11da177e4SLinus Torvalds /* 21da177e4SLinus Torvalds * linux/fs/namei.c 31da177e4SLinus Torvalds * 41da177e4SLinus Torvalds * Copyright (C) 1991, 1992 Linus Torvalds 51da177e4SLinus Torvalds */ 61da177e4SLinus Torvalds 71da177e4SLinus Torvalds /* 81da177e4SLinus Torvalds * Some corrections by tytso. 91da177e4SLinus Torvalds */ 101da177e4SLinus Torvalds 111da177e4SLinus Torvalds /* [Feb 1997 T. Schoebel-Theuer] Complete rewrite of the pathname 121da177e4SLinus Torvalds * lookup logic. 131da177e4SLinus Torvalds */ 141da177e4SLinus Torvalds /* [Feb-Apr 2000, AV] Rewrite to the new namespace architecture. 151da177e4SLinus Torvalds */ 161da177e4SLinus Torvalds 171da177e4SLinus Torvalds #include <linux/init.h> 181da177e4SLinus Torvalds #include <linux/module.h> 191da177e4SLinus Torvalds #include <linux/slab.h> 201da177e4SLinus Torvalds #include <linux/fs.h> 211da177e4SLinus Torvalds #include <linux/namei.h> 221da177e4SLinus Torvalds #include <linux/quotaops.h> 231da177e4SLinus Torvalds #include <linux/pagemap.h> 240eeca283SRobert Love #include <linux/fsnotify.h> 251da177e4SLinus Torvalds #include <linux/smp_lock.h> 261da177e4SLinus Torvalds #include <linux/personality.h> 271da177e4SLinus Torvalds #include <linux/security.h> 281da177e4SLinus Torvalds #include <linux/syscalls.h> 291da177e4SLinus Torvalds #include <linux/mount.h> 301da177e4SLinus Torvalds #include <linux/audit.h> 311da177e4SLinus Torvalds #include <asm/namei.h> 321da177e4SLinus Torvalds #include <asm/uaccess.h> 331da177e4SLinus Torvalds 341da177e4SLinus Torvalds #define ACC_MODE(x) ("\000\004\002\006"[(x)&O_ACCMODE]) 351da177e4SLinus Torvalds 361da177e4SLinus Torvalds /* [Feb-1997 T. Schoebel-Theuer] 371da177e4SLinus Torvalds * Fundamental changes in the pathname lookup mechanisms (namei) 381da177e4SLinus Torvalds * were necessary because of omirr. The reason is that omirr needs 391da177e4SLinus Torvalds * to know the _real_ pathname, not the user-supplied one, in case 401da177e4SLinus Torvalds * of symlinks (and also when transname replacements occur). 411da177e4SLinus Torvalds * 421da177e4SLinus Torvalds * The new code replaces the old recursive symlink resolution with 431da177e4SLinus Torvalds * an iterative one (in case of non-nested symlink chains). It does 441da177e4SLinus Torvalds * this with calls to <fs>_follow_link(). 451da177e4SLinus Torvalds * As a side effect, dir_namei(), _namei() and follow_link() are now 461da177e4SLinus Torvalds * replaced with a single function lookup_dentry() that can handle all 471da177e4SLinus Torvalds * the special cases of the former code. 481da177e4SLinus Torvalds * 491da177e4SLinus Torvalds * With the new dcache, the pathname is stored at each inode, at least as 501da177e4SLinus Torvalds * long as the refcount of the inode is positive. As a side effect, the 511da177e4SLinus Torvalds * size of the dcache depends on the inode cache and thus is dynamic. 521da177e4SLinus Torvalds * 531da177e4SLinus Torvalds * [29-Apr-1998 C. Scott Ananian] Updated above description of symlink 541da177e4SLinus Torvalds * resolution to correspond with current state of the code. 551da177e4SLinus Torvalds * 561da177e4SLinus Torvalds * Note that the symlink resolution is not *completely* iterative. 571da177e4SLinus Torvalds * There is still a significant amount of tail- and mid- recursion in 581da177e4SLinus Torvalds * the algorithm. Also, note that <fs>_readlink() is not used in 591da177e4SLinus Torvalds * lookup_dentry(): lookup_dentry() on the result of <fs>_readlink() 601da177e4SLinus Torvalds * may return different results than <fs>_follow_link(). Many virtual 611da177e4SLinus Torvalds * filesystems (including /proc) exhibit this behavior. 621da177e4SLinus Torvalds */ 631da177e4SLinus Torvalds 641da177e4SLinus Torvalds /* [24-Feb-97 T. Schoebel-Theuer] Side effects caused by new implementation: 651da177e4SLinus Torvalds * New symlink semantics: when open() is called with flags O_CREAT | O_EXCL 661da177e4SLinus Torvalds * and the name already exists in form of a symlink, try to create the new 671da177e4SLinus Torvalds * name indicated by the symlink. The old code always complained that the 681da177e4SLinus Torvalds * name already exists, due to not following the symlink even if its target 691da177e4SLinus Torvalds * is nonexistent. The new semantics affects also mknod() and link() when 701da177e4SLinus Torvalds * the name is a symlink pointing to a non-existant name. 711da177e4SLinus Torvalds * 721da177e4SLinus Torvalds * I don't know which semantics is the right one, since I have no access 731da177e4SLinus Torvalds * to standards. But I found by trial that HP-UX 9.0 has the full "new" 741da177e4SLinus Torvalds * semantics implemented, while SunOS 4.1.1 and Solaris (SunOS 5.4) have the 751da177e4SLinus Torvalds * "old" one. Personally, I think the new semantics is much more logical. 761da177e4SLinus Torvalds * Note that "ln old new" where "new" is a symlink pointing to a non-existing 771da177e4SLinus Torvalds * file does succeed in both HP-UX and SunOs, but not in Solaris 781da177e4SLinus Torvalds * and in the old Linux semantics. 791da177e4SLinus Torvalds */ 801da177e4SLinus Torvalds 811da177e4SLinus Torvalds /* [16-Dec-97 Kevin Buhr] For security reasons, we change some symlink 821da177e4SLinus Torvalds * semantics. See the comments in "open_namei" and "do_link" below. 831da177e4SLinus Torvalds * 841da177e4SLinus Torvalds * [10-Sep-98 Alan Modra] Another symlink change. 851da177e4SLinus Torvalds */ 861da177e4SLinus Torvalds 871da177e4SLinus Torvalds /* [Feb-Apr 2000 AV] Complete rewrite. Rules for symlinks: 881da177e4SLinus Torvalds * inside the path - always follow. 891da177e4SLinus Torvalds * in the last component in creation/removal/renaming - never follow. 901da177e4SLinus Torvalds * if LOOKUP_FOLLOW passed - follow. 911da177e4SLinus Torvalds * if the pathname has trailing slashes - follow. 921da177e4SLinus Torvalds * otherwise - don't follow. 931da177e4SLinus Torvalds * (applied in that order). 941da177e4SLinus Torvalds * 951da177e4SLinus Torvalds * [Jun 2000 AV] Inconsistent behaviour of open() in case if flags==O_CREAT 961da177e4SLinus Torvalds * restored for 2.4. This is the last surviving part of old 4.2BSD bug. 971da177e4SLinus Torvalds * During the 2.4 we need to fix the userland stuff depending on it - 981da177e4SLinus Torvalds * hopefully we will be able to get rid of that wart in 2.5. So far only 991da177e4SLinus Torvalds * XEmacs seems to be relying on it... 1001da177e4SLinus Torvalds */ 1011da177e4SLinus Torvalds /* 1021da177e4SLinus Torvalds * [Sep 2001 AV] Single-semaphore locking scheme (kudos to David Holland) 1031da177e4SLinus Torvalds * implemented. Let's see if raised priority of ->s_vfs_rename_sem gives 1041da177e4SLinus Torvalds * any extra contention... 1051da177e4SLinus Torvalds */ 1061da177e4SLinus Torvalds 1071da177e4SLinus Torvalds /* In order to reduce some races, while at the same time doing additional 1081da177e4SLinus Torvalds * checking and hopefully speeding things up, we copy filenames to the 1091da177e4SLinus Torvalds * kernel data space before using them.. 1101da177e4SLinus Torvalds * 1111da177e4SLinus Torvalds * POSIX.1 2.4: an empty pathname is invalid (ENOENT). 1121da177e4SLinus Torvalds * PATH_MAX includes the nul terminator --RR. 1131da177e4SLinus Torvalds */ 1141da177e4SLinus Torvalds static inline int do_getname(const char __user *filename, char *page) 1151da177e4SLinus Torvalds { 1161da177e4SLinus Torvalds int retval; 1171da177e4SLinus Torvalds unsigned long len = PATH_MAX; 1181da177e4SLinus Torvalds 1191da177e4SLinus Torvalds if (!segment_eq(get_fs(), KERNEL_DS)) { 1201da177e4SLinus Torvalds if ((unsigned long) filename >= TASK_SIZE) 1211da177e4SLinus Torvalds return -EFAULT; 1221da177e4SLinus Torvalds if (TASK_SIZE - (unsigned long) filename < PATH_MAX) 1231da177e4SLinus Torvalds len = TASK_SIZE - (unsigned long) filename; 1241da177e4SLinus Torvalds } 1251da177e4SLinus Torvalds 1261da177e4SLinus Torvalds retval = strncpy_from_user(page, filename, len); 1271da177e4SLinus Torvalds if (retval > 0) { 1281da177e4SLinus Torvalds if (retval < len) 1291da177e4SLinus Torvalds return 0; 1301da177e4SLinus Torvalds return -ENAMETOOLONG; 1311da177e4SLinus Torvalds } else if (!retval) 1321da177e4SLinus Torvalds retval = -ENOENT; 1331da177e4SLinus Torvalds return retval; 1341da177e4SLinus Torvalds } 1351da177e4SLinus Torvalds 1361da177e4SLinus Torvalds char * getname(const char __user * filename) 1371da177e4SLinus Torvalds { 1381da177e4SLinus Torvalds char *tmp, *result; 1391da177e4SLinus Torvalds 1401da177e4SLinus Torvalds result = ERR_PTR(-ENOMEM); 1411da177e4SLinus Torvalds tmp = __getname(); 1421da177e4SLinus Torvalds if (tmp) { 1431da177e4SLinus Torvalds int retval = do_getname(filename, tmp); 1441da177e4SLinus Torvalds 1451da177e4SLinus Torvalds result = tmp; 1461da177e4SLinus Torvalds if (retval < 0) { 1471da177e4SLinus Torvalds __putname(tmp); 1481da177e4SLinus Torvalds result = ERR_PTR(retval); 1491da177e4SLinus Torvalds } 1501da177e4SLinus Torvalds } 1511da177e4SLinus Torvalds audit_getname(result); 1521da177e4SLinus Torvalds return result; 1531da177e4SLinus Torvalds } 1541da177e4SLinus Torvalds 1551da177e4SLinus Torvalds #ifdef CONFIG_AUDITSYSCALL 1561da177e4SLinus Torvalds void putname(const char *name) 1571da177e4SLinus Torvalds { 1581da177e4SLinus Torvalds if (unlikely(current->audit_context)) 1591da177e4SLinus Torvalds audit_putname(name); 1601da177e4SLinus Torvalds else 1611da177e4SLinus Torvalds __putname(name); 1621da177e4SLinus Torvalds } 1631da177e4SLinus Torvalds EXPORT_SYMBOL(putname); 1641da177e4SLinus Torvalds #endif 1651da177e4SLinus Torvalds 1661da177e4SLinus Torvalds 1671da177e4SLinus Torvalds /** 1681da177e4SLinus Torvalds * generic_permission - check for access rights on a Posix-like filesystem 1691da177e4SLinus Torvalds * @inode: inode to check access rights for 1701da177e4SLinus Torvalds * @mask: right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC) 1711da177e4SLinus Torvalds * @check_acl: optional callback to check for Posix ACLs 1721da177e4SLinus Torvalds * 1731da177e4SLinus Torvalds * Used to check for read/write/execute permissions on a file. 1741da177e4SLinus Torvalds * We use "fsuid" for this, letting us set arbitrary permissions 1751da177e4SLinus Torvalds * for filesystem access without changing the "normal" uids which 1761da177e4SLinus Torvalds * are used for other things.. 1771da177e4SLinus Torvalds */ 1781da177e4SLinus Torvalds int generic_permission(struct inode *inode, int mask, 1791da177e4SLinus Torvalds int (*check_acl)(struct inode *inode, int mask)) 1801da177e4SLinus Torvalds { 1811da177e4SLinus Torvalds umode_t mode = inode->i_mode; 1821da177e4SLinus Torvalds 1831da177e4SLinus Torvalds if (current->fsuid == inode->i_uid) 1841da177e4SLinus Torvalds mode >>= 6; 1851da177e4SLinus Torvalds else { 1861da177e4SLinus Torvalds if (IS_POSIXACL(inode) && (mode & S_IRWXG) && check_acl) { 1871da177e4SLinus Torvalds int error = check_acl(inode, mask); 1881da177e4SLinus Torvalds if (error == -EACCES) 1891da177e4SLinus Torvalds goto check_capabilities; 1901da177e4SLinus Torvalds else if (error != -EAGAIN) 1911da177e4SLinus Torvalds return error; 1921da177e4SLinus Torvalds } 1931da177e4SLinus Torvalds 1941da177e4SLinus Torvalds if (in_group_p(inode->i_gid)) 1951da177e4SLinus Torvalds mode >>= 3; 1961da177e4SLinus Torvalds } 1971da177e4SLinus Torvalds 1981da177e4SLinus Torvalds /* 1991da177e4SLinus Torvalds * If the DACs are ok we don't need any capability check. 2001da177e4SLinus Torvalds */ 2011da177e4SLinus Torvalds if (((mode & mask & (MAY_READ|MAY_WRITE|MAY_EXEC)) == mask)) 2021da177e4SLinus Torvalds return 0; 2031da177e4SLinus Torvalds 2041da177e4SLinus Torvalds check_capabilities: 2051da177e4SLinus Torvalds /* 2061da177e4SLinus Torvalds * Read/write DACs are always overridable. 2071da177e4SLinus Torvalds * Executable DACs are overridable if at least one exec bit is set. 2081da177e4SLinus Torvalds */ 2091da177e4SLinus Torvalds if (!(mask & MAY_EXEC) || 2101da177e4SLinus Torvalds (inode->i_mode & S_IXUGO) || S_ISDIR(inode->i_mode)) 2111da177e4SLinus Torvalds if (capable(CAP_DAC_OVERRIDE)) 2121da177e4SLinus Torvalds return 0; 2131da177e4SLinus Torvalds 2141da177e4SLinus Torvalds /* 2151da177e4SLinus Torvalds * Searching includes executable on directories, else just read. 2161da177e4SLinus Torvalds */ 2171da177e4SLinus Torvalds if (mask == MAY_READ || (S_ISDIR(inode->i_mode) && !(mask & MAY_WRITE))) 2181da177e4SLinus Torvalds if (capable(CAP_DAC_READ_SEARCH)) 2191da177e4SLinus Torvalds return 0; 2201da177e4SLinus Torvalds 2211da177e4SLinus Torvalds return -EACCES; 2221da177e4SLinus Torvalds } 2231da177e4SLinus Torvalds 2241da177e4SLinus Torvalds int permission(struct inode *inode, int mask, struct nameidata *nd) 2251da177e4SLinus Torvalds { 2261da177e4SLinus Torvalds int retval, submask; 2271da177e4SLinus Torvalds 2281da177e4SLinus Torvalds if (mask & MAY_WRITE) { 2291da177e4SLinus Torvalds umode_t mode = inode->i_mode; 2301da177e4SLinus Torvalds 2311da177e4SLinus Torvalds /* 2321da177e4SLinus Torvalds * Nobody gets write access to a read-only fs. 2331da177e4SLinus Torvalds */ 2341da177e4SLinus Torvalds if (IS_RDONLY(inode) && 2351da177e4SLinus Torvalds (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode))) 2361da177e4SLinus Torvalds return -EROFS; 2371da177e4SLinus Torvalds 2381da177e4SLinus Torvalds /* 2391da177e4SLinus Torvalds * Nobody gets write access to an immutable file. 2401da177e4SLinus Torvalds */ 2411da177e4SLinus Torvalds if (IS_IMMUTABLE(inode)) 2421da177e4SLinus Torvalds return -EACCES; 2431da177e4SLinus Torvalds } 2441da177e4SLinus Torvalds 2451da177e4SLinus Torvalds 2461da177e4SLinus Torvalds /* Ordinary permission routines do not understand MAY_APPEND. */ 2471da177e4SLinus Torvalds submask = mask & ~MAY_APPEND; 2481da177e4SLinus Torvalds if (inode->i_op && inode->i_op->permission) 2491da177e4SLinus Torvalds retval = inode->i_op->permission(inode, submask, nd); 2501da177e4SLinus Torvalds else 2511da177e4SLinus Torvalds retval = generic_permission(inode, submask, NULL); 2521da177e4SLinus Torvalds if (retval) 2531da177e4SLinus Torvalds return retval; 2541da177e4SLinus Torvalds 2551da177e4SLinus Torvalds return security_inode_permission(inode, mask, nd); 2561da177e4SLinus Torvalds } 2571da177e4SLinus Torvalds 2581da177e4SLinus Torvalds /* 2591da177e4SLinus Torvalds * get_write_access() gets write permission for a file. 2601da177e4SLinus Torvalds * put_write_access() releases this write permission. 2611da177e4SLinus Torvalds * This is used for regular files. 2621da177e4SLinus Torvalds * We cannot support write (and maybe mmap read-write shared) accesses and 2631da177e4SLinus Torvalds * MAP_DENYWRITE mmappings simultaneously. The i_writecount field of an inode 2641da177e4SLinus Torvalds * can have the following values: 2651da177e4SLinus Torvalds * 0: no writers, no VM_DENYWRITE mappings 2661da177e4SLinus Torvalds * < 0: (-i_writecount) vm_area_structs with VM_DENYWRITE set exist 2671da177e4SLinus Torvalds * > 0: (i_writecount) users are writing to the file. 2681da177e4SLinus Torvalds * 2691da177e4SLinus Torvalds * Normally we operate on that counter with atomic_{inc,dec} and it's safe 2701da177e4SLinus Torvalds * except for the cases where we don't hold i_writecount yet. Then we need to 2711da177e4SLinus Torvalds * use {get,deny}_write_access() - these functions check the sign and refuse 2721da177e4SLinus Torvalds * to do the change if sign is wrong. Exclusion between them is provided by 2731da177e4SLinus Torvalds * the inode->i_lock spinlock. 