2005-04-17 06:20:36 +08:00
|
|
|
/*
|
2005-11-02 11:58:39 +08:00
|
|
|
* Copyright (c) 2000-2005 Silicon Graphics, Inc.
|
|
|
|
* All Rights Reserved.
|
2005-04-17 06:20:36 +08:00
|
|
|
*
|
2005-11-02 11:58:39 +08:00
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License as
|
2005-04-17 06:20:36 +08:00
|
|
|
* published by the Free Software Foundation.
|
|
|
|
*
|
2005-11-02 11:58:39 +08:00
|
|
|
* This program is distributed in the hope that it would be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
2005-04-17 06:20:36 +08:00
|
|
|
*
|
2005-11-02 11:58:39 +08:00
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write the Free Software Foundation,
|
|
|
|
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
2005-04-17 06:20:36 +08:00
|
|
|
*/
|
|
|
|
#include "xfs.h"
|
2005-11-02 11:38:42 +08:00
|
|
|
#include "xfs_fs.h"
|
2013-10-23 07:36:05 +08:00
|
|
|
#include "xfs_shared.h"
|
2013-10-23 07:50:10 +08:00
|
|
|
#include "xfs_format.h"
|
|
|
|
#include "xfs_log_format.h"
|
|
|
|
#include "xfs_trans_resv.h"
|
2005-11-02 11:38:42 +08:00
|
|
|
#include "xfs_bit.h"
|
2005-04-17 06:20:36 +08:00
|
|
|
#include "xfs_mount.h"
|
2016-08-03 09:15:38 +08:00
|
|
|
#include "xfs_defer.h"
|
2013-10-15 06:17:51 +08:00
|
|
|
#include "xfs_da_format.h"
|
2005-11-02 11:38:42 +08:00
|
|
|
#include "xfs_da_btree.h"
|
|
|
|
#include "xfs_attr_sf.h"
|
2005-04-17 06:20:36 +08:00
|
|
|
#include "xfs_inode.h"
|
2005-11-02 11:38:42 +08:00
|
|
|
#include "xfs_alloc.h"
|
2013-10-23 07:50:10 +08:00
|
|
|
#include "xfs_trans.h"
|
2005-11-02 11:38:42 +08:00
|
|
|
#include "xfs_inode_item.h"
|
2005-04-17 06:20:36 +08:00
|
|
|
#include "xfs_bmap.h"
|
2013-08-12 18:49:42 +08:00
|
|
|
#include "xfs_bmap_util.h"
|
2013-10-23 07:51:50 +08:00
|
|
|
#include "xfs_bmap_btree.h"
|
2005-04-17 06:20:36 +08:00
|
|
|
#include "xfs_attr.h"
|
|
|
|
#include "xfs_attr_leaf.h"
|
2013-04-03 13:11:27 +08:00
|
|
|
#include "xfs_attr_remote.h"
|
2005-04-17 06:20:36 +08:00
|
|
|
#include "xfs_error.h"
|
|
|
|
#include "xfs_quota.h"
|
|
|
|
#include "xfs_trans_space.h"
|
2009-12-15 07:14:59 +08:00
|
|
|
#include "xfs_trace.h"
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* xfs_attr.c
|
|
|
|
*
|
|
|
|
* Provide the external interfaces to manage attribute lists.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/*========================================================================
|
|
|
|
* Function prototypes for the kernel.
|
|
|
|
*========================================================================*/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Internal routines when attribute list fits inside the inode.
|
|
|
|
*/
|
|
|
|
STATIC int xfs_attr_shortform_addname(xfs_da_args_t *args);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Internal routines when attribute list is one block.
|
|
|
|
*/
|
2005-06-21 13:36:52 +08:00
|
|
|
STATIC int xfs_attr_leaf_get(xfs_da_args_t *args);
|
2005-04-17 06:20:36 +08:00
|
|
|
STATIC int xfs_attr_leaf_addname(xfs_da_args_t *args);
|
|
|
|
STATIC int xfs_attr_leaf_removename(xfs_da_args_t *args);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Internal routines when attribute list is more than one block.
|
|
|
|
*/
|
2005-06-21 13:36:52 +08:00
|
|
|
STATIC int xfs_attr_node_get(xfs_da_args_t *args);
|
2005-04-17 06:20:36 +08:00
|
|
|
STATIC int xfs_attr_node_addname(xfs_da_args_t *args);
|
|
|
|
STATIC int xfs_attr_node_removename(xfs_da_args_t *args);
|
|
|
|
STATIC int xfs_attr_fillstate(xfs_da_state_t *state);
|
|
|
|
STATIC int xfs_attr_refillstate(xfs_da_state_t *state);
|
|
|
|
|
|
|
|
|
2008-04-22 15:34:31 +08:00
|
|
|
STATIC int
|
2014-05-13 14:34:43 +08:00
|
|
|
xfs_attr_args_init(
|
|
|
|
struct xfs_da_args *args,
|
|
|
|
struct xfs_inode *dp,
|
|
|
|
const unsigned char *name,
|
|
|
|
int flags)
|
2008-04-22 15:34:31 +08:00
|
|
|
{
|
2014-05-13 14:34:43 +08:00
|
|
|
|
|
|
|
if (!name)
|
2014-06-25 12:58:08 +08:00
|
|
|
return -EINVAL;
|
2014-05-13 14:34:43 +08:00
|
|
|
|
|
|
|
memset(args, 0, sizeof(*args));
|
2014-06-06 13:01:58 +08:00
|
|
|
args->geo = dp->i_mount->m_attr_geo;
|
2014-05-13 14:34:43 +08:00
|
|
|
args->whichfork = XFS_ATTR_FORK;
|
|
|
|
args->dp = dp;
|
|
|
|
args->flags = flags;
|
|
|
|
args->name = name;
|
|
|
|
args->namelen = strlen((const char *)name);
|
|
|
|
if (args->namelen >= MAXNAMELEN)
|
2014-06-25 12:58:08 +08:00
|
|
|
return -EFAULT; /* match IRIX behaviour */
|
2008-04-22 15:34:31 +08:00
|
|
|
|
2014-05-13 14:34:43 +08:00
|
|
|
args->hashval = xfs_da_hashname(args->name, args->namelen);
|
2008-04-22 15:34:31 +08:00
|
|
|
return 0;
|
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2013-08-12 18:49:38 +08:00
|
|
|
int
|
2008-06-23 11:23:41 +08:00
|
|
|
xfs_inode_hasattr(
|
|
|
|
struct xfs_inode *ip)
|
|
|
|
{
|
|
|
|
if (!XFS_IFORK_Q(ip) ||
|
|
|
|
(ip->i_d.di_aformat == XFS_DINODE_FMT_EXTENTS &&
|
|
|
|
ip->i_d.di_anextents == 0))
|
|
|
|
return 0;
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
/*========================================================================
|
|
|
|
* Overall external interface routines.
|
|
|
|
*========================================================================*/
|
|
|
|
|
2017-06-17 02:00:14 +08:00
|
|
|
/* Retrieve an extended attribute and its value. Must have iolock. */
|
|
|
|
int
|
|
|
|
xfs_attr_get_ilocked(
|
|
|
|
struct xfs_inode *ip,
|
|
|
|
struct xfs_da_args *args)
|
|
|
|
{
|
|
|
|
if (!xfs_inode_hasattr(ip))
|
|
|
|
return -ENOATTR;
|
|
|
|
else if (ip->i_d.di_aformat == XFS_DINODE_FMT_LOCAL)
|
|
|
|
return xfs_attr_shortform_getvalue(args);
|
|
|
|
else if (xfs_bmap_one_block(ip, XFS_ATTR_FORK))
|
|
|
|
return xfs_attr_leaf_get(args);
|
|
|
|
else
|
|
|
|
return xfs_attr_node_get(args);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Retrieve an extended attribute by name, and its value. */
|
2014-05-13 14:34:24 +08:00
|
|
|
int
|
|
|
|
xfs_attr_get(
|
2009-11-15 00:17:20 +08:00
|
|
|
struct xfs_inode *ip,
|
2014-05-13 14:34:24 +08:00
|
|
|
const unsigned char *name,
|
2010-01-20 07:47:48 +08:00
|
|
|
unsigned char *value,
|
2009-11-15 00:17:20 +08:00
|
|
|
int *valuelenp,
|
|
|
|
int flags)
|
2005-04-17 06:20:36 +08:00
|
|
|
{
|
2014-05-13 14:34:24 +08:00
|
|
|
struct xfs_da_args args;
|
|
|
|
uint lock_mode;
|
|
|
|
int error;
|
|
|
|
|
2015-10-12 15:21:22 +08:00
|
|
|
XFS_STATS_INC(ip->i_mount, xs_attr_get);
|
2014-05-13 14:34:24 +08:00
|
|
|
|
|
|
|
if (XFS_FORCED_SHUTDOWN(ip->i_mount))
|
2014-06-25 12:58:08 +08:00
|
|
|
return -EIO;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2014-05-13 14:34:43 +08:00
|
|
|
error = xfs_attr_args_init(&args, ip, name, flags);
|
2014-05-13 14:34:24 +08:00
|
|
|
if (error)
|
|
|
|
return error;
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
args.value = value;
|
|
|
|
args.valuelen = *valuelenp;
|
xfs: set XFS_DA_OP_OKNOENT in xfs_attr_get
It's entirely possible for userspace to ask for an xattr which
does not exist.
Normally, there is no problem whatsoever when we ask for such
a thing, but when we look at an obfuscated metadump image
on a debug kernel with selinux, we trip over this ASSERT in
xfs_da3_path_shift():
*result = -ENOENT; /* we're out of our tree */
ASSERT(args->op_flags & XFS_DA_OP_OKNOENT);
It (more or less) only shows up in the above scenario, because
xfs_metadump obfuscates attr names, but chooses names which
keep the same hash value - and xfs_da3_node_lookup_int does:
if (((retval == -ENOENT) || (retval == -ENOATTR)) &&
(blk->hashval == args->hashval)) {
error = xfs_da3_path_shift(state, &state->path, 1, 1,
&retval);
IOWS, we only get down to the xfs_da3_path_shift() ASSERT
if we are looking for an xattr which doesn't exist, but we
find xattrs on disk which have the same hash, and so might be
a hash collision, so we try the path shift. When *that*
fails to find what we're looking for, we hit the assert about
XFS_DA_OP_OKNOENT.
Simply setting XFS_DA_OP_OKNOENT in xfs_attr_get solves this
rather corner-case problem with no ill side effects. It's
fine for an attr name lookup to fail.
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Reviewed-by: Dave Chinner <dchinner@redhat.com>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2015-08-19 08:30:48 +08:00
|
|
|
/* Entirely possible to look up a name which doesn't exist */
|
|
|
|
args.op_flags = XFS_DA_OP_OKNOENT;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2014-05-13 14:34:24 +08:00
|
|
|
lock_mode = xfs_ilock_attr_map_shared(ip);
|
2017-06-17 02:00:14 +08:00
|
|
|
error = xfs_attr_get_ilocked(ip, &args);
|
2014-05-13 14:34:24 +08:00
|
|
|
xfs_iunlock(ip, lock_mode);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
*valuelenp = args.valuelen;
|
2014-06-25 12:58:08 +08:00
|
|
|
return error == -EEXIST ? 0 : error;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
2008-08-13 14:03:35 +08:00
|
|
|
/*
|
|
|
|
* Calculate how many blocks we need for the new attribute,
|
|
|
|
*/
|
2009-11-19 23:52:00 +08:00
|
|
|
STATIC int
|
2008-08-13 14:03:35 +08:00
|
|
|
xfs_attr_calc_size(
|
2014-05-13 14:40:19 +08:00
|
|
|
struct xfs_da_args *args,
|
2008-08-13 14:03:35 +08:00
|
|
|
int *local)
|
|
|
|
{
|
2014-05-13 14:40:19 +08:00
|
|
|
struct xfs_mount *mp = args->dp->i_mount;
|
2008-08-13 14:03:35 +08:00
|
|
|
int size;
|
|
|
|
int nblks;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Determine space new attribute will use, and if it would be
|
|
|
|
* "local" or "remote" (note: local != inline).
