1 /*
2 * linux/fs/hpfs/map.c
3 *
4 * Mikulas Patocka (mikulas@artax.karlin.mff.cuni.cz), 1998-1999
5 *
6 * mapping structures to memory with some minimal checks
7 */
8
9 #include "hpfs_fn.h"
10
hpfs_map_dnode_bitmap(struct super_block * s,struct quad_buffer_head * qbh)11 unsigned *hpfs_map_dnode_bitmap(struct super_block *s, struct quad_buffer_head *qbh)
12 {
13 return hpfs_map_4sectors(s, hpfs_sb(s)->sb_dmap, qbh, 0);
14 }
15
hpfs_map_bitmap(struct super_block * s,unsigned bmp_block,struct quad_buffer_head * qbh,char * id)16 unsigned int *hpfs_map_bitmap(struct super_block *s, unsigned bmp_block,
17 struct quad_buffer_head *qbh, char *id)
18 {
19 secno sec;
20 unsigned n_bands = (hpfs_sb(s)->sb_fs_size + 0x3fff) >> 14;
21 if (hpfs_sb(s)->sb_chk) if (bmp_block >= n_bands) {
22 hpfs_error(s, "hpfs_map_bitmap called with bad parameter: %08x at %s", bmp_block, id);
23 return NULL;
24 }
25 sec = le32_to_cpu(hpfs_sb(s)->sb_bmp_dir[bmp_block]);
26 if (!sec || sec > hpfs_sb(s)->sb_fs_size-4) {
27 hpfs_error(s, "invalid bitmap block pointer %08x -> %08x at %s", bmp_block, sec, id);
28 return NULL;
29 }
30 return hpfs_map_4sectors(s, sec, qbh, 4);
31 }
32
33 /*
34 * Load first code page into kernel memory, return pointer to 256-byte array,
35 * first 128 bytes are uppercasing table for chars 128-255, next 128 bytes are
36 * lowercasing table
37 */
38
hpfs_load_code_page(struct super_block * s,secno cps)39 unsigned char *hpfs_load_code_page(struct super_block *s, secno cps)
40 {
41 struct buffer_head *bh;
42 secno cpds;
43 unsigned cpi;
44 unsigned char *ptr;
45 unsigned char *cp_table;
46 int i;
47 struct code_page_data *cpd;
48 struct code_page_directory *cp = hpfs_map_sector(s, cps, &bh, 0);
49 if (!cp) return NULL;
50 if (le32_to_cpu(cp->magic) != CP_DIR_MAGIC) {
51 printk("HPFS: Code page directory magic doesn't match (magic = %08x)\n", le32_to_cpu(cp->magic));
52 brelse(bh);
53 return NULL;
54 }
55 if (!le32_to_cpu(cp->n_code_pages)) {
56 printk("HPFS: n_code_pages == 0\n");
57 brelse(bh);
58 return NULL;
59 }
60 cpds = le32_to_cpu(cp->array[0].code_page_data);
61 cpi = le16_to_cpu(cp->array[0].index);
62 brelse(bh);
63
64 if (cpi >= 3) {
65 printk("HPFS: Code page index out of array\n");
66 return NULL;
67 }
68
69 if (!(cpd = hpfs_map_sector(s, cpds, &bh, 0))) return NULL;
70 if (le16_to_cpu(cpd->offs[cpi]) > 0x178) {
71 printk("HPFS: Code page index out of sector\n");
72 brelse(bh);
73 return NULL;
74 }
75 ptr = (unsigned char *)cpd + le16_to_cpu(cpd->offs[cpi]) + 6;
76 if (!(cp_table = kmalloc(256, GFP_KERNEL))) {
77 printk("HPFS: out of memory for code page table\n");
78 brelse(bh);
79 return NULL;
80 }
81 memcpy(cp_table, ptr, 128);
82 brelse(bh);
83
84 /* Try to build lowercasing table from uppercasing one */
85
86 for (i=128; i<256; i++) cp_table[i]=i;
87 for (i=128; i<256; i++) if (cp_table[i-128]!=i && cp_table[i-128]>=128)
88 cp_table[cp_table[i-128]] = i;
89
90 return cp_table;
91 }
92
hpfs_load_bitmap_directory(struct super_block * s,secno bmp)93 secno *hpfs_load_bitmap_directory(struct super_block *s, secno bmp)
94 {
95 struct buffer_head *bh;
96 int n = (hpfs_sb(s)->sb_fs_size + 0x200000 - 1) >> 21;
97 int i;
