xref: /linux/fs/xfs/xfs_attr_item.c (revision ae22a94997b8a03dcb3c922857c203246711f9d4)
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  * Copyright (C) 2022 Oracle.  All Rights Reserved.
4  * Author: Allison Henderson <allison.henderson@oracle.com>
5  */
6 
7 #include "xfs.h"
8 #include "xfs_fs.h"
9 #include "xfs_format.h"
10 #include "xfs_trans_resv.h"
11 #include "xfs_shared.h"
12 #include "xfs_mount.h"
13 #include "xfs_defer.h"
14 #include "xfs_log_format.h"
15 #include "xfs_trans.h"
16 #include "xfs_bmap_btree.h"
17 #include "xfs_trans_priv.h"
18 #include "xfs_log.h"
19 #include "xfs_inode.h"
20 #include "xfs_da_format.h"
21 #include "xfs_da_btree.h"
22 #include "xfs_attr.h"
23 #include "xfs_attr_item.h"
24 #include "xfs_trace.h"
25 #include "xfs_trans_space.h"
26 #include "xfs_errortag.h"
27 #include "xfs_error.h"
28 #include "xfs_log_priv.h"
29 #include "xfs_log_recover.h"
30 
31 struct kmem_cache		*xfs_attri_cache;
32 struct kmem_cache		*xfs_attrd_cache;
33 
34 static const struct xfs_item_ops xfs_attri_item_ops;
35 static const struct xfs_item_ops xfs_attrd_item_ops;
36 
37 static inline struct xfs_attri_log_item *ATTRI_ITEM(struct xfs_log_item *lip)
38 {
39 	return container_of(lip, struct xfs_attri_log_item, attri_item);
40 }
41 
42 /*
43  * Shared xattr name/value buffers for logged extended attribute operations
44  *
45  * When logging updates to extended attributes, we can create quite a few
46  * attribute log intent items for a single xattr update.  To avoid cycling the
47  * memory allocator and memcpy overhead, the name (and value, for setxattr)
48  * are kept in a refcounted object that is shared across all related log items
49  * and the upper-level deferred work state structure.  The shared buffer has
50  * a control structure, followed by the name, and then the value.
51  */
52 
53 static inline struct xfs_attri_log_nameval *
54 xfs_attri_log_nameval_get(
55 	struct xfs_attri_log_nameval	*nv)
56 {
57 	if (!refcount_inc_not_zero(&nv->refcount))
58 		return NULL;
59 	return nv;
60 }
61 
62 static inline void
63 xfs_attri_log_nameval_put(
64 	struct xfs_attri_log_nameval	*nv)
65 {
66 	if (!nv)
67 		return;
68 	if (refcount_dec_and_test(&nv->refcount))
69 		kvfree(nv);
70 }
71 
72 static inline struct xfs_attri_log_nameval *
73 xfs_attri_log_nameval_alloc(
74 	const void			*name,
75 	unsigned int			name_len,
76 	const void			*value,
77 	unsigned int			value_len)
78 {
79 	struct xfs_attri_log_nameval	*nv;
80 
81 	/*
82 	 * This could be over 64kB in length, so we have to use kvmalloc() for
83 	 * this. But kvmalloc() utterly sucks, so we use our own version.
84 	 */
85 	nv = xlog_kvmalloc(sizeof(struct xfs_attri_log_nameval) +
86 					name_len + value_len);
87 
88 	nv->name.i_addr = nv + 1;
89 	nv->name.i_len = name_len;
90 	nv->name.i_type = XLOG_REG_TYPE_ATTR_NAME;
91 	memcpy(nv->name.i_addr, name, name_len);
92 
93 	if (value_len) {
94 		nv->value.i_addr = nv->name.i_addr + name_len;
95 		nv->value.i_len = value_len;
96 		memcpy(nv->value.i_addr, value, value_len);
97 	} else {
98 		nv->value.i_addr = NULL;
99 		nv->value.i_len = 0;
100 	}
101 	nv->value.i_type = XLOG_REG_TYPE_ATTR_VALUE;
102 
103 	refcount_set(&nv->refcount, 1);
104 	return nv;
105 }
106 
107 STATIC void
108 xfs_attri_item_free(
109 	struct xfs_attri_log_item	*attrip)
110 {
111 	kvfree(attrip->attri_item.li_lv_shadow);
112 	xfs_attri_log_nameval_put(attrip->attri_nameval);
113 	kmem_cache_free(xfs_attri_cache, attrip);
114 }
115 
116 /*
117  * Freeing the attrip requires that we remove it from the AIL if it has already
118  * been placed there. However, the ATTRI may not yet have been placed in the
119  * AIL when called by xfs_attri_release() from ATTRD processing due to the
120  * ordering of committed vs unpin operations in bulk insert operations. Hence
121  * the reference count to ensure only the last caller frees the ATTRI.
