11da177e4SLinus Torvalds /* 21da177e4SLinus Torvalds * linux/fs/namei.c 31da177e4SLinus Torvalds * 41da177e4SLinus Torvalds * Copyright (C) 1991, 1992 Linus Torvalds 51da177e4SLinus Torvalds */ 61da177e4SLinus Torvalds 71da177e4SLinus Torvalds /* 81da177e4SLinus Torvalds * Some corrections by tytso. 91da177e4SLinus Torvalds */ 101da177e4SLinus Torvalds 111da177e4SLinus Torvalds /* [Feb 1997 T. Schoebel-Theuer] Complete rewrite of the pathname 121da177e4SLinus Torvalds * lookup logic. 131da177e4SLinus Torvalds */ 141da177e4SLinus Torvalds /* [Feb-Apr 2000, AV] Rewrite to the new namespace architecture. 151da177e4SLinus Torvalds */ 161da177e4SLinus Torvalds 171da177e4SLinus Torvalds #include <linux/init.h> 181da177e4SLinus Torvalds #include <linux/module.h> 191da177e4SLinus Torvalds #include <linux/slab.h> 201da177e4SLinus Torvalds #include <linux/fs.h> 211da177e4SLinus Torvalds #include <linux/namei.h> 221da177e4SLinus Torvalds #include <linux/pagemap.h> 230eeca283SRobert Love #include <linux/fsnotify.h> 241da177e4SLinus Torvalds #include <linux/personality.h> 251da177e4SLinus Torvalds #include <linux/security.h> 266146f0d5SMimi Zohar #include <linux/ima.h> 271da177e4SLinus Torvalds #include <linux/syscalls.h> 281da177e4SLinus Torvalds #include <linux/mount.h> 291da177e4SLinus Torvalds #include <linux/audit.h> 3016f7e0feSRandy Dunlap #include <linux/capability.h> 31834f2a4aSTrond Myklebust #include <linux/file.h> 325590ff0dSUlrich Drepper #include <linux/fcntl.h> 3308ce5f16SSerge E. Hallyn #include <linux/device_cgroup.h> 345ad4e53bSAl Viro #include <linux/fs_struct.h> 351da177e4SLinus Torvalds #include <asm/uaccess.h> 361da177e4SLinus Torvalds 37e81e3f4dSEric Paris #include "internal.h" 38e81e3f4dSEric Paris 391da177e4SLinus Torvalds /* [Feb-1997 T. Schoebel-Theuer] 401da177e4SLinus Torvalds * Fundamental changes in the pathname lookup mechanisms (namei) 411da177e4SLinus Torvalds * were necessary because of omirr. The reason is that omirr needs 421da177e4SLinus Torvalds * to know the _real_ pathname, not the user-supplied one, in case 431da177e4SLinus Torvalds * of symlinks (and also when transname replacements occur). 441da177e4SLinus Torvalds * 451da177e4SLinus Torvalds * The new code replaces the old recursive symlink resolution with 461da177e4SLinus Torvalds * an iterative one (in case of non-nested symlink chains). It does 471da177e4SLinus Torvalds * this with calls to <fs>_follow_link(). 481da177e4SLinus Torvalds * As a side effect, dir_namei(), _namei() and follow_link() are now 491da177e4SLinus Torvalds * replaced with a single function lookup_dentry() that can handle all 501da177e4SLinus Torvalds * the special cases of the former code. 511da177e4SLinus Torvalds * 521da177e4SLinus Torvalds * With the new dcache, the pathname is stored at each inode, at least as 531da177e4SLinus Torvalds * long as the refcount of the inode is positive. As a side effect, the 541da177e4SLinus Torvalds * size of the dcache depends on the inode cache and thus is dynamic. 551da177e4SLinus Torvalds * 561da177e4SLinus Torvalds * [29-Apr-1998 C. Scott Ananian] Updated above description of symlink 571da177e4SLinus Torvalds * resolution to correspond with current state of the code. 581da177e4SLinus Torvalds * 591da177e4SLinus Torvalds * Note that the symlink resolution is not *completely* iterative. 601da177e4SLinus Torvalds * There is still a significant amount of tail- and mid- recursion in 611da177e4SLinus Torvalds * the algorithm. Also, note that <fs>_readlink() is not used in 621da177e4SLinus Torvalds * lookup_dentry(): lookup_dentry() on the result of <fs>_readlink() 631da177e4SLinus Torvalds * may return different results than <fs>_follow_link(). Many virtual 641da177e4SLinus Torvalds * filesystems (including /proc) exhibit this behavior. 651da177e4SLinus Torvalds */ 661da177e4SLinus Torvalds 671da177e4SLinus Torvalds /* [24-Feb-97 T. Schoebel-Theuer] Side effects caused by new implementation: 681da177e4SLinus Torvalds * New symlink semantics: when open() is called with flags O_CREAT | O_EXCL 691da177e4SLinus Torvalds * and the name already exists in form of a symlink, try to create the new 701da177e4SLinus Torvalds * name indicated by the symlink. The old code always complained that the 711da177e4SLinus Torvalds * name already exists, due to not following the symlink even if its target 721da177e4SLinus Torvalds * is nonexistent. The new semantics affects also mknod() and link() when 731da177e4SLinus Torvalds * the name is a symlink pointing to a non-existant name. 741da177e4SLinus Torvalds * 751da177e4SLinus Torvalds * I don't know which semantics is the right one, since I have no access 761da177e4SLinus Torvalds * to standards. But I found by trial that HP-UX 9.0 has the full "new" 771da177e4SLinus Torvalds * semantics implemented, while SunOS 4.1.1 and Solaris (SunOS 5.4) have the 781da177e4SLinus Torvalds * "old" one. Personally, I think the new semantics is much more logical. 791da177e4SLinus Torvalds * Note that "ln old new" where "new" is a symlink pointing to a non-existing 801da177e4SLinus Torvalds * file does succeed in both HP-UX and SunOs, but not in Solaris 811da177e4SLinus Torvalds * and in the old Linux semantics. 821da177e4SLinus Torvalds */ 831da177e4SLinus Torvalds 841da177e4SLinus Torvalds /* [16-Dec-97 Kevin Buhr] For security reasons, we change some symlink 851da177e4SLinus Torvalds * semantics. See the comments in "open_namei" and "do_link" below. 861da177e4SLinus Torvalds * 871da177e4SLinus Torvalds * [10-Sep-98 Alan Modra] Another symlink change. 881da177e4SLinus Torvalds */ 891da177e4SLinus Torvalds 901da177e4SLinus Torvalds /* [Feb-Apr 2000 AV] Complete rewrite. Rules for symlinks: 911da177e4SLinus Torvalds * inside the path - always follow. 921da177e4SLinus Torvalds * in the last component in creation/removal/renaming - never follow. 931da177e4SLinus Torvalds * if LOOKUP_FOLLOW passed - follow. 941da177e4SLinus Torvalds * if the pathname has trailing slashes - follow. 951da177e4SLinus Torvalds * otherwise - don't follow. 961da177e4SLinus Torvalds * (applied in that order). 971da177e4SLinus Torvalds * 981da177e4SLinus Torvalds * [Jun 2000 AV] Inconsistent behaviour of open() in case if flags==O_CREAT 991da177e4SLinus Torvalds * restored for 2.4. This is the last surviving part of old 4.2BSD bug. 1001da177e4SLinus Torvalds * During the 2.4 we need to fix the userland stuff depending on it - 1011da177e4SLinus Torvalds * hopefully we will be able to get rid of that wart in 2.5. So far only 1021da177e4SLinus Torvalds * XEmacs seems to be relying on it... 1031da177e4SLinus Torvalds */ 1041da177e4SLinus Torvalds /* 1051da177e4SLinus Torvalds * [Sep 2001 AV] Single-semaphore locking scheme (kudos to David Holland) 106a11f3a05SArjan van de Ven * implemented. Let's see if raised priority of ->s_vfs_rename_mutex gives 1071da177e4SLinus Torvalds * any extra contention... 1081da177e4SLinus Torvalds */ 1091da177e4SLinus Torvalds 1101da177e4SLinus Torvalds /* In order to reduce some races, while at the same time doing additional 1111da177e4SLinus Torvalds * checking and hopefully speeding things up, we copy filenames to the 1121da177e4SLinus Torvalds * kernel data space before using them.. 1131da177e4SLinus Torvalds * 1141da177e4SLinus Torvalds * POSIX.1 2.4: an empty pathname is invalid (ENOENT). 1151da177e4SLinus Torvalds * PATH_MAX includes the nul terminator --RR. 1161da177e4SLinus Torvalds */ 117858119e1SArjan van de Ven static int do_getname(const char __user *filename, char *page) 1181da177e4SLinus Torvalds { 1191da177e4SLinus Torvalds int retval; 1201da177e4SLinus Torvalds unsigned long len = PATH_MAX; 1211da177e4SLinus Torvalds 1221da177e4SLinus Torvalds if (!segment_eq(get_fs(), KERNEL_DS)) { 1231da177e4SLinus Torvalds if ((unsigned long) filename >= TASK_SIZE) 1241da177e4SLinus Torvalds return -EFAULT; 1251da177e4SLinus Torvalds if (TASK_SIZE - (unsigned long) filename < PATH_MAX) 1261da177e4SLinus Torvalds len = TASK_SIZE - (unsigned long) filename; 1271da177e4SLinus Torvalds } 1281da177e4SLinus Torvalds 1291da177e4SLinus Torvalds retval = strncpy_from_user(page, filename, len); 1301da177e4SLinus Torvalds if (retval > 0) { 1311da177e4SLinus Torvalds if (retval < len) 1321da177e4SLinus Torvalds return 0; 1331da177e4SLinus Torvalds return -ENAMETOOLONG; 1341da177e4SLinus Torvalds } else if (!retval) 1351da177e4SLinus Torvalds retval = -ENOENT; 1361da177e4SLinus Torvalds return retval; 1371da177e4SLinus Torvalds } 1381da177e4SLinus Torvalds 1391da177e4SLinus Torvalds char * getname(const char __user * filename) 1401da177e4SLinus Torvalds { 1411da177e4SLinus Torvalds char *tmp, *result; 1421da177e4SLinus Torvalds 1431da177e4SLinus Torvalds result = ERR_PTR(-ENOMEM); 1441da177e4SLinus Torvalds tmp = __getname(); 1451da177e4SLinus Torvalds if (tmp) { 1461da177e4SLinus Torvalds int retval = do_getname(filename, tmp); 1471da177e4SLinus Torvalds 1481da177e4SLinus Torvalds result = tmp; 1491da177e4SLinus Torvalds if (retval < 0) { 1501da177e4SLinus Torvalds __putname(tmp); 1511da177e4SLinus Torvalds result = ERR_PTR(retval); 1521da177e4SLinus Torvalds } 1531da177e4SLinus Torvalds } 1541da177e4SLinus Torvalds audit_getname(result); 1551da177e4SLinus Torvalds return result; 1561da177e4SLinus Torvalds } 1571da177e4SLinus Torvalds 1581da177e4SLinus Torvalds #ifdef CONFIG_AUDITSYSCALL 1591da177e4SLinus Torvalds void putname(const char *name) 1601da177e4SLinus Torvalds { 1615ac3a9c2SAl Viro if (unlikely(!audit_dummy_context())) 1621da177e4SLinus Torvalds audit_putname(name); 1631da177e4SLinus Torvalds else 1641da177e4SLinus Torvalds __putname(name); 1651da177e4SLinus Torvalds } 1661da177e4SLinus Torvalds EXPORT_SYMBOL(putname); 1671da177e4SLinus Torvalds #endif 1681da177e4SLinus Torvalds 1695909ccaaSLinus Torvalds /* 1705909ccaaSLinus Torvalds * This does basic POSIX ACL permission checking 1715909ccaaSLinus Torvalds */ 172b74c79e9SNick Piggin static int acl_permission_check(struct inode *inode, int mask, unsigned int flags, 173b74c79e9SNick Piggin int (*check_acl)(struct inode *inode, int mask, unsigned int flags)) 1745909ccaaSLinus Torvalds { 1755909ccaaSLinus Torvalds umode_t mode = inode->i_mode; 1765909ccaaSLinus Torvalds 1775909ccaaSLinus Torvalds mask &= MAY_READ | MAY_WRITE | MAY_EXEC; 1785909ccaaSLinus Torvalds 1795909ccaaSLinus Torvalds if (current_fsuid() == inode->i_uid) 1805909ccaaSLinus Torvalds mode >>= 6; 1815909ccaaSLinus Torvalds else { 1825909ccaaSLinus Torvalds if (IS_POSIXACL(inode) && (mode & S_IRWXG) && check_acl) { 183b74c79e9SNick Piggin int error = check_acl(inode, mask, flags); 1845909ccaaSLinus Torvalds if (error != -EAGAIN) 1855909ccaaSLinus Torvalds return error; 1865909ccaaSLinus Torvalds } 1875909ccaaSLinus Torvalds 1885909ccaaSLinus Torvalds if (in_group_p(inode->i_gid)) 1895909ccaaSLinus Torvalds mode >>= 3; 1905909ccaaSLinus Torvalds } 1915909ccaaSLinus Torvalds 1925909ccaaSLinus Torvalds /* 1935909ccaaSLinus Torvalds * If the DACs are ok we don't need any capability check. 1945909ccaaSLinus Torvalds */ 1955909ccaaSLinus Torvalds if ((mask & ~mode) == 0) 1965909ccaaSLinus Torvalds return 0; 1975909ccaaSLinus Torvalds return -EACCES; 1985909ccaaSLinus Torvalds } 1991da177e4SLinus Torvalds 2001da177e4SLinus Torvalds /** 2011da177e4SLinus Torvalds * generic_permission - check for access rights on a Posix-like filesystem 2021da177e4SLinus Torvalds * @inode: inode to check access rights for 2031da177e4SLinus Torvalds * @mask: right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC) 2041da177e4SLinus Torvalds * @check_acl: optional callback to check for Posix ACLs 20539191628SRandy Dunlap * @flags: IPERM_FLAG_ flags. 2061da177e4SLinus Torvalds * 2071da177e4SLinus Torvalds * Used to check for read/write/execute permissions on a file. 2081da177e4SLinus Torvalds * We use "fsuid" for this, letting us set arbitrary permissions 2091da177e4SLinus Torvalds * for filesystem access without changing the "normal" uids which 210b74c79e9SNick Piggin * are used for other things. 211b74c79e9SNick Piggin * 212b74c79e9SNick Piggin * generic_permission is rcu-walk aware. It returns -ECHILD in case an rcu-walk 213b74c79e9SNick Piggin * request cannot be satisfied (eg. requires blocking or too much complexity). 214b74c79e9SNick Piggin * It would then be called again in ref-walk mode. 2151da177e4SLinus Torvalds */ 216b74c79e9SNick Piggin int generic_permission(struct inode *inode, int mask, unsigned int flags, 217b74c79e9SNick Piggin int (*check_acl)(struct inode *inode, int mask, unsigned int flags)) 2181da177e4SLinus Torvalds { 2195909ccaaSLinus Torvalds int ret; 2201da177e4SLinus Torvalds 2211da177e4SLinus Torvalds /* 2225909ccaaSLinus Torvalds * Do the basic POSIX ACL permission checks. 2231da177e4SLinus Torvalds */ 224b74c79e9SNick Piggin ret = acl_permission_check(inode, mask, flags, check_acl); 2255909ccaaSLinus Torvalds if (ret != -EACCES) 2265909ccaaSLinus Torvalds return ret; 2271da177e4SLinus Torvalds 2281da177e4SLinus Torvalds /* 2291da177e4SLinus Torvalds * Read/write DACs are always overridable. 2301da177e4SLinus Torvalds * Executable DACs are overridable if at least one exec bit is set. 2311da177e4SLinus Torvalds */ 232f696a365SMiklos Szeredi if (!(mask & MAY_EXEC) || execute_ok(inode)) 2331da177e4SLinus Torvalds if (capable(CAP_DAC_OVERRIDE)) 2341da177e4SLinus Torvalds return 0; 2351da177e4SLinus Torvalds 2361da177e4SLinus Torvalds /* 2371da177e4SLinus Torvalds * Searching includes executable on directories, else just read. 2381da177e4SLinus Torvalds */ 2397ea66001SSerge E. Hallyn mask &= MAY_READ | MAY_WRITE | MAY_EXEC; 2401da177e4SLinus Torvalds if (mask == MAY_READ || (S_ISDIR(inode->i_mode) && !(mask & MAY_WRITE))) 2411da177e4SLinus Torvalds if (capable(CAP_DAC_READ_SEARCH)) 2421da177e4SLinus Torvalds return 0; 2431da177e4SLinus Torvalds 2441da177e4SLinus Torvalds return -EACCES; 2451da177e4SLinus Torvalds } 2461da177e4SLinus Torvalds 247cb23beb5SChristoph Hellwig /** 248cb23beb5SChristoph Hellwig * inode_permission - check for access rights to a given inode 249cb23beb5SChristoph Hellwig * @inode: inode to check permission on 250cb23beb5SChristoph Hellwig * @mask: right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC) 251cb23beb5SChristoph Hellwig * 252cb23beb5SChristoph Hellwig * Used to check for read/write/execute permissions on an inode. 253cb23beb5SChristoph Hellwig * We use "fsuid" for this, letting us set arbitrary permissions 254cb23beb5SChristoph Hellwig * for filesystem access without changing the "normal" uids which 255cb23beb5SChristoph Hellwig * are used for other things. 256cb23beb5SChristoph Hellwig */ 257f419a2e3SAl Viro int inode_permission(struct inode *inode, int mask) 2581da177e4SLinus Torvalds { 259e6305c43SAl Viro int retval; 2601da177e4SLinus Torvalds 2611da177e4SLinus Torvalds if (mask & MAY_WRITE) { 26222590e41SMiklos Szeredi umode_t mode = inode->i_mode; 2631da177e4SLinus Torvalds 2641da177e4SLinus Torvalds /* 2651da177e4SLinus Torvalds * Nobody gets write access to a read-only fs. 2661da177e4SLinus Torvalds */ 2671da177e4SLinus Torvalds if (IS_RDONLY(inode) && 2681da177e4SLinus Torvalds (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode))) 2691da177e4SLinus Torvalds return -EROFS; 2701da177e4SLinus Torvalds 2711da177e4SLinus Torvalds /* 2721da177e4SLinus Torvalds * Nobody gets write access to an immutable file. 2731da177e4SLinus Torvalds */ 2741da177e4SLinus Torvalds if (IS_IMMUTABLE(inode)) 2751da177e4SLinus Torvalds return -EACCES; 2761da177e4SLinus Torvalds } 2771da177e4SLinus Torvalds 278acfa4380SAl Viro if (inode->i_op->permission) 279b74c79e9SNick Piggin retval = inode->i_op->permission(inode, mask, 0); 280f696a365SMiklos Szeredi else 281b74c79e9SNick Piggin retval = generic_permission(inode, mask, 0, 282b74c79e9SNick Piggin inode->i_op->check_acl); 283f696a365SMiklos Szeredi 2841da177e4SLinus Torvalds if (retval) 2851da177e4SLinus Torvalds return retval; 2861da177e4SLinus Torvalds 28708ce5f16SSerge E. Hallyn retval = devcgroup_inode_permission(inode, mask); 28808ce5f16SSerge E. Hallyn if (retval) 28908ce5f16SSerge E. Hallyn return retval; 29008ce5f16SSerge E. Hallyn 291d09ca739SEric Paris return security_inode_permission(inode, mask); 2921da177e4SLinus Torvalds } 2931da177e4SLinus Torvalds 294e4543eddSChristoph Hellwig /** 2958c744fb8SChristoph Hellwig * file_permission - check for additional access rights to a given file 2968c744fb8SChristoph Hellwig * @file: file to check access rights for 2978c744fb8SChristoph Hellwig * @mask: right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC) 2988c744fb8SChristoph Hellwig * 2998c744fb8SChristoph Hellwig * Used to check for read/write/execute permissions on an already opened 3008c744fb8SChristoph Hellwig * file. 3018c744fb8SChristoph Hellwig * 3028c744fb8SChristoph Hellwig * Note: 3038c744fb8SChristoph Hellwig * Do not use this function in new code. All access checks should 304cb23beb5SChristoph Hellwig * be done using inode_permission(). 3058c744fb8SChristoph Hellwig */ 3068c744fb8SChristoph Hellwig int file_permission(struct file *file, int mask) 3078c744fb8SChristoph Hellwig { 308f419a2e3SAl Viro return inode_permission(file->f_path.dentry->d_inode, mask); 3098c744fb8SChristoph Hellwig } 3108c744fb8SChristoph Hellwig 3111da177e4SLinus Torvalds /* 3121da177e4SLinus Torvalds * get_write_access() gets write permission for a file. 3131da177e4SLinus Torvalds * put_write_access() releases this write permission. 3141da177e4SLinus Torvalds * This is used for regular files. 3151da177e4SLinus Torvalds * We cannot support write (and maybe mmap read-write shared) accesses and 3161da177e4SLinus Torvalds * MAP_DENYWRITE mmappings simultaneously. The i_writecount field of an inode 3171da177e4SLinus Torvalds * can have the following values: 3181da177e4SLinus Torvalds * 0: no writers, no VM_DENYWRITE mappings 3191da177e4SLinus Torvalds * < 0: (-i_writecount) vm_area_structs with VM_DENYWRITE set exist 3201da177e4SLinus Torvalds * > 0: (i_writecount) users are writing to the file. 3211da177e4SLinus Torvalds * 3221da177e4SLinus Torvalds * Normally we operate on that counter with atomic_{inc,dec} and it's safe 3231da177e4SLinus Torvalds * except for the cases where we don't hold i_writecount yet. Then we need to 3241da177e4SLinus Torvalds * use {get,deny}_write_access() - these functions check the sign and refuse 3251da177e4SLinus Torvalds * to do the change if sign is wrong. Exclusion between them is provided by 3261da177e4SLinus Torvalds * the inode->i_lock spinlock. 3271da177e4SLinus Torvalds */ 3281da177e4SLinus Torvalds 3291da177e4SLinus Torvalds int get_write_access(struct inode * inode) 3301da177e4SLinus Torvalds { 3311da177e4SLinus Torvalds spin_lock(&inode->i_lock); 3321da177e4SLinus Torvalds if (atomic_read(&inode->i_writecount) < 0) { 3331da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 3341da177e4SLinus Torvalds return -ETXTBSY; 3351da177e4SLinus Torvalds } 3361da177e4SLinus Torvalds atomic_inc(&inode->i_writecount); 3371da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 3381da177e4SLinus Torvalds 3391da177e4SLinus Torvalds return 0; 3401da177e4SLinus Torvalds } 3411da177e4SLinus Torvalds 3421da177e4SLinus Torvalds int deny_write_access(struct file * file) 3431da177e4SLinus Torvalds { 3440f7fc9e4SJosef "Jeff" Sipek struct inode *inode = file->f_path.dentry->d_inode; 3451da177e4SLinus Torvalds 3461da177e4SLinus Torvalds spin_lock(&inode->i_lock); 3471da177e4SLinus Torvalds if (atomic_read(&inode->i_writecount) > 0) { 3481da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 3491da177e4SLinus Torvalds return -ETXTBSY; 3501da177e4SLinus Torvalds } 3511da177e4SLinus Torvalds atomic_dec(&inode->i_writecount); 3521da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 3531da177e4SLinus Torvalds 3541da177e4SLinus Torvalds return 0; 3551da177e4SLinus Torvalds } 3561da177e4SLinus Torvalds 3571d957f9bSJan Blunck /** 3585dd784d0SJan Blunck * path_get - get a reference to a path 3595dd784d0SJan Blunck * @path: path to get the reference to 3605dd784d0SJan Blunck * 3615dd784d0SJan Blunck * Given a path increment the reference count to the dentry and the vfsmount. 3625dd784d0SJan Blunck */ 3635dd784d0SJan Blunck void path_get(struct path *path) 3645dd784d0SJan Blunck { 3655dd784d0SJan Blunck mntget(path->mnt); 3665dd784d0SJan Blunck dget(path->dentry); 3675dd784d0SJan Blunck } 3685dd784d0SJan Blunck EXPORT_SYMBOL(path_get); 3695dd784d0SJan Blunck 3705dd784d0SJan Blunck /** 3711d957f9bSJan Blunck * path_put - put a reference to a path 3721d957f9bSJan Blunck * @path: path to put the reference to 3731d957f9bSJan Blunck * 3741d957f9bSJan Blunck * Given a path decrement the reference count to the dentry and the vfsmount. 3751d957f9bSJan Blunck */ 3761d957f9bSJan Blunck void path_put(struct path *path) 3771da177e4SLinus Torvalds { 3781d957f9bSJan Blunck dput(path->dentry); 3791d957f9bSJan Blunck mntput(path->mnt); 3801da177e4SLinus Torvalds } 3811d957f9bSJan Blunck EXPORT_SYMBOL(path_put); 3821da177e4SLinus Torvalds 383834f2a4aSTrond Myklebust /** 38431e6b01fSNick Piggin * nameidata_drop_rcu - drop this nameidata out of rcu-walk 38531e6b01fSNick Piggin * @nd: nameidata pathwalk data to drop 38639191628SRandy Dunlap * Returns: 0 on success, -ECHILD on failure 38731e6b01fSNick Piggin * 38831e6b01fSNick Piggin * Path walking has 2 modes, rcu-walk and ref-walk (see 38931e6b01fSNick Piggin * Documentation/filesystems/path-lookup.txt). __drop_rcu* functions attempt 39031e6b01fSNick Piggin * to drop out of rcu-walk mode and take normal reference counts on dentries 39131e6b01fSNick Piggin * and vfsmounts to transition to rcu-walk mode. __drop_rcu* functions take 39231e6b01fSNick Piggin * refcounts at the last known good point before rcu-walk got stuck, so 39331e6b01fSNick Piggin * ref-walk may continue from there. If this is not successful (eg. a seqcount 39431e6b01fSNick Piggin * has changed), then failure is returned and path walk restarts from the 39531e6b01fSNick Piggin * beginning in ref-walk mode. 39631e6b01fSNick Piggin * 39731e6b01fSNick Piggin * nameidata_drop_rcu attempts to drop the current nd->path and nd->root into 39831e6b01fSNick Piggin * ref-walk. Must be called from rcu-walk context. 