1/*
2 * JFFS2 -- Journalling Flash File System, Version 2.
3 *
4 * Copyright © 2001-2007 Red Hat, Inc.
5 *
6 * Created by David Woodhouse <dwmw2@infradead.org>
7 *
8 * For licensing information, see the file 'LICENCE' in this directory.
9 *
10 */
11
12#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
13
14#include <linux/kernel.h>
15#include <linux/sched.h>
16#include <linux/slab.h>
17#include <linux/fs.h>
18#include <linux/crc32.h>
19#include <linux/pagemap.h>
20#include <linux/mtd/mtd.h>
21#include <linux/compiler.h>
22#include "nodelist.h"
23
24/*
25 * Check the data CRC of the node.
26 *
27 * Returns: 0 if the data CRC is correct;
28 * 1 - if incorrect;
29 * error code if an error occurred.
30 */
31static int check_node_data(struct jffs2_sb_info *c, struct jffs2_tmp_dnode_info *tn)
32{
33 struct jffs2_raw_node_ref *ref = tn->fn->raw;
34 int err = 0, pointed = 0;
35 struct jffs2_eraseblock *jeb;
36 unsigned char *buffer;
37 uint32_t crc, ofs, len;
38 size_t retlen;
39
40 BUG_ON(tn->csize == 0);
41
42 /* Calculate how many bytes were already checked */
43 ofs = ref_offset(ref) + sizeof(struct jffs2_raw_inode);
44 len = tn->csize;
45
46 if (jffs2_is_writebuffered(c)) {
47 int adj = ofs % c->wbuf_pagesize;
48 if (likely(adj))
49 adj = c->wbuf_pagesize - adj;
50
51 if (adj >= tn->csize) {
52 dbg_readinode("no need to check node at %#08x, data length %u, data starts at %#08x - it has already been checked.\n",
53 ref_offset(ref), tn->csize, ofs);
54 goto adj_acc;
55 }
56
57 ofs += adj;
58 len -= adj;
59 }
60
61 dbg_readinode("check node at %#08x, data length %u, partial CRC %#08x, correct CRC %#08x, data starts at %#08x, start checking from %#08x - %u bytes.\n",
62 ref_offset(ref), tn->csize, tn->partial_crc, tn->data_crc, ofs - len, ofs, len);
63
64#ifndef __ECOS
65 /* TODO: instead, incapsulate point() stuff to jffs2_flash_read(),
66 * adding and jffs2_flash_read_end() interface. */
67 err = mtd_point(mtd: c->mtd, from: ofs, len, retlen: &retlen, virt: (void **)&buffer, NULL);
68 if (!err && retlen < len) {
69 JFFS2_WARNING("MTD point returned len too short: %zu instead of %u.\n", retlen, tn->csize);
70 mtd_unpoint(mtd: c->mtd, from: ofs, len: retlen);
71 } else if (err) {
72 if (err != -EOPNOTSUPP)
73 JFFS2_WARNING("MTD point failed: error code %d.\n", err);
74 } else
75 pointed = 1; /* succefully pointed to device */
76#endif
77
78 if (!pointed) {
79 buffer = kmalloc(size: len, GFP_KERNEL);
80 if (unlikely(!buffer))
81 return -ENOMEM;
82
83 /* TODO: this is very frequent pattern, make it a separate
84 * routine */
85 err = jffs2_flash_read(c, ofs, len, retlen: &retlen, buf: buffer);
86 if (err) {
87 JFFS2_ERROR("can not read %d bytes from 0x%08x, error code: %d.\n", len, ofs, err);
88 goto free_out;
89 }
90
91 if (retlen != len) {
92 JFFS2_ERROR("short read at %#08x: %zd instead of %d.\n", ofs, retlen, len);
93 err = -EIO;
94 goto free_out;
95 }
96 }
97
98 /* Continue calculating CRC */
99 crc = crc32(tn->partial_crc, buffer, len);
100 if(!pointed)
101 kfree(objp: buffer);
102#ifndef __ECOS
103 else
104 mtd_unpoint(mtd: c->mtd, from: ofs, len);
105#endif
106
107 if (crc != tn->data_crc) {
108 JFFS2_NOTICE("wrong data CRC in data node at 0x%08x: read %#08x, calculated %#08x.\n",
109 ref_offset(ref), tn->data_crc, crc);
110 return 1;
111 }
112
113adj_acc:
114 jeb = &c->blocks[ref->flash_offset / c->sector_size];
115 len = ref_totlen(c, jeb, ref);
116 /* If it should be REF_NORMAL, it'll get marked as such when
117 we build the fragtree, shortly. No need to worry about GC
118 moving it while it's marked REF_PRISTINE -- GC won't happen
119 till we've finished checking every inode anyway. */
120 ref->flash_offset |= REF_PRISTINE;
121 /*
122 * Mark the node as having been checked and fix the
123 * accounting accordingly.
124 */
125 spin_lock(lock: &c->erase_completion_lock);
126 jeb->used_size += len;
127 jeb->unchecked_size -= len;
128 c->used_size += len;
129 c->unchecked_size -= len;
130 jffs2_dbg_acct_paranoia_check_nolock(c, jeb);
131 spin_unlock(lock: &c->erase_completion_lock);
132
133 return 0;
134
135free_out:
136 if(!pointed)
137 kfree(objp: buffer);
138#ifndef __ECOS
139 else
140 mtd_unpoint(mtd: c->mtd, from: ofs, len);
141#endif
142 return err;
143}
144
145/*
146 * Helper function for jffs2_add_older_frag_to_fragtree().
147 *
148 * Checks the node if we are in the checking stage.
149 */
150static int check_tn_node(struct jffs2_sb_info *c, struct jffs2_tmp_dnode_info *tn)
151{
152 int ret;
153
154 BUG_ON(ref_obsolete(tn->fn->raw));
155
156 /* We only check the data CRC of unchecked nodes */
157 if (ref_flags(tn->fn->raw) != REF_UNCHECKED)
158 return 0;
159
160 dbg_readinode("check node %#04x-%#04x, phys offs %#08x\n",
161 tn->fn->ofs, tn->fn->ofs + tn->fn->size, ref_offset(tn->fn->raw));
162
163 ret = check_node_data(c, tn);
164 if (unlikely(ret < 0)) {
165 JFFS2_ERROR("check_node_data() returned error: %d.\n",
166 ret);
167 } else if (unlikely(ret > 0)) {
168 dbg_readinode("CRC error, mark it obsolete.\n");
169 jffs2_mark_node_obsolete(c, raw: tn->fn->raw);
170 }
171
172 return ret;
173}
174
175static struct jffs2_tmp_dnode_info *jffs2_lookup_tn(struct rb_root *tn_root, uint32_t offset)
176{
177 struct rb_node *next;
178 struct jffs2_tmp_dnode_info *tn = NULL;
179
180 dbg_readinode("root %p, offset %d\n", tn_root, offset);
181
182 next = tn_root->rb_node;
183
184 while (next) {
185 tn = rb_entry(next, struct jffs2_tmp_dnode_info, rb);
186
187 if (tn->fn->ofs < offset)
188 next = tn->rb.rb_right;
189 else if (tn->fn->ofs >= offset)
190 next = tn->rb.rb_left;
191 else
192 break;
193 }
194
195 return tn;
196}
197
198
199static void jffs2_kill_tn(struct jffs2_sb_info *c, struct jffs2_tmp_dnode_info *tn)
200{
201 jffs2_mark_node_obsolete(c, raw: tn->fn->raw);
202 jffs2_free_full_dnode(tn->fn);
203 jffs2_free_tmp_dnode_info(tn);
204}
205/*
206 * This function is used when we read an inode. Data nodes arrive in
207 * arbitrary order -- they may be older or newer than the nodes which
208 * are already in the tree. Where overlaps occur, the older node can
209 * be discarded as long as the newer passes the CRC check. We don't
210 * bother to keep track of holes in this rbtree, and neither do we deal
211 * with frags -- we can have multiple entries starting at the same
212 * offset, and the one with the smallest length will come first in the
213 * ordering.