|
|
|
|
*/
|
2014-06-06 13:21:27 +08:00
|
|
|
size = xfs_attr_leaf_newentsize(args, local);
|
2008-08-13 14:03:35 +08:00
|
|
|
nblks = XFS_DAENTER_SPACE_RES(mp, XFS_ATTR_FORK);
|
|
|
|
if (*local) {
|
2014-06-06 13:21:10 +08:00
|
|
|
if (size > (args->geo->blksize / 2)) {
|
2008-08-13 14:03:35 +08:00
|
|
|
/* Double split possible */
|
|
|
|
nblks *= 2;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
/*
|
|
|
|
* Out of line attribute, cannot double split, but
|
|
|
|
* make room for the attribute value itself.
|
|
|
|
*/
|
2014-05-15 07:39:28 +08:00
|
|
|
uint dblocks = xfs_attr3_rmt_blocks(mp, args->valuelen);
|
2008-08-13 14:03:35 +08:00
|
|
|
nblks += dblocks;
|
|
|
|
nblks += XFS_NEXTENTADD_SPACE_RES(mp, dblocks, XFS_ATTR_FORK);
|
|
|
|
}
|
|
|
|
|
|
|
|
return nblks;
|
|
|
|
}
|
|
|
|
|
2014-05-13 14:34:14 +08:00
|
|
|
int
|
|
|
|
xfs_attr_set(
|
|
|
|
struct xfs_inode *dp,
|
|
|
|
const unsigned char *name,
|
|
|
|
unsigned char *value,
|
|
|
|
int valuelen,
|
|
|
|
int flags)
|
2005-04-17 06:20:36 +08:00
|
|
|
{
|
2013-08-12 18:49:59 +08:00
|
|
|
struct xfs_mount *mp = dp->i_mount;
|
2014-05-13 14:34:14 +08:00
|
|
|
struct xfs_da_args args;
|
2016-08-03 09:19:29 +08:00
|
|
|
struct xfs_defer_ops dfops;
|
2013-08-12 18:49:59 +08:00
|
|
|
struct xfs_trans_res tres;
|
2014-05-13 14:34:14 +08:00
|
|
|
xfs_fsblock_t firstblock;
|
2013-08-12 18:49:59 +08:00
|
|
|
int rsvd = (flags & ATTR_ROOT) != 0;
|
xfs: eliminate committed arg from xfs_bmap_finish
Calls to xfs_bmap_finish() and xfs_trans_ijoin(), and the
associated comments were replicated several times across
the attribute code, all dealing with what to do if the
transaction was or wasn't committed.
And in that replicated code, an ASSERT() test of an
uninitialized variable occurs in several locations:
error = xfs_attr_thing(&args);
if (!error) {
error = xfs_bmap_finish(&args.trans, args.flist,
&committed);
}
if (error) {
ASSERT(committed);
If the first xfs_attr_thing() failed, we'd skip the xfs_bmap_finish,
never set "committed", and then test it in the ASSERT.
Fix this up by moving the committed state internal to xfs_bmap_finish,
and add a new inode argument. If an inode is passed in, it is passed
through to __xfs_trans_roll() and joined to the transaction there if
the transaction was committed.
xfs_qm_dqalloc() was a little unique in that it called bjoin rather
than ijoin, but as Dave points out we can detect the committed state
but checking whether (*tpp != tp).
Addresses-Coverity-Id: 102360
Addresses-Coverity-Id: 102361
Addresses-Coverity-Id: 102363
Addresses-Coverity-Id: 102364
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2016-01-11 08:34:01 +08:00
|
|
|
int error, err2, local;
|
2014-05-13 14:34:14 +08:00
|
|
|
|
2015-10-12 15:21:22 +08:00
|
|
|
XFS_STATS_INC(mp, xs_attr_set);
|
2014-05-13 14:34:14 +08:00
|
|
|
|
|
|
|
if (XFS_FORCED_SHUTDOWN(dp->i_mount))
|
2014-06-25 12:58:08 +08:00
|
|
|
return -EIO;
|
2014-05-13 14:34:14 +08:00
|
|
|
|
2014-05-13 14:34:43 +08:00
|
|
|
error = xfs_attr_args_init(&args, dp, name, flags);
|
2014-05-13 14:34:14 +08:00
|
|
|
if (error)
|
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2014-05-13 14:34:43 +08:00
|
|
|
args.value = value;
|
|
|
|
args.valuelen = valuelen;
|
|
|
|
args.firstblock = &firstblock;
|
2016-08-03 09:19:29 +08:00
|
|
|
args.dfops = &dfops;
|
2014-05-13 14:34:43 +08:00
|
|
|
args.op_flags = XFS_DA_OP_ADDNAME | XFS_DA_OP_OKNOENT;
|
2014-05-13 14:40:19 +08:00
|
|
|
args.total = xfs_attr_calc_size(&args, &local);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2009-06-08 21:33:32 +08:00
|
|
|
error = xfs_qm_dqattach(dp, 0);
|
|
|
|
if (error)
|
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If the inode doesn't have an attribute fork, add one.
|
|
|
|
* (inode must not be locked when we call this routine)
|
|
|
|
*/
|
|
|
|
if (XFS_IFORK_Q(dp) == 0) {
|
2007-02-10 15:35:58 +08:00
|
|
|
int sf_size = sizeof(xfs_attr_sf_hdr_t) +
|
2014-05-13 14:34:43 +08:00
|
|
|
XFS_ATTR_SF_ENTSIZE_BYNAME(args.namelen, valuelen);
|
2007-02-10 15:35:58 +08:00
|
|
|
|
2014-05-13 14:34:14 +08:00
|
|
|
error = xfs_bmap_add_attrfork(dp, sf_size, rsvd);
|
|
|
|
if (error)
|
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
2016-04-06 07:19:55 +08:00
|
|
|
tres.tr_logres = M_RES(mp)->tr_attrsetm.tr_logres +
|
|
|
|
M_RES(mp)->tr_attrsetrt.tr_logres * args.total;
|
|
|
|
tres.tr_logcount = XFS_ATTRSET_LOG_COUNT;
|
|
|
|
tres.tr_logflags = XFS_TRANS_PERM_LOG_RES;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Root fork attributes can use reserved data blocks for this
|
|
|
|
* operation if necessary
|
|
|
|
*/
|
2016-04-06 07:19:55 +08:00
|
|
|
error = xfs_trans_alloc(mp, &tres, args.total, 0,
|
|
|
|
rsvd ? XFS_TRANS_RESERVE : 0, &args.trans);
|
|
|
|
if (error)
|
2014-05-13 14:34:14 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2016-04-06 07:19:55 +08:00
|
|
|
xfs_ilock(dp, XFS_ILOCK_EXCL);
|
2009-06-08 21:33:32 +08:00
|
|
|
error = xfs_trans_reserve_quota_nblks(args.trans, dp, args.total, 0,
|
2008-08-13 14:03:35 +08:00
|
|
|
rsvd ? XFS_QMOPT_RES_REGBLKS | XFS_QMOPT_FORCE_RES :
|
|
|
|
XFS_QMOPT_RES_REGBLKS);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error) {
|
|
|
|
xfs_iunlock(dp, XFS_ILOCK_EXCL);
|
2015-06-04 11:47:56 +08:00
|
|
|
xfs_trans_cancel(args.trans);
|
2014-05-13 14:34:14 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
2011-09-19 23:00:54 +08:00
|
|
|
xfs_trans_ijoin(args.trans, dp, 0);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/*
|
2006-03-29 06:55:14 +08:00
|
|
|
* If the attribute list is non-existent or a shortform list,
|
2005-04-17 06:20:36 +08:00
|
|
|
* upgrade it to a single-leaf-block attribute list.
|
|
|
|
*/
|
2014-05-13 14:34:14 +08:00
|
|
|
if (dp->i_d.di_aformat == XFS_DINODE_FMT_LOCAL ||
|
|
|
|
(dp->i_d.di_aformat == XFS_DINODE_FMT_EXTENTS &&
|
|
|
|
dp->i_d.di_anextents == 0)) {
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Build initial attribute list (if required).
|
|
|
|
*/
|
|
|
|
if (dp->i_d.di_aformat == XFS_DINODE_FMT_EXTENTS)
|
2005-11-02 07:34:53 +08:00
|
|
|
xfs_attr_shortform_create(&args);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Try to add the attr to the attribute list in
|
|
|
|
* the inode.
|
|
|
|
*/
|
|
|
|
error = xfs_attr_shortform_addname(&args);
|
2014-06-25 12:58:08 +08:00
|
|
|
if (error != -ENOSPC) {
|
2005-04-17 06:20:36 +08:00
|
|
|
/*
|
|
|
|
* Commit the shortform mods, and we're done.
|
|
|
|
* NOTE: this is also the error path (EEXIST, etc).
|
|
|
|
*/
|
|
|
|
ASSERT(args.trans != NULL);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If this is a synchronous mount, make sure that
|
|
|
|
* the transaction goes to disk before returning
|
|
|
|
* to the user.
|
|
|
|
*/
|
2014-05-13 14:34:14 +08:00
|
|
|
if (mp->m_flags & XFS_MOUNT_WSYNC)
|
2005-04-17 06:20:36 +08:00
|
|
|
xfs_trans_set_sync(args.trans);
|
2010-09-28 10:27:25 +08:00
|
|
|
|
|
|
|
if (!error && (flags & ATTR_KERNOTIME) == 0) {
|
|
|
|
xfs_trans_ichgtime(args.trans, dp,
|
|
|
|
XFS_ICHGTIME_CHG);
|
|
|
|
}
|
2015-06-04 11:48:08 +08:00
|
|
|
err2 = xfs_trans_commit(args.trans);
|
2005-04-17 06:20:36 +08:00
|
|
|
xfs_iunlock(dp, XFS_ILOCK_EXCL);
|
|
|
|
|
2014-05-13 14:34:14 +08:00
|
|
|
return error ? error : err2;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* It won't fit in the shortform, transform to a leaf block.
|
|
|
|
* GROT: another possible req'mt for a double-split btree op.
|
|
|
|
*/
|
2016-08-03 09:19:29 +08:00
|
|
|
xfs_defer_init(args.dfops, args.firstblock);
|
2005-04-17 06:20:36 +08:00
|
|
|
error = xfs_attr_shortform_to_leaf(&args);
|
xfs: eliminate committed arg from xfs_bmap_finish
Calls to xfs_bmap_finish() and xfs_trans_ijoin(), and the
associated comments were replicated several times across
the attribute code, all dealing with what to do if the
transaction was or wasn't committed.
And in that replicated code, an ASSERT() test of an
uninitialized variable occurs in several locations:
error = xfs_attr_thing(&args);
if (!error) {
error = xfs_bmap_finish(&args.trans, args.flist,
&committed);
}
if (error) {
ASSERT(committed);
If the first xfs_attr_thing() failed, we'd skip the xfs_bmap_finish,
never set "committed", and then test it in the ASSERT.
Fix this up by moving the committed state internal to xfs_bmap_finish,
and add a new inode argument. If an inode is passed in, it is passed
through to __xfs_trans_roll() and joined to the transaction there if
the transaction was committed.
xfs_qm_dqalloc() was a little unique in that it called bjoin rather
than ijoin, but as Dave points out we can detect the committed state
but checking whether (*tpp != tp).
