1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * 4 * Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved. 5 * 6 */ 7 8 #include <linux/blkdev.h> 9 #include <linux/buffer_head.h> 10 #include <linux/fs.h> 11 #include <linux/kernel.h> 12 13 #include "debug.h" 14 #include "ntfs.h" 15 #include "ntfs_fs.h" 16 17 // clang-format off 18 const struct cpu_str NAME_MFT = { 19 4, 0, { '$', 'M', 'F', 'T' }, 20 }; 21 const struct cpu_str NAME_MIRROR = { 22 8, 0, { '$', 'M', 'F', 'T', 'M', 'i', 'r', 'r' }, 23 }; 24 const struct cpu_str NAME_LOGFILE = { 25 8, 0, { '$', 'L', 'o', 'g', 'F', 'i', 'l', 'e' }, 26 }; 27 const struct cpu_str NAME_VOLUME = { 28 7, 0, { '$', 'V', 'o', 'l', 'u', 'm', 'e' }, 29 }; 30 const struct cpu_str NAME_ATTRDEF = { 31 8, 0, { '$', 'A', 't', 't', 'r', 'D', 'e', 'f' }, 32 }; 33 const struct cpu_str NAME_ROOT = { 34 1, 0, { '.' }, 35 }; 36 const struct cpu_str NAME_BITMAP = { 37 7, 0, { '$', 'B', 'i', 't', 'm', 'a', 'p' }, 38 }; 39 const struct cpu_str NAME_BOOT = { 40 5, 0, { '$', 'B', 'o', 'o', 't' }, 41 }; 42 const struct cpu_str NAME_BADCLUS = { 43 8, 0, { '$', 'B', 'a', 'd', 'C', 'l', 'u', 's' }, 44 }; 45 const struct cpu_str NAME_QUOTA = { 46 6, 0, { '$', 'Q', 'u', 'o', 't', 'a' }, 47 }; 48 const struct cpu_str NAME_SECURE = { 49 7, 0, { '$', 'S', 'e', 'c', 'u', 'r', 'e' }, 50 }; 51 const struct cpu_str NAME_UPCASE = { 52 7, 0, { '$', 'U', 'p', 'C', 'a', 's', 'e' }, 53 }; 54 const struct cpu_str NAME_EXTEND = { 55 7, 0, { '$', 'E', 'x', 't', 'e', 'n', 'd' }, 56 }; 57 const struct cpu_str NAME_OBJID = { 58 6, 0, { '$', 'O', 'b', 'j', 'I', 'd' }, 59 }; 60 const struct cpu_str NAME_REPARSE = { 61 8, 0, { '$', 'R', 'e', 'p', 'a', 'r', 's', 'e' }, 62 }; 63 const struct cpu_str NAME_USNJRNL = { 64 8, 0, { '$', 'U', 's', 'n', 'J', 'r', 'n', 'l' }, 65 }; 66 const __le16 BAD_NAME[4] = { 67 cpu_to_le16('$'), cpu_to_le16('B'), cpu_to_le16('a'), cpu_to_le16('d'), 68 }; 69 const __le16 I30_NAME[4] = { 70 cpu_to_le16('$'), cpu_to_le16('I'), cpu_to_le16('3'), cpu_to_le16('0'), 71 }; 72 const __le16 SII_NAME[4] = { 73 cpu_to_le16('$'), cpu_to_le16('S'), cpu_to_le16('I'), cpu_to_le16('I'), 74 }; 75 const __le16 SDH_NAME[4] = { 76 cpu_to_le16('$'), cpu_to_le16('S'), cpu_to_le16('D'), cpu_to_le16('H'), 77 }; 78 const __le16 SDS_NAME[4] = { 79 cpu_to_le16('$'), cpu_to_le16('S'), cpu_to_le16('D'), cpu_to_le16('S'), 80 }; 81 const __le16 SO_NAME[2] = { 82 cpu_to_le16('$'), cpu_to_le16('O'), 83 }; 84 const __le16 SQ_NAME[2] = { 85 cpu_to_le16('$'), cpu_to_le16('Q'), 86 }; 87 const __le16 SR_NAME[2] = { 88 cpu_to_le16('$'), cpu_to_le16('R'), 89 }; 90 91 #ifdef CONFIG_NTFS3_LZX_XPRESS 92 const __le16 WOF_NAME[17] = { 93 cpu_to_le16('W'), cpu_to_le16('o'), cpu_to_le16('f'), cpu_to_le16('C'), 94 cpu_to_le16('o'), cpu_to_le16('m'), cpu_to_le16('p'), cpu_to_le16('r'), 95 cpu_to_le16('e'), cpu_to_le16('s'), cpu_to_le16('s'), cpu_to_le16('e'), 96 cpu_to_le16('d'), cpu_to_le16('D'), cpu_to_le16('a'), cpu_to_le16('t'), 97 cpu_to_le16('a'), 98 }; 99 #endif 100 101 static const __le16 CON_NAME[3] = { 102 cpu_to_le16('C'), cpu_to_le16('O'), cpu_to_le16('N'), 103 }; 104 105 static const __le16 NUL_NAME[3] = { 106 cpu_to_le16('N'), cpu_to_le16('U'), cpu_to_le16('L'), 107 }; 108 109 static const __le16 AUX_NAME[3] = { 110 cpu_to_le16('A'), cpu_to_le16('U'), cpu_to_le16('X'), 111 }; 112 113 static const __le16 PRN_NAME[3] = { 114 cpu_to_le16('P'), cpu_to_le16('R'), cpu_to_le16('N'), 115 }; 116 117 static const __le16 COM_NAME[3] = { 118 cpu_to_le16('C'), cpu_to_le16('O'), cpu_to_le16('M'), 119 }; 120 121 static const __le16 LPT_NAME[3] = { 122 cpu_to_le16('L'), cpu_to_le16('P'), cpu_to_le16('T'), 123 }; 124 125 // clang-format on 126 127 /* 128 * ntfs_fix_pre_write - Insert fixups into @rhdr before writing to disk. 129 */ 130 bool ntfs_fix_pre_write(struct NTFS_RECORD_HEADER *rhdr, size_t bytes) 131 { 132 u16 *fixup, *ptr; 133 u16 sample; 134 u16 fo = le16_to_cpu(rhdr->fix_off); 135 u16 fn = le16_to_cpu(rhdr->fix_num); 136 137 if ((fo & 1) || fo + fn * sizeof(short) > SECTOR_SIZE || !fn-- || 138 fn * SECTOR_SIZE > bytes) { 139 return false; 140 } 141 142 /* Get fixup pointer. */ 143 fixup = Add2Ptr(rhdr, fo); 144 145 if (*fixup >= 0x7FFF) 146 *fixup = 1; 147 else 148 *fixup += 1; 149 150 sample = *fixup; 151 152 ptr = Add2Ptr(rhdr, SECTOR_SIZE - sizeof(short)); 153 154 while (fn--) { 155 *++fixup = *ptr; 156 *ptr = sample; 157 ptr += SECTOR_SIZE / sizeof(short); 158 } 159 return true; 160 } 161 162 /* 163 * ntfs_fix_post_read - Remove fixups after reading from disk. 164 * 165 * Return: < 0 if error, 0 if ok, 1 if need to update fixups. 166 */ 167 int ntfs_fix_post_read(struct NTFS_RECORD_HEADER *rhdr, size_t bytes, 168 bool simple) 169 { 170 int ret; 171 u16 *fixup, *ptr; 172 u16 sample, fo, fn; 173 174 fo = le16_to_cpu(rhdr->fix_off); 175 fn = simple ? ((bytes >> SECTOR_SHIFT) + 1) : 176 le16_to_cpu(rhdr->fix_num); 177 178 /* Check errors. */ 179 if ((fo & 1) || fo + fn * sizeof(short) > SECTOR_SIZE || !fn-- || 180 fn * SECTOR_SIZE > bytes) { 181 return -EINVAL; /* Native chkntfs returns ok! */ 182 } 183 184 /* Get fixup pointer. */ 185 fixup = Add2Ptr(rhdr, fo); 186 sample = *fixup; 187 ptr = Add2Ptr(rhdr, SECTOR_SIZE - sizeof(short)); 188 ret = 0; 189 190 while (fn--) { 191 /* Test current word. */ 192 if (*ptr != sample) { 193 /* Fixup does not match! Is it serious error? */ 194 ret = -E_NTFS_FIXUP; 195 } 196 197 /* Replace fixup. */ 198 *ptr = *++fixup; 199 ptr += SECTOR_SIZE / sizeof(short); 200 } 201 202 return ret; 203 } 204 205 /* 206 * ntfs_extend_init - Load $Extend file. 207 */ 208 int ntfs_extend_init(struct ntfs_sb_info *sbi) 209 { 210 int err; 211 struct super_block *sb = sbi->sb; 212 struct inode *inode, *inode2; 213 struct MFT_REF ref; 214 215 if (sbi->volume.major_ver < 3) { 216 ntfs_notice(sb, "Skip $Extend 'cause NTFS version"); 217 return 0; 218 } 219 220 ref.low = cpu_to_le32(MFT_REC_EXTEND); 221 ref.high = 0; 222 ref.seq = cpu_to_le16(MFT_REC_EXTEND); 223 inode = ntfs_iget5(sb, &ref, &NAME_EXTEND); 224 if (IS_ERR(inode)) { 225 err = PTR_ERR(inode); 226 ntfs_err(sb, "Failed to load $Extend (%d).", err); 227 inode = NULL; 228 goto out; 229 } 230 231 /* If ntfs_iget5() reads from disk it never returns bad inode. */ 232 if (!S_ISDIR(inode->i_mode)) { 233 err = -EINVAL; 234 goto out; 235 } 236 237 /* Try to find $ObjId */ 238 inode2 = dir_search_u(inode, &NAME_OBJID, NULL); 239 if (inode2 && !IS_ERR(inode2)) { 240 if (is_bad_inode(inode2)) { 241 iput(inode2); 242 } else { 243 sbi->objid.ni = ntfs_i(inode2); 244 sbi->objid_no = inode2->i_ino; 245 } 246 } 247 248 /* Try to find $Quota */ 249 inode2 = dir_search_u(inode, &NAME_QUOTA, NULL); 250 if (inode2 && !IS_ERR(inode2)) { 251 sbi->quota_no = inode2->i_ino; 252 iput(inode2); 253 } 254 255 /* Try to find $Reparse */ 256 inode2 = dir_search_u(inode, &NAME_REPARSE, NULL); 257 if (inode2 && !IS_ERR(inode2)) { 258 sbi->reparse.ni = ntfs_i(inode2); 259 sbi->reparse_no = inode2->i_ino; 260 } 261 262 /* Try to find $UsnJrnl */ 263 inode2 = dir_search_u(inode, &NAME_USNJRNL, NULL); 264 if (inode2 && !IS_ERR(inode2)) { 265 sbi->usn_jrnl_no = inode2->i_ino; 266 iput(inode2); 267 } 268 269 err = 0; 270 out: 271 iput(inode); 272 return err; 273 } 274 275 int ntfs_loadlog_and_replay(struct ntfs_inode *ni, struct ntfs_sb_info *sbi) 276 { 277 int err = 0; 278 struct super_block *sb = sbi->sb; 279 bool initialized = false; 280 struct MFT_REF ref; 281 struct inode *inode; 282 283 /* Check for 4GB. */ 284 if (ni->vfs_inode.i_size >= 0x100000000ull) { 285 ntfs_err(sb, "\x24LogFile is large than 4G."); 286 err = -EINVAL; 287 goto out; 288 } 289 290 sbi->flags |= NTFS_FLAGS_LOG_REPLAYING; 291 292 ref.low = cpu_to_le32(MFT_REC_MFT); 293 ref.high = 0; 294 ref.seq = cpu_to_le16(1); 295 296 inode = ntfs_iget5(sb, &ref, NULL); 297 298 if (IS_ERR(inode)) 299 inode = NULL; 300 301 if (!inode) { 302 /* Try to use MFT copy. */ 303 u64 t64 = sbi->mft.lbo; 304 305 sbi->mft.lbo = sbi->mft.lbo2; 306 inode = ntfs_iget5(sb, &ref, NULL); 307 sbi->mft.lbo = t64; 308 if (IS_ERR(inode)) 309 inode = NULL; 310 } 311 312 if (!inode) { 313 err = -EINVAL; 314 ntfs_err(sb, "Failed to load $MFT."); 315 goto out; 316 } 317 318 sbi->mft.ni = ntfs_i(inode); 319 320 /* LogFile should not contains attribute list. */ 321 err = ni_load_all_mi(sbi->mft.ni); 322 if (!err) 323 err = log_replay(ni, &initialized); 324 325 iput(inode); 326 sbi->mft.ni = NULL; 327 328 sync_blockdev(sb->s_bdev); 329 invalidate_bdev(sb->s_bdev); 330 331 if (sbi->flags & NTFS_FLAGS_NEED_REPLAY) { 332 err = 0; 333 goto out; 334 } 335 336 if (sb_rdonly(sb) || !initialized) 337 goto out; 338 339 /* Fill LogFile by '-1' if it is initialized. */ 340 err = ntfs_bio_fill_1(sbi, &ni->file.run); 341 342 out: 343 sbi->flags &= ~NTFS_FLAGS_LOG_REPLAYING; 344 345 return err; 346 } 347 348 /* 349 * ntfs_look_for_free_space - Look for a free space in bitmap. 