1 /*
2 * logfile.h - Exports for $LogFile handling. Part of the Linux-NTFS project.
3 *
4 * Copyright (c) 2000-2005 Anton Altaparmakov
5 * Copyright (c) 2005-2007 Yura Pakhuchiy
6 *
7 * This program/include file is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License as published
9 * by the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * This program/include file is distributed in the hope that it will be
13 * useful, but WITHOUT ANY WARRANTY; without even the implied warranty
14 * of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program (in the main directory of the Linux-NTFS
19 * distribution in the file COPYING); if not, write to the Free Software
20 * Foundation,Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
22
23 #ifndef _NTFS_LOGFILE_H
24 #define _NTFS_LOGFILE_H
25
26 #include "types.h"
27 #include "endians.h"
28 #include "layout.h"
29
30 /*
31 * Journal ($LogFile) organization:
32 *
33 * Two restart areas present in the first two pages (restart pages, one restart
34 * area in each page). When the volume is dismounted they should be identical,
35 * except for the update sequence array which usually has a different update
36 * sequence number.
37 *
38 * These are followed by log records organized in pages headed by a log record
39 * header going up to log file size. Not all pages contain log records when a
40 * volume is first formatted, but as the volume ages, all records will be used.
41 * When the log file fills up, the records at the beginning are purged (by
42 * modifying the oldest_lsn to a higher value presumably) and writing begins
43 * at the beginning of the file. Effectively, the log file is viewed as a
44 * circular entity.
45 *
46 * NOTE: Windows NT, 2000, and XP all use log file version 1.1 but they accept
47 * versions <= 1.x, including 0.-1. (Yes, that is a minus one in there!) We
48 * probably only want to support 1.1 as this seems to be the current version
49 * and we don't know how that differs from the older versions. The only
50 * exception is if the journal is clean as marked by the two restart pages
51 * then it doesn't matter whether we are on an earlier version. We can just
52 * reinitialize the logfile and start again with version 1.1.
53 */
54
55 /* Some $LogFile related constants. */
56 #define MaxLogFileSize 0x100000000ULL
57 #define DefaultLogPageSize 4096
58 #define MinLogRecordPages 48
59
60 /**
61 * struct RESTART_PAGE_HEADER - Log file restart page header.
62 *
63 * Begins the restart area.
64 */
65 #ifdef __sun
66 #pragma pack(1)
67 #endif
68 typedef struct {
69 /*Ofs*/
70 /* 0 NTFS_RECORD; -- Unfolded here as gcc doesn't like unnamed structs. */
71 /* 0*/ NTFS_RECORD_TYPES magic;/* The magic is "RSTR". */
72 /* 4*/ le16 usa_ofs; /* See NTFS_RECORD definition in layout.h.
73 When creating, set this to be immediately
74 after this header structure (without any
75 alignment). */
76 /* 6*/ le16 usa_count; /* See NTFS_RECORD definition in layout.h. */
77
78 /* 8*/ leLSN chkdsk_lsn; /* The last log file sequence number found by
79 chkdsk. Only used when the magic is changed
80 to "CHKD". Otherwise this is zero. */
81 /* 16*/ le32 system_page_size; /* Byte size of system pages when the log file
82 was created, has to be >= 512 and a power of
83 2. Use this to calculate the required size
84 of the usa (usa_count) and add it to usa_ofs.
85 Then verify that the result is less than the
86 value of the restart_area_offset. */
87 /* 20*/ le32 log_page_size; /* Byte size of log file pages, has to be >=
88 512 and a power of 2. The default is 4096
89 and is used when the system page size is
90 between 4096 and 8192. Otherwise this is
91 set to the system page size instead. */
92 /* 24*/ le16 restart_area_offset;/* Byte offset from the start of this header to
93 the RESTART_AREA. Value has to be aligned
94 to 8-byte boundary. When creating, set this
95 to be after the usa. */
96 /* 26*/ sle16 minor_ver; /* Log file minor version. Only check if major
97 version is 1. */
98 /* 28*/ sle16 major_ver; /* Log file major version. We only support
99 version 1.1. */
100 /* sizeof() = 30 (0x1e) bytes */
101 } __attribute__((__packed__)) RESTART_PAGE_HEADER;
102 #ifdef __sun
103 #pragma pack()
104 #endif
105
106 /*
107 * Constant for the log client indices meaning that there are no client records
108 * in this particular client array. Also inside the client records themselves,
109 * this means that there are no client records preceding or following this one.
