1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  * runlist.c - NTFS runlist handling code.  Part of the Linux-NTFS project.
4  *
5  * Copyright (c) 2001-2007 Anton Altaparmakov
6  * Copyright (c) 2002-2005 Richard Russon
7  */
8 
9 #include "debug.h"
10 #include "dir.h"
11 #include "endian.h"
12 #include "malloc.h"
13 #include "ntfs.h"
14 
15 /**
16  * ntfs_rl_mm - runlist memmove
17  *
18  * It is up to the caller to serialize access to the runlist @base.
19  */
ntfs_rl_mm(runlist_element * base,int dst,int src,int size)20 static inline void ntfs_rl_mm(runlist_element *base, int dst, int src,
21 		int size)
22 {
23 	if (likely((dst != src) && (size > 0)))
24 		memmove(base + dst, base + src, size * sizeof(*base));
25 }
26 
27 /**
28  * ntfs_rl_mc - runlist memory copy
29  *
30  * It is up to the caller to serialize access to the runlists @dstbase and
31  * @srcbase.
32  */
ntfs_rl_mc(runlist_element * dstbase,int dst,runlist_element * srcbase,int src,int size)33 static inline void ntfs_rl_mc(runlist_element *dstbase, int dst,
34 		runlist_element *srcbase, int src, int size)
35 {
36 	if (likely(size > 0))
37 		memcpy(dstbase + dst, srcbase + src, size * sizeof(*dstbase));
38 }
39 
40 /**
41  * ntfs_rl_realloc - Reallocate memory for runlists
42  * @rl:		original runlist
43  * @old_size:	number of runlist elements in the original runlist @rl
44  * @new_size:	number of runlist elements we need space for
45  *
46  * As the runlists grow, more memory will be required.  To prevent the
47  * kernel having to allocate and reallocate large numbers of small bits of
48  * memory, this function returns an entire page of memory.
49  *
50  * It is up to the caller to serialize access to the runlist @rl.
51  *
52  * N.B.  If the new allocation doesn't require a different number of pages in
53  *       memory, the function will return the original pointer.
54  *
55  * On success, return a pointer to the newly allocated, or recycled, memory.
56  * On error, return -errno. The following error codes are defined:
57  *	-ENOMEM	- Not enough memory to allocate runlist array.
58  *	-EINVAL	- Invalid parameters were passed in.
59  */
ntfs_rl_realloc(runlist_element * rl,int old_size,int new_size)60 static inline runlist_element *ntfs_rl_realloc(runlist_element *rl,
61 		int old_size, int new_size)
62 {
63 	runlist_element *new_rl;
64 
65 	old_size = PAGE_ALIGN(old_size * sizeof(*rl));
66 	new_size = PAGE_ALIGN(new_size * sizeof(*rl));
67 	if (old_size == new_size)
68 		return rl;
69 
70 	new_rl = ntfs_malloc_nofs(new_size);
71 	if (unlikely(!new_rl))
72 		return ERR_PTR(-ENOMEM);
73 
74 	if (likely(rl != NULL)) {
75 		if (unlikely(old_size > new_size))
76 			old_size = new_size;
77 		memcpy(new_rl, rl, old_size);
78 		ntfs_free(rl);
79 	}
80 	return new_rl;
81 }
82 
83 /**
84  * ntfs_rl_realloc_nofail - Reallocate memory for runlists
85  * @rl:		original runlist
86  * @old_size:	number of runlist elements in the original runlist @rl
87  * @new_size:	number of runlist elements we need space for
88  *
89  * As the runlists grow, more memory will be required.  To prevent the
90  * kernel having to allocate and reallocate large numbers of small bits of
91  * memory, this function returns an entire page of memory.
92  *
93  * This function guarantees that the allocation will succeed.  It will sleep
94  * for as long as it takes to complete the allocation.
95  *
96  * It is up to the caller to serialize access to the runlist @rl.
97  *
98  * N.B.  If the new allocation doesn't require a different number of pages in
99  *       memory, the function will return the original pointer.
100  *
101  * On success, return a pointer to the newly allocated, or recycled, memory.
102  * On error, return -errno. The following error codes are defined:
103  *	-ENOMEM	- Not enough memory to allocate runlist array.
104  *	-EINVAL	- Invalid parameters were passed in.
105  */
ntfs_rl_realloc_nofail(runlist_element * rl,int old_size,int new_size)106 static inline runlist_element *ntfs_rl_realloc_nofail(runlist_element *rl,
107 		int old_size, int new_size)
108 {
109 	runlist_element *new_rl;
110 
111 	old_size = PAGE_ALIGN(old_size * sizeof(*rl));
112 	new_size = PAGE_ALIGN(new_size * sizeof(*rl));
113 	if (old_size == new_size)
114 		return rl;
115 
116 	new_rl = ntfs_malloc_nofs_nofail(new_size);
117 	BUG_ON(!new_rl);
118 
119 	if (likely(rl != NULL)) {
120 		if (unlikely(old_size > new_size))
121 			old_size = new_size;
122 		memcpy(new_rl, rl, old_size);
123 		ntfs_free(rl);
124 	}
125 	return new_rl;
126 }
127 
128 /**
129  * ntfs_are_rl_mergeable - test if two runlists can be joined together
130  * @dst:	original runlist
131  * @src:	new runlist to test for mergeability with @dst
132  *
133  * Test if two runlists can be joined together. For this, their VCNs and LCNs
134  * must be adjacent.
135  *
136  * It is up to the caller to serialize access to the runlists @dst and @src.
137  *
138  * Return: true   Success, the runlists can be merged.
139  *	   false  Failure, the runlists cannot be merged.
140  */
ntfs_are_rl_mergeable(runlist_element * dst,runlist_element * src)141 static inline bool ntfs_are_rl_mergeable(runlist_element *dst,
142 		runlist_element *src)
143 {
144 	BUG_ON(!dst);
145 	BUG_ON(!src);
146 
147 	/* We can merge unmapped regions even if they are misaligned. */
148 	if ((dst->lcn == LCN_RL_NOT_MAPPED) && (src->lcn == LCN_RL_NOT_MAPPED))
149 		return true;
150 	/* If the runs are misaligned, we cannot merge them. */
151 	if ((dst->vcn + dst->length) != src->vcn)
152 		return false;
153 	/* If both runs are non-sparse and contiguous, we can merge them. */
154 	if ((dst->lcn >= 0) && (src->lcn >= 0) &&
155 			((dst->lcn + dst->length) == src->lcn))
156 		return true;
157 	/* If we are merging two holes, we can merge them. */
158 	if ((dst->lcn == LCN_HOLE) && (src->lcn == LCN_HOLE))
159 		return true;
160 	/* Cannot merge. */
161 	return false;
162 }
163 
164 /**
165  * __ntfs_rl_merge - merge two runlists without testing if they can be merged
166  * @dst:	original, destination runlist
167  * @src:	new runlist to merge with @dst
168  *
169  * Merge the two runlists, writing into the destination runlist @dst. The
170  * caller must make sure the runlists can be merged or this will corrupt the
171  * destination runlist.
172  *
173  * It is up to the caller to serialize access to the runlists @dst and @src.
174  */
__ntfs_rl_merge(runlist_element * dst,runlist_element * src)175 static inline void __ntfs_rl_merge(runlist_element *dst, runlist_element *src)
176 {
177 	dst->length += src->length;
178 }
179 
180 /**
181  * ntfs_rl_append - append a runlist after a given element
182  * @dst:	original runlist to be worked on
183  * @dsize:	number of elements in @dst (including end marker)
184  * @src:	runlist to be inserted into @dst
185  * @ssize:	number of elements in @src (excluding end marker)
186  * @loc:	append the new runlist @src after this element in @dst
187  *
188  * Append the runlist @src after element @loc in @dst.  Merge the right end of
189  * the new runlist, if necessary. Adjust the size of the hole before the
190  * appended runlist.
191  *
192  * It is up to the caller to serialize access to the runlists @dst and @src.
193  *
194  * On success, return a pointer to the new, combined, runlist. Note, both
195  * runlists @dst and @src are deallocated before returning so you cannot use
196  * the pointers for anything any more. (Strictly speaking the returned runlist
197  * may be the same as @dst but this is irrelevant.)
198  *
199  * On error, return -errno. Both runlists are left unmodified. The following
200  * error codes are defined:
201  *	-ENOMEM	- Not enough memory to allocate runlist array.
202  *	-EINVAL	- Invalid parameters were passed in.
203  */
ntfs_rl_append(runlist_element * dst,int dsize,runlist_element * src,int ssize,int loc)204 static inline runlist_element *ntfs_rl_append(runlist_element *dst,
205 		int dsize, runlist_element *src, int ssize, int loc)
206 {
207 	bool right = false;	/* Right end of @src needs merging. */
208 	int marker;		/* End of the inserted runs. */
209 
210 	BUG_ON(!dst);
211 	BUG_ON(!src);
212 
213 	/* First, check if the right hand end needs merging. */
214 	if ((loc + 1) < dsize)
215 		right = ntfs_are_rl_mergeable(src + ssize - 1, dst + loc + 1);
216 
217 	/* Space required: @dst size + @src size, less one if we merged. */
218 	dst = ntfs_rl_realloc(dst, dsize, dsize + ssize - right);
219 	if (IS_ERR(dst))
220 		return dst;
221 	/*
222 	 * We are guaranteed to succeed from here so can start modifying the
223 	 * original runlists.
224 	 */
225 
226 	/* First, merge the right hand end, if necessary. */
227 	if (right)
228 		__ntfs_rl_merge(src + ssize - 1, dst + loc + 1);
229 
230 	/* First run after the @src runs that have been inserted. */
231 	marker = loc + ssize + 1;
232 
233 	/* Move the tail of @dst out of the way, then copy in @src. */
234 	ntfs_rl_mm(dst, marker, loc + 1 + right, dsize - (loc + 1 + right));
235 	ntfs_rl_mc(dst, loc + 1, src, 0, ssize);
236 
237 	/* Adjust the size of the preceding hole. */
238 	dst[loc].length = dst[loc + 1].vcn - dst[loc].vcn;
239 
240 	/* We may have changed the length of the file, so fix the end marker */
241 	if (dst[marker].lcn == LCN_ENOENT)
242 		dst[marker].vcn = dst[marker - 1].vcn + dst[marker - 1].length;
243 
244 	return dst;
245 }
246 
247 /**
248  * ntfs_rl_insert - insert a runlist into another
249  * @dst:	original runlist to be worked on
250  * @dsize:	number of elements in @dst (including end marker)
251  * @src:	new runlist to be inserted
252  * @ssize:	number of elements in @src (excluding end marker)
253  * @loc:	insert the new runlist @src before this element in @dst
254  *
255  * Insert the runlist @src before element @loc in the runlist @dst. Merge the
256  * left end of the new runlist, if necessary. Adjust the size of the hole
257  * after the inserted runlist.
