1 /*
2  * JFFS2 -- Journalling Flash File System, Version 2.
3  *
4  * Copyright © 2001-2007 Red Hat, Inc.
5  *
6  * Created by David Woodhouse <dwmw2@infradead.org>
7  *
8  * For licensing information, see the file 'LICENCE' in this directory.
9  *
10  */
11 
12 #include <linux/kernel.h>
13 #include <linux/sched.h>
14 #include <linux/fs.h>
15 #include <linux/mtd/mtd.h>
16 #include <linux/rbtree.h>
17 #include <linux/crc32.h>
18 #include <linux/pagemap.h>
19 #include "nodelist.h"
20 
21 static void jffs2_obsolete_node_frag(struct jffs2_sb_info *c,
22 				     struct jffs2_node_frag *this);
23 
jffs2_add_fd_to_list(struct jffs2_sb_info * c,struct jffs2_full_dirent * new,struct jffs2_full_dirent ** list)24 void jffs2_add_fd_to_list(struct jffs2_sb_info *c, struct jffs2_full_dirent *new, struct jffs2_full_dirent **list)
25 {
26 	struct jffs2_full_dirent **prev = list;
27 
28 	dbg_dentlist("add dirent \"%s\", ino #%u\n", new->name, new->ino);
29 
30 	while ((*prev) && (*prev)->nhash <= new->nhash) {
31 		if ((*prev)->nhash == new->nhash && !strcmp((*prev)->name, new->name)) {
32 			/* Duplicate. Free one */
33 			if (new->version < (*prev)->version) {
34 				dbg_dentlist("Eep! Marking new dirent node obsolete, old is \"%s\", ino #%u\n",
35 					(*prev)->name, (*prev)->ino);
36 				jffs2_mark_node_obsolete(c, new->raw);
37 				jffs2_free_full_dirent(new);
38 			} else {
39 				dbg_dentlist("marking old dirent \"%s\", ino #%u obsolete\n",
40 					(*prev)->name, (*prev)->ino);
41 				new->next = (*prev)->next;
42 				/* It may have been a 'placeholder' deletion dirent,
43 				   if jffs2_can_mark_obsolete() (see jffs2_do_unlink()) */
44 				if ((*prev)->raw)
45 					jffs2_mark_node_obsolete(c, ((*prev)->raw));
46 				jffs2_free_full_dirent(*prev);
47 				*prev = new;
48 			}
49 			return;
50 		}
51 		prev = &((*prev)->next);
52 	}
53 	new->next = *prev;
54 	*prev = new;
55 }
56 
jffs2_truncate_fragtree(struct jffs2_sb_info * c,struct rb_root * list,uint32_t size)57 uint32_t jffs2_truncate_fragtree(struct jffs2_sb_info *c, struct rb_root *list, uint32_t size)
58 {
59 	struct jffs2_node_frag *frag = jffs2_lookup_node_frag(list, size);
60 
61 	dbg_fragtree("truncating fragtree to 0x%08x bytes\n", size);
62 
63 	/* We know frag->ofs <= size. That's what lookup does for us */
64 	if (frag && frag->ofs != size) {
65 		if (frag->ofs+frag->size > size) {
66 			frag->size = size - frag->ofs;
67 		}
68 		frag = frag_next(frag);
69 	}
70 	while (frag && frag->ofs >= size) {
71 		struct jffs2_node_frag *next = frag_next(frag);
72 
73 		frag_erase(frag, list);
74 		jffs2_obsolete_node_frag(c, frag);
75 		frag = next;
76 	}
77 
78 	if (size == 0)
79 		return 0;
80 
81 	frag = frag_last(list);
82 
83 	/* Sanity check for truncation to longer than we started with... */
84 	if (!frag)
85 		return 0;
86 	if (frag->ofs + frag->size < size)
87 		return frag->ofs + frag->size;
88 
89 	/* If the last fragment starts at the RAM page boundary, it is
90 	 * REF_PRISTINE irrespective of its size. */
91 	if (frag->node && (frag->ofs & (PAGE_CACHE_SIZE - 1)) == 0) {
92 		dbg_fragtree2("marking the last fragment 0x%08x-0x%08x REF_PRISTINE.\n",
93 			frag->ofs, frag->ofs + frag->size);
94 		frag->node->raw->flash_offset = ref_offset(frag->node->raw) | REF_PRISTINE;
95 	}
