1 /* $NetBSD: lfs_rfw.c,v 1.36 2020/09/05 16:30:13 riastradh Exp $ */ 2 3 /*- 4 * Copyright (c) 1999, 2000, 2001, 2002, 2003 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Konrad E. Schroder <perseant@hhhh.org>. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 __KERNEL_RCSID(0, "$NetBSD: lfs_rfw.c,v 1.36 2020/09/05 16:30:13 riastradh Exp $"); 34 35 #if defined(_KERNEL_OPT) 36 #include "opt_quota.h" 37 #endif 38 39 #include <sys/param.h> 40 #include <sys/systm.h> 41 #include <sys/namei.h> 42 #include <sys/proc.h> 43 #include <sys/kernel.h> 44 #include <sys/vnode.h> 45 #include <sys/mount.h> 46 #include <sys/kthread.h> 47 #include <sys/buf.h> 48 #include <sys/device.h> 49 #include <sys/file.h> 50 #include <sys/disklabel.h> 51 #include <sys/ioctl.h> 52 #include <sys/errno.h> 53 #include <sys/malloc.h> 54 #include <sys/pool.h> 55 #include <sys/socket.h> 56 #include <sys/syslog.h> 57 #include <sys/sysctl.h> 58 #include <sys/conf.h> 59 #include <sys/kauth.h> 60 61 #include <miscfs/specfs/specdev.h> 62 63 #include <ufs/lfs/ulfs_quotacommon.h> 64 #include <ufs/lfs/ulfs_inode.h> 65 #include <ufs/lfs/ulfsmount.h> 66 #include <ufs/lfs/ulfs_extern.h> 67 68 #include <uvm/uvm_extern.h> 69 70 #include <ufs/lfs/lfs.h> 71 #include <ufs/lfs/lfs_accessors.h> 72 #include <ufs/lfs/lfs_kernel.h> 73 #include <ufs/lfs/lfs_extern.h> 74 75 #include <miscfs/genfs/genfs.h> 76 #include <miscfs/genfs/genfs_node.h> 77 78 /* 79 * Roll-forward code. 80 */ 81 static daddr_t check_segsum(struct lfs *, daddr_t, u_int64_t, 82 kauth_cred_t, int, int *, struct lwp *); 83 84 extern int lfs_do_rfw; 85 86 /* 87 * Allocate a particular inode with a particular version number, freeing 88 * any previous versions of this inode that may have gone before. 89 * Used by the roll-forward code. 90 * 91 * XXX this function does not have appropriate locking to be used on a live fs; 92 * XXX but something similar could probably be used for an "undelete" call. 93 * 94 * Called with the Ifile inode locked. 95 */ 96 int 97 lfs_rf_valloc(struct lfs *fs, ino_t ino, int vers, struct lwp *l, 98 struct vnode **vpp) 99 { 100 struct vattr va; 101 struct vnode *vp; 102 struct inode *ip; 103 int error; 104 105 ASSERT_SEGLOCK(fs); /* XXX it doesn't, really */ 106 107 /* 108 * First, just try a vget. If the version number is the one we want, 109 * we don't have to do anything else. If the version number is wrong, 110 * take appropriate action. 111 */ 112 error = VFS_VGET(fs->lfs_ivnode->v_mount, ino, LK_EXCLUSIVE, &vp); 113 if (error == 0) { 114 DLOG((DLOG_RF, "lfs_rf_valloc[1]: ino %d vp %p\n", ino, vp)); 115 116 *vpp = vp; 117 ip = VTOI(vp); 118 if (ip->i_gen == vers) 119 return 0; 120 else if (ip->i_gen < vers) { 121 lfs_truncate(vp, (off_t)0, 0, NOCRED); 122 ip->i_gen = vers; 123 lfs_dino_setgen(fs, ip->i_din, vers); 124 LFS_SET_UINO(ip, IN_CHANGE | IN_UPDATE); 125 return 0; 126 } else { 127 DLOG((DLOG_RF, "ino %d: sought version %d, got %d\n", 128 