1 // SPDX-License-Identifier: GPL-2.0-only 2 /* * This file is part of UBIFS. 3 * 4 * Copyright (C) 2006-2008 Nokia Corporation. 5 * Copyright (C) 2006, 2007 University of Szeged, Hungary 6 * 7 * Authors: Artem Bityutskiy (Битюцкий Артём) 8 * Adrian Hunter 9 * Zoltan Sogor 10 */ 11 12 /* 13 * This file implements directory operations. 14 * 15 * All FS operations in this file allocate budget before writing anything to the 16 * media. If they fail to allocate it, the error is returned. The only 17 * exceptions are 'ubifs_unlink()' and 'ubifs_rmdir()' which keep working even 18 * if they unable to allocate the budget, because deletion %-ENOSPC failure is 19 * not what users are usually ready to get. UBIFS budgeting subsystem has some 20 * space reserved for these purposes. 21 * 22 * All operations in this file write all inodes which they change straight 23 * away, instead of marking them dirty. For example, 'ubifs_link()' changes 24 * @i_size of the parent inode and writes the parent inode together with the 25 * target inode. This was done to simplify file-system recovery which would 26 * otherwise be very difficult to do. The only exception is rename which marks 27 * the re-named inode dirty (because its @i_ctime is updated) but does not 28 * write it, but just marks it as dirty. 29 */ 30 31 #include "ubifs.h" 32 33 /** 34 * inherit_flags - inherit flags of the parent inode. 35 * @dir: parent inode 36 * @mode: new inode mode flags 37 * 38 * This is a helper function for 'ubifs_new_inode()' which inherits flag of the 39 * parent directory inode @dir. UBIFS inodes inherit the following flags: 40 * o %UBIFS_COMPR_FL, which is useful to switch compression on/of on 41 * sub-directory basis; 42 * o %UBIFS_SYNC_FL - useful for the same reasons; 43 * o %UBIFS_DIRSYNC_FL - similar, but relevant only to directories. 44 * 45 * This function returns the inherited flags. 46 */ inherit_flags(const struct inode * dir,umode_t mode)47 static int inherit_flags(const struct inode *dir, umode_t mode) 48 { 49 int flags; 50 const struct ubifs_inode *ui = ubifs_inode(dir); 51 52 if (!S_ISDIR(dir->i_mode)) 53 /* 54 * The parent is not a directory, which means that an extended 55 * attribute inode is being created. No flags. 56 */ 57 return 0; 58 59 flags = ui->flags & (UBIFS_COMPR_FL | UBIFS_SYNC_FL | UBIFS_DIRSYNC_FL); 60 if (!S_ISDIR(mode)) 61 /* The "DIRSYNC" flag only applies to directories */ 62 flags &= ~UBIFS_DIRSYNC_FL; 63 return flags; 64 } 65 66 /** 67 * ubifs_new_inode - allocate new UBIFS inode object. 68 * @c: UBIFS file-system description object 69 * @dir: parent directory inode 70 * @mode: inode mode flags 71 * @is_xattr: whether the inode is xattr inode 72 * 73 * This function finds an unused inode number, allocates new inode and 74 * initializes it. Non-xattr new inode may be written with xattrs(selinux/ 75 * encryption) before writing dentry, which could cause inconsistent problem 76 * when powercut happens between two operations. To deal with it, non-xattr 77 * new inode is initialized with zero-nlink and added into orphan list, caller 78 * should make sure that inode is relinked later, and make sure that orphan 79 * removing and journal writing into an committing atomic operation. Returns 80 * new inode in case of success and an error code in case of failure. 81 */ ubifs_new_inode(struct ubifs_info * c,struct inode * dir,umode_t mode,bool is_xattr)82 struct inode *ubifs_new_inode(struct ubifs_info *c, struct inode *dir, 83 umode_t mode, bool is_xattr) 84 { 85 int err; 86 struct inode *inode; 87 struct ubifs_inode *ui; 88 bool encrypted = false; 89 90 inode = new_inode(c->vfs_sb); 91 ui = ubifs_inode(inode); 92 if (!inode) 93 return ERR_PTR(-ENOMEM); 94 95 /* 96 * Set 'S_NOCMTIME' to prevent VFS form updating [mc]time of inodes and 97 * marking them dirty in file write path (see 'file_update_time()'). 98 * UBIFS has to fully control "clean <-> dirty" transitions of inodes 99 * to make budgeting work. 100 */ 101 inode->i_flags |= S_NOCMTIME; 102 103 inode_init_owner(&nop_mnt_idmap, inode, dir, mode); 104 simple_inode_init_ts(inode); 105 inode->i_mapping->nrpages = 0; 106 107 if (!is_xattr) { 108 err = fscrypt_prepare_new_inode(dir, inode, &encrypted); 109 if (err) { 110 ubifs_err(c, "fscrypt_prepare_new_inode failed: %i", err); 111 goto out_iput; 112 } 113 } 114 115 switch (mode & S_IFMT) { 116 case S_IFREG: 117 inode->i_mapping->a_ops = &ubifs_file_address_operations; 118 inode->i_op = &ubifs_file_inode_operations; 119 inode->i_fop = &ubifs_file_operations; 120 break; 121 case S_IFDIR: 122 inode->i_op = &ubifs_dir_inode_operations; 123 inode->i_fop = &ubifs_dir_operations; 124 inode->i_size = ui->ui_size = UBIFS_INO_NODE_SZ; 125 break; 126 case S_IFLNK: 127 inode->i_op = &ubifs_symlink_inode_operations; 128 break; 129 case S_IFSOCK: 130 case S_IFIFO: 131 case S_IFBLK: 132 case S_IFCHR: 133 inode->i_op = &ubifs_file_inode_operations; 134 break; 135 default: 136 BUG(); 137 } 138 139 ui->flags = inherit_flags(dir, mode); 140 ubifs_set_inode_flags(inode); 141 if (S_ISREG(mode)) 142 ui->compr_type = c->default_compr; 143 else 144 ui->compr_type = UBIFS_COMPR_NONE; 145 ui->synced_i_size = 0; 146 147 spin_lock(&c->cnt_lock); 148 /* Inode number overflow is currently not supported */ 149 if (c->highest_inum >= INUM_WARN_WATERMARK) { 150 if (c->highest_inum >= INUM_WATERMARK) { 151 spin_unlock(&c->cnt_lock); 152 ubifs_err(c, "out of inode numbers"); 153 err = -EINVAL; 154 goto out_iput; 155 } 156 ubifs_warn(c, "running out of inode numbers (current %lu, max %u)", 157 (unsigned long)c->highest_inum, INUM_WATERMARK); 158 } 159 160 inode->i_ino = ++c->highest_inum; 161 /* 162 * The creation sequence number remains with this inode for its 163 * lifetime. All nodes for this inode have a greater sequence number, 164 * and so it is possible to distinguish obsolete nodes belonging to a 165 * previous incarnation of the same inode number - for example, for the 166 * purpose of rebuilding the index. 