96 	return size;
97 }
98 
jffs2_obsolete_node_frag(struct jffs2_sb_info * c,struct jffs2_node_frag * this)99 static void jffs2_obsolete_node_frag(struct jffs2_sb_info *c,
100 				     struct jffs2_node_frag *this)
101 {
102 	if (this->node) {
103 		this->node->frags--;
104 		if (!this->node->frags) {
105 			/* The node has no valid frags left. It's totally obsoleted */
106 			dbg_fragtree2("marking old node @0x%08x (0x%04x-0x%04x) obsolete\n",
107 				ref_offset(this->node->raw), this->node->ofs, this->node->ofs+this->node->size);
108 			jffs2_mark_node_obsolete(c, this->node->raw);
109 			jffs2_free_full_dnode(this->node);
110 		} else {
111 			dbg_fragtree2("marking old node @0x%08x (0x%04x-0x%04x) REF_NORMAL. frags is %d\n",
112 				ref_offset(this->node->raw), this->node->ofs, this->node->ofs+this->node->size, this->node->frags);
113 			mark_ref_normal(this->node->raw);
114 		}
115 
116 	}
117 	jffs2_free_node_frag(this);
118 }
119 
jffs2_fragtree_insert(struct jffs2_node_frag * newfrag,struct jffs2_node_frag * base)120 static void jffs2_fragtree_insert(struct jffs2_node_frag *newfrag, struct jffs2_node_frag *base)
121 {
122 	struct rb_node *parent = &base->rb;
123 	struct rb_node **link = &parent;
124 
125 	dbg_fragtree2("insert frag (0x%04x-0x%04x)\n", newfrag->ofs, newfrag->ofs + newfrag->size);
126 
127 	while (*link) {
128 		parent = *link;
129 		base = rb_entry(parent, struct jffs2_node_frag, rb);
130 
131 		if (newfrag->ofs > base->ofs)
132 			link = &base->rb.rb_right;
133 		else if (newfrag->ofs < base->ofs)
134 			link = &base->rb.rb_left;
135 		else {
136 			JFFS2_ERROR("duplicate frag at %08x (%p,%p)\n", newfrag->ofs, newfrag, base);
137 			BUG();
138 		}
139 	}
140 
141 	rb_link_node(&newfrag->rb, &base->rb, link);
142 }
143 
144 /*
145  * Allocate and initializes a new fragment.
146  */
new_fragment(struct jffs2_full_dnode * fn,uint32_t ofs,uint32_t size)147 static struct jffs2_node_frag * new_fragment(struct jffs2_full_dnode *fn, uint32_t ofs, uint32_t size)
148 {
149 	struct jffs2_node_frag *newfrag;
150 
151 	newfrag = jffs2_alloc_node_frag();
152 	if (likely(newfrag)) {
153 		newfrag->ofs = ofs;
154 		newfrag->size = size;
155 		newfrag->node = fn;
156 	} else {
157 		JFFS2_ERROR("cannot allocate a jffs2_node_frag object\n");
158 	}
159 
160 	return newfrag;
161 }
162 
163 /*
164  * Called when there is no overlapping fragment exist. Inserts a hole before the new
165  * fragment and inserts the new fragment to the fragtree.
166  */
no_overlapping_node(struct jffs2_sb_info * c,struct rb_root * root,struct jffs2_node_frag * newfrag,struct jffs2_node_frag * this,uint32_t lastend)167 static int no_overlapping_node(struct jffs2_sb_info *c, struct rb_root *root,
168 		 	       struct jffs2_node_frag *newfrag,
169 			       struct jffs2_node_frag *this, uint32_t lastend)
170 {
171 	if (lastend < newfrag->node->ofs) {
172 		/* put a hole in before the new fragment */
173 		struct jffs2_node_frag *holefrag;
174 
175 		holefrag= new_fragment(NULL, lastend, newfrag->node->ofs - lastend);
176 		if (unlikely(!holefrag)) {
177 			jffs2_free_node_frag(newfrag);
178 			return -ENOMEM;
179 		}
180 
181 		if (this) {
182 			/* By definition, the 'this' node has no right-hand child,
183 			   because there are no frags with offset greater than it.
