1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  *
4  * Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved.
5  *
6  */
7 
8 #include <linux/blkdev.h>
9 #include <linux/buffer_head.h>
10 #include <linux/fs.h>
11 #include <linux/kernel.h>
12 #include <linux/nls.h>
13 
14 #include "debug.h"
15 #include "ntfs.h"
16 #include "ntfs_fs.h"
17 
18 // clang-format off
19 const struct cpu_str NAME_MFT = {
20 	4, 0, { '$', 'M', 'F', 'T' },
21 };
22 const struct cpu_str NAME_MIRROR = {
23 	8, 0, { '$', 'M', 'F', 'T', 'M', 'i', 'r', 'r' },
24 };
25 const struct cpu_str NAME_LOGFILE = {
26 	8, 0, { '$', 'L', 'o', 'g', 'F', 'i', 'l', 'e' },
27 };
28 const struct cpu_str NAME_VOLUME = {
29 	7, 0, { '$', 'V', 'o', 'l', 'u', 'm', 'e' },
30 };
31 const struct cpu_str NAME_ATTRDEF = {
32 	8, 0, { '$', 'A', 't', 't', 'r', 'D', 'e', 'f' },
33 };
34 const struct cpu_str NAME_ROOT = {
35 	1, 0, { '.' },
36 };
37 const struct cpu_str NAME_BITMAP = {
38 	7, 0, { '$', 'B', 'i', 't', 'm', 'a', 'p' },
39 };
40 const struct cpu_str NAME_BOOT = {
41 	5, 0, { '$', 'B', 'o', 'o', 't' },
42 };
43 const struct cpu_str NAME_BADCLUS = {
44 	8, 0, { '$', 'B', 'a', 'd', 'C', 'l', 'u', 's' },
45 };
46 const struct cpu_str NAME_QUOTA = {
47 	6, 0, { '$', 'Q', 'u', 'o', 't', 'a' },
48 };
49 const struct cpu_str NAME_SECURE = {
50 	7, 0, { '$', 'S', 'e', 'c', 'u', 'r', 'e' },
51 };
52 const struct cpu_str NAME_UPCASE = {
53 	7, 0, { '$', 'U', 'p', 'C', 'a', 's', 'e' },
54 };
55 const struct cpu_str NAME_EXTEND = {
56 	7, 0, { '$', 'E', 'x', 't', 'e', 'n', 'd' },
57 };
58 const struct cpu_str NAME_OBJID = {
59 	6, 0, { '$', 'O', 'b', 'j', 'I', 'd' },
60 };
61 const struct cpu_str NAME_REPARSE = {
62 	8, 0, { '$', 'R', 'e', 'p', 'a', 'r', 's', 'e' },
63 };
64 const struct cpu_str NAME_USNJRNL = {
65 	8, 0, { '$', 'U', 's', 'n', 'J', 'r', 'n', 'l' },
66 };
67 const __le16 BAD_NAME[4] = {
68 	cpu_to_le16('$'), cpu_to_le16('B'), cpu_to_le16('a'), cpu_to_le16('d'),
69 };
70 const __le16 I30_NAME[4] = {
71 	cpu_to_le16('$'), cpu_to_le16('I'), cpu_to_le16('3'), cpu_to_le16('0'),
72 };
73 const __le16 SII_NAME[4] = {
74 	cpu_to_le16('$'), cpu_to_le16('S'), cpu_to_le16('I'), cpu_to_le16('I'),
75 };
76 const __le16 SDH_NAME[4] = {
77 	cpu_to_le16('$'), cpu_to_le16('S'), cpu_to_le16('D'), cpu_to_le16('H'),
78 };
79 const __le16 SDS_NAME[4] = {
80 	cpu_to_le16('$'), cpu_to_le16('S'), cpu_to_le16('D'), cpu_to_le16('S'),
81 };
82 const __le16 SO_NAME[2] = {
83 	cpu_to_le16('$'), cpu_to_le16('O'),
84 };
85 const __le16 SQ_NAME[2] = {
86 	cpu_to_le16('$'), cpu_to_le16('Q'),
87 };
88 const __le16 SR_NAME[2] = {
89 	cpu_to_le16('$'), cpu_to_le16('R'),
90 };
91 
92 #ifdef CONFIG_NTFS3_LZX_XPRESS
93 const __le16 WOF_NAME[17] = {
94 	cpu_to_le16('W'), cpu_to_le16('o'), cpu_to_le16('f'), cpu_to_le16('C'),
95 	cpu_to_le16('o'), cpu_to_le16('m'), cpu_to_le16('p'), cpu_to_le16('r'),
96 	cpu_to_le16('e'), cpu_to_le16('s'), cpu_to_le16('s'), cpu_to_le16('e'),
97 	cpu_to_le16('d'), cpu_to_le16('D'), cpu_to_le16('a'), cpu_to_le16('t'),
98 	cpu_to_le16('a'),
99 };
100 #endif
101 
102 static const __le16 CON_NAME[3] = {
103 	cpu_to_le16('C'), cpu_to_le16('O'), cpu_to_le16('N'),
104 };
105 
106 static const __le16 NUL_NAME[3] = {
107 	cpu_to_le16('N'), cpu_to_le16('U'), cpu_to_le16('L'),
108 };
109 
110 static const __le16 AUX_NAME[3] = {
111 	cpu_to_le16('A'), cpu_to_le16('U'), cpu_to_le16('X'),
112 };
113 
114 static const __le16 PRN_NAME[3] = {
115 	cpu_to_le16('P'), cpu_to_le16('R'), cpu_to_le16('N'),
116 };
117 
118 static const __le16 COM_NAME[3] = {
119 	cpu_to_le16('C'), cpu_to_le16('O'), cpu_to_le16('M'),
120 };
121 
122 static const __le16 LPT_NAME[3] = {
123 	cpu_to_le16('L'), cpu_to_le16('P'), cpu_to_le16('T'),
124 };
125 
126 // clang-format on
127 
128 /*
129  * ntfs_fix_pre_write - Insert fixups into @rhdr before writing to disk.
130  */
ntfs_fix_pre_write(struct NTFS_RECORD_HEADER * rhdr,size_t bytes)131 bool ntfs_fix_pre_write(struct NTFS_RECORD_HEADER *rhdr, size_t bytes)
132 {
133 	u16 *fixup, *ptr;
134 	u16 sample;
135 	u16 fo = le16_to_cpu(rhdr->fix_off);
136 	u16 fn = le16_to_cpu(rhdr->fix_num);
137 
138 	if ((fo & 1) || fo + fn * sizeof(short) > SECTOR_SIZE || !fn-- ||
139 	    fn * SECTOR_SIZE > bytes) {
140 		return false;
141 	}
142 
143 	/* Get fixup pointer. */
144 	fixup = Add2Ptr(rhdr, fo);
145 
146 	if (*fixup >= 0x7FFF)
147 		*fixup = 1;
148 	else
149 		*fixup += 1;
150 
151 	sample = *fixup;
152 
153 	ptr = Add2Ptr(rhdr, SECTOR_SIZE - sizeof(short));
154 
155 	while (fn--) {
156 		*++fixup = *ptr;
157 		*ptr = sample;
158 		ptr += SECTOR_SIZE / sizeof(short);
159 	}
160 	return true;
161 }
162 
163 /*
164  * ntfs_fix_post_read - Remove fixups after reading from disk.
165  *
166  * Return: < 0 if error, 0 if ok, 1 if need to update fixups.
167  */
ntfs_fix_post_read(struct NTFS_RECORD_HEADER * rhdr,size_t bytes,bool simple)168 int ntfs_fix_post_read(struct NTFS_RECORD_HEADER *rhdr, size_t bytes,
169 		       bool simple)
170 {
171 	int ret;
172 	u16 *fixup, *ptr;
173 	u16 sample, fo, fn;
174 
175 	fo = le16_to_cpu(rhdr->fix_off);
176 	fn = simple ? ((bytes >> SECTOR_SHIFT) + 1) :
177 		      le16_to_cpu(rhdr->fix_num);
178 
179 	/* Check errors. */
180 	if ((fo & 1) || fo + fn * sizeof(short) > SECTOR_SIZE || !fn-- ||
181 	    fn * SECTOR_SIZE > bytes) {
182 		return -E_NTFS_CORRUPT;
183 	}
184 
185 	/* Get fixup pointer. */
186 	fixup = Add2Ptr(rhdr, fo);
187 	sample = *fixup;
188 	ptr = Add2Ptr(rhdr, SECTOR_SIZE - sizeof(short));
189 	ret = 0;
190 
191 	while (fn--) {
192 		/* Test current word. */
193 		if (*ptr != sample) {
194 			/* Fixup does not match! Is it serious error? */
195 			ret = -E_NTFS_FIXUP;
196 		}
197 
198 		/* Replace fixup. */
199 		*ptr = *++fixup;
200 		ptr += SECTOR_SIZE / sizeof(short);
201 	}
202 
203 	return ret;
204 }
205 
206 /*
207  * ntfs_extend_init - Load $Extend file.
208  */
ntfs_extend_init(struct ntfs_sb_info * sbi)209 int ntfs_extend_init(struct ntfs_sb_info *sbi)
210 {
211 	int err;
212 	struct super_block *sb = sbi->sb;
213 	struct inode *inode, *inode2;
214 	struct MFT_REF ref;
215 
216 	if (sbi->volume.major_ver < 3) {
217 		ntfs_notice(sb, "Skip $Extend 'cause NTFS version");
218 		return 0;
219 	}
220 
221 	ref.low = cpu_to_le32(MFT_REC_EXTEND);
222 	ref.high = 0;
223 	ref.seq = cpu_to_le16(MFT_REC_EXTEND);
224 	inode = ntfs_iget5(sb, &ref, &NAME_EXTEND);
225 	if (IS_ERR(inode)) {
226 		err = PTR_ERR(inode);
227 		ntfs_err(sb, "Failed to load $Extend (%d).", err);
228 		inode = NULL;
229 		goto out;
230 	}
231 
232 	/* If ntfs_iget5() reads from disk it never returns bad inode. */
233 	if (!S_ISDIR(inode->i_mode)) {
234 		err = -EINVAL;
235 		goto out;
236 	}
237 
238 	/* Try to find $ObjId */
239 	inode2 = dir_search_u(inode, &NAME_OBJID, NULL);
240 	if (inode2 && !IS_ERR(inode2)) {
241 		if (is_bad_inode(inode2)) {
242 			iput(inode2);
243 		} else {
244 			sbi->objid.ni = ntfs_i(inode2);
245 			sbi->objid_no = inode2->i_ino;
246 		}
247 	}
248 
249 	/* Try to find $Quota */
250 	inode2 = dir_search_u(inode, &NAME_QUOTA, NULL);
251 	if (inode2 && !IS_ERR(inode2)) {
252 		sbi->quota_no = inode2->i_ino;
253 		iput(inode2);
254 	}
255 
256 	/* Try to find $Reparse */
257 	inode2 = dir_search_u(inode, &NAME_REPARSE, NULL);
258 	if (inode2 && !IS_ERR(inode2)) {
259 		sbi->reparse.ni = ntfs_i(inode2);
260 		sbi->reparse_no = inode2->i_ino;
261 	}
262 
263 	/* Try to find $UsnJrnl */
264 	inode2 = dir_search_u(inode, &NAME_USNJRNL, NULL);
265 	if (inode2 && !IS_ERR(inode2)) {
266 		sbi->usn_jrnl_no = inode2->i_ino;
267 		iput(inode2);
268 	}
269 
270 	err = 0;
271 out:
272 	iput(inode);
273 	return err;
274 }
275 
ntfs_loadlog_and_replay(struct ntfs_inode * ni,struct ntfs_sb_info * sbi)276 int ntfs_loadlog_and_replay(struct ntfs_inode *ni, struct ntfs_sb_info *sbi)
277 {
278 	int err = 0;
279 	struct super_block *sb = sbi->sb;
280 	bool initialized = false;
281 	struct MFT_REF ref;
282 	struct inode *inode;
283 
284 	/* Check for 4GB. */
285 	if (ni->vfs_inode.i_size >= 0x100000000ull) {
286 		ntfs_err(sb, "\x24LogFile is large than 4G.");
287 		err = -EINVAL;
288 		goto out;
289 	}
290 
291 	sbi->flags |= NTFS_FLAGS_LOG_REPLAYING;
292 
293 	ref.low = cpu_to_le32(MFT_REC_MFT);
294 	ref.high = 0;
295 	ref.seq = cpu_to_le16(1);
296 
297 	inode = ntfs_iget5(sb, &ref, NULL);
298 
299 	if (IS_ERR(inode))
300 		inode = NULL;
301 
302 	if (!inode) {
303 		/* Try to use MFT copy. */
304 		u64 t64 = sbi->mft.lbo;
305 
306 		sbi->mft.lbo = sbi->mft.lbo2;
307 		inode = ntfs_iget5(sb, &ref, NULL);
308 		sbi->mft.lbo = t64;
309 		if (IS_ERR(inode))
310 			inode = NULL;
311 	}
312 
313 	if (!inode) {
314 		err = -EINVAL;
315 		ntfs_err(sb, "Failed to load $MFT.");
316 		goto out;
317 	}
318 
319 	sbi->mft.ni = ntfs_i(inode);
320 
321 	/* LogFile should not contains attribute list. */
322 	err = ni_load_all_mi(sbi->mft.ni);
323 	if (!err)
324 		err = log_replay(ni, &initialized);
325 
326 	iput(inode);
327 	sbi->mft.ni = NULL;
328 
329 	sync_blockdev(sb->s_bdev);
330 	invalidate_bdev(sb->s_bdev);
331 
332 	if (sbi->flags & NTFS_FLAGS_NEED_REPLAY) {
333 		err = 0;
334 		goto out;
335 	}
336 
337 	if (sb_rdonly(sb) || !initialized)
338 		goto out;
339 
340 	/* Fill LogFile by '-1' if it is initialized. */
341 	err = ntfs_bio_fill_1(sbi, &ni->file.run);
342 
343 out:
344 	sbi->flags &= ~NTFS_FLAGS_LOG_REPLAYING;
345 
346 	return err;
347 }
348 
349 /*
350  * ntfs_look_for_free_space - Look for a free space in bitmap.
