xref: /openbmc/linux/fs/fat/dir.c (revision d5cb9783536a41df9f9cba5b0a1d78047ed787f7)
1 /*
2  *  linux/fs/fat/dir.c
3  *
4  *  directory handling functions for fat-based filesystems
5  *
6  *  Written 1992,1993 by Werner Almesberger
7  *
8  *  Hidden files 1995 by Albert Cahalan <albert@ccs.neu.edu> <adc@coe.neu.edu>
9  *
10  *  VFAT extensions by Gordon Chaffee <chaffee@plateau.cs.berkeley.edu>
11  *  Merged with msdos fs by Henrik Storner <storner@osiris.ping.dk>
12  *  Rewritten for constant inumbers. Plugged buffer overrun in readdir(). AV
13  *  Short name translation 1999, 2001 by Wolfram Pienkoss <wp@bszh.de>
14  */
15 
16 #include <linux/module.h>
17 #include <linux/slab.h>
18 #include <linux/time.h>
19 #include <linux/msdos_fs.h>
20 #include <linux/dirent.h>
21 #include <linux/smp_lock.h>
22 #include <linux/buffer_head.h>
23 #include <asm/uaccess.h>
24 
25 static inline loff_t fat_make_i_pos(struct super_block *sb,
26 				    struct buffer_head *bh,
27 				    struct msdos_dir_entry *de)
28 {
29 	return ((loff_t)bh->b_blocknr << MSDOS_SB(sb)->dir_per_block_bits)
30 		| (de - (struct msdos_dir_entry *)bh->b_data);
31 }
32 
33 static inline void fat_dir_readahead(struct inode *dir, sector_t iblock,
34 				     sector_t phys)
35 {
36 	struct super_block *sb = dir->i_sb;
37 	struct msdos_sb_info *sbi = MSDOS_SB(sb);
38 	struct buffer_head *bh;
39 	int sec;
40 
41 	/* This is not a first sector of cluster, or sec_per_clus == 1 */
42 	if ((iblock & (sbi->sec_per_clus - 1)) || sbi->sec_per_clus == 1)
43 		return;
44 	/* root dir of FAT12/FAT16 */
45 	if ((sbi->fat_bits != 32) && (dir->i_ino == MSDOS_ROOT_INO))
46 		return;
47 
48 	bh = sb_getblk(sb, phys);
49 	if (bh && !buffer_uptodate(bh)) {
50 		for (sec = 0; sec < sbi->sec_per_clus; sec++)
51 			sb_breadahead(sb, phys + sec);
52 	}
53 	brelse(bh);
54 }
55 
56 /* Returns the inode number of the directory entry at offset pos. If bh is
57    non-NULL, it is brelse'd before. Pos is incremented. The buffer header is
58    returned in bh.
59    AV. Most often we do it item-by-item. Makes sense to optimize.
60    AV. OK, there we go: if both bh and de are non-NULL we assume that we just
61    AV. want the next entry (took one explicit de=NULL in vfat/namei.c).
62    AV. It's done in fat_get_entry() (inlined), here the slow case lives.
63    AV. Additionally, when we return -1 (i.e. reached the end of directory)
64    AV. we make bh NULL.
65  */
66 static int fat__get_entry(struct inode *dir, loff_t *pos,
67 			  struct buffer_head **bh, struct msdos_dir_entry **de)
68 {
69 	struct super_block *sb = dir->i_sb;
70 	sector_t phys, iblock;
71 	int offset;
72 	int err;
73 
74 next:
75 	if (*bh)
76 		brelse(*bh);
77 
78 	*bh = NULL;
79 	iblock = *pos >> sb->s_blocksize_bits;
80 	err = fat_bmap(dir, iblock, &phys);
81 	if (err || !phys)
82 		return -1;	/* beyond EOF or error */
83 
84 	fat_dir_readahead(dir, iblock, phys);
85 
86 	*bh = sb_bread(sb, phys);
87 	if (*bh == NULL) {
88 		printk(KERN_ERR "FAT: Directory bread(block %llu) failed\n",
89 		       (unsigned long long)phys);
90 		/* skip this block */
91 		*pos = (iblock + 1) << sb->s_blocksize_bits;
92 		goto next;
93 	}
94 
95 	offset = *pos & (sb->s_blocksize - 1);
96 	*pos += sizeof(struct msdos_dir_entry);
97 	*de = (struct msdos_dir_entry *)((*bh)->b_data + offset);
98 
99 	return 0;
100 }
101 
102 static inline int fat_get_entry(struct inode *dir, loff_t *pos,
103 				struct buffer_head **bh,
104 				struct msdos_dir_entry **de)
105 {
106 	/* Fast stuff first */
107 	if (*bh && *de &&
108 	    (*de - (struct msdos_dir_entry *)(*bh)->b_data) < MSDOS_SB(dir->i_sb)->dir_per_block - 1) {
109 		*pos += sizeof(struct msdos_dir_entry);
110 		(*de)++;
111 		return 0;
112 	}
113 	return fat__get_entry(dir, pos, bh, de);
114 }
115 
116 /*
117  * Convert Unicode 16 to UTF8, translated Unicode, or ASCII.
118  * If uni_xlate is enabled and we can't get a 1:1 conversion, use a
119  * colon as an escape character since it is normally invalid on the vfat
120  * filesystem. The following four characters are the hexadecimal digits
121  * of Unicode value. This lets us do a full dump and restore of Unicode
122  * filenames. We could get into some trouble with long Unicode names,
123  * but ignore that right now.
124  * Ahem... Stack smashing in ring 0 isn't fun. Fixed.
