projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
xfs: bmap scrubber should do rmap xref with bmap for sparse files
[linux-2.6-block.git] / fs / xfs / scrub / inode.c
CommitLineData
80e4e126
DW		 1/*
2 * Copyright (C) 2017 Oracle. All Rights Reserved.
3 *
4 * Author: Darrick J. Wong <darrick.wong@oracle.com>
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version 2
9 * of the License, or (at your option) any later version.
10 *
11 * This program is distributed in the hope that it would be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write the Free Software Foundation,
18 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
19 */
20#include "xfs.h"
21#include "xfs_fs.h"
22#include "xfs_shared.h"
23#include "xfs_format.h"
24#include "xfs_trans_resv.h"
25#include "xfs_mount.h"
26#include "xfs_defer.h"
27#include "xfs_btree.h"
28#include "xfs_bit.h"
29#include "xfs_log_format.h"
30#include "xfs_trans.h"
31#include "xfs_sb.h"
32#include "xfs_inode.h"
33#include "xfs_icache.h"
34#include "xfs_inode_buf.h"
35#include "xfs_inode_fork.h"
36#include "xfs_ialloc.h"
37#include "xfs_da_format.h"
38#include "xfs_reflink.h"
d852657c 39#include "xfs_rmap.h"
561f648a
DW		 40#include "xfs_bmap.h"
41#include "xfs_bmap_util.h"
80e4e126
DW		 42#include "scrub/xfs_scrub.h"
43#include "scrub/scrub.h"
44#include "scrub/common.h"
2e6f2756 45#include "scrub/btree.h"
80e4e126
DW		 46#include "scrub/trace.h"
47
48/*
49 * Grab total control of the inode metadata. It doesn't matter here if
50 * the file data is still changing; exclusive access to the metadata is
51 * the goal.
52 */
53int
54xfs_scrub_setup_inode(
55 struct xfs_scrub_context *sc,
56 struct xfs_inode *ip)
57{
58 struct xfs_mount *mp = sc->mp;
59 int error;
60
61 /*
62 * Try to get the inode. If the verifiers fail, we try again
63 * in raw mode.
64 */
65 error = xfs_scrub_get_inode(sc, ip);
66 switch (error) {
67 case 0:
68 break;
69 case -EFSCORRUPTED:
70 case -EFSBADCRC:
1ad1205e 71 return xfs_scrub_trans_alloc(sc->sm, mp, &sc->tp);
80e4e126
DW		 72 default:
73 return error;
74 }
75
76 /* Got the inode, lock it and we're ready to go. */
77 sc->ilock_flags = XFS_IOLOCK_EXCL | XFS_MMAPLOCK_EXCL;
78 xfs_ilock(sc->ip, sc->ilock_flags);
79 error = xfs_scrub_trans_alloc(sc->sm, mp, &sc->tp);
80 if (error)
81 goto out;
82 sc->ilock_flags |= XFS_ILOCK_EXCL;
83 xfs_ilock(sc->ip, XFS_ILOCK_EXCL);
84
85out:
86 /* scrub teardown will unlock and release the inode for us */
87 return error;
88}
89
90/* Inode core */
91
92/*
93 * Validate di_extsize hint.
94 *
95 * The rules are documented at xfs_ioctl_setattr_check_extsize().
96 * These functions must be kept in sync with each other.