350 */ 351 int ntfs_look_for_free_space(struct ntfs_sb_info *sbi, CLST lcn, CLST len, 352 CLST *new_lcn, CLST *new_len, 353 enum ALLOCATE_OPT opt) 354 { 355 int err; 356 CLST alen; 357 struct super_block *sb = sbi->sb; 358 size_t alcn, zlen, zeroes, zlcn, zlen2, ztrim, new_zlen; 359 struct wnd_bitmap *wnd = &sbi->used.bitmap; 360 361 down_write_nested(&wnd->rw_lock, BITMAP_MUTEX_CLUSTERS); 362 if (opt & ALLOCATE_MFT) { 363 zlen = wnd_zone_len(wnd); 364 365 if (!zlen) { 366 err = ntfs_refresh_zone(sbi); 367 if (err) 368 goto up_write; 369 370 zlen = wnd_zone_len(wnd); 371 } 372 373 if (!zlen) { 374 ntfs_err(sbi->sb, "no free space to extend mft"); 375 err = -ENOSPC; 376 goto up_write; 377 } 378 379 lcn = wnd_zone_bit(wnd); 380 alen = min_t(CLST, len, zlen); 381 382 wnd_zone_set(wnd, lcn + alen, zlen - alen); 383 384 err = wnd_set_used(wnd, lcn, alen); 385 if (err) 386 goto up_write; 387 388 alcn = lcn; 389 goto space_found; 390 } 391 /* 392 * 'Cause cluster 0 is always used this value means that we should use 393 * cached value of 'next_free_lcn' to improve performance. 394 */ 395 if (!lcn) 396 lcn = sbi->used.next_free_lcn; 397 398 if (lcn >= wnd->nbits) 399 lcn = 0; 400 401 alen = wnd_find(wnd, len, lcn, BITMAP_FIND_MARK_AS_USED, &alcn); 402 if (alen) 403 goto space_found; 404 405 /* Try to use clusters from MftZone. */ 406 zlen = wnd_zone_len(wnd); 407 zeroes = wnd_zeroes(wnd); 408 409 /* Check too big request */ 410 if (len > zeroes + zlen || zlen <= NTFS_MIN_MFT_ZONE) { 411 err = -ENOSPC; 412 goto up_write; 413 } 414 415 /* How many clusters to cat from zone. */ 416 zlcn = wnd_zone_bit(wnd); 417 zlen2 = zlen >> 1; 418 ztrim = clamp_val(len, zlen2, zlen); 419 new_zlen = max_t(size_t, zlen - ztrim, NTFS_MIN_MFT_ZONE); 420 421 wnd_zone_set(wnd, zlcn, new_zlen); 422 423 /* Allocate continues clusters. */ 424 alen = wnd_find(wnd, len, 0, 425 BITMAP_FIND_MARK_AS_USED | BITMAP_FIND_FULL, &alcn); 426 if (!alen) { 427 err = -ENOSPC; 428 goto up_write; 429 } 430 431 space_found: 432 err = 0; 433 *new_len = alen; 434 *new_lcn = alcn; 435 436 ntfs_unmap_meta(sb, alcn, alen); 437 438 /* Set hint for next requests. */ 439 if (!(opt & ALLOCATE_MFT)) 440 sbi->used.next_free_lcn = alcn + alen; 441 up_write: 442 up_write(&wnd->rw_lock); 443 return err; 444 } 445 446 /* 447 * ntfs_check_for_free_space 448 * 449 * Check if it is possible to allocate 'clen' clusters and 'mlen' Mft records 450 */ 451 bool ntfs_check_for_free_space(struct ntfs_sb_info *sbi, CLST clen, CLST mlen) 452 { 453 size_t free, zlen, avail; 454 struct wnd_bitmap *wnd; 455 456 wnd = &sbi->used.bitmap; 457 down_read_nested(&wnd->rw_lock, BITMAP_MUTEX_CLUSTERS); 458 free = wnd_zeroes(wnd); 459 zlen = min_t(size_t, NTFS_MIN_MFT_ZONE, wnd_zone_len(wnd)); 460 up_read(&wnd->rw_lock); 461 462 if (free < zlen + clen) 463 return false; 464 465 avail = free - (zlen + clen); 466 467 wnd = &sbi->mft.bitmap; 468 down_read_nested(&wnd->rw_lock, BITMAP_MUTEX_MFT); 469 free = wnd_zeroes(wnd); 470 zlen = wnd_zone_len(wnd); 471 up_read(&wnd->rw_lock); 472 473 if (free >= zlen + mlen) 474 return true; 475 476 return avail >= bytes_to_cluster(sbi, mlen << sbi->record_bits); 477 } 478 479 /* 480 * ntfs_extend_mft - Allocate additional MFT records. 481 * 482 * sbi->mft.bitmap is locked for write. 483 * 484 * NOTE: recursive: 485 * ntfs_look_free_mft -> 486 * ntfs_extend_mft -> 487 * attr_set_size -> 488 * ni_insert_nonresident -> 489 * ni_insert_attr -> 490 * ni_ins_attr_ext -> 491 * ntfs_look_free_mft -> 492 * ntfs_extend_mft 493 * 494 * To avoid recursive always allocate space for two new MFT records 495 * see attrib.c: "at least two MFT to avoid recursive loop". 496 */ 497 static int ntfs_extend_mft(struct ntfs_sb_info *sbi) 498 { 499 int err; 500 struct ntfs_inode *ni = sbi->mft.ni; 501 size_t new_mft_total; 502 u64 new_mft_bytes, new_bitmap_bytes; 503 struct ATTRIB *attr; 504 struct wnd_bitmap *wnd = &sbi->mft.bitmap; 505 506 new_mft_total = ALIGN(wnd->nbits + NTFS_MFT_INCREASE_STEP, 128); 507 new_mft_bytes = (u64)new_mft_total << sbi->record_bits; 508 509 /* Step 1: Resize $MFT::DATA. */ 510 down_write(&ni->file.run_lock); 511 err = attr_set_size(ni, ATTR_DATA, NULL, 0, &ni->file.run, 512 new_mft_bytes, NULL, false, &attr); 513 514 if (err) { 515 up_write(&ni->file.run_lock); 516 goto out; 517 } 518 519 attr->nres.valid_size = attr->nres.data_size; 520 new_mft_total = le64_to_cpu(attr->nres.alloc_size) >> sbi->record_bits; 521 ni->mi.dirty = true; 522 523 /* Step 2: Resize $MFT::BITMAP. */ 524 new_bitmap_bytes = bitmap_size(new_mft_total); 525 526 err = attr_set_size(ni, ATTR_BITMAP, NULL, 0, &sbi->mft.bitmap.run, 527 new_bitmap_bytes, &new_bitmap_bytes, true, NULL); 528 529 /* Refresh MFT Zone if necessary. */ 530 down_write_nested(&sbi->used.bitmap.rw_lock, BITMAP_MUTEX_CLUSTERS); 531 532 ntfs_refresh_zone(sbi); 533 534 up_write(&sbi->used.bitmap.rw_lock); 535 up_write(&ni->file.run_lock); 536 537 if (err) 538 goto out; 539 540 err = wnd_extend(wnd, new_mft_total); 541 542 if (err) 543 goto out; 544 545 ntfs_clear_mft_tail(sbi, sbi->mft.used, new_mft_total); 546 547 err = _ni_write_inode(&ni->vfs_inode, 0); 548 out: 549 return err; 550 } 551 552 /* 553 * ntfs_look_free_mft - Look for a free MFT record. 554 */ 555 int ntfs_look_free_mft(struct ntfs_sb_info *sbi, CLST *rno, bool mft, 556 struct ntfs_inode *ni, struct mft_inode **mi) 557 { 558 int err = 0; 559 size_t zbit, zlen, from, to, fr; 560 size_t mft_total; 561 struct MFT_REF ref; 562 struct super_block *sb = sbi->sb; 563 struct wnd_bitmap *wnd = &sbi->mft.bitmap; 564 u32 ir; 565 566 static_assert(sizeof(sbi->mft.reserved_bitmap) * 8 >= 567 MFT_REC_FREE - MFT_REC_RESERVED); 568 569 if (!mft) 570 down_write_nested(&wnd->rw_lock, BITMAP_MUTEX_MFT); 571 572 zlen = wnd_zone_len(wnd); 573 574 /* Always reserve space for MFT. */ 575 if (zlen) { 576 if (mft) { 577 zbit = wnd_zone_bit(wnd); 578 *rno = zbit; 579 wnd_zone_set(wnd, zbit + 1, zlen - 1); 580 } 581 goto found; 582 } 583 584 /* No MFT zone. Find the nearest to '0' free MFT. */ 585 if (!wnd_find(wnd, 1, MFT_REC_FREE, 0, &zbit)) { 586 /* Resize MFT */ 587 mft_total = wnd->nbits; 588 589 err = ntfs_extend_mft(sbi); 590 if (!err) { 591 zbit = mft_total; 592 goto reserve_mft; 593 } 594 595 if (!mft || MFT_REC_FREE == sbi->mft.next_reserved) 596 goto out; 597 598 err = 0; 599 600 /* 601 * Look for free record reserved area [11-16) == 602 * [MFT_REC_RESERVED, MFT_REC_FREE ) MFT bitmap always 603 * marks it as used. 604 */ 605 if (!sbi->mft.reserved_bitmap) { 606 /* Once per session create internal bitmap for 5 bits. */ 607 sbi->mft.reserved_bitmap = 0xFF; 608 609 ref.high = 0; 610 for (ir = MFT_REC_RESERVED; ir < MFT_REC_FREE; ir++) { 611 struct inode *i; 612 struct ntfs_inode *ni; 613 struct MFT_REC *mrec; 614 615 ref.low = cpu_to_le32(ir); 616 ref.seq = cpu_to_le16(ir); 617 618 i = ntfs_iget5(sb, &ref, NULL); 619 if (IS_ERR(i)) { 620 next: 621 ntfs_notice( 622 sb, 623 "Invalid reserved record %x", 624 ref.low); 625 continue; 626 } 627 if (is_bad_inode(i)) { 628 iput(i); 629 goto next; 630 } 631 632 ni = ntfs_i(i); 633 634 mrec = ni->mi.mrec; 635 636 if (!is_rec_base(mrec)) 637 goto next; 638 639 if (mrec->hard_links) 640 goto next; 641 642 if (!ni_std(ni)) 643 goto next; 644 645 if (ni_find_attr(ni, NULL, NULL, ATTR_NAME, 646 NULL, 0, NULL, NULL)) 647 goto next; 648 649 __clear_bit(ir - MFT_REC_RESERVED, 650 &sbi->mft.reserved_bitmap); 651 } 652 } 653 654 /* Scan 5 bits for zero. Bit 0 == MFT_REC_RESERVED */ 655 zbit = find_next_zero_bit(&sbi->mft.reserved_bitmap, 656 MFT_REC_FREE, MFT_REC_RESERVED); 657 if (zbit >= MFT_REC_FREE) { 658 sbi->mft.next_reserved = MFT_REC_FREE; 659 goto out; 660 } 661 662 zlen = 1; 663 sbi->mft.next_reserved = zbit; 664 } else { 665 reserve_mft: 666 zlen = zbit == MFT_REC_FREE ? (MFT_REC_USER - MFT_REC_FREE) : 4; 667 if (zbit + zlen > wnd->nbits) 668 zlen = wnd->nbits - zbit; 669 670 while (zlen > 1 && !wnd_is_free(wnd, zbit, zlen)) 671 zlen -= 1; 672 673 /* [zbit, zbit + zlen) will be used for MFT itself. */ 674 from = sbi->mft.used; 675 if (from < zbit) 676 from = zbit; 677 to = zbit + zlen; 678 if (from < to) { 679 ntfs_clear_mft_tail(sbi, from, to); 680 sbi->mft.used = to; 681 } 682 } 683 684 if (mft) { 685 *rno = zbit; 686 zbit += 1; 687 zlen -= 1; 688 } 689 690 wnd_zone_set(wnd, zbit, zlen); 691 692 found: 693 if (!mft) { 694 /* The request to get record for general purpose. */ 695 if (sbi->mft.next_free < MFT_REC_USER) 696 sbi->mft.next_free = MFT_REC_USER; 697 698 for (;;) { 699 if (sbi->mft.next_free >= sbi->mft.bitmap.nbits) { 700 } else if (!wnd_find(wnd, 1, MFT_REC_USER, 0, &fr)) { 701 sbi->mft.next_free = sbi->mft.bitmap.nbits; 702 } else { 703 *rno = fr; 704 sbi->mft.next_free = *rno + 1; 705 break; 706 } 707 708 err = ntfs_extend_mft(sbi); 709 if (err) 710 goto out; 711 } 712 } 713 714 if (ni && !ni_add_subrecord(ni, *rno, mi)) { 715 err = -ENOMEM; 716 goto out; 717 } 718 719 /* We have found a record that are not reserved for next MFT. */ 720 if (*rno >= MFT_REC_FREE) 721 wnd_set_used(wnd, *rno, 1); 722 else if (*rno >= MFT_REC_RESERVED && sbi->mft.reserved_bitmap_inited) 723 __set_bit(*rno - MFT_REC_RESERVED, &sbi->mft.reserved_bitmap); 724 725 out: 726 if (!mft) 727 up_write(&wnd->rw_lock); 728 729 return err; 730 } 731 732 /* 733 * ntfs_mark_rec_free - Mark record as free. 734 * is_mft - true if we are changing MFT 735 */ 736 void ntfs_mark_rec_free(struct ntfs_sb_info *sbi, CLST rno, bool is_mft) 737 { 738 struct wnd_bitmap *wnd = &sbi->mft.bitmap; 739 740 if (!is_mft) 741 down_write_nested(&wnd->rw_lock, BITMAP_MUTEX_MFT); 742 if (rno >= wnd->nbits) 743 goto out; 744 745 if (rno >= MFT_REC_FREE) { 746 if (!wnd_is_used(wnd, rno, 1)) 747 ntfs_set_state(sbi, NTFS_DIRTY_ERROR); 748 else 749 wnd_set_free(wnd, rno, 1); 750 } else if (rno >= MFT_REC_RESERVED && sbi->mft.reserved_bitmap_inited) { 751 __clear_bit(rno - MFT_REC_RESERVED, &sbi->mft.reserved_bitmap); 752 } 753 754 if (rno < wnd_zone_bit(wnd)) 755 wnd_zone_set(wnd, rno, 1); 756 else if (rno < sbi->mft.next_free && rno >= MFT_REC_USER) 757 sbi->mft.next_free = rno; 758 759 out: 760 if (!is_mft) 761 up_write(&wnd->rw_lock); 762 } 763 764 /* 765 * ntfs_clear_mft_tail - Format empty records [from, to). 766 * 767 * sbi->mft.bitmap is locked for write. 768 */ 769 int ntfs_clear_mft_tail(struct ntfs_sb_info *sbi, size_t from, size_t to) 770 { 771 int err; 772 u32 rs; 773 u64 vbo; 774 struct runs_tree *run; 775 struct ntfs_inode *ni; 776 777 if (from >= to) 778 return 0; 779 780 rs = sbi->record_size; 781 ni = sbi->mft.ni; 782 run = &ni->file.run; 783 784 down_read(&ni->file.run_lock); 785 vbo = (u64)from * rs; 786 for (; from < to; from++, vbo += rs) { 787 struct ntfs_buffers nb; 788 789 err = ntfs_get_bh(sbi, run, vbo, rs, &nb); 790 if (err) 791 goto out; 792 793 err = ntfs_write_bh(sbi, &sbi->new_rec->rhdr, &nb, 0); 794 nb_put(&nb); 795 if (err) 796 goto out; 797 } 798 799 out: 800 sbi->mft.used = from; 801 up_read(&ni->file.run_lock); 802 return err; 803 } 804 805 /* 806 * ntfs_refresh_zone - Refresh MFT zone. 807 * 808 * sbi->used.bitmap is locked for rw. 809 * sbi->mft.bitmap is locked for write. 810 * sbi->mft.ni->file.run_lock for write. 811 */ 812 int ntfs_refresh_zone(struct ntfs_sb_info *sbi) 813 { 814 CLST lcn, vcn, len; 815 size_t lcn_s, zlen; 816 struct wnd_bitmap *wnd = &sbi->used.bitmap; 817 struct ntfs_inode *ni = sbi->mft.ni; 818 819 /* Do not change anything unless we have non empty MFT zone. */ 820 if (wnd_zone_len(wnd)) 821 return 0; 822 823 vcn = bytes_to_cluster(sbi, 824 (u64)sbi->mft.bitmap.nbits << sbi->record_bits); 825 826 if (!run_lookup_entry(&ni->file.run, vcn - 1, &lcn, &len, NULL)) 827 lcn = SPARSE_LCN; 828 829 /* We should always find Last Lcn for MFT. */ 830 if (lcn == SPARSE_LCN) 831 return -EINVAL; 832 833 lcn_s = lcn + 1; 834 835 /* Try to allocate clusters after last MFT run. */ 836 zlen = wnd_find(wnd, sbi->zone_max, lcn_s, 0, &lcn_s); 837 wnd_zone_set(wnd, lcn_s, zlen); 838 839 return 0; 840 } 841 842 /* 843 * ntfs_update_mftmirr - Update $MFTMirr data. 844 */ 845 void ntfs_update_mftmirr(struct ntfs_sb_info *sbi, int wait) 846 { 847 int err; 848 struct super_block *sb = sbi->sb; 849 u32 blocksize, bytes; 850 sector_t block1, block2; 851 852 /* 853 * sb can be NULL here. In this case sbi->flags should be 0 too. 854 */ 855 if (!sb || !(sbi->flags & NTFS_FLAGS_MFTMIRR)) 856 return; 857 858 blocksize = sb->s_blocksize; 859 bytes = sbi->mft.recs_mirr << sbi->record_bits; 860 block1 = sbi->mft.lbo >> sb->s_blocksize_bits; 861 block2 = sbi->mft.lbo2 >> sb->s_blocksize_bits; 862 863 for (; bytes >= blocksize; bytes -= blocksize) { 864 struct buffer_head *bh1, *bh2; 865 866 bh1 = sb_bread(sb, block1++); 867 if (!bh1) 868 return; 869 870 bh2 = sb_getblk(sb, block2++); 871 if (!bh2) { 872 put_bh(bh1); 873 return; 874 } 875 876 if (buffer_locked(bh2)) 877 __wait_on_buffer(bh2); 878 879 lock_buffer(bh2); 880 memcpy(bh2->b_data, bh1->b_data, blocksize); 881 set_buffer_uptodate(bh2); 882 mark_buffer_dirty(bh2); 883 unlock_buffer(bh2); 884 885 put_bh(bh1); 886 bh1 = NULL; 887 888 err = wait ? sync_dirty_buffer(bh2) : 0; 889 890 put_bh(bh2); 891 if (err) 892 return; 893 } 894 895 sbi->flags &= ~NTFS_FLAGS_MFTMIRR; 896 } 897 898 /* 899 * ntfs_bad_inode 900 * 901 * Marks inode as bad and marks fs as 'dirty' 902 */ 903 void ntfs_bad_inode(struct inode *inode, const char *hint) 904 { 905 struct ntfs_sb_info *sbi = inode->i_sb->s_fs_info; 906 907 ntfs_inode_err(inode, "%s", hint); 908 make_bad_inode(inode); 909 ntfs_set_state(sbi, NTFS_DIRTY_ERROR); 910 } 911 912 /* 913 * ntfs_set_state 914 * 915 * Mount: ntfs_set_state(NTFS_DIRTY_DIRTY) 916 * Umount: ntfs_set_state(NTFS_DIRTY_CLEAR) 917 * NTFS error: ntfs_set_state(NTFS_DIRTY_ERROR) 918 */ 919 int ntfs_set_state(struct ntfs_sb_info *sbi, enum NTFS_DIRTY_FLAGS dirty) 920 { 921 int err; 922 struct ATTRIB *attr; 923 struct VOLUME_INFO *info; 924 struct mft_inode *mi; 925 struct ntfs_inode *ni; 926 __le16 info_flags; 927 928 /* 929 * Do not change state if fs was real_dirty. 930 * Do not change state if fs already dirty(clear). 931 * Do not change any thing if mounted read only. 932 */ 933 if (sbi->volume.real_dirty || sb_rdonly(sbi->sb)) 934 return 0; 935 936 /* Check cached value. */ 937 if ((dirty == NTFS_DIRTY_CLEAR ? 0 : VOLUME_FLAG_DIRTY) == 938 (sbi->volume.flags & VOLUME_FLAG_DIRTY)) 939 return 0; 940 941 ni = sbi->volume.ni; 942 if (!ni) 943 return -EINVAL; 944 945 mutex_lock_nested(&ni->ni_lock, NTFS_INODE_MUTEX_DIRTY); 946 947 attr = ni_find_attr(ni, NULL, NULL, ATTR_VOL_INFO, NULL, 0, NULL, &mi); 948 if (!attr) { 949 err = -EINVAL; 950 goto out; 951 } 952 953 info = resident_data_ex(attr, SIZEOF_ATTRIBUTE_VOLUME_INFO); 954 if (!info) { 955 err = -EINVAL; 956 goto out; 957 } 958 959 info_flags = info->flags; 960 961 switch (dirty) { 962 case NTFS_DIRTY_ERROR: 963 ntfs_notice(sbi->sb, "Mark volume as dirty due to NTFS errors"); 964 sbi->volume.real_dirty = true; 965 fallthrough; 966 case NTFS_DIRTY_DIRTY: 967 info->flags |= VOLUME_FLAG_DIRTY; 968 break; 969 case NTFS_DIRTY_CLEAR: 970 info->flags &= ~VOLUME_FLAG_DIRTY; 971 break; 972 } 973 /* Cache current volume flags. */ 974 if (info_flags != info->flags) { 975 sbi->volume.flags = info->flags; 976 mi->dirty = true; 977 } 978 err = 0; 979 980 out: 981 ni_unlock(ni); 982 if (err) 983 return err; 984 985 mark_inode_dirty(&ni->vfs_inode); 986 /* verify(!ntfs_update_mftmirr()); */ 987 988 /* 989 * If we used wait=1, sync_inode_metadata waits for the io for the 990 * inode to finish. It hangs when media is removed. 