2741da177e4SLinus Torvalds */ 2751da177e4SLinus Torvalds 2761da177e4SLinus Torvalds int get_write_access(struct inode * inode) 2771da177e4SLinus Torvalds { 2781da177e4SLinus Torvalds spin_lock(&inode->i_lock); 2791da177e4SLinus Torvalds if (atomic_read(&inode->i_writecount) < 0) { 2801da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 2811da177e4SLinus Torvalds return -ETXTBSY; 2821da177e4SLinus Torvalds } 2831da177e4SLinus Torvalds atomic_inc(&inode->i_writecount); 2841da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 2851da177e4SLinus Torvalds 2861da177e4SLinus Torvalds return 0; 2871da177e4SLinus Torvalds } 2881da177e4SLinus Torvalds 2891da177e4SLinus Torvalds int deny_write_access(struct file * file) 2901da177e4SLinus Torvalds { 2911da177e4SLinus Torvalds struct inode *inode = file->f_dentry->d_inode; 2921da177e4SLinus Torvalds 2931da177e4SLinus Torvalds spin_lock(&inode->i_lock); 2941da177e4SLinus Torvalds if (atomic_read(&inode->i_writecount) > 0) { 2951da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 2961da177e4SLinus Torvalds return -ETXTBSY; 2971da177e4SLinus Torvalds } 2981da177e4SLinus Torvalds atomic_dec(&inode->i_writecount); 2991da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 3001da177e4SLinus Torvalds 3011da177e4SLinus Torvalds return 0; 3021da177e4SLinus Torvalds } 3031da177e4SLinus Torvalds 3041da177e4SLinus Torvalds void path_release(struct nameidata *nd) 3051da177e4SLinus Torvalds { 3061da177e4SLinus Torvalds dput(nd->dentry); 3071da177e4SLinus Torvalds mntput(nd->mnt); 3081da177e4SLinus Torvalds } 3091da177e4SLinus Torvalds 3101da177e4SLinus Torvalds /* 3111da177e4SLinus Torvalds * umount() mustn't call path_release()/mntput() as that would clear 3121da177e4SLinus Torvalds * mnt_expiry_mark 3131da177e4SLinus Torvalds */ 3141da177e4SLinus Torvalds void path_release_on_umount(struct nameidata *nd) 3151da177e4SLinus Torvalds { 3161da177e4SLinus Torvalds dput(nd->dentry); 317751c404bSMiklos Szeredi mntput_no_expire(nd->mnt); 3181da177e4SLinus Torvalds } 3191da177e4SLinus Torvalds 3201da177e4SLinus Torvalds /* 3211da177e4SLinus Torvalds * Internal lookup() using the new generic dcache. 3221da177e4SLinus Torvalds * SMP-safe 3231da177e4SLinus Torvalds */ 3241da177e4SLinus Torvalds static struct dentry * cached_lookup(struct dentry * parent, struct qstr * name, struct nameidata *nd) 3251da177e4SLinus Torvalds { 3261da177e4SLinus Torvalds struct dentry * dentry = __d_lookup(parent, name); 3271da177e4SLinus Torvalds 3281da177e4SLinus Torvalds /* lockess __d_lookup may fail due to concurrent d_move() 3291da177e4SLinus Torvalds * in some unrelated directory, so try with d_lookup 3301da177e4SLinus Torvalds */ 3311da177e4SLinus Torvalds if (!dentry) 3321da177e4SLinus Torvalds dentry = d_lookup(parent, name); 3331da177e4SLinus Torvalds 3341da177e4SLinus Torvalds if (dentry && dentry->d_op && dentry->d_op->d_revalidate) { 3351da177e4SLinus Torvalds if (!dentry->d_op->d_revalidate(dentry, nd) && !d_invalidate(dentry)) { 3361da177e4SLinus Torvalds dput(dentry); 3371da177e4SLinus Torvalds dentry = NULL; 3381da177e4SLinus Torvalds } 3391da177e4SLinus Torvalds } 3401da177e4SLinus Torvalds return dentry; 3411da177e4SLinus Torvalds } 3421da177e4SLinus Torvalds 3431da177e4SLinus Torvalds /* 3441da177e4SLinus Torvalds * Short-cut version of permission(), for calling by 3451da177e4SLinus Torvalds * path_walk(), when dcache lock is held. Combines parts 3461da177e4SLinus Torvalds * of permission() and generic_permission(), and tests ONLY for 3471da177e4SLinus Torvalds * MAY_EXEC permission. 3481da177e4SLinus Torvalds * 3491da177e4SLinus Torvalds * If appropriate, check DAC only. If not appropriate, or 3501da177e4SLinus Torvalds * short-cut DAC fails, then call permission() to do more 3511da177e4SLinus Torvalds * complete permission check. 3521da177e4SLinus Torvalds */ 3531da177e4SLinus Torvalds static inline int exec_permission_lite(struct inode *inode, 3541da177e4SLinus Torvalds struct nameidata *nd) 3551da177e4SLinus Torvalds { 3561da177e4SLinus Torvalds umode_t mode = inode->i_mode; 3571da177e4SLinus Torvalds 3581da177e4SLinus Torvalds if (inode->i_op && inode->i_op->permission) 3591da177e4SLinus Torvalds return -EAGAIN; 3601da177e4SLinus Torvalds 3611da177e4SLinus Torvalds if (current->fsuid == inode->i_uid) 3621da177e4SLinus Torvalds mode >>= 6; 3631da177e4SLinus Torvalds else if (in_group_p(inode->i_gid)) 3641da177e4SLinus Torvalds mode >>= 3; 3651da177e4SLinus Torvalds 3661da177e4SLinus Torvalds if (mode & MAY_EXEC) 3671da177e4SLinus Torvalds goto ok; 3681da177e4SLinus Torvalds 3691da177e4SLinus Torvalds if ((inode->i_mode & S_IXUGO) && capable(CAP_DAC_OVERRIDE)) 3701da177e4SLinus Torvalds goto ok; 3711da177e4SLinus Torvalds 3721da177e4SLinus Torvalds if (S_ISDIR(inode->i_mode) && capable(CAP_DAC_OVERRIDE)) 3731da177e4SLinus Torvalds goto ok; 3741da177e4SLinus Torvalds 3751da177e4SLinus Torvalds if (S_ISDIR(inode->i_mode) && capable(CAP_DAC_READ_SEARCH)) 3761da177e4SLinus Torvalds goto ok; 3771da177e4SLinus Torvalds 3781da177e4SLinus Torvalds return -EACCES; 3791da177e4SLinus Torvalds ok: 3801da177e4SLinus Torvalds return security_inode_permission(inode, MAY_EXEC, nd); 3811da177e4SLinus Torvalds } 3821da177e4SLinus Torvalds 3831da177e4SLinus Torvalds /* 3841da177e4SLinus Torvalds * This is called when everything else fails, and we actually have 3851da177e4SLinus Torvalds * to go to the low-level filesystem to find out what we should do.. 3861da177e4SLinus Torvalds * 3871da177e4SLinus Torvalds * We get the directory semaphore, and after getting that we also 3881da177e4SLinus Torvalds * make sure that nobody added the entry to the dcache in the meantime.. 3891da177e4SLinus Torvalds * SMP-safe 3901da177e4SLinus Torvalds */ 3911da177e4SLinus Torvalds static struct dentry * real_lookup(struct dentry * parent, struct qstr * name, struct nameidata *nd) 3921da177e4SLinus Torvalds { 3931da177e4SLinus Torvalds struct dentry * result; 3941da177e4SLinus Torvalds struct inode *dir = parent->d_inode; 3951da177e4SLinus Torvalds 3961da177e4SLinus Torvalds down(&dir->i_sem); 3971da177e4SLinus Torvalds /* 3981da177e4SLinus Torvalds * First re-do the cached lookup just in case it was created 3991da177e4SLinus Torvalds * while we waited for the directory semaphore.. 4001da177e4SLinus Torvalds * 4011da177e4SLinus Torvalds * FIXME! This could use version numbering or similar to 4021da177e4SLinus Torvalds * avoid unnecessary cache lookups. 4031da177e4SLinus Torvalds * 4041da177e4SLinus Torvalds * The "dcache_lock" is purely to protect the RCU list walker 4051da177e4SLinus Torvalds * from concurrent renames at this point (we mustn't get false 4061da177e4SLinus Torvalds * negatives from the RCU list walk here, unlike the optimistic 4071da177e4SLinus Torvalds * fast walk). 4081da177e4SLinus Torvalds * 4091da177e4SLinus Torvalds * so doing d_lookup() (with seqlock), instead of lockfree __d_lookup 4101da177e4SLinus Torvalds */ 4111da177e4SLinus Torvalds result = d_lookup(parent, name); 4121da177e4SLinus Torvalds if (!result) { 4131da177e4SLinus Torvalds struct dentry * dentry = d_alloc(parent, name); 4141da177e4SLinus Torvalds result = ERR_PTR(-ENOMEM); 4151da177e4SLinus Torvalds if (dentry) { 4161da177e4SLinus Torvalds result = dir->i_op->lookup(dir, dentry, nd); 4171da177e4SLinus Torvalds if (result) 4181da177e4SLinus Torvalds dput(dentry); 4191da177e4SLinus Torvalds else 4201da177e4SLinus Torvalds result = dentry; 4211da177e4SLinus Torvalds } 4221da177e4SLinus Torvalds up(&dir->i_sem); 4231da177e4SLinus Torvalds return result; 4241da177e4SLinus Torvalds } 4251da177e4SLinus Torvalds 4261da177e4SLinus Torvalds /* 4271da177e4SLinus Torvalds * Uhhuh! Nasty case: the cache was re-populated while 4281da177e4SLinus Torvalds * we waited on the semaphore. Need to revalidate. 4291da177e4SLinus Torvalds */ 4301da177e4SLinus Torvalds up(&dir->i_sem); 4311da177e4SLinus Torvalds if (result->d_op && result->d_op->d_revalidate) { 4321da177e4SLinus Torvalds if (!result->d_op->d_revalidate(result, nd) && !d_invalidate(result)) { 4331da177e4SLinus Torvalds dput(result); 4341da177e4SLinus Torvalds result = ERR_PTR(-ENOENT); 4351da177e4SLinus Torvalds } 4361da177e4SLinus Torvalds } 4371da177e4SLinus Torvalds return result; 4381da177e4SLinus Torvalds } 4391da177e4SLinus Torvalds 4401da177e4SLinus Torvalds static int __emul_lookup_dentry(const char *, struct nameidata *); 4411da177e4SLinus Torvalds 4421da177e4SLinus Torvalds /* SMP-safe */ 4431da177e4SLinus Torvalds static inline int 4441da177e4SLinus Torvalds walk_init_root(const char *name, struct nameidata *nd) 4451da177e4SLinus Torvalds { 4461da177e4SLinus Torvalds read_lock(¤t->fs->lock); 4471da177e4SLinus Torvalds if (current->fs->altroot && !(nd->flags & LOOKUP_NOALT)) { 4481da177e4SLinus Torvalds nd->mnt = mntget(current->fs->altrootmnt); 4491da177e4SLinus Torvalds nd->dentry = dget(current->fs->altroot); 4501da177e4SLinus Torvalds read_unlock(¤t->fs->lock); 4511da177e4SLinus Torvalds if (__emul_lookup_dentry(name,nd)) 4521da177e4SLinus Torvalds return 0; 4531da177e4SLinus Torvalds read_lock(¤t->fs->lock); 4541da177e4SLinus Torvalds } 4551da177e4SLinus Torvalds nd->mnt = mntget(current->fs->rootmnt); 4561da177e4SLinus Torvalds nd->dentry = dget(current->fs->root); 4571da177e4SLinus Torvalds read_unlock(¤t->fs->lock); 4581da177e4SLinus Torvalds return 1; 4591da177e4SLinus Torvalds } 4601da177e4SLinus Torvalds 4611da177e4SLinus Torvalds static inline int __vfs_follow_link(struct nameidata *nd, const char *link) 4621da177e4SLinus Torvalds { 4631da177e4SLinus Torvalds int res = 0; 4641da177e4SLinus Torvalds char *name; 4651da177e4SLinus Torvalds if (IS_ERR(link)) 4661da177e4SLinus Torvalds goto fail; 4671da177e4SLinus Torvalds 4681da177e4SLinus Torvalds if (*link == '/') { 4691da177e4SLinus Torvalds path_release(nd); 4701da177e4SLinus Torvalds if (!walk_init_root(link, nd)) 4711da177e4SLinus Torvalds /* weird __emul_prefix() stuff did it */ 4721da177e4SLinus Torvalds goto out; 4731da177e4SLinus Torvalds } 4741da177e4SLinus Torvalds res = link_path_walk(link, nd); 4751da177e4SLinus Torvalds out: 4761da177e4SLinus Torvalds if (nd->depth || res || nd->last_type!=LAST_NORM) 4771da177e4SLinus Torvalds return res; 4781da177e4SLinus Torvalds /* 4791da177e4SLinus Torvalds * If it is an iterative symlinks resolution in open_namei() we 4801da177e4SLinus Torvalds * have to copy the last component. And all that crap because of 4811da177e4SLinus Torvalds * bloody create() on broken symlinks. Furrfu... 4821da177e4SLinus Torvalds */ 4831da177e4SLinus Torvalds name = __getname(); 4841da177e4SLinus Torvalds if (unlikely(!name)) { 4851da177e4SLinus Torvalds path_release(nd); 4861da177e4SLinus Torvalds return -ENOMEM; 4871da177e4SLinus Torvalds } 4881da177e4SLinus Torvalds strcpy(name, nd->last.name); 4891da177e4SLinus Torvalds nd->last.name = name; 4901da177e4SLinus Torvalds return 0; 4911da177e4SLinus Torvalds fail: 4921da177e4SLinus Torvalds path_release(nd); 4931da177e4SLinus Torvalds return PTR_ERR(link); 4941da177e4SLinus Torvalds } 4951da177e4SLinus Torvalds 49690ebe565SAl Viro struct path { 49790ebe565SAl Viro struct vfsmount *mnt; 49890ebe565SAl Viro struct dentry *dentry; 49990ebe565SAl Viro }; 50090ebe565SAl Viro 501cd4e91d3SAl Viro static inline int __do_follow_link(struct path *path, struct nameidata *nd) 5021da177e4SLinus Torvalds { 5031da177e4SLinus Torvalds int error; 504cc314eefSLinus Torvalds void *cookie; 505cd4e91d3SAl Viro struct dentry *dentry = path->dentry; 5061da177e4SLinus Torvalds 507d671a1cbSAl Viro touch_atime(path->mnt, dentry); 5081da177e4SLinus Torvalds nd_set_link(nd, NULL); 509cd4e91d3SAl Viro 51039ca6d49SAl Viro if (path->mnt == nd->mnt) 511cd4e91d3SAl Viro mntget(path->mnt); 512cc314eefSLinus Torvalds cookie = dentry->d_inode->i_op->follow_link(dentry, nd); 513cc314eefSLinus Torvalds error = PTR_ERR(cookie); 514cc314eefSLinus Torvalds if (!IS_ERR(cookie)) { 5151da177e4SLinus Torvalds char *s = nd_get_link(nd); 516cc314eefSLinus Torvalds error = 0; 5171da177e4SLinus Torvalds if (s) 5181da177e4SLinus Torvalds error = __vfs_follow_link(nd, s); 5191da177e4SLinus Torvalds if (dentry->d_inode->i_op->put_link) 520cc314eefSLinus Torvalds dentry->d_inode->i_op->put_link(dentry, nd, cookie); 5211da177e4SLinus Torvalds } 522cd4e91d3SAl Viro dput(dentry); 523cd4e91d3SAl Viro mntput(path->mnt); 5241da177e4SLinus Torvalds 5251da177e4SLinus Torvalds return error; 5261da177e4SLinus Torvalds } 5271da177e4SLinus Torvalds 52809dd17d3SMiklos Szeredi static inline void dput_path(struct path *path, struct nameidata *nd) 52909dd17d3SMiklos Szeredi { 53009dd17d3SMiklos Szeredi dput(path->dentry); 53109dd17d3SMiklos Szeredi if (path->mnt != nd->mnt) 53209dd17d3SMiklos Szeredi mntput(path->mnt); 53309dd17d3SMiklos Szeredi } 53409dd17d3SMiklos Szeredi 53509dd17d3SMiklos Szeredi static inline void path_to_nameidata(struct path *path, struct nameidata *nd) 53609dd17d3SMiklos Szeredi { 53709dd17d3SMiklos Szeredi dput(nd->dentry); 53809dd17d3SMiklos Szeredi if (nd->mnt != path->mnt) 53909dd17d3SMiklos Szeredi mntput(nd->mnt); 54009dd17d3SMiklos Szeredi nd->mnt = path->mnt; 54109dd17d3SMiklos Szeredi nd->dentry = path->dentry; 54209dd17d3SMiklos Szeredi } 54309dd17d3SMiklos Szeredi 5441da177e4SLinus Torvalds /* 5451da177e4SLinus Torvalds * This limits recursive symlink follows to 8, while 5461da177e4SLinus Torvalds * limiting consecutive symlinks to 40. 5471da177e4SLinus Torvalds * 5481da177e4SLinus Torvalds * Without that kind of total limit, nasty chains of consecutive 5491da177e4SLinus Torvalds * symlinks can cause almost arbitrarily long lookups. 