1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  * super.c - NTFS kernel super block handling. Part of the Linux-NTFS project.
4  *
5  * Copyright (c) 2001-2012 Anton Altaparmakov and Tuxera Inc.
6  * Copyright (c) 2001,2002 Richard Russon
7  */
8 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
9 
10 #include <linux/stddef.h>
11 #include <linux/init.h>
12 #include <linux/slab.h>
13 #include <linux/string.h>
14 #include <linux/spinlock.h>
15 #include <linux/blkdev.h>	/* For bdev_logical_block_size(). */
16 #include <linux/backing-dev.h>
17 #include <linux/buffer_head.h>
18 #include <linux/vfs.h>
19 #include <linux/moduleparam.h>
20 #include <linux/bitmap.h>
21 
22 #include "sysctl.h"
23 #include "logfile.h"
24 #include "quota.h"
25 #include "usnjrnl.h"
26 #include "dir.h"
27 #include "debug.h"
28 #include "index.h"
29 #include "inode.h"
30 #include "aops.h"
31 #include "layout.h"
32 #include "malloc.h"
33 #include "ntfs.h"
34 
35 /* Number of mounted filesystems which have compression enabled. */
36 static unsigned long ntfs_nr_compression_users;
37 
38 /* A global default upcase table and a corresponding reference count. */
39 static ntfschar *default_upcase;
40 static unsigned long ntfs_nr_upcase_users;
41 
42 /* Error constants/strings used in inode.c::ntfs_show_options(). */
43 typedef enum {
44 	/* One of these must be present, default is ON_ERRORS_CONTINUE. */
45 	ON_ERRORS_PANIC			= 0x01,
46 	ON_ERRORS_REMOUNT_RO		= 0x02,
47 	ON_ERRORS_CONTINUE		= 0x04,
48 	/* Optional, can be combined with any of the above. */
49 	ON_ERRORS_RECOVER		= 0x10,
50 } ON_ERRORS_ACTIONS;
51 
52 const option_t on_errors_arr[] = {
53 	{ ON_ERRORS_PANIC,	"panic" },
54 	{ ON_ERRORS_REMOUNT_RO,	"remount-ro", },
55 	{ ON_ERRORS_CONTINUE,	"continue", },
56 	{ ON_ERRORS_RECOVER,	"recover" },
57 	{ 0,			NULL }
58 };
59 
60 /**
61  * simple_getbool - convert input string to a boolean value
62  * @s: input string to convert
63  * @setval: where to store the output boolean value
64  *
65  * Copied from old ntfs driver (which copied from vfat driver).
66  *
67  * "1", "yes", "true", or an empty string are converted to %true.
68  * "0", "no", and "false" are converted to %false.
69  *
70  * Return: %1 if the string is converted or was empty and *setval contains it;
71  *	   %0 if the string was not valid.
72  */
simple_getbool(char * s,bool * setval)73 static int simple_getbool(char *s, bool *setval)
74 {
75 	if (s) {
76 		if (!strcmp(s, "1") || !strcmp(s, "yes") || !strcmp(s, "true"))
77 			*setval = true;
78 		else if (!strcmp(s, "0") || !strcmp(s, "no") ||
79 							!strcmp(s, "false"))
80 			*setval = false;
81 		else
82 			return 0;
83 	} else
84 		*setval = true;
85 	return 1;
86 }
87 
88 /**
89  * parse_options - parse the (re)mount options
90  * @vol:	ntfs volume
91  * @opt:	string containing the (re)mount options
92  *
93  * Parse the recognized options in @opt for the ntfs volume described by @vol.
94  */
parse_options(ntfs_volume * vol,char * opt)95 static bool parse_options(ntfs_volume *vol, char *opt)
96 {
97 	char *p, *v, *ov;
98 	static char *utf8 = "utf8";
99 	int errors = 0, sloppy = 0;
100 	kuid_t uid = INVALID_UID;
101 	kgid_t gid = INVALID_GID;
102 	umode_t fmask = (umode_t)-1, dmask = (umode_t)-1;
103 	int mft_zone_multiplier = -1, on_errors = -1;
104 	int show_sys_files = -1, case_sensitive = -1, disable_sparse = -1;
105 	struct nls_table *nls_map = NULL, *old_nls;
106 
107 	/* I am lazy... (-8 */
108 #define NTFS_GETOPT_WITH_DEFAULT(option, variable, default_value)	\
109 	if (!strcmp(p, option)) {					\
110 		if (!v || !*v)						\
111 			variable = default_value;			\
112 		else {							\
113 			variable = simple_strtoul(ov = v, &v, 0);	\
114 			if (*v)						\
115 				goto needs_val;				\
116 		}							\
117 	}
118 #define NTFS_GETOPT(option, variable)					\
119 	if (!strcmp(p, option)) {					\
120 		if (!v || !*v)						\
121 			goto needs_arg;					\
122 		variable = simple_strtoul(ov = v, &v, 0);		\
123 		if (*v)							\
124 			goto needs_val;					\
125 	}
126 #define NTFS_GETOPT_UID(option, variable)				\
127 	if (!strcmp(p, option)) {					\
128 		uid_t uid_value;					\
129 		if (!v || !*v)						\
130 			goto needs_arg;					\
131 		uid_value = simple_strtoul(ov = v, &v, 0);		\
132 		if (*v)							\
133 			goto needs_val;					\
134 		variable = make_kuid(current_user_ns(), uid_value);	\
135 		if (!uid_valid(variable))				\
136 			goto needs_val;					\
137 	}
138 #define NTFS_GETOPT_GID(option, variable)				\
139 	if (!strcmp(p, option)) {					\
140 		gid_t gid_value;					\
141 		if (!v || !*v)						\
142 			goto needs_arg;					\
143 		gid_value = simple_strtoul(ov = v, &v, 0);		\
144 		if (*v)							\
145 			goto needs_val;					\
146 		variable = make_kgid(current_user_ns(), gid_value);	\
147 		if (!gid_valid(variable))				\
148 			goto needs_val;					\
149 	}
150 #define NTFS_GETOPT_OCTAL(option, variable)				\
151 	if (!strcmp(p, option)) {					\
152 		if (!v || !*v)						\
153 			goto needs_arg;					\
154 		variable = simple_strtoul(ov = v, &v, 8);		\
155 		if (*v)							\
156 			goto needs_val;					\
157 	}
158 #define NTFS_GETOPT_BOOL(option, variable)				\
159 	if (!strcmp(p, option)) {					\
160 		bool val;						\
161 		if (!simple_getbool(v, &val))				\
162 			goto needs_bool;				\
163 		variable = val;						\
164 	}
165 #define NTFS_GETOPT_OPTIONS_ARRAY(option, variable, opt_array)		\
166 	if (!strcmp(p, option)) {					\
167 		int _i;							\
168 		if (!v || !*v)						\
169 			goto needs_arg;					\
170 		ov = v;							\
171 		if (variable == -1)					\
172 			variable = 0;					\
173 		for (_i = 0; opt_array[_i].str && *opt_array[_i].str; _i++) \
174 			if (!strcmp(opt_array[_i].str, v)) {		\
175 				variable |= opt_array[_i].val;		\
176 				break;					\
177 			}						\
178 		if (!opt_array[_i].str || !*opt_array[_i].str)		\
179 			goto needs_val;					\
180 	}
181 	if (!opt || !*opt)
182 		goto no_mount_options;
183 	ntfs_debug("Entering with mount options string: %s", opt);
184 	while ((p = strsep(&opt, ","))) {
185 		if ((v = strchr(p, '=')))
186 			*v++ = 0;
187 		NTFS_GETOPT_UID("uid", uid)
188 		else NTFS_GETOPT_GID("gid", gid)
189 		else NTFS_GETOPT_OCTAL("umask", fmask = dmask)
190 		else NTFS_GETOPT_OCTAL("fmask", fmask)
191 		else NTFS_GETOPT_OCTAL("dmask", dmask)
192 		else NTFS_GETOPT("mft_zone_multiplier", mft_zone_multiplier)
193 		else NTFS_GETOPT_WITH_DEFAULT("sloppy", sloppy, true)
194 		else NTFS_GETOPT_BOOL("show_sys_files", show_sys_files)
195 		else NTFS_GETOPT_BOOL("case_sensitive", case_sensitive)
196 		else NTFS_GETOPT_BOOL("disable_sparse", disable_sparse)
197 		else NTFS_GETOPT_OPTIONS_ARRAY("errors", on_errors,
198 				on_errors_arr)
199 		else if (!strcmp(p, "posix") || !strcmp(p, "show_inodes"))
200 			ntfs_warning(vol->sb, "Ignoring obsolete option %s.",
201 					p);
202 		else if (!strcmp(p, "nls") || !strcmp(p, "iocharset")) {
203 			if (!strcmp(p, "iocharset"))
204 				ntfs_warning(vol->sb, "Option iocharset is "
205 						"deprecated. Please use "
206 						"option nls=<charsetname> in "
207 						"the future.");
208 			if (!v || !*v)
209 				goto needs_arg;
210 use_utf8:
211 			old_nls = nls_map;
212 			nls_map = load_nls(v);
213 			if (!nls_map) {
214 				if (!old_nls) {
215 					ntfs_error(vol->sb, "NLS character set "
216 							"%s not found.", v);
217 					return false;
218 				}
219 				ntfs_error(vol->sb, "NLS character set %s not "
220 						"found. Using previous one %s.",
221 						v, old_nls->charset);
222 				nls_map = old_nls;
223 			} else /* nls_map */ {
224 				unload_nls(old_nls);
225 			}
226 		} else if (!strcmp(p, "utf8")) {
227 			bool val = false;
228 			ntfs_warning(vol->sb, "Option utf8 is no longer "
229 				   "supported, using option nls=utf8. Please "
230 				   "use option nls=utf8 in the future and "
231 				   "make sure utf8 is compiled either as a "
232 				   "module or into the kernel.");
233 			if (!v || !*v)
234 				val = true;
235 			else if (!simple_getbool(v, &val))
236 				goto needs_bool;
237 			if (val) {
238 				v = utf8;
239 				goto use_utf8;
240 			}
241 		} else {
242 			ntfs_error(vol->sb, "Unrecognized mount option %s.", p);
243 			if (errors < INT_MAX)
244 				errors++;
245 		}
246 #undef NTFS_GETOPT_OPTIONS_ARRAY
247 #undef NTFS_GETOPT_BOOL
248 #undef NTFS_GETOPT
249 #undef NTFS_GETOPT_WITH_DEFAULT
250 	}
251 no_mount_options:
252 	if (errors && !sloppy)
253 		return false;
254 	if (sloppy)
255 		ntfs_warning(vol->sb, "Sloppy option given. Ignoring "
256 				"unrecognized mount option(s) and continuing.");
257 	/* Keep this first! */
258 	if (on_errors != -1) {
259 		if (!on_errors) {
260 			ntfs_error(vol->sb, "Invalid errors option argument "
261 					"or bug in options parser.");
262 			return false;
263 		}
264 	}
265 	if (nls_map) {
266 		if (vol->nls_map && vol->nls_map != nls_map) {
267 			ntfs_error(vol->sb, "Cannot change NLS character set "
268 					"on remount.");
269 			return false;
270 		} /* else (!vol->nls_map) */
271 		ntfs_debug("Using NLS character set %s.", nls_map->charset);
272 		vol->nls_map = nls_map;
273 	} else /* (!nls_map) */ {
274 		if (!vol->nls_map) {
275 			vol->nls_map = load_nls_default();
276 			if (!vol->nls_map) {
277 				ntfs_error(vol->sb, "Failed to load default "
278 						"NLS character set.");
279 				return false;
280 			}
281 			ntfs_debug("Using default NLS character set (%s).",
282 					vol->nls_map->charset);
283 		}
284 	}
285 	if (mft_zone_multiplier != -1) {
286 		if (vol->mft_zone_multiplier && vol->mft_zone_multiplier !=
287 				mft_zone_multiplier) {
288 			ntfs_error(vol->sb, "Cannot change mft_zone_multiplier "
289 					"on remount.");
290 			return false;
291 		}
292 		if (mft_zone_multiplier < 1 || mft_zone_multiplier > 4) {
293 			ntfs_error(vol->sb, "Invalid mft_zone_multiplier. "
294 					"Using default value, i.e. 1.");
295 			mft_zone_multiplier = 1;
296 		}
297 		vol->mft_zone_multiplier = mft_zone_multiplier;
298 	}
299 	if (!vol->mft_zone_multiplier)
300 		vol->mft_zone_multiplier = 1;
301 	if (on_errors != -1)
302 		vol->on_errors = on_errors;
303 	if (!vol->on_errors || vol->on_errors == ON_ERRORS_RECOVER)
304 		vol->on_errors |= ON_ERRORS_CONTINUE;
305 	if (uid_valid(uid))
306 		vol->uid = uid;
307 	if (gid_valid(gid))
308 		vol->gid = gid;
309 	if (fmask != (umode_t)-1)
310 		vol->fmask = fmask;
311 	if (dmask != (umode_t)-1)
312 		vol->dmask = dmask;
313 	if (show_sys_files != -1) {
314 		if (show_sys_files)
315 			NVolSetShowSystemFiles(vol);
316 		else
317 			NVolClearShowSystemFiles(vol);
318 	}
319 	if (case_sensitive != -1) {
320 		if (case_sensitive)
321 			NVolSetCaseSensitive(vol);
322 		else
323 			NVolClearCaseSensitive(vol);
324 	}
325 	if (disable_sparse != -1) {
326 		if (disable_sparse)
327 			NVolClearSparseEnabled(vol);
328 		else {
329 			if (!NVolSparseEnabled(vol) &&
330 					vol->major_ver && vol->major_ver < 3)
331 				ntfs_warning(vol->sb, "Not enabling sparse "
332 						"support due to NTFS volume "
333 						"version %i.%i (need at least "
334 						"version 3.0).", vol->major_ver,
335 						vol->minor_ver);
336 			else
337 				NVolSetSparseEnabled(vol);
338 		}
339 	}
340 	return true;
341 needs_arg:
342 	ntfs_error(vol->sb, "The %s option requires an argument.", p);
343 	return false;
344 needs_bool:
345 	ntfs_error(vol->sb, "The %s option requires a boolean argument.", p);
346 	return false;
347 needs_val:
348 	ntfs_error(vol->sb, "Invalid %s option argument: %s", p, ov);
349 	return false;
350 }
351 
352 #ifdef NTFS_RW
353 
354 /**
355  * ntfs_write_volume_flags - write new flags to the volume information flags
356  * @vol:	ntfs volume on which to modify the flags
357  * @flags:	new flags value for the volume information flags
358  *
359  * Internal function.  You probably want to use ntfs_{set,clear}_volume_flags()
360  * instead (see below).
361  *
362  * Replace the volume information flags on the volume @vol with the value
363  * supplied in @flags.  Note, this overwrites the volume information flags, so
364  * make sure to combine the flags you want to modify with the old flags and use
365  * the result when calling ntfs_write_volume_flags().
366  *
367  * Return 0 on success and -errno on error.
368  */
ntfs_write_volume_flags(ntfs_volume * vol,const VOLUME_FLAGS flags)369 static int ntfs_write_volume_flags(ntfs_volume *vol, const VOLUME_FLAGS flags)
370 {
371 	ntfs_inode *ni = NTFS_I(vol->vol_ino);
372 	MFT_RECORD *m;
373 	VOLUME_INFORMATION *vi;
374 	ntfs_attr_search_ctx *ctx;
375 	int err;
376 
377 	ntfs_debug("Entering, old flags = 0x%x, new flags = 0x%x.",
378 			le16_to_cpu(vol->vol_flags), le16_to_cpu(flags));
379 	if (vol->vol_flags == flags)
380 		goto done;
381 	BUG_ON(!ni);
382 	m = map_mft_record(ni);
383 	if (IS_ERR(m)) {
384 		err = PTR_ERR(m);
385 		goto err_out;
386 	}
387 	ctx = ntfs_attr_get_search_ctx(ni, m);
388 	if (!ctx) {
389 		err = -ENOMEM;
390 		goto put_unm_err_out;
391 	}
392 	err = ntfs_attr_lookup(AT_VOLUME_INFORMATION, NULL, 0, 0, 0, NULL, 0,
393 			ctx);
394 	if (err)
395 		goto put_unm_err_out;
396 	vi = (VOLUME_INFORMATION*)((u8*)ctx->attr +
397 			le16_to_cpu(ctx->attr->data.resident.value_offset));
398 	vol->vol_flags = vi->flags = flags;
399 	flush_dcache_mft_record_page(ctx->ntfs_ino);
400 	mark_mft_record_dirty(ctx->ntfs_ino);
401 	ntfs_attr_put_search_ctx(ctx);
402 	unmap_mft_record(ni);
403 done:
404 	ntfs_debug("Done.");
405 	return 0;
406 put_unm_err_out:
407 	if (ctx)
408 		ntfs_attr_put_search_ctx(ctx);
409 	unmap_mft_record(ni);
410 err_out:
411 	ntfs_error(vol->sb, "Failed with error code %i.", -err);
412 	return err;
413 }
414 
415 /**
416  * ntfs_set_volume_flags - set bits in the volume information flags
417  * @vol:	ntfs volume on which to modify the flags
418  * @flags:	flags to set on the volume
419  *
420  * Set the bits in @flags in the volume information flags on the volume @vol.
421  *
422  * Return 0 on success and -errno on error.
423  */
ntfs_set_volume_flags(ntfs_volume * vol,VOLUME_FLAGS flags)424 static inline int ntfs_set_volume_flags(ntfs_volume *vol, VOLUME_FLAGS flags)
425 {
426 	flags &= VOLUME_FLAGS_MASK;
427 	return ntfs_write_volume_flags(vol, vol->vol_flags | flags);
428 }
429 
430 /**
431  * ntfs_clear_volume_flags - clear bits in the volume information flags
432  * @vol:	ntfs volume on which to modify the flags
433  * @flags:	flags to clear on the volume
434  *
435  * Clear the bits in @flags in the volume information flags on the volume @vol.
436  *
437  * Return 0 on success and -errno on error.
438  */
ntfs_clear_volume_flags(ntfs_volume * vol,VOLUME_FLAGS flags)439 static inline int ntfs_clear_volume_flags(ntfs_volume *vol, VOLUME_FLAGS flags)
440 {
441 	flags &= VOLUME_FLAGS_MASK;
442 	flags = vol->vol_flags & cpu_to_le16(~le16_to_cpu(flags));
443 	return ntfs_write_volume_flags(vol, flags);
444 }
445 
446 #endif /* NTFS_RW */
447 
448 /**
449  * ntfs_remount - change the mount options of a mounted ntfs filesystem
450  * @sb:		superblock of mounted ntfs filesystem
451  * @flags:	remount flags
452  * @opt:	remount options string
453  *
454  * Change the mount options of an already mounted ntfs filesystem.