125  */
126 static int uni16_to_x8(unsigned char *ascii, wchar_t *uni, int uni_xlate,
127 		       struct nls_table *nls)
128 {
129 	wchar_t *ip, ec;
130 	unsigned char *op, nc;
131 	int charlen;
132 	int k;
133 
134 	ip = uni;
135 	op = ascii;
136 
137 	while (*ip) {
138 		ec = *ip++;
139 		if ( (charlen = nls->uni2char(ec, op, NLS_MAX_CHARSET_SIZE)) > 0) {
140 			op += charlen;
141 		} else {
142 			if (uni_xlate == 1) {
143 				*op = ':';
144 				for (k = 4; k > 0; k--) {
145 					nc = ec & 0xF;
146 					op[k] = nc > 9	? nc + ('a' - 10)
147 							: nc + '0';
148 					ec >>= 4;
149 				}
150 				op += 5;
151 			} else {
152 				*op++ = '?';
153 			}
154 		}
155 		/* We have some slack there, so it's OK */
156 		if (op>ascii+256) {
157 			op = ascii + 256;
158 			break;
159 		}
160 	}
161 	*op = 0;
162 	return (op - ascii);
163 }
164 
165 static inline int
166 fat_short2uni(struct nls_table *t, unsigned char *c, int clen, wchar_t *uni)
167 {
168 	int charlen;
169 
170 	charlen = t->char2uni(c, clen, uni);
171 	if (charlen < 0) {
172 		*uni = 0x003f;	/* a question mark */
173 		charlen = 1;
174 	}
175 	return charlen;
176 }
177 
178 static inline int
179 fat_short2lower_uni(struct nls_table *t, unsigned char *c, int clen, wchar_t *uni)
180 {
181 	int charlen;
182 	wchar_t wc;
183 
184 	charlen = t->char2uni(c, clen, &wc);
185 	if (charlen < 0) {
186 		*uni = 0x003f;	/* a question mark */
187 		charlen = 1;
188 	} else if (charlen <= 1) {
189 		unsigned char nc = t->charset2lower[*c];
190 
191 		if (!nc)
192 			nc = *c;
193 
194 		if ( (charlen = t->char2uni(&nc, 1, uni)) < 0) {
195 			*uni = 0x003f;	/* a question mark */
196 			charlen = 1;
197 		}
198 	} else
199 		*uni = wc;
200 
201 	return charlen;
202 }
203 
204 static inline int
205 fat_shortname2uni(struct nls_table *nls, unsigned char *buf, int buf_size,
206 		  wchar_t *uni_buf, unsigned short opt, int lower)
207 {
208 	int len = 0;
209 
210 	if (opt & VFAT_SFN_DISPLAY_LOWER)
211 		len =  fat_short2lower_uni(nls, buf, buf_size, uni_buf);
212 	else if (opt & VFAT_SFN_DISPLAY_WIN95)
213 		len = fat_short2uni(nls, buf, buf_size, uni_buf);
214 	else if (opt & VFAT_SFN_DISPLAY_WINNT) {
215 		if (lower)
216 			len = fat_short2lower_uni(nls, buf, buf_size, uni_buf);
217 		else
218 			len = fat_short2uni(nls, buf, buf_size, uni_buf);
219 	} else
220 		len = fat_short2uni(nls, buf, buf_size, uni_buf);
221 
222 	return len;
223 }
224 
225 enum { PARSE_INVALID = 1, PARSE_NOT_LONGNAME, PARSE_EOF, };
226 
227 /**
228  * fat_parse_long - Parse extended directory entry.
229  *
230  * This function returns zero on success, negative value on error, or one of
231  * the following:
232  *
233  * %PARSE_INVALID - Directory entry is invalid.
234  * %PARSE_NOT_LONGNAME - Directory entry does not contain longname.
235  * %PARSE_EOF - Directory has no more entries.
236  */
237 static int fat_parse_long(struct inode *dir, loff_t *pos,
238 			  struct buffer_head **bh, struct msdos_dir_entry **de,
239 			  wchar_t **unicode, unsigned char *nr_slots)
240 {
241 	struct msdos_dir_slot *ds;
242 	unsigned char id, slot, slots, alias_checksum;
243 
244 	if (!*unicode) {
245 		*unicode = (wchar_t *)__get_free_page(GFP_KERNEL);
246 		if (!*unicode) {
247 			brelse(*bh);
248 			return -ENOMEM;
249 		}
250 	}
251 parse_long:
252 	slots = 0;
253 	ds = (struct msdos_dir_slot *)*de;
254 	id = ds->id;
255 	if (!(id & 0x40))
256 		return PARSE_INVALID;
257 	slots = id & ~0x40;
258 	if (slots > 20 || !slots)	/* ceil(256 * 2 / 26) */
259 		return PARSE_INVALID;
260 	*nr_slots = slots;
261 	alias_checksum = ds->alias_checksum;
262 
263 	slot = slots;
264 	while (1) {
265 		int offset;
266 
267 		slot--;
268 		offset = slot * 13;
269 		fat16_towchar(*unicode + offset, ds->name0_4, 5);
270 		fat16_towchar(*unicode + offset + 5, ds->name5_10, 6);
271 		fat16_towchar(*unicode + offset + 11, ds->name11_12, 2);
272 
273 		if (ds->id & 0x40)
274 			(*unicode)[offset + 13] = 0;
275 		if (fat_get_entry(dir, pos, bh, de) < 0)
276 			return PARSE_EOF;
277 		if (slot == 0)
278 			break;
279 		ds = (struct msdos_dir_slot *)*de;
280 		if (ds->attr != ATTR_EXT)
281 			return PARSE_NOT_LONGNAME;
282 		if ((ds->id & ~0x40) != slot)
283 			goto parse_long;
284 		if (ds->alias_checksum != alias_checksum)
285 			goto parse_long;
286 	}
287 	if ((*de)->name[0] == DELETED_FLAG)
288 		return PARSE_INVALID;
289 	if ((*de)->attr == ATTR_EXT)
290 		goto parse_long;
291 	if (IS_FREE((*de)->name) || ((*de)->attr & ATTR_VOLUME))
292 		return PARSE_INVALID;
293 	if (fat_checksum((*de)->name) != alias_checksum)
294 		*nr_slots = 0;
295 
296 	return 0;
297 }
298 
299 /*
300  * Return values: negative -> error, 0 -> not found, positive -> found,
301  * value is the total amount of slots, including the shortname entry.