122  */
123 STATIC void
124 xfs_attri_release(
125 	struct xfs_attri_log_item	*attrip)
126 {
127 	ASSERT(atomic_read(&attrip->attri_refcount) > 0);
128 	if (!atomic_dec_and_test(&attrip->attri_refcount))
129 		return;
130 
131 	xfs_trans_ail_delete(&attrip->attri_item, 0);
132 	xfs_attri_item_free(attrip);
133 }
134 
135 STATIC void
136 xfs_attri_item_size(
137 	struct xfs_log_item		*lip,
138 	int				*nvecs,
139 	int				*nbytes)
140 {
141 	struct xfs_attri_log_item       *attrip = ATTRI_ITEM(lip);
142 	struct xfs_attri_log_nameval	*nv = attrip->attri_nameval;
143 
144 	*nvecs += 2;
145 	*nbytes += sizeof(struct xfs_attri_log_format) +
146 			xlog_calc_iovec_len(nv->name.i_len);
147 
148 	if (!nv->value.i_len)
149 		return;
150 
151 	*nvecs += 1;
152 	*nbytes += xlog_calc_iovec_len(nv->value.i_len);
153 }
154 
155 /*
156  * This is called to fill in the log iovecs for the given attri log
157  * item. We use  1 iovec for the attri_format_item, 1 for the name, and
158  * another for the value if it is present
159  */
160 STATIC void
161 xfs_attri_item_format(
162 	struct xfs_log_item		*lip,
163 	struct xfs_log_vec		*lv)
164 {
165 	struct xfs_attri_log_item	*attrip = ATTRI_ITEM(lip);
166 	struct xfs_log_iovec		*vecp = NULL;
167 	struct xfs_attri_log_nameval	*nv = attrip->attri_nameval;
168 
169 	attrip->attri_format.alfi_type = XFS_LI_ATTRI;
170 	attrip->attri_format.alfi_size = 1;
171 
172 	/*
173 	 * This size accounting must be done before copying the attrip into the
174 	 * iovec.  If we do it after, the wrong size will be recorded to the log
175 	 * and we trip across assertion checks for bad region sizes later during
176 	 * the log recovery.
177 	 */
178 
179 	ASSERT(nv->name.i_len > 0);
180 	attrip->attri_format.alfi_size++;
181 
182 	if (nv->value.i_len > 0)
183 		attrip->attri_format.alfi_size++;
184 
185 	xlog_copy_iovec(lv, &vecp, XLOG_REG_TYPE_ATTRI_FORMAT,
186 			&attrip->attri_format,
187 			sizeof(struct xfs_attri_log_format));
188 	xlog_copy_from_iovec(lv, &vecp, &nv->name);
189 	if (nv->value.i_len > 0)
190 		xlog_copy_from_iovec(lv, &vecp, &nv->value);
191 }
192 
193 /*
194  * The unpin operation is the last place an ATTRI is manipulated in the log. It
195  * is either inserted in the AIL or aborted in the event of a log I/O error. In
196  * either case, the ATTRI transaction has been successfully committed to make
197  * it this far. Therefore, we expect whoever committed the ATTRI to either
198  * construct and commit the ATTRD or drop the ATTRD's reference in the event of
199  * error. Simply drop the log's ATTRI reference now that the log is done with
200  * it.