455  *
456  * NOTE:  The VFS sets the @sb->s_flags remount flags to @flags after
457  * ntfs_remount() returns successfully (i.e. returns 0).  Otherwise,
458  * @sb->s_flags are not changed.
459  */
ntfs_remount(struct super_block * sb,int * flags,char * opt)460 static int ntfs_remount(struct super_block *sb, int *flags, char *opt)
461 {
462 	ntfs_volume *vol = NTFS_SB(sb);
463 
464 	ntfs_debug("Entering with remount options string: %s", opt);
465 
466 	sync_filesystem(sb);
467 
468 #ifndef NTFS_RW
469 	/* For read-only compiled driver, enforce read-only flag. */
470 	*flags |= SB_RDONLY;
471 #else /* NTFS_RW */
472 	/*
473 	 * For the read-write compiled driver, if we are remounting read-write,
474 	 * make sure there are no volume errors and that no unsupported volume
475 	 * flags are set.  Also, empty the logfile journal as it would become
476 	 * stale as soon as something is written to the volume and mark the
477 	 * volume dirty so that chkdsk is run if the volume is not umounted
478 	 * cleanly.  Finally, mark the quotas out of date so Windows rescans
479 	 * the volume on boot and updates them.
480 	 *
481 	 * When remounting read-only, mark the volume clean if no volume errors
482 	 * have occurred.
483 	 */
484 	if (sb_rdonly(sb) && !(*flags & SB_RDONLY)) {
485 		static const char *es = ".  Cannot remount read-write.";
486 
487 		/* Remounting read-write. */
488 		if (NVolErrors(vol)) {
489 			ntfs_error(sb, "Volume has errors and is read-only%s",
490 					es);
491 			return -EROFS;
492 		}
493 		if (vol->vol_flags & VOLUME_IS_DIRTY) {
494 			ntfs_error(sb, "Volume is dirty and read-only%s", es);
495 			return -EROFS;
496 		}
497 		if (vol->vol_flags & VOLUME_MODIFIED_BY_CHKDSK) {
498 			ntfs_error(sb, "Volume has been modified by chkdsk "
499 					"and is read-only%s", es);
500 			return -EROFS;
501 		}
502 		if (vol->vol_flags & VOLUME_MUST_MOUNT_RO_MASK) {
503 			ntfs_error(sb, "Volume has unsupported flags set "
504 					"(0x%x) and is read-only%s",
505 					(unsigned)le16_to_cpu(vol->vol_flags),
506 					es);
507 			return -EROFS;
508 		}
509 		if (ntfs_set_volume_flags(vol, VOLUME_IS_DIRTY)) {
510 			ntfs_error(sb, "Failed to set dirty bit in volume "
511 					"information flags%s", es);
512 			return -EROFS;
513 		}
514 #if 0
515 		// TODO: Enable this code once we start modifying anything that
516 		//	 is different between NTFS 1.2 and 3.x...
517 		/* Set NT4 compatibility flag on newer NTFS version volumes. */
518 		if ((vol->major_ver > 1)) {
519 			if (ntfs_set_volume_flags(vol, VOLUME_MOUNTED_ON_NT4)) {
520 				ntfs_error(sb, "Failed to set NT4 "
521 						"compatibility flag%s", es);
522 				NVolSetErrors(vol);
523 				return -EROFS;
524 			}
525 		}
526 #endif
527 		if (!ntfs_empty_logfile(vol->logfile_ino)) {
528 			ntfs_error(sb, "Failed to empty journal $LogFile%s",
529 					es);
530 			NVolSetErrors(vol);
531 			return -EROFS;
532 		}
533 		if (!ntfs_mark_quotas_out_of_date(vol)) {
534 			ntfs_error(sb, "Failed to mark quotas out of date%s",
535 					es);
536 			NVolSetErrors(vol);
537 			return -EROFS;
538 		}
539 		if (!ntfs_stamp_usnjrnl(vol)) {
540 			ntfs_error(sb, "Failed to stamp transaction log "
541 					"($UsnJrnl)%s", es);
542 			NVolSetErrors(vol);
543 			return -EROFS;
544 		}
545 	} else if (!sb_rdonly(sb) && (*flags & SB_RDONLY)) {
546 		/* Remounting read-only. */
547 		if (!NVolErrors(vol)) {
548 			if (ntfs_clear_volume_flags(vol, VOLUME_IS_DIRTY))
549 				ntfs_warning(sb, "Failed to clear dirty bit "
550 						"in volume information "
551 						"flags.  Run chkdsk.");
552 		}
553 	}
554 #endif /* NTFS_RW */
555 
556 	// TODO: Deal with *flags.
557 
558 	if (!parse_options(vol, opt))
559 		return -EINVAL;
560 
561 	ntfs_debug("Done.");
562 	return 0;
563 }
564 
565 /**
566  * is_boot_sector_ntfs - check whether a boot sector is a valid NTFS boot sector
567  * @sb:		Super block of the device to which @b belongs.
568  * @b:		Boot sector of device @sb to check.
569  * @silent:	If 'true', all output will be silenced.
570  *
571  * is_boot_sector_ntfs() checks whether the boot sector @b is a valid NTFS boot
572  * sector. Returns 'true' if it is valid and 'false' if not.
573  *
574  * @sb is only needed for warning/error output, i.e. it can be NULL when silent
575  * is 'true'.
576  */
is_boot_sector_ntfs(const struct super_block * sb,const NTFS_BOOT_SECTOR * b,const bool silent)577 static bool is_boot_sector_ntfs(const struct super_block *sb,
578 		const NTFS_BOOT_SECTOR *b, const bool silent)
579 {
580 	/*
581 	 * Check that checksum == sum of u32 values from b to the checksum
582 	 * field.  If checksum is zero, no checking is done.  We will work when
583 	 * the checksum test fails, since some utilities update the boot sector
584 	 * ignoring the checksum which leaves the checksum out-of-date.  We
585 	 * report a warning if this is the case.
586 	 */
587 	if ((void*)b < (void*)&b->checksum && b->checksum && !silent) {
588 		le32 *u;
589 		u32 i;
590 
591 		for (i = 0, u = (le32*)b; u < (le32*)(&b->checksum); ++u)
592 			i += le32_to_cpup(u);
593 		if (le32_to_cpu(b->checksum) != i)
594 			ntfs_warning(sb, "Invalid boot sector checksum.");
595 	}
596 	/* Check OEMidentifier is "NTFS    " */
597 	if (b->oem_id != magicNTFS)
598 		goto not_ntfs;
599 	/* Check bytes per sector value is between 256 and 4096. */
600 	if (le16_to_cpu(b->bpb.bytes_per_sector) < 0x100 ||
601 			le16_to_cpu(b->bpb.bytes_per_sector) > 0x1000)
602 		goto not_ntfs;
603 	/* Check sectors per cluster value is valid. */
604 	switch (b->bpb.sectors_per_cluster) {
605 	case 1: case 2: case 4: case 8: case 16: case 32: case 64: case 128:
606 		break;
607 	default:
608 		goto not_ntfs;
609 	}
610 	/* Check the cluster size is not above the maximum (64kiB). */
611 	if ((u32)le16_to_cpu(b->bpb.bytes_per_sector) *
612 			b->bpb.sectors_per_cluster > NTFS_MAX_CLUSTER_SIZE)
613 		goto not_ntfs;
614 	/* Check reserved/unused fields are really zero. */
615 	if (le16_to_cpu(b->bpb.reserved_sectors) ||
616 			le16_to_cpu(b->bpb.root_entries) ||
617 			le16_to_cpu(b->bpb.sectors) ||
618 			le16_to_cpu(b->bpb.sectors_per_fat) ||
619 			le32_to_cpu(b->bpb.large_sectors) || b->bpb.fats)
620 		goto not_ntfs;
621 	/* Check clusters per file mft record value is valid. */
622 	if ((u8)b->clusters_per_mft_record < 0xe1 ||
623 			(u8)b->clusters_per_mft_record > 0xf7)
624 		switch (b->clusters_per_mft_record) {
625 		case 1: case 2: case 4: case 8: case 16: case 32: case 64:
626 			break;
627 		default:
628 			goto not_ntfs;
629 		}
630 	/* Check clusters per index block value is valid. */
631 	if ((u8)b->clusters_per_index_record < 0xe1 ||
632 			(u8)b->clusters_per_index_record > 0xf7)
633 		switch (b->clusters_per_index_record) {
634 		case 1: case 2: case 4: case 8: case 16: case 32: case 64:
635 			break;
636 		default:
637 			goto not_ntfs;
638 		}
639 	/*
640 	 * Check for valid end of sector marker. We will work without it, but
641 	 * many BIOSes will refuse to boot from a bootsector if the magic is
642 	 * incorrect, so we emit a warning.
643 	 */
644 	if (!silent && b->end_of_sector_marker != cpu_to_le16(0xaa55))
645 		ntfs_warning(sb, "Invalid end of sector marker.");
646 	return true;
647 not_ntfs:
648 	return false;
649 }
650 
651 /**
652  * read_ntfs_boot_sector - read the NTFS boot sector of a device
653  * @sb:		super block of device to read the boot sector from
654  * @silent:	if true, suppress all output
655  *
656  * Reads the boot sector from the device and validates it. If that fails, tries
657  * to read the backup boot sector, first from the end of the device a-la NT4 and
658  * later and then from the middle of the device a-la NT3.51 and before.
659  *
660  * If a valid boot sector is found but it is not the primary boot sector, we
661  * repair the primary boot sector silently (unless the device is read-only or
662  * the primary boot sector is not accessible).
663  *
664  * NOTE: To call this function, @sb must have the fields s_dev, the ntfs super
665  * block (u.ntfs_sb), nr_blocks and the device flags (s_flags) initialized
666  * to their respective values.
667  *
668  * Return the unlocked buffer head containing the boot sector or NULL on error.
669  */
read_ntfs_boot_sector(struct super_block * sb,const int silent)670 static struct buffer_head *read_ntfs_boot_sector(struct super_block *sb,
671 		const int silent)
672 {
673 	const char *read_err_str = "Unable to read %s boot sector.";
674 	struct buffer_head *bh_primary, *bh_backup;
675 	sector_t nr_blocks = NTFS_SB(sb)->nr_blocks;
676 
677 	/* Try to read primary boot sector. */
678 	if ((bh_primary = sb_bread(sb, 0))) {
679 		if (is_boot_sector_ntfs(sb, (NTFS_BOOT_SECTOR*)
680 				bh_primary->b_data, silent))
681 			return bh_primary;
682 		if (!silent)
683 			ntfs_error(sb, "Primary boot sector is invalid.");
684 	} else if (!silent)
685 		ntfs_error(sb, read_err_str, "primary");
686 	if (!(NTFS_SB(sb)->on_errors & ON_ERRORS_RECOVER)) {
687 		if (bh_primary)
688 			brelse(bh_primary);
689 		if (!silent)
690 			ntfs_error(sb, "Mount option errors=recover not used. "
691 					"Aborting without trying to recover.");
692 		return NULL;
693 	}
694 	/* Try to read NT4+ backup boot sector. */
695 	if ((bh_backup = sb_bread(sb, nr_blocks - 1))) {
696 		if (is_boot_sector_ntfs(sb, (NTFS_BOOT_SECTOR*)
697 				bh_backup->b_data, silent))
698 			goto hotfix_primary_boot_sector;
699 		brelse(bh_backup);
700 	} else if (!silent)
701 		ntfs_error(sb, read_err_str, "backup");
702 	/* Try to read NT3.51- backup boot sector. */
703 	if ((bh_backup = sb_bread(sb, nr_blocks >> 1))) {
704 		if (is_boot_sector_ntfs(sb, (NTFS_BOOT_SECTOR*)
705 				bh_backup->b_data, silent))
706 			goto hotfix_primary_boot_sector;
707 		if (!silent)
708 			ntfs_error(sb, "Could not find a valid backup boot "
709 					"sector.");
710 		brelse(bh_backup);
711 	} else if (!silent)
712 		ntfs_error(sb, read_err_str, "backup");
713 	/* We failed. Cleanup and return. */
714 	if (bh_primary)
715 		brelse(bh_primary);
716 	return NULL;
717 hotfix_primary_boot_sector:
718 	if (bh_primary) {
719 		/*
720 		 * If we managed to read sector zero and the volume is not
721 		 * read-only, copy the found, valid backup boot sector to the
722 		 * primary boot sector.  Note we only copy the actual boot
723 		 * sector structure, not the actual whole device sector as that
724 		 * may be bigger and would potentially damage the $Boot system
725 		 * file (FIXME: Would be nice to know if the backup boot sector
726 		 * on a large sector device contains the whole boot loader or
727 		 * just the first 512 bytes).
728 		 */
729 		if (!sb_rdonly(sb)) {
730 			ntfs_warning(sb, "Hot-fix: Recovering invalid primary "
731 					"boot sector from backup copy.");
732 			memcpy(bh_primary->b_data, bh_backup->b_data,
733 					NTFS_BLOCK_SIZE);
734 			mark_buffer_dirty(bh_primary);
735 			sync_dirty_buffer(bh_primary);
736 			if (buffer_uptodate(bh_primary)) {
737 				brelse(bh_backup);
738 				return bh_primary;
739 			}
740 			ntfs_error(sb, "Hot-fix: Device write error while "
741 					"recovering primary boot sector.");
742 		} else {
743 			ntfs_warning(sb, "Hot-fix: Recovery of primary boot "
744 					"sector failed: Read-only mount.");
745 		}
746 		brelse(bh_primary);
747 	}
748 	ntfs_warning(sb, "Using backup boot sector.");
749 	return bh_backup;
750 }
751 
752 /**
753  * parse_ntfs_boot_sector - parse the boot sector and store the data in @vol
754  * @vol:	volume structure to initialise with data from boot sector
755  * @b:		boot sector to parse
756  *
757  * Parse the ntfs boot sector @b and store all imporant information therein in
758  * the ntfs super block @vol.  Return 'true' on success and 'false' on error.
759  */
parse_ntfs_boot_sector(ntfs_volume * vol,const NTFS_BOOT_SECTOR * b)760 static bool parse_ntfs_boot_sector(ntfs_volume *vol, const NTFS_BOOT_SECTOR *b)
761 {
762 	unsigned int sectors_per_cluster_bits, nr_hidden_sects;
763 	int clusters_per_mft_record, clusters_per_index_record;
764 	s64 ll;
765 
766 	vol->sector_size = le16_to_cpu(b->bpb.bytes_per_sector);
767 	vol->sector_size_bits = ffs(vol->sector_size) - 1;
768 	ntfs_debug("vol->sector_size = %i (0x%x)", vol->sector_size,
769 			vol->sector_size);
770 	ntfs_debug("vol->sector_size_bits = %i (0x%x)", vol->sector_size_bits,
771 			vol->sector_size_bits);
772 	if (vol->sector_size < vol->sb->s_blocksize) {
773 		ntfs_error(vol->sb, "Sector size (%i) is smaller than the "
774 				"device block size (%lu).  This is not "
775 				"supported.  Sorry.", vol->sector_size,
776 				vol->sb->s_blocksize);
777 		return false;
778 	}
779 	ntfs_debug("sectors_per_cluster = 0x%x", b->bpb.sectors_per_cluster);
780 	sectors_per_cluster_bits = ffs(b->bpb.sectors_per_cluster) - 1;
781 	ntfs_debug("sectors_per_cluster_bits = 0x%x",
782 			sectors_per_cluster_bits);
783 	nr_hidden_sects = le32_to_cpu(b->bpb.hidden_sectors);
784 	ntfs_debug("number of hidden sectors = 0x%x", nr_hidden_sects);
785 	vol->cluster_size = vol->sector_size << sectors_per_cluster_bits;
786 	vol->cluster_size_mask = vol->cluster_size - 1;
787 	vol->cluster_size_bits = ffs(vol->cluster_size) - 1;
788 	ntfs_debug("vol->cluster_size = %i (0x%x)", vol->cluster_size,
789 			vol->cluster_size);
790 	ntfs_debug("vol->cluster_size_mask = 0x%x", vol->cluster_size_mask);
791 	ntfs_debug("vol->cluster_size_bits = %i", vol->cluster_size_bits);
792 	if (vol->cluster_size < vol->sector_size) {
793 		ntfs_error(vol->sb, "Cluster size (%i) is smaller than the "
794 				"sector size (%i).  This is not supported.  "
795 				"Sorry.", vol->cluster_size, vol->sector_size);
796 		return false;
797 	}
798 	clusters_per_mft_record = b->clusters_per_mft_record;
799 	ntfs_debug("clusters_per_mft_record = %i (0x%x)",
800 			clusters_per_mft_record, clusters_per_mft_record);
801 	if (clusters_per_mft_record > 0)
802 		vol->mft_record_size = vol->cluster_size <<
803 				(ffs(clusters_per_mft_record) - 1);
804 	else
805 		/*
806 		 * When mft_record_size < cluster_size, clusters_per_mft_record
807 		 * = -log2(mft_record_size) bytes. mft_record_size normaly is
808 		 * 1024 bytes, which is encoded as 0xF6 (-10 in decimal).
809 		 */
810 		vol->mft_record_size = 1 << -clusters_per_mft_record;
811 	vol->mft_record_size_mask = vol->mft_record_size - 1;
812 	vol->mft_record_size_bits = ffs(vol->mft_record_size) - 1;
813 	ntfs_debug("vol->mft_record_size = %i (0x%x)", vol->mft_record_size,
814 			vol->mft_record_size);
815 	ntfs_debug("vol->mft_record_size_mask = 0x%x",
816 			vol->mft_record_size_mask);
817 	ntfs_debug("vol->mft_record_size_bits = %i (0x%x)",
818 			vol->mft_record_size_bits, vol->mft_record_size_bits);
819 	/*
820 	 * We cannot support mft record sizes above the PAGE_SIZE since
821 	 * we store $MFT/$DATA, the table of mft records in the page cache.
822 	 */
823 	if (vol->mft_record_size > PAGE_SIZE) {
824 		ntfs_error(vol->sb, "Mft record size (%i) exceeds the "
825 				"PAGE_SIZE on your system (%lu).  "
826 				"This is not supported.  Sorry.",
827 				vol->mft_record_size, PAGE_SIZE);
828 		return false;
829 	}
830 	/* We cannot support mft record sizes below the sector size. */
831 	if (vol->mft_record_size < vol->sector_size) {
832 		ntfs_error(vol->sb, "Mft record size (%i) is smaller than the "
833 				"sector size (%i).  This is not supported.  "
834 				"Sorry.", vol->mft_record_size,
835 				vol->sector_size);
836 		return false;
837 	}
838 	clusters_per_index_record = b->clusters_per_index_record;
839 	ntfs_debug("clusters_per_index_record = %i (0x%x)",
840 			clusters_per_index_record, clusters_per_index_record);
841 	if (clusters_per_index_record > 0)
842 		vol->index_record_size = vol->cluster_size <<
843 				(ffs(clusters_per_index_record) - 1);
844 	else
845 		/*
846 		 * When index_record_size < cluster_size,
847 		 * clusters_per_index_record = -log2(index_record_size) bytes.
