[linux.git] / fs / ntfs3 / record.c

// SPDX-License-Identifier: GPL-2.0
/*
 *
 * Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved.
 *
 */

#include <linux/fs.h>

#include "debug.h"
#include "ntfs.h"
#include "ntfs_fs.h"

static inline int compare_attr(const struct ATTRIB *left, enum ATTR_TYPE type,
			       const __le16 *name, u8 name_len,
			       const u16 *upcase)
{
	/* First, compare the type codes. */
	int diff = le32_to_cpu(left->type) - le32_to_cpu(type);

	if (diff)
		return diff;

	/* They have the same type code, so we have to compare the names. */
	return ntfs_cmp_names(attr_name(left), left->name_len, name, name_len,
			      upcase, true);
}

/*
 * mi_new_attt_id
 *
 * Return: Unused attribute id that is less than mrec->next_attr_id.
 */
static __le16 mi_new_attt_id(struct ntfs_inode *ni, struct mft_inode *mi)
{
	u16 free_id, max_id, t16;
	struct MFT_REC *rec = mi->mrec;
	struct ATTRIB *attr;
	__le16 id;

	id = rec->next_attr_id;
	free_id = le16_to_cpu(id);
	if (free_id < 0x7FFF) {
		rec->next_attr_id = cpu_to_le16(free_id + 1);
		return id;
	}

	/* One record can store up to 1024/24 ~= 42 attributes. */
	free_id = 0;
	max_id = 0;

	attr = NULL;

	for (;;) {
		attr = mi_enum_attr(ni, mi, attr);
		if (!attr) {
			rec->next_attr_id = cpu_to_le16(max_id + 1);
			mi->dirty = true;
			return cpu_to_le16(free_id);
		}

		t16 = le16_to_cpu(attr->id);
		if (t16 == free_id) {
			free_id += 1;
			attr = NULL;
		} else if (max_id < t16)
			max_id = t16;
	}
}

int mi_get(struct ntfs_sb_info *sbi, CLST rno, struct mft_inode **mi)
{
	int err;
	struct mft_inode *m = kzalloc(sizeof(struct mft_inode), GFP_NOFS);

	if (!m)
		return -ENOMEM;

	err = mi_init(m, sbi, rno);
	if (err) {
		kfree(m);
		return err;
	}

	err = mi_read(m, false);
	if (err) {
		mi_put(m);
		return err;
	}

	*mi = m;
	return 0;
}

void mi_put(struct mft_inode *mi)
{
	mi_clear(mi);
	kfree(mi);
}

int mi_init(struct mft_inode *mi, struct ntfs_sb_info *sbi, CLST rno)
{
	mi->sbi = sbi;
	mi->rno = rno;
	mi->mrec = kmalloc(sbi->record_size, GFP_NOFS);
	if (!mi->mrec)
		return -ENOMEM;

	return 0;
}

/*
 * mi_read - Read MFT data.
 */
int mi_read(struct mft_inode *mi, bool is_mft)
{
	int err;
	struct MFT_REC *rec = mi->mrec;
	struct ntfs_sb_info *sbi = mi->sbi;
	u32 bpr = sbi->record_size;
	u64 vbo = (u64)mi->rno << sbi->record_bits;
	struct ntfs_inode *mft_ni = sbi->mft.ni;
	struct runs_tree *run = mft_ni ? &mft_ni->file.run : NULL;
	struct rw_semaphore *rw_lock = NULL;

	if (is_mounted(sbi)) {
		if (!is_mft && mft_ni) {
			rw_lock = &mft_ni->file.run_lock;
			down_read(rw_lock);
		}
	}

	err = ntfs_read_bh(sbi, run, vbo, &rec->rhdr, bpr, &mi->nb);
	if (rw_lock)
		up_read(rw_lock);
	if (!err)
		goto ok;

	if (err == -E_NTFS_FIXUP) {
		mi->dirty = true;
		goto ok;
	}

	if (err != -ENOENT)
		goto out;

	if (rw_lock) {
		ni_lock(mft_ni);
		down_write(rw_lock);
	}
	err = attr_load_runs_vcn(mft_ni, ATTR_DATA, NULL, 0, run,
				 vbo >> sbi->cluster_bits);
	if (rw_lock) {
		up_write(rw_lock);
		ni_unlock(mft_ni);
	}
	if (err)
		goto out;

	if (rw_lock)
		down_read(rw_lock);
	err = ntfs_read_bh(sbi, run, vbo, &rec->rhdr, bpr, &mi->nb);
	if (rw_lock)
		up_read(rw_lock);

	if (err == -E_NTFS_FIXUP) {
		mi->dirty = true;
		goto ok;
	}
	if (err)
		goto out;

ok:
	/* Check field 'total' only here. */
	if (le32_to_cpu(rec->total) != bpr) {
		err = -EINVAL;
		goto out;
	}

	return 0;

out:
	if (err == -E_NTFS_CORRUPT) {
		ntfs_err(sbi->sb, "mft corrupted");
		ntfs_set_state(sbi, NTFS_DIRTY_ERROR);
		err = -EINVAL;
	}

	return err;
}

/*
 * mi_enum_attr - start/continue attributes enumeration in record.
 *
 * NOTE: mi->mrec - memory of size sbi->record_size
 * here we sure that mi->mrec->total == sbi->record_size (see mi_read)
 */
struct ATTRIB *mi_enum_attr(struct ntfs_inode *ni, struct mft_inode *mi,
			    struct ATTRIB *attr)
{
	const struct MFT_REC *rec = mi->mrec;
	u32 used = le32_to_cpu(rec->used);
	u32 t32, off, asize, prev_type;
	u16 t16;
	u64 data_size, alloc_size, tot_size;

	if (!attr) {
		u32 total = le32_to_cpu(rec->total);

		off = le16_to_cpu(rec->attr_off);

		if (used > total)
			goto out;

		if (off >= used || off < MFTRECORD_FIXUP_OFFSET_1 ||
		    !IS_ALIGNED(off, 8)) {
			goto out;
		}

