xref: /linux/fs/ext4/ialloc.c (revision 3fd6c59042dbba50391e30862beac979491145fe)
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  *  linux/fs/ext4/ialloc.c
4  *
5  * Copyright (C) 1992, 1993, 1994, 1995
6  * Remy Card (card@masi.ibp.fr)
7  * Laboratoire MASI - Institut Blaise Pascal
8  * Universite Pierre et Marie Curie (Paris VI)
9  *
10  *  BSD ufs-inspired inode and directory allocation by
11  *  Stephen Tweedie (sct@redhat.com), 1993
12  *  Big-endian to little-endian byte-swapping/bitmaps by
13  *        David S. Miller (davem@caip.rutgers.edu), 1995
14  */
15 
16 #include <linux/time.h>
17 #include <linux/fs.h>
18 #include <linux/stat.h>
19 #include <linux/string.h>
20 #include <linux/quotaops.h>
21 #include <linux/buffer_head.h>
22 #include <linux/random.h>
23 #include <linux/bitops.h>
24 #include <linux/blkdev.h>
25 #include <linux/cred.h>
26 
27 #include <asm/byteorder.h>
28 
29 #include "ext4.h"
30 #include "ext4_jbd2.h"
31 #include "xattr.h"
32 #include "acl.h"
33 
34 #include <trace/events/ext4.h>
35 
36 /*
37  * ialloc.c contains the inodes allocation and deallocation routines
38  */
39 
40 /*
41  * The free inodes are managed by bitmaps.  A file system contains several
42  * blocks groups.  Each group contains 1 bitmap block for blocks, 1 bitmap
43  * block for inodes, N blocks for the inode table and data blocks.
44  *
45  * The file system contains group descriptors which are located after the
46  * super block.  Each descriptor contains the number of the bitmap block and
47  * the free blocks count in the block.
48  */
49 
50 /*
51  * To avoid calling the atomic setbit hundreds or thousands of times, we only
52  * need to use it within a single byte (to ensure we get endianness right).
53  * We can use memset for the rest of the bitmap as there are no other users.
54  */
ext4_mark_bitmap_end(int start_bit,int end_bit,char * bitmap)55 void ext4_mark_bitmap_end(int start_bit, int end_bit, char *bitmap)
56 {
57 	int i;
58 
59 	if (start_bit >= end_bit)
60 		return;
61 
62 	ext4_debug("mark end bits +%d through +%d used\n", start_bit, end_bit);
63 	for (i = start_bit; i < ((start_bit + 7) & ~7UL); i++)
64 		ext4_set_bit(i, bitmap);
65 	if (i < end_bit)
66 		memset(bitmap + (i >> 3), 0xff, (end_bit - i) >> 3);
67 }
68 
ext4_end_bitmap_read(struct buffer_head * bh,int uptodate)69 void ext4_end_bitmap_read(struct buffer_head *bh, int uptodate)
70 {
71 	if (uptodate) {
72 		set_buffer_uptodate(bh);
73 		set_bitmap_uptodate(bh);
74 	}
75 	unlock_buffer(bh);
76 	put_bh(bh);
77 }
78 
ext4_validate_inode_bitmap(struct super_block * sb,struct ext4_group_desc * desc,ext4_group_t block_group,struct buffer_head * bh)79 static int ext4_validate_inode_bitmap(struct super_block *sb,
80 				      struct ext4_group_desc *desc,
81 				      ext4_group_t block_group,
82 				      struct buffer_head *bh)
83 {
84 	ext4_fsblk_t	blk;
85 	struct ext4_group_info *grp;
86 
87 	if (EXT4_SB(sb)->s_mount_state & EXT4_FC_REPLAY)
88 		return 0;
89 
90 	if (buffer_verified(bh))
91 		return 0;
92 
93 	grp = ext4_get_group_info(sb, block_group);
94 	if (!grp || EXT4_MB_GRP_IBITMAP_CORRUPT(grp))
95 		return -EFSCORRUPTED;
96 
97 	ext4_lock_group(sb, block_group);
98 	if (buffer_verified(bh))
99 		goto verified;
100 	blk = ext4_inode_bitmap(sb, desc);
101 	if (!ext4_inode_bitmap_csum_verify(sb, desc, bh) ||
102 	    ext4_simulate_fail(sb, EXT4_SIM_IBITMAP_CRC)) {
103 		ext4_unlock_group(sb, block_group);
104 		ext4_error(sb, "Corrupt inode bitmap - block_group = %u, "
105 			   "inode_bitmap = %llu", block_group, blk);
106 		ext4_mark_group_bitmap_corrupted(sb, block_group,
107 					EXT4_GROUP_INFO_IBITMAP_CORRUPT);
108 		return -EFSBADCRC;
109 	}
110 	set_buffer_verified(bh);
111 verified:
112 	ext4_unlock_group(sb, block_group);
113 	return 0;
114 }
115 
116 /*
117  * Read the inode allocation bitmap for a given block_group, reading
118  * into the specified slot in the superblock's bitmap cache.
119  *
120  * Return buffer_head of bitmap on success, or an ERR_PTR on error.
121  */
122 static struct buffer_head *
ext4_read_inode_bitmap(struct super_block * sb,ext4_group_t block_group)123 ext4_read_inode_bitmap(struct super_block *sb, ext4_group_t block_group)
124 {
125 	struct ext4_group_desc *desc;
126 	struct ext4_sb_info *sbi = EXT4_SB(sb);
127 	struct buffer_head *bh = NULL;
128 	ext4_fsblk_t bitmap_blk;
129 	int err;
130 
131 	desc = ext4_get_group_desc(sb, block_group, NULL);
132 	if (!desc)
133 		return ERR_PTR(-EFSCORRUPTED);
134 
135 	bitmap_blk = ext4_inode_bitmap(sb, desc);
136 	if ((bitmap_blk <= le32_to_cpu(sbi->s_es->s_first_data_block)) ||
137 	    (bitmap_blk >= ext4_blocks_count(sbi->s_es))) {
138 		ext4_error(sb, "Invalid inode bitmap blk %llu in "
139 			   "block_group %u", bitmap_blk, block_group);
140 		ext4_mark_group_bitmap_corrupted(sb, block_group,
141 					EXT4_GROUP_INFO_IBITMAP_CORRUPT);
142 		return ERR_PTR(-EFSCORRUPTED);
143 	}
144 	bh = sb_getblk(sb, bitmap_blk);
145 	if (unlikely(!bh)) {
146 		ext4_warning(sb, "Cannot read inode bitmap - "
147 			     "block_group = %u, inode_bitmap = %llu",
148 			     block_group, bitmap_blk);
149 		return ERR_PTR(-ENOMEM);
150 	}
151 	if (bitmap_uptodate(bh))
152 		goto verify;
153 
154 	lock_buffer(bh);
155 	if (bitmap_uptodate(bh)) {
156 		unlock_buffer(bh);
157 		goto verify;
158 	}
159 
160 	ext4_lock_group(sb, block_group);
161 	if (ext4_has_group_desc_csum(sb) &&
162 	    (desc->bg_flags & cpu_to_le16(EXT4_BG_INODE_UNINIT))) {
163 		if (block_group == 0) {
164 			ext4_unlock_group(sb, block_group);
165 			unlock_buffer(bh);
166 			ext4_error(sb, "Inode bitmap for bg 0 marked "
167 				   "uninitialized");
168 			err = -EFSCORRUPTED;
169 			goto out;
170 		}
171 		memset(bh->b_data, 0, (EXT4_INODES_PER_GROUP(sb) + 7) / 8);
172 		ext4_mark_bitmap_end(EXT4_INODES_PER_GROUP(sb),
173 				     sb->s_blocksize * 8, bh->b_data);
174 		set_bitmap_uptodate(bh);
175 		set_buffer_uptodate(bh);
176 		set_buffer_verified(bh);
177 		ext4_unlock_group(sb, block_group);
178 		unlock_buffer(bh);
179 		return bh;
180 	}
181 	ext4_unlock_group(sb, block_group);
182 
183 	if (buffer_uptodate(bh)) {
184 		/*
185 		 * if not uninit if bh is uptodate,
186 		 * bitmap is also uptodate
187 		 */
188 		set_bitmap_uptodate(bh);
189 		unlock_buffer(bh);
190 		goto verify;
191 	}
192 	/*
193 	 * submit the buffer_head for reading
194 	 */
195 	trace_ext4_load_inode_bitmap(sb, block_group);
196 	ext4_read_bh(bh, REQ_META | REQ_PRIO,
197 		     ext4_end_bitmap_read,
198 		     ext4_simulate_fail(sb, EXT4_SIM_IBITMAP_EIO));
199 	if (!buffer_uptodate(bh)) {
200 		put_bh(bh);
201 		ext4_error_err(sb, EIO, "Cannot read inode bitmap - "
202 			       "block_group = %u, inode_bitmap = %llu",
203 			       block_group, bitmap_blk);
204 		ext4_mark_group_bitmap_corrupted(sb, block_group,
205 				EXT4_GROUP_INFO_IBITMAP_CORRUPT);
206 		return ERR_PTR(-EIO);
207 	}
208 
209 verify:
210 	err = ext4_validate_inode_bitmap(sb, desc, block_group, bh);
211 	if (err)
212 		goto out;
213 	return bh;
214 out:
215 	put_bh(bh);
216 	return ERR_PTR(err);
217 }
218 
219 /*
220  * NOTE! When we get the inode, we're the only people
221  * that have access to it, and as such there are no
222  * race conditions we have to worry about. The inode
223  * is not on the hash-lists, and it cannot be reached
224  * through the filesystem because the directory entry
225  * has been deleted earlier.
