1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /**
3 * dir.c - NTFS kernel directory operations. Part of the Linux-NTFS project.
4 *
5 * Copyright (c) 2001-2007 Anton Altaparmakov
6 * Copyright (c) 2002 Richard Russon
7 */
8
9 #include <linux/buffer_head.h>
10 #include <linux/slab.h>
11
12 #include "dir.h"
13 #include "aops.h"
14 #include "attrib.h"
15 #include "mft.h"
16 #include "debug.h"
17 #include "ntfs.h"
18
19 /**
20 * The little endian Unicode string $I30 as a global constant.
21 */
22 ntfschar I30[5] = { cpu_to_le16('$'), cpu_to_le16('I'),
23 cpu_to_le16('3'), cpu_to_le16('0'), 0 };
24
25 /**
26 * ntfs_lookup_inode_by_name - find an inode in a directory given its name
27 * @dir_ni: ntfs inode of the directory in which to search for the name
28 * @uname: Unicode name for which to search in the directory
29 * @uname_len: length of the name @uname in Unicode characters
30 * @res: return the found file name if necessary (see below)
31 *
32 * Look for an inode with name @uname in the directory with inode @dir_ni.
33 * ntfs_lookup_inode_by_name() walks the contents of the directory looking for
34 * the Unicode name. If the name is found in the directory, the corresponding
35 * inode number (>= 0) is returned as a mft reference in cpu format, i.e. it
36 * is a 64-bit number containing the sequence number.
37 *
38 * On error, a negative value is returned corresponding to the error code. In
39 * particular if the inode is not found -ENOENT is returned. Note that you
40 * can't just check the return value for being negative, you have to check the
41 * inode number for being negative which you can extract using MREC(return
42 * value).
43 *
44 * Note, @uname_len does not include the (optional) terminating NULL character.
45 *
46 * Note, we look for a case sensitive match first but we also look for a case
47 * insensitive match at the same time. If we find a case insensitive match, we
48 * save that for the case that we don't find an exact match, where we return
49 * the case insensitive match and setup @res (which we allocate!) with the mft
50 * reference, the file name type, length and with a copy of the little endian
51 * Unicode file name itself. If we match a file name which is in the DOS name
52 * space, we only return the mft reference and file name type in @res.
53 * ntfs_lookup() then uses this to find the long file name in the inode itself.
54 * This is to avoid polluting the dcache with short file names. We want them to
55 * work but we don't care for how quickly one can access them. This also fixes
56 * the dcache aliasing issues.
57 *
58 * Locking: - Caller must hold i_mutex on the directory.
59 * - Each page cache page in the index allocation mapping must be
60 * locked whilst being accessed otherwise we may find a corrupt
61 * page due to it being under ->writepage at the moment which
62 * applies the mst protection fixups before writing out and then
63 * removes them again after the write is complete after which it
64 * unlocks the page.
65 */
66 MFT_REF ntfs_lookup_inode_by_name(ntfs_inode *dir_ni, const ntfschar *uname,
67 const int uname_len, ntfs_name **res)
68 {
69 ntfs_volume *vol = dir_ni->vol;
70 struct super_block *sb = vol->sb;
71 MFT_RECORD *m;
72 INDEX_ROOT *ir;
73 INDEX_ENTRY *ie;
74 INDEX_ALLOCATION *ia;
75 u8 *index_end;
76 u64 mref;
77 ntfs_attr_search_ctx *ctx;
78 int err, rc;
79 VCN vcn, old_vcn;
80 struct address_space *ia_mapping;
81 struct page *page;
82 u8 *kaddr;
83 ntfs_name *name = NULL;
84
85 BUG_ON(!S_ISDIR(VFS_I(dir_ni)->i_mode));
86 BUG_ON(NInoAttr(dir_ni));
87 /* Get hold of the mft record for the directory. */
88 m = map_mft_record(dir_ni);
89 if (IS_ERR(m)) {
90 ntfs_error(sb, "map_mft_record() failed with error code %ld.",
91 -PTR_ERR(m));
92 return ERR_MREF(PTR_ERR(m));
93 }
94 ctx = ntfs_attr_get_search_ctx(dir_ni, m);
95 if (unlikely(!ctx)) {
96 err = -ENOMEM;
97 goto err_out;
98 }
99 /* Find the index root attribute in the mft record. */
100 err = ntfs_attr_lookup(AT_INDEX_ROOT, I30, 4, CASE_SENSITIVE, 0, NULL,
101 0, ctx);
102 if (unlikely(err)) {
103 if (err == -ENOENT) {
104 ntfs_error(sb, "Index root attribute missing in "
105 "directory inode 0x%lx.",
106 dir_ni->mft_no);
107 err = -EIO;
108 }
109 goto err_out;
110 }
111 /* Get to the index root value (it's been verified in read_inode). */
112 ir = (INDEX_ROOT*)((u8*)ctx->attr +
113 le16_to_cpu(ctx->attr->data.resident.value_offset));
114 index_end = (u8*)&ir->index + le32_to_cpu(ir->index.index_length);
115 /* The first index entry. */
116 ie = (INDEX_ENTRY*)((u8*)&ir->index +
117 le32_to_cpu(ir->index.entries_offset));
118 /*
119 * Loop until we exceed valid memory (corruption case) or until we
120 * reach the last entry.
121 */
122 for (;; ie = (INDEX_ENTRY*)((u8*)ie + le16_to_cpu(ie->length))) {
123 /* Bounds checks. */
124 if ((u8*)ie < (u8*)ctx->mrec || (u8*)ie +
125 sizeof(INDEX_ENTRY_HEADER) > index_end ||
126 (u8*)ie + le16_to_cpu(ie->key_length) >
127 index_end)
128 goto dir_err_out;
129 /*
130 * The last entry cannot contain a name. It can however contain
131 * a pointer to a child node in the B+tree so we just break out.
132 */
133 if (ie->flags & INDEX_ENTRY_END)
134 break;
135 /*
136 * We perform a case sensitive comparison and if that matches
137 * we are done and return the mft reference of the inode (i.e.
138 * the inode number together with the sequence number for
139 * consistency checking). We convert it to cpu format before
140 * returning.
141 */
142 if (ntfs_are_names_equal(uname, uname_len,
143 (ntfschar*)&ie->key.file_name.file_name,
144 ie->key.file_name.file_name_length,
145 CASE_SENSITIVE, vol->upcase, vol->upcase_len)) {
146 found_it:
147 /*
148 * We have a perfect match, so we don't need to care
149 * about having matched imperfectly before, so we can
150 * free name and set *res to NULL.
151 * However, if the perfect match is a short file name,
152 * we need to signal this through *res, so that
153 * ntfs_lookup() can fix dcache aliasing issues.
154 * As an optimization we just reuse an existing
155 * allocation of *res.
156 */
157 if (ie->key.file_name.file_name_type == FILE_NAME_DOS) {
158 if (!name) {
159 name = kmalloc(sizeof(ntfs_name),
160 GFP_NOFS);
161 if (!name) {
162 err = -ENOMEM;
163 goto err_out;
164 }
165 }
166 name->mref = le64_to_cpu(
167 ie->data.dir.indexed_file);
168 name->type = FILE_NAME_DOS;
169 name->len = 0;
170 *res = name;
171 } else {
172 kfree(name);
173 *res = NULL;
174 }
175 mref = le64_to_cpu(ie->data.dir.indexed_file);
176 ntfs_attr_put_search_ctx(ctx);
177 unmap_mft_record(dir_ni);
178 return mref;
179 }
180 /*
181 * For a case insensitive mount, we also perform a case
182 * insensitive comparison (provided the file name is not in the
183 * POSIX namespace). If the comparison matches, and the name is
184 * in the WIN32 namespace, we cache the filename in *res so
185 * that the caller, ntfs_lookup(), can work on it. If the
186 * comparison matches, and the name is in the DOS namespace, we
187 * only cache the mft reference and the file name type (we set
188 * the name length to zero for simplicity).
