TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / hafnium / third_party / linux.git / 0f672f6c0b52b7b0700b0915c72b540721af4465 / . / fs / xfs / scrub / dir.c
blob: 1e2e11721eb993381879b2458a894d4178a3baa3 [file] [log] [blame]
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]1// SPDX-License-Identifier: GPL-2.0+
2/*
3 * Copyright (C) 2017 Oracle. All Rights Reserved.
4 * Author: Darrick J. Wong <darrick.wong@oracle.com>
5 */
6#include "xfs.h"
7#include "xfs_fs.h"
8#include "xfs_shared.h"
9#include "xfs_format.h"
10#include "xfs_trans_resv.h"
11#include "xfs_mount.h"
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]12#include "xfs_log_format.h"
13#include "xfs_trans.h"
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]14#include "xfs_inode.h"
15#include "xfs_icache.h"
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]16#include "xfs_dir2.h"
17#include "xfs_dir2_priv.h"
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]18#include "scrub/scrub.h"
19#include "scrub/common.h"
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]20#include "scrub/dabtree.h"
21
22/* Set us up to scrub directories. */
23int
24xchk_setup_directory(
25 struct xfs_scrub *sc,
26 struct xfs_inode *ip)
27{
28 return xchk_setup_inode_contents(sc, ip, 0);
29}
30
31/* Directories */
32
33/* Scrub a directory entry. */
34
35struct xchk_dir_ctx {
36 /* VFS fill-directory iterator */
37 struct dir_context dir_iter;
38
39 struct xfs_scrub *sc;
40};
41
42/* Check that an inode's mode matches a given DT_ type. */
43STATIC int
44xchk_dir_check_ftype(
45 struct xchk_dir_ctx *sdc,
46 xfs_fileoff_t offset,
47 xfs_ino_t inum,
48 int dtype)
49{
50 struct xfs_mount *mp = sdc->sc->mp;
51 struct xfs_inode *ip;
52 int ino_dtype;
53 int error = 0;
54
55 if (!xfs_sb_version_hasftype(&mp->m_sb)) {
56 if (dtype != DT_UNKNOWN && dtype != DT_DIR)
57 xchk_fblock_set_corrupt(sdc->sc, XFS_DATA_FORK,
58 offset);
59 goto out;
60 }
61
62 /*
63 * Grab the inode pointed to by the dirent. We release the
64 * inode before we cancel the scrub transaction. Since we're
65 * don't know a priori that releasing the inode won't trigger
66 * eofblocks cleanup (which allocates what would be a nested
67 * transaction), we can't use DONTCACHE here because DONTCACHE
68 * inodes can trigger immediate inactive cleanup of the inode.
69 */
70 error = xfs_iget(mp, sdc->sc->tp, inum, 0, 0, &ip);
71 if (!xchk_fblock_xref_process_error(sdc->sc, XFS_DATA_FORK, offset,
72 &error))
73 goto out;
74
75 /* Convert mode to the DT_* values that dir_emit uses. */
76 ino_dtype = xfs_dir3_get_dtype(mp,
77 xfs_mode_to_ftype(VFS_I(ip)->i_mode));
78 if (ino_dtype != dtype)
79 xchk_fblock_set_corrupt(sdc->sc, XFS_DATA_FORK, offset);
80 xfs_irele(ip);
81out:
82 return error;
83}
84
85/*
86 * Scrub a single directory entry.
87 *
88 * We use the VFS directory iterator (i.e. readdir) to call this
89 * function for every directory entry in a directory. Once we're here,
90 * we check the inode number to make sure it's sane, then we check that
91 * we can look up this filename. Finally, we check the ftype.
