| // SPDX-License-Identifier: GPL-2.0-or-later |
| /** |
| * aops.c - NTFS kernel address space operations and page cache handling. |
| * |
| * Copyright (c) 2001-2014 Anton Altaparmakov and Tuxera Inc. |
| * Copyright (c) 2002 Richard Russon |
| */ |
| |
| #include <linux/errno.h> |
| #include <linux/fs.h> |
| #include <linux/gfp.h> |
| #include <linux/mm.h> |
| #include <linux/pagemap.h> |
| #include <linux/swap.h> |
| #include <linux/buffer_head.h> |
| #include <linux/writeback.h> |
| #include <linux/bit_spinlock.h> |
| #include <linux/bio.h> |
| |
| #include "aops.h" |
| #include "attrib.h" |
| #include "debug.h" |
| #include "inode.h" |
| #include "mft.h" |
| #include "runlist.h" |
| #include "types.h" |
| #include "ntfs.h" |
| |
| /** |
| * ntfs_end_buffer_async_read - async io completion for reading attributes |
| * @bh: buffer head on which io is completed |
| * @uptodate: whether @bh is now uptodate or not |
| * |
| * Asynchronous I/O completion handler for reading pages belonging to the |
| * attribute address space of an inode. The inodes can either be files or |
| * directories or they can be fake inodes describing some attribute. |
| * |
| * If NInoMstProtected(), perform the post read mst fixups when all IO on the |
| * page has been completed and mark the page uptodate or set the error bit on |
| * the page. To determine the size of the records that need fixing up, we |
| * cheat a little bit by setting the index_block_size in ntfs_inode to the ntfs |
| * record size, and index_block_size_bits, to the log(base 2) of the ntfs |
| * record size. |
| */ |
| static void ntfs_end_buffer_async_read(struct buffer_head *bh, int uptodate) |
| { |
| unsigned long flags; |
| struct buffer_head *first, *tmp; |
| struct page *page; |
| struct inode *vi; |
| ntfs_inode *ni; |
| int page_uptodate = 1; |
| |
| page = bh->b_page; |
| vi = page->mapping->host; |
| ni = NTFS_I(vi); |
| |
| if (likely(uptodate)) { |
| loff_t i_size; |
| s64 file_ofs, init_size; |
| |
| set_buffer_uptodate(bh); |
| |
| file_ofs = ((s64)page->index << PAGE_SHIFT) + |
| bh_offset(bh); |
| read_lock_irqsave(&ni->size_lock, flags); |
| init_size = ni->initialized_size; |
| i_size = i_size_read(vi); |
| read_unlock_irqrestore(&ni->size_lock, flags); |
| if (unlikely(init_size > i_size)) { |
| /* Race with shrinking truncate. */ |
| init_size = i_size; |
| } |
| /* Check for the current buffer head overflowing. */ |
| if (unlikely(file_ofs + bh->b_size > init_size)) { |
| int ofs; |
| void *kaddr; |
| |
| ofs = 0; |
| if (file_ofs < init_size) |
| ofs = init_size - file_ofs; |
| kaddr = kmap_atomic(page); |
| memset(kaddr + bh_offset(bh) + ofs, 0, |
| bh->b_size - ofs); |
| flush_dcache_page(page); |
| kunmap_atomic(kaddr); |
| } |
| } else { |
| clear_buffer_uptodate(bh); |
| SetPageError(page); |
| ntfs_error(ni->vol->sb, "Buffer I/O error, logical block " |
| "0x%llx.", (unsigned long long)bh->b_blocknr); |
| } |
| first = page_buffers(page); |
| spin_lock_irqsave(&first->b_uptodate_lock, flags); |
| clear_buffer_async_read(bh); |
| unlock_buffer(bh); |
| tmp = bh; |
| do { |
| if (!buffer_uptodate(tmp)) |
| page_uptodate = 0; |
| if (buffer_async_read(tmp)) { |
| if (likely(buffer_locked(tmp))) |
| goto still_busy; |
| /* Async buffers must be locked. */ |
| BUG(); |
| } |
| tmp = tmp->b_this_page; |
| } while (tmp != bh); |
| spin_unlock_irqrestore(&first->b_uptodate_lock, flags); |
| /* |
| * If none of the buffers had errors then we can set the page uptodate, |
| * but we first have to perform the post read mst fixups, if the |
| * attribute is mst protected, i.e. if NInoMstProteced(ni) is true. |
| * Note we ignore fixup errors as those are detected when |
| * map_mft_record() is called which gives us per record granularity |
| * rather than per page granularity. |
| */ |
| if (!NInoMstProtected(ni)) { |
| if (likely(page_uptodate && !PageError(page))) |
| SetPageUptodate(page); |
| } else { |
| u8 *kaddr; |
| unsigned int i, recs; |
| u32 rec_size; |
| |
| rec_size = ni->itype.index.block_size; |
| recs = PAGE_SIZE / rec_size; |
| /* Should have been verified before we got here... */ |
| BUG_ON(!recs); |
| kaddr = kmap_atomic(page); |
| for (i = 0; i < recs; i++) |
| post_read_mst_fixup((NTFS_RECORD*)(kaddr + |
| i * rec_size), rec_size); |
| kunmap_atomic(kaddr); |
| flush_dcache_page(page); |
| if (likely(page_uptodate && !PageError(page))) |
| SetPageUptodate(page); |
| } |
| unlock_page(page); |
| return; |
| still_busy: |
| spin_unlock_irqrestore(&first->b_uptodate_lock, flags); |
| return; |
| } |
| |
| /** |
| * ntfs_read_block - fill a @page of an address space with data |
| * @page: page cache page to fill with data |
| * |
| * Fill the page @page of the address space belonging to the @page->host inode. |
| * We read each buffer asynchronously and when all buffers are read in, our io |
| * completion handler ntfs_end_buffer_read_async(), if required, automatically |
| * applies the mst fixups to the page before finally marking it uptodate and |
| * unlocking it. |
| * |
| * We only enforce allocated_size limit because i_size is checked for in |
| * generic_file_read(). |
| * |
| * Return 0 on success and -errno on error. |
| * |
| * Contains an adapted version of fs/buffer.c::block_read_full_folio(). |
| */ |
| static int ntfs_read_block(struct page *page) |
| { |
| loff_t i_size; |
| VCN vcn; |
| LCN lcn; |
| s64 init_size; |
| struct inode *vi; |
| ntfs_inode *ni; |
| ntfs_volume *vol; |
| runlist_element *rl; |
| struct buffer_head *bh, *head, *arr[MAX_BUF_PER_PAGE]; |
| sector_t iblock, lblock, zblock; |
| unsigned long flags; |
| unsigned int blocksize, vcn_ofs; |
| int i, nr; |
| unsigned char blocksize_bits; |
| |
| vi = page->mapping->host; |
| ni = NTFS_I(vi); |
| vol = ni->vol; |
| |
| /* $MFT/$DATA must have its complete runlist in memory at all times. */ |
| BUG_ON(!ni->runlist.rl && !ni->mft_no && !NInoAttr(ni)); |
| |
| blocksize = vol->sb->s_blocksize; |
| blocksize_bits = vol->sb->s_blocksize_bits; |
| |
| if (!page_has_buffers(page)) { |
| create_empty_buffers(page, blocksize, 0); |
| if (unlikely(!page_has_buffers(page))) { |
| unlock_page(page); |
| return -ENOMEM; |
| } |
| } |
| bh = head = page_buffers(page); |
| BUG_ON(!bh); |
| |
| /* |
| * We may be racing with truncate. To avoid some of the problems we |
| * now take a snapshot of the various sizes and use those for the whole |
| * of the function. In case of an extending truncate it just means we |
| * may leave some buffers unmapped which are now allocated. This is |
| * not a problem since these buffers will just get mapped when a write |
| * occurs. In case of a shrinking truncate, we will detect this later |
| * on due to the runlist being incomplete and if the page is being |
| * fully truncated, truncate will throw it away as soon as we unlock |
| * it so no need to worry what we do with it. |
| */ |
| iblock = (s64)page->index << (PAGE_SHIFT - blocksize_bits); |
| read_lock_irqsave(&ni->size_lock, flags); |