189 */
190 if (!NVolCaseSensitive(vol) &&
191 ie->key.file_name.file_name_type &&
192 ntfs_are_names_equal(uname, uname_len,
193 (ntfschar*)&ie->key.file_name.file_name,
194 ie->key.file_name.file_name_length,
195 IGNORE_CASE, vol->upcase, vol->upcase_len)) {
196 int name_size = sizeof(ntfs_name);
197 u8 type = ie->key.file_name.file_name_type;
198 u8 len = ie->key.file_name.file_name_length;
199
200 /* Only one case insensitive matching name allowed. */
201 if (name) {
202 ntfs_error(sb, "Found already allocated name "
203 "in phase 1. Please run chkdsk "
204 "and if that doesn't find any "
205 "errors please report you saw "
206 "this message to "
207 "linux-ntfs-dev@lists."
208 "sourceforge.net.");
209 goto dir_err_out;
210 }
211
212 if (type != FILE_NAME_DOS)
213 name_size += len * sizeof(ntfschar);
214 name = kmalloc(name_size, GFP_NOFS);
215 if (!name) {
216 err = -ENOMEM;
217 goto err_out;
218 }
219 name->mref = le64_to_cpu(ie->data.dir.indexed_file);
220 name->type = type;
221 if (type != FILE_NAME_DOS) {
222 name->len = len;
223 memcpy(name->name, ie->key.file_name.file_name,
224 len * sizeof(ntfschar));
225 } else
226 name->len = 0;
227 *res = name;
228 }
229 /*
230 * Not a perfect match, need to do full blown collation so we
231 * know which way in the B+tree we have to go.
232 */
233 rc = ntfs_collate_names(uname, uname_len,
234 (ntfschar*)&ie->key.file_name.file_name,
235 ie->key.file_name.file_name_length, 1,
236 IGNORE_CASE, vol->upcase, vol->upcase_len);
237 /*
238 * If uname collates before the name of the current entry, there
239 * is definitely no such name in this index but we might need to
240 * descend into the B+tree so we just break out of the loop.
241 */
242 if (rc == -1)
243 break;
244 /* The names are not equal, continue the search. */
245 if (rc)
246 continue;
247 /*
248 * Names match with case insensitive comparison, now try the
249 * case sensitive comparison, which is required for proper
250 * collation.
251 */
252 rc = ntfs_collate_names(uname, uname_len,
253 (ntfschar*)&ie->key.file_name.file_name,
254 ie->key.file_name.file_name_length, 1,
255 CASE_SENSITIVE, vol->upcase, vol->upcase_len);
256 if (rc == -1)
257 break;
258 if (rc)
259 continue;
260 /*
261 * Perfect match, this will never happen as the
262 * ntfs_are_names_equal() call will have gotten a match but we
263 * still treat it correctly.
264 */
265 goto found_it;
266 }
267 /*
268 * We have finished with this index without success. Check for the
269 * presence of a child node and if not present return -ENOENT, unless
270 * we have got a matching name cached in name in which case return the
271 * mft reference associated with it.
272 */
273 if (!(ie->flags & INDEX_ENTRY_NODE)) {
274 if (name) {
275 ntfs_attr_put_search_ctx(ctx);
276 unmap_mft_record(dir_ni);
277 return name->mref;
278 }
279 ntfs_debug("Entry not found.");
280 err = -ENOENT;
281 goto err_out;
282 } /* Child node present, descend into it. */
283 /* Consistency check: Verify that an index allocation exists. */
284 if (!NInoIndexAllocPresent(dir_ni)) {
285 ntfs_error(sb, "No index allocation attribute but index entry "
286 "requires one. Directory inode 0x%lx is "
287 "corrupt or driver bug.", dir_ni->mft_no);
288 goto err_out;
289 }
290 /* Get the starting vcn of the index_block holding the child node. */
291 vcn = sle64_to_cpup((sle64*)((u8*)ie + le16_to_cpu(ie->length) - 8));
292 ia_mapping = VFS_I(dir_ni)->i_mapping;
293 /*
294 * We are done with the index root and the mft record. Release them,
295 * otherwise we deadlock with ntfs_map_page().
296 */
297 ntfs_attr_put_search_ctx(ctx);
298 unmap_mft_record(dir_ni);
299 m = NULL;
300 ctx = NULL;
301 descend_into_child_node:
302 /*
303 * Convert vcn to index into the index allocation attribute in units
304 * of PAGE_SIZE and map the page cache page, reading it from
305 * disk if necessary.
306 */
307 page = ntfs_map_page(ia_mapping, vcn <<
308 dir_ni->itype.index.vcn_size_bits >> PAGE_SHIFT);
309 if (IS_ERR(page)) {
310 ntfs_error(sb, "Failed to map directory index page, error %ld.",
311 -PTR_ERR(page));
312 err = PTR_ERR(page);
313 goto err_out;
314 }
315 lock_page(page);
316 kaddr = (u8*)page_address(page);
317 fast_descend_into_child_node:
318 /* Get to the index allocation block. */
319 ia = (INDEX_ALLOCATION*)(kaddr + ((vcn <<
320 dir_ni->itype.index.vcn_size_bits) & ~PAGE_MASK));
321 /* Bounds checks. */
322 if ((u8*)ia < kaddr || (u8*)ia > kaddr + PAGE_SIZE) {
323 ntfs_error(sb, "Out of bounds check failed. Corrupt directory "
324 "inode 0x%lx or driver bug.", dir_ni->mft_no);
325 goto unm_err_out;
326 }
327 /* Catch multi sector transfer fixup errors. */
328 if (unlikely(!ntfs_is_indx_record(ia->magic))) {
329 ntfs_error(sb, "Directory index record with vcn 0x%llx is "
330 "corrupt. Corrupt inode 0x%lx. Run chkdsk.",
331 (unsigned long long)vcn, dir_ni->mft_no);
332 goto unm_err_out;
333 }
334 if (sle64_to_cpu(ia->index_block_vcn) != vcn) {
335 ntfs_error(sb, "Actual VCN (0x%llx) of index buffer is "
336 "different from expected VCN (0x%llx). "
337 "Directory inode 0x%lx is corrupt or driver "
338 "bug.", (unsigned long long)
339 sle64_to_cpu(ia->index_block_vcn),
340 (unsigned long long)vcn, dir_ni->mft_no);
341 goto unm_err_out;
342 }
343 if (le32_to_cpu(ia->index.allocated_size) + 0x18 !=
344 dir_ni->itype.index.block_size) {
345 ntfs_error(sb, "Index buffer (VCN 0x%llx) of directory inode "
346 "0x%lx has a size (%u) differing from the "
347 "directory specified size (%u). Directory "
348 "inode is corrupt or driver bug.",
349 (unsigned long long)vcn, dir_ni->mft_no,
350 le32_to_cpu(ia->index.allocated_size) + 0x18,
351 dir_ni->itype.index.block_size);
352 goto unm_err_out;
353 }
354 index_end = (u8*)ia + dir_ni->itype.index.block_size;
355 if (index_end > kaddr + PAGE_SIZE) {
356 ntfs_error(sb, "Index buffer (VCN 0x%llx) of directory inode "
357 "0x%lx crosses page boundary. Impossible! "
358 "Cannot access! This is probably a bug in the "
359 "driver.", (unsigned long long)vcn,
360 dir_ni->mft_no);
361 goto unm_err_out;
362 }
363 index_end = (u8*)&ia->index + le32_to_cpu(ia->index.index_length);
364 if (index_end > (u8*)ia + dir_ni->itype.index.block_size) {
365 ntfs_error(sb, "Size of index buffer (VCN 0x%llx) of directory "
366 "inode 0x%lx exceeds maximum size.",
367 (unsigned long long)vcn, dir_ni->mft_no);
368 goto unm_err_out;
369 }
370 /* The first index entry. */
371 ie = (INDEX_ENTRY*)((u8*)&ia->index +
372 le32_to_cpu(ia->index.entries_offset));
373 /*
374 * Iterate similar to above big loop but applied to index buffer, thus
375 * loop until we exceed valid memory (corruption case) or until we
376 * reach the last entry.
377 */
378 for (;; ie = (INDEX_ENTRY*)((u8*)ie + le16_to_cpu(ie->length))) {
379 /* Bounds check. */
380 if ((u8*)ie < (u8*)ia || (u8*)ie +
381 sizeof(INDEX_ENTRY_HEADER) > index_end ||
382 (u8*)ie + le16_to_cpu(ie->key_length) >
383 index_end) {
384 ntfs_error(sb, "Index entry out of bounds in "
385 "directory inode 0x%lx.",
386 dir_ni->mft_no);
387 goto unm_err_out;
388 }
389 /*
390 * The last entry cannot contain a name. It can however contain
391 * a pointer to a child node in the B+tree so we just break out.