184 			   So that's where we want to put the hole */
185 			dbg_fragtree2("add hole frag %#04x-%#04x on the right of the new frag.\n",
186 				holefrag->ofs, holefrag->ofs + holefrag->size);
187 			rb_link_node(&holefrag->rb, &this->rb, &this->rb.rb_right);
188 		} else {
189 			dbg_fragtree2("Add hole frag %#04x-%#04x to the root of the tree.\n",
190 				holefrag->ofs, holefrag->ofs + holefrag->size);
191 			rb_link_node(&holefrag->rb, NULL, &root->rb_node);
192 		}
193 		rb_insert_color(&holefrag->rb, root);
194 		this = holefrag;
195 	}
196 
197 	if (this) {
198 		/* By definition, the 'this' node has no right-hand child,
199 		   because there are no frags with offset greater than it.
200 		   So that's where we want to put new fragment */
201 		dbg_fragtree2("add the new node at the right\n");
202 		rb_link_node(&newfrag->rb, &this->rb, &this->rb.rb_right);
203 	} else {
204 		dbg_fragtree2("insert the new node at the root of the tree\n");
205 		rb_link_node(&newfrag->rb, NULL, &root->rb_node);
206 	}
207 	rb_insert_color(&newfrag->rb, root);
208 
209 	return 0;
210 }
211 
212 /* Doesn't set inode->i_size */
jffs2_add_frag_to_fragtree(struct jffs2_sb_info * c,struct rb_root * root,struct jffs2_node_frag * newfrag)213 static int jffs2_add_frag_to_fragtree(struct jffs2_sb_info *c, struct rb_root *root, struct jffs2_node_frag *newfrag)
214 {
215 	struct jffs2_node_frag *this;
216 	uint32_t lastend;
217 
218 	/* Skip all the nodes which are completed before this one starts */
219 	this = jffs2_lookup_node_frag(root, newfrag->node->ofs);
220 
221 	if (this) {
222 		dbg_fragtree2("lookup gave frag 0x%04x-0x%04x; phys 0x%08x (*%p)\n",
223 			  this->ofs, this->ofs+this->size, this->node?(ref_offset(this->node->raw)):0xffffffff, this);
224 		lastend = this->ofs + this->size;
225 	} else {
226 		dbg_fragtree2("lookup gave no frag\n");
227 		lastend = 0;
228 	}
229 
230 	/* See if we ran off the end of the fragtree */
231 	if (lastend <= newfrag->ofs) {
232 		/* We did */
233 
234 		/* Check if 'this' node was on the same page as the new node.
235 		   If so, both 'this' and the new node get marked REF_NORMAL so
236 		   the GC can take a look.
237 		*/
238 		if (lastend && (lastend-1) >> PAGE_CACHE_SHIFT == newfrag->ofs >> PAGE_CACHE_SHIFT) {
239 			if (this->node)
240 				mark_ref_normal(this->node->raw);
241 			mark_ref_normal(newfrag->node->raw);
242 		}
243 
244 		return no_overlapping_node(c, root, newfrag, this, lastend);
245 	}
246 
247 	if (this->node)
248 		dbg_fragtree2("dealing with frag %u-%u, phys %#08x(%d).\n",
249 		this->ofs, this->ofs + this->size,
250 		ref_offset(this->node->raw), ref_flags(this->node->raw));
251 	else
252 		dbg_fragtree2("dealing with hole frag %u-%u.\n",
253 		this->ofs, this->ofs + this->size);
254 
255 	/* OK. 'this' is pointing at the first frag that newfrag->ofs at least partially obsoletes,
256 	 * - i.e. newfrag->ofs < this->ofs+this->size && newfrag->ofs >= this->ofs
257 	 */
258 	if (newfrag->ofs > this->ofs) {
259 		/* This node isn't completely obsoleted. The start of it remains valid */
260 
261 		/* Mark the new node and the partially covered node REF_NORMAL -- let
262 		   the GC take a look at them */
263 		mark_ref_normal(newfrag->node->raw);
264 		if (this->node)
265 			mark_ref_normal(this->node->raw);
266 
267 		if (this->ofs + this->size > newfrag->ofs + newfrag->size) {
268 			/* The new node splits 'this' frag into two */
269 			struct jffs2_node_frag *newfrag2;
270 