226  *
227  * HOWEVER: we must make sure that we get no aliases,
228  * which means that we have to call "clear_inode()"
229  * _before_ we mark the inode not in use in the inode
230  * bitmaps. Otherwise a newly created file might use
231  * the same inode number (not actually the same pointer
232  * though), and then we'd have two inodes sharing the
233  * same inode number and space on the harddisk.
234  */
ext4_free_inode(handle_t * handle,struct inode * inode)235 void ext4_free_inode(handle_t *handle, struct inode *inode)
236 {
237 	struct super_block *sb = inode->i_sb;
238 	int is_directory;
239 	unsigned long ino;
240 	struct buffer_head *bitmap_bh = NULL;
241 	struct buffer_head *bh2;
242 	ext4_group_t block_group;
243 	unsigned long bit;
244 	struct ext4_group_desc *gdp;
245 	struct ext4_super_block *es;
246 	struct ext4_sb_info *sbi;
247 	int fatal = 0, err, count, cleared;
248 	struct ext4_group_info *grp;
249 
250 	if (!sb) {
251 		printk(KERN_ERR "EXT4-fs: %s:%d: inode on "
252 		       "nonexistent device\n", __func__, __LINE__);
253 		return;
254 	}
255 	if (atomic_read(&inode->i_count) > 1) {
256 		ext4_msg(sb, KERN_ERR, "%s:%d: inode #%lu: count=%d",
257 			 __func__, __LINE__, inode->i_ino,
258 			 atomic_read(&inode->i_count));
259 		return;
260 	}
261 	if (inode->i_nlink) {
262 		ext4_msg(sb, KERN_ERR, "%s:%d: inode #%lu: nlink=%d\n",
263 			 __func__, __LINE__, inode->i_ino, inode->i_nlink);
264 		return;
265 	}
266 	sbi = EXT4_SB(sb);
267 
268 	ino = inode->i_ino;
269 	ext4_debug("freeing inode %lu\n", ino);
270 	trace_ext4_free_inode(inode);
271 
272 	dquot_initialize(inode);
273 	dquot_free_inode(inode);
274 
275 	is_directory = S_ISDIR(inode->i_mode);
276 
277 	/* Do this BEFORE marking the inode not in use or returning an error */
278 	ext4_clear_inode(inode);
279 
280 	es = sbi->s_es;
281 	if (ino < EXT4_FIRST_INO(sb) || ino > le32_to_cpu(es->s_inodes_count)) {
282 		ext4_error(sb, "reserved or nonexistent inode %lu", ino);
283 		goto error_return;
284 	}
285 	block_group = (ino - 1) / EXT4_INODES_PER_GROUP(sb);
286 	bit = (ino - 1) % EXT4_INODES_PER_GROUP(sb);
287 	bitmap_bh = ext4_read_inode_bitmap(sb, block_group);
288 	/* Don't bother if the inode bitmap is corrupt. */
289 	if (IS_ERR(bitmap_bh)) {
290 		fatal = PTR_ERR(bitmap_bh);
291 		bitmap_bh = NULL;
292 		goto error_return;
293 	}
294 	if (!(sbi->s_mount_state & EXT4_FC_REPLAY)) {
295 		grp = ext4_get_group_info(sb, block_group);
296 		if (!grp || unlikely(EXT4_MB_GRP_IBITMAP_CORRUPT(grp))) {
297 			fatal = -EFSCORRUPTED;
298 			goto error_return;
299 		}
300 	}
301 
302 	BUFFER_TRACE(bitmap_bh, "get_write_access");
303 	fatal = ext4_journal_get_write_access(handle, sb, bitmap_bh,
304 					      EXT4_JTR_NONE);
305 	if (fatal)
306 		goto error_return;
307 
308 	fatal = -ESRCH;
309 	gdp = ext4_get_group_desc(sb, block_group, &bh2);
310 	if (gdp) {
311 		BUFFER_TRACE(bh2, "get_write_access");
312 		fatal = ext4_journal_get_write_access(handle, sb, bh2,
313 						      EXT4_JTR_NONE);
314 	}
315 	ext4_lock_group(sb, block_group);
316 	cleared = ext4_test_and_clear_bit(bit, bitmap_bh->b_data);
317 	if (fatal || !cleared) {
318 		ext4_unlock_group(sb, block_group);
319 		goto out;
320 	}
321 
322 	count = ext4_free_inodes_count(sb, gdp) + 1;
323 	ext4_free_inodes_set(sb, gdp, count);
324 	if (is_directory) {
325 		count = ext4_used_dirs_count(sb, gdp) - 1;
326 		ext4_used_dirs_set(sb, gdp, count);
327 		if (percpu_counter_initialized(&sbi->s_dirs_counter))
328 			percpu_counter_dec(&sbi->s_dirs_counter);
329 	}
330 	ext4_inode_bitmap_csum_set(sb, gdp, bitmap_bh);
331 	ext4_group_desc_csum_set(sb, block_group, gdp);
332 	ext4_unlock_group(sb, block_group);
333 
334 	if (percpu_counter_initialized(&sbi->s_freeinodes_counter))
335 		percpu_counter_inc(&sbi->s_freeinodes_counter);
336 	if (sbi->s_log_groups_per_flex) {
337 		struct flex_groups *fg;
338 
339 		fg = sbi_array_rcu_deref(sbi, s_flex_groups,
340 					 ext4_flex_group(sbi, block_group));
341 		atomic_inc(&fg->free_inodes);
342 		if (is_directory)
343 			atomic_dec(&fg->used_dirs);
344 	}
345 	BUFFER_TRACE(bh2, "call ext4_handle_dirty_metadata");
346 	fatal = ext4_handle_dirty_metadata(handle, NULL, bh2);
347 out:
348 	if (cleared) {
349 		BUFFER_TRACE(bitmap_bh, "call ext4_handle_dirty_metadata");
350 		err = ext4_handle_dirty_metadata(handle, NULL, bitmap_bh);
351 		if (!fatal)
352 			fatal = err;
353 	} else {
354 		ext4_error(sb, "bit already cleared for inode %lu", ino);
355 		ext4_mark_group_bitmap_corrupted(sb, block_group,
356 					EXT4_GROUP_INFO_IBITMAP_CORRUPT);
357 	}
358 
359 error_return:
360 	brelse(bitmap_bh);
361 	ext4_std_error(sb, fatal);
362 }
363 
364 struct orlov_stats {
365 	__u64 free_clusters;
366 	__u32 free_inodes;
367 	__u32 used_dirs;
368 };
369 
370 /*
371  * Helper function for Orlov's allocator; returns critical information
372  * for a particular block group or flex_bg.  If flex_size is 1, then g
373  * is a block group number; otherwise it is flex_bg number.
374  */
get_orlov_stats(struct super_block * sb,ext4_group_t g,int flex_size,struct orlov_stats * stats)375 static void get_orlov_stats(struct super_block *sb, ext4_group_t g,
376 			    int flex_size, struct orlov_stats *stats)
377 {
378 	struct ext4_group_desc *desc;
379 
380 	if (flex_size > 1) {
381 		struct flex_groups *fg = sbi_array_rcu_deref(EXT4_SB(sb),
382 							     s_flex_groups, g);
383 		stats->free_inodes = atomic_read(&fg->free_inodes);
384 		stats->free_clusters = atomic64_read(&fg->free_clusters);
385 		stats->used_dirs = atomic_read(&fg->used_dirs);
386 		return;
387 	}
388 
389 	desc = ext4_get_group_desc(sb, g, NULL);
390 	if (desc) {
391 		stats->free_inodes = ext4_free_inodes_count(sb, desc);
392 		stats->free_clusters = ext4_free_group_clusters(sb, desc);
393 		stats->used_dirs = ext4_used_dirs_count(sb, desc);
394 	} else {
395 		stats->free_inodes = 0;
396 		stats->free_clusters = 0;
397 		stats->used_dirs = 0;
398 	}
399 }
400 
401 /*
402  * Orlov's allocator for directories.
403  *
404  * We always try to spread first-level directories.