ino, vers, lfs_dino_getgen(fs, ip->i_din))); 129 vput(vp); 130 *vpp = NULLVP; 131 return EEXIST; 132 } 133 } 134 135 /* Not found, create as regular file. */ 136 vattr_null(&va); 137 va.va_type = VREG; 138 va.va_mode = 0; 139 va.va_fileid = ino; 140 va.va_gen = vers; 141 error = vcache_new(fs->lfs_ivnode->v_mount, NULL, &va, NOCRED, NULL, 142 &vp); 143 if (error) 144 return error; 145 error = vn_lock(vp, LK_EXCLUSIVE); 146 if (error) { 147 vrele(vp); 148 *vpp = NULLVP; 149 return error; 150 } 151 ip = VTOI(vp); 152 ip->i_nlink = 1; 153 lfs_dino_setnlink(fs, ip->i_din, 1); 154 *vpp = vp; 155 return 0; 156 } 157 158 /* 159 * Load the appropriate indirect block, and change the appropriate pointer. 160 * Mark the block dirty. Do segment and avail accounting. 161 */ 162 static int 163 update_meta(struct lfs *fs, ino_t ino, int vers, daddr_t lbn, 164 daddr_t ndaddr, size_t size, struct lwp *l) 165 { 166 int error; 167 struct vnode *vp; 168 struct inode *ip; 169 #ifdef DEBUG 170 daddr_t odaddr; 171 struct indir a[ULFS_NIADDR]; 172 int num; 173 int i; 174 #endif /* DEBUG */ 175 struct buf *bp; 176 SEGUSE *sup; 177 178 KASSERT(lbn >= 0); /* no indirect blocks */ 179 180 if ((error = lfs_rf_valloc(fs, ino, vers, l, &vp)) != 0) { 181 DLOG((DLOG_RF, "update_meta: ino %d: lfs_rf_valloc" 182 " returned %d\n", ino, error)); 183 return error; 184 } 185 186 if ((error = lfs_balloc(vp, (lbn << lfs_sb_getbshift(fs)), size, 187 NOCRED, 0, &bp)) != 0) { 188 vput(vp); 189 return (error); 190 } 191 /* No need to write, the block is already on disk */ 192 if (bp->b_oflags & BO_DELWRI) { 193 LFS_UNLOCK_BUF(bp); 194 lfs_sb_addavail(fs, lfs_btofsb(fs, bp->b_bcount)); 195 /* XXX should this wake up fs->lfs_availsleep? */ 196 } 197 brelse(bp, BC_INVAL); 198 199 /* 200 * Extend the file, if it is not large enough already. 201 * XXX this is not exactly right, we don't know how much of the 202 * XXX last block is actually used. We hope that an inode will 203 * XXX appear later to give the correct size. 204 */ 205 ip = VTOI(vp); 206 if (ip->i_size <= (lbn << lfs_sb_getbshift(fs))) { 207 u_int64_t newsize; 208 209 if (lbn < ULFS_NDADDR) { 210 newsize = (lbn << lfs_sb_getbshift(fs)) + 211 (size - lfs_sb_getfsize(fs)) + 1; 212 } else { 213 newsize = (lbn << lfs_sb_getbshift(fs)) + 1; 214 } 215 lfs_dino_setsize(fs, ip->i_din, newsize); 216 217 if (ip->i_size < newsize) { 218 ip->i_size = newsize; 219 /* 220 * tell vm our new size for the case the inode won't 221 * appear later. 222 */ 223 uvm_vnp_setsize(vp, newsize); 224 } 225 } 226 227 lfs_update_single(fs, NULL, vp, lbn, ndaddr, size); 228 229 LFS_SEGENTRY(sup, fs, lfs_dtosn(fs, ndaddr), bp); 230 sup->su_nbytes += size; 231 LFS_WRITESEGENTRY(sup, fs, lfs_dtosn(fs, ndaddr), bp); 232 233 /* differences here should be due to UNWRITTEN indirect blocks. */ 234 KASSERT((lfs_lblkno(fs, ip->i_size) > ULFS_NDADDR && 235 ip->i_lfs_effnblks == lfs_dino_getblocks(fs, ip->i_din)) || 236 ip->i_lfs_effnblks >= lfs_dino_getblocks(fs, ip->i_din)); 237 238 #ifdef DEBUG 239 /* Now look again to make sure it worked */ 240 ulfs_bmaparray(vp, lbn, &odaddr, &a[0], &num, NULL, NULL); 241 for (i = num; i > 0; i--) { 242 if (!a[i].in_exists) 243 panic("update_meta: absent %d lv indirect block", i); 244 } 245 if (LFS_DBTOFSB(fs, odaddr) != ndaddr) 246 DLOG((DLOG_RF, "update_meta: failed setting ino %d lbn %" 247 PRId64 " to %" PRId64 "\n", ino, lbn, ndaddr)); 248 #endif /* DEBUG */ 249 vput(vp); 250 return 0; 251 } 252 253 /* 254 * Copy some the fields of the dinode as needed by update_inoblk(). 255 */ 256 static void 257 update_inoblk_copy_dinode(struct lfs *fs, 258 union lfs_dinode *dstu, const union lfs_dinode *srcu) 259 { 260 if (fs->lfs_is64) { 261 struct lfs64_dinode *dst = &dstu->u_64; 262 const struct lfs64_dinode *src = &srcu->u_64; 263 unsigned i; 264 265 /* 266 * Copy everything but the block pointers and di_blocks. 267 * XXX what about di_extb? 268 */ 269 dst->di_mode = src->di_mode; 270 dst->di_nlink = src->di_nlink; 271 dst->di_uid = src->di_uid; 272 dst->di_gid = src->di_gid; 273 dst->di_blksize = src->di_blksize; 274 dst->di_size = src->di_size; 275 dst->di_atime = src->di_atime; 276 dst->di_mtime = src->di_mtime; 277 dst->di_ctime = src->di_ctime; 278 dst->di_birthtime = src->di_birthtime; 279 dst->di_mtimensec = src->di_mtimensec; 280 dst->di_atimensec = src->di_atimensec; 281 dst->di_ctimensec = src->di_ctimensec; 282 dst->di_birthnsec = src->di_birthnsec; 283 dst->di_gen = src->di_gen; 284 dst->di_kernflags = src->di_kernflags; 285 dst->di_flags = src->di_flags; 286 dst->di_extsize = src->di_extsize; 287 dst->di_modrev = src->di_modrev; 288 dst->di_inumber = src->di_inumber; 289 for (i = 0; i < __arraycount(src->di_spare); i++) { 290 dst->di_spare[i] = src->di_spare[i]; 291 } 292 } else { 293 struct lfs32_dinode *dst = &dstu->u_32; 294 const struct lfs32_dinode *src = &srcu->u_32; 295 296 /* Get mode, link count, size, and times */ 297 memcpy(dst, src, offsetof(struct lfs32_dinode, di_db[0])); 298 299 /* Then the rest, except di_blocks */ 300 dst->di_flags = src->di_flags; 301 dst->di_gen = src->di_gen; 302 dst->di_uid = src->di_uid; 303 dst->di_gid = src->di_gid; 304 dst->di_modrev = src->di_modrev; 305 } 306 } 307 308 static int 309 update_inoblk(struct lfs *fs, daddr_t offset, kauth_cred_t cred, 310 struct lwp *l) 311 { 312 struct vnode *devvp, *vp; 313 struct inode *ip; 314 union lfs_dinode *dip; 315 struct buf *dbp, *ibp; 316 int error; 317 daddr_t daddr; 318 IFILE *ifp; 319 SEGUSE *sup; 320 unsigned i, num; 321 322 devvp = VTOI(fs->lfs_ivnode)->i_devvp; 323 324 /* 325 * Get the inode, update times and perms. 326 * DO NOT update disk blocks, we do that separately. 