add new system file

hc

2024-02-20 102a0743326a03cd1a1202ceda21e175b7d3575c

 kernel/fs/nilfs2/the_nilfs.c
..
..
@@ -13,6 +13,7 @@
13
13
 #include <linux/blkdev.h>
14
14
 #include <linux/backing-dev.h>
15
15
 #include <linux/random.h>
16
+#include <linux/log2.h>
16
17
 #include <linux/crc32.h>
17
18
 #include "nilfs.h"
18
19
 #include "segment.h"
..
..
@@ -86,7 +87,6 @@
86
87
 {
87
88
 	might_sleep();
88
89
 	if (nilfs_init(nilfs)) {
89
-		nilfs_sysfs_delete_device_group(nilfs);
90
90
 		brelse(nilfs->ns_sbh[0]);
91
91
 		brelse(nilfs->ns_sbh[1]);
92
92
 	}
..
..
@@ -183,13 +183,41 @@
183
183
 		nilfs_get_segnum_of_block(nilfs, nilfs->ns_last_pseg);
184
184
 	nilfs->ns_cno = nilfs->ns_last_cno + 1;
185
185
 	if (nilfs->ns_segnum >= nilfs->ns_nsegments) {
186
-		nilfs_msg(nilfs->ns_sb, KERN_ERR,
186
+		nilfs_err(nilfs->ns_sb,
187
187
 			  "pointed segment number is out of range: segnum=%llu, nsegments=%lu",
188
188
 			  (unsigned long long)nilfs->ns_segnum,
189
189
 			  nilfs->ns_nsegments);
190
190
 		ret = -EINVAL;
191
191
 	}
192
192
 	return ret;
193
+}
194
+
195
+/**
196
+ * nilfs_get_blocksize - get block size from raw superblock data
197
+ * @sb: super block instance
198
+ * @sbp: superblock raw data buffer
199
+ * @blocksize: place to store block size
200
+ *
201
+ * nilfs_get_blocksize() calculates the block size from the block size
202
+ * exponent information written in @sbp and stores it in @blocksize,
203
+ * or aborts with an error message if it's too large.
204
+ *
205
+ * Return Value: On success, 0 is returned. If the block size is too
206
+ * large, -EINVAL is returned.
207
+ */
208
+static int nilfs_get_blocksize(struct super_block *sb,
209
+			       struct nilfs_super_block *sbp, int *blocksize)
210
+{
211
+	unsigned int shift_bits = le32_to_cpu(sbp->s_log_block_size);
212
+
213
+	if (unlikely(shift_bits >
214
+		     ilog2(NILFS_MAX_BLOCK_SIZE) - BLOCK_SIZE_BITS)) {
215
+		nilfs_err(sb, "too large filesystem blocksize: 2 ^ %u KiB",
216
+			  shift_bits);
217
+		return -EINVAL;
218
+	}
219
+	*blocksize = BLOCK_SIZE << shift_bits;
220
+	return 0;
193
221
 }
194
222
 
195
223
 /**
..
..
@@ -210,12 +238,12 @@
210
238
 	int err;
211
239
 
212
240
 	if (!valid_fs) {
213
-		nilfs_msg(sb, KERN_WARNING, "mounting unchecked fs");
241
+		nilfs_warn(sb, "mounting unchecked fs");
214
242
 		if (s_flags & SB_RDONLY) {
215
-			nilfs_msg(sb, KERN_INFO,
216
-				  "recovery required for readonly filesystem");
217
-			nilfs_msg(sb, KERN_INFO,
218
-				  "write access will be enabled during recovery");
243
+			nilfs_info(sb,
244
+				   "recovery required for readonly filesystem");
245
+			nilfs_info(sb,
246
+				   "write access will be enabled during recovery");
219
247
 		}
220
248
 	}
221
249
 
..
..
@@ -230,12 +258,11 @@
230
258
 			goto scan_error;
231
259
 
232
260
 		if (!nilfs_valid_sb(sbp[1])) {
233
-			nilfs_msg(sb, KERN_WARNING,
234
-				  "unable to fall back to spare super block");
261
+			nilfs_warn(sb,
262
+				   "unable to fall back to spare super block");
235
263
 			goto scan_error;
236
264
 		}
237
-		nilfs_msg(sb, KERN_INFO,
238
-			  "trying rollback from an earlier position");
265
+		nilfs_info(sb, "trying rollback from an earlier position");
239
266
 
