1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  * Copyright (c) 2000-2006 Silicon Graphics, Inc.
4  * Copyright (c) 2012-2013 Red Hat, Inc.
5  * All rights reserved.
6  */
7 #include "xfs.h"
8 #include "xfs_fs.h"
9 #include "xfs_format.h"
10 #include "xfs_log_format.h"
11 #include "xfs_shared.h"
12 #include "xfs_trans_resv.h"
13 #include "xfs_mount.h"
14 #include "xfs_inode.h"
15 #include "xfs_error.h"
16 #include "xfs_trans.h"
17 #include "xfs_buf_item.h"
18 #include "xfs_log.h"
19 #include "xfs_symlink_remote.h"
20 #include "xfs_bit.h"
21 #include "xfs_bmap.h"
22 #include "xfs_health.h"
23 
24 /*
25  * Each contiguous block has a header, so it is not just a simple pathlen
26  * to FSB conversion.
27  */
28 int
xfs_symlink_blocks(struct xfs_mount * mp,int pathlen)29 xfs_symlink_blocks(
30 	struct xfs_mount *mp,
31 	int		pathlen)
32 {
33 	int buflen = XFS_SYMLINK_BUF_SPACE(mp, mp->m_sb.sb_blocksize);
34 
35 	return (pathlen + buflen - 1) / buflen;
36 }
37 
38 int
xfs_symlink_hdr_set(struct xfs_mount * mp,xfs_ino_t ino,uint32_t offset,uint32_t size,struct xfs_buf * bp)39 xfs_symlink_hdr_set(
40 	struct xfs_mount	*mp,
41 	xfs_ino_t		ino,
42 	uint32_t		offset,
43 	uint32_t		size,
44 	struct xfs_buf		*bp)
45 {
46 	struct xfs_dsymlink_hdr	*dsl = bp->b_addr;
47 
48 	if (!xfs_has_crc(mp))
49 		return 0;
50 
51 	memset(dsl, 0, sizeof(struct xfs_dsymlink_hdr));
52 	dsl->sl_magic = cpu_to_be32(XFS_SYMLINK_MAGIC);
53 	dsl->sl_offset = cpu_to_be32(offset);
54 	dsl->sl_bytes = cpu_to_be32(size);
55 	uuid_copy(&dsl->sl_uuid, &mp->m_sb.sb_meta_uuid);
56 	dsl->sl_owner = cpu_to_be64(ino);
57 	dsl->sl_blkno = cpu_to_be64(xfs_buf_daddr(bp));
58 	bp->b_ops = &xfs_symlink_buf_ops;
59 
60 	return sizeof(struct xfs_dsymlink_hdr);
61 }
62 
63 /*
64  * Checking of the symlink header is split into two parts. the verifier does
65  * CRC, location and bounds checking, the unpacking function checks the path
66  * parameters and owner.
67  */
68 bool
xfs_symlink_hdr_ok(xfs_ino_t ino,uint32_t offset,uint32_t size,struct xfs_buf * bp)69 xfs_symlink_hdr_ok(
70 	xfs_ino_t		ino,
71 	uint32_t		offset,
72 	uint32_t		size,
73 	struct xfs_buf		*bp)
74 {
75 	struct xfs_dsymlink_hdr *dsl = bp->b_addr;
76 
77 	if (offset != be32_to_cpu(dsl->sl_offset))
78 		return false;
79 	if (size != be32_to_cpu(dsl->sl_bytes))
80 		return false;
81 	if (ino != be64_to_cpu(dsl->sl_owner))
82 		return false;
83 
84 	/* ok */
85 	return true;
86 }
87 
88 static xfs_failaddr_t
xfs_symlink_verify(struct xfs_buf * bp)89 xfs_symlink_verify(
90 	struct xfs_buf		*bp)
91 {
92 	struct xfs_mount	*mp = bp->b_mount;
93 	struct xfs_dsymlink_hdr	*dsl = bp->b_addr;
94 
95 	if (!xfs_has_crc(mp))
96 		return __this_address;
97 	if (!xfs_verify_magic(bp, dsl->sl_magic))
98 		return __this_address;
99 	if (!uuid_equal(&dsl->sl_uuid, &mp->m_sb.sb_meta_uuid))
100 		return __this_address;
101 	if (xfs_buf_daddr(bp) != be64_to_cpu(dsl->sl_blkno))
102 		return __this_address;
103 	if (be32_to_cpu(dsl->sl_offset) +
104 				be32_to_cpu(dsl->sl_bytes) >= XFS_SYMLINK_MAXLEN)
105 		return __this_address;
106 	if (dsl->sl_owner == 0)
107 		return __this_address;
