1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * linux/fs/ext4/namei.c 4 * 5 * Copyright (C) 1992, 1993, 1994, 1995 6 * Remy Card (card@masi.ibp.fr) 7 * Laboratoire MASI - Institut Blaise Pascal 8 * Universite Pierre et Marie Curie (Paris VI) 9 * 10 * from 11 * 12 * linux/fs/minix/namei.c 13 * 14 * Copyright (C) 1991, 1992 Linus Torvalds 15 * 16 * Big-endian to little-endian byte-swapping/bitmaps by 17 * David S. Miller (davem@caip.rutgers.edu), 1995 18 * Directory entry file type support and forward compatibility hooks 19 * for B-tree directories by Theodore Ts'o (tytso@mit.edu), 1998 20 * Hash Tree Directory indexing (c) 21 * Daniel Phillips, 2001 22 * Hash Tree Directory indexing porting 23 * Christopher Li, 2002 24 * Hash Tree Directory indexing cleanup 25 * Theodore Ts'o, 2002 26 */ 27 28 #include <linux/fs.h> 29 #include <linux/pagemap.h> 30 #include <linux/time.h> 31 #include <linux/fcntl.h> 32 #include <linux/stat.h> 33 #include <linux/string.h> 34 #include <linux/quotaops.h> 35 #include <linux/buffer_head.h> 36 #include <linux/bio.h> 37 #include <linux/iversion.h> 38 #include <linux/unicode.h> 39 #include "ext4.h" 40 #include "ext4_jbd2.h" 41 42 #include "xattr.h" 43 #include "acl.h" 44 45 #include <trace/events/ext4.h> 46 /* 47 * define how far ahead to read directories while searching them. 48 */ 49 #define NAMEI_RA_CHUNKS 2 50 #define NAMEI_RA_BLOCKS 4 51 #define NAMEI_RA_SIZE (NAMEI_RA_CHUNKS * NAMEI_RA_BLOCKS) 52 53 static struct buffer_head *ext4_append(handle_t *handle, 54 struct inode *inode, 55 ext4_lblk_t *block) 56 { 57 struct buffer_head *bh; 58 int err; 59 60 if (unlikely(EXT4_SB(inode->i_sb)->s_max_dir_size_kb && 61 ((inode->i_size >> 10) >= 62 EXT4_SB(inode->i_sb)->s_max_dir_size_kb))) 63 return ERR_PTR(-ENOSPC); 64 65 *block = inode->i_size >> inode->i_sb->s_blocksize_bits; 66 67 bh = ext4_bread(handle, inode, *block, EXT4_GET_BLOCKS_CREATE); 68 if (IS_ERR(bh)) 69 return bh; 70 inode->i_size += inode->i_sb->s_blocksize; 71 EXT4_I(inode)->i_disksize = inode->i_size; 72 BUFFER_TRACE(bh, "get_write_access"); 73 err = ext4_journal_get_write_access(handle, bh); 74 if (err) { 75 brelse(bh); 76 ext4_std_error(inode->i_sb, err); 77 return ERR_PTR(err); 78 } 79 return bh; 80 } 81 82 static int ext4_dx_csum_verify(struct inode *inode, 83 struct ext4_dir_entry *dirent); 84 85 /* 86 * Hints to ext4_read_dirblock regarding whether we expect a directory 87 * block being read to be an index block, or a block containing 88 * directory entries (and if the latter, whether it was found via a 89 * logical block in an htree index block). This is used to control 90 * what sort of sanity checkinig ext4_read_dirblock() will do on the 91 * directory block read from the storage device. EITHER will means 92 * the caller doesn't know what kind of directory block will be read, 93 * so no specific verification will be done. 94 */ 95 typedef enum { 96 EITHER, INDEX, DIRENT, DIRENT_HTREE 97 } dirblock_type_t; 98 99 #define ext4_read_dirblock(inode, block, type) \ 100 __ext4_read_dirblock((inode), (block), (type), __func__, __LINE__) 101 102 static struct buffer_head *__ext4_read_dirblock(struct inode *inode, 103 ext4_lblk_t block, 104 dirblock_type_t type, 105 const char *func, 106 unsigned int line) 107 { 108 struct buffer_head *bh; 109 struct ext4_dir_entry *dirent; 110 int is_dx_block = 0; 111 112 if (ext4_simulate_fail(inode->i_sb, EXT4_SIM_DIRBLOCK_EIO)) 113 bh = ERR_PTR(-EIO); 114 else 115 bh = ext4_bread(NULL, inode, block, 0); 116 if (IS_ERR(bh)) { 117 __ext4_warning(inode->i_sb, func, line, 118 "inode #%lu: lblock %lu: comm %s: " 119 "error %ld reading directory block", 120 inode->i_ino, (unsigned long)block, 121 current->comm, PTR_ERR(bh)); 122 123 return bh; 124 } 125 if (!bh && (type == INDEX || type == DIRENT_HTREE)) { 126 ext4_error_inode(inode, func, line, block, 127 "Directory hole found for htree %s block", 128 (type == INDEX) ? "index" : "leaf"); 129 return ERR_PTR(-EFSCORRUPTED); 130 } 131 if (!bh) 132 return NULL; 133 dirent = (struct ext4_dir_entry *) bh->b_data; 134 /* Determine whether or not we have an index block */ 135 if (is_dx(inode)) { 136 if (block == 0) 137 is_dx_block = 1; 138 else if (ext4_rec_len_from_disk(dirent->rec_len, 139 inode->i_sb->s_blocksize) == 140 inode->i_sb->s_blocksize) 141 is_dx_block = 1; 142 } 143 if (!is_dx_block && type == INDEX) { 144 ext4_error_inode(inode, func, line, block, 145 "directory leaf block found instead of index block"); 146 brelse(bh); 147 return ERR_PTR(-EFSCORRUPTED); 148 } 149 if (!ext4_has_metadata_csum(inode->i_sb) || 150 buffer_verified(bh)) 151 return bh; 152 153 /* 154 * An empty leaf block can get mistaken for a index block; for 155 * this reason, we can only check the index checksum when the 156 * caller is sure it should be an index block. 157 */ 158 if (is_dx_block && type == INDEX) { 159 if (ext4_dx_csum_verify(inode, dirent) && 160 !ext4_simulate_fail(inode->i_sb, EXT4_SIM_DIRBLOCK_CRC)) 161 set_buffer_verified(bh); 162 else { 163 ext4_error_inode_err(inode, func, line, block, 164 EFSBADCRC, 165 "Directory index failed checksum"); 166 brelse(bh); 167 return ERR_PTR(-EFSBADCRC); 168 } 169 } 170 if (!is_dx_block) { 171 if (ext4_dirblock_csum_verify(inode, bh) && 172 !ext4_simulate_fail(inode->i_sb, EXT4_SIM_DIRBLOCK_CRC)) 173 set_buffer_verified(bh); 174 else { 175 ext4_error_inode_err(inode, func, line, block, 176 EFSBADCRC, 177 "Directory block failed checksum"); 178 brelse(bh); 179 return ERR_PTR(-EFSBADCRC); 180 } 181 } 182 return bh; 183 } 184 185 #ifdef DX_DEBUG 186 #define dxtrace(command) command 187 #else 188 #define dxtrace(command) 189 #endif 190 191 struct fake_dirent 192 { 193 __le32 inode; 194 __le16 rec_len; 195 u8 name_len; 196 u8 file_type; 197 }; 198 199 struct dx_countlimit 200 { 201 __le16 limit; 202 __le16 count; 203 }; 204 205 struct dx_entry 206 { 207 __le32 hash; 208 __le32 block; 209 }; 210 211 /* 212 * dx_root_info is laid out so that if it should somehow get overlaid by a 213 * dirent the two low bits of the hash version will be zero. Therefore, the 214 * hash version mod 4 should never be 0. Sincerely, the paranoia department. 215 */ 216 217 struct dx_root 218 { 219 struct fake_dirent dot; 220 char dot_name[4]; 221 struct fake_dirent dotdot; 222 char dotdot_name[4]; 223 struct dx_root_info 224 { 225 __le32 reserved_zero; 226 u8 hash_version; 227 u8 info_length; /* 8 */ 228 u8 indirect_levels; 229 u8 unused_flags; 230 } 231 info; 232 struct dx_entry entries[]; 233 }; 234 235 struct dx_node 236 { 237 struct fake_dirent fake; 238 struct dx_entry entries[]; 239 }; 240 241 242 struct dx_frame 243 { 244 struct buffer_head *bh; 245 struct dx_entry *entries; 246 struct dx_entry *at; 247 }; 248 249 struct dx_map_entry 250 { 251 u32 hash; 252 u16 offs; 253 u16 size; 254 }; 255 256 /* 257 * This goes at the end of each htree block. 258 */ 259 struct dx_tail { 260 u32 dt_reserved; 261 __le32 dt_checksum; /* crc32c(uuid+inum+dirblock) */ 262 }; 263 264 static inline ext4_lblk_t dx_get_block(struct dx_entry *entry); 265 static void dx_set_block(struct dx_entry *entry, ext4_lblk_t value); 266 static inline unsigned dx_get_hash(struct dx_entry *entry); 267 static void dx_set_hash(struct dx_entry *entry, unsigned value); 268 static unsigned dx_get_count(struct dx_entry *entries); 269 static unsigned dx_get_limit(struct dx_entry *entries); 270 static void dx_set_count(struct dx_entry *entries, unsigned value); 271 static void dx_set_limit(struct dx_entry *entries, unsigned value); 272 static unsigned dx_root_limit(struct inode *dir, unsigned infosize); 273 static unsigned dx_node_limit(struct inode *dir); 274 static struct dx_frame *dx_probe(struct ext4_filename *fname, 275 struct inode *dir, 276 struct dx_hash_info *hinfo, 277 struct dx_frame *frame); 278 static void dx_release(struct dx_frame *frames); 279 static int dx_make_map(struct inode *dir, struct ext4_dir_entry_2 *de, 280 unsigned blocksize, struct dx_hash_info *hinfo, 281 struct dx_map_entry map[]); 282 static void dx_sort_map(struct dx_map_entry *map, unsigned count); 283 static struct ext4_dir_entry_2 *dx_move_dirents(struct inode *dir, char *from, 284 char *to, struct dx_map_entry *offsets, 285 int count, unsigned int blocksize); 286 static struct ext4_dir_entry_2 *dx_pack_dirents(struct inode *dir, char *base, 287 unsigned int blocksize); 288 static void dx_insert_block(struct dx_frame *frame, 289 u32 hash, ext4_lblk_t block); 290 static int ext4_htree_next_block(struct inode *dir, __u32 hash, 291 struct dx_frame *frame, 292 struct dx_frame *frames, 293 __u32 *start_hash); 294 static struct buffer_head * ext4_dx_find_entry(struct inode *dir, 295 struct ext4_filename *fname, 296 struct ext4_dir_entry_2 **res_dir); 297 static int ext4_dx_add_entry(handle_t *handle, struct ext4_filename *fname, 298 struct inode *dir, struct inode *inode); 299 300 /* checksumming functions */ 301 void ext4_initialize_dirent_tail(struct buffer_head *bh, 302 unsigned int blocksize) 303 { 304 struct ext4_dir_entry_tail *t = EXT4_DIRENT_TAIL(bh->b_data, blocksize); 305 306 memset(t, 0, sizeof(struct ext4_dir_entry_tail)); 307 t->det_rec_len = ext4_rec_len_to_disk( 308 sizeof(struct ext4_dir_entry_tail), blocksize); 309 t->det_reserved_ft = EXT4_FT_DIR_CSUM; 310 } 311 312 /* Walk through a dirent block to find a checksum "dirent" at the tail */ 313 static struct ext4_dir_entry_tail *get_dirent_tail(struct inode *inode, 314 struct buffer_head *bh) 315 { 316 struct ext4_dir_entry_tail *t; 317 318 #ifdef PARANOID 319 struct ext4_dir_entry *d, *top; 320 321 d = (struct ext4_dir_entry *)bh->b_data; 322 top = (struct ext4_dir_entry *)(bh->b_data + 323 (EXT4_BLOCK_SIZE(inode->i_sb) - 324 sizeof(struct ext4_dir_entry_tail))); 325 while (d < top && d->rec_len) 326 d = (struct ext4_dir_entry *)(((void *)d) + 327 le16_to_cpu(d->rec_len)); 328 329 if (d != top) 330 return NULL; 331 332 t = (struct ext4_dir_entry_tail *)d; 333 #else 334 t = EXT4_DIRENT_TAIL(bh->b_data, EXT4_BLOCK_SIZE(inode->i_sb)); 335 #endif 336 337 if (t->det_reserved_zero1 || 338 le16_to_cpu(t->det_rec_len) != sizeof(struct ext4_dir_entry_tail) || 339 t->det_reserved_zero2 || 340 t->det_reserved_ft != EXT4_FT_DIR_CSUM) 341 return NULL; 342 343 return t; 344 } 345 346 static __le32 ext4_dirblock_csum(struct inode *inode, void *dirent, int size) 347 { 348 struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb); 349 struct ext4_inode_info *ei = EXT4_I(inode); 350 __u32 csum; 351 352 csum = ext4_chksum(sbi, ei->i_csum_seed, (__u8 *)dirent, size); 353 return cpu_to_le32(csum); 354 } 355 356 #define warn_no_space_for_csum(inode) \ 357 __warn_no_space_for_csum((inode), __func__, __LINE__) 358 359 static void __warn_no_space_for_csum(struct inode *inode, const char *func, 360 unsigned int line) 361 { 362 __ext4_warning_inode(inode, func, line, 363 "No space for directory leaf checksum. Please run e2fsck -D."); 364 } 365 366 int ext4_dirblock_csum_verify(struct inode *inode, struct buffer_head *bh) 367 { 368 struct ext4_dir_entry_tail *t; 369 370 if (!ext4_has_metadata_csum(inode->i_sb)) 371 return 1; 372 373 t = get_dirent_tail(inode, bh); 374 if (!t) { 375 warn_no_space_for_csum(inode); 376 return 0; 377 } 378 379 if (t->det_checksum != ext4_dirblock_csum(inode, bh->b_data, 380 (char *)t - bh->b_data)) 381 return 0; 382 383 return 1; 384 } 385 386 static void ext4_dirblock_csum_set(struct inode *inode, 387 struct buffer_head *bh) 388 { 389 struct ext4_dir_entry_tail *t; 390 391 if (!ext4_has_metadata_csum(inode->i_sb)) 392 return; 393 394 t = get_dirent_tail(inode, bh); 395 if (!t) { 396 warn_no_space_for_csum(inode); 397 return; 398 } 399 400 t->det_checksum = ext4_dirblock_csum(inode, bh->b_data, 401 (char *)t - bh->b_data); 402 } 403 404 int ext4_handle_dirty_dirblock(handle_t *handle, 405 struct inode *inode, 406 struct buffer_head *bh) 407 { 408 ext4_dirblock_csum_set(inode, bh); 409 return ext4_handle_dirty_metadata(handle, inode, bh); 410 } 411 412 static struct dx_countlimit *get_dx_countlimit(struct inode *inode, 413 struct ext4_dir_entry *dirent, 414 int *offset) 415 { 416 struct ext4_dir_entry *dp; 417 struct dx_root_info *root; 418 int count_offset; 419 420 if (le16_to_cpu(dirent->rec_len) == EXT4_BLOCK_SIZE(inode->i_sb)) 421 count_offset = 8; 422 else if (le16_to_cpu(dirent->rec_len) == 12) { 423 dp = (struct ext4_dir_entry *)(((void *)dirent) + 12); 424 if (le16_to_cpu(dp->rec_len) != 425 EXT4_BLOCK_SIZE(inode->i_sb) - 12) 426 return NULL; 427 root = (struct dx_root_info *)(((void *)dp + 12)); 428 if (root->reserved_zero || 429 root->info_length != sizeof(struct dx_root_info)) 430 return NULL; 431 count_offset = 32; 432 } else 433 return NULL; 434 435 if (offset) 436 *offset = count_offset; 437 return (struct dx_countlimit *)(((void *)dirent) + count_offset); 438 } 439 440 static __le32 ext4_dx_csum(struct inode *inode, struct ext4_dir_entry *dirent, 441 int count_offset, int count, struct dx_tail *t) 442 { 443 struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb); 444 struct ext4_inode_info *ei = EXT4_I(inode); 445 __u32 csum; 446 int size; 447 __u32 dummy_csum = 0; 448 int offset = offsetof(struct dx_tail, dt_checksum); 449 450 size = count_offset + (count * sizeof(struct dx_entry)); 451 csum = ext4_chksum(sbi, ei->i_csum_seed, (__u8 *)dirent, size); 452 csum = ext4_chksum(sbi, csum, (__u8 *)t, offset); 453 csum = ext4_chksum(sbi, csum, (__u8 *)&dummy_csum, sizeof(dummy_csum)); 454 455 return cpu_to_le32(csum); 456 } 457 458 static int ext4_dx_csum_verify(struct inode *inode, 459 struct ext4_dir_entry *dirent) 460 { 461 struct dx_countlimit *c; 462 struct dx_tail *t; 463 int count_offset, limit, count; 464 465 if (!ext4_has_metadata_csum(inode->i_sb)) 466 return 1; 467 468 c = get_dx_countlimit(inode, dirent, &count_offset); 469 if (!c) { 470 EXT4_ERROR_INODE(inode, "dir seems corrupt? Run e2fsck -D."); 471 return 0; 472 } 473 limit = le16_to_cpu(c->limit); 474 count = le16_to_cpu(c->count); 475 if (count_offset + (limit * sizeof(struct dx_entry)) > 476 EXT4_BLOCK_SIZE(inode->i_sb) - sizeof(struct dx_tail)) { 477 warn_no_space_for_csum(inode); 478 return 0; 479 } 480 t = (struct dx_tail *)(((struct dx_entry *)c) + limit); 481 482 if (t->dt_checksum != ext4_dx_csum(inode, dirent, count_offset, 483 count, t)) 484 return 0; 485 return 1; 486 } 487 488 static void ext4_dx_csum_set(struct inode *inode, struct ext4_dir_entry *dirent) 489 { 490 struct dx_countlimit *c; 491 struct dx_tail *t; 492 int count_offset, limit, count; 493 494 if (!ext4_has_metadata_csum(inode->i_sb)) 495 return; 496 497 c = get_dx_countlimit(inode, dirent, &count_offset); 498 if (!c) { 499 EXT4_ERROR_INODE(inode, "dir seems corrupt? Run e2fsck -D."); 500 return; 501 } 502 limit = le16_to_cpu(c->limit); 503 count = le16_to_cpu(c->count); 504 if (count_offset + (limit * sizeof(struct dx_entry)) > 505 EXT4_BLOCK_SIZE(inode->i_sb) - sizeof(struct dx_tail)) { 506 warn_no_space_for_csum(inode); 507 return; 508 } 509 t = (struct dx_tail *)(((struct dx_entry *)c) + limit); 510 511 t->dt_checksum = ext4_dx_csum(inode, dirent, count_offset, count, t); 512 } 513 514 static inline int ext4_handle_dirty_dx_node(handle_t *handle, 515 struct inode *inode, 516 struct buffer_head *bh) 517 { 518 ext4_dx_csum_set(inode, (struct ext4_dir_entry *)bh->b_data); 519 return ext4_handle_dirty_metadata(handle, inode, bh); 520 } 521 522 /* 523 * p is at least 6 bytes before the end of page 524 */ 525 static inline struct ext4_dir_entry_2 * 526 ext4_next_entry(struct ext4_dir_entry_2 *p, unsigned long blocksize) 527 { 528 return (struct ext4_dir_entry_2 *)((char *)p + 529 ext4_rec_len_from_disk(p->rec_len, blocksize)); 530 } 531 532 /* 533 * Future: use high four bits of block for coalesce-on-delete flags 534 * Mask them off for now. 535 */ 536 537 static inline ext4_lblk_t dx_get_block(struct dx_entry *entry) 538 { 539 return le32_to_cpu(entry->block) & 0x0fffffff; 540 } 541 542 static inline void dx_set_block(struct dx_entry *entry, ext4_lblk_t value) 543 { 544 entry->block = cpu_to_le32(value); 545 } 546 547 