214 *
215 * Returns 0 if the node was handled (including marking it obsolete)
216 * < 0 an if error occurred
217 */
218static int jffs2_add_tn_to_tree(struct jffs2_sb_info *c,
219 struct jffs2_readinode_info *rii,
220 struct jffs2_tmp_dnode_info *tn)
221{
222 uint32_t fn_end = tn->fn->ofs + tn->fn->size;
223 struct jffs2_tmp_dnode_info *this, *ptn;
224
225 dbg_readinode("insert fragment %#04x-%#04x, ver %u at %08x\n", tn->fn->ofs, fn_end, tn->version, ref_offset(tn->fn->raw));
226
227 /* If a node has zero dsize, we only have to keep it if it might be the
228 node with highest version -- i.e. the one which will end up as f->metadata.
229 Note that such nodes won't be REF_UNCHECKED since there are no data to
230 check anyway. */
231 if (!tn->fn->size) {
232 if (rii->mdata_tn) {
233 if (rii->mdata_tn->version < tn->version) {
234 /* We had a candidate mdata node already */
235 dbg_readinode("kill old mdata with ver %d\n", rii->mdata_tn->version);
236 jffs2_kill_tn(c, tn: rii->mdata_tn);
237 } else {
238 dbg_readinode("kill new mdata with ver %d (older than existing %d\n",
239 tn->version, rii->mdata_tn->version);
240 jffs2_kill_tn(c, tn);
241 return 0;
242 }
243 }
244 rii->mdata_tn = tn;
245 dbg_readinode("keep new mdata with ver %d\n", tn->version);
246 return 0;
247 }
248
249 /* Find the earliest node which _may_ be relevant to this one */
250 this = jffs2_lookup_tn(tn_root: &rii->tn_root, offset: tn->fn->ofs);
251 if (this) {
252 /* If the node is coincident with another at a lower address,
253 back up until the other node is found. It may be relevant */
254 while (this->overlapped) {
255 ptn = tn_prev(this);
256 if (!ptn) {
257 /*
258 * We killed a node which set the overlapped
259 * flags during the scan. Fix it up.
260 */
261 this->overlapped = 0;
262 break;
263 }
264 this = ptn;
265 }
266 dbg_readinode("'this' found %#04x-%#04x (%s)\n", this->fn->ofs, this->fn->ofs + this->fn->size, this->fn ? "data" : "hole");
267 }
268
269 while (this) {
270 if (this->fn->ofs > fn_end)
271 break;
272 dbg_readinode("Ponder this ver %d, 0x%x-0x%x\n",
273 this->version, this->fn->ofs, this->fn->size);
274
275 if (this->version == tn->version) {
276 /* Version number collision means REF_PRISTINE GC. Accept either of them
277 as long as the CRC is correct. Check the one we have already... */
278 if (!check_tn_node(c, tn: this)) {
279 /* The one we already had was OK. Keep it and throw away the new one */
280 dbg_readinode("Like old node. Throw away new\n");
281 jffs2_kill_tn(c, tn);
282 return 0;
283 } else {
284 /* Who cares if the new one is good; keep it for now anyway. */
285 dbg_readinode("Like new node. Throw away old\n");
286 rb_replace_node(victim: &this->rb, new: &tn->rb, root: &rii->tn_root);
287 jffs2_kill_tn(c, tn: this);
288 /* Same overlapping from in front and behind */
289 return 0;
290 }
291 }
292 if (this->version < tn->version &&
293 this->fn->ofs >= tn->fn->ofs &&
294 this->fn->ofs + this->fn->size <= fn_end) {
295 /* New node entirely overlaps 'this' */
296 if (check_tn_node(c, tn)) {
297 dbg_readinode("new node bad CRC\n");
298 jffs2_kill_tn(c, tn);
299 return 0;
300 }
301 /* ... and is good. Kill 'this' and any subsequent nodes which are also overlapped */
302 while (this && this->fn->ofs + this->fn->size <= fn_end) {
303 struct jffs2_tmp_dnode_info *next = tn_next(this);
304 if (this->version < tn->version) {
305 tn_erase(this, &rii->tn_root);
306 dbg_readinode("Kill overlapped ver %d, 0x%x-0x%x\n",
307 this->version, this->fn->ofs,
308 this->fn->ofs+this->fn->size);
309 jffs2_kill_tn(c, tn: this);
310 }
311 this = next;
312 }
313 dbg_readinode("Done killing overlapped nodes\n");
314 continue;
315 }
316 if (this->version > tn->version &&
317 this->fn->ofs <= tn->fn->ofs &&
318 this->fn->ofs+this->fn->size >= fn_end) {
319 /* New node entirely overlapped by 'this' */
320 if (!check_tn_node(c, tn: this)) {
321 dbg_readinode("Good CRC on old node. Kill new\n");
322 jffs2_kill_tn(c, tn);
323 return 0;
324 }
325 /* ... but 'this' was bad. Replace it... */
326 dbg_readinode("Bad CRC on old overlapping node. Kill it\n");
327 tn_erase(this, &rii->tn_root);
328 jffs2_kill_tn(c, tn: this);
329 break;
330 }
331
332 this = tn_next(this);
333 }
334
335 /* We neither completely obsoleted nor were completely
336 obsoleted by an earlier node. Insert into the tree */
337 {
338 struct rb_node *parent;
339 struct rb_node **link = &rii->tn_root.rb_node;
340 struct jffs2_tmp_dnode_info *insert_point = NULL;
341
342 while (*link) {
343 parent = *link;
344 insert_point = rb_entry(parent, struct jffs2_tmp_dnode_info, rb);
345 if (tn->fn->ofs > insert_point->fn->ofs)
346 link = &insert_point->rb.rb_right;
347 else if (tn->fn->ofs < insert_point->fn->ofs ||
348 tn->fn->size < insert_point->fn->size)
349 link = &insert_point->rb.rb_left;
350 else
351 link = &insert_point->rb.rb_right;
352 }
353 rb_link_node(node: &tn->rb, parent: &insert_point->rb, rb_link: link);
354 rb_insert_color(&tn->rb, &rii->tn_root);
355 }
356
357 /* If there's anything behind that overlaps us, note it */
358 this = tn_prev(tn);
359 if (this) {
360 while (1) {
361 if (this->fn->ofs + this->fn->size > tn->fn->ofs) {
362 dbg_readinode("Node is overlapped by %p (v %d, 0x%x-0x%x)\n",
363 this, this->version, this->fn->ofs,
364 this->fn->ofs+this->fn->size);
365 tn->overlapped = 1;
366 break;
367 }
368 if (!this->overlapped)
369 break;
370
371 ptn = tn_prev(this);
372 if (!ptn) {
373 /*
374 * We killed a node which set the overlapped
375 * flags during the scan. Fix it up.