Addresses-Coverity-Id: 102360
Addresses-Coverity-Id: 102361
Addresses-Coverity-Id: 102363
Addresses-Coverity-Id: 102364
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2016-01-11 08:34:01 +08:00
|
|
|
if (!error)
|
2016-08-03 09:19:29 +08:00
|
|
|
error = xfs_defer_finish(&args.trans, args.dfops, dp);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error) {
|
|
|
|
args.trans = NULL;
|
2016-08-03 09:19:29 +08:00
|
|
|
xfs_defer_cancel(&dfops);
|
2005-04-17 06:20:36 +08:00
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Commit the leaf transformation. We'll need another (linked)
|
|
|
|
* transaction to add the new attribute to the leaf.
|
|
|
|
*/
|
2008-08-13 14:05:49 +08:00
|
|
|
|
|
|
|
error = xfs_trans_roll(&args.trans, dp);
|
|
|
|
if (error)
|
2005-04-17 06:20:36 +08:00
|
|
|
goto out;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
2014-05-13 14:34:14 +08:00
|
|
|
if (xfs_bmap_one_block(dp, XFS_ATTR_FORK))
|
2005-04-17 06:20:36 +08:00
|
|
|
error = xfs_attr_leaf_addname(&args);
|
2014-05-13 14:34:14 +08:00
|
|
|
else
|
2005-04-17 06:20:36 +08:00
|
|
|
error = xfs_attr_node_addname(&args);
|
2014-05-13 14:34:14 +08:00
|
|
|
if (error)
|
2005-04-17 06:20:36 +08:00
|
|
|
goto out;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If this is a synchronous mount, make sure that the
|
|
|
|
* transaction goes to disk before returning to the user.
|
|
|
|
*/
|
2014-05-13 14:34:14 +08:00
|
|
|
if (mp->m_flags & XFS_MOUNT_WSYNC)
|
2005-04-17 06:20:36 +08:00
|
|
|
xfs_trans_set_sync(args.trans);
|
|
|
|
|
2010-09-28 10:27:25 +08:00
|
|
|
if ((flags & ATTR_KERNOTIME) == 0)
|
|
|
|
xfs_trans_ichgtime(args.trans, dp, XFS_ICHGTIME_CHG);
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
/*
|
|
|
|
* Commit the last in the sequence of transactions.
|
|
|
|
*/
|
|
|
|
xfs_trans_log_inode(args.trans, dp, XFS_ILOG_CORE);
|
2015-06-04 11:48:08 +08:00
|
|
|
error = xfs_trans_commit(args.trans);
|
2005-04-17 06:20:36 +08:00
|
|
|
xfs_iunlock(dp, XFS_ILOCK_EXCL);
|
|
|
|
|
2014-05-13 14:34:14 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
out:
|
2015-06-04 11:47:56 +08:00
|
|
|
if (args.trans)
|
|
|
|
xfs_trans_cancel(args.trans);
|
2005-04-17 06:20:36 +08:00
|
|
|
xfs_iunlock(dp, XFS_ILOCK_EXCL);
|
2014-05-13 14:34:14 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
2005-11-02 07:33:33 +08:00
|
|
|
/*
|
|
|
|
* Generic handler routine to remove a name from an attribute list.
|
|
|
|
* Transitions attribute list from Btree to shortform as necessary.
|
|
|
|
*/
|
|
|
|
int
|
2014-05-13 14:34:33 +08:00
|
|
|
xfs_attr_remove(
|
|
|
|
struct xfs_inode *dp,
|
|
|
|
const unsigned char *name,
|
|
|
|
int flags)
|
2005-04-17 06:20:36 +08:00
|
|
|
{
|
2014-05-13 14:34:33 +08:00
|
|
|
struct xfs_mount *mp = dp->i_mount;
|
|
|
|
struct xfs_da_args args;
|
2016-08-03 09:19:29 +08:00
|
|
|
struct xfs_defer_ops dfops;
|
2014-05-13 14:34:33 +08:00
|
|
|
xfs_fsblock_t firstblock;
|
|
|
|
int error;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2015-10-12 15:21:22 +08:00
|
|
|
XFS_STATS_INC(mp, xs_attr_remove);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2005-11-02 07:33:33 +08:00
|
|
|
if (XFS_FORCED_SHUTDOWN(dp->i_mount))
|
2014-06-25 12:58:08 +08:00
|
|
|
return -EIO;
|
2014-05-13 14:34:33 +08:00
|
|
|
|
2014-05-13 14:34:43 +08:00
|
|
|
error = xfs_attr_args_init(&args, dp, name, flags);
|
2008-04-22 15:34:31 +08:00
|
|
|
if (error)
|
|
|
|
return error;
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
args.firstblock = &firstblock;
|
2016-08-03 09:19:29 +08:00
|
|
|
args.dfops = &dfops;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2011-06-23 09:35:01 +08:00
|
|
|
/*
|
|
|
|
* we have no control over the attribute names that userspace passes us
|
|
|
|
* to remove, so we have to allow the name lookup prior to attribute
|
|
|
|
* removal to fail.
|
|
|
|
*/
|
|
|
|
args.op_flags = XFS_DA_OP_OKNOENT;
|
|
|
|
|
2009-06-08 21:33:32 +08:00
|
|
|
error = xfs_qm_dqattach(dp, 0);
|
|
|
|
if (error)
|
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Root fork attributes can use reserved data blocks for this
|
|
|
|
* operation if necessary
|
|
|
|
*/
|
2016-04-06 07:19:55 +08:00
|
|
|
error = xfs_trans_alloc(mp, &M_RES(mp)->tr_attrrm,
|
|
|
|
XFS_ATTRRM_SPACE_RES(mp), 0,
|
|
|
|
(flags & ATTR_ROOT) ? XFS_TRANS_RESERVE : 0,
|
|
|
|
&args.trans);
|
|
|
|
if (error)
|
2014-05-13 14:34:33 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
xfs_ilock(dp, XFS_ILOCK_EXCL);
|
|
|
|
/*
|
|
|
|
* No need to make quota reservations here. We expect to release some
|
|
|
|
* blocks not allocate in the common case.
|
|
|
|
*/
|
2011-09-19 23:00:54 +08:00
|
|
|
xfs_trans_ijoin(args.trans, dp, 0);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2008-06-23 11:23:41 +08:00
|
|
|
if (!xfs_inode_hasattr(dp)) {
|
2014-06-25 12:58:08 +08:00
|
|
|
error = -ENOATTR;
|
2014-05-13 14:34:33 +08:00
|
|
|
} else if (dp->i_d.di_aformat == XFS_DINODE_FMT_LOCAL) {
|
2005-04-17 06:20:36 +08:00
|
|
|
ASSERT(dp->i_afp->if_flags & XFS_IFINLINE);
|
|
|
|
error = xfs_attr_shortform_remove(&args);
|
|
|
|
} else if (xfs_bmap_one_block(dp, XFS_ATTR_FORK)) {
|
|
|
|
error = xfs_attr_leaf_removename(&args);
|
|
|
|
} else {
|
|
|
|
error = xfs_attr_node_removename(&args);
|
|
|
|
}
|
2014-05-13 14:34:33 +08:00
|
|
|
|
|
|
|
if (error)
|
2005-04-17 06:20:36 +08:00
|
|
|
goto out;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If this is a synchronous mount, make sure that the
|
|
|
|
* transaction goes to disk before returning to the user.
|
|
|
|
*/
|
2014-05-13 14:34:33 +08:00
|
|
|
if (mp->m_flags & XFS_MOUNT_WSYNC)
|
2005-04-17 06:20:36 +08:00
|
|
|
xfs_trans_set_sync(args.trans);
|
|
|
|
|
2010-09-28 10:27:25 +08:00
|
|
|
if ((flags & ATTR_KERNOTIME) == 0)
|
|
|
|
xfs_trans_ichgtime(args.trans, dp, XFS_ICHGTIME_CHG);
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
/*
|
|
|
|
* Commit the last in the sequence of transactions.
|
|
|
|
*/
|
|
|
|
xfs_trans_log_inode(args.trans, dp, XFS_ILOG_CORE);
|
2015-06-04 11:48:08 +08:00
|
|
|
error = xfs_trans_commit(args.trans);
|
2005-04-17 06:20:36 +08:00
|
|
|
xfs_iunlock(dp, XFS_ILOCK_EXCL);
|
|
|
|
|
2014-05-13 14:34:33 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
out:
|
2015-06-04 11:47:56 +08:00
|
|
|
if (args.trans)
|
|
|
|
xfs_trans_cancel(args.trans);
|
2014-05-13 14:34:33 +08:00
|
|
|
xfs_iunlock(dp, XFS_ILOCK_EXCL);
|
|
|
|
return error;
|
2005-11-02 07:33:33 +08:00
|
|
|
}
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
/*========================================================================
|
|
|
|
* External routines when attribute list is inside the inode
|
|
|
|
*========================================================================*/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Add a name to the shortform attribute list structure
|
|
|
|
* This is the external routine.
|
|
|
|
*/
|
|
|
|
STATIC int
|
|
|
|
xfs_attr_shortform_addname(xfs_da_args_t *args)
|
|
|
|
{
|
2005-11-02 07:34:53 +08:00
|
|
|
int newsize, forkoff, retval;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2012-03-22 13:15:13 +08:00
|
|
|
trace_xfs_attr_sf_addname(args);
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
retval = xfs_attr_shortform_lookup(args);
|
2014-06-25 12:58:08 +08:00
|
|
|
if ((args->flags & ATTR_REPLACE) && (retval == -ENOATTR)) {
|
2014-06-22 13:03:54 +08:00
|
|
|
return retval;
|
2014-06-25 12:58:08 +08:00
|
|
|
} else if (retval == -EEXIST) {
|
2005-04-17 06:20:36 +08:00
|
|
|
if (args->flags & ATTR_CREATE)
|
2014-06-22 13:03:54 +08:00
|
|
|
return retval;
|
2005-04-17 06:20:36 +08:00
|
|
|
retval = xfs_attr_shortform_remove(args);
|
|
|
|
ASSERT(retval == 0);
|
|
|
|
}
|
|
|
|
|
2005-11-02 07:34:53 +08:00
|
|
|
if (args->namelen >= XFS_ATTR_SF_ENTSIZE_MAX ||
|
|
|
|
args->valuelen >= XFS_ATTR_SF_ENTSIZE_MAX)
|
2014-06-25 12:58:08 +08:00
|
|
|
return -ENOSPC;
|
2005-11-02 07:34:53 +08:00
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
newsize = XFS_ATTR_SF_TOTSIZE(args->dp);
|
|
|
|
newsize += XFS_ATTR_SF_ENTSIZE_BYNAME(args->namelen, args->valuelen);
|
2005-11-02 07:34:53 +08:00
|
|
|
|
|
|
|
forkoff = xfs_attr_shortform_bytesfit(args->dp, newsize);
|
|
|
|
if (!forkoff)
|
2014-06-25 12:58:08 +08:00
|
|
|
return -ENOSPC;
|
2005-11-02 07:34:53 +08:00
|
|
|
|
|
|
|
xfs_attr_shortform_add(args, forkoff);
|
2014-06-22 13:03:54 +08:00
|
|
|
return 0;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*========================================================================
|
|
|
|
* External routines when attribute list is one block
|
|
|
|
*========================================================================*/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Add a name to the leaf attribute list structure
|
|
|
|
*
|
|
|
|
* This leaf block cannot have a "remote" value, we only call this routine
|
|
|
|
* if bmap_one_block() says there is only one block (ie: no remote blks).
|
|
|
|
*/
|
2007-11-23 13:28:09 +08:00
|
|
|
STATIC int
|
2005-04-17 06:20:36 +08:00
|
|
|
xfs_attr_leaf_addname(xfs_da_args_t *args)
|
|
|
|
{
|
|
|
|
xfs_inode_t *dp;
|
2012-06-22 16:50:14 +08:00
|
|
|
struct xfs_buf *bp;
|
xfs: eliminate committed arg from xfs_bmap_finish
Calls to xfs_bmap_finish() and xfs_trans_ijoin(), and the
associated comments were replicated several times across
the attribute code, all dealing with what to do if the
transaction was or wasn't committed.
And in that replicated code, an ASSERT() test of an
uninitialized variable occurs in several locations:
error = xfs_attr_thing(&args);
if (!error) {
error = xfs_bmap_finish(&args.trans, args.flist,
&committed);
}
if (error) {
ASSERT(committed);
If the first xfs_attr_thing() failed, we'd skip the xfs_bmap_finish,
never set "committed", and then test it in the ASSERT.
Fix this up by moving the committed state internal to xfs_bmap_finish,
and add a new inode argument. If an inode is passed in, it is passed
through to __xfs_trans_roll() and joined to the transaction there if
the transaction was committed.
xfs_qm_dqalloc() was a little unique in that it called bjoin rather
than ijoin, but as Dave points out we can detect the committed state
but checking whether (*tpp != tp).