258  *
259  * It is up to the caller to serialize access to the runlists @dst and @src.
260  *
261  * On success, return a pointer to the new, combined, runlist. Note, both
262  * runlists @dst and @src are deallocated before returning so you cannot use
263  * the pointers for anything any more. (Strictly speaking the returned runlist
264  * may be the same as @dst but this is irrelevant.)
265  *
266  * On error, return -errno. Both runlists are left unmodified. The following
267  * error codes are defined:
268  *	-ENOMEM	- Not enough memory to allocate runlist array.
269  *	-EINVAL	- Invalid parameters were passed in.
270  */
ntfs_rl_insert(runlist_element * dst,int dsize,runlist_element * src,int ssize,int loc)271 static inline runlist_element *ntfs_rl_insert(runlist_element *dst,
272 		int dsize, runlist_element *src, int ssize, int loc)
273 {
274 	bool left = false;	/* Left end of @src needs merging. */
275 	bool disc = false;	/* Discontinuity between @dst and @src. */
276 	int marker;		/* End of the inserted runs. */
277 
278 	BUG_ON(!dst);
279 	BUG_ON(!src);
280 
281 	/*
282 	 * disc => Discontinuity between the end of @dst and the start of @src.
283 	 *	   This means we might need to insert a "not mapped" run.
284 	 */
285 	if (loc == 0)
286 		disc = (src[0].vcn > 0);
287 	else {
288 		s64 merged_length;
289 
290 		left = ntfs_are_rl_mergeable(dst + loc - 1, src);
291 
292 		merged_length = dst[loc - 1].length;
293 		if (left)
294 			merged_length += src->length;
295 
296 		disc = (src[0].vcn > dst[loc - 1].vcn + merged_length);
297 	}
298 	/*
299 	 * Space required: @dst size + @src size, less one if we merged, plus
300 	 * one if there was a discontinuity.
301 	 */
302 	dst = ntfs_rl_realloc(dst, dsize, dsize + ssize - left + disc);
303 	if (IS_ERR(dst))
304 		return dst;
305 	/*
306 	 * We are guaranteed to succeed from here so can start modifying the
307 	 * original runlist.
308 	 */
309 	if (left)
310 		__ntfs_rl_merge(dst + loc - 1, src);
311 	/*
312 	 * First run after the @src runs that have been inserted.
313 	 * Nominally,  @marker equals @loc + @ssize, i.e. location + number of
314 	 * runs in @src.  However, if @left, then the first run in @src has
315 	 * been merged with one in @dst.  And if @disc, then @dst and @src do
316 	 * not meet and we need an extra run to fill the gap.
317 	 */
318 	marker = loc + ssize - left + disc;
319 
320 	/* Move the tail of @dst out of the way, then copy in @src. */
321 	ntfs_rl_mm(dst, marker, loc, dsize - loc);
322 	ntfs_rl_mc(dst, loc + disc, src, left, ssize - left);
323 
324 	/* Adjust the VCN of the first run after the insertion... */
325 	dst[marker].vcn = dst[marker - 1].vcn + dst[marker - 1].length;
326 	/* ... and the length. */
327 	if (dst[marker].lcn == LCN_HOLE || dst[marker].lcn == LCN_RL_NOT_MAPPED)
328 		dst[marker].length = dst[marker + 1].vcn - dst[marker].vcn;
329 
330 	/* Writing beyond the end of the file and there is a discontinuity. */
331 	if (disc) {
332 		if (loc > 0) {
333 			dst[loc].vcn = dst[loc - 1].vcn + dst[loc - 1].length;
334 			dst[loc].length = dst[loc + 1].vcn - dst[loc].vcn;
335 		} else {
336 			dst[loc].vcn = 0;
337 			dst[loc].length = dst[loc + 1].vcn;
338 		}
339 		dst[loc].lcn = LCN_RL_NOT_MAPPED;
340 	}
341 	return dst;
342 }
343 
344 /**
345  * ntfs_rl_replace - overwrite a runlist element with another runlist
346  * @dst:	original runlist to be worked on
347  * @dsize:	number of elements in @dst (including end marker)
348  * @src:	new runlist to be inserted
349  * @ssize:	number of elements in @src (excluding end marker)
350  * @loc:	index in runlist @dst to overwrite with @src
351  *
352  * Replace the runlist element @dst at @loc with @src. Merge the left and
353  * right ends of the inserted runlist, if necessary.
354  *
355  * It is up to the caller to serialize access to the runlists @dst and @src.
356  *
357  * On success, return a pointer to the new, combined, runlist. Note, both
358  * runlists @dst and @src are deallocated before returning so you cannot use
359  * the pointers for anything any more. (Strictly speaking the returned runlist
360  * may be the same as @dst but this is irrelevant.)
361  *
362  * On error, return -errno. Both runlists are left unmodified. The following
363  * error codes are defined:
364  *	-ENOMEM	- Not enough memory to allocate runlist array.
365  *	-EINVAL	- Invalid parameters were passed in.
366  */
ntfs_rl_replace(runlist_element * dst,int dsize,runlist_element * src,int ssize,int loc)367 static inline runlist_element *ntfs_rl_replace(runlist_element *dst,
368 		int dsize, runlist_element *src, int ssize, int loc)
369 {
370 	signed delta;
371 	bool left = false;	/* Left end of @src needs merging. */
372 	bool right = false;	/* Right end of @src needs merging. */
373 	int tail;		/* Start of tail of @dst. */
374 	int marker;		/* End of the inserted runs. */
375 
376 	BUG_ON(!dst);
377 	BUG_ON(!src);
378 
379 	/* First, see if the left and right ends need merging. */
380 	if ((loc + 1) < dsize)
381 		right = ntfs_are_rl_mergeable(src + ssize - 1, dst + loc + 1);
382 	if (loc > 0)
383 		left = ntfs_are_rl_mergeable(dst + loc - 1, src);
384 	/*
385 	 * Allocate some space.  We will need less if the left, right, or both
386 	 * ends get merged.  The -1 accounts for the run being replaced.
387 	 */
388 	delta = ssize - 1 - left - right;
389 	if (delta > 0) {
390 		dst = ntfs_rl_realloc(dst, dsize, dsize + delta);
391 		if (IS_ERR(dst))
392 			return dst;
393 	}
394 	/*
395 	 * We are guaranteed to succeed from here so can start modifying the
396 	 * original runlists.
397 	 */
398 
399 	/* First, merge the left and right ends, if necessary. */
400 	if (right)
401 		__ntfs_rl_merge(src + ssize - 1, dst + loc + 1);
402 	if (left)
403 		__ntfs_rl_merge(dst + loc - 1, src);
404 	/*
405 	 * Offset of the tail of @dst.  This needs to be moved out of the way
406 	 * to make space for the runs to be copied from @src, i.e. the first
407 	 * run of the tail of @dst.
408 	 * Nominally, @tail equals @loc + 1, i.e. location, skipping the
409 	 * replaced run.  However, if @right, then one of @dst's runs is
410 	 * already merged into @src.
411 	 */
412 	tail = loc + right + 1;
413 	/*
414 	 * First run after the @src runs that have been inserted, i.e. where
415 	 * the tail of @dst needs to be moved to.
416 	 * Nominally, @marker equals @loc + @ssize, i.e. location + number of
417 	 * runs in @src.  However, if @left, then the first run in @src has
418 	 * been merged with one in @dst.
419 	 */
420 	marker = loc + ssize - left;
421 
422 	/* Move the tail of @dst out of the way, then copy in @src. */
423 	ntfs_rl_mm(dst, marker, tail, dsize - tail);
424 	ntfs_rl_mc(dst, loc, src, left, ssize - left);
425 
426 	/* We may have changed the length of the file, so fix the end marker. */
427 	if (dsize - tail > 0 && dst[marker].lcn == LCN_ENOENT)
428 		dst[marker].vcn = dst[marker - 1].vcn + dst[marker - 1].length;
429 	return dst;
430 }
431 
432 /**
433  * ntfs_rl_split - insert a runlist into the centre of a hole
434  * @dst:	original runlist to be worked on
435  * @dsize:	number of elements in @dst (including end marker)
436  * @src:	new runlist to be inserted
437  * @ssize:	number of elements in @src (excluding end marker)
438  * @loc:	index in runlist @dst at which to split and insert @src
439  *
440  * Split the runlist @dst at @loc into two and insert @new in between the two
441  * fragments. No merging of runlists is necessary. Adjust the size of the
442  * holes either side.
443  *
444  * It is up to the caller to serialize access to the runlists @dst and @src.
445  *
446  * On success, return a pointer to the new, combined, runlist. Note, both
447  * runlists @dst and @src are deallocated before returning so you cannot use
448  * the pointers for anything any more. (Strictly speaking the returned runlist
449  * may be the same as @dst but this is irrelevant.)
450  *
451  * On error, return -errno. Both runlists are left unmodified. The following
452  * error codes are defined:
453  *	-ENOMEM	- Not enough memory to allocate runlist array.
454  *	-EINVAL	- Invalid parameters were passed in.
455  */
ntfs_rl_split(runlist_element * dst,int dsize,runlist_element * src,int ssize,int loc)456 static inline runlist_element *ntfs_rl_split(runlist_element *dst, int dsize,
457 		runlist_element *src, int ssize, int loc)
458 {
459 	BUG_ON(!dst);
460 	BUG_ON(!src);
461 
462 	/* Space required: @dst size + @src size + one new hole. */
463 	dst = ntfs_rl_realloc(dst, dsize, dsize + ssize + 1);
464 	if (IS_ERR(dst))
465 		return dst;
466 	/*
467 	 * We are guaranteed to succeed from here so can start modifying the
468 	 * original runlists.