302  */
303 int fat_search_long(struct inode *inode, const unsigned char *name,
304 		    int name_len, struct fat_slot_info *sinfo)
305 {
306 	struct super_block *sb = inode->i_sb;
307 	struct msdos_sb_info *sbi = MSDOS_SB(sb);
308 	struct buffer_head *bh = NULL;
309 	struct msdos_dir_entry *de;
310 	struct nls_table *nls_io = sbi->nls_io;
311 	struct nls_table *nls_disk = sbi->nls_disk;
312 	wchar_t bufuname[14];
313 	unsigned char xlate_len, nr_slots;
314 	wchar_t *unicode = NULL;
315 	unsigned char work[8], bufname[260];	/* 256 + 4 */
316 	int uni_xlate = sbi->options.unicode_xlate;
317 	int utf8 = sbi->options.utf8;
318 	int anycase = (sbi->options.name_check != 's');
319 	unsigned short opt_shortname = sbi->options.shortname;
320 	loff_t cpos = 0;
321 	int chl, i, j, last_u, err;
322 
323 	err = -ENOENT;
324 	while(1) {
325 		if (fat_get_entry(inode, &cpos, &bh, &de) == -1)
326 			goto EODir;
327 parse_record:
328 		nr_slots = 0;
329 		if (de->name[0] == DELETED_FLAG)
330 			continue;
331 		if (de->attr != ATTR_EXT && (de->attr & ATTR_VOLUME))
332 			continue;
333 		if (de->attr != ATTR_EXT && IS_FREE(de->name))
334 			continue;
335 		if (de->attr == ATTR_EXT) {
336 			int status = fat_parse_long(inode, &cpos, &bh, &de,
337 						    &unicode, &nr_slots);
338 			if (status < 0)
339 				return status;
340 			else if (status == PARSE_INVALID)
341 				continue;
342 			else if (status == PARSE_NOT_LONGNAME)
343 				goto parse_record;
344 			else if (status == PARSE_EOF)
345 				goto EODir;
346 		}
347 
348 		memcpy(work, de->name, sizeof(de->name));
349 		/* see namei.c, msdos_format_name */
350 		if (work[0] == 0x05)
351 			work[0] = 0xE5;
352 		for (i = 0, j = 0, last_u = 0; i < 8;) {
353 			if (!work[i]) break;
354 			chl = fat_shortname2uni(nls_disk, &work[i], 8 - i,
355 						&bufuname[j++], opt_shortname,
356 						de->lcase & CASE_LOWER_BASE);
357 			if (chl <= 1) {
358 				if (work[i] != ' ')
359 					last_u = j;
360 			} else {
361 				last_u = j;
362 			}
363 			i += chl;
364 		}
365 		j = last_u;
366 		fat_short2uni(nls_disk, ".", 1, &bufuname[j++]);
367 		for (i = 0; i < 3;) {
368 			if (!de->ext[i]) break;
369 			chl = fat_shortname2uni(nls_disk, &de->ext[i], 3 - i,
370 						&bufuname[j++], opt_shortname,
371 						de->lcase & CASE_LOWER_EXT);
372 			if (chl <= 1) {
373 				if (de->ext[i] != ' ')
374 					last_u = j;
375 			} else {
376 				last_u = j;
377 			}
378 			i += chl;
379 		}
380 		if (!last_u)
381 			continue;
382 
383 		bufuname[last_u] = 0x0000;
384 		xlate_len = utf8
385 			?utf8_wcstombs(bufname, bufuname, sizeof(bufname))
386 			:uni16_to_x8(bufname, bufuname, uni_xlate, nls_io);
387 		if (xlate_len == name_len)
388 			if ((!anycase && !memcmp(name, bufname, xlate_len)) ||
389 			    (anycase && !nls_strnicmp(nls_io, name, bufname,
390 								xlate_len)))
391 				goto Found;
392 
393 		if (nr_slots) {
394 			xlate_len = utf8
395 				?utf8_wcstombs(bufname, unicode, sizeof(bufname))
396 				:uni16_to_x8(bufname, unicode, uni_xlate, nls_io);
397 			if (xlate_len != name_len)
398 				continue;
399 			if ((!anycase && !memcmp(name, bufname, xlate_len)) ||
400 			    (anycase && !nls_strnicmp(nls_io, name, bufname,
401 								xlate_len)))
402 				goto Found;
403 		}
404 	}
405 
406 Found:
407 	nr_slots++;	/* include the de */
408 	sinfo->slot_off = cpos - nr_slots * sizeof(*de);
409 	sinfo->nr_slots = nr_slots;
410 	sinfo->de = de;
411 	sinfo->bh = bh;
412 	sinfo->i_pos = fat_make_i_pos(sb, sinfo->bh, sinfo->de);
413 	err = 0;
414 EODir:
415 	if (unicode)
416 		free_page((unsigned long)unicode);
417 
418 	return err;
419 }
420 
421 EXPORT_SYMBOL(fat_search_long);
422 
423 struct fat_ioctl_filldir_callback {
424 	struct dirent __user *dirent;
425 	int result;
426 	/* for dir ioctl */
427 	const char *longname;
428 	int long_len;
429 	const char *shortname;
430 	int short_len;
431 };
432 
433 static int __fat_readdir(struct inode *inode, struct file *filp, void *dirent,
434 			 filldir_t filldir, int short_only, int both)
435 {
436 	struct super_block *sb = inode->i_sb;
437 	struct msdos_sb_info *sbi = MSDOS_SB(sb);
438 	struct buffer_head *bh;
439 	struct msdos_dir_entry *de;
440 	struct nls_table *nls_io = sbi->nls_io;
441 	struct nls_table *nls_disk = sbi->nls_disk;
442 	unsigned char long_slots;
443 	const char *fill_name;
444 	int fill_len;
445 	wchar_t bufuname[14];
446 	wchar_t *unicode = NULL;
447 	unsigned char c, work[8], bufname[56], *ptname = bufname;
448 	unsigned long lpos, dummy, *furrfu = &lpos;
449 	int uni_xlate = sbi->options.unicode_xlate;
450 	int isvfat = sbi->options.isvfat;
451 	int utf8 = sbi->options.utf8;
452 	int nocase = sbi->options.nocase;
453 	unsigned short opt_shortname = sbi->options.shortname;
454 	unsigned long inum;
455 	int chi, chl, i, i2, j, last, last_u, dotoffset = 0;
456 	loff_t cpos;
457 	int ret = 0;
458 
459 	lock_kernel();
460 
461 	cpos = filp->f_pos;