92 */
93STATIC int
94xchk_dir_actor(
95 struct dir_context *dir_iter,
96 const char *name,
97 int namelen,
98 loff_t pos,
99 u64 ino,
100 unsigned type)
101{
102 struct xfs_mount *mp;
103 struct xfs_inode *ip;
104 struct xchk_dir_ctx *sdc;
105 struct xfs_name xname;
106 xfs_ino_t lookup_ino;
107 xfs_dablk_t offset;
108 int error = 0;
109
110 sdc = container_of(dir_iter, struct xchk_dir_ctx, dir_iter);
111 ip = sdc->sc->ip;
112 mp = ip->i_mount;
113 offset = xfs_dir2_db_to_da(mp->m_dir_geo,
114 xfs_dir2_dataptr_to_db(mp->m_dir_geo, pos));
115
116 /* Does this inode number make sense? */
117 if (!xfs_verify_dir_ino(mp, ino)) {
118 xchk_fblock_set_corrupt(sdc->sc, XFS_DATA_FORK, offset);
119 goto out;
120 }
121
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame^]122 /* Does this name make sense? */
123 if (!xfs_dir2_namecheck(name, namelen)) {
124 xchk_fblock_set_corrupt(sdc->sc, XFS_DATA_FORK, offset);
125 goto out;
126 }
127
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]128 if (!strncmp(".", name, namelen)) {
129 /* If this is "." then check that the inum matches the dir. */
130 if (xfs_sb_version_hasftype(&mp->m_sb) && type != DT_DIR)
131 xchk_fblock_set_corrupt(sdc->sc, XFS_DATA_FORK,
132 offset);
133 if (ino != ip->i_ino)
134 xchk_fblock_set_corrupt(sdc->sc, XFS_DATA_FORK,
135 offset);
136 } else if (!strncmp("..", name, namelen)) {
137 /*
138 * If this is ".." in the root inode, check that the inum
139 * matches this dir.
140 */
141 if (xfs_sb_version_hasftype(&mp->m_sb) && type != DT_DIR)
142 xchk_fblock_set_corrupt(sdc->sc, XFS_DATA_FORK,
143 offset);
144 if (ip->i_ino == mp->m_sb.sb_rootino && ino != ip->i_ino)
145 xchk_fblock_set_corrupt(sdc->sc, XFS_DATA_FORK,
146 offset);
147 }
148
149 /* Verify that we can look up this name by hash. */
150 xname.name = name;
151 xname.len = namelen;
152 xname.type = XFS_DIR3_FT_UNKNOWN;
153
154 error = xfs_dir_lookup(sdc->sc->tp, ip, &xname, &lookup_ino, NULL);
155 if (!xchk_fblock_process_error(sdc->sc, XFS_DATA_FORK, offset,
156 &error))
157 goto out;
158 if (lookup_ino != ino) {
159 xchk_fblock_set_corrupt(sdc->sc, XFS_DATA_FORK, offset);
160 goto out;
161 }
162
163 /* Verify the file type. This function absorbs error codes. */
164 error = xchk_dir_check_ftype(sdc, offset, lookup_ino, type);
165 if (error)
166 goto out;
167out:
168 /*
169 * A negative error code returned here is supposed to cause the
170 * dir_emit caller (xfs_readdir) to abort the directory iteration
171 * and return zero to xchk_directory.
172 */
173 if (error == 0 && sdc->sc->sm->sm_flags & XFS_SCRUB_OFLAG_CORRUPT)
174 return -EFSCORRUPTED;
175 return error;
176}
177
178/* Scrub a directory btree record. */
179STATIC int
180xchk_dir_rec(
181 struct xchk_da_btree *ds,
182 int level,
183 void *rec)
184{
185 struct xfs_mount *mp = ds->state->mp;
186 struct xfs_dir2_leaf_entry *ent = rec;
187 struct xfs_inode *dp = ds->dargs.dp;
188 struct xfs_dir2_data_entry *dent;