240
267
 		/*
241
268
 		 * restore super block with its spare and reconfigure
..
..
@@ -246,11 +273,15 @@
246
273
 		nilfs->ns_sbwtime = le64_to_cpu(sbp[0]->s_wtime);
247
274
 
248
275
 		/* verify consistency between two super blocks */
249
-		blocksize = BLOCK_SIZE << le32_to_cpu(sbp[0]->s_log_block_size);
276
+		err = nilfs_get_blocksize(sb, sbp[0], &blocksize);
277
+		if (err)
278
+			goto scan_error;
279
+
250
280
 		if (blocksize != nilfs->ns_blocksize) {
251
-			nilfs_msg(sb, KERN_WARNING,
252
-				  "blocksize differs between two super blocks (%d != %d)",
253
-				  blocksize, nilfs->ns_blocksize);
281
+			nilfs_warn(sb,
282
+				   "blocksize differs between two super blocks (%d != %d)",
283
+				   blocksize, nilfs->ns_blocksize);
284
+			err = -EINVAL;
254
285
 			goto scan_error;
255
286
 		}
256
287
 
..
..
@@ -269,10 +300,13 @@
269
300
 
270
301
 	err = nilfs_load_super_root(nilfs, sb, ri.ri_super_root);
271
302
 	if (unlikely(err)) {
272
-		nilfs_msg(sb, KERN_ERR, "error %d while loading super root",
273
-			  err);
303
+		nilfs_err(sb, "error %d while loading super root", err);
274
304
 		goto failed;
275
305
 	}
306
+
307
+	err = nilfs_sysfs_create_device_group(sb);
308
+	if (unlikely(err))
309
+		goto sysfs_error;
276
310
 
277
311
 	if (valid_fs)
278
312
 		goto skip_recovery;
..
..
@@ -281,28 +315,28 @@
281
315
 		__u64 features;
282
316
 
283
317
 		if (nilfs_test_opt(nilfs, NORECOVERY)) {
284
-			nilfs_msg(sb, KERN_INFO,
285
-				  "norecovery option specified, skipping roll-forward recovery");
318
+			nilfs_info(sb,
319
+				   "norecovery option specified, skipping roll-forward recovery");
286
320
 			goto skip_recovery;
287
321
 		}
288
322
 		features = le64_to_cpu(nilfs->ns_sbp[0]->s_feature_compat_ro) &
289
323
 			~NILFS_FEATURE_COMPAT_RO_SUPP;
290
324
 		if (features) {
291
-			nilfs_msg(sb, KERN_ERR,
325
+			nilfs_err(sb,
292
326
 				  "couldn't proceed with recovery because of unsupported optional features (%llx)",
293
327
 				  (unsigned long long)features);
294
328
 			err = -EROFS;
295
329
 			goto failed_unload;
296
330
 		}
297
331
 		if (really_read_only) {
298
-			nilfs_msg(sb, KERN_ERR,
332
+			nilfs_err(sb,
299
333
 				  "write access unavailable, cannot proceed");
300
334
 			err = -EROFS;
301
335
 			goto failed_unload;
302
336
 		}
303
337
 		sb->s_flags &= ~SB_RDONLY;
304
338
 	} else if (nilfs_test_opt(nilfs, NORECOVERY)) {
305
-		nilfs_msg(sb, KERN_ERR,
339
+		nilfs_err(sb,
306
340
 			  "recovery cancelled because norecovery option was specified for a read/write mount");
307
341
 		err = -EINVAL;
308
342
 		goto failed_unload;
..
..
@@ -318,12 +352,12 @@
318
352
 	up_write(&nilfs->ns_sem);
319
353
 
320
354
 	if (err) {
321
-		nilfs_msg(sb, KERN_ERR,
355
+		nilfs_err(sb,
322
356
 			  "error %d updating super block. recovery unfinished.",
323
357
 			  err);
324
358
 		goto failed_unload;
325
359
 	}
326
-	nilfs_msg(sb, KERN_INFO, "recovery complete");
360
+	nilfs_info(sb, "recovery complete");
327
361
 
328
362
  skip_recovery:
329
363
 	nilfs_clear_recovery_info(&ri);
..
..
@@ -331,10 +365,13 @@
331
365
 	return 0;
332
366
 
333
367
  scan_error:
334
-	nilfs_msg(sb, KERN_ERR, "error %d while searching super root", err);
368
+	nilfs_err(sb, "error %d while searching super root", err);
335
369
 	goto failed;
336
370
 