392 */
393 if (ie->flags & INDEX_ENTRY_END)
394 break;
395 /*
396 * We perform a case sensitive comparison and if that matches
397 * we are done and return the mft reference of the inode (i.e.
398 * the inode number together with the sequence number for
399 * consistency checking). We convert it to cpu format before
400 * returning.
401 */
402 if (ntfs_are_names_equal(uname, uname_len,
403 (ntfschar*)&ie->key.file_name.file_name,
404 ie->key.file_name.file_name_length,
405 CASE_SENSITIVE, vol->upcase, vol->upcase_len)) {
406 found_it2:
407 /*
408 * We have a perfect match, so we don't need to care
409 * about having matched imperfectly before, so we can
410 * free name and set *res to NULL.
411 * However, if the perfect match is a short file name,
412 * we need to signal this through *res, so that
413 * ntfs_lookup() can fix dcache aliasing issues.
414 * As an optimization we just reuse an existing
415 * allocation of *res.
416 */
417 if (ie->key.file_name.file_name_type == FILE_NAME_DOS) {
418 if (!name) {
419 name = kmalloc(sizeof(ntfs_name),
420 GFP_NOFS);
421 if (!name) {
422 err = -ENOMEM;
423 goto unm_err_out;
424 }
425 }
426 name->mref = le64_to_cpu(
427 ie->data.dir.indexed_file);
428 name->type = FILE_NAME_DOS;
429 name->len = 0;
430 *res = name;
431 } else {
432 kfree(name);
433 *res = NULL;
434 }
435 mref = le64_to_cpu(ie->data.dir.indexed_file);
436 unlock_page(page);
437 ntfs_unmap_page(page);
438 return mref;
439 }
440 /*
441 * For a case insensitive mount, we also perform a case
442 * insensitive comparison (provided the file name is not in the
443 * POSIX namespace). If the comparison matches, and the name is
444 * in the WIN32 namespace, we cache the filename in *res so
445 * that the caller, ntfs_lookup(), can work on it. If the
446 * comparison matches, and the name is in the DOS namespace, we
447 * only cache the mft reference and the file name type (we set
448 * the name length to zero for simplicity).
449 */
450 if (!NVolCaseSensitive(vol) &&
451 ie->key.file_name.file_name_type &&
452 ntfs_are_names_equal(uname, uname_len,
453 (ntfschar*)&ie->key.file_name.file_name,
454 ie->key.file_name.file_name_length,
455 IGNORE_CASE, vol->upcase, vol->upcase_len)) {
456 int name_size = sizeof(ntfs_name);
457 u8 type = ie->key.file_name.file_name_type;
458 u8 len = ie->key.file_name.file_name_length;
459
460 /* Only one case insensitive matching name allowed. */
461 if (name) {
462 ntfs_error(sb, "Found already allocated name "
463 "in phase 2. Please run chkdsk "
464 "and if that doesn't find any "
465 "errors please report you saw "
466 "this message to "
467 "linux-ntfs-dev@lists."
468 "sourceforge.net.");
469 unlock_page(page);
470 ntfs_unmap_page(page);
471 goto dir_err_out;
472 }
473
474 if (type != FILE_NAME_DOS)
475 name_size += len * sizeof(ntfschar);
476 name = kmalloc(name_size, GFP_NOFS);
477 if (!name) {
478 err = -ENOMEM;
479 goto unm_err_out;
480 }
481 name->mref = le64_to_cpu(ie->data.dir.indexed_file);
482 name->type = type;
483 if (type != FILE_NAME_DOS) {
484 name->len = len;
485 memcpy(name->name, ie->key.file_name.file_name,
486 len * sizeof(ntfschar));
487 } else
488 name->len = 0;
489 *res = name;
490 }
491 /*
492 * Not a perfect match, need to do full blown collation so we
493 * know which way in the B+tree we have to go.
494 */
495 rc = ntfs_collate_names(uname, uname_len,
496 (ntfschar*)&ie->key.file_name.file_name,
497 ie->key.file_name.file_name_length, 1,
498 IGNORE_CASE, vol->upcase, vol->upcase_len);
499 /*
500 * If uname collates before the name of the current entry, there
501 * is definitely no such name in this index but we might need to
502 * descend into the B+tree so we just break out of the loop.
503 */
504 if (rc == -1)
505 break;
506 /* The names are not equal, continue the search. */
507 if (rc)
508 continue;
509 /*
510 * Names match with case insensitive comparison, now try the
511 * case sensitive comparison, which is required for proper
512 * collation.
513 */
514 rc = ntfs_collate_names(uname, uname_len,
515 (ntfschar*)&ie->key.file_name.file_name,
516 ie->key.file_name.file_name_length, 1,
517 CASE_SENSITIVE, vol->upcase, vol->upcase_len);
518 if (rc == -1)
519 break;
520 if (rc)
521 continue;
522 /*
523 * Perfect match, this will never happen as the
524 * ntfs_are_names_equal() call will have gotten a match but we
525 * still treat it correctly.
526 */
527 goto found_it2;
528 }
529 /*
530 * We have finished with this index buffer without success. Check for
531 * the presence of a child node.
532 */
533 if (ie->flags & INDEX_ENTRY_NODE) {
534 if ((ia->index.flags & NODE_MASK) == LEAF_NODE) {
535 ntfs_error(sb, "Index entry with child node found in "
536 "a leaf node in directory inode 0x%lx.",
537 dir_ni->mft_no);
538 goto unm_err_out;
539 }
540 /* Child node present, descend into it. */
541 old_vcn = vcn;
542 vcn = sle64_to_cpup((sle64*)((u8*)ie +
543 le16_to_cpu(ie->length) - 8));
544 if (vcn >= 0) {
545 /* If vcn is in the same page cache page as old_vcn we
546 * recycle the mapped page. */
547 if (old_vcn << vol->cluster_size_bits >>
548 PAGE_SHIFT == vcn <<
549 vol->cluster_size_bits >>
550 PAGE_SHIFT)
551 goto fast_descend_into_child_node;
552 unlock_page(page);
553 ntfs_unmap_page(page);
554 goto descend_into_child_node;
555 }
556 ntfs_error(sb, "Negative child node vcn in directory inode "
557 "0x%lx.", dir_ni->mft_no);
558 goto unm_err_out;
559 }
560 /*
561 * No child node present, return -ENOENT, unless we have got a matching
562 * name cached in name in which case return the mft reference
563 * associated with it.
564 */
565 if (name) {
566 unlock_page(page);
567 ntfs_unmap_page(page);
568 return name->mref;
569 }
570 ntfs_debug("Entry not found.");
571 err = -ENOENT;
572 unm_err_out:
573 unlock_page(page);
574 ntfs_unmap_page(page);
575 err_out:
576 if (!err)
577 err = -EIO;
578 if (ctx)
579 ntfs_attr_put_search_ctx(ctx);
580 if (m)
581 unmap_mft_record(dir_ni);
582 if (name) {
583 kfree(name);
584 *res = NULL;
585 }
586 return ERR_MREF(err);
587 dir_err_out:
588 ntfs_error(sb, "Corrupt directory. Aborting lookup.");
589 goto err_out;
590 }
591
592 #if 0
593
594 // TODO: (AIA)
595 // The algorithm embedded in this code will be required for the time when we
596 // want to support adding of entries to directories, where we require correct
597 // collation of file names in order not to cause corruption of the filesystem.
598
599 /**
600 * ntfs_lookup_inode_by_name - find an inode in a directory given its name
601 * @dir_ni: ntfs inode of the directory in which to search for the name
602 * @uname: Unicode name for which to search in the directory
603 * @uname_len: length of the name @uname in Unicode characters
604 *
605 * Look for an inode with name @uname in the directory with inode @dir_ni.
606 * ntfs_lookup_inode_by_name() walks the contents of the directory looking for
607 * the Unicode name. If the name is found in the directory, the corresponding
608 * inode number (>= 0) is returned as a mft reference in cpu format, i.e. it
609 * is a 64-bit number containing the sequence number.
610 *
611 * On error, a negative value is returned corresponding to the error code. In
612 * particular if the inode is not found -ENOENT is returned. Note that you
613 * can't just check the return value for being negative, you have to check the
614 * inode number for being negative which you can extract using MREC(return
615 * value).