376 */
377 this->overlapped = 0;
378 break;
379 }
380 this = ptn;
381 }
382 }
383
384 /* If the new node overlaps anything ahead, note it */
385 this = tn_next(tn);
386 while (this && this->fn->ofs < fn_end) {
387 this->overlapped = 1;
388 dbg_readinode("Node ver %d, 0x%x-0x%x is overlapped\n",
389 this->version, this->fn->ofs,
390 this->fn->ofs+this->fn->size);
391 this = tn_next(this);
392 }
393 return 0;
394}
395
396/* Trivial function to remove the last node in the tree. Which by definition
397 has no right-hand child — so can be removed just by making its left-hand
398 child (if any) take its place under its parent. Since this is only done
399 when we're consuming the whole tree, there's no need to use rb_erase()
400 and let it worry about adjusting colours and balancing the tree. That
401 would just be a waste of time. */
402static void eat_last(struct rb_root *root, struct rb_node *node)
403{
404 struct rb_node *parent = rb_parent(node);
405 struct rb_node **link;
406
407 /* LAST! */
408 BUG_ON(node->rb_right);
409
410 if (!parent)
411 link = &root->rb_node;
412 else if (node == parent->rb_left)
413 link = &parent->rb_left;
414 else
415 link = &parent->rb_right;
416
417 *link = node->rb_left;
418 if (node->rb_left)
419 node->rb_left->__rb_parent_color = node->__rb_parent_color;
420}
421
422/* We put the version tree in reverse order, so we can use the same eat_last()
423 function that we use to consume the tmpnode tree (tn_root). */
424static void ver_insert(struct rb_root *ver_root, struct jffs2_tmp_dnode_info *tn)
425{
426 struct rb_node **link = &ver_root->rb_node;
427 struct rb_node *parent = NULL;
428 struct jffs2_tmp_dnode_info *this_tn;
429
430 while (*link) {
431 parent = *link;
432 this_tn = rb_entry(parent, struct jffs2_tmp_dnode_info, rb);
433
434 if (tn->version > this_tn->version)
435 link = &parent->rb_left;
436 else
437 link = &parent->rb_right;
438 }
439 dbg_readinode("Link new node at %p (root is %p)\n", link, ver_root);
440 rb_link_node(node: &tn->rb, parent, rb_link: link);
441 rb_insert_color(&tn->rb, ver_root);
442}
443
444/* Build final, normal fragtree from tn tree. It doesn't matter which order
445 we add nodes to the real fragtree, as long as they don't overlap. And
446 having thrown away the majority of overlapped nodes as we went, there
447 really shouldn't be many sets of nodes which do overlap. If we start at
448 the end, we can use the overlap markers -- we can just eat nodes which
449 aren't overlapped, and when we encounter nodes which _do_ overlap we
450 sort them all into a temporary tree in version order before replaying them. */
451static int jffs2_build_inode_fragtree(struct jffs2_sb_info *c,
452 struct jffs2_inode_info *f,
453 struct jffs2_readinode_info *rii)
454{
455 struct jffs2_tmp_dnode_info *pen, *last, *this;
456 struct rb_root ver_root = RB_ROOT;
457 uint32_t high_ver = 0;
458
459 if (rii->mdata_tn) {
460 dbg_readinode("potential mdata is ver %d at %p\n", rii->mdata_tn->version, rii->mdata_tn);
461 high_ver = rii->mdata_tn->version;
462 rii->latest_ref = rii->mdata_tn->fn->raw;
463 }
464#ifdef JFFS2_DBG_READINODE_MESSAGES
465 this = tn_last(&rii->tn_root);
466 while (this) {
467 dbg_readinode("tn %p ver %d range 0x%x-0x%x ov %d\n", this, this->version, this->fn->ofs,
468 this->fn->ofs+this->fn->size, this->overlapped);
469 this = tn_prev(this);
470 }
471#endif
472 pen = tn_last(&rii->tn_root);
473 while ((last = pen)) {
474 pen = tn_prev(last);
475
476 eat_last(root: &rii->tn_root, node: &last->rb);
477 ver_insert(ver_root: &ver_root, tn: last);
478
479 if (unlikely(last->overlapped)) {
480 if (pen)
481 continue;
482 /*
483 * We killed a node which set the overlapped
484 * flags during the scan. Fix it up.
485 */
486 last->overlapped = 0;
487 }
488
489 /* Now we have a bunch of nodes in reverse version
490 order, in the tree at ver_root. Most of the time,
491 there'll actually be only one node in the 'tree',
492 in fact. */
493 this = tn_last(&ver_root);
494
495 while (this) {
496 struct jffs2_tmp_dnode_info *vers_next;
497 int ret;
498 vers_next = tn_prev(this);
499 eat_last(root: &ver_root, node: &this->rb);
500 if (check_tn_node(c, tn: this)) {
501 dbg_readinode("node ver %d, 0x%x-0x%x failed CRC\n",
502 this->version, this->fn->ofs,
503 this->fn->ofs+this->fn->size);
504 jffs2_kill_tn(c, tn: this);
505 } else {
506 if (this->version > high_ver) {
507 /* Note that this is different from the other
508 highest_version, because this one is only
509 counting _valid_ nodes which could give the
510 latest inode metadata */
511 high_ver = this->version;
512 rii->latest_ref = this->fn->raw;
513 }
514 dbg_readinode("Add %p (v %d, 0x%x-0x%x, ov %d) to fragtree\n",
515 this, this->version, this->fn->ofs,
516 this->fn->ofs+this->fn->size, this->overlapped);
517
518 ret = jffs2_add_full_dnode_to_inode(c, f, fn: this->fn);
519 if (ret) {
520 /* Free the nodes in vers_root; let the caller
521 deal with the rest */
522 JFFS2_ERROR("Add node to tree failed %d\n", ret);
523 while (1) {
524 vers_next = tn_prev(this);
525 if (check_tn_node(c, tn: this))
526 jffs2_mark_node_obsolete(c, raw: this->fn->raw);
527 jffs2_free_full_dnode(this->fn);
528 jffs2_free_tmp_dnode_info(this);
529 this = vers_next;
530 if (!this)
531 break;
532 eat_last(root: &ver_root, node: &vers_next->rb);
533 }
534 return ret;
535 }
536 jffs2_free_tmp_dnode_info(this);
537 }
538 this = vers_next;
539 }
540 }
541 return 0;
542}
543
544static void jffs2_free_tmp_dnode_info_list(struct rb_root *list)
545{
546 struct jffs2_tmp_dnode_info *tn, *next;
547
548 rbtree_postorder_for_each_entry_safe(tn, next, list, rb) {
549 jffs2_free_full_dnode(tn->fn);
550 jffs2_free_tmp_dnode_info(tn);
551 }
552
553 *list = RB_ROOT;
554}
555
556static void jffs2_free_full_dirent_list(struct jffs2_full_dirent *fd)
557{
558 struct jffs2_full_dirent *next;
559
560 while (fd) {
561 next = fd->next;
562 jffs2_free_full_dirent(fd);
563 fd = next;
564 }
565}
566
567/* Returns first valid node after 'ref'. May return 'ref' */
568static struct jffs2_raw_node_ref *jffs2_first_valid_node(struct jffs2_raw_node_ref *ref)
569{
570 while (ref && ref->next_in_ino) {
571 if (!ref_obsolete(ref))
572 return ref;
573 dbg_noderef("node at 0x%08x is obsoleted. Ignoring.\n", ref_offset(ref));
574 ref = ref->next_in_ino;
575 }
576 return NULL;
577}
578
579/*
580 * Helper function for jffs2_get_inode_nodes().
581 * It is called every time an directory entry node is found.
582 *
583 * Returns: 0 on success;
584 * negative error code on failure.
