11da177e4SLinus Torvalds /* 21da177e4SLinus Torvalds * linux/fs/namei.c 31da177e4SLinus Torvalds * 41da177e4SLinus Torvalds * Copyright (C) 1991, 1992 Linus Torvalds 51da177e4SLinus Torvalds */ 61da177e4SLinus Torvalds 71da177e4SLinus Torvalds /* 81da177e4SLinus Torvalds * Some corrections by tytso. 91da177e4SLinus Torvalds */ 101da177e4SLinus Torvalds 111da177e4SLinus Torvalds /* [Feb 1997 T. Schoebel-Theuer] Complete rewrite of the pathname 121da177e4SLinus Torvalds * lookup logic. 131da177e4SLinus Torvalds */ 141da177e4SLinus Torvalds /* [Feb-Apr 2000, AV] Rewrite to the new namespace architecture. 151da177e4SLinus Torvalds */ 161da177e4SLinus Torvalds 171da177e4SLinus Torvalds #include <linux/init.h> 181da177e4SLinus Torvalds #include <linux/module.h> 191da177e4SLinus Torvalds #include <linux/slab.h> 201da177e4SLinus Torvalds #include <linux/fs.h> 211da177e4SLinus Torvalds #include <linux/namei.h> 221da177e4SLinus Torvalds #include <linux/pagemap.h> 230eeca283SRobert Love #include <linux/fsnotify.h> 241da177e4SLinus Torvalds #include <linux/personality.h> 251da177e4SLinus Torvalds #include <linux/security.h> 266146f0d5SMimi Zohar #include <linux/ima.h> 271da177e4SLinus Torvalds #include <linux/syscalls.h> 281da177e4SLinus Torvalds #include <linux/mount.h> 291da177e4SLinus Torvalds #include <linux/audit.h> 3016f7e0feSRandy Dunlap #include <linux/capability.h> 31834f2a4aSTrond Myklebust #include <linux/file.h> 325590ff0dSUlrich Drepper #include <linux/fcntl.h> 3308ce5f16SSerge E. Hallyn #include <linux/device_cgroup.h> 345ad4e53bSAl Viro #include <linux/fs_struct.h> 351da177e4SLinus Torvalds #include <asm/uaccess.h> 361da177e4SLinus Torvalds 37e81e3f4dSEric Paris #include "internal.h" 38e81e3f4dSEric Paris 391da177e4SLinus Torvalds /* [Feb-1997 T. Schoebel-Theuer] 401da177e4SLinus Torvalds * Fundamental changes in the pathname lookup mechanisms (namei) 411da177e4SLinus Torvalds * were necessary because of omirr. The reason is that omirr needs 421da177e4SLinus Torvalds * to know the _real_ pathname, not the user-supplied one, in case 431da177e4SLinus Torvalds * of symlinks (and also when transname replacements occur). 441da177e4SLinus Torvalds * 451da177e4SLinus Torvalds * The new code replaces the old recursive symlink resolution with 461da177e4SLinus Torvalds * an iterative one (in case of non-nested symlink chains). It does 471da177e4SLinus Torvalds * this with calls to <fs>_follow_link(). 481da177e4SLinus Torvalds * As a side effect, dir_namei(), _namei() and follow_link() are now 491da177e4SLinus Torvalds * replaced with a single function lookup_dentry() that can handle all 501da177e4SLinus Torvalds * the special cases of the former code. 511da177e4SLinus Torvalds * 521da177e4SLinus Torvalds * With the new dcache, the pathname is stored at each inode, at least as 531da177e4SLinus Torvalds * long as the refcount of the inode is positive. As a side effect, the 541da177e4SLinus Torvalds * size of the dcache depends on the inode cache and thus is dynamic. 551da177e4SLinus Torvalds * 561da177e4SLinus Torvalds * [29-Apr-1998 C. Scott Ananian] Updated above description of symlink 571da177e4SLinus Torvalds * resolution to correspond with current state of the code. 581da177e4SLinus Torvalds * 591da177e4SLinus Torvalds * Note that the symlink resolution is not *completely* iterative. 601da177e4SLinus Torvalds * There is still a significant amount of tail- and mid- recursion in 611da177e4SLinus Torvalds * the algorithm. Also, note that <fs>_readlink() is not used in 621da177e4SLinus Torvalds * lookup_dentry(): lookup_dentry() on the result of <fs>_readlink() 631da177e4SLinus Torvalds * may return different results than <fs>_follow_link(). Many virtual 641da177e4SLinus Torvalds * filesystems (including /proc) exhibit this behavior. 651da177e4SLinus Torvalds */ 661da177e4SLinus Torvalds 671da177e4SLinus Torvalds /* [24-Feb-97 T. Schoebel-Theuer] Side effects caused by new implementation: 681da177e4SLinus Torvalds * New symlink semantics: when open() is called with flags O_CREAT | O_EXCL 691da177e4SLinus Torvalds * and the name already exists in form of a symlink, try to create the new 701da177e4SLinus Torvalds * name indicated by the symlink. The old code always complained that the 711da177e4SLinus Torvalds * name already exists, due to not following the symlink even if its target 721da177e4SLinus Torvalds * is nonexistent. The new semantics affects also mknod() and link() when 731da177e4SLinus Torvalds * the name is a symlink pointing to a non-existant name. 741da177e4SLinus Torvalds * 751da177e4SLinus Torvalds * I don't know which semantics is the right one, since I have no access 761da177e4SLinus Torvalds * to standards. But I found by trial that HP-UX 9.0 has the full "new" 771da177e4SLinus Torvalds * semantics implemented, while SunOS 4.1.1 and Solaris (SunOS 5.4) have the 781da177e4SLinus Torvalds * "old" one. Personally, I think the new semantics is much more logical. 791da177e4SLinus Torvalds * Note that "ln old new" where "new" is a symlink pointing to a non-existing 801da177e4SLinus Torvalds * file does succeed in both HP-UX and SunOs, but not in Solaris 811da177e4SLinus Torvalds * and in the old Linux semantics. 821da177e4SLinus Torvalds */ 831da177e4SLinus Torvalds 841da177e4SLinus Torvalds /* [16-Dec-97 Kevin Buhr] For security reasons, we change some symlink 851da177e4SLinus Torvalds * semantics. See the comments in "open_namei" and "do_link" below. 861da177e4SLinus Torvalds * 871da177e4SLinus Torvalds * [10-Sep-98 Alan Modra] Another symlink change. 881da177e4SLinus Torvalds */ 891da177e4SLinus Torvalds 901da177e4SLinus Torvalds /* [Feb-Apr 2000 AV] Complete rewrite. Rules for symlinks: 911da177e4SLinus Torvalds * inside the path - always follow. 921da177e4SLinus Torvalds * in the last component in creation/removal/renaming - never follow. 931da177e4SLinus Torvalds * if LOOKUP_FOLLOW passed - follow. 941da177e4SLinus Torvalds * if the pathname has trailing slashes - follow. 951da177e4SLinus Torvalds * otherwise - don't follow. 961da177e4SLinus Torvalds * (applied in that order). 971da177e4SLinus Torvalds * 981da177e4SLinus Torvalds * [Jun 2000 AV] Inconsistent behaviour of open() in case if flags==O_CREAT 991da177e4SLinus Torvalds * restored for 2.4. This is the last surviving part of old 4.2BSD bug. 1001da177e4SLinus Torvalds * During the 2.4 we need to fix the userland stuff depending on it - 1011da177e4SLinus Torvalds * hopefully we will be able to get rid of that wart in 2.5. So far only 1021da177e4SLinus Torvalds * XEmacs seems to be relying on it... 1031da177e4SLinus Torvalds */ 1041da177e4SLinus Torvalds /* 1051da177e4SLinus Torvalds * [Sep 2001 AV] Single-semaphore locking scheme (kudos to David Holland) 106a11f3a05SArjan van de Ven * implemented. Let's see if raised priority of ->s_vfs_rename_mutex gives 1071da177e4SLinus Torvalds * any extra contention... 1081da177e4SLinus Torvalds */ 1091da177e4SLinus Torvalds 1101da177e4SLinus Torvalds /* In order to reduce some races, while at the same time doing additional 1111da177e4SLinus Torvalds * checking and hopefully speeding things up, we copy filenames to the 1121da177e4SLinus Torvalds * kernel data space before using them.. 1131da177e4SLinus Torvalds * 1141da177e4SLinus Torvalds * POSIX.1 2.4: an empty pathname is invalid (ENOENT). 1151da177e4SLinus Torvalds * PATH_MAX includes the nul terminator --RR. 1161da177e4SLinus Torvalds */ 117858119e1SArjan van de Ven static int do_getname(const char __user *filename, char *page) 1181da177e4SLinus Torvalds { 1191da177e4SLinus Torvalds int retval; 1201da177e4SLinus Torvalds unsigned long len = PATH_MAX; 1211da177e4SLinus Torvalds 1221da177e4SLinus Torvalds if (!segment_eq(get_fs(), KERNEL_DS)) { 1231da177e4SLinus Torvalds if ((unsigned long) filename >= TASK_SIZE) 1241da177e4SLinus Torvalds return -EFAULT; 1251da177e4SLinus Torvalds if (TASK_SIZE - (unsigned long) filename < PATH_MAX) 1261da177e4SLinus Torvalds len = TASK_SIZE - (unsigned long) filename; 1271da177e4SLinus Torvalds } 1281da177e4SLinus Torvalds 1291da177e4SLinus Torvalds retval = strncpy_from_user(page, filename, len); 1301da177e4SLinus Torvalds if (retval > 0) { 1311da177e4SLinus Torvalds if (retval < len) 1321da177e4SLinus Torvalds return 0; 1331da177e4SLinus Torvalds return -ENAMETOOLONG; 1341da177e4SLinus Torvalds } else if (!retval) 1351da177e4SLinus Torvalds retval = -ENOENT; 1361da177e4SLinus Torvalds return retval; 1371da177e4SLinus Torvalds } 1381da177e4SLinus Torvalds 1391da177e4SLinus Torvalds char * getname(const char __user * filename) 1401da177e4SLinus Torvalds { 1411da177e4SLinus Torvalds char *tmp, *result; 1421da177e4SLinus Torvalds 1431da177e4SLinus Torvalds result = ERR_PTR(-ENOMEM); 1441da177e4SLinus Torvalds tmp = __getname(); 1451da177e4SLinus Torvalds if (tmp) { 1461da177e4SLinus Torvalds int retval = do_getname(filename, tmp); 1471da177e4SLinus Torvalds 1481da177e4SLinus Torvalds result = tmp; 1491da177e4SLinus Torvalds if (retval < 0) { 1501da177e4SLinus Torvalds __putname(tmp); 1511da177e4SLinus Torvalds result = ERR_PTR(retval); 1521da177e4SLinus Torvalds } 1531da177e4SLinus Torvalds } 1541da177e4SLinus Torvalds audit_getname(result); 1551da177e4SLinus Torvalds return result; 1561da177e4SLinus Torvalds } 1571da177e4SLinus Torvalds 1581da177e4SLinus Torvalds #ifdef CONFIG_AUDITSYSCALL 1591da177e4SLinus Torvalds void putname(const char *name) 1601da177e4SLinus Torvalds { 1615ac3a9c2SAl Viro if (unlikely(!audit_dummy_context())) 1621da177e4SLinus Torvalds audit_putname(name); 1631da177e4SLinus Torvalds else 1641da177e4SLinus Torvalds __putname(name); 1651da177e4SLinus Torvalds } 1661da177e4SLinus Torvalds EXPORT_SYMBOL(putname); 1671da177e4SLinus Torvalds #endif 1681da177e4SLinus Torvalds 1695909ccaaSLinus Torvalds /* 1705909ccaaSLinus Torvalds * This does basic POSIX ACL permission checking 1715909ccaaSLinus Torvalds */ 172b74c79e9SNick Piggin static int acl_permission_check(struct inode *inode, int mask, unsigned int flags, 173b74c79e9SNick Piggin int (*check_acl)(struct inode *inode, int mask, unsigned int flags)) 1745909ccaaSLinus Torvalds { 1755909ccaaSLinus Torvalds umode_t mode = inode->i_mode; 1765909ccaaSLinus Torvalds 1775909ccaaSLinus Torvalds mask &= MAY_READ | MAY_WRITE | MAY_EXEC; 1785909ccaaSLinus Torvalds 1795909ccaaSLinus Torvalds if (current_fsuid() == inode->i_uid) 1805909ccaaSLinus Torvalds mode >>= 6; 1815909ccaaSLinus Torvalds else { 1825909ccaaSLinus Torvalds if (IS_POSIXACL(inode) && (mode & S_IRWXG) && check_acl) { 183b74c79e9SNick Piggin int error = check_acl(inode, mask, flags); 1845909ccaaSLinus Torvalds if (error != -EAGAIN) 1855909ccaaSLinus Torvalds return error; 1865909ccaaSLinus Torvalds } 1875909ccaaSLinus Torvalds 1885909ccaaSLinus Torvalds if (in_group_p(inode->i_gid)) 1895909ccaaSLinus Torvalds mode >>= 3; 1905909ccaaSLinus Torvalds } 1915909ccaaSLinus Torvalds 1925909ccaaSLinus Torvalds /* 1935909ccaaSLinus Torvalds * If the DACs are ok we don't need any capability check. 1945909ccaaSLinus Torvalds */ 1955909ccaaSLinus Torvalds if ((mask & ~mode) == 0) 1965909ccaaSLinus Torvalds return 0; 1975909ccaaSLinus Torvalds return -EACCES; 1985909ccaaSLinus Torvalds } 1991da177e4SLinus Torvalds 2001da177e4SLinus Torvalds /** 2011da177e4SLinus Torvalds * generic_permission - check for access rights on a Posix-like filesystem 2021da177e4SLinus Torvalds * @inode: inode to check access rights for 2031da177e4SLinus Torvalds * @mask: right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC) 2041da177e4SLinus Torvalds * @check_acl: optional callback to check for Posix ACLs 20539191628SRandy Dunlap * @flags: IPERM_FLAG_ flags. 2061da177e4SLinus Torvalds * 2071da177e4SLinus Torvalds * Used to check for read/write/execute permissions on a file. 2081da177e4SLinus Torvalds * We use "fsuid" for this, letting us set arbitrary permissions 2091da177e4SLinus Torvalds * for filesystem access without changing the "normal" uids which 210b74c79e9SNick Piggin * are used for other things. 211b74c79e9SNick Piggin * 212b74c79e9SNick Piggin * generic_permission is rcu-walk aware. It returns -ECHILD in case an rcu-walk 213b74c79e9SNick Piggin * request cannot be satisfied (eg. requires blocking or too much complexity). 214b74c79e9SNick Piggin * It would then be called again in ref-walk mode. 2151da177e4SLinus Torvalds */ 216b74c79e9SNick Piggin int generic_permission(struct inode *inode, int mask, unsigned int flags, 217b74c79e9SNick Piggin int (*check_acl)(struct inode *inode, int mask, unsigned int flags)) 2181da177e4SLinus Torvalds { 2195909ccaaSLinus Torvalds int ret; 2201da177e4SLinus Torvalds 2211da177e4SLinus Torvalds /* 2225909ccaaSLinus Torvalds * Do the basic POSIX ACL permission checks. 2231da177e4SLinus Torvalds */ 224b74c79e9SNick Piggin ret = acl_permission_check(inode, mask, flags, check_acl); 2255909ccaaSLinus Torvalds if (ret != -EACCES) 2265909ccaaSLinus Torvalds return ret; 2271da177e4SLinus Torvalds 2281da177e4SLinus Torvalds /* 2291da177e4SLinus Torvalds * Read/write DACs are always overridable. 2301da177e4SLinus Torvalds * Executable DACs are overridable if at least one exec bit is set. 2311da177e4SLinus Torvalds */ 232f696a365SMiklos Szeredi if (!(mask & MAY_EXEC) || execute_ok(inode)) 2331da177e4SLinus Torvalds if (capable(CAP_DAC_OVERRIDE)) 2341da177e4SLinus Torvalds return 0; 2351da177e4SLinus Torvalds 2361da177e4SLinus Torvalds /* 2371da177e4SLinus Torvalds * Searching includes executable on directories, else just read. 2381da177e4SLinus Torvalds */ 2397ea66001SSerge E. Hallyn mask &= MAY_READ | MAY_WRITE | MAY_EXEC; 2401da177e4SLinus Torvalds if (mask == MAY_READ || (S_ISDIR(inode->i_mode) && !(mask & MAY_WRITE))) 2411da177e4SLinus Torvalds if (capable(CAP_DAC_READ_SEARCH)) 2421da177e4SLinus Torvalds return 0; 2431da177e4SLinus Torvalds 2441da177e4SLinus Torvalds return -EACCES; 2451da177e4SLinus Torvalds } 2461da177e4SLinus Torvalds 247cb23beb5SChristoph Hellwig /** 248cb23beb5SChristoph Hellwig * inode_permission - check for access rights to a given inode 249cb23beb5SChristoph Hellwig * @inode: inode to check permission on 250cb23beb5SChristoph Hellwig * @mask: right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC) 251cb23beb5SChristoph Hellwig * 252cb23beb5SChristoph Hellwig * Used to check for read/write/execute permissions on an inode. 253cb23beb5SChristoph Hellwig * We use "fsuid" for this, letting us set arbitrary permissions 254cb23beb5SChristoph Hellwig * for filesystem access without changing the "normal" uids which 255cb23beb5SChristoph Hellwig * are used for other things. 256cb23beb5SChristoph Hellwig */ 257f419a2e3SAl Viro int inode_permission(struct inode *inode, int mask) 2581da177e4SLinus Torvalds { 259e6305c43SAl Viro int retval; 2601da177e4SLinus Torvalds 2611da177e4SLinus Torvalds if (mask & MAY_WRITE) { 26222590e41SMiklos Szeredi umode_t mode = inode->i_mode; 2631da177e4SLinus Torvalds 2641da177e4SLinus Torvalds /* 2651da177e4SLinus Torvalds * Nobody gets write access to a read-only fs. 2661da177e4SLinus Torvalds */ 2671da177e4SLinus Torvalds if (IS_RDONLY(inode) && 2681da177e4SLinus Torvalds (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode))) 2691da177e4SLinus Torvalds return -EROFS; 2701da177e4SLinus Torvalds 2711da177e4SLinus Torvalds /* 2721da177e4SLinus Torvalds * Nobody gets write access to an immutable file. 2731da177e4SLinus Torvalds */ 2741da177e4SLinus Torvalds if (IS_IMMUTABLE(inode)) 2751da177e4SLinus Torvalds return -EACCES; 2761da177e4SLinus Torvalds } 2771da177e4SLinus Torvalds 278acfa4380SAl Viro if (inode->i_op->permission) 279b74c79e9SNick Piggin retval = inode->i_op->permission(inode, mask, 0); 280f696a365SMiklos Szeredi else 281b74c79e9SNick Piggin retval = generic_permission(inode, mask, 0, 282b74c79e9SNick Piggin inode->i_op->check_acl); 283f696a365SMiklos Szeredi 2841da177e4SLinus Torvalds if (retval) 2851da177e4SLinus Torvalds return retval; 2861da177e4SLinus Torvalds 28708ce5f16SSerge E. Hallyn retval = devcgroup_inode_permission(inode, mask); 28808ce5f16SSerge E. Hallyn if (retval) 28908ce5f16SSerge E. Hallyn return retval; 29008ce5f16SSerge E. Hallyn 291d09ca739SEric Paris return security_inode_permission(inode, mask); 2921da177e4SLinus Torvalds } 2931da177e4SLinus Torvalds 294e4543eddSChristoph Hellwig /** 2958c744fb8SChristoph Hellwig * file_permission - check for additional access rights to a given file 2968c744fb8SChristoph Hellwig * @file: file to check access rights for 2978c744fb8SChristoph Hellwig * @mask: right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC) 2988c744fb8SChristoph Hellwig * 2998c744fb8SChristoph Hellwig * Used to check for read/write/execute permissions on an already opened 3008c744fb8SChristoph Hellwig * file. 3018c744fb8SChristoph Hellwig * 3028c744fb8SChristoph Hellwig * Note: 3038c744fb8SChristoph Hellwig * Do not use this function in new code. All access checks should 304cb23beb5SChristoph Hellwig * be done using inode_permission(). 3058c744fb8SChristoph Hellwig */ 3068c744fb8SChristoph Hellwig int file_permission(struct file *file, int mask) 3078c744fb8SChristoph Hellwig { 308f419a2e3SAl Viro return inode_permission(file->f_path.dentry->d_inode, mask); 3098c744fb8SChristoph Hellwig } 3108c744fb8SChristoph Hellwig 3111da177e4SLinus Torvalds /* 3121da177e4SLinus Torvalds * get_write_access() gets write permission for a file. 3131da177e4SLinus Torvalds * put_write_access() releases this write permission. 3141da177e4SLinus Torvalds * This is used for regular files. 3151da177e4SLinus Torvalds * We cannot support write (and maybe mmap read-write shared) accesses and 3161da177e4SLinus Torvalds * MAP_DENYWRITE mmappings simultaneously. The i_writecount field of an inode 3171da177e4SLinus Torvalds * can have the following values: 3181da177e4SLinus Torvalds * 0: no writers, no VM_DENYWRITE mappings 3191da177e4SLinus Torvalds * < 0: (-i_writecount) vm_area_structs with VM_DENYWRITE set exist 3201da177e4SLinus Torvalds * > 0: (i_writecount) users are writing to the file. 3211da177e4SLinus Torvalds * 3221da177e4SLinus Torvalds * Normally we operate on that counter with atomic_{inc,dec} and it's safe 3231da177e4SLinus Torvalds * except for the cases where we don't hold i_writecount yet. Then we need to 3241da177e4SLinus Torvalds * use {get,deny}_write_access() - these functions check the sign and refuse 3251da177e4SLinus Torvalds * to do the change if sign is wrong. Exclusion between them is provided by 3261da177e4SLinus Torvalds * the inode->i_lock spinlock. 3271da177e4SLinus Torvalds */ 3281da177e4SLinus Torvalds 3291da177e4SLinus Torvalds int get_write_access(struct inode * inode) 3301da177e4SLinus Torvalds { 3311da177e4SLinus Torvalds spin_lock(&inode->i_lock); 3321da177e4SLinus Torvalds if (atomic_read(&inode->i_writecount) < 0) { 3331da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 3341da177e4SLinus Torvalds return -ETXTBSY; 3351da177e4SLinus Torvalds } 3361da177e4SLinus Torvalds atomic_inc(&inode->i_writecount); 3371da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 3381da177e4SLinus Torvalds 3391da177e4SLinus Torvalds return 0; 3401da177e4SLinus Torvalds } 3411da177e4SLinus Torvalds 3421da177e4SLinus Torvalds int deny_write_access(struct file * file) 3431da177e4SLinus Torvalds { 3440f7fc9e4SJosef "Jeff" Sipek struct inode *inode = file->f_path.dentry->d_inode; 3451da177e4SLinus Torvalds 3461da177e4SLinus Torvalds spin_lock(&inode->i_lock); 3471da177e4SLinus Torvalds if (atomic_read(&inode->i_writecount) > 0) { 3481da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 3491da177e4SLinus Torvalds return -ETXTBSY; 3501da177e4SLinus Torvalds } 3511da177e4SLinus Torvalds atomic_dec(&inode->i_writecount); 3521da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 3531da177e4SLinus Torvalds 3541da177e4SLinus Torvalds return 0; 3551da177e4SLinus Torvalds } 3561da177e4SLinus Torvalds 3571d957f9bSJan Blunck /** 3585dd784d0SJan Blunck * path_get - get a reference to a path 3595dd784d0SJan Blunck * @path: path to get the reference to 3605dd784d0SJan Blunck * 3615dd784d0SJan Blunck * Given a path increment the reference count to the dentry and the vfsmount. 3625dd784d0SJan Blunck */ 3635dd784d0SJan Blunck void path_get(struct path *path) 3645dd784d0SJan Blunck { 3655dd784d0SJan Blunck mntget(path->mnt); 3665dd784d0SJan Blunck dget(path->dentry); 3675dd784d0SJan Blunck } 3685dd784d0SJan Blunck EXPORT_SYMBOL(path_get); 3695dd784d0SJan Blunck 3705dd784d0SJan Blunck /** 3711d957f9bSJan Blunck * path_put - put a reference to a path 3721d957f9bSJan Blunck * @path: path to put the reference to 3731d957f9bSJan Blunck * 3741d957f9bSJan Blunck * Given a path decrement the reference count to the dentry and the vfsmount. 