39931e6b01fSNick Piggin */ 40031e6b01fSNick Piggin static int nameidata_drop_rcu(struct nameidata *nd) 40131e6b01fSNick Piggin { 40231e6b01fSNick Piggin struct fs_struct *fs = current->fs; 40331e6b01fSNick Piggin struct dentry *dentry = nd->path.dentry; 40431e6b01fSNick Piggin 40531e6b01fSNick Piggin BUG_ON(!(nd->flags & LOOKUP_RCU)); 40631e6b01fSNick Piggin if (nd->root.mnt) { 40731e6b01fSNick Piggin spin_lock(&fs->lock); 40831e6b01fSNick Piggin if (nd->root.mnt != fs->root.mnt || 40931e6b01fSNick Piggin nd->root.dentry != fs->root.dentry) 41031e6b01fSNick Piggin goto err_root; 41131e6b01fSNick Piggin } 41231e6b01fSNick Piggin spin_lock(&dentry->d_lock); 41331e6b01fSNick Piggin if (!__d_rcu_to_refcount(dentry, nd->seq)) 41431e6b01fSNick Piggin goto err; 41531e6b01fSNick Piggin BUG_ON(nd->inode != dentry->d_inode); 41631e6b01fSNick Piggin spin_unlock(&dentry->d_lock); 41731e6b01fSNick Piggin if (nd->root.mnt) { 41831e6b01fSNick Piggin path_get(&nd->root); 41931e6b01fSNick Piggin spin_unlock(&fs->lock); 42031e6b01fSNick Piggin } 42131e6b01fSNick Piggin mntget(nd->path.mnt); 42231e6b01fSNick Piggin 42331e6b01fSNick Piggin rcu_read_unlock(); 42431e6b01fSNick Piggin br_read_unlock(vfsmount_lock); 42531e6b01fSNick Piggin nd->flags &= ~LOOKUP_RCU; 42631e6b01fSNick Piggin return 0; 42731e6b01fSNick Piggin err: 42831e6b01fSNick Piggin spin_unlock(&dentry->d_lock); 42931e6b01fSNick Piggin err_root: 43031e6b01fSNick Piggin if (nd->root.mnt) 43131e6b01fSNick Piggin spin_unlock(&fs->lock); 43231e6b01fSNick Piggin return -ECHILD; 43331e6b01fSNick Piggin } 43431e6b01fSNick Piggin 43531e6b01fSNick Piggin /* Try to drop out of rcu-walk mode if we were in it, otherwise do nothing. */ 43631e6b01fSNick Piggin static inline int nameidata_drop_rcu_maybe(struct nameidata *nd) 43731e6b01fSNick Piggin { 43831e6b01fSNick Piggin if (nd->flags & LOOKUP_RCU) 43931e6b01fSNick Piggin return nameidata_drop_rcu(nd); 44031e6b01fSNick Piggin return 0; 44131e6b01fSNick Piggin } 44231e6b01fSNick Piggin 44331e6b01fSNick Piggin /** 44431e6b01fSNick Piggin * nameidata_dentry_drop_rcu - drop nameidata and dentry out of rcu-walk 44531e6b01fSNick Piggin * @nd: nameidata pathwalk data to drop 44631e6b01fSNick Piggin * @dentry: dentry to drop 44739191628SRandy Dunlap * Returns: 0 on success, -ECHILD on failure 44831e6b01fSNick Piggin * 44931e6b01fSNick Piggin * nameidata_dentry_drop_rcu attempts to drop the current nd->path and nd->root, 45031e6b01fSNick Piggin * and dentry into ref-walk. @dentry must be a path found by a do_lookup call on 45131e6b01fSNick Piggin * @nd. Must be called from rcu-walk context. 45231e6b01fSNick Piggin */ 45331e6b01fSNick Piggin static int nameidata_dentry_drop_rcu(struct nameidata *nd, struct dentry *dentry) 45431e6b01fSNick Piggin { 45531e6b01fSNick Piggin struct fs_struct *fs = current->fs; 45631e6b01fSNick Piggin struct dentry *parent = nd->path.dentry; 45731e6b01fSNick Piggin 45831e6b01fSNick Piggin BUG_ON(!(nd->flags & LOOKUP_RCU)); 45931e6b01fSNick Piggin if (nd->root.mnt) { 46031e6b01fSNick Piggin spin_lock(&fs->lock); 46131e6b01fSNick Piggin if (nd->root.mnt != fs->root.mnt || 46231e6b01fSNick Piggin nd->root.dentry != fs->root.dentry) 46331e6b01fSNick Piggin goto err_root; 46431e6b01fSNick Piggin } 46531e6b01fSNick Piggin spin_lock(&parent->d_lock); 46631e6b01fSNick Piggin spin_lock_nested(&dentry->d_lock, DENTRY_D_LOCK_NESTED); 46731e6b01fSNick Piggin if (!__d_rcu_to_refcount(dentry, nd->seq)) 46831e6b01fSNick Piggin goto err; 46931e6b01fSNick Piggin /* 47031e6b01fSNick Piggin * If the sequence check on the child dentry passed, then the child has 47131e6b01fSNick Piggin * not been removed from its parent. This means the parent dentry must 47231e6b01fSNick Piggin * be valid and able to take a reference at this point. 47331e6b01fSNick Piggin */ 47431e6b01fSNick Piggin BUG_ON(!IS_ROOT(dentry) && dentry->d_parent != parent); 47531e6b01fSNick Piggin BUG_ON(!parent->d_count); 47631e6b01fSNick Piggin parent->d_count++; 47731e6b01fSNick Piggin spin_unlock(&dentry->d_lock); 47831e6b01fSNick Piggin spin_unlock(&parent->d_lock); 47931e6b01fSNick Piggin if (nd->root.mnt) { 48031e6b01fSNick Piggin path_get(&nd->root); 48131e6b01fSNick Piggin spin_unlock(&fs->lock); 48231e6b01fSNick Piggin } 48331e6b01fSNick Piggin mntget(nd->path.mnt); 48431e6b01fSNick Piggin 48531e6b01fSNick Piggin rcu_read_unlock(); 48631e6b01fSNick Piggin br_read_unlock(vfsmount_lock); 48731e6b01fSNick Piggin nd->flags &= ~LOOKUP_RCU; 48831e6b01fSNick Piggin return 0; 48931e6b01fSNick Piggin err: 49031e6b01fSNick Piggin spin_unlock(&dentry->d_lock); 49131e6b01fSNick Piggin spin_unlock(&parent->d_lock); 49231e6b01fSNick Piggin err_root: 49331e6b01fSNick Piggin if (nd->root.mnt) 49431e6b01fSNick Piggin spin_unlock(&fs->lock); 49531e6b01fSNick Piggin return -ECHILD; 49631e6b01fSNick Piggin } 49731e6b01fSNick Piggin 49831e6b01fSNick Piggin /* Try to drop out of rcu-walk mode if we were in it, otherwise do nothing. */ 49931e6b01fSNick Piggin static inline int nameidata_dentry_drop_rcu_maybe(struct nameidata *nd, struct dentry *dentry) 50031e6b01fSNick Piggin { 50131e6b01fSNick Piggin if (nd->flags & LOOKUP_RCU) 50231e6b01fSNick Piggin return nameidata_dentry_drop_rcu(nd, dentry); 50331e6b01fSNick Piggin return 0; 50431e6b01fSNick Piggin } 50531e6b01fSNick Piggin 50631e6b01fSNick Piggin /** 50731e6b01fSNick Piggin * nameidata_drop_rcu_last - drop nameidata ending path walk out of rcu-walk 50831e6b01fSNick Piggin * @nd: nameidata pathwalk data to drop 50939191628SRandy Dunlap * Returns: 0 on success, -ECHILD on failure 51031e6b01fSNick Piggin * 51131e6b01fSNick Piggin * nameidata_drop_rcu_last attempts to drop the current nd->path into ref-walk. 51231e6b01fSNick Piggin * nd->path should be the final element of the lookup, so nd->root is discarded. 51331e6b01fSNick Piggin * Must be called from rcu-walk context. 51431e6b01fSNick Piggin */ 51531e6b01fSNick Piggin static int nameidata_drop_rcu_last(struct nameidata *nd) 51631e6b01fSNick Piggin { 51731e6b01fSNick Piggin struct dentry *dentry = nd->path.dentry; 51831e6b01fSNick Piggin 51931e6b01fSNick Piggin BUG_ON(!(nd->flags & LOOKUP_RCU)); 52031e6b01fSNick Piggin nd->flags &= ~LOOKUP_RCU; 52131e6b01fSNick Piggin nd->root.mnt = NULL; 52231e6b01fSNick Piggin spin_lock(&dentry->d_lock); 52331e6b01fSNick Piggin if (!__d_rcu_to_refcount(dentry, nd->seq)) 52431e6b01fSNick Piggin goto err_unlock; 52531e6b01fSNick Piggin BUG_ON(nd->inode != dentry->d_inode); 52631e6b01fSNick Piggin spin_unlock(&dentry->d_lock); 52731e6b01fSNick Piggin 52831e6b01fSNick Piggin mntget(nd->path.mnt); 52931e6b01fSNick Piggin 53031e6b01fSNick Piggin rcu_read_unlock(); 53131e6b01fSNick Piggin br_read_unlock(vfsmount_lock); 53231e6b01fSNick Piggin 53331e6b01fSNick Piggin return 0; 53431e6b01fSNick Piggin 53531e6b01fSNick Piggin err_unlock: 53631e6b01fSNick Piggin spin_unlock(&dentry->d_lock); 53731e6b01fSNick Piggin rcu_read_unlock(); 53831e6b01fSNick Piggin br_read_unlock(vfsmount_lock); 53931e6b01fSNick Piggin return -ECHILD; 54031e6b01fSNick Piggin } 54131e6b01fSNick Piggin 54231e6b01fSNick Piggin /* Try to drop out of rcu-walk mode if we were in it, otherwise do nothing. */ 54331e6b01fSNick Piggin static inline int nameidata_drop_rcu_last_maybe(struct nameidata *nd) 54431e6b01fSNick Piggin { 54531e6b01fSNick Piggin if (likely(nd->flags & LOOKUP_RCU)) 54631e6b01fSNick Piggin return nameidata_drop_rcu_last(nd); 54731e6b01fSNick Piggin return 0; 54831e6b01fSNick Piggin } 54931e6b01fSNick Piggin 55031e6b01fSNick Piggin /** 551834f2a4aSTrond Myklebust * release_open_intent - free up open intent resources 552834f2a4aSTrond Myklebust * @nd: pointer to nameidata 553834f2a4aSTrond Myklebust */ 554834f2a4aSTrond Myklebust void release_open_intent(struct nameidata *nd) 555834f2a4aSTrond Myklebust { 5562dab5974SLinus Torvalds struct file *file = nd->intent.open.file; 5572dab5974SLinus Torvalds 5582dab5974SLinus Torvalds if (file && !IS_ERR(file)) { 5592dab5974SLinus Torvalds if (file->f_path.dentry == NULL) 5602dab5974SLinus Torvalds put_filp(file); 561834f2a4aSTrond Myklebust else 5622dab5974SLinus Torvalds fput(file); 5632dab5974SLinus Torvalds } 564834f2a4aSTrond Myklebust } 565834f2a4aSTrond Myklebust 566f60aef7eSAl Viro static inline int d_revalidate(struct dentry *dentry, struct nameidata *nd) 56734286d66SNick Piggin { 568f60aef7eSAl Viro return dentry->d_op->d_revalidate(dentry, nd); 56934286d66SNick Piggin } 57034286d66SNick Piggin 571f5e1c1c1SAl Viro static struct dentry * 572bcdc5e01SIan Kent do_revalidate(struct dentry *dentry, struct nameidata *nd) 573bcdc5e01SIan Kent { 574f5e1c1c1SAl Viro int status = d_revalidate(dentry, nd); 575bcdc5e01SIan Kent if (unlikely(status <= 0)) { 576bcdc5e01SIan Kent /* 577bcdc5e01SIan Kent * The dentry failed validation. 578bcdc5e01SIan Kent * If d_revalidate returned 0 attempt to invalidate 579bcdc5e01SIan Kent * the dentry otherwise d_revalidate is asking us 580bcdc5e01SIan Kent * to return a fail status. 581bcdc5e01SIan Kent */ 58234286d66SNick Piggin if (status < 0) { 58334286d66SNick Piggin dput(dentry); 58434286d66SNick Piggin dentry = ERR_PTR(status); 585f5e1c1c1SAl Viro } else if (!d_invalidate(dentry)) { 586bcdc5e01SIan Kent dput(dentry); 587bcdc5e01SIan Kent dentry = NULL; 588bcdc5e01SIan Kent } 589bcdc5e01SIan Kent } 590f5e1c1c1SAl Viro return dentry; 591f5e1c1c1SAl Viro } 592f5e1c1c1SAl Viro 593f5e1c1c1SAl Viro static inline struct dentry * 594f5e1c1c1SAl Viro do_revalidate_rcu(struct dentry *dentry, struct nameidata *nd) 595f5e1c1c1SAl Viro { 596f60aef7eSAl Viro int status = d_revalidate(dentry, nd); 597f5e1c1c1SAl Viro if (likely(status > 0)) 598f5e1c1c1SAl Viro return dentry; 599f5e1c1c1SAl Viro if (status == -ECHILD) { 600f5e1c1c1SAl Viro if (nameidata_dentry_drop_rcu(nd, dentry)) 601f5e1c1c1SAl Viro return ERR_PTR(-ECHILD); 602f5e1c1c1SAl Viro return do_revalidate(dentry, nd); 603f5e1c1c1SAl Viro } 604f5e1c1c1SAl Viro if (status < 0) 605f5e1c1c1SAl Viro return ERR_PTR(status); 606f5e1c1c1SAl Viro /* Don't d_invalidate in rcu-walk mode */ 607f5e1c1c1SAl Viro if (nameidata_dentry_drop_rcu(nd, dentry)) 608f5e1c1c1SAl Viro return ERR_PTR(-ECHILD); 609f5e1c1c1SAl Viro if (!d_invalidate(dentry)) { 610f5e1c1c1SAl Viro dput(dentry); 611f5e1c1c1SAl Viro dentry = NULL; 612bcdc5e01SIan Kent } 613bcdc5e01SIan Kent return dentry; 614bcdc5e01SIan Kent } 615bcdc5e01SIan Kent 6161da177e4SLinus Torvalds /* 61716c2cd71SAl Viro * handle_reval_path - force revalidation of a dentry 61839159de2SJeff Layton * 61939159de2SJeff Layton * In some situations the path walking code will trust dentries without 62039159de2SJeff Layton * revalidating them. This causes problems for filesystems that depend on 62139159de2SJeff Layton * d_revalidate to handle file opens (e.g. NFSv4). When FS_REVAL_DOT is set 62239159de2SJeff Layton * (which indicates that it's possible for the dentry to go stale), force 62339159de2SJeff Layton * a d_revalidate call before proceeding. 62439159de2SJeff Layton * 62539159de2SJeff Layton * Returns 0 if the revalidation was successful. If the revalidation fails, 62639159de2SJeff Layton * either return the error returned by d_revalidate or -ESTALE if the 62739159de2SJeff Layton * revalidation it just returned 0. If d_revalidate returns 0, we attempt to 62839159de2SJeff Layton * invalidate the dentry. It's up to the caller to handle putting references 62939159de2SJeff Layton * to the path if necessary. 63039159de2SJeff Layton */ 63116c2cd71SAl Viro static inline int handle_reval_path(struct nameidata *nd) 63239159de2SJeff Layton { 63316c2cd71SAl Viro struct dentry *dentry = nd->path.dentry; 63439159de2SJeff Layton int status; 63539159de2SJeff Layton 63616c2cd71SAl Viro if (likely(!(nd->flags & LOOKUP_JUMPED))) 63739159de2SJeff Layton return 0; 63839159de2SJeff Layton 63916c2cd71SAl Viro if (likely(!(dentry->d_flags & DCACHE_OP_REVALIDATE))) 64016c2cd71SAl Viro return 0; 64116c2cd71SAl Viro 64216c2cd71SAl Viro if (likely(!(dentry->d_sb->s_type->fs_flags & FS_REVAL_DOT))) 64316c2cd71SAl Viro return 0; 64416c2cd71SAl Viro 64516c2cd71SAl Viro /* Note: we do not d_invalidate() */ 64634286d66SNick Piggin status = d_revalidate(dentry, nd); 64739159de2SJeff Layton if (status > 0) 64839159de2SJeff Layton return 0; 64939159de2SJeff Layton 65016c2cd71SAl Viro if (!status) 65139159de2SJeff Layton status = -ESTALE; 65216c2cd71SAl Viro 65339159de2SJeff Layton return status; 65439159de2SJeff Layton } 65539159de2SJeff Layton 65639159de2SJeff Layton /* 657b75b5086SAl Viro * Short-cut version of permission(), for calling on directories 658b75b5086SAl Viro * during pathname resolution. Combines parts of permission() 659b75b5086SAl Viro * and generic_permission(), and tests ONLY for MAY_EXEC permission. 6601da177e4SLinus Torvalds * 6611da177e4SLinus Torvalds * If appropriate, check DAC only. If not appropriate, or 662b75b5086SAl Viro * short-cut DAC fails, then call ->permission() to do more 6631da177e4SLinus Torvalds * complete permission check. 6641da177e4SLinus Torvalds */ 665b74c79e9SNick Piggin static inline int exec_permission(struct inode *inode, unsigned int flags) 6661da177e4SLinus Torvalds { 6675909ccaaSLinus Torvalds int ret; 6681da177e4SLinus Torvalds 669cb9179eaSLinus Torvalds if (inode->i_op->permission) { 670b74c79e9SNick Piggin ret = inode->i_op->permission(inode, MAY_EXEC, flags); 671b74c79e9SNick Piggin } else { 672b74c79e9SNick Piggin ret = acl_permission_check(inode, MAY_EXEC, flags, 673b74c79e9SNick Piggin inode->i_op->check_acl); 674cb9179eaSLinus Torvalds } 675b74c79e9SNick Piggin if (likely(!ret)) 6761da177e4SLinus Torvalds goto ok; 677b74c79e9SNick Piggin if (ret == -ECHILD) 67831e6b01fSNick Piggin return ret; 6791da177e4SLinus Torvalds 680f1ac9f6bSLinus Torvalds if (capable(CAP_DAC_OVERRIDE) || capable(CAP_DAC_READ_SEARCH)) 6811da177e4SLinus Torvalds goto ok; 6821da177e4SLinus Torvalds 6835909ccaaSLinus Torvalds return ret; 6841da177e4SLinus Torvalds ok: 685b74c79e9SNick Piggin return security_inode_exec_permission(inode, flags); 6861da177e4SLinus Torvalds } 6871da177e4SLinus Torvalds 6882a737871SAl Viro static __always_inline void set_root(struct nameidata *nd) 6892a737871SAl Viro { 690f7ad3c6bSMiklos Szeredi if (!nd->root.mnt) 691f7ad3c6bSMiklos Szeredi get_fs_root(current->fs, &nd->root); 6922a737871SAl Viro } 6932a737871SAl Viro 6946de88d72SAl Viro static int link_path_walk(const char *, struct nameidata *); 6956de88d72SAl Viro 69631e6b01fSNick Piggin static __always_inline void set_root_rcu(struct nameidata *nd) 69731e6b01fSNick Piggin { 69831e6b01fSNick Piggin if (!nd->root.mnt) { 69931e6b01fSNick Piggin struct fs_struct *fs = current->fs; 700c28cc364SNick Piggin unsigned seq; 701c28cc364SNick Piggin 702c28cc364SNick Piggin do { 703c28cc364SNick Piggin seq = read_seqcount_begin(&fs->seq); 70431e6b01fSNick Piggin nd->root = fs->root; 705c28cc364SNick Piggin } while (read_seqcount_retry(&fs->seq, seq)); 70631e6b01fSNick Piggin } 70731e6b01fSNick Piggin } 70831e6b01fSNick Piggin 709f1662356SArjan van de Ven static __always_inline int __vfs_follow_link(struct nameidata *nd, const char *link) 7101da177e4SLinus Torvalds { 71131e6b01fSNick Piggin int ret; 71231e6b01fSNick Piggin 7131da177e4SLinus Torvalds if (IS_ERR(link)) 7141da177e4SLinus Torvalds goto fail; 7151da177e4SLinus Torvalds 7161da177e4SLinus Torvalds if (*link == '/') { 7172a737871SAl Viro set_root(nd); 7181d957f9bSJan Blunck path_put(&nd->path); 7192a737871SAl Viro nd->path = nd->root; 7202a737871SAl Viro path_get(&nd->root); 72116c2cd71SAl Viro nd->flags |= LOOKUP_JUMPED; 7221da177e4SLinus Torvalds } 72331e6b01fSNick Piggin nd->inode = nd->path.dentry->d_inode; 724b4091d5fSChristoph Hellwig 72531e6b01fSNick Piggin ret = link_path_walk(link, nd); 72631e6b01fSNick Piggin return ret; 7271da177e4SLinus Torvalds fail: 7281d957f9bSJan Blunck path_put(&nd->path); 7291da177e4SLinus Torvalds return PTR_ERR(link); 7301da177e4SLinus Torvalds } 7311da177e4SLinus Torvalds 7321d957f9bSJan Blunck static void path_put_conditional(struct path *path, struct nameidata *nd) 733051d3812SIan Kent { 734051d3812SIan Kent dput(path->dentry); 7354ac91378SJan Blunck if (path->mnt != nd->path.mnt) 736051d3812SIan Kent mntput(path->mnt); 737051d3812SIan Kent } 738051d3812SIan Kent 7397b9337aaSNick Piggin static inline void path_to_nameidata(const struct path *path, 7407b9337aaSNick Piggin struct nameidata *nd) 741051d3812SIan Kent { 74231e6b01fSNick Piggin if (!(nd->flags & LOOKUP_RCU)) { 7434ac91378SJan Blunck dput(nd->path.dentry); 74431e6b01fSNick Piggin if (nd->path.mnt != path->mnt) 7454ac91378SJan Blunck mntput(nd->path.mnt); 7469a229683SHuang Shijie } 74731e6b01fSNick Piggin nd->path.mnt = path->mnt; 7484ac91378SJan Blunck nd->path.dentry = path->dentry; 749051d3812SIan Kent } 750051d3812SIan Kent 751def4af30SAl Viro static __always_inline int 7527b9337aaSNick Piggin __do_follow_link(const struct path *link, struct nameidata *nd, void **p) 7531da177e4SLinus Torvalds { 7541da177e4SLinus Torvalds int error; 7557b9337aaSNick Piggin struct dentry *dentry = link->dentry; 7561da177e4SLinus Torvalds 757844a3917SAl Viro BUG_ON(nd->flags & LOOKUP_RCU); 758844a3917SAl Viro 7597b9337aaSNick Piggin touch_atime(link->mnt, dentry); 7601da177e4SLinus Torvalds nd_set_link(nd, NULL); 761cd4e91d3SAl Viro 76287556ef1SDavid Howells if (link->mnt == nd->path.mnt) 7637b9337aaSNick Piggin mntget(link->mnt); 76431e6b01fSNick Piggin 76586acdca1SAl Viro nd->last_type = LAST_BIND; 766def4af30SAl Viro *p = dentry->d_inode->i_op->follow_link(dentry, nd); 767def4af30SAl Viro error = PTR_ERR(*p); 768def4af30SAl Viro if (!IS_ERR(*p)) { 7691da177e4SLinus Torvalds char *s = nd_get_link(nd); 770cc314eefSLinus Torvalds error = 0; 7711da177e4SLinus Torvalds if (s) 7721da177e4SLinus Torvalds error = __vfs_follow_link(nd, s); 77316c2cd71SAl Viro else if (nd->last_type == LAST_BIND) 77416c2cd71SAl Viro nd->flags |= LOOKUP_JUMPED; 7751da177e4SLinus Torvalds } 7761da177e4SLinus Torvalds return error; 7771da177e4SLinus Torvalds } 7781da177e4SLinus Torvalds 7791da177e4SLinus Torvalds /* 7801da177e4SLinus Torvalds * This limits recursive symlink follows to 8, while 7811da177e4SLinus Torvalds * limiting consecutive symlinks to 40. 7821da177e4SLinus Torvalds * 7831da177e4SLinus Torvalds * Without that kind of total limit, nasty chains of consecutive 7841da177e4SLinus Torvalds * symlinks can cause almost arbitrarily long lookups. 7851da177e4SLinus Torvalds */ 7863abb17e8SLinus Torvalds static inline int do_follow_link(struct inode *inode, struct path *path, struct nameidata *nd) 7871da177e4SLinus Torvalds { 788def4af30SAl Viro void *cookie; 7891da177e4SLinus Torvalds int err = -ELOOP; 790844a3917SAl Viro 791844a3917SAl Viro /* We drop rcu-walk here */ 792844a3917SAl Viro if (nameidata_dentry_drop_rcu_maybe(nd, path->dentry)) 793844a3917SAl Viro return -ECHILD; 7943abb17e8SLinus Torvalds BUG_ON(inode != path->dentry->d_inode); 795844a3917SAl Viro 7961da177e4SLinus Torvalds if (current->link_count >= MAX_NESTED_LINKS) 7971da177e4SLinus Torvalds goto loop; 7981da177e4SLinus Torvalds if (current->total_link_count >= 40) 7991da177e4SLinus Torvalds goto loop; 8001da177e4SLinus Torvalds BUG_ON(nd->depth >= MAX_NESTED_LINKS); 8011da177e4SLinus Torvalds cond_resched(); 80290ebe565SAl Viro err = security_inode_follow_link(path->dentry, nd); 8031da177e4SLinus Torvalds if (err) 8041da177e4SLinus Torvalds goto loop; 8051da177e4SLinus Torvalds current->link_count++; 8061da177e4SLinus Torvalds current->total_link_count++; 8071da177e4SLinus Torvalds nd->depth++; 808def4af30SAl Viro err = __do_follow_link(path, nd, &cookie); 809def4af30SAl Viro if (!IS_ERR(cookie) && path->dentry->d_inode->i_op->put_link) 810def4af30SAl Viro path->dentry->d_inode->i_op->put_link(path->dentry, nd, cookie); 811258fa999SAl Viro path_put(path); 8121da177e4SLinus Torvalds current->link_count--; 8131da177e4SLinus Torvalds nd->depth--; 8141da177e4SLinus Torvalds return err; 8151da177e4SLinus Torvalds loop: 8161d957f9bSJan Blunck path_put_conditional(path, nd); 8171d957f9bSJan Blunck path_put(&nd->path); 8181da177e4SLinus Torvalds return err; 8191da177e4SLinus Torvalds } 8201da177e4SLinus Torvalds 82131e6b01fSNick Piggin static int follow_up_rcu(struct path *path) 82231e6b01fSNick Piggin { 82331e6b01fSNick Piggin struct vfsmount *parent; 82431e6b01fSNick Piggin struct dentry *mountpoint; 82531e6b01fSNick Piggin 82631e6b01fSNick Piggin parent = path->mnt->mnt_parent; 82731e6b01fSNick Piggin if (parent == path->mnt) 82831e6b01fSNick Piggin return 0; 82931e6b01fSNick Piggin mountpoint = path->mnt->mnt_mountpoint; 83031e6b01fSNick Piggin path->dentry = mountpoint; 83131e6b01fSNick Piggin path->mnt = parent; 83231e6b01fSNick Piggin return 1; 83331e6b01fSNick Piggin } 83431e6b01fSNick Piggin 835bab77ebfSAl Viro int follow_up(struct path *path) 8361da177e4SLinus Torvalds { 8371da177e4SLinus Torvalds struct vfsmount *parent; 8381da177e4SLinus Torvalds struct dentry *mountpoint; 83999b7db7bSNick Piggin 84099b7db7bSNick Piggin br_read_lock(vfsmount_lock); 841bab77ebfSAl Viro parent = path->mnt->mnt_parent; 842bab77ebfSAl Viro if (parent == path->mnt) { 84399b7db7bSNick Piggin br_read_unlock(vfsmount_lock); 8441da177e4SLinus Torvalds return 0; 8451da177e4SLinus Torvalds } 8461da177e4SLinus Torvalds mntget(parent); 847bab77ebfSAl Viro mountpoint = dget(path->mnt->mnt_mountpoint); 84899b7db7bSNick Piggin br_read_unlock(vfsmount_lock); 849bab77ebfSAl Viro dput(path->dentry); 850bab77ebfSAl Viro path->dentry = mountpoint; 851bab77ebfSAl Viro mntput(path->mnt); 852bab77ebfSAl Viro path->mnt = parent; 8531da177e4SLinus Torvalds return 1; 8541da177e4SLinus Torvalds } 8551da177e4SLinus Torvalds 856b5c84bf6SNick Piggin /* 8579875cf80SDavid Howells * Perform an automount 8589875cf80SDavid Howells * - return -EISDIR to tell follow_managed() to stop and return the path we 8599875cf80SDavid Howells * were called with. 8601da177e4SLinus Torvalds */ 8619875cf80SDavid Howells static int follow_automount(struct path *path, unsigned flags, 8629875cf80SDavid Howells bool *need_mntput) 86331e6b01fSNick Piggin { 8649875cf80SDavid Howells struct vfsmount *mnt; 865ea5b778aSDavid Howells int err; 8669875cf80SDavid Howells 8679875cf80SDavid Howells if (!path->dentry->d_op || !path->dentry->d_op->d_automount) 8689875cf80SDavid Howells return -EREMOTE; 8699875cf80SDavid Howells 8706f45b656SDavid Howells /* We don't want to mount if someone supplied AT_NO_AUTOMOUNT 8716f45b656SDavid Howells * and this is the terminal part of the path. 8726f45b656SDavid Howells */ 8736f45b656SDavid Howells if ((flags & LOOKUP_NO_AUTOMOUNT) && !