97 */
98STATIC void
99xfs_scrub_inode_extsize(
100 struct xfs_scrub_context *sc,
101 struct xfs_buf *bp,
102 struct xfs_dinode *dip,
103 xfs_ino_t ino,
104 uint16_t mode,
105 uint16_t flags)
106{
107 struct xfs_mount *mp = sc->mp;
108 bool rt_flag;
109 bool hint_flag;
110 bool inherit_flag;
111 uint32_t extsize;
112 uint32_t extsize_bytes;
113 uint32_t blocksize_bytes;
114
115 rt_flag = (flags & XFS_DIFLAG_REALTIME);
116 hint_flag = (flags & XFS_DIFLAG_EXTSIZE);
117 inherit_flag = (flags & XFS_DIFLAG_EXTSZINHERIT);
118 extsize = be32_to_cpu(dip->di_extsize);
119 extsize_bytes = XFS_FSB_TO_B(sc->mp, extsize);
120
121 if (rt_flag)
122 blocksize_bytes = mp->m_sb.sb_rextsize << mp->m_sb.sb_blocklog;
123 else
124 blocksize_bytes = mp->m_sb.sb_blocksize;
125
126 if ((hint_flag || inherit_flag) && !(S_ISDIR(mode) || S_ISREG(mode)))
127 goto bad;
128
129 if (hint_flag && !S_ISREG(mode))
130 goto bad;
131
132 if (inherit_flag && !S_ISDIR(mode))
133 goto bad;
134
135 if ((hint_flag || inherit_flag) && extsize == 0)
136 goto bad;
137
138 if (!(hint_flag || inherit_flag) && extsize != 0)
139 goto bad;
140
141 if (extsize_bytes % blocksize_bytes)
142 goto bad;
143
144 if (extsize > MAXEXTLEN)
145 goto bad;
146
147 if (!rt_flag && extsize > mp->m_sb.sb_agblocks / 2)
148 goto bad;
149
150 return;
151bad:
152 xfs_scrub_ino_set_corrupt(sc, ino, bp);
153}
154
155/*
156 * Validate di_cowextsize hint.
157 *
158 * The rules are documented at xfs_ioctl_setattr_check_cowextsize().
159 * These functions must be kept in sync with each other.
160 */
161STATIC void
162xfs_scrub_inode_cowextsize(
163 struct xfs_scrub_context *sc,
164 struct xfs_buf *bp,
165 struct xfs_dinode *dip,
166 xfs_ino_t ino,
167 uint16_t mode,
168 uint16_t flags,
169 uint64_t flags2)
170{
171 struct xfs_mount *mp = sc->mp;
172 bool rt_flag;
173 bool hint_flag;
174 uint32_t extsize;
175 uint32_t extsize_bytes;
176
177 rt_flag = (flags & XFS_DIFLAG_REALTIME);
178 hint_flag = (flags2 & XFS_DIFLAG2_COWEXTSIZE);
179 extsize = be32_to_cpu(dip->di_cowextsize);
180 extsize_bytes = XFS_FSB_TO_B(sc->mp, extsize);
181
182 if (hint_flag && !xfs_sb_version_hasreflink(&mp->m_sb))
183 goto bad;
184
185 if (hint_flag && !(S_ISDIR(mode) || S_ISREG(mode)))
186 goto bad;
187
188 if (hint_flag && extsize == 0)
189 goto bad;
190
191 if (!hint_flag && extsize != 0)
192 goto bad;
193
194 if (hint_flag && rt_flag)
195 goto bad;
196
197 if (extsize_bytes % mp->m_sb.sb_blocksize)
198 goto bad;
199
200 if (extsize > MAXEXTLEN)
201 goto bad;
202
203 if (extsize > mp->m_sb.sb_agblocks / 2)
204 goto bad;
205
206 return;
207bad:
208 xfs_scrub_ino_set_corrupt(sc, ino, bp);
209}
210
211/* Make sure the di_flags make sense for the inode. */
212STATIC void
213xfs_scrub_inode_flags(
214 struct xfs_scrub_context *sc,
215 struct xfs_buf *bp,
216 struct xfs_dinode *dip,
217 xfs_ino_t ino,
218 uint16_t mode,
219 uint16_t flags)
220{
221 struct xfs_mount *mp = sc->mp;
222
223 if (flags & ~XFS_DIFLAG_ANY)
224 goto bad;
225
226 /* rt flags require rt device */
