1 /* $NetBSD: lfs_rfw.c,v 1.18 2013/07/28 01:05:52 dholland Exp $ */ 2 3 /*- 4 * Copyright (c) 1999, 2000, 2001, 2002, 2003 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Konrad E. Schroder <perseant@hhhh.org>. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 __KERNEL_RCSID(0, "$NetBSD: lfs_rfw.c,v 1.18 2013/07/28 01:05:52 dholland Exp $"); 34 35 #if defined(_KERNEL_OPT) 36 #include "opt_quota.h" 37 #endif 38 39 #include <sys/param.h> 40 #include <sys/systm.h> 41 #include <sys/namei.h> 42 #include <sys/proc.h> 43 #include <sys/kernel.h> 44 #include <sys/vnode.h> 45 #include <sys/mount.h> 46 #include <sys/kthread.h> 47 #include <sys/buf.h> 48 #include <sys/device.h> 49 #include <sys/mbuf.h> 50 #include <sys/file.h> 51 #include <sys/disklabel.h> 52 #include <sys/ioctl.h> 53 #include <sys/errno.h> 54 #include <sys/malloc.h> 55 #include <sys/pool.h> 56 #include <sys/socket.h> 57 #include <sys/syslog.h> 58 #include <uvm/uvm_extern.h> 59 #include <sys/sysctl.h> 60 #include <sys/conf.h> 61 #include <sys/kauth.h> 62 63 #include <miscfs/specfs/specdev.h> 64 65 #include <ufs/lfs/ulfs_quotacommon.h> 66 #include <ufs/lfs/ulfs_inode.h> 67 #include <ufs/lfs/ulfsmount.h> 68 #include <ufs/lfs/ulfs_extern.h> 69 70 #include <uvm/uvm.h> 71 #include <uvm/uvm_stat.h> 72 #include <uvm/uvm_pager.h> 73 #include <uvm/uvm_pdaemon.h> 74 75 #include <ufs/lfs/lfs.h> 76 #include <ufs/lfs/lfs_kernel.h> 77 #include <ufs/lfs/lfs_extern.h> 78 79 #include <miscfs/genfs/genfs.h> 80 #include <miscfs/genfs/genfs_node.h> 81 82 /* 83 * Roll-forward code. 84 */ 85 static daddr_t check_segsum(struct lfs *, daddr_t, u_int64_t, 86 kauth_cred_t, int, int *, struct lwp *); 87 88 extern int lfs_do_rfw; 89 90 /* 91 * Allocate a particular inode with a particular version number, freeing 92 * any previous versions of this inode that may have gone before. 93 * Used by the roll-forward code. 94 * 95 * XXX this function does not have appropriate locking to be used on a live fs; 96 * XXX but something similar could probably be used for an "undelete" call. 97 * 98 * Called with the Ifile inode locked. 99 */ 100 int 101 lfs_rf_valloc(struct lfs *fs, ino_t ino, int vers, struct lwp *l, 102 struct vnode **vpp) 103 { 104 IFILE *ifp; 105 struct buf *bp, *cbp; 106 struct vnode *vp; 107 struct inode *ip; 108 ino_t tino, oldnext; 109 int error; 110 CLEANERINFO *cip; 111 112 ASSERT_SEGLOCK(fs); /* XXX it doesn't, really */ 113 114 /* 115 * First, just try a vget. If the version number is the one we want, 116 * we don't have to do anything else. If the version number is wrong, 117 * take appropriate action. 