(flags & LOOKUP_CONTINUE)) 8746f45b656SDavid Howells return -EISDIR; /* we actually want to stop here */ 8756f45b656SDavid Howells 8769875cf80SDavid Howells /* We want to mount if someone is trying to open/create a file of any 8779875cf80SDavid Howells * type under the mountpoint, wants to traverse through the mountpoint 8789875cf80SDavid Howells * or wants to open the mounted directory. 8799875cf80SDavid Howells * 8809875cf80SDavid Howells * We don't want to mount if someone's just doing a stat and they've 8819875cf80SDavid Howells * set AT_SYMLINK_NOFOLLOW - unless they're stat'ing a directory and 8829875cf80SDavid Howells * appended a '/' to the name. 8839875cf80SDavid Howells */ 8849875cf80SDavid Howells if (!(flags & LOOKUP_FOLLOW) && 8859875cf80SDavid Howells !(flags & (LOOKUP_CONTINUE | LOOKUP_DIRECTORY | 8869875cf80SDavid Howells LOOKUP_OPEN | LOOKUP_CREATE))) 8879875cf80SDavid Howells return -EISDIR; 8889875cf80SDavid Howells 8899875cf80SDavid Howells current->total_link_count++; 8909875cf80SDavid Howells if (current->total_link_count >= 40) 8919875cf80SDavid Howells return -ELOOP; 8929875cf80SDavid Howells 8939875cf80SDavid Howells mnt = path->dentry->d_op->d_automount(path); 8949875cf80SDavid Howells if (IS_ERR(mnt)) { 8959875cf80SDavid Howells /* 8969875cf80SDavid Howells * The filesystem is allowed to return -EISDIR here to indicate 8979875cf80SDavid Howells * it doesn't want to automount. For instance, autofs would do 8989875cf80SDavid Howells * this so that its userspace daemon can mount on this dentry. 8999875cf80SDavid Howells * 9009875cf80SDavid Howells * However, we can only permit this if it's a terminal point in 9019875cf80SDavid Howells * the path being looked up; if it wasn't then the remainder of 9029875cf80SDavid Howells * the path is inaccessible and we should say so. 9039875cf80SDavid Howells */ 9049875cf80SDavid Howells if (PTR_ERR(mnt) == -EISDIR && (flags & LOOKUP_CONTINUE)) 9059875cf80SDavid Howells return -EREMOTE; 9069875cf80SDavid Howells return PTR_ERR(mnt); 90731e6b01fSNick Piggin } 908ea5b778aSDavid Howells 9099875cf80SDavid Howells if (!mnt) /* mount collision */ 9109875cf80SDavid Howells return 0; 9119875cf80SDavid Howells 91219a167afSAl Viro err = finish_automount(mnt, path); 913ea5b778aSDavid Howells 914ea5b778aSDavid Howells switch (err) { 915ea5b778aSDavid Howells case -EBUSY: 916ea5b778aSDavid Howells /* Someone else made a mount here whilst we were busy */ 91719a167afSAl Viro return 0; 918ea5b778aSDavid Howells case 0: 919463ffb2eSAl Viro dput(path->dentry); 9209875cf80SDavid Howells if (*need_mntput) 9219875cf80SDavid Howells mntput(path->mnt); 9229875cf80SDavid Howells path->mnt = mnt; 9239875cf80SDavid Howells path->dentry = dget(mnt->mnt_root); 9249875cf80SDavid Howells *need_mntput = true; 9259875cf80SDavid Howells return 0; 92619a167afSAl Viro default: 92719a167afSAl Viro return err; 9289875cf80SDavid Howells } 92919a167afSAl Viro 930ea5b778aSDavid Howells } 9319875cf80SDavid Howells 9329875cf80SDavid Howells /* 9339875cf80SDavid Howells * Handle a dentry that is managed in some way. 934cc53ce53SDavid Howells * - Flagged for transit management (autofs) 9359875cf80SDavid Howells * - Flagged as mountpoint 9369875cf80SDavid Howells * - Flagged as automount point 9379875cf80SDavid Howells * 9389875cf80SDavid Howells * This may only be called in refwalk mode. 9399875cf80SDavid Howells * 9409875cf80SDavid Howells * Serialization is taken care of in namespace.c 9419875cf80SDavid Howells */ 9429875cf80SDavid Howells static int follow_managed(struct path *path, unsigned flags) 9439875cf80SDavid Howells { 9449875cf80SDavid Howells unsigned managed; 9459875cf80SDavid Howells bool need_mntput = false; 9469875cf80SDavid Howells int ret; 9479875cf80SDavid Howells 9489875cf80SDavid Howells /* Given that we're not holding a lock here, we retain the value in a 9499875cf80SDavid Howells * local variable for each dentry as we look at it so that we don't see 9509875cf80SDavid Howells * the components of that value change under us */ 9519875cf80SDavid Howells while (managed = ACCESS_ONCE(path->dentry->d_flags), 9529875cf80SDavid Howells managed &= DCACHE_MANAGED_DENTRY, 9539875cf80SDavid Howells unlikely(managed != 0)) { 954cc53ce53SDavid Howells /* Allow the filesystem to manage the transit without i_mutex 955cc53ce53SDavid Howells * being held. */ 956cc53ce53SDavid Howells if (managed & DCACHE_MANAGE_TRANSIT) { 957cc53ce53SDavid Howells BUG_ON(!path->dentry->d_op); 958cc53ce53SDavid Howells BUG_ON(!path->dentry->d_op->d_manage); 959ab90911fSDavid Howells ret = path->dentry->d_op->d_manage(path->dentry, 960ab90911fSDavid Howells false, false); 961cc53ce53SDavid Howells if (ret < 0) 962cc53ce53SDavid Howells return ret == -EISDIR ? 0 : ret; 963cc53ce53SDavid Howells } 964cc53ce53SDavid Howells 9659875cf80SDavid Howells /* Transit to a mounted filesystem. */ 9669875cf80SDavid Howells if (managed & DCACHE_MOUNTED) { 9679875cf80SDavid Howells struct vfsmount *mounted = lookup_mnt(path); 9689875cf80SDavid Howells if (mounted) { 9699875cf80SDavid Howells dput(path->dentry); 9709875cf80SDavid Howells if (need_mntput) 971463ffb2eSAl Viro mntput(path->mnt); 972463ffb2eSAl Viro path->mnt = mounted; 973463ffb2eSAl Viro path->dentry = dget(mounted->mnt_root); 9749875cf80SDavid Howells need_mntput = true; 9759875cf80SDavid Howells continue; 976463ffb2eSAl Viro } 977463ffb2eSAl Viro 9789875cf80SDavid Howells /* Something is mounted on this dentry in another 9799875cf80SDavid Howells * namespace and/or whatever was mounted there in this 9809875cf80SDavid Howells * namespace got unmounted before we managed to get the 9819875cf80SDavid Howells * vfsmount_lock */ 9821da177e4SLinus Torvalds } 9839875cf80SDavid Howells 9849875cf80SDavid Howells /* Handle an automount point */ 9859875cf80SDavid Howells if (managed & DCACHE_NEED_AUTOMOUNT) { 9869875cf80SDavid Howells ret = follow_automount(path, flags, &need_mntput); 9879875cf80SDavid Howells if (ret < 0) 9889875cf80SDavid Howells return ret == -EISDIR ? 0 : ret; 9899875cf80SDavid Howells continue; 9909875cf80SDavid Howells } 9919875cf80SDavid Howells 9929875cf80SDavid Howells /* We didn't change the current path point */ 9939875cf80SDavid Howells break; 9949875cf80SDavid Howells } 9959875cf80SDavid Howells return 0; 9961da177e4SLinus Torvalds } 9971da177e4SLinus Torvalds 998cc53ce53SDavid Howells int follow_down_one(struct path *path) 9991da177e4SLinus Torvalds { 10001da177e4SLinus Torvalds struct vfsmount *mounted; 10011da177e4SLinus Torvalds 10021c755af4SAl Viro mounted = lookup_mnt(path); 10031da177e4SLinus Torvalds if (mounted) { 10049393bd07SAl Viro dput(path->dentry); 10059393bd07SAl Viro mntput(path->mnt); 10069393bd07SAl Viro path->mnt = mounted; 10079393bd07SAl Viro path->dentry = dget(mounted->mnt_root); 10081da177e4SLinus Torvalds return 1; 10091da177e4SLinus Torvalds } 10101da177e4SLinus Torvalds return 0; 10111da177e4SLinus Torvalds } 10121da177e4SLinus Torvalds 10139875cf80SDavid Howells /* 10149875cf80SDavid Howells * Skip to top of mountpoint pile in rcuwalk mode. We abort the rcu-walk if we 1015cc53ce53SDavid Howells * meet a managed dentry and we're not walking to "..". True is returned to 10169875cf80SDavid Howells * continue, false to abort. 10179875cf80SDavid Howells */ 10189875cf80SDavid Howells static bool __follow_mount_rcu(struct nameidata *nd, struct path *path, 10199875cf80SDavid Howells struct inode **inode, bool reverse_transit) 10209875cf80SDavid Howells { 10219875cf80SDavid Howells while (d_mountpoint(path->dentry)) { 10229875cf80SDavid Howells struct vfsmount *mounted; 1023ab90911fSDavid Howells if (unlikely(path->dentry->d_flags & DCACHE_MANAGE_TRANSIT) && 1024ab90911fSDavid Howells !reverse_transit && 1025ab90911fSDavid Howells path->dentry->d_op->d_manage(path->dentry, false, true) < 0) 1026ab90911fSDavid Howells return false; 10279875cf80SDavid Howells mounted = __lookup_mnt(path->mnt, path->dentry, 1); 10289875cf80SDavid Howells if (!mounted) 10299875cf80SDavid Howells break; 10309875cf80SDavid Howells path->mnt = mounted; 10319875cf80SDavid Howells path->dentry = mounted->mnt_root; 10329875cf80SDavid Howells nd->seq = read_seqcount_begin(&path->dentry->d_seq); 10339875cf80SDavid Howells *inode = path->dentry->d_inode; 10349875cf80SDavid Howells } 10359875cf80SDavid Howells 10369875cf80SDavid Howells if (unlikely(path->dentry->d_flags & DCACHE_NEED_AUTOMOUNT)) 10379875cf80SDavid Howells return reverse_transit; 10389875cf80SDavid Howells return true; 10399875cf80SDavid Howells } 10409875cf80SDavid Howells 104131e6b01fSNick Piggin static int follow_dotdot_rcu(struct nameidata *nd) 104231e6b01fSNick Piggin { 104331e6b01fSNick Piggin struct inode *inode = nd->inode; 104431e6b01fSNick Piggin 104531e6b01fSNick Piggin set_root_rcu(nd); 104631e6b01fSNick Piggin 104731e6b01fSNick Piggin while (1) { 104831e6b01fSNick Piggin if (nd->path.dentry == nd->root.dentry && 104931e6b01fSNick Piggin nd->path.mnt == nd->root.mnt) { 105031e6b01fSNick Piggin break; 105131e6b01fSNick Piggin } 105231e6b01fSNick Piggin if (nd->path.dentry != nd->path.mnt->mnt_root) { 105331e6b01fSNick Piggin struct dentry *old = nd->path.dentry; 105431e6b01fSNick Piggin struct dentry *parent = old->d_parent; 105531e6b01fSNick Piggin unsigned seq; 105631e6b01fSNick Piggin 105731e6b01fSNick Piggin seq = read_seqcount_begin(&parent->d_seq); 105831e6b01fSNick Piggin if (read_seqcount_retry(&old->d_seq, nd->seq)) 105931e6b01fSNick Piggin return -ECHILD; 106031e6b01fSNick Piggin inode = parent->d_inode; 106131e6b01fSNick Piggin nd->path.dentry = parent; 106231e6b01fSNick Piggin nd->seq = seq; 106331e6b01fSNick Piggin break; 106431e6b01fSNick Piggin } 106531e6b01fSNick Piggin if (!follow_up_rcu(&nd->path)) 106631e6b01fSNick Piggin break; 106731e6b01fSNick Piggin nd->seq = read_seqcount_begin(&nd->path.dentry->d_seq); 106831e6b01fSNick Piggin inode = nd->path.dentry->d_inode; 106931e6b01fSNick Piggin } 10709875cf80SDavid Howells __follow_mount_rcu(nd, &nd->path, &inode, true); 107131e6b01fSNick Piggin nd->inode = inode; 107231e6b01fSNick Piggin 107331e6b01fSNick Piggin return 0; 107431e6b01fSNick Piggin } 107531e6b01fSNick Piggin 10769875cf80SDavid Howells /* 1077cc53ce53SDavid Howells * Follow down to the covering mount currently visible to userspace. At each 1078cc53ce53SDavid Howells * point, the filesystem owning that dentry may be queried as to whether the 1079cc53ce53SDavid Howells * caller is permitted to proceed or not. 1080cc53ce53SDavid Howells * 1081cc53ce53SDavid Howells * Care must be taken as namespace_sem may be held (indicated by mounting_here 1082cc53ce53SDavid Howells * being true). 1083cc53ce53SDavid Howells */ 1084cc53ce53SDavid Howells int follow_down(struct path *path, bool mounting_here) 1085cc53ce53SDavid Howells { 1086cc53ce53SDavid Howells unsigned managed; 1087cc53ce53SDavid Howells int ret; 1088cc53ce53SDavid Howells 1089cc53ce53SDavid Howells while (managed = ACCESS_ONCE(path->dentry->d_flags), 1090cc53ce53SDavid Howells unlikely(managed & DCACHE_MANAGED_DENTRY)) { 1091cc53ce53SDavid Howells /* Allow the filesystem to manage the transit without i_mutex 1092cc53ce53SDavid Howells * being held. 1093cc53ce53SDavid Howells * 1094cc53ce53SDavid Howells * We indicate to the filesystem if someone is trying to mount 1095cc53ce53SDavid Howells * something here. This gives autofs the chance to deny anyone 1096cc53ce53SDavid Howells * other than its daemon the right to mount on its 1097cc53ce53SDavid Howells * superstructure. 1098cc53ce53SDavid Howells * 1099cc53ce53SDavid Howells * The filesystem may sleep at this point. 1100cc53ce53SDavid Howells */ 1101cc53ce53SDavid Howells if (managed & DCACHE_MANAGE_TRANSIT) { 1102cc53ce53SDavid Howells BUG_ON(!path->dentry->d_op); 1103cc53ce53SDavid Howells BUG_ON(!path->dentry->d_op->d_manage); 1104ab90911fSDavid Howells ret = path->dentry->d_op->d_manage( 1105ab90911fSDavid Howells path->dentry, mounting_here, false); 1106cc53ce53SDavid Howells if (ret < 0) 1107cc53ce53SDavid Howells return ret == -EISDIR ? 0 : ret; 1108cc53ce53SDavid Howells } 1109cc53ce53SDavid Howells 1110cc53ce53SDavid Howells /* Transit to a mounted filesystem. */ 1111cc53ce53SDavid Howells if (managed & DCACHE_MOUNTED) { 1112cc53ce53SDavid Howells struct vfsmount *mounted = lookup_mnt(path); 1113cc53ce53SDavid Howells if (!mounted) 1114cc53ce53SDavid Howells break; 1115cc53ce53SDavid Howells dput(path->dentry); 1116cc53ce53SDavid Howells mntput(path->mnt); 1117cc53ce53SDavid Howells path->mnt = mounted; 1118cc53ce53SDavid Howells path->dentry = dget(mounted->mnt_root); 1119cc53ce53SDavid Howells continue; 1120cc53ce53SDavid Howells } 1121cc53ce53SDavid Howells 1122cc53ce53SDavid Howells /* Don't handle automount points here */ 1123cc53ce53SDavid Howells break; 1124cc53ce53SDavid Howells } 1125cc53ce53SDavid Howells return 0; 1126cc53ce53SDavid Howells } 1127cc53ce53SDavid Howells 1128cc53ce53SDavid Howells /* 11299875cf80SDavid Howells * Skip to top of mountpoint pile in refwalk mode for follow_dotdot() 11309875cf80SDavid Howells */ 11319875cf80SDavid Howells static void follow_mount(struct path *path) 11329875cf80SDavid Howells { 11339875cf80SDavid Howells while (d_mountpoint(path->dentry)) { 11349875cf80SDavid Howells struct vfsmount *mounted = lookup_mnt(path); 11359875cf80SDavid Howells if (!mounted) 11369875cf80SDavid Howells break; 11379875cf80SDavid Howells dput(path->dentry); 11389875cf80SDavid Howells mntput(path->mnt); 11399875cf80SDavid Howells path->mnt = mounted; 11409875cf80SDavid Howells path->dentry = dget(mounted->mnt_root); 11419875cf80SDavid Howells } 11429875cf80SDavid Howells } 11439875cf80SDavid Howells 114431e6b01fSNick Piggin static void follow_dotdot(struct nameidata *nd) 11451da177e4SLinus Torvalds { 11462a737871SAl Viro set_root(nd); 1147e518ddb7SAndreas Mohr 11481da177e4SLinus Torvalds while(1) { 11494ac91378SJan Blunck struct dentry *old = nd->path.dentry; 11501da177e4SLinus Torvalds 11512a737871SAl Viro if (nd->path.dentry == nd->root.dentry && 11522a737871SAl Viro nd->path.mnt == nd->root.mnt) { 11531da177e4SLinus Torvalds break; 11541da177e4SLinus Torvalds } 11554ac91378SJan Blunck if (nd->path.dentry != nd->path.mnt->mnt_root) { 11563088dd70SAl Viro /* rare case of legitimate dget_parent()... */ 11573088dd70SAl Viro nd->path.dentry = dget_parent(nd->path.dentry); 11581da177e4SLinus Torvalds dput(old); 11591da177e4SLinus Torvalds break; 11601da177e4SLinus Torvalds } 11613088dd70SAl Viro if (!follow_up(&nd->path)) 11621da177e4SLinus Torvalds break; 11631da177e4SLinus Torvalds } 116479ed0226SAl Viro follow_mount(&nd->path); 116531e6b01fSNick Piggin nd->inode = nd->path.dentry->d_inode; 11661da177e4SLinus Torvalds } 11671da177e4SLinus Torvalds 11681da177e4SLinus Torvalds /* 1169baa03890SNick Piggin * Allocate a dentry with name and parent, and perform a parent 1170baa03890SNick Piggin * directory ->lookup on it. Returns the new dentry, or ERR_PTR 1171baa03890SNick Piggin * on error. parent->d_inode->i_mutex must be held. d_lookup must 1172baa03890SNick Piggin * have verified that no child exists while under i_mutex. 1173baa03890SNick Piggin */ 1174baa03890SNick Piggin static struct dentry *d_alloc_and_lookup(struct dentry *parent, 1175baa03890SNick Piggin struct qstr *name, struct nameidata *nd) 1176baa03890SNick Piggin { 1177baa03890SNick Piggin struct inode *inode = parent->d_inode; 1178baa03890SNick Piggin struct dentry *dentry; 1179baa03890SNick Piggin struct dentry *old; 1180baa03890SNick Piggin 1181baa03890SNick Piggin /* Don't create child dentry for a dead directory. */ 1182baa03890SNick Piggin if (unlikely(IS_DEADDIR(inode))) 1183baa03890SNick Piggin return ERR_PTR(-ENOENT); 1184baa03890SNick Piggin 1185baa03890SNick Piggin dentry = d_alloc(parent, name); 1186baa03890SNick Piggin if (unlikely(!dentry)) 1187baa03890SNick Piggin return ERR_PTR(-ENOMEM); 1188baa03890SNick Piggin 1189baa03890SNick Piggin old = inode->i_op->lookup(inode, dentry, nd); 1190baa03890SNick Piggin if (unlikely(old)) { 1191baa03890SNick Piggin dput(dentry); 1192baa03890SNick Piggin dentry = old; 1193baa03890SNick Piggin } 1194baa03890SNick Piggin return dentry; 1195baa03890SNick Piggin } 1196baa03890SNick Piggin 1197baa03890SNick Piggin /* 11981da177e4SLinus Torvalds * It's more convoluted than I'd like it to be, but... it's still fairly 11991da177e4SLinus Torvalds * small and for now I'd prefer to have fast path as straight as possible. 12001da177e4SLinus Torvalds * It _is_ time-critical. 12011da177e4SLinus Torvalds */ 12021da177e4SLinus Torvalds static int do_lookup(struct nameidata *nd, struct qstr *name, 120331e6b01fSNick Piggin struct path *path, struct inode **inode) 12041da177e4SLinus Torvalds { 12054ac91378SJan Blunck struct vfsmount *mnt = nd->path.mnt; 120631e6b01fSNick Piggin struct dentry *dentry, *parent = nd->path.dentry; 12076e6b1bd1SAl Viro struct inode *dir; 12089875cf80SDavid Howells int err; 12099875cf80SDavid Howells 12103cac260aSAl Viro /* 12113cac260aSAl Viro * See if the low-level filesystem might want 12123cac260aSAl Viro * to use its own hash.. 12133cac260aSAl Viro */ 1214fb045adbSNick Piggin if (unlikely(parent->d_flags & DCACHE_OP_HASH)) { 12159875cf80SDavid Howells err = parent->d_op->d_hash(parent, nd->inode, name); 12163cac260aSAl Viro if (err < 0) 12173cac260aSAl Viro return err; 12183cac260aSAl Viro } 12191da177e4SLinus Torvalds 1220b04f784eSNick Piggin /* 1221b04f784eSNick Piggin * Rename seqlock is not required here because in the off chance 1222b04f784eSNick Piggin * of a false negative due to a concurrent rename, we're going to 1223b04f784eSNick Piggin * do the non-racy lookup, below. 1224b04f784eSNick Piggin */ 122531e6b01fSNick Piggin if (nd->flags & LOOKUP_RCU) { 122631e6b01fSNick Piggin unsigned seq; 122731e6b01fSNick Piggin 122831e6b01fSNick Piggin *inode = nd->inode; 122931e6b01fSNick Piggin dentry = __d_lookup_rcu(parent, name, &seq, inode); 123031e6b01fSNick Piggin if (!dentry) { 123131e6b01fSNick Piggin if (nameidata_drop_rcu(nd)) 123231e6b01fSNick Piggin return -ECHILD; 123331e6b01fSNick Piggin goto need_lookup; 123431e6b01fSNick Piggin } 123531e6b01fSNick Piggin /* Memory barrier in read_seqcount_begin of child is enough */ 123631e6b01fSNick Piggin if (__read_seqcount_retry(&parent->d_seq, nd->seq)) 123731e6b01fSNick Piggin return -ECHILD; 123831e6b01fSNick Piggin 123931e6b01fSNick Piggin nd->seq = seq; 124024643087SAl Viro if (unlikely(dentry->d_flags & DCACHE_OP_REVALIDATE)) { 1241f5e1c1c1SAl Viro dentry = do_revalidate_rcu(dentry, nd); 124224643087SAl Viro if (!dentry) 124324643087SAl Viro goto need_lookup; 124424643087SAl Viro if (IS_ERR(dentry)) 124524643087SAl Viro goto fail; 124624643087SAl Viro if (!(nd->flags & LOOKUP_RCU)) 124724643087SAl Viro goto done; 124824643087SAl Viro } 124931e6b01fSNick Piggin path->mnt = mnt; 125031e6b01fSNick Piggin path->dentry = dentry; 12519875cf80SDavid Howells if (likely(__follow_mount_rcu(nd, path, inode, false))) 12529875cf80SDavid Howells return 0; 12539875cf80SDavid Howells if (nameidata_drop_rcu(nd)) 12549875cf80SDavid Howells return -ECHILD; 12559875cf80SDavid Howells /* fallthru */ 12569875cf80SDavid Howells } 125731e6b01fSNick Piggin dentry = __d_lookup(parent, name); 12581da177e4SLinus Torvalds if (!dentry) 12591da177e4SLinus Torvalds goto need_lookup; 12602e2e88eaSNick Piggin found: 126124643087SAl Viro if (unlikely(dentry->d_flags & DCACHE_OP_REVALIDATE)) { 126224643087SAl Viro dentry = do_revalidate(dentry, nd); 126324643087SAl Viro if (!dentry) 126424643087SAl Viro goto need_lookup; 126524643087SAl Viro if (IS_ERR(dentry)) 126624643087SAl Viro goto fail; 126724643087SAl Viro } 12681da177e4SLinus Torvalds done: 12691da177e4SLinus Torvalds path->mnt = mnt; 12701da177e4SLinus Torvalds path->dentry = dentry; 12719875cf80SDavid Howells err = follow_managed(path, nd->flags); 127289312214SIan Kent if (unlikely(err < 0)) { 127389312214SIan Kent path_put_conditional(path, nd); 12749875cf80SDavid Howells return err; 127589312214SIan Kent } 127631e6b01fSNick Piggin *inode = path->dentry->d_inode; 12771da177e4SLinus Torvalds return 0; 12781da177e4SLinus Torvalds 12791da177e4SLinus Torvalds need_lookup: 12806e6b1bd1SAl Viro dir = parent->d_inode; 128131e6b01fSNick Piggin BUG_ON(nd->inode != dir); 12826e6b1bd1SAl Viro 12836e6b1bd1SAl Viro mutex_lock(&dir->i_mutex); 12846e6b1bd1SAl Viro /* 12856e6b1bd1SAl Viro * First re-do the cached lookup just in case it was created 1286b04f784eSNick Piggin * while we waited for the directory semaphore, or the first 1287b04f784eSNick Piggin * lookup failed due to an unrelated rename. 