991 * So wait=0 is sent down to sync_inode_metadata 992 * and filemap_fdatawrite is used for the data blocks. 993 */ 994 err = sync_inode_metadata(&ni->vfs_inode, 0); 995 if (!err) 996 err = filemap_fdatawrite(ni->vfs_inode.i_mapping); 997 998 return err; 999 } 1000 1001 /* 1002 * security_hash - Calculates a hash of security descriptor. 1003 */ 1004 static inline __le32 security_hash(const void *sd, size_t bytes) 1005 { 1006 u32 hash = 0; 1007 const __le32 *ptr = sd; 1008 1009 bytes >>= 2; 1010 while (bytes--) 1011 hash = ((hash >> 0x1D) | (hash << 3)) + le32_to_cpu(*ptr++); 1012 return cpu_to_le32(hash); 1013 } 1014 1015 int ntfs_sb_read(struct super_block *sb, u64 lbo, size_t bytes, void *buffer) 1016 { 1017 struct block_device *bdev = sb->s_bdev; 1018 u32 blocksize = sb->s_blocksize; 1019 u64 block = lbo >> sb->s_blocksize_bits; 1020 u32 off = lbo & (blocksize - 1); 1021 u32 op = blocksize - off; 1022 1023 for (; bytes; block += 1, off = 0, op = blocksize) { 1024 struct buffer_head *bh = __bread(bdev, block, blocksize); 1025 1026 if (!bh) 1027 return -EIO; 1028 1029 if (op > bytes) 1030 op = bytes; 1031 1032 memcpy(buffer, bh->b_data + off, op); 1033 1034 put_bh(bh); 1035 1036 bytes -= op; 1037 buffer = Add2Ptr(buffer, op); 1038 } 1039 1040 return 0; 1041 } 1042 1043 int ntfs_sb_write(struct super_block *sb, u64 lbo, size_t bytes, 1044 const void *buf, int wait) 1045 { 1046 u32 blocksize = sb->s_blocksize; 1047 struct block_device *bdev = sb->s_bdev; 1048 sector_t block = lbo >> sb->s_blocksize_bits; 1049 u32 off = lbo & (blocksize - 1); 1050 u32 op = blocksize - off; 1051 struct buffer_head *bh; 1052 1053 if (!wait && (sb->s_flags & SB_SYNCHRONOUS)) 1054 wait = 1; 1055 1056 for (; bytes; block += 1, off = 0, op = blocksize) { 1057 if (op > bytes) 1058 op = bytes; 1059 1060 if (op < blocksize) { 1061 bh = __bread(bdev, block, blocksize); 1062 if (!bh) { 1063 ntfs_err(sb, "failed to read block %llx", 1064 (u64)block); 1065 return -EIO; 1066 } 1067 } else { 1068 bh = __getblk(bdev, block, blocksize); 1069 if (!bh) 1070 return -ENOMEM; 1071 } 1072 1073 if (buffer_locked(bh)) 1074 __wait_on_buffer(bh); 1075 1076 lock_buffer(bh); 1077 if (buf) { 1078 memcpy(bh->b_data + off, buf, op); 1079 buf = Add2Ptr(buf, op); 1080 } else { 1081 memset(bh->b_data + off, -1, op); 1082 } 1083 1084 set_buffer_uptodate(bh); 1085 mark_buffer_dirty(bh); 1086 unlock_buffer(bh); 1087 1088 if (wait) { 1089 int err = sync_dirty_buffer(bh); 1090 1091 if (err) { 1092 ntfs_err( 1093 sb, 1094 "failed to sync buffer at block %llx, error %d", 1095 (u64)block, err); 1096 put_bh(bh); 1097 return err; 1098 } 1099 } 1100 1101 put_bh(bh); 1102 1103 bytes -= op; 1104 } 1105 return 0; 1106 } 1107 1108 int ntfs_sb_write_run(struct ntfs_sb_info *sbi, const struct runs_tree *run, 1109 u64 vbo, const void *buf, size_t bytes, int sync) 1110 { 1111 struct super_block *sb = sbi->sb; 1112 u8 cluster_bits = sbi->cluster_bits; 1113 u32 off = vbo & sbi->cluster_mask; 1114 CLST lcn, clen, vcn = vbo >> cluster_bits, vcn_next; 1115 u64 lbo, len; 1116 size_t idx; 1117 1118 if (!run_lookup_entry(run, vcn, &lcn, &clen, &idx)) 1119 return -ENOENT; 1120 1121 if (lcn == SPARSE_LCN) 1122 return -EINVAL; 1123 1124 lbo = ((u64)lcn << cluster_bits) + off; 1125 len = ((u64)clen << cluster_bits) - off; 1126 1127 for (;;) { 1128 u32 op = min_t(u64, len, bytes); 1129 int err = ntfs_sb_write(sb, lbo, op, buf, sync); 1130 1131 if (err) 1132 return err; 1133 1134 bytes -= op; 1135 if (!bytes) 1136 break; 1137 1138 vcn_next = vcn + clen; 1139 if (!run_get_entry(run, ++idx, &vcn, &lcn, &clen) || 1140 vcn != vcn_next) 1141 return -ENOENT; 1142 1143 if (lcn == SPARSE_LCN) 1144 return -EINVAL; 1145 1146 if (buf) 1147 buf = Add2Ptr(buf, op); 1148 1149 lbo = ((u64)lcn << cluster_bits); 1150 len = ((u64)clen << cluster_bits); 1151 } 1152 1153 return 0; 1154 } 1155 1156 struct buffer_head *ntfs_bread_run(struct ntfs_sb_info *sbi, 1157 const struct runs_tree *run, u64 vbo) 1158 { 1159 struct super_block *sb = sbi->sb; 1160 u8 cluster_bits = sbi->cluster_bits; 1161 CLST lcn; 1162 u64 lbo; 1163 1164 if (!run_lookup_entry(run, vbo >> cluster_bits, &lcn, NULL, NULL)) 1165 return ERR_PTR(-ENOENT); 1166 1167 lbo = ((u64)lcn << cluster_bits) + (vbo & sbi->cluster_mask); 1168 1169 return ntfs_bread(sb, lbo >> sb->s_blocksize_bits); 1170 } 1171 1172 int ntfs_read_run_nb(struct ntfs_sb_info *sbi, const struct runs_tree *run, 1173 u64 vbo, void *buf, u32 bytes, struct ntfs_buffers *nb) 1174 { 1175 int err; 1176 struct super_block *sb = sbi->sb; 1177 u32 blocksize = sb->s_blocksize; 1178 u8 cluster_bits = sbi->cluster_bits; 1179 u32 off = vbo & sbi->cluster_mask; 1180 u32 nbh = 0; 1181 CLST vcn_next, vcn = vbo >> cluster_bits; 1182 CLST lcn, clen; 1183 u64 lbo, len; 1184 size_t idx; 1185 struct buffer_head *bh; 1186 1187 if (!run) { 1188 /* First reading of $Volume + $MFTMirr + $LogFile goes here. */ 1189 if (vbo > MFT_REC_VOL * sbi->record_size) { 1190 err = -ENOENT; 1191 goto out; 1192 } 1193 1194 /* Use absolute boot's 'MFTCluster' to read record. */ 1195 lbo = vbo + sbi->mft.lbo; 1196 len = sbi->record_size; 1197 } else if (!run_lookup_entry(run, vcn, &lcn, &clen, &idx)) { 1198 err = -ENOENT; 1199 goto out; 1200 } else { 1201 if (lcn == SPARSE_LCN) { 1202 err = -EINVAL; 1203 goto out; 1204 } 1205 1206 lbo = ((u64)lcn << cluster_bits) + off; 1207 len = ((u64)clen << cluster_bits) - off; 1208 } 1209 1210 off = lbo & (blocksize - 1); 1211 if (nb) { 1212 nb->off = off; 1213 nb->bytes = bytes; 1214 } 1215 1216 for (;;) { 1217 u32 len32 = len >= bytes ? bytes : len; 1218 sector_t block = lbo >> sb->s_blocksize_bits; 1219 1220 do { 1221 u32 op = blocksize - off; 1222 1223 if (op > len32) 1224 op = len32; 1225 1226 bh = ntfs_bread(sb, block); 1227 if (!bh) { 1228 err = -EIO; 1229 goto out; 1230 } 1231 1232 if (buf) { 1233 memcpy(buf, bh->b_data + off, op); 1234 buf = Add2Ptr(buf, op); 1235 } 1236 1237 if (!nb) { 1238 put_bh(bh); 1239 } else if (nbh >= ARRAY_SIZE(nb->bh)) { 1240 err = -EINVAL; 1241 goto out; 1242 } else { 1243 nb->bh[nbh++] = bh; 1244 nb->nbufs = nbh; 1245 } 1246 1247 bytes -= op; 1248 if (!bytes) 1249 return 0; 1250 len32 -= op; 1251 block += 1; 1252 off = 0; 1253 1254 } while (len32); 1255 1256 vcn_next = vcn + clen; 1257 if (!run_get_entry(run, ++idx, &vcn, &lcn, &clen) || 1258 vcn != vcn_next) { 1259 err = -ENOENT; 1260 goto out; 1261 } 1262 1263 if (lcn == SPARSE_LCN) { 1264 err = -EINVAL; 1265 goto out; 1266 } 1267 1268 lbo = ((u64)lcn << cluster_bits); 1269 len = ((u64)clen << cluster_bits); 1270 } 1271 1272 out: 1273 if (!nbh) 1274 return err; 1275 1276 while (nbh) { 1277 put_bh(nb->bh[--nbh]); 1278 nb->bh[nbh] = NULL; 1279 } 1280 1281 nb->nbufs = 0; 1282 return err; 1283 } 1284 1285 /* 1286 * ntfs_read_bh 1287 * 1288 * Return: < 0 if error, 0 if ok, -E_NTFS_FIXUP if need to update fixups. 1289 */ 1290 int ntfs_read_bh(struct ntfs_sb_info *sbi, const struct runs_tree *run, u64 vbo, 1291 struct NTFS_RECORD_HEADER *rhdr, u32 bytes, 1292 struct ntfs_buffers *nb) 1293 { 1294 int err = ntfs_read_run_nb(sbi, run, vbo, rhdr, bytes, nb); 1295 1296 if (err) 1297 return err; 1298 return ntfs_fix_post_read(rhdr, nb->bytes, true); 1299 } 1300 1301 int ntfs_get_bh(struct ntfs_sb_info *sbi, const struct runs_tree *run, u64 vbo, 1302 u32 bytes, struct ntfs_buffers *nb) 1303 { 1304 int err = 0; 1305 struct super_block *sb = sbi->sb; 1306 u32 blocksize = sb->s_blocksize; 1307 u8 cluster_bits = sbi->cluster_bits; 1308 CLST vcn_next, vcn = vbo >> cluster_bits; 1309 u32 off; 1310 u32 nbh = 0; 1311 CLST lcn, clen; 1312 u64 lbo, len; 1313 size_t idx; 1314 1315 nb->bytes = bytes; 1316 1317 if (!run_lookup_entry(run, vcn, &lcn, &clen, &idx)) { 1318 err = -ENOENT; 1319 goto out; 1320 } 1321 1322 off = vbo & sbi->cluster_mask; 1323 lbo = ((u64)lcn << cluster_bits) + off; 1324 len = ((u64)clen << cluster_bits) - off; 1325 1326 nb->off = off = lbo & (blocksize - 1); 1327 1328 for (;;) { 1329 u32 len32 = min_t(u64, len, bytes); 1330 sector_t block = lbo >> sb->s_blocksize_bits; 1331 1332 do { 1333 u32 op; 1334 struct buffer_head *bh; 1335 1336 if (nbh >= ARRAY_SIZE(nb->bh)) { 1337 err = -EINVAL; 1338 goto out; 1339 } 1340 1341 op = blocksize - off; 1342 if (op > len32) 1343 op = len32; 1344 1345 if (op == blocksize) { 1346 bh = sb_getblk(sb, block); 1347 if (!bh) { 1348 err = -ENOMEM; 1349 goto out; 1350 } 1351 if (buffer_locked(bh)) 1352 __wait_on_buffer(bh); 1353 set_buffer_uptodate(bh); 1354 } else { 1355 bh = ntfs_bread(sb, block); 1356 if (!bh) { 1357 err = -EIO; 1358 goto out; 1359 } 1360 } 1361 1362 nb->bh[nbh++] = bh; 1363 bytes -= op; 1364 if (!bytes) { 1365 nb->nbufs = nbh; 1366 return 0; 1367 } 1368 1369 block += 1; 1370 len32 -= op; 1371 off = 0; 1372 } while (len32); 1373 1374 vcn_next = vcn + clen; 1375 if (!run_get_entry(run, ++idx, &vcn, &lcn, &clen) || 1376 vcn != vcn_next) { 1377 err = -ENOENT; 1378 goto out; 1379 } 1380 1381 lbo = ((u64)lcn << cluster_bits); 1382 len = ((u64)clen << cluster_bits); 1383 } 1384 1385 out: 1386 while (nbh) { 1387 put_bh(nb->bh[--nbh]); 1388 nb->bh[nbh] = NULL; 1389 } 1390 1391 nb->nbufs = 0; 1392 1393 return err; 1394 } 1395 1396 int ntfs_write_bh(struct ntfs_sb_info *sbi, struct NTFS_RECORD_HEADER *rhdr, 1397 struct ntfs_buffers *nb, int sync) 1398 { 1399 int err = 0; 1400 struct super_block *sb = sbi->sb; 1401 u32 block_size = sb->s_blocksize; 1402 u32 bytes = nb->bytes; 1403 u32 off = nb->off; 1404 u16 fo = le16_to_cpu(rhdr->fix_off); 1405 u16 fn = le16_to_cpu(rhdr->fix_num); 1406 u32 idx; 1407 __le16 *fixup; 1408 __le16 sample; 1409 1410 if ((fo & 1) || fo + fn * sizeof(short) > SECTOR_SIZE || !fn-- || 1411 fn * SECTOR_SIZE > bytes) { 1412 return -EINVAL; 1413 } 1414 1415 for (idx = 0; bytes && idx < nb->nbufs; idx += 1, off = 0) { 1416 u32 op = block_size - off; 1417 char *bh_data; 1418 struct buffer_head *bh = nb->bh[idx]; 1419 __le16 *ptr, *end_data; 1420 1421 if (op > bytes) 1422 op = bytes; 1423 1424 if (buffer_locked(bh)) 1425 __wait_on_buffer(bh); 1426 1427 lock_buffer(bh); 1428 1429 bh_data = bh->b_data + off; 1430 end_data = Add2Ptr(bh_data, op); 1431 memcpy(bh_data, rhdr, op); 1432 1433 if (!idx) { 1434 u16 t16; 1435 1436 fixup = Add2Ptr(bh_data, fo); 1437 sample = *fixup; 1438 t16 = le16_to_cpu(sample); 1439 if (t16 >= 0x7FFF) { 1440 sample = *fixup = cpu_to_le16(1); 1441 } else { 1442 sample = cpu_to_le16(t16 + 1); 1443 *fixup = sample; 1444 } 1445 1446 *(__le16 *)Add2Ptr(rhdr, fo) = sample; 1447 } 1448 1449 ptr = Add2Ptr(bh_data, SECTOR_SIZE - sizeof(short)); 1450 1451 do { 1452 *++fixup = *ptr; 1453 *ptr = sample; 1454 ptr += SECTOR_SIZE / sizeof(short); 1455 } while (ptr < end_data); 1456 1457 set_buffer_uptodate(bh); 1458 mark_buffer_dirty(bh); 1459 unlock_buffer(bh); 1460 1461 if (sync) { 1462 int err2 = sync_dirty_buffer(bh); 1463 1464 if (!err && err2) 1465 err = err2; 1466 } 1467 1468 bytes -= op; 1469 rhdr = Add2Ptr(rhdr, op); 1470 } 1471 1472 return err; 1473 } 1474 1475 /* 1476 * ntfs_bio_pages - Read/write pages from/to disk. 1477 */ 1478 int ntfs_bio_pages(struct ntfs_sb_info *sbi, const struct runs_tree *run, 1479 struct page **pages, u32 nr_pages, u64 vbo, u32 bytes, 1480 enum req_op op) 1481 { 1482 int err = 0; 1483 struct bio *new, *bio = NULL; 1484 struct super_block *sb = sbi->sb; 1485 struct block_device *bdev = sb->s_bdev; 1486 struct page *page; 1487 u8 cluster_bits = sbi->cluster_bits; 1488 CLST lcn, clen, vcn, vcn_next; 1489 u32 add, off, page_idx; 1490 u64 lbo, len; 1491 size_t run_idx; 1492 struct blk_plug plug; 1493 1494 if (!bytes) 1495 return 0; 1496 1497 blk_start_plug(&plug); 1498 1499 /* Align vbo and bytes to be 512 bytes aligned. */ 1500 lbo = (vbo + bytes + 511) & ~511ull; 1501 vbo = vbo & ~511ull; 1502 bytes = lbo - vbo; 1503 1504 vcn = vbo >> cluster_bits; 1505 if (!run_lookup_entry(run, vcn, &lcn, &clen, &run_idx)) { 1506 err = -ENOENT; 1507 goto out; 1508 } 1509 off = vbo & sbi->cluster_mask; 1510 page_idx = 0; 1511 page = pages[0]; 1512 1513 for (;;) { 1514 lbo = ((u64)lcn << cluster_bits) + off; 1515 len = ((u64)clen << cluster_bits) - off; 1516 new_bio: 1517 new = bio_alloc(bdev, nr_pages - page_idx, op, GFP_NOFS); 1518 if (bio) { 1519 bio_chain(bio, new); 1520 submit_bio(bio); 1521 } 1522 bio = new; 1523 bio->bi_iter.bi_sector = lbo >> 9; 1524 1525 while (len) { 1526 off = vbo & (PAGE_SIZE - 1); 1527 add = off + len > PAGE_SIZE ? (PAGE_SIZE - off) : len; 1528 1529 if (bio_add_page(bio, page, add, off) < add) 1530 goto new_bio; 1531 1532 if (bytes <= add) 1533 goto out; 1534 bytes -= add; 1535 vbo += add; 1536 1537 if (add + off == PAGE_SIZE) { 1538 page_idx += 1; 1539 if (WARN_ON(page_idx >= nr_pages)) { 1540 err = -EINVAL; 1541 goto out; 1542 } 1543 page = pages[page_idx]; 1544 } 1545 1546 if (len <= add) 1547 break; 1548 len -= add; 1549 lbo += add; 1550 } 1551 1552 vcn_next = vcn + clen; 1553 if (!run_get_entry(run, ++run_idx, &vcn, &lcn, &clen) || 1554 vcn != vcn_next) { 1555 err = -ENOENT; 1556 goto out; 1557 } 1558 off = 0; 1559 } 1560 out: 1561 if (bio) { 1562 if (!err) 1563 err = submit_bio_wait(bio); 1564 bio_put(bio); 1565 } 1566 blk_finish_plug(&plug); 1567 1568 return err; 1569 } 1570 1571 /* 1572 * ntfs_bio_fill_1 - Helper for ntfs_loadlog_and_replay(). 1573 * 1574 * Fill on-disk logfile range by (-1) 1575 * this means empty logfile. 1576 */ 1577 int ntfs_bio_fill_1(struct ntfs_sb_info *sbi, const struct runs_tree *run) 1578 { 1579 int err = 0; 1580 struct super_block *sb = sbi->sb; 1581 struct block_device *bdev = sb->s_bdev; 1582 u8 cluster_bits = sbi->cluster_bits; 1583 struct bio *new, *bio = NULL; 1584 CLST lcn, clen; 1585 u64 lbo, len; 1586 size_t run_idx; 1587 struct page *fill; 1588 void *kaddr; 1589 struct blk_plug plug; 1590 1591 fill = alloc_page(GFP_KERNEL); 1592 if (!fill) 1593 return -ENOMEM; 1594 1595 kaddr = kmap_atomic(fill); 1596 memset(kaddr, -1, PAGE_SIZE); 1597 kunmap_atomic(kaddr); 1598 flush_dcache_page(fill); 1599 lock_page(fill); 1600 1601 if (!run_lookup_entry(run, 0, &lcn, &clen, &run_idx)) { 1602 err = -ENOENT; 1603 goto out; 1604 } 1605 1606 /* 1607 * TODO: Try blkdev_issue_write_same. 1608 */ 1609 blk_start_plug(&plug); 1610 do { 1611 lbo = (u64)lcn << cluster_bits; 1612 len = (u64)clen << cluster_bits; 1613 new_bio: 1614 new = bio_alloc(bdev, BIO_MAX_VECS, REQ_OP_WRITE, GFP_NOFS); 1615 if (bio) { 1616 bio_chain(bio, new); 1617 submit_bio(bio); 1618 } 1619 bio = new; 1620 bio->bi_iter.bi_sector = lbo >> 9; 1621 1622 for (;;) { 1623 u32 add = len > PAGE_SIZE ? PAGE_SIZE : len; 1624 1625 if (bio_add_page(bio, fill, add, 0) < add) 1626 goto new_bio; 1627 1628 lbo += add; 1629 if (len <= add) 1630 break; 1631 len -= add; 1632 } 1633 } while (run_get_entry(run, ++run_idx, NULL, &lcn, &clen)); 1634 1635 if (!err) 1636 err = submit_bio_wait(bio); 1637 bio_put(bio); 1638 1639 blk_finish_plug(&plug); 1640 out: 1641 unlock_page(fill); 1642 put_page(fill); 1643 1644 return err; 1645 } 1646 1647 int ntfs_vbo_to_lbo(struct ntfs_sb_info *sbi, const struct runs_tree *run, 1648 u64 vbo, u64 *lbo, u64 *bytes) 1649 { 1650 u32 off; 1651 CLST lcn, len; 1652 u8 cluster_bits = sbi->cluster_bits; 1653 1654 if (!run_lookup_entry(run, vbo >> cluster_bits, &lcn, &len, NULL)) 1655 return -ENOENT; 1656 1657 off = vbo & sbi->cluster_mask; 1658 *lbo = lcn == SPARSE_LCN ? -1 : (((u64)lcn << cluster_bits) + off); 1659 *bytes = ((u64)len << cluster_bits) - off; 1660 1661 return 0; 1662 } 1663 1664 struct ntfs_inode *ntfs_new_inode(struct ntfs_sb_info *sbi, CLST rno, bool dir) 1665 { 1666 int err = 0; 1667 struct super_block *sb = sbi->sb; 1668 struct inode *inode = new_inode(sb); 1669 struct ntfs_inode *ni; 1670 1671 if (!inode) 1672 return ERR_PTR(-ENOMEM); 1673 1674 ni = ntfs_i(inode); 1675 1676 err = mi_format_new(&ni->mi, sbi, rno, dir ? RECORD_FLAG_DIR : 0, 1677 false); 1678 if (err) 1679 goto out; 1680 1681 inode->i_ino = rno; 1682 if (insert_inode_locked(inode) < 0) { 1683 err = -EIO; 1684 goto out; 1685 } 1686 1687 out: 1688 if (err) { 1689 make_bad_inode(inode); 1690 iput(inode); 1691 ni = ERR_PTR(err); 1692 } 1693 return ni; 1694 } 1695 1696 /* 1697 * O:BAG:BAD:(A;OICI;FA;;;WD) 1698 * Owner S-1-5-32-544 (Administrators) 1699 * Group S-1-5-32-544 (Administrators) 1700 * ACE: allow S-1-1-0 (Everyone) with FILE_ALL_ACCESS 1701 */ 1702 const u8 s_default_security[] __aligned(8) = { 1703 0x01, 0x00, 0x04, 0x80, 