Avoid beyond bounds copy while caching ACL
[zen-stable.git] / fs / ntfs / logfile.h
blobaa2b6ac3f0a43777a16d44683a55e2a7fe271f32
1 /*
2 * logfile.h - Defines for NTFS kernel journal ($LogFile) handling. Part of
3 * the Linux-NTFS project.
5 * Copyright (c) 2000-2005 Anton Altaparmakov
7 * This program/include file is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License as published
9 * by the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
12 * This program/include file is distributed in the hope that it will be
13 * useful, but WITHOUT ANY WARRANTY; without even the implied warranty
14 * of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program (in the main directory of the Linux-NTFS
19 * distribution in the file COPYING); if not, write to the Free Software
20 * Foundation,Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 #ifndef _LINUX_NTFS_LOGFILE_H
24 #define _LINUX_NTFS_LOGFILE_H
26 #ifdef NTFS_RW
28 #include <linux/fs.h>
30 #include "types.h"
31 #include "endian.h"
32 #include "layout.h"
35 * Journal ($LogFile) organization:
37 * Two restart areas present in the first two pages (restart pages, one restart
38 * area in each page). When the volume is dismounted they should be identical,
39 * except for the update sequence array which usually has a different update
40 * sequence number.
42 * These are followed by log records organized in pages headed by a log record
43 * header going up to log file size. Not all pages contain log records when a
44 * volume is first formatted, but as the volume ages, all records will be used.
45 * When the log file fills up, the records at the beginning are purged (by
46 * modifying the oldest_lsn to a higher value presumably) and writing begins
47 * at the beginning of the file. Effectively, the log file is viewed as a
48 * circular entity.
50 * NOTE: Windows NT, 2000, and XP all use log file version 1.1 but they accept
51 * versions <= 1.x, including 0.-1. (Yes, that is a minus one in there!) We
52 * probably only want to support 1.1 as this seems to be the current version
53 * and we don't know how that differs from the older versions. The only
54 * exception is if the journal is clean as marked by the two restart pages
55 * then it doesn't matter whether we are on an earlier version. We can just
56 * reinitialize the logfile and start again with version 1.1.
59 /* Some $LogFile related constants. */
60 #define MaxLogFileSize 0x100000000ULL
61 #define DefaultLogPageSize 4096
62 #define MinLogRecordPages 48
65 * Log file restart page header (begins the restart area).
67 typedef struct {
68 /*Ofs*/
69 /* 0 NTFS_RECORD; -- Unfolded here as gcc doesn't like unnamed structs. */
70 /* 0*/ NTFS_RECORD_TYPE magic; /* The magic is "RSTR". */
71 /* 4*/ le16 usa_ofs; /* See NTFS_RECORD definition in layout.h.
72 When creating, set this to be immediately
73 after this header structure (without any
74 alignment). */
75 /* 6*/ le16 usa_count; /* See NTFS_RECORD definition in layout.h. */
77 /* 8*/ leLSN chkdsk_lsn; /* The last log file sequence number found by
78 chkdsk. Only used when the magic is changed
79 to "CHKD". Otherwise this is zero. */
80 /* 16*/ le32 system_page_size; /* Byte size of system pages when the log file
81 was created, has to be >= 512 and a power of
82 2. Use this to calculate the required size
83 of the usa (usa_count) and add it to usa_ofs.
84 Then verify that the result is less than the
85 value of the restart_area_offset. */
86 /* 20*/ le32 log_page_size; /* Byte size of log file pages, has to be >=
87 512 and a power of 2. The default is 4096
88 and is used when the system page size is
89 between 4096 and 8192. Otherwise this is
90 set to the system page size instead. */
91 /* 24*/ le16 restart_area_offset;/* Byte offset from the start of this header to
92 the RESTART_AREA. Value has to be aligned
93 to 8-byte boundary. When creating, set this
94 to be after the usa. */
95 /* 26*/ sle16 minor_ver; /* Log file minor version. Only check if major
96 version is 1. */
97 /* 28*/ sle16 major_ver; /* Log file major version. We only support
98 version 1.1. */
99 /* sizeof() = 30 (0x1e) bytes */
100 } __attribute__ ((__packed__)) RESTART_PAGE_HEADER;
103 * Constant for the log client indices meaning that there are no client records
104 * in this particular client array. Also inside the client records themselves,
105 * this means that there are no client records preceding or following this one.
107 #define LOGFILE_NO_CLIENT cpu_to_le16(0xffff)
108 #define LOGFILE_NO_CLIENT_CPU 0xffff
111 * These are the so far known RESTART_AREA_* flags (16-bit) which contain
112 * information about the log file in which they are present.