110 */
111 #define LOGFILE_NO_CLIENT const_cpu_to_le16(0xffff)
112 #define LOGFILE_NO_CLIENT_CPU 0xffff
113
114 #ifdef __sun
115 #define RESTART_VOLUME_IS_CLEAN (const_cpu_to_le16(0x0002))
116 #else /* not __sun */
117 /*
118 * These are the so far known RESTART_AREA_* flags (16-bit) which contain
119 * information about the log file in which they are present.
120 */
121 enum {
122 RESTART_VOLUME_IS_CLEAN = const_cpu_to_le16(0x0002),
123 RESTART_SPACE_FILLER = const_cpu_to_le16(0xffff),
124 /* gcc: Force enum bit width to 16. */
125 } __attribute__((__packed__));
126 #endif /* __sun */
127
128 typedef le16 RESTART_AREA_FLAGS;
129
130 /**
131 * struct RESTART_AREA - Log file restart area record.
132 *
133 * The offset of this record is found by adding the offset of the
134 * RESTART_PAGE_HEADER to the restart_area_offset value found in it.
135 * See notes at restart_area_offset above.
136 */
137 #ifdef __sun
138 #pragma pack(1)
139 #endif
140 typedef struct {
141 /*Ofs*/
142 /* 0*/ leLSN current_lsn; /* The current, i.e. last LSN inside the log
143 when the restart area was last written.
144 This happens often but what is the interval?
145 Is it just fixed time or is it every time a
146 check point is written or something else?
147 On create set to 0. */
148 /* 8*/ le16 log_clients; /* Number of log client records in the array of
149 log client records which follows this
150 restart area. Must be 1. */
151 /* 10*/ le16 client_free_list; /* The index of the first free log client record
152 in the array of log client records.
153 LOGFILE_NO_CLIENT means that there are no
154 free log client records in the array.
155 If != LOGFILE_NO_CLIENT, check that
156 log_clients > client_free_list. On Win2k
157 and presumably earlier, on a clean volume
158 this is != LOGFILE_NO_CLIENT, and it should
159 be 0, i.e. the first (and only) client
160 record is free and thus the logfile is
161 closed and hence clean. A dirty volume
162 would have left the logfile open and hence
163 this would be LOGFILE_NO_CLIENT. On WinXP
164 and presumably later, the logfile is always
165 open, even on clean shutdown so this should
166 always be LOGFILE_NO_CLIENT. */
167 /* 12*/ le16 client_in_use_list;/* The index of the first in-use log client
168 record in the array of log client records.
169 LOGFILE_NO_CLIENT means that there are no
170 in-use log client records in the array. If
171 != LOGFILE_NO_CLIENT check that log_clients
172 > client_in_use_list. On Win2k and
173 presumably earlier, on a clean volume this
174 is LOGFILE_NO_CLIENT, i.e. there are no
175 client records in use and thus the logfile
176 is closed and hence clean. A dirty volume
177 would have left the logfile open and hence
178 this would be != LOGFILE_NO_CLIENT, and it
179 should be 0, i.e. the first (and only)
180 client record is in use. On WinXP and
181 presumably later, the logfile is always
182 open, even on clean shutdown so this should
183 always be 0. */
184 /* 14*/ RESTART_AREA_FLAGS flags;/* Flags modifying LFS behaviour. On Win2k
185 and presumably earlier this is always 0. On
186 WinXP and presumably later, if the logfile
187 was shutdown cleanly, the second bit,
188 RESTART_VOLUME_IS_CLEAN, is set. This bit
189 is cleared when the volume is mounted by
190 WinXP and set when the volume is dismounted,
191 thus if the logfile is dirty, this bit is
192 clear. Thus we don't need to check the
193 Windows version to determine if the logfile
194 is clean. Instead if the logfile is closed,
195 we know it must be clean. If it is open and
196 this bit is set, we also know it must be
197 clean. If on the other hand the logfile is
198 open and this bit is clear, we can be almost
199 certain that the logfile is dirty. */
200 /* 16*/ le32 seq_number_bits; /* How many bits to use for the sequence
201 number. This is calculated as 67 - the
202 number of bits required to store the logfile
203 size in bytes and this can be used in with
204 the specified file_size as a consistency
205 check. */
206 /* 20*/ le16 restart_area_length;/* Length of the restart area including the
207 client array. Following checks required if
208 version matches. Otherwise, skip them.
209 restart_area_offset + restart_area_length
210 has to be <= system_page_size. Also,
211 restart_area_length has to be >=
212 client_array_offset + (log_clients *
213 sizeof(log client record)). */
214 /* 22*/ le16 client_array_offset;/* Offset from the start of this record to
215 the first log client record if versions are
216 matched. When creating, set this to be
217 after this restart area structure, aligned
218 to 8-bytes boundary. If the versions do not
219 match, this is ignored and the offset is
220 assumed to be (sizeof(RESTART_AREA) + 7) &
221 ~7, i.e. rounded up to first 8-byte
222 boundary. Either way, client_array_offset
223 has to be aligned to an 8-byte boundary.
