1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Copyright (c) 2000-2005 Silicon Graphics, Inc.
4 * Copyright (c) 2013 Red Hat, Inc.
5 * All Rights Reserved.
6 */
7 #include "xfs.h"
8 #include "xfs_fs.h"
9 #include "xfs_shared.h"
10 #include "xfs_format.h"
11 #include "xfs_log_format.h"
12 #include "xfs_trans_resv.h"
13 #include "xfs_mount.h"
14 #include "xfs_da_format.h"
15 #include "xfs_inode.h"
16 #include "xfs_trans.h"
17 #include "xfs_bmap.h"
18 #include "xfs_da_btree.h"
19 #include "xfs_attr.h"
20 #include "xfs_attr_sf.h"
21 #include "xfs_attr_leaf.h"
22 #include "xfs_error.h"
23 #include "xfs_trace.h"
24 #include "xfs_dir2.h"
25 #include "xfs_health.h"
26
27 STATIC int
xfs_attr_shortform_compare(const void * a,const void * b)28 xfs_attr_shortform_compare(const void *a, const void *b)
29 {
30 xfs_attr_sf_sort_t *sa, *sb;
31
32 sa = (xfs_attr_sf_sort_t *)a;
33 sb = (xfs_attr_sf_sort_t *)b;
34 if (sa->hash < sb->hash) {
35 return -1;
36 } else if (sa->hash > sb->hash) {
37 return 1;
38 } else {
39 return sa->entno - sb->entno;
40 }
41 }
42
43 #define XFS_ISRESET_CURSOR(cursor) \
44 (!((cursor)->initted) && !((cursor)->hashval) && \
45 !((cursor)->blkno) && !((cursor)->offset))
46 /*
47 * Copy out entries of shortform attribute lists for attr_list().
48 * Shortform attribute lists are not stored in hashval sorted order.
49 * If the output buffer is not large enough to hold them all, then
50 * we have to calculate each entries' hashvalue and sort them before
51 * we can begin returning them to the user.
52 */
53 static int
xfs_attr_shortform_list(struct xfs_attr_list_context * context)54 xfs_attr_shortform_list(
55 struct xfs_attr_list_context *context)
56 {
57 struct xfs_attrlist_cursor_kern *cursor = &context->cursor;
58 struct xfs_inode *dp = context->dp;
59 struct xfs_attr_sf_sort *sbuf, *sbp;
60 struct xfs_attr_sf_hdr *sf = dp->i_af.if_data;
61 struct xfs_attr_sf_entry *sfe;
62 int sbsize, nsbuf, count, i;
63 int error = 0;
64
65 ASSERT(sf != NULL);
66 if (!sf->count)
67 return 0;
68
69 trace_xfs_attr_list_sf(context);
70
71 /*
72 * If the buffer is large enough and the cursor is at the start,
73 * do not bother with sorting since we will return everything in
74 * one buffer and another call using the cursor won't need to be
75 * made.
76 * Note the generous fudge factor of 16 overhead bytes per entry.
77 * If bufsize is zero then put_listent must be a search function
78 * and can just scan through what we have.
79 */
80 if (context->bufsize == 0 ||
81 (XFS_ISRESET_CURSOR(cursor) &&
82 (dp->i_af.if_bytes + sf->count * 16) < context->bufsize)) {
83 for (i = 0, sfe = xfs_attr_sf_firstentry(sf); i < sf->count; i++) {
84 if (XFS_IS_CORRUPT(context->dp->i_mount,
85 !xfs_attr_namecheck(sfe->flags,
86 sfe->nameval,
87 sfe->namelen))) {
88 xfs_dirattr_mark_sick(context->dp, XFS_ATTR_FORK);
89 return -EFSCORRUPTED;
90 }
91 context->put_listent(context,
92 sfe->flags,
93 sfe->nameval,
94 (int)sfe->namelen,
95 &sfe->nameval[sfe->namelen],
96 (int)sfe->valuelen);
97 /*
98 * Either search callback finished early or
99 * didn't fit it all in the buffer after all.
100 */
101 if (context->seen_enough)
102 break;
103 sfe = xfs_attr_sf_nextentry(sfe);
104 }
105 trace_xfs_attr_list_sf_all(context);
106 return 0;
107 }
108
109 /* do no more for a search callback */
110 if (context->bufsize == 0)
111 return 0;
112
113 /*
114 * It didn't all fit, so we have to sort everything on hashval.