271 			if (this->node)
272 				dbg_fragtree2("split old frag 0x%04x-0x%04x, phys 0x%08x\n",
273 					this->ofs, this->ofs+this->size, ref_offset(this->node->raw));
274 			else
275 				dbg_fragtree2("split old hole frag 0x%04x-0x%04x\n",
276 					this->ofs, this->ofs+this->size);
277 
278 			/* New second frag pointing to this's node */
279 			newfrag2 = new_fragment(this->node, newfrag->ofs + newfrag->size,
280 						this->ofs + this->size - newfrag->ofs - newfrag->size);
281 			if (unlikely(!newfrag2))
282 				return -ENOMEM;
283 			if (this->node)
284 				this->node->frags++;
285 
286 			/* Adjust size of original 'this' */
287 			this->size = newfrag->ofs - this->ofs;
288 
289 			/* Now, we know there's no node with offset
290 			   greater than this->ofs but smaller than
291 			   newfrag2->ofs or newfrag->ofs, for obvious
292 			   reasons. So we can do a tree insert from
293 			   'this' to insert newfrag, and a tree insert
294 			   from newfrag to insert newfrag2. */
295 			jffs2_fragtree_insert(newfrag, this);
296 			rb_insert_color(&newfrag->rb, root);
297 
298 			jffs2_fragtree_insert(newfrag2, newfrag);
299 			rb_insert_color(&newfrag2->rb, root);
300 
301 			return 0;
302 		}
303 		/* New node just reduces 'this' frag in size, doesn't split it */
304 		this->size = newfrag->ofs - this->ofs;
305 
306 		/* Again, we know it lives down here in the tree */
307 		jffs2_fragtree_insert(newfrag, this);
308 		rb_insert_color(&newfrag->rb, root);
309 	} else {
310 		/* New frag starts at the same point as 'this' used to. Replace
311 		   it in the tree without doing a delete and insertion */
312 		dbg_fragtree2("inserting newfrag (*%p),%d-%d in before 'this' (*%p),%d-%d\n",
313 			  newfrag, newfrag->ofs, newfrag->ofs+newfrag->size, this, this->ofs, this->ofs+this->size);
314 
315 		rb_replace_node(&this->rb, &newfrag->rb, root);
316 
317 		if (newfrag->ofs + newfrag->size >= this->ofs+this->size) {
318 			dbg_fragtree2("obsoleting node frag %p (%x-%x)\n", this, this->ofs, this->ofs+this->size);
319 			jffs2_obsolete_node_frag(c, this);
320 		} else {
321 			this->ofs += newfrag->size;
322 			this->size -= newfrag->size;
323 
324 			jffs2_fragtree_insert(this, newfrag);
325 			rb_insert_color(&this->rb, root);
326 			return 0;
327 		}
328 	}
329 	/* OK, now we have newfrag added in the correct place in the tree, but
330 	   frag_next(newfrag) may be a fragment which is overlapped by it
331 	*/
332 	while ((this = frag_next(newfrag)) && newfrag->ofs + newfrag->size >= this->ofs + this->size) {
333 		/* 'this' frag is obsoleted completely. */
334 		dbg_fragtree2("obsoleting node frag %p (%x-%x) and removing from tree\n",
335 			this, this->ofs, this->ofs+this->size);
336 		rb_erase(&this->rb, root);
337 		jffs2_obsolete_node_frag(c, this);
338 	}
339 	/* Now we're pointing at the first frag which isn't totally obsoleted by
340 	   the new frag */
341 
342 	if (!this || newfrag->ofs + newfrag->size == this->ofs)
343 		return 0;
344 
345 	/* Still some overlap but we don't need to move it in the tree */
346 	this->size = (this->ofs + this->size) - (newfrag->ofs + newfrag->size);
347 	this->ofs = newfrag->ofs + newfrag->size;
348 
349 	/* And mark them REF_NORMAL so the GC takes a look at them */
350 	if (this->node)
351 		mark_ref_normal(this->node->raw);
352 	mark_ref_normal(newfrag->node->raw);
353 
354 	return 0;
355 }
356 
357 /*
358  * Given an inode, probably with existing tree of fragments, add the new node
359  * to the fragment tree.