848 		 * index_record_size normaly equals 4096 bytes, which is
849 		 * encoded as 0xF4 (-12 in decimal).
850 		 */
851 		vol->index_record_size = 1 << -clusters_per_index_record;
852 	vol->index_record_size_mask = vol->index_record_size - 1;
853 	vol->index_record_size_bits = ffs(vol->index_record_size) - 1;
854 	ntfs_debug("vol->index_record_size = %i (0x%x)",
855 			vol->index_record_size, vol->index_record_size);
856 	ntfs_debug("vol->index_record_size_mask = 0x%x",
857 			vol->index_record_size_mask);
858 	ntfs_debug("vol->index_record_size_bits = %i (0x%x)",
859 			vol->index_record_size_bits,
860 			vol->index_record_size_bits);
861 	/* We cannot support index record sizes below the sector size. */
862 	if (vol->index_record_size < vol->sector_size) {
863 		ntfs_error(vol->sb, "Index record size (%i) is smaller than "
864 				"the sector size (%i).  This is not "
865 				"supported.  Sorry.", vol->index_record_size,
866 				vol->sector_size);
867 		return false;
868 	}
869 	/*
870 	 * Get the size of the volume in clusters and check for 64-bit-ness.
871 	 * Windows currently only uses 32 bits to save the clusters so we do
872 	 * the same as it is much faster on 32-bit CPUs.
873 	 */
874 	ll = sle64_to_cpu(b->number_of_sectors) >> sectors_per_cluster_bits;
875 	if ((u64)ll >= 1ULL << 32) {
876 		ntfs_error(vol->sb, "Cannot handle 64-bit clusters.  Sorry.");
877 		return false;
878 	}
879 	vol->nr_clusters = ll;
880 	ntfs_debug("vol->nr_clusters = 0x%llx", (long long)vol->nr_clusters);
881 	/*
882 	 * On an architecture where unsigned long is 32-bits, we restrict the
883 	 * volume size to 2TiB (2^41). On a 64-bit architecture, the compiler
884 	 * will hopefully optimize the whole check away.
885 	 */
886 	if (sizeof(unsigned long) < 8) {
887 		if ((ll << vol->cluster_size_bits) >= (1ULL << 41)) {
888 			ntfs_error(vol->sb, "Volume size (%lluTiB) is too "
889 					"large for this architecture.  "
890 					"Maximum supported is 2TiB.  Sorry.",
891 					(unsigned long long)ll >> (40 -
892 					vol->cluster_size_bits));
893 			return false;
894 		}
895 	}
896 	ll = sle64_to_cpu(b->mft_lcn);
897 	if (ll >= vol->nr_clusters) {
898 		ntfs_error(vol->sb, "MFT LCN (%lli, 0x%llx) is beyond end of "
899 				"volume.  Weird.", (unsigned long long)ll,
900 				(unsigned long long)ll);
901 		return false;
902 	}
903 	vol->mft_lcn = ll;
904 	ntfs_debug("vol->mft_lcn = 0x%llx", (long long)vol->mft_lcn);
905 	ll = sle64_to_cpu(b->mftmirr_lcn);
906 	if (ll >= vol->nr_clusters) {
907 		ntfs_error(vol->sb, "MFTMirr LCN (%lli, 0x%llx) is beyond end "
908 				"of volume.  Weird.", (unsigned long long)ll,
909 				(unsigned long long)ll);
910 		return false;
911 	}
912 	vol->mftmirr_lcn = ll;
913 	ntfs_debug("vol->mftmirr_lcn = 0x%llx", (long long)vol->mftmirr_lcn);
914 #ifdef NTFS_RW
915 	/*
916 	 * Work out the size of the mft mirror in number of mft records. If the
917 	 * cluster size is less than or equal to the size taken by four mft
918 	 * records, the mft mirror stores the first four mft records. If the
919 	 * cluster size is bigger than the size taken by four mft records, the
920 	 * mft mirror contains as many mft records as will fit into one
921 	 * cluster.
922 	 */
923 	if (vol->cluster_size <= (4 << vol->mft_record_size_bits))
924 		vol->mftmirr_size = 4;
925 	else
926 		vol->mftmirr_size = vol->cluster_size >>
927 				vol->mft_record_size_bits;
928 	ntfs_debug("vol->mftmirr_size = %i", vol->mftmirr_size);
929 #endif /* NTFS_RW */
930 	vol->serial_no = le64_to_cpu(b->volume_serial_number);
931 	ntfs_debug("vol->serial_no = 0x%llx",
932 			(unsigned long long)vol->serial_no);
933 	return true;
934 }
935 
936 /**
937  * ntfs_setup_allocators - initialize the cluster and mft allocators
938  * @vol:	volume structure for which to setup the allocators
939  *
940  * Setup the cluster (lcn) and mft allocators to the starting values.
941  */
ntfs_setup_allocators(ntfs_volume * vol)942 static void ntfs_setup_allocators(ntfs_volume *vol)
943 {
944 #ifdef NTFS_RW
945 	LCN mft_zone_size, mft_lcn;
946 #endif /* NTFS_RW */
947 
948 	ntfs_debug("vol->mft_zone_multiplier = 0x%x",
949 			vol->mft_zone_multiplier);
950 #ifdef NTFS_RW
951 	/* Determine the size of the MFT zone. */
952 	mft_zone_size = vol->nr_clusters;
953 	switch (vol->mft_zone_multiplier) {  /* % of volume size in clusters */
954 	case 4:
955 		mft_zone_size >>= 1;			/* 50%   */
956 		break;
957 	case 3:
958 		mft_zone_size = (mft_zone_size +
959 				(mft_zone_size >> 1)) >> 2;	/* 37.5% */
960 		break;
961 	case 2:
962 		mft_zone_size >>= 2;			/* 25%   */
963 		break;
964 	/* case 1: */
965 	default:
966 		mft_zone_size >>= 3;			/* 12.5% */
967 		break;
968 	}
969 	/* Setup the mft zone. */
970 	vol->mft_zone_start = vol->mft_zone_pos = vol->mft_lcn;
971 	ntfs_debug("vol->mft_zone_pos = 0x%llx",
972 			(unsigned long long)vol->mft_zone_pos);
973 	/*
974 	 * Calculate the mft_lcn for an unmodified NTFS volume (see mkntfs
975 	 * source) and if the actual mft_lcn is in the expected place or even
976 	 * further to the front of the volume, extend the mft_zone to cover the
977 	 * beginning of the volume as well.  This is in order to protect the
978 	 * area reserved for the mft bitmap as well within the mft_zone itself.
979 	 * On non-standard volumes we do not protect it as the overhead would
980 	 * be higher than the speed increase we would get by doing it.
981 	 */
982 	mft_lcn = (8192 + 2 * vol->cluster_size - 1) / vol->cluster_size;
983 	if (mft_lcn * vol->cluster_size < 16 * 1024)
984 		mft_lcn = (16 * 1024 + vol->cluster_size - 1) /
985 				vol->cluster_size;
986 	if (vol->mft_zone_start <= mft_lcn)
987 		vol->mft_zone_start = 0;
988 	ntfs_debug("vol->mft_zone_start = 0x%llx",
989 			(unsigned long long)vol->mft_zone_start);
990 	/*
991 	 * Need to cap the mft zone on non-standard volumes so that it does
992 	 * not point outside the boundaries of the volume.  We do this by
993 	 * halving the zone size until we are inside the volume.
994 	 */
995 	vol->mft_zone_end = vol->mft_lcn + mft_zone_size;
996 	while (vol->mft_zone_end >= vol->nr_clusters) {
997 		mft_zone_size >>= 1;
998 		vol->mft_zone_end = vol->mft_lcn + mft_zone_size;
999 	}
1000 	ntfs_debug("vol->mft_zone_end = 0x%llx",
1001 			(unsigned long long)vol->mft_zone_end);
1002 	/*
1003 	 * Set the current position within each data zone to the start of the
1004 	 * respective zone.
1005 	 */
1006 	vol->data1_zone_pos = vol->mft_zone_end;
1007 	ntfs_debug("vol->data1_zone_pos = 0x%llx",
1008 			(unsigned long long)vol->data1_zone_pos);
1009 	vol->data2_zone_pos = 0;
1010 	ntfs_debug("vol->data2_zone_pos = 0x%llx",
1011 			(unsigned long long)vol->data2_zone_pos);
1012 
1013 	/* Set the mft data allocation position to mft record 24. */
1014 	vol->mft_data_pos = 24;
1015 	ntfs_debug("vol->mft_data_pos = 0x%llx",
1016 			(unsigned long long)vol->mft_data_pos);
1017 #endif /* NTFS_RW */
1018 }
1019 
1020 #ifdef NTFS_RW
1021 
1022 /**
1023  * load_and_init_mft_mirror - load and setup the mft mirror inode for a volume
1024  * @vol:	ntfs super block describing device whose mft mirror to load
1025  *
1026  * Return 'true' on success or 'false' on error.
1027  */
load_and_init_mft_mirror(ntfs_volume * vol)1028 static bool load_and_init_mft_mirror(ntfs_volume *vol)
1029 {
1030 	struct inode *tmp_ino;
1031 	ntfs_inode *tmp_ni;
1032 
1033 	ntfs_debug("Entering.");
1034 	/* Get mft mirror inode. */
1035 	tmp_ino = ntfs_iget(vol->sb, FILE_MFTMirr);
1036 	if (IS_ERR(tmp_ino) || is_bad_inode(tmp_ino)) {
1037 		if (!IS_ERR(tmp_ino))
1038 			iput(tmp_ino);
1039 		/* Caller will display error message. */
1040 		return false;
1041 	}
1042 	/*
1043 	 * Re-initialize some specifics about $MFTMirr's inode as
1044 	 * ntfs_read_inode() will have set up the default ones.
1045 	 */
1046 	/* Set uid and gid to root. */
1047 	tmp_ino->i_uid = GLOBAL_ROOT_UID;
1048 	tmp_ino->i_gid = GLOBAL_ROOT_GID;
1049 	/* Regular file.  No access for anyone. */
1050 	tmp_ino->i_mode = S_IFREG;
1051 	/* No VFS initiated operations allowed for $MFTMirr. */
1052 	tmp_ino->i_op = &ntfs_empty_inode_ops;
1053 	tmp_ino->i_fop = &ntfs_empty_file_ops;
1054 	/* Put in our special address space operations. */
1055 	tmp_ino->i_mapping->a_ops = &ntfs_mst_aops;
1056 	tmp_ni = NTFS_I(tmp_ino);
1057 	/* The $MFTMirr, like the $MFT is multi sector transfer protected. */
1058 	NInoSetMstProtected(tmp_ni);
1059 	NInoSetSparseDisabled(tmp_ni);
1060 	/*
1061 	 * Set up our little cheat allowing us to reuse the async read io
1062 	 * completion handler for directories.
1063 	 */
1064 	tmp_ni->itype.index.block_size = vol->mft_record_size;
1065 	tmp_ni->itype.index.block_size_bits = vol->mft_record_size_bits;
1066 	vol->mftmirr_ino = tmp_ino;
1067 	ntfs_debug("Done.");
1068 	return true;
1069 }
1070 
1071 /**
1072  * check_mft_mirror - compare contents of the mft mirror with the mft
1073  * @vol:	ntfs super block describing device whose mft mirror to check
1074  *
1075  * Return 'true' on success or 'false' on error.
1076  *
1077  * Note, this function also results in the mft mirror runlist being completely
1078  * mapped into memory.  The mft mirror write code requires this and will BUG()
1079  * should it find an unmapped runlist element.
1080  */
check_mft_mirror(ntfs_volume * vol)1081 static bool check_mft_mirror(ntfs_volume *vol)
1082 {
1083 	struct super_block *sb = vol->sb;
1084 	ntfs_inode *mirr_ni;
1085 	struct page *mft_page, *mirr_page;
1086 	u8 *kmft, *kmirr;
1087 	runlist_element *rl, rl2[2];
1088 	pgoff_t index;
1089 	int mrecs_per_page, i;
1090 
1091 	ntfs_debug("Entering.");
1092 	/* Compare contents of $MFT and $MFTMirr. */
1093 	mrecs_per_page = PAGE_SIZE / vol->mft_record_size;
1094 	BUG_ON(!mrecs_per_page);
1095 	BUG_ON(!vol->mftmirr_size);
1096 	mft_page = mirr_page = NULL;
1097 	kmft = kmirr = NULL;
1098 	index = i = 0;
1099 	do {
1100 		u32 bytes;
1101 
1102 		/* Switch pages if necessary. */
1103 		if (!(i % mrecs_per_page)) {
1104 			if (index) {
1105 				ntfs_unmap_page(mft_page);
1106 				ntfs_unmap_page(mirr_page);
1107 			}
1108 			/* Get the $MFT page. */
1109 			mft_page = ntfs_map_page(vol->mft_ino->i_mapping,
1110 					index);
1111 			if (IS_ERR(mft_page)) {
1112 				ntfs_error(sb, "Failed to read $MFT.");
1113 				return false;
1114 			}
1115 			kmft = page_address(mft_page);
1116 			/* Get the $MFTMirr page. */
1117 			mirr_page = ntfs_map_page(vol->mftmirr_ino->i_mapping,
1118 					index);
1119 			if (IS_ERR(mirr_page)) {
1120 				ntfs_error(sb, "Failed to read $MFTMirr.");
1121 				goto mft_unmap_out;
1122 			}
1123 			kmirr = page_address(mirr_page);
1124 			++index;
1125 		}
1126 		/* Do not check the record if it is not in use. */
1127 		if (((MFT_RECORD*)kmft)->flags & MFT_RECORD_IN_USE) {
1128 			/* Make sure the record is ok. */
1129 			if (ntfs_is_baad_recordp((le32*)kmft)) {
1130 				ntfs_error(sb, "Incomplete multi sector "
1131 						"transfer detected in mft "
1132 						"record %i.", i);
1133 mm_unmap_out:
1134 				ntfs_unmap_page(mirr_page);
1135 mft_unmap_out:
1136 				ntfs_unmap_page(mft_page);
1137 				return false;
1138 			}
1139 		}
1140 		/* Do not check the mirror record if it is not in use. */
1141 		if (((MFT_RECORD*)kmirr)->flags & MFT_RECORD_IN_USE) {
1142 			if (ntfs_is_baad_recordp((le32*)kmirr)) {
1143 				ntfs_error(sb, "Incomplete multi sector "
1144 						"transfer detected in mft "
1145 						"mirror record %i.", i);
1146 				goto mm_unmap_out;
1147 			}
1148 		}
1149 		/* Get the amount of data in the current record. */
1150 		bytes = le32_to_cpu(((MFT_RECORD*)kmft)->bytes_in_use);
1151 		if (bytes < sizeof(MFT_RECORD_OLD) ||
1152 				bytes > vol->mft_record_size ||
1153 				ntfs_is_baad_recordp((le32*)kmft)) {
1154 			bytes = le32_to_cpu(((MFT_RECORD*)kmirr)->bytes_in_use);
1155 			if (bytes < sizeof(MFT_RECORD_OLD) ||
1156 					bytes > vol->mft_record_size ||
1157 					ntfs_is_baad_recordp((le32*)kmirr))
1158 				bytes = vol->mft_record_size;
1159 		}
1160 		/* Compare the two records. */
1161 		if (memcmp(kmft, kmirr, bytes)) {
1162 			ntfs_error(sb, "$MFT and $MFTMirr (record %i) do not "
1163 					"match.  Run ntfsfix or chkdsk.", i);
1164 			goto mm_unmap_out;
1165 		}
1166 		kmft += vol->mft_record_size;
1167 		kmirr += vol->mft_record_size;
1168 	} while (++i < vol->mftmirr_size);
1169 	/* Release the last pages. */
1170 	ntfs_unmap_page(mft_page);
1171 	ntfs_unmap_page(mirr_page);
1172 
1173 	/* Construct the mft mirror runlist by hand. */
1174 	rl2[0].vcn = 0;
1175 	rl2[0].lcn = vol->mftmirr_lcn;
1176 	rl2[0].length = (vol->mftmirr_size * vol->mft_record_size +
1177 			vol->cluster_size - 1) / vol->cluster_size;
1178 	rl2[1].vcn = rl2[0].length;
1179 	rl2[1].lcn = LCN_ENOENT;
1180 	rl2[1].length = 0;
1181 	/*
1182 	 * Because we have just read all of the mft mirror, we know we have
1183 	 * mapped the full runlist for it.
1184 	 */
1185 	mirr_ni = NTFS_I(vol->mftmirr_ino);
1186 	down_read(&mirr_ni->runlist.lock);
1187 	rl = mirr_ni->runlist.rl;
1188 	/* Compare the two runlists.  They must be identical. */
1189 	i = 0;
1190 	do {
1191 		if (rl2[i].vcn != rl[i].vcn || rl2[i].lcn != rl[i].lcn ||
1192 				rl2[i].length != rl[i].length) {
1193 			ntfs_error(sb, "$MFTMirr location mismatch.  "
1194 					"Run chkdsk.");
1195 			up_read(&mirr_ni->runlist.lock);
1196 			return false;
1197 		}
1198 	} while (rl2[i++].length);
1199 	up_read(&mirr_ni->runlist.lock);
1200 	ntfs_debug("Done.");
1201 	return true;
1202 }
1203 
1204 /**
1205  * load_and_check_logfile - load and check the logfile inode for a volume
1206  * @vol:	ntfs super block describing device whose logfile to load
1207  *
1208  * Return 'true' on success or 'false' on error.