115 */
116 sbsize = sf->count * sizeof(*sbuf);
117 sbp = sbuf = kmalloc(sbsize, GFP_KERNEL | __GFP_NOFAIL);
118
119 /*
120 * Scan the attribute list for the rest of the entries, storing
121 * the relevant info from only those that match into a buffer.
122 */
123 nsbuf = 0;
124 for (i = 0, sfe = xfs_attr_sf_firstentry(sf); i < sf->count; i++) {
125 if (unlikely(
126 ((char *)sfe < (char *)sf) ||
127 ((char *)sfe >= ((char *)sf + dp->i_af.if_bytes)) ||
128 !xfs_attr_check_namespace(sfe->flags))) {
129 XFS_CORRUPTION_ERROR("xfs_attr_shortform_list",
130 XFS_ERRLEVEL_LOW,
131 context->dp->i_mount, sfe,
132 sizeof(*sfe));
133 kfree(sbuf);
134 xfs_dirattr_mark_sick(dp, XFS_ATTR_FORK);
135 return -EFSCORRUPTED;
136 }
137
138 sbp->entno = i;
139 sbp->name = sfe->nameval;
140 sbp->namelen = sfe->namelen;
141 /* These are bytes, and both on-disk, don't endian-flip */
142 sbp->value = &sfe->nameval[sfe->namelen];
143 sbp->valuelen = sfe->valuelen;
144 sbp->flags = sfe->flags;
145 sbp->hash = xfs_attr_hashval(dp->i_mount, sfe->flags,
146 sfe->nameval, sfe->namelen,
147 sfe->nameval + sfe->namelen,
148 sfe->valuelen);
149 sfe = xfs_attr_sf_nextentry(sfe);
150 sbp++;
151 nsbuf++;
152 }
153
154 /*
155 * Sort the entries on hash then entno.
156 */
157 xfs_sort(sbuf, nsbuf, sizeof(*sbuf), xfs_attr_shortform_compare);
158
159 /*
160 * Re-find our place IN THE SORTED LIST.
161 */
162 count = 0;
163 cursor->initted = 1;
164 cursor->blkno = 0;
165 for (sbp = sbuf, i = 0; i < nsbuf; i++, sbp++) {
166 if (sbp->hash == cursor->hashval) {
167 if (cursor->offset == count) {
168 break;
169 }
170 count++;
171 } else if (sbp->hash > cursor->hashval) {
172 break;
173 }
174 }
175 if (i == nsbuf)
176 goto out;
177
178 /*
179 * Loop putting entries into the user buffer.
180 */
181 for ( ; i < nsbuf; i++, sbp++) {
182 if (cursor->hashval != sbp->hash) {
183 cursor->hashval = sbp->hash;
184 cursor->offset = 0;
185 }
186 if (XFS_IS_CORRUPT(context->dp->i_mount,
187 !xfs_attr_namecheck(sbp->flags, sbp->name,
188 sbp->namelen))) {
189 xfs_dirattr_mark_sick(context->dp, XFS_ATTR_FORK);
190 error = -EFSCORRUPTED;
191 goto out;
192 }
193 context->put_listent(context,
194 sbp->flags,
195 sbp->name,
196 sbp->namelen,
197 sbp->value,
198 sbp->valuelen);
199 if (context->seen_enough)
200 break;
201 cursor->offset++;
202 }
203 out:
204 kfree(sbuf);
205 return error;
206 }
207
208 /*
209 * We didn't find the block & hash mentioned in the cursor state, so
210 * walk down the attr btree looking for the hash.
