1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Copyright (c) 2000-2006 Silicon Graphics, Inc.
4 * Copyright (c) 2012-2013 Red Hat, Inc.
5 * All rights reserved.
6 */
7 #include "xfs.h"
8 #include "xfs_fs.h"
9 #include "xfs_format.h"
10 #include "xfs_log_format.h"
11 #include "xfs_shared.h"
12 #include "xfs_trans_resv.h"
13 #include "xfs_mount.h"
14 #include "xfs_bmap_btree.h"
15 #include "xfs_inode.h"
16 #include "xfs_error.h"
17 #include "xfs_trace.h"
18 #include "xfs_symlink.h"
19 #include "xfs_cksum.h"
20 #include "xfs_trans.h"
21 #include "xfs_buf_item.h"
22 #include "xfs_log.h"
23
24
25 /*
26 * Each contiguous block has a header, so it is not just a simple pathlen
27 * to FSB conversion.
28 */
29 int
xfs_symlink_blocks(struct xfs_mount * mp,int pathlen)30 xfs_symlink_blocks(
31 struct xfs_mount *mp,
32 int pathlen)
33 {
34 int buflen = XFS_SYMLINK_BUF_SPACE(mp, mp->m_sb.sb_blocksize);
35
36 return (pathlen + buflen - 1) / buflen;
37 }
38
39 int
xfs_symlink_hdr_set(struct xfs_mount * mp,xfs_ino_t ino,uint32_t offset,uint32_t size,struct xfs_buf * bp)40 xfs_symlink_hdr_set(
41 struct xfs_mount *mp,
42 xfs_ino_t ino,
43 uint32_t offset,
44 uint32_t size,
45 struct xfs_buf *bp)
46 {
47 struct xfs_dsymlink_hdr *dsl = bp->b_addr;
48
49 if (!xfs_sb_version_hascrc(&mp->m_sb))
50 return 0;
51
52 memset(dsl, 0, sizeof(struct xfs_dsymlink_hdr));
53 dsl->sl_magic = cpu_to_be32(XFS_SYMLINK_MAGIC);
54 dsl->sl_offset = cpu_to_be32(offset);
55 dsl->sl_bytes = cpu_to_be32(size);
56 uuid_copy(&dsl->sl_uuid, &mp->m_sb.sb_meta_uuid);
57 dsl->sl_owner = cpu_to_be64(ino);
58 dsl->sl_blkno = cpu_to_be64(bp->b_bn);
59 bp->b_ops = &xfs_symlink_buf_ops;
60
61 return sizeof(struct xfs_dsymlink_hdr);
62 }
63
64 /*
65 * Checking of the symlink header is split into two parts. the verifier does
66 * CRC, location and bounds checking, the unpacking function checks the path
67 * parameters and owner.
68 */
69 bool
xfs_symlink_hdr_ok(xfs_ino_t ino,uint32_t offset,uint32_t size,struct xfs_buf * bp)70 xfs_symlink_hdr_ok(
71 xfs_ino_t ino,
72 uint32_t offset,
73 uint32_t size,
74 struct xfs_buf *bp)
75 {
76 struct xfs_dsymlink_hdr *dsl = bp->b_addr;
77
78 if (offset != be32_to_cpu(dsl->sl_offset))
79 return false;
80 if (size != be32_to_cpu(dsl->sl_bytes))
81 return false;
82 if (ino != be64_to_cpu(dsl->sl_owner))
83 return false;
84
85 /* ok */
86 return true;
87 }
88
89 static xfs_failaddr_t
xfs_symlink_verify(struct xfs_buf * bp)90 xfs_symlink_verify(
91 struct xfs_buf *bp)
92 {
93 struct xfs_mount *mp = bp->b_target->bt_mount;
94 struct xfs_dsymlink_hdr *dsl = bp->b_addr;
95
96 if (!xfs_sb_version_hascrc(&mp->m_sb))
97 return __this_address;
98 if (dsl->sl_magic != cpu_to_be32(XFS_SYMLINK_MAGIC))
99 return __this_address;
100 if (!uuid_equal(&dsl->sl_uuid, &mp->m_sb.sb_meta_uuid))
101 return __this_address;
102 if (bp->b_bn != be64_to_cpu(dsl->sl_blkno))
103 return __this_address;
104 if (be32_to_cpu(dsl->sl_offset) +
105 be32_to_cpu(dsl->sl_bytes) >= XFS_SYMLINK_MAXLEN)
106 return __this_address;
107 if (dsl->sl_owner == 0)
108 return __this_address;
109 if (!xfs_log_check_lsn(mp, be64_to_cpu(dsl->sl_lsn)))
110 return __this_address;
111
112 return NULL;
113 }
114
115 static void
xfs_symlink_read_verify(struct xfs_buf * bp)116 xfs_symlink_read_verify(
117 struct xfs_buf *bp)
118 {
119 struct xfs_mount *mp = bp->b_target->bt_mount;
120 xfs_failaddr_t fa;