616 *
617 * Note, @uname_len does not include the (optional) terminating NULL character.
618 */
619 u64 ntfs_lookup_inode_by_name(ntfs_inode *dir_ni, const ntfschar *uname,
620 const int uname_len)
621 {
622 ntfs_volume *vol = dir_ni->vol;
623 struct super_block *sb = vol->sb;
624 MFT_RECORD *m;
625 INDEX_ROOT *ir;
626 INDEX_ENTRY *ie;
627 INDEX_ALLOCATION *ia;
628 u8 *index_end;
629 u64 mref;
630 ntfs_attr_search_ctx *ctx;
631 int err, rc;
632 IGNORE_CASE_BOOL ic;
633 VCN vcn, old_vcn;
634 struct address_space *ia_mapping;
635 struct page *page;
636 u8 *kaddr;
637
638 /* Get hold of the mft record for the directory. */
639 m = map_mft_record(dir_ni);
640 if (IS_ERR(m)) {
641 ntfs_error(sb, "map_mft_record() failed with error code %ld.",
642 -PTR_ERR(m));
643 return ERR_MREF(PTR_ERR(m));
644 }
645 ctx = ntfs_attr_get_search_ctx(dir_ni, m);
646 if (!ctx) {
647 err = -ENOMEM;
648 goto err_out;
649 }
650 /* Find the index root attribute in the mft record. */
651 err = ntfs_attr_lookup(AT_INDEX_ROOT, I30, 4, CASE_SENSITIVE, 0, NULL,
652 0, ctx);
653 if (unlikely(err)) {
654 if (err == -ENOENT) {
655 ntfs_error(sb, "Index root attribute missing in "
656 "directory inode 0x%lx.",
657 dir_ni->mft_no);
658 err = -EIO;
659 }
660 goto err_out;
661 }
662 /* Get to the index root value (it's been verified in read_inode). */
663 ir = (INDEX_ROOT*)((u8*)ctx->attr +
664 le16_to_cpu(ctx->attr->data.resident.value_offset));
665 index_end = (u8*)&ir->index + le32_to_cpu(ir->index.index_length);
666 /* The first index entry. */
667 ie = (INDEX_ENTRY*)((u8*)&ir->index +
668 le32_to_cpu(ir->index.entries_offset));
669 /*
670 * Loop until we exceed valid memory (corruption case) or until we
671 * reach the last entry.
672 */
673 for (;; ie = (INDEX_ENTRY*)((u8*)ie + le16_to_cpu(ie->length))) {
674 /* Bounds checks. */
675 if ((u8*)ie < (u8*)ctx->mrec || (u8*)ie +
676 sizeof(INDEX_ENTRY_HEADER) > index_end ||
677 (u8*)ie + le16_to_cpu(ie->key_length) >
678 index_end)
679 goto dir_err_out;
680 /*
681 * The last entry cannot contain a name. It can however contain
682 * a pointer to a child node in the B+tree so we just break out.
683 */
684 if (ie->flags & INDEX_ENTRY_END)
685 break;
686 /*
687 * If the current entry has a name type of POSIX, the name is
688 * case sensitive and not otherwise. This has the effect of us
689 * not being able to access any POSIX file names which collate
690 * after the non-POSIX one when they only differ in case, but
691 * anyone doing screwy stuff like that deserves to burn in
692 * hell... Doing that kind of stuff on NT4 actually causes
693 * corruption on the partition even when using SP6a and Linux
694 * is not involved at all.
695 */
696 ic = ie->key.file_name.file_name_type ? IGNORE_CASE :
697 CASE_SENSITIVE;
698 /*
699 * If the names match perfectly, we are done and return the
700 * mft reference of the inode (i.e. the inode number together
701 * with the sequence number for consistency checking. We
702 * convert it to cpu format before returning.
703 */
704 if (ntfs_are_names_equal(uname, uname_len,
705 (ntfschar*)&ie->key.file_name.file_name,
706 ie->key.file_name.file_name_length, ic,
707 vol->upcase, vol->upcase_len)) {
708 found_it:
709 mref = le64_to_cpu(ie->data.dir.indexed_file);
710 ntfs_attr_put_search_ctx(ctx);
711 unmap_mft_record(dir_ni);
712 return mref;
713 }
714 /*
715 * Not a perfect match, need to do full blown collation so we
716 * know which way in the B+tree we have to go.
717 */
718 rc = ntfs_collate_names(uname, uname_len,
719 (ntfschar*)&ie->key.file_name.file_name,
720 ie->key.file_name.file_name_length, 1,
721 IGNORE_CASE, vol->upcase, vol->upcase_len);
722 /*
723 * If uname collates before the name of the current entry, there
724 * is definitely no such name in this index but we might need to
725 * descend into the B+tree so we just break out of the loop.
726 */
727 if (rc == -1)
728 break;
729 /* The names are not equal, continue the search. */
730 if (rc)
731 continue;
732 /*
733 * Names match with case insensitive comparison, now try the
734 * case sensitive comparison, which is required for proper
735 * collation.
736 */
737 rc = ntfs_collate_names(uname, uname_len,
738 (ntfschar*)&ie->key.file_name.file_name,
739 ie->key.file_name.file_name_length, 1,
740 CASE_SENSITIVE, vol->upcase, vol->upcase_len);
741 if (rc == -1)
742 break;
743 if (rc)
744 continue;
745 /*
746 * Perfect match, this will never happen as the
747 * ntfs_are_names_equal() call will have gotten a match but we
748 * still treat it correctly.
749 */
750 goto found_it;
751 }
752 /*
753 * We have finished with this index without success. Check for the
754 * presence of a child node.
755 */
756 if (!(ie->flags & INDEX_ENTRY_NODE)) {
757 /* No child node, return -ENOENT. */
758 err = -ENOENT;
759 goto err_out;
760 } /* Child node present, descend into it. */
761 /* Consistency check: Verify that an index allocation exists. */
762 if (!NInoIndexAllocPresent(dir_ni)) {
763 ntfs_error(sb, "No index allocation attribute but index entry "
764 "requires one. Directory inode 0x%lx is "
765 "corrupt or driver bug.", dir_ni->mft_no);
766 goto err_out;
767 }
768 /* Get the starting vcn of the index_block holding the child node. */
769 vcn = sle64_to_cpup((u8*)ie + le16_to_cpu(ie->length) - 8);
770 ia_mapping = VFS_I(dir_ni)->i_mapping;
771 /*
772 * We are done with the index root and the mft record. Release them,
773 * otherwise we deadlock with ntfs_map_page().
774 */
775 ntfs_attr_put_search_ctx(ctx);
776 unmap_mft_record(dir_ni);
777 m = NULL;
778 ctx = NULL;
779 descend_into_child_node:
780 /*
781 * Convert vcn to index into the index allocation attribute in units
782 * of PAGE_SIZE and map the page cache page, reading it from
783 * disk if necessary.