189 struct xfs_buf *bp;
190 char *p, *endp;
191 xfs_ino_t ino;
192 xfs_dablk_t rec_bno;
193 xfs_dir2_db_t db;
194 xfs_dir2_data_aoff_t off;
195 xfs_dir2_dataptr_t ptr;
196 xfs_dahash_t calc_hash;
197 xfs_dahash_t hash;
198 unsigned int tag;
199 int error;
200
201 /* Check the hash of the entry. */
202 error = xchk_da_btree_hash(ds, level, &ent->hashval);
203 if (error)
204 goto out;
205
206 /* Valid hash pointer? */
207 ptr = be32_to_cpu(ent->address);
208 if (ptr == 0)
209 return 0;
210
211 /* Find the directory entry's location. */
212 db = xfs_dir2_dataptr_to_db(mp->m_dir_geo, ptr);
213 off = xfs_dir2_dataptr_to_off(mp->m_dir_geo, ptr);
214 rec_bno = xfs_dir2_db_to_da(mp->m_dir_geo, db);
215
216 if (rec_bno >= mp->m_dir_geo->leafblk) {
217 xchk_da_set_corrupt(ds, level);
218 goto out;
219 }
220 error = xfs_dir3_data_read(ds->dargs.trans, dp, rec_bno, -2, &bp);
221 if (!xchk_fblock_process_error(ds->sc, XFS_DATA_FORK, rec_bno,
222 &error))
223 goto out;
224 if (!bp) {
225 xchk_fblock_set_corrupt(ds->sc, XFS_DATA_FORK, rec_bno);
226 goto out;
227 }
228 xchk_buffer_recheck(ds->sc, bp);
229
230 if (ds->sc->sm->sm_flags & XFS_SCRUB_OFLAG_CORRUPT)
231 goto out_relse;
232
233 dent = (struct xfs_dir2_data_entry *)(((char *)bp->b_addr) + off);
234
235 /* Make sure we got a real directory entry. */
236 p = (char *)mp->m_dir_inode_ops->data_entry_p(bp->b_addr);
237 endp = xfs_dir3_data_endp(mp->m_dir_geo, bp->b_addr);
238 if (!endp) {
239 xchk_fblock_set_corrupt(ds->sc, XFS_DATA_FORK, rec_bno);
240 goto out_relse;
241 }
242 while (p < endp) {
243 struct xfs_dir2_data_entry *dep;
244 struct xfs_dir2_data_unused *dup;
245
246 dup = (struct xfs_dir2_data_unused *)p;
247 if (be16_to_cpu(dup->freetag) == XFS_DIR2_DATA_FREE_TAG) {
248 p += be16_to_cpu(dup->length);
249 continue;
250 }
251 dep = (struct xfs_dir2_data_entry *)p;
252 if (dep == dent)
253 break;
254 p += mp->m_dir_inode_ops->data_entsize(dep->namelen);
255 }
256 if (p >= endp) {
257 xchk_fblock_set_corrupt(ds->sc, XFS_DATA_FORK, rec_bno);
258 goto out_relse;
259 }
260
261 /* Retrieve the entry, sanity check it, and compare hashes. */
262 ino = be64_to_cpu(dent->inumber);
263 hash = be32_to_cpu(ent->hashval);
264 tag = be16_to_cpup(dp->d_ops->data_entry_tag_p(dent));
265 if (!xfs_verify_dir_ino(mp, ino) || tag != off)
266 xchk_fblock_set_corrupt(ds->sc, XFS_DATA_FORK, rec_bno);
267 if (dent->namelen == 0) {
268 xchk_fblock_set_corrupt(ds->sc, XFS_DATA_FORK, rec_bno);
269 goto out_relse;
270 }
271 calc_hash = xfs_da_hashname(dent->name, dent->namelen);
272 if (calc_hash != hash)
273 xchk_fblock_set_corrupt(ds->sc, XFS_DATA_FORK, rec_bno);
274
275out_relse:
276 xfs_trans_brelse(ds->dargs.trans, bp);
277out:
278 return error;
279}
280
281/*
282 * Is this unused entry either in the bestfree or smaller than all of
283 * them? We've already checked that the bestfrees are sorted longest to
284 * shortest, and that there aren't any bogus entries.