1209  */
load_and_check_logfile(ntfs_volume * vol,RESTART_PAGE_HEADER ** rp)1210 static bool load_and_check_logfile(ntfs_volume *vol,
1211 		RESTART_PAGE_HEADER **rp)
1212 {
1213 	struct inode *tmp_ino;
1214 
1215 	ntfs_debug("Entering.");
1216 	tmp_ino = ntfs_iget(vol->sb, FILE_LogFile);
1217 	if (IS_ERR(tmp_ino) || is_bad_inode(tmp_ino)) {
1218 		if (!IS_ERR(tmp_ino))
1219 			iput(tmp_ino);
1220 		/* Caller will display error message. */
1221 		return false;
1222 	}
1223 	if (!ntfs_check_logfile(tmp_ino, rp)) {
1224 		iput(tmp_ino);
1225 		/* ntfs_check_logfile() will have displayed error output. */
1226 		return false;
1227 	}
1228 	NInoSetSparseDisabled(NTFS_I(tmp_ino));
1229 	vol->logfile_ino = tmp_ino;
1230 	ntfs_debug("Done.");
1231 	return true;
1232 }
1233 
1234 #define NTFS_HIBERFIL_HEADER_SIZE	4096
1235 
1236 /**
1237  * check_windows_hibernation_status - check if Windows is suspended on a volume
1238  * @vol:	ntfs super block of device to check
1239  *
1240  * Check if Windows is hibernated on the ntfs volume @vol.  This is done by
1241  * looking for the file hiberfil.sys in the root directory of the volume.  If
1242  * the file is not present Windows is definitely not suspended.
1243  *
1244  * If hiberfil.sys exists and is less than 4kiB in size it means Windows is
1245  * definitely suspended (this volume is not the system volume).  Caveat:  on a
1246  * system with many volumes it is possible that the < 4kiB check is bogus but
1247  * for now this should do fine.
1248  *
1249  * If hiberfil.sys exists and is larger than 4kiB in size, we need to read the
1250  * hiberfil header (which is the first 4kiB).  If this begins with "hibr",
1251  * Windows is definitely suspended.  If it is completely full of zeroes,
1252  * Windows is definitely not hibernated.  Any other case is treated as if
1253  * Windows is suspended.  This caters for the above mentioned caveat of a
1254  * system with many volumes where no "hibr" magic would be present and there is
1255  * no zero header.
1256  *
1257  * Return 0 if Windows is not hibernated on the volume, >0 if Windows is
1258  * hibernated on the volume, and -errno on error.
1259  */
check_windows_hibernation_status(ntfs_volume * vol)1260 static int check_windows_hibernation_status(ntfs_volume *vol)
1261 {
1262 	MFT_REF mref;
1263 	struct inode *vi;
1264 	struct page *page;
1265 	u32 *kaddr, *kend;
1266 	ntfs_name *name = NULL;
1267 	int ret = 1;
1268 	static const ntfschar hiberfil[13] = { cpu_to_le16('h'),
1269 			cpu_to_le16('i'), cpu_to_le16('b'),
1270 			cpu_to_le16('e'), cpu_to_le16('r'),
1271 			cpu_to_le16('f'), cpu_to_le16('i'),
1272 			cpu_to_le16('l'), cpu_to_le16('.'),
1273 			cpu_to_le16('s'), cpu_to_le16('y'),
1274 			cpu_to_le16('s'), 0 };
1275 
1276 	ntfs_debug("Entering.");
1277 	/*
1278 	 * Find the inode number for the hibernation file by looking up the
1279 	 * filename hiberfil.sys in the root directory.
1280 	 */
1281 	inode_lock(vol->root_ino);
1282 	mref = ntfs_lookup_inode_by_name(NTFS_I(vol->root_ino), hiberfil, 12,
1283 			&name);
1284 	inode_unlock(vol->root_ino);
1285 	if (IS_ERR_MREF(mref)) {
1286 		ret = MREF_ERR(mref);
1287 		/* If the file does not exist, Windows is not hibernated. */
1288 		if (ret == -ENOENT) {
1289 			ntfs_debug("hiberfil.sys not present.  Windows is not "
1290 					"hibernated on the volume.");
1291 			return 0;
1292 		}
1293 		/* A real error occurred. */
1294 		ntfs_error(vol->sb, "Failed to find inode number for "
1295 				"hiberfil.sys.");
1296 		return ret;
1297 	}
1298 	/* We do not care for the type of match that was found. */
1299 	kfree(name);
1300 	/* Get the inode. */
1301 	vi = ntfs_iget(vol->sb, MREF(mref));
1302 	if (IS_ERR(vi) || is_bad_inode(vi)) {
1303 		if (!IS_ERR(vi))
1304 			iput(vi);
1305 		ntfs_error(vol->sb, "Failed to load hiberfil.sys.");
1306 		return IS_ERR(vi) ? PTR_ERR(vi) : -EIO;
1307 	}
1308 	if (unlikely(i_size_read(vi) < NTFS_HIBERFIL_HEADER_SIZE)) {
1309 		ntfs_debug("hiberfil.sys is smaller than 4kiB (0x%llx).  "
1310 				"Windows is hibernated on the volume.  This "
1311 				"is not the system volume.", i_size_read(vi));
1312 		goto iput_out;
1313 	}
1314 	page = ntfs_map_page(vi->i_mapping, 0);
1315 	if (IS_ERR(page)) {
1316 		ntfs_error(vol->sb, "Failed to read from hiberfil.sys.");
1317 		ret = PTR_ERR(page);
1318 		goto iput_out;
1319 	}
1320 	kaddr = (u32*)page_address(page);
1321 	if (*(le32*)kaddr == cpu_to_le32(0x72626968)/*'hibr'*/) {
1322 		ntfs_debug("Magic \"hibr\" found in hiberfil.sys.  Windows is "
1323 				"hibernated on the volume.  This is the "
1324 				"system volume.");
1325 		goto unm_iput_out;
1326 	}
1327 	kend = kaddr + NTFS_HIBERFIL_HEADER_SIZE/sizeof(*kaddr);
1328 	do {
1329 		if (unlikely(*kaddr)) {
1330 			ntfs_debug("hiberfil.sys is larger than 4kiB "
1331 					"(0x%llx), does not contain the "
1332 					"\"hibr\" magic, and does not have a "
1333 					"zero header.  Windows is hibernated "
1334 					"on the volume.  This is not the "
1335 					"system volume.", i_size_read(vi));
1336 			goto unm_iput_out;
1337 		}
1338 	} while (++kaddr < kend);
1339 	ntfs_debug("hiberfil.sys contains a zero header.  Windows is not "
1340 			"hibernated on the volume.  This is the system "
1341 			"volume.");
1342 	ret = 0;
1343 unm_iput_out:
1344 	ntfs_unmap_page(page);
1345 iput_out:
1346 	iput(vi);
1347 	return ret;
1348 }
1349 
1350 /**
1351  * load_and_init_quota - load and setup the quota file for a volume if present
1352  * @vol:	ntfs super block describing device whose quota file to load
1353  *
1354  * Return 'true' on success or 'false' on error.  If $Quota is not present, we
1355  * leave vol->quota_ino as NULL and return success.
1356  */
load_and_init_quota(ntfs_volume * vol)1357 static bool load_and_init_quota(ntfs_volume *vol)
1358 {
1359 	MFT_REF mref;
1360 	struct inode *tmp_ino;
1361 	ntfs_name *name = NULL;
1362 	static const ntfschar Quota[7] = { cpu_to_le16('$'),
1363 			cpu_to_le16('Q'), cpu_to_le16('u'),
1364 			cpu_to_le16('o'), cpu_to_le16('t'),
1365 			cpu_to_le16('a'), 0 };
1366 	static ntfschar Q[3] = { cpu_to_le16('$'),
1367 			cpu_to_le16('Q'), 0 };
1368 
1369 	ntfs_debug("Entering.");
1370 	/*
1371 	 * Find the inode number for the quota file by looking up the filename
1372 	 * $Quota in the extended system files directory $Extend.
1373 	 */
1374 	inode_lock(vol->extend_ino);
1375 	mref = ntfs_lookup_inode_by_name(NTFS_I(vol->extend_ino), Quota, 6,
1376 			&name);
1377 	inode_unlock(vol->extend_ino);
1378 	if (IS_ERR_MREF(mref)) {
1379 		/*
1380 		 * If the file does not exist, quotas are disabled and have
1381 		 * never been enabled on this volume, just return success.
1382 		 */
1383 		if (MREF_ERR(mref) == -ENOENT) {
1384 			ntfs_debug("$Quota not present.  Volume does not have "
1385 					"quotas enabled.");
1386 			/*
1387 			 * No need to try to set quotas out of date if they are
1388 			 * not enabled.
1389 			 */
1390 			NVolSetQuotaOutOfDate(vol);
1391 			return true;
1392 		}
1393 		/* A real error occurred. */
1394 		ntfs_error(vol->sb, "Failed to find inode number for $Quota.");
1395 		return false;
1396 	}
1397 	/* We do not care for the type of match that was found. */
1398 	kfree(name);
1399 	/* Get the inode. */
1400 	tmp_ino = ntfs_iget(vol->sb, MREF(mref));
1401 	if (IS_ERR(tmp_ino) || is_bad_inode(tmp_ino)) {
1402 		if (!IS_ERR(tmp_ino))
1403 			iput(tmp_ino);
1404 		ntfs_error(vol->sb, "Failed to load $Quota.");
1405 		return false;
1406 	}
1407 	vol->quota_ino = tmp_ino;
1408 	/* Get the $Q index allocation attribute. */
1409 	tmp_ino = ntfs_index_iget(vol->quota_ino, Q, 2);
1410 	if (IS_ERR(tmp_ino)) {
1411 		ntfs_error(vol->sb, "Failed to load $Quota/$Q index.");
1412 		return false;
1413 	}
1414 	vol->quota_q_ino = tmp_ino;
1415 	ntfs_debug("Done.");
1416 	return true;
1417 }
1418 
1419 /**
1420  * load_and_init_usnjrnl - load and setup the transaction log if present
1421  * @vol:	ntfs super block describing device whose usnjrnl file to load
1422  *
1423  * Return 'true' on success or 'false' on error.
1424  *
1425  * If $UsnJrnl is not present or in the process of being disabled, we set
1426  * NVolUsnJrnlStamped() and return success.
1427  *
1428  * If the $UsnJrnl $DATA/$J attribute has a size equal to the lowest valid usn,
1429  * i.e. transaction logging has only just been enabled or the journal has been
1430  * stamped and nothing has been logged since, we also set NVolUsnJrnlStamped()
1431  * and return success.
1432  */
load_and_init_usnjrnl(ntfs_volume * vol)1433 static bool load_and_init_usnjrnl(ntfs_volume *vol)
1434 {
1435 	MFT_REF mref;
1436 	struct inode *tmp_ino;
1437 	ntfs_inode *tmp_ni;
1438 	struct page *page;
1439 	ntfs_name *name = NULL;
1440 	USN_HEADER *uh;
1441 	static const ntfschar UsnJrnl[9] = { cpu_to_le16('$'),
1442 			cpu_to_le16('U'), cpu_to_le16('s'),
1443 			cpu_to_le16('n'), cpu_to_le16('J'),
1444 			cpu_to_le16('r'), cpu_to_le16('n'),
1445 			cpu_to_le16('l'), 0 };
1446 	static ntfschar Max[5] = { cpu_to_le16('$'),
1447 			cpu_to_le16('M'), cpu_to_le16('a'),
1448 			cpu_to_le16('x'), 0 };
1449 	static ntfschar J[3] = { cpu_to_le16('$'),
1450 			cpu_to_le16('J'), 0 };
1451 
1452 	ntfs_debug("Entering.");
1453 	/*
1454 	 * Find the inode number for the transaction log file by looking up the
1455 	 * filename $UsnJrnl in the extended system files directory $Extend.
1456 	 */
1457 	inode_lock(vol->extend_ino);
1458 	mref = ntfs_lookup_inode_by_name(NTFS_I(vol->extend_ino), UsnJrnl, 8,
1459 			&name);
1460 	inode_unlock(vol->extend_ino);
1461 	if (IS_ERR_MREF(mref)) {
1462 		/*
1463 		 * If the file does not exist, transaction logging is disabled,
1464 		 * just return success.
1465 		 */
1466 		if (MREF_ERR(mref) == -ENOENT) {
1467 			ntfs_debug("$UsnJrnl not present.  Volume does not "
1468 					"have transaction logging enabled.");
1469 not_enabled:
1470 			/*
1471 			 * No need to try to stamp the transaction log if
1472 			 * transaction logging is not enabled.
1473 			 */
1474 			NVolSetUsnJrnlStamped(vol);
1475 			return true;
1476 		}
1477 		/* A real error occurred. */
1478 		ntfs_error(vol->sb, "Failed to find inode number for "
1479 				"$UsnJrnl.");
1480 		return false;
1481 	}
1482 	/* We do not care for the type of match that was found. */
1483 	kfree(name);
1484 	/* Get the inode. */
1485 	tmp_ino = ntfs_iget(vol->sb, MREF(mref));
1486 	if (IS_ERR(tmp_ino) || unlikely(is_bad_inode(tmp_ino))) {
1487 		if (!IS_ERR(tmp_ino))
1488 			iput(tmp_ino);
1489 		ntfs_error(vol->sb, "Failed to load $UsnJrnl.");
1490 		return false;
1491 	}
1492 	vol->usnjrnl_ino = tmp_ino;
1493 	/*
1494 	 * If the transaction log is in the process of being deleted, we can
1495 	 * ignore it.
1496 	 */
1497 	if (unlikely(vol->vol_flags & VOLUME_DELETE_USN_UNDERWAY)) {
1498 		ntfs_debug("$UsnJrnl in the process of being disabled.  "
1499 				"Volume does not have transaction logging "
1500 				"enabled.");
1501 		goto not_enabled;
1502 	}
1503 	/* Get the $DATA/$Max attribute. */
1504 	tmp_ino = ntfs_attr_iget(vol->usnjrnl_ino, AT_DATA, Max, 4);
1505 	if (IS_ERR(tmp_ino)) {
1506 		ntfs_error(vol->sb, "Failed to load $UsnJrnl/$DATA/$Max "
1507 				"attribute.");
1508 		return false;
1509 	}
1510 	vol->usnjrnl_max_ino = tmp_ino;
1511 	if (unlikely(i_size_read(tmp_ino) < sizeof(USN_HEADER))) {
1512 		ntfs_error(vol->sb, "Found corrupt $UsnJrnl/$DATA/$Max "
1513 				"attribute (size is 0x%llx but should be at "
1514 				"least 0x%zx bytes).", i_size_read(tmp_ino),
1515 				sizeof(USN_HEADER));
1516 		return false;
1517 	}
1518 	/* Get the $DATA/$J attribute. */
1519 	tmp_ino = ntfs_attr_iget(vol->usnjrnl_ino, AT_DATA, J, 2);
1520 	if (IS_ERR(tmp_ino)) {
1521 		ntfs_error(vol->sb, "Failed to load $UsnJrnl/$DATA/$J "
1522 				"attribute.");
1523 		return false;
1524 	}
1525 	vol->usnjrnl_j_ino = tmp_ino;
1526 	/* Verify $J is non-resident and sparse. */
1527 	tmp_ni = NTFS_I(vol->usnjrnl_j_ino);
1528 	if (unlikely(!NInoNonResident(tmp_ni) || !NInoSparse(tmp_ni))) {
1529 		ntfs_error(vol->sb, "$UsnJrnl/$DATA/$J attribute is resident "
1530 				"and/or not sparse.");
1531 		return false;
1532 	}
1533 	/* Read the USN_HEADER from $DATA/$Max. */
1534 	page = ntfs_map_page(vol->usnjrnl_max_ino->i_mapping, 0);
1535 	if (IS_ERR(page)) {
1536 		ntfs_error(vol->sb, "Failed to read from $UsnJrnl/$DATA/$Max "
1537 				"attribute.");
1538 		return false;
1539 	}
1540 	uh = (USN_HEADER*)page_address(page);
1541 	/* Sanity check the $Max. */
1542 	if (unlikely(sle64_to_cpu(uh->allocation_delta) >
1543 			sle64_to_cpu(uh->maximum_size))) {
1544 		ntfs_error(vol->sb, "Allocation delta (0x%llx) exceeds "
1545 				"maximum size (0x%llx).  $UsnJrnl is corrupt.",
1546 				(long long)sle64_to_cpu(uh->allocation_delta),
1547 				(long long)sle64_to_cpu(uh->maximum_size));
1548 		ntfs_unmap_page(page);
1549 		return false;
1550 	}
1551 	/*
1552 	 * If the transaction log has been stamped and nothing has been written
1553 	 * to it since, we do not need to stamp it.
1554 	 */
1555 	if (unlikely(sle64_to_cpu(uh->lowest_valid_usn) >=
1556 			i_size_read(vol->usnjrnl_j_ino))) {
1557 		if (likely(sle64_to_cpu(uh->lowest_valid_usn) ==
1558 				i_size_read(vol->usnjrnl_j_ino))) {
1559 			ntfs_unmap_page(page);
1560 			ntfs_debug("$UsnJrnl is enabled but nothing has been "
1561 					"logged since it was last stamped.  "
1562 					"Treating this as if the volume does "
1563 					"not have transaction logging "
1564 					"enabled.");
1565 			goto not_enabled;
1566 		}
1567 		ntfs_error(vol->sb, "$UsnJrnl has lowest valid usn (0x%llx) "
1568 				"which is out of bounds (0x%llx).  $UsnJrnl "
1569 				"is corrupt.",
1570 				(long long)sle64_to_cpu(uh->lowest_valid_usn),
1571 				i_size_read(vol->usnjrnl_j_ino));
1572 		ntfs_unmap_page(page);
1573 		return false;
1574 	}
1575 	ntfs_unmap_page(page);
1576 	ntfs_debug("Done.");
1577 	return true;
1578 }
1579 
1580 /**
1581  * load_and_init_attrdef - load the attribute definitions table for a volume
1582  * @vol:	ntfs super block describing device whose attrdef to load
1583  *
1584  * Return 'true' on success or 'false' on error.
