2 * This file is part of UBIFS.
4 * Copyright (C) 2006-2008 Nokia Corporation
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License version 2 as published by
8 * the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
15 * You should have received a copy of the GNU General Public License along with
16 * this program; if not, write to the Free Software Foundation, Inc., 51
17 * Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 * Authors: Adrian Hunter
20 * Artem Bityutskiy (Битюцкий Артём)
24 * This file implements functions needed to recover from unclean un-mounts.
25 * When UBIFS is mounted, it checks a flag on the master node to determine if
26 * an un-mount was completed sucessfully. If not, the process of mounting
27 * incorparates additional checking and fixing of on-flash data structures.
28 * UBIFS always cleans away all remnants of an unclean un-mount, so that
29 * errors do not accumulate. However UBIFS defers recovery if it is mounted
30 * read-only, and the flash is not modified in that case.
36 * is_empty - determine whether a buffer is empty (contains all 0xff).
37 * @buf: buffer to clean
38 * @len: length of buffer
40 * This function returns %1 if the buffer is empty (contains all 0xff) otherwise
43 static int is_empty(void *buf, int len)
48 for (i = 0; i < len; i++)
55 * get_master_node - get the last valid master node allowing for corruption.
56 * @c: UBIFS file-system description object
58 * @pbuf: buffer containing the LEB read, is returned here
59 * @mst: master node, if found, is returned here
60 * @cor: corruption, if found, is returned here
62 * This function allocates a buffer, reads the LEB into it, and finds and
63 * returns the last valid master node allowing for one area of corruption.
64 * The corrupt area, if there is one, must be consistent with the assumption
65 * that it is the result of an unclean unmount while the master node was being
66 * written. Under those circumstances, it is valid to use the previously written
69 * This function returns %0 on success and a negative error code on failure.
71 static int get_master_node(const struct ubifs_info *c, int lnum, void **pbuf,
72 struct ubifs_mst_node **mst, void **cor)
74 const int sz = c->mst_node_alsz;
78 sbuf = vmalloc(c->leb_size);
82 err = ubi_read(c->ubi, lnum, sbuf, 0, c->leb_size);
83 if (err && err != -EBADMSG)
86 /* Find the first position that is definitely not a node */
90 while (offs + UBIFS_MST_NODE_SZ <= c->leb_size) {
91 struct ubifs_ch *ch = buf;
93 if (le32_to_cpu(ch->magic) != UBIFS_NODE_MAGIC)
99 /* See if there was a valid master node before that */
106 ret = ubifs_scan_a_node(c, buf, len, lnum, offs, 1);
107 if (ret != SCANNED_A_NODE && offs) {
108 /* Could have been corruption so check one place back */
112 ret = ubifs_scan_a_node(c, buf, len, lnum, offs, 1);
113 if (ret != SCANNED_A_NODE)
115 * We accept only one area of corruption because
116 * we are assuming that it was caused while
117 * trying to write a master node.
121 if (ret == SCANNED_A_NODE) {
122 struct ubifs_ch *ch = buf;
124 if (ch->node_type != UBIFS_MST_NODE)
126 dbg_rcvry("found a master node at %d:%d", lnum, offs);
133 /* Check for corruption */
134 if (offs < c->leb_size) {
135 if (!is_empty(buf, min_t(int, len, sz))) {
137 dbg_rcvry("found corruption at %d:%d", lnum, offs);
143 /* Check remaining empty space */
144 if (offs < c->leb_size)
145 if (!is_empty(buf, len))
160 * write_rcvrd_mst_node - write recovered master node.
161 * @c: UBIFS file-system description object
164 * This function returns %0 on success and a negative error code on failure.