201  */
202 STATIC void
203 xfs_attri_item_unpin(
204 	struct xfs_log_item	*lip,
205 	int			remove)
206 {
207 	xfs_attri_release(ATTRI_ITEM(lip));
208 }
209 
210 
211 STATIC void
212 xfs_attri_item_release(
213 	struct xfs_log_item	*lip)
214 {
215 	xfs_attri_release(ATTRI_ITEM(lip));
216 }
217 
218 /*
219  * Allocate and initialize an attri item.  Caller may allocate an additional
220  * trailing buffer for name and value
221  */
222 STATIC struct xfs_attri_log_item *
223 xfs_attri_init(
224 	struct xfs_mount		*mp,
225 	struct xfs_attri_log_nameval	*nv)
226 {
227 	struct xfs_attri_log_item	*attrip;
228 
229 	attrip = kmem_cache_zalloc(xfs_attri_cache, GFP_KERNEL | __GFP_NOFAIL);
230 
231 	/*
232 	 * Grab an extra reference to the name/value buffer for this log item.
233 	 * The caller retains its own reference!
234 	 */
235 	attrip->attri_nameval = xfs_attri_log_nameval_get(nv);
236 	ASSERT(attrip->attri_nameval);
237 
238 	xfs_log_item_init(mp, &attrip->attri_item, XFS_LI_ATTRI,
239 			  &xfs_attri_item_ops);
240 	attrip->attri_format.alfi_id = (uintptr_t)(void *)attrip;
241 	atomic_set(&attrip->attri_refcount, 2);
242 
243 	return attrip;
244 }
245 
246 static inline struct xfs_attrd_log_item *ATTRD_ITEM(struct xfs_log_item *lip)
247 {
248 	return container_of(lip, struct xfs_attrd_log_item, attrd_item);
249 }
250 
251 STATIC void
252 xfs_attrd_item_free(struct xfs_attrd_log_item *attrdp)
253 {
254 	kvfree(attrdp->attrd_item.li_lv_shadow);
255 	kmem_cache_free(xfs_attrd_cache, attrdp);
256 }
257 
258 STATIC void
259 xfs_attrd_item_size(
260 	struct xfs_log_item		*lip,
261 	int				*nvecs,
262 	int				*nbytes)
263 {
264 	*nvecs += 1;
265 	*nbytes += sizeof(struct xfs_attrd_log_format);
266 }
267 
268 /*
269  * This is called to fill in the log iovecs for the given attrd log item. We use
270  * only 1 iovec for the attrd_format, and we point that at the attr_log_format
271  * structure embedded in the attrd item.
272  */
273 STATIC void
274 xfs_attrd_item_format(
275 	struct xfs_log_item	*lip,
276 	struct xfs_log_vec	*lv)
277 {
278 	struct xfs_attrd_log_item	*attrdp = ATTRD_ITEM(lip);
279 	struct xfs_log_iovec		*vecp = NULL;
280 
281 	attrdp->attrd_format.alfd_type = XFS_LI_ATTRD;
282 	attrdp->attrd_format.alfd_size = 1;
283 
284 	xlog_copy_iovec(lv, &vecp, XLOG_REG_TYPE_ATTRD_FORMAT,
285 			&attrdp->attrd_format,
286 			sizeof(struct xfs_attrd_log_format));
287 }
288 
289 /*
290  * The ATTRD is either committed or aborted if the transaction is canceled. If
291  * the transaction is canceled, drop our reference to the ATTRI and free the
292  * ATTRD.
