1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Copyright (C) 2022 Oracle. All Rights Reserved. 4 * Author: Allison Henderson <allison.henderson@oracle.com> 5 */ 6 7 #include "xfs_platform.h" 8 #include "xfs_fs.h" 9 #include "xfs_format.h" 10 #include "xfs_trans_resv.h" 11 #include "xfs_shared.h" 12 #include "xfs_mount.h" 13 #include "xfs_defer.h" 14 #include "xfs_log_format.h" 15 #include "xfs_trans.h" 16 #include "xfs_bmap_btree.h" 17 #include "xfs_trans_priv.h" 18 #include "xfs_log.h" 19 #include "xfs_inode.h" 20 #include "xfs_da_format.h" 21 #include "xfs_da_btree.h" 22 #include "xfs_attr.h" 23 #include "xfs_attr_item.h" 24 #include "xfs_trace.h" 25 #include "xfs_trans_space.h" 26 #include "xfs_errortag.h" 27 #include "xfs_error.h" 28 #include "xfs_log_priv.h" 29 #include "xfs_log_recover.h" 30 #include "xfs_parent.h" 31 32 struct kmem_cache *xfs_attri_cache; 33 struct kmem_cache *xfs_attrd_cache; 34 35 static const struct xfs_item_ops xfs_attri_item_ops; 36 static const struct xfs_item_ops xfs_attrd_item_ops; 37 38 static inline struct xfs_attri_log_item *ATTRI_ITEM(struct xfs_log_item *lip) 39 { 40 return container_of(lip, struct xfs_attri_log_item, attri_item); 41 } 42 43 /* 44 * Shared xattr name/value buffers for logged extended attribute operations 45 * 46 * When logging updates to extended attributes, we can create quite a few 47 * attribute log intent items for a single xattr update. To avoid cycling the 48 * memory allocator and memcpy overhead, the name (and value, for setxattr) 49 * are kept in a refcounted object that is shared across all related log items 50 * and the upper-level deferred work state structure. The shared buffer has 51 * a control structure, followed by the name, and then the value. 52 */ 53 54 static inline struct xfs_attri_log_nameval * 55 xfs_attri_log_nameval_get( 56 struct xfs_attri_log_nameval *nv) 57 { 58 if (!refcount_inc_not_zero(&nv->refcount)) 59 return NULL; 60 return nv; 61 } 62 63 static inline void 64 xfs_attri_log_nameval_put( 65 struct xfs_attri_log_nameval *nv) 66 { 67 if (!nv) 68 return; 69 if (refcount_dec_and_test(&nv->refcount)) 70 kvfree(nv); 71 } 72 73 static inline struct xfs_attri_log_nameval * 74 xfs_attri_log_nameval_alloc( 75 const void *name, 76 unsigned int name_len, 77 const void *new_name, 78 unsigned int new_name_len, 79 const void *value, 80 unsigned int value_len, 81 const void *new_value, 82 unsigned int new_value_len) 83 { 84 struct xfs_attri_log_nameval *nv; 85 86 /* 87 * This could be over 64kB in length, so we have to use kvmalloc() for 88 * this. But kvmalloc() utterly sucks, so we use our own version. 89 */ 90 nv = xlog_kvmalloc(sizeof(struct xfs_attri_log_nameval) + 91 name_len + new_name_len + value_len + 92 new_value_len); 93 94 nv->name.iov_base = nv + 1; 95 nv->name.iov_len = name_len; 96 memcpy(nv->name.iov_base, name, name_len); 97 98 if (new_name_len) { 99 nv->new_name.iov_base = nv->name.iov_base + name_len; 100 nv->new_name.iov_len = new_name_len; 101 memcpy(nv->new_name.iov_base, new_name, new_name_len); 102 } else { 103 nv->new_name.iov_base = NULL; 104 nv->new_name.iov_len = 0; 105 } 106 107 if (value_len) { 108 nv->value.iov_base = nv->name.iov_base + name_len + new_name_len; 109 nv->value.iov_len = value_len; 110 memcpy(nv->value.iov_base, value, value_len); 111 } else { 112 nv->value.iov_base = NULL; 113 nv->value.iov_len = 0; 114 } 115 116 if (new_value_len) { 117 nv->new_value.iov_base = nv->name.iov_base + name_len + 118 new_name_len + value_len; 119 nv->new_value.iov_len = new_value_len; 120 memcpy(nv->new_value.iov_base, new_value, new_value_len); 121 } else { 122 nv->new_value.iov_base = NULL; 123 nv->new_value.iov_len = 0; 124 } 125 126 refcount_set(&nv->refcount, 1); 127 return nv; 128 } 129 130 STATIC void 131 xfs_attri_item_free( 132 struct xfs_attri_log_item *attrip) 133 { 134 kvfree(attrip->attri_item.li_lv_shadow); 135 xfs_attri_log_nameval_put(attrip->attri_nameval); 136 kmem_cache_free(xfs_attri_cache, attrip); 137 } 138 139 /* 140 * Freeing the attrip requires that we remove it from the AIL if it has already 141 * been placed there. However, the ATTRI may not yet have been placed in the 142 * AIL when called by xfs_attri_release() from ATTRD processing due to the 143 * ordering of committed vs unpin operations in bulk insert operations. Hence 144 * the reference count to ensure only the last caller frees the ATTRI. 