1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3 * NILFS recovery logic
4 *
5 * Copyright (C) 2005-2008 Nippon Telegraph and Telephone Corporation.
6 *
7 * Written by Ryusuke Konishi.
8 */
9
10 #include <linux/buffer_head.h>
11 #include <linux/blkdev.h>
12 #include <linux/swap.h>
13 #include <linux/slab.h>
14 #include <linux/crc32.h>
15 #include "nilfs.h"
16 #include "segment.h"
17 #include "sufile.h"
18 #include "page.h"
19 #include "segbuf.h"
20
21 /*
22 * Segment check result
23 */
24 enum {
25 NILFS_SEG_VALID,
26 NILFS_SEG_NO_SUPER_ROOT,
27 NILFS_SEG_FAIL_IO,
28 NILFS_SEG_FAIL_MAGIC,
29 NILFS_SEG_FAIL_SEQ,
30 NILFS_SEG_FAIL_CHECKSUM_SUPER_ROOT,
31 NILFS_SEG_FAIL_CHECKSUM_FULL,
32 NILFS_SEG_FAIL_CONSISTENCY,
33 };
34
35 /* work structure for recovery */
36 struct nilfs_recovery_block {
37 ino_t ino; /*
38 * Inode number of the file that this block
39 * belongs to
40 */
41 sector_t blocknr; /* block number */
42 __u64 vblocknr; /* virtual block number */
43 unsigned long blkoff; /* File offset of the data block (per block) */
44 struct list_head list;
45 };
46
47
nilfs_warn_segment_error(struct super_block * sb,int err)48 static int nilfs_warn_segment_error(struct super_block *sb, int err)
49 {
50 const char *msg = NULL;
51
52 switch (err) {
53 case NILFS_SEG_FAIL_IO:
54 nilfs_err(sb, "I/O error reading segment");
55 return -EIO;
56 case NILFS_SEG_FAIL_MAGIC:
57 msg = "Magic number mismatch";
58 break;
59 case NILFS_SEG_FAIL_SEQ:
60 msg = "Sequence number mismatch";
61 break;
62 case NILFS_SEG_FAIL_CHECKSUM_SUPER_ROOT:
63 msg = "Checksum error in super root";
64 break;
65 case NILFS_SEG_FAIL_CHECKSUM_FULL:
66 msg = "Checksum error in segment payload";
67 break;
68 case NILFS_SEG_FAIL_CONSISTENCY:
69 msg = "Inconsistency found";
70 break;
71 case NILFS_SEG_NO_SUPER_ROOT:
72 msg = "No super root in the last segment";
73 break;
74 default:
75 nilfs_err(sb, "unrecognized segment error %d", err);
76 return -EINVAL;
77 }
78 nilfs_warn(sb, "invalid segment: %s", msg);
79 return -EINVAL;
80 }
81
82 /**
83 * nilfs_compute_checksum - compute checksum of blocks continuously
84 * @nilfs: nilfs object
85 * @bhs: buffer head of start block
86 * @sum: place to store result
87 * @offset: offset bytes in the first block
88 * @check_bytes: number of bytes to be checked
89 * @start: DBN of start block
90 * @nblock: number of blocks to be checked
91 */
nilfs_compute_checksum(struct the_nilfs * nilfs,struct buffer_head * bhs,u32 * sum,unsigned long offset,u64 check_bytes,sector_t start,unsigned long nblock)92 static int nilfs_compute_checksum(struct the_nilfs *nilfs,
93 struct buffer_head *bhs, u32 *sum,
94 unsigned long offset, u64 check_bytes,
95 sector_t start, unsigned long nblock)
96 {
97 unsigned int blocksize = nilfs->ns_blocksize;
98 unsigned long size;
99 u32 crc;
100
101 BUG_ON(offset >= blocksize);
102 check_bytes -= offset;
103 size = min_t(u64, check_bytes, blocksize - offset);
104 crc = crc32_le(nilfs->ns_crc_seed,
105 (unsigned char *)bhs->b_data + offset, size);
106 if (--nblock > 0) {
107 do {
108 struct buffer_head *bh;
109
110 bh = __bread(nilfs->ns_bdev, ++start, blocksize);
111 if (!bh)
112 return -EIO;
113 check_bytes -= size;
114 size = min_t(u64, check_bytes, blocksize);
115 crc = crc32_le(crc, bh->b_data, size);
116 brelse(bh);
117 } while (--nblock > 0);
118 }
119 *sum = crc;
120 return 0;
121 }
122
123 /**
124 * nilfs_read_super_root_block - read super root block