static inline unsigned dx_get_hash(struct dx_entry *entry) 548 { 549 return le32_to_cpu(entry->hash); 550 } 551 552 static inline void dx_set_hash(struct dx_entry *entry, unsigned value) 553 { 554 entry->hash = cpu_to_le32(value); 555 } 556 557 static inline unsigned dx_get_count(struct dx_entry *entries) 558 { 559 return le16_to_cpu(((struct dx_countlimit *) entries)->count); 560 } 561 562 static inline unsigned dx_get_limit(struct dx_entry *entries) 563 { 564 return le16_to_cpu(((struct dx_countlimit *) entries)->limit); 565 } 566 567 static inline void dx_set_count(struct dx_entry *entries, unsigned value) 568 { 569 ((struct dx_countlimit *) entries)->count = cpu_to_le16(value); 570 } 571 572 static inline void dx_set_limit(struct dx_entry *entries, unsigned value) 573 { 574 ((struct dx_countlimit *) entries)->limit = cpu_to_le16(value); 575 } 576 577 static inline unsigned dx_root_limit(struct inode *dir, unsigned infosize) 578 { 579 unsigned int entry_space = dir->i_sb->s_blocksize - 580 ext4_dir_rec_len(1, NULL) - 581 ext4_dir_rec_len(2, NULL) - infosize; 582 583 if (ext4_has_metadata_csum(dir->i_sb)) 584 entry_space -= sizeof(struct dx_tail); 585 return entry_space / sizeof(struct dx_entry); 586 } 587 588 static inline unsigned dx_node_limit(struct inode *dir) 589 { 590 unsigned int entry_space = dir->i_sb->s_blocksize - 591 ext4_dir_rec_len(0, dir); 592 593 if (ext4_has_metadata_csum(dir->i_sb)) 594 entry_space -= sizeof(struct dx_tail); 595 return entry_space / sizeof(struct dx_entry); 596 } 597 598 /* 599 * Debug 600 */ 601 #ifdef DX_DEBUG 602 static void dx_show_index(char * label, struct dx_entry *entries) 603 { 604 int i, n = dx_get_count (entries); 605 printk(KERN_DEBUG "%s index", label); 606 for (i = 0; i < n; i++) { 607 printk(KERN_CONT " %x->%lu", 608 i ? dx_get_hash(entries + i) : 0, 609 (unsigned long)dx_get_block(entries + i)); 610 } 611 printk(KERN_CONT "\n"); 612 } 613 614 struct stats 615 { 616 unsigned names; 617 unsigned space; 618 unsigned bcount; 619 }; 620 621 static struct stats dx_show_leaf(struct inode *dir, 622 struct dx_hash_info *hinfo, 623 struct ext4_dir_entry_2 *de, 624 int size, int show_names) 625 { 626 unsigned names = 0, space = 0; 627 char *base = (char *) de; 628 struct dx_hash_info h = *hinfo; 629 630 printk("names: "); 631 while ((char *) de < base + size) 632 { 633 if (de->inode) 634 { 635 if (show_names) 636 { 637 #ifdef CONFIG_FS_ENCRYPTION 638 int len; 639 char *name; 640 struct fscrypt_str fname_crypto_str = 641 FSTR_INIT(NULL, 0); 642 int res = 0; 643 644 name = de->name; 645 len = de->name_len; 646 if (!IS_ENCRYPTED(dir)) { 647 /* Directory is not encrypted */ 648 ext4fs_dirhash(dir, de->name, 649 de->name_len, &h); 650 printk("%*.s:(U)%x.%u ", len, 651 name, h.hash, 652 (unsigned) ((char *) de 653 - base)); 654 } else { 655 struct fscrypt_str de_name = 656 FSTR_INIT(name, len); 657 658 /* Directory is encrypted */ 659 res = fscrypt_fname_alloc_buffer( 660 len, &fname_crypto_str); 661 if (res) 662 printk(KERN_WARNING "Error " 663 "allocating crypto " 664 "buffer--skipping " 665 "crypto\n"); 666 res = fscrypt_fname_disk_to_usr(dir, 667 0, 0, &de_name, 668 &fname_crypto_str); 669 if (res) { 670 printk(KERN_WARNING "Error " 671 "converting filename " 672 "from disk to usr" 673 "\n"); 674 name = "??"; 675 len = 2; 676 } else { 677 name = fname_crypto_str.name; 678 len = fname_crypto_str.len; 679 } 680 if (IS_CASEFOLDED(dir)) 681 h.hash = EXT4_DIRENT_HASH(de); 682 else 683 ext4fs_dirhash(dir, de->name, 684 de->name_len, &h); 685 printk("%*.s:(E)%x.%u ", len, name, 686 h.hash, (unsigned) ((char *) de 687 - base)); 688 fscrypt_fname_free_buffer( 689 &fname_crypto_str); 690 } 691 #else 692 int len = de->name_len; 693 char *name = de->name; 694 ext4fs_dirhash(dir, de->name, de->name_len, &h); 695 printk("%*.s:%x.%u ", len, name, h.hash, 696 (unsigned) ((char *) de - base)); 697 #endif 698 } 699 space += ext4_dir_rec_len(de->name_len, dir); 700 names++; 701 } 702 de = ext4_next_entry(de, size); 703 } 704 printk(KERN_CONT "(%i)\n", names); 705 return (struct stats) { names, space, 1 }; 706 } 707 708 struct stats dx_show_entries(struct dx_hash_info *hinfo, struct inode *dir, 709 struct dx_entry *entries, int levels) 710 { 711 unsigned blocksize = dir->i_sb->s_blocksize; 712 unsigned count = dx_get_count(entries), names = 0, space = 0, i; 713 unsigned bcount = 0; 714 struct buffer_head *bh; 715 printk("%i indexed blocks...\n", count); 716 for (i = 0; i < count; i++, entries++) 717 { 718 ext4_lblk_t block = dx_get_block(entries); 719 ext4_lblk_t hash = i ? dx_get_hash(entries): 0; 720 u32 range = i < count - 1? (dx_get_hash(entries + 1) - hash): ~hash; 721 struct stats stats; 722 printk("%s%3u:%03u hash %8x/%8x ",levels?"":" ", i, block, hash, range); 723 bh = ext4_bread(NULL,dir, block, 0); 724 if (!bh || IS_ERR(bh)) 725 continue; 726 stats = levels? 727 dx_show_entries(hinfo, dir, ((struct dx_node *) bh->b_data)->entries, levels - 1): 728 dx_show_leaf(dir, hinfo, (struct ext4_dir_entry_2 *) 729 bh->b_data, blocksize, 0); 730 names += stats.names; 731 space += stats.space; 732 bcount += stats.bcount; 733 brelse(bh); 734 } 735 if (bcount) 736 printk(KERN_DEBUG "%snames %u, fullness %u (%u%%)\n", 737 levels ? "" : " ", names, space/bcount, 738 (space/bcount)*100/blocksize); 739 return (struct stats) { names, space, bcount}; 740 } 741 742 /* 743 * Linear search cross check 744 */ 745 static inline void htree_rep_invariant_check(struct dx_entry *at, 746 struct dx_entry *target, 747 u32 hash, unsigned int n) 748 { 749 while (n--) { 750 dxtrace(printk(KERN_CONT ",")); 751 if (dx_get_hash(++at) > hash) { 752 at--; 753 break; 754 } 755 } 756 ASSERT(at == target - 1); 757 } 758 #else /* DX_DEBUG */ 759 static inline void htree_rep_invariant_check(struct dx_entry *at, 760 struct dx_entry *target, 761 u32 hash, unsigned int n) 762 { 763 } 764 #endif /* DX_DEBUG */ 765 766 /* 767 * Probe for a directory leaf block to search. 768 * 769 * dx_probe can return ERR_BAD_DX_DIR, which means there was a format 770 * error in the directory index, and the caller should fall back to 771 * searching the directory normally. The callers of dx_probe **MUST** 772 * check for this error code, and make sure it never gets reflected 773 * back to userspace. 774 */ 775 static struct dx_frame * 776 dx_probe(struct ext4_filename *fname, struct inode *dir, 777 struct dx_hash_info *hinfo, struct dx_frame *frame_in) 778 { 779 unsigned count, indirect; 780 struct dx_entry *at, *entries, *p, *q, *m; 781 struct dx_root *root; 782 struct dx_frame *frame = frame_in; 783 struct dx_frame *ret_err = ERR_PTR(ERR_BAD_DX_DIR); 784 u32 hash; 785 786 memset(frame_in, 0, EXT4_HTREE_LEVEL * sizeof(frame_in[0])); 787 frame->bh = ext4_read_dirblock(dir, 0, INDEX); 788 if (IS_ERR(frame->bh)) 789 return (struct dx_frame *) frame->bh; 790 791 root = (struct dx_root *) frame->bh->b_data; 792 if (root->info.hash_version != DX_HASH_TEA && 793 root->info.hash_version != DX_HASH_HALF_MD4 && 794 root->info.hash_version != DX_HASH_LEGACY && 795 root->info.hash_version != DX_HASH_SIPHASH) { 796 ext4_warning_inode(dir, "Unrecognised inode hash code %u", 797 root->info.hash_version); 798 goto fail; 799 } 800 if (ext4_hash_in_dirent(dir)) { 801 if (root->info.hash_version != DX_HASH_SIPHASH) { 802 ext4_warning_inode(dir, 803 "Hash in dirent, but hash is not SIPHASH"); 804 goto fail; 805 } 806 } else { 807 if (root->info.hash_version == DX_HASH_SIPHASH) { 808 ext4_warning_inode(dir, 809 "Hash code is SIPHASH, but hash not in dirent"); 810 goto fail; 811 } 812 } 813 if (fname) 814 hinfo = &fname->hinfo; 815 hinfo->hash_version = root->info.hash_version; 816 if (hinfo->hash_version <= DX_HASH_TEA) 817 hinfo->hash_version += EXT4_SB(dir->i_sb)->s_hash_unsigned; 818 hinfo->seed = EXT4_SB(dir->i_sb)->s_hash_seed; 819 /* hash is already computed for encrypted casefolded directory */ 820 if (fname && fname_name(fname) && 821 !(IS_ENCRYPTED(dir) && IS_CASEFOLDED(dir))) 822 ext4fs_dirhash(dir, fname_name(fname), fname_len(fname), hinfo); 823 hash = hinfo->hash; 824 825 if (root->info.unused_flags & 1) { 826 ext4_warning_inode(dir, "Unimplemented hash flags: %#06x", 827 root->info.unused_flags); 828 goto fail; 829 } 830 831 indirect = root->info.indirect_levels; 832 if (indirect >= ext4_dir_htree_level(dir->i_sb)) { 833 ext4_warning(dir->i_sb, 834 "Directory (ino: %lu) htree depth %#06x exceed" 835 "supported value", dir->i_ino, 836 ext4_dir_htree_level(dir->i_sb)); 837 if (ext4_dir_htree_level(dir->i_sb) < EXT4_HTREE_LEVEL) { 838 ext4_warning(dir->i_sb, "Enable large directory " 839 "feature to access it"); 840 } 841 goto fail; 842 } 843 844 entries = (struct dx_entry *)(((char *)&root->info) + 845 root->info.info_length); 846 847 if (dx_get_limit(entries) != dx_root_limit(dir, 848 root->info.info_length)) { 849 ext4_warning_inode(dir, "dx entry: limit %u != root limit %u", 850 dx_get_limit(entries), 851 dx_root_limit(dir, root->info.info_length)); 852 goto fail; 853 } 854 855 dxtrace(printk("Look up %x", hash)); 856 while (1) { 857 count = dx_get_count(entries); 858 if (!count || count > dx_get_limit(entries)) { 859 ext4_warning_inode(dir, 860 "dx entry: count %u beyond limit %u", 861 count, dx_get_limit(entries)); 862 goto fail; 863 } 864 865 p = entries + 1; 866 q = entries + count - 1; 867 while (p <= q) { 868 m = p + (q - p) / 2; 869 dxtrace(printk(KERN_CONT ".")); 870 if (dx_get_hash(m) > hash) 871 q = m - 1; 872 else 873 p = m + 1; 874 } 875 876 htree_rep_invariant_check(entries, p, hash, count - 1); 877 878 at = p - 1; 879 dxtrace(printk(KERN_CONT " %x->%u\n", 880 at == entries ? 0 : dx_get_hash(at), 881 dx_get_block(at))); 882 frame->entries = entries; 883 frame->at = at; 884 if (!indirect--) 885 return frame; 886 frame++; 887 frame->bh = ext4_read_dirblock(dir, dx_get_block(at), INDEX); 888 if (IS_ERR(frame->bh)) { 889 ret_err = (struct dx_frame *) frame->bh; 890 frame->bh = NULL; 891 goto fail; 892 } 893 entries = ((struct dx_node *) frame->bh->b_data)->entries; 894 895 if (dx_get_limit(entries) != dx_node_limit(dir)) { 896 ext4_warning_inode(dir, 897 "dx entry: limit %u != node limit %u", 898 dx_get_limit(entries), dx_node_limit(dir)); 899 goto fail; 900 } 901 } 902 fail: 903 while (frame >= frame_in) { 904 brelse(frame->bh); 905 frame--; 906 } 907 908 if (ret_err == ERR_PTR(ERR_BAD_DX_DIR)) 909 ext4_warning_inode(dir, 910 "Corrupt directory, running e2fsck is recommended"); 911 return ret_err; 912 } 913 914 static void dx_release(struct dx_frame *frames) 915 { 916 struct dx_root_info *info; 917 int i; 918 unsigned int indirect_levels; 919 920 if (frames[0].bh == NULL) 921 return; 922 923 info = &((struct dx_root *)frames[0].bh->b_data)->info; 924 /* save local copy, "info" may be freed after brelse() */ 925 indirect_levels = info->indirect_levels; 926 for (i = 0; i <= indirect_levels; i++) { 927 if (frames[i].bh == NULL) 928 break; 929 brelse(frames[i].bh); 930 frames[i].bh = NULL; 931 } 932 } 933 934 /* 935 * This function increments the frame pointer to search the next leaf 936 * block, and reads in the necessary intervening nodes if the search 937 * should be necessary. Whether or not the search is necessary is 938 * controlled by the hash parameter. If the hash value is even, then 939 * the search is only continued if the next block starts with that 940 * hash value. This is used if we are searching for a specific file. 941 * 942 * If the hash value is HASH_NB_ALWAYS, then always go to the next block. 943 * 944 * This function returns 1 if the caller should continue to search, 945 * or 0 if it should not. If there is an error reading one of the 946 * index blocks, it will a negative error code. 947 * 948 * If start_hash is non-null, it will be filled in with the starting 949 * hash of the next page. 950 */ 951 static int ext4_htree_next_block(struct inode *dir, __u32 hash, 952 struct dx_frame *frame, 953 struct dx_frame *frames, 954 __u32 *start_hash) 955 { 956 struct dx_frame *p; 957 struct buffer_head *bh; 958 int num_frames = 0; 959 __u32 bhash; 960 961 p = frame; 962 /* 963 * Find the next leaf page by incrementing the frame pointer. 964 * If we run out of entries in the interior node, loop around and 965 * increment pointer in the parent node. When we break out of 966 * this loop, num_frames indicates the number of interior 967 * nodes need to be read. 968 */ 969 while (1) { 970 if (++(p->at) < p->entries + dx_get_count(p->entries)) 971 break; 972 if (p == frames) 973 return 0; 974 num_frames++; 975 p--; 976 } 977 978 /* 979 * If the hash is 1, then continue only if the next page has a 980 * continuation hash of any value. This is used for readdir 981 * handling. Otherwise, check to see if the hash matches the 982 * desired continuation hash. If it doesn't, return since 983 * there's no point to read in the successive index pages. 984 */ 985 bhash = dx_get_hash(p->at); 986 if (start_hash) 987 *start_hash = bhash; 988 if ((hash & 1) == 0) { 989 if ((bhash & ~1) != hash) 990 return 0; 991 } 992 /* 993 * If the hash is HASH_NB_ALWAYS, we always go to the next 994 * block so no check is necessary 995 */ 996 while (num_frames--) { 997 bh = ext4_read_dirblock(dir, dx_get_block(p->at), INDEX); 998 if (IS_ERR(bh)) 999 return PTR_ERR(bh); 1000 p++; 1001 brelse(p->bh); 1002 p->bh = bh; 1003 p->at = p->entries = ((struct dx_node *) bh->b_data)->entries; 1004 } 1005 return 1; 1006 } 1007 1008 1009 /* 1010 * This function fills a red-black tree with information from a 1011 * directory block. It returns the number directory entries loaded 1012 * into the tree. If there is an error it is returned in err. 1013 */ 1014 static int htree_dirblock_to_tree(struct file *dir_file, 1015 struct inode *dir, ext4_lblk_t block, 1016 struct dx_hash_info *hinfo, 1017 __u32 start_hash, __u32 start_minor_hash) 1018 { 1019 struct buffer_head *bh; 1020 struct ext4_dir_entry_2 *de, *top; 1021 int err = 0, count = 0; 1022 struct fscrypt_str fname_crypto_str = FSTR_INIT(NULL, 0), tmp_str; 1023 int csum = ext4_has_metadata_csum(dir->i_sb); 1024 1025 dxtrace(printk(KERN_INFO "In htree dirblock_to_tree: block %lu\n", 1026 (unsigned long)block)); 1027 bh = ext4_read_dirblock(dir, block, DIRENT_HTREE); 1028 if (IS_ERR(bh)) 1029 return PTR_ERR(bh); 1030 1031 de = (struct ext4_dir_entry_2 *) bh->b_data; 1032 /* csum entries are not larger in the casefolded encrypted case */ 1033 top = (struct ext4_dir_entry_2 *) ((char *) de + 1034 dir->i_sb->s_blocksize - 1035 ext4_dir_rec_len(0, 1036 csum ? NULL : dir)); 1037 /* Check if the directory is encrypted */ 1038 if (IS_ENCRYPTED(dir)) { 1039 err = fscrypt_prepare_readdir(dir); 1040 if (err < 0) { 1041 brelse(bh); 1042 return err; 1043 } 1044 err = fscrypt_fname_alloc_buffer(EXT4_NAME_LEN, 1045 &fname_crypto_str); 1046 if (err < 0) { 1047 brelse(bh); 1048 return err; 1049 } 1050 } 1051 1052 for (; de < top; de = ext4_next_entry(de, dir->i_sb->s_blocksize)) { 1053 if (ext4_check_dir_entry(dir, NULL, de, bh, 1054 bh->b_data, bh->b_size, 1055 (block<<EXT4_BLOCK_SIZE_BITS(dir->i_sb)) 1056 + ((char *)de - bh->b_data))) { 1057 /* silently ignore the rest of the block */ 1058 break; 1059 } 1060 if (ext4_hash_in_dirent(dir)) { 1061 if (de->name_len && de->inode) { 1062 hinfo->hash = EXT4_DIRENT_HASH(de); 1063 hinfo->minor_hash = EXT4_DIRENT_MINOR_HASH(de); 1064 } else { 1065 hinfo->hash = 0; 1066 hinfo->minor_hash = 0; 1067 } 1068 } else { 1069 ext4fs_dirhash(dir, de->name, de->name_len, hinfo); 1070 } 1071 if ((hinfo->hash < start_hash) || 1072 ((hinfo->hash == start_hash) && 1073 (hinfo->minor_hash < start_minor_hash))) 1074 continue; 1075 if (de->inode == 0) 1076 continue; 1077 if (!IS_ENCRYPTED(dir)) { 1078 tmp_str.name = de->name; 1079 tmp_str.len = de->name_len; 1080 err = ext4_htree_store_dirent(dir_file, 1081 hinfo->hash, hinfo->minor_hash, de, 1082 &tmp_str); 1083 } else { 1084 int save_len = fname_crypto_str.len; 1085 struct fscrypt_str de_name = FSTR_INIT(de->name, 1086 de->name_len); 1087 1088 /* Directory is encrypted */ 1089 err = fscrypt_fname_disk_to_usr(dir, hinfo->hash, 1090 hinfo->minor_hash, &de_name, 1091 &fname_crypto_str); 1092 if (err) { 1093 count = err; 1094 goto errout; 1095 } 1096 err = ext4_htree_store_dirent(dir_file, 1097 hinfo->hash, hinfo->minor_hash, de, 1098 &fname_crypto_str); 1099 fname_crypto_str.len = save_len; 1100 } 1101 if (err != 0) { 1102 count = err; 1103 goto errout; 1104 } 1105 count++; 1106 } 1107 errout: 1108 brelse(bh); 1109 fscrypt_fname_free_buffer(&fname_crypto_str); 1110 return count; 1111 } 1112 1113 1114 /* 1115 * This function fills a red-black tree with information from a 1116 * directory. We start scanning the directory in hash order, starting 1117 * at start_hash and start_minor_hash. 1118 * 1119 * This function returns the number of entries inserted into the tree, 1120 * or a negative error code. 1121 */ 1122 int ext4_htree_fill_tree(struct file *dir_file, __u32 start_hash, 1123 __u32 start_minor_hash, __u32 *next_hash) 1124 { 1125 struct dx_hash_info hinfo; 1126 struct ext4_dir_entry_2 *de; 1127 struct dx_frame frames[EXT4_HTREE_LEVEL], *frame; 1128 struct inode *dir; 1129 ext4_lblk_t block; 1130 int count = 0; 1131 int ret, err; 1132 __u32 hashval; 1133 struct fscrypt_str tmp_str; 1134 1135 dxtrace(printk(KERN_DEBUG "In htree_fill_tree, start hash: %x:%x\n", 1136 start_hash, start_minor_hash)); 1137 dir = file_inode(dir_file); 1138 if (!