211 */
212 STATIC int
xfs_attr_node_list_lookup(struct xfs_attr_list_context * context,struct xfs_attrlist_cursor_kern * cursor,struct xfs_buf ** pbp)213 xfs_attr_node_list_lookup(
214 struct xfs_attr_list_context *context,
215 struct xfs_attrlist_cursor_kern *cursor,
216 struct xfs_buf **pbp)
217 {
218 struct xfs_da3_icnode_hdr nodehdr;
219 struct xfs_da_intnode *node;
220 struct xfs_da_node_entry *btree;
221 struct xfs_inode *dp = context->dp;
222 struct xfs_mount *mp = dp->i_mount;
223 struct xfs_trans *tp = context->tp;
224 struct xfs_buf *bp;
225 xfs_failaddr_t fa;
226 int i;
227 int error = 0;
228 unsigned int expected_level = 0;
229 uint16_t magic;
230
231 ASSERT(*pbp == NULL);
232 cursor->blkno = 0;
233 for (;;) {
234 error = xfs_da3_node_read(tp, dp, cursor->blkno, &bp,
235 XFS_ATTR_FORK);
236 if (error)
237 return error;
238 node = bp->b_addr;
239 magic = be16_to_cpu(node->hdr.info.magic);
240 if (magic == XFS_ATTR_LEAF_MAGIC ||
241 magic == XFS_ATTR3_LEAF_MAGIC)
242 break;
243 if (magic != XFS_DA_NODE_MAGIC &&
244 magic != XFS_DA3_NODE_MAGIC) {
245 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp,
246 node, sizeof(*node));
247 goto out_corruptbuf;
248 }
249
250 fa = xfs_da3_node_header_check(bp, dp->i_ino);
251 if (fa)
252 goto out_corruptbuf;
253
254 xfs_da3_node_hdr_from_disk(mp, &nodehdr, node);
255
256 /* Tree taller than we can handle; bail out! */
257 if (nodehdr.level >= XFS_DA_NODE_MAXDEPTH)
258 goto out_corruptbuf;
259
260 /* Check the level from the root node. */
261 if (cursor->blkno == 0)
262 expected_level = nodehdr.level - 1;
263 else if (expected_level != nodehdr.level)
264 goto out_corruptbuf;
265 else
266 expected_level--;
267
268 btree = nodehdr.btree;
269 for (i = 0; i < nodehdr.count; btree++, i++) {
270 if (cursor->hashval <= be32_to_cpu(btree->hashval)) {
271 cursor->blkno = be32_to_cpu(btree->before);
272 trace_xfs_attr_list_node_descend(context,
273 btree);
274 break;
275 }
276 }
277 xfs_trans_brelse(tp, bp);
278
279 if (i == nodehdr.count)
280 return 0;
281
282 /* We can't point back to the root. */
283 if (XFS_IS_CORRUPT(mp, cursor->blkno == 0)) {
284 xfs_dirattr_mark_sick(dp, XFS_ATTR_FORK);
285 return -EFSCORRUPTED;
286 }
287 }
288
289 fa = xfs_attr3_leaf_header_check(bp, dp->i_ino);
290 if (fa) {
291 __xfs_buf_mark_corrupt(bp, fa);
292 goto out_releasebuf;
293 }
294
295 if (expected_level != 0)
296 goto out_corruptbuf;
297
298 *pbp = bp;
299 return 0;
300
301 out_corruptbuf:
302 xfs_buf_mark_corrupt(bp);
303 out_releasebuf:
304 xfs_trans_brelse(tp, bp);
305 xfs_dirattr_mark_sick(dp, XFS_ATTR_FORK);
306 return -EFSCORRUPTED;
307 }
308
309 STATIC int
xfs_attr_node_list(struct xfs_attr_list_context * context)310 xfs_attr_node_list(
311 struct xfs_attr_list_context *context)
312 {
313 struct xfs_attrlist_cursor_kern *cursor = &context->cursor;
314 struct xfs_attr3_icleaf_hdr leafhdr;
315 struct xfs_attr_leafblock *leaf;
316 struct xfs_da_intnode *node;
317 struct xfs_buf *bp;
318 struct xfs_inode *dp = context->dp;
319 struct xfs_mount *mp = dp->i_mount;
320 xfs_failaddr_t fa;
321 int error = 0;
322
323 trace_xfs_attr_node_list(context);
324
325 cursor->initted = 1;
326
327 /*
328 * Do all sorts of validation on the passed-in cursor structure.
329 * If anything is amiss, ignore the cursor and look up the hashval
330 * starting from the btree root.