98 secno *b;
99 if (!(b = kmalloc(n * 512, GFP_KERNEL))) {
100 printk("HPFS: can't allocate memory for bitmap directory\n");
101 return NULL;
102 }
103 for (i=0;i<n;i++) {
104 secno *d = hpfs_map_sector(s, bmp+i, &bh, n - i - 1);
105 if (!d) {
106 kfree(b);
107 return NULL;
108 }
109 memcpy((char *)b + 512 * i, d, 512);
110 brelse(bh);
111 }
112 return b;
113 }
114
115 /*
116 * Load fnode to memory
117 */
118
hpfs_map_fnode(struct super_block * s,ino_t ino,struct buffer_head ** bhp)119 struct fnode *hpfs_map_fnode(struct super_block *s, ino_t ino, struct buffer_head **bhp)
120 {
121 struct fnode *fnode;
122 if (hpfs_sb(s)->sb_chk) if (hpfs_chk_sectors(s, ino, 1, "fnode")) {
123 return NULL;
124 }
125 if ((fnode = hpfs_map_sector(s, ino, bhp, FNODE_RD_AHEAD))) {
126 if (hpfs_sb(s)->sb_chk) {
127 struct extended_attribute *ea;
128 struct extended_attribute *ea_end;
129 if (le32_to_cpu(fnode->magic) != FNODE_MAGIC) {
130 hpfs_error(s, "bad magic on fnode %08lx",
131 (unsigned long)ino);
132 goto bail;
133 }
134 if (!fnode->dirflag) {
135 if ((unsigned)fnode->btree.n_used_nodes + (unsigned)fnode->btree.n_free_nodes !=
136 (fnode->btree.internal ? 12 : 8)) {
137 hpfs_error(s,
138 "bad number of nodes in fnode %08lx",
139 (unsigned long)ino);
140 goto bail;
141 }
142 if (le16_to_cpu(fnode->btree.first_free) !=
143 8 + fnode->btree.n_used_nodes * (fnode->btree.internal ? 8 : 12)) {
144 hpfs_error(s,
145 "bad first_free pointer in fnode %08lx",
146 (unsigned long)ino);
147 goto bail;
148 }
149 }
150 if (le16_to_cpu(fnode->ea_size_s) && (le16_to_cpu(fnode->ea_offs) < 0xc4 ||
151 le16_to_cpu(fnode->ea_offs) + le16_to_cpu(fnode->acl_size_s) + le16_to_cpu(fnode->ea_size_s) > 0x200)) {
152 hpfs_error(s,
153 "bad EA info in fnode %08lx: ea_offs == %04x ea_size_s == %04x",
154 (unsigned long)ino,
155 le16_to_cpu(fnode->ea_offs), le16_to_cpu(fnode->ea_size_s));
156 goto bail;
157 }
158 ea = fnode_ea(fnode);
159 ea_end = fnode_end_ea(fnode);
160 while (ea != ea_end) {
161 if (ea > ea_end) {
162 hpfs_error(s, "bad EA in fnode %08lx",
163 (unsigned long)ino);
164 goto bail;
165 }
166 ea = next_ea(ea);
167 }
168 }
169 }
170 return fnode;
171 bail:
172 brelse(*bhp);
173 return NULL;
174 }
175
hpfs_map_anode(struct super_block * s,anode_secno ano,struct buffer_head ** bhp)176 struct anode *hpfs_map_anode(struct super_block *s, anode_secno ano, struct buffer_head **bhp)
177 {
178 struct anode *anode;
179 if (hpfs_sb(s)->sb_chk) if (hpfs_chk_sectors(s, ano, 1, "anode")) return NULL;
180 if ((anode = hpfs_map_sector(s, ano, bhp, ANODE_RD_AHEAD)))
181 if (hpfs_sb(s)->sb_chk) {
182 if (le32_to_cpu(anode->magic) != ANODE_MAGIC) {
183 hpfs_error(s, "bad magic on anode %08x", ano);
184 goto bail;
185 }
186 if (le32_to_cpu(anode->self) != ano) {
187 hpfs_error(s, "self pointer invalid on anode %08x", ano);
188 goto bail;
189 }
190 if ((unsigned)anode->btree.n_used_nodes + (unsigned)anode->btree.n_free_nodes !=
191 (anode->btree.internal ? 60 : 40)) {
192 hpfs_error(s, "bad number of nodes in anode %08x", ano);
193 goto bail;
194 }
195 if (le16_to_cpu(anode->btree.first_free) !=
196 8 + anode->btree.n_used_nodes * (anode->btree.internal ? 8 : 12)) {