Addresses-Coverity-Id: 102360
Addresses-Coverity-Id: 102361
Addresses-Coverity-Id: 102363
Addresses-Coverity-Id: 102364
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2016-01-11 08:34:01 +08:00
|
|
|
int retval, error, forkoff;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2012-03-22 13:15:13 +08:00
|
|
|
trace_xfs_attr_leaf_addname(args);
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
/*
|
|
|
|
* Read the (only) block in the attribute list in.
|
|
|
|
*/
|
|
|
|
dp = args->dp;
|
|
|
|
args->blkno = 0;
|
2013-04-24 16:58:55 +08:00
|
|
|
error = xfs_attr3_leaf_read(args->trans, args->dp, args->blkno, -1, &bp);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error)
|
2012-11-12 19:54:16 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Look up the given attribute in the leaf block. Figure out if
|
|
|
|
* the given flags produce an error or call for an atomic rename.
|
|
|
|
*/
|
2013-04-24 16:58:55 +08:00
|
|
|
retval = xfs_attr3_leaf_lookup_int(bp, args);
|
2014-06-25 12:58:08 +08:00
|
|
|
if ((args->flags & ATTR_REPLACE) && (retval == -ENOATTR)) {
|
2012-06-22 16:50:14 +08:00
|
|
|
xfs_trans_brelse(args->trans, bp);
|
2013-04-24 16:58:55 +08:00
|
|
|
return retval;
|
2014-06-25 12:58:08 +08:00
|
|
|
} else if (retval == -EEXIST) {
|
2005-04-17 06:20:36 +08:00
|
|
|
if (args->flags & ATTR_CREATE) { /* pure create op */
|
2012-06-22 16:50:14 +08:00
|
|
|
xfs_trans_brelse(args->trans, bp);
|
2013-04-24 16:58:55 +08:00
|
|
|
return retval;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
2012-03-22 13:15:13 +08:00
|
|
|
|
|
|
|
trace_xfs_attr_leaf_replace(args);
|
|
|
|
|
xfs: remote attribute overwrite causes transaction overrun
Commit e461fcb ("xfs: remote attribute lookups require the value
length") passes the remote attribute length in the xfs_da_args
structure on lookup so that CRC calculations and validity checking
can be performed correctly by related code. This, unfortunately has
the side effect of changing the args->valuelen parameter in cases
where it shouldn't.
That is, when we replace a remote attribute, the incoming
replacement stores the value and length in args->value and
args->valuelen, but then the lookup which finds the existing remote
attribute overwrites args->valuelen with the length of the remote
attribute being replaced. Hence when we go to create the new
attribute, we create it of the size of the existing remote
attribute, not the size it is supposed to be. When the new attribute
is much smaller than the old attribute, this results in a
transaction overrun and an ASSERT() failure on a debug kernel:
XFS: Assertion failed: tp->t_blk_res_used <= tp->t_blk_res, file: fs/xfs/xfs_trans.c, line: 331
Fix this by keeping the remote attribute value length separate to
the attribute value length in the xfs_da_args structure. The enables
us to pass the length of the remote attribute to be removed without
overwriting the new attribute's length.
Also, ensure that when we save remote block contexts for a later
rename we zero the original state variables so that we don't confuse
the state of the attribute to be removes with the state of the new
attribute that we just added. [Spotted by Brain Foster.]
Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Brian Foster <bfoster@redhat.com>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2014-05-06 05:37:31 +08:00
|
|
|
/* save the attribute state for later removal*/
|
2008-05-21 14:42:05 +08:00
|
|
|
args->op_flags |= XFS_DA_OP_RENAME; /* an atomic rename */
|
2005-04-17 06:20:36 +08:00
|
|
|
args->blkno2 = args->blkno; /* set 2nd entry info*/
|
|
|
|
args->index2 = args->index;
|
|
|
|
args->rmtblkno2 = args->rmtblkno;
|
|
|
|
args->rmtblkcnt2 = args->rmtblkcnt;
|
xfs: remote attribute overwrite causes transaction overrun
Commit e461fcb ("xfs: remote attribute lookups require the value
length") passes the remote attribute length in the xfs_da_args
structure on lookup so that CRC calculations and validity checking
can be performed correctly by related code. This, unfortunately has
the side effect of changing the args->valuelen parameter in cases
where it shouldn't.
That is, when we replace a remote attribute, the incoming
replacement stores the value and length in args->value and
args->valuelen, but then the lookup which finds the existing remote
attribute overwrites args->valuelen with the length of the remote
attribute being replaced. Hence when we go to create the new
attribute, we create it of the size of the existing remote
attribute, not the size it is supposed to be. When the new attribute
is much smaller than the old attribute, this results in a
transaction overrun and an ASSERT() failure on a debug kernel:
XFS: Assertion failed: tp->t_blk_res_used <= tp->t_blk_res, file: fs/xfs/xfs_trans.c, line: 331
Fix this by keeping the remote attribute value length separate to
the attribute value length in the xfs_da_args structure. The enables
us to pass the length of the remote attribute to be removed without
overwriting the new attribute's length.
Also, ensure that when we save remote block contexts for a later
rename we zero the original state variables so that we don't confuse
the state of the attribute to be removes with the state of the new
attribute that we just added. [Spotted by Brain Foster.]
Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Brian Foster <bfoster@redhat.com>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2014-05-06 05:37:31 +08:00
|
|
|
args->rmtvaluelen2 = args->rmtvaluelen;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* clear the remote attr state now that it is saved so that the
|
|
|
|
* values reflect the state of the attribute we are about to
|
|
|
|
* add, not the attribute we just found and will remove later.
|
|
|
|
*/
|
|
|
|
args->rmtblkno = 0;
|
|
|
|
args->rmtblkcnt = 0;
|
|
|
|
args->rmtvaluelen = 0;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Add the attribute to the leaf block, transitioning to a Btree
|
|
|
|
* if required.
|
|
|
|
*/
|
2013-04-24 16:58:55 +08:00
|
|
|
retval = xfs_attr3_leaf_add(bp, args);
|
2014-06-25 12:58:08 +08:00
|
|
|
if (retval == -ENOSPC) {
|
2005-04-17 06:20:36 +08:00
|
|
|
/*
|
|
|
|
* Promote the attribute list to the Btree format, then
|
|
|
|
* Commit that transaction so that the node_addname() call
|
|
|
|
* can manage its own transactions.
|
|
|
|
*/
|
2016-08-03 09:19:29 +08:00
|
|
|
xfs_defer_init(args->dfops, args->firstblock);
|
2013-04-24 16:58:55 +08:00
|
|
|
error = xfs_attr3_leaf_to_node(args);
|
xfs: eliminate committed arg from xfs_bmap_finish
Calls to xfs_bmap_finish() and xfs_trans_ijoin(), and the
associated comments were replicated several times across
the attribute code, all dealing with what to do if the
transaction was or wasn't committed.
And in that replicated code, an ASSERT() test of an
uninitialized variable occurs in several locations:
error = xfs_attr_thing(&args);
if (!error) {
error = xfs_bmap_finish(&args.trans, args.flist,
&committed);
}
if (error) {
ASSERT(committed);
If the first xfs_attr_thing() failed, we'd skip the xfs_bmap_finish,
never set "committed", and then test it in the ASSERT.
Fix this up by moving the committed state internal to xfs_bmap_finish,
and add a new inode argument. If an inode is passed in, it is passed
through to __xfs_trans_roll() and joined to the transaction there if
the transaction was committed.
xfs_qm_dqalloc() was a little unique in that it called bjoin rather
than ijoin, but as Dave points out we can detect the committed state
but checking whether (*tpp != tp).
Addresses-Coverity-Id: 102360
Addresses-Coverity-Id: 102361
Addresses-Coverity-Id: 102363
Addresses-Coverity-Id: 102364
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2016-01-11 08:34:01 +08:00
|
|
|
if (!error)
|
2016-08-03 09:19:29 +08:00
|
|
|
error = xfs_defer_finish(&args->trans, args->dfops, dp);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error) {
|
|
|
|
args->trans = NULL;
|
2016-08-03 09:19:29 +08:00
|
|
|
xfs_defer_cancel(args->dfops);
|
2014-06-22 13:03:54 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Commit the current trans (including the inode) and start
|
|
|
|
* a new one.
|
|
|
|
*/
|
2008-08-13 14:05:49 +08:00
|
|
|
error = xfs_trans_roll(&args->trans, dp);
|
|
|
|
if (error)
|
2014-06-22 13:03:54 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Fob the whole rest of the problem off on the Btree code.
|
|
|
|
*/
|
|
|
|
error = xfs_attr_node_addname(args);
|
2014-06-22 13:03:54 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Commit the transaction that added the attr name so that
|
|
|
|
* later routines can manage their own transactions.
|
|
|
|
*/
|
2008-08-13 14:05:49 +08:00
|
|
|
error = xfs_trans_roll(&args->trans, dp);
|
|
|
|
if (error)
|
2014-06-22 13:03:54 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If there was an out-of-line value, allocate the blocks we
|
|
|
|
* identified for its storage and copy the value. This is done
|
|
|
|
* after we create the attribute so that we don't overflow the
|
|
|
|
* maximum size of a transaction and/or hit a deadlock.
|
|
|
|
*/
|
|
|
|
if (args->rmtblkno > 0) {
|
|
|
|
error = xfs_attr_rmtval_set(args);
|
|
|
|
if (error)
|
2014-06-22 13:03:54 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If this is an atomic rename operation, we must "flip" the
|
|
|
|
* incomplete flags on the "new" and "old" attribute/value pairs
|
|
|
|
* so that one disappears and one appears atomically. Then we
|
|
|
|
* must remove the "old" attribute/value pair.
|
|
|
|
*/
|
2008-05-21 14:42:05 +08:00
|
|
|
if (args->op_flags & XFS_DA_OP_RENAME) {
|
2005-04-17 06:20:36 +08:00
|
|
|
/*
|
|
|
|
* In a separate transaction, set the incomplete flag on the
|
|
|
|
* "old" attr and clear the incomplete flag on the "new" attr.
|
|
|
|
*/
|
2013-04-24 16:58:55 +08:00
|
|
|
error = xfs_attr3_leaf_flipflags(args);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error)
|
2014-06-22 13:03:54 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Dismantle the "old" attribute/value pair by removing
|
|
|
|
* a "remote" value (if it exists).
|
|
|
|
*/
|
|
|
|
args->index = args->index2;
|
|
|
|
args->blkno = args->blkno2;
|
|
|
|
args->rmtblkno = args->rmtblkno2;
|
|
|
|
args->rmtblkcnt = args->rmtblkcnt2;
|
xfs: remote attribute overwrite causes transaction overrun
Commit e461fcb ("xfs: remote attribute lookups require the value
length") passes the remote attribute length in the xfs_da_args
structure on lookup so that CRC calculations and validity checking
can be performed correctly by related code. This, unfortunately has
the side effect of changing the args->valuelen parameter in cases
where it shouldn't.
That is, when we replace a remote attribute, the incoming
replacement stores the value and length in args->value and
args->valuelen, but then the lookup which finds the existing remote
attribute overwrites args->valuelen with the length of the remote
attribute being replaced. Hence when we go to create the new
attribute, we create it of the size of the existing remote
attribute, not the size it is supposed to be. When the new attribute
is much smaller than the old attribute, this results in a
transaction overrun and an ASSERT() failure on a debug kernel:
XFS: Assertion failed: tp->t_blk_res_used <= tp->t_blk_res, file: fs/xfs/xfs_trans.c, line: 331
Fix this by keeping the remote attribute value length separate to
the attribute value length in the xfs_da_args structure. The enables
us to pass the length of the remote attribute to be removed without
overwriting the new attribute's length.
Also, ensure that when we save remote block contexts for a later
rename we zero the original state variables so that we don't confuse
the state of the attribute to be removes with the state of the new
attribute that we just added. [Spotted by Brain Foster.]
Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Brian Foster <bfoster@redhat.com>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2014-05-06 05:37:31 +08:00
|
|
|
args->rmtvaluelen = args->rmtvaluelen2;
|
2005-04-17 06:20:36 +08:00
|
|
|
if (args->rmtblkno) {
|
|
|
|
error = xfs_attr_rmtval_remove(args);
|
|
|
|
if (error)
|
2014-06-22 13:03:54 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Read in the block containing the "old" attr, then
|
|
|
|
* remove the "old" attr from that block (neat, huh!)
|
|
|
|
*/
|
2013-04-24 16:58:55 +08:00
|
|
|
error = xfs_attr3_leaf_read(args->trans, args->dp, args->blkno,
|
2012-11-12 19:54:16 +08:00
|
|
|
-1, &bp);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error)
|
2012-11-12 19:54:16 +08:00
|
|
|
return error;
|
|
|
|
|
2013-04-24 16:58:55 +08:00
|
|
|
xfs_attr3_leaf_remove(bp, args);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If the result is small enough, shrink it all into the inode.
|
|
|
|
*/
|
2005-11-02 07:34:53 +08:00
|
|
|
if ((forkoff = xfs_attr_shortform_allfit(bp, dp))) {
|
2016-08-03 09:19:29 +08:00
|
|
|
xfs_defer_init(args->dfops, args->firstblock);
|
2013-04-24 16:58:55 +08:00
|
|
|
error = xfs_attr3_leaf_to_shortform(bp, args, forkoff);
|
2005-04-17 06:20:36 +08:00
|
|
|
/* bp is gone due to xfs_da_shrink_inode */
|
xfs: eliminate committed arg from xfs_bmap_finish
Calls to xfs_bmap_finish() and xfs_trans_ijoin(), and the
associated comments were replicated several times across
the attribute code, all dealing with what to do if the
transaction was or wasn't committed.
