Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | /** |
2 | * mft.c - NTFS kernel mft record operations. Part of the Linux-NTFS project. | |
3 | * | |
4 | * Copyright (c) 2001-2004 Anton Altaparmakov | |
5 | * Copyright (c) 2002 Richard Russon | |
6 | * | |
7 | * This program/include file is free software; you can redistribute it and/or | |
8 | * modify it under the terms of the GNU General Public License as published | |
9 | * by the Free Software Foundation; either version 2 of the License, or | |
10 | * (at your option) any later version. | |
11 | * | |
12 | * This program/include file is distributed in the hope that it will be | |
13 | * useful, but WITHOUT ANY WARRANTY; without even the implied warranty | |
14 | * of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
15 | * GNU General Public License for more details. | |
16 | * | |
17 | * You should have received a copy of the GNU General Public License | |
18 | * along with this program (in the main directory of the Linux-NTFS | |
19 | * distribution in the file COPYING); if not, write to the Free Software | |
20 | * Foundation,Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | |
21 | */ | |
22 | ||
23 | #include <linux/buffer_head.h> | |
24 | #include <linux/swap.h> | |
25 | ||
26 | #include "attrib.h" | |
27 | #include "aops.h" | |
28 | #include "bitmap.h" | |
29 | #include "debug.h" | |
30 | #include "dir.h" | |
31 | #include "lcnalloc.h" | |
32 | #include "malloc.h" | |
33 | #include "mft.h" | |
34 | #include "ntfs.h" | |
35 | ||
36 | /** | |
37 | * map_mft_record_page - map the page in which a specific mft record resides | |
38 | * @ni: ntfs inode whose mft record page to map | |
39 | * | |
40 | * This maps the page in which the mft record of the ntfs inode @ni is situated | |
41 | * and returns a pointer to the mft record within the mapped page. | |
42 | * | |
43 | * Return value needs to be checked with IS_ERR() and if that is true PTR_ERR() | |
44 | * contains the negative error code returned. | |
45 | */ | |
46 | static inline MFT_RECORD *map_mft_record_page(ntfs_inode *ni) | |
47 | { | |
48 | ntfs_volume *vol = ni->vol; | |
49 | struct inode *mft_vi = vol->mft_ino; | |
50 | struct page *page; | |
51 | unsigned long index, ofs, end_index; | |
52 | ||
53 | BUG_ON(ni->page); | |
54 | /* | |
55 | * The index into the page cache and the offset within the page cache | |
56 | * page of the wanted mft record. FIXME: We need to check for | |
57 | * overflowing the unsigned long, but I don't think we would ever get | |
58 | * here if the volume was that big... | |
59 | */ | |
60 | index = ni->mft_no << vol->mft_record_size_bits >> PAGE_CACHE_SHIFT; | |
61 | ofs = (ni->mft_no << vol->mft_record_size_bits) & ~PAGE_CACHE_MASK; | |
62 | ||
63 | /* The maximum valid index into the page cache for $MFT's data. */ | |
64 | end_index = mft_vi->i_size >> PAGE_CACHE_SHIFT; | |
65 | ||
66 | /* If the wanted index is out of bounds the mft record doesn't exist. */ | |
67 | if (unlikely(index >= end_index)) { | |
68 | if (index > end_index || (mft_vi->i_size & ~PAGE_CACHE_MASK) < | |
69 | ofs + vol->mft_record_size) { | |
70 | page = ERR_PTR(-ENOENT); | |
71 | ntfs_error(vol->sb, "Attemt to read mft record 0x%lx, " | |
72 | "which is beyond the end of the mft. " | |
73 | "This is probably a bug in the ntfs " | |
74 | "driver.", ni->mft_no); | |
75 | goto err_out; | |
76 | } | |
77 | } | |
78 | /* Read, map, and pin the page. */ | |
79 | page = ntfs_map_page(mft_vi->i_mapping, index); | |
80 | if (likely(!IS_ERR(page))) { | |
81 | /* Catch multi sector transfer fixup errors. */ | |
82 | if (likely(ntfs_is_mft_recordp((le32*)(page_address(page) + | |
83 | ofs)))) { | |
84 | ni->page = page; | |
85 | ni->page_ofs = ofs; | |
86 | return page_address(page) + ofs; | |
87 | } | |
88 | ntfs_error(vol->sb, "Mft record 0x%lx is corrupt. " | |
89 | "Run chkdsk.", ni->mft_no); | |
90 | ntfs_unmap_page(page); | |
91 | page = ERR_PTR(-EIO); | |
92 | } | |
93 | err_out: | |
94 | ni->page = NULL; | |
95 | ni->page_ofs = 0; | |
96 | return (void*)page; | |
97 | } | |
98 | ||
99 | /** | |
100 | * map_mft_record - map, pin and lock an mft record | |
101 | * @ni: ntfs inode whose MFT record to map | |
102 | * | |
103 | * First, take the mrec_lock semaphore. We might now be sleeping, while waiting | |
104 | * for the semaphore if it was already locked by someone else. | |
105 | * | |
106 | * The page of the record is mapped using map_mft_record_page() before being | |
107 | * returned to the caller. | |
108 | * | |
109 | * This in turn uses ntfs_map_page() to get the page containing the wanted mft | |
110 | * record (it in turn calls read_cache_page() which reads it in from disk if | |
111 | * necessary, increments the use count on the page so that it cannot disappear | |
112 | * under us and returns a reference to the page cache page). | |
113 | * | |
114 | * If read_cache_page() invokes ntfs_readpage() to load the page from disk, it | |
115 | * sets PG_locked and clears PG_uptodate on the page. Once I/O has completed | |
116 | * and the post-read mst fixups on each mft record in the page have been | |
117 | * performed, the page gets PG_uptodate set and PG_locked cleared (this is done | |
118 | * in our asynchronous I/O completion handler end_buffer_read_mft_async()). | |
119 | * ntfs_map_page() waits for PG_locked to become clear and checks if | |
120 | * PG_uptodate is set and returns an error code if not. This provides | |
121 | * sufficient protection against races when reading/using the page. | |
122 | * | |
123 | * However there is the write mapping to think about. Doing the above described | |
124 | * checking here will be fine, because when initiating the write we will set | |
125 | * PG_locked and clear PG_uptodate making sure nobody is touching the page | |
126 | * contents. Doing the locking this way means that the commit to disk code in | |
127 | * the page cache code paths is automatically sufficiently locked with us as | |
128 | * we will not touch a page that has been locked or is not uptodate. The only | |
129 | * locking problem then is them locking the page while we are accessing it. | |
130 | * | |
131 | * So that code will end up having to own the mrec_lock of all mft | |
132 | * records/inodes present in the page before I/O can proceed. In that case we | |
133 | * wouldn't need to bother with PG_locked and PG_uptodate as nobody will be | |
134 | * accessing anything without owning the mrec_lock semaphore. But we do need | |
135 | * to use them because of the read_cache_page() invocation and the code becomes | |
136 | * so much simpler this way that it is well worth it. | |
137 | * | |
138 | * The mft record is now ours and we return a pointer to it. You need to check | |
139 | * the returned pointer with IS_ERR() and if that is true, PTR_ERR() will return | |
140 | * the error code. | |
141 | * | |
142 | * NOTE: Caller is responsible for setting the mft record dirty before calling | |
143 | * unmap_mft_record(). This is obviously only necessary if the caller really | |
144 | * modified the mft record... | |
145 | * Q: Do we want to recycle one of the VFS inode state bits instead? | |
146 | * A: No, the inode ones mean we want to change the mft record, not we want to | |
147 | * write it out. | |
148 | */ | |
149 | MFT_RECORD *map_mft_record(ntfs_inode *ni) | |
150 | { | |
151 | MFT_RECORD *m; | |
152 | ||
153 | ntfs_debug("Entering for mft_no 0x%lx.", ni->mft_no); | |
154 | ||
155 | /* Make sure the ntfs inode doesn't go away. */ | |
156 | atomic_inc(&ni->count); | |
157 | ||
158 | /* Serialize access to this mft record. */ | |
159 | down(&ni->mrec_lock); | |
160 | ||
161 | m = map_mft_record_page(ni); | |
162 | if (likely(!IS_ERR(m))) | |
163 | return m; | |
164 | ||
165 | up(&ni->mrec_lock); | |
166 | atomic_dec(&ni->count); | |
167 | ntfs_error(ni->vol->sb, "Failed with error code %lu.", -PTR_ERR(m)); | |
168 | return m; | |
169 | } | |
170 | ||
171 | /** | |
172 | * unmap_mft_record_page - unmap the page in which a specific mft record resides | |
173 | * @ni: ntfs inode whose mft record page to unmap | |
174 | * | |
175 | * This unmaps the page in which the mft record of the ntfs inode @ni is | |
176 | * situated and returns. This is a NOOP if highmem is not configured. | |
177 | * | |
178 | * The unmap happens via ntfs_unmap_page() which in turn decrements the use | |
179 | * count on the page thus releasing it from the pinned state. | |
180 | * | |
181 | * We do not actually unmap the page from memory of course, as that will be | |
182 | * done by the page cache code itself when memory pressure increases or | |
183 | * whatever. | |
184 | */ | |
185 | static inline void unmap_mft_record_page(ntfs_inode *ni) | |
186 | { | |
187 | BUG_ON(!ni->page); | |
188 | ||
189 | // TODO: If dirty, blah... | |
190 | ntfs_unmap_page(ni->page); | |
191 | ni->page = NULL; | |
192 | ni->page_ofs = 0; | |
193 | return; | |
194 | } | |
195 | ||
196 | /** | |
197 | * unmap_mft_record - release a mapped mft record | |
198 | * @ni: ntfs inode whose MFT record to unmap | |
199 | * | |
200 | * We release the page mapping and the mrec_lock mutex which unmaps the mft | |
201 | * record and releases it for others to get hold of. We also release the ntfs | |
202 | * inode by decrementing the ntfs inode reference count. | |
203 | * | |
204 | * NOTE: If caller has modified the mft record, it is imperative to set the mft | |
205 | * record dirty BEFORE calling unmap_mft_record(). | |
206 | */ | |
207 | void unmap_mft_record(ntfs_inode *ni) | |
208 | { | |
209 | struct page *page = ni->page; | |
210 | ||
211 | BUG_ON(!page); | |
212 | ||
213 | ntfs_debug("Entering for mft_no 0x%lx.", ni->mft_no); | |
214 | ||
215 | unmap_mft_record_page(ni); | |
216 | up(&ni->mrec_lock); | |
217 | atomic_dec(&ni->count); | |
218 | /* | |
219 | * If pure ntfs_inode, i.e. no vfs inode attached, we leave it to | |
220 | * ntfs_clear_extent_inode() in the extent inode case, and to the | |
221 | * caller in the non-extent, yet pure ntfs inode case, to do the actual | |
222 | * tear down of all structures and freeing of all allocated memory. | |
223 | */ | |
224 | return; | |
225 | } | |
226 | ||
227 | /** | |
228 | * map_extent_mft_record - load an extent inode and attach it to its base | |
229 | * @base_ni: base ntfs inode | |
230 | * @mref: mft reference of the extent inode to load | |
231 | * @ntfs_ino: on successful return, pointer to the ntfs_inode structure | |
232 | * | |
233 | * Load the extent mft record @mref and attach it to its base inode @base_ni. | |
234 | * Return the mapped extent mft record if IS_ERR(result) is false. Otherwise | |
235 | * PTR_ERR(result) gives the negative error code. | |
236 | * | |
237 | * On successful return, @ntfs_ino contains a pointer to the ntfs_inode | |
238 | * structure of the mapped extent inode. | |
239 | */ | |
240 | MFT_RECORD *map_extent_mft_record(ntfs_inode *base_ni, MFT_REF mref, | |
241 | ntfs_inode **ntfs_ino) | |
242 | { | |
243 | MFT_RECORD *m; | |
244 | ntfs_inode *ni = NULL; | |
245 | ntfs_inode **extent_nis = NULL; | |
246 | int i; | |
247 | unsigned long mft_no = MREF(mref); | |
248 | u16 seq_no = MSEQNO(mref); | |
249 | BOOL destroy_ni = FALSE; | |
250 | ||
251 | ntfs_debug("Mapping extent mft record 0x%lx (base mft record 0x%lx).", | |
252 | mft_no, base_ni->mft_no); | |
253 | /* Make sure the base ntfs inode doesn't go away. */ | |
254 | atomic_inc(&base_ni->count); | |
255 | /* | |
256 | * Check if this extent inode has already been added to the base inode, | |
257 | * in which case just return it. If not found, add it to the base | |
258 | * inode before returning it. | |
259 | */ | |
260 | down(&base_ni->extent_lock); | |
261 | if (base_ni->nr_extents > 0) { | |
262 | extent_nis = base_ni->ext.extent_ntfs_inos; | |
263 | for (i = 0; i < base_ni->nr_extents; i++) { | |
264 | if (mft_no != extent_nis[i]->mft_no) | |
265 | continue; | |
266 | ni = extent_nis[i]; | |
267 | /* Make sure the ntfs inode doesn't go away. */ | |
268 | atomic_inc(&ni->count); | |
269 | break; | |
270 | } | |
271 | } | |
272 | if (likely(ni != NULL)) { | |
273 | up(&base_ni->extent_lock); | |
274 | atomic_dec(&base_ni->count); | |
275 | /* We found the record; just have to map and return it. */ | |
276 | m = map_mft_record(ni); | |
277 | /* map_mft_record() has incremented this on success. */ | |
278 | atomic_dec(&ni->count); | |
279 | if (likely(!IS_ERR(m))) { | |
280 | /* Verify the sequence number. */ | |
281 | if (likely(le16_to_cpu(m->sequence_number) == seq_no)) { | |
282 | ntfs_debug("Done 1."); | |
283 | *ntfs_ino = ni; | |
284 | return m; | |
285 | } | |
286 | unmap_mft_record(ni); | |
287 | ntfs_error(base_ni->vol->sb, "Found stale extent mft " | |
288 | "reference! Corrupt file system. " | |
289 | "Run chkdsk."); | |
290 | return ERR_PTR(-EIO); | |
291 | } | |
292 | map_err_out: | |
293 | ntfs_error(base_ni->vol->sb, "Failed to map extent " | |
294 | "mft record, error code %ld.", -PTR_ERR(m)); | |
295 | return m; | |
296 | } | |
297 | /* Record wasn't there. Get a new ntfs inode and initialize it. */ | |
298 | ni = ntfs_new_extent_inode(base_ni->vol->sb, mft_no); | |
299 | if (unlikely(!ni)) { | |
300 | up(&base_ni->extent_lock); | |
301 | atomic_dec(&base_ni->count); | |
302 | return ERR_PTR(-ENOMEM); | |
303 | } | |
304 | ni->vol = base_ni->vol; | |
305 | ni->seq_no = seq_no; | |
306 | ni->nr_extents = -1; | |
307 | ni->ext.base_ntfs_ino = base_ni; | |
308 | /* Now map the record. */ | |
309 | m = map_mft_record(ni); | |
310 | if (IS_ERR(m)) { | |
311 | up(&base_ni->extent_lock); | |
312 | atomic_dec(&base_ni->count); | |
313 | ntfs_clear_extent_inode(ni); | |
314 | goto map_err_out; | |
315 | } | |
316 | /* Verify the sequence number if it is present. */ | |
317 | if (seq_no && (le16_to_cpu(m->sequence_number) != seq_no)) { | |
318 | ntfs_error(base_ni->vol->sb, "Found stale extent mft " | |
319 | "reference! Corrupt file system. Run chkdsk."); | |
320 | destroy_ni = TRUE; | |
321 | m = ERR_PTR(-EIO); | |
322 | goto unm_err_out; | |
323 | } | |
324 | /* Attach extent inode to base inode, reallocating memory if needed. */ | |
325 | if (!(base_ni->nr_extents & 3)) { | |
326 | ntfs_inode **tmp; | |
327 | int new_size = (base_ni->nr_extents + 4) * sizeof(ntfs_inode *); | |
328 | ||
329 | tmp = (ntfs_inode **)kmalloc(new_size, GFP_NOFS); | |
330 | if (unlikely(!tmp)) { | |
331 | ntfs_error(base_ni->vol->sb, "Failed to allocate " | |
332 | "internal buffer."); | |
333 | destroy_ni = TRUE; | |
334 | m = ERR_PTR(-ENOMEM); | |
335 | goto unm_err_out; | |
336 | } | |
337 | if (base_ni->nr_extents) { | |
338 | BUG_ON(!base_ni->ext.extent_ntfs_inos); | |
339 | memcpy(tmp, base_ni->ext.extent_ntfs_inos, new_size - | |
340 | 4 * sizeof(ntfs_inode *)); | |
341 | kfree(base_ni->ext.extent_ntfs_inos); | |
342 | } | |
343 | base_ni->ext.extent_ntfs_inos = tmp; | |
344 | } | |
345 | base_ni->ext.extent_ntfs_inos[base_ni->nr_extents++] = ni; | |
346 | up(&base_ni->extent_lock); | |
347 | atomic_dec(&base_ni->count); | |
348 | ntfs_debug("Done 2."); | |
349 | *ntfs_ino = ni; | |
350 | return m; | |
351 | unm_err_out: | |
352 | unmap_mft_record(ni); | |
353 | up(&base_ni->extent_lock); | |
354 | atomic_dec(&base_ni->count); | |
355 | /* | |
356 | * If the extent inode was not attached to the base inode we need to | |
357 | * release it or we will leak memory. | |