331 */
332 bp = NULL;
333 if (cursor->blkno > 0) {
334 struct xfs_attr_leaf_entry *entries;
335
336 error = xfs_da3_node_read(context->tp, dp, cursor->blkno, &bp,
337 XFS_ATTR_FORK);
338 if (xfs_metadata_is_sick(error))
339 xfs_dirattr_mark_sick(dp, XFS_ATTR_FORK);
340 if (error != 0 && error != -EFSCORRUPTED)
341 return error;
342 if (!bp)
343 goto need_lookup;
344
345 node = bp->b_addr;
346 switch (be16_to_cpu(node->hdr.info.magic)) {
347 case XFS_DA_NODE_MAGIC:
348 case XFS_DA3_NODE_MAGIC:
349 trace_xfs_attr_list_wrong_blk(context);
350 fa = xfs_da3_node_header_check(bp, dp->i_ino);
351 if (fa) {
352 __xfs_buf_mark_corrupt(bp, fa);
353 xfs_dirattr_mark_sick(dp, XFS_ATTR_FORK);
354 }
355 xfs_trans_brelse(context->tp, bp);
356 bp = NULL;
357 break;
358 case XFS_ATTR_LEAF_MAGIC:
359 case XFS_ATTR3_LEAF_MAGIC:
360 leaf = bp->b_addr;
361 fa = xfs_attr3_leaf_header_check(bp, dp->i_ino);
362 if (fa) {
363 __xfs_buf_mark_corrupt(bp, fa);
364 xfs_trans_brelse(context->tp, bp);
365 xfs_dirattr_mark_sick(dp, XFS_ATTR_FORK);
366 bp = NULL;
367 break;
368 }
369 xfs_attr3_leaf_hdr_from_disk(mp->m_attr_geo,
370 &leafhdr, leaf);
371 entries = xfs_attr3_leaf_entryp(leaf);
372 if (cursor->hashval > be32_to_cpu(
373 entries[leafhdr.count - 1].hashval)) {
374 trace_xfs_attr_list_wrong_blk(context);
375 xfs_trans_brelse(context->tp, bp);
376 bp = NULL;
377 } else if (cursor->hashval <= be32_to_cpu(
378 entries[0].hashval)) {
379 trace_xfs_attr_list_wrong_blk(context);
380 xfs_trans_brelse(context->tp, bp);
381 bp = NULL;
382 }
383 break;
384 default:
385 trace_xfs_attr_list_wrong_blk(context);
386 xfs_trans_brelse(context->tp, bp);
387 bp = NULL;
388 }
389 }
390
391 /*
392 * We did not find what we expected given the cursor's contents,
393 * so we start from the top and work down based on the hash value.
394 * Note that start of node block is same as start of leaf block.
395 */
396 if (bp == NULL) {
397 need_lookup:
398 error = xfs_attr_node_list_lookup(context, cursor, &bp);
399 if (error || !bp)
400 return error;
401 }
402 ASSERT(bp != NULL);
403
404 /*
405 * Roll upward through the blocks, processing each leaf block in
406 * order. As long as there is space in the result buffer, keep
407 * adding the information.
408 */
409 for (;;) {
410 leaf = bp->b_addr;
411 error = xfs_attr3_leaf_list_int(bp, context);
412 if (error)
413 break;
414 xfs_attr3_leaf_hdr_from_disk(mp->m_attr_geo, &leafhdr, leaf);
415 if (context->seen_enough || leafhdr.forw == 0)
416 break;
417 cursor->blkno = leafhdr.forw;
418 xfs_trans_brelse(context->tp, bp);
419 error = xfs_attr3_leaf_read(context->tp, dp, dp->i_ino,
420 cursor->blkno, &bp);
421 if (error)
422 return error;
423 }
424 xfs_trans_brelse(context->tp, bp);
425 return error;
426 }
427
428 /*
429 * Copy out attribute list entries for attr_list(), for leaf attribute lists.
430 */
431 int
xfs_attr3_leaf_list_int(struct xfs_buf * bp,struct xfs_attr_list_context * context)432 xfs_attr3_leaf_list_int(
433 struct xfs_buf *bp,
434 struct xfs_attr_list_context *context)
435 {
436 struct xfs_attrlist_cursor_kern *cursor = &context->cursor;
437 struct xfs_attr_leafblock *leaf;
438 struct xfs_attr3_icleaf_hdr ichdr;
439 struct xfs_attr_leaf_entry *entries;
440 struct xfs_attr_leaf_entry *entry;
441 int i;
442 struct xfs_mount *mp = context->dp->i_mount;
443
444 trace_xfs_attr_list_leaf(context);
445
446 leaf = bp->b_addr;
447 xfs_attr3_leaf_hdr_from_disk(mp->m_attr_geo, &ichdr, leaf);
448 entries = xfs_attr3_leaf_entryp(leaf);
449
450 cursor->initted = 1;
451
452 /*
453 * Re-find our place in the leaf block if this is a new syscall.
454 */
455 if (context->resynch) {
456 entry = &entries[0];
457 for (i = 0; i < ichdr.count; entry++, i++) {
458 if (be32_to_cpu(entry->hashval) == cursor->hashval) {
459 if (cursor->offset == context->dupcnt) {
460 context->dupcnt = 0;
461 break;
462 }
463 context->dupcnt++;
464 } else if (be32_to_cpu(entry->hashval) >
465 cursor->hashval) {
466 context->dupcnt = 0;
467 break;
468 }
469 }
470 if (i == ichdr.count) {
471 trace_xfs_attr_list_notfound(context);
472 return 0;
473 }
474 } else {
475 entry = &entries[0];
476 i = 0;
477 }
478 context->resynch = 0;
479
480 /*
481 * We have found our place, start copying out the new attributes.