167 */ 168 ui->creat_sqnum = ++c->max_sqnum; 169 spin_unlock(&c->cnt_lock); 170 171 if (!is_xattr) { 172 set_nlink(inode, 0); 173 err = ubifs_add_orphan(c, inode->i_ino); 174 if (err) { 175 ubifs_err(c, "ubifs_add_orphan failed: %i", err); 176 goto out_iput; 177 } 178 down_read(&c->commit_sem); 179 ui->del_cmtno = c->cmt_no; 180 up_read(&c->commit_sem); 181 } 182 183 if (encrypted) { 184 err = fscrypt_set_context(inode, NULL); 185 if (err) { 186 if (!is_xattr) { 187 set_nlink(inode, 1); 188 ubifs_delete_orphan(c, inode->i_ino); 189 } 190 ubifs_err(c, "fscrypt_set_context failed: %i", err); 191 goto out_iput; 192 } 193 } 194 195 return inode; 196 197 out_iput: 198 make_bad_inode(inode); 199 iput(inode); 200 return ERR_PTR(err); 201 } 202 dbg_check_name(const struct ubifs_info * c,const struct ubifs_dent_node * dent,const struct fscrypt_name * nm)203 static int dbg_check_name(const struct ubifs_info *c, 204 const struct ubifs_dent_node *dent, 205 const struct fscrypt_name *nm) 206 { 207 if (!dbg_is_chk_gen(c)) 208 return 0; 209 if (le16_to_cpu(dent->nlen) != fname_len(nm)) 210 return -EINVAL; 211 if (memcmp(dent->name, fname_name(nm), fname_len(nm))) 212 return -EINVAL; 213 return 0; 214 } 215 ubifs_lookup(struct inode * dir,struct dentry * dentry,unsigned int flags)216 static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry, 217 unsigned int flags) 218 { 219 int err; 220 union ubifs_key key; 221 struct inode *inode = NULL; 222 struct ubifs_dent_node *dent = NULL; 223 struct ubifs_info *c = dir->i_sb->s_fs_info; 224 struct fscrypt_name nm; 225 226 dbg_gen("'%pd' in dir ino %lu", dentry, dir->i_ino); 227 228 err = fscrypt_prepare_lookup(dir, dentry, &nm); 229 if (err == -ENOENT) 230 return d_splice_alias(NULL, dentry); 231 if (err) 232 return ERR_PTR(err); 233 234 if (fname_len(&nm) > UBIFS_MAX_NLEN) { 235 inode = ERR_PTR(-ENAMETOOLONG); 236 goto done; 237 } 238 239 dent = kmalloc(UBIFS_MAX_DENT_NODE_SZ, GFP_NOFS); 240 if (!dent) { 241 inode = ERR_PTR(-ENOMEM); 242 goto done; 243 } 244 245 if (fname_name(&nm) == NULL) { 246 if (nm.hash & ~UBIFS_S_KEY_HASH_MASK) 247 goto done; /* ENOENT */ 248 dent_key_init_hash(c, &key, dir->i_ino, nm.hash); 249 err = ubifs_tnc_lookup_dh(c, &key, dent, nm.minor_hash); 250 } else { 251 dent_key_init(c, &key, dir->i_ino, &nm); 252 err = ubifs_tnc_lookup_nm(c, &key, dent, &nm); 253 } 254 255 if (err) { 256 if (err == -ENOENT) 257 dbg_gen("not found"); 258 else 259 inode = ERR_PTR(err); 260 goto done; 261 } 262 263 if (dbg_check_name(c, dent, &nm)) { 264 inode = ERR_PTR(-EINVAL); 265 goto done; 266 } 267 268 inode = ubifs_iget(dir->i_sb, le64_to_cpu(dent->inum)); 269 if (IS_ERR(inode)) { 270 /* 271 * This should not happen. Probably the file-system needs 272 * checking. 273 */ 274 err = PTR_ERR(inode); 275 ubifs_err(c, "dead directory entry '%pd', error %d", 276 dentry, err); 277 ubifs_ro_mode(c, err); 278 goto done; 279 } 280 281 if (IS_ENCRYPTED(dir) && 282 (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) && 283 !fscrypt_has_permitted_context(dir, inode)) { 284 ubifs_warn(c, "Inconsistent encryption contexts: %lu/%lu", 285 dir->i_ino, inode->i_ino); 286 iput(inode); 287 inode = ERR_PTR(-EPERM); 288 } 289 290 done: 291 kfree(dent); 292 fscrypt_free_filename(&nm); 293 return d_splice_alias(inode, dentry); 294 } 295 ubifs_prepare_create(struct inode * dir,struct dentry * dentry,struct fscrypt_name * nm)296 static int ubifs_prepare_create(struct inode *dir, struct dentry *dentry, 297 struct fscrypt_name *nm) 298 { 299 if (fscrypt_is_nokey_name(dentry)) 300 return -ENOKEY; 301 302 return fscrypt_setup_filename(dir, &dentry->d_name, 0, nm); 303 } 304 ubifs_create(struct mnt_idmap * idmap,struct inode * dir,struct dentry * dentry,umode_t mode,bool excl)305 static int ubifs_create(struct mnt_idmap *idmap, struct inode *dir, 306 struct dentry *dentry, umode_t mode, bool excl) 307 { 308 struct inode *inode; 309 struct ubifs_info *c = dir->i_sb->s_fs_info; 310 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 311 .dirtied_ino = 1 }; 312 struct ubifs_inode *dir_ui = ubifs_inode(dir); 313 struct fscrypt_name nm; 314 int err, sz_change; 315 316 /* 317 * Budget request settings: new inode, new direntry, changing the 318 * parent directory inode. 319 */ 320 321 dbg_gen("dent '%pd', mode %#hx in dir ino %lu", 322 dentry, mode, dir->i_ino); 323 324 err = ubifs_budget_space(c, &req); 325 if (err) 326 return err; 327 328 err = ubifs_prepare_create(dir, dentry, &nm); 329 if (err) 330 goto out_budg; 331 332 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 333 334 inode = ubifs_new_inode(c, dir, mode, false); 335 if (IS_ERR(inode)) { 336 err = PTR_ERR(inode); 337 goto out_fname; 338 } 339 340 err = ubifs_init_security(dir, inode, &dentry->d_name); 341 if (err) 342 goto out_inode; 343 344 set_nlink(inode, 1); 345 mutex_lock(&dir_ui->ui_mutex); 346 dir->i_size += sz_change; 347 dir_ui->ui_size = dir->i_size; 348 inode_set_mtime_to_ts(dir, 349 inode_set_ctime_to_ts(dir, inode_get_ctime(inode))); 350 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0, 1); 351 if (err) 352 goto out_cancel; 353 mutex_unlock(&dir_ui->ui_mutex); 354 355 ubifs_release_budget(c, &req); 356 fscrypt_free_filename(&nm); 357 insert_inode_hash(inode); 358 d_instantiate(dentry, inode); 359 return 0; 360 361 out_cancel: 362 dir->i_size -= sz_change; 363 dir_ui->ui_size = dir->i_size; 364 mutex_unlock(&dir_ui->ui_mutex); 365 set_nlink(inode, 0); 366 out_inode: 367 iput(inode); 368 out_fname: 369 fscrypt_free_filename(&nm); 370 out_budg: 371 ubifs_release_budget(c, &req); 372 ubifs_err(c, "cannot create regular file, error %d", err); 373 return err; 374 } 375 create_whiteout(struct inode * dir,struct dentry * dentry)376 static struct inode *create_whiteout(struct inode *dir, struct dentry *dentry) 377 { 378 int err; 379 umode_t mode = S_IFCHR | WHITEOUT_MODE; 380 struct inode *inode; 381 struct ubifs_info *c = dir->i_sb->s_fs_info; 382 383 /* 384 * Create an inode('nlink = 1') for whiteout without updating journal, 385 * let ubifs_jnl_rename() store it on flash to complete rename whiteout 386 * atomically. 387 */ 388 389 dbg_gen("dent '%pd', mode %#hx in dir ino %lu", 390 dentry, mode, dir->i_ino); 391 392 inode = ubifs_new_inode(c, dir, mode, false); 393 if (IS_ERR(inode)) { 394 err = PTR_ERR(inode); 395 goto out_free; 396 } 397 398 init_special_inode(inode, inode->i_mode, WHITEOUT_DEV); 399 ubifs_assert(c, inode->i_op == &ubifs_file_inode_operations); 400 401 err = ubifs_init_security(dir, inode, &dentry->d_name); 402 if (err) 403 goto out_inode; 404 405 /* The dir size is updated by do_rename. */ 406 insert_inode_hash(inode); 407 408 return inode; 409 410 out_inode: 411 iput(inode); 412 out_free: 413 ubifs_err(c, "cannot create whiteout file, error %d", err); 414 return ERR_PTR(err); 415 } 416 417 /** 418 * lock_2_inodes - a wrapper for locking two UBIFS inodes. 419 * @inode1: first inode 420 * @inode2: second inode 421 * 422 * We do not implement any tricks to guarantee strict lock ordering, because 423 * VFS has already done it for us on the @i_mutex. So this is just a simple 424 * wrapper function. 425 */ lock_2_inodes(struct inode * inode1,struct inode * inode2)426 static void lock_2_inodes(struct inode *inode1, struct inode *inode2) 427 { 428 mutex_lock_nested(&ubifs_inode(inode1)->ui_mutex, WB_MUTEX_1); 429 mutex_lock_nested(&ubifs_inode(inode2)->ui_mutex, WB_MUTEX_2); 430 } 431 432 /** 433 * unlock_2_inodes - a wrapper for unlocking two UBIFS inodes. 