351  */
ntfs_look_for_free_space(struct ntfs_sb_info * sbi,CLST lcn,CLST len,CLST * new_lcn,CLST * new_len,enum ALLOCATE_OPT opt)352 int ntfs_look_for_free_space(struct ntfs_sb_info *sbi, CLST lcn, CLST len,
353 			     CLST *new_lcn, CLST *new_len,
354 			     enum ALLOCATE_OPT opt)
355 {
356 	int err;
357 	CLST alen;
358 	struct super_block *sb = sbi->sb;
359 	size_t alcn, zlen, zeroes, zlcn, zlen2, ztrim, new_zlen;
360 	struct wnd_bitmap *wnd = &sbi->used.bitmap;
361 
362 	down_write_nested(&wnd->rw_lock, BITMAP_MUTEX_CLUSTERS);
363 	if (opt & ALLOCATE_MFT) {
364 		zlen = wnd_zone_len(wnd);
365 
366 		if (!zlen) {
367 			err = ntfs_refresh_zone(sbi);
368 			if (err)
369 				goto up_write;
370 
371 			zlen = wnd_zone_len(wnd);
372 		}
373 
374 		if (!zlen) {
375 			ntfs_err(sbi->sb, "no free space to extend mft");
376 			err = -ENOSPC;
377 			goto up_write;
378 		}
379 
380 		lcn = wnd_zone_bit(wnd);
381 		alen = min_t(CLST, len, zlen);
382 
383 		wnd_zone_set(wnd, lcn + alen, zlen - alen);
384 
385 		err = wnd_set_used(wnd, lcn, alen);
386 		if (err)
387 			goto up_write;
388 
389 		alcn = lcn;
390 		goto space_found;
391 	}
392 	/*
393 	 * 'Cause cluster 0 is always used this value means that we should use
394 	 * cached value of 'next_free_lcn' to improve performance.
395 	 */
396 	if (!lcn)
397 		lcn = sbi->used.next_free_lcn;
398 
399 	if (lcn >= wnd->nbits)
400 		lcn = 0;
401 
402 	alen = wnd_find(wnd, len, lcn, BITMAP_FIND_MARK_AS_USED, &alcn);
403 	if (alen)
404 		goto space_found;
405 
406 	/* Try to use clusters from MftZone. */
407 	zlen = wnd_zone_len(wnd);
408 	zeroes = wnd_zeroes(wnd);
409 
410 	/* Check too big request */
411 	if (len > zeroes + zlen || zlen <= NTFS_MIN_MFT_ZONE) {
412 		err = -ENOSPC;
413 		goto up_write;
414 	}
415 
416 	/* How many clusters to cat from zone. */
417 	zlcn = wnd_zone_bit(wnd);
418 	zlen2 = zlen >> 1;
419 	ztrim = clamp_val(len, zlen2, zlen);
420 	new_zlen = max_t(size_t, zlen - ztrim, NTFS_MIN_MFT_ZONE);
421 
422 	wnd_zone_set(wnd, zlcn, new_zlen);
423 
424 	/* Allocate continues clusters. */
425 	alen = wnd_find(wnd, len, 0,
426 			BITMAP_FIND_MARK_AS_USED | BITMAP_FIND_FULL, &alcn);
427 	if (!alen) {
428 		err = -ENOSPC;
429 		goto up_write;
430 	}
431 
432 space_found:
433 	err = 0;
434 	*new_len = alen;
435 	*new_lcn = alcn;
436 
437 	ntfs_unmap_meta(sb, alcn, alen);
438 
439 	/* Set hint for next requests. */
440 	if (!(opt & ALLOCATE_MFT))
441 		sbi->used.next_free_lcn = alcn + alen;
442 up_write:
443 	up_write(&wnd->rw_lock);
444 	return err;
445 }
446 
447 /*
448  * ntfs_check_for_free_space
449  *
450  * Check if it is possible to allocate 'clen' clusters and 'mlen' Mft records
451  */
ntfs_check_for_free_space(struct ntfs_sb_info * sbi,CLST clen,CLST mlen)452 bool ntfs_check_for_free_space(struct ntfs_sb_info *sbi, CLST clen, CLST mlen)
453 {
454 	size_t free, zlen, avail;
455 	struct wnd_bitmap *wnd;
456 
457 	wnd = &sbi->used.bitmap;
458 	down_read_nested(&wnd->rw_lock, BITMAP_MUTEX_CLUSTERS);
459 	free = wnd_zeroes(wnd);
460 	zlen = min_t(size_t, NTFS_MIN_MFT_ZONE, wnd_zone_len(wnd));
461 	up_read(&wnd->rw_lock);
462 
463 	if (free < zlen + clen)
464 		return false;
465 
466 	avail = free - (zlen + clen);
467 
468 	wnd = &sbi->mft.bitmap;
469 	down_read_nested(&wnd->rw_lock, BITMAP_MUTEX_MFT);
470 	free = wnd_zeroes(wnd);
471 	zlen = wnd_zone_len(wnd);
472 	up_read(&wnd->rw_lock);
473 
474 	if (free >= zlen + mlen)
475 		return true;
476 
477 	return avail >= bytes_to_cluster(sbi, mlen << sbi->record_bits);
478 }
479 
480 /*
481  * ntfs_extend_mft - Allocate additional MFT records.
482  *
483  * sbi->mft.bitmap is locked for write.
484  *
485  * NOTE: recursive:
486  *	ntfs_look_free_mft ->
487  *	ntfs_extend_mft ->
488  *	attr_set_size ->
489  *	ni_insert_nonresident ->
490  *	ni_insert_attr ->
491  *	ni_ins_attr_ext ->
492  *	ntfs_look_free_mft ->
493  *	ntfs_extend_mft
494  *
495  * To avoid recursive always allocate space for two new MFT records
496  * see attrib.c: "at least two MFT to avoid recursive loop".
497  */
ntfs_extend_mft(struct ntfs_sb_info * sbi)498 static int ntfs_extend_mft(struct ntfs_sb_info *sbi)
499 {
500 	int err;
501 	struct ntfs_inode *ni = sbi->mft.ni;
502 	size_t new_mft_total;
503 	u64 new_mft_bytes, new_bitmap_bytes;
504 	struct ATTRIB *attr;
505 	struct wnd_bitmap *wnd = &sbi->mft.bitmap;
506 
507 	new_mft_total = ALIGN(wnd->nbits + NTFS_MFT_INCREASE_STEP, 128);
508 	new_mft_bytes = (u64)new_mft_total << sbi->record_bits;
509 
510 	/* Step 1: Resize $MFT::DATA. */
511 	down_write(&ni->file.run_lock);
512 	err = attr_set_size(ni, ATTR_DATA, NULL, 0, &ni->file.run,
513 			    new_mft_bytes, NULL, false, &attr);
514 
515 	if (err) {
516 		up_write(&ni->file.run_lock);
517 		goto out;
518 	}
519 
520 	attr->nres.valid_size = attr->nres.data_size;
521 	new_mft_total = le64_to_cpu(attr->nres.alloc_size) >> sbi->record_bits;
522 	ni->mi.dirty = true;
523 
524 	/* Step 2: Resize $MFT::BITMAP. */
525 	new_bitmap_bytes = bitmap_size(new_mft_total);
526 
527 	err = attr_set_size(ni, ATTR_BITMAP, NULL, 0, &sbi->mft.bitmap.run,
528 			    new_bitmap_bytes, &new_bitmap_bytes, true, NULL);
529 
530 	/* Refresh MFT Zone if necessary. */
531 	down_write_nested(&sbi->used.bitmap.rw_lock, BITMAP_MUTEX_CLUSTERS);
532 
533 	ntfs_refresh_zone(sbi);
534 
535 	up_write(&sbi->used.bitmap.rw_lock);
536 	up_write(&ni->file.run_lock);
537 
538 	if (err)
539 		goto out;
540 
541 	err = wnd_extend(wnd, new_mft_total);
542 
543 	if (err)
544 		goto out;
545 
546 	ntfs_clear_mft_tail(sbi, sbi->mft.used, new_mft_total);
547 
548 	err = _ni_write_inode(&ni->vfs_inode, 0);
549 out:
550 	return err;
551 }
552 
553 /*
554  * ntfs_look_free_mft - Look for a free MFT record.
555  */
ntfs_look_free_mft(struct ntfs_sb_info * sbi,CLST * rno,bool mft,struct ntfs_inode * ni,struct mft_inode ** mi)556 int ntfs_look_free_mft(struct ntfs_sb_info *sbi, CLST *rno, bool mft,
557 		       struct ntfs_inode *ni, struct mft_inode **mi)
558 {
559 	int err = 0;
560 	size_t zbit, zlen, from, to, fr;
561 	size_t mft_total;
562 	struct MFT_REF ref;
563 	struct super_block *sb = sbi->sb;
564 	struct wnd_bitmap *wnd = &sbi->mft.bitmap;
565 	u32 ir;
566 
567 	static_assert(sizeof(sbi->mft.reserved_bitmap) * 8 >=
568 		      MFT_REC_FREE - MFT_REC_RESERVED);
569 
570 	if (!mft)
571 		down_write_nested(&wnd->rw_lock, BITMAP_MUTEX_MFT);
572 
573 	zlen = wnd_zone_len(wnd);
574 
575 	/* Always reserve space for MFT. */
576 	if (zlen) {
577 		if (mft) {
578 			zbit = wnd_zone_bit(wnd);
579 			*rno = zbit;
580 			wnd_zone_set(wnd, zbit + 1, zlen - 1);
581 		}
582 		goto found;
583 	}
584 
585 	/* No MFT zone. Find the nearest to '0' free MFT. */
586 	if (!wnd_find(wnd, 1, MFT_REC_FREE, 0, &zbit)) {
587 		/* Resize MFT */
588 		mft_total = wnd->nbits;
589 
590 		err = ntfs_extend_mft(sbi);
591 		if (!err) {
592 			zbit = mft_total;
593 			goto reserve_mft;
594 		}
595 
596 		if (!mft || MFT_REC_FREE == sbi->mft.next_reserved)
597 			goto out;
598 
599 		err = 0;
600 
601 		/*
602 		 * Look for free record reserved area [11-16) ==
603 		 * [MFT_REC_RESERVED, MFT_REC_FREE ) MFT bitmap always
604 		 * marks it as used.
605 		 */
606 		if (!sbi->mft.reserved_bitmap) {
607 			/* Once per session create internal bitmap for 5 bits. */
608 			sbi->mft.reserved_bitmap = 0xFF;
609 
610 			ref.high = 0;
611 			for (ir = MFT_REC_RESERVED; ir < MFT_REC_FREE; ir++) {
612 				struct inode *i;
613 				struct ntfs_inode *ni;
614 				struct MFT_REC *mrec;
615 
616 				ref.low = cpu_to_le32(ir);
617 				ref.seq = cpu_to_le16(ir);
618 
619 				i = ntfs_iget5(sb, &ref, NULL);
620 				if (IS_ERR(i)) {
621 next:
622 					ntfs_notice(
623 						sb,
624 						"Invalid reserved record %x",
625 						ref.low);
626 					continue;
627 				}
628 				if (is_bad_inode(i)) {
629 					iput(i);
630 					goto next;
631 				}
632 
633 				ni = ntfs_i(i);
634 
635 				mrec = ni->mi.mrec;
636 
637 				if (!is_rec_base(mrec))
638 					goto next;
639 
640 				if (mrec->hard_links)
641 					goto next;
642 
643 				if (!ni_std(ni))
644 					goto next;
645 
646 				if (ni_find_attr(ni, NULL, NULL, ATTR_NAME,
647 						 NULL, 0, NULL, NULL))
648 					goto next;
649 
650 				__clear_bit(ir - MFT_REC_RESERVED,
651 					    &sbi->mft.reserved_bitmap);
652 			}
653 		}
654 
655 		/* Scan 5 bits for zero. Bit 0 == MFT_REC_RESERVED */
656 		zbit = find_next_zero_bit(&sbi->mft.reserved_bitmap,
657 					  MFT_REC_FREE, MFT_REC_RESERVED);
658 		if (zbit >= MFT_REC_FREE) {
659 			sbi->mft.next_reserved = MFT_REC_FREE;
660 			goto out;
661 		}
662 
663 		zlen = 1;
664 		sbi->mft.next_reserved = zbit;
665 	} else {
666 reserve_mft:
667 		zlen = zbit == MFT_REC_FREE ? (MFT_REC_USER - MFT_REC_FREE) : 4;
668 		if (zbit + zlen > wnd->nbits)
669 			zlen = wnd->nbits - zbit;
670 
671 		while (zlen > 1 && !wnd_is_free(wnd, zbit, zlen))
672 			zlen -= 1;
673 
674 		/* [zbit, zbit + zlen) will be used for MFT itself. */
675 		from = sbi->mft.used;
676 		if (from < zbit)
677 			from = zbit;
678 		to = zbit + zlen;
679 		if (from < to) {
680 			ntfs_clear_mft_tail(sbi, from, to);
681 			sbi->mft.used = to;
682 		}
683 	}
684 
685 	if (mft) {
686 		*rno = zbit;
687 		zbit += 1;
688 		zlen -= 1;
689 	}
690 
691 	wnd_zone_set(wnd, zbit, zlen);
692 
693 found:
694 	if (!mft) {
695 		/* The request to get record for general purpose. */
696 		if (sbi->mft.next_free < MFT_REC_USER)
697 			sbi->mft.next_free = MFT_REC_USER;
698 
699 		for (;;) {
700 			if (sbi->mft.next_free >= sbi->mft.bitmap.nbits) {
701 			} else if (!wnd_find(wnd, 1, MFT_REC_USER, 0, &fr)) {
702 				sbi->mft.next_free = sbi->mft.bitmap.nbits;
703 			} else {
704 				*rno = fr;
705 				sbi->mft.next_free = *rno + 1;
706 				break;
707 			}
708 
709 			err = ntfs_extend_mft(sbi);
710 			if (err)
711 				goto out;
712 		}
713 	}
714 
715 	if (ni && !ni_add_subrecord(ni, *rno, mi)) {
716 		err = -ENOMEM;
717 		goto out;
718 	}
719 
720 	/* We have found a record that are not reserved for next MFT. */
721 	if (*rno >= MFT_REC_FREE)
722 		wnd_set_used(wnd, *rno, 1);
723 	else if (*rno >= MFT_REC_RESERVED && sbi->mft.reserved_bitmap_inited)
724 		__set_bit(*rno - MFT_REC_RESERVED, &sbi->mft.reserved_bitmap);
725 
726 out:
727 	if (!mft)
728 		up_write(&wnd->rw_lock);
729 
730 	return err;
731 }
732 
733 /*
734  * ntfs_mark_rec_free - Mark record as free.