(ext4_test_inode_flag(dir, EXT4_INODE_INDEX))) { 1139 if (ext4_hash_in_dirent(dir)) 1140 hinfo.hash_version = DX_HASH_SIPHASH; 1141 else 1142 hinfo.hash_version = 1143 EXT4_SB(dir->i_sb)->s_def_hash_version; 1144 if (hinfo.hash_version <= DX_HASH_TEA) 1145 hinfo.hash_version += 1146 EXT4_SB(dir->i_sb)->s_hash_unsigned; 1147 hinfo.seed = EXT4_SB(dir->i_sb)->s_hash_seed; 1148 if (ext4_has_inline_data(dir)) { 1149 int has_inline_data = 1; 1150 count = ext4_inlinedir_to_tree(dir_file, dir, 0, 1151 &hinfo, start_hash, 1152 start_minor_hash, 1153 &has_inline_data); 1154 if (has_inline_data) { 1155 *next_hash = ~0; 1156 return count; 1157 } 1158 } 1159 count = htree_dirblock_to_tree(dir_file, dir, 0, &hinfo, 1160 start_hash, start_minor_hash); 1161 *next_hash = ~0; 1162 return count; 1163 } 1164 hinfo.hash = start_hash; 1165 hinfo.minor_hash = 0; 1166 frame = dx_probe(NULL, dir, &hinfo, frames); 1167 if (IS_ERR(frame)) 1168 return PTR_ERR(frame); 1169 1170 /* Add '.' and '..' from the htree header */ 1171 if (!start_hash && !start_minor_hash) { 1172 de = (struct ext4_dir_entry_2 *) frames[0].bh->b_data; 1173 tmp_str.name = de->name; 1174 tmp_str.len = de->name_len; 1175 err = ext4_htree_store_dirent(dir_file, 0, 0, 1176 de, &tmp_str); 1177 if (err != 0) 1178 goto errout; 1179 count++; 1180 } 1181 if (start_hash < 2 || (start_hash ==2 && start_minor_hash==0)) { 1182 de = (struct ext4_dir_entry_2 *) frames[0].bh->b_data; 1183 de = ext4_next_entry(de, dir->i_sb->s_blocksize); 1184 tmp_str.name = de->name; 1185 tmp_str.len = de->name_len; 1186 err = ext4_htree_store_dirent(dir_file, 2, 0, 1187 de, &tmp_str); 1188 if (err != 0) 1189 goto errout; 1190 count++; 1191 } 1192 1193 while (1) { 1194 if (fatal_signal_pending(current)) { 1195 err = -ERESTARTSYS; 1196 goto errout; 1197 } 1198 cond_resched(); 1199 block = dx_get_block(frame->at); 1200 ret = htree_dirblock_to_tree(dir_file, dir, block, &hinfo, 1201 start_hash, start_minor_hash); 1202 if (ret < 0) { 1203 err = ret; 1204 goto errout; 1205 } 1206 count += ret; 1207 hashval = ~0; 1208 ret = ext4_htree_next_block(dir, HASH_NB_ALWAYS, 1209 frame, frames, &hashval); 1210 *next_hash = hashval; 1211 if (ret < 0) { 1212 err = ret; 1213 goto errout; 1214 } 1215 /* 1216 * Stop if: (a) there are no more entries, or 1217 * (b) we have inserted at least one entry and the 1218 * next hash value is not a continuation 1219 */ 1220 if ((ret == 0) || 1221 (count && ((hashval & 1) == 0))) 1222 break; 1223 } 1224 dx_release(frames); 1225 dxtrace(printk(KERN_DEBUG "Fill tree: returned %d entries, " 1226 "next hash: %x\n", count, *next_hash)); 1227 return count; 1228 errout: 1229 dx_release(frames); 1230 return (err); 1231 } 1232 1233 static inline int search_dirblock(struct buffer_head *bh, 1234 struct inode *dir, 1235 struct ext4_filename *fname, 1236 unsigned int offset, 1237 struct ext4_dir_entry_2 **res_dir) 1238 { 1239 return ext4_search_dir(bh, bh->b_data, dir->i_sb->s_blocksize, dir, 1240 fname, offset, res_dir); 1241 } 1242 1243 /* 1244 * Directory block splitting, compacting 1245 */ 1246 1247 /* 1248 * Create map of hash values, offsets, and sizes, stored at end of block. 1249 * Returns number of entries mapped. 1250 */ 1251 static int dx_make_map(struct inode *dir, struct ext4_dir_entry_2 *de, 1252 unsigned blocksize, struct dx_hash_info *hinfo, 1253 struct dx_map_entry *map_tail) 1254 { 1255 int count = 0; 1256 char *base = (char *) de; 1257 struct dx_hash_info h = *hinfo; 1258 1259 while ((char *) de < base + blocksize) { 1260 if (de->name_len && de->inode) { 1261 if (ext4_hash_in_dirent(dir)) 1262 h.hash = EXT4_DIRENT_HASH(de); 1263 else 1264 ext4fs_dirhash(dir, de->name, de->name_len, &h); 1265 map_tail--; 1266 map_tail->hash = h.hash; 1267 map_tail->offs = ((char *) de - base)>>2; 1268 map_tail->size = le16_to_cpu(de->rec_len); 1269 count++; 1270 cond_resched(); 1271 } 1272 /* XXX: do we need to check rec_len == 0 case? -Chris */ 1273 de = ext4_next_entry(de, blocksize); 1274 } 1275 return count; 1276 } 1277 1278 /* Sort map by hash value */ 1279 static void dx_sort_map (struct dx_map_entry *map, unsigned count) 1280 { 1281 struct dx_map_entry *p, *q, *top = map + count - 1; 1282 int more; 1283 /* Combsort until bubble sort doesn't suck */ 1284 while (count > 2) { 1285 count = count*10/13; 1286 if (count - 9 < 2) /* 9, 10 -> 11 */ 1287 count = 11; 1288 for (p = top, q = p - count; q >= map; p--, q--) 1289 if (p->hash < q->hash) 1290 swap(*p, *q); 1291 } 1292 /* Garden variety bubble sort */ 1293 do { 1294 more = 0; 1295 q = top; 1296 while (q-- > map) { 1297 if (q[1].hash >= q[0].hash) 1298 continue; 1299 swap(*(q+1), *q); 1300 more = 1; 1301 } 1302 } while(more); 1303 } 1304 1305 static void dx_insert_block(struct dx_frame *frame, u32 hash, ext4_lblk_t block) 1306 { 1307 struct dx_entry *entries = frame->entries; 1308 struct dx_entry *old = frame->at, *new = old + 1; 1309 int count = dx_get_count(entries); 1310 1311 ASSERT(count < dx_get_limit(entries)); 1312 ASSERT(old < entries + count); 1313 memmove(new + 1, new, (char *)(entries + count) - (char *)(new)); 1314 dx_set_hash(new, hash); 1315 dx_set_block(new, block); 1316 dx_set_count(entries, count + 1); 1317 } 1318 1319 #ifdef CONFIG_UNICODE 1320 /* 1321 * Test whether a case-insensitive directory entry matches the filename 1322 * being searched for. If quick is set, assume the name being looked up 1323 * is already in the casefolded form. 1324 * 1325 * Returns: 0 if the directory entry matches, more than 0 if it 1326 * doesn't match or less than zero on error. 1327 */ 1328 static int ext4_ci_compare(const struct inode *parent, const struct qstr *name, 1329 u8 *de_name, size_t de_name_len, bool quick) 1330 { 1331 const struct super_block *sb = parent->i_sb; 1332 const struct unicode_map *um = sb->s_encoding; 1333 struct fscrypt_str decrypted_name = FSTR_INIT(NULL, de_name_len); 1334 struct qstr entry = QSTR_INIT(de_name, de_name_len); 1335 int ret; 1336 1337 if (IS_ENCRYPTED(parent)) { 1338 const struct fscrypt_str encrypted_name = 1339 FSTR_INIT(de_name, de_name_len); 1340 1341 decrypted_name.name = kmalloc(de_name_len, GFP_KERNEL); 1342 if (!decrypted_name.name) 1343 return -ENOMEM; 1344 ret = fscrypt_fname_disk_to_usr(parent, 0, 0, &encrypted_name, 1345 &decrypted_name); 1346 if (ret < 0) 1347 goto out; 1348 entry.name = decrypted_name.name; 1349 entry.len = decrypted_name.len; 1350 } 1351 1352 if (quick) 1353 ret = utf8_strncasecmp_folded(um, name, &entry); 1354 else 1355 ret = utf8_strncasecmp(um, name, &entry); 1356 if (ret < 0) { 1357 /* Handle invalid character sequence as either an error 1358 * or as an opaque byte sequence. 1359 */ 1360 if (sb_has_strict_encoding(sb)) 1361 ret = -EINVAL; 1362 else if (name->len != entry.len) 1363 ret = 1; 1364 else 1365 ret = !!memcmp(name->name, entry.name, entry.len); 1366 } 1367 out: 1368 kfree(decrypted_name.name); 1369 return ret; 1370 } 1371 1372 int ext4_fname_setup_ci_filename(struct inode *dir, const struct qstr *iname, 1373 struct ext4_filename *name) 1374 { 1375 struct fscrypt_str *cf_name = &name->cf_name; 1376 struct dx_hash_info *hinfo = &name->hinfo; 1377 int len; 1378 1379 if (!IS_CASEFOLDED(dir) || !dir->i_sb->s_encoding) { 1380 cf_name->name = NULL; 1381 return 0; 1382 } 1383 1384 cf_name->name = kmalloc(EXT4_NAME_LEN, GFP_NOFS); 1385 if (!cf_name->name) 1386 return -ENOMEM; 1387 1388 len = utf8_casefold(dir->i_sb->s_encoding, 1389 iname, cf_name->name, 1390 EXT4_NAME_LEN); 1391 if (len <= 0) { 1392 kfree(cf_name->name); 1393 cf_name->name = NULL; 1394 } 1395 cf_name->len = (unsigned) len; 1396 if (!IS_ENCRYPTED(dir)) 1397 return 0; 1398 1399 hinfo->hash_version = DX_HASH_SIPHASH; 1400 hinfo->seed = NULL; 1401 if (cf_name->name) 1402 ext4fs_dirhash(dir, cf_name->name, cf_name->len, hinfo); 1403 else 1404 ext4fs_dirhash(dir, iname->name, iname->len, hinfo); 1405 return 0; 1406 } 1407 #endif 1408 1409 /* 1410 * Test whether a directory entry matches the filename being searched for. 1411 * 1412 * Return: %true if the directory entry matches, otherwise %false. 1413 */ 1414 static bool ext4_match(struct inode *parent, 1415 const struct ext4_filename *fname, 1416 struct ext4_dir_entry_2 *de) 1417 { 1418 struct fscrypt_name f; 1419 1420 if (!de->inode) 1421 return false; 1422 1423 f.usr_fname = fname->usr_fname; 1424 f.disk_name = fname->disk_name; 1425 #ifdef CONFIG_FS_ENCRYPTION 1426 f.crypto_buf = fname->crypto_buf; 1427 #endif 1428 1429 #ifdef CONFIG_UNICODE 1430 if (parent->i_sb->s_encoding && IS_CASEFOLDED(parent)) { 1431 if (fname->cf_name.name) { 1432 struct qstr cf = {.name = fname->cf_name.name, 1433 .len = fname->cf_name.len}; 1434 if (IS_ENCRYPTED(parent)) { 1435 if (fname->hinfo.hash != EXT4_DIRENT_HASH(de) || 1436 fname->hinfo.minor_hash != 1437 EXT4_DIRENT_MINOR_HASH(de)) { 1438 1439 return 0; 1440 } 1441 } 1442 return !ext4_ci_compare(parent, &cf, de->name, 1443 de->name_len, true); 1444 } 1445 return !ext4_ci_compare(parent, fname->usr_fname, de->name, 1446 de->name_len, false); 1447 } 1448 #endif 1449 1450 return fscrypt_match_name(&f, de->name, de->name_len); 1451 } 1452 1453 /* 1454 * Returns 0 if not found, -1 on failure, and 1 on success 1455 */ 1456 int ext4_search_dir(struct buffer_head *bh, char *search_buf, int buf_size, 1457 struct inode *dir, struct ext4_filename *fname, 1458 unsigned int offset, struct ext4_dir_entry_2 **res_dir) 1459 { 1460 struct ext4_dir_entry_2 * de; 1461 char * dlimit; 1462 int de_len; 1463 1464 de = (struct ext4_dir_entry_2 *)search_buf; 1465 dlimit = search_buf + buf_size; 1466 while ((char *) de < dlimit) { 1467 /* this code is executed quadratically often */ 1468 /* do minimal checking `by hand' */ 1469 if ((char *) de + de->name_len <= dlimit && 1470 ext4_match(dir, fname, de)) { 1471 /* found a match - just to be sure, do 1472 * a full check */ 1473 if (ext4_check_dir_entry(dir, NULL, de, bh, search_buf, 1474 buf_size, offset)) 1475 return -1; 1476 *res_dir = de; 1477 return 1; 1478 } 1479 /* prevent looping on a bad block */ 1480 de_len = ext4_rec_len_from_disk(de->rec_len, 1481 dir->i_sb->s_blocksize); 1482 if (de_len <= 0) 1483 return -1; 1484 offset += de_len; 1485 de = (struct ext4_dir_entry_2 *) ((char *) de + de_len); 1486 } 1487 return 0; 1488 } 1489 1490 static int is_dx_internal_node(struct inode *dir, ext4_lblk_t block, 1491 struct ext4_dir_entry *de) 1492 { 1493 struct super_block *sb = dir->i_sb; 1494 1495 if (!is_dx(dir)) 1496 return 0; 1497 if (block == 0) 1498 return 1; 1499 if (de->inode == 0 && 1500 ext4_rec_len_from_disk(de->rec_len, sb->s_blocksize) == 1501 sb->s_blocksize) 1502 return 1; 1503 return 0; 1504 } 1505 1506 /* 1507 * __ext4_find_entry() 1508 * 1509 * finds an entry in the specified directory with the wanted name. It 1510 * returns the cache buffer in which the entry was found, and the entry 1511 * itself (as a parameter - res_dir). It does NOT read the inode of the 1512 * entry - you'll have to do that yourself if you want to. 1513 * 1514 * The returned buffer_head has ->b_count elevated. The caller is expected 1515 * to brelse() it when appropriate. 1516 */ 1517 static struct buffer_head *__ext4_find_entry(struct inode *dir, 1518 struct ext4_filename *fname, 1519 struct ext4_dir_entry_2 **res_dir, 1520 int *inlined) 1521 { 1522 struct super_block *sb; 1523 struct buffer_head *bh_use[NAMEI_RA_SIZE]; 1524 struct buffer_head *bh, *ret = NULL; 1525 ext4_lblk_t start, block; 1526 const u8 *name = fname->usr_fname->name; 1527 size_t ra_max = 0; /* Number of bh's in the readahead 1528 buffer, bh_use[] */ 1529 size_t ra_ptr = 0; /* Current index into readahead 1530 buffer */ 1531 ext4_lblk_t nblocks; 1532 int i, namelen, retval; 1533 1534 *res_dir = NULL; 1535 sb = dir->i_sb; 1536 namelen = fname->usr_fname->len; 1537 if (namelen > EXT4_NAME_LEN) 1538 return NULL; 1539 1540 if (ext4_has_inline_data(dir)) { 1541 int has_inline_data = 1; 1542 ret = ext4_find_inline_entry(dir, fname, res_dir, 1543 &has_inline_data); 1544 if (has_inline_data) { 1545 if (inlined) 1546 *inlined = 1; 1547 goto cleanup_and_exit; 1548 } 1549 } 1550 1551 if ((namelen <= 2) && (name[0] == '.') && 1552 (name[1] == '.' || name[1] == '\0')) { 1553 /* 1554 * "." or ".." will only be in the first block 1555 * NFS may look up ".."; "." should be handled by the VFS 1556 */ 1557 block = start = 0; 1558 nblocks = 1; 1559 goto restart; 1560 } 1561 if (is_dx(dir)) { 1562 ret = ext4_dx_find_entry(dir, fname, res_dir); 1563 /* 1564 * On success, or if the error was file not found, 1565 * return. Otherwise, fall back to doing a search the 1566 * old fashioned way. 1567 */ 1568 if (!IS_ERR(ret) || PTR_ERR(ret) != ERR_BAD_DX_DIR) 1569 goto cleanup_and_exit; 1570 dxtrace(printk(KERN_DEBUG "ext4_find_entry: dx failed, " 1571 "falling back\n")); 1572 ret = NULL; 1573 } 1574 nblocks = dir->i_size >> EXT4_BLOCK_SIZE_BITS(sb); 1575 if (!nblocks) { 1576 ret = NULL; 1577 goto cleanup_and_exit; 1578 } 1579 start = EXT4_I(dir)->i_dir_start_lookup; 1580 if (start >= nblocks) 1581 start = 0; 1582 block = start; 1583 restart: 1584 do { 1585 /* 1586 * We deal with the read-ahead logic here. 1587 */ 1588 cond_resched(); 1589 if (ra_ptr >= ra_max) { 1590 /* Refill the readahead buffer */ 1591 ra_ptr = 0; 1592 if (block < start) 1593 ra_max = start - block; 1594 else 1595 ra_max = nblocks - block; 1596 ra_max = min(ra_max, ARRAY_SIZE(bh_use)); 1597 retval = ext4_bread_batch(dir, block, ra_max, 1598 false /* wait */, bh_use); 1599 if (retval) { 1600 ret = ERR_PTR(retval); 1601 ra_max = 0; 1602 goto cleanup_and_exit; 1603 } 1604 } 1605 if ((bh = bh_use[ra_ptr++]) == NULL) 1606 goto next; 1607 wait_on_buffer(bh); 1608 if (!buffer_uptodate(bh)) { 1609 EXT4_ERROR_INODE_ERR(dir, EIO, 1610 "reading directory lblock %lu", 1611 (unsigned long) block); 1612 brelse(bh); 1613 ret = ERR_PTR(-EIO); 1614 goto cleanup_and_exit; 1615 } 1616 if (!buffer_verified(bh) && 1617 !is_dx_internal_node(dir, block, 1618 (struct ext4_dir_entry *)bh->b_data) && 1619 !ext4_dirblock_csum_verify(dir, bh)) { 1620 EXT4_ERROR_INODE_ERR(dir, EFSBADCRC, 1621 "checksumming directory " 1622 "block %lu", (unsigned long)block); 1623 brelse(bh); 1624 ret = ERR_PTR(-EFSBADCRC); 1625 goto cleanup_and_exit; 1626 } 1627 set_buffer_verified(bh); 1628 i = search_dirblock(bh, dir, fname, 1629 block << EXT4_BLOCK_SIZE_BITS(sb), res_dir); 1630 if (i == 1) { 1631 EXT4_I(dir)->i_dir_start_lookup = block; 1632 ret = bh; 1633 goto cleanup_and_exit; 1634 } else { 1635 brelse(bh); 1636 if (i < 0) 1637 goto cleanup_and_exit; 1638 } 1639 next: 1640 if (++block >= nblocks) 1641 block = 0; 1642 } while (block != start); 1643 1644 /* 1645 * If the directory has grown while we were searching, then 1646 * search the last part of the directory