434 * @inode1: first inode 435 * @inode2: second inode 436 */ unlock_2_inodes(struct inode * inode1,struct inode * inode2)437 static void unlock_2_inodes(struct inode *inode1, struct inode *inode2) 438 { 439 mutex_unlock(&ubifs_inode(inode2)->ui_mutex); 440 mutex_unlock(&ubifs_inode(inode1)->ui_mutex); 441 } 442 ubifs_tmpfile(struct mnt_idmap * idmap,struct inode * dir,struct file * file,umode_t mode)443 static int ubifs_tmpfile(struct mnt_idmap *idmap, struct inode *dir, 444 struct file *file, umode_t mode) 445 { 446 struct dentry *dentry = file->f_path.dentry; 447 struct inode *inode; 448 struct ubifs_info *c = dir->i_sb->s_fs_info; 449 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 450 .dirtied_ino = 1}; 451 struct ubifs_budget_req ino_req = { .dirtied_ino = 1 }; 452 struct ubifs_inode *ui; 453 int err, instantiated = 0; 454 struct fscrypt_name nm; 455 456 /* 457 * Budget request settings: new inode, new direntry, changing the 458 * parent directory inode. 459 * Allocate budget separately for new dirtied inode, the budget will 460 * be released via writeback. 461 */ 462 463 dbg_gen("dent '%pd', mode %#hx in dir ino %lu", 464 dentry, mode, dir->i_ino); 465 466 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 467 if (err) 468 return err; 469 470 err = ubifs_budget_space(c, &req); 471 if (err) { 472 fscrypt_free_filename(&nm); 473 return err; 474 } 475 476 err = ubifs_budget_space(c, &ino_req); 477 if (err) { 478 ubifs_release_budget(c, &req); 479 fscrypt_free_filename(&nm); 480 return err; 481 } 482 483 inode = ubifs_new_inode(c, dir, mode, false); 484 if (IS_ERR(inode)) { 485 err = PTR_ERR(inode); 486 goto out_budg; 487 } 488 ui = ubifs_inode(inode); 489 490 err = ubifs_init_security(dir, inode, &dentry->d_name); 491 if (err) 492 goto out_inode; 493 494 set_nlink(inode, 1); 495 mutex_lock(&ui->ui_mutex); 496 insert_inode_hash(inode); 497 d_tmpfile(file, inode); 498 ubifs_assert(c, ui->dirty); 499 500 instantiated = 1; 501 mutex_unlock(&ui->ui_mutex); 502 503 lock_2_inodes(dir, inode); 504 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0, 1); 505 if (err) 506 goto out_cancel; 507 unlock_2_inodes(dir, inode); 508 509 ubifs_release_budget(c, &req); 510 fscrypt_free_filename(&nm); 511 512 return finish_open_simple(file, 0); 513 514 out_cancel: 515 unlock_2_inodes(dir, inode); 516 out_inode: 517 if (!instantiated) 518 iput(inode); 519 out_budg: 520 ubifs_release_budget(c, &req); 521 if (!instantiated) 522 ubifs_release_budget(c, &ino_req); 523 fscrypt_free_filename(&nm); 524 ubifs_err(c, "cannot create temporary file, error %d", err); 525 return err; 526 } 527 528 /** 529 * vfs_dent_type - get VFS directory entry type. 530 * @type: UBIFS directory entry type 531 * 532 * This function converts UBIFS directory entry type into VFS directory entry 533 * type. 534 */ vfs_dent_type(uint8_t type)535 static unsigned int vfs_dent_type(uint8_t type) 536 { 537 switch (type) { 538 case UBIFS_ITYPE_REG: 539 return DT_REG; 540 case UBIFS_ITYPE_DIR: 541 return DT_DIR; 542 case UBIFS_ITYPE_LNK: 543 return DT_LNK; 544 case UBIFS_ITYPE_BLK: 545 return DT_BLK; 546 case UBIFS_ITYPE_CHR: 547 return DT_CHR; 548 case UBIFS_ITYPE_FIFO: 549 return DT_FIFO; 550 case UBIFS_ITYPE_SOCK: 551 return DT_SOCK; 552 default: 553 BUG(); 554 } 555 return 0; 556 } 557 558 struct ubifs_dir_data { 559 struct ubifs_dent_node *dent; 560 u64 cookie; 561 }; 562 563 /* 564 * The classical Unix view for directory is that it is a linear array of 565 * (name, inode number) entries. Linux/VFS assumes this model as well. 566 * Particularly, 'readdir()' call wants us to return a directory entry offset 567 * which later may be used to continue 'readdir()'ing the directory or to 568 * 'seek()' to that specific direntry. Obviously UBIFS does not really fit this 569 * model because directory entries are identified by keys, which may collide. 570 * 571 * UBIFS uses directory entry hash value for directory offsets, so 572 * 'seekdir()'/'telldir()' may not always work because of possible key 573 * collisions. But UBIFS guarantees that consecutive 'readdir()' calls work 574 * properly by means of saving full directory entry name in the private field 575 * of the file description object. 576 * 577 * This means that UBIFS cannot support NFS which requires full 578 * 'seekdir()'/'telldir()' support. 579 */ ubifs_readdir(struct file * file,struct dir_context * ctx)580 static int ubifs_readdir(struct file *file, struct dir_context *ctx) 581 { 582 int fstr_real_len = 0, err = 0; 583 struct fscrypt_name nm; 584 struct fscrypt_str fstr = {0}; 585 union ubifs_key key; 586 struct ubifs_dent_node *dent; 587 struct inode *dir = file_inode(file); 588 struct ubifs_info *c = dir->i_sb->s_fs_info; 589 bool encrypted = IS_ENCRYPTED(dir); 590 struct ubifs_dir_data *data = file->private_data; 591 592 dbg_gen("dir ino %lu, f_pos %#llx", dir->i_ino, ctx->pos); 593 594 if (ctx->pos > UBIFS_S_KEY_HASH_MASK || ctx->pos == 2) 595 /* 596 * The directory was seek'ed to a senseless position or there 597 * are no more entries. 598 */ 599 return 0; 600 601 if (encrypted) { 602 err = fscrypt_prepare_readdir(dir); 603 if (err) 604 return err; 605 606 err = fscrypt_fname_alloc_buffer(UBIFS_MAX_NLEN, &fstr); 607 if (err) 608 return err; 609 610 fstr_real_len = fstr.len; 611 } 612 613 if (data->cookie == 0) { 614 /* 615 * The file was seek'ed, which means that @data->dent 616 * is now invalid. This may also be just the first 617 * 'ubifs_readdir()' invocation, in which case 618 * @data->dent is NULL, and the below code is 619 * basically a no-op. 620 */ 621 kfree(data->dent); 622 data->dent = NULL; 623 } 624 625 /* 626 * 'ubifs_dir_llseek()' sets @data->cookie to zero, and we use this 627 * for detecting whether the file was seek'ed. 628 */ 629 data->cookie = 1; 630 631 /* File positions 0 and 1 correspond to "." and ".." */ 632 if (ctx->pos < 2) { 633 ubifs_assert(c, !data->dent); 634 if (!dir_emit_dots(file, ctx)) { 635 if (encrypted) 636 fscrypt_fname_free_buffer(&fstr); 637 return 0; 638 } 639 640 /* Find the first entry in TNC and save it */ 641 lowest_dent_key(c, &key, dir->i_ino); 642 fname_len(&nm) = 0; 643 dent = ubifs_tnc_next_ent(c, &key, &nm); 644 if (IS_ERR(dent)) { 645 err = PTR_ERR(dent); 646 goto out; 647 } 648 649 ctx->pos = key_hash_flash(c, &dent->key); 650 data->dent = dent; 651 } 652 653 dent = data->dent; 654 if (!dent) { 655 /* 656 * The directory was seek'ed to and is now readdir'ed. 657 * Find the entry corresponding to @ctx->pos or the closest one. 658 */ 659 dent_key_init_hash(c, &key, dir->i_ino, ctx->pos); 660 fname_len(&nm) = 0; 661 dent = ubifs_tnc_next_ent(c, &key, &nm); 662 if (IS_ERR(dent)) { 663 err = PTR_ERR(dent); 664 goto out; 665 } 666 ctx->pos = key_hash_flash(c, &dent->key); 667 data->dent = dent; 668 } 669 670 while (1) { 671 dbg_gen("ino %llu, new f_pos %#x", 672 (unsigned long long)le64_to_cpu(dent->inum), 673 key_hash_flash(c, &dent->key)); 674 ubifs_assert(c, le64_to_cpu(dent->ch.sqnum) > 675 ubifs_inode(dir)->creat_sqnum); 676 677 fname_len(&nm) = le16_to_cpu(dent->nlen); 678 fname_name(&nm) = dent->name; 679 680 if (encrypted) { 681 fstr.len = fstr_real_len; 682 683 err = fscrypt_fname_disk_to_usr(dir, key_hash_flash(c, 684 &dent->key), 685 le32_to_cpu(dent->cookie), 686 &nm.disk_name, &fstr); 687 if (err) 688 goto out; 689 } else { 690 fstr.len = fname_len(&nm); 691 fstr.name = fname_name(&nm); 692 } 693 694 if (!dir_emit(ctx, fstr.name, fstr.len, 695 le64_to_cpu(dent->inum), 696 vfs_dent_type(dent->type))) { 697 if (encrypted) 698 fscrypt_fname_free_buffer(&fstr); 699 return 0; 700 } 701 702 /* Switch to the next entry */ 703 key_read(c, &dent->key, &key); 704 dent = ubifs_tnc_next_ent(c, &key, &nm); 705 if (IS_ERR(dent)) { 706 err = PTR_ERR(dent); 707 goto out; 708 } 709 710 kfree(data->dent); 711 ctx->pos = key_hash_flash(c, &dent->key); 712 data->dent = dent; 713 cond_resched(); 714 } 715 716 out: 717 kfree(data->dent); 718 data->dent = NULL; 719 720 if (encrypted) 721 fscrypt_fname_free_buffer(&fstr); 722 723 if (err != -ENOENT) 724 ubifs_err(c, "cannot find next direntry, error %d", err); 725 else 726 /* 727 * -ENOENT is a non-fatal error in this context, the TNC uses 728 * it to indicate that the cursor moved past the current directory 729 * and readdir() has to stop. 730 */ 731 err = 0; 732 733 734 /* 2 is a special value indicating that there are no more direntries */ 735 ctx->pos = 2; 736 return err; 737 } 738 739 /* Free saved readdir() state when the directory is closed */ ubifs_dir_release(struct inode * dir,struct file * file)740 static int ubifs_dir_release(struct inode *dir, struct file *file) 741 { 742 struct ubifs_dir_data *data = file->private_data; 743 744 kfree(data->dent); 745 kfree(data); 746 file->private_data = NULL; 747 return 0; 748 } 749 ubifs_link(struct dentry * old_dentry,struct inode * dir,struct dentry * dentry)750 static int ubifs_link(struct dentry *old_dentry, struct inode *dir, 751 struct dentry *dentry) 752 { 753 struct ubifs_info *c = dir->i_sb->s_fs_info; 754 struct inode *inode = d_inode(old_dentry); 755 struct ubifs_inode *ui = ubifs_inode(inode); 756 struct ubifs_inode *dir_ui = ubifs_inode(dir); 757 int err, sz_change; 758 struct ubifs_budget_req req = { .new_dent = 1, .dirtied_ino = 2, 759 .dirtied_ino_d = ALIGN(ui->data_len, 8) }; 760 struct fscrypt_name nm; 761 762 /* 763 * Budget request settings: new direntry, changing the target inode, 764 * changing the parent inode. 765 */ 766 767 dbg_gen("dent '%pd' to ino %lu (nlink %d) in dir ino %lu", 768 dentry, inode->i_ino, 769 inode->i_nlink, dir->i_ino); 770 ubifs_assert(c, inode_is_locked(dir)); 771 ubifs_assert(c, inode_is_locked(inode)); 772 773 err = fscrypt_prepare_link(old_dentry, dir, dentry); 774 if (err) 775 return err; 776 777 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 778 if (err) 779 return err; 780 781 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 782 783 err = dbg_check_synced_i_size(c, inode); 784 if (err) 785 goto out_fname; 786 787 err = ubifs_budget_space(c, &req); 788 if (err) 789 goto out_fname; 790 791 lock_2_inodes(dir, inode); 792 793 inc_nlink(inode); 794 ihold(inode); 795 inode_set_ctime_current(inode); 796 dir->i_size += sz_change; 797 dir_ui->ui_size = dir->i_size; 798 inode_set_mtime_to_ts(dir, 799 inode_set_ctime_to_ts(dir, inode_get_ctime(inode))); 800 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0, inode->i_nlink == 1); 801 if (err) 802 goto out_cancel; 803 unlock_2_inodes(dir, inode); 804 805 ubifs_release_budget(c, &req); 806 d_instantiate(dentry, inode); 807 fscrypt_free_filename(&nm); 808 return 0; 809 810 out_cancel: 811 dir->i_size -= sz_change; 812 dir_ui->ui_size = dir->i_size; 813 drop_nlink(inode); 814 unlock_2_inodes(dir, inode); 815 ubifs_release_budget(c, &req); 816 iput(inode); 817 out_fname: 818 fscrypt_free_filename(&nm); 819 return err; 820 } 821 ubifs_unlink(struct inode * dir,struct dentry * dentry)822 static int ubifs_unlink(struct inode *dir, struct dentry *dentry) 823 { 824 struct ubifs_info *c = dir->i_sb->s_fs_info; 825 struct inode *inode = d_inode(dentry); 826 struct ubifs_inode *dir_ui = ubifs_inode(dir); 827 int err, sz_change, budgeted = 1; 828 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 }; 829 unsigned int saved_nlink = inode->i_nlink; 830 struct fscrypt_name nm; 831 832 /* 833 * Budget request settings: deletion direntry, deletion inode (+1 for 834 * @dirtied_ino), changing the parent directory inode. If budgeting 835 * fails, go ahead anyway because we have extra space reserved for 836 * deletions. 837 */ 838 839 dbg_gen("dent '%pd' from ino %lu (nlink %d) in dir ino %lu", 840 dentry, inode->i_ino, 841 inode->i_nlink, dir->i_ino); 842 843 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm); 844 if (err) 845 return err; 846 847 err = ubifs_purge_xattrs(inode); 848 if (err) 849 return err; 850 851 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 852 853 ubifs_assert(c, inode_is_locked(dir)); 854 ubifs_assert(c, inode_is_locked(inode)); 855 err = dbg_check_synced_i_size(c, inode); 856 if (err) 857 goto out_fname; 858 859 err = ubifs_budget_space(c, &req); 860 if (err) { 861 if (err != -ENOSPC) 862 goto out_fname; 863 budgeted = 0; 864 } 865 866 lock_2_inodes(dir, inode); 867 inode_set_ctime_current(inode); 868 drop_nlink(inode); 869 dir->i_size -= sz_change; 870 dir_ui->ui_size = dir->i_size; 871 inode_set_mtime_to_ts(dir, 872 inode_set_ctime_to_ts(dir, inode_get_ctime(inode))); 873 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0, 0); 874 if (err) 875 goto out_cancel; 876 unlock_2_inodes(dir, inode); 877 878 if (budgeted) 879 ubifs_release_budget(c, &req); 880 else { 881 /* We've deleted something - clean the "no space" flags */ 882 c->bi.nospace = c->bi.nospace_rp = 0; 883 smp_wmb(); 884 } 885 fscrypt_free_filename(&nm); 886 return 0; 887 888 out_cancel: 889 dir->i_size += sz_change; 890 dir_ui->ui_size = dir->i_size; 891 set_nlink(inode, saved_nlink); 892 unlock_2_inodes(dir, inode); 893 if (budgeted) 894 ubifs_release_budget(c, &req); 895 out_fname: 896 fscrypt_free_filename(&nm); 897 return err; 898 } 899 900 /** 901 * ubifs_check_dir_empty - check if a directory is empty or not. 902 * @dir: VFS inode object of the directory to check 903 * 904 * This function checks if directory @dir is empty. Returns zero if the 905 * directory is empty, %-ENOTEMPTY if it is not, and other negative error codes 906 * in case of errors. 