337
371
  failed_unload:
372
+	nilfs_sysfs_delete_device_group(nilfs);
373
+
374
+ sysfs_error:
338
375
 	iput(nilfs->ns_cpfile);
339
376
 	iput(nilfs->ns_sufile);
340
377
 	iput(nilfs->ns_dat);
..
..
@@ -368,6 +405,18 @@
368
405
 				  100));
369
406
 }
370
407
 
408
+/**
409
+ * nilfs_max_segment_count - calculate the maximum number of segments
410
+ * @nilfs: nilfs object
411
+ */
412
+static u64 nilfs_max_segment_count(struct the_nilfs *nilfs)
413
+{
414
+	u64 max_count = U64_MAX;
415
+
416
+	do_div(max_count, nilfs->ns_blocks_per_segment);
417
+	return min_t(u64, max_count, ULONG_MAX);
418
+}
419
+
371
420
 void nilfs_set_nsegments(struct the_nilfs *nilfs, unsigned long nsegs)
372
421
 {
373
422
 	nilfs->ns_nsegments = nsegs;
..
..
@@ -377,8 +426,10 @@
377
426
 static int nilfs_store_disk_layout(struct the_nilfs *nilfs,
378
427
 				   struct nilfs_super_block *sbp)
379
428
 {
429
+	u64 nsegments, nblocks;
430
+
380
431
 	if (le32_to_cpu(sbp->s_rev_level) < NILFS_MIN_SUPP_REV) {
381
-		nilfs_msg(nilfs->ns_sb, KERN_ERR,
432
+		nilfs_err(nilfs->ns_sb,
382
433
 			  "unsupported revision (superblock rev.=%d.%d, current rev.=%d.%d). Please check the version of mkfs.nilfs(2).",
383
434
 			  le32_to_cpu(sbp->s_rev_level),
384
435
 			  le16_to_cpu(sbp->s_minor_rev_level),
..
..
@@ -391,13 +442,11 @@
391
442
 
392
443
 	nilfs->ns_inode_size = le16_to_cpu(sbp->s_inode_size);
393
444
 	if (nilfs->ns_inode_size > nilfs->ns_blocksize) {
394
-		nilfs_msg(nilfs->ns_sb, KERN_ERR,
395
-			  "too large inode size: %d bytes",
445
+		nilfs_err(nilfs->ns_sb, "too large inode size: %d bytes",
396
446
 			  nilfs->ns_inode_size);
397
447
 		return -EINVAL;
398
448
 	} else if (nilfs->ns_inode_size < NILFS_MIN_INODE_SIZE) {
399
-		nilfs_msg(nilfs->ns_sb, KERN_ERR,
400
-			  "too small inode size: %d bytes",
449
+		nilfs_err(nilfs->ns_sb, "too small inode size: %d bytes",
401
450
 			  nilfs->ns_inode_size);
402
451
 		return -EINVAL;
403
452
 	}
..
..
@@ -406,8 +455,7 @@
406
455
 
407
456
 	nilfs->ns_blocks_per_segment = le32_to_cpu(sbp->s_blocks_per_segment);
408
457
 	if (nilfs->ns_blocks_per_segment < NILFS_SEG_MIN_BLOCKS) {
409
-		nilfs_msg(nilfs->ns_sb, KERN_ERR,
410
-			  "too short segment: %lu blocks",
458
+		nilfs_err(nilfs->ns_sb, "too short segment: %lu blocks",
411
459
 			  nilfs->ns_blocks_per_segment);
412
460
 		return -EINVAL;
413
461
 	}
..
..
@@ -417,13 +465,41 @@
417
465
 		le32_to_cpu(sbp->s_r_segments_percentage);
418
466
 	if (nilfs->ns_r_segments_percentage < 1 ||
419
467
 	    nilfs->ns_r_segments_percentage > 99) {
420
-		nilfs_msg(nilfs->ns_sb, KERN_ERR,
468
+		nilfs_err(nilfs->ns_sb,
421
469
 			  "invalid reserved segments percentage: %lu",
422
470
 			  nilfs->ns_r_segments_percentage);
423
471
 		return -EINVAL;
424
472
 	}
425
473
 