735  * is_mft - true if we are changing MFT
736  */
ntfs_mark_rec_free(struct ntfs_sb_info * sbi,CLST rno,bool is_mft)737 void ntfs_mark_rec_free(struct ntfs_sb_info *sbi, CLST rno, bool is_mft)
738 {
739 	struct wnd_bitmap *wnd = &sbi->mft.bitmap;
740 
741 	if (!is_mft)
742 		down_write_nested(&wnd->rw_lock, BITMAP_MUTEX_MFT);
743 	if (rno >= wnd->nbits)
744 		goto out;
745 
746 	if (rno >= MFT_REC_FREE) {
747 		if (!wnd_is_used(wnd, rno, 1))
748 			ntfs_set_state(sbi, NTFS_DIRTY_ERROR);
749 		else
750 			wnd_set_free(wnd, rno, 1);
751 	} else if (rno >= MFT_REC_RESERVED && sbi->mft.reserved_bitmap_inited) {
752 		__clear_bit(rno - MFT_REC_RESERVED, &sbi->mft.reserved_bitmap);
753 	}
754 
755 	if (rno < wnd_zone_bit(wnd))
756 		wnd_zone_set(wnd, rno, 1);
757 	else if (rno < sbi->mft.next_free && rno >= MFT_REC_USER)
758 		sbi->mft.next_free = rno;
759 
760 out:
761 	if (!is_mft)
762 		up_write(&wnd->rw_lock);
763 }
764 
765 /*
766  * ntfs_clear_mft_tail - Format empty records [from, to).
767  *
768  * sbi->mft.bitmap is locked for write.
769  */
ntfs_clear_mft_tail(struct ntfs_sb_info * sbi,size_t from,size_t to)770 int ntfs_clear_mft_tail(struct ntfs_sb_info *sbi, size_t from, size_t to)
771 {
772 	int err;
773 	u32 rs;
774 	u64 vbo;
775 	struct runs_tree *run;
776 	struct ntfs_inode *ni;
777 
778 	if (from >= to)
779 		return 0;
780 
781 	rs = sbi->record_size;
782 	ni = sbi->mft.ni;
783 	run = &ni->file.run;
784 
785 	down_read(&ni->file.run_lock);
786 	vbo = (u64)from * rs;
787 	for (; from < to; from++, vbo += rs) {
788 		struct ntfs_buffers nb;
789 
790 		err = ntfs_get_bh(sbi, run, vbo, rs, &nb);
791 		if (err)
792 			goto out;
793 
794 		err = ntfs_write_bh(sbi, &sbi->new_rec->rhdr, &nb, 0);
795 		nb_put(&nb);
796 		if (err)
797 			goto out;
798 	}
799 
800 out:
801 	sbi->mft.used = from;
802 	up_read(&ni->file.run_lock);
803 	return err;
804 }
805 
806 /*
807  * ntfs_refresh_zone - Refresh MFT zone.
808  *
809  * sbi->used.bitmap is locked for rw.
810  * sbi->mft.bitmap is locked for write.
811  * sbi->mft.ni->file.run_lock for write.
812  */
ntfs_refresh_zone(struct ntfs_sb_info * sbi)813 int ntfs_refresh_zone(struct ntfs_sb_info *sbi)
814 {
815 	CLST lcn, vcn, len;
816 	size_t lcn_s, zlen;
817 	struct wnd_bitmap *wnd = &sbi->used.bitmap;
818 	struct ntfs_inode *ni = sbi->mft.ni;
819 
820 	/* Do not change anything unless we have non empty MFT zone. */
821 	if (wnd_zone_len(wnd))
822 		return 0;
823 
824 	vcn = bytes_to_cluster(sbi,
825 			       (u64)sbi->mft.bitmap.nbits << sbi->record_bits);
826 
827 	if (!run_lookup_entry(&ni->file.run, vcn - 1, &lcn, &len, NULL))
828 		lcn = SPARSE_LCN;
829 
830 	/* We should always find Last Lcn for MFT. */
831 	if (lcn == SPARSE_LCN)
832 		return -EINVAL;
833 
834 	lcn_s = lcn + 1;
835 
836 	/* Try to allocate clusters after last MFT run. */
837 	zlen = wnd_find(wnd, sbi->zone_max, lcn_s, 0, &lcn_s);
838 	wnd_zone_set(wnd, lcn_s, zlen);
839 
840 	return 0;
841 }
842 
843 /*
844  * ntfs_update_mftmirr - Update $MFTMirr data.
845  */
ntfs_update_mftmirr(struct ntfs_sb_info * sbi,int wait)846 void ntfs_update_mftmirr(struct ntfs_sb_info *sbi, int wait)
847 {
848 	int err;
849 	struct super_block *sb = sbi->sb;
850 	u32 blocksize, bytes;
851 	sector_t block1, block2;
852 
853 	/*
854 	 * sb can be NULL here. In this case sbi->flags should be 0 too.
855 	 */
856 	if (!sb || !(sbi->flags & NTFS_FLAGS_MFTMIRR) ||
857 	    unlikely(ntfs3_forced_shutdown(sb)))
858 		return;
859 
860 	blocksize = sb->s_blocksize;
861 	bytes = sbi->mft.recs_mirr << sbi->record_bits;
862 	block1 = sbi->mft.lbo >> sb->s_blocksize_bits;
863 	block2 = sbi->mft.lbo2 >> sb->s_blocksize_bits;
864 
865 	for (; bytes >= blocksize; bytes -= blocksize) {
866 		struct buffer_head *bh1, *bh2;
867 
868 		bh1 = sb_bread(sb, block1++);
869 		if (!bh1)
870 			return;
871 
872 		bh2 = sb_getblk(sb, block2++);
873 		if (!bh2) {
874 			put_bh(bh1);
875 			return;
876 		}
877 
878 		if (buffer_locked(bh2))
879 			__wait_on_buffer(bh2);
880 
881 		lock_buffer(bh2);
882 		memcpy(bh2->b_data, bh1->b_data, blocksize);
883 		set_buffer_uptodate(bh2);
884 		mark_buffer_dirty(bh2);
885 		unlock_buffer(bh2);
886 
887 		put_bh(bh1);
888 		bh1 = NULL;
889 
890 		err = wait ? sync_dirty_buffer(bh2) : 0;
891 
892 		put_bh(bh2);
893 		if (err)
894 			return;
895 	}
896 
897 	sbi->flags &= ~NTFS_FLAGS_MFTMIRR;
898 }
899 
900 /*
901  * ntfs_bad_inode
902  *
903  * Marks inode as bad and marks fs as 'dirty'
904  */
ntfs_bad_inode(struct inode * inode,const char * hint)905 void ntfs_bad_inode(struct inode *inode, const char *hint)
906 {
907 	struct ntfs_sb_info *sbi = inode->i_sb->s_fs_info;
908 
909 	ntfs_inode_err(inode, "%s", hint);
910 	make_bad_inode(inode);
911 	ntfs_set_state(sbi, NTFS_DIRTY_ERROR);
912 }
913 
914 /*
915  * ntfs_set_state
916  *
917  * Mount: ntfs_set_state(NTFS_DIRTY_DIRTY)
918  * Umount: ntfs_set_state(NTFS_DIRTY_CLEAR)
919  * NTFS error: ntfs_set_state(NTFS_DIRTY_ERROR)
920  */
ntfs_set_state(struct ntfs_sb_info * sbi,enum NTFS_DIRTY_FLAGS dirty)921 int ntfs_set_state(struct ntfs_sb_info *sbi, enum NTFS_DIRTY_FLAGS dirty)
922 {
923 	int err;
924 	struct ATTRIB *attr;
925 	struct VOLUME_INFO *info;
926 	struct mft_inode *mi;
927 	struct ntfs_inode *ni;
928 	__le16 info_flags;
929 
930 	/*
931 	 * Do not change state if fs was real_dirty.
932 	 * Do not change state if fs already dirty(clear).
933 	 * Do not change any thing if mounted read only.
934 	 */
935 	if (sbi->volume.real_dirty || sb_rdonly(sbi->sb))
936 		return 0;
937 
938 	/* Check cached value. */
939 	if ((dirty == NTFS_DIRTY_CLEAR ? 0 : VOLUME_FLAG_DIRTY) ==
940 	    (sbi->volume.flags & VOLUME_FLAG_DIRTY))
941 		return 0;
942 
943 	ni = sbi->volume.ni;
944 	if (!ni)
945 		return -EINVAL;
946 
947 	mutex_lock_nested(&ni->ni_lock, NTFS_INODE_MUTEX_DIRTY);
948 
949 	attr = ni_find_attr(ni, NULL, NULL, ATTR_VOL_INFO, NULL, 0, NULL, &mi);
950 	if (!attr) {
951 		err = -EINVAL;
952 		goto out;
953 	}
954 
955 	info = resident_data_ex(attr, SIZEOF_ATTRIBUTE_VOLUME_INFO);
956 	if (!info) {
957 		err = -EINVAL;
958 		goto out;
959 	}
960 
961 	info_flags = info->flags;
962 
963 	switch (dirty) {
964 	case NTFS_DIRTY_ERROR:
965 		ntfs_notice(sbi->sb, "Mark volume as dirty due to NTFS errors");
966 		sbi->volume.real_dirty = true;
967 		fallthrough;
968 	case NTFS_DIRTY_DIRTY:
969 		info->flags |= VOLUME_FLAG_DIRTY;
970 		break;
971 	case NTFS_DIRTY_CLEAR:
972 		info->flags &= ~VOLUME_FLAG_DIRTY;
973 		break;
974 	}
975 	/* Cache current volume flags. */
976 	if (info_flags != info->flags) {
977 		sbi->volume.flags = info->flags;
978 		mi->dirty = true;
979 	}
980 	err = 0;
981 
982 out:
983 	ni_unlock(ni);
984 	if (err)
985 		return err;
986 
987 	mark_inode_dirty_sync(&ni->vfs_inode);
988 	/* verify(!ntfs_update_mftmirr()); */
989 
990 	/* write mft record on disk. */
991 	err = _ni_write_inode(&ni->vfs_inode, 1);
992 
993 	return err;
994 }
995 
996 /*
997  * security_hash - Calculates a hash of security descriptor.
998  */
security_hash(const void * sd,size_t bytes)999 static inline __le32 security_hash(const void *sd, size_t bytes)
1000 {
1001 	u32 hash = 0;
1002 	const __le32 *ptr = sd;
1003 
1004 	bytes >>= 2;
1005 	while (bytes--)
1006 		hash = ((hash >> 0x1D) | (hash << 3)) + le32_to_cpu(*ptr++);
1007 	return cpu_to_le32(hash);
1008 }
1009 
1010 /*
1011  * simple wrapper for sb_bread_unmovable.