907 */ ubifs_check_dir_empty(struct inode * dir)908 int ubifs_check_dir_empty(struct inode *dir) 909 { 910 struct ubifs_info *c = dir->i_sb->s_fs_info; 911 struct fscrypt_name nm = { 0 }; 912 struct ubifs_dent_node *dent; 913 union ubifs_key key; 914 int err; 915 916 lowest_dent_key(c, &key, dir->i_ino); 917 dent = ubifs_tnc_next_ent(c, &key, &nm); 918 if (IS_ERR(dent)) { 919 err = PTR_ERR(dent); 920 if (err == -ENOENT) 921 err = 0; 922 } else { 923 kfree(dent); 924 err = -ENOTEMPTY; 925 } 926 return err; 927 } 928 ubifs_rmdir(struct inode * dir,struct dentry * dentry)929 static int ubifs_rmdir(struct inode *dir, struct dentry *dentry) 930 { 931 struct ubifs_info *c = dir->i_sb->s_fs_info; 932 struct inode *inode = d_inode(dentry); 933 int err, sz_change, budgeted = 1; 934 struct ubifs_inode *dir_ui = ubifs_inode(dir); 935 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 }; 936 struct fscrypt_name nm; 937 938 /* 939 * Budget request settings: deletion direntry, deletion inode and 940 * changing the parent inode. If budgeting fails, go ahead anyway 941 * because we have extra space reserved for deletions. 942 */ 943 944 dbg_gen("directory '%pd', ino %lu in dir ino %lu", dentry, 945 inode->i_ino, dir->i_ino); 946 ubifs_assert(c, inode_is_locked(dir)); 947 ubifs_assert(c, inode_is_locked(inode)); 948 err = ubifs_check_dir_empty(d_inode(dentry)); 949 if (err) 950 return err; 951 952 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm); 953 if (err) 954 return err; 955 956 err = ubifs_purge_xattrs(inode); 957 if (err) 958 return err; 959 960 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 961 962 err = ubifs_budget_space(c, &req); 963 if (err) { 964 if (err != -ENOSPC) 965 goto out_fname; 966 budgeted = 0; 967 } 968 969 lock_2_inodes(dir, inode); 970 inode_set_ctime_current(inode); 971 clear_nlink(inode); 972 drop_nlink(dir); 973 dir->i_size -= sz_change; 974 dir_ui->ui_size = dir->i_size; 975 inode_set_mtime_to_ts(dir, 976 inode_set_ctime_to_ts(dir, inode_get_ctime(inode))); 977 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0, 0); 978 if (err) 979 goto out_cancel; 980 unlock_2_inodes(dir, inode); 981 982 if (budgeted) 983 ubifs_release_budget(c, &req); 984 else { 985 /* We've deleted something - clean the "no space" flags */ 986 c->bi.nospace = c->bi.nospace_rp = 0; 987 smp_wmb(); 988 } 989 fscrypt_free_filename(&nm); 990 return 0; 991 992 out_cancel: 993 dir->i_size += sz_change; 994 dir_ui->ui_size = dir->i_size; 995 inc_nlink(dir); 996 set_nlink(inode, 2); 997 unlock_2_inodes(dir, inode); 998 if (budgeted) 999 ubifs_release_budget(c, &req); 1000 out_fname: 1001 fscrypt_free_filename(&nm); 1002 return err; 1003 } 1004 ubifs_mkdir(struct mnt_idmap * idmap,struct inode * dir,struct dentry * dentry,umode_t mode)1005 static int ubifs_mkdir(struct mnt_idmap *idmap, struct inode *dir, 1006 struct dentry *dentry, umode_t mode) 1007 { 1008 struct inode *inode; 1009 struct ubifs_inode *dir_ui = ubifs_inode(dir); 1010 struct ubifs_info *c = dir->i_sb->s_fs_info; 1011 int err, sz_change; 1012 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 1013 .dirtied_ino = 1}; 1014 struct fscrypt_name nm; 1015 1016 /* 1017 * Budget request settings: new inode, new direntry and changing parent 1018 * directory inode. 1019 */ 1020 1021 dbg_gen("dent '%pd', mode %#hx in dir ino %lu", 1022 dentry, mode, dir->i_ino); 1023 1024 err = ubifs_budget_space(c, &req); 1025 if (err) 1026 return err; 1027 1028 err = ubifs_prepare_create(dir, dentry, &nm); 1029 if (err) 1030 goto out_budg; 1031 1032 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 1033 1034 inode = ubifs_new_inode(c, dir, S_IFDIR | mode, false); 1035 if (IS_ERR(inode)) { 1036 err = PTR_ERR(inode); 1037 goto out_fname; 1038 } 1039 1040 err = ubifs_init_security(dir, inode, &dentry->d_name); 1041 if (err) 1042 goto out_inode; 1043 1044 set_nlink(inode, 1); 1045 mutex_lock(&dir_ui->ui_mutex); 1046 insert_inode_hash(inode); 1047 inc_nlink(inode); 1048 inc_nlink(dir); 1049 dir->i_size += sz_change; 1050 dir_ui->ui_size = dir->i_size; 1051 inode_set_mtime_to_ts(dir, 1052 inode_set_ctime_to_ts(dir, inode_get_ctime(inode))); 1053 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0, 1); 1054 if (err) { 1055 ubifs_err(c, "cannot create directory, error %d", err); 1056 goto out_cancel; 1057 } 1058 mutex_unlock(&dir_ui->ui_mutex); 1059 1060 ubifs_release_budget(c, &req); 1061 d_instantiate(dentry, inode); 1062 fscrypt_free_filename(&nm); 1063 return 0; 1064 1065 out_cancel: 1066 dir->i_size -= sz_change; 1067 dir_ui->ui_size = dir->i_size; 1068 drop_nlink(dir); 1069 mutex_unlock(&dir_ui->ui_mutex); 1070 set_nlink(inode, 0); 1071 out_inode: 1072 iput(inode); 1073 out_fname: 1074 fscrypt_free_filename(&nm); 1075 out_budg: 1076 ubifs_release_budget(c, &req); 1077 return err; 1078 } 1079 ubifs_mknod(struct mnt_idmap * idmap,struct inode * dir,struct dentry * dentry,umode_t mode,dev_t rdev)1080 static int ubifs_mknod(struct mnt_idmap *idmap, struct inode *dir, 1081 struct dentry *dentry, umode_t mode, dev_t rdev) 1082 { 1083 struct inode *inode; 1084 struct ubifs_inode *ui; 1085 struct ubifs_inode *dir_ui = ubifs_inode(dir); 1086 struct ubifs_info *c = dir->i_sb->s_fs_info; 1087 union ubifs_dev_desc *dev = NULL; 1088 int sz_change; 1089 int err, devlen = 0; 1090 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 1091 .dirtied_ino = 1 }; 1092 struct fscrypt_name nm; 1093 1094 /* 1095 * Budget request settings: new inode, new direntry and changing parent 1096 * directory inode. 1097 */ 1098 1099 dbg_gen("dent '%pd' in dir ino %lu", dentry, dir->i_ino); 1100 1101 if (S_ISBLK(mode) || S_ISCHR(mode)) { 1102 dev = kmalloc(sizeof(union ubifs_dev_desc), GFP_NOFS); 1103 if (!dev) 1104 return -ENOMEM; 1105 devlen = ubifs_encode_dev(dev, rdev); 1106 } 1107 1108 req.new_ino_d = ALIGN(devlen, 8); 1109 err = ubifs_budget_space(c, &req); 1110 if (err) { 1111 kfree(dev); 1112 return err; 1113 } 1114 1115 err = ubifs_prepare_create(dir, dentry, &nm); 1116 if (err) { 1117 kfree(dev); 1118 goto out_budg; 1119 } 1120 1121 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 1122 1123 inode = ubifs_new_inode(c, dir, mode, false); 1124 if (IS_ERR(inode)) { 1125 kfree(dev); 1126 err = PTR_ERR(inode); 1127 goto out_fname; 1128 } 1129 1130 err = ubifs_init_security(dir, inode, &dentry->d_name); 1131 if (err) { 1132 kfree(dev); 1133 goto out_inode; 1134 } 1135 1136 init_special_inode(inode, inode->i_mode, rdev); 1137 inode->i_size = ubifs_inode(inode)->ui_size = devlen; 1138 ui = ubifs_inode(inode); 1139 ui->data = dev; 1140 ui->data_len = devlen; 1141 set_nlink(inode, 1); 1142 1143 mutex_lock(&dir_ui->ui_mutex); 1144 dir->i_size += sz_change; 1145 dir_ui->ui_size = dir->i_size; 1146 inode_set_mtime_to_ts(dir, 1147 