358 | */ | |
359 | if (destroy_ni) | |
360 | ntfs_clear_extent_inode(ni); | |
361 | return m; | |
362 | } | |
363 | ||
364 | #ifdef NTFS_RW | |
365 | ||
366 | /** | |
367 | * __mark_mft_record_dirty - set the mft record and the page containing it dirty | |
368 | * @ni: ntfs inode describing the mapped mft record | |
369 | * | |
370 | * Internal function. Users should call mark_mft_record_dirty() instead. | |
371 | * | |
372 | * Set the mapped (extent) mft record of the (base or extent) ntfs inode @ni, | |
373 | * as well as the page containing the mft record, dirty. Also, mark the base | |
374 | * vfs inode dirty. This ensures that any changes to the mft record are | |
375 | * written out to disk. | |
376 | * | |
377 | * NOTE: We only set I_DIRTY_SYNC and I_DIRTY_DATASYNC (and not I_DIRTY_PAGES) | |
378 | * on the base vfs inode, because even though file data may have been modified, | |
379 | * it is dirty in the inode meta data rather than the data page cache of the | |
380 | * inode, and thus there are no data pages that need writing out. Therefore, a | |
381 | * full mark_inode_dirty() is overkill. A mark_inode_dirty_sync(), on the | |
382 | * other hand, is not sufficient, because I_DIRTY_DATASYNC needs to be set to | |
383 | * ensure ->write_inode is called from generic_osync_inode() and this needs to | |
384 | * happen or the file data would not necessarily hit the device synchronously, | |
385 | * even though the vfs inode has the O_SYNC flag set. Also, I_DIRTY_DATASYNC | |
386 | * simply "feels" better than just I_DIRTY_SYNC, since the file data has not | |
387 | * actually hit the block device yet, which is not what I_DIRTY_SYNC on its own | |
388 | * would suggest. | |
389 | */ | |
390 | void __mark_mft_record_dirty(ntfs_inode *ni) | |
391 | { | |
392 | ntfs_inode *base_ni; | |
393 | ||
394 | ntfs_debug("Entering for inode 0x%lx.", ni->mft_no); | |
395 | BUG_ON(NInoAttr(ni)); | |
396 | mark_ntfs_record_dirty(ni->page, ni->page_ofs); | |
397 | /* Determine the base vfs inode and mark it dirty, too. */ | |
398 | down(&ni->extent_lock); | |
399 | if (likely(ni->nr_extents >= 0)) | |
400 | base_ni = ni; | |
401 | else | |
402 | base_ni = ni->ext.base_ntfs_ino; | |
403 | up(&ni->extent_lock); | |
404 | __mark_inode_dirty(VFS_I(base_ni), I_DIRTY_SYNC | I_DIRTY_DATASYNC); | |
405 | } | |
406 | ||
407 | static const char *ntfs_please_email = "Please email " | |
408 | "linux-ntfs-dev@lists.sourceforge.net and say that you saw " | |
409 | "this message. Thank you."; | |
410 | ||
411 | /** | |
412 | * ntfs_sync_mft_mirror_umount - synchronise an mft record to the mft mirror | |
413 | * @vol: ntfs volume on which the mft record to synchronize resides | |
414 | * @mft_no: mft record number of mft record to synchronize | |
415 | * @m: mapped, mst protected (extent) mft record to synchronize | |
416 | * | |
417 | * Write the mapped, mst protected (extent) mft record @m with mft record | |
418 | * number @mft_no to the mft mirror ($MFTMirr) of the ntfs volume @vol, | |
419 | * bypassing the page cache and the $MFTMirr inode itself. | |
420 | * | |
421 | * This function is only for use at umount time when the mft mirror inode has | |
422 | * already been disposed off. We BUG() if we are called while the mft mirror | |
423 | * inode is still attached to the volume. | |
424 | * | |
425 | * On success return 0. On error return -errno. | |
426 | * | |
427 | * NOTE: This function is not implemented yet as I am not convinced it can | |
428 | * actually be triggered considering the sequence of commits we do in super.c:: | |
429 | * ntfs_put_super(). But just in case we provide this place holder as the | |
430 | * alternative would be either to BUG() or to get a NULL pointer dereference | |
431 | * and Oops. | |
432 | */ | |
433 | static int ntfs_sync_mft_mirror_umount(ntfs_volume *vol, | |
434 | const unsigned long mft_no, MFT_RECORD *m) | |
435 | { | |
436 | BUG_ON(vol->mftmirr_ino); | |
437 | ntfs_error(vol->sb, "Umount time mft mirror syncing is not " | |
438 | "implemented yet. %s", ntfs_please_email); | |
439 | return -EOPNOTSUPP; | |
440 | } | |
441 | ||
442 | /** | |
443 | * ntfs_sync_mft_mirror - synchronize an mft record to the mft mirror | |
444 | * @vol: ntfs volume on which the mft record to synchronize resides | |
445 | * @mft_no: mft record number of mft record to synchronize | |
446 | * @m: mapped, mst protected (extent) mft record to synchronize | |
447 | * @sync: if true, wait for i/o completion | |
448 | * | |
449 | * Write the mapped, mst protected (extent) mft record @m with mft record | |
450 | * number @mft_no to the mft mirror ($MFTMirr) of the ntfs volume @vol. | |
451 | * | |
452 | * On success return 0. On error return -errno and set the volume errors flag | |
453 | * in the ntfs volume @vol. | |
454 | * | |
455 | * NOTE: We always perform synchronous i/o and ignore the @sync parameter. | |
456 | * | |
457 | * TODO: If @sync is false, want to do truly asynchronous i/o, i.e. just | |
458 | * schedule i/o via ->writepage or do it via kntfsd or whatever. | |
459 | */ | |
460 | int ntfs_sync_mft_mirror(ntfs_volume *vol, const unsigned long mft_no, | |
461 | MFT_RECORD *m, int sync) | |
462 | { | |
463 | struct page *page; | |
464 | unsigned int blocksize = vol->sb->s_blocksize; | |
465 | int max_bhs = vol->mft_record_size / blocksize; | |
466 | struct buffer_head *bhs[max_bhs]; | |
467 | struct buffer_head *bh, *head; | |
468 | u8 *kmirr; | |
469 | runlist_element *rl; | |
470 | unsigned int block_start, block_end, m_start, m_end, page_ofs; | |
471 | int i_bhs, nr_bhs, err = 0; | |
472 | unsigned char blocksize_bits = vol->mftmirr_ino->i_blkbits; | |
473 | ||
474 | ntfs_debug("Entering for inode 0x%lx.", mft_no); | |
475 | BUG_ON(!max_bhs); | |
476 | if (unlikely(!vol->mftmirr_ino)) { | |
477 | /* This could happen during umount... */ | |
478 | err = ntfs_sync_mft_mirror_umount(vol, mft_no, m); | |
479 | if (likely(!err)) | |
480 | return err; | |
481 | goto err_out; | |
482 | } | |
483 | /* Get the page containing the mirror copy of the mft record @m. */ | |
484 | page = ntfs_map_page(vol->mftmirr_ino->i_mapping, mft_no >> | |
485 | (PAGE_CACHE_SHIFT - vol->mft_record_size_bits)); | |
486 | if (IS_ERR(page)) { | |
487 | ntfs_error(vol->sb, "Failed to map mft mirror page."); | |
488 | err = PTR_ERR(page); | |
489 | goto err_out; | |
490 | } | |
491 | lock_page(page); | |
492 | BUG_ON(!PageUptodate(page)); | |
493 | ClearPageUptodate(page); | |
494 | /* Offset of the mft mirror record inside the page. */ | |
495 | page_ofs = (mft_no << vol->mft_record_size_bits) & ~PAGE_CACHE_MASK; | |
496 | /* The address in the page of the mirror copy of the mft record @m. */ | |
497 | kmirr = page_address(page) + page_ofs; | |
498 | /* Copy the mst protected mft record to the mirror. */ | |
499 | memcpy(kmirr, m, vol->mft_record_size); | |
500 | /* Create uptodate buffers if not present. */ | |
501 | if (unlikely(!page_has_buffers(page))) { | |
502 | struct buffer_head *tail; | |
503 | ||
504 | bh = head = alloc_page_buffers(page, blocksize, 1); | |
505 | do { | |
506 | set_buffer_uptodate(bh); | |
507 | tail = bh; | |
508 | bh = bh->b_this_page; | |
509 | } while (bh); | |
510 | tail->b_this_page = head; | |
511 | attach_page_buffers(page, head); | |
512 | BUG_ON(!page_has_buffers(page)); | |
513 | } | |
514 | bh = head = page_buffers(page); | |
515 | BUG_ON(!bh); | |
516 | rl = NULL; | |
517 | nr_bhs = 0; | |
518 | block_start = 0; | |
519 | m_start = kmirr - (u8*)page_address(page); | |
520 | m_end = m_start + vol->mft_record_size; | |
521 | do { | |
522 | block_end = block_start + blocksize; | |
523 | /* If the buffer is outside the mft record, skip it. */ | |
524 | if (block_end <= m_start) | |
525 | continue; | |
526 | if (unlikely(block_start >= m_end)) | |
527 | break; | |
528 | /* Need to map the buffer if it is not mapped already. */ | |
529 | if (unlikely(!buffer_mapped(bh))) { | |
530 | VCN vcn; | |
531 | LCN lcn; | |
532 | unsigned int vcn_ofs; | |
533 | ||
534 | /* Obtain the vcn and offset of the current block. */ | |
535 | vcn = ((VCN)mft_no << vol->mft_record_size_bits) + | |
536 | (block_start - m_start); | |
537 | vcn_ofs = vcn & vol->cluster_size_mask; | |
538 | vcn >>= vol->cluster_size_bits; | |
539 | if (!rl) { | |
540 | down_read(&NTFS_I(vol->mftmirr_ino)-> | |
541 | runlist.lock); | |
542 | rl = NTFS_I(vol->mftmirr_ino)->runlist.rl; | |
543 | /* | |
544 | * $MFTMirr always has the whole of its runlist | |
545 | * in memory. | |
546 | */ | |
547 | BUG_ON(!rl); | |
548 | } | |
549 | /* Seek to element containing target vcn. */ | |
550 | while (rl->length && rl[1].vcn <= vcn) | |
551 | rl++; | |
552 | lcn = ntfs_rl_vcn_to_lcn(rl, vcn); | |
553 | /* For $MFTMirr, only lcn >= 0 is a successful remap. */ | |
554 | if (likely(lcn >= 0)) { | |
555 | /* Setup buffer head to correct block. */ | |
556 | bh->b_blocknr = ((lcn << | |
557 | vol->cluster_size_bits) + | |
558 | vcn_ofs) >> blocksize_bits; | |
559 | set_buffer_mapped(bh); | |
560 | } else { | |
561 | bh->b_blocknr = -1; | |
562 | ntfs_error(vol->sb, "Cannot write mft mirror " | |
563 | "record 0x%lx because its " | |
564 | "location on disk could not " | |
565 | "be determined (error code " | |
566 | "%lli).", mft_no, | |
567 | (long long)lcn); | |
568 | err = -EIO; | |
569 | } | |
570 | } | |
571 | BUG_ON(!buffer_uptodate(bh)); | |
572 | BUG_ON(!nr_bhs && (m_start != block_start)); | |
573 | BUG_ON(nr_bhs >= max_bhs); | |
574 | bhs[nr_bhs++] = bh; | |
575 | BUG_ON((nr_bhs >= max_bhs) && (m_end != block_end)); | |
576 | } while (block_start = block_end, (bh = bh->b_this_page) != head); | |
577 | if (unlikely(rl)) | |
578 | up_read(&NTFS_I(vol->mftmirr_ino)->runlist.lock); | |
579 | if (likely(!err)) { | |
580 | /* Lock buffers and start synchronous write i/o on them. */ | |
581 | for (i_bhs = 0; i_bhs < nr_bhs; i_bhs++) { | |
582 | struct buffer_head *tbh = bhs[i_bhs]; | |
583 | ||
584 | if (unlikely(test_set_buffer_locked(tbh))) | |
585 | BUG(); | |
586 | BUG_ON(!buffer_uptodate(tbh)); | |
587 | clear_buffer_dirty(tbh); | |
588 | get_bh(tbh); | |
589 | tbh->b_end_io = end_buffer_write_sync; | |
590 | submit_bh(WRITE, tbh); | |
591 | } | |
592 | /* Wait on i/o completion of buffers. */ | |
593 | for (i_bhs = 0; i_bhs < nr_bhs; i_bhs++) { | |
594 | struct buffer_head *tbh = bhs[i_bhs]; | |
595 | ||
596 | wait_on_buffer(tbh); | |
597 | if (unlikely(!buffer_uptodate(tbh))) { | |
598 | err = -EIO; | |
599 | /* | |
600 | * Set the buffer uptodate so the page and | |
601 | * buffer states do not become out of sync. | |
602 | */ | |
603 | set_buffer_uptodate(tbh); | |
604 | } | |
605 | } | |
606 | } else /* if (unlikely(err)) */ { | |
607 | /* Clean the buffers. */ | |
608 | for (i_bhs = 0; i_bhs < nr_bhs; i_bhs++) | |
609 | clear_buffer_dirty(bhs[i_bhs]); | |
610 | } | |
611 | /* Current state: all buffers are clean, unlocked, and uptodate. */ | |
612 | /* Remove the mst protection fixups again. */ | |
613 | post_write_mst_fixup((NTFS_RECORD*)kmirr); | |
614 | flush_dcache_page(page); | |
615 | SetPageUptodate(page); | |
616 | unlock_page(page); | |
617 | ntfs_unmap_page(page); | |
618 | if (likely(!err)) { | |
619 | ntfs_debug("Done."); | |
620 | } else { | |
621 | ntfs_error(vol->sb, "I/O error while writing mft mirror " | |
622 | "record 0x%lx!", mft_no); | |
623 | err_out: | |
624 | ntfs_error(vol->sb, "Failed to synchronize $MFTMirr (error " | |
625 | "code %i). Volume will be left marked dirty " | |
626 | "on umount. Run ntfsfix on the partition " | |
627 | "after umounting to correct this.", -err); | |
628 | NVolSetErrors(vol); | |
629 | } | |
630 | return err; | |
631 | } | |
632 | ||
633 | /** | |
634 | * write_mft_record_nolock - write out a mapped (extent) mft record | |
635 | * @ni: ntfs inode describing the mapped (extent) mft record | |
636 | * @m: mapped (extent) mft record to write | |
637 | * @sync: if true, wait for i/o completion | |
638 | * | |
639 | * Write the mapped (extent) mft record @m described by the (regular or extent) | |
640 | * ntfs inode @ni to backing store. If the mft record @m has a counterpart in | |
641 | * the mft mirror, that is also updated. | |
642 | * | |
643 | * We only write the mft record if the ntfs inode @ni is dirty and the first | |
644 | * buffer belonging to its mft record is dirty, too. We ignore the dirty state | |
645 | * of subsequent buffers because we could have raced with | |
646 | * fs/ntfs/aops.c::mark_ntfs_record_dirty(). | |
647 | * | |
648 | * On success, clean the mft record and return 0. On error, leave the mft | |
649 | * record dirty and return -errno. The caller should call make_bad_inode() on | |
650 | * the base inode to ensure no more access happens to this inode. We do not do | |
651 | * it here as the caller may want to finish writing other extent mft records | |
652 | * first to minimize on-disk metadata inconsistencies. | |
653 | * | |
654 | * NOTE: We always perform synchronous i/o and ignore the @sync parameter. | |
655 | * However, if the mft record has a counterpart in the mft mirror and @sync is | |
656 | * true, we write the mft record, wait for i/o completion, and only then write | |
657 | * the mft mirror copy. This ensures that if the system crashes either the mft | |
658 | * or the mft mirror will contain a self-consistent mft record @m. If @sync is | |
659 | * false on the other hand, we start i/o on both and then wait for completion | |
660 | * on them. This provides a speedup but no longer guarantees that you will end | |
661 | * up with a self-consistent mft record in the case of a crash but if you asked | |
662 | * for asynchronous writing you probably do not care about that anyway. | |
663 | * | |
664 | * TODO: If @sync is false, want to do truly asynchronous i/o, i.e. just | |
665 | * schedule i/o via ->writepage or do it via kntfsd or whatever. | |
666 | */ | |
667 | int write_mft_record_nolock(ntfs_inode *ni, MFT_RECORD *m, int sync) | |
668 | { | |
669 | ntfs_volume *vol = ni->vol; | |
670 | struct page *page = ni->page; | |
671 | unsigned char blocksize_bits = vol->mft_ino->i_blkbits; | |
672 | unsigned int blocksize = 1 << blocksize_bits; | |
673 | int max_bhs = vol->mft_record_size / blocksize; | |
674 | struct buffer_head *bhs[max_bhs]; | |
675 | struct buffer_head *bh, *head; | |
676 | runlist_element *rl; | |
677 | unsigned int block_start, block_end, m_start, m_end; | |
678 | int i_bhs, nr_bhs, err = 0; | |
679 | ||
680 | ntfs_debug("Entering for inode 0x%lx.", ni->mft_no); | |
681 | BUG_ON(NInoAttr(ni)); | |
682 | BUG_ON(!max_bhs); | |
683 | BUG_ON(!PageLocked(page)); | |
684 | /* | |
685 | * If the ntfs_inode is clean no need to do anything. If it is dirty, | |
686 | * mark it as clean now so that it can be redirtied later on if needed. | |
687 | * There is no danger of races since the caller is holding the locks | |
688 | * for the mft record @m and the page it is in. | |
689 | */ | |
690 | if (!NInoTestClearDirty(ni)) | |
691 | goto done; | |
692 | BUG_ON(!page_has_buffers(page)); | |
693 | bh = head = page_buffers(page); | |
694 | BUG_ON(!bh); | |
695 | rl = NULL; | |
696 | nr_bhs = 0; | |
697 | block_start = 0; | |
698 | m_start = ni->page_ofs; | |
699 | m_end = m_start + vol->mft_record_size; | |
700 | do { | |
701 | block_end = block_start + blocksize; | |
702 | /* If the buffer is outside the mft record, skip it. */ | |
