1// SPDX-License-Identifier: GPL-2.0
  2/*
  3 *
  4 * Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved.
  5 *
  6 */
  7
  8#include <linux/fs.h>
  9
 10#include "debug.h"
 11#include "ntfs.h"
 12#include "ntfs_fs.h"
 13
 14static inline int compare_attr(const struct ATTRIB *left, enum ATTR_TYPE type,
 15			       const __le16 *name, u8 name_len,
 16			       const u16 *upcase)
 17{
 18	/* First, compare the type codes. */
 19	int diff = le32_to_cpu(left->type) - le32_to_cpu(type);
 20
 21	if (diff)
 22		return diff;
 23
 24	/* They have the same type code, so we have to compare the names. */
 25	return ntfs_cmp_names(attr_name(left), left->name_len, name, name_len,
 26			      upcase, true);
 27}
 28
 29/*
 30 * mi_new_attt_id
 31 *
 32 * Return: Unused attribute id that is less than mrec->next_attr_id.
 33 */
 34static __le16 mi_new_attt_id(struct mft_inode *mi)
 35{
 36	u16 free_id, max_id, t16;
 37	struct MFT_REC *rec = mi->mrec;
 38	struct ATTRIB *attr;
 39	__le16 id;
 40
 41	id = rec->next_attr_id;
 42	free_id = le16_to_cpu(id);
 43	if (free_id < 0x7FFF) {
 44		rec->next_attr_id = cpu_to_le16(free_id + 1);
 45		return id;
 46	}
 47
 48	/* One record can store up to 1024/24 ~= 42 attributes. */
 49	free_id = 0;
 50	max_id = 0;
 51
 52	attr = NULL;
 53
 54	for (;;) {
 55		attr = mi_enum_attr(mi, attr);
 56		if (!attr) {
 57			rec->next_attr_id = cpu_to_le16(max_id + 1);
 58			mi->dirty = true;
 59			return cpu_to_le16(free_id);
 60		}
 61
 62		t16 = le16_to_cpu(attr->id);
 63		if (t16 == free_id) {
 64			free_id += 1;
 65			attr = NULL;
 66		} else if (max_id < t16)
 67			max_id = t16;
 68	}
 69}
 70
 71int mi_get(struct ntfs_sb_info *sbi, CLST rno, struct mft_inode **mi)
 72{
 73	int err;
 74	struct mft_inode *m = kzalloc(sizeof(struct mft_inode), GFP_NOFS);
 75
 76	if (!m)
 77		return -ENOMEM;
 78
 79	err = mi_init(m, sbi, rno);
 80	if (err) {
 81		kfree(m);
 82		return err;
 83	}
 84
 85	err = mi_read(m, false);
 86	if (err) {
 87		mi_put(m);
 88		return err;
 89	}
 90
 91	*mi = m;
 92	return 0;
 93}
 94
 95void mi_put(struct mft_inode *mi)
 96{
 97	mi_clear(mi);
 98	kfree(mi);
 99}
100
101int mi_init(struct mft_inode *mi, struct ntfs_sb_info *sbi, CLST rno)
102{
103	mi->sbi = sbi;
104	mi->rno = rno;
105	mi->mrec = kmalloc(sbi->record_size, GFP_NOFS);
106	if (!mi->mrec)
107		return -ENOMEM;
108
109	return 0;
110}
111
112/*
113 * mi_read - Read MFT data.