469 	 */
470 
471 	/* Move the tail of @dst out of the way, then copy in @src. */
472 	ntfs_rl_mm(dst, loc + 1 + ssize, loc, dsize - loc);
473 	ntfs_rl_mc(dst, loc + 1, src, 0, ssize);
474 
475 	/* Adjust the size of the holes either size of @src. */
476 	dst[loc].length		= dst[loc+1].vcn       - dst[loc].vcn;
477 	dst[loc+ssize+1].vcn    = dst[loc+ssize].vcn   + dst[loc+ssize].length;
478 	dst[loc+ssize+1].length = dst[loc+ssize+2].vcn - dst[loc+ssize+1].vcn;
479 
480 	return dst;
481 }
482 
483 /**
484  * ntfs_runlists_merge - merge two runlists into one
485  * @drl:	original runlist to be worked on
486  * @srl:	new runlist to be merged into @drl
487  *
488  * First we sanity check the two runlists @srl and @drl to make sure that they
489  * are sensible and can be merged. The runlist @srl must be either after the
490  * runlist @drl or completely within a hole (or unmapped region) in @drl.
491  *
492  * It is up to the caller to serialize access to the runlists @drl and @srl.
493  *
494  * Merging of runlists is necessary in two cases:
495  *   1. When attribute lists are used and a further extent is being mapped.
496  *   2. When new clusters are allocated to fill a hole or extend a file.
497  *
498  * There are four possible ways @srl can be merged. It can:
499  *	- be inserted at the beginning of a hole,
500  *	- split the hole in two and be inserted between the two fragments,
501  *	- be appended at the end of a hole, or it can
502  *	- replace the whole hole.
503  * It can also be appended to the end of the runlist, which is just a variant
504  * of the insert case.
505  *
506  * On success, return a pointer to the new, combined, runlist. Note, both
507  * runlists @drl and @srl are deallocated before returning so you cannot use
508  * the pointers for anything any more. (Strictly speaking the returned runlist
509  * may be the same as @dst but this is irrelevant.)
510  *
511  * On error, return -errno. Both runlists are left unmodified. The following
512  * error codes are defined:
513  *	-ENOMEM	- Not enough memory to allocate runlist array.
514  *	-EINVAL	- Invalid parameters were passed in.
515  *	-ERANGE	- The runlists overlap and cannot be merged.
516  */
ntfs_runlists_merge(runlist_element * drl,runlist_element * srl)517 runlist_element *ntfs_runlists_merge(runlist_element *drl,
518 		runlist_element *srl)
519 {
520 	int di, si;		/* Current index into @[ds]rl. */
521 	int sstart;		/* First index with lcn > LCN_RL_NOT_MAPPED. */
522 	int dins;		/* Index into @drl at which to insert @srl. */
523 	int dend, send;		/* Last index into @[ds]rl. */
524 	int dfinal, sfinal;	/* The last index into @[ds]rl with
525 				   lcn >= LCN_HOLE. */
526 	int marker = 0;
527 	VCN marker_vcn = 0;
528 
529 #ifdef DEBUG
530 	ntfs_debug("dst:");
531 	ntfs_debug_dump_runlist(drl);
532 	ntfs_debug("src:");
533 	ntfs_debug_dump_runlist(srl);
534 #endif
535 
536 	/* Check for silly calling... */
537 	if (unlikely(!srl))
538 		return drl;
539 	if (IS_ERR(srl) || IS_ERR(drl))
540 		return ERR_PTR(-EINVAL);
541 
542 	/* Check for the case where the first mapping is being done now. */
543 	if (unlikely(!drl)) {
544 		drl = srl;
545 		/* Complete the source runlist if necessary. */
546 		if (unlikely(drl[0].vcn)) {
547 			/* Scan to the end of the source runlist. */
548 			for (dend = 0; likely(drl[dend].length); dend++)
549 				;
550 			dend++;
551 			drl = ntfs_rl_realloc(drl, dend, dend + 1);
552 			if (IS_ERR(drl))
553 				return drl;
554 			/* Insert start element at the front of the runlist. */
555 			ntfs_rl_mm(drl, 1, 0, dend);
556 			drl[0].vcn = 0;
557 			drl[0].lcn = LCN_RL_NOT_MAPPED;
558 			drl[0].length = drl[1].vcn;
559 		}
560 		goto finished;
561 	}
562 
563 	si = di = 0;
564 
565 	/* Skip any unmapped start element(s) in the source runlist. */
566 	while (srl[si].length && srl[si].lcn < LCN_HOLE)
567 		si++;
568 
569 	/* Can't have an entirely unmapped source runlist. */
570 	BUG_ON(!srl[si].length);
571 
572 	/* Record the starting points. */
573 	sstart = si;
574 
575 	/*
576 	 * Skip forward in @drl until we reach the position where @srl needs to
577 	 * be inserted. If we reach the end of @drl, @srl just needs to be
578 	 * appended to @drl.
579 	 */
580 	for (; drl[di].length; di++) {
581 		if (drl[di].vcn + drl[di].length > srl[sstart].vcn)
582 			break;
583 	}
584 	dins = di;
585 
586 	/* Sanity check for illegal overlaps. */
587 	if ((drl[di].vcn == srl[si].vcn) && (drl[di].lcn >= 0) &&
588 			(srl[si].lcn >= 0)) {
589 		ntfs_error(NULL, "Run lists overlap. Cannot merge!");
590 		return ERR_PTR(-ERANGE);
591 	}
592 
593 	/* Scan to the end of both runlists in order to know their sizes. */
594 	for (send = si; srl[send].length; send++)
595 		;
596 	for (dend = di; drl[dend].length; dend++)
597 		;
598 
599 	if (srl[send].lcn == LCN_ENOENT)
600 		marker_vcn = srl[marker = send].vcn;
601 
602 	/* Scan to the last element with lcn >= LCN_HOLE. */
603 	for (sfinal = send; sfinal >= 0 && srl[sfinal].lcn < LCN_HOLE; sfinal--)
604 		;
605 	for (dfinal = dend; dfinal >= 0 && drl[dfinal].lcn < LCN_HOLE; dfinal--)
606 		;
607 
608 	{
609 	bool start;
610 	bool finish;
611 	int ds = dend + 1;		/* Number of elements in drl & srl */
612 	int ss = sfinal - sstart + 1;
613 
614 	start  = ((drl[dins].lcn <  LCN_RL_NOT_MAPPED) ||    /* End of file   */
615 		  (drl[dins].vcn == srl[sstart].vcn));	     /* Start of hole */
616 	finish = ((drl[dins].lcn >= LCN_RL_NOT_MAPPED) &&    /* End of file   */
617 		 ((drl[dins].vcn + drl[dins].length) <=      /* End of hole   */
618 		  (srl[send - 1].vcn + srl[send - 1].length)));
619 
620 	/* Or we will lose an end marker. */
621 	if (finish && !drl[dins].length)
622 		ss++;
623 	if (marker && (drl[dins].vcn + drl[dins].length > srl[send - 1].vcn))
624 		finish = false;
625 #if 0
626 	ntfs_debug("dfinal = %i, dend = %i", dfinal, dend);
627 	ntfs_debug("sstart = %i, sfinal = %i, send = %i", sstart, sfinal, send);
628 	ntfs_debug("start = %i, finish = %i", start, finish);
629 	ntfs_debug("ds = %i, ss = %i, dins = %i", ds, ss, dins);
630 #endif
631 	if (start) {
632 		if (finish)
633 			drl = ntfs_rl_replace(drl, ds, srl + sstart, ss, dins);
634 		else
635 			drl = ntfs_rl_insert(drl, ds, srl + sstart, ss, dins);
636 	} else {
637 		if (finish)
638 			drl = ntfs_rl_append(drl, ds, srl + sstart, ss, dins);
639 		else
640 			drl = ntfs_rl_split(drl, ds, srl + sstart, ss, dins);
641 	}
642 	if (IS_ERR(drl)) {
643 		ntfs_error(NULL, "Merge failed.");
644 		return drl;
645 	}
646 	ntfs_free(srl);
647 	if (marker) {
648 		ntfs_debug("Triggering marker code.");
649 		for (ds = dend; drl[ds].length; ds++)
650 			;
651 		/* We only need to care if @srl ended after @drl. */
652 		if (drl[ds].vcn <= marker_vcn) {
653 			int slots = 0;
654 
655 			if (drl[ds].vcn == marker_vcn) {
656 				ntfs_debug("Old marker = 0x%llx, replacing "
657 						"with LCN_ENOENT.",
658 						(unsigned long long)
659 						drl[ds].lcn);
660 				drl[ds].lcn = LCN_ENOENT;
661 				goto finished;
662 			}
663 			/*
664 			 * We need to create an unmapped runlist element in
665 			 * @drl or extend an existing one before adding the
666 			 * ENOENT terminator.
667 			 */
668 			if (drl[ds].lcn == LCN_ENOENT) {
669 				ds--;
670 				slots = 1;
671 			}
672 			if (drl[ds].lcn != LCN_RL_NOT_MAPPED) {
673 				/* Add an unmapped runlist element. */
674 				if (!slots) {
675 					drl = ntfs_rl_realloc_nofail(drl, ds,
676 							ds + 2);
677 					slots = 2;
678 				}
679 				ds++;
680 				/* Need to set vcn if it isn't set already. */
681 				if (slots != 1)
682 					drl[ds].vcn = drl[ds - 1].vcn +
683 							drl[ds - 1].length;
684 				drl[ds].lcn = LCN_RL_NOT_MAPPED;
685 				/* We now used up a slot. */
686 				slots--;
687 			}
688 			drl[ds].length = marker_vcn - drl[ds].vcn;
689 			/* Finally add the ENOENT terminator. */
690 			ds++;
691 			if (!slots)
692 				drl = ntfs_rl_realloc_nofail(drl, ds, ds + 1);
693 			drl[ds].vcn = marker_vcn;
694 			drl[ds].lcn = LCN_ENOENT;
695 			drl[ds].length = (s64)0;
696 		}
697 	}
698 	}
699 
700 finished:
701 	/* The merge was completed successfully. */
702 	ntfs_debug("Merged runlist:");
703 	ntfs_debug_dump_runlist(drl);
704 	return drl;
705 }
706 
707 /**
708  * ntfs_mapping_pairs_decompress - convert mapping pairs array to runlist
709  * @vol:	ntfs volume on which the attribute resides
710  * @attr:	attribute record whose mapping pairs array to decompress
711  * @old_rl:	optional runlist in which to insert @attr's runlist
712  *
713  * It is up to the caller to serialize access to the runlist @old_rl.
714  *
715  * Decompress the attribute @attr's mapping pairs array into a runlist. On
716  * success, return the decompressed runlist.