118 */ 119 error = VFS_VGET(fs->lfs_ivnode->v_mount, ino, &vp); 120 if (error == 0) { 121 DLOG((DLOG_RF, "lfs_rf_valloc[1]: ino %d vp %p\n", ino, vp)); 122 123 *vpp = vp; 124 ip = VTOI(vp); 125 if (ip->i_gen == vers) 126 return 0; 127 else if (ip->i_gen < vers) { 128 lfs_truncate(vp, (off_t)0, 0, NOCRED); 129 ip->i_gen = ip->i_ffs1_gen = vers; 130 LFS_SET_UINO(ip, IN_CHANGE | IN_UPDATE); 131 return 0; 132 } else { 133 DLOG((DLOG_RF, "ino %d: sought version %d, got %d\n", 134 ino, vers, ip->i_ffs1_gen)); 135 vput(vp); 136 *vpp = NULLVP; 137 return EEXIST; 138 } 139 } 140 141 /* 142 * The inode is not in use. Find it on the free list. 143 */ 144 /* If the Ifile is too short to contain this inum, extend it */ 145 while (VTOI(fs->lfs_ivnode)->i_size <= (ino / 146 fs->lfs_ifpb + fs->lfs_cleansz + fs->lfs_segtabsz) 147 << fs->lfs_bshift) { 148 lfs_extend_ifile(fs, NOCRED); 149 } 150 151 LFS_IENTRY(ifp, fs, ino, bp); 152 oldnext = ifp->if_nextfree; 153 ifp->if_version = vers; 154 brelse(bp, 0); 155 156 LFS_GET_HEADFREE(fs, cip, cbp, &ino); 157 if (ino) { 158 LFS_PUT_HEADFREE(fs, cip, cbp, oldnext); 159 } else { 160 tino = ino; 161 while (1) { 162 LFS_IENTRY(ifp, fs, tino, bp); 163 if (ifp->if_nextfree == ino || 164 ifp->if_nextfree == LFS_UNUSED_INUM) 165 break; 166 tino = ifp->if_nextfree; 167 brelse(bp, 0); 168 } 169 if (ifp->if_nextfree == LFS_UNUSED_INUM) { 170 brelse(bp, 0); 171 return ENOENT; 172 } 173 ifp->if_nextfree = oldnext; 174 LFS_BWRITE_LOG(bp); 175 } 176 177 error = lfs_ialloc(fs, fs->lfs_ivnode, ino, vers, &vp); 178 if (error == 0) { 179 /* 180 * Make it VREG so we can put blocks on it. We will change 181 * this later if it turns out to be some other kind of file. 182 */ 183 ip = VTOI(vp); 184 ip->i_mode = ip->i_ffs1_mode = LFS_IFREG; 185 ip->i_nlink = ip->i_ffs1_nlink = 1; 186 ulfs_vinit(vp->v_mount, lfs_specop_p, lfs_fifoop_p, &vp); 187 ip = VTOI(vp); 188 189 DLOG((DLOG_RF, "lfs_rf_valloc: ino %d vp %p\n", ino, vp)); 190 191 /* The dirop-nature of this vnode is past */ 192 lfs_unmark_vnode(vp); 193 (void)lfs_vunref(vp); 194 vp->v_uflag &= ~VU_DIROP; 195 mutex_enter(&lfs_lock); 196 --lfs_dirvcount; 197 --fs->lfs_dirvcount; 198 TAILQ_REMOVE(&fs->lfs_dchainhd, ip, i_lfs_dchain); 199 wakeup(&lfs_dirvcount); 200 wakeup(&fs->lfs_dirvcount); 201 mutex_exit(&lfs_lock); 202 } 203 *vpp = vp; 204 return error; 205 } 206 207 /* 208 * Load the appropriate indirect block, and change the appropriate pointer. 209 * Mark the block dirty. Do segment and avail accounting. 210 */ 211 static int 212 update_meta(struct lfs *fs, ino_t ino, int vers, daddr_t lbn, 213 daddr_t ndaddr, size_t size, struct lwp *l) 214 { 215 int error; 216 struct vnode *vp; 217 struct inode *ip; 218 #ifdef DEBUG 219 daddr_t odaddr; 220 struct indir a[ULFS_NIADDR]; 221 int num; 222 int i; 223 #endif /* DEBUG */ 224 struct buf *bp; 225 SEGUSE *sup; 226 227 KASSERT(lbn >= 0); /* no indirect blocks */ 228 229 if ((error = lfs_rf_valloc(fs, ino, vers, l, &vp)) != 0) { 230 DLOG((DLOG_RF, "update_meta: ino %d: lfs_rf_valloc" 231 " returned %d\n", ino, error)); 