| lblock = (ni->allocated_size + blocksize - 1) >> blocksize_bits; |
| init_size = ni->initialized_size; |
| i_size = i_size_read(vi); |
| read_unlock_irqrestore(&ni->size_lock, flags); |
| if (unlikely(init_size > i_size)) { |
| /* Race with shrinking truncate. */ |
| init_size = i_size; |
| } |
| zblock = (init_size + blocksize - 1) >> blocksize_bits; |
| |
| /* Loop through all the buffers in the page. */ |
| rl = NULL; |
| nr = i = 0; |
| do { |
| int err = 0; |
| |
| if (unlikely(buffer_uptodate(bh))) |
| continue; |
| if (unlikely(buffer_mapped(bh))) { |
| arr[nr++] = bh; |
| continue; |
| } |
| bh->b_bdev = vol->sb->s_bdev; |
| /* Is the block within the allowed limits? */ |
| if (iblock < lblock) { |
| bool is_retry = false; |
| |
| /* Convert iblock into corresponding vcn and offset. */ |
| vcn = (VCN)iblock << blocksize_bits >> |
| vol->cluster_size_bits; |
| vcn_ofs = ((VCN)iblock << blocksize_bits) & |
| vol->cluster_size_mask; |
| if (!rl) { |
| lock_retry_remap: |
| down_read(&ni->runlist.lock); |
| rl = ni->runlist.rl; |
| } |
| if (likely(rl != NULL)) { |
| /* Seek to element containing target vcn. */ |
| while (rl->length && rl[1].vcn <= vcn) |
| rl++; |
| lcn = ntfs_rl_vcn_to_lcn(rl, vcn); |
| } else |
| lcn = LCN_RL_NOT_MAPPED; |
| /* Successful remap. */ |
| if (lcn >= 0) { |
| /* Setup buffer head to correct block. */ |
| bh->b_blocknr = ((lcn << vol->cluster_size_bits) |
| + vcn_ofs) >> blocksize_bits; |
| set_buffer_mapped(bh); |
| /* Only read initialized data blocks. */ |
| if (iblock < zblock) { |
| arr[nr++] = bh; |
| continue; |
| } |
| /* Fully non-initialized data block, zero it. */ |
| goto handle_zblock; |
| } |
| /* It is a hole, need to zero it. */ |
| if (lcn == LCN_HOLE) |
| goto handle_hole; |
| /* If first try and runlist unmapped, map and retry. */ |
| if (!is_retry && lcn == LCN_RL_NOT_MAPPED) { |
| is_retry = true; |
| /* |
| * Attempt to map runlist, dropping lock for |
| * the duration. |
| */ |
| up_read(&ni->runlist.lock); |
| err = ntfs_map_runlist(ni, vcn); |
| if (likely(!err)) |
| goto lock_retry_remap; |
| rl = NULL; |
| } else if (!rl) |
| up_read(&ni->runlist.lock); |
| /* |
| * If buffer is outside the runlist, treat it as a |
| * hole. This can happen due to concurrent truncate |
| * for example. |
| */ |
| if (err == -ENOENT || lcn == LCN_ENOENT) { |
| err = 0; |
| goto handle_hole; |
| } |
| /* Hard error, zero out region. */ |
| if (!err) |
| err = -EIO; |
| bh->b_blocknr = -1; |
| SetPageError(page); |
| ntfs_error(vol->sb, "Failed to read from inode 0x%lx, " |
| "attribute type 0x%x, vcn 0x%llx, " |
| "offset 0x%x because its location on " |
| "disk could not be determined%s " |
| "(error code %i).", ni->mft_no, |
| ni->type, (unsigned long long)vcn, |
| vcn_ofs, is_retry ? " even after " |
| "retrying" : "", err); |
| } |
| /* |
| * Either iblock was outside lblock limits or |
| * ntfs_rl_vcn_to_lcn() returned error. Just zero that portion |
| * of the page and set the buffer uptodate. |
| */ |
| handle_hole: |
| bh->b_blocknr = -1UL; |
| clear_buffer_mapped(bh); |
| handle_zblock: |
| zero_user(page, i * blocksize, blocksize); |
| if (likely(!err)) |
| set_buffer_uptodate(bh); |
| } while (i++, iblock++, (bh = bh->b_this_page) != head); |
| |
| /* Release the lock if we took it. */ |
| if (rl) |
| up_read(&ni->runlist.lock); |
| |
| /* Check we have at least one buffer ready for i/o. */ |
| if (nr) { |
| struct buffer_head *tbh; |
| |
| /* Lock the buffers. */ |
| for (i = 0; i < nr; i++) { |
| tbh = arr[i]; |
| lock_buffer(tbh); |
| tbh->b_end_io = ntfs_end_buffer_async_read; |
| set_buffer_async_read(tbh); |
| } |
| /* Finally, start i/o on the buffers. */ |
| for (i = 0; i < nr; i++) { |
| tbh = arr[i]; |
| if (likely(!buffer_uptodate(tbh))) |
| submit_bh(REQ_OP_READ, 0, tbh); |
| else |
| ntfs_end_buffer_async_read(tbh, 1); |
| } |
| return 0; |
| } |
| /* No i/o was scheduled on any of the buffers. */ |
| if (likely(!PageError(page))) |
| SetPageUptodate(page); |
| else /* Signal synchronous i/o error. */ |
| nr = -EIO; |
| unlock_page(page); |
| return nr; |
| } |
| |
| /** |
| * ntfs_read_folio - fill a @folio of a @file with data from the device |
| * @file: open file to which the folio @folio belongs or NULL |
| * @folio: page cache folio to fill with data |
| * |
| * For non-resident attributes, ntfs_read_folio() fills the @folio of the open |
| * file @file by calling the ntfs version of the generic block_read_full_folio() |
| * function, ntfs_read_block(), which in turn creates and reads in the buffers |
| * associated with the folio asynchronously. |
| * |
| * For resident attributes, OTOH, ntfs_read_folio() fills @folio by copying the |
| * data from the mft record (which at this stage is most likely in memory) and |
| * fills the remainder with zeroes. Thus, in this case, I/O is synchronous, as |
| * even if the mft record is not cached at this point in time, we need to wait |
| * for it to be read in before we can do the copy. |
| * |
| * Return 0 on success and -errno on error. |
| */ |
| static int ntfs_read_folio(struct file *file, struct folio *folio) |
| { |
| struct page *page = &folio->page; |
| loff_t i_size; |
| struct inode *vi; |
| ntfs_inode *ni, *base_ni; |
| u8 *addr; |
| ntfs_attr_search_ctx *ctx; |
| MFT_RECORD *mrec; |
| unsigned long flags; |
| u32 attr_len; |
| int err = 0; |
| |
| retry_readpage: |
| BUG_ON(!PageLocked(page)); |
| vi = page->mapping->host; |
| i_size = i_size_read(vi); |
| /* Is the page fully outside i_size? (truncate in progress) */ |
| if (unlikely(page->index >= (i_size + PAGE_SIZE - 1) >> |
| PAGE_SHIFT)) { |
| zero_user(page, 0, PAGE_SIZE); |
| ntfs_debug("Read outside i_size - truncated?"); |
| goto done; |
| } |
| /* |
| * This can potentially happen because we clear PageUptodate() during |
| * ntfs_writepage() of MstProtected() attributes. |
| */ |
| if (PageUptodate(page)) { |
| unlock_page(page); |
| return 0; |
| } |
| ni = NTFS_I(vi); |
| /* |
| * Only $DATA attributes can be encrypted and only unnamed $DATA |
| * attributes can be compressed. Index root can have the flags set but |
| * this means to create compressed/encrypted files, not that the |
| * attribute is compressed/encrypted. Note we need to check for |
| * AT_INDEX_ALLOCATION since this is the type of both directory and |
| * index inodes. |
| */ |
| if (ni->type != AT_INDEX_ALLOCATION) { |
| /* If attribute is encrypted, deny access, just like NT4. */ |
| if (NInoEncrypted(ni)) { |
| BUG_ON(ni->type != AT_DATA); |
| err = -EACCES; |
| goto err_out; |
| } |
| /* Compressed data streams are handled in compress.c. */ |
| if (NInoNonResident(ni) && NInoCompressed(ni)) { |
| BUG_ON(ni->type != AT_DATA); |
| BUG_ON(ni->name_len); |
| return ntfs_read_compressed_block(page); |
| } |
| } |
| /* NInoNonResident() == NInoIndexAllocPresent() */ |
| if (NInoNonResident(ni)) { |
| /* Normal, non-resident data stream. */ |
| return ntfs_read_block(page); |
| } |
| /* |
| * Attribute is resident, implying it is not compressed or encrypted. |