482 */
483 for (; i < ichdr.count; entry++, i++) {
484 char *name;
485 void *value;
486 int namelen, valuelen;
487
488 if (be32_to_cpu(entry->hashval) != cursor->hashval) {
489 cursor->hashval = be32_to_cpu(entry->hashval);
490 cursor->offset = 0;
491 }
492
493 if ((entry->flags & XFS_ATTR_INCOMPLETE) &&
494 !context->allow_incomplete)
495 continue;
496
497 if (entry->flags & XFS_ATTR_LOCAL) {
498 xfs_attr_leaf_name_local_t *name_loc;
499
500 name_loc = xfs_attr3_leaf_name_local(leaf, i);
501 name = name_loc->nameval;
502 namelen = name_loc->namelen;
503 value = &name_loc->nameval[name_loc->namelen];
504 valuelen = be16_to_cpu(name_loc->valuelen);
505 } else {
506 xfs_attr_leaf_name_remote_t *name_rmt;
507
508 name_rmt = xfs_attr3_leaf_name_remote(leaf, i);
509 name = name_rmt->name;
510 namelen = name_rmt->namelen;
511 value = NULL;
512 valuelen = be32_to_cpu(name_rmt->valuelen);
513 }
514
515 if (XFS_IS_CORRUPT(context->dp->i_mount,
516 !xfs_attr_namecheck(entry->flags, name,
517 namelen))) {
518 xfs_dirattr_mark_sick(context->dp, XFS_ATTR_FORK);
519 return -EFSCORRUPTED;
520 }
521 context->put_listent(context, entry->flags,
522 name, namelen, value, valuelen);
523 if (context->seen_enough)
524 break;
525 cursor->offset++;
526 }
527 trace_xfs_attr_list_leaf_end(context);
528 return 0;
529 }
530
531 /*
532 * Copy out attribute entries for attr_list(), for leaf attribute lists.
533 */
534 STATIC int
xfs_attr_leaf_list(struct xfs_attr_list_context * context)535 xfs_attr_leaf_list(
536 struct xfs_attr_list_context *context)
537 {
538 struct xfs_buf *bp;
539 int error;
540
541 trace_xfs_attr_leaf_list(context);
542
543 context->cursor.blkno = 0;
544 error = xfs_attr3_leaf_read(context->tp, context->dp,
545 context->dp->i_ino, 0, &bp);
546 if (error)
547 return error;
548
549 error = xfs_attr3_leaf_list_int(bp, context);
550 xfs_trans_brelse(context->tp, bp);
551 return error;
552 }
553
554 int
xfs_attr_list_ilocked(struct xfs_attr_list_context * context)555 xfs_attr_list_ilocked(
556 struct xfs_attr_list_context *context)
557 {
558 struct xfs_inode *dp = context->dp;
559 int error;
560
561 xfs_assert_ilocked(dp, XFS_ILOCK_SHARED | XFS_ILOCK_EXCL);
562
563 /*
564 * Decide on what work routines to call based on the inode size.
565 */
566 if (!xfs_inode_hasattr(dp))
567 return 0;
568 if (dp->i_af.if_format == XFS_DINODE_FMT_LOCAL)
569 return xfs_attr_shortform_list(context);
570
571 /* Prerequisite for xfs_attr_is_leaf */
572 error = xfs_iread_extents(NULL, dp, XFS_ATTR_FORK);
573 if (error)
574 return error;
575
576 if (xfs_attr_is_leaf(dp))
577 return xfs_attr_leaf_list(context);
578 return xfs_attr_node_list(context);
579 }
580
581 int
xfs_attr_list(struct xfs_attr_list_context * context)582 xfs_attr_list(
583 struct xfs_attr_list_context *context)
584 {
585 struct xfs_inode *dp = context->dp;
586 uint lock_mode;
587 int error;
588
589 XFS_STATS_INC(dp->i_mount, xs_attr_list);
590
591 if (xfs_is_shutdown(dp->i_mount))
592 return -EIO;
593
594 lock_mode = xfs_ilock_attr_map_shared(dp);
595 error = xfs_attr_list_ilocked(context);
596 xfs_iunlock(dp, lock_mode);
597 return error;
598 }
599