3751d957f9bSJan Blunck */ 3761d957f9bSJan Blunck void path_put(struct path *path) 3771da177e4SLinus Torvalds { 3781d957f9bSJan Blunck dput(path->dentry); 3791d957f9bSJan Blunck mntput(path->mnt); 3801da177e4SLinus Torvalds } 3811d957f9bSJan Blunck EXPORT_SYMBOL(path_put); 3821da177e4SLinus Torvalds 383834f2a4aSTrond Myklebust /** 38431e6b01fSNick Piggin * nameidata_drop_rcu - drop this nameidata out of rcu-walk 38531e6b01fSNick Piggin * @nd: nameidata pathwalk data to drop 38639191628SRandy Dunlap * Returns: 0 on success, -ECHILD on failure 38731e6b01fSNick Piggin * 38831e6b01fSNick Piggin * Path walking has 2 modes, rcu-walk and ref-walk (see 38931e6b01fSNick Piggin * Documentation/filesystems/path-lookup.txt). __drop_rcu* functions attempt 39031e6b01fSNick Piggin * to drop out of rcu-walk mode and take normal reference counts on dentries 39131e6b01fSNick Piggin * and vfsmounts to transition to rcu-walk mode. __drop_rcu* functions take 39231e6b01fSNick Piggin * refcounts at the last known good point before rcu-walk got stuck, so 39331e6b01fSNick Piggin * ref-walk may continue from there. If this is not successful (eg. a seqcount 39431e6b01fSNick Piggin * has changed), then failure is returned and path walk restarts from the 39531e6b01fSNick Piggin * beginning in ref-walk mode. 39631e6b01fSNick Piggin * 39731e6b01fSNick Piggin * nameidata_drop_rcu attempts to drop the current nd->path and nd->root into 39831e6b01fSNick Piggin * ref-walk. Must be called from rcu-walk context. 39931e6b01fSNick Piggin */ 40031e6b01fSNick Piggin static int nameidata_drop_rcu(struct nameidata *nd) 40131e6b01fSNick Piggin { 40231e6b01fSNick Piggin struct fs_struct *fs = current->fs; 40331e6b01fSNick Piggin struct dentry *dentry = nd->path.dentry; 40431e6b01fSNick Piggin 40531e6b01fSNick Piggin BUG_ON(!(nd->flags & LOOKUP_RCU)); 40631e6b01fSNick Piggin if (nd->root.mnt) { 40731e6b01fSNick Piggin spin_lock(&fs->lock); 40831e6b01fSNick Piggin if (nd->root.mnt != fs->root.mnt || 40931e6b01fSNick Piggin nd->root.dentry != fs->root.dentry) 41031e6b01fSNick Piggin goto err_root; 41131e6b01fSNick Piggin } 41231e6b01fSNick Piggin spin_lock(&dentry->d_lock); 41331e6b01fSNick Piggin if (!__d_rcu_to_refcount(dentry, nd->seq)) 41431e6b01fSNick Piggin goto err; 41531e6b01fSNick Piggin BUG_ON(nd->inode != dentry->d_inode); 41631e6b01fSNick Piggin spin_unlock(&dentry->d_lock); 41731e6b01fSNick Piggin if (nd->root.mnt) { 41831e6b01fSNick Piggin path_get(&nd->root); 41931e6b01fSNick Piggin spin_unlock(&fs->lock); 42031e6b01fSNick Piggin } 42131e6b01fSNick Piggin mntget(nd->path.mnt); 42231e6b01fSNick Piggin 42331e6b01fSNick Piggin rcu_read_unlock(); 42431e6b01fSNick Piggin br_read_unlock(vfsmount_lock); 42531e6b01fSNick Piggin nd->flags &= ~LOOKUP_RCU; 42631e6b01fSNick Piggin return 0; 42731e6b01fSNick Piggin err: 42831e6b01fSNick Piggin spin_unlock(&dentry->d_lock); 42931e6b01fSNick Piggin err_root: 43031e6b01fSNick Piggin if (nd->root.mnt) 43131e6b01fSNick Piggin spin_unlock(&fs->lock); 43231e6b01fSNick Piggin return -ECHILD; 43331e6b01fSNick Piggin } 43431e6b01fSNick Piggin 43531e6b01fSNick Piggin /* Try to drop out of rcu-walk mode if we were in it, otherwise do nothing. */ 43631e6b01fSNick Piggin static inline int nameidata_drop_rcu_maybe(struct nameidata *nd) 43731e6b01fSNick Piggin { 43831e6b01fSNick Piggin if (nd->flags & LOOKUP_RCU) 43931e6b01fSNick Piggin return nameidata_drop_rcu(nd); 44031e6b01fSNick Piggin return 0; 44131e6b01fSNick Piggin } 44231e6b01fSNick Piggin 44331e6b01fSNick Piggin /** 44431e6b01fSNick Piggin * nameidata_dentry_drop_rcu - drop nameidata and dentry out of rcu-walk 44531e6b01fSNick Piggin * @nd: nameidata pathwalk data to drop 44631e6b01fSNick Piggin * @dentry: dentry to drop 44739191628SRandy Dunlap * Returns: 0 on success, -ECHILD on failure 44831e6b01fSNick Piggin * 44931e6b01fSNick Piggin * nameidata_dentry_drop_rcu attempts to drop the current nd->path and nd->root, 45031e6b01fSNick Piggin * and dentry into ref-walk. @dentry must be a path found by a do_lookup call on 45131e6b01fSNick Piggin * @nd. Must be called from rcu-walk context. 45231e6b01fSNick Piggin */ 45331e6b01fSNick Piggin static int nameidata_dentry_drop_rcu(struct nameidata *nd, struct dentry *dentry) 45431e6b01fSNick Piggin { 45531e6b01fSNick Piggin struct fs_struct *fs = current->fs; 45631e6b01fSNick Piggin struct dentry *parent = nd->path.dentry; 45731e6b01fSNick Piggin 45831e6b01fSNick Piggin BUG_ON(!(nd->flags & LOOKUP_RCU)); 45931e6b01fSNick Piggin if (nd->root.mnt) { 46031e6b01fSNick Piggin spin_lock(&fs->lock); 46131e6b01fSNick Piggin if (nd->root.mnt != fs->root.mnt || 46231e6b01fSNick Piggin nd->root.dentry != fs->root.dentry) 46331e6b01fSNick Piggin goto err_root; 46431e6b01fSNick Piggin } 46531e6b01fSNick Piggin spin_lock(&parent->d_lock); 46631e6b01fSNick Piggin spin_lock_nested(&dentry->d_lock, DENTRY_D_LOCK_NESTED); 46731e6b01fSNick Piggin if (!__d_rcu_to_refcount(dentry, nd->seq)) 46831e6b01fSNick Piggin goto err; 46931e6b01fSNick Piggin /* 47031e6b01fSNick Piggin * If the sequence check on the child dentry passed, then the child has 47131e6b01fSNick Piggin * not been removed from its parent. This means the parent dentry must 47231e6b01fSNick Piggin * be valid and able to take a reference at this point. 47331e6b01fSNick Piggin */ 47431e6b01fSNick Piggin BUG_ON(!IS_ROOT(dentry) && dentry->d_parent != parent); 47531e6b01fSNick Piggin BUG_ON(!parent->d_count); 47631e6b01fSNick Piggin parent->d_count++; 47731e6b01fSNick Piggin spin_unlock(&dentry->d_lock); 47831e6b01fSNick Piggin spin_unlock(&parent->d_lock); 47931e6b01fSNick Piggin if (nd->root.mnt) { 48031e6b01fSNick Piggin path_get(&nd->root); 48131e6b01fSNick Piggin spin_unlock(&fs->lock); 48231e6b01fSNick Piggin } 48331e6b01fSNick Piggin mntget(nd->path.mnt); 48431e6b01fSNick Piggin 48531e6b01fSNick Piggin rcu_read_unlock(); 48631e6b01fSNick Piggin br_read_unlock(vfsmount_lock); 48731e6b01fSNick Piggin nd->flags &= ~LOOKUP_RCU; 48831e6b01fSNick Piggin return 0; 48931e6b01fSNick Piggin err: 49031e6b01fSNick Piggin spin_unlock(&dentry->d_lock); 49131e6b01fSNick Piggin spin_unlock(&parent->d_lock); 49231e6b01fSNick Piggin err_root: 49331e6b01fSNick Piggin if (nd->root.mnt) 49431e6b01fSNick Piggin spin_unlock(&fs->lock); 49531e6b01fSNick Piggin return -ECHILD; 49631e6b01fSNick Piggin } 49731e6b01fSNick Piggin 49831e6b01fSNick Piggin /* Try to drop out of rcu-walk mode if we were in it, otherwise do nothing. */ 49931e6b01fSNick Piggin static inline int nameidata_dentry_drop_rcu_maybe(struct nameidata *nd, struct dentry *dentry) 50031e6b01fSNick Piggin { 501a7472babSAl Viro if (nd->flags & LOOKUP_RCU) { 502a7472babSAl Viro if (unlikely(nameidata_dentry_drop_rcu(nd, dentry))) { 503a7472babSAl Viro nd->flags &= ~LOOKUP_RCU; 504a7472babSAl Viro nd->root.mnt = NULL; 505a7472babSAl Viro rcu_read_unlock(); 506a7472babSAl Viro br_read_unlock(vfsmount_lock); 507a7472babSAl Viro return -ECHILD; 508a7472babSAl Viro } 509a7472babSAl Viro } 51031e6b01fSNick Piggin return 0; 51131e6b01fSNick Piggin } 51231e6b01fSNick Piggin 51331e6b01fSNick Piggin /** 51431e6b01fSNick Piggin * nameidata_drop_rcu_last - drop nameidata ending path walk out of rcu-walk 51531e6b01fSNick Piggin * @nd: nameidata pathwalk data to drop 51639191628SRandy Dunlap * Returns: 0 on success, -ECHILD on failure 51731e6b01fSNick Piggin * 51831e6b01fSNick Piggin * nameidata_drop_rcu_last attempts to drop the current nd->path into ref-walk. 51931e6b01fSNick Piggin * nd->path should be the final element of the lookup, so nd->root is discarded. 52031e6b01fSNick Piggin * Must be called from rcu-walk context. 52131e6b01fSNick Piggin */ 52231e6b01fSNick Piggin static int nameidata_drop_rcu_last(struct nameidata *nd) 52331e6b01fSNick Piggin { 52431e6b01fSNick Piggin struct dentry *dentry = nd->path.dentry; 52531e6b01fSNick Piggin 52631e6b01fSNick Piggin BUG_ON(!(nd->flags & LOOKUP_RCU)); 52731e6b01fSNick Piggin nd->flags &= ~LOOKUP_RCU; 52831e6b01fSNick Piggin nd->root.mnt = NULL; 52931e6b01fSNick Piggin spin_lock(&dentry->d_lock); 53031e6b01fSNick Piggin if (!__d_rcu_to_refcount(dentry, nd->seq)) 53131e6b01fSNick Piggin goto err_unlock; 53231e6b01fSNick Piggin BUG_ON(nd->inode != dentry->d_inode); 53331e6b01fSNick Piggin spin_unlock(&dentry->d_lock); 53431e6b01fSNick Piggin 53531e6b01fSNick Piggin mntget(nd->path.mnt); 53631e6b01fSNick Piggin 53731e6b01fSNick Piggin rcu_read_unlock(); 53831e6b01fSNick Piggin br_read_unlock(vfsmount_lock); 53931e6b01fSNick Piggin 54031e6b01fSNick Piggin return 0; 54131e6b01fSNick Piggin 54231e6b01fSNick Piggin err_unlock: 54331e6b01fSNick Piggin spin_unlock(&dentry->d_lock); 54431e6b01fSNick Piggin rcu_read_unlock(); 54531e6b01fSNick Piggin br_read_unlock(vfsmount_lock); 54631e6b01fSNick Piggin return -ECHILD; 54731e6b01fSNick Piggin } 54831e6b01fSNick Piggin 54931e6b01fSNick Piggin /** 550834f2a4aSTrond Myklebust * release_open_intent - free up open intent resources 551834f2a4aSTrond Myklebust * @nd: pointer to nameidata 552834f2a4aSTrond Myklebust */ 553834f2a4aSTrond Myklebust void release_open_intent(struct nameidata *nd) 554834f2a4aSTrond Myklebust { 5552dab5974SLinus Torvalds struct file *file = nd->intent.open.file; 5562dab5974SLinus Torvalds 5572dab5974SLinus Torvalds if (file && !IS_ERR(file)) { 5582dab5974SLinus Torvalds if (file->f_path.dentry == NULL) 5592dab5974SLinus Torvalds put_filp(file); 560834f2a4aSTrond Myklebust else 5612dab5974SLinus Torvalds fput(file); 5622dab5974SLinus Torvalds } 563834f2a4aSTrond Myklebust } 564834f2a4aSTrond Myklebust 565f60aef7eSAl Viro static inline int d_revalidate(struct dentry *dentry, struct nameidata *nd) 56634286d66SNick Piggin { 567f60aef7eSAl Viro return dentry->d_op->d_revalidate(dentry, nd); 56834286d66SNick Piggin } 56934286d66SNick Piggin 570f5e1c1c1SAl Viro static struct dentry * 571bcdc5e01SIan Kent do_revalidate(struct dentry *dentry, struct nameidata *nd) 572bcdc5e01SIan Kent { 573f5e1c1c1SAl Viro int status = d_revalidate(dentry, nd); 574bcdc5e01SIan Kent if (unlikely(status <= 0)) { 575bcdc5e01SIan Kent /* 576bcdc5e01SIan Kent * The dentry failed validation. 577bcdc5e01SIan Kent * If d_revalidate returned 0 attempt to invalidate 578bcdc5e01SIan Kent * the dentry otherwise d_revalidate is asking us 579bcdc5e01SIan Kent * to return a fail status. 580bcdc5e01SIan Kent */ 58134286d66SNick Piggin if (status < 0) { 58234286d66SNick Piggin dput(dentry); 58334286d66SNick Piggin dentry = ERR_PTR(status); 584f5e1c1c1SAl Viro } else if (!d_invalidate(dentry)) { 585bcdc5e01SIan Kent dput(dentry); 586bcdc5e01SIan Kent dentry = NULL; 587bcdc5e01SIan Kent } 588bcdc5e01SIan Kent } 589f5e1c1c1SAl Viro return dentry; 590f5e1c1c1SAl Viro } 591f5e1c1c1SAl Viro 592f5e1c1c1SAl Viro static inline struct dentry * 593f5e1c1c1SAl Viro do_revalidate_rcu(struct dentry *dentry, struct nameidata *nd) 594f5e1c1c1SAl Viro { 595f60aef7eSAl Viro int status = d_revalidate(dentry, nd); 596f5e1c1c1SAl Viro if (likely(status > 0)) 597f5e1c1c1SAl Viro return dentry; 598f5e1c1c1SAl Viro if (status == -ECHILD) { 599f5e1c1c1SAl Viro if (nameidata_dentry_drop_rcu(nd, dentry)) 600f5e1c1c1SAl Viro return ERR_PTR(-ECHILD); 601f5e1c1c1SAl Viro return do_revalidate(dentry, nd); 602f5e1c1c1SAl Viro } 603f5e1c1c1SAl Viro if (status < 0) 604f5e1c1c1SAl Viro return ERR_PTR(status); 605f5e1c1c1SAl Viro /* Don't d_invalidate in rcu-walk mode */ 606f5e1c1c1SAl Viro if (nameidata_dentry_drop_rcu(nd, dentry)) 607f5e1c1c1SAl Viro return ERR_PTR(-ECHILD); 608f5e1c1c1SAl Viro if (!d_invalidate(dentry)) { 609f5e1c1c1SAl Viro dput(dentry); 610f5e1c1c1SAl Viro dentry = NULL; 611bcdc5e01SIan Kent } 612bcdc5e01SIan Kent return dentry; 613bcdc5e01SIan Kent } 614bcdc5e01SIan Kent 6151da177e4SLinus Torvalds /* 61616c2cd71SAl Viro * handle_reval_path - force revalidation of a dentry 61739159de2SJeff Layton * 61839159de2SJeff Layton * In some situations the path walking code will trust dentries without 61939159de2SJeff Layton * revalidating them. This causes problems for filesystems that depend on 62039159de2SJeff Layton * d_revalidate to handle file opens (e.g. NFSv4). When FS_REVAL_DOT is set 62139159de2SJeff Layton * (which indicates that it's possible for the dentry to go stale), force 62239159de2SJeff Layton * a d_revalidate call before proceeding. 62339159de2SJeff Layton * 62439159de2SJeff Layton * Returns 0 if the revalidation was successful. If the revalidation fails, 62539159de2SJeff Layton * either return the error returned by d_revalidate or -ESTALE if the 62639159de2SJeff Layton * revalidation it just returned 0. If d_revalidate returns 0, we attempt to 62739159de2SJeff Layton * invalidate the dentry. It's up to the caller to handle putting references 62839159de2SJeff Layton * to the path if necessary. 62939159de2SJeff Layton */ 63016c2cd71SAl Viro static inline int handle_reval_path(struct nameidata *nd) 63139159de2SJeff Layton { 63216c2cd71SAl Viro struct dentry *dentry = nd->path.dentry; 63339159de2SJeff Layton int status; 63439159de2SJeff Layton 63516c2cd71SAl Viro if (likely(!(nd->flags & LOOKUP_JUMPED))) 63639159de2SJeff Layton return 0; 63739159de2SJeff Layton 63816c2cd71SAl Viro if (likely(!(dentry->d_flags & DCACHE_OP_REVALIDATE))) 63916c2cd71SAl Viro return 0; 64016c2cd71SAl Viro 64116c2cd71SAl Viro if (likely(!(dentry->d_sb->s_type->fs_flags & FS_REVAL_DOT))) 64216c2cd71SAl Viro return 0; 64316c2cd71SAl Viro 64416c2cd71SAl Viro /* Note: we do not d_invalidate() */ 64534286d66SNick Piggin status = d_revalidate(dentry, nd); 64639159de2SJeff Layton if (status > 0) 64739159de2SJeff Layton return 0; 64839159de2SJeff Layton 64916c2cd71SAl Viro if (!status) 65039159de2SJeff Layton status = -ESTALE; 65116c2cd71SAl Viro 65239159de2SJeff Layton return status; 65339159de2SJeff Layton } 65439159de2SJeff Layton 65539159de2SJeff Layton /* 656b75b5086SAl Viro * Short-cut version of permission(), for calling on directories 657b75b5086SAl Viro * during pathname resolution. Combines parts of permission() 658b75b5086SAl Viro * and generic_permission(), and tests ONLY for MAY_EXEC permission. 6591da177e4SLinus Torvalds * 6601da177e4SLinus Torvalds * If appropriate, check DAC only. If not appropriate, or 661b75b5086SAl Viro * short-cut DAC fails, then call ->permission() to do more 6621da177e4SLinus Torvalds * complete permission check. 6631da177e4SLinus Torvalds */ 664b74c79e9SNick Piggin static inline int exec_permission(struct inode *inode, unsigned int flags) 6651da177e4SLinus Torvalds { 6665909ccaaSLinus Torvalds int ret; 6671da177e4SLinus Torvalds 668cb9179eaSLinus Torvalds if (inode->i_op->permission) { 669b74c79e9SNick Piggin ret = inode->i_op->permission(inode, MAY_EXEC, flags); 670b74c79e9SNick Piggin } else { 671b74c79e9SNick Piggin ret = acl_permission_check(inode, MAY_EXEC, flags, 672b74c79e9SNick Piggin inode->i_op->check_acl); 673cb9179eaSLinus Torvalds } 674b74c79e9SNick Piggin if (likely(!ret)) 6751da177e4SLinus Torvalds goto ok; 676b74c79e9SNick Piggin if (ret == -ECHILD) 67731e6b01fSNick Piggin return ret; 6781da177e4SLinus Torvalds 679f1ac9f6bSLinus Torvalds if (capable(CAP_DAC_OVERRIDE) || capable(CAP_DAC_READ_SEARCH)) 6801da177e4SLinus Torvalds goto ok; 6811da177e4SLinus Torvalds 6825909ccaaSLinus Torvalds return ret; 6831da177e4SLinus Torvalds ok: 684b74c79e9SNick Piggin return security_inode_exec_permission(inode, flags); 6851da177e4SLinus Torvalds } 6861da177e4SLinus Torvalds 6872a737871SAl Viro static __always_inline void set_root(struct nameidata *nd) 6882a737871SAl Viro { 689f7ad3c6bSMiklos Szeredi if (!nd->root.mnt) 690f7ad3c6bSMiklos Szeredi get_fs_root(current->fs, &nd->root); 6912a737871SAl Viro } 6922a737871SAl Viro 6936de88d72SAl Viro static int link_path_walk(const char *, struct nameidata *); 6946de88d72SAl Viro 69531e6b01fSNick Piggin static __always_inline void set_root_rcu(struct nameidata *nd) 69631e6b01fSNick Piggin { 69731e6b01fSNick Piggin if (!nd->root.mnt) { 69831e6b01fSNick Piggin struct fs_struct *fs = current->fs; 699c28cc364SNick Piggin unsigned seq; 700c28cc364SNick Piggin 701c28cc364SNick Piggin do { 702c28cc364SNick Piggin seq = read_seqcount_begin(&fs->seq); 70331e6b01fSNick Piggin nd->root = fs->root; 704c28cc364SNick Piggin } while (read_seqcount_retry(&fs->seq, seq)); 70531e6b01fSNick Piggin } 70631e6b01fSNick Piggin } 70731e6b01fSNick Piggin 708f1662356SArjan van de Ven static __always_inline int __vfs_follow_link(struct nameidata *nd, const char *link) 7091da177e4SLinus Torvalds { 71031e6b01fSNick Piggin int ret; 71131e6b01fSNick Piggin 7121da177e4SLinus Torvalds if (IS_ERR(link)) 7131da177e4SLinus Torvalds goto fail; 7141da177e4SLinus Torvalds 7151da177e4SLinus Torvalds if (*link == '/') { 7162a737871SAl Viro set_root(nd); 7171d957f9bSJan Blunck path_put(&nd->path); 7182a737871SAl Viro nd->path = nd->root; 7192a737871SAl Viro path_get(&nd->root); 72016c2cd71SAl Viro nd->flags |= LOOKUP_JUMPED; 7211da177e4SLinus Torvalds } 72231e6b01fSNick Piggin nd->inode = nd->path.dentry->d_inode; 723b4091d5fSChristoph Hellwig 72431e6b01fSNick Piggin ret = link_path_walk(link, nd); 72531e6b01fSNick Piggin return ret; 7261da177e4SLinus Torvalds fail: 7271d957f9bSJan Blunck path_put(&nd->path); 7281da177e4SLinus Torvalds return PTR_ERR(link); 7291da177e4SLinus Torvalds } 7301da177e4SLinus Torvalds 7311d957f9bSJan Blunck static void path_put_conditional(struct path *path, struct nameidata *nd) 732051d3812SIan Kent { 733051d3812SIan Kent dput(path->dentry); 7344ac91378SJan Blunck if (path->mnt != nd->path.mnt) 735051d3812SIan Kent mntput(path->mnt); 736051d3812SIan Kent } 737051d3812SIan Kent 7387b9337aaSNick Piggin static inline void path_to_nameidata(const struct path *path, 7397b9337aaSNick Piggin struct nameidata *nd) 740051d3812SIan Kent { 74131e6b01fSNick Piggin if (!(nd->flags & LOOKUP_RCU)) { 7424ac91378SJan Blunck dput(nd->path.dentry); 74331e6b01fSNick Piggin if (nd->path.mnt != path->mnt) 7444ac91378SJan Blunck mntput(nd->path.mnt); 7459a229683SHuang Shijie } 74631e6b01fSNick Piggin nd->path.mnt = path->mnt; 7474ac91378SJan Blunck nd->path.dentry = path->dentry; 748051d3812SIan Kent } 749051d3812SIan Kent 750def4af30SAl Viro static __always_inline int 7517b9337aaSNick Piggin __do_follow_link(const struct path *link, struct nameidata *nd, void **p) 7521da177e4SLinus Torvalds { 7531da177e4SLinus Torvalds int error; 7547b9337aaSNick Piggin struct dentry *dentry = link->dentry; 7551da177e4SLinus Torvalds 756844a3917SAl Viro BUG_ON(nd->flags & LOOKUP_RCU); 757844a3917SAl Viro 7587b9337aaSNick Piggin touch_atime(link->mnt, dentry); 7591da177e4SLinus Torvalds nd_set_link(nd, NULL); 760cd4e91d3SAl Viro 76187556ef1SDavid Howells if (link->mnt == nd->path.mnt) 7627b9337aaSNick Piggin mntget(link->mnt); 76331e6b01fSNick Piggin 76436f3b4f6SAl Viro error = security_inode_follow_link(link->dentry, nd); 76536f3b4f6SAl Viro if (error) { 76636f3b4f6SAl Viro *p = ERR_PTR(error); /* no ->put_link(), please */ 76736f3b4f6SAl Viro path_put(&nd->path); 76836f3b4f6SAl Viro return error; 76936f3b4f6SAl Viro } 77036f3b4f6SAl Viro 77186acdca1SAl Viro nd->last_type = LAST_BIND; 772def4af30SAl Viro *p = dentry->d_inode->i_op->follow_link(dentry, nd); 773def4af30SAl Viro error = PTR_ERR(*p); 774def4af30SAl Viro if (!IS_ERR(*p)) { 7751da177e4SLinus Torvalds char *s = nd_get_link(nd); 776cc314eefSLinus Torvalds error = 0; 7771da177e4SLinus Torvalds if (s) 7781da177e4SLinus Torvalds error = __vfs_follow_link(nd, s); 77916c2cd71SAl Viro else if (nd->last_type == LAST_BIND) 78016c2cd71SAl Viro nd->flags |= LOOKUP_JUMPED; 7811da177e4SLinus Torvalds } 7821da177e4SLinus Torvalds return error; 7831da177e4SLinus Torvalds } 7841da177e4SLinus Torvalds 7851da177e4SLinus Torvalds /* 7861da177e4SLinus Torvalds * This limits recursive symlink follows to 8, while 7871da177e4SLinus Torvalds * limiting consecutive symlinks to 40. 7881da177e4SLinus Torvalds * 7891da177e4SLinus Torvalds * Without that kind of total limit, nasty chains of consecutive 7901da177e4SLinus Torvalds * symlinks can cause almost arbitrarily long lookups. 