journal.c revision f0131bdc6ff2b349e84e4767d9fe8b078a0ee521
1/* 2 * journal.c --- code for handling the "ext3" journal 3 * 4 * Copyright (C) 2000 Andreas Dilger 5 * Copyright (C) 2000 Theodore Ts'o 6 * 7 * Parts of the code are based on fs/jfs/journal.c by Stephen C. Tweedie 8 * Copyright (C) 1999 Red Hat Software 9 * 10 * This file may be redistributed under the terms of the 11 * GNU General Public License version 2 or at your discretion 12 * any later version. 13 */ 14 15#include "config.h" 16#ifdef HAVE_SYS_MOUNT_H 17#include <sys/param.h> 18#include <sys/mount.h> 19#define MNT_FL (MS_MGC_VAL | MS_RDONLY) 20#endif 21#ifdef HAVE_SYS_STAT_H 22#include <sys/stat.h> 23#endif 24 25#define E2FSCK_INCLUDE_INLINE_FUNCS 26#include "jfs_user.h" 27#include "problem.h" 28#include "uuid/uuid.h" 29 30#ifdef CONFIG_JBD_DEBUG /* Enabled by configure --enable-jfs-debug */ 31static int bh_count = 0; 32#endif 33 34/* 35 * Define USE_INODE_IO to use the inode_io.c / fileio.c codepaths. 36 * This creates a larger static binary, and a smaller binary using 37 * shared libraries. It's also probably slightly less CPU-efficient, 38 * which is why it's not on by default. But, it's a good way of 39 * testing the functions in inode_io.c and fileio.c. 40 */ 41#undef USE_INODE_IO 42 43/* Kernel compatibility functions for handling the journal. These allow us 44 * to use the recovery.c file virtually unchanged from the kernel, so we 45 * don't have to do much to keep kernel and user recovery in sync. 46 */ 47int journal_bmap(journal_t *journal, blk64_t block, unsigned long long *phys) 48{ 49#ifdef USE_INODE_IO 50 *phys = block; 51 return 0; 52#else 53 struct inode *inode = journal->j_inode; 54 errcode_t retval; 55 blk64_t pblk; 56 57 if (!inode) { 58 *phys = block; 59 return 0; 60 } 61 62 retval= ext2fs_bmap2(inode->i_ctx->fs, inode->i_ino, 63 &inode->i_ext2, NULL, 0, block, 0, &pblk); 64 *phys = pblk; 65 return (int) retval; 66#endif 67} 68 69struct buffer_head *getblk(kdev_t kdev, blk64_t blocknr, int blocksize) 70{ 71 struct buffer_head *bh; 72 int bufsize = sizeof(*bh) + kdev->k_ctx->fs->blocksize - 73 sizeof(bh->b_data); 74 75 bh = e2fsck_allocate_memory(kdev->k_ctx, bufsize, "block buffer"); 76 if (!bh) 77 return NULL; 78 79#ifdef CONFIG_JBD_DEBUG 80 if (journal_enable_debug >= 3) 81 bh_count++; 82#endif 83 jfs_debug(4, "getblk for block %llu (%d bytes)(total %d)\n", 84 (unsigned long long) blocknr, blocksize, bh_count); 85 86 bh->b_ctx = kdev->k_ctx; 87 if (kdev->k_dev == K_DEV_FS) 88 bh->b_io = kdev->k_ctx->fs->io; 89 else 90 bh->b_io = kdev->k_ctx->journal_io; 91 bh->b_size = blocksize; 92 bh->b_blocknr = blocknr; 93 94 return bh; 95} 96 97void sync_blockdev(kdev_t kdev) 98{ 99 io_channel io; 100 101 if (kdev->k_dev == K_DEV_FS) 102 io = kdev->k_ctx->fs->io; 103 else 104 io = kdev->k_ctx->journal_io; 105 106 io_channel_flush(io); 107} 108 109void ll_rw_block(int rw, int nr, struct buffer_head *bhp[]) 110{ 111 errcode_t retval; 112 struct buffer_head *bh; 113 114 for (; nr > 0; --nr) { 115 bh = *bhp++; 116 if (rw == READ && !bh->b_uptodate) { 117 jfs_debug(3, "reading block %llu/%p\n", 118 bh->b_blocknr, (void *) bh); 119 retval = io_channel_read_blk64(bh->b_io, 120 bh->b_blocknr, 121 1, bh->b_data); 122 if (retval) { 123 com_err(bh->b_ctx->device_name, retval, 124 "while reading block %llu\n", 125 bh->b_blocknr); 126 bh->b_err = (int) retval; 127 continue; 128 } 129 bh->b_uptodate = 1; 130 } else if (rw == WRITE && bh->b_dirty) { 131 jfs_debug(3, "writing block %llu/%p\n", 132 bh->b_blocknr, 133 (void *) bh); 134 retval = io_channel_write_blk64(bh->b_io, 135 bh->b_blocknr, 136 1, bh->b_data); 137 if (retval) { 138 com_err(bh->b_ctx->device_name, retval, 139 "while writing block %llu\n", 140 bh->b_blocknr); 141 bh->b_err = (int) retval; 142 continue; 143 } 144 bh->b_dirty = 0; 145 bh->b_uptodate = 1; 146 } else { 147 jfs_debug(3, "no-op %s for block %llu\n", 148 rw == READ ? "read" : "write", 149 bh->b_blocknr); 150 } 151 } 152} 153 154void mark_buffer_dirty(struct