405  *
406  * If there are blockgroups with both free inodes and free clusters counts
407  * not worse than average we return one with smallest directory count.
408  * Otherwise we simply return a random group.
409  *
410  * For the rest rules look so:
411  *
412  * It's OK to put directory into a group unless
413  * it has too many directories already (max_dirs) or
414  * it has too few free inodes left (min_inodes) or
415  * it has too few free clusters left (min_clusters) or
416  * Parent's group is preferred, if it doesn't satisfy these
417  * conditions we search cyclically through the rest. If none
418  * of the groups look good we just look for a group with more
419  * free inodes than average (starting at parent's group).
420  */
421 
find_group_orlov(struct super_block * sb,struct inode * parent,ext4_group_t * group,umode_t mode,const struct qstr * qstr)422 static int find_group_orlov(struct super_block *sb, struct inode *parent,
423 			    ext4_group_t *group, umode_t mode,
424 			    const struct qstr *qstr)
425 {
426 	ext4_group_t parent_group = EXT4_I(parent)->i_block_group;
427 	struct ext4_sb_info *sbi = EXT4_SB(sb);
428 	ext4_group_t real_ngroups = ext4_get_groups_count(sb);
429 	int inodes_per_group = EXT4_INODES_PER_GROUP(sb);
430 	unsigned int freei, avefreei, grp_free;
431 	ext4_fsblk_t freec, avefreec;
432 	unsigned int ndirs;
433 	int max_dirs, min_inodes;
434 	ext4_grpblk_t min_clusters;
435 	ext4_group_t i, grp, g, ngroups;
436 	struct ext4_group_desc *desc;
437 	struct orlov_stats stats;
438 	int flex_size = ext4_flex_bg_size(sbi);
439 	struct dx_hash_info hinfo;
440 
441 	ngroups = real_ngroups;
442 	if (flex_size > 1) {
443 		ngroups = (real_ngroups + flex_size - 1) >>
444 			sbi->s_log_groups_per_flex;
445 		parent_group >>= sbi->s_log_groups_per_flex;
446 	}
447 
448 	freei = percpu_counter_read_positive(&sbi->s_freeinodes_counter);
449 	avefreei = freei / ngroups;
450 	freec = percpu_counter_read_positive(&sbi->s_freeclusters_counter);
451 	avefreec = freec;
452 	do_div(avefreec, ngroups);
453 	ndirs = percpu_counter_read_positive(&sbi->s_dirs_counter);
454 
455 	if (S_ISDIR(mode) &&
456 	    ((parent == d_inode(sb->s_root)) ||
457 	     (ext4_test_inode_flag(parent, EXT4_INODE_TOPDIR)))) {
458 		int best_ndir = inodes_per_group;
459 		int ret = -1;
460 
461 		if (qstr) {
462 			hinfo.hash_version = DX_HASH_HALF_MD4;
463 			hinfo.seed = sbi->s_hash_seed;
464 			ext4fs_dirhash(parent, qstr->name, qstr->len, &hinfo);
465 			parent_group = hinfo.hash % ngroups;
466 		} else
467 			parent_group = get_random_u32_below(ngroups);
468 		for (i = 0; i < ngroups; i++) {
469 			g = (parent_group + i) % ngroups;
470 			get_orlov_stats(sb, g, flex_size, &stats);
471 			if (!stats.free_inodes)
472 				continue;
473 			if (stats.used_dirs >= best_ndir)
474 				continue;
475 			if (stats.free_inodes < avefreei)
476 				continue;
477 			if (stats.free_clusters < avefreec)
478 				continue;
479 			grp = g;
480 			ret = 0;
481 			best_ndir = stats.used_dirs;
482 		}
483 		if (ret)
484 			goto fallback;
485 	found_flex_bg:
486 		if (flex_size == 1) {
487 			*group = grp;
488 			return 0;
489 		}
490 
491 		/*
492 		 * We pack inodes at the beginning of the flexgroup's
493 		 * inode tables.  Block allocation decisions will do
494 		 * something similar, although regular files will
495 		 * start at 2nd block group of the flexgroup.  See
496 		 * ext4_ext_find_goal() and ext4_find_near().
497 		 */
498 		grp *= flex_size;
499 		for (i = 0; i < flex_size; i++) {
500 			if (grp+i >= real_ngroups)
501 				break;
502 			desc = ext4_get_group_desc(sb, grp+i, NULL);
503 			if (desc && ext4_free_inodes_count(sb, desc)) {
504 				*group = grp+i;
505 				return 0;
506 			}
507 		}
508 		goto fallback;
509 	}
510 
511 	max_dirs = ndirs / ngroups + inodes_per_group*flex_size / 16;
512 	min_inodes = avefreei - inodes_per_group*flex_size / 4;
513 	if (min_inodes < 1)
514 		min_inodes = 1;
515 	min_clusters = avefreec - EXT4_CLUSTERS_PER_GROUP(sb)*flex_size / 4;
516 	if (min_clusters < 0)
517 		min_clusters = 0;
518 
519 	/*
520 	 * Start looking in the flex group where we last allocated an
521 	 * inode for this parent directory
522 	 */
523 	if (EXT4_I(parent)->i_last_alloc_group != ~0) {
524 		parent_group = EXT4_I(parent)->i_last_alloc_group;
525 		if (flex_size > 1)
526 			parent_group >>= sbi->s_log_groups_per_flex;
527 	}
528 
529 	for (i = 0; i < ngroups; i++) {
530 		grp = (parent_group + i) % ngroups;
531 		get_orlov_stats(sb, grp, flex_size, &stats);
532 		if (stats.used_dirs >= max_dirs)
533 			continue;
534 		if (stats.free_inodes < min_inodes)
535 			continue;
536 		if (stats.free_clusters < min_clusters)
537 			continue;
538 		goto found_flex_bg;
539 	}
540 
541 fallback:
542 	ngroups = real_ngroups;
543 	avefreei = freei / ngroups;
544 fallback_retry:
545 	parent_group = EXT4_I(parent)->i_block_group;
546 	for (i = 0; i < ngroups; i++) {
547 		grp = (parent_group + i) % ngroups;
548 		desc = ext4_get_group_desc(sb, grp, NULL);
549 		if (desc) {
550 			grp_free = ext4_free_inodes_count(sb, desc);
551 			if (grp_free && grp_free >= avefreei) {
552 				*group = grp;
553 				return 0;
554 			}
555 		}
556 	}
557 
558 	if (avefreei) {
559 		/*
560 		 * The free-inodes counter is approximate, and for really small
561 		 * filesystems the above test can fail to find any blockgroups
562 		 */
563 		avefreei = 0;
564 		goto fallback_retry;
565 	}
566 
567 	return -1;
568 }
569 
find_group_other(struct super_block * sb,struct inode * parent,ext4_group_t * group,umode_t mode)570 static int find_group_other(struct super_block *sb, struct inode *parent,
571 			    ext4_group_t *group, umode_t mode)
572 {
573 	ext4_group_t parent_group = EXT4_I(parent)->i_block_group;
574 	ext4_group_t i, last, ngroups = ext4_get_groups_count(sb);
575 	struct ext4_group_desc *desc;
576 	int flex_size = ext4_flex_bg_size(EXT4_SB(sb));
577 
578 	/*
579 	 * Try to place the inode is the same flex group as its
580 	 * parent.  If we can't find space, use the Orlov algorithm to
581 	 * find another flex group, and store that information in the
582 	 * parent directory's inode information so that use that flex
583 	 * group for future allocations.
584 	 */
585 	if (flex_size > 1) {
586 		int retry = 0;
587 
588 	try_again:
589 		parent_group &= ~(flex_size-1);
590 		last = parent_group + flex_size;
591 		if (last > ngroups)
592 			last = ngroups;
593 		for  (i = parent_group; i < last; i++) {
594 			desc = ext4_get_group_desc(sb, i, NULL);
595 			if (desc && ext4_free_inodes_count(sb, desc)) {
596 				*group = i;
597 				return 0;
598 			}
599 		}
600 		if (!retry && EXT4_I(parent)->i_last_alloc_group != ~0) {
601 			retry = 1;
602 			parent_group = EXT4_I(parent)->i_last_alloc_group;
603 			goto try_again;
604 		}
605 		/*
606 		 * If this didn't work, use the Orlov search algorithm
607 		 * to find a new flex group; we pass in the mode to
608 		 * avoid the topdir algorithms.
609 		 */
610 		*group = parent_group + flex_size;
611 		if (*group > ngroups)
612 			*group = 0;
613 		return find_group_orlov(sb, parent, group, mode, NULL);
614 	}
615 
616 	/*
617 	 * Try to place the inode in its parent directory
618 	 */
619 	*group = parent_group;
620 	desc = ext4_get_group_desc(sb, *group, NULL);
621 	if (desc && ext4_free_inodes_count(sb, desc) &&
622 	    ext4_free_group_clusters(sb, desc))
623 		return 0;
624 
625 	/*
626 	 * We're going to place this inode in a different blockgroup from its
627 	 * parent.  We want to cause files in a common directory to all land in
628 	 * the same blockgroup.  But we want files which are in a different
629 	 * directory which shares a blockgroup with our parent to land in a
630 	 * different blockgroup.