7911da177e4SLinus Torvalds */ 7923abb17e8SLinus Torvalds static inline int do_follow_link(struct inode *inode, struct path *path, struct nameidata *nd) 7931da177e4SLinus Torvalds { 794def4af30SAl Viro void *cookie; 7951da177e4SLinus Torvalds int err = -ELOOP; 796844a3917SAl Viro 797844a3917SAl Viro /* We drop rcu-walk here */ 798844a3917SAl Viro if (nameidata_dentry_drop_rcu_maybe(nd, path->dentry)) 799844a3917SAl Viro return -ECHILD; 8003abb17e8SLinus Torvalds BUG_ON(inode != path->dentry->d_inode); 801844a3917SAl Viro 8021da177e4SLinus Torvalds if (current->link_count >= MAX_NESTED_LINKS) 8031da177e4SLinus Torvalds goto loop; 8041da177e4SLinus Torvalds if (current->total_link_count >= 40) 8051da177e4SLinus Torvalds goto loop; 8061da177e4SLinus Torvalds BUG_ON(nd->depth >= MAX_NESTED_LINKS); 8071da177e4SLinus Torvalds cond_resched(); 8081da177e4SLinus Torvalds current->link_count++; 8091da177e4SLinus Torvalds current->total_link_count++; 8101da177e4SLinus Torvalds nd->depth++; 811def4af30SAl Viro err = __do_follow_link(path, nd, &cookie); 812def4af30SAl Viro if (!IS_ERR(cookie) && path->dentry->d_inode->i_op->put_link) 813def4af30SAl Viro path->dentry->d_inode->i_op->put_link(path->dentry, nd, cookie); 814258fa999SAl Viro path_put(path); 8151da177e4SLinus Torvalds current->link_count--; 8161da177e4SLinus Torvalds nd->depth--; 8171da177e4SLinus Torvalds return err; 8181da177e4SLinus Torvalds loop: 8191d957f9bSJan Blunck path_put_conditional(path, nd); 8201d957f9bSJan Blunck path_put(&nd->path); 8211da177e4SLinus Torvalds return err; 8221da177e4SLinus Torvalds } 8231da177e4SLinus Torvalds 82431e6b01fSNick Piggin static int follow_up_rcu(struct path *path) 82531e6b01fSNick Piggin { 82631e6b01fSNick Piggin struct vfsmount *parent; 82731e6b01fSNick Piggin struct dentry *mountpoint; 82831e6b01fSNick Piggin 82931e6b01fSNick Piggin parent = path->mnt->mnt_parent; 83031e6b01fSNick Piggin if (parent == path->mnt) 83131e6b01fSNick Piggin return 0; 83231e6b01fSNick Piggin mountpoint = path->mnt->mnt_mountpoint; 83331e6b01fSNick Piggin path->dentry = mountpoint; 83431e6b01fSNick Piggin path->mnt = parent; 83531e6b01fSNick Piggin return 1; 83631e6b01fSNick Piggin } 83731e6b01fSNick Piggin 838bab77ebfSAl Viro int follow_up(struct path *path) 8391da177e4SLinus Torvalds { 8401da177e4SLinus Torvalds struct vfsmount *parent; 8411da177e4SLinus Torvalds struct dentry *mountpoint; 84299b7db7bSNick Piggin 84399b7db7bSNick Piggin br_read_lock(vfsmount_lock); 844bab77ebfSAl Viro parent = path->mnt->mnt_parent; 845bab77ebfSAl Viro if (parent == path->mnt) { 84699b7db7bSNick Piggin br_read_unlock(vfsmount_lock); 8471da177e4SLinus Torvalds return 0; 8481da177e4SLinus Torvalds } 8491da177e4SLinus Torvalds mntget(parent); 850bab77ebfSAl Viro mountpoint = dget(path->mnt->mnt_mountpoint); 85199b7db7bSNick Piggin br_read_unlock(vfsmount_lock); 852bab77ebfSAl Viro dput(path->dentry); 853bab77ebfSAl Viro path->dentry = mountpoint; 854bab77ebfSAl Viro mntput(path->mnt); 855bab77ebfSAl Viro path->mnt = parent; 8561da177e4SLinus Torvalds return 1; 8571da177e4SLinus Torvalds } 8581da177e4SLinus Torvalds 859b5c84bf6SNick Piggin /* 8609875cf80SDavid Howells * Perform an automount 8619875cf80SDavid Howells * - return -EISDIR to tell follow_managed() to stop and return the path we 8629875cf80SDavid Howells * were called with. 8631da177e4SLinus Torvalds */ 8649875cf80SDavid Howells static int follow_automount(struct path *path, unsigned flags, 8659875cf80SDavid Howells bool *need_mntput) 86631e6b01fSNick Piggin { 8679875cf80SDavid Howells struct vfsmount *mnt; 868ea5b778aSDavid Howells int err; 8699875cf80SDavid Howells 8709875cf80SDavid Howells if (!path->dentry->d_op || !path->dentry->d_op->d_automount) 8719875cf80SDavid Howells return -EREMOTE; 8729875cf80SDavid Howells 8736f45b656SDavid Howells /* We don't want to mount if someone supplied AT_NO_AUTOMOUNT 8746f45b656SDavid Howells * and this is the terminal part of the path. 8756f45b656SDavid Howells */ 8766f45b656SDavid Howells if ((flags & LOOKUP_NO_AUTOMOUNT) && !(flags & LOOKUP_CONTINUE)) 8776f45b656SDavid Howells return -EISDIR; /* we actually want to stop here */ 8786f45b656SDavid Howells 8799875cf80SDavid Howells /* We want to mount if someone is trying to open/create a file of any 8809875cf80SDavid Howells * type under the mountpoint, wants to traverse through the mountpoint 8819875cf80SDavid Howells * or wants to open the mounted directory. 8829875cf80SDavid Howells * 8839875cf80SDavid Howells * We don't want to mount if someone's just doing a stat and they've 8849875cf80SDavid Howells * set AT_SYMLINK_NOFOLLOW - unless they're stat'ing a directory and 8859875cf80SDavid Howells * appended a '/' to the name. 8869875cf80SDavid Howells */ 8879875cf80SDavid Howells if (!(flags & LOOKUP_FOLLOW) && 8889875cf80SDavid Howells !(flags & (LOOKUP_CONTINUE | LOOKUP_DIRECTORY | 8899875cf80SDavid Howells LOOKUP_OPEN | LOOKUP_CREATE))) 8909875cf80SDavid Howells return -EISDIR; 8919875cf80SDavid Howells 8929875cf80SDavid Howells current->total_link_count++; 8939875cf80SDavid Howells if (current->total_link_count >= 40) 8949875cf80SDavid Howells return -ELOOP; 8959875cf80SDavid Howells 8969875cf80SDavid Howells mnt = path->dentry->d_op->d_automount(path); 8979875cf80SDavid Howells if (IS_ERR(mnt)) { 8989875cf80SDavid Howells /* 8999875cf80SDavid Howells * The filesystem is allowed to return -EISDIR here to indicate 9009875cf80SDavid Howells * it doesn't want to automount. For instance, autofs would do 9019875cf80SDavid Howells * this so that its userspace daemon can mount on this dentry. 9029875cf80SDavid Howells * 9039875cf80SDavid Howells * However, we can only permit this if it's a terminal point in 9049875cf80SDavid Howells * the path being looked up; if it wasn't then the remainder of 9059875cf80SDavid Howells * the path is inaccessible and we should say so. 9069875cf80SDavid Howells */ 9079875cf80SDavid Howells if (PTR_ERR(mnt) == -EISDIR && (flags & LOOKUP_CONTINUE)) 9089875cf80SDavid Howells return -EREMOTE; 9099875cf80SDavid Howells return PTR_ERR(mnt); 91031e6b01fSNick Piggin } 911ea5b778aSDavid Howells 9129875cf80SDavid Howells if (!mnt) /* mount collision */ 9139875cf80SDavid Howells return 0; 9149875cf80SDavid Howells 91519a167afSAl Viro err = finish_automount(mnt, path); 916ea5b778aSDavid Howells 917ea5b778aSDavid Howells switch (err) { 918ea5b778aSDavid Howells case -EBUSY: 919ea5b778aSDavid Howells /* Someone else made a mount here whilst we were busy */ 92019a167afSAl Viro return 0; 921ea5b778aSDavid Howells case 0: 922463ffb2eSAl Viro dput(path->dentry); 9239875cf80SDavid Howells if (*need_mntput) 9249875cf80SDavid Howells mntput(path->mnt); 9259875cf80SDavid Howells path->mnt = mnt; 9269875cf80SDavid Howells path->dentry = dget(mnt->mnt_root); 9279875cf80SDavid Howells *need_mntput = true; 9289875cf80SDavid Howells return 0; 92919a167afSAl Viro default: 93019a167afSAl Viro return err; 9319875cf80SDavid Howells } 93219a167afSAl Viro 933ea5b778aSDavid Howells } 9349875cf80SDavid Howells 9359875cf80SDavid Howells /* 9369875cf80SDavid Howells * Handle a dentry that is managed in some way. 937cc53ce53SDavid Howells * - Flagged for transit management (autofs) 9389875cf80SDavid Howells * - Flagged as mountpoint 9399875cf80SDavid Howells * - Flagged as automount point 9409875cf80SDavid Howells * 9419875cf80SDavid Howells * This may only be called in refwalk mode. 9429875cf80SDavid Howells * 9439875cf80SDavid Howells * Serialization is taken care of in namespace.c 9449875cf80SDavid Howells */ 9459875cf80SDavid Howells static int follow_managed(struct path *path, unsigned flags) 9469875cf80SDavid Howells { 9479875cf80SDavid Howells unsigned managed; 9489875cf80SDavid Howells bool need_mntput = false; 9499875cf80SDavid Howells int ret; 9509875cf80SDavid Howells 9519875cf80SDavid Howells /* Given that we're not holding a lock here, we retain the value in a 9529875cf80SDavid Howells * local variable for each dentry as we look at it so that we don't see 9539875cf80SDavid Howells * the components of that value change under us */ 9549875cf80SDavid Howells while (managed = ACCESS_ONCE(path->dentry->d_flags), 9559875cf80SDavid Howells managed &= DCACHE_MANAGED_DENTRY, 9569875cf80SDavid Howells unlikely(managed != 0)) { 957cc53ce53SDavid Howells /* Allow the filesystem to manage the transit without i_mutex 958cc53ce53SDavid Howells * being held. */ 959cc53ce53SDavid Howells if (managed & DCACHE_MANAGE_TRANSIT) { 960cc53ce53SDavid Howells BUG_ON(!path->dentry->d_op); 961cc53ce53SDavid Howells BUG_ON(!path->dentry->d_op->d_manage); 962ab90911fSDavid Howells ret = path->dentry->d_op->d_manage(path->dentry, 963ab90911fSDavid Howells false, false); 964cc53ce53SDavid Howells if (ret < 0) 965cc53ce53SDavid Howells return ret == -EISDIR ? 0 : ret; 966cc53ce53SDavid Howells } 967cc53ce53SDavid Howells 9689875cf80SDavid Howells /* Transit to a mounted filesystem. */ 9699875cf80SDavid Howells if (managed & DCACHE_MOUNTED) { 9709875cf80SDavid Howells struct vfsmount *mounted = lookup_mnt(path); 9719875cf80SDavid Howells if (mounted) { 9729875cf80SDavid Howells dput(path->dentry); 9739875cf80SDavid Howells if (need_mntput) 974463ffb2eSAl Viro mntput(path->mnt); 975463ffb2eSAl Viro path->mnt = mounted; 976463ffb2eSAl Viro path->dentry = dget(mounted->mnt_root); 9779875cf80SDavid Howells need_mntput = true; 9789875cf80SDavid Howells continue; 979463ffb2eSAl Viro } 980463ffb2eSAl Viro 9819875cf80SDavid Howells /* Something is mounted on this dentry in another 9829875cf80SDavid Howells * namespace and/or whatever was mounted there in this 9839875cf80SDavid Howells * namespace got unmounted before we managed to get the 9849875cf80SDavid Howells * vfsmount_lock */ 9851da177e4SLinus Torvalds } 9869875cf80SDavid Howells 9879875cf80SDavid Howells /* Handle an automount point */ 9889875cf80SDavid Howells if (managed & DCACHE_NEED_AUTOMOUNT) { 9899875cf80SDavid Howells ret = follow_automount(path, flags, &need_mntput); 9909875cf80SDavid Howells if (ret < 0) 9919875cf80SDavid Howells return ret == -EISDIR ? 0 : ret; 9929875cf80SDavid Howells continue; 9939875cf80SDavid Howells } 9949875cf80SDavid Howells 9959875cf80SDavid Howells /* We didn't change the current path point */ 9969875cf80SDavid Howells break; 9979875cf80SDavid Howells } 9989875cf80SDavid Howells return 0; 9991da177e4SLinus Torvalds } 10001da177e4SLinus Torvalds 1001cc53ce53SDavid Howells int follow_down_one(struct path *path) 10021da177e4SLinus Torvalds { 10031da177e4SLinus Torvalds struct vfsmount *mounted; 10041da177e4SLinus Torvalds 10051c755af4SAl Viro mounted = lookup_mnt(path); 10061da177e4SLinus Torvalds if (mounted) { 10079393bd07SAl Viro dput(path->dentry); 10089393bd07SAl Viro mntput(path->mnt); 10099393bd07SAl Viro path->mnt = mounted; 10109393bd07SAl Viro path->dentry = dget(mounted->mnt_root); 10111da177e4SLinus Torvalds return 1; 10121da177e4SLinus Torvalds } 10131da177e4SLinus Torvalds return 0; 10141da177e4SLinus Torvalds } 10151da177e4SLinus Torvalds 10169875cf80SDavid Howells /* 10179875cf80SDavid Howells * Skip to top of mountpoint pile in rcuwalk mode. We abort the rcu-walk if we 1018cc53ce53SDavid Howells * meet a managed dentry and we're not walking to "..". True is returned to 10199875cf80SDavid Howells * continue, false to abort. 10209875cf80SDavid Howells */ 10219875cf80SDavid Howells static bool __follow_mount_rcu(struct nameidata *nd, struct path *path, 10229875cf80SDavid Howells struct inode **inode, bool reverse_transit) 10239875cf80SDavid Howells { 10249875cf80SDavid Howells while (d_mountpoint(path->dentry)) { 10259875cf80SDavid Howells struct vfsmount *mounted; 1026ab90911fSDavid Howells if (unlikely(path->dentry->d_flags & DCACHE_MANAGE_TRANSIT) && 1027ab90911fSDavid Howells !reverse_transit && 1028ab90911fSDavid Howells path->dentry->d_op->d_manage(path->dentry, false, true) < 0) 1029ab90911fSDavid Howells return false; 10309875cf80SDavid Howells mounted = __lookup_mnt(path->mnt, path->dentry, 1); 10319875cf80SDavid Howells if (!mounted) 10329875cf80SDavid Howells break; 10339875cf80SDavid Howells path->mnt = mounted; 10349875cf80SDavid Howells path->dentry = mounted->mnt_root; 10359875cf80SDavid Howells nd->seq = read_seqcount_begin(&path->dentry->d_seq); 10369875cf80SDavid Howells *inode = path->dentry->d_inode; 10379875cf80SDavid Howells } 10389875cf80SDavid Howells 10399875cf80SDavid Howells if (unlikely(path->dentry->d_flags & DCACHE_NEED_AUTOMOUNT)) 10409875cf80SDavid Howells return reverse_transit; 10419875cf80SDavid Howells return true; 10429875cf80SDavid Howells } 10439875cf80SDavid Howells 104431e6b01fSNick Piggin static int follow_dotdot_rcu(struct nameidata *nd) 104531e6b01fSNick Piggin { 104631e6b01fSNick Piggin struct inode *inode = nd->inode; 104731e6b01fSNick Piggin 104831e6b01fSNick Piggin set_root_rcu(nd); 104931e6b01fSNick Piggin 105031e6b01fSNick Piggin while (1) { 105131e6b01fSNick Piggin if (nd->path.dentry == nd->root.dentry && 105231e6b01fSNick Piggin nd->path.mnt == nd->root.mnt) { 105331e6b01fSNick Piggin break; 105431e6b01fSNick Piggin } 105531e6b01fSNick Piggin if (nd->path.dentry != nd->path.mnt->mnt_root) { 105631e6b01fSNick Piggin struct dentry *old = nd->path.dentry; 105731e6b01fSNick Piggin struct dentry *parent = old->d_parent; 105831e6b01fSNick Piggin unsigned seq; 105931e6b01fSNick Piggin 106031e6b01fSNick Piggin seq = read_seqcount_begin(&parent->d_seq); 106131e6b01fSNick Piggin if (read_seqcount_retry(&old->d_seq, nd->seq)) 1062ef7562d5SAl Viro goto failed; 106331e6b01fSNick Piggin inode = parent->d_inode; 106431e6b01fSNick Piggin nd->path.dentry = parent; 106531e6b01fSNick Piggin nd->seq = seq; 106631e6b01fSNick Piggin break; 106731e6b01fSNick Piggin } 106831e6b01fSNick Piggin if (!follow_up_rcu(&nd->path)) 106931e6b01fSNick Piggin break; 107031e6b01fSNick Piggin nd->seq = read_seqcount_begin(&nd->path.dentry->d_seq); 107131e6b01fSNick Piggin inode = nd->path.dentry->d_inode; 107231e6b01fSNick Piggin } 10739875cf80SDavid Howells __follow_mount_rcu(nd, &nd->path, &inode, true); 107431e6b01fSNick Piggin nd->inode = inode; 107531e6b01fSNick Piggin return 0; 1076ef7562d5SAl Viro 1077ef7562d5SAl Viro failed: 1078ef7562d5SAl Viro nd->flags &= ~LOOKUP_RCU; 1079ef7562d5SAl Viro nd->root.mnt = NULL; 1080ef7562d5SAl Viro rcu_read_unlock(); 1081ef7562d5SAl Viro br_read_unlock(vfsmount_lock); 1082ef7562d5SAl Viro return -ECHILD; 108331e6b01fSNick Piggin } 108431e6b01fSNick Piggin 10859875cf80SDavid Howells /* 1086cc53ce53SDavid Howells * Follow down to the covering mount currently visible to userspace. At each 1087cc53ce53SDavid Howells * point, the filesystem owning that dentry may be queried as to whether the 1088cc53ce53SDavid Howells * caller is permitted to proceed or not. 1089cc53ce53SDavid Howells * 1090cc53ce53SDavid Howells * Care must be taken as namespace_sem may be held (indicated by mounting_here 1091cc53ce53SDavid Howells * being true). 1092cc53ce53SDavid Howells */ 1093cc53ce53SDavid Howells int follow_down(struct path *path, bool mounting_here) 1094cc53ce53SDavid Howells { 1095cc53ce53SDavid Howells unsigned managed; 1096cc53ce53SDavid Howells int ret; 1097cc53ce53SDavid Howells 1098cc53ce53SDavid Howells while (managed = ACCESS_ONCE(path->dentry->d_flags), 1099cc53ce53SDavid Howells unlikely(managed & DCACHE_MANAGED_DENTRY)) { 1100cc53ce53SDavid Howells /* Allow the filesystem to manage the transit without i_mutex 1101cc53ce53SDavid Howells * being held. 1102cc53ce53SDavid Howells * 1103cc53ce53SDavid Howells * We indicate to the filesystem if someone is trying to mount 1104cc53ce53SDavid Howells * something here. This gives autofs the chance to deny anyone 1105cc53ce53SDavid Howells * other than its daemon the right to mount on its 1106cc53ce53SDavid Howells * superstructure. 1107cc53ce53SDavid Howells * 1108cc53ce53SDavid Howells * The filesystem may sleep at this point. 1109cc53ce53SDavid Howells */ 1110cc53ce53SDavid Howells if (managed & DCACHE_MANAGE_TRANSIT) { 1111cc53ce53SDavid Howells BUG_ON(!path->dentry->d_op); 1112cc53ce53SDavid Howells BUG_ON(!path->dentry->d_op->d_manage); 1113ab90911fSDavid Howells ret = path->dentry->d_op->d_manage( 1114ab90911fSDavid Howells path->dentry, mounting_here, false); 1115cc53ce53SDavid Howells if (ret < 0) 1116cc53ce53SDavid Howells return ret == -EISDIR ? 0 : ret; 1117cc53ce53SDavid Howells } 1118cc53ce53SDavid Howells 1119cc53ce53SDavid Howells /* Transit to a mounted filesystem. */ 1120cc53ce53SDavid Howells if (managed & DCACHE_MOUNTED) { 1121cc53ce53SDavid Howells struct vfsmount *mounted = lookup_mnt(path); 1122cc53ce53SDavid Howells if (!mounted) 1123cc53ce53SDavid Howells break; 1124cc53ce53SDavid Howells dput(path->dentry); 1125cc53ce53SDavid Howells mntput(path->mnt); 1126cc53ce53SDavid Howells path->mnt = mounted; 1127cc53ce53SDavid Howells path->dentry = dget(mounted->mnt_root); 1128cc53ce53SDavid Howells continue; 1129cc53ce53SDavid Howells } 1130cc53ce53SDavid Howells 1131cc53ce53SDavid Howells /* Don't handle automount points here */ 1132cc53ce53SDavid Howells break; 1133cc53ce53SDavid Howells } 1134cc53ce53SDavid Howells return 0; 1135cc53ce53SDavid Howells } 1136cc53ce53SDavid Howells 1137cc53ce53SDavid Howells /* 11389875cf80SDavid Howells * Skip to top of mountpoint pile in refwalk mode for follow_dotdot() 11399875cf80SDavid Howells */ 11409875cf80SDavid Howells static void follow_mount(struct path *path) 11419875cf80SDavid Howells { 11429875cf80SDavid Howells while (d_mountpoint(path->dentry)) { 11439875cf80SDavid Howells struct vfsmount *mounted = lookup_mnt(path); 11449875cf80SDavid Howells if (!mounted) 11459875cf80SDavid Howells break; 11469875cf80SDavid Howells dput(path->dentry); 11479875cf80SDavid Howells mntput(path->mnt); 11489875cf80SDavid Howells path->mnt = mounted; 11499875cf80SDavid Howells path->dentry = dget(mounted->mnt_root); 11509875cf80SDavid Howells } 11519875cf80SDavid Howells } 11529875cf80SDavid Howells 115331e6b01fSNick Piggin static void follow_dotdot(struct nameidata *nd) 11541da177e4SLinus Torvalds { 11552a737871SAl Viro set_root(nd); 1156e518ddb7SAndreas Mohr 11571da177e4SLinus Torvalds while(1) { 11584ac91378SJan Blunck struct dentry *old = nd->path.dentry; 11591da177e4SLinus Torvalds 11602a737871SAl Viro if (nd->path.dentry == nd->root.dentry && 11612a737871SAl Viro nd->path.mnt == nd->root.mnt) { 11621da177e4SLinus Torvalds break; 11631da177e4SLinus Torvalds } 11644ac91378SJan Blunck if (nd->path.dentry != nd->path.mnt->mnt_root) { 11653088dd70SAl Viro /* rare case of legitimate dget_parent()... */ 11663088dd70SAl Viro nd->path.dentry = dget_parent(nd->path.dentry); 11671da177e4SLinus Torvalds dput(old); 11681da177e4SLinus Torvalds break; 11691da177e4SLinus Torvalds } 11703088dd70SAl Viro if (!follow_up(&nd->path)) 11711da177e4SLinus Torvalds break; 11721da177e4SLinus Torvalds } 117379ed0226SAl Viro follow_mount(&nd->path); 117431e6b01fSNick Piggin nd->inode = nd->path.dentry->d_inode; 11751da177e4SLinus Torvalds } 11761da177e4SLinus Torvalds 11771da177e4SLinus Torvalds /* 1178baa03890SNick Piggin * Allocate a dentry with name and parent, and perform a parent 1179baa03890SNick Piggin * directory ->lookup on it. Returns the new dentry, or ERR_PTR 1180baa03890SNick Piggin * on error. parent->d_inode->i_mutex must be held. d_lookup must 1181baa03890SNick Piggin * have verified that no child exists while under i_mutex. 1182baa03890SNick Piggin */ 1183baa03890SNick Piggin static struct dentry *d_alloc_and_lookup(struct dentry *parent, 1184baa03890SNick Piggin struct qstr *name, struct nameidata *nd) 1185baa03890SNick Piggin { 1186baa03890SNick Piggin struct inode *inode = parent->d_inode; 1187baa03890SNick Piggin struct dentry *dentry; 1188baa03890SNick Piggin struct dentry *old; 1189baa03890SNick Piggin 1190baa03890SNick Piggin /* Don't create child dentry for a dead directory. */ 1191baa03890SNick Piggin if (unlikely(IS_DEADDIR(inode))) 1192baa03890SNick Piggin return ERR_PTR(-ENOENT); 1193baa03890SNick Piggin 1194baa03890SNick Piggin dentry = d_alloc(parent, name); 1195baa03890SNick Piggin if (unlikely(!dentry)) 1196baa03890SNick Piggin return ERR_PTR(-ENOMEM); 1197baa03890SNick Piggin 1198baa03890SNick Piggin old = inode->i_op->lookup(inode, dentry, nd); 1199baa03890SNick Piggin if (unlikely(old)) { 1200baa03890SNick Piggin dput(dentry); 1201baa03890SNick Piggin dentry = old; 1202baa03890SNick Piggin } 1203baa03890SNick Piggin return dentry; 1204baa03890SNick Piggin } 1205baa03890SNick Piggin 1206baa03890SNick Piggin /* 12071da177e4SLinus Torvalds * It's more convoluted than I'd like it to be, but... it's still fairly 12081da177e4SLinus Torvalds * small and for now I'd prefer to have fast path as straight as possible. 12091da177e4SLinus Torvalds * It _is_ time-critical. 12101da177e4SLinus Torvalds */ 12111da177e4SLinus Torvalds static int do_lookup(struct nameidata *nd, struct qstr *name, 121231e6b01fSNick Piggin struct path *path, struct inode **inode) 12131da177e4SLinus Torvalds { 12144ac91378SJan Blunck struct vfsmount *mnt = nd->path.mnt; 121531e6b01fSNick Piggin struct dentry *dentry, *parent = nd->path.dentry; 12166e6b1bd1SAl Viro struct inode *dir; 12179875cf80SDavid Howells int err; 12189875cf80SDavid Howells 12193cac260aSAl Viro /* 1220b04f784eSNick Piggin * Rename seqlock is not required here because in the off chance 1221b04f784eSNick Piggin * of a false negative due to a concurrent rename, we're going to 1222b04f784eSNick Piggin * do the non-racy lookup, below. 1223b04f784eSNick Piggin */ 122431e6b01fSNick Piggin if (nd->flags & LOOKUP_RCU) { 122531e6b01fSNick Piggin unsigned seq; 122631e6b01fSNick Piggin 122731e6b01fSNick Piggin *inode = nd->inode; 122831e6b01fSNick Piggin dentry = __d_lookup_rcu(parent, name, &seq, inode); 122931e6b01fSNick Piggin if (!dentry) { 123031e6b01fSNick Piggin if (nameidata_drop_rcu(nd)) 123131e6b01fSNick Piggin return -ECHILD; 123231e6b01fSNick Piggin goto need_lookup; 123331e6b01fSNick Piggin } 123431e6b01fSNick Piggin /* Memory barrier in read_seqcount_begin of child is enough */ 123531e6b01fSNick Piggin if (__read_seqcount_retry(&parent->d_seq, nd->seq)) 123631e6b01fSNick Piggin return -ECHILD; 123731e6b01fSNick Piggin 123831e6b01fSNick Piggin nd->seq = seq; 123924643087SAl Viro if (unlikely(dentry->d_flags & DCACHE_OP_REVALIDATE)) { 1240f5e1c1c1SAl Viro dentry = do_revalidate_rcu(dentry, nd); 124124643087SAl Viro if (!dentry) 124224643087SAl Viro goto need_lookup; 124324643087SAl Viro if (IS_ERR(dentry)) 124424643087SAl Viro goto fail; 124524643087SAl Viro if (!