327 */ 328 error = bread(devvp, LFS_FSBTODB(fs, offset), lfs_sb_getibsize(fs), 329 0, &dbp); 330 if (error) { 331 DLOG((DLOG_RF, "update_inoblk: bread returned %d\n", error)); 332 return error; 333 } 334 num = LFS_INOPB(fs); 335 for (i = num; i-- > 0; ) { 336 dip = DINO_IN_BLOCK(fs, dbp->b_data, i); 337 if (lfs_dino_getinumber(fs, dip) > LFS_IFILE_INUM) { 338 error = lfs_rf_valloc(fs, lfs_dino_getinumber(fs, dip), 339 lfs_dino_getgen(fs, dip), 340 l, &vp); 341 if (error) { 342 DLOG((DLOG_RF, "update_inoblk: lfs_rf_valloc" 343 " returned %d\n", error)); 344 continue; 345 } 346 ip = VTOI(vp); 347 if (lfs_dino_getsize(fs, dip) != ip->i_size) 348 lfs_truncate(vp, lfs_dino_getsize(fs, dip), 0, 349 NOCRED); 350 update_inoblk_copy_dinode(fs, ip->i_din, dip); 351 352 ip->i_flags = lfs_dino_getflags(fs, dip); 353 ip->i_gen = lfs_dino_getgen(fs, dip); 354 ip->i_uid = lfs_dino_getuid(fs, dip); 355 ip->i_gid = lfs_dino_getgid(fs, dip); 356 357 ip->i_mode = lfs_dino_getmode(fs, dip); 358 ip->i_nlink = lfs_dino_getnlink(fs, dip); 359 ip->i_size = lfs_dino_getsize(fs, dip); 360 361 LFS_SET_UINO(ip, IN_CHANGE | IN_UPDATE); 362 363 /* Re-initialize to get type right */ 364 ulfs_vinit(vp->v_mount, lfs_specop_p, lfs_fifoop_p, 365 &vp); 366 vput(vp); 367 368 /* Record change in location */ 369 LFS_IENTRY(ifp, fs, lfs_dino_getinumber(fs, dip), ibp); 370 daddr = lfs_if_getdaddr(fs, ifp); 371 lfs_if_setdaddr(fs, ifp, LFS_DBTOFSB(fs, dbp->b_blkno)); 372 error = LFS_BWRITE_LOG(ibp); /* Ifile */ 373 /* And do segment accounting */ 374 if (lfs_dtosn(fs, daddr) != lfs_dtosn(fs, LFS_DBTOFSB(fs, dbp->b_blkno))) { 375 if (daddr > 0) { 376 LFS_SEGENTRY(sup, fs, lfs_dtosn(fs, daddr), 377 ibp); 378 sup->su_nbytes -= DINOSIZE(fs); 379 LFS_WRITESEGENTRY(sup, fs, 380 lfs_dtosn(fs, daddr), 381 ibp); 382 } 383 LFS_SEGENTRY(sup, fs, lfs_dtosn(fs, LFS_DBTOFSB(fs, dbp->b_blkno)), 384 ibp); 385 sup->su_nbytes += DINOSIZE(fs); 386 LFS_WRITESEGENTRY(sup, fs, 387 lfs_dtosn(fs, LFS_DBTOFSB(fs, dbp->b_blkno)), 388 ibp); 389 } 390 } 391 } 392 brelse(dbp, BC_AGE); 393 394 return 0; 395 } 396 397 #define CHECK_CKSUM 0x0001 /* Check the checksum to make sure it's valid */ 398 #define CHECK_UPDATE 0x0002 /* Update Ifile for new data blocks / inodes */ 399 400 static daddr_t 401 check_segsum(struct lfs *fs, daddr_t offset, u_int64_t nextserial, 402 kauth_cred_t cred, int flags, int *pseg_flags, struct lwp *l) 403 { 404 struct vnode *devvp; 405 struct buf *bp, *dbp; 406 int error, nblocks = 0, ninos, i, j; /* XXX: gcc */ 407 SEGSUM *ssp; 408 u_long *dp = NULL, *datap = NULL; /* XXX u_int32_t */ 409 daddr_t oldoffset; 410 IINFO *iip; 411 FINFO *fip; 412 SEGUSE *sup; 413 size_t size; 414 uint32_t datasum, foundsum; 415 416 devvp = VTOI(fs->lfs_ivnode)->i_devvp; 417 /* 418 * If the segment has a superblock and we're at the top 419 * of the segment, skip the superblock. 