| * This also means the attribute is smaller than an mft record and |
| * hence smaller than a page, so can simply zero out any pages with |
| * index above 0. Note the attribute can actually be marked compressed |
| * but if it is resident the actual data is not compressed so we are |
| * ok to ignore the compressed flag here. |
| */ |
| if (unlikely(page->index > 0)) { |
| zero_user(page, 0, PAGE_SIZE); |
| goto done; |
| } |
| if (!NInoAttr(ni)) |
| base_ni = ni; |
| else |
| base_ni = ni->ext.base_ntfs_ino; |
| /* Map, pin, and lock the mft record. */ |
| mrec = map_mft_record(base_ni); |
| if (IS_ERR(mrec)) { |
| err = PTR_ERR(mrec); |
| goto err_out; |
| } |
| /* |
| * If a parallel write made the attribute non-resident, drop the mft |
| * record and retry the read_folio. |
| */ |
| if (unlikely(NInoNonResident(ni))) { |
| unmap_mft_record(base_ni); |
| goto retry_readpage; |
| } |
| ctx = ntfs_attr_get_search_ctx(base_ni, mrec); |
| if (unlikely(!ctx)) { |
| err = -ENOMEM; |
| goto unm_err_out; |
| } |
| err = ntfs_attr_lookup(ni->type, ni->name, ni->name_len, |
| CASE_SENSITIVE, 0, NULL, 0, ctx); |
| if (unlikely(err)) |
| goto put_unm_err_out; |
| attr_len = le32_to_cpu(ctx->attr->data.resident.value_length); |
| read_lock_irqsave(&ni->size_lock, flags); |
| if (unlikely(attr_len > ni->initialized_size)) |
| attr_len = ni->initialized_size; |
| i_size = i_size_read(vi); |
| read_unlock_irqrestore(&ni->size_lock, flags); |
| if (unlikely(attr_len > i_size)) { |
| /* Race with shrinking truncate. */ |
| attr_len = i_size; |
| } |
| addr = kmap_atomic(page); |
| /* Copy the data to the page. */ |
| memcpy(addr, (u8*)ctx->attr + |
| le16_to_cpu(ctx->attr->data.resident.value_offset), |
| attr_len); |
| /* Zero the remainder of the page. */ |
| memset(addr + attr_len, 0, PAGE_SIZE - attr_len); |
| flush_dcache_page(page); |
| kunmap_atomic(addr); |
| put_unm_err_out: |
| ntfs_attr_put_search_ctx(ctx); |
| unm_err_out: |
| unmap_mft_record(base_ni); |
| done: |
| SetPageUptodate(page); |
| err_out: |
| unlock_page(page); |
| return err; |
| } |
| |
| #ifdef NTFS_RW |
| |
| /** |
| * ntfs_write_block - write a @page to the backing store |
| * @page: page cache page to write out |
| * @wbc: writeback control structure |
| * |
| * This function is for writing pages belonging to non-resident, non-mst |
| * protected attributes to their backing store. |
| * |
| * For a page with buffers, map and write the dirty buffers asynchronously |
| * under page writeback. For a page without buffers, create buffers for the |
| * page, then proceed as above. |
| * |
| * If a page doesn't have buffers the page dirty state is definitive. If a page |
| * does have buffers, the page dirty state is just a hint, and the buffer dirty |
| * state is definitive. (A hint which has rules: dirty buffers against a clean |
| * page is illegal. Other combinations are legal and need to be handled. In |
| * particular a dirty page containing clean buffers for example.) |
| * |
| * Return 0 on success and -errno on error. |
| * |
| * Based on ntfs_read_block() and __block_write_full_page(). |
| */ |
| static int ntfs_write_block(struct page *page, struct writeback_control *wbc) |
| { |
| VCN vcn; |
| LCN lcn; |
| s64 initialized_size; |
| loff_t i_size; |
| sector_t block, dblock, iblock; |
| struct inode *vi; |
| ntfs_inode *ni; |
| ntfs_volume *vol; |
| runlist_element *rl; |
| struct buffer_head *bh, *head; |
| unsigned long flags; |
| unsigned int blocksize, vcn_ofs; |
| int err; |
| bool need_end_writeback; |
| unsigned char blocksize_bits; |
| |
| vi = page->mapping->host; |
| ni = NTFS_I(vi); |
| vol = ni->vol; |
| |
| ntfs_debug("Entering for inode 0x%lx, attribute type 0x%x, page index " |
| "0x%lx.", ni->mft_no, ni->type, page->index); |
| |
| BUG_ON(!NInoNonResident(ni)); |
| BUG_ON(NInoMstProtected(ni)); |
| blocksize = vol->sb->s_blocksize; |
| blocksize_bits = vol->sb->s_blocksize_bits; |
| if (!page_has_buffers(page)) { |
| BUG_ON(!PageUptodate(page)); |
| create_empty_buffers(page, blocksize, |
| (1 << BH_Uptodate) | (1 << BH_Dirty)); |
| if (unlikely(!page_has_buffers(page))) { |
| ntfs_warning(vol->sb, "Error allocating page " |
| "buffers. Redirtying page so we try " |
| "again later."); |
| /* |
| * Put the page back on mapping->dirty_pages, but leave |
| * its buffers' dirty state as-is. |
| */ |
| redirty_page_for_writepage(wbc, page); |
| unlock_page(page); |
| return 0; |
| } |
| } |
| bh = head = page_buffers(page); |
| BUG_ON(!bh); |
| |
| /* NOTE: Different naming scheme to ntfs_read_block()! */ |
| |
| /* The first block in the page. */ |
| block = (s64)page->index << (PAGE_SHIFT - blocksize_bits); |
| |
| read_lock_irqsave(&ni->size_lock, flags); |
| i_size = i_size_read(vi); |
| initialized_size = ni->initialized_size; |
| read_unlock_irqrestore(&ni->size_lock, flags); |
| |
| /* The first out of bounds block for the data size. */ |
| dblock = (i_size + blocksize - 1) >> blocksize_bits; |
| |
| /* The last (fully or partially) initialized block. */ |
| iblock = initialized_size >> blocksize_bits; |
| |
| /* |
| * Be very careful. We have no exclusion from block_dirty_folio |
| * here, and the (potentially unmapped) buffers may become dirty at |
| * any time. If a buffer becomes dirty here after we've inspected it |
| * then we just miss that fact, and the page stays dirty. |
| * |
| * Buffers outside i_size may be dirtied by block_dirty_folio; |
| * handle that here by just cleaning them. |
| */ |
| |
| /* |
| * Loop through all the buffers in the page, mapping all the dirty |
| * buffers to disk addresses and handling any aliases from the |
| * underlying block device's mapping. |
| */ |
| rl = NULL; |
| err = 0; |
| do { |
| bool is_retry = false; |
| |
| if (unlikely(block >= dblock)) { |
| /* |
| * Mapped buffers outside i_size will occur, because |
| * this page can be outside i_size when there is a |
| * truncate in progress. The contents of such buffers |
| * were zeroed by ntfs_writepage(). |
| * |
| * FIXME: What about the small race window where |
| * ntfs_writepage() has not done any clearing because |
| * the page was within i_size but before we get here, |
| * vmtruncate() modifies i_size? |
| */ |
| clear_buffer_dirty(bh); |
| set_buffer_uptodate(bh); |
| continue; |
| } |
| |
| /* Clean buffers are not written out, so no need to map them. */ |
| if (!buffer_dirty(bh)) |
| continue; |
| |
| /* Make sure we have enough initialized size. */ |
| if (unlikely((block >= iblock) && |
| (initialized_size < i_size))) { |
| /* |
| * If this page is fully outside initialized |
| * size, zero out all pages between the current |
| * initialized size and the current page. Just |
| * use ntfs_read_folio() to do the zeroing |
| * transparently. |
| */ |
| if (block > iblock) { |
| // TODO: |
| // For each page do: |
| // - read_cache_page() |
| // Again for each page do: |
| // - wait_on_page_locked() |
| // - Check (PageUptodate(page) && |