(nd->flags & LOOKUP_RCU)) 124624643087SAl Viro goto done; 124724643087SAl Viro } 124831e6b01fSNick Piggin path->mnt = mnt; 124931e6b01fSNick Piggin path->dentry = dentry; 12509875cf80SDavid Howells if (likely(__follow_mount_rcu(nd, path, inode, false))) 12519875cf80SDavid Howells return 0; 12529875cf80SDavid Howells if (nameidata_drop_rcu(nd)) 12539875cf80SDavid Howells return -ECHILD; 12549875cf80SDavid Howells /* fallthru */ 12559875cf80SDavid Howells } 125631e6b01fSNick Piggin dentry = __d_lookup(parent, name); 12571da177e4SLinus Torvalds if (!dentry) 12581da177e4SLinus Torvalds goto need_lookup; 12592e2e88eaSNick Piggin found: 126024643087SAl Viro if (unlikely(dentry->d_flags & DCACHE_OP_REVALIDATE)) { 126124643087SAl Viro dentry = do_revalidate(dentry, nd); 126224643087SAl Viro if (!dentry) 126324643087SAl Viro goto need_lookup; 126424643087SAl Viro if (IS_ERR(dentry)) 126524643087SAl Viro goto fail; 126624643087SAl Viro } 12671da177e4SLinus Torvalds done: 12681da177e4SLinus Torvalds path->mnt = mnt; 12691da177e4SLinus Torvalds path->dentry = dentry; 12709875cf80SDavid Howells err = follow_managed(path, nd->flags); 127189312214SIan Kent if (unlikely(err < 0)) { 127289312214SIan Kent path_put_conditional(path, nd); 12739875cf80SDavid Howells return err; 127489312214SIan Kent } 127531e6b01fSNick Piggin *inode = path->dentry->d_inode; 12761da177e4SLinus Torvalds return 0; 12771da177e4SLinus Torvalds 12781da177e4SLinus Torvalds need_lookup: 12796e6b1bd1SAl Viro dir = parent->d_inode; 128031e6b01fSNick Piggin BUG_ON(nd->inode != dir); 12816e6b1bd1SAl Viro 12826e6b1bd1SAl Viro mutex_lock(&dir->i_mutex); 12836e6b1bd1SAl Viro /* 12846e6b1bd1SAl Viro * First re-do the cached lookup just in case it was created 1285b04f784eSNick Piggin * while we waited for the directory semaphore, or the first 1286b04f784eSNick Piggin * lookup failed due to an unrelated rename. 12876e6b1bd1SAl Viro * 1288b04f784eSNick Piggin * This could use version numbering or similar to avoid unnecessary 1289b04f784eSNick Piggin * cache lookups, but then we'd have to do the first lookup in the 1290b04f784eSNick Piggin * non-racy way. However in the common case here, everything should 1291b04f784eSNick Piggin * be hot in cache, so would it be a big win? 12926e6b1bd1SAl Viro */ 12936e6b1bd1SAl Viro dentry = d_lookup(parent, name); 1294baa03890SNick Piggin if (likely(!dentry)) { 1295baa03890SNick Piggin dentry = d_alloc_and_lookup(parent, name, nd); 12966e6b1bd1SAl Viro mutex_unlock(&dir->i_mutex); 12976e6b1bd1SAl Viro if (IS_ERR(dentry)) 12986e6b1bd1SAl Viro goto fail; 12996e6b1bd1SAl Viro goto done; 13006e6b1bd1SAl Viro } 13016e6b1bd1SAl Viro /* 13026e6b1bd1SAl Viro * Uhhuh! Nasty case: the cache was re-populated while 13036e6b1bd1SAl Viro * we waited on the semaphore. Need to revalidate. 13046e6b1bd1SAl Viro */ 13056e6b1bd1SAl Viro mutex_unlock(&dir->i_mutex); 13062e2e88eaSNick Piggin goto found; 13071da177e4SLinus Torvalds 13081da177e4SLinus Torvalds fail: 13091da177e4SLinus Torvalds return PTR_ERR(dentry); 13101da177e4SLinus Torvalds } 13111da177e4SLinus Torvalds 131252094c8aSAl Viro static inline int may_lookup(struct nameidata *nd) 131352094c8aSAl Viro { 131452094c8aSAl Viro if (nd->flags & LOOKUP_RCU) { 131552094c8aSAl Viro int err = exec_permission(nd->inode, IPERM_FLAG_RCU); 131652094c8aSAl Viro if (err != -ECHILD) 131752094c8aSAl Viro return err; 131852094c8aSAl Viro if (nameidata_drop_rcu(nd)) 131952094c8aSAl Viro return -ECHILD; 132052094c8aSAl Viro } 132152094c8aSAl Viro return exec_permission(nd->inode, 0); 132252094c8aSAl Viro } 132352094c8aSAl Viro 13249856fa1bSAl Viro static inline int handle_dots(struct nameidata *nd, int type) 13259856fa1bSAl Viro { 13269856fa1bSAl Viro if (type == LAST_DOTDOT) { 13279856fa1bSAl Viro if (nd->flags & LOOKUP_RCU) { 13289856fa1bSAl Viro if (follow_dotdot_rcu(nd)) 13299856fa1bSAl Viro return -ECHILD; 13309856fa1bSAl Viro } else 13319856fa1bSAl Viro follow_dotdot(nd); 13329856fa1bSAl Viro } 13339856fa1bSAl Viro return 0; 13349856fa1bSAl Viro } 13359856fa1bSAl Viro 1336951361f9SAl Viro static void terminate_walk(struct nameidata *nd) 1337951361f9SAl Viro { 1338951361f9SAl Viro if (!(nd->flags & LOOKUP_RCU)) { 1339951361f9SAl Viro path_put(&nd->path); 1340951361f9SAl Viro } else { 1341951361f9SAl Viro nd->flags &= ~LOOKUP_RCU; 1342951361f9SAl Viro nd->root.mnt = NULL; 1343951361f9SAl Viro rcu_read_unlock(); 1344951361f9SAl Viro br_read_unlock(vfsmount_lock); 1345951361f9SAl Viro } 1346951361f9SAl Viro } 1347951361f9SAl Viro 13481da177e4SLinus Torvalds /* 13491da177e4SLinus Torvalds * Name resolution. 1350ea3834d9SPrasanna Meda * This is the basic name resolution function, turning a pathname into 1351ea3834d9SPrasanna Meda * the final dentry. We expect 'base' to be positive and a directory. 13521da177e4SLinus Torvalds * 1353ea3834d9SPrasanna Meda * Returns 0 and nd will have valid dentry and mnt on success. 1354ea3834d9SPrasanna Meda * Returns error and drops reference to input namei data on failure. 13551da177e4SLinus Torvalds */ 13566de88d72SAl Viro static int link_path_walk(const char *name, struct nameidata *nd) 13571da177e4SLinus Torvalds { 13581da177e4SLinus Torvalds struct path next; 13591da177e4SLinus Torvalds int err; 13601da177e4SLinus Torvalds unsigned int lookup_flags = nd->flags; 13611da177e4SLinus Torvalds 13621da177e4SLinus Torvalds while (*name=='/') 13631da177e4SLinus Torvalds name++; 13641da177e4SLinus Torvalds if (!*name) 1365086e183aSAl Viro return 0; 13661da177e4SLinus Torvalds 13671da177e4SLinus Torvalds if (nd->depth) 1368f55eab82STrond Myklebust lookup_flags = LOOKUP_FOLLOW | (nd->flags & LOOKUP_CONTINUE); 13691da177e4SLinus Torvalds 13701da177e4SLinus Torvalds /* At this point we know we have a real path component. */ 13711da177e4SLinus Torvalds for(;;) { 137231e6b01fSNick Piggin struct inode *inode; 13731da177e4SLinus Torvalds unsigned long hash; 13741da177e4SLinus Torvalds struct qstr this; 13751da177e4SLinus Torvalds unsigned int c; 1376fe479a58SAl Viro int type; 13771da177e4SLinus Torvalds 1378cdce5d6bSTrond Myklebust nd->flags |= LOOKUP_CONTINUE; 137952094c8aSAl Viro 138052094c8aSAl Viro err = may_lookup(nd); 13811da177e4SLinus Torvalds if (err) 13821da177e4SLinus Torvalds break; 13831da177e4SLinus Torvalds 13841da177e4SLinus Torvalds this.name = name; 13851da177e4SLinus Torvalds c = *(const unsigned char *)name; 13861da177e4SLinus Torvalds 13871da177e4SLinus Torvalds hash = init_name_hash(); 13881da177e4SLinus Torvalds do { 13891da177e4SLinus Torvalds name++; 13901da177e4SLinus Torvalds hash = partial_name_hash(c, hash); 13911da177e4SLinus Torvalds c = *(const unsigned char *)name; 13921da177e4SLinus Torvalds } while (c && (c != '/')); 13931da177e4SLinus Torvalds this.len = name - (const char *) this.name; 13941da177e4SLinus Torvalds this.hash = end_name_hash(hash); 13951da177e4SLinus Torvalds 1396fe479a58SAl Viro type = LAST_NORM; 1397fe479a58SAl Viro if (this.name[0] == '.') switch (this.len) { 1398fe479a58SAl Viro case 2: 139916c2cd71SAl Viro if (this.name[1] == '.') { 1400fe479a58SAl Viro type = LAST_DOTDOT; 140116c2cd71SAl Viro nd->flags |= LOOKUP_JUMPED; 140216c2cd71SAl Viro } 1403fe479a58SAl Viro break; 1404fe479a58SAl Viro case 1: 1405fe479a58SAl Viro type = LAST_DOT; 1406fe479a58SAl Viro } 14075a202bcdSAl Viro if (likely(type == LAST_NORM)) { 14085a202bcdSAl Viro struct dentry *parent = nd->path.dentry; 140916c2cd71SAl Viro nd->flags &= ~LOOKUP_JUMPED; 14105a202bcdSAl Viro if (unlikely(parent->d_flags & DCACHE_OP_HASH)) { 14115a202bcdSAl Viro err = parent->d_op->d_hash(parent, nd->inode, 14125a202bcdSAl Viro &this); 14135a202bcdSAl Viro if (err < 0) 14145a202bcdSAl Viro break; 14155a202bcdSAl Viro } 14165a202bcdSAl Viro } 1417fe479a58SAl Viro 14181da177e4SLinus Torvalds /* remove trailing slashes? */ 14191da177e4SLinus Torvalds if (!c) 14201da177e4SLinus Torvalds goto last_component; 14211da177e4SLinus Torvalds while (*++name == '/'); 14221da177e4SLinus Torvalds if (!*name) 14231da177e4SLinus Torvalds goto last_with_slashes; 14241da177e4SLinus Torvalds 14251da177e4SLinus Torvalds /* 14261da177e4SLinus Torvalds * "." and ".." are special - ".." especially so because it has 14271da177e4SLinus Torvalds * to be able to know about the current root directory and 14281da177e4SLinus Torvalds * parent relationships. 14291da177e4SLinus Torvalds */ 1430fe479a58SAl Viro if (unlikely(type != LAST_NORM)) { 1431ef7562d5SAl Viro if (handle_dots(nd, type)) 1432ef7562d5SAl Viro return -ECHILD; 14331da177e4SLinus Torvalds continue; 14341da177e4SLinus Torvalds } 1435fe479a58SAl Viro 14361da177e4SLinus Torvalds /* This does the actual lookups.. */ 143731e6b01fSNick Piggin err = do_lookup(nd, &this, &next, &inode); 14381da177e4SLinus Torvalds if (err) 14391da177e4SLinus Torvalds break; 14401da177e4SLinus Torvalds 14417bc055d1SAl Viro if (inode && inode->i_op->follow_link) { 14423abb17e8SLinus Torvalds err = do_follow_link(inode, &next, nd); 14431da177e4SLinus Torvalds if (err) 1444a7472babSAl Viro return err; 144531e6b01fSNick Piggin nd->inode = nd->path.dentry->d_inode; 144631e6b01fSNick Piggin } else { 144709dd17d3SMiklos Szeredi path_to_nameidata(&next, nd); 144831e6b01fSNick Piggin nd->inode = inode; 144931e6b01fSNick Piggin } 14507bc055d1SAl Viro err = -ENOENT; 14517bc055d1SAl Viro if (!nd->inode) 14527bc055d1SAl Viro break; 14531da177e4SLinus Torvalds err = -ENOTDIR; 145431e6b01fSNick Piggin if (!nd->inode->i_op->lookup) 14551da177e4SLinus Torvalds break; 14561da177e4SLinus Torvalds continue; 14571da177e4SLinus Torvalds /* here ends the main loop */ 14581da177e4SLinus Torvalds 14591da177e4SLinus Torvalds last_with_slashes: 14601da177e4SLinus Torvalds lookup_flags |= LOOKUP_FOLLOW | LOOKUP_DIRECTORY; 14611da177e4SLinus Torvalds last_component: 1462f55eab82STrond Myklebust /* Clear LOOKUP_CONTINUE iff it was previously unset */ 1463f55eab82STrond Myklebust nd->flags &= lookup_flags | ~LOOKUP_CONTINUE; 14641da177e4SLinus Torvalds if (lookup_flags & LOOKUP_PARENT) 14651da177e4SLinus Torvalds goto lookup_parent; 1466ef7562d5SAl Viro if (unlikely(type != LAST_NORM)) 1467ef7562d5SAl Viro return handle_dots(nd, type); 146831e6b01fSNick Piggin err = do_lookup(nd, &this, &next, &inode); 14691da177e4SLinus Torvalds if (err) 14701da177e4SLinus Torvalds break; 1471db372915SDavid Howells if (inode && unlikely(inode->i_op->follow_link) && 1472db372915SDavid Howells (lookup_flags & LOOKUP_FOLLOW)) { 14733abb17e8SLinus Torvalds err = do_follow_link(inode, &next, nd); 14741da177e4SLinus Torvalds if (err) 1475a7472babSAl Viro return err; 147631e6b01fSNick Piggin nd->inode = nd->path.dentry->d_inode; 147731e6b01fSNick Piggin } else { 147809dd17d3SMiklos Szeredi path_to_nameidata(&next, nd); 147931e6b01fSNick Piggin nd->inode = inode; 148031e6b01fSNick Piggin } 14811da177e4SLinus Torvalds err = -ENOENT; 148231e6b01fSNick Piggin if (!nd->inode) 14831da177e4SLinus Torvalds break; 14841da177e4SLinus Torvalds if (lookup_flags & LOOKUP_DIRECTORY) { 14851da177e4SLinus Torvalds err = -ENOTDIR; 148631e6b01fSNick Piggin if (!nd->inode->i_op->lookup) 14871da177e4SLinus Torvalds break; 14881da177e4SLinus Torvalds } 1489086e183aSAl Viro return 0; 14901da177e4SLinus Torvalds lookup_parent: 14911da177e4SLinus Torvalds nd->last = this; 1492fe479a58SAl Viro nd->last_type = type; 14931da177e4SLinus Torvalds return 0; 14941da177e4SLinus Torvalds } 1495951361f9SAl Viro terminate_walk(nd); 14961da177e4SLinus Torvalds return err; 14971da177e4SLinus Torvalds } 14981da177e4SLinus Torvalds 149970e9b357SAl Viro static int path_init(int dfd, const char *name, unsigned int flags, 150070e9b357SAl Viro struct nameidata *nd, struct file **fp) 150131e6b01fSNick Piggin { 150231e6b01fSNick Piggin int retval = 0; 150331e6b01fSNick Piggin int fput_needed; 150431e6b01fSNick Piggin struct file *file; 150531e6b01fSNick Piggin 150631e6b01fSNick Piggin nd->last_type = LAST_ROOT; /* if there are only slashes... */ 150716c2cd71SAl Viro nd->flags = flags | LOOKUP_JUMPED; 150831e6b01fSNick Piggin nd->depth = 0; 150931e6b01fSNick Piggin nd->root.mnt = NULL; 151031e6b01fSNick Piggin 151131e6b01fSNick Piggin if (*name=='/') { 1512e41f7d4eSAl Viro if (flags & LOOKUP_RCU) { 151331e6b01fSNick Piggin br_read_lock(vfsmount_lock); 151431e6b01fSNick Piggin rcu_read_lock(); 1515e41f7d4eSAl Viro set_root_rcu(nd); 1516e41f7d4eSAl Viro } else { 1517e41f7d4eSAl Viro set_root(nd); 1518e41f7d4eSAl Viro path_get(&nd->root); 1519e41f7d4eSAl Viro } 152031e6b01fSNick Piggin nd->path = nd->root; 152131e6b01fSNick Piggin } else if (dfd == AT_FDCWD) { 1522e41f7d4eSAl Viro if (flags & LOOKUP_RCU) { 152331e6b01fSNick Piggin struct fs_struct *fs = current->fs; 1524c28cc364SNick Piggin unsigned seq; 152531e6b01fSNick Piggin 152631e6b01fSNick Piggin br_read_lock(vfsmount_lock); 152731e6b01fSNick Piggin rcu_read_lock(); 152831e6b01fSNick Piggin 1529c28cc364SNick Piggin do { 1530c28cc364SNick Piggin seq = read_seqcount_begin(&fs->seq); 153131e6b01fSNick Piggin nd->path = fs->pwd; 1532c28cc364SNick Piggin nd->seq = __read_seqcount_begin(&nd->path.dentry->d_seq); 1533c28cc364SNick Piggin } while (read_seqcount_retry(&fs->seq, seq)); 1534e41f7d4eSAl Viro } else { 1535e41f7d4eSAl Viro get_fs_pwd(current->fs, &nd->path); 1536e41f7d4eSAl Viro } 153731e6b01fSNick Piggin } else { 153831e6b01fSNick Piggin struct dentry *dentry; 153931e6b01fSNick Piggin 154031e6b01fSNick Piggin file = fget_light(dfd, &fput_needed); 154131e6b01fSNick Piggin retval = -EBADF; 154231e6b01fSNick Piggin if (!file) 154331e6b01fSNick Piggin goto out_fail; 154431e6b01fSNick Piggin 154531e6b01fSNick Piggin dentry = file->f_path.dentry; 154631e6b01fSNick Piggin 154731e6b01fSNick Piggin retval = -ENOTDIR; 154831e6b01fSNick Piggin if (!S_ISDIR(dentry->d_inode->i_mode)) 154931e6b01fSNick Piggin goto fput_fail; 155031e6b01fSNick Piggin 155131e6b01fSNick Piggin retval = file_permission(file, MAY_EXEC); 155231e6b01fSNick Piggin if (retval) 155331e6b01fSNick Piggin goto fput_fail; 155431e6b01fSNick Piggin 155531e6b01fSNick Piggin nd->path = file->f_path; 1556e41f7d4eSAl Viro if (flags & LOOKUP_RCU) { 155731e6b01fSNick Piggin if (fput_needed) 155870e9b357SAl Viro *fp = file; 1559c28cc364SNick Piggin nd->seq = __read_seqcount_begin(&nd->path.dentry->d_seq); 156031e6b01fSNick Piggin br_read_lock(vfsmount_lock); 156131e6b01fSNick Piggin rcu_read_lock(); 15625590ff0dSUlrich Drepper } else { 15635dd784d0SJan Blunck path_get(&file->f_path); 15645590ff0dSUlrich Drepper fput_light(file, fput_needed); 15651da177e4SLinus Torvalds } 1566e41f7d4eSAl Viro } 1567e41f7d4eSAl Viro 156831e6b01fSNick Piggin nd->inode = nd->path.dentry->d_inode; 15699b4a9b14SAl Viro return 0; 15702dfdd266SJosef 'Jeff' Sipek 15719b4a9b14SAl Viro fput_fail: 15729b4a9b14SAl Viro fput_light(file, fput_needed); 15739b4a9b14SAl Viro out_fail: 15749b4a9b14SAl Viro return retval; 15759b4a9b14SAl Viro } 15769b4a9b14SAl Viro 15779b4a9b14SAl Viro /* Returns 0 and nd will be valid on success; Retuns error, otherwise. */ 1578ee0827cdSAl Viro static int path_lookupat(int dfd, const char *name, 15799b4a9b14SAl Viro unsigned int flags, struct nameidata *nd) 15809b4a9b14SAl Viro { 158170e9b357SAl Viro struct file *base = NULL; 158231e6b01fSNick Piggin int retval; 158331e6b01fSNick Piggin 158431e6b01fSNick Piggin /* 158531e6b01fSNick Piggin * Path walking is largely split up into 2 different synchronisation 158631e6b01fSNick Piggin * schemes, rcu-walk and ref-walk (explained in 158731e6b01fSNick Piggin * Documentation/filesystems/path-lookup.txt). These share much of the 158831e6b01fSNick Piggin * path walk code, but some things particularly setup, cleanup, and 158931e6b01fSNick Piggin * following mounts are sufficiently divergent that functions are 159031e6b01fSNick Piggin * duplicated. Typically there is a function foo(), and its RCU 159131e6b01fSNick Piggin * analogue, foo_rcu(). 159231e6b01fSNick Piggin * 159331e6b01fSNick Piggin * -ECHILD is the error number of choice (just to avoid clashes) that 159431e6b01fSNick Piggin * is returned if some aspect of an rcu-walk fails. Such an error must 159531e6b01fSNick Piggin * be handled by restarting a traditional ref-walk (which will always 159631e6b01fSNick Piggin * be able to complete). 159731e6b01fSNick Piggin */ 159870e9b357SAl Viro retval = path_init(dfd, name, flags, nd, &base); 1599ee0827cdSAl Viro 160031e6b01fSNick Piggin if (unlikely(retval)) 160131e6b01fSNick Piggin return retval; 1602ee0827cdSAl Viro 1603ee0827cdSAl Viro current->total_link_count = 0; 1604ee0827cdSAl Viro retval = link_path_walk(name, nd); 1605ee0827cdSAl Viro 1606ee0827cdSAl Viro if (nd->flags & LOOKUP_RCU) { 16074455ca62SAl Viro /* went all way through without dropping RCU */ 16084455ca62SAl Viro BUG_ON(retval); 1609086e183aSAl Viro if (nameidata_drop_rcu_last(nd)) 1610086e183aSAl Viro retval = -ECHILD; 1611086e183aSAl Viro } 161231e6b01fSNick Piggin 161316c2cd71SAl Viro if (!retval) 161416c2cd71SAl Viro retval = handle_reval_path(nd); 161516c2cd71SAl Viro 161670e9b357SAl Viro if (base) 161770e9b357SAl Viro fput(base); 1618ee0827cdSAl Viro 161931e6b01fSNick Piggin if (nd->root.mnt) { 162031e6b01fSNick Piggin path_put(&nd->root); 162131e6b01fSNick Piggin nd->root.mnt = NULL; 162231e6b01fSNick Piggin } 1623ee0827cdSAl Viro return retval; 162431e6b01fSNick Piggin } 162531e6b01fSNick Piggin 1626ee0827cdSAl Viro static int do_path_lookup(int dfd, const char *name, 1627ee0827cdSAl Viro unsigned int flags, struct nameidata *nd) 1628ee0827cdSAl Viro { 1629ee0827cdSAl Viro int retval = path_lookupat(dfd, name, flags | LOOKUP_RCU, nd); 1630ee0827cdSAl Viro if (unlikely(retval == -ECHILD)) 1631ee0827cdSAl Viro retval = path_lookupat(dfd, name, flags, nd); 1632ee0827cdSAl Viro if (unlikely(retval == -ESTALE)) 1633ee0827cdSAl Viro retval = path_lookupat(dfd, name, flags | LOOKUP_REVAL, nd); 1634ee0827cdSAl Viro 163531e6b01fSNick Piggin if (likely(!retval)) { 163631e6b01fSNick Piggin if (unlikely(!audit_dummy_context())) { 163731e6b01fSNick Piggin if (nd->path.dentry && nd->inode) 163831e6b01fSNick Piggin audit_inode(name, nd->path.dentry); 163931e6b01fSNick Piggin } 164031e6b01fSNick Piggin } 1641170aa3d0SUlrich Drepper return retval; 16421da177e4SLinus Torvalds } 16431da177e4SLinus Torvalds 1644c9c6cac0SAl Viro int kern_path_parent(const char *name, struct nameidata *nd) 16455590ff0dSUlrich Drepper { 1646c9c6cac0SAl Viro return do_path_lookup(AT_FDCWD, name, LOOKUP_PARENT, nd); 16475590ff0dSUlrich Drepper } 16485590ff0dSUlrich Drepper 1649d1811465SAl Viro int kern_path(const char *name, unsigned int flags, struct path *path) 1650d1811465SAl Viro { 1651d1811465SAl Viro struct nameidata nd; 1652d1811465SAl Viro int res = do_path_lookup(AT_FDCWD, name, flags, &nd); 1653d1811465SAl Viro if (!res) 1654d1811465SAl Viro *path = nd.path; 1655d1811465SAl Viro return res; 1656d1811465SAl Viro } 1657d1811465SAl Viro 165816f18200SJosef 'Jeff' Sipek /** 165916f18200SJosef 'Jeff' Sipek * vfs_path_lookup - lookup a file path relative to a dentry-vfsmount pair 166016f18200SJosef 'Jeff' Sipek * @dentry: pointer to dentry of the base directory 166116f18200SJosef 'Jeff' Sipek * @mnt: pointer to vfs mount of the base directory 166216f18200SJosef 'Jeff' Sipek * @name: pointer to file name 166316f18200SJosef 'Jeff' Sipek * @flags: lookup flags 166416f18200SJosef 'Jeff' Sipek * @nd: pointer to nameidata 166516f18200SJosef 'Jeff' Sipek */ 166616f18200SJosef 'Jeff' Sipek int vfs_path_lookup(struct dentry *dentry, struct vfsmount *mnt, 166716f18200SJosef 'Jeff' Sipek const char *name, unsigned int flags, 166816f18200SJosef 'Jeff' Sipek struct nameidata *nd) 166916f18200SJosef 'Jeff' Sipek { 1670ee0827cdSAl Viro int result; 167116f18200SJosef 'Jeff' Sipek 167216f18200SJosef 'Jeff' Sipek /* same as do_path_lookup */ 167316f18200SJosef 'Jeff' Sipek nd->last_type = LAST_ROOT; 167416c2cd71SAl Viro nd->flags = flags | LOOKUP_JUMPED; 167516f18200SJosef 'Jeff' Sipek nd->depth = 0; 167616f18200SJosef 'Jeff' Sipek 1677c8e7f449SJan Blunck nd->path.dentry = dentry; 1678c8e7f449SJan Blunck nd->path.mnt = mnt; 1679c8e7f449SJan Blunck path_get(&nd->path); 16805b857119SAl Viro nd->root = nd->path; 16815b857119SAl Viro path_get(&nd->root); 168231e6b01fSNick Piggin nd->inode = nd->path.dentry->d_inode; 168316f18200SJosef 'Jeff' Sipek 1684ee0827cdSAl Viro current->total_link_count = 0; 1685ee0827cdSAl Viro 1686ee0827cdSAl Viro result = link_path_walk(name, nd); 168716c2cd71SAl Viro if (!result) 168816c2cd71SAl Viro result = handle_reval_path(nd); 1689ee0827cdSAl Viro if (result == -ESTALE) { 1690ee0827cdSAl Viro /* nd->path had been dropped */ 1691ee0827cdSAl Viro current->total_link_count = 0; 1692ee0827cdSAl Viro nd->path.dentry = dentry; 1693ee0827cdSAl Viro nd->path.mnt = mnt; 1694ee0827cdSAl Viro nd->inode = dentry->d_inode; 1695ee0827cdSAl Viro path_get(&nd->path); 169616c2cd71SAl Viro nd->flags = flags | LOOKUP_JUMPED | LOOKUP_REVAL; 169716c2cd71SAl Viro 1698ee0827cdSAl Viro result = link_path_walk(name, nd); 169916c2cd71SAl Viro if (!result) 170016c2cd71SAl Viro result = handle_reval_path(nd); 1701ee0827cdSAl Viro } 1702ee0827cdSAl Viro if (unlikely(!result && !audit_dummy_context() && nd->path.dentry && 170331e6b01fSNick Piggin nd->inode)) 17044ac91378SJan Blunck audit_inode(name, nd->path.dentry); 170516f18200SJosef 'Jeff' Sipek 17062a737871SAl Viro path_put(&nd->root); 17072a737871SAl Viro nd->root.mnt = NULL; 170816f18200SJosef 'Jeff' Sipek 1709ee0827cdSAl Viro return result; 171016f18200SJosef 'Jeff' Sipek } 171116f18200SJosef 'Jeff' Sipek 1712eead1911SChristoph Hellwig static struct dentry *__lookup_hash(struct qstr *name, 1713eead1911SChristoph Hellwig struct dentry *base, struct nameidata *nd) 17141da177e4SLinus Torvalds { 171581fca444SChristoph Hellwig struct inode *inode = base->d_inode; 17161da177e4SLinus Torvalds struct dentry *dentry; 17171da177e4SLinus Torvalds int err; 17181da177e4SLinus Torvalds 1719b74c79e9SNick Piggin err = exec_permission(inode, 0); 172081fca444SChristoph Hellwig if (err) 172181fca444SChristoph Hellwig return ERR_PTR(err); 17221da177e4SLinus Torvalds 17231da177e4SLinus Torvalds /* 1724b04f784eSNick Piggin * Don't bother with __d_lookup: callers are for creat as 1725b04f784eSNick Piggin * well as unlink, so a lot of the time it would cost 1726b04f784eSNick Piggin * a double lookup. 