1012  */
ntfs_bread(struct super_block * sb,sector_t block)1013 struct buffer_head *ntfs_bread(struct super_block *sb, sector_t block)
1014 {
1015 	struct ntfs_sb_info *sbi = sb->s_fs_info;
1016 	struct buffer_head *bh;
1017 
1018 	if (unlikely(block >= sbi->volume.blocks)) {
1019 		/* prevent generic message "attempt to access beyond end of device" */
1020 		ntfs_err(sb, "try to read out of volume at offset 0x%llx",
1021 			 (u64)block << sb->s_blocksize_bits);
1022 		return NULL;
1023 	}
1024 
1025 	bh = sb_bread_unmovable(sb, block);
1026 	if (bh)
1027 		return bh;
1028 
1029 	ntfs_err(sb, "failed to read volume at offset 0x%llx",
1030 		 (u64)block << sb->s_blocksize_bits);
1031 	return NULL;
1032 }
1033 
ntfs_sb_read(struct super_block * sb,u64 lbo,size_t bytes,void * buffer)1034 int ntfs_sb_read(struct super_block *sb, u64 lbo, size_t bytes, void *buffer)
1035 {
1036 	struct block_device *bdev = sb->s_bdev;
1037 	u32 blocksize = sb->s_blocksize;
1038 	u64 block = lbo >> sb->s_blocksize_bits;
1039 	u32 off = lbo & (blocksize - 1);
1040 	u32 op = blocksize - off;
1041 
1042 	for (; bytes; block += 1, off = 0, op = blocksize) {
1043 		struct buffer_head *bh = __bread(bdev, block, blocksize);
1044 
1045 		if (!bh)
1046 			return -EIO;
1047 
1048 		if (op > bytes)
1049 			op = bytes;
1050 
1051 		memcpy(buffer, bh->b_data + off, op);
1052 
1053 		put_bh(bh);
1054 
1055 		bytes -= op;
1056 		buffer = Add2Ptr(buffer, op);
1057 	}
1058 
1059 	return 0;
1060 }
1061 
ntfs_sb_write(struct super_block * sb,u64 lbo,size_t bytes,const void * buf,int wait)1062 int ntfs_sb_write(struct super_block *sb, u64 lbo, size_t bytes,
1063 		  const void *buf, int wait)
1064 {
1065 	u32 blocksize = sb->s_blocksize;
1066 	struct block_device *bdev = sb->s_bdev;
1067 	sector_t block = lbo >> sb->s_blocksize_bits;
1068 	u32 off = lbo & (blocksize - 1);
1069 	u32 op = blocksize - off;
1070 	struct buffer_head *bh;
1071 
1072 	if (!wait && (sb->s_flags & SB_SYNCHRONOUS))
1073 		wait = 1;
1074 
1075 	for (; bytes; block += 1, off = 0, op = blocksize) {
1076 		if (op > bytes)
1077 			op = bytes;
1078 
1079 		if (op < blocksize) {
1080 			bh = __bread(bdev, block, blocksize);
1081 			if (!bh) {
1082 				ntfs_err(sb, "failed to read block %llx",
1083 					 (u64)block);
1084 				return -EIO;
1085 			}
1086 		} else {
1087 			bh = __getblk(bdev, block, blocksize);
1088 			if (!bh)
1089 				return -ENOMEM;
1090 		}
1091 
1092 		if (buffer_locked(bh))
1093 			__wait_on_buffer(bh);
1094 
1095 		lock_buffer(bh);
1096 		if (buf) {
1097 			memcpy(bh->b_data + off, buf, op);
1098 			buf = Add2Ptr(buf, op);
1099 		} else {
1100 			memset(bh->b_data + off, -1, op);
1101 		}
1102 
1103 		set_buffer_uptodate(bh);
1104 		mark_buffer_dirty(bh);
1105 		unlock_buffer(bh);
1106 
1107 		if (wait) {
1108 			int err = sync_dirty_buffer(bh);
1109 
1110 			if (err) {
1111 				ntfs_err(
1112 					sb,
1113 					"failed to sync buffer at block %llx, error %d",
1114 					(u64)block, err);
1115 				put_bh(bh);
1116 				return err;
1117 			}
1118 		}
1119 
1120 		put_bh(bh);
1121 
1122 		bytes -= op;
1123 	}
1124 	return 0;
1125 }
1126 
ntfs_sb_write_run(struct ntfs_sb_info * sbi,const struct runs_tree * run,u64 vbo,const void * buf,size_t bytes,int sync)1127 int ntfs_sb_write_run(struct ntfs_sb_info *sbi, const struct runs_tree *run,
1128 		      u64 vbo, const void *buf, size_t bytes, int sync)
1129 {
1130 	struct super_block *sb = sbi->sb;
1131 	u8 cluster_bits = sbi->cluster_bits;
1132 	u32 off = vbo & sbi->cluster_mask;
1133 	CLST lcn, clen, vcn = vbo >> cluster_bits, vcn_next;
1134 	u64 lbo, len;
1135 	size_t idx;
1136 
1137 	if (!run_lookup_entry(run, vcn, &lcn, &clen, &idx))
1138 		return -ENOENT;
1139 
1140 	if (lcn == SPARSE_LCN)
1141 		return -EINVAL;
1142 
1143 	lbo = ((u64)lcn << cluster_bits) + off;
1144 	len = ((u64)clen << cluster_bits) - off;
1145 
1146 	for (;;) {
1147 		u32 op = min_t(u64, len, bytes);
1148 		int err = ntfs_sb_write(sb, lbo, op, buf, sync);
1149 
1150 		if (err)
1151 			return err;
1152 
1153 		bytes -= op;
1154 		if (!bytes)
1155 			break;
1156 
1157 		vcn_next = vcn + clen;
1158 		if (!run_get_entry(run, ++idx, &vcn, &lcn, &clen) ||
1159 		    vcn != vcn_next)
1160 			return -ENOENT;
1161 
1162 		if (lcn == SPARSE_LCN)
1163 			return -EINVAL;
1164 
1165 		if (buf)
1166 			buf = Add2Ptr(buf, op);
1167 
1168 		lbo = ((u64)lcn << cluster_bits);
1169 		len = ((u64)clen << cluster_bits);
1170 	}
1171 
1172 	return 0;
1173 }
1174 
ntfs_bread_run(struct ntfs_sb_info * sbi,const struct runs_tree * run,u64 vbo)1175 struct buffer_head *ntfs_bread_run(struct ntfs_sb_info *sbi,
1176 				   const struct runs_tree *run, u64 vbo)
1177 {
1178 	struct super_block *sb = sbi->sb;
1179 	u8 cluster_bits = sbi->cluster_bits;
1180 	CLST lcn;
1181 	u64 lbo;
1182 
1183 	if (!run_lookup_entry(run, vbo >> cluster_bits, &lcn, NULL, NULL))
1184 		return ERR_PTR(-ENOENT);
1185 
1186 	lbo = ((u64)lcn << cluster_bits) + (vbo & sbi->cluster_mask);
1187 
1188 	return ntfs_bread(sb, lbo >> sb->s_blocksize_bits);
1189 }
1190 
ntfs_read_run_nb(struct ntfs_sb_info * sbi,const struct runs_tree * run,u64 vbo,void * buf,u32 bytes,struct ntfs_buffers * nb)1191 int ntfs_read_run_nb(struct ntfs_sb_info *sbi, const struct runs_tree *run,
1192 		     u64 vbo, void *buf, u32 bytes, struct ntfs_buffers *nb)
1193 {
1194 	int err;
1195 	struct super_block *sb = sbi->sb;
1196 	u32 blocksize = sb->s_blocksize;
1197 	u8 cluster_bits = sbi->cluster_bits;
1198 	u32 off = vbo & sbi->cluster_mask;
1199 	u32 nbh = 0;
1200 	CLST vcn_next, vcn = vbo >> cluster_bits;
1201 	CLST lcn, clen;
1202 	u64 lbo, len;
1203 	size_t idx;
1204 	struct buffer_head *bh;
1205 
1206 	if (!run) {
1207 		/* First reading of $Volume + $MFTMirr + $LogFile goes here. */
1208 		if (vbo > MFT_REC_VOL * sbi->record_size) {
1209 			err = -ENOENT;
1210 			goto out;
1211 		}
1212 
1213 		/* Use absolute boot's 'MFTCluster' to read record. */
1214 		lbo = vbo + sbi->mft.lbo;
1215 		len = sbi->record_size;
1216 	} else if (!run_lookup_entry(run, vcn, &lcn, &clen, &idx)) {
1217 		err = -ENOENT;
1218 		goto out;
1219 	} else {
1220 		if (lcn == SPARSE_LCN) {
1221 			err = -EINVAL;
1222 			goto out;
1223 		}
1224 
1225 		lbo = ((u64)lcn << cluster_bits) + off;
1226 		len = ((u64)clen << cluster_bits) - off;
1227 	}
1228 
1229 	off = lbo & (blocksize - 1);
1230 	if (nb) {
1231 		nb->off = off;
1232 		nb->bytes = bytes;
1233 	}
1234 
1235 	for (;;) {
1236 		u32 len32 = len >= bytes ? bytes : len;
1237 		sector_t block = lbo >> sb->s_blocksize_bits;
1238 
1239 		do {
1240 			u32 op = blocksize - off;
1241 
1242 			if (op > len32)
1243 				op = len32;
1244 
1245 			bh = ntfs_bread(sb, block);
1246 			if (!bh) {
1247 				err = -EIO;
1248 				goto out;
1249 			}
1250 
1251 			if (buf) {
1252 				memcpy(buf, bh->b_data + off, op);
1253 				buf = Add2Ptr(buf, op);
1254 			}
1255 
1256 			if (!nb) {
1257 				put_bh(bh);
1258 			} else if (nbh >= ARRAY_SIZE(nb->bh)) {
1259 				err = -EINVAL;
1260 				goto out;
1261 			} else {
1262 				nb->bh[nbh++] = bh;
1263 				nb->nbufs = nbh;
1264 			}
1265 
1266 			bytes -= op;
1267 			if (!bytes)
1268 				return 0;
1269 			len32 -= op;
1270 			block += 1;
1271 			off = 0;
1272 
1273 		} while (len32);
1274 
1275 		vcn_next = vcn + clen;
1276 		if (!run_get_entry(run, ++idx, &vcn, &lcn, &clen) ||
1277 		    vcn != vcn_next) {
1278 			err = -ENOENT;
1279 			goto out;
1280 		}
1281 
1282 		if (lcn == SPARSE_LCN) {
1283 			err = -EINVAL;
1284 			goto out;
1285 		}
1286 
1287 		lbo = ((u64)lcn << cluster_bits);
1288 		len = ((u64)clen << cluster_bits);
1289 	}
1290 
1291 out:
1292 	if (!nbh)
1293 		return err;
1294 
1295 	while (nbh) {
1296 		put_bh(nb->bh[--nbh]);
1297 		nb->bh[nbh] = NULL;
1298 	}
1299 
1300 	nb->nbufs = 0;
1301 	return err;
1302 }
1303 
1304 /*
1305  * ntfs_read_bh
1306  *
1307  * Return: < 0 if error, 0 if ok, -E_NTFS_FIXUP if need to update fixups.
