11da177e4SLinus Torvalds /* 21da177e4SLinus Torvalds * linux/fs/namei.c 31da177e4SLinus Torvalds * 41da177e4SLinus Torvalds * Copyright (C) 1991, 1992 Linus Torvalds 51da177e4SLinus Torvalds */ 61da177e4SLinus Torvalds 71da177e4SLinus Torvalds /* 81da177e4SLinus Torvalds * Some corrections by tytso. 91da177e4SLinus Torvalds */ 101da177e4SLinus Torvalds 111da177e4SLinus Torvalds /* [Feb 1997 T. Schoebel-Theuer] Complete rewrite of the pathname 121da177e4SLinus Torvalds * lookup logic. 131da177e4SLinus Torvalds */ 141da177e4SLinus Torvalds /* [Feb-Apr 2000, AV] Rewrite to the new namespace architecture. 151da177e4SLinus Torvalds */ 161da177e4SLinus Torvalds 171da177e4SLinus Torvalds #include <linux/init.h> 181da177e4SLinus Torvalds #include <linux/module.h> 191da177e4SLinus Torvalds #include <linux/slab.h> 201da177e4SLinus Torvalds #include <linux/fs.h> 211da177e4SLinus Torvalds #include <linux/namei.h> 221da177e4SLinus Torvalds #include <linux/pagemap.h> 230eeca283SRobert Love #include <linux/fsnotify.h> 241da177e4SLinus Torvalds #include <linux/personality.h> 251da177e4SLinus Torvalds #include <linux/security.h> 266146f0d5SMimi Zohar #include <linux/ima.h> 271da177e4SLinus Torvalds #include <linux/syscalls.h> 281da177e4SLinus Torvalds #include <linux/mount.h> 291da177e4SLinus Torvalds #include <linux/audit.h> 3016f7e0feSRandy Dunlap #include <linux/capability.h> 31834f2a4aSTrond Myklebust #include <linux/file.h> 325590ff0dSUlrich Drepper #include <linux/fcntl.h> 3308ce5f16SSerge E. Hallyn #include <linux/device_cgroup.h> 345ad4e53bSAl Viro #include <linux/fs_struct.h> 351da177e4SLinus Torvalds #include <asm/uaccess.h> 361da177e4SLinus Torvalds 37e81e3f4dSEric Paris #include "internal.h" 38e81e3f4dSEric Paris 391da177e4SLinus Torvalds /* [Feb-1997 T. Schoebel-Theuer] 401da177e4SLinus Torvalds * Fundamental changes in the pathname lookup mechanisms (namei) 411da177e4SLinus Torvalds * were necessary because of omirr. The reason is that omirr needs 421da177e4SLinus Torvalds * to know the _real_ pathname, not the user-supplied one, in case 431da177e4SLinus Torvalds * of symlinks (and also when transname replacements occur). 441da177e4SLinus Torvalds * 451da177e4SLinus Torvalds * The new code replaces the old recursive symlink resolution with 461da177e4SLinus Torvalds * an iterative one (in case of non-nested symlink chains). It does 471da177e4SLinus Torvalds * this with calls to <fs>_follow_link(). 481da177e4SLinus Torvalds * As a side effect, dir_namei(), _namei() and follow_link() are now 491da177e4SLinus Torvalds * replaced with a single function lookup_dentry() that can handle all 501da177e4SLinus Torvalds * the special cases of the former code. 511da177e4SLinus Torvalds * 521da177e4SLinus Torvalds * With the new dcache, the pathname is stored at each inode, at least as 531da177e4SLinus Torvalds * long as the refcount of the inode is positive. As a side effect, the 541da177e4SLinus Torvalds * size of the dcache depends on the inode cache and thus is dynamic. 551da177e4SLinus Torvalds * 561da177e4SLinus Torvalds * [29-Apr-1998 C. Scott Ananian] Updated above description of symlink 571da177e4SLinus Torvalds * resolution to correspond with current state of the code. 581da177e4SLinus Torvalds * 591da177e4SLinus Torvalds * Note that the symlink resolution is not *completely* iterative. 601da177e4SLinus Torvalds * There is still a significant amount of tail- and mid- recursion in 611da177e4SLinus Torvalds * the algorithm. Also, note that <fs>_readlink() is not used in 621da177e4SLinus Torvalds * lookup_dentry(): lookup_dentry() on the result of <fs>_readlink() 631da177e4SLinus Torvalds * may return different results than <fs>_follow_link(). Many virtual 641da177e4SLinus Torvalds * filesystems (including /proc) exhibit this behavior. 651da177e4SLinus Torvalds */ 661da177e4SLinus Torvalds 671da177e4SLinus Torvalds /* [24-Feb-97 T. Schoebel-Theuer] Side effects caused by new implementation: 681da177e4SLinus Torvalds * New symlink semantics: when open() is called with flags O_CREAT | O_EXCL 691da177e4SLinus Torvalds * and the name already exists in form of a symlink, try to create the new 701da177e4SLinus Torvalds * name indicated by the symlink. The old code always complained that the 711da177e4SLinus Torvalds * name already exists, due to not following the symlink even if its target 721da177e4SLinus Torvalds * is nonexistent. The new semantics affects also mknod() and link() when 731da177e4SLinus Torvalds * the name is a symlink pointing to a non-existant name. 741da177e4SLinus Torvalds * 751da177e4SLinus Torvalds * I don't know which semantics is the right one, since I have no access 761da177e4SLinus Torvalds * to standards. But I found by trial that HP-UX 9.0 has the full "new" 771da177e4SLinus Torvalds * semantics implemented, while SunOS 4.1.1 and Solaris (SunOS 5.4) have the 781da177e4SLinus Torvalds * "old" one. Personally, I think the new semantics is much more logical. 791da177e4SLinus Torvalds * Note that "ln old new" where "new" is a symlink pointing to a non-existing 801da177e4SLinus Torvalds * file does succeed in both HP-UX and SunOs, but not in Solaris 811da177e4SLinus Torvalds * and in the old Linux semantics. 821da177e4SLinus Torvalds */ 831da177e4SLinus Torvalds 841da177e4SLinus Torvalds /* [16-Dec-97 Kevin Buhr] For security reasons, we change some symlink 851da177e4SLinus Torvalds * semantics. See the comments in "open_namei" and "do_link" below. 861da177e4SLinus Torvalds * 871da177e4SLinus Torvalds * [10-Sep-98 Alan Modra] Another symlink change. 881da177e4SLinus Torvalds */ 891da177e4SLinus Torvalds 901da177e4SLinus Torvalds /* [Feb-Apr 2000 AV] Complete rewrite. Rules for symlinks: 911da177e4SLinus Torvalds * inside the path - always follow. 921da177e4SLinus Torvalds * in the last component in creation/removal/renaming - never follow. 931da177e4SLinus Torvalds * if LOOKUP_FOLLOW passed - follow. 941da177e4SLinus Torvalds * if the pathname has trailing slashes - follow. 951da177e4SLinus Torvalds * otherwise - don't follow. 961da177e4SLinus Torvalds * (applied in that order). 