1585  */
load_and_init_attrdef(ntfs_volume * vol)1586 static bool load_and_init_attrdef(ntfs_volume *vol)
1587 {
1588 	loff_t i_size;
1589 	struct super_block *sb = vol->sb;
1590 	struct inode *ino;
1591 	struct page *page;
1592 	pgoff_t index, max_index;
1593 	unsigned int size;
1594 
1595 	ntfs_debug("Entering.");
1596 	/* Read attrdef table and setup vol->attrdef and vol->attrdef_size. */
1597 	ino = ntfs_iget(sb, FILE_AttrDef);
1598 	if (IS_ERR(ino) || is_bad_inode(ino)) {
1599 		if (!IS_ERR(ino))
1600 			iput(ino);
1601 		goto failed;
1602 	}
1603 	NInoSetSparseDisabled(NTFS_I(ino));
1604 	/* The size of FILE_AttrDef must be above 0 and fit inside 31 bits. */
1605 	i_size = i_size_read(ino);
1606 	if (i_size <= 0 || i_size > 0x7fffffff)
1607 		goto iput_failed;
1608 	vol->attrdef = (ATTR_DEF*)ntfs_malloc_nofs(i_size);
1609 	if (!vol->attrdef)
1610 		goto iput_failed;
1611 	index = 0;
1612 	max_index = i_size >> PAGE_SHIFT;
1613 	size = PAGE_SIZE;
1614 	while (index < max_index) {
1615 		/* Read the attrdef table and copy it into the linear buffer. */
1616 read_partial_attrdef_page:
1617 		page = ntfs_map_page(ino->i_mapping, index);
1618 		if (IS_ERR(page))
1619 			goto free_iput_failed;
1620 		memcpy((u8*)vol->attrdef + (index++ << PAGE_SHIFT),
1621 				page_address(page), size);
1622 		ntfs_unmap_page(page);
1623 	}
1624 	if (size == PAGE_SIZE) {
1625 		size = i_size & ~PAGE_MASK;
1626 		if (size)
1627 			goto read_partial_attrdef_page;
1628 	}
1629 	vol->attrdef_size = i_size;
1630 	ntfs_debug("Read %llu bytes from $AttrDef.", i_size);
1631 	iput(ino);
1632 	return true;
1633 free_iput_failed:
1634 	ntfs_free(vol->attrdef);
1635 	vol->attrdef = NULL;
1636 iput_failed:
1637 	iput(ino);
1638 failed:
1639 	ntfs_error(sb, "Failed to initialize attribute definition table.");
1640 	return false;
1641 }
1642 
1643 #endif /* NTFS_RW */
1644 
1645 /**
1646  * load_and_init_upcase - load the upcase table for an ntfs volume
1647  * @vol:	ntfs super block describing device whose upcase to load
1648  *
1649  * Return 'true' on success or 'false' on error.
1650  */
load_and_init_upcase(ntfs_volume * vol)1651 static bool load_and_init_upcase(ntfs_volume *vol)
1652 {
1653 	loff_t i_size;
1654 	struct super_block *sb = vol->sb;
1655 	struct inode *ino;
1656 	struct page *page;
1657 	pgoff_t index, max_index;
1658 	unsigned int size;
1659 	int i, max;
1660 
1661 	ntfs_debug("Entering.");
1662 	/* Read upcase table and setup vol->upcase and vol->upcase_len. */
1663 	ino = ntfs_iget(sb, FILE_UpCase);
1664 	if (IS_ERR(ino) || is_bad_inode(ino)) {
1665 		if (!IS_ERR(ino))
1666 			iput(ino);
1667 		goto upcase_failed;
1668 	}
1669 	/*
1670 	 * The upcase size must not be above 64k Unicode characters, must not
1671 	 * be zero and must be a multiple of sizeof(ntfschar).
1672 	 */
1673 	i_size = i_size_read(ino);
1674 	if (!i_size || i_size & (sizeof(ntfschar) - 1) ||
1675 			i_size > 64ULL * 1024 * sizeof(ntfschar))
1676 		goto iput_upcase_failed;
1677 	vol->upcase = (ntfschar*)ntfs_malloc_nofs(i_size);
1678 	if (!vol->upcase)
1679 		goto iput_upcase_failed;
1680 	index = 0;
1681 	max_index = i_size >> PAGE_SHIFT;
1682 	size = PAGE_SIZE;
1683 	while (index < max_index) {
1684 		/* Read the upcase table and copy it into the linear buffer. */
1685 read_partial_upcase_page:
1686 		page = ntfs_map_page(ino->i_mapping, index);
1687 		if (IS_ERR(page))
1688 			goto iput_upcase_failed;
1689 		memcpy((char*)vol->upcase + (index++ << PAGE_SHIFT),
1690 				page_address(page), size);
1691 		ntfs_unmap_page(page);
1692 	}
1693 	if (size == PAGE_SIZE) {
1694 		size = i_size & ~PAGE_MASK;
1695 		if (size)
1696 			goto read_partial_upcase_page;
1697 	}
1698 	vol->upcase_len = i_size >> UCHAR_T_SIZE_BITS;
1699 	ntfs_debug("Read %llu bytes from $UpCase (expected %zu bytes).",
1700 			i_size, 64 * 1024 * sizeof(ntfschar));
1701 	iput(ino);
1702 	mutex_lock(&ntfs_lock);
1703 	if (!default_upcase) {
1704 		ntfs_debug("Using volume specified $UpCase since default is "
1705 				"not present.");
1706 		mutex_unlock(&ntfs_lock);
1707 		return true;
1708 	}
1709 	max = default_upcase_len;
1710 	if (max > vol->upcase_len)
1711 		max = vol->upcase_len;
1712 	for (i = 0; i < max; i++)
1713 		if (vol->upcase[i] != default_upcase[i])
1714 			break;
1715 	if (i == max) {
1716 		ntfs_free(vol->upcase);
1717 		vol->upcase = default_upcase;
1718 		vol->upcase_len = max;
1719 		ntfs_nr_upcase_users++;
1720 		mutex_unlock(&ntfs_lock);
1721 		ntfs_debug("Volume specified $UpCase matches default. Using "
1722 				"default.");
1723 		return true;
1724 	}
1725 	mutex_unlock(&ntfs_lock);
1726 	ntfs_debug("Using volume specified $UpCase since it does not match "
1727 			"the default.");
1728 	return true;
1729 iput_upcase_failed:
1730 	iput(ino);
1731 	ntfs_free(vol->upcase);
1732 	vol->upcase = NULL;
1733 upcase_failed:
1734 	mutex_lock(&ntfs_lock);
1735 	if (default_upcase) {
1736 		vol->upcase = default_upcase;
1737 		vol->upcase_len = default_upcase_len;
1738 		ntfs_nr_upcase_users++;
1739 		mutex_unlock(&ntfs_lock);
1740 		ntfs_error(sb, "Failed to load $UpCase from the volume. Using "
1741 				"default.");
1742 		return true;
1743 	}
1744 	mutex_unlock(&ntfs_lock);
1745 	ntfs_error(sb, "Failed to initialize upcase table.");
1746 	return false;
1747 }
1748 
1749 /*
1750  * The lcn and mft bitmap inodes are NTFS-internal inodes with
1751  * their own special locking rules:
1752  */
1753 static struct lock_class_key
1754 	lcnbmp_runlist_lock_key, lcnbmp_mrec_lock_key,
1755 	mftbmp_runlist_lock_key, mftbmp_mrec_lock_key;
1756 
1757 /**
1758  * load_system_files - open the system files using normal functions
1759  * @vol:	ntfs super block describing device whose system files to load
1760  *
1761  * Open the system files with normal access functions and complete setting up
1762  * the ntfs super block @vol.
1763  *
1764  * Return 'true' on success or 'false' on error.
1765  */
load_system_files(ntfs_volume * vol)1766 static bool load_system_files(ntfs_volume *vol)
1767 {
1768 	struct super_block *sb = vol->sb;
1769 	MFT_RECORD *m;
1770 	VOLUME_INFORMATION *vi;
1771 	ntfs_attr_search_ctx *ctx;
1772 #ifdef NTFS_RW
1773 	RESTART_PAGE_HEADER *rp;
1774 	int err;
1775 #endif /* NTFS_RW */
1776 
1777 	ntfs_debug("Entering.");
1778 #ifdef NTFS_RW
1779 	/* Get mft mirror inode compare the contents of $MFT and $MFTMirr. */
1780 	if (!load_and_init_mft_mirror(vol) || !check_mft_mirror(vol)) {
1781 		static const char *es1 = "Failed to load $MFTMirr";
1782 		static const char *es2 = "$MFTMirr does not match $MFT";
1783 		static const char *es3 = ".  Run ntfsfix and/or chkdsk.";
1784 
1785 		/* If a read-write mount, convert it to a read-only mount. */
1786 		if (!sb_rdonly(sb)) {
1787 			if (!(vol->on_errors & (ON_ERRORS_REMOUNT_RO |
1788 					ON_ERRORS_CONTINUE))) {
1789 				ntfs_error(sb, "%s and neither on_errors="
1790 						"continue nor on_errors="
1791 						"remount-ro was specified%s",
1792 						!vol->mftmirr_ino ? es1 : es2,
1793 						es3);
1794 				goto iput_mirr_err_out;
1795 			}
1796 			sb->s_flags |= SB_RDONLY;
1797 			ntfs_error(sb, "%s.  Mounting read-only%s",
1798 					!vol->mftmirr_ino ? es1 : es2, es3);
1799 		} else
1800 			ntfs_warning(sb, "%s.  Will not be able to remount "
1801 					"read-write%s",
1802 					!vol->mftmirr_ino ? es1 : es2, es3);
1803 		/* This will prevent a read-write remount. */
1804 		NVolSetErrors(vol);
1805 	}
1806 #endif /* NTFS_RW */
1807 	/* Get mft bitmap attribute inode. */
1808 	vol->mftbmp_ino = ntfs_attr_iget(vol->mft_ino, AT_BITMAP, NULL, 0);
1809 	if (IS_ERR(vol->mftbmp_ino)) {
1810 		ntfs_error(sb, "Failed to load $MFT/$BITMAP attribute.");
1811 		goto iput_mirr_err_out;
1812 	}
1813 	lockdep_set_class(&NTFS_I(vol->mftbmp_ino)->runlist.lock,
1814 			   &mftbmp_runlist_lock_key);
1815 	lockdep_set_class(&NTFS_I(vol->mftbmp_ino)->mrec_lock,
1816 			   &mftbmp_mrec_lock_key);
1817 	/* Read upcase table and setup @vol->upcase and @vol->upcase_len. */
1818 	if (!load_and_init_upcase(vol))
1819 		goto iput_mftbmp_err_out;
1820 #ifdef NTFS_RW
1821 	/*
1822 	 * Read attribute definitions table and setup @vol->attrdef and
1823 	 * @vol->attrdef_size.
1824 	 */
1825 	if (!load_and_init_attrdef(vol))
1826 		goto iput_upcase_err_out;
1827 #endif /* NTFS_RW */
1828 	/*
1829 	 * Get the cluster allocation bitmap inode and verify the size, no
1830 	 * need for any locking at this stage as we are already running
1831 	 * exclusively as we are mount in progress task.
1832 	 */
1833 	vol->lcnbmp_ino = ntfs_iget(sb, FILE_Bitmap);
1834 	if (IS_ERR(vol->lcnbmp_ino) || is_bad_inode(vol->lcnbmp_ino)) {
1835 		if (!IS_ERR(vol->lcnbmp_ino))
1836 			iput(vol->lcnbmp_ino);
1837 		goto bitmap_failed;
1838 	}
1839 	lockdep_set_class(&NTFS_I(vol->lcnbmp_ino)->runlist.lock,
1840 			   &lcnbmp_runlist_lock_key);
1841 	lockdep_set_class(&NTFS_I(vol->lcnbmp_ino)->mrec_lock,
1842 			   &lcnbmp_mrec_lock_key);
1843 
1844 	NInoSetSparseDisabled(NTFS_I(vol->lcnbmp_ino));
1845 	if ((vol->nr_clusters + 7) >> 3 > i_size_read(vol->lcnbmp_ino)) {
1846 		iput(vol->lcnbmp_ino);
1847 bitmap_failed:
1848 		ntfs_error(sb, "Failed to load $Bitmap.");
1849 		goto iput_attrdef_err_out;
1850 	}
1851 	/*
1852 	 * Get the volume inode and setup our cache of the volume flags and
1853 	 * version.
1854 	 */
1855 	vol->vol_ino = ntfs_iget(sb, FILE_Volume);
1856 	if (IS_ERR(vol->vol_ino) || is_bad_inode(vol->vol_ino)) {
1857 		if (!IS_ERR(vol->vol_ino))
1858 			iput(vol->vol_ino);
1859 volume_failed:
1860 		ntfs_error(sb, "Failed to load $Volume.");
1861 		goto iput_lcnbmp_err_out;
1862 	}
1863 	m = map_mft_record(NTFS_I(vol->vol_ino));
1864 	if (IS_ERR(m)) {
1865 iput_volume_failed:
1866 		iput(vol->vol_ino);
1867 		goto volume_failed;
1868 	}
1869 	if (!(ctx = ntfs_attr_get_search_ctx(NTFS_I(vol->vol_ino), m))) {
1870 		ntfs_error(sb, "Failed to get attribute search context.");
1871 		goto get_ctx_vol_failed;
1872 	}
1873 	if (ntfs_attr_lookup(AT_VOLUME_INFORMATION, NULL, 0, 0, 0, NULL, 0,
1874 			ctx) || ctx->attr->non_resident || ctx->attr->flags) {
1875 err_put_vol:
1876 		ntfs_attr_put_search_ctx(ctx);
1877 get_ctx_vol_failed:
1878 		unmap_mft_record(NTFS_I(vol->vol_ino));
1879 		goto iput_volume_failed;
1880 	}
1881 	vi = (VOLUME_INFORMATION*)((char*)ctx->attr +
1882 			le16_to_cpu(ctx->attr->data.resident.value_offset));
1883 	/* Some bounds checks. */
1884 	if ((u8*)vi < (u8*)ctx->attr || (u8*)vi +
1885 			le32_to_cpu(ctx->attr->data.resident.value_length) >
1886 			(u8*)ctx->attr + le32_to_cpu(ctx->attr->length))
1887 		goto err_put_vol;
1888 	/* Copy the volume flags and version to the ntfs_volume structure. */
1889 	vol->vol_flags = vi->flags;
1890 	vol->major_ver = vi->major_ver;
1891 	vol->minor_ver = vi->minor_ver;
1892 	ntfs_attr_put_search_ctx(ctx);
1893 	unmap_mft_record(NTFS_I(vol->vol_ino));
1894 	pr_info("volume version %i.%i.\n", vol->major_ver,
1895 			vol->minor_ver);
1896 	if (vol->major_ver < 3 && NVolSparseEnabled(vol)) {
1897 		ntfs_warning(vol->sb, "Disabling sparse support due to NTFS "
1898 				"volume version %i.%i (need at least version "
1899 				"3.0).", vol->major_ver, vol->minor_ver);
1900 		NVolClearSparseEnabled(vol);
1901 	}
1902 #ifdef NTFS_RW
1903 	/* Make sure that no unsupported volume flags are set. */
1904 	if (vol->vol_flags & VOLUME_MUST_MOUNT_RO_MASK) {
1905 		static const char *es1a = "Volume is dirty";
1906 		static const char *es1b = "Volume has been modified by chkdsk";
1907 		static const char *es1c = "Volume has unsupported flags set";
1908 		static const char *es2a = ".  Run chkdsk and mount in Windows.";
1909 		static const char *es2b = ".  Mount in Windows.";
1910 		const char *es1, *es2;
1911 
1912 		es2 = es2a;
1913 		if (vol->vol_flags & VOLUME_IS_DIRTY)
1914 			es1 = es1a;
1915 		else if (vol->vol_flags & VOLUME_MODIFIED_BY_CHKDSK) {
1916 			es1 = es1b;
1917 			es2 = es2b;
1918 		} else {
1919 			es1 = es1c;
1920 			ntfs_warning(sb, "Unsupported volume flags 0x%x "
1921 					"encountered.",
1922 					(unsigned)le16_to_cpu(vol->vol_flags));
1923 		}
1924 		/* If a read-write mount, convert it to a read-only mount. */
1925 		if (!sb_rdonly(sb)) {
1926 			if (!(vol->on_errors & (ON_ERRORS_REMOUNT_RO |
1927 					ON_ERRORS_CONTINUE))) {
1928 				ntfs_error(sb, "%s and neither on_errors="
1929 						"continue nor on_errors="
1930 						"remount-ro was specified%s",
1931 						es1, es2);
1932 				goto iput_vol_err_out;
1933 			}
1934 			sb->s_flags |= SB_RDONLY;
1935 			ntfs_error(sb, "%s.  Mounting read-only%s", es1, es2);
1936 		} else
1937 			ntfs_warning(sb, "%s.  Will not be able to remount "
1938 					"read-write%s", es1, es2);
1939 		/*
1940 		 * Do not set NVolErrors() because ntfs_remount() re-checks the
1941 		 * flags which we need to do in case any flags have changed.
1942 		 */
1943 	}
1944 	/*
1945 	 * Get the inode for the logfile, check it and determine if the volume
1946 	 * was shutdown cleanly.
1947 	 */
1948 	rp = NULL;
1949 	if (!load_and_check_logfile(vol, &rp) ||
1950 			!ntfs_is_logfile_clean(vol->logfile_ino, rp)) {
1951 		static const char *es1a = "Failed to load $LogFile";
1952 		static const char *es1b = "$LogFile is not clean";
1953 		static const char *es2 = ".  Mount in Windows.";
1954 		const char *es1;
1955 
1956 		es1 = !vol->logfile_ino ? es1a : es1b;
1957 		/* If a read-write mount, convert it to a read-only mount. */
1958 		if (!sb_rdonly(sb)) {
1959 			if (!(vol->on_errors & (ON_ERRORS_REMOUNT_RO |
1960 					ON_ERRORS_CONTINUE))) {
1961 				ntfs_error(sb, "%s and neither on_errors="
1962 						"continue nor on_errors="
1963 						"remount-ro was specified%s",
1964 						es1, es2);
1965 				if (vol->logfile_ino) {
1966 					BUG_ON(!rp);
1967 					ntfs_free(rp);
1968 				}
1969 				goto iput_logfile_err_out;
1970 			}
1971 			sb->s_flags |= SB_RDONLY;
1972 			ntfs_error(sb, "%s.  Mounting read-only%s", es1, es2);
1973 		} else
1974 			ntfs_warning(sb, "%s.  Will not be able to remount "
1975 					"read-write%s", es1, es2);
1976 		/* This will prevent a read-write remount. */
1977 		NVolSetErrors(vol);
1978 	}
1979 	ntfs_free(rp);
1980 #endif /* NTFS_RW */
1981 	/* Get the root directory inode so we can do path lookups. */
1982 	vol->root_ino = ntfs_iget(sb, FILE_root);
1983 	if (IS_ERR(vol->root_ino) || is_bad_inode(vol->root_ino)) {
1984 		if (!IS_ERR(vol->root_ino))
1985 			iput(vol->root_ino);
1986 		ntfs_error(sb, "Failed to load root directory.");
1987 		goto iput_logfile_err_out;
1988 	}
1989 #ifdef NTFS_RW
1990 	/*
1991 	 * Check if Windows is suspended to disk on the target volume.  If it
1992 	 * is hibernated, we must not write *anything* to the disk so set
1993 	 * NVolErrors() without setting the dirty volume flag and mount
1994 	 * read-only.  This will prevent read-write remounting and it will also
1995 	 * prevent all writes.