293  */
294 STATIC void
295 xfs_attrd_item_release(
296 	struct xfs_log_item		*lip)
297 {
298 	struct xfs_attrd_log_item	*attrdp = ATTRD_ITEM(lip);
299 
300 	xfs_attri_release(attrdp->attrd_attrip);
301 	xfs_attrd_item_free(attrdp);
302 }
303 
304 static struct xfs_log_item *
305 xfs_attrd_item_intent(
306 	struct xfs_log_item	*lip)
307 {
308 	return &ATTRD_ITEM(lip)->attrd_attrip->attri_item;
309 }
310 
311 /* Log an attr to the intent item. */
312 STATIC void
313 xfs_attr_log_item(
314 	struct xfs_trans		*tp,
315 	struct xfs_attri_log_item	*attrip,
316 	const struct xfs_attr_intent	*attr)
317 {
318 	struct xfs_attri_log_format	*attrp;
319 
320 	/*
321 	 * At this point the xfs_attr_intent has been constructed, and we've
322 	 * created the log intent. Fill in the attri log item and log format
323 	 * structure with fields from this xfs_attr_intent
324 	 */
325 	attrp = &attrip->attri_format;
326 	attrp->alfi_ino = attr->xattri_da_args->dp->i_ino;
327 	ASSERT(!(attr->xattri_op_flags & ~XFS_ATTRI_OP_FLAGS_TYPE_MASK));
328 	attrp->alfi_op_flags = attr->xattri_op_flags;
329 	attrp->alfi_value_len = attr->xattri_nameval->value.i_len;
330 	attrp->alfi_name_len = attr->xattri_nameval->name.i_len;
331 	ASSERT(!(attr->xattri_da_args->attr_filter & ~XFS_ATTRI_FILTER_MASK));
332 	attrp->alfi_attr_filter = attr->xattri_da_args->attr_filter;
333 }
334 
335 /* Get an ATTRI. */
336 static struct xfs_log_item *
337 xfs_attr_create_intent(
338 	struct xfs_trans		*tp,
339 	struct list_head		*items,
340 	unsigned int			count,
341 	bool				sort)
342 {
343 	struct xfs_mount		*mp = tp->t_mountp;
344 	struct xfs_attri_log_item	*attrip;
345 	struct xfs_attr_intent		*attr;
346 	struct xfs_da_args		*args;
347 
348 	ASSERT(count == 1);
349 
350 	/*
351 	 * Each attr item only performs one attribute operation at a time, so
352 	 * this is a list of one
353 	 */
354 	attr = list_first_entry_or_null(items, struct xfs_attr_intent,
355 			xattri_list);
356 	args = attr->xattri_da_args;
357 
358 	if (!(args->op_flags & XFS_DA_OP_LOGGED))
359 		return NULL;
360 
361 	/*
362 	 * Create a buffer to store the attribute name and value.  This buffer
363 	 * will be shared between the higher level deferred xattr work state
364 	 * and the lower level xattr log items.
365 	 */
366 	if (!attr->xattri_nameval) {
367 		/*
368 		 * Transfer our reference to the name/value buffer to the
369 		 * deferred work state structure.
370 		 */
371 		attr->xattri_nameval = xfs_attri_log_nameval_alloc(args->name,
372 				args->namelen, args->value, args->valuelen);
373 	}
374 
375 	attrip = xfs_attri_init(mp, attr->xattri_nameval);
376 	xfs_attr_log_item(tp, attrip, attr);
377 
378 	return &attrip->attri_item;
379 }
380 
381 static inline void
382 xfs_attr_free_item(
383 	struct xfs_attr_intent		*attr)
384 {
385 	if (attr->xattri_da_state)
386 		xfs_da_state_free(attr->xattri_da_state);
387 	xfs_attri_log_nameval_put(attr->xattri_nameval);
388 	if (attr->xattri_da_args->op_flags & XFS_DA_OP_RECOVERY)
389 		kfree(attr);
390 	else
391 		kmem_cache_free(xfs_attr_intent_cache, attr);
392 }
393 
394 static inline struct xfs_attr_intent *attri_entry(const struct list_head *e)
395 {
396 	return list_entry(e, struct xfs_attr_intent, xattri_list);
397 }
398 
399 /* Process an attr. */
400 STATIC int
401 xfs_attr_finish_item(
402 	struct xfs_trans		*tp,
403 	struct xfs_log_item		*done,