971da177e4SLinus Torvalds * 981da177e4SLinus Torvalds * [Jun 2000 AV] Inconsistent behaviour of open() in case if flags==O_CREAT 991da177e4SLinus Torvalds * restored for 2.4. This is the last surviving part of old 4.2BSD bug. 1001da177e4SLinus Torvalds * During the 2.4 we need to fix the userland stuff depending on it - 1011da177e4SLinus Torvalds * hopefully we will be able to get rid of that wart in 2.5. So far only 1021da177e4SLinus Torvalds * XEmacs seems to be relying on it... 1031da177e4SLinus Torvalds */ 1041da177e4SLinus Torvalds /* 1051da177e4SLinus Torvalds * [Sep 2001 AV] Single-semaphore locking scheme (kudos to David Holland) 106a11f3a05SArjan van de Ven * implemented. Let's see if raised priority of ->s_vfs_rename_mutex gives 1071da177e4SLinus Torvalds * any extra contention... 1081da177e4SLinus Torvalds */ 1091da177e4SLinus Torvalds 1101da177e4SLinus Torvalds /* In order to reduce some races, while at the same time doing additional 1111da177e4SLinus Torvalds * checking and hopefully speeding things up, we copy filenames to the 1121da177e4SLinus Torvalds * kernel data space before using them.. 1131da177e4SLinus Torvalds * 1141da177e4SLinus Torvalds * POSIX.1 2.4: an empty pathname is invalid (ENOENT). 1151da177e4SLinus Torvalds * PATH_MAX includes the nul terminator --RR. 1161da177e4SLinus Torvalds */ 117858119e1SArjan van de Ven static int do_getname(const char __user *filename, char *page) 1181da177e4SLinus Torvalds { 1191da177e4SLinus Torvalds int retval; 1201da177e4SLinus Torvalds unsigned long len = PATH_MAX; 1211da177e4SLinus Torvalds 1221da177e4SLinus Torvalds if (!segment_eq(get_fs(), KERNEL_DS)) { 1231da177e4SLinus Torvalds if ((unsigned long) filename >= TASK_SIZE) 1241da177e4SLinus Torvalds return -EFAULT; 1251da177e4SLinus Torvalds if (TASK_SIZE - (unsigned long) filename < PATH_MAX) 1261da177e4SLinus Torvalds len = TASK_SIZE - (unsigned long) filename; 1271da177e4SLinus Torvalds } 1281da177e4SLinus Torvalds 1291da177e4SLinus Torvalds retval = strncpy_from_user(page, filename, len); 1301da177e4SLinus Torvalds if (retval > 0) { 1311da177e4SLinus Torvalds if (retval < len) 1321da177e4SLinus Torvalds return 0; 1331da177e4SLinus Torvalds return -ENAMETOOLONG; 1341da177e4SLinus Torvalds } else if (!retval) 1351da177e4SLinus Torvalds retval = -ENOENT; 1361da177e4SLinus Torvalds return retval; 1371da177e4SLinus Torvalds } 1381da177e4SLinus Torvalds 139f52e0c11SAl Viro static char *getname_flags(const char __user * filename, int flags) 1401da177e4SLinus Torvalds { 1411da177e4SLinus Torvalds char *tmp, *result; 1421da177e4SLinus Torvalds 1431da177e4SLinus Torvalds result = ERR_PTR(-ENOMEM); 1441da177e4SLinus Torvalds tmp = __getname(); 1451da177e4SLinus Torvalds if (tmp) { 1461da177e4SLinus Torvalds int retval = do_getname(filename, tmp); 1471da177e4SLinus Torvalds 1481da177e4SLinus Torvalds result = tmp; 1491da177e4SLinus Torvalds if (retval < 0) { 150f52e0c11SAl Viro if (retval != -ENOENT || !(flags & LOOKUP_EMPTY)) { 1511da177e4SLinus Torvalds __putname(tmp); 1521da177e4SLinus Torvalds result = ERR_PTR(retval); 1531da177e4SLinus Torvalds } 1541da177e4SLinus Torvalds } 155f52e0c11SAl Viro } 1561da177e4SLinus Torvalds audit_getname(result); 1571da177e4SLinus Torvalds return result; 1581da177e4SLinus Torvalds } 1591da177e4SLinus Torvalds 160f52e0c11SAl Viro char *getname(const char __user * filename) 161f52e0c11SAl Viro { 162f52e0c11SAl Viro return getname_flags(filename, 0); 163f52e0c11SAl Viro } 164f52e0c11SAl Viro 1651da177e4SLinus Torvalds #ifdef CONFIG_AUDITSYSCALL 1661da177e4SLinus Torvalds void putname(const char *name) 1671da177e4SLinus Torvalds { 1685ac3a9c2SAl Viro if (unlikely(!audit_dummy_context())) 1691da177e4SLinus Torvalds audit_putname(name); 1701da177e4SLinus Torvalds else 1711da177e4SLinus Torvalds __putname(name); 1721da177e4SLinus Torvalds } 1731da177e4SLinus Torvalds EXPORT_SYMBOL(putname); 1741da177e4SLinus Torvalds #endif 1751da177e4SLinus Torvalds 1765909ccaaSLinus Torvalds /* 1775909ccaaSLinus Torvalds * This does basic POSIX ACL permission checking 1785909ccaaSLinus Torvalds */ 179b74c79e9SNick Piggin static int acl_permission_check(struct inode *inode, int mask, unsigned int flags, 180b74c79e9SNick Piggin int (*check_acl)(struct inode *inode, int mask, unsigned int flags)) 1815909ccaaSLinus Torvalds { 1825909ccaaSLinus Torvalds umode_t mode = inode->i_mode; 1835909ccaaSLinus Torvalds 1845909ccaaSLinus Torvalds mask &= MAY_READ | MAY_WRITE | MAY_EXEC; 1855909ccaaSLinus Torvalds 1865909ccaaSLinus Torvalds if (current_fsuid() == inode->i_uid) 1875909ccaaSLinus Torvalds mode >>= 6; 1885909ccaaSLinus Torvalds else { 1895909ccaaSLinus Torvalds if (IS_POSIXACL(inode) && (mode & S_IRWXG) && check_acl) { 190b74c79e9SNick Piggin int error = check_acl(inode, mask, flags); 1915909ccaaSLinus Torvalds if (error != -EAGAIN) 1925909ccaaSLinus Torvalds return error; 1935909ccaaSLinus Torvalds } 1945909ccaaSLinus Torvalds 1955909ccaaSLinus Torvalds if (in_group_p(inode->i_gid)) 1965909ccaaSLinus Torvalds mode >>= 3; 1975909ccaaSLinus Torvalds } 1985909ccaaSLinus Torvalds 1995909ccaaSLinus Torvalds /* 2005909ccaaSLinus Torvalds * If the DACs are ok we don't need any capability check. 2015909ccaaSLinus Torvalds */ 2025909ccaaSLinus Torvalds if ((mask & ~mode) == 0) 2035909ccaaSLinus Torvalds return 0; 2045909ccaaSLinus Torvalds return -EACCES; 2055909ccaaSLinus Torvalds } 2061da177e4SLinus Torvalds 2071da177e4SLinus Torvalds /** 2081da177e4SLinus Torvalds * generic_permission - check for access rights on a Posix-like filesystem 2091da177e4SLinus Torvalds * @inode: inode to check access rights for 2101da177e4SLinus Torvalds * @mask: right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC) 2111da177e4SLinus Torvalds * @check_acl: optional callback to check for Posix ACLs 21239191628SRandy Dunlap * @flags: IPERM_FLAG_ flags. 2131da177e4SLinus Torvalds * 2141da177e4SLinus Torvalds * Used to check for read/write/execute permissions on a file. 2151da177e4SLinus Torvalds * We use "fsuid" for this, letting us set arbitrary permissions 2161da177e4SLinus Torvalds * for filesystem access without changing the "normal" uids which 217b74c79e9SNick Piggin * are used for other things. 218b74c79e9SNick Piggin * 219b74c79e9SNick Piggin * generic_permission is rcu-walk aware. It returns -ECHILD in case an rcu-walk 220b74c79e9SNick Piggin * request cannot be satisfied (eg. requires blocking or too much complexity). 221b74c79e9SNick Piggin * It would then be called again in ref-walk mode. 2221da177e4SLinus Torvalds */ 223b74c79e9SNick Piggin int generic_permission(struct inode *inode, int mask, unsigned int flags, 224b74c79e9SNick Piggin int (*check_acl)(struct inode *inode, int mask, unsigned int flags)) 2251da177e4SLinus Torvalds { 2265909ccaaSLinus Torvalds int ret; 2271da177e4SLinus Torvalds 2281da177e4SLinus Torvalds /* 2295909ccaaSLinus Torvalds * Do the basic POSIX ACL permission checks. 