| // !PageError(page)) |
| // Update initialized size in the attribute and |
| // in the inode. |
| // Again, for each page do: |
| // block_dirty_folio(); |
| // put_page() |
| // We don't need to wait on the writes. |
| // Update iblock. |
| } |
| /* |
| * The current page straddles initialized size. Zero |
| * all non-uptodate buffers and set them uptodate (and |
| * dirty?). Note, there aren't any non-uptodate buffers |
| * if the page is uptodate. |
| * FIXME: For an uptodate page, the buffers may need to |
| * be written out because they were not initialized on |
| * disk before. |
| */ |
| if (!PageUptodate(page)) { |
| // TODO: |
| // Zero any non-uptodate buffers up to i_size. |
| // Set them uptodate and dirty. |
| } |
| // TODO: |
| // Update initialized size in the attribute and in the |
| // inode (up to i_size). |
| // Update iblock. |
| // FIXME: This is inefficient. Try to batch the two |
| // size changes to happen in one go. |
| ntfs_error(vol->sb, "Writing beyond initialized size " |
| "is not supported yet. Sorry."); |
| err = -EOPNOTSUPP; |
| break; |
| // Do NOT set_buffer_new() BUT DO clear buffer range |
| // outside write request range. |
| // set_buffer_uptodate() on complete buffers as well as |
| // set_buffer_dirty(). |
| } |
| |
| /* No need to map buffers that are already mapped. */ |
| if (buffer_mapped(bh)) |
| continue; |
| |
| /* Unmapped, dirty buffer. Need to map it. */ |
| bh->b_bdev = vol->sb->s_bdev; |
| |
| /* Convert block into corresponding vcn and offset. */ |
| vcn = (VCN)block << blocksize_bits; |
| vcn_ofs = vcn & vol->cluster_size_mask; |
| vcn >>= vol->cluster_size_bits; |
| if (!rl) { |
| lock_retry_remap: |
| down_read(&ni->runlist.lock); |
| rl = ni->runlist.rl; |
| } |
| if (likely(rl != NULL)) { |
| /* Seek to element containing target vcn. */ |
| while (rl->length && rl[1].vcn <= vcn) |
| rl++; |
| lcn = ntfs_rl_vcn_to_lcn(rl, vcn); |
| } else |
| lcn = LCN_RL_NOT_MAPPED; |
| /* Successful remap. */ |
| if (lcn >= 0) { |
| /* Setup buffer head to point to correct block. */ |
| bh->b_blocknr = ((lcn << vol->cluster_size_bits) + |
| vcn_ofs) >> blocksize_bits; |
| set_buffer_mapped(bh); |
| continue; |
| } |
| /* It is a hole, need to instantiate it. */ |
| if (lcn == LCN_HOLE) { |
| u8 *kaddr; |
| unsigned long *bpos, *bend; |
| |
| /* Check if the buffer is zero. */ |
| kaddr = kmap_atomic(page); |
| bpos = (unsigned long *)(kaddr + bh_offset(bh)); |
| bend = (unsigned long *)((u8*)bpos + blocksize); |
| do { |
| if (unlikely(*bpos)) |
| break; |
| } while (likely(++bpos < bend)); |
| kunmap_atomic(kaddr); |
| if (bpos == bend) { |
| /* |
| * Buffer is zero and sparse, no need to write |
| * it. |
| */ |
| bh->b_blocknr = -1; |
| clear_buffer_dirty(bh); |
| continue; |
| } |
| // TODO: Instantiate the hole. |
| // clear_buffer_new(bh); |
| // clean_bdev_bh_alias(bh); |
| ntfs_error(vol->sb, "Writing into sparse regions is " |
| "not supported yet. Sorry."); |
| err = -EOPNOTSUPP; |
| break; |
| } |
| /* If first try and runlist unmapped, map and retry. */ |
| if (!is_retry && lcn == LCN_RL_NOT_MAPPED) { |
| is_retry = true; |
| /* |
| * Attempt to map runlist, dropping lock for |
| * the duration. |
| */ |
| up_read(&ni->runlist.lock); |
| err = ntfs_map_runlist(ni, vcn); |
| if (likely(!err)) |
| goto lock_retry_remap; |
| rl = NULL; |
| } else if (!rl) |
| up_read(&ni->runlist.lock); |
| /* |
| * If buffer is outside the runlist, truncate has cut it out |
| * of the runlist. Just clean and clear the buffer and set it |
| * uptodate so it can get discarded by the VM. |
| */ |
| if (err == -ENOENT || lcn == LCN_ENOENT) { |
| bh->b_blocknr = -1; |
| clear_buffer_dirty(bh); |
| zero_user(page, bh_offset(bh), blocksize); |
| set_buffer_uptodate(bh); |
| err = 0; |
| continue; |
| } |
| /* Failed to map the buffer, even after retrying. */ |
| if (!err) |
| err = -EIO; |
| bh->b_blocknr = -1; |
| ntfs_error(vol->sb, "Failed to write to inode 0x%lx, " |
| "attribute type 0x%x, vcn 0x%llx, offset 0x%x " |
| "because its location on disk could not be " |
| "determined%s (error code %i).", ni->mft_no, |
| ni->type, (unsigned long long)vcn, |
| vcn_ofs, is_retry ? " even after " |
| "retrying" : "", err); |
| break; |
| } while (block++, (bh = bh->b_this_page) != head); |
| |
| /* Release the lock if we took it. */ |
| if (rl) |
| up_read(&ni->runlist.lock); |
| |
| /* For the error case, need to reset bh to the beginning. */ |
| bh = head; |
| |
| /* Just an optimization, so ->read_folio() is not called later. */ |
| if (unlikely(!PageUptodate(page))) { |
| int uptodate = 1; |
| do { |
| if (!buffer_uptodate(bh)) { |
| uptodate = 0; |
| bh = head; |
| break; |
| } |
| } while ((bh = bh->b_this_page) != head); |
| if (uptodate) |
| SetPageUptodate(page); |
| } |
| |
| /* Setup all mapped, dirty buffers for async write i/o. */ |
| do { |
| if (buffer_mapped(bh) && buffer_dirty(bh)) { |
| lock_buffer(bh); |
| if (test_clear_buffer_dirty(bh)) { |
| BUG_ON(!buffer_uptodate(bh)); |
| mark_buffer_async_write(bh); |
| } else |
| unlock_buffer(bh); |
| } else if (unlikely(err)) { |
| /* |
| * For the error case. The buffer may have been set |
| * dirty during attachment to a dirty page. |
| */ |
| if (err != -ENOMEM) |
| clear_buffer_dirty(bh); |
| } |
| } while ((bh = bh->b_this_page) != head); |
| |
| if (unlikely(err)) { |
| // TODO: Remove the -EOPNOTSUPP check later on... |
| if (unlikely(err == -EOPNOTSUPP)) |
| err = 0; |
| else if (err == -ENOMEM) { |
| ntfs_warning(vol->sb, "Error allocating memory. " |
| "Redirtying page so we try again " |
| "later."); |
| /* |
| * Put the page back on mapping->dirty_pages, but |
| * leave its buffer's dirty state as-is. |
| */ |
| redirty_page_for_writepage(wbc, page); |
| err = 0; |
| } else |
| SetPageError(page); |
| } |
| |
| BUG_ON(PageWriteback(page)); |
| set_page_writeback(page); /* Keeps try_to_free_buffers() away. */ |
| |
| /* Submit the prepared buffers for i/o. */ |
| need_end_writeback = true; |
| do { |
| struct buffer_head *next = bh->b_this_page; |
| if (buffer_async_write(bh)) { |
| submit_bh(REQ_OP_WRITE, 0, bh); |
| need_end_writeback = false; |
| } |
| bh = next; |
| } while (bh != head); |
| unlock_page(page); |
| |
| /* If no i/o was started, need to end_page_writeback(). */ |
| if (unlikely(need_end_writeback)) |
| end_page_writeback(page); |
| |
| ntfs_debug("Done."); |
| return err; |
| } |
| |
| /** |
| * ntfs_write_mst_block - write a @page to the backing store |
| * @page: page cache page to write out |
| * @wbc: writeback control structure |
| * |
| * This function is for writing pages belonging to non-resident, mst protected |
| * attributes to their backing store. The only supported attributes are index |
| * allocation and $MFT/$DATA. Both directory inodes and index inodes are |
| * supported for the index allocation case. |
| * |
| * The page must remain locked for the duration of the write because we apply |
| * the mst fixups, write, and then undo the fixups, so if we were to unlock the |