166 static int write_rcvrd_mst_node(struct ubifs_info *c,
167 struct ubifs_mst_node *mst)
169 int err = 0, lnum = UBIFS_MST_LNUM, sz = c->mst_node_alsz;
172 dbg_rcvry("recovery");
174 save_flags = mst->flags;
175 mst->flags |= cpu_to_le32(UBIFS_MST_RCVRY);
177 ubifs_prepare_node(c, mst, UBIFS_MST_NODE_SZ, 1);
178 err = ubi_leb_change(c->ubi, lnum, mst, sz, UBI_SHORTTERM);
181 err = ubi_leb_change(c->ubi, lnum + 1, mst, sz, UBI_SHORTTERM);
185 mst->flags = save_flags;
190 * ubifs_recover_master_node - recover the master node.
191 * @c: UBIFS file-system description object
193 * This function recovers the master node from corruption that may occur due to
194 * an unclean unmount.
196 * This function returns %0 on success and a negative error code on failure.
198 int ubifs_recover_master_node(struct ubifs_info *c)
200 void *buf1 = NULL, *buf2 = NULL, *cor1 = NULL, *cor2 = NULL;
201 struct ubifs_mst_node *mst1 = NULL, *mst2 = NULL, *mst;
202 const int sz = c->mst_node_alsz;
203 int err, offs1, offs2;
205 dbg_rcvry("recovery");
207 err = get_master_node(c, UBIFS_MST_LNUM, &buf1, &mst1, &cor1);
211 err = get_master_node(c, UBIFS_MST_LNUM + 1, &buf2, &mst2, &cor2);
216 offs1 = (void *)mst1 - buf1;
217 if ((le32_to_cpu(mst1->flags) & UBIFS_MST_RCVRY) &&
218 (offs1 == 0 && !cor1)) {
220 * mst1 was written by recovery at offset 0 with no
223 dbg_rcvry("recovery recovery");
226 offs2 = (void *)mst2 - buf2;
227 if (offs1 == offs2) {
228 /* Same offset, so must be the same */
229 if (memcmp((void *)mst1 + UBIFS_CH_SZ,
230 (void *)mst2 + UBIFS_CH_SZ,
231 UBIFS_MST_NODE_SZ - UBIFS_CH_SZ))
234 } else if (offs2 + sz == offs1) {
235 /* 1st LEB was written, 2nd was not */
239 } else if (offs1 == 0 && offs2 + sz >= c->leb_size) {
240 /* 1st LEB was unmapped and written, 2nd not */
248 * 2nd LEB was unmapped and about to be written, so
249 * there must be only one master node in the first LEB
252 if (offs1 != 0 || cor1)
260 * 1st LEB was unmapped and about to be written, so there must
261 * be no room left in 2nd LEB.
263 offs2 = (void *)mst2 - buf2;
264 if (offs2 + sz + sz <= c->leb_size)
269 dbg_rcvry("recovered master node from LEB %d",
270 (mst == mst1 ? UBIFS_MST_LNUM : UBIFS_MST_LNUM + 1));
272 memcpy(c->mst_node, mst, UBIFS_MST_NODE_SZ);
274 if ((c->vfs_sb->s_flags & MS_RDONLY)) {
275 /* Read-only mode. Keep a copy for switching to rw mode */
276 c->rcvrd_mst_node = kmalloc(sz, GFP_KERNEL);
277 if (!c->rcvrd_mst_node) {
281 memcpy(c->rcvrd_mst_node, c->mst_node, UBIFS_MST_NODE_SZ);
292 ubifs_err("failed to recover master node");
294 dbg_err("dumping first master node");
295 dbg_dump_node(c, mst1);
298 dbg_err("dumping second master node");
299 dbg_dump_node(c, mst2);
307 * ubifs_write_rcvrd_mst_node - write the recovered master node.
308 * @c: UBIFS file-system description object
310 * This function writes the master node that was recovered during mounting in
311 * read-only mode and must now be written because we are remounting rw.
313 * This function returns %0 on success and a negative error code on failure.
315 int ubifs_write_rcvrd_mst_node(struct ubifs_info *c)
319 if (!c->rcvrd_mst_node)
321 c->rcvrd_mst_node->flags |= cpu_to_le32(UBIFS_MST_DIRTY);
322 c->mst_node->flags |= cpu_to_le32(UBIFS_MST_DIRTY);
323 err = write_rcvrd_mst_node(c, c->rcvrd_mst_node);
326 kfree(c->rcvrd_mst_node);
327 c->rcvrd_mst_node = NULL;
332 * is_last_write - determine if an offset was in the last write to a LEB.