108 	if (!xfs_log_check_lsn(mp, be64_to_cpu(dsl->sl_lsn)))
109 		return __this_address;
110 
111 	return NULL;
112 }
113 
114 static void
xfs_symlink_read_verify(struct xfs_buf * bp)115 xfs_symlink_read_verify(
116 	struct xfs_buf	*bp)
117 {
118 	struct xfs_mount *mp = bp->b_mount;
119 	xfs_failaddr_t	fa;
120 
121 	/* no verification of non-crc buffers */
122 	if (!xfs_has_crc(mp))
123 		return;
124 
125 	if (!xfs_buf_verify_cksum(bp, XFS_SYMLINK_CRC_OFF))
126 		xfs_verifier_error(bp, -EFSBADCRC, __this_address);
127 	else {
128 		fa = xfs_symlink_verify(bp);
129 		if (fa)
130 			xfs_verifier_error(bp, -EFSCORRUPTED, fa);
131 	}
132 }
133 
134 static void
xfs_symlink_write_verify(struct xfs_buf * bp)135 xfs_symlink_write_verify(
136 	struct xfs_buf	*bp)
137 {
138 	struct xfs_mount *mp = bp->b_mount;
139 	struct xfs_buf_log_item	*bip = bp->b_log_item;
140 	xfs_failaddr_t		fa;
141 
142 	/* no verification of non-crc buffers */
143 	if (!xfs_has_crc(mp))
144 		return;
145 
146 	fa = xfs_symlink_verify(bp);
147 	if (fa) {
148 		xfs_verifier_error(bp, -EFSCORRUPTED, fa);
149 		return;
150 	}
151 
152 	if (bip) {
153 		struct xfs_dsymlink_hdr *dsl = bp->b_addr;
154 		dsl->sl_lsn = cpu_to_be64(bip->bli_item.li_lsn);
155 	}
156 	xfs_buf_update_cksum(bp, XFS_SYMLINK_CRC_OFF);
157 }
158 
159 const struct xfs_buf_ops xfs_symlink_buf_ops = {
160 	.name = "xfs_symlink",
161 	.magic = { 0, cpu_to_be32(XFS_SYMLINK_MAGIC) },
162 	.verify_read = xfs_symlink_read_verify,
163 	.verify_write = xfs_symlink_write_verify,
164 	.verify_struct = xfs_symlink_verify,
165 };
166 
167 void
xfs_symlink_local_to_remote(struct xfs_trans * tp,struct xfs_buf * bp,struct xfs_inode * ip,struct xfs_ifork * ifp,void * priv)168 xfs_symlink_local_to_remote(
169 	struct xfs_trans	*tp,
170 	struct xfs_buf		*bp,
171 	struct xfs_inode	*ip,
172 	struct xfs_ifork	*ifp,
173 	void			*priv)
174 {
175 	struct xfs_mount	*mp = ip->i_mount;
176 	char			*buf;
177 
178 	xfs_trans_buf_set_type(tp, bp, XFS_BLFT_SYMLINK_BUF);
179 
180 	if (!xfs_has_crc(mp)) {
181 		bp->b_ops = NULL;
182 		memcpy(bp->b_addr, ifp->if_data, ifp->if_bytes);
183 		xfs_trans_log_buf(tp, bp, 0, ifp->if_bytes - 1);
184 		return;
185 	}
186 
187 	/*
188 	 * As this symlink fits in an inode literal area, it must also fit in
189 	 * the smallest buffer the filesystem supports.
190 	 */
191 	ASSERT(BBTOB(bp->b_length) >=
192 			ifp->if_bytes + sizeof(struct xfs_dsymlink_hdr));
193 
194 	bp->b_ops = &xfs_symlink_buf_ops;
195 
196 	buf = bp->b_addr;
197 	buf += xfs_symlink_hdr_set(mp, ip->i_ino, 0, ifp->if_bytes, bp);
198 	memcpy(buf, ifp->if_data, ifp->if_bytes);
199 	xfs_trans_log_buf(tp, bp, 0, sizeof(struct xfs_dsymlink_hdr) +
200 					ifp->if_bytes - 1);
201 }
202 
203 /*
204  * Verify the in-memory consistency of an inline symlink data fork. This
205  * does not do on-disk format checks.
206  */
207 xfs_failaddr_t
xfs_symlink_shortform_verify(void * sfp,int64_t size)208 xfs_symlink_shortform_verify(
209 	void			*sfp,
210 	int64_t			size)
211 {
212 	char			*endp = sfp + size;
213 
214 	/*
215 	 * Zero length symlinks should never occur in memory as they are
216 	 * never allowed to exist on disk.