| * page before undoing the fixups, any other user of the page will see the |
| * page contents as corrupt. |
| * |
| * We clear the page uptodate flag for the duration of the function to ensure |
| * exclusion for the $MFT/$DATA case against someone mapping an mft record we |
| * are about to apply the mst fixups to. |
| * |
| * Return 0 on success and -errno on error. |
| * |
| * Based on ntfs_write_block(), ntfs_mft_writepage(), and |
| * write_mft_record_nolock(). |
| */ |
| static int ntfs_write_mst_block(struct page *page, |
| struct writeback_control *wbc) |
| { |
| sector_t block, dblock, rec_block; |
| struct inode *vi = page->mapping->host; |
| ntfs_inode *ni = NTFS_I(vi); |
| ntfs_volume *vol = ni->vol; |
| u8 *kaddr; |
| unsigned int rec_size = ni->itype.index.block_size; |
| ntfs_inode *locked_nis[PAGE_SIZE / NTFS_BLOCK_SIZE]; |
| struct buffer_head *bh, *head, *tbh, *rec_start_bh; |
| struct buffer_head *bhs[MAX_BUF_PER_PAGE]; |
| runlist_element *rl; |
| int i, nr_locked_nis, nr_recs, nr_bhs, max_bhs, bhs_per_rec, err, err2; |
| unsigned bh_size, rec_size_bits; |
| bool sync, is_mft, page_is_dirty, rec_is_dirty; |
| unsigned char bh_size_bits; |
| |
| if (WARN_ON(rec_size < NTFS_BLOCK_SIZE)) |
| return -EINVAL; |
| |
| ntfs_debug("Entering for inode 0x%lx, attribute type 0x%x, page index " |
| "0x%lx.", vi->i_ino, ni->type, page->index); |
| BUG_ON(!NInoNonResident(ni)); |
| BUG_ON(!NInoMstProtected(ni)); |
| is_mft = (S_ISREG(vi->i_mode) && !vi->i_ino); |
| /* |
| * NOTE: ntfs_write_mst_block() would be called for $MFTMirr if a page |
| * in its page cache were to be marked dirty. However this should |
| * never happen with the current driver and considering we do not |
| * handle this case here we do want to BUG(), at least for now. |
| */ |
| BUG_ON(!(is_mft || S_ISDIR(vi->i_mode) || |
| (NInoAttr(ni) && ni->type == AT_INDEX_ALLOCATION))); |
| bh_size = vol->sb->s_blocksize; |
| bh_size_bits = vol->sb->s_blocksize_bits; |
| max_bhs = PAGE_SIZE / bh_size; |
| BUG_ON(!max_bhs); |
| BUG_ON(max_bhs > MAX_BUF_PER_PAGE); |
| |
| /* Were we called for sync purposes? */ |
| sync = (wbc->sync_mode == WB_SYNC_ALL); |
| |
| /* Make sure we have mapped buffers. */ |
| bh = head = page_buffers(page); |
| BUG_ON(!bh); |
| |
| rec_size_bits = ni->itype.index.block_size_bits; |
| BUG_ON(!(PAGE_SIZE >> rec_size_bits)); |
| bhs_per_rec = rec_size >> bh_size_bits; |
| BUG_ON(!bhs_per_rec); |
| |
| /* The first block in the page. */ |
| rec_block = block = (sector_t)page->index << |
| (PAGE_SHIFT - bh_size_bits); |
| |
| /* The first out of bounds block for the data size. */ |
| dblock = (i_size_read(vi) + bh_size - 1) >> bh_size_bits; |
| |
| rl = NULL; |
| err = err2 = nr_bhs = nr_recs = nr_locked_nis = 0; |
| page_is_dirty = rec_is_dirty = false; |
| rec_start_bh = NULL; |
| do { |
| bool is_retry = false; |
| |
| if (likely(block < rec_block)) { |
| if (unlikely(block >= dblock)) { |
| clear_buffer_dirty(bh); |
| set_buffer_uptodate(bh); |
| continue; |
| } |
| /* |
| * This block is not the first one in the record. We |
| * ignore the buffer's dirty state because we could |
| * have raced with a parallel mark_ntfs_record_dirty(). |
| */ |
| if (!rec_is_dirty) |
| continue; |
| if (unlikely(err2)) { |
| if (err2 != -ENOMEM) |
| clear_buffer_dirty(bh); |
| continue; |
| } |
| } else /* if (block == rec_block) */ { |
| BUG_ON(block > rec_block); |
| /* This block is the first one in the record. */ |
| rec_block += bhs_per_rec; |
| err2 = 0; |
| if (unlikely(block >= dblock)) { |
| clear_buffer_dirty(bh); |
| continue; |
| } |
| if (!buffer_dirty(bh)) { |
| /* Clean records are not written out. */ |
| rec_is_dirty = false; |
| continue; |
| } |
| rec_is_dirty = true; |
| rec_start_bh = bh; |
| } |
| /* Need to map the buffer if it is not mapped already. */ |
| if (unlikely(!buffer_mapped(bh))) { |
| VCN vcn; |
| LCN lcn; |
| unsigned int vcn_ofs; |
| |
| bh->b_bdev = vol->sb->s_bdev; |
| /* Obtain the vcn and offset of the current block. */ |
| vcn = (VCN)block << bh_size_bits; |
| vcn_ofs = vcn & vol->cluster_size_mask; |
| vcn >>= vol->cluster_size_bits; |
| if (!rl) { |
| lock_retry_remap: |
| down_read(&ni->runlist.lock); |
| rl = ni->runlist.rl; |
| } |
| if (likely(rl != NULL)) { |
| /* Seek to element containing target vcn. */ |
| while (rl->length && rl[1].vcn <= vcn) |
| rl++; |
| lcn = ntfs_rl_vcn_to_lcn(rl, vcn); |
| } else |
| lcn = LCN_RL_NOT_MAPPED; |
| /* Successful remap. */ |
| if (likely(lcn >= 0)) { |
| /* Setup buffer head to correct block. */ |
| bh->b_blocknr = ((lcn << |
| vol->cluster_size_bits) + |
| vcn_ofs) >> bh_size_bits; |
| set_buffer_mapped(bh); |
| } else { |
| /* |
| * Remap failed. Retry to map the runlist once |
| * unless we are working on $MFT which always |
| * has the whole of its runlist in memory. |
| */ |
| if (!is_mft && !is_retry && |
| lcn == LCN_RL_NOT_MAPPED) { |
| is_retry = true; |
| /* |
| * Attempt to map runlist, dropping |
| * lock for the duration. |
| */ |
| up_read(&ni->runlist.lock); |
| err2 = ntfs_map_runlist(ni, vcn); |
| if (likely(!err2)) |
| goto lock_retry_remap; |
| if (err2 == -ENOMEM) |
| page_is_dirty = true; |
| lcn = err2; |
| } else { |
| err2 = -EIO; |
| if (!rl) |
| up_read(&ni->runlist.lock); |
| } |
| /* Hard error. Abort writing this record. */ |
| if (!err || err == -ENOMEM) |
| err = err2; |
| bh->b_blocknr = -1; |
| ntfs_error(vol->sb, "Cannot write ntfs record " |
| "0x%llx (inode 0x%lx, " |
| "attribute type 0x%x) because " |
| "its location on disk could " |
| "not be determined (error " |
| "code %lli).", |
| (long long)block << |
| bh_size_bits >> |
| vol->mft_record_size_bits, |
| ni->mft_no, ni->type, |
| (long long)lcn); |
| /* |
| * If this is not the first buffer, remove the |
| * buffers in this record from the list of |
| * buffers to write and clear their dirty bit |
| * if not error -ENOMEM. |
| */ |
| if (rec_start_bh != bh) { |
| while (bhs[--nr_bhs] != rec_start_bh) |
| ; |
| if (err2 != -ENOMEM) { |
| do { |
| clear_buffer_dirty( |
| rec_start_bh); |
| } while ((rec_start_bh = |
| rec_start_bh-> |
| b_this_page) != |
| bh); |
| } |
| } |
| continue; |
| } |
| } |
| BUG_ON(!buffer_uptodate(bh)); |
| BUG_ON(nr_bhs >= max_bhs); |
| bhs[nr_bhs++] = bh; |
| } while (block++, (bh = bh->b_this_page) != head); |
| if (unlikely(rl)) |
| up_read(&ni->runlist.lock); |
| /* If there were no dirty buffers, we are done. */ |
| if (!nr_bhs) |
| goto done; |
| /* Map the page so we can access its contents. */ |
| kaddr = kmap(page); |
| /* Clear the page uptodate flag whilst the mst fixups are applied. */ |
| BUG_ON(!PageUptodate(page)); |
| ClearPageUptodate(page); |
| for (i = 0; i < nr_bhs; i++) { |
| unsigned int ofs; |
| |
| /* Skip buffers which are not at the beginning of records. */ |
| if (i % bhs_per_rec) |
| continue; |
| tbh = bhs[i]; |
| ofs = bh_offset(tbh); |
| if (is_mft) { |
| ntfs_inode *tni; |
| unsigned long mft_no; |
| |
| /* Get the mft record number. */ |