360  */
jffs2_add_full_dnode_to_inode(struct jffs2_sb_info * c,struct jffs2_inode_info * f,struct jffs2_full_dnode * fn)361 int jffs2_add_full_dnode_to_inode(struct jffs2_sb_info *c, struct jffs2_inode_info *f, struct jffs2_full_dnode *fn)
362 {
363 	int ret;
364 	struct jffs2_node_frag *newfrag;
365 
366 	if (unlikely(!fn->size))
367 		return 0;
368 
369 	newfrag = new_fragment(fn, fn->ofs, fn->size);
370 	if (unlikely(!newfrag))
371 		return -ENOMEM;
372 	newfrag->node->frags = 1;
373 
374 	dbg_fragtree("adding node %#04x-%#04x @0x%08x on flash, newfrag *%p\n",
375 		  fn->ofs, fn->ofs+fn->size, ref_offset(fn->raw), newfrag);
376 
377 	ret = jffs2_add_frag_to_fragtree(c, &f->fragtree, newfrag);
378 	if (unlikely(ret))
379 		return ret;
380 
381 	/* If we now share a page with other nodes, mark either previous
382 	   or next node REF_NORMAL, as appropriate.  */
383 	if (newfrag->ofs & (PAGE_CACHE_SIZE-1)) {
384 		struct jffs2_node_frag *prev = frag_prev(newfrag);
385 
386 		mark_ref_normal(fn->raw);
387 		/* If we don't start at zero there's _always_ a previous */
388 		if (prev->node)
389 			mark_ref_normal(prev->node->raw);
390 	}
391 
392 	if ((newfrag->ofs+newfrag->size) & (PAGE_CACHE_SIZE-1)) {
393 		struct jffs2_node_frag *next = frag_next(newfrag);
394 
395 		if (next) {
396 			mark_ref_normal(fn->raw);
397 			if (next->node)
398 				mark_ref_normal(next->node->raw);
399 		}
400 	}
401 	jffs2_dbg_fragtree_paranoia_check_nolock(f);
402 
403 	return 0;
404 }
405 
jffs2_set_inocache_state(struct jffs2_sb_info * c,struct jffs2_inode_cache * ic,int state)406 void jffs2_set_inocache_state(struct jffs2_sb_info *c, struct jffs2_inode_cache *ic, int state)
407 {
408 	spin_lock(&c->inocache_lock);
409 	ic->state = state;
410 	wake_up(&c->inocache_wq);
411 	spin_unlock(&c->inocache_lock);
412 }
413 
414 /* During mount, this needs no locking. During normal operation, its
415    callers want to do other stuff while still holding the inocache_lock.
416    Rather than introducing special case get_ino_cache functions or
417    callbacks, we just let the caller do the locking itself. */
418 
jffs2_get_ino_cache(struct jffs2_sb_info * c,uint32_t ino)419 struct jffs2_inode_cache *jffs2_get_ino_cache(struct jffs2_sb_info *c, uint32_t ino)
420 {
421 	struct jffs2_inode_cache *ret;
422 
423 	ret = c->inocache_list[ino % c->inocache_hashsize];
424 	while (ret && ret->ino < ino) {
425 		ret = ret->next;
426 	}
427 
428 	if (ret && ret->ino != ino)
429 		ret = NULL;
430 
431 	return ret;
432 }
433 
jffs2_add_ino_cache(struct jffs2_sb_info * c,struct jffs2_inode_cache * new)434 void jffs2_add_ino_cache (struct jffs2_sb_info *c, struct jffs2_inode_cache *new)
435 {
436 	struct jffs2_inode_cache **prev;
437 
438 	spin_lock(&c->inocache_lock);
439 	if (!new->ino)
440 		new->ino = ++c->highest_ino;
441 
442 	dbg_inocache("add %p (ino #%u)\n", new, new->ino);
443 
444 	prev = &c->inocache_list[new->ino % c->inocache_hashsize];
445 
446 	while ((*prev) && (*prev)->ino < new->ino) {
447 		prev = &(*prev)->next;
448 	}
449 	new->next = *prev;
450 	*prev = new;
451 
452 	spin_unlock(&c->inocache_lock);
453 }
454 
jffs2_del_ino_cache(struct jffs2_sb_info * c,struct jffs2_inode_cache * old)455 void jffs2_del_ino_cache(struct jffs2_sb_info *c, struct jffs2_inode_cache *old)
456 {