114 enum {
115 RESTART_VOLUME_IS_CLEAN = cpu_to_le16(0x0002),
116 RESTART_SPACE_FILLER = cpu_to_le16(0xffff), /* gcc: Force enum bit width to 16. */
117 } __attribute__ ((__packed__));
119 typedef le16 RESTART_AREA_FLAGS;
122 * Log file restart area record. The offset of this record is found by adding
123 * the offset of the RESTART_PAGE_HEADER to the restart_area_offset value found
124 * in it. See notes at restart_area_offset above.
126 typedef struct {
127 /*Ofs*/
128 /* 0*/ leLSN current_lsn; /* The current, i.e. last LSN inside the log
129 when the restart area was last written.
130 This happens often but what is the interval?
131 Is it just fixed time or is it every time a
132 check point is written or somethine else?
133 On create set to 0. */
134 /* 8*/ le16 log_clients; /* Number of log client records in the array of
135 log client records which follows this
136 restart area. Must be 1. */
137 /* 10*/ le16 client_free_list; /* The index of the first free log client record
138 in the array of log client records.
139 LOGFILE_NO_CLIENT means that there are no
140 free log client records in the array.
141 If != LOGFILE_NO_CLIENT, check that
142 log_clients > client_free_list. On Win2k
143 and presumably earlier, on a clean volume
144 this is != LOGFILE_NO_CLIENT, and it should
145 be 0, i.e. the first (and only) client
146 record is free and thus the logfile is
147 closed and hence clean. A dirty volume
148 would have left the logfile open and hence
149 this would be LOGFILE_NO_CLIENT. On WinXP
150 and presumably later, the logfile is always
151 open, even on clean shutdown so this should
152 always be LOGFILE_NO_CLIENT. */
153 /* 12*/ le16 client_in_use_list;/* The index of the first in-use log client
154 record in the array of log client records.
155 LOGFILE_NO_CLIENT means that there are no
156 in-use log client records in the array. If
157 != LOGFILE_NO_CLIENT check that log_clients
158 > client_in_use_list. On Win2k and
159 presumably earlier, on a clean volume this
160 is LOGFILE_NO_CLIENT, i.e. there are no
161 client records in use and thus the logfile
162 is closed and hence clean. A dirty volume
163 would have left the logfile open and hence
164 this would be != LOGFILE_NO_CLIENT, and it
165 should be 0, i.e. the first (and only)
166 client record is in use. On WinXP and
167 presumably later, the logfile is always
168 open, even on clean shutdown so this should
169 always be 0. */
170 /* 14*/ RESTART_AREA_FLAGS flags;/* Flags modifying LFS behaviour. On Win2k
171 and presumably earlier this is always 0. On
172 WinXP and presumably later, if the logfile
173 was shutdown cleanly, the second bit,
174 RESTART_VOLUME_IS_CLEAN, is set. This bit
175 is cleared when the volume is mounted by
176 WinXP and set when the volume is dismounted,
177 thus if the logfile is dirty, this bit is
178 clear. Thus we don't need to check the
179 Windows version to determine if the logfile
180 is clean. Instead if the logfile is closed,
181 we know it must be clean. If it is open and
182 this bit is set, we also know it must be
183 clean. If on the other hand the logfile is
184 open and this bit is clear, we can be almost
185 certain that the logfile is dirty. */
186 /* 16*/ le32 seq_number_bits; /* How many bits to use for the sequence
187 number. This is calculated as 67 - the
188 number of bits required to store the logfile
189 size in bytes and this can be used in with
190 the specified file_size as a consistency
191 check. */
192 /* 20*/ le16 restart_area_length;/* Length of the restart area including the
193 client array. Following checks required if
194 version matches. Otherwise, skip them.
195 restart_area_offset + restart_area_length
196 has to be <= system_page_size. Also,
197 restart_area_length has to be >=
198 client_array_offset + (log_clients *
199 sizeof(log client record)). */
200 /* 22*/ le16 client_array_offset;/* Offset from the start of this record to
201 the first log client record if versions are
202 matched. When creating, set this to be
203 after this restart area structure, aligned
204 to 8-bytes boundary. If the versions do not
205 match, this is ignored and the offset is
206 assumed to be (sizeof(RESTART_AREA) + 7) &
207 ~7, i.e. rounded up to first 8-byte
208 boundary. Either way, client_array_offset
209 has to be aligned to an 8-byte boundary.
210 Also, restart_area_offset +
211 client_array_offset has to be <= 510.
