Commit Graph

296 Commits

Author SHA1 Message Date
Fedor Uporov
2a984c2b49 Make encode/decode extra time functions inline.
Mentioned by:   pfg
MFC after:      2 weeks
2021-05-08 06:42:20 +03:00
Fedor Uporov
c40a160fd0 Make inode extra time fields updating logic more closer to linux.
Found using pjdfstest:
pjdfstest/tests/utimensat/09.t

Reviewed by:    pfg
MFC after:      2 weeks
Differential Revision:  https://reviews.freebsd.org/D29933
2021-05-07 10:46:55 +03:00
Fedor Uporov
b3f4665639 Invalidate inode extents cache on truncation.
It is needed to invalidate cache in case of inode space removal
to avoid situation, when extents cache returns not exist extent.

Reviewed by:    pfg
MFC after:      2 weeks
Differential Revision:  https://reviews.freebsd.org/D29931
2021-05-07 10:27:37 +03:00
Fedor Uporov
5679656e09 Improve extents verification logic.
It is possible to walk thru inode extents if EXT2FS_PRINT_EXTENTS
macro is defined. The extents headers magics and physical blocks
ranges are checked during extents walk.

Reviewed by:    pfg
MFC after:      2 weeks
Differential Revision:  https://reviews.freebsd.org/D29932
2021-05-07 10:27:28 +03:00
Fedor Uporov
1ed5f62d61 Add chr/blk devices support.
The dev field is placed into the inode structure.
The major/minor numbers conversion to/from linux compatile
format happen during on-disk inodes writing/reading.

Reviewed by:    pfg
MFC after:      2 weeks
Differential Revision:  https://reviews.freebsd.org/D29930
2021-05-07 10:08:31 +03:00
Fedor Uporov
1484574843 Fix inode birthtime updating logic.
The birthtime field of struct vattr does not checked
for VNOVAL in case of ext2_setattr() and produce incorrect
inode birthtime values.

Found using pjdfstest:
    pjdfstest/tests/utimensat/03.t

Reviewed by:    pfg
MFC after:      2 weeks
Differential Revision:  https://reviews.freebsd.org/D29929
2021-05-07 10:08:20 +03:00
Konstantin Belousov
8b7239681e ext2fs: clear write cluster tracking on truncation
Reviewed by:	fsu, mckusick
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D28679
2021-02-21 11:38:21 +02:00
Konstantin Belousov
2bfd8992c7 vnode: move write cluster support data to inodes.
The data is only needed by filesystems that
1. use buffer cache
2. utilize clustering write support.

Requested by:	mjg
Reviewed by:	asomers (previous version), fsu (ext2 parts), mckusick
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D28679
2021-02-21 11:38:21 +02:00
Kirk McKusick
645027c89d In ext2fs, BA_CLRBUF is used in ext2_balloc() not UFS_BALLOC().
Noted by:     kib
MFC after:    3 days
Sponsored by: Netflix
2020-12-08 00:49:31 +00:00
Kirk McKusick
bb3c01ec79 Document the BA_CLRBUF flag used in ufs and ext2fs filesystems.
Suggested by: kib
MFC after:    3 days
Sponsored by: Netflix
2020-12-06 20:50:21 +00:00
Konstantin Belousov
cd85379104 Make MAXPHYS tunable. Bump MAXPHYS to 1M.
Replace MAXPHYS by runtime variable maxphys. It is initialized from
MAXPHYS by default, but can be also adjusted with the tunable kern.maxphys.

Make b_pages[] array in struct buf flexible.  Size b_pages[] for buffer
cache buffers exactly to atop(maxbcachebuf) (currently it is sized to
atop(MAXPHYS)), and b_pages[] for pbufs is sized to atop(maxphys) + 1.
The +1 for pbufs allow several pbuf consumers, among them vmapbuf(),
to use unaligned buffers still sized to maxphys, esp. when such
buffers come from userspace (*).  Overall, we save significant amount
of otherwise wasted memory in b_pages[] for buffer cache buffers,
while bumping MAXPHYS to desired high value.