| mft_no = (((s64)page->index << PAGE_SHIFT) + ofs) |
| >> rec_size_bits; |
| /* Check whether to write this mft record. */ |
| tni = NULL; |
| if (!ntfs_may_write_mft_record(vol, mft_no, |
| (MFT_RECORD*)(kaddr + ofs), &tni)) { |
| /* |
| * The record should not be written. This |
| * means we need to redirty the page before |
| * returning. |
| */ |
| page_is_dirty = true; |
| /* |
| * Remove the buffers in this mft record from |
| * the list of buffers to write. |
| */ |
| do { |
| bhs[i] = NULL; |
| } while (++i % bhs_per_rec); |
| continue; |
| } |
| /* |
| * The record should be written. If a locked ntfs |
| * inode was returned, add it to the array of locked |
| * ntfs inodes. |
| */ |
| if (tni) |
| locked_nis[nr_locked_nis++] = tni; |
| } |
| /* Apply the mst protection fixups. */ |
| err2 = pre_write_mst_fixup((NTFS_RECORD*)(kaddr + ofs), |
| rec_size); |
| if (unlikely(err2)) { |
| if (!err || err == -ENOMEM) |
| err = -EIO; |
| ntfs_error(vol->sb, "Failed to apply mst fixups " |
| "(inode 0x%lx, attribute type 0x%x, " |
| "page index 0x%lx, page offset 0x%x)!" |
| " Unmount and run chkdsk.", vi->i_ino, |
| ni->type, page->index, ofs); |
| /* |
| * Mark all the buffers in this record clean as we do |
| * not want to write corrupt data to disk. |
| */ |
| do { |
| clear_buffer_dirty(bhs[i]); |
| bhs[i] = NULL; |
| } while (++i % bhs_per_rec); |
| continue; |
| } |
| nr_recs++; |
| } |
| /* If no records are to be written out, we are done. */ |
| if (!nr_recs) |
| goto unm_done; |
| flush_dcache_page(page); |
| /* Lock buffers and start synchronous write i/o on them. */ |
| for (i = 0; i < nr_bhs; i++) { |
| tbh = bhs[i]; |
| if (!tbh) |
| continue; |
| if (!trylock_buffer(tbh)) |
| BUG(); |
| /* The buffer dirty state is now irrelevant, just clean it. */ |
| clear_buffer_dirty(tbh); |
| BUG_ON(!buffer_uptodate(tbh)); |
| BUG_ON(!buffer_mapped(tbh)); |
| get_bh(tbh); |
| tbh->b_end_io = end_buffer_write_sync; |
| submit_bh(REQ_OP_WRITE, 0, tbh); |
| } |
| /* Synchronize the mft mirror now if not @sync. */ |
| if (is_mft && !sync) |
| goto do_mirror; |
| do_wait: |
| /* Wait on i/o completion of buffers. */ |
| for (i = 0; i < nr_bhs; i++) { |
| tbh = bhs[i]; |
| if (!tbh) |
| continue; |
| wait_on_buffer(tbh); |
| if (unlikely(!buffer_uptodate(tbh))) { |
| ntfs_error(vol->sb, "I/O error while writing ntfs " |
| "record buffer (inode 0x%lx, " |
| "attribute type 0x%x, page index " |
| "0x%lx, page offset 0x%lx)! Unmount " |
| "and run chkdsk.", vi->i_ino, ni->type, |
| page->index, bh_offset(tbh)); |
| if (!err || err == -ENOMEM) |
| err = -EIO; |
| /* |
| * Set the buffer uptodate so the page and buffer |
| * states do not become out of sync. |
| */ |
| set_buffer_uptodate(tbh); |
| } |
| } |
| /* If @sync, now synchronize the mft mirror. */ |
| if (is_mft && sync) { |
| do_mirror: |
| for (i = 0; i < nr_bhs; i++) { |
| unsigned long mft_no; |
| unsigned int ofs; |
| |
| /* |
| * Skip buffers which are not at the beginning of |
| * records. |
| */ |
| if (i % bhs_per_rec) |
| continue; |
| tbh = bhs[i]; |
| /* Skip removed buffers (and hence records). */ |
| if (!tbh) |
| continue; |
| ofs = bh_offset(tbh); |
| /* Get the mft record number. */ |
| mft_no = (((s64)page->index << PAGE_SHIFT) + ofs) |
| >> rec_size_bits; |
| if (mft_no < vol->mftmirr_size) |
| ntfs_sync_mft_mirror(vol, mft_no, |
| (MFT_RECORD*)(kaddr + ofs), |
| sync); |
| } |
| if (!sync) |
| goto do_wait; |
| } |
| /* Remove the mst protection fixups again. */ |
| for (i = 0; i < nr_bhs; i++) { |
| if (!(i % bhs_per_rec)) { |
| tbh = bhs[i]; |
| if (!tbh) |
| continue; |
| post_write_mst_fixup((NTFS_RECORD*)(kaddr + |
| bh_offset(tbh))); |
| } |
| } |
| flush_dcache_page(page); |
| unm_done: |
| /* Unlock any locked inodes. */ |
| while (nr_locked_nis-- > 0) { |
| ntfs_inode *tni, *base_tni; |
| |
| tni = locked_nis[nr_locked_nis]; |
| /* Get the base inode. */ |
| mutex_lock(&tni->extent_lock); |
| if (tni->nr_extents >= 0) |
| base_tni = tni; |
| else { |
| base_tni = tni->ext.base_ntfs_ino; |
| BUG_ON(!base_tni); |
| } |
| mutex_unlock(&tni->extent_lock); |
| ntfs_debug("Unlocking %s inode 0x%lx.", |
| tni == base_tni ? "base" : "extent", |
| tni->mft_no); |
| mutex_unlock(&tni->mrec_lock); |
| atomic_dec(&tni->count); |
| iput(VFS_I(base_tni)); |
| } |
| SetPageUptodate(page); |
| kunmap(page); |
| done: |
| if (unlikely(err && err != -ENOMEM)) { |
| /* |
| * Set page error if there is only one ntfs record in the page. |
| * Otherwise we would loose per-record granularity. |
| */ |
| if (ni->itype.index.block_size == PAGE_SIZE) |
| SetPageError(page); |
| NVolSetErrors(vol); |
| } |
| if (page_is_dirty) { |
| ntfs_debug("Page still contains one or more dirty ntfs " |
| "records. Redirtying the page starting at " |
| "record 0x%lx.", page->index << |
| (PAGE_SHIFT - rec_size_bits)); |
| redirty_page_for_writepage(wbc, page); |
| unlock_page(page); |
| } else { |
| /* |
| * Keep the VM happy. This must be done otherwise the |
| * radix-tree tag PAGECACHE_TAG_DIRTY remains set even though |
| * the page is clean. |
| */ |
| BUG_ON(PageWriteback(page)); |
| set_page_writeback(page); |
| unlock_page(page); |
| end_page_writeback(page); |
| } |
| if (likely(!err)) |
| ntfs_debug("Done."); |
| return err; |
| } |
| |
| /** |
| * ntfs_writepage - write a @page to the backing store |
| * @page: page cache page to write out |
| * @wbc: writeback control structure |
| * |
| * This is called from the VM when it wants to have a dirty ntfs page cache |
| * page cleaned. The VM has already locked the page and marked it clean. |
| * |
| * For non-resident attributes, ntfs_writepage() writes the @page by calling |
| * the ntfs version of the generic block_write_full_page() function, |
| * ntfs_write_block(), which in turn if necessary creates and writes the |
| * buffers associated with the page asynchronously. |
| * |
| * For resident attributes, OTOH, ntfs_writepage() writes the @page by copying |
| * the data to the mft record (which at this stage is most likely in memory). |
| * The mft record is then marked dirty and written out asynchronously via the |
| * vfs inode dirty code path for the inode the mft record belongs to or via the |
| * vm page dirty code path for the page the mft record is in. |
| * |
| * Based on ntfs_read_folio() and fs/buffer.c::block_write_full_page(). |
| * |
| * Return 0 on success and -errno on error. |
| */ |
| static int ntfs_writepage(struct page *page, struct writeback_control *wbc) |
| { |
| loff_t i_size; |
| struct inode *vi = page->mapping->host; |
| ntfs_inode *base_ni = NULL, *ni = NTFS_I(vi); |
| char *addr; |
| ntfs_attr_search_ctx *ctx = NULL; |
| MFT_RECORD *m = NULL; |
| u32 attr_len; |
| int err; |
| |
| retry_writepage: |
| BUG_ON(!PageLocked(page)); |
| i_size = i_size_read(vi); |
| /* Is the page fully outside i_size? (truncate in progress) */ |
| if (unlikely(page->index >= (i_size + PAGE_SIZE - 1) >> |
| PAGE_SHIFT)) { |
| struct folio *folio = page_folio(page); |
| /* |