2301da177e4SLinus Torvalds */ 231b74c79e9SNick Piggin ret = acl_permission_check(inode, mask, flags, check_acl); 2325909ccaaSLinus Torvalds if (ret != -EACCES) 2335909ccaaSLinus Torvalds return ret; 2341da177e4SLinus Torvalds 2351da177e4SLinus Torvalds /* 2361da177e4SLinus Torvalds * Read/write DACs are always overridable. 2371da177e4SLinus Torvalds * Executable DACs are overridable if at least one exec bit is set. 2381da177e4SLinus Torvalds */ 239f696a365SMiklos Szeredi if (!(mask & MAY_EXEC) || execute_ok(inode)) 2401da177e4SLinus Torvalds if (capable(CAP_DAC_OVERRIDE)) 2411da177e4SLinus Torvalds return 0; 2421da177e4SLinus Torvalds 2431da177e4SLinus Torvalds /* 2441da177e4SLinus Torvalds * Searching includes executable on directories, else just read. 2451da177e4SLinus Torvalds */ 2467ea66001SSerge E. Hallyn mask &= MAY_READ | MAY_WRITE | MAY_EXEC; 2471da177e4SLinus Torvalds if (mask == MAY_READ || (S_ISDIR(inode->i_mode) && !(mask & MAY_WRITE))) 2481da177e4SLinus Torvalds if (capable(CAP_DAC_READ_SEARCH)) 2491da177e4SLinus Torvalds return 0; 2501da177e4SLinus Torvalds 2511da177e4SLinus Torvalds return -EACCES; 2521da177e4SLinus Torvalds } 2531da177e4SLinus Torvalds 254cb23beb5SChristoph Hellwig /** 255cb23beb5SChristoph Hellwig * inode_permission - check for access rights to a given inode 256cb23beb5SChristoph Hellwig * @inode: inode to check permission on 257cb23beb5SChristoph Hellwig * @mask: right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC) 258cb23beb5SChristoph Hellwig * 259cb23beb5SChristoph Hellwig * Used to check for read/write/execute permissions on an inode. 260cb23beb5SChristoph Hellwig * We use "fsuid" for this, letting us set arbitrary permissions 261cb23beb5SChristoph Hellwig * for filesystem access without changing the "normal" uids which 262cb23beb5SChristoph Hellwig * are used for other things. 263cb23beb5SChristoph Hellwig */ 264f419a2e3SAl Viro int inode_permission(struct inode *inode, int mask) 2651da177e4SLinus Torvalds { 266e6305c43SAl Viro int retval; 2671da177e4SLinus Torvalds 2681da177e4SLinus Torvalds if (mask & MAY_WRITE) { 26922590e41SMiklos Szeredi umode_t mode = inode->i_mode; 2701da177e4SLinus Torvalds 2711da177e4SLinus Torvalds /* 2721da177e4SLinus Torvalds * Nobody gets write access to a read-only fs. 2731da177e4SLinus Torvalds */ 2741da177e4SLinus Torvalds if (IS_RDONLY(inode) && 2751da177e4SLinus Torvalds (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode))) 2761da177e4SLinus Torvalds return -EROFS; 2771da177e4SLinus Torvalds 2781da177e4SLinus Torvalds /* 2791da177e4SLinus Torvalds * Nobody gets write access to an immutable file. 2801da177e4SLinus Torvalds */ 2811da177e4SLinus Torvalds if (IS_IMMUTABLE(inode)) 2821da177e4SLinus Torvalds return -EACCES; 2831da177e4SLinus Torvalds } 2841da177e4SLinus Torvalds 285acfa4380SAl Viro if (inode->i_op->permission) 286b74c79e9SNick Piggin retval = inode->i_op->permission(inode, mask, 0); 287f696a365SMiklos Szeredi else 288b74c79e9SNick Piggin retval = generic_permission(inode, mask, 0, 289b74c79e9SNick Piggin inode->i_op->check_acl); 290f696a365SMiklos Szeredi 2911da177e4SLinus Torvalds if (retval) 2921da177e4SLinus Torvalds return retval; 2931da177e4SLinus Torvalds 29408ce5f16SSerge E. Hallyn retval = devcgroup_inode_permission(inode, mask); 29508ce5f16SSerge E. Hallyn if (retval) 29608ce5f16SSerge E. Hallyn return retval; 29708ce5f16SSerge E. Hallyn 298d09ca739SEric Paris return security_inode_permission(inode, mask); 2991da177e4SLinus Torvalds } 3001da177e4SLinus Torvalds 301e4543eddSChristoph Hellwig /** 3028c744fb8SChristoph Hellwig * file_permission - check for additional access rights to a given file 3038c744fb8SChristoph Hellwig * @file: file to check access rights for 3048c744fb8SChristoph Hellwig * @mask: right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC) 3058c744fb8SChristoph Hellwig * 3068c744fb8SChristoph Hellwig * Used to check for read/write/execute permissions on an already opened 3078c744fb8SChristoph Hellwig * file. 3088c744fb8SChristoph Hellwig * 3098c744fb8SChristoph Hellwig * Note: 3108c744fb8SChristoph Hellwig * Do not use this function in new code. All access checks should 311cb23beb5SChristoph Hellwig * be done using inode_permission(). 3128c744fb8SChristoph Hellwig */ 3138c744fb8SChristoph Hellwig int file_permission(struct file *file, int mask) 3148c744fb8SChristoph Hellwig { 315f419a2e3SAl Viro return inode_permission(file->f_path.dentry->d_inode, mask); 3168c744fb8SChristoph Hellwig } 3178c744fb8SChristoph Hellwig 3181da177e4SLinus Torvalds /* 3191da177e4SLinus Torvalds * get_write_access() gets write permission for a file. 3201da177e4SLinus Torvalds * put_write_access() releases this write permission. 3211da177e4SLinus Torvalds * This is used for regular files. 3221da177e4SLinus Torvalds * We cannot support write (and maybe mmap read-write shared) accesses and 3231da177e4SLinus Torvalds * MAP_DENYWRITE mmappings simultaneously. The i_writecount field of an inode 3241da177e4SLinus Torvalds * can have the following values: 3251da177e4SLinus Torvalds * 0: no writers, no VM_DENYWRITE mappings 3261da177e4SLinus Torvalds * < 0: (-i_writecount) vm_area_structs with VM_DENYWRITE set exist 3271da177e4SLinus Torvalds * > 0: (i_writecount) users are writing to the file. 3281da177e4SLinus Torvalds * 3291da177e4SLinus Torvalds * Normally we operate on that counter with atomic_{inc,dec} and it's safe 3301da177e4SLinus Torvalds * except for the cases where we don't hold i_writecount yet. Then we need to 3311da177e4SLinus Torvalds * use {get,deny}_write_access() - these functions check the sign and refuse 3321da177e4SLinus Torvalds * to do the change if sign is wrong. Exclusion between them is provided by 3331da177e4SLinus Torvalds * the inode->i_lock spinlock. 