232 return error; 233 } 234 235 if ((error = lfs_balloc(vp, (lbn << fs->lfs_bshift), size, 236 NOCRED, 0, &bp)) != 0) { 237 vput(vp); 238 return (error); 239 } 240 /* No need to write, the block is already on disk */ 241 if (bp->b_oflags & BO_DELWRI) { 242 LFS_UNLOCK_BUF(bp); 243 fs->lfs_avail += lfs_btofsb(fs, bp->b_bcount); 244 } 245 brelse(bp, BC_INVAL); 246 247 /* 248 * Extend the file, if it is not large enough already. 249 * XXX this is not exactly right, we don't know how much of the 250 * XXX last block is actually used. We hope that an inode will 251 * XXX appear later to give the correct size. 252 */ 253 ip = VTOI(vp); 254 if (ip->i_size <= (lbn << fs->lfs_bshift)) { 255 u_int64_t newsize; 256 257 if (lbn < ULFS_NDADDR) 258 newsize = ip->i_ffs1_size = (lbn << fs->lfs_bshift) + 259 (size - fs->lfs_fsize) + 1; 260 else 261 newsize = ip->i_ffs1_size = (lbn << fs->lfs_bshift) + 1; 262 263 if (ip->i_size < newsize) { 264 ip->i_size = newsize; 265 /* 266 * tell vm our new size for the case the inode won't 267 * appear later. 268 */ 269 uvm_vnp_setsize(vp, newsize); 270 } 271 } 272 273 lfs_update_single(fs, NULL, vp, lbn, ndaddr, size); 274 275 LFS_SEGENTRY(sup, fs, lfs_dtosn(fs, ndaddr), bp); 276 sup->su_nbytes += size; 277 LFS_WRITESEGENTRY(sup, fs, lfs_dtosn(fs, ndaddr), bp); 278 279 /* differences here should be due to UNWRITTEN indirect blocks. */ 280 KASSERT((lfs_lblkno(fs, ip->i_size) > ULFS_NDADDR && 281 ip->i_lfs_effnblks == ip->i_ffs1_blocks) || 282 ip->i_lfs_effnblks >= ip->i_ffs1_blocks); 283 284 #ifdef DEBUG 285 /* Now look again to make sure it worked */ 286 ulfs_bmaparray(vp, lbn, &odaddr, &a[0], &num, NULL, NULL); 287 for (i = num; i > 0; i--) { 288 if (!a[i].in_exists) 289 panic("update_meta: absent %d lv indirect block", i); 290 } 291 if (LFS_DBTOFSB(fs, odaddr) != ndaddr) 292 DLOG((DLOG_RF, "update_meta: failed setting ino %d lbn %" 293 PRId64 " to %" PRId64 "\n", ino, lbn, ndaddr)); 294 #endif /* DEBUG */ 295 vput(vp); 296 return 0; 297 } 298 299 static int 300 update_inoblk(struct lfs *fs, daddr_t offset, kauth_cred_t cred, 301 struct lwp *l) 302 { 303 struct vnode *devvp, *vp; 304 struct inode *ip; 305 struct ulfs1_dinode *dip; 306 struct buf *dbp, *ibp; 307 int error; 308 daddr_t daddr; 309 IFILE *ifp; 310 SEGUSE *sup; 311 312 devvp = VTOI(fs->lfs_ivnode)->i_devvp; 313 314 /* 315 * Get the inode, update times and perms. 316 * DO NOT update disk blocks, we do that separately. 