17276e6b1bd1SAl Viro */ 17286e6b1bd1SAl Viro dentry = d_lookup(base, name); 17296e6b1bd1SAl Viro 1730fb045adbSNick Piggin if (dentry && (dentry->d_flags & DCACHE_OP_REVALIDATE)) 17316e6b1bd1SAl Viro dentry = do_revalidate(dentry, nd); 17326e6b1bd1SAl Viro 17331da177e4SLinus Torvalds if (!dentry) 1734baa03890SNick Piggin dentry = d_alloc_and_lookup(base, name, nd); 17355a202bcdSAl Viro 17361da177e4SLinus Torvalds return dentry; 17371da177e4SLinus Torvalds } 17381da177e4SLinus Torvalds 1739057f6c01SJames Morris /* 1740057f6c01SJames Morris * Restricted form of lookup. Doesn't follow links, single-component only, 1741057f6c01SJames Morris * needs parent already locked. Doesn't follow mounts. 1742057f6c01SJames Morris * SMP-safe. 1743057f6c01SJames Morris */ 1744a244e169SAdrian Bunk static struct dentry *lookup_hash(struct nameidata *nd) 17451da177e4SLinus Torvalds { 17464ac91378SJan Blunck return __lookup_hash(&nd->last, nd->path.dentry, nd); 17471da177e4SLinus Torvalds } 17481da177e4SLinus Torvalds 1749eead1911SChristoph Hellwig /** 1750a6b91919SRandy Dunlap * lookup_one_len - filesystem helper to lookup single pathname component 1751eead1911SChristoph Hellwig * @name: pathname component to lookup 1752eead1911SChristoph Hellwig * @base: base directory to lookup from 1753eead1911SChristoph Hellwig * @len: maximum length @len should be interpreted to 1754eead1911SChristoph Hellwig * 1755a6b91919SRandy Dunlap * Note that this routine is purely a helper for filesystem usage and should 1756a6b91919SRandy Dunlap * not be called by generic code. Also note that by using this function the 1757eead1911SChristoph Hellwig * nameidata argument is passed to the filesystem methods and a filesystem 1758eead1911SChristoph Hellwig * using this helper needs to be prepared for that. 1759eead1911SChristoph Hellwig */ 1760057f6c01SJames Morris struct dentry *lookup_one_len(const char *name, struct dentry *base, int len) 1761057f6c01SJames Morris { 1762057f6c01SJames Morris struct qstr this; 17636a96ba54SAl Viro unsigned long hash; 17646a96ba54SAl Viro unsigned int c; 1765057f6c01SJames Morris 17662f9092e1SDavid Woodhouse WARN_ON_ONCE(!mutex_is_locked(&base->d_inode->i_mutex)); 17672f9092e1SDavid Woodhouse 17686a96ba54SAl Viro this.name = name; 17696a96ba54SAl Viro this.len = len; 17706a96ba54SAl Viro if (!len) 17716a96ba54SAl Viro return ERR_PTR(-EACCES); 17726a96ba54SAl Viro 17736a96ba54SAl Viro hash = init_name_hash(); 17746a96ba54SAl Viro while (len--) { 17756a96ba54SAl Viro c = *(const unsigned char *)name++; 17766a96ba54SAl Viro if (c == '/' || c == '\0') 17776a96ba54SAl Viro return ERR_PTR(-EACCES); 17786a96ba54SAl Viro hash = partial_name_hash(c, hash); 17796a96ba54SAl Viro } 17806a96ba54SAl Viro this.hash = end_name_hash(hash); 17815a202bcdSAl Viro /* 17825a202bcdSAl Viro * See if the low-level filesystem might want 17835a202bcdSAl Viro * to use its own hash.. 17845a202bcdSAl Viro */ 17855a202bcdSAl Viro if (base->d_flags & DCACHE_OP_HASH) { 17865a202bcdSAl Viro int err = base->d_op->d_hash(base, base->d_inode, &this); 17875a202bcdSAl Viro if (err < 0) 17885a202bcdSAl Viro return ERR_PTR(err); 17895a202bcdSAl Viro } 1790eead1911SChristoph Hellwig 179149705b77SChristoph Hellwig return __lookup_hash(&this, base, NULL); 1792057f6c01SJames Morris } 1793057f6c01SJames Morris 17942d8f3038SAl Viro int user_path_at(int dfd, const char __user *name, unsigned flags, 17952d8f3038SAl Viro struct path *path) 17961da177e4SLinus Torvalds { 17972d8f3038SAl Viro struct nameidata nd; 17981da177e4SLinus Torvalds char *tmp = getname(name); 17991da177e4SLinus Torvalds int err = PTR_ERR(tmp); 18001da177e4SLinus Torvalds if (!IS_ERR(tmp)) { 18012d8f3038SAl Viro 18022d8f3038SAl Viro BUG_ON(flags & LOOKUP_PARENT); 18032d8f3038SAl Viro 18042d8f3038SAl Viro err = do_path_lookup(dfd, tmp, flags, &nd); 18051da177e4SLinus Torvalds putname(tmp); 18062d8f3038SAl Viro if (!err) 18072d8f3038SAl Viro *path = nd.path; 18081da177e4SLinus Torvalds } 18091da177e4SLinus Torvalds return err; 18101da177e4SLinus Torvalds } 18111da177e4SLinus Torvalds 18122ad94ae6SAl Viro static int user_path_parent(int dfd, const char __user *path, 18132ad94ae6SAl Viro struct nameidata *nd, char **name) 18142ad94ae6SAl Viro { 18152ad94ae6SAl Viro char *s = getname(path); 18162ad94ae6SAl Viro int error; 18172ad94ae6SAl Viro 18182ad94ae6SAl Viro if (IS_ERR(s)) 18192ad94ae6SAl Viro return PTR_ERR(s); 18202ad94ae6SAl Viro 18212ad94ae6SAl Viro error = do_path_lookup(dfd, s, LOOKUP_PARENT, nd); 18222ad94ae6SAl Viro if (error) 18232ad94ae6SAl Viro putname(s); 18242ad94ae6SAl Viro else 18252ad94ae6SAl Viro *name = s; 18262ad94ae6SAl Viro 18272ad94ae6SAl Viro return error; 18282ad94ae6SAl Viro } 18292ad94ae6SAl Viro 18301da177e4SLinus Torvalds /* 18311da177e4SLinus Torvalds * It's inline, so penalty for filesystems that don't use sticky bit is 18321da177e4SLinus Torvalds * minimal. 18331da177e4SLinus Torvalds */ 18341da177e4SLinus Torvalds static inline int check_sticky(struct inode *dir, struct inode *inode) 18351da177e4SLinus Torvalds { 1836da9592edSDavid Howells uid_t fsuid = current_fsuid(); 1837da9592edSDavid Howells 18381da177e4SLinus Torvalds if (!(dir->i_mode & S_ISVTX)) 18391da177e4SLinus Torvalds return 0; 1840da9592edSDavid Howells if (inode->i_uid == fsuid) 18411da177e4SLinus Torvalds return 0; 1842da9592edSDavid Howells if (dir->i_uid == fsuid) 18431da177e4SLinus Torvalds return 0; 18441da177e4SLinus Torvalds return !capable(CAP_FOWNER); 18451da177e4SLinus Torvalds } 18461da177e4SLinus Torvalds 18471da177e4SLinus Torvalds /* 18481da177e4SLinus Torvalds * Check whether we can remove a link victim from directory dir, check 18491da177e4SLinus Torvalds * whether the type of victim is right. 18501da177e4SLinus Torvalds * 1. We can't do it if dir is read-only (done in permission()) 18511da177e4SLinus Torvalds * 2. We should have write and exec permissions on dir 18521da177e4SLinus Torvalds * 3. We can't remove anything from append-only dir 18531da177e4SLinus Torvalds * 4. We can't do anything with immutable dir (done in permission()) 18541da177e4SLinus Torvalds * 5. If the sticky bit on dir is set we should either 18551da177e4SLinus Torvalds * a. be owner of dir, or 18561da177e4SLinus Torvalds * b. be owner of victim, or 18571da177e4SLinus Torvalds * c. have CAP_FOWNER capability 18581da177e4SLinus Torvalds * 6. If the victim is append-only or immutable we can't do antyhing with 18591da177e4SLinus Torvalds * links pointing to it. 18601da177e4SLinus Torvalds * 7. If we were asked to remove a directory and victim isn't one - ENOTDIR. 18611da177e4SLinus Torvalds * 8. If we were asked to remove a non-directory and victim isn't one - EISDIR. 18621da177e4SLinus Torvalds * 9. We can't remove a root or mountpoint. 18631da177e4SLinus Torvalds * 10. We don't allow removal of NFS sillyrenamed files; it's handled by 18641da177e4SLinus Torvalds * nfs_async_unlink(). 18651da177e4SLinus Torvalds */ 1866858119e1SArjan van de Ven static int may_delete(struct inode *dir,struct dentry *victim,int isdir) 18671da177e4SLinus Torvalds { 18681da177e4SLinus Torvalds int error; 18691da177e4SLinus Torvalds 18701da177e4SLinus Torvalds if (!victim->d_inode) 18711da177e4SLinus Torvalds return -ENOENT; 18721da177e4SLinus Torvalds 18731da177e4SLinus Torvalds BUG_ON(victim->d_parent->d_inode != dir); 1874cccc6bbaSAl Viro audit_inode_child(victim, dir); 18751da177e4SLinus Torvalds 1876f419a2e3SAl Viro error = inode_permission(dir, MAY_WRITE | MAY_EXEC); 18771da177e4SLinus Torvalds if (error) 18781da177e4SLinus Torvalds return error; 18791da177e4SLinus Torvalds if (IS_APPEND(dir)) 18801da177e4SLinus Torvalds return -EPERM; 18811da177e4SLinus Torvalds if (check_sticky(dir, victim->d_inode)||IS_APPEND(victim->d_inode)|| 1882f9454548SHugh Dickins IS_IMMUTABLE(victim->d_inode) || IS_SWAPFILE(victim->d_inode)) 18831da177e4SLinus Torvalds return -EPERM; 18841da177e4SLinus Torvalds if (isdir) { 18851da177e4SLinus Torvalds if (!S_ISDIR(victim->d_inode->i_mode)) 18861da177e4SLinus Torvalds return -ENOTDIR; 18871da177e4SLinus Torvalds if (IS_ROOT(victim)) 18881da177e4SLinus Torvalds return -EBUSY; 18891da177e4SLinus Torvalds } else if (S_ISDIR(victim->d_inode->i_mode)) 18901da177e4SLinus Torvalds return -EISDIR; 18911da177e4SLinus Torvalds if (IS_DEADDIR(dir)) 18921da177e4SLinus Torvalds return -ENOENT; 18931da177e4SLinus Torvalds if (victim->d_flags & DCACHE_NFSFS_RENAMED) 18941da177e4SLinus Torvalds return -EBUSY; 18951da177e4SLinus Torvalds return 0; 18961da177e4SLinus Torvalds } 18971da177e4SLinus Torvalds 18981da177e4SLinus Torvalds /* Check whether we can create an object with dentry child in directory 18991da177e4SLinus Torvalds * dir. 19001da177e4SLinus Torvalds * 1. We can't do it if child already exists (open has special treatment for 19011da177e4SLinus Torvalds * this case, but since we are inlined it's OK) 19021da177e4SLinus Torvalds * 2. We can't do it if dir is read-only (done in permission()) 19031da177e4SLinus Torvalds * 3. We should have write and exec permissions on dir 19041da177e4SLinus Torvalds * 4. We can't do it if dir is immutable (done in permission()) 19051da177e4SLinus Torvalds */ 1906a95164d9SMiklos Szeredi static inline int may_create(struct inode *dir, struct dentry *child) 19071da177e4SLinus Torvalds { 19081da177e4SLinus Torvalds if (child->d_inode) 19091da177e4SLinus Torvalds return -EEXIST; 19101da177e4SLinus Torvalds if (IS_DEADDIR(dir)) 19111da177e4SLinus Torvalds return -ENOENT; 1912f419a2e3SAl Viro return inode_permission(dir, MAY_WRITE | MAY_EXEC); 19131da177e4SLinus Torvalds } 19141da177e4SLinus Torvalds 19151da177e4SLinus Torvalds /* 19161da177e4SLinus Torvalds * p1 and p2 should be directories on the same fs. 19171da177e4SLinus Torvalds */ 19181da177e4SLinus Torvalds struct dentry *lock_rename(struct dentry *p1, struct dentry *p2) 19191da177e4SLinus Torvalds { 19201da177e4SLinus Torvalds struct dentry *p; 19211da177e4SLinus Torvalds 19221da177e4SLinus Torvalds if (p1 == p2) { 1923f2eace23SIngo Molnar mutex_lock_nested(&p1->d_inode->i_mutex, I_MUTEX_PARENT); 19241da177e4SLinus Torvalds return NULL; 19251da177e4SLinus Torvalds } 19261da177e4SLinus Torvalds 1927a11f3a05SArjan van de Ven mutex_lock(&p1->d_inode->i_sb->s_vfs_rename_mutex); 19281da177e4SLinus Torvalds 1929e2761a11SOGAWA Hirofumi p = d_ancestor(p2, p1); 1930e2761a11SOGAWA Hirofumi if (p) { 1931f2eace23SIngo Molnar mutex_lock_nested(&p2->d_inode->i_mutex, I_MUTEX_PARENT); 1932f2eace23SIngo Molnar mutex_lock_nested(&p1->d_inode->i_mutex, I_MUTEX_CHILD); 19331da177e4SLinus Torvalds return p; 19341da177e4SLinus Torvalds } 19351da177e4SLinus Torvalds 1936e2761a11SOGAWA Hirofumi p = d_ancestor(p1, p2); 1937e2761a11SOGAWA Hirofumi if (p) { 1938f2eace23SIngo Molnar mutex_lock_nested(&p1->d_inode->i_mutex, I_MUTEX_PARENT); 1939f2eace23SIngo Molnar mutex_lock_nested(&p2->d_inode->i_mutex, I_MUTEX_CHILD); 19401da177e4SLinus Torvalds return p; 19411da177e4SLinus Torvalds } 19421da177e4SLinus Torvalds 1943f2eace23SIngo Molnar mutex_lock_nested(&p1->d_inode->i_mutex, I_MUTEX_PARENT); 1944f2eace23SIngo Molnar mutex_lock_nested(&p2->d_inode->i_mutex, I_MUTEX_CHILD); 19451da177e4SLinus Torvalds return NULL; 19461da177e4SLinus Torvalds } 19471da177e4SLinus Torvalds 19481da177e4SLinus Torvalds void unlock_rename(struct dentry *p1, struct dentry *p2) 19491da177e4SLinus Torvalds { 19501b1dcc1bSJes Sorensen mutex_unlock(&p1->d_inode->i_mutex); 19511da177e4SLinus Torvalds if (p1 != p2) { 19521b1dcc1bSJes Sorensen mutex_unlock(&p2->d_inode->i_mutex); 1953a11f3a05SArjan van de Ven mutex_unlock(&p1->d_inode->i_sb->s_vfs_rename_mutex); 19541da177e4SLinus Torvalds } 19551da177e4SLinus Torvalds } 19561da177e4SLinus Torvalds 19571da177e4SLinus Torvalds int vfs_create(struct inode *dir, struct dentry *dentry, int mode, 19581da177e4SLinus Torvalds struct nameidata *nd) 19591da177e4SLinus Torvalds { 1960a95164d9SMiklos Szeredi int error = may_create(dir, dentry); 19611da177e4SLinus Torvalds 19621da177e4SLinus Torvalds if (error) 19631da177e4SLinus Torvalds return error; 19641da177e4SLinus Torvalds 1965acfa4380SAl Viro if (!dir->i_op->create) 19661da177e4SLinus Torvalds return -EACCES; /* shouldn't it be ENOSYS? */ 19671da177e4SLinus Torvalds mode &= S_IALLUGO; 19681da177e4SLinus Torvalds mode |= S_IFREG; 19691da177e4SLinus Torvalds error = security_inode_create(dir, dentry, mode); 19701da177e4SLinus Torvalds if (error) 19711da177e4SLinus Torvalds return error; 19721da177e4SLinus Torvalds error = dir->i_op->create(dir, dentry, mode, nd); 1973a74574aaSStephen Smalley if (!error) 1974f38aa942SAmy Griffis fsnotify_create(dir, dentry); 19751da177e4SLinus Torvalds return error; 19761da177e4SLinus Torvalds } 19771da177e4SLinus Torvalds 19783fb64190SChristoph Hellwig int may_open(struct path *path, int acc_mode, int flag) 19791da177e4SLinus Torvalds { 19803fb64190SChristoph Hellwig struct dentry *dentry = path->dentry; 19811da177e4SLinus Torvalds struct inode *inode = dentry->d_inode; 19821da177e4SLinus Torvalds int error; 19831da177e4SLinus Torvalds 19841da177e4SLinus Torvalds if (!inode) 19851da177e4SLinus Torvalds return -ENOENT; 19861da177e4SLinus Torvalds 1987c8fe8f30SChristoph Hellwig switch (inode->i_mode & S_IFMT) { 1988c8fe8f30SChristoph Hellwig case S_IFLNK: 19891da177e4SLinus Torvalds return -ELOOP; 1990c8fe8f30SChristoph Hellwig case S_IFDIR: 1991c8fe8f30SChristoph Hellwig if (acc_mode & MAY_WRITE) 19921da177e4SLinus Torvalds return -EISDIR; 1993c8fe8f30SChristoph Hellwig break; 1994c8fe8f30SChristoph Hellwig case S_IFBLK: 1995c8fe8f30SChristoph Hellwig case S_IFCHR: 19963fb64190SChristoph Hellwig if (path->mnt->mnt_flags & MNT_NODEV) 19971da177e4SLinus Torvalds return -EACCES; 1998c8fe8f30SChristoph Hellwig /*FALLTHRU*/ 1999c8fe8f30SChristoph Hellwig case S_IFIFO: 2000c8fe8f30SChristoph Hellwig case S_IFSOCK: 20011da177e4SLinus Torvalds flag &= ~O_TRUNC; 2002c8fe8f30SChristoph Hellwig break; 20034a3fd211SDave Hansen } 2004b41572e9SDave Hansen 20053fb64190SChristoph Hellwig error = inode_permission(inode, acc_mode); 2006b41572e9SDave Hansen if (error) 2007b41572e9SDave Hansen return error; 20086146f0d5SMimi Zohar 20091da177e4SLinus Torvalds /* 20101da177e4SLinus Torvalds * An append-only file must be opened in append mode for writing. 20111da177e4SLinus Torvalds */ 20121da177e4SLinus Torvalds if (IS_APPEND(inode)) { 20138737c930SAl Viro if ((flag & O_ACCMODE) != O_RDONLY && !(flag & O_APPEND)) 20147715b521SAl Viro return -EPERM; 20151da177e4SLinus Torvalds if (flag & O_TRUNC) 20167715b521SAl Viro return -EPERM; 20171da177e4SLinus Torvalds } 20181da177e4SLinus Torvalds 20191da177e4SLinus Torvalds /* O_NOATIME can only be set by the owner or superuser */ 20207715b521SAl Viro if (flag & O_NOATIME && !is_owner_or_cap(inode)) 20217715b521SAl Viro return -EPERM; 20221da177e4SLinus Torvalds 20231da177e4SLinus Torvalds /* 20241da177e4SLinus Torvalds * Ensure there are no outstanding leases on the file. 20251da177e4SLinus Torvalds */ 2026b65a9cfcSAl Viro return break_lease(inode, flag); 20277715b521SAl Viro } 20287715b521SAl Viro 2029e1181ee6SJeff Layton static int handle_truncate(struct file *filp) 20307715b521SAl Viro { 2031e1181ee6SJeff Layton struct path *path = &filp->f_path; 20327715b521SAl Viro struct inode *inode = path->dentry->d_inode; 20337715b521SAl Viro int error = get_write_access(inode); 20341da177e4SLinus Torvalds if (error) 20357715b521SAl Viro return error; 20361da177e4SLinus Torvalds /* 20371da177e4SLinus Torvalds * Refuse to truncate files with mandatory locks held on them. 20381da177e4SLinus Torvalds */ 20391da177e4SLinus Torvalds error = locks_verify_locked(inode); 2040be6d3e56SKentaro Takeda if (!error) 2041ea0d3ab2STetsuo Handa error = security_path_truncate(path); 20421da177e4SLinus Torvalds if (!error) { 20437715b521SAl Viro error = do_truncate(path->dentry, 0, 2044d139d7ffSMiklos Szeredi ATTR_MTIME|ATTR_CTIME|ATTR_OPEN, 2045e1181ee6SJeff Layton filp); 20461da177e4SLinus Torvalds } 20471da177e4SLinus Torvalds put_write_access(inode); 2048acd0c935SMimi Zohar return error; 20491da177e4SLinus Torvalds } 20501da177e4SLinus Torvalds 2051d57999e1SDave Hansen /* 2052d57999e1SDave Hansen * Note that while the flag value (low two bits) for sys_open means: 2053d57999e1SDave Hansen * 00 - read-only 2054d57999e1SDave Hansen * 01 - write-only 2055d57999e1SDave Hansen * 10 - read-write 2056d57999e1SDave Hansen * 11 - special 2057d57999e1SDave Hansen * it is changed into 2058d57999e1SDave Hansen * 00 - no permissions needed 2059d57999e1SDave Hansen * 01 - read-permission 2060d57999e1SDave Hansen * 10 - write-permission 2061d57999e1SDave Hansen * 11 - read-write 2062d57999e1SDave Hansen * for the internal routines (ie open_namei()/follow_link() etc) 2063d57999e1SDave Hansen * This is more logical, and also allows the 00 "no perm needed" 2064d57999e1SDave Hansen * to be used for symlinks (where the permissions are checked 2065d57999e1SDave Hansen * later). 2066d57999e1SDave Hansen * 2067d57999e1SDave Hansen */ 2068d57999e1SDave Hansen static inline int open_to_namei_flags(int flag) 2069d57999e1SDave Hansen { 2070d57999e1SDave Hansen if ((flag+1) & O_ACCMODE) 2071d57999e1SDave Hansen flag++; 2072d57999e1SDave Hansen return flag; 2073d57999e1SDave Hansen } 2074d57999e1SDave Hansen 207531e6b01fSNick Piggin /* 2076fe2d35ffSAl Viro * Handle the last step of open() 207731e6b01fSNick Piggin */ 2078fb1cc555SAl Viro static struct file *do_last(struct nameidata *nd, struct path *path, 2079c3e380b0SAl Viro const struct open_flags *op, const char *pathname) 2080fb1cc555SAl Viro { 2081a1e28038SAl Viro struct dentry *dir = nd->path.dentry; 20826c0d46c4SAl Viro struct dentry *dentry; 2083ca344a89SAl Viro int open_flag = op->open_flag; 20846c0d46c4SAl Viro int will_truncate = open_flag & O_TRUNC; 2085ca344a89SAl Viro int want_write = 0; 2086ca344a89SAl Viro int skip_perm = 0; 2087fb1cc555SAl Viro struct file *filp; 2088fe2d35ffSAl Viro struct inode *inode; 208916c2cd71SAl Viro int error; 2090fb1cc555SAl Viro 2091c3e380b0SAl Viro nd->flags &= ~LOOKUP_PARENT; 2092c3e380b0SAl Viro nd->flags |= op->intent; 2093c3e380b0SAl Viro 20941f36f774SAl Viro switch (nd->last_type) { 20951f36f774SAl Viro case LAST_DOTDOT: 2096176306f5SNeil Brown case LAST_DOT: 2097fe2d35ffSAl Viro error = handle_dots(nd, nd->last_type); 2098fe2d35ffSAl Viro if (error) 2099fe2d35ffSAl Viro return ERR_PTR(error); 21001f36f774SAl Viro /* fallthrough */ 21011f36f774SAl Viro case LAST_ROOT: 2102fe2d35ffSAl Viro if (nd->flags & LOOKUP_RCU) { 2103fe2d35ffSAl Viro if (nameidata_drop_rcu_last(nd)) 2104fe2d35ffSAl Viro return ERR_PTR(-ECHILD); 2105fe2d35ffSAl Viro } 210616c2cd71SAl Viro error = handle_reval_path(nd); 210716c2cd71SAl Viro if (error) 210816c2cd71SAl Viro goto exit; 2109fe2d35ffSAl Viro audit_inode(pathname, nd->path.dentry); 2110ca344a89SAl Viro if (open_flag & O_CREAT) { 211116c2cd71SAl Viro error = -EISDIR; 21121f36f774SAl Viro goto exit; 2113fe2d35ffSAl Viro } 2114fe2d35ffSAl Viro goto ok; 21151f36f774SAl Viro case LAST_BIND: 2116fe2d35ffSAl Viro /* can't be RCU mode here */ 211716c2cd71SAl Viro error = handle_reval_path(nd); 211816c2cd71SAl Viro if (error) 211916c2cd71SAl Viro goto exit; 21201f36f774SAl Viro audit_inode(pathname, dir); 21211f36f774SAl Viro goto ok; 21221f36f774SAl Viro } 2123a2c36b45SAl Viro 2124ca344a89SAl Viro if (!