1996 	 */
1997 	err = check_windows_hibernation_status(vol);
1998 	if (unlikely(err)) {
1999 		static const char *es1a = "Failed to determine if Windows is "
2000 				"hibernated";
2001 		static const char *es1b = "Windows is hibernated";
2002 		static const char *es2 = ".  Run chkdsk.";
2003 		const char *es1;
2004 
2005 		es1 = err < 0 ? es1a : es1b;
2006 		/* If a read-write mount, convert it to a read-only mount. */
2007 		if (!sb_rdonly(sb)) {
2008 			if (!(vol->on_errors & (ON_ERRORS_REMOUNT_RO |
2009 					ON_ERRORS_CONTINUE))) {
2010 				ntfs_error(sb, "%s and neither on_errors="
2011 						"continue nor on_errors="
2012 						"remount-ro was specified%s",
2013 						es1, es2);
2014 				goto iput_root_err_out;
2015 			}
2016 			sb->s_flags |= SB_RDONLY;
2017 			ntfs_error(sb, "%s.  Mounting read-only%s", es1, es2);
2018 		} else
2019 			ntfs_warning(sb, "%s.  Will not be able to remount "
2020 					"read-write%s", es1, es2);
2021 		/* This will prevent a read-write remount. */
2022 		NVolSetErrors(vol);
2023 	}
2024 	/* If (still) a read-write mount, mark the volume dirty. */
2025 	if (!sb_rdonly(sb) && ntfs_set_volume_flags(vol, VOLUME_IS_DIRTY)) {
2026 		static const char *es1 = "Failed to set dirty bit in volume "
2027 				"information flags";
2028 		static const char *es2 = ".  Run chkdsk.";
2029 
2030 		/* Convert to a read-only mount. */
2031 		if (!(vol->on_errors & (ON_ERRORS_REMOUNT_RO |
2032 				ON_ERRORS_CONTINUE))) {
2033 			ntfs_error(sb, "%s and neither on_errors=continue nor "
2034 					"on_errors=remount-ro was specified%s",
2035 					es1, es2);
2036 			goto iput_root_err_out;
2037 		}
2038 		ntfs_error(sb, "%s.  Mounting read-only%s", es1, es2);
2039 		sb->s_flags |= SB_RDONLY;
2040 		/*
2041 		 * Do not set NVolErrors() because ntfs_remount() might manage
2042 		 * to set the dirty flag in which case all would be well.
2043 		 */
2044 	}
2045 #if 0
2046 	// TODO: Enable this code once we start modifying anything that is
2047 	//	 different between NTFS 1.2 and 3.x...
2048 	/*
2049 	 * If (still) a read-write mount, set the NT4 compatibility flag on
2050 	 * newer NTFS version volumes.
2051 	 */
2052 	if (!(sb->s_flags & SB_RDONLY) && (vol->major_ver > 1) &&
2053 			ntfs_set_volume_flags(vol, VOLUME_MOUNTED_ON_NT4)) {
2054 		static const char *es1 = "Failed to set NT4 compatibility flag";
2055 		static const char *es2 = ".  Run chkdsk.";
2056 
2057 		/* Convert to a read-only mount. */
2058 		if (!(vol->on_errors & (ON_ERRORS_REMOUNT_RO |
2059 				ON_ERRORS_CONTINUE))) {
2060 			ntfs_error(sb, "%s and neither on_errors=continue nor "
2061 					"on_errors=remount-ro was specified%s",
2062 					es1, es2);
2063 			goto iput_root_err_out;
2064 		}
2065 		ntfs_error(sb, "%s.  Mounting read-only%s", es1, es2);
2066 		sb->s_flags |= SB_RDONLY;
2067 		NVolSetErrors(vol);
2068 	}
2069 #endif
2070 	/* If (still) a read-write mount, empty the logfile. */
2071 	if (!sb_rdonly(sb) && !ntfs_empty_logfile(vol->logfile_ino)) {
2072 		static const char *es1 = "Failed to empty $LogFile";
2073 		static const char *es2 = ".  Mount in Windows.";
2074 
2075 		/* Convert to a read-only mount. */
2076 		if (!(vol->on_errors & (ON_ERRORS_REMOUNT_RO |
2077 				ON_ERRORS_CONTINUE))) {
2078 			ntfs_error(sb, "%s and neither on_errors=continue nor "
2079 					"on_errors=remount-ro was specified%s",
2080 					es1, es2);
2081 			goto iput_root_err_out;
2082 		}
2083 		ntfs_error(sb, "%s.  Mounting read-only%s", es1, es2);
2084 		sb->s_flags |= SB_RDONLY;
2085 		NVolSetErrors(vol);
2086 	}
2087 #endif /* NTFS_RW */
2088 	/* If on NTFS versions before 3.0, we are done. */
2089 	if (unlikely(vol->major_ver < 3))
2090 		return true;
2091 	/* NTFS 3.0+ specific initialization. */
2092 	/* Get the security descriptors inode. */
2093 	vol->secure_ino = ntfs_iget(sb, FILE_Secure);
2094 	if (IS_ERR(vol->secure_ino) || is_bad_inode(vol->secure_ino)) {
2095 		if (!IS_ERR(vol->secure_ino))
2096 			iput(vol->secure_ino);
2097 		ntfs_error(sb, "Failed to load $Secure.");
2098 		goto iput_root_err_out;
2099 	}
2100 	// TODO: Initialize security.
2101 	/* Get the extended system files' directory inode. */
2102 	vol->extend_ino = ntfs_iget(sb, FILE_Extend);
2103 	if (IS_ERR(vol->extend_ino) || is_bad_inode(vol->extend_ino) ||
2104 	    !S_ISDIR(vol->extend_ino->i_mode)) {
2105 		if (!IS_ERR(vol->extend_ino))
2106 			iput(vol->extend_ino);
2107 		ntfs_error(sb, "Failed to load $Extend.");
2108 		goto iput_sec_err_out;
2109 	}
2110 #ifdef NTFS_RW
2111 	/* Find the quota file, load it if present, and set it up. */
2112 	if (!load_and_init_quota(vol)) {
2113 		static const char *es1 = "Failed to load $Quota";
2114 		static const char *es2 = ".  Run chkdsk.";
2115 
2116 		/* If a read-write mount, convert it to a read-only mount. */
2117 		if (!sb_rdonly(sb)) {
2118 			if (!(vol->on_errors & (ON_ERRORS_REMOUNT_RO |
2119 					ON_ERRORS_CONTINUE))) {
2120 				ntfs_error(sb, "%s and neither on_errors="
2121 						"continue nor on_errors="
2122 						"remount-ro was specified%s",
2123 						es1, es2);
2124 				goto iput_quota_err_out;
2125 			}
2126 			sb->s_flags |= SB_RDONLY;
2127 			ntfs_error(sb, "%s.  Mounting read-only%s", es1, es2);
2128 		} else
2129 			ntfs_warning(sb, "%s.  Will not be able to remount "
2130 					"read-write%s", es1, es2);
2131 		/* This will prevent a read-write remount. */
2132 		NVolSetErrors(vol);
2133 	}
2134 	/* If (still) a read-write mount, mark the quotas out of date. */
2135 	if (!sb_rdonly(sb) && !ntfs_mark_quotas_out_of_date(vol)) {
2136 		static const char *es1 = "Failed to mark quotas out of date";
2137 		static const char *es2 = ".  Run chkdsk.";
2138 
2139 		/* Convert to a read-only mount. */
2140 		if (!(vol->on_errors & (ON_ERRORS_REMOUNT_RO |
2141 				ON_ERRORS_CONTINUE))) {
2142 			ntfs_error(sb, "%s and neither on_errors=continue nor "
2143 					"on_errors=remount-ro was specified%s",
2144 					es1, es2);
2145 			goto iput_quota_err_out;
2146 		}
2147 		ntfs_error(sb, "%s.  Mounting read-only%s", es1, es2);
2148 		sb->s_flags |= SB_RDONLY;
2149 		NVolSetErrors(vol);
2150 	}
2151 	/*
2152 	 * Find the transaction log file ($UsnJrnl), load it if present, check
2153 	 * it, and set it up.
2154 	 */
2155 	if (!load_and_init_usnjrnl(vol)) {
2156 		static const char *es1 = "Failed to load $UsnJrnl";
2157 		static const char *es2 = ".  Run chkdsk.";
2158 
2159 		/* If a read-write mount, convert it to a read-only mount. */
2160 		if (!sb_rdonly(sb)) {
2161 			if (!(vol->on_errors & (ON_ERRORS_REMOUNT_RO |
2162 					ON_ERRORS_CONTINUE))) {
2163 				ntfs_error(sb, "%s and neither on_errors="
2164 						"continue nor on_errors="
2165 						"remount-ro was specified%s",
2166 						es1, es2);
2167 				goto iput_usnjrnl_err_out;
2168 			}
2169 			sb->s_flags |= SB_RDONLY;
2170 			ntfs_error(sb, "%s.  Mounting read-only%s", es1, es2);
2171 		} else
2172 			ntfs_warning(sb, "%s.  Will not be able to remount "
2173 					"read-write%s", es1, es2);
2174 		/* This will prevent a read-write remount. */
2175 		NVolSetErrors(vol);
2176 	}
2177 	/* If (still) a read-write mount, stamp the transaction log. */
2178 	if (!sb_rdonly(sb) && !ntfs_stamp_usnjrnl(vol)) {
2179 		static const char *es1 = "Failed to stamp transaction log "
2180 				"($UsnJrnl)";
2181 		static const char *es2 = ".  Run chkdsk.";
2182 
2183 		/* Convert to a read-only mount. */
2184 		if (!(vol->on_errors & (ON_ERRORS_REMOUNT_RO |
2185 				ON_ERRORS_CONTINUE))) {
2186 			ntfs_error(sb, "%s and neither on_errors=continue nor "
2187 					"on_errors=remount-ro was specified%s",
2188 					es1, es2);
2189 			goto iput_usnjrnl_err_out;
2190 		}
2191 		ntfs_error(sb, "%s.  Mounting read-only%s", es1, es2);
2192 		sb->s_flags |= SB_RDONLY;
2193 		NVolSetErrors(vol);
2194 	}
2195 #endif /* NTFS_RW */
2196 	return true;
2197 #ifdef NTFS_RW
2198 iput_usnjrnl_err_out:
2199 	iput(vol->usnjrnl_j_ino);
2200 	iput(vol->usnjrnl_max_ino);
2201 	iput(vol->usnjrnl_ino);
2202 iput_quota_err_out:
2203 	iput(vol->quota_q_ino);
2204 	iput(vol->quota_ino);
2205 	iput(vol->extend_ino);
2206 #endif /* NTFS_RW */
2207 iput_sec_err_out:
2208 	iput(vol->secure_ino);
2209 iput_root_err_out:
2210 	iput(vol->root_ino);
2211 iput_logfile_err_out:
2212 #ifdef NTFS_RW
2213 	iput(vol->logfile_ino);
2214 iput_vol_err_out:
2215 #endif /* NTFS_RW */
2216 	iput(vol->vol_ino);
2217 iput_lcnbmp_err_out:
2218 	iput(vol->lcnbmp_ino);
2219 iput_attrdef_err_out:
2220 	vol->attrdef_size = 0;
2221 	if (vol->attrdef) {
2222 		ntfs_free(vol->attrdef);
2223 		vol->attrdef = NULL;
2224 	}
2225 #ifdef NTFS_RW
2226 iput_upcase_err_out:
2227 #endif /* NTFS_RW */
2228 	vol->upcase_len = 0;
2229 	mutex_lock(&ntfs_lock);
2230 	if (vol->upcase == default_upcase) {
2231 		ntfs_nr_upcase_users--;
2232 		vol->upcase = NULL;
2233 	}
2234 	mutex_unlock(&ntfs_lock);
2235 	if (vol->upcase) {
2236 		ntfs_free(vol->upcase);
2237 		vol->upcase = NULL;
2238 	}
2239 iput_mftbmp_err_out:
2240 	iput(vol->mftbmp_ino);
2241 iput_mirr_err_out:
2242 #ifdef NTFS_RW
2243 	iput(vol->mftmirr_ino);
2244 #endif /* NTFS_RW */
2245 	return false;
2246 }
2247 
2248 /**
2249  * ntfs_put_super - called by the vfs to unmount a volume
2250  * @sb:		vfs superblock of volume to unmount
2251  *
2252  * ntfs_put_super() is called by the VFS (from fs/super.c::do_umount()) when
2253  * the volume is being unmounted (umount system call has been invoked) and it
2254  * releases all inodes and memory belonging to the NTFS specific part of the
2255  * super block.
2256  */
ntfs_put_super(struct super_block * sb)2257 static void ntfs_put_super(struct super_block *sb)
2258 {
2259 	ntfs_volume *vol = NTFS_SB(sb);
2260 
2261 	ntfs_debug("Entering.");
2262 
2263 #ifdef NTFS_RW
2264 	/*
2265 	 * Commit all inodes while they are still open in case some of them
2266 	 * cause others to be dirtied.
2267 	 */
2268 	ntfs_commit_inode(vol->vol_ino);
2269 
2270 	/* NTFS 3.0+ specific. */
2271 	if (vol->major_ver >= 3) {
2272 		if (vol->usnjrnl_j_ino)
2273 			ntfs_commit_inode(vol->usnjrnl_j_ino);
2274 		if (vol->usnjrnl_max_ino)
2275 			ntfs_commit_inode(vol->usnjrnl_max_ino);
2276 		if (vol->usnjrnl_ino)
2277 			ntfs_commit_inode(vol->usnjrnl_ino);
2278 		if (vol->quota_q_ino)
2279 			ntfs_commit_inode(vol->quota_q_ino);
2280 		if (vol->quota_ino)
2281 			ntfs_commit_inode(vol->quota_ino);
2282 		if (vol->extend_ino)
2283 			ntfs_commit_inode(vol->extend_ino);
2284 		if (vol->secure_ino)
2285 			ntfs_commit_inode(vol->secure_ino);
2286 	}
2287 
2288 	ntfs_commit_inode(vol->root_ino);
2289 
2290 	down_write(&vol->lcnbmp_lock);
2291 	ntfs_commit_inode(vol->lcnbmp_ino);
2292 	up_write(&vol->lcnbmp_lock);
2293 
2294 	down_write(&vol->mftbmp_lock);
2295 	ntfs_commit_inode(vol->mftbmp_ino);
2296 	up_write(&vol->mftbmp_lock);
2297 
2298 	if (vol->logfile_ino)
2299 		ntfs_commit_inode(vol->logfile_ino);
2300 
2301 	if (vol->mftmirr_ino)
2302 		ntfs_commit_inode(vol->mftmirr_ino);
2303 	ntfs_commit_inode(vol->mft_ino);
2304 
2305 	/*
2306 	 * If a read-write mount and no volume errors have occurred, mark the
2307 	 * volume clean.  Also, re-commit all affected inodes.
2308 	 */
2309 	if (!sb_rdonly(sb)) {
2310 		if (!NVolErrors(vol)) {
2311 			if (ntfs_clear_volume_flags(vol, VOLUME_IS_DIRTY))
2312 				ntfs_warning(sb, "Failed to clear dirty bit "
2313 						"in volume information "
2314 						"flags.  Run chkdsk.");
2315 			ntfs_commit_inode(vol->vol_ino);
2316 			ntfs_commit_inode(vol->root_ino);
2317 			if (vol->mftmirr_ino)
2318 				ntfs_commit_inode(vol->mftmirr_ino);
2319 			ntfs_commit_inode(vol->mft_ino);
2320 		} else {
2321 			ntfs_warning(sb, "Volume has errors.  Leaving volume "
2322 					"marked dirty.  Run chkdsk.");
2323 		}
2324 	}
2325 #endif /* NTFS_RW */
2326 
2327 	iput(vol->vol_ino);
2328 	vol->vol_ino = NULL;
2329 
2330 	/* NTFS 3.0+ specific clean up. */
2331 	if (vol->major_ver >= 3) {
2332 #ifdef NTFS_RW
2333 		if (vol->usnjrnl_j_ino) {
2334 			iput(vol->usnjrnl_j_ino);
2335 			vol->usnjrnl_j_ino = NULL;
2336 		}
2337 		if (vol->usnjrnl_max_ino) {
2338 			iput(vol->usnjrnl_max_ino);
2339 			vol->usnjrnl_max_ino = NULL;
2340 		}
2341 		if (vol->usnjrnl_ino) {
2342 			iput(vol->usnjrnl_ino);
2343 			vol->usnjrnl_ino = NULL;
2344 		}
2345 		if (vol->quota_q_ino) {
2346 			iput(vol->quota_q_ino);
2347 			vol->quota_q_ino = NULL;
2348 		}
2349 		if (vol->quota_ino) {
2350 			iput(vol->quota_ino);
2351 			vol->quota_ino = NULL;
2352 		}
2353 #endif /* NTFS_RW */
2354 		if (vol->extend_ino) {
2355 			iput(vol->extend_ino);
2356 			vol->extend_ino = NULL;
2357 		}
2358 		if (vol->secure_ino) {
2359 			iput(vol->secure_ino);
2360 			vol->secure_ino = NULL;
2361 		}
2362 	}
2363 
2364 	iput(vol->root_ino);
2365 	vol->root_ino = NULL;
2366 
2367 	down_write(&vol->lcnbmp_lock);
2368 	iput(vol->lcnbmp_ino);
2369 	vol->lcnbmp_ino = NULL;
2370 	up_write(&vol->lcnbmp_lock);
2371 
2372 	down_write(&vol->mftbmp_lock);
2373 	iput(vol->mftbmp_ino);
2374 	vol->mftbmp_ino = NULL;
2375 	up_write(&vol->mftbmp_lock);
2376 
2377 #ifdef NTFS_RW
2378 	if (vol->logfile_ino) {
2379 		iput(vol->logfile_ino);
2380 		vol->logfile_ino = NULL;
2381 	}
2382 	if (vol->mftmirr_ino) {
2383 		/* Re-commit the mft mirror and mft just in case. */
2384 		ntfs_commit_inode(vol->mftmirr_ino);
2385 		ntfs_commit_inode(vol->mft_ino);
2386 		iput(vol->mftmirr_ino);
2387 		vol->mftmirr_ino = NULL;
2388 	}
2389 	/*
2390 	 * We should have no dirty inodes left, due to
2391 	 * mft.c::ntfs_mft_writepage() cleaning all the dirty pages as
2392 	 * the underlying mft records are written out and cleaned.