784 */
785 page = ntfs_map_page(ia_mapping, vcn <<
786 dir_ni->itype.index.vcn_size_bits >> PAGE_SHIFT);
787 if (IS_ERR(page)) {
788 ntfs_error(sb, "Failed to map directory index page, error %ld.",
789 -PTR_ERR(page));
790 err = PTR_ERR(page);
791 goto err_out;
792 }
793 lock_page(page);
794 kaddr = (u8*)page_address(page);
795 fast_descend_into_child_node:
796 /* Get to the index allocation block. */
797 ia = (INDEX_ALLOCATION*)(kaddr + ((vcn <<
798 dir_ni->itype.index.vcn_size_bits) & ~PAGE_MASK));
799 /* Bounds checks. */
800 if ((u8*)ia < kaddr || (u8*)ia > kaddr + PAGE_SIZE) {
801 ntfs_error(sb, "Out of bounds check failed. Corrupt directory "
802 "inode 0x%lx or driver bug.", dir_ni->mft_no);
803 goto unm_err_out;
804 }
805 /* Catch multi sector transfer fixup errors. */
806 if (unlikely(!ntfs_is_indx_record(ia->magic))) {
807 ntfs_error(sb, "Directory index record with vcn 0x%llx is "
808 "corrupt. Corrupt inode 0x%lx. Run chkdsk.",
809 (unsigned long long)vcn, dir_ni->mft_no);
810 goto unm_err_out;
811 }
812 if (sle64_to_cpu(ia->index_block_vcn) != vcn) {
813 ntfs_error(sb, "Actual VCN (0x%llx) of index buffer is "
814 "different from expected VCN (0x%llx). "
815 "Directory inode 0x%lx is corrupt or driver "
816 "bug.", (unsigned long long)
817 sle64_to_cpu(ia->index_block_vcn),
818 (unsigned long long)vcn, dir_ni->mft_no);
819 goto unm_err_out;
820 }
821 if (le32_to_cpu(ia->index.allocated_size) + 0x18 !=
822 dir_ni->itype.index.block_size) {
823 ntfs_error(sb, "Index buffer (VCN 0x%llx) of directory inode "
824 "0x%lx has a size (%u) differing from the "
825 "directory specified size (%u). Directory "
826 "inode is corrupt or driver bug.",
827 (unsigned long long)vcn, dir_ni->mft_no,
828 le32_to_cpu(ia->index.allocated_size) + 0x18,
829 dir_ni->itype.index.block_size);
830 goto unm_err_out;
831 }
832 index_end = (u8*)ia + dir_ni->itype.index.block_size;
833 if (index_end > kaddr + PAGE_SIZE) {
834 ntfs_error(sb, "Index buffer (VCN 0x%llx) of directory inode "
835 "0x%lx crosses page boundary. Impossible! "
836 "Cannot access! This is probably a bug in the "
837 "driver.", (unsigned long long)vcn,
838 dir_ni->mft_no);
839 goto unm_err_out;
840 }
841 index_end = (u8*)&ia->index + le32_to_cpu(ia->index.index_length);
842 if (index_end > (u8*)ia + dir_ni->itype.index.block_size) {
843 ntfs_error(sb, "Size of index buffer (VCN 0x%llx) of directory "
844 "inode 0x%lx exceeds maximum size.",
845 (unsigned long long)vcn, dir_ni->mft_no);
846 goto unm_err_out;
847 }
848 /* The first index entry. */
849 ie = (INDEX_ENTRY*)((u8*)&ia->index +
850 le32_to_cpu(ia->index.entries_offset));
851 /*
852 * Iterate similar to above big loop but applied to index buffer, thus
853 * loop until we exceed valid memory (corruption case) or until we
854 * reach the last entry.
855 */
856 for (;; ie = (INDEX_ENTRY*)((u8*)ie + le16_to_cpu(ie->length))) {
857 /* Bounds check. */
858 if ((u8*)ie < (u8*)ia || (u8*)ie +
859 sizeof(INDEX_ENTRY_HEADER) > index_end ||
860 (u8*)ie + le16_to_cpu(ie->key_length) >
861 index_end) {
862 ntfs_error(sb, "Index entry out of bounds in "
863 "directory inode 0x%lx.",
864 dir_ni->mft_no);
865 goto unm_err_out;
866 }
867 /*
868 * The last entry cannot contain a name. It can however contain
869 * a pointer to a child node in the B+tree so we just break out.
870 */
871 if (ie->flags & INDEX_ENTRY_END)
872 break;
873 /*
874 * If the current entry has a name type of POSIX, the name is
875 * case sensitive and not otherwise. This has the effect of us
876 * not being able to access any POSIX file names which collate
877 * after the non-POSIX one when they only differ in case, but
878 * anyone doing screwy stuff like that deserves to burn in
879 * hell... Doing that kind of stuff on NT4 actually causes
880 * corruption on the partition even when using SP6a and Linux
881 * is not involved at all.
882 */
883 ic = ie->key.file_name.file_name_type ? IGNORE_CASE :
884 CASE_SENSITIVE;
885 /*
886 * If the names match perfectly, we are done and return the
887 * mft reference of the inode (i.e. the inode number together
888 * with the sequence number for consistency checking. We
889 * convert it to cpu format before returning.
890 */
891 if (ntfs_are_names_equal(uname, uname_len,
892 (ntfschar*)&ie->key.file_name.file_name,
893 ie->key.file_name.file_name_length, ic,
894 vol->upcase, vol->upcase_len)) {
895 found_it2:
896 mref = le64_to_cpu(ie->data.dir.indexed_file);
897 unlock_page(page);
898 ntfs_unmap_page(page);
899 return mref;
900 }
901 /*
902 * Not a perfect match, need to do full blown collation so we
903 * know which way in the B+tree we have to go.
904 */
905 rc = ntfs_collate_names(uname, uname_len,
906 (ntfschar*)&ie->key.file_name.file_name,
907 ie->key.file_name.file_name_length, 1,
908 IGNORE_CASE, vol->upcase, vol->upcase_len);
909 /*
910 * If uname collates before the name of the current entry, there
911 * is definitely no such name in this index but we might need to
912 * descend into the B+tree so we just break out of the loop.
913 */
914 if (rc == -1)
915 break;
916 /* The names are not equal, continue the search. */
917 if (rc)
918 continue;
919 /*
920 * Names match with case insensitive comparison, now try the
921 * case sensitive comparison, which is required for proper
922 * collation.
923 */
924 rc = ntfs_collate_names(uname, uname_len,
925 (ntfschar*)&ie->key.file_name.file_name,
926 ie->key.file_name.file_name_length, 1,
927 CASE_SENSITIVE, vol->upcase, vol->upcase_len);
928 if (rc == -1)
929 break;
930 if (rc)
931 continue;
932 /*
933 * Perfect match, this will never happen as the
934 * ntfs_are_names_equal() call will have gotten a match but we
935 * still treat it correctly.
936 */
937 goto found_it2;
938 }
939 /*
940 * We have finished with this index buffer without success. Check for
941 * the presence of a child node.
942 */
943 if (ie->flags & INDEX_ENTRY_NODE) {
944 if ((ia->index.flags & NODE_MASK) == LEAF_NODE) {
945 ntfs_error(sb, "Index entry with child node found in "
946 "a leaf node in directory inode 0x%lx.",
947 dir_ni->mft_no);
948 goto unm_err_out;
949 }
950 /* Child node present, descend into it. */
951 old_vcn = vcn;
952 vcn = sle64_to_cpup((u8*)ie + le16_to_cpu(ie->length) - 8);
953 if (vcn >= 0) {
954 /* If vcn is in the same page cache page as old_vcn we
955 * recycle the mapped page. */
956 if (old_vcn << vol->cluster_size_bits >>
957 PAGE_SHIFT == vcn <<
958 vol->cluster_size_bits >>
959 PAGE_SHIFT)
960 goto fast_descend_into_child_node;
961 unlock_page(page);
962 ntfs_unmap_page(page);
963 goto descend_into_child_node;
964 }
965 ntfs_error(sb, "Negative child node vcn in directory inode "
966 "0x%lx.", dir_ni->mft_no);
967 goto unm_err_out;
968 }
969 /* No child node, return -ENOENT. */
970 ntfs_debug("Entry not found.");
971 err = -ENOENT;
972 unm_err_out:
973 unlock_page(page);
974 ntfs_unmap_page(page);
975 err_out:
976 if (!err)
977 err = -EIO;
978 if (ctx)
979 ntfs_attr_put_search_ctx(ctx);
980 if (m)
981 unmap_mft_record(dir_ni);
982 return ERR_MREF(err);
983 dir_err_out:
984 ntfs_error(sb, "Corrupt directory. Aborting lookup.");
985 goto err_out;
986 }
987
988 #endif
989
990 /**
991 * ntfs_filldir - ntfs specific filldir method
992 * @vol: current ntfs volume
993 * @ndir: ntfs inode of current directory
994 * @ia_page: page in which the index allocation buffer @ie is in resides
995 * @ie: current index entry
996 * @name: buffer to use for the converted name
997 * @actor: what to feed the entries to
998 *
999 * Convert the Unicode @name to the loaded NLS and pass it to the @filldir
1000 * callback.
1001 *
1002 * If @ia_page is not NULL it is the locked page containing the index
1003 * allocation block containing the index entry @ie.
1004 *
1005 * Note, we drop (and then reacquire) the page lock on @ia_page across the
1006 * @filldir() call otherwise we would deadlock with NFSd when it calls ->lookup
1007 * since ntfs_lookup() will lock the same page. As an optimization, we do not
1008 * retake the lock if we are returning a non-zero value as ntfs_readdir()
1009 * would need to drop the lock immediately anyway.