631 	 *
632 	 * So add our directory's i_ino into the starting point for the hash.
633 	 */
634 	*group = (*group + parent->i_ino) % ngroups;
635 
636 	/*
637 	 * Use a quadratic hash to find a group with a free inode and some free
638 	 * blocks.
639 	 */
640 	for (i = 1; i < ngroups; i <<= 1) {
641 		*group += i;
642 		if (*group >= ngroups)
643 			*group -= ngroups;
644 		desc = ext4_get_group_desc(sb, *group, NULL);
645 		if (desc && ext4_free_inodes_count(sb, desc) &&
646 		    ext4_free_group_clusters(sb, desc))
647 			return 0;
648 	}
649 
650 	/*
651 	 * That failed: try linear search for a free inode, even if that group
652 	 * has no free blocks.
653 	 */
654 	*group = parent_group;
655 	for (i = 0; i < ngroups; i++) {
656 		if (++*group >= ngroups)
657 			*group = 0;
658 		desc = ext4_get_group_desc(sb, *group, NULL);
659 		if (desc && ext4_free_inodes_count(sb, desc))
660 			return 0;
661 	}
662 
663 	return -1;
664 }
665 
666 /*
667  * In no journal mode, if an inode has recently been deleted, we want
668  * to avoid reusing it until we're reasonably sure the inode table
669  * block has been written back to disk.  (Yes, these values are
670  * somewhat arbitrary...)
671  */
672 #define RECENTCY_MIN	60
673 #define RECENTCY_DIRTY	300
674 
recently_deleted(struct super_block * sb,ext4_group_t group,int ino)675 static int recently_deleted(struct super_block *sb, ext4_group_t group, int ino)
676 {
677 	struct ext4_group_desc	*gdp;
678 	struct ext4_inode	*raw_inode;
679 	struct buffer_head	*bh;
680 	int inodes_per_block = EXT4_SB(sb)->s_inodes_per_block;
681 	int offset, ret = 0;
682 	int recentcy = RECENTCY_MIN;
683 	u32 dtime, now;
684 
685 	gdp = ext4_get_group_desc(sb, group, NULL);
686 	if (unlikely(!gdp))
687 		return 0;
688 
689 	bh = sb_find_get_block(sb, ext4_inode_table(sb, gdp) +
690 		       (ino / inodes_per_block));
691 	if (!bh || !buffer_uptodate(bh))
692 		/*
693 		 * If the block is not in the buffer cache, then it
694 		 * must have been written out.
695 		 */
696 		goto out;
697 
698 	offset = (ino % inodes_per_block) * EXT4_INODE_SIZE(sb);
699 	raw_inode = (struct ext4_inode *) (bh->b_data + offset);
700 
701 	/* i_dtime is only 32 bits on disk, but we only care about relative
702 	 * times in the range of a few minutes (i.e. long enough to sync a
703 	 * recently-deleted inode to disk), so using the low 32 bits of the
704 	 * clock (a 68 year range) is enough, see time_before32() */
705 	dtime = le32_to_cpu(raw_inode->i_dtime);
706 	now = ktime_get_real_seconds();
707 	if (buffer_dirty(bh))
708 		recentcy += RECENTCY_DIRTY;
709 
710 	if (dtime && time_before32(dtime, now) &&
711 	    time_before32(now, dtime + recentcy))
712 		ret = 1;
713 out:
714 	brelse(bh);
715 	return ret;
716 }
717 
find_inode_bit(struct super_block * sb,ext4_group_t group,struct buffer_head * bitmap,unsigned long * ino)718 static int find_inode_bit(struct super_block *sb, ext4_group_t group,
719 			  struct buffer_head *bitmap, unsigned long *ino)
720 {
721 	bool check_recently_deleted = EXT4_SB(sb)->s_journal == NULL;
722 	unsigned long recently_deleted_ino = EXT4_INODES_PER_GROUP(sb);
723 
724 next:
725 	*ino = ext4_find_next_zero_bit((unsigned long *)
726 				       bitmap->b_data,
727 				       EXT4_INODES_PER_GROUP(sb), *ino);
728 	if (*ino >= EXT4_INODES_PER_GROUP(sb))
729 		goto not_found;
730 
731 	if (check_recently_deleted && recently_deleted(sb, group, *ino)) {
732 		recently_deleted_ino = *ino;
733 		*ino = *ino + 1;
734 		if (*ino < EXT4_INODES_PER_GROUP(sb))
735 			goto next;
736 		goto not_found;
737 	}
738 	return 1;
739 not_found:
740 	if (recently_deleted_ino >= EXT4_INODES_PER_GROUP(sb))
741 		return 0;
742 	/*
743 	 * Not reusing recently deleted inodes is mostly a preference. We don't
744 	 * want to report ENOSPC or skew allocation patterns because of that.
745 	 * So return even recently deleted inode if we could find better in the
746 	 * given range.
747 	 */
748 	*ino = recently_deleted_ino;
749 	return 1;
750 }
751 
ext4_mark_inode_used(struct super_block * sb,int ino)752 int ext4_mark_inode_used(struct super_block *sb, int ino)
753 {
754 	unsigned long max_ino = le32_to_cpu(EXT4_SB(sb)->s_es->s_inodes_count);
755 	struct buffer_head *inode_bitmap_bh = NULL, *group_desc_bh = NULL;
756 	struct ext4_group_desc *gdp;
757 	ext4_group_t group;
758 	int bit;
759 	int err;
760 
761 	if (ino < EXT4_FIRST_INO(sb) || ino > max_ino)
762 		return -EFSCORRUPTED;
763 
764 	group = (ino - 1) / EXT4_INODES_PER_GROUP(sb);
765 	bit = (ino - 1) % EXT4_INODES_PER_GROUP(sb);
766 	inode_bitmap_bh = ext4_read_inode_bitmap(sb, group);
767 	if (IS_ERR(inode_bitmap_bh))
768 		return PTR_ERR(inode_bitmap_bh);
769 
770 	if (ext4_test_bit(bit, inode_bitmap_bh->b_data)) {
771 		err = 0;
772 		goto out;
773 	}
774 
775 	gdp = ext4_get_group_desc(sb, group, &group_desc_bh);
776 	if (!gdp) {
777 		err = -EINVAL;
778 		goto out;
779 	}
780 
781 	ext4_set_bit(bit, inode_bitmap_bh->b_data);
782 
783 	BUFFER_TRACE(inode_bitmap_bh, "call ext4_handle_dirty_metadata");
784 	err = ext4_handle_dirty_metadata(NULL, NULL, inode_bitmap_bh);
785 	if (err) {
786 		ext4_std_error(sb, err);
787 		goto out;
788 	}
789 	err = sync_dirty_buffer(inode_bitmap_bh);
790 	if (err) {
791 		ext4_std_error(sb, err);
792 		goto out;
793 	}
794 
795 	/* We may have to initialize the block bitmap if it isn't already */
796 	if (ext4_has_group_desc_csum(sb) &&
797 	    gdp->bg_flags & cpu_to_le16(EXT4_BG_BLOCK_UNINIT)) {
798 		struct buffer_head *block_bitmap_bh;
799 
800 		block_bitmap_bh = ext4_read_block_bitmap(sb, group);
801 		if (IS_ERR(block_bitmap_bh)) {
802 			err = PTR_ERR(block_bitmap_bh);
803 			goto out;
804 		}
805 
806 		BUFFER_TRACE(block_bitmap_bh, "dirty block bitmap");
807 		err = ext4_handle_dirty_metadata(NULL, NULL, block_bitmap_bh);
808 		sync_dirty_buffer(block_bitmap_bh);
809 
810 		/* recheck and clear flag under lock if we still need to */
811 		ext4_lock_group(sb, group);
812 		if (ext4_has_group_desc_csum(sb) &&
813 		    (gdp->bg_flags & cpu_to_le16(EXT4_BG_BLOCK_UNINIT))) {
814 			gdp->bg_flags &= cpu_to_le16(~EXT4_BG_BLOCK_UNINIT);
815 			ext4_free_group_clusters_set(sb, gdp,
816 				ext4_free_clusters_after_init(sb, group, gdp));
817 			ext4_block_bitmap_csum_set(sb, gdp, block_bitmap_bh);
818 			ext4_group_desc_csum_set(sb, group, gdp);
819 		}
820 		ext4_unlock_group(sb, group);
821 		brelse(block_bitmap_bh);
822 
823 		if (err) {
824 			ext4_std_error(sb, err);
825 			goto out;
826 		}
827 	}
828 
829 	/* Update the relevant bg descriptor fields */
830 	if (ext4_has_group_desc_csum(sb)) {
831 		int free;
832 