717  *
718  * If @old_rl is not NULL, decompressed runlist is inserted into the
719  * appropriate place in @old_rl and the resultant, combined runlist is
720  * returned. The original @old_rl is deallocated.
721  *
722  * On error, return -errno. @old_rl is left unmodified in that case.
723  *
724  * The following error codes are defined:
725  *	-ENOMEM	- Not enough memory to allocate runlist array.
726  *	-EIO	- Corrupt runlist.
727  *	-EINVAL	- Invalid parameters were passed in.
728  *	-ERANGE	- The two runlists overlap.
729  *
730  * FIXME: For now we take the conceptionally simplest approach of creating the
731  * new runlist disregarding the already existing one and then splicing the
732  * two into one, if that is possible (we check for overlap and discard the new
733  * runlist if overlap present before returning ERR_PTR(-ERANGE)).
734  */
ntfs_mapping_pairs_decompress(const ntfs_volume * vol,const ATTR_RECORD * attr,runlist_element * old_rl)735 runlist_element *ntfs_mapping_pairs_decompress(const ntfs_volume *vol,
736 		const ATTR_RECORD *attr, runlist_element *old_rl)
737 {
738 	VCN vcn;		/* Current vcn. */
739 	LCN lcn;		/* Current lcn. */
740 	s64 deltaxcn;		/* Change in [vl]cn. */
741 	runlist_element *rl;	/* The output runlist. */
742 	u8 *buf;		/* Current position in mapping pairs array. */
743 	u8 *attr_end;		/* End of attribute. */
744 	int rlsize;		/* Size of runlist buffer. */
745 	u16 rlpos;		/* Current runlist position in units of
746 				   runlist_elements. */
747 	u8 b;			/* Current byte offset in buf. */
748 
749 #ifdef DEBUG
750 	/* Make sure attr exists and is non-resident. */
751 	if (!attr || !attr->non_resident || sle64_to_cpu(
752 			attr->data.non_resident.lowest_vcn) < (VCN)0) {
753 		ntfs_error(vol->sb, "Invalid arguments.");
754 		return ERR_PTR(-EINVAL);
755 	}
756 #endif
757 	/* Start at vcn = lowest_vcn and lcn 0. */
758 	vcn = sle64_to_cpu(attr->data.non_resident.lowest_vcn);
759 	lcn = 0;
760 	/* Get start of the mapping pairs array. */
761 	buf = (u8*)attr + le16_to_cpu(
762 			attr->data.non_resident.mapping_pairs_offset);
763 	attr_end = (u8*)attr + le32_to_cpu(attr->length);
764 	if (unlikely(buf < (u8*)attr || buf > attr_end)) {
765 		ntfs_error(vol->sb, "Corrupt attribute.");
766 		return ERR_PTR(-EIO);
767 	}
768 	/* If the mapping pairs array is valid but empty, nothing to do. */
769 	if (!vcn && !*buf)
770 		return old_rl;
771 	/* Current position in runlist array. */
772 	rlpos = 0;
773 	/* Allocate first page and set current runlist size to one page. */
774 	rl = ntfs_malloc_nofs(rlsize = PAGE_SIZE);
775 	if (unlikely(!rl))
776 		return ERR_PTR(-ENOMEM);
777 	/* Insert unmapped starting element if necessary. */
778 	if (vcn) {
779 		rl->vcn = 0;
780 		rl->lcn = LCN_RL_NOT_MAPPED;
781 		rl->length = vcn;
782 		rlpos++;
783 	}
784 	while (buf < attr_end && *buf) {
785 		/*
786 		 * Allocate more memory if needed, including space for the
787 		 * not-mapped and terminator elements. ntfs_malloc_nofs()
788 		 * operates on whole pages only.
789 		 */
790 		if (((rlpos + 3) * sizeof(*old_rl)) > rlsize) {
791 			runlist_element *rl2;
792 
793 			rl2 = ntfs_malloc_nofs(rlsize + (int)PAGE_SIZE);
794 			if (unlikely(!rl2)) {
795 				ntfs_free(rl);
796 				return ERR_PTR(-ENOMEM);
797 			}
798 			memcpy(rl2, rl, rlsize);
799 			ntfs_free(rl);
800 			rl = rl2;
801 			rlsize += PAGE_SIZE;
802 		}
803 		/* Enter the current vcn into the current runlist element. */
804 		rl[rlpos].vcn = vcn;
805 		/*
806 		 * Get the change in vcn, i.e. the run length in clusters.
807 		 * Doing it this way ensures that we signextend negative values.
808 		 * A negative run length doesn't make any sense, but hey, I
809 		 * didn't make up the NTFS specs and Windows NT4 treats the run
810 		 * length as a signed value so that's how it is...
811 		 */
812 		b = *buf & 0xf;
813 		if (b) {
814 			if (unlikely(buf + b > attr_end))
815 				goto io_error;
816 			for (deltaxcn = (s8)buf[b--]; b; b--)
817 				deltaxcn = (deltaxcn << 8) + buf[b];
818 		} else { /* The length entry is compulsory. */
819 			ntfs_error(vol->sb, "Missing length entry in mapping "
820 					"pairs array.");
821 			deltaxcn = (s64)-1;
822 		}
823 		/*
824 		 * Assume a negative length to indicate data corruption and
825 		 * hence clean-up and return NULL.
826 		 */
827 		if (unlikely(deltaxcn < 0)) {
828 			ntfs_error(vol->sb, "Invalid length in mapping pairs "
829 					"array.");
830 			goto err_out;
831 		}
832 		/*
833 		 * Enter the current run length into the current runlist
834 		 * element.
835 		 */
836 		rl[rlpos].length = deltaxcn;
837 		/* Increment the current vcn by the current run length. */
838 		vcn += deltaxcn;
839 		/*
840 		 * There might be no lcn change at all, as is the case for
841 		 * sparse clusters on NTFS 3.0+, in which case we set the lcn
842 		 * to LCN_HOLE.
843 		 */
844 		if (!(*buf & 0xf0))
845 			rl[rlpos].lcn = LCN_HOLE;
846 		else {
847 			/* Get the lcn change which really can be negative. */
848 			u8 b2 = *buf & 0xf;
849 			b = b2 + ((*buf >> 4) & 0xf);
850 			if (buf + b > attr_end)
851 				goto io_error;
852 			for (deltaxcn = (s8)buf[b--]; b > b2; b--)
853 				deltaxcn = (deltaxcn << 8) + buf[b];
854 			/* Change the current lcn to its new value. */
855 			lcn += deltaxcn;
856 #ifdef DEBUG
857 			/*
858 			 * On NTFS 1.2-, apparently can have lcn == -1 to
859 			 * indicate a hole. But we haven't verified ourselves
860 			 * whether it is really the lcn or the deltaxcn that is
861 			 * -1. So if either is found give us a message so we
862 			 * can investigate it further!
863 			 */
864 			if (vol->major_ver < 3) {
865 				if (unlikely(deltaxcn == (LCN)-1))
866 					ntfs_error(vol->sb, "lcn delta == -1");
867 				if (unlikely(lcn == (LCN)-1))
868 					ntfs_error(vol->sb, "lcn == -1");
869 			}
870 #endif
871 			/* Check lcn is not below -1. */
872 			if (unlikely(lcn < (LCN)-1)) {
873 				ntfs_error(vol->sb, "Invalid LCN < -1 in "
874 						"mapping pairs array.");
875 				goto err_out;
876 			}
877 			/* Enter the current lcn into the runlist element. */
878 			rl[rlpos].lcn = lcn;
879 		}
880 		/* Get to the next runlist element. */
881 		rlpos++;
882 		/* Increment the buffer position to the next mapping pair. */
883 		buf += (*buf & 0xf) + ((*buf >> 4) & 0xf) + 1;
884 	}
885 	if (unlikely(buf >= attr_end))
886 		goto io_error;
887 	/*
888 	 * If there is a highest_vcn specified, it must be equal to the final
889 	 * vcn in the runlist - 1, or something has gone badly wrong.
890 	 */
891 	deltaxcn = sle64_to_cpu(attr->data.non_resident.highest_vcn);
892 	if (unlikely(deltaxcn && vcn - 1 != deltaxcn)) {
893 mpa_err:
894 		ntfs_error(vol->sb, "Corrupt mapping pairs array in "
895 				"non-resident attribute.");
896 		goto err_out;
897 	}
898 	/* Setup not mapped runlist element if this is the base extent. */
899 	if (!attr->data.non_resident.lowest_vcn) {
900 		VCN max_cluster;
901 
902 		max_cluster = ((sle64_to_cpu(
903 				attr->data.non_resident.allocated_size) +
904 				vol->cluster_size - 1) >>
905 				vol->cluster_size_bits) - 1;
906 		/*
907 		 * A highest_vcn of zero means this is a single extent
908 		 * attribute so simply terminate the runlist with LCN_ENOENT).
909 		 */
910 		if (deltaxcn) {
911 			/*
912 			 * If there is a difference between the highest_vcn and
913 			 * the highest cluster, the runlist is either corrupt
914 			 * or, more likely, there are more extents following
915 			 * this one.
916 			 */
917 			if (deltaxcn < max_cluster) {
918 				ntfs_debug("More extents to follow; deltaxcn "
919 						"= 0x%llx, max_cluster = "
920 						"0x%llx",
921 						(unsigned long long)deltaxcn,
922 						(unsigned long long)
923 						max_cluster);
924 				rl[rlpos].vcn = vcn;
925 				vcn += rl[rlpos].length = max_cluster -
926 						deltaxcn;
927 				rl[rlpos].lcn = LCN_RL_NOT_MAPPED;
928 				rlpos++;
929 			} else if (unlikely(deltaxcn > max_cluster)) {
930 				ntfs_error(vol->sb, "Corrupt attribute.  "
931 						"deltaxcn = 0x%llx, "
932 						"max_cluster = 0x%llx",
933 						(unsigned long long)deltaxcn,
934 						(unsigned long long)
935 						max_cluster);
936 				goto mpa_err;
937 			}
938 		}
939 		rl[rlpos].lcn = LCN_ENOENT;
940 	} else /* Not the base extent. There may be more extents to follow. */
941 		rl[rlpos].lcn = LCN_RL_NOT_MAPPED;
942 
943 	/* Setup terminating runlist element. */
944 	rl[rlpos].vcn = vcn;
945 	rl[rlpos].length = (s64)0;
946 	/* If no existing runlist was specified, we are done. */
947 	if (!old_rl) {
948 		ntfs_debug("Mapping pairs array successfully decompressed:");
949 		ntfs_debug_dump_runlist(rl);
950 		return rl;
951 	}
952 	/* Now combine the new and old runlists checking for overlaps. */
953 	old_rl = ntfs_runlists_merge(old_rl, rl);
954 	if (!IS_ERR(old_rl))
955 		return old_rl;
956 	ntfs_free(rl);
957 	ntfs_error(vol->sb, "Failed to merge runlists.");
958 	return old_rl;
959 io_error:
960 	ntfs_error(vol->sb, "Corrupt attribute.");
961 err_out:
962 	ntfs_free(rl);
963 	return ERR_PTR(-EIO);
964 }
965 
966 /**
967  * ntfs_rl_vcn_to_lcn - convert a vcn into a lcn given a runlist
968  * @rl:		runlist to use for conversion
969  * @vcn:	vcn to convert
970  *
971  * Convert the virtual cluster number @vcn of an attribute into a logical
972  * cluster number (lcn) of a device using the runlist @rl to map vcns to their
973  * corresponding lcns.