125 * @nilfs: nilfs object
126 * @sr_block: disk block number of the super root block
127 * @pbh: address of a buffer_head pointer to return super root buffer
128 * @check: CRC check flag
129 */
nilfs_read_super_root_block(struct the_nilfs * nilfs,sector_t sr_block,struct buffer_head ** pbh,int check)130 int nilfs_read_super_root_block(struct the_nilfs *nilfs, sector_t sr_block,
131 struct buffer_head **pbh, int check)
132 {
133 struct buffer_head *bh_sr;
134 struct nilfs_super_root *sr;
135 u32 crc;
136 int ret;
137
138 *pbh = NULL;
139 bh_sr = __bread(nilfs->ns_bdev, sr_block, nilfs->ns_blocksize);
140 if (unlikely(!bh_sr)) {
141 ret = NILFS_SEG_FAIL_IO;
142 goto failed;
143 }
144
145 sr = (struct nilfs_super_root *)bh_sr->b_data;
146 if (check) {
147 unsigned int bytes = le16_to_cpu(sr->sr_bytes);
148
149 if (bytes == 0 || bytes > nilfs->ns_blocksize) {
150 ret = NILFS_SEG_FAIL_CHECKSUM_SUPER_ROOT;
151 goto failed_bh;
152 }
153 if (nilfs_compute_checksum(
154 nilfs, bh_sr, &crc, sizeof(sr->sr_sum), bytes,
155 sr_block, 1)) {
156 ret = NILFS_SEG_FAIL_IO;
157 goto failed_bh;
158 }
159 if (crc != le32_to_cpu(sr->sr_sum)) {
160 ret = NILFS_SEG_FAIL_CHECKSUM_SUPER_ROOT;
161 goto failed_bh;
162 }
163 }
164 *pbh = bh_sr;
165 return 0;
166
167 failed_bh:
168 brelse(bh_sr);
169
170 failed:
171 return nilfs_warn_segment_error(nilfs->ns_sb, ret);
172 }
173
174 /**
175 * nilfs_read_log_header - read summary header of the specified log
176 * @nilfs: nilfs object
177 * @start_blocknr: start block number of the log
178 * @sum: pointer to return segment summary structure
179 */
180 static struct buffer_head *
nilfs_read_log_header(struct the_nilfs * nilfs,sector_t start_blocknr,struct nilfs_segment_summary ** sum)181 nilfs_read_log_header(struct the_nilfs *nilfs, sector_t start_blocknr,
182 struct nilfs_segment_summary **sum)
183 {
184 struct buffer_head *bh_sum;
185
186 bh_sum = __bread(nilfs->ns_bdev, start_blocknr, nilfs->ns_blocksize);
187 if (bh_sum)
188 *sum = (struct nilfs_segment_summary *)bh_sum->b_data;
189 return bh_sum;
190 }
191
192 /**
193 * nilfs_validate_log - verify consistency of log
194 * @nilfs: nilfs object
195 * @seg_seq: sequence number of segment
196 * @bh_sum: buffer head of summary block
197 * @sum: segment summary struct
198 */
nilfs_validate_log(struct the_nilfs * nilfs,u64 seg_seq,struct buffer_head * bh_sum,struct nilfs_segment_summary * sum)199 static int nilfs_validate_log(struct the_nilfs *nilfs, u64 seg_seq,
200 struct buffer_head *bh_sum,
201 struct nilfs_segment_summary *sum)
202 {
203 unsigned long nblock;
204 u32 crc;
205 int ret;
206
207 ret = NILFS_SEG_FAIL_MAGIC;
208 if (le32_to_cpu(sum->ss_magic) != NILFS_SEGSUM_MAGIC)
209 goto out;
210
211 ret = NILFS_SEG_FAIL_SEQ;
212 if (le64_to_cpu(sum->ss_seq) != seg_seq)
213 goto out;
214
215 nblock = le32_to_cpu(sum->ss_nblocks);
216 ret = NILFS_SEG_FAIL_CONSISTENCY;
217 if (unlikely(nblock == 0 || nblock > nilfs->ns_blocks_per_segment))
218 /* This limits the number of blocks read in the CRC check */
219 goto out;
220
221 ret = NILFS_SEG_FAIL_IO;
222 if (nilfs_compute_checksum(nilfs, bh_sum, &crc, sizeof(sum->ss_datasum),
223 ((u64)nblock << nilfs->ns_blocksize_bits),
224 bh_sum->b_blocknr, nblock))
225 goto out;
226
227 ret = NILFS_SEG_FAIL_CHECKSUM_FULL;
228 if (crc != le32_to_cpu(sum->ss_datasum))
229 goto out;
230 ret = 0;
231 out:
232 return ret;
233 }
234
235 /**
236 * nilfs_read_summary_info - read an item on summary blocks of a log