		/* Skip non-resident records. */
		if (!is_rec_inuse(rec))
			return NULL;

		prev_type = 0;
		attr = Add2Ptr(rec, off);
	} else {
		/*
		 * We don't need to check previous attr here. There is
		 * a bounds checking in the previous round.
		 */
		off = PtrOffset(rec, attr);

		asize = le32_to_cpu(attr->size);

		prev_type = le32_to_cpu(attr->type);
		attr = Add2Ptr(attr, asize);
		off += asize;
	}

	/*
	 * Can we use the first fields:
	 * attr->type,
	 * attr->size
	 */
	if (off + 8 > used) {
		static_assert(ALIGN(sizeof(enum ATTR_TYPE), 8) == 8);
		goto out;
	}

	if (attr->type == ATTR_END) {
		/* End of enumeration. */
		return NULL;
	}

	/* 0x100 is last known attribute for now. */
	t32 = le32_to_cpu(attr->type);
	if (!t32 || (t32 & 0xf) || (t32 > 0x100))
		goto out;

	/* attributes in record must be ordered by type */
	if (t32 < prev_type)
		goto out;

	asize = le32_to_cpu(attr->size);

	if (!IS_ALIGNED(asize, 8))
		goto out;

	/* Check overflow and boundary. */
	if (off + asize < off || off + asize > used)
		goto out;

	/* Can we use the field attr->non_res. */
	if (off + 9 > used)
		goto out;

	/* Check size of attribute. */
	if (!attr->non_res) {
		/* Check resident fields. */
		if (asize < SIZEOF_RESIDENT)
			goto out;

		t16 = le16_to_cpu(attr->res.data_off);
		if (t16 > asize)
			goto out;

		if (le32_to_cpu(attr->res.data_size) > asize - t16)
			goto out;

		t32 = sizeof(short) * attr->name_len;
		if (t32 && le16_to_cpu(attr->name_off) + t32 > t16)
			goto out;

		return attr;
	}

	/* Check nonresident fields. */
	if (attr->non_res != 1)
		goto out;

	/* Can we use memory including attr->nres.valid_size? */
	if (asize < SIZEOF_NONRESIDENT)
		goto out;

	t16 = le16_to_cpu(attr->nres.run_off);
	if (t16 > asize)
		goto out;

	t32 = sizeof(short) * attr->name_len;
	if (t32 && le16_to_cpu(attr->name_off) + t32 > t16)
		goto out;

	/* Check start/end vcn. */
	if (le64_to_cpu(attr->nres.svcn) > le64_to_cpu(attr->nres.evcn) + 1)
		goto out;

	data_size = le64_to_cpu(attr->nres.data_size);
	if (le64_to_cpu(attr->nres.valid_size) > data_size)
		goto out;

	alloc_size = le64_to_cpu(attr->nres.alloc_size);
	if (data_size > alloc_size)
		goto out;

	t32 = mi->sbi->cluster_mask;
	if (alloc_size & t32)
		goto out;

	if (!attr->nres.svcn && is_attr_ext(attr)) {
		/* First segment of sparse/compressed attribute */
		/* Can we use memory including attr->nres.total_size? */
		if (asize < SIZEOF_NONRESIDENT_EX)
			goto out;

		tot_size = le64_to_cpu(attr->nres.total_size);
		if (tot_size & t32)
			goto out;

		if (tot_size > alloc_size)
			goto out;
	} else {
		if (attr->nres.c_unit)
			goto out;

		if (alloc_size > mi->sbi->volume.size)
			goto out;
	}

	return attr;

out:
	_ntfs_bad_inode(&ni->vfs_inode);
	return NULL;
}

/*
 * mi_find_attr - Find the attribute by type and name and id.
 */
struct ATTRIB *mi_find_attr(struct ntfs_inode *ni, struct mft_inode *mi,
			    struct ATTRIB *attr, enum ATTR_TYPE type,
			    const __le16 *name, u8 name_len, const __le16 *id)
{
	u32 type_in = le32_to_cpu(type);
	u32 atype;

next_attr:
	attr = mi_enum_attr(ni, mi, attr);
	if (!attr)
		return NULL;

	atype = le32_to_cpu(attr->type);
	if (atype > type_in)
		return NULL;

	if (atype < type_in)
		goto next_attr;

	if (attr->name_len != name_len)
		goto next_attr;

	if (name_len && memcmp(attr_name(attr), name, name_len * sizeof(short)))
		goto next_attr;

	if (id && *id != attr->id)
		goto next_attr;

	return attr;
}

int mi_write(struct mft_inode *mi, int wait)
{
	struct MFT_REC *rec;
	int err;
	struct ntfs_sb_info *sbi;

	if (!mi->dirty)
		return 0;

	sbi = mi->sbi;
	rec = mi->mrec;

	err = ntfs_write_bh(sbi, &rec->rhdr, &mi->nb, wait);
	if (err)
		return err;

	if (mi->rno < sbi->mft.recs_mirr)
		sbi->flags |= NTFS_FLAGS_MFTMIRR;

	mi->dirty = false;