And in that replicated code, an ASSERT() test of an
uninitialized variable occurs in several locations:
error = xfs_attr_thing(&args);
if (!error) {
error = xfs_bmap_finish(&args.trans, args.flist,
&committed);
}
if (error) {
ASSERT(committed);
If the first xfs_attr_thing() failed, we'd skip the xfs_bmap_finish,
never set "committed", and then test it in the ASSERT.
Fix this up by moving the committed state internal to xfs_bmap_finish,
and add a new inode argument. If an inode is passed in, it is passed
through to __xfs_trans_roll() and joined to the transaction there if
the transaction was committed.
xfs_qm_dqalloc() was a little unique in that it called bjoin rather
than ijoin, but as Dave points out we can detect the committed state
but checking whether (*tpp != tp).
Addresses-Coverity-Id: 102360
Addresses-Coverity-Id: 102361
Addresses-Coverity-Id: 102363
Addresses-Coverity-Id: 102364
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2016-01-11 08:34:01 +08:00
|
|
|
if (!error)
|
2016-08-03 09:18:10 +08:00
|
|
|
error = xfs_defer_finish(&args->trans,
|
2016-08-03 09:19:29 +08:00
|
|
|
args->dfops, dp);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error) {
|
|
|
|
args->trans = NULL;
|
2016-08-03 09:19:29 +08:00
|
|
|
xfs_defer_cancel(args->dfops);
|
2014-06-22 13:03:54 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
2012-06-22 16:50:14 +08:00
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Commit the remove and start the next trans in series.
|
|
|
|
*/
|
2008-08-13 14:05:49 +08:00
|
|
|
error = xfs_trans_roll(&args->trans, dp);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
} else if (args->rmtblkno > 0) {
|
|
|
|
/*
|
|
|
|
* Added a "remote" value, just clear the incomplete flag.
|
|
|
|
*/
|
2013-04-24 16:58:55 +08:00
|
|
|
error = xfs_attr3_leaf_clearflag(args);
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
2013-04-24 16:58:55 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Remove a name from the leaf attribute list structure
|
|
|
|
*
|
|
|
|
* This leaf block cannot have a "remote" value, we only call this routine
|
|
|
|
* if bmap_one_block() says there is only one block (ie: no remote blks).
|
|
|
|
*/
|
|
|
|
STATIC int
|
|
|
|
xfs_attr_leaf_removename(xfs_da_args_t *args)
|
|
|
|
{
|
|
|
|
xfs_inode_t *dp;
|
2012-06-22 16:50:14 +08:00
|
|
|
struct xfs_buf *bp;
|
xfs: eliminate committed arg from xfs_bmap_finish
Calls to xfs_bmap_finish() and xfs_trans_ijoin(), and the
associated comments were replicated several times across
the attribute code, all dealing with what to do if the
transaction was or wasn't committed.
And in that replicated code, an ASSERT() test of an
uninitialized variable occurs in several locations:
error = xfs_attr_thing(&args);
if (!error) {
error = xfs_bmap_finish(&args.trans, args.flist,
&committed);
}
if (error) {
ASSERT(committed);
If the first xfs_attr_thing() failed, we'd skip the xfs_bmap_finish,
never set "committed", and then test it in the ASSERT.
Fix this up by moving the committed state internal to xfs_bmap_finish,
and add a new inode argument. If an inode is passed in, it is passed
through to __xfs_trans_roll() and joined to the transaction there if
the transaction was committed.
xfs_qm_dqalloc() was a little unique in that it called bjoin rather
than ijoin, but as Dave points out we can detect the committed state
but checking whether (*tpp != tp).
Addresses-Coverity-Id: 102360
Addresses-Coverity-Id: 102361
Addresses-Coverity-Id: 102363
Addresses-Coverity-Id: 102364
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2016-01-11 08:34:01 +08:00
|
|
|
int error, forkoff;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2012-03-22 13:15:13 +08:00
|
|
|
trace_xfs_attr_leaf_removename(args);
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
/*
|
|
|
|
* Remove the attribute.
|
|
|
|
*/
|
|
|
|
dp = args->dp;
|
|
|
|
args->blkno = 0;
|
2013-04-24 16:58:55 +08:00
|
|
|
error = xfs_attr3_leaf_read(args->trans, args->dp, args->blkno, -1, &bp);
|
2012-11-12 19:54:16 +08:00
|
|
|
if (error)
|
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2013-04-24 16:58:55 +08:00
|
|
|
error = xfs_attr3_leaf_lookup_int(bp, args);
|
2014-06-25 12:58:08 +08:00
|
|
|
if (error == -ENOATTR) {
|
2012-06-22 16:50:14 +08:00
|
|
|
xfs_trans_brelse(args->trans, bp);
|
2013-04-24 16:58:55 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
2013-04-24 16:58:55 +08:00
|
|
|
xfs_attr3_leaf_remove(bp, args);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If the result is small enough, shrink it all into the inode.
|
|
|
|
*/
|
2005-11-02 07:34:53 +08:00
|
|
|
if ((forkoff = xfs_attr_shortform_allfit(bp, dp))) {
|
2016-08-03 09:19:29 +08:00
|
|
|
xfs_defer_init(args->dfops, args->firstblock);
|
2013-04-24 16:58:55 +08:00
|
|
|
error = xfs_attr3_leaf_to_shortform(bp, args, forkoff);
|
2005-04-17 06:20:36 +08:00
|
|
|
/* bp is gone due to xfs_da_shrink_inode */
|
xfs: eliminate committed arg from xfs_bmap_finish
Calls to xfs_bmap_finish() and xfs_trans_ijoin(), and the
associated comments were replicated several times across
the attribute code, all dealing with what to do if the
transaction was or wasn't committed.
And in that replicated code, an ASSERT() test of an
uninitialized variable occurs in several locations:
error = xfs_attr_thing(&args);
if (!error) {
error = xfs_bmap_finish(&args.trans, args.flist,
&committed);
}
if (error) {
ASSERT(committed);
If the first xfs_attr_thing() failed, we'd skip the xfs_bmap_finish,
never set "committed", and then test it in the ASSERT.
Fix this up by moving the committed state internal to xfs_bmap_finish,
and add a new inode argument. If an inode is passed in, it is passed
through to __xfs_trans_roll() and joined to the transaction there if
the transaction was committed.
xfs_qm_dqalloc() was a little unique in that it called bjoin rather
than ijoin, but as Dave points out we can detect the committed state
but checking whether (*tpp != tp).
Addresses-Coverity-Id: 102360
Addresses-Coverity-Id: 102361
Addresses-Coverity-Id: 102363
Addresses-Coverity-Id: 102364
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2016-01-11 08:34:01 +08:00
|
|
|
if (!error)
|
2016-08-03 09:19:29 +08:00
|
|
|
error = xfs_defer_finish(&args->trans, args->dfops, dp);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error) {
|
|
|
|
args->trans = NULL;
|
2016-08-03 09:19:29 +08:00
|
|
|
xfs_defer_cancel(args->dfops);
|
2013-04-24 16:58:55 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
2012-06-22 16:50:14 +08:00
|
|
|
}
|
2013-04-24 16:58:55 +08:00
|
|
|
return 0;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Look up a name in a leaf attribute list structure.
|
|
|
|
*
|
|
|
|
* This leaf block cannot have a "remote" value, we only call this routine
|
|
|
|
* if bmap_one_block() says there is only one block (ie: no remote blks).
|
|
|
|
*/
|
2005-06-21 13:36:52 +08:00
|
|
|
STATIC int
|
2005-04-17 06:20:36 +08:00
|
|
|
xfs_attr_leaf_get(xfs_da_args_t *args)
|
|
|
|
{
|
2012-06-22 16:50:14 +08:00
|
|
|
struct xfs_buf *bp;
|
2005-04-17 06:20:36 +08:00
|
|
|
int error;
|
|
|
|
|
2012-11-12 19:53:53 +08:00
|
|
|
trace_xfs_attr_leaf_get(args);
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
args->blkno = 0;
|
2013-04-24 16:58:55 +08:00
|
|
|
error = xfs_attr3_leaf_read(args->trans, args->dp, args->blkno, -1, &bp);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error)
|
2012-11-12 19:54:16 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2013-04-24 16:58:55 +08:00
|
|
|
error = xfs_attr3_leaf_lookup_int(bp, args);
|
2014-06-25 12:58:08 +08:00
|
|
|
if (error != -EEXIST) {
|
2012-06-22 16:50:14 +08:00
|
|
|
xfs_trans_brelse(args->trans, bp);
|
2013-04-24 16:58:55 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
2013-04-24 16:58:55 +08:00
|
|
|
error = xfs_attr3_leaf_getvalue(bp, args);
|
2012-06-22 16:50:14 +08:00
|
|
|
xfs_trans_brelse(args->trans, bp);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (!error && (args->rmtblkno > 0) && !(args->flags & ATTR_KERNOVAL)) {
|
|
|
|
error = xfs_attr_rmtval_get(args);
|
|
|
|
}
|
2013-04-24 16:58:55 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/*========================================================================
|
2014-06-06 13:21:45 +08:00
|
|
|
* External routines when attribute list size > geo->blksize
|
2005-04-17 06:20:36 +08:00
|
|
|
*========================================================================*/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Add a name to a Btree-format attribute list.
|
|
|
|
*
|
|
|
|
* This will involve walking down the Btree, and may involve splitting
|
|
|
|
* leaf nodes and even splitting intermediate nodes up to and including
|
|
|
|
* the root node (a special case of an intermediate node).
|
|
|
|
*
|
|
|
|
* "Remote" attribute values confuse the issue and atomic rename operations
|
|
|
|
* add a whole extra layer of confusion on top of that.
|
|
|
|
*/
|
|
|
|
STATIC int
|
|
|
|
xfs_attr_node_addname(xfs_da_args_t *args)
|
|
|
|
{
|
|
|
|
xfs_da_state_t *state;
|
|
|
|
xfs_da_state_blk_t *blk;
|
|
|
|
xfs_inode_t *dp;
|
|
|
|
xfs_mount_t *mp;
|
xfs: eliminate committed arg from xfs_bmap_finish
Calls to xfs_bmap_finish() and xfs_trans_ijoin(), and the
associated comments were replicated several times across
the attribute code, all dealing with what to do if the
transaction was or wasn't committed.
And in that replicated code, an ASSERT() test of an
uninitialized variable occurs in several locations:
error = xfs_attr_thing(&args);
if (!error) {
error = xfs_bmap_finish(&args.trans, args.flist,
&committed);
}
if (error) {
ASSERT(committed);
If the first xfs_attr_thing() failed, we'd skip the xfs_bmap_finish,
never set "committed", and then test it in the ASSERT.
Fix this up by moving the committed state internal to xfs_bmap_finish,
and add a new inode argument. If an inode is passed in, it is passed
through to __xfs_trans_roll() and joined to the transaction there if
the transaction was committed.
xfs_qm_dqalloc() was a little unique in that it called bjoin rather
than ijoin, but as Dave points out we can detect the committed state
but checking whether (*tpp != tp).