227 if ((flags & (XFS_DIFLAG_REALTIME | XFS_DIFLAG_RTINHERIT)) &&
228 !mp->m_rtdev_targp)
229 goto bad;
230
231 /* new rt bitmap flag only valid for rbmino */
232 if ((flags & XFS_DIFLAG_NEWRTBM) && ino != mp->m_sb.sb_rbmino)
233 goto bad;
234
235 /* directory-only flags */
236 if ((flags & (XFS_DIFLAG_RTINHERIT |
237 XFS_DIFLAG_EXTSZINHERIT |
238 XFS_DIFLAG_PROJINHERIT |
239 XFS_DIFLAG_NOSYMLINKS)) &&
240 !S_ISDIR(mode))
241 goto bad;
242
243 /* file-only flags */
244 if ((flags & (XFS_DIFLAG_REALTIME | FS_XFLAG_EXTSIZE)) &&
245 !S_ISREG(mode))
246 goto bad;
247
248 /* filestreams and rt make no sense */
249 if ((flags & XFS_DIFLAG_FILESTREAM) && (flags & XFS_DIFLAG_REALTIME))
250 goto bad;
251
252 return;
253bad:
254 xfs_scrub_ino_set_corrupt(sc, ino, bp);
255}
256
257/* Make sure the di_flags2 make sense for the inode. */
258STATIC void
259xfs_scrub_inode_flags2(
260 struct xfs_scrub_context *sc,
261 struct xfs_buf *bp,
262 struct xfs_dinode *dip,
263 xfs_ino_t ino,
264 uint16_t mode,
265 uint16_t flags,
266 uint64_t flags2)
267{
268 struct xfs_mount *mp = sc->mp;
269
270 if (flags2 & ~XFS_DIFLAG2_ANY)
271 goto bad;
272
273 /* reflink flag requires reflink feature */
274 if ((flags2 & XFS_DIFLAG2_REFLINK) &&
275 !xfs_sb_version_hasreflink(&mp->m_sb))
276 goto bad;
277
278 /* cowextsize flag is checked w.r.t. mode separately */
279
280 /* file/dir-only flags */
281 if ((flags2 & XFS_DIFLAG2_DAX) && !(S_ISREG(mode) || S_ISDIR(mode)))
282 goto bad;
283
284 /* file-only flags */
285 if ((flags2 & XFS_DIFLAG2_REFLINK) && !S_ISREG(mode))
286 goto bad;
287
288 /* realtime and reflink make no sense, currently */
289 if ((flags & XFS_DIFLAG_REALTIME) && (flags2 & XFS_DIFLAG2_REFLINK))
290 goto bad;
291
292 /* dax and reflink make no sense, currently */
293 if ((flags2 & XFS_DIFLAG2_DAX) && (flags2 & XFS_DIFLAG2_REFLINK))
294 goto bad;
295
296 return;
297bad:
298 xfs_scrub_ino_set_corrupt(sc, ino, bp);
299}
300
301/* Scrub all the ondisk inode fields. */
302STATIC void
303xfs_scrub_dinode(
304 struct xfs_scrub_context *sc,
305 struct xfs_buf *bp,
306 struct xfs_dinode *dip,
307 xfs_ino_t ino)
308{
309 struct xfs_mount *mp = sc->mp;
310 size_t fork_recs;
311 unsigned long long isize;
312 uint64_t flags2;
313 uint32_t nextents;
314 uint16_t flags;
315 uint16_t mode;
316
317 flags = be16_to_cpu(dip->di_flags);
318 if (dip->di_version >= 3)
319 flags2 = be64_to_cpu(dip->di_flags2);
320 else
321 flags2 = 0;
322
323 /* di_mode */
324 mode = be16_to_cpu(dip->di_mode);
3b42d385
DW		 325 switch (mode & S_IFMT) {
326 case S_IFLNK:
327 case S_IFREG:
328 case S_IFDIR:
329 case S_IFCHR:
330 case S_IFBLK:
331 case S_IFIFO:
332 case S_IFSOCK:
333 /* mode is recognized */
334 break;
335 default:
80e4e126 336 xfs_scrub_ino_set_corrupt(sc, ino, bp);
3b42d385
DW		 337 break;
338 }
80e4e126
DW		 339
340 /* v1/v2 fields */
341 switch (dip->di_version) {
342 case 1:
343 /*
344 * We autoconvert v1 inodes into v2 inodes on writeout,
345 * so just mark this inode for preening.
