1 | // SPDX-License-Identifier: GPL-2.0-only |
2 | /* |
3 | * This file is part of UBIFS. |
4 | * |
5 | * Copyright (C) 2006-2008 Nokia Corporation. |
6 | * |
7 | * Authors: Artem Bityutskiy (Битюцкий Артём) |
8 | * Adrian Hunter |
9 | */ |
10 | |
11 | /* |
12 | * This file implements UBIFS journal. |
13 | * |
14 | * The journal consists of 2 parts - the log and bud LEBs. The log has fixed |
15 | * length and position, while a bud logical eraseblock is any LEB in the main |
16 | * area. Buds contain file system data - data nodes, inode nodes, etc. The log |
17 | * contains only references to buds and some other stuff like commit |
18 | * start node. The idea is that when we commit the journal, we do |
19 | * not copy the data, the buds just become indexed. Since after the commit the |
20 | * nodes in bud eraseblocks become leaf nodes of the file system index tree, we |
21 | * use term "bud". Analogy is obvious, bud eraseblocks contain nodes which will |
22 | * become leafs in the future. |
23 | * |
24 | * The journal is multi-headed because we want to write data to the journal as |
25 | * optimally as possible. It is nice to have nodes belonging to the same inode |
26 | * in one LEB, so we may write data owned by different inodes to different |
27 | * journal heads, although at present only one data head is used. |
28 | * |
29 | * For recovery reasons, the base head contains all inode nodes, all directory |
30 | * entry nodes and all truncate nodes. This means that the other heads contain |
31 | * only data nodes. |
32 | * |
33 | * Bud LEBs may be half-indexed. For example, if the bud was not full at the |
34 | * time of commit, the bud is retained to continue to be used in the journal, |
35 | * even though the "front" of the LEB is now indexed. In that case, the log |
36 | * reference contains the offset where the bud starts for the purposes of the |
37 | * journal. |
38 | * |
39 | * The journal size has to be limited, because the larger is the journal, the |
40 | * longer it takes to mount UBIFS (scanning the journal) and the more memory it |
41 | * takes (indexing in the TNC). |
42 | * |
43 | * All the journal write operations like 'ubifs_jnl_update()' here, which write |
44 | * multiple UBIFS nodes to the journal at one go, are atomic with respect to |
45 | * unclean reboots. Should the unclean reboot happen, the recovery code drops |
46 | * all the nodes. |
47 | */ |
48 | |
49 | #include "ubifs.h" |
50 | |
51 | /** |
52 | * zero_ino_node_unused - zero out unused fields of an on-flash inode node. |
53 | * @ino: the inode to zero out |
54 | */ |
55 | static inline void zero_ino_node_unused(struct ubifs_ino_node *ino) |
56 | { |
57 | memset(ino->padding1, 0, 4); |
58 | memset(ino->padding2, 0, 26); |
59 | } |
60 | |
61 | /** |
62 | * zero_dent_node_unused - zero out unused fields of an on-flash directory |
63 | * entry node. |
64 | * @dent: the directory entry to zero out |
65 | */ |
66 | static inline void zero_dent_node_unused(struct ubifs_dent_node *dent) |
67 | { |
68 | dent->padding1 = 0; |
69 | } |
70 | |
71 | /** |
72 | * zero_trun_node_unused - zero out unused fields of an on-flash truncation |
73 | * node. |
74 | * @trun: the truncation node to zero out |
75 | */ |
76 | static inline void zero_trun_node_unused(struct ubifs_trun_node *trun) |
77 | { |
78 | memset(trun->padding, 0, 12); |
79 | } |
80 | |
81 | static void ubifs_add_auth_dirt(struct ubifs_info *c, int lnum) |
82 | { |
83 | if (ubifs_authenticated(c)) |
84 | ubifs_add_dirt(c, lnum, dirty: ubifs_auth_node_sz(c)); |
85 | } |
86 | |
87 | /** |
88 | * reserve_space - reserve space in the journal. |
89 | * @c: UBIFS file-system description object |
90 | * @jhead: journal head number |
91 | * @len: node length |
92 | * |
93 | * This function reserves space in journal head @head. If the reservation |
94 | * succeeded, the journal head stays locked and later has to be unlocked using |
95 | * 'release_head()'. Returns zero in case of success, %-EAGAIN if commit has to |
96 | * be done, and other negative error codes in case of other failures. |
97 | */ |
98 | static int reserve_space(struct ubifs_info *c, int jhead, int len) |
99 | { |
100 | int err = 0, err1, retries = 0, avail, lnum, offs, squeeze; |
101 | struct ubifs_wbuf *wbuf = &c->jheads[jhead].wbuf; |
102 | |
103 | /* |
104 | * Typically, the base head has smaller nodes written to it, so it is |
105 | * better to try to allocate space at the ends of eraseblocks. This is |
106 | * what the squeeze parameter does. |
107 | */ |
108 | ubifs_assert(c, !c->ro_media && !c->ro_mount); |
109 | squeeze = (jhead == BASEHD); |
110 | again: |
111 | mutex_lock_nested(lock: &wbuf->io_mutex, subclass: wbuf->jhead); |
112 | |
113 | if (c->ro_error) { |
114 | err = -EROFS; |
115 | goto out_unlock; |
116 | } |
117 | |
118 | avail = c->leb_size - wbuf->offs - wbuf->used; |
119 | if (wbuf->lnum != -1 && avail >= len) |
120 | return 0; |
121 | |
122 | /* |
123 | * Write buffer wasn't seek'ed or there is no enough space - look for an |
124 | * LEB with some empty space. |
125 | */ |
126 | lnum = ubifs_find_free_space(c, min_space: len, offs: &offs, squeeze); |
127 | if (lnum >= 0) |
128 | goto out; |
129 | |
130 | err = lnum; |
131 | if (err != -ENOSPC) |
132 | goto out_unlock; |
133 | |
134 | /* |
135 | * No free space, we have to run garbage collector to make |
136 | * some. But the write-buffer mutex has to be unlocked because |
137 | * GC also takes it. |
138 | */ |
139 | dbg_jnl("no free space in jhead %s, run GC" , dbg_jhead(jhead)); |
140 | mutex_unlock(lock: &wbuf->io_mutex); |
141 | |
142 | lnum = ubifs_garbage_collect(c, anyway: 0); |
143 | if (lnum < 0) { |
144 | err = lnum; |
145 | if (err != -ENOSPC) |
146 | return err; |
147 | |
148 | /* |
149 | * GC could not make a free LEB. But someone else may |
150 | * have allocated new bud for this journal head, |
151 | * because we dropped @wbuf->io_mutex, so try once |
152 | * again. |
153 | */ |
154 | dbg_jnl("GC couldn't make a free LEB for jhead %s" , |
155 | dbg_jhead(jhead)); |
156 | if (retries++ < 2) { |
157 | dbg_jnl("retry (%d)" , retries); |
158 | goto again; |
159 | } |
160 | |
161 | dbg_jnl("return -ENOSPC" ); |
162 | return err; |
163 | } |
164 | |
165 | mutex_lock_nested(lock: &wbuf->io_mutex, subclass: wbuf->jhead); |
166 | dbg_jnl("got LEB %d for jhead %s" , lnum, dbg_jhead(jhead)); |
167 | avail = c->leb_size - wbuf->offs - wbuf->used; |
168 | |
169 | if (wbuf->lnum != -1 && avail >= len) { |
170 | /* |
171 | * Someone else has switched the journal head and we have |
172 | * enough space now. This happens when more than one process is |
173 | * trying to write to the same journal head at the same time. |
174 | */ |
175 | dbg_jnl("return LEB %d back, already have LEB %d:%d" , |
176 | lnum, wbuf->lnum, wbuf->offs + wbuf->used); |
177 | err = ubifs_return_leb(c, lnum); |
178 | if (err) |
179 | goto out_unlock; |
180 | return 0; |
181 | } |
182 | |
183 | offs = 0; |
184 | |
185 | out: |
186 | /* |
187 | * Make sure we synchronize the write-buffer before we add the new bud |
188 | * to the log. Otherwise we may have a power cut after the log |
189 | * reference node for the last bud (@lnum) is written but before the |
190 | * write-buffer data are written to the next-to-last bud |
191 | * (@wbuf->lnum). And the effect would be that the recovery would see |
192 | * that there is corruption in the next-to-last bud. |
193 | */ |
194 | err = ubifs_wbuf_sync_nolock(wbuf); |
195 | if (err) |
196 | goto out_return; |
197 | err = ubifs_add_bud_to_log(c, jhead, lnum, offs); |
198 | if (err) |
199 | goto out_return; |
200 | err = ubifs_wbuf_seek_nolock(wbuf, lnum, offs); |
201 | if (err) |
202 | goto out_unlock; |
203 | |
204 | return 0; |
205 | |
206 | out_unlock: |
207 | mutex_unlock(lock: &wbuf->io_mutex); |
208 | return err; |
209 | |
210 | out_return: |
211 | /* An error occurred and the LEB has to be returned to lprops */ |
212 | ubifs_assert(c, err < 0); |
213 | err1 = ubifs_return_leb(c, lnum); |
214 | if (err1 && err == -EAGAIN) |
215 | /* |
216 | * Return original error code only if it is not %-EAGAIN, |
217 | * which is not really an error. Otherwise, return the error |
218 | * code of 'ubifs_return_leb()'. |
219 | */ |
220 | err = err1; |
221 | mutex_unlock(lock: &wbuf->io_mutex); |
222 | return err; |
223 | } |
224 | |
225 | static int ubifs_hash_nodes(struct ubifs_info *c, void *node, |
226 | int len, struct shash_desc *hash) |
227 | { |
228 | int auth_node_size = ubifs_auth_node_sz(c); |
229 | int err; |
230 | |
231 | while (1) { |
232 | const struct ubifs_ch *ch = node; |
233 | int nodelen = le32_to_cpu(ch->len); |
234 | |
235 | ubifs_assert(c, len >= auth_node_size); |
236 | |
237 | if (len == auth_node_size) |
238 | break; |
239 | |
240 | ubifs_assert(c, len > nodelen); |
241 | ubifs_assert(c, ch->magic == cpu_to_le32(UBIFS_NODE_MAGIC)); |