585 */
586static inline int read_direntry(struct jffs2_sb_info *c, struct jffs2_raw_node_ref *ref,
587 struct jffs2_raw_dirent *rd, size_t read,
588 struct jffs2_readinode_info *rii)
589{
590 struct jffs2_full_dirent *fd;
591 uint32_t crc;
592
593 /* Obsoleted. This cannot happen, surely? dwmw2 20020308 */
594 BUG_ON(ref_obsolete(ref));
595
596 crc = crc32(0, rd, sizeof(*rd) - 8);
597 if (unlikely(crc != je32_to_cpu(rd->node_crc))) {
598 JFFS2_NOTICE("header CRC failed on dirent node at %#08x: read %#08x, calculated %#08x\n",
599 ref_offset(ref), je32_to_cpu(rd->node_crc), crc);
600 jffs2_mark_node_obsolete(c, raw: ref);
601 return 0;
602 }
603
604 /* If we've never checked the CRCs on this node, check them now */
605 if (ref_flags(ref) == REF_UNCHECKED) {
606 struct jffs2_eraseblock *jeb;
607 int len;
608
609 /* Sanity check */
610 if (unlikely(PAD((rd->nsize + sizeof(*rd))) != PAD(je32_to_cpu(rd->totlen)))) {
611 JFFS2_ERROR("illegal nsize in node at %#08x: nsize %#02x, totlen %#04x\n",
612 ref_offset(ref), rd->nsize, je32_to_cpu(rd->totlen));
613 jffs2_mark_node_obsolete(c, raw: ref);
614 return 0;
615 }
616
617 jeb = &c->blocks[ref->flash_offset / c->sector_size];
618 len = ref_totlen(c, jeb, ref);
619
620 spin_lock(lock: &c->erase_completion_lock);
621 jeb->used_size += len;
622 jeb->unchecked_size -= len;
623 c->used_size += len;
624 c->unchecked_size -= len;
625 ref->flash_offset = ref_offset(ref) | dirent_node_state(rd);
626 spin_unlock(lock: &c->erase_completion_lock);
627 }
628
629 fd = jffs2_alloc_full_dirent(namesize: rd->nsize + 1);
630 if (unlikely(!fd))
631 return -ENOMEM;
632
633 fd->raw = ref;
634 fd->version = je32_to_cpu(rd->version);
635 fd->ino = je32_to_cpu(rd->ino);
636 fd->type = rd->type;
637
638 if (fd->version > rii->highest_version)
639 rii->highest_version = fd->version;
640
641 /* Pick out the mctime of the latest dirent */
642 if(fd->version > rii->mctime_ver && je32_to_cpu(rd->mctime)) {
643 rii->mctime_ver = fd->version;
644 rii->latest_mctime = je32_to_cpu(rd->mctime);
645 }
646
647 /*
648 * Copy as much of the name as possible from the raw
649 * dirent we've already read from the flash.
650 */
651 if (read > sizeof(*rd))
652 memcpy(&fd->name[0], &rd->name[0],
653 min_t(uint32_t, rd->nsize, (read - sizeof(*rd)) ));
654
655 /* Do we need to copy any more of the name directly from the flash? */
656 if (rd->nsize + sizeof(*rd) > read) {
657 /* FIXME: point() */
658 int err;
659 int already = read - sizeof(*rd);
660
661 err = jffs2_flash_read(c, ofs: (ref_offset(ref)) + read,
662 len: rd->nsize - already, retlen: &read, buf: &fd->name[already]);
663 if (unlikely(read != rd->nsize - already) && likely(!err)) {
664 jffs2_free_full_dirent(fd);
665 JFFS2_ERROR("short read: wanted %d bytes, got %zd\n",
666 rd->nsize - already, read);
667 return -EIO;
668 }
669
670 if (unlikely(err)) {
671 JFFS2_ERROR("read remainder of name: error %d\n", err);
672 jffs2_free_full_dirent(fd);
673 return -EIO;
674 }
675
676#ifdef CONFIG_JFFS2_SUMMARY
677 /*
678 * we use CONFIG_JFFS2_SUMMARY because without it, we
679 * have checked it while mounting
680 */
681 crc = crc32(0, fd->name, rd->nsize);
682 if (unlikely(crc != je32_to_cpu(rd->name_crc))) {
683 JFFS2_NOTICE("name CRC failed on dirent node at"
684 "%#08x: read %#08x,calculated %#08x\n",
685 ref_offset(ref), je32_to_cpu(rd->node_crc), crc);
686 jffs2_mark_node_obsolete(c, raw: ref);
687 jffs2_free_full_dirent(fd);
688 return 0;
689 }
690#endif
691 }
692
693 fd->nhash = full_name_hash(NULL, fd->name, rd->nsize);
694 fd->next = NULL;
695 fd->name[rd->nsize] = '\0';
696
697 /*
698 * Wheee. We now have a complete jffs2_full_dirent structure, with
699 * the name in it and everything. Link it into the list
700 */
701 jffs2_add_fd_to_list(c, new: fd, list: &rii->fds);
702
703 return 0;
704}
705
706/*
707 * Helper function for jffs2_get_inode_nodes().
708 * It is called every time an inode node is found.
709 *
710 * Returns: 0 on success (possibly after marking a bad node obsolete);
711 * negative error code on failure.
712 */
713static inline int read_dnode(struct jffs2_sb_info *c, struct jffs2_raw_node_ref *ref,
714 struct jffs2_raw_inode *rd, int rdlen,
715 struct jffs2_readinode_info *rii)
716{
717 struct jffs2_tmp_dnode_info *tn;
718 uint32_t len, csize;
719 int ret = 0;
720 uint32_t crc;
721
722 /* Obsoleted. This cannot happen, surely? dwmw2 20020308 */
723 BUG_ON(ref_obsolete(ref));
724
725 crc = crc32(0, rd, sizeof(*rd) - 8);
726 if (unlikely(crc != je32_to_cpu(rd->node_crc))) {
727 JFFS2_NOTICE("node CRC failed on dnode at %#08x: read %#08x, calculated %#08x\n",
728 ref_offset(ref), je32_to_cpu(rd->node_crc), crc);
729 jffs2_mark_node_obsolete(c, raw: ref);
730 return 0;
731 }
732
733 tn = jffs2_alloc_tmp_dnode_info();
734 if (!tn) {
735 JFFS2_ERROR("failed to allocate tn (%zu bytes).\n", sizeof(*tn));
736 return -ENOMEM;
737 }
738
739 tn->partial_crc = 0;
740 csize = je32_to_cpu(rd->csize);
741
742 /* If we've never checked the CRCs on this node, check them now */
743 if (ref_flags(ref) == REF_UNCHECKED) {
744
745 /* Sanity checks */
746 if (unlikely(je32_to_cpu(rd->offset) > je32_to_cpu(rd->isize)) ||
747 unlikely(PAD(je32_to_cpu(rd->csize) + sizeof(*rd)) != PAD(je32_to_cpu(rd->totlen)))) {
748 JFFS2_WARNING("inode node header CRC is corrupted at %#08x\n", ref_offset(ref));
749 jffs2_dbg_dump_node(c, ref_offset(ref));
750 jffs2_mark_node_obsolete(c, raw: ref);
751 goto free_out;
752 }
753
754 if (jffs2_is_writebuffered(c) && csize != 0) {
755 /* At this point we are supposed to check the data CRC
756 * of our unchecked node. But thus far, we do not
757 * know whether the node is valid or obsolete. To
758 * figure this out, we need to walk all the nodes of
759 * the inode and build the inode fragtree. We don't
760 * want to spend time checking data of nodes which may
761 * later be found to be obsolete. So we put off the full
762 * data CRC checking until we have read all the inode
763 * nodes and have started building the fragtree.