145 */ 146 STATIC void 147 xfs_attri_release( 148 struct xfs_attri_log_item *attrip) 149 { 150 ASSERT(atomic_read(&attrip->attri_refcount) > 0); 151 if (!atomic_dec_and_test(&attrip->attri_refcount)) 152 return; 153 154 xfs_trans_ail_delete(&attrip->attri_item, 0); 155 xfs_attri_item_free(attrip); 156 } 157 158 STATIC void 159 xfs_attri_item_size( 160 struct xfs_log_item *lip, 161 int *nvecs, 162 int *nbytes) 163 { 164 struct xfs_attri_log_item *attrip = ATTRI_ITEM(lip); 165 struct xfs_attri_log_nameval *nv = attrip->attri_nameval; 166 167 *nvecs += 2; 168 *nbytes += sizeof(struct xfs_attri_log_format) + 169 xlog_calc_iovec_len(nv->name.iov_len); 170 171 if (nv->new_name.iov_len) { 172 *nvecs += 1; 173 *nbytes += xlog_calc_iovec_len(nv->new_name.iov_len); 174 } 175 176 if (nv->value.iov_len) { 177 *nvecs += 1; 178 *nbytes += xlog_calc_iovec_len(nv->value.iov_len); 179 } 180 181 if (nv->new_value.iov_len) { 182 *nvecs += 1; 183 *nbytes += xlog_calc_iovec_len(nv->new_value.iov_len); 184 } 185 } 186 187 /* 188 * This is called to fill in the log iovecs for the given attri log 189 * item. We use 1 iovec for the attri_format_item, 1 for the name, and 190 * another for the value if it is present 191 */ 192 STATIC void 193 xfs_attri_item_format( 194 struct xfs_log_item *lip, 195 struct xlog_format_buf *lfb) 196 { 197 struct xfs_attri_log_item *attrip = ATTRI_ITEM(lip); 198 struct xfs_attri_log_nameval *nv = attrip->attri_nameval; 199 200 attrip->attri_format.alfi_type = XFS_LI_ATTRI; 201 attrip->attri_format.alfi_size = 1; 202 203 /* 204 * This size accounting must be done before copying the attrip into the 205 * iovec. If we do it after, the wrong size will be recorded to the log 206 * and we trip across assertion checks for bad region sizes later during 207 * the log recovery. 208 */ 209 210 ASSERT(nv->name.iov_len > 0); 211 attrip->attri_format.alfi_size++; 212 213 if (nv->new_name.iov_len > 0) 214 attrip->attri_format.alfi_size++; 215 216 if (nv->value.iov_len > 0) 217 attrip->attri_format.alfi_size++; 218 219 if (nv->new_value.iov_len > 0) 220 attrip->attri_format.alfi_size++; 221 222 xlog_format_copy(lfb, XLOG_REG_TYPE_ATTRI_FORMAT, &attrip->attri_format, 223 sizeof(struct xfs_attri_log_format)); 224 225 xlog_format_copy(lfb, XLOG_REG_TYPE_ATTR_NAME, nv->name.iov_base, 226 nv->name.iov_len); 227 228 if (nv->new_name.iov_len > 0) 229 xlog_format_copy(lfb, XLOG_REG_TYPE_ATTR_NEWNAME, 230 nv->new_name.iov_base, nv->new_name.iov_len); 231 232 if (nv->value.iov_len > 0) 233 xlog_format_copy(lfb, XLOG_REG_TYPE_ATTR_VALUE, 234 nv->value.iov_base, nv->value.iov_len); 235 236 if (nv->new_value.iov_len > 0) 237 xlog_format_copy(lfb, XLOG_REG_TYPE_ATTR_NEWVALUE, 238 nv->new_value.iov_base, nv->new_value.iov_len); 239 } 240 241 /* 242 * The unpin operation is the last place an ATTRI is manipulated in the log. It 243 * is either inserted in the AIL or aborted in the event of a log I/O error. In 244 * either case, the ATTRI transaction has been successfully committed to make 245 * it this far. Therefore, we expect whoever committed the ATTRI to either 246 * construct and commit the ATTRD or drop the ATTRD's reference in the event of 247 * error. Simply drop the log's ATTRI reference now that the log is done with 248 * it. 249 */ 250 STATIC void 251 xfs_attri_item_unpin( 252 struct xfs_log_item *lip, 253 int remove) 254 { 255 xfs_attri_release(ATTRI_ITEM(lip)); 256 } 257 258 259 STATIC void 260 xfs_attri_item_release( 261 struct xfs_log_item *lip) 262 { 263 xfs_attri_release(ATTRI_ITEM(lip)); 264 } 265 266 /* 267 * Allocate and initialize an attri item. Caller may allocate an additional 268 * trailing buffer for name and value 269 */ 270 STATIC struct xfs_attri_log_item * 271 xfs_attri_init( 272 struct xfs_mount *mp, 273 struct xfs_attri_log_nameval *nv) 274 { 275 struct xfs_attri_log_item *attrip; 276 277 attrip = kmem_cache_zalloc(xfs_attri_cache, GFP_KERNEL | __GFP_NOFAIL); 278 279 /* 280 * Grab an extra reference to the name/value buffer for this log item. 281 * The caller retains its own reference! 282 */ 283 attrip->attri_nameval = xfs_attri_log_nameval_get(nv); 284 ASSERT(attrip->attri_nameval); 285 286 xfs_log_item_init(mp, &attrip->attri_item, XFS_LI_ATTRI, 287 &xfs_attri_item_ops); 288 attrip->attri_format.alfi_id = (uintptr_t)(void *)attrip; 289 atomic_set(&attrip->attri_refcount, 2); 290 291 return attrip; 292 } 293 294 static inline struct xfs_attrd_log_item *ATTRD_ITEM(struct xfs_log_item *lip) 295 { 296 return container_of(lip, struct xfs_attrd_log_item, attrd_item); 297 } 298 299 STATIC void 300 xfs_attrd_item_free(struct xfs_attrd_log_item *attrdp) 301 { 302 kvfree(attrdp->attrd_item.li_lv_shadow); 303 kmem_cache_free(xfs_attrd_cache, attrdp); 304 } 305 306 STATIC void 307 xfs_attrd_item_size( 308 struct xfs_log_item *lip, 309 int *nvecs, 310 int *nbytes) 311 { 312 *nvecs += 1; 313 *nbytes += sizeof(struct xfs_attrd_log_format); 314 } 315 316 /* 317 * This is called to fill in the log iovecs for the given