197 hpfs_error(s, "bad first_free pointer in anode %08x", ano);
198 goto bail;
199 }
200 }
201 return anode;
202 bail:
203 brelse(*bhp);
204 return NULL;
205 }
206
207 /*
208 * Load dnode to memory and do some checks
209 */
210
hpfs_map_dnode(struct super_block * s,unsigned secno,struct quad_buffer_head * qbh)211 struct dnode *hpfs_map_dnode(struct super_block *s, unsigned secno,
212 struct quad_buffer_head *qbh)
213 {
214 struct dnode *dnode;
215 if (hpfs_sb(s)->sb_chk) {
216 if (hpfs_chk_sectors(s, secno, 4, "dnode")) return NULL;
217 if (secno & 3) {
218 hpfs_error(s, "dnode %08x not byte-aligned", secno);
219 return NULL;
220 }
221 }
222 if ((dnode = hpfs_map_4sectors(s, secno, qbh, DNODE_RD_AHEAD)))
223 if (hpfs_sb(s)->sb_chk) {
224 unsigned p, pp = 0;
225 unsigned char *d = (unsigned char *)dnode;
226 int b = 0;
227 if (le32_to_cpu(dnode->magic) != DNODE_MAGIC) {
228 hpfs_error(s, "bad magic on dnode %08x", secno);
229 goto bail;
230 }
231 if (le32_to_cpu(dnode->self) != secno)
232 hpfs_error(s, "bad self pointer on dnode %08x self = %08x", secno, le32_to_cpu(dnode->self));
233 /* Check dirents - bad dirents would cause infinite
234 loops or shooting to memory */
235 if (le32_to_cpu(dnode->first_free) > 2048) {
236 hpfs_error(s, "dnode %08x has first_free == %08x", secno, le32_to_cpu(dnode->first_free));
237 goto bail;
238 }
239 for (p = 20; p < le32_to_cpu(dnode->first_free); p += d[p] + (d[p+1] << 8)) {
240 struct hpfs_dirent *de = (struct hpfs_dirent *)((char *)dnode + p);
241 if (le16_to_cpu(de->length) > 292 || (le16_to_cpu(de->length) < 32) || (le16_to_cpu(de->length) & 3) || p + le16_to_cpu(de->length) > 2048) {
242 hpfs_error(s, "bad dirent size in dnode %08x, dirent %03x, last %03x", secno, p, pp);
243 goto bail;
244 }
245 if (((31 + de->namelen + de->down*4 + 3) & ~3) != le16_to_cpu(de->length)) {
246 if (((31 + de->namelen + de->down*4 + 3) & ~3) < le16_to_cpu(de->length) && s->s_flags & MS_RDONLY) goto ok;
247 hpfs_error(s, "namelen does not match dirent size in dnode %08x, dirent %03x, last %03x", secno, p, pp);
248 goto bail;
249 }
250 ok:
251 if (hpfs_sb(s)->sb_chk >= 2) b |= 1 << de->down;
252 if (de->down) if (de_down_pointer(de) < 0x10) {
253 hpfs_error(s, "bad down pointer in dnode %08x, dirent %03x, last %03x", secno, p, pp);
254 goto bail;
255 }
256 pp = p;
257
258 }
259 if (p != le32_to_cpu(dnode->first_free)) {
260 hpfs_error(s, "size on last dirent does not match first_free; dnode %08x", secno);
261 goto bail;
262 }
263 if (d[pp + 30] != 1 || d[pp + 31] != 255) {
264 hpfs_error(s, "dnode %08x does not end with \\377 entry", secno);
265 goto bail;
266 }
267 if (b == 3) printk("HPFS: warning: unbalanced dnode tree, dnode %08x; see hpfs.txt 4 more info\n", secno);
268 }
269 return dnode;
270 bail:
271 hpfs_brelse4(qbh);
272 return NULL;
273 }
274
hpfs_fnode_dno(struct super_block * s,ino_t ino)275 dnode_secno hpfs_fnode_dno(struct super_block *s, ino_t ino)
276 {
277 struct buffer_head *bh;
278 struct fnode *fnode;
279 dnode_secno dno;
280
281 fnode = hpfs_map_fnode(s, ino, &bh);
282 if (!fnode)
283 return 0;
284
285 dno = le32_to_cpu(fnode->u.external[0].disk_secno);
286 brelse(bh);
287 return dno;
288 }
289