764 *
765 * The fragtree is being built starting with nodes
766 * having the highest version number, so we'll be able
767 * to detect whether a node is valid (i.e., it is not
768 * overlapped by a node with higher version) or not.
769 * And we'll be able to check only those nodes, which
770 * are not obsolete.
771 *
772 * Of course, this optimization only makes sense in case
773 * of NAND flashes (or other flashes with
774 * !jffs2_can_mark_obsolete()), since on NOR flashes
775 * nodes are marked obsolete physically.
776 *
777 * Since NAND flashes (or other flashes with
778 * jffs2_is_writebuffered(c)) are anyway read by
779 * fractions of c->wbuf_pagesize, and we have just read
780 * the node header, it is likely that the starting part
781 * of the node data is also read when we read the
782 * header. So we don't mind to check the CRC of the
783 * starting part of the data of the node now, and check
784 * the second part later (in jffs2_check_node_data()).
785 * Of course, we will not need to re-read and re-check
786 * the NAND page which we have just read. This is why we
787 * read the whole NAND page at jffs2_get_inode_nodes(),
788 * while we needed only the node header.
789 */
790 unsigned char *buf;
791
792 /* 'buf' will point to the start of data */
793 buf = (unsigned char *)rd + sizeof(*rd);
794 /* len will be the read data length */
795 len = min_t(uint32_t, rdlen - sizeof(*rd), csize);
796 tn->partial_crc = crc32(0, buf, len);
797
798 dbg_readinode("Calculates CRC (%#08x) for %d bytes, csize %d\n", tn->partial_crc, len, csize);
799
800 /* If we actually calculated the whole data CRC
801 * and it is wrong, drop the node. */
802 if (len >= csize && unlikely(tn->partial_crc != je32_to_cpu(rd->data_crc))) {
803 JFFS2_NOTICE("wrong data CRC in data node at 0x%08x: read %#08x, calculated %#08x.\n",
804 ref_offset(ref), tn->partial_crc, je32_to_cpu(rd->data_crc));
805 jffs2_mark_node_obsolete(c, raw: ref);
806 goto free_out;
807 }
808
809 } else if (csize == 0) {
810 /*
811 * We checked the header CRC. If the node has no data, adjust
812 * the space accounting now. For other nodes this will be done
813 * later either when the node is marked obsolete or when its
814 * data is checked.
815 */
816 struct jffs2_eraseblock *jeb;
817
818 dbg_readinode("the node has no data.\n");
819 jeb = &c->blocks[ref->flash_offset / c->sector_size];
820 len = ref_totlen(c, jeb, ref);
821
822 spin_lock(lock: &c->erase_completion_lock);
823 jeb->used_size += len;
824 jeb->unchecked_size -= len;
825 c->used_size += len;
826 c->unchecked_size -= len;
827 ref->flash_offset = ref_offset(ref) | REF_NORMAL;
828 spin_unlock(lock: &c->erase_completion_lock);
829 }
830 }
831
832 tn->fn = jffs2_alloc_full_dnode();
833 if (!tn->fn) {
834 JFFS2_ERROR("alloc fn failed\n");
835 ret = -ENOMEM;
836 goto free_out;
837 }
838
839 tn->version = je32_to_cpu(rd->version);
840 tn->fn->ofs = je32_to_cpu(rd->offset);
841 tn->data_crc = je32_to_cpu(rd->data_crc);
842 tn->csize = csize;
843 tn->fn->raw = ref;
844 tn->overlapped = 0;
845
846 if (tn->version > rii->highest_version)
847 rii->highest_version = tn->version;
848
849 /* There was a bug where we wrote hole nodes out with
850 csize/dsize swapped. Deal with it */
851 if (rd->compr == JFFS2_COMPR_ZERO && !je32_to_cpu(rd->dsize) && csize)
852 tn->fn->size = csize;
853 else // normal case...
854 tn->fn->size = je32_to_cpu(rd->dsize);
855
856 dbg_readinode2("dnode @%08x: ver %u, offset %#04x, dsize %#04x, csize %#04x\n",
857 ref_offset(ref), je32_to_cpu(rd->version),
858 je32_to_cpu(rd->offset), je32_to_cpu(rd->dsize), csize);
859
860 ret = jffs2_add_tn_to_tree(c, rii, tn);
861
862 if (ret) {
863 jffs2_free_full_dnode(tn->fn);
864 free_out:
865 jffs2_free_tmp_dnode_info(tn);
866 return ret;
867 }
868#ifdef JFFS2_DBG_READINODE2_MESSAGES
869 dbg_readinode2("After adding ver %d:\n", je32_to_cpu(rd->version));
870 tn = tn_first(&rii->tn_root);
871 while (tn) {
872 dbg_readinode2("%p: v %d r 0x%x-0x%x ov %d\n",
873 tn, tn->version, tn->fn->ofs,
874 tn->fn->ofs+tn->fn->size, tn->overlapped);
875 tn = tn_next(tn);
876 }
877#endif
878 return 0;
879}
880
881/*
882 * Helper function for jffs2_get_inode_nodes().
883 * It is called every time an unknown node is found.
884 *
885 * Returns: 0 on success;
886 * negative error code on failure.
887 */
888static inline int read_unknown(struct jffs2_sb_info *c, struct jffs2_raw_node_ref *ref, struct jffs2_unknown_node *un)
889{
890 /* We don't mark unknown nodes as REF_UNCHECKED */
891 if (ref_flags(ref) == REF_UNCHECKED) {
892 JFFS2_ERROR("REF_UNCHECKED but unknown node at %#08x\n",
893 ref_offset(ref));
894 JFFS2_ERROR("Node is {%04x,%04x,%08x,%08x}. Please report this error.\n",
895 je16_to_cpu(un->magic), je16_to_cpu(un->nodetype),
896 je32_to_cpu(un->totlen), je32_to_cpu(un->hdr_crc));
897 jffs2_mark_node_obsolete(c, raw: ref);
898 return 0;
899 }
900
901 un->nodetype = cpu_to_je16(JFFS2_NODE_ACCURATE | je16_to_cpu(un->nodetype));
902
903 switch(je16_to_cpu(un->nodetype) & JFFS2_COMPAT_MASK) {
904
905 case JFFS2_FEATURE_INCOMPAT:
906 JFFS2_ERROR("unknown INCOMPAT nodetype %#04X at %#08x\n",
907 je16_to_cpu(un->nodetype), ref_offset(ref));
908 /* EEP */
909 BUG();
910 break;
911
912 case JFFS2_FEATURE_ROCOMPAT:
913 JFFS2_ERROR("unknown ROCOMPAT nodetype %#04X at %#08x\n",
914 je16_to_cpu(un->nodetype), ref_offset(ref));
915 BUG_ON(!(c->flags & JFFS2_SB_FLAG_RO));
916 break;
917
918 case JFFS2_FEATURE_RWCOMPAT_COPY:
919 JFFS2_NOTICE("unknown RWCOMPAT_COPY nodetype %#04X at %#08x\n",
920 je16_to_cpu(un->nodetype), ref_offset(ref));
921 break;
922
923 case JFFS2_FEATURE_RWCOMPAT_DELETE:
924 JFFS2_NOTICE("unknown RWCOMPAT_DELETE nodetype %#04X at %#08x\n",
925 je16_to_cpu(un->nodetype), ref_offset(ref));
926 jffs2_mark_node_obsolete(c, raw: ref);
927 return 0;
928 }
929
930 return 0;
931}
932
933/*
934 * Helper function for jffs2_get_inode_nodes().
935 * The function detects whether more data should be read and reads it if yes.
