1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright (c) 2000-2005 Silicon Graphics, Inc. 4 * Copyright (c) 2013 Red Hat, Inc. 5 * All Rights Reserved. 6 */ 7 #include "xfs.h" 8 #include "xfs_fs.h" 9 #include "xfs_shared.h" 10 #include "xfs_format.h" 11 #include "xfs_log_format.h" 12 #include "xfs_trans_resv.h" 13 #include "xfs_mount.h" 14 #include "xfs_da_format.h" 15 #include "xfs_inode.h" 16 #include "xfs_trans.h" 17 #include "xfs_bmap.h" 18 #include "xfs_da_btree.h" 19 #include "xfs_attr.h" 20 #include "xfs_attr_sf.h" 21 #include "xfs_attr_leaf.h" 22 #include "xfs_error.h" 23 #include "xfs_trace.h" 24 #include "xfs_dir2.h" 25 #include "xfs_health.h" 26 27 STATIC int 28 xfs_attr_shortform_compare(const void *a, const void *b) 29 { 30 xfs_attr_sf_sort_t *sa, *sb; 31 32 sa = (xfs_attr_sf_sort_t *)a; 33 sb = (xfs_attr_sf_sort_t *)b; 34 if (sa->hash < sb->hash) { 35 return -1; 36 } else if (sa->hash > sb->hash) { 37 return 1; 38 } else { 39 return sa->entno - sb->entno; 40 } 41 } 42 43 #define XFS_ISRESET_CURSOR(cursor) \ 44 (!((cursor)->initted) && !((cursor)->hashval) && \ 45 !((cursor)->blkno) && !((cursor)->offset)) 46 /* 47 * Copy out entries of shortform attribute lists for attr_list(). 48 * Shortform attribute lists are not stored in hashval sorted order. 49 * If the output buffer is not large enough to hold them all, then 50 * we have to calculate each entries' hashvalue and sort them before 51 * we can begin returning them to the user. 52 */ 53 static int 54 xfs_attr_shortform_list( 55 struct xfs_attr_list_context *context) 56 { 57 struct xfs_attrlist_cursor_kern *cursor = &context->cursor; 58 struct xfs_inode *dp = context->dp; 59 struct xfs_attr_sf_sort *sbuf, *sbp; 60 struct xfs_attr_sf_hdr *sf = dp->i_af.if_data; 61 struct xfs_attr_sf_entry *sfe; 62 int sbsize, nsbuf, count, i; 63 int error = 0; 64 65 ASSERT(sf != NULL); 66 if (!sf->count) 67 return 0; 68 69 trace_xfs_attr_list_sf(context); 70 71 /* 72 * If the buffer is large enough and the cursor is at the start, 73 * do not bother with sorting since we will return everything in 74 * one buffer and another call using the cursor won't need to be 75 * made. 76 * Note the generous fudge factor of 16 overhead bytes per entry. 77 * If bufsize is zero then put_listent must be a search function 78 * and can just scan through what we have. 79 */ 80 if (context->bufsize == 0 || 81 (XFS_ISRESET_CURSOR(cursor) && 82 (dp->i_af.if_bytes + sf->count * 16) < context->bufsize)) { 83 for (i = 0, sfe = xfs_attr_sf_firstentry(sf); i < sf->count; i++) { 84 if (XFS_IS_CORRUPT(context->dp->i_mount, 85 !xfs_attr_namecheck(sfe->nameval, 86 sfe->namelen))) { 87 xfs_dirattr_mark_sick(context->dp, XFS_ATTR_FORK); 88 return -EFSCORRUPTED; 89 } 90 context->put_listent(context, 91 sfe->flags, 92 sfe->nameval, 93 (int)sfe->namelen, 94 (int)sfe->valuelen); 95 /* 96 * Either search callback finished early or 97 * didn't fit it all in the buffer after all. 98 */ 99 if (context->seen_enough) 100 break; 101 sfe = xfs_attr_sf_nextentry(sfe); 102 } 103 trace_xfs_attr_list_sf_all(context); 104 return 0; 105 } 106 107 /* do no more for a search callback */ 108 if (context->bufsize == 0) 109 return 0; 110 111 /* 112 * It didn't all fit, so we have to sort everything on hashval. 