5501da177e4SLinus Torvalds */ 55190ebe565SAl Viro static inline int do_follow_link(struct path *path, struct nameidata *nd) 5521da177e4SLinus Torvalds { 5531da177e4SLinus Torvalds int err = -ELOOP; 5541da177e4SLinus Torvalds if (current->link_count >= MAX_NESTED_LINKS) 5551da177e4SLinus Torvalds goto loop; 5561da177e4SLinus Torvalds if (current->total_link_count >= 40) 5571da177e4SLinus Torvalds goto loop; 5581da177e4SLinus Torvalds BUG_ON(nd->depth >= MAX_NESTED_LINKS); 5591da177e4SLinus Torvalds cond_resched(); 56090ebe565SAl Viro err = security_inode_follow_link(path->dentry, nd); 5611da177e4SLinus Torvalds if (err) 5621da177e4SLinus Torvalds goto loop; 5631da177e4SLinus Torvalds current->link_count++; 5641da177e4SLinus Torvalds current->total_link_count++; 5651da177e4SLinus Torvalds nd->depth++; 566cd4e91d3SAl Viro err = __do_follow_link(path, nd); 5671da177e4SLinus Torvalds current->link_count--; 5681da177e4SLinus Torvalds nd->depth--; 5691da177e4SLinus Torvalds return err; 5701da177e4SLinus Torvalds loop: 57109dd17d3SMiklos Szeredi dput_path(path, nd); 572839d9f93SAl Viro path_release(nd); 5731da177e4SLinus Torvalds return err; 5741da177e4SLinus Torvalds } 5751da177e4SLinus Torvalds 5761da177e4SLinus Torvalds int follow_up(struct vfsmount **mnt, struct dentry **dentry) 5771da177e4SLinus Torvalds { 5781da177e4SLinus Torvalds struct vfsmount *parent; 5791da177e4SLinus Torvalds struct dentry *mountpoint; 5801da177e4SLinus Torvalds spin_lock(&vfsmount_lock); 5811da177e4SLinus Torvalds parent=(*mnt)->mnt_parent; 5821da177e4SLinus Torvalds if (parent == *mnt) { 5831da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 5841da177e4SLinus Torvalds return 0; 5851da177e4SLinus Torvalds } 5861da177e4SLinus Torvalds mntget(parent); 5871da177e4SLinus Torvalds mountpoint=dget((*mnt)->mnt_mountpoint); 5881da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 5891da177e4SLinus Torvalds dput(*dentry); 5901da177e4SLinus Torvalds *dentry = mountpoint; 5911da177e4SLinus Torvalds mntput(*mnt); 5921da177e4SLinus Torvalds *mnt = parent; 5931da177e4SLinus Torvalds return 1; 5941da177e4SLinus Torvalds } 5951da177e4SLinus Torvalds 5961da177e4SLinus Torvalds /* no need for dcache_lock, as serialization is taken care in 5971da177e4SLinus Torvalds * namespace.c 5981da177e4SLinus Torvalds */ 599463ffb2eSAl Viro static int __follow_mount(struct path *path) 600463ffb2eSAl Viro { 601463ffb2eSAl Viro int res = 0; 602463ffb2eSAl Viro while (d_mountpoint(path->dentry)) { 603463ffb2eSAl Viro struct vfsmount *mounted = lookup_mnt(path->mnt, path->dentry); 604463ffb2eSAl Viro if (!mounted) 605463ffb2eSAl Viro break; 606463ffb2eSAl Viro dput(path->dentry); 607463ffb2eSAl Viro if (res) 608463ffb2eSAl Viro mntput(path->mnt); 609463ffb2eSAl Viro path->mnt = mounted; 610463ffb2eSAl Viro path->dentry = dget(mounted->mnt_root); 611463ffb2eSAl Viro res = 1; 612463ffb2eSAl Viro } 613463ffb2eSAl Viro return res; 614463ffb2eSAl Viro } 615463ffb2eSAl Viro 61658c465ebSAl Viro static void follow_mount(struct vfsmount **mnt, struct dentry **dentry) 6171da177e4SLinus Torvalds { 6181da177e4SLinus Torvalds while (d_mountpoint(*dentry)) { 6191da177e4SLinus Torvalds struct vfsmount *mounted = lookup_mnt(*mnt, *dentry); 6201da177e4SLinus Torvalds if (!mounted) 6211da177e4SLinus Torvalds break; 62258c465ebSAl Viro dput(*dentry); 6231da177e4SLinus Torvalds mntput(*mnt); 6241da177e4SLinus Torvalds *mnt = mounted; 6251da177e4SLinus Torvalds *dentry = dget(mounted->mnt_root); 6261da177e4SLinus Torvalds } 6271da177e4SLinus Torvalds } 6281da177e4SLinus Torvalds 6291da177e4SLinus Torvalds /* no need for dcache_lock, as serialization is taken care in 6301da177e4SLinus Torvalds * namespace.c 6311da177e4SLinus Torvalds */ 632e13b210fSAl Viro int follow_down(struct vfsmount **mnt, struct dentry **dentry) 6331da177e4SLinus Torvalds { 6341da177e4SLinus Torvalds struct vfsmount *mounted; 6351da177e4SLinus Torvalds 6361da177e4SLinus Torvalds mounted = lookup_mnt(*mnt, *dentry); 6371da177e4SLinus Torvalds if (mounted) { 638e13b210fSAl Viro dput(*dentry); 6391da177e4SLinus Torvalds mntput(*mnt); 6401da177e4SLinus Torvalds *mnt = mounted; 6411da177e4SLinus Torvalds *dentry = dget(mounted->mnt_root); 6421da177e4SLinus Torvalds return 1; 6431da177e4SLinus Torvalds } 6441da177e4SLinus Torvalds return 0; 6451da177e4SLinus Torvalds } 6461da177e4SLinus Torvalds 64758c465ebSAl Viro static inline void follow_dotdot(struct nameidata *nd) 6481da177e4SLinus Torvalds { 6491da177e4SLinus Torvalds while(1) { 6501da177e4SLinus Torvalds struct vfsmount *parent; 65158c465ebSAl Viro struct dentry *old = nd->dentry; 6521da177e4SLinus Torvalds 6531da177e4SLinus Torvalds read_lock(¤t->fs->lock); 65458c465ebSAl Viro if (nd->dentry == current->fs->root && 65558c465ebSAl Viro nd->mnt == current->fs->rootmnt) { 6561da177e4SLinus Torvalds read_unlock(¤t->fs->lock); 6571da177e4SLinus Torvalds break; 6581da177e4SLinus Torvalds } 6591da177e4SLinus Torvalds read_unlock(¤t->fs->lock); 6601da177e4SLinus Torvalds spin_lock(&dcache_lock); 66158c465ebSAl Viro if (nd->dentry != nd->mnt->mnt_root) { 66258c465ebSAl Viro nd->dentry = dget(nd->dentry->d_parent); 6631da177e4SLinus Torvalds spin_unlock(&dcache_lock); 6641da177e4SLinus Torvalds dput(old); 6651da177e4SLinus Torvalds break; 6661da177e4SLinus Torvalds } 6671da177e4SLinus Torvalds spin_unlock(&dcache_lock); 6681da177e4SLinus Torvalds spin_lock(&vfsmount_lock); 66958c465ebSAl Viro parent = nd->mnt->mnt_parent; 67058c465ebSAl Viro if (parent == nd->mnt) { 6711da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 6721da177e4SLinus Torvalds break; 6731da177e4SLinus Torvalds } 6741da177e4SLinus Torvalds mntget(parent); 67558c465ebSAl Viro nd->dentry = dget(nd->mnt->mnt_mountpoint); 6761da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 6771da177e4SLinus Torvalds dput(old); 67858c465ebSAl Viro mntput(nd->mnt); 67958c465ebSAl Viro nd->mnt = parent; 6801da177e4SLinus Torvalds } 68158c465ebSAl Viro follow_mount(&nd->mnt, &nd->dentry); 6821da177e4SLinus Torvalds } 6831da177e4SLinus Torvalds 6841da177e4SLinus Torvalds /* 6851da177e4SLinus Torvalds * It's more convoluted than I'd like it to be, but... it's still fairly 6861da177e4SLinus Torvalds * small and for now I'd prefer to have fast path as straight as possible. 6871da177e4SLinus Torvalds * It _is_ time-critical. 6881da177e4SLinus Torvalds */ 6891da177e4SLinus Torvalds static int do_lookup(struct nameidata *nd, struct qstr *name, 6901da177e4SLinus Torvalds struct path *path) 6911da177e4SLinus Torvalds { 6921da177e4SLinus Torvalds struct vfsmount *mnt = nd->mnt; 6931da177e4SLinus Torvalds struct dentry *dentry = __d_lookup(nd->dentry, name); 6941da177e4SLinus Torvalds 6951da177e4SLinus Torvalds if (!dentry) 6961da177e4SLinus Torvalds goto need_lookup; 6971da177e4SLinus Torvalds if (dentry->d_op && dentry->d_op->d_revalidate) 6981da177e4SLinus Torvalds goto need_revalidate; 6991da177e4SLinus Torvalds done: 7001da177e4SLinus Torvalds path->mnt = mnt; 7011da177e4SLinus Torvalds path->dentry = dentry; 702634ee701SAl Viro __follow_mount(path); 7031da177e4SLinus Torvalds return 0; 7041da177e4SLinus Torvalds 7051da177e4SLinus Torvalds need_lookup: 7061da177e4SLinus Torvalds dentry = real_lookup(nd->dentry, name, nd); 7071da177e4SLinus Torvalds if (IS_ERR(dentry)) 7081da177e4SLinus Torvalds goto fail; 7091da177e4SLinus Torvalds goto done; 7101da177e4SLinus Torvalds 7111da177e4SLinus Torvalds need_revalidate: 7121da177e4SLinus Torvalds if (dentry->d_op->d_revalidate(dentry, nd)) 7131da177e4SLinus Torvalds goto done; 7141da177e4SLinus Torvalds if (d_invalidate(dentry)) 7151da177e4SLinus Torvalds goto done; 7161da177e4SLinus Torvalds dput(dentry); 7171da177e4SLinus Torvalds goto need_lookup; 7181da177e4SLinus Torvalds 7191da177e4SLinus Torvalds fail: 7201da177e4SLinus Torvalds return PTR_ERR(dentry); 7211da177e4SLinus Torvalds } 7221da177e4SLinus Torvalds 7231da177e4SLinus Torvalds /* 7241da177e4SLinus Torvalds * Name resolution. 725ea3834d9SPrasanna Meda * This is the basic name resolution function, turning a pathname into 726ea3834d9SPrasanna Meda * the final dentry. We expect 'base' to be positive and a directory. 7271da177e4SLinus Torvalds * 728ea3834d9SPrasanna Meda * Returns 0 and nd will have valid dentry and mnt on success. 729ea3834d9SPrasanna Meda * Returns error and drops reference to input namei data on failure. 7301da177e4SLinus Torvalds */ 7311da177e4SLinus Torvalds static fastcall int __link_path_walk(const char * name, struct nameidata *nd) 7321da177e4SLinus Torvalds { 7331da177e4SLinus Torvalds struct path next; 7341da177e4SLinus Torvalds struct inode *inode; 7351da177e4SLinus Torvalds int err; 7361da177e4SLinus Torvalds unsigned int lookup_flags = nd->flags; 7371da177e4SLinus Torvalds 7381da177e4SLinus Torvalds while (*name=='/') 7391da177e4SLinus Torvalds name++; 7401da177e4SLinus Torvalds if (!*name) 7411da177e4SLinus Torvalds goto return_reval; 7421da177e4SLinus Torvalds 7431da177e4SLinus Torvalds inode = nd->dentry->d_inode; 7441da177e4SLinus Torvalds if (nd->depth) 7451da177e4SLinus Torvalds lookup_flags = LOOKUP_FOLLOW; 7461da177e4SLinus Torvalds 7471da177e4SLinus Torvalds /* At this point we know we have a real path component. */ 7481da177e4SLinus Torvalds for(;;) { 7491da177e4SLinus Torvalds unsigned long hash; 7501da177e4SLinus Torvalds struct qstr this; 7511da177e4SLinus Torvalds unsigned int c; 7521da177e4SLinus Torvalds 7531da177e4SLinus Torvalds err = exec_permission_lite(inode, nd); 7541da177e4SLinus Torvalds if (err == -EAGAIN) { 7551da177e4SLinus Torvalds err = permission(inode, MAY_EXEC, nd); 7561da177e4SLinus Torvalds } 7571da177e4SLinus Torvalds if (err) 7581da177e4SLinus Torvalds break; 7591da177e4SLinus Torvalds 7601da177e4SLinus Torvalds this.name = name; 7611da177e4SLinus Torvalds c = *(const unsigned char *)name; 7621da177e4SLinus Torvalds 7631da177e4SLinus Torvalds hash = init_name_hash(); 7641da177e4SLinus Torvalds do { 7651da177e4SLinus Torvalds name++; 7661da177e4SLinus Torvalds hash = partial_name_hash(c, hash); 7671da177e4SLinus Torvalds c = *(const unsigned char *)name; 7681da177e4SLinus Torvalds } while (c && (c != '/')); 7691da177e4SLinus Torvalds this.len = name - (const char *) this.name; 7701da177e4SLinus Torvalds this.hash = end_name_hash(hash); 7711da177e4SLinus Torvalds 7721da177e4SLinus Torvalds /* remove trailing slashes? */ 7731da177e4SLinus Torvalds if (!c) 7741da177e4SLinus Torvalds goto last_component; 7751da177e4SLinus Torvalds while (*++name == '/'); 7761da177e4SLinus Torvalds if (!*name) 7771da177e4SLinus Torvalds goto last_with_slashes; 7781da177e4SLinus Torvalds 7791da177e4SLinus Torvalds /* 7801da177e4SLinus Torvalds * "." and ".." are special - ".." especially so because it has 7811da177e4SLinus Torvalds * to be able to know about the current root directory and 7821da177e4SLinus Torvalds * parent relationships. 7831da177e4SLinus Torvalds */ 7841da177e4SLinus Torvalds if (this.name[0] == '.') switch (this.len) { 7851da177e4SLinus Torvalds default: 7861da177e4SLinus Torvalds break; 7871da177e4SLinus Torvalds case 2: 7881da177e4SLinus Torvalds if (this.name[1] != '.') 7891da177e4SLinus Torvalds break; 79058c465ebSAl Viro follow_dotdot(nd); 7911da177e4SLinus Torvalds inode = nd->dentry->d_inode; 7921da177e4SLinus Torvalds /* fallthrough */ 7931da177e4SLinus Torvalds case 1: 7941da177e4SLinus Torvalds continue; 7951da177e4SLinus Torvalds } 7961da177e4SLinus Torvalds /* 7971da177e4SLinus Torvalds * See if the low-level filesystem might want 7981da177e4SLinus Torvalds * to use its own hash.. 7991da177e4SLinus Torvalds */ 8001da177e4SLinus Torvalds if (nd->dentry->d_op && nd->dentry->d_op->d_hash) { 8011da177e4SLinus Torvalds err = nd->dentry->d_op->d_hash(nd->dentry, &this); 8021da177e4SLinus Torvalds if (err < 0) 8031da177e4SLinus Torvalds break; 8041da177e4SLinus Torvalds } 8051da177e4SLinus Torvalds nd->flags |= LOOKUP_CONTINUE; 8061da177e4SLinus Torvalds /* This does the actual lookups.. */ 8071da177e4SLinus Torvalds err = do_lookup(nd, &this, &next); 8081da177e4SLinus Torvalds if (err) 8091da177e4SLinus Torvalds break; 8101da177e4SLinus Torvalds 8111da177e4SLinus Torvalds err = -ENOENT; 8121da177e4SLinus Torvalds inode = next.dentry->d_inode; 8131da177e4SLinus Torvalds if (!inode) 8141da177e4SLinus Torvalds goto out_dput; 8151da177e4SLinus Torvalds err = -ENOTDIR; 8161da177e4SLinus Torvalds if (!inode->i_op) 8171da177e4SLinus Torvalds goto out_dput; 8181da177e4SLinus Torvalds 8191da177e4SLinus Torvalds if (inode->i_op->follow_link) { 82090ebe565SAl Viro err = do_follow_link(&next, nd); 8211da177e4SLinus Torvalds if (err) 8221da177e4SLinus Torvalds goto return_err; 8231da177e4SLinus Torvalds err = -ENOENT; 8241da177e4SLinus Torvalds inode = nd->dentry->d_inode; 8251da177e4SLinus Torvalds if (!inode) 8261da177e4SLinus Torvalds break; 8271da177e4SLinus Torvalds err = -ENOTDIR; 8281da177e4SLinus Torvalds if (!inode->i_op) 8291da177e4SLinus Torvalds break; 83009dd17d3SMiklos Szeredi } else 83109dd17d3SMiklos Szeredi path_to_nameidata(&next, nd); 8321da177e4SLinus Torvalds err = -ENOTDIR; 8331da177e4SLinus Torvalds if (!inode->i_op->lookup) 8341da177e4SLinus Torvalds break; 8351da177e4SLinus Torvalds continue; 8361da177e4SLinus Torvalds /* here ends the main loop */ 8371da177e4SLinus Torvalds 8381da177e4SLinus Torvalds last_with_slashes: 8391da177e4SLinus Torvalds lookup_flags |= LOOKUP_FOLLOW | LOOKUP_DIRECTORY; 8401da177e4SLinus Torvalds last_component: 8411da177e4SLinus Torvalds nd->flags &= ~LOOKUP_CONTINUE; 8421da177e4SLinus Torvalds if (lookup_flags & LOOKUP_PARENT) 8431da177e4SLinus Torvalds goto lookup_parent; 8441da177e4SLinus Torvalds if (this.name[0] == '.') switch (this.len) { 8451da177e4SLinus Torvalds default: 8461da177e4SLinus Torvalds break; 8471da177e4SLinus Torvalds case 2: 8481da177e4SLinus Torvalds if (this.name[1] != '.') 8491da177e4SLinus Torvalds break; 85058c465ebSAl Viro follow_dotdot(nd); 8511da177e4SLinus Torvalds inode = nd->dentry->d_inode; 8521da177e4SLinus Torvalds /* fallthrough */ 8531da177e4SLinus Torvalds case 1: 8541da177e4SLinus Torvalds goto return_reval; 8551da177e4SLinus Torvalds } 8561da177e4SLinus Torvalds if (nd->dentry->d_op && nd->dentry->d_op->d_hash) { 8571da177e4SLinus Torvalds err = nd->dentry->d_op->d_hash(nd->dentry, &this); 8581da177e4SLinus Torvalds if (err < 0) 8591da177e4SLinus Torvalds break; 8601da177e4SLinus Torvalds } 8611da177e4SLinus Torvalds err = do_lookup(nd, &this, &next); 8621da177e4SLinus Torvalds if (err) 8631da177e4SLinus Torvalds break; 8641da177e4SLinus Torvalds inode = next.dentry->d_inode; 8651da177e4SLinus Torvalds if ((lookup_flags & LOOKUP_FOLLOW) 8661da177e4SLinus Torvalds && inode && inode->i_op && inode->i_op->follow_link) { 86790ebe565SAl Viro err = do_follow_link(&next, nd); 8681da177e4SLinus Torvalds if (err) 8691da177e4SLinus Torvalds goto return_err; 8701da177e4SLinus Torvalds inode = nd->dentry->d_inode; 87109dd17d3SMiklos Szeredi } else 87209dd17d3SMiklos Szeredi path_to_nameidata(&next, nd); 8731da177e4SLinus Torvalds err = -ENOENT; 8741da177e4SLinus Torvalds if (!inode) 8751da177e4SLinus Torvalds break; 8761da177e4SLinus Torvalds if (lookup_flags & LOOKUP_DIRECTORY) { 8771da177e4SLinus Torvalds err = -ENOTDIR; 8781da177e4SLinus Torvalds if (!inode->i_op || !inode->i_op->lookup) 8791da177e4SLinus Torvalds break; 8801da177e4SLinus Torvalds } 8811da177e4SLinus Torvalds goto return_base; 8821da177e4SLinus Torvalds lookup_parent: 8831da177e4SLinus Torvalds nd->last = this; 8841da177e4SLinus Torvalds nd->last_type = LAST_NORM; 8851da177e4SLinus Torvalds if (this.name[0] != '.') 8861da177e4SLinus Torvalds goto return_base; 8871da177e4SLinus Torvalds if (this.len == 1) 8881da177e4SLinus Torvalds nd->last_type = LAST_DOT; 8891da177e4SLinus Torvalds else if (this.len == 2 && this.name[1] == '.') 8901da177e4SLinus Torvalds nd->last_type = LAST_DOTDOT; 8911da177e4SLinus Torvalds else 8921da177e4SLinus Torvalds goto return_base; 8931da177e4SLinus Torvalds return_reval: 8941da177e4SLinus Torvalds /* 8951da177e4SLinus Torvalds * We bypassed the ordinary revalidation routines. 8961da177e4SLinus Torvalds * We may need to check the cached dentry for staleness. 8971da177e4SLinus Torvalds */ 8981da177e4SLinus Torvalds if (nd->dentry && nd->dentry->d_sb && 8991da177e4SLinus Torvalds (nd->dentry->d_sb->s_type->fs_flags & FS_REVAL_DOT)) { 9001da177e4SLinus Torvalds err = -ESTALE; 9011da177e4SLinus Torvalds /* Note: we do not d_invalidate() */ 9021da177e4SLinus Torvalds if (!nd->dentry->d_op->d_revalidate(nd->dentry, nd)) 9031da177e4SLinus Torvalds break; 9041da177e4SLinus Torvalds } 9051da177e4SLinus Torvalds return_base: 9061da177e4SLinus Torvalds return 0; 9071da177e4SLinus Torvalds out_dput: 90809dd17d3SMiklos Szeredi dput_path(&next, nd); 9091da177e4SLinus Torvalds break; 9101da177e4SLinus Torvalds } 9111da177e4SLinus Torvalds path_release(nd); 9121da177e4SLinus Torvalds return_err: 9131da177e4SLinus Torvalds return err; 9141da177e4SLinus Torvalds } 9151da177e4SLinus Torvalds 9161da177e4SLinus Torvalds /* 9171da177e4SLinus Torvalds * Wrapper to retry pathname resolution whenever the underlying 9181da177e4SLinus Torvalds * file system returns an ESTALE. 9191da177e4SLinus Torvalds * 9201da177e4SLinus Torvalds * Retry the whole path once, forcing real lookup requests 9211da177e4SLinus Torvalds * instead of relying on the dcache. 