237 * @nilfs: nilfs object
238 * @pbh: the current buffer head on summary blocks [in, out]
239 * @offset: the current byte offset on summary blocks [in, out]
240 * @bytes: byte size of the item to be read
241 */
nilfs_read_summary_info(struct the_nilfs * nilfs,struct buffer_head ** pbh,unsigned int * offset,unsigned int bytes)242 static void *nilfs_read_summary_info(struct the_nilfs *nilfs,
243 struct buffer_head **pbh,
244 unsigned int *offset, unsigned int bytes)
245 {
246 void *ptr;
247 sector_t blocknr;
248
249 BUG_ON((*pbh)->b_size < *offset);
250 if (bytes > (*pbh)->b_size - *offset) {
251 blocknr = (*pbh)->b_blocknr;
252 brelse(*pbh);
253 *pbh = __bread(nilfs->ns_bdev, blocknr + 1,
254 nilfs->ns_blocksize);
255 if (unlikely(!*pbh))
256 return NULL;
257 *offset = 0;
258 }
259 ptr = (*pbh)->b_data + *offset;
260 *offset += bytes;
261 return ptr;
262 }
263
264 /**
265 * nilfs_skip_summary_info - skip items on summary blocks of a log
266 * @nilfs: nilfs object
267 * @pbh: the current buffer head on summary blocks [in, out]
268 * @offset: the current byte offset on summary blocks [in, out]
269 * @bytes: byte size of the item to be skipped
270 * @count: number of items to be skipped
271 */
nilfs_skip_summary_info(struct the_nilfs * nilfs,struct buffer_head ** pbh,unsigned int * offset,unsigned int bytes,unsigned long count)272 static void nilfs_skip_summary_info(struct the_nilfs *nilfs,
273 struct buffer_head **pbh,
274 unsigned int *offset, unsigned int bytes,
275 unsigned long count)
276 {
277 unsigned int rest_item_in_current_block
278 = ((*pbh)->b_size - *offset) / bytes;
279
280 if (count <= rest_item_in_current_block) {
281 *offset += bytes * count;
282 } else {
283 sector_t blocknr = (*pbh)->b_blocknr;
284 unsigned int nitem_per_block = (*pbh)->b_size / bytes;
285 unsigned int bcnt;
286
287 count -= rest_item_in_current_block;
288 bcnt = DIV_ROUND_UP(count, nitem_per_block);
289 *offset = bytes * (count - (bcnt - 1) * nitem_per_block);
290
291 brelse(*pbh);
292 *pbh = __bread(nilfs->ns_bdev, blocknr + bcnt,
293 nilfs->ns_blocksize);
294 }
295 }
296
297 /**
298 * nilfs_scan_dsync_log - get block information of a log written for data sync
299 * @nilfs: nilfs object
300 * @start_blocknr: start block number of the log
301 * @sum: log summary information
302 * @head: list head to add nilfs_recovery_block struct
303 */
nilfs_scan_dsync_log(struct the_nilfs * nilfs,sector_t start_blocknr,struct nilfs_segment_summary * sum,struct list_head * head)304 static int nilfs_scan_dsync_log(struct the_nilfs *nilfs, sector_t start_blocknr,
305 struct nilfs_segment_summary *sum,
306 struct list_head *head)
307 {
308 struct buffer_head *bh;
309 unsigned int offset;
310 u32 nfinfo, sumbytes;
311 sector_t blocknr;
312 ino_t ino;
313 int err = -EIO;
314
315 nfinfo = le32_to_cpu(sum->ss_nfinfo);
316 if (!nfinfo)
317 return 0;
318
319 sumbytes = le32_to_cpu(sum->ss_sumbytes);
320 blocknr = start_blocknr + DIV_ROUND_UP(sumbytes, nilfs->ns_blocksize);
321 bh = __bread(nilfs->ns_bdev, start_blocknr, nilfs->ns_blocksize);
322 if (unlikely(!bh))
323 goto out;
324
325 offset = le16_to_cpu(sum->ss_bytes);
326 for (;;) {
327 unsigned long nblocks, ndatablk, nnodeblk;
328 struct nilfs_finfo *finfo;
329
330 finfo = nilfs_read_summary_info(nilfs, &bh, &offset,
331 sizeof(*finfo));
332 if (unlikely(!finfo))
333 goto out;
334
335 ino = le64_to_cpu(finfo->fi_ino);
336 nblocks = le32_to_cpu(finfo->fi_nblocks);