224 Also, restart_area_offset +
225 client_array_offset has to be <= 510.
226 Finally, client_array_offset + (log_clients
227 * sizeof(log client record)) has to be <=
228 system_page_size. On Win2k and presumably
229 earlier, this is 0x30, i.e. immediately
230 following this record. On WinXP and
231 presumably later, this is 0x40, i.e. there
232 are 16 extra bytes between this record and
233 the client array. This probably means that
234 the RESTART_AREA record is actually bigger
235 in WinXP and later. */
236 /* 24*/ sle64 file_size; /* Usable byte size of the log file. If the
237 restart_area_offset + the offset of the
238 file_size are > 510 then corruption has
239 occurred. This is the very first check when
240 starting with the restart_area as if it
241 fails it means that some of the above values
242 will be corrupted by the multi sector
243 transfer protection. The file_size has to
244 be rounded down to be a multiple of the
245 log_page_size in the RESTART_PAGE_HEADER and
246 then it has to be at least big enough to
247 store the two restart pages and 48 (0x30)
248 log record pages. */
249 /* 32*/ le32 last_lsn_data_length;/* Length of data of last LSN, not including
250 the log record header. On create set to
251 0. */
252 /* 36*/ le16 log_record_header_length;/* Byte size of the log record header.
253 If the version matches then check that the
254 value of log_record_header_length is a
255 multiple of 8, i.e.
256 (log_record_header_length + 7) & ~7 ==
257 log_record_header_length. When creating set
258 it to sizeof(LOG_RECORD_HEADER), aligned to
259 8 bytes. */
260 /* 38*/ le16 log_page_data_offset;/* Offset to the start of data in a log record
261 page. Must be a multiple of 8. On create
262 set it to immediately after the update
263 sequence array of the log record page. */
264 /* 40*/ le32 restart_log_open_count;/* A counter that gets incremented every
265 time the logfile is restarted which happens
266 at mount time when the logfile is opened.
267 When creating set to a random value. Win2k
268 sets it to the low 32 bits of the current
269 system time in NTFS format (see time.h). */
270 /* 44*/ le32 reserved; /* Reserved/alignment to 8-byte boundary. */
271 /* sizeof() = 48 (0x30) bytes */
272 } __attribute__((__packed__)) RESTART_AREA;
273 #ifdef __sun
274 #pragma pack()
275 #endif
276
277 /**
278 * struct LOG_CLIENT_RECORD - Log client record.
279 *
280 * The offset of this record is found by adding the offset of the
281 * RESTART_AREA to the client_array_offset value found in it.
282 */
283 #ifdef __sun
284 #pragma pack(1)
285 #endif
286 typedef struct {
287 /*Ofs*/
288 /* 0*/ leLSN oldest_lsn; /* Oldest LSN needed by this client. On create
289 set to 0. */
290 /* 8*/ leLSN client_restart_lsn;/* LSN at which this client needs to restart
291 the volume, i.e. the current position within
292 the log file. At present, if clean this
293 should = current_lsn in restart area but it
294 probably also = current_lsn when dirty most
295 of the time. At create set to 0. */
296 /* 16*/ le16 prev_client; /* The offset to the previous log client record
297 in the array of log client records.
298 LOGFILE_NO_CLIENT means there is no previous
299 client record, i.e. this is the first one.
300 This is always LOGFILE_NO_CLIENT. */
301 /* 18*/ le16 next_client; /* The offset to the next log client record in
302 the array of log client records.
303 LOGFILE_NO_CLIENT means there are no next
304 client records, i.e. this is the last one.
305 This is always LOGFILE_NO_CLIENT. */
306 /* 20*/ le16 seq_number; /* On Win2k and presumably earlier, this is set
307 to zero every time the logfile is restarted
308 and it is incremented when the logfile is
309 closed at dismount time. Thus it is 0 when
310 dirty and 1 when clean. On WinXP and
311 presumably later, this is always 0. */
312 /* 22*/ u8 reserved[6]; /* Reserved/alignment. */
313 /* 28*/ le32 client_name_length;/* Length of client name in bytes. Should
314 always be 8. */
315 /* 32*/ ntfschar client_name[64];/* Name of the client in Unicode. Should
316 always be "NTFS" with the remaining bytes
317 set to 0. */
318 /* sizeof() = 160 (0xa0) bytes */
319 } __attribute__((__packed__)) LOG_CLIENT_RECORD;
320 #ifdef __sun
321 #pragma pack()
322 #endif
323
324 /**
325 * struct RECORD_PAGE_HEADER - Log page record page header.