462 	/* Fake . and .. for the root directory. */
463 	if (inode->i_ino == MSDOS_ROOT_INO) {
464 		while (cpos < 2) {
465 			if (filldir(dirent, "..", cpos+1, cpos, MSDOS_ROOT_INO, DT_DIR) < 0)
466 				goto out;
467 			cpos++;
468 			filp->f_pos++;
469 		}
470 		if (cpos == 2) {
471 			dummy = 2;
472 			furrfu = &dummy;
473 			cpos = 0;
474 		}
475 	}
476 	if (cpos & (sizeof(struct msdos_dir_entry)-1)) {
477 		ret = -ENOENT;
478 		goto out;
479 	}
480 
481 	bh = NULL;
482 GetNew:
483 	if (fat_get_entry(inode, &cpos, &bh, &de) == -1)
484 		goto EODir;
485 parse_record:
486 	long_slots = 0;
487 	/* Check for long filename entry */
488 	if (isvfat) {
489 		if (de->name[0] == DELETED_FLAG)
490 			goto RecEnd;
491 		if (de->attr != ATTR_EXT && (de->attr & ATTR_VOLUME))
492 			goto RecEnd;
493 		if (de->attr != ATTR_EXT && IS_FREE(de->name))
494 			goto RecEnd;
495 	} else {
496 		if ((de->attr & ATTR_VOLUME) || IS_FREE(de->name))
497 			goto RecEnd;
498 	}
499 
500 	if (isvfat && de->attr == ATTR_EXT) {
501 		int status = fat_parse_long(inode, &cpos, &bh, &de,
502 					    &unicode, &long_slots);
503 		if (status < 0) {
504 			filp->f_pos = cpos;
505 			ret = status;
506 			goto out;
507 		} else if (status == PARSE_INVALID)
508 			goto RecEnd;
509 		else if (status == PARSE_NOT_LONGNAME)
510 			goto parse_record;
511 		else if (status == PARSE_EOF)
512 			goto EODir;
513 	}
514 
515 	if (sbi->options.dotsOK) {
516 		ptname = bufname;
517 		dotoffset = 0;
518 		if (de->attr & ATTR_HIDDEN) {
519 			*ptname++ = '.';
520 			dotoffset = 1;
521 		}
522 	}
523 
524 	memcpy(work, de->name, sizeof(de->name));
525 	/* see namei.c, msdos_format_name */
526 	if (work[0] == 0x05)
527 		work[0] = 0xE5;
528 	for (i = 0, j = 0, last = 0, last_u = 0; i < 8;) {
529 		if (!(c = work[i])) break;
530 		chl = fat_shortname2uni(nls_disk, &work[i], 8 - i,
531 					&bufuname[j++], opt_shortname,
532 					de->lcase & CASE_LOWER_BASE);
533 		if (chl <= 1) {
534 			ptname[i++] = (!nocase && c>='A' && c<='Z') ? c+32 : c;
535 			if (c != ' ') {
536 				last = i;
537 				last_u = j;
538 			}
539 		} else {
540 			last_u = j;
541 			for (chi = 0; chi < chl && i < 8; chi++) {
542 				ptname[i] = work[i];
543 				i++; last = i;
544 			}
545 		}
546 	}
547 	i = last;
548 	j = last_u;
549 	fat_short2uni(nls_disk, ".", 1, &bufuname[j++]);
550 	ptname[i++] = '.';
551 	for (i2 = 0; i2 < 3;) {
552 		if (!(c = de->ext[i2])) break;
553 		chl = fat_shortname2uni(nls_disk, &de->ext[i2], 3 - i2,
554 					&bufuname[j++], opt_shortname,
555 					de->lcase & CASE_LOWER_EXT);
556 		if (chl <= 1) {
557 			i2++;
558 			ptname[i++] = (!nocase && c>='A' && c<='Z') ? c+32 : c;
559 			if (c != ' ') {
560 				last = i;
561 				last_u = j;
562 			}
563 		} else {
564 			last_u = j;
565 			for (chi = 0; chi < chl && i2 < 3; chi++) {
566 				ptname[i++] = de->ext[i2++];
567 				last = i;
568 			}
569 		}
570 	}
571 	if (!last)
572 		goto RecEnd;
573 
574 	i = last + dotoffset;
575 	j = last_u;
576 
577 	lpos = cpos - (long_slots+1)*sizeof(struct msdos_dir_entry);
578 	if (!memcmp(de->name, MSDOS_DOT, MSDOS_NAME))
579 		inum = inode->i_ino;
580 	else if (!memcmp(de->name, MSDOS_DOTDOT, MSDOS_NAME)) {
581 		inum = parent_ino(filp->f_dentry);
582 	} else {
583 		loff_t i_pos = fat_make_i_pos(sb, bh, de);
584 		struct inode *tmp = fat_iget(sb, i_pos);
585 		if (tmp) {
586 			inum = tmp->i_ino;
587 			iput(tmp);
588 		} else
589 			inum = iunique(sb, MSDOS_ROOT_INO);
590 	}
591 
592 	if (isvfat) {
593 		bufuname[j] = 0x0000;
594 		i = utf8 ? utf8_wcstombs(bufname, bufuname, sizeof(bufname))
595 			 : uni16_to_x8(bufname, bufuname, uni_xlate, nls_io);
596 	}
597 
598 	fill_name = bufname;
599 	fill_len = i;
600 	if (!short_only && long_slots) {
601 		/* convert the unicode long name. 261 is maximum size
602 		 * of unicode buffer. (13 * slots + nul) */
603 		void *longname = unicode + 261;
604 		int buf_size = PAGE_SIZE - (261 * sizeof(unicode[0]));
605 		int long_len = utf8
606 			? utf8_wcstombs(longname, unicode, buf_size)
607 			: uni16_to_x8(longname, unicode, uni_xlate, nls_io);
608 
609 		if (!both) {
610 			fill_name = longname;
611 			fill_len = long_len;
612 		} else {
613 			/* hack for fat_ioctl_filldir() */
614 			struct fat_ioctl_filldir_callback *p = dirent;
615 
616 			p->longname = longname;
617 			p->long_len = long_len;
618 			p->shortname = bufname;
619 			p->short_len = i;
620 			fill_name = NULL;
621 			fill_len = 0;
622 		}
623 	}
624 	if (filldir(dirent, fill_name, fill_len, *furrfu, inum,
625 		    (de->attr & ATTR_DIR) ? DT_DIR : DT_REG) < 0)
626 		goto FillFailed;
627 
628 RecEnd:
629 	furrfu = &lpos;
630 	filp->f_pos = cpos;
631 	goto GetNew;
632 EODir:
633 	filp->f_pos = cpos;
634 FillFailed:
635 	brelse(bh);
636 	if (unicode)
637 		free_page((unsigned long)unicode);
638 out:
639 	unlock_kernel();
640 	return ret;
641 }
642 
643 static int fat_readdir(struct file *filp, void *dirent, filldir_t filldir)