242 | |
243 | err = ubifs_shash_update(c, desc: hash, buf: (void *)node, len: nodelen); |
244 | if (err) |
245 | return err; |
246 | |
247 | node += ALIGN(nodelen, 8); |
248 | len -= ALIGN(nodelen, 8); |
249 | } |
250 | |
251 | return ubifs_prepare_auth_node(c, node, inhash: hash); |
252 | } |
253 | |
254 | /** |
255 | * write_head - write data to a journal head. |
256 | * @c: UBIFS file-system description object |
257 | * @jhead: journal head |
258 | * @buf: buffer to write |
259 | * @len: length to write |
260 | * @lnum: LEB number written is returned here |
261 | * @offs: offset written is returned here |
262 | * @sync: non-zero if the write-buffer has to by synchronized |
263 | * |
264 | * This function writes data to the reserved space of journal head @jhead. |
265 | * Returns zero in case of success and a negative error code in case of |
266 | * failure. |
267 | */ |
268 | static int write_head(struct ubifs_info *c, int jhead, void *buf, int len, |
269 | int *lnum, int *offs, int sync) |
270 | { |
271 | int err; |
272 | struct ubifs_wbuf *wbuf = &c->jheads[jhead].wbuf; |
273 | |
274 | ubifs_assert(c, jhead != GCHD); |
275 | |
276 | *lnum = c->jheads[jhead].wbuf.lnum; |
277 | *offs = c->jheads[jhead].wbuf.offs + c->jheads[jhead].wbuf.used; |
278 | dbg_jnl("jhead %s, LEB %d:%d, len %d" , |
279 | dbg_jhead(jhead), *lnum, *offs, len); |
280 | |
281 | if (ubifs_authenticated(c)) { |
282 | err = ubifs_hash_nodes(c, node: buf, len, hash: c->jheads[jhead].log_hash); |
283 | if (err) |
284 | return err; |
285 | } |
286 | |
287 | err = ubifs_wbuf_write_nolock(wbuf, buf, len); |
288 | if (err) |
289 | return err; |
290 | if (sync) |
291 | err = ubifs_wbuf_sync_nolock(wbuf); |
292 | return err; |
293 | } |
294 | |
295 | /** |
296 | * make_reservation - reserve journal space. |
297 | * @c: UBIFS file-system description object |
298 | * @jhead: journal head |
299 | * @len: how many bytes to reserve |
300 | * |
301 | * This function makes space reservation in journal head @jhead. The function |
302 | * takes the commit lock and locks the journal head, and the caller has to |
303 | * unlock the head and finish the reservation with 'finish_reservation()'. |
304 | * Returns zero in case of success and a negative error code in case of |
305 | * failure. |
306 | * |
307 | * Note, the journal head may be unlocked as soon as the data is written, while |
308 | * the commit lock has to be released after the data has been added to the |
309 | * TNC. |
310 | */ |
311 | static int make_reservation(struct ubifs_info *c, int jhead, int len) |
312 | { |
313 | int err, cmt_retries = 0, nospc_retries = 0; |
314 | |
315 | again: |
316 | down_read(sem: &c->commit_sem); |
317 | err = reserve_space(c, jhead, len); |
318 | if (!err) |
319 | /* c->commit_sem will get released via finish_reservation(). */ |
320 | return 0; |
321 | up_read(sem: &c->commit_sem); |
322 | |
323 | if (err == -ENOSPC) { |
324 | /* |
325 | * GC could not make any progress. We should try to commit |
326 | * once because it could make some dirty space and GC would |
327 | * make progress, so make the error -EAGAIN so that the below |
328 | * will commit and re-try. |
329 | */ |
330 | if (nospc_retries++ < 2) { |
331 | dbg_jnl("no space, retry" ); |
332 | err = -EAGAIN; |
333 | } |
334 | |
335 | /* |
336 | * This means that the budgeting is incorrect. We always have |
337 | * to be able to write to the media, because all operations are |
338 | * budgeted. Deletions are not budgeted, though, but we reserve |
339 | * an extra LEB for them. |
340 | */ |
341 | } |
342 | |
343 | if (err != -EAGAIN) |
344 | goto out; |
345 | |
346 | /* |
347 | * -EAGAIN means that the journal is full or too large, or the above |
348 | * code wants to do one commit. Do this and re-try. |
349 | */ |
350 | if (cmt_retries > 128) { |
351 | /* |
352 | * This should not happen unless the journal size limitations |
353 | * are too tough. |
354 | */ |
355 | ubifs_err(c, fmt: "stuck in space allocation" ); |
356 | err = -ENOSPC; |
357 | goto out; |
358 | } else if (cmt_retries > 32) |
359 | ubifs_warn(c, fmt: "too many space allocation re-tries (%d)" , |
360 | cmt_retries); |
361 | |
362 | dbg_jnl("-EAGAIN, commit and retry (retried %d times)" , |
363 | cmt_retries); |
364 | cmt_retries += 1; |
365 | |
366 | err = ubifs_run_commit(c); |
367 | if (err) |
368 | return err; |
369 | goto again; |
370 | |
371 | out: |
372 | ubifs_err(c, fmt: "cannot reserve %d bytes in jhead %d, error %d" , |
373 | len, jhead, err); |
374 | if (err == -ENOSPC) { |
375 | /* This are some budgeting problems, print useful information */ |
376 | down_write(sem: &c->commit_sem); |
377 | dump_stack(); |
378 | ubifs_dump_budg(c, bi: &c->bi); |
379 | ubifs_dump_lprops(c); |
380 | cmt_retries = dbg_check_lprops(c); |
381 | up_write(sem: &c->commit_sem); |
382 | } |
383 | return err; |
384 | } |
385 | |
386 | /** |
387 | * release_head - release a journal head. |
388 | * @c: UBIFS file-system description object |
389 | * @jhead: journal head |
390 | * |
391 | * This function releases journal head @jhead which was locked by |
392 | * the 'make_reservation()' function. It has to be called after each successful |
393 | * 'make_reservation()' invocation. |
394 | */ |
395 | static inline void release_head(struct ubifs_info *c, int jhead) |
396 | { |
397 | mutex_unlock(lock: &c->jheads[jhead].wbuf.io_mutex); |
398 | } |
399 | |
400 | /** |
401 | * finish_reservation - finish a reservation. |
402 | * @c: UBIFS file-system description object |
403 | * |
404 | * This function finishes journal space reservation. It must be called after |
405 | * 'make_reservation()'. |
406 | */ |
407 | static void finish_reservation(struct ubifs_info *c) |
408 | { |
409 | up_read(sem: &c->commit_sem); |
410 | } |
411 | |
412 | /** |
413 | * get_dent_type - translate VFS inode mode to UBIFS directory entry type. |
414 | * @mode: inode mode |
415 | */ |
416 | static int get_dent_type(int mode) |
417 | { |
418 | switch (mode & S_IFMT) { |
419 | case S_IFREG: |
420 | return UBIFS_ITYPE_REG; |
421 | case S_IFDIR: |
422 | return UBIFS_ITYPE_DIR; |
423 | case S_IFLNK: |
424 | return UBIFS_ITYPE_LNK; |
425 | case S_IFBLK: |
426 | return UBIFS_ITYPE_BLK; |
427 | case S_IFCHR: |
428 | return UBIFS_ITYPE_CHR; |
429 | case S_IFIFO: |
430 | return UBIFS_ITYPE_FIFO; |
431 | case S_IFSOCK: |
432 | return UBIFS_ITYPE_SOCK; |
433 | default: |
434 | BUG(); |
435 | } |
436 | return 0; |
437 | } |
438 | |
439 | /** |
440 | * pack_inode - pack an inode node. |
441 | * @c: UBIFS file-system description object |
442 | * @ino: buffer in which to pack inode node |
443 | * @inode: inode to pack |
444 | * @last: indicates the last node of the group |
445 | */ |
446 | static void pack_inode(struct ubifs_info *c, struct ubifs_ino_node *ino, |
447 | const struct inode *inode, int last) |
448 | { |
449 | int data_len = 0, last_reference = !inode->i_nlink; |
450 | struct ubifs_inode *ui = ubifs_inode(inode); |
451 | |
452 | ino->ch.node_type = UBIFS_INO_NODE; |
453 | ino_key_init_flash(c, k: &ino->key, inum: inode->i_ino); |
454 | ino->creat_sqnum = cpu_to_le64(ui->creat_sqnum); |
455 | ino->atime_sec = cpu_to_le64(inode_get_atime_sec(inode)); |
456 | ino->atime_nsec = cpu_to_le32(inode_get_atime_nsec(inode)); |
457 | ino->ctime_sec = cpu_to_le64(inode_get_ctime_sec(inode)); |
458 | ino->ctime_nsec = cpu_to_le32(inode_get_ctime_nsec(inode)); |
459 | ino->mtime_sec = cpu_to_le64(inode_get_mtime_sec(inode)); |
460 | ino->mtime_nsec = cpu_to_le32(inode_get_mtime_nsec(inode)); |
461 | ino->uid = cpu_to_le32(i_uid_read(inode)); |
462 | ino->gid = cpu_to_le32(i_gid_read(inode)); |
463 | ino->mode = cpu_to_le32(inode->i_mode); |
464 | ino->flags = cpu_to_le32(ui->flags); |
465 | ino->size = cpu_to_le64(ui->ui_size); |
466 | ino->nlink = cpu_to_le32(inode->i_nlink); |
467 | ino->compr_type = cpu_to_le16(ui->compr_type); |
468 | ino->data_len = cpu_to_le32(ui->data_len); |
469 | ino->xattr_cnt = cpu_to_le32(ui->xattr_cnt); |
470 | ino->xattr_size = cpu_to_le32(ui->xattr_size); |
471 | ino->xattr_names = cpu_to_le32(ui->xattr_names); |
472 | zero_ino_node_unused(ino); |
473 | |
474 | /* |
475 | * Drop the attached data if this is a deletion inode, the data is not |
476 | * needed anymore. |
477 | */ |
478 | if (!last_reference) { |
479 | memcpy(ino->data, ui->data, ui->data_len); |
480 | data_len = ui->data_len; |
481 | } |
482 | |
483 | ubifs_prep_grp_node(c, node: ino, UBIFS_INO_NODE_SZ + data_len, last); |
484 | } |
485 | |
486 | /** |
487 | * mark_inode_clean - mark UBIFS inode as clean. |
488 | * @c: UBIFS file-system description object |
489 | * @ui: UBIFS inode to mark as clean |
490 | * |
491 | * This helper function marks UBIFS inode @ui as clean by cleaning the |
492 | * @ui->dirty flag and releasing its budget. Note, VFS may still treat the |