346 */
0a1e1567 347 xfs_scrub_ino_set_preen(sc, ino, bp);
80e4e126
DW		 348 break;
349 case 2:
350 case 3:
351 if (dip->di_onlink != 0)
352 xfs_scrub_ino_set_corrupt(sc, ino, bp);
353
354 if (dip->di_mode == 0 && sc->ip)
355 xfs_scrub_ino_set_corrupt(sc, ino, bp);
356
357 if (dip->di_projid_hi != 0 &&
358 !xfs_sb_version_hasprojid32bit(&mp->m_sb))
359 xfs_scrub_ino_set_corrupt(sc, ino, bp);
360 break;
361 default:
362 xfs_scrub_ino_set_corrupt(sc, ino, bp);
363 return;
364 }
365
366 /*
367 * di_uid/di_gid -- -1 isn't invalid, but there's no way that
368 * userspace could have created that.
369 */
370 if (dip->di_uid == cpu_to_be32(-1U) ||
371 dip->di_gid == cpu_to_be32(-1U))
0a1e1567 372 xfs_scrub_ino_set_warning(sc, ino, bp);
80e4e126
DW		 373
374 /* di_format */
375 switch (dip->di_format) {
376 case XFS_DINODE_FMT_DEV:
377 if (!S_ISCHR(mode) && !S_ISBLK(mode) &&
378 !S_ISFIFO(mode) && !S_ISSOCK(mode))
379 xfs_scrub_ino_set_corrupt(sc, ino, bp);
380 break;
381 case XFS_DINODE_FMT_LOCAL:
382 if (!S_ISDIR(mode) && !S_ISLNK(mode))
383 xfs_scrub_ino_set_corrupt(sc, ino, bp);
384 break;
385 case XFS_DINODE_FMT_EXTENTS:
386 if (!S_ISREG(mode) && !S_ISDIR(mode) && !S_ISLNK(mode))
387 xfs_scrub_ino_set_corrupt(sc, ino, bp);
388 break;
389 case XFS_DINODE_FMT_BTREE:
390 if (!S_ISREG(mode) && !S_ISDIR(mode))
391 xfs_scrub_ino_set_corrupt(sc, ino, bp);
392 break;
393 case XFS_DINODE_FMT_UUID:
394 default:
395 xfs_scrub_ino_set_corrupt(sc, ino, bp);
396 break;
397 }
398
29c1c123
DW		 399 /* di_[amc]time.nsec */
400 if (be32_to_cpu(dip->di_atime.t_nsec) >= NSEC_PER_SEC)
401 xfs_scrub_ino_set_corrupt(sc, ino, bp);
402 if (be32_to_cpu(dip->di_mtime.t_nsec) >= NSEC_PER_SEC)
403 xfs_scrub_ino_set_corrupt(sc, ino, bp);
404 if (be32_to_cpu(dip->di_ctime.t_nsec) >= NSEC_PER_SEC)
405 xfs_scrub_ino_set_corrupt(sc, ino, bp);
406
80e4e126
DW		 407 /*
408 * di_size. xfs_dinode_verify checks for things that screw up
409 * the VFS such as the upper bit being set and zero-length
410 * symlinks/directories, but we can do more here.