1308  */
ntfs_read_bh(struct ntfs_sb_info * sbi,const struct runs_tree * run,u64 vbo,struct NTFS_RECORD_HEADER * rhdr,u32 bytes,struct ntfs_buffers * nb)1309 int ntfs_read_bh(struct ntfs_sb_info *sbi, const struct runs_tree *run, u64 vbo,
1310 		 struct NTFS_RECORD_HEADER *rhdr, u32 bytes,
1311 		 struct ntfs_buffers *nb)
1312 {
1313 	int err = ntfs_read_run_nb(sbi, run, vbo, rhdr, bytes, nb);
1314 
1315 	if (err)
1316 		return err;
1317 	return ntfs_fix_post_read(rhdr, nb->bytes, true);
1318 }
1319 
ntfs_get_bh(struct ntfs_sb_info * sbi,const struct runs_tree * run,u64 vbo,u32 bytes,struct ntfs_buffers * nb)1320 int ntfs_get_bh(struct ntfs_sb_info *sbi, const struct runs_tree *run, u64 vbo,
1321 		u32 bytes, struct ntfs_buffers *nb)
1322 {
1323 	int err = 0;
1324 	struct super_block *sb = sbi->sb;
1325 	u32 blocksize = sb->s_blocksize;
1326 	u8 cluster_bits = sbi->cluster_bits;
1327 	CLST vcn_next, vcn = vbo >> cluster_bits;
1328 	u32 off;
1329 	u32 nbh = 0;
1330 	CLST lcn, clen;
1331 	u64 lbo, len;
1332 	size_t idx;
1333 
1334 	nb->bytes = bytes;
1335 
1336 	if (!run_lookup_entry(run, vcn, &lcn, &clen, &idx)) {
1337 		err = -ENOENT;
1338 		goto out;
1339 	}
1340 
1341 	off = vbo & sbi->cluster_mask;
1342 	lbo = ((u64)lcn << cluster_bits) + off;
1343 	len = ((u64)clen << cluster_bits) - off;
1344 
1345 	nb->off = off = lbo & (blocksize - 1);
1346 
1347 	for (;;) {
1348 		u32 len32 = min_t(u64, len, bytes);
1349 		sector_t block = lbo >> sb->s_blocksize_bits;
1350 
1351 		do {
1352 			u32 op;
1353 			struct buffer_head *bh;
1354 
1355 			if (nbh >= ARRAY_SIZE(nb->bh)) {
1356 				err = -EINVAL;
1357 				goto out;
1358 			}
1359 
1360 			op = blocksize - off;
1361 			if (op > len32)
1362 				op = len32;
1363 
1364 			if (op == blocksize) {
1365 				bh = sb_getblk(sb, block);
1366 				if (!bh) {
1367 					err = -ENOMEM;
1368 					goto out;
1369 				}
1370 				if (buffer_locked(bh))
1371 					__wait_on_buffer(bh);
1372 				set_buffer_uptodate(bh);
1373 			} else {
1374 				bh = ntfs_bread(sb, block);
1375 				if (!bh) {
1376 					err = -EIO;
1377 					goto out;
1378 				}
1379 			}
1380 
1381 			nb->bh[nbh++] = bh;
1382 			bytes -= op;
1383 			if (!bytes) {
1384 				nb->nbufs = nbh;
1385 				return 0;
1386 			}
1387 
1388 			block += 1;
1389 			len32 -= op;
1390 			off = 0;
1391 		} while (len32);
1392 
1393 		vcn_next = vcn + clen;
1394 		if (!run_get_entry(run, ++idx, &vcn, &lcn, &clen) ||
1395 		    vcn != vcn_next) {
1396 			err = -ENOENT;
1397 			goto out;
1398 		}
1399 
1400 		lbo = ((u64)lcn << cluster_bits);
1401 		len = ((u64)clen << cluster_bits);
1402 	}
1403 
1404 out:
1405 	while (nbh) {
1406 		put_bh(nb->bh[--nbh]);
1407 		nb->bh[nbh] = NULL;
1408 	}
1409 
1410 	nb->nbufs = 0;
1411 
1412 	return err;
1413 }
1414 
ntfs_write_bh(struct ntfs_sb_info * sbi,struct NTFS_RECORD_HEADER * rhdr,struct ntfs_buffers * nb,int sync)1415 int ntfs_write_bh(struct ntfs_sb_info *sbi, struct NTFS_RECORD_HEADER *rhdr,
1416 		  struct ntfs_buffers *nb, int sync)
1417 {
1418 	int err = 0;
1419 	struct super_block *sb = sbi->sb;
1420 	u32 block_size = sb->s_blocksize;
1421 	u32 bytes = nb->bytes;
1422 	u32 off = nb->off;
1423 	u16 fo = le16_to_cpu(rhdr->fix_off);
1424 	u16 fn = le16_to_cpu(rhdr->fix_num);
1425 	u32 idx;
1426 	__le16 *fixup;
1427 	__le16 sample;
1428 
1429 	if ((fo & 1) || fo + fn * sizeof(short) > SECTOR_SIZE || !fn-- ||
1430 	    fn * SECTOR_SIZE > bytes) {
1431 		return -EINVAL;
1432 	}
1433 
1434 	for (idx = 0; bytes && idx < nb->nbufs; idx += 1, off = 0) {
1435 		u32 op = block_size - off;
1436 		char *bh_data;
1437 		struct buffer_head *bh = nb->bh[idx];
1438 		__le16 *ptr, *end_data;
1439 
1440 		if (op > bytes)
1441 			op = bytes;
1442 
1443 		if (buffer_locked(bh))
1444 			__wait_on_buffer(bh);
1445 
1446 		lock_buffer(bh);
1447 
1448 		bh_data = bh->b_data + off;
1449 		end_data = Add2Ptr(bh_data, op);
1450 		memcpy(bh_data, rhdr, op);
1451 
1452 		if (!idx) {
1453 			u16 t16;
1454 
1455 			fixup = Add2Ptr(bh_data, fo);
1456 			sample = *fixup;
1457 			t16 = le16_to_cpu(sample);
1458 			if (t16 >= 0x7FFF) {
1459 				sample = *fixup = cpu_to_le16(1);
1460 			} else {
1461 				sample = cpu_to_le16(t16 + 1);
1462 				*fixup = sample;
1463 			}
1464 
1465 			*(__le16 *)Add2Ptr(rhdr, fo) = sample;
1466 		}
1467 
1468 		ptr = Add2Ptr(bh_data, SECTOR_SIZE - sizeof(short));
1469 
1470 		do {
1471 			*++fixup = *ptr;
1472 			*ptr = sample;
1473 			ptr += SECTOR_SIZE / sizeof(short);
1474 		} while (ptr < end_data);
1475 
1476 		set_buffer_uptodate(bh);
1477 		mark_buffer_dirty(bh);
1478 		unlock_buffer(bh);
1479 
1480 		if (sync) {
1481 			int err2 = sync_dirty_buffer(bh);
1482 
1483 			if (!err && err2)
1484 				err = err2;
1485 		}
1486 
1487 		bytes -= op;
1488 		rhdr = Add2Ptr(rhdr, op);
1489 	}
1490 
1491 	return err;
1492 }
1493 
1494 /*
1495  * ntfs_bio_pages - Read/write pages from/to disk.
1496  */
ntfs_bio_pages(struct ntfs_sb_info * sbi,const struct runs_tree * run,struct page ** pages,u32 nr_pages,u64 vbo,u32 bytes,enum req_op op)1497 int ntfs_bio_pages(struct ntfs_sb_info *sbi, const struct runs_tree *run,
1498 		   struct page **pages, u32 nr_pages, u64 vbo, u32 bytes,
1499 		   enum req_op op)
1500 {
1501 	int err = 0;
1502 	struct bio *new, *bio = NULL;
1503 	struct super_block *sb = sbi->sb;
1504 	struct block_device *bdev = sb->s_bdev;
1505 	struct page *page;
1506 	u8 cluster_bits = sbi->cluster_bits;
1507 	CLST lcn, clen, vcn, vcn_next;
1508 	u32 add, off, page_idx;
1509 	u64 lbo, len;
1510 	size_t run_idx;
1511 	struct blk_plug plug;
1512 
1513 	if (!bytes)
1514 		return 0;
1515 
1516 	blk_start_plug(&plug);
1517 
1518 	/* Align vbo and bytes to be 512 bytes aligned. */
1519 	lbo = (vbo + bytes + 511) & ~511ull;
1520 	vbo = vbo & ~511ull;
1521 	bytes = lbo - vbo;
1522 
1523 	vcn = vbo >> cluster_bits;
1524 	if (!run_lookup_entry(run, vcn, &lcn, &clen, &run_idx)) {
1525 		err = -ENOENT;
1526 		goto out;
1527 	}
1528 	off = vbo & sbi->cluster_mask;
1529 	page_idx = 0;
1530 	page = pages[0];
1531 
1532 	for (;;) {
1533 		lbo = ((u64)lcn << cluster_bits) + off;
1534 		len = ((u64)clen << cluster_bits) - off;
1535 new_bio:
1536 		new = bio_alloc(bdev, nr_pages - page_idx, op, GFP_NOFS);
1537 		if (bio) {
1538 			bio_chain(bio, new);
1539 			submit_bio(bio);
1540 		}
1541 		bio = new;
1542 		bio->bi_iter.bi_sector = lbo >> 9;
1543 
1544 		while (len) {
1545 			off = vbo & (PAGE_SIZE - 1);
1546 			add = off + len > PAGE_SIZE ? (PAGE_SIZE - off) : len;
1547 
1548 			if (bio_add_page(bio, page, add, off) < add)
1549 				goto new_bio;
1550 
1551 			if (bytes <= add)
1552 				goto out;
1553 			bytes -= add;
1554 			vbo += add;
1555 
1556 			if (add + off == PAGE_SIZE) {
1557 				page_idx += 1;
1558 				if (WARN_ON(page_idx >= nr_pages)) {
1559 					err = -EINVAL;
1560 					goto out;
1561 				}
1562 				page = pages[page_idx];
1563 			}
1564 
1565 			if (len <= add)
1566 				break;
1567 			len -= add;
1568 			lbo += add;
1569 		}
1570 
1571 		vcn_next = vcn + clen;
1572 		if (!run_get_entry(run, ++run_idx, &vcn, &lcn, &clen) ||
1573 		    vcn != vcn_next) {
1574 			err = -ENOENT;
1575 			goto out;
1576 		}
1577 		off = 0;
1578 	}
1579 out:
1580 	if (bio) {
1581 		if (!err)
1582 			err = submit_bio_wait(bio);
1583 		bio_put(bio);
1584 	}
1585 	blk_finish_plug(&plug);
1586 
1587 	return err;
1588 }
1589 
1590 /*
1591  * ntfs_bio_fill_1 - Helper for ntfs_loadlog_and_replay().
1592  *
1593  * Fill on-disk logfile range by (-1)
1594  * this means empty logfile.
1595  */
ntfs_bio_fill_1(struct ntfs_sb_info * sbi,const struct runs_tree * run)1596 int ntfs_bio_fill_1(struct ntfs_sb_info *sbi, const struct runs_tree *run)
1597 {
1598 	int err = 0;
1599 	struct super_block *sb = sbi->sb;
1600 	struct block_device *bdev = sb->s_bdev;
1601 	u8 cluster_bits = sbi->cluster_bits;
1602 	struct bio *new, *bio = NULL;
1603 	CLST lcn, clen;
1604 	u64 lbo, len;
1605 	size_t run_idx;
1606 	struct page *fill;
1607 	void *kaddr;
1608 	struct blk_plug plug;
1609 
1610 	fill = alloc_page(GFP_KERNEL);
1611 	if (!fill)
1612 		return -ENOMEM;
1613 
1614 	kaddr = kmap_atomic(fill);
1615 	memset(kaddr, -1, PAGE_SIZE);
1616 	kunmap_atomic(kaddr);
1617 	flush_dcache_page(fill);
1618 	lock_page(fill);
1619 
1620 	if (!run_lookup_entry(run, 0, &lcn, &clen, &run_idx)) {
1621 		err = -ENOENT;
1622 		goto out;
1623 	}
1624 
1625 	/*
1626 	 * TODO: Try blkdev_issue_write_same.
1627 	 */
1628 	blk_start_plug(&plug);
1629 	do {
1630 		lbo = (u64)lcn << cluster_bits;
1631 		len = (u64)clen << cluster_bits;
1632 new_bio:
1633 		new = bio_alloc(bdev, BIO_MAX_VECS, REQ_OP_WRITE, GFP_NOFS);
1634 		if (bio) {
1635 			bio_chain(bio, new);
1636 			submit_bio(bio);
1637 		}
1638 		bio = new;
1639 		bio->bi_iter.bi_sector = lbo >> 9;
1640 
1641 		for (;;) {
1642 			u32 add = len > PAGE_SIZE ? PAGE_SIZE : len;
1643 
1644 			if (bio_add_page(bio, fill, add, 0) < add)
1645 				goto new_bio;
1646 
1647 			lbo += add;
1648 			if (len <= add)
1649 				break;
1650 			len -= add;
1651 		}
1652 	} while (run_get_entry(run, ++run_idx, NULL, &lcn, &clen));
1653 
1654 	if (!err)
1655 		err = submit_bio_wait(bio);
1656 	bio_put(bio);
1657 
1658 	blk_finish_plug(&plug);
1659 out:
1660 	unlock_page(fill);
1661 	put_page(fill);
1662 
1663 	return err;
1664 }
1665 
ntfs_vbo_to_lbo(struct ntfs_sb_info * sbi,const struct runs_tree * run,u64 vbo,u64 * lbo,u64 * bytes)1666 int ntfs_vbo_to_lbo(struct ntfs_sb_info *sbi, const struct runs_tree *run,
1667 		    u64 vbo, u64 *lbo, u64 *bytes)
1668 {
1669 	u32 off;
1670 	CLST lcn, len;
1671 	u8 cluster_bits = sbi->cluster_bits;
1672 
1673 	if (!run_lookup_entry(run, vbo >> cluster_bits, &lcn, &len, NULL))
1674 		return -ENOENT;
1675 
1676 	off = vbo & sbi->cluster_mask;
1677 	*lbo = lcn == SPARSE_LCN ? -1 : (((u64)lcn << cluster_bits) + off);
1678 	*bytes = ((u64)len << cluster_bits) - off;
1679 
1680 	return 0;
1681 }
1682 
ntfs_new_inode(struct ntfs_sb_info * sbi,CLST rno,enum RECORD_FLAG flag)1683 struct ntfs_inode *ntfs_new_inode(struct ntfs_sb_info *sbi, CLST rno,
1684 				  enum RECORD_FLAG flag)
1685 {
1686 	int err = 0;
1687 	struct super_block *sb = sbi->sb;
1688 	struct inode *inode = new_inode(sb);
1689 	struct ntfs_inode *ni;
1690 
1691 	if (!inode)
1692 		return ERR_PTR(-ENOMEM);
1693 
1694 	ni = ntfs_i(inode);
1695 
1696 	err = mi_format_new(&ni->mi, sbi, rno, flag, false);
1697 	if (err)
1698 		goto out;
1699 
1700 	inode->i_ino = rno;
1701 	if (insert_inode_locked(inode) < 0) {
1702 		err = -EIO;
1703 		goto out;
1704 	}
1705 
1706 out:
1707 	if (err) {
1708 		make_bad_inode(inode);
1709 		iput(inode);
1710 		ni = ERR_PTR(err);
1711 	}
1712 	return ni;
1713 }
1714 
1715 /*
1716  * O:BAG:BAD:(A;OICI;FA;;;WD)
1717  * Owner S-1-5-32-544 (Administrators)
1718  * Group S-1-5-32-544 (Administrators)
1719  * ACE: allow S-1-1-0 (Everyone) with FILE_ALL_ACCESS
1720  */
1721 const u8 s_default_security[] __aligned(8) = {
1722 	0x01, 0x00, 0x04, 0x80, 0x30, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00,
1723 	0x00, 0x00, 0x00, 0x00, 0x14, 0x00, 0x00, 0x00, 0x02, 0x00, 0x1C, 0x00,
1724 	0x01, 0x00, 0x00, 0x00, 0x00, 0x03, 0x14, 0x00, 0xFF, 0x01, 0x1F, 0x00,
1725 	0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
1726 	0x01, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x20, 0x00, 0x00, 0x00,
1727 	0x20, 0x02, 0x00, 0x00, 0x01, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05,
1728 	0x20, 0x00, 0x00, 0x00, 0x20, 0x02, 0x00, 0x00,
1729 };
1730 
1731 static_assert(sizeof(s_default_security) == 0x50);
1732 
sid_length(const struct SID * sid)1733 static inline u32 sid_length(const struct SID *sid)
1734 {
1735 	return struct_size(sid, SubAuthority, sid->SubAuthorityCount);
1736 }
1737 
1738 /*
1739  * is_acl_valid
1740  *
1741  * Thanks Mark Harmstone for idea.