285 */
286STATIC void
287xchk_directory_check_free_entry(
288 struct xfs_scrub *sc,
289 xfs_dablk_t lblk,
290 struct xfs_dir2_data_free *bf,
291 struct xfs_dir2_data_unused *dup)
292{
293 struct xfs_dir2_data_free *dfp;
294 unsigned int dup_length;
295
296 dup_length = be16_to_cpu(dup->length);
297
298 /* Unused entry is shorter than any of the bestfrees */
299 if (dup_length < be16_to_cpu(bf[XFS_DIR2_DATA_FD_COUNT - 1].length))
300 return;
301
302 for (dfp = &bf[XFS_DIR2_DATA_FD_COUNT - 1]; dfp >= bf; dfp--)
303 if (dup_length == be16_to_cpu(dfp->length))
304 return;
305
306 /* Unused entry should be in the bestfrees but wasn't found. */
307 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, lblk);
308}
309
310/* Check free space info in a directory data block. */
311STATIC int
312xchk_directory_data_bestfree(
313 struct xfs_scrub *sc,
314 xfs_dablk_t lblk,
315 bool is_block)
316{
317 struct xfs_dir2_data_unused *dup;
318 struct xfs_dir2_data_free *dfp;
319 struct xfs_buf *bp;
320 struct xfs_dir2_data_free *bf;
321 struct xfs_mount *mp = sc->mp;
322 const struct xfs_dir_ops *d_ops;
323 char *ptr;
324 char *endptr;
325 u16 tag;
326 unsigned int nr_bestfrees = 0;
327 unsigned int nr_frees = 0;
328 unsigned int smallest_bestfree;
329 int newlen;
330 int offset;
331 int error;
332
333 d_ops = sc->ip->d_ops;
334
335 if (is_block) {
336 /* dir block format */
337 if (lblk != XFS_B_TO_FSBT(mp, XFS_DIR2_DATA_OFFSET))
338 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, lblk);
339 error = xfs_dir3_block_read(sc->tp, sc->ip, &bp);
340 } else {
341 /* dir data format */
342 error = xfs_dir3_data_read(sc->tp, sc->ip, lblk, -1, &bp);
343 }
344 if (!xchk_fblock_process_error(sc, XFS_DATA_FORK, lblk, &error))
345 goto out;
346 xchk_buffer_recheck(sc, bp);
347
348 /* XXX: Check xfs_dir3_data_hdr.pad is zero once we start setting it. */
349
350 if (sc->sm->sm_flags & XFS_SCRUB_OFLAG_CORRUPT)
351 goto out_buf;
352
353 /* Do the bestfrees correspond to actual free space? */
354 bf = d_ops->data_bestfree_p(bp->b_addr);
355 smallest_bestfree = UINT_MAX;
356 for (dfp = &bf[0]; dfp < &bf[XFS_DIR2_DATA_FD_COUNT]; dfp++) {
357 offset = be16_to_cpu(dfp->offset);
358 if (offset == 0)
359 continue;
360 if (offset >= mp->m_dir_geo->blksize) {
361 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, lblk);
362 goto out_buf;
363 }
364 dup = (struct xfs_dir2_data_unused *)(bp->b_addr + offset);
365 tag = be16_to_cpu(*xfs_dir2_data_unused_tag_p(dup));
366
367 /* bestfree doesn't match the entry it points at? */
368 if (dup->freetag != cpu_to_be16(XFS_DIR2_DATA_FREE_TAG) ||
369 be16_to_cpu(dup->length) != be16_to_cpu(dfp->length) ||
370 tag != ((char *)dup - (char *)bp->b_addr)) {
371 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, lblk);
372 goto out_buf;
373 }
374
375 /* bestfree records should be ordered largest to smallest */
376 if (smallest_bestfree < be16_to_cpu(dfp->length)) {
377 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, lblk);
378 goto out_buf;
379 }
380
381 smallest_bestfree = be16_to_cpu(dfp->length);
382 nr_bestfrees++;
383 }
384
385 /* Make sure the bestfrees are actually the best free spaces. */
386 ptr = (char *)d_ops->data_entry_p(bp->b_addr);
387 endptr = xfs_dir3_data_endp(mp->m_dir_geo, bp->b_addr);
388
389 /* Iterate the entries, stopping when we hit or go past the end. */
390 while (ptr < endptr) {
391 dup = (struct xfs_dir2_data_unused *)ptr;
392 /* Skip real entries */
393 if (dup->freetag != cpu_to_be16(XFS_DIR2_DATA_FREE_TAG)) {
394 struct xfs_dir2_data_entry *dep;
395
396 dep = (struct xfs_dir2_data_entry *)ptr;
397 newlen = d_ops->data_entsize(dep->namelen);
398 if (newlen <= 0) {
399 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK,
400 lblk);
401 goto out_buf;
402 }
403 ptr += newlen;
404 continue;
405 }
406
407 /* Spot check this free entry */
408 tag = be16_to_cpu(*xfs_dir2_data_unused_tag_p(dup));
409 if (tag != ((char *)dup - (char *)bp->b_addr)) {
410 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, lblk);
411 goto out_buf;
412 }
413
414 /*
415 * Either this entry is a bestfree or it's smaller than
416 * any of the bestfrees.