Addresses-Coverity-Id: 102360
Addresses-Coverity-Id: 102361
Addresses-Coverity-Id: 102363
Addresses-Coverity-Id: 102364
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2016-01-11 08:34:01 +08:00
|
|
|
int retval, error;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2012-03-22 13:15:13 +08:00
|
|
|
trace_xfs_attr_node_addname(args);
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
/*
|
|
|
|
* Fill in bucket of arguments/results/context to carry around.
|
|
|
|
*/
|
|
|
|
dp = args->dp;
|
|
|
|
mp = dp->i_mount;
|
|
|
|
restart:
|
|
|
|
state = xfs_da_state_alloc();
|
|
|
|
state->args = args;
|
|
|
|
state->mp = mp;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Search to see if name already exists, and get back a pointer
|
|
|
|
* to where it should go.
|
|
|
|
*/
|
2013-04-24 16:58:02 +08:00
|
|
|
error = xfs_da3_node_lookup_int(state, &retval);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error)
|
|
|
|
goto out;
|
|
|
|
blk = &state->path.blk[ state->path.active-1 ];
|
|
|
|
ASSERT(blk->magic == XFS_ATTR_LEAF_MAGIC);
|
2014-06-25 12:58:08 +08:00
|
|
|
if ((args->flags & ATTR_REPLACE) && (retval == -ENOATTR)) {
|
2005-04-17 06:20:36 +08:00
|
|
|
goto out;
|
2014-06-25 12:58:08 +08:00
|
|
|
} else if (retval == -EEXIST) {
|
2005-04-17 06:20:36 +08:00
|
|
|
if (args->flags & ATTR_CREATE)
|
|
|
|
goto out;
|
2012-03-22 13:15:13 +08:00
|
|
|
|
|
|
|
trace_xfs_attr_node_replace(args);
|
|
|
|
|
xfs: remote attribute overwrite causes transaction overrun
Commit e461fcb ("xfs: remote attribute lookups require the value
length") passes the remote attribute length in the xfs_da_args
structure on lookup so that CRC calculations and validity checking
can be performed correctly by related code. This, unfortunately has
the side effect of changing the args->valuelen parameter in cases
where it shouldn't.
That is, when we replace a remote attribute, the incoming
replacement stores the value and length in args->value and
args->valuelen, but then the lookup which finds the existing remote
attribute overwrites args->valuelen with the length of the remote
attribute being replaced. Hence when we go to create the new
attribute, we create it of the size of the existing remote
attribute, not the size it is supposed to be. When the new attribute
is much smaller than the old attribute, this results in a
transaction overrun and an ASSERT() failure on a debug kernel:
XFS: Assertion failed: tp->t_blk_res_used <= tp->t_blk_res, file: fs/xfs/xfs_trans.c, line: 331
Fix this by keeping the remote attribute value length separate to
the attribute value length in the xfs_da_args structure. The enables
us to pass the length of the remote attribute to be removed without
overwriting the new attribute's length.
Also, ensure that when we save remote block contexts for a later
rename we zero the original state variables so that we don't confuse
the state of the attribute to be removes with the state of the new
attribute that we just added. [Spotted by Brain Foster.]
Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Brian Foster <bfoster@redhat.com>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2014-05-06 05:37:31 +08:00
|
|
|
/* save the attribute state for later removal*/
|
2008-05-21 14:42:05 +08:00
|
|
|
args->op_flags |= XFS_DA_OP_RENAME; /* atomic rename op */
|
2005-04-17 06:20:36 +08:00
|
|
|
args->blkno2 = args->blkno; /* set 2nd entry info*/
|
|
|
|
args->index2 = args->index;
|
|
|
|
args->rmtblkno2 = args->rmtblkno;
|
|
|
|
args->rmtblkcnt2 = args->rmtblkcnt;
|
xfs: remote attribute overwrite causes transaction overrun
Commit e461fcb ("xfs: remote attribute lookups require the value
length") passes the remote attribute length in the xfs_da_args
structure on lookup so that CRC calculations and validity checking
can be performed correctly by related code. This, unfortunately has
the side effect of changing the args->valuelen parameter in cases
where it shouldn't.
That is, when we replace a remote attribute, the incoming
replacement stores the value and length in args->value and
args->valuelen, but then the lookup which finds the existing remote
attribute overwrites args->valuelen with the length of the remote
attribute being replaced. Hence when we go to create the new
attribute, we create it of the size of the existing remote
attribute, not the size it is supposed to be. When the new attribute
is much smaller than the old attribute, this results in a
transaction overrun and an ASSERT() failure on a debug kernel:
XFS: Assertion failed: tp->t_blk_res_used <= tp->t_blk_res, file: fs/xfs/xfs_trans.c, line: 331
Fix this by keeping the remote attribute value length separate to
the attribute value length in the xfs_da_args structure. The enables
us to pass the length of the remote attribute to be removed without
overwriting the new attribute's length.
Also, ensure that when we save remote block contexts for a later
rename we zero the original state variables so that we don't confuse
the state of the attribute to be removes with the state of the new
attribute that we just added. [Spotted by Brain Foster.]
Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Brian Foster <bfoster@redhat.com>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2014-05-06 05:37:31 +08:00
|
|
|
args->rmtvaluelen2 = args->rmtvaluelen;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* clear the remote attr state now that it is saved so that the
|
|
|
|
* values reflect the state of the attribute we are about to
|
|
|
|
* add, not the attribute we just found and will remove later.
|
|
|
|
*/
|
2005-04-17 06:20:36 +08:00
|
|
|
args->rmtblkno = 0;
|
|
|
|
args->rmtblkcnt = 0;
|
xfs: remote attribute overwrite causes transaction overrun
Commit e461fcb ("xfs: remote attribute lookups require the value
length") passes the remote attribute length in the xfs_da_args
structure on lookup so that CRC calculations and validity checking
can be performed correctly by related code. This, unfortunately has
the side effect of changing the args->valuelen parameter in cases
where it shouldn't.
That is, when we replace a remote attribute, the incoming
replacement stores the value and length in args->value and
args->valuelen, but then the lookup which finds the existing remote
attribute overwrites args->valuelen with the length of the remote
attribute being replaced. Hence when we go to create the new
attribute, we create it of the size of the existing remote
attribute, not the size it is supposed to be. When the new attribute
is much smaller than the old attribute, this results in a
transaction overrun and an ASSERT() failure on a debug kernel:
XFS: Assertion failed: tp->t_blk_res_used <= tp->t_blk_res, file: fs/xfs/xfs_trans.c, line: 331
Fix this by keeping the remote attribute value length separate to
the attribute value length in the xfs_da_args structure. The enables
us to pass the length of the remote attribute to be removed without
overwriting the new attribute's length.
Also, ensure that when we save remote block contexts for a later
rename we zero the original state variables so that we don't confuse
the state of the attribute to be removes with the state of the new
attribute that we just added. [Spotted by Brain Foster.]
Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Brian Foster <bfoster@redhat.com>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2014-05-06 05:37:31 +08:00
|
|
|
args->rmtvaluelen = 0;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
2013-04-24 16:58:55 +08:00
|
|
|
retval = xfs_attr3_leaf_add(blk->bp, state->args);
|
2014-06-25 12:58:08 +08:00
|
|
|
if (retval == -ENOSPC) {
|
2005-04-17 06:20:36 +08:00
|
|
|
if (state->path.active == 1) {
|
|
|
|
/*
|
|
|
|
* Its really a single leaf node, but it had
|
|
|
|
* out-of-line values so it looked like it *might*
|
|
|
|
* have been a b-tree.
|
|
|
|
*/
|
|
|
|
xfs_da_state_free(state);
|
2013-08-01 09:18:54 +08:00
|
|
|
state = NULL;
|
2016-08-03 09:19:29 +08:00
|
|
|
xfs_defer_init(args->dfops, args->firstblock);
|
2013-04-24 16:58:55 +08:00
|
|
|
error = xfs_attr3_leaf_to_node(args);
|
xfs: eliminate committed arg from xfs_bmap_finish
Calls to xfs_bmap_finish() and xfs_trans_ijoin(), and the
associated comments were replicated several times across
the attribute code, all dealing with what to do if the
transaction was or wasn't committed.
And in that replicated code, an ASSERT() test of an
uninitialized variable occurs in several locations:
error = xfs_attr_thing(&args);
if (!error) {
error = xfs_bmap_finish(&args.trans, args.flist,
&committed);
}
if (error) {
ASSERT(committed);
If the first xfs_attr_thing() failed, we'd skip the xfs_bmap_finish,
never set "committed", and then test it in the ASSERT.
Fix this up by moving the committed state internal to xfs_bmap_finish,
and add a new inode argument. If an inode is passed in, it is passed
through to __xfs_trans_roll() and joined to the transaction there if
the transaction was committed.
xfs_qm_dqalloc() was a little unique in that it called bjoin rather
than ijoin, but as Dave points out we can detect the committed state
but checking whether (*tpp != tp).
Addresses-Coverity-Id: 102360
Addresses-Coverity-Id: 102361
Addresses-Coverity-Id: 102363
Addresses-Coverity-Id: 102364
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2016-01-11 08:34:01 +08:00
|
|
|
if (!error)
|
2016-08-03 09:18:10 +08:00
|
|
|
error = xfs_defer_finish(&args->trans,
|
2016-08-03 09:19:29 +08:00
|
|
|
args->dfops, dp);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error) {
|
|
|
|
args->trans = NULL;
|
2016-08-03 09:19:29 +08:00
|
|
|
xfs_defer_cancel(args->dfops);
|
2005-04-17 06:20:36 +08:00
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Commit the node conversion and start the next
|
|
|
|
* trans in the chain.
|
|
|
|
*/
|
2008-08-13 14:05:49 +08:00
|
|
|
error = xfs_trans_roll(&args->trans, dp);
|
|
|
|
if (error)
|
2005-04-17 06:20:36 +08:00
|
|
|
goto out;
|
|
|
|
|
|
|
|
goto restart;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Split as many Btree elements as required.
|
|
|
|
* This code tracks the new and old attr's location
|
|
|
|
* in the index/blkno/rmtblkno/rmtblkcnt fields and
|
|
|
|
* in the index2/blkno2/rmtblkno2/rmtblkcnt2 fields.
|
|
|
|
*/
|
2016-08-03 09:19:29 +08:00
|
|
|
xfs_defer_init(args->dfops, args->firstblock);
|
2013-04-24 16:58:02 +08:00
|
|
|
error = xfs_da3_split(state);
|
xfs: eliminate committed arg from xfs_bmap_finish
Calls to xfs_bmap_finish() and xfs_trans_ijoin(), and the
associated comments were replicated several times across
the attribute code, all dealing with what to do if the
transaction was or wasn't committed.
And in that replicated code, an ASSERT() test of an
uninitialized variable occurs in several locations:
error = xfs_attr_thing(&args);
if (!error) {
error = xfs_bmap_finish(&args.trans, args.flist,
&committed);
}
if (error) {
ASSERT(committed);
If the first xfs_attr_thing() failed, we'd skip the xfs_bmap_finish,
never set "committed", and then test it in the ASSERT.
Fix this up by moving the committed state internal to xfs_bmap_finish,
and add a new inode argument. If an inode is passed in, it is passed
through to __xfs_trans_roll() and joined to the transaction there if
the transaction was committed.
xfs_qm_dqalloc() was a little unique in that it called bjoin rather
than ijoin, but as Dave points out we can detect the committed state
but checking whether (*tpp != tp).
Addresses-Coverity-Id: 102360
Addresses-Coverity-Id: 102361
Addresses-Coverity-Id: 102363
Addresses-Coverity-Id: 102364
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2016-01-11 08:34:01 +08:00
|
|
|
if (!error)
|
2016-08-03 09:19:29 +08:00
|
|
|
error = xfs_defer_finish(&args->trans, args->dfops, dp);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error) {
|
|
|
|
args->trans = NULL;
|
2016-08-03 09:19:29 +08:00
|
|
|
xfs_defer_cancel(args->dfops);
|
2005-04-17 06:20:36 +08:00
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
/*
|
|
|
|
* Addition succeeded, update Btree hashvals.
|
|
|
|
*/
|
2013-04-24 16:58:02 +08:00
|
|
|
xfs_da3_fixhashpath(state, &state->path);
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Kill the state structure, we're done with it and need to
|
|
|
|
* allow the buffers to come back later.
|
|
|
|
*/
|
|
|
|
xfs_da_state_free(state);
|
|
|
|
state = NULL;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Commit the leaf addition or btree split and start the next
|
|
|
|
* trans in the chain.
|
|
|
|
*/
|
2008-08-13 14:05:49 +08:00
|
|
|
error = xfs_trans_roll(&args->trans, dp);
|
|
|
|
if (error)
|
2005-04-17 06:20:36 +08:00
|
|
|
goto out;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If there was an out-of-line value, allocate the blocks we
|
|
|
|
* identified for its storage and copy the value. This is done
|
|
|
|
* after we create the attribute so that we don't overflow the
|
|
|
|
* maximum size of a transaction and/or hit a deadlock.
|
|
|
|
*/
|
|
|
|
if (args->rmtblkno > 0) {
|
|
|
|
error = xfs_attr_rmtval_set(args);
|
|
|
|
if (error)
|
2014-06-22 13:03:54 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If this is an atomic rename operation, we must "flip" the
|
|
|
|
* incomplete flags on the "new" and "old" attribute/value pairs
|
|
|
|
* so that one disappears and one appears atomically. Then we
|
|
|
|
* must remove the "old" attribute/value pair.
|
|
|
|
*/
|
2008-05-21 14:42:05 +08:00
|
|
|
if (args->op_flags & XFS_DA_OP_RENAME) {
|
2005-04-17 06:20:36 +08:00
|
|
|
/*
|
|
|
|
* In a separate transaction, set the incomplete flag on the
|
|
|
|
* "old" attr and clear the incomplete flag on the "new" attr.
|
|
|
|
*/
|
2013-04-24 16:58:55 +08:00
|
|
|
error = xfs_attr3_leaf_flipflags(args);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Dismantle the "old" attribute/value pair by removing
|
|
|
|
* a "remote" value (if it exists).
|
|
|
|
*/
|
|
|
|
args->index = args->index2;
|
|
|
|
args->blkno = args->blkno2;
|
|
|
|
args->rmtblkno = args->rmtblkno2;
|
|
|
|
args->rmtblkcnt = args->rmtblkcnt2;
|
xfs: remote attribute overwrite causes transaction overrun
Commit e461fcb ("xfs: remote attribute lookups require the value
length") passes the remote attribute length in the xfs_da_args
structure on lookup so that CRC calculations and validity checking
can be performed correctly by related code. This, unfortunately has
the side effect of changing the args->valuelen parameter in cases
where it shouldn't.