1742  */
is_acl_valid(const struct ACL * acl,u32 len)1743 static bool is_acl_valid(const struct ACL *acl, u32 len)
1744 {
1745 	const struct ACE_HEADER *ace;
1746 	u32 i;
1747 	u16 ace_count, ace_size;
1748 
1749 	if (acl->AclRevision != ACL_REVISION &&
1750 	    acl->AclRevision != ACL_REVISION_DS) {
1751 		/*
1752 		 * This value should be ACL_REVISION, unless the ACL contains an
1753 		 * object-specific ACE, in which case this value must be ACL_REVISION_DS.
1754 		 * All ACEs in an ACL must be at the same revision level.
1755 		 */
1756 		return false;
1757 	}
1758 
1759 	if (acl->Sbz1)
1760 		return false;
1761 
1762 	if (le16_to_cpu(acl->AclSize) > len)
1763 		return false;
1764 
1765 	if (acl->Sbz2)
1766 		return false;
1767 
1768 	len -= sizeof(struct ACL);
1769 	ace = (struct ACE_HEADER *)&acl[1];
1770 	ace_count = le16_to_cpu(acl->AceCount);
1771 
1772 	for (i = 0; i < ace_count; i++) {
1773 		if (len < sizeof(struct ACE_HEADER))
1774 			return false;
1775 
1776 		ace_size = le16_to_cpu(ace->AceSize);
1777 		if (len < ace_size)
1778 			return false;
1779 
1780 		len -= ace_size;
1781 		ace = Add2Ptr(ace, ace_size);
1782 	}
1783 
1784 	return true;
1785 }
1786 
is_sd_valid(const struct SECURITY_DESCRIPTOR_RELATIVE * sd,u32 len)1787 bool is_sd_valid(const struct SECURITY_DESCRIPTOR_RELATIVE *sd, u32 len)
1788 {
1789 	u32 sd_owner, sd_group, sd_sacl, sd_dacl;
1790 
1791 	if (len < sizeof(struct SECURITY_DESCRIPTOR_RELATIVE))
1792 		return false;
1793 
1794 	if (sd->Revision != 1)
1795 		return false;
1796 
1797 	if (sd->Sbz1)
1798 		return false;
1799 
1800 	if (!(sd->Control & SE_SELF_RELATIVE))
1801 		return false;
1802 
1803 	sd_owner = le32_to_cpu(sd->Owner);
1804 	if (sd_owner) {
1805 		const struct SID *owner = Add2Ptr(sd, sd_owner);
1806 
1807 		if (sd_owner + offsetof(struct SID, SubAuthority) > len)
1808 			return false;
1809 
1810 		if (owner->Revision != 1)
1811 			return false;
1812 
1813 		if (sd_owner + sid_length(owner) > len)
1814 			return false;
1815 	}
1816 
1817 	sd_group = le32_to_cpu(sd->Group);
1818 	if (sd_group) {
1819 		const struct SID *group = Add2Ptr(sd, sd_group);
1820 
1821 		if (sd_group + offsetof(struct SID, SubAuthority) > len)
1822 			return false;
1823 
1824 		if (group->Revision != 1)
1825 			return false;
1826 
1827 		if (sd_group + sid_length(group) > len)
1828 			return false;
1829 	}
1830 
1831 	sd_sacl = le32_to_cpu(sd->Sacl);
1832 	if (sd_sacl) {
1833 		const struct ACL *sacl = Add2Ptr(sd, sd_sacl);
1834 
1835 		if (sd_sacl + sizeof(struct ACL) > len)
1836 			return false;
1837 
1838 		if (!is_acl_valid(sacl, len - sd_sacl))
1839 			return false;
1840 	}
1841 
1842 	sd_dacl = le32_to_cpu(sd->Dacl);
1843 	if (sd_dacl) {
1844 		const struct ACL *dacl = Add2Ptr(sd, sd_dacl);
1845 
1846 		if (sd_dacl + sizeof(struct ACL) > len)
1847 			return false;
1848 
1849 		if (!is_acl_valid(dacl, len - sd_dacl))
1850 			return false;
1851 	}
1852 
1853 	return true;
1854 }
1855 
1856 /*
1857  * ntfs_security_init - Load and parse $Secure.
1858  */
ntfs_security_init(struct ntfs_sb_info * sbi)1859 int ntfs_security_init(struct ntfs_sb_info *sbi)
1860 {
1861 	int err;
1862 	struct super_block *sb = sbi->sb;
1863 	struct inode *inode;
1864 	struct ntfs_inode *ni;
1865 	struct MFT_REF ref;
1866 	struct ATTRIB *attr;
1867 	struct ATTR_LIST_ENTRY *le;
1868 	u64 sds_size;
1869 	size_t off;
1870 	struct NTFS_DE *ne;
1871 	struct NTFS_DE_SII *sii_e;
1872 	struct ntfs_fnd *fnd_sii = NULL;
1873 	const struct INDEX_ROOT *root_sii;
1874 	const struct INDEX_ROOT *root_sdh;
1875 	struct ntfs_index *indx_sdh = &sbi->security.index_sdh;
1876 	struct ntfs_index *indx_sii = &sbi->security.index_sii;
1877 
1878 	ref.low = cpu_to_le32(MFT_REC_SECURE);
1879 	ref.high = 0;
1880 	ref.seq = cpu_to_le16(MFT_REC_SECURE);
1881 
1882 	inode = ntfs_iget5(sb, &ref, &NAME_SECURE);
1883 	if (IS_ERR(inode)) {
1884 		err = PTR_ERR(inode);
1885 		ntfs_err(sb, "Failed to load $Secure (%d).", err);
1886 		inode = NULL;
1887 		goto out;
1888 	}
1889 
1890 	ni = ntfs_i(inode);
1891 
1892 	le = NULL;
1893 
1894 	attr = ni_find_attr(ni, NULL, &le, ATTR_ROOT, SDH_NAME,
1895 			    ARRAY_SIZE(SDH_NAME), NULL, NULL);
1896 	if (!attr ||
1897 	    !(root_sdh = resident_data_ex(attr, sizeof(struct INDEX_ROOT))) ||
1898 	    root_sdh->type != ATTR_ZERO ||
1899 	    root_sdh->rule != NTFS_COLLATION_TYPE_SECURITY_HASH ||
1900 	    offsetof(struct INDEX_ROOT, ihdr) +
1901 			    le32_to_cpu(root_sdh->ihdr.used) >
1902 		    le32_to_cpu(attr->res.data_size)) {
1903 		ntfs_err(sb, "$Secure::$SDH is corrupted.");
1904 		err = -EINVAL;
1905 		goto out;
1906 	}
1907 
1908 	err = indx_init(indx_sdh, sbi, attr, INDEX_MUTEX_SDH);
1909 	if (err) {
1910 		ntfs_err(sb, "Failed to initialize $Secure::$SDH (%d).", err);
1911 		goto out;
1912 	}
1913 
1914 	attr = ni_find_attr(ni, attr, &le, ATTR_ROOT, SII_NAME,
1915 			    ARRAY_SIZE(SII_NAME), NULL, NULL);
1916 	if (!attr ||
1917 	    !(root_sii = resident_data_ex(attr, sizeof(struct INDEX_ROOT))) ||
1918 	    root_sii->type != ATTR_ZERO ||
1919 	    root_sii->rule != NTFS_COLLATION_TYPE_UINT ||
1920 	    offsetof(struct INDEX_ROOT, ihdr) +
1921 			    le32_to_cpu(root_sii->ihdr.used) >
1922 		    le32_to_cpu(attr->res.data_size)) {
1923 		ntfs_err(sb, "$Secure::$SII is corrupted.");
1924 		err = -EINVAL;
1925 		goto out;
1926 	}
1927 
1928 	err = indx_init(indx_sii, sbi, attr, INDEX_MUTEX_SII);
1929 	if (err) {
1930 		ntfs_err(sb, "Failed to initialize $Secure::$SII (%d).", err);
1931 		goto out;
1932 	}
1933 
1934 	fnd_sii = fnd_get();
1935 	if (!fnd_sii) {
1936 		err = -ENOMEM;
1937 		goto out;
1938 	}
1939 
1940 	sds_size = inode->i_size;
1941 
1942 	/* Find the last valid Id. */
1943 	sbi->security.next_id = SECURITY_ID_FIRST;
1944 	/* Always write new security at the end of bucket. */
1945 	sbi->security.next_off =
1946 		ALIGN(sds_size - SecurityDescriptorsBlockSize, 16);
1947 
1948 	off = 0;
1949 	ne = NULL;
1950 
1951 	for (;;) {
1952 		u32 next_id;
1953 
1954 		err = indx_find_raw(indx_sii, ni, root_sii, &ne, &off, fnd_sii);
1955 		if (err || !ne)
1956 			break;
1957 
1958 		sii_e = (struct NTFS_DE_SII *)ne;
1959 		if (le16_to_cpu(ne->view.data_size) < sizeof(sii_e->sec_hdr))
1960 			continue;
1961 
1962 		next_id = le32_to_cpu(sii_e->sec_id) + 1;
1963 		if (next_id >= sbi->security.next_id)
1964 			sbi->security.next_id = next_id;
1965 	}
1966 
1967 	sbi->security.ni = ni;
1968 	inode = NULL;
1969 out:
1970 	iput(inode);
1971 	fnd_put(fnd_sii);
1972 
1973 	return err;
1974 }
1975 
1976 /*
1977  * ntfs_get_security_by_id - Read security descriptor by id.
1978  */
ntfs_get_security_by_id(struct ntfs_sb_info * sbi,__le32 security_id,struct SECURITY_DESCRIPTOR_RELATIVE ** sd,size_t * size)1979 int ntfs_get_security_by_id(struct ntfs_sb_info *sbi, __le32 security_id,
1980 			    struct SECURITY_DESCRIPTOR_RELATIVE **sd,
1981 			    size_t *size)
1982 {
1983 	int err;
1984 	int diff;
1985 	struct ntfs_inode *ni = sbi->security.ni;
1986 	struct ntfs_index *indx = &sbi->security.index_sii;
1987 	void *p = NULL;
1988 	struct NTFS_DE_SII *sii_e;
1989 	struct ntfs_fnd *fnd_sii;
1990 	struct SECURITY_HDR d_security;
1991 	const struct INDEX_ROOT *root_sii;
1992 	u32 t32;
1993 
1994 	*sd = NULL;
1995 
1996 	mutex_lock_nested(&ni->ni_lock, NTFS_INODE_MUTEX_SECURITY);
1997 
1998 	fnd_sii = fnd_get();
1999 	if (!fnd_sii) {
2000 		err = -ENOMEM;
2001 		goto out;
2002 	}
2003 
2004 	root_sii = indx_get_root(indx, ni, NULL, NULL);
2005 	if (!root_sii) {
2006 		err = -EINVAL;
2007 		goto out;
2008 	}
2009 
2010 	/* Try to find this SECURITY descriptor in SII indexes. */
2011 	err = indx_find(indx, ni, root_sii, &security_id, sizeof(security_id),
2012 			NULL, &diff, (struct NTFS_DE **)&sii_e, fnd_sii);
2013 	if (err)
2014 		goto out;
2015 
2016 	if (diff)
2017 		goto out;
2018 
2019 	t32 = le32_to_cpu(sii_e->sec_hdr.size);
2020 	if (t32 < sizeof(struct SECURITY_HDR)) {
2021 		err = -EINVAL;
2022 		goto out;
2023 	}
2024 
2025 	if (t32 > sizeof(struct SECURITY_HDR) + 0x10000) {
2026 		/* Looks like too big security. 0x10000 - is arbitrary big number. */
2027 		err = -EFBIG;
2028 		goto out;
2029 	}
2030 
2031 	*size = t32 - sizeof(struct SECURITY_HDR);
2032 
2033 	p = kmalloc(*size, GFP_NOFS);
2034 	if (!p) {
2035 		err = -ENOMEM;
2036 		goto out;
2037 	}
2038 
2039 	err = ntfs_read_run_nb(sbi, &ni->file.run,
2040 			       le64_to_cpu(sii_e->sec_hdr.off), &d_security,
2041 			       sizeof(d_security), NULL);
2042 	if (err)
2043 		goto out;
2044 
2045 	if (memcmp(&d_security, &sii_e->sec_hdr, sizeof(d_security))) {
2046 		err = -EINVAL;
2047 		goto out;
2048 	}
2049 
2050 	err = ntfs_read_run_nb(sbi, &ni->file.run,
2051 			       le64_to_cpu(sii_e->sec_hdr.off) +
2052 				       sizeof(struct SECURITY_HDR),
2053 			       p, *size, NULL);
2054 	if (err)
2055 		goto out;
2056 
2057 	*sd = p;
2058 	p = NULL;
2059 
2060 out:
2061 	kfree(p);
2062 	fnd_put(fnd_sii);
2063 	ni_unlock(ni);
2064 
2065 	return err;
2066 }
2067 
2068 /*
2069  * ntfs_insert_security - Insert security descriptor into $Secure::SDS.