417 */
418 xchk_directory_check_free_entry(sc, lblk, bf, dup);
419 if (sc->sm->sm_flags & XFS_SCRUB_OFLAG_CORRUPT)
420 goto out_buf;
421
422 /* Move on. */
423 newlen = be16_to_cpu(dup->length);
424 if (newlen <= 0) {
425 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, lblk);
426 goto out_buf;
427 }
428 ptr += newlen;
429 if (ptr <= endptr)
430 nr_frees++;
431 }
432
433 /* We're required to fill all the space. */
434 if (ptr != endptr)
435 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, lblk);
436
437 /* Did we see at least as many free slots as there are bestfrees? */
438 if (nr_frees < nr_bestfrees)
439 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, lblk);
440out_buf:
441 xfs_trans_brelse(sc->tp, bp);
442out:
443 return error;
444}
445
446/*
447 * Does the free space length in the free space index block ($len) match
448 * the longest length in the directory data block's bestfree array?
449 * Assume that we've already checked that the data block's bestfree
450 * array is in order.
451 */
452STATIC void
453xchk_directory_check_freesp(
454 struct xfs_scrub *sc,
455 xfs_dablk_t lblk,
456 struct xfs_buf *dbp,
457 unsigned int len)
458{
459 struct xfs_dir2_data_free *dfp;
460
461 dfp = sc->ip->d_ops->data_bestfree_p(dbp->b_addr);
462
463 if (len != be16_to_cpu(dfp->length))
464 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, lblk);
465
466 if (len > 0 && be16_to_cpu(dfp->offset) == 0)
467 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, lblk);
468}
469
470/* Check free space info in a directory leaf1 block. */
471STATIC int
472xchk_directory_leaf1_bestfree(
473 struct xfs_scrub *sc,
474 struct xfs_da_args *args,
475 xfs_dablk_t lblk)
476{
477 struct xfs_dir3_icleaf_hdr leafhdr;
478 struct xfs_dir2_leaf_entry *ents;
479 struct xfs_dir2_leaf_tail *ltp;
480 struct xfs_dir2_leaf *leaf;
481 struct xfs_buf *dbp;
482 struct xfs_buf *bp;
483 const struct xfs_dir_ops *d_ops = sc->ip->d_ops;
484 struct xfs_da_geometry *geo = sc->mp->m_dir_geo;
485 __be16 *bestp;
486 __u16 best;
487 __u32 hash;
488 __u32 lasthash = 0;
489 __u32 bestcount;
490 unsigned int stale = 0;
491 int i;
492 int error;
493
494 /* Read the free space block. */
495 error = xfs_dir3_leaf_read(sc->tp, sc->ip, lblk, -1, &bp);
496 if (!xchk_fblock_process_error(sc, XFS_DATA_FORK, lblk, &error))
497 goto out;
498 xchk_buffer_recheck(sc, bp);
499
500 leaf = bp->b_addr;
501 d_ops->leaf_hdr_from_disk(&leafhdr, leaf);
502 ents = d_ops->leaf_ents_p(leaf);
503 ltp = xfs_dir2_leaf_tail_p(geo, leaf);
504 bestcount = be32_to_cpu(ltp->bestcount);
505 bestp = xfs_dir2_leaf_bests_p(ltp);
506
507 if (xfs_sb_version_hascrc(&sc->mp->m_sb)) {
508 struct xfs_dir3_leaf_hdr *hdr3 = bp->b_addr;
509
510 if (hdr3->pad != cpu_to_be32(0))
511 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, lblk);
512 }
513
514 /*
515 * There should be as many bestfree slots as there are dir data
516 * blocks that can fit under i_size.