attrd log item. We use 318 * only 1 iovec for the attrd_format, and we point that at the attr_log_format 319 * structure embedded in the attrd item. 320 */ 321 STATIC void 322 xfs_attrd_item_format( 323 struct xfs_log_item *lip, 324 struct xlog_format_buf *lfb) 325 { 326 struct xfs_attrd_log_item *attrdp = ATTRD_ITEM(lip); 327 328 attrdp->attrd_format.alfd_type = XFS_LI_ATTRD; 329 attrdp->attrd_format.alfd_size = 1; 330 331 xlog_format_copy(lfb, XLOG_REG_TYPE_ATTRD_FORMAT, 332 &attrdp->attrd_format, 333 sizeof(struct xfs_attrd_log_format)); 334 } 335 336 /* 337 * The ATTRD is either committed or aborted if the transaction is canceled. If 338 * the transaction is canceled, drop our reference to the ATTRI and free the 339 * ATTRD. 340 */ 341 STATIC void 342 xfs_attrd_item_release( 343 struct xfs_log_item *lip) 344 { 345 struct xfs_attrd_log_item *attrdp = ATTRD_ITEM(lip); 346 347 xfs_attri_release(attrdp->attrd_attrip); 348 xfs_attrd_item_free(attrdp); 349 } 350 351 static struct xfs_log_item * 352 xfs_attrd_item_intent( 353 struct xfs_log_item *lip) 354 { 355 return &ATTRD_ITEM(lip)->attrd_attrip->attri_item; 356 } 357 358 static inline unsigned int 359 xfs_attr_log_item_op(const struct xfs_attri_log_format *attrp) 360 { 361 return attrp->alfi_op_flags & XFS_ATTRI_OP_FLAGS_TYPE_MASK; 362 } 363 364 /* Log an attr to the intent item. */ 365 STATIC void 366 xfs_attr_log_item( 367 struct xfs_trans *tp, 368 struct xfs_attri_log_item *attrip, 369 const struct xfs_attr_intent *attr) 370 { 371 struct xfs_attri_log_format *attrp; 372 struct xfs_attri_log_nameval *nv = attr->xattri_nameval; 373 struct xfs_da_args *args = attr->xattri_da_args; 374 375 /* 376 * At this point the xfs_attr_intent has been constructed, and we've 377 * created the log intent. Fill in the attri log item and log format 378 * structure with fields from this xfs_attr_intent 379 */ 380 attrp = &attrip->attri_format; 381 attrp->alfi_ino = args->dp->i_ino; 382 ASSERT(!(attr->xattri_op_flags & ~XFS_ATTRI_OP_FLAGS_TYPE_MASK)); 383 attrp->alfi_op_flags = attr->xattri_op_flags; 384 attrp->alfi_value_len = nv->value.iov_len; 385 386 switch (xfs_attr_log_item_op(attrp)) { 387 case XFS_ATTRI_OP_FLAGS_PPTR_REPLACE: 388 ASSERT(nv->value.iov_len == nv->new_value.iov_len); 389 390 attrp->alfi_igen = VFS_I(args->dp)->i_generation; 391 attrp->alfi_old_name_len = nv->name.iov_len; 392 attrp->alfi_new_name_len = nv->new_name.iov_len; 393 break; 394 case XFS_ATTRI_OP_FLAGS_PPTR_REMOVE: 395 case XFS_ATTRI_OP_FLAGS_PPTR_SET: 396 attrp->alfi_igen = VFS_I(args->dp)->i_generation; 397 fallthrough; 398 default: 399 attrp->alfi_name_len = nv->name.iov_len; 400 break; 401 } 402 403 ASSERT(!(args->attr_filter & ~XFS_ATTRI_FILTER_MASK)); 404 attrp->alfi_attr_filter = args->attr_filter; 405 } 406 407 /* Get an ATTRI. */ 408 static struct xfs_log_item * 409 xfs_attr_create_intent( 410 struct xfs_trans *tp, 411 struct list_head *items, 412 unsigned int count, 413 bool sort) 414 { 415 struct xfs_mount *mp = tp->t_mountp; 416 struct xfs_attri_log_item *attrip; 417 struct xfs_attr_intent *attr; 418 struct xfs_da_args *args; 419 420 ASSERT(count == 1); 421 422 /* 423 * Each attr item only performs one attribute operation at a time, so 424 * this is a list of one 425 */ 426 attr = list_first_entry_or_null(items, struct xfs_attr_intent, 427 xattri_list); 428 args = attr->xattri_da_args; 429 430 if (!(args->op_flags & XFS_DA_OP_LOGGED)) 431 return NULL; 432 433 /* 434 * Create a buffer to store the attribute name and value. This buffer 435 * will be shared between the higher level deferred xattr work state 436 * and the lower level xattr log items. 437 */ 438 if (!attr->xattri_nameval) { 439 /* 440 * Transfer our reference to the name/value buffer to the 441 * deferred work state structure. 442 */ 443 attr->xattri_nameval = xfs_attri_log_nameval_alloc( 444 args->name, args->namelen, 445 args->new_name, args->new_namelen, 446 args->value, args->valuelen, 447 args->new_value, args->new_valuelen); 448 } 449 450 attrip = xfs_attri_init(mp, attr->xattri_nameval); 451 xfs_attr_log_item(tp, attrip, attr); 452 453 return &attrip->attri_item; 454 } 455 456 static inline void 457 xfs_attr_free_item( 458 struct xfs_attr_intent *attr) 459 { 460 if (attr->xattri_da_state) 461 xfs_da_state_free(attr->xattri_da_state); 462 xfs_attri_log_nameval_put(attr->xattri_nameval); 463 if (attr->xattri_da_args->op_flags & XFS_DA_OP_RECOVERY) 464 kfree(attr); 465 else 466 kmem_cache_free(xfs_attr_intent_cache, attr); 467 } 468 469 static inline struct xfs_attr_intent *attri_entry(const struct list_head *e) 470 { 471 return list_entry(e, struct xfs_attr_intent, xattri_list); 472 } 473 474 /* Process an attr. */ 475 STATIC