333 * @c: UBIFS file-system description object
334 * @buf: buffer to check
335 * @offs: offset to check
337 * This function returns %1 if @offs was in the last write to the LEB whose data
338 * is in @buf, otherwise %0 is returned. The determination is made by checking
339 * for subsequent empty space starting from the next min_io_size boundary (or a
340 * bit less than the common header size if min_io_size is one).
342 static int is_last_write(const struct ubifs_info *c, void *buf, int offs)
348 if (c->min_io_size == 1) {
349 check_len = c->leb_size - offs;
351 for (; check_len > 0; check_len--)
355 * 'check_len' is the size of the corruption which cannot be
356 * more than the size of 1 node if it was caused by an unclean
359 if (check_len > UBIFS_MAX_NODE_SZ)
365 * Round up to the next c->min_io_size boundary i.e. 'offs' is in the
366 * last wbuf written. After that should be empty space.
368 empty_offs = ALIGN(offs + 1, c->min_io_size);
369 check_len = c->leb_size - empty_offs;
370 p = buf + empty_offs - offs;
372 for (; check_len > 0; check_len--)
379 * clean_buf - clean the data from an LEB sitting in a buffer.
380 * @c: UBIFS file-system description object
381 * @buf: buffer to clean
382 * @lnum: LEB number to clean
383 * @offs: offset from which to clean
384 * @len: length of buffer
386 * This function pads up to the next min_io_size boundary (if there is one) and
387 * sets empty space to all 0xff. @buf, @offs and @len are updated to the next
388 * min_io_size boundary (if there is one).
390 static void clean_buf(const struct ubifs_info *c, void **buf, int lnum,
393 int empty_offs, pad_len;
396 dbg_rcvry("cleaning corruption at %d:%d", lnum, *offs);
398 if (c->min_io_size == 1) {
399 memset(*buf, 0xff, c->leb_size - *offs);
403 ubifs_assert(!(*offs & 7));
404 empty_offs = ALIGN(*offs, c->min_io_size);
405 pad_len = empty_offs - *offs;
406 ubifs_pad(c, *buf, pad_len);
410 memset(*buf, 0xff, c->leb_size - empty_offs);
414 * no_more_nodes - determine if there are no more nodes in a buffer.
415 * @c: UBIFS file-system description object
416 * @buf: buffer to check
417 * @len: length of buffer
418 * @lnum: LEB number of the LEB from which @buf was read
419 * @offs: offset from which @buf was read
421 * This function scans @buf for more nodes and returns %0 is a node is found and
422 * %1 if no more nodes are found.
424 static int no_more_nodes(const struct ubifs_info *c, void *buf, int len,
427 int skip, next_offs = 0;
429 if (len > UBIFS_DATA_NODE_SZ) {
430 struct ubifs_ch *ch = buf;
431 int dlen = le32_to_cpu(ch->len);
433 if (ch->node_type == UBIFS_DATA_NODE && dlen >= UBIFS_CH_SZ &&
434 dlen <= UBIFS_MAX_DATA_NODE_SZ)
435 /* The corrupt node looks like a data node */
436 next_offs = ALIGN(offs + dlen, 8);
439 if (c->min_io_size == 1)
442 skip = ALIGN(offs + 1, c->min_io_size) - offs;
448 struct ubifs_ch *ch = buf;
449 uint32_t magic = le32_to_cpu(ch->magic);
452 if (magic == UBIFS_NODE_MAGIC) {
453 ret = ubifs_scan_a_node(c, buf, len, lnum, offs, 1);
454 if (ret == SCANNED_A_NODE || ret > 0) {
456 * There is a small chance this is just data in
457 * a data node, so check that possibility. e.g.