3341da177e4SLinus Torvalds */ 3351da177e4SLinus Torvalds 3361da177e4SLinus Torvalds int get_write_access(struct inode * inode) 3371da177e4SLinus Torvalds { 3381da177e4SLinus Torvalds spin_lock(&inode->i_lock); 3391da177e4SLinus Torvalds if (atomic_read(&inode->i_writecount) < 0) { 3401da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 3411da177e4SLinus Torvalds return -ETXTBSY; 3421da177e4SLinus Torvalds } 3431da177e4SLinus Torvalds atomic_inc(&inode->i_writecount); 3441da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 3451da177e4SLinus Torvalds 3461da177e4SLinus Torvalds return 0; 3471da177e4SLinus Torvalds } 3481da177e4SLinus Torvalds 3491da177e4SLinus Torvalds int deny_write_access(struct file * file) 3501da177e4SLinus Torvalds { 3510f7fc9e4SJosef "Jeff" Sipek struct inode *inode = file->f_path.dentry->d_inode; 3521da177e4SLinus Torvalds 3531da177e4SLinus Torvalds spin_lock(&inode->i_lock); 3541da177e4SLinus Torvalds if (atomic_read(&inode->i_writecount) > 0) { 3551da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 3561da177e4SLinus Torvalds return -ETXTBSY; 3571da177e4SLinus Torvalds } 3581da177e4SLinus Torvalds atomic_dec(&inode->i_writecount); 3591da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 3601da177e4SLinus Torvalds 3611da177e4SLinus Torvalds return 0; 3621da177e4SLinus Torvalds } 3631da177e4SLinus Torvalds 3641d957f9bSJan Blunck /** 3655dd784d0SJan Blunck * path_get - get a reference to a path 3665dd784d0SJan Blunck * @path: path to get the reference to 3675dd784d0SJan Blunck * 3685dd784d0SJan Blunck * Given a path increment the reference count to the dentry and the vfsmount. 3695dd784d0SJan Blunck */ 3705dd784d0SJan Blunck void path_get(struct path *path) 3715dd784d0SJan Blunck { 3725dd784d0SJan Blunck mntget(path->mnt); 3735dd784d0SJan Blunck dget(path->dentry); 3745dd784d0SJan Blunck } 3755dd784d0SJan Blunck EXPORT_SYMBOL(path_get); 3765dd784d0SJan Blunck 3775dd784d0SJan Blunck /** 3781d957f9bSJan Blunck * path_put - put a reference to a path 3791d957f9bSJan Blunck * @path: path to put the reference to 3801d957f9bSJan Blunck * 3811d957f9bSJan Blunck * Given a path decrement the reference count to the dentry and the vfsmount. 3821d957f9bSJan Blunck */ 3831d957f9bSJan Blunck void path_put(struct path *path) 3841da177e4SLinus Torvalds { 3851d957f9bSJan Blunck dput(path->dentry); 3861d957f9bSJan Blunck mntput(path->mnt); 3871da177e4SLinus Torvalds } 3881d957f9bSJan Blunck EXPORT_SYMBOL(path_put); 3891da177e4SLinus Torvalds 390834f2a4aSTrond Myklebust /** 39131e6b01fSNick Piggin * nameidata_drop_rcu - drop this nameidata out of rcu-walk 39231e6b01fSNick Piggin * @nd: nameidata pathwalk data to drop 39339191628SRandy Dunlap * Returns: 0 on success, -ECHILD on failure 39431e6b01fSNick Piggin * 39531e6b01fSNick Piggin * Path walking has 2 modes, rcu-walk and ref-walk (see 39631e6b01fSNick Piggin * Documentation/filesystems/path-lookup.txt). __drop_rcu* functions attempt 39731e6b01fSNick Piggin * to drop out of rcu-walk mode and take normal reference counts on dentries 39831e6b01fSNick Piggin * and vfsmounts to transition to rcu-walk mode. __drop_rcu* functions take 39931e6b01fSNick Piggin * refcounts at the last known good point before rcu-walk got stuck, so 40031e6b01fSNick Piggin * ref-walk may continue from there. If this is not successful (eg. a seqcount 40131e6b01fSNick Piggin * has changed), then failure is returned and path walk restarts from the 40231e6b01fSNick Piggin * beginning in ref-walk mode. 40331e6b01fSNick Piggin * 40431e6b01fSNick Piggin * nameidata_drop_rcu attempts to drop the current nd->path and nd->root into 40531e6b01fSNick Piggin * ref-walk. Must be called from rcu-walk context. 40631e6b01fSNick Piggin */ 40731e6b01fSNick Piggin static int nameidata_drop_rcu(struct nameidata *nd) 40831e6b01fSNick Piggin { 40931e6b01fSNick Piggin struct fs_struct *fs = current->fs; 41031e6b01fSNick Piggin struct dentry *dentry = nd->path.dentry; 4115b6ca027SAl Viro int want_root = 0; 41231e6b01fSNick Piggin 41331e6b01fSNick Piggin BUG_ON(!(nd->flags & LOOKUP_RCU)); 4145b6ca027SAl Viro if (nd->root.mnt && !(nd->flags & LOOKUP_ROOT)) { 4155b6ca027SAl Viro want_root = 1; 41631e6b01fSNick Piggin spin_lock(&fs->lock); 41731e6b01fSNick Piggin if (nd->root.mnt != fs->root.mnt || 41831e6b01fSNick Piggin nd->root.dentry != fs->root.dentry) 41931e6b01fSNick Piggin goto err_root; 42031e6b01fSNick Piggin } 42131e6b01fSNick Piggin spin_lock(&dentry->d_lock); 42231e6b01fSNick Piggin if (!__d_rcu_to_refcount(dentry, nd->seq)) 42331e6b01fSNick Piggin goto err; 42431e6b01fSNick Piggin BUG_ON(nd->inode != dentry->d_inode); 42531e6b01fSNick Piggin spin_unlock(&dentry->d_lock); 4265b6ca027SAl Viro if (want_root) { 42731e6b01fSNick Piggin path_get(&nd->root); 42831e6b01fSNick Piggin spin_unlock(&fs->lock); 42931e6b01fSNick Piggin } 43031e6b01fSNick Piggin mntget(nd->path.mnt); 43131e6b01fSNick Piggin 43231e6b01fSNick Piggin rcu_read_unlock(); 43331e6b01fSNick Piggin br_read_unlock(vfsmount_lock); 43431e6b01fSNick Piggin nd->flags &= ~LOOKUP_RCU; 43531e6b01fSNick Piggin return 0; 43631e6b01fSNick Piggin err: 43731e6b01fSNick Piggin spin_unlock(&dentry->d_lock); 43831e6b01fSNick Piggin err_root: 4395b6ca027SAl Viro if (want_root) 44031e6b01fSNick Piggin spin_unlock(&fs->lock); 44131e6b01fSNick Piggin return -ECHILD; 44231e6b01fSNick Piggin } 44331e6b01fSNick Piggin 44431e6b01fSNick Piggin /* Try to drop out of rcu-walk mode if we were in it, otherwise do nothing. */ 44531e6b01fSNick Piggin static inline int nameidata_drop_rcu_maybe(struct nameidata *nd) 44631e6b01fSNick Piggin { 44731e6b01fSNick Piggin if (nd->flags & LOOKUP_RCU) 44831e6b01fSNick Piggin return nameidata_drop_rcu(nd); 44931e6b01fSNick Piggin return 0; 45031e6b01fSNick Piggin } 45131e6b01fSNick Piggin 45231e6b01fSNick Piggin /** 45331e6b01fSNick Piggin * nameidata_dentry_drop_rcu - drop nameidata and dentry out of rcu-walk 45431e6b01fSNick Piggin * @nd: nameidata pathwalk data to drop 45531e6b01fSNick Piggin * @dentry: dentry to drop 45639191628SRandy Dunlap * Returns: 0 on success, -ECHILD on failure 45731e6b01fSNick Piggin * 45831e6b01fSNick Piggin * nameidata_dentry_drop_rcu attempts to drop the current nd->path and nd->root, 45931e6b01fSNick Piggin * and dentry into ref-walk. @dentry must be a path found by a do_lookup call on 46031e6b01fSNick Piggin * @nd. Must be called from rcu-walk context. 46131e6b01fSNick Piggin */ 46231e6b01fSNick Piggin static int nameidata_dentry_drop_rcu(struct nameidata *nd, struct dentry *dentry) 46331e6b01fSNick Piggin { 46431e6b01fSNick Piggin struct fs_struct *fs = current->fs; 46531e6b01fSNick Piggin struct dentry *parent = nd->path.dentry; 4665b6ca027SAl Viro int want_root = 0; 46731e6b01fSNick Piggin 46831e6b01fSNick Piggin BUG_ON(!(nd->flags & LOOKUP_RCU)); 4695b6ca027SAl Viro if (nd->root.mnt && !(nd->flags & LOOKUP_ROOT)) { 4705b6ca027SAl Viro want_root = 1; 47131e6b01fSNick Piggin spin_lock(&fs->lock); 47231e6b01fSNick Piggin if (nd->root.mnt != fs->root.mnt || 47331e6b01fSNick Piggin nd->root.dentry != fs->root.dentry) 47431e6b01fSNick Piggin goto err_root; 47531e6b01fSNick Piggin } 47631e6b01fSNick Piggin spin_lock(&parent->d_lock); 47731e6b01fSNick Piggin spin_lock_nested(&dentry->d_lock, DENTRY_D_LOCK_NESTED); 47831e6b01fSNick Piggin if (!