114 */
115int mi_read(struct mft_inode *mi, bool is_mft)
116{
117	int err;
118	struct MFT_REC *rec = mi->mrec;
119	struct ntfs_sb_info *sbi = mi->sbi;
120	u32 bpr = sbi->record_size;
121	u64 vbo = (u64)mi->rno << sbi->record_bits;
122	struct ntfs_inode *mft_ni = sbi->mft.ni;
123	struct runs_tree *run = mft_ni ? &mft_ni->file.run : NULL;
124	struct rw_semaphore *rw_lock = NULL;
125
126	if (is_mounted(sbi)) {
127		if (!is_mft) {
128			rw_lock = &mft_ni->file.run_lock;
129			down_read(rw_lock);
130		}
131	}
132
133	err = ntfs_read_bh(sbi, run, vbo, &rec->rhdr, bpr, &mi->nb);
134	if (rw_lock)
135		up_read(rw_lock);
136	if (!err)
137		goto ok;
138
139	if (err == -E_NTFS_FIXUP) {
140		mi->dirty = true;
141		goto ok;
142	}
143
144	if (err != -ENOENT)
145		goto out;
146
147	if (rw_lock) {
148		ni_lock(mft_ni);
149		down_write(rw_lock);
150	}
151	err = attr_load_runs_vcn(mft_ni, ATTR_DATA, NULL, 0, &mft_ni->file.run,
152				 vbo >> sbi->cluster_bits);
153	if (rw_lock) {
154		up_write(rw_lock);
155		ni_unlock(mft_ni);
156	}
157	if (err)
158		goto out;
159
160	if (rw_lock)
161		down_read(rw_lock);
162	err = ntfs_read_bh(sbi, run, vbo, &rec->rhdr, bpr, &mi->nb);
163	if (rw_lock)
164		up_read(rw_lock);
165
166	if (err == -E_NTFS_FIXUP) {
167		mi->dirty = true;
168		goto ok;
169	}
170	if (err)
171		goto out;
172
173ok:
174	/* Check field 'total' only here. */
175	if (le32_to_cpu(rec->total) != bpr) {
176		err = -EINVAL;
177		goto out;
178	}
179
180	return 0;
181
182out:
183	return err;
184}
185
186struct ATTRIB *mi_enum_attr(struct mft_inode *mi, struct ATTRIB *attr)
187{
188	const struct MFT_REC *rec = mi->mrec;
189	u32 used = le32_to_cpu(rec->used);
190	u32 t32, off, asize;
191	u16 t16;
192
193	if (!attr) {
194		u32 total = le32_to_cpu(rec->total);
195
196		off = le16_to_cpu(rec->attr_off);
197
198		if (used > total)
199			return NULL;
200
201		if (off >= used || off < MFTRECORD_FIXUP_OFFSET_1 ||
202		    !IS_ALIGNED(off, 4)) {
203			return NULL;
204		}
205
206		/* Skip non-resident records. */
207		if (!is_rec_inuse(rec))
208			return NULL;
209
210		attr = Add2Ptr(rec, off);
211	} else {
212		/* Check if input attr inside record. */
213		off = PtrOffset(rec, attr);
214		if (off >= used)
215			return NULL;
216
217		asize = le32_to_cpu(attr->size);
218		if (asize < SIZEOF_RESIDENT) {
219			/* Impossible 'cause we should not return such attribute. */
220			return NULL;
221		}
222
223		if (off + asize < off) {
224			/* overflow check */
225			return NULL;
226		}
227
228		attr = Add2Ptr(attr, asize);
229		off += asize;
230	}
231
232	asize = le32_to_cpu(attr->size);
233
234	/* Can we use the first field (attr->type). */
235	if (off + 8 > used) {
236		static_assert(ALIGN(sizeof(enum ATTR_TYPE), 8) == 8);
237		return NULL;
238	}
239
240	if (attr->type == ATTR_END) {
241		/* End of enumeration. */
242		return NULL;
243	}
244
245	/* 0x100 is last known attribute for now. */
246	t32 = le32_to_cpu(attr->type);
247	if ((t32 & 0xf) || (t32 > 0x100))
248		return NULL;
249
250	/* Check boundary. */
251	if (off + asize > used)
252		return NULL;
253
254	/* Check size of attribute. */
255	if (!attr->non_res) {
256		if (asize < SIZEOF_RESIDENT)
257			return NULL;
258
259		t16 = le16_to_cpu(attr->res.data_off);
260
261		if (t16 > asize)
262			return NULL;
263
264		t32 = le32_to_cpu(attr->res.data_size);
265		if (t16 + t32 > asize)
266			return NULL;
267
268		t32 = sizeof(short) * attr->name_len;
269		if (t32 && le16_to_cpu(attr->name_off) + t32 > t16)
270			return NULL;
271
272		return attr;
273	}
274
275	/* Check some nonresident fields. */
276	if (attr->name_len &&
277	    le16_to_cpu(attr->name_off) + sizeof(short) * attr->name_len >
278		    le16_to_cpu(attr->nres.run_off)) {
279		return NULL;
280	}
281
282	if (attr->nres.svcn || !is_attr_ext(attr)) {
283		if (asize + 8 < SIZEOF_NONRESIDENT)
284			return NULL;
285
286		if (attr->nres.c_unit)
287			return NULL;
288	} else if (asize + 8 < SIZEOF_NONRESIDENT_EX)
289		return NULL;
290
291	return attr;
292}
293
294/*
295 * mi_find_attr - Find the attribute by type and name and id.