703 | if (block_end <= m_start) | |
704 | continue; | |
705 | if (unlikely(block_start >= m_end)) | |
706 | break; | |
707 | /* | |
708 | * If this block is not the first one in the record, we ignore | |
709 | * the buffer's dirty state because we could have raced with a | |
710 | * parallel mark_ntfs_record_dirty(). | |
711 | */ | |
712 | if (block_start == m_start) { | |
713 | /* This block is the first one in the record. */ | |
714 | if (!buffer_dirty(bh)) { | |
715 | BUG_ON(nr_bhs); | |
716 | /* Clean records are not written out. */ | |
717 | break; | |
718 | } | |
719 | } | |
720 | /* Need to map the buffer if it is not mapped already. */ | |
721 | if (unlikely(!buffer_mapped(bh))) { | |
722 | VCN vcn; | |
723 | LCN lcn; | |
724 | unsigned int vcn_ofs; | |
725 | ||
726 | /* Obtain the vcn and offset of the current block. */ | |
727 | vcn = ((VCN)ni->mft_no << vol->mft_record_size_bits) + | |
728 | (block_start - m_start); | |
729 | vcn_ofs = vcn & vol->cluster_size_mask; | |
730 | vcn >>= vol->cluster_size_bits; | |
731 | if (!rl) { | |
732 | down_read(&NTFS_I(vol->mft_ino)->runlist.lock); | |
733 | rl = NTFS_I(vol->mft_ino)->runlist.rl; | |
734 | BUG_ON(!rl); | |
735 | } | |
736 | /* Seek to element containing target vcn. */ | |
737 | while (rl->length && rl[1].vcn <= vcn) | |
738 | rl++; | |
739 | lcn = ntfs_rl_vcn_to_lcn(rl, vcn); | |
740 | /* For $MFT, only lcn >= 0 is a successful remap. */ | |
741 | if (likely(lcn >= 0)) { | |
742 | /* Setup buffer head to correct block. */ | |
743 | bh->b_blocknr = ((lcn << | |
744 | vol->cluster_size_bits) + | |
745 | vcn_ofs) >> blocksize_bits; | |
746 | set_buffer_mapped(bh); | |
747 | } else { | |
748 | bh->b_blocknr = -1; | |
749 | ntfs_error(vol->sb, "Cannot write mft record " | |
750 | "0x%lx because its location " | |
751 | "on disk could not be " | |
752 | "determined (error code %lli).", | |
753 | ni->mft_no, (long long)lcn); | |
754 | err = -EIO; | |
755 | } | |
756 | } | |
757 | BUG_ON(!buffer_uptodate(bh)); | |
758 | BUG_ON(!nr_bhs && (m_start != block_start)); | |
759 | BUG_ON(nr_bhs >= max_bhs); | |
760 | bhs[nr_bhs++] = bh; | |
761 | BUG_ON((nr_bhs >= max_bhs) && (m_end != block_end)); | |
762 | } while (block_start = block_end, (bh = bh->b_this_page) != head); | |
763 | if (unlikely(rl)) | |
764 | up_read(&NTFS_I(vol->mft_ino)->runlist.lock); | |
765 | if (!nr_bhs) | |
766 | goto done; | |
767 | if (unlikely(err)) | |
768 | goto cleanup_out; | |
769 | /* Apply the mst protection fixups. */ | |
770 | err = pre_write_mst_fixup((NTFS_RECORD*)m, vol->mft_record_size); | |
771 | if (err) { | |
772 | ntfs_error(vol->sb, "Failed to apply mst fixups!"); | |
773 | goto cleanup_out; | |
774 | } | |
775 | flush_dcache_mft_record_page(ni); | |
776 | /* Lock buffers and start synchronous write i/o on them. */ | |
777 | for (i_bhs = 0; i_bhs < nr_bhs; i_bhs++) { | |
778 | struct buffer_head *tbh = bhs[i_bhs]; | |
779 | ||
780 | if (unlikely(test_set_buffer_locked(tbh))) | |
781 | BUG(); | |
782 | BUG_ON(!buffer_uptodate(tbh)); | |
783 | clear_buffer_dirty(tbh); | |
784 | get_bh(tbh); | |
785 | tbh->b_end_io = end_buffer_write_sync; | |
786 | submit_bh(WRITE, tbh); | |
787 | } | |
788 | /* Synchronize the mft mirror now if not @sync. */ | |
789 | if (!sync && ni->mft_no < vol->mftmirr_size) | |
790 | ntfs_sync_mft_mirror(vol, ni->mft_no, m, sync); | |
791 | /* Wait on i/o completion of buffers. */ | |
792 | for (i_bhs = 0; i_bhs < nr_bhs; i_bhs++) { | |
793 | struct buffer_head *tbh = bhs[i_bhs]; | |
794 | ||
795 | wait_on_buffer(tbh); | |
796 | if (unlikely(!buffer_uptodate(tbh))) { | |
797 | err = -EIO; | |
798 | /* | |
799 | * Set the buffer uptodate so the page and buffer | |
800 | * states do not become out of sync. | |
801 | */ | |
802 | if (PageUptodate(page)) | |
803 | set_buffer_uptodate(tbh); | |
804 | } | |
805 | } | |
806 | /* If @sync, now synchronize the mft mirror. */ | |
807 | if (sync && ni->mft_no < vol->mftmirr_size) | |
808 | ntfs_sync_mft_mirror(vol, ni->mft_no, m, sync); | |
809 | /* Remove the mst protection fixups again. */ | |
810 | post_write_mst_fixup((NTFS_RECORD*)m); | |
811 | flush_dcache_mft_record_page(ni); | |
812 | if (unlikely(err)) { | |
813 | /* I/O error during writing. This is really bad! */ | |
814 | ntfs_error(vol->sb, "I/O error while writing mft record " | |
815 | "0x%lx! Marking base inode as bad. You " | |
816 | "should unmount the volume and run chkdsk.", | |
817 | ni->mft_no); | |
818 | goto err_out; | |
819 | } | |
820 | done: | |
821 | ntfs_debug("Done."); | |
822 | return 0; | |
823 | cleanup_out: | |
824 | /* Clean the buffers. */ | |
825 | for (i_bhs = 0; i_bhs < nr_bhs; i_bhs++) | |
826 | clear_buffer_dirty(bhs[i_bhs]); | |
827 | err_out: | |
828 | /* | |
829 | * Current state: all buffers are clean, unlocked, and uptodate. | |
830 | * The caller should mark the base inode as bad so that no more i/o | |
831 | * happens. ->clear_inode() will still be invoked so all extent inodes | |
832 | * and other allocated memory will be freed. | |
833 | */ | |
834 | if (err == -ENOMEM) { | |
835 | ntfs_error(vol->sb, "Not enough memory to write mft record. " | |
836 | "Redirtying so the write is retried later."); | |
837 | mark_mft_record_dirty(ni); | |
838 | err = 0; | |
839 | } else | |
840 | NVolSetErrors(vol); | |
841 | return err; | |
842 | } | |
843 | ||
844 | /** | |
845 | * ntfs_may_write_mft_record - check if an mft record may be written out | |
846 | * @vol: [IN] ntfs volume on which the mft record to check resides | |
847 | * @mft_no: [IN] mft record number of the mft record to check | |
848 | * @m: [IN] mapped mft record to check | |
849 | * @locked_ni: [OUT] caller has to unlock this ntfs inode if one is returned | |
850 | * | |
851 | * Check if the mapped (base or extent) mft record @m with mft record number | |
852 | * @mft_no belonging to the ntfs volume @vol may be written out. If necessary | |
853 | * and possible the ntfs inode of the mft record is locked and the base vfs | |
854 | * inode is pinned. The locked ntfs inode is then returned in @locked_ni. The | |
855 | * caller is responsible for unlocking the ntfs inode and unpinning the base | |
856 | * vfs inode. | |
857 | * | |
858 | * Return TRUE if the mft record may be written out and FALSE if not. | |
859 | * | |
860 | * The caller has locked the page and cleared the uptodate flag on it which | |
861 | * means that we can safely write out any dirty mft records that do not have | |
862 | * their inodes in icache as determined by ilookup5() as anyone | |
863 | * opening/creating such an inode would block when attempting to map the mft | |
864 | * record in read_cache_page() until we are finished with the write out. | |
865 | * | |
866 | * Here is a description of the tests we perform: | |
867 | * | |
868 | * If the inode is found in icache we know the mft record must be a base mft | |
869 | * record. If it is dirty, we do not write it and return FALSE as the vfs | |
870 | * inode write paths will result in the access times being updated which would | |
871 | * cause the base mft record to be redirtied and written out again. (We know | |
872 | * the access time update will modify the base mft record because Windows | |
873 | * chkdsk complains if the standard information attribute is not in the base | |
874 | * mft record.) | |
875 | * | |
876 | * If the inode is in icache and not dirty, we attempt to lock the mft record | |
877 | * and if we find the lock was already taken, it is not safe to write the mft | |
878 | * record and we return FALSE. | |
879 | * | |
880 | * If we manage to obtain the lock we have exclusive access to the mft record, | |
881 | * which also allows us safe writeout of the mft record. We then set | |
882 | * @locked_ni to the locked ntfs inode and return TRUE. | |
883 | * | |
884 | * Note we cannot just lock the mft record and sleep while waiting for the lock | |
885 | * because this would deadlock due to lock reversal (normally the mft record is | |
886 | * locked before the page is locked but we already have the page locked here | |
887 | * when we try to lock the mft record). | |
888 | * | |
889 | * If the inode is not in icache we need to perform further checks. | |
890 | * | |
891 | * If the mft record is not a FILE record or it is a base mft record, we can | |
892 | * safely write it and return TRUE. | |
893 | * | |
894 | * We now know the mft record is an extent mft record. We check if the inode | |
895 | * corresponding to its base mft record is in icache and obtain a reference to | |
896 | * it if it is. If it is not, we can safely write it and return TRUE. | |
897 | * | |
898 | * We now have the base inode for the extent mft record. We check if it has an | |
899 | * ntfs inode for the extent mft record attached and if not it is safe to write | |
900 | * the extent mft record and we return TRUE. | |
901 | * | |
902 | * The ntfs inode for the extent mft record is attached to the base inode so we | |
903 | * attempt to lock the extent mft record and if we find the lock was already | |
904 | * taken, it is not safe to write the extent mft record and we return FALSE. | |
905 | * | |
906 | * If we manage to obtain the lock we have exclusive access to the extent mft | |
907 | * record, which also allows us safe writeout of the extent mft record. We | |
908 | * set the ntfs inode of the extent mft record clean and then set @locked_ni to | |
909 | * the now locked ntfs inode and return TRUE. | |
910 | * | |
911 | * Note, the reason for actually writing dirty mft records here and not just | |
912 | * relying on the vfs inode dirty code paths is that we can have mft records | |
913 | * modified without them ever having actual inodes in memory. Also we can have | |
914 | * dirty mft records with clean ntfs inodes in memory. None of the described | |
915 | * cases would result in the dirty mft records being written out if we only | |
916 | * relied on the vfs inode dirty code paths. And these cases can really occur | |
917 | * during allocation of new mft records and in particular when the | |
918 | * initialized_size of the $MFT/$DATA attribute is extended and the new space | |
919 | * is initialized using ntfs_mft_record_format(). The clean inode can then | |
920 | * appear if the mft record is reused for a new inode before it got written | |
921 | * out. | |
922 | */ | |
923 | BOOL ntfs_may_write_mft_record(ntfs_volume *vol, const unsigned long mft_no, | |
924 | const MFT_RECORD *m, ntfs_inode **locked_ni) | |
925 | { | |
926 | struct super_block *sb = vol->sb; | |
927 | struct inode *mft_vi = vol->mft_ino; | |
928 | struct inode *vi; | |
929 | ntfs_inode *ni, *eni, **extent_nis; | |
930 | int i; | |
931 | ntfs_attr na; | |
932 | ||
933 | ntfs_debug("Entering for inode 0x%lx.", mft_no); | |
934 | /* | |
935 | * Normally we do not return a locked inode so set @locked_ni to NULL. | |
936 | */ | |
937 | BUG_ON(!locked_ni); | |
938 | *locked_ni = NULL; | |
939 | /* | |
940 | * Check if the inode corresponding to this mft record is in the VFS | |
941 | * inode cache and obtain a reference to it if it is. | |
942 | */ | |
943 | ntfs_debug("Looking for inode 0x%lx in icache.", mft_no); | |
944 | na.mft_no = mft_no; | |
945 | na.name = NULL; | |
946 | na.name_len = 0; | |
947 | na.type = AT_UNUSED; | |
948 | /* | |
949 | * For inode 0, i.e. $MFT itself, we cannot use ilookup5() from here or | |
950 | * we deadlock because the inode is already locked by the kernel | |
951 | * (fs/fs-writeback.c::__sync_single_inode()) and ilookup5() waits | |
952 | * until the inode is unlocked before returning it and it never gets | |
953 | * unlocked because ntfs_should_write_mft_record() never returns. )-: | |
954 | * Fortunately, we have inode 0 pinned in icache for the duration of | |
955 | * the mount so we can access it directly. | |
956 | */ | |
957 | if (!mft_no) { | |
958 | /* Balance the below iput(). */ | |
959 | vi = igrab(mft_vi); | |
960 | BUG_ON(vi != mft_vi); | |
961 | } else | |
962 | vi = ilookup5(sb, mft_no, (test_t)ntfs_test_inode, &na); | |
963 | if (vi) { | |
964 | ntfs_debug("Base inode 0x%lx is in icache.", mft_no); | |
965 | /* The inode is in icache. */ | |
966 | ni = NTFS_I(vi); | |
967 | /* Take a reference to the ntfs inode. */ | |
968 | atomic_inc(&ni->count); | |
969 | /* If the inode is dirty, do not write this record. */ | |
970 | if (NInoDirty(ni)) { | |
971 | ntfs_debug("Inode 0x%lx is dirty, do not write it.", | |
972 | mft_no); | |
973 | atomic_dec(&ni->count); | |
974 | iput(vi); | |
975 | return FALSE; | |
976 | } | |
977 | ntfs_debug("Inode 0x%lx is not dirty.", mft_no); | |
978 | /* The inode is not dirty, try to take the mft record lock. */ | |
979 | if (unlikely(down_trylock(&ni->mrec_lock))) { | |
980 | ntfs_debug("Mft record 0x%lx is already locked, do " | |
981 | "not write it.", mft_no); | |
982 | atomic_dec(&ni->count); | |
983 | iput(vi); | |
984 | return FALSE; | |
985 | } | |
986 | ntfs_debug("Managed to lock mft record 0x%lx, write it.", | |
987 | mft_no); | |
988 | /* | |
989 | * The write has to occur while we hold the mft record lock so | |
990 | * return the locked ntfs inode. | |
991 | */ | |
992 | *locked_ni = ni; | |
993 | return TRUE; | |
994 | } | |
995 | ntfs_debug("Inode 0x%lx is not in icache.", mft_no); | |
996 | /* The inode is not in icache. */ | |
997 | /* Write the record if it is not a mft record (type "FILE"). */ | |
998 | if (!ntfs_is_mft_record(m->magic)) { | |
999 | ntfs_debug("Mft record 0x%lx is not a FILE record, write it.", | |
1000 | mft_no); | |
1001 | return TRUE; | |
1002 | } | |
1003 | /* Write the mft record if it is a base inode. */ | |
1004 | if (!m->base_mft_record) { | |
1005 | ntfs_debug("Mft record 0x%lx is a base record, write it.", | |
1006 | mft_no); | |
1007 | return TRUE; | |
1008 | } | |
1009 | /* | |
1010 | * This is an extent mft record. Check if the inode corresponding to | |
1011 | * its base mft record is in icache and obtain a reference to it if it | |
1012 | * is. | |
1013 | */ | |
1014 | na.mft_no = MREF_LE(m->base_mft_record); | |
1015 | ntfs_debug("Mft record 0x%lx is an extent record. Looking for base " | |
1016 | "inode 0x%lx in icache.", mft_no, na.mft_no); | |
1017 | vi = ilookup5(sb, na.mft_no, (test_t)ntfs_test_inode, &na); | |
1018 | if (!vi) { | |
1019 | /* | |
1020 | * The base inode is not in icache, write this extent mft | |
1021 | * record. | |
1022 | */ | |
1023 | ntfs_debug("Base inode 0x%lx is not in icache, write the " | |
1024 | "extent record.", na.mft_no); | |
1025 | return TRUE; | |
1026 | } | |
1027 | ntfs_debug("Base inode 0x%lx is in icache.", na.mft_no); | |
1028 | /* | |
1029 | * The base inode is in icache. Check if it has the extent inode | |
1030 | * corresponding to this extent mft record attached. | |
1031 | */ | |
1032 | ni = NTFS_I(vi); | |
1033 | down(&ni->extent_lock); | |
1034 | if (ni->nr_extents <= 0) { | |
1035 | /* | |
1036 | * The base inode has no attached extent inodes, write this | |
1037 | * extent mft record. | |
1038 | */ | |
1039 | up(&ni->extent_lock); | |
1040 | iput(vi); | |
1041 | ntfs_debug("Base inode 0x%lx has no attached extent inodes, " | |
1042 | "write the extent record.", na.mft_no); | |
1043 | return TRUE; | |
1044 | } | |
1045 | /* Iterate over the attached extent inodes. */ | |
1046 | extent_nis = ni->ext.extent_ntfs_inos; | |