buffer_head *bh) 155{ 156 bh->b_dirty = 1; 157} 158 159static void mark_buffer_clean(struct buffer_head * bh) 160{ 161 bh->b_dirty = 0; 162} 163 164void brelse(struct buffer_head *bh) 165{ 166 if (bh->b_dirty) 167 ll_rw_block(WRITE, 1, &bh); 168 jfs_debug(3, "freeing block %llu/%p (total %d)\n", 169 bh->b_blocknr, (void *) bh, --bh_count); 170 ext2fs_free_mem(&bh); 171} 172 173int buffer_uptodate(struct buffer_head *bh) 174{ 175 return bh->b_uptodate; 176} 177 178void mark_buffer_uptodate(struct buffer_head *bh, int val) 179{ 180 bh->b_uptodate = val; 181} 182 183void wait_on_buffer(struct buffer_head *bh) 184{ 185 if (!bh->b_uptodate) 186 ll_rw_block(READ, 1, &bh); 187} 188 189 190static void e2fsck_clear_recover(e2fsck_t ctx, int error) 191{ 192 ctx->fs->super->s_feature_incompat &= ~EXT3_FEATURE_INCOMPAT_RECOVER; 193 194 /* if we had an error doing journal recovery, we need a full fsck */ 195 if (error) 196 ctx->fs->super->s_state &= ~EXT2_VALID_FS; 197 ext2fs_mark_super_dirty(ctx->fs); 198} 199 200/* 201 * This is a helper function to check the validity of the journal. 202 */ 203struct process_block_struct { 204 e2_blkcnt_t last_block; 205}; 206 207static int process_journal_block(ext2_filsys fs, 208 blk64_t *block_nr, 209 e2_blkcnt_t blockcnt, 210 blk64_t ref_block EXT2FS_ATTR((unused)), 211 int ref_offset EXT2FS_ATTR((unused)), 212 void *priv_data) 213{ 214 struct process_block_struct *p; 215 blk64_t blk = *block_nr; 216 217 p = (struct process_block_struct *) priv_data; 218 219 if (!blk || blk < fs->super->s_first_data_block || 220 blk >= ext2fs_blocks_count(fs->super)) 221 return BLOCK_ABORT; 222 223 if (blockcnt >= 0) 224 p->last_block = blockcnt; 225 return 0; 226} 227 228static errcode_t e2fsck_get_journal(e2fsck_t ctx, journal_t **ret_journal) 229{ 230 struct process_block_struct pb; 231 struct ext2_super_block *sb = ctx->fs->super; 232 struct ext2_super_block jsuper; 233 struct problem_context pctx; 234 struct buffer_head *bh; 235 struct inode *j_inode = NULL; 236 struct kdev_s *dev_fs = NULL, *dev_journal; 237 const char *journal_name = 0; 238 journal_t *journal = NULL; 239 errcode_t retval = 0; 240 io_manager io_ptr = 0; 241 unsigned long long start = 0; 242 int ext_journal = 0; 243 int tried_backup_jnl = 0; 244 245 clear_problem_context(&pctx); 246 247 journal = e2fsck_allocate_memory(ctx, sizeof(journal_t), "journal"); 248 if (!journal) { 249 return EXT2_ET_NO_MEMORY; 250 } 251 252 dev_fs = e2fsck_allocate_memory(ctx, 2*sizeof(struct kdev_s), "kdev"); 253 if (!dev_fs) { 254 retval = EXT2_ET_NO_MEMORY; 255 goto errout; 256 } 257 dev_journal = dev_fs+1; 258 259 dev_fs->k_ctx = dev_journal->k_ctx = ctx; 260 dev_fs->k_dev = K_DEV_FS; 261 dev_journal->k_dev = K_DEV_JOURNAL; 262 263 journal->j_dev = dev_journal; 264 journal->j_fs_dev = dev_fs; 265 journal->j_inode = NULL; 266 journal->j_blocksize = ctx->fs->blocksize; 267 268 if (uuid_is_null(sb->s_journal_uuid)) { 269 if (!sb->s_journal_inum) { 270 retval = EXT2_ET_BAD_INODE_NUM; 271 goto errout; 272 } 273 j_inode = e2fsck_allocate_memory(ctx, sizeof(*j_inode), 274 "journal inode"); 275 if (!j_inode) { 276 retval = EXT2_ET_NO_MEMORY; 277 goto errout; 278 } 279 280 j_inode->i_ctx = ctx; 281 j_inode->i_ino = sb->s_journal_inum; 282 283 if ((retval = ext2fs_read_inode(ctx->fs, 284 sb->s_journal_inum, 285 &j_inode->i_ext2))) { 286 try_backup_journal: 287 if (sb->s_jnl_backup_type != EXT3_JNL_BACKUP_BLOCKS || 288 tried_backup_jnl) 289 goto errout; 290 memset(&j_inode->i_ext2, 0, sizeof(struct ext2_inode)); 291 memcpy(&j_inode->i_ext2.i_block[0], sb->s_jnl_blocks, 292 EXT2_N_BLOCKS*4); 293 j_inode->i_ext2.i_size_high = sb->s_jnl_blocks[15]; 294 j_inode->i_ext2.i_size = sb->s_jnl_blocks[16]; 295 j_inode->i_ext2.i_links_count = 1; 296 j_inode->i_ext2.i_mode = LINUX_S_IFREG | 0600; 297 e2fsck_use_inode_shortcuts(ctx, 1); 298 ctx->stashed_ino = j_inode->i_ino; 299 ctx->stashed_inode = &j_inode->i_ext2; 300 tried_backup_jnl++; 301 } 302 if (!j_inode->i_ext2.i_links_count || 303 !LINUX_S_ISREG(j_inode->i_ext2.i_mode)) { 304 retval = EXT2_ET_NO_JOURNAL; 305 goto try_backup_journal; 306 } 307 if (EXT2_I_SIZE(&j_inode->i_ext2) / journal->j_blocksize < 308 JFS_MIN_JOURNAL_BLOCKS) { 309 retval = EXT2_ET_JOURNAL_TOO_SMALL; 310 goto try_backup_journal; 311 } 312 pb.last_block = -1; 313 retval = ext2fs_block_iterate3(ctx->fs, j_inode->i_ino, 314 BLOCK_FLAG_HOLE, 0, 315 process_journal_block, &pb); 316 if ((pb.last_block + 1) * ctx->fs->blocksize < 317 (int) EXT2_I_SIZE(&j_inode->i_ext2)) { 318 retval = EXT2_ET_JOURNAL_TOO_SMALL; 319 goto try_backup_journal; 320 } 321 if (tried_backup_jnl && !