before giving up. 1647 */ 1648 block = nblocks; 1649 nblocks = dir->i_size >> EXT4_BLOCK_SIZE_BITS(sb); 1650 if (block < nblocks) { 1651 start = 0; 1652 goto restart; 1653 } 1654 1655 cleanup_and_exit: 1656 /* Clean up the read-ahead blocks */ 1657 for (; ra_ptr < ra_max; ra_ptr++) 1658 brelse(bh_use[ra_ptr]); 1659 return ret; 1660 } 1661 1662 static struct buffer_head *ext4_find_entry(struct inode *dir, 1663 const struct qstr *d_name, 1664 struct ext4_dir_entry_2 **res_dir, 1665 int *inlined) 1666 { 1667 int err; 1668 struct ext4_filename fname; 1669 struct buffer_head *bh; 1670 1671 err = ext4_fname_setup_filename(dir, d_name, 1, &fname); 1672 if (err == -ENOENT) 1673 return NULL; 1674 if (err) 1675 return ERR_PTR(err); 1676 1677 bh = __ext4_find_entry(dir, &fname, res_dir, inlined); 1678 1679 ext4_fname_free_filename(&fname); 1680 return bh; 1681 } 1682 1683 static struct buffer_head *ext4_lookup_entry(struct inode *dir, 1684 struct dentry *dentry, 1685 struct ext4_dir_entry_2 **res_dir) 1686 { 1687 int err; 1688 struct ext4_filename fname; 1689 struct buffer_head *bh; 1690 1691 err = ext4_fname_prepare_lookup(dir, dentry, &fname); 1692 generic_set_encrypted_ci_d_ops(dentry); 1693 if (err == -ENOENT) 1694 return NULL; 1695 if (err) 1696 return ERR_PTR(err); 1697 1698 bh = __ext4_find_entry(dir, &fname, res_dir, NULL); 1699 1700 ext4_fname_free_filename(&fname); 1701 return bh; 1702 } 1703 1704 static struct buffer_head * ext4_dx_find_entry(struct inode *dir, 1705 struct ext4_filename *fname, 1706 struct ext4_dir_entry_2 **res_dir) 1707 { 1708 struct super_block * sb = dir->i_sb; 1709 struct dx_frame frames[EXT4_HTREE_LEVEL], *frame; 1710 struct buffer_head *bh; 1711 ext4_lblk_t block; 1712 int retval; 1713 1714 #ifdef CONFIG_FS_ENCRYPTION 1715 *res_dir = NULL; 1716 #endif 1717 frame = dx_probe(fname, dir, NULL, frames); 1718 if (IS_ERR(frame)) 1719 return (struct buffer_head *) frame; 1720 do { 1721 block = dx_get_block(frame->at); 1722 bh = ext4_read_dirblock(dir, block, DIRENT_HTREE); 1723 if (IS_ERR(bh)) 1724 goto errout; 1725 1726 retval = search_dirblock(bh, dir, fname, 1727 block << EXT4_BLOCK_SIZE_BITS(sb), 1728 res_dir); 1729 if (retval == 1) 1730 goto success; 1731 brelse(bh); 1732 if (retval == -1) { 1733 bh = ERR_PTR(ERR_BAD_DX_DIR); 1734 goto errout; 1735 } 1736 1737 /* Check to see if we should continue to search */ 1738 retval = ext4_htree_next_block(dir, fname->hinfo.hash, frame, 1739 frames, NULL); 1740 if (retval < 0) { 1741 ext4_warning_inode(dir, 1742 "error %d reading directory index block", 1743 retval); 1744 bh = ERR_PTR(retval); 1745 goto errout; 1746 } 1747 } while (retval == 1); 1748 1749 bh = NULL; 1750 errout: 1751 dxtrace(printk(KERN_DEBUG "%s not found\n", fname->usr_fname->name)); 1752 success: 1753 dx_release(frames); 1754 return bh; 1755 } 1756 1757 static struct dentry *ext4_lookup(struct inode *dir, struct dentry *dentry, unsigned int flags) 1758 { 1759 struct inode *inode; 1760 struct ext4_dir_entry_2 *de; 1761 struct buffer_head *bh; 1762 1763 if (dentry->d_name.len > EXT4_NAME_LEN) 1764 return ERR_PTR(-ENAMETOOLONG); 1765 1766 bh = ext4_lookup_entry(dir, dentry, &de); 1767 if (IS_ERR(bh)) 1768 return ERR_CAST(bh); 1769 inode = NULL; 1770 if (bh) { 1771 __u32 ino = le32_to_cpu(de->inode); 1772 brelse(bh); 1773 if (!ext4_valid_inum(dir->i_sb, ino)) { 1774 EXT4_ERROR_INODE(dir, "bad inode number: %u", ino); 1775 return ERR_PTR(-EFSCORRUPTED); 1776 } 1777 if (unlikely(ino == dir->i_ino)) { 1778 EXT4_ERROR_INODE(dir, "'%pd' linked to parent dir", 1779 dentry); 1780 return ERR_PTR(-EFSCORRUPTED); 1781 } 1782 inode = ext4_iget(dir->i_sb, ino, EXT4_IGET_NORMAL); 1783 if (inode == ERR_PTR(-ESTALE)) { 1784 EXT4_ERROR_INODE(dir, 1785 "deleted inode referenced: %u", 1786 ino); 1787 return ERR_PTR(-EFSCORRUPTED); 1788 } 1789 if (!IS_ERR(inode) && IS_ENCRYPTED(dir) && 1790 (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) && 1791 !fscrypt_has_permitted_context(dir, inode)) { 1792 ext4_warning(inode->i_sb, 1793 "Inconsistent encryption contexts: %lu/%lu", 1794 dir->i_ino, inode->i_ino); 1795 iput(inode); 1796 return ERR_PTR(-EPERM); 1797 } 1798 } 1799 1800 #ifdef CONFIG_UNICODE 1801 if (!inode && IS_CASEFOLDED(dir)) { 1802 /* Eventually we want to call d_add_ci(dentry, NULL) 1803 * for negative dentries in the encoding case as 1804 * well. For now, prevent the negative dentry 1805 * from being cached. 1806 */ 1807 return NULL; 1808 } 1809 #endif 1810 return d_splice_alias(inode, dentry); 1811 } 1812 1813 1814 struct dentry *ext4_get_parent(struct dentry *child) 1815 { 1816 __u32 ino; 1817 static const struct qstr dotdot = QSTR_INIT("..", 2); 1818 struct ext4_dir_entry_2 * de; 1819 struct buffer_head *bh; 1820 1821 bh = ext4_find_entry(d_inode(child), &dotdot, &de, NULL); 1822 if (IS_ERR(bh)) 1823 return ERR_CAST(bh); 1824 if (!bh) 1825 return ERR_PTR(-ENOENT); 1826 ino = le32_to_cpu(de->inode); 1827 brelse(bh); 1828 1829 if (!ext4_valid_inum(child->d_sb, ino)) { 1830 EXT4_ERROR_INODE(d_inode(child), 1831 "bad parent inode number: %u", ino); 1832 return ERR_PTR(-EFSCORRUPTED); 1833 } 1834 1835 return d_obtain_alias(ext4_iget(child->d_sb, ino, EXT4_IGET_NORMAL)); 1836 } 1837 1838 /* 1839 * Move count entries from end of map between two memory locations. 1840 * Returns pointer to last entry moved. 1841 */ 1842 static struct ext4_dir_entry_2 * 1843 dx_move_dirents(struct inode *dir, char *from, char *to, 1844 struct dx_map_entry *map, int count, 1845 unsigned blocksize) 1846 { 1847 unsigned rec_len = 0; 1848 1849 while (count--) { 1850 struct ext4_dir_entry_2 *de = (struct ext4_dir_entry_2 *) 1851 (from + (map->offs<<2)); 1852 rec_len = ext4_dir_rec_len(de->name_len, dir); 1853 1854 memcpy (to, de, rec_len); 1855 ((struct ext4_dir_entry_2 *) to)->rec_len = 1856 ext4_rec_len_to_disk(rec_len, blocksize); 1857 1858 /* wipe dir_entry excluding the rec_len field */ 1859 de->inode = 0; 1860 memset(&de->name_len, 0, ext4_rec_len_from_disk(de->rec_len, 1861 blocksize) - 1862 offsetof(struct ext4_dir_entry_2, 1863 name_len)); 1864 1865 map++; 1866 to += rec_len; 1867 } 1868 return (struct ext4_dir_entry_2 *) (to - rec_len); 1869 } 1870 1871 /* 1872 * Compact each dir entry in the range to the minimal rec_len. 1873 * Returns pointer to last entry in range. 1874 */ 1875 static struct ext4_dir_entry_2 *dx_pack_dirents(struct inode *dir, char *base, 1876 unsigned int blocksize) 1877 { 1878 struct ext4_dir_entry_2 *next, *to, *prev, *de = (struct ext4_dir_entry_2 *) base; 1879 unsigned rec_len = 0; 1880 1881 prev = to = de; 1882 while ((char*)de < base + blocksize) { 1883 next = ext4_next_entry(de, blocksize); 1884 if (de->inode && de->name_len) { 1885 rec_len = ext4_dir_rec_len(de->name_len, dir); 1886 if (de > to) 1887 memmove(to, de, rec_len); 1888 to->rec_len = ext4_rec_len_to_disk(rec_len, blocksize); 1889 prev = to; 1890 to = (struct ext4_dir_entry_2 *) (((char *) to) + rec_len); 1891 } 1892 de = next; 1893 } 1894 return prev; 1895 } 1896 1897 /* 1898 * Split a full leaf block to make room for a new dir entry. 1899 * Allocate a new block, and move entries so that they are approx. equally full. 1900 * Returns pointer to de in block into which the new entry will be inserted. 1901 */ 1902 static struct ext4_dir_entry_2 *do_split(handle_t *handle, struct inode *dir, 1903 struct buffer_head **bh,struct dx_frame *frame, 1904 struct dx_hash_info *hinfo) 1905 { 1906 unsigned blocksize = dir->i_sb->s_blocksize; 1907 unsigned count, continued; 1908 struct buffer_head *bh2; 1909 ext4_lblk_t newblock; 1910 u32 hash2; 1911 struct dx_map_entry *map; 1912 char *data1 = (*bh)->b_data, *data2; 1913 unsigned split, move, size; 1914 struct ext4_dir_entry_2 *de = NULL, *de2; 1915 int csum_size = 0; 1916 int err = 0, i; 1917 1918 if (ext4_has_metadata_csum(dir->i_sb)) 1919 csum_size = sizeof(struct ext4_dir_entry_tail); 1920 1921 bh2 = ext4_append(handle, dir, &newblock); 1922 if (IS_ERR(bh2)) { 1923 brelse(*bh); 1924 *bh = NULL; 1925 return (struct ext4_dir_entry_2 *) bh2; 1926 } 1927 1928 BUFFER_TRACE(*bh, "get_write_access"); 1929 err = ext4_journal_get_write_access(handle, *bh); 1930 if (err) 1931 goto journal_error; 1932 1933 BUFFER_TRACE(frame->bh, "get_write_access"); 1934 err = ext4_journal_get_write_access(handle, frame->bh); 1935 if (err) 1936 goto journal_error; 1937 1938 data2 = bh2->b_data; 1939 1940 /* create map in the end of data2 block */ 1941 map = (struct dx_map_entry *) (data2 + blocksize); 1942 count = dx_make_map(dir, (struct ext4_dir_entry_2 *) data1, 1943 blocksize, hinfo, map); 1944 map -= count; 1945 dx_sort_map(map, count); 1946 /* Ensure that neither split block is over half full */ 1947 size = 0; 1948 move = 0; 1949 for (i = count-1; i >= 0; i--) { 1950 /* is more than half of this entry in 2nd half of the block? */ 1951 if (size + map[i].size/2 > blocksize/2) 1952 break; 1953 size += map[i].size; 1954 move++; 1955 } 1956 /* 1957 * map index at which we will split 1958 * 1959 * If the sum of active entries didn't exceed half the block size, just 1960 * split it in half by count; each resulting block will have at least 1961 * half the space free. 1962 */ 1963 if (i > 0) 1964 split = count - move; 1965 else 1966 split = count/2; 1967 1968 hash2 = map[split].hash; 1969 continued = hash2 == map[split - 1].hash; 1970 dxtrace(printk(KERN_INFO "Split block %lu at %x, %i/%i\n", 1971 (unsigned long)dx_get_block(frame->at), 1972 hash2, split, count-split)); 1973 1974 /* Fancy dance to stay within two buffers */ 1975 de2 = dx_move_dirents(dir, data1, data2, map + split, count - split, 1976 blocksize); 1977 de = dx_pack_dirents(dir, data1, blocksize); 1978 de->rec_len = ext4_rec_len_to_disk(data1 + (blocksize - csum_size) - 1979 (char *) de, 1980 blocksize); 1981 de2->rec_len = ext4_rec_len_to_disk(data2 + (blocksize - csum_size) - 1982 (char *) de2, 1983 blocksize); 1984 if (csum_size) { 1985 ext4_initialize_dirent_tail(*bh, blocksize); 1986 ext4_initialize_dirent_tail(bh2, blocksize); 1987 } 1988 1989 dxtrace(dx_show_leaf(dir, hinfo, (struct ext4_dir_entry_2 *) data1, 1990 blocksize, 1)); 1991 dxtrace(dx_show_leaf(dir, hinfo, (struct ext4_dir_entry_2 *) data2, 1992 blocksize, 1)); 1993 1994 /* Which block gets the new entry? */ 1995 if (hinfo->hash >= hash2) { 1996 swap(*bh, bh2); 1997 de = de2; 1998 } 1999 dx_insert_block(frame, hash2 + continued, newblock); 2000 err = ext4_handle_dirty_dirblock(handle, dir, bh2); 2001 if (err) 2002 goto journal_error; 2003 err = ext4_handle_dirty_dx_node(handle, dir, frame->bh); 2004 if (err) 2005 goto journal_error; 2006 brelse(bh2); 2007 dxtrace(dx_show_index("frame", frame->entries)); 2008 return de; 2009 2010 journal_error: 2011 brelse(*bh); 2012 brelse(bh2); 2013 *bh = NULL; 2014 ext4_std_error(dir->i_sb, err); 2015 return ERR_PTR(err); 2016 } 2017 2018 int ext4_find_dest_de(struct inode *dir, struct inode *inode, 2019 struct buffer_head *bh, 2020 void *buf, int buf_size, 2021 struct ext4_filename *fname, 2022 struct ext4_dir_entry_2 **dest_de) 2023 { 2024 struct ext4_dir_entry_2 *de; 2025 unsigned short reclen = ext4_dir_rec_len(fname_len(fname), dir); 2026 int nlen, rlen; 2027 unsigned int offset = 0; 2028 char *top; 2029 2030 de = (struct ext4_dir_entry_2 *)buf; 2031 top = buf + buf_size - reclen; 2032 while ((char *) de <= top) { 2033 if (ext4_check_dir_entry(dir, NULL, de, bh, 2034 buf, buf_size, offset)) 2035 return -EFSCORRUPTED; 2036 if (ext4_match(dir, fname, de)) 2037 return -EEXIST; 2038 nlen = ext4_dir_rec_len(de->name_len, dir); 2039 rlen = ext4_rec_len_from_disk(de->rec_len, buf_size); 2040 if ((de->inode ? rlen - nlen : rlen) >= reclen) 2041 break; 2042 de = (struct ext4_dir_entry_2 *)((char *)de + rlen); 2043 offset += rlen; 2044 } 2045 if ((char *) de > top) 2046 return -ENOSPC; 2047 2048 *dest_de = de; 2049 return 0; 2050 } 2051 2052 void ext4_insert_dentry(struct inode *dir, 2053 struct inode *inode, 2054 struct ext4_dir_entry_2 *de, 2055 int buf_size, 2056 struct ext4_filename *fname) 2057 { 2058 2059 int nlen, rlen; 2060 2061 nlen = ext4_dir_rec_len(de->name_len, dir); 2062 rlen = ext4_rec_len_from_disk(de->rec_len, buf_size); 2063 if (de->inode) { 2064 struct ext4_dir_entry_2 *de1 = 2065 (struct ext4_dir_entry_2 *)((char *)de + nlen); 2066 de1->rec_len = ext4_rec_len_to_disk(rlen - nlen, buf_size); 2067 de->rec_len = ext4_rec_len_to_disk(nlen, buf_size); 2068 de = de1; 2069 } 2070 de->file_type = EXT4_FT_UNKNOWN; 2071 de->inode = cpu_to_le32(inode->i_ino); 2072 ext4_set_de_type(inode->i_sb, de, inode->i_mode); 2073 de->name_len = fname_len(fname); 2074 memcpy(de->name, fname_name(fname), fname_len(fname)); 2075 if (ext4_hash_in_dirent(dir)) { 2076 struct dx_hash_info *hinfo = &fname->hinfo; 2077 2078 EXT4_DIRENT_HASHES(de)->hash = cpu_to_le32(hinfo->hash); 2079 EXT4_DIRENT_HASHES(de)->minor_hash = 2080 cpu_to_le32(hinfo->minor_hash); 2081 } 2082 } 2083 2084 /* 2085 * Add a new entry into a directory (leaf) block. If de is non-NULL, 2086 * it points to a directory entry which is guaranteed to be large 2087 * enough for new directory entry. If de is NULL, then 2088 * add_dirent_to_buf will attempt search the directory block for 2089 * space. It will return -ENOSPC if no space is available, and -EIO 2090 * and -EEXIST if directory entry already exists. 2091 */ 2092 static int add_dirent_to_buf(handle_t *handle, struct ext4_filename *fname, 2093 struct inode *dir, 2094 struct inode *inode, struct ext4_dir_entry_2 *de, 2095 struct buffer_head *bh) 2096 { 2097 unsigned int blocksize = dir->i_sb->s_blocksize; 2098 int csum_size = 0; 2099 int err, err2; 2100 2101 if (ext4_has_metadata_csum(inode->i_sb)) 2102 csum_size = sizeof(struct ext4_dir_entry_tail); 2103 2104 if (!de) { 2105 err = ext4_find_dest_de(dir, inode, bh, bh->b_data, 2106 blocksize - csum_size, fname, &de); 2107 if (err) 2108 return err; 2109 } 2110 BUFFER_TRACE(bh, "get_write_access"); 2111 err = ext4_journal_get_write_access(handle, bh); 2112 if (err) { 2113 ext4_std_error(dir->i_sb, err); 2114 return err; 2115 } 2116 2117 /* By now the buffer is marked for journaling */ 2118 ext4_insert_dentry(dir, inode, de, blocksize, fname); 2119 2120 /* 2121 * XXX shouldn't update any times until successful 2122 * completion of syscall, but too many callers depend 2123 * on this. 2124 * 2125 * XXX similarly, too many callers depend on 2126 * ext4_new_inode() setting the times, but error 2127 * recovery deletes the inode, so the worst that can 2128 * happen is that the times are slightly out of date 2129 * and/or different from the directory change time. 2130 */ 2131 dir->i_mtime = dir->i_ctime = current_time(dir); 2132 ext4_update_dx_flag(dir); 2133 inode_inc_iversion(dir); 2134 err2 = ext4_mark_inode_dirty(handle, dir); 2135 BUFFER_TRACE(bh, "call ext4_handle_dirty_metadata"); 2136 err = ext4_handle_dirty_dirblock(handle, dir, bh); 2137 if (err) 2138 ext4_std_error(dir->i_sb, err); 2139 return err ? err : err2; 2140 } 2141 2142 /* 2143 * This converts a one block unindexed directory to a 3 block indexed 2144 * directory, and adds the dentry to the indexed directory. 