blob: 673a7d6b4ab739c642255be7adef9e265ad59a28 [file] [log] [blame]
/* SPDX-License-Identifier: GPL-2.0 */
/*
* Copyright 2018 Google LLC
*/
/*
* Overview
* --------
* The backbone of the incremental-fs ondisk format is an append only linked
* list of metadata blocks. Each metadata block contains an offset of the next
* one. These blocks describe files and directories on the
* file system. They also represent actions of adding and removing file names
* (hard links).
*
* Every time incremental-fs instance is mounted, it reads through this list
* to recreate filesystem's state in memory. An offset of the first record in
* the metadata list is stored in the superblock at the beginning of the backing
* file.
*
* Most of the backing file is taken by data areas and blockmaps.
* Since data blocks can be compressed and have different sizes,
* single per-file data area can't be pre-allocated. That's why blockmaps are
* needed in order to find a location and size of each data block in
* the backing file. Each time a file is created, a corresponding block map is
* allocated to store future offsets of data blocks.
*
* Whenever a data block is given by data loader to incremental-fs:
* - A data area with the given block is appended to the end of
* the backing file.
* - A record in the blockmap for the given block index is updated to reflect
* its location, size, and compression algorithm.
* Metadata records
* ----------------
* incfs_blockmap - metadata record that specifies size and location
* of a blockmap area for a given file. This area
* contains an array of incfs_blockmap_entry-s.
* incfs_file_signature - metadata record that specifies where file signature
* and its hash tree can be found in the backing file.
*
* incfs_file_attr - metadata record that specifies where additional file
* attributes blob can be found.
*
* Metadata header
* ---------------
* incfs_md_header - header of a metadata record. It's always a part
* of other structures and served purpose of metadata
* bookkeeping.
*
* +-----------------------------------------------+ ^
* | incfs_md_header | |
* | 1. type of body(BLOCKMAP, FILE_ATTR..) | |
* | 2. size of the whole record header + body | |
* | 3. CRC the whole record header + body | |
* | 4. offset of the previous md record |]------+
* | 5. offset of the next md record (md link) |]---+
* +-----------------------------------------------+ |
* | Metadata record body with useful data | |
* +-----------------------------------------------+ |
* +--->
*
* Other ondisk structures
* -----------------------
* incfs_super_block - backing file header
* incfs_blockmap_entry - a record in a blockmap area that describes size
* and location of a data block.
* Data blocks dont have any particular structure, they are written to the
* backing file in a raw form as they come from a data loader.
*
* Backing file layout
* -------------------
*
*
* +-------------------------------------------+
* | incfs_file_header |]---+
* +-------------------------------------------+ |
* | metadata |<---+
* | incfs_file_signature |]---+
* +-------------------------------------------+ |
* ......................... |
* +-------------------------------------------+ | metadata
* +------->| blockmap area | | list links
* | | [incfs_blockmap_entry] | |
* | | [incfs_blockmap_entry] | |
* | | [incfs_blockmap_entry] | |
* | +--[| [incfs_blockmap_entry] | |
* | | | [incfs_blockmap_entry] | |
* | | | [incfs_blockmap_entry] | |
* | | +-------------------------------------------+ |
* | | ......................... |
* | | +-------------------------------------------+ |
* | | | metadata |<---+
* +----|--[| incfs_blockmap |]---+
* | +-------------------------------------------+ |
* | ......................... |
* | +-------------------------------------------+ |
* +-->| data block | |
* +-------------------------------------------+ |
* ......................... |
* +-------------------------------------------+ |
* | metadata |<---+
* | incfs_file_attr |
* +-------------------------------------------+
*/
#ifndef _INCFS_FORMAT_H
#define _INCFS_FORMAT_H
#include <linux/types.h>
#include <linux/kernel.h>
#include <uapi/linux/incrementalfs.h>
#include "internal.h"
#define INCFS_MAX_NAME_LEN 255
#define INCFS_FORMAT_V1 1
#define INCFS_FORMAT_CURRENT_VER INCFS_FORMAT_V1
enum incfs_metadata_type {
INCFS_MD_NONE = 0,
INCFS_MD_BLOCK_MAP = 1,
INCFS_MD_FILE_ATTR = 2,
INCFS_MD_SIGNATURE = 3,
INCFS_MD_STATUS = 4,
INCFS_MD_VERITY_SIGNATURE = 5,
};
enum incfs_file_header_flags {
INCFS_FILE_MAPPED = 1 << 1,
};
/* Header included at the beginning of all metadata records on the disk. */
struct incfs_md_header {
__u8 h_md_entry_type;
/*
* Size of the metadata record.