458 * this is part of a file that itself contains
461 if (next_offs && offs + le32_to_cpu(ch->len) <=
464 dbg_rcvry("unexpected node at %d:%d", lnum,
477 * fix_unclean_leb - fix an unclean LEB.
478 * @c: UBIFS file-system description object
479 * @sleb: scanned LEB information
480 * @start: offset where scan started
482 static int fix_unclean_leb(struct ubifs_info *c, struct ubifs_scan_leb *sleb,
485 int lnum = sleb->lnum, endpt = start;
487 /* Get the end offset of the last node we are keeping */
488 if (!list_empty(&sleb->nodes)) {
489 struct ubifs_scan_node *snod;
491 snod = list_entry(sleb->nodes.prev,
492 struct ubifs_scan_node, list);
493 endpt = snod->offs + snod->len;
496 if ((c->vfs_sb->s_flags & MS_RDONLY) && !c->remounting_rw) {
497 /* Add to recovery list */
498 struct ubifs_unclean_leb *ucleb;
500 dbg_rcvry("need to fix LEB %d start %d endpt %d",
501 lnum, start, sleb->endpt);
502 ucleb = kzalloc(sizeof(struct ubifs_unclean_leb), GFP_NOFS);
506 ucleb->endpt = endpt;
507 list_add_tail(&ucleb->list, &c->unclean_leb_list);
513 * drop_incomplete_group - drop nodes from an incomplete group.
514 * @sleb: scanned LEB information
515 * @offs: offset of dropped nodes is returned here
517 * This function returns %1 if nodes are dropped and %0 otherwise.
519 static int drop_incomplete_group(struct ubifs_scan_leb *sleb, int *offs)
523 while (!list_empty(&sleb->nodes)) {
524 struct ubifs_scan_node *snod;
527 snod = list_entry(sleb->nodes.prev, struct ubifs_scan_node,
530 if (ch->group_type != UBIFS_IN_NODE_GROUP)
532 dbg_rcvry("dropping node at %d:%d", sleb->lnum, snod->offs);
534 list_del(&snod->list);
536 sleb->nodes_cnt -= 1;
543 * ubifs_recover_leb - scan and recover a LEB.
544 * @c: UBIFS file-system description object
547 * @sbuf: LEB-sized buffer to use
548 * @grouped: nodes may be grouped for recovery
550 * This function does a scan of a LEB, but caters for errors that might have
551 * been caused by the unclean unmount from which we are attempting to recover.
553 * This function returns %0 on success and a negative error code on failure.
555 struct ubifs_scan_leb *ubifs_recover_leb(struct ubifs_info *c, int lnum,
556 int offs, void *sbuf, int grouped)
558 int err, len = c->leb_size - offs, need_clean = 0, quiet = 1;
559 int empty_chkd = 0, start = offs;
560 struct ubifs_scan_leb *sleb;
561 void *buf = sbuf + offs;
563 dbg_rcvry("%d:%d", lnum, offs);
565 sleb = ubifs_start_scan(c, lnum, offs, sbuf);
575 dbg_scan("look at LEB %d:%d (%d bytes left)",
581 * Scan quietly until there is an error from which we cannot
584 ret = ubifs_scan_a_node(c, buf, len, lnum, offs, quiet);
586 if (ret == SCANNED_A_NODE) {
587 /* A valid node, and not a padding node */
588 struct ubifs_ch *ch = buf;
591 err = ubifs_add_snod(c, sleb, buf, offs);
594 node_len = ALIGN(le32_to_cpu(ch->len), 8);
602 /* Padding bytes or a valid padding node */
609 if (ret == SCANNED_EMPTY_SPACE) {
610 if (!is_empty(buf, len)) {
611 if (!is_last_write(c, buf, offs))
613 clean_buf(c, &buf, lnum, &offs, &len);
620 if (ret == SCANNED_GARBAGE || ret == SCANNED_A_BAD_PAD_NODE)