2145 */ 2146 static int make_indexed_dir(handle_t *handle, struct ext4_filename *fname, 2147 struct inode *dir, 2148 struct inode *inode, struct buffer_head *bh) 2149 { 2150 struct buffer_head *bh2; 2151 struct dx_root *root; 2152 struct dx_frame frames[EXT4_HTREE_LEVEL], *frame; 2153 struct dx_entry *entries; 2154 struct ext4_dir_entry_2 *de, *de2; 2155 char *data2, *top; 2156 unsigned len; 2157 int retval; 2158 unsigned blocksize; 2159 ext4_lblk_t block; 2160 struct fake_dirent *fde; 2161 int csum_size = 0; 2162 2163 if (ext4_has_metadata_csum(inode->i_sb)) 2164 csum_size = sizeof(struct ext4_dir_entry_tail); 2165 2166 blocksize = dir->i_sb->s_blocksize; 2167 dxtrace(printk(KERN_DEBUG "Creating index: inode %lu\n", dir->i_ino)); 2168 BUFFER_TRACE(bh, "get_write_access"); 2169 retval = ext4_journal_get_write_access(handle, bh); 2170 if (retval) { 2171 ext4_std_error(dir->i_sb, retval); 2172 brelse(bh); 2173 return retval; 2174 } 2175 root = (struct dx_root *) bh->b_data; 2176 2177 /* The 0th block becomes the root, move the dirents out */ 2178 fde = &root->dotdot; 2179 de = (struct ext4_dir_entry_2 *)((char *)fde + 2180 ext4_rec_len_from_disk(fde->rec_len, blocksize)); 2181 if ((char *) de >= (((char *) root) + blocksize)) { 2182 EXT4_ERROR_INODE(dir, "invalid rec_len for '..'"); 2183 brelse(bh); 2184 return -EFSCORRUPTED; 2185 } 2186 len = ((char *) root) + (blocksize - csum_size) - (char *) de; 2187 2188 /* Allocate new block for the 0th block's dirents */ 2189 bh2 = ext4_append(handle, dir, &block); 2190 if (IS_ERR(bh2)) { 2191 brelse(bh); 2192 return PTR_ERR(bh2); 2193 } 2194 ext4_set_inode_flag(dir, EXT4_INODE_INDEX); 2195 data2 = bh2->b_data; 2196 2197 memcpy(data2, de, len); 2198 memset(de, 0, len); /* wipe old data */ 2199 de = (struct ext4_dir_entry_2 *) data2; 2200 top = data2 + len; 2201 while ((char *)(de2 = ext4_next_entry(de, blocksize)) < top) 2202 de = de2; 2203 de->rec_len = ext4_rec_len_to_disk(data2 + (blocksize - csum_size) - 2204 (char *) de, blocksize); 2205 2206 if (csum_size) 2207 ext4_initialize_dirent_tail(bh2, blocksize); 2208 2209 /* Initialize the root; the dot dirents already exist */ 2210 de = (struct ext4_dir_entry_2 *) (&root->dotdot); 2211 de->rec_len = ext4_rec_len_to_disk( 2212 blocksize - ext4_dir_rec_len(2, NULL), blocksize); 2213 memset (&root->info, 0, sizeof(root->info)); 2214 root->info.info_length = sizeof(root->info); 2215 if (ext4_hash_in_dirent(dir)) 2216 root->info.hash_version = DX_HASH_SIPHASH; 2217 else 2218 root->info.hash_version = 2219 EXT4_SB(dir->i_sb)->s_def_hash_version; 2220 2221 entries = root->entries; 2222 dx_set_block(entries, 1); 2223 dx_set_count(entries, 1); 2224 dx_set_limit(entries, dx_root_limit(dir, sizeof(root->info))); 2225 2226 /* Initialize as for dx_probe */ 2227 fname->hinfo.hash_version = root->info.hash_version; 2228 if (fname->hinfo.hash_version <= DX_HASH_TEA) 2229 fname->hinfo.hash_version += EXT4_SB(dir->i_sb)->s_hash_unsigned; 2230 fname->hinfo.seed = EXT4_SB(dir->i_sb)->s_hash_seed; 2231 2232 /* casefolded encrypted hashes are computed on fname setup */ 2233 if (!ext4_hash_in_dirent(dir)) 2234 ext4fs_dirhash(dir, fname_name(fname), 2235 fname_len(fname), &fname->hinfo); 2236 2237 memset(frames, 0, sizeof(frames)); 2238 frame = frames; 2239 frame->entries = entries; 2240 frame->at = entries; 2241 frame->bh = bh; 2242 2243 retval = ext4_handle_dirty_dx_node(handle, dir, frame->bh); 2244 if (retval) 2245 goto out_frames; 2246 retval = ext4_handle_dirty_dirblock(handle, dir, bh2); 2247 if (retval) 2248 goto out_frames; 2249 2250 de = do_split(handle,dir, &bh2, frame, &fname->hinfo); 2251 if (IS_ERR(de)) { 2252 retval = PTR_ERR(de); 2253 goto out_frames; 2254 } 2255 2256 retval = add_dirent_to_buf(handle, fname, dir, inode, de, bh2); 2257 out_frames: 2258 /* 2259 * Even if the block split failed, we have to properly write 2260 * out all the changes we did so far. Otherwise we can end up 2261 * with corrupted filesystem. 2262 */ 2263 if (retval) 2264 ext4_mark_inode_dirty(handle, dir); 2265 dx_release(frames); 2266 brelse(bh2); 2267 return retval; 2268 } 2269 2270 /* 2271 * ext4_add_entry() 2272 * 2273 * adds a file entry to the specified directory, using the same 2274 * semantics as ext4_find_entry(). It returns NULL if it failed. 2275 * 2276 * NOTE!! The inode part of 'de' is left at 0 - which means you 2277 * may not sleep between calling this and putting something into 2278 * the entry, as someone else might have used it while you slept. 2279 */ 2280 static int ext4_add_entry(handle_t *handle, struct dentry *dentry, 2281 struct inode *inode) 2282 { 2283 struct inode *dir = d_inode(dentry->d_parent); 2284 struct buffer_head *bh = NULL; 2285 struct ext4_dir_entry_2 *de; 2286 struct super_block *sb; 2287 struct ext4_filename fname; 2288 int retval; 2289 int dx_fallback=0; 2290 unsigned blocksize; 2291 ext4_lblk_t block, blocks; 2292 int csum_size = 0; 2293 2294 if (ext4_has_metadata_csum(inode->i_sb)) 2295 csum_size = sizeof(struct ext4_dir_entry_tail); 2296 2297 sb = dir->i_sb; 2298 blocksize = sb->s_blocksize; 2299 if (!dentry->d_name.len) 2300 return -EINVAL; 2301 2302 if (fscrypt_is_nokey_name(dentry)) 2303 return -ENOKEY; 2304 2305 #ifdef CONFIG_UNICODE 2306 if (sb_has_strict_encoding(sb) && IS_CASEFOLDED(dir) && 2307 sb->s_encoding && utf8_validate(sb->s_encoding, &dentry->d_name)) 2308 return -EINVAL; 2309 #endif 2310 2311 retval = ext4_fname_setup_filename(dir, &dentry->d_name, 0, &fname); 2312 if (retval) 2313 return retval; 2314 2315 if (ext4_has_inline_data(dir)) { 2316 retval = ext4_try_add_inline_entry(handle, &fname, dir, inode); 2317 if (retval < 0) 2318 goto out; 2319 if (retval == 1) { 2320 retval = 0; 2321 goto out; 2322 } 2323 } 2324 2325 if (is_dx(dir)) { 2326 retval = ext4_dx_add_entry(handle, &fname, dir, inode); 2327 if (!retval || (retval != ERR_BAD_DX_DIR)) 2328 goto out; 2329 /* Can we just ignore htree data? */ 2330 if (ext4_has_metadata_csum(sb)) { 2331 EXT4_ERROR_INODE(dir, 2332 "Directory has corrupted htree index."); 2333 retval = -EFSCORRUPTED; 2334 goto out; 2335 } 2336 ext4_clear_inode_flag(dir, EXT4_INODE_INDEX); 2337 dx_fallback++; 2338 retval = ext4_mark_inode_dirty(handle, dir); 2339 if (unlikely(retval)) 2340 goto out; 2341 } 2342 blocks = dir->i_size >> sb->s_blocksize_bits; 2343 for (block = 0; block < blocks; block++) { 2344 bh = ext4_read_dirblock(dir, block, DIRENT); 2345 if (bh == NULL) { 2346 bh = ext4_bread(handle, dir, block, 2347 EXT4_GET_BLOCKS_CREATE); 2348 goto add_to_new_block; 2349 } 2350 if (IS_ERR(bh)) { 2351 retval = PTR_ERR(bh); 2352 bh = NULL; 2353 goto out; 2354 } 2355 retval = add_dirent_to_buf(handle, &fname, dir, inode, 2356 NULL, bh); 2357 if (retval != -ENOSPC) 2358 goto out; 2359 2360 if (blocks == 1 && !dx_fallback && 2361 ext4_has_feature_dir_index(sb)) { 2362 retval = make_indexed_dir(handle, &fname, dir, 2363 inode, bh); 2364 bh = NULL; /* make_indexed_dir releases bh */ 2365 goto out; 2366 } 2367 brelse(bh); 2368 } 2369 bh = ext4_append(handle, dir, &block); 2370 add_to_new_block: 2371 if (IS_ERR(bh)) { 2372 retval = PTR_ERR(bh); 2373 bh = NULL; 2374 goto out; 2375 } 2376 de = (struct ext4_dir_entry_2 *) bh->b_data; 2377 de->inode = 0; 2378 de->rec_len = ext4_rec_len_to_disk(blocksize - csum_size, blocksize); 2379 2380 if (csum_size) 2381 ext4_initialize_dirent_tail(bh, blocksize); 2382 2383 retval = add_dirent_to_buf(handle, &fname, dir, inode, de, bh); 2384 out: 2385 ext4_fname_free_filename(&fname); 2386 brelse(bh); 2387 if (retval == 0) 2388 ext4_set_inode_state(inode, EXT4_STATE_NEWENTRY); 2389 return retval; 2390 } 2391 2392 /* 2393 * Returns 0 for success, or a negative error value 2394 */ 2395 static int ext4_dx_add_entry(handle_t *handle, struct ext4_filename *fname, 2396 struct inode *dir, struct inode *inode) 2397 { 2398 struct dx_frame frames[EXT4_HTREE_LEVEL], *frame; 2399 struct dx_entry *entries, *at; 2400 struct buffer_head *bh; 2401 struct super_block *sb = dir->i_sb; 2402 struct ext4_dir_entry_2 *de; 2403 int restart; 2404 int err; 2405 2406 again: 2407 restart = 0; 2408 frame = dx_probe(fname, dir, NULL, frames); 2409 if (IS_ERR(frame)) 2410 return PTR_ERR(frame); 2411 entries = frame->entries; 2412 at = frame->at; 2413 bh = ext4_read_dirblock(dir, dx_get_block(frame->at), DIRENT_HTREE); 2414 if (IS_ERR(bh)) { 2415 err = PTR_ERR(bh); 2416 bh = NULL; 2417 goto cleanup; 2418 } 2419 2420 BUFFER_TRACE(bh, "get_write_access"); 2421 err = ext4_journal_get_write_access(handle, bh); 2422 if (err) 2423 goto journal_error; 2424 2425 err = add_dirent_to_buf(handle, fname, dir, inode, NULL, bh); 2426 if (err != -ENOSPC) 2427 goto cleanup; 2428 2429 err = 0; 2430 /* Block full, should compress but for now just split */ 2431 dxtrace(printk(KERN_DEBUG "using %u of %u node entries\n", 2432 dx_get_count(entries), dx_get_limit(entries))); 2433 /* Need to split index? */ 2434 if (dx_get_count(entries) == dx_get_limit(entries)) { 2435 ext4_lblk_t newblock; 2436 int levels = frame - frames + 1; 2437 unsigned int icount; 2438 int add_level = 1; 2439 struct dx_entry *entries2; 2440 struct dx_node *node2; 2441 struct buffer_head *bh2; 2442 2443 while (frame > frames) { 2444 if (dx_get_count((frame - 1)->entries) < 2445 dx_get_limit((frame - 1)->entries)) { 2446 add_level = 0; 2447 break; 2448 } 2449 frame--; /* split higher index block */ 2450 at = frame->at; 2451 entries = frame->entries; 2452 restart = 1; 2453 } 2454 if (add_level && levels == ext4_dir_htree_level(sb)) { 2455 ext4_warning(sb, "Directory (ino: %lu) index full, " 2456 "reach max htree level :%d", 2457 dir->i_ino, levels); 2458 if (ext4_dir_htree_level(sb) < EXT4_HTREE_LEVEL) { 2459 ext4_warning(sb, "Large directory feature is " 2460 "not enabled on this " 2461 "filesystem"); 2462 } 2463 err = -ENOSPC; 2464 goto cleanup; 2465 } 2466 icount = dx_get_count(entries); 2467 bh2 = ext4_append(handle, dir, &newblock); 2468 if (IS_ERR(bh2)) { 2469 err = PTR_ERR(bh2); 2470 goto cleanup; 2471 } 2472 node2 = (struct dx_node *)(bh2->b_data); 2473 entries2 = node2->entries; 2474 memset(&node2->fake, 0, sizeof(struct fake_dirent)); 2475 node2->fake.rec_len = ext4_rec_len_to_disk(sb->s_blocksize, 2476 sb->s_blocksize); 2477 BUFFER_TRACE(frame->bh, "get_write_access"); 2478 err = ext4_journal_get_write_access(handle, frame->bh); 2479 if (err) 2480 goto journal_error; 2481 if (!add_level) { 2482 unsigned icount1 = icount/2, icount2 = icount - icount1; 2483 unsigned hash2 = dx_get_hash(entries + icount1); 2484 dxtrace(printk(KERN_DEBUG "Split index %i/%i\n", 2485 icount1, icount2)); 2486 2487 BUFFER_TRACE(frame->bh, "get_write_access"); /* index root */ 2488 err = ext4_journal_get_write_access(handle, 2489 (frame - 1)->bh); 2490 if (err) 2491 goto journal_error; 2492 2493 memcpy((char *) entries2, (char *) (entries + icount1), 2494 icount2 * sizeof(struct dx_entry)); 2495 dx_set_count(entries, icount1); 2496 dx_set_count(entries2, icount2); 2497 dx_set_limit(entries2, dx_node_limit(dir)); 2498 2499 /* Which index block gets the new entry? */ 2500 if (at - entries >= icount1) { 2501 frame->at = at = at - entries - icount1 + entries2; 2502 frame->entries = entries = entries2; 2503 swap(frame->bh, bh2); 2504 } 2505 dx_insert_block((frame - 1), hash2, newblock); 2506 dxtrace(dx_show_index("node", frame->entries)); 2507 dxtrace(dx_show_index("node", 2508 ((struct dx_node *) bh2->b_data)->entries)); 2509 err = ext4_handle_dirty_dx_node(handle, dir, bh2); 2510 if (err) 2511 goto journal_error; 2512 brelse (bh2); 2513 err = ext4_handle_dirty_dx_node(handle, dir, 2514 (frame - 1)->bh); 2515 if (err) 2516 goto journal_error; 2517 err = ext4_handle_dirty_dx_node(handle, dir, 2518 frame->bh); 2519 if (err) 2520 goto journal_error; 2521 } else { 2522 struct dx_root *dxroot; 2523 memcpy((char *) entries2, (char *) entries, 2524 icount * sizeof(struct dx_entry)); 2525 dx_set_limit(entries2, dx_node_limit(dir)); 2526 2527 /* Set up root */ 2528 dx_set_count(entries, 1); 2529 dx_set_block(entries + 0, newblock); 2530 dxroot = (struct dx_root *)frames[0].bh->b_data; 2531 dxroot->info.indirect_levels += 1; 2532 dxtrace(printk(KERN_DEBUG 2533 "Creating %d level index...\n", 2534 dxroot->info.indirect_levels)); 2535 err = ext4_handle_dirty_dx_node(handle, dir, frame->bh); 2536 if (err) 2537 goto journal_error; 2538 err = ext4_handle_dirty_dx_node(handle, dir, bh2); 2539 brelse(bh2); 2540 restart = 1; 2541 goto journal_error; 2542 } 2543 } 2544 de = do_split(handle, dir, &bh, frame, &fname->hinfo); 2545 if (IS_ERR(de)) { 2546 err = PTR_ERR(de); 2547 goto cleanup; 2548 } 2549 err = add_dirent_to_buf(handle, fname, dir, inode, de, bh); 2550 goto cleanup; 2551 2552 journal_error: 2553 ext4_std_error(dir->i_sb, err); /* this is a no-op if err == 0 */ 2554 cleanup: 2555 brelse(bh); 2556 dx_release(frames); 2557 /* @restart is true means htree-path has been changed, we need to 2558 * repeat dx_probe() to find out valid htree-path 2559 */ 2560 if (restart && err == 0) 2561 goto again; 2562 return err; 2563 } 2564 2565 /* 2566 * ext4_generic_delete_entry deletes a directory entry by merging it 2567 * with the previous entry 2568 */ 2569 int ext4_generic_delete_entry(struct inode *dir, 2570 struct ext4_dir_entry_2 *de_del, 2571 struct buffer_head *bh, 2572 void *entry_buf, 2573 int buf_size, 2574 int csum_size) 2575 { 2576 struct ext4_dir_entry_2 *de, *pde; 2577 unsigned int blocksize = dir->i_sb->s_blocksize; 2578 int i; 2579 2580 i = 0; 2581 pde = NULL; 2582 de = (struct ext4_dir_entry_2 *)entry_buf; 2583 while (i < buf_size - csum_size) { 2584 if (ext4_check_dir_entry(dir, NULL, de, bh, 2585 entry_buf, buf_size, i)) 2586 return -EFSCORRUPTED; 2587 if (de == de_del) { 2588 if (pde) { 2589 pde->rec_len = ext4_rec_len_to_disk( 2590 ext4_rec_len_from_disk(pde->rec_len, 2591 blocksize) + 2592 ext4_rec_len_from_disk(de->rec_len, 2593 blocksize), 2594 blocksize); 2595 2596 /* wipe entire dir_entry */ 2597 memset(de, 0, ext4_rec_len_from_disk(de->rec_len, 2598 blocksize)); 2599 } else { 2600 /* wipe dir_entry excluding the rec_len field */ 2601 de->inode = 0; 2602 memset(&de->name_len, 0, 2603 ext4_rec_len_from_disk(de->rec_len, 2604 blocksize) - 2605 offsetof(struct ext4_dir_entry_2, 2606 name_len)); 2607 } 2608 2609 inode_inc_iversion(dir); 2610 return 0; 2611 } 2612 i += ext4_rec_len_from_disk(de->rec_len, blocksize); 2613 pde = de; 2614 de = ext4_next_entry(de, blocksize); 2615 } 2616 return -ENOENT; 2617 } 2618 2619 static int ext4_delete_entry(handle_t *handle, 2620 struct inode *dir, 2621 struct ext4_dir_entry_2 *de_del, 2622 struct buffer_head *bh) 2623 { 2624 int err, csum_size = 0; 2625 2626 if (ext4_has_inline_data(dir)) { 2627 int has_inline_data = 1; 2628 err = ext4_delete_inline_entry(handle, dir, de_del, bh, 2629 &has_inline_data); 2630 if (has_inline_data) 2631 return err; 2632 } 2633 2634 if (ext4_has_metadata_csum(dir->i_sb)) 2635 csum_size = sizeof(struct ext4_dir_entry_tail); 2636 2637 BUFFER_TRACE(bh, "get_write_access"); 2638 err = ext4_journal_get_write_access(handle, bh); 2639 if (unlikely(err)) 2640 goto out; 2641 2642 err = ext4_generic_delete_entry(dir, de_del, bh, bh->b_data, 2643 dir->i_sb->s_blocksize, csum_size); 2644 if (err) 2645 goto out; 2646 2647 BUFFER_TRACE(bh, "call ext4_handle_dirty_metadata"); 2648 err = ext4_handle_dirty_dirblock(handle, dir, bh); 2649 if (unlikely(err)) 2650 goto out; 2651 2652 return 0; 2653 out: 2654 if (err != -ENOENT) 2655 ext4_std_error(dir->i_sb, err); 2656 return err; 2657 } 2658 2659 /* 2660 * Set directory link count to 1 if nlinks > EXT4_LINK_MAX, or if nlinks == 2 2661 * since this indicates that nlinks count was previously 1 to avoid overflowing 2662 * the 16-bit i_links_count field on disk. Directories with i_nlink == 1 mean 2663 * that subdirectory link counts are not being maintained accurately. 2664 * 2665 * The caller has already checked for i_nlink overflow in case the DIR_LINK 2666 * feature is not enabled and returned -EMLINK. The is_dx() check is a proxy 2667 * for checking S_ISDIR(inode) (since the INODE_INDEX feature will not be set 2668 * on regular files) and to avoid creating huge/slow non-HTREE directories. 2669 */ 2670 static void ext4_inc_count(struct inode *inode) 2671 { 2672 inc_nlink(inode); 2673 if (is_dx(inode) && 2674 (inode->i_nlink > EXT4_LINK_MAX || inode->i_nlink == 2)) 2675 set_nlink(inode, 1); 2676 } 2677 2678 /* 2679 * If a directory had nlink == 1, then we should let it be 1. This indicates 2680 * directory has >EXT4_LINK_MAX subdirs. 2681 */ 2682 static void ext4_dec_count(struct inode *inode) 2683 { 2684 if (!S_ISDIR(inode->i_mode) || inode->i_nlink > 2) 2685 drop_nlink(inode); 2686 } 2687 2688 2689 /* 2690 * Add non-directory inode to a directory. On success, the inode reference is 2691 * consumed by dentry is instantiation. This is also indicated by clearing of 2692 * *inodep pointer. On failure, the caller is responsible for dropping the 2693 * inode reference in the safe context. 