* (e.g. inode, dir entry etc) not just this struct.
*/
__le16 h_record_size;
/*
* Was: CRC32 of the metadata record.
* (e.g. inode, dir entry etc) not just this struct.
*/
__le32 h_unused1;
/* Offset of the next metadata entry if any */
__le64 h_next_md_offset;
/* Was: Offset of the previous metadata entry if any */
__le64 h_unused2;
} __packed;
/* Backing file header */
struct incfs_file_header {
/* Magic number: INCFS_MAGIC_NUMBER */
__le64 fh_magic;
/* Format version: INCFS_FORMAT_CURRENT_VER */
__le64 fh_version;
/* sizeof(incfs_file_header) */
__le16 fh_header_size;
/* INCFS_DATA_FILE_BLOCK_SIZE */
__le16 fh_data_block_size;
/* File flags, from incfs_file_header_flags */
__le32 fh_flags;
union {
/* Standard incfs file */
struct {
/* Offset of the first metadata record */
__le64 fh_first_md_offset;
/* Full size of the file's content */
__le64 fh_file_size;
/* File uuid */
incfs_uuid_t fh_uuid;
};
/* Mapped file - INCFS_FILE_MAPPED set in fh_flags */
struct {
/* Offset in original file */
__le64 fh_original_offset;
/* Full size of the file's content */
__le64 fh_mapped_file_size;
/* Original file's uuid */
incfs_uuid_t fh_original_uuid;
};
};
} __packed;
enum incfs_block_map_entry_flags {
INCFS_BLOCK_COMPRESSED_LZ4 = 1,
INCFS_BLOCK_COMPRESSED_ZSTD = 2,
/* Reserve 3 bits for compression alg */
INCFS_BLOCK_COMPRESSED_MASK = 7,
};
/* Block map entry pointing to an actual location of the data block. */
struct incfs_blockmap_entry {
/* Offset of the actual data block. Lower 32 bits */
__le32 me_data_offset_lo;
/* Offset of the actual data block. Higher 16 bits */
__le16 me_data_offset_hi;
/* How many bytes the data actually occupies in the backing file */
__le16 me_data_size;
/* Block flags from incfs_block_map_entry_flags */
__le16 me_flags;
} __packed;
/* Metadata record for locations of file blocks. Type = INCFS_MD_BLOCK_MAP */
struct incfs_blockmap {
struct incfs_md_header m_header;
/* Base offset of the array of incfs_blockmap_entry */
__le64 m_base_offset;
/* Size of the map entry array in blocks */
__le32 m_block_count;
} __packed;
/*
* Metadata record for file signature. Type = INCFS_MD_SIGNATURE
*
* The signature stored here is the APK V4 signature data blob. See the
* definition of incfs_new_file_args::signature_info for an explanation of this
* blob. Specifically, it contains the root hash, but it does *not* contain
* anything that the kernel treats as a signature.
*
* When FS_IOC_ENABLE_VERITY is called on a file without this record, an APK V4
* signature blob and a hash tree are added to the file, and then this metadata
* record is created to record their locations.
*/
struct incfs_file_signature {
struct incfs_md_header sg_header;
__le32 sg_sig_size; /* The size of the signature. */
__le64 sg_sig_offset; /* Signature's offset in the backing file */
__le32 sg_hash_tree_size; /* The size of the hash tree. */
__le64 sg_hash_tree_offset; /* Hash tree offset in the backing file */
} __packed;
/* In memory version of above */
struct incfs_df_signature {
u32 sig_size;
u64 sig_offset;
u32 hash_size;
u64 hash_offset;
};
struct incfs_status {
struct incfs_md_header is_header;
__le32 is_data_blocks_written; /* Number of data blocks written */
__le32 is_hash_blocks_written; /* Number of hash blocks written */
__le32 is_dummy[6]; /* Spare fields */
} __packed;
/*
* Metadata record for verity signature. Type = INCFS_MD_VERITY_SIGNATURE
*
* This record will only exist for verity-enabled files with signatures. Verity
* enabled files without signatures do not have this record.