974  *
975  * It is up to the caller to serialize access to the runlist @rl.
976  *
977  * Since lcns must be >= 0, we use negative return codes with special meaning:
978  *
979  * Return code		Meaning / Description
980  * ==================================================
981  *  LCN_HOLE		Hole / not allocated on disk.
982  *  LCN_RL_NOT_MAPPED	This is part of the runlist which has not been
983  *			inserted into the runlist yet.
984  *  LCN_ENOENT		There is no such vcn in the attribute.
985  *
986  * Locking: - The caller must have locked the runlist (for reading or writing).
987  *	    - This function does not touch the lock, nor does it modify the
988  *	      runlist.
989  */
ntfs_rl_vcn_to_lcn(const runlist_element * rl,const VCN vcn)990 LCN ntfs_rl_vcn_to_lcn(const runlist_element *rl, const VCN vcn)
991 {
992 	int i;
993 
994 	BUG_ON(vcn < 0);
995 	/*
996 	 * If rl is NULL, assume that we have found an unmapped runlist. The
997 	 * caller can then attempt to map it and fail appropriately if
998 	 * necessary.
999 	 */
1000 	if (unlikely(!rl))
1001 		return LCN_RL_NOT_MAPPED;
1002 
1003 	/* Catch out of lower bounds vcn. */
1004 	if (unlikely(vcn < rl[0].vcn))
1005 		return LCN_ENOENT;
1006 
1007 	for (i = 0; likely(rl[i].length); i++) {
1008 		if (unlikely(vcn < rl[i+1].vcn)) {
1009 			if (likely(rl[i].lcn >= (LCN)0))
1010 				return rl[i].lcn + (vcn - rl[i].vcn);
1011 			return rl[i].lcn;
1012 		}
1013 	}
1014 	/*
1015 	 * The terminator element is setup to the correct value, i.e. one of
1016 	 * LCN_HOLE, LCN_RL_NOT_MAPPED, or LCN_ENOENT.
1017 	 */
1018 	if (likely(rl[i].lcn < (LCN)0))
1019 		return rl[i].lcn;
1020 	/* Just in case... We could replace this with BUG() some day. */
1021 	return LCN_ENOENT;
1022 }
1023 
1024 #ifdef NTFS_RW
1025 
1026 /**
1027  * ntfs_rl_find_vcn_nolock - find a vcn in a runlist
1028  * @rl:		runlist to search
1029  * @vcn:	vcn to find
1030  *
1031  * Find the virtual cluster number @vcn in the runlist @rl and return the
1032  * address of the runlist element containing the @vcn on success.
1033  *
1034  * Return NULL if @rl is NULL or @vcn is in an unmapped part/out of bounds of
1035  * the runlist.
1036  *
1037  * Locking: The runlist must be locked on entry.
1038  */
ntfs_rl_find_vcn_nolock(runlist_element * rl,const VCN vcn)1039 runlist_element *ntfs_rl_find_vcn_nolock(runlist_element *rl, const VCN vcn)
1040 {
1041 	BUG_ON(vcn < 0);
1042 	if (unlikely(!rl || vcn < rl[0].vcn))
1043 		return NULL;
1044 	while (likely(rl->length)) {
1045 		if (unlikely(vcn < rl[1].vcn)) {
1046 			if (likely(rl->lcn >= LCN_HOLE))
1047 				return rl;
1048 			return NULL;
1049 		}
1050 		rl++;
1051 	}
1052 	if (likely(rl->lcn == LCN_ENOENT))
1053 		return rl;
1054 	return NULL;
1055 }
1056 
1057 /**
1058  * ntfs_get_nr_significant_bytes - get number of bytes needed to store a number
1059  * @n:		number for which to get the number of bytes for
1060  *
1061  * Return the number of bytes required to store @n unambiguously as
1062  * a signed number.
1063  *
1064  * This is used in the context of the mapping pairs array to determine how
1065  * many bytes will be needed in the array to store a given logical cluster
1066  * number (lcn) or a specific run length.
1067  *
1068  * Return the number of bytes written.  This function cannot fail.
1069  */
ntfs_get_nr_significant_bytes(const s64 n)1070 static inline int ntfs_get_nr_significant_bytes(const s64 n)
1071 {
1072 	s64 l = n;
1073 	int i;
1074 	s8 j;
1075 
1076 	i = 0;
1077 	do {
1078 		l >>= 8;
1079 		i++;
1080 	} while (l != 0 && l != -1);
1081 	j = (n >> 8 * (i - 1)) & 0xff;
1082 	/* If the sign bit is wrong, we need an extra byte. */
1083 	if ((n < 0 && j >= 0) || (n > 0 && j < 0))
1084 		i++;
1085 	return i;
1086 }
1087 
1088 /**
1089  * ntfs_get_size_for_mapping_pairs - get bytes needed for mapping pairs array
1090  * @vol:	ntfs volume (needed for the ntfs version)
1091  * @rl:		locked runlist to determine the size of the mapping pairs of
1092  * @first_vcn:	first vcn which to include in the mapping pairs array
1093  * @last_vcn:	last vcn which to include in the mapping pairs array
1094  *
1095  * Walk the locked runlist @rl and calculate the size in bytes of the mapping
1096  * pairs array corresponding to the runlist @rl, starting at vcn @first_vcn and
1097  * finishing with vcn @last_vcn.
1098  *
1099  * A @last_vcn of -1 means end of runlist and in that case the size of the
1100  * mapping pairs array corresponding to the runlist starting at vcn @first_vcn
1101  * and finishing at the end of the runlist is determined.
1102  *
1103  * This for example allows us to allocate a buffer of the right size when
1104  * building the mapping pairs array.
1105  *
1106  * If @rl is NULL, just return 1 (for the single terminator byte).
1107  *
1108  * Return the calculated size in bytes on success.  On error, return -errno.
1109  * The following error codes are defined:
1110  *	-EINVAL	- Run list contains unmapped elements.  Make sure to only pass
1111  *		  fully mapped runlists to this function.
1112  *	-EIO	- The runlist is corrupt.
1113  *
1114  * Locking: @rl must be locked on entry (either for reading or writing), it
1115  *	    remains locked throughout, and is left locked upon return.
1116  */
ntfs_get_size_for_mapping_pairs(const ntfs_volume * vol,const runlist_element * rl,const VCN first_vcn,const VCN last_vcn)1117 int ntfs_get_size_for_mapping_pairs(const ntfs_volume *vol,
1118 		const runlist_element *rl, const VCN first_vcn,
1119 		const VCN last_vcn)
1120 {
1121 	LCN prev_lcn;
1122 	int rls;
1123 	bool the_end = false;
1124 
1125 	BUG_ON(first_vcn < 0);
1126 	BUG_ON(last_vcn < -1);
1127 	BUG_ON(last_vcn >= 0 && first_vcn > last_vcn);
1128 	if (!rl) {
1129 		BUG_ON(first_vcn);
1130 		BUG_ON(last_vcn > 0);
1131 		return 1;
1132 	}
1133 	/* Skip to runlist element containing @first_vcn. */
1134 	while (rl->length && first_vcn >= rl[1].vcn)
1135 		rl++;
1136 	if (unlikely((!rl->length && first_vcn > rl->vcn) ||
1137 			first_vcn < rl->vcn))
1138 		return -EINVAL;
1139 	prev_lcn = 0;
1140 	/* Always need the termining zero byte. */
1141 	rls = 1;
1142 	/* Do the first partial run if present. */
1143 	if (first_vcn > rl->vcn) {
1144 		s64 delta, length = rl->length;
1145 
1146 		/* We know rl->length != 0 already. */
1147 		if (unlikely(length < 0 || rl->lcn < LCN_HOLE))
1148 			goto err_out;
1149 		/*
1150 		 * If @stop_vcn is given and finishes inside this run, cap the
1151 		 * run length.
1152 		 */
1153 		if (unlikely(last_vcn >= 0 && rl[1].vcn > last_vcn)) {
1154 			s64 s1 = last_vcn + 1;
1155 			if (unlikely(rl[1].vcn > s1))
1156 				length = s1 - rl->vcn;
1157 			the_end = true;
1158 		}
1159 		delta = first_vcn - rl->vcn;
1160 		/* Header byte + length. */
1161 		rls += 1 + ntfs_get_nr_significant_bytes(length - delta);
1162 		/*
1163 		 * If the logical cluster number (lcn) denotes a hole and we
1164 		 * are on NTFS 3.0+, we don't store it at all, i.e. we need
1165 		 * zero space.  On earlier NTFS versions we just store the lcn.
1166 		 * Note: this assumes that on NTFS 1.2-, holes are stored with
1167 		 * an lcn of -1 and not a delta_lcn of -1 (unless both are -1).
1168 		 */
1169 		if (likely(rl->lcn >= 0 || vol->major_ver < 3)) {
1170 			prev_lcn = rl->lcn;
1171 			if (likely(rl->lcn >= 0))
1172 				prev_lcn += delta;
1173 			/* Change in lcn. */
1174 			rls += ntfs_get_nr_significant_bytes(prev_lcn);
1175 		}
1176 		/* Go to next runlist element. */
1177 		rl++;
1178 	}
1179 	/* Do the full runs. */
1180 	for (; rl->length && !the_end; rl++) {
1181 		s64 length = rl->length;
1182 
1183 		if (unlikely(length < 0 || rl->lcn < LCN_HOLE))
1184 			goto err_out;
1185 		/*
1186 		 * If @stop_vcn is given and finishes inside this run, cap the
1187 		 * run length.