	return 0;
}

int mi_format_new(struct mft_inode *mi, struct ntfs_sb_info *sbi, CLST rno,
		  __le16 flags, bool is_mft)
{
	int err;
	u16 seq = 1;
	struct MFT_REC *rec;
	u64 vbo = (u64)rno << sbi->record_bits;

	err = mi_init(mi, sbi, rno);
	if (err)
		return err;

	rec = mi->mrec;

	if (rno == MFT_REC_MFT) {
		;
	} else if (rno < MFT_REC_FREE) {
		seq = rno;
	} else if (rno >= sbi->mft.used) {
		;
	} else if (mi_read(mi, is_mft)) {
		;
	} else if (rec->rhdr.sign == NTFS_FILE_SIGNATURE) {
		/* Record is reused. Update its sequence number. */
		seq = le16_to_cpu(rec->seq) + 1;
		if (!seq)
			seq = 1;
	}

	memcpy(rec, sbi->new_rec, sbi->record_size);

	rec->seq = cpu_to_le16(seq);
	rec->flags = RECORD_FLAG_IN_USE | flags;
	if (MFTRECORD_FIXUP_OFFSET == MFTRECORD_FIXUP_OFFSET_3)
		rec->mft_record = cpu_to_le32(rno);

	mi->dirty = true;

	if (!mi->nb.nbufs) {
		struct ntfs_inode *ni = sbi->mft.ni;
		bool lock = false;

		if (is_mounted(sbi) && !is_mft) {
			down_read(&ni->file.run_lock);
			lock = true;
		}

		err = ntfs_get_bh(sbi, &ni->file.run, vbo, sbi->record_size,
				  &mi->nb);
		if (lock)
			up_read(&ni->file.run_lock);
	}

	return err;
}

/*
 * mi_insert_attr - Reserve space for new attribute.
 *
 * Return: Not full constructed attribute or NULL if not possible to create.
 */
struct ATTRIB *mi_insert_attr(struct ntfs_inode *ni, struct mft_inode *mi,
			      enum ATTR_TYPE type, const __le16 *name,
			      u8 name_len, u32 asize, u16 name_off)
{
	size_t tail;
	struct ATTRIB *attr;
	__le16 id;
	struct MFT_REC *rec = mi->mrec;
	struct ntfs_sb_info *sbi = mi->sbi;
	u32 used = le32_to_cpu(rec->used);
	const u16 *upcase = sbi->upcase;

	/* Can we insert mi attribute? */
	if (used + asize > sbi->record_size)
		return NULL;

	/*
	 * Scan through the list of attributes to find the point
	 * at which we should insert it.
	 */
	attr = NULL;
	while ((attr = mi_enum_attr(ni, mi, attr))) {
		int diff = compare_attr(attr, type, name, name_len, upcase);

		if (diff < 0)
			continue;

		if (!diff && !is_attr_indexed(attr))
			return NULL;
		break;
	}

	if (!attr) {
		/* Append. */
		tail = 8;
		attr = Add2Ptr(rec, used - 8);
	} else {
		/* Insert before 'attr'. */
		tail = used - PtrOffset(rec, attr);
	}

	id = mi_new_attt_id(ni, mi);

	memmove(Add2Ptr(attr, asize), attr, tail);
	memset(attr, 0, asize);

	attr->type = type;
	attr->size = cpu_to_le32(asize);
	attr->name_len = name_len;
	attr->name_off = cpu_to_le16(name_off);
	attr->id = id;

	memmove(Add2Ptr(attr, name_off), name, name_len * sizeof(short));
	rec->used = cpu_to_le32(used + asize);

	mi->dirty = true;

	return attr;
}

/*
 * mi_remove_attr - Remove the attribute from record.
 *
 * NOTE: The source attr will point to next attribute.
 */
bool mi_remove_attr(struct ntfs_inode *ni, struct mft_inode *mi,
		    struct ATTRIB *attr)
{
	struct MFT_REC *rec = mi->mrec;
	u32 aoff = PtrOffset(rec, attr);
	u32 used = le32_to_cpu(rec->used);
	u32 asize = le32_to_cpu(attr->size);

	if (aoff + asize > used)
		return false;

	if (ni && is_attr_indexed(attr) && attr->type == ATTR_NAME) {
		u16 links = le16_to_cpu(ni->mi.mrec->hard_links);
		if (!links) {
			/* minor error. Not critical. */
		} else {
			ni->mi.mrec->hard_links = cpu_to_le16(links - 1);
			ni->mi.dirty = true;
		}
	}

	used -= asize;
	memmove(attr, Add2Ptr(attr, asize), used - aoff);
	rec->used = cpu_to_le32(used);
	mi->dirty = true;

	return true;
}

/* bytes = "new attribute size" - "old attribute size" */
bool mi_resize_attr(struct mft_inode *mi, struct ATTRIB *attr, int bytes)
{
	struct MFT_REC *rec = mi->mrec;
	u32 aoff = PtrOffset(rec, attr);
	u32 total, used = le32_to_cpu(rec->used);
	u32 nsize, asize = le32_to_cpu(attr->size);
	u32 rsize = le32_to_cpu(attr->res.data_size);
	int tail = (int)(used - aoff - asize);
	int dsize;
	char *next;

	if (tail < 0 || aoff >= used)
		return false;

	if (!bytes)
		return true;

	total = le32_to_cpu(rec->total);
	next = Add2Ptr(attr, asize);