493 | * inode as dirty and try to write it back, but 'ubifs_write_inode()' would |
494 | * just do nothing. |
495 | */ |
496 | static void mark_inode_clean(struct ubifs_info *c, struct ubifs_inode *ui) |
497 | { |
498 | if (ui->dirty) |
499 | ubifs_release_dirty_inode_budget(c, ui); |
500 | ui->dirty = 0; |
501 | } |
502 | |
503 | static void set_dent_cookie(struct ubifs_info *c, struct ubifs_dent_node *dent) |
504 | { |
505 | if (c->double_hash) |
506 | dent->cookie = (__force __le32) get_random_u32(); |
507 | else |
508 | dent->cookie = 0; |
509 | } |
510 | |
511 | /** |
512 | * ubifs_jnl_update - update inode. |
513 | * @c: UBIFS file-system description object |
514 | * @dir: parent inode or host inode in case of extended attributes |
515 | * @nm: directory entry name |
516 | * @inode: inode to update |
517 | * @deletion: indicates a directory entry deletion i.e unlink or rmdir |
518 | * @xent: non-zero if the directory entry is an extended attribute entry |
519 | * |
520 | * This function updates an inode by writing a directory entry (or extended |
521 | * attribute entry), the inode itself, and the parent directory inode (or the |
522 | * host inode) to the journal. |
523 | * |
524 | * The function writes the host inode @dir last, which is important in case of |
525 | * extended attributes. Indeed, then we guarantee that if the host inode gets |
526 | * synchronized (with 'fsync()'), and the write-buffer it sits in gets flushed, |
527 | * the extended attribute inode gets flushed too. And this is exactly what the |
528 | * user expects - synchronizing the host inode synchronizes its extended |
529 | * attributes. Similarly, this guarantees that if @dir is synchronized, its |
530 | * directory entry corresponding to @nm gets synchronized too. |
531 | * |
532 | * If the inode (@inode) or the parent directory (@dir) are synchronous, this |
533 | * function synchronizes the write-buffer. |
534 | * |
535 | * This function marks the @dir and @inode inodes as clean and returns zero on |
536 | * success. In case of failure, a negative error code is returned. |
537 | */ |
538 | int ubifs_jnl_update(struct ubifs_info *c, const struct inode *dir, |
539 | const struct fscrypt_name *nm, const struct inode *inode, |
540 | int deletion, int xent) |
541 | { |
542 | int err, dlen, ilen, len, lnum, ino_offs, dent_offs, orphan_added = 0; |
543 | int aligned_dlen, aligned_ilen, sync = IS_DIRSYNC(dir); |
544 | int last_reference = !!(deletion && inode->i_nlink == 0); |
545 | struct ubifs_inode *ui = ubifs_inode(inode); |
546 | struct ubifs_inode *host_ui = ubifs_inode(inode: dir); |
547 | struct ubifs_dent_node *dent; |
548 | struct ubifs_ino_node *ino; |
549 | union ubifs_key dent_key, ino_key; |
550 | u8 hash_dent[UBIFS_HASH_ARR_SZ]; |
551 | u8 hash_ino[UBIFS_HASH_ARR_SZ]; |
552 | u8 hash_ino_host[UBIFS_HASH_ARR_SZ]; |
553 | |
554 | ubifs_assert(c, mutex_is_locked(&host_ui->ui_mutex)); |
555 | |
556 | dlen = UBIFS_DENT_NODE_SZ + fname_len(nm) + 1; |
557 | ilen = UBIFS_INO_NODE_SZ; |
558 | |
559 | /* |
560 | * If the last reference to the inode is being deleted, then there is |
561 | * no need to attach and write inode data, it is being deleted anyway. |
562 | * And if the inode is being deleted, no need to synchronize |
563 | * write-buffer even if the inode is synchronous. |
564 | */ |
565 | if (!last_reference) { |
566 | ilen += ui->data_len; |
567 | sync |= IS_SYNC(inode); |
568 | } |
569 | |
570 | aligned_dlen = ALIGN(dlen, 8); |
571 | aligned_ilen = ALIGN(ilen, 8); |
572 | |
573 | len = aligned_dlen + aligned_ilen + UBIFS_INO_NODE_SZ; |
574 | /* Make sure to also account for extended attributes */ |
575 | if (ubifs_authenticated(c)) |
576 | len += ALIGN(host_ui->data_len, 8) + ubifs_auth_node_sz(c); |
577 | else |
578 | len += host_ui->data_len; |
579 | |
580 | dent = kzalloc(size: len, GFP_NOFS); |
581 | if (!dent) |
582 | return -ENOMEM; |
583 | |
584 | /* Make reservation before allocating sequence numbers */ |
585 | err = make_reservation(c, BASEHD, len); |
586 | if (err) |
587 | goto out_free; |
588 | |
589 | if (!xent) { |
590 | dent->ch.node_type = UBIFS_DENT_NODE; |
591 | if (fname_name(nm) == NULL) |
592 | dent_key_init_hash(c, key: &dent_key, inum: dir->i_ino, hash: nm->hash); |
593 | else |
594 | dent_key_init(c, key: &dent_key, inum: dir->i_ino, nm); |
595 | } else { |
596 | dent->ch.node_type = UBIFS_XENT_NODE; |
597 | xent_key_init(c, key: &dent_key, inum: dir->i_ino, nm); |
598 | } |
599 | |
600 | key_write(c, from: &dent_key, to: dent->key); |
601 | dent->inum = deletion ? 0 : cpu_to_le64(inode->i_ino); |
602 | dent->type = get_dent_type(mode: inode->i_mode); |
603 | dent->nlen = cpu_to_le16(fname_len(nm)); |
604 | memcpy(dent->name, fname_name(nm), fname_len(nm)); |
605 | dent->name[fname_len(nm)] = '\0'; |
606 | set_dent_cookie(c, dent); |
607 | |
608 | zero_dent_node_unused(dent); |
609 | ubifs_prep_grp_node(c, node: dent, len: dlen, last: 0); |
610 | err = ubifs_node_calc_hash(c, buf: dent, hash: hash_dent); |
611 | if (err) |
612 | goto out_release; |
613 | |
614 | ino = (void *)dent + aligned_dlen; |
615 | pack_inode(c, ino, inode, last: 0); |
616 | err = ubifs_node_calc_hash(c, buf: ino, hash: hash_ino); |
617 | if (err) |
618 | goto out_release; |
619 | |
620 | ino = (void *)ino + aligned_ilen; |
621 | pack_inode(c, ino, inode: dir, last: 1); |
622 | err = ubifs_node_calc_hash(c, buf: ino, hash: hash_ino_host); |
623 | if (err) |
624 | goto out_release; |
625 | |
626 | if (last_reference) { |
627 | err = ubifs_add_orphan(c, inum: inode->i_ino); |
628 | if (err) { |
629 | release_head(c, BASEHD); |
630 | goto out_finish; |
631 | } |
632 | ui->del_cmtno = c->cmt_no; |
633 | orphan_added = 1; |
634 | } |
635 | |
636 | err = write_head(c, BASEHD, buf: dent, len, lnum: &lnum, offs: &dent_offs, sync); |
637 | if (err) |
638 | goto out_release; |
639 | if (!sync) { |
640 | struct ubifs_wbuf *wbuf = &c->jheads[BASEHD].wbuf; |
641 | |
642 | ubifs_wbuf_add_ino_nolock(wbuf, inum: inode->i_ino); |
643 | ubifs_wbuf_add_ino_nolock(wbuf, inum: dir->i_ino); |
644 | } |
645 | release_head(c, BASEHD); |
646 | kfree(objp: dent); |
647 | ubifs_add_auth_dirt(c, lnum); |
648 | |
649 | if (deletion) { |
650 | if (fname_name(nm) == NULL) |
651 | err = ubifs_tnc_remove_dh(c, key: &dent_key, cookie: nm->minor_hash); |
652 | else |
653 | err = ubifs_tnc_remove_nm(c, key: &dent_key, nm); |
654 | if (err) |
655 | goto out_ro; |
656 | err = ubifs_add_dirt(c, lnum, dirty: dlen); |
657 | } else |
658 | err = ubifs_tnc_add_nm(c, key: &dent_key, lnum, offs: dent_offs, len: dlen, |
659 | hash: hash_dent, nm); |
660 | if (err) |
661 | goto out_ro; |
662 | |
663 | /* |
664 | * Note, we do not remove the inode from TNC even if the last reference |
665 | * to it has just been deleted, because the inode may still be opened. |
666 | * Instead, the inode has been added to orphan lists and the orphan |
667 | * subsystem will take further care about it. |
668 | */ |
669 | ino_key_init(c, key: &ino_key, inum: inode->i_ino); |
670 | ino_offs = dent_offs + aligned_dlen; |
671 | err = ubifs_tnc_add(c, key: &ino_key, lnum, offs: ino_offs, len: ilen, hash: hash_ino); |
672 | if (err) |
673 | goto out_ro; |
674 | |
675 | ino_key_init(c, key: &ino_key, inum: dir->i_ino); |
676 | ino_offs += aligned_ilen; |
677 | err = ubifs_tnc_add(c, key: &ino_key, lnum, offs: ino_offs, |
678 | UBIFS_INO_NODE_SZ + host_ui->data_len, hash: hash_ino_host); |
679 | if (err) |
680 | goto out_ro; |
681 | |
682 | finish_reservation(c); |
683 | spin_lock(lock: &ui->ui_lock); |
684 | ui->synced_i_size = ui->ui_size; |
685 | spin_unlock(lock: &ui->ui_lock); |
686 | if (xent) { |
687 | spin_lock(lock: &host_ui->ui_lock); |
688 | host_ui->synced_i_size = host_ui->ui_size; |
689 | spin_unlock(lock: &host_ui->ui_lock); |
690 | } |
691 | mark_inode_clean(c, ui); |
692 | mark_inode_clean(c, ui: host_ui); |
693 | return 0; |
694 | |
695 | out_finish: |
696 | finish_reservation(c); |
697 | out_free: |
698 | kfree(objp: dent); |
699 | return err; |
700 | |
701 | out_release: |
702 | release_head(c, BASEHD); |
703 | kfree(objp: dent); |
704 | out_ro: |
705 | ubifs_ro_mode(c, err); |
706 | if (orphan_added) |
707 | ubifs_delete_orphan(c, inum: inode->i_ino); |
708 | finish_reservation(c); |
709 | return err; |
710 | } |
711 | |
712 | /** |
713 | * ubifs_jnl_write_data - write a data node to the journal. |
714 | * @c: UBIFS file-system description object |
715 | * @inode: inode the data node belongs to |
716 | * @key: node key |
717 | * @buf: buffer to write |
718 | * @len: data length (must not exceed %UBIFS_BLOCK_SIZE) |
719 | * |
720 | * This function writes a data node to the journal. Returns %0 if the data node |
721 | * was successfully written, and a negative error code in case of failure. |
722 | */ |
723 | int ubifs_jnl_write_data(struct ubifs_info *c, const struct inode *inode, |