621 if (is_last_write(c, buf, offs)) {
622 clean_buf(c, &buf, lnum, &offs, &len);
628 if (ret == SCANNED_A_CORRUPT_NODE)
629 if (no_more_nodes(c, buf, len, lnum, offs)) {
630 clean_buf(c, &buf, lnum, &offs, &len);
637 /* Redo the last scan but noisily */
643 case SCANNED_GARBAGE:
646 case SCANNED_A_CORRUPT_NODE:
647 case SCANNED_A_BAD_PAD_NODE:
656 if (!empty_chkd && !is_empty(buf, len)) {
657 if (is_last_write(c, buf, offs)) {
658 clean_buf(c, &buf, lnum, &offs, &len);
661 ubifs_err("corrupt empty space at LEB %d:%d",
667 /* Drop nodes from incomplete group */
668 if (grouped && drop_incomplete_group(sleb, &offs)) {
670 len = c->leb_size - offs;
671 clean_buf(c, &buf, lnum, &offs, &len);
675 if (offs % c->min_io_size) {
676 clean_buf(c, &buf, lnum, &offs, &len);
680 ubifs_end_scan(c, sleb, lnum, offs);
683 err = fix_unclean_leb(c, sleb, start);
691 ubifs_scanned_corruption(c, lnum, offs, buf);
694 ubifs_err("LEB %d scanning failed", lnum);
695 ubifs_scan_destroy(sleb);
700 * get_cs_sqnum - get commit start sequence number.
701 * @c: UBIFS file-system description object
702 * @lnum: LEB number of commit start node
703 * @offs: offset of commit start node
704 * @cs_sqnum: commit start sequence number is returned here
706 * This function returns %0 on success and a negative error code on failure.
708 static int get_cs_sqnum(struct ubifs_info *c, int lnum, int offs,
709 unsigned long long *cs_sqnum)
711 struct ubifs_cs_node *cs_node = NULL;
714 dbg_rcvry("at %d:%d", lnum, offs);
715 cs_node = kmalloc(UBIFS_CS_NODE_SZ, GFP_KERNEL);
718 if (c->leb_size - offs < UBIFS_CS_NODE_SZ)
720 err = ubi_read(c->ubi, lnum, (void *)cs_node, offs, UBIFS_CS_NODE_SZ);
721 if (err && err != -EBADMSG)
723 ret = ubifs_scan_a_node(c, cs_node, UBIFS_CS_NODE_SZ, lnum, offs, 0);
724 if (ret != SCANNED_A_NODE) {
725 dbg_err("Not a valid node");
728 if (cs_node->ch.node_type != UBIFS_CS_NODE) {
729 dbg_err("Node a CS node, type is %d", cs_node->ch.node_type);
732 if (le64_to_cpu(cs_node->cmt_no) != c->cmt_no) {
733 dbg_err("CS node cmt_no %llu != current cmt_no %llu",
734 (unsigned long long)le64_to_cpu(cs_node->cmt_no),
738 *cs_sqnum = le64_to_cpu(cs_node->ch.sqnum);
739 dbg_rcvry("commit start sqnum %llu", *cs_sqnum);
746 ubifs_err("failed to get CS sqnum");
752 * ubifs_recover_log_leb - scan and recover a log LEB.
753 * @c: UBIFS file-system description object
756 * @sbuf: LEB-sized buffer to use
758 * This function does a scan of a LEB, but caters for errors that might have
759 * been caused by the unclean unmount from which we are attempting to recover.
761 * This function returns %0 on success and a negative error code on failure.
763 struct ubifs_scan_leb *ubifs_recover_log_leb(struct ubifs_info *c, int lnum,
764 int offs, void *sbuf)
766 struct ubifs_scan_leb *sleb;
769 dbg_rcvry("LEB %d", lnum);
770 next_lnum = lnum + 1;
771 if (next_lnum >= UBIFS_LOG_LNUM + c->log_lebs)
772 next_lnum = UBIFS_LOG_LNUM;
773 if (next_lnum != c->ltail_lnum) {
775 * We can only recover at the end of the log, so check that the
776 * next log LEB is empty or out of date.