644 {
645 	struct inode *inode = filp->f_dentry->d_inode;
646 	return __fat_readdir(inode, filp, dirent, filldir, 0, 0);
647 }
648 
649 static int fat_ioctl_filldir(void *__buf, const char *name, int name_len,
650 			     loff_t offset, ino_t ino, unsigned int d_type)
651 {
652 	struct fat_ioctl_filldir_callback *buf = __buf;
653 	struct dirent __user *d1 = buf->dirent;
654 	struct dirent __user *d2 = d1 + 1;
655 
656 	if (buf->result)
657 		return -EINVAL;
658 	buf->result++;
659 
660 	if (name != NULL) {
661 		/* dirent has only short name */
662 		if (name_len >= sizeof(d1->d_name))
663 			name_len = sizeof(d1->d_name) - 1;
664 
665 		if (put_user(0, d2->d_name)			||
666 		    put_user(0, &d2->d_reclen)			||
667 		    copy_to_user(d1->d_name, name, name_len)	||
668 		    put_user(0, d1->d_name + name_len)		||
669 		    put_user(name_len, &d1->d_reclen))
670 			goto efault;
671 	} else {
672 		/* dirent has short and long name */
673 		const char *longname = buf->longname;
674 		int long_len = buf->long_len;
675 		const char *shortname = buf->shortname;
676 		int short_len = buf->short_len;
677 
678 		if (long_len >= sizeof(d1->d_name))
679 			long_len = sizeof(d1->d_name) - 1;
680 		if (short_len >= sizeof(d1->d_name))
681 			short_len = sizeof(d1->d_name) - 1;
682 
683 		if (copy_to_user(d2->d_name, longname, long_len)	||
684 		    put_user(0, d2->d_name + long_len)			||
685 		    put_user(long_len, &d2->d_reclen)			||
686 		    put_user(ino, &d2->d_ino)				||
687 		    put_user(offset, &d2->d_off)			||
688 		    copy_to_user(d1->d_name, shortname, short_len)	||
689 		    put_user(0, d1->d_name + short_len)			||
690 		    put_user(short_len, &d1->d_reclen))
691 			goto efault;
692 	}
693 	return 0;
694 efault:
695 	buf->result = -EFAULT;
696 	return -EFAULT;
697 }
698 
699 static int fat_dir_ioctl(struct inode * inode, struct file * filp,
700 		  unsigned int cmd, unsigned long arg)
701 {
702 	struct fat_ioctl_filldir_callback buf;
703 	struct dirent __user *d1;
704 	int ret, short_only, both;
705 
706 	switch (cmd) {
707 	case VFAT_IOCTL_READDIR_SHORT:
708 		short_only = 1;
709 		both = 0;
710 		break;
711 	case VFAT_IOCTL_READDIR_BOTH:
712 		short_only = 0;
713 		both = 1;
714 		break;
715 	default:
716 		return fat_generic_ioctl(inode, filp, cmd, arg);
717 	}
718 
719 	d1 = (struct dirent __user *)arg;
720 	if (!access_ok(VERIFY_WRITE, d1, sizeof(struct dirent[2])))
721 		return -EFAULT;
722 	/*
723 	 * Yes, we don't need this put_user() absolutely. However old
724 	 * code didn't return the right value. So, app use this value,
725 	 * in order to check whether it is EOF.
726 	 */
727 	if (put_user(0, &d1->d_reclen))
728 		return -EFAULT;
729 
730 	buf.dirent = d1;
731 	buf.result = 0;
732 	down(&inode->i_sem);
733 	ret = -ENOENT;
734 	if (!IS_DEADDIR(inode)) {
735 		ret = __fat_readdir(inode, filp, &buf, fat_ioctl_filldir,
736 				    short_only, both);
737 	}
738 	up(&inode->i_sem);
739 	if (ret >= 0)
740 		ret = buf.result;
741 	return ret;
742 }
743 
744 struct file_operations fat_dir_operations = {
745 	.read		= generic_read_dir,
746 	.readdir	= fat_readdir,
747 	.ioctl		= fat_dir_ioctl,
748 	.fsync		= file_fsync,
749 };
750 
751 static int fat_get_short_entry(struct inode *dir, loff_t *pos,
752 			       struct buffer_head **bh,
753 			       struct msdos_dir_entry **de)
754 {
755 	while (fat_get_entry(dir, pos, bh, de) >= 0) {
756 		/* free entry or long name entry or volume label */
757 		if (!IS_FREE((*de)->name) && !((*de)->attr & ATTR_VOLUME))
758 			return 0;
759 	}
760 	return -ENOENT;
761 }
762 
763 /*
764  * The ".." entry can not provide the "struct fat_slot_info" informations
765  * for inode. So, this function provide the some informations only.
766  */
767 int fat_get_dotdot_entry(struct inode *dir, struct buffer_head **bh,
768 			 struct msdos_dir_entry **de, loff_t *i_pos)
769 {
770 	loff_t offset;
771 
772 	offset = 0;
773 	*bh = NULL;
774 	while (fat_get_short_entry(dir, &offset, bh, de) >= 0) {
775 		if (!strncmp((*de)->name, MSDOS_DOTDOT, MSDOS_NAME)) {
776 			*i_pos = fat_make_i_pos(dir->i_sb, *bh, *de);
777 			return 0;
778 		}
779 	}
780 	return -ENOENT;
781 }
782 
783 EXPORT_SYMBOL(fat_get_dotdot_entry);
784 
785 /* See if directory is empty */
786 int fat_dir_empty(struct inode *dir)
787 {
788 	struct buffer_head *bh;
789 	struct msdos_dir_entry *de;
790 	loff_t cpos;
791 	int result = 0;
792 
793 	bh = NULL;
794 	cpos = 0;
795 	while (fat_get_short_entry(dir, &cpos, &bh, &de) >= 0) {
796 		if (strncmp(de->name, MSDOS_DOT   , MSDOS_NAME) &&
797 		    strncmp(de->name, MSDOS_DOTDOT, MSDOS_NAME)) {
798 			result = -ENOTEMPTY;
799 			break;
800 		}
801 	}
802 	brelse(bh);
803 	return result;
804 }
805 
806 EXPORT_SYMBOL(fat_dir_empty);
807 
808 /*
809  * fat_subdirs counts the number of sub-directories of dir. It can be run
810  * on directories being created.