724 | const union ubifs_key *key, const void *buf, int len) |
725 | { |
726 | struct ubifs_data_node *data; |
727 | int err, lnum, offs, compr_type, out_len, compr_len, auth_len; |
728 | int dlen = COMPRESSED_DATA_NODE_BUF_SZ, allocated = 1; |
729 | int write_len; |
730 | struct ubifs_inode *ui = ubifs_inode(inode); |
731 | bool encrypted = IS_ENCRYPTED(inode); |
732 | u8 hash[UBIFS_HASH_ARR_SZ]; |
733 | |
734 | dbg_jnlk(key, "ino %lu, blk %u, len %d, key " , |
735 | (unsigned long)key_inum(c, key), key_block(c, key), len); |
736 | ubifs_assert(c, len <= UBIFS_BLOCK_SIZE); |
737 | |
738 | if (encrypted) |
739 | dlen += UBIFS_CIPHER_BLOCK_SIZE; |
740 | |
741 | auth_len = ubifs_auth_node_sz(c); |
742 | |
743 | data = kmalloc(size: dlen + auth_len, GFP_NOFS | __GFP_NOWARN); |
744 | if (!data) { |
745 | /* |
746 | * Fall-back to the write reserve buffer. Note, we might be |
747 | * currently on the memory reclaim path, when the kernel is |
748 | * trying to free some memory by writing out dirty pages. The |
749 | * write reserve buffer helps us to guarantee that we are |
750 | * always able to write the data. |
751 | */ |
752 | allocated = 0; |
753 | mutex_lock(&c->write_reserve_mutex); |
754 | data = c->write_reserve_buf; |
755 | } |
756 | |
757 | data->ch.node_type = UBIFS_DATA_NODE; |
758 | key_write(c, from: key, to: &data->key); |
759 | data->size = cpu_to_le32(len); |
760 | |
761 | if (!(ui->flags & UBIFS_COMPR_FL)) |
762 | /* Compression is disabled for this inode */ |
763 | compr_type = UBIFS_COMPR_NONE; |
764 | else |
765 | compr_type = ui->compr_type; |
766 | |
767 | out_len = compr_len = dlen - UBIFS_DATA_NODE_SZ; |
768 | ubifs_compress(c, in_buf: buf, in_len: len, out_buf: &data->data, out_len: &compr_len, compr_type: &compr_type); |
769 | ubifs_assert(c, compr_len <= UBIFS_BLOCK_SIZE); |
770 | |
771 | if (encrypted) { |
772 | err = ubifs_encrypt(inode, dn: data, in_len: compr_len, out_len: &out_len, block: key_block(c, key)); |
773 | if (err) |
774 | goto out_free; |
775 | |
776 | } else { |
777 | data->compr_size = 0; |
778 | out_len = compr_len; |
779 | } |
780 | |
781 | dlen = UBIFS_DATA_NODE_SZ + out_len; |
782 | if (ubifs_authenticated(c)) |
783 | write_len = ALIGN(dlen, 8) + auth_len; |
784 | else |
785 | write_len = dlen; |
786 | |
787 | data->compr_type = cpu_to_le16(compr_type); |
788 | |
789 | /* Make reservation before allocating sequence numbers */ |
790 | err = make_reservation(c, DATAHD, len: write_len); |
791 | if (err) |
792 | goto out_free; |
793 | |
794 | ubifs_prepare_node(c, buf: data, len: dlen, pad: 0); |
795 | err = write_head(c, DATAHD, buf: data, len: write_len, lnum: &lnum, offs: &offs, sync: 0); |
796 | if (err) |
797 | goto out_release; |
798 | |
799 | err = ubifs_node_calc_hash(c, buf: data, hash); |
800 | if (err) |
801 | goto out_release; |
802 | |
803 | ubifs_wbuf_add_ino_nolock(wbuf: &c->jheads[DATAHD].wbuf, inum: key_inum(c, k: key)); |
804 | release_head(c, DATAHD); |
805 | |
806 | ubifs_add_auth_dirt(c, lnum); |
807 | |
808 | err = ubifs_tnc_add(c, key, lnum, offs, len: dlen, hash); |
809 | if (err) |
810 | goto out_ro; |
811 | |
812 | finish_reservation(c); |
813 | if (!allocated) |
814 | mutex_unlock(lock: &c->write_reserve_mutex); |
815 | else |
816 | kfree(objp: data); |
817 | return 0; |
818 | |
819 | out_release: |
820 | release_head(c, DATAHD); |
821 | out_ro: |
822 | ubifs_ro_mode(c, err); |
823 | finish_reservation(c); |
824 | out_free: |
825 | if (!allocated) |
826 | mutex_unlock(lock: &c->write_reserve_mutex); |
827 | else |
828 | kfree(objp: data); |
829 | return err; |
830 | } |
831 | |
832 | /** |
833 | * ubifs_jnl_write_inode - flush inode to the journal. |
834 | * @c: UBIFS file-system description object |
835 | * @inode: inode to flush |
836 | * |
837 | * This function writes inode @inode to the journal. If the inode is |
838 | * synchronous, it also synchronizes the write-buffer. Returns zero in case of |
839 | * success and a negative error code in case of failure. |
840 | */ |
841 | int ubifs_jnl_write_inode(struct ubifs_info *c, const struct inode *inode) |
842 | { |
843 | int err, lnum, offs; |
844 | struct ubifs_ino_node *ino, *ino_start; |
845 | struct ubifs_inode *ui = ubifs_inode(inode); |
846 | int sync = 0, write_len = 0, ilen = UBIFS_INO_NODE_SZ; |
847 | int last_reference = !inode->i_nlink; |
848 | int kill_xattrs = ui->xattr_cnt && last_reference; |
849 | u8 hash[UBIFS_HASH_ARR_SZ]; |
850 | |
851 | dbg_jnl("ino %lu, nlink %u" , inode->i_ino, inode->i_nlink); |
852 | |
853 | /* |
854 | * If the inode is being deleted, do not write the attached data. No |
855 | * need to synchronize the write-buffer either. |
856 | */ |
857 | if (!last_reference) { |
858 | ilen += ui->data_len; |
859 | sync = IS_SYNC(inode); |
860 | } else if (kill_xattrs) { |
861 | write_len += UBIFS_INO_NODE_SZ * ui->xattr_cnt; |
862 | } |
863 | |
864 | if (ubifs_authenticated(c)) |
865 | write_len += ALIGN(ilen, 8) + ubifs_auth_node_sz(c); |
866 | else |
867 | write_len += ilen; |
868 | |
869 | ino_start = ino = kmalloc(size: write_len, GFP_NOFS); |
870 | if (!ino) |
871 | return -ENOMEM; |
872 | |
873 | /* Make reservation before allocating sequence numbers */ |
874 | err = make_reservation(c, BASEHD, len: write_len); |
875 | if (err) |
876 | goto out_free; |
877 | |
878 | if (kill_xattrs) { |
879 | union ubifs_key key; |
880 | struct fscrypt_name nm = {0}; |
881 | struct inode *xino; |
882 | struct ubifs_dent_node *xent, *pxent = NULL; |
883 | |
884 | if (ui->xattr_cnt > ubifs_xattr_max_cnt(c)) { |
885 | err = -EPERM; |
886 | ubifs_err(c, fmt: "Cannot delete inode, it has too much xattrs!" ); |
887 | goto out_release; |
888 | } |
889 | |
890 | lowest_xent_key(c, key: &key, inum: inode->i_ino); |
891 | while (1) { |
892 | xent = ubifs_tnc_next_ent(c, key: &key, nm: &nm); |
893 | if (IS_ERR(ptr: xent)) { |
894 | err = PTR_ERR(ptr: xent); |
895 | if (err == -ENOENT) |
896 | break; |
897 | |
898 | kfree(objp: pxent); |
899 | goto out_release; |
900 | } |
901 | |
902 | fname_name(&nm) = xent->name; |
903 | fname_len(&nm) = le16_to_cpu(xent->nlen); |
904 | |
905 | xino = ubifs_iget(sb: c->vfs_sb, le64_to_cpu(xent->inum)); |
906 | if (IS_ERR(ptr: xino)) { |
907 | err = PTR_ERR(ptr: xino); |
908 | ubifs_err(c, fmt: "dead directory entry '%s', error %d" , |
909 | xent->name, err); |
910 | ubifs_ro_mode(c, err); |
911 | kfree(objp: pxent); |
912 | kfree(objp: xent); |
913 | goto out_release; |
914 | } |
915 | ubifs_assert(c, ubifs_inode(xino)->xattr); |
916 | |
917 | clear_nlink(inode: xino); |
918 | pack_inode(c, ino, inode: xino, last: 0); |
919 | ino = (void *)ino + UBIFS_INO_NODE_SZ; |
920 | iput(xino); |
921 | |
922 | kfree(objp: pxent); |
923 | pxent = xent; |
924 | key_read(c, from: &xent->key, to: &key); |
925 | } |
926 | kfree(objp: pxent); |
927 | } |
928 | |
929 | pack_inode(c, ino, inode, last: 1); |
930 | err = ubifs_node_calc_hash(c, buf: ino, hash); |
931 | if (err) |
932 | goto out_release; |
933 | |
934 | err = write_head(c, BASEHD, buf: ino_start, len: write_len, lnum: &lnum, offs: &offs, sync); |
935 | if (err) |
936 | goto out_release; |
937 | if (!sync) |
938 | ubifs_wbuf_add_ino_nolock(wbuf: &c->jheads[BASEHD].wbuf, |
939 | inum: inode->i_ino); |
940 | release_head(c, BASEHD); |
941 | |
942 | if (last_reference) { |
943 | err = ubifs_tnc_remove_ino(c, inum: inode->i_ino); |
944 | if (err) |
945 | goto out_ro; |
946 | ubifs_delete_orphan(c, inum: inode->i_ino); |
947 | err = ubifs_add_dirt(c, lnum, dirty: write_len); |
948 | } else { |
949 | union ubifs_key key; |
950 | |
951 | ubifs_add_auth_dirt(c, lnum); |
952 | |
953 | ino_key_init(c, key: &key, inum: inode->i_ino); |
954 | err = ubifs_tnc_add(c, key: &key, lnum, offs, len: ilen, hash); |
955 | } |
956 | if (err) |
957 | goto out_ro; |
958 | |
959 | finish_reservation(c); |
960 | spin_lock(lock: &ui->ui_lock); |
961 | ui->synced_i_size = ui->ui_size; |
962 | spin_unlock(lock: &ui->ui_lock); |
963 | kfree(objp: ino_start); |
964 | return 0; |
965 | |
966 | out_release: |
967 | release_head(c, BASEHD); |
968 | out_ro: |
969 | ubifs_ro_mode(c, err); |
970 | finish_reservation(c); |
971 | out_free: |
972 | kfree(objp: ino_start); |
973 | return err; |
974 | } |
975 | |
976 | /** |
977 | * ubifs_jnl_delete_inode - delete an inode. |
978 | * @c: UBIFS file-system description object |
979 | * @inode: inode to delete |
980 | * |
981 | * This function deletes inode @inode which includes removing it from orphans, |
982 | * deleting it from TNC and, in some cases, writing a deletion inode to the |
983 | * journal. |
984 | * |
985 | * When regular file inodes are unlinked or a directory inode is removed, the |
986 | * 'ubifs_jnl_update()' function writes a corresponding deletion inode and |
987 | * direntry to the media, and adds the inode to orphans. After this, when the |