1188 		 */
1189 		if (unlikely(last_vcn >= 0 && rl[1].vcn > last_vcn)) {
1190 			s64 s1 = last_vcn + 1;
1191 			if (unlikely(rl[1].vcn > s1))
1192 				length = s1 - rl->vcn;
1193 			the_end = true;
1194 		}
1195 		/* Header byte + length. */
1196 		rls += 1 + ntfs_get_nr_significant_bytes(length);
1197 		/*
1198 		 * If the logical cluster number (lcn) denotes a hole and we
1199 		 * are on NTFS 3.0+, we don't store it at all, i.e. we need
1200 		 * zero space.  On earlier NTFS versions we just store the lcn.
1201 		 * Note: this assumes that on NTFS 1.2-, holes are stored with
1202 		 * an lcn of -1 and not a delta_lcn of -1 (unless both are -1).
1203 		 */
1204 		if (likely(rl->lcn >= 0 || vol->major_ver < 3)) {
1205 			/* Change in lcn. */
1206 			rls += ntfs_get_nr_significant_bytes(rl->lcn -
1207 					prev_lcn);
1208 			prev_lcn = rl->lcn;
1209 		}
1210 	}
1211 	return rls;
1212 err_out:
1213 	if (rl->lcn == LCN_RL_NOT_MAPPED)
1214 		rls = -EINVAL;
1215 	else
1216 		rls = -EIO;
1217 	return rls;
1218 }
1219 
1220 /**
1221  * ntfs_write_significant_bytes - write the significant bytes of a number
1222  * @dst:	destination buffer to write to
1223  * @dst_max:	pointer to last byte of destination buffer for bounds checking
1224  * @n:		number whose significant bytes to write
1225  *
1226  * Store in @dst, the minimum bytes of the number @n which are required to
1227  * identify @n unambiguously as a signed number, taking care not to exceed
1228  * @dest_max, the maximum position within @dst to which we are allowed to
1229  * write.
1230  *
1231  * This is used when building the mapping pairs array of a runlist to compress
1232  * a given logical cluster number (lcn) or a specific run length to the minimum
1233  * size possible.
1234  *
1235  * Return the number of bytes written on success.  On error, i.e. the
1236  * destination buffer @dst is too small, return -ENOSPC.
1237  */
ntfs_write_significant_bytes(s8 * dst,const s8 * dst_max,const s64 n)1238 static inline int ntfs_write_significant_bytes(s8 *dst, const s8 *dst_max,
1239 		const s64 n)
1240 {
1241 	s64 l = n;
1242 	int i;
1243 	s8 j;
1244 
1245 	i = 0;
1246 	do {
1247 		if (unlikely(dst > dst_max))
1248 			goto err_out;
1249 		*dst++ = l & 0xffll;
1250 		l >>= 8;
1251 		i++;
1252 	} while (l != 0 && l != -1);
1253 	j = (n >> 8 * (i - 1)) & 0xff;
1254 	/* If the sign bit is wrong, we need an extra byte. */
1255 	if (n < 0 && j >= 0) {
1256 		if (unlikely(dst > dst_max))
1257 			goto err_out;
1258 		i++;
1259 		*dst = (s8)-1;
1260 	} else if (n > 0 && j < 0) {
1261 		if (unlikely(dst > dst_max))
1262 			goto err_out;
1263 		i++;
1264 		*dst = (s8)0;
1265 	}
1266 	return i;
1267 err_out:
1268 	return -ENOSPC;
1269 }
1270 
1271 /**
1272  * ntfs_mapping_pairs_build - build the mapping pairs array from a runlist
1273  * @vol:	ntfs volume (needed for the ntfs version)
1274  * @dst:	destination buffer to which to write the mapping pairs array
1275  * @dst_len:	size of destination buffer @dst in bytes
1276  * @rl:		locked runlist for which to build the mapping pairs array
1277  * @first_vcn:	first vcn which to include in the mapping pairs array
1278  * @last_vcn:	last vcn which to include in the mapping pairs array
1279  * @stop_vcn:	first vcn outside destination buffer on success or -ENOSPC
1280  *
1281  * Create the mapping pairs array from the locked runlist @rl, starting at vcn
1282  * @first_vcn and finishing with vcn @last_vcn and save the array in @dst.
1283  * @dst_len is the size of @dst in bytes and it should be at least equal to the
1284  * value obtained by calling ntfs_get_size_for_mapping_pairs().
1285  *
1286  * A @last_vcn of -1 means end of runlist and in that case the mapping pairs
1287  * array corresponding to the runlist starting at vcn @first_vcn and finishing
1288  * at the end of the runlist is created.
1289  *
1290  * If @rl is NULL, just write a single terminator byte to @dst.
1291  *
1292  * On success or -ENOSPC error, if @stop_vcn is not NULL, *@stop_vcn is set to
1293  * the first vcn outside the destination buffer.  Note that on error, @dst has
1294  * been filled with all the mapping pairs that will fit, thus it can be treated
1295  * as partial success, in that a new attribute extent needs to be created or
1296  * the next extent has to be used and the mapping pairs build has to be
1297  * continued with @first_vcn set to *@stop_vcn.
1298  *
1299  * Return 0 on success and -errno on error.  The following error codes are
1300  * defined:
1301  *	-EINVAL	- Run list contains unmapped elements.  Make sure to only pass
1302  *		  fully mapped runlists to this function.
1303  *	-EIO	- The runlist is corrupt.
1304  *	-ENOSPC	- The destination buffer is too small.
1305  *
1306  * Locking: @rl must be locked on entry (either for reading or writing), it
1307  *	    remains locked throughout, and is left locked upon return.
1308  */
ntfs_mapping_pairs_build(const ntfs_volume * vol,s8 * dst,const int dst_len,const runlist_element * rl,const VCN first_vcn,const VCN last_vcn,VCN * const stop_vcn)1309 int ntfs_mapping_pairs_build(const ntfs_volume *vol, s8 *dst,
1310 		const int dst_len, const runlist_element *rl,
1311 		const VCN first_vcn, const VCN last_vcn, VCN *const stop_vcn)
1312 {
1313 	LCN prev_lcn;
1314 	s8 *dst_max, *dst_next;
1315 	int err = -ENOSPC;
1316 	bool the_end = false;
1317 	s8 len_len, lcn_len;
1318 
1319 	BUG_ON(first_vcn < 0);
1320 	BUG_ON(last_vcn < -1);
1321 	BUG_ON(last_vcn >= 0 && first_vcn > last_vcn);
1322 	BUG_ON(dst_len < 1);
1323 	if (!rl) {
1324 		BUG_ON(first_vcn);
1325 		BUG_ON(last_vcn > 0);
1326 		if (stop_vcn)
1327 			*stop_vcn = 0;
1328 		/* Terminator byte. */
1329 		*dst = 0;
1330 		return 0;
1331 	}
1332 	/* Skip to runlist element containing @first_vcn. */
1333 	while (rl->length && first_vcn >= rl[1].vcn)
1334 		rl++;
1335 	if (unlikely((!rl->length && first_vcn > rl->vcn) ||
1336 			first_vcn < rl->vcn))
1337 		return -EINVAL;
1338 	/*
1339 	 * @dst_max is used for bounds checking in
1340 	 * ntfs_write_significant_bytes().
1341 	 */
1342 	dst_max = dst + dst_len - 1;
1343 	prev_lcn = 0;
1344 	/* Do the first partial run if present. */
1345 	if (first_vcn > rl->vcn) {
1346 		s64 delta, length = rl->length;
1347 
1348 		/* We know rl->length != 0 already. */
1349 		if (unlikely(length < 0 || rl->lcn < LCN_HOLE))
1350 			goto err_out;
1351 		/*
1352 		 * If @stop_vcn is given and finishes inside this run, cap the
1353 		 * run length.
1354 		 */
1355 		if (unlikely(last_vcn >= 0 && rl[1].vcn > last_vcn)) {
1356 			s64 s1 = last_vcn + 1;
1357 			if (unlikely(rl[1].vcn > s1))
1358 				length = s1 - rl->vcn;
1359 			the_end = true;
1360 		}
1361 		delta = first_vcn - rl->vcn;
1362 		/* Write length. */
1363 		len_len = ntfs_write_significant_bytes(dst + 1, dst_max,
1364 				length - delta);
1365 		if (unlikely(len_len < 0))
1366 			goto size_err;
1367 		/*
1368 		 * If the logical cluster number (lcn) denotes a hole and we
1369 		 * are on NTFS 3.0+, we don't store it at all, i.e. we need
1370 		 * zero space.  On earlier NTFS versions we just write the lcn
1371 		 * change.  FIXME: Do we need to write the lcn change or just
1372 		 * the lcn in that case?  Not sure as I have never seen this
1373 		 * case on NT4. - We assume that we just need to write the lcn
1374 		 * change until someone tells us otherwise... (AIA)
1375 		 */
1376 		if (likely(rl->lcn >= 0 || vol->major_ver < 3)) {
1377 			prev_lcn = rl->lcn;
1378 			if (likely(rl->lcn >= 0))
1379 				prev_lcn += delta;
1380 			/* Write change in lcn. */
1381 			lcn_len = ntfs_write_significant_bytes(dst + 1 +
1382 					len_len, dst_max, prev_lcn);
1383 			if (unlikely(lcn_len < 0))
1384 				goto size_err;
1385 		} else
1386 			lcn_len = 0;
1387 		dst_next = dst + len_len + lcn_len + 1;
1388 		if (unlikely(dst_next > dst_max))
1389 			goto size_err;
1390 		/* Update header byte. */
1391 		*dst = lcn_len << 4 | len_len;
1392 		/* Position at next mapping pairs array element. */
1393 		dst = dst_next;
1394 		/* Go to next runlist element. */
1395 		rl++;
1396 	}
1397 	/* Do the full runs. */
1398 	for (; rl->length && !the_end; rl++) {
1399 		s64 length = rl->length;
1400 
1401 		if (unlikely(length < 0 || rl->lcn < LCN_HOLE))
1402 			goto err_out;
1403 		/*
1404 		 * If @stop_vcn is given and finishes inside this run, cap the
1405 		 * run length.