113 */ 114 sbsize = sf->count * sizeof(*sbuf); 115 sbp = sbuf = kmalloc(sbsize, GFP_KERNEL | __GFP_NOFAIL); 116 117 /* 118 * Scan the attribute list for the rest of the entries, storing 119 * the relevant info from only those that match into a buffer. 120 */ 121 nsbuf = 0; 122 for (i = 0, sfe = xfs_attr_sf_firstentry(sf); i < sf->count; i++) { 123 if (unlikely( 124 ((char *)sfe < (char *)sf) || 125 ((char *)sfe >= ((char *)sf + dp->i_af.if_bytes)))) { 126 XFS_CORRUPTION_ERROR("xfs_attr_shortform_list", 127 XFS_ERRLEVEL_LOW, 128 context->dp->i_mount, sfe, 129 sizeof(*sfe)); 130 kfree(sbuf); 131 xfs_dirattr_mark_sick(dp, XFS_ATTR_FORK); 132 return -EFSCORRUPTED; 133 } 134 135 sbp->entno = i; 136 sbp->hash = xfs_da_hashname(sfe->nameval, sfe->namelen); 137 sbp->name = sfe->nameval; 138 sbp->namelen = sfe->namelen; 139 /* These are bytes, and both on-disk, don't endian-flip */ 140 sbp->valuelen = sfe->valuelen; 141 sbp->flags = sfe->flags; 142 sfe = xfs_attr_sf_nextentry(sfe); 143 sbp++; 144 nsbuf++; 145 } 146 147 /* 148 * Sort the entries on hash then entno. 149 */ 150 xfs_sort(sbuf, nsbuf, sizeof(*sbuf), xfs_attr_shortform_compare); 151 152 /* 153 * Re-find our place IN THE SORTED LIST. 154 */ 155 count = 0; 156 cursor->initted = 1; 157 cursor->blkno = 0; 158 for (sbp = sbuf, i = 0; i < nsbuf; i++, sbp++) { 159 if (sbp->hash == cursor->hashval) { 160 if (cursor->offset == count) { 161 break; 162 } 163 count++; 164 } else if (sbp->hash > cursor->hashval) { 165 break; 166 } 167 } 168 if (i == nsbuf) 169 goto out; 170 171 /* 172 * Loop putting entries into the user buffer. 173 */ 174 for ( ; i < nsbuf; i++, sbp++) { 175 if (cursor->hashval != sbp->hash) { 176 cursor->hashval = sbp->hash; 177 cursor->offset = 0; 178 } 179 if (XFS_IS_CORRUPT(context->dp->i_mount, 180 !xfs_attr_namecheck(sbp->name, 181 sbp->namelen))) { 182 xfs_dirattr_mark_sick(context->dp, XFS_ATTR_FORK); 183 error = -EFSCORRUPTED; 184 goto out; 185 } 186 context->put_listent(context, 187 sbp->flags, 188 sbp->name, 189 sbp->namelen, 190 sbp->valuelen); 191 if (context->seen_enough) 192 break; 193 cursor->offset++; 194 } 195 out: 196 kfree(sbuf); 197 return error; 198 } 199 200 /* 201 * We didn't find the block & hash mentioned in the cursor state, so 202 * walk down the attr btree looking for the hash. 203 */ 204 STATIC int 205 xfs_attr_node_list_lookup( 206 struct xfs_attr_list_context *context, 207 struct xfs_attrlist_cursor_kern *cursor, 208 struct xfs_buf **pbp) 209 { 210 struct xfs_da3_icnode_hdr nodehdr; 211 struct xfs_da_intnode *node; 212 struct xfs_da_node_entry *btree; 213 struct xfs_inode *dp = context->dp; 214 struct xfs_mount *mp = dp->i_mount; 215 struct xfs_trans *tp = context->tp; 216 struct xfs_buf *bp; 217 xfs_failaddr_t fa; 218 int i; 219 int error = 0; 220 unsigned int expected_level = 0; 221 uint16_t magic; 222 223 ASSERT(*pbp == NULL); 224 cursor->blkno = 0; 225 for (;;) { 226 error = xfs_da3_node_read(tp, dp, cursor->blkno, &bp, 227 