811  */
812 int fat_subdirs(struct inode *dir)
813 {
814 	struct buffer_head *bh;
815 	struct msdos_dir_entry *de;
816 	loff_t cpos;
817 	int count = 0;
818 
819 	bh = NULL;
820 	cpos = 0;
821 	while (fat_get_short_entry(dir, &cpos, &bh, &de) >= 0) {
822 		if (de->attr & ATTR_DIR)
823 			count++;
824 	}
825 	brelse(bh);
826 	return count;
827 }
828 
829 /*
830  * Scans a directory for a given file (name points to its formatted name).
831  * Returns an error code or zero.
832  */
833 int fat_scan(struct inode *dir, const unsigned char *name,
834 	     struct fat_slot_info *sinfo)
835 {
836 	struct super_block *sb = dir->i_sb;
837 
838 	sinfo->slot_off = 0;
839 	sinfo->bh = NULL;
840 	while (fat_get_short_entry(dir, &sinfo->slot_off, &sinfo->bh,
841 				   &sinfo->de) >= 0) {
842 		if (!strncmp(sinfo->de->name, name, MSDOS_NAME)) {
843 			sinfo->slot_off -= sizeof(*sinfo->de);
844 			sinfo->nr_slots = 1;
845 			sinfo->i_pos = fat_make_i_pos(sb, sinfo->bh, sinfo->de);
846 			return 0;
847 		}
848 	}
849 	return -ENOENT;
850 }
851 
852 EXPORT_SYMBOL(fat_scan);
853 
854 static int __fat_remove_entries(struct inode *dir, loff_t pos, int nr_slots)
855 {
856 	struct super_block *sb = dir->i_sb;
857 	struct buffer_head *bh;
858 	struct msdos_dir_entry *de, *endp;
859 	int err = 0, orig_slots;
860 
861 	while (nr_slots) {
862 		bh = NULL;
863 		if (fat_get_entry(dir, &pos, &bh, &de) < 0) {
864 			err = -EIO;
865 			break;
866 		}
867 
868 		orig_slots = nr_slots;
869 		endp = (struct msdos_dir_entry *)(bh->b_data + sb->s_blocksize);
870 		while (nr_slots && de < endp) {
871 			de->name[0] = DELETED_FLAG;
872 			de++;
873 			nr_slots--;
874 		}
875 		mark_buffer_dirty(bh);
876 		if (IS_DIRSYNC(dir))
877 			err = sync_dirty_buffer(bh);
878 		brelse(bh);
879 		if (err)
880 			break;
881 
882 		/* pos is *next* de's position, so this does `- sizeof(de)' */
883 		pos += ((orig_slots - nr_slots) * sizeof(*de)) - sizeof(*de);
884 	}
885 
886 	return err;
887 }
888 
889 int fat_remove_entries(struct inode *dir, struct fat_slot_info *sinfo)
890 {
891 	struct msdos_dir_entry *de;
892 	struct buffer_head *bh;
893 	int err = 0, nr_slots;
894 
895 	/*
896 	 * First stage: Remove the shortname. By this, the directory
897 	 * entry is removed.
898 	 */
899 	nr_slots = sinfo->nr_slots;
900 	de = sinfo->de;
901 	sinfo->de = NULL;
902 	bh = sinfo->bh;
903 	sinfo->bh = NULL;
904 	while (nr_slots && de >= (struct msdos_dir_entry *)bh->b_data) {
905 		de->name[0] = DELETED_FLAG;
906 		de--;
907 		nr_slots--;
908 	}
909 	mark_buffer_dirty(bh);
910 	if (IS_DIRSYNC(dir))
911 		err = sync_dirty_buffer(bh);
912 	brelse(bh);
913 	if (err)
914 		return err;
915 	dir->i_version++;
916 
917 	if (nr_slots) {
918 		/*
919 		 * Second stage: remove the remaining longname slots.
920 		 * (This directory entry is already removed, and so return
921 		 * the success)
922 		 */
923 		err = __fat_remove_entries(dir, sinfo->slot_off, nr_slots);
924 		if (err) {
925 			printk(KERN_WARNING
926 			       "FAT: Couldn't remove the long name slots\n");
927 		}
928 	}
929 
930 	dir->i_mtime = dir->i_atime = CURRENT_TIME_SEC;
931 	if (IS_DIRSYNC(dir))
932 		(void)fat_sync_inode(dir);
933 	else
934 		mark_inode_dirty(dir);
935 
936 	return 0;
937 }
938 
939 EXPORT_SYMBOL(fat_remove_entries);
940 
941 static int fat_zeroed_cluster(struct inode *dir, sector_t blknr, int nr_used,
942 			      struct buffer_head **bhs, int nr_bhs)
943 {
944 	struct super_block *sb = dir->i_sb;
945 	sector_t last_blknr = blknr + MSDOS_SB(sb)->sec_per_clus;
946 	int err, i, n;
947 
948 	/* Zeroing the unused blocks on this cluster */
949 	blknr += nr_used;
950 	n = nr_used;
951 	while (blknr < last_blknr) {
952 		bhs[n] = sb_getblk(sb, blknr);
953 		if (!bhs[n]) {
954 			err = -ENOMEM;