2694 */ 2695 static int ext4_add_nondir(handle_t *handle, 2696 struct dentry *dentry, struct inode **inodep) 2697 { 2698 struct inode *dir = d_inode(dentry->d_parent); 2699 struct inode *inode = *inodep; 2700 int err = ext4_add_entry(handle, dentry, inode); 2701 if (!err) { 2702 err = ext4_mark_inode_dirty(handle, inode); 2703 if (IS_DIRSYNC(dir)) 2704 ext4_handle_sync(handle); 2705 d_instantiate_new(dentry, inode); 2706 *inodep = NULL; 2707 return err; 2708 } 2709 drop_nlink(inode); 2710 ext4_orphan_add(handle, inode); 2711 unlock_new_inode(inode); 2712 return err; 2713 } 2714 2715 /* 2716 * By the time this is called, we already have created 2717 * the directory cache entry for the new file, but it 2718 * is so far negative - it has no inode. 2719 * 2720 * If the create succeeds, we fill in the inode information 2721 * with d_instantiate(). 2722 */ 2723 static int ext4_create(struct user_namespace *mnt_userns, struct inode *dir, 2724 struct dentry *dentry, umode_t mode, bool excl) 2725 { 2726 handle_t *handle; 2727 struct inode *inode; 2728 int err, credits, retries = 0; 2729 2730 err = dquot_initialize(dir); 2731 if (err) 2732 return err; 2733 2734 credits = (EXT4_DATA_TRANS_BLOCKS(dir->i_sb) + 2735 EXT4_INDEX_EXTRA_TRANS_BLOCKS + 3); 2736 retry: 2737 inode = ext4_new_inode_start_handle(mnt_userns, dir, mode, &dentry->d_name, 2738 0, NULL, EXT4_HT_DIR, credits); 2739 handle = ext4_journal_current_handle(); 2740 err = PTR_ERR(inode); 2741 if (!IS_ERR(inode)) { 2742 inode->i_op = &ext4_file_inode_operations; 2743 inode->i_fop = &ext4_file_operations; 2744 ext4_set_aops(inode); 2745 err = ext4_add_nondir(handle, dentry, &inode); 2746 if (!err) 2747 ext4_fc_track_create(handle, dentry); 2748 } 2749 if (handle) 2750 ext4_journal_stop(handle); 2751 if (!IS_ERR_OR_NULL(inode)) 2752 iput(inode); 2753 if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) 2754 goto retry; 2755 return err; 2756 } 2757 2758 static int ext4_mknod(struct user_namespace *mnt_userns, struct inode *dir, 2759 struct dentry *dentry, umode_t mode, dev_t rdev) 2760 { 2761 handle_t *handle; 2762 struct inode *inode; 2763 int err, credits, retries = 0; 2764 2765 err = dquot_initialize(dir); 2766 if (err) 2767 return err; 2768 2769 credits = (EXT4_DATA_TRANS_BLOCKS(dir->i_sb) + 2770 EXT4_INDEX_EXTRA_TRANS_BLOCKS + 3); 2771 retry: 2772 inode = ext4_new_inode_start_handle(mnt_userns, dir, mode, &dentry->d_name, 2773 0, NULL, EXT4_HT_DIR, credits); 2774 handle = ext4_journal_current_handle(); 2775 err = PTR_ERR(inode); 2776 if (!IS_ERR(inode)) { 2777 init_special_inode(inode, inode->i_mode, rdev); 2778 inode->i_op = &ext4_special_inode_operations; 2779 err = ext4_add_nondir(handle, dentry, &inode); 2780 if (!err) 2781 ext4_fc_track_create(handle, dentry); 2782 } 2783 if (handle) 2784 ext4_journal_stop(handle); 2785 if (!IS_ERR_OR_NULL(inode)) 2786 iput(inode); 2787 if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) 2788 goto retry; 2789 return err; 2790 } 2791 2792 static int ext4_tmpfile(struct user_namespace *mnt_userns, struct inode *dir, 2793 struct dentry *dentry, umode_t mode) 2794 { 2795 handle_t *handle; 2796 struct inode *inode; 2797 int err, retries = 0; 2798 2799 err = dquot_initialize(dir); 2800 if (err) 2801 return err; 2802 2803 retry: 2804 inode = ext4_new_inode_start_handle(mnt_userns, dir, mode, 2805 NULL, 0, NULL, 2806 EXT4_HT_DIR, 2807 EXT4_MAXQUOTAS_INIT_BLOCKS(dir->i_sb) + 2808 4 + EXT4_XATTR_TRANS_BLOCKS); 2809 handle = ext4_journal_current_handle(); 2810 err = PTR_ERR(inode); 2811 if (!IS_ERR(inode)) { 2812 inode->i_op = &ext4_file_inode_operations; 2813 inode->i_fop = &ext4_file_operations; 2814 ext4_set_aops(inode); 2815 d_tmpfile(dentry, inode); 2816 err = ext4_orphan_add(handle, inode); 2817 if (err) 2818 goto err_unlock_inode; 2819 mark_inode_dirty(inode); 2820 unlock_new_inode(inode); 2821 } 2822 if (handle) 2823 ext4_journal_stop(handle); 2824 if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) 2825 goto retry; 2826 return err; 2827 err_unlock_inode: 2828 ext4_journal_stop(handle); 2829 unlock_new_inode(inode); 2830 return err; 2831 } 2832 2833 struct ext4_dir_entry_2 *ext4_init_dot_dotdot(struct inode *inode, 2834 struct ext4_dir_entry_2 *de, 2835 int blocksize, int csum_size, 2836 unsigned int parent_ino, int dotdot_real_len) 2837 { 2838 de->inode = cpu_to_le32(inode->i_ino); 2839 de->name_len = 1; 2840 de->rec_len = ext4_rec_len_to_disk(ext4_dir_rec_len(de->name_len, NULL), 2841 blocksize); 2842 strcpy(de->name, "."); 2843 ext4_set_de_type(inode->i_sb, de, S_IFDIR); 2844 2845 de = ext4_next_entry(de, blocksize); 2846 de->inode = cpu_to_le32(parent_ino); 2847 de->name_len = 2; 2848 if (!dotdot_real_len) 2849 de->rec_len = ext4_rec_len_to_disk(blocksize - 2850 (csum_size + ext4_dir_rec_len(1, NULL)), 2851 blocksize); 2852 else 2853 de->rec_len = ext4_rec_len_to_disk( 2854 ext4_dir_rec_len(de->name_len, NULL), 2855 blocksize); 2856 strcpy(de->name, ".."); 2857 ext4_set_de_type(inode->i_sb, de, S_IFDIR); 2858 2859 return ext4_next_entry(de, blocksize); 2860 } 2861 2862 int ext4_init_new_dir(handle_t *handle, struct inode *dir, 2863 struct inode *inode) 2864 { 2865 struct buffer_head *dir_block = NULL; 2866 struct ext4_dir_entry_2 *de; 2867 ext4_lblk_t block = 0; 2868 unsigned int blocksize = dir->i_sb->s_blocksize; 2869 int csum_size = 0; 2870 int err; 2871 2872 if (ext4_has_metadata_csum(dir->i_sb)) 2873 csum_size = sizeof(struct ext4_dir_entry_tail); 2874 2875 if (ext4_test_inode_state(inode, EXT4_STATE_MAY_INLINE_DATA)) { 2876 err = ext4_try_create_inline_dir(handle, dir, inode); 2877 if (err < 0 && err != -ENOSPC) 2878 goto out; 2879 if (!err) 2880 goto out; 2881 } 2882 2883 inode->i_size = 0; 2884 dir_block = ext4_append(handle, inode, &block); 2885 if (IS_ERR(dir_block)) 2886 return PTR_ERR(dir_block); 2887 de = (struct ext4_dir_entry_2 *)dir_block->b_data; 2888 ext4_init_dot_dotdot(inode, de, blocksize, csum_size, dir->i_ino, 0); 2889 set_nlink(inode, 2); 2890 if (csum_size) 2891 ext4_initialize_dirent_tail(dir_block, blocksize); 2892 2893 BUFFER_TRACE(dir_block, "call ext4_handle_dirty_metadata"); 2894 err = ext4_handle_dirty_dirblock(handle, inode, dir_block); 2895 if (err) 2896 goto out; 2897 set_buffer_verified(dir_block); 2898 out: 2899 brelse(dir_block); 2900 return err; 2901 } 2902 2903 static int ext4_mkdir(struct user_namespace *mnt_userns, struct inode *dir, 2904 struct dentry *dentry, umode_t mode) 2905 { 2906 handle_t *handle; 2907 struct inode *inode; 2908 int err, err2 = 0, credits, retries = 0; 2909 2910 if (EXT4_DIR_LINK_MAX(dir)) 2911 return -EMLINK; 2912 2913 err = dquot_initialize(dir); 2914 if (err) 2915 return err; 2916 2917 credits = (EXT4_DATA_TRANS_BLOCKS(dir->i_sb) + 2918 EXT4_INDEX_EXTRA_TRANS_BLOCKS + 3); 2919 retry: 2920 inode = ext4_new_inode_start_handle(mnt_userns, dir, S_IFDIR | mode, 2921 &dentry->d_name, 2922 0, NULL, EXT4_HT_DIR, credits); 2923 handle = ext4_journal_current_handle(); 2924 err = PTR_ERR(inode); 2925 if (IS_ERR(inode)) 2926 goto out_stop; 2927 2928 inode->i_op = &ext4_dir_inode_operations; 2929 inode->i_fop = &ext4_dir_operations; 2930 err = ext4_init_new_dir(handle, dir, inode); 2931 if (err) 2932 goto out_clear_inode; 2933 err = ext4_mark_inode_dirty(handle, inode); 2934 if (!err) 2935 err = ext4_add_entry(handle, dentry, inode); 2936 if (err) { 2937 out_clear_inode: 2938 clear_nlink(inode); 2939 ext4_orphan_add(handle, inode); 2940 unlock_new_inode(inode); 2941 err2 = ext4_mark_inode_dirty(handle, inode); 2942 if (unlikely(err2)) 2943 err = err2; 2944 ext4_journal_stop(handle); 2945 iput(inode); 2946 goto out_retry; 2947 } 2948 ext4_inc_count(dir); 2949 2950 ext4_update_dx_flag(dir); 2951 err = ext4_mark_inode_dirty(handle, dir); 2952 if (err) 2953 goto out_clear_inode; 2954 d_instantiate_new(dentry, inode); 2955 ext4_fc_track_create(handle, dentry); 2956 if (IS_DIRSYNC(dir)) 2957 ext4_handle_sync(handle); 2958 2959 out_stop: 2960 if (handle) 2961 ext4_journal_stop(handle); 2962 out_retry: 2963 if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) 2964 goto retry; 2965 return err; 2966 } 2967 2968 /* 2969 * routine to check that the specified directory is empty (for rmdir) 2970 */ 2971 bool ext4_empty_dir(struct inode *inode) 2972 { 2973 unsigned int offset; 2974 struct buffer_head *bh; 2975 struct ext4_dir_entry_2 *de; 2976 struct super_block *sb; 2977 2978 if (ext4_has_inline_data(inode)) { 2979 int has_inline_data = 1; 2980 int ret; 2981 2982 ret = empty_inline_dir(inode, &has_inline_data); 2983 if (has_inline_data) 2984 return ret; 2985 } 2986 2987 sb = inode->i_sb; 2988 if (inode->i_size < ext4_dir_rec_len(1, NULL) + 2989 ext4_dir_rec_len(2, NULL)) { 2990 EXT4_ERROR_INODE(inode, "invalid size"); 2991 return true; 2992 } 2993 /* The first directory block must not be a hole, 2994 * so treat it as DIRENT_HTREE 2995 */ 2996 bh = ext4_read_dirblock(inode, 0, DIRENT_HTREE); 2997 if (IS_ERR(bh)) 2998 return true; 2999 3000 de = (struct ext4_dir_entry_2 *) bh->b_data; 3001 if (ext4_check_dir_entry(inode, NULL, de, bh, bh->b_data, bh->b_size, 3002 0) || 3003 le32_to_cpu(de->inode) != inode->i_ino || strcmp(".", de->name)) { 3004 ext4_warning_inode(inode, "directory missing '.'"); 3005 brelse(bh); 3006 return true; 3007 } 3008 offset = ext4_rec_len_from_disk(de->rec_len, sb->s_blocksize); 3009 de = ext4_next_entry(de, sb->s_blocksize); 3010 if (ext4_check_dir_entry(inode, NULL, de, bh, bh->b_data, bh->b_size, 3011 offset) || 3012 le32_to_cpu(de->inode) == 0 || strcmp("..", de->name)) { 3013 ext4_warning_inode(inode, "directory missing '..'"); 3014 brelse(bh); 3015 return true; 3016 } 3017 offset += ext4_rec_len_from_disk(de->rec_len, sb->s_blocksize); 3018 while (offset < inode->i_size) { 3019 if (!(offset & (sb->s_blocksize - 1))) { 3020 unsigned int lblock; 3021 brelse(bh); 3022 lblock = offset >> EXT4_BLOCK_SIZE_BITS(sb); 3023 bh = ext4_read_dirblock(inode, lblock, EITHER); 3024 if (bh == NULL) { 3025 offset += sb->s_blocksize; 3026 continue; 3027 } 3028 if (IS_ERR(bh)) 3029 return true; 3030 } 3031 de = (struct ext4_dir_entry_2 *) (bh->b_data + 3032 (offset & (sb->s_blocksize - 1))); 3033 if (ext4_check_dir_entry(inode, NULL, de, bh, 3034 bh->b_data, bh->b_size, offset)) { 3035 offset = (offset | (sb->s_blocksize - 1)) + 1; 3036 continue; 3037 } 3038 if (le32_to_cpu(de->inode)) { 3039 brelse(bh); 3040 return false; 3041 } 3042 offset += ext4_rec_len_from_disk(de->rec_len, sb->s_blocksize); 3043 } 3044 brelse(bh); 3045 return true; 3046 } 3047 3048 /* 3049 * ext4_orphan_add() links an unlinked or truncated inode into a list of 3050 * such inodes, starting at the superblock, in case we crash before the 3051 * file is closed/deleted, or in case the inode truncate spans multiple 3052 * transactions and the last transaction is not recovered after a crash. 3053 * 3054 * At filesystem recovery time, we walk this list deleting unlinked 3055 * inodes and truncating linked inodes in ext4_orphan_cleanup(). 3056 * 3057 * Orphan list manipulation functions must be called under i_mutex unless 3058 * we are just creating the inode or deleting it. 3059 */ 3060 int ext4_orphan_add(handle_t *handle, struct inode *inode) 3061 { 3062 struct super_block *sb = inode->i_sb; 3063 struct ext4_sb_info *sbi = EXT4_SB(sb); 3064 struct ext4_iloc iloc; 3065 int err = 0, rc; 3066 bool dirty = false; 3067 3068 if (!sbi->s_journal || is_bad_inode(inode)) 3069 return 0; 3070 3071 WARN_ON_ONCE(!(inode->i_state & (I_NEW | I_FREEING)) && 3072 !inode_is_locked(inode)); 3073 /* 3074 * Exit early if inode already is on orphan list. This is a big speedup 3075 * since we don't have to contend on the global s_orphan_lock. 3076 */ 3077 if (!list_empty(&EXT4_I(inode)->i_orphan)) 3078 return 0; 3079 3080 /* 3081 * Orphan handling is only valid for files with data blocks 3082 * being truncated, or files being unlinked. Note that we either 3083 * hold i_mutex, or the inode can not be referenced from outside, 3084 * so i_nlink should not be bumped due to race 3085 */ 3086 ASSERT((S_ISREG(inode->i_mode) || S_ISDIR(inode->i_mode) || 3087 S_ISLNK(inode->i_mode)) || inode->i_nlink == 0); 3088 3089 BUFFER_TRACE(sbi->s_sbh, "get_write_access"); 3090 err = ext4_journal_get_write_access(handle, sbi->s_sbh); 3091 if (err) 3092 goto out; 3093 3094 err = ext4_reserve_inode_write(handle, inode, &iloc); 3095 if (err) 3096 goto out; 3097 3098 mutex_lock(&sbi->s_orphan_lock); 3099 /* 3100 * Due to previous errors inode may be already a part of on-disk 3101 * orphan list. If so skip on-disk list modification. 3102 */ 3103 if (!NEXT_ORPHAN(inode) || NEXT_ORPHAN(inode) > 3104 (le32_to_cpu(sbi->s_es->s_inodes_count))) { 3105 /* Insert this inode at the head of the on-disk orphan list */ 3106 NEXT_ORPHAN(inode) = le32_to_cpu(sbi->s_es->s_last_orphan); 3107 lock_buffer(sbi->s_sbh); 3108 sbi->s_es->s_last_orphan = cpu_to_le32(inode->i_ino); 3109 ext4_superblock_csum_set(sb); 3110 unlock_buffer(sbi->s_sbh); 3111 dirty = true; 3112 } 3113 list_add(&EXT4_I(inode)->i_orphan, &sbi->s_orphan); 3114 mutex_unlock(&sbi->s_orphan_lock); 3115 3116 if (dirty) { 3117 err = ext4_handle_dirty_metadata(handle, NULL, sbi->s_sbh); 3118 rc = ext4_mark_iloc_dirty(handle, inode, &iloc); 3119 if (!err) 3120 err = rc; 3121 if (err) { 3122 /* 3123 * We have to remove inode from in-memory list if 3124 * addition to on disk orphan list failed. Stray orphan 3125 * list entries can cause panics at unmount time. 3126 */ 3127 mutex_lock(&sbi->s_orphan_lock); 3128 list_del_init(&EXT4_I(inode)->i_orphan); 3129 mutex_unlock(&sbi->s_orphan_lock); 3130 } 3131 } else 3132 brelse(iloc.bh); 3133 3134 jbd_debug(4, "superblock will point to %lu\n", inode->i_ino); 3135 jbd_debug(4, "orphan inode %lu will point to %d\n", 3136 inode->i_ino, NEXT_ORPHAN(inode)); 3137 out: 3138 ext4_std_error(sb, err); 3139 return err; 3140 } 3141 3142 /* 3143 * ext4_orphan_del() removes an unlinked or truncated inode from the list 3144 * of such inodes stored on disk, because it is finally being cleaned up. 3145 */ 3146 int ext4_orphan_del(handle_t *handle, struct inode *inode) 3147 { 3148 struct list_head *prev; 3149 struct ext4_inode_info *ei = EXT4_I(inode); 3150 struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb); 3151 __u32 ino_next; 3152 struct ext4_iloc iloc; 3153 int err = 0; 3154 3155 if (!sbi->s_journal && !(sbi->s_mount_state & EXT4_ORPHAN_FS)) 3156 return 0; 3157 3158 WARN_ON_ONCE(!