420 */ 421 if (lfs_sntod(fs, lfs_dtosn(fs, offset)) == offset) { 422 LFS_SEGENTRY(sup, fs, lfs_dtosn(fs, offset), bp); 423 if (sup->su_flags & SEGUSE_SUPERBLOCK) 424 offset += lfs_btofsb(fs, LFS_SBPAD); 425 brelse(bp, 0); 426 } 427 428 /* Read in the segment summary */ 429 error = bread(devvp, LFS_FSBTODB(fs, offset), lfs_sb_getsumsize(fs), 430 0, &bp); 431 if (error) 432 return -1; 433 434 /* Check summary checksum */ 435 ssp = (SEGSUM *)bp->b_data; 436 if (flags & CHECK_CKSUM) { 437 size_t sumstart; 438 439 sumstart = lfs_ss_getsumstart(fs); 440 if (lfs_ss_getsumsum(fs, ssp) != 441 cksum((char *)ssp + sumstart, 442 lfs_sb_getsumsize(fs) - sumstart)) { 443 DLOG((DLOG_RF, "Sumsum error at 0x%" PRIx64 "\n", offset)); 444 offset = -1; 445 goto err1; 446 } 447 if (lfs_ss_getnfinfo(fs, ssp) == 0 && 448 lfs_ss_getninos(fs, ssp) == 0) { 449 DLOG((DLOG_RF, "Empty pseg at 0x%" PRIx64 "\n", offset)); 450 offset = -1; 451 goto err1; 452 } 453 if (lfs_ss_getcreate(fs, ssp) < lfs_sb_gettstamp(fs)) { 454 DLOG((DLOG_RF, "Old data at 0x%" PRIx64 "\n", offset)); 455 offset = -1; 456 goto err1; 457 } 458 } 459 if (lfs_sb_getversion(fs) > 1) { 460 if (lfs_ss_getserial(fs, ssp) != nextserial) { 461 DLOG((DLOG_RF, "Unexpected serial number at 0x%" PRIx64 462 "\n", offset)); 463 offset = -1; 464 goto err1; 465 } 466 if (lfs_ss_getident(fs, ssp) != lfs_sb_getident(fs)) { 467 DLOG((DLOG_RF, "Incorrect fsid (0x%x vs 0x%x) at 0x%" 468 PRIx64 "\n", lfs_ss_getident(fs, ssp), 469 lfs_sb_getident(fs), offset)); 470 offset = -1; 471 goto err1; 472 } 473 } 474 if (pseg_flags) 475 *pseg_flags = lfs_ss_getflags(fs, ssp); 476 oldoffset = offset; 477 offset += lfs_btofsb(fs, lfs_sb_getsumsize(fs)); 478 479 ninos = howmany(lfs_ss_getninos(fs, ssp), LFS_INOPB(fs)); 480 iip = SEGSUM_IINFOSTART(fs, bp->b_data); 481 if (flags & CHECK_CKSUM) { 482 /* Count blocks */ 483 nblocks = 0; 484 fip = SEGSUM_FINFOBASE(fs, (SEGSUM *)bp->b_data); 485 for (i = 0; i < lfs_ss_getnfinfo(fs, ssp); ++i) { 486 nblocks += lfs_fi_getnblocks(fs, fip); 487 if (lfs_fi_getnblocks(fs, fip) <= 0) 488 break; 489 fip = NEXT_FINFO(fs, fip); 490 } 491 nblocks += ninos; 492 /* Create the sum array */ 493 datap = dp = malloc(nblocks * sizeof(u_long), 494 M_SEGMENT, M_WAITOK); 495 } 496 497 /* Handle individual blocks */ 498 fip = SEGSUM_FINFOBASE(fs, (SEGSUM *)bp->b_data); 499 for (i = 0; i < lfs_ss_getnfinfo(fs, ssp) || ninos; ++i) { 500 /* Inode block? */ 501 if (ninos && lfs_ii_getblock(fs, iip) == offset) { 502 if (flags & CHECK_CKSUM) { 503 /* Read in the head and add to the buffer */ 504 error = bread(devvp, LFS_FSBTODB(fs, offset), lfs_sb_getbsize(fs), 505 0, &dbp); 506 if (error) { 507 offset = -1; 508 goto err2; 509 } 510 /* XXX this can't be right, on-disk u_long? */ 511 (*dp++) = ((u_long *)(dbp->b_data))[0]; 512 brelse(dbp, BC_AGE); 513 } 514 if (flags & CHECK_UPDATE) { 515 if ((error = update_inoblk(fs, offset, cred, l)) 516 != 0) { 517 offset = -1; 518 goto err2; 519 } 520 } 521 offset += lfs_btofsb(fs, lfs_sb_getibsize(fs)); 522 iip = NEXTLOWER_IINFO(fs, iip); 523 --ninos; 524 --i; /* compensate for ++i in loop header */ 525 continue; 526 } 527 size = lfs_sb_getbsize(fs); 528 for (j = 0; j < lfs_fi_getnblocks(fs, fip); ++j) { 529 if (j == lfs_fi_getnblocks(fs, fip) - 1) 