317 */ 318 error = bread(devvp, LFS_FSBTODB(fs, offset), fs->lfs_ibsize, 319 cred, 0, &dbp); 320 if (error) { 321 DLOG((DLOG_RF, "update_inoblk: bread returned %d\n", error)); 322 return error; 323 } 324 dip = ((struct ulfs1_dinode *)(dbp->b_data)) + LFS_INOPB(fs); 325 while (--dip >= (struct ulfs1_dinode *)dbp->b_data) { 326 if (dip->di_inumber > LFS_IFILE_INUM) { 327 error = lfs_rf_valloc(fs, dip->di_inumber, dip->di_gen, 328 l, &vp); 329 if (error) { 330 DLOG((DLOG_RF, "update_inoblk: lfs_rf_valloc" 331 " returned %d\n", error)); 332 continue; 333 } 334 ip = VTOI(vp); 335 if (dip->di_size != ip->i_size) 336 lfs_truncate(vp, dip->di_size, 0, NOCRED); 337 /* Get mode, link count, size, and times */ 338 memcpy(ip->i_din.ffs1_din, dip, 339 offsetof(struct ulfs1_dinode, di_db[0])); 340 341 /* Then the rest, except di_blocks */ 342 ip->i_flags = ip->i_ffs1_flags = dip->di_flags; 343 ip->i_gen = ip->i_ffs1_gen = dip->di_gen; 344 ip->i_uid = ip->i_ffs1_uid = dip->di_uid; 345 ip->i_gid = ip->i_ffs1_gid = dip->di_gid; 346 347 ip->i_mode = ip->i_ffs1_mode; 348 ip->i_nlink = ip->i_ffs1_nlink; 349 ip->i_size = ip->i_ffs1_size; 350 351 LFS_SET_UINO(ip, IN_CHANGE | IN_UPDATE); 352 353 /* Re-initialize to get type right */ 354 ulfs_vinit(vp->v_mount, lfs_specop_p, lfs_fifoop_p, 355 &vp); 356 vput(vp); 357 358 /* Record change in location */ 359 LFS_IENTRY(ifp, fs, dip->di_inumber, ibp); 360 daddr = ifp->if_daddr; 361 ifp->if_daddr = LFS_DBTOFSB(fs, dbp->b_blkno); 362 error = LFS_BWRITE_LOG(ibp); /* Ifile */ 363 /* And do segment accounting */ 364 if (lfs_dtosn(fs, daddr) != lfs_dtosn(fs, LFS_DBTOFSB(fs, dbp->b_blkno))) { 365 if (daddr > 0) { 366 LFS_SEGENTRY(sup, fs, lfs_dtosn(fs, daddr), 367 ibp); 368 sup->su_nbytes -= sizeof (struct ulfs1_dinode); 369 LFS_WRITESEGENTRY(sup, fs, 370 lfs_dtosn(fs, daddr), 371 ibp); 372 } 373 LFS_SEGENTRY(sup, fs, lfs_dtosn(fs, LFS_DBTOFSB(fs, dbp->b_blkno)), 374 ibp); 375 sup->su_nbytes += sizeof (struct ulfs1_dinode); 376 LFS_WRITESEGENTRY(sup, fs, 377 lfs_dtosn(fs, LFS_DBTOFSB(fs, dbp->b_blkno)), 378 ibp); 379 } 380 } 381 } 382 brelse(dbp, BC_AGE); 383 384 return 0; 385 } 386 387 #define CHECK_CKSUM 0x0001 /* Check the checksum to make sure it's valid */ 388 #define CHECK_UPDATE 0x0002 /* Update Ifile for new data blocks / inodes */ 389 390 static daddr_t 391 check_segsum(struct lfs *fs, daddr_t offset, u_int64_t nextserial, 392 kauth_cred_t cred, int flags, int *pseg_flags, struct lwp *l) 393 { 394 struct vnode *devvp; 395 struct buf *bp, *dbp; 396 int error, nblocks = 0, ninos, i, j; /* XXX: gcc */ 397 SEGSUM *ssp; 398 u_long *dp = NULL, *datap = NULL; /* XXX u_int32_t */ 399 daddr_t oldoffset; 400 int32_t *iaddr; /* XXX ondisk32 */ 401 FINFO *fip; 402 SEGUSE *sup; 403 size_t size; 404 405 devvp = VTOI(fs->lfs_ivnode)->i_devvp; 406 /* 407 * If the segment has a superblock and we're at the top 408 * of the segment, skip the superblock. 