(ctx->options & E2F_OPT_READONLY)) { 322 retval = ext2fs_write_inode(ctx->fs, sb->s_journal_inum, 323 &j_inode->i_ext2); 324 if (retval) 325 goto errout; 326 } 327 328 journal->j_maxlen = EXT2_I_SIZE(&j_inode->i_ext2) / 329 journal->j_blocksize; 330 331#ifdef USE_INODE_IO 332 retval = ext2fs_inode_io_intern2(ctx->fs, sb->s_journal_inum, 333 &j_inode->i_ext2, 334 &journal_name); 335 if (retval) 336 goto errout; 337 338 io_ptr = inode_io_manager; 339#else 340 journal->j_inode = j_inode; 341 ctx->journal_io = ctx->fs->io; 342 if ((retval = (errcode_t) journal_bmap(journal, 0, &start)) != 0) 343 goto errout; 344#endif 345 } else { 346 ext_journal = 1; 347 if (!ctx->journal_name) { 348 char uuid[37]; 349 350 uuid_unparse(sb->s_journal_uuid, uuid); 351 ctx->journal_name = blkid_get_devname(ctx->blkid, 352 "UUID", uuid); 353 if (!ctx->journal_name) 354 ctx->journal_name = blkid_devno_to_devname(sb->s_journal_dev); 355 } 356 journal_name = ctx->journal_name; 357 358 if (!journal_name) { 359 fix_problem(ctx, PR_0_CANT_FIND_JOURNAL, &pctx); 360 retval = EXT2_ET_LOAD_EXT_JOURNAL; 361 goto errout; 362 } 363 364 jfs_debug(1, "Using journal file %s\n", journal_name); 365 io_ptr = unix_io_manager; 366 } 367 368#if 0 369 test_io_backing_manager = io_ptr; 370 io_ptr = test_io_manager; 371#endif 372#ifndef USE_INODE_IO 373 if (ext_journal) 374#endif 375 { 376 int flags = IO_FLAG_RW; 377 if (!(ctx->mount_flags & EXT2_MF_ISROOT && 378 ctx->mount_flags & EXT2_MF_READONLY)) 379 flags |= IO_FLAG_EXCLUSIVE; 380 if ((ctx->mount_flags & EXT2_MF_READONLY) && 381 (ctx->options & E2F_OPT_FORCE)) 382 flags &= ~IO_FLAG_EXCLUSIVE; 383 384 385 retval = io_ptr->open(journal_name, flags, 386 &ctx->journal_io); 387 } 388 if (retval) 389 goto errout; 390 391 io_channel_set_blksize(ctx->journal_io, ctx->fs->blocksize); 392 393 if (ext_journal) { 394 blk64_t maxlen; 395 396 if (ctx->fs->blocksize == 1024) 397 start = 1; 398 bh = getblk(dev_journal, start, ctx->fs->blocksize); 399 if (!bh) { 400 retval = EXT2_ET_NO_MEMORY; 401 goto errout; 402 } 403 ll_rw_block(READ, 1, &bh); 404 if ((retval = bh->b_err) != 0) { 405 brelse(bh); 406 goto errout; 407 } 408 memcpy(&jsuper, start ? bh->b_data : bh->b_data + 1024, 409 sizeof(jsuper)); 410 brelse(bh); 411#ifdef WORDS_BIGENDIAN 412 if (jsuper.s_magic == ext2fs_swab16(EXT2_SUPER_MAGIC)) 413 ext2fs_swap_super(&jsuper); 414#endif 415 if (jsuper.s_magic != EXT2_SUPER_MAGIC || 416 !(jsuper.s_feature_incompat & EXT3_FEATURE_INCOMPAT_JOURNAL_DEV)) { 417 fix_problem(ctx, PR_0_EXT_JOURNAL_BAD_SUPER, &pctx); 418 retval = EXT2_ET_LOAD_EXT_JOURNAL; 419 goto errout; 420 } 421 /* Make sure the journal UUID is correct */ 422 if (memcmp(jsuper.s_uuid, ctx->fs->super->s_journal_uuid, 423 sizeof(jsuper.s_uuid))) { 424 fix_problem(ctx, PR_0_JOURNAL_BAD_UUID, &pctx); 425 retval = EXT2_ET_LOAD_EXT_JOURNAL; 426 goto errout; 427 } 428 429 maxlen = ext2fs_blocks_count(&jsuper); 430 journal->j_maxlen = (maxlen < 1ULL << 32) ? maxlen : (1ULL << 32) - 1; 431 start++; 432 } 433 434 if (!