426
-	nilfs_set_nsegments(nilfs, le64_to_cpu(sbp->s_nsegments));
474
+	nsegments = le64_to_cpu(sbp->s_nsegments);
475
+	if (nsegments > nilfs_max_segment_count(nilfs)) {
476
+		nilfs_err(nilfs->ns_sb,
477
+			  "segment count %llu exceeds upper limit (%llu segments)",
478
+			  (unsigned long long)nsegments,
479
+			  (unsigned long long)nilfs_max_segment_count(nilfs));
480
+		return -EINVAL;
481
+	}
482
+
483
+	nblocks = (u64)i_size_read(nilfs->ns_sb->s_bdev->bd_inode) >>
484
+		nilfs->ns_sb->s_blocksize_bits;
485
+	if (nblocks) {
486
+		u64 min_block_count = nsegments * nilfs->ns_blocks_per_segment;
487
+		/*
488
+		 * To avoid failing to mount early device images without a
489
+		 * second superblock, exclude that block count from the
490
+		 * "min_block_count" calculation.
491
+		 */
492
+
493
+		if (nblocks < min_block_count) {
494
+			nilfs_err(nilfs->ns_sb,
495
+				  "total number of segment blocks %llu exceeds device size (%llu blocks)",
496
+				  (unsigned long long)min_block_count,
497
+				  (unsigned long long)nblocks);
498
+			return -EINVAL;
499
+		}
500
+	}
501
+
502
+	nilfs_set_nsegments(nilfs, nsegments);
427
503
 	nilfs->ns_crc_seed = le32_to_cpu(sbp->s_crc_seed);
428
504
 	return 0;
429
505
 }
..
..
@@ -448,11 +524,33 @@
448
524
 	return crc == le32_to_cpu(sbp->s_sum);
449
525
 }
450
526
 
451
-static int nilfs_sb2_bad_offset(struct nilfs_super_block *sbp, u64 offset)
527
+/**
528
+ * nilfs_sb2_bad_offset - check the location of the second superblock
529
+ * @sbp: superblock raw data buffer
530
+ * @offset: byte offset of second superblock calculated from device size
531
+ *
532
+ * nilfs_sb2_bad_offset() checks if the position on the second
533
+ * superblock is valid or not based on the filesystem parameters
534
+ * stored in @sbp.  If @offset points to a location within the segment
535
+ * area, or if the parameters themselves are not normal, it is
536
+ * determined to be invalid.
537
+ *
538
+ * Return Value: true if invalid, false if valid.
539
+ */
540
+static bool nilfs_sb2_bad_offset(struct nilfs_super_block *sbp, u64 offset)
452
541
 {
453
-	return offset < ((le64_to_cpu(sbp->s_nsegments) *
454
-			  le32_to_cpu(sbp->s_blocks_per_segment)) <<
455
-			 (le32_to_cpu(sbp->s_log_block_size) + 10));
542
+	unsigned int shift_bits = le32_to_cpu(sbp->s_log_block_size);
543
+	u32 blocks_per_segment = le32_to_cpu(sbp->s_blocks_per_segment);
544
+	u64 nsegments = le64_to_cpu(sbp->s_nsegments);
545
+	u64 index;
546
+
547
+	if (blocks_per_segment < NILFS_SEG_MIN_BLOCKS ||
548
+	    shift_bits > ilog2(NILFS_MAX_BLOCK_SIZE) - BLOCK_SIZE_BITS)
549
+		return true;
550
+
551
+	index = offset >> (shift_bits + BLOCK_SIZE_BITS);
552
+	do_div(index, blocks_per_segment);
553
+	return index < nsegments;
456
554
 }
457
555
 
458
556
 static void nilfs_release_super_block(struct the_nilfs *nilfs)
..
..
@@ -494,8 +592,14 @@
494
592
 {
495
593
 	struct nilfs_super_block **sbp = nilfs->ns_sbp;
496
594
 	struct buffer_head **sbh = nilfs->ns_sbh;
497
-	u64 sb2off = NILFS_SB2_OFFSET_BYTES(nilfs->ns_bdev->bd_inode->i_size);
595
+	u64 sb2off, devsize = nilfs->ns_bdev->bd_inode->i_size;
498
596
 	int valid[2], swp = 0;
597
+
598
+	if (devsize < NILFS_SEG_MIN_BLOCKS * NILFS_MIN_BLOCK_SIZE + 4096) {
599
+		nilfs_err(sb, "device size too small");
600
+		return -EINVAL;
601
+	}
602
+	sb2off = NILFS_SB2_OFFSET_BYTES(devsize);
499
603
 
500
604
 	sbp[0] = nilfs_read_super_block(sb, NILFS_SB_OFFSET_BYTES, blocksize,
501
605
 					&sbh[0]);
..
..
@@ -503,16 +607,16 @@
503
607
 