409 */ 410 if (lfs_sntod(fs, lfs_dtosn(fs, offset)) == offset) { 411 LFS_SEGENTRY(sup, fs, lfs_dtosn(fs, offset), bp); 412 if (sup->su_flags & SEGUSE_SUPERBLOCK) 413 offset += lfs_btofsb(fs, LFS_SBPAD); 414 brelse(bp, 0); 415 } 416 417 /* Read in the segment summary */ 418 error = bread(devvp, LFS_FSBTODB(fs, offset), fs->lfs_sumsize, 419 cred, 0, &bp); 420 if (error) 421 return -1; 422 423 /* Check summary checksum */ 424 ssp = (SEGSUM *)bp->b_data; 425 if (flags & CHECK_CKSUM) { 426 if (ssp->ss_sumsum != cksum(&ssp->ss_datasum, 427 fs->lfs_sumsize - 428 sizeof(ssp->ss_sumsum))) { 429 DLOG((DLOG_RF, "Sumsum error at 0x%" PRIx64 "\n", offset)); 430 offset = -1; 431 goto err1; 432 } 433 if (ssp->ss_nfinfo == 0 && ssp->ss_ninos == 0) { 434 DLOG((DLOG_RF, "Empty pseg at 0x%" PRIx64 "\n", offset)); 435 offset = -1; 436 goto err1; 437 } 438 if (ssp->ss_create < fs->lfs_tstamp) { 439 DLOG((DLOG_RF, "Old data at 0x%" PRIx64 "\n", offset)); 440 offset = -1; 441 goto err1; 442 } 443 } 444 if (fs->lfs_version > 1) { 445 if (ssp->ss_serial != nextserial) { 446 DLOG((DLOG_RF, "Unexpected serial number at 0x%" PRIx64 447 "\n", offset)); 448 offset = -1; 449 goto err1; 450 } 451 if (ssp->ss_ident != fs->lfs_ident) { 452 DLOG((DLOG_RF, "Incorrect fsid (0x%x vs 0x%x) at 0x%" 453 PRIx64 "\n", ssp->ss_ident, fs->lfs_ident, offset)); 454 offset = -1; 455 goto err1; 456 } 457 } 458 if (pseg_flags) 459 *pseg_flags = ssp->ss_flags; 460 oldoffset = offset; 461 offset += lfs_btofsb(fs, fs->lfs_sumsize); 462 463 ninos = howmany(ssp->ss_ninos, LFS_INOPB(fs)); 464 /* XXX ondisk32 */ 465 iaddr = (int32_t *)((char*)bp->b_data + fs->lfs_sumsize - sizeof(int32_t)); 466 if (flags & CHECK_CKSUM) { 467 /* Count blocks */ 468 nblocks = 0; 469 fip = (FINFO *)((char*)bp->b_data + SEGSUM_SIZE(fs)); 470 for (i = 0; i < ssp->ss_nfinfo; ++i) { 471 nblocks += fip->fi_nblocks; 472 if (fip->fi_nblocks <= 0) 473 break; 474 /* XXX ondisk32 */ 475 fip = (FINFO *)(((char *)fip) + FINFOSIZE + 476 (fip->fi_nblocks * sizeof(int32_t))); 477 } 478 nblocks += ninos; 479 /* Create the sum array */ 480 datap = dp = (u_long *)malloc(nblocks * sizeof(u_long), 481 M_SEGMENT, M_WAITOK); 482 } 483 484 /* Handle individual blocks */ 485 fip = (FINFO *)((char*)bp->b_data + SEGSUM_SIZE(fs)); 486 for (i = 0; i < ssp->ss_nfinfo || ninos; ++i) { 487 /* Inode block? */ 488 if (ninos && *iaddr == offset) { 489 if (flags & CHECK_CKSUM) { 490 /* Read in the head and add to the buffer */ 491 error = bread(devvp, LFS_FSBTODB(fs, offset), fs->lfs_bsize, 492 cred, 0, &dbp); 493 if (error) { 494 offset = -1; 495 goto err2; 496 } 497 (*dp++) = ((u_long *)(dbp->b_data))[0]; 498 brelse(dbp, BC_AGE); 499 } 500 if (flags & CHECK_UPDATE) { 501 if ((error = update_inoblk(fs, offset, cred, l)) 502 != 0) { 503 offset = -1; 504 goto err2; 505 } 506 } 507 offset += lfs_btofsb(fs, fs->lfs_ibsize); 508 --iaddr; 509 --ninos; 510 --i; /* compensate */ 511 continue; 512 } 513 size = fs->lfs_bsize; 514 for (j = 0; j < fip->fi_nblocks; ++j) { 515 if (j == fip->fi_nblocks - 1) 516 size = fip->fi_lastlength; 517 if (flags & CHECK_CKSUM) { 518 error = bread(devvp, LFS_FSBTODB(fs, offset), size, 