2070  *
2071  * SECURITY Descriptor Stream data is organized into chunks of 256K bytes
2072  * and it contains a mirror copy of each security descriptor.  When writing
2073  * to a security descriptor at location X, another copy will be written at
2074  * location (X+256K).
2075  * When writing a security descriptor that will cross the 256K boundary,
2076  * the pointer will be advanced by 256K to skip
2077  * over the mirror portion.
2078  */
ntfs_insert_security(struct ntfs_sb_info * sbi,const struct SECURITY_DESCRIPTOR_RELATIVE * sd,u32 size_sd,__le32 * security_id,bool * inserted)2079 int ntfs_insert_security(struct ntfs_sb_info *sbi,
2080 			 const struct SECURITY_DESCRIPTOR_RELATIVE *sd,
2081 			 u32 size_sd, __le32 *security_id, bool *inserted)
2082 {
2083 	int err, diff;
2084 	struct ntfs_inode *ni = sbi->security.ni;
2085 	struct ntfs_index *indx_sdh = &sbi->security.index_sdh;
2086 	struct ntfs_index *indx_sii = &sbi->security.index_sii;
2087 	struct NTFS_DE_SDH *e;
2088 	struct NTFS_DE_SDH sdh_e;
2089 	struct NTFS_DE_SII sii_e;
2090 	struct SECURITY_HDR *d_security;
2091 	u32 new_sec_size = size_sd + sizeof(struct SECURITY_HDR);
2092 	u32 aligned_sec_size = ALIGN(new_sec_size, 16);
2093 	struct SECURITY_KEY hash_key;
2094 	struct ntfs_fnd *fnd_sdh = NULL;
2095 	const struct INDEX_ROOT *root_sdh;
2096 	const struct INDEX_ROOT *root_sii;
2097 	u64 mirr_off, new_sds_size;
2098 	u32 next, left;
2099 
2100 	static_assert((1 << Log2OfSecurityDescriptorsBlockSize) ==
2101 		      SecurityDescriptorsBlockSize);
2102 
2103 	hash_key.hash = security_hash(sd, size_sd);
2104 	hash_key.sec_id = SECURITY_ID_INVALID;
2105 
2106 	if (inserted)
2107 		*inserted = false;
2108 	*security_id = SECURITY_ID_INVALID;
2109 
2110 	/* Allocate a temporal buffer. */
2111 	d_security = kzalloc(aligned_sec_size, GFP_NOFS);
2112 	if (!d_security)
2113 		return -ENOMEM;
2114 
2115 	mutex_lock_nested(&ni->ni_lock, NTFS_INODE_MUTEX_SECURITY);
2116 
2117 	fnd_sdh = fnd_get();
2118 	if (!fnd_sdh) {
2119 		err = -ENOMEM;
2120 		goto out;
2121 	}
2122 
2123 	root_sdh = indx_get_root(indx_sdh, ni, NULL, NULL);
2124 	if (!root_sdh) {
2125 		err = -EINVAL;
2126 		goto out;
2127 	}
2128 
2129 	root_sii = indx_get_root(indx_sii, ni, NULL, NULL);
2130 	if (!root_sii) {
2131 		err = -EINVAL;
2132 		goto out;
2133 	}
2134 
2135 	/*
2136 	 * Check if such security already exists.
2137 	 * Use "SDH" and hash -> to get the offset in "SDS".
2138 	 */
2139 	err = indx_find(indx_sdh, ni, root_sdh, &hash_key, sizeof(hash_key),
2140 			&d_security->key.sec_id, &diff, (struct NTFS_DE **)&e,
2141 			fnd_sdh);
2142 	if (err)
2143 		goto out;
2144 
2145 	while (e) {
2146 		if (le32_to_cpu(e->sec_hdr.size) == new_sec_size) {
2147 			err = ntfs_read_run_nb(sbi, &ni->file.run,
2148 					       le64_to_cpu(e->sec_hdr.off),
2149 					       d_security, new_sec_size, NULL);
2150 			if (err)
2151 				goto out;
2152 
2153 			if (le32_to_cpu(d_security->size) == new_sec_size &&
2154 			    d_security->key.hash == hash_key.hash &&
2155 			    !memcmp(d_security + 1, sd, size_sd)) {
2156 				*security_id = d_security->key.sec_id;
2157 				/* Such security already exists. */
2158 				err = 0;
2159 				goto out;
2160 			}
2161 		}
2162 
2163 		err = indx_find_sort(indx_sdh, ni, root_sdh,
2164 				     (struct NTFS_DE **)&e, fnd_sdh);
2165 		if (err)
2166 			goto out;
2167 
2168 		if (!e || e->key.hash != hash_key.hash)
2169 			break;
2170 	}
2171 
2172 	/* Zero unused space. */
2173 	next = sbi->security.next_off & (SecurityDescriptorsBlockSize - 1);
2174 	left = SecurityDescriptorsBlockSize - next;
2175 
2176 	/* Zero gap until SecurityDescriptorsBlockSize. */
2177 	if (left < new_sec_size) {
2178 		/* Zero "left" bytes from sbi->security.next_off. */
2179 		sbi->security.next_off += SecurityDescriptorsBlockSize + left;
2180 	}
2181 
2182 	/* Zero tail of previous security. */
2183 	//used = ni->vfs_inode.i_size & (SecurityDescriptorsBlockSize - 1);
2184 
2185 	/*
2186 	 * Example:
2187 	 * 0x40438 == ni->vfs_inode.i_size
2188 	 * 0x00440 == sbi->security.next_off
2189 	 * need to zero [0x438-0x440)
2190 	 * if (next > used) {
2191 	 *  u32 tozero = next - used;
2192 	 *  zero "tozero" bytes from sbi->security.next_off - tozero
2193 	 */
2194 
2195 	/* Format new security descriptor. */
2196 	d_security->key.hash = hash_key.hash;
2197 	d_security->key.sec_id = cpu_to_le32(sbi->security.next_id);
2198 	d_security->off = cpu_to_le64(sbi->security.next_off);
2199 	d_security->size = cpu_to_le32(new_sec_size);
2200 	memcpy(d_security + 1, sd, size_sd);
2201 
2202 	/* Write main SDS bucket. */
2203 	err = ntfs_sb_write_run(sbi, &ni->file.run, sbi->security.next_off,
2204 				d_security, aligned_sec_size, 0);
2205 
2206 	if (err)
2207 		goto out;
2208 
2209 	mirr_off = sbi->security.next_off + SecurityDescriptorsBlockSize;
2210 	new_sds_size = mirr_off + aligned_sec_size;
2211 
2212 	if (new_sds_size > ni->vfs_inode.i_size) {
2213 		err = attr_set_size(ni, ATTR_DATA, SDS_NAME,
2214 				    ARRAY_SIZE(SDS_NAME), &ni->file.run,
2215 				    new_sds_size, &new_sds_size, false, NULL);
2216 		if (err)
2217 			goto out;
2218 	}
2219 
2220 	/* Write copy SDS bucket. */
2221 	err = ntfs_sb_write_run(sbi, &ni->file.run, mirr_off, d_security,
2222 				aligned_sec_size, 0);
2223 	if (err)
2224 		goto out;
2225 
2226 	/* Fill SII entry. */
2227 	sii_e.de.view.data_off =
2228 		cpu_to_le16(offsetof(struct NTFS_DE_SII, sec_hdr));
2229 	sii_e.de.view.data_size = cpu_to_le16(sizeof(struct SECURITY_HDR));
2230 	sii_e.de.view.res = 0;
2231 	sii_e.de.size = cpu_to_le16(sizeof(struct NTFS_DE_SII));
2232 	sii_e.de.key_size = cpu_to_le16(sizeof(d_security->key.sec_id));
2233 	sii_e.de.flags = 0;
2234 	sii_e.de.res = 0;
2235 	sii_e.sec_id = d_security->key.sec_id;
2236 	memcpy(&sii_e.sec_hdr, d_security, sizeof(struct SECURITY_HDR));
2237 
2238 	err = indx_insert_entry(indx_sii, ni, &sii_e.de, NULL, NULL, 0);
2239 	if (err)
2240 		goto out;
2241 
2242 	/* Fill SDH entry. */
2243 	sdh_e.de.view.data_off =
2244 		cpu_to_le16(offsetof(struct NTFS_DE_SDH, sec_hdr));
2245 	sdh_e.de.view.data_size = cpu_to_le16(sizeof(struct SECURITY_HDR));
2246 	sdh_e.de.view.res = 0;
2247 	sdh_e.de.size = cpu_to_le16(SIZEOF_SDH_DIRENTRY);
2248 	sdh_e.de.key_size = cpu_to_le16(sizeof(sdh_e.key));
2249 	sdh_e.de.flags = 0;
2250 	sdh_e.de.res = 0;
2251 	sdh_e.key.hash = d_security->key.hash;
2252 	sdh_e.key.sec_id = d_security->key.sec_id;
2253 	memcpy(&sdh_e.sec_hdr, d_security, sizeof(struct SECURITY_HDR));
2254 	sdh_e.magic[0] = cpu_to_le16('I');
2255 	sdh_e.magic[1] = cpu_to_le16('I');
2256 
2257 	fnd_clear(fnd_sdh);
2258 	err = indx_insert_entry(indx_sdh, ni, &sdh_e.de, (void *)(size_t)1,
2259 				fnd_sdh, 0);
2260 	if (err)
2261 		goto out;
2262 
2263 	*security_id = d_security->key.sec_id;
2264 	if (inserted)
2265 		*inserted = true;
2266 
2267 	/* Update Id and offset for next descriptor. */
2268 	sbi->security.next_id += 1;
2269 	sbi->security.next_off += aligned_sec_size;
2270 
2271 out:
2272 	fnd_put(fnd_sdh);
2273 	mark_inode_dirty(&ni->vfs_inode);
2274 	ni_unlock(ni);
2275 	kfree(d_security);
2276 
2277 	return err;
2278 }
2279 
2280 /*
2281  * ntfs_reparse_init - Load and parse $Extend/$Reparse.
2282  */
ntfs_reparse_init(struct ntfs_sb_info * sbi)2283 int ntfs_reparse_init(struct ntfs_sb_info *sbi)
2284 {
2285 	int err;
2286 	struct ntfs_inode *ni = sbi->reparse.ni;
2287 	struct ntfs_index *indx = &sbi->reparse.index_r;
2288 	struct ATTRIB *attr;
2289 	struct ATTR_LIST_ENTRY *le;
2290 	const struct INDEX_ROOT *root_r;
2291 
2292 	if (!ni)
2293 		return 0;
2294 
2295 	le = NULL;
2296 	attr = ni_find_attr(ni, NULL, &le, ATTR_ROOT, SR_NAME,
2297 			    ARRAY_SIZE(SR_NAME), NULL, NULL);
2298 	if (!attr) {
2299 		err = -EINVAL;
2300 		goto out;
2301 	}
2302 
2303 	root_r = resident_data(attr);
2304 	if (root_r->type != ATTR_ZERO ||
2305 	    root_r->rule != NTFS_COLLATION_TYPE_UINTS) {
2306 		err = -EINVAL;
2307 		goto out;
2308 	}
2309 
2310 	err = indx_init(indx, sbi, attr, INDEX_MUTEX_SR);
2311 	if (err)
2312 		goto out;
2313 
2314 out:
2315 	return err;
2316 }
2317 
2318 /*
2319  * ntfs_objid_init - Load and parse $Extend/$ObjId.