9221da177e4SLinus Torvalds */ 9231da177e4SLinus Torvalds int fastcall link_path_walk(const char *name, struct nameidata *nd) 9241da177e4SLinus Torvalds { 9251da177e4SLinus Torvalds struct nameidata save = *nd; 9261da177e4SLinus Torvalds int result; 9271da177e4SLinus Torvalds 9281da177e4SLinus Torvalds /* make sure the stuff we saved doesn't go away */ 9291da177e4SLinus Torvalds dget(save.dentry); 9301da177e4SLinus Torvalds mntget(save.mnt); 9311da177e4SLinus Torvalds 9321da177e4SLinus Torvalds result = __link_path_walk(name, nd); 9331da177e4SLinus Torvalds if (result == -ESTALE) { 9341da177e4SLinus Torvalds *nd = save; 9351da177e4SLinus Torvalds dget(nd->dentry); 9361da177e4SLinus Torvalds mntget(nd->mnt); 9371da177e4SLinus Torvalds nd->flags |= LOOKUP_REVAL; 9381da177e4SLinus Torvalds result = __link_path_walk(name, nd); 9391da177e4SLinus Torvalds } 9401da177e4SLinus Torvalds 9411da177e4SLinus Torvalds dput(save.dentry); 9421da177e4SLinus Torvalds mntput(save.mnt); 9431da177e4SLinus Torvalds 9441da177e4SLinus Torvalds return result; 9451da177e4SLinus Torvalds } 9461da177e4SLinus Torvalds 9471da177e4SLinus Torvalds int fastcall path_walk(const char * name, struct nameidata *nd) 9481da177e4SLinus Torvalds { 9491da177e4SLinus Torvalds current->total_link_count = 0; 9501da177e4SLinus Torvalds return link_path_walk(name, nd); 9511da177e4SLinus Torvalds } 9521da177e4SLinus Torvalds 953ea3834d9SPrasanna Meda /* 954ea3834d9SPrasanna Meda * SMP-safe: Returns 1 and nd will have valid dentry and mnt, if 955ea3834d9SPrasanna Meda * everything is done. Returns 0 and drops input nd, if lookup failed; 956ea3834d9SPrasanna Meda */ 9571da177e4SLinus Torvalds static int __emul_lookup_dentry(const char *name, struct nameidata *nd) 9581da177e4SLinus Torvalds { 9591da177e4SLinus Torvalds if (path_walk(name, nd)) 9601da177e4SLinus Torvalds return 0; /* something went wrong... */ 9611da177e4SLinus Torvalds 9621da177e4SLinus Torvalds if (!nd->dentry->d_inode || S_ISDIR(nd->dentry->d_inode->i_mode)) { 9631da177e4SLinus Torvalds struct dentry *old_dentry = nd->dentry; 9641da177e4SLinus Torvalds struct vfsmount *old_mnt = nd->mnt; 9651da177e4SLinus Torvalds struct qstr last = nd->last; 9661da177e4SLinus Torvalds int last_type = nd->last_type; 9671da177e4SLinus Torvalds /* 9681da177e4SLinus Torvalds * NAME was not found in alternate root or it's a directory. Try to find 9691da177e4SLinus Torvalds * it in the normal root: 9701da177e4SLinus Torvalds */ 9711da177e4SLinus Torvalds nd->last_type = LAST_ROOT; 9721da177e4SLinus Torvalds read_lock(¤t->fs->lock); 9731da177e4SLinus Torvalds nd->mnt = mntget(current->fs->rootmnt); 9741da177e4SLinus Torvalds nd->dentry = dget(current->fs->root); 9751da177e4SLinus Torvalds read_unlock(¤t->fs->lock); 9761da177e4SLinus Torvalds if (path_walk(name, nd) == 0) { 9771da177e4SLinus Torvalds if (nd->dentry->d_inode) { 9781da177e4SLinus Torvalds dput(old_dentry); 9791da177e4SLinus Torvalds mntput(old_mnt); 9801da177e4SLinus Torvalds return 1; 9811da177e4SLinus Torvalds } 9821da177e4SLinus Torvalds path_release(nd); 9831da177e4SLinus Torvalds } 9841da177e4SLinus Torvalds nd->dentry = old_dentry; 9851da177e4SLinus Torvalds nd->mnt = old_mnt; 9861da177e4SLinus Torvalds nd->last = last; 9871da177e4SLinus Torvalds nd->last_type = last_type; 9881da177e4SLinus Torvalds } 9891da177e4SLinus Torvalds return 1; 9901da177e4SLinus Torvalds } 9911da177e4SLinus Torvalds 9921da177e4SLinus Torvalds void set_fs_altroot(void) 9931da177e4SLinus Torvalds { 9941da177e4SLinus Torvalds char *emul = __emul_prefix(); 9951da177e4SLinus Torvalds struct nameidata nd; 9961da177e4SLinus Torvalds struct vfsmount *mnt = NULL, *oldmnt; 9971da177e4SLinus Torvalds struct dentry *dentry = NULL, *olddentry; 9981da177e4SLinus Torvalds int err; 9991da177e4SLinus Torvalds 10001da177e4SLinus Torvalds if (!emul) 10011da177e4SLinus Torvalds goto set_it; 10021da177e4SLinus Torvalds err = path_lookup(emul, LOOKUP_FOLLOW|LOOKUP_DIRECTORY|LOOKUP_NOALT, &nd); 10031da177e4SLinus Torvalds if (!err) { 10041da177e4SLinus Torvalds mnt = nd.mnt; 10051da177e4SLinus Torvalds dentry = nd.dentry; 10061da177e4SLinus Torvalds } 10071da177e4SLinus Torvalds set_it: 10081da177e4SLinus Torvalds write_lock(¤t->fs->lock); 10091da177e4SLinus Torvalds oldmnt = current->fs->altrootmnt; 10101da177e4SLinus Torvalds olddentry = current->fs->altroot; 10111da177e4SLinus Torvalds current->fs->altrootmnt = mnt; 10121da177e4SLinus Torvalds current->fs->altroot = dentry; 10131da177e4SLinus Torvalds write_unlock(¤t->fs->lock); 10141da177e4SLinus Torvalds if (olddentry) { 10151da177e4SLinus Torvalds dput(olddentry); 10161da177e4SLinus Torvalds mntput(oldmnt); 10171da177e4SLinus Torvalds } 10181da177e4SLinus Torvalds } 10191da177e4SLinus Torvalds 1020ea3834d9SPrasanna Meda /* Returns 0 and nd will be valid on success; Retuns error, otherwise. */ 10211da177e4SLinus Torvalds int fastcall path_lookup(const char *name, unsigned int flags, struct nameidata *nd) 10221da177e4SLinus Torvalds { 1023ea3834d9SPrasanna Meda int retval = 0; 10241da177e4SLinus Torvalds 10251da177e4SLinus Torvalds nd->last_type = LAST_ROOT; /* if there are only slashes... */ 10261da177e4SLinus Torvalds nd->flags = flags; 10271da177e4SLinus Torvalds nd->depth = 0; 10281da177e4SLinus Torvalds 10291da177e4SLinus Torvalds read_lock(¤t->fs->lock); 10301da177e4SLinus Torvalds if (*name=='/') { 10311da177e4SLinus Torvalds if (current->fs->altroot && !(nd->flags & LOOKUP_NOALT)) { 10321da177e4SLinus Torvalds nd->mnt = mntget(current->fs->altrootmnt); 10331da177e4SLinus Torvalds nd->dentry = dget(current->fs->altroot); 10341da177e4SLinus Torvalds read_unlock(¤t->fs->lock); 10351da177e4SLinus Torvalds if (__emul_lookup_dentry(name,nd)) 1036ea3834d9SPrasanna Meda goto out; /* found in altroot */ 10371da177e4SLinus Torvalds read_lock(¤t->fs->lock); 10381da177e4SLinus Torvalds } 10391da177e4SLinus Torvalds nd->mnt = mntget(current->fs->rootmnt); 10401da177e4SLinus Torvalds nd->dentry = dget(current->fs->root); 10411da177e4SLinus Torvalds } else { 10421da177e4SLinus Torvalds nd->mnt = mntget(current->fs->pwdmnt); 10431da177e4SLinus Torvalds nd->dentry = dget(current->fs->pwd); 10441da177e4SLinus Torvalds } 10451da177e4SLinus Torvalds read_unlock(¤t->fs->lock); 10461da177e4SLinus Torvalds current->total_link_count = 0; 10471da177e4SLinus Torvalds retval = link_path_walk(name, nd); 1048ea3834d9SPrasanna Meda out: 10491da177e4SLinus Torvalds if (unlikely(current->audit_context 10501da177e4SLinus Torvalds && nd && nd->dentry && nd->dentry->d_inode)) 10511da177e4SLinus Torvalds audit_inode(name, nd->dentry->d_inode); 10521da177e4SLinus Torvalds return retval; 10531da177e4SLinus Torvalds } 10541da177e4SLinus Torvalds 10551da177e4SLinus Torvalds /* 10561da177e4SLinus Torvalds * Restricted form of lookup. Doesn't follow links, single-component only, 10571da177e4SLinus Torvalds * needs parent already locked. Doesn't follow mounts. 10581da177e4SLinus Torvalds * SMP-safe. 10591da177e4SLinus Torvalds */ 10601da177e4SLinus Torvalds static struct dentry * __lookup_hash(struct qstr *name, struct dentry * base, struct nameidata *nd) 10611da177e4SLinus Torvalds { 10621da177e4SLinus Torvalds struct dentry * dentry; 10631da177e4SLinus Torvalds struct inode *inode; 10641da177e4SLinus Torvalds int err; 10651da177e4SLinus Torvalds 10661da177e4SLinus Torvalds inode = base->d_inode; 10671da177e4SLinus Torvalds err = permission(inode, MAY_EXEC, nd); 10681da177e4SLinus Torvalds dentry = ERR_PTR(err); 10691da177e4SLinus Torvalds if (err) 10701da177e4SLinus Torvalds goto out; 10711da177e4SLinus Torvalds 10721da177e4SLinus Torvalds /* 10731da177e4SLinus Torvalds * See if the low-level filesystem might want 10741da177e4SLinus Torvalds * to use its own hash.. 10751da177e4SLinus Torvalds */ 10761da177e4SLinus Torvalds if (base->d_op && base->d_op->d_hash) { 10771da177e4SLinus Torvalds err = base->d_op->d_hash(base, name); 10781da177e4SLinus Torvalds dentry = ERR_PTR(err); 10791da177e4SLinus Torvalds if (err < 0) 10801da177e4SLinus Torvalds goto out; 10811da177e4SLinus Torvalds } 10821da177e4SLinus Torvalds 10831da177e4SLinus Torvalds dentry = cached_lookup(base, name, nd); 10841da177e4SLinus Torvalds if (!dentry) { 10851da177e4SLinus Torvalds struct dentry *new = d_alloc(base, name); 10861da177e4SLinus Torvalds dentry = ERR_PTR(-ENOMEM); 10871da177e4SLinus Torvalds if (!new) 10881da177e4SLinus Torvalds goto out; 10891da177e4SLinus Torvalds dentry = inode->i_op->lookup(inode, new, nd); 10901da177e4SLinus Torvalds if (!dentry) 10911da177e4SLinus Torvalds dentry = new; 10921da177e4SLinus Torvalds else 10931da177e4SLinus Torvalds dput(new); 10941da177e4SLinus Torvalds } 10951da177e4SLinus Torvalds out: 10961da177e4SLinus Torvalds return dentry; 10971da177e4SLinus Torvalds } 10981da177e4SLinus Torvalds 10991da177e4SLinus Torvalds struct dentry * lookup_hash(struct qstr *name, struct dentry * base) 11001da177e4SLinus Torvalds { 11011da177e4SLinus Torvalds return __lookup_hash(name, base, NULL); 11021da177e4SLinus Torvalds } 11031da177e4SLinus Torvalds 11041da177e4SLinus Torvalds /* SMP-safe */ 11051da177e4SLinus Torvalds struct dentry * lookup_one_len(const char * name, struct dentry * base, int len) 11061da177e4SLinus Torvalds { 11071da177e4SLinus Torvalds unsigned long hash; 11081da177e4SLinus Torvalds struct qstr this; 11091da177e4SLinus Torvalds unsigned int c; 11101da177e4SLinus Torvalds 11111da177e4SLinus Torvalds this.name = name; 11121da177e4SLinus Torvalds this.len = len; 11131da177e4SLinus Torvalds if (!len) 11141da177e4SLinus Torvalds goto access; 11151da177e4SLinus Torvalds 11161da177e4SLinus Torvalds hash = init_name_hash(); 11171da177e4SLinus Torvalds while (len--) { 11181da177e4SLinus Torvalds c = *(const unsigned char *)name++; 11191da177e4SLinus Torvalds if (c == '/' || c == '\0') 11201da177e4SLinus Torvalds goto access; 11211da177e4SLinus Torvalds hash = partial_name_hash(c, hash); 11221da177e4SLinus Torvalds } 11231da177e4SLinus Torvalds this.hash = end_name_hash(hash); 11241da177e4SLinus Torvalds 11251da177e4SLinus Torvalds return lookup_hash(&this, base); 11261da177e4SLinus Torvalds access: 11271da177e4SLinus Torvalds return ERR_PTR(-EACCES); 11281da177e4SLinus Torvalds } 11291da177e4SLinus Torvalds 11301da177e4SLinus Torvalds /* 11311da177e4SLinus Torvalds * namei() 11321da177e4SLinus Torvalds * 11331da177e4SLinus Torvalds * is used by most simple commands to get the inode of a specified name. 11341da177e4SLinus Torvalds * Open, link etc use their own routines, but this is enough for things 11351da177e4SLinus Torvalds * like 'chmod' etc. 11361da177e4SLinus Torvalds * 11371da177e4SLinus Torvalds * namei exists in two versions: namei/lnamei. The only difference is 11381da177e4SLinus Torvalds * that namei follows links, while lnamei does not. 11391da177e4SLinus Torvalds * SMP-safe 11401da177e4SLinus Torvalds */ 11411da177e4SLinus Torvalds int fastcall __user_walk(const char __user *name, unsigned flags, struct nameidata *nd) 11421da177e4SLinus Torvalds { 11431da177e4SLinus Torvalds char *tmp = getname(name); 11441da177e4SLinus Torvalds int err = PTR_ERR(tmp); 11451da177e4SLinus Torvalds 11461da177e4SLinus Torvalds if (!IS_ERR(tmp)) { 11471da177e4SLinus Torvalds err = path_lookup(tmp, flags, nd); 11481da177e4SLinus Torvalds putname(tmp); 11491da177e4SLinus Torvalds } 11501da177e4SLinus Torvalds return err; 11511da177e4SLinus Torvalds } 11521da177e4SLinus Torvalds 11531da177e4SLinus Torvalds /* 11541da177e4SLinus Torvalds * It's inline, so penalty for filesystems that don't use sticky bit is 11551da177e4SLinus Torvalds * minimal. 11561da177e4SLinus Torvalds */ 11571da177e4SLinus Torvalds static inline int check_sticky(struct inode *dir, struct inode *inode) 11581da177e4SLinus Torvalds { 11591da177e4SLinus Torvalds if (!(dir->i_mode & S_ISVTX)) 11601da177e4SLinus Torvalds return 0; 11611da177e4SLinus Torvalds if (inode->i_uid == current->fsuid) 11621da177e4SLinus Torvalds return 0; 11631da177e4SLinus Torvalds if (dir->i_uid == current->fsuid) 11641da177e4SLinus Torvalds return 0; 11651da177e4SLinus Torvalds return !capable(CAP_FOWNER); 11661da177e4SLinus Torvalds } 11671da177e4SLinus Torvalds 11681da177e4SLinus Torvalds /* 11691da177e4SLinus Torvalds * Check whether we can remove a link victim from directory dir, check 11701da177e4SLinus Torvalds * whether the type of victim is right. 11711da177e4SLinus Torvalds * 1. We can't do it if dir is read-only (done in permission()) 11721da177e4SLinus Torvalds * 2. We should have write and exec permissions on dir 11731da177e4SLinus Torvalds * 3. We can't remove anything from append-only dir 11741da177e4SLinus Torvalds * 4. We can't do anything with immutable dir (done in permission()) 11751da177e4SLinus Torvalds * 5. If the sticky bit on dir is set we should either 11761da177e4SLinus Torvalds * a. be owner of dir, or 11771da177e4SLinus Torvalds * b. be owner of victim, or 11781da177e4SLinus Torvalds * c. have CAP_FOWNER capability 11791da177e4SLinus Torvalds * 6. If the victim is append-only or immutable we can't do antyhing with 11801da177e4SLinus Torvalds * links pointing to it. 11811da177e4SLinus Torvalds * 7. If we were asked to remove a directory and victim isn't one - ENOTDIR. 11821da177e4SLinus Torvalds * 8. If we were asked to remove a non-directory and victim isn't one - EISDIR. 11831da177e4SLinus Torvalds * 9. We can't remove a root or mountpoint. 11841da177e4SLinus Torvalds * 10. We don't allow removal of NFS sillyrenamed files; it's handled by 11851da177e4SLinus Torvalds * nfs_async_unlink(). 11861da177e4SLinus Torvalds */ 11871da177e4SLinus Torvalds static inline int may_delete(struct inode *dir,struct dentry *victim,int isdir) 11881da177e4SLinus Torvalds { 11891da177e4SLinus Torvalds int error; 11901da177e4SLinus Torvalds 11911da177e4SLinus Torvalds if (!victim->d_inode) 11921da177e4SLinus Torvalds return -ENOENT; 11931da177e4SLinus Torvalds 11941da177e4SLinus Torvalds BUG_ON(victim->d_parent->d_inode != dir); 11951da177e4SLinus Torvalds 11961da177e4SLinus Torvalds error = permission(dir,MAY_WRITE | MAY_EXEC, NULL); 11971da177e4SLinus Torvalds if (error) 11981da177e4SLinus Torvalds return error; 11991da177e4SLinus Torvalds if (IS_APPEND(dir)) 12001da177e4SLinus Torvalds return -EPERM; 12011da177e4SLinus Torvalds if (check_sticky(dir, victim->d_inode)||IS_APPEND(victim->d_inode)|| 12021da177e4SLinus Torvalds IS_IMMUTABLE(victim->d_inode)) 12031da177e4SLinus Torvalds return -EPERM; 12041da177e4SLinus Torvalds if (isdir) { 12051da177e4SLinus Torvalds if (!S_ISDIR(victim->d_inode->i_mode)) 12061da177e4SLinus Torvalds return -ENOTDIR; 12071da177e4SLinus Torvalds if (IS_ROOT(victim)) 12081da177e4SLinus Torvalds return -EBUSY; 12091da177e4SLinus Torvalds } else if (S_ISDIR(victim->d_inode->i_mode)) 12101da177e4SLinus Torvalds return -EISDIR; 12111da177e4SLinus Torvalds if (IS_DEADDIR(dir)) 12121da177e4SLinus Torvalds return -ENOENT; 12131da177e4SLinus Torvalds if (victim->d_flags & DCACHE_NFSFS_RENAMED) 12141da177e4SLinus Torvalds return -EBUSY; 12151da177e4SLinus Torvalds return 0; 12161da177e4SLinus Torvalds } 12171da177e4SLinus Torvalds 12181da177e4SLinus Torvalds /* Check whether we can create an object with dentry child in directory 12191da177e4SLinus Torvalds * dir. 12201da177e4SLinus Torvalds * 1. We can't do it if child already exists (open has special treatment for 12211da177e4SLinus Torvalds * this case, but since we are inlined it's OK) 12221da177e4SLinus Torvalds * 2. We can't do it if dir is read-only (done in permission()) 12231da177e4SLinus Torvalds * 3. We should have write and exec permissions on dir 12241da177e4SLinus Torvalds * 4. We can't do it if dir is immutable (done in permission()) 12251da177e4SLinus Torvalds */ 12261da177e4SLinus Torvalds static inline int may_create(struct inode *dir, struct dentry *child, 12271da177e4SLinus Torvalds struct nameidata *nd) 12281da177e4SLinus Torvalds { 12291da177e4SLinus Torvalds if (child->d_inode) 12301da177e4SLinus Torvalds return -EEXIST; 12311da177e4SLinus Torvalds if (IS_DEADDIR(dir)) 12321da177e4SLinus Torvalds return -ENOENT; 12331da177e4SLinus Torvalds return permission(dir,MAY_WRITE | MAY_EXEC, nd); 12341da177e4SLinus Torvalds } 12351da177e4SLinus Torvalds 12361da177e4SLinus Torvalds /* 12371da177e4SLinus Torvalds * Special case: O_CREAT|O_EXCL implies O_NOFOLLOW for security 12381da177e4SLinus Torvalds * reasons. 