int 476 xfs_attr_finish_item( 477 struct xfs_trans *tp, 478 struct xfs_log_item *done, 479 struct list_head *item, 480 struct xfs_btree_cur **state) 481 { 482 struct xfs_attr_intent *attr = attri_entry(item); 483 struct xfs_da_args *args; 484 int error; 485 486 args = attr->xattri_da_args; 487 488 /* Reset trans after EAGAIN cycle since the transaction is new */ 489 args->trans = tp; 490 491 if (XFS_TEST_ERROR(args->dp->i_mount, XFS_ERRTAG_LARP)) { 492 error = -EIO; 493 goto out; 494 } 495 496 /* If an attr removal is trivially complete, we're done. */ 497 if (attr->xattri_op_flags == XFS_ATTRI_OP_FLAGS_REMOVE && 498 !xfs_inode_hasattr(args->dp)) { 499 error = 0; 500 goto out; 501 } 502 503 error = xfs_attr_set_iter(attr); 504 if (!error && attr->xattri_dela_state != XFS_DAS_DONE) 505 return -EAGAIN; 506 507 out: 508 xfs_attr_free_item(attr); 509 return error; 510 } 511 512 /* Abort all pending ATTRs. */ 513 STATIC void 514 xfs_attr_abort_intent( 515 struct xfs_log_item *intent) 516 { 517 xfs_attri_release(ATTRI_ITEM(intent)); 518 } 519 520 /* Cancel an attr */ 521 STATIC void 522 xfs_attr_cancel_item( 523 struct list_head *item) 524 { 525 struct xfs_attr_intent *attr = attri_entry(item); 526 527 xfs_attr_free_item(attr); 528 } 529 530 STATIC bool 531 xfs_attri_item_match( 532 struct xfs_log_item *lip, 533 uint64_t intent_id) 534 { 535 return ATTRI_ITEM(lip)->attri_format.alfi_id == intent_id; 536 } 537 538 static inline bool 539 xfs_attri_validate_namelen(unsigned int namelen) 540 { 541 return namelen > 0 && namelen <= XATTR_NAME_MAX; 542 } 543 544 /* Is this recovered ATTRI format ok? */ 545 static inline bool 546 xfs_attri_validate( 547 struct xfs_mount *mp, 548 struct xfs_attri_log_format *attrp) 549 { 550 unsigned int op = xfs_attr_log_item_op(attrp); 551 552 if (attrp->alfi_op_flags & ~XFS_ATTRI_OP_FLAGS_TYPE_MASK) 553 return false; 554 555 if (attrp->alfi_attr_filter & ~XFS_ATTRI_FILTER_MASK) 556 return false; 557 558 if (!xfs_attr_check_namespace(attrp->alfi_attr_filter & 559 XFS_ATTR_NSP_ONDISK_MASK)) 560 return false; 561 562 switch (op) { 563 case XFS_ATTRI_OP_FLAGS_PPTR_SET: 564 case XFS_ATTRI_OP_FLAGS_PPTR_REMOVE: 565 if (!xfs_has_parent(mp)) 566 return false; 567 if (attrp->alfi_value_len != sizeof(struct xfs_parent_rec)) 568 return false; 569 if (!xfs_attri_validate_namelen(attrp->alfi_name_len)) 570 return false; 571 if (!(attrp->alfi_attr_filter & XFS_ATTR_PARENT)) 572 return false; 573 break; 574 case XFS_ATTRI_OP_FLAGS_SET: 575 case XFS_ATTRI_OP_FLAGS_REPLACE: 576 if (!xfs_is_using_logged_xattrs(mp)) 577 return false; 578 if (attrp->alfi_value_len > XATTR_SIZE_MAX) 579 return false; 580 if (!xfs_attri_validate_namelen(attrp->alfi_name_len)) 581 return false; 582 break; 583 case XFS_ATTRI_OP_FLAGS_REMOVE: 584 if (!xfs_is_using_logged_xattrs(mp)) 585 return false; 586 if (attrp->alfi_value_len != 0) 587 return false; 588 if (!xfs_attri_validate_namelen(attrp->alfi_name_len)) 589 return false; 590 break; 591 case XFS_ATTRI_OP_FLAGS_PPTR_REPLACE: 592 if (!xfs_has_parent(mp)) 593 return false; 594 if (!xfs_attri_validate_namelen(attrp->alfi_old_name_len)) 595 return false; 596 if (!xfs_attri_validate_namelen(attrp->alfi_new_name_len)) 597 return false; 598 if (attrp->alfi_value_len != sizeof(struct xfs_parent_rec)) 599 return false; 600 if (!(attrp->alfi_attr_filter & XFS_ATTR_PARENT)) 601 return false; 602 break; 603 default: 604 return false; 605 } 606 607 return xfs_verify_ino(mp, attrp->alfi_ino); 608 } 609 610 static int 611 xfs_attri_iread_extents( 612 struct xfs_inode *ip) 613 { 614 struct xfs_trans *tp; 615 int error; 616 617 tp = xfs_trans_alloc_empty(ip->i_mount); 618 xfs_ilock(ip, XFS_ILOCK_EXCL); 619 error = xfs_iread_extents(tp, ip, XFS_ATTR_FORK); 620 xfs_iunlock(ip, XFS_ILOCK_EXCL); 621 xfs_trans_cancel(tp); 622 623 return error; 624 } 625 626 static inline struct xfs_attr_intent * 627 xfs_attri_recover_work( 628 struct xfs_mount *mp, 629 struct xfs_defer_pending *dfp, 630 struct xfs_attri_log_format *attrp, 631 struct xfs_inode **ipp, 632 struct xfs_attri_log_nameval *nv) 633 { 634 struct xfs_attr_intent *attr; 635 struct xfs_da_args *args; 636 struct xfs_inode *ip; 637 int local; 638 int error; 639 640 /* 641 * Parent pointer attr items record the generation but regular logged 642 * xattrs do not; select the right iget function. 