504
608
 	if (!sbp[0]) {
505
609
 		if (!sbp[1]) {
506
-			nilfs_msg(sb, KERN_ERR, "unable to read superblock");
610
+			nilfs_err(sb, "unable to read superblock");
507
611
 			return -EIO;
508
612
 		}
509
-		nilfs_msg(sb, KERN_WARNING,
510
-			  "unable to read primary superblock (blocksize = %d)",
511
-			  blocksize);
613
+		nilfs_warn(sb,
614
+			   "unable to read primary superblock (blocksize = %d)",
615
+			   blocksize);
512
616
 	} else if (!sbp[1]) {
513
-		nilfs_msg(sb, KERN_WARNING,
514
-			  "unable to read secondary superblock (blocksize = %d)",
515
-			  blocksize);
617
+		nilfs_warn(sb,
618
+			   "unable to read secondary superblock (blocksize = %d)",
619
+			   blocksize);
516
620
 	}
517
621
 
518
622
 	/*
..
..
@@ -534,14 +638,14 @@
534
638
 	}
535
639
 	if (!valid[swp]) {
536
640
 		nilfs_release_super_block(nilfs);
537
-		nilfs_msg(sb, KERN_ERR, "couldn't find nilfs on the device");
641
+		nilfs_err(sb, "couldn't find nilfs on the device");
538
642
 		return -EINVAL;
539
643
 	}
540
644
 
541
645
 	if (!valid[!swp])
542
-		nilfs_msg(sb, KERN_WARNING,
543
-			  "broken superblock, retrying with spare superblock (blocksize = %d)",
544
-			  blocksize);
646
+		nilfs_warn(sb,
647
+			   "broken superblock, retrying with spare superblock (blocksize = %d)",
648
+			   blocksize);
545
649
 	if (swp)
546
650
 		nilfs_swap_super_block(nilfs);
547
651
 
..
..
@@ -575,7 +679,7 @@
575
679
 
576
680
 	blocksize = sb_min_blocksize(sb, NILFS_MIN_BLOCK_SIZE);
577
681
 	if (!blocksize) {
578
-		nilfs_msg(sb, KERN_ERR, "unable to set blocksize");
682
+		nilfs_err(sb, "unable to set blocksize");
579
683
 		err = -EINVAL;
580
684
 		goto out;
581
685
 	}
..
..
@@ -591,10 +695,12 @@
591
695
 	if (err)
592
696
 		goto failed_sbh;
593
697
 
594
-	blocksize = BLOCK_SIZE << le32_to_cpu(sbp->s_log_block_size);
595
-	if (blocksize < NILFS_MIN_BLOCK_SIZE ||
596
-	    blocksize > NILFS_MAX_BLOCK_SIZE) {
597
-		nilfs_msg(sb, KERN_ERR,
698
+	err = nilfs_get_blocksize(sb, sbp, &blocksize);
699
+	if (err)
700
+		goto failed_sbh;
701
+
702
+	if (blocksize < NILFS_MIN_BLOCK_SIZE) {
703
+		nilfs_err(sb,
598
704
 			  "couldn't mount because of unsupported filesystem blocksize %d",
599
705
 			  blocksize);
600
706
 		err = -EINVAL;
..
..
@@ -604,7 +710,7 @@
604
710
 		int hw_blocksize = bdev_logical_block_size(sb->s_bdev);
605
711
 
606
712
 		if (blocksize < hw_blocksize) {
607
-			nilfs_msg(sb, KERN_ERR,
713
+			nilfs_err(sb,
608
714
 				  "blocksize %d too small for device (sector-size = %d)",
609
715
 				  blocksize, hw_blocksize);
610
716
 			err = -EINVAL;
..
..
@@ -636,10 +742,6 @@
636
742
 	nilfs->ns_mount_state = le16_to_cpu(sbp->s_state);
637
743
 
638
744
 	err = nilfs_store_log_cursor(nilfs, sbp);
639
-	if (err)
640
-		goto failed_sbh;
641
-
642
-	err = nilfs_sysfs_create_device_group(sb);
643
745
 	if (err)
644
746
 		goto failed_sbh;
645
747
 
..
..
@@ -695,9 +797,7 @@
695
797
 {
696
798
 	unsigned long ncleansegs;
697
799
 
698
-	down_read(&NILFS_MDT(nilfs->ns_dat)->mi_sem);
699
800
 	ncleansegs = nilfs_sufile_get_ncleansegs(nilfs->ns_sufile);
700
-	up_read(&NILFS_MDT(nilfs->ns_dat)->mi_sem);
701
801
 	*nblocks = (sector_t)ncleansegs * nilfs->ns_blocks_per_segment;
702
802
 	return 0;
703
803
 }