1406 		 */
1407 		if (unlikely(last_vcn >= 0 && rl[1].vcn > last_vcn)) {
1408 			s64 s1 = last_vcn + 1;
1409 			if (unlikely(rl[1].vcn > s1))
1410 				length = s1 - rl->vcn;
1411 			the_end = true;
1412 		}
1413 		/* Write length. */
1414 		len_len = ntfs_write_significant_bytes(dst + 1, dst_max,
1415 				length);
1416 		if (unlikely(len_len < 0))
1417 			goto size_err;
1418 		/*
1419 		 * If the logical cluster number (lcn) denotes a hole and we
1420 		 * are on NTFS 3.0+, we don't store it at all, i.e. we need
1421 		 * zero space.  On earlier NTFS versions we just write the lcn
1422 		 * change.  FIXME: Do we need to write the lcn change or just
1423 		 * the lcn in that case?  Not sure as I have never seen this
1424 		 * case on NT4. - We assume that we just need to write the lcn
1425 		 * change until someone tells us otherwise... (AIA)
1426 		 */
1427 		if (likely(rl->lcn >= 0 || vol->major_ver < 3)) {
1428 			/* Write change in lcn. */
1429 			lcn_len = ntfs_write_significant_bytes(dst + 1 +
1430 					len_len, dst_max, rl->lcn - prev_lcn);
1431 			if (unlikely(lcn_len < 0))
1432 				goto size_err;
1433 			prev_lcn = rl->lcn;
1434 		} else
1435 			lcn_len = 0;
1436 		dst_next = dst + len_len + lcn_len + 1;
1437 		if (unlikely(dst_next > dst_max))
1438 			goto size_err;
1439 		/* Update header byte. */
1440 		*dst = lcn_len << 4 | len_len;
1441 		/* Position at next mapping pairs array element. */
1442 		dst = dst_next;
1443 	}
1444 	/* Success. */
1445 	err = 0;
1446 size_err:
1447 	/* Set stop vcn. */
1448 	if (stop_vcn)
1449 		*stop_vcn = rl->vcn;
1450 	/* Add terminator byte. */
1451 	*dst = 0;
1452 	return err;
1453 err_out:
1454 	if (rl->lcn == LCN_RL_NOT_MAPPED)
1455 		err = -EINVAL;
1456 	else
1457 		err = -EIO;
1458 	return err;
1459 }
1460 
1461 /**
1462  * ntfs_rl_truncate_nolock - truncate a runlist starting at a specified vcn
1463  * @vol:	ntfs volume (needed for error output)
1464  * @runlist:	runlist to truncate
1465  * @new_length:	the new length of the runlist in VCNs
1466  *
1467  * Truncate the runlist described by @runlist as well as the memory buffer
1468  * holding the runlist elements to a length of @new_length VCNs.
1469  *
1470  * If @new_length lies within the runlist, the runlist elements with VCNs of
1471  * @new_length and above are discarded.  As a special case if @new_length is
1472  * zero, the runlist is discarded and set to NULL.
1473  *
1474  * If @new_length lies beyond the runlist, a sparse runlist element is added to
1475  * the end of the runlist @runlist or if the last runlist element is a sparse
1476  * one already, this is extended.
1477  *
1478  * Note, no checking is done for unmapped runlist elements.  It is assumed that
1479  * the caller has mapped any elements that need to be mapped already.
1480  *
1481  * Return 0 on success and -errno on error.
1482  *
1483  * Locking: The caller must hold @runlist->lock for writing.
1484  */
ntfs_rl_truncate_nolock(const ntfs_volume * vol,runlist * const runlist,const s64 new_length)1485 int ntfs_rl_truncate_nolock(const ntfs_volume *vol, runlist *const runlist,
1486 		const s64 new_length)
1487 {
1488 	runlist_element *rl;
1489 	int old_size;
1490 
1491 	ntfs_debug("Entering for new_length 0x%llx.", (long long)new_length);
1492 	BUG_ON(!runlist);
1493 	BUG_ON(new_length < 0);
1494 	rl = runlist->rl;
1495 	if (!new_length) {
1496 		ntfs_debug("Freeing runlist.");
1497 		runlist->rl = NULL;
1498 		if (rl)
1499 			ntfs_free(rl);
1500 		return 0;
1501 	}
1502 	if (unlikely(!rl)) {
1503 		/*
1504 		 * Create a runlist consisting of a sparse runlist element of
1505 		 * length @new_length followed by a terminator runlist element.
1506 		 */
1507 		rl = ntfs_malloc_nofs(PAGE_SIZE);
1508 		if (unlikely(!rl)) {
1509 			ntfs_error(vol->sb, "Not enough memory to allocate "
1510 					"runlist element buffer.");
1511 			return -ENOMEM;
1512 		}
1513 		runlist->rl = rl;
1514 		rl[1].length = rl->vcn = 0;
1515 		rl->lcn = LCN_HOLE;
1516 		rl[1].vcn = rl->length = new_length;
1517 		rl[1].lcn = LCN_ENOENT;
1518 		return 0;
1519 	}
1520 	BUG_ON(new_length < rl->vcn);
1521 	/* Find @new_length in the runlist. */
1522 	while (likely(rl->length && new_length >= rl[1].vcn))
1523 		rl++;
1524 	/*
1525 	 * If not at the end of the runlist we need to shrink it.
1526 	 * If at the end of the runlist we need to expand it.
1527 	 */
1528 	if (rl->length) {
1529 		runlist_element *trl;
1530 		bool is_end;
1531 
1532 		ntfs_debug("Shrinking runlist.");
1533 		/* Determine the runlist size. */
1534 		trl = rl + 1;
1535 		while (likely(trl->length))
1536 			trl++;
1537 		old_size = trl - runlist->rl + 1;
1538 		/* Truncate the run. */
1539 		rl->length = new_length - rl->vcn;
1540 		/*
1541 		 * If a run was partially truncated, make the following runlist
1542 		 * element a terminator.
1543 		 */
1544 		is_end = false;
1545 		if (rl->length) {
1546 			rl++;
1547 			if (!rl->length)
1548 				is_end = true;
1549 			rl->vcn = new_length;
1550 			rl->length = 0;
1551 		}
1552 		rl->lcn = LCN_ENOENT;
1553 		/* Reallocate memory if necessary. */
1554 		if (!is_end) {
1555 			int new_size = rl - runlist->rl + 1;
1556 			rl = ntfs_rl_realloc(runlist->rl, old_size, new_size);
1557 			if (IS_ERR(rl))
1558 				ntfs_warning(vol->sb, "Failed to shrink "
1559 						"runlist buffer.  This just "
1560 						"wastes a bit of memory "
1561 						"temporarily so we ignore it "
1562 						"and return success.");
1563 			else
1564 				runlist->rl = rl;
1565 		}
1566 	} else if (likely(/* !rl->length && */ new_length > rl->vcn)) {
1567 		ntfs_debug("Expanding runlist.");
1568 		/*
1569 		 * If there is a previous runlist element and it is a sparse
1570 		 * one, extend it.  Otherwise need to add a new, sparse runlist
1571 		 * element.
1572 		 */
1573 		if ((rl > runlist->rl) && ((rl - 1)->lcn == LCN_HOLE))
1574 			(rl - 1)->length = new_length - (rl - 1)->vcn;
1575 		else {
1576 			/* Determine the runlist size. */
1577 			old_size = rl - runlist->rl + 1;
1578 			/* Reallocate memory if necessary. */
1579 			rl = ntfs_rl_realloc(runlist->rl, old_size,
1580 					old_size + 1);
1581 			if (IS_ERR(rl)) {
1582 				ntfs_error(vol->sb, "Failed to expand runlist "
1583 						"buffer, aborting.");
1584 				return PTR_ERR(rl);
1585 			}
1586 			runlist->rl = rl;
1587 			/*
1588 			 * Set @rl to the same runlist element in the new
1589 			 * runlist as before in the old runlist.
1590 			 */
1591 			rl += old_size - 1;
1592 			/* Add a new, sparse runlist element. */
1593 			rl->lcn = LCN_HOLE;
1594 			rl->length = new_length - rl->vcn;
1595 			/* Add a new terminator runlist element. */
1596 			rl++;
1597 			rl->length = 0;
1598 		}
1599 		rl->vcn = new_length;
1600 		rl->lcn = LCN_ENOENT;
1601 	} else /* if (unlikely(!rl->length && new_length == rl->vcn)) */ {
1602 		/* Runlist already has same size as requested. */
1603 		rl->lcn = LCN_ENOENT;
1604 	}
1605 	ntfs_debug("Done.");
1606 	return 0;
1607 }
1608 
1609 /**
1610  * ntfs_rl_punch_nolock - punch a hole into a runlist
1611  * @vol:	ntfs volume (needed for error output)
1612  * @runlist:	runlist to punch a hole into
1613  * @start:	starting VCN of the hole to be created
1614  * @length:	size of the hole to be created in units of clusters
1615  *
1616  * Punch a hole into the runlist @runlist starting at VCN @start and of size
1617  * @length clusters.
1618  *
1619  * Return 0 on success and -errno on error, in which case @runlist has not been
1620  * modified.
1621  *
1622  * If @start and/or @start + @length are outside the runlist return error code
1623  * -ENOENT.
1624  *
1625  * If the runlist contains unmapped or error elements between @start and @start
1626  * + @length return error code -EINVAL.
1627  *
1628  * Locking: The caller must hold @runlist->lock for writing.