643 */ 644 switch (xfs_attr_log_item_op(attrp)) { 645 case XFS_ATTRI_OP_FLAGS_PPTR_SET: 646 case XFS_ATTRI_OP_FLAGS_PPTR_REPLACE: 647 case XFS_ATTRI_OP_FLAGS_PPTR_REMOVE: 648 error = xlog_recover_iget_handle(mp, attrp->alfi_ino, 649 attrp->alfi_igen, &ip); 650 break; 651 default: 652 error = xlog_recover_iget(mp, attrp->alfi_ino, &ip); 653 break; 654 } 655 if (error) { 656 xfs_irele(ip); 657 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, attrp, 658 sizeof(*attrp)); 659 return ERR_PTR(-EFSCORRUPTED); 660 } 661 662 if (xfs_inode_has_attr_fork(ip)) { 663 error = xfs_attri_iread_extents(ip); 664 if (error) { 665 xfs_irele(ip); 666 return ERR_PTR(error); 667 } 668 } 669 670 attr = kzalloc(sizeof(struct xfs_attr_intent) + 671 sizeof(struct xfs_da_args), GFP_KERNEL | __GFP_NOFAIL); 672 args = (struct xfs_da_args *)(attr + 1); 673 674 attr->xattri_da_args = args; 675 attr->xattri_op_flags = xfs_attr_log_item_op(attrp); 676 677 /* 678 * We're reconstructing the deferred work state structure from the 679 * recovered log item. Grab a reference to the name/value buffer and 680 * attach it to the new work state. 681 */ 682 attr->xattri_nameval = xfs_attri_log_nameval_get(nv); 683 ASSERT(attr->xattri_nameval); 684 685 args->dp = ip; 686 args->geo = mp->m_attr_geo; 687 args->whichfork = XFS_ATTR_FORK; 688 args->name = nv->name.iov_base; 689 args->namelen = nv->name.iov_len; 690 args->new_name = nv->new_name.iov_base; 691 args->new_namelen = nv->new_name.iov_len; 692 args->value = nv->value.iov_base; 693 args->valuelen = nv->value.iov_len; 694 args->new_value = nv->new_value.iov_base; 695 args->new_valuelen = nv->new_value.iov_len; 696 args->attr_filter = attrp->alfi_attr_filter & XFS_ATTRI_FILTER_MASK; 697 args->op_flags = XFS_DA_OP_RECOVERY | XFS_DA_OP_OKNOENT | 698 XFS_DA_OP_LOGGED; 699 args->owner = args->dp->i_ino; 700 xfs_attr_sethash(args); 701 702 switch (xfs_attr_intent_op(attr)) { 703 case XFS_ATTRI_OP_FLAGS_PPTR_SET: 704 case XFS_ATTRI_OP_FLAGS_PPTR_REPLACE: 705 case XFS_ATTRI_OP_FLAGS_SET: 706 case XFS_ATTRI_OP_FLAGS_REPLACE: 707 args->total = xfs_attr_calc_size(args, &local); 708 if (xfs_inode_hasattr(args->dp)) 709 attr->xattri_dela_state = xfs_attr_init_replace_state(args); 710 else 711 attr->xattri_dela_state = xfs_attr_init_add_state(args); 712 break; 713 case XFS_ATTRI_OP_FLAGS_PPTR_REMOVE: 714 case XFS_ATTRI_OP_FLAGS_REMOVE: 715 attr->xattri_dela_state = xfs_attr_init_remove_state(args); 716 break; 717 } 718 719 xfs_defer_add_item(dfp, &attr->xattri_list); 720 *ipp = ip; 721 return attr; 722 } 723 724 /* 725 * Process an attr intent item that was recovered from the log. We need to 726 * delete the attr that it describes. 727 */ 728 STATIC int 729 xfs_attr_recover_work( 730 struct xfs_defer_pending *dfp, 731 struct list_head *capture_list) 732 { 733 struct xfs_log_item *lip = dfp->dfp_intent; 734 struct xfs_attri_log_item *attrip = ATTRI_ITEM(lip); 735 struct xfs_attr_intent *attr; 736 struct xfs_mount *mp = lip->li_log->l_mp; 737 struct xfs_inode *ip = NULL; 738 struct xfs_da_args *args; 739 struct xfs_trans *tp; 740 struct xfs_trans_res resv; 741 struct xfs_attri_log_format *attrp; 742 struct xfs_attri_log_nameval *nv = attrip->attri_nameval; 743 int error; 744 unsigned int total = 0; 745 746 /* 747 * First check the validity of the attr described by the ATTRI. If any 748 * are bad, then assume that all are bad and just toss the ATTRI. 749 */ 750 attrp = &attrip->attri_format; 751 if (!xfs_attri_validate(mp, attrp) || 752 !xfs_attr_namecheck(attrp->alfi_attr_filter, nv->name.iov_base, 753 nv->name.iov_len)) 754 return -EFSCORRUPTED; 755 756 attr = xfs_attri_recover_work(mp, dfp, attrp, &ip, nv); 757 if (IS_ERR(attr)) 758 return PTR_ERR(attr); 759 args = attr->xattri_da_args; 760 761 switch (xfs_attr_intent_op(attr)) { 762 case XFS_ATTRI_OP_FLAGS_PPTR_SET: 763 case XFS_ATTRI_OP_FLAGS_PPTR_REPLACE: 764 case XFS_ATTRI_OP_FLAGS_SET: 765 case XFS_ATTRI_OP_FLAGS_REPLACE: 766 resv = xfs_attr_set_resv(args); 767 total = args->total; 768 break; 769 case XFS_ATTRI_OP_FLAGS_PPTR_REMOVE: 770 case XFS_ATTRI_OP_FLAGS_REMOVE: 771 resv = M_RES(mp)->tr_attrrm; 772 total = XFS_ATTRRM_SPACE_RES(mp); 773 break; 774 } 775 resv = xlog_recover_resv(&resv); 776 error = xfs_trans_alloc(mp, &resv, total, 0, XFS_TRANS_RESERVE, &tp); 777 if (error) 778 return error; 779 args->trans = tp; 780 781 xfs_ilock(ip, XFS_ILOCK_EXCL); 782 xfs_trans_ijoin(tp, ip, 0); 783 784 error = xlog_recover_finish_intent(tp, dfp); 785 if (error == -EFSCORRUPTED) 786 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, 787 &attrip->attri_format, 788 sizeof(attrip->attri_format)); 789 if (error) 790 goto out_cancel; 791 792 error = xfs_defer_ops_capture_and_commit(tp, capture_list); 793 out_unlock: 794 xfs_iunlock(ip, XFS_ILOCK_EXCL); 795 xfs_irele(ip); 796 return error; 797 out_cancel: 798 xfs_trans_cancel(tp); 799 goto out_unlock; 800 } 801 802 /* Re-log an intent item to push the log tail forward. */ 803 static struct xfs_log_item * 804 xfs_attr_relog_intent( 805 struct xfs_trans *tp, 806 struct xfs_log_item *intent, 807 struct xfs_log_item *done_item) 808 { 809 struct xfs_attri_log_item *old_attrip; 810 struct xfs_attri_log_item *new_attrip; 811 struct xfs_attri_log_format *new_attrp; 812 struct xfs_attri_log_format *old_attrp; 813 814 old_attrip = ATTRI_ITEM(intent); 815 old_attrp = &old_attrip->attri_format; 816 817 /* 818 * Create a new log item that shares the same name/value buffer as the 819 * old log item. 820 */ 821 new_attrip = xfs_attri_init(tp->t_mountp, old_attrip->attri_nameval); 822 new_attrp = &new_attrip->attri_format; 823 824 new_attrp->alfi_ino = old_attrp->alfi_ino; 825 new_attrp->alfi_igen = old_attrp->alfi_igen; 826 new_attrp->alfi_op_flags = old_attrp->alfi_op_flags; 827 new_attrp->alfi_value_len = old_attrp->alfi_value_len; 828 829 switch (xfs_attr_log_item_op(old_attrp)) { 830 case XFS_ATTRI_OP_FLAGS_PPTR_REPLACE: 831 new_attrp->alfi_new_name_len = old_attrp->alfi_new_name_len; 832 new_attrp->alfi_old_name_len = old_attrp->alfi_old_name_len; 833 break; 834 default: 835 new_attrp->alfi_name_len = old_attrp->alfi_name_len; 836 break; 837 } 838 839 new_attrp->alfi_attr_filter = old_attrp->alfi_attr_filter; 840 841 return &new_attrip->attri_item; 842 } 843 844 /* Get an ATTRD so we can process all the attrs. */ 845 static struct xfs_log_item * 846 xfs_attr_create_done( 847 struct xfs_trans *tp, 848 struct xfs_log_item *intent, 849 unsigned int count) 850 { 851 struct xfs_attri_log_item *attrip; 852 struct xfs_attrd_log_item *attrdp; 853 854 attrip = ATTRI_ITEM(intent); 855 856 attrdp = kmem_cache_zalloc(xfs_attrd_cache, GFP_KERNEL | __GFP_NOFAIL); 857 858 xfs_log_item_init(tp->t_mountp, &attrdp->attrd_item, XFS_LI_ATTRD, 859 &xfs_attrd_item_ops); 860 attrdp->attrd_attrip = attrip; 861 attrdp->attrd_format.alfd_alf_id = attrip->attri_format.alfi_id; 862 863 return &attrdp->attrd_item; 864 } 865 866 void 867 xfs_attr_defer_add( 868 struct xfs_da_args *args, 869 enum xfs_attr_defer_op op) 870 { 871 struct xfs_attr_intent *new; 872 unsigned int log_op = 0; 873 bool is_pptr = args->attr_filter & XFS_ATTR_PARENT; 874 875 if (is_pptr) { 876 ASSERT(xfs_has_parent(args->dp->i_mount)); 877 ASSERT((args->attr_filter & ~XFS_ATTR_PARENT) == 0); 878 ASSERT(args->op_flags & XFS_DA_OP_LOGGED); 879 ASSERT(args->valuelen == sizeof(struct xfs_parent_rec)); 880 } 881 882 new = kmem_cache_zalloc(xfs_attr_intent_cache, 883 GFP_NOFS | __GFP_NOFAIL); 884 new->xattri_da_args = args; 885 886 /* Compute log operation from the higher level op and namespace. */ 887 switch (op) { 888 case XFS_ATTR_DEFER_SET: 889 if (is_pptr) 890 log_op = XFS_ATTRI_OP_FLAGS_PPTR_SET; 891 else 892 log_op = XFS_ATTRI_OP_FLAGS_SET; 893 break; 894 case XFS_ATTR_DEFER_REPLACE: 895 if (is_pptr) 896 log_op = XFS_ATTRI_OP_FLAGS_PPTR_REPLACE; 897 else 898 log_op = XFS_ATTRI_OP_FLAGS_REPLACE; 899 break; 900 case XFS_ATTR_DEFER_REMOVE: 901 if (is_pptr) 902 log_op = XFS_ATTRI_OP_FLAGS_PPTR_REMOVE; 903 else 904 log_op = XFS_ATTRI_OP_FLAGS_REMOVE; 905 break; 906 default: 907 ASSERT(0); 908 break; 909 } 910 new->xattri_op_flags = log_op; 911 912 /* Set up initial attr operation state. */ 913 switch (log_op) { 914 case XFS_ATTRI_OP_FLAGS_PPTR_SET: 915 case XFS_ATTRI_OP_FLAGS_SET: 916 new->xattri_dela_state = xfs_attr_init_add_state(args); 917 break; 918 case XFS_ATTRI_OP_FLAGS_PPTR_REPLACE: 919 ASSERT(args->new_valuelen == args->valuelen); 920 new->xattri_dela_state = xfs_attr_init_replace_state(args); 921 break; 922 case XFS_ATTRI_OP_FLAGS_REPLACE: 923 new->xattri_dela_state = xfs_attr_init_replace_state(args); 924 break; 925 case XFS_ATTRI_OP_FLAGS_PPTR_REMOVE: 926 case XFS_ATTRI_OP_FLAGS_REMOVE: 927 new->xattri_dela_state = xfs_attr_init_remove_state(args); 928 break; 929 } 930 931 xfs_defer_add(args->trans, &new->xattri_list, &xfs_attr_defer_type); 932 trace_xfs_attr_defer_add(new->xattri_dela_state, args->dp); 933 } 934 935 const struct xfs_defer_op_type xfs_attr_defer_type = { 936 .name = "attr", 937 .max_items = 1, 938 .create_intent = xfs_attr_create_intent, 939 .abort_intent = xfs_attr_abort_intent, 940 .create_done = xfs_attr_create_done, 941 .finish_item = xfs_attr_finish_item, 942 .cancel_item = xfs_attr_cancel_item, 943 .recover_work = xfs_attr_recover_work, 944 .relog_intent = xfs_attr_relog_intent, 945 }; 946 947 static inline void * 948 xfs_attri_validate_name_iovec( 949 struct xfs_mount *mp, 950 struct xfs_attri_log_format *attri_formatp, 951 const struct kvec *iovec, 952 unsigned int name_len) 953 { 954 if (iovec->iov_len != xlog_calc_iovec_len(name_len)) { 955 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, 956 attri_formatp, sizeof(*attri_formatp)); 957 return NULL; 958 } 959 960 if (!xfs_attr_namecheck(attri_formatp->alfi_attr_filter, iovec->iov_base, 