1010 */
1011 static inline int ntfs_filldir(ntfs_volume *vol,
1012 ntfs_inode *ndir, struct page *ia_page, INDEX_ENTRY *ie,
1013 u8 *name, struct dir_context *actor)
1014 {
1015 unsigned long mref;
1016 int name_len;
1017 unsigned dt_type;
1018 FILE_NAME_TYPE_FLAGS name_type;
1019
1020 name_type = ie->key.file_name.file_name_type;
1021 if (name_type == FILE_NAME_DOS) {
1022 ntfs_debug("Skipping DOS name space entry.");
1023 return 0;
1024 }
1025 if (MREF_LE(ie->data.dir.indexed_file) == FILE_root) {
1026 ntfs_debug("Skipping root directory self reference entry.");
1027 return 0;
1028 }
1029 if (MREF_LE(ie->data.dir.indexed_file) < FILE_first_user &&
1030 !NVolShowSystemFiles(vol)) {
1031 ntfs_debug("Skipping system file.");
1032 return 0;
1033 }
1034 name_len = ntfs_ucstonls(vol, (ntfschar*)&ie->key.file_name.file_name,
1035 ie->key.file_name.file_name_length, &name,
1036 NTFS_MAX_NAME_LEN * NLS_MAX_CHARSET_SIZE + 1);
1037 if (name_len <= 0) {
1038 ntfs_warning(vol->sb, "Skipping unrepresentable inode 0x%llx.",
1039 (long long)MREF_LE(ie->data.dir.indexed_file));
1040 return 0;
1041 }
1042 if (ie->key.file_name.file_attributes &
1043 FILE_ATTR_DUP_FILE_NAME_INDEX_PRESENT)
1044 dt_type = DT_DIR;
1045 else
1046 dt_type = DT_REG;
1047 mref = MREF_LE(ie->data.dir.indexed_file);
1048 /*
1049 * Drop the page lock otherwise we deadlock with NFS when it calls
1050 * ->lookup since ntfs_lookup() will lock the same page.
1051 */
1052 if (ia_page)
1053 unlock_page(ia_page);
1054 ntfs_debug("Calling filldir for %s with len %i, fpos 0x%llx, inode "
1055 "0x%lx, DT_%s.", name, name_len, actor->pos, mref,
1056 dt_type == DT_DIR ? "DIR" : "REG");
1057 if (!dir_emit(actor, name, name_len, mref, dt_type))
1058 return 1;
1059 /* Relock the page but not if we are aborting ->readdir. */
1060 if (ia_page)
1061 lock_page(ia_page);
1062 return 0;
1063 }
1064
1065 /*
1066 * We use the same basic approach as the old NTFS driver, i.e. we parse the
1067 * index root entries and then the index allocation entries that are marked
1068 * as in use in the index bitmap.
1069 *
1070 * While this will return the names in random order this doesn't matter for
1071 * ->readdir but OTOH results in a faster ->readdir.
1072 *
1073 * VFS calls ->readdir without BKL but with i_mutex held. This protects the VFS
1074 * parts (e.g. ->f_pos and ->i_size, and it also protects against directory
1075 * modifications).
1076 *
1077 * Locking: - Caller must hold i_mutex on the directory.
1078 * - Each page cache page in the index allocation mapping must be
1079 * locked whilst being accessed otherwise we may find a corrupt
1080 * page due to it being under ->writepage at the moment which
1081 * applies the mst protection fixups before writing out and then
1082 * removes them again after the write is complete after which it
1083 * unlocks the page.
1084 */
1085 static int ntfs_readdir(struct file *file, struct dir_context *actor)
1086 {
1087 s64 ia_pos, ia_start, prev_ia_pos, bmp_pos;
1088 loff_t i_size;
1089 struct inode *bmp_vi, *vdir = file_inode(file);
1090 struct super_block *sb = vdir->i_sb;
1091 ntfs_inode *ndir = NTFS_I(vdir);
1092 ntfs_volume *vol = NTFS_SB(sb);
1093 MFT_RECORD *m;
1094 INDEX_ROOT *ir = NULL;
1095 INDEX_ENTRY *ie;
1096 INDEX_ALLOCATION *ia;
1097 u8 *name = NULL;
1098 int rc, err, ir_pos, cur_bmp_pos;
1099 struct address_space *ia_mapping, *bmp_mapping;
1100 struct page *bmp_page = NULL, *ia_page = NULL;
1101 u8 *kaddr, *bmp, *index_end;
1102 ntfs_attr_search_ctx *ctx;
1103
1104 ntfs_debug("Entering for inode 0x%lx, fpos 0x%llx.",
1105 vdir->i_ino, actor->pos);
1106 rc = err = 0;
1107 /* Are we at end of dir yet? */
1108 i_size = i_size_read(vdir);
1109 if (actor->pos >= i_size + vol->mft_record_size)
1110 return 0;
1111 /* Emulate . and .. for all directories. */
1112 if (!dir_emit_dots(file, actor))
1113 return 0;
1114 m = NULL;
1115 ctx = NULL;
1116 /*
1117 * Allocate a buffer to store the current name being processed
1118 * converted to format determined by current NLS.
1119 */
1120 name = kmalloc(NTFS_MAX_NAME_LEN * NLS_MAX_CHARSET_SIZE + 1, GFP_NOFS);
1121 if (unlikely(!name)) {
1122 err = -ENOMEM;
1123 goto err_out;
1124 }
1125 /* Are we jumping straight into the index allocation attribute? */
1126 if (actor->pos >= vol->mft_record_size)
1127 goto skip_index_root;
1128 /* Get hold of the mft record for the directory. */
1129 m = map_mft_record(ndir);
1130 if (IS_ERR(m)) {
1131 err = PTR_ERR(m);
1132 m = NULL;
1133 goto err_out;
1134 }
1135 ctx = ntfs_attr_get_search_ctx(ndir, m);
1136 if (unlikely(!ctx)) {
1137 err = -ENOMEM;
1138 goto err_out;
1139 }
1140 /* Get the offset into the index root attribute. */
1141 ir_pos = (s64)actor->pos;
1142 /* Find the index root attribute in the mft record. */
1143 err = ntfs_attr_lookup(AT_INDEX_ROOT, I30, 4, CASE_SENSITIVE, 0, NULL,
1144 0, ctx);
1145 if (unlikely(err)) {
1146 ntfs_error(sb, "Index root attribute missing in directory "
1147 "inode 0x%lx.", vdir->i_ino);
1148 goto err_out;
1149 }
1150 /*
1151 * Copy the index root attribute value to a buffer so that we can put
1152 * the search context and unmap the mft record before calling the
1153 * filldir() callback. We need to do this because of NFSd which calls
1154 * ->lookup() from its filldir callback() and this causes NTFS to
1155 * deadlock as ntfs_lookup() maps the mft record of the directory and
1156 * we have got it mapped here already. The only solution is for us to
1157 * unmap the mft record here so that a call to ntfs_lookup() is able to
1158 * map the mft record without deadlocking.
1159 */
1160 rc = le32_to_cpu(ctx->attr->data.resident.value_length);
1161 ir = kmalloc(rc, GFP_NOFS);
1162 if (unlikely(!ir)) {
1163 err = -ENOMEM;
1164 goto err_out;
1165 }
1166 /* Copy the index root value (it has been verified in read_inode). */
1167 memcpy(ir, (u8*)ctx->attr +
1168 le16_to_cpu(ctx->attr->data.resident.value_offset), rc);
1169 ntfs_attr_put_search_ctx(ctx);
1170 unmap_mft_record(ndir);
1171 ctx = NULL;
1172 m = NULL;
1173 index_end = (u8*)&ir->index + le32_to_cpu(ir->index.index_length);
1174 /* The first index entry. */
1175 ie = (INDEX_ENTRY*)((u8*)&ir->index +
1176 le32_to_cpu(ir->index.entries_offset));
1177 /*
1178 * Loop until we exceed valid memory (corruption case) or until we
1179 * reach the last entry or until filldir tells us it has had enough
1180 * or signals an error (both covered by the rc test).