12886e6b1bd1SAl Viro * 1289b04f784eSNick Piggin * This could use version numbering or similar to avoid unnecessary 1290b04f784eSNick Piggin * cache lookups, but then we'd have to do the first lookup in the 1291b04f784eSNick Piggin * non-racy way. However in the common case here, everything should 1292b04f784eSNick Piggin * be hot in cache, so would it be a big win? 12936e6b1bd1SAl Viro */ 12946e6b1bd1SAl Viro dentry = d_lookup(parent, name); 1295baa03890SNick Piggin if (likely(!dentry)) { 1296baa03890SNick Piggin dentry = d_alloc_and_lookup(parent, name, nd); 12976e6b1bd1SAl Viro mutex_unlock(&dir->i_mutex); 12986e6b1bd1SAl Viro if (IS_ERR(dentry)) 12996e6b1bd1SAl Viro goto fail; 13006e6b1bd1SAl Viro goto done; 13016e6b1bd1SAl Viro } 13026e6b1bd1SAl Viro /* 13036e6b1bd1SAl Viro * Uhhuh! Nasty case: the cache was re-populated while 13046e6b1bd1SAl Viro * we waited on the semaphore. Need to revalidate. 13056e6b1bd1SAl Viro */ 13066e6b1bd1SAl Viro mutex_unlock(&dir->i_mutex); 13072e2e88eaSNick Piggin goto found; 13081da177e4SLinus Torvalds 13091da177e4SLinus Torvalds fail: 13101da177e4SLinus Torvalds return PTR_ERR(dentry); 13111da177e4SLinus Torvalds } 13121da177e4SLinus Torvalds 131352094c8aSAl Viro static inline int may_lookup(struct nameidata *nd) 131452094c8aSAl Viro { 131552094c8aSAl Viro if (nd->flags & LOOKUP_RCU) { 131652094c8aSAl Viro int err = exec_permission(nd->inode, IPERM_FLAG_RCU); 131752094c8aSAl Viro if (err != -ECHILD) 131852094c8aSAl Viro return err; 131952094c8aSAl Viro if (nameidata_drop_rcu(nd)) 132052094c8aSAl Viro return -ECHILD; 132152094c8aSAl Viro } 132252094c8aSAl Viro return exec_permission(nd->inode, 0); 132352094c8aSAl Viro } 132452094c8aSAl Viro 13251da177e4SLinus Torvalds /* 13261da177e4SLinus Torvalds * Name resolution. 1327ea3834d9SPrasanna Meda * This is the basic name resolution function, turning a pathname into 1328ea3834d9SPrasanna Meda * the final dentry. We expect 'base' to be positive and a directory. 13291da177e4SLinus Torvalds * 1330ea3834d9SPrasanna Meda * Returns 0 and nd will have valid dentry and mnt on success. 1331ea3834d9SPrasanna Meda * Returns error and drops reference to input namei data on failure. 13321da177e4SLinus Torvalds */ 13336de88d72SAl Viro static int link_path_walk(const char *name, struct nameidata *nd) 13341da177e4SLinus Torvalds { 13351da177e4SLinus Torvalds struct path next; 13361da177e4SLinus Torvalds int err; 13371da177e4SLinus Torvalds unsigned int lookup_flags = nd->flags; 13381da177e4SLinus Torvalds 13391da177e4SLinus Torvalds while (*name=='/') 13401da177e4SLinus Torvalds name++; 13411da177e4SLinus Torvalds if (!*name) 134216c2cd71SAl Viro goto return_base; 13431da177e4SLinus Torvalds 13441da177e4SLinus Torvalds if (nd->depth) 1345f55eab82STrond Myklebust lookup_flags = LOOKUP_FOLLOW | (nd->flags & LOOKUP_CONTINUE); 13461da177e4SLinus Torvalds 13471da177e4SLinus Torvalds /* At this point we know we have a real path component. */ 13481da177e4SLinus Torvalds for(;;) { 134931e6b01fSNick Piggin struct inode *inode; 13501da177e4SLinus Torvalds unsigned long hash; 13511da177e4SLinus Torvalds struct qstr this; 13521da177e4SLinus Torvalds unsigned int c; 1353fe479a58SAl Viro int type; 13541da177e4SLinus Torvalds 1355cdce5d6bSTrond Myklebust nd->flags |= LOOKUP_CONTINUE; 135652094c8aSAl Viro 135752094c8aSAl Viro err = may_lookup(nd); 13581da177e4SLinus Torvalds if (err) 13591da177e4SLinus Torvalds break; 13601da177e4SLinus Torvalds 13611da177e4SLinus Torvalds this.name = name; 13621da177e4SLinus Torvalds c = *(const unsigned char *)name; 13631da177e4SLinus Torvalds 13641da177e4SLinus Torvalds hash = init_name_hash(); 13651da177e4SLinus Torvalds do { 13661da177e4SLinus Torvalds name++; 13671da177e4SLinus Torvalds hash = partial_name_hash(c, hash); 13681da177e4SLinus Torvalds c = *(const unsigned char *)name; 13691da177e4SLinus Torvalds } while (c && (c != '/')); 13701da177e4SLinus Torvalds this.len = name - (const char *) this.name; 13711da177e4SLinus Torvalds this.hash = end_name_hash(hash); 13721da177e4SLinus Torvalds 1373fe479a58SAl Viro type = LAST_NORM; 1374fe479a58SAl Viro if (this.name[0] == '.') switch (this.len) { 1375fe479a58SAl Viro case 2: 137616c2cd71SAl Viro if (this.name[1] == '.') { 1377fe479a58SAl Viro type = LAST_DOTDOT; 137816c2cd71SAl Viro nd->flags |= LOOKUP_JUMPED; 137916c2cd71SAl Viro } 1380fe479a58SAl Viro break; 1381fe479a58SAl Viro case 1: 1382fe479a58SAl Viro type = LAST_DOT; 1383fe479a58SAl Viro } 138416c2cd71SAl Viro if (likely(type == LAST_NORM)) 138516c2cd71SAl Viro nd->flags &= ~LOOKUP_JUMPED; 1386fe479a58SAl Viro 13871da177e4SLinus Torvalds /* remove trailing slashes? */ 13881da177e4SLinus Torvalds if (!c) 13891da177e4SLinus Torvalds goto last_component; 13901da177e4SLinus Torvalds while (*++name == '/'); 13911da177e4SLinus Torvalds if (!*name) 13921da177e4SLinus Torvalds goto last_with_slashes; 13931da177e4SLinus Torvalds 13941da177e4SLinus Torvalds /* 13951da177e4SLinus Torvalds * "." and ".." are special - ".." especially so because it has 13961da177e4SLinus Torvalds * to be able to know about the current root directory and 13971da177e4SLinus Torvalds * parent relationships. 13981da177e4SLinus Torvalds */ 1399fe479a58SAl Viro if (unlikely(type != LAST_NORM)) { 1400fe479a58SAl Viro if (type == LAST_DOTDOT) { 140131e6b01fSNick Piggin if (nd->flags & LOOKUP_RCU) { 140231e6b01fSNick Piggin if (follow_dotdot_rcu(nd)) 140331e6b01fSNick Piggin return -ECHILD; 140431e6b01fSNick Piggin } else 140558c465ebSAl Viro follow_dotdot(nd); 1406fe479a58SAl Viro } 14071da177e4SLinus Torvalds continue; 14081da177e4SLinus Torvalds } 1409fe479a58SAl Viro 14101da177e4SLinus Torvalds /* This does the actual lookups.. */ 141131e6b01fSNick Piggin err = do_lookup(nd, &this, &next, &inode); 14121da177e4SLinus Torvalds if (err) 14131da177e4SLinus Torvalds break; 14141da177e4SLinus Torvalds err = -ENOENT; 14151da177e4SLinus Torvalds if (!inode) 14161da177e4SLinus Torvalds goto out_dput; 14171da177e4SLinus Torvalds 14181da177e4SLinus Torvalds if (inode->i_op->follow_link) { 14193abb17e8SLinus Torvalds err = do_follow_link(inode, &next, nd); 14201da177e4SLinus Torvalds if (err) 14211da177e4SLinus Torvalds goto return_err; 142231e6b01fSNick Piggin nd->inode = nd->path.dentry->d_inode; 14231da177e4SLinus Torvalds err = -ENOENT; 142431e6b01fSNick Piggin if (!nd->inode) 14251da177e4SLinus Torvalds break; 142631e6b01fSNick Piggin } else { 142709dd17d3SMiklos Szeredi path_to_nameidata(&next, nd); 142831e6b01fSNick Piggin nd->inode = inode; 142931e6b01fSNick Piggin } 14301da177e4SLinus Torvalds err = -ENOTDIR; 143131e6b01fSNick Piggin if (!nd->inode->i_op->lookup) 14321da177e4SLinus Torvalds break; 14331da177e4SLinus Torvalds continue; 14341da177e4SLinus Torvalds /* here ends the main loop */ 14351da177e4SLinus Torvalds 14361da177e4SLinus Torvalds last_with_slashes: 14371da177e4SLinus Torvalds lookup_flags |= LOOKUP_FOLLOW | LOOKUP_DIRECTORY; 14381da177e4SLinus Torvalds last_component: 1439f55eab82STrond Myklebust /* Clear LOOKUP_CONTINUE iff it was previously unset */ 1440f55eab82STrond Myklebust nd->flags &= lookup_flags | ~LOOKUP_CONTINUE; 14411da177e4SLinus Torvalds if (lookup_flags & LOOKUP_PARENT) 14421da177e4SLinus Torvalds goto lookup_parent; 1443fe479a58SAl Viro if (unlikely(type != LAST_NORM)) { 1444fe479a58SAl Viro if (type == LAST_DOTDOT) { 144531e6b01fSNick Piggin if (nd->flags & LOOKUP_RCU) { 144631e6b01fSNick Piggin if (follow_dotdot_rcu(nd)) 144731e6b01fSNick Piggin return -ECHILD; 144831e6b01fSNick Piggin } else 144958c465ebSAl Viro follow_dotdot(nd); 1450fe479a58SAl Viro } 145116c2cd71SAl Viro goto return_base; 14521da177e4SLinus Torvalds } 145331e6b01fSNick Piggin err = do_lookup(nd, &this, &next, &inode); 14541da177e4SLinus Torvalds if (err) 14551da177e4SLinus Torvalds break; 1456db372915SDavid Howells if (inode && unlikely(inode->i_op->follow_link) && 1457db372915SDavid Howells (lookup_flags & LOOKUP_FOLLOW)) { 14583abb17e8SLinus Torvalds err = do_follow_link(inode, &next, nd); 14591da177e4SLinus Torvalds if (err) 14601da177e4SLinus Torvalds goto return_err; 146131e6b01fSNick Piggin nd->inode = nd->path.dentry->d_inode; 146231e6b01fSNick Piggin } else { 146309dd17d3SMiklos Szeredi path_to_nameidata(&next, nd); 146431e6b01fSNick Piggin nd->inode = inode; 146531e6b01fSNick Piggin } 14661da177e4SLinus Torvalds err = -ENOENT; 146731e6b01fSNick Piggin if (!nd->inode) 14681da177e4SLinus Torvalds break; 14691da177e4SLinus Torvalds if (lookup_flags & LOOKUP_DIRECTORY) { 14701da177e4SLinus Torvalds err = -ENOTDIR; 147131e6b01fSNick Piggin if (!nd->inode->i_op->lookup) 14721da177e4SLinus Torvalds break; 14731da177e4SLinus Torvalds } 14741da177e4SLinus Torvalds goto return_base; 14751da177e4SLinus Torvalds lookup_parent: 14761da177e4SLinus Torvalds nd->last = this; 1477fe479a58SAl Viro nd->last_type = type; 14781da177e4SLinus Torvalds return_base: 147931e6b01fSNick Piggin if (nameidata_drop_rcu_last_maybe(nd)) 148031e6b01fSNick Piggin return -ECHILD; 14811da177e4SLinus Torvalds return 0; 14821da177e4SLinus Torvalds out_dput: 148331e6b01fSNick Piggin if (!(nd->flags & LOOKUP_RCU)) 14841d957f9bSJan Blunck path_put_conditional(&next, nd); 14851da177e4SLinus Torvalds break; 14861da177e4SLinus Torvalds } 148731e6b01fSNick Piggin if (!(nd->flags & LOOKUP_RCU)) 14881d957f9bSJan Blunck path_put(&nd->path); 14891da177e4SLinus Torvalds return_err: 14901da177e4SLinus Torvalds return err; 14911da177e4SLinus Torvalds } 14921da177e4SLinus Torvalds 1493e41f7d4eSAl Viro static int path_init(int dfd, const char *name, unsigned int flags, struct nameidata *nd) 149431e6b01fSNick Piggin { 149531e6b01fSNick Piggin int retval = 0; 149631e6b01fSNick Piggin int fput_needed; 149731e6b01fSNick Piggin struct file *file; 149831e6b01fSNick Piggin 149931e6b01fSNick Piggin nd->last_type = LAST_ROOT; /* if there are only slashes... */ 150016c2cd71SAl Viro nd->flags = flags | LOOKUP_JUMPED; 150131e6b01fSNick Piggin nd->depth = 0; 150231e6b01fSNick Piggin nd->root.mnt = NULL; 150331e6b01fSNick Piggin nd->file = NULL; 150431e6b01fSNick Piggin 150531e6b01fSNick Piggin if (*name=='/') { 1506e41f7d4eSAl Viro if (flags & LOOKUP_RCU) { 150731e6b01fSNick Piggin br_read_lock(vfsmount_lock); 150831e6b01fSNick Piggin rcu_read_lock(); 1509e41f7d4eSAl Viro set_root_rcu(nd); 1510e41f7d4eSAl Viro } else { 1511e41f7d4eSAl Viro set_root(nd); 1512e41f7d4eSAl Viro path_get(&nd->root); 1513e41f7d4eSAl Viro } 151431e6b01fSNick Piggin nd->path = nd->root; 151531e6b01fSNick Piggin } else if (dfd == AT_FDCWD) { 1516e41f7d4eSAl Viro if (flags & LOOKUP_RCU) { 151731e6b01fSNick Piggin struct fs_struct *fs = current->fs; 1518c28cc364SNick Piggin unsigned seq; 151931e6b01fSNick Piggin 152031e6b01fSNick Piggin br_read_lock(vfsmount_lock); 152131e6b01fSNick Piggin rcu_read_lock(); 152231e6b01fSNick Piggin 1523c28cc364SNick Piggin do { 1524c28cc364SNick Piggin seq = read_seqcount_begin(&fs->seq); 152531e6b01fSNick Piggin nd->path = fs->pwd; 1526c28cc364SNick Piggin nd->seq = __read_seqcount_begin(&nd->path.dentry->d_seq); 1527c28cc364SNick Piggin } while (read_seqcount_retry(&fs->seq, seq)); 1528e41f7d4eSAl Viro } else { 1529e41f7d4eSAl Viro get_fs_pwd(current->fs, &nd->path); 1530e41f7d4eSAl Viro } 153131e6b01fSNick Piggin } else { 153231e6b01fSNick Piggin struct dentry *dentry; 153331e6b01fSNick Piggin 153431e6b01fSNick Piggin file = fget_light(dfd, &fput_needed); 153531e6b01fSNick Piggin retval = -EBADF; 153631e6b01fSNick Piggin if (!file) 153731e6b01fSNick Piggin goto out_fail; 153831e6b01fSNick Piggin 153931e6b01fSNick Piggin dentry = file->f_path.dentry; 154031e6b01fSNick Piggin 154131e6b01fSNick Piggin retval = -ENOTDIR; 154231e6b01fSNick Piggin if (!S_ISDIR(dentry->d_inode->i_mode)) 154331e6b01fSNick Piggin goto fput_fail; 154431e6b01fSNick Piggin 154531e6b01fSNick Piggin retval = file_permission(file, MAY_EXEC); 154631e6b01fSNick Piggin if (retval) 154731e6b01fSNick Piggin goto fput_fail; 154831e6b01fSNick Piggin 154931e6b01fSNick Piggin nd->path = file->f_path; 1550e41f7d4eSAl Viro if (flags & LOOKUP_RCU) { 155131e6b01fSNick Piggin if (fput_needed) 155231e6b01fSNick Piggin nd->file = file; 1553c28cc364SNick Piggin nd->seq = __read_seqcount_begin(&nd->path.dentry->d_seq); 155431e6b01fSNick Piggin br_read_lock(vfsmount_lock); 155531e6b01fSNick Piggin rcu_read_lock(); 15565590ff0dSUlrich Drepper } else { 15575dd784d0SJan Blunck path_get(&file->f_path); 15585590ff0dSUlrich Drepper fput_light(file, fput_needed); 15591da177e4SLinus Torvalds } 1560e41f7d4eSAl Viro } 1561e41f7d4eSAl Viro 156231e6b01fSNick Piggin nd->inode = nd->path.dentry->d_inode; 15639b4a9b14SAl Viro return 0; 15642dfdd266SJosef 'Jeff' Sipek 15659b4a9b14SAl Viro fput_fail: 15669b4a9b14SAl Viro fput_light(file, fput_needed); 15679b4a9b14SAl Viro out_fail: 15689b4a9b14SAl Viro return retval; 15699b4a9b14SAl Viro } 15709b4a9b14SAl Viro 15719b4a9b14SAl Viro /* Returns 0 and nd will be valid on success; Retuns error, otherwise. */ 1572ee0827cdSAl Viro static int path_lookupat(int dfd, const char *name, 15739b4a9b14SAl Viro unsigned int flags, struct nameidata *nd) 15749b4a9b14SAl Viro { 157531e6b01fSNick Piggin int retval; 157631e6b01fSNick Piggin 157731e6b01fSNick Piggin /* 157831e6b01fSNick Piggin * Path walking is largely split up into 2 different synchronisation 157931e6b01fSNick Piggin * schemes, rcu-walk and ref-walk (explained in 158031e6b01fSNick Piggin * Documentation/filesystems/path-lookup.txt). These share much of the 158131e6b01fSNick Piggin * path walk code, but some things particularly setup, cleanup, and 158231e6b01fSNick Piggin * following mounts are sufficiently divergent that functions are 158331e6b01fSNick Piggin * duplicated. Typically there is a function foo(), and its RCU 158431e6b01fSNick Piggin * analogue, foo_rcu(). 158531e6b01fSNick Piggin * 158631e6b01fSNick Piggin * -ECHILD is the error number of choice (just to avoid clashes) that 158731e6b01fSNick Piggin * is returned if some aspect of an rcu-walk fails. Such an error must 158831e6b01fSNick Piggin * be handled by restarting a traditional ref-walk (which will always 158931e6b01fSNick Piggin * be able to complete). 159031e6b01fSNick Piggin */ 1591ee0827cdSAl Viro retval = path_init(dfd, name, flags, nd); 1592ee0827cdSAl Viro 159331e6b01fSNick Piggin if (unlikely(retval)) 159431e6b01fSNick Piggin return retval; 1595ee0827cdSAl Viro 1596ee0827cdSAl Viro current->total_link_count = 0; 1597ee0827cdSAl Viro retval = link_path_walk(name, nd); 1598ee0827cdSAl Viro 1599ee0827cdSAl Viro if (nd->flags & LOOKUP_RCU) { 1600ee0827cdSAl Viro /* RCU dangling. Cancel it. */ 1601ee0827cdSAl Viro nd->flags &= ~LOOKUP_RCU; 16022a737871SAl Viro nd->root.mnt = NULL; 1603ee0827cdSAl Viro rcu_read_unlock(); 1604ee0827cdSAl Viro br_read_unlock(vfsmount_lock); 16052a737871SAl Viro } 160631e6b01fSNick Piggin 160716c2cd71SAl Viro if (!retval) 160816c2cd71SAl Viro retval = handle_reval_path(nd); 160916c2cd71SAl Viro 1610ee0827cdSAl Viro if (nd->file) { 1611ee0827cdSAl Viro fput(nd->file); 1612ee0827cdSAl Viro nd->file = NULL; 1613ee0827cdSAl Viro } 1614ee0827cdSAl Viro 161531e6b01fSNick Piggin if (nd->root.mnt) { 161631e6b01fSNick Piggin path_put(&nd->root); 161731e6b01fSNick Piggin nd->root.mnt = NULL; 161831e6b01fSNick Piggin } 1619ee0827cdSAl Viro return retval; 162031e6b01fSNick Piggin } 162131e6b01fSNick Piggin 1622ee0827cdSAl Viro static int do_path_lookup(int dfd, const char *name, 1623ee0827cdSAl Viro unsigned int flags, struct nameidata *nd) 1624ee0827cdSAl Viro { 1625ee0827cdSAl Viro int retval = path_lookupat(dfd, name, flags | LOOKUP_RCU, nd); 1626ee0827cdSAl Viro if (unlikely(retval == -ECHILD)) 1627ee0827cdSAl Viro retval = path_lookupat(dfd, name, flags, nd); 1628ee0827cdSAl Viro if (unlikely(retval == -ESTALE)) 1629ee0827cdSAl Viro retval = path_lookupat(dfd, name, flags | LOOKUP_REVAL, nd); 1630ee0827cdSAl Viro 163131e6b01fSNick Piggin if (likely(!retval)) { 163231e6b01fSNick Piggin if (unlikely(!audit_dummy_context())) { 163331e6b01fSNick Piggin if (nd->path.dentry && nd->inode) 163431e6b01fSNick Piggin audit_inode(name, nd->path.dentry); 163531e6b01fSNick Piggin } 163631e6b01fSNick Piggin } 1637170aa3d0SUlrich Drepper return retval; 16381da177e4SLinus Torvalds } 16391da177e4SLinus Torvalds 1640c9c6cac0SAl Viro int kern_path_parent(const char *name, struct nameidata *nd) 16415590ff0dSUlrich Drepper { 1642c9c6cac0SAl Viro return do_path_lookup(AT_FDCWD, name, LOOKUP_PARENT, nd); 16435590ff0dSUlrich Drepper } 16445590ff0dSUlrich Drepper 1645d1811465SAl Viro int kern_path(const char *name, unsigned int flags, struct path *path) 1646d1811465SAl Viro { 1647d1811465SAl Viro struct nameidata nd; 1648d1811465SAl Viro int res = do_path_lookup(AT_FDCWD, name, flags, &nd); 1649d1811465SAl Viro if (!res) 1650d1811465SAl Viro *path = nd.path; 1651d1811465SAl Viro return res; 1652d1811465SAl Viro } 1653d1811465SAl Viro 165416f18200SJosef 'Jeff' Sipek /** 165516f18200SJosef 'Jeff' Sipek * vfs_path_lookup - lookup a file path relative to a dentry-vfsmount pair 165616f18200SJosef 'Jeff' Sipek * @dentry: pointer to dentry of the base directory 165716f18200SJosef 'Jeff' Sipek * @mnt: pointer to vfs mount of the base directory 165816f18200SJosef 'Jeff' Sipek * @name: pointer to file name 165916f18200SJosef 'Jeff' Sipek * @flags: lookup flags 166016f18200SJosef 'Jeff' Sipek * @nd: pointer to nameidata 166116f18200SJosef 'Jeff' Sipek */ 166216f18200SJosef 'Jeff' Sipek int vfs_path_lookup(struct dentry *dentry, struct vfsmount *mnt, 166316f18200SJosef 'Jeff' Sipek const char *name, unsigned int flags, 166416f18200SJosef 'Jeff' Sipek struct nameidata *nd) 166516f18200SJosef 'Jeff' Sipek { 1666ee0827cdSAl Viro int result; 166716f18200SJosef 'Jeff' Sipek 166816f18200SJosef 'Jeff' Sipek /* same as do_path_lookup */ 166916f18200SJosef 'Jeff' Sipek nd->last_type = LAST_ROOT; 167016c2cd71SAl Viro nd->flags = flags | LOOKUP_JUMPED; 167116f18200SJosef 'Jeff' Sipek nd->depth = 0; 167216f18200SJosef 'Jeff' Sipek 1673c8e7f449SJan Blunck nd->path.dentry = dentry; 1674c8e7f449SJan Blunck nd->path.mnt = mnt; 1675c8e7f449SJan Blunck path_get(&nd->path); 16765b857119SAl Viro nd->root = nd->path; 16775b857119SAl Viro path_get(&nd->root); 167831e6b01fSNick Piggin nd->inode = nd->path.dentry->d_inode; 167916f18200SJosef 'Jeff' Sipek 1680ee0827cdSAl Viro current->total_link_count = 0; 1681ee0827cdSAl Viro 1682ee0827cdSAl Viro result = link_path_walk(name, nd); 168316c2cd71SAl Viro if (!result) 168416c2cd71SAl Viro result = handle_reval_path(nd); 1685ee0827cdSAl Viro if (result == -ESTALE) { 1686ee0827cdSAl Viro /* nd->path had been dropped */ 1687ee0827cdSAl Viro current->total_link_count = 0; 1688ee0827cdSAl Viro nd->path.dentry = dentry; 1689ee0827cdSAl Viro nd->path.mnt = mnt; 1690ee0827cdSAl Viro nd->inode = dentry->d_inode; 1691ee0827cdSAl Viro path_get(&nd->path); 169216c2cd71SAl Viro nd->flags = flags | LOOKUP_JUMPED | LOOKUP_REVAL; 169316c2cd71SAl Viro 1694ee0827cdSAl Viro result = link_path_walk(name, nd); 169516c2cd71SAl Viro if (!result) 169616c2cd71SAl Viro result = handle_reval_path(nd); 1697ee0827cdSAl Viro } 1698ee0827cdSAl Viro if (unlikely(!result && !audit_dummy_context() && nd->path.dentry && 169931e6b01fSNick Piggin nd->inode)) 17004ac91378SJan Blunck audit_inode(name, nd->path.dentry); 170116f18200SJosef 'Jeff' Sipek 17022a737871SAl Viro path_put(&nd->root); 17032a737871SAl Viro nd->root.mnt = NULL; 170416f18200SJosef 'Jeff' Sipek 1705ee0827cdSAl Viro return result; 170616f18200SJosef 'Jeff' Sipek } 170716f18200SJosef 'Jeff' Sipek 1708eead1911SChristoph Hellwig static struct dentry *__lookup_hash(struct qstr *name, 1709eead1911SChristoph Hellwig struct dentry *base, struct nameidata *nd) 17101da177e4SLinus Torvalds { 171181fca444SChristoph Hellwig struct inode *inode = base->d_inode; 17121da177e4SLinus Torvalds struct dentry *dentry; 17131da177e4SLinus Torvalds int err; 17141da177e4SLinus Torvalds 1715b74c79e9SNick Piggin err = exec_permission(inode, 0); 171681fca444SChristoph Hellwig if (err) 171781fca444SChristoph Hellwig return ERR_PTR(err); 17181da177e4SLinus Torvalds 17191da177e4SLinus Torvalds /* 17201da177e4SLinus Torvalds * See if the low-level filesystem might want 17211da177e4SLinus Torvalds * to use its own hash.. 17221da177e4SLinus Torvalds */ 1723fb045adbSNick Piggin if (base->d_flags & DCACHE_OP_HASH) { 1724b1e6a015SNick Piggin err = base->d_op->d_hash(base, inode, name); 17251da177e4SLinus Torvalds dentry = ERR_PTR(err); 17261da177e4SLinus Torvalds if (err < 0) 17271da177e4SLinus Torvalds goto out; 17281da177e4SLinus Torvalds } 17291da177e4SLinus Torvalds 1730b04f784eSNick Piggin /* 1731b04f784eSNick Piggin * Don't bother with __d_lookup: callers are for creat as 1732b04f784eSNick Piggin * well as unlink, so a lot of the time it would cost 1733b04f784eSNick Piggin * a double lookup. 