404 	struct list_head		*item,
405 	struct xfs_btree_cur		**state)
406 {
407 	struct xfs_attr_intent		*attr = attri_entry(item);
408 	struct xfs_da_args		*args;
409 	int				error;
410 
411 	args = attr->xattri_da_args;
412 
413 	/* Reset trans after EAGAIN cycle since the transaction is new */
414 	args->trans = tp;
415 
416 	if (XFS_TEST_ERROR(false, args->dp->i_mount, XFS_ERRTAG_LARP)) {
417 		error = -EIO;
418 		goto out;
419 	}
420 
421 	/* If an attr removal is trivially complete, we're done. */
422 	if (attr->xattri_op_flags == XFS_ATTRI_OP_FLAGS_REMOVE &&
423 	    !xfs_inode_hasattr(args->dp)) {
424 		error = 0;
425 		goto out;
426 	}
427 
428 	error = xfs_attr_set_iter(attr);
429 	if (!error && attr->xattri_dela_state != XFS_DAS_DONE)
430 		return -EAGAIN;
431 
432 out:
433 	xfs_attr_free_item(attr);
434 	return error;
435 }
436 
437 /* Abort all pending ATTRs. */
438 STATIC void
439 xfs_attr_abort_intent(
440 	struct xfs_log_item		*intent)
441 {
442 	xfs_attri_release(ATTRI_ITEM(intent));
443 }
444 
445 /* Cancel an attr */
446 STATIC void
447 xfs_attr_cancel_item(
448 	struct list_head		*item)
449 {
450 	struct xfs_attr_intent		*attr = attri_entry(item);
451 
452 	xfs_attr_free_item(attr);
453 }
454 
455 STATIC bool
456 xfs_attri_item_match(
457 	struct xfs_log_item	*lip,
458 	uint64_t		intent_id)
459 {
460 	return ATTRI_ITEM(lip)->attri_format.alfi_id == intent_id;
461 }
462 
463 /* Is this recovered ATTRI format ok? */
464 static inline bool
465 xfs_attri_validate(
466 	struct xfs_mount		*mp,
467 	struct xfs_attri_log_format	*attrp)
468 {
469 	unsigned int			op = attrp->alfi_op_flags &
470 					     XFS_ATTRI_OP_FLAGS_TYPE_MASK;
471 
472 	if (attrp->__pad != 0)
473 		return false;
474 
475 	if (attrp->alfi_op_flags & ~XFS_ATTRI_OP_FLAGS_TYPE_MASK)
476 		return false;
477 
478 	if (attrp->alfi_attr_filter & ~XFS_ATTRI_FILTER_MASK)
479 		return false;
480 
481 	/* alfi_op_flags should be either a set or remove */
482 	switch (op) {
483 	case XFS_ATTRI_OP_FLAGS_SET:
484 	case XFS_ATTRI_OP_FLAGS_REPLACE:
485 	case XFS_ATTRI_OP_FLAGS_REMOVE:
486 		break;
487 	default:
488 		return false;
489 	}
490 
491 	if (attrp->alfi_value_len > XATTR_SIZE_MAX)
492 		return false;
493 
494 	if ((attrp->alfi_name_len > XATTR_NAME_MAX) ||
495 	    (attrp->alfi_name_len == 0))
496 		return false;
497 
498 	return xfs_verify_ino(mp, attrp->alfi_ino);
499 }
500 
501 static inline struct xfs_attr_intent *
502 xfs_attri_recover_work(
503 	struct xfs_mount		*mp,
504 	struct xfs_defer_pending	*dfp,
505 	struct xfs_attri_log_format	*attrp,
506 	struct xfs_inode		**ipp,
507 	struct xfs_attri_log_nameval	*nv)
508 {
509 	struct xfs_attr_intent		*attr;
510 	struct xfs_da_args		*args;
511 	int				local;
512 	int				error;
513 
514 	error = xlog_recover_iget(mp,  attrp->alfi_ino, ipp);
515 	if (error)
516 		return ERR_PTR(error);
517 
518 	attr = kzalloc(sizeof(struct xfs_attr_intent) +
519 			sizeof(struct xfs_da_args), GFP_KERNEL | __GFP_NOFAIL);
520 	args = (struct xfs_da_args *)(attr + 1);
521 
522 	attr->xattri_da_args = args;
523 	attr->xattri_op_flags = attrp->alfi_op_flags &
524 						XFS_ATTRI_OP_FLAGS_TYPE_MASK;
525 
526 	/*
527 	 * We're reconstructing the deferred work state structure from the
528 	 * recovered log item.  Grab a reference to the name/value buffer and
529 	 * attach it to the new work state.