0x30, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 1704 0x00, 0x00, 0x00, 0x00, 0x14, 0x00, 0x00, 0x00, 0x02, 0x00, 0x1C, 0x00, 1705 0x01, 0x00, 0x00, 0x00, 0x00, 0x03, 0x14, 0x00, 0xFF, 0x01, 0x1F, 0x00, 1706 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 1707 0x01, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x20, 0x00, 0x00, 0x00, 1708 0x20, 0x02, 0x00, 0x00, 0x01, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 1709 0x20, 0x00, 0x00, 0x00, 0x20, 0x02, 0x00, 0x00, 1710 }; 1711 1712 static_assert(sizeof(s_default_security) == 0x50); 1713 1714 static inline u32 sid_length(const struct SID *sid) 1715 { 1716 return struct_size(sid, SubAuthority, sid->SubAuthorityCount); 1717 } 1718 1719 /* 1720 * is_acl_valid 1721 * 1722 * Thanks Mark Harmstone for idea. 1723 */ 1724 static bool is_acl_valid(const struct ACL *acl, u32 len) 1725 { 1726 const struct ACE_HEADER *ace; 1727 u32 i; 1728 u16 ace_count, ace_size; 1729 1730 if (acl->AclRevision != ACL_REVISION && 1731 acl->AclRevision != ACL_REVISION_DS) { 1732 /* 1733 * This value should be ACL_REVISION, unless the ACL contains an 1734 * object-specific ACE, in which case this value must be ACL_REVISION_DS. 1735 * All ACEs in an ACL must be at the same revision level. 1736 */ 1737 return false; 1738 } 1739 1740 if (acl->Sbz1) 1741 return false; 1742 1743 if (le16_to_cpu(acl->AclSize) > len) 1744 return false; 1745 1746 if (acl->Sbz2) 1747 return false; 1748 1749 len -= sizeof(struct ACL); 1750 ace = (struct ACE_HEADER *)&acl[1]; 1751 ace_count = le16_to_cpu(acl->AceCount); 1752 1753 for (i = 0; i < ace_count; i++) { 1754 if (len < sizeof(struct ACE_HEADER)) 1755 return false; 1756 1757 ace_size = le16_to_cpu(ace->AceSize); 1758 if (len < ace_size) 1759 return false; 1760 1761 len -= ace_size; 1762 ace = Add2Ptr(ace, ace_size); 1763 } 1764 1765 return true; 1766 } 1767 1768 bool is_sd_valid(const struct SECURITY_DESCRIPTOR_RELATIVE *sd, u32 len) 1769 { 1770 u32 sd_owner, sd_group, sd_sacl, sd_dacl; 1771 1772 if (len < sizeof(struct SECURITY_DESCRIPTOR_RELATIVE)) 1773 return false; 1774 1775 if (sd->Revision != 1) 1776 return false; 1777 1778 if (sd->Sbz1) 1779 return false; 1780 1781 if (!(sd->Control & SE_SELF_RELATIVE)) 1782 return false; 1783 1784 sd_owner = le32_to_cpu(sd->Owner); 1785 if (sd_owner) { 1786 const struct SID *owner = Add2Ptr(sd, sd_owner); 1787 1788 if (sd_owner + offsetof(struct SID, SubAuthority) > len) 1789 return false; 1790 1791 if (owner->Revision != 1) 1792 return false; 1793 1794 if (sd_owner + sid_length(owner) > len) 1795 return false; 1796 } 1797 1798 sd_group = le32_to_cpu(sd->Group); 1799 if (sd_group) { 1800 const struct SID *group = Add2Ptr(sd, sd_group); 1801 1802 if (sd_group + offsetof(struct SID, SubAuthority) > len) 1803 return false; 1804 1805 if (group->Revision != 1) 1806 return false; 1807 1808 if (sd_group + sid_length(group) > len) 1809 return false; 1810 } 1811 1812 sd_sacl = le32_to_cpu(sd->Sacl); 1813 if (sd_sacl) { 1814 const struct ACL *sacl = Add2Ptr(sd, sd_sacl); 1815 1816 if (sd_sacl + sizeof(struct ACL) > len) 1817 return false; 1818 1819 if (!is_acl_valid(sacl, len - sd_sacl)) 1820 return false; 1821 } 1822 1823 sd_dacl = le32_to_cpu(sd->Dacl); 1824 if (sd_dacl) { 1825 const struct ACL *dacl = Add2Ptr(sd, sd_dacl); 1826 1827 if (sd_dacl + sizeof(struct ACL) > len) 1828 return false; 1829 1830 if (!is_acl_valid(dacl, len - sd_dacl)) 1831 return false; 1832 } 1833 1834 return true; 1835 } 1836 1837 /* 1838 * ntfs_security_init - Load and parse $Secure. 1839 */ 1840 int ntfs_security_init(struct ntfs_sb_info *sbi) 1841 { 1842 int err; 1843 struct super_block *sb = sbi->sb; 1844 struct inode *inode; 1845 struct ntfs_inode *ni; 1846 struct MFT_REF ref; 1847 struct ATTRIB *attr; 1848 struct ATTR_LIST_ENTRY *le; 1849 u64 sds_size; 1850 size_t off; 1851 struct NTFS_DE *ne; 1852 struct NTFS_DE_SII *sii_e; 1853 struct ntfs_fnd *fnd_sii = NULL; 1854 const struct INDEX_ROOT *root_sii; 1855 const struct INDEX_ROOT *root_sdh; 1856 struct ntfs_index *indx_sdh = &sbi->security.index_sdh; 1857 struct ntfs_index *indx_sii = &sbi->security.index_sii; 1858 1859 ref.low = cpu_to_le32(MFT_REC_SECURE); 1860 ref.high = 0; 1861 ref.seq = cpu_to_le16(MFT_REC_SECURE); 1862 1863 inode = ntfs_iget5(sb, &ref, &NAME_SECURE); 1864 if (IS_ERR(inode)) { 1865 err = PTR_ERR(inode); 1866 ntfs_err(sb, "Failed to load $Secure (%d).", err); 1867 inode = NULL; 1868 goto out; 1869 } 1870 1871 ni = ntfs_i(inode); 1872 1873 le = NULL; 1874 1875 attr = ni_find_attr(ni, NULL, &le, ATTR_ROOT, SDH_NAME, 1876 ARRAY_SIZE(SDH_NAME), NULL, NULL); 1877 if (!attr || 1878 !(root_sdh = resident_data_ex(attr, sizeof(struct INDEX_ROOT))) || 1879 root_sdh->type != ATTR_ZERO || 1880 root_sdh->rule != NTFS_COLLATION_TYPE_SECURITY_HASH || 1881 offsetof(struct INDEX_ROOT, ihdr) + 1882 le32_to_cpu(root_sdh->ihdr.used) > 1883 le32_to_cpu(attr->res.data_size)) { 1884 ntfs_err(sb, "$Secure::$SDH is corrupted."); 1885 err = -EINVAL; 1886 goto out; 1887 } 1888 1889 err = indx_init(indx_sdh, sbi, attr, INDEX_MUTEX_SDH); 1890 if (err) { 1891 ntfs_err(sb, "Failed to initialize $Secure::$SDH (%d).", err); 1892 goto out; 1893 } 1894 1895 attr = ni_find_attr(ni, attr, &le, ATTR_ROOT, SII_NAME, 1896 ARRAY_SIZE(SII_NAME), NULL, NULL); 1897 if (!attr || 1898 !(root_sii = resident_data_ex(attr, sizeof(struct INDEX_ROOT))) || 1899 root_sii->type != ATTR_ZERO || 1900 root_sii->rule != NTFS_COLLATION_TYPE_UINT || 1901 offsetof(struct INDEX_ROOT, ihdr) + 1902 le32_to_cpu(root_sii->ihdr.used) > 1903 le32_to_cpu(attr->res.data_size)) { 1904 ntfs_err(sb, "$Secure::$SII is corrupted."); 1905 err = -EINVAL; 1906 goto out; 1907 } 1908 1909 err = indx_init(indx_sii, sbi, attr, INDEX_MUTEX_SII); 1910 if (err) { 1911 ntfs_err(sb, "Failed to initialize $Secure::$SII (%d).", err); 1912 goto out; 1913 } 1914 1915 fnd_sii = fnd_get(); 1916 if (!fnd_sii) { 1917 err = -ENOMEM; 1918 goto out; 1919 } 1920 1921 sds_size = inode->i_size; 1922 1923 /* Find the last valid Id. */ 1924 sbi->security.next_id = SECURITY_ID_FIRST; 1925 /* Always write new security at the end of bucket. */ 1926 sbi->security.next_off = 1927 ALIGN(sds_size - SecurityDescriptorsBlockSize, 16); 1928 1929 off = 0; 1930 ne = NULL; 1931 1932 for (;;) { 1933 u32 next_id; 1934 1935 err = indx_find_raw(indx_sii, ni, root_sii, &ne, &off, fnd_sii); 1936 if (err || !ne) 1937 break; 1938 1939 sii_e = (struct NTFS_DE_SII *)ne; 1940 if (le16_to_cpu(ne->view.data_size) < SIZEOF_SECURITY_HDR) 1941 continue; 1942 1943 next_id = le32_to_cpu(sii_e->sec_id) + 1; 1944 if (next_id >= sbi->security.next_id) 1945 sbi->security.next_id = next_id; 1946 } 1947 1948 sbi->security.ni = ni; 1949 inode = NULL; 1950 out: 1951 iput(inode); 1952 fnd_put(fnd_sii); 1953 1954 return err; 1955 } 1956 1957 /* 1958 * ntfs_get_security_by_id - Read security descriptor by id. 1959 */ 1960 int ntfs_get_security_by_id(struct ntfs_sb_info *sbi, __le32 security_id, 1961 struct SECURITY_DESCRIPTOR_RELATIVE **sd, 1962 size_t *size) 1963 { 1964 int err; 1965 int diff; 1966 struct ntfs_inode *ni = sbi->security.ni; 1967 struct ntfs_index *indx = &sbi->security.index_sii; 1968 void *p = NULL; 1969 struct NTFS_DE_SII *sii_e; 1970 struct ntfs_fnd *fnd_sii; 1971 struct SECURITY_HDR d_security; 1972 const struct INDEX_ROOT *root_sii; 1973 u32 t32; 1974 1975 *sd = NULL; 1976 1977 mutex_lock_nested(&ni->ni_lock, NTFS_INODE_MUTEX_SECURITY); 1978 1979 fnd_sii = fnd_get(); 1980 if (!fnd_sii) { 1981 err = -ENOMEM; 1982 goto out; 1983 } 1984 1985 root_sii = indx_get_root(indx, ni, NULL, NULL); 1986 if (!root_sii) { 1987 err = -EINVAL; 1988 goto out; 1989 } 1990 1991 /* Try to find this SECURITY descriptor in SII indexes. */ 1992 err = indx_find(indx, ni, root_sii, &security_id, sizeof(security_id), 1993 NULL, &diff, (struct NTFS_DE **)&sii_e, fnd_sii); 1994 if (err) 1995 goto out; 1996 1997 if (diff) 1998 goto out; 1999 2000 t32 = le32_to_cpu(sii_e->sec_hdr.size); 2001 if (t32 < SIZEOF_SECURITY_HDR) { 2002 err = -EINVAL; 2003 goto out; 2004 } 2005 2006 if (t32 > SIZEOF_SECURITY_HDR + 0x10000) { 2007 /* Looks like too big security. 