517 */
518 if (bestcount != xfs_dir2_byte_to_db(geo, sc->ip->i_d.di_size)) {
519 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, lblk);
520 goto out;
521 }
522
523 /* Is the leaf count even remotely sane? */
524 if (leafhdr.count > d_ops->leaf_max_ents(geo)) {
525 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, lblk);
526 goto out;
527 }
528
529 /* Leaves and bests don't overlap in leaf format. */
530 if ((char *)&ents[leafhdr.count] > (char *)bestp) {
531 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, lblk);
532 goto out;
533 }
534
535 /* Check hash value order, count stale entries. */
536 for (i = 0; i < leafhdr.count; i++) {
537 hash = be32_to_cpu(ents[i].hashval);
538 if (i > 0 && lasthash > hash)
539 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, lblk);
540 lasthash = hash;
541 if (ents[i].address == cpu_to_be32(XFS_DIR2_NULL_DATAPTR))
542 stale++;
543 }
544 if (leafhdr.stale != stale)
545 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, lblk);
546 if (sc->sm->sm_flags & XFS_SCRUB_OFLAG_CORRUPT)
547 goto out;
548
549 /* Check all the bestfree entries. */
550 for (i = 0; i < bestcount; i++, bestp++) {
551 best = be16_to_cpu(*bestp);
552 if (best == NULLDATAOFF)
553 continue;
554 error = xfs_dir3_data_read(sc->tp, sc->ip,
555 i * args->geo->fsbcount, -1, &dbp);
556 if (!xchk_fblock_process_error(sc, XFS_DATA_FORK, lblk,
557 &error))
558 break;
559 xchk_directory_check_freesp(sc, lblk, dbp, best);
560 xfs_trans_brelse(sc->tp, dbp);
561 if (sc->sm->sm_flags & XFS_SCRUB_OFLAG_CORRUPT)
562 goto out;
563 }
564out:
565 return error;
566}
567
568/* Check free space info in a directory freespace block. */
569STATIC int
570xchk_directory_free_bestfree(
571 struct xfs_scrub *sc,
572 struct xfs_da_args *args,
573 xfs_dablk_t lblk)
574{
575 struct xfs_dir3_icfree_hdr freehdr;
576 struct xfs_buf *dbp;
577 struct xfs_buf *bp;
578 __be16 *bestp;
579 __u16 best;
580 unsigned int stale = 0;
581 int i;
582 int error;
583
584 /* Read the free space block */
585 error = xfs_dir2_free_read(sc->tp, sc->ip, lblk, &bp);
586 if (!xchk_fblock_process_error(sc, XFS_DATA_FORK, lblk, &error))
587 goto out;
588 xchk_buffer_recheck(sc, bp);
589
590 if (xfs_sb_version_hascrc(&sc->mp->m_sb)) {
591 struct xfs_dir3_free_hdr *hdr3 = bp->b_addr;
592
593 if (hdr3->pad != cpu_to_be32(0))
594 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, lblk);
595 }
596
597 /* Check all the entries. */
598 sc->ip->d_ops->free_hdr_from_disk(&freehdr, bp->b_addr);
599 bestp = sc->ip->d_ops->free_bests_p(bp->b_addr);
600 for (i = 0; i < freehdr.nvalid; i++, bestp++) {
601 best = be16_to_cpu(*bestp);
602 if (best == NULLDATAOFF) {
603 stale++;
604 continue;
605 }
606 error = xfs_dir3_data_read(sc->tp, sc->ip,
607 (freehdr.firstdb + i) * args->geo->fsbcount,
608 -1, &dbp);
609 if (!xchk_fblock_process_error(sc, XFS_DATA_FORK, lblk,
610 &error))
611 break;
612 xchk_directory_check_freesp(sc, lblk, dbp, best);
613 xfs_trans_brelse(sc->tp, dbp);
614 }
615
616 if (freehdr.nused + stale != freehdr.nvalid)
617 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, lblk);
618out:
619 return error;
620}
621
622/* Check free space information in directories. */
623STATIC int
624xchk_directory_blocks(
625 struct xfs_scrub *sc)