530 	 */
531 	attr->xattri_nameval = xfs_attri_log_nameval_get(nv);
532 	ASSERT(attr->xattri_nameval);
533 
534 	args->dp = *ipp;
535 	args->geo = mp->m_attr_geo;
536 	args->whichfork = XFS_ATTR_FORK;
537 	args->name = nv->name.i_addr;
538 	args->namelen = nv->name.i_len;
539 	args->hashval = xfs_da_hashname(args->name, args->namelen);
540 	args->attr_filter = attrp->alfi_attr_filter & XFS_ATTRI_FILTER_MASK;
541 	args->op_flags = XFS_DA_OP_RECOVERY | XFS_DA_OP_OKNOENT |
542 			 XFS_DA_OP_LOGGED;
543 
544 	ASSERT(xfs_sb_version_haslogxattrs(&mp->m_sb));
545 
546 	switch (attr->xattri_op_flags) {
547 	case XFS_ATTRI_OP_FLAGS_SET:
548 	case XFS_ATTRI_OP_FLAGS_REPLACE:
549 		args->value = nv->value.i_addr;
550 		args->valuelen = nv->value.i_len;
551 		args->total = xfs_attr_calc_size(args, &local);
552 		if (xfs_inode_hasattr(args->dp))
553 			attr->xattri_dela_state = xfs_attr_init_replace_state(args);
554 		else
555 			attr->xattri_dela_state = xfs_attr_init_add_state(args);
556 		break;
557 	case XFS_ATTRI_OP_FLAGS_REMOVE:
558 		attr->xattri_dela_state = xfs_attr_init_remove_state(args);
559 		break;
560 	}
561 
562 	xfs_defer_add_item(dfp, &attr->xattri_list);
563 	return attr;
564 }
565 
566 /*
567  * Process an attr intent item that was recovered from the log.  We need to
568  * delete the attr that it describes.
569  */
570 STATIC int
571 xfs_attr_recover_work(
572 	struct xfs_defer_pending	*dfp,
573 	struct list_head		*capture_list)
574 {
575 	struct xfs_log_item		*lip = dfp->dfp_intent;
576 	struct xfs_attri_log_item	*attrip = ATTRI_ITEM(lip);
577 	struct xfs_attr_intent		*attr;
578 	struct xfs_mount		*mp = lip->li_log->l_mp;
579 	struct xfs_inode		*ip;
580 	struct xfs_da_args		*args;
581 	struct xfs_trans		*tp;
582 	struct xfs_trans_res		resv;
583 	struct xfs_attri_log_format	*attrp;
584 	struct xfs_attri_log_nameval	*nv = attrip->attri_nameval;
585 	int				error;
586 	int				total;
587 
588 	/*
589 	 * First check the validity of the attr described by the ATTRI.  If any
590 	 * are bad, then assume that all are bad and just toss the ATTRI.
591 	 */
592 	attrp = &attrip->attri_format;
593 	if (!xfs_attri_validate(mp, attrp) ||
594 	    !xfs_attr_namecheck(nv->name.i_addr, nv->name.i_len))
595 		return -EFSCORRUPTED;
596 
597 	attr = xfs_attri_recover_work(mp, dfp, attrp, &ip, nv);
598 	if (IS_ERR(attr))
599 		return PTR_ERR(attr);
600 	args = attr->xattri_da_args;
601 
602 	xfs_init_attr_trans(args, &resv, &total);
603 	resv = xlog_recover_resv(&resv);
604 	error = xfs_trans_alloc(mp, &resv, total, 0, XFS_TRANS_RESERVE, &tp);
605 	if (error)
606 		return error;
607 	args->trans = tp;
608 
609 	xfs_ilock(ip, XFS_ILOCK_EXCL);
610 	xfs_trans_ijoin(tp, ip, 0);
611 
612 	error = xlog_recover_finish_intent(tp, dfp);
613 	if (error == -EFSCORRUPTED)
614 		XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp,
615 				&attrip->attri_format,
616 				sizeof(attrip->attri_format));
617 	if (error) {
618 		xfs_trans_cancel(tp);
619 		goto out_unlock;
620 	}
621 
622 	error = xfs_defer_ops_capture_and_commit(tp, capture_list);
623 out_unlock:
624 	xfs_iunlock(ip, XFS_ILOCK_EXCL);
625 	xfs_irele(ip);
626 	return error;
627 }
628 
629 /* Re-log an intent item to push the log tail forward. */
630 static struct xfs_log_item *
631 xfs_attr_relog_intent(
632 	struct xfs_trans		*tp,
633 	struct xfs_log_item		*intent,
634 	struct xfs_log_item		*done_item)
635 {
636 	struct xfs_attri_log_item	*old_attrip;
637 	struct xfs_attri_log_item	*new_attrip;
638 	struct xfs_attri_log_format	*new_attrp;
639 	struct xfs_attri_log_format	*old_attrp;
640 
641 	old_attrip = ATTRI_ITEM(intent);
642 	old_attrp = &old_attrip->attri_format;
643 
644 	/*
645 	 * Create a new log item that shares the same name/value buffer as the
646 	 * old log item.