12391da177e4SLinus Torvalds * 12401da177e4SLinus Torvalds * O_DIRECTORY translates into forcing a directory lookup. 12411da177e4SLinus Torvalds */ 12421da177e4SLinus Torvalds static inline int lookup_flags(unsigned int f) 12431da177e4SLinus Torvalds { 12441da177e4SLinus Torvalds unsigned long retval = LOOKUP_FOLLOW; 12451da177e4SLinus Torvalds 12461da177e4SLinus Torvalds if (f & O_NOFOLLOW) 12471da177e4SLinus Torvalds retval &= ~LOOKUP_FOLLOW; 12481da177e4SLinus Torvalds 12491da177e4SLinus Torvalds if ((f & (O_CREAT|O_EXCL)) == (O_CREAT|O_EXCL)) 12501da177e4SLinus Torvalds retval &= ~LOOKUP_FOLLOW; 12511da177e4SLinus Torvalds 12521da177e4SLinus Torvalds if (f & O_DIRECTORY) 12531da177e4SLinus Torvalds retval |= LOOKUP_DIRECTORY; 12541da177e4SLinus Torvalds 12551da177e4SLinus Torvalds return retval; 12561da177e4SLinus Torvalds } 12571da177e4SLinus Torvalds 12581da177e4SLinus Torvalds /* 12591da177e4SLinus Torvalds * p1 and p2 should be directories on the same fs. 12601da177e4SLinus Torvalds */ 12611da177e4SLinus Torvalds struct dentry *lock_rename(struct dentry *p1, struct dentry *p2) 12621da177e4SLinus Torvalds { 12631da177e4SLinus Torvalds struct dentry *p; 12641da177e4SLinus Torvalds 12651da177e4SLinus Torvalds if (p1 == p2) { 12661da177e4SLinus Torvalds down(&p1->d_inode->i_sem); 12671da177e4SLinus Torvalds return NULL; 12681da177e4SLinus Torvalds } 12691da177e4SLinus Torvalds 12701da177e4SLinus Torvalds down(&p1->d_inode->i_sb->s_vfs_rename_sem); 12711da177e4SLinus Torvalds 12721da177e4SLinus Torvalds for (p = p1; p->d_parent != p; p = p->d_parent) { 12731da177e4SLinus Torvalds if (p->d_parent == p2) { 12741da177e4SLinus Torvalds down(&p2->d_inode->i_sem); 12751da177e4SLinus Torvalds down(&p1->d_inode->i_sem); 12761da177e4SLinus Torvalds return p; 12771da177e4SLinus Torvalds } 12781da177e4SLinus Torvalds } 12791da177e4SLinus Torvalds 12801da177e4SLinus Torvalds for (p = p2; p->d_parent != p; p = p->d_parent) { 12811da177e4SLinus Torvalds if (p->d_parent == p1) { 12821da177e4SLinus Torvalds down(&p1->d_inode->i_sem); 12831da177e4SLinus Torvalds down(&p2->d_inode->i_sem); 12841da177e4SLinus Torvalds return p; 12851da177e4SLinus Torvalds } 12861da177e4SLinus Torvalds } 12871da177e4SLinus Torvalds 12881da177e4SLinus Torvalds down(&p1->d_inode->i_sem); 12891da177e4SLinus Torvalds down(&p2->d_inode->i_sem); 12901da177e4SLinus Torvalds return NULL; 12911da177e4SLinus Torvalds } 12921da177e4SLinus Torvalds 12931da177e4SLinus Torvalds void unlock_rename(struct dentry *p1, struct dentry *p2) 12941da177e4SLinus Torvalds { 12951da177e4SLinus Torvalds up(&p1->d_inode->i_sem); 12961da177e4SLinus Torvalds if (p1 != p2) { 12971da177e4SLinus Torvalds up(&p2->d_inode->i_sem); 12981da177e4SLinus Torvalds up(&p1->d_inode->i_sb->s_vfs_rename_sem); 12991da177e4SLinus Torvalds } 13001da177e4SLinus Torvalds } 13011da177e4SLinus Torvalds 13021da177e4SLinus Torvalds int vfs_create(struct inode *dir, struct dentry *dentry, int mode, 13031da177e4SLinus Torvalds struct nameidata *nd) 13041da177e4SLinus Torvalds { 13051da177e4SLinus Torvalds int error = may_create(dir, dentry, nd); 13061da177e4SLinus Torvalds 13071da177e4SLinus Torvalds if (error) 13081da177e4SLinus Torvalds return error; 13091da177e4SLinus Torvalds 13101da177e4SLinus Torvalds if (!dir->i_op || !dir->i_op->create) 13111da177e4SLinus Torvalds return -EACCES; /* shouldn't it be ENOSYS? */ 13121da177e4SLinus Torvalds mode &= S_IALLUGO; 13131da177e4SLinus Torvalds mode |= S_IFREG; 13141da177e4SLinus Torvalds error = security_inode_create(dir, dentry, mode); 13151da177e4SLinus Torvalds if (error) 13161da177e4SLinus Torvalds return error; 13171da177e4SLinus Torvalds DQUOT_INIT(dir); 13181da177e4SLinus Torvalds error = dir->i_op->create(dir, dentry, mode, nd); 1319a74574aaSStephen Smalley if (!error) 13200eeca283SRobert Love fsnotify_create(dir, dentry->d_name.name); 13211da177e4SLinus Torvalds return error; 13221da177e4SLinus Torvalds } 13231da177e4SLinus Torvalds 13241da177e4SLinus Torvalds int may_open(struct nameidata *nd, int acc_mode, int flag) 13251da177e4SLinus Torvalds { 13261da177e4SLinus Torvalds struct dentry *dentry = nd->dentry; 13271da177e4SLinus Torvalds struct inode *inode = dentry->d_inode; 13281da177e4SLinus Torvalds int error; 13291da177e4SLinus Torvalds 13301da177e4SLinus Torvalds if (!inode) 13311da177e4SLinus Torvalds return -ENOENT; 13321da177e4SLinus Torvalds 13331da177e4SLinus Torvalds if (S_ISLNK(inode->i_mode)) 13341da177e4SLinus Torvalds return -ELOOP; 13351da177e4SLinus Torvalds 13361da177e4SLinus Torvalds if (S_ISDIR(inode->i_mode) && (flag & FMODE_WRITE)) 13371da177e4SLinus Torvalds return -EISDIR; 13381da177e4SLinus Torvalds 13391da177e4SLinus Torvalds error = permission(inode, acc_mode, nd); 13401da177e4SLinus Torvalds if (error) 13411da177e4SLinus Torvalds return error; 13421da177e4SLinus Torvalds 13431da177e4SLinus Torvalds /* 13441da177e4SLinus Torvalds * FIFO's, sockets and device files are special: they don't 13451da177e4SLinus Torvalds * actually live on the filesystem itself, and as such you 13461da177e4SLinus Torvalds * can write to them even if the filesystem is read-only. 13471da177e4SLinus Torvalds */ 13481da177e4SLinus Torvalds if (S_ISFIFO(inode->i_mode) || S_ISSOCK(inode->i_mode)) { 13491da177e4SLinus Torvalds flag &= ~O_TRUNC; 13501da177e4SLinus Torvalds } else if (S_ISBLK(inode->i_mode) || S_ISCHR(inode->i_mode)) { 13511da177e4SLinus Torvalds if (nd->mnt->mnt_flags & MNT_NODEV) 13521da177e4SLinus Torvalds return -EACCES; 13531da177e4SLinus Torvalds 13541da177e4SLinus Torvalds flag &= ~O_TRUNC; 13551da177e4SLinus Torvalds } else if (IS_RDONLY(inode) && (flag & FMODE_WRITE)) 13561da177e4SLinus Torvalds return -EROFS; 13571da177e4SLinus Torvalds /* 13581da177e4SLinus Torvalds * An append-only file must be opened in append mode for writing. 13591da177e4SLinus Torvalds */ 13601da177e4SLinus Torvalds if (IS_APPEND(inode)) { 13611da177e4SLinus Torvalds if ((flag & FMODE_WRITE) && !(flag & O_APPEND)) 13621da177e4SLinus Torvalds return -EPERM; 13631da177e4SLinus Torvalds if (flag & O_TRUNC) 13641da177e4SLinus Torvalds return -EPERM; 13651da177e4SLinus Torvalds } 13661da177e4SLinus Torvalds 13671da177e4SLinus Torvalds /* O_NOATIME can only be set by the owner or superuser */ 13681da177e4SLinus Torvalds if (flag & O_NOATIME) 13691da177e4SLinus Torvalds if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER)) 13701da177e4SLinus Torvalds return -EPERM; 13711da177e4SLinus Torvalds 13721da177e4SLinus Torvalds /* 13731da177e4SLinus Torvalds * Ensure there are no outstanding leases on the file. 13741da177e4SLinus Torvalds */ 13751da177e4SLinus Torvalds error = break_lease(inode, flag); 13761da177e4SLinus Torvalds if (error) 13771da177e4SLinus Torvalds return error; 13781da177e4SLinus Torvalds 13791da177e4SLinus Torvalds if (flag & O_TRUNC) { 13801da177e4SLinus Torvalds error = get_write_access(inode); 13811da177e4SLinus Torvalds if (error) 13821da177e4SLinus Torvalds return error; 13831da177e4SLinus Torvalds 13841da177e4SLinus Torvalds /* 13851da177e4SLinus Torvalds * Refuse to truncate files with mandatory locks held on them. 13861da177e4SLinus Torvalds */ 13871da177e4SLinus Torvalds error = locks_verify_locked(inode); 13881da177e4SLinus Torvalds if (!error) { 13891da177e4SLinus Torvalds DQUOT_INIT(inode); 13901da177e4SLinus Torvalds 13911da177e4SLinus Torvalds error = do_truncate(dentry, 0); 13921da177e4SLinus Torvalds } 13931da177e4SLinus Torvalds put_write_access(inode); 13941da177e4SLinus Torvalds if (error) 13951da177e4SLinus Torvalds return error; 13961da177e4SLinus Torvalds } else 13971da177e4SLinus Torvalds if (flag & FMODE_WRITE) 13981da177e4SLinus Torvalds DQUOT_INIT(inode); 13991da177e4SLinus Torvalds 14001da177e4SLinus Torvalds return 0; 14011da177e4SLinus Torvalds } 14021da177e4SLinus Torvalds 14031da177e4SLinus Torvalds /* 14041da177e4SLinus Torvalds * open_namei() 14051da177e4SLinus Torvalds * 14061da177e4SLinus Torvalds * namei for open - this is in fact almost the whole open-routine. 14071da177e4SLinus Torvalds * 14081da177e4SLinus Torvalds * Note that the low bits of "flag" aren't the same as in the open 14091da177e4SLinus Torvalds * system call - they are 00 - no permissions needed 14101da177e4SLinus Torvalds * 01 - read permission needed 14111da177e4SLinus Torvalds * 10 - write permission needed 14121da177e4SLinus Torvalds * 11 - read/write permissions needed 14131da177e4SLinus Torvalds * which is a lot more logical, and also allows the "no perm" needed 14141da177e4SLinus Torvalds * for symlinks (where the permissions are checked later). 14151da177e4SLinus Torvalds * SMP-safe 14161da177e4SLinus Torvalds */ 14171da177e4SLinus Torvalds int open_namei(const char * pathname, int flag, int mode, struct nameidata *nd) 14181da177e4SLinus Torvalds { 14191da177e4SLinus Torvalds int acc_mode, error = 0; 14204e7506e4SAl Viro struct path path; 14211da177e4SLinus Torvalds struct dentry *dir; 14221da177e4SLinus Torvalds int count = 0; 14231da177e4SLinus Torvalds 14241da177e4SLinus Torvalds acc_mode = ACC_MODE(flag); 14251da177e4SLinus Torvalds 14261da177e4SLinus Torvalds /* Allow the LSM permission hook to distinguish append 14271da177e4SLinus Torvalds access from general write access. */ 14281da177e4SLinus Torvalds if (flag & O_APPEND) 14291da177e4SLinus Torvalds acc_mode |= MAY_APPEND; 14301da177e4SLinus Torvalds 14311da177e4SLinus Torvalds /* Fill in the open() intent data */ 14321da177e4SLinus Torvalds nd->intent.open.flags = flag; 14331da177e4SLinus Torvalds nd->intent.open.create_mode = mode; 14341da177e4SLinus Torvalds 14351da177e4SLinus Torvalds /* 14361da177e4SLinus Torvalds * The simplest case - just a plain lookup. 14371da177e4SLinus Torvalds */ 14381da177e4SLinus Torvalds if (!(flag & O_CREAT)) { 14391da177e4SLinus Torvalds error = path_lookup(pathname, lookup_flags(flag)|LOOKUP_OPEN, nd); 14401da177e4SLinus Torvalds if (error) 14411da177e4SLinus Torvalds return error; 14421da177e4SLinus Torvalds goto ok; 14431da177e4SLinus Torvalds } 14441da177e4SLinus Torvalds 14451da177e4SLinus Torvalds /* 14461da177e4SLinus Torvalds * Create - we need to know the parent. 14471da177e4SLinus Torvalds */ 14481da177e4SLinus Torvalds error = path_lookup(pathname, LOOKUP_PARENT|LOOKUP_OPEN|LOOKUP_CREATE, nd); 14491da177e4SLinus Torvalds if (error) 14501da177e4SLinus Torvalds return error; 14511da177e4SLinus Torvalds 14521da177e4SLinus Torvalds /* 14531da177e4SLinus Torvalds * We have the parent and last component. First of all, check 14541da177e4SLinus Torvalds * that we are not asked to creat(2) an obvious directory - that 14551da177e4SLinus Torvalds * will not do. 14561da177e4SLinus Torvalds */ 14571da177e4SLinus Torvalds error = -EISDIR; 14581da177e4SLinus Torvalds if (nd->last_type != LAST_NORM || nd->last.name[nd->last.len]) 14591da177e4SLinus Torvalds goto exit; 14601da177e4SLinus Torvalds 14611da177e4SLinus Torvalds dir = nd->dentry; 14621da177e4SLinus Torvalds nd->flags &= ~LOOKUP_PARENT; 14631da177e4SLinus Torvalds down(&dir->d_inode->i_sem); 14644e7506e4SAl Viro path.dentry = __lookup_hash(&nd->last, nd->dentry, nd); 1465d73ffe16SAl Viro path.mnt = nd->mnt; 14661da177e4SLinus Torvalds 14671da177e4SLinus Torvalds do_last: 14684e7506e4SAl Viro error = PTR_ERR(path.dentry); 14694e7506e4SAl Viro if (IS_ERR(path.dentry)) { 14701da177e4SLinus Torvalds up(&dir->d_inode->i_sem); 14711da177e4SLinus Torvalds goto exit; 14721da177e4SLinus Torvalds } 14731da177e4SLinus Torvalds 14741da177e4SLinus Torvalds /* Negative dentry, just create the file */ 14754e7506e4SAl Viro if (!path.dentry->d_inode) { 14761da177e4SLinus Torvalds if (!IS_POSIXACL(dir->d_inode)) 14771da177e4SLinus Torvalds mode &= ~current->fs->umask; 14784e7506e4SAl Viro error = vfs_create(dir->d_inode, path.dentry, mode, nd); 14791da177e4SLinus Torvalds up(&dir->d_inode->i_sem); 14801da177e4SLinus Torvalds dput(nd->dentry); 14814e7506e4SAl Viro nd->dentry = path.dentry; 14821da177e4SLinus Torvalds if (error) 14831da177e4SLinus Torvalds goto exit; 14841da177e4SLinus Torvalds /* Don't check for write permission, don't truncate */ 14851da177e4SLinus Torvalds acc_mode = 0; 14861da177e4SLinus Torvalds flag &= ~O_TRUNC; 14871da177e4SLinus Torvalds goto ok; 14881da177e4SLinus Torvalds } 14891da177e4SLinus Torvalds 14901da177e4SLinus Torvalds /* 14911da177e4SLinus Torvalds * It already exists. 14921da177e4SLinus Torvalds */ 14931da177e4SLinus Torvalds up(&dir->d_inode->i_sem); 14941da177e4SLinus Torvalds 14951da177e4SLinus Torvalds error = -EEXIST; 14961da177e4SLinus Torvalds if (flag & O_EXCL) 14971da177e4SLinus Torvalds goto exit_dput; 14981da177e4SLinus Torvalds 1499e13b210fSAl Viro if (__follow_mount(&path)) { 15001da177e4SLinus Torvalds error = -ELOOP; 1501ba7a4c1aSAl Viro if (flag & O_NOFOLLOW) 1502ba7a4c1aSAl Viro goto exit_dput; 15031da177e4SLinus Torvalds } 15041da177e4SLinus Torvalds error = -ENOENT; 15054e7506e4SAl Viro if (!path.dentry->d_inode) 15061da177e4SLinus Torvalds goto exit_dput; 15074e7506e4SAl Viro if (path.dentry->d_inode->i_op && path.dentry->d_inode->i_op->follow_link) 15081da177e4SLinus Torvalds goto do_link; 15091da177e4SLinus Torvalds 151009dd17d3SMiklos Szeredi path_to_nameidata(&path, nd); 15111da177e4SLinus Torvalds error = -EISDIR; 15124e7506e4SAl Viro if (path.dentry->d_inode && S_ISDIR(path.dentry->d_inode->i_mode)) 15131da177e4SLinus Torvalds goto exit; 15141da177e4SLinus Torvalds ok: 15151da177e4SLinus Torvalds error = may_open(nd, acc_mode, flag); 15161da177e4SLinus Torvalds if (error) 15171da177e4SLinus Torvalds goto exit; 15181da177e4SLinus Torvalds return 0; 15191da177e4SLinus Torvalds 15201da177e4SLinus Torvalds exit_dput: 152109dd17d3SMiklos Szeredi dput_path(&path, nd); 15221da177e4SLinus Torvalds exit: 15231da177e4SLinus Torvalds path_release(nd); 15241da177e4SLinus Torvalds return error; 15251da177e4SLinus Torvalds 15261da177e4SLinus Torvalds do_link: 15271da177e4SLinus Torvalds error = -ELOOP; 15281da177e4SLinus Torvalds if (flag & O_NOFOLLOW) 15291da177e4SLinus Torvalds goto exit_dput; 15301da177e4SLinus Torvalds /* 15311da177e4SLinus Torvalds * This is subtle. Instead of calling do_follow_link() we do the 15321da177e4SLinus Torvalds * thing by hands. The reason is that this way we have zero link_count 15331da177e4SLinus Torvalds * and path_walk() (called from ->follow_link) honoring LOOKUP_PARENT. 15341da177e4SLinus Torvalds * After that we have the parent and last component, i.e. 15351da177e4SLinus Torvalds * we are in the same situation as after the first path_walk(). 15361da177e4SLinus Torvalds * Well, almost - if the last component is normal we get its copy 15371da177e4SLinus Torvalds * stored in nd->last.name and we will have to putname() it when we 15381da177e4SLinus Torvalds * are done. Procfs-like symlinks just set LAST_BIND. 15391da177e4SLinus Torvalds */ 15401da177e4SLinus Torvalds nd->flags |= LOOKUP_PARENT; 15414e7506e4SAl Viro error = security_inode_follow_link(path.dentry, nd); 15421da177e4SLinus Torvalds if (error) 15431da177e4SLinus Torvalds goto exit_dput; 1544cd4e91d3SAl Viro error = __do_follow_link(&path, nd); 15451da177e4SLinus Torvalds if (error) 15461da177e4SLinus Torvalds return error; 15471da177e4SLinus Torvalds nd->flags &= ~LOOKUP_PARENT; 1548d671d5e5SAl Viro if (nd->last_type == LAST_BIND) 15491da177e4SLinus Torvalds goto ok; 15501da177e4SLinus Torvalds error = -EISDIR; 15511da177e4SLinus Torvalds if (nd->last_type != LAST_NORM) 15521da177e4SLinus Torvalds goto exit; 15531da177e4SLinus Torvalds if (nd->last.name[nd->last.len]) { 15541da177e4SLinus Torvalds putname(nd->last.name); 15551da177e4SLinus Torvalds goto exit; 15561da177e4SLinus Torvalds } 15571da177e4SLinus Torvalds error = -ELOOP; 15581da177e4SLinus Torvalds if (count++==32) { 15591da177e4SLinus Torvalds putname(nd->last.name); 15601da177e4SLinus Torvalds goto exit; 15611da177e4SLinus Torvalds } 15621da177e4SLinus Torvalds dir = nd->dentry; 15631da177e4SLinus Torvalds down(&dir->d_inode->i_sem); 15644e7506e4SAl Viro path.dentry = __lookup_hash(&nd->last, nd->dentry, nd); 1565d671d5e5SAl Viro path.mnt = nd->mnt; 15661da177e4SLinus Torvalds putname(nd->last.name); 15671da177e4SLinus Torvalds goto do_last; 15681da177e4SLinus Torvalds } 15691da177e4SLinus Torvalds 15701da177e4SLinus Torvalds /** 15711da177e4SLinus Torvalds * lookup_create - lookup a dentry, creating it if it doesn't exist 15721da177e4SLinus Torvalds * @nd: nameidata info 15731da177e4SLinus Torvalds * @is_dir: directory flag 15741da177e4SLinus Torvalds * 15751da177e4SLinus Torvalds * Simple function to lookup and return a dentry and create it 15761da177e4SLinus Torvalds * if it doesn't exist. Is SMP-safe. 1577c663e5d8SChristoph Hellwig * 1578c663e5d8SChristoph Hellwig * Returns with nd->dentry->d_inode->i_sem locked. 