2393 	 */
2394 	ntfs_commit_inode(vol->mft_ino);
2395 	write_inode_now(vol->mft_ino, 1);
2396 #endif /* NTFS_RW */
2397 
2398 	iput(vol->mft_ino);
2399 	vol->mft_ino = NULL;
2400 
2401 	/* Throw away the table of attribute definitions. */
2402 	vol->attrdef_size = 0;
2403 	if (vol->attrdef) {
2404 		ntfs_free(vol->attrdef);
2405 		vol->attrdef = NULL;
2406 	}
2407 	vol->upcase_len = 0;
2408 	/*
2409 	 * Destroy the global default upcase table if necessary.  Also decrease
2410 	 * the number of upcase users if we are a user.
2411 	 */
2412 	mutex_lock(&ntfs_lock);
2413 	if (vol->upcase == default_upcase) {
2414 		ntfs_nr_upcase_users--;
2415 		vol->upcase = NULL;
2416 	}
2417 	if (!ntfs_nr_upcase_users && default_upcase) {
2418 		ntfs_free(default_upcase);
2419 		default_upcase = NULL;
2420 	}
2421 	if (vol->cluster_size <= 4096 && !--ntfs_nr_compression_users)
2422 		free_compression_buffers();
2423 	mutex_unlock(&ntfs_lock);
2424 	if (vol->upcase) {
2425 		ntfs_free(vol->upcase);
2426 		vol->upcase = NULL;
2427 	}
2428 
2429 	unload_nls(vol->nls_map);
2430 
2431 	sb->s_fs_info = NULL;
2432 	kfree(vol);
2433 }
2434 
2435 /**
2436  * get_nr_free_clusters - return the number of free clusters on a volume
2437  * @vol:	ntfs volume for which to obtain free cluster count
2438  *
2439  * Calculate the number of free clusters on the mounted NTFS volume @vol. We
2440  * actually calculate the number of clusters in use instead because this
2441  * allows us to not care about partial pages as these will be just zero filled
2442  * and hence not be counted as allocated clusters.
2443  *
2444  * The only particularity is that clusters beyond the end of the logical ntfs
2445  * volume will be marked as allocated to prevent errors which means we have to
2446  * discount those at the end. This is important as the cluster bitmap always
2447  * has a size in multiples of 8 bytes, i.e. up to 63 clusters could be outside
2448  * the logical volume and marked in use when they are not as they do not exist.
2449  *
2450  * If any pages cannot be read we assume all clusters in the erroring pages are
2451  * in use. This means we return an underestimate on errors which is better than
2452  * an overestimate.
2453  */
get_nr_free_clusters(ntfs_volume * vol)2454 static s64 get_nr_free_clusters(ntfs_volume *vol)
2455 {
2456 	s64 nr_free = vol->nr_clusters;
2457 	struct address_space *mapping = vol->lcnbmp_ino->i_mapping;
2458 	struct page *page;
2459 	pgoff_t index, max_index;
2460 
2461 	ntfs_debug("Entering.");
2462 	/* Serialize accesses to the cluster bitmap. */
2463 	down_read(&vol->lcnbmp_lock);
2464 	/*
2465 	 * Convert the number of bits into bytes rounded up, then convert into
2466 	 * multiples of PAGE_SIZE, rounding up so that if we have one
2467 	 * full and one partial page max_index = 2.
2468 	 */
2469 	max_index = (((vol->nr_clusters + 7) >> 3) + PAGE_SIZE - 1) >>
2470 			PAGE_SHIFT;
2471 	/* Use multiples of 4 bytes, thus max_size is PAGE_SIZE / 4. */
2472 	ntfs_debug("Reading $Bitmap, max_index = 0x%lx, max_size = 0x%lx.",
2473 			max_index, PAGE_SIZE / 4);
2474 	for (index = 0; index < max_index; index++) {
2475 		unsigned long *kaddr;
2476 
2477 		/*
2478 		 * Read the page from page cache, getting it from backing store
2479 		 * if necessary, and increment the use count.
2480 		 */
2481 		page = read_mapping_page(mapping, index, NULL);
2482 		/* Ignore pages which errored synchronously. */
2483 		if (IS_ERR(page)) {
2484 			ntfs_debug("read_mapping_page() error. Skipping "
2485 					"page (index 0x%lx).", index);
2486 			nr_free -= PAGE_SIZE * 8;
2487 			continue;
2488 		}
2489 		kaddr = kmap_atomic(page);
2490 		/*
2491 		 * Subtract the number of set bits. If this
2492 		 * is the last page and it is partial we don't really care as
2493 		 * it just means we do a little extra work but it won't affect
2494 		 * the result as all out of range bytes are set to zero by
2495 		 * ntfs_readpage().
2496 		 */
2497 		nr_free -= bitmap_weight(kaddr,
2498 					PAGE_SIZE * BITS_PER_BYTE);
2499 		kunmap_atomic(kaddr);
2500 		put_page(page);
2501 	}
2502 	ntfs_debug("Finished reading $Bitmap, last index = 0x%lx.", index - 1);
2503 	/*
2504 	 * Fixup for eventual bits outside logical ntfs volume (see function
2505 	 * description above).
2506 	 */
2507 	if (vol->nr_clusters & 63)
2508 		nr_free += 64 - (vol->nr_clusters & 63);
2509 	up_read(&vol->lcnbmp_lock);
2510 	/* If errors occurred we may well have gone below zero, fix this. */
2511 	if (nr_free < 0)
2512 		nr_free = 0;
2513 	ntfs_debug("Exiting.");
2514 	return nr_free;
2515 }
2516 
2517 /**
2518  * __get_nr_free_mft_records - return the number of free inodes on a volume
2519  * @vol:	ntfs volume for which to obtain free inode count
2520  * @nr_free:	number of mft records in filesystem
2521  * @max_index:	maximum number of pages containing set bits
2522  *
2523  * Calculate the number of free mft records (inodes) on the mounted NTFS
2524  * volume @vol. We actually calculate the number of mft records in use instead
2525  * because this allows us to not care about partial pages as these will be just
2526  * zero filled and hence not be counted as allocated mft record.
2527  *
2528  * If any pages cannot be read we assume all mft records in the erroring pages
2529  * are in use. This means we return an underestimate on errors which is better
2530  * than an overestimate.
2531  *
2532  * NOTE: Caller must hold mftbmp_lock rw_semaphore for reading or writing.
2533  */
__get_nr_free_mft_records(ntfs_volume * vol,s64 nr_free,const pgoff_t max_index)2534 static unsigned long __get_nr_free_mft_records(ntfs_volume *vol,
2535 		s64 nr_free, const pgoff_t max_index)
2536 {
2537 	struct address_space *mapping = vol->mftbmp_ino->i_mapping;
2538 	struct page *page;
2539 	pgoff_t index;
2540 
2541 	ntfs_debug("Entering.");
2542 	/* Use multiples of 4 bytes, thus max_size is PAGE_SIZE / 4. */
2543 	ntfs_debug("Reading $MFT/$BITMAP, max_index = 0x%lx, max_size = "
2544 			"0x%lx.", max_index, PAGE_SIZE / 4);
2545 	for (index = 0; index < max_index; index++) {
2546 		unsigned long *kaddr;
2547 
2548 		/*
2549 		 * Read the page from page cache, getting it from backing store
2550 		 * if necessary, and increment the use count.
2551 		 */
2552 		page = read_mapping_page(mapping, index, NULL);
2553 		/* Ignore pages which errored synchronously. */
2554 		if (IS_ERR(page)) {
2555 			ntfs_debug("read_mapping_page() error. Skipping "
2556 					"page (index 0x%lx).", index);
2557 			nr_free -= PAGE_SIZE * 8;
2558 			continue;
2559 		}
2560 		kaddr = kmap_atomic(page);
2561 		/*
2562 		 * Subtract the number of set bits. If this
2563 		 * is the last page and it is partial we don't really care as
2564 		 * it just means we do a little extra work but it won't affect
2565 		 * the result as all out of range bytes are set to zero by
2566 		 * ntfs_readpage().
2567 		 */
2568 		nr_free -= bitmap_weight(kaddr,
2569 					PAGE_SIZE * BITS_PER_BYTE);
2570 		kunmap_atomic(kaddr);
2571 		put_page(page);
2572 	}
2573 	ntfs_debug("Finished reading $MFT/$BITMAP, last index = 0x%lx.",
2574 			index - 1);
2575 	/* If errors occurred we may well have gone below zero, fix this. */
2576 	if (nr_free < 0)
2577 		nr_free = 0;
2578 	ntfs_debug("Exiting.");
2579 	return nr_free;
2580 }
2581 
2582 /**
2583  * ntfs_statfs - return information about mounted NTFS volume
2584  * @dentry:	dentry from mounted volume
2585  * @sfs:	statfs structure in which to return the information
2586  *
2587  * Return information about the mounted NTFS volume @dentry in the statfs structure
2588  * pointed to by @sfs (this is initialized with zeros before ntfs_statfs is
2589  * called). We interpret the values to be correct of the moment in time at
2590  * which we are called. Most values are variable otherwise and this isn't just
2591  * the free values but the totals as well. For example we can increase the
2592  * total number of file nodes if we run out and we can keep doing this until
2593  * there is no more space on the volume left at all.
2594  *
2595  * Called from vfs_statfs which is used to handle the statfs, fstatfs, and
2596  * ustat system calls.
2597  *
2598  * Return 0 on success or -errno on error.
2599  */
ntfs_statfs(struct dentry * dentry,struct kstatfs * sfs)2600 static int ntfs_statfs(struct dentry *dentry, struct kstatfs *sfs)
2601 {
2602 	struct super_block *sb = dentry->d_sb;
2603 	s64 size;
2604 	ntfs_volume *vol = NTFS_SB(sb);
2605 	ntfs_inode *mft_ni = NTFS_I(vol->mft_ino);
2606 	pgoff_t max_index;
2607 	unsigned long flags;
2608 
2609 	ntfs_debug("Entering.");
2610 	/* Type of filesystem. */
2611 	sfs->f_type   = NTFS_SB_MAGIC;
2612 	/* Optimal transfer block size. */
2613 	sfs->f_bsize  = PAGE_SIZE;
2614 	/*
2615 	 * Total data blocks in filesystem in units of f_bsize and since
2616 	 * inodes are also stored in data blocs ($MFT is a file) this is just
2617 	 * the total clusters.
2618 	 */
2619 	sfs->f_blocks = vol->nr_clusters << vol->cluster_size_bits >>
2620 				PAGE_SHIFT;
2621 	/* Free data blocks in filesystem in units of f_bsize. */
2622 	size	      = get_nr_free_clusters(vol) << vol->cluster_size_bits >>
2623 				PAGE_SHIFT;
2624 	if (size < 0LL)
2625 		size = 0LL;
2626 	/* Free blocks avail to non-superuser, same as above on NTFS. */
2627 	sfs->f_bavail = sfs->f_bfree = size;
2628 	/* Serialize accesses to the inode bitmap. */
2629 	down_read(&vol->mftbmp_lock);
2630 	read_lock_irqsave(&mft_ni->size_lock, flags);
2631 	size = i_size_read(vol->mft_ino) >> vol->mft_record_size_bits;
2632 	/*
2633 	 * Convert the maximum number of set bits into bytes rounded up, then
2634 	 * convert into multiples of PAGE_SIZE, rounding up so that if we
2635 	 * have one full and one partial page max_index = 2.
2636 	 */
2637 	max_index = ((((mft_ni->initialized_size >> vol->mft_record_size_bits)
2638 			+ 7) >> 3) + PAGE_SIZE - 1) >> PAGE_SHIFT;
2639 	read_unlock_irqrestore(&mft_ni->size_lock, flags);
2640 	/* Number of inodes in filesystem (at this point in time). */
2641 	sfs->f_files = size;
2642 	/* Free inodes in fs (based on current total count). */
2643 	sfs->f_ffree = __get_nr_free_mft_records(vol, size, max_index);
2644 	up_read(&vol->mftbmp_lock);
2645 	/*
2646 	 * File system id. This is extremely *nix flavour dependent and even
2647 	 * within Linux itself all fs do their own thing. I interpret this to
2648 	 * mean a unique id associated with the mounted fs and not the id
2649 	 * associated with the filesystem driver, the latter is already given
2650 	 * by the filesystem type in sfs->f_type. Thus we use the 64-bit
2651 	 * volume serial number splitting it into two 32-bit parts. We enter
2652 	 * the least significant 32-bits in f_fsid[0] and the most significant
2653 	 * 32-bits in f_fsid[1].
2654 	 */
2655 	sfs->f_fsid = u64_to_fsid(vol->serial_no);
2656 	/* Maximum length of filenames. */
2657 	sfs->f_namelen	   = NTFS_MAX_NAME_LEN;
2658 	return 0;
2659 }
2660 
2661 #ifdef NTFS_RW
ntfs_write_inode(struct inode * vi,struct writeback_control * wbc)2662 static int ntfs_write_inode(struct inode *vi, struct writeback_control *wbc)
2663 {
2664 	return __ntfs_write_inode(vi, wbc->sync_mode == WB_SYNC_ALL);
2665 }
2666 #endif
2667 
2668 /*
2669  * The complete super operations.
2670  */
2671 static const struct super_operations ntfs_sops = {
2672 	.alloc_inode	= ntfs_alloc_big_inode,	  /* VFS: Allocate new inode. */
2673 	.free_inode	= ntfs_free_big_inode, /* VFS: Deallocate inode. */
2674 #ifdef NTFS_RW
2675 	.write_inode	= ntfs_write_inode,	/* VFS: Write dirty inode to
2676 						   disk. */
2677 #endif /* NTFS_RW */
2678 	.put_super	= ntfs_put_super,	/* Syscall: umount. */
2679 	.statfs		= ntfs_statfs,		/* Syscall: statfs */
2680 	.remount_fs	= ntfs_remount,		/* Syscall: mount -o remount. */
2681 	.evict_inode	= ntfs_evict_big_inode,	/* VFS: Called when an inode is
2682 						   removed from memory. */
2683 	.show_options	= ntfs_show_options,	/* Show mount options in
2684 						   proc. */
2685 };
2686 
2687 /**
2688  * ntfs_fill_super - mount an ntfs filesystem
2689  * @sb:		super block of ntfs filesystem to mount
2690  * @opt:	string containing the mount options
2691  * @silent:	silence error output
2692  *
2693  * ntfs_fill_super() is called by the VFS to mount the device described by @sb
2694  * with the mount otions in @data with the NTFS filesystem.
2695  *
2696  * If @silent is true, remain silent even if errors are detected. This is used
2697  * during bootup, when the kernel tries to mount the root filesystem with all
2698  * registered filesystems one after the other until one succeeds. This implies
2699  * that all filesystems except the correct one will quite correctly and
2700  * expectedly return an error, but nobody wants to see error messages when in
2701  * fact this is what is supposed to happen.
2702  *
2703  * NOTE: @sb->s_flags contains the mount options flags.
2704  */
ntfs_fill_super(struct super_block * sb,void * opt,const int silent)2705 static int ntfs_fill_super(struct super_block *sb, void *opt, const int silent)
2706 {
2707 	ntfs_volume *vol;
2708 	struct buffer_head *bh;
2709 	struct inode *tmp_ino;
2710 	int blocksize, result;
2711 
2712 	/*
2713 	 * We do a pretty difficult piece of bootstrap by reading the
2714 	 * MFT (and other metadata) from disk into memory. We'll only
2715 	 * release this metadata during umount, so the locking patterns
2716 	 * observed during bootstrap do not count. So turn off the
2717 	 * observation of locking patterns (strictly for this context
2718 	 * only) while mounting NTFS. [The validator is still active
2719 	 * otherwise, even for this context: it will for example record
2720 	 * lock class registrations.]
2721 	 */
2722 	lockdep_off();
2723 	ntfs_debug("Entering.");
2724 #ifndef NTFS_RW
2725 	sb->s_flags |= SB_RDONLY;
2726 #endif /* ! NTFS_RW */
2727 	/* Allocate a new ntfs_volume and place it in sb->s_fs_info. */
2728 	sb->s_fs_info = kmalloc(sizeof(ntfs_volume), GFP_NOFS);
2729 	vol = NTFS_SB(sb);
2730 	if (!vol) {
2731 		if (!silent)
2732 			ntfs_error(sb, "Allocation of NTFS volume structure "
2733 					"failed. Aborting mount...");
2734 		lockdep_on();
2735 		return -ENOMEM;
2736 	}
2737 	/* Initialize ntfs_volume structure. */
2738 	*vol = (ntfs_volume) {
2739 		.sb = sb,
2740 		/*
2741 		 * Default is group and other don't have any access to files or
2742 		 * directories while owner has full access. Further, files by
2743 		 * default are not executable but directories are of course
2744 		 * browseable.
2745 		 */
2746 		.fmask = 0177,
2747 		.dmask = 0077,
2748 	};
2749 	init_rwsem(&vol->mftbmp_lock);
2750 	init_rwsem(&vol->lcnbmp_lock);
2751 
2752 	/* By default, enable sparse support. */
2753 	NVolSetSparseEnabled(vol);
2754 
2755 	/* Important to get the mount options dealt with now. */
2756 	if (!parse_options(vol, (char*)opt))
2757 		goto err_out_now;
2758 
2759 	/* We support sector sizes up to the PAGE_SIZE. */
2760 	if (bdev_logical_block_size(sb->s_bdev) > PAGE_SIZE) {
2761 		if (!silent)
2762 			ntfs_error(sb, "Device has unsupported sector size "
2763 					"(%i).  The maximum supported sector "
2764 					"size on this architecture is %lu "
2765 					"bytes.",
2766 					bdev_logical_block_size(sb->s_bdev),
2767 					PAGE_SIZE);
2768 		goto err_out_now;
2769 	}
2770 	/*
2771 	 * Setup the device access block size to NTFS_BLOCK_SIZE or the hard
2772 	 * sector size, whichever is bigger.
2773 	 */
2774 	blocksize = sb_min_blocksize(sb, NTFS_BLOCK_SIZE);
2775 	if (blocksize < NTFS_BLOCK_SIZE) {
2776 		if (!silent)
2777 			ntfs_error(sb, "Unable to set device block size.");
2778 		goto err_out_now;
2779 	}
2780 	BUG_ON(blocksize != sb->s_blocksize);
2781 	ntfs_debug("Set device block size to %i bytes (block size bits %i).",
2782 			blocksize, sb->s_blocksize_bits);
2783 	/* Determine the size of the device in units of block_size bytes. */
2784 	vol->nr_blocks = sb_bdev_nr_blocks(sb);
2785 	if (!vol->nr_blocks) {
2786 		if (!silent)
2787 			ntfs_error(sb, "Unable to determine device size.");
2788 		goto err_out_now;
2789 	}
2790 	/* Read the boot sector and return unlocked buffer head to it. */
2791 	if (!(bh = read_ntfs_boot_sector(sb, silent))) {
2792 		if (!silent)
2793 			ntfs_error(sb, "Not an NTFS volume.");
2794 		goto err_out_now;
2795 	}
2796 	/*
2797 	 * Extract the data from the boot sector and setup the ntfs volume
2798 	 * using it.