337 ndatablk = le32_to_cpu(finfo->fi_ndatablk);
338 nnodeblk = nblocks - ndatablk;
339
340 while (ndatablk-- > 0) {
341 struct nilfs_recovery_block *rb;
342 struct nilfs_binfo_v *binfo;
343
344 binfo = nilfs_read_summary_info(nilfs, &bh, &offset,
345 sizeof(*binfo));
346 if (unlikely(!binfo))
347 goto out;
348
349 rb = kmalloc(sizeof(*rb), GFP_NOFS);
350 if (unlikely(!rb)) {
351 err = -ENOMEM;
352 goto out;
353 }
354 rb->ino = ino;
355 rb->blocknr = blocknr++;
356 rb->vblocknr = le64_to_cpu(binfo->bi_vblocknr);
357 rb->blkoff = le64_to_cpu(binfo->bi_blkoff);
358 /* INIT_LIST_HEAD(&rb->list); */
359 list_add_tail(&rb->list, head);
360 }
361 if (--nfinfo == 0)
362 break;
363 blocknr += nnodeblk; /* always 0 for data sync logs */
364 nilfs_skip_summary_info(nilfs, &bh, &offset, sizeof(__le64),
365 nnodeblk);
366 if (unlikely(!bh))
367 goto out;
368 }
369 err = 0;
370 out:
371 brelse(bh); /* brelse(NULL) is just ignored */
372 return err;
373 }
374
dispose_recovery_list(struct list_head * head)375 static void dispose_recovery_list(struct list_head *head)
376 {
377 while (!list_empty(head)) {
378 struct nilfs_recovery_block *rb;
379
380 rb = list_first_entry(head, struct nilfs_recovery_block, list);
381 list_del(&rb->list);
382 kfree(rb);
383 }
384 }
385
386 struct nilfs_segment_entry {
387 struct list_head list;
388 __u64 segnum;
389 };
390
nilfs_segment_list_add(struct list_head * head,__u64 segnum)391 static int nilfs_segment_list_add(struct list_head *head, __u64 segnum)
392 {
393 struct nilfs_segment_entry *ent = kmalloc(sizeof(*ent), GFP_NOFS);
394
395 if (unlikely(!ent))
396 return -ENOMEM;
397
398 ent->segnum = segnum;
399 INIT_LIST_HEAD(&ent->list);
400 list_add_tail(&ent->list, head);
401 return 0;
402 }
403
nilfs_dispose_segment_list(struct list_head * head)404 void nilfs_dispose_segment_list(struct list_head *head)
405 {
406 while (!list_empty(head)) {
407 struct nilfs_segment_entry *ent;
408
409 ent = list_first_entry(head, struct nilfs_segment_entry, list);
410 list_del(&ent->list);
411 kfree(ent);
412 }
413 }
414
nilfs_prepare_segment_for_recovery(struct the_nilfs * nilfs,struct super_block * sb,struct nilfs_recovery_info * ri)415 static int nilfs_prepare_segment_for_recovery(struct the_nilfs *nilfs,
416 struct super_block *sb,
417 struct nilfs_recovery_info *ri)
418 {
419 struct list_head *head = &ri->ri_used_segments;
420 struct nilfs_segment_entry *ent, *n;
421 struct inode *sufile = nilfs->ns_sufile;
422 __u64 segnum[4];
423 int err;
424 int i;
425
426 segnum[0] = nilfs->ns_segnum;
427 segnum[1] = nilfs->ns_nextnum;
428 segnum[2] = ri->ri_segnum;
429 segnum[3] = ri->ri_nextnum;
430
431 /*
432 * Releasing the next segment of the latest super root.
433 * The next segment is invalidated by this recovery.
434 */
435 err = nilfs_sufile_free(sufile, segnum[1]);
436 if (unlikely(err)) {
437 if (err == -ENOENT) {
438 nilfs_err(sb,
439 "checkpoint log inconsistency at block %llu (segment %llu): next segment %llu is unallocated",
440 (unsigned long long)nilfs->ns_last_pseg,
441 (unsigned long long)nilfs->ns_segnum,
442 (unsigned long long)segnum[1]);
443 err = -EINVAL;
444 }
445 goto failed;
446 }
447
448 for (i = 1; i < 4; i++) {
449 err = nilfs_segment_list_add(head, segnum[i]);
450 if (unlikely(err))
451 goto failed;
452 }
453
454 /*
455 * Collecting segments written after the latest super root.
456 * These are marked dirty to avoid being reallocated in the next write.