(bh = getblk(dev_journal, start, journal->j_blocksize))) { 435 retval = EXT2_ET_NO_MEMORY; 436 goto errout; 437 } 438 439 journal->j_sb_buffer = bh; 440 journal->j_superblock = (journal_superblock_t *)bh->b_data; 441 442#ifdef USE_INODE_IO 443 if (j_inode) 444 ext2fs_free_mem(&j_inode); 445#endif 446 447 *ret_journal = journal; 448 e2fsck_use_inode_shortcuts(ctx, 0); 449 return 0; 450 451errout: 452 e2fsck_use_inode_shortcuts(ctx, 0); 453 if (dev_fs) 454 ext2fs_free_mem(&dev_fs); 455 if (j_inode) 456 ext2fs_free_mem(&j_inode); 457 if (journal) 458 ext2fs_free_mem(&journal); 459 return retval; 460} 461 462static errcode_t e2fsck_journal_fix_bad_inode(e2fsck_t ctx, 463 struct problem_context *pctx) 464{ 465 struct ext2_super_block *sb = ctx->fs->super; 466 int recover = ctx->fs->super->s_feature_incompat & 467 EXT3_FEATURE_INCOMPAT_RECOVER; 468 int has_journal = ctx->fs->super->s_feature_compat & 469 EXT3_FEATURE_COMPAT_HAS_JOURNAL; 470 471 if (has_journal || sb->s_journal_inum) { 472 /* The journal inode is bogus, remove and force full fsck */ 473 pctx->ino = sb->s_journal_inum; 474 if (fix_problem(ctx, PR_0_JOURNAL_BAD_INODE, pctx)) { 475 if (has_journal && sb->s_journal_inum) 476 printf("*** ext3 journal has been deleted - " 477 "filesystem is now ext2 only ***\n\n"); 478 sb->s_feature_compat &= ~EXT3_FEATURE_COMPAT_HAS_JOURNAL; 479 sb->s_journal_inum = 0; 480 ctx->flags |= E2F_FLAG_JOURNAL_INODE; 481 ctx->fs->flags &= ~EXT2_FLAG_MASTER_SB_ONLY; 482 e2fsck_clear_recover(ctx, 1); 483 return 0; 484 } 485 return EXT2_ET_BAD_INODE_NUM; 486 } else if (recover) { 487 if (fix_problem(ctx, PR_0_JOURNAL_RECOVER_SET, pctx)) { 488 e2fsck_clear_recover(ctx, 1); 489 return 0; 490 } 491 return EXT2_ET_UNSUPP_FEATURE; 492 } 493 return 0; 494} 495 496#define V1_SB_SIZE 0x0024 497static void clear_v2_journal_fields(journal_t *journal) 498{ 499 e2fsck_t ctx = journal->j_dev->k_ctx; 500 struct problem_context pctx; 501 502 clear_problem_context(&pctx); 503 504 if (!fix_problem(ctx, PR_0_CLEAR_V2_JOURNAL, &pctx)) 505 return; 506 507 memset(((char *) journal->j_superblock) + V1_SB_SIZE, 0, 508 ctx->fs->blocksize-V1_SB_SIZE); 509 mark_buffer_dirty(journal->j_sb_buffer); 510} 511 512 513static errcode_t e2fsck_journal_load(journal_t *journal) 514{ 515 e2fsck_t ctx = journal->j_dev->k_ctx; 516 journal_superblock_t *jsb; 517 struct buffer_head *jbh = journal->j_sb_buffer; 518 struct problem_context pctx; 519 520 clear_problem_context(&pctx); 521 522 ll_rw_block(READ, 1, &jbh); 523 if (jbh->b_err) { 524 com_err(ctx->device_name, jbh->b_err, 525 _("reading journal superblock\n")); 526 return jbh->b_err; 527 } 528 529 jsb = journal->j_superblock; 530 /* If we don't even have JFS_MAGIC, we probably have a wrong inode */ 531 if (jsb->s_header.h_magic != htonl(JFS_MAGIC_NUMBER)) 532 return e2fsck_journal_fix_bad_inode(ctx, &pctx); 533 534 switch (ntohl(jsb->s_header.h_blocktype)) { 535 case JFS_SUPERBLOCK_V1: 536 journal->j_format_version = 1; 537 if (jsb->s_feature_compat || 538 jsb->s_feature_incompat || 539 jsb->s_feature_ro_compat || 540 jsb->s_nr_users) 541 clear_v2_journal_fields(journal); 542 break; 543 544 case JFS_SUPERBLOCK_V2: 545 journal->j_format_version = 2; 546 if (ntohl(jsb->s_nr_users) > 1 && 547 uuid_is_null(ctx->fs->super->s_journal_uuid)) 548 clear_v2_journal_fields(journal); 549 if (ntohl(jsb->s_nr_users) > 1) { 550 fix_problem(ctx, PR_0_JOURNAL_UNSUPP_MULTIFS, &pctx); 551 return EXT2_ET_JOURNAL_UNSUPP_VERSION; 552 } 553 break; 554 555 /* 556 * These should never appear in a journal super block, so if 557 * they do, the journal is badly corrupted. 558 */ 559 case JFS_DESCRIPTOR_BLOCK: 560 case JFS_COMMIT_BLOCK: 561 case JFS_REVOKE_BLOCK: 562 return EXT2_ET_CORRUPT_SUPERBLOCK; 563 564 /* If we don't understand the superblock major type, but there 565 * is a magic number, then it is likely to be a new format we 566 * just don't understand, so leave it alone. */ 567 default: 568 return EXT2_ET_JOURNAL_UNSUPP_VERSION; 569 } 570 571 if (JFS_HAS_INCOMPAT_FEATURE(journal, ~JFS_KNOWN_INCOMPAT_FEATURES)) 572 return EXT2_ET_UNSUPP_FEATURE; 573 574 if (JFS_HAS_RO_COMPAT_FEATURE(journal, ~JFS_KNOWN_ROCOMPAT_FEATURES)) 575 return EXT2_ET_RO_UNSUPP_FEATURE; 576 577 /* We have now checked whether we know enough about the journal 578 * format to be able to proceed safely, so any other checks that 579 * fail we should attempt to recover from. */ 580 if (jsb->s_blocksize != htonl(journal->j_blocksize)) { 581 com_err(ctx->program_name, EXT2_ET_CORRUPT_SUPERBLOCK, 582 _("%s: no valid journal superblock found\n"), 583 ctx->device_name); 584 return EXT2_ET_CORRUPT_SUPERBLOCK; 585 } 586 587 if (ntohl(jsb->s_maxlen) < journal->j_maxlen) 588 journal->j_maxlen = ntohl(jsb->s_maxlen); 589 else if (ntohl(jsb->s_maxlen) > journal->j_maxlen) { 590 com_err(ctx->program_name, EXT2_ET_CORRUPT_SUPERBLOCK, 591 _("%s: journal too short\n"), 592 ctx->device_name); 593 return EXT2_ET_CORRUPT_SUPERBLOCK; 594 } 595 596 journal->j_tail_sequence = ntohl(jsb->s_sequence); 597 journal->j_transaction_sequence = journal->j_tail_sequence; 598 journal->j_tail = ntohl(jsb->s_start); 599 journal->j_first = ntohl(jsb->s_first); 600 journal->j_last = ntohl(jsb->s_maxlen); 601 602 return 0; 603} 604 605static void e2fsck_journal_reset_super(e2fsck_t ctx, journal_superblock_t *jsb, 606 journal_t *journal) 607{ 608 char *p; 609 union { 610 uuid_t uuid; 611 __u32 val[4]; 612 } u; 613 __u32 new_seq = 0; 614 int i; 615 616 /* Leave a valid existing V1 superblock signature alone. 617 * Anything unrecognisable we overwrite with a new V2 618 * signature. */ 619 620 if (jsb->s_header.h_magic != htonl(JFS_MAGIC_NUMBER) || 621 jsb->s_header.h_blocktype != htonl(JFS_SUPERBLOCK_V1)) { 622 jsb->s_header.h_magic = htonl(JFS_MAGIC_NUMBER); 623 jsb->s_header.h_blocktype = htonl(JFS_SUPERBLOCK_V2); 624 } 625 626 /* Zero out everything else beyond the superblock header */ 627 628 p = ((char *) jsb) + sizeof(journal_header_t); 629 memset (p, 0, ctx->fs->blocksize-sizeof(journal_header_t)); 630 631 jsb->s_blocksize = htonl(ctx->fs->blocksize); 632 jsb->s_maxlen = htonl(journal->j_maxlen); 633 jsb->s_first = htonl(1); 634 635 /* Initialize the journal sequence number so that there is "no" 636 * chance we will find old "valid" transactions in the journal. 637 * This avoids the need to zero the whole journal (slow to do, 638 * and risky when we are just recovering the filesystem). 639 */ 640 uuid_generate(u.uuid); 641 for (i = 0; i < 4; i ++) 642 new_seq ^= u.val[i]; 643 jsb->s_sequence = htonl(new_seq); 644 645 mark_buffer_dirty(journal->j_sb_buffer); 646 ll_rw_block(WRITE, 1, &journal->j_sb_buffer); 647} 648 649static errcode_t e2fsck_journal_fix_corrupt_super(e2fsck_t ctx, 650 journal_t *journal, 651 struct problem_context *pctx) 652{ 653 struct ext2_super_block *sb = ctx->fs->super; 654 int recover = ctx->fs->super->s_feature_incompat & 655 EXT3_FEATURE_INCOMPAT_RECOVER; 656 657 if (sb->s_feature_compat & EXT3_FEATURE_COMPAT_HAS_JOURNAL) { 658 if (fix_problem(ctx, PR_0_JOURNAL_BAD_SUPER, pctx)) { 659 e2fsck_journal_reset_super(ctx, journal->j_superblock, 660 journal); 661 journal->j_transaction_sequence = 1; 662 e2fsck_clear_recover(ctx, recover); 663 return 0; 664 } 665 return EXT2_ET_CORRUPT_SUPERBLOCK; 666 } else if (e2fsck_journal_fix_bad_inode(ctx, pctx)) 667 return EXT2_ET_CORRUPT_SUPERBLOCK; 668 669 return 0; 670} 671 672static void e2fsck_journal_release(e2fsck_t ctx, journal_t *journal, 673 int reset, int drop) 674{ 675 journal_superblock_t *jsb; 676 677 if (drop) 678 mark_buffer_clean(journal->j_sb_buffer); 679 else if (!(ctx->options & E2F_OPT_READONLY)) { 680 jsb = journal->j_superblock; 681 jsb->s_sequence = htonl(journal->j_transaction_sequence); 682 if (reset) 683 jsb->s_start = 0; /* this marks the journal as empty */ 684 mark_buffer_dirty(journal->j_sb_buffer); 685 } 686 brelse(journal->j_sb_buffer); 687 688 if (ctx->journal_io) { 689 if (ctx->fs && ctx->fs->io != ctx->journal_io) 690 io_channel_close(ctx->journal_io); 691 ctx->journal_io = 0; 692 } 693 694#ifndef USE_INODE_IO 695 if (journal->j_inode) 696 ext2fs_free_mem(&journal->j_inode); 697#endif 698 if (journal->j_fs_dev) 699 ext2fs_free_mem(&journal->j_fs_dev); 700 ext2fs_free_mem(&journal); 701} 702 703/* 704 * This function makes sure that the superblock fields regarding the 705 * journal are consistent. 