936 *
937 * Returns: 0 on success;
938 * negative error code on failure.
939 */
940static int read_more(struct jffs2_sb_info *c, struct jffs2_raw_node_ref *ref,
941 int needed_len, int *rdlen, unsigned char *buf)
942{
943 int err, to_read = needed_len - *rdlen;
944 size_t retlen;
945 uint32_t offs;
946
947 if (jffs2_is_writebuffered(c)) {
948 int rem = to_read % c->wbuf_pagesize;
949
950 if (rem)
951 to_read += c->wbuf_pagesize - rem;
952 }
953
954 /* We need to read more data */
955 offs = ref_offset(ref) + *rdlen;
956
957 dbg_readinode("read more %d bytes\n", to_read);
958
959 err = jffs2_flash_read(c, ofs: offs, len: to_read, retlen: &retlen, buf: buf + *rdlen);
960 if (err) {
961 JFFS2_ERROR("can not read %d bytes from 0x%08x, "
962 "error code: %d.\n", to_read, offs, err);
963 return err;
964 }
965
966 if (retlen < to_read) {
967 JFFS2_ERROR("short read at %#08x: %zu instead of %d.\n",
968 offs, retlen, to_read);
969 return -EIO;
970 }
971
972 *rdlen += to_read;
973 return 0;
974}
975
976/* Get tmp_dnode_info and full_dirent for all non-obsolete nodes associated
977 with this ino. Perform a preliminary ordering on data nodes, throwing away
978 those which are completely obsoleted by newer ones. The naïve approach we
979 use to take of just returning them _all_ in version order will cause us to
980 run out of memory in certain degenerate cases. */
981static int jffs2_get_inode_nodes(struct jffs2_sb_info *c, struct jffs2_inode_info *f,
982 struct jffs2_readinode_info *rii)
983{
984 struct jffs2_raw_node_ref *ref, *valid_ref;
985 unsigned char *buf = NULL;
986 union jffs2_node_union *node;
987 size_t retlen;
988 int len, err;
989
990 rii->mctime_ver = 0;
991
992 dbg_readinode("ino #%u\n", f->inocache->ino);
993
994 /* FIXME: in case of NOR and available ->point() this
995 * needs to be fixed. */
996 len = sizeof(union jffs2_node_union) + c->wbuf_pagesize;
997 buf = kmalloc(size: len, GFP_KERNEL);
998 if (!buf)
999 return -ENOMEM;
1000
1001 spin_lock(lock: &c->erase_completion_lock);
1002 valid_ref = jffs2_first_valid_node(ref: f->inocache->nodes);
1003 if (!valid_ref && f->inocache->ino != 1)
1004 JFFS2_WARNING("Eep. No valid nodes for ino #%u.\n", f->inocache->ino);
1005 while (valid_ref) {
1006 /* We can hold a pointer to a non-obsolete node without the spinlock,
1007 but _obsolete_ nodes may disappear at any time, if the block
1008 they're in gets erased. So if we mark 'ref' obsolete while we're
1009 not holding the lock, it can go away immediately. For that reason,
1010 we find the next valid node first, before processing 'ref'.
1011 */
1012 ref = valid_ref;
1013 valid_ref = jffs2_first_valid_node(ref: ref->next_in_ino);
1014 spin_unlock(lock: &c->erase_completion_lock);
1015
1016 cond_resched();
1017
1018 /*
1019 * At this point we don't know the type of the node we're going
1020 * to read, so we do not know the size of its header. In order
1021 * to minimize the amount of flash IO we assume the header is
1022 * of size = JFFS2_MIN_NODE_HEADER.
1023 */
1024 len = JFFS2_MIN_NODE_HEADER;
1025 if (jffs2_is_writebuffered(c)) {
1026 int end, rem;
1027
1028 /*
1029 * We are about to read JFFS2_MIN_NODE_HEADER bytes,
1030 * but this flash has some minimal I/O unit. It is
1031 * possible that we'll need to read more soon, so read
1032 * up to the next min. I/O unit, in order not to
1033 * re-read the same min. I/O unit twice.
1034 */
1035 end = ref_offset(ref) + len;
1036 rem = end % c->wbuf_pagesize;
1037 if (rem)
1038 end += c->wbuf_pagesize - rem;
1039 len = end - ref_offset(ref);
1040 }
1041
1042 dbg_readinode("read %d bytes at %#08x(%d).\n", len, ref_offset(ref), ref_flags(ref));
1043
1044 /* FIXME: point() */
1045 err = jffs2_flash_read(c, ref_offset(ref), len, retlen: &retlen, buf);
1046 if (err) {
1047 JFFS2_ERROR("can not read %d bytes from 0x%08x, error code: %d.\n", len, ref_offset(ref), err);
1048 goto free_out;
1049 }
1050
1051 if (retlen < len) {
1052 JFFS2_ERROR("short read at %#08x: %zu instead of %d.\n", ref_offset(ref), retlen, len);
1053 err = -EIO;
1054 goto free_out;
1055 }
1056
1057 node = (union jffs2_node_union *)buf;
1058
1059 /* No need to mask in the valid bit; it shouldn't be invalid */
1060 if (je32_to_cpu(node->u.hdr_crc) != crc32(0, node, sizeof(node->u)-4)) {
1061 JFFS2_NOTICE("Node header CRC failed at %#08x. {%04x,%04x,%08x,%08x}\n",
1062 ref_offset(ref), je16_to_cpu(node->u.magic),
1063 je16_to_cpu(node->u.nodetype),
1064 je32_to_cpu(node->u.totlen),
1065 je32_to_cpu(node->u.hdr_crc));
1066 jffs2_dbg_dump_node(c, ref_offset(ref));
1067 jffs2_mark_node_obsolete(c, raw: ref);
1068 goto cont;
1069 }
1070 if (je16_to_cpu(node->u.magic) != JFFS2_MAGIC_BITMASK) {
1071 /* Not a JFFS2 node, whinge and move on */
1072 JFFS2_NOTICE("Wrong magic bitmask 0x%04x in node header at %#08x.\n",
1073 je16_to_cpu(node->u.magic), ref_offset(ref));
1074 jffs2_mark_node_obsolete(c, raw: ref);
1075 goto cont;
1076 }
1077
1078 switch (je16_to_cpu(node->u.nodetype)) {
1079
1080 case JFFS2_NODETYPE_DIRENT:
1081
1082 if (JFFS2_MIN_NODE_HEADER < sizeof(struct jffs2_raw_dirent) &&
1083 len < sizeof(struct jffs2_raw_dirent)) {
1084 err = read_more(c, ref, needed_len: sizeof(struct jffs2_raw_dirent), rdlen: &len, buf);
1085 if (unlikely(err))
1086 goto free_out;
1087 }
1088
1089 err = read_direntry(c, ref, rd: &node->d, read: retlen, rii);
1090 if (unlikely(err))
1091 goto free_out;
1092
1093 break;
1094
1095 case JFFS2_NODETYPE_INODE:
1096
1097 if (JFFS2_MIN_NODE_HEADER < sizeof(struct jffs2_raw_inode) &&