778 sleb = ubifs_scan(c, next_lnum, 0, sbuf);
781 if (sleb->nodes_cnt) {
782 struct ubifs_scan_node *snod;
783 unsigned long long cs_sqnum = c->cs_sqnum;
785 snod = list_entry(sleb->nodes.next,
786 struct ubifs_scan_node, list);
790 err = get_cs_sqnum(c, lnum, offs, &cs_sqnum);
792 ubifs_scan_destroy(sleb);
796 if (snod->sqnum > cs_sqnum) {
797 ubifs_err("unrecoverable log corruption "
799 ubifs_scan_destroy(sleb);
800 return ERR_PTR(-EUCLEAN);
803 ubifs_scan_destroy(sleb);
805 return ubifs_recover_leb(c, lnum, offs, sbuf, 0);
809 * recover_head - recover a head.
810 * @c: UBIFS file-system description object
811 * @lnum: LEB number of head to recover
812 * @offs: offset of head to recover
813 * @sbuf: LEB-sized buffer to use
815 * This function ensures that there is no data on the flash at a head location.
817 * This function returns %0 on success and a negative error code on failure.
819 static int recover_head(const struct ubifs_info *c, int lnum, int offs,
822 int len, err, need_clean = 0;
824 if (c->min_io_size > 1)
825 len = c->min_io_size;
828 if (offs + len > c->leb_size)
829 len = c->leb_size - offs;
834 /* Read at the head location and check it is empty flash */
835 err = ubi_read(c->ubi, lnum, sbuf, offs, len);
849 dbg_rcvry("cleaning head at %d:%d", lnum, offs);
851 return ubifs_leb_unmap(c, lnum);
852 err = ubi_read(c->ubi, lnum, sbuf, 0, offs);
855 return ubi_leb_change(c->ubi, lnum, sbuf, offs, UBI_UNKNOWN);
862 * ubifs_recover_inl_heads - recover index and LPT heads.
863 * @c: UBIFS file-system description object
864 * @sbuf: LEB-sized buffer to use
866 * This function ensures that there is no data on the flash at the index and
867 * LPT head locations.
869 * This deals with the recovery of a half-completed journal commit. UBIFS is
870 * careful never to overwrite the last version of the index or the LPT. Because
871 * the index and LPT are wandering trees, data from a half-completed commit will
872 * not be referenced anywhere in UBIFS. The data will be either in LEBs that are
873 * assumed to be empty and will be unmapped anyway before use, or in the index
876 * This function returns %0 on success and a negative error code on failure.
878 int ubifs_recover_inl_heads(const struct ubifs_info *c, void *sbuf)
882 ubifs_assert(!(c->vfs_sb->s_flags & MS_RDONLY) || c->remounting_rw);
884 dbg_rcvry("checking index head at %d:%d", c->ihead_lnum, c->ihead_offs);
885 err = recover_head(c, c->ihead_lnum, c->ihead_offs, sbuf);
889 dbg_rcvry("checking LPT head at %d:%d", c->nhead_lnum, c->nhead_offs);
890 err = recover_head(c, c->nhead_lnum, c->nhead_offs, sbuf);
898 * clean_an_unclean_leb - read and write a LEB to remove corruption.
899 * @c: UBIFS file-system description object
900 * @ucleb: unclean LEB information
901 * @sbuf: LEB-sized buffer to use
903 * This function reads a LEB up to a point pre-determined by the mount recovery,
904 * checks the nodes, and writes the result back to the flash, thereby cleaning
905 * off any following corruption, or non-fatal ECC errors.
907 * This function returns %0 on success and a negative error code on failure.