961 name_len)) { 962 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, 963 attri_formatp, sizeof(*attri_formatp)); 964 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, 965 iovec->iov_base, iovec->iov_len); 966 return NULL; 967 } 968 969 return iovec->iov_base; 970 } 971 972 static inline void * 973 xfs_attri_validate_value_iovec( 974 struct xfs_mount *mp, 975 struct xfs_attri_log_format *attri_formatp, 976 const struct kvec *iovec, 977 unsigned int value_len) 978 { 979 if (iovec->iov_len != xlog_calc_iovec_len(value_len)) { 980 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, 981 attri_formatp, sizeof(*attri_formatp)); 982 return NULL; 983 } 984 985 if ((attri_formatp->alfi_attr_filter & XFS_ATTR_PARENT) && 986 !xfs_parent_valuecheck(mp, iovec->iov_base, value_len)) { 987 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, 988 attri_formatp, sizeof(*attri_formatp)); 989 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, 990 iovec->iov_base, iovec->iov_len); 991 return NULL; 992 } 993 994 return iovec->iov_base; 995 } 996 997 STATIC int 998 xlog_recover_attri_commit_pass2( 999 struct xlog *log, 1000 struct list_head *buffer_list, 1001 struct xlog_recover_item *item, 1002 xfs_lsn_t lsn) 1003 { 1004 struct xfs_mount *mp = log->l_mp; 1005 struct xfs_attri_log_item *attrip; 1006 struct xfs_attri_log_format *attri_formatp; 1007 struct xfs_attri_log_nameval *nv; 1008 const void *attr_name; 1009 const void *attr_value = NULL; 1010 const void *attr_new_name = NULL; 1011 const void *attr_new_value = NULL; 1012 size_t len; 1013 unsigned int name_len = 0; 1014 unsigned int value_len = 0; 1015 unsigned int new_name_len = 0; 1016 unsigned int new_value_len = 0; 1017 unsigned int op, i = 0; 1018 1019 /* Validate xfs_attri_log_format before the large memory allocation */ 1020 len = sizeof(struct xfs_attri_log_format); 1021 if (item->ri_buf[i].iov_len != len) { 1022 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, 1023 item->ri_buf[0].iov_base, item->ri_buf[0].iov_len); 1024 return -EFSCORRUPTED; 1025 } 1026 1027 attri_formatp = item->ri_buf[i].iov_base; 1028 if (!xfs_attri_validate(mp, attri_formatp)) { 1029 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, 1030 attri_formatp, len); 1031 return -EFSCORRUPTED; 1032 } 1033 1034 /* Check the number of log iovecs makes sense for the op code. */ 1035 op = xfs_attr_log_item_op(attri_formatp); 1036 switch (op) { 1037 case XFS_ATTRI_OP_FLAGS_PPTR_REMOVE: 1038 case XFS_ATTRI_OP_FLAGS_PPTR_SET: 1039 /* Log item, attr name, attr value */ 1040 if (item->ri_total != 3) { 1041 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, 1042 attri_formatp, len); 1043 return -EFSCORRUPTED; 1044 } 1045 name_len = attri_formatp->alfi_name_len; 1046 value_len = attri_formatp->alfi_value_len; 1047 break; 1048 case XFS_ATTRI_OP_FLAGS_SET: 1049 case XFS_ATTRI_OP_FLAGS_REPLACE: 1050 /* Log item, attr name, attr value */ 1051 if (item->ri_total != 3) { 1052 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, 1053 attri_formatp, len); 1054 return -EFSCORRUPTED; 1055 } 1056 name_len = attri_formatp->alfi_name_len; 1057 value_len = attri_formatp->alfi_value_len; 1058 break; 1059 case XFS_ATTRI_OP_FLAGS_REMOVE: 1060 /* Log item, attr name */ 1061 if (item->ri_total != 2) { 1062 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, 1063 attri_formatp, len); 1064 return -EFSCORRUPTED; 1065 } 1066 name_len = attri_formatp->alfi_name_len; 1067 break; 1068 case XFS_ATTRI_OP_FLAGS_PPTR_REPLACE: 1069 /* 1070 * Log item, attr name, new attr name, attr value, new attr 1071 * value 1072 */ 1073 if (item->ri_total != 5) { 1074 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, 1075 attri_formatp, len); 1076 return -EFSCORRUPTED; 1077 } 1078 name_len = attri_formatp->alfi_old_name_len; 1079 new_name_len = attri_formatp->alfi_new_name_len; 1080 new_value_len = value_len = attri_formatp->alfi_value_len; 1081 break; 1082 default: 1083 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, 1084 attri_formatp, len); 1085 return -EFSCORRUPTED; 1086 } 1087 i++; 1088 1089 /* Validate the attr name */ 1090 attr_name = xfs_attri_validate_name_iovec(mp, attri_formatp, 1091 &item->ri_buf[i], name_len); 1092 if (!attr_name) 1093 return -EFSCORRUPTED; 1094 i++; 1095 1096 /* Validate the new attr name */ 1097 if (new_name_len > 0) { 1098 attr_new_name = xfs_attri_validate_name_iovec(mp, 1099 attri_formatp, &item->ri_buf[i], 1100 new_name_len); 1101 if (!attr_new_name) 1102 return -EFSCORRUPTED; 1103 i++; 1104 } 1105 1106 /* Validate the attr value, if present */ 1107 if (value_len != 0) { 1108 attr_value = xfs_attri_validate_value_iovec(mp, attri_formatp, 1109 &item->ri_buf[i], value_len); 1110 if (!attr_value) 1111 return -EFSCORRUPTED; 1112 i++; 1113 } 1114 1115 /* Validate the new attr value, if present */ 1116 if (new_value_len != 0) { 1117 attr_new_value = xfs_attri_validate_value_iovec(mp, 1118 attri_formatp, &item->ri_buf[i], 1119 new_value_len); 1120 if (!attr_new_value) 1121 return -EFSCORRUPTED; 1122 i++; 1123 } 1124 1125 /* 1126 * Make sure we got the correct number of buffers for the operation 1127 * that we just loaded. 