988 | * last reference to this inode has been dropped, this function is called. In |
989 | * general, it has to write one more deletion inode to the media, because if |
990 | * a commit happened between 'ubifs_jnl_update()' and |
991 | * 'ubifs_jnl_delete_inode()', the deletion inode is not in the journal |
992 | * anymore, and in fact it might not be on the flash anymore, because it might |
993 | * have been garbage-collected already. And for optimization reasons UBIFS does |
994 | * not read the orphan area if it has been unmounted cleanly, so it would have |
995 | * no indication in the journal that there is a deleted inode which has to be |
996 | * removed from TNC. |
997 | * |
998 | * However, if there was no commit between 'ubifs_jnl_update()' and |
999 | * 'ubifs_jnl_delete_inode()', then there is no need to write the deletion |
1000 | * inode to the media for the second time. And this is quite a typical case. |
1001 | * |
1002 | * This function returns zero in case of success and a negative error code in |
1003 | * case of failure. |
1004 | */ |
1005 | int ubifs_jnl_delete_inode(struct ubifs_info *c, const struct inode *inode) |
1006 | { |
1007 | int err; |
1008 | struct ubifs_inode *ui = ubifs_inode(inode); |
1009 | |
1010 | ubifs_assert(c, inode->i_nlink == 0); |
1011 | |
1012 | if (ui->xattr_cnt || ui->del_cmtno != c->cmt_no) |
1013 | /* A commit happened for sure or inode hosts xattrs */ |
1014 | return ubifs_jnl_write_inode(c, inode); |
1015 | |
1016 | down_read(sem: &c->commit_sem); |
1017 | /* |
1018 | * Check commit number again, because the first test has been done |
1019 | * without @c->commit_sem, so a commit might have happened. |
1020 | */ |
1021 | if (ui->del_cmtno != c->cmt_no) { |
1022 | up_read(sem: &c->commit_sem); |
1023 | return ubifs_jnl_write_inode(c, inode); |
1024 | } |
1025 | |
1026 | err = ubifs_tnc_remove_ino(c, inum: inode->i_ino); |
1027 | if (err) |
1028 | ubifs_ro_mode(c, err); |
1029 | else |
1030 | ubifs_delete_orphan(c, inum: inode->i_ino); |
1031 | up_read(sem: &c->commit_sem); |
1032 | return err; |
1033 | } |
1034 | |
1035 | /** |
1036 | * ubifs_jnl_xrename - cross rename two directory entries. |
1037 | * @c: UBIFS file-system description object |
1038 | * @fst_dir: parent inode of 1st directory entry to exchange |
1039 | * @fst_inode: 1st inode to exchange |
1040 | * @fst_nm: name of 1st inode to exchange |
1041 | * @snd_dir: parent inode of 2nd directory entry to exchange |
1042 | * @snd_inode: 2nd inode to exchange |
1043 | * @snd_nm: name of 2nd inode to exchange |
1044 | * @sync: non-zero if the write-buffer has to be synchronized |
1045 | * |
1046 | * This function implements the cross rename operation which may involve |
1047 | * writing 2 inodes and 2 directory entries. It marks the written inodes as clean |
1048 | * and returns zero on success. In case of failure, a negative error code is |
1049 | * returned. |
1050 | */ |
1051 | int ubifs_jnl_xrename(struct ubifs_info *c, const struct inode *fst_dir, |
1052 | const struct inode *fst_inode, |
1053 | const struct fscrypt_name *fst_nm, |
1054 | const struct inode *snd_dir, |
1055 | const struct inode *snd_inode, |
1056 | const struct fscrypt_name *snd_nm, int sync) |
1057 | { |
1058 | union ubifs_key key; |
1059 | struct ubifs_dent_node *dent1, *dent2; |
1060 | int err, dlen1, dlen2, lnum, offs, len, plen = UBIFS_INO_NODE_SZ; |
1061 | int aligned_dlen1, aligned_dlen2; |
1062 | int twoparents = (fst_dir != snd_dir); |
1063 | void *p; |
1064 | u8 hash_dent1[UBIFS_HASH_ARR_SZ]; |
1065 | u8 hash_dent2[UBIFS_HASH_ARR_SZ]; |
1066 | u8 hash_p1[UBIFS_HASH_ARR_SZ]; |
1067 | u8 hash_p2[UBIFS_HASH_ARR_SZ]; |
1068 | |
1069 | ubifs_assert(c, ubifs_inode(fst_dir)->data_len == 0); |
1070 | ubifs_assert(c, ubifs_inode(snd_dir)->data_len == 0); |
1071 | ubifs_assert(c, mutex_is_locked(&ubifs_inode(fst_dir)->ui_mutex)); |
1072 | ubifs_assert(c, mutex_is_locked(&ubifs_inode(snd_dir)->ui_mutex)); |
1073 | |
1074 | dlen1 = UBIFS_DENT_NODE_SZ + fname_len(snd_nm) + 1; |
1075 | dlen2 = UBIFS_DENT_NODE_SZ + fname_len(fst_nm) + 1; |
1076 | aligned_dlen1 = ALIGN(dlen1, 8); |
1077 | aligned_dlen2 = ALIGN(dlen2, 8); |
1078 | |
1079 | len = aligned_dlen1 + aligned_dlen2 + ALIGN(plen, 8); |
1080 | if (twoparents) |
1081 | len += plen; |
1082 | |
1083 | len += ubifs_auth_node_sz(c); |
1084 | |
1085 | dent1 = kzalloc(size: len, GFP_NOFS); |
1086 | if (!dent1) |
1087 | return -ENOMEM; |
1088 | |
1089 | /* Make reservation before allocating sequence numbers */ |
1090 | err = make_reservation(c, BASEHD, len); |
1091 | if (err) |
1092 | goto out_free; |
1093 | |
1094 | /* Make new dent for 1st entry */ |
1095 | dent1->ch.node_type = UBIFS_DENT_NODE; |
1096 | dent_key_init_flash(c, k: &dent1->key, inum: snd_dir->i_ino, nm: snd_nm); |
1097 | dent1->inum = cpu_to_le64(fst_inode->i_ino); |
1098 | dent1->type = get_dent_type(mode: fst_inode->i_mode); |
1099 | dent1->nlen = cpu_to_le16(fname_len(snd_nm)); |
1100 | memcpy(dent1->name, fname_name(snd_nm), fname_len(snd_nm)); |
1101 | dent1->name[fname_len(snd_nm)] = '\0'; |
1102 | set_dent_cookie(c, dent: dent1); |
1103 | zero_dent_node_unused(dent: dent1); |
1104 | ubifs_prep_grp_node(c, node: dent1, len: dlen1, last: 0); |
1105 | err = ubifs_node_calc_hash(c, buf: dent1, hash: hash_dent1); |
1106 | if (err) |
1107 | goto out_release; |
1108 | |
1109 | /* Make new dent for 2nd entry */ |
1110 | dent2 = (void *)dent1 + aligned_dlen1; |
1111 | dent2->ch.node_type = UBIFS_DENT_NODE; |
1112 | dent_key_init_flash(c, k: &dent2->key, inum: fst_dir->i_ino, nm: fst_nm); |
1113 | dent2->inum = cpu_to_le64(snd_inode->i_ino); |
1114 | dent2->type = get_dent_type(mode: snd_inode->i_mode); |
1115 | dent2->nlen = cpu_to_le16(fname_len(fst_nm)); |
1116 | memcpy(dent2->name, fname_name(fst_nm), fname_len(fst_nm)); |
1117 | dent2->name[fname_len(fst_nm)] = '\0'; |
1118 | set_dent_cookie(c, dent: dent2); |
1119 | zero_dent_node_unused(dent: dent2); |
1120 | ubifs_prep_grp_node(c, node: dent2, len: dlen2, last: 0); |
1121 | err = ubifs_node_calc_hash(c, buf: dent2, hash: hash_dent2); |
1122 | if (err) |
1123 | goto out_release; |
1124 | |
1125 | p = (void *)dent2 + aligned_dlen2; |
1126 | if (!twoparents) { |
1127 | pack_inode(c, ino: p, inode: fst_dir, last: 1); |
1128 | err = ubifs_node_calc_hash(c, buf: p, hash: hash_p1); |
1129 | if (err) |
1130 | goto out_release; |
1131 | } else { |
1132 | pack_inode(c, ino: p, inode: fst_dir, last: 0); |
1133 | err = ubifs_node_calc_hash(c, buf: p, hash: hash_p1); |
1134 | if (err) |
1135 | goto out_release; |
1136 | p += ALIGN(plen, 8); |
1137 | pack_inode(c, ino: p, inode: snd_dir, last: 1); |
1138 | err = ubifs_node_calc_hash(c, buf: p, hash: hash_p2); |
1139 | if (err) |
1140 | goto out_release; |
1141 | } |
1142 | |
1143 | err = write_head(c, BASEHD, buf: dent1, len, lnum: &lnum, offs: &offs, sync); |
1144 | if (err) |
1145 | goto out_release; |
1146 | if (!sync) { |
1147 | struct ubifs_wbuf *wbuf = &c->jheads[BASEHD].wbuf; |
1148 | |
1149 | ubifs_wbuf_add_ino_nolock(wbuf, inum: fst_dir->i_ino); |
1150 | ubifs_wbuf_add_ino_nolock(wbuf, inum: snd_dir->i_ino); |
1151 | } |
1152 | release_head(c, BASEHD); |
1153 | |
1154 | ubifs_add_auth_dirt(c, lnum); |
1155 | |
1156 | dent_key_init(c, key: &key, inum: snd_dir->i_ino, nm: snd_nm); |
1157 | err = ubifs_tnc_add_nm(c, key: &key, lnum, offs, len: dlen1, hash: hash_dent1, nm: snd_nm); |
1158 | if (err) |
1159 | goto out_ro; |
1160 | |
1161 | offs += aligned_dlen1; |
1162 | dent_key_init(c, key: &key, inum: fst_dir->i_ino, nm: fst_nm); |
1163 | err = ubifs_tnc_add_nm(c, key: &key, lnum, offs, len: dlen2, hash: hash_dent2, nm: fst_nm); |
1164 | if (err) |
1165 | goto out_ro; |
1166 | |
1167 | offs += aligned_dlen2; |
1168 | |
1169 | ino_key_init(c, key: &key, inum: fst_dir->i_ino); |
1170 | err = ubifs_tnc_add(c, key: &key, lnum, offs, len: plen, hash: hash_p1); |
1171 | if (err) |
1172 | goto out_ro; |
1173 | |
1174 | if (twoparents) { |
1175 | offs += ALIGN(plen, 8); |
1176 | ino_key_init(c, key: &key, inum: snd_dir->i_ino); |
1177 | err = ubifs_tnc_add(c, key: &key, lnum, offs, len: plen, hash: hash_p2); |
1178 | if (err) |
1179 | goto out_ro; |
1180 | } |
1181 | |
1182 | finish_reservation(c); |
1183 | |
1184 | mark_inode_clean(c, ui: ubifs_inode(inode: fst_dir)); |
1185 | if (twoparents) |
1186 | mark_inode_clean(c, ui: ubifs_inode(inode: snd_dir)); |
1187 | kfree(objp: dent1); |
1188 | return 0; |
1189 | |
1190 | out_release: |
1191 | release_head(c, BASEHD); |
1192 | out_ro: |
1193 | ubifs_ro_mode(c, err); |
1194 | finish_reservation(c); |
1195 | out_free: |
1196 | kfree(objp: dent1); |
1197 | return err; |
1198 | } |
1199 | |
1200 | /** |
1201 | * ubifs_jnl_rename - rename a directory entry. |
1202 | * @c: UBIFS file-system description object |
1203 | * @old_dir: parent inode of directory entry to rename |