1047 | for (eni = NULL, i = 0; i < ni->nr_extents; ++i) { | |
1048 | if (mft_no == extent_nis[i]->mft_no) { | |
1049 | /* | |
1050 | * Found the extent inode corresponding to this extent | |
1051 | * mft record. | |
1052 | */ | |
1053 | eni = extent_nis[i]; | |
1054 | break; | |
1055 | } | |
1056 | } | |
1057 | /* | |
1058 | * If the extent inode was not attached to the base inode, write this | |
1059 | * extent mft record. | |
1060 | */ | |
1061 | if (!eni) { | |
1062 | up(&ni->extent_lock); | |
1063 | iput(vi); | |
1064 | ntfs_debug("Extent inode 0x%lx is not attached to its base " | |
1065 | "inode 0x%lx, write the extent record.", | |
1066 | mft_no, na.mft_no); | |
1067 | return TRUE; | |
1068 | } | |
1069 | ntfs_debug("Extent inode 0x%lx is attached to its base inode 0x%lx.", | |
1070 | mft_no, na.mft_no); | |
1071 | /* Take a reference to the extent ntfs inode. */ | |
1072 | atomic_inc(&eni->count); | |
1073 | up(&ni->extent_lock); | |
1074 | /* | |
1075 | * Found the extent inode coresponding to this extent mft record. | |
1076 | * Try to take the mft record lock. | |
1077 | */ | |
1078 | if (unlikely(down_trylock(&eni->mrec_lock))) { | |
1079 | atomic_dec(&eni->count); | |
1080 | iput(vi); | |
1081 | ntfs_debug("Extent mft record 0x%lx is already locked, do " | |
1082 | "not write it.", mft_no); | |
1083 | return FALSE; | |
1084 | } | |
1085 | ntfs_debug("Managed to lock extent mft record 0x%lx, write it.", | |
1086 | mft_no); | |
1087 | if (NInoTestClearDirty(eni)) | |
1088 | ntfs_debug("Extent inode 0x%lx is dirty, marking it clean.", | |
1089 | mft_no); | |
1090 | /* | |
1091 | * The write has to occur while we hold the mft record lock so return | |
1092 | * the locked extent ntfs inode. | |
1093 | */ | |
1094 | *locked_ni = eni; | |
1095 | return TRUE; | |
1096 | } | |
1097 | ||
1098 | static const char *es = " Leaving inconsistent metadata. Unmount and run " | |
1099 | "chkdsk."; | |
1100 | ||
1101 | /** | |
1102 | * ntfs_mft_bitmap_find_and_alloc_free_rec_nolock - see name | |
1103 | * @vol: volume on which to search for a free mft record | |
1104 | * @base_ni: open base inode if allocating an extent mft record or NULL | |
1105 | * | |
1106 | * Search for a free mft record in the mft bitmap attribute on the ntfs volume | |
1107 | * @vol. | |
1108 | * | |
1109 | * If @base_ni is NULL start the search at the default allocator position. | |
1110 | * | |
1111 | * If @base_ni is not NULL start the search at the mft record after the base | |
1112 | * mft record @base_ni. | |
1113 | * | |
1114 | * Return the free mft record on success and -errno on error. An error code of | |
1115 | * -ENOSPC means that there are no free mft records in the currently | |
1116 | * initialized mft bitmap. | |
1117 | * | |
1118 | * Locking: Caller must hold vol->mftbmp_lock for writing. | |
1119 | */ | |
1120 | static int ntfs_mft_bitmap_find_and_alloc_free_rec_nolock(ntfs_volume *vol, | |
1121 | ntfs_inode *base_ni) | |
1122 | { | |
1123 | s64 pass_end, ll, data_pos, pass_start, ofs, bit; | |
1124 | struct address_space *mftbmp_mapping; | |
1125 | u8 *buf, *byte; | |
1126 | struct page *page; | |
1127 | unsigned int page_ofs, size; | |
1128 | u8 pass, b; | |
1129 | ||
1130 | ntfs_debug("Searching for free mft record in the currently " | |
1131 | "initialized mft bitmap."); | |
1132 | mftbmp_mapping = vol->mftbmp_ino->i_mapping; | |
1133 | /* | |
1134 | * Set the end of the pass making sure we do not overflow the mft | |
1135 | * bitmap. | |
1136 | */ | |
1137 | pass_end = NTFS_I(vol->mft_ino)->allocated_size >> | |
1138 | vol->mft_record_size_bits; | |
1139 | ll = NTFS_I(vol->mftbmp_ino)->initialized_size << 3; | |
1140 | if (pass_end > ll) | |
1141 | pass_end = ll; | |
1142 | pass = 1; | |
1143 | if (!base_ni) | |
1144 | data_pos = vol->mft_data_pos; | |
1145 | else | |
1146 | data_pos = base_ni->mft_no + 1; | |
1147 | if (data_pos < 24) | |
1148 | data_pos = 24; | |
1149 | if (data_pos >= pass_end) { | |
1150 | data_pos = 24; | |
1151 | pass = 2; | |
1152 | /* This happens on a freshly formatted volume. */ | |
1153 | if (data_pos >= pass_end) | |
1154 | return -ENOSPC; | |
1155 | } | |
1156 | pass_start = data_pos; | |
1157 | ntfs_debug("Starting bitmap search: pass %u, pass_start 0x%llx, " | |
1158 | "pass_end 0x%llx, data_pos 0x%llx.", pass, | |
1159 | (long long)pass_start, (long long)pass_end, | |
1160 | (long long)data_pos); | |
1161 | /* Loop until a free mft record is found. */ | |
1162 | for (; pass <= 2;) { | |
1163 | /* Cap size to pass_end. */ | |
1164 | ofs = data_pos >> 3; | |
1165 | page_ofs = ofs & ~PAGE_CACHE_MASK; | |
1166 | size = PAGE_CACHE_SIZE - page_ofs; | |
1167 | ll = ((pass_end + 7) >> 3) - ofs; | |
1168 | if (size > ll) | |
1169 | size = ll; | |
1170 | size <<= 3; | |
1171 | /* | |
1172 | * If we are still within the active pass, search the next page | |
1173 | * for a zero bit. | |
1174 | */ | |
1175 | if (size) { | |
1176 | page = ntfs_map_page(mftbmp_mapping, | |
1177 | ofs >> PAGE_CACHE_SHIFT); | |
1178 | if (unlikely(IS_ERR(page))) { | |
1179 | ntfs_error(vol->sb, "Failed to read mft " | |
1180 | "bitmap, aborting."); | |
1181 | return PTR_ERR(page); | |
1182 | } | |
1183 | buf = (u8*)page_address(page) + page_ofs; | |
1184 | bit = data_pos & 7; | |
1185 | data_pos &= ~7ull; | |
1186 | ntfs_debug("Before inner for loop: size 0x%x, " | |
1187 | "data_pos 0x%llx, bit 0x%llx", size, | |
1188 | (long long)data_pos, (long long)bit); | |
1189 | for (; bit < size && data_pos + bit < pass_end; | |
1190 | bit &= ~7ull, bit += 8) { | |
1191 | byte = buf + (bit >> 3); | |
1192 | if (*byte == 0xff) | |
1193 | continue; | |
1194 | b = ffz((unsigned long)*byte); | |
1195 | if (b < 8 && b >= (bit & 7)) { | |
1196 | ll = data_pos + (bit & ~7ull) + b; | |
1197 | if (unlikely(ll > (1ll << 32))) { | |
1198 | ntfs_unmap_page(page); | |
1199 | return -ENOSPC; | |
1200 | } | |
1201 | *byte |= 1 << b; | |
1202 | flush_dcache_page(page); | |
1203 | set_page_dirty(page); | |
1204 | ntfs_unmap_page(page); | |
1205 | ntfs_debug("Done. (Found and " | |
1206 | "allocated mft record " | |
1207 | "0x%llx.)", | |
1208 | (long long)ll); | |
1209 | return ll; | |
1210 | } | |
1211 | } | |
1212 | ntfs_debug("After inner for loop: size 0x%x, " | |
1213 | "data_pos 0x%llx, bit 0x%llx", size, | |
1214 | (long long)data_pos, (long long)bit); | |
1215 | data_pos += size; | |
1216 | ntfs_unmap_page(page); | |
1217 | /* | |
1218 | * If the end of the pass has not been reached yet, | |
1219 | * continue searching the mft bitmap for a zero bit. | |
1220 | */ | |
1221 | if (data_pos < pass_end) | |
1222 | continue; | |
1223 | } | |
1224 | /* Do the next pass. */ | |
1225 | if (++pass == 2) { | |
1226 | /* | |
1227 | * Starting the second pass, in which we scan the first | |
1228 | * part of the zone which we omitted earlier. | |
1229 | */ | |
1230 | pass_end = pass_start; | |
1231 | data_pos = pass_start = 24; | |
1232 | ntfs_debug("pass %i, pass_start 0x%llx, pass_end " | |
1233 | "0x%llx.", pass, (long long)pass_start, | |
1234 | (long long)pass_end); | |
1235 | if (data_pos >= pass_end) | |
1236 | break; | |
1237 | } | |
1238 | } | |
1239 | /* No free mft records in currently initialized mft bitmap. */ | |
1240 | ntfs_debug("Done. (No free mft records left in currently initialized " | |
1241 | "mft bitmap.)"); | |
1242 | return -ENOSPC; | |
1243 | } | |
1244 | ||
1245 | /** | |
1246 | * ntfs_mft_bitmap_extend_allocation_nolock - extend mft bitmap by a cluster | |
1247 | * @vol: volume on which to extend the mft bitmap attribute | |
1248 | * | |
1249 | * Extend the mft bitmap attribute on the ntfs volume @vol by one cluster. | |
1250 | * | |
1251 | * Note: Only changes allocated_size, i.e. does not touch initialized_size or | |
1252 | * data_size. | |
1253 | * | |
1254 | * Return 0 on success and -errno on error. | |
1255 | * | |
1256 | * Locking: - Caller must hold vol->mftbmp_lock for writing. | |
1257 | * - This function takes NTFS_I(vol->mftbmp_ino)->runlist.lock for | |
1258 | * writing and releases it before returning. | |
1259 | * - This function takes vol->lcnbmp_lock for writing and releases it | |
1260 | * before returning. | |
1261 | */ | |
1262 | static int ntfs_mft_bitmap_extend_allocation_nolock(ntfs_volume *vol) | |
1263 | { | |
1264 | LCN lcn; | |
1265 | s64 ll; | |
1266 | struct page *page; | |
1267 | ntfs_inode *mft_ni, *mftbmp_ni; | |
1268 | runlist_element *rl, *rl2 = NULL; | |
1269 | ntfs_attr_search_ctx *ctx = NULL; | |
1270 | MFT_RECORD *mrec; | |
1271 | ATTR_RECORD *a = NULL; | |
1272 | int ret, mp_size; | |
1273 | u32 old_alen = 0; | |
1274 | u8 *b, tb; | |
1275 | struct { | |
1276 | u8 added_cluster:1; | |
1277 | u8 added_run:1; | |
1278 | u8 mp_rebuilt:1; | |
1279 | } status = { 0, 0, 0 }; | |
1280 | ||
1281 | ntfs_debug("Extending mft bitmap allocation."); | |
1282 | mft_ni = NTFS_I(vol->mft_ino); | |
1283 | mftbmp_ni = NTFS_I(vol->mftbmp_ino); | |
1284 | /* | |
1285 | * Determine the last lcn of the mft bitmap. The allocated size of the | |
1286 | * mft bitmap cannot be zero so we are ok to do this. | |
1287 | * ntfs_find_vcn() returns the runlist locked on success. | |
1288 | */ | |
1289 | rl = ntfs_find_vcn(mftbmp_ni, (mftbmp_ni->allocated_size - 1) >> | |
1290 | vol->cluster_size_bits, TRUE); | |
1291 | if (unlikely(IS_ERR(rl) || !rl->length || rl->lcn < 0)) { | |
1292 | ntfs_error(vol->sb, "Failed to determine last allocated " | |
1293 | "cluster of mft bitmap attribute."); | |
1294 | if (!IS_ERR(rl)) { | |
1295 | up_write(&mftbmp_ni->runlist.lock); | |
1296 | ret = -EIO; | |
1297 | } else | |
1298 | ret = PTR_ERR(rl); | |
1299 | return ret; | |
1300 | } | |
1301 | lcn = rl->lcn + rl->length; | |
1302 | ntfs_debug("Last lcn of mft bitmap attribute is 0x%llx.", | |
1303 | (long long)lcn); | |
1304 | /* | |
1305 | * Attempt to get the cluster following the last allocated cluster by | |
1306 | * hand as it may be in the MFT zone so the allocator would not give it | |
1307 | * to us. | |
1308 | */ | |
1309 | ll = lcn >> 3; | |
1310 | page = ntfs_map_page(vol->lcnbmp_ino->i_mapping, | |
1311 | ll >> PAGE_CACHE_SHIFT); | |
1312 | if (IS_ERR(page)) { | |
1313 | up_write(&mftbmp_ni->runlist.lock); | |
1314 | ntfs_error(vol->sb, "Failed to read from lcn bitmap."); | |
1315 | return PTR_ERR(page); | |
1316 | } | |
1317 | b = (u8*)page_address(page) + (ll & ~PAGE_CACHE_MASK); | |
1318 | tb = 1 << (lcn & 7ull); | |
1319 | down_write(&vol->lcnbmp_lock); | |
1320 | if (*b != 0xff && !(*b & tb)) { | |
1321 | /* Next cluster is free, allocate it. */ | |
1322 | *b |= tb; | |
1323 | flush_dcache_page(page); | |
1324 | set_page_dirty(page); | |
1325 | up_write(&vol->lcnbmp_lock); | |
1326 | ntfs_unmap_page(page); | |
1327 | /* Update the mft bitmap runlist. */ | |
1328 | rl->length++; | |
1329 | rl[1].vcn++; | |
1330 | status.added_cluster = 1; | |
1331 | ntfs_debug("Appending one cluster to mft bitmap."); | |
1332 | } else { | |
1333 | up_write(&vol->lcnbmp_lock); | |
1334 | ntfs_unmap_page(page); | |
1335 | /* Allocate a cluster from the DATA_ZONE. */ | |
1336 | rl2 = ntfs_cluster_alloc(vol, rl[1].vcn, 1, lcn, DATA_ZONE); | |
1337 | if (IS_ERR(rl2)) { | |
1338 | up_write(&mftbmp_ni->runlist.lock); | |
1339 | ntfs_error(vol->sb, "Failed to allocate a cluster for " | |
1340 | "the mft bitmap."); | |
1341 | return PTR_ERR(rl2); | |
1342 | } | |
1343 | rl = ntfs_runlists_merge(mftbmp_ni->runlist.rl, rl2); | |
1344 | if (IS_ERR(rl)) { | |
1345 | up_write(&mftbmp_ni->runlist.lock); | |
1346 | ntfs_error(vol->sb, "Failed to merge runlists for mft " | |
1347 | "bitmap."); | |
1348 | if (ntfs_cluster_free_from_rl(vol, rl2)) { | |
1349 | ntfs_error(vol->sb, "Failed to dealocate " | |
1350 | "allocated cluster.%s", es); | |
1351 | NVolSetErrors(vol); | |
1352 | } | |
1353 | ntfs_free(rl2); | |
1354 | return PTR_ERR(rl); | |
1355 | } | |
1356 | mftbmp_ni->runlist.rl = rl; | |
1357 | status.added_run = 1; | |
1358 | ntfs_debug("Adding one run to mft bitmap."); | |
1359 | /* Find the last run in the new runlist. */ | |
1360 | for (; rl[1].length; rl++) | |
1361 | ; | |
1362 | } | |
1363 | /* | |
1364 | * Update the attribute record as well. Note: @rl is the last | |
1365 | * (non-terminator) runlist element of mft bitmap. | |
1366 | */ | |
1367 | mrec = map_mft_record(mft_ni); | |
1368 | if (IS_ERR(mrec)) { | |
1369 | ntfs_error(vol->sb, "Failed to map mft record."); | |
1370 | ret = PTR_ERR(mrec); | |
1371 | goto undo_alloc; | |
1372 | } | |
1373 | ctx = ntfs_attr_get_search_ctx(mft_ni, mrec); | |
1374 | if (unlikely(!ctx)) { | |
1375 | ntfs_error(vol->sb, "Failed to get search context."); | |
1376 | ret = -ENOMEM; | |
1377 | goto undo_alloc; | |
1378 | } | |
1379 | ret = ntfs_attr_lookup(mftbmp_ni->type, mftbmp_ni->name, | |
1380 | mftbmp_ni->name_len, CASE_SENSITIVE, rl[1].vcn, NULL, | |
1381 | 0, ctx); | |
1382 | if (unlikely(ret)) { | |
1383 | ntfs_error(vol->sb, "Failed to find last attribute extent of " | |
1384 | "mft bitmap attribute."); | |
1385 | if (ret == -ENOENT) | |
1386 | ret = -EIO; | |
1387 | goto undo_alloc; | |
1388 | } | |
1389 | a = ctx->attr; | |
1390 | ll = sle64_to_cpu(a->data.non_resident.lowest_vcn); | |
1391 | /* Search back for the previous last allocated cluster of mft bitmap. */ | |
1392 | for (rl2 = rl; rl2 > mftbmp_ni->runlist.rl; rl2--) { | |
1393 | if (ll >= rl2->vcn) | |
1394 | break; | |
1395 | } | |
1396 | BUG_ON(ll < rl2->vcn); | |
1397 | BUG_ON(ll >= rl2->vcn + rl2->length); | |
1398 | /* Get the size for the new mapping pairs array for this extent. */ | |
1399 | mp_size = ntfs_get_size_for_mapping_pairs(vol, rl2, ll); | |
1400 | if (unlikely(mp_size <= 0)) { | |
1401 | ntfs_error(vol->sb, "Get size for mapping pairs failed for " | |
1402 | "mft bitmap attribute extent."); | |
1403 | ret = mp_size; | |
1404 | if (!ret) | |
1405 | ret = -EIO; | |
1406 | goto undo_alloc; | |
1407 | } | |
1408 | /* Expand the attribute record if necessary. */ | |
1409 | old_alen = le32_to_cpu(a->length); | |
1410 | ret = ntfs_attr_record_resize(ctx->mrec, a, mp_size + | |
1411 | le16_to_cpu(a->data.non_resident.mapping_pairs_offset)); | |
1412 | if (unlikely(ret)) { | |
1413 | if (ret != -ENOSPC) { | |
1414 | ntfs_error(vol->sb, "Failed to resize attribute " | |
1415 | "record for mft bitmap attribute."); | |
1416 | goto undo_alloc; | |
1417 | } | |
1418 | // TODO: Deal with this by moving this extent to a new mft | |
1419 | // record or by starting a new extent in a new mft record or by | |
1420 | // moving other attributes out of this mft record. | |
1421 | ntfs_error(vol->sb, "Not enough space in this mft record to " | |
1422 | "accomodate extended mft bitmap attribute " | |
1423 | "extent. Cannot handle this yet."); | |
1424 | ret = -EOPNOTSUPP; | |
1425 | goto undo_alloc; | |
1426 | } | |
1427 | status.mp_rebuilt = 1; | |
1428 | /* Generate the mapping pairs array directly into the attr record. */ | |
1429 | ret = ntfs_mapping_pairs_build(vol, (u8*)a + | |
1430 | le16_to_cpu(a->data.non_resident.mapping_pairs_offset), | |
1431 | mp_size, rl2, ll, NULL); | |
1432 | if (unlikely(ret)) { | |
1433 | ntfs_error(vol->sb, "Failed to build mapping pairs array for " | |
1434 | "mft bitmap attribute."); | |
1435 | goto undo_alloc; | |
1436 | } | |
1437 | /* Update the highest_vcn. */ | |
1438 | a->data.non_resident.highest_vcn = cpu_to_sle64(rl[1].vcn - 1); | |
1439 | /* | |
1440 | * We now have extended the mft bitmap allocated_size by one cluster. | |