530 size = lfs_fi_getlastlength(fs, fip); 531 if (flags & CHECK_CKSUM) { 532 error = bread(devvp, LFS_FSBTODB(fs, offset), size, 533 0, &dbp); 534 if (error) { 535 offset = -1; 536 goto err2; 537 } 538 (*dp++) = ((u_long *)(dbp->b_data))[0]; 539 brelse(dbp, BC_AGE); 540 } 541 /* Account for and update any direct blocks */ 542 if ((flags & CHECK_UPDATE) && 543 lfs_fi_getino(fs, fip) > LFS_IFILE_INUM && 544 lfs_fi_getblock(fs, fip, j) >= 0) { 545 update_meta(fs, lfs_fi_getino(fs, fip), 546 lfs_fi_getversion(fs, fip), 547 lfs_fi_getblock(fs, fip, j), 548 offset, size, l); 549 } 550 offset += lfs_btofsb(fs, size); 551 } 552 fip = NEXT_FINFO(fs, fip); 553 } 554 /* Checksum the array, compare */ 555 datasum = lfs_ss_getdatasum(fs, ssp); 556 foundsum = cksum(datap, nblocks * sizeof(u_long)); 557 if ((flags & CHECK_CKSUM) && datasum != foundsum) { 558 DLOG((DLOG_RF, "Datasum error at 0x%" PRIx64 559 " (wanted %x got %x)\n", 560 offset, datasum, foundsum)); 561 offset = -1; 562 goto err2; 563 } 564 565 /* If we're at the end of the segment, move to the next */ 566 if (lfs_dtosn(fs, offset + lfs_btofsb(fs, lfs_sb_getsumsize(fs) + lfs_sb_getbsize(fs))) != 567 lfs_dtosn(fs, offset)) { 568 if (lfs_dtosn(fs, offset) == lfs_dtosn(fs, lfs_ss_getnext(fs, ssp))) { 569 offset = -1; 570 goto err2; 571 } 572 offset = lfs_ss_getnext(fs, ssp); 573 DLOG((DLOG_RF, "LFS roll forward: moving to offset 0x%" PRIx64 574 " -> segment %d\n", offset, lfs_dtosn(fs,offset))); 575 } 576 577 if (flags & CHECK_UPDATE) { 578 lfs_sb_subavail(fs, offset - oldoffset); 579 /* Don't clog the buffer queue */ 580 mutex_enter(&lfs_lock); 581 if (locked_queue_count > LFS_MAX_BUFS || 582 locked_queue_bytes > LFS_MAX_BYTES) { 583 lfs_flush(fs, SEGM_CKP, 0); 584 } 585 mutex_exit(&lfs_lock); 586 } 587 588 err2: 589 if (flags & CHECK_CKSUM) 590 free(datap, M_SEGMENT); 591 err1: 592 brelse(bp, BC_AGE); 593 594 /* XXX should we update the serial number even for bad psegs? */ 595 if ((flags & CHECK_UPDATE) && offset > 0 && lfs_sb_getversion(fs) > 1) 596 lfs_sb_setserial(fs, nextserial); 597 return offset; 598 } 599 600 void 601 lfs_roll_forward(struct lfs *fs, struct mount *mp, struct lwp *l) 602 { 603 int flags, dirty; 604 daddr_t offset, oldoffset, lastgoodpseg; 605 int sn, curseg, do_rollforward; 606 struct proc *p; 607 kauth_cred_t cred; 608 SEGUSE *sup; 609 struct buf *bp; 610 611 p = l ? l->l_proc : NULL; 612 cred = p ? p->p_cred : NOCRED; 613 614 /* 615 * Roll forward. 616 * 617 * We don't roll forward for v1 filesystems, because 618 * of the danger that the clock was turned back between the last 619 * checkpoint and crash. This would roll forward garbage. 620 * 621 * v2 filesystems don't have this problem because they use a 622 * monotonically increasing serial number instead of a timestamp. 623 */ 624 do_rollforward = (!