1629  */
ntfs_rl_punch_nolock(const ntfs_volume * vol,runlist * const runlist,const VCN start,const s64 length)1630 int ntfs_rl_punch_nolock(const ntfs_volume *vol, runlist *const runlist,
1631 		const VCN start, const s64 length)
1632 {
1633 	const VCN end = start + length;
1634 	s64 delta;
1635 	runlist_element *rl, *rl_end, *rl_real_end, *trl;
1636 	int old_size;
1637 	bool lcn_fixup = false;
1638 
1639 	ntfs_debug("Entering for start 0x%llx, length 0x%llx.",
1640 			(long long)start, (long long)length);
1641 	BUG_ON(!runlist);
1642 	BUG_ON(start < 0);
1643 	BUG_ON(length < 0);
1644 	BUG_ON(end < 0);
1645 	rl = runlist->rl;
1646 	if (unlikely(!rl)) {
1647 		if (likely(!start && !length))
1648 			return 0;
1649 		return -ENOENT;
1650 	}
1651 	/* Find @start in the runlist. */
1652 	while (likely(rl->length && start >= rl[1].vcn))
1653 		rl++;
1654 	rl_end = rl;
1655 	/* Find @end in the runlist. */
1656 	while (likely(rl_end->length && end >= rl_end[1].vcn)) {
1657 		/* Verify there are no unmapped or error elements. */
1658 		if (unlikely(rl_end->lcn < LCN_HOLE))
1659 			return -EINVAL;
1660 		rl_end++;
1661 	}
1662 	/* Check the last element. */
1663 	if (unlikely(rl_end->length && rl_end->lcn < LCN_HOLE))
1664 		return -EINVAL;
1665 	/* This covers @start being out of bounds, too. */
1666 	if (!rl_end->length && end > rl_end->vcn)
1667 		return -ENOENT;
1668 	if (!length)
1669 		return 0;
1670 	if (!rl->length)
1671 		return -ENOENT;
1672 	rl_real_end = rl_end;
1673 	/* Determine the runlist size. */
1674 	while (likely(rl_real_end->length))
1675 		rl_real_end++;
1676 	old_size = rl_real_end - runlist->rl + 1;
1677 	/* If @start is in a hole simply extend the hole. */
1678 	if (rl->lcn == LCN_HOLE) {
1679 		/*
1680 		 * If both @start and @end are in the same sparse run, we are
1681 		 * done.
1682 		 */
1683 		if (end <= rl[1].vcn) {
1684 			ntfs_debug("Done (requested hole is already sparse).");
1685 			return 0;
1686 		}
1687 extend_hole:
1688 		/* Extend the hole. */
1689 		rl->length = end - rl->vcn;
1690 		/* If @end is in a hole, merge it with the current one. */
1691 		if (rl_end->lcn == LCN_HOLE) {
1692 			rl_end++;
1693 			rl->length = rl_end->vcn - rl->vcn;
1694 		}
1695 		/* We have done the hole.  Now deal with the remaining tail. */
1696 		rl++;
1697 		/* Cut out all runlist elements up to @end. */
1698 		if (rl < rl_end)
1699 			memmove(rl, rl_end, (rl_real_end - rl_end + 1) *
1700 					sizeof(*rl));
1701 		/* Adjust the beginning of the tail if necessary. */
1702 		if (end > rl->vcn) {
1703 			delta = end - rl->vcn;
1704 			rl->vcn = end;
1705 			rl->length -= delta;
1706 			/* Only adjust the lcn if it is real. */
1707 			if (rl->lcn >= 0)
1708 				rl->lcn += delta;
1709 		}
1710 shrink_allocation:
1711 		/* Reallocate memory if the allocation changed. */
1712 		if (rl < rl_end) {
1713 			rl = ntfs_rl_realloc(runlist->rl, old_size,
1714 					old_size - (rl_end - rl));
1715 			if (IS_ERR(rl))
1716 				ntfs_warning(vol->sb, "Failed to shrink "
1717 						"runlist buffer.  This just "
1718 						"wastes a bit of memory "
1719 						"temporarily so we ignore it "
1720 						"and return success.");
1721 			else
1722 				runlist->rl = rl;
1723 		}
1724 		ntfs_debug("Done (extend hole).");
1725 		return 0;
1726 	}
1727 	/*
1728 	 * If @start is at the beginning of a run things are easier as there is
1729 	 * no need to split the first run.
1730 	 */
1731 	if (start == rl->vcn) {
1732 		/*
1733 		 * @start is at the beginning of a run.
1734 		 *
1735 		 * If the previous run is sparse, extend its hole.
1736 		 *
1737 		 * If @end is not in the same run, switch the run to be sparse
1738 		 * and extend the newly created hole.
1739 		 *
1740 		 * Thus both of these cases reduce the problem to the above
1741 		 * case of "@start is in a hole".
1742 		 */
1743 		if (rl > runlist->rl && (rl - 1)->lcn == LCN_HOLE) {
1744 			rl--;
1745 			goto extend_hole;
1746 		}
1747 		if (end >= rl[1].vcn) {
1748 			rl->lcn = LCN_HOLE;
1749 			goto extend_hole;
1750 		}
1751 		/*
1752 		 * The final case is when @end is in the same run as @start.
1753 		 * For this need to split the run into two.  One run for the
1754 		 * sparse region between the beginning of the old run, i.e.
1755 		 * @start, and @end and one for the remaining non-sparse
1756 		 * region, i.e. between @end and the end of the old run.
1757 		 */
1758 		trl = ntfs_rl_realloc(runlist->rl, old_size, old_size + 1);
1759 		if (IS_ERR(trl))
1760 			goto enomem_out;
1761 		old_size++;
1762 		if (runlist->rl != trl) {
1763 			rl = trl + (rl - runlist->rl);
1764 			rl_end = trl + (rl_end - runlist->rl);
1765 			rl_real_end = trl + (rl_real_end - runlist->rl);
1766 			runlist->rl = trl;
1767 		}
1768 split_end:
1769 		/* Shift all the runs up by one. */
1770 		memmove(rl + 1, rl, (rl_real_end - rl + 1) * sizeof(*rl));
1771 		/* Finally, setup the two split runs. */
1772 		rl->lcn = LCN_HOLE;
1773 		rl->length = length;
1774 		rl++;
1775 		rl->vcn += length;
1776 		/* Only adjust the lcn if it is real. */
1777 		if (rl->lcn >= 0 || lcn_fixup)
1778 			rl->lcn += length;
1779 		rl->length -= length;
1780 		ntfs_debug("Done (split one).");
1781 		return 0;
1782 	}
1783 	/*
1784 	 * @start is neither in a hole nor at the beginning of a run.
1785 	 *
1786 	 * If @end is in a hole, things are easier as simply truncating the run
1787 	 * @start is in to end at @start - 1, deleting all runs after that up
1788 	 * to @end, and finally extending the beginning of the run @end is in
1789 	 * to be @start is all that is needed.
1790 	 */
1791 	if (rl_end->lcn == LCN_HOLE) {
1792 		/* Truncate the run containing @start. */
1793 		rl->length = start - rl->vcn;
1794 		rl++;
1795 		/* Cut out all runlist elements up to @end. */
1796 		if (rl < rl_end)
1797 			memmove(rl, rl_end, (rl_real_end - rl_end + 1) *
1798 					sizeof(*rl));
1799 		/* Extend the beginning of the run @end is in to be @start. */
1800 		rl->vcn = start;
1801 		rl->length = rl[1].vcn - start;
1802 		goto shrink_allocation;
1803 	}
1804 	/*
1805 	 * If @end is not in a hole there are still two cases to distinguish.
1806 	 * Either @end is or is not in the same run as @start.
1807 	 *
1808 	 * The second case is easier as it can be reduced to an already solved
1809 	 * problem by truncating the run @start is in to end at @start - 1.
1810 	 * Then, if @end is in the next run need to split the run into a sparse
1811 	 * run followed by a non-sparse run (already covered above) and if @end
1812 	 * is not in the next run switching it to be sparse, again reduces the
1813 	 * problem to the already covered case of "@start is in a hole".
1814 	 */
1815 	if (end >= rl[1].vcn) {
1816 		/*
1817 		 * If @end is not in the next run, reduce the problem to the
1818 		 * case of "@start is in a hole".
1819 		 */
1820 		if (rl[1].length && end >= rl[2].vcn) {
1821 			/* Truncate the run containing @start. */
1822 			rl->length = start - rl->vcn;
1823 			rl++;
1824 			rl->vcn = start;
1825 			rl->lcn = LCN_HOLE;
1826 			goto extend_hole;
1827 		}
1828 		trl = ntfs_rl_realloc(runlist->rl, old_size, old_size + 1);
1829 		if (IS_ERR(trl))
1830 			goto enomem_out;
1831 		old_size++;
1832 		if (runlist->rl != trl) {
1833 			rl = trl + (rl - runlist->rl);
1834 			rl_end = trl + (rl_end - runlist->rl);
1835 			rl_real_end = trl + (rl_real_end - runlist->rl);
1836 			runlist->rl = trl;
1837 		}
1838 		/* Truncate the run containing @start. */
1839 		rl->length = start - rl->vcn;
1840 		rl++;
1841 		/*
1842 		 * @end is in the next run, reduce the problem to the case
1843 		 * where "@start is at the beginning of a run and @end is in
1844 		 * the same run as @start".
1845 		 */
1846 		delta = rl->vcn - start;
1847 		rl->vcn = start;
1848 		if (rl->lcn >= 0) {
1849 			rl->lcn -= delta;
1850 			/* Need this in case the lcn just became negative. */
1851 			lcn_fixup = true;
1852 		}
1853 		rl->length += delta;
1854 		goto split_end;
1855 	}
1856 	/*
1857 	 * The first case from above, i.e. @end is in the same run as @start.
1858 	 * We need to split the run into three.  One run for the non-sparse
1859 	 * region between the beginning of the old run and @start, one for the
1860 	 * sparse region between @start and @end, and one for the remaining
1861 	 * non-sparse region, i.e. between @end and the end of the old run.
1862 	 */
1863 	trl = ntfs_rl_realloc(runlist->rl, old_size, old_size + 2);
1864 	if (IS_ERR(trl))
1865 		goto enomem_out;
1866 	old_size += 2;
1867 	if (runlist->rl != trl) {
1868 		rl = trl + (rl - runlist->rl);
1869 		rl_end = trl + (rl_end - runlist->rl);
1870 		rl_real_end = trl + (rl_real_end - runlist->rl);
1871 		runlist->rl = trl;
1872 	}
1873 	/* Shift all the runs up by two. */
1874 	memmove(rl + 2, rl, (rl_real_end - rl + 1) * sizeof(*rl));
1875 	/* Finally, setup the three split runs. */
1876 	rl->length = start - rl->vcn;
1877 	rl++;
1878 	rl->vcn = start;
1879 	rl->lcn = LCN_HOLE;
1880 	rl->length = length;
1881 	rl++;
1882 	delta = end - rl->vcn;
1883 	rl->vcn = end;
1884 	rl->lcn += delta;
1885 	rl->length -= delta;
1886 	ntfs_debug("Done (split both).");
1887 	return 0;
1888 enomem_out:
1889 	ntfs_error(vol->sb, "Not enough memory to extend runlist buffer.");
1890 	return -ENOMEM;
1891 }
1892 
1893 #endif /* NTFS_RW */
1894