XFS_ATTR_FORK); 228 if (error) 229 return error; 230 node = bp->b_addr; 231 magic = be16_to_cpu(node->hdr.info.magic); 232 if (magic == XFS_ATTR_LEAF_MAGIC || 233 magic == XFS_ATTR3_LEAF_MAGIC) 234 break; 235 if (magic != XFS_DA_NODE_MAGIC && 236 magic != XFS_DA3_NODE_MAGIC) { 237 XFS_CORRUPTION_ERROR(__func__, XFS_ERRLEVEL_LOW, mp, 238 node, sizeof(*node)); 239 goto out_corruptbuf; 240 } 241 242 fa = xfs_da3_node_header_check(bp, dp->i_ino); 243 if (fa) 244 goto out_corruptbuf; 245 246 xfs_da3_node_hdr_from_disk(mp, &nodehdr, node); 247 248 /* Tree taller than we can handle; bail out! */ 249 if (nodehdr.level >= XFS_DA_NODE_MAXDEPTH) 250 goto out_corruptbuf; 251 252 /* Check the level from the root node. */ 253 if (cursor->blkno == 0) 254 expected_level = nodehdr.level - 1; 255 else if (expected_level != nodehdr.level) 256 goto out_corruptbuf; 257 else 258 expected_level--; 259 260 btree = nodehdr.btree; 261 for (i = 0; i < nodehdr.count; btree++, i++) { 262 if (cursor->hashval <= be32_to_cpu(btree->hashval)) { 263 cursor->blkno = be32_to_cpu(btree->before); 264 trace_xfs_attr_list_node_descend(context, 265 btree); 266 break; 267 } 268 } 269 xfs_trans_brelse(tp, bp); 270 271 if (i == nodehdr.count) 272 return 0; 273 274 /* We can't point back to the root. */ 275 if (XFS_IS_CORRUPT(mp, cursor->blkno == 0)) { 276 xfs_dirattr_mark_sick(dp, XFS_ATTR_FORK); 277 return -EFSCORRUPTED; 278 } 279 } 280 281 fa = xfs_attr3_leaf_header_check(bp, dp->i_ino); 282 if (fa) { 283 __xfs_buf_mark_corrupt(bp, fa); 284 goto out_releasebuf; 285 } 286 287 if (expected_level != 0) 288 goto out_corruptbuf; 289 290 *pbp = bp; 291 return 0; 292 293 out_corruptbuf: 294 xfs_buf_mark_corrupt(bp); 295 out_releasebuf: 296 xfs_trans_brelse(tp, bp); 297 xfs_dirattr_mark_sick(dp, XFS_ATTR_FORK); 298 return -EFSCORRUPTED; 299 } 300 301 STATIC int 302 xfs_attr_node_list( 303 struct xfs_attr_list_context *context) 304 { 305 struct xfs_attrlist_cursor_kern *cursor = &context->cursor; 306 struct xfs_attr3_icleaf_hdr leafhdr; 307 struct xfs_attr_leafblock *leaf; 308 struct xfs_da_intnode *node; 309 struct xfs_buf *bp; 310 struct xfs_inode *dp = context->dp; 311 struct xfs_mount *mp = dp->i_mount; 312 xfs_failaddr_t fa; 313 int error = 0; 314 315 trace_xfs_attr_node_list(context); 316 317 cursor->initted = 1; 318 319 /* 320 * Do all sorts of validation on the passed-in cursor structure. 321 * If anything is amiss, ignore the cursor and look up the hashval 322 * starting from the btree root. 323 */ 324 bp = NULL; 325 if (cursor->blkno > 0) { 326 struct xfs_attr_leaf_entry *entries; 327 328 error = xfs_da3_node_read(context->tp, dp, cursor->blkno, &bp, 329 XFS_ATTR_FORK); 330 if (xfs_metadata_is_sick(error)) 331 xfs_dirattr_mark_sick(dp, XFS_ATTR_FORK); 332 if (error != 0 && error != -EFSCORRUPTED) 333 return error; 334 if (!bp) 335 goto need_lookup; 336 337 node = bp->b_addr; 338 switch (be16_to_cpu(node->hdr.info.magic)) { 339 case XFS_DA_NODE_MAGIC: 340 case XFS_DA3_NODE_MAGIC: 341 trace_xfs_attr_list_wrong_blk(context); 342 fa = xfs_da3_node_header_check(bp, dp->i_ino); 343 if (fa) { 344 __xfs_buf_mark_corrupt(bp, fa); 345 xfs_dirattr_mark_sick(dp, XFS_ATTR_FORK); 346 } 347 xfs_trans_brelse(context->tp, bp); 348 bp = NULL; 349 break; 350 case XFS_ATTR_LEAF_MAGIC: 351 case XFS_ATTR3_LEAF_MAGIC: 352 leaf = bp->b_addr; 353 fa = xfs_attr3_leaf_header_check(bp, dp->i_ino); 354 if (fa) { 355 __xfs_buf_mark_corrupt(bp, fa); 356 xfs_trans_brelse(context->tp, bp); 357 xfs_dirattr_mark_sick(dp, XFS_ATTR_FORK); 358 bp = NULL; 359 break; 360 } 361 xfs_attr3_leaf_hdr_from_disk(mp->m_attr_geo, 362 &leafhdr, leaf); 363 entries = xfs_attr3_leaf_entryp(leaf); 364 if (cursor->hashval > be32_to_cpu( 365 entries[leafhdr.count - 1].hashval)) { 366 trace_xfs_attr_list_wrong_blk(context); 367 xfs_trans_brelse(context->tp, bp); 368 bp = NULL; 369 } else if (cursor->hashval <= be32_to_cpu( 370 entries[0].hashval)) { 371 trace_xfs_attr_list_wrong_blk(context); 372 xfs_trans_brelse(context->tp, bp); 373 bp = NULL; 374 } 375 break; 376 default: 377 trace_xfs_attr_list_wrong_blk(context); 378 xfs_trans_brelse(context->tp, bp); 379 bp = NULL; 380 } 381 } 382 383 /* 384 * We did not find what we expected given the cursor's contents, 385 * so we start from the top and work down based on the hash value. 386 * Note that start of node block is same as start of leaf block. 387 */ 388 if (bp == NULL) { 389 need_lookup: 390 error = xfs_attr_node_list_lookup(context, cursor, &bp); 391 if (error || !bp) 392 return error; 393 } 394 ASSERT(bp != NULL); 395 396 /* 397 * Roll upward through the blocks, processing each leaf block in 398 * order. As long as there is space in the result buffer, keep 399 * adding the information. 400 */ 401 for (;;) { 402 leaf = bp->b_addr; 403 error = xfs_attr3_leaf_list_int(bp, context); 404 if (error) 405 break; 406 xfs_attr3_leaf_hdr_from_disk(mp->m_attr_geo, &leafhdr, leaf); 407 if (context->seen_enough || leafhdr.forw == 0) 408 break; 409 cursor->blkno = leafhdr.forw; 410 xfs_trans_brelse(context->tp, bp); 411 error = xfs_attr3_leaf_read(context->tp, dp, dp->i_ino, 412 cursor->blkno, &bp); 413 if (error) 414 return error; 415 } 416 xfs_trans_brelse(context->tp, bp); 417 return error; 418 } 419 420 /* 421 * Copy out attribute list entries for attr_list(), for leaf attribute lists. 422 */ 423 int 424 xfs_attr3_leaf_list_int( 425 struct xfs_buf *bp, 426 struct xfs_attr_list_context *context) 427 { 428 struct xfs_attrlist_cursor_kern *cursor = &context->cursor; 429 struct xfs_attr_leafblock *leaf; 430 struct xfs_attr3_icleaf_hdr ichdr; 431 struct xfs_attr_leaf_entry *entries; 432 struct xfs_attr_leaf_entry *entry; 433 int i; 434 struct xfs_mount *mp = context->dp->i_mount; 435 436 trace_xfs_attr_list_leaf(context); 437 438 leaf = bp->b_addr; 439 xfs_attr3_leaf_hdr_from_disk(mp->m_attr_geo, &ichdr, leaf); 440 entries = xfs_attr3_leaf_entryp(leaf); 441 442 cursor->initted = 1; 443 444 /* 445 * Re-find our place in the leaf block if this is a new syscall. 