	if (bytes > 0) {
		dsize = ALIGN(bytes, 8);
		if (used + dsize > total)
			return false;
		nsize = asize + dsize;
		/* Move tail */
		memmove(next + dsize, next, tail);
		memset(next, 0, dsize);
		used += dsize;
		rsize += dsize;
	} else {
		dsize = ALIGN(-bytes, 8);
		if (dsize > asize)
			return false;
		nsize = asize - dsize;
		memmove(next - dsize, next, tail);
		used -= dsize;
		rsize -= dsize;
	}

	rec->used = cpu_to_le32(used);
	attr->size = cpu_to_le32(nsize);
	if (!attr->non_res)
		attr->res.data_size = cpu_to_le32(rsize);
	mi->dirty = true;

	return true;
}

/*
 * Pack runs in MFT record.
 * If failed record is not changed.
 */
int mi_pack_runs(struct mft_inode *mi, struct ATTRIB *attr,
		 struct runs_tree *run, CLST len)
{
	int err = 0;
	struct ntfs_sb_info *sbi = mi->sbi;
	u32 new_run_size;
	CLST plen;
	struct MFT_REC *rec = mi->mrec;
	CLST svcn = le64_to_cpu(attr->nres.svcn);
	u32 used = le32_to_cpu(rec->used);
	u32 aoff = PtrOffset(rec, attr);
	u32 asize = le32_to_cpu(attr->size);
	char *next = Add2Ptr(attr, asize);
	u16 run_off = le16_to_cpu(attr->nres.run_off);
	u32 run_size = asize - run_off;
	u32 tail = used - aoff - asize;
	u32 dsize = sbi->record_size - used;

	/* Make a maximum gap in current record. */
	memmove(next + dsize, next, tail);

	/* Pack as much as possible. */
	err = run_pack(run, svcn, len, Add2Ptr(attr, run_off), run_size + dsize,
		       &plen);
	if (err < 0) {
		memmove(next, next + dsize, tail);
		return err;
	}

	new_run_size = ALIGN(err, 8);

	memmove(next + new_run_size - run_size, next + dsize, tail);

	attr->size = cpu_to_le32(asize + new_run_size - run_size);
	attr->nres.evcn = cpu_to_le64(svcn + plen - 1);
	rec->used = cpu_to_le32(used + new_run_size - run_size);
	mi->dirty = true;