15791da177e4SLinus Torvalds */ 15801da177e4SLinus Torvalds struct dentry *lookup_create(struct nameidata *nd, int is_dir) 15811da177e4SLinus Torvalds { 1582c663e5d8SChristoph Hellwig struct dentry *dentry = ERR_PTR(-EEXIST); 15831da177e4SLinus Torvalds 15841da177e4SLinus Torvalds down(&nd->dentry->d_inode->i_sem); 1585c663e5d8SChristoph Hellwig /* 1586c663e5d8SChristoph Hellwig * Yucky last component or no last component at all? 1587c663e5d8SChristoph Hellwig * (foo/., foo/.., /////) 1588c663e5d8SChristoph Hellwig */ 15891da177e4SLinus Torvalds if (nd->last_type != LAST_NORM) 15901da177e4SLinus Torvalds goto fail; 15911da177e4SLinus Torvalds nd->flags &= ~LOOKUP_PARENT; 1592c663e5d8SChristoph Hellwig 1593c663e5d8SChristoph Hellwig /* 1594c663e5d8SChristoph Hellwig * Do the final lookup. 1595c663e5d8SChristoph Hellwig */ 15961da177e4SLinus Torvalds dentry = lookup_hash(&nd->last, nd->dentry); 15971da177e4SLinus Torvalds if (IS_ERR(dentry)) 15981da177e4SLinus Torvalds goto fail; 1599c663e5d8SChristoph Hellwig 1600c663e5d8SChristoph Hellwig /* 1601c663e5d8SChristoph Hellwig * Special case - lookup gave negative, but... we had foo/bar/ 1602c663e5d8SChristoph Hellwig * From the vfs_mknod() POV we just have a negative dentry - 1603c663e5d8SChristoph Hellwig * all is fine. Let's be bastards - you had / on the end, you've 1604c663e5d8SChristoph Hellwig * been asking for (non-existent) directory. -ENOENT for you. 1605c663e5d8SChristoph Hellwig */ 16061da177e4SLinus Torvalds if (!is_dir && nd->last.name[nd->last.len] && !dentry->d_inode) 16071da177e4SLinus Torvalds goto enoent; 16081da177e4SLinus Torvalds return dentry; 16091da177e4SLinus Torvalds enoent: 16101da177e4SLinus Torvalds dput(dentry); 16111da177e4SLinus Torvalds dentry = ERR_PTR(-ENOENT); 16121da177e4SLinus Torvalds fail: 16131da177e4SLinus Torvalds return dentry; 16141da177e4SLinus Torvalds } 1615f81a0bffSChristoph Hellwig EXPORT_SYMBOL_GPL(lookup_create); 16161da177e4SLinus Torvalds 16171da177e4SLinus Torvalds int vfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev) 16181da177e4SLinus Torvalds { 16191da177e4SLinus Torvalds int error = may_create(dir, dentry, NULL); 16201da177e4SLinus Torvalds 16211da177e4SLinus Torvalds if (error) 16221da177e4SLinus Torvalds return error; 16231da177e4SLinus Torvalds 16241da177e4SLinus Torvalds if ((S_ISCHR(mode) || S_ISBLK(mode)) && !capable(CAP_MKNOD)) 16251da177e4SLinus Torvalds return -EPERM; 16261da177e4SLinus Torvalds 16271da177e4SLinus Torvalds if (!dir->i_op || !dir->i_op->mknod) 16281da177e4SLinus Torvalds return -EPERM; 16291da177e4SLinus Torvalds 16301da177e4SLinus Torvalds error = security_inode_mknod(dir, dentry, mode, dev); 16311da177e4SLinus Torvalds if (error) 16321da177e4SLinus Torvalds return error; 16331da177e4SLinus Torvalds 16341da177e4SLinus Torvalds DQUOT_INIT(dir); 16351da177e4SLinus Torvalds error = dir->i_op->mknod(dir, dentry, mode, dev); 1636a74574aaSStephen Smalley if (!error) 16370eeca283SRobert Love fsnotify_create(dir, dentry->d_name.name); 16381da177e4SLinus Torvalds return error; 16391da177e4SLinus Torvalds } 16401da177e4SLinus Torvalds 16411da177e4SLinus Torvalds asmlinkage long sys_mknod(const char __user * filename, int mode, unsigned dev) 16421da177e4SLinus Torvalds { 16431da177e4SLinus Torvalds int error = 0; 16441da177e4SLinus Torvalds char * tmp; 16451da177e4SLinus Torvalds struct dentry * dentry; 16461da177e4SLinus Torvalds struct nameidata nd; 16471da177e4SLinus Torvalds 16481da177e4SLinus Torvalds if (S_ISDIR(mode)) 16491da177e4SLinus Torvalds return -EPERM; 16501da177e4SLinus Torvalds tmp = getname(filename); 16511da177e4SLinus Torvalds if (IS_ERR(tmp)) 16521da177e4SLinus Torvalds return PTR_ERR(tmp); 16531da177e4SLinus Torvalds 16541da177e4SLinus Torvalds error = path_lookup(tmp, LOOKUP_PARENT, &nd); 16551da177e4SLinus Torvalds if (error) 16561da177e4SLinus Torvalds goto out; 16571da177e4SLinus Torvalds dentry = lookup_create(&nd, 0); 16581da177e4SLinus Torvalds error = PTR_ERR(dentry); 16591da177e4SLinus Torvalds 16601da177e4SLinus Torvalds if (!IS_POSIXACL(nd.dentry->d_inode)) 16611da177e4SLinus Torvalds mode &= ~current->fs->umask; 16621da177e4SLinus Torvalds if (!IS_ERR(dentry)) { 16631da177e4SLinus Torvalds switch (mode & S_IFMT) { 16641da177e4SLinus Torvalds case 0: case S_IFREG: 16651da177e4SLinus Torvalds error = vfs_create(nd.dentry->d_inode,dentry,mode,&nd); 16661da177e4SLinus Torvalds break; 16671da177e4SLinus Torvalds case S_IFCHR: case S_IFBLK: 16681da177e4SLinus Torvalds error = vfs_mknod(nd.dentry->d_inode,dentry,mode, 16691da177e4SLinus Torvalds new_decode_dev(dev)); 16701da177e4SLinus Torvalds break; 16711da177e4SLinus Torvalds case S_IFIFO: case S_IFSOCK: 16721da177e4SLinus Torvalds error = vfs_mknod(nd.dentry->d_inode,dentry,mode,0); 16731da177e4SLinus Torvalds break; 16741da177e4SLinus Torvalds case S_IFDIR: 16751da177e4SLinus Torvalds error = -EPERM; 16761da177e4SLinus Torvalds break; 16771da177e4SLinus Torvalds default: 16781da177e4SLinus Torvalds error = -EINVAL; 16791da177e4SLinus Torvalds } 16801da177e4SLinus Torvalds dput(dentry); 16811da177e4SLinus Torvalds } 16821da177e4SLinus Torvalds up(&nd.dentry->d_inode->i_sem); 16831da177e4SLinus Torvalds path_release(&nd); 16841da177e4SLinus Torvalds out: 16851da177e4SLinus Torvalds putname(tmp); 16861da177e4SLinus Torvalds 16871da177e4SLinus Torvalds return error; 16881da177e4SLinus Torvalds } 16891da177e4SLinus Torvalds 16901da177e4SLinus Torvalds int vfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) 16911da177e4SLinus Torvalds { 16921da177e4SLinus Torvalds int error = may_create(dir, dentry, NULL); 16931da177e4SLinus Torvalds 16941da177e4SLinus Torvalds if (error) 16951da177e4SLinus Torvalds return error; 16961da177e4SLinus Torvalds 16971da177e4SLinus Torvalds if (!dir->i_op || !dir->i_op->mkdir) 16981da177e4SLinus Torvalds return -EPERM; 16991da177e4SLinus Torvalds 17001da177e4SLinus Torvalds mode &= (S_IRWXUGO|S_ISVTX); 17011da177e4SLinus Torvalds error = security_inode_mkdir(dir, dentry, mode); 17021da177e4SLinus Torvalds if (error) 17031da177e4SLinus Torvalds return error; 17041da177e4SLinus Torvalds 17051da177e4SLinus Torvalds DQUOT_INIT(dir); 17061da177e4SLinus Torvalds error = dir->i_op->mkdir(dir, dentry, mode); 1707a74574aaSStephen Smalley if (!error) 17080eeca283SRobert Love fsnotify_mkdir(dir, dentry->d_name.name); 17091da177e4SLinus Torvalds return error; 17101da177e4SLinus Torvalds } 17111da177e4SLinus Torvalds 17121da177e4SLinus Torvalds asmlinkage long sys_mkdir(const char __user * pathname, int mode) 17131da177e4SLinus Torvalds { 17141da177e4SLinus Torvalds int error = 0; 17151da177e4SLinus Torvalds char * tmp; 17161da177e4SLinus Torvalds 17171da177e4SLinus Torvalds tmp = getname(pathname); 17181da177e4SLinus Torvalds error = PTR_ERR(tmp); 17191da177e4SLinus Torvalds if (!IS_ERR(tmp)) { 17201da177e4SLinus Torvalds struct dentry *dentry; 17211da177e4SLinus Torvalds struct nameidata nd; 17221da177e4SLinus Torvalds 17231da177e4SLinus Torvalds error = path_lookup(tmp, LOOKUP_PARENT, &nd); 17241da177e4SLinus Torvalds if (error) 17251da177e4SLinus Torvalds goto out; 17261da177e4SLinus Torvalds dentry = lookup_create(&nd, 1); 17271da177e4SLinus Torvalds error = PTR_ERR(dentry); 17281da177e4SLinus Torvalds if (!IS_ERR(dentry)) { 17291da177e4SLinus Torvalds if (!IS_POSIXACL(nd.dentry->d_inode)) 17301da177e4SLinus Torvalds mode &= ~current->fs->umask; 17311da177e4SLinus Torvalds error = vfs_mkdir(nd.dentry->d_inode, dentry, mode); 17321da177e4SLinus Torvalds dput(dentry); 17331da177e4SLinus Torvalds } 17341da177e4SLinus Torvalds up(&nd.dentry->d_inode->i_sem); 17351da177e4SLinus Torvalds path_release(&nd); 17361da177e4SLinus Torvalds out: 17371da177e4SLinus Torvalds putname(tmp); 17381da177e4SLinus Torvalds } 17391da177e4SLinus Torvalds 17401da177e4SLinus Torvalds return error; 17411da177e4SLinus Torvalds } 17421da177e4SLinus Torvalds 17431da177e4SLinus Torvalds /* 17441da177e4SLinus Torvalds * We try to drop the dentry early: we should have 17451da177e4SLinus Torvalds * a usage count of 2 if we're the only user of this 17461da177e4SLinus Torvalds * dentry, and if that is true (possibly after pruning 17471da177e4SLinus Torvalds * the dcache), then we drop the dentry now. 17481da177e4SLinus Torvalds * 17491da177e4SLinus Torvalds * A low-level filesystem can, if it choses, legally 17501da177e4SLinus Torvalds * do a 17511da177e4SLinus Torvalds * 17521da177e4SLinus Torvalds * if (!d_unhashed(dentry)) 17531da177e4SLinus Torvalds * return -EBUSY; 17541da177e4SLinus Torvalds * 17551da177e4SLinus Torvalds * if it cannot handle the case of removing a directory 17561da177e4SLinus Torvalds * that is still in use by something else.. 17571da177e4SLinus Torvalds */ 17581da177e4SLinus Torvalds void dentry_unhash(struct dentry *dentry) 17591da177e4SLinus Torvalds { 17601da177e4SLinus Torvalds dget(dentry); 17611da177e4SLinus Torvalds if (atomic_read(&dentry->d_count)) 17621da177e4SLinus Torvalds shrink_dcache_parent(dentry); 17631da177e4SLinus Torvalds spin_lock(&dcache_lock); 17641da177e4SLinus Torvalds spin_lock(&dentry->d_lock); 17651da177e4SLinus Torvalds if (atomic_read(&dentry->d_count) == 2) 17661da177e4SLinus Torvalds __d_drop(dentry); 17671da177e4SLinus Torvalds spin_unlock(&dentry->d_lock); 17681da177e4SLinus Torvalds spin_unlock(&dcache_lock); 17691da177e4SLinus Torvalds } 17701da177e4SLinus Torvalds 17711da177e4SLinus Torvalds int vfs_rmdir(struct inode *dir, struct dentry *dentry) 17721da177e4SLinus Torvalds { 17731da177e4SLinus Torvalds int error = may_delete(dir, dentry, 1); 17741da177e4SLinus Torvalds 17751da177e4SLinus Torvalds if (error) 17761da177e4SLinus Torvalds return error; 17771da177e4SLinus Torvalds 17781da177e4SLinus Torvalds if (!dir->i_op || !dir->i_op->rmdir) 17791da177e4SLinus Torvalds return -EPERM; 17801da177e4SLinus Torvalds 17811da177e4SLinus Torvalds DQUOT_INIT(dir); 17821da177e4SLinus Torvalds 17831da177e4SLinus Torvalds down(&dentry->d_inode->i_sem); 17841da177e4SLinus Torvalds dentry_unhash(dentry); 17851da177e4SLinus Torvalds if (d_mountpoint(dentry)) 17861da177e4SLinus Torvalds error = -EBUSY; 17871da177e4SLinus Torvalds else { 17881da177e4SLinus Torvalds error = security_inode_rmdir(dir, dentry); 17891da177e4SLinus Torvalds if (!error) { 17901da177e4SLinus Torvalds error = dir->i_op->rmdir(dir, dentry); 17911da177e4SLinus Torvalds if (!error) 17921da177e4SLinus Torvalds dentry->d_inode->i_flags |= S_DEAD; 17931da177e4SLinus Torvalds } 17941da177e4SLinus Torvalds } 17951da177e4SLinus Torvalds up(&dentry->d_inode->i_sem); 17961da177e4SLinus Torvalds if (!error) { 17971da177e4SLinus Torvalds d_delete(dentry); 17981da177e4SLinus Torvalds } 17991da177e4SLinus Torvalds dput(dentry); 18001da177e4SLinus Torvalds 18011da177e4SLinus Torvalds return error; 18021da177e4SLinus Torvalds } 18031da177e4SLinus Torvalds 18041da177e4SLinus Torvalds asmlinkage long sys_rmdir(const char __user * pathname) 18051da177e4SLinus Torvalds { 18061da177e4SLinus Torvalds int error = 0; 18071da177e4SLinus Torvalds char * name; 18081da177e4SLinus Torvalds struct dentry *dentry; 18091da177e4SLinus Torvalds struct nameidata nd; 18101da177e4SLinus Torvalds 18111da177e4SLinus Torvalds name = getname(pathname); 18121da177e4SLinus Torvalds if(IS_ERR(name)) 18131da177e4SLinus Torvalds return PTR_ERR(name); 18141da177e4SLinus Torvalds 18151da177e4SLinus Torvalds error = path_lookup(name, LOOKUP_PARENT, &nd); 18161da177e4SLinus Torvalds if (error) 18171da177e4SLinus Torvalds goto exit; 18181da177e4SLinus Torvalds 18191da177e4SLinus Torvalds switch(nd.last_type) { 18201da177e4SLinus Torvalds case LAST_DOTDOT: 18211da177e4SLinus Torvalds error = -ENOTEMPTY; 18221da177e4SLinus Torvalds goto exit1; 18231da177e4SLinus Torvalds case LAST_DOT: 18241da177e4SLinus Torvalds error = -EINVAL; 18251da177e4SLinus Torvalds goto exit1; 18261da177e4SLinus Torvalds case LAST_ROOT: 18271da177e4SLinus Torvalds error = -EBUSY; 18281da177e4SLinus Torvalds goto exit1; 18291da177e4SLinus Torvalds } 18301da177e4SLinus Torvalds down(&nd.dentry->d_inode->i_sem); 18311da177e4SLinus Torvalds dentry = lookup_hash(&nd.last, nd.dentry); 18321da177e4SLinus Torvalds error = PTR_ERR(dentry); 18331da177e4SLinus Torvalds if (!IS_ERR(dentry)) { 18341da177e4SLinus Torvalds error = vfs_rmdir(nd.dentry->d_inode, dentry); 18351da177e4SLinus Torvalds dput(dentry); 18361da177e4SLinus Torvalds } 18371da177e4SLinus Torvalds up(&nd.dentry->d_inode->i_sem); 18381da177e4SLinus Torvalds exit1: 18391da177e4SLinus Torvalds path_release(&nd); 18401da177e4SLinus Torvalds exit: 18411da177e4SLinus Torvalds putname(name); 18421da177e4SLinus Torvalds return error; 18431da177e4SLinus Torvalds } 18441da177e4SLinus Torvalds 18451da177e4SLinus Torvalds int vfs_unlink(struct inode *dir, struct dentry *dentry) 18461da177e4SLinus Torvalds { 18471da177e4SLinus Torvalds int error = may_delete(dir, dentry, 0); 18481da177e4SLinus Torvalds 18491da177e4SLinus Torvalds if (error) 18501da177e4SLinus Torvalds return error; 18511da177e4SLinus Torvalds 18521da177e4SLinus Torvalds if (!dir->i_op || !dir->i_op->unlink) 18531da177e4SLinus Torvalds return -EPERM; 18541da177e4SLinus Torvalds 18551da177e4SLinus Torvalds DQUOT_INIT(dir); 18561da177e4SLinus Torvalds 18571da177e4SLinus Torvalds down(&dentry->d_inode->i_sem); 18581da177e4SLinus Torvalds if (d_mountpoint(dentry)) 18591da177e4SLinus Torvalds error = -EBUSY; 18601da177e4SLinus Torvalds else { 18611da177e4SLinus Torvalds error = security_inode_unlink(dir, dentry); 18621da177e4SLinus Torvalds if (!error) 18631da177e4SLinus Torvalds error = dir->i_op->unlink(dir, dentry); 18641da177e4SLinus Torvalds } 18651da177e4SLinus Torvalds up(&dentry->d_inode->i_sem); 18661da177e4SLinus Torvalds 18671da177e4SLinus Torvalds /* We don't d_delete() NFS sillyrenamed files--they still exist. */ 18681da177e4SLinus Torvalds if (!error && !