296 */
297struct ATTRIB *mi_find_attr(struct mft_inode *mi, struct ATTRIB *attr,
298			    enum ATTR_TYPE type, const __le16 *name,
299			    size_t name_len, const __le16 *id)
300{
301	u32 type_in = le32_to_cpu(type);
302	u32 atype;
303
304next_attr:
305	attr = mi_enum_attr(mi, attr);
306	if (!attr)
307		return NULL;
308
309	atype = le32_to_cpu(attr->type);
310	if (atype > type_in)
311		return NULL;
312
313	if (atype < type_in)
314		goto next_attr;
315
316	if (attr->name_len != name_len)
317		goto next_attr;
318
319	if (name_len && memcmp(attr_name(attr), name, name_len * sizeof(short)))
320		goto next_attr;
321
322	if (id && *id != attr->id)
323		goto next_attr;
324
325	return attr;
326}
327
328int mi_write(struct mft_inode *mi, int wait)
329{
330	struct MFT_REC *rec;
331	int err;
332	struct ntfs_sb_info *sbi;
333
334	if (!mi->dirty)
335		return 0;
336
337	sbi = mi->sbi;
338	rec = mi->mrec;
339
340	err = ntfs_write_bh(sbi, &rec->rhdr, &mi->nb, wait);
341	if (err)
342		return err;
343
344	if (mi->rno < sbi->mft.recs_mirr)
345		sbi->flags |= NTFS_FLAGS_MFTMIRR;
346
347	mi->dirty = false;
348
349	return 0;
350}
351
352int mi_format_new(struct mft_inode *mi, struct ntfs_sb_info *sbi, CLST rno,
353		  __le16 flags, bool is_mft)
354{
355	int err;
356	u16 seq = 1;
357	struct MFT_REC *rec;
358	u64 vbo = (u64)rno << sbi->record_bits;
359
360	err = mi_init(mi, sbi, rno);
361	if (err)
362		return err;
363
364	rec = mi->mrec;
365
366	if (rno == MFT_REC_MFT) {
367		;
368	} else if (rno < MFT_REC_FREE) {
369		seq = rno;
370	} else if (rno >= sbi->mft.used) {
371		;
372	} else if (mi_read(mi, is_mft)) {
373		;
374	} else if (rec->rhdr.sign == NTFS_FILE_SIGNATURE) {
375		/* Record is reused. Update its sequence number. */
376		seq = le16_to_cpu(rec->seq) + 1;
377		if (!seq)
378			seq = 1;
379	}
380
381	memcpy(rec, sbi->new_rec, sbi->record_size);
382
383	rec->seq = cpu_to_le16(seq);
384	rec->flags = RECORD_FLAG_IN_USE | flags;
385
386	mi->dirty = true;
387
388	if (!mi->nb.nbufs) {
389		struct ntfs_inode *ni = sbi->mft.ni;
390		bool lock = false;
391
392		if (is_mounted(sbi) && !is_mft) {
393			down_read(&ni->file.run_lock);
394			lock = true;
395		}
396
397		err = ntfs_get_bh(sbi, &ni->file.run, vbo, sbi->record_size,
398				  &mi->nb);
399		if (lock)
400			up_read(&ni->file.run_lock);
401	}
402
403	return err;
404}
405
406/*
407 * mi_insert_attr - Reserve space for new attribute.
408 *
409 * Return: Not full constructed attribute or NULL if not possible to create.
410 */
411struct ATTRIB *mi_insert_attr(struct mft_inode *mi, enum ATTR_TYPE type,
412			      const __le16 *name, u8 name_len, u32 asize,
413			      u16 name_off)
414{
415	size_t tail;
416	struct ATTRIB *attr;
417	__le16 id;
418	struct MFT_REC *rec = mi->mrec;
419	struct ntfs_sb_info *sbi = mi->sbi;
420	u32 used = le32_to_cpu(rec->used);
421	const u16 *upcase = sbi->upcase;
422	int diff;
423
424	/* Can we insert mi attribute? */
425	if (used + asize > mi->sbi->record_size)
426		return NULL;
427
428	/*
429	 * Scan through the list of attributes to find the point
430	 * at which we should insert it.
431	 */
432	attr = NULL;
433	while ((attr = mi_enum_attr(mi, attr))) {
434		diff = compare_attr(attr, type, name, name_len, upcase);
435
436		if (diff < 0)
437			continue;
438
439		if (!diff && !is_attr_indexed(attr))
440			return NULL;
441		break;
442	}
443
444	if (!attr) {
445		tail = 8; /* Not used, just to suppress warning. */
446		attr = Add2Ptr(rec, used - 8);
447	} else {
448		tail = used - PtrOffset(rec, attr);
449	}
450
451	id = mi_new_attt_id(mi);
452
453	memmove(Add2Ptr(attr, asize), attr, tail);
454	memset(attr, 0, asize);
455
456	attr->type = type;
457	attr->size = cpu_to_le32(asize);
458	attr->name_len = name_len;
459	attr->name_off = cpu_to_le16(name_off);
460	attr->id = id;
461
462	memmove(Add2Ptr(attr, name_off), name, name_len * sizeof(short));
463	rec->used = cpu_to_le32(used + asize);
464
465	mi->dirty = true;
466
467	return attr;
468}
469
470/*
471 * mi_remove_attr - Remove the attribute from record.