(inode->i_state & (I_NEW | I_FREEING)) && 3159 !inode_is_locked(inode)); 3160 /* Do this quick check before taking global s_orphan_lock. */ 3161 if (list_empty(&ei->i_orphan)) 3162 return 0; 3163 3164 if (handle) { 3165 /* Grab inode buffer early before taking global s_orphan_lock */ 3166 err = ext4_reserve_inode_write(handle, inode, &iloc); 3167 } 3168 3169 mutex_lock(&sbi->s_orphan_lock); 3170 jbd_debug(4, "remove inode %lu from orphan list\n", inode->i_ino); 3171 3172 prev = ei->i_orphan.prev; 3173 list_del_init(&ei->i_orphan); 3174 3175 /* If we're on an error path, we may not have a valid 3176 * transaction handle with which to update the orphan list on 3177 * disk, but we still need to remove the inode from the linked 3178 * list in memory. */ 3179 if (!handle || err) { 3180 mutex_unlock(&sbi->s_orphan_lock); 3181 goto out_err; 3182 } 3183 3184 ino_next = NEXT_ORPHAN(inode); 3185 if (prev == &sbi->s_orphan) { 3186 jbd_debug(4, "superblock will point to %u\n", ino_next); 3187 BUFFER_TRACE(sbi->s_sbh, "get_write_access"); 3188 err = ext4_journal_get_write_access(handle, sbi->s_sbh); 3189 if (err) { 3190 mutex_unlock(&sbi->s_orphan_lock); 3191 goto out_brelse; 3192 } 3193 lock_buffer(sbi->s_sbh); 3194 sbi->s_es->s_last_orphan = cpu_to_le32(ino_next); 3195 ext4_superblock_csum_set(inode->i_sb); 3196 unlock_buffer(sbi->s_sbh); 3197 mutex_unlock(&sbi->s_orphan_lock); 3198 err = ext4_handle_dirty_metadata(handle, NULL, sbi->s_sbh); 3199 } else { 3200 struct ext4_iloc iloc2; 3201 struct inode *i_prev = 3202 &list_entry(prev, struct ext4_inode_info, i_orphan)->vfs_inode; 3203 3204 jbd_debug(4, "orphan inode %lu will point to %u\n", 3205 i_prev->i_ino, ino_next); 3206 err = ext4_reserve_inode_write(handle, i_prev, &iloc2); 3207 if (err) { 3208 mutex_unlock(&sbi->s_orphan_lock); 3209 goto out_brelse; 3210 } 3211 NEXT_ORPHAN(i_prev) = ino_next; 3212 err = ext4_mark_iloc_dirty(handle, i_prev, &iloc2); 3213 mutex_unlock(&sbi->s_orphan_lock); 3214 } 3215 if (err) 3216 goto out_brelse; 3217 NEXT_ORPHAN(inode) = 0; 3218 err = ext4_mark_iloc_dirty(handle, inode, &iloc); 3219 out_err: 3220 ext4_std_error(inode->i_sb, err); 3221 return err; 3222 3223 out_brelse: 3224 brelse(iloc.bh); 3225 goto out_err; 3226 } 3227 3228 static int ext4_rmdir(struct inode *dir, struct dentry *dentry) 3229 { 3230 int retval; 3231 struct inode *inode; 3232 struct buffer_head *bh; 3233 struct ext4_dir_entry_2 *de; 3234 handle_t *handle = NULL; 3235 3236 if (unlikely(ext4_forced_shutdown(EXT4_SB(dir->i_sb)))) 3237 return -EIO; 3238 3239 /* Initialize quotas before so that eventual writes go in 3240 * separate transaction */ 3241 retval = dquot_initialize(dir); 3242 if (retval) 3243 return retval; 3244 retval = dquot_initialize(d_inode(dentry)); 3245 if (retval) 3246 return retval; 3247 3248 retval = -ENOENT; 3249 bh = ext4_find_entry(dir, &dentry->d_name, &de, NULL); 3250 if (IS_ERR(bh)) 3251 return PTR_ERR(bh); 3252 if (!bh) 3253 goto end_rmdir; 3254 3255 inode = d_inode(dentry); 3256 3257 retval = -EFSCORRUPTED; 3258 if (le32_to_cpu(de->inode) != inode->i_ino) 3259 goto end_rmdir; 3260 3261 retval = -ENOTEMPTY; 3262 if (!ext4_empty_dir(inode)) 3263 goto end_rmdir; 3264 3265 handle = ext4_journal_start(dir, EXT4_HT_DIR, 3266 EXT4_DATA_TRANS_BLOCKS(dir->i_sb)); 3267 if (IS_ERR(handle)) { 3268 retval = PTR_ERR(handle); 3269 handle = NULL; 3270 goto end_rmdir; 3271 } 3272 3273 if (IS_DIRSYNC(dir)) 3274 ext4_handle_sync(handle); 3275 3276 retval = ext4_delete_entry(handle, dir, de, bh); 3277 if (retval) 3278 goto end_rmdir; 3279 if (!EXT4_DIR_LINK_EMPTY(inode)) 3280 ext4_warning_inode(inode, 3281 "empty directory '%.*s' has too many links (%u)", 3282 dentry->d_name.len, dentry->d_name.name, 3283 inode->i_nlink); 3284 inode_inc_iversion(inode); 3285 clear_nlink(inode); 3286 /* There's no need to set i_disksize: the fact that i_nlink is 3287 * zero will ensure that the right thing happens during any 3288 * recovery. */ 3289 inode->i_size = 0; 3290 ext4_orphan_add(handle, inode); 3291 inode->i_ctime = dir->i_ctime = dir->i_mtime = current_time(inode); 3292 retval = ext4_mark_inode_dirty(handle, inode); 3293 if (retval) 3294 goto end_rmdir; 3295 ext4_dec_count(dir); 3296 ext4_update_dx_flag(dir); 3297 ext4_fc_track_unlink(handle, dentry); 3298 retval = ext4_mark_inode_dirty(handle, dir); 3299 3300 #ifdef CONFIG_UNICODE 3301 /* VFS negative dentries are incompatible with Encoding and 3302 * Case-insensitiveness. Eventually we'll want avoid 3303 * invalidating the dentries here, alongside with returning the 3304 * negative dentries at ext4_lookup(), when it is better 3305 * supported by the VFS for the CI case. 3306 */ 3307 if (IS_CASEFOLDED(dir)) 3308 d_invalidate(dentry); 3309 #endif 3310 3311 end_rmdir: 3312 brelse(bh); 3313 if (handle) 3314 ext4_journal_stop(handle); 3315 return retval; 3316 } 3317 3318 int __ext4_unlink(handle_t *handle, struct inode *dir, const struct qstr *d_name, 3319 struct inode *inode) 3320 { 3321 int retval = -ENOENT; 3322 struct buffer_head *bh; 3323 struct ext4_dir_entry_2 *de; 3324 int skip_remove_dentry = 0; 3325 3326 bh = ext4_find_entry(dir, d_name, &de, NULL); 3327 if (IS_ERR(bh)) 3328 return PTR_ERR(bh); 3329 3330 if (!bh) 3331 return -ENOENT; 3332 3333 if (le32_to_cpu(de->inode) != inode->i_ino) { 3334 /* 3335 * It's okay if we find dont find dentry which matches 3336 * the inode. That's because it might have gotten 3337 * renamed to a different inode number 3338 */ 3339 if (EXT4_SB(inode->i_sb)->s_mount_state & EXT4_FC_REPLAY) 3340 skip_remove_dentry = 1; 3341 else 3342 goto out; 3343 } 3344 3345 if (IS_DIRSYNC(dir)) 3346 ext4_handle_sync(handle); 3347 3348 if (!skip_remove_dentry) { 3349 retval = ext4_delete_entry(handle, dir, de, bh); 3350 if (retval) 3351 goto out; 3352 dir->i_ctime = dir->i_mtime = current_time(dir); 3353 ext4_update_dx_flag(dir); 3354 retval = ext4_mark_inode_dirty(handle, dir); 3355 if (retval) 3356 goto out; 3357 } else { 3358 retval = 0; 3359 } 3360 if (inode->i_nlink == 0) 3361 ext4_warning_inode(inode, "Deleting file '%.*s' with no links", 3362 d_name->len, d_name->name); 3363 else 3364 drop_nlink(inode); 3365 if (!inode->i_nlink) 3366 ext4_orphan_add(handle, inode); 3367 inode->i_ctime = current_time(inode); 3368 retval = ext4_mark_inode_dirty(handle, inode); 3369 3370 out: 3371 brelse(bh); 3372 return retval; 3373 } 3374 3375 static int ext4_unlink(struct inode *dir, struct dentry *dentry) 3376 { 3377 handle_t *handle; 3378 int retval; 3379 3380 if (unlikely(ext4_forced_shutdown(EXT4_SB(dir->i_sb)))) 3381 return -EIO; 3382 3383 trace_ext4_unlink_enter(dir, dentry); 3384 /* 3385 * Initialize quotas before so that eventual writes go 3386 * in separate transaction 3387 */ 3388 retval = dquot_initialize(dir); 3389 if (retval) 3390 goto out_trace; 3391 retval = dquot_initialize(d_inode(dentry)); 3392 if (retval) 3393 goto out_trace; 3394 3395 handle = ext4_journal_start(dir, EXT4_HT_DIR, 3396 EXT4_DATA_TRANS_BLOCKS(dir->i_sb)); 3397 if (IS_ERR(handle)) { 3398 retval = PTR_ERR(handle); 3399 goto out_trace; 3400 } 3401 3402 retval = __ext4_unlink(handle, dir, &dentry->d_name, d_inode(dentry)); 3403 if (!retval) 3404 ext4_fc_track_unlink(handle, dentry); 3405 #ifdef CONFIG_UNICODE 3406 /* VFS negative dentries are incompatible with Encoding and 3407 * Case-insensitiveness. Eventually we'll want avoid 3408 * invalidating the dentries here, alongside with returning the 3409 * negative dentries at ext4_lookup(), when it is better 3410 * supported by the VFS for the CI case. 3411 */ 3412 if (IS_CASEFOLDED(dir)) 3413 d_invalidate(dentry); 3414 #endif 3415 if (handle) 3416 ext4_journal_stop(handle); 3417 3418 out_trace: 3419 trace_ext4_unlink_exit(dentry, retval); 3420 return retval; 3421 } 3422 3423 static int ext4_symlink(struct user_namespace *mnt_userns, struct inode *dir, 3424 struct dentry *dentry, const char *symname) 3425 { 3426 handle_t *handle; 3427 struct inode *inode; 3428 int err, len = strlen(symname); 3429 int credits; 3430 struct fscrypt_str disk_link; 3431 3432 if (unlikely(ext4_forced_shutdown(EXT4_SB(dir->i_sb)))) 3433 return -EIO; 3434 3435 err = fscrypt_prepare_symlink(dir, symname, len, dir->i_sb->s_blocksize, 3436 &disk_link); 3437 if (err) 3438 return err; 3439 3440 err = dquot_initialize(dir); 3441 if (err) 3442 return err; 3443 3444 if ((disk_link.len > EXT4_N_BLOCKS * 4)) { 3445 /* 3446 * For non-fast symlinks, we just allocate inode and put it on 3447 * orphan list in the first transaction => we need bitmap, 3448 * group descriptor, sb, inode block, quota blocks, and 3449 * possibly selinux xattr blocks. 3450 */ 3451 credits = 4 + EXT4_MAXQUOTAS_INIT_BLOCKS(dir->i_sb) + 3452 EXT4_XATTR_TRANS_BLOCKS; 3453 } else { 3454 /* 3455 * Fast symlink. We have to add entry to directory 3456 * (EXT4_DATA_TRANS_BLOCKS + EXT4_INDEX_EXTRA_TRANS_BLOCKS), 3457 * allocate new inode (bitmap, group descriptor, inode block, 3458 * quota blocks, sb is already counted in previous macros). 3459 */ 3460 credits = EXT4_DATA_TRANS_BLOCKS(dir->i_sb) + 3461 EXT4_INDEX_EXTRA_TRANS_BLOCKS + 3; 3462 } 3463 3464 inode = ext4_new_inode_start_handle(mnt_userns, dir, S_IFLNK|S_IRWXUGO, 3465 &dentry->d_name, 0, NULL, 3466 EXT4_HT_DIR, credits); 3467 handle = ext4_journal_current_handle(); 3468 if (IS_ERR(inode)) { 3469 if (handle) 3470 ext4_journal_stop(handle); 3471 return PTR_ERR(inode); 3472 } 3473 3474 if (IS_ENCRYPTED(inode)) { 3475 err = fscrypt_encrypt_symlink(inode, symname, len, &disk_link); 3476 if (err) 3477 goto err_drop_inode; 3478 inode->i_op = &ext4_encrypted_symlink_inode_operations; 3479 } 3480 3481 if ((disk_link.len > EXT4_N_BLOCKS * 4)) { 3482 if (!IS_ENCRYPTED(inode)) 3483 inode->i_op = &ext4_symlink_inode_operations; 3484 inode_nohighmem(inode); 3485 ext4_set_aops(inode); 3486 /* 3487 * We cannot call page_symlink() with transaction started 3488 * because it calls into ext4_write_begin() which can wait 3489 * for transaction commit if we are running out of space 3490 * and thus we deadlock. So we have to stop transaction now 3491 * and restart it when symlink contents is written. 3492 * 3493 * To keep fs consistent in case of crash, we have to put inode 3494 * to orphan list in the mean time. 3495 */ 3496 drop_nlink(inode); 3497 err = ext4_orphan_add(handle, inode); 3498 if (handle) 3499 ext4_journal_stop(handle); 3500 handle = NULL; 3501 if (err) 3502 goto err_drop_inode; 3503 err = __page_symlink(inode, disk_link.name, disk_link.len, 1); 3504 if (err) 3505 goto err_drop_inode; 3506 /* 3507 * Now inode is being linked into dir (EXT4_DATA_TRANS_BLOCKS 3508 * + EXT4_INDEX_EXTRA_TRANS_BLOCKS), inode is also modified 3509 */ 3510 handle = ext4_journal_start(dir, EXT4_HT_DIR, 3511 EXT4_DATA_TRANS_BLOCKS(dir->i_sb) + 3512 EXT4_INDEX_EXTRA_TRANS_BLOCKS + 1); 3513 if (IS_ERR(handle)) { 3514 err = PTR_ERR(handle); 3515 handle = NULL; 3516 goto err_drop_inode; 3517 } 3518 set_nlink(inode, 1); 3519 err = ext4_orphan_del(handle, inode); 3520 if (err) 3521 goto err_drop_inode; 3522 } else { 3523 /* clear the extent format for fast symlink */ 3524 ext4_clear_inode_flag(inode, EXT4_INODE_EXTENTS); 3525 if (!IS_ENCRYPTED(inode)) { 3526 inode->i_op = &ext4_fast_symlink_inode_operations; 3527 inode->i_link = (char *)&EXT4_I(inode)->i_data; 3528 } 3529 memcpy((char *)&EXT4_I(inode)->i_data, disk_link.name, 3530 disk_link.len); 3531 inode->i_size = disk_link.len - 1; 3532 } 3533 EXT4_I(inode)->i_disksize = inode->i_size; 3534 err = ext4_add_nondir(handle, dentry, &inode); 3535 if (handle) 3536 ext4_journal_stop(handle); 3537 if (inode) 3538 iput(inode); 3539 goto out_free_encrypted_link; 3540 3541 err_drop_inode: 3542 if (handle) 3543 ext4_journal_stop(handle); 3544 clear_nlink(inode); 3545 unlock_new_inode(inode); 3546 iput(inode); 3547 out_free_encrypted_link: 3548 if (disk_link.name != (unsigned char *)symname) 3549 kfree(disk_link.name); 3550 return err; 3551 } 3552 3553 int __ext4_link(struct inode *dir, struct inode *inode, struct dentry *dentry) 3554 { 3555 handle_t *handle; 3556 int err, retries = 0; 3557 retry: 3558 handle = ext4_journal_start(dir, EXT4_HT_DIR, 3559 (EXT4_DATA_TRANS_BLOCKS(dir->i_sb) + 3560 EXT4_INDEX_EXTRA_TRANS_BLOCKS) + 1); 3561 if (IS_ERR(handle)) 3562 return PTR_ERR(handle); 3563 3564 if (IS_DIRSYNC(dir)) 3565 ext4_handle_sync(handle); 3566 3567 inode->i_ctime = current_time(inode); 3568 ext4_inc_count(inode); 3569 ihold(inode); 3570 3571 err = ext4_add_entry(handle, dentry, inode); 3572 if (!err) { 3573 err = ext4_mark_inode_dirty(handle, inode); 3574 /* this can happen only for tmpfile being 3575 * linked the first time 3576 */ 3577 if (inode->i_nlink == 1) 3578 ext4_orphan_del(handle, inode); 3579 d_instantiate(dentry, inode); 3580 ext4_fc_track_link(handle, dentry); 3581 } else { 3582 drop_nlink(inode); 3583 iput(inode); 3584 } 3585 ext4_journal_stop(handle); 3586 if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) 3587 goto retry; 3588 return err; 3589 } 3590 3591 static int ext4_link(struct dentry *old_dentry, 3592 struct inode *dir, struct dentry *dentry) 3593 { 3594 struct inode *inode = d_inode(old_dentry); 3595 int err; 3596 3597 if (inode->i_nlink >= EXT4_LINK_MAX) 3598 return -EMLINK; 3599 3600 err = fscrypt_prepare_link(old_dentry, dir, dentry); 3601 if (err) 3602 return err; 3603 3604 if ((ext4_test_inode_flag(dir, EXT4_INODE_PROJINHERIT)) && 3605 (!projid_eq(EXT4_I(dir)->i_projid, 3606 EXT4_I(old_dentry->d_inode)->i_projid))) 3607 return -EXDEV; 3608 3609 err = dquot_initialize(dir); 3610 if (err) 3611 return err; 3612 return __ext4_link(dir, inode, dentry); 3613 } 3614 3615 /* 3616 * Try to find buffer head where contains the parent block. 3617 * It should be the inode block if it is inlined or the 1st block 3618 * if it is a normal dir. 3619 */ 3620 static struct buffer_head *ext4_get_first_dir_block(handle_t *handle, 3621 struct inode *inode, 3622 int *retval, 3623 struct ext4_dir_entry_2 **parent_de, 3624 int *inlined) 3625 { 3626 struct buffer_head *bh; 3627 3628 if (!ext4_has_inline_data(inode)) { 3629 /* The first directory block must not be a hole, so 3630 * treat it as DIRENT_HTREE 3631 */ 3632 bh = ext4_read_dirblock(inode, 0, DIRENT_HTREE); 3633 if (IS_ERR(bh)) { 3634 *retval = PTR_ERR(bh); 3635 return NULL; 3636 } 3637 *parent_de = ext4_next_entry( 3638 (struct ext4_dir_entry_2 *)bh->b_data, 3639 inode->i_sb->s_blocksize); 3640 return bh; 3641 } 3642 3643 *inlined = 1; 3644 return ext4_get_first_inline_block(inode, parent_de, retval); 3645 } 3646 3647 struct ext4_renament { 3648 struct inode *dir; 3649 struct dentry *dentry; 3650 struct inode *inode; 3651 bool is_dir; 3652 int dir_nlink_delta; 3653 3654 /* entry for "dentry" */ 3655 struct buffer_head *bh; 3656 struct ext4_dir_entry_2 *de; 3657 int inlined; 3658 3659 /* entry for ".." in inode if it's a directory */ 3660 struct buffer_head *dir_bh; 3661 struct ext4_dir_entry_2 *parent_de; 3662 int dir_inlined; 3663 }; 3664 3665 static int ext4_rename_dir_prepare(handle_t *handle, struct ext4_renament *ent) 3666 { 3667 int retval; 3668 3669 ent->dir_bh = ext4_get_first_dir_block(handle, ent->inode, 3670 &retval, &ent->parent_de, 3671 &ent->dir_inlined); 3672 if (!ent->dir_bh) 3673 return retval; 3674 if (le32_to_cpu(ent->parent_de->inode) != ent->dir->i_ino) 3675 return -EFSCORRUPTED; 3676 BUFFER_TRACE(ent->dir_bh, "get_write_access"); 3677 return ext4_journal_get_write_access(handle, ent->dir_bh); 3678 } 3679 3680 static int ext4_rename_dir_finish(handle_t *handle, struct ext4_renament *ent, 3681 unsigned dir_ino) 3682 { 3683 int retval; 3684 3685 ent->parent_de->inode = cpu_to_le32(dir_ino); 3686 BUFFER_TRACE(ent->dir_bh, "call ext4_handle_dirty_metadata"); 3687 if (!ent->dir_inlined) { 3688 if (is_dx(ent->inode)) { 3689 retval = ext4_handle_dirty_dx_node(handle, 3690 ent->inode, 3691 ent->dir_bh); 3692 } else { 3693 retval = ext4_handle_dirty_dirblock(handle, ent->inode, 3694 ent->dir_bh); 3695 } 3696 } else { 3697 retval = ext4_mark_inode_dirty(handle, ent->inode); 3698 } 3699 if (retval) { 3700 ext4_std_error(ent->dir->i_sb, retval); 3701 return retval; 3702 } 3703 return 0; 3704 } 3705 3706 static int ext4_setent(handle_t *handle, struct ext4_renament *ent, 3707 unsigned ino, unsigned file_type) 3708 { 3709 int retval, retval2; 3710 3711 BUFFER_TRACE(ent->bh, "get write access"); 3712 retval = ext4_journal_get_write_access(handle, ent->bh); 3713 if (retval) 3714 return retval; 3715 ent->de->inode = cpu_to_le32(ino); 3716 if (ext4_has_feature_filetype(ent->dir->i_sb)) 3717 ent->de->file_type = file_type; 3718 inode_inc_iversion(ent->dir); 3719 ent->dir->i_ctime = ent->dir->i_mtime = 3720 current_time(ent->dir); 3721 retval = ext4_mark_inode_dirty(handle, ent->dir); 3722 BUFFER_TRACE(ent->bh, "call ext4_handle_dirty_metadata"); 3723 if (!ent->inlined) { 3724 retval2 = ext4_handle_dirty_dirblock(handle, ent->dir, ent->bh); 3725 if (unlikely(retval2)) { 3726 ext4_std_error(ent->dir->i_sb, retval2); 3727 return retval2; 3728 } 3729 } 3730 return retval; 3731 } 3732 3733 static void ext4_resetent(handle_t *handle, struct ext4_renament *ent, 3734 unsigned ino, unsigned file_type) 3735 { 3736 struct ext4_renament old = *ent; 3737 int retval = 0; 3738 3739 /* 3740 * old->de could have moved from under us during make indexed dir, 3741 * so the old->de may no longer valid and need to find it again 3742 * before reset old inode info. 3743 */ 3744 old.bh = ext4_find_entry(old.dir, &old.dentry->d_name, &old.de, NULL); 3745 if (IS_ERR(old.bh)) 3746 retval = PTR_ERR(old.bh); 3747 if (!old.bh) 3748 retval = -ENOENT; 3749 if (retval) { 3750 ext4_std_error(old.dir->i_sb, retval); 3751 return; 3752 } 3753 3754 ext4_setent(handle, &old, ino, file_type); 3755 brelse(old.bh); 3756 } 3757 3758 static int ext4_find_delete_entry(handle_t *handle, struct inode *dir, 3759 const struct qstr *d_name) 3760 { 3761 int retval = -ENOENT; 3762 struct buffer_head *bh; 3763 struct ext4_dir_entry_2 *de; 3764 3765 bh = ext4_find_entry(dir, d_name, &de, NULL); 3766 if (IS_ERR(bh)) 3767 return PTR_ERR(bh); 3768 if (bh) { 3769 retval = ext4_delete_entry(handle, dir, de, bh); 3770 brelse(bh); 3771 } 3772 return retval; 3773 } 3774 3775 static void ext4_rename_delete(handle_t *handle, struct ext4_renament *ent, 3776 int force_reread) 3777 { 3778 int retval; 3779 /* 3780 * ent->de could have moved from under us during htree split, so make 3781 * sure that we are deleting the right entry. We might also be pointing 3782 * to a stale entry in the unused part of ent->bh so just checking inum 3783 * and the name isn't enough. 