1204 | * @old_inode: directory entry's inode to rename |
1205 | * @old_nm: name of the old directory entry to rename |
1206 | * @new_dir: parent inode of directory entry to rename |
1207 | * @new_inode: new directory entry's inode (or directory entry's inode to |
1208 | * replace) |
1209 | * @new_nm: new name of the new directory entry |
1210 | * @whiteout: whiteout inode |
1211 | * @sync: non-zero if the write-buffer has to be synchronized |
1212 | * |
1213 | * This function implements the re-name operation which may involve writing up |
1214 | * to 4 inodes(new inode, whiteout inode, old and new parent directory inodes) |
1215 | * and 2 directory entries. It marks the written inodes as clean and returns |
1216 | * zero on success. In case of failure, a negative error code is returned. |
1217 | */ |
1218 | int ubifs_jnl_rename(struct ubifs_info *c, const struct inode *old_dir, |
1219 | const struct inode *old_inode, |
1220 | const struct fscrypt_name *old_nm, |
1221 | const struct inode *new_dir, |
1222 | const struct inode *new_inode, |
1223 | const struct fscrypt_name *new_nm, |
1224 | const struct inode *whiteout, int sync) |
1225 | { |
1226 | void *p; |
1227 | union ubifs_key key; |
1228 | struct ubifs_dent_node *dent, *dent2; |
1229 | int err, dlen1, dlen2, ilen, wlen, lnum, offs, len, orphan_added = 0; |
1230 | int aligned_dlen1, aligned_dlen2, plen = UBIFS_INO_NODE_SZ; |
1231 | int last_reference = !!(new_inode && new_inode->i_nlink == 0); |
1232 | int move = (old_dir != new_dir); |
1233 | struct ubifs_inode *new_ui, *whiteout_ui; |
1234 | u8 hash_old_dir[UBIFS_HASH_ARR_SZ]; |
1235 | u8 hash_new_dir[UBIFS_HASH_ARR_SZ]; |
1236 | u8 hash_new_inode[UBIFS_HASH_ARR_SZ]; |
1237 | u8 hash_whiteout_inode[UBIFS_HASH_ARR_SZ]; |
1238 | u8 hash_dent1[UBIFS_HASH_ARR_SZ]; |
1239 | u8 hash_dent2[UBIFS_HASH_ARR_SZ]; |
1240 | |
1241 | ubifs_assert(c, ubifs_inode(old_dir)->data_len == 0); |
1242 | ubifs_assert(c, ubifs_inode(new_dir)->data_len == 0); |
1243 | ubifs_assert(c, mutex_is_locked(&ubifs_inode(old_dir)->ui_mutex)); |
1244 | ubifs_assert(c, mutex_is_locked(&ubifs_inode(new_dir)->ui_mutex)); |
1245 | |
1246 | dlen1 = UBIFS_DENT_NODE_SZ + fname_len(new_nm) + 1; |
1247 | dlen2 = UBIFS_DENT_NODE_SZ + fname_len(old_nm) + 1; |
1248 | if (new_inode) { |
1249 | new_ui = ubifs_inode(inode: new_inode); |
1250 | ubifs_assert(c, mutex_is_locked(&new_ui->ui_mutex)); |
1251 | ilen = UBIFS_INO_NODE_SZ; |
1252 | if (!last_reference) |
1253 | ilen += new_ui->data_len; |
1254 | } else |
1255 | ilen = 0; |
1256 | |
1257 | if (whiteout) { |
1258 | whiteout_ui = ubifs_inode(inode: whiteout); |
1259 | ubifs_assert(c, mutex_is_locked(&whiteout_ui->ui_mutex)); |
1260 | ubifs_assert(c, whiteout->i_nlink == 1); |
1261 | ubifs_assert(c, !whiteout_ui->dirty); |
1262 | wlen = UBIFS_INO_NODE_SZ; |
1263 | wlen += whiteout_ui->data_len; |
1264 | } else |
1265 | wlen = 0; |
1266 | |
1267 | aligned_dlen1 = ALIGN(dlen1, 8); |
1268 | aligned_dlen2 = ALIGN(dlen2, 8); |
1269 | len = aligned_dlen1 + aligned_dlen2 + ALIGN(ilen, 8) + |
1270 | ALIGN(wlen, 8) + ALIGN(plen, 8); |
1271 | if (move) |
1272 | len += plen; |
1273 | |
1274 | len += ubifs_auth_node_sz(c); |
1275 | |
1276 | dent = kzalloc(size: len, GFP_NOFS); |
1277 | if (!dent) |
1278 | return -ENOMEM; |
1279 | |
1280 | /* Make reservation before allocating sequence numbers */ |
1281 | err = make_reservation(c, BASEHD, len); |
1282 | if (err) |
1283 | goto out_free; |
1284 | |
1285 | /* Make new dent */ |
1286 | dent->ch.node_type = UBIFS_DENT_NODE; |
1287 | dent_key_init_flash(c, k: &dent->key, inum: new_dir->i_ino, nm: new_nm); |
1288 | dent->inum = cpu_to_le64(old_inode->i_ino); |
1289 | dent->type = get_dent_type(mode: old_inode->i_mode); |
1290 | dent->nlen = cpu_to_le16(fname_len(new_nm)); |
1291 | memcpy(dent->name, fname_name(new_nm), fname_len(new_nm)); |
1292 | dent->name[fname_len(new_nm)] = '\0'; |
1293 | set_dent_cookie(c, dent); |
1294 | zero_dent_node_unused(dent); |
1295 | ubifs_prep_grp_node(c, node: dent, len: dlen1, last: 0); |
1296 | err = ubifs_node_calc_hash(c, buf: dent, hash: hash_dent1); |
1297 | if (err) |
1298 | goto out_release; |
1299 | |
1300 | dent2 = (void *)dent + aligned_dlen1; |
1301 | dent2->ch.node_type = UBIFS_DENT_NODE; |
1302 | dent_key_init_flash(c, k: &dent2->key, inum: old_dir->i_ino, nm: old_nm); |
1303 | |
1304 | if (whiteout) { |
1305 | dent2->inum = cpu_to_le64(whiteout->i_ino); |
1306 | dent2->type = get_dent_type(mode: whiteout->i_mode); |
1307 | } else { |
1308 | /* Make deletion dent */ |
1309 | dent2->inum = 0; |
1310 | dent2->type = DT_UNKNOWN; |
1311 | } |
1312 | dent2->nlen = cpu_to_le16(fname_len(old_nm)); |
1313 | memcpy(dent2->name, fname_name(old_nm), fname_len(old_nm)); |
1314 | dent2->name[fname_len(old_nm)] = '\0'; |
1315 | set_dent_cookie(c, dent: dent2); |
1316 | zero_dent_node_unused(dent: dent2); |
1317 | ubifs_prep_grp_node(c, node: dent2, len: dlen2, last: 0); |
1318 | err = ubifs_node_calc_hash(c, buf: dent2, hash: hash_dent2); |
1319 | if (err) |
1320 | goto out_release; |
1321 | |
1322 | p = (void *)dent2 + aligned_dlen2; |
1323 | if (new_inode) { |
1324 | pack_inode(c, ino: p, inode: new_inode, last: 0); |
1325 | err = ubifs_node_calc_hash(c, buf: p, hash: hash_new_inode); |
1326 | if (err) |
1327 | goto out_release; |
1328 | |
1329 | p += ALIGN(ilen, 8); |
1330 | } |
1331 | |
1332 | if (whiteout) { |
1333 | pack_inode(c, ino: p, inode: whiteout, last: 0); |
1334 | err = ubifs_node_calc_hash(c, buf: p, hash: hash_whiteout_inode); |
1335 | if (err) |
1336 | goto out_release; |
1337 | |
1338 | p += ALIGN(wlen, 8); |
1339 | } |
1340 | |
1341 | if (!move) { |
1342 | pack_inode(c, ino: p, inode: old_dir, last: 1); |
1343 | err = ubifs_node_calc_hash(c, buf: p, hash: hash_old_dir); |
1344 | if (err) |
1345 | goto out_release; |
1346 | } else { |
1347 | pack_inode(c, ino: p, inode: old_dir, last: 0); |
1348 | err = ubifs_node_calc_hash(c, buf: p, hash: hash_old_dir); |
1349 | if (err) |
1350 | goto out_release; |
1351 | |
1352 | p += ALIGN(plen, 8); |
1353 | pack_inode(c, ino: p, inode: new_dir, last: 1); |
1354 | err = ubifs_node_calc_hash(c, buf: p, hash: hash_new_dir); |
1355 | if (err) |
1356 | goto out_release; |
1357 | } |
1358 | |
1359 | if (last_reference) { |
1360 | err = ubifs_add_orphan(c, inum: new_inode->i_ino); |
1361 | if (err) { |
1362 | release_head(c, BASEHD); |
1363 | goto out_finish; |
1364 | } |
1365 | new_ui->del_cmtno = c->cmt_no; |
1366 | orphan_added = 1; |
1367 | } |
1368 | |
1369 | err = write_head(c, BASEHD, buf: dent, len, lnum: &lnum, offs: &offs, sync); |
1370 | if (err) |
1371 | goto out_release; |
1372 | if (!sync) { |
1373 | struct ubifs_wbuf *wbuf = &c->jheads[BASEHD].wbuf; |
1374 | |
1375 | ubifs_wbuf_add_ino_nolock(wbuf, inum: new_dir->i_ino); |
1376 | ubifs_wbuf_add_ino_nolock(wbuf, inum: old_dir->i_ino); |
1377 | if (new_inode) |
1378 | ubifs_wbuf_add_ino_nolock(wbuf: &c->jheads[BASEHD].wbuf, |
1379 | inum: new_inode->i_ino); |
1380 | if (whiteout) |
1381 | ubifs_wbuf_add_ino_nolock(wbuf: &c->jheads[BASEHD].wbuf, |
1382 | inum: whiteout->i_ino); |
1383 | } |
1384 | release_head(c, BASEHD); |
1385 | |
1386 | ubifs_add_auth_dirt(c, lnum); |
1387 | |
1388 | dent_key_init(c, key: &key, inum: new_dir->i_ino, nm: new_nm); |
1389 | err = ubifs_tnc_add_nm(c, key: &key, lnum, offs, len: dlen1, hash: hash_dent1, nm: new_nm); |
1390 | if (err) |
1391 | goto out_ro; |
1392 | |
1393 | offs += aligned_dlen1; |
1394 | if (whiteout) { |
1395 | dent_key_init(c, key: &key, inum: old_dir->i_ino, nm: old_nm); |
1396 | err = ubifs_tnc_add_nm(c, key: &key, lnum, offs, len: dlen2, hash: hash_dent2, nm: old_nm); |
1397 | if (err) |
1398 | goto out_ro; |
1399 | } else { |
1400 | err = ubifs_add_dirt(c, lnum, dirty: dlen2); |
1401 | if (err) |
1402 | goto out_ro; |
1403 | |
1404 | dent_key_init(c, key: &key, inum: old_dir->i_ino, nm: old_nm); |
1405 | err = ubifs_tnc_remove_nm(c, key: &key, nm: old_nm); |
1406 | if (err) |
1407 | goto out_ro; |
1408 | } |
1409 | |
1410 | offs += aligned_dlen2; |
1411 | if (new_inode) { |
1412 | ino_key_init(c, key: &key, inum: new_inode->i_ino); |
1413 | err = ubifs_tnc_add(c, key: &key, lnum, offs, len: ilen, hash: hash_new_inode); |
1414 | if (err) |
1415 | goto out_ro; |
1416 | offs += ALIGN(ilen, 8); |
1417 | } |
1418 | |
1419 | if (whiteout) { |
1420 | ino_key_init(c, key: &key, inum: whiteout->i_ino); |
1421 | err = ubifs_tnc_add(c, key: &key, lnum, offs, len: wlen, |
1422 | hash: hash_whiteout_inode); |
1423 | if (err) |
1424 | goto out_ro; |
1425 | offs += ALIGN(wlen, 8); |
1426 | } |
1427 | |
1428 | ino_key_init(c, key: &key, inum: old_dir->i_ino); |
1429 | err = ubifs_tnc_add(c, key: &key, lnum, offs, len: plen, hash: hash_old_dir); |
1430 | if (err) |
1431 | goto out_ro; |
1432 | |
1433 | if (move) { |
1434 | offs += ALIGN(plen, 8); |