706 */ 707errcode_t e2fsck_check_ext3_journal(e2fsck_t ctx) 708{ 709 struct ext2_super_block *sb = ctx->fs->super; 710 journal_t *journal; 711 int recover = ctx->fs->super->s_feature_incompat & 712 EXT3_FEATURE_INCOMPAT_RECOVER; 713 struct problem_context pctx; 714 problem_t problem; 715 int reset = 0, force_fsck = 0; 716 errcode_t retval; 717 718 /* If we don't have any journal features, don't do anything more */ 719 if (!(sb->s_feature_compat & EXT3_FEATURE_COMPAT_HAS_JOURNAL) && 720 !recover && sb->s_journal_inum == 0 && sb->s_journal_dev == 0 && 721 uuid_is_null(sb->s_journal_uuid)) 722 return 0; 723 724 clear_problem_context(&pctx); 725 pctx.num = sb->s_journal_inum; 726 727 retval = e2fsck_get_journal(ctx, &journal); 728 if (retval) { 729 if ((retval == EXT2_ET_BAD_INODE_NUM) || 730 (retval == EXT2_ET_BAD_BLOCK_NUM) || 731 (retval == EXT2_ET_JOURNAL_TOO_SMALL) || 732 (retval == EXT2_ET_NO_JOURNAL)) 733 return e2fsck_journal_fix_bad_inode(ctx, &pctx); 734 return retval; 735 } 736 737 retval = e2fsck_journal_load(journal); 738 if (retval) { 739 if ((retval == EXT2_ET_CORRUPT_SUPERBLOCK) || 740 ((retval == EXT2_ET_UNSUPP_FEATURE) && 741 (!fix_problem(ctx, PR_0_JOURNAL_UNSUPP_INCOMPAT, 742 &pctx))) || 743 ((retval == EXT2_ET_RO_UNSUPP_FEATURE) && 744 (!fix_problem(ctx, PR_0_JOURNAL_UNSUPP_ROCOMPAT, 745 &pctx))) || 746 ((retval == EXT2_ET_JOURNAL_UNSUPP_VERSION) && 747 (!fix_problem(ctx, PR_0_JOURNAL_UNSUPP_VERSION, &pctx)))) 748 retval = e2fsck_journal_fix_corrupt_super(ctx, journal, 749 &pctx); 750 e2fsck_journal_release(ctx, journal, 0, 1); 751 return retval; 752 } 753 754 /* 755 * We want to make the flags consistent here. We will not leave with 756 * needs_recovery set but has_journal clear. We can't get in a loop 757 * with -y, -n, or -p, only if a user isn't making up their mind. 758 */ 759no_has_journal: 760 if (!(sb->s_feature_compat & EXT3_FEATURE_COMPAT_HAS_JOURNAL)) { 761 recover = sb->s_feature_incompat & EXT3_FEATURE_INCOMPAT_RECOVER; 762 pctx.str = "inode"; 763 if (fix_problem(ctx, PR_0_JOURNAL_HAS_JOURNAL, &pctx)) { 764 if (recover && 765 !fix_problem(ctx, PR_0_JOURNAL_RECOVER_SET, &pctx)) 766 goto no_has_journal; 767 /* 768 * Need a full fsck if we are releasing a 769 * journal stored on a reserved inode. 770 */ 771 force_fsck = recover || 772 (sb->s_journal_inum < EXT2_FIRST_INODE(sb)); 773 /* Clear all of the journal fields */ 774 sb->s_journal_inum = 0; 775 sb->s_journal_dev = 0; 776 memset(sb->s_journal_uuid, 0, 777 sizeof(sb->s_journal_uuid)); 778 e2fsck_clear_recover(ctx, force_fsck); 779 } else if (!(ctx->options & E2F_OPT_READONLY)) { 780 sb->s_feature_compat |= EXT3_FEATURE_COMPAT_HAS_JOURNAL; 781 ctx->fs->flags &= ~EXT2_FLAG_MASTER_SB_ONLY; 782 ext2fs_mark_super_dirty(ctx->fs); 783 } 784 } 785 786 if (sb->s_feature_compat & EXT3_FEATURE_COMPAT_HAS_JOURNAL && 787 !(sb->s_feature_incompat & EXT3_FEATURE_INCOMPAT_RECOVER) && 788 journal->j_superblock->s_start != 0) { 789 /* Print status information */ 790 fix_problem(ctx, PR_0_JOURNAL_RECOVERY_CLEAR, &pctx); 791 if (ctx->superblock) 792 problem = PR_0_JOURNAL_RUN_DEFAULT; 793 else 794 problem = PR_0_JOURNAL_RUN; 795 if (fix_problem(ctx, problem, &pctx)) { 796 ctx->options |= E2F_OPT_FORCE; 797 sb->s_feature_incompat |= 798 EXT3_FEATURE_INCOMPAT_RECOVER; 799 ext2fs_mark_super_dirty(ctx->fs); 800 } else if (fix_problem(ctx, 801 PR_0_JOURNAL_RESET_JOURNAL, &pctx)) { 802 reset = 1; 803 sb->s_state &= ~EXT2_VALID_FS; 804 ext2fs_mark_super_dirty(ctx->fs); 805 } 806 /* 807 * If the user answers no to the above question, we 808 * ignore the fact that journal apparently has data; 809 * accidentally replaying over valid data would be far 810 * worse than skipping a questionable recovery. 811 * 812 * XXX should we abort with a fatal error here? What 813 * will the ext3 kernel code do if a filesystem with 814 * !NEEDS_RECOVERY but with a non-zero 815 * journal->j_superblock->s_start is mounted? 816 */ 817 } 818 819 /* 820 * If we don't need to do replay the journal, check to see if 821 * the journal's errno is set; if so, we need to mark the file 822 * system as being corrupt and clear the journal's s_errno. 