1098 len < sizeof(struct jffs2_raw_inode)) {
1099 err = read_more(c, ref, needed_len: sizeof(struct jffs2_raw_inode), rdlen: &len, buf);
1100 if (unlikely(err))
1101 goto free_out;
1102 }
1103
1104 err = read_dnode(c, ref, rd: &node->i, rdlen: len, rii);
1105 if (unlikely(err))
1106 goto free_out;
1107
1108 break;
1109
1110 default:
1111 if (JFFS2_MIN_NODE_HEADER < sizeof(struct jffs2_unknown_node) &&
1112 len < sizeof(struct jffs2_unknown_node)) {
1113 err = read_more(c, ref, needed_len: sizeof(struct jffs2_unknown_node), rdlen: &len, buf);
1114 if (unlikely(err))
1115 goto free_out;
1116 }
1117
1118 err = read_unknown(c, ref, un: &node->u);
1119 if (unlikely(err))
1120 goto free_out;
1121
1122 }
1123 cont:
1124 spin_lock(lock: &c->erase_completion_lock);
1125 }
1126
1127 spin_unlock(lock: &c->erase_completion_lock);
1128 kfree(objp: buf);
1129
1130 f->highest_version = rii->highest_version;
1131
1132 dbg_readinode("nodes of inode #%u were read, the highest version is %u, latest_mctime %u, mctime_ver %u.\n",
1133 f->inocache->ino, rii->highest_version, rii->latest_mctime,
1134 rii->mctime_ver);
1135 return 0;
1136
1137 free_out:
1138 jffs2_free_tmp_dnode_info_list(list: &rii->tn_root);
1139 jffs2_free_full_dirent_list(fd: rii->fds);
1140 rii->fds = NULL;
1141 kfree(objp: buf);
1142 return err;
1143}
1144
1145static int jffs2_do_read_inode_internal(struct jffs2_sb_info *c,
1146 struct jffs2_inode_info *f,
1147 struct jffs2_raw_inode *latest_node)
1148{
1149 struct jffs2_readinode_info rii;
1150 uint32_t crc, new_size;
1151 size_t retlen;
1152 int ret;
1153
1154 dbg_readinode("ino #%u pino/nlink is %d\n", f->inocache->ino,
1155 f->inocache->pino_nlink);
1156
1157 memset(&rii, 0, sizeof(rii));
1158
1159 /* Grab all nodes relevant to this ino */
1160 ret = jffs2_get_inode_nodes(c, f, rii: &rii);
1161
1162 if (ret) {
1163 JFFS2_ERROR("cannot read nodes for ino %u, returned error is %d\n", f->inocache->ino, ret);
1164 if (f->inocache->state == INO_STATE_READING)
1165 jffs2_set_inocache_state(c, ic: f->inocache, INO_STATE_CHECKEDABSENT);
1166 return ret;
1167 }
1168
1169 ret = jffs2_build_inode_fragtree(c, f, rii: &rii);
1170 if (ret) {
1171 JFFS2_ERROR("Failed to build final fragtree for inode #%u: error %d\n",
1172 f->inocache->ino, ret);
1173 if (f->inocache->state == INO_STATE_READING)
1174 jffs2_set_inocache_state(c, ic: f->inocache, INO_STATE_CHECKEDABSENT);
1175 jffs2_free_tmp_dnode_info_list(list: &rii.tn_root);
1176 /* FIXME: We could at least crc-check them all */
1177 if (rii.mdata_tn) {
1178 jffs2_free_full_dnode(rii.mdata_tn->fn);
1179 jffs2_free_tmp_dnode_info(rii.mdata_tn);
1180 rii.mdata_tn = NULL;
1181 }
1182 return ret;
1183 }
1184
1185 if (rii.mdata_tn) {
1186 if (rii.mdata_tn->fn->raw == rii.latest_ref) {
1187 f->metadata = rii.mdata_tn->fn;
1188 jffs2_free_tmp_dnode_info(rii.mdata_tn);
1189 } else {
1190 jffs2_kill_tn(c, tn: rii.mdata_tn);
1191 }
1192 rii.mdata_tn = NULL;
1193 }
1194
1195 f->dents = rii.fds;
1196
1197 jffs2_dbg_fragtree_paranoia_check_nolock(f);
1198
1199 if (unlikely(!rii.latest_ref)) {
1200 /* No data nodes for this inode. */
1201 if (f->inocache->ino != 1) {
1202 JFFS2_WARNING("no data nodes found for ino #%u\n", f->inocache->ino);
1203 if (!rii.fds) {
1204 if (f->inocache->state == INO_STATE_READING)
1205 jffs2_set_inocache_state(c, ic: f->inocache, INO_STATE_CHECKEDABSENT);
1206 return -EIO;
1207 }
1208 JFFS2_NOTICE("but it has children so we fake some modes for it\n");
1209 }
1210 latest_node->mode = cpu_to_jemode(S_IFDIR|S_IRUGO|S_IWUSR|S_IXUGO);
1211 latest_node->version = cpu_to_je32(0);
1212 latest_node->atime = latest_node->ctime = latest_node->mtime = cpu_to_je32(0);
1213 latest_node->isize = cpu_to_je32(0);
1214 latest_node->gid = cpu_to_je16(0);
1215 latest_node->uid = cpu_to_je16(0);
1216 if (f->inocache->state == INO_STATE_READING)
1217 jffs2_set_inocache_state(c, f->inocache, INO_STATE_PRESENT);
1218 return 0;
1219 }
1220
1221 ret = jffs2_flash_read(c, ref_offset(rii.latest_ref), sizeof(*latest_node), &retlen, (void *)latest_node);
1222 if (ret || retlen != sizeof(*latest_node)) {
1223 JFFS2_ERROR("failed to read from flash: error %d, %zd of %zd bytes read\n",
1224 ret, retlen, sizeof(*latest_node));
1225 /* FIXME: If this fails, there seems to be a memory leak. Find it. */
1226 return ret ? ret : -EIO;
1227 }
1228
1229 crc = crc32(0, latest_node, sizeof(*latest_node)-8);
1230 if (crc != je32_to_cpu(latest_node->node_crc)) {
1231 JFFS2_ERROR("CRC failed for read_inode of inode %u at physical location 0x%x\n",
1232 f->inocache->ino, ref_offset(rii.latest_ref));
1233 return -EIO;
1234 }
1235
1236 switch(jemode_to_cpu(latest_node->mode) & S_IFMT) {
1237 case S_IFDIR:
1238 if (rii.mctime_ver > je32_to_cpu(latest_node->version)) {
1239 /* The times in the latest_node are actually older than
1240 mctime in the latest dirent. Cheat. */
1241 latest_node->ctime = latest_node->mtime = cpu_to_je32(rii.latest_mctime);
1242 }
1243 break;
1244
1245
1246 case S_IFREG:
1247 /* If it was a regular file, truncate it to the latest node's isize */
1248 new_size = jffs2_truncate_fragtree(c, &f->fragtree, je32_to_cpu(latest_node->isize));
1249 if (new_size != je32_to_cpu(latest_node->isize)) {
1250 JFFS2_WARNING("Truncating ino #%u to %d bytes failed because it only had %d bytes to start with!\n",
1251 f->inocache->ino, je32_to_cpu(latest_node->isize), new_size);
1252 latest_node->isize = cpu_to_je32(new_size);
1253 }
1254 break;
1255
1256 case S_IFLNK:
1257 /* Hack to work around broken isize in old symlink code.