(dentry->d_flags & DCACHE_NFSFS_RENAMED)) { 18691da177e4SLinus Torvalds d_delete(dentry); 18701da177e4SLinus Torvalds } 18710eeca283SRobert Love 18721da177e4SLinus Torvalds return error; 18731da177e4SLinus Torvalds } 18741da177e4SLinus Torvalds 18751da177e4SLinus Torvalds /* 18761da177e4SLinus Torvalds * Make sure that the actual truncation of the file will occur outside its 18771da177e4SLinus Torvalds * directory's i_sem. Truncate can take a long time if there is a lot of 18781da177e4SLinus Torvalds * writeout happening, and we don't want to prevent access to the directory 18791da177e4SLinus Torvalds * while waiting on the I/O. 18801da177e4SLinus Torvalds */ 18811da177e4SLinus Torvalds asmlinkage long sys_unlink(const char __user * pathname) 18821da177e4SLinus Torvalds { 18831da177e4SLinus Torvalds int error = 0; 18841da177e4SLinus Torvalds char * name; 18851da177e4SLinus Torvalds struct dentry *dentry; 18861da177e4SLinus Torvalds struct nameidata nd; 18871da177e4SLinus Torvalds struct inode *inode = NULL; 18881da177e4SLinus Torvalds 18891da177e4SLinus Torvalds name = getname(pathname); 18901da177e4SLinus Torvalds if(IS_ERR(name)) 18911da177e4SLinus Torvalds return PTR_ERR(name); 18921da177e4SLinus Torvalds 18931da177e4SLinus Torvalds error = path_lookup(name, LOOKUP_PARENT, &nd); 18941da177e4SLinus Torvalds if (error) 18951da177e4SLinus Torvalds goto exit; 18961da177e4SLinus Torvalds error = -EISDIR; 18971da177e4SLinus Torvalds if (nd.last_type != LAST_NORM) 18981da177e4SLinus Torvalds goto exit1; 18991da177e4SLinus Torvalds down(&nd.dentry->d_inode->i_sem); 19001da177e4SLinus Torvalds dentry = lookup_hash(&nd.last, nd.dentry); 19011da177e4SLinus Torvalds error = PTR_ERR(dentry); 19021da177e4SLinus Torvalds if (!IS_ERR(dentry)) { 19031da177e4SLinus Torvalds /* Why not before? Because we want correct error value */ 19041da177e4SLinus Torvalds if (nd.last.name[nd.last.len]) 19051da177e4SLinus Torvalds goto slashes; 19061da177e4SLinus Torvalds inode = dentry->d_inode; 19071da177e4SLinus Torvalds if (inode) 19081da177e4SLinus Torvalds atomic_inc(&inode->i_count); 19091da177e4SLinus Torvalds error = vfs_unlink(nd.dentry->d_inode, dentry); 19101da177e4SLinus Torvalds exit2: 19111da177e4SLinus Torvalds dput(dentry); 19121da177e4SLinus Torvalds } 19131da177e4SLinus Torvalds up(&nd.dentry->d_inode->i_sem); 19141da177e4SLinus Torvalds if (inode) 19151da177e4SLinus Torvalds iput(inode); /* truncate the inode here */ 19161da177e4SLinus Torvalds exit1: 19171da177e4SLinus Torvalds path_release(&nd); 19181da177e4SLinus Torvalds exit: 19191da177e4SLinus Torvalds putname(name); 19201da177e4SLinus Torvalds return error; 19211da177e4SLinus Torvalds 19221da177e4SLinus Torvalds slashes: 19231da177e4SLinus Torvalds error = !dentry->d_inode ? -ENOENT : 19241da177e4SLinus Torvalds S_ISDIR(dentry->d_inode->i_mode) ? -EISDIR : -ENOTDIR; 19251da177e4SLinus Torvalds goto exit2; 19261da177e4SLinus Torvalds } 19271da177e4SLinus Torvalds 19281da177e4SLinus Torvalds int vfs_symlink(struct inode *dir, struct dentry *dentry, const char *oldname, int mode) 19291da177e4SLinus Torvalds { 19301da177e4SLinus Torvalds int error = may_create(dir, dentry, NULL); 19311da177e4SLinus Torvalds 19321da177e4SLinus Torvalds if (error) 19331da177e4SLinus Torvalds return error; 19341da177e4SLinus Torvalds 19351da177e4SLinus Torvalds if (!dir->i_op || !dir->i_op->symlink) 19361da177e4SLinus Torvalds return -EPERM; 19371da177e4SLinus Torvalds 19381da177e4SLinus Torvalds error = security_inode_symlink(dir, dentry, oldname); 19391da177e4SLinus Torvalds if (error) 19401da177e4SLinus Torvalds return error; 19411da177e4SLinus Torvalds 19421da177e4SLinus Torvalds DQUOT_INIT(dir); 19431da177e4SLinus Torvalds error = dir->i_op->symlink(dir, dentry, oldname); 1944a74574aaSStephen Smalley if (!error) 19450eeca283SRobert Love fsnotify_create(dir, dentry->d_name.name); 19461da177e4SLinus Torvalds return error; 19471da177e4SLinus Torvalds } 19481da177e4SLinus Torvalds 19491da177e4SLinus Torvalds asmlinkage long sys_symlink(const char __user * oldname, const char __user * newname) 19501da177e4SLinus Torvalds { 19511da177e4SLinus Torvalds int error = 0; 19521da177e4SLinus Torvalds char * from; 19531da177e4SLinus Torvalds char * to; 19541da177e4SLinus Torvalds 19551da177e4SLinus Torvalds from = getname(oldname); 19561da177e4SLinus Torvalds if(IS_ERR(from)) 19571da177e4SLinus Torvalds return PTR_ERR(from); 19581da177e4SLinus Torvalds to = getname(newname); 19591da177e4SLinus Torvalds error = PTR_ERR(to); 19601da177e4SLinus Torvalds if (!IS_ERR(to)) { 19611da177e4SLinus Torvalds struct dentry *dentry; 19621da177e4SLinus Torvalds struct nameidata nd; 19631da177e4SLinus Torvalds 19641da177e4SLinus Torvalds error = path_lookup(to, LOOKUP_PARENT, &nd); 19651da177e4SLinus Torvalds if (error) 19661da177e4SLinus Torvalds goto out; 19671da177e4SLinus Torvalds dentry = lookup_create(&nd, 0); 19681da177e4SLinus Torvalds error = PTR_ERR(dentry); 19691da177e4SLinus Torvalds if (!IS_ERR(dentry)) { 19701da177e4SLinus Torvalds error = vfs_symlink(nd.dentry->d_inode, dentry, from, S_IALLUGO); 19711da177e4SLinus Torvalds dput(dentry); 19721da177e4SLinus Torvalds } 19731da177e4SLinus Torvalds up(&nd.dentry->d_inode->i_sem); 19741da177e4SLinus Torvalds path_release(&nd); 19751da177e4SLinus Torvalds out: 19761da177e4SLinus Torvalds putname(to); 19771da177e4SLinus Torvalds } 19781da177e4SLinus Torvalds putname(from); 19791da177e4SLinus Torvalds return error; 19801da177e4SLinus Torvalds } 19811da177e4SLinus Torvalds 19821da177e4SLinus Torvalds int vfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_dentry) 19831da177e4SLinus Torvalds { 19841da177e4SLinus Torvalds struct inode *inode = old_dentry->d_inode; 19851da177e4SLinus Torvalds int error; 19861da177e4SLinus Torvalds 19871da177e4SLinus Torvalds if (!inode) 19881da177e4SLinus Torvalds return -ENOENT; 19891da177e4SLinus Torvalds 19901da177e4SLinus Torvalds error = may_create(dir, new_dentry, NULL); 19911da177e4SLinus Torvalds if (error) 19921da177e4SLinus Torvalds return error; 19931da177e4SLinus Torvalds 19941da177e4SLinus Torvalds if (dir->i_sb != inode->i_sb) 19951da177e4SLinus Torvalds return -EXDEV; 19961da177e4SLinus Torvalds 19971da177e4SLinus Torvalds /* 19981da177e4SLinus Torvalds * A link to an append-only or immutable file cannot be created. 19991da177e4SLinus Torvalds */ 20001da177e4SLinus Torvalds if (IS_APPEND(inode) || IS_IMMUTABLE(inode)) 20011da177e4SLinus Torvalds return -EPERM; 20021da177e4SLinus Torvalds if (!dir->i_op || !dir->i_op->link) 20031da177e4SLinus Torvalds return -EPERM; 20041da177e4SLinus Torvalds if (S_ISDIR(old_dentry->d_inode->i_mode)) 20051da177e4SLinus Torvalds return -EPERM; 20061da177e4SLinus Torvalds 20071da177e4SLinus Torvalds error = security_inode_link(old_dentry, dir, new_dentry); 20081da177e4SLinus Torvalds if (error) 20091da177e4SLinus Torvalds return error; 20101da177e4SLinus Torvalds 20111da177e4SLinus Torvalds down(&old_dentry->d_inode->i_sem); 20121da177e4SLinus Torvalds DQUOT_INIT(dir); 20131da177e4SLinus Torvalds error = dir->i_op->link(old_dentry, dir, new_dentry); 20141da177e4SLinus Torvalds up(&old_dentry->d_inode->i_sem); 20151da177e4SLinus Torvalds if (!error) { 20160eeca283SRobert Love fsnotify_create(dir, new_dentry->d_name.name); 20171da177e4SLinus Torvalds security_inode_post_link(old_dentry, dir, new_dentry); 20181da177e4SLinus Torvalds } 20191da177e4SLinus Torvalds return error; 20201da177e4SLinus Torvalds } 20211da177e4SLinus Torvalds 20221da177e4SLinus Torvalds /* 20231da177e4SLinus Torvalds * Hardlinks are often used in delicate situations. We avoid 20241da177e4SLinus Torvalds * security-related surprises by not following symlinks on the 20251da177e4SLinus Torvalds * newname. --KAB 20261da177e4SLinus Torvalds * 20271da177e4SLinus Torvalds * We don't follow them on the oldname either to be compatible 20281da177e4SLinus Torvalds * with linux 2.0, and to avoid hard-linking to directories 20291da177e4SLinus Torvalds * and other special files. --ADM 20301da177e4SLinus Torvalds */ 20311da177e4SLinus Torvalds asmlinkage long sys_link(const char __user * oldname, const char __user * newname) 20321da177e4SLinus Torvalds { 20331da177e4SLinus Torvalds struct dentry *new_dentry; 20341da177e4SLinus Torvalds struct nameidata nd, old_nd; 20351da177e4SLinus Torvalds int error; 20361da177e4SLinus Torvalds char * to; 20371da177e4SLinus Torvalds 20381da177e4SLinus Torvalds to = getname(newname); 20391da177e4SLinus Torvalds if (IS_ERR(to)) 20401da177e4SLinus Torvalds return PTR_ERR(to); 20411da177e4SLinus Torvalds 20421da177e4SLinus Torvalds error = __user_walk(oldname, 0, &old_nd); 20431da177e4SLinus Torvalds if (error) 20441da177e4SLinus Torvalds goto exit; 20451da177e4SLinus Torvalds error = path_lookup(to, LOOKUP_PARENT, &nd); 20461da177e4SLinus Torvalds if (error) 20471da177e4SLinus Torvalds goto out; 20481da177e4SLinus Torvalds error = -EXDEV; 20491da177e4SLinus Torvalds if (old_nd.mnt != nd.mnt) 20501da177e4SLinus Torvalds goto out_release; 20511da177e4SLinus Torvalds new_dentry = lookup_create(&nd, 0); 20521da177e4SLinus Torvalds error = PTR_ERR(new_dentry); 20531da177e4SLinus Torvalds if (!IS_ERR(new_dentry)) { 20541da177e4SLinus Torvalds error = vfs_link(old_nd.dentry, nd.dentry->d_inode, new_dentry); 20551da177e4SLinus Torvalds dput(new_dentry); 20561da177e4SLinus Torvalds } 20571da177e4SLinus Torvalds up(&nd.dentry->d_inode->i_sem); 20581da177e4SLinus Torvalds out_release: 20591da177e4SLinus Torvalds path_release(&nd); 20601da177e4SLinus Torvalds out: 20611da177e4SLinus Torvalds path_release(&old_nd); 20621da177e4SLinus Torvalds exit: 20631da177e4SLinus Torvalds putname(to); 20641da177e4SLinus Torvalds 20651da177e4SLinus Torvalds return error; 20661da177e4SLinus Torvalds } 20671da177e4SLinus Torvalds 20681da177e4SLinus Torvalds /* 20691da177e4SLinus Torvalds * The worst of all namespace operations - renaming directory. "Perverted" 20701da177e4SLinus Torvalds * doesn't even start to describe it. Somebody in UCB had a heck of a trip... 20711da177e4SLinus Torvalds * Problems: 20721da177e4SLinus Torvalds * a) we can get into loop creation. Check is done in is_subdir(). 20731da177e4SLinus Torvalds * b) race potential - two innocent renames can create a loop together. 20741da177e4SLinus Torvalds * That's where 4.4 screws up. Current fix: serialization on 20751da177e4SLinus Torvalds * sb->s_vfs_rename_sem. We might be more accurate, but that's another 20761da177e4SLinus Torvalds * story. 20771da177e4SLinus Torvalds * c) we have to lock _three_ objects - parents and victim (if it exists). 20781da177e4SLinus Torvalds * And that - after we got ->i_sem on parents (until then we don't know 20791da177e4SLinus Torvalds * whether the target exists). Solution: try to be smart with locking 20801da177e4SLinus Torvalds * order for inodes. We rely on the fact that tree topology may change 20811da177e4SLinus Torvalds * only under ->s_vfs_rename_sem _and_ that parent of the object we 20821da177e4SLinus Torvalds * move will be locked. Thus we can rank directories by the tree 20831da177e4SLinus Torvalds * (ancestors first) and rank all non-directories after them. 20841da177e4SLinus Torvalds * That works since everybody except rename does "lock parent, lookup, 20851da177e4SLinus Torvalds * lock child" and rename is under ->s_vfs_rename_sem. 20861da177e4SLinus Torvalds * HOWEVER, it relies on the assumption that any object with ->lookup() 20871da177e4SLinus Torvalds * has no more than 1 dentry. If "hybrid" objects will ever appear, 20881da177e4SLinus Torvalds * we'd better make sure that there's no link(2) for them. 20891da177e4SLinus Torvalds * d) some filesystems don't support opened-but-unlinked directories, 20901da177e4SLinus Torvalds * either because of layout or because they are not ready to deal with 20911da177e4SLinus Torvalds * all cases correctly. The latter will be fixed (taking this sort of 20921da177e4SLinus Torvalds * stuff into VFS), but the former is not going away. Solution: the same 20931da177e4SLinus Torvalds * trick as in rmdir(). 20941da177e4SLinus Torvalds * e) conversion from fhandle to dentry may come in the wrong moment - when 20951da177e4SLinus Torvalds * we are removing the target. Solution: we will have to grab ->i_sem 20961da177e4SLinus Torvalds * in the fhandle_to_dentry code. [FIXME - current nfsfh.c relies on 20971da177e4SLinus Torvalds * ->i_sem on parents, which works but leads to some truely excessive 20981da177e4SLinus Torvalds * locking]. 20991da177e4SLinus Torvalds */ 210075c96f85SAdrian Bunk static int vfs_rename_dir(struct inode *old_dir, struct dentry *old_dentry, 21011da177e4SLinus Torvalds struct inode *new_dir, struct dentry *new_dentry) 21021da177e4SLinus Torvalds { 21031da177e4SLinus Torvalds int error = 0; 21041da177e4SLinus Torvalds struct inode *target; 21051da177e4SLinus Torvalds 21061da177e4SLinus Torvalds /* 21071da177e4SLinus Torvalds * If we are going to change the parent - check write permissions, 21081da177e4SLinus Torvalds * we'll need to flip '..'. 21091da177e4SLinus Torvalds */ 21101da177e4SLinus Torvalds if (new_dir != old_dir) { 21111da177e4SLinus Torvalds error = permission(old_dentry->d_inode, MAY_WRITE, NULL); 21121da177e4SLinus Torvalds if (error) 21131da177e4SLinus Torvalds return error; 21141da177e4SLinus Torvalds } 21151da177e4SLinus Torvalds 21161da177e4SLinus Torvalds error = security_inode_rename(old_dir, old_dentry, new_dir, new_dentry); 21171da177e4SLinus Torvalds if (error) 21181da177e4SLinus Torvalds return error; 21191da177e4SLinus Torvalds 21201da177e4SLinus Torvalds target = new_dentry->d_inode; 21211da177e4SLinus Torvalds if (target) { 21221da177e4SLinus Torvalds down(&target->i_sem); 21231da177e4SLinus Torvalds dentry_unhash(new_dentry); 21241da177e4SLinus Torvalds } 21251da177e4SLinus Torvalds if (d_mountpoint(old_dentry)||d_mountpoint(new_dentry)) 21261da177e4SLinus Torvalds error = -EBUSY; 21271da177e4SLinus Torvalds else 21281da177e4SLinus Torvalds error = old_dir->i_op->rename(old_dir, old_dentry, new_dir, new_dentry); 21291da177e4SLinus Torvalds if (target) { 21301da177e4SLinus Torvalds if (!error) 21311da177e4SLinus Torvalds target->i_flags |= S_DEAD; 21321da177e4SLinus Torvalds up(&target->i_sem); 21331da177e4SLinus Torvalds if (d_unhashed(new_dentry)) 21341da177e4SLinus Torvalds d_rehash(new_dentry); 21351da177e4SLinus Torvalds dput(new_dentry); 21361da177e4SLinus Torvalds } 21371da177e4SLinus Torvalds if (!error) { 21381da177e4SLinus Torvalds d_move(old_dentry,new_dentry); 21391da177e4SLinus Torvalds security_inode_post_rename(old_dir, old_dentry, 21401da177e4SLinus Torvalds new_dir, new_dentry); 21411da177e4SLinus Torvalds } 21421da177e4SLinus Torvalds return error; 21431da177e4SLinus Torvalds } 21441da177e4SLinus Torvalds 214575c96f85SAdrian Bunk static int vfs_rename_other(struct inode *old_dir, struct dentry *old_dentry, 21461da177e4SLinus Torvalds struct inode *new_dir, struct dentry *new_dentry) 21471da177e4SLinus Torvalds { 21481da177e4SLinus Torvalds struct inode *target; 21491da177e4SLinus Torvalds int error; 21501da177e4SLinus Torvalds 21511da177e4SLinus Torvalds error = security_inode_rename(old_dir, old_dentry, new_dir, new_dentry); 21521da177e4SLinus Torvalds if (error) 21531da177e4SLinus Torvalds return error; 21541da177e4SLinus Torvalds 21551da177e4SLinus Torvalds dget(new_dentry); 21561da177e4SLinus Torvalds target = new_dentry->d_inode; 21571da177e4SLinus Torvalds if (target) 21581da177e4SLinus Torvalds down(&target->i_sem); 21591da177e4SLinus Torvalds if (d_mountpoint(old_dentry)||d_mountpoint(new_dentry)) 21601da177e4SLinus Torvalds error = -EBUSY; 21611da177e4SLinus Torvalds else 21621da177e4SLinus Torvalds error = old_dir->i_op->rename(old_dir, old_dentry, new_dir, new_dentry); 21631da177e4SLinus Torvalds if (!error) { 21641da177e4SLinus Torvalds /* The following d_move() should become unconditional */ 21651da177e4SLinus Torvalds if (!