__d_rcu_to_refcount(dentry, nd->seq)) 47931e6b01fSNick Piggin goto err; 48031e6b01fSNick Piggin /* 48131e6b01fSNick Piggin * If the sequence check on the child dentry passed, then the child has 48231e6b01fSNick Piggin * not been removed from its parent. This means the parent dentry must 48331e6b01fSNick Piggin * be valid and able to take a reference at this point. 48431e6b01fSNick Piggin */ 48531e6b01fSNick Piggin BUG_ON(!IS_ROOT(dentry) && dentry->d_parent != parent); 48631e6b01fSNick Piggin BUG_ON(!parent->d_count); 48731e6b01fSNick Piggin parent->d_count++; 48831e6b01fSNick Piggin spin_unlock(&dentry->d_lock); 48931e6b01fSNick Piggin spin_unlock(&parent->d_lock); 4905b6ca027SAl Viro if (want_root) { 49131e6b01fSNick Piggin path_get(&nd->root); 49231e6b01fSNick Piggin spin_unlock(&fs->lock); 49331e6b01fSNick Piggin } 49431e6b01fSNick Piggin mntget(nd->path.mnt); 49531e6b01fSNick Piggin 49631e6b01fSNick Piggin rcu_read_unlock(); 49731e6b01fSNick Piggin br_read_unlock(vfsmount_lock); 49831e6b01fSNick Piggin nd->flags &= ~LOOKUP_RCU; 49931e6b01fSNick Piggin return 0; 50031e6b01fSNick Piggin err: 50131e6b01fSNick Piggin spin_unlock(&dentry->d_lock); 50231e6b01fSNick Piggin spin_unlock(&parent->d_lock); 50331e6b01fSNick Piggin err_root: 5045b6ca027SAl Viro if (want_root) 50531e6b01fSNick Piggin spin_unlock(&fs->lock); 50631e6b01fSNick Piggin return -ECHILD; 50731e6b01fSNick Piggin } 50831e6b01fSNick Piggin 50931e6b01fSNick Piggin /* Try to drop out of rcu-walk mode if we were in it, otherwise do nothing. */ 51031e6b01fSNick Piggin static inline int nameidata_dentry_drop_rcu_maybe(struct nameidata *nd, struct dentry *dentry) 51131e6b01fSNick Piggin { 512a7472babSAl Viro if (nd->flags & LOOKUP_RCU) { 513a7472babSAl Viro if (unlikely(nameidata_dentry_drop_rcu(nd, dentry))) { 514a7472babSAl Viro nd->flags &= ~LOOKUP_RCU; 5155b6ca027SAl Viro if (!(nd->flags & LOOKUP_ROOT)) 516a7472babSAl Viro nd->root.mnt = NULL; 517a7472babSAl Viro rcu_read_unlock(); 518a7472babSAl Viro br_read_unlock(vfsmount_lock); 519a7472babSAl Viro return -ECHILD; 520a7472babSAl Viro } 521a7472babSAl Viro } 52231e6b01fSNick Piggin return 0; 52331e6b01fSNick Piggin } 52431e6b01fSNick Piggin 52531e6b01fSNick Piggin /** 52631e6b01fSNick Piggin * nameidata_drop_rcu_last - drop nameidata ending path walk out of rcu-walk 52731e6b01fSNick Piggin * @nd: nameidata pathwalk data to drop 52839191628SRandy Dunlap * Returns: 0 on success, -ECHILD on failure 52931e6b01fSNick Piggin * 53031e6b01fSNick Piggin * nameidata_drop_rcu_last attempts to drop the current nd->path into ref-walk. 53131e6b01fSNick Piggin * nd->path should be the final element of the lookup, so nd->root is discarded. 53231e6b01fSNick Piggin * Must be called from rcu-walk context. 53331e6b01fSNick Piggin */ 53431e6b01fSNick Piggin static int nameidata_drop_rcu_last(struct nameidata *nd) 53531e6b01fSNick Piggin { 53631e6b01fSNick Piggin struct dentry *dentry = nd->path.dentry; 53731e6b01fSNick Piggin 53831e6b01fSNick Piggin BUG_ON(!(nd->flags & LOOKUP_RCU)); 53931e6b01fSNick Piggin nd->flags &= ~LOOKUP_RCU; 5405b6ca027SAl Viro if (!(nd->flags & LOOKUP_ROOT)) 54131e6b01fSNick Piggin nd->root.mnt = NULL; 54231e6b01fSNick Piggin spin_lock(&dentry->d_lock); 54331e6b01fSNick Piggin if (!__d_rcu_to_refcount(dentry, nd->seq)) 54431e6b01fSNick Piggin goto err_unlock; 54531e6b01fSNick Piggin BUG_ON(nd->inode != dentry->d_inode); 54631e6b01fSNick Piggin spin_unlock(&dentry->d_lock); 54731e6b01fSNick Piggin 54831e6b01fSNick Piggin mntget(nd->path.mnt); 54931e6b01fSNick Piggin 55031e6b01fSNick Piggin rcu_read_unlock(); 55131e6b01fSNick Piggin br_read_unlock(vfsmount_lock); 55231e6b01fSNick Piggin 55331e6b01fSNick Piggin return 0; 55431e6b01fSNick Piggin 55531e6b01fSNick Piggin err_unlock: 55631e6b01fSNick Piggin spin_unlock(&dentry->d_lock); 55731e6b01fSNick Piggin rcu_read_unlock(); 55831e6b01fSNick Piggin br_read_unlock(vfsmount_lock); 55931e6b01fSNick Piggin return -ECHILD; 56031e6b01fSNick Piggin } 56131e6b01fSNick Piggin 56231e6b01fSNick Piggin /** 563834f2a4aSTrond Myklebust * release_open_intent - free up open intent resources 564834f2a4aSTrond Myklebust * @nd: pointer to nameidata 565834f2a4aSTrond Myklebust */ 566834f2a4aSTrond Myklebust void release_open_intent(struct nameidata *nd) 567834f2a4aSTrond Myklebust { 5682dab5974SLinus Torvalds struct file *file = nd->intent.open.file; 5692dab5974SLinus Torvalds 5702dab5974SLinus Torvalds if (file && !IS_ERR(file)) { 5712dab5974SLinus Torvalds if (file->f_path.dentry == NULL) 5722dab5974SLinus Torvalds put_filp(file); 573834f2a4aSTrond Myklebust else 5742dab5974SLinus Torvalds fput(file); 5752dab5974SLinus Torvalds } 576834f2a4aSTrond Myklebust } 577834f2a4aSTrond Myklebust 578f60aef7eSAl Viro static inline int d_revalidate(struct dentry *dentry, struct nameidata *nd) 57934286d66SNick Piggin { 580f60aef7eSAl Viro return dentry->d_op->d_revalidate(dentry, nd); 58134286d66SNick Piggin } 58234286d66SNick Piggin 583f5e1c1c1SAl Viro static struct dentry * 584bcdc5e01SIan Kent do_revalidate(struct dentry *dentry, struct nameidata *nd) 585bcdc5e01SIan Kent { 586f5e1c1c1SAl Viro int status = d_revalidate(dentry, nd); 587bcdc5e01SIan Kent if (unlikely(status <= 0)) { 588bcdc5e01SIan Kent /* 589bcdc5e01SIan Kent * The dentry failed validation. 590bcdc5e01SIan Kent * If d_revalidate returned 0 attempt to invalidate 591bcdc5e01SIan Kent * the dentry otherwise d_revalidate is asking us 592bcdc5e01SIan Kent * to return a fail status. 593bcdc5e01SIan Kent */ 59434286d66SNick Piggin if (status < 0) { 59534286d66SNick Piggin dput(dentry); 59634286d66SNick Piggin dentry = ERR_PTR(status); 597f5e1c1c1SAl Viro } else if (!d_invalidate(dentry)) { 598bcdc5e01SIan Kent dput(dentry); 599bcdc5e01SIan Kent dentry = NULL; 600bcdc5e01SIan Kent } 601bcdc5e01SIan Kent } 602f5e1c1c1SAl Viro return dentry; 603f5e1c1c1SAl Viro } 604f5e1c1c1SAl Viro 6051da177e4SLinus Torvalds /* 60616c2cd71SAl Viro * handle_reval_path - force revalidation of a dentry 60739159de2SJeff Layton * 60839159de2SJeff Layton * In some situations the path walking code will trust dentries without 60939159de2SJeff Layton * revalidating them. This causes problems for filesystems that depend on 61039159de2SJeff Layton * d_revalidate to handle file opens (e.g. NFSv4). When FS_REVAL_DOT is set 61139159de2SJeff Layton * (which indicates that it's possible for the dentry to go stale), force 61239159de2SJeff Layton * a d_revalidate call before proceeding. 