1435 | ino_key_init(c, key: &key, inum: new_dir->i_ino); |
1436 | err = ubifs_tnc_add(c, key: &key, lnum, offs, len: plen, hash: hash_new_dir); |
1437 | if (err) |
1438 | goto out_ro; |
1439 | } |
1440 | |
1441 | finish_reservation(c); |
1442 | if (new_inode) { |
1443 | mark_inode_clean(c, ui: new_ui); |
1444 | spin_lock(lock: &new_ui->ui_lock); |
1445 | new_ui->synced_i_size = new_ui->ui_size; |
1446 | spin_unlock(lock: &new_ui->ui_lock); |
1447 | } |
1448 | /* |
1449 | * No need to mark whiteout inode clean. |
1450 | * Whiteout doesn't have non-zero size, no need to update |
1451 | * synced_i_size for whiteout_ui. |
1452 | */ |
1453 | mark_inode_clean(c, ui: ubifs_inode(inode: old_dir)); |
1454 | if (move) |
1455 | mark_inode_clean(c, ui: ubifs_inode(inode: new_dir)); |
1456 | kfree(objp: dent); |
1457 | return 0; |
1458 | |
1459 | out_release: |
1460 | release_head(c, BASEHD); |
1461 | out_ro: |
1462 | ubifs_ro_mode(c, err); |
1463 | if (orphan_added) |
1464 | ubifs_delete_orphan(c, inum: new_inode->i_ino); |
1465 | out_finish: |
1466 | finish_reservation(c); |
1467 | out_free: |
1468 | kfree(objp: dent); |
1469 | return err; |
1470 | } |
1471 | |
1472 | /** |
1473 | * truncate_data_node - re-compress/encrypt a truncated data node. |
1474 | * @c: UBIFS file-system description object |
1475 | * @inode: inode which refers to the data node |
1476 | * @block: data block number |
1477 | * @dn: data node to re-compress |
1478 | * @new_len: new length |
1479 | * @dn_size: size of the data node @dn in memory |
1480 | * |
1481 | * This function is used when an inode is truncated and the last data node of |
1482 | * the inode has to be re-compressed/encrypted and re-written. |
1483 | */ |
1484 | static int truncate_data_node(const struct ubifs_info *c, const struct inode *inode, |
1485 | unsigned int block, struct ubifs_data_node *dn, |
1486 | int *new_len, int dn_size) |
1487 | { |
1488 | void *buf; |
1489 | int err, dlen, compr_type, out_len, data_size; |
1490 | |
1491 | out_len = le32_to_cpu(dn->size); |
1492 | buf = kmalloc_array(n: out_len, WORST_COMPR_FACTOR, GFP_NOFS); |
1493 | if (!buf) |
1494 | return -ENOMEM; |
1495 | |
1496 | dlen = le32_to_cpu(dn->ch.len) - UBIFS_DATA_NODE_SZ; |
1497 | data_size = dn_size - UBIFS_DATA_NODE_SZ; |
1498 | compr_type = le16_to_cpu(dn->compr_type); |
1499 | |
1500 | if (IS_ENCRYPTED(inode)) { |
1501 | err = ubifs_decrypt(inode, dn, out_len: &dlen, block); |
1502 | if (err) |
1503 | goto out; |
1504 | } |
1505 | |
1506 | if (compr_type == UBIFS_COMPR_NONE) { |
1507 | out_len = *new_len; |
1508 | } else { |
1509 | err = ubifs_decompress(c, buf: &dn->data, len: dlen, out: buf, out_len: &out_len, compr_type); |
1510 | if (err) |
1511 | goto out; |
1512 | |
1513 | ubifs_compress(c, in_buf: buf, in_len: *new_len, out_buf: &dn->data, out_len: &out_len, compr_type: &compr_type); |
1514 | } |
1515 | |
1516 | if (IS_ENCRYPTED(inode)) { |
1517 | err = ubifs_encrypt(inode, dn, in_len: out_len, out_len: &data_size, block); |
1518 | if (err) |
1519 | goto out; |
1520 | |
1521 | out_len = data_size; |
1522 | } else { |
1523 | dn->compr_size = 0; |
1524 | } |
1525 | |
1526 | ubifs_assert(c, out_len <= UBIFS_BLOCK_SIZE); |
1527 | dn->compr_type = cpu_to_le16(compr_type); |
1528 | dn->size = cpu_to_le32(*new_len); |
1529 | *new_len = UBIFS_DATA_NODE_SZ + out_len; |
1530 | err = 0; |
1531 | out: |
1532 | kfree(objp: buf); |
1533 | return err; |
1534 | } |
1535 | |
1536 | /** |
1537 | * ubifs_jnl_truncate - update the journal for a truncation. |
1538 | * @c: UBIFS file-system description object |
1539 | * @inode: inode to truncate |
1540 | * @old_size: old size |
1541 | * @new_size: new size |
1542 | * |
1543 | * When the size of a file decreases due to truncation, a truncation node is |
1544 | * written, the journal tree is updated, and the last data block is re-written |
1545 | * if it has been affected. The inode is also updated in order to synchronize |
1546 | * the new inode size. |
1547 | * |
1548 | * This function marks the inode as clean and returns zero on success. In case |
1549 | * of failure, a negative error code is returned. |
1550 | */ |
1551 | int ubifs_jnl_truncate(struct ubifs_info *c, const struct inode *inode, |
1552 | loff_t old_size, loff_t new_size) |
1553 | { |
1554 | union ubifs_key key, to_key; |
1555 | struct ubifs_ino_node *ino; |
1556 | struct ubifs_trun_node *trun; |
1557 | struct ubifs_data_node *dn; |
1558 | int err, dlen, len, lnum, offs, bit, sz, sync = IS_SYNC(inode); |
1559 | int dn_size; |
1560 | struct ubifs_inode *ui = ubifs_inode(inode); |
1561 | ino_t inum = inode->i_ino; |
1562 | unsigned int blk; |
1563 | u8 hash_ino[UBIFS_HASH_ARR_SZ]; |
1564 | u8 hash_dn[UBIFS_HASH_ARR_SZ]; |
1565 | |
1566 | dbg_jnl("ino %lu, size %lld -> %lld" , |
1567 | (unsigned long)inum, old_size, new_size); |
1568 | ubifs_assert(c, !ui->data_len); |
1569 | ubifs_assert(c, S_ISREG(inode->i_mode)); |
1570 | ubifs_assert(c, mutex_is_locked(&ui->ui_mutex)); |
1571 | |
1572 | dn_size = COMPRESSED_DATA_NODE_BUF_SZ; |
1573 | |
1574 | if (IS_ENCRYPTED(inode)) |
1575 | dn_size += UBIFS_CIPHER_BLOCK_SIZE; |
1576 | |
1577 | sz = UBIFS_TRUN_NODE_SZ + UBIFS_INO_NODE_SZ + |
1578 | dn_size + ubifs_auth_node_sz(c); |
1579 | |
1580 | ino = kmalloc(size: sz, GFP_NOFS); |
1581 | if (!ino) |
1582 | return -ENOMEM; |
1583 | |
1584 | trun = (void *)ino + UBIFS_INO_NODE_SZ; |
1585 | trun->ch.node_type = UBIFS_TRUN_NODE; |
1586 | trun->inum = cpu_to_le32(inum); |
1587 | trun->old_size = cpu_to_le64(old_size); |
1588 | trun->new_size = cpu_to_le64(new_size); |
1589 | zero_trun_node_unused(trun); |
1590 | |
1591 | dlen = new_size & (UBIFS_BLOCK_SIZE - 1); |
1592 | if (dlen) { |
1593 | /* Get last data block so it can be truncated */ |
1594 | dn = (void *)trun + UBIFS_TRUN_NODE_SZ; |
1595 | blk = new_size >> UBIFS_BLOCK_SHIFT; |
1596 | data_key_init(c, key: &key, inum, block: blk); |
1597 | dbg_jnlk(&key, "last block key " ); |
1598 | err = ubifs_tnc_lookup(c, key: &key, node: dn); |
1599 | if (err == -ENOENT) |
1600 | dlen = 0; /* Not found (so it is a hole) */ |
1601 | else if (err) |
1602 | goto out_free; |
1603 | else { |
1604 | int dn_len = le32_to_cpu(dn->size); |
1605 | |
1606 | if (dn_len <= 0 || dn_len > UBIFS_BLOCK_SIZE) { |
1607 | ubifs_err(c, fmt: "bad data node (block %u, inode %lu)" , |
1608 | blk, inode->i_ino); |
1609 | ubifs_dump_node(c, node: dn, node_len: dn_size); |
1610 | err = -EUCLEAN; |
1611 | goto out_free; |
1612 | } |
1613 | |
1614 | if (dn_len <= dlen) |
1615 | dlen = 0; /* Nothing to do */ |
1616 | else { |
1617 | err = truncate_data_node(c, inode, block: blk, dn, |
1618 | new_len: &dlen, dn_size); |
1619 | if (err) |
1620 | goto out_free; |
1621 | } |
1622 | } |
1623 | } |
1624 | |
1625 | /* Must make reservation before allocating sequence numbers */ |
1626 | len = UBIFS_TRUN_NODE_SZ + UBIFS_INO_NODE_SZ; |
1627 | |
1628 | if (ubifs_authenticated(c)) |
1629 | len += ALIGN(dlen, 8) + ubifs_auth_node_sz(c); |
1630 | else |
1631 | len += dlen; |
1632 | |
1633 | err = make_reservation(c, BASEHD, len); |
1634 | if (err) |
1635 | goto out_free; |
1636 | |
1637 | pack_inode(c, ino, inode, last: 0); |
1638 | err = ubifs_node_calc_hash(c, buf: ino, hash: hash_ino); |
1639 | if (err) |
1640 | goto out_release; |
1641 | |
1642 | ubifs_prep_grp_node(c, node: trun, UBIFS_TRUN_NODE_SZ, last: dlen ? 0 : 1); |
1643 | if (dlen) { |
1644 | ubifs_prep_grp_node(c, node: dn, len: dlen, last: 1); |
1645 | err = ubifs_node_calc_hash(c, buf: dn, hash: hash_dn); |
1646 | if (err) |
1647 | goto out_release; |
1648 | } |
1649 | |
1650 | err = write_head(c, BASEHD, buf: ino, len, lnum: &lnum, offs: &offs, sync); |
1651 | if (err) |
1652 | goto out_release; |
1653 | if (!sync) |
1654 | ubifs_wbuf_add_ino_nolock(wbuf: &c->jheads[BASEHD].wbuf, inum); |
1655 | release_head(c, BASEHD); |
1656 | |
1657 | ubifs_add_auth_dirt(c, lnum); |
1658 | |
1659 | if (dlen) { |
1660 | sz = offs + UBIFS_INO_NODE_SZ + UBIFS_TRUN_NODE_SZ; |
1661 | err = ubifs_tnc_add(c, key: &key, lnum, offs: sz, len: dlen, hash: hash_dn); |
1662 | if (err) |
1663 | goto out_ro; |
1664 | } |
1665 | |
1666 | ino_key_init(c, key: &key, inum); |
1667 | err = ubifs_tnc_add(c, key: &key, lnum, offs, UBIFS_INO_NODE_SZ, hash: hash_ino); |
1668 | if (err) |
1669 | goto out_ro; |
1670 | |
1671 | err = ubifs_add_dirt(c, lnum, UBIFS_TRUN_NODE_SZ); |
1672 | if (err) |
1673 | goto out_ro; |
1674 | |
1675 | bit = new_size & (UBIFS_BLOCK_SIZE - 1); |
1676 | blk = (new_size >> UBIFS_BLOCK_SHIFT) + (bit ? 1 : 0); |
1677 | data_key_init(c, key: &key, inum, block: blk); |
1678 | |
1679 | bit = old_size & (UBIFS_BLOCK_SIZE - 1); |
1680 | blk = (old_size >> UBIFS_BLOCK_SHIFT) - (bit ? 0 : 1); |
1681 | data_key_init(c, key: &to_key, inum, block: blk); |
1682 | |
1683 | err = ubifs_tnc_remove_range(c, from_key: &key, to_key: &to_key); |
1684 | if (err) |