That is, when we replace a remote attribute, the incoming
replacement stores the value and length in args->value and
args->valuelen, but then the lookup which finds the existing remote
attribute overwrites args->valuelen with the length of the remote
attribute being replaced. Hence when we go to create the new
attribute, we create it of the size of the existing remote
attribute, not the size it is supposed to be. When the new attribute
is much smaller than the old attribute, this results in a
transaction overrun and an ASSERT() failure on a debug kernel:
XFS: Assertion failed: tp->t_blk_res_used <= tp->t_blk_res, file: fs/xfs/xfs_trans.c, line: 331
Fix this by keeping the remote attribute value length separate to
the attribute value length in the xfs_da_args structure. The enables
us to pass the length of the remote attribute to be removed without
overwriting the new attribute's length.
Also, ensure that when we save remote block contexts for a later
rename we zero the original state variables so that we don't confuse
the state of the attribute to be removes with the state of the new
attribute that we just added. [Spotted by Brain Foster.]
Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Brian Foster <bfoster@redhat.com>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2014-05-06 05:37:31 +08:00
|
|
|
args->rmtvaluelen = args->rmtvaluelen2;
|
2005-04-17 06:20:36 +08:00
|
|
|
if (args->rmtblkno) {
|
|
|
|
error = xfs_attr_rmtval_remove(args);
|
|
|
|
if (error)
|
2014-06-22 13:03:54 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Re-find the "old" attribute entry after any split ops.
|
|
|
|
* The INCOMPLETE flag means that we will find the "old"
|
|
|
|
* attr, not the "new" one.
|
|
|
|
*/
|
|
|
|
args->flags |= XFS_ATTR_INCOMPLETE;
|
|
|
|
state = xfs_da_state_alloc();
|
|
|
|
state->args = args;
|
|
|
|
state->mp = mp;
|
|
|
|
state->inleaf = 0;
|
2013-04-24 16:58:02 +08:00
|
|
|
error = xfs_da3_node_lookup_int(state, &retval);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Remove the name and update the hashvals in the tree.
|
|
|
|
*/
|
|
|
|
blk = &state->path.blk[ state->path.active-1 ];
|
|
|
|
ASSERT(blk->magic == XFS_ATTR_LEAF_MAGIC);
|
2013-04-24 16:58:55 +08:00
|
|
|
error = xfs_attr3_leaf_remove(blk->bp, args);
|
2013-04-24 16:58:02 +08:00
|
|
|
xfs_da3_fixhashpath(state, &state->path);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Check to see if the tree needs to be collapsed.
|
|
|
|
*/
|
|
|
|
if (retval && (state->path.active > 1)) {
|
2016-08-03 09:19:29 +08:00
|
|
|
xfs_defer_init(args->dfops, args->firstblock);
|
2013-04-24 16:58:02 +08:00
|
|
|
error = xfs_da3_join(state);
|
xfs: eliminate committed arg from xfs_bmap_finish
Calls to xfs_bmap_finish() and xfs_trans_ijoin(), and the
associated comments were replicated several times across
the attribute code, all dealing with what to do if the
transaction was or wasn't committed.
And in that replicated code, an ASSERT() test of an
uninitialized variable occurs in several locations:
error = xfs_attr_thing(&args);
if (!error) {
error = xfs_bmap_finish(&args.trans, args.flist,
&committed);
}
if (error) {
ASSERT(committed);
If the first xfs_attr_thing() failed, we'd skip the xfs_bmap_finish,
never set "committed", and then test it in the ASSERT.
Fix this up by moving the committed state internal to xfs_bmap_finish,
and add a new inode argument. If an inode is passed in, it is passed
through to __xfs_trans_roll() and joined to the transaction there if
the transaction was committed.
xfs_qm_dqalloc() was a little unique in that it called bjoin rather
than ijoin, but as Dave points out we can detect the committed state
but checking whether (*tpp != tp).
Addresses-Coverity-Id: 102360
Addresses-Coverity-Id: 102361
Addresses-Coverity-Id: 102363
Addresses-Coverity-Id: 102364
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2016-01-11 08:34:01 +08:00
|
|
|
if (!error)
|
2016-08-03 09:18:10 +08:00
|
|
|
error = xfs_defer_finish(&args->trans,
|
2016-08-03 09:19:29 +08:00
|
|
|
args->dfops, dp);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error) {
|
|
|
|
args->trans = NULL;
|
2016-08-03 09:19:29 +08:00
|
|
|
xfs_defer_cancel(args->dfops);
|
2005-04-17 06:20:36 +08:00
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Commit and start the next trans in the chain.
|
|
|
|
*/
|
2008-08-13 14:05:49 +08:00
|
|
|
error = xfs_trans_roll(&args->trans, dp);
|
|
|
|
if (error)
|
2005-04-17 06:20:36 +08:00
|
|
|
goto out;
|
|
|
|
|
|
|
|
} else if (args->rmtblkno > 0) {
|
|
|
|
/*
|
|
|
|
* Added a "remote" value, just clear the incomplete flag.
|
|
|
|
*/
|
2013-04-24 16:58:55 +08:00
|
|
|
error = xfs_attr3_leaf_clearflag(args);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error)
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
retval = error = 0;
|
|
|
|
|
|
|
|
out:
|
|
|
|
if (state)
|
|
|
|
xfs_da_state_free(state);
|
|
|
|
if (error)
|
2014-06-22 13:03:54 +08:00
|
|
|
return error;
|
|
|
|
return retval;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Remove a name from a B-tree attribute list.
|
|
|
|
*
|
|
|
|
* This will involve walking down the Btree, and may involve joining
|
|
|
|
* leaf nodes and even joining intermediate nodes up to and including
|
|
|
|
* the root node (a special case of an intermediate node).
|
|
|
|
*/
|
|
|
|
STATIC int
|
|
|
|
xfs_attr_node_removename(xfs_da_args_t *args)
|
|
|
|
{
|
|
|
|
xfs_da_state_t *state;
|
|
|
|
xfs_da_state_blk_t *blk;
|
|
|
|
xfs_inode_t *dp;
|
2012-06-22 16:50:14 +08:00
|
|
|
struct xfs_buf *bp;
|
xfs: eliminate committed arg from xfs_bmap_finish
Calls to xfs_bmap_finish() and xfs_trans_ijoin(), and the
associated comments were replicated several times across
the attribute code, all dealing with what to do if the
transaction was or wasn't committed.
And in that replicated code, an ASSERT() test of an
uninitialized variable occurs in several locations:
error = xfs_attr_thing(&args);
if (!error) {
error = xfs_bmap_finish(&args.trans, args.flist,
&committed);
}
if (error) {
ASSERT(committed);
If the first xfs_attr_thing() failed, we'd skip the xfs_bmap_finish,
never set "committed", and then test it in the ASSERT.
Fix this up by moving the committed state internal to xfs_bmap_finish,
and add a new inode argument. If an inode is passed in, it is passed
through to __xfs_trans_roll() and joined to the transaction there if
the transaction was committed.
xfs_qm_dqalloc() was a little unique in that it called bjoin rather
than ijoin, but as Dave points out we can detect the committed state
but checking whether (*tpp != tp).
Addresses-Coverity-Id: 102360
Addresses-Coverity-Id: 102361
Addresses-Coverity-Id: 102363
Addresses-Coverity-Id: 102364
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2016-01-11 08:34:01 +08:00
|
|
|
int retval, error, forkoff;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2012-03-22 13:15:13 +08:00
|
|
|
trace_xfs_attr_node_removename(args);
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
/*
|
|
|
|
* Tie a string around our finger to remind us where we are.
|
|
|
|
*/
|
|
|
|
dp = args->dp;
|
|
|
|
state = xfs_da_state_alloc();
|
|
|
|
state->args = args;
|
|
|
|
state->mp = dp->i_mount;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Search to see if name exists, and get back a pointer to it.
|
|
|
|
*/
|
2013-04-24 16:58:02 +08:00
|
|
|
error = xfs_da3_node_lookup_int(state, &retval);
|
2014-06-25 12:58:08 +08:00
|
|
|
if (error || (retval != -EEXIST)) {
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error == 0)
|
|
|
|
error = retval;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If there is an out-of-line value, de-allocate the blocks.
|
|
|
|
* This is done before we remove the attribute so that we don't
|
|
|
|
* overflow the maximum size of a transaction and/or hit a deadlock.
|
|
|
|
*/
|
|
|
|
blk = &state->path.blk[ state->path.active-1 ];
|
|
|
|
ASSERT(blk->bp != NULL);
|
|
|
|
ASSERT(blk->magic == XFS_ATTR_LEAF_MAGIC);
|
|
|
|
if (args->rmtblkno > 0) {
|
|
|
|
/*
|
|
|
|
* Fill in disk block numbers in the state structure
|
|
|
|
* so that we can get the buffers back after we commit
|
|
|
|
* several transactions in the following calls.
|
|
|
|
*/
|
|
|
|
error = xfs_attr_fillstate(state);
|
|
|
|
if (error)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Mark the attribute as INCOMPLETE, then bunmapi() the
|
|
|
|
* remote value.
|
|
|
|
*/
|
2013-04-24 16:58:55 +08:00
|
|
|
error = xfs_attr3_leaf_setflag(args);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error)
|
|
|
|
goto out;
|
|
|
|
error = xfs_attr_rmtval_remove(args);
|
|
|
|
if (error)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Refill the state structure with buffers, the prior calls
|
|
|
|
* released our buffers.
|
|
|
|
*/
|
|
|
|
error = xfs_attr_refillstate(state);
|
|
|
|
if (error)
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Remove the name and update the hashvals in the tree.
|
|
|
|
*/
|
|
|
|
blk = &state->path.blk[ state->path.active-1 ];
|
|
|
|
ASSERT(blk->magic == XFS_ATTR_LEAF_MAGIC);
|
2013-04-24 16:58:55 +08:00
|
|
|
retval = xfs_attr3_leaf_remove(blk->bp, args);
|
2013-04-24 16:58:02 +08:00
|
|
|
xfs_da3_fixhashpath(state, &state->path);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Check to see if the tree needs to be collapsed.
|
|
|
|
*/
|
|
|
|
if (retval && (state->path.active > 1)) {
|
2016-08-03 09:19:29 +08:00
|
|
|
xfs_defer_init(args->dfops, args->firstblock);
|
2013-04-24 16:58:02 +08:00
|
|
|
error = xfs_da3_join(state);
|
xfs: eliminate committed arg from xfs_bmap_finish
Calls to xfs_bmap_finish() and xfs_trans_ijoin(), and the
associated comments were replicated several times across
the attribute code, all dealing with what to do if the
transaction was or wasn't committed.