1441 | * Reflect this in the ntfs_inode structure and the attribute record. | |
1442 | */ | |
1443 | if (a->data.non_resident.lowest_vcn) { | |
1444 | /* | |
1445 | * We are not in the first attribute extent, switch to it, but | |
1446 | * first ensure the changes will make it to disk later. | |
1447 | */ | |
1448 | flush_dcache_mft_record_page(ctx->ntfs_ino); | |
1449 | mark_mft_record_dirty(ctx->ntfs_ino); | |
1450 | ntfs_attr_reinit_search_ctx(ctx); | |
1451 | ret = ntfs_attr_lookup(mftbmp_ni->type, mftbmp_ni->name, | |
1452 | mftbmp_ni->name_len, CASE_SENSITIVE, 0, NULL, | |
1453 | 0, ctx); | |
1454 | if (unlikely(ret)) { | |
1455 | ntfs_error(vol->sb, "Failed to find first attribute " | |
1456 | "extent of mft bitmap attribute."); | |
1457 | goto restore_undo_alloc; | |
1458 | } | |
1459 | a = ctx->attr; | |
1460 | } | |
1461 | mftbmp_ni->allocated_size += vol->cluster_size; | |
1462 | a->data.non_resident.allocated_size = | |
1463 | cpu_to_sle64(mftbmp_ni->allocated_size); | |
1464 | /* Ensure the changes make it to disk. */ | |
1465 | flush_dcache_mft_record_page(ctx->ntfs_ino); | |
1466 | mark_mft_record_dirty(ctx->ntfs_ino); | |
1467 | ntfs_attr_put_search_ctx(ctx); | |
1468 | unmap_mft_record(mft_ni); | |
1469 | up_write(&mftbmp_ni->runlist.lock); | |
1470 | ntfs_debug("Done."); | |
1471 | return 0; | |
1472 | restore_undo_alloc: | |
1473 | ntfs_attr_reinit_search_ctx(ctx); | |
1474 | if (ntfs_attr_lookup(mftbmp_ni->type, mftbmp_ni->name, | |
1475 | mftbmp_ni->name_len, CASE_SENSITIVE, rl[1].vcn, NULL, | |
1476 | 0, ctx)) { | |
1477 | ntfs_error(vol->sb, "Failed to find last attribute extent of " | |
1478 | "mft bitmap attribute.%s", es); | |
1479 | mftbmp_ni->allocated_size += vol->cluster_size; | |
1480 | ntfs_attr_put_search_ctx(ctx); | |
1481 | unmap_mft_record(mft_ni); | |
1482 | up_write(&mftbmp_ni->runlist.lock); | |
1483 | /* | |
1484 | * The only thing that is now wrong is ->allocated_size of the | |
1485 | * base attribute extent which chkdsk should be able to fix. | |
1486 | */ | |
1487 | NVolSetErrors(vol); | |
1488 | return ret; | |
1489 | } | |
1490 | a = ctx->attr; | |
1491 | a->data.non_resident.highest_vcn = cpu_to_sle64(rl[1].vcn - 2); | |
1492 | undo_alloc: | |
1493 | if (status.added_cluster) { | |
1494 | /* Truncate the last run in the runlist by one cluster. */ | |
1495 | rl->length--; | |
1496 | rl[1].vcn--; | |
1497 | } else if (status.added_run) { | |
1498 | lcn = rl->lcn; | |
1499 | /* Remove the last run from the runlist. */ | |
1500 | rl->lcn = rl[1].lcn; | |
1501 | rl->length = 0; | |
1502 | } | |
1503 | /* Deallocate the cluster. */ | |
1504 | down_write(&vol->lcnbmp_lock); | |
1505 | if (ntfs_bitmap_clear_bit(vol->lcnbmp_ino, lcn)) { | |
1506 | ntfs_error(vol->sb, "Failed to free allocated cluster.%s", es); | |
1507 | NVolSetErrors(vol); | |
1508 | } | |
1509 | up_write(&vol->lcnbmp_lock); | |
1510 | if (status.mp_rebuilt) { | |
1511 | if (ntfs_mapping_pairs_build(vol, (u8*)a + le16_to_cpu( | |
1512 | a->data.non_resident.mapping_pairs_offset), | |
1513 | old_alen - le16_to_cpu( | |
1514 | a->data.non_resident.mapping_pairs_offset), | |
1515 | rl2, ll, NULL)) { | |
1516 | ntfs_error(vol->sb, "Failed to restore mapping pairs " | |
1517 | "array.%s", es); | |
1518 | NVolSetErrors(vol); | |
1519 | } | |
1520 | if (ntfs_attr_record_resize(ctx->mrec, a, old_alen)) { | |
1521 | ntfs_error(vol->sb, "Failed to restore attribute " | |
1522 | "record.%s", es); | |
1523 | NVolSetErrors(vol); | |
1524 | } | |
1525 | flush_dcache_mft_record_page(ctx->ntfs_ino); | |
1526 | mark_mft_record_dirty(ctx->ntfs_ino); | |
1527 | } | |
1528 | if (ctx) | |
1529 | ntfs_attr_put_search_ctx(ctx); | |
1530 | if (!IS_ERR(mrec)) | |
1531 | unmap_mft_record(mft_ni); | |
1532 | up_write(&mftbmp_ni->runlist.lock); | |
1533 | return ret; | |
1534 | } | |
1535 | ||
1536 | /** | |
1537 | * ntfs_mft_bitmap_extend_initialized_nolock - extend mftbmp initialized data | |
1538 | * @vol: volume on which to extend the mft bitmap attribute | |
1539 | * | |
1540 | * Extend the initialized portion of the mft bitmap attribute on the ntfs | |
1541 | * volume @vol by 8 bytes. | |
1542 | * | |
1543 | * Note: Only changes initialized_size and data_size, i.e. requires that | |
1544 | * allocated_size is big enough to fit the new initialized_size. | |
1545 | * | |
1546 | * Return 0 on success and -error on error. | |
1547 | * | |
1548 | * Locking: Caller must hold vol->mftbmp_lock for writing. | |
1549 | */ | |
1550 | static int ntfs_mft_bitmap_extend_initialized_nolock(ntfs_volume *vol) | |
1551 | { | |
1552 | s64 old_data_size, old_initialized_size; | |
1553 | struct inode *mftbmp_vi; | |
1554 | ntfs_inode *mft_ni, *mftbmp_ni; | |
1555 | ntfs_attr_search_ctx *ctx; | |
1556 | MFT_RECORD *mrec; | |
1557 | ATTR_RECORD *a; | |
1558 | int ret; | |
1559 | ||
1560 | ntfs_debug("Extending mft bitmap initiailized (and data) size."); | |
1561 | mft_ni = NTFS_I(vol->mft_ino); | |
1562 | mftbmp_vi = vol->mftbmp_ino; | |
1563 | mftbmp_ni = NTFS_I(mftbmp_vi); | |
1564 | /* Get the attribute record. */ | |
1565 | mrec = map_mft_record(mft_ni); | |
1566 | if (IS_ERR(mrec)) { | |
1567 | ntfs_error(vol->sb, "Failed to map mft record."); | |
1568 | return PTR_ERR(mrec); | |
1569 | } | |
1570 | ctx = ntfs_attr_get_search_ctx(mft_ni, mrec); | |
1571 | if (unlikely(!ctx)) { | |
1572 | ntfs_error(vol->sb, "Failed to get search context."); | |
1573 | ret = -ENOMEM; | |
1574 | goto unm_err_out; | |
1575 | } | |
1576 | ret = ntfs_attr_lookup(mftbmp_ni->type, mftbmp_ni->name, | |
1577 | mftbmp_ni->name_len, CASE_SENSITIVE, 0, NULL, 0, ctx); | |
1578 | if (unlikely(ret)) { | |
1579 | ntfs_error(vol->sb, "Failed to find first attribute extent of " | |
1580 | "mft bitmap attribute."); | |
1581 | if (ret == -ENOENT) | |
1582 | ret = -EIO; | |
1583 | goto put_err_out; | |
1584 | } | |
1585 | a = ctx->attr; | |
1586 | old_data_size = mftbmp_vi->i_size; | |
1587 | old_initialized_size = mftbmp_ni->initialized_size; | |
1588 | /* | |
1589 | * We can simply update the initialized_size before filling the space | |
1590 | * with zeroes because the caller is holding the mft bitmap lock for | |
1591 | * writing which ensures that no one else is trying to access the data. | |
1592 | */ | |
1593 | mftbmp_ni->initialized_size += 8; | |
1594 | a->data.non_resident.initialized_size = | |
1595 | cpu_to_sle64(mftbmp_ni->initialized_size); | |
1596 | if (mftbmp_ni->initialized_size > mftbmp_vi->i_size) { | |
1597 | mftbmp_vi->i_size = mftbmp_ni->initialized_size; | |
1598 | a->data.non_resident.data_size = | |
1599 | cpu_to_sle64(mftbmp_vi->i_size); | |
1600 | } | |
1601 | /* Ensure the changes make it to disk. */ | |
1602 | flush_dcache_mft_record_page(ctx->ntfs_ino); | |
1603 | mark_mft_record_dirty(ctx->ntfs_ino); | |
1604 | ntfs_attr_put_search_ctx(ctx); | |
1605 | unmap_mft_record(mft_ni); | |
1606 | /* Initialize the mft bitmap attribute value with zeroes. */ | |
1607 | ret = ntfs_attr_set(mftbmp_ni, old_initialized_size, 8, 0); | |
1608 | if (likely(!ret)) { | |
1609 | ntfs_debug("Done. (Wrote eight initialized bytes to mft " | |
1610 | "bitmap."); | |
1611 | return 0; | |
1612 | } | |
1613 | ntfs_error(vol->sb, "Failed to write to mft bitmap."); | |
1614 | /* Try to recover from the error. */ | |
1615 | mrec = map_mft_record(mft_ni); | |
1616 | if (IS_ERR(mrec)) { | |
1617 | ntfs_error(vol->sb, "Failed to map mft record.%s", es); | |
1618 | NVolSetErrors(vol); | |
1619 | return ret; | |
1620 | } | |
1621 | ctx = ntfs_attr_get_search_ctx(mft_ni, mrec); | |
1622 | if (unlikely(!ctx)) { | |
1623 | ntfs_error(vol->sb, "Failed to get search context.%s", es); | |
1624 | NVolSetErrors(vol); | |
1625 | goto unm_err_out; | |
1626 | } | |
1627 | if (ntfs_attr_lookup(mftbmp_ni->type, mftbmp_ni->name, | |
1628 | mftbmp_ni->name_len, CASE_SENSITIVE, 0, NULL, 0, ctx)) { | |
1629 | ntfs_error(vol->sb, "Failed to find first attribute extent of " | |
1630 | "mft bitmap attribute.%s", es); | |
1631 | NVolSetErrors(vol); | |
1632 | put_err_out: | |
1633 | ntfs_attr_put_search_ctx(ctx); | |
1634 | unm_err_out: | |
1635 | unmap_mft_record(mft_ni); | |
1636 | goto err_out; | |
1637 | } | |
1638 | a = ctx->attr; | |
1639 | mftbmp_ni->initialized_size = old_initialized_size; | |
1640 | a->data.non_resident.initialized_size = | |
1641 | cpu_to_sle64(old_initialized_size); | |
1642 | if (mftbmp_vi->i_size != old_data_size) { | |
1643 | mftbmp_vi->i_size = old_data_size; | |
1644 | a->data.non_resident.data_size = cpu_to_sle64(old_data_size); | |
1645 | } | |
1646 | flush_dcache_mft_record_page(ctx->ntfs_ino); | |
1647 | mark_mft_record_dirty(ctx->ntfs_ino); | |
1648 | ntfs_attr_put_search_ctx(ctx); | |
1649 | unmap_mft_record(mft_ni); | |
1650 | ntfs_debug("Restored status of mftbmp: allocated_size 0x%llx, " | |
1651 | "data_size 0x%llx, initialized_size 0x%llx.", | |
1652 | (long long)mftbmp_ni->allocated_size, | |
1653 | (long long)mftbmp_vi->i_size, | |
1654 | (long long)mftbmp_ni->initialized_size); | |
1655 | err_out: | |
1656 | return ret; | |
1657 | } | |
1658 | ||
1659 | /** | |
1660 | * ntfs_mft_data_extend_allocation_nolock - extend mft data attribute | |
1661 | * @vol: volume on which to extend the mft data attribute | |
1662 | * | |
1663 | * Extend the mft data attribute on the ntfs volume @vol by 16 mft records | |
1664 | * worth of clusters or if not enough space for this by one mft record worth | |
1665 | * of clusters. | |
1666 | * | |
1667 | * Note: Only changes allocated_size, i.e. does not touch initialized_size or | |
1668 | * data_size. | |
1669 | * | |
1670 | * Return 0 on success and -errno on error. | |
1671 | * | |
1672 | * Locking: - Caller must hold vol->mftbmp_lock for writing. | |
1673 | * - This function takes NTFS_I(vol->mft_ino)->runlist.lock for | |
1674 | * writing and releases it before returning. | |
1675 | * - This function calls functions which take vol->lcnbmp_lock for | |
1676 | * writing and release it before returning. | |
1677 | */ | |
1678 | static int ntfs_mft_data_extend_allocation_nolock(ntfs_volume *vol) | |
1679 | { | |
1680 | LCN lcn; | |
1681 | VCN old_last_vcn; | |
1682 | s64 min_nr, nr, ll = 0; | |
1683 | ntfs_inode *mft_ni; | |
1684 | runlist_element *rl, *rl2; | |
1685 | ntfs_attr_search_ctx *ctx = NULL; | |
1686 | MFT_RECORD *mrec; | |
1687 | ATTR_RECORD *a = NULL; | |
1688 | int ret, mp_size; | |
1689 | u32 old_alen = 0; | |
1690 | BOOL mp_rebuilt = FALSE; | |
1691 | ||
1692 | ntfs_debug("Extending mft data allocation."); | |
1693 | mft_ni = NTFS_I(vol->mft_ino); | |
1694 | /* | |
1695 | * Determine the preferred allocation location, i.e. the last lcn of | |
1696 | * the mft data attribute. The allocated size of the mft data | |
1697 | * attribute cannot be zero so we are ok to do this. | |
1698 | * ntfs_find_vcn() returns the runlist locked on success. | |
1699 | */ | |
1700 | rl = ntfs_find_vcn(mft_ni, (mft_ni->allocated_size - 1) >> | |
1701 | vol->cluster_size_bits, TRUE); | |
1702 | if (unlikely(IS_ERR(rl) || !rl->length || rl->lcn < 0)) { | |
1703 | ntfs_error(vol->sb, "Failed to determine last allocated " | |
1704 | "cluster of mft data attribute."); | |
1705 | if (!IS_ERR(rl)) { | |
1706 | up_write(&mft_ni->runlist.lock); | |
1707 | ret = -EIO; | |
1708 | } else | |
1709 | ret = PTR_ERR(rl); | |
1710 | return ret; | |
1711 | } | |
1712 | lcn = rl->lcn + rl->length; | |
1713 | ntfs_debug("Last lcn of mft data attribute is 0x%llx.", | |
1714 | (long long)lcn); | |
1715 | /* Minimum allocation is one mft record worth of clusters. */ | |
1716 | min_nr = vol->mft_record_size >> vol->cluster_size_bits; | |
1717 | if (!min_nr) | |
1718 | min_nr = 1; | |
1719 | /* Want to allocate 16 mft records worth of clusters. */ | |
1720 | nr = vol->mft_record_size << 4 >> vol->cluster_size_bits; | |
1721 | if (!nr) | |
1722 | nr = min_nr; | |
1723 | /* Ensure we do not go above 2^32-1 mft records. */ | |
1724 | if (unlikely((mft_ni->allocated_size + | |
1725 | (nr << vol->cluster_size_bits)) >> | |
1726 | vol->mft_record_size_bits >= (1ll << 32))) { | |
1727 | nr = min_nr; | |
1728 | if (unlikely((mft_ni->allocated_size + | |
1729 | (nr << vol->cluster_size_bits)) >> | |
1730 | vol->mft_record_size_bits >= (1ll << 32))) { | |
1731 | ntfs_warning(vol->sb, "Cannot allocate mft record " | |
1732 | "because the maximum number of inodes " | |
1733 | "(2^32) has already been reached."); | |
1734 | up_write(&mft_ni->runlist.lock); | |
1735 | return -ENOSPC; | |
1736 | } | |
1737 | } | |
1738 | ntfs_debug("Trying mft data allocation with %s cluster count %lli.", | |
1739 | nr > min_nr ? "default" : "minimal", (long long)nr); | |
1740 | old_last_vcn = rl[1].vcn; | |
1741 | do { | |
1742 | rl2 = ntfs_cluster_alloc(vol, old_last_vcn, nr, lcn, MFT_ZONE); | |
1743 | if (likely(!IS_ERR(rl2))) | |
1744 | break; | |
1745 | if (PTR_ERR(rl2) != -ENOSPC || nr == min_nr) { | |
1746 | ntfs_error(vol->sb, "Failed to allocate the minimal " | |
1747 | "number of clusters (%lli) for the " | |
1748 | "mft data attribute.", (long long)nr); | |
1749 | up_write(&mft_ni->runlist.lock); | |
1750 | return PTR_ERR(rl2); | |
1751 | } | |
1752 | /* | |
1753 | * There is not enough space to do the allocation, but there | |
1754 | * might be enough space to do a minimal allocation so try that | |
1755 | * before failing. | |
1756 | */ | |
1757 | nr = min_nr; | |
1758 | ntfs_debug("Retrying mft data allocation with minimal cluster " | |
1759 | "count %lli.", (long long)nr); | |
1760 | } while (1); | |
1761 | rl = ntfs_runlists_merge(mft_ni->runlist.rl, rl2); | |
1762 | if (IS_ERR(rl)) { | |
1763 | up_write(&mft_ni->runlist.lock); | |
1764 | ntfs_error(vol->sb, "Failed to merge runlists for mft data " | |
1765 | "attribute."); | |
1766 | if (ntfs_cluster_free_from_rl(vol, rl2)) { | |
1767 | ntfs_error(vol->sb, "Failed to dealocate clusters " | |
1768 | "from the mft data attribute.%s", es); | |
1769 | NVolSetErrors(vol); | |
1770 | } | |
1771 | ntfs_free(rl2); | |
1772 | return PTR_ERR(rl); | |
1773 | } | |
1774 | mft_ni->runlist.rl = rl; | |
1775 | ntfs_debug("Allocated %lli clusters.", nr); | |
1776 | /* Find the last run in the new runlist. */ | |
1777 | for (; rl[1].length; rl++) | |
1778 | ; | |
1779 | /* Update the attribute record as well. */ | |
1780 | mrec = map_mft_record(mft_ni); | |
1781 | if (IS_ERR(mrec)) { | |
1782 | ntfs_error(vol->sb, "Failed to map mft record."); | |
1783 | ret = PTR_ERR(mrec); | |
1784 | goto undo_alloc; | |
1785 | } | |
1786 | ctx = ntfs_attr_get_search_ctx(mft_ni, mrec); | |
1787 | if (unlikely(!ctx)) { | |
1788 | ntfs_error(vol->sb, "Failed to get search context."); | |
1789 | ret = -ENOMEM; | |
1790 | goto undo_alloc; | |
1791 | } | |
1792 | ret = ntfs_attr_lookup(mft_ni->type, mft_ni->name, mft_ni->name_len, | |
1793 | CASE_SENSITIVE, rl[1].vcn, NULL, 0, ctx); | |
1794 | if (unlikely(ret)) { | |
1795 | ntfs_error(vol->sb, "Failed to find last attribute extent of " | |
1796 | "mft data attribute."); | |
1797 | if (ret == -ENOENT) | |
1798 | ret = -EIO; | |
1799 | goto undo_alloc; | |
1800 | } | |
1801 | a = ctx->attr; | |
1802 | ll = sle64_to_cpu(a->data.non_resident.lowest_vcn); | |
1803 | /* Search back for the previous last allocated cluster of mft bitmap. */ | |
1804 | for (rl2 = rl; rl2 > mft_ni->runlist.rl; rl2--) { | |
1805 | if (ll >= rl2->vcn) | |
1806 | break; | |
1807 | } | |