446 */ 447 if (context->resynch) { 448 entry = &entries[0]; 449 for (i = 0; i < ichdr.count; entry++, i++) { 450 if (be32_to_cpu(entry->hashval) == cursor->hashval) { 451 if (cursor->offset == context->dupcnt) { 452 context->dupcnt = 0; 453 break; 454 } 455 context->dupcnt++; 456 } else if (be32_to_cpu(entry->hashval) > 457 cursor->hashval) { 458 context->dupcnt = 0; 459 break; 460 } 461 } 462 if (i == ichdr.count) { 463 trace_xfs_attr_list_notfound(context); 464 return 0; 465 } 466 } else { 467 entry = &entries[0]; 468 i = 0; 469 } 470 context->resynch = 0; 471 472 /* 473 * We have found our place, start copying out the new attributes. 474 */ 475 for (; i < ichdr.count; entry++, i++) { 476 char *name; 477 int namelen, valuelen; 478 479 if (be32_to_cpu(entry->hashval) != cursor->hashval) { 480 cursor->hashval = be32_to_cpu(entry->hashval); 481 cursor->offset = 0; 482 } 483 484 if ((entry->flags & XFS_ATTR_INCOMPLETE) && 485 !context->allow_incomplete) 486 continue; 487 488 if (entry->flags & XFS_ATTR_LOCAL) { 489 xfs_attr_leaf_name_local_t *name_loc; 490 491 name_loc = xfs_attr3_leaf_name_local(leaf, i); 492 name = name_loc->nameval; 493 namelen = name_loc->namelen; 494 valuelen = be16_to_cpu(name_loc->valuelen); 495 } else { 496 xfs_attr_leaf_name_remote_t *name_rmt; 497 498 name_rmt = xfs_attr3_leaf_name_remote(leaf, i); 499 name = name_rmt->name; 500 namelen = name_rmt->namelen; 501 valuelen = be32_to_cpu(name_rmt->valuelen); 502 } 503 504 if (XFS_IS_CORRUPT(context->dp->i_mount, 505 !xfs_attr_namecheck(name, namelen))) { 506 xfs_dirattr_mark_sick(context->dp, XFS_ATTR_FORK); 507 return -EFSCORRUPTED; 508 } 509 context->put_listent(context, entry->flags, 510 name, namelen, valuelen); 511 if (context->seen_enough) 512 break; 513 cursor->offset++; 514 } 515 trace_xfs_attr_list_leaf_end(context); 516 return 0; 517 } 518 519 /* 520 * Copy out attribute entries for attr_list(), for leaf attribute lists. 521 */ 522 STATIC int 523 xfs_attr_leaf_list( 524 struct xfs_attr_list_context *context) 525 { 526 struct xfs_buf *bp; 527 int error; 528 529 trace_xfs_attr_leaf_list(context); 530 531 context->cursor.blkno = 0; 532 error = xfs_attr3_leaf_read(context->tp, context->dp, 533 context->dp->i_ino, 0, &bp); 534 if (error) 535 return error; 536 537 error = xfs_attr3_leaf_list_int(bp, context); 538 xfs_trans_brelse(context->tp, bp); 539 return error; 540 } 541 542 int 543 xfs_attr_list_ilocked( 544 struct xfs_attr_list_context *context) 545 { 546 struct xfs_inode *dp = context->dp; 547 548 xfs_assert_ilocked(dp, XFS_ILOCK_SHARED | XFS_ILOCK_EXCL); 549 550 /* 551 * Decide on what work routines to call based on the inode size. 552 */ 553 if (!xfs_inode_hasattr(dp)) 554 return 0; 555 if (dp->i_af.if_format == XFS_DINODE_FMT_LOCAL) 556 return xfs_attr_shortform_list(context); 557 if (xfs_attr_is_leaf(dp)) 558 return xfs_attr_leaf_list(context); 559 return xfs_attr_node_list(context); 560 } 561 562 int 563 xfs_attr_list( 564 struct xfs_attr_list_context *context) 565 { 566 struct xfs_inode *dp = context->dp; 567 uint lock_mode; 568 int error; 569 570 XFS_STATS_INC(dp->i_mount, xs_attr_list); 571 572 if (xfs_is_shutdown(dp->i_mount)) 573 return -EIO; 574 575 lock_mode = xfs_ilock_attr_map_shared(dp); 576 error = xfs_attr_list_ilocked(context); 577 xfs_iunlock(dp, lock_mode); 578 return error; 579 } 580