*
* This is obsolete, as incfs no longer checks this type of signature.
*/
struct incfs_file_verity_signature {
struct incfs_md_header vs_header;
/* The size of the signature */
__le32 vs_size;
/* Signature's offset in the backing file */
__le64 vs_offset;
} __packed;
/* In memory version of above */
struct incfs_df_verity_signature {
u32 size;
u64 offset;
};
/* State of the backing file. */
struct backing_file_context {
/* Protects writes to bc_file */
struct mutex bc_mutex;
/* File object to read data from */
struct file *bc_file;
/*
* Offset of the last known metadata record in the backing file.
* 0 means there are no metadata records.
*/
loff_t bc_last_md_record_offset;
/*
* Credentials to set before reads/writes
* Note that this is a pointer to the mount_info mi_owner field so
* there is no need to get/put the creds
*/
const struct cred *bc_cred;
};
struct metadata_handler {
loff_t md_record_offset;
loff_t md_prev_record_offset;
void *context;
union {
struct incfs_md_header md_header;
struct incfs_blockmap blockmap;
struct incfs_file_signature signature;
struct incfs_status status;
struct incfs_file_verity_signature verity_signature;
} md_buffer;
int (*handle_blockmap)(struct incfs_blockmap *bm,
struct metadata_handler *handler);
int (*handle_signature)(struct incfs_file_signature *sig,
struct metadata_handler *handler);
int (*handle_status)(struct incfs_status *sig,
struct metadata_handler *handler);
int (*handle_verity_signature)(struct incfs_file_verity_signature *s,
struct metadata_handler *handler);
};
#define INCFS_MAX_METADATA_RECORD_SIZE \
sizeof_field(struct metadata_handler, md_buffer)
/* Backing file context management */
struct mount_info;
struct backing_file_context *incfs_alloc_bfc(struct mount_info *mi,
struct file *backing_file);
void incfs_free_bfc(struct backing_file_context *bfc);
/* Writing stuff */
int incfs_write_blockmap_to_backing_file(struct backing_file_context *bfc,
u32 block_count);
int incfs_write_fh_to_backing_file(struct backing_file_context *bfc,
incfs_uuid_t *uuid, u64 file_size);
int incfs_write_mapping_fh_to_backing_file(struct backing_file_context *bfc,
incfs_uuid_t *uuid, u64 file_size, u64 offset);
int incfs_write_data_block_to_backing_file(struct backing_file_context *bfc,
struct mem_range block,
int block_index, loff_t bm_base_off,
u16 flags);
int incfs_write_hash_block_to_backing_file(struct backing_file_context *bfc,
struct mem_range block,
int block_index,
loff_t hash_area_off,
loff_t bm_base_off,
loff_t file_size);
int incfs_write_signature_to_backing_file(struct backing_file_context *bfc,
struct mem_range sig, u32 tree_size,
loff_t *tree_offset, loff_t *sig_offset);
int incfs_write_status_to_backing_file(struct backing_file_context *bfc,
loff_t status_offset,
u32 data_blocks_written,
u32 hash_blocks_written);
int incfs_write_verity_signature_to_backing_file(
struct backing_file_context *bfc, struct mem_range signature,
loff_t *offset);
/* Reading stuff */
int incfs_read_file_header(struct backing_file_context *bfc,
loff_t *first_md_off, incfs_uuid_t *uuid,
u64 *file_size, u32 *flags);
int incfs_read_blockmap_entry(struct backing_file_context *bfc, int block_index,
loff_t bm_base_off,
struct incfs_blockmap_entry *bm_entry);
int incfs_read_blockmap_entries(struct backing_file_context *bfc,
struct incfs_blockmap_entry *entries,
int start_index, int blocks_number,
loff_t bm_base_off);
int incfs_read_next_metadata_record(struct backing_file_context *bfc,
struct metadata_handler *handler);
ssize_t incfs_kread(struct backing_file_context *bfc, void *buf, size_t size,
loff_t pos);
ssize_t incfs_kwrite(struct backing_file_context *bfc, const void *buf,
size_t size, loff_t pos);
#endif /* _INCFS_FORMAT_H */