823 */ 824 if (!(sb->s_feature_incompat & EXT3_FEATURE_INCOMPAT_RECOVER) && 825 journal->j_superblock->s_errno) { 826 ctx->fs->super->s_state |= EXT2_ERROR_FS; 827 ext2fs_mark_super_dirty(ctx->fs); 828 journal->j_superblock->s_errno = 0; 829 mark_buffer_dirty(journal->j_sb_buffer); 830 } 831 832 e2fsck_journal_release(ctx, journal, reset, 0); 833 return retval; 834} 835 836static errcode_t recover_ext3_journal(e2fsck_t ctx) 837{ 838 struct problem_context pctx; 839 journal_t *journal; 840 errcode_t retval; 841 842 clear_problem_context(&pctx); 843 844 journal_init_revoke_caches(); 845 retval = e2fsck_get_journal(ctx, &journal); 846 if (retval) 847 return retval; 848 849 retval = e2fsck_journal_load(journal); 850 if (retval) 851 goto errout; 852 853 retval = journal_init_revoke(journal, 1024); 854 if (retval) 855 goto errout; 856 857 retval = -journal_recover(journal); 858 if (retval) 859 goto errout; 860 861 if (journal->j_failed_commit) { 862 pctx.ino = journal->j_failed_commit; 863 fix_problem(ctx, PR_0_JNL_TXN_CORRUPT, &pctx); 864 journal->j_superblock->s_errno = -EINVAL; 865 mark_buffer_dirty(journal->j_sb_buffer); 866 } 867 868errout: 869 journal_destroy_revoke(journal); 870 journal_destroy_revoke_caches(); 871 e2fsck_journal_release(ctx, journal, 1, 0); 872 return retval; 873} 874 875errcode_t e2fsck_run_ext3_journal(e2fsck_t ctx) 876{ 877 io_manager io_ptr = ctx->fs->io->manager; 878 int blocksize = ctx->fs->blocksize; 879 errcode_t retval, recover_retval; 880 io_stats stats = 0; 881 unsigned long long kbytes_written = 0; 882 883 printf(_("%s: recovering journal\n"), ctx->device_name); 884 if (ctx->options & E2F_OPT_READONLY) { 885 printf(_("%s: won't do journal recovery while read-only\n"), 886 ctx->device_name); 887 return EXT2_ET_FILE_RO; 888 } 889 890 if (ctx->fs->flags & EXT2_FLAG_DIRTY) 891 ext2fs_flush(ctx->fs); /* Force out any modifications */ 892 893 recover_retval = recover_ext3_journal(ctx); 894 895 /* 896 * Reload the filesystem context to get up-to-date data from disk 897 * because journal recovery will change the filesystem under us. 898 */ 899 if (ctx->fs->super->s_kbytes_written && 900 ctx->fs->io->manager->get_stats) 901 ctx->fs->io->manager->get_stats(ctx->fs->io, &stats); 902 if (stats && stats->bytes_written) 903 kbytes_written = stats->bytes_written >> 10; 904 905 ext2fs_mmp_stop(ctx->fs); 906 ext2fs_free(ctx->fs); 907 retval = ext2fs_open(ctx->filesystem_name, EXT2_FLAG_RW, 908 ctx->superblock, blocksize, io_ptr, 909 &ctx->fs); 910 if (retval) { 911 com_err(ctx->program_name, retval, 912 _("while trying to re-open %s"), 913 ctx->device_name); 914 fatal_error(ctx, 0); 915 } 916 ctx->fs->priv_data = ctx; 917 ctx->fs->now = ctx->now; 918 ctx->fs->flags |= EXT2_FLAG_MASTER_SB_ONLY; 919 ctx->fs->super->s_kbytes_written += kbytes_written; 920 921 /* Set the superblock flags */ 922 e2fsck_clear_recover(ctx, recover_retval != 0); 923 924 /* 925 * Do one last sanity check, and propagate journal->s_errno to 926 * the EXT2_ERROR_FS flag in the fs superblock if needed. 927 */ 928 retval = e2fsck_check_ext3_journal(ctx); 929 return retval ? retval : recover_retval; 930} 931 932/* 933 * This function will move the journal inode from a visible file in 934 * the filesystem directory hierarchy to the reserved inode if necessary. 935 */ 936static const char * const journal_names[] = { 937 ".journal", "journal", ".journal.dat", "journal.dat", 0 }; 938 939void e2fsck_move_ext3_journal(e2fsck_t ctx) 940{ 941 struct ext2_super_block *sb = ctx->fs->super; 942 struct problem_context pctx; 943 struct ext2_inode inode; 944 ext2_filsys fs = ctx->fs; 945 ext2_ino_t ino; 946 errcode_t retval; 947 const char * const * cpp; 948 dgrp_t group; 949 int mount_flags; 950 951 clear_problem_context(&pctx); 952 953 /* 954 * If the filesystem is opened read-only, or there is no 955 * journal, then do nothing. 956 */ 957 if ((ctx->options & E2F_OPT_READONLY) || 958 (sb->s_journal_inum == 0) || 959 !