| * The page may have dirty, unmapped buffers. Make them |
| * freeable here, so the page does not leak. |
| */ |
| block_invalidate_folio(folio, 0, folio_size(folio)); |
| folio_unlock(folio); |
| ntfs_debug("Write outside i_size - truncated?"); |
| return 0; |
| } |
| /* |
| * Only $DATA attributes can be encrypted and only unnamed $DATA |
| * attributes can be compressed. Index root can have the flags set but |
| * this means to create compressed/encrypted files, not that the |
| * attribute is compressed/encrypted. Note we need to check for |
| * AT_INDEX_ALLOCATION since this is the type of both directory and |
| * index inodes. |
| */ |
| if (ni->type != AT_INDEX_ALLOCATION) { |
| /* If file is encrypted, deny access, just like NT4. */ |
| if (NInoEncrypted(ni)) { |
| unlock_page(page); |
| BUG_ON(ni->type != AT_DATA); |
| ntfs_debug("Denying write access to encrypted file."); |
| return -EACCES; |
| } |
| /* Compressed data streams are handled in compress.c. */ |
| if (NInoNonResident(ni) && NInoCompressed(ni)) { |
| BUG_ON(ni->type != AT_DATA); |
| BUG_ON(ni->name_len); |
| // TODO: Implement and replace this with |
| // return ntfs_write_compressed_block(page); |
| unlock_page(page); |
| ntfs_error(vi->i_sb, "Writing to compressed files is " |
| "not supported yet. Sorry."); |
| return -EOPNOTSUPP; |
| } |
| // TODO: Implement and remove this check. |
| if (NInoNonResident(ni) && NInoSparse(ni)) { |
| unlock_page(page); |
| ntfs_error(vi->i_sb, "Writing to sparse files is not " |
| "supported yet. Sorry."); |
| return -EOPNOTSUPP; |
| } |
| } |
| /* NInoNonResident() == NInoIndexAllocPresent() */ |
| if (NInoNonResident(ni)) { |
| /* We have to zero every time due to mmap-at-end-of-file. */ |
| if (page->index >= (i_size >> PAGE_SHIFT)) { |
| /* The page straddles i_size. */ |
| unsigned int ofs = i_size & ~PAGE_MASK; |
| zero_user_segment(page, ofs, PAGE_SIZE); |
| } |
| /* Handle mst protected attributes. */ |
| if (NInoMstProtected(ni)) |
| return ntfs_write_mst_block(page, wbc); |
| /* Normal, non-resident data stream. */ |
| return ntfs_write_block(page, wbc); |
| } |
| /* |
| * Attribute is resident, implying it is not compressed, encrypted, or |
| * mst protected. This also means the attribute is smaller than an mft |
| * record and hence smaller than a page, so can simply return error on |
| * any pages with index above 0. Note the attribute can actually be |
| * marked compressed but if it is resident the actual data is not |
| * compressed so we are ok to ignore the compressed flag here. |
| */ |
| BUG_ON(page_has_buffers(page)); |
| BUG_ON(!PageUptodate(page)); |
| if (unlikely(page->index > 0)) { |
| ntfs_error(vi->i_sb, "BUG()! page->index (0x%lx) > 0. " |
| "Aborting write.", page->index); |
| BUG_ON(PageWriteback(page)); |
| set_page_writeback(page); |
| unlock_page(page); |
| end_page_writeback(page); |
| return -EIO; |
| } |
| if (!NInoAttr(ni)) |
| base_ni = ni; |
| else |
| base_ni = ni->ext.base_ntfs_ino; |
| /* Map, pin, and lock the mft record. */ |
| m = map_mft_record(base_ni); |
| if (IS_ERR(m)) { |
| err = PTR_ERR(m); |
| m = NULL; |
| ctx = NULL; |
| goto err_out; |
| } |
| /* |
| * If a parallel write made the attribute non-resident, drop the mft |
| * record and retry the writepage. |
| */ |
| if (unlikely(NInoNonResident(ni))) { |
| unmap_mft_record(base_ni); |
| goto retry_writepage; |
| } |
| ctx = ntfs_attr_get_search_ctx(base_ni, m); |
| if (unlikely(!ctx)) { |
| err = -ENOMEM; |
| goto err_out; |
| } |
| err = ntfs_attr_lookup(ni->type, ni->name, ni->name_len, |
| CASE_SENSITIVE, 0, NULL, 0, ctx); |
| if (unlikely(err)) |
| goto err_out; |
| /* |
| * Keep the VM happy. This must be done otherwise the radix-tree tag |
| * PAGECACHE_TAG_DIRTY remains set even though the page is clean. |
| */ |
| BUG_ON(PageWriteback(page)); |
| set_page_writeback(page); |
| unlock_page(page); |
| attr_len = le32_to_cpu(ctx->attr->data.resident.value_length); |
| i_size = i_size_read(vi); |
| if (unlikely(attr_len > i_size)) { |
| /* Race with shrinking truncate or a failed truncate. */ |
| attr_len = i_size; |
| /* |
| * If the truncate failed, fix it up now. If a concurrent |
| * truncate, we do its job, so it does not have to do anything. |
| */ |
| err = ntfs_resident_attr_value_resize(ctx->mrec, ctx->attr, |
| attr_len); |
| /* Shrinking cannot fail. */ |
| BUG_ON(err); |
| } |
| addr = kmap_atomic(page); |
| /* Copy the data from the page to the mft record. */ |
| memcpy((u8*)ctx->attr + |
| le16_to_cpu(ctx->attr->data.resident.value_offset), |
| addr, attr_len); |
| /* Zero out of bounds area in the page cache page. */ |
| memset(addr + attr_len, 0, PAGE_SIZE - attr_len); |
| kunmap_atomic(addr); |
| flush_dcache_page(page); |
| flush_dcache_mft_record_page(ctx->ntfs_ino); |
| /* We are done with the page. */ |
| end_page_writeback(page); |
| /* Finally, mark the mft record dirty, so it gets written back. */ |
| mark_mft_record_dirty(ctx->ntfs_ino); |
| ntfs_attr_put_search_ctx(ctx); |
| unmap_mft_record(base_ni); |
| return 0; |
| err_out: |
| if (err == -ENOMEM) { |
| ntfs_warning(vi->i_sb, "Error allocating memory. Redirtying " |
| "page so we try again later."); |
| /* |
| * Put the page back on mapping->dirty_pages, but leave its |
| * buffers' dirty state as-is. |
| */ |
| redirty_page_for_writepage(wbc, page); |
| err = 0; |
| } else { |
| ntfs_error(vi->i_sb, "Resident attribute write failed with " |
| "error %i.", err); |
| SetPageError(page); |
| NVolSetErrors(ni->vol); |
| } |
| unlock_page(page); |
| if (ctx) |
| ntfs_attr_put_search_ctx(ctx); |
| if (m) |
| unmap_mft_record(base_ni); |
| return err; |
| } |
| |
| #endif /* NTFS_RW */ |
| |
| /** |
| * ntfs_bmap - map logical file block to physical device block |
| * @mapping: address space mapping to which the block to be mapped belongs |
| * @block: logical block to map to its physical device block |
| * |
| * For regular, non-resident files (i.e. not compressed and not encrypted), map |
| * the logical @block belonging to the file described by the address space |
| * mapping @mapping to its physical device block. |
| * |
| * The size of the block is equal to the @s_blocksize field of the super block |
| * of the mounted file system which is guaranteed to be smaller than or equal |
| * to the cluster size thus the block is guaranteed to fit entirely inside the |
| * cluster which means we do not need to care how many contiguous bytes are |
| * available after the beginning of the block. |
| * |
| * Return the physical device block if the mapping succeeded or 0 if the block |
| * is sparse or there was an error. |
| * |
| * Note: This is a problem if someone tries to run bmap() on $Boot system file |
| * as that really is in block zero but there is nothing we can do. bmap() is |
| * just broken in that respect (just like it cannot distinguish sparse from |
| * not available or error). |
| */ |
| static sector_t ntfs_bmap(struct address_space *mapping, sector_t block) |
| { |
| s64 ofs, size; |