457 	struct jffs2_inode_cache **prev;
458 
459 #ifdef CONFIG_JFFS2_FS_XATTR
460 	BUG_ON(old->xref);
461 #endif
462 	dbg_inocache("del %p (ino #%u)\n", old, old->ino);
463 	spin_lock(&c->inocache_lock);
464 
465 	prev = &c->inocache_list[old->ino % c->inocache_hashsize];
466 
467 	while ((*prev) && (*prev)->ino < old->ino) {
468 		prev = &(*prev)->next;
469 	}
470 	if ((*prev) == old) {
471 		*prev = old->next;
472 	}
473 
474 	/* Free it now unless it's in READING or CLEARING state, which
475 	   are the transitions upon read_inode() and clear_inode(). The
476 	   rest of the time we know nobody else is looking at it, and
477 	   if it's held by read_inode() or clear_inode() they'll free it
478 	   for themselves. */
479 	if (old->state != INO_STATE_READING && old->state != INO_STATE_CLEARING)
480 		jffs2_free_inode_cache(old);
481 
482 	spin_unlock(&c->inocache_lock);
483 }
484 
jffs2_free_ino_caches(struct jffs2_sb_info * c)485 void jffs2_free_ino_caches(struct jffs2_sb_info *c)
486 {
487 	int i;
488 	struct jffs2_inode_cache *this, *next;
489 
490 	for (i=0; i < c->inocache_hashsize; i++) {
491 		this = c->inocache_list[i];
492 		while (this) {
493 			next = this->next;
494 			jffs2_xattr_free_inode(c, this);
495 			jffs2_free_inode_cache(this);
496 			this = next;
497 		}
498 		c->inocache_list[i] = NULL;
499 	}
500 }
501 
jffs2_free_raw_node_refs(struct jffs2_sb_info * c)502 void jffs2_free_raw_node_refs(struct jffs2_sb_info *c)
503 {
504 	int i;
505 	struct jffs2_raw_node_ref *this, *next;
506 
507 	for (i=0; i<c->nr_blocks; i++) {
508 		this = c->blocks[i].first_node;
509 		while (this) {
510 			if (this[REFS_PER_BLOCK].flash_offset == REF_LINK_NODE)
511 				next = this[REFS_PER_BLOCK].next_in_ino;
512 			else
513 				next = NULL;
514 
515 			jffs2_free_refblock(this);
516 			this = next;
517 		}
518 		c->blocks[i].first_node = c->blocks[i].last_node = NULL;
519 	}
520 }
521 
jffs2_lookup_node_frag(struct rb_root * fragtree,uint32_t offset)522 struct jffs2_node_frag *jffs2_lookup_node_frag(struct rb_root *fragtree, uint32_t offset)
523 {
524 	/* The common case in lookup is that there will be a node
525 	   which precisely matches. So we go looking for that first */
526 	struct rb_node *next;
527 	struct jffs2_node_frag *prev = NULL;
528 	struct jffs2_node_frag *frag = NULL;
529 
530 	dbg_fragtree2("root %p, offset %d\n", fragtree, offset);
531 
532 	next = fragtree->rb_node;
533 
534 	while(next) {
535 		frag = rb_entry(next, struct jffs2_node_frag, rb);
536 
537 		if (frag->ofs + frag->size <= offset) {
538 			/* Remember the closest smaller match on the way down */
539 			if (!prev || frag->ofs > prev->ofs)
540 				prev = frag;
541 			next = frag->rb.rb_right;
542 		} else if (frag->ofs > offset) {
543 			next = frag->rb.rb_left;
544 		} else {
545 			return frag;
546 		}
547 	}
548 
549 	/* Exact match not found. Go back up looking at each parent,
550 	   and return the closest smaller one */
551 
552 	if (prev)
553 		dbg_fragtree2("no match. Returning frag %#04x-%#04x, closest previous\n",
554 			  prev->ofs, prev->ofs+prev->size);
555 	else
556 		dbg_fragtree2("returning NULL, empty fragtree\n");
557 
558 	return prev;
559 }
560 
561 /* Pass 'c' argument to indicate that nodes should be marked obsolete as
562    they're killed. */