626{
627 struct xfs_bmbt_irec got;
628 struct xfs_da_args args;
629 struct xfs_ifork *ifp;
630 struct xfs_mount *mp = sc->mp;
631 xfs_fileoff_t leaf_lblk;
632 xfs_fileoff_t free_lblk;
633 xfs_fileoff_t lblk;
634 struct xfs_iext_cursor icur;
635 xfs_dablk_t dabno;
636 bool found;
637 int is_block = 0;
638 int error;
639
640 /* Ignore local format directories. */
641 if (sc->ip->i_d.di_format != XFS_DINODE_FMT_EXTENTS &&
642 sc->ip->i_d.di_format != XFS_DINODE_FMT_BTREE)
643 return 0;
644
645 ifp = XFS_IFORK_PTR(sc->ip, XFS_DATA_FORK);
646 lblk = XFS_B_TO_FSB(mp, XFS_DIR2_DATA_OFFSET);
647 leaf_lblk = XFS_B_TO_FSB(mp, XFS_DIR2_LEAF_OFFSET);
648 free_lblk = XFS_B_TO_FSB(mp, XFS_DIR2_FREE_OFFSET);
649
650 /* Is this a block dir? */
651 args.dp = sc->ip;
652 args.geo = mp->m_dir_geo;
653 args.trans = sc->tp;
654 error = xfs_dir2_isblock(&args, &is_block);
655 if (!xchk_fblock_process_error(sc, XFS_DATA_FORK, lblk, &error))
656 goto out;
657
658 /* Iterate all the data extents in the directory... */
659 found = xfs_iext_lookup_extent(sc->ip, ifp, lblk, &icur, &got);
660 while (found && !(sc->sm->sm_flags & XFS_SCRUB_OFLAG_CORRUPT)) {
661 /* Block directories only have a single block at offset 0. */
662 if (is_block &&
663 (got.br_startoff > 0 ||
664 got.br_blockcount != args.geo->fsbcount)) {
665 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK,
666 got.br_startoff);
667 break;
668 }
669
670 /* No more data blocks... */
671 if (got.br_startoff >= leaf_lblk)
672 break;
673
674 /*
675 * Check each data block's bestfree data.
676 *
677 * Iterate all the fsbcount-aligned block offsets in
678 * this directory. The directory block reading code is
679 * smart enough to do its own bmap lookups to handle
680 * discontiguous directory blocks. When we're done
681 * with the extent record, re-query the bmap at the
682 * next fsbcount-aligned offset to avoid redundant
683 * block checks.
684 */
685 for (lblk = roundup((xfs_dablk_t)got.br_startoff,
686 args.geo->fsbcount);
687 lblk < got.br_startoff + got.br_blockcount;
688 lblk += args.geo->fsbcount) {
689 error = xchk_directory_data_bestfree(sc, lblk,
690 is_block);
691 if (error)
692 goto out;
693 }
694 dabno = got.br_startoff + got.br_blockcount;
695 lblk = roundup(dabno, args.geo->fsbcount);
696 found = xfs_iext_lookup_extent(sc->ip, ifp, lblk, &icur, &got);
697 }
698
699 if (sc->sm->sm_flags & XFS_SCRUB_OFLAG_CORRUPT)
700 goto out;
701
702 /* Look for a leaf1 block, which has free info. */
703 if (xfs_iext_lookup_extent(sc->ip, ifp, leaf_lblk, &icur, &got) &&
704 got.br_startoff == leaf_lblk &&
705 got.br_blockcount == args.geo->fsbcount &&
706 !xfs_iext_next_extent(ifp, &icur, &got)) {
707 if (is_block) {
708 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, lblk);
709 goto out;
710 }
711 error = xchk_directory_leaf1_bestfree(sc, &args,
712 leaf_lblk);
713 if (error)
714 goto out;
715 }
716
717 if (sc->sm->sm_flags & XFS_SCRUB_OFLAG_CORRUPT)
718 goto out;
719
720 /* Scan for free blocks */
721 lblk = free_lblk;
722 found = xfs_iext_lookup_extent(sc->ip, ifp, lblk, &icur, &got);
723 while (found && !(sc->sm->sm_flags & XFS_SCRUB_OFLAG_CORRUPT)) {
724 /*
725 * Dirs can't have blocks mapped above 2^32.
726 * Single-block dirs shouldn't even be here.