217 	 */
218 	if (!size)
219 		return __this_address;
220 
221 	/* No negative sizes or overly long symlink targets. */
222 	if (size < 0 || size > XFS_SYMLINK_MAXLEN)
223 		return __this_address;
224 
225 	/* No NULLs in the target either. */
226 	if (memchr(sfp, 0, size - 1))
227 		return __this_address;
228 
229 	/* We /did/ null-terminate the buffer, right? */
230 	if (*endp != 0)
231 		return __this_address;
232 	return NULL;
233 }
234 
235 /* Read a remote symlink target into the buffer. */
236 int
xfs_symlink_remote_read(struct xfs_inode * ip,char * link)237 xfs_symlink_remote_read(
238 	struct xfs_inode	*ip,
239 	char			*link)
240 {
241 	struct xfs_mount	*mp = ip->i_mount;
242 	struct xfs_bmbt_irec	mval[XFS_SYMLINK_MAPS];
243 	struct xfs_buf		*bp;
244 	xfs_daddr_t		d;
245 	char			*cur_chunk;
246 	int			pathlen = ip->i_disk_size;
247 	int			nmaps = XFS_SYMLINK_MAPS;
248 	int			byte_cnt;
249 	int			n;
250 	int			error = 0;
251 	int			fsblocks = 0;
252 	int			offset;
253 
254 	xfs_assert_ilocked(ip, XFS_ILOCK_SHARED | XFS_ILOCK_EXCL);
255 
256 	fsblocks = xfs_symlink_blocks(mp, pathlen);
257 	error = xfs_bmapi_read(ip, 0, fsblocks, mval, &nmaps, 0);
258 	if (error)
259 		goto out;
260 
261 	offset = 0;
262 	for (n = 0; n < nmaps; n++) {
263 		d = XFS_FSB_TO_DADDR(mp, mval[n].br_startblock);
264 		byte_cnt = XFS_FSB_TO_B(mp, mval[n].br_blockcount);
265 
266 		error = xfs_buf_read(mp->m_ddev_targp, d, BTOBB(byte_cnt), 0,
267 				&bp, &xfs_symlink_buf_ops);
268 		if (xfs_metadata_is_sick(error))
269 			xfs_inode_mark_sick(ip, XFS_SICK_INO_SYMLINK);
270 		if (error)
271 			return error;
272 		byte_cnt = XFS_SYMLINK_BUF_SPACE(mp, byte_cnt);
273 		if (pathlen < byte_cnt)
274 			byte_cnt = pathlen;
275 
276 		cur_chunk = bp->b_addr;
277 		if (xfs_has_crc(mp)) {
278 			if (!xfs_symlink_hdr_ok(ip->i_ino, offset,
279 							byte_cnt, bp)) {
280 				xfs_inode_mark_sick(ip, XFS_SICK_INO_SYMLINK);
281 				error = -EFSCORRUPTED;
282 				xfs_alert(mp,
283 "symlink header does not match required off/len/owner (0x%x/0x%x,0x%llx)",
284 					offset, byte_cnt, ip->i_ino);
285 				xfs_buf_relse(bp);
286 				goto out;
287 
288 			}
289 
290 			cur_chunk += sizeof(struct xfs_dsymlink_hdr);
291 		}
292 
293 		memcpy(link + offset, cur_chunk, byte_cnt);
294 
295 		pathlen -= byte_cnt;
296 		offset += byte_cnt;
297 
298 		xfs_buf_relse(bp);
299 	}
300 	ASSERT(pathlen == 0);
301 
302 	link[ip->i_disk_size] = '\0';
303 	error = 0;
304 
305  out:
306 	return error;
307 }
308 
309 /* Write the symlink target into the inode. */
310 int
xfs_symlink_write_target(struct xfs_trans * tp,struct xfs_inode * ip,xfs_ino_t owner,const char * target_path,int pathlen,xfs_fsblock_t fs_blocks,uint resblks)311 xfs_symlink_write_target(
312 	struct xfs_trans	*tp,
313 	struct xfs_inode	*ip,
314 	xfs_ino_t		owner,
315 	const char		*target_path,
316 	int			pathlen,
317 	xfs_fsblock_t		fs_blocks,
318 	uint			resblks)
319 {
320 	struct xfs_bmbt_irec	mval[XFS_SYMLINK_MAPS];
321 	struct xfs_mount	*mp = tp->t_mountp;
322 	const char		*cur_chunk;
323 	struct xfs_buf		*bp;
324 	xfs_daddr_t		d;
325 	int			byte_cnt;
326 	int			nmaps;
327 	int			offset = 0;
328 	int			n;
329 	int			error;
330 
331 	/*
332 	 * If the symlink will fit into the inode, write it inline.