Eliminate all direct uses of the MAXPHYS constant in kernel and driver
sources, except a place which initialize maxphys.  Some random (and
arguably weird) uses of MAXPHYS, e.g. in linuxolator, are converted
straight.  Some drivers, which use MAXPHYS to size embeded structures,
get private MAXPHYS-like constant; their convertion is out of scope
for this work.

Changes to cam/, dev/ahci, dev/ata, dev/mpr, dev/mpt, dev/mvs,
dev/siis, where either submitted by, or based on changes by mav.

Suggested by: mav (*)
Reviewed by:	imp, mav, imp, mckusick, scottl (intermediate versions)
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D27225
2020-11-28 12:12:51 +00:00
Mateusz Guzik
ab21ed17ed vfs: drop the de facto curthread argument from VOP_INACTIVE 2020-10-20 07:19:03 +00:00
Pedro F. Giffuni
c2f0581e43 ext2fs: minor typo.
Obtained from:	Dragonfly
MFC after:	3 days
2020-10-06 21:31:04 +00:00
Mateusz Guzik
586ee69f09 fs: clean up empty lines in .c and .h files 2020-09-01 21:18:40 +00:00
Pedro F. Giffuni
ef20a5b58c extfs: remove redundant little endian conversion.
The XTIME_TO_NSEC macro already calls the htole32(), so there is no need
to call it twice. This code does nothing on LE platforms and affects only
nanosecond and birthtime fields so it's difficult to notice on regular use.

Hinted by:	DragonFlyBSD (git ae503f8f6f4b9a413932ffd68be029f20c38cab4)

X-MFC with:	r361136
2020-08-20 05:08:49 +00:00
Mateusz Guzik
7ad2a82da2 vfs: drop the error parameter from vn_isdisk, introduce vn_isdisk_error
Most consumers pass NULL.
2020-08-19 02:51:17 +00:00
Pedro F. Giffuni
19642a0cfb extfs: remove redundant little endian conversion.
The NSEC_TO_XTIME macro already calls the htole32(), so there is no need
to call it twice. This code does nothing on LE platforms and affects only
nanosecond and birthtime fields so it's difficult to notice on regular use.

X-MFC with:	r361136
2020-08-17 15:05:41 +00:00
Mateusz Guzik
a92a971bbb vfs: remove the thread argument from vget
It was already asserted to be curthread.

Semantic patch:

@@

expression arg1, arg2, arg3;

@@

- vget(arg1, arg2, arg3)
+ vget(arg1, arg2)
2020-08-16 17:18:54 +00:00
Mateusz Guzik
d292b1940c vfs: remove the obsolete privused argument from vaccess
This brings argument count down to 6, which is passable without the
stack on amd64.
2020-08-05 09:27:03 +00:00
Mark Johnston
39bc40e3d2 ext2fs: Stop checking for failures from malloc(M_WAITOK).
PR:		240545
Submitted by:	Andrew Reiter <arr@watson.org>
Reviewed by:	fsu
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D25707
2020-07-20 14:28:26 +00:00
Fedor Uporov
cd3acfe7f3 Add BE architectures support.
Author of most initial version: pfg (https://reviews.freebsd.org/D23259)

Reviewed by:    pfg
MFC after:      3 months

Differential Revision:    https://reviews.freebsd.org/D24685
2020-05-17 14:52:54 +00:00
Fedor Uporov
4bd6d63dc5 Restrict the max runp and runb return values in case of extents mapping.
This restriction already present in case of indirect mapping, do the same
in case of extents.