0x10000 - is arbitrary big number. */ 2008 err = -EFBIG; 2009 goto out; 2010 } 2011 2012 *size = t32 - SIZEOF_SECURITY_HDR; 2013 2014 p = kmalloc(*size, GFP_NOFS); 2015 if (!p) { 2016 err = -ENOMEM; 2017 goto out; 2018 } 2019 2020 err = ntfs_read_run_nb(sbi, &ni->file.run, 2021 le64_to_cpu(sii_e->sec_hdr.off), &d_security, 2022 sizeof(d_security), NULL); 2023 if (err) 2024 goto out; 2025 2026 if (memcmp(&d_security, &sii_e->sec_hdr, SIZEOF_SECURITY_HDR)) { 2027 err = -EINVAL; 2028 goto out; 2029 } 2030 2031 err = ntfs_read_run_nb(sbi, &ni->file.run, 2032 le64_to_cpu(sii_e->sec_hdr.off) + 2033 SIZEOF_SECURITY_HDR, 2034 p, *size, NULL); 2035 if (err) 2036 goto out; 2037 2038 *sd = p; 2039 p = NULL; 2040 2041 out: 2042 kfree(p); 2043 fnd_put(fnd_sii); 2044 ni_unlock(ni); 2045 2046 return err; 2047 } 2048 2049 /* 2050 * ntfs_insert_security - Insert security descriptor into $Secure::SDS. 2051 * 2052 * SECURITY Descriptor Stream data is organized into chunks of 256K bytes 2053 * and it contains a mirror copy of each security descriptor. When writing 2054 * to a security descriptor at location X, another copy will be written at 2055 * location (X+256K). 2056 * When writing a security descriptor that will cross the 256K boundary, 2057 * the pointer will be advanced by 256K to skip 2058 * over the mirror portion. 2059 */ 2060 int ntfs_insert_security(struct ntfs_sb_info *sbi, 2061 const struct SECURITY_DESCRIPTOR_RELATIVE *sd, 2062 u32 size_sd, __le32 *security_id, bool *inserted) 2063 { 2064 int err, diff; 2065 struct ntfs_inode *ni = sbi->security.ni; 2066 struct ntfs_index *indx_sdh = &sbi->security.index_sdh; 2067 struct ntfs_index *indx_sii = &sbi->security.index_sii; 2068 struct NTFS_DE_SDH *e; 2069 struct NTFS_DE_SDH sdh_e; 2070 struct NTFS_DE_SII sii_e; 2071 struct SECURITY_HDR *d_security; 2072 u32 new_sec_size = size_sd + SIZEOF_SECURITY_HDR; 2073 u32 aligned_sec_size = ALIGN(new_sec_size, 16); 2074 struct SECURITY_KEY hash_key; 2075 struct ntfs_fnd *fnd_sdh = NULL; 2076 const struct INDEX_ROOT *root_sdh; 2077 const struct INDEX_ROOT *root_sii; 2078 u64 mirr_off, new_sds_size; 2079 u32 next, left; 2080 2081 static_assert((1 << Log2OfSecurityDescriptorsBlockSize) == 2082 SecurityDescriptorsBlockSize); 2083 2084 hash_key.hash = security_hash(sd, size_sd); 2085 hash_key.sec_id = SECURITY_ID_INVALID; 2086 2087 if (inserted) 2088 *inserted = false; 2089 *security_id = SECURITY_ID_INVALID; 2090 2091 /* Allocate a temporal buffer. */ 2092 d_security = kzalloc(aligned_sec_size, GFP_NOFS); 2093 if (!d_security) 2094 return -ENOMEM; 2095 2096 mutex_lock_nested(&ni->ni_lock, NTFS_INODE_MUTEX_SECURITY); 2097 2098 fnd_sdh = fnd_get(); 2099 if (!fnd_sdh) { 2100 err = -ENOMEM; 2101 goto out; 2102 } 2103 2104 root_sdh = indx_get_root(indx_sdh, ni, NULL, NULL); 2105 if (!root_sdh) { 2106 err = -EINVAL; 2107 goto out; 2108 } 2109 2110 root_sii = indx_get_root(indx_sii, ni, NULL, NULL); 2111 if (!root_sii) { 2112 err = -EINVAL; 2113 goto out; 2114 } 2115 2116 /* 2117 * Check if such security already exists. 2118 * Use "SDH" and hash -> to get the offset in "SDS". 2119 */ 2120 err = indx_find(indx_sdh, ni, root_sdh, &hash_key, sizeof(hash_key), 2121 &d_security->key.sec_id, &diff, (struct NTFS_DE **)&e, 2122 fnd_sdh); 2123 if (err) 2124 goto out; 2125 2126 while (e) { 2127 if (le32_to_cpu(e->sec_hdr.size) == new_sec_size) { 2128 err = ntfs_read_run_nb(sbi, &ni->file.run, 2129 le64_to_cpu(e->sec_hdr.off), 2130 d_security, new_sec_size, NULL); 2131 if (err) 2132 goto out; 2133 2134 if (le32_to_cpu(d_security->size) == new_sec_size && 2135 d_security->key.hash == hash_key.hash && 2136 !memcmp(d_security + 1, sd, size_sd)) { 2137 *security_id = d_security->key.sec_id; 2138 /* Such security already exists. */ 2139 err = 0; 2140 goto out; 2141 } 2142 } 2143 2144 err = indx_find_sort(indx_sdh, ni, root_sdh, 2145 (struct NTFS_DE **)&e, fnd_sdh); 2146 if (err) 2147 goto out; 2148 2149 if (!e || e->key.hash != hash_key.hash) 2150 break; 2151 } 2152 2153 /* Zero unused space. */ 2154 next = sbi->security.next_off & (SecurityDescriptorsBlockSize - 1); 2155 left = SecurityDescriptorsBlockSize - next; 2156 2157 /* Zero gap until SecurityDescriptorsBlockSize. */ 2158 if (left < new_sec_size) { 2159 /* Zero "left" bytes from sbi->security.next_off. */ 2160 sbi->security.next_off += SecurityDescriptorsBlockSize + left; 2161 } 2162 2163 /* Zero tail of previous security. */ 2164 //used = ni->vfs_inode.i_size & (SecurityDescriptorsBlockSize - 1); 2165 2166 /* 2167 * Example: 2168 * 0x40438 == ni->vfs_inode.i_size 2169 * 0x00440 == sbi->security.next_off 2170 * need to zero [0x438-0x440) 2171 * if (next > used) { 2172 * u32 tozero = next - used; 2173 * zero "tozero" bytes from sbi->security.next_off - tozero 2174 */ 2175 2176 /* Format new security descriptor. */ 2177 d_security->key.hash = hash_key.hash; 2178 d_security->key.sec_id = cpu_to_le32(sbi->security.next_id); 2179 d_security->off = cpu_to_le64(sbi->security.next_off); 2180 d_security->size = cpu_to_le32(new_sec_size); 2181 memcpy(d_security + 1, sd, size_sd); 2182 2183 /* Write main SDS bucket. */ 2184 err = ntfs_sb_write_run(sbi, &ni->file.run, sbi->security.next_off, 2185 d_security, aligned_sec_size, 0); 2186 2187 if (err) 2188 goto out; 2189 2190 mirr_off = sbi->security.next_off + SecurityDescriptorsBlockSize; 2191 new_sds_size = mirr_off + aligned_sec_size; 2192 2193 if (new_sds_size > ni->vfs_inode.i_size) { 2194 err = attr_set_size(ni, ATTR_DATA, SDS_NAME, 2195 ARRAY_SIZE(SDS_NAME), &ni->file.run, 2196 new_sds_size, &new_sds_size, false, NULL); 2197 if (err) 2198 goto out; 2199 } 2200 2201 /* Write copy SDS bucket. */ 2202 err = ntfs_sb_write_run(sbi, &ni->file.run, mirr_off, d_security, 2203 aligned_sec_size, 0); 2204 if (err) 2205 goto out; 2206 2207 /* Fill SII entry. */ 2208 sii_e.de.view.data_off = 2209 cpu_to_le16(offsetof(struct NTFS_DE_SII, sec_hdr)); 2210 sii_e.de.view.data_size = cpu_to_le16(SIZEOF_SECURITY_HDR); 2211 sii_e.de.view.res = 0; 2212 sii_e.de.size = cpu_to_le16(SIZEOF_SII_DIRENTRY); 2213 sii_e.de.key_size = cpu_to_le16(sizeof(d_security->key.sec_id)); 2214 sii_e.de.flags = 0; 2215 sii_e.de.res = 0; 2216 sii_e.sec_id = d_security->key.sec_id; 2217 memcpy(&sii_e.sec_hdr, d_security, SIZEOF_SECURITY_HDR); 2218 2219 err = indx_insert_entry(indx_sii, ni, &sii_e.de, NULL, NULL, 0); 2220 if (err) 2221 goto out; 2222 2223 /* Fill SDH entry. */ 2224 sdh_e.de.view.data_off = 2225 cpu_to_le16(offsetof(struct NTFS_DE_SDH, sec_hdr)); 2226 sdh_e.de.view.data_size = cpu_to_le16(SIZEOF_SECURITY_HDR); 2227 sdh_e.de.view.res = 0; 2228 sdh_e.de.size = cpu_to_le16(SIZEOF_SDH_DIRENTRY); 2229 sdh_e.de.key_size = cpu_to_le16(sizeof(sdh_e.key)); 2230 sdh_e.de.flags = 0; 2231 sdh_e.de.res = 0; 2232 sdh_e.key.hash = d_security->key.hash; 2233 sdh_e.key.sec_id = d_security->key.sec_id; 2234 memcpy(&sdh_e.sec_hdr, d_security, SIZEOF_SECURITY_HDR); 2235 sdh_e.magic[0] = cpu_to_le16('I'); 2236 sdh_e.magic[1] = cpu_to_le16('I'); 2237 2238 fnd_clear(fnd_sdh); 2239 err = indx_insert_entry(indx_sdh, ni, &sdh_e.de, (void *)(size_t)1, 2240 fnd_sdh, 0); 2241 if (err) 2242 goto out; 2243 2244 *security_id = d_security->key.sec_id; 2245 if (inserted) 2246 *inserted = true; 2247 2248 /* Update Id and offset for next descriptor. */ 2249 sbi->security.next_id += 1; 2250 sbi->security.next_off += aligned_sec_size; 2251 2252 out: 2253 fnd_put(fnd_sdh); 2254 mark_inode_dirty(&ni->vfs_inode); 2255 ni_unlock(ni); 2256 kfree(d_security); 2257 2258 return err; 2259 } 2260 2261 /* 2262 * ntfs_reparse_init - Load and parse $Extend/$Reparse. 2263 */ 2264 int ntfs_reparse_init(struct ntfs_sb_info *sbi) 2265 { 2266 int err; 2267 struct ntfs_inode *ni = sbi->reparse.ni; 2268 struct ntfs_index *indx = &sbi->reparse.index_r; 2269 struct ATTRIB *attr; 2270 struct ATTR_LIST_ENTRY *le; 2271 const struct INDEX_ROOT *root_r; 2272 2273 if (!ni) 2274 return 0; 2275 2276 le = NULL; 2277 attr = ni_find_attr(ni, NULL, &le, ATTR_ROOT, SR_NAME, 2278 ARRAY_SIZE(SR_NAME), NULL, NULL); 2279 if (!attr) { 2280 err = -EINVAL; 2281 goto out; 2282 } 2283 2284 root_r = resident_data(attr); 2285 if (root_r->type != ATTR_ZERO || 2286 root_r->rule != NTFS_COLLATION_TYPE_UINTS) { 2287 err = -EINVAL; 2288 goto out; 2289 } 2290 2291 err = indx_init(indx, sbi, attr, INDEX_MUTEX_SR); 2292 if (err) 2293 goto out; 2294 2295 out: 2296 return err; 2297 } 2298 2299 /* 2300 * ntfs_objid_init - Load and parse $Extend/$ObjId. 