61339159de2SJeff Layton * 61439159de2SJeff Layton * Returns 0 if the revalidation was successful. If the revalidation fails, 61539159de2SJeff Layton * either return the error returned by d_revalidate or -ESTALE if the 61639159de2SJeff Layton * revalidation it just returned 0. If d_revalidate returns 0, we attempt to 61739159de2SJeff Layton * invalidate the dentry. It's up to the caller to handle putting references 61839159de2SJeff Layton * to the path if necessary. 61939159de2SJeff Layton */ 62016c2cd71SAl Viro static inline int handle_reval_path(struct nameidata *nd) 62139159de2SJeff Layton { 62216c2cd71SAl Viro struct dentry *dentry = nd->path.dentry; 62339159de2SJeff Layton int status; 62439159de2SJeff Layton 62516c2cd71SAl Viro if (likely(!(nd->flags & LOOKUP_JUMPED))) 62639159de2SJeff Layton return 0; 62739159de2SJeff Layton 62816c2cd71SAl Viro if (likely(!(dentry->d_flags & DCACHE_OP_REVALIDATE))) 62916c2cd71SAl Viro return 0; 63016c2cd71SAl Viro 63116c2cd71SAl Viro if (likely(!(dentry->d_sb->s_type->fs_flags & FS_REVAL_DOT))) 63216c2cd71SAl Viro return 0; 63316c2cd71SAl Viro 63416c2cd71SAl Viro /* Note: we do not d_invalidate() */ 63534286d66SNick Piggin status = d_revalidate(dentry, nd); 63639159de2SJeff Layton if (status > 0) 63739159de2SJeff Layton return 0; 63839159de2SJeff Layton 63916c2cd71SAl Viro if (!status) 64039159de2SJeff Layton status = -ESTALE; 64116c2cd71SAl Viro 64239159de2SJeff Layton return status; 64339159de2SJeff Layton } 64439159de2SJeff Layton 64539159de2SJeff Layton /* 646b75b5086SAl Viro * Short-cut version of permission(), for calling on directories 647b75b5086SAl Viro * during pathname resolution. Combines parts of permission() 648b75b5086SAl Viro * and generic_permission(), and tests ONLY for MAY_EXEC permission. 6491da177e4SLinus Torvalds * 6501da177e4SLinus Torvalds * If appropriate, check DAC only. If not appropriate, or 651b75b5086SAl Viro * short-cut DAC fails, then call ->permission() to do more 6521da177e4SLinus Torvalds * complete permission check. 6531da177e4SLinus Torvalds */ 654b74c79e9SNick Piggin static inline int exec_permission(struct inode *inode, unsigned int flags) 6551da177e4SLinus Torvalds { 6565909ccaaSLinus Torvalds int ret; 6571da177e4SLinus Torvalds 658cb9179eaSLinus Torvalds if (inode->i_op->permission) { 659b74c79e9SNick Piggin ret = inode->i_op->permission(inode, MAY_EXEC, flags); 660b74c79e9SNick Piggin } else { 661b74c79e9SNick Piggin ret = acl_permission_check(inode, MAY_EXEC, flags, 662b74c79e9SNick Piggin inode->i_op->check_acl); 663cb9179eaSLinus Torvalds } 664b74c79e9SNick Piggin if (likely(!ret)) 6651da177e4SLinus Torvalds goto ok; 666b74c79e9SNick Piggin if (ret == -ECHILD) 66731e6b01fSNick Piggin return ret; 6681da177e4SLinus Torvalds 669f1ac9f6bSLinus Torvalds if (capable(CAP_DAC_OVERRIDE) || capable(CAP_DAC_READ_SEARCH)) 6701da177e4SLinus Torvalds goto ok; 6711da177e4SLinus Torvalds 6725909ccaaSLinus Torvalds return ret; 6731da177e4SLinus Torvalds ok: 674b74c79e9SNick Piggin return security_inode_exec_permission(inode, flags); 6751da177e4SLinus Torvalds } 6761da177e4SLinus Torvalds 6772a737871SAl Viro static __always_inline void set_root(struct nameidata *nd) 6782a737871SAl Viro { 679f7ad3c6bSMiklos Szeredi if (!nd->root.mnt) 680f7ad3c6bSMiklos Szeredi get_fs_root(current->fs, &nd->root); 6812a737871SAl Viro } 6822a737871SAl Viro 6836de88d72SAl Viro static int link_path_walk(const char *, struct nameidata *); 6846de88d72SAl Viro 68531e6b01fSNick Piggin static __always_inline void set_root_rcu(struct nameidata *nd) 68631e6b01fSNick Piggin { 68731e6b01fSNick Piggin if (!nd->root.mnt) { 68831e6b01fSNick Piggin struct fs_struct *fs = current->fs; 689c28cc364SNick Piggin unsigned seq; 690c28cc364SNick Piggin 691c28cc364SNick Piggin do { 692c28cc364SNick Piggin seq = read_seqcount_begin(&fs->seq); 69331e6b01fSNick Piggin nd->root = fs->root; 694c28cc364SNick Piggin } while (read_seqcount_retry(&fs->seq, seq)); 69531e6b01fSNick Piggin } 69631e6b01fSNick Piggin } 69731e6b01fSNick Piggin 698f1662356SArjan van de Ven static __always_inline int __vfs_follow_link(struct nameidata *nd, const char *link) 6991da177e4SLinus Torvalds { 70031e6b01fSNick Piggin int ret; 70131e6b01fSNick Piggin 7021da177e4SLinus Torvalds if (IS_ERR(link)) 7031da177e4SLinus Torvalds goto fail; 7041da177e4SLinus Torvalds 7051da177e4SLinus Torvalds if (*link == '/') { 7062a737871SAl Viro set_root(nd); 7071d957f9bSJan Blunck path_put(&nd->path); 7082a737871SAl Viro nd->path = nd->root; 7092a737871SAl Viro path_get(&nd->root); 71016c2cd71SAl Viro nd->flags |= LOOKUP_JUMPED; 7111da177e4SLinus Torvalds } 71231e6b01fSNick Piggin nd->inode = nd->path.dentry->d_inode; 713b4091d5fSChristoph Hellwig 71431e6b01fSNick Piggin ret = link_path_walk(link, nd); 71531e6b01fSNick Piggin return ret; 7161da177e4SLinus Torvalds fail: 7171d957f9bSJan Blunck path_put(&nd->path); 7181da177e4SLinus Torvalds return PTR_ERR(link); 7191da177e4SLinus Torvalds } 7201da177e4SLinus Torvalds 7211d957f9bSJan Blunck static void path_put_conditional(struct path *path, struct nameidata *nd) 722051d3812SIan Kent { 723051d3812SIan Kent dput(path->dentry); 7244ac91378SJan Blunck if (path->mnt != nd->path.mnt) 725051d3812SIan Kent mntput(path->mnt); 726051d3812SIan Kent } 727051d3812SIan Kent 7287b9337aaSNick Piggin static inline void path_to_nameidata(const struct path *path, 7297b9337aaSNick Piggin struct nameidata *nd) 730051d3812SIan Kent { 73131e6b01fSNick Piggin if (!