inode_set_ctime_to_ts(dir, inode_get_ctime(inode))); 1148 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0, 1); 1149 if (err) 1150 goto out_cancel; 1151 mutex_unlock(&dir_ui->ui_mutex); 1152 1153 ubifs_release_budget(c, &req); 1154 insert_inode_hash(inode); 1155 d_instantiate(dentry, inode); 1156 fscrypt_free_filename(&nm); 1157 return 0; 1158 1159 out_cancel: 1160 dir->i_size -= sz_change; 1161 dir_ui->ui_size = dir->i_size; 1162 mutex_unlock(&dir_ui->ui_mutex); 1163 set_nlink(inode, 0); 1164 out_inode: 1165 iput(inode); 1166 out_fname: 1167 fscrypt_free_filename(&nm); 1168 out_budg: 1169 ubifs_release_budget(c, &req); 1170 return err; 1171 } 1172 ubifs_symlink(struct mnt_idmap * idmap,struct inode * dir,struct dentry * dentry,const char * symname)1173 static int ubifs_symlink(struct mnt_idmap *idmap, struct inode *dir, 1174 struct dentry *dentry, const char *symname) 1175 { 1176 struct inode *inode; 1177 struct ubifs_inode *ui; 1178 struct ubifs_inode *dir_ui = ubifs_inode(dir); 1179 struct ubifs_info *c = dir->i_sb->s_fs_info; 1180 int err, sz_change, len = strlen(symname); 1181 struct fscrypt_str disk_link; 1182 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 1183 .dirtied_ino = 1 }; 1184 struct fscrypt_name nm; 1185 1186 dbg_gen("dent '%pd', target '%s' in dir ino %lu", dentry, 1187 symname, dir->i_ino); 1188 1189 err = fscrypt_prepare_symlink(dir, symname, len, UBIFS_MAX_INO_DATA, 1190 &disk_link); 1191 if (err) 1192 return err; 1193 1194 /* 1195 * Budget request settings: new inode, new direntry and changing parent 1196 * directory inode. 1197 */ 1198 req.new_ino_d = ALIGN(disk_link.len - 1, 8); 1199 err = ubifs_budget_space(c, &req); 1200 if (err) 1201 return err; 1202 1203 err = ubifs_prepare_create(dir, dentry, &nm); 1204 if (err) 1205 goto out_budg; 1206 1207 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 1208 1209 inode = ubifs_new_inode(c, dir, S_IFLNK | S_IRWXUGO, false); 1210 if (IS_ERR(inode)) { 1211 err = PTR_ERR(inode); 1212 goto out_fname; 1213 } 1214 1215 err = ubifs_init_security(dir, inode, &dentry->d_name); 1216 if (err) 1217 goto out_inode; 1218 1219 ui = ubifs_inode(inode); 1220 ui->data = kmalloc(disk_link.len, GFP_NOFS); 1221 if (!ui->data) { 1222 err = -ENOMEM; 1223 goto out_inode; 1224 } 1225 1226 if (IS_ENCRYPTED(inode)) { 1227 disk_link.name = ui->data; /* encrypt directly into ui->data */ 1228 err = fscrypt_encrypt_symlink(inode, symname, len, &disk_link); 1229 if (err) 1230 goto out_inode; 1231 } else { 1232 memcpy(ui->data, disk_link.name, disk_link.len); 1233 inode->i_link = ui->data; 1234 } 1235 1236 /* 1237 * The terminating zero byte is not written to the flash media and it 1238 * is put just to make later in-memory string processing simpler. Thus, 1239 * data length is @disk_link.len - 1, not @disk_link.len. 1240 */ 1241 ui->data_len = disk_link.len - 1; 1242 inode->i_size = ubifs_inode(inode)->ui_size = disk_link.len - 1; 1243 set_nlink(inode, 1); 1244 1245 mutex_lock(&dir_ui->ui_mutex); 1246 dir->i_size += sz_change; 1247 dir_ui->ui_size = dir->i_size; 1248 inode_set_mtime_to_ts(dir, 1249 inode_set_ctime_to_ts(dir, inode_get_ctime(inode))); 1250 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0, 1); 1251 if (err) 1252 goto out_cancel; 1253 mutex_unlock(&dir_ui->ui_mutex); 1254 1255 insert_inode_hash(inode); 1256 d_instantiate(dentry, inode); 1257 err = 0; 1258 goto out_fname; 1259 1260 out_cancel: 1261 dir->i_size -= sz_change; 1262 dir_ui->ui_size = dir->i_size; 1263 mutex_unlock(&dir_ui->ui_mutex); 1264 set_nlink(inode, 0); 1265 out_inode: 1266 /* Free inode->i_link before inode is marked as bad. */ 1267 fscrypt_free_inode(inode); 1268 iput(inode); 1269 out_fname: 1270 fscrypt_free_filename(&nm); 1271 out_budg: 1272 ubifs_release_budget(c, &req); 1273 return err; 1274 } 1275 1276 /** 1277 * lock_4_inodes - a wrapper for locking three UBIFS inodes. 1278 * @inode1: first inode 1279 * @inode2: second inode 1280 * @inode3: third inode 1281 * @inode4: fourth inode 1282 * 1283 * This function is used for 'ubifs_rename()' and @inode1 may be the same as 1284 * @inode2 whereas @inode3 and @inode4 may be %NULL. 1285 * 1286 * We do not implement any tricks to guarantee strict lock ordering, because 1287 * VFS has already done it for us on the @i_mutex. So this is just a simple 1288 * wrapper function. 1289 */ lock_4_inodes(struct inode * inode1,struct inode * inode2,struct inode * inode3,struct inode * inode4)1290 static void lock_4_inodes(struct inode *inode1, struct inode *inode2, 1291 struct inode *inode3, struct inode *inode4) 1292 { 1293 mutex_lock_nested(&ubifs_inode(inode1)->ui_mutex, WB_MUTEX_1); 1294 if (inode2 != inode1) 1295 mutex_lock_nested(&ubifs_inode(inode2)->ui_mutex, WB_MUTEX_2); 1296 if (inode3) 1297 mutex_lock_nested(&ubifs_inode(inode3)->ui_mutex, WB_MUTEX_3); 1298 if (inode4) 1299 mutex_lock_nested(&ubifs_inode(inode4)->ui_mutex, WB_MUTEX_4); 1300 } 1301 1302 /** 1303 * unlock_4_inodes - a wrapper for unlocking three UBIFS inodes for rename. 1304 * @inode1: first inode 1305 * @inode2: second inode 1306 * @inode3: third inode 1307 * @inode4: fourth inode 1308 */ unlock_4_inodes(struct inode * inode1,struct inode * inode2,struct inode * inode3,struct inode * inode4)1309 static void unlock_4_inodes(struct inode *inode1, struct inode *inode2, 1310 struct inode *inode3, struct inode *inode4) 1311 { 1312 if (inode4) 1313 mutex_unlock(&ubifs_inode(inode4)->ui_mutex); 1314 if (inode3) 1315 mutex_unlock(&ubifs_inode(inode3)->ui_mutex); 1316 if (inode1 != inode2) 1317 mutex_unlock(&ubifs_inode(inode2)->ui_mutex); 1318 mutex_unlock(&ubifs_inode(inode1)->ui_mutex); 1319 } 1320 do_rename(struct inode * old_dir,struct dentry * old_dentry,struct inode * new_dir,struct dentry * new_dentry,unsigned int flags)1321 static int do_rename(struct inode *old_dir, struct dentry *old_dentry, 1322 struct inode *new_dir, struct dentry *new_dentry, 1323 unsigned int flags) 1324 { 1325 struct ubifs_info *c = old_dir->i_sb->s_fs_info; 1326 struct inode *old_inode = d_inode(old_dentry); 1327 struct inode *new_inode = d_inode(new_dentry); 1328 struct inode *whiteout = NULL; 1329 struct ubifs_inode *old_inode_ui = ubifs_inode(old_inode); 1330 struct ubifs_inode *whiteout_ui = NULL; 1331 int err, release, sync = 0, move = (new_dir != old_dir); 1332 int is_dir = S_ISDIR(old_inode->i_mode); 1333 int unlink = !!new_inode, new_sz, old_sz; 1334 struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1, 1335 .dirtied_ino = 3 }; 1336 struct ubifs_budget_req ino_req = { .dirtied_ino = 1, 1337 .dirtied_ino_d = ALIGN(old_inode_ui->data_len, 8) }; 1338 struct ubifs_budget_req wht_req; 1339 unsigned int saved_nlink; 1340 struct fscrypt_name old_nm, new_nm; 1341 1342 /* 1343 * Budget request settings: 1344 * req: deletion direntry, new direntry, removing the old inode, 1345 * and changing old and new parent directory inodes. 