_ino_key(c, key: &key1, inum: inode->i_ino); |
1924 | highest_ino_key(c, key: &key2, inum: inode->i_ino); |
1925 | err = ubifs_tnc_remove_range(c, from_key: &key1, to_key: &key2); |
1926 | if (err) |
1927 | goto out_ro; |
1928 | err = ubifs_add_dirt(c, lnum, UBIFS_INO_NODE_SZ); |
1929 | if (err) |
1930 | goto out_ro; |
1931 | |
1932 | /* And update TNC with the new host inode position */ |
1933 | ino_key_init(c, key: &key1, inum: host->i_ino); |
1934 | err = ubifs_tnc_add(c, key: &key1, lnum, offs: xent_offs + len - hlen, len: hlen, hash); |
1935 | if (err) |
1936 | goto out_ro; |
1937 | |
1938 | finish_reservation(c); |
1939 | spin_lock(lock: &host_ui->ui_lock); |
1940 | host_ui->synced_i_size = host_ui->ui_size; |
1941 | spin_unlock(lock: &host_ui->ui_lock); |
1942 | mark_inode_clean(c, ui: host_ui); |
1943 | return 0; |
1944 | |
1945 | out_release: |
1946 | kfree(objp: xent); |
1947 | release_head(c, BASEHD); |
1948 | out_ro: |
1949 | ubifs_ro_mode(c, err); |
1950 | finish_reservation(c); |
1951 | return err; |
1952 | } |
1953 | |
1954 | /** |
1955 | * ubifs_jnl_change_xattr - change an extended attribute. |
1956 | * @c: UBIFS file-system description object |
1957 | * @inode: extended attribute inode |
1958 | * @host: host inode |
1959 | * |
1960 | * This function writes the updated version of an extended attribute inode and |
1961 | * the host inode to the journal (to the base head). The host inode is written |
1962 | * after the extended attribute inode in order to guarantee that the extended |
1963 | * attribute will be flushed when the inode is synchronized by 'fsync()' and |
1964 | * consequently, the write-buffer is synchronized. This function returns zero |
1965 | * in case of success and a negative error code in case of failure. |
1966 | */ |
1967 | int ubifs_jnl_change_xattr(struct ubifs_info *c, const struct inode *inode, |
1968 | const struct inode *host) |
1969 | { |
1970 | int err, len1, len2, aligned_len, aligned_len1, lnum, offs; |
1971 | struct ubifs_inode *host_ui = ubifs_inode(inode: host); |
1972 | struct ubifs_ino_node *ino; |
1973 | union ubifs_key key; |
1974 | int sync = IS_DIRSYNC(host); |
1975 | u8 hash_host[UBIFS_HASH_ARR_SZ]; |
1976 | u8 hash[UBIFS_HASH_ARR_SZ]; |
1977 | |
1978 | dbg_jnl("ino %lu, ino %lu" , host->i_ino, inode->i_ino); |
1979 | ubifs_assert(c, inode->i_nlink > 0); |
1980 | ubifs_assert(c, mutex_is_locked(&host_ui->ui_mutex)); |
1981 | |
1982 | len1 = UBIFS_INO_NODE_SZ + host_ui->data_len; |
1983 | len2 = UBIFS_INO_NODE_SZ + ubifs_inode(inode)->data_len; |
1984 | aligned_len1 = ALIGN(len1, 8); |
1985 | aligned_len = aligned_len1 + ALIGN(len2, 8); |
1986 | |
1987 | aligned_len += ubifs_auth_node_sz(c); |
1988 | |
1989 | ino = kzalloc(size: aligned_len, GFP_NOFS); |
1990 | if (!ino) |
1991 | return -ENOMEM; |
1992 | |
1993 | /* Make reservation before allocating sequence numbers */ |
1994 | err = make_reservation(c, BASEHD, len: aligned_len); |
1995 | if (err) |
1996 | goto out_free; |
1997 | |
1998 | pack_inode(c, ino, inode: host, last: 0); |
1999 | err = ubifs_node_calc_hash(c, buf: ino, hash: hash_host); |
2000 | if (err) |
2001 | goto out_release; |
2002 | pack_inode(c, ino: (void *)ino + aligned_len1, inode, last: 1); |
2003 | err = ubifs_node_calc_hash(c, buf: (void *)ino + aligned_len1, hash); |
2004 | if (err) |
2005 | goto out_release; |
2006 | |
2007 | err = write_head(c, BASEHD, buf: ino, len: aligned_len, lnum: &lnum, offs: &offs, sync: 0); |
2008 | if (!sync && !err) { |
2009 | struct ubifs_wbuf *wbuf = &c->jheads[BASEHD].wbuf; |
2010 | |
2011 | ubifs_wbuf_add_ino_nolock(wbuf, inum: host->i_ino); |
2012 | ubifs_wbuf_add_ino_nolock(wbuf, inum: inode->i_ino); |
2013 | } |
2014 | release_head(c, BASEHD); |
2015 | if (err) |
2016 | goto out_ro; |
2017 | |
2018 | ubifs_add_auth_dirt(c, lnum); |
2019 | |
2020 | ino_key_init(c, key: &key, inum: host->i_ino); |
2021 | err = ubifs_tnc_add(c, key: &key, lnum, offs, len: len1, hash: hash_host); |
2022 | if (err) |
2023 | goto out_ro; |
2024 | |
2025 | ino_key_init(c, key: &key, inum: inode->i_ino); |
2026 | err = ubifs_tnc_add(c, key: &key, lnum, offs: offs + aligned_len1, len: len2, hash); |
2027 | if (err) |
2028 | goto out_ro; |
2029 | |
2030 | finish_reservation(c); |
2031 | spin_lock(lock: &host_ui->ui_lock); |
2032 | host_ui->synced_i_size = host_ui->ui_size; |
2033 | spin_unlock(lock: &host_ui->ui_lock); |
2034 | mark_inode_clean(c, ui: host_ui); |
2035 | kfree(objp: ino); |
2036 | return 0; |
2037 | |
2038 | out_release: |
2039 | release_head(c, BASEHD); |
2040 | out_ro: |
2041 | ubifs_ro_mode(c, err); |
2042 | finish_reservation(c); |
2043 | out_free: |
2044 | kfree(objp: ino); |
2045 | return err; |
2046 | } |
2047 | |
2048 | |