	return 0;
}
Commit	Line	Data
4342306f KK	1	// SPDX-License-Identifier: GPL-2.0
	2	/*
	3	*
	4	* Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved.
	5	*
	6	*/
	7
4342306f	8	#include <linux/fs.h>
4342306f KK	9
	10	#include "debug.h"
	11	#include "ntfs.h"
	12	#include "ntfs_fs.h"
	13
	14	static inline int compare_attr(const struct ATTRIB *left, enum ATTR_TYPE type,
	15	const __le16 *name, u8 name_len,
	16	const u16 *upcase)
	17	{
e8b8e97f	18	/* First, compare the type codes. */
4342306f KK	19	int diff = le32_to_cpu(left->type) - le32_to_cpu(type);
	20
	21	if (diff)
	22	return diff;
	23
e8b8e97f	24	/* They have the same type code, so we have to compare the names. */
4342306f KK	25	return ntfs_cmp_names(attr_name(left), left->name_len, name, name_len,
	26	upcase, true);
	27	}
	28
	29	/*
	30	* mi_new_attt_id
	31	*
e8b8e97f	32	* Return: Unused attribute id that is less than mrec->next_attr_id.
4342306f	33	*/
2afd4d26	34	static __le16 mi_new_attt_id(struct ntfs_inode ni, struct mft_inode mi)
4342306f KK	35	{
	36	u16 free_id, max_id, t16;
	37	struct MFT_REC *rec = mi->mrec;
	38	struct ATTRIB *attr;
	39	__le16 id;
	40
	41	id = rec->next_attr_id;
	42	free_id = le16_to_cpu(id);
	43	if (free_id < 0x7FFF) {
	44	rec->next_attr_id = cpu_to_le16(free_id + 1);
	45	return id;
	46	}
	47
e8b8e97f	48	/* One record can store up to 1024/24 ~= 42 attributes. */
4342306f KK	49	free_id = 0;
	50	max_id = 0;
	51
	52	attr = NULL;
	53
	54	for (;;) {
2afd4d26	55	attr = mi_enum_attr(ni, mi, attr);
4342306f KK	56	if (!attr) {
	57	rec->next_attr_id = cpu_to_le16(max_id + 1);
	58	mi->dirty = true;
	59	return cpu_to_le16(free_id);
	60	}
	61
	62	t16 = le16_to_cpu(attr->id);
	63	if (t16 == free_id) {
	64	free_id += 1;
	65	attr = NULL;
	66	} else if (max_id < t16)
	67	max_id = t16;
	68	}
	69	}
	70
	71	int mi_get(struct ntfs_sb_info sbi, CLST rno, struct mft_inode *mi)
	72	{
	73	int err;
195c52bd	74	struct mft_inode *m = kzalloc(sizeof(struct mft_inode), GFP_NOFS);
4342306f KK	75
	76	if (!m)
	77	return -ENOMEM;
	78
	79	err = mi_init(m, sbi, rno);
	80	if (err) {
195c52bd	81	kfree(m);
4342306f KK	82	return err;
	83	}
	84
	85	err = mi_read(m, false);
	86	if (err) {
	87	mi_put(m);
	88	return err;
	89	}
	90
	91	*mi = m;
	92	return 0;
	93	}
	94
	95	void mi_put(struct mft_inode *mi)
	96	{
	97	mi_clear(mi);
195c52bd	98	kfree(mi);
4342306f KK	99	}
	100
	101	int mi_init(struct mft_inode mi, struct ntfs_sb_info sbi, CLST rno)
	102	{
	103	mi->sbi = sbi;
	104	mi->rno = rno;
195c52bd	105	mi->mrec = kmalloc(sbi->record_size, GFP_NOFS);
4342306f KK	106	if (!mi->mrec)
	107	return -ENOMEM;
	108
	109	return 0;
	110	}
	111
	112	/*
e8b8e97f	113	* mi_read - Read MFT data.
4342306f KK	114	*/
	115	int mi_read(struct mft_inode *mi, bool is_mft)
	116	{
	117	int err;
	118	struct MFT_REC *rec = mi->mrec;
	119	struct ntfs_sb_info *sbi = mi->sbi;
	120	u32 bpr = sbi->record_size;
	121	u64 vbo = (u64)mi->rno << sbi->record_bits;
	122	struct ntfs_inode *mft_ni = sbi->mft.ni;
	123	struct runs_tree *run = mft_ni ? &mft_ni->file.run : NULL;
	124	struct rw_semaphore *rw_lock = NULL;
	125
	126	if (is_mounted(sbi)) {
97498cd6	127	if (!is_mft && mft_ni) {
4342306f KK	128	rw_lock = &mft_ni->file.run_lock;
	129	down_read(rw_lock);
	130	}
	131	}
	132
	133	err = ntfs_read_bh(sbi, run, vbo, &rec->rhdr, bpr, &mi->nb);
	134	if (rw_lock)
	135	up_read(rw_lock);
	136	if (!err)
	137	goto ok;
	138
	139	if (err == -E_NTFS_FIXUP) {
	140	mi->dirty = true;
	141	goto ok;
	142	}
	143
	144	if (err != -ENOENT)
	145	goto out;
	146
	147	if (rw_lock) {
	148	ni_lock(mft_ni);
	149	down_write(rw_lock);
	150	}
97498cd6	151	err = attr_load_runs_vcn(mft_ni, ATTR_DATA, NULL, 0, run,
4342306f KK	152	vbo >> sbi->cluster_bits);
	153	if (rw_lock) {
	154	up_write(rw_lock);
	155	ni_unlock(mft_ni);
	156	}
	157	if (err)
	158	goto out;
	159
	160	if (rw_lock)
	161	down_read(rw_lock);
	162	err = ntfs_read_bh(sbi, run, vbo, &rec->rhdr, bpr, &mi->nb);
	163	if (rw_lock)
	164	up_read(rw_lock);
	165
	166	if (err == -E_NTFS_FIXUP) {
	167	mi->dirty = true;
	168	goto ok;
	169	}
	170	if (err)
	171	goto out;
	172
	173	ok:
e8b8e97f	174	/* Check field 'total' only here. */
4342306f KK	175	if (le32_to_cpu(rec->total) != bpr) {
	176	err = -EINVAL;
	177	goto out;
	178	}
	179
	180	return 0;
	181
	182	out:
e0f363a9 KK	183	if (err == -E_NTFS_CORRUPT) {
	184	ntfs_err(sbi->sb, "mft corrupted");
	185	ntfs_set_state(sbi, NTFS_DIRTY_ERROR);
	186	err = -EINVAL;
	187	}
	188
4342306f KK	189	return err;
	190	}
	191
f684073c KK	192	/*
	193	* mi_enum_attr - start/continue attributes enumeration in record.