457 */
458 list_for_each_entry_safe(ent, n, head, list) {
459 if (ent->segnum != segnum[0]) {
460 err = nilfs_sufile_scrap(sufile, ent->segnum);
461 if (unlikely(err))
462 goto failed;
463 }
464 list_del(&ent->list);
465 kfree(ent);
466 }
467
468 /* Allocate new segments for recovery */
469 err = nilfs_sufile_alloc(sufile, &segnum[0]);
470 if (unlikely(err))
471 goto failed;
472
473 nilfs->ns_pseg_offset = 0;
474 nilfs->ns_seg_seq = ri->ri_seq + 2;
475 nilfs->ns_nextnum = nilfs->ns_segnum = segnum[0];
476
477 failed:
478 /* No need to recover sufile because it will be destroyed on error */
479 return err;
480 }
481
nilfs_recovery_copy_block(struct the_nilfs * nilfs,struct nilfs_recovery_block * rb,loff_t pos,struct folio * folio)482 static int nilfs_recovery_copy_block(struct the_nilfs *nilfs,
483 struct nilfs_recovery_block *rb,
484 loff_t pos, struct folio *folio)
485 {
486 struct buffer_head *bh_org;
487 size_t from = offset_in_folio(folio, pos);
488
489 bh_org = __bread(nilfs->ns_bdev, rb->blocknr, nilfs->ns_blocksize);
490 if (unlikely(!bh_org))
491 return -EIO;
492
493 memcpy_to_folio(folio, from, bh_org->b_data, bh_org->b_size);
494 brelse(bh_org);
495 return 0;
496 }
497
nilfs_recover_dsync_blocks(struct the_nilfs * nilfs,struct super_block * sb,struct nilfs_root * root,struct list_head * head,unsigned long * nr_salvaged_blocks)498 static int nilfs_recover_dsync_blocks(struct the_nilfs *nilfs,
499 struct super_block *sb,
500 struct nilfs_root *root,
501 struct list_head *head,
502 unsigned long *nr_salvaged_blocks)
503 {
504 struct inode *inode;
505 struct nilfs_recovery_block *rb, *n;
506 unsigned int blocksize = nilfs->ns_blocksize;
507 struct folio *folio;
508 loff_t pos;
509 int err = 0, err2 = 0;
510
511 list_for_each_entry_safe(rb, n, head, list) {
512 inode = nilfs_iget(sb, root, rb->ino);
513 if (IS_ERR(inode)) {
514 err = PTR_ERR(inode);
515 inode = NULL;
516 goto failed_inode;
517 }
518
519 pos = rb->blkoff << inode->i_blkbits;
520 err = block_write_begin(inode->i_mapping, pos, blocksize,
521 &folio, nilfs_get_block);
522 if (unlikely(err)) {
523 loff_t isize = inode->i_size;
524
525 if (pos + blocksize > isize)
526 nilfs_write_failed(inode->i_mapping,
527 pos + blocksize);
528 goto failed_inode;
529 }
530
531 err = nilfs_recovery_copy_block(nilfs, rb, pos, folio);
532 if (unlikely(err))
533 goto failed_folio;
534
535 err = nilfs_set_file_dirty(inode, 1);
536 if (unlikely(err))
537 goto failed_folio;
538
539 block_write_end(NULL, inode->i_mapping, pos, blocksize,
540 blocksize, folio, NULL);
541
542 folio_unlock(folio);
543 folio_put(folio);
544
545 (*nr_salvaged_blocks)++;
546 goto next;
547
548 failed_folio:
549 folio_unlock(folio);
550 folio_put(folio);
551
552 failed_inode:
553 nilfs_warn(sb,
554 "error %d recovering data block (ino=%lu, block-offset=%llu)",
555 err, (unsigned long)rb->ino,
556 (unsigned long long)rb->blkoff);
557 if (!err2)
558 err2 = err;
559 next:
560 iput(inode); /* iput(NULL) is just ignored */
561 list_del_init(&rb->list);
562 kfree(rb);
563 }
564 return err2;
565 }
566
567 /**
568 * nilfs_do_roll_forward - salvage logical segments newer than the latest
569 * checkpoint
570 * @nilfs: nilfs object
571 * @sb: super block instance
572 * @root: NILFS root instance
573 * @ri: pointer to a nilfs_recovery_info
574 */
nilfs_do_roll_forward(struct the_nilfs * nilfs,struct super_block * sb,struct nilfs_root * root,struct nilfs_recovery_info * ri)575 static int nilfs_do_roll_forward(struct the_nilfs *nilfs,
576 struct super_block *sb,
577 struct nilfs_root *root,
578 struct nilfs_recovery_info *ri)
579 {
580 struct buffer_head *bh_sum = NULL;
581 struct nilfs_segment_summary *sum = NULL;
582 sector_t pseg_start;
583 sector_t seg_start, seg_end; /* Starting/ending DBN of full segment */
584 unsigned long nsalvaged_blocks = 0;
585 unsigned int flags;
586 u64 seg_seq;
587 __u64 segnum, nextnum = 0;
588 int empty_seg = 0;
589 int err = 0, ret;
590 LIST_HEAD(dsync_blocks); /* list of data blocks to be recovered */
591 enum {
592 RF_INIT_ST,
593 RF_DSYNC_ST, /* scanning data-sync segments */
594 };
595 int state = RF_INIT_ST;
596
597 pseg_start = ri->ri_lsegs_start;
598 seg_seq = ri->ri_lsegs_start_seq;
599 segnum = nilfs_get_segnum_of_block(nilfs, pseg_start);