17346e6b1bd1SAl Viro */ 17356e6b1bd1SAl Viro dentry = d_lookup(base, name); 17366e6b1bd1SAl Viro 1737fb045adbSNick Piggin if (dentry && (dentry->d_flags & DCACHE_OP_REVALIDATE)) 17386e6b1bd1SAl Viro dentry = do_revalidate(dentry, nd); 17396e6b1bd1SAl Viro 17401da177e4SLinus Torvalds if (!dentry) 1741baa03890SNick Piggin dentry = d_alloc_and_lookup(base, name, nd); 17421da177e4SLinus Torvalds out: 17431da177e4SLinus Torvalds return dentry; 17441da177e4SLinus Torvalds } 17451da177e4SLinus Torvalds 1746057f6c01SJames Morris /* 1747057f6c01SJames Morris * Restricted form of lookup. Doesn't follow links, single-component only, 1748057f6c01SJames Morris * needs parent already locked. Doesn't follow mounts. 1749057f6c01SJames Morris * SMP-safe. 1750057f6c01SJames Morris */ 1751a244e169SAdrian Bunk static struct dentry *lookup_hash(struct nameidata *nd) 17521da177e4SLinus Torvalds { 17534ac91378SJan Blunck return __lookup_hash(&nd->last, nd->path.dentry, nd); 17541da177e4SLinus Torvalds } 17551da177e4SLinus Torvalds 1756eead1911SChristoph Hellwig static int __lookup_one_len(const char *name, struct qstr *this, 1757eead1911SChristoph Hellwig struct dentry *base, int len) 17581da177e4SLinus Torvalds { 17591da177e4SLinus Torvalds unsigned long hash; 17601da177e4SLinus Torvalds unsigned int c; 17611da177e4SLinus Torvalds 1762057f6c01SJames Morris this->name = name; 1763057f6c01SJames Morris this->len = len; 17641da177e4SLinus Torvalds if (!len) 1765057f6c01SJames Morris return -EACCES; 17661da177e4SLinus Torvalds 17671da177e4SLinus Torvalds hash = init_name_hash(); 17681da177e4SLinus Torvalds while (len--) { 17691da177e4SLinus Torvalds c = *(const unsigned char *)name++; 17701da177e4SLinus Torvalds if (c == '/' || c == '\0') 1771057f6c01SJames Morris return -EACCES; 17721da177e4SLinus Torvalds hash = partial_name_hash(c, hash); 17731da177e4SLinus Torvalds } 1774057f6c01SJames Morris this->hash = end_name_hash(hash); 1775057f6c01SJames Morris return 0; 1776057f6c01SJames Morris } 17771da177e4SLinus Torvalds 1778eead1911SChristoph Hellwig /** 1779a6b91919SRandy Dunlap * lookup_one_len - filesystem helper to lookup single pathname component 1780eead1911SChristoph Hellwig * @name: pathname component to lookup 1781eead1911SChristoph Hellwig * @base: base directory to lookup from 1782eead1911SChristoph Hellwig * @len: maximum length @len should be interpreted to 1783eead1911SChristoph Hellwig * 1784a6b91919SRandy Dunlap * Note that this routine is purely a helper for filesystem usage and should 1785a6b91919SRandy Dunlap * not be called by generic code. Also note that by using this function the 1786eead1911SChristoph Hellwig * nameidata argument is passed to the filesystem methods and a filesystem 1787eead1911SChristoph Hellwig * using this helper needs to be prepared for that. 1788eead1911SChristoph Hellwig */ 1789057f6c01SJames Morris struct dentry *lookup_one_len(const char *name, struct dentry *base, int len) 1790057f6c01SJames Morris { 1791057f6c01SJames Morris int err; 1792057f6c01SJames Morris struct qstr this; 1793057f6c01SJames Morris 17942f9092e1SDavid Woodhouse WARN_ON_ONCE(!mutex_is_locked(&base->d_inode->i_mutex)); 17952f9092e1SDavid Woodhouse 1796057f6c01SJames Morris err = __lookup_one_len(name, &this, base, len); 1797057f6c01SJames Morris if (err) 1798057f6c01SJames Morris return ERR_PTR(err); 1799eead1911SChristoph Hellwig 180049705b77SChristoph Hellwig return __lookup_hash(&this, base, NULL); 1801057f6c01SJames Morris } 1802057f6c01SJames Morris 18032d8f3038SAl Viro int user_path_at(int dfd, const char __user *name, unsigned flags, 18042d8f3038SAl Viro struct path *path) 18051da177e4SLinus Torvalds { 18062d8f3038SAl Viro struct nameidata nd; 18071da177e4SLinus Torvalds char *tmp = getname(name); 18081da177e4SLinus Torvalds int err = PTR_ERR(tmp); 18091da177e4SLinus Torvalds if (!IS_ERR(tmp)) { 18102d8f3038SAl Viro 18112d8f3038SAl Viro BUG_ON(flags & LOOKUP_PARENT); 18122d8f3038SAl Viro 18132d8f3038SAl Viro err = do_path_lookup(dfd, tmp, flags, &nd); 18141da177e4SLinus Torvalds putname(tmp); 18152d8f3038SAl Viro if (!err) 18162d8f3038SAl Viro *path = nd.path; 18171da177e4SLinus Torvalds } 18181da177e4SLinus Torvalds return err; 18191da177e4SLinus Torvalds } 18201da177e4SLinus Torvalds 18212ad94ae6SAl Viro static int user_path_parent(int dfd, const char __user *path, 18222ad94ae6SAl Viro struct nameidata *nd, char **name) 18232ad94ae6SAl Viro { 18242ad94ae6SAl Viro char *s = getname(path); 18252ad94ae6SAl Viro int error; 18262ad94ae6SAl Viro 18272ad94ae6SAl Viro if (IS_ERR(s)) 18282ad94ae6SAl Viro return PTR_ERR(s); 18292ad94ae6SAl Viro 18302ad94ae6SAl Viro error = do_path_lookup(dfd, s, LOOKUP_PARENT, nd); 18312ad94ae6SAl Viro if (error) 18322ad94ae6SAl Viro putname(s); 18332ad94ae6SAl Viro else 18342ad94ae6SAl Viro *name = s; 18352ad94ae6SAl Viro 18362ad94ae6SAl Viro return error; 18372ad94ae6SAl Viro } 18382ad94ae6SAl Viro 18391da177e4SLinus Torvalds /* 18401da177e4SLinus Torvalds * It's inline, so penalty for filesystems that don't use sticky bit is 18411da177e4SLinus Torvalds * minimal. 18421da177e4SLinus Torvalds */ 18431da177e4SLinus Torvalds static inline int check_sticky(struct inode *dir, struct inode *inode) 18441da177e4SLinus Torvalds { 1845da9592edSDavid Howells uid_t fsuid = current_fsuid(); 1846da9592edSDavid Howells 18471da177e4SLinus Torvalds if (!(dir->i_mode & S_ISVTX)) 18481da177e4SLinus Torvalds return 0; 1849da9592edSDavid Howells if (inode->i_uid == fsuid) 18501da177e4SLinus Torvalds return 0; 1851da9592edSDavid Howells if (dir->i_uid == fsuid) 18521da177e4SLinus Torvalds return 0; 18531da177e4SLinus Torvalds return !capable(CAP_FOWNER); 18541da177e4SLinus Torvalds } 18551da177e4SLinus Torvalds 18561da177e4SLinus Torvalds /* 18571da177e4SLinus Torvalds * Check whether we can remove a link victim from directory dir, check 18581da177e4SLinus Torvalds * whether the type of victim is right. 18591da177e4SLinus Torvalds * 1. We can't do it if dir is read-only (done in permission()) 18601da177e4SLinus Torvalds * 2. We should have write and exec permissions on dir 18611da177e4SLinus Torvalds * 3. We can't remove anything from append-only dir 18621da177e4SLinus Torvalds * 4. We can't do anything with immutable dir (done in permission()) 18631da177e4SLinus Torvalds * 5. If the sticky bit on dir is set we should either 18641da177e4SLinus Torvalds * a. be owner of dir, or 18651da177e4SLinus Torvalds * b. be owner of victim, or 18661da177e4SLinus Torvalds * c. have CAP_FOWNER capability 18671da177e4SLinus Torvalds * 6. If the victim is append-only or immutable we can't do antyhing with 18681da177e4SLinus Torvalds * links pointing to it. 18691da177e4SLinus Torvalds * 7. If we were asked to remove a directory and victim isn't one - ENOTDIR. 18701da177e4SLinus Torvalds * 8. If we were asked to remove a non-directory and victim isn't one - EISDIR. 18711da177e4SLinus Torvalds * 9. We can't remove a root or mountpoint. 18721da177e4SLinus Torvalds * 10. We don't allow removal of NFS sillyrenamed files; it's handled by 18731da177e4SLinus Torvalds * nfs_async_unlink(). 18741da177e4SLinus Torvalds */ 1875858119e1SArjan van de Ven static int may_delete(struct inode *dir,struct dentry *victim,int isdir) 18761da177e4SLinus Torvalds { 18771da177e4SLinus Torvalds int error; 18781da177e4SLinus Torvalds 18791da177e4SLinus Torvalds if (!victim->d_inode) 18801da177e4SLinus Torvalds return -ENOENT; 18811da177e4SLinus Torvalds 18821da177e4SLinus Torvalds BUG_ON(victim->d_parent->d_inode != dir); 1883cccc6bbaSAl Viro audit_inode_child(victim, dir); 18841da177e4SLinus Torvalds 1885f419a2e3SAl Viro error = inode_permission(dir, MAY_WRITE | MAY_EXEC); 18861da177e4SLinus Torvalds if (error) 18871da177e4SLinus Torvalds return error; 18881da177e4SLinus Torvalds if (IS_APPEND(dir)) 18891da177e4SLinus Torvalds return -EPERM; 18901da177e4SLinus Torvalds if (check_sticky(dir, victim->d_inode)||IS_APPEND(victim->d_inode)|| 1891f9454548SHugh Dickins IS_IMMUTABLE(victim->d_inode) || IS_SWAPFILE(victim->d_inode)) 18921da177e4SLinus Torvalds return -EPERM; 18931da177e4SLinus Torvalds if (isdir) { 18941da177e4SLinus Torvalds if (!S_ISDIR(victim->d_inode->i_mode)) 18951da177e4SLinus Torvalds return -ENOTDIR; 18961da177e4SLinus Torvalds if (IS_ROOT(victim)) 18971da177e4SLinus Torvalds return -EBUSY; 18981da177e4SLinus Torvalds } else if (S_ISDIR(victim->d_inode->i_mode)) 18991da177e4SLinus Torvalds return -EISDIR; 19001da177e4SLinus Torvalds if (IS_DEADDIR(dir)) 19011da177e4SLinus Torvalds return -ENOENT; 19021da177e4SLinus Torvalds if (victim->d_flags & DCACHE_NFSFS_RENAMED) 19031da177e4SLinus Torvalds return -EBUSY; 19041da177e4SLinus Torvalds return 0; 19051da177e4SLinus Torvalds } 19061da177e4SLinus Torvalds 19071da177e4SLinus Torvalds /* Check whether we can create an object with dentry child in directory 19081da177e4SLinus Torvalds * dir. 19091da177e4SLinus Torvalds * 1. We can't do it if child already exists (open has special treatment for 19101da177e4SLinus Torvalds * this case, but since we are inlined it's OK) 19111da177e4SLinus Torvalds * 2. We can't do it if dir is read-only (done in permission()) 19121da177e4SLinus Torvalds * 3. We should have write and exec permissions on dir 19131da177e4SLinus Torvalds * 4. We can't do it if dir is immutable (done in permission()) 19141da177e4SLinus Torvalds */ 1915a95164d9SMiklos Szeredi static inline int may_create(struct inode *dir, struct dentry *child) 19161da177e4SLinus Torvalds { 19171da177e4SLinus Torvalds if (child->d_inode) 19181da177e4SLinus Torvalds return -EEXIST; 19191da177e4SLinus Torvalds if (IS_DEADDIR(dir)) 19201da177e4SLinus Torvalds return -ENOENT; 1921f419a2e3SAl Viro return inode_permission(dir, MAY_WRITE | MAY_EXEC); 19221da177e4SLinus Torvalds } 19231da177e4SLinus Torvalds 19241da177e4SLinus Torvalds /* 19251da177e4SLinus Torvalds * p1 and p2 should be directories on the same fs. 19261da177e4SLinus Torvalds */ 19271da177e4SLinus Torvalds struct dentry *lock_rename(struct dentry *p1, struct dentry *p2) 19281da177e4SLinus Torvalds { 19291da177e4SLinus Torvalds struct dentry *p; 19301da177e4SLinus Torvalds 19311da177e4SLinus Torvalds if (p1 == p2) { 1932f2eace23SIngo Molnar mutex_lock_nested(&p1->d_inode->i_mutex, I_MUTEX_PARENT); 19331da177e4SLinus Torvalds return NULL; 19341da177e4SLinus Torvalds } 19351da177e4SLinus Torvalds 1936a11f3a05SArjan van de Ven mutex_lock(&p1->d_inode->i_sb->s_vfs_rename_mutex); 19371da177e4SLinus Torvalds 1938e2761a11SOGAWA Hirofumi p = d_ancestor(p2, p1); 1939e2761a11SOGAWA Hirofumi if (p) { 1940f2eace23SIngo Molnar mutex_lock_nested(&p2->d_inode->i_mutex, I_MUTEX_PARENT); 1941f2eace23SIngo Molnar mutex_lock_nested(&p1->d_inode->i_mutex, I_MUTEX_CHILD); 19421da177e4SLinus Torvalds return p; 19431da177e4SLinus Torvalds } 19441da177e4SLinus Torvalds 1945e2761a11SOGAWA Hirofumi p = d_ancestor(p1, p2); 1946e2761a11SOGAWA Hirofumi if (p) { 1947f2eace23SIngo Molnar mutex_lock_nested(&p1->d_inode->i_mutex, I_MUTEX_PARENT); 1948f2eace23SIngo Molnar mutex_lock_nested(&p2->d_inode->i_mutex, I_MUTEX_CHILD); 19491da177e4SLinus Torvalds return p; 19501da177e4SLinus Torvalds } 19511da177e4SLinus Torvalds 1952f2eace23SIngo Molnar mutex_lock_nested(&p1->d_inode->i_mutex, I_MUTEX_PARENT); 1953f2eace23SIngo Molnar mutex_lock_nested(&p2->d_inode->i_mutex, I_MUTEX_CHILD); 19541da177e4SLinus Torvalds return NULL; 19551da177e4SLinus Torvalds } 19561da177e4SLinus Torvalds 19571da177e4SLinus Torvalds void unlock_rename(struct dentry *p1, struct dentry *p2) 19581da177e4SLinus Torvalds { 19591b1dcc1bSJes Sorensen mutex_unlock(&p1->d_inode->i_mutex); 19601da177e4SLinus Torvalds if (p1 != p2) { 19611b1dcc1bSJes Sorensen mutex_unlock(&p2->d_inode->i_mutex); 1962a11f3a05SArjan van de Ven mutex_unlock(&p1->d_inode->i_sb->s_vfs_rename_mutex); 19631da177e4SLinus Torvalds } 19641da177e4SLinus Torvalds } 19651da177e4SLinus Torvalds 19661da177e4SLinus Torvalds int vfs_create(struct inode *dir, struct dentry *dentry, int mode, 19671da177e4SLinus Torvalds struct nameidata *nd) 19681da177e4SLinus Torvalds { 1969a95164d9SMiklos Szeredi int error = may_create(dir, dentry); 19701da177e4SLinus Torvalds 19711da177e4SLinus Torvalds if (error) 19721da177e4SLinus Torvalds return error; 19731da177e4SLinus Torvalds 1974acfa4380SAl Viro if (!dir->i_op->create) 19751da177e4SLinus Torvalds return -EACCES; /* shouldn't it be ENOSYS? */ 19761da177e4SLinus Torvalds mode &= S_IALLUGO; 19771da177e4SLinus Torvalds mode |= S_IFREG; 19781da177e4SLinus Torvalds error = security_inode_create(dir, dentry, mode); 19791da177e4SLinus Torvalds if (error) 19801da177e4SLinus Torvalds return error; 19811da177e4SLinus Torvalds error = dir->i_op->create(dir, dentry, mode, nd); 1982a74574aaSStephen Smalley if (!error) 1983f38aa942SAmy Griffis fsnotify_create(dir, dentry); 19841da177e4SLinus Torvalds return error; 19851da177e4SLinus Torvalds } 19861da177e4SLinus Torvalds 19873fb64190SChristoph Hellwig int may_open(struct path *path, int acc_mode, int flag) 19881da177e4SLinus Torvalds { 19893fb64190SChristoph Hellwig struct dentry *dentry = path->dentry; 19901da177e4SLinus Torvalds struct inode *inode = dentry->d_inode; 19911da177e4SLinus Torvalds int error; 19921da177e4SLinus Torvalds 19931da177e4SLinus Torvalds if (!inode) 19941da177e4SLinus Torvalds return -ENOENT; 19951da177e4SLinus Torvalds 1996c8fe8f30SChristoph Hellwig switch (inode->i_mode & S_IFMT) { 1997c8fe8f30SChristoph Hellwig case S_IFLNK: 19981da177e4SLinus Torvalds return -ELOOP; 1999c8fe8f30SChristoph Hellwig case S_IFDIR: 2000c8fe8f30SChristoph Hellwig if (acc_mode & MAY_WRITE) 20011da177e4SLinus Torvalds return -EISDIR; 2002c8fe8f30SChristoph Hellwig break; 2003c8fe8f30SChristoph Hellwig case S_IFBLK: 2004c8fe8f30SChristoph Hellwig case S_IFCHR: 20053fb64190SChristoph Hellwig if (path->mnt->mnt_flags & MNT_NODEV) 20061da177e4SLinus Torvalds return -EACCES; 2007c8fe8f30SChristoph Hellwig /*FALLTHRU*/ 2008c8fe8f30SChristoph Hellwig case S_IFIFO: 2009c8fe8f30SChristoph Hellwig case S_IFSOCK: 20101da177e4SLinus Torvalds flag &= ~O_TRUNC; 2011c8fe8f30SChristoph Hellwig break; 20124a3fd211SDave Hansen } 2013b41572e9SDave Hansen 20143fb64190SChristoph Hellwig error = inode_permission(inode, acc_mode); 2015b41572e9SDave Hansen if (error) 2016b41572e9SDave Hansen return error; 20176146f0d5SMimi Zohar 20181da177e4SLinus Torvalds /* 20191da177e4SLinus Torvalds * An append-only file must be opened in append mode for writing. 20201da177e4SLinus Torvalds */ 20211da177e4SLinus Torvalds if (IS_APPEND(inode)) { 20228737c930SAl Viro if ((flag & O_ACCMODE) != O_RDONLY && !(flag & O_APPEND)) 20237715b521SAl Viro return -EPERM; 20241da177e4SLinus Torvalds if (flag & O_TRUNC) 20257715b521SAl Viro return -EPERM; 20261da177e4SLinus Torvalds } 20271da177e4SLinus Torvalds 20281da177e4SLinus Torvalds /* O_NOATIME can only be set by the owner or superuser */ 20297715b521SAl Viro if (flag & O_NOATIME && !is_owner_or_cap(inode)) 20307715b521SAl Viro return -EPERM; 20311da177e4SLinus Torvalds 20321da177e4SLinus Torvalds /* 20331da177e4SLinus Torvalds * Ensure there are no outstanding leases on the file. 20341da177e4SLinus Torvalds */ 2035b65a9cfcSAl Viro return break_lease(inode, flag); 20367715b521SAl Viro } 20377715b521SAl Viro 2038e1181ee6SJeff Layton static int handle_truncate(struct file *filp) 20397715b521SAl Viro { 2040e1181ee6SJeff Layton struct path *path = &filp->f_path; 20417715b521SAl Viro struct inode *inode = path->dentry->d_inode; 20427715b521SAl Viro int error = get_write_access(inode); 20431da177e4SLinus Torvalds if (error) 20447715b521SAl Viro return error; 20451da177e4SLinus Torvalds /* 20461da177e4SLinus Torvalds * Refuse to truncate files with mandatory locks held on them. 20471da177e4SLinus Torvalds */ 20481da177e4SLinus Torvalds error = locks_verify_locked(inode); 2049be6d3e56SKentaro Takeda if (!error) 2050ea0d3ab2STetsuo Handa error = security_path_truncate(path); 20511da177e4SLinus Torvalds if (!error) { 20527715b521SAl Viro error = do_truncate(path->dentry, 0, 2053d139d7ffSMiklos Szeredi ATTR_MTIME|ATTR_CTIME|ATTR_OPEN, 2054e1181ee6SJeff Layton filp); 20551da177e4SLinus Torvalds } 20561da177e4SLinus Torvalds put_write_access(inode); 2057acd0c935SMimi Zohar return error; 20581da177e4SLinus Torvalds } 20591da177e4SLinus Torvalds 2060d57999e1SDave Hansen /* 2061d57999e1SDave Hansen * Be careful about ever adding any more callers of this 2062d57999e1SDave Hansen * function. Its flags must be in the namei format, not 2063d57999e1SDave Hansen * what get passed to sys_open(). 2064d57999e1SDave Hansen */ 2065d57999e1SDave Hansen static int __open_namei_create(struct nameidata *nd, struct path *path, 20668737c930SAl Viro int open_flag, int mode) 2067aab520e2SDave Hansen { 2068aab520e2SDave Hansen int error; 20694ac91378SJan Blunck struct dentry *dir = nd->path.dentry; 2070aab520e2SDave Hansen 2071aab520e2SDave Hansen if (!IS_POSIXACL(dir->d_inode)) 2072ce3b0f8dSAl Viro mode &= ~current_umask(); 2073be6d3e56SKentaro Takeda error = security_path_mknod(&nd->path, path->dentry, mode, 0); 2074be6d3e56SKentaro Takeda if (error) 2075be6d3e56SKentaro Takeda goto out_unlock; 2076aab520e2SDave Hansen error = vfs_create(dir->d_inode, path->dentry, mode, nd); 2077be6d3e56SKentaro Takeda out_unlock: 2078aab520e2SDave Hansen mutex_unlock(&dir->d_inode->i_mutex); 20794ac91378SJan Blunck dput(nd->path.dentry); 20804ac91378SJan Blunck nd->path.dentry = path->dentry; 208131e6b01fSNick Piggin 2082aab520e2SDave Hansen if (error) 2083aab520e2SDave Hansen return error; 2084aab520e2SDave Hansen /* Don't check for write permission, don't truncate */ 20858737c930SAl Viro return may_open(&nd->path, 0, open_flag & ~O_TRUNC); 2086aab520e2SDave Hansen } 2087aab520e2SDave Hansen 20881da177e4SLinus Torvalds /* 2089d57999e1SDave Hansen * Note that while the flag value (low two bits) for sys_open means: 2090d57999e1SDave Hansen * 00 - read-only 2091d57999e1SDave Hansen * 01 - write-only 2092d57999e1SDave Hansen * 10 - read-write 2093d57999e1SDave Hansen * 11 - special 2094d57999e1SDave Hansen * it is changed into 2095d57999e1SDave Hansen * 00 - no permissions needed 2096d57999e1SDave Hansen * 01 - read-permission 2097d57999e1SDave Hansen * 10 - write-permission 2098d57999e1SDave Hansen * 11 - read-write 2099d57999e1SDave Hansen * for the internal routines (ie open_namei()/follow_link() etc) 2100d57999e1SDave Hansen * This is more logical, and also allows the 00 "no perm needed" 2101d57999e1SDave Hansen * to be used for symlinks (where the permissions are checked 2102d57999e1SDave Hansen * later). 2103d57999e1SDave Hansen * 2104d57999e1SDave Hansen */ 2105d57999e1SDave Hansen static inline int open_to_namei_flags(int flag) 2106d57999e1SDave Hansen { 2107d57999e1SDave Hansen if ((flag+1) & O_ACCMODE) 2108d57999e1SDave Hansen flag++; 2109d57999e1SDave Hansen return flag; 2110d57999e1SDave Hansen } 2111d57999e1SDave Hansen 21127715b521SAl Viro static int open_will_truncate(int flag, struct inode *inode) 21134a3fd211SDave Hansen { 2114d57999e1SDave Hansen /* 21154a3fd211SDave Hansen * We'll never write to the fs underlying 21164a3fd211SDave Hansen * a device file. 21174a3fd211SDave Hansen */ 21184a3fd211SDave Hansen if (special_file(inode->i_mode)) 21194a3fd211SDave Hansen return 0; 21204a3fd211SDave Hansen return (flag & O_TRUNC); 21214a3fd211SDave Hansen } 21224a3fd211SDave Hansen 2123648fa861SAl Viro static struct file *finish_open(struct nameidata *nd, 21249a66179eSAl Viro int open_flag, int acc_mode) 2125648fa861SAl Viro { 2126648fa861SAl Viro struct file *filp; 2127648fa861SAl Viro int will_truncate; 2128648fa861SAl Viro int error; 2129648fa861SAl Viro 21309a66179eSAl Viro will_truncate = open_will_truncate(open_flag, nd->path.dentry->d_inode); 2131648fa861SAl Viro if (will_truncate) { 2132648fa861SAl Viro error = mnt_want_write(nd->path.mnt); 2133648fa861SAl Viro if (error) 2134648fa861SAl Viro goto exit; 2135648fa861SAl Viro } 2136648fa861SAl Viro error = may_open(&nd->path, acc_mode, open_flag); 2137648fa861SAl Viro if (error) { 2138648fa861SAl Viro if (will_truncate) 2139648fa861SAl Viro mnt_drop_write(nd->path.mnt); 2140648fa861SAl Viro goto exit; 2141648fa861SAl Viro } 2142648fa861SAl Viro filp = nameidata_to_filp(nd); 2143648fa861SAl Viro if (!IS_ERR(filp)) { 2144648fa861SAl Viro error = ima_file_check(filp, acc_mode); 2145648fa861SAl Viro if (error) { 2146648fa861SAl Viro fput(filp); 2147648fa861SAl Viro filp = ERR_PTR(error); 2148648fa861SAl Viro } 2149648fa861SAl Viro } 2150648fa861SAl Viro if (!IS_ERR(filp)) { 2151648fa861SAl Viro if (will_truncate) { 2152e1181ee6SJeff Layton error = handle_truncate(filp); 2153648fa861SAl Viro if (error) { 2154648fa861SAl Viro fput(filp); 2155648fa861SAl Viro filp = ERR_PTR(error); 2156648fa861SAl Viro } 2157648fa861SAl Viro } 2158648fa861SAl Viro } 2159648fa861SAl Viro /* 2160648fa861SAl Viro * It is now safe to drop the mnt write 2161648fa861SAl Viro * because the filp has had a write taken 2162648fa861SAl Viro * on its behalf. 