326 *
327 * Each log page begins with this header and is followed by several LOG_RECORD
328 * structures, starting at offset 0x40 (the size of this structure and the
329 * following update sequence array and then aligned to 8 byte boundary, but is
330 * this specified anywhere?).
331 */
332 #ifdef __sun
333 #pragma pack(1)
334 #endif
335 typedef struct {
336 /* 0 NTFS_RECORD; -- Unfolded here as gcc doesn't like unnamed structs. */
337 NTFS_RECORD_TYPES magic;/* Usually the magic is "RCRD". */
338 u16 usa_ofs; /* See NTFS_RECORD definition in layout.h.
339 When creating, set this to be immediately
340 after this header structure (without any
341 alignment). */
342 u16 usa_count; /* See NTFS_RECORD definition in layout.h. */
343
344 union {
345 LSN last_lsn;
346 s64 file_offset;
347 } __attribute__((__packed__)) copy;
348 u32 flags;
349 u16 page_count;
350 u16 page_position;
351 union {
352 struct {
353 u16 next_record_offset;
354 u8 reserved[6];
355 LSN last_end_lsn;
356 } __attribute__((__packed__)) packed;
357 } __attribute__((__packed__)) header;
358 } __attribute__((__packed__)) RECORD_PAGE_HEADER;
359 #ifdef __sun
360 #pragma pack()
361 #endif
362
363 /**
364 * enum LOG_RECORD_FLAGS - Possible 16-bit flags for log records.
365 *
366 * (Or is it log record pages?)
367 */
368 #ifdef __sun
369 typedef const uint16_t LOG_RECORD_FLAGS;
370 #define LOG_RECORD_MULTI_PAGE (const_cpu_to_le16(0x0001))
371 #else /* not __sun */
372 typedef enum {
373 LOG_RECORD_MULTI_PAGE = const_cpu_to_le16(0x0001), /* ??? */
374 LOG_RECORD_SIZE_PLACE_HOLDER = 0xffff,
375 /* This has nothing to do with the log record. It is only so
376 gcc knows to make the flags 16-bit. */
377 } __attribute__((__packed__)) LOG_RECORD_FLAGS;
378 #endif /* __sun */
379
380 /**
381 * struct LOG_CLIENT_ID - The log client id structure identifying a log client.
382 */
383 #ifdef __sun
384 #pragma pack(1)
385 #endif
386 typedef struct {
387 u16 seq_number;
388 u16 client_index;
389 } __attribute__((__packed__)) LOG_CLIENT_ID;
390 #ifdef __sun
391 #pragma pack()
392 #endif
393
394 /**
395 * struct LOG_RECORD - Log record header.
396 *
397 * Each log record seems to have a constant size of 0x70 bytes.
398 */
399 #ifdef __sun
400 #pragma pack(1)
401 #endif
402 typedef struct {
403 LSN this_lsn;
404 LSN client_previous_lsn;
405 LSN client_undo_next_lsn;
406 u32 client_data_length;
407 LOG_CLIENT_ID client_id;
408 u32 record_type;
409 u32 transaction_id;
410 u16 flags;
411 u16 reserved_or_alignment[3];
412 /* Now are at ofs 0x30 into struct. */
413 u16 redo_operation;
414 u16 undo_operation;
415 u16 redo_offset;
416 u16 redo_length;
417 u16 undo_offset;
418 u16 undo_length;
419 u16 target_attribute;
420 u16 lcns_to_follow; /* Number of lcn_list entries
421 following this entry. */
422 /* Now at ofs 0x40. */
423 u16 record_offset;
424 u16 attribute_offset;
425 u32 alignment_or_reserved;
426 VCN target_vcn;
427 /* Now at ofs 0x50. */
428 struct { /* Only present if lcns_to_follow
429 is not 0. */
430 LCN lcn;
431 } __attribute__((__packed__)) lcn_list[];
432 } __attribute__((__packed__)) LOG_RECORD;
433 #ifdef __sun
434 #pragma pack()
435 #endif
436
437 extern BOOL ntfs_check_logfile(ntfs_attr *log_na, RESTART_PAGE_HEADER **rp);
438 extern BOOL ntfs_is_logfile_clean(ntfs_attr *log_na, RESTART_PAGE_HEADER *rp);
439 extern int ntfs_empty_logfile(ntfs_attr *na);
440
441 #endif /* defined _NTFS_LOGFILE_H */