600 nilfs_get_segment_range(nilfs, segnum, &seg_start, &seg_end);
601
602 while (segnum != ri->ri_segnum || pseg_start <= ri->ri_pseg_start) {
603 brelse(bh_sum);
604 bh_sum = nilfs_read_log_header(nilfs, pseg_start, &sum);
605 if (!bh_sum) {
606 err = -EIO;
607 goto failed;
608 }
609
610 ret = nilfs_validate_log(nilfs, seg_seq, bh_sum, sum);
611 if (ret) {
612 if (ret == NILFS_SEG_FAIL_IO) {
613 err = -EIO;
614 goto failed;
615 }
616 goto strayed;
617 }
618
619 flags = le16_to_cpu(sum->ss_flags);
620 if (flags & NILFS_SS_SR)
621 goto confused;
622
623 /* Found a valid partial segment; do recovery actions */
624 nextnum = nilfs_get_segnum_of_block(nilfs,
625 le64_to_cpu(sum->ss_next));
626 empty_seg = 0;
627 nilfs->ns_ctime = le64_to_cpu(sum->ss_create);
628 if (!(flags & NILFS_SS_GC))
629 nilfs->ns_nongc_ctime = nilfs->ns_ctime;
630
631 switch (state) {
632 case RF_INIT_ST:
633 if (!(flags & NILFS_SS_LOGBGN) ||
634 !(flags & NILFS_SS_SYNDT))
635 goto try_next_pseg;
636 state = RF_DSYNC_ST;
637 fallthrough;
638 case RF_DSYNC_ST:
639 if (!(flags & NILFS_SS_SYNDT))
640 goto confused;
641
642 err = nilfs_scan_dsync_log(nilfs, pseg_start, sum,
643 &dsync_blocks);
644 if (unlikely(err))
645 goto failed;
646 if (flags & NILFS_SS_LOGEND) {
647 err = nilfs_recover_dsync_blocks(
648 nilfs, sb, root, &dsync_blocks,
649 &nsalvaged_blocks);
650 if (unlikely(err))
651 goto failed;
652 state = RF_INIT_ST;
653 }
654 break; /* Fall through to try_next_pseg */
655 }
656
657 try_next_pseg:
658 if (pseg_start == ri->ri_lsegs_end)
659 break;
660 pseg_start += le32_to_cpu(sum->ss_nblocks);
661 if (pseg_start < seg_end)
662 continue;
663 goto feed_segment;
664
665 strayed:
666 if (pseg_start == ri->ri_lsegs_end)
667 break;
668
669 feed_segment:
670 /* Looking to the next full segment */
671 if (empty_seg++)
672 break;
673 seg_seq++;
674 segnum = nextnum;
675 nilfs_get_segment_range(nilfs, segnum, &seg_start, &seg_end);
676 pseg_start = seg_start;
677 }
678
679 if (nsalvaged_blocks) {
680 nilfs_info(sb, "salvaged %lu blocks", nsalvaged_blocks);
681 ri->ri_need_recovery = NILFS_RECOVERY_ROLLFORWARD_DONE;
682 }
683 out:
684 brelse(bh_sum);
685 dispose_recovery_list(&dsync_blocks);
686 return err;
687
688 confused:
689 err = -EINVAL;
690 failed:
691 nilfs_err(sb,
692 "error %d roll-forwarding partial segment at blocknr = %llu",
693 err, (unsigned long long)pseg_start);
694 goto out;
695 }
696
nilfs_finish_roll_forward(struct the_nilfs * nilfs,struct nilfs_recovery_info * ri)697 static void nilfs_finish_roll_forward(struct the_nilfs *nilfs,
698 struct nilfs_recovery_info *ri)
699 {
700 struct buffer_head *bh;
701 int err;
702
703 if (nilfs_get_segnum_of_block(nilfs, ri->ri_lsegs_start) !=
704 nilfs_get_segnum_of_block(nilfs, ri->ri_super_root))
705 return;
706
707 bh = __getblk(nilfs->ns_bdev, ri->ri_lsegs_start, nilfs->ns_blocksize);
708 if (WARN_ON(!bh))
709 return; /* should never happen */
710
711 lock_buffer(bh);
712 memset(bh->b_data, 0, bh->b_size);
713 set_buffer_uptodate(bh);
714 set_buffer_dirty(bh);
715 unlock_buffer(bh);
716
717 err = sync_dirty_buffer(bh);
718 if (unlikely(err))
719 nilfs_warn(nilfs->ns_sb,
720 "buffer sync write failed during post-cleaning of recovery.");
721 brelse(bh);
722 }
723
724 /**
725 * nilfs_abort_roll_forward - cleaning up after a failed rollforward recovery
726 * @nilfs: nilfs object
727 */
nilfs_abort_roll_forward(struct the_nilfs * nilfs)728 static void nilfs_abort_roll_forward(struct the_nilfs *nilfs)
729 {
730 struct nilfs_inode_info *ii, *n;
731 LIST_HEAD(head);
732
733 /* Abandon inodes that have read recovery data */
734 spin_lock(&nilfs->ns_inode_lock);
735 list_splice_init(&nilfs->ns_dirty_files, &head);
736 spin_unlock(&nilfs->ns_inode_lock);
737 if (list_empty(&head))
738 return;
739
740 set_nilfs_purging(nilfs);
741 list_for_each_entry_safe(ii, n, &head, i_dirty) {
742 spin_lock(&nilfs->ns_inode_lock);
743 list_del_init(&ii->i_dirty);
744 spin_unlock(&nilfs->ns_inode_lock);
745
746 iput(&ii->vfs_inode);
747 }
748 clear_nilfs_purging(nilfs);
749 }
750
751 /**
752 * nilfs_salvage_orphan_logs - salvage logs written after the latest checkpoint
753 * @nilfs: nilfs object
754 * @sb: super block instance
755 * @ri: pointer to a nilfs_recovery_info struct to store search results.