	194	*
	195	* NOTE: mi->mrec - memory of size sbi->record_size
	196	* here we sure that mi->mrec->total == sbi->record_size (see mi_read)
	197	*/
2afd4d26 KK	198	struct ATTRIB mi_enum_attr(struct ntfs_inode ni, struct mft_inode *mi,
2afd4d26 KK	199	struct ATTRIB *attr)
4342306f KK	200	{
	201	const struct MFT_REC *rec = mi->mrec;
	202	u32 used = le32_to_cpu(rec->used);
013ff63b	203	u32 t32, off, asize, prev_type;
4342306f	204	u16 t16;
013ff63b	205	u64 data_size, alloc_size, tot_size;
4342306f KK	206
	207	if (!attr) {
	208	u32 total = le32_to_cpu(rec->total);
	209
	210	off = le16_to_cpu(rec->attr_off);
	211
	212	if (used > total)
2afd4d26	213	goto out;
4342306f KK	214
4342306f KK	215	if (off >= used \|\| off < MFTRECORD_FIXUP_OFFSET_1 \|\|
a8f659ce	216	!IS_ALIGNED(off, 8)) {
2afd4d26	217	goto out;
4342306f KK	218	}
4342306f KK	219
e8b8e97f	220	/* Skip non-resident records. */
4342306f KK	221	if (!is_rec_inuse(rec))
	222	return NULL;
	223
013ff63b	224	prev_type = 0;
4342306f KK	225	attr = Add2Ptr(rec, off);
4342306f KK	226	} else {
556bdf27	227	/*
	228	* We don't need to check previous attr here. There is
	229	* a bounds checking in the previous round.
	230	*/
4342306f	231	off = PtrOffset(rec, attr);
4342306f KK	232
4342306f KK	233	asize = le32_to_cpu(attr->size);
30200ef8	234
013ff63b	235	prev_type = le32_to_cpu(attr->type);
4342306f KK	236	attr = Add2Ptr(attr, asize);
	237	off += asize;
	238	}
	239
a8f659ce KK	240	/*
	241	* Can we use the first fields:
	242	* attr->type,
	243	* attr->size
	244	*/
4342306f	245	if (off + 8 > used) {
fa3cacf5	246	static_assert(ALIGN(sizeof(enum ATTR_TYPE), 8) == 8);
2afd4d26	247	goto out;
4342306f KK	248	}
	249
	250	if (attr->type == ATTR_END) {
e8b8e97f	251	/* End of enumeration. */
4342306f KK	252	return NULL;
	253	}
	254
e8b8e97f	255	/* 0x100 is last known attribute for now. */
4342306f	256	t32 = le32_to_cpu(attr->type);
013ff63b	257	if (!t32 \|\| (t32 & 0xf) \|\| (t32 > 0x100))
2afd4d26	258	goto out;
013ff63b KK	259
	260	/* attributes in record must be ordered by type */
	261	if (t32 < prev_type)
2afd4d26	262	goto out;
4342306f	263
556bdf27	264	asize = le32_to_cpu(attr->size);
556bdf27	265
a8f659ce	266	if (!IS_ALIGNED(asize, 8))
2afd4d26	267	goto out;
a8f659ce	268
4f082a75 EL	269	/* Check overflow and boundary. */
4f082a75 EL	270	if (off + asize < off \|\| off + asize > used)
2afd4d26	271	goto out;
4342306f	272
a8f659ce KK	273	/* Can we use the field attr->non_res. */
a8f659ce KK	274	if (off + 9 > used)
2afd4d26	275	goto out;
a8f659ce	276
e8b8e97f	277	/* Check size of attribute. */
4342306f	278	if (!attr->non_res) {
013ff63b	279	/* Check resident fields. */
4342306f	280	if (asize < SIZEOF_RESIDENT)
2afd4d26	281	goto out;
4342306f KK	282
4342306f KK	283	t16 = le16_to_cpu(attr->res.data_off);
4342306f	284	if (t16 > asize)
2afd4d26	285	goto out;
4342306f	286
652cfeb4	287	if (le32_to_cpu(attr->res.data_size) > asize - t16)
2afd4d26	288	goto out;
4342306f	289
36963cf2 KK	290	t32 = sizeof(short) * attr->name_len;
36963cf2 KK	291	if (t32 && le16_to_cpu(attr->name_off) + t32 > t16)
2afd4d26	292	goto out;
54e45702	293
4342306f KK	294	return attr;
	295	}
	296
013ff63b KK	297	/* Check nonresident fields. */
013ff63b KK	298	if (attr->non_res != 1)
2afd4d26	299	goto out;
013ff63b	300
090f6127 KK	301	/* Can we use memory including attr->nres.valid_size? */
090f6127 KK	302	if (asize < SIZEOF_NONRESIDENT)
2afd4d26	303	goto out;
090f6127	304
013ff63b KK	305	t16 = le16_to_cpu(attr->nres.run_off);
013ff63b KK	306	if (t16 > asize)
2afd4d26	307	goto out;
013ff63b KK	308
	309	t32 = sizeof(short) * attr->name_len;
	310	if (t32 && le16_to_cpu(attr->name_off) + t32 > t16)
2afd4d26	311	goto out;
013ff63b KK	312
	313	/* Check start/end vcn. */
	314	if (le64_to_cpu(attr->nres.svcn) > le64_to_cpu(attr->nres.evcn) + 1)
2afd4d26	315	goto out;
013ff63b KK	316
	317	data_size = le64_to_cpu(attr->nres.data_size);
	318	if (le64_to_cpu(attr->nres.valid_size) > data_size)
2afd4d26	319	goto out;
4342306f	320
013ff63b KK	321	alloc_size = le64_to_cpu(attr->nres.alloc_size);
013ff63b KK	322	if (data_size > alloc_size)
2afd4d26	323	goto out;
013ff63b KK	324
	325	t32 = mi->sbi->cluster_mask;
	326	if (alloc_size & t32)
2afd4d26	327	goto out;
013ff63b KK	328
	329	if (!attr->nres.svcn && is_attr_ext(attr)) {
	330	/* First segment of sparse/compressed attribute */
090f6127 KK	331	/* Can we use memory including attr->nres.total_size? */
090f6127 KK	332	if (asize < SIZEOF_NONRESIDENT_EX)
2afd4d26	333	goto out;
013ff63b KK	334