(sb->s_feature_compat & EXT3_FEATURE_COMPAT_HAS_JOURNAL)) 960 return; 961 962 /* 963 * Read in the journal inode 964 */ 965 if (ext2fs_read_inode(fs, sb->s_journal_inum, &inode) != 0) 966 return; 967 968 /* 969 * If it's necessary to backup the journal inode, do so. 970 */ 971 if ((sb->s_jnl_backup_type == 0) || 972 ((sb->s_jnl_backup_type == EXT3_JNL_BACKUP_BLOCKS) && 973 memcmp(inode.i_block, sb->s_jnl_blocks, EXT2_N_BLOCKS*4))) { 974 if (fix_problem(ctx, PR_0_BACKUP_JNL, &pctx)) { 975 memcpy(sb->s_jnl_blocks, inode.i_block, 976 EXT2_N_BLOCKS*4); 977 sb->s_jnl_blocks[15] = inode.i_size_high; 978 sb->s_jnl_blocks[16] = inode.i_size; 979 sb->s_jnl_backup_type = EXT3_JNL_BACKUP_BLOCKS; 980 ext2fs_mark_super_dirty(fs); 981 fs->flags &= ~EXT2_FLAG_MASTER_SB_ONLY; 982 } 983 } 984 985 /* 986 * If the journal is already the hidden inode, then do nothing 987 */ 988 if (sb->s_journal_inum == EXT2_JOURNAL_INO) 989 return; 990 991 /* 992 * The journal inode had better have only one link and not be readable. 993 */ 994 if (inode.i_links_count != 1) 995 return; 996 997 /* 998 * If the filesystem is mounted, or we can't tell whether 999 * or not it's mounted, do nothing. 1000 */ 1001 retval = ext2fs_check_if_mounted(ctx->filesystem_name, &mount_flags); 1002 if (retval || (mount_flags & EXT2_MF_MOUNTED)) 1003 return; 1004 1005 /* 1006 * If we can't find the name of the journal inode, then do 1007 * nothing. 1008 */ 1009 for (cpp = journal_names; *cpp; cpp++) { 1010 retval = ext2fs_lookup(fs, EXT2_ROOT_INO, *cpp, 1011 strlen(*cpp), 0, &ino); 1012 if ((retval == 0) && (ino == sb->s_journal_inum)) 1013 break; 1014 } 1015 if (*cpp == 0) 1016 return; 1017 1018 /* We need the inode bitmap to be loaded */ 1019 retval = ext2fs_read_bitmaps(fs); 1020 if (retval) 1021 return; 1022 1023 pctx.str = *cpp; 1024 if (!fix_problem(ctx, PR_0_MOVE_JOURNAL, &pctx)) 1025 return; 1026 1027 /* 1028 * OK, we've done all the checks, let's actually move the 1029 * journal inode. Errors at this point mean we need to force 1030 * an ext2 filesystem check. 1031 */ 1032 if ((retval = ext2fs_unlink(fs, EXT2_ROOT_INO, *cpp, ino, 0)) != 0) 1033 goto err_out; 1034 if ((retval = ext2fs_write_inode(fs, EXT2_JOURNAL_INO, &inode)) != 0) 1035 goto err_out; 1036 sb->s_journal_inum = EXT2_JOURNAL_INO; 1037 ext2fs_mark_super_dirty(fs); 1038 fs->flags &= ~EXT2_FLAG_MASTER_SB_ONLY; 1039 inode.i_links_count = 0; 1040 inode.i_dtime = ctx->now; 1041 if ((retval = ext2fs_write_inode(fs, ino, &inode)) != 0) 1042 goto err_out; 1043 1044 group = ext2fs_group_of_ino(fs, ino); 1045 ext2fs_unmark_inode_bitmap2(fs->inode_map, ino); 1046 ext2fs_mark_ib_dirty(fs); 1047 ext2fs_bg_free_inodes_count_set(fs, group, ext2fs_bg_free_inodes_count(fs, group) + 1); 1048 ext2fs_group_desc_csum_set(fs, group); 1049 fs->super->s_free_inodes_count++; 1050 return; 1051 1052err_out: 1053 pctx.errcode = retval; 1054 fix_problem(ctx, PR_0_ERR_MOVE_JOURNAL, &pctx); 1055 fs->super->s_state &= ~EXT2_VALID_FS; 1056 ext2fs_mark_super_dirty(fs); 1057 return; 1058} 1059 1060/* 1061 * This function makes sure the superblock hint for the external 1062 * journal is correct. 1063 */ 1064int e2fsck_fix_ext3_journal_hint(e2fsck_t ctx) 1065{ 1066 struct ext2_super_block *sb = ctx->fs->super; 1067 struct problem_context pctx; 1068 char uuid[37], *journal_name; 1069 struct stat st; 1070 1071 if (!(sb->s_feature_compat & EXT3_FEATURE_COMPAT_HAS_JOURNAL) || 1072 uuid_is_null(sb->s_journal_uuid)) 1073 return 0; 1074 1075 uuid_unparse(sb->s_journal_uuid, uuid); 1076 journal_name = blkid_get_devname(ctx->blkid, "UUID", uuid); 1077 if (!journal_name) 1078 return 0; 1079 1080 if (stat(journal_name, &st) < 0) { 1081 free(journal_name); 1082 return 0; 1083 } 1084 1085 if (st.st_rdev != sb->s_journal_dev) { 1086 clear_problem_context(&pctx); 1087 pctx.num = st.st_rdev; 1088 if (fix_problem(ctx, PR_0_EXTERNAL_JOURNAL_HINT, &pctx)) { 1089 sb->s_journal_dev = st.st_rdev; 1090 ext2fs_mark_super_dirty(ctx->fs); 1091 } 1092 } 1093 1094 free(journal_name); 1095 return 0; 1096} 1097