121
122 /* no verification of non-crc buffers */
123 if (!xfs_sb_version_hascrc(&mp->m_sb))
124 return;
125
126 if (!xfs_buf_verify_cksum(bp, XFS_SYMLINK_CRC_OFF))
127 xfs_verifier_error(bp, -EFSBADCRC, __this_address);
128 else {
129 fa = xfs_symlink_verify(bp);
130 if (fa)
131 xfs_verifier_error(bp, -EFSCORRUPTED, fa);
132 }
133 }
134
135 static void
xfs_symlink_write_verify(struct xfs_buf * bp)136 xfs_symlink_write_verify(
137 struct xfs_buf *bp)
138 {
139 struct xfs_mount *mp = bp->b_target->bt_mount;
140 struct xfs_buf_log_item *bip = bp->b_log_item;
141 xfs_failaddr_t fa;
142
143 /* no verification of non-crc buffers */
144 if (!xfs_sb_version_hascrc(&mp->m_sb))
145 return;
146
147 fa = xfs_symlink_verify(bp);
148 if (fa) {
149 xfs_verifier_error(bp, -EFSCORRUPTED, fa);
150 return;
151 }
152
153 if (bip) {
154 struct xfs_dsymlink_hdr *dsl = bp->b_addr;
155 dsl->sl_lsn = cpu_to_be64(bip->bli_item.li_lsn);
156 }
157 xfs_buf_update_cksum(bp, XFS_SYMLINK_CRC_OFF);
158 }
159
160 const struct xfs_buf_ops xfs_symlink_buf_ops = {
161 .name = "xfs_symlink",
162 .verify_read = xfs_symlink_read_verify,
163 .verify_write = xfs_symlink_write_verify,
164 .verify_struct = xfs_symlink_verify,
165 };
166
167 void
xfs_symlink_local_to_remote(struct xfs_trans * tp,struct xfs_buf * bp,struct xfs_inode * ip,struct xfs_ifork * ifp)168 xfs_symlink_local_to_remote(
169 struct xfs_trans *tp,
170 struct xfs_buf *bp,
171 struct xfs_inode *ip,
172 struct xfs_ifork *ifp)
173 {
174 struct xfs_mount *mp = ip->i_mount;
175 char *buf;
176
177 xfs_trans_buf_set_type(tp, bp, XFS_BLFT_SYMLINK_BUF);
178
179 if (!xfs_sb_version_hascrc(&mp->m_sb)) {
180 bp->b_ops = NULL;
181 memcpy(bp->b_addr, ifp->if_u1.if_data, ifp->if_bytes);
182 xfs_trans_log_buf(tp, bp, 0, ifp->if_bytes - 1);
183 return;
184 }
185
186 /*
187 * As this symlink fits in an inode literal area, it must also fit in
188 * the smallest buffer the filesystem supports.
189 */
190 ASSERT(BBTOB(bp->b_length) >=
191 ifp->if_bytes + sizeof(struct xfs_dsymlink_hdr));
192
193 bp->b_ops = &xfs_symlink_buf_ops;
194
195 buf = bp->b_addr;
196 buf += xfs_symlink_hdr_set(mp, ip->i_ino, 0, ifp->if_bytes, bp);
197 memcpy(buf, ifp->if_u1.if_data, ifp->if_bytes);
198 xfs_trans_log_buf(tp, bp, 0, sizeof(struct xfs_dsymlink_hdr) +
199 ifp->if_bytes - 1);
200 }
201
202 /*
203 * Verify the in-memory consistency of an inline symlink data fork. This
204 * does not do on-disk format checks.
205 */
206 xfs_failaddr_t
xfs_symlink_shortform_verify(struct xfs_inode * ip)207 xfs_symlink_shortform_verify(
208 struct xfs_inode *ip)
209 {
210 char *sfp;
211 char *endp;
212 struct xfs_ifork *ifp;
213 int size;
214
215 ASSERT(ip->i_d.di_format == XFS_DINODE_FMT_LOCAL);
216 ifp = XFS_IFORK_PTR(ip, XFS_DATA_FORK);
217 sfp = (char *)ifp->if_u1.if_data;
218 size = ifp->if_bytes;
219 endp = sfp + size;
220
221 /*
222 * Zero length symlinks should never occur in memory as they are
223 * never alllowed to exist on disk.
224 */
225 if (!size)
226 return __this_address;
227
228 /* No negative sizes or overly long symlink targets. */
229 if (size < 0 || size > XFS_SYMLINK_MAXLEN)
230 return __this_address;
231
232 /* No NULLs in the target either. */
233 if (memchr(sfp, 0, size - 1))
234 return __this_address;
235
236 /* We /did/ null-terminate the buffer, right? */
237 if (*endp != 0)
238 return __this_address;
239 return NULL;
240 }
241