212 Finally, client_array_offset + (log_clients
213 * sizeof(log client record)) has to be <=
214 system_page_size. On Win2k and presumably
215 earlier, this is 0x30, i.e. immediately
216 following this record. On WinXP and
217 presumably later, this is 0x40, i.e. there
218 are 16 extra bytes between this record and
219 the client array. This probably means that
220 the RESTART_AREA record is actually bigger
221 in WinXP and later. */
222 /* 24*/ sle64 file_size; /* Usable byte size of the log file. If the
223 restart_area_offset + the offset of the
224 file_size are > 510 then corruption has
225 occurred. This is the very first check when
226 starting with the restart_area as if it
227 fails it means that some of the above values
228 will be corrupted by the multi sector
229 transfer protection. The file_size has to
230 be rounded down to be a multiple of the
231 log_page_size in the RESTART_PAGE_HEADER and
232 then it has to be at least big enough to
233 store the two restart pages and 48 (0x30)
234 log record pages. */
235 /* 32*/ le32 last_lsn_data_length;/* Length of data of last LSN, not including
236 the log record header. On create set to
237 0. */
238 /* 36*/ le16 log_record_header_length;/* Byte size of the log record header.
239 If the version matches then check that the
240 value of log_record_header_length is a
241 multiple of 8, i.e.
242 (log_record_header_length + 7) & ~7 ==
243 log_record_header_length. When creating set
244 it to sizeof(LOG_RECORD_HEADER), aligned to
245 8 bytes. */
246 /* 38*/ le16 log_page_data_offset;/* Offset to the start of data in a log record
247 page. Must be a multiple of 8. On create
248 set it to immediately after the update
249 sequence array of the log record page. */
250 /* 40*/ le32 restart_log_open_count;/* A counter that gets incremented every
251 time the logfile is restarted which happens
252 at mount time when the logfile is opened.
253 When creating set to a random value. Win2k
254 sets it to the low 32 bits of the current
255 system time in NTFS format (see time.h). */
256 /* 44*/ le32 reserved; /* Reserved/alignment to 8-byte boundary. */
257 /* sizeof() = 48 (0x30) bytes */
258 } __attribute__ ((__packed__)) RESTART_AREA;
261 * Log client record. The offset of this record is found by adding the offset
262 * of the RESTART_AREA to the client_array_offset value found in it.
264 typedef struct {
265 /*Ofs*/
266 /* 0*/ leLSN oldest_lsn; /* Oldest LSN needed by this client. On create
267 set to 0. */
268 /* 8*/ leLSN client_restart_lsn;/* LSN at which this client needs to restart
269 the volume, i.e. the current position within
270 the log file. At present, if clean this
271 should = current_lsn in restart area but it
272 probably also = current_lsn when dirty most
273 of the time. At create set to 0. */
274 /* 16*/ le16 prev_client; /* The offset to the previous log client record
275 in the array of log client records.
276 LOGFILE_NO_CLIENT means there is no previous
277 client record, i.e. this is the first one.
278 This is always LOGFILE_NO_CLIENT. */
279 /* 18*/ le16 next_client; /* The offset to the next log client record in
280 the array of log client records.
281 LOGFILE_NO_CLIENT means there are no next
282 client records, i.e. this is the last one.
283 This is always LOGFILE_NO_CLIENT. */
284 /* 20*/ le16 seq_number; /* On Win2k and presumably earlier, this is set
285 to zero every time the logfile is restarted
286 and it is incremented when the logfile is
287 closed at dismount time. Thus it is 0 when
288 dirty and 1 when clean. On WinXP and
289 presumably later, this is always 0. */
290 /* 22*/ u8 reserved[6]; /* Reserved/alignment. */
291 /* 28*/ le32 client_name_length;/* Length of client name in bytes. Should
292 always be 8. */
293 /* 32*/ ntfschar client_name[64];/* Name of the client in Unicode. Should
294 always be "NTFS" with the remaining bytes
295 set to 0. */
296 /* sizeof() = 160 (0xa0) bytes */
297 } __attribute__ ((__packed__)) LOG_CLIENT_RECORD;
299 extern bool ntfs_check_logfile(struct inode *log_vi,
300 RESTART_PAGE_HEADER **rp);
302 extern bool ntfs_is_logfile_clean(struct inode *log_vi,
303 const RESTART_PAGE_HEADER *rp);
305 extern bool ntfs_empty_logfile(struct inode *log_vi);
307 #endif /* NTFS_RW */
309 #endif /* _LINUX_NTFS_LOGFILE_H */