833 		ext4_lock_group(sb, group); /* while we modify the bg desc */
834 		free = EXT4_INODES_PER_GROUP(sb) -
835 			ext4_itable_unused_count(sb, gdp);
836 		if (gdp->bg_flags & cpu_to_le16(EXT4_BG_INODE_UNINIT)) {
837 			gdp->bg_flags &= cpu_to_le16(~EXT4_BG_INODE_UNINIT);
838 			free = 0;
839 		}
840 
841 		/*
842 		 * Check the relative inode number against the last used
843 		 * relative inode number in this group. if it is greater
844 		 * we need to update the bg_itable_unused count
845 		 */
846 		if (bit >= free)
847 			ext4_itable_unused_set(sb, gdp,
848 					(EXT4_INODES_PER_GROUP(sb) - bit - 1));
849 	} else {
850 		ext4_lock_group(sb, group);
851 	}
852 
853 	ext4_free_inodes_set(sb, gdp, ext4_free_inodes_count(sb, gdp) - 1);
854 	if (ext4_has_group_desc_csum(sb)) {
855 		ext4_inode_bitmap_csum_set(sb, gdp, inode_bitmap_bh);
856 		ext4_group_desc_csum_set(sb, group, gdp);
857 	}
858 
859 	ext4_unlock_group(sb, group);
860 	err = ext4_handle_dirty_metadata(NULL, NULL, group_desc_bh);
861 	sync_dirty_buffer(group_desc_bh);
862 out:
863 	brelse(inode_bitmap_bh);
864 	return err;
865 }
866 
ext4_xattr_credits_for_new_inode(struct inode * dir,mode_t mode,bool encrypt)867 static int ext4_xattr_credits_for_new_inode(struct inode *dir, mode_t mode,
868 					    bool encrypt)
869 {
870 	struct super_block *sb = dir->i_sb;
871 	int nblocks = 0;
872 #ifdef CONFIG_EXT4_FS_POSIX_ACL
873 	struct posix_acl *p = get_inode_acl(dir, ACL_TYPE_DEFAULT);
874 
875 	if (IS_ERR(p))
876 		return PTR_ERR(p);
877 	if (p) {
878 		int acl_size = p->a_count * sizeof(ext4_acl_entry);
879 
880 		nblocks += (S_ISDIR(mode) ? 2 : 1) *
881 			__ext4_xattr_set_credits(sb, NULL /* inode */,
882 						 NULL /* block_bh */, acl_size,
883 						 true /* is_create */);
884 		posix_acl_release(p);
885 	}
886 #endif
887 
888 #ifdef CONFIG_SECURITY
889 	{
890 		int num_security_xattrs = 1;
891 
892 #ifdef CONFIG_INTEGRITY
893 		num_security_xattrs++;
894 #endif
895 		/*
896 		 * We assume that security xattrs are never more than 1k.
897 		 * In practice they are under 128 bytes.
898 		 */
899 		nblocks += num_security_xattrs *
900 			__ext4_xattr_set_credits(sb, NULL /* inode */,
901 						 NULL /* block_bh */, 1024,
902 						 true /* is_create */);
903 	}
904 #endif
905 	if (encrypt)
906 		nblocks += __ext4_xattr_set_credits(sb,
907 						    NULL /* inode */,
908 						    NULL /* block_bh */,
909 						    FSCRYPT_SET_CONTEXT_MAX_SIZE,
910 						    true /* is_create */);
911 	return nblocks;
912 }
913 
914 /*
915  * There are two policies for allocating an inode.  If the new inode is
916  * a directory, then a forward search is made for a block group with both
917  * free space and a low directory-to-inode ratio; if that fails, then of
918  * the groups with above-average free space, that group with the fewest
919  * directories already is chosen.
920  *
921  * For other inodes, search forward from the parent directory's block
922  * group to find a free inode.
923  */
__ext4_new_inode(struct mnt_idmap * idmap,handle_t * handle,struct inode * dir,umode_t mode,const struct qstr * qstr,__u32 goal,uid_t * owner,__u32 i_flags,int handle_type,unsigned int line_no,int nblocks)924 struct inode *__ext4_new_inode(struct mnt_idmap *idmap,
925 			       handle_t *handle, struct inode *dir,
926 			       umode_t mode, const struct qstr *qstr,
927 			       __u32 goal, uid_t *owner, __u32 i_flags,
928 			       int handle_type, unsigned int line_no,
929 			       int nblocks)
930 {
931 	struct super_block *sb;
932 	struct buffer_head *inode_bitmap_bh = NULL;
933 	struct buffer_head *group_desc_bh;
934 	ext4_group_t ngroups, group = 0;
935 	unsigned long ino = 0;
936 	struct inode *inode;
937 	struct ext4_group_desc *gdp = NULL;
938 	struct ext4_inode_info *ei;
939 	struct ext4_sb_info *sbi;
940 	int ret2, err;
941 	struct inode *ret;
942 	ext4_group_t i;
943 	ext4_group_t flex_group;
944 	struct ext4_group_info *grp = NULL;
945 	bool encrypt = false;
946 
947 	/* Cannot create files in a deleted directory */
948 	if (!dir || !dir->i_nlink)
949 		return ERR_PTR(-EPERM);
950 
951 	sb = dir->i_sb;
952 	sbi = EXT4_SB(sb);
953 
954 	if (unlikely(ext4_forced_shutdown(sb)))
955 		return ERR_PTR(-EIO);
956 
957 	ngroups = ext4_get_groups_count(sb);
958 	trace_ext4_request_inode(dir, mode);
959 	inode = new_inode(sb);
960 	if (!inode)
961 		return ERR_PTR(-ENOMEM);
962 	ei = EXT4_I(inode);
963 
964 	/*
965 	 * Initialize owners and quota early so that we don't have to account
966 	 * for quota initialization worst case in standard inode creating
967 	 * transaction
968 	 */
969 	if (owner) {
970 		inode->i_mode = mode;
971 		i_uid_write(inode, owner[0]);
972 		i_gid_write(inode, owner[1]);
973 	} else if (test_opt(sb, GRPID)) {
974 		inode->i_mode = mode;
975 		inode_fsuid_set(inode, idmap);
976 		inode->i_gid = dir->i_gid;
977 	} else
978 		inode_init_owner(idmap, inode, dir, mode);
979 
980 	if (ext4_has_feature_project(sb) &&
981 	    ext4_test_inode_flag(dir, EXT4_INODE_PROJINHERIT))
982 		ei->i_projid = EXT4_I(dir)->i_projid;
983 	else
984 		ei->i_projid = make_kprojid(&init_user_ns, EXT4_DEF_PROJID);
985 
986 	if (!(i_flags & EXT4_EA_INODE_FL)) {
987 		err = fscrypt_prepare_new_inode(dir, inode, &encrypt);
988 		if (err)
989 			goto out;
990 	}
991 
992 	err = dquot_initialize(inode);
993 	if (err)
994 		goto out;
995 
996 	if (!handle && sbi->s_journal && !(i_flags & EXT4_EA_INODE_FL)) {
997 		ret2 = ext4_xattr_credits_for_new_inode(dir, mode, encrypt);
998 		if (ret2 < 0) {
999 			err = ret2;
1000 			goto out;
1001 		}
1002 		nblocks += ret2;
1003 	}
1004 
1005 	if (!goal)
1006 		goal = sbi->s_inode_goal;
1007 
1008 	if (goal && goal <= le32_to_cpu(sbi->s_es->s_inodes_count)) {
1009 		group = (goal - 1) / EXT4_INODES_PER_GROUP(sb);
1010 		ino = (goal - 1) % EXT4_INODES_PER_GROUP(sb);
1011 		ret2 = 0;
1012 		goto got_group;
1013 	}
1014 
1015 	if (S_ISDIR(mode))
1016 		ret2 = find_group_orlov(sb, dir, &group, mode, qstr);
1017 	else
1018 		ret2 = find_group_other(sb, dir, &group, mode);
1019 
1020 got_group:
1021 	EXT4_I(dir)->i_last_alloc_group = group;
1022 	err = -ENOSPC;
1023 	if (ret2 == -1)
1024 		goto out;
1025 
1026 	/*
1027 	 * Normally we will only go through one pass of this loop,
1028 	 * unless we get unlucky and it turns out the group we selected
1029 	 * had its last inode grabbed by someone else.
1030 	 */
1031 	for (i = 0; i < ngroups; i++, ino = 0) {
1032 		err = -EIO;
1033 
1034 		gdp = ext4_get_group_desc(sb, group, &group_desc_bh);
1035 		if (!gdp)
1036 			goto out;
1037 
1038 		/*
1039 		 * Check free inodes count before loading bitmap.