411 */
412 isize = be64_to_cpu(dip->di_size);
413 if (isize & (1ULL << 63))
414 xfs_scrub_ino_set_corrupt(sc, ino, bp);
415
416 /* Devices, fifos, and sockets must have zero size */
417 if (!S_ISDIR(mode) && !S_ISREG(mode) && !S_ISLNK(mode) && isize != 0)
418 xfs_scrub_ino_set_corrupt(sc, ino, bp);
419
420 /* Directories can't be larger than the data section size (32G) */
421 if (S_ISDIR(mode) && (isize == 0 || isize >= XFS_DIR2_SPACE_SIZE))
422 xfs_scrub_ino_set_corrupt(sc, ino, bp);
423
424 /* Symlinks can't be larger than SYMLINK_MAXLEN */
425 if (S_ISLNK(mode) && (isize == 0 || isize >= XFS_SYMLINK_MAXLEN))
426 xfs_scrub_ino_set_corrupt(sc, ino, bp);
427
428 /*
429 * Warn if the running kernel can't handle the kinds of offsets
430 * needed to deal with the file size. In other words, if the
431 * pagecache can't cache all the blocks in this file due to
432 * overly large offsets, flag the inode for admin review.
433 */
434 if (isize >= mp->m_super->s_maxbytes)
0a1e1567 435 xfs_scrub_ino_set_warning(sc, ino, bp);
80e4e126
DW		 436
437 /* di_nblocks */
438 if (flags2 & XFS_DIFLAG2_REFLINK) {
439 ; /* nblocks can exceed dblocks */
440 } else if (flags & XFS_DIFLAG_REALTIME) {
441 /*
442 * nblocks is the sum of data extents (in the rtdev),
443 * attr extents (in the datadev), and both forks' bmbt
444 * blocks (in the datadev). This clumsy check is the
445 * best we can do without cross-referencing with the
446 * inode forks.
447 */
448 if (be64_to_cpu(dip->di_nblocks) >=
449 mp->m_sb.sb_dblocks + mp->m_sb.sb_rblocks)
450 xfs_scrub_ino_set_corrupt(sc, ino, bp);
451 } else {
452 if (be64_to_cpu(dip->di_nblocks) >= mp->m_sb.sb_dblocks)
453 xfs_scrub_ino_set_corrupt(sc, ino, bp);
454 }
455
456 xfs_scrub_inode_flags(sc, bp, dip, ino, mode, flags);
457
458 xfs_scrub_inode_extsize(sc, bp, dip, ino, mode, flags);
459
460 /* di_nextents */
461 nextents = be32_to_cpu(dip->di_nextents);
462 fork_recs = XFS_DFORK_DSIZE(dip, mp) / sizeof(struct xfs_bmbt_rec);
463 switch (dip->di_format) {
464 case XFS_DINODE_FMT_EXTENTS:
465 if (nextents > fork_recs)
466 xfs_scrub_ino_set_corrupt(sc, ino, bp);
467 break;
468 case XFS_DINODE_FMT_BTREE:
469 if (nextents <= fork_recs)
470 xfs_scrub_ino_set_corrupt(sc, ino, bp);
471 break;
472 default:
473 if (nextents != 0)
474 xfs_scrub_ino_set_corrupt(sc, ino, bp);
475 break;
476 }
477
478 /* di_forkoff */
479 if (XFS_DFORK_APTR(dip) >= (char *)dip + mp->m_sb.sb_inodesize)
480 xfs_scrub_ino_set_corrupt(sc, ino, bp);
481 if (dip->di_anextents != 0 && dip->di_forkoff == 0)
482 xfs_scrub_ino_set_corrupt(sc, ino, bp);
483 if (dip->di_forkoff == 0 && dip->di_aformat != XFS_DINODE_FMT_EXTENTS)
484 xfs_scrub_ino_set_corrupt(sc, ino, bp);
485
486 /* di_aformat */
487 if (dip->di_aformat != XFS_DINODE_FMT_LOCAL &&
488 dip->di_aformat != XFS_DINODE_FMT_EXTENTS &&
489 dip->di_aformat != XFS_DINODE_FMT_BTREE)
490 xfs_scrub_ino_set_corrupt(sc, ino, bp);
491
492 /* di_anextents */