647 	 */
648 	new_attrip = xfs_attri_init(tp->t_mountp, old_attrip->attri_nameval);
649 	new_attrp = &new_attrip->attri_format;
650 
651 	new_attrp->alfi_ino = old_attrp->alfi_ino;
652 	new_attrp->alfi_op_flags = old_attrp->alfi_op_flags;
653 	new_attrp->alfi_value_len = old_attrp->alfi_value_len;
654 	new_attrp->alfi_name_len = old_attrp->alfi_name_len;
655 	new_attrp->alfi_attr_filter = old_attrp->alfi_attr_filter;
656 
657 	return &new_attrip->attri_item;
658 }
659 
660 /* Get an ATTRD so we can process all the attrs. */
661 static struct xfs_log_item *
662 xfs_attr_create_done(
663 	struct xfs_trans		*tp,
664 	struct xfs_log_item		*intent,
665 	unsigned int			count)
666 {
667 	struct xfs_attri_log_item	*attrip;
668 	struct xfs_attrd_log_item	*attrdp;
669 
670 	attrip = ATTRI_ITEM(intent);
671 
672 	attrdp = kmem_cache_zalloc(xfs_attrd_cache, GFP_KERNEL | __GFP_NOFAIL);
673 
674 	xfs_log_item_init(tp->t_mountp, &attrdp->attrd_item, XFS_LI_ATTRD,
675 			  &xfs_attrd_item_ops);
676 	attrdp->attrd_attrip = attrip;
677 	attrdp->attrd_format.alfd_alf_id = attrip->attri_format.alfi_id;
678 
679 	return &attrdp->attrd_item;
680 }
681 
682 const struct xfs_defer_op_type xfs_attr_defer_type = {
683 	.name		= "attr",
684 	.max_items	= 1,
685 	.create_intent	= xfs_attr_create_intent,
686 	.abort_intent	= xfs_attr_abort_intent,
687 	.create_done	= xfs_attr_create_done,
688 	.finish_item	= xfs_attr_finish_item,
689 	.cancel_item	= xfs_attr_cancel_item,
690 	.recover_work	= xfs_attr_recover_work,
691 	.relog_intent	= xfs_attr_relog_intent,
692 };
693 
694 STATIC int
695 xlog_recover_attri_commit_pass2(
696 	struct xlog                     *log,
697 	struct list_head		*buffer_list,
698 	struct xlog_recover_item        *item,
699 	xfs_lsn_t                       lsn)
700 {
701 	struct xfs_mount                *mp = log->l_mp;
702 	struct xfs_attri_log_item       *attrip;
703 	struct xfs_attri_log_format     *attri_formatp;
704 	struct xfs_attri_log_nameval	*nv;
705 	const void			*attr_value = NULL;
706 	const void			*attr_name;
707 	size_t				len;
708 
709 	attri_formatp = item->ri_buf[0].i_addr;
710 	attr_name = item->ri_buf[1].i_addr;
711 
712 	/* Validate xfs_attri_log_format before the large memory allocation */
713 	len = sizeof(struct xfs_attri_log_format);
714 	if (item->ri_buf[0].i_len != len) {
715 		XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp,
716 				item->ri_buf[0].i_addr, item->ri_buf[0].i_len);
717 		return -EFSCORRUPTED;
718 	}
719 
720 	if (!xfs_attri_validate(mp, attri_formatp)) {
721 		XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp,
722 				item->ri_buf[0].i_addr, item->ri_buf[0].i_len);
723 		return -EFSCORRUPTED;
724 	}
725 
726 	/* Validate the attr name */
727 	if (item->ri_buf[1].i_len !=
728 			xlog_calc_iovec_len(attri_formatp->alfi_name_len)) {
729 		XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp,
730 				item->ri_buf[0].i_addr, item->ri_buf[0].i_len);
731 		return -EFSCORRUPTED;
732 	}
733 
734 	if (!xfs_attr_namecheck(attr_name, attri_formatp->alfi_name_len)) {
735 		XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp,
736 				item->ri_buf[1].i_addr, item->ri_buf[1].i_len);
737 		return -EFSCORRUPTED;
738 	}
739 
740 	/* Validate the attr value, if present */
741 	if (attri_formatp->alfi_value_len != 0) {
742 		if (item->ri_buf[2].i_len != xlog_calc_iovec_len(attri_formatp->alfi_value_len)) {
743 			XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp,
744 					item->ri_buf[0].i_addr,
745 					item->ri_buf[0].i_len);
746 			return -EFSCORRUPTED;
747 		}
748 
749 		attr_value = item->ri_buf[2].i_addr;
750 	}
751 
752 	/*
753 	 * Memory alloc failure will cause replay to abort.  We attach the
754 	 * name/value buffer to the recovered incore log item and drop our
755 	 * reference.