472 *
473 * NOTE: The source attr will point to next attribute.
474 */
475bool mi_remove_attr(struct ntfs_inode *ni, struct mft_inode *mi,
476		    struct ATTRIB *attr)
477{
478	struct MFT_REC *rec = mi->mrec;
479	u32 aoff = PtrOffset(rec, attr);
480	u32 used = le32_to_cpu(rec->used);
481	u32 asize = le32_to_cpu(attr->size);
482
483	if (aoff + asize > used)
484		return false;
485
486	if (ni && is_attr_indexed(attr)) {
487		le16_add_cpu(&ni->mi.mrec->hard_links, -1);
488		ni->mi.dirty = true;
489	}
490
491	used -= asize;
492	memmove(attr, Add2Ptr(attr, asize), used - aoff);
493	rec->used = cpu_to_le32(used);
494	mi->dirty = true;
495
496	return true;
497}
498
499/* bytes = "new attribute size" - "old attribute size" */
500bool mi_resize_attr(struct mft_inode *mi, struct ATTRIB *attr, int bytes)
501{
502	struct MFT_REC *rec = mi->mrec;
503	u32 aoff = PtrOffset(rec, attr);
504	u32 total, used = le32_to_cpu(rec->used);
505	u32 nsize, asize = le32_to_cpu(attr->size);
506	u32 rsize = le32_to_cpu(attr->res.data_size);
507	int tail = (int)(used - aoff - asize);
508	int dsize;
509	char *next;
510
511	if (tail < 0 || aoff >= used)
512		return false;
513
514	if (!bytes)
515		return true;
516
517	total = le32_to_cpu(rec->total);
518	next = Add2Ptr(attr, asize);
519
520	if (bytes > 0) {
521		dsize = ALIGN(bytes, 8);
522		if (used + dsize > total)
523			return false;
524		nsize = asize + dsize;
525		/* Move tail */
526		memmove(next + dsize, next, tail);
527		memset(next, 0, dsize);
528		used += dsize;
529		rsize += dsize;
530	} else {
531		dsize = ALIGN(-bytes, 8);
532		if (dsize > asize)
533			return false;
534		nsize = asize - dsize;
535		memmove(next - dsize, next, tail);
536		used -= dsize;
537		rsize -= dsize;
538	}
539
540	rec->used = cpu_to_le32(used);
541	attr->size = cpu_to_le32(nsize);
542	if (!attr->non_res)
543		attr->res.data_size = cpu_to_le32(rsize);
544	mi->dirty = true;
545
546	return true;
547}
548
549/*
550 * Pack runs in MFT record.
551 * If failed record is not changed.
552 */
553int mi_pack_runs(struct mft_inode *mi, struct ATTRIB *attr,
554		 struct runs_tree *run, CLST len)
555{
556	int err = 0;
557	struct ntfs_sb_info *sbi = mi->sbi;
558	u32 new_run_size;
559	CLST plen;
560	struct MFT_REC *rec = mi->mrec;
561	CLST svcn = le64_to_cpu(attr->nres.svcn);
562	u32 used = le32_to_cpu(rec->used);
563	u32 aoff = PtrOffset(rec, attr);
564	u32 asize = le32_to_cpu(attr->size);
565	char *next = Add2Ptr(attr, asize);
566	u16 run_off = le16_to_cpu(attr->nres.run_off);
567	u32 run_size = asize - run_off;
568	u32 tail = used - aoff - asize;
569	u32 dsize = sbi->record_size - used;
570
571	/* Make a maximum gap in current record. */
572	memmove(next + dsize, next, tail);
573
574	/* Pack as much as possible. */
575	err = run_pack(run, svcn, len, Add2Ptr(attr, run_off), run_size + dsize,
576		       &plen);
577	if (err < 0) {
578		memmove(next, next + dsize, tail);
579		return err;
580	}
581
582	new_run_size = ALIGN(err, 8);
583
584	memmove(next + new_run_size - run_size, next + dsize, tail);
585
586	attr->size = cpu_to_le32(asize + new_run_size - run_size);
587	attr->nres.evcn = cpu_to_le64(svcn + plen - 1);
588	rec->used = cpu_to_le32(used + new_run_size - run_size);
589	mi->dirty = true;
590
591	return 0;
592}