1040 		 */
1041 		if (ext4_free_inodes_count(sb, gdp) == 0)
1042 			goto next_group;
1043 
1044 		if (!(sbi->s_mount_state & EXT4_FC_REPLAY)) {
1045 			grp = ext4_get_group_info(sb, group);
1046 			/*
1047 			 * Skip groups with already-known suspicious inode
1048 			 * tables
1049 			 */
1050 			if (!grp || EXT4_MB_GRP_IBITMAP_CORRUPT(grp))
1051 				goto next_group;
1052 		}
1053 
1054 		brelse(inode_bitmap_bh);
1055 		inode_bitmap_bh = ext4_read_inode_bitmap(sb, group);
1056 		/* Skip groups with suspicious inode tables */
1057 		if (IS_ERR(inode_bitmap_bh)) {
1058 			inode_bitmap_bh = NULL;
1059 			goto next_group;
1060 		}
1061 		if (!(sbi->s_mount_state & EXT4_FC_REPLAY) &&
1062 		    EXT4_MB_GRP_IBITMAP_CORRUPT(grp))
1063 			goto next_group;
1064 
1065 		ret2 = find_inode_bit(sb, group, inode_bitmap_bh, &ino);
1066 		if (!ret2)
1067 			goto next_group;
1068 
1069 		if (group == 0 && (ino + 1) < EXT4_FIRST_INO(sb)) {
1070 			ext4_error(sb, "reserved inode found cleared - "
1071 				   "inode=%lu", ino + 1);
1072 			ext4_mark_group_bitmap_corrupted(sb, group,
1073 					EXT4_GROUP_INFO_IBITMAP_CORRUPT);
1074 			goto next_group;
1075 		}
1076 
1077 		if ((!(sbi->s_mount_state & EXT4_FC_REPLAY)) && !handle) {
1078 			BUG_ON(nblocks <= 0);
1079 			handle = __ext4_journal_start_sb(NULL, dir->i_sb,
1080 				 line_no, handle_type, nblocks, 0,
1081 				 ext4_trans_default_revoke_credits(sb));
1082 			if (IS_ERR(handle)) {
1083 				err = PTR_ERR(handle);
1084 				ext4_std_error(sb, err);
1085 				goto out;
1086 			}
1087 		}
1088 		BUFFER_TRACE(inode_bitmap_bh, "get_write_access");
1089 		err = ext4_journal_get_write_access(handle, sb, inode_bitmap_bh,
1090 						    EXT4_JTR_NONE);
1091 		if (err) {
1092 			ext4_std_error(sb, err);
1093 			goto out;
1094 		}
1095 		ext4_lock_group(sb, group);
1096 		ret2 = ext4_test_and_set_bit(ino, inode_bitmap_bh->b_data);
1097 		if (ret2) {
1098 			/* Someone already took the bit. Repeat the search
1099 			 * with lock held.
1100 			 */
1101 			ret2 = find_inode_bit(sb, group, inode_bitmap_bh, &ino);
1102 			if (ret2) {
1103 				ext4_set_bit(ino, inode_bitmap_bh->b_data);
1104 				ret2 = 0;
1105 			} else {
1106 				ret2 = 1; /* we didn't grab the inode */
1107 			}
1108 		}
1109 		ext4_unlock_group(sb, group);
1110 		ino++;		/* the inode bitmap is zero-based */
1111 		if (!ret2)
1112 			goto got; /* we grabbed the inode! */
1113 
1114 next_group:
1115 		if (++group == ngroups)
1116 			group = 0;
1117 	}
1118 	err = -ENOSPC;
1119 	goto out;
1120 
1121 got:
1122 	BUFFER_TRACE(inode_bitmap_bh, "call ext4_handle_dirty_metadata");
1123 	err = ext4_handle_dirty_metadata(handle, NULL, inode_bitmap_bh);
1124 	if (err) {
1125 		ext4_std_error(sb, err);
1126 		goto out;
1127 	}
1128 
1129 	BUFFER_TRACE(group_desc_bh, "get_write_access");
1130 	err = ext4_journal_get_write_access(handle, sb, group_desc_bh,
1131 					    EXT4_JTR_NONE);
1132 	if (err) {
1133 		ext4_std_error(sb, err);
1134 		goto out;
1135 	}
1136 
1137 	/* We may have to initialize the block bitmap if it isn't already */
1138 	if (ext4_has_group_desc_csum(sb) &&
1139 	    gdp->bg_flags & cpu_to_le16(EXT4_BG_BLOCK_UNINIT)) {
1140 		struct buffer_head *block_bitmap_bh;
1141 
1142 		block_bitmap_bh = ext4_read_block_bitmap(sb, group);
1143 		if (IS_ERR(block_bitmap_bh)) {
1144 			err = PTR_ERR(block_bitmap_bh);
1145 			goto out;
1146 		}
1147 		BUFFER_TRACE(block_bitmap_bh, "get block bitmap access");
1148 		err = ext4_journal_get_write_access(handle, sb, block_bitmap_bh,
1149 						    EXT4_JTR_NONE);
1150 		if (err) {
1151 			brelse(block_bitmap_bh);
1152 			ext4_std_error(sb, err);
1153 			goto out;
1154 		}
1155 
1156 		BUFFER_TRACE(block_bitmap_bh, "dirty block bitmap");
1157 		err = ext4_handle_dirty_metadata(handle, NULL, block_bitmap_bh);
1158 
1159 		/* recheck and clear flag under lock if we still need to */
1160 		ext4_lock_group(sb, group);
1161 		if (ext4_has_group_desc_csum(sb) &&
1162 		    (gdp->bg_flags & cpu_to_le16(EXT4_BG_BLOCK_UNINIT))) {
1163 			gdp->bg_flags &= cpu_to_le16(~EXT4_BG_BLOCK_UNINIT);
1164 			ext4_free_group_clusters_set(sb, gdp,
1165 				ext4_free_clusters_after_init(sb, group, gdp));
1166 			ext4_block_bitmap_csum_set(sb, gdp, block_bitmap_bh);
1167 			ext4_group_desc_csum_set(sb, group, gdp);
1168 		}
1169 		ext4_unlock_group(sb, group);
1170 		brelse(block_bitmap_bh);
1171 
1172 		if (err) {
1173 			ext4_std_error(sb, err);
1174 			goto out;
1175 		}
1176 	}
1177 
1178 	/* Update the relevant bg descriptor fields */
1179 	if (ext4_has_group_desc_csum(sb)) {
1180 		int free;
1181 		struct ext4_group_info *grp = NULL;
1182 
1183 		if (!(sbi->s_mount_state & EXT4_FC_REPLAY)) {
1184 			grp = ext4_get_group_info(sb, group);
1185 			if (!grp) {
1186 				err = -EFSCORRUPTED;
1187 				goto out;
1188 			}
1189 			down_read(&grp->alloc_sem); /*
1190 						     * protect vs itable
1191 						     * lazyinit
1192 						     */
1193 		}
1194 		ext4_lock_group(sb, group); /* while we modify the bg desc */
1195 		free = EXT4_INODES_PER_GROUP(sb) -
1196 			ext4_itable_unused_count(sb, gdp);
1197 		if (gdp->bg_flags & cpu_to_le16(EXT4_BG_INODE_UNINIT)) {
1198 			gdp->bg_flags &= cpu_to_le16(~EXT4_BG_INODE_UNINIT);
1199 			free = 0;
1200 		}
1201 		/*
1202 		 * Check the relative inode number against the last used
1203 		 * relative inode number in this group. if it is greater
1204 		 * we need to update the bg_itable_unused count
1205 		 */
1206 		if (ino > free)
1207 			ext4_itable_unused_set(sb, gdp,
1208 					(EXT4_INODES_PER_GROUP(sb) - ino));
1209 		if (!(sbi->s_mount_state & EXT4_FC_REPLAY))
1210 			up_read(&grp->alloc_sem);
1211 	} else {
1212 		ext4_lock_group(sb, group);
1213 	}
1214 
1215 	ext4_free_inodes_set(sb, gdp, ext4_free_inodes_count(sb, gdp) - 1);
1216 	if (S_ISDIR(mode)) {
1217 		ext4_used_dirs_set(sb, gdp, ext4_used_dirs_count(sb, gdp) + 1);
1218 		if (sbi->s_log_groups_per_flex) {
1219 			ext4_group_t f = ext4_flex_group(sbi, group);
1220 
1221 			atomic_inc(&sbi_array_rcu_deref(sbi, s_flex_groups,
1222 							f)->used_dirs);
1223 		}
1224 	}
1225 	if (ext4_has_group_desc_csum(sb)) {
1226 		ext4_inode_bitmap_csum_set(sb, gdp, inode_bitmap_bh);
1227 		ext4_group_desc_csum_set(sb, group, gdp);
1228 	}
1229 	ext4_unlock_group(sb, group);
1230 
1231 	BUFFER_TRACE(group_desc_bh, "call ext4_handle_dirty_metadata");
1232 	err = ext4_handle_dirty_metadata(handle, NULL, group_desc_bh);
1233 	if (err) {
1234 		ext4_std_error(sb, err);
1235 		goto out;
1236 	}
1237 
1238 	percpu_counter_dec(&sbi->s_freeinodes_counter);
1239 	if (S_ISDIR(mode))
1240 		percpu_counter_inc(&sbi->s_dirs_counter);
1241 
1242 	if (sbi->s_log_groups_per_flex) {
1243 		flex_group = ext4_flex_group(sbi, group);
1244 		atomic_dec(&sbi_array_rcu_deref(sbi, s_flex_groups,
1245 						flex_group)->free_inodes);
1246 	}
1247 
1248 	inode->i_ino = ino + group * EXT4_INODES_PER_GROUP(sb);
1249 	/* This is the optimal IO size (for stat), not the fs block size */
1250 	inode->i_blocks = 0;
1251 	simple_inode_init_ts(inode);
1252 	ei->i_crtime = inode_get_mtime(inode);
1253 
1254 	memset(ei->i_data, 0, sizeof(ei->i_data));
1255 	ei->i_dir_start_lookup = 0;
1256 	ei->i_disksize = 0;
1257 
1258 	/* Don't inherit extent flag from directory, amongst others. */
1259 	ei->i_flags =
1260 		ext4_mask_flags(mode, EXT4_I(dir)->i_flags & EXT4_FL_INHERITED);
1261 	ei->i_flags |= i_flags;
1262 	ei->i_file_acl = 0;
1263 	ei->i_dtime = 0;
1264 	ei->i_block_group = group;
1265 	ei->i_last_alloc_group = ~0;
1266 
1267 	ext4_set_inode_flags(inode, true);
1268 	if (IS_DIRSYNC(inode))
1269 		ext4_handle_sync(handle);
1270 	if (insert_inode_locked(inode) < 0) {
1271 		/*
1272 		 * Likely a bitmap corruption causing inode to be allocated
1273 		 * twice.