(nd->flags & LOOKUP_RCU)) { 7324ac91378SJan Blunck dput(nd->path.dentry); 73331e6b01fSNick Piggin if (nd->path.mnt != path->mnt) 7344ac91378SJan Blunck mntput(nd->path.mnt); 7359a229683SHuang Shijie } 73631e6b01fSNick Piggin nd->path.mnt = path->mnt; 7374ac91378SJan Blunck nd->path.dentry = path->dentry; 738051d3812SIan Kent } 739051d3812SIan Kent 740def4af30SAl Viro static __always_inline int 7417b9337aaSNick Piggin __do_follow_link(const struct path *link, struct nameidata *nd, void **p) 7421da177e4SLinus Torvalds { 7431da177e4SLinus Torvalds int error; 7447b9337aaSNick Piggin struct dentry *dentry = link->dentry; 7451da177e4SLinus Torvalds 746844a3917SAl Viro BUG_ON(nd->flags & LOOKUP_RCU); 747844a3917SAl Viro 7487b9337aaSNick Piggin touch_atime(link->mnt, dentry); 7491da177e4SLinus Torvalds nd_set_link(nd, NULL); 750cd4e91d3SAl Viro 75187556ef1SDavid Howells if (link->mnt == nd->path.mnt) 7527b9337aaSNick Piggin mntget(link->mnt); 75331e6b01fSNick Piggin 75436f3b4f6SAl Viro error = security_inode_follow_link(link->dentry, nd); 75536f3b4f6SAl Viro if (error) { 75636f3b4f6SAl Viro *p = ERR_PTR(error); /* no ->put_link(), please */ 75736f3b4f6SAl Viro path_put(&nd->path); 75836f3b4f6SAl Viro return error; 75936f3b4f6SAl Viro } 76036f3b4f6SAl Viro 76186acdca1SAl Viro nd->last_type = LAST_BIND; 762def4af30SAl Viro *p = dentry->d_inode->i_op->follow_link(dentry, nd); 763def4af30SAl Viro error = PTR_ERR(*p); 764def4af30SAl Viro if (!IS_ERR(*p)) { 7651da177e4SLinus Torvalds char *s = nd_get_link(nd); 766cc314eefSLinus Torvalds error = 0; 7671da177e4SLinus Torvalds if (s) 7681da177e4SLinus Torvalds error = __vfs_follow_link(nd, s); 769bcda7652SAl Viro else if (nd->last_type == LAST_BIND) { 77016c2cd71SAl Viro nd->flags |= LOOKUP_JUMPED; 771b21041d0SAl Viro nd->inode = nd->path.dentry->d_inode; 772b21041d0SAl Viro if (nd->inode->i_op->follow_link) { 773bcda7652SAl Viro /* stepped on a _really_ weird one */ 774bcda7652SAl Viro path_put(&nd->path); 775bcda7652SAl Viro error = -ELOOP; 776bcda7652SAl Viro } 777bcda7652SAl Viro } 7781da177e4SLinus Torvalds } 7791da177e4SLinus Torvalds return error; 7801da177e4SLinus Torvalds } 7811da177e4SLinus Torvalds 7821da177e4SLinus Torvalds /* 7831da177e4SLinus Torvalds * This limits recursive symlink follows to 8, while 7841da177e4SLinus Torvalds * limiting consecutive symlinks to 40. 7851da177e4SLinus Torvalds * 7861da177e4SLinus Torvalds * Without that kind of total limit, nasty chains of consecutive 7871da177e4SLinus Torvalds * symlinks can cause almost arbitrarily long lookups. 7881da177e4SLinus Torvalds */ 789ce57dfc1SAl Viro static inline int do_follow_link(struct path *path, struct nameidata *nd) 7901da177e4SLinus Torvalds { 791def4af30SAl Viro void *cookie; 7921da177e4SLinus Torvalds int err = -ELOOP; 793844a3917SAl Viro 7941da177e4SLinus Torvalds if (current->link_count >= MAX_NESTED_LINKS) 7951da177e4SLinus Torvalds goto loop; 7961da177e4SLinus Torvalds if (current->total_link_count >= 40) 7971da177e4SLinus Torvalds goto loop; 7981da177e4SLinus Torvalds BUG_ON(nd->depth >= MAX_NESTED_LINKS); 7991da177e4SLinus Torvalds cond_resched(); 8001da177e4SLinus Torvalds current->link_count++; 8011da177e4SLinus Torvalds current->total_link_count++; 8021da177e4SLinus Torvalds nd->depth++; 803def4af30SAl Viro err = __do_follow_link(path, nd, &cookie); 804def4af30SAl Viro if (!IS_ERR(cookie) && path->dentry->d_inode->i_op->put_link) 805def4af30SAl Viro path->dentry->d_inode->i_op->put_link(path->dentry, nd, cookie); 806258fa999SAl Viro path_put(path); 8071da177e4SLinus Torvalds current->link_count--; 8081da177e4SLinus Torvalds nd->depth--; 8091da177e4SLinus Torvalds return err; 8101da177e4SLinus Torvalds loop: 8111d957f9bSJan Blunck path_put_conditional(path, nd); 8121d957f9bSJan Blunck path_put(&nd->path); 8131da177e4SLinus Torvalds return err; 8141da177e4SLinus Torvalds } 8151da177e4SLinus Torvalds 81631e6b01fSNick Piggin static int follow_up_rcu(struct path *path) 81731e6b01fSNick Piggin { 81831e6b01fSNick Piggin struct vfsmount *parent; 81931e6b01fSNick Piggin struct dentry *mountpoint; 82031e6b01fSNick Piggin 82131e6b01fSNick Piggin parent = path->mnt->mnt_parent; 82231e6b01fSNick Piggin if (parent == path->mnt) 82331e6b01fSNick Piggin return 0; 82431e6b01fSNick Piggin mountpoint = path->mnt->mnt_mountpoint; 82531e6b01fSNick Piggin path->dentry = mountpoint; 82631e6b01fSNick Piggin path->mnt = parent; 82731e6b01fSNick Piggin return 1; 82831e6b01fSNick Piggin } 82931e6b01fSNick Piggin 830bab77ebfSAl Viro int follow_up(struct path *path) 8311da177e4SLinus Torvalds { 8321da177e4SLinus Torvalds struct vfsmount *parent; 8331da177e4SLinus Torvalds struct dentry *mountpoint; 83499b7db7bSNick Piggin 83599b7db7bSNick Piggin br_read_lock(vfsmount_lock); 836bab77ebfSAl Viro parent = path->mnt->mnt_parent; 837bab77ebfSAl Viro if (parent == path->mnt) { 83899b7db7bSNick Piggin br_read_unlock(vfsmount_lock); 8391da177e4SLinus Torvalds return 0; 8401da177e4SLinus Torvalds } 8411da177e4SLinus Torvalds mntget(parent); 842bab77ebfSAl Viro mountpoint = dget(path->mnt->mnt_mountpoint); 84399b7db7bSNick Piggin br_read_unlock(vfsmount_lock); 844bab77ebfSAl Viro dput(path->dentry); 845bab77ebfSAl Viro path->dentry = mountpoint; 846bab77ebfSAl Viro mntput(path->mnt); 847bab77ebfSAl Viro path->mnt = parent; 8481da177e4SLinus Torvalds return 1; 8491da177e4SLinus Torvalds } 8501da177e4SLinus Torvalds 851b5c84bf6SNick Piggin /* 8529875cf80SDavid Howells * Perform an automount 8539875cf80SDavid Howells * - return -EISDIR to tell follow_managed() to stop and return the path we 8549875cf80SDavid Howells * were called with. 8551da177e4SLinus Torvalds */ 8569875cf80SDavid Howells static int follow_automount(struct path *path, unsigned flags, 8579875cf80SDavid Howells bool *need_mntput) 85831e6b01fSNick Piggin { 8599875cf80SDavid Howells struct vfsmount *mnt; 860ea5b778aSDavid Howells int err; 8619875cf80SDavid Howells 8629875cf80SDavid Howells if (!path->dentry->d_op || !path->dentry->d_op->d_automount) 8639875cf80SDavid Howells return -EREMOTE; 8649875cf80SDavid Howells 8656f45b656SDavid Howells /* We don't want to mount if someone supplied AT_NO_AUTOMOUNT 8666f45b656SDavid Howells * and this is the terminal part of the path. 8676f45b656SDavid Howells */ 8686f45b656SDavid Howells if ((flags & LOOKUP_NO_AUTOMOUNT) && !(flags & LOOKUP_CONTINUE)) 8696f45b656SDavid Howells return -EISDIR; /* we actually want to stop here */ 8706f45b656SDavid Howells 8719875cf80SDavid Howells /* We want to mount if someone is trying to open/create a file of any 8729875cf80SDavid Howells * type under the mountpoint, wants to traverse through the mountpoint 8739875cf80SDavid Howells * or wants to open the mounted directory. 8749875cf80SDavid Howells * 8759875cf80SDavid Howells * We don't want to mount if someone's just doing a stat and they've 8769875cf80SDavid Howells * set AT_SYMLINK_NOFOLLOW - unless they're stat'ing a directory and 8779875cf80SDavid Howells * appended a '/' to the name. 8789875cf80SDavid Howells */ 8799875cf80SDavid Howells if (!(flags & LOOKUP_FOLLOW) && 8809875cf80SDavid Howells !