| loff_t i_size; |
| LCN lcn; |
| unsigned long blocksize, flags; |
| ntfs_inode *ni = NTFS_I(mapping->host); |
| ntfs_volume *vol = ni->vol; |
| unsigned delta; |
| unsigned char blocksize_bits, cluster_size_shift; |
| |
| ntfs_debug("Entering for mft_no 0x%lx, logical block 0x%llx.", |
| ni->mft_no, (unsigned long long)block); |
| if (ni->type != AT_DATA || !NInoNonResident(ni) || NInoEncrypted(ni)) { |
| ntfs_error(vol->sb, "BMAP does not make sense for %s " |
| "attributes, returning 0.", |
| (ni->type != AT_DATA) ? "non-data" : |
| (!NInoNonResident(ni) ? "resident" : |
| "encrypted")); |
| return 0; |
| } |
| /* None of these can happen. */ |
| BUG_ON(NInoCompressed(ni)); |
| BUG_ON(NInoMstProtected(ni)); |
| blocksize = vol->sb->s_blocksize; |
| blocksize_bits = vol->sb->s_blocksize_bits; |
| ofs = (s64)block << blocksize_bits; |
| read_lock_irqsave(&ni->size_lock, flags); |
| size = ni->initialized_size; |
| i_size = i_size_read(VFS_I(ni)); |
| read_unlock_irqrestore(&ni->size_lock, flags); |
| /* |
| * If the offset is outside the initialized size or the block straddles |
| * the initialized size then pretend it is a hole unless the |
| * initialized size equals the file size. |
| */ |
| if (unlikely(ofs >= size || (ofs + blocksize > size && size < i_size))) |
| goto hole; |
| cluster_size_shift = vol->cluster_size_bits; |
| down_read(&ni->runlist.lock); |
| lcn = ntfs_attr_vcn_to_lcn_nolock(ni, ofs >> cluster_size_shift, false); |
| up_read(&ni->runlist.lock); |
| if (unlikely(lcn < LCN_HOLE)) { |
| /* |
| * Step down to an integer to avoid gcc doing a long long |
| * comparision in the switch when we know @lcn is between |
| * LCN_HOLE and LCN_EIO (i.e. -1 to -5). |
| * |
| * Otherwise older gcc (at least on some architectures) will |
| * try to use __cmpdi2() which is of course not available in |
| * the kernel. |
| */ |
| switch ((int)lcn) { |
| case LCN_ENOENT: |
| /* |
| * If the offset is out of bounds then pretend it is a |
| * hole. |
| */ |
| goto hole; |
| case LCN_ENOMEM: |
| ntfs_error(vol->sb, "Not enough memory to complete " |
| "mapping for inode 0x%lx. " |
| "Returning 0.", ni->mft_no); |
| break; |
| default: |
| ntfs_error(vol->sb, "Failed to complete mapping for " |
| "inode 0x%lx. Run chkdsk. " |
| "Returning 0.", ni->mft_no); |
| break; |
| } |
| return 0; |
| } |
| if (lcn < 0) { |
| /* It is a hole. */ |
| hole: |
| ntfs_debug("Done (returning hole)."); |
| return 0; |
| } |
| /* |
| * The block is really allocated and fullfils all our criteria. |
| * Convert the cluster to units of block size and return the result. |
| */ |
| delta = ofs & vol->cluster_size_mask; |
| if (unlikely(sizeof(block) < sizeof(lcn))) { |
| block = lcn = ((lcn << cluster_size_shift) + delta) >> |
| blocksize_bits; |
| /* If the block number was truncated return 0. */ |
| if (unlikely(block != lcn)) { |
| ntfs_error(vol->sb, "Physical block 0x%llx is too " |
| "large to be returned, returning 0.", |
| (long long)lcn); |
| return 0; |
| } |
| } else |
| block = ((lcn << cluster_size_shift) + delta) >> |
| blocksize_bits; |
| ntfs_debug("Done (returning block 0x%llx).", (unsigned long long)lcn); |
| return block; |
| } |
| |
| /** |
| * ntfs_normal_aops - address space operations for normal inodes and attributes |
| * |
| * Note these are not used for compressed or mst protected inodes and |
| * attributes. |
| */ |
| const struct address_space_operations ntfs_normal_aops = { |
| .read_folio = ntfs_read_folio, |
| #ifdef NTFS_RW |
| .writepage = ntfs_writepage, |
| .dirty_folio = block_dirty_folio, |
| #endif /* NTFS_RW */ |
| .bmap = ntfs_bmap, |
| .migratepage = buffer_migrate_page, |
| .is_partially_uptodate = block_is_partially_uptodate, |
| .error_remove_page = generic_error_remove_page, |
| }; |
| |
| /** |
| * ntfs_compressed_aops - address space operations for compressed inodes |
| */ |
| const struct address_space_operations ntfs_compressed_aops = { |
| .read_folio = ntfs_read_folio, |
| #ifdef NTFS_RW |
| .writepage = ntfs_writepage, |
| .dirty_folio = block_dirty_folio, |
| #endif /* NTFS_RW */ |
| .migratepage = buffer_migrate_page, |
| .is_partially_uptodate = block_is_partially_uptodate, |
| .error_remove_page = generic_error_remove_page, |
| }; |
| |
| /** |
| * ntfs_mst_aops - general address space operations for mst protecteed inodes |
| * and attributes |
| */ |
| const struct address_space_operations ntfs_mst_aops = { |
| .read_folio = ntfs_read_folio, /* Fill page with data. */ |
| #ifdef NTFS_RW |
| .writepage = ntfs_writepage, /* Write dirty page to disk. */ |
| .dirty_folio = filemap_dirty_folio, |
| #endif /* NTFS_RW */ |
| .migratepage = buffer_migrate_page, |
| .is_partially_uptodate = block_is_partially_uptodate, |
| .error_remove_page = generic_error_remove_page, |
| }; |
| |
| #ifdef NTFS_RW |
| |
| /** |
| * mark_ntfs_record_dirty - mark an ntfs record dirty |
| * @page: page containing the ntfs record to mark dirty |
| * @ofs: byte offset within @page at which the ntfs record begins |
| * |
| * Set the buffers and the page in which the ntfs record is located dirty. |
| * |
| * The latter also marks the vfs inode the ntfs record belongs to dirty |
| * (I_DIRTY_PAGES only). |
| * |
| * If the page does not have buffers, we create them and set them uptodate. |
| * The page may not be locked which is why we need to handle the buffers under |
| * the mapping->private_lock. Once the buffers are marked dirty we no longer |
| * need the lock since try_to_free_buffers() does not free dirty buffers. |
| */ |
| void mark_ntfs_record_dirty(struct page *page, const unsigned int ofs) { |
| struct address_space *mapping = page->mapping; |
| ntfs_inode *ni = NTFS_I(mapping->host); |
| struct buffer_head *bh, *head, *buffers_to_free = NULL; |
| unsigned int end, bh_size, bh_ofs; |
| |
| BUG_ON(!PageUptodate(page)); |
| end = ofs + ni->itype.index.block_size; |
| bh_size = VFS_I(ni)->i_sb->s_blocksize; |
| spin_lock(&mapping->private_lock); |
| if (unlikely(!page_has_buffers(page))) { |
| spin_unlock(&mapping->private_lock); |
| bh = head = alloc_page_buffers(page, bh_size, true); |
| spin_lock(&mapping->private_lock); |
| if (likely(!page_has_buffers(page))) { |
| struct buffer_head *tail; |
| |
| do { |
| set_buffer_uptodate(bh); |
| tail = bh; |
| bh = bh->b_this_page; |
| } while (bh); |
| tail->b_this_page = head; |
| attach_page_private(page, head); |
| } else |
| buffers_to_free = bh; |
| } |
| bh = head = page_buffers(page); |
| BUG_ON(!bh); |
| do { |
| bh_ofs = bh_offset(bh); |
| if (bh_ofs + bh_size <= ofs) |
| continue; |
| if (unlikely(bh_ofs >= end)) |
| break; |
| set_buffer_dirty(bh); |
| } while ((bh = bh->b_this_page) != head); |
| spin_unlock(&mapping->private_lock); |
| filemap_dirty_folio(mapping, page_folio(page)); |
| if (unlikely(buffers_to_free)) { |
| do { |
| bh = buffers_to_free->b_this_page; |
| free_buffer_head(buffers_to_free); |
| buffers_to_free = bh; |
| } while (buffers_to_free); |
| } |
| } |
| |
| #endif /* NTFS_RW */ |