PR:		246182
Reported by:	Teran McKinney
MFC after:	2 weeks
2020-05-17 14:10:46 +00:00
Fedor Uporov
86e2d48bf9 Fix incorrect inode link count check in case of rename.
The check was incorrect because the directory inode link count have
min value 2 after dir_nlink extfs feature introduction.
2020-05-17 14:03:13 +00:00
Fedor Uporov
ec81c9cc06 Add inode bitmap tail initialization.
Make ext2fs compatible with changes introduced in e2fsprogs v1.45.2.
Now the tail of inode bitmap is filled with 0xff pattern explicitly during
bitmap initialization phase to avoid e2fsck error like:
"Padding at end of inode bitmap is not set."
2020-05-17 14:00:54 +00:00
Pawel Biernacki
7029da5c36 Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many)
r357614 added CTLFLAG_NEEDGIANT to make it easier to find nodes that are
still not MPSAFE (or already are but aren’t properly marked).
Use it in preparation for a general review of all nodes.

This is non-functional change that adds annotations to SYSCTL_NODE and
SYSCTL_PROC nodes using one of the soon-to-be-required flags.

Mark all obvious cases as MPSAFE.  All entries that haven't been marked
as MPSAFE before are by default marked as NEEDGIANT

Approved by:	kib (mentor, blanket)
Commented by:	kib, gallatin, melifaro
Differential Revision:	https://reviews.freebsd.org/D23718
2020-02-26 14:26:36 +00:00
Fedor Uporov
3767ed5b11 Add a EXT2FS-specific implementation for lseek(SEEK_DATA).
The lseek(SEEK_DATA) optimization logic could be simply borrowed from ufs side.
See, https://reviews.freebsd.org/D19599.

Reviewed by:    pfg
MFC after:      1 week

Differential Revision:    https://reviews.freebsd.org/D23605
2020-02-18 16:39:57 +00:00
Mateusz Guzik
b249ce48ea vfs: drop the mostly unused flags argument from VOP_UNLOCK
Filesystems which want to use it in limited capacity can employ the
VOP_UNLOCK_FLAGS macro.

Reviewed by:	kib (previous version)
Differential Revision:	https://reviews.freebsd.org/D21427
2020-01-03 22:29:58 +00:00
Mateusz Guzik
6fa079fc3f vfs: flatten vop vectors
This eliminates the following loop from all VOP calls:

while(vop != NULL && \
    vop->vop_spare2 == NULL && vop->vop_bypass == NULL)
        vop = vop->vop_default;

Reviewed by:	jeff
Tesetd by:	pho
Differential Revision:	https://reviews.freebsd.org/D22738
2019-12-16 00:06:22 +00:00
Mateusz Guzik
abd80ddb94 vfs: introduce v_irflag and make v_type smaller
The current vnode layout is not smp-friendly by having frequently read data
avoidably sharing cachelines with very frequently modified fields. In
particular v_iflag inspected for VI_DOOMED can be found in the same line with
v_usecount. Instead make it available in the same cacheline as the v_op, v_data
and v_type which all get read all the time.

v_type is avoidably 4 bytes while the necessary data will easily fit in 1.
Shrinking it frees up 3 bytes, 2 of which get used here to introduce a new
flag field with a new value: VIRF_DOOMED.

Reviewed by:	kib, jeff
Differential Revision:	https://reviews.freebsd.org/D22715
2019-12-08 21:30:04 +00:00
Conrad Meyer
fe8b34563d ext2fs: Remove redundant brelse() after r294954
Coccinelle:

@ rule1 @
 identifier __error;
@@
 ...
 int __error;
 ...

@ rule2 depends on rule1 @
 identifier rule1.__error;
 identifier __bp;
@@

 __error =
(
 bread
|
 bread_gb
|
 breadn
|
 breadn_flags
)
 (..., &__bp);
 if (
(
 __error
|
 __error != 0
)
 ) {
 ...
- brelse(__bp);
 ...
 }

No functional change.
2019-09-06 08:07:12 +00:00
Konstantin Belousov
6470c8d3db Rework v_object lifecycle for vnodes.
Current implementation of vnode_create_vobject() and
vnode_destroy_vobject() is written so that it prepared to handle the
vm object destruction for live vnode.  Practically, no filesystems use
this, except for some remnants that were present in UFS till today.
One of the consequences of that model is that each filesystem must
call vnode_destroy_vobject() in VOP_RECLAIM() or earlier, as result
all of them get rid of the v_object in reclaim.