727 */
728 lblk = got.br_startoff;
729 if (lblk & ~0xFFFFFFFFULL) {
730 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, lblk);
731 goto out;
732 }
733 if (is_block) {
734 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, lblk);
735 goto out;
736 }
737
738 /*
739 * Check each dir free block's bestfree data.
740 *
741 * Iterate all the fsbcount-aligned block offsets in
742 * this directory. The directory block reading code is
743 * smart enough to do its own bmap lookups to handle
744 * discontiguous directory blocks. When we're done
745 * with the extent record, re-query the bmap at the
746 * next fsbcount-aligned offset to avoid redundant
747 * block checks.
748 */
749 for (lblk = roundup((xfs_dablk_t)got.br_startoff,
750 args.geo->fsbcount);
751 lblk < got.br_startoff + got.br_blockcount;
752 lblk += args.geo->fsbcount) {
753 error = xchk_directory_free_bestfree(sc, &args,
754 lblk);
755 if (error)
756 goto out;
757 }
758 dabno = got.br_startoff + got.br_blockcount;
759 lblk = roundup(dabno, args.geo->fsbcount);
760 found = xfs_iext_lookup_extent(sc->ip, ifp, lblk, &icur, &got);
761 }
762out:
763 return error;
764}
765
766/* Scrub a whole directory. */
767int
768xchk_directory(
769 struct xfs_scrub *sc)
770{
771 struct xchk_dir_ctx sdc = {
772 .dir_iter.actor = xchk_dir_actor,
773 .dir_iter.pos = 0,
774 .sc = sc,
775 };
776 size_t bufsize;
777 loff_t oldpos;
778 int error = 0;
779
780 if (!S_ISDIR(VFS_I(sc->ip)->i_mode))
781 return -ENOENT;
782
783 /* Plausible size? */
784 if (sc->ip->i_d.di_size < xfs_dir2_sf_hdr_size(0)) {
785 xchk_ino_set_corrupt(sc, sc->ip->i_ino);
786 goto out;
787 }
788
789 /* Check directory tree structure */
790 error = xchk_da_btree(sc, XFS_DATA_FORK, xchk_dir_rec, NULL);
791 if (error)
792 return error;
793
794 if (sc->sm->sm_flags & XFS_SCRUB_OFLAG_CORRUPT)
795 return error;
796
797 /* Check the freespace. */
798 error = xchk_directory_blocks(sc);
799 if (error)
800 return error;
801
802 if (sc->sm->sm_flags & XFS_SCRUB_OFLAG_CORRUPT)
803 return error;
804
805 /*
806 * Check that every dirent we see can also be looked up by hash.
807 * Userspace usually asks for a 32k buffer, so we will too.
808 */
809 bufsize = (size_t)min_t(loff_t, XFS_READDIR_BUFSIZE,
810 sc->ip->i_d.di_size);
811
812 /*
813 * Look up every name in this directory by hash.
814 *
815 * Use the xfs_readdir function to call xchk_dir_actor on
816 * every directory entry in this directory. In _actor, we check
817 * the name, inode number, and ftype (if applicable) of the
818 * entry. xfs_readdir uses the VFS filldir functions to provide
819 * iteration context.
820 *
821 * The VFS grabs a read or write lock via i_rwsem before it reads
822 * or writes to a directory. If we've gotten this far we've
823 * already obtained IOLOCK_EXCL, which (since 4.10) is the same as
824 * getting a write lock on i_rwsem. Therefore, it is safe for us
825 * to drop the ILOCK here in order to reuse the _readdir and
826 * _dir_lookup routines, which do their own ILOCK locking.
827 */
828 oldpos = 0;
829 sc->ilock_flags &= ~XFS_ILOCK_EXCL;
830 xfs_iunlock(sc->ip, XFS_ILOCK_EXCL);
831 while (true) {
832 error = xfs_readdir(sc->tp, sc->ip, &sdc.dir_iter, bufsize);
833 if (!xchk_fblock_process_error(sc, XFS_DATA_FORK, 0,
834 &error))
835 goto out;
836 if (oldpos == sdc.dir_iter.pos)
837 break;
838 oldpos = sdc.dir_iter.pos;
839 }
840
841out:
842 return error;
843}