2163648fa861SAl Viro */ 2164648fa861SAl Viro if (will_truncate) 2165648fa861SAl Viro mnt_drop_write(nd->path.mnt); 2166d893f1bcSAl Viro path_put(&nd->path); 2167648fa861SAl Viro return filp; 2168648fa861SAl Viro 2169648fa861SAl Viro exit: 2170648fa861SAl Viro path_put(&nd->path); 2171648fa861SAl Viro return ERR_PTR(error); 2172648fa861SAl Viro } 2173648fa861SAl Viro 217431e6b01fSNick Piggin /* 217531e6b01fSNick Piggin * Handle O_CREAT case for do_filp_open 217631e6b01fSNick Piggin */ 2177fb1cc555SAl Viro static struct file *do_last(struct nameidata *nd, struct path *path, 21785b369df8SAl Viro int open_flag, int acc_mode, 21793e297b61SAl Viro int mode, const char *pathname) 2180fb1cc555SAl Viro { 2181a1e28038SAl Viro struct dentry *dir = nd->path.dentry; 2182fb1cc555SAl Viro struct file *filp; 218316c2cd71SAl Viro int error; 2184fb1cc555SAl Viro 21851f36f774SAl Viro switch (nd->last_type) { 21861f36f774SAl Viro case LAST_DOTDOT: 21871f36f774SAl Viro follow_dotdot(nd); 21881f36f774SAl Viro dir = nd->path.dentry; 2189176306f5SNeil Brown case LAST_DOT: 21901f36f774SAl Viro /* fallthrough */ 21911f36f774SAl Viro case LAST_ROOT: 219216c2cd71SAl Viro error = handle_reval_path(nd); 219316c2cd71SAl Viro if (error) 219416c2cd71SAl Viro goto exit; 219516c2cd71SAl Viro error = -EISDIR; 21961f36f774SAl Viro goto exit; 21971f36f774SAl Viro case LAST_BIND: 219816c2cd71SAl Viro error = handle_reval_path(nd); 219916c2cd71SAl Viro if (error) 220016c2cd71SAl Viro goto exit; 22011f36f774SAl Viro audit_inode(pathname, dir); 22021f36f774SAl Viro goto ok; 22031f36f774SAl Viro } 2204a2c36b45SAl Viro 220516c2cd71SAl Viro error = -EISDIR; 22061f36f774SAl Viro /* trailing slashes? */ 220731e6b01fSNick Piggin if (nd->last.name[nd->last.len]) 22081f36f774SAl Viro goto exit; 22091f36f774SAl Viro 2210a1e28038SAl Viro mutex_lock(&dir->d_inode->i_mutex); 2211a1e28038SAl Viro 2212a1e28038SAl Viro path->dentry = lookup_hash(nd); 2213a1e28038SAl Viro path->mnt = nd->path.mnt; 2214a1e28038SAl Viro 2215fb1cc555SAl Viro error = PTR_ERR(path->dentry); 2216fb1cc555SAl Viro if (IS_ERR(path->dentry)) { 2217fb1cc555SAl Viro mutex_unlock(&dir->d_inode->i_mutex); 2218fb1cc555SAl Viro goto exit; 2219fb1cc555SAl Viro } 2220fb1cc555SAl Viro 2221fb1cc555SAl Viro if (IS_ERR(nd->intent.open.file)) { 2222fb1cc555SAl Viro error = PTR_ERR(nd->intent.open.file); 2223fb1cc555SAl Viro goto exit_mutex_unlock; 2224fb1cc555SAl Viro } 2225fb1cc555SAl Viro 2226fb1cc555SAl Viro /* Negative dentry, just create the file */ 2227fb1cc555SAl Viro if (!path->dentry->d_inode) { 2228fb1cc555SAl Viro /* 2229fb1cc555SAl Viro * This write is needed to ensure that a 2230fb1cc555SAl Viro * ro->rw transition does not occur between 2231fb1cc555SAl Viro * the time when the file is created and when 2232fb1cc555SAl Viro * a permanent write count is taken through 2233fb1cc555SAl Viro * the 'struct file' in nameidata_to_filp(). 2234fb1cc555SAl Viro */ 2235fb1cc555SAl Viro error = mnt_want_write(nd->path.mnt); 2236fb1cc555SAl Viro if (error) 2237fb1cc555SAl Viro goto exit_mutex_unlock; 2238fb1cc555SAl Viro error = __open_namei_create(nd, path, open_flag, mode); 2239fb1cc555SAl Viro if (error) { 2240fb1cc555SAl Viro mnt_drop_write(nd->path.mnt); 2241fb1cc555SAl Viro goto exit; 2242fb1cc555SAl Viro } 2243fb1cc555SAl Viro filp = nameidata_to_filp(nd); 2244fb1cc555SAl Viro mnt_drop_write(nd->path.mnt); 2245d893f1bcSAl Viro path_put(&nd->path); 2246fb1cc555SAl Viro if (!IS_ERR(filp)) { 2247fb1cc555SAl Viro error = ima_file_check(filp, acc_mode); 2248fb1cc555SAl Viro if (error) { 2249fb1cc555SAl Viro fput(filp); 2250fb1cc555SAl Viro filp = ERR_PTR(error); 2251fb1cc555SAl Viro } 2252fb1cc555SAl Viro } 2253fb1cc555SAl Viro return filp; 2254fb1cc555SAl Viro } 2255fb1cc555SAl Viro 2256fb1cc555SAl Viro /* 2257fb1cc555SAl Viro * It already exists. 2258fb1cc555SAl Viro */ 2259fb1cc555SAl Viro mutex_unlock(&dir->d_inode->i_mutex); 2260fb1cc555SAl Viro audit_inode(pathname, path->dentry); 2261fb1cc555SAl Viro 2262fb1cc555SAl Viro error = -EEXIST; 22635b369df8SAl Viro if (open_flag & O_EXCL) 2264fb1cc555SAl Viro goto exit_dput; 2265fb1cc555SAl Viro 22669875cf80SDavid Howells error = follow_managed(path, nd->flags); 22679875cf80SDavid Howells if (error < 0) 2268fb1cc555SAl Viro goto exit_dput; 2269fb1cc555SAl Viro 2270fb1cc555SAl Viro error = -ENOENT; 2271fb1cc555SAl Viro if (!path->dentry->d_inode) 2272fb1cc555SAl Viro goto exit_dput; 22739e67f361SAl Viro 22749e67f361SAl Viro if (path->dentry->d_inode->i_op->follow_link) 2275fb1cc555SAl Viro return NULL; 2276fb1cc555SAl Viro 2277fb1cc555SAl Viro path_to_nameidata(path, nd); 227831e6b01fSNick Piggin nd->inode = path->dentry->d_inode; 2279fb1cc555SAl Viro error = -EISDIR; 228031e6b01fSNick Piggin if (S_ISDIR(nd->inode->i_mode)) 2281fb1cc555SAl Viro goto exit; 228267ee3ad2SAl Viro ok: 22839a66179eSAl Viro filp = finish_open(nd, open_flag, acc_mode); 2284fb1cc555SAl Viro return filp; 2285fb1cc555SAl Viro 2286fb1cc555SAl Viro exit_mutex_unlock: 2287fb1cc555SAl Viro mutex_unlock(&dir->d_inode->i_mutex); 2288fb1cc555SAl Viro exit_dput: 2289fb1cc555SAl Viro path_put_conditional(path, nd); 2290fb1cc555SAl Viro exit: 2291fb1cc555SAl Viro path_put(&nd->path); 2292fb1cc555SAl Viro return ERR_PTR(error); 2293fb1cc555SAl Viro } 2294fb1cc555SAl Viro 22954a3fd211SDave Hansen /* 22964a3fd211SDave Hansen * Note that the low bits of the passed in "open_flag" 22974a3fd211SDave Hansen * are not the same as in the local variable "flag". See 22984a3fd211SDave Hansen * open_to_namei_flags() for more details. 22991da177e4SLinus Torvalds */ 2300a70e65dfSChristoph Hellwig struct file *do_filp_open(int dfd, const char *pathname, 23016e8341a1SAl Viro int open_flag, int mode, int acc_mode) 23021da177e4SLinus Torvalds { 23034a3fd211SDave Hansen struct file *filp; 2304a70e65dfSChristoph Hellwig struct nameidata nd; 23056e8341a1SAl Viro int error; 23069850c056SAl Viro struct path path; 23071da177e4SLinus Torvalds int count = 0; 2308d57999e1SDave Hansen int flag = open_to_namei_flags(open_flag); 230931e6b01fSNick Piggin int flags; 23101f36f774SAl Viro 23111f36f774SAl Viro if (!(open_flag & O_CREAT)) 23121f36f774SAl Viro mode = 0; 23131da177e4SLinus Torvalds 2314b1085ba8SLino Sanfilippo /* Must never be set by userspace */ 2315b1085ba8SLino Sanfilippo open_flag &= ~FMODE_NONOTIFY; 2316b1085ba8SLino Sanfilippo 23176b2f3d1fSChristoph Hellwig /* 23186b2f3d1fSChristoph Hellwig * O_SYNC is implemented as __O_SYNC|O_DSYNC. As many places only 23196b2f3d1fSChristoph Hellwig * check for O_DSYNC if the need any syncing at all we enforce it's 23206b2f3d1fSChristoph Hellwig * always set instead of having to deal with possibly weird behaviour 23216b2f3d1fSChristoph Hellwig * for malicious applications setting only __O_SYNC. 23226b2f3d1fSChristoph Hellwig */ 23236b2f3d1fSChristoph Hellwig if (open_flag & __O_SYNC) 23246b2f3d1fSChristoph Hellwig open_flag |= O_DSYNC; 23256b2f3d1fSChristoph Hellwig 23266e8341a1SAl Viro if (!acc_mode) 23276d125529SAl Viro acc_mode = MAY_OPEN | ACC_MODE(open_flag); 23281da177e4SLinus Torvalds 2329834f2a4aSTrond Myklebust /* O_TRUNC implies we need access checks for write permissions */ 23304296e2cbSAl Viro if (open_flag & O_TRUNC) 2331834f2a4aSTrond Myklebust acc_mode |= MAY_WRITE; 2332834f2a4aSTrond Myklebust 23331da177e4SLinus Torvalds /* Allow the LSM permission hook to distinguish append 23341da177e4SLinus Torvalds access from general write access. */ 23354296e2cbSAl Viro if (open_flag & O_APPEND) 23361da177e4SLinus Torvalds acc_mode |= MAY_APPEND; 23371da177e4SLinus Torvalds 233831e6b01fSNick Piggin flags = LOOKUP_OPEN; 233931e6b01fSNick Piggin if (open_flag & O_CREAT) { 234031e6b01fSNick Piggin flags |= LOOKUP_CREATE; 234131e6b01fSNick Piggin if (open_flag & O_EXCL) 234231e6b01fSNick Piggin flags |= LOOKUP_EXCL; 2343654f562cSJ. R. Okajima } 234431e6b01fSNick Piggin if (open_flag & O_DIRECTORY) 234531e6b01fSNick Piggin flags |= LOOKUP_DIRECTORY; 234631e6b01fSNick Piggin if (!(open_flag & O_NOFOLLOW)) 234731e6b01fSNick Piggin flags |= LOOKUP_FOLLOW; 234831e6b01fSNick Piggin 234931e6b01fSNick Piggin filp = get_empty_filp(); 235031e6b01fSNick Piggin if (!filp) 235131e6b01fSNick Piggin return ERR_PTR(-ENFILE); 235231e6b01fSNick Piggin 235331e6b01fSNick Piggin filp->f_flags = open_flag; 235431e6b01fSNick Piggin nd.intent.open.file = filp; 235531e6b01fSNick Piggin nd.intent.open.flags = flag; 235631e6b01fSNick Piggin nd.intent.open.create_mode = mode; 235731e6b01fSNick Piggin 235831e6b01fSNick Piggin if (open_flag & O_CREAT) 235931e6b01fSNick Piggin goto creat; 236031e6b01fSNick Piggin 236131e6b01fSNick Piggin /* !O_CREAT, simple open */ 236231e6b01fSNick Piggin error = do_path_lookup(dfd, pathname, flags, &nd); 236331e6b01fSNick Piggin if (unlikely(error)) 23641858efd4SAl Viro goto out_filp2; 236531e6b01fSNick Piggin error = -ELOOP; 236631e6b01fSNick Piggin if (!(nd.flags & LOOKUP_FOLLOW)) { 236731e6b01fSNick Piggin if (nd.inode->i_op->follow_link) 23681858efd4SAl Viro goto out_path2; 236931e6b01fSNick Piggin } 237031e6b01fSNick Piggin error = -ENOTDIR; 237131e6b01fSNick Piggin if (nd.flags & LOOKUP_DIRECTORY) { 237231e6b01fSNick Piggin if (!nd.inode->i_op->lookup) 23731858efd4SAl Viro goto out_path2; 237431e6b01fSNick Piggin } 237531e6b01fSNick Piggin audit_inode(pathname, nd.path.dentry); 237631e6b01fSNick Piggin filp = finish_open(&nd, open_flag, acc_mode); 23771858efd4SAl Viro out2: 23782dab5974SLinus Torvalds release_open_intent(&nd); 237931e6b01fSNick Piggin return filp; 238031e6b01fSNick Piggin 23811858efd4SAl Viro out_path2: 23821858efd4SAl Viro path_put(&nd.path); 23831858efd4SAl Viro out_filp2: 23841858efd4SAl Viro filp = ERR_PTR(error); 23851858efd4SAl Viro goto out2; 23861858efd4SAl Viro 238731e6b01fSNick Piggin creat: 238831e6b01fSNick Piggin /* OK, have to create the file. Find the parent. */ 2389ee0827cdSAl Viro error = path_lookupat(dfd, pathname, LOOKUP_PARENT | LOOKUP_RCU, &nd); 2390ee0827cdSAl Viro if (unlikely(error == -ECHILD)) 2391ee0827cdSAl Viro error = path_lookupat(dfd, pathname, LOOKUP_PARENT, &nd); 2392ee0827cdSAl Viro if (unlikely(error == -ESTALE)) { 239331e6b01fSNick Piggin reval: 239431e6b01fSNick Piggin flags |= LOOKUP_REVAL; 2395ee0827cdSAl Viro error = path_lookupat(dfd, pathname, 2396ee0827cdSAl Viro LOOKUP_PARENT | LOOKUP_REVAL, &nd); 239731e6b01fSNick Piggin } 239831e6b01fSNick Piggin if (unlikely(error)) 239931e6b01fSNick Piggin goto out_filp; 240031e6b01fSNick Piggin if (unlikely(!audit_dummy_context())) 24019b4a9b14SAl Viro audit_inode(pathname, nd.path.dentry); 24021da177e4SLinus Torvalds 24031da177e4SLinus Torvalds /* 2404a2c36b45SAl Viro * We have the parent and last component. 24051da177e4SLinus Torvalds */ 240616c2cd71SAl Viro nd.flags = (nd.flags & ~LOOKUP_PARENT) | flags; 24073e297b61SAl Viro filp = do_last(&nd, &path, open_flag, acc_mode, mode, pathname); 2408806b681cSAl Viro while (unlikely(!filp)) { /* trailing symlink */ 24097b9337aaSNick Piggin struct path link = path; 24107b9337aaSNick Piggin struct inode *linki = link.dentry->d_inode; 2411def4af30SAl Viro void *cookie; 2412806b681cSAl Viro error = -ELOOP; 2413db372915SDavid Howells if (!(nd.flags & LOOKUP_FOLLOW)) 24141f36f774SAl Viro goto exit_dput; 24151f36f774SAl Viro if (count++ == 32) 2416806b681cSAl Viro goto exit_dput; 2417806b681cSAl Viro /* 2418806b681cSAl Viro * This is subtle. Instead of calling do_follow_link() we do 2419806b681cSAl Viro * the thing by hands. The reason is that this way we have zero 2420806b681cSAl Viro * link_count and path_walk() (called from ->follow_link) 2421806b681cSAl Viro * honoring LOOKUP_PARENT. After that we have the parent and 2422806b681cSAl Viro * last component, i.e. we are in the same situation as after 2423806b681cSAl Viro * the first path_walk(). Well, almost - if the last component 2424806b681cSAl Viro * is normal we get its copy stored in nd->last.name and we will 2425806b681cSAl Viro * have to putname() it when we are done. Procfs-like symlinks 2426806b681cSAl Viro * just set LAST_BIND. 2427806b681cSAl Viro */ 2428806b681cSAl Viro nd.flags |= LOOKUP_PARENT; 24297b9337aaSNick Piggin error = security_inode_follow_link(link.dentry, &nd); 2430806b681cSAl Viro if (error) 2431806b681cSAl Viro goto exit_dput; 24327b9337aaSNick Piggin error = __do_follow_link(&link, &nd, &cookie); 2433def4af30SAl Viro if (unlikely(error)) { 24347b9337aaSNick Piggin if (!IS_ERR(cookie) && linki->i_op->put_link) 24357b9337aaSNick Piggin linki->i_op->put_link(link.dentry, &nd, cookie); 2436806b681cSAl Viro /* nd.path had been dropped */ 24377b9337aaSNick Piggin nd.path = link; 243831e6b01fSNick Piggin goto out_path; 2439806b681cSAl Viro } 2440806b681cSAl Viro nd.flags &= ~LOOKUP_PARENT; 24413e297b61SAl Viro filp = do_last(&nd, &path, open_flag, acc_mode, mode, pathname); 24427b9337aaSNick Piggin if (linki->i_op->put_link) 24437b9337aaSNick Piggin linki->i_op->put_link(link.dentry, &nd, cookie); 24447b9337aaSNick Piggin path_put(&link); 2445806b681cSAl Viro } 244610fa8e62SAl Viro out: 24472a737871SAl Viro if (nd.root.mnt) 24482a737871SAl Viro path_put(&nd.root); 244931e6b01fSNick Piggin if (filp == ERR_PTR(-ESTALE) && !(flags & LOOKUP_REVAL)) 245010fa8e62SAl Viro goto reval; 24512dab5974SLinus Torvalds release_open_intent(&nd); 245210fa8e62SAl Viro return filp; 24531da177e4SLinus Torvalds 2454806b681cSAl Viro exit_dput: 2455806b681cSAl Viro path_put_conditional(&path, &nd); 245631e6b01fSNick Piggin out_path: 245731e6b01fSNick Piggin path_put(&nd.path); 245831e6b01fSNick Piggin out_filp: 245910fa8e62SAl Viro filp = ERR_PTR(error); 246010fa8e62SAl Viro goto out; 2461de459215SKirill Korotaev } 24621da177e4SLinus Torvalds 24631da177e4SLinus Torvalds /** 2464a70e65dfSChristoph Hellwig * filp_open - open file and return file pointer 2465a70e65dfSChristoph Hellwig * 2466a70e65dfSChristoph Hellwig * @filename: path to open 2467a70e65dfSChristoph Hellwig * @flags: open flags as per the open(2) second argument 2468a70e65dfSChristoph Hellwig * @mode: mode for the new file if O_CREAT is set, else ignored 2469a70e65dfSChristoph Hellwig * 2470a70e65dfSChristoph Hellwig * This is the helper to open a file from kernelspace if you really 2471a70e65dfSChristoph Hellwig * have to. But in generally you should not do this, so please move 2472a70e65dfSChristoph Hellwig * along, nothing to see here.. 2473a70e65dfSChristoph Hellwig */ 2474a70e65dfSChristoph Hellwig struct file *filp_open(const char *filename, int flags, int mode) 2475a70e65dfSChristoph Hellwig { 24766e8341a1SAl Viro return do_filp_open(AT_FDCWD, filename, flags, mode, 0); 2477a70e65dfSChristoph Hellwig } 2478a70e65dfSChristoph Hellwig EXPORT_SYMBOL(filp_open); 2479a70e65dfSChristoph Hellwig 2480a70e65dfSChristoph Hellwig /** 24811da177e4SLinus Torvalds * lookup_create - lookup a dentry, creating it if it doesn't exist 24821da177e4SLinus Torvalds * @nd: nameidata info 24831da177e4SLinus Torvalds * @is_dir: directory flag 24841da177e4SLinus Torvalds * 24851da177e4SLinus Torvalds * Simple function to lookup and return a dentry and create it 24861da177e4SLinus Torvalds * if it doesn't exist. Is SMP-safe. 2487c663e5d8SChristoph Hellwig * 24884ac91378SJan Blunck * Returns with nd->path.dentry->d_inode->i_mutex locked. 24891da177e4SLinus Torvalds */ 24901da177e4SLinus Torvalds struct dentry *lookup_create(struct nameidata *nd, int is_dir) 24911da177e4SLinus Torvalds { 2492c663e5d8SChristoph Hellwig struct dentry *dentry = ERR_PTR(-EEXIST); 24931da177e4SLinus Torvalds 24944ac91378SJan Blunck mutex_lock_nested(&nd->path.dentry->d_inode->i_mutex, I_MUTEX_PARENT); 2495c663e5d8SChristoph Hellwig /* 2496c663e5d8SChristoph Hellwig * Yucky last component or no last component at all? 2497c663e5d8SChristoph Hellwig * (foo/., foo/.., /////) 2498c663e5d8SChristoph Hellwig */ 24991da177e4SLinus Torvalds if (nd->last_type != LAST_NORM) 25001da177e4SLinus Torvalds goto fail; 25011da177e4SLinus Torvalds nd->flags &= ~LOOKUP_PARENT; 25023516586aSAl Viro nd->flags |= LOOKUP_CREATE | LOOKUP_EXCL; 2503a634904aSASANO Masahiro nd->intent.open.flags = O_EXCL; 2504c663e5d8SChristoph Hellwig 2505c663e5d8SChristoph Hellwig /* 2506c663e5d8SChristoph Hellwig * Do the final lookup. 2507c663e5d8SChristoph Hellwig */ 250849705b77SChristoph Hellwig dentry = lookup_hash(nd); 25091da177e4SLinus Torvalds if (IS_ERR(dentry)) 25101da177e4SLinus Torvalds goto fail; 2511c663e5d8SChristoph Hellwig 2512e9baf6e5SAl Viro if (dentry->d_inode) 2513e9baf6e5SAl Viro goto eexist; 2514c663e5d8SChristoph Hellwig /* 2515c663e5d8SChristoph Hellwig * Special case - lookup gave negative, but... we had foo/bar/ 2516c663e5d8SChristoph Hellwig * From the vfs_mknod() POV we just have a negative dentry - 2517c663e5d8SChristoph Hellwig * all is fine. Let's be bastards - you had / on the end, you've 2518c663e5d8SChristoph Hellwig * been asking for (non-existent) directory. -ENOENT for you. 2519c663e5d8SChristoph Hellwig */ 2520e9baf6e5SAl Viro if (unlikely(!is_dir && nd->last.name[nd->last.len])) { 25211da177e4SLinus Torvalds dput(dentry); 25221da177e4SLinus Torvalds dentry = ERR_PTR(-ENOENT); 2523e9baf6e5SAl Viro } 2524e9baf6e5SAl Viro return dentry; 2525e9baf6e5SAl Viro eexist: 2526e9baf6e5SAl Viro dput(dentry); 2527e9baf6e5SAl Viro dentry = ERR_PTR(-EEXIST); 25281da177e4SLinus Torvalds fail: 25291da177e4SLinus Torvalds return dentry; 25301da177e4SLinus Torvalds } 2531f81a0bffSChristoph Hellwig EXPORT_SYMBOL_GPL(lookup_create); 25321da177e4SLinus Torvalds 25331da177e4SLinus Torvalds int vfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev) 25341da177e4SLinus Torvalds { 2535a95164d9SMiklos Szeredi int error = may_create(dir, dentry); 25361da177e4SLinus Torvalds 25371da177e4SLinus Torvalds if (error) 25381da177e4SLinus Torvalds return error; 25391da177e4SLinus Torvalds 25401da177e4SLinus Torvalds if ((S_ISCHR(mode) || S_ISBLK(mode)) && !capable(CAP_MKNOD)) 25411da177e4SLinus Torvalds return -EPERM; 25421da177e4SLinus Torvalds 2543acfa4380SAl Viro if (!dir->i_op->mknod) 25441da177e4SLinus Torvalds return -EPERM; 25451da177e4SLinus Torvalds 254608ce5f16SSerge E. Hallyn error = devcgroup_inode_mknod(mode, dev); 254708ce5f16SSerge E. Hallyn if (error) 254808ce5f16SSerge E. Hallyn return error; 254908ce5f16SSerge E. Hallyn 25501da177e4SLinus Torvalds error = security_inode_mknod(dir, dentry, mode, dev); 25511da177e4SLinus Torvalds if (error) 25521da177e4SLinus Torvalds return error; 25531da177e4SLinus Torvalds 25541da177e4SLinus Torvalds error = dir->i_op->mknod(dir, dentry, mode, dev); 2555a74574aaSStephen Smalley if (!error) 2556f38aa942SAmy Griffis fsnotify_create(dir, dentry); 25571da177e4SLinus Torvalds return error; 25581da177e4SLinus Torvalds } 25591da177e4SLinus Torvalds 2560463c3197SDave Hansen static int may_mknod(mode_t mode) 2561463c3197SDave Hansen { 2562463c3197SDave Hansen switch (mode & S_IFMT) { 2563463c3197SDave Hansen case S_IFREG: 2564463c3197SDave Hansen case S_IFCHR: 2565463c3197SDave Hansen case S_IFBLK: 2566463c3197SDave Hansen case S_IFIFO: 2567463c3197SDave Hansen case S_IFSOCK: 2568463c3197SDave Hansen case 0: /* zero mode translates to S_IFREG */ 2569463c3197SDave Hansen return 0; 2570463c3197SDave Hansen case S_IFDIR: 2571463c3197SDave Hansen return -EPERM; 2572463c3197SDave Hansen default: 2573463c3197SDave Hansen return -EINVAL; 2574463c3197SDave Hansen } 2575463c3197SDave Hansen } 2576463c3197SDave Hansen 25772e4d0924SHeiko Carstens SYSCALL_DEFINE4(mknodat, int, dfd, const char __user *, filename, int, mode, 25782e4d0924SHeiko Carstens unsigned, dev) 25791da177e4SLinus Torvalds { 25802ad94ae6SAl Viro int error; 25811da177e4SLinus Torvalds char *tmp; 25821da177e4SLinus Torvalds struct dentry *dentry; 25831da177e4SLinus Torvalds struct nameidata nd; 25841da177e4SLinus Torvalds 25851da177e4SLinus Torvalds if (S_ISDIR(mode)) 25861da177e4SLinus Torvalds return -EPERM; 25871da177e4SLinus Torvalds 25882ad94ae6SAl Viro error = user_path_parent(dfd, filename, &nd, &tmp); 25891da177e4SLinus Torvalds if (error) 25902ad94ae6SAl Viro return error; 25912ad94ae6SAl Viro 25921da177e4SLinus Torvalds dentry = lookup_create(&nd, 0); 2593463c3197SDave Hansen if (IS_ERR(dentry)) { 25941da177e4SLinus Torvalds error = PTR_ERR(dentry); 2595463c3197SDave Hansen goto out_unlock; 2596463c3197SDave Hansen } 25974ac91378SJan Blunck if (!IS_POSIXACL(nd.path.dentry->d_inode)) 2598ce3b0f8dSAl Viro mode &= ~current_umask(); 2599463c3197SDave Hansen error = may_mknod(mode); 2600463c3197SDave Hansen if (error) 2601463c3197SDave Hansen goto out_dput; 2602463c3197SDave Hansen error = mnt_want_write(nd.path.mnt); 2603463c3197SDave Hansen if (error) 2604463c3197SDave Hansen goto out_dput; 2605be6d3e56SKentaro Takeda error = security_path_mknod(&nd.path, dentry, mode, dev); 2606be6d3e56SKentaro Takeda if (error) 2607be6d3e56SKentaro Takeda goto out_drop_write; 26081da177e4SLinus Torvalds switch (mode & S_IFMT) { 26091da177e4SLinus Torvalds case 0: case S_IFREG: 26104ac91378SJan Blunck error = vfs_create(nd.path.dentry->d_inode,dentry,mode,&nd); 26111da177e4SLinus Torvalds break; 26121da177e4SLinus Torvalds case S_IFCHR: case S_IFBLK: 26134ac91378SJan Blunck error = vfs_mknod(nd.path.dentry->d_inode,dentry,mode, 26141da177e4SLinus Torvalds new_decode_dev(dev)); 26151da177e4SLinus Torvalds break; 26161da177e4SLinus Torvalds case S_IFIFO: case S_IFSOCK: 26174ac91378SJan Blunck error = vfs_mknod(nd.path.dentry->d_inode,dentry,mode,0); 26181da177e4SLinus Torvalds break; 26191da177e4SLinus Torvalds } 2620be6d3e56SKentaro Takeda out_drop_write: 2621463c3197SDave Hansen mnt_drop_write(nd.path.mnt); 2622463c3197SDave Hansen out_dput: 26231da177e4SLinus Torvalds dput(dentry); 2624463c3197SDave Hansen out_unlock: 26254ac91378SJan Blunck mutex_unlock(&nd.path.dentry->d_inode->i_mutex); 26261d957f9bSJan Blunck path_put(&nd.path); 26271da177e4SLinus Torvalds putname(tmp); 26281da177e4SLinus Torvalds 26291da177e4SLinus Torvalds return error; 26301da177e4SLinus Torvalds } 26311da177e4SLinus Torvalds 26323480b257SHeiko Carstens SYSCALL_DEFINE3(mknod, const char __user *, filename, int, mode, unsigned, dev) 26335590ff0dSUlrich Drepper { 26345590ff0dSUlrich Drepper return sys_mknodat(AT_FDCWD, filename, mode, dev); 26355590ff0dSUlrich Drepper } 26365590ff0dSUlrich Drepper 26371da177e4SLinus Torvalds int vfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) 26381da177e4SLinus Torvalds { 2639a95164d9SMiklos Szeredi int error = may_create(dir, dentry); 26401da177e4SLinus Torvalds 26411da177e4SLinus Torvalds if (error) 26421da177e4SLinus Torvalds return error; 26431da177e4SLinus Torvalds 2644acfa4380SAl Viro if (!dir->i_op->mkdir) 26451da177e4SLinus Torvalds