2320  */
ntfs_objid_init(struct ntfs_sb_info * sbi)2321 int ntfs_objid_init(struct ntfs_sb_info *sbi)
2322 {
2323 	int err;
2324 	struct ntfs_inode *ni = sbi->objid.ni;
2325 	struct ntfs_index *indx = &sbi->objid.index_o;
2326 	struct ATTRIB *attr;
2327 	struct ATTR_LIST_ENTRY *le;
2328 	const struct INDEX_ROOT *root;
2329 
2330 	if (!ni)
2331 		return 0;
2332 
2333 	le = NULL;
2334 	attr = ni_find_attr(ni, NULL, &le, ATTR_ROOT, SO_NAME,
2335 			    ARRAY_SIZE(SO_NAME), NULL, NULL);
2336 	if (!attr) {
2337 		err = -EINVAL;
2338 		goto out;
2339 	}
2340 
2341 	root = resident_data(attr);
2342 	if (root->type != ATTR_ZERO ||
2343 	    root->rule != NTFS_COLLATION_TYPE_UINTS) {
2344 		err = -EINVAL;
2345 		goto out;
2346 	}
2347 
2348 	err = indx_init(indx, sbi, attr, INDEX_MUTEX_SO);
2349 	if (err)
2350 		goto out;
2351 
2352 out:
2353 	return err;
2354 }
2355 
ntfs_objid_remove(struct ntfs_sb_info * sbi,struct GUID * guid)2356 int ntfs_objid_remove(struct ntfs_sb_info *sbi, struct GUID *guid)
2357 {
2358 	int err;
2359 	struct ntfs_inode *ni = sbi->objid.ni;
2360 	struct ntfs_index *indx = &sbi->objid.index_o;
2361 
2362 	if (!ni)
2363 		return -EINVAL;
2364 
2365 	mutex_lock_nested(&ni->ni_lock, NTFS_INODE_MUTEX_OBJID);
2366 
2367 	err = indx_delete_entry(indx, ni, guid, sizeof(*guid), NULL);
2368 
2369 	mark_inode_dirty(&ni->vfs_inode);
2370 	ni_unlock(ni);
2371 
2372 	return err;
2373 }
2374 
ntfs_insert_reparse(struct ntfs_sb_info * sbi,__le32 rtag,const struct MFT_REF * ref)2375 int ntfs_insert_reparse(struct ntfs_sb_info *sbi, __le32 rtag,
2376 			const struct MFT_REF *ref)
2377 {
2378 	int err;
2379 	struct ntfs_inode *ni = sbi->reparse.ni;
2380 	struct ntfs_index *indx = &sbi->reparse.index_r;
2381 	struct NTFS_DE_R re;
2382 
2383 	if (!ni)
2384 		return -EINVAL;
2385 
2386 	memset(&re, 0, sizeof(re));
2387 
2388 	re.de.view.data_off = cpu_to_le16(offsetof(struct NTFS_DE_R, zero));
2389 	re.de.size = cpu_to_le16(sizeof(struct NTFS_DE_R));
2390 	re.de.key_size = cpu_to_le16(sizeof(re.key));
2391 
2392 	re.key.ReparseTag = rtag;
2393 	memcpy(&re.key.ref, ref, sizeof(*ref));
2394 
2395 	mutex_lock_nested(&ni->ni_lock, NTFS_INODE_MUTEX_REPARSE);
2396 
2397 	err = indx_insert_entry(indx, ni, &re.de, NULL, NULL, 0);
2398 
2399 	mark_inode_dirty(&ni->vfs_inode);
2400 	ni_unlock(ni);
2401 
2402 	return err;
2403 }
2404 
ntfs_remove_reparse(struct ntfs_sb_info * sbi,__le32 rtag,const struct MFT_REF * ref)2405 int ntfs_remove_reparse(struct ntfs_sb_info *sbi, __le32 rtag,
2406 			const struct MFT_REF *ref)
2407 {
2408 	int err, diff;
2409 	struct ntfs_inode *ni = sbi->reparse.ni;
2410 	struct ntfs_index *indx = &sbi->reparse.index_r;
2411 	struct ntfs_fnd *fnd = NULL;
2412 	struct REPARSE_KEY rkey;
2413 	struct NTFS_DE_R *re;
2414 	struct INDEX_ROOT *root_r;
2415 
2416 	if (!ni)
2417 		return -EINVAL;
2418 
2419 	rkey.ReparseTag = rtag;
2420 	rkey.ref = *ref;
2421 
2422 	mutex_lock_nested(&ni->ni_lock, NTFS_INODE_MUTEX_REPARSE);
2423 
2424 	if (rtag) {
2425 		err = indx_delete_entry(indx, ni, &rkey, sizeof(rkey), NULL);
2426 		goto out1;
2427 	}
2428 
2429 	fnd = fnd_get();
2430 	if (!fnd) {
2431 		err = -ENOMEM;
2432 		goto out1;
2433 	}
2434 
2435 	root_r = indx_get_root(indx, ni, NULL, NULL);
2436 	if (!root_r) {
2437 		err = -EINVAL;
2438 		goto out;
2439 	}
2440 
2441 	/* 1 - forces to ignore rkey.ReparseTag when comparing keys. */
2442 	err = indx_find(indx, ni, root_r, &rkey, sizeof(rkey), (void *)1, &diff,
2443 			(struct NTFS_DE **)&re, fnd);
2444 	if (err)
2445 		goto out;
2446 
2447 	if (memcmp(&re->key.ref, ref, sizeof(*ref))) {
2448 		/* Impossible. Looks like volume corrupt? */
2449 		goto out;
2450 	}
2451 
2452 	memcpy(&rkey, &re->key, sizeof(rkey));
2453 
2454 	fnd_put(fnd);
2455 	fnd = NULL;
2456 
2457 	err = indx_delete_entry(indx, ni, &rkey, sizeof(rkey), NULL);
2458 	if (err)
2459 		goto out;
2460 
2461 out:
2462 	fnd_put(fnd);
2463 
2464 out1:
2465 	mark_inode_dirty(&ni->vfs_inode);
2466 	ni_unlock(ni);
2467 
2468 	return err;
2469 }
2470 
ntfs_unmap_and_discard(struct ntfs_sb_info * sbi,CLST lcn,CLST len)2471 static inline void ntfs_unmap_and_discard(struct ntfs_sb_info *sbi, CLST lcn,
2472 					  CLST len)
2473 {
2474 	ntfs_unmap_meta(sbi->sb, lcn, len);
2475 	ntfs_discard(sbi, lcn, len);
2476 }
2477 
mark_as_free_ex(struct ntfs_sb_info * sbi,CLST lcn,CLST len,bool trim)2478 void mark_as_free_ex(struct ntfs_sb_info *sbi, CLST lcn, CLST len, bool trim)
2479 {
2480 	CLST end, i, zone_len, zlen;
2481 	struct wnd_bitmap *wnd = &sbi->used.bitmap;
2482 	bool dirty = false;
2483 
2484 	down_write_nested(&wnd->rw_lock, BITMAP_MUTEX_CLUSTERS);
2485 	if (!wnd_is_used(wnd, lcn, len)) {
2486 		/* mark volume as dirty out of wnd->rw_lock */
2487 		dirty = true;
2488 
2489 		end = lcn + len;
2490 		len = 0;
2491 		for (i = lcn; i < end; i++) {
2492 			if (wnd_is_used(wnd, i, 1)) {
2493 				if (!len)
2494 					lcn = i;
2495 				len += 1;
2496 				continue;
2497 			}
2498 
2499 			if (!len)
2500 				continue;
2501 
2502 			if (trim)
2503 				ntfs_unmap_and_discard(sbi, lcn, len);
2504 
2505 			wnd_set_free(wnd, lcn, len);
2506 			len = 0;
2507 		}
2508 
2509 		if (!len)
2510 			goto out;
2511 	}
2512 
2513 	if (trim)
2514 		ntfs_unmap_and_discard(sbi, lcn, len);
2515 	wnd_set_free(wnd, lcn, len);
2516 
2517 	/* append to MFT zone, if possible. */
2518 	zone_len = wnd_zone_len(wnd);
2519 	zlen = min(zone_len + len, sbi->zone_max);
2520 
2521 	if (zlen == zone_len) {
2522 		/* MFT zone already has maximum size. */
2523 	} else if (!zone_len) {
2524 		/* Create MFT zone only if 'zlen' is large enough. */
2525 		if (zlen == sbi->zone_max)
2526 			wnd_zone_set(wnd, lcn, zlen);
2527 	} else {
2528 		CLST zone_lcn = wnd_zone_bit(wnd);
2529 
2530 		if (lcn + len == zone_lcn) {
2531 			/* Append into head MFT zone. */
2532 			wnd_zone_set(wnd, lcn, zlen);
2533 		} else if (zone_lcn + zone_len == lcn) {
2534 			/* Append into tail MFT zone. */
2535 			wnd_zone_set(wnd, zone_lcn, zlen);
2536 		}
2537 	}
2538 
2539 out:
2540 	up_write(&wnd->rw_lock);
2541 	if (dirty)
2542 		ntfs_set_state(sbi, NTFS_DIRTY_ERROR);
2543 }
2544 
2545 /*
2546  * run_deallocate - Deallocate clusters.
2547  */
run_deallocate(struct ntfs_sb_info * sbi,const struct runs_tree * run,bool trim)2548 int run_deallocate(struct ntfs_sb_info *sbi, const struct runs_tree *run,
2549 		   bool trim)
2550 {
2551 	CLST lcn, len;
2552 	size_t idx = 0;
2553 
2554 	while (run_get_entry(run, idx++, NULL, &lcn, &len)) {
2555 		if (lcn == SPARSE_LCN)
2556 			continue;
2557 
2558 		mark_as_free_ex(sbi, lcn, len, trim);
2559 	}
2560 
2561 	return 0;
2562 }
2563 
name_has_forbidden_chars(const struct le_str * fname)2564 static inline bool name_has_forbidden_chars(const struct le_str *fname)
2565 {
2566 	int i, ch;
2567 
2568 	/* check for forbidden chars */
2569 	for (i = 0; i < fname->len; ++i) {
2570 		ch = le16_to_cpu(fname->name[i]);
2571 
2572 		/* control chars */
2573 		if (ch < 0x20)
2574 			return true;
2575 
2576 		switch (ch) {
2577 		/* disallowed by Windows */
2578 		case '\\':
2579 		case '/':
2580 		case ':':
2581 		case '*':
2582 		case '?':
2583 		case '<':
2584 		case '>':
2585 		case '|':
2586 		case '\"':
2587 			return true;
2588 
2589 		default:
2590 			/* allowed char */
2591 			break;
2592 		}
2593 	}
2594 
2595 	/* file names cannot end with space or . */
2596 	if (fname->len > 0) {
2597 		ch = le16_to_cpu(fname->name[fname->len - 1]);
2598 		if (ch == ' ' || ch == '.')
2599 			return true;
2600 	}
2601 
2602 	return false;
2603 }
2604 
is_reserved_name(const struct ntfs_sb_info * sbi,const struct le_str * fname)2605 static inline bool is_reserved_name(const struct ntfs_sb_info *sbi,
2606 				    const struct le_str *fname)
2607 {
2608 	int port_digit;
2609 	const __le16 *name = fname->name;
2610 	int len = fname->len;
2611 	const u16 *upcase = sbi->upcase;
2612 
2613 	/* check for 3 chars reserved names (device names) */
2614 	/* name by itself or with any extension is forbidden */
2615 	if (len == 3 || (len > 3 && le16_to_cpu(name[3]) == '.'))
2616 		if (!ntfs_cmp_names(name, 3, CON_NAME, 3, upcase, false) ||
2617 		    !ntfs_cmp_names(name, 3, NUL_NAME, 3, upcase, false) ||
2618 		    !ntfs_cmp_names(name, 3, AUX_NAME, 3, upcase, false) ||
2619 		    !ntfs_cmp_names(name, 3, PRN_NAME, 3, upcase, false))
2620 			return true;
2621 
2622 	/* check for 4 chars reserved names (port name followed by 1..9) */
2623 	/* name by itself or with any extension is forbidden */
2624 	if (len == 4 || (len > 4 && le16_to_cpu(name[4]) == '.')) {
2625 		port_digit = le16_to_cpu(name[3]);
2626 		if (port_digit >= '1' && port_digit <= '9')
2627 			if (!ntfs_cmp_names(name, 3, COM_NAME, 3, upcase,
2628 					    false) ||
2629 			    !ntfs_cmp_names(name, 3, LPT_NAME, 3, upcase,
2630 					    false))
2631 				return true;
2632 	}
2633 
2634 	return false;
2635 }
2636 
2637 /*
2638  * valid_windows_name - Check if a file name is valid in Windows.
2639  */
valid_windows_name(struct ntfs_sb_info * sbi,const struct le_str * fname)2640 bool valid_windows_name(struct ntfs_sb_info *sbi, const struct le_str *fname)
2641 {
2642 	return !name_has_forbidden_chars(fname) &&
2643 	       !is_reserved_name(sbi, fname);
2644 }
2645 
2646 /*
2647  * ntfs_set_label - updates current ntfs label.
2648  */
ntfs_set_label(struct ntfs_sb_info * sbi,u8 * label,int len)2649 int ntfs_set_label(struct ntfs_sb_info *sbi, u8 *label, int len)
2650 {
2651 	int err;
2652 	struct ATTRIB *attr;
2653 	struct ntfs_inode *ni = sbi->volume.ni;
2654 	const u8 max_ulen = 0x80; /* TODO: use attrdef to get maximum length */
2655 	/* Allocate PATH_MAX bytes. */
2656 	struct cpu_str *uni = __getname();
2657 
2658 	if (!uni)
2659 		return -ENOMEM;
2660 
2661 	err = ntfs_nls_to_utf16(sbi, label, len, uni, (PATH_MAX - 2) / 2,
2662 				UTF16_LITTLE_ENDIAN);
2663 	if (err < 0)
2664 		goto out;
2665 
2666 	if (uni->len > max_ulen) {
2667 		ntfs_warn(sbi->sb, "new label is too long");
2668 		err = -EFBIG;
2669 		goto out;
2670 	}
2671 
2672 	ni_lock(ni);
2673 
2674 	/* Ignore any errors. */
2675 	ni_remove_attr(ni, ATTR_LABEL, NULL, 0, false, NULL);
2676 
2677 	err = ni_insert_resident(ni, uni->len * sizeof(u16), ATTR_LABEL, NULL,
2678 				 0, &attr, NULL, NULL);
2679 	if (err < 0)
2680 		goto unlock_out;
2681 
2682 	/* write new label in on-disk struct. */
2683 	memcpy(resident_data(attr), uni->name, uni->len * sizeof(u16));
2684 
2685 	/* update cached value of current label. */
2686 	if (len >= ARRAY_SIZE(sbi->volume.label))
2687 		len = ARRAY_SIZE(sbi->volume.label) - 1;
2688 	memcpy(sbi->volume.label, label, len);
2689 	sbi->volume.label[len] = 0;
2690 	mark_inode_dirty_sync(&ni->vfs_inode);
2691 
2692 unlock_out:
2693 	ni_unlock(ni);
2694 
2695 	if (!err)
2696 		err = _ni_write_inode(&ni->vfs_inode, 0);
2697 
2698 out:
2699 	__putname(uni);
2700 	return err;
2701 }