909 static int clean_an_unclean_leb(const struct ubifs_info *c,
910 struct ubifs_unclean_leb *ucleb, void *sbuf)
912 int err, lnum = ucleb->lnum, offs = 0, len = ucleb->endpt, quiet = 1;
915 dbg_rcvry("LEB %d len %d", lnum, len);
918 /* Nothing to read, just unmap it */
919 err = ubifs_leb_unmap(c, lnum);
925 err = ubi_read(c->ubi, lnum, buf, offs, len);
926 if (err && err != -EBADMSG)
934 /* Scan quietly until there is an error */
935 ret = ubifs_scan_a_node(c, buf, len, lnum, offs, quiet);
937 if (ret == SCANNED_A_NODE) {
938 /* A valid node, and not a padding node */
939 struct ubifs_ch *ch = buf;
942 node_len = ALIGN(le32_to_cpu(ch->len), 8);
950 /* Padding bytes or a valid padding node */
957 if (ret == SCANNED_EMPTY_SPACE) {
958 ubifs_err("unexpected empty space at %d:%d",
964 /* Redo the last scan but noisily */
969 ubifs_scanned_corruption(c, lnum, offs, buf);
973 /* Pad to min_io_size */
974 len = ALIGN(ucleb->endpt, c->min_io_size);
975 if (len > ucleb->endpt) {
976 int pad_len = len - ALIGN(ucleb->endpt, 8);
979 buf = c->sbuf + len - pad_len;
980 ubifs_pad(c, buf, pad_len);
984 /* Write back the LEB atomically */
985 err = ubi_leb_change(c->ubi, lnum, sbuf, len, UBI_UNKNOWN);
989 dbg_rcvry("cleaned LEB %d", lnum);
995 * ubifs_clean_lebs - clean LEBs recovered during read-only mount.
996 * @c: UBIFS file-system description object
997 * @sbuf: LEB-sized buffer to use
999 * This function cleans a LEB identified during recovery that needs to be
1000 * written but was not because UBIFS was mounted read-only. This happens when
1001 * remounting to read-write mode.
1003 * This function returns %0 on success and a negative error code on failure.
1005 int ubifs_clean_lebs(const struct ubifs_info *c, void *sbuf)
1007 dbg_rcvry("recovery");
1008 while (!list_empty(&c->unclean_leb_list)) {
1009 struct ubifs_unclean_leb *ucleb;
1012 ucleb = list_entry(c->unclean_leb_list.next,
1013 struct ubifs_unclean_leb, list);
1014 err = clean_an_unclean_leb(c, ucleb, sbuf);
1017 list_del(&ucleb->list);
1024 * struct size_entry - inode size information for recovery.
1025 * @rb: link in the RB-tree of sizes
1026 * @inum: inode number
1027 * @i_size: size on inode
1028 * @d_size: maximum size based on data nodes
1029 * @exists: indicates whether the inode exists
1030 * @inode: inode if pinned in memory awaiting rw mode to fix it
1038 struct inode *inode;
1042 * add_ino - add an entry to the size tree.
1043 * @c: UBIFS file-system description object
1044 * @inum: inode number
1045 * @i_size: size on inode
1046 * @d_size: maximum size based on data nodes
1047 * @exists: indicates whether the inode exists
1049 static int add_ino(struct ubifs_info *c, ino_t inum, loff_t i_size,
1050 loff_t d_size, int exists)
1052 struct rb_node **p = &c->size_tree.rb_node, *parent = NULL;
1053 struct size_entry *e;
1057 e = rb_entry(parent, struct size_entry, rb);
1061 p = &(*p)->rb_right;
1064 e = kzalloc(sizeof(struct size_entry), GFP_KERNEL);
1073 rb_link_node(&e->rb, parent, p);
1074 rb_insert_color(&e->rb, &c->size_tree);
1080 * find_ino - find an entry on the size tree.
1081 * @c: UBIFS file-system description object
1082 * @inum: inode number
1084 static struct size_entry *find_ino(struct ubifs_info *c, ino_t inum)
1086 struct rb_node *p = c->size_tree.rb_node;
1087 struct size_entry *e;
1090 e = rb_entry(p, struct size_entry, rb);
1093 else if (inum > e->inum)
1102 * remove_ino - remove an entry from the size tree.