1258 Remove this when dwmw2 comes to his senses and stops
1259 symlinks from being an entirely gratuitous special
1260 case. */
1261 if (!je32_to_cpu(latest_node->isize))
1262 latest_node->isize = latest_node->dsize;
1263
1264 if (f->inocache->state != INO_STATE_CHECKING) {
1265 /* Symlink's inode data is the target path. Read it and
1266 * keep in RAM to facilitate quick follow symlink
1267 * operation. */
1268 uint32_t csize = je32_to_cpu(latest_node->csize);
1269 if (csize > JFFS2_MAX_NAME_LEN)
1270 return -ENAMETOOLONG;
1271 f->target = kmalloc(csize + 1, GFP_KERNEL);
1272 if (!f->target) {
1273 JFFS2_ERROR("can't allocate %u bytes of memory for the symlink target path cache\n", csize);
1274 return -ENOMEM;
1275 }
1276
1277 ret = jffs2_flash_read(c, ref_offset(rii.latest_ref) + sizeof(*latest_node),
1278 csize, &retlen, (char *)f->target);
1279
1280 if (ret || retlen != csize) {
1281 if (retlen != csize)
1282 ret = -EIO;
1283 kfree(f->target);
1284 f->target = NULL;
1285 return ret;
1286 }
1287
1288 f->target[csize] = '\0';
1289 dbg_readinode("symlink's target '%s' cached\n", f->target);
1290 }
1291
1292 fallthrough;
1293
1294 case S_IFBLK:
1295 case S_IFCHR:
1296 /* Certain inode types should have only one data node, and it's
1297 kept as the metadata node */
1298 if (f->metadata) {
1299 JFFS2_ERROR("Argh. Special inode #%u with mode 0%o had metadata node\n",
1300 f->inocache->ino, jemode_to_cpu(latest_node->mode));
1301 return -EIO;
1302 }
1303 if (!frag_first(&f->fragtree)) {
1304 JFFS2_ERROR("Argh. Special inode #%u with mode 0%o has no fragments\n",
1305 f->inocache->ino, jemode_to_cpu(latest_node->mode));
1306 return -EIO;
1307 }
1308 /* ASSERT: f->fraglist != NULL */
1309 if (frag_next(frag_first(&f->fragtree))) {
1310 JFFS2_ERROR("Argh. Special inode #%u with mode 0x%x had more than one node\n",
1311 f->inocache->ino, jemode_to_cpu(latest_node->mode));
1312 /* FIXME: Deal with it - check crc32, check for duplicate node, check times and discard the older one */
1313 return -EIO;
1314 }
1315 /* OK. We're happy */
1316 f->metadata = frag_first(&f->fragtree)->node;
1317 jffs2_free_node_frag(frag_first(&f->fragtree));
1318 f->fragtree = RB_ROOT;
1319 break;
1320 }
1321 if (f->inocache->state == INO_STATE_READING)
1322 jffs2_set_inocache_state(c, f->inocache, INO_STATE_PRESENT);
1323
1324 return 0;
1325}
1326
1327/* Scan the list of all nodes present for this ino, build map of versions, etc. */
1328int jffs2_do_read_inode(struct jffs2_sb_info *c, struct jffs2_inode_info *f,
1329 uint32_t ino, struct jffs2_raw_inode *latest_node)
1330{
1331 dbg_readinode("read inode #%u\n", ino);
1332
1333 retry_inocache:
1334 spin_lock(lock: &c->inocache_lock);
1335 f->inocache = jffs2_get_ino_cache(c, ino);
1336
1337 if (f->inocache) {
1338 /* Check its state. We may need to wait before we can use it */
1339 switch(f->inocache->state) {
1340 case INO_STATE_UNCHECKED:
1341 case INO_STATE_CHECKEDABSENT:
1342 f->inocache->state = INO_STATE_READING;
1343 break;
1344
1345 case INO_STATE_CHECKING:
1346 case INO_STATE_GC:
1347 /* If it's in either of these states, we need
1348 to wait for whoever's got it to finish and
1349 put it back. */
1350 dbg_readinode("waiting for ino #%u in state %d\n", ino, f->inocache->state);
1351 sleep_on_spinunlock(&c->inocache_wq, &c->inocache_lock);
1352 goto retry_inocache;
1353
1354 case INO_STATE_READING:
1355 case INO_STATE_PRESENT:
1356 /* Eep. This should never happen. It can
1357 happen if Linux calls read_inode() again
1358 before clear_inode() has finished though. */
1359 JFFS2_ERROR("Eep. Trying to read_inode #%u when it's already in state %d!\n", ino, f->inocache->state);
1360 /* Fail. That's probably better than allowing it to succeed */
1361 f->inocache = NULL;
1362 break;
1363
1364 default:
1365 BUG();
1366 }
1367 }
1368 spin_unlock(lock: &c->inocache_lock);
1369
1370 if (!f->inocache && ino == 1) {
1371 /* Special case - no root inode on medium */
1372 f->inocache = jffs2_alloc_inode_cache();
1373 if (!f->inocache) {
1374 JFFS2_ERROR("cannot allocate inocache for root inode\n");
1375 return -ENOMEM;
1376 }
1377 dbg_readinode("creating inocache for root inode\n");
1378 memset(f->inocache, 0, sizeof(struct jffs2_inode_cache));
1379 f->inocache->ino = f->inocache->pino_nlink = 1;
1380 f->inocache->nodes = (struct jffs2_raw_node_ref *)f->inocache;
1381 f->inocache->state = INO_STATE_READING;
1382 jffs2_add_ino_cache(c, new: f->inocache);
1383 }
1384 if (!f->inocache) {
1385 JFFS2_ERROR("requested to read a nonexistent ino %u\n", ino);
1386 return -ENOENT;
1387 }
1388
1389 return jffs2_do_read_inode_internal(c, f, latest_node);
1390}
1391
1392int jffs2_do_crccheck_inode(struct jffs2_sb_info *c, struct jffs2_inode_cache *ic)
1393{
1394 struct jffs2_raw_inode n;
1395 struct jffs2_inode_info *f = kzalloc(size: sizeof(*f), GFP_KERNEL);
1396 int ret;
1397
1398 if (!f)
1399 return -ENOMEM;
1400
1401 mutex_init(&f->sem);
1402 mutex_lock(&f->sem);
1403 f->inocache = ic;
1404
1405 ret = jffs2_do_read_inode_internal(c, f, latest_node: &n);
1406 mutex_unlock(lock: &f->sem);
1407 jffs2_do_clear_inode(c, f);
1408 jffs2_xattr_do_crccheck_inode(c, ic);
1409 kfree (objp: f);
1410 return ret;
1411}
1412
1413void jffs2_do_clear_inode(struct jffs2_sb_info *c, struct jffs2_inode_info *f)
1414{
1415 struct jffs2_full_dirent *fd, *fds;
1416 int deleted;
1417
1418 jffs2_xattr_delete_inode(c, ic: f->inocache);
1419 mutex_lock(&f->sem);
1420 deleted = f->inocache && !f->inocache->pino_nlink;
1421
1422 if (f->inocache && f->inocache->state != INO_STATE_CHECKING)
1423 jffs2_set_inocache_state(c, ic: f->inocache, INO_STATE_CLEARING);
1424
1425 if (f->metadata) {
1426 if (deleted)
1427 jffs2_mark_node_obsolete(c, raw: f->metadata->raw);
1428 jffs2_free_full_dnode(f->metadata);
1429 }
1430
1431 jffs2_kill_fragtree(root: &f->fragtree, c_delete: deleted?c:NULL);
1432
1433 fds = f->dents;
1434 while(fds) {
1435 fd = fds;
1436 fds = fd->next;
1437 jffs2_free_full_dirent(fd);
1438 }
1439
1440 if (f->inocache && f->inocache->state != INO_STATE_CHECKING) {
1441 jffs2_set_inocache_state(c, ic: f->inocache, INO_STATE_CHECKEDABSENT);
1442 if (f->inocache->nodes == (void *)f->inocache)
1443 jffs2_del_ino_cache(c, old: f->inocache);
1444 }
1445
1446 mutex_unlock(lock: &f->sem);
1447}
1448

source code of linux/fs/jffs2/readinode.c