1128 */ 1129 if (i != item->ri_total) { 1130 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, 1131 attri_formatp, len); 1132 return -EFSCORRUPTED; 1133 } 1134 1135 switch (op) { 1136 case XFS_ATTRI_OP_FLAGS_REMOVE: 1137 /* Regular remove operations operate only on names. */ 1138 if (attr_value != NULL || value_len != 0) { 1139 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, 1140 attri_formatp, len); 1141 return -EFSCORRUPTED; 1142 } 1143 fallthrough; 1144 case XFS_ATTRI_OP_FLAGS_PPTR_REMOVE: 1145 case XFS_ATTRI_OP_FLAGS_PPTR_SET: 1146 case XFS_ATTRI_OP_FLAGS_SET: 1147 case XFS_ATTRI_OP_FLAGS_REPLACE: 1148 /* 1149 * Regular xattr set/remove/replace operations require a name 1150 * and do not take a newname. Values are optional for set and 1151 * replace. 1152 * 1153 * Name-value set/remove operations must have a name, do not 1154 * take a newname, and can take a value. 1155 */ 1156 if (attr_name == NULL || name_len == 0) { 1157 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, 1158 attri_formatp, len); 1159 return -EFSCORRUPTED; 1160 } 1161 break; 1162 case XFS_ATTRI_OP_FLAGS_PPTR_REPLACE: 1163 /* 1164 * Name-value replace operations require the caller to 1165 * specify the old and new names and values explicitly. 1166 * Values are optional. 1167 */ 1168 if (attr_name == NULL || name_len == 0) { 1169 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, 1170 attri_formatp, len); 1171 return -EFSCORRUPTED; 1172 } 1173 if (attr_new_name == NULL || new_name_len == 0) { 1174 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, 1175 attri_formatp, len); 1176 return -EFSCORRUPTED; 1177 } 1178 break; 1179 } 1180 1181 /* 1182 * Memory alloc failure will cause replay to abort. We attach the 1183 * name/value buffer to the recovered incore log item and drop our 1184 * reference. 1185 */ 1186 nv = xfs_attri_log_nameval_alloc(attr_name, name_len, 1187 attr_new_name, new_name_len, 1188 attr_value, value_len, 1189 attr_new_value, new_value_len); 1190 1191 attrip = xfs_attri_init(mp, nv); 1192 memcpy(&attrip->attri_format, attri_formatp, len); 1193 1194 xlog_recover_intent_item(log, &attrip->attri_item, lsn, 1195 &xfs_attr_defer_type); 1196 xfs_attri_log_nameval_put(nv); 1197 return 0; 1198 } 1199 1200 /* 1201 * This routine is called when an ATTRD format structure is found in a committed 1202 * transaction in the log. Its purpose is to cancel the corresponding ATTRI if 1203 * it was still in the log. To do this it searches the AIL for the ATTRI with 1204 * an id equal to that in the ATTRD format structure. If we find it we drop 1205 * the ATTRD reference, which removes the ATTRI from the AIL and frees it. 1206 */ 1207 STATIC int 1208 xlog_recover_attrd_commit_pass2( 1209 struct xlog *log, 1210 struct list_head *buffer_list, 1211 struct xlog_recover_item *item, 1212 xfs_lsn_t lsn) 1213 { 1214 struct xfs_attrd_log_format *attrd_formatp; 1215 1216 attrd_formatp = item->ri_buf[0].iov_base; 1217 if (item->ri_buf[0].iov_len != sizeof(struct xfs_attrd_log_format)) { 1218 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, log->l_mp, 1219 item->ri_buf[0].iov_base, item->ri_buf[0].iov_len); 1220 return -EFSCORRUPTED; 1221 } 1222 1223 xlog_recover_release_intent(log, XFS_LI_ATTRI, 1224 attrd_formatp->alfd_alf_id); 1225 return 0; 1226 } 1227 1228 static const struct xfs_item_ops xfs_attri_item_ops = { 1229 .flags = XFS_ITEM_INTENT, 1230 .iop_size = xfs_attri_item_size, 1231 .iop_format = xfs_attri_item_format, 1232 .iop_unpin = xfs_attri_item_unpin, 1233 .iop_release = xfs_attri_item_release, 1234 .iop_match = xfs_attri_item_match, 1235 }; 1236 1237 const struct xlog_recover_item_ops xlog_attri_item_ops = { 1238 .item_type = XFS_LI_ATTRI, 1239 .commit_pass2 = xlog_recover_attri_commit_pass2, 1240 }; 1241 1242 static const struct xfs_item_ops xfs_attrd_item_ops = { 1243 .flags = XFS_ITEM_RELEASE_WHEN_COMMITTED | 1244 XFS_ITEM_INTENT_DONE, 1245 .iop_size = xfs_attrd_item_size, 1246 .iop_format = xfs_attrd_item_format, 1247 .iop_release = xfs_attrd_item_release, 1248 .iop_intent = xfs_attrd_item_intent, 1249 }; 1250 1251 const struct xlog_recover_item_ops xlog_attrd_item_ops = { 1252 .item_type = XFS_LI_ATTRD, 1253 .commit_pass2 = xlog_recover_attrd_commit_pass2, 1254 }; 1255