1808 | BUG_ON(ll < rl2->vcn); | |
1809 | BUG_ON(ll >= rl2->vcn + rl2->length); | |
1810 | /* Get the size for the new mapping pairs array for this extent. */ | |
1811 | mp_size = ntfs_get_size_for_mapping_pairs(vol, rl2, ll); | |
1812 | if (unlikely(mp_size <= 0)) { | |
1813 | ntfs_error(vol->sb, "Get size for mapping pairs failed for " | |
1814 | "mft data attribute extent."); | |
1815 | ret = mp_size; | |
1816 | if (!ret) | |
1817 | ret = -EIO; | |
1818 | goto undo_alloc; | |
1819 | } | |
1820 | /* Expand the attribute record if necessary. */ | |
1821 | old_alen = le32_to_cpu(a->length); | |
1822 | ret = ntfs_attr_record_resize(ctx->mrec, a, mp_size + | |
1823 | le16_to_cpu(a->data.non_resident.mapping_pairs_offset)); | |
1824 | if (unlikely(ret)) { | |
1825 | if (ret != -ENOSPC) { | |
1826 | ntfs_error(vol->sb, "Failed to resize attribute " | |
1827 | "record for mft data attribute."); | |
1828 | goto undo_alloc; | |
1829 | } | |
1830 | // TODO: Deal with this by moving this extent to a new mft | |
1831 | // record or by starting a new extent in a new mft record or by | |
1832 | // moving other attributes out of this mft record. | |
1833 | // Note: Use the special reserved mft records and ensure that | |
1834 | // this extent is not required to find the mft record in | |
1835 | // question. | |
1836 | ntfs_error(vol->sb, "Not enough space in this mft record to " | |
1837 | "accomodate extended mft data attribute " | |
1838 | "extent. Cannot handle this yet."); | |
1839 | ret = -EOPNOTSUPP; | |
1840 | goto undo_alloc; | |
1841 | } | |
1842 | mp_rebuilt = TRUE; | |
1843 | /* Generate the mapping pairs array directly into the attr record. */ | |
1844 | ret = ntfs_mapping_pairs_build(vol, (u8*)a + | |
1845 | le16_to_cpu(a->data.non_resident.mapping_pairs_offset), | |
1846 | mp_size, rl2, ll, NULL); | |
1847 | if (unlikely(ret)) { | |
1848 | ntfs_error(vol->sb, "Failed to build mapping pairs array of " | |
1849 | "mft data attribute."); | |
1850 | goto undo_alloc; | |
1851 | } | |
1852 | /* Update the highest_vcn. */ | |
1853 | a->data.non_resident.highest_vcn = cpu_to_sle64(rl[1].vcn - 1); | |
1854 | /* | |
1855 | * We now have extended the mft data allocated_size by nr clusters. | |
1856 | * Reflect this in the ntfs_inode structure and the attribute record. | |
1857 | * @rl is the last (non-terminator) runlist element of mft data | |
1858 | * attribute. | |
1859 | */ | |
1860 | if (a->data.non_resident.lowest_vcn) { | |
1861 | /* | |
1862 | * We are not in the first attribute extent, switch to it, but | |
1863 | * first ensure the changes will make it to disk later. | |
1864 | */ | |
1865 | flush_dcache_mft_record_page(ctx->ntfs_ino); | |
1866 | mark_mft_record_dirty(ctx->ntfs_ino); | |
1867 | ntfs_attr_reinit_search_ctx(ctx); | |
1868 | ret = ntfs_attr_lookup(mft_ni->type, mft_ni->name, | |
1869 | mft_ni->name_len, CASE_SENSITIVE, 0, NULL, 0, | |
1870 | ctx); | |
1871 | if (unlikely(ret)) { | |
1872 | ntfs_error(vol->sb, "Failed to find first attribute " | |
1873 | "extent of mft data attribute."); | |
1874 | goto restore_undo_alloc; | |
1875 | } | |
1876 | a = ctx->attr; | |
1877 | } | |
1878 | mft_ni->allocated_size += nr << vol->cluster_size_bits; | |
1879 | a->data.non_resident.allocated_size = | |
1880 | cpu_to_sle64(mft_ni->allocated_size); | |
1881 | /* Ensure the changes make it to disk. */ | |
1882 | flush_dcache_mft_record_page(ctx->ntfs_ino); | |
1883 | mark_mft_record_dirty(ctx->ntfs_ino); | |
1884 | ntfs_attr_put_search_ctx(ctx); | |
1885 | unmap_mft_record(mft_ni); | |
1886 | up_write(&mft_ni->runlist.lock); | |
1887 | ntfs_debug("Done."); | |
1888 | return 0; | |
1889 | restore_undo_alloc: | |
1890 | ntfs_attr_reinit_search_ctx(ctx); | |
1891 | if (ntfs_attr_lookup(mft_ni->type, mft_ni->name, mft_ni->name_len, | |
1892 | CASE_SENSITIVE, rl[1].vcn, NULL, 0, ctx)) { | |
1893 | ntfs_error(vol->sb, "Failed to find last attribute extent of " | |
1894 | "mft data attribute.%s", es); | |
1895 | mft_ni->allocated_size += nr << vol->cluster_size_bits; | |
1896 | ntfs_attr_put_search_ctx(ctx); | |
1897 | unmap_mft_record(mft_ni); | |
1898 | up_write(&mft_ni->runlist.lock); | |
1899 | /* | |
1900 | * The only thing that is now wrong is ->allocated_size of the | |
1901 | * base attribute extent which chkdsk should be able to fix. | |
1902 | */ | |
1903 | NVolSetErrors(vol); | |
1904 | return ret; | |
1905 | } | |
1906 | a = ctx->attr; | |
1907 | a->data.non_resident.highest_vcn = cpu_to_sle64(old_last_vcn - 1); | |
1908 | undo_alloc: | |
1909 | if (ntfs_cluster_free(vol->mft_ino, old_last_vcn, -1) < 0) { | |
1910 | ntfs_error(vol->sb, "Failed to free clusters from mft data " | |
1911 | "attribute.%s", es); | |
1912 | NVolSetErrors(vol); | |
1913 | } | |
1914 | if (ntfs_rl_truncate_nolock(vol, &mft_ni->runlist, old_last_vcn)) { | |
1915 | ntfs_error(vol->sb, "Failed to truncate mft data attribute " | |
1916 | "runlist.%s", es); | |
1917 | NVolSetErrors(vol); | |
1918 | } | |
1919 | if (mp_rebuilt) { | |
1920 | if (ntfs_mapping_pairs_build(vol, (u8*)a + le16_to_cpu( | |
1921 | a->data.non_resident.mapping_pairs_offset), | |
1922 | old_alen - le16_to_cpu( | |
1923 | a->data.non_resident.mapping_pairs_offset), | |
1924 | rl2, ll, NULL)) { | |
1925 | ntfs_error(vol->sb, "Failed to restore mapping pairs " | |
1926 | "array.%s", es); | |
1927 | NVolSetErrors(vol); | |
1928 | } | |
1929 | if (ntfs_attr_record_resize(ctx->mrec, a, old_alen)) { | |
1930 | ntfs_error(vol->sb, "Failed to restore attribute " | |
1931 | "record.%s", es); | |
1932 | NVolSetErrors(vol); | |
1933 | } | |
1934 | flush_dcache_mft_record_page(ctx->ntfs_ino); | |
1935 | mark_mft_record_dirty(ctx->ntfs_ino); | |
1936 | } | |
1937 | if (ctx) | |
1938 | ntfs_attr_put_search_ctx(ctx); | |
1939 | if (!IS_ERR(mrec)) | |
1940 | unmap_mft_record(mft_ni); | |
1941 | up_write(&mft_ni->runlist.lock); | |
1942 | return ret; | |
1943 | } | |
1944 | ||
1945 | /** | |
1946 | * ntfs_mft_record_layout - layout an mft record into a memory buffer | |
1947 | * @vol: volume to which the mft record will belong | |
1948 | * @mft_no: mft reference specifying the mft record number | |
1949 | * @m: destination buffer of size >= @vol->mft_record_size bytes | |
1950 | * | |
1951 | * Layout an empty, unused mft record with the mft record number @mft_no into | |
1952 | * the buffer @m. The volume @vol is needed because the mft record structure | |
1953 | * was modified in NTFS 3.1 so we need to know which volume version this mft | |
1954 | * record will be used on. | |
1955 | * | |
1956 | * Return 0 on success and -errno on error. | |
1957 | */ | |
1958 | static int ntfs_mft_record_layout(const ntfs_volume *vol, const s64 mft_no, | |
1959 | MFT_RECORD *m) | |
1960 | { | |
1961 | ATTR_RECORD *a; | |
1962 | ||
1963 | ntfs_debug("Entering for mft record 0x%llx.", (long long)mft_no); | |
1964 | if (mft_no >= (1ll << 32)) { | |
1965 | ntfs_error(vol->sb, "Mft record number 0x%llx exceeds " | |
1966 | "maximum of 2^32.", (long long)mft_no); | |
1967 | return -ERANGE; | |
1968 | } | |
1969 | /* Start by clearing the whole mft record to gives us a clean slate. */ | |
1970 | memset(m, 0, vol->mft_record_size); | |
1971 | /* Aligned to 2-byte boundary. */ | |
1972 | if (vol->major_ver < 3 || (vol->major_ver == 3 && !vol->minor_ver)) | |
1973 | m->usa_ofs = cpu_to_le16((sizeof(MFT_RECORD_OLD) + 1) & ~1); | |
1974 | else { | |
1975 | m->usa_ofs = cpu_to_le16((sizeof(MFT_RECORD) + 1) & ~1); | |
1976 | /* | |
1977 | * Set the NTFS 3.1+ specific fields while we know that the | |
1978 | * volume version is 3.1+. | |
1979 | */ | |
1980 | m->reserved = 0; | |
1981 | m->mft_record_number = cpu_to_le32((u32)mft_no); | |
1982 | } | |
1983 | m->magic = magic_FILE; | |
1984 | if (vol->mft_record_size >= NTFS_BLOCK_SIZE) | |
1985 | m->usa_count = cpu_to_le16(vol->mft_record_size / | |
1986 | NTFS_BLOCK_SIZE + 1); | |
1987 | else { | |
1988 | m->usa_count = cpu_to_le16(1); | |
1989 | ntfs_warning(vol->sb, "Sector size is bigger than mft record " | |
1990 | "size. Setting usa_count to 1. If chkdsk " | |
1991 | "reports this as corruption, please email " | |
1992 | "linux-ntfs-dev@lists.sourceforge.net stating " | |
1993 | "that you saw this message and that the " | |
1994 | "modified file system created was corrupt. " | |
1995 | "Thank you."); | |
1996 | } | |
1997 | /* Set the update sequence number to 1. */ | |
1998 | *(le16*)((u8*)m + le16_to_cpu(m->usa_ofs)) = cpu_to_le16(1); | |
1999 | m->lsn = 0; | |
2000 | m->sequence_number = cpu_to_le16(1); | |
2001 | m->link_count = 0; | |
2002 | /* | |
2003 | * Place the attributes straight after the update sequence array, | |
2004 | * aligned to 8-byte boundary. | |
2005 | */ | |
2006 | m->attrs_offset = cpu_to_le16((le16_to_cpu(m->usa_ofs) + | |
2007 | (le16_to_cpu(m->usa_count) << 1) + 7) & ~7); | |
2008 | m->flags = 0; | |
2009 | /* | |
2010 | * Using attrs_offset plus eight bytes (for the termination attribute). | |
2011 | * attrs_offset is already aligned to 8-byte boundary, so no need to | |
2012 | * align again. | |
2013 | */ | |
2014 | m->bytes_in_use = cpu_to_le32(le16_to_cpu(m->attrs_offset) + 8); | |
2015 | m->bytes_allocated = cpu_to_le32(vol->mft_record_size); | |
2016 | m->base_mft_record = 0; | |
2017 | m->next_attr_instance = 0; | |
2018 | /* Add the termination attribute. */ | |
2019 | a = (ATTR_RECORD*)((u8*)m + le16_to_cpu(m->attrs_offset)); | |
2020 | a->type = AT_END; | |
2021 | a->length = 0; | |
2022 | ntfs_debug("Done."); | |
2023 | return 0; | |
2024 | } | |
2025 | ||
2026 | /** | |
2027 | * ntfs_mft_record_format - format an mft record on an ntfs volume | |
2028 | * @vol: volume on which to format the mft record | |
2029 | * @mft_no: mft record number to format | |
2030 | * | |
2031 | * Format the mft record @mft_no in $MFT/$DATA, i.e. lay out an empty, unused | |
2032 | * mft record into the appropriate place of the mft data attribute. This is | |
2033 | * used when extending the mft data attribute. | |
2034 | * | |
2035 | * Return 0 on success and -errno on error. | |
2036 | */ | |
2037 | static int ntfs_mft_record_format(const ntfs_volume *vol, const s64 mft_no) | |
2038 | { | |
2039 | struct inode *mft_vi = vol->mft_ino; | |
2040 | struct page *page; | |
2041 | MFT_RECORD *m; | |
2042 | pgoff_t index, end_index; | |
2043 | unsigned int ofs; | |
2044 | int err; | |
2045 | ||
2046 | ntfs_debug("Entering for mft record 0x%llx.", (long long)mft_no); | |
2047 | /* | |
2048 | * The index into the page cache and the offset within the page cache | |
2049 | * page of the wanted mft record. | |
2050 | */ | |
2051 | index = mft_no << vol->mft_record_size_bits >> PAGE_CACHE_SHIFT; | |
2052 | ofs = (mft_no << vol->mft_record_size_bits) & ~PAGE_CACHE_MASK; | |
2053 | /* The maximum valid index into the page cache for $MFT's data. */ | |
2054 | end_index = mft_vi->i_size >> PAGE_CACHE_SHIFT; | |
2055 | if (unlikely(index >= end_index)) { | |
2056 | if (unlikely(index > end_index || ofs + vol->mft_record_size >= | |
2057 | (mft_vi->i_size & ~PAGE_CACHE_MASK))) { | |
2058 | ntfs_error(vol->sb, "Tried to format non-existing mft " | |
2059 | "record 0x%llx.", (long long)mft_no); | |
2060 | return -ENOENT; | |
2061 | } | |
2062 | } | |
2063 | /* Read, map, and pin the page containing the mft record. */ | |
2064 | page = ntfs_map_page(mft_vi->i_mapping, index); | |
2065 | if (unlikely(IS_ERR(page))) { | |
2066 | ntfs_error(vol->sb, "Failed to map page containing mft record " | |
2067 | "to format 0x%llx.", (long long)mft_no); | |
2068 | return PTR_ERR(page); | |
2069 | } | |
2070 | lock_page(page); | |
2071 | BUG_ON(!PageUptodate(page)); | |
2072 | ClearPageUptodate(page); | |
2073 | m = (MFT_RECORD*)((u8*)page_address(page) + ofs); | |
2074 | err = ntfs_mft_record_layout(vol, mft_no, m); | |
2075 | if (unlikely(err)) { | |
2076 | ntfs_error(vol->sb, "Failed to layout mft record 0x%llx.", | |
2077 | (long long)mft_no); | |
2078 | SetPageUptodate(page); | |
2079 | unlock_page(page); | |
2080 | ntfs_unmap_page(page); | |
2081 | return err; | |
2082 | } | |
2083 | flush_dcache_page(page); | |
2084 | SetPageUptodate(page); | |
2085 | unlock_page(page); | |
2086 | /* | |
2087 | * Make sure the mft record is written out to disk. We could use | |
2088 | * ilookup5() to check if an inode is in icache and so on but this is | |
2089 | * unnecessary as ntfs_writepage() will write the dirty record anyway. | |
2090 | */ | |
2091 | mark_ntfs_record_dirty(page, ofs); | |
2092 | ntfs_unmap_page(page); | |
2093 | ntfs_debug("Done."); | |
2094 | return 0; | |
2095 | } | |
2096 | ||
2097 | /** | |
2098 | * ntfs_mft_record_alloc - allocate an mft record on an ntfs volume | |
2099 | * @vol: [IN] volume on which to allocate the mft record | |
2100 | * @mode: [IN] mode if want a file or directory, i.e. base inode or 0 | |
2101 | * @base_ni: [IN] open base inode if allocating an extent mft record or NULL | |
2102 | * @mrec: [OUT] on successful return this is the mapped mft record | |
2103 | * | |
2104 | * Allocate an mft record in $MFT/$DATA of an open ntfs volume @vol. | |
2105 | * | |
2106 | * If @base_ni is NULL make the mft record a base mft record, i.e. a file or | |
2107 | * direvctory inode, and allocate it at the default allocator position. In | |
2108 | * this case @mode is the file mode as given to us by the caller. We in | |
2109 | * particular use @mode to distinguish whether a file or a directory is being | |
2110 | * created (S_IFDIR(mode) and S_IFREG(mode), respectively). | |
2111 | * | |
2112 | * If @base_ni is not NULL make the allocated mft record an extent record, | |
2113 | * allocate it starting at the mft record after the base mft record and attach | |
2114 | * the allocated and opened ntfs inode to the base inode @base_ni. In this | |
2115 | * case @mode must be 0 as it is meaningless for extent inodes. | |
2116 | * | |
2117 | * You need to check the return value with IS_ERR(). If false, the function | |
2118 | * was successful and the return value is the now opened ntfs inode of the | |
2119 | * allocated mft record. *@mrec is then set to the allocated, mapped, pinned, | |
2120 | * and locked mft record. If IS_ERR() is true, the function failed and the | |
2121 | * error code is obtained from PTR_ERR(return value). *@mrec is undefined in | |
2122 | * this case. | |
2123 | * | |
2124 | * Allocation strategy: | |
2125 | * | |
2126 | * To find a free mft record, we scan the mft bitmap for a zero bit. To | |
2127 | * optimize this we start scanning at the place specified by @base_ni or if | |
2128 | * @base_ni is NULL we start where we last stopped and we perform wrap around | |
2129 | * when we reach the end. Note, we do not try to allocate mft records below | |
2130 | * number 24 because numbers 0 to 15 are the defined system files anyway and 16 | |
2131 | * to 24 are special in that they are used for storing extension mft records | |
2132 | * for the $DATA attribute of $MFT. This is required to avoid the possibility | |
2133 | * of creating a runlist with a circular dependency which once written to disk | |
2134 | * can never be read in again. Windows will only use records 16 to 24 for | |
2135 | * normal files if the volume is completely out of space. We never use them | |
2136 | * which means that when the volume is really out of space we cannot create any | |
2137 | * more files while Windows can still create up to 8 small files. We can start | |