Move the call to vnode_destroy_vobject() to vgonel() before
VOP_RECLAIM().  This makes v_object stable: either the object is NULL,
or it is valid vm object till the vnode reclamation.  Remove code from
vnode_create_vobject() to handle races with the parallel destruction.

Reviewed by:	markj
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D21412
2019-08-29 07:50:25 +00:00
Mark Johnston
918988576c Avoid relying on header pollution from sys/refcount.h.
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2019-07-29 20:26:01 +00:00
Fedor Uporov
6ce04e595a Add additional check for 'blocks per group' and 'fragments per group' superblock fields.
These fields will not be equal only in case if bigalloc filesystem feature is turned on.
This feature is not supported for now.

Reported by:    Christopher Krah, Thomas Barabosch, and Jan-Niclas Hilgert of Fraunhofer FKIE
Reported as:    FS-27-EXT2-12: Denial of Service in openat-0 (vm_fault_hold/ext2_clusteracct)

MFC after:	2 weeks
2019-07-07 08:58:02 +00:00
Fedor Uporov
c008656263 Remove ufs fragments logic.
The ext2fs fragments are different from ufs fragments.
In case of ext2fs the fragment should be equal or more then block size.
The values more than block size are used only in case of bigalloc feature, which is does not supported for now.

Reported by:    Christopher Krah, Thomas Barabosch, and Jan-Niclas Hilgert of Fraunhofer FKIE
Reported as:    FS-22-EXT2-9: Denial of service in ftruncate-0 (ext2_balloc)

MFC after:	2 weeks
2019-07-07 08:56:13 +00:00
Fedor Uporov
590517d05a Remove unneeded mount point unlock call.
Reported by:    Christopher Krah, Thomas Barabosch, and Jan-Niclas Hilgert of Fraunhofer FKIE
Reported as:    FS-11-EXT2-6: Denial Of Service in write-1 (ext2_balloc)

MFC after:	2 weeks
2019-07-07 08:53:52 +00:00
Xin LI
f89d207279 Separate kernel crc32() implementation to its own header (gsb_crc32.h) and
rename the source to gsb_crc32.c.

This is a prerequisite of unifying kernel zlib instances.

PR:		229763
Submitted by:	Yoshihiro Ota <ota at j.email.ne.jp>
Differential Revision:	https://reviews.freebsd.org/D20193
2019-06-17 19:49:08 +00:00
Alan Somers
65417f5e27 Remove "struct ucred*" argument from vtruncbuf
vtruncbuf takes a "struct ucred*" argument. AFAICT, it's been unused ever
since that function was first added in r34611. Remove it.  Also, remove some
"struct ucred" arguments from fuse and nfs functions that were only used by
vtruncbuf.

Reviewed by:	cem
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D20377
2019-05-24 20:27:50 +00:00
Fedor Uporov
84b89556b4 ext2fs: Initial version of DTrace support.
Commit forgotten file.

Reviewed by:    pfg, gnn
MFC after:      1 week

Differential Revision:    https://reviews.freebsd.org/D19848
2019-04-16 11:37:15 +00:00
Fedor Uporov
ebc94b66fe ext2fs: Initial version of DTrace support.
Reviewed by:    pfg, gnn
MFC after:      1 week

Differential Revision:    https://reviews.freebsd.org/D19848
2019-04-16 11:20:10 +00:00
Fedor Uporov
0204d1c793 Remove unneeded mount point unlock function calls.
The ext2_nodealloccg() function unlocks the mount point
in case of successful node allocation.
The additional unlocks are not required and should be removed.