3784 */ 3785 if (le32_to_cpu(ent->de->inode) != ent->inode->i_ino || 3786 ent->de->name_len != ent->dentry->d_name.len || 3787 strncmp(ent->de->name, ent->dentry->d_name.name, 3788 ent->de->name_len) || 3789 force_reread) { 3790 retval = ext4_find_delete_entry(handle, ent->dir, 3791 &ent->dentry->d_name); 3792 } else { 3793 retval = ext4_delete_entry(handle, ent->dir, ent->de, ent->bh); 3794 if (retval == -ENOENT) { 3795 retval = ext4_find_delete_entry(handle, ent->dir, 3796 &ent->dentry->d_name); 3797 } 3798 } 3799 3800 if (retval) { 3801 ext4_warning_inode(ent->dir, 3802 "Deleting old file: nlink %d, error=%d", 3803 ent->dir->i_nlink, retval); 3804 } 3805 } 3806 3807 static void ext4_update_dir_count(handle_t *handle, struct ext4_renament *ent) 3808 { 3809 if (ent->dir_nlink_delta) { 3810 if (ent->dir_nlink_delta == -1) 3811 ext4_dec_count(ent->dir); 3812 else 3813 ext4_inc_count(ent->dir); 3814 ext4_mark_inode_dirty(handle, ent->dir); 3815 } 3816 } 3817 3818 static struct inode *ext4_whiteout_for_rename(struct user_namespace *mnt_userns, 3819 struct ext4_renament *ent, 3820 int credits, handle_t **h) 3821 { 3822 struct inode *wh; 3823 handle_t *handle; 3824 int retries = 0; 3825 3826 /* 3827 * for inode block, sb block, group summaries, 3828 * and inode bitmap 3829 */ 3830 credits += (EXT4_MAXQUOTAS_TRANS_BLOCKS(ent->dir->i_sb) + 3831 EXT4_XATTR_TRANS_BLOCKS + 4); 3832 retry: 3833 wh = ext4_new_inode_start_handle(mnt_userns, ent->dir, 3834 S_IFCHR | WHITEOUT_MODE, 3835 &ent->dentry->d_name, 0, NULL, 3836 EXT4_HT_DIR, credits); 3837 3838 handle = ext4_journal_current_handle(); 3839 if (IS_ERR(wh)) { 3840 if (handle) 3841 ext4_journal_stop(handle); 3842 if (PTR_ERR(wh) == -ENOSPC && 3843 ext4_should_retry_alloc(ent->dir->i_sb, &retries)) 3844 goto retry; 3845 } else { 3846 *h = handle; 3847 init_special_inode(wh, wh->i_mode, WHITEOUT_DEV); 3848 wh->i_op = &ext4_special_inode_operations; 3849 } 3850 return wh; 3851 } 3852 3853 /* 3854 * Anybody can rename anything with this: the permission checks are left to the 3855 * higher-level routines. 3856 * 3857 * n.b. old_{dentry,inode) refers to the source dentry/inode 3858 * while new_{dentry,inode) refers to the destination dentry/inode 3859 * This comes from rename(const char *oldpath, const char *newpath) 3860 */ 3861 static int ext4_rename(struct user_namespace *mnt_userns, struct inode *old_dir, 3862 struct dentry *old_dentry, struct inode *new_dir, 3863 struct dentry *new_dentry, unsigned int flags) 3864 { 3865 handle_t *handle = NULL; 3866 struct ext4_renament old = { 3867 .dir = old_dir, 3868 .dentry = old_dentry, 3869 .inode = d_inode(old_dentry), 3870 }; 3871 struct ext4_renament new = { 3872 .dir = new_dir, 3873 .dentry = new_dentry, 3874 .inode = d_inode(new_dentry), 3875 }; 3876 int force_reread; 3877 int retval; 3878 struct inode *whiteout = NULL; 3879 int credits; 3880 u8 old_file_type; 3881 3882 if (new.inode && new.inode->i_nlink == 0) { 3883 EXT4_ERROR_INODE(new.inode, 3884 "target of rename is already freed"); 3885 return -EFSCORRUPTED; 3886 } 3887 3888 if ((ext4_test_inode_flag(new_dir, EXT4_INODE_PROJINHERIT)) && 3889 (!projid_eq(EXT4_I(new_dir)->i_projid, 3890 EXT4_I(old_dentry->d_inode)->i_projid))) 3891 return -EXDEV; 3892 3893 retval = dquot_initialize(old.dir); 3894 if (retval) 3895 return retval; 3896 retval = dquot_initialize(new.dir); 3897 if (retval) 3898 return retval; 3899 3900 /* Initialize quotas before so that eventual writes go 3901 * in separate transaction */ 3902 if (new.inode) { 3903 retval = dquot_initialize(new.inode); 3904 if (retval) 3905 return retval; 3906 } 3907 3908 old.bh = ext4_find_entry(old.dir, &old.dentry->d_name, &old.de, NULL); 3909 if (IS_ERR(old.bh)) 3910 return PTR_ERR(old.bh); 3911 /* 3912 * Check for inode number is _not_ due to possible IO errors. 3913 * We might rmdir the source, keep it as pwd of some process 3914 * and merrily kill the link to whatever was created under the 3915 * same name. Goodbye sticky bit ;-< 3916 */ 3917 retval = -ENOENT; 3918 if (!old.bh || le32_to_cpu(old.de->inode) != old.inode->i_ino) 3919 goto release_bh; 3920 3921 new.bh = ext4_find_entry(new.dir, &new.dentry->d_name, 3922 &new.de, &new.inlined); 3923 if (IS_ERR(new.bh)) { 3924 retval = PTR_ERR(new.bh); 3925 new.bh = NULL; 3926 goto release_bh; 3927 } 3928 if (new.bh) { 3929 if (!new.inode) { 3930 brelse(new.bh); 3931 new.bh = NULL; 3932 } 3933 } 3934 if (new.inode && !test_opt(new.dir->i_sb, NO_AUTO_DA_ALLOC)) 3935 ext4_alloc_da_blocks(old.inode); 3936 3937 credits = (2 * EXT4_DATA_TRANS_BLOCKS(old.dir->i_sb) + 3938 EXT4_INDEX_EXTRA_TRANS_BLOCKS + 2); 3939 if (!(flags & RENAME_WHITEOUT)) { 3940 handle = ext4_journal_start(old.dir, EXT4_HT_DIR, credits); 3941 if (IS_ERR(handle)) { 3942 retval = PTR_ERR(handle); 3943 goto release_bh; 3944 } 3945 } else { 3946 whiteout = ext4_whiteout_for_rename(mnt_userns, &old, credits, &handle); 3947 if (IS_ERR(whiteout)) { 3948 retval = PTR_ERR(whiteout); 3949 goto release_bh; 3950 } 3951 } 3952 3953 old_file_type = old.de->file_type; 3954 if (IS_DIRSYNC(old.dir) || IS_DIRSYNC(new.dir)) 3955 ext4_handle_sync(handle); 3956 3957 if (S_ISDIR(old.inode->i_mode)) { 3958 if (new.inode) { 3959 retval = -ENOTEMPTY; 3960 if (!ext4_empty_dir(new.inode)) 3961 goto end_rename; 3962 } else { 3963 retval = -EMLINK; 3964 if (new.dir != old.dir && EXT4_DIR_LINK_MAX(new.dir)) 3965 goto end_rename; 3966 } 3967 retval = ext4_rename_dir_prepare(handle, &old); 3968 if (retval) 3969 goto end_rename; 3970 } 3971 /* 3972 * If we're renaming a file within an inline_data dir and adding or 3973 * setting the new dirent causes a conversion from inline_data to 3974 * extents/blockmap, we need to force the dirent delete code to 3975 * re-read the directory, or else we end up trying to delete a dirent 3976 * from what is now the extent tree root (or a block map). 3977 */ 3978 force_reread = (new.dir->i_ino == old.dir->i_ino && 3979 ext4_test_inode_flag(new.dir, EXT4_INODE_INLINE_DATA)); 3980 3981 if (whiteout) { 3982 /* 3983 * Do this before adding a new entry, so the old entry is sure 3984 * to be still pointing to the valid old entry. 3985 */ 3986 retval = ext4_setent(handle, &old, whiteout->i_ino, 3987 EXT4_FT_CHRDEV); 3988 if (retval) 3989 goto end_rename; 3990 retval = ext4_mark_inode_dirty(handle, whiteout); 3991 if (unlikely(retval)) 3992 goto end_rename; 3993 3994 } 3995 if (!new.bh) { 3996 retval = ext4_add_entry(handle, new.dentry, old.inode); 3997 if (retval) 3998 goto end_rename; 3999 } else { 4000 retval = ext4_setent(handle, &new, 4001 old.inode->i_ino, old_file_type); 4002 if (retval) 4003 goto end_rename; 4004 } 4005 if (force_reread) 4006 force_reread = !ext4_test_inode_flag(new.dir, 4007 EXT4_INODE_INLINE_DATA); 4008 4009 /* 4010 * Like most other Unix systems, set the ctime for inodes on a 4011 * rename. 4012 */ 4013 old.inode->i_ctime = current_time(old.inode); 4014 retval = ext4_mark_inode_dirty(handle, old.inode); 4015 if (unlikely(retval)) 4016 goto end_rename; 4017 4018 if (!whiteout) { 4019 /* 4020 * ok, that's it 4021 */ 4022 ext4_rename_delete(handle, &old, force_reread); 4023 } 4024 4025 if (new.inode) { 4026 ext4_dec_count(new.inode); 4027 new.inode->i_ctime = current_time(new.inode); 4028 } 4029 old.dir->i_ctime = old.dir->i_mtime = current_time(old.dir); 4030 ext4_update_dx_flag(old.dir); 4031 if (old.dir_bh) { 4032 retval = ext4_rename_dir_finish(handle, &old, new.dir->i_ino); 4033 if (retval) 4034 goto end_rename; 4035 4036 ext4_dec_count(old.dir); 4037 if (new.inode) { 4038 /* checked ext4_empty_dir above, can't have another 4039 * parent, ext4_dec_count() won't work for many-linked 4040 * dirs */ 4041 clear_nlink(new.inode); 4042 } else { 4043 ext4_inc_count(new.dir); 4044 ext4_update_dx_flag(new.dir); 4045 retval = ext4_mark_inode_dirty(handle, new.dir); 4046 if (unlikely(retval)) 4047 goto end_rename; 4048 } 4049 } 4050 retval = ext4_mark_inode_dirty(handle, old.dir); 4051 if (unlikely(retval)) 4052 goto end_rename; 4053 4054 if (S_ISDIR(old.inode->i_mode)) { 4055 /* 4056 * We disable fast commits here that's because the 4057 * replay code is not yet capable of changing dot dot 4058 * dirents in directories. 4059 */ 4060 ext4_fc_mark_ineligible(old.inode->i_sb, 4061 EXT4_FC_REASON_RENAME_DIR); 4062 } else { 4063 if (new.inode) 4064 ext4_fc_track_unlink(handle, new.dentry); 4065 __ext4_fc_track_link(handle, old.inode, new.dentry); 4066 __ext4_fc_track_unlink(handle, old.inode, old.dentry); 4067 if (whiteout) 4068 __ext4_fc_track_create(handle, whiteout, old.dentry); 4069 } 4070 4071 if (new.inode) { 4072 retval = ext4_mark_inode_dirty(handle, new.inode); 4073 if (unlikely(retval)) 4074 goto end_rename; 4075 if (!new.inode->i_nlink) 4076 ext4_orphan_add(handle, new.inode); 4077 } 4078 retval = 0; 4079 4080 end_rename: 4081 if (whiteout) { 4082 if (retval) { 4083 ext4_resetent(handle, &old, 4084 old.inode->i_ino, old_file_type); 4085 drop_nlink(whiteout); 4086 ext4_orphan_add(handle, whiteout); 4087 } 4088 unlock_new_inode(whiteout); 4089 ext4_journal_stop(handle); 4090 iput(whiteout); 4091 } else { 4092 ext4_journal_stop(handle); 4093 } 4094 release_bh: 4095 brelse(old.dir_bh); 4096 brelse(old.bh); 4097 brelse(new.bh); 4098 return retval; 4099 } 4100 4101 static int ext4_cross_rename(struct inode *old_dir, struct dentry *old_dentry, 4102 struct inode *new_dir, struct dentry *new_dentry) 4103 { 4104 handle_t *handle = NULL; 4105 struct ext4_renament old = { 4106 .dir = old_dir, 4107 .dentry = old_dentry, 4108 .inode = d_inode(old_dentry), 4109 }; 4110 struct ext4_renament new = { 4111 .dir = new_dir, 4112 .dentry = new_dentry, 4113 .inode = d_inode(new_dentry), 4114 }; 4115 u8 new_file_type; 4116 int retval; 4117 struct timespec64 ctime; 4118 4119 if ((ext4_test_inode_flag(new_dir, EXT4_INODE_PROJINHERIT) && 4120 !projid_eq(EXT4_I(new_dir)->i_projid, 4121 EXT4_I(old_dentry->d_inode)->i_projid)) || 4122 (ext4_test_inode_flag(old_dir, EXT4_INODE_PROJINHERIT) && 4123 !projid_eq(EXT4_I(old_dir)->i_projid, 4124 EXT4_I(new_dentry->d_inode)->i_projid))) 4125 return -EXDEV; 4126 4127 retval = dquot_initialize(old.dir); 4128 if (retval) 4129 return retval; 4130 retval = dquot_initialize(new.dir); 4131 if (retval) 4132 return retval; 4133 4134 old.bh = ext4_find_entry(old.dir, &old.dentry->d_name, 4135 &old.de, &old.inlined); 4136 if (IS_ERR(old.bh)) 4137 return PTR_ERR(old.bh); 4138 /* 4139 * Check for inode number is _not_ due to possible IO errors. 4140 * We might rmdir the source, keep it as pwd of some process 4141 * and merrily kill the link to whatever was created under the 4142 * same name. Goodbye sticky bit ;-< 4143 */ 4144 retval = -ENOENT; 4145 if (!old.bh || le32_to_cpu(old.de->inode) != old.inode->i_ino) 4146 goto end_rename; 4147 4148 new.bh = ext4_find_entry(new.dir, &new.dentry->d_name, 4149 &new.de, &new.inlined); 4150 if (IS_ERR(new.bh)) { 4151 retval = PTR_ERR(new.bh); 4152 new.bh = NULL; 4153 goto end_rename; 4154 } 4155 4156 /* RENAME_EXCHANGE case: old *and* new must both exist */ 4157 if (!new.bh || le32_to_cpu(new.de->inode) != new.inode->i_ino) 4158 goto end_rename; 4159 4160 handle = ext4_journal_start(old.dir, EXT4_HT_DIR, 4161 (2 * EXT4_DATA_TRANS_BLOCKS(old.dir->i_sb) + 4162 2 * EXT4_INDEX_EXTRA_TRANS_BLOCKS + 2)); 4163 if (IS_ERR(handle)) { 4164 retval = PTR_ERR(handle); 4165 handle = NULL; 4166 goto end_rename; 4167 } 4168 4169 if (IS_DIRSYNC(old.dir) || IS_DIRSYNC(new.dir)) 4170 ext4_handle_sync(handle); 4171 4172 if (S_ISDIR(old.inode->i_mode)) { 4173 old.is_dir = true; 4174 retval = ext4_rename_dir_prepare(handle, &old); 4175 if (retval) 4176 goto end_rename; 4177 } 4178 if (S_ISDIR(new.inode->i_mode)) { 4179 new.is_dir = true; 4180 retval = ext4_rename_dir_prepare(handle, &new); 4181 if (retval) 4182 goto end_rename; 4183 } 4184 4185 /* 4186 * Other than the special case of overwriting a directory, parents' 4187 * nlink only needs to be modified if this is a cross directory rename. 4188 */ 4189 if (old.dir != new.dir && old.is_dir != new.is_dir) { 4190 old.dir_nlink_delta = old.is_dir ? -1 : 1; 4191 new.dir_nlink_delta = -old.dir_nlink_delta; 4192 retval = -EMLINK; 4193 if ((old.dir_nlink_delta > 0 && EXT4_DIR_LINK_MAX(old.dir)) || 4194 (new.dir_nlink_delta > 0 && EXT4_DIR_LINK_MAX(new.dir))) 4195 goto end_rename; 4196 } 4197 4198 new_file_type = new.de->file_type; 4199 retval = ext4_setent(handle, &new, old.inode->i_ino, old.de->file_type); 4200 if (retval) 4201 goto end_rename; 4202 4203 retval = ext4_setent(handle, &old, new.inode->i_ino, new_file_type); 4204 if (retval) 4205 goto end_rename; 4206 4207 /* 4208 * Like most other Unix systems, set the ctime for inodes on a 4209 * rename. 4210 */ 4211 ctime = current_time(old.inode); 4212 old.inode->i_ctime = ctime; 4213 new.inode->i_ctime = ctime; 4214 retval = ext4_mark_inode_dirty(handle, old.inode); 4215 if (unlikely(retval)) 4216 goto end_rename; 4217 retval = ext4_mark_inode_dirty(handle, new.inode); 4218 if (unlikely(retval)) 4219 goto end_rename; 4220 ext4_fc_mark_ineligible(new.inode->i_sb, 4221 EXT4_FC_REASON_CROSS_RENAME); 4222 if (old.dir_bh) { 4223 retval = ext4_rename_dir_finish(handle, &old, new.dir->i_ino); 4224 if (retval) 4225 goto end_rename; 4226 } 4227 if (new.dir_bh) { 4228 retval = ext4_rename_dir_finish(handle, &new, old.dir->i_ino); 4229 if (retval) 4230 goto end_rename; 4231 } 4232 ext4_update_dir_count(handle, &old); 4233 ext4_update_dir_count(handle, &new); 4234 retval = 0; 4235 4236 end_rename: 4237 brelse(old.dir_bh); 4238 brelse(new.dir_bh); 4239 brelse(old.bh); 4240 brelse(new.bh); 4241 if (handle) 4242 ext4_journal_stop(handle); 4243 return retval; 4244 } 4245 4246 static int ext4_rename2(struct user_namespace *mnt_userns, 4247 struct inode *old_dir, struct dentry *old_dentry, 4248 struct inode *new_dir, struct dentry *new_dentry, 4249 unsigned int flags) 4250 { 4251 int err; 4252 4253 if (unlikely(ext4_forced_shutdown(EXT4_SB(old_dir->i_sb)))) 4254 return -EIO; 4255 4256 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT)) 4257 return -EINVAL; 4258 4259 err = fscrypt_prepare_rename(old_dir, old_dentry, new_dir, new_dentry, 4260 flags); 4261 if (err) 4262 return err; 4263 4264 if (flags & RENAME_EXCHANGE) { 4265 return ext4_cross_rename(old_dir, old_dentry, 4266 new_dir, new_dentry); 4267 } 4268 4269 return ext4_rename(mnt_userns, old_dir, old_dentry, new_dir, new_dentry, flags); 4270 } 4271 4272 /* 4273 * directories can handle most operations... 4274 */ 4275 const struct inode_operations ext4_dir_inode_operations = { 4276 .create = ext4_create, 4277 .lookup = ext4_lookup, 4278 .link = ext4_link, 4279 .unlink = ext4_unlink, 4280 .symlink = ext4_symlink, 4281 .mkdir = ext4_mkdir, 4282 .rmdir = ext4_rmdir, 4283 .mknod = ext4_mknod, 4284 .tmpfile = ext4_tmpfile, 4285 .rename = ext4_rename2, 4286 .setattr = ext4_setattr, 4287 .getattr = ext4_getattr, 4288 .listxattr = ext4_listxattr, 4289 .get_acl = ext4_get_acl, 4290 .set_acl = ext4_set_acl, 4291 .fiemap = ext4_fiemap, 4292 .fileattr_get = ext4_fileattr_get, 4293 .fileattr_set = ext4_fileattr_set, 4294 }; 4295 4296 const struct inode_operations ext4_special_inode_operations = { 4297 .setattr = ext4_setattr, 4298 .getattr = ext4_getattr, 4299 .listxattr = ext4_listxattr, 4300 .get_acl = ext4_get_acl, 4301 .set_acl = ext4_set_acl, 4302 }; 4303