2138 | * doing this at some later time, it does not matter much for now. | |
2139 | * | |
2140 | * When scanning the mft bitmap, we only search up to the last allocated mft | |
2141 | * record. If there are no free records left in the range 24 to number of | |
2142 | * allocated mft records, then we extend the $MFT/$DATA attribute in order to | |
2143 | * create free mft records. We extend the allocated size of $MFT/$DATA by 16 | |
2144 | * records at a time or one cluster, if cluster size is above 16kiB. If there | |
2145 | * is not sufficient space to do this, we try to extend by a single mft record | |
2146 | * or one cluster, if cluster size is above the mft record size. | |
2147 | * | |
2148 | * No matter how many mft records we allocate, we initialize only the first | |
2149 | * allocated mft record, incrementing mft data size and initialized size | |
2150 | * accordingly, open an ntfs_inode for it and return it to the caller, unless | |
2151 | * there are less than 24 mft records, in which case we allocate and initialize | |
2152 | * mft records until we reach record 24 which we consider as the first free mft | |
2153 | * record for use by normal files. | |
2154 | * | |
2155 | * If during any stage we overflow the initialized data in the mft bitmap, we | |
2156 | * extend the initialized size (and data size) by 8 bytes, allocating another | |
2157 | * cluster if required. The bitmap data size has to be at least equal to the | |
2158 | * number of mft records in the mft, but it can be bigger, in which case the | |
2159 | * superflous bits are padded with zeroes. | |
2160 | * | |
2161 | * Thus, when we return successfully (IS_ERR() is false), we will have: | |
2162 | * - initialized / extended the mft bitmap if necessary, | |
2163 | * - initialized / extended the mft data if necessary, | |
2164 | * - set the bit corresponding to the mft record being allocated in the | |
2165 | * mft bitmap, | |
2166 | * - opened an ntfs_inode for the allocated mft record, and we will have | |
2167 | * - returned the ntfs_inode as well as the allocated mapped, pinned, and | |
2168 | * locked mft record. | |
2169 | * | |
2170 | * On error, the volume will be left in a consistent state and no record will | |
2171 | * be allocated. If rolling back a partial operation fails, we may leave some | |
2172 | * inconsistent metadata in which case we set NVolErrors() so the volume is | |
2173 | * left dirty when unmounted. | |
2174 | * | |
2175 | * Note, this function cannot make use of most of the normal functions, like | |
2176 | * for example for attribute resizing, etc, because when the run list overflows | |
2177 | * the base mft record and an attribute list is used, it is very important that | |
2178 | * the extension mft records used to store the $DATA attribute of $MFT can be | |
2179 | * reached without having to read the information contained inside them, as | |
2180 | * this would make it impossible to find them in the first place after the | |
2181 | * volume is unmounted. $MFT/$BITMAP probably does not need to follow this | |
2182 | * rule because the bitmap is not essential for finding the mft records, but on | |
2183 | * the other hand, handling the bitmap in this special way would make life | |
2184 | * easier because otherwise there might be circular invocations of functions | |
2185 | * when reading the bitmap. | |
2186 | */ | |
2187 | ntfs_inode *ntfs_mft_record_alloc(ntfs_volume *vol, const int mode, | |
2188 | ntfs_inode *base_ni, MFT_RECORD **mrec) | |
2189 | { | |
2190 | s64 ll, bit, old_data_initialized, old_data_size; | |
2191 | struct inode *vi; | |
2192 | struct page *page; | |
2193 | ntfs_inode *mft_ni, *mftbmp_ni, *ni; | |
2194 | ntfs_attr_search_ctx *ctx; | |
2195 | MFT_RECORD *m; | |
2196 | ATTR_RECORD *a; | |
2197 | pgoff_t index; | |
2198 | unsigned int ofs; | |
2199 | int err; | |
2200 | le16 seq_no, usn; | |
2201 | BOOL record_formatted = FALSE; | |
2202 | ||
2203 | if (base_ni) { | |
2204 | ntfs_debug("Entering (allocating an extent mft record for " | |
2205 | "base mft record 0x%llx).", | |
2206 | (long long)base_ni->mft_no); | |
2207 | /* @mode and @base_ni are mutually exclusive. */ | |
2208 | BUG_ON(mode); | |
2209 | } else | |
2210 | ntfs_debug("Entering (allocating a base mft record)."); | |
2211 | if (mode) { | |
2212 | /* @mode and @base_ni are mutually exclusive. */ | |
2213 | BUG_ON(base_ni); | |
2214 | /* We only support creation of normal files and directories. */ | |
2215 | if (!S_ISREG(mode) && !S_ISDIR(mode)) | |
2216 | return ERR_PTR(-EOPNOTSUPP); | |
2217 | } | |
2218 | BUG_ON(!mrec); | |
2219 | mft_ni = NTFS_I(vol->mft_ino); | |
2220 | mftbmp_ni = NTFS_I(vol->mftbmp_ino); | |
2221 | down_write(&vol->mftbmp_lock); | |
2222 | bit = ntfs_mft_bitmap_find_and_alloc_free_rec_nolock(vol, base_ni); | |
2223 | if (bit >= 0) { | |
2224 | ntfs_debug("Found and allocated free record (#1), bit 0x%llx.", | |
2225 | (long long)bit); | |
2226 | goto have_alloc_rec; | |
2227 | } | |
2228 | if (bit != -ENOSPC) { | |
2229 | up_write(&vol->mftbmp_lock); | |
2230 | return ERR_PTR(bit); | |
2231 | } | |
2232 | /* | |
2233 | * No free mft records left. If the mft bitmap already covers more | |
2234 | * than the currently used mft records, the next records are all free, | |
2235 | * so we can simply allocate the first unused mft record. | |
2236 | * Note: We also have to make sure that the mft bitmap at least covers | |
2237 | * the first 24 mft records as they are special and whilst they may not | |
2238 | * be in use, we do not allocate from them. | |
2239 | */ | |
2240 | ll = mft_ni->initialized_size >> vol->mft_record_size_bits; | |
2241 | if (mftbmp_ni->initialized_size << 3 > ll && | |
2242 | mftbmp_ni->initialized_size > 3) { | |
2243 | bit = ll; | |
2244 | if (bit < 24) | |
2245 | bit = 24; | |
2246 | if (unlikely(bit >= (1ll << 32))) | |
2247 | goto max_err_out; | |
2248 | ntfs_debug("Found free record (#2), bit 0x%llx.", | |
2249 | (long long)bit); | |
2250 | goto found_free_rec; | |
2251 | } | |
2252 | /* | |
2253 | * The mft bitmap needs to be expanded until it covers the first unused | |
2254 | * mft record that we can allocate. | |
2255 | * Note: The smallest mft record we allocate is mft record 24. | |
2256 | */ | |
2257 | bit = mftbmp_ni->initialized_size << 3; | |
2258 | if (unlikely(bit >= (1ll << 32))) | |
2259 | goto max_err_out; | |
2260 | ntfs_debug("Status of mftbmp before extension: allocated_size 0x%llx, " | |
2261 | "data_size 0x%llx, initialized_size 0x%llx.", | |
2262 | (long long)mftbmp_ni->allocated_size, | |
2263 | (long long)vol->mftbmp_ino->i_size, | |
2264 | (long long)mftbmp_ni->initialized_size); | |
2265 | if (mftbmp_ni->initialized_size + 8 > mftbmp_ni->allocated_size) { | |
2266 | /* Need to extend bitmap by one more cluster. */ | |
2267 | ntfs_debug("mftbmp: initialized_size + 8 > allocated_size."); | |
2268 | err = ntfs_mft_bitmap_extend_allocation_nolock(vol); | |
2269 | if (unlikely(err)) { | |
2270 | up_write(&vol->mftbmp_lock); | |
2271 | goto err_out; | |
2272 | } | |
2273 | ntfs_debug("Status of mftbmp after allocation extension: " | |
2274 | "allocated_size 0x%llx, data_size 0x%llx, " | |
2275 | "initialized_size 0x%llx.", | |
2276 | (long long)mftbmp_ni->allocated_size, | |
2277 | (long long)vol->mftbmp_ino->i_size, | |
2278 | (long long)mftbmp_ni->initialized_size); | |
2279 | } | |
2280 | /* | |
2281 | * We now have sufficient allocated space, extend the initialized_size | |
2282 | * as well as the data_size if necessary and fill the new space with | |
2283 | * zeroes. | |
2284 | */ | |
2285 | err = ntfs_mft_bitmap_extend_initialized_nolock(vol); | |
2286 | if (unlikely(err)) { | |
2287 | up_write(&vol->mftbmp_lock); | |
2288 | goto err_out; | |
2289 | } | |
2290 | ntfs_debug("Status of mftbmp after initialized extention: " | |
2291 | "allocated_size 0x%llx, data_size 0x%llx, " | |
2292 | "initialized_size 0x%llx.", | |
2293 | (long long)mftbmp_ni->allocated_size, | |
2294 | (long long)vol->mftbmp_ino->i_size, | |
2295 | (long long)mftbmp_ni->initialized_size); | |
2296 | ntfs_debug("Found free record (#3), bit 0x%llx.", (long long)bit); | |
2297 | found_free_rec: | |
2298 | /* @bit is the found free mft record, allocate it in the mft bitmap. */ | |
2299 | ntfs_debug("At found_free_rec."); | |
2300 | err = ntfs_bitmap_set_bit(vol->mftbmp_ino, bit); | |
2301 | if (unlikely(err)) { | |
2302 | ntfs_error(vol->sb, "Failed to allocate bit in mft bitmap."); | |
2303 | up_write(&vol->mftbmp_lock); | |
2304 | goto err_out; | |
2305 | } | |
2306 | ntfs_debug("Set bit 0x%llx in mft bitmap.", (long long)bit); | |
2307 | have_alloc_rec: | |
2308 | /* | |
2309 | * The mft bitmap is now uptodate. Deal with mft data attribute now. | |
2310 | * Note, we keep hold of the mft bitmap lock for writing until all | |
2311 | * modifications to the mft data attribute are complete, too, as they | |
2312 | * will impact decisions for mft bitmap and mft record allocation done | |
2313 | * by a parallel allocation and if the lock is not maintained a | |
2314 | * parallel allocation could allocate the same mft record as this one. | |
2315 | */ | |
2316 | ll = (bit + 1) << vol->mft_record_size_bits; | |
2317 | if (ll <= mft_ni->initialized_size) { | |
2318 | ntfs_debug("Allocated mft record already initialized."); | |
2319 | goto mft_rec_already_initialized; | |
2320 | } | |
2321 | ntfs_debug("Initializing allocated mft record."); | |
2322 | /* | |
2323 | * The mft record is outside the initialized data. Extend the mft data | |
2324 | * attribute until it covers the allocated record. The loop is only | |
2325 | * actually traversed more than once when a freshly formatted volume is | |
2326 | * first written to so it optimizes away nicely in the common case. | |
2327 | */ | |
2328 | ntfs_debug("Status of mft data before extension: " | |
2329 | "allocated_size 0x%llx, data_size 0x%llx, " | |
2330 | "initialized_size 0x%llx.", | |
2331 | (long long)mft_ni->allocated_size, | |
2332 | (long long)vol->mft_ino->i_size, | |
2333 | (long long)mft_ni->initialized_size); | |
2334 | while (ll > mft_ni->allocated_size) { | |
2335 | err = ntfs_mft_data_extend_allocation_nolock(vol); | |
2336 | if (unlikely(err)) { | |
2337 | ntfs_error(vol->sb, "Failed to extend mft data " | |
2338 | "allocation."); | |
2339 | goto undo_mftbmp_alloc_nolock; | |
2340 | } | |
2341 | ntfs_debug("Status of mft data after allocation extension: " | |
2342 | "allocated_size 0x%llx, data_size 0x%llx, " | |
2343 | "initialized_size 0x%llx.", | |
2344 | (long long)mft_ni->allocated_size, | |
2345 | (long long)vol->mft_ino->i_size, | |
2346 | (long long)mft_ni->initialized_size); | |
2347 | } | |
2348 | /* | |
2349 | * Extend mft data initialized size (and data size of course) to reach | |
2350 | * the allocated mft record, formatting the mft records allong the way. | |
2351 | * Note: We only modify the ntfs_inode structure as that is all that is | |
2352 | * needed by ntfs_mft_record_format(). We will update the attribute | |
2353 | * record itself in one fell swoop later on. | |
2354 | */ | |
2355 | old_data_initialized = mft_ni->initialized_size; | |
2356 | old_data_size = vol->mft_ino->i_size; | |
2357 | while (ll > mft_ni->initialized_size) { | |
2358 | s64 new_initialized_size, mft_no; | |
2359 | ||
2360 | new_initialized_size = mft_ni->initialized_size + | |
2361 | vol->mft_record_size; | |
2362 | mft_no = mft_ni->initialized_size >> vol->mft_record_size_bits; | |
2363 | if (new_initialized_size > vol->mft_ino->i_size) | |
2364 | vol->mft_ino->i_size = new_initialized_size; | |
2365 | ntfs_debug("Initializing mft record 0x%llx.", | |
2366 | (long long)mft_no); | |
2367 | err = ntfs_mft_record_format(vol, mft_no); | |
2368 | if (unlikely(err)) { | |
2369 | ntfs_error(vol->sb, "Failed to format mft record."); | |
2370 | goto undo_data_init; | |
2371 | } | |
2372 | mft_ni->initialized_size = new_initialized_size; | |
2373 | } | |
2374 | record_formatted = TRUE; | |
2375 | /* Update the mft data attribute record to reflect the new sizes. */ | |
2376 | m = map_mft_record(mft_ni); | |
2377 | if (IS_ERR(m)) { | |
2378 | ntfs_error(vol->sb, "Failed to map mft record."); | |
2379 | err = PTR_ERR(m); | |
2380 | goto undo_data_init; | |
2381 | } | |
2382 | ctx = ntfs_attr_get_search_ctx(mft_ni, m); | |
2383 | if (unlikely(!ctx)) { | |
2384 | ntfs_error(vol->sb, "Failed to get search context."); | |
2385 | err = -ENOMEM; | |
2386 | unmap_mft_record(mft_ni); | |
2387 | goto undo_data_init; | |
2388 | } | |
2389 | err = ntfs_attr_lookup(mft_ni->type, mft_ni->name, mft_ni->name_len, | |
2390 | CASE_SENSITIVE, 0, NULL, 0, ctx); | |
2391 | if (unlikely(err)) { | |
2392 | ntfs_error(vol->sb, "Failed to find first attribute extent of " | |
2393 | "mft data attribute."); | |
2394 | ntfs_attr_put_search_ctx(ctx); | |
2395 | unmap_mft_record(mft_ni); | |
2396 | goto undo_data_init; | |
2397 | } | |
2398 | a = ctx->attr; | |
2399 | a->data.non_resident.initialized_size = | |
2400 | cpu_to_sle64(mft_ni->initialized_size); | |
2401 | a->data.non_resident.data_size = cpu_to_sle64(vol->mft_ino->i_size); | |
2402 | /* Ensure the changes make it to disk. */ | |
2403 | flush_dcache_mft_record_page(ctx->ntfs_ino); | |
2404 | mark_mft_record_dirty(ctx->ntfs_ino); | |
2405 | ntfs_attr_put_search_ctx(ctx); | |
2406 | unmap_mft_record(mft_ni); | |
2407 | ntfs_debug("Status of mft data after mft record initialization: " | |
2408 | "allocated_size 0x%llx, data_size 0x%llx, " | |
2409 | "initialized_size 0x%llx.", | |
2410 | (long long)mft_ni->allocated_size, | |
2411 | (long long)vol->mft_ino->i_size, | |
2412 | (long long)mft_ni->initialized_size); | |
2413 | BUG_ON(vol->mft_ino->i_size > mft_ni->allocated_size); | |
2414 | BUG_ON(mft_ni->initialized_size > vol->mft_ino->i_size); | |
2415 | mft_rec_already_initialized: | |
2416 | /* | |
2417 | * We can finally drop the mft bitmap lock as the mft data attribute | |
2418 | * has been fully updated. The only disparity left is that the | |
2419 | * allocated mft record still needs to be marked as in use to match the | |
2420 | * set bit in the mft bitmap but this is actually not a problem since | |
2421 | * this mft record is not referenced from anywhere yet and the fact | |
2422 | * that it is allocated in the mft bitmap means that no-one will try to | |
2423 | * allocate it either. | |
2424 | */ | |
2425 | up_write(&vol->mftbmp_lock); | |
2426 | /* | |
2427 | * We now have allocated and initialized the mft record. Calculate the | |
2428 | * index of and the offset within the page cache page the record is in. | |
2429 | */ | |
2430 | index = bit << vol->mft_record_size_bits >> PAGE_CACHE_SHIFT; | |
2431 | ofs = (bit << vol->mft_record_size_bits) & ~PAGE_CACHE_MASK; | |
2432 | /* Read, map, and pin the page containing the mft record. */ | |
2433 | page = ntfs_map_page(vol->mft_ino->i_mapping, index); | |
2434 | if (unlikely(IS_ERR(page))) { | |
2435 | ntfs_error(vol->sb, "Failed to map page containing allocated " | |
2436 | "mft record 0x%llx.", (long long)bit); | |
2437 | err = PTR_ERR(page); | |
2438 | goto undo_mftbmp_alloc; | |
2439 | } | |
2440 | lock_page(page); | |
2441 | BUG_ON(!PageUptodate(page)); | |
2442 | ClearPageUptodate(page); | |
2443 | m = (MFT_RECORD*)((u8*)page_address(page) + ofs); | |
2444 | /* If we just formatted the mft record no need to do it again. */ | |