1274 		 */
1275 		err = -EIO;
1276 		ext4_error(sb, "failed to insert inode %lu: doubly allocated?",
1277 			   inode->i_ino);
1278 		ext4_mark_group_bitmap_corrupted(sb, group,
1279 					EXT4_GROUP_INFO_IBITMAP_CORRUPT);
1280 		goto out;
1281 	}
1282 	inode->i_generation = get_random_u32();
1283 
1284 	/* Precompute checksum seed for inode metadata */
1285 	if (ext4_has_metadata_csum(sb)) {
1286 		__u32 csum;
1287 		__le32 inum = cpu_to_le32(inode->i_ino);
1288 		__le32 gen = cpu_to_le32(inode->i_generation);
1289 		csum = ext4_chksum(sbi, sbi->s_csum_seed, (__u8 *)&inum,
1290 				   sizeof(inum));
1291 		ei->i_csum_seed = ext4_chksum(sbi, csum, (__u8 *)&gen,
1292 					      sizeof(gen));
1293 	}
1294 
1295 	ext4_clear_state_flags(ei); /* Only relevant on 32-bit archs */
1296 	ext4_set_inode_state(inode, EXT4_STATE_NEW);
1297 
1298 	ei->i_extra_isize = sbi->s_want_extra_isize;
1299 	ei->i_inline_off = 0;
1300 	if (ext4_has_feature_inline_data(sb) &&
1301 	    (!(ei->i_flags & EXT4_DAX_FL) || S_ISDIR(mode)))
1302 		ext4_set_inode_state(inode, EXT4_STATE_MAY_INLINE_DATA);
1303 	ret = inode;
1304 	err = dquot_alloc_inode(inode);
1305 	if (err)
1306 		goto fail_drop;
1307 
1308 	/*
1309 	 * Since the encryption xattr will always be unique, create it first so
1310 	 * that it's less likely to end up in an external xattr block and
1311 	 * prevent its deduplication.
1312 	 */
1313 	if (encrypt) {
1314 		err = fscrypt_set_context(inode, handle);
1315 		if (err)
1316 			goto fail_free_drop;
1317 	}
1318 
1319 	if (!(ei->i_flags & EXT4_EA_INODE_FL)) {
1320 		err = ext4_init_acl(handle, inode, dir);
1321 		if (err)
1322 			goto fail_free_drop;
1323 
1324 		err = ext4_init_security(handle, inode, dir, qstr);
1325 		if (err)
1326 			goto fail_free_drop;
1327 	}
1328 
1329 	if (ext4_has_feature_extents(sb)) {
1330 		/* set extent flag only for directory, file and normal symlink*/
1331 		if (S_ISDIR(mode) || S_ISREG(mode) || S_ISLNK(mode)) {
1332 			ext4_set_inode_flag(inode, EXT4_INODE_EXTENTS);
1333 			ext4_ext_tree_init(handle, inode);
1334 		}
1335 	}
1336 
1337 	ext4_update_inode_fsync_trans(handle, inode, 1);
1338 
1339 	err = ext4_mark_inode_dirty(handle, inode);
1340 	if (err) {
1341 		ext4_std_error(sb, err);
1342 		goto fail_free_drop;
1343 	}
1344 
1345 	ext4_debug("allocating inode %lu\n", inode->i_ino);
1346 	trace_ext4_allocate_inode(inode, dir, mode);
1347 	brelse(inode_bitmap_bh);
1348 	return ret;
1349 
1350 fail_free_drop:
1351 	dquot_free_inode(inode);
1352 fail_drop:
1353 	clear_nlink(inode);
1354 	unlock_new_inode(inode);
1355 out:
1356 	dquot_drop(inode);
1357 	inode->i_flags |= S_NOQUOTA;
1358 	iput(inode);
1359 	brelse(inode_bitmap_bh);
1360 	return ERR_PTR(err);
1361 }
1362 
1363 /* Verify that we are loading a valid orphan from disk */
ext4_orphan_get(struct super_block * sb,unsigned long ino)1364 struct inode *ext4_orphan_get(struct super_block *sb, unsigned long ino)
1365 {
1366 	unsigned long max_ino = le32_to_cpu(EXT4_SB(sb)->s_es->s_inodes_count);
1367 	ext4_group_t block_group;
1368 	int bit;
1369 	struct buffer_head *bitmap_bh = NULL;
1370 	struct inode *inode = NULL;
1371 	int err = -EFSCORRUPTED;
1372 
1373 	if (ino < EXT4_FIRST_INO(sb) || ino > max_ino)
1374 		goto bad_orphan;
1375 
1376 	block_group = (ino - 1) / EXT4_INODES_PER_GROUP(sb);
1377 	bit = (ino - 1) % EXT4_INODES_PER_GROUP(sb);
1378 	bitmap_bh = ext4_read_inode_bitmap(sb, block_group);
1379 	if (IS_ERR(bitmap_bh))
1380 		return ERR_CAST(bitmap_bh);
1381 
1382 	/* Having the inode bit set should be a 100% indicator that this
1383 	 * is a valid orphan (no e2fsck run on fs).  Orphans also include
1384 	 * inodes that were being truncated, so we can't check i_nlink==0.
1385 	 */
1386 	if (!ext4_test_bit(bit, bitmap_bh->b_data))
1387 		goto bad_orphan;
1388 
1389 	inode = ext4_iget(sb, ino, EXT4_IGET_NORMAL);
1390 	if (IS_ERR(inode)) {
1391 		err = PTR_ERR(inode);
1392 		ext4_error_err(sb, -err,
1393 			       "couldn't read orphan inode %lu (err %d)",
1394 			       ino, err);
1395 		brelse(bitmap_bh);
1396 		return inode;
1397 	}
1398 
1399 	/*
1400 	 * If the orphans has i_nlinks > 0 then it should be able to
1401 	 * be truncated, otherwise it won't be removed from the orphan
1402 	 * list during processing and an infinite loop will result.
1403 	 * Similarly, it must not be a bad inode.