756 *
757 * Return Value: On success, 0 is returned. On error, one of the following
758 * negative error code is returned.
759 *
760 * %-EINVAL - Inconsistent filesystem state.
761 *
762 * %-EIO - I/O error
763 *
764 * %-ENOSPC - No space left on device (only in a panic state).
765 *
766 * %-ERESTARTSYS - Interrupted.
767 *
768 * %-ENOMEM - Insufficient memory available.
769 */
nilfs_salvage_orphan_logs(struct the_nilfs * nilfs,struct super_block * sb,struct nilfs_recovery_info * ri)770 int nilfs_salvage_orphan_logs(struct the_nilfs *nilfs,
771 struct super_block *sb,
772 struct nilfs_recovery_info *ri)
773 {
774 struct nilfs_root *root;
775 int err;
776
777 if (ri->ri_lsegs_start == 0 || ri->ri_lsegs_end == 0)
778 return 0;
779
780 err = nilfs_attach_checkpoint(sb, ri->ri_cno, true, &root);
781 if (unlikely(err)) {
782 nilfs_err(sb, "error %d loading the latest checkpoint", err);
783 return err;
784 }
785
786 err = nilfs_do_roll_forward(nilfs, sb, root, ri);
787 if (unlikely(err))
788 goto failed;
789
790 if (ri->ri_need_recovery == NILFS_RECOVERY_ROLLFORWARD_DONE) {
791 err = nilfs_prepare_segment_for_recovery(nilfs, sb, ri);
792 if (unlikely(err)) {
793 nilfs_err(sb, "error %d preparing segment for recovery",
794 err);
795 goto failed;
796 }
797
798 err = nilfs_attach_log_writer(sb, root);
799 if (unlikely(err))
800 goto failed;
801
802 set_nilfs_discontinued(nilfs);
803 err = nilfs_construct_segment(sb);
804 nilfs_detach_log_writer(sb);
805
806 if (unlikely(err)) {
807 nilfs_err(sb, "error %d writing segment for recovery",
808 err);
809 goto put_root;
810 }
811
812 nilfs_finish_roll_forward(nilfs, ri);
813 }
814
815 put_root:
816 nilfs_put_root(root);
817 return err;
818
819 failed:
820 nilfs_abort_roll_forward(nilfs);
821 goto put_root;
822 }
823
824 /**
825 * nilfs_search_super_root - search the latest valid super root
826 * @nilfs: the_nilfs
827 * @ri: pointer to a nilfs_recovery_info struct to store search results.
828 *
829 * nilfs_search_super_root() looks for the latest super-root from a partial
830 * segment pointed by the superblock. It sets up struct the_nilfs through
831 * this search. It fills nilfs_recovery_info (ri) required for recovery.
832 *
833 * Return Value: On success, 0 is returned. On error, one of the following
834 * negative error code is returned.
835 *
836 * %-EINVAL - No valid segment found
837 *
838 * %-EIO - I/O error
839 *
840 * %-ENOMEM - Insufficient memory available.