(old_dir->i_sb->s_type->fs_flags & FS_ODD_RENAME)) 21661da177e4SLinus Torvalds d_move(old_dentry, new_dentry); 21671da177e4SLinus Torvalds security_inode_post_rename(old_dir, old_dentry, new_dir, new_dentry); 21681da177e4SLinus Torvalds } 21691da177e4SLinus Torvalds if (target) 21701da177e4SLinus Torvalds up(&target->i_sem); 21711da177e4SLinus Torvalds dput(new_dentry); 21721da177e4SLinus Torvalds return error; 21731da177e4SLinus Torvalds } 21741da177e4SLinus Torvalds 21751da177e4SLinus Torvalds int vfs_rename(struct inode *old_dir, struct dentry *old_dentry, 21761da177e4SLinus Torvalds struct inode *new_dir, struct dentry *new_dentry) 21771da177e4SLinus Torvalds { 21781da177e4SLinus Torvalds int error; 21791da177e4SLinus Torvalds int is_dir = S_ISDIR(old_dentry->d_inode->i_mode); 21800eeca283SRobert Love const char *old_name; 21811da177e4SLinus Torvalds 21821da177e4SLinus Torvalds if (old_dentry->d_inode == new_dentry->d_inode) 21831da177e4SLinus Torvalds return 0; 21841da177e4SLinus Torvalds 21851da177e4SLinus Torvalds error = may_delete(old_dir, old_dentry, is_dir); 21861da177e4SLinus Torvalds if (error) 21871da177e4SLinus Torvalds return error; 21881da177e4SLinus Torvalds 21891da177e4SLinus Torvalds if (!new_dentry->d_inode) 21901da177e4SLinus Torvalds error = may_create(new_dir, new_dentry, NULL); 21911da177e4SLinus Torvalds else 21921da177e4SLinus Torvalds error = may_delete(new_dir, new_dentry, is_dir); 21931da177e4SLinus Torvalds if (error) 21941da177e4SLinus Torvalds return error; 21951da177e4SLinus Torvalds 21961da177e4SLinus Torvalds if (!old_dir->i_op || !old_dir->i_op->rename) 21971da177e4SLinus Torvalds return -EPERM; 21981da177e4SLinus Torvalds 21991da177e4SLinus Torvalds DQUOT_INIT(old_dir); 22001da177e4SLinus Torvalds DQUOT_INIT(new_dir); 22011da177e4SLinus Torvalds 22020eeca283SRobert Love old_name = fsnotify_oldname_init(old_dentry->d_name.name); 22030eeca283SRobert Love 22041da177e4SLinus Torvalds if (is_dir) 22051da177e4SLinus Torvalds error = vfs_rename_dir(old_dir,old_dentry,new_dir,new_dentry); 22061da177e4SLinus Torvalds else 22071da177e4SLinus Torvalds error = vfs_rename_other(old_dir,old_dentry,new_dir,new_dentry); 22081da177e4SLinus Torvalds if (!error) { 22090eeca283SRobert Love const char *new_name = old_dentry->d_name.name; 221089204c40SJohn McCutchan fsnotify_move(old_dir, new_dir, old_name, new_name, is_dir, 221189204c40SJohn McCutchan new_dentry->d_inode, old_dentry->d_inode); 22121da177e4SLinus Torvalds } 22130eeca283SRobert Love fsnotify_oldname_free(old_name); 22140eeca283SRobert Love 22151da177e4SLinus Torvalds return error; 22161da177e4SLinus Torvalds } 22171da177e4SLinus Torvalds 22181da177e4SLinus Torvalds static inline int do_rename(const char * oldname, const char * newname) 22191da177e4SLinus Torvalds { 22201da177e4SLinus Torvalds int error = 0; 22211da177e4SLinus Torvalds struct dentry * old_dir, * new_dir; 22221da177e4SLinus Torvalds struct dentry * old_dentry, *new_dentry; 22231da177e4SLinus Torvalds struct dentry * trap; 22241da177e4SLinus Torvalds struct nameidata oldnd, newnd; 22251da177e4SLinus Torvalds 22261da177e4SLinus Torvalds error = path_lookup(oldname, LOOKUP_PARENT, &oldnd); 22271da177e4SLinus Torvalds if (error) 22281da177e4SLinus Torvalds goto exit; 22291da177e4SLinus Torvalds 22301da177e4SLinus Torvalds error = path_lookup(newname, LOOKUP_PARENT, &newnd); 22311da177e4SLinus Torvalds if (error) 22321da177e4SLinus Torvalds goto exit1; 22331da177e4SLinus Torvalds 22341da177e4SLinus Torvalds error = -EXDEV; 22351da177e4SLinus Torvalds if (oldnd.mnt != newnd.mnt) 22361da177e4SLinus Torvalds goto exit2; 22371da177e4SLinus Torvalds 22381da177e4SLinus Torvalds old_dir = oldnd.dentry; 22391da177e4SLinus Torvalds error = -EBUSY; 22401da177e4SLinus Torvalds if (oldnd.last_type != LAST_NORM) 22411da177e4SLinus Torvalds goto exit2; 22421da177e4SLinus Torvalds 22431da177e4SLinus Torvalds new_dir = newnd.dentry; 22441da177e4SLinus Torvalds if (newnd.last_type != LAST_NORM) 22451da177e4SLinus Torvalds goto exit2; 22461da177e4SLinus Torvalds 22471da177e4SLinus Torvalds trap = lock_rename(new_dir, old_dir); 22481da177e4SLinus Torvalds 22491da177e4SLinus Torvalds old_dentry = lookup_hash(&oldnd.last, old_dir); 22501da177e4SLinus Torvalds error = PTR_ERR(old_dentry); 22511da177e4SLinus Torvalds if (IS_ERR(old_dentry)) 22521da177e4SLinus Torvalds goto exit3; 22531da177e4SLinus Torvalds /* source must exist */ 22541da177e4SLinus Torvalds error = -ENOENT; 22551da177e4SLinus Torvalds if (!old_dentry->d_inode) 22561da177e4SLinus Torvalds goto exit4; 22571da177e4SLinus Torvalds /* unless the source is a directory trailing slashes give -ENOTDIR */ 22581da177e4SLinus Torvalds if (!S_ISDIR(old_dentry->d_inode->i_mode)) { 22591da177e4SLinus Torvalds error = -ENOTDIR; 22601da177e4SLinus Torvalds if (oldnd.last.name[oldnd.last.len]) 22611da177e4SLinus Torvalds goto exit4; 22621da177e4SLinus Torvalds if (newnd.last.name[newnd.last.len]) 22631da177e4SLinus Torvalds goto exit4; 22641da177e4SLinus Torvalds } 22651da177e4SLinus Torvalds /* source should not be ancestor of target */ 22661da177e4SLinus Torvalds error = -EINVAL; 22671da177e4SLinus Torvalds if (old_dentry == trap) 22681da177e4SLinus Torvalds goto exit4; 22691da177e4SLinus Torvalds new_dentry = lookup_hash(&newnd.last, new_dir); 22701da177e4SLinus Torvalds error = PTR_ERR(new_dentry); 22711da177e4SLinus Torvalds if (IS_ERR(new_dentry)) 22721da177e4SLinus Torvalds goto exit4; 22731da177e4SLinus Torvalds /* target should not be an ancestor of source */ 22741da177e4SLinus Torvalds error = -ENOTEMPTY; 22751da177e4SLinus Torvalds if (new_dentry == trap) 22761da177e4SLinus Torvalds goto exit5; 22771da177e4SLinus Torvalds 22781da177e4SLinus Torvalds error = vfs_rename(old_dir->d_inode, old_dentry, 22791da177e4SLinus Torvalds new_dir->d_inode, new_dentry); 22801da177e4SLinus Torvalds exit5: 22811da177e4SLinus Torvalds dput(new_dentry); 22821da177e4SLinus Torvalds exit4: 22831da177e4SLinus Torvalds dput(old_dentry); 22841da177e4SLinus Torvalds exit3: 22851da177e4SLinus Torvalds unlock_rename(new_dir, old_dir); 22861da177e4SLinus Torvalds exit2: 22871da177e4SLinus Torvalds path_release(&newnd); 22881da177e4SLinus Torvalds exit1: 22891da177e4SLinus Torvalds path_release(&oldnd); 22901da177e4SLinus Torvalds exit: 22911da177e4SLinus Torvalds return error; 22921da177e4SLinus Torvalds } 22931da177e4SLinus Torvalds 22941da177e4SLinus Torvalds asmlinkage long sys_rename(const char __user * oldname, const char __user * newname) 22951da177e4SLinus Torvalds { 22961da177e4SLinus Torvalds int error; 22971da177e4SLinus Torvalds char * from; 22981da177e4SLinus Torvalds char * to; 22991da177e4SLinus Torvalds 23001da177e4SLinus Torvalds from = getname(oldname); 23011da177e4SLinus Torvalds if(IS_ERR(from)) 23021da177e4SLinus Torvalds return PTR_ERR(from); 23031da177e4SLinus Torvalds to = getname(newname); 23041da177e4SLinus Torvalds error = PTR_ERR(to); 23051da177e4SLinus Torvalds if (!IS_ERR(to)) { 23061da177e4SLinus Torvalds error = do_rename(from,to); 23071da177e4SLinus Torvalds putname(to); 23081da177e4SLinus Torvalds } 23091da177e4SLinus Torvalds putname(from); 23101da177e4SLinus Torvalds return error; 23111da177e4SLinus Torvalds } 23121da177e4SLinus Torvalds 23131da177e4SLinus Torvalds int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const char *link) 23141da177e4SLinus Torvalds { 23151da177e4SLinus Torvalds int len; 23161da177e4SLinus Torvalds 23171da177e4SLinus Torvalds len = PTR_ERR(link); 23181da177e4SLinus Torvalds if (IS_ERR(link)) 23191da177e4SLinus Torvalds goto out; 23201da177e4SLinus Torvalds 23211da177e4SLinus Torvalds len = strlen(link); 23221da177e4SLinus Torvalds if (len > (unsigned) buflen) 23231da177e4SLinus Torvalds len = buflen; 23241da177e4SLinus Torvalds if (copy_to_user(buffer, link, len)) 23251da177e4SLinus Torvalds len = -EFAULT; 23261da177e4SLinus Torvalds out: 23271da177e4SLinus Torvalds return len; 23281da177e4SLinus Torvalds } 23291da177e4SLinus Torvalds 23301da177e4SLinus Torvalds /* 23311da177e4SLinus Torvalds * A helper for ->readlink(). This should be used *ONLY* for symlinks that 23321da177e4SLinus Torvalds * have ->follow_link() touching nd only in nd_set_link(). Using (or not 23331da177e4SLinus Torvalds * using) it for any given inode is up to filesystem. 23341da177e4SLinus Torvalds */ 23351da177e4SLinus Torvalds int generic_readlink(struct dentry *dentry, char __user *buffer, int buflen) 23361da177e4SLinus Torvalds { 23371da177e4SLinus Torvalds struct nameidata nd; 2338cc314eefSLinus Torvalds void *cookie; 2339cc314eefSLinus Torvalds 23401da177e4SLinus Torvalds nd.depth = 0; 2341cc314eefSLinus Torvalds cookie = dentry->d_inode->i_op->follow_link(dentry, &nd); 2342cc314eefSLinus Torvalds if (!IS_ERR(cookie)) { 2343cc314eefSLinus Torvalds int res = vfs_readlink(dentry, buffer, buflen, nd_get_link(&nd)); 23441da177e4SLinus Torvalds if (dentry->d_inode->i_op->put_link) 2345cc314eefSLinus Torvalds dentry->d_inode->i_op->put_link(dentry, &nd, cookie); 2346cc314eefSLinus Torvalds cookie = ERR_PTR(res); 23471da177e4SLinus Torvalds } 2348cc314eefSLinus Torvalds return PTR_ERR(cookie); 23491da177e4SLinus Torvalds } 23501da177e4SLinus Torvalds 23511da177e4SLinus Torvalds int vfs_follow_link(struct nameidata *nd, const char *link) 23521da177e4SLinus Torvalds { 23531da177e4SLinus Torvalds return __vfs_follow_link(nd, link); 23541da177e4SLinus Torvalds } 23551da177e4SLinus Torvalds 23561da177e4SLinus Torvalds /* get the link contents into pagecache */ 23571da177e4SLinus Torvalds static char *page_getlink(struct dentry * dentry, struct page **ppage) 23581da177e4SLinus Torvalds { 23591da177e4SLinus Torvalds struct page * page; 23601da177e4SLinus Torvalds struct address_space *mapping = dentry->d_inode->i_mapping; 23611da177e4SLinus Torvalds page = read_cache_page(mapping, 0, (filler_t *)mapping->a_ops->readpage, 23621da177e4SLinus Torvalds NULL); 23631da177e4SLinus Torvalds if (IS_ERR(page)) 23641da177e4SLinus Torvalds goto sync_fail; 23651da177e4SLinus Torvalds wait_on_page_locked(page); 23661da177e4SLinus Torvalds if (!PageUptodate(page)) 23671da177e4SLinus Torvalds goto async_fail; 23681da177e4SLinus Torvalds *ppage = page; 23691da177e4SLinus Torvalds return kmap(page); 23701da177e4SLinus Torvalds 23711da177e4SLinus Torvalds async_fail: 23721da177e4SLinus Torvalds page_cache_release(page); 23731da177e4SLinus Torvalds return ERR_PTR(-EIO); 23741da177e4SLinus Torvalds 23751da177e4SLinus Torvalds sync_fail: 23761da177e4SLinus Torvalds return (char*)page; 23771da177e4SLinus Torvalds } 23781da177e4SLinus Torvalds 23791da177e4SLinus Torvalds int page_readlink(struct dentry *dentry, char __user *buffer, int buflen) 23801da177e4SLinus Torvalds { 23811da177e4SLinus Torvalds struct page *page = NULL; 23821da177e4SLinus Torvalds char *s = page_getlink(dentry, &page); 23831da177e4SLinus Torvalds int res = vfs_readlink(dentry,buffer,buflen,s); 23841da177e4SLinus Torvalds if (page) { 23851da177e4SLinus Torvalds kunmap(page); 23861da177e4SLinus Torvalds page_cache_release(page); 23871da177e4SLinus Torvalds } 23881da177e4SLinus Torvalds return res; 23891da177e4SLinus Torvalds } 23901da177e4SLinus Torvalds 2391cc314eefSLinus Torvalds void *page_follow_link_light(struct dentry *dentry, struct nameidata *nd) 23921da177e4SLinus Torvalds { 2393cc314eefSLinus Torvalds struct page *page = NULL; 23941da177e4SLinus Torvalds nd_set_link(nd, page_getlink(dentry, &page)); 2395cc314eefSLinus Torvalds return page; 23961da177e4SLinus Torvalds } 23971da177e4SLinus Torvalds 2398cc314eefSLinus Torvalds void page_put_link(struct dentry *dentry, struct nameidata *nd, void *cookie) 23991da177e4SLinus Torvalds { 2400cc314eefSLinus Torvalds struct page *page = cookie; 2401cc314eefSLinus Torvalds 2402cc314eefSLinus Torvalds if (page) { 24031da177e4SLinus Torvalds kunmap(page); 24041da177e4SLinus Torvalds page_cache_release(page); 24051da177e4SLinus Torvalds } 24061da177e4SLinus Torvalds } 24071da177e4SLinus Torvalds 24081da177e4SLinus Torvalds int page_symlink(struct inode *inode, const char *symname, int len) 24091da177e4SLinus Torvalds { 24101da177e4SLinus Torvalds struct address_space *mapping = inode->i_mapping; 24111da177e4SLinus Torvalds struct page *page = grab_cache_page(mapping, 0); 24121da177e4SLinus Torvalds int err = -ENOMEM; 24131da177e4SLinus Torvalds char *kaddr; 24141da177e4SLinus Torvalds 24151da177e4SLinus Torvalds if (!page) 24161da177e4SLinus Torvalds goto fail; 24171da177e4SLinus Torvalds err = mapping->a_ops->prepare_write(NULL, page, 0, len-1); 24181da177e4SLinus Torvalds if (err) 24191da177e4SLinus Torvalds goto fail_map; 24201da177e4SLinus Torvalds kaddr = kmap_atomic(page, KM_USER0); 24211da177e4SLinus Torvalds memcpy(kaddr, symname, len-1); 24221da177e4SLinus Torvalds kunmap_atomic(kaddr, KM_USER0); 24231da177e4SLinus Torvalds mapping->a_ops->commit_write(NULL, page, 0, len-1); 24241da177e4SLinus Torvalds /* 24251da177e4SLinus Torvalds * Notice that we are _not_ going to block here - end of page is 24261da177e4SLinus Torvalds * unmapped, so this will only try to map the rest of page, see 24271da177e4SLinus Torvalds * that it is unmapped (typically even will not look into inode - 24281da177e4SLinus Torvalds * ->i_size will be enough for everything) and zero it out. 24291da177e4SLinus Torvalds * OTOH it's obviously correct and should make the page up-to-date. 24301da177e4SLinus Torvalds */ 24311da177e4SLinus Torvalds if (!PageUptodate(page)) { 24321da177e4SLinus Torvalds err = mapping->a_ops->readpage(NULL, page); 24331da177e4SLinus Torvalds wait_on_page_locked(page); 24341da177e4SLinus Torvalds } else { 24351da177e4SLinus Torvalds unlock_page(page); 24361da177e4SLinus Torvalds } 24371da177e4SLinus Torvalds page_cache_release(page); 24381da177e4SLinus Torvalds if (err < 0) 24391da177e4SLinus Torvalds goto fail; 24401da177e4SLinus Torvalds mark_inode_dirty(inode); 24411da177e4SLinus Torvalds return 0; 24421da177e4SLinus Torvalds fail_map: 24431da177e4SLinus Torvalds unlock_page(page); 24441da177e4SLinus Torvalds page_cache_release(page); 24451da177e4SLinus Torvalds fail: 24461da177e4SLinus Torvalds return err; 24471da177e4SLinus Torvalds } 24481da177e4SLinus Torvalds 24491da177e4SLinus Torvalds struct inode_operations page_symlink_inode_operations = { 24501da177e4SLinus Torvalds .readlink = generic_readlink, 24511da177e4SLinus Torvalds .follow_link = page_follow_link_light, 24521da177e4SLinus Torvalds .put_link = page_put_link, 24531da177e4SLinus Torvalds }; 24541da177e4SLinus Torvalds 24551da177e4SLinus Torvalds EXPORT_SYMBOL(__user_walk); 24561da177e4SLinus Torvalds EXPORT_SYMBOL(follow_down); 24571da177e4SLinus Torvalds EXPORT_SYMBOL(follow_up); 24581da177e4SLinus Torvalds EXPORT_SYMBOL(get_write_access); /* binfmt_aout */ 24591da177e4SLinus Torvalds EXPORT_SYMBOL(getname); 24601da177e4SLinus Torvalds EXPORT_SYMBOL(lock_rename); 24611da177e4SLinus Torvalds EXPORT_SYMBOL(lookup_hash); 24621da177e4SLinus Torvalds EXPORT_SYMBOL(lookup_one_len); 24631da177e4SLinus Torvalds EXPORT_SYMBOL(page_follow_link_light); 24641da177e4SLinus Torvalds EXPORT_SYMBOL(page_put_link); 24651da177e4SLinus Torvalds EXPORT_SYMBOL(page_readlink); 24661da177e4SLinus Torvalds EXPORT_SYMBOL(page_symlink); 24671da177e4SLinus Torvalds EXPORT_SYMBOL(page_symlink_inode_operations); 24681da177e4SLinus Torvalds EXPORT_SYMBOL(path_lookup); 24691da177e4SLinus Torvalds EXPORT_SYMBOL(path_release); 24701da177e4SLinus Torvalds EXPORT_SYMBOL(path_walk); 24711da177e4SLinus Torvalds EXPORT_SYMBOL(permission); 24721da177e4SLinus Torvalds EXPORT_SYMBOL(unlock_rename); 24731da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_create); 24741da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_follow_link); 24751da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_link); 24761da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_mkdir); 24771da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_mknod); 24781da177e4SLinus Torvalds EXPORT_SYMBOL(generic_permission); 24791da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_readlink); 24801da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_rename); 24811da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_rmdir); 24821da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_symlink); 24831da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_unlink); 24841da177e4SLinus Torvalds EXPORT_SYMBOL(dentry_unhash); 24851da177e4SLinus Torvalds EXPORT_SYMBOL(generic_readlink); 2486