jffs2_kill_fragtree(struct rb_root * root,struct jffs2_sb_info * c)563 void jffs2_kill_fragtree(struct rb_root *root, struct jffs2_sb_info *c)
564 {
565 	struct jffs2_node_frag *frag;
566 	struct jffs2_node_frag *parent;
567 
568 	if (!root->rb_node)
569 		return;
570 
571 	dbg_fragtree("killing\n");
572 
573 	frag = (rb_entry(root->rb_node, struct jffs2_node_frag, rb));
574 	while(frag) {
575 		if (frag->rb.rb_left) {
576 			frag = frag_left(frag);
577 			continue;
578 		}
579 		if (frag->rb.rb_right) {
580 			frag = frag_right(frag);
581 			continue;
582 		}
583 
584 		if (frag->node && !(--frag->node->frags)) {
585 			/* Not a hole, and it's the final remaining frag
586 			   of this node. Free the node */
587 			if (c)
588 				jffs2_mark_node_obsolete(c, frag->node->raw);
589 
590 			jffs2_free_full_dnode(frag->node);
591 		}
592 		parent = frag_parent(frag);
593 		if (parent) {
594 			if (frag_left(parent) == frag)
595 				parent->rb.rb_left = NULL;
596 			else
597 				parent->rb.rb_right = NULL;
598 		}
599 
600 		jffs2_free_node_frag(frag);
601 		frag = parent;
602 
603 		cond_resched();
604 	}
605 }
606 
jffs2_link_node_ref(struct jffs2_sb_info * c,struct jffs2_eraseblock * jeb,uint32_t ofs,uint32_t len,struct jffs2_inode_cache * ic)607 struct jffs2_raw_node_ref *jffs2_link_node_ref(struct jffs2_sb_info *c,
608 					       struct jffs2_eraseblock *jeb,
609 					       uint32_t ofs, uint32_t len,
610 					       struct jffs2_inode_cache *ic)
611 {
612 	struct jffs2_raw_node_ref *ref;
613 
614 	BUG_ON(!jeb->allocated_refs);
615 	jeb->allocated_refs--;
616 
617 	ref = jeb->last_node;
618 
619 	dbg_noderef("Last node at %p is (%08x,%p)\n", ref, ref->flash_offset,
620 		    ref->next_in_ino);
621 
622 	while (ref->flash_offset != REF_EMPTY_NODE) {
623 		if (ref->flash_offset == REF_LINK_NODE)
624 			ref = ref->next_in_ino;
625 		else
626 			ref++;
627 	}
628 
629 	dbg_noderef("New ref is %p (%08x becomes %08x,%p) len 0x%x\n", ref,
630 		    ref->flash_offset, ofs, ref->next_in_ino, len);
631 
632 	ref->flash_offset = ofs;
633 
634 	if (!jeb->first_node) {
635 		jeb->first_node = ref;
636 		BUG_ON(ref_offset(ref) != jeb->offset);
637 	} else if (unlikely(ref_offset(ref) != jeb->offset + c->sector_size - jeb->free_size)) {
638 		uint32_t last_len = ref_totlen(c, jeb, jeb->last_node);
639 
640 		JFFS2_ERROR("Adding new ref %p at (0x%08x-0x%08x) not immediately after previous (0x%08x-0x%08x)\n",
641 			    ref, ref_offset(ref), ref_offset(ref)+len,
642 			    ref_offset(jeb->last_node),
643 			    ref_offset(jeb->last_node)+last_len);
644 		BUG();
645 	}
646 	jeb->last_node = ref;
647 
648 	if (ic) {
649 		ref->next_in_ino = ic->nodes;
650 		ic->nodes = ref;
651 	} else {
652 		ref->next_in_ino = NULL;
653 	}
654 
655 	switch(ref_flags(ref)) {
656 	case REF_UNCHECKED:
657 		c->unchecked_size += len;
658 		jeb->unchecked_size += len;
659 		break;
660 
661 	case REF_NORMAL:
662 	case REF_PRISTINE:
663 		c->used_size += len;
664 		jeb->used_size += len;
665 		break;
666 
667 	case REF_OBSOLETE:
668 		c->dirty_size += len;
669 		jeb->dirty_size += len;
670 		break;
671 	}
672 	c->free_size -= len;
673 	jeb->free_size -= len;
674 
675 #ifdef TEST_TOTLEN
676 	/* Set (and test) __totlen field... for now */
677 	ref->__totlen = len;
678 	ref_totlen(c, jeb, ref);
679 #endif
680 	return ref;
681 }
682 