1346 * 1347 * wht_req: new whiteout inode for RENAME_WHITEOUT. 1348 * 1349 * ino_req: marks the target inode as dirty and does not write it. 1350 */ 1351 1352 dbg_gen("dent '%pd' ino %lu in dir ino %lu to dent '%pd' in dir ino %lu flags 0x%x", 1353 old_dentry, old_inode->i_ino, old_dir->i_ino, 1354 new_dentry, new_dir->i_ino, flags); 1355 1356 if (unlink) { 1357 ubifs_assert(c, inode_is_locked(new_inode)); 1358 1359 /* Budget for old inode's data when its nlink > 1. */ 1360 req.dirtied_ino_d = ALIGN(ubifs_inode(new_inode)->data_len, 8); 1361 err = ubifs_purge_xattrs(new_inode); 1362 if (err) 1363 return err; 1364 } 1365 1366 if (unlink && is_dir) { 1367 err = ubifs_check_dir_empty(new_inode); 1368 if (err) 1369 return err; 1370 } 1371 1372 err = fscrypt_setup_filename(old_dir, &old_dentry->d_name, 0, &old_nm); 1373 if (err) 1374 return err; 1375 1376 err = fscrypt_setup_filename(new_dir, &new_dentry->d_name, 0, &new_nm); 1377 if (err) { 1378 fscrypt_free_filename(&old_nm); 1379 return err; 1380 } 1381 1382 new_sz = CALC_DENT_SIZE(fname_len(&new_nm)); 1383 old_sz = CALC_DENT_SIZE(fname_len(&old_nm)); 1384 1385 err = ubifs_budget_space(c, &req); 1386 if (err) { 1387 fscrypt_free_filename(&old_nm); 1388 fscrypt_free_filename(&new_nm); 1389 return err; 1390 } 1391 err = ubifs_budget_space(c, &ino_req); 1392 if (err) { 1393 fscrypt_free_filename(&old_nm); 1394 fscrypt_free_filename(&new_nm); 1395 ubifs_release_budget(c, &req); 1396 return err; 1397 } 1398 1399 if (flags & RENAME_WHITEOUT) { 1400 union ubifs_dev_desc *dev = NULL; 1401 1402 dev = kmalloc(sizeof(union ubifs_dev_desc), GFP_NOFS); 1403 if (!dev) { 1404 err = -ENOMEM; 1405 goto out_release; 1406 } 1407 1408 /* 1409 * The whiteout inode without dentry is pinned in memory, 1410 * umount won't happen during rename process because we 1411 * got parent dentry. 1412 */ 1413 whiteout = create_whiteout(old_dir, old_dentry); 1414 if (IS_ERR(whiteout)) { 1415 err = PTR_ERR(whiteout); 1416 kfree(dev); 1417 goto out_release; 1418 } 1419 1420 whiteout_ui = ubifs_inode(whiteout); 1421 whiteout_ui->data = dev; 1422 whiteout_ui->data_len = ubifs_encode_dev(dev, MKDEV(0, 0)); 1423 ubifs_assert(c, !whiteout_ui->dirty); 1424 1425 memset(&wht_req, 0, sizeof(struct ubifs_budget_req)); 1426 wht_req.new_ino = 1; 1427 wht_req.new_ino_d = ALIGN(whiteout_ui->data_len, 8); 1428 /* 1429 * To avoid deadlock between space budget (holds ui_mutex and 1430 * waits wb work) and writeback work(waits ui_mutex), do space 1431 * budget before ubifs inodes locked. 1432 */ 1433 err = ubifs_budget_space(c, &wht_req); 1434 if (err) { 1435 iput(whiteout); 1436 goto out_release; 1437 } 1438 set_nlink(whiteout, 1); 1439 1440 /* Add the old_dentry size to the old_dir size. */ 1441 old_sz -= CALC_DENT_SIZE(fname_len(&old_nm)); 1442 } 1443 1444 lock_4_inodes(old_dir, new_dir, new_inode, whiteout); 1445 1446 /* 1447 * Like most other Unix systems, set the @i_ctime for inodes on a 1448 * rename. 1449 */ 1450 simple_rename_timestamp(old_dir, old_dentry, new_dir, new_dentry); 1451 1452 /* We must adjust parent link count when renaming directories */ 1453 if (is_dir) { 1454 if (move) { 1455 /* 1456 * @old_dir loses a link because we are moving 1457 * @old_inode to a different directory. 1458 */ 1459 drop_nlink(old_dir); 1460 /* 1461 * @new_dir only gains a link if we are not also 1462 * overwriting an existing directory. 1463 */ 1464 if (!unlink) 1465 inc_nlink(new_dir); 1466 } else { 1467 /* 1468 * @old_inode is not moving to a different directory, 1469 * but @old_dir still loses a link if we are 1470 * overwriting an existing directory. 1471 */ 1472 if (unlink) 1473 drop_nlink(old_dir); 1474 } 1475 } 1476 1477 old_dir->i_size -= old_sz; 1478 ubifs_inode(old_dir)->ui_size = old_dir->i_size; 1479 1480 /* 1481 * And finally, if we unlinked a direntry which happened to have the 1482 * same name as the moved direntry, we have to decrement @i_nlink of 1483 * the unlinked inode. 1484 */ 1485 if (unlink) { 1486 /* 1487 * Directories cannot have hard-links, so if this is a 1488 * directory, just clear @i_nlink. 1489 */ 1490 saved_nlink = new_inode->i_nlink; 1491 if (is_dir) 1492 clear_nlink(new_inode); 1493 else 1494 drop_nlink(new_inode); 1495 } else { 1496 new_dir->i_size += new_sz; 1497 ubifs_inode(new_dir)->ui_size = new_dir->i_size; 1498 } 1499 1500 /* 1501 * Do not ask 'ubifs_jnl_rename()' to flush write-buffer if @old_inode 1502 * is dirty, because this will be done later on at the end of 1503 * 'ubifs_rename()'. 1504 */ 1505 if (IS_SYNC(old_inode)) { 1506 sync = IS_DIRSYNC(old_dir) || IS_DIRSYNC(new_dir); 1507 if (unlink && IS_SYNC(new_inode)) 1508 sync = 1; 1509 /* 1510 * S_SYNC flag of whiteout inherits from the old_dir, and we 1511 * have already checked the old dir inode. So there is no need 1512 * to check whiteout. 1513 */ 1514 } 1515 1516 err = ubifs_jnl_rename(c, old_dir, old_inode, &old_nm, new_dir, 1517 new_inode, &new_nm, whiteout, sync, !!whiteout); 1518 if (err) 1519 goto out_cancel; 1520 1521 unlock_4_inodes(old_dir, new_dir, new_inode, whiteout); 1522 ubifs_release_budget(c, &req); 1523 1524 if (whiteout) { 1525 ubifs_release_budget(c, &wht_req); 1526 iput(whiteout); 1527 } 1528 1529 mutex_lock(&old_inode_ui->ui_mutex); 1530 release = old_inode_ui->dirty; 1531 mark_inode_dirty_sync(old_inode); 1532 mutex_unlock(&old_inode_ui->ui_mutex); 1533 1534 if (release) 1535 ubifs_release_budget(c, &ino_req); 1536 if (IS_SYNC(old_inode)) 1537 /* 1538 * Rename finished here. Although old inode cannot be updated 1539 * on flash, old ctime is not a big problem, don't return err 1540 * code to userspace. 1541 */ 1542 old_inode->i_sb->s_op->write_inode(old_inode, NULL); 1543 1544 fscrypt_free_filename(&old_nm); 1545 fscrypt_free_filename(&new_nm); 1546 return 0; 1547 1548 out_cancel: 1549 if (unlink) { 1550 set_nlink(new_inode, saved_nlink); 1551 } else { 1552 new_dir->i_size -= new_sz; 1553 ubifs_inode(new_dir)->ui_size = new_dir->i_size; 1554 } 1555 old_dir->i_size += old_sz; 1556 ubifs_inode(old_dir)->ui_size = old_dir->i_size; 1557 if (is_dir) { 1558 if (move) { 1559 inc_nlink(old_dir); 1560 if (!unlink) 1561 drop_nlink(new_dir); 1562 } else { 1563 if (unlink) 1564 inc_nlink(old_dir); 1565 } 1566 } 1567 unlock_4_inodes(old_dir, new_dir, new_inode, whiteout); 1568 if (whiteout) { 1569 ubifs_release_budget(c, &wht_req); 1570 set_nlink(whiteout, 0); 1571 iput(whiteout); 1572 } 1573 out_release: 1574 ubifs_release_budget(c, &ino_req); 1575 ubifs_release_budget(c, &req); 1576 fscrypt_free_filename(&old_nm); 1577 fscrypt_free_filename(&new_nm); 1578 return err; 1579 } 1580 ubifs_xrename(struct inode * old_dir,struct dentry * old_dentry,struct inode * new_dir,struct dentry * new_dentry)1581 static int ubifs_xrename(struct inode *old_dir, struct dentry *old_dentry, 1582 struct inode *new_dir, struct dentry *new_dentry) 1583 { 1584 struct ubifs_info *c = old_dir->i_sb->s_fs_info; 1585 struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1, 1586 .dirtied_ino = 2 }; 1587 int sync = IS_DIRSYNC(old_dir) || IS_DIRSYNC(new_dir); 1588 struct inode *fst_inode = d_inode(old_dentry); 1589 struct inode *snd_inode = d_inode(new_dentry); 1590 int err; 1591 struct fscrypt_name fst_nm, snd_nm; 1592 1593 ubifs_assert(c, fst_inode && snd_inode); 1594 1595 /* 1596 * Budget request settings: changing two direntries, changing the two 1597 * parent directory inodes. 