955 			goto error;
956 		}
957 		memset(bhs[n]->b_data, 0, sb->s_blocksize);
958 		set_buffer_uptodate(bhs[n]);
959 		mark_buffer_dirty(bhs[n]);
960 
961 		n++;
962 		blknr++;
963 		if (n == nr_bhs) {
964 			if (IS_DIRSYNC(dir)) {
965 				err = fat_sync_bhs(bhs, n);
966 				if (err)
967 					goto error;
968 			}
969 			for (i = 0; i < n; i++)
970 				brelse(bhs[i]);
971 			n = 0;
972 		}
973 	}
974 	if (IS_DIRSYNC(dir)) {
975 		err = fat_sync_bhs(bhs, n);
976 		if (err)
977 			goto error;
978 	}
979 	for (i = 0; i < n; i++)
980 		brelse(bhs[i]);
981 
982 	return 0;
983 
984 error:
985 	for (i = 0; i < n; i++)
986 		bforget(bhs[i]);
987 	return err;
988 }
989 
990 int fat_alloc_new_dir(struct inode *dir, struct timespec *ts)
991 {
992 	struct super_block *sb = dir->i_sb;
993 	struct msdos_sb_info *sbi = MSDOS_SB(sb);
994 	struct buffer_head *bhs[MAX_BUF_PER_PAGE];
995 	struct msdos_dir_entry *de;
996 	sector_t blknr;
997 	__le16 date, time;
998 	int err, cluster;
999 
1000 	err = fat_alloc_clusters(dir, &cluster, 1);
1001 	if (err)
1002 		goto error;
1003 
1004 	blknr = fat_clus_to_blknr(sbi, cluster);
1005 	bhs[0] = sb_getblk(sb, blknr);
1006 	if (!bhs[0]) {
1007 		err = -ENOMEM;
1008 		goto error_free;
1009 	}
1010 
1011 	fat_date_unix2dos(ts->tv_sec, &time, &date);
1012 
1013 	de = (struct msdos_dir_entry *)bhs[0]->b_data;
1014 	/* filling the new directory slots ("." and ".." entries) */
1015 	memcpy(de[0].name, MSDOS_DOT, MSDOS_NAME);
1016 	memcpy(de[1].name, MSDOS_DOTDOT, MSDOS_NAME);
1017 	de->attr = de[1].attr = ATTR_DIR;
1018 	de[0].lcase = de[1].lcase = 0;
1019 	de[0].time = de[1].time = time;
1020 	de[0].date = de[1].date = date;
1021 	de[0].ctime_cs = de[1].ctime_cs = 0;
1022 	if (sbi->options.isvfat) {
1023 		/* extra timestamps */
1024 		de[0].ctime = de[1].ctime = time;
1025 		de[0].adate = de[0].cdate = de[1].adate = de[1].cdate = date;
1026 	} else {
1027 		de[0].ctime = de[1].ctime = 0;
1028 		de[0].adate = de[0].cdate = de[1].adate = de[1].cdate = 0;
1029 	}
1030 	de[0].start = cpu_to_le16(cluster);
1031 	de[0].starthi = cpu_to_le16(cluster >> 16);
1032 	de[1].start = cpu_to_le16(MSDOS_I(dir)->i_logstart);
1033 	de[1].starthi = cpu_to_le16(MSDOS_I(dir)->i_logstart >> 16);
1034 	de[0].size = de[1].size = 0;
1035 	memset(de + 2, 0, sb->s_blocksize - 2 * sizeof(*de));
1036 	set_buffer_uptodate(bhs[0]);
1037 	mark_buffer_dirty(bhs[0]);
1038 
1039 	err = fat_zeroed_cluster(dir, blknr, 1, bhs, MAX_BUF_PER_PAGE);
1040 	if (err)
1041 		goto error_free;
1042 
1043 	return cluster;
1044 
1045 error_free:
1046 	fat_free_clusters(dir, cluster);
1047 error:
1048 	return err;
1049 }
1050 
1051 EXPORT_SYMBOL(fat_alloc_new_dir);
1052 
1053 static int fat_add_new_entries(struct inode *dir, void *slots, int nr_slots,
1054 			       int *nr_cluster, struct msdos_dir_entry **de,
1055 			       struct buffer_head **bh, loff_t *i_pos)
1056 {
1057 	struct super_block *sb = dir->i_sb;
1058 	struct msdos_sb_info *sbi = MSDOS_SB(sb);
1059 	struct buffer_head *bhs[MAX_BUF_PER_PAGE];
1060 	sector_t blknr, start_blknr, last_blknr;
1061 	unsigned long size, copy;
1062 	int err, i, n, offset, cluster[2];
1063 
1064 	/*
1065 	 * The minimum cluster size is 512bytes, and maximum entry
1066 	 * size is 32*slots (672bytes).  So, iff the cluster size is
1067 	 * 512bytes, we may need two clusters.
1068 	 */
1069 	size = nr_slots * sizeof(struct msdos_dir_entry);
1070 	*nr_cluster = (size + (sbi->cluster_size - 1)) >> sbi->cluster_bits;
1071 	BUG_ON(*nr_cluster > 2);
1072 
1073 	err = fat_alloc_clusters(dir, cluster, *nr_cluster);
1074 	if (err)
1075 		goto error;
1076 
1077 	/*
1078 	 * First stage: Fill the directory entry.  NOTE: This cluster
1079 	 * is not referenced from any inode yet, so updates order is
1080 	 * not important.