493 nextents = be16_to_cpu(dip->di_anextents);
494 fork_recs = XFS_DFORK_ASIZE(dip, mp) / sizeof(struct xfs_bmbt_rec);
495 switch (dip->di_aformat) {
496 case XFS_DINODE_FMT_EXTENTS:
497 if (nextents > fork_recs)
498 xfs_scrub_ino_set_corrupt(sc, ino, bp);
499 break;
500 case XFS_DINODE_FMT_BTREE:
501 if (nextents <= fork_recs)
502 xfs_scrub_ino_set_corrupt(sc, ino, bp);
503 break;
504 default:
505 if (nextents != 0)
506 xfs_scrub_ino_set_corrupt(sc, ino, bp);
507 }
508
509 if (dip->di_version >= 3) {
29c1c123
DW		 510 if (be32_to_cpu(dip->di_crtime.t_nsec) >= NSEC_PER_SEC)
511 xfs_scrub_ino_set_corrupt(sc, ino, bp);
80e4e126
DW		 512 xfs_scrub_inode_flags2(sc, bp, dip, ino, mode, flags, flags2);
513 xfs_scrub_inode_cowextsize(sc, bp, dip, ino, mode, flags,
514 flags2);
515 }
516}
517
518/* Map and read a raw inode. */
519STATIC int
520xfs_scrub_inode_map_raw(
521 struct xfs_scrub_context *sc,
522 xfs_ino_t ino,
523 struct xfs_buf **bpp,
524 struct xfs_dinode **dipp)
525{
526 struct xfs_imap imap;
527 struct xfs_mount *mp = sc->mp;
528 struct xfs_buf *bp = NULL;
529 struct xfs_dinode *dip;
530 int error;
531
532 error = xfs_imap(mp, sc->tp, ino, &imap, XFS_IGET_UNTRUSTED);
533 if (error == -EINVAL) {
534 /*
535 * Inode could have gotten deleted out from under us;
536 * just forget about it.
537 */
538 error = -ENOENT;
539 goto out;
540 }
541 if (!xfs_scrub_process_error(sc, XFS_INO_TO_AGNO(mp, ino),
542 XFS_INO_TO_AGBNO(mp, ino), &error))
543 goto out;
544
545 error = xfs_trans_read_buf(mp, sc->tp, mp->m_ddev_targp,
546 imap.im_blkno, imap.im_len, XBF_UNMAPPED, &bp,
547 NULL);
548 if (!xfs_scrub_process_error(sc, XFS_INO_TO_AGNO(mp, ino),
549 XFS_INO_TO_AGBNO(mp, ino), &error))
550 goto out;
551
552 /*
553 * Is this really an inode? We disabled verifiers in the above
554 * xfs_trans_read_buf call because the inode buffer verifier
555 * fails on /any/ inode record in the inode cluster with a bad
556 * magic or version number, not just the one that we're
557 * checking. Therefore, grab the buffer unconditionally, attach
558 * the inode verifiers by hand, and run the inode verifier only
559 * on the one inode we want.
560 */
561 bp->b_ops = &xfs_inode_buf_ops;
562 dip = xfs_buf_offset(bp, imap.im_boffset);
a6a781a5 563 if (xfs_dinode_verify(mp, ino, dip) != NULL ||
80e4e126
DW		 564 !xfs_dinode_good_version(mp, dip->di_version)) {
565 xfs_scrub_ino_set_corrupt(sc, ino, bp);
566 goto out_buf;
567 }
568
569 /* ...and is it the one we asked for? */
570 if (be32_to_cpu(dip->di_gen) != sc->sm->sm_gen) {
571 error = -ENOENT;
572 goto out_buf;
573 }
574
575 *dipp = dip;
576 *bpp = bp;
577out:
578 return error;
579out_buf:
580 xfs_trans_brelse(sc->tp, bp);
581 return error;
582}
583
2e6f2756
DW		 584/*
585 * Make sure the finobt doesn't think this inode is free.
586 * We don't have to check the inobt ourselves because we got the inode via
587 * IGET_UNTRUSTED, which checks the inobt for us.