841 */
nilfs_search_super_root(struct the_nilfs * nilfs,struct nilfs_recovery_info * ri)842 int nilfs_search_super_root(struct the_nilfs *nilfs,
843 struct nilfs_recovery_info *ri)
844 {
845 struct buffer_head *bh_sum = NULL;
846 struct nilfs_segment_summary *sum = NULL;
847 sector_t pseg_start, pseg_end, sr_pseg_start = 0;
848 sector_t seg_start, seg_end; /* range of full segment (block number) */
849 sector_t b, end;
850 unsigned long nblocks;
851 unsigned int flags;
852 u64 seg_seq;
853 __u64 segnum, nextnum = 0;
854 __u64 cno;
855 LIST_HEAD(segments);
856 int empty_seg = 0, scan_newer = 0;
857 int ret;
858
859 pseg_start = nilfs->ns_last_pseg;
860 seg_seq = nilfs->ns_last_seq;
861 cno = nilfs->ns_last_cno;
862 segnum = nilfs_get_segnum_of_block(nilfs, pseg_start);
863
864 /* Calculate range of segment */
865 nilfs_get_segment_range(nilfs, segnum, &seg_start, &seg_end);
866
867 /* Read ahead segment */
868 b = seg_start;
869 while (b <= seg_end)
870 __breadahead(nilfs->ns_bdev, b++, nilfs->ns_blocksize);
871
872 for (;;) {
873 brelse(bh_sum);
874 ret = NILFS_SEG_FAIL_IO;
875 bh_sum = nilfs_read_log_header(nilfs, pseg_start, &sum);
876 if (!bh_sum)
877 goto failed;
878
879 ret = nilfs_validate_log(nilfs, seg_seq, bh_sum, sum);
880 if (ret) {
881 if (ret == NILFS_SEG_FAIL_IO)
882 goto failed;
883 goto strayed;
884 }
885
886 nblocks = le32_to_cpu(sum->ss_nblocks);
887 pseg_end = pseg_start + nblocks - 1;
888 if (unlikely(pseg_end > seg_end)) {
889 ret = NILFS_SEG_FAIL_CONSISTENCY;
890 goto strayed;
891 }
892
893 /* A valid partial segment */
894 ri->ri_pseg_start = pseg_start;
895 ri->ri_seq = seg_seq;
896 ri->ri_segnum = segnum;
897 nextnum = nilfs_get_segnum_of_block(nilfs,
898 le64_to_cpu(sum->ss_next));
899 ri->ri_nextnum = nextnum;
900 empty_seg = 0;
901
902 flags = le16_to_cpu(sum->ss_flags);
903 if (!(flags & NILFS_SS_SR) && !scan_newer) {
904 /*
905 * This will never happen because a superblock
906 * (last_segment) always points to a pseg with
907 * a super root.
908 */
909 ret = NILFS_SEG_FAIL_CONSISTENCY;
910 goto failed;
911 }
912
913 if (pseg_start == seg_start) {
914 nilfs_get_segment_range(nilfs, nextnum, &b, &end);
915 while (b <= end)
916 __breadahead(nilfs->ns_bdev, b++,
917 nilfs->ns_blocksize);
918 }
919 if (!(flags & NILFS_SS_SR)) {
920 if (!ri->ri_lsegs_start && (flags & NILFS_SS_LOGBGN)) {
921 ri->ri_lsegs_start = pseg_start;
922 ri->ri_lsegs_start_seq = seg_seq;
923 }
924 if (flags & NILFS_SS_LOGEND)
925 ri->ri_lsegs_end = pseg_start;
926 goto try_next_pseg;
927 }
928
929 /* A valid super root was found. */
930 ri->ri_cno = cno++;
931 ri->ri_super_root = pseg_end;
932 ri->ri_lsegs_start = ri->ri_lsegs_end = 0;
933
934 nilfs_dispose_segment_list(&segments);
935 sr_pseg_start = pseg_start;
936 nilfs->ns_pseg_offset = pseg_start + nblocks - seg_start;
937 nilfs->ns_seg_seq = seg_seq;
938 nilfs->ns_segnum = segnum;
939 nilfs->ns_cno = cno; /* nilfs->ns_cno = ri->ri_cno + 1 */
940 nilfs->ns_ctime = le64_to_cpu(sum->ss_create);
941 nilfs->ns_nextnum = nextnum;
942
943 if (scan_newer)
944 ri->ri_need_recovery = NILFS_RECOVERY_SR_UPDATED;
945 else {
946 if (nilfs->ns_mount_state & NILFS_VALID_FS)
947 goto super_root_found;
948 scan_newer = 1;
949 }
950
951 try_next_pseg:
952 /* Standing on a course, or met an inconsistent state */
953 pseg_start += nblocks;
954 if (pseg_start < seg_end)
955 continue;
956 goto feed_segment;
957
958 strayed:
959 /* Off the trail */
960 if (!scan_newer)
961 /*
962 * This can happen if a checkpoint was written without
963 * barriers, or as a result of an I/O failure.
964 */
965 goto failed;
966
967 feed_segment:
968 /* Looking to the next full segment */
969 if (empty_seg++)
970 goto super_root_found; /* found a valid super root */
971
972 ret = nilfs_segment_list_add(&segments, segnum);
973 if (unlikely(ret))
974 goto failed;
975
976 seg_seq++;
977 segnum = nextnum;
978 nilfs_get_segment_range(nilfs, segnum, &seg_start, &seg_end);
979 pseg_start = seg_start;
980 }
981
982 super_root_found:
983 /* Updating pointers relating to the latest checkpoint */
984 brelse(bh_sum);
985 list_splice_tail(&segments, &ri->ri_used_segments);
986 nilfs->ns_last_pseg = sr_pseg_start;
987 nilfs->ns_last_seq = nilfs->ns_seg_seq;
988 nilfs->ns_last_cno = ri->ri_cno;
989 return 0;
990
991 failed:
992 brelse(bh_sum);
993 nilfs_dispose_segment_list(&segments);
994 return ret < 0 ? ret : nilfs_warn_segment_error(nilfs->ns_sb, ret);
995 }
996