PR:		236452
Reported by:	pho
MFC after:	3 days
2019-03-15 11:49:46 +00:00
Fedor Uporov
9441309ae0 Fix double free in case of mount error.
Reported by:    Christopher Krah <krah@protonmail.com>
Reported as:    FS-9-EXT3-2: Denial Of Service in nmount-5 (vm_fault_hold)
Reviewed by:    pfg
MFC after:      1 week

Differential Revision:    https://reviews.freebsd.org/D19385
2019-03-04 11:33:49 +00:00
Fedor Uporov
3eed9f20d4 Do not read the on-disk inode in case of vnode allocation.
Reported by:    Christopher Krah <krah@protonmail.com>
Reported as:    FS-6-EXT2-4: Denial Of Service in mkdir-0 (ext2_mkdir/vn_rdwr)
Reviewed by:    pfg
MFC after:      1 week

Differential Revision:    https://reviews.freebsd.org/D19327
2019-03-04 11:27:47 +00:00
Fedor Uporov
736da5176d Fix integer overflow possibility.
Reported by:    Christopher Krah <krah@protonmail.com>
Reported as:    FS-2-EXT2-1: Out-of-Bounds Write in nmount (ext2_vget)
Reviewed by:    pfg
MFC after:      1 week

Differential Revision:    https://reviews.freebsd.org/D19326
2019-03-04 11:19:21 +00:00
Fedor Uporov
4ff6603ab3 Do not panic if inode bitmap is corrupted.
admbug:         804
Reported by:    Ilja Van Sprundel <ivansprundel@ioactive.com>
Reviewed by:    pfg
MFC after:      1 week

Differential Revision:    https://reviews.freebsd.org/D19325
2019-03-04 11:12:19 +00:00
Fedor Uporov
80a4a9716b Validate block bitmaps.
Reviewed by:    pfg
MFC after:      1 week

Differential Revision:    https://reviews.freebsd.org/D19324
2019-03-04 11:01:23 +00:00
Fedor Uporov
daa2d62da2 Add additional on-disk inode checks.
Reviewed by:    pfg
MFC after:      1 week

Differential Revision:    https://reviews.freebsd.org/D19323
2019-03-04 10:55:01 +00:00
Fedor Uporov
6e38bf94e5 Make superblock reading logic more strict.
Add more on-disk superblock consistency checks to ext2_compute_sb_data() function.
It should decrease the probability of mounting filesystems with corrupted superblock data.

Reviewed by:    pfg
MFC after:      1 week

Differential Revision:    https://reviews.freebsd.org/D19322
2019-03-04 10:42:25 +00:00
Pedro F. Giffuni
771ec59bb7 ext2fs: Add some extra consistency checks for the superblock.
Maliciously formed, or badly corrupted, filesystems can cause kernel
panics.  In general, such acts of foot-shooting can only be accomplished
by root, but in a world with VM images that is  moving towards automated
mounts it is important to have some form of prevention.

Reported by: Christopher Krah, Thomas Barabosch, and Jan-Niclas Hilgert
of Fraunhofer FKIE.
Incidentaly this should also fix a memory corruption issue reported by
Dr Silvio Cesare of InfoSect.

Huge thanks to all reseachers for making us aware of the issue.

admbug:		872, 891
Reviewed by:	fsu
Obtained from:	NetBSD (with minor changes)
MFC after:	3 days
2019-01-25 22:22:29 +00:00
Kirk McKusick
c0029546f8 When loading an inode from disk, verify that its mode is valid.
If invalid, return EINVAL. Note that inode check-hashes greatly
reduce the chance that these errors will go undetected.

Reported by:  Christopher Krah <krah@protonmail.com>
Reported as:  FS-5-UFS-2: Denial Of Service in nmount-3 (ffs_read)
Reviewed by:  kib
MFC after:    1 week
Sponsored by: Netflix

M    sys/fs/ext2fs/ext2_vnops.c
M    sys/kern/vfs_subr.c
M    sys/ufs/ffs/ffs_snapshot.c
M    sys/ufs/ufs/ufs_vnops.c
2018-12-27 07:18:53 +00:00
Mateusz Guzik
cc426dd319 Remove unused argument to priv_check_cred.
Patch mostly generated with cocinnelle:

@@
expression E1,E2;
@@

- priv_check_cred(E1,E2,0)
+ priv_check_cred(E1,E2)

Sponsored by:	The FreeBSD Foundation
2018-12-11 19:32:16 +00:00