519 cred, 0, &dbp); 520 if (error) { 521 offset = -1; 522 goto err2; 523 } 524 (*dp++) = ((u_long *)(dbp->b_data))[0]; 525 brelse(dbp, BC_AGE); 526 } 527 /* Account for and update any direct blocks */ 528 if ((flags & CHECK_UPDATE) && 529 fip->fi_ino > LFS_IFILE_INUM && 530 fip->fi_blocks[j] >= 0) { 531 update_meta(fs, fip->fi_ino, fip->fi_version, 532 fip->fi_blocks[j], offset, size, l); 533 } 534 offset += lfs_btofsb(fs, size); 535 } 536 /* XXX ondisk32 */ 537 fip = (FINFO *)(((char *)fip) + FINFOSIZE 538 + fip->fi_nblocks * sizeof(int32_t)); 539 } 540 /* Checksum the array, compare */ 541 if ((flags & CHECK_CKSUM) && 542 ssp->ss_datasum != cksum(datap, nblocks * sizeof(u_long))) 543 { 544 DLOG((DLOG_RF, "Datasum error at 0x%" PRIx64 545 " (wanted %x got %x)\n", 546 offset, ssp->ss_datasum, cksum(datap, nblocks * 547 sizeof(u_long)))); 548 offset = -1; 549 goto err2; 550 } 551 552 /* If we're at the end of the segment, move to the next */ 553 if (lfs_dtosn(fs, offset + lfs_btofsb(fs, fs->lfs_sumsize + fs->lfs_bsize)) != 554 lfs_dtosn(fs, offset)) { 555 if (lfs_dtosn(fs, offset) == lfs_dtosn(fs, ssp->ss_next)) { 556 offset = -1; 557 goto err2; 558 } 559 offset = ssp->ss_next; 560 DLOG((DLOG_RF, "LFS roll forward: moving to offset 0x%" PRIx64 561 " -> segment %d\n", offset, lfs_dtosn(fs,offset))); 562 } 563 564 if (flags & CHECK_UPDATE) { 565 fs->lfs_avail -= (offset - oldoffset); 566 /* Don't clog the buffer queue */ 567 mutex_enter(&lfs_lock); 568 if (locked_queue_count > LFS_MAX_BUFS || 569 locked_queue_bytes > LFS_MAX_BYTES) { 570 lfs_flush(fs, SEGM_CKP, 0); 571 } 572 mutex_exit(&lfs_lock); 573 } 574 575 err2: 576 if (flags & CHECK_CKSUM) 577 free(datap, M_SEGMENT); 578 err1: 579 brelse(bp, BC_AGE); 580 581 /* XXX should we update the serial number even for bad psegs? */ 582 if ((flags & CHECK_UPDATE) && offset > 0 && fs->lfs_version > 1) 583 fs->lfs_serial = nextserial; 584 return offset; 585 } 586 587 void 588 lfs_roll_forward(struct lfs *fs, struct mount *mp, struct lwp *l) 589 { 590 int flags, dirty; 591 daddr_t offset, oldoffset, lastgoodpseg; 592 int sn, curseg, do_rollforward; 593 struct proc *p; 594 kauth_cred_t cred; 595 SEGUSE *sup; 596 struct buf *bp; 597 598 p = l ? l->l_proc : NULL; 599 cred = p ? p->p_cred : NOCRED; 600 601 /* 602 * Roll forward. 603 * 604 * We don't roll forward for v1 filesystems, because 605 * of the danger that the clock was turned back between the last 606 * checkpoint and crash. This would roll forward garbage. 607 * 608 * v2 filesystems don't have this problem because they use a 609 * monotonically increasing serial number instead of a timestamp. 610 */ 611 do_rollforward = (!