756 	 */
757 	nv = xfs_attri_log_nameval_alloc(attr_name,
758 			attri_formatp->alfi_name_len, attr_value,
759 			attri_formatp->alfi_value_len);
760 
761 	attrip = xfs_attri_init(mp, nv);
762 	memcpy(&attrip->attri_format, attri_formatp, len);
763 
764 	xlog_recover_intent_item(log, &attrip->attri_item, lsn,
765 			&xfs_attr_defer_type);
766 	xfs_attri_log_nameval_put(nv);
767 	return 0;
768 }
769 
770 /*
771  * This routine is called when an ATTRD format structure is found in a committed
772  * transaction in the log. Its purpose is to cancel the corresponding ATTRI if
773  * it was still in the log. To do this it searches the AIL for the ATTRI with
774  * an id equal to that in the ATTRD format structure. If we find it we drop
775  * the ATTRD reference, which removes the ATTRI from the AIL and frees it.
776  */
777 STATIC int
778 xlog_recover_attrd_commit_pass2(
779 	struct xlog			*log,
780 	struct list_head		*buffer_list,
781 	struct xlog_recover_item	*item,
782 	xfs_lsn_t			lsn)
783 {
784 	struct xfs_attrd_log_format	*attrd_formatp;
785 
786 	attrd_formatp = item->ri_buf[0].i_addr;
787 	if (item->ri_buf[0].i_len != sizeof(struct xfs_attrd_log_format)) {
788 		XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, log->l_mp,
789 				item->ri_buf[0].i_addr, item->ri_buf[0].i_len);
790 		return -EFSCORRUPTED;
791 	}
792 
793 	xlog_recover_release_intent(log, XFS_LI_ATTRI,
794 				    attrd_formatp->alfd_alf_id);
795 	return 0;
796 }
797 
798 static const struct xfs_item_ops xfs_attri_item_ops = {
799 	.flags		= XFS_ITEM_INTENT,
800 	.iop_size	= xfs_attri_item_size,
801 	.iop_format	= xfs_attri_item_format,
802 	.iop_unpin	= xfs_attri_item_unpin,
803 	.iop_release    = xfs_attri_item_release,
804 	.iop_match	= xfs_attri_item_match,
805 };
806 
807 const struct xlog_recover_item_ops xlog_attri_item_ops = {
808 	.item_type	= XFS_LI_ATTRI,
809 	.commit_pass2	= xlog_recover_attri_commit_pass2,
810 };
811 
812 static const struct xfs_item_ops xfs_attrd_item_ops = {
813 	.flags		= XFS_ITEM_RELEASE_WHEN_COMMITTED |
814 			  XFS_ITEM_INTENT_DONE,
815 	.iop_size	= xfs_attrd_item_size,
816 	.iop_format	= xfs_attrd_item_format,
817 	.iop_release    = xfs_attrd_item_release,
818 	.iop_intent	= xfs_attrd_item_intent,
819 };
820 
821 const struct xlog_recover_item_ops xlog_attrd_item_ops = {
822 	.item_type	= XFS_LI_ATTRD,
823 	.commit_pass2	= xlog_recover_attrd_commit_pass2,
824 };
825