return -EPERM; 26461da177e4SLinus Torvalds 26471da177e4SLinus Torvalds mode &= (S_IRWXUGO|S_ISVTX); 26481da177e4SLinus Torvalds error = security_inode_mkdir(dir, dentry, mode); 26491da177e4SLinus Torvalds if (error) 26501da177e4SLinus Torvalds return error; 26511da177e4SLinus Torvalds 26521da177e4SLinus Torvalds error = dir->i_op->mkdir(dir, dentry, mode); 2653a74574aaSStephen Smalley if (!error) 2654f38aa942SAmy Griffis fsnotify_mkdir(dir, dentry); 26551da177e4SLinus Torvalds return error; 26561da177e4SLinus Torvalds } 26571da177e4SLinus Torvalds 26582e4d0924SHeiko Carstens SYSCALL_DEFINE3(mkdirat, int, dfd, const char __user *, pathname, int, mode) 26591da177e4SLinus Torvalds { 26601da177e4SLinus Torvalds int error = 0; 26611da177e4SLinus Torvalds char * tmp; 26626902d925SDave Hansen struct dentry *dentry; 26636902d925SDave Hansen struct nameidata nd; 26641da177e4SLinus Torvalds 26652ad94ae6SAl Viro error = user_path_parent(dfd, pathname, &nd, &tmp); 26662ad94ae6SAl Viro if (error) 26676902d925SDave Hansen goto out_err; 26681da177e4SLinus Torvalds 26691da177e4SLinus Torvalds dentry = lookup_create(&nd, 1); 26701da177e4SLinus Torvalds error = PTR_ERR(dentry); 26716902d925SDave Hansen if (IS_ERR(dentry)) 26726902d925SDave Hansen goto out_unlock; 26736902d925SDave Hansen 26744ac91378SJan Blunck if (!IS_POSIXACL(nd.path.dentry->d_inode)) 2675ce3b0f8dSAl Viro mode &= ~current_umask(); 2676463c3197SDave Hansen error = mnt_want_write(nd.path.mnt); 2677463c3197SDave Hansen if (error) 2678463c3197SDave Hansen goto out_dput; 2679be6d3e56SKentaro Takeda error = security_path_mkdir(&nd.path, dentry, mode); 2680be6d3e56SKentaro Takeda if (error) 2681be6d3e56SKentaro Takeda goto out_drop_write; 26824ac91378SJan Blunck error = vfs_mkdir(nd.path.dentry->d_inode, dentry, mode); 2683be6d3e56SKentaro Takeda out_drop_write: 2684463c3197SDave Hansen mnt_drop_write(nd.path.mnt); 2685463c3197SDave Hansen out_dput: 26861da177e4SLinus Torvalds dput(dentry); 26876902d925SDave Hansen out_unlock: 26884ac91378SJan Blunck mutex_unlock(&nd.path.dentry->d_inode->i_mutex); 26891d957f9bSJan Blunck path_put(&nd.path); 26901da177e4SLinus Torvalds putname(tmp); 26916902d925SDave Hansen out_err: 26921da177e4SLinus Torvalds return error; 26931da177e4SLinus Torvalds } 26941da177e4SLinus Torvalds 26953cdad428SHeiko Carstens SYSCALL_DEFINE2(mkdir, const char __user *, pathname, int, mode) 26965590ff0dSUlrich Drepper { 26975590ff0dSUlrich Drepper return sys_mkdirat(AT_FDCWD, pathname, mode); 26985590ff0dSUlrich Drepper } 26995590ff0dSUlrich Drepper 27001da177e4SLinus Torvalds /* 27011da177e4SLinus Torvalds * We try to drop the dentry early: we should have 27021da177e4SLinus Torvalds * a usage count of 2 if we're the only user of this 27031da177e4SLinus Torvalds * dentry, and if that is true (possibly after pruning 27041da177e4SLinus Torvalds * the dcache), then we drop the dentry now. 27051da177e4SLinus Torvalds * 27061da177e4SLinus Torvalds * A low-level filesystem can, if it choses, legally 27071da177e4SLinus Torvalds * do a 27081da177e4SLinus Torvalds * 27091da177e4SLinus Torvalds * if (!d_unhashed(dentry)) 27101da177e4SLinus Torvalds * return -EBUSY; 27111da177e4SLinus Torvalds * 27121da177e4SLinus Torvalds * if it cannot handle the case of removing a directory 27131da177e4SLinus Torvalds * that is still in use by something else.. 27141da177e4SLinus Torvalds */ 27151da177e4SLinus Torvalds void dentry_unhash(struct dentry *dentry) 27161da177e4SLinus Torvalds { 27171da177e4SLinus Torvalds dget(dentry); 27181da177e4SLinus Torvalds shrink_dcache_parent(dentry); 27191da177e4SLinus Torvalds spin_lock(&dentry->d_lock); 2720b7ab39f6SNick Piggin if (dentry->d_count == 2) 27211da177e4SLinus Torvalds __d_drop(dentry); 27221da177e4SLinus Torvalds spin_unlock(&dentry->d_lock); 27231da177e4SLinus Torvalds } 27241da177e4SLinus Torvalds 27251da177e4SLinus Torvalds int vfs_rmdir(struct inode *dir, struct dentry *dentry) 27261da177e4SLinus Torvalds { 27271da177e4SLinus Torvalds int error = may_delete(dir, dentry, 1); 27281da177e4SLinus Torvalds 27291da177e4SLinus Torvalds if (error) 27301da177e4SLinus Torvalds return error; 27311da177e4SLinus Torvalds 2732acfa4380SAl Viro if (!dir->i_op->rmdir) 27331da177e4SLinus Torvalds return -EPERM; 27341da177e4SLinus Torvalds 27351b1dcc1bSJes Sorensen mutex_lock(&dentry->d_inode->i_mutex); 27361da177e4SLinus Torvalds dentry_unhash(dentry); 27371da177e4SLinus Torvalds if (d_mountpoint(dentry)) 27381da177e4SLinus Torvalds error = -EBUSY; 27391da177e4SLinus Torvalds else { 27401da177e4SLinus Torvalds error = security_inode_rmdir(dir, dentry); 27411da177e4SLinus Torvalds if (!error) { 27421da177e4SLinus Torvalds error = dir->i_op->rmdir(dir, dentry); 2743d83c49f3SAl Viro if (!error) { 27441da177e4SLinus Torvalds dentry->d_inode->i_flags |= S_DEAD; 2745d83c49f3SAl Viro dont_mount(dentry); 2746d83c49f3SAl Viro } 27471da177e4SLinus Torvalds } 27481da177e4SLinus Torvalds } 27491b1dcc1bSJes Sorensen mutex_unlock(&dentry->d_inode->i_mutex); 27501da177e4SLinus Torvalds if (!error) { 27511da177e4SLinus Torvalds d_delete(dentry); 27521da177e4SLinus Torvalds } 27531da177e4SLinus Torvalds dput(dentry); 27541da177e4SLinus Torvalds 27551da177e4SLinus Torvalds return error; 27561da177e4SLinus Torvalds } 27571da177e4SLinus Torvalds 27585590ff0dSUlrich Drepper static long do_rmdir(int dfd, const char __user *pathname) 27591da177e4SLinus Torvalds { 27601da177e4SLinus Torvalds int error = 0; 27611da177e4SLinus Torvalds char * name; 27621da177e4SLinus Torvalds struct dentry *dentry; 27631da177e4SLinus Torvalds struct nameidata nd; 27641da177e4SLinus Torvalds 27652ad94ae6SAl Viro error = user_path_parent(dfd, pathname, &nd, &name); 27661da177e4SLinus Torvalds if (error) 27672ad94ae6SAl Viro return error; 27681da177e4SLinus Torvalds 27691da177e4SLinus Torvalds switch(nd.last_type) { 27701da177e4SLinus Torvalds case LAST_DOTDOT: 27711da177e4SLinus Torvalds error = -ENOTEMPTY; 27721da177e4SLinus Torvalds goto exit1; 27731da177e4SLinus Torvalds case LAST_DOT: 27741da177e4SLinus Torvalds error = -EINVAL; 27751da177e4SLinus Torvalds goto exit1; 27761da177e4SLinus Torvalds case LAST_ROOT: 27771da177e4SLinus Torvalds error = -EBUSY; 27781da177e4SLinus Torvalds goto exit1; 27791da177e4SLinus Torvalds } 27800612d9fbSOGAWA Hirofumi 27810612d9fbSOGAWA Hirofumi nd.flags &= ~LOOKUP_PARENT; 27820612d9fbSOGAWA Hirofumi 27834ac91378SJan Blunck mutex_lock_nested(&nd.path.dentry->d_inode->i_mutex, I_MUTEX_PARENT); 278449705b77SChristoph Hellwig dentry = lookup_hash(&nd); 27851da177e4SLinus Torvalds error = PTR_ERR(dentry); 27866902d925SDave Hansen if (IS_ERR(dentry)) 27876902d925SDave Hansen goto exit2; 27880622753bSDave Hansen error = mnt_want_write(nd.path.mnt); 27890622753bSDave Hansen if (error) 27900622753bSDave Hansen goto exit3; 2791be6d3e56SKentaro Takeda error = security_path_rmdir(&nd.path, dentry); 2792be6d3e56SKentaro Takeda if (error) 2793be6d3e56SKentaro Takeda goto exit4; 27944ac91378SJan Blunck error = vfs_rmdir(nd.path.dentry->d_inode, dentry); 2795be6d3e56SKentaro Takeda exit4: 27960622753bSDave Hansen mnt_drop_write(nd.path.mnt); 27970622753bSDave Hansen exit3: 27981da177e4SLinus Torvalds dput(dentry); 27996902d925SDave Hansen exit2: 28004ac91378SJan Blunck mutex_unlock(&nd.path.dentry->d_inode->i_mutex); 28011da177e4SLinus Torvalds exit1: 28021d957f9bSJan Blunck path_put(&nd.path); 28031da177e4SLinus Torvalds putname(name); 28041da177e4SLinus Torvalds return error; 28051da177e4SLinus Torvalds } 28061da177e4SLinus Torvalds 28073cdad428SHeiko Carstens SYSCALL_DEFINE1(rmdir, const char __user *, pathname) 28085590ff0dSUlrich Drepper { 28095590ff0dSUlrich Drepper return do_rmdir(AT_FDCWD, pathname); 28105590ff0dSUlrich Drepper } 28115590ff0dSUlrich Drepper 28121da177e4SLinus Torvalds int vfs_unlink(struct inode *dir, struct dentry *dentry) 28131da177e4SLinus Torvalds { 28141da177e4SLinus Torvalds int error = may_delete(dir, dentry, 0); 28151da177e4SLinus Torvalds 28161da177e4SLinus Torvalds if (error) 28171da177e4SLinus Torvalds return error; 28181da177e4SLinus Torvalds 2819acfa4380SAl Viro if (!dir->i_op->unlink) 28201da177e4SLinus Torvalds return -EPERM; 28211da177e4SLinus Torvalds 28221b1dcc1bSJes Sorensen mutex_lock(&dentry->d_inode->i_mutex); 28231da177e4SLinus Torvalds if (d_mountpoint(dentry)) 28241da177e4SLinus Torvalds error = -EBUSY; 28251da177e4SLinus Torvalds else { 28261da177e4SLinus Torvalds error = security_inode_unlink(dir, dentry); 2827bec1052eSAl Viro if (!error) { 28281da177e4SLinus Torvalds error = dir->i_op->unlink(dir, dentry); 2829bec1052eSAl Viro if (!error) 2830d83c49f3SAl Viro dont_mount(dentry); 2831bec1052eSAl Viro } 28321da177e4SLinus Torvalds } 28331b1dcc1bSJes Sorensen mutex_unlock(&dentry->d_inode->i_mutex); 28341da177e4SLinus Torvalds 28351da177e4SLinus Torvalds /* We don't d_delete() NFS sillyrenamed files--they still exist. */ 28361da177e4SLinus Torvalds if (!error && !(dentry->d_flags & DCACHE_NFSFS_RENAMED)) { 2837ece95912SJan Kara fsnotify_link_count(dentry->d_inode); 28381da177e4SLinus Torvalds d_delete(dentry); 28391da177e4SLinus Torvalds } 28400eeca283SRobert Love 28411da177e4SLinus Torvalds return error; 28421da177e4SLinus Torvalds } 28431da177e4SLinus Torvalds 28441da177e4SLinus Torvalds /* 28451da177e4SLinus Torvalds * Make sure that the actual truncation of the file will occur outside its 28461b1dcc1bSJes Sorensen * directory's i_mutex. Truncate can take a long time if there is a lot of 28471da177e4SLinus Torvalds * writeout happening, and we don't want to prevent access to the directory 28481da177e4SLinus Torvalds * while waiting on the I/O. 28491da177e4SLinus Torvalds */ 28505590ff0dSUlrich Drepper static long do_unlinkat(int dfd, const char __user *pathname) 28511da177e4SLinus Torvalds { 28522ad94ae6SAl Viro int error; 28531da177e4SLinus Torvalds char *name; 28541da177e4SLinus Torvalds struct dentry *dentry; 28551da177e4SLinus Torvalds struct nameidata nd; 28561da177e4SLinus Torvalds struct inode *inode = NULL; 28571da177e4SLinus Torvalds 28582ad94ae6SAl Viro error = user_path_parent(dfd, pathname, &nd, &name); 28591da177e4SLinus Torvalds if (error) 28602ad94ae6SAl Viro return error; 28612ad94ae6SAl Viro 28621da177e4SLinus Torvalds error = -EISDIR; 28631da177e4SLinus Torvalds if (nd.last_type != LAST_NORM) 28641da177e4SLinus Torvalds goto exit1; 28650612d9fbSOGAWA Hirofumi 28660612d9fbSOGAWA Hirofumi nd.flags &= ~LOOKUP_PARENT; 28670612d9fbSOGAWA Hirofumi 28684ac91378SJan Blunck mutex_lock_nested(&nd.path.dentry->d_inode->i_mutex, I_MUTEX_PARENT); 286949705b77SChristoph Hellwig dentry = lookup_hash(&nd); 28701da177e4SLinus Torvalds error = PTR_ERR(dentry); 28711da177e4SLinus Torvalds if (!IS_ERR(dentry)) { 28721da177e4SLinus Torvalds /* Why not before? Because we want correct error value */ 28731da177e4SLinus Torvalds if (nd.last.name[nd.last.len]) 28741da177e4SLinus Torvalds goto slashes; 28751da177e4SLinus Torvalds inode = dentry->d_inode; 28761da177e4SLinus Torvalds if (inode) 28777de9c6eeSAl Viro ihold(inode); 28780622753bSDave Hansen error = mnt_want_write(nd.path.mnt); 28790622753bSDave Hansen if (error) 28800622753bSDave Hansen goto exit2; 2881be6d3e56SKentaro Takeda error = security_path_unlink(&nd.path, dentry); 2882be6d3e56SKentaro Takeda if (error) 2883be6d3e56SKentaro Takeda goto exit3; 28844ac91378SJan Blunck error = vfs_unlink(nd.path.dentry->d_inode, dentry); 2885be6d3e56SKentaro Takeda exit3: 28860622753bSDave Hansen mnt_drop_write(nd.path.mnt); 28871da177e4SLinus Torvalds exit2: 28881da177e4SLinus Torvalds dput(dentry); 28891da177e4SLinus Torvalds } 28904ac91378SJan Blunck mutex_unlock(&nd.path.dentry->d_inode->i_mutex); 28911da177e4SLinus Torvalds if (inode) 28921da177e4SLinus Torvalds iput(inode); /* truncate the inode here */ 28931da177e4SLinus Torvalds exit1: 28941d957f9bSJan Blunck path_put(&nd.path); 28951da177e4SLinus Torvalds putname(name); 28961da177e4SLinus Torvalds return error; 28971da177e4SLinus Torvalds 28981da177e4SLinus Torvalds slashes: 28991da177e4SLinus Torvalds error = !dentry->d_inode ? -ENOENT : 29001da177e4SLinus Torvalds S_ISDIR(dentry->d_inode->i_mode) ? -EISDIR : -ENOTDIR; 29011da177e4SLinus Torvalds goto exit2; 29021da177e4SLinus Torvalds } 29031da177e4SLinus Torvalds 29042e4d0924SHeiko Carstens SYSCALL_DEFINE3(unlinkat, int, dfd, const char __user *, pathname, int, flag) 29055590ff0dSUlrich Drepper { 29065590ff0dSUlrich Drepper if ((flag & ~AT_REMOVEDIR) != 0) 29075590ff0dSUlrich Drepper return -EINVAL; 29085590ff0dSUlrich Drepper 29095590ff0dSUlrich Drepper if (flag & AT_REMOVEDIR) 29105590ff0dSUlrich Drepper return do_rmdir(dfd, pathname); 29115590ff0dSUlrich Drepper 29125590ff0dSUlrich Drepper return do_unlinkat(dfd, pathname); 29135590ff0dSUlrich Drepper } 29145590ff0dSUlrich Drepper 29153480b257SHeiko Carstens SYSCALL_DEFINE1(unlink, const char __user *, pathname) 29165590ff0dSUlrich Drepper { 29175590ff0dSUlrich Drepper return do_unlinkat(AT_FDCWD, pathname); 29185590ff0dSUlrich Drepper } 29195590ff0dSUlrich Drepper 2920db2e747bSMiklos Szeredi int vfs_symlink(struct inode *dir, struct dentry *dentry, const char *oldname) 29211da177e4SLinus Torvalds { 2922a95164d9SMiklos Szeredi int error = may_create(dir, dentry); 29231da177e4SLinus Torvalds 29241da177e4SLinus Torvalds if (error) 29251da177e4SLinus Torvalds return error; 29261da177e4SLinus Torvalds 2927acfa4380SAl Viro if (!dir->i_op->symlink) 29281da177e4SLinus Torvalds return -EPERM; 29291da177e4SLinus Torvalds 29301da177e4SLinus Torvalds error = security_inode_symlink(dir, dentry, oldname); 29311da177e4SLinus Torvalds if (error) 29321da177e4SLinus Torvalds return error; 29331da177e4SLinus Torvalds 29341da177e4SLinus Torvalds error = dir->i_op->symlink(dir, dentry, oldname); 2935a74574aaSStephen Smalley if (!error) 2936f38aa942SAmy Griffis fsnotify_create(dir, dentry); 29371da177e4SLinus Torvalds return error; 29381da177e4SLinus Torvalds } 29391da177e4SLinus Torvalds 29402e4d0924SHeiko Carstens SYSCALL_DEFINE3(symlinkat, const char __user *, oldname, 29412e4d0924SHeiko Carstens int, newdfd, const char __user *, newname) 29421da177e4SLinus Torvalds { 29432ad94ae6SAl Viro int error; 29441da177e4SLinus Torvalds char *from; 29451da177e4SLinus Torvalds char *to; 29466902d925SDave Hansen struct dentry *dentry; 29476902d925SDave Hansen struct nameidata nd; 29481da177e4SLinus Torvalds 29491da177e4SLinus Torvalds from = getname(oldname); 29501da177e4SLinus Torvalds if (IS_ERR(from)) 29511da177e4SLinus Torvalds return PTR_ERR(from); 29522ad94ae6SAl Viro 29532ad94ae6SAl Viro error = user_path_parent(newdfd, newname, &nd, &to); 29542ad94ae6SAl Viro if (error) 29556902d925SDave Hansen goto out_putname; 29561da177e4SLinus Torvalds 29571da177e4SLinus Torvalds dentry = lookup_create(&nd, 0); 29581da177e4SLinus Torvalds error = PTR_ERR(dentry); 29596902d925SDave Hansen if (IS_ERR(dentry)) 29606902d925SDave Hansen goto out_unlock; 29616902d925SDave Hansen 296275c3f29dSDave Hansen error = mnt_want_write(nd.path.mnt); 296375c3f29dSDave Hansen if (error) 296475c3f29dSDave Hansen goto out_dput; 2965be6d3e56SKentaro Takeda error = security_path_symlink(&nd.path, dentry, from); 2966be6d3e56SKentaro Takeda if (error) 2967be6d3e56SKentaro Takeda goto out_drop_write; 2968db2e747bSMiklos Szeredi error = vfs_symlink(nd.path.dentry->d_inode, dentry, from); 2969be6d3e56SKentaro Takeda out_drop_write: 297075c3f29dSDave Hansen mnt_drop_write(nd.path.mnt); 297175c3f29dSDave Hansen out_dput: 29721da177e4SLinus Torvalds dput(dentry); 29736902d925SDave Hansen out_unlock: 29744ac91378SJan Blunck mutex_unlock(&nd.path.dentry->d_inode->i_mutex); 29751d957f9bSJan Blunck path_put(&nd.path); 29761da177e4SLinus Torvalds putname(to); 29776902d925SDave Hansen out_putname: 29781da177e4SLinus Torvalds putname(from); 29791da177e4SLinus Torvalds return error; 29801da177e4SLinus Torvalds } 29811da177e4SLinus Torvalds 29823480b257SHeiko Carstens SYSCALL_DEFINE2(symlink, const char __user *, oldname, const char __user *, newname) 29835590ff0dSUlrich Drepper { 29845590ff0dSUlrich Drepper return sys_symlinkat(oldname, AT_FDCWD, newname); 29855590ff0dSUlrich Drepper } 29865590ff0dSUlrich Drepper 29871da177e4SLinus Torvalds int vfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_dentry) 29881da177e4SLinus Torvalds { 29891da177e4SLinus Torvalds struct inode *inode = old_dentry->d_inode; 29901da177e4SLinus Torvalds int error; 29911da177e4SLinus Torvalds 29921da177e4SLinus Torvalds if (!inode) 29931da177e4SLinus Torvalds return -ENOENT; 29941da177e4SLinus Torvalds 2995a95164d9SMiklos Szeredi error = may_create(dir, new_dentry); 29961da177e4SLinus Torvalds if (error) 29971da177e4SLinus Torvalds return error; 29981da177e4SLinus Torvalds 29991da177e4SLinus Torvalds if (dir->i_sb != inode->i_sb) 30001da177e4SLinus Torvalds return -EXDEV; 30011da177e4SLinus Torvalds 30021da177e4SLinus Torvalds /* 30031da177e4SLinus Torvalds * A link to an append-only or immutable file cannot be created. 30041da177e4SLinus Torvalds */ 30051da177e4SLinus Torvalds if (IS_APPEND(inode) || IS_IMMUTABLE(inode)) 30061da177e4SLinus Torvalds return -EPERM; 3007acfa4380SAl Viro if (!dir->i_op->link) 30081da177e4SLinus Torvalds return -EPERM; 30097e79eedbSTetsuo Handa if (S_ISDIR(inode->i_mode)) 30101da177e4SLinus Torvalds return -EPERM; 30111da177e4SLinus Torvalds 30121da177e4SLinus Torvalds error = security_inode_link(old_dentry, dir, new_dentry); 30131da177e4SLinus Torvalds if (error) 30141da177e4SLinus Torvalds return error; 30151da177e4SLinus Torvalds 30167e79eedbSTetsuo Handa mutex_lock(&inode->i_mutex); 30171da177e4SLinus Torvalds error = dir->i_op->link(old_dentry, dir, new_dentry); 30187e79eedbSTetsuo Handa mutex_unlock(&inode->i_mutex); 3019e31e14ecSStephen Smalley if (!error) 30207e79eedbSTetsuo Handa fsnotify_link(dir, inode, new_dentry); 30211da177e4SLinus Torvalds return error; 30221da177e4SLinus Torvalds } 30231da177e4SLinus Torvalds 30241da177e4SLinus Torvalds /* 30251da177e4SLinus Torvalds * Hardlinks are often used in delicate situations. We avoid 30261da177e4SLinus Torvalds * security-related surprises by not following symlinks on the 30271da177e4SLinus Torvalds * newname. --KAB 30281da177e4SLinus Torvalds * 30291da177e4SLinus Torvalds * We don't follow them on the oldname either to be compatible 30301da177e4SLinus Torvalds * with linux 2.0, and to avoid hard-linking to directories 30311da177e4SLinus Torvalds * and other special files. --ADM 30321da177e4SLinus Torvalds */ 30332e4d0924SHeiko Carstens SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname, 30342e4d0924SHeiko Carstens int, newdfd, const char __user *, newname, int, flags) 30351da177e4SLinus Torvalds { 30361da177e4SLinus Torvalds struct dentry *new_dentry; 30372d8f3038SAl Viro struct nameidata nd; 30382d8f3038SAl Viro struct path old_path; 30391da177e4SLinus Torvalds int error; 30401da177e4SLinus Torvalds char *to; 30411da177e4SLinus Torvalds 304245c9b11aSUlrich Drepper if ((flags & ~AT_SYMLINK_FOLLOW) != 0) 3043c04030e1SUlrich Drepper return -EINVAL; 3044c04030e1SUlrich Drepper 30452d8f3038SAl Viro error = user_path_at(olddfd, oldname, 304645c9b11aSUlrich Drepper flags & AT_SYMLINK_FOLLOW ? LOOKUP_FOLLOW : 0, 30472d8f3038SAl Viro &old_path); 30481da177e4SLinus Torvalds if (error) 30492ad94ae6SAl Viro return error; 30502ad94ae6SAl Viro 30512ad94ae6SAl Viro error = user_path_parent(newdfd, newname, &nd, &to); 30521da177e4SLinus Torvalds if (error) 30531da177e4SLinus Torvalds goto out; 30541da177e4SLinus Torvalds error = -EXDEV; 30552d8f3038SAl Viro if (old_path.mnt != nd.path.mnt) 30561da177e4SLinus Torvalds goto out_release; 30571da177e4SLinus Torvalds new_dentry = lookup_create(&nd, 0); 30581da177e4SLinus Torvalds error = PTR_ERR(new_dentry); 30596902d925SDave Hansen if (IS_ERR(new_dentry)) 30606902d925SDave Hansen goto out_unlock; 306175c3f29dSDave Hansen error = mnt_want_write(nd.path.mnt); 306275c3f29dSDave Hansen if (error) 306375c3f29dSDave Hansen goto out_dput; 3064be6d3e56SKentaro Takeda error = security_path_link(old_path.dentry, &nd.path, new_dentry); 3065be6d3e56SKentaro Takeda if (error) 3066be6d3e56SKentaro Takeda goto out_drop_write; 30672d8f3038SAl Viro error = vfs_link(old_path.dentry, nd.path.dentry->d_inode, new_dentry); 3068be6d3e56SKentaro Takeda out_drop_write: 306975c3f29dSDave Hansen mnt_drop_write(nd.path.mnt); 307075c3f29dSDave Hansen out_dput: 30711da177e4SLinus Torvalds dput(new_dentry); 30726902d925SDave Hansen out_unlock: 30734ac91378SJan Blunck mutex_unlock(&nd.path.dentry->d_inode->i_mutex); 30741da177e4SLinus Torvalds out_release: 30751d957f9bSJan Blunck path_put(&nd.path); 30762ad94ae6SAl Viro putname(to); 30771da177e4SLinus Torvalds out: 30782d8f3038SAl Viro path_put(&old_path); 30791da177e4SLinus Torvalds 30801da177e4SLinus Torvalds return error; 30811da177e4SLinus Torvalds } 30821da177e4SLinus Torvalds 30833480b257SHeiko Carstens SYSCALL_DEFINE2(link, const char __user *, oldname, const char __user *, newname) 30845590ff0dSUlrich Drepper { 3085c04030e1SUlrich Drepper return sys_linkat(AT_FDCWD, oldname, AT_FDCWD, newname, 0); 30865590ff0dSUlrich Drepper } 30875590ff0dSUlrich Drepper 30881da177e4SLinus Torvalds /* 30891da177e4SLinus Torvalds * The worst of all namespace operations - renaming directory. "Perverted" 30901da177e4SLinus Torvalds * doesn't even start to describe it. Somebody in UCB had a heck of a trip... 30911da177e4SLinus Torvalds * Problems: 30921da177e4SLinus Torvalds * a) we can get into loop creation. Check is done in is_subdir(). 30931da177e4SLinus Torvalds * b) race potential - two innocent renames can create a loop together. 