333 	 */
334 	if (pathlen <= xfs_inode_data_fork_size(ip)) {
335 		xfs_init_local_fork(ip, XFS_DATA_FORK, target_path, pathlen);
336 
337 		ip->i_disk_size = pathlen;
338 		ip->i_df.if_format = XFS_DINODE_FMT_LOCAL;
339 		xfs_trans_log_inode(tp, ip, XFS_ILOG_DDATA | XFS_ILOG_CORE);
340 		return 0;
341 	}
342 
343 	nmaps = XFS_SYMLINK_MAPS;
344 	error = xfs_bmapi_write(tp, ip, 0, fs_blocks, XFS_BMAPI_METADATA,
345 			resblks, mval, &nmaps);
346 	if (error)
347 		return error;
348 
349 	ip->i_disk_size = pathlen;
350 	xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
351 
352 	cur_chunk = target_path;
353 	offset = 0;
354 	for (n = 0; n < nmaps; n++) {
355 		char	*buf;
356 
357 		d = XFS_FSB_TO_DADDR(mp, mval[n].br_startblock);
358 		byte_cnt = XFS_FSB_TO_B(mp, mval[n].br_blockcount);
359 		error = xfs_trans_get_buf(tp, mp->m_ddev_targp, d,
360 				BTOBB(byte_cnt), 0, &bp);
361 		if (error)
362 			return error;
363 		bp->b_ops = &xfs_symlink_buf_ops;
364 
365 		byte_cnt = XFS_SYMLINK_BUF_SPACE(mp, byte_cnt);
366 		byte_cnt = min(byte_cnt, pathlen);
367 
368 		buf = bp->b_addr;
369 		buf += xfs_symlink_hdr_set(mp, owner, offset, byte_cnt, bp);
370 
371 		memcpy(buf, cur_chunk, byte_cnt);
372 
373 		cur_chunk += byte_cnt;
374 		pathlen -= byte_cnt;
375 		offset += byte_cnt;
376 
377 		xfs_trans_buf_set_type(tp, bp, XFS_BLFT_SYMLINK_BUF);
378 		xfs_trans_log_buf(tp, bp, 0, (buf + byte_cnt - 1) -
379 						(char *)bp->b_addr);
380 	}
381 	ASSERT(pathlen == 0);
382 	return 0;
383 }
384 
385 /* Remove all the blocks from a symlink and invalidate buffers. */
386 int
xfs_symlink_remote_truncate(struct xfs_trans * tp,struct xfs_inode * ip)387 xfs_symlink_remote_truncate(
388 	struct xfs_trans	*tp,
389 	struct xfs_inode	*ip)
390 {
391 	struct xfs_bmbt_irec	mval[XFS_SYMLINK_MAPS];
392 	struct xfs_mount	*mp = tp->t_mountp;
393 	struct xfs_buf		*bp;
394 	int			nmaps = XFS_SYMLINK_MAPS;
395 	int			done = 0;
396 	int			i;
397 	int			error;
398 
399 	/* Read mappings and invalidate buffers. */
400 	error = xfs_bmapi_read(ip, 0, XFS_MAX_FILEOFF, mval, &nmaps, 0);
401 	if (error)
402 		return error;
403 
404 	for (i = 0; i < nmaps; i++) {
405 		if (!xfs_bmap_is_real_extent(&mval[i]))
406 			break;
407 
408 		error = xfs_trans_get_buf(tp, mp->m_ddev_targp,
409 				XFS_FSB_TO_DADDR(mp, mval[i].br_startblock),
410 				XFS_FSB_TO_BB(mp, mval[i].br_blockcount), 0,
411 				&bp);
412 		if (error)
413 			return error;
414 
415 		xfs_trans_binval(tp, bp);
416 	}
417 
418 	/* Unmap the remote blocks. */
419 	error = xfs_bunmapi(tp, ip, 0, XFS_MAX_FILEOFF, 0, nmaps, &done);
420 	if (error)
421 		return error;
422 	if (!done) {
423 		ASSERT(done);
424 		xfs_inode_mark_sick(ip, XFS_SICK_INO_SYMLINK);
425 		return -EFSCORRUPTED;
426 	}
427 
428 	xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
429 	return 0;
430 }
431