(open_flag & O_CREAT)) { 2125fe2d35ffSAl Viro if (nd->last.name[nd->last.len]) 2126fe2d35ffSAl Viro nd->flags |= LOOKUP_FOLLOW | LOOKUP_DIRECTORY; 2127fe2d35ffSAl Viro /* we _can_ be in RCU mode here */ 2128fe2d35ffSAl Viro error = do_lookup(nd, &nd->last, path, &inode); 2129fe2d35ffSAl Viro if (error) { 2130fe2d35ffSAl Viro terminate_walk(nd); 2131fe2d35ffSAl Viro return ERR_PTR(error); 2132fe2d35ffSAl Viro } 2133fe2d35ffSAl Viro if (!inode) { 2134fe2d35ffSAl Viro path_to_nameidata(path, nd); 2135fe2d35ffSAl Viro terminate_walk(nd); 2136fe2d35ffSAl Viro return ERR_PTR(-ENOENT); 2137fe2d35ffSAl Viro } 2138fe2d35ffSAl Viro if (unlikely(inode->i_op->follow_link)) { 2139fe2d35ffSAl Viro /* We drop rcu-walk here */ 2140fe2d35ffSAl Viro if (nameidata_dentry_drop_rcu_maybe(nd, path->dentry)) 2141fe2d35ffSAl Viro return ERR_PTR(-ECHILD); 2142fe2d35ffSAl Viro return NULL; 2143fe2d35ffSAl Viro } 2144fe2d35ffSAl Viro path_to_nameidata(path, nd); 2145fe2d35ffSAl Viro nd->inode = inode; 2146fe2d35ffSAl Viro /* sayonara */ 2147fe2d35ffSAl Viro if (nd->flags & LOOKUP_RCU) { 2148fe2d35ffSAl Viro if (nameidata_drop_rcu_last(nd)) 2149fe2d35ffSAl Viro return ERR_PTR(-ECHILD); 2150fe2d35ffSAl Viro } 2151fe2d35ffSAl Viro 2152fe2d35ffSAl Viro error = -ENOTDIR; 2153fe2d35ffSAl Viro if (nd->flags & LOOKUP_DIRECTORY) { 2154fe2d35ffSAl Viro if (!inode->i_op->lookup) 2155fe2d35ffSAl Viro goto exit; 2156fe2d35ffSAl Viro } 2157fe2d35ffSAl Viro audit_inode(pathname, nd->path.dentry); 2158fe2d35ffSAl Viro goto ok; 2159fe2d35ffSAl Viro } 2160fe2d35ffSAl Viro 2161fe2d35ffSAl Viro /* create side of things */ 2162fe2d35ffSAl Viro 2163fe2d35ffSAl Viro if (nd->flags & LOOKUP_RCU) { 2164fe2d35ffSAl Viro if (nameidata_drop_rcu_last(nd)) 2165fe2d35ffSAl Viro return ERR_PTR(-ECHILD); 2166fe2d35ffSAl Viro } 2167fe2d35ffSAl Viro 2168fe2d35ffSAl Viro audit_inode(pathname, dir); 216916c2cd71SAl Viro error = -EISDIR; 21701f36f774SAl Viro /* trailing slashes? */ 217131e6b01fSNick Piggin if (nd->last.name[nd->last.len]) 21721f36f774SAl Viro goto exit; 21731f36f774SAl Viro 2174a1e28038SAl Viro mutex_lock(&dir->d_inode->i_mutex); 2175a1e28038SAl Viro 21766c0d46c4SAl Viro dentry = lookup_hash(nd); 21776c0d46c4SAl Viro error = PTR_ERR(dentry); 21786c0d46c4SAl Viro if (IS_ERR(dentry)) { 2179fb1cc555SAl Viro mutex_unlock(&dir->d_inode->i_mutex); 2180fb1cc555SAl Viro goto exit; 2181fb1cc555SAl Viro } 2182fb1cc555SAl Viro 21836c0d46c4SAl Viro path->dentry = dentry; 21846c0d46c4SAl Viro path->mnt = nd->path.mnt; 21856c0d46c4SAl Viro 2186fb1cc555SAl Viro if (IS_ERR(nd->intent.open.file)) { 2187fb1cc555SAl Viro error = PTR_ERR(nd->intent.open.file); 2188fb1cc555SAl Viro goto exit_mutex_unlock; 2189fb1cc555SAl Viro } 2190fb1cc555SAl Viro 2191fb1cc555SAl Viro /* Negative dentry, just create the file */ 21926c0d46c4SAl Viro if (!dentry->d_inode) { 21936c0d46c4SAl Viro int mode = op->mode; 21946c0d46c4SAl Viro if (!IS_POSIXACL(dir->d_inode)) 21956c0d46c4SAl Viro mode &= ~current_umask(); 2196fb1cc555SAl Viro /* 2197fb1cc555SAl Viro * This write is needed to ensure that a 21986c0d46c4SAl Viro * rw->ro transition does not occur between 2199fb1cc555SAl Viro * the time when the file is created and when 2200fb1cc555SAl Viro * a permanent write count is taken through 2201fb1cc555SAl Viro * the 'struct file' in nameidata_to_filp(). 2202fb1cc555SAl Viro */ 2203fb1cc555SAl Viro error = mnt_want_write(nd->path.mnt); 2204fb1cc555SAl Viro if (error) 2205fb1cc555SAl Viro goto exit_mutex_unlock; 2206ca344a89SAl Viro want_write = 1; 22079b44f1b3SAl Viro /* Don't check for write permission, don't truncate */ 2208ca344a89SAl Viro open_flag &= ~O_TRUNC; 22096c0d46c4SAl Viro will_truncate = 0; 2210ca344a89SAl Viro skip_perm = 1; 22116c0d46c4SAl Viro error = security_path_mknod(&nd->path, dentry, mode, 0); 22126c0d46c4SAl Viro if (error) 22136c0d46c4SAl Viro goto exit_mutex_unlock; 22146c0d46c4SAl Viro error = vfs_create(dir->d_inode, dentry, mode, nd); 22156c0d46c4SAl Viro if (error) 22166c0d46c4SAl Viro goto exit_mutex_unlock; 22176c0d46c4SAl Viro mutex_unlock(&dir->d_inode->i_mutex); 22186c0d46c4SAl Viro dput(nd->path.dentry); 22196c0d46c4SAl Viro nd->path.dentry = dentry; 2220ca344a89SAl Viro goto common; 2221fb1cc555SAl Viro } 2222fb1cc555SAl Viro 2223fb1cc555SAl Viro /* 2224fb1cc555SAl Viro * It already exists. 2225fb1cc555SAl Viro */ 2226fb1cc555SAl Viro mutex_unlock(&dir->d_inode->i_mutex); 2227fb1cc555SAl Viro audit_inode(pathname, path->dentry); 2228fb1cc555SAl Viro 2229fb1cc555SAl Viro error = -EEXIST; 2230ca344a89SAl Viro if (open_flag & O_EXCL) 2231fb1cc555SAl Viro goto exit_dput; 2232fb1cc555SAl Viro 22339875cf80SDavid Howells error = follow_managed(path, nd->flags); 22349875cf80SDavid Howells if (error < 0) 2235fb1cc555SAl Viro goto exit_dput; 2236fb1cc555SAl Viro 2237fb1cc555SAl Viro error = -ENOENT; 2238fb1cc555SAl Viro if (!path->dentry->d_inode) 2239fb1cc555SAl Viro goto exit_dput; 22409e67f361SAl Viro 22419e67f361SAl Viro if (path->dentry->d_inode->i_op->follow_link) 2242fb1cc555SAl Viro return NULL; 2243fb1cc555SAl Viro 2244fb1cc555SAl Viro path_to_nameidata(path, nd); 224531e6b01fSNick Piggin nd->inode = path->dentry->d_inode; 2246fb1cc555SAl Viro error = -EISDIR; 224731e6b01fSNick Piggin if (S_ISDIR(nd->inode->i_mode)) 2248fb1cc555SAl Viro goto exit; 224967ee3ad2SAl Viro ok: 22506c0d46c4SAl Viro if (!S_ISREG(nd->inode->i_mode)) 22516c0d46c4SAl Viro will_truncate = 0; 22526c0d46c4SAl Viro 22530f9d1a10SAl Viro if (will_truncate) { 22540f9d1a10SAl Viro error = mnt_want_write(nd->path.mnt); 22550f9d1a10SAl Viro if (error) 22560f9d1a10SAl Viro goto exit; 2257ca344a89SAl Viro want_write = 1; 22580f9d1a10SAl Viro } 2259ca344a89SAl Viro common: 2260ca344a89SAl Viro error = may_open(&nd->path, skip_perm ? 0 : op->acc_mode, open_flag); 2261ca344a89SAl Viro if (error) 22620f9d1a10SAl Viro goto exit; 22630f9d1a10SAl Viro filp = nameidata_to_filp(nd); 22640f9d1a10SAl Viro if (!IS_ERR(filp)) { 22650f9d1a10SAl Viro error = ima_file_check(filp, op->acc_mode); 22660f9d1a10SAl Viro if (error) { 22670f9d1a10SAl Viro fput(filp); 22680f9d1a10SAl Viro filp = ERR_PTR(error); 22690f9d1a10SAl Viro } 22700f9d1a10SAl Viro } 22710f9d1a10SAl Viro if (!IS_ERR(filp)) { 22720f9d1a10SAl Viro if (will_truncate) { 22730f9d1a10SAl Viro error = handle_truncate(filp); 22740f9d1a10SAl Viro if (error) { 22750f9d1a10SAl Viro fput(filp); 22760f9d1a10SAl Viro filp = ERR_PTR(error); 22770f9d1a10SAl Viro } 22780f9d1a10SAl Viro } 22790f9d1a10SAl Viro } 2280ca344a89SAl Viro out: 2281ca344a89SAl Viro if (want_write) 22820f9d1a10SAl Viro mnt_drop_write(nd->path.mnt); 22830f9d1a10SAl Viro path_put(&nd->path); 2284fb1cc555SAl Viro return filp; 2285fb1cc555SAl Viro 2286fb1cc555SAl Viro exit_mutex_unlock: 2287fb1cc555SAl Viro mutex_unlock(&dir->d_inode->i_mutex); 2288fb1cc555SAl Viro exit_dput: 2289fb1cc555SAl Viro path_put_conditional(path, nd); 2290fb1cc555SAl Viro exit: 2291ca344a89SAl Viro filp = ERR_PTR(error); 2292ca344a89SAl Viro goto out; 2293fb1cc555SAl Viro } 2294fb1cc555SAl Viro 229513aab428SAl Viro static struct file *path_openat(int dfd, const char *pathname, 229647c805dcSAl Viro const struct open_flags *op, int flags) 22971da177e4SLinus Torvalds { 2298fe2d35ffSAl Viro struct file *base = NULL; 22994a3fd211SDave Hansen struct file *filp; 2300a70e65dfSChristoph Hellwig struct nameidata nd; 23019850c056SAl Viro struct path path; 23021da177e4SLinus Torvalds int count = 0; 230313aab428SAl Viro int error; 230431e6b01fSNick Piggin 230531e6b01fSNick Piggin filp = get_empty_filp(); 230631e6b01fSNick Piggin if (!filp) 230731e6b01fSNick Piggin return ERR_PTR(-ENFILE); 230831e6b01fSNick Piggin 230947c805dcSAl Viro filp->f_flags = op->open_flag; 231031e6b01fSNick Piggin nd.intent.open.file = filp; 231147c805dcSAl Viro nd.intent.open.flags = open_to_namei_flags(op->open_flag); 231247c805dcSAl Viro nd.intent.open.create_mode = op->mode; 231331e6b01fSNick Piggin 2314fe2d35ffSAl Viro error = path_init(dfd, pathname, flags | LOOKUP_PARENT, &nd, &base); 231531e6b01fSNick Piggin if (unlikely(error)) 231613aab428SAl Viro goto out_filp; 231731e6b01fSNick Piggin 2318fe2d35ffSAl Viro current->total_link_count = 0; 2319fe2d35ffSAl Viro error = link_path_walk(pathname, &nd); 232031e6b01fSNick Piggin if (unlikely(error)) 232131e6b01fSNick Piggin goto out_filp; 23221da177e4SLinus Torvalds 232347c805dcSAl Viro filp = do_last(&nd, &path, op, pathname); 2324806b681cSAl Viro while (unlikely(!filp)) { /* trailing symlink */ 23257b9337aaSNick Piggin struct path link = path; 23267b9337aaSNick Piggin struct inode *linki = link.dentry->d_inode; 2327def4af30SAl Viro void *cookie; 2328806b681cSAl Viro error = -ELOOP; 2329db372915SDavid Howells if (!(nd.flags & LOOKUP_FOLLOW)) 23301f36f774SAl Viro goto exit_dput; 23311f36f774SAl Viro if (count++ == 32) 2332806b681cSAl Viro goto exit_dput; 2333806b681cSAl Viro /* 2334806b681cSAl Viro * This is subtle. Instead of calling do_follow_link() we do 2335806b681cSAl Viro * the thing by hands. The reason is that this way we have zero 2336806b681cSAl Viro * link_count and path_walk() (called from ->follow_link) 2337806b681cSAl Viro * honoring LOOKUP_PARENT. After that we have the parent and 2338806b681cSAl Viro * last component, i.e. we are in the same situation as after 2339806b681cSAl Viro * the first path_walk(). Well, almost - if the last component 2340806b681cSAl Viro * is normal we get its copy stored in nd->last.name and we will 2341806b681cSAl Viro * have to putname() it when we are done. Procfs-like symlinks 2342806b681cSAl Viro * just set LAST_BIND. 2343806b681cSAl Viro */ 2344806b681cSAl Viro nd.flags |= LOOKUP_PARENT; 2345c3e380b0SAl Viro nd.flags &= ~(LOOKUP_OPEN|LOOKUP_CREATE|LOOKUP_EXCL); 23467b9337aaSNick Piggin error = __do_follow_link(&link, &nd, &cookie); 2347c3e380b0SAl Viro if (unlikely(error)) 2348f1afe9efSAl Viro filp = ERR_PTR(error); 2349c3e380b0SAl Viro else 235047c805dcSAl Viro filp = do_last(&nd, &path, op, pathname); 2351f1afe9efSAl Viro if (!IS_ERR(cookie) && linki->i_op->put_link) 23527b9337aaSNick Piggin linki->i_op->put_link(link.dentry, &nd, cookie); 23537b9337aaSNick Piggin path_put(&link); 2354806b681cSAl Viro } 235510fa8e62SAl Viro out: 23562a737871SAl Viro if (nd.root.mnt) 23572a737871SAl Viro path_put(&nd.root); 2358fe2d35ffSAl Viro if (base) 2359fe2d35ffSAl Viro fput(base); 23602dab5974SLinus Torvalds release_open_intent(&nd); 236110fa8e62SAl Viro return filp; 23621da177e4SLinus Torvalds 2363806b681cSAl Viro exit_dput: 2364806b681cSAl Viro path_put_conditional(&path, &nd); 236531e6b01fSNick Piggin path_put(&nd.path); 236631e6b01fSNick Piggin out_filp: 236710fa8e62SAl Viro filp = ERR_PTR(error); 236810fa8e62SAl Viro goto out; 2369de459215SKirill Korotaev } 23701da177e4SLinus Torvalds 237113aab428SAl Viro struct file *do_filp_open(int dfd, const char *pathname, 237213aab428SAl Viro const struct open_flags *op, int flags) 237313aab428SAl Viro { 237413aab428SAl Viro struct file *filp; 237513aab428SAl Viro 237613aab428SAl Viro filp = path_openat(dfd, pathname, op, flags | LOOKUP_RCU); 237713aab428SAl Viro if (unlikely(filp == ERR_PTR(-ECHILD))) 237813aab428SAl Viro filp = path_openat(dfd, pathname, op, flags); 237913aab428SAl Viro if (unlikely(filp == ERR_PTR(-ESTALE))) 238013aab428SAl Viro filp = path_openat(dfd, pathname, op, flags | LOOKUP_REVAL); 238113aab428SAl Viro return filp; 238213aab428SAl Viro } 238313aab428SAl Viro 23841da177e4SLinus Torvalds /** 23851da177e4SLinus Torvalds * lookup_create - lookup a dentry, creating it if it doesn't exist 23861da177e4SLinus Torvalds * @nd: nameidata info 23871da177e4SLinus Torvalds * @is_dir: directory flag 23881da177e4SLinus Torvalds * 23891da177e4SLinus Torvalds * Simple function to lookup and return a dentry and create it 23901da177e4SLinus Torvalds * if it doesn't exist. Is SMP-safe. 2391c663e5d8SChristoph Hellwig * 23924ac91378SJan Blunck * Returns with nd->path.dentry->d_inode->i_mutex locked. 23931da177e4SLinus Torvalds */ 23941da177e4SLinus Torvalds struct dentry *lookup_create(struct nameidata *nd, int is_dir) 23951da177e4SLinus Torvalds { 2396c663e5d8SChristoph Hellwig struct dentry *dentry = ERR_PTR(-EEXIST); 23971da177e4SLinus Torvalds 23984ac91378SJan Blunck mutex_lock_nested(&nd->path.dentry->d_inode->i_mutex, I_MUTEX_PARENT); 2399c663e5d8SChristoph Hellwig /* 2400c663e5d8SChristoph Hellwig * Yucky last component or no last component at all? 2401c663e5d8SChristoph Hellwig * (foo/., foo/.., /////) 2402c663e5d8SChristoph Hellwig */ 24031da177e4SLinus Torvalds if (nd->last_type != LAST_NORM) 24041da177e4SLinus Torvalds goto fail; 24051da177e4SLinus Torvalds nd->flags &= ~LOOKUP_PARENT; 24063516586aSAl Viro nd->flags |= LOOKUP_CREATE | LOOKUP_EXCL; 2407a634904aSASANO Masahiro nd->intent.open.flags = O_EXCL; 2408c663e5d8SChristoph Hellwig 2409c663e5d8SChristoph Hellwig /* 2410c663e5d8SChristoph Hellwig * Do the final lookup. 2411c663e5d8SChristoph Hellwig */ 241249705b77SChristoph Hellwig dentry = lookup_hash(nd); 24131da177e4SLinus Torvalds if (IS_ERR(dentry)) 24141da177e4SLinus Torvalds goto fail; 2415c663e5d8SChristoph Hellwig 2416e9baf6e5SAl Viro if (dentry->d_inode) 2417e9baf6e5SAl Viro goto eexist; 2418c663e5d8SChristoph Hellwig /* 2419c663e5d8SChristoph Hellwig * Special case - lookup gave negative, but... we had foo/bar/ 2420c663e5d8SChristoph Hellwig * From the vfs_mknod() POV we just have a negative dentry - 2421c663e5d8SChristoph Hellwig * all is fine. Let's be bastards - you had / on the end, you've 2422c663e5d8SChristoph Hellwig * been asking for (non-existent) directory. -ENOENT for you. 2423c663e5d8SChristoph Hellwig */ 2424e9baf6e5SAl Viro if (unlikely(!is_dir && nd->last.name[nd->last.len])) { 24251da177e4SLinus Torvalds dput(dentry); 24261da177e4SLinus Torvalds dentry = ERR_PTR(-ENOENT); 2427e9baf6e5SAl Viro } 2428e9baf6e5SAl Viro return dentry; 2429e9baf6e5SAl Viro eexist: 2430e9baf6e5SAl Viro dput(dentry); 2431e9baf6e5SAl Viro dentry = ERR_PTR(-EEXIST); 24321da177e4SLinus Torvalds fail: 24331da177e4SLinus Torvalds return dentry; 24341da177e4SLinus Torvalds } 2435f81a0bffSChristoph Hellwig EXPORT_SYMBOL_GPL(lookup_create); 24361da177e4SLinus Torvalds 24371da177e4SLinus Torvalds int vfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev) 24381da177e4SLinus Torvalds { 2439a95164d9SMiklos Szeredi int error = may_create(dir, dentry); 24401da177e4SLinus Torvalds 24411da177e4SLinus Torvalds if (error) 24421da177e4SLinus Torvalds return error; 24431da177e4SLinus Torvalds 24441da177e4SLinus Torvalds if ((S_ISCHR(mode) || S_ISBLK(mode)) && !capable(CAP_MKNOD)) 24451da177e4SLinus Torvalds return -EPERM; 24461da177e4SLinus Torvalds 2447acfa4380SAl Viro if (!dir->i_op->mknod) 24481da177e4SLinus Torvalds return -EPERM; 24491da177e4SLinus Torvalds 245008ce5f16SSerge E. Hallyn error = devcgroup_inode_mknod(mode, dev); 245108ce5f16SSerge E. Hallyn if (error) 245208ce5f16SSerge E. Hallyn return error; 245308ce5f16SSerge E. Hallyn 24541da177e4SLinus Torvalds error = security_inode_mknod(dir, dentry, mode, dev); 24551da177e4SLinus Torvalds if (error) 24561da177e4SLinus Torvalds return error; 24571da177e4SLinus Torvalds 24581da177e4SLinus Torvalds error = dir->i_op->mknod(dir, dentry, mode, dev); 2459a74574aaSStephen Smalley if (!error) 2460f38aa942SAmy Griffis fsnotify_create(dir, dentry); 24611da177e4SLinus Torvalds return error; 24621da177e4SLinus Torvalds } 24631da177e4SLinus Torvalds 2464463c3197SDave Hansen static int may_mknod(mode_t mode) 2465463c3197SDave Hansen { 2466463c3197SDave Hansen switch (mode & S_IFMT) { 2467463c3197SDave Hansen case S_IFREG: 2468463c3197SDave Hansen case S_IFCHR: 2469463c3197SDave Hansen case S_IFBLK: 2470463c3197SDave Hansen case S_IFIFO: 2471463c3197SDave Hansen case S_IFSOCK: 2472463c3197SDave Hansen case 0: /* zero mode translates to S_IFREG */ 2473463c3197SDave Hansen return 0; 2474463c3197SDave Hansen case S_IFDIR: 2475463c3197SDave Hansen return -EPERM; 2476463c3197SDave Hansen default: 2477463c3197SDave Hansen return -EINVAL; 2478463c3197SDave Hansen } 2479463c3197SDave Hansen } 2480463c3197SDave Hansen 24812e4d0924SHeiko Carstens SYSCALL_DEFINE4(mknodat, int, dfd, const char __user *, filename, int, mode, 24822e4d0924SHeiko Carstens unsigned, dev) 24831da177e4SLinus Torvalds { 24842ad94ae6SAl Viro int error; 24851da177e4SLinus Torvalds char *tmp; 24861da177e4SLinus Torvalds struct dentry *dentry; 24871da177e4SLinus Torvalds struct nameidata nd; 24881da177e4SLinus Torvalds 24891da177e4SLinus Torvalds if (S_ISDIR(mode)) 24901da177e4SLinus Torvalds return -EPERM; 24911da177e4SLinus Torvalds 24922ad94ae6SAl Viro error = user_path_parent(dfd, filename, &nd, &tmp); 24931da177e4SLinus Torvalds if (error) 24942ad94ae6SAl Viro return error; 24952ad94ae6SAl Viro 24961da177e4SLinus Torvalds dentry = lookup_create(&nd, 0); 2497463c3197SDave Hansen if (IS_ERR(dentry)) { 24981da177e4SLinus Torvalds error = PTR_ERR(dentry); 2499463c3197SDave Hansen goto out_unlock; 2500463c3197SDave Hansen } 25014ac91378SJan Blunck if (!IS_POSIXACL(nd.path.dentry->d_inode)) 2502ce3b0f8dSAl Viro mode &= ~current_umask(); 2503463c3197SDave Hansen error = may_mknod(mode); 2504463c3197SDave Hansen if (error) 2505463c3197SDave Hansen goto out_dput; 2506463c3197SDave Hansen error = mnt_want_write(nd.path.mnt); 2507463c3197SDave Hansen if (error) 2508463c3197SDave Hansen goto out_dput; 2509be6d3e56SKentaro Takeda error = security_path_mknod(&nd.path, dentry, mode, dev); 2510be6d3e56SKentaro Takeda if (error) 2511be6d3e56SKentaro Takeda goto out_drop_write; 25121da177e4SLinus Torvalds switch (mode & S_IFMT) { 25131da177e4SLinus Torvalds case 0: case S_IFREG: 25144ac91378SJan Blunck error = vfs_create(nd.path.dentry->d_inode,dentry,mode,&nd); 25151da177e4SLinus Torvalds break; 25161da177e4SLinus Torvalds case S_IFCHR: case S_IFBLK: 25174ac91378SJan Blunck error = vfs_mknod(nd.path.dentry->d_inode,dentry,mode, 25181da177e4SLinus Torvalds new_decode_dev(dev)); 25191da177e4SLinus Torvalds break; 25201da177e4SLinus Torvalds case S_IFIFO: case S_IFSOCK: 25214ac91378SJan Blunck error = vfs_mknod(nd.path.dentry->d_inode,dentry,mode,0); 25221da177e4SLinus Torvalds break; 25231da177e4SLinus Torvalds } 2524be6d3e56SKentaro Takeda out_drop_write: 2525463c3197SDave Hansen mnt_drop_write(nd.path.mnt); 2526463c3197SDave Hansen out_dput: 25271da177e4SLinus Torvalds dput(dentry); 2528463c3197SDave Hansen out_unlock: 25294ac91378SJan Blunck mutex_unlock(&nd.path.dentry->d_inode->i_mutex); 25301d957f9bSJan Blunck path_put(&nd.path); 25311da177e4SLinus Torvalds putname(tmp); 25321da177e4SLinus Torvalds 25331da177e4SLinus Torvalds return error; 25341da177e4SLinus Torvalds } 25351da177e4SLinus Torvalds 25363480b257SHeiko Carstens SYSCALL_DEFINE3(mknod, const char __user *, filename, int, mode, unsigned, dev) 25375590ff0dSUlrich Drepper { 25385590ff0dSUlrich Drepper return sys_mknodat(AT_FDCWD, filename, mode, dev); 25395590ff0dSUlrich Drepper } 25405590ff0dSUlrich Drepper 25411da177e4SLinus Torvalds int vfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) 25421da177e4SLinus Torvalds { 2543a95164d9SMiklos Szeredi int error = may_create(dir, dentry); 25441da177e4SLinus Torvalds 25451da177e4SLinus Torvalds if (error) 25461da177e4SLinus Torvalds return error; 25471da177e4SLinus Torvalds 2548acfa4380SAl Viro if (!dir->i_op->mkdir) 25491da177e4SLinus Torvalds return -EPERM; 25501da177e4SLinus Torvalds 25511da177e4SLinus Torvalds mode &= (S_IRWXUGO|S_ISVTX); 25521da177e4SLinus Torvalds error = security_inode_mkdir(dir, dentry, mode); 25531da177e4SLinus Torvalds if (error) 25541da177e4SLinus Torvalds return error; 25551da177e4SLinus Torvalds 25561da177e4SLinus Torvalds error = dir->i_op->mkdir(dir, dentry, mode); 2557a74574aaSStephen Smalley if (!error) 2558f38aa942SAmy Griffis fsnotify_mkdir(dir, dentry); 25591da177e4SLinus Torvalds return error; 25601da177e4SLinus Torvalds } 25611da177e4SLinus Torvalds 25622e4d0924SHeiko Carstens SYSCALL_DEFINE3(mkdirat, int, dfd, const char __user *, pathname, int, mode) 25631da177e4SLinus Torvalds { 25641da177e4SLinus Torvalds int error = 0; 25651da177e4SLinus Torvalds char * tmp; 25666902d925SDave Hansen struct dentry *dentry; 25676902d925SDave Hansen struct nameidata nd; 25681da177e4SLinus Torvalds 25692ad94ae6SAl Viro error = user_path_parent(dfd, pathname, &nd, &tmp); 25702ad94ae6SAl Viro if (error) 25716902d925SDave Hansen goto out_err; 25721da177e4SLinus Torvalds 25731da177e4SLinus Torvalds dentry = lookup_create(&nd, 1); 25741da177e4SLinus Torvalds error = PTR_ERR(dentry); 25756902d925SDave Hansen if (IS_ERR(dentry)) 25766902d925SDave Hansen goto out_unlock; 25776902d925SDave Hansen 25784ac91378SJan Blunck if (!IS_POSIXACL(nd.path.dentry->d_inode)) 2579ce3b0f8dSAl Viro mode &= ~current_umask(); 