And in that replicated code, an ASSERT() test of an
uninitialized variable occurs in several locations:
error = xfs_attr_thing(&args);
if (!error) {
error = xfs_bmap_finish(&args.trans, args.flist,
&committed);
}
if (error) {
ASSERT(committed);
If the first xfs_attr_thing() failed, we'd skip the xfs_bmap_finish,
never set "committed", and then test it in the ASSERT.
Fix this up by moving the committed state internal to xfs_bmap_finish,
and add a new inode argument. If an inode is passed in, it is passed
through to __xfs_trans_roll() and joined to the transaction there if
the transaction was committed.
xfs_qm_dqalloc() was a little unique in that it called bjoin rather
than ijoin, but as Dave points out we can detect the committed state
but checking whether (*tpp != tp).
Addresses-Coverity-Id: 102360
Addresses-Coverity-Id: 102361
Addresses-Coverity-Id: 102363
Addresses-Coverity-Id: 102364
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2016-01-11 08:34:01 +08:00
|
|
|
if (!error)
|
2016-08-03 09:19:29 +08:00
|
|
|
error = xfs_defer_finish(&args->trans, args->dfops, dp);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error) {
|
|
|
|
args->trans = NULL;
|
2016-08-03 09:19:29 +08:00
|
|
|
xfs_defer_cancel(args->dfops);
|
2005-04-17 06:20:36 +08:00
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
/*
|
|
|
|
* Commit the Btree join operation and start a new trans.
|
|
|
|
*/
|
2008-08-13 14:05:49 +08:00
|
|
|
error = xfs_trans_roll(&args->trans, dp);
|
|
|
|
if (error)
|
2005-04-17 06:20:36 +08:00
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If the result is small enough, push it all into the inode.
|
|
|
|
*/
|
|
|
|
if (xfs_bmap_one_block(dp, XFS_ATTR_FORK)) {
|
|
|
|
/*
|
|
|
|
* Have to get rid of the copy of this dabuf in the state.
|
|
|
|
*/
|
|
|
|
ASSERT(state->path.active == 1);
|
|
|
|
ASSERT(state->path.blk[0].bp);
|
|
|
|
state->path.blk[0].bp = NULL;
|
|
|
|
|
2013-04-24 16:58:55 +08:00
|
|
|
error = xfs_attr3_leaf_read(args->trans, args->dp, 0, -1, &bp);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error)
|
|
|
|
goto out;
|
|
|
|
|
2005-11-02 07:34:53 +08:00
|
|
|
if ((forkoff = xfs_attr_shortform_allfit(bp, dp))) {
|
2016-08-03 09:19:29 +08:00
|
|
|
xfs_defer_init(args->dfops, args->firstblock);
|
2013-04-24 16:58:55 +08:00
|
|
|
error = xfs_attr3_leaf_to_shortform(bp, args, forkoff);
|
2005-04-17 06:20:36 +08:00
|
|
|
/* bp is gone due to xfs_da_shrink_inode */
|
xfs: eliminate committed arg from xfs_bmap_finish
Calls to xfs_bmap_finish() and xfs_trans_ijoin(), and the
associated comments were replicated several times across
the attribute code, all dealing with what to do if the
transaction was or wasn't committed.
And in that replicated code, an ASSERT() test of an
uninitialized variable occurs in several locations:
error = xfs_attr_thing(&args);
if (!error) {
error = xfs_bmap_finish(&args.trans, args.flist,
&committed);
}
if (error) {
ASSERT(committed);
If the first xfs_attr_thing() failed, we'd skip the xfs_bmap_finish,
never set "committed", and then test it in the ASSERT.
Fix this up by moving the committed state internal to xfs_bmap_finish,
and add a new inode argument. If an inode is passed in, it is passed
through to __xfs_trans_roll() and joined to the transaction there if
the transaction was committed.
xfs_qm_dqalloc() was a little unique in that it called bjoin rather
than ijoin, but as Dave points out we can detect the committed state
but checking whether (*tpp != tp).
Addresses-Coverity-Id: 102360
Addresses-Coverity-Id: 102361
Addresses-Coverity-Id: 102363
Addresses-Coverity-Id: 102364
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2016-01-11 08:34:01 +08:00
|
|
|
if (!error)
|
2016-08-03 09:18:10 +08:00
|
|
|
error = xfs_defer_finish(&args->trans,
|
2016-08-03 09:19:29 +08:00
|
|
|
args->dfops, dp);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error) {
|
|
|
|
args->trans = NULL;
|
2016-08-03 09:19:29 +08:00
|
|
|
xfs_defer_cancel(args->dfops);
|
2005-04-17 06:20:36 +08:00
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
} else
|
2012-06-22 16:50:14 +08:00
|
|
|
xfs_trans_brelse(args->trans, bp);
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
error = 0;
|
|
|
|
|
|
|
|
out:
|
|
|
|
xfs_da_state_free(state);
|
2014-06-22 13:03:54 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Fill in the disk block numbers in the state structure for the buffers
|
|
|
|
* that are attached to the state structure.
|
|
|
|
* This is done so that we can quickly reattach ourselves to those buffers
|
2006-03-29 06:55:14 +08:00
|
|
|
* after some set of transaction commits have released these buffers.
|
2005-04-17 06:20:36 +08:00
|
|
|
*/
|
|
|
|
STATIC int
|
|
|
|
xfs_attr_fillstate(xfs_da_state_t *state)
|
|
|
|
{
|
|
|
|
xfs_da_state_path_t *path;
|
|
|
|
xfs_da_state_blk_t *blk;
|
|
|
|
int level;
|
|
|
|
|
2012-11-12 19:53:53 +08:00
|
|
|
trace_xfs_attr_fillstate(state->args);
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
/*
|
|
|
|
* Roll down the "path" in the state structure, storing the on-disk
|
|
|
|
* block number for those buffers in the "path".
|
|
|
|
*/
|
|
|
|
path = &state->path;
|
|
|
|
ASSERT((path->active >= 0) && (path->active < XFS_DA_NODE_MAXDEPTH));
|
|
|
|
for (blk = path->blk, level = 0; level < path->active; blk++, level++) {
|
|
|
|
if (blk->bp) {
|
2012-06-22 16:50:14 +08:00
|
|
|
blk->disk_blkno = XFS_BUF_ADDR(blk->bp);
|
2005-04-17 06:20:36 +08:00
|
|
|
blk->bp = NULL;
|
|
|
|
} else {
|
|
|
|
blk->disk_blkno = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Roll down the "altpath" in the state structure, storing the on-disk
|
|
|
|
* block number for those buffers in the "altpath".
|
|
|
|
*/
|
|
|
|
path = &state->altpath;
|
|
|
|
ASSERT((path->active >= 0) && (path->active < XFS_DA_NODE_MAXDEPTH));
|
|
|
|
for (blk = path->blk, level = 0; level < path->active; blk++, level++) {
|
|
|
|
if (blk->bp) {
|
2012-06-22 16:50:14 +08:00
|
|
|
blk->disk_blkno = XFS_BUF_ADDR(blk->bp);
|
2005-04-17 06:20:36 +08:00
|
|
|
blk->bp = NULL;
|
|
|
|
} else {
|
|
|
|
blk->disk_blkno = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-06-22 13:03:54 +08:00
|
|
|
return 0;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Reattach the buffers to the state structure based on the disk block
|
|
|
|
* numbers stored in the state structure.
|
2006-03-29 06:55:14 +08:00
|
|
|
* This is done after some set of transaction commits have released those
|
2005-04-17 06:20:36 +08:00
|
|
|
* buffers from our grip.
|
|
|
|
*/
|
|
|
|
STATIC int
|
|
|
|
xfs_attr_refillstate(xfs_da_state_t *state)
|
|
|
|
{
|
|
|
|
xfs_da_state_path_t *path;
|
|
|
|
xfs_da_state_blk_t *blk;
|
|
|
|
int level, error;
|
|
|
|
|
2012-11-12 19:53:53 +08:00
|
|
|
trace_xfs_attr_refillstate(state->args);
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
/*
|
|
|
|
* Roll down the "path" in the state structure, storing the on-disk
|
|
|
|
* block number for those buffers in the "path".
|
|
|
|
*/
|
|
|
|
path = &state->path;
|
|
|
|
ASSERT((path->active >= 0) && (path->active < XFS_DA_NODE_MAXDEPTH));
|
|
|
|
for (blk = path->blk, level = 0; level < path->active; blk++, level++) {
|
|
|
|
if (blk->disk_blkno) {
|
2013-04-24 16:58:02 +08:00
|
|
|
error = xfs_da3_node_read(state->args->trans,
|
2005-04-17 06:20:36 +08:00
|
|
|
state->args->dp,
|
|
|
|
blk->blkno, blk->disk_blkno,
|
2012-11-12 19:54:17 +08:00
|
|
|
&blk->bp, XFS_ATTR_FORK);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error)
|
2014-06-22 13:03:54 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
} else {
|
|
|
|
blk->bp = NULL;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Roll down the "altpath" in the state structure, storing the on-disk
|
|
|
|
* block number for those buffers in the "altpath".
|
|
|
|
*/
|
|
|
|
path = &state->altpath;
|
|
|
|
ASSERT((path->active >= 0) && (path->active < XFS_DA_NODE_MAXDEPTH));
|
|
|
|
for (blk = path->blk, level = 0; level < path->active; blk++, level++) {
|
|
|
|
if (blk->disk_blkno) {
|
2013-04-24 16:58:02 +08:00
|
|
|
error = xfs_da3_node_read(state->args->trans,
|
2005-04-17 06:20:36 +08:00
|
|
|
state->args->dp,
|
|
|
|
blk->blkno, blk->disk_blkno,
|
2012-11-12 19:54:17 +08:00
|
|
|
&blk->bp, XFS_ATTR_FORK);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error)
|
2014-06-22 13:03:54 +08:00
|
|
|
return error;
|
2005-04-17 06:20:36 +08:00
|
|
|
} else {
|
|
|
|
blk->bp = NULL;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-06-22 13:03:54 +08:00
|
|
|
return 0;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Look up a filename in a node attribute list.
|
|
|
|
*
|
|
|
|
* This routine gets called for any attribute fork that has more than one
|
|
|
|
* block, ie: both true Btree attr lists and for single-leaf-blocks with
|
|
|
|
* "remote" values taking up more blocks.
|
|
|
|
*/
|
2005-06-21 13:36:52 +08:00
|
|
|
STATIC int
|
2005-04-17 06:20:36 +08:00
|
|
|
xfs_attr_node_get(xfs_da_args_t *args)
|
|
|
|
{
|
|
|
|
xfs_da_state_t *state;
|
|
|
|
xfs_da_state_blk_t *blk;
|
|
|
|
int error, retval;
|
|
|
|
int i;
|
|
|
|
|
2012-11-12 19:53:53 +08:00
|
|
|
trace_xfs_attr_node_get(args);
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
state = xfs_da_state_alloc();
|
|
|
|
state->args = args;
|
|
|
|
state->mp = args->dp->i_mount;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Search to see if name exists, and get back a pointer to it.
|
|
|
|
*/
|
2013-04-24 16:58:02 +08:00
|
|
|
error = xfs_da3_node_lookup_int(state, &retval);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (error) {
|
|
|
|
retval = error;
|
2014-06-25 12:58:08 +08:00
|
|
|
} else if (retval == -EEXIST) {
|
2005-04-17 06:20:36 +08:00
|
|
|
blk = &state->path.blk[ state->path.active-1 ];
|
|
|
|
ASSERT(blk->bp != NULL);
|
|
|
|
ASSERT(blk->magic == XFS_ATTR_LEAF_MAGIC);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Get the value, local or "remote"
|
|
|
|
*/
|
2013-04-24 16:58:55 +08:00
|
|
|
retval = xfs_attr3_leaf_getvalue(blk->bp, args);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (!retval && (args->rmtblkno > 0)
|
|
|
|
&& !(args->flags & ATTR_KERNOVAL)) {
|
|
|
|
retval = xfs_attr_rmtval_get(args);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If not in a transaction, we have to release all the buffers.
|
|
|
|
*/
|
|
|
|
for (i = 0; i < state->path.active; i++) {
|
2012-06-22 16:50:14 +08:00
|
|
|
xfs_trans_brelse(args->trans, state->path.blk[i].bp);
|
2005-04-17 06:20:36 +08:00
|
|
|
state->path.blk[i].bp = NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
xfs_da_state_free(state);
|
2014-06-22 13:03:54 +08:00
|
|
|
return retval;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|