1685 | goto out_ro; |
1686 | |
1687 | finish_reservation(c); |
1688 | spin_lock(lock: &ui->ui_lock); |
1689 | ui->synced_i_size = ui->ui_size; |
1690 | spin_unlock(lock: &ui->ui_lock); |
1691 | mark_inode_clean(c, ui); |
1692 | kfree(objp: ino); |
1693 | return 0; |
1694 | |
1695 | out_release: |
1696 | release_head(c, BASEHD); |
1697 | out_ro: |
1698 | ubifs_ro_mode(c, err); |
1699 | finish_reservation(c); |
1700 | out_free: |
1701 | kfree(objp: ino); |
1702 | return err; |
1703 | } |
1704 | |
1705 | |
1706 | /** |
1707 | * ubifs_jnl_delete_xattr - delete an extended attribute. |
1708 | * @c: UBIFS file-system description object |
1709 | * @host: host inode |
1710 | * @inode: extended attribute inode |
1711 | * @nm: extended attribute entry name |
1712 | * |
1713 | * This function delete an extended attribute which is very similar to |
1714 | * un-linking regular files - it writes a deletion xentry, a deletion inode and |
1715 | * updates the target inode. Returns zero in case of success and a negative |
1716 | * error code in case of failure. |
1717 | */ |
1718 | int ubifs_jnl_delete_xattr(struct ubifs_info *c, const struct inode *host, |
1719 | const struct inode *inode, |
1720 | const struct fscrypt_name *nm) |
1721 | { |
1722 | int err, xlen, hlen, len, lnum, xent_offs, aligned_xlen, write_len; |
1723 | struct ubifs_dent_node *xent; |
1724 | struct ubifs_ino_node *ino; |
1725 | union ubifs_key xent_key, key1, key2; |
1726 | int sync = IS_DIRSYNC(host); |
1727 | struct ubifs_inode *host_ui = ubifs_inode(inode: host); |
1728 | u8 hash[UBIFS_HASH_ARR_SZ]; |
1729 | |
1730 | ubifs_assert(c, inode->i_nlink == 0); |
1731 | ubifs_assert(c, mutex_is_locked(&host_ui->ui_mutex)); |
1732 | |
1733 | /* |
1734 | * Since we are deleting the inode, we do not bother to attach any data |
1735 | * to it and assume its length is %UBIFS_INO_NODE_SZ. |
1736 | */ |
1737 | xlen = UBIFS_DENT_NODE_SZ + fname_len(nm) + 1; |
1738 | aligned_xlen = ALIGN(xlen, 8); |
1739 | hlen = host_ui->data_len + UBIFS_INO_NODE_SZ; |
1740 | len = aligned_xlen + UBIFS_INO_NODE_SZ + ALIGN(hlen, 8); |
1741 | |
1742 | write_len = len + ubifs_auth_node_sz(c); |
1743 | |
1744 | xent = kzalloc(size: write_len, GFP_NOFS); |
1745 | if (!xent) |
1746 | return -ENOMEM; |
1747 | |
1748 | /* Make reservation before allocating sequence numbers */ |
1749 | err = make_reservation(c, BASEHD, len: write_len); |
1750 | if (err) { |
1751 | kfree(objp: xent); |
1752 | return err; |
1753 | } |
1754 | |
1755 | xent->ch.node_type = UBIFS_XENT_NODE; |
1756 | xent_key_init(c, key: &xent_key, inum: host->i_ino, nm); |
1757 | key_write(c, from: &xent_key, to: xent->key); |
1758 | xent->inum = 0; |
1759 | xent->type = get_dent_type(mode: inode->i_mode); |
1760 | xent->nlen = cpu_to_le16(fname_len(nm)); |
1761 | memcpy(xent->name, fname_name(nm), fname_len(nm)); |
1762 | xent->name[fname_len(nm)] = '\0'; |
1763 | zero_dent_node_unused(dent: xent); |
1764 | ubifs_prep_grp_node(c, node: xent, len: xlen, last: 0); |
1765 | |
1766 | ino = (void *)xent + aligned_xlen; |
1767 | pack_inode(c, ino, inode, last: 0); |
1768 | ino = (void *)ino + UBIFS_INO_NODE_SZ; |
1769 | pack_inode(c, ino, inode: host, last: 1); |
1770 | err = ubifs_node_calc_hash(c, buf: ino, hash); |
1771 | if (err) |
1772 | goto out_release; |
1773 | |
1774 | err = write_head(c, BASEHD, buf: xent, len: write_len, lnum: &lnum, offs: &xent_offs, sync); |
1775 | if (!sync && !err) |
1776 | ubifs_wbuf_add_ino_nolock(wbuf: &c->jheads[BASEHD].wbuf, inum: host->i_ino); |
1777 | release_head(c, BASEHD); |
1778 | |
1779 | ubifs_add_auth_dirt(c, lnum); |
1780 | kfree(objp: xent); |
1781 | if (err) |
1782 | goto out_ro; |
1783 | |
1784 | /* Remove the extended attribute entry from TNC */ |
1785 | err = ubifs_tnc_remove_nm(c, key: &xent_key, nm); |
1786 | if (err) |
1787 | goto out_ro; |
1788 | err = ubifs_add_dirt(c, lnum, dirty: xlen); |
1789 | if (err) |
1790 | goto out_ro; |
1791 | |
1792 | /* |
1793 | * Remove all nodes belonging to the extended attribute inode from TNC. |
1794 | * Well, there actually must be only one node - the inode itself. |
1795 | */ |
1796 | lowest_ino_key(c, key: &key1, inum: inode->i_ino); |
1797 | highest_ino_key(c, key: &key2, inum: inode->i_ino); |
1798 | err = ubifs_tnc_remove_range(c, from_key: &key1, to_key: &key2); |
1799 | if (err) |
1800 | goto out_ro; |
1801 | err = ubifs_add_dirt(c, lnum, UBIFS_INO_NODE_SZ); |
1802 | if (err) |
1803 | goto out_ro; |
1804 | |
1805 | /* And update TNC with the new host inode position */ |
1806 | ino_key_init(c, key: &key1, inum: host->i_ino); |
1807 | err = ubifs_tnc_add(c, key: &key1, lnum, offs: xent_offs + len - hlen, len: hlen, hash); |
1808 | if (err) |
1809 | goto out_ro; |
1810 | |
1811 | finish_reservation(c); |
1812 | spin_lock(lock: &host_ui->ui_lock); |
1813 | host_ui->synced_i_size = host_ui->ui_size; |
1814 | spin_unlock(lock: &host_ui->ui_lock); |
1815 | mark_inode_clean(c, ui: host_ui); |
1816 | return 0; |
1817 | |
1818 | out_release: |
1819 | kfree(objp: xent); |
1820 | release_head(c, BASEHD); |
1821 | out_ro: |
1822 | ubifs_ro_mode(c, err); |
1823 | finish_reservation(c); |
1824 | return err; |
1825 | } |
1826 | |
1827 | /** |
1828 | * ubifs_jnl_change_xattr - change an extended attribute. |
1829 | * @c: UBIFS file-system description object |
1830 | * @inode: extended attribute inode |
1831 | * @host: host inode |
1832 | * |
1833 | * This function writes the updated version of an extended attribute inode and |
1834 | * the host inode to the journal (to the base head). The host inode is written |
1835 | * after the extended attribute inode in order to guarantee that the extended |
1836 | * attribute will be flushed when the inode is synchronized by 'fsync()' and |
1837 | * consequently, the write-buffer is synchronized. This function returns zero |
1838 | * in case of success and a negative error code in case of failure. |
1839 | */ |
1840 | int ubifs_jnl_change_xattr(struct ubifs_info *c, const struct inode *inode, |
1841 | const struct inode *host) |
1842 | { |
1843 | int err, len1, len2, aligned_len, aligned_len1, lnum, offs; |
1844 | struct ubifs_inode *host_ui = ubifs_inode(inode: host); |
1845 | struct ubifs_ino_node *ino; |
1846 | union ubifs_key key; |
1847 | int sync = IS_DIRSYNC(host); |
1848 | u8 hash_host[UBIFS_HASH_ARR_SZ]; |
1849 | u8 hash[UBIFS_HASH_ARR_SZ]; |
1850 | |
1851 | dbg_jnl("ino %lu, ino %lu" , host->i_ino, inode->i_ino); |
1852 | ubifs_assert(c, inode->i_nlink > 0); |
1853 | ubifs_assert(c, mutex_is_locked(&host_ui->ui_mutex)); |
1854 | |
1855 | len1 = UBIFS_INO_NODE_SZ + host_ui->data_len; |
1856 | len2 = UBIFS_INO_NODE_SZ + ubifs_inode(inode)->data_len; |
1857 | aligned_len1 = ALIGN(len1, 8); |
1858 | aligned_len = aligned_len1 + ALIGN(len2, 8); |
1859 | |
1860 | aligned_len += ubifs_auth_node_sz(c); |
1861 | |
1862 | ino = kzalloc(size: aligned_len, GFP_NOFS); |
1863 | if (!ino) |
1864 | return -ENOMEM; |
1865 | |
1866 | /* Make reservation before allocating sequence numbers */ |
1867 | err = make_reservation(c, BASEHD, len: aligned_len); |
1868 | if (err) |
1869 | goto out_free; |
1870 | |
1871 | pack_inode(c, ino, inode: host, last: 0); |
1872 | err = ubifs_node_calc_hash(c, buf: ino, hash: hash_host); |
1873 | if (err) |
1874 | goto out_release; |
1875 | pack_inode(c, ino: (void *)ino + aligned_len1, inode, last: 1); |
1876 | err = ubifs_node_calc_hash(c, buf: (void *)ino + aligned_len1, hash); |
1877 | if (err) |
1878 | goto out_release; |
1879 | |
1880 | err = write_head(c, BASEHD, buf: ino, len: aligned_len, lnum: &lnum, offs: &offs, sync: 0); |
1881 | if (!sync && !err) { |
1882 | struct ubifs_wbuf *wbuf = &c->jheads[BASEHD].wbuf; |
1883 | |
1884 | ubifs_wbuf_add_ino_nolock(wbuf, inum: host->i_ino); |
1885 | ubifs_wbuf_add_ino_nolock(wbuf, inum: inode->i_ino); |
1886 | } |
1887 | release_head(c, BASEHD); |
1888 | if (err) |
1889 | goto out_ro; |
1890 | |
1891 | ubifs_add_auth_dirt(c, lnum); |
1892 | |
1893 | ino_key_init(c, key: &key, inum: host->i_ino); |
1894 | err = ubifs_tnc_add(c, key: &key, lnum, offs, len: len1, hash: hash_host); |
1895 | if (err) |
1896 | goto out_ro; |
1897 | |
1898 | ino_key_init(c, key: &key, inum: inode->i_ino); |
1899 | err = ubifs_tnc_add(c, key: &key, lnum, offs: offs + aligned_len1, len: len2, hash); |
1900 | if (err) |
1901 | goto out_ro; |
1902 | |
1903 | finish_reservation(c); |
1904 | spin_lock(lock: &host_ui->ui_lock); |
1905 | host_ui->synced_i_size = host_ui->ui_size; |
1906 | spin_unlock(lock: &host_ui->ui_lock); |
1907 | mark_inode_clean(c, ui: host_ui); |
1908 | kfree(objp: ino); |
1909 | return 0; |
1910 | |
1911 | out_release: |
1912 | release_head(c, BASEHD); |
1913 | out_ro: |
1914 | ubifs_ro_mode(c, err); |
1915 | finish_reservation(c); |
1916 | out_free: |
1917 | kfree(objp: ino); |
1918 | return err; |
1919 | } |
1920 | |
1921 | |