2580463c3197SDave Hansen error = mnt_want_write(nd.path.mnt); 2581463c3197SDave Hansen if (error) 2582463c3197SDave Hansen goto out_dput; 2583be6d3e56SKentaro Takeda error = security_path_mkdir(&nd.path, dentry, mode); 2584be6d3e56SKentaro Takeda if (error) 2585be6d3e56SKentaro Takeda goto out_drop_write; 25864ac91378SJan Blunck error = vfs_mkdir(nd.path.dentry->d_inode, dentry, mode); 2587be6d3e56SKentaro Takeda out_drop_write: 2588463c3197SDave Hansen mnt_drop_write(nd.path.mnt); 2589463c3197SDave Hansen out_dput: 25901da177e4SLinus Torvalds dput(dentry); 25916902d925SDave Hansen out_unlock: 25924ac91378SJan Blunck mutex_unlock(&nd.path.dentry->d_inode->i_mutex); 25931d957f9bSJan Blunck path_put(&nd.path); 25941da177e4SLinus Torvalds putname(tmp); 25956902d925SDave Hansen out_err: 25961da177e4SLinus Torvalds return error; 25971da177e4SLinus Torvalds } 25981da177e4SLinus Torvalds 25993cdad428SHeiko Carstens SYSCALL_DEFINE2(mkdir, const char __user *, pathname, int, mode) 26005590ff0dSUlrich Drepper { 26015590ff0dSUlrich Drepper return sys_mkdirat(AT_FDCWD, pathname, mode); 26025590ff0dSUlrich Drepper } 26035590ff0dSUlrich Drepper 26041da177e4SLinus Torvalds /* 26051da177e4SLinus Torvalds * We try to drop the dentry early: we should have 26061da177e4SLinus Torvalds * a usage count of 2 if we're the only user of this 26071da177e4SLinus Torvalds * dentry, and if that is true (possibly after pruning 26081da177e4SLinus Torvalds * the dcache), then we drop the dentry now. 26091da177e4SLinus Torvalds * 26101da177e4SLinus Torvalds * A low-level filesystem can, if it choses, legally 26111da177e4SLinus Torvalds * do a 26121da177e4SLinus Torvalds * 26131da177e4SLinus Torvalds * if (!d_unhashed(dentry)) 26141da177e4SLinus Torvalds * return -EBUSY; 26151da177e4SLinus Torvalds * 26161da177e4SLinus Torvalds * if it cannot handle the case of removing a directory 26171da177e4SLinus Torvalds * that is still in use by something else.. 26181da177e4SLinus Torvalds */ 26191da177e4SLinus Torvalds void dentry_unhash(struct dentry *dentry) 26201da177e4SLinus Torvalds { 26211da177e4SLinus Torvalds dget(dentry); 26221da177e4SLinus Torvalds shrink_dcache_parent(dentry); 26231da177e4SLinus Torvalds spin_lock(&dentry->d_lock); 2624b7ab39f6SNick Piggin if (dentry->d_count == 2) 26251da177e4SLinus Torvalds __d_drop(dentry); 26261da177e4SLinus Torvalds spin_unlock(&dentry->d_lock); 26271da177e4SLinus Torvalds } 26281da177e4SLinus Torvalds 26291da177e4SLinus Torvalds int vfs_rmdir(struct inode *dir, struct dentry *dentry) 26301da177e4SLinus Torvalds { 26311da177e4SLinus Torvalds int error = may_delete(dir, dentry, 1); 26321da177e4SLinus Torvalds 26331da177e4SLinus Torvalds if (error) 26341da177e4SLinus Torvalds return error; 26351da177e4SLinus Torvalds 2636acfa4380SAl Viro if (!dir->i_op->rmdir) 26371da177e4SLinus Torvalds return -EPERM; 26381da177e4SLinus Torvalds 26391b1dcc1bSJes Sorensen mutex_lock(&dentry->d_inode->i_mutex); 26401da177e4SLinus Torvalds dentry_unhash(dentry); 26411da177e4SLinus Torvalds if (d_mountpoint(dentry)) 26421da177e4SLinus Torvalds error = -EBUSY; 26431da177e4SLinus Torvalds else { 26441da177e4SLinus Torvalds error = security_inode_rmdir(dir, dentry); 26451da177e4SLinus Torvalds if (!error) { 26461da177e4SLinus Torvalds error = dir->i_op->rmdir(dir, dentry); 2647d83c49f3SAl Viro if (!error) { 26481da177e4SLinus Torvalds dentry->d_inode->i_flags |= S_DEAD; 2649d83c49f3SAl Viro dont_mount(dentry); 2650d83c49f3SAl Viro } 26511da177e4SLinus Torvalds } 26521da177e4SLinus Torvalds } 26531b1dcc1bSJes Sorensen mutex_unlock(&dentry->d_inode->i_mutex); 26541da177e4SLinus Torvalds if (!error) { 26551da177e4SLinus Torvalds d_delete(dentry); 26561da177e4SLinus Torvalds } 26571da177e4SLinus Torvalds dput(dentry); 26581da177e4SLinus Torvalds 26591da177e4SLinus Torvalds return error; 26601da177e4SLinus Torvalds } 26611da177e4SLinus Torvalds 26625590ff0dSUlrich Drepper static long do_rmdir(int dfd, const char __user *pathname) 26631da177e4SLinus Torvalds { 26641da177e4SLinus Torvalds int error = 0; 26651da177e4SLinus Torvalds char * name; 26661da177e4SLinus Torvalds struct dentry *dentry; 26671da177e4SLinus Torvalds struct nameidata nd; 26681da177e4SLinus Torvalds 26692ad94ae6SAl Viro error = user_path_parent(dfd, pathname, &nd, &name); 26701da177e4SLinus Torvalds if (error) 26712ad94ae6SAl Viro return error; 26721da177e4SLinus Torvalds 26731da177e4SLinus Torvalds switch(nd.last_type) { 26741da177e4SLinus Torvalds case LAST_DOTDOT: 26751da177e4SLinus Torvalds error = -ENOTEMPTY; 26761da177e4SLinus Torvalds goto exit1; 26771da177e4SLinus Torvalds case LAST_DOT: 26781da177e4SLinus Torvalds error = -EINVAL; 26791da177e4SLinus Torvalds goto exit1; 26801da177e4SLinus Torvalds case LAST_ROOT: 26811da177e4SLinus Torvalds error = -EBUSY; 26821da177e4SLinus Torvalds goto exit1; 26831da177e4SLinus Torvalds } 26840612d9fbSOGAWA Hirofumi 26850612d9fbSOGAWA Hirofumi nd.flags &= ~LOOKUP_PARENT; 26860612d9fbSOGAWA Hirofumi 26874ac91378SJan Blunck mutex_lock_nested(&nd.path.dentry->d_inode->i_mutex, I_MUTEX_PARENT); 268849705b77SChristoph Hellwig dentry = lookup_hash(&nd); 26891da177e4SLinus Torvalds error = PTR_ERR(dentry); 26906902d925SDave Hansen if (IS_ERR(dentry)) 26916902d925SDave Hansen goto exit2; 26920622753bSDave Hansen error = mnt_want_write(nd.path.mnt); 26930622753bSDave Hansen if (error) 26940622753bSDave Hansen goto exit3; 2695be6d3e56SKentaro Takeda error = security_path_rmdir(&nd.path, dentry); 2696be6d3e56SKentaro Takeda if (error) 2697be6d3e56SKentaro Takeda goto exit4; 26984ac91378SJan Blunck error = vfs_rmdir(nd.path.dentry->d_inode, dentry); 2699be6d3e56SKentaro Takeda exit4: 27000622753bSDave Hansen mnt_drop_write(nd.path.mnt); 27010622753bSDave Hansen exit3: 27021da177e4SLinus Torvalds dput(dentry); 27036902d925SDave Hansen exit2: 27044ac91378SJan Blunck mutex_unlock(&nd.path.dentry->d_inode->i_mutex); 27051da177e4SLinus Torvalds exit1: 27061d957f9bSJan Blunck path_put(&nd.path); 27071da177e4SLinus Torvalds putname(name); 27081da177e4SLinus Torvalds return error; 27091da177e4SLinus Torvalds } 27101da177e4SLinus Torvalds 27113cdad428SHeiko Carstens SYSCALL_DEFINE1(rmdir, const char __user *, pathname) 27125590ff0dSUlrich Drepper { 27135590ff0dSUlrich Drepper return do_rmdir(AT_FDCWD, pathname); 27145590ff0dSUlrich Drepper } 27155590ff0dSUlrich Drepper 27161da177e4SLinus Torvalds int vfs_unlink(struct inode *dir, struct dentry *dentry) 27171da177e4SLinus Torvalds { 27181da177e4SLinus Torvalds int error = may_delete(dir, dentry, 0); 27191da177e4SLinus Torvalds 27201da177e4SLinus Torvalds if (error) 27211da177e4SLinus Torvalds return error; 27221da177e4SLinus Torvalds 2723acfa4380SAl Viro if (!dir->i_op->unlink) 27241da177e4SLinus Torvalds return -EPERM; 27251da177e4SLinus Torvalds 27261b1dcc1bSJes Sorensen mutex_lock(&dentry->d_inode->i_mutex); 27271da177e4SLinus Torvalds if (d_mountpoint(dentry)) 27281da177e4SLinus Torvalds error = -EBUSY; 27291da177e4SLinus Torvalds else { 27301da177e4SLinus Torvalds error = security_inode_unlink(dir, dentry); 2731bec1052eSAl Viro if (!error) { 27321da177e4SLinus Torvalds error = dir->i_op->unlink(dir, dentry); 2733bec1052eSAl Viro if (!error) 2734d83c49f3SAl Viro dont_mount(dentry); 2735bec1052eSAl Viro } 27361da177e4SLinus Torvalds } 27371b1dcc1bSJes Sorensen mutex_unlock(&dentry->d_inode->i_mutex); 27381da177e4SLinus Torvalds 27391da177e4SLinus Torvalds /* We don't d_delete() NFS sillyrenamed files--they still exist. */ 27401da177e4SLinus Torvalds if (!error && !(dentry->d_flags & DCACHE_NFSFS_RENAMED)) { 2741ece95912SJan Kara fsnotify_link_count(dentry->d_inode); 27421da177e4SLinus Torvalds d_delete(dentry); 27431da177e4SLinus Torvalds } 27440eeca283SRobert Love 27451da177e4SLinus Torvalds return error; 27461da177e4SLinus Torvalds } 27471da177e4SLinus Torvalds 27481da177e4SLinus Torvalds /* 27491da177e4SLinus Torvalds * Make sure that the actual truncation of the file will occur outside its 27501b1dcc1bSJes Sorensen * directory's i_mutex. Truncate can take a long time if there is a lot of 27511da177e4SLinus Torvalds * writeout happening, and we don't want to prevent access to the directory 27521da177e4SLinus Torvalds * while waiting on the I/O. 27531da177e4SLinus Torvalds */ 27545590ff0dSUlrich Drepper static long do_unlinkat(int dfd, const char __user *pathname) 27551da177e4SLinus Torvalds { 27562ad94ae6SAl Viro int error; 27571da177e4SLinus Torvalds char *name; 27581da177e4SLinus Torvalds struct dentry *dentry; 27591da177e4SLinus Torvalds struct nameidata nd; 27601da177e4SLinus Torvalds struct inode *inode = NULL; 27611da177e4SLinus Torvalds 27622ad94ae6SAl Viro error = user_path_parent(dfd, pathname, &nd, &name); 27631da177e4SLinus Torvalds if (error) 27642ad94ae6SAl Viro return error; 27652ad94ae6SAl Viro 27661da177e4SLinus Torvalds error = -EISDIR; 27671da177e4SLinus Torvalds if (nd.last_type != LAST_NORM) 27681da177e4SLinus Torvalds goto exit1; 27690612d9fbSOGAWA Hirofumi 27700612d9fbSOGAWA Hirofumi nd.flags &= ~LOOKUP_PARENT; 27710612d9fbSOGAWA Hirofumi 27724ac91378SJan Blunck mutex_lock_nested(&nd.path.dentry->d_inode->i_mutex, I_MUTEX_PARENT); 277349705b77SChristoph Hellwig dentry = lookup_hash(&nd); 27741da177e4SLinus Torvalds error = PTR_ERR(dentry); 27751da177e4SLinus Torvalds if (!IS_ERR(dentry)) { 27761da177e4SLinus Torvalds /* Why not before? Because we want correct error value */ 27771da177e4SLinus Torvalds if (nd.last.name[nd.last.len]) 27781da177e4SLinus Torvalds goto slashes; 27791da177e4SLinus Torvalds inode = dentry->d_inode; 27801da177e4SLinus Torvalds if (inode) 27817de9c6eeSAl Viro ihold(inode); 27820622753bSDave Hansen error = mnt_want_write(nd.path.mnt); 27830622753bSDave Hansen if (error) 27840622753bSDave Hansen goto exit2; 2785be6d3e56SKentaro Takeda error = security_path_unlink(&nd.path, dentry); 2786be6d3e56SKentaro Takeda if (error) 2787be6d3e56SKentaro Takeda goto exit3; 27884ac91378SJan Blunck error = vfs_unlink(nd.path.dentry->d_inode, dentry); 2789be6d3e56SKentaro Takeda exit3: 27900622753bSDave Hansen mnt_drop_write(nd.path.mnt); 27911da177e4SLinus Torvalds exit2: 27921da177e4SLinus Torvalds dput(dentry); 27931da177e4SLinus Torvalds } 27944ac91378SJan Blunck mutex_unlock(&nd.path.dentry->d_inode->i_mutex); 27951da177e4SLinus Torvalds if (inode) 27961da177e4SLinus Torvalds iput(inode); /* truncate the inode here */ 27971da177e4SLinus Torvalds exit1: 27981d957f9bSJan Blunck path_put(&nd.path); 27991da177e4SLinus Torvalds putname(name); 28001da177e4SLinus Torvalds return error; 28011da177e4SLinus Torvalds 28021da177e4SLinus Torvalds slashes: 28031da177e4SLinus Torvalds error = !dentry->d_inode ? -ENOENT : 28041da177e4SLinus Torvalds S_ISDIR(dentry->d_inode->i_mode) ? -EISDIR : -ENOTDIR; 28051da177e4SLinus Torvalds goto exit2; 28061da177e4SLinus Torvalds } 28071da177e4SLinus Torvalds 28082e4d0924SHeiko Carstens SYSCALL_DEFINE3(unlinkat, int, dfd, const char __user *, pathname, int, flag) 28095590ff0dSUlrich Drepper { 28105590ff0dSUlrich Drepper if ((flag & ~AT_REMOVEDIR) != 0) 28115590ff0dSUlrich Drepper return -EINVAL; 28125590ff0dSUlrich Drepper 28135590ff0dSUlrich Drepper if (flag & AT_REMOVEDIR) 28145590ff0dSUlrich Drepper return do_rmdir(dfd, pathname); 28155590ff0dSUlrich Drepper 28165590ff0dSUlrich Drepper return do_unlinkat(dfd, pathname); 28175590ff0dSUlrich Drepper } 28185590ff0dSUlrich Drepper 28193480b257SHeiko Carstens SYSCALL_DEFINE1(unlink, const char __user *, pathname) 28205590ff0dSUlrich Drepper { 28215590ff0dSUlrich Drepper return do_unlinkat(AT_FDCWD, pathname); 28225590ff0dSUlrich Drepper } 28235590ff0dSUlrich Drepper 2824db2e747bSMiklos Szeredi int vfs_symlink(struct inode *dir, struct dentry *dentry, const char *oldname) 28251da177e4SLinus Torvalds { 2826a95164d9SMiklos Szeredi int error = may_create(dir, dentry); 28271da177e4SLinus Torvalds 28281da177e4SLinus Torvalds if (error) 28291da177e4SLinus Torvalds return error; 28301da177e4SLinus Torvalds 2831acfa4380SAl Viro if (!dir->i_op->symlink) 28321da177e4SLinus Torvalds return -EPERM; 28331da177e4SLinus Torvalds 28341da177e4SLinus Torvalds error = security_inode_symlink(dir, dentry, oldname); 28351da177e4SLinus Torvalds if (error) 28361da177e4SLinus Torvalds return error; 28371da177e4SLinus Torvalds 28381da177e4SLinus Torvalds error = dir->i_op->symlink(dir, dentry, oldname); 2839a74574aaSStephen Smalley if (!error) 2840f38aa942SAmy Griffis fsnotify_create(dir, dentry); 28411da177e4SLinus Torvalds return error; 28421da177e4SLinus Torvalds } 28431da177e4SLinus Torvalds 28442e4d0924SHeiko Carstens SYSCALL_DEFINE3(symlinkat, const char __user *, oldname, 28452e4d0924SHeiko Carstens int, newdfd, const char __user *, newname) 28461da177e4SLinus Torvalds { 28472ad94ae6SAl Viro int error; 28481da177e4SLinus Torvalds char *from; 28491da177e4SLinus Torvalds char *to; 28506902d925SDave Hansen struct dentry *dentry; 28516902d925SDave Hansen struct nameidata nd; 28521da177e4SLinus Torvalds 28531da177e4SLinus Torvalds from = getname(oldname); 28541da177e4SLinus Torvalds if (IS_ERR(from)) 28551da177e4SLinus Torvalds return PTR_ERR(from); 28562ad94ae6SAl Viro 28572ad94ae6SAl Viro error = user_path_parent(newdfd, newname, &nd, &to); 28582ad94ae6SAl Viro if (error) 28596902d925SDave Hansen goto out_putname; 28601da177e4SLinus Torvalds 28611da177e4SLinus Torvalds dentry = lookup_create(&nd, 0); 28621da177e4SLinus Torvalds error = PTR_ERR(dentry); 28636902d925SDave Hansen if (IS_ERR(dentry)) 28646902d925SDave Hansen goto out_unlock; 28656902d925SDave Hansen 286675c3f29dSDave Hansen error = mnt_want_write(nd.path.mnt); 286775c3f29dSDave Hansen if (error) 286875c3f29dSDave Hansen goto out_dput; 2869be6d3e56SKentaro Takeda error = security_path_symlink(&nd.path, dentry, from); 2870be6d3e56SKentaro Takeda if (error) 2871be6d3e56SKentaro Takeda goto out_drop_write; 2872db2e747bSMiklos Szeredi error = vfs_symlink(nd.path.dentry->d_inode, dentry, from); 2873be6d3e56SKentaro Takeda out_drop_write: 287475c3f29dSDave Hansen mnt_drop_write(nd.path.mnt); 287575c3f29dSDave Hansen out_dput: 28761da177e4SLinus Torvalds dput(dentry); 28776902d925SDave Hansen out_unlock: 28784ac91378SJan Blunck mutex_unlock(&nd.path.dentry->d_inode->i_mutex); 28791d957f9bSJan Blunck path_put(&nd.path); 28801da177e4SLinus Torvalds putname(to); 28816902d925SDave Hansen out_putname: 28821da177e4SLinus Torvalds putname(from); 28831da177e4SLinus Torvalds return error; 28841da177e4SLinus Torvalds } 28851da177e4SLinus Torvalds 28863480b257SHeiko Carstens SYSCALL_DEFINE2(symlink, const char __user *, oldname, const char __user *, newname) 28875590ff0dSUlrich Drepper { 28885590ff0dSUlrich Drepper return sys_symlinkat(oldname, AT_FDCWD, newname); 28895590ff0dSUlrich Drepper } 28905590ff0dSUlrich Drepper 28911da177e4SLinus Torvalds int vfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_dentry) 28921da177e4SLinus Torvalds { 28931da177e4SLinus Torvalds struct inode *inode = old_dentry->d_inode; 28941da177e4SLinus Torvalds int error; 28951da177e4SLinus Torvalds 28961da177e4SLinus Torvalds if (!inode) 28971da177e4SLinus Torvalds return -ENOENT; 28981da177e4SLinus Torvalds 2899a95164d9SMiklos Szeredi error = may_create(dir, new_dentry); 29001da177e4SLinus Torvalds if (error) 29011da177e4SLinus Torvalds return error; 29021da177e4SLinus Torvalds 29031da177e4SLinus Torvalds if (dir->i_sb != inode->i_sb) 29041da177e4SLinus Torvalds return -EXDEV; 29051da177e4SLinus Torvalds 29061da177e4SLinus Torvalds /* 29071da177e4SLinus Torvalds * A link to an append-only or immutable file cannot be created. 29081da177e4SLinus Torvalds */ 29091da177e4SLinus Torvalds if (IS_APPEND(inode) || IS_IMMUTABLE(inode)) 29101da177e4SLinus Torvalds return -EPERM; 2911acfa4380SAl Viro if (!dir->i_op->link) 29121da177e4SLinus Torvalds return -EPERM; 29137e79eedbSTetsuo Handa if (S_ISDIR(inode->i_mode)) 29141da177e4SLinus Torvalds return -EPERM; 29151da177e4SLinus Torvalds 29161da177e4SLinus Torvalds error = security_inode_link(old_dentry, dir, new_dentry); 29171da177e4SLinus Torvalds if (error) 29181da177e4SLinus Torvalds return error; 29191da177e4SLinus Torvalds 29207e79eedbSTetsuo Handa mutex_lock(&inode->i_mutex); 29211da177e4SLinus Torvalds error = dir->i_op->link(old_dentry, dir, new_dentry); 29227e79eedbSTetsuo Handa mutex_unlock(&inode->i_mutex); 2923e31e14ecSStephen Smalley if (!error) 29247e79eedbSTetsuo Handa fsnotify_link(dir, inode, new_dentry); 29251da177e4SLinus Torvalds return error; 29261da177e4SLinus Torvalds } 29271da177e4SLinus Torvalds 29281da177e4SLinus Torvalds /* 29291da177e4SLinus Torvalds * Hardlinks are often used in delicate situations. We avoid 29301da177e4SLinus Torvalds * security-related surprises by not following symlinks on the 29311da177e4SLinus Torvalds * newname. --KAB 29321da177e4SLinus Torvalds * 29331da177e4SLinus Torvalds * We don't follow them on the oldname either to be compatible 29341da177e4SLinus Torvalds * with linux 2.0, and to avoid hard-linking to directories 29351da177e4SLinus Torvalds * and other special files. --ADM 29361da177e4SLinus Torvalds */ 29372e4d0924SHeiko Carstens SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname, 29382e4d0924SHeiko Carstens int, newdfd, const char __user *, newname, int, flags) 29391da177e4SLinus Torvalds { 29401da177e4SLinus Torvalds struct dentry *new_dentry; 29412d8f3038SAl Viro struct nameidata nd; 29422d8f3038SAl Viro struct path old_path; 29431da177e4SLinus Torvalds int error; 29441da177e4SLinus Torvalds char *to; 29451da177e4SLinus Torvalds 294645c9b11aSUlrich Drepper if ((flags & ~AT_SYMLINK_FOLLOW) != 0) 2947c04030e1SUlrich Drepper return -EINVAL; 2948c04030e1SUlrich Drepper 29492d8f3038SAl Viro error = user_path_at(olddfd, oldname, 295045c9b11aSUlrich Drepper flags & AT_SYMLINK_FOLLOW ? LOOKUP_FOLLOW : 0, 29512d8f3038SAl Viro &old_path); 29521da177e4SLinus Torvalds if (error) 29532ad94ae6SAl Viro return error; 29542ad94ae6SAl Viro 29552ad94ae6SAl Viro error = user_path_parent(newdfd, newname, &nd, &to); 29561da177e4SLinus Torvalds if (error) 29571da177e4SLinus Torvalds goto out; 29581da177e4SLinus Torvalds error = -EXDEV; 29592d8f3038SAl Viro if (old_path.mnt != nd.path.mnt) 29601da177e4SLinus Torvalds goto out_release; 29611da177e4SLinus Torvalds new_dentry = lookup_create(&nd, 0); 29621da177e4SLinus Torvalds error = PTR_ERR(new_dentry); 29636902d925SDave Hansen if (IS_ERR(new_dentry)) 29646902d925SDave Hansen goto out_unlock; 296575c3f29dSDave Hansen error = mnt_want_write(nd.path.mnt); 296675c3f29dSDave Hansen if (error) 296775c3f29dSDave Hansen goto out_dput; 2968be6d3e56SKentaro Takeda error = security_path_link(old_path.dentry, &nd.path, new_dentry); 2969be6d3e56SKentaro Takeda if (error) 2970be6d3e56SKentaro Takeda goto out_drop_write; 29712d8f3038SAl Viro error = vfs_link(old_path.dentry, nd.path.dentry->d_inode, new_dentry); 2972be6d3e56SKentaro Takeda out_drop_write: 297375c3f29dSDave Hansen mnt_drop_write(nd.path.mnt); 297475c3f29dSDave Hansen out_dput: 29751da177e4SLinus Torvalds dput(new_dentry); 29766902d925SDave Hansen out_unlock: 29774ac91378SJan Blunck mutex_unlock(&nd.path.dentry->d_inode->i_mutex); 29781da177e4SLinus Torvalds out_release: 29791d957f9bSJan Blunck path_put(&nd.path); 29802ad94ae6SAl Viro putname(to); 29811da177e4SLinus Torvalds out: 29822d8f3038SAl Viro path_put(&old_path); 29831da177e4SLinus Torvalds 29841da177e4SLinus Torvalds return error; 29851da177e4SLinus Torvalds } 29861da177e4SLinus Torvalds 29873480b257SHeiko Carstens SYSCALL_DEFINE2(link, const char __user *, oldname, const char __user *, newname) 29885590ff0dSUlrich Drepper { 2989c04030e1SUlrich Drepper return sys_linkat(AT_FDCWD, oldname, AT_FDCWD, newname, 0); 29905590ff0dSUlrich Drepper } 29915590ff0dSUlrich Drepper 29921da177e4SLinus Torvalds /* 29931da177e4SLinus Torvalds * The worst of all namespace operations - renaming directory. "Perverted" 29941da177e4SLinus Torvalds * doesn't even start to describe it. Somebody in UCB had a heck of a trip... 29951da177e4SLinus Torvalds * Problems: 29961da177e4SLinus Torvalds * a) we can get into loop creation. Check is done in is_subdir(). 29971da177e4SLinus Torvalds * b) race potential - two innocent renames can create a loop together. 29981da177e4SLinus Torvalds * That's where 4.4 screws up. Current fix: serialization on 2999a11f3a05SArjan van de Ven * sb->s_vfs_rename_mutex. We might be more accurate, but that's another 30001da177e4SLinus Torvalds * story. 30011da177e4SLinus Torvalds * c) we have to lock _three_ objects - parents and victim (if it exists). 30021b1dcc1bSJes Sorensen * And that - after we got ->i_mutex on parents (until then we don't know 30031da177e4SLinus Torvalds * whether the target exists). Solution: try to be smart with locking 30041da177e4SLinus Torvalds * order for inodes. We rely on the fact that tree topology may change 3005a11f3a05SArjan van de Ven * only under ->s_vfs_rename_mutex _and_ that parent of the object we 30061da177e4SLinus Torvalds * move will be locked. Thus we can rank directories by the tree 30071da177e4SLinus Torvalds * (ancestors first) and rank all non-directories after them. 30081da177e4SLinus Torvalds * That works since everybody except rename does "lock parent, lookup, 3009a11f3a05SArjan van de Ven * lock child" and rename is under ->s_vfs_rename_mutex. 