1181 */
1182 for (;; ie = (INDEX_ENTRY*)((u8*)ie + le16_to_cpu(ie->length))) {
1183 ntfs_debug("In index root, offset 0x%zx.", (u8*)ie - (u8*)ir);
1184 /* Bounds checks. */
1185 if (unlikely((u8*)ie < (u8*)ir || (u8*)ie +
1186 sizeof(INDEX_ENTRY_HEADER) > index_end ||
1187 (u8*)ie + le16_to_cpu(ie->key_length) >
1188 index_end))
1189 goto err_out;
1190 /* The last entry cannot contain a name. */
1191 if (ie->flags & INDEX_ENTRY_END)
1192 break;
1193 /* Skip index root entry if continuing previous readdir. */
1194 if (ir_pos > (u8*)ie - (u8*)ir)
1195 continue;
1196 /* Advance the position even if going to skip the entry. */
1197 actor->pos = (u8*)ie - (u8*)ir;
1198 /* Submit the name to the filldir callback. */
1199 rc = ntfs_filldir(vol, ndir, NULL, ie, name, actor);
1200 if (rc) {
1201 kfree(ir);
1202 goto abort;
1203 }
1204 }
1205 /* We are done with the index root and can free the buffer. */
1206 kfree(ir);
1207 ir = NULL;
1208 /* If there is no index allocation attribute we are finished. */
1209 if (!NInoIndexAllocPresent(ndir))
1210 goto EOD;
1211 /* Advance fpos to the beginning of the index allocation. */
1212 actor->pos = vol->mft_record_size;
1213 skip_index_root:
1214 kaddr = NULL;
1215 prev_ia_pos = -1LL;
1216 /* Get the offset into the index allocation attribute. */
1217 ia_pos = (s64)actor->pos - vol->mft_record_size;
1218 ia_mapping = vdir->i_mapping;
1219 ntfs_debug("Inode 0x%lx, getting index bitmap.", vdir->i_ino);
1220 bmp_vi = ntfs_attr_iget(vdir, AT_BITMAP, I30, 4);
1221 if (IS_ERR(bmp_vi)) {
1222 ntfs_error(sb, "Failed to get bitmap attribute.");
1223 err = PTR_ERR(bmp_vi);
1224 goto err_out;
1225 }
1226 bmp_mapping = bmp_vi->i_mapping;
1227 /* Get the starting bitmap bit position and sanity check it. */
1228 bmp_pos = ia_pos >> ndir->itype.index.block_size_bits;
1229 if (unlikely(bmp_pos >> 3 >= i_size_read(bmp_vi))) {
1230 ntfs_error(sb, "Current index allocation position exceeds "
1231 "index bitmap size.");
1232 goto iput_err_out;
1233 }
1234 /* Get the starting bit position in the current bitmap page. */
1235 cur_bmp_pos = bmp_pos & ((PAGE_SIZE * 8) - 1);
1236 bmp_pos &= ~(u64)((PAGE_SIZE * 8) - 1);
1237 get_next_bmp_page:
1238 ntfs_debug("Reading bitmap with page index 0x%llx, bit ofs 0x%llx",
1239 (unsigned long long)bmp_pos >> (3 + PAGE_SHIFT),
1240 (unsigned long long)bmp_pos &
1241 (unsigned long long)((PAGE_SIZE * 8) - 1));
1242 bmp_page = ntfs_map_page(bmp_mapping,
1243 bmp_pos >> (3 + PAGE_SHIFT));
1244 if (IS_ERR(bmp_page)) {
1245 ntfs_error(sb, "Reading index bitmap failed.");
1246 err = PTR_ERR(bmp_page);
1247 bmp_page = NULL;
1248 goto iput_err_out;
1249 }
1250 bmp = (u8*)page_address(bmp_page);
1251 /* Find next index block in use. */
1252 while (!(bmp[cur_bmp_pos >> 3] & (1 << (cur_bmp_pos & 7)))) {
1253 find_next_index_buffer:
1254 cur_bmp_pos++;
1255 /*
1256 * If we have reached the end of the bitmap page, get the next
1257 * page, and put away the old one.
1258 */
1259 if (unlikely((cur_bmp_pos >> 3) >= PAGE_SIZE)) {
1260 ntfs_unmap_page(bmp_page);
1261 bmp_pos += PAGE_SIZE * 8;
1262 cur_bmp_pos = 0;
1263 goto get_next_bmp_page;
1264 }
1265 /* If we have reached the end of the bitmap, we are done. */
1266 if (unlikely(((bmp_pos + cur_bmp_pos) >> 3) >= i_size))
1267 goto unm_EOD;
1268 ia_pos = (bmp_pos + cur_bmp_pos) <<
1269 ndir->itype.index.block_size_bits;
1270 }
1271 ntfs_debug("Handling index buffer 0x%llx.",
1272 (unsigned long long)bmp_pos + cur_bmp_pos);
1273 /* If the current index buffer is in the same page we reuse the page. */
1274 if ((prev_ia_pos & (s64)PAGE_MASK) !=
1275 (ia_pos & (s64)PAGE_MASK)) {
1276 prev_ia_pos = ia_pos;
1277 if (likely(ia_page != NULL)) {
1278 unlock_page(ia_page);
1279 ntfs_unmap_page(ia_page);
1280 }
1281 /*
1282 * Map the page cache page containing the current ia_pos,
1283 * reading it from disk if necessary.
1284 */
1285 ia_page = ntfs_map_page(ia_mapping, ia_pos >> PAGE_SHIFT);
1286 if (IS_ERR(ia_page)) {
1287 ntfs_error(sb, "Reading index allocation data failed.");
1288 err = PTR_ERR(ia_page);
1289 ia_page = NULL;
1290 goto err_out;
1291 }
1292 lock_page(ia_page);
1293 kaddr = (u8*)page_address(ia_page);
1294 }
1295 /* Get the current index buffer. */
1296 ia = (INDEX_ALLOCATION*)(kaddr + (ia_pos & ~PAGE_MASK &
1297 ~(s64)(ndir->itype.index.block_size - 1)));
1298 /* Bounds checks. */
1299 if (unlikely((u8*)ia < kaddr || (u8*)ia > kaddr + PAGE_SIZE)) {
1300 ntfs_error(sb, "Out of bounds check failed. Corrupt directory "
1301 "inode 0x%lx or driver bug.", vdir->i_ino);
1302 goto err_out;
1303 }
1304 /* Catch multi sector transfer fixup errors. */
1305 if (unlikely(!ntfs_is_indx_record(ia->magic))) {
1306 ntfs_error(sb, "Directory index record with vcn 0x%llx is "
1307 "corrupt. Corrupt inode 0x%lx. Run chkdsk.",
1308 (unsigned long long)ia_pos >>
1309 ndir->itype.index.vcn_size_bits, vdir->i_ino);
1310 goto err_out;
1311 }
1312 if (unlikely(sle64_to_cpu(ia->index_block_vcn) != (ia_pos &
1313 ~(s64)(ndir->itype.index.block_size - 1)) >>
1314 ndir->itype.index.vcn_size_bits)) {
1315 ntfs_error(sb, "Actual VCN (0x%llx) of index buffer is "
1316 "different from expected VCN (0x%llx). "
1317 "Directory inode 0x%lx is corrupt or driver "
1318 "bug. ", (unsigned long long)
1319 sle64_to_cpu(ia->index_block_vcn),
1320 (unsigned long long)ia_pos >>
1321 ndir->itype.index.vcn_size_bits, vdir->i_ino);
1322 goto err_out;
1323 }
1324 if (unlikely(le32_to_cpu(ia->index.allocated_size) + 0x18 !=
1325 ndir->itype.index.block_size)) {
1326 ntfs_error(sb, "Index buffer (VCN 0x%llx) of directory inode "
1327 "0x%lx has a size (%u) differing from the "
1328 "directory specified size (%u). Directory "
1329 "inode is corrupt or driver bug.",
1330 (unsigned long long)ia_pos >>
1331 ndir->itype.index.vcn_size_bits, vdir->i_ino,
1332 le32_to_cpu(ia->index.allocated_size) + 0x18,
1333 ndir->itype.index.block_size);
1334 goto err_out;
1335 }
1336 index_end = (u8*)ia + ndir->itype.index.block_size;
1337 if (unlikely(index_end > kaddr + PAGE_SIZE)) {
1338 ntfs_error(sb, "Index buffer (VCN 0x%llx) of directory inode "
1339 "0x%lx crosses page boundary. Impossible! "
1340 "Cannot access! This is probably a bug in the "
1341 "driver.", (unsigned long long)ia_pos >>
1342 ndir->itype.index.vcn_size_bits, vdir->i_ino);
1343 goto err_out;
1344 }
1345 ia_start = ia_pos & ~(s64)(ndir->itype.index.block_size - 1);
1346 index_end = (u8*)&ia->index + le32_to_cpu(ia->index.index_length);
1347 if (unlikely(index_end > (u8*)ia + ndir->itype.index.block_size)) {
1348 ntfs_error(sb, "Size of index buffer (VCN 0x%llx) of directory "
1349 "inode 0x%lx exceeds maximum size.",
1350 (unsigned long long)ia_pos >>
1351 ndir->itype.index.vcn_size_bits, vdir->i_ino);
1352 goto err_out;
1353 }
1354 /* The first index entry in this index buffer. */
1355 ie = (INDEX_ENTRY*)((u8*)&ia->index +
1356 le32_to_cpu(ia->index.entries_offset));
1357 /*
1358 * Loop until we exceed valid memory (corruption case) or until we
1359 * reach the last entry or until filldir tells us it has had enough
1360 * or signals an error (both covered by the rc test).