1103 * @c: UBIFS file-system description object
1104 * @inum: inode number
1106 static void remove_ino(struct ubifs_info *c, ino_t inum)
1108 struct size_entry *e = find_ino(c, inum);
1112 rb_erase(&e->rb, &c->size_tree);
1117 * ubifs_recover_size_accum - accumulate inode sizes for recovery.
1118 * @c: UBIFS file-system description object
1120 * @deletion: node is for a deletion
1121 * @new_size: inode size
1123 * This function has two purposes:
1124 * 1) to ensure there are no data nodes that fall outside the inode size
1125 * 2) to ensure there are no data nodes for inodes that do not exist
1126 * To accomplish those purposes, a rb-tree is constructed containing an entry
1127 * for each inode number in the journal that has not been deleted, and recording
1128 * the size from the inode node, the maximum size of any data node (also altered
1129 * by truncations) and a flag indicating a inode number for which no inode node
1130 * was present in the journal.
1132 * Note that there is still the possibility that there are data nodes that have
1133 * been committed that are beyond the inode size, however the only way to find
1134 * them would be to scan the entire index. Alternatively, some provision could
1135 * be made to record the size of inodes at the start of commit, which would seem
1136 * very cumbersome for a scenario that is quite unlikely and the only negative
1137 * consequence of which is wasted space.
1139 * This functions returns %0 on success and a negative error code on failure.
1141 int ubifs_recover_size_accum(struct ubifs_info *c, union ubifs_key *key,
1142 int deletion, loff_t new_size)
1144 ino_t inum = key_inum(c, key);
1145 struct size_entry *e;
1148 switch (key_type(c, key)) {
1151 remove_ino(c, inum);
1153 e = find_ino(c, inum);
1155 e->i_size = new_size;
1158 err = add_ino(c, inum, new_size, 0, 1);
1164 case UBIFS_DATA_KEY:
1165 e = find_ino(c, inum);
1167 if (new_size > e->d_size)
1168 e->d_size = new_size;
1170 err = add_ino(c, inum, 0, new_size, 0);
1175 case UBIFS_TRUN_KEY:
1176 e = find_ino(c, inum);
1178 e->d_size = new_size;
1185 * ubifs_recover_size - recover inode size.
1186 * @c: UBIFS file-system description object
1188 * This function attempts to fix inode size discrepancies identified by the
1189 * 'ubifs_recover_size_accum()' function.
1191 * This functions returns %0 on success and a negative error code on failure.
1193 int ubifs_recover_size(struct ubifs_info *c)
1195 struct rb_node *this = rb_first(&c->size_tree);
1198 struct size_entry *e;
1201 e = rb_entry(this, struct size_entry, rb);
1203 union ubifs_key key;
1205 ino_key_init(c, &key, e->inum);
1206 err = ubifs_tnc_lookup(c, &key, c->sbuf);
1207 if (err && err != -ENOENT)
1209 if (err == -ENOENT) {
1210 /* Remove data nodes that have no inode */
1211 dbg_rcvry("removing ino %lu",
1212 (unsigned long)e->inum);
1213 err = ubifs_tnc_remove_ino(c, e->inum);
1217 struct ubifs_ino_node *ino = c->sbuf;
1220 e->i_size = le64_to_cpu(ino->size);
1223 if (e->exists && e->i_size < e->d_size) {
1224 if (!e->inode && (c->vfs_sb->s_flags & MS_RDONLY)) {
1225 /* Fix the inode size and pin it in memory */
1226 struct inode *inode;
1228 inode = ubifs_iget(c->vfs_sb, e->inum);
1230 return PTR_ERR(inode);
1231 if (inode->i_size < e->d_size) {
1232 dbg_rcvry("ino %lu size %lld -> %lld",
1233 (unsigned long)e->inum,
1234 e->d_size, inode->i_size);
1235 inode->i_size = e->d_size;
1236 ubifs_inode(inode)->ui_size = e->d_size;
1238 this = rb_next(this);
1244 this = rb_next(this);
1245 rb_erase(&e->rb, &c->size_tree);
projects / oweals / u-boot.git / blob