30101da177e4SLinus Torvalds * HOWEVER, it relies on the assumption that any object with ->lookup() 30111da177e4SLinus Torvalds * has no more than 1 dentry. If "hybrid" objects will ever appear, 30121da177e4SLinus Torvalds * we'd better make sure that there's no link(2) for them. 30131da177e4SLinus Torvalds * d) some filesystems don't support opened-but-unlinked directories, 30141da177e4SLinus Torvalds * either because of layout or because they are not ready to deal with 30151da177e4SLinus Torvalds * all cases correctly. The latter will be fixed (taking this sort of 30161da177e4SLinus Torvalds * stuff into VFS), but the former is not going away. Solution: the same 30171da177e4SLinus Torvalds * trick as in rmdir(). 30181da177e4SLinus Torvalds * e) conversion from fhandle to dentry may come in the wrong moment - when 30191b1dcc1bSJes Sorensen * we are removing the target. Solution: we will have to grab ->i_mutex 30201da177e4SLinus Torvalds * in the fhandle_to_dentry code. [FIXME - current nfsfh.c relies on 3021c41b20e7SAdam Buchbinder * ->i_mutex on parents, which works but leads to some truly excessive 30221da177e4SLinus Torvalds * locking]. 30231da177e4SLinus Torvalds */ 302475c96f85SAdrian Bunk static int vfs_rename_dir(struct inode *old_dir, struct dentry *old_dentry, 30251da177e4SLinus Torvalds struct inode *new_dir, struct dentry *new_dentry) 30261da177e4SLinus Torvalds { 30271da177e4SLinus Torvalds int error = 0; 30281da177e4SLinus Torvalds struct inode *target; 30291da177e4SLinus Torvalds 30301da177e4SLinus Torvalds /* 30311da177e4SLinus Torvalds * If we are going to change the parent - check write permissions, 30321da177e4SLinus Torvalds * we'll need to flip '..'. 30331da177e4SLinus Torvalds */ 30341da177e4SLinus Torvalds if (new_dir != old_dir) { 3035f419a2e3SAl Viro error = inode_permission(old_dentry->d_inode, MAY_WRITE); 30361da177e4SLinus Torvalds if (error) 30371da177e4SLinus Torvalds return error; 30381da177e4SLinus Torvalds } 30391da177e4SLinus Torvalds 30401da177e4SLinus Torvalds error = security_inode_rename(old_dir, old_dentry, new_dir, new_dentry); 30411da177e4SLinus Torvalds if (error) 30421da177e4SLinus Torvalds return error; 30431da177e4SLinus Torvalds 30441da177e4SLinus Torvalds target = new_dentry->d_inode; 3045d83c49f3SAl Viro if (target) 30461b1dcc1bSJes Sorensen mutex_lock(&target->i_mutex); 30471da177e4SLinus Torvalds if (d_mountpoint(old_dentry)||d_mountpoint(new_dentry)) 30481da177e4SLinus Torvalds error = -EBUSY; 3049d83c49f3SAl Viro else { 3050d83c49f3SAl Viro if (target) 3051d83c49f3SAl Viro dentry_unhash(new_dentry); 30521da177e4SLinus Torvalds error = old_dir->i_op->rename(old_dir, old_dentry, new_dir, new_dentry); 3053d83c49f3SAl Viro } 30541da177e4SLinus Torvalds if (target) { 3055d83c49f3SAl Viro if (!error) { 30561da177e4SLinus Torvalds target->i_flags |= S_DEAD; 3057d83c49f3SAl Viro dont_mount(new_dentry); 3058d83c49f3SAl Viro } 30591b1dcc1bSJes Sorensen mutex_unlock(&target->i_mutex); 30601da177e4SLinus Torvalds if (d_unhashed(new_dentry)) 30611da177e4SLinus Torvalds d_rehash(new_dentry); 30621da177e4SLinus Torvalds dput(new_dentry); 30631da177e4SLinus Torvalds } 3064e31e14ecSStephen Smalley if (!error) 3065349457ccSMark Fasheh if (!(old_dir->i_sb->s_type->fs_flags & FS_RENAME_DOES_D_MOVE)) 30661da177e4SLinus Torvalds d_move(old_dentry,new_dentry); 30671da177e4SLinus Torvalds return error; 30681da177e4SLinus Torvalds } 30691da177e4SLinus Torvalds 307075c96f85SAdrian Bunk static int vfs_rename_other(struct inode *old_dir, struct dentry *old_dentry, 30711da177e4SLinus Torvalds struct inode *new_dir, struct dentry *new_dentry) 30721da177e4SLinus Torvalds { 30731da177e4SLinus Torvalds struct inode *target; 30741da177e4SLinus Torvalds int error; 30751da177e4SLinus Torvalds 30761da177e4SLinus Torvalds error = security_inode_rename(old_dir, old_dentry, new_dir, new_dentry); 30771da177e4SLinus Torvalds if (error) 30781da177e4SLinus Torvalds return error; 30791da177e4SLinus Torvalds 30801da177e4SLinus Torvalds dget(new_dentry); 30811da177e4SLinus Torvalds target = new_dentry->d_inode; 30821da177e4SLinus Torvalds if (target) 30831b1dcc1bSJes Sorensen mutex_lock(&target->i_mutex); 30841da177e4SLinus Torvalds if (d_mountpoint(old_dentry)||d_mountpoint(new_dentry)) 30851da177e4SLinus Torvalds error = -EBUSY; 30861da177e4SLinus Torvalds else 30871da177e4SLinus Torvalds error = old_dir->i_op->rename(old_dir, old_dentry, new_dir, new_dentry); 30881da177e4SLinus Torvalds if (!error) { 3089bec1052eSAl Viro if (target) 3090d83c49f3SAl Viro dont_mount(new_dentry); 3091349457ccSMark Fasheh if (!(old_dir->i_sb->s_type->fs_flags & FS_RENAME_DOES_D_MOVE)) 30921da177e4SLinus Torvalds d_move(old_dentry, new_dentry); 30931da177e4SLinus Torvalds } 30941da177e4SLinus Torvalds if (target) 30951b1dcc1bSJes Sorensen mutex_unlock(&target->i_mutex); 30961da177e4SLinus Torvalds dput(new_dentry); 30971da177e4SLinus Torvalds return error; 30981da177e4SLinus Torvalds } 30991da177e4SLinus Torvalds 31001da177e4SLinus Torvalds int vfs_rename(struct inode *old_dir, struct dentry *old_dentry, 31011da177e4SLinus Torvalds struct inode *new_dir, struct dentry *new_dentry) 31021da177e4SLinus Torvalds { 31031da177e4SLinus Torvalds int error; 31041da177e4SLinus Torvalds int is_dir = S_ISDIR(old_dentry->d_inode->i_mode); 310559b0df21SEric Paris const unsigned char *old_name; 31061da177e4SLinus Torvalds 31071da177e4SLinus Torvalds if (old_dentry->d_inode == new_dentry->d_inode) 31081da177e4SLinus Torvalds return 0; 31091da177e4SLinus Torvalds 31101da177e4SLinus Torvalds error = may_delete(old_dir, old_dentry, is_dir); 31111da177e4SLinus Torvalds if (error) 31121da177e4SLinus Torvalds return error; 31131da177e4SLinus Torvalds 31141da177e4SLinus Torvalds if (!new_dentry->d_inode) 3115a95164d9SMiklos Szeredi error = may_create(new_dir, new_dentry); 31161da177e4SLinus Torvalds else 31171da177e4SLinus Torvalds error = may_delete(new_dir, new_dentry, is_dir); 31181da177e4SLinus Torvalds if (error) 31191da177e4SLinus Torvalds return error; 31201da177e4SLinus Torvalds 3121acfa4380SAl Viro if (!old_dir->i_op->rename) 31221da177e4SLinus Torvalds return -EPERM; 31231da177e4SLinus Torvalds 31240eeca283SRobert Love old_name = fsnotify_oldname_init(old_dentry->d_name.name); 31250eeca283SRobert Love 31261da177e4SLinus Torvalds if (is_dir) 31271da177e4SLinus Torvalds error = vfs_rename_dir(old_dir,old_dentry,new_dir,new_dentry); 31281da177e4SLinus Torvalds else 31291da177e4SLinus Torvalds error = vfs_rename_other(old_dir,old_dentry,new_dir,new_dentry); 3130123df294SAl Viro if (!error) 3131123df294SAl Viro fsnotify_move(old_dir, new_dir, old_name, is_dir, 31325a190ae6SAl Viro new_dentry->d_inode, old_dentry); 31330eeca283SRobert Love fsnotify_oldname_free(old_name); 31340eeca283SRobert Love 31351da177e4SLinus Torvalds return error; 31361da177e4SLinus Torvalds } 31371da177e4SLinus Torvalds 31382e4d0924SHeiko Carstens SYSCALL_DEFINE4(renameat, int, olddfd, const char __user *, oldname, 31392e4d0924SHeiko Carstens int, newdfd, const char __user *, newname) 31401da177e4SLinus Torvalds { 31411da177e4SLinus Torvalds struct dentry *old_dir, *new_dir; 31421da177e4SLinus Torvalds struct dentry *old_dentry, *new_dentry; 31431da177e4SLinus Torvalds struct dentry *trap; 31441da177e4SLinus Torvalds struct nameidata oldnd, newnd; 31452ad94ae6SAl Viro char *from; 31462ad94ae6SAl Viro char *to; 31472ad94ae6SAl Viro int error; 31481da177e4SLinus Torvalds 31492ad94ae6SAl Viro error = user_path_parent(olddfd, oldname, &oldnd, &from); 31501da177e4SLinus Torvalds if (error) 31511da177e4SLinus Torvalds goto exit; 31521da177e4SLinus Torvalds 31532ad94ae6SAl Viro error = user_path_parent(newdfd, newname, &newnd, &to); 31541da177e4SLinus Torvalds if (error) 31551da177e4SLinus Torvalds goto exit1; 31561da177e4SLinus Torvalds 31571da177e4SLinus Torvalds error = -EXDEV; 31584ac91378SJan Blunck if (oldnd.path.mnt != newnd.path.mnt) 31591da177e4SLinus Torvalds goto exit2; 31601da177e4SLinus Torvalds 31614ac91378SJan Blunck old_dir = oldnd.path.dentry; 31621da177e4SLinus Torvalds error = -EBUSY; 31631da177e4SLinus Torvalds if (oldnd.last_type != LAST_NORM) 31641da177e4SLinus Torvalds goto exit2; 31651da177e4SLinus Torvalds 31664ac91378SJan Blunck new_dir = newnd.path.dentry; 31671da177e4SLinus Torvalds if (newnd.last_type != LAST_NORM) 31681da177e4SLinus Torvalds goto exit2; 31691da177e4SLinus Torvalds 31700612d9fbSOGAWA Hirofumi oldnd.flags &= ~LOOKUP_PARENT; 31710612d9fbSOGAWA Hirofumi newnd.flags &= ~LOOKUP_PARENT; 31724e9ed2f8SOGAWA Hirofumi newnd.flags |= LOOKUP_RENAME_TARGET; 31730612d9fbSOGAWA Hirofumi 31741da177e4SLinus Torvalds trap = lock_rename(new_dir, old_dir); 31751da177e4SLinus Torvalds 317649705b77SChristoph Hellwig old_dentry = lookup_hash(&oldnd); 31771da177e4SLinus Torvalds error = PTR_ERR(old_dentry); 31781da177e4SLinus Torvalds if (IS_ERR(old_dentry)) 31791da177e4SLinus Torvalds goto exit3; 31801da177e4SLinus Torvalds /* source must exist */ 31811da177e4SLinus Torvalds error = -ENOENT; 31821da177e4SLinus Torvalds if (!old_dentry->d_inode) 31831da177e4SLinus Torvalds goto exit4; 31841da177e4SLinus Torvalds /* unless the source is a directory trailing slashes give -ENOTDIR */ 31851da177e4SLinus Torvalds if (!S_ISDIR(old_dentry->d_inode->i_mode)) { 31861da177e4SLinus Torvalds error = -ENOTDIR; 31871da177e4SLinus Torvalds if (oldnd.last.name[oldnd.last.len]) 31881da177e4SLinus Torvalds goto exit4; 31891da177e4SLinus Torvalds if (newnd.last.name[newnd.last.len]) 31901da177e4SLinus Torvalds goto exit4; 31911da177e4SLinus Torvalds } 31921da177e4SLinus Torvalds /* source should not be ancestor of target */ 31931da177e4SLinus Torvalds error = -EINVAL; 31941da177e4SLinus Torvalds if (old_dentry == trap) 31951da177e4SLinus Torvalds goto exit4; 319649705b77SChristoph Hellwig new_dentry = lookup_hash(&newnd); 31971da177e4SLinus Torvalds error = PTR_ERR(new_dentry); 31981da177e4SLinus Torvalds if (IS_ERR(new_dentry)) 31991da177e4SLinus Torvalds goto exit4; 32001da177e4SLinus Torvalds /* target should not be an ancestor of source */ 32011da177e4SLinus Torvalds error = -ENOTEMPTY; 32021da177e4SLinus Torvalds if (new_dentry == trap) 32031da177e4SLinus Torvalds goto exit5; 32041da177e4SLinus Torvalds 32059079b1ebSDave Hansen error = mnt_want_write(oldnd.path.mnt); 32069079b1ebSDave Hansen if (error) 32079079b1ebSDave Hansen goto exit5; 3208be6d3e56SKentaro Takeda error = security_path_rename(&oldnd.path, old_dentry, 3209be6d3e56SKentaro Takeda &newnd.path, new_dentry); 3210be6d3e56SKentaro Takeda if (error) 3211be6d3e56SKentaro Takeda goto exit6; 32121da177e4SLinus Torvalds error = vfs_rename(old_dir->d_inode, old_dentry, 32131da177e4SLinus Torvalds new_dir->d_inode, new_dentry); 3214be6d3e56SKentaro Takeda exit6: 32159079b1ebSDave Hansen mnt_drop_write(oldnd.path.mnt); 32161da177e4SLinus Torvalds exit5: 32171da177e4SLinus Torvalds dput(new_dentry); 32181da177e4SLinus Torvalds exit4: 32191da177e4SLinus Torvalds dput(old_dentry); 32201da177e4SLinus Torvalds exit3: 32211da177e4SLinus Torvalds unlock_rename(new_dir, old_dir); 32221da177e4SLinus Torvalds exit2: 32231d957f9bSJan Blunck path_put(&newnd.path); 32242ad94ae6SAl Viro putname(to); 32251da177e4SLinus Torvalds exit1: 32261d957f9bSJan Blunck path_put(&oldnd.path); 32271da177e4SLinus Torvalds putname(from); 32282ad94ae6SAl Viro exit: 32291da177e4SLinus Torvalds return error; 32301da177e4SLinus Torvalds } 32311da177e4SLinus Torvalds 3232a26eab24SHeiko Carstens SYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newname) 32335590ff0dSUlrich Drepper { 32345590ff0dSUlrich Drepper return sys_renameat(AT_FDCWD, oldname, AT_FDCWD, newname); 32355590ff0dSUlrich Drepper } 32365590ff0dSUlrich Drepper 32371da177e4SLinus Torvalds int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const char *link) 32381da177e4SLinus Torvalds { 32391da177e4SLinus Torvalds int len; 32401da177e4SLinus Torvalds 32411da177e4SLinus Torvalds len = PTR_ERR(link); 32421da177e4SLinus Torvalds if (IS_ERR(link)) 32431da177e4SLinus Torvalds goto out; 32441da177e4SLinus Torvalds 32451da177e4SLinus Torvalds len = strlen(link); 32461da177e4SLinus Torvalds if (len > (unsigned) buflen) 32471da177e4SLinus Torvalds len = buflen; 32481da177e4SLinus Torvalds if (copy_to_user(buffer, link, len)) 32491da177e4SLinus Torvalds len = -EFAULT; 32501da177e4SLinus Torvalds out: 32511da177e4SLinus Torvalds return len; 32521da177e4SLinus Torvalds } 32531da177e4SLinus Torvalds 32541da177e4SLinus Torvalds /* 32551da177e4SLinus Torvalds * A helper for ->readlink(). This should be used *ONLY* for symlinks that 32561da177e4SLinus Torvalds * have ->follow_link() touching nd only in nd_set_link(). Using (or not 32571da177e4SLinus Torvalds * using) it for any given inode is up to filesystem. 32581da177e4SLinus Torvalds */ 32591da177e4SLinus Torvalds int generic_readlink(struct dentry *dentry, char __user *buffer, int buflen) 32601da177e4SLinus Torvalds { 32611da177e4SLinus Torvalds struct nameidata nd; 3262cc314eefSLinus Torvalds void *cookie; 3263694a1764SMarcin Slusarz int res; 3264cc314eefSLinus Torvalds 32651da177e4SLinus Torvalds nd.depth = 0; 3266cc314eefSLinus Torvalds cookie = dentry->d_inode->i_op->follow_link(dentry, &nd); 3267694a1764SMarcin Slusarz if (IS_ERR(cookie)) 3268694a1764SMarcin Slusarz return PTR_ERR(cookie); 3269694a1764SMarcin Slusarz 3270694a1764SMarcin Slusarz res = vfs_readlink(dentry, buffer, buflen, nd_get_link(&nd)); 32711da177e4SLinus Torvalds if (dentry->d_inode->i_op->put_link) 3272cc314eefSLinus Torvalds dentry->d_inode->i_op->put_link(dentry, &nd, cookie); 3273694a1764SMarcin Slusarz return res; 32741da177e4SLinus Torvalds } 32751da177e4SLinus Torvalds 32761da177e4SLinus Torvalds int vfs_follow_link(struct nameidata *nd, const char *link) 32771da177e4SLinus Torvalds { 32781da177e4SLinus Torvalds return __vfs_follow_link(nd, link); 32791da177e4SLinus Torvalds } 32801da177e4SLinus Torvalds 32811da177e4SLinus Torvalds /* get the link contents into pagecache */ 32821da177e4SLinus Torvalds static char *page_getlink(struct dentry * dentry, struct page **ppage) 32831da177e4SLinus Torvalds { 3284ebd09abbSDuane Griffin char *kaddr; 32851da177e4SLinus Torvalds struct page *page; 32861da177e4SLinus Torvalds struct address_space *mapping = dentry->d_inode->i_mapping; 3287090d2b18SPekka Enberg page = read_mapping_page(mapping, 0, NULL); 32881da177e4SLinus Torvalds if (IS_ERR(page)) 32896fe6900eSNick Piggin return (char*)page; 32901da177e4SLinus Torvalds *ppage = page; 3291ebd09abbSDuane Griffin kaddr = kmap(page); 3292ebd09abbSDuane Griffin nd_terminate_link(kaddr, dentry->d_inode->i_size, PAGE_SIZE - 1); 3293ebd09abbSDuane Griffin return kaddr; 32941da177e4SLinus Torvalds } 32951da177e4SLinus Torvalds 32961da177e4SLinus Torvalds int page_readlink(struct dentry *dentry, char __user *buffer, int buflen) 32971da177e4SLinus Torvalds { 32981da177e4SLinus Torvalds struct page *page = NULL; 32991da177e4SLinus Torvalds char *s = page_getlink(dentry, &page); 33001da177e4SLinus Torvalds int res = vfs_readlink(dentry,buffer,buflen,s); 33011da177e4SLinus Torvalds if (page) { 33021da177e4SLinus Torvalds kunmap(page); 33031da177e4SLinus Torvalds page_cache_release(page); 33041da177e4SLinus Torvalds } 33051da177e4SLinus Torvalds return res; 33061da177e4SLinus Torvalds } 33071da177e4SLinus Torvalds 3308cc314eefSLinus Torvalds void *page_follow_link_light(struct dentry *dentry, struct nameidata *nd) 33091da177e4SLinus Torvalds { 3310cc314eefSLinus Torvalds struct page *page = NULL; 33111da177e4SLinus Torvalds nd_set_link(nd, page_getlink(dentry, &page)); 3312cc314eefSLinus Torvalds return page; 33131da177e4SLinus Torvalds } 33141da177e4SLinus Torvalds 3315cc314eefSLinus Torvalds void page_put_link(struct dentry *dentry, struct nameidata *nd, void *cookie) 33161da177e4SLinus Torvalds { 3317cc314eefSLinus Torvalds struct page *page = cookie; 3318cc314eefSLinus Torvalds 3319cc314eefSLinus Torvalds if (page) { 33201da177e4SLinus Torvalds kunmap(page); 33211da177e4SLinus Torvalds page_cache_release(page); 33221da177e4SLinus Torvalds } 33231da177e4SLinus Torvalds } 33241da177e4SLinus Torvalds 332554566b2cSNick Piggin /* 332654566b2cSNick Piggin * The nofs argument instructs pagecache_write_begin to pass AOP_FLAG_NOFS 332754566b2cSNick Piggin */ 332854566b2cSNick Piggin int __page_symlink(struct inode *inode, const char *symname, int len, int nofs) 33291da177e4SLinus Torvalds { 33301da177e4SLinus Torvalds struct address_space *mapping = inode->i_mapping; 33310adb25d2SKirill Korotaev struct page *page; 3332afddba49SNick Piggin void *fsdata; 3333beb497abSDmitriy Monakhov int err; 33341da177e4SLinus Torvalds char *kaddr; 333554566b2cSNick Piggin unsigned int flags = AOP_FLAG_UNINTERRUPTIBLE; 333654566b2cSNick Piggin if (nofs) 333754566b2cSNick Piggin flags |= AOP_FLAG_NOFS; 33381da177e4SLinus Torvalds 33397e53cac4SNeilBrown retry: 3340afddba49SNick Piggin err = pagecache_write_begin(NULL, mapping, 0, len-1, 334154566b2cSNick Piggin flags, &page, &fsdata); 33421da177e4SLinus Torvalds if (err) 3343afddba49SNick Piggin goto fail; 3344afddba49SNick Piggin 33451da177e4SLinus Torvalds kaddr = kmap_atomic(page, KM_USER0); 33461da177e4SLinus Torvalds memcpy(kaddr, symname, len-1); 33471da177e4SLinus Torvalds kunmap_atomic(kaddr, KM_USER0); 3348afddba49SNick Piggin 3349afddba49SNick Piggin err = pagecache_write_end(NULL, mapping, 0, len-1, len-1, 3350afddba49SNick Piggin page, fsdata); 33511da177e4SLinus Torvalds if (err < 0) 33521da177e4SLinus Torvalds goto fail; 3353afddba49SNick Piggin if (err < len-1) 3354afddba49SNick Piggin goto retry; 3355afddba49SNick Piggin 33561da177e4SLinus Torvalds mark_inode_dirty(inode); 33571da177e4SLinus Torvalds return 0; 33581da177e4SLinus Torvalds fail: 33591da177e4SLinus Torvalds return err; 33601da177e4SLinus Torvalds } 33611da177e4SLinus Torvalds 33620adb25d2SKirill Korotaev int page_symlink(struct inode *inode, const char *symname, int len) 33630adb25d2SKirill Korotaev { 33640adb25d2SKirill Korotaev return __page_symlink(inode, symname, len, 336554566b2cSNick Piggin !(mapping_gfp_mask(inode->i_mapping) & __GFP_FS)); 33660adb25d2SKirill Korotaev } 33670adb25d2SKirill Korotaev 336892e1d5beSArjan van de Ven const struct inode_operations page_symlink_inode_operations = { 33691da177e4SLinus Torvalds .readlink = generic_readlink, 33701da177e4SLinus Torvalds .follow_link = page_follow_link_light, 33711da177e4SLinus Torvalds .put_link = page_put_link, 33721da177e4SLinus Torvalds }; 33731da177e4SLinus Torvalds 33742d8f3038SAl Viro EXPORT_SYMBOL(user_path_at); 3375cc53ce53SDavid Howells EXPORT_SYMBOL(follow_down_one); 33761da177e4SLinus Torvalds EXPORT_SYMBOL(follow_down); 33771da177e4SLinus Torvalds EXPORT_SYMBOL(follow_up); 33781da177e4SLinus Torvalds EXPORT_SYMBOL(get_write_access); /* binfmt_aout */ 33791da177e4SLinus Torvalds EXPORT_SYMBOL(getname); 33801da177e4SLinus Torvalds EXPORT_SYMBOL(lock_rename); 33811da177e4SLinus Torvalds EXPORT_SYMBOL(lookup_one_len); 33821da177e4SLinus Torvalds EXPORT_SYMBOL(page_follow_link_light); 33831da177e4SLinus Torvalds EXPORT_SYMBOL(page_put_link); 33841da177e4SLinus Torvalds EXPORT_SYMBOL(page_readlink); 33850adb25d2SKirill Korotaev EXPORT_SYMBOL(__page_symlink); 33861da177e4SLinus Torvalds EXPORT_SYMBOL(page_symlink); 33871da177e4SLinus Torvalds EXPORT_SYMBOL(page_symlink_inode_operations); 3388c9c6cac0SAl Viro EXPORT_SYMBOL(kern_path_parent); 3389d1811465SAl Viro EXPORT_SYMBOL(kern_path); 339016f18200SJosef 'Jeff' Sipek EXPORT_SYMBOL(vfs_path_lookup); 3391f419a2e3SAl Viro EXPORT_SYMBOL(inode_permission); 33928c744fb8SChristoph Hellwig EXPORT_SYMBOL(file_permission); 33931da177e4SLinus Torvalds EXPORT_SYMBOL(unlock_rename); 33941da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_create); 33951da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_follow_link); 33961da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_link); 33971da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_mkdir); 33981da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_mknod); 33991da177e4SLinus Torvalds EXPORT_SYMBOL(generic_permission); 34001da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_readlink); 34011da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_rename); 34021da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_rmdir); 34031da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_symlink); 34041da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_unlink); 34051da177e4SLinus Torvalds EXPORT_SYMBOL(dentry_unhash); 34061da177e4SLinus Torvalds EXPORT_SYMBOL(generic_readlink); 3407