1361 */
1362 for (;; ie = (INDEX_ENTRY*)((u8*)ie + le16_to_cpu(ie->length))) {
1363 ntfs_debug("In index allocation, offset 0x%llx.",
1364 (unsigned long long)ia_start +
1365 (unsigned long long)((u8*)ie - (u8*)ia));
1366 /* Bounds checks. */
1367 if (unlikely((u8*)ie < (u8*)ia || (u8*)ie +
1368 sizeof(INDEX_ENTRY_HEADER) > index_end ||
1369 (u8*)ie + le16_to_cpu(ie->key_length) >
1370 index_end))
1371 goto err_out;
1372 /* The last entry cannot contain a name. */
1373 if (ie->flags & INDEX_ENTRY_END)
1374 break;
1375 /* Skip index block entry if continuing previous readdir. */
1376 if (ia_pos - ia_start > (u8*)ie - (u8*)ia)
1377 continue;
1378 /* Advance the position even if going to skip the entry. */
1379 actor->pos = (u8*)ie - (u8*)ia +
1380 (sle64_to_cpu(ia->index_block_vcn) <<
1381 ndir->itype.index.vcn_size_bits) +
1382 vol->mft_record_size;
1383 /*
1384 * Submit the name to the @filldir callback. Note,
1385 * ntfs_filldir() drops the lock on @ia_page but it retakes it
1386 * before returning, unless a non-zero value is returned in
1387 * which case the page is left unlocked.
1388 */
1389 rc = ntfs_filldir(vol, ndir, ia_page, ie, name, actor);
1390 if (rc) {
1391 /* @ia_page is already unlocked in this case. */
1392 ntfs_unmap_page(ia_page);
1393 ntfs_unmap_page(bmp_page);
1394 iput(bmp_vi);
1395 goto abort;
1396 }
1397 }
1398 goto find_next_index_buffer;
1399 unm_EOD:
1400 if (ia_page) {
1401 unlock_page(ia_page);
1402 ntfs_unmap_page(ia_page);
1403 }
1404 ntfs_unmap_page(bmp_page);
1405 iput(bmp_vi);
1406 EOD:
1407 /* We are finished, set fpos to EOD. */
1408 actor->pos = i_size + vol->mft_record_size;
1409 abort:
1410 kfree(name);
1411 return 0;
1412 err_out:
1413 if (bmp_page) {
1414 ntfs_unmap_page(bmp_page);
1415 iput_err_out:
1416 iput(bmp_vi);
1417 }
1418 if (ia_page) {
1419 unlock_page(ia_page);
1420 ntfs_unmap_page(ia_page);
1421 }
1422 kfree(ir);
1423 kfree(name);
1424 if (ctx)
1425 ntfs_attr_put_search_ctx(ctx);
1426 if (m)
1427 unmap_mft_record(ndir);
1428 if (!err)
1429 err = -EIO;
1430 ntfs_debug("Failed. Returning error code %i.", -err);
1431 return err;
1432 }
1433
1434 /**
1435 * ntfs_dir_open - called when an inode is about to be opened
1436 * @vi: inode to be opened
1437 * @filp: file structure describing the inode
1438 *
1439 * Limit directory size to the page cache limit on architectures where unsigned
1440 * long is 32-bits. This is the most we can do for now without overflowing the
1441 * page cache page index. Doing it this way means we don't run into problems
1442 * because of existing too large directories. It would be better to allow the
1443 * user to read the accessible part of the directory but I doubt very much
1444 * anyone is going to hit this check on a 32-bit architecture, so there is no
1445 * point in adding the extra complexity required to support this.
1446 *
1447 * On 64-bit architectures, the check is hopefully optimized away by the
1448 * compiler.
1449 */
1450 static int ntfs_dir_open(struct inode *vi, struct file *filp)
1451 {
1452 if (sizeof(unsigned long) < 8) {
1453 if (i_size_read(vi) > MAX_LFS_FILESIZE)
1454 return -EFBIG;
1455 }
1456 return 0;
1457 }
1458
1459 #ifdef NTFS_RW
1460
1461 /**
1462 * ntfs_dir_fsync - sync a directory to disk
1463 * @filp: directory to be synced
1464 * @dentry: dentry describing the directory to sync
1465 * @datasync: if non-zero only flush user data and not metadata
1466 *
1467 * Data integrity sync of a directory to disk. Used for fsync, fdatasync, and
1468 * msync system calls. This function is based on file.c::ntfs_file_fsync().
1469 *
1470 * Write the mft record and all associated extent mft records as well as the
1471 * $INDEX_ALLOCATION and $BITMAP attributes and then sync the block device.
1472 *
1473 * If @datasync is true, we do not wait on the inode(s) to be written out
1474 * but we always wait on the page cache pages to be written out.
1475 *
1476 * Note: In the past @filp could be NULL so we ignore it as we don't need it
1477 * anyway.
1478 *
1479 * Locking: Caller must hold i_mutex on the inode.
1480 *
1481 * TODO: We should probably also write all attribute/index inodes associated
1482 * with this inode but since we have no simple way of getting to them we ignore
1483 * this problem for now. We do write the $BITMAP attribute if it is present
1484 * which is the important one for a directory so things are not too bad.
1485 */
1486 static int ntfs_dir_fsync(struct file *filp, loff_t start, loff_t end,
1487 int datasync)
1488 {
1489 struct inode *bmp_vi, *vi = filp->f_mapping->host;
1490 int err, ret;
1491 ntfs_attr na;
1492
1493 ntfs_debug("Entering for inode 0x%lx.", vi->i_ino);
1494
1495 err = file_write_and_wait_range(filp, start, end);
1496 if (err)
1497 return err;
1498 inode_lock(vi);
1499
1500 BUG_ON(!S_ISDIR(vi->i_mode));
1501 /* If the bitmap attribute inode is in memory sync it, too. */
1502 na.mft_no = vi->i_ino;
1503 na.type = AT_BITMAP;
1504 na.name = I30;
1505 na.name_len = 4;
1506 bmp_vi = ilookup5(vi->i_sb, vi->i_ino, (test_t)ntfs_test_inode, &na);
1507 if (bmp_vi) {
1508 write_inode_now(bmp_vi, !datasync);
1509 iput(bmp_vi);
1510 }
1511 ret = __ntfs_write_inode(vi, 1);
1512 write_inode_now(vi, !datasync);
1513 err = sync_blockdev(vi->i_sb->s_bdev);
1514 if (unlikely(err && !ret))
1515 ret = err;
1516 if (likely(!ret))
1517 ntfs_debug("Done.");
1518 else
1519 ntfs_warning(vi->i_sb, "Failed to f%ssync inode 0x%lx. Error "
1520 "%u.", datasync ? "data" : "", vi->i_ino, -ret);
1521 inode_unlock(vi);
1522 return ret;
1523 }
1524
1525 #endif /* NTFS_RW */
1526
1527 const struct file_operations ntfs_dir_ops = {
1528 .llseek = generic_file_llseek, /* Seek inside directory. */
1529 .read = generic_read_dir, /* Return -EISDIR. */
1530 .iterate = ntfs_readdir, /* Read directory contents. */
1531 #ifdef NTFS_RW
1532 .fsync = ntfs_dir_fsync, /* Sync a directory to disk. */
1533 #endif /* NTFS_RW */
1534 /*.ioctl = ,*/ /* Perform function on the
1535 mounted filesystem. */
1536 .open = ntfs_dir_open, /* Open directory. */
1537 };