1598 */ 1599 1600 dbg_gen("dent '%pd' ino %lu in dir ino %lu exchange dent '%pd' ino %lu in dir ino %lu", 1601 old_dentry, fst_inode->i_ino, old_dir->i_ino, 1602 new_dentry, snd_inode->i_ino, new_dir->i_ino); 1603 1604 err = fscrypt_setup_filename(old_dir, &old_dentry->d_name, 0, &fst_nm); 1605 if (err) 1606 return err; 1607 1608 err = fscrypt_setup_filename(new_dir, &new_dentry->d_name, 0, &snd_nm); 1609 if (err) { 1610 fscrypt_free_filename(&fst_nm); 1611 return err; 1612 } 1613 1614 err = ubifs_budget_space(c, &req); 1615 if (err) 1616 goto out; 1617 1618 lock_4_inodes(old_dir, new_dir, NULL, NULL); 1619 1620 simple_rename_timestamp(old_dir, old_dentry, new_dir, new_dentry); 1621 1622 if (old_dir != new_dir) { 1623 if (S_ISDIR(fst_inode->i_mode) && !S_ISDIR(snd_inode->i_mode)) { 1624 inc_nlink(new_dir); 1625 drop_nlink(old_dir); 1626 } 1627 else if (!S_ISDIR(fst_inode->i_mode) && S_ISDIR(snd_inode->i_mode)) { 1628 drop_nlink(new_dir); 1629 inc_nlink(old_dir); 1630 } 1631 } 1632 1633 err = ubifs_jnl_xrename(c, old_dir, fst_inode, &fst_nm, new_dir, 1634 snd_inode, &snd_nm, sync); 1635 1636 unlock_4_inodes(old_dir, new_dir, NULL, NULL); 1637 ubifs_release_budget(c, &req); 1638 1639 out: 1640 fscrypt_free_filename(&fst_nm); 1641 fscrypt_free_filename(&snd_nm); 1642 return err; 1643 } 1644 ubifs_rename(struct mnt_idmap * idmap,struct inode * old_dir,struct dentry * old_dentry,struct inode * new_dir,struct dentry * new_dentry,unsigned int flags)1645 static int ubifs_rename(struct mnt_idmap *idmap, 1646 struct inode *old_dir, struct dentry *old_dentry, 1647 struct inode *new_dir, struct dentry *new_dentry, 1648 unsigned int flags) 1649 { 1650 int err; 1651 struct ubifs_info *c = old_dir->i_sb->s_fs_info; 1652 1653 if (flags & ~(RENAME_NOREPLACE | RENAME_WHITEOUT | RENAME_EXCHANGE)) 1654 return -EINVAL; 1655 1656 ubifs_assert(c, inode_is_locked(old_dir)); 1657 ubifs_assert(c, inode_is_locked(new_dir)); 1658 1659 err = fscrypt_prepare_rename(old_dir, old_dentry, new_dir, new_dentry, 1660 flags); 1661 if (err) 1662 return err; 1663 1664 if (flags & RENAME_EXCHANGE) 1665 return ubifs_xrename(old_dir, old_dentry, new_dir, new_dentry); 1666 1667 return do_rename(old_dir, old_dentry, new_dir, new_dentry, flags); 1668 } 1669 ubifs_getattr(struct mnt_idmap * idmap,const struct path * path,struct kstat * stat,u32 request_mask,unsigned int flags)1670 int ubifs_getattr(struct mnt_idmap *idmap, const struct path *path, 1671 struct kstat *stat, u32 request_mask, unsigned int flags) 1672 { 1673 loff_t size; 1674 struct inode *inode = d_inode(path->dentry); 1675 struct ubifs_inode *ui = ubifs_inode(inode); 1676 1677 mutex_lock(&ui->ui_mutex); 1678 1679 if (ui->flags & UBIFS_APPEND_FL) 1680 stat->attributes |= STATX_ATTR_APPEND; 1681 if (ui->flags & UBIFS_COMPR_FL) 1682 stat->attributes |= STATX_ATTR_COMPRESSED; 1683 if (ui->flags & UBIFS_CRYPT_FL) 1684 stat->attributes |= STATX_ATTR_ENCRYPTED; 1685 if (ui->flags & UBIFS_IMMUTABLE_FL) 1686 stat->attributes |= STATX_ATTR_IMMUTABLE; 1687 1688 stat->attributes_mask |= (STATX_ATTR_APPEND | 1689 STATX_ATTR_COMPRESSED | 1690 STATX_ATTR_ENCRYPTED | 1691 STATX_ATTR_IMMUTABLE); 1692 1693 generic_fillattr(&nop_mnt_idmap, request_mask, inode, stat); 1694 stat->blksize = UBIFS_BLOCK_SIZE; 1695 stat->size = ui->ui_size; 1696 1697 /* 1698 * Unfortunately, the 'stat()' system call was designed for block 1699 * device based file systems, and it is not appropriate for UBIFS, 1700 * because UBIFS does not have notion of "block". For example, it is 1701 * difficult to tell how many block a directory takes - it actually 1702 * takes less than 300 bytes, but we have to round it to block size, 1703 * which introduces large mistake. This makes utilities like 'du' to 1704 * report completely senseless numbers. This is the reason why UBIFS 1705 * goes the same way as JFFS2 - it reports zero blocks for everything 1706 * but regular files, which makes more sense than reporting completely 1707 * wrong sizes. 1708 */ 1709 if (S_ISREG(inode->i_mode)) { 1710 size = ui->xattr_size; 1711 size += stat->size; 1712 size = ALIGN(size, UBIFS_BLOCK_SIZE); 1713 /* 1714 * Note, user-space expects 512-byte blocks count irrespectively 1715 * of what was reported in @stat->size. 1716 */ 1717 stat->blocks = size >> 9; 1718 } else 1719 stat->blocks = 0; 1720 mutex_unlock(&ui->ui_mutex); 1721 return 0; 1722 } 1723 ubifs_dir_open(struct inode * inode,struct file * file)1724 static int ubifs_dir_open(struct inode *inode, struct file *file) 1725 { 1726 struct ubifs_dir_data *data; 1727 1728 data = kzalloc(sizeof(struct ubifs_dir_data), GFP_KERNEL); 1729 if (!data) 1730 return -ENOMEM; 1731 file->private_data = data; 1732 return 0; 1733 } 1734 ubifs_dir_llseek(struct file * file,loff_t offset,int whence)1735 static loff_t ubifs_dir_llseek(struct file *file, loff_t offset, int whence) 1736 { 1737 struct ubifs_dir_data *data = file->private_data; 1738 1739 return generic_llseek_cookie(file, offset, whence, &data->cookie); 1740 } 1741 1742 const struct inode_operations ubifs_dir_inode_operations = { 1743 .lookup = ubifs_lookup, 1744 .create = ubifs_create, 1745 .link = ubifs_link, 1746 .symlink = ubifs_symlink, 1747 .unlink = ubifs_unlink, 1748 .mkdir = ubifs_mkdir, 1749 .rmdir = ubifs_rmdir, 1750 .mknod = ubifs_mknod, 1751 .rename = ubifs_rename, 1752 .setattr = ubifs_setattr, 1753 .getattr = ubifs_getattr, 1754 .listxattr = ubifs_listxattr, 1755 .update_time = ubifs_update_time, 1756 .tmpfile = ubifs_tmpfile, 1757 .fileattr_get = ubifs_fileattr_get, 1758 .fileattr_set = ubifs_fileattr_set, 1759 }; 1760 1761 const struct file_operations ubifs_dir_operations = { 1762 .open = ubifs_dir_open, 1763 .llseek = ubifs_dir_llseek, 1764 .release = ubifs_dir_release, 1765 .read = generic_read_dir, 1766 .iterate_shared = ubifs_readdir, 1767 .fsync = ubifs_fsync, 1768 .unlocked_ioctl = ubifs_ioctl, 1769 #ifdef CONFIG_COMPAT 1770 .compat_ioctl = ubifs_compat_ioctl, 1771 #endif 1772 }; 1773