588 */
589static void
590xfs_scrub_inode_xref_finobt(
591 struct xfs_scrub_context *sc,
592 xfs_ino_t ino)
593{
594 struct xfs_inobt_rec_incore rec;
595 xfs_agino_t agino;
596 int has_record;
597 int error;
598
599 if (!sc->sa.fino_cur)
600 return;
601
602 agino = XFS_INO_TO_AGINO(sc->mp, ino);
603
604 /*
605 * Try to get the finobt record. If we can't get it, then we're
606 * in good shape.
607 */
608 error = xfs_inobt_lookup(sc->sa.fino_cur, agino, XFS_LOOKUP_LE,
609 &has_record);
610 if (!xfs_scrub_should_check_xref(sc, &error, &sc->sa.fino_cur) ||
611 !has_record)
612 return;
613
614 error = xfs_inobt_get_rec(sc->sa.fino_cur, &rec, &has_record);
615 if (!xfs_scrub_should_check_xref(sc, &error, &sc->sa.fino_cur) ||
616 !has_record)
617 return;
618
619 /*
620 * Otherwise, make sure this record either doesn't cover this inode,
621 * or that it does but it's marked present.
622 */
623 if (rec.ir_startino > agino ||
624 rec.ir_startino + XFS_INODES_PER_CHUNK <= agino)
625 return;
626
627 if (rec.ir_free & XFS_INOBT_MASK(agino - rec.ir_startino))
628 xfs_scrub_btree_xref_set_corrupt(sc, sc->sa.fino_cur, 0);
629}
630
561f648a
DW		 631/* Cross reference the inode fields with the forks. */
632STATIC void
633xfs_scrub_inode_xref_bmap(
634 struct xfs_scrub_context *sc,
635 struct xfs_dinode *dip)
636{
637 xfs_extnum_t nextents;
638 xfs_filblks_t count;
639 xfs_filblks_t acount;
640 int error;
641
642 /* Walk all the extents to check nextents/naextents/nblocks. */
643 error = xfs_bmap_count_blocks(sc->tp, sc->ip, XFS_DATA_FORK,
644 &nextents, &count);
645 if (!xfs_scrub_should_check_xref(sc, &error, NULL))
646 return;
647 if (nextents < be32_to_cpu(dip->di_nextents))
648 xfs_scrub_ino_xref_set_corrupt(sc, sc->ip->i_ino, NULL);
649
650 error = xfs_bmap_count_blocks(sc->tp, sc->ip, XFS_ATTR_FORK,
651 &nextents, &acount);
652 if (!xfs_scrub_should_check_xref(sc, &error, NULL))
653 return;
654 if (nextents != be16_to_cpu(dip->di_anextents))
655 xfs_scrub_ino_xref_set_corrupt(sc, sc->ip->i_ino, NULL);
656
657 /* Check nblocks against the inode. */
658 if (count + acount != be64_to_cpu(dip->di_nblocks))
659 xfs_scrub_ino_xref_set_corrupt(sc, sc->ip->i_ino, NULL);
660}
661
166d7641
DW		 662/* Cross-reference with the other btrees. */
663STATIC void
664xfs_scrub_inode_xref(
665 struct xfs_scrub_context *sc,
666 xfs_ino_t ino,
667 struct xfs_dinode *dip)
668{
d852657c 669 struct xfs_owner_info oinfo;
52dc4b44
DW		 670 xfs_agnumber_t agno;
671 xfs_agblock_t agbno;
672 int error;
673
166d7641
DW		 674 if (sc->sm->sm_flags & XFS_SCRUB_OFLAG_CORRUPT)
675 return;
52dc4b44
DW		 676
677 agno = XFS_INO_TO_AGNO(sc->mp, ino);
678 agbno = XFS_INO_TO_AGBNO(sc->mp, ino);
679
680 error = xfs_scrub_ag_init(sc, agno, &sc->sa);
681 if (!xfs_scrub_xref_process_error(sc, agno, agbno, &error))
682 return;
683
684 xfs_scrub_xref_is_used_space(sc, agbno, 1);
2e6f2756 685 xfs_scrub_inode_xref_finobt(sc, ino);
d852657c
DW		 686 xfs_rmap_ag_owner(&oinfo, XFS_RMAP_OWN_INODES);
687 xfs_scrub_xref_is_owned_by(sc, agbno, 1, &oinfo);
f6d5fc21 688 xfs_scrub_xref_is_not_shared(sc, agbno, 1);
561f648a 689 xfs_scrub_inode_xref_bmap(sc, dip);
52dc4b44
DW		 690
691 xfs_scrub_ag_free(sc, &sc->sa);
166d7641
DW		 692}
693
f6d5fc21
DW		 694/*
695 * If the reflink iflag disagrees with a scan for shared data fork extents,
696 * either flag an error (shared extents w/ no flag) or a preen (flag set w/o
697 * any shared extents). We already checked for reflink iflag set on a non
698 * reflink filesystem.