2445 | if (!record_formatted) { | |
2446 | /* Sanity check that the mft record is really not in use. */ | |
2447 | if (ntfs_is_file_record(m->magic) && | |
2448 | (m->flags & MFT_RECORD_IN_USE)) { | |
2449 | ntfs_error(vol->sb, "Mft record 0x%llx was marked " | |
2450 | "free in mft bitmap but is marked " | |
2451 | "used itself. Corrupt filesystem. " | |
2452 | "Unmount and run chkdsk.", | |
2453 | (long long)bit); | |
2454 | err = -EIO; | |
2455 | SetPageUptodate(page); | |
2456 | unlock_page(page); | |
2457 | ntfs_unmap_page(page); | |
2458 | NVolSetErrors(vol); | |
2459 | goto undo_mftbmp_alloc; | |
2460 | } | |
2461 | /* | |
2462 | * We need to (re-)format the mft record, preserving the | |
2463 | * sequence number if it is not zero as well as the update | |
2464 | * sequence number if it is not zero or -1 (0xffff). This | |
2465 | * means we do not need to care whether or not something went | |
2466 | * wrong with the previous mft record. | |
2467 | */ | |
2468 | seq_no = m->sequence_number; | |
2469 | usn = *(le16*)((u8*)m + le16_to_cpu(m->usa_ofs)); | |
2470 | err = ntfs_mft_record_layout(vol, bit, m); | |
2471 | if (unlikely(err)) { | |
2472 | ntfs_error(vol->sb, "Failed to layout allocated mft " | |
2473 | "record 0x%llx.", (long long)bit); | |
2474 | SetPageUptodate(page); | |
2475 | unlock_page(page); | |
2476 | ntfs_unmap_page(page); | |
2477 | goto undo_mftbmp_alloc; | |
2478 | } | |
2479 | if (seq_no) | |
2480 | m->sequence_number = seq_no; | |
2481 | if (usn && le16_to_cpu(usn) != 0xffff) | |
2482 | *(le16*)((u8*)m + le16_to_cpu(m->usa_ofs)) = usn; | |
2483 | } | |
2484 | /* Set the mft record itself in use. */ | |
2485 | m->flags |= MFT_RECORD_IN_USE; | |
2486 | if (S_ISDIR(mode)) | |
2487 | m->flags |= MFT_RECORD_IS_DIRECTORY; | |
2488 | flush_dcache_page(page); | |
2489 | SetPageUptodate(page); | |
2490 | if (base_ni) { | |
2491 | /* | |
2492 | * Setup the base mft record in the extent mft record. This | |
2493 | * completes initialization of the allocated extent mft record | |
2494 | * and we can simply use it with map_extent_mft_record(). | |
2495 | */ | |
2496 | m->base_mft_record = MK_LE_MREF(base_ni->mft_no, | |
2497 | base_ni->seq_no); | |
2498 | /* | |
2499 | * Allocate an extent inode structure for the new mft record, | |
2500 | * attach it to the base inode @base_ni and map, pin, and lock | |
2501 | * its, i.e. the allocated, mft record. | |
2502 | */ | |
2503 | m = map_extent_mft_record(base_ni, bit, &ni); | |
2504 | if (IS_ERR(m)) { | |
2505 | ntfs_error(vol->sb, "Failed to map allocated extent " | |
2506 | "mft record 0x%llx.", (long long)bit); | |
2507 | err = PTR_ERR(m); | |
2508 | /* Set the mft record itself not in use. */ | |
2509 | m->flags &= cpu_to_le16( | |
2510 | ~le16_to_cpu(MFT_RECORD_IN_USE)); | |
2511 | flush_dcache_page(page); | |
2512 | /* Make sure the mft record is written out to disk. */ | |
2513 | mark_ntfs_record_dirty(page, ofs); | |
2514 | unlock_page(page); | |
2515 | ntfs_unmap_page(page); | |
2516 | goto undo_mftbmp_alloc; | |
2517 | } | |
2518 | /* | |
2519 | * Make sure the allocated mft record is written out to disk. | |
2520 | * No need to set the inode dirty because the caller is going | |
2521 | * to do that anyway after finishing with the new extent mft | |
2522 | * record (e.g. at a minimum a new attribute will be added to | |
2523 | * the mft record. | |
2524 | */ | |
2525 | mark_ntfs_record_dirty(page, ofs); | |
2526 | unlock_page(page); | |
2527 | /* | |
2528 | * Need to unmap the page since map_extent_mft_record() mapped | |
2529 | * it as well so we have it mapped twice at the moment. | |
2530 | */ | |
2531 | ntfs_unmap_page(page); | |
2532 | } else { | |
2533 | /* | |
2534 | * Allocate a new VFS inode and set it up. NOTE: @vi->i_nlink | |
2535 | * is set to 1 but the mft record->link_count is 0. The caller | |
2536 | * needs to bear this in mind. | |
2537 | */ | |
2538 | vi = new_inode(vol->sb); | |
2539 | if (unlikely(!vi)) { | |
2540 | err = -ENOMEM; | |
2541 | /* Set the mft record itself not in use. */ | |
2542 | m->flags &= cpu_to_le16( | |
2543 | ~le16_to_cpu(MFT_RECORD_IN_USE)); | |
2544 | flush_dcache_page(page); | |
2545 | /* Make sure the mft record is written out to disk. */ | |
2546 | mark_ntfs_record_dirty(page, ofs); | |
2547 | unlock_page(page); | |
2548 | ntfs_unmap_page(page); | |
2549 | goto undo_mftbmp_alloc; | |
2550 | } | |
2551 | vi->i_ino = bit; | |
2552 | /* | |
2553 | * This is the optimal IO size (for stat), not the fs block | |
2554 | * size. | |
2555 | */ | |
2556 | vi->i_blksize = PAGE_CACHE_SIZE; | |
2557 | /* | |
2558 | * This is for checking whether an inode has changed w.r.t. a | |
2559 | * file so that the file can be updated if necessary (compare | |
2560 | * with f_version). | |
2561 | */ | |
2562 | vi->i_version = 1; | |
2563 | ||
2564 | /* The owner and group come from the ntfs volume. */ | |
2565 | vi->i_uid = vol->uid; | |
2566 | vi->i_gid = vol->gid; | |
2567 | ||
2568 | /* Initialize the ntfs specific part of @vi. */ | |
2569 | ntfs_init_big_inode(vi); | |
2570 | ni = NTFS_I(vi); | |
2571 | /* | |
2572 | * Set the appropriate mode, attribute type, and name. For | |
2573 | * directories, also setup the index values to the defaults. | |
2574 | */ | |
2575 | if (S_ISDIR(mode)) { | |
2576 | vi->i_mode = S_IFDIR | S_IRWXUGO; | |
2577 | vi->i_mode &= ~vol->dmask; | |
2578 | ||
2579 | NInoSetMstProtected(ni); | |
2580 | ni->type = AT_INDEX_ALLOCATION; | |
2581 | ni->name = I30; | |
2582 | ni->name_len = 4; | |
2583 | ||
2584 | ni->itype.index.block_size = 4096; | |
2585 | ni->itype.index.block_size_bits = generic_ffs(4096) - 1; | |
2586 | ni->itype.index.collation_rule = COLLATION_FILE_NAME; | |
2587 | if (vol->cluster_size <= ni->itype.index.block_size) { | |
2588 | ni->itype.index.vcn_size = vol->cluster_size; | |
2589 | ni->itype.index.vcn_size_bits = | |
2590 | vol->cluster_size_bits; | |
2591 | } else { | |
2592 | ni->itype.index.vcn_size = vol->sector_size; | |
2593 | ni->itype.index.vcn_size_bits = | |
2594 | vol->sector_size_bits; | |
2595 | } | |
2596 | } else { | |
2597 | vi->i_mode = S_IFREG | S_IRWXUGO; | |
2598 | vi->i_mode &= ~vol->fmask; | |
2599 | ||
2600 | ni->type = AT_DATA; | |
2601 | ni->name = NULL; | |
2602 | ni->name_len = 0; | |
2603 | } | |
2604 | if (IS_RDONLY(vi)) | |
2605 | vi->i_mode &= ~S_IWUGO; | |
2606 | ||
2607 | /* Set the inode times to the current time. */ | |
2608 | vi->i_atime = vi->i_mtime = vi->i_ctime = | |
2609 | current_fs_time(vi->i_sb); | |
2610 | /* | |
2611 | * Set the file size to 0, the ntfs inode sizes are set to 0 by | |
2612 | * the call to ntfs_init_big_inode() below. | |
2613 | */ | |
2614 | vi->i_size = 0; | |
2615 | vi->i_blocks = 0; | |
2616 | ||
2617 | /* Set the sequence number. */ | |
2618 | vi->i_generation = ni->seq_no = le16_to_cpu(m->sequence_number); | |
2619 | /* | |
2620 | * Manually map, pin, and lock the mft record as we already | |
2621 | * have its page mapped and it is very easy to do. | |
2622 | */ | |
2623 | atomic_inc(&ni->count); | |
2624 | down(&ni->mrec_lock); | |
2625 | ni->page = page; | |
2626 | ni->page_ofs = ofs; | |
2627 | /* | |
2628 | * Make sure the allocated mft record is written out to disk. | |
2629 | * NOTE: We do not set the ntfs inode dirty because this would | |
2630 | * fail in ntfs_write_inode() because the inode does not have a | |
2631 | * standard information attribute yet. Also, there is no need | |
2632 | * to set the inode dirty because the caller is going to do | |
2633 | * that anyway after finishing with the new mft record (e.g. at | |
2634 | * a minimum some new attributes will be added to the mft | |
2635 | * record. | |
2636 | */ | |
2637 | mark_ntfs_record_dirty(page, ofs); | |
2638 | unlock_page(page); | |
2639 | ||
2640 | /* Add the inode to the inode hash for the superblock. */ | |
2641 | insert_inode_hash(vi); | |
2642 | ||
2643 | /* Update the default mft allocation position. */ | |
2644 | vol->mft_data_pos = bit + 1; | |
2645 | } | |
2646 | /* | |
2647 | * Return the opened, allocated inode of the allocated mft record as | |
2648 | * well as the mapped, pinned, and locked mft record. | |
2649 | */ | |
2650 | ntfs_debug("Returning opened, allocated %sinode 0x%llx.", | |
2651 | base_ni ? "extent " : "", (long long)bit); | |
2652 | *mrec = m; | |
2653 | return ni; | |
2654 | undo_data_init: | |
2655 | mft_ni->initialized_size = old_data_initialized; | |
2656 | vol->mft_ino->i_size = old_data_size; | |
2657 | goto undo_mftbmp_alloc_nolock; | |
2658 | undo_mftbmp_alloc: | |
2659 | down_write(&vol->mftbmp_lock); | |
2660 | undo_mftbmp_alloc_nolock: | |
2661 | if (ntfs_bitmap_clear_bit(vol->mftbmp_ino, bit)) { | |
2662 | ntfs_error(vol->sb, "Failed to clear bit in mft bitmap.%s", es); | |
2663 | NVolSetErrors(vol); | |
2664 | } | |
2665 | up_write(&vol->mftbmp_lock); | |
2666 | err_out: | |
2667 | return ERR_PTR(err); | |
2668 | max_err_out: | |
2669 | ntfs_warning(vol->sb, "Cannot allocate mft record because the maximum " | |
2670 | "number of inodes (2^32) has already been reached."); | |
2671 | up_write(&vol->mftbmp_lock); | |
2672 | return ERR_PTR(-ENOSPC); | |
2673 | } | |
2674 | ||
2675 | /** | |
2676 | * ntfs_extent_mft_record_free - free an extent mft record on an ntfs volume | |
2677 | * @ni: ntfs inode of the mapped extent mft record to free | |
2678 | * @m: mapped extent mft record of the ntfs inode @ni | |
2679 | * | |
2680 | * Free the mapped extent mft record @m of the extent ntfs inode @ni. | |
2681 | * | |
2682 | * Note that this function unmaps the mft record and closes and destroys @ni | |
2683 | * internally and hence you cannot use either @ni nor @m any more after this | |
2684 | * function returns success. | |
2685 | * | |
2686 | * On success return 0 and on error return -errno. @ni and @m are still valid | |
2687 | * in this case and have not been freed. | |
2688 | * | |
2689 | * For some errors an error message is displayed and the success code 0 is | |
2690 | * returned and the volume is then left dirty on umount. This makes sense in | |
2691 | * case we could not rollback the changes that were already done since the | |
2692 | * caller no longer wants to reference this mft record so it does not matter to | |
2693 | * the caller if something is wrong with it as long as it is properly detached | |
2694 | * from the base inode. | |
2695 | */ | |
2696 | int ntfs_extent_mft_record_free(ntfs_inode *ni, MFT_RECORD *m) | |
2697 | { | |
2698 | unsigned long mft_no = ni->mft_no; | |
2699 | ntfs_volume *vol = ni->vol; | |
2700 | ntfs_inode *base_ni; | |
2701 | ntfs_inode **extent_nis; | |
2702 | int i, err; | |
2703 | le16 old_seq_no; | |
2704 | u16 seq_no; | |
2705 | ||
2706 | BUG_ON(NInoAttr(ni)); | |
2707 | BUG_ON(ni->nr_extents != -1); | |
2708 | ||
2709 | down(&ni->extent_lock); | |
2710 | base_ni = ni->ext.base_ntfs_ino; | |
2711 | up(&ni->extent_lock); | |
2712 | ||
2713 | BUG_ON(base_ni->nr_extents <= 0); | |
2714 | ||
2715 | ntfs_debug("Entering for extent inode 0x%lx, base inode 0x%lx.\n", | |
2716 | mft_no, base_ni->mft_no); | |
2717 | ||
2718 | down(&base_ni->extent_lock); | |
2719 | ||
2720 | /* Make sure we are holding the only reference to the extent inode. */ | |
2721 | if (atomic_read(&ni->count) > 2) { | |
2722 | ntfs_error(vol->sb, "Tried to free busy extent inode 0x%lx, " | |
2723 | "not freeing.", base_ni->mft_no); | |
2724 | up(&base_ni->extent_lock); | |
2725 | return -EBUSY; | |
2726 | } | |
2727 | ||
2728 | /* Dissociate the ntfs inode from the base inode. */ | |
2729 | extent_nis = base_ni->ext.extent_ntfs_inos; | |
2730 | err = -ENOENT; | |
2731 | for (i = 0; i < base_ni->nr_extents; i++) { | |
2732 | if (ni != extent_nis[i]) | |
2733 | continue; | |
2734 | extent_nis += i; | |
2735 | base_ni->nr_extents--; | |
2736 | memmove(extent_nis, extent_nis + 1, (base_ni->nr_extents - i) * | |
2737 | sizeof(ntfs_inode*)); | |
2738 | err = 0; | |
2739 | break; | |
2740 | } | |
2741 | ||
2742 | up(&base_ni->extent_lock); | |
2743 | ||
2744 | if (unlikely(err)) { | |
2745 | ntfs_error(vol->sb, "Extent inode 0x%lx is not attached to " | |
2746 | "its base inode 0x%lx.", mft_no, | |
2747 | base_ni->mft_no); | |
2748 | BUG(); | |
2749 | } | |
2750 | ||
2751 | /* | |
2752 | * The extent inode is no longer attached to the base inode so no one | |
2753 | * can get a reference to it any more. | |
2754 | */ | |
2755 | ||
2756 | /* Mark the mft record as not in use. */ | |
2757 | m->flags &= const_cpu_to_le16(~const_le16_to_cpu(MFT_RECORD_IN_USE)); | |
2758 | ||
2759 | /* Increment the sequence number, skipping zero, if it is not zero. */ | |
2760 | old_seq_no = m->sequence_number; | |
2761 | seq_no = le16_to_cpu(old_seq_no); | |
2762 | if (seq_no == 0xffff) | |
2763 | seq_no = 1; | |
2764 | else if (seq_no) | |
2765 | seq_no++; | |
2766 | m->sequence_number = cpu_to_le16(seq_no); | |
2767 | ||
2768 | /* | |
2769 | * Set the ntfs inode dirty and write it out. We do not need to worry | |
2770 | * about the base inode here since whatever caused the extent mft | |
2771 | * record to be freed is guaranteed to do it already. | |
2772 | */ | |
2773 | NInoSetDirty(ni); | |
2774 | err = write_mft_record(ni, m, 0); | |
2775 | if (unlikely(err)) { | |
2776 | ntfs_error(vol->sb, "Failed to write mft record 0x%lx, not " | |
2777 | "freeing.", mft_no); | |
2778 | goto rollback; | |
2779 | } | |
2780 | rollback_error: | |
2781 | /* Unmap and throw away the now freed extent inode. */ | |
2782 | unmap_extent_mft_record(ni); | |
2783 | ntfs_clear_extent_inode(ni); | |
2784 | ||
2785 | /* Clear the bit in the $MFT/$BITMAP corresponding to this record. */ | |
2786 | down_write(&vol->mftbmp_lock); | |
2787 | err = ntfs_bitmap_clear_bit(vol->mftbmp_ino, mft_no); | |
2788 | up_write(&vol->mftbmp_lock); | |
2789 | if (unlikely(err)) { | |
2790 | /* | |
2791 | * The extent inode is gone but we failed to deallocate it in | |
2792 | * the mft bitmap. Just emit a warning and leave the volume | |
2793 | * dirty on umount. | |
2794 | */ | |
2795 | ntfs_error(vol->sb, "Failed to clear bit in mft bitmap.%s", es); | |
2796 | NVolSetErrors(vol); | |
2797 | } | |
2798 | return 0; | |
2799 | rollback: | |
2800 | /* Rollback what we did... */ | |
2801 | down(&base_ni->extent_lock); | |
2802 | extent_nis = base_ni->ext.extent_ntfs_inos; | |
2803 | if (!(base_ni->nr_extents & 3)) { | |
2804 | int new_size = (base_ni->nr_extents + 4) * sizeof(ntfs_inode*); | |
2805 | ||
2806 | extent_nis = (ntfs_inode**)kmalloc(new_size, GFP_NOFS); | |
2807 | if (unlikely(!extent_nis)) { | |
2808 | ntfs_error(vol->sb, "Failed to allocate internal " | |
2809 | "buffer during rollback.%s", es); | |
2810 | up(&base_ni->extent_lock); | |
2811 | NVolSetErrors(vol); | |
2812 | goto rollback_error; | |
2813 | } | |
2814 | if (base_ni->nr_extents) { | |
2815 | BUG_ON(!base_ni->ext.extent_ntfs_inos); | |
2816 | memcpy(extent_nis, base_ni->ext.extent_ntfs_inos, | |
2817 | new_size - 4 * sizeof(ntfs_inode*)); | |
2818 | kfree(base_ni->ext.extent_ntfs_inos); | |
2819 | } | |
2820 | base_ni->ext.extent_ntfs_inos = extent_nis; | |
2821 | } | |
2822 | m->flags |= MFT_RECORD_IN_USE; | |
2823 | m->sequence_number = old_seq_no; | |
2824 | extent_nis[base_ni->nr_extents++] = ni; | |
2825 | up(&base_ni->extent_lock); | |
2826 | mark_mft_record_dirty(ni); | |
2827 | return err; | |
2828 | } | |
2829 | #endif /* NTFS_RW */ |