2301 */ 2302 int ntfs_objid_init(struct ntfs_sb_info *sbi) 2303 { 2304 int err; 2305 struct ntfs_inode *ni = sbi->objid.ni; 2306 struct ntfs_index *indx = &sbi->objid.index_o; 2307 struct ATTRIB *attr; 2308 struct ATTR_LIST_ENTRY *le; 2309 const struct INDEX_ROOT *root; 2310 2311 if (!ni) 2312 return 0; 2313 2314 le = NULL; 2315 attr = ni_find_attr(ni, NULL, &le, ATTR_ROOT, SO_NAME, 2316 ARRAY_SIZE(SO_NAME), NULL, NULL); 2317 if (!attr) { 2318 err = -EINVAL; 2319 goto out; 2320 } 2321 2322 root = resident_data(attr); 2323 if (root->type != ATTR_ZERO || 2324 root->rule != NTFS_COLLATION_TYPE_UINTS) { 2325 err = -EINVAL; 2326 goto out; 2327 } 2328 2329 err = indx_init(indx, sbi, attr, INDEX_MUTEX_SO); 2330 if (err) 2331 goto out; 2332 2333 out: 2334 return err; 2335 } 2336 2337 int ntfs_objid_remove(struct ntfs_sb_info *sbi, struct GUID *guid) 2338 { 2339 int err; 2340 struct ntfs_inode *ni = sbi->objid.ni; 2341 struct ntfs_index *indx = &sbi->objid.index_o; 2342 2343 if (!ni) 2344 return -EINVAL; 2345 2346 mutex_lock_nested(&ni->ni_lock, NTFS_INODE_MUTEX_OBJID); 2347 2348 err = indx_delete_entry(indx, ni, guid, sizeof(*guid), NULL); 2349 2350 mark_inode_dirty(&ni->vfs_inode); 2351 ni_unlock(ni); 2352 2353 return err; 2354 } 2355 2356 int ntfs_insert_reparse(struct ntfs_sb_info *sbi, __le32 rtag, 2357 const struct MFT_REF *ref) 2358 { 2359 int err; 2360 struct ntfs_inode *ni = sbi->reparse.ni; 2361 struct ntfs_index *indx = &sbi->reparse.index_r; 2362 struct NTFS_DE_R re; 2363 2364 if (!ni) 2365 return -EINVAL; 2366 2367 memset(&re, 0, sizeof(re)); 2368 2369 re.de.view.data_off = cpu_to_le16(offsetof(struct NTFS_DE_R, zero)); 2370 re.de.size = cpu_to_le16(sizeof(struct NTFS_DE_R)); 2371 re.de.key_size = cpu_to_le16(sizeof(re.key)); 2372 2373 re.key.ReparseTag = rtag; 2374 memcpy(&re.key.ref, ref, sizeof(*ref)); 2375 2376 mutex_lock_nested(&ni->ni_lock, NTFS_INODE_MUTEX_REPARSE); 2377 2378 err = indx_insert_entry(indx, ni, &re.de, NULL, NULL, 0); 2379 2380 mark_inode_dirty(&ni->vfs_inode); 2381 ni_unlock(ni); 2382 2383 return err; 2384 } 2385 2386 int ntfs_remove_reparse(struct ntfs_sb_info *sbi, __le32 rtag, 2387 const struct MFT_REF *ref) 2388 { 2389 int err, diff; 2390 struct ntfs_inode *ni = sbi->reparse.ni; 2391 struct ntfs_index *indx = &sbi->reparse.index_r; 2392 struct ntfs_fnd *fnd = NULL; 2393 struct REPARSE_KEY rkey; 2394 struct NTFS_DE_R *re; 2395 struct INDEX_ROOT *root_r; 2396 2397 if (!ni) 2398 return -EINVAL; 2399 2400 rkey.ReparseTag = rtag; 2401 rkey.ref = *ref; 2402 2403 mutex_lock_nested(&ni->ni_lock, NTFS_INODE_MUTEX_REPARSE); 2404 2405 if (rtag) { 2406 err = indx_delete_entry(indx, ni, &rkey, sizeof(rkey), NULL); 2407 goto out1; 2408 } 2409 2410 fnd = fnd_get(); 2411 if (!fnd) { 2412 err = -ENOMEM; 2413 goto out1; 2414 } 2415 2416 root_r = indx_get_root(indx, ni, NULL, NULL); 2417 if (!root_r) { 2418 err = -EINVAL; 2419 goto out; 2420 } 2421 2422 /* 1 - forces to ignore rkey.ReparseTag when comparing keys. */ 2423 err = indx_find(indx, ni, root_r, &rkey, sizeof(rkey), (void *)1, &diff, 2424 (struct NTFS_DE **)&re, fnd); 2425 if (err) 2426 goto out; 2427 2428 if (memcmp(&re->key.ref, ref, sizeof(*ref))) { 2429 /* Impossible. Looks like volume corrupt? */ 2430 goto out; 2431 } 2432 2433 memcpy(&rkey, &re->key, sizeof(rkey)); 2434 2435 fnd_put(fnd); 2436 fnd = NULL; 2437 2438 err = indx_delete_entry(indx, ni, &rkey, sizeof(rkey), NULL); 2439 if (err) 2440 goto out; 2441 2442 out: 2443 fnd_put(fnd); 2444 2445 out1: 2446 mark_inode_dirty(&ni->vfs_inode); 2447 ni_unlock(ni); 2448 2449 return err; 2450 } 2451 2452 static inline void ntfs_unmap_and_discard(struct ntfs_sb_info *sbi, CLST lcn, 2453 CLST len) 2454 { 2455 ntfs_unmap_meta(sbi->sb, lcn, len); 2456 ntfs_discard(sbi, lcn, len); 2457 } 2458 2459 void mark_as_free_ex(struct ntfs_sb_info *sbi, CLST lcn, CLST len, bool trim) 2460 { 2461 CLST end, i, zone_len, zlen; 2462 struct wnd_bitmap *wnd = &sbi->used.bitmap; 2463 2464 down_write_nested(&wnd->rw_lock, BITMAP_MUTEX_CLUSTERS); 2465 if (!wnd_is_used(wnd, lcn, len)) { 2466 ntfs_set_state(sbi, NTFS_DIRTY_ERROR); 2467 2468 end = lcn + len; 2469 len = 0; 2470 for (i = lcn; i < end; i++) { 2471 if (wnd_is_used(wnd, i, 1)) { 2472 if (!len) 2473 lcn = i; 2474 len += 1; 2475 continue; 2476 } 2477 2478 if (!len) 2479 continue; 2480 2481 if (trim) 2482 ntfs_unmap_and_discard(sbi, lcn, len); 2483 2484 wnd_set_free(wnd, lcn, len); 2485 len = 0; 2486 } 2487 2488 if (!len) 2489 goto out; 2490 } 2491 2492 if (trim) 2493 ntfs_unmap_and_discard(sbi, lcn, len); 2494 wnd_set_free(wnd, lcn, len); 2495 2496 /* append to MFT zone, if possible. */ 2497 zone_len = wnd_zone_len(wnd); 2498 zlen = min(zone_len + len, sbi->zone_max); 2499 2500 if (zlen == zone_len) { 2501 /* MFT zone already has maximum size. */ 2502 } else if (!zone_len) { 2503 /* Create MFT zone only if 'zlen' is large enough. */ 2504 if (zlen == sbi->zone_max) 2505 wnd_zone_set(wnd, lcn, zlen); 2506 } else { 2507 CLST zone_lcn = wnd_zone_bit(wnd); 2508 2509 if (lcn + len == zone_lcn) { 2510 /* Append into head MFT zone. */ 2511 wnd_zone_set(wnd, lcn, zlen); 2512 } else if (zone_lcn + zone_len == lcn) { 2513 /* Append into tail MFT zone. */ 2514 wnd_zone_set(wnd, zone_lcn, zlen); 2515 } 2516 } 2517 2518 out: 2519 up_write(&wnd->rw_lock); 2520 } 2521 2522 /* 2523 * run_deallocate - Deallocate clusters. 2524 */ 2525 int run_deallocate(struct ntfs_sb_info *sbi, struct runs_tree *run, bool trim) 2526 { 2527 CLST lcn, len; 2528 size_t idx = 0; 2529 2530 while (run_get_entry(run, idx++, NULL, &lcn, &len)) { 2531 if (lcn == SPARSE_LCN) 2532 continue; 2533 2534 mark_as_free_ex(sbi, lcn, len, trim); 2535 } 2536 2537 return 0; 2538 } 2539 2540 static inline bool name_has_forbidden_chars(const struct le_str *fname) 2541 { 2542 int i, ch; 2543 2544 /* check for forbidden chars */ 2545 for (i = 0; i < fname->len; ++i) { 2546 ch = le16_to_cpu(fname->name[i]); 2547 2548 /* control chars */ 2549 if (ch < 0x20) 2550 return true; 2551 2552 switch (ch) { 2553 /* disallowed by Windows */ 2554 case '\\': 2555 case '/': 2556 case ':': 2557 case '*': 2558 case '?': 2559 case '<': 2560 case '>': 2561 case '|': 2562 case '\"': 2563 return true; 2564 2565 default: 2566 /* allowed char */ 2567 break; 2568 } 2569 } 2570 2571 /* file names cannot end with space or . */ 2572 if (fname->len > 0) { 2573 ch = le16_to_cpu(fname->name[fname->len - 1]); 2574 if (ch == ' ' || ch == '.') 2575 return true; 2576 } 2577 2578 return false; 2579 } 2580 2581 static inline bool is_reserved_name(struct ntfs_sb_info *sbi, 2582 const struct le_str *fname) 2583 { 2584 int port_digit; 2585 const __le16 *name = fname->name; 2586 int len = fname->len; 2587 u16 *upcase = sbi->upcase; 2588 2589 /* check for 3 chars reserved names (device names) */ 2590 /* name by itself or with any extension is forbidden */ 2591 if (len == 3 || (len > 3 && le16_to_cpu(name[3]) == '.')) 2592 if (!ntfs_cmp_names(name, 3, CON_NAME, 3, upcase, false) || 2593 !ntfs_cmp_names(name, 3, NUL_NAME, 3, upcase, false) || 2594 !ntfs_cmp_names(name, 3, AUX_NAME, 3, upcase, false) || 2595 !ntfs_cmp_names(name, 3, PRN_NAME, 3, upcase, false)) 2596 return true; 2597 2598 /* check for 4 chars reserved names (port name followed by 1..9) */ 2599 /* name by itself or with any extension is forbidden */ 2600 if (len == 4 || (len > 4 && le16_to_cpu(name[4]) == '.')) { 2601 port_digit = le16_to_cpu(name[3]); 2602 if (port_digit >= '1' && port_digit <= '9') 2603 if (!ntfs_cmp_names(name, 3, COM_NAME, 3, upcase, 2604 false) || 2605 !ntfs_cmp_names(name, 3, LPT_NAME, 3, upcase, 2606 false)) 2607 return true; 2608 } 2609 2610 return false; 2611 } 2612 2613 /* 2614 * valid_windows_name - Check if a file name is valid in Windows. 2615 */ 2616 bool valid_windows_name(struct ntfs_sb_info *sbi, const struct le_str *fname) 2617 { 2618 return !name_has_forbidden_chars(fname) && 2619 !is_reserved_name(sbi, fname); 2620 } 2621