30941da177e4SLinus Torvalds * That's where 4.4 screws up. Current fix: serialization on 3095a11f3a05SArjan van de Ven * sb->s_vfs_rename_mutex. We might be more accurate, but that's another 30961da177e4SLinus Torvalds * story. 30971da177e4SLinus Torvalds * c) we have to lock _three_ objects - parents and victim (if it exists). 30981b1dcc1bSJes Sorensen * And that - after we got ->i_mutex on parents (until then we don't know 30991da177e4SLinus Torvalds * whether the target exists). Solution: try to be smart with locking 31001da177e4SLinus Torvalds * order for inodes. We rely on the fact that tree topology may change 3101a11f3a05SArjan van de Ven * only under ->s_vfs_rename_mutex _and_ that parent of the object we 31021da177e4SLinus Torvalds * move will be locked. Thus we can rank directories by the tree 31031da177e4SLinus Torvalds * (ancestors first) and rank all non-directories after them. 31041da177e4SLinus Torvalds * That works since everybody except rename does "lock parent, lookup, 3105a11f3a05SArjan van de Ven * lock child" and rename is under ->s_vfs_rename_mutex. 31061da177e4SLinus Torvalds * HOWEVER, it relies on the assumption that any object with ->lookup() 31071da177e4SLinus Torvalds * has no more than 1 dentry. If "hybrid" objects will ever appear, 31081da177e4SLinus Torvalds * we'd better make sure that there's no link(2) for them. 31091da177e4SLinus Torvalds * d) some filesystems don't support opened-but-unlinked directories, 31101da177e4SLinus Torvalds * either because of layout or because they are not ready to deal with 31111da177e4SLinus Torvalds * all cases correctly. The latter will be fixed (taking this sort of 31121da177e4SLinus Torvalds * stuff into VFS), but the former is not going away. Solution: the same 31131da177e4SLinus Torvalds * trick as in rmdir(). 31141da177e4SLinus Torvalds * e) conversion from fhandle to dentry may come in the wrong moment - when 31151b1dcc1bSJes Sorensen * we are removing the target. Solution: we will have to grab ->i_mutex 31161da177e4SLinus Torvalds * in the fhandle_to_dentry code. [FIXME - current nfsfh.c relies on 3117c41b20e7SAdam Buchbinder * ->i_mutex on parents, which works but leads to some truly excessive 31181da177e4SLinus Torvalds * locking]. 31191da177e4SLinus Torvalds */ 312075c96f85SAdrian Bunk static int vfs_rename_dir(struct inode *old_dir, struct dentry *old_dentry, 31211da177e4SLinus Torvalds struct inode *new_dir, struct dentry *new_dentry) 31221da177e4SLinus Torvalds { 31231da177e4SLinus Torvalds int error = 0; 31241da177e4SLinus Torvalds struct inode *target; 31251da177e4SLinus Torvalds 31261da177e4SLinus Torvalds /* 31271da177e4SLinus Torvalds * If we are going to change the parent - check write permissions, 31281da177e4SLinus Torvalds * we'll need to flip '..'. 31291da177e4SLinus Torvalds */ 31301da177e4SLinus Torvalds if (new_dir != old_dir) { 3131f419a2e3SAl Viro error = inode_permission(old_dentry->d_inode, MAY_WRITE); 31321da177e4SLinus Torvalds if (error) 31331da177e4SLinus Torvalds return error; 31341da177e4SLinus Torvalds } 31351da177e4SLinus Torvalds 31361da177e4SLinus Torvalds error = security_inode_rename(old_dir, old_dentry, new_dir, new_dentry); 31371da177e4SLinus Torvalds if (error) 31381da177e4SLinus Torvalds return error; 31391da177e4SLinus Torvalds 31401da177e4SLinus Torvalds target = new_dentry->d_inode; 3141d83c49f3SAl Viro if (target) 31421b1dcc1bSJes Sorensen mutex_lock(&target->i_mutex); 31431da177e4SLinus Torvalds if (d_mountpoint(old_dentry)||d_mountpoint(new_dentry)) 31441da177e4SLinus Torvalds error = -EBUSY; 3145d83c49f3SAl Viro else { 3146d83c49f3SAl Viro if (target) 3147d83c49f3SAl Viro dentry_unhash(new_dentry); 31481da177e4SLinus Torvalds error = old_dir->i_op->rename(old_dir, old_dentry, new_dir, new_dentry); 3149d83c49f3SAl Viro } 31501da177e4SLinus Torvalds if (target) { 3151d83c49f3SAl Viro if (!error) { 31521da177e4SLinus Torvalds target->i_flags |= S_DEAD; 3153d83c49f3SAl Viro dont_mount(new_dentry); 3154d83c49f3SAl Viro } 31551b1dcc1bSJes Sorensen mutex_unlock(&target->i_mutex); 31561da177e4SLinus Torvalds if (d_unhashed(new_dentry)) 31571da177e4SLinus Torvalds d_rehash(new_dentry); 31581da177e4SLinus Torvalds dput(new_dentry); 31591da177e4SLinus Torvalds } 3160e31e14ecSStephen Smalley if (!error) 3161349457ccSMark Fasheh if (!(old_dir->i_sb->s_type->fs_flags & FS_RENAME_DOES_D_MOVE)) 31621da177e4SLinus Torvalds d_move(old_dentry,new_dentry); 31631da177e4SLinus Torvalds return error; 31641da177e4SLinus Torvalds } 31651da177e4SLinus Torvalds 316675c96f85SAdrian Bunk static int vfs_rename_other(struct inode *old_dir, struct dentry *old_dentry, 31671da177e4SLinus Torvalds struct inode *new_dir, struct dentry *new_dentry) 31681da177e4SLinus Torvalds { 31691da177e4SLinus Torvalds struct inode *target; 31701da177e4SLinus Torvalds int error; 31711da177e4SLinus Torvalds 31721da177e4SLinus Torvalds error = security_inode_rename(old_dir, old_dentry, new_dir, new_dentry); 31731da177e4SLinus Torvalds if (error) 31741da177e4SLinus Torvalds return error; 31751da177e4SLinus Torvalds 31761da177e4SLinus Torvalds dget(new_dentry); 31771da177e4SLinus Torvalds target = new_dentry->d_inode; 31781da177e4SLinus Torvalds if (target) 31791b1dcc1bSJes Sorensen mutex_lock(&target->i_mutex); 31801da177e4SLinus Torvalds if (d_mountpoint(old_dentry)||d_mountpoint(new_dentry)) 31811da177e4SLinus Torvalds error = -EBUSY; 31821da177e4SLinus Torvalds else 31831da177e4SLinus Torvalds error = old_dir->i_op->rename(old_dir, old_dentry, new_dir, new_dentry); 31841da177e4SLinus Torvalds if (!error) { 3185bec1052eSAl Viro if (target) 3186d83c49f3SAl Viro dont_mount(new_dentry); 3187349457ccSMark Fasheh if (!(old_dir->i_sb->s_type->fs_flags & FS_RENAME_DOES_D_MOVE)) 31881da177e4SLinus Torvalds d_move(old_dentry, new_dentry); 31891da177e4SLinus Torvalds } 31901da177e4SLinus Torvalds if (target) 31911b1dcc1bSJes Sorensen mutex_unlock(&target->i_mutex); 31921da177e4SLinus Torvalds dput(new_dentry); 31931da177e4SLinus Torvalds return error; 31941da177e4SLinus Torvalds } 31951da177e4SLinus Torvalds 31961da177e4SLinus Torvalds int vfs_rename(struct inode *old_dir, struct dentry *old_dentry, 31971da177e4SLinus Torvalds struct inode *new_dir, struct dentry *new_dentry) 31981da177e4SLinus Torvalds { 31991da177e4SLinus Torvalds int error; 32001da177e4SLinus Torvalds int is_dir = S_ISDIR(old_dentry->d_inode->i_mode); 320159b0df21SEric Paris const unsigned char *old_name; 32021da177e4SLinus Torvalds 32031da177e4SLinus Torvalds if (old_dentry->d_inode == new_dentry->d_inode) 32041da177e4SLinus Torvalds return 0; 32051da177e4SLinus Torvalds 32061da177e4SLinus Torvalds error = may_delete(old_dir, old_dentry, is_dir); 32071da177e4SLinus Torvalds if (error) 32081da177e4SLinus Torvalds return error; 32091da177e4SLinus Torvalds 32101da177e4SLinus Torvalds if (!new_dentry->d_inode) 3211a95164d9SMiklos Szeredi error = may_create(new_dir, new_dentry); 32121da177e4SLinus Torvalds else 32131da177e4SLinus Torvalds error = may_delete(new_dir, new_dentry, is_dir); 32141da177e4SLinus Torvalds if (error) 32151da177e4SLinus Torvalds return error; 32161da177e4SLinus Torvalds 3217acfa4380SAl Viro if (!old_dir->i_op->rename) 32181da177e4SLinus Torvalds return -EPERM; 32191da177e4SLinus Torvalds 32200eeca283SRobert Love old_name = fsnotify_oldname_init(old_dentry->d_name.name); 32210eeca283SRobert Love 32221da177e4SLinus Torvalds if (is_dir) 32231da177e4SLinus Torvalds error = vfs_rename_dir(old_dir,old_dentry,new_dir,new_dentry); 32241da177e4SLinus Torvalds else 32251da177e4SLinus Torvalds error = vfs_rename_other(old_dir,old_dentry,new_dir,new_dentry); 3226123df294SAl Viro if (!error) 3227123df294SAl Viro fsnotify_move(old_dir, new_dir, old_name, is_dir, 32285a190ae6SAl Viro new_dentry->d_inode, old_dentry); 32290eeca283SRobert Love fsnotify_oldname_free(old_name); 32300eeca283SRobert Love 32311da177e4SLinus Torvalds return error; 32321da177e4SLinus Torvalds } 32331da177e4SLinus Torvalds 32342e4d0924SHeiko Carstens SYSCALL_DEFINE4(renameat, int, olddfd, const char __user *, oldname, 32352e4d0924SHeiko Carstens int, newdfd, const char __user *, newname) 32361da177e4SLinus Torvalds { 32371da177e4SLinus Torvalds struct dentry *old_dir, *new_dir; 32381da177e4SLinus Torvalds struct dentry *old_dentry, *new_dentry; 32391da177e4SLinus Torvalds struct dentry *trap; 32401da177e4SLinus Torvalds struct nameidata oldnd, newnd; 32412ad94ae6SAl Viro char *from; 32422ad94ae6SAl Viro char *to; 32432ad94ae6SAl Viro int error; 32441da177e4SLinus Torvalds 32452ad94ae6SAl Viro error = user_path_parent(olddfd, oldname, &oldnd, &from); 32461da177e4SLinus Torvalds if (error) 32471da177e4SLinus Torvalds goto exit; 32481da177e4SLinus Torvalds 32492ad94ae6SAl Viro error = user_path_parent(newdfd, newname, &newnd, &to); 32501da177e4SLinus Torvalds if (error) 32511da177e4SLinus Torvalds goto exit1; 32521da177e4SLinus Torvalds 32531da177e4SLinus Torvalds error = -EXDEV; 32544ac91378SJan Blunck if (oldnd.path.mnt != newnd.path.mnt) 32551da177e4SLinus Torvalds goto exit2; 32561da177e4SLinus Torvalds 32574ac91378SJan Blunck old_dir = oldnd.path.dentry; 32581da177e4SLinus Torvalds error = -EBUSY; 32591da177e4SLinus Torvalds if (oldnd.last_type != LAST_NORM) 32601da177e4SLinus Torvalds goto exit2; 32611da177e4SLinus Torvalds 32624ac91378SJan Blunck new_dir = newnd.path.dentry; 32631da177e4SLinus Torvalds if (newnd.last_type != LAST_NORM) 32641da177e4SLinus Torvalds goto exit2; 32651da177e4SLinus Torvalds 32660612d9fbSOGAWA Hirofumi oldnd.flags &= ~LOOKUP_PARENT; 32670612d9fbSOGAWA Hirofumi newnd.flags &= ~LOOKUP_PARENT; 32684e9ed2f8SOGAWA Hirofumi newnd.flags |= LOOKUP_RENAME_TARGET; 32690612d9fbSOGAWA Hirofumi 32701da177e4SLinus Torvalds trap = lock_rename(new_dir, old_dir); 32711da177e4SLinus Torvalds 327249705b77SChristoph Hellwig old_dentry = lookup_hash(&oldnd); 32731da177e4SLinus Torvalds error = PTR_ERR(old_dentry); 32741da177e4SLinus Torvalds if (IS_ERR(old_dentry)) 32751da177e4SLinus Torvalds goto exit3; 32761da177e4SLinus Torvalds /* source must exist */ 32771da177e4SLinus Torvalds error = -ENOENT; 32781da177e4SLinus Torvalds if (!old_dentry->d_inode) 32791da177e4SLinus Torvalds goto exit4; 32801da177e4SLinus Torvalds /* unless the source is a directory trailing slashes give -ENOTDIR */ 32811da177e4SLinus Torvalds if (!S_ISDIR(old_dentry->d_inode->i_mode)) { 32821da177e4SLinus Torvalds error = -ENOTDIR; 32831da177e4SLinus Torvalds if (oldnd.last.name[oldnd.last.len]) 32841da177e4SLinus Torvalds goto exit4; 32851da177e4SLinus Torvalds if (newnd.last.name[newnd.last.len]) 32861da177e4SLinus Torvalds goto exit4; 32871da177e4SLinus Torvalds } 32881da177e4SLinus Torvalds /* source should not be ancestor of target */ 32891da177e4SLinus Torvalds error = -EINVAL; 32901da177e4SLinus Torvalds if (old_dentry == trap) 32911da177e4SLinus Torvalds goto exit4; 329249705b77SChristoph Hellwig new_dentry = lookup_hash(&newnd); 32931da177e4SLinus Torvalds error = PTR_ERR(new_dentry); 32941da177e4SLinus Torvalds if (IS_ERR(new_dentry)) 32951da177e4SLinus Torvalds goto exit4; 32961da177e4SLinus Torvalds /* target should not be an ancestor of source */ 32971da177e4SLinus Torvalds error = -ENOTEMPTY; 32981da177e4SLinus Torvalds if (new_dentry == trap) 32991da177e4SLinus Torvalds goto exit5; 33001da177e4SLinus Torvalds 33019079b1ebSDave Hansen error = mnt_want_write(oldnd.path.mnt); 33029079b1ebSDave Hansen if (error) 33039079b1ebSDave Hansen goto exit5; 3304be6d3e56SKentaro Takeda error = security_path_rename(&oldnd.path, old_dentry, 3305be6d3e56SKentaro Takeda &newnd.path, new_dentry); 3306be6d3e56SKentaro Takeda if (error) 3307be6d3e56SKentaro Takeda goto exit6; 33081da177e4SLinus Torvalds error = vfs_rename(old_dir->d_inode, old_dentry, 33091da177e4SLinus Torvalds new_dir->d_inode, new_dentry); 3310be6d3e56SKentaro Takeda exit6: 33119079b1ebSDave Hansen mnt_drop_write(oldnd.path.mnt); 33121da177e4SLinus Torvalds exit5: 33131da177e4SLinus Torvalds dput(new_dentry); 33141da177e4SLinus Torvalds exit4: 33151da177e4SLinus Torvalds dput(old_dentry); 33161da177e4SLinus Torvalds exit3: 33171da177e4SLinus Torvalds unlock_rename(new_dir, old_dir); 33181da177e4SLinus Torvalds exit2: 33191d957f9bSJan Blunck path_put(&newnd.path); 33202ad94ae6SAl Viro putname(to); 33211da177e4SLinus Torvalds exit1: 33221d957f9bSJan Blunck path_put(&oldnd.path); 33231da177e4SLinus Torvalds putname(from); 33242ad94ae6SAl Viro exit: 33251da177e4SLinus Torvalds return error; 33261da177e4SLinus Torvalds } 33271da177e4SLinus Torvalds 3328a26eab24SHeiko Carstens SYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newname) 33295590ff0dSUlrich Drepper { 33305590ff0dSUlrich Drepper return sys_renameat(AT_FDCWD, oldname, AT_FDCWD, newname); 33315590ff0dSUlrich Drepper } 33325590ff0dSUlrich Drepper 33331da177e4SLinus Torvalds int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const char *link) 33341da177e4SLinus Torvalds { 33351da177e4SLinus Torvalds int len; 33361da177e4SLinus Torvalds 33371da177e4SLinus Torvalds len = PTR_ERR(link); 33381da177e4SLinus Torvalds if (IS_ERR(link)) 33391da177e4SLinus Torvalds goto out; 33401da177e4SLinus Torvalds 33411da177e4SLinus Torvalds len = strlen(link); 33421da177e4SLinus Torvalds if (len > (unsigned) buflen) 33431da177e4SLinus Torvalds len = buflen; 33441da177e4SLinus Torvalds if (copy_to_user(buffer, link, len)) 33451da177e4SLinus Torvalds len = -EFAULT; 33461da177e4SLinus Torvalds out: 33471da177e4SLinus Torvalds return len; 33481da177e4SLinus Torvalds } 33491da177e4SLinus Torvalds 33501da177e4SLinus Torvalds /* 33511da177e4SLinus Torvalds * A helper for ->readlink(). This should be used *ONLY* for symlinks that 33521da177e4SLinus Torvalds * have ->follow_link() touching nd only in nd_set_link(). Using (or not 33531da177e4SLinus Torvalds * using) it for any given inode is up to filesystem. 33541da177e4SLinus Torvalds */ 33551da177e4SLinus Torvalds int generic_readlink(struct dentry *dentry, char __user *buffer, int buflen) 33561da177e4SLinus Torvalds { 33571da177e4SLinus Torvalds struct nameidata nd; 3358cc314eefSLinus Torvalds void *cookie; 3359694a1764SMarcin Slusarz int res; 3360cc314eefSLinus Torvalds 33611da177e4SLinus Torvalds nd.depth = 0; 3362cc314eefSLinus Torvalds cookie = dentry->d_inode->i_op->follow_link(dentry, &nd); 3363694a1764SMarcin Slusarz if (IS_ERR(cookie)) 3364694a1764SMarcin Slusarz return PTR_ERR(cookie); 3365694a1764SMarcin Slusarz 3366694a1764SMarcin Slusarz res = vfs_readlink(dentry, buffer, buflen, nd_get_link(&nd)); 33671da177e4SLinus Torvalds if (dentry->d_inode->i_op->put_link) 3368cc314eefSLinus Torvalds dentry->d_inode->i_op->put_link(dentry, &nd, cookie); 3369694a1764SMarcin Slusarz return res; 33701da177e4SLinus Torvalds } 33711da177e4SLinus Torvalds 33721da177e4SLinus Torvalds int vfs_follow_link(struct nameidata *nd, const char *link) 33731da177e4SLinus Torvalds { 33741da177e4SLinus Torvalds return __vfs_follow_link(nd, link); 33751da177e4SLinus Torvalds } 33761da177e4SLinus Torvalds 33771da177e4SLinus Torvalds /* get the link contents into pagecache */ 33781da177e4SLinus Torvalds static char *page_getlink(struct dentry * dentry, struct page **ppage) 33791da177e4SLinus Torvalds { 3380ebd09abbSDuane Griffin char *kaddr; 33811da177e4SLinus Torvalds struct page *page; 33821da177e4SLinus Torvalds struct address_space *mapping = dentry->d_inode->i_mapping; 3383090d2b18SPekka Enberg page = read_mapping_page(mapping, 0, NULL); 33841da177e4SLinus Torvalds if (IS_ERR(page)) 33856fe6900eSNick Piggin return (char*)page; 33861da177e4SLinus Torvalds *ppage = page; 3387ebd09abbSDuane Griffin kaddr = kmap(page); 3388ebd09abbSDuane Griffin nd_terminate_link(kaddr, dentry->d_inode->i_size, PAGE_SIZE - 1); 3389ebd09abbSDuane Griffin return kaddr; 33901da177e4SLinus Torvalds } 33911da177e4SLinus Torvalds 33921da177e4SLinus Torvalds int page_readlink(struct dentry *dentry, char __user *buffer, int buflen) 33931da177e4SLinus Torvalds { 33941da177e4SLinus Torvalds struct page *page = NULL; 33951da177e4SLinus Torvalds char *s = page_getlink(dentry, &page); 33961da177e4SLinus Torvalds int res = vfs_readlink(dentry,buffer,buflen,s); 33971da177e4SLinus Torvalds if (page) { 33981da177e4SLinus Torvalds kunmap(page); 33991da177e4SLinus Torvalds page_cache_release(page); 34001da177e4SLinus Torvalds } 34011da177e4SLinus Torvalds return res; 34021da177e4SLinus Torvalds } 34031da177e4SLinus Torvalds 3404cc314eefSLinus Torvalds void *page_follow_link_light(struct dentry *dentry, struct nameidata *nd) 34051da177e4SLinus Torvalds { 3406cc314eefSLinus Torvalds struct page *page = NULL; 34071da177e4SLinus Torvalds nd_set_link(nd, page_getlink(dentry, &page)); 3408cc314eefSLinus Torvalds return page; 34091da177e4SLinus Torvalds } 34101da177e4SLinus Torvalds 3411cc314eefSLinus Torvalds void page_put_link(struct dentry *dentry, struct nameidata *nd, void *cookie) 34121da177e4SLinus Torvalds { 3413cc314eefSLinus Torvalds struct page *page = cookie; 3414cc314eefSLinus Torvalds 3415cc314eefSLinus Torvalds if (page) { 34161da177e4SLinus Torvalds kunmap(page); 34171da177e4SLinus Torvalds page_cache_release(page); 34181da177e4SLinus Torvalds } 34191da177e4SLinus Torvalds } 34201da177e4SLinus Torvalds 342154566b2cSNick Piggin /* 342254566b2cSNick Piggin * The nofs argument instructs pagecache_write_begin to pass AOP_FLAG_NOFS 342354566b2cSNick Piggin */ 342454566b2cSNick Piggin int __page_symlink(struct inode *inode, const char *symname, int len, int nofs) 34251da177e4SLinus Torvalds { 34261da177e4SLinus Torvalds struct address_space *mapping = inode->i_mapping; 34270adb25d2SKirill Korotaev struct page *page; 3428afddba49SNick Piggin void *fsdata; 3429beb497abSDmitriy Monakhov int err; 34301da177e4SLinus Torvalds char *kaddr; 343154566b2cSNick Piggin unsigned int flags = AOP_FLAG_UNINTERRUPTIBLE; 343254566b2cSNick Piggin if (nofs) 343354566b2cSNick Piggin flags |= AOP_FLAG_NOFS; 34341da177e4SLinus Torvalds 34357e53cac4SNeilBrown retry: 3436afddba49SNick Piggin err = pagecache_write_begin(NULL, mapping, 0, len-1, 343754566b2cSNick Piggin flags, &page, &fsdata); 34381da177e4SLinus Torvalds if (err) 3439afddba49SNick Piggin goto fail; 3440afddba49SNick Piggin 34411da177e4SLinus Torvalds kaddr = kmap_atomic(page, KM_USER0); 34421da177e4SLinus Torvalds memcpy(kaddr, symname, len-1); 34431da177e4SLinus Torvalds kunmap_atomic(kaddr, KM_USER0); 3444afddba49SNick Piggin 3445afddba49SNick Piggin err = pagecache_write_end(NULL, mapping, 0, len-1, len-1, 3446afddba49SNick Piggin page, fsdata); 34471da177e4SLinus Torvalds if (err < 0) 34481da177e4SLinus Torvalds goto fail; 3449afddba49SNick Piggin if (err < len-1) 3450afddba49SNick Piggin goto retry; 3451afddba49SNick Piggin 34521da177e4SLinus Torvalds mark_inode_dirty(inode); 34531da177e4SLinus Torvalds return 0; 34541da177e4SLinus Torvalds fail: 34551da177e4SLinus Torvalds return err; 34561da177e4SLinus Torvalds } 34571da177e4SLinus Torvalds 34580adb25d2SKirill Korotaev int page_symlink(struct inode *inode, const char *symname, int len) 34590adb25d2SKirill Korotaev { 34600adb25d2SKirill Korotaev return __page_symlink(inode, symname, len, 346154566b2cSNick Piggin !(mapping_gfp_mask(inode->i_mapping) & __GFP_FS)); 34620adb25d2SKirill Korotaev } 34630adb25d2SKirill Korotaev 346492e1d5beSArjan van de Ven const struct inode_operations page_symlink_inode_operations = { 34651da177e4SLinus Torvalds .readlink = generic_readlink, 34661da177e4SLinus Torvalds .follow_link = page_follow_link_light, 34671da177e4SLinus Torvalds .put_link = page_put_link, 34681da177e4SLinus Torvalds }; 34691da177e4SLinus Torvalds 34702d8f3038SAl Viro EXPORT_SYMBOL(user_path_at); 3471cc53ce53SDavid Howells EXPORT_SYMBOL(follow_down_one); 34721da177e4SLinus Torvalds EXPORT_SYMBOL(follow_down); 34731da177e4SLinus Torvalds EXPORT_SYMBOL(follow_up); 34741da177e4SLinus Torvalds EXPORT_SYMBOL(get_write_access); /* binfmt_aout */ 34751da177e4SLinus Torvalds EXPORT_SYMBOL(getname); 34761da177e4SLinus Torvalds EXPORT_SYMBOL(lock_rename); 34771da177e4SLinus Torvalds EXPORT_SYMBOL(lookup_one_len); 34781da177e4SLinus Torvalds EXPORT_SYMBOL(page_follow_link_light); 34791da177e4SLinus Torvalds EXPORT_SYMBOL(page_put_link); 34801da177e4SLinus Torvalds EXPORT_SYMBOL(page_readlink); 34810adb25d2SKirill Korotaev EXPORT_SYMBOL(__page_symlink); 34821da177e4SLinus Torvalds EXPORT_SYMBOL(page_symlink); 34831da177e4SLinus Torvalds EXPORT_SYMBOL(page_symlink_inode_operations); 3484c9c6cac0SAl Viro EXPORT_SYMBOL(kern_path_parent); 3485d1811465SAl Viro EXPORT_SYMBOL(kern_path); 348616f18200SJosef 'Jeff' Sipek EXPORT_SYMBOL(vfs_path_lookup); 3487f419a2e3SAl Viro EXPORT_SYMBOL(inode_permission); 34888c744fb8SChristoph Hellwig EXPORT_SYMBOL(file_permission); 34891da177e4SLinus Torvalds EXPORT_SYMBOL(unlock_rename); 34901da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_create); 34911da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_follow_link); 34921da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_link); 34931da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_mkdir); 34941da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_mknod); 34951da177e4SLinus Torvalds EXPORT_SYMBOL(generic_permission); 34961da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_readlink); 34971da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_rename); 34981da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_rmdir); 34991da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_symlink); 35001da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_unlink); 35011da177e4SLinus Torvalds EXPORT_SYMBOL(dentry_unhash); 35021da177e4SLinus Torvalds EXPORT_SYMBOL(generic_readlink); 3503