(lfs_sb_getpflags(fs) & LFS_PF_CLEAN) && 625 lfs_do_rfw && lfs_sb_getversion(fs) > 1 && p != NULL); 626 if (do_rollforward) { 627 u_int64_t nextserial; 628 /* 629 * Phase I: Find the address of the last good partial 630 * segment that was written after the checkpoint. Mark 631 * the segments in question dirty, so they won't be 632 * reallocated. 633 */ 634 lastgoodpseg = oldoffset = offset = lfs_sb_getoffset(fs); 635 flags = 0x0; 636 DLOG((DLOG_RF, "LFS roll forward phase 1: start at offset 0x%" 637 PRIx64 "\n", offset)); 638 LFS_SEGENTRY(sup, fs, lfs_dtosn(fs, offset), bp); 639 if (!(sup->su_flags & SEGUSE_DIRTY)) 640 lfs_sb_subnclean(fs, 1); 641 sup->su_flags |= SEGUSE_DIRTY; 642 LFS_WRITESEGENTRY(sup, fs, lfs_dtosn(fs, offset), bp); 643 nextserial = lfs_sb_getserial(fs) + 1; 644 while ((offset = check_segsum(fs, offset, nextserial, 645 cred, CHECK_CKSUM, &flags, l)) > 0) { 646 nextserial++; 647 if (lfs_sntod(fs, oldoffset) != lfs_sntod(fs, offset)) { 648 LFS_SEGENTRY(sup, fs, lfs_dtosn(fs, oldoffset), 649 bp); 650 if (!(sup->su_flags & SEGUSE_DIRTY)) 651 lfs_sb_subnclean(fs, 1); 652 sup->su_flags |= SEGUSE_DIRTY; 653 LFS_WRITESEGENTRY(sup, fs, lfs_dtosn(fs, oldoffset), 654 bp); 655 } 656 657 DLOG((DLOG_RF, "LFS roll forward phase 1: offset=0x%" 658 PRIx64 "\n", offset)); 659 if (flags & SS_DIROP) { 660 DLOG((DLOG_RF, "lfs_mountfs: dirops at 0x%" 661 PRIx64 "\n", oldoffset)); 662 if (!(flags & SS_CONT)) { 663 DLOG((DLOG_RF, "lfs_mountfs: dirops end " 664 "at 0x%" PRIx64 "\n", oldoffset)); 665 } 666 } 667 if (!(flags & SS_CONT)) 668 lastgoodpseg = offset; 669 oldoffset = offset; 670 } 671 if (flags & SS_CONT) { 672 DLOG((DLOG_RF, "LFS roll forward: warning: incomplete " 673 "dirops discarded\n")); 674 } 675 DLOG((DLOG_RF, "LFS roll forward phase 1: completed: " 676 "lastgoodpseg=0x%" PRIx64 "\n", lastgoodpseg)); 677 oldoffset = lfs_sb_getoffset(fs); 678 if (lfs_sb_getoffset(fs) != lastgoodpseg) { 679 /* Don't overwrite what we're trying to preserve */ 680 offset = lfs_sb_getoffset(fs); 681 lfs_sb_setoffset(fs, lastgoodpseg); 682 lfs_sb_setcurseg(fs, lfs_sntod(fs, lfs_dtosn(fs, lfs_sb_getoffset(fs)))); 683 for (sn = curseg = lfs_dtosn(fs, lfs_sb_getcurseg(fs));;) { 684 sn = (sn + 1) % lfs_sb_getnseg(fs); 685 if (sn == curseg) 686 panic("lfs_mountfs: no clean segments"); 687 LFS_SEGENTRY(sup, fs, sn, bp); 688 dirty = (sup->su_flags & SEGUSE_DIRTY); 689 brelse(bp, 0); 690 if (!dirty) 691 break; 692 } 693 lfs_sb_setnextseg(fs, lfs_sntod(fs, sn)); 694 695 /* 696 * Phase II: Roll forward from the first superblock. 697 */ 698 while (offset != lastgoodpseg) { 699 DLOG((DLOG_RF, "LFS roll forward phase 2: 0x%" 700 PRIx64 "\n", offset)); 701 offset = check_segsum(fs, offset, 702 lfs_sb_getserial(fs) + 1, cred, CHECK_UPDATE, 703 NULL, l); 704 } 705 706 /* 707 * Finish: flush our changes to disk. 708 */ 709 lfs_segwrite(mp, SEGM_CKP | SEGM_SYNC); 710 DLOG((DLOG_RF, "lfs_mountfs: roll forward ", 711 "recovered %jd blocks\n", 712 (intmax_t)(lastgoodpseg - oldoffset))); 713 } 714 DLOG((DLOG_RF, "LFS roll forward complete\n")); 715 } 716 } 717