	335	tot_size = le64_to_cpu(attr->nres.total_size);
	336	if (tot_size & t32)
2afd4d26	337	goto out;
013ff63b KK	338
013ff63b KK	339	if (tot_size > alloc_size)
2afd4d26	340	goto out;
013ff63b	341	} else {
4342306f	342	if (attr->nres.c_unit)
2afd4d26	343	goto out;
c4a8ba33 KK	344
c4a8ba33 KK	345	if (alloc_size > mi->sbi->volume.size)
2afd4d26	346	goto out;
013ff63b	347	}
4342306f KK	348
4342306f KK	349	return attr;
2afd4d26 KK	350
	351	out:
	352	_ntfs_bad_inode(&ni->vfs_inode);
	353	return NULL;
4342306f KK	354	}
	355
	356	/*
e8b8e97f	357	* mi_find_attr - Find the attribute by type and name and id.
4342306f	358	*/
2afd4d26 KK	359	struct ATTRIB mi_find_attr(struct ntfs_inode ni, struct mft_inode *mi,
	360	struct ATTRIB *attr, enum ATTR_TYPE type,
	361	const __le16 name, u8 name_len, const __le16 id)
4342306f KK	362	{
	363	u32 type_in = le32_to_cpu(type);
	364	u32 atype;
	365
	366	next_attr:
2afd4d26	367	attr = mi_enum_attr(ni, mi, attr);
4342306f KK	368	if (!attr)
	369	return NULL;
	370
	371	atype = le32_to_cpu(attr->type);
	372	if (atype > type_in)
	373	return NULL;
	374
	375	if (atype < type_in)
	376	goto next_attr;
	377
	378	if (attr->name_len != name_len)
	379	goto next_attr;
	380
	381	if (name_len && memcmp(attr_name(attr), name, name_len * sizeof(short)))
	382	goto next_attr;
	383
	384	if (id && *id != attr->id)
	385	goto next_attr;
	386
	387	return attr;
	388	}
	389
	390	int mi_write(struct mft_inode *mi, int wait)
	391	{
	392	struct MFT_REC *rec;
	393	int err;
	394	struct ntfs_sb_info *sbi;
	395
	396	if (!mi->dirty)
	397	return 0;
	398
	399	sbi = mi->sbi;
	400	rec = mi->mrec;
	401
	402	err = ntfs_write_bh(sbi, &rec->rhdr, &mi->nb, wait);
	403	if (err)
	404	return err;
	405
	406	if (mi->rno < sbi->mft.recs_mirr)
	407	sbi->flags \|= NTFS_FLAGS_MFTMIRR;
	408
	409	mi->dirty = false;
	410
	411	return 0;
	412	}
	413
	414	int mi_format_new(struct mft_inode mi, struct ntfs_sb_info sbi, CLST rno,
	415	__le16 flags, bool is_mft)
	416	{
	417	int err;
	418	u16 seq = 1;
	419	struct MFT_REC *rec;
	420	u64 vbo = (u64)rno << sbi->record_bits;
	421
	422	err = mi_init(mi, sbi, rno);
	423	if (err)
	424	return err;
	425
	426	rec = mi->mrec;
	427
	428	if (rno == MFT_REC_MFT) {
	429	;
	430	} else if (rno < MFT_REC_FREE) {
	431	seq = rno;
432	} else if (rno >= sbi->mft.used) {
433	;
434	} else if (mi_read(mi, is_mft)) {
435	;
436	} else if (rec->rhdr.sign == NTFS_FILE_SIGNATURE) {
e8b8e97f	437	/* Record is reused. Update its sequence number. */
4342306f KK	438	seq = le16_to_cpu(rec->seq) + 1;
	439	if (!seq)
	440	seq = 1;
	441	}
	442
	443	memcpy(rec, sbi->new_rec, sbi->record_size);
	444
	445	rec->seq = cpu_to_le16(seq);
	446	rec->flags = RECORD_FLAG_IN_USE \| flags;
33e70701 KK	447	if (MFTRECORD_FIXUP_OFFSET == MFTRECORD_FIXUP_OFFSET_3)
33e70701 KK	448	rec->mft_record = cpu_to_le32(rno);
4342306f KK	449
	450	mi->dirty = true;
	451
	452	if (!mi->nb.nbufs) {
	453	struct ntfs_inode *ni = sbi->mft.ni;
	454	bool lock = false;
	455
	456	if (is_mounted(sbi) && !is_mft) {
	457	down_read(&ni->file.run_lock);
	458	lock = true;
	459	}
	460
	461	err = ntfs_get_bh(sbi, &ni->file.run, vbo, sbi->record_size,
	462	&mi->nb);
	463	if (lock)
	464	up_read(&ni->file.run_lock);
	465	}
	466
	467	return err;
	468	}
	469
4342306f	470	/*
e8b8e97f	471	* mi_insert_attr - Reserve space for new attribute.
4342306f	472	*
e8b8e97f	473	* Return: Not full constructed attribute or NULL if not possible to create.
4342306f	474	*/
2afd4d26 KK	475	struct ATTRIB mi_insert_attr(struct ntfs_inode ni, struct mft_inode *mi,
	476	enum ATTR_TYPE type, const __le16 *name,
	477	u8 name_len, u32 asize, u16 name_off)
4342306f KK	478	{
	479	size_t tail;
	480	struct ATTRIB *attr;
	481	__le16 id;
	482	struct MFT_REC *rec = mi->mrec;
	483	struct ntfs_sb_info *sbi = mi->sbi;
	484	u32 used = le32_to_cpu(rec->used);
	485	const u16 *upcase = sbi->upcase;
4342306f KK	486
4342306f KK	487	/* Can we insert mi attribute? */
96de65a9	488	if (used + asize > sbi->record_size)
4342306f KK	489	return NULL;
	490
	491	/*
	492	* Scan through the list of attributes to find the point
	493	* at which we should insert it.
	494	*/
	495	attr = NULL;
2afd4d26	496	while ((attr = mi_enum_attr(ni, mi, attr))) {
96de65a9	497	int diff = compare_attr(attr, type, name, name_len, upcase);
19d1b787	498
4342306f KK	499	if (diff < 0)
	500	continue;
	501
19d1b787	502	if (!diff && !is_attr_indexed(attr))
4342306f KK	503	return NULL;
	504	break;
	505	}
	506
	507	if (!attr) {
96de65a9 KK	508	/* Append. */
96de65a9 KK	509	tail = 8;