2799 	 */
2800 	result = parse_ntfs_boot_sector(vol, (NTFS_BOOT_SECTOR*)bh->b_data);
2801 	brelse(bh);
2802 	if (!result) {
2803 		if (!silent)
2804 			ntfs_error(sb, "Unsupported NTFS filesystem.");
2805 		goto err_out_now;
2806 	}
2807 	/*
2808 	 * If the boot sector indicates a sector size bigger than the current
2809 	 * device block size, switch the device block size to the sector size.
2810 	 * TODO: It may be possible to support this case even when the set
2811 	 * below fails, we would just be breaking up the i/o for each sector
2812 	 * into multiple blocks for i/o purposes but otherwise it should just
2813 	 * work.  However it is safer to leave disabled until someone hits this
2814 	 * error message and then we can get them to try it without the setting
2815 	 * so we know for sure that it works.
2816 	 */
2817 	if (vol->sector_size > blocksize) {
2818 		blocksize = sb_set_blocksize(sb, vol->sector_size);
2819 		if (blocksize != vol->sector_size) {
2820 			if (!silent)
2821 				ntfs_error(sb, "Unable to set device block "
2822 						"size to sector size (%i).",
2823 						vol->sector_size);
2824 			goto err_out_now;
2825 		}
2826 		BUG_ON(blocksize != sb->s_blocksize);
2827 		vol->nr_blocks = sb_bdev_nr_blocks(sb);
2828 		ntfs_debug("Changed device block size to %i bytes (block size "
2829 				"bits %i) to match volume sector size.",
2830 				blocksize, sb->s_blocksize_bits);
2831 	}
2832 	/* Initialize the cluster and mft allocators. */
2833 	ntfs_setup_allocators(vol);
2834 	/* Setup remaining fields in the super block. */
2835 	sb->s_magic = NTFS_SB_MAGIC;
2836 	/*
2837 	 * Ntfs allows 63 bits for the file size, i.e. correct would be:
2838 	 *	sb->s_maxbytes = ~0ULL >> 1;
2839 	 * But the kernel uses a long as the page cache page index which on
2840 	 * 32-bit architectures is only 32-bits. MAX_LFS_FILESIZE is kernel
2841 	 * defined to the maximum the page cache page index can cope with
2842 	 * without overflowing the index or to 2^63 - 1, whichever is smaller.
2843 	 */
2844 	sb->s_maxbytes = MAX_LFS_FILESIZE;
2845 	/* Ntfs measures time in 100ns intervals. */
2846 	sb->s_time_gran = 100;
2847 	/*
2848 	 * Now load the metadata required for the page cache and our address
2849 	 * space operations to function. We do this by setting up a specialised
2850 	 * read_inode method and then just calling the normal iget() to obtain
2851 	 * the inode for $MFT which is sufficient to allow our normal inode
2852 	 * operations and associated address space operations to function.
2853 	 */
2854 	sb->s_op = &ntfs_sops;
2855 	tmp_ino = new_inode(sb);
2856 	if (!tmp_ino) {
2857 		if (!silent)
2858 			ntfs_error(sb, "Failed to load essential metadata.");
2859 		goto err_out_now;
2860 	}
2861 	tmp_ino->i_ino = FILE_MFT;
2862 	insert_inode_hash(tmp_ino);
2863 	if (ntfs_read_inode_mount(tmp_ino) < 0) {
2864 		if (!silent)
2865 			ntfs_error(sb, "Failed to load essential metadata.");
2866 		goto iput_tmp_ino_err_out_now;
2867 	}
2868 	mutex_lock(&ntfs_lock);
2869 	/*
2870 	 * The current mount is a compression user if the cluster size is
2871 	 * less than or equal 4kiB.
2872 	 */
2873 	if (vol->cluster_size <= 4096 && !ntfs_nr_compression_users++) {
2874 		result = allocate_compression_buffers();
2875 		if (result) {
2876 			ntfs_error(NULL, "Failed to allocate buffers "
2877 					"for compression engine.");
2878 			ntfs_nr_compression_users--;
2879 			mutex_unlock(&ntfs_lock);
2880 			goto iput_tmp_ino_err_out_now;
2881 		}
2882 	}
2883 	/*
2884 	 * Generate the global default upcase table if necessary.  Also
2885 	 * temporarily increment the number of upcase users to avoid race
2886 	 * conditions with concurrent (u)mounts.
2887 	 */
2888 	if (!default_upcase)
2889 		default_upcase = generate_default_upcase();
2890 	ntfs_nr_upcase_users++;
2891 	mutex_unlock(&ntfs_lock);
2892 	/*
2893 	 * From now on, ignore @silent parameter. If we fail below this line,
2894 	 * it will be due to a corrupt fs or a system error, so we report it.
2895 	 */
2896 	/*
2897 	 * Open the system files with normal access functions and complete
2898 	 * setting up the ntfs super block.
2899 	 */
2900 	if (!load_system_files(vol)) {
2901 		ntfs_error(sb, "Failed to load system files.");
2902 		goto unl_upcase_iput_tmp_ino_err_out_now;
2903 	}
2904 
2905 	/* We grab a reference, simulating an ntfs_iget(). */
2906 	ihold(vol->root_ino);
2907 	if ((sb->s_root = d_make_root(vol->root_ino))) {
2908 		ntfs_debug("Exiting, status successful.");
2909 		/* Release the default upcase if it has no users. */
2910 		mutex_lock(&ntfs_lock);
2911 		if (!--ntfs_nr_upcase_users && default_upcase) {
2912 			ntfs_free(default_upcase);
2913 			default_upcase = NULL;
2914 		}
2915 		mutex_unlock(&ntfs_lock);
2916 		sb->s_export_op = &ntfs_export_ops;
2917 		lockdep_on();
2918 		return 0;
2919 	}
2920 	ntfs_error(sb, "Failed to allocate root directory.");
2921 	/* Clean up after the successful load_system_files() call from above. */
2922 	// TODO: Use ntfs_put_super() instead of repeating all this code...
2923 	// FIXME: Should mark the volume clean as the error is most likely
2924 	// 	  -ENOMEM.
2925 	iput(vol->vol_ino);
2926 	vol->vol_ino = NULL;
2927 	/* NTFS 3.0+ specific clean up. */
2928 	if (vol->major_ver >= 3) {
2929 #ifdef NTFS_RW
2930 		if (vol->usnjrnl_j_ino) {
2931 			iput(vol->usnjrnl_j_ino);
2932 			vol->usnjrnl_j_ino = NULL;
2933 		}
2934 		if (vol->usnjrnl_max_ino) {
2935 			iput(vol->usnjrnl_max_ino);
2936 			vol->usnjrnl_max_ino = NULL;
2937 		}
2938 		if (vol->usnjrnl_ino) {
2939 			iput(vol->usnjrnl_ino);
2940 			vol->usnjrnl_ino = NULL;
2941 		}
2942 		if (vol->quota_q_ino) {
2943 			iput(vol->quota_q_ino);
2944 			vol->quota_q_ino = NULL;
2945 		}
2946 		if (vol->quota_ino) {
2947 			iput(vol->quota_ino);
2948 			vol->quota_ino = NULL;
2949 		}
2950 #endif /* NTFS_RW */
2951 		if (vol->extend_ino) {
2952 			iput(vol->extend_ino);
2953 			vol->extend_ino = NULL;
2954 		}
2955 		if (vol->secure_ino) {
2956 			iput(vol->secure_ino);
2957 			vol->secure_ino = NULL;
2958 		}
2959 	}
2960 	iput(vol->root_ino);
2961 	vol->root_ino = NULL;
2962 	iput(vol->lcnbmp_ino);
2963 	vol->lcnbmp_ino = NULL;
2964 	iput(vol->mftbmp_ino);
2965 	vol->mftbmp_ino = NULL;
2966 #ifdef NTFS_RW
2967 	if (vol->logfile_ino) {
2968 		iput(vol->logfile_ino);
2969 		vol->logfile_ino = NULL;
2970 	}
2971 	if (vol->mftmirr_ino) {
2972 		iput(vol->mftmirr_ino);
2973 		vol->mftmirr_ino = NULL;
2974 	}
2975 #endif /* NTFS_RW */
2976 	/* Throw away the table of attribute definitions. */
2977 	vol->attrdef_size = 0;
2978 	if (vol->attrdef) {
2979 		ntfs_free(vol->attrdef);
2980 		vol->attrdef = NULL;
2981 	}
2982 	vol->upcase_len = 0;
2983 	mutex_lock(&ntfs_lock);
2984 	if (vol->upcase == default_upcase) {
2985 		ntfs_nr_upcase_users--;
2986 		vol->upcase = NULL;
2987 	}
2988 	mutex_unlock(&ntfs_lock);
2989 	if (vol->upcase) {
2990 		ntfs_free(vol->upcase);
2991 		vol->upcase = NULL;
2992 	}
2993 	if (vol->nls_map) {
2994 		unload_nls(vol->nls_map);
2995 		vol->nls_map = NULL;
2996 	}
2997 	/* Error exit code path. */
2998 unl_upcase_iput_tmp_ino_err_out_now:
2999 	/*
3000 	 * Decrease the number of upcase users and destroy the global default
3001 	 * upcase table if necessary.
3002 	 */
3003 	mutex_lock(&ntfs_lock);
3004 	if (!--ntfs_nr_upcase_users && default_upcase) {
3005 		ntfs_free(default_upcase);
3006 		default_upcase = NULL;
3007 	}
3008 	if (vol->cluster_size <= 4096 && !--ntfs_nr_compression_users)
3009 		free_compression_buffers();
3010 	mutex_unlock(&ntfs_lock);
3011 iput_tmp_ino_err_out_now:
3012 	iput(tmp_ino);
3013 	if (vol->mft_ino && vol->mft_ino != tmp_ino)
3014 		iput(vol->mft_ino);
3015 	vol->mft_ino = NULL;
3016 	/* Errors at this stage are irrelevant. */
3017 err_out_now:
3018 	sb->s_fs_info = NULL;
3019 	kfree(vol);
3020 	ntfs_debug("Failed, returning -EINVAL.");
3021 	lockdep_on();
3022 	return -EINVAL;
3023 }
3024 
3025 /*
3026  * This is a slab cache to optimize allocations and deallocations of Unicode
3027  * strings of the maximum length allowed by NTFS, which is NTFS_MAX_NAME_LEN
3028  * (255) Unicode characters + a terminating NULL Unicode character.
3029  */
3030 struct kmem_cache *ntfs_name_cache;
3031 
3032 /* Slab caches for efficient allocation/deallocation of inodes. */
3033 struct kmem_cache *ntfs_inode_cache;
3034 struct kmem_cache *ntfs_big_inode_cache;
3035 
3036 /* Init once constructor for the inode slab cache. */
ntfs_big_inode_init_once(void * foo)3037 static void ntfs_big_inode_init_once(void *foo)
3038 {
3039 	ntfs_inode *ni = (ntfs_inode *)foo;
3040 
3041 	inode_init_once(VFS_I(ni));
3042 }
3043 
3044 /*
3045  * Slab caches to optimize allocations and deallocations of attribute search
3046  * contexts and index contexts, respectively.
3047  */
3048 struct kmem_cache *ntfs_attr_ctx_cache;
3049 struct kmem_cache *ntfs_index_ctx_cache;
3050 
3051 /* Driver wide mutex. */
3052 DEFINE_MUTEX(ntfs_lock);
3053 
ntfs_mount(struct file_system_type * fs_type,int flags,const char * dev_name,void * data)3054 static struct dentry *ntfs_mount(struct file_system_type *fs_type,
3055 	int flags, const char *dev_name, void *data)
3056 {
3057 	return mount_bdev(fs_type, flags, dev_name, data, ntfs_fill_super);
3058 }
3059 
3060 static struct file_system_type ntfs_fs_type = {
3061 	.owner		= THIS_MODULE,
3062 	.name		= "ntfs",
3063 	.mount		= ntfs_mount,
3064 	.kill_sb	= kill_block_super,
3065 	.fs_flags	= FS_REQUIRES_DEV,
3066 };
3067 MODULE_ALIAS_FS("ntfs");
3068 
3069 /* Stable names for the slab caches. */
3070 static const char ntfs_index_ctx_cache_name[] = "ntfs_index_ctx_cache";
3071 static const char ntfs_attr_ctx_cache_name[] = "ntfs_attr_ctx_cache";
3072 static const char ntfs_name_cache_name[] = "ntfs_name_cache";
3073 static const char ntfs_inode_cache_name[] = "ntfs_inode_cache";
3074 static const char ntfs_big_inode_cache_name[] = "ntfs_big_inode_cache";
3075 
init_ntfs_fs(void)3076 static int __init init_ntfs_fs(void)
3077 {
3078 	int err = 0;
3079 
3080 	/* This may be ugly but it results in pretty output so who cares. (-8 */
3081 	pr_info("driver " NTFS_VERSION " [Flags: R/"
3082 #ifdef NTFS_RW
3083 			"W"
3084 #else
3085 			"O"
3086 #endif
3087 #ifdef DEBUG
3088 			" DEBUG"
3089 #endif
3090 #ifdef MODULE
3091 			" MODULE"
3092 #endif
3093 			"].\n");
3094 
3095 	ntfs_debug("Debug messages are enabled.");
3096 
3097 	ntfs_index_ctx_cache = kmem_cache_create(ntfs_index_ctx_cache_name,
3098 			sizeof(ntfs_index_context), 0 /* offset */,
3099 			SLAB_HWCACHE_ALIGN, NULL /* ctor */);
3100 	if (!ntfs_index_ctx_cache) {
3101 		pr_crit("Failed to create %s!\n", ntfs_index_ctx_cache_name);
3102 		goto ictx_err_out;
3103 	}
3104 	ntfs_attr_ctx_cache = kmem_cache_create(ntfs_attr_ctx_cache_name,
3105 			sizeof(ntfs_attr_search_ctx), 0 /* offset */,
3106 			SLAB_HWCACHE_ALIGN, NULL /* ctor */);
3107 	if (!ntfs_attr_ctx_cache) {
3108 		pr_crit("NTFS: Failed to create %s!\n",
3109 			ntfs_attr_ctx_cache_name);
3110 		goto actx_err_out;
3111 	}
3112 
3113 	ntfs_name_cache = kmem_cache_create(ntfs_name_cache_name,
3114 			(NTFS_MAX_NAME_LEN+1) * sizeof(ntfschar), 0,
3115 			SLAB_HWCACHE_ALIGN, NULL);
3116 	if (!ntfs_name_cache) {
3117 		pr_crit("Failed to create %s!\n", ntfs_name_cache_name);
3118 		goto name_err_out;
3119 	}
3120 
3121 	ntfs_inode_cache = kmem_cache_create(ntfs_inode_cache_name,
3122 			sizeof(ntfs_inode), 0,
3123 			SLAB_RECLAIM_ACCOUNT|SLAB_MEM_SPREAD, NULL);
3124 	if (!ntfs_inode_cache) {
3125 		pr_crit("Failed to create %s!\n", ntfs_inode_cache_name);
3126 		goto inode_err_out;
3127 	}
3128 
3129 	ntfs_big_inode_cache = kmem_cache_create(ntfs_big_inode_cache_name,
3130 			sizeof(big_ntfs_inode), 0,
3131 			SLAB_HWCACHE_ALIGN|SLAB_RECLAIM_ACCOUNT|SLAB_MEM_SPREAD|
3132 			SLAB_ACCOUNT, ntfs_big_inode_init_once);
3133 	if (!ntfs_big_inode_cache) {
3134 		pr_crit("Failed to create %s!\n", ntfs_big_inode_cache_name);
3135 		goto big_inode_err_out;
3136 	}
3137 
3138 	/* Register the ntfs sysctls. */
3139 	err = ntfs_sysctl(1);
3140 	if (err) {
3141 		pr_crit("Failed to register NTFS sysctls!\n");
3142 		goto sysctl_err_out;
3143 	}
3144 
3145 	err = register_filesystem(&ntfs_fs_type);
3146 	if (!err) {
3147 		ntfs_debug("NTFS driver registered successfully.");
3148 		return 0; /* Success! */
3149 	}
3150 	pr_crit("Failed to register NTFS filesystem driver!\n");
3151 
3152 	/* Unregister the ntfs sysctls. */
3153 	ntfs_sysctl(0);
3154 sysctl_err_out:
3155 	kmem_cache_destroy(ntfs_big_inode_cache);
3156 big_inode_err_out:
3157 	kmem_cache_destroy(ntfs_inode_cache);
3158 inode_err_out:
3159 	kmem_cache_destroy(ntfs_name_cache);
3160 name_err_out:
3161 	kmem_cache_destroy(ntfs_attr_ctx_cache);
3162 actx_err_out:
3163 	kmem_cache_destroy(ntfs_index_ctx_cache);
3164 ictx_err_out:
3165 	if (!err) {
3166 		pr_crit("Aborting NTFS filesystem driver registration...\n");
3167 		err = -ENOMEM;
3168 	}
3169 	return err;
3170 }
3171 
exit_ntfs_fs(void)3172 static void __exit exit_ntfs_fs(void)
3173 {
3174 	ntfs_debug("Unregistering NTFS driver.");
3175 
3176 	unregister_filesystem(&ntfs_fs_type);
3177 
3178 	/*
3179 	 * Make sure all delayed rcu free inodes are flushed before we
3180 	 * destroy cache.
3181 	 */
3182 	rcu_barrier();
3183 	kmem_cache_destroy(ntfs_big_inode_cache);
3184 	kmem_cache_destroy(ntfs_inode_cache);
3185 	kmem_cache_destroy(ntfs_name_cache);
3186 	kmem_cache_destroy(ntfs_attr_ctx_cache);
3187 	kmem_cache_destroy(ntfs_index_ctx_cache);
3188 	/* Unregister the ntfs sysctls. */
3189 	ntfs_sysctl(0);
3190 }
3191 
3192 MODULE_AUTHOR("Anton Altaparmakov <anton@tuxera.com>");
3193 MODULE_DESCRIPTION("NTFS 1.2/3.x driver - Copyright (c) 2001-2014 Anton Altaparmakov and Tuxera Inc.");
3194 MODULE_VERSION(NTFS_VERSION);
3195 MODULE_LICENSE("GPL");
3196 #ifdef DEBUG
3197 module_param(debug_msgs, bint, 0);
3198 MODULE_PARM_DESC(debug_msgs, "Enable debug messages.");
3199 #endif
3200 
3201 module_init(init_ntfs_fs)
3202 module_exit(exit_ntfs_fs)
3203