1404 	 */
1405 	if ((inode->i_nlink && !ext4_can_truncate(inode)) ||
1406 	    is_bad_inode(inode))
1407 		goto bad_orphan;
1408 
1409 	if (NEXT_ORPHAN(inode) > max_ino)
1410 		goto bad_orphan;
1411 	brelse(bitmap_bh);
1412 	return inode;
1413 
1414 bad_orphan:
1415 	ext4_error(sb, "bad orphan inode %lu", ino);
1416 	if (bitmap_bh)
1417 		printk(KERN_ERR "ext4_test_bit(bit=%d, block=%llu) = %d\n",
1418 		       bit, (unsigned long long)bitmap_bh->b_blocknr,
1419 		       ext4_test_bit(bit, bitmap_bh->b_data));
1420 	if (inode) {
1421 		printk(KERN_ERR "is_bad_inode(inode)=%d\n",
1422 		       is_bad_inode(inode));
1423 		printk(KERN_ERR "NEXT_ORPHAN(inode)=%u\n",
1424 		       NEXT_ORPHAN(inode));
1425 		printk(KERN_ERR "max_ino=%lu\n", max_ino);
1426 		printk(KERN_ERR "i_nlink=%u\n", inode->i_nlink);
1427 		/* Avoid freeing blocks if we got a bad deleted inode */
1428 		if (inode->i_nlink == 0)
1429 			inode->i_blocks = 0;
1430 		iput(inode);
1431 	}
1432 	brelse(bitmap_bh);
1433 	return ERR_PTR(err);
1434 }
1435 
ext4_count_free_inodes(struct super_block * sb)1436 unsigned long ext4_count_free_inodes(struct super_block *sb)
1437 {
1438 	unsigned long desc_count;
1439 	struct ext4_group_desc *gdp;
1440 	ext4_group_t i, ngroups = ext4_get_groups_count(sb);
1441 #ifdef EXT4FS_DEBUG
1442 	struct ext4_super_block *es;
1443 	unsigned long bitmap_count, x;
1444 	struct buffer_head *bitmap_bh = NULL;
1445 
1446 	es = EXT4_SB(sb)->s_es;
1447 	desc_count = 0;
1448 	bitmap_count = 0;
1449 	gdp = NULL;
1450 	for (i = 0; i < ngroups; i++) {
1451 		gdp = ext4_get_group_desc(sb, i, NULL);
1452 		if (!gdp)
1453 			continue;
1454 		desc_count += ext4_free_inodes_count(sb, gdp);
1455 		brelse(bitmap_bh);
1456 		bitmap_bh = ext4_read_inode_bitmap(sb, i);
1457 		if (IS_ERR(bitmap_bh)) {
1458 			bitmap_bh = NULL;
1459 			continue;
1460 		}
1461 
1462 		x = ext4_count_free(bitmap_bh->b_data,
1463 				    EXT4_INODES_PER_GROUP(sb) / 8);
1464 		printk(KERN_DEBUG "group %lu: stored = %d, counted = %lu\n",
1465 			(unsigned long) i, ext4_free_inodes_count(sb, gdp), x);
1466 		bitmap_count += x;
1467 	}
1468 	brelse(bitmap_bh);
1469 	printk(KERN_DEBUG "ext4_count_free_inodes: "
1470 	       "stored = %u, computed = %lu, %lu\n",
1471 	       le32_to_cpu(es->s_free_inodes_count), desc_count, bitmap_count);
1472 	return desc_count;
1473 #else
1474 	desc_count = 0;
1475 	for (i = 0; i < ngroups; i++) {
1476 		gdp = ext4_get_group_desc(sb, i, NULL);
1477 		if (!gdp)
1478 			continue;
1479 		desc_count += ext4_free_inodes_count(sb, gdp);
1480 		cond_resched();
1481 	}
1482 	return desc_count;
1483 #endif
1484 }
1485 
1486 /* Called at mount-time, super-block is locked */
ext4_count_dirs(struct super_block * sb)1487 unsigned long ext4_count_dirs(struct super_block * sb)
1488 {
1489 	unsigned long count = 0;
1490 	ext4_group_t i, ngroups = ext4_get_groups_count(sb);
1491 
1492 	for (i = 0; i < ngroups; i++) {
1493 		struct ext4_group_desc *gdp = ext4_get_group_desc(sb, i, NULL);
1494 		if (!gdp)
1495 			continue;
1496 		count += ext4_used_dirs_count(sb, gdp);
1497 	}
1498 	return count;
1499 }
1500 
1501 /*
1502  * Zeroes not yet zeroed inode table - just write zeroes through the whole
1503  * inode table. Must be called without any spinlock held. The only place
1504  * where it is called from on active part of filesystem is ext4lazyinit
1505  * thread, so we do not need any special locks, however we have to prevent
1506  * inode allocation from the current group, so we take alloc_sem lock, to
1507  * block ext4_new_inode() until we are finished.
1508  */
ext4_init_inode_table(struct super_block * sb,ext4_group_t group,int barrier)1509 int ext4_init_inode_table(struct super_block *sb, ext4_group_t group,
1510 				 int barrier)
1511 {
1512 	struct ext4_group_info *grp = ext4_get_group_info(sb, group);
1513 	struct ext4_sb_info *sbi = EXT4_SB(sb);
1514 	struct ext4_group_desc *gdp = NULL;
1515 	struct buffer_head *group_desc_bh;
1516 	handle_t *handle;
1517 	ext4_fsblk_t blk;
1518 	int num, ret = 0, used_blks = 0;
1519 	unsigned long used_inos = 0;
1520 
1521 	gdp = ext4_get_group_desc(sb, group, &group_desc_bh);
1522 	if (!gdp || !grp)
1523 		goto out;
1524 
1525 	/*
1526 	 * We do not need to lock this, because we are the only one
1527 	 * handling this flag.
1528 	 */
1529 	if (gdp->bg_flags & cpu_to_le16(EXT4_BG_INODE_ZEROED))
1530 		goto out;
1531 
1532 	handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1);
1533 	if (IS_ERR(handle)) {
1534 		ret = PTR_ERR(handle);
1535 		goto out;
1536 	}
1537 
1538 	down_write(&grp->alloc_sem);
1539 	/*
1540 	 * If inode bitmap was already initialized there may be some
1541 	 * used inodes so we need to skip blocks with used inodes in
1542 	 * inode table.
1543 	 */
1544 	if (!(gdp->bg_flags & cpu_to_le16(EXT4_BG_INODE_UNINIT))) {
1545 		used_inos = EXT4_INODES_PER_GROUP(sb) -
1546 			    ext4_itable_unused_count(sb, gdp);
1547 		used_blks = DIV_ROUND_UP(used_inos, sbi->s_inodes_per_block);
1548 
1549 		/* Bogus inode unused count? */
1550 		if (used_blks < 0 || used_blks > sbi->s_itb_per_group) {
1551 			ext4_error(sb, "Something is wrong with group %u: "
1552 				   "used itable blocks: %d; "
1553 				   "itable unused count: %u",
1554 				   group, used_blks,
1555 				   ext4_itable_unused_count(sb, gdp));
1556 			ret = 1;
1557 			goto err_out;
1558 		}
1559 
1560 		used_inos += group * EXT4_INODES_PER_GROUP(sb);
1561 		/*
1562 		 * Are there some uninitialized inodes in the inode table
1563 		 * before the first normal inode?
1564 		 */
1565 		if ((used_blks != sbi->s_itb_per_group) &&
1566 		     (used_inos < EXT4_FIRST_INO(sb))) {
1567 			ext4_error(sb, "Something is wrong with group %u: "
1568 				   "itable unused count: %u; "
1569 				   "itables initialized count: %ld",
1570 				   group, ext4_itable_unused_count(sb, gdp),
1571 				   used_inos);
1572 			ret = 1;
1573 			goto err_out;
1574 		}
1575 	}
1576 
1577 	blk = ext4_inode_table(sb, gdp) + used_blks;
1578 	num = sbi->s_itb_per_group - used_blks;
1579 
1580 	BUFFER_TRACE(group_desc_bh, "get_write_access");
1581 	ret = ext4_journal_get_write_access(handle, sb, group_desc_bh,
1582 					    EXT4_JTR_NONE);
1583 	if (ret)
1584 		goto err_out;
1585 
1586 	/*
1587 	 * Skip zeroout if the inode table is full. But we set the ZEROED
1588 	 * flag anyway, because obviously, when it is full it does not need
1589 	 * further zeroing.
1590 	 */
1591 	if (unlikely(num == 0))
1592 		goto skip_zeroout;
1593 
1594 	ext4_debug("going to zero out inode table in group %d\n",
1595 		   group);
1596 	ret = sb_issue_zeroout(sb, blk, num, GFP_NOFS);
1597 	if (ret < 0)
1598 		goto err_out;
1599 	if (barrier)
1600 		blkdev_issue_flush(sb->s_bdev);
1601 
1602 skip_zeroout:
1603 	ext4_lock_group(sb, group);
1604 	gdp->bg_flags |= cpu_to_le16(EXT4_BG_INODE_ZEROED);
1605 	ext4_group_desc_csum_set(sb, group, gdp);
1606 	ext4_unlock_group(sb, group);
1607 
1608 	BUFFER_TRACE(group_desc_bh,
1609 		     "call ext4_handle_dirty_metadata");
1610 	ret = ext4_handle_dirty_metadata(handle, NULL,
1611 					 group_desc_bh);
1612 
1613 err_out:
1614 	up_write(&grp->alloc_sem);
1615 	ext4_journal_stop(handle);
1616 out:
1617 	return ret;
1618 }
1619