683 /* No locking, no reservation of 'ref'. Do not use on a live file system */
jffs2_scan_dirty_space(struct jffs2_sb_info * c,struct jffs2_eraseblock * jeb,uint32_t size)684 int jffs2_scan_dirty_space(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
685 			   uint32_t size)
686 {
687 	if (!size)
688 		return 0;
689 	if (unlikely(size > jeb->free_size)) {
690 		printk(KERN_CRIT "Dirty space 0x%x larger then free_size 0x%x (wasted 0x%x)\n",
691 		       size, jeb->free_size, jeb->wasted_size);
692 		BUG();
693 	}
694 	/* REF_EMPTY_NODE is !obsolete, so that works OK */
695 	if (jeb->last_node && ref_obsolete(jeb->last_node)) {
696 #ifdef TEST_TOTLEN
697 		jeb->last_node->__totlen += size;
698 #endif
699 		c->dirty_size += size;
700 		c->free_size -= size;
701 		jeb->dirty_size += size;
702 		jeb->free_size -= size;
703 	} else {
704 		uint32_t ofs = jeb->offset + c->sector_size - jeb->free_size;
705 		ofs |= REF_OBSOLETE;
706 
707 		jffs2_link_node_ref(c, jeb, ofs, size, NULL);
708 	}
709 
710 	return 0;
711 }
712 
713 /* Calculate totlen from surrounding nodes or eraseblock */
__ref_totlen(struct jffs2_sb_info * c,struct jffs2_eraseblock * jeb,struct jffs2_raw_node_ref * ref)714 static inline uint32_t __ref_totlen(struct jffs2_sb_info *c,
715 				    struct jffs2_eraseblock *jeb,
716 				    struct jffs2_raw_node_ref *ref)
717 {
718 	uint32_t ref_end;
719 	struct jffs2_raw_node_ref *next_ref = ref_next(ref);
720 
721 	if (next_ref)
722 		ref_end = ref_offset(next_ref);
723 	else {
724 		if (!jeb)
725 			jeb = &c->blocks[ref->flash_offset / c->sector_size];
726 
727 		/* Last node in block. Use free_space */
728 		if (unlikely(ref != jeb->last_node)) {
729 			printk(KERN_CRIT "ref %p @0x%08x is not jeb->last_node (%p @0x%08x)\n",
730 			       ref, ref_offset(ref), jeb->last_node, jeb->last_node?ref_offset(jeb->last_node):0);
731 			BUG();
732 		}
733 		ref_end = jeb->offset + c->sector_size - jeb->free_size;
734 	}
735 	return ref_end - ref_offset(ref);
736 }
737 
__jffs2_ref_totlen(struct jffs2_sb_info * c,struct jffs2_eraseblock * jeb,struct jffs2_raw_node_ref * ref)738 uint32_t __jffs2_ref_totlen(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
739 			    struct jffs2_raw_node_ref *ref)
740 {
741 	uint32_t ret;
742 
743 	ret = __ref_totlen(c, jeb, ref);
744 
745 #ifdef TEST_TOTLEN
746 	if (unlikely(ret != ref->__totlen)) {
747 		if (!jeb)
748 			jeb = &c->blocks[ref->flash_offset / c->sector_size];
749 
750 		printk(KERN_CRIT "Totlen for ref at %p (0x%08x-0x%08x) miscalculated as 0x%x instead of %x\n",
751 		       ref, ref_offset(ref), ref_offset(ref)+ref->__totlen,
752 		       ret, ref->__totlen);
753 		if (ref_next(ref)) {
754 			printk(KERN_CRIT "next %p (0x%08x-0x%08x)\n", ref_next(ref), ref_offset(ref_next(ref)),
755 			       ref_offset(ref_next(ref))+ref->__totlen);
756 		} else
757 			printk(KERN_CRIT "No next ref. jeb->last_node is %p\n", jeb->last_node);
758 
759 		printk(KERN_CRIT "jeb->wasted_size %x, dirty_size %x, used_size %x, free_size %x\n", jeb->wasted_size, jeb->dirty_size, jeb->used_size, jeb->free_size);
760 
761 #if defined(JFFS2_DBG_DUMPS) || defined(JFFS2_DBG_PARANOIA_CHECKS)
762 		__jffs2_dbg_dump_node_refs_nolock(c, jeb);
763 #endif
764 
765 		WARN_ON(1);
766 
767 		ret = ref->__totlen;
768 	}
769 #endif /* TEST_TOTLEN */
770 	return ret;
771 }
772