1081 	 */
1082 	i = n = copy = 0;
1083 	do {
1084 		start_blknr = blknr = fat_clus_to_blknr(sbi, cluster[i]);
1085 		last_blknr = start_blknr + sbi->sec_per_clus;
1086 		while (blknr < last_blknr) {
1087 			bhs[n] = sb_getblk(sb, blknr);
1088 			if (!bhs[n]) {
1089 				err = -ENOMEM;
1090 				goto error_nomem;
1091 			}
1092 
1093 			/* fill the directory entry */
1094 			copy = min(size, sb->s_blocksize);
1095 			memcpy(bhs[n]->b_data, slots, copy);
1096 			slots += copy;
1097 			size -= copy;
1098 			set_buffer_uptodate(bhs[n]);
1099 			mark_buffer_dirty(bhs[n]);
1100 			if (!size)
1101 				break;
1102 			n++;
1103 			blknr++;
1104 		}
1105 	} while (++i < *nr_cluster);
1106 
1107 	memset(bhs[n]->b_data + copy, 0, sb->s_blocksize - copy);
1108 	offset = copy - sizeof(struct msdos_dir_entry);
1109 	get_bh(bhs[n]);
1110 	*bh = bhs[n];
1111 	*de = (struct msdos_dir_entry *)((*bh)->b_data + offset);
1112 	*i_pos = fat_make_i_pos(sb, *bh, *de);
1113 
1114 	/* Second stage: clear the rest of cluster, and write outs */
1115 	err = fat_zeroed_cluster(dir, start_blknr, ++n, bhs, MAX_BUF_PER_PAGE);
1116 	if (err)
1117 		goto error_free;
1118 
1119 	return cluster[0];
1120 
1121 error_free:
1122 	brelse(*bh);
1123 	*bh = NULL;
1124 	n = 0;
1125 error_nomem:
1126 	for (i = 0; i < n; i++)
1127 		bforget(bhs[i]);
1128 	fat_free_clusters(dir, cluster[0]);
1129 error:
1130 	return err;
1131 }
1132 
1133 int fat_add_entries(struct inode *dir, void *slots, int nr_slots,
1134 		    struct fat_slot_info *sinfo)
1135 {
1136 	struct super_block *sb = dir->i_sb;
1137 	struct msdos_sb_info *sbi = MSDOS_SB(sb);
1138 	struct buffer_head *bh, *prev, *bhs[3]; /* 32*slots (672bytes) */
1139 	struct msdos_dir_entry *de;
1140 	int err, free_slots, i, nr_bhs;
1141 	loff_t pos, i_pos;
1142 
1143 	sinfo->nr_slots = nr_slots;
1144 
1145 	/* First stage: search free direcotry entries */
1146 	free_slots = nr_bhs = 0;
1147 	bh = prev = NULL;
1148 	pos = 0;
1149 	err = -ENOSPC;
1150 	while (fat_get_entry(dir, &pos, &bh, &de) > -1) {
1151 		/* check the maximum size of directory */
1152 		if (pos >= FAT_MAX_DIR_SIZE)
1153 			goto error;
1154 
1155 		if (IS_FREE(de->name)) {
1156 			if (prev != bh) {
1157 				get_bh(bh);
1158 				bhs[nr_bhs] = prev = bh;
1159 				nr_bhs++;
1160 			}
1161 			free_slots++;
1162 			if (free_slots == nr_slots)
1163 				goto found;
1164 		} else {
1165 			for (i = 0; i < nr_bhs; i++)
1166 				brelse(bhs[i]);
1167 			prev = NULL;
1168 			free_slots = nr_bhs = 0;
1169 		}
1170 	}
1171 	if (dir->i_ino == MSDOS_ROOT_INO) {
1172 		if (sbi->fat_bits != 32)
1173 			goto error;
1174 	} else if (MSDOS_I(dir)->i_start == 0) {
1175 		printk(KERN_ERR "FAT: Corrupted directory (i_pos %lld)\n",
1176 		       MSDOS_I(dir)->i_pos);
1177 		err = -EIO;
1178 		goto error;
1179 	}
1180 
1181 found:
1182 	err = 0;
1183 	pos -= free_slots * sizeof(*de);
1184 	nr_slots -= free_slots;
1185 	if (free_slots) {
1186 		/*
1187 		 * Second stage: filling the free entries with new entries.
1188 		 * NOTE: If this slots has shortname, first, we write
1189 		 * the long name slots, then write the short name.
1190 		 */
1191 		int size = free_slots * sizeof(*de);
1192 		int offset = pos & (sb->s_blocksize - 1);
1193 		int long_bhs = nr_bhs - (nr_slots == 0);
1194 
1195 		/* Fill the long name slots. */
1196 		for (i = 0; i < long_bhs; i++) {
1197 			int copy = min_t(int, sb->s_blocksize - offset, size);
1198 			memcpy(bhs[i]->b_data + offset, slots, copy);
1199 			mark_buffer_dirty(bhs[i]);
1200 			offset = 0;
1201 			slots += copy;
1202 			size -= copy;
1203 		}
1204 		if (long_bhs && IS_DIRSYNC(dir))
1205 			err = fat_sync_bhs(bhs, long_bhs);
1206 		if (!err && i < nr_bhs) {
1207 			/* Fill the short name slot. */
1208 			int copy = min_t(int, sb->s_blocksize - offset, size);
1209 			memcpy(bhs[i]->b_data + offset, slots, copy);
1210 			mark_buffer_dirty(bhs[i]);
1211 			if (IS_DIRSYNC(dir))
1212 				err = sync_dirty_buffer(bhs[i]);
1213 		}
1214 		for (i = 0; i < nr_bhs; i++)
1215 			brelse(bhs[i]);
1216 		if (err)
1217 			goto error_remove;
1218 	}
1219 
1220 	if (nr_slots) {
1221 		int cluster, nr_cluster;
1222 
1223 		/*
1224 		 * Third stage: allocate the cluster for new entries.
1225 		 * And initialize the cluster with new entries, then
1226 		 * add the cluster to dir.
1227 		 */
1228 		cluster = fat_add_new_entries(dir, slots, nr_slots, &nr_cluster,
1229 					      &de, &bh, &i_pos);
1230 		if (cluster < 0) {
1231 			err = cluster;
1232 			goto error_remove;
1233 		}
1234 		err = fat_chain_add(dir, cluster, nr_cluster);
1235 		if (err) {
1236 			fat_free_clusters(dir, cluster);
1237 			goto error_remove;
1238 		}
1239 		if (dir->i_size & (sbi->cluster_size - 1)) {
1240 			fat_fs_panic(sb, "Odd directory size");
1241 			dir->i_size = (dir->i_size + sbi->cluster_size - 1)
1242 				& ~((loff_t)sbi->cluster_size - 1);
1243 		}
1244 		dir->i_size += nr_cluster << sbi->cluster_bits;
1245 		MSDOS_I(dir)->mmu_private += nr_cluster << sbi->cluster_bits;
1246 	}
1247 	sinfo->slot_off = pos;
1248 	sinfo->de = de;
1249 	sinfo->bh = bh;
1250 	sinfo->i_pos = fat_make_i_pos(sb, sinfo->bh, sinfo->de);
1251 
1252 	return 0;
1253 
1254 error:
1255 	brelse(bh);
1256 	for (i = 0; i < nr_bhs; i++)
1257 		brelse(bhs[i]);
1258 	return err;
1259 
1260 error_remove:
1261 	brelse(bh);
1262 	if (free_slots)
1263 		__fat_remove_entries(dir, pos, free_slots);
1264 	return err;
1265 }
1266 
1267 EXPORT_SYMBOL(fat_add_entries);
1268