699 */
700static void
701xfs_scrub_inode_check_reflink_iflag(
702 struct xfs_scrub_context *sc,
703 xfs_ino_t ino,
704 struct xfs_buf *bp)
705{
706 struct xfs_mount *mp = sc->mp;
707 bool has_shared;
708 int error;
709
710 if (!xfs_sb_version_hasreflink(&mp->m_sb))
711 return;
712
713 error = xfs_reflink_inode_has_shared_extents(sc->tp, sc->ip,
714 &has_shared);
715 if (!xfs_scrub_xref_process_error(sc, XFS_INO_TO_AGNO(mp, ino),
716 XFS_INO_TO_AGBNO(mp, ino), &error))
717 return;
718 if (xfs_is_reflink_inode(sc->ip) && !has_shared)
719 xfs_scrub_ino_set_preen(sc, ino, bp);
720 else if (!xfs_is_reflink_inode(sc->ip) && has_shared)
721 xfs_scrub_ino_set_corrupt(sc, ino, bp);
722}
723
80e4e126
DW		 724/* Scrub an inode. */
725int
726xfs_scrub_inode(
727 struct xfs_scrub_context *sc)
728{
729 struct xfs_dinode di;
80e4e126
DW		 730 struct xfs_buf *bp = NULL;
731 struct xfs_dinode *dip;
732 xfs_ino_t ino;
80e4e126
DW		 733 int error = 0;
734
735 /* Did we get the in-core inode, or are we doing this manually? */
736 if (sc->ip) {
737 ino = sc->ip->i_ino;
738 xfs_inode_to_disk(sc->ip, &di, 0);
739 dip = &di;
740 } else {
741 /* Map & read inode. */
742 ino = sc->sm->sm_ino;
743 error = xfs_scrub_inode_map_raw(sc, ino, &bp, &dip);
744 if (error || !bp)
745 goto out;
746 }
747
748 xfs_scrub_dinode(sc, bp, dip, ino);
749 if (sc->sm->sm_flags & XFS_SCRUB_OFLAG_CORRUPT)
750 goto out;
751
752 /* Now let's do the things that require a live inode. */
753 if (!sc->ip)
754 goto out;
755
756 /*
f6d5fc21
DW		 757 * Look for discrepancies between file's data blocks and the reflink
758 * iflag. We already checked the iflag against the file mode when
759 * we scrubbed the dinode.
80e4e126 760 */
f6d5fc21
DW		 761 if (S_ISREG(VFS_I(sc->ip)->i_mode))
762 xfs_scrub_inode_check_reflink_iflag(sc, ino, bp);
80e4e126 763
166d7641 764 xfs_scrub_inode_xref(sc, ino, dip);
80e4e126
DW		 765out:
766 if (bp)
767 xfs_trans_brelse(sc->tp, bp);
768 return error;
769}
Linux 6.x block layer and io_uring tree(s)