4342306f KK	510	attr = Add2Ptr(rec, used - 8);
4342306f KK	511	} else {
96de65a9	512	/* Insert before 'attr'. */
4342306f KK	513	tail = used - PtrOffset(rec, attr);
	514	}
	515
2afd4d26	516	id = mi_new_attt_id(ni, mi);
4342306f KK	517
	518	memmove(Add2Ptr(attr, asize), attr, tail);
	519	memset(attr, 0, asize);
	520
	521	attr->type = type;
	522	attr->size = cpu_to_le32(asize);
	523	attr->name_len = name_len;
	524	attr->name_off = cpu_to_le16(name_off);
	525	attr->id = id;
	526
	527	memmove(Add2Ptr(attr, name_off), name, name_len * sizeof(short));
	528	rec->used = cpu_to_le32(used + asize);
	529
	530	mi->dirty = true;
	531
	532	return attr;
	533	}
	534
	535	/*
e8b8e97f	536	* mi_remove_attr - Remove the attribute from record.
4342306f	537	*
e8b8e97f	538	* NOTE: The source attr will point to next attribute.
4342306f	539	*/
78ab59fe KK	540	bool mi_remove_attr(struct ntfs_inode ni, struct mft_inode mi,
78ab59fe KK	541	struct ATTRIB *attr)
4342306f KK	542	{
	543	struct MFT_REC *rec = mi->mrec;
	544	u32 aoff = PtrOffset(rec, attr);
	545	u32 used = le32_to_cpu(rec->used);
	546	u32 asize = le32_to_cpu(attr->size);
	547
	548	if (aoff + asize > used)
	549	return false;
	550
110b24eb	551	if (ni && is_attr_indexed(attr) && attr->type == ATTR_NAME) {
1918c10e	552	u16 links = le16_to_cpu(ni->mi.mrec->hard_links);
110b24eb	553	if (!links) {
1918c10e KK	554	/* minor error. Not critical. */
	555	} else {
	556	ni->mi.mrec->hard_links = cpu_to_le16(links - 1);
	557	ni->mi.dirty = true;
	558	}
78ab59fe KK	559	}
78ab59fe KK	560
4342306f KK	561	used -= asize;
	562	memmove(attr, Add2Ptr(attr, asize), used - aoff);
	563	rec->used = cpu_to_le32(used);
	564	mi->dirty = true;
	565
	566	return true;
	567	}
	568
	569	/* bytes = "new attribute size" - "old attribute size" */
	570	bool mi_resize_attr(struct mft_inode mi, struct ATTRIB attr, int bytes)
	571	{
	572	struct MFT_REC *rec = mi->mrec;
	573	u32 aoff = PtrOffset(rec, attr);
	574	u32 total, used = le32_to_cpu(rec->used);
	575	u32 nsize, asize = le32_to_cpu(attr->size);
	576	u32 rsize = le32_to_cpu(attr->res.data_size);
	577	int tail = (int)(used - aoff - asize);
	578	int dsize;
	579	char *next;
	580
	581	if (tail < 0 \|\| aoff >= used)
	582	return false;
	583
	584	if (!bytes)
	585	return true;
	586
	587	total = le32_to_cpu(rec->total);
	588	next = Add2Ptr(attr, asize);
	589
	590	if (bytes > 0) {
fa3cacf5	591	dsize = ALIGN(bytes, 8);
4342306f KK	592	if (used + dsize > total)
	593	return false;
	594	nsize = asize + dsize;
e8b8e97f	595	/* Move tail */
4342306f KK	596	memmove(next + dsize, next, tail);
	597	memset(next, 0, dsize);
	598	used += dsize;
	599	rsize += dsize;
	600	} else {
fa3cacf5	601	dsize = ALIGN(-bytes, 8);
4342306f KK	602	if (dsize > asize)
	603	return false;
	604	nsize = asize - dsize;
	605	memmove(next - dsize, next, tail);
	606	used -= dsize;
	607	rsize -= dsize;
	608	}
	609
	610	rec->used = cpu_to_le32(used);
	611	attr->size = cpu_to_le32(nsize);
	612	if (!attr->non_res)
	613	attr->res.data_size = cpu_to_le32(rsize);
	614	mi->dirty = true;
	615
	616	return true;
	617	}
	618
bd6ae049 KK	619	/*
	620	* Pack runs in MFT record.
	621	* If failed record is not changed.
	622	*/
4342306f KK	623	int mi_pack_runs(struct mft_inode mi, struct ATTRIB attr,
	624	struct runs_tree *run, CLST len)
	625	{
	626	int err = 0;
	627	struct ntfs_sb_info *sbi = mi->sbi;
	628	u32 new_run_size;
	629	CLST plen;
	630	struct MFT_REC *rec = mi->mrec;
	631	CLST svcn = le64_to_cpu(attr->nres.svcn);
	632	u32 used = le32_to_cpu(rec->used);
	633	u32 aoff = PtrOffset(rec, attr);
	634	u32 asize = le32_to_cpu(attr->size);
	635	char *next = Add2Ptr(attr, asize);
	636	u16 run_off = le16_to_cpu(attr->nres.run_off);
	637	u32 run_size = asize - run_off;
	638	u32 tail = used - aoff - asize;
	639	u32 dsize = sbi->record_size - used;
	640
e8b8e97f	641	/* Make a maximum gap in current record. */
4342306f KK	642	memmove(next + dsize, next, tail);
4342306f KK	643
e8b8e97f	644	/* Pack as much as possible. */
4342306f KK	645	err = run_pack(run, svcn, len, Add2Ptr(attr, run_off), run_size + dsize,
	646	&plen);
	647	if (err < 0) {
	648	memmove(next, next + dsize, tail);
	649	return err;
	650	}
	651
fa3cacf5	652	new_run_size = ALIGN(err, 8);
4342306f KK	653
	654	memmove(next + new_run_size - run_size, next + dsize, tail);
	655
	656	attr->size = cpu_to_le32(asize + new_run_size - run_size);
	657	attr->nres.evcn = cpu_to_le64(svcn + plen - 1);
	658	rec->used = cpu_to_le32(used + new_run_size - run_size);
	659	mi->dirty = true;
	660
	661	return 0;
	662	}