(fs->lfs_pflags & LFS_PF_CLEAN) && 612 lfs_do_rfw && fs->lfs_version > 1 && p != NULL); 613 if (do_rollforward) { 614 u_int64_t nextserial; 615 /* 616 * Phase I: Find the address of the last good partial 617 * segment that was written after the checkpoint. Mark 618 * the segments in question dirty, so they won't be 619 * reallocated. 620 */ 621 lastgoodpseg = oldoffset = offset = fs->lfs_offset; 622 flags = 0x0; 623 DLOG((DLOG_RF, "LFS roll forward phase 1: start at offset 0x%" 624 PRIx64 "\n", offset)); 625 LFS_SEGENTRY(sup, fs, lfs_dtosn(fs, offset), bp); 626 if (!(sup->su_flags & SEGUSE_DIRTY)) 627 --fs->lfs_nclean; 628 sup->su_flags |= SEGUSE_DIRTY; 629 LFS_WRITESEGENTRY(sup, fs, lfs_dtosn(fs, offset), bp); 630 nextserial = fs->lfs_serial + 1; 631 while ((offset = check_segsum(fs, offset, nextserial, 632 cred, CHECK_CKSUM, &flags, l)) > 0) { 633 nextserial++; 634 if (lfs_sntod(fs, oldoffset) != lfs_sntod(fs, offset)) { 635 LFS_SEGENTRY(sup, fs, lfs_dtosn(fs, oldoffset), 636 bp); 637 if (!(sup->su_flags & SEGUSE_DIRTY)) 638 --fs->lfs_nclean; 639 sup->su_flags |= SEGUSE_DIRTY; 640 LFS_WRITESEGENTRY(sup, fs, lfs_dtosn(fs, oldoffset), 641 bp); 642 } 643 644 DLOG((DLOG_RF, "LFS roll forward phase 1: offset=0x%" 645 PRIx64 "\n", offset)); 646 if (flags & SS_DIROP) { 647 DLOG((DLOG_RF, "lfs_mountfs: dirops at 0x%" 648 PRIx64 "\n", oldoffset)); 649 if (!(flags & SS_CONT)) { 650 DLOG((DLOG_RF, "lfs_mountfs: dirops end " 651 "at 0x%" PRIx64 "\n", oldoffset)); 652 } 653 } 654 if (!(flags & SS_CONT)) 655 lastgoodpseg = offset; 656 oldoffset = offset; 657 } 658 if (flags & SS_CONT) { 659 DLOG((DLOG_RF, "LFS roll forward: warning: incomplete " 660 "dirops discarded\n")); 661 } 662 DLOG((DLOG_RF, "LFS roll forward phase 1: completed: " 663 "lastgoodpseg=0x%" PRIx64 "\n", lastgoodpseg)); 664 oldoffset = fs->lfs_offset; 665 if (fs->lfs_offset != lastgoodpseg) { 666 /* Don't overwrite what we're trying to preserve */ 667 offset = fs->lfs_offset; 668 fs->lfs_offset = lastgoodpseg; 669 fs->lfs_curseg = lfs_sntod(fs, lfs_dtosn(fs, fs->lfs_offset)); 670 for (sn = curseg = lfs_dtosn(fs, fs->lfs_curseg);;) { 671 sn = (sn + 1) % fs->lfs_nseg; 672 if (sn == curseg) 673 panic("lfs_mountfs: no clean segments"); 674 LFS_SEGENTRY(sup, fs, sn, bp); 675 dirty = (sup->su_flags & SEGUSE_DIRTY); 676 brelse(bp, 0); 677 if (!dirty) 678 break; 679 } 680 fs->lfs_nextseg = lfs_sntod(fs, sn); 681 682 /* 683 * Phase II: Roll forward from the first superblock. 684 */ 685 while (offset != lastgoodpseg) { 686 DLOG((DLOG_RF, "LFS roll forward phase 2: 0x%" 687 PRIx64 "\n", offset)); 688 offset = check_segsum(fs, offset, 689 fs->lfs_serial + 1, cred, CHECK_UPDATE, 690 NULL, l); 691 } 692 693 /* 694 * Finish: flush our changes to disk. 695 */ 696 lfs_segwrite(mp, SEGM_CKP | SEGM_SYNC); 697 DLOG((DLOG_RF, "lfs_mountfs: roll forward ", 698 "recovered %lld blocks\n", 699 (long long)(lastgoodpseg - oldoffset))); 700 } 701 DLOG((DLOG_RF, "LFS roll forward complete\n")); 702 } 703 } 704