(flags & (LOOKUP_CONTINUE | LOOKUP_DIRECTORY | 8819875cf80SDavid Howells LOOKUP_OPEN | LOOKUP_CREATE))) 8829875cf80SDavid Howells return -EISDIR; 8839875cf80SDavid Howells 8849875cf80SDavid Howells current->total_link_count++; 8859875cf80SDavid Howells if (current->total_link_count >= 40) 8869875cf80SDavid Howells return -ELOOP; 8879875cf80SDavid Howells 8889875cf80SDavid Howells mnt = path->dentry->d_op->d_automount(path); 8899875cf80SDavid Howells if (IS_ERR(mnt)) { 8909875cf80SDavid Howells /* 8919875cf80SDavid Howells * The filesystem is allowed to return -EISDIR here to indicate 8929875cf80SDavid Howells * it doesn't want to automount. For instance, autofs would do 8939875cf80SDavid Howells * this so that its userspace daemon can mount on this dentry. 8949875cf80SDavid Howells * 8959875cf80SDavid Howells * However, we can only permit this if it's a terminal point in 8969875cf80SDavid Howells * the path being looked up; if it wasn't then the remainder of 8979875cf80SDavid Howells * the path is inaccessible and we should say so. 8989875cf80SDavid Howells */ 8999875cf80SDavid Howells if (PTR_ERR(mnt) == -EISDIR && (flags & LOOKUP_CONTINUE)) 9009875cf80SDavid Howells return -EREMOTE; 9019875cf80SDavid Howells return PTR_ERR(mnt); 90231e6b01fSNick Piggin } 903ea5b778aSDavid Howells 9049875cf80SDavid Howells if (!mnt) /* mount collision */ 9059875cf80SDavid Howells return 0; 9069875cf80SDavid Howells 90719a167afSAl Viro err = finish_automount(mnt, path); 908ea5b778aSDavid Howells 909ea5b778aSDavid Howells switch (err) { 910ea5b778aSDavid Howells case -EBUSY: 911ea5b778aSDavid Howells /* Someone else made a mount here whilst we were busy */ 91219a167afSAl Viro return 0; 913ea5b778aSDavid Howells case 0: 914463ffb2eSAl Viro dput(path->dentry); 9159875cf80SDavid Howells if (*need_mntput) 9169875cf80SDavid Howells mntput(path->mnt); 9179875cf80SDavid Howells path->mnt = mnt; 9189875cf80SDavid Howells path->dentry = dget(mnt->mnt_root); 9199875cf80SDavid Howells *need_mntput = true; 9209875cf80SDavid Howells return 0; 92119a167afSAl Viro default: 92219a167afSAl Viro return err; 9239875cf80SDavid Howells } 92419a167afSAl Viro 925ea5b778aSDavid Howells } 9269875cf80SDavid Howells 9279875cf80SDavid Howells /* 9289875cf80SDavid Howells * Handle a dentry that is managed in some way. 929cc53ce53SDavid Howells * - Flagged for transit management (autofs) 9309875cf80SDavid Howells * - Flagged as mountpoint 9319875cf80SDavid Howells * - Flagged as automount point 9329875cf80SDavid Howells * 9339875cf80SDavid Howells * This may only be called in refwalk mode. 9349875cf80SDavid Howells * 9359875cf80SDavid Howells * Serialization is taken care of in namespace.c 9369875cf80SDavid Howells */ 9379875cf80SDavid Howells static int follow_managed(struct path *path, unsigned flags) 9389875cf80SDavid Howells { 9399875cf80SDavid Howells unsigned managed; 9409875cf80SDavid Howells bool need_mntput = false; 9419875cf80SDavid Howells int ret; 9429875cf80SDavid Howells 9439875cf80SDavid Howells /* Given that we're not holding a lock here, we retain the value in a 9449875cf80SDavid Howells * local variable for each dentry as we look at it so that we don't see 9459875cf80SDavid Howells * the components of that value change under us */ 9469875cf80SDavid Howells while (managed = ACCESS_ONCE(path->dentry->d_flags), 9479875cf80SDavid Howells managed &= DCACHE_MANAGED_DENTRY, 9489875cf80SDavid Howells unlikely(managed != 0)) { 949cc53ce53SDavid Howells /* Allow the filesystem to manage the transit without i_mutex 950cc53ce53SDavid Howells * being held. */ 951cc53ce53SDavid Howells if (managed & DCACHE_MANAGE_TRANSIT) { 952cc53ce53SDavid Howells BUG_ON(!path->dentry->d_op); 953cc53ce53SDavid Howells BUG_ON(!path->dentry->d_op->d_manage); 954ab90911fSDavid Howells ret = path->dentry->d_op->d_manage(path->dentry, 955ab90911fSDavid Howells false, false); 956cc53ce53SDavid Howells if (ret < 0) 957cc53ce53SDavid Howells return ret == -EISDIR ? 0 : ret; 958cc53ce53SDavid Howells } 959cc53ce53SDavid Howells 9609875cf80SDavid Howells /* Transit to a mounted filesystem. */ 9619875cf80SDavid Howells if (managed & DCACHE_MOUNTED) { 9629875cf80SDavid Howells struct vfsmount *mounted = lookup_mnt(path); 9639875cf80SDavid Howells if (mounted) { 9649875cf80SDavid Howells dput(path->dentry); 9659875cf80SDavid Howells if (need_mntput) 966463ffb2eSAl Viro mntput(path->mnt); 967463ffb2eSAl Viro path->mnt = mounted; 968463ffb2eSAl Viro path->dentry = dget(mounted->mnt_root); 9699875cf80SDavid Howells need_mntput = true; 9709875cf80SDavid Howells continue; 971463ffb2eSAl Viro } 972463ffb2eSAl Viro 9739875cf80SDavid Howells /* Something is mounted on this dentry in another 9749875cf80SDavid Howells * namespace and/or whatever was mounted there in this 9759875cf80SDavid Howells * namespace got unmounted before we managed to get the 9769875cf80SDavid Howells * vfsmount_lock */ 9771da177e4SLinus Torvalds } 9789875cf80SDavid Howells 9799875cf80SDavid Howells /* Handle an automount point */ 9809875cf80SDavid Howells if (managed & DCACHE_NEED_AUTOMOUNT) { 9819875cf80SDavid Howells ret = follow_automount(path, flags, &need_mntput); 9829875cf80SDavid Howells if (ret < 0) 9839875cf80SDavid Howells return ret == -EISDIR ? 0 : ret; 9849875cf80SDavid Howells continue; 9859875cf80SDavid Howells } 9869875cf80SDavid Howells 9879875cf80SDavid Howells /* We didn't change the current path point */ 9889875cf80SDavid Howells break; 9899875cf80SDavid Howells } 9909875cf80SDavid Howells return 0; 9911da177e4SLinus Torvalds } 9921da177e4SLinus Torvalds 993cc53ce53SDavid Howells int follow_down_one(struct path *path) 9941da177e4SLinus Torvalds { 9951da177e4SLinus Torvalds struct vfsmount *mounted; 9961da177e4SLinus Torvalds 9971c755af4SAl Viro mounted = lookup_mnt(path); 9981da177e4SLinus Torvalds if (mounted) { 9999393bd07SAl Viro dput(path->dentry); 10009393bd07SAl Viro mntput(path->mnt); 10019393bd07SAl Viro path->mnt = mounted; 10029393bd07SAl Viro path->dentry = dget(mounted->mnt_root); 10031da177e4SLinus Torvalds return 1; 10041da177e4SLinus Torvalds } 10051da177e4SLinus Torvalds return 0; 10061da177e4SLinus Torvalds } 10071da177e4SLinus Torvalds 10089875cf80SDavid Howells /* 10099875cf80SDavid Howells * Skip to top of mountpoint pile in rcuwalk mode. We abort the rcu-walk if we 1010cc53ce53SDavid Howells * meet a managed dentry and we're not walking to "..". True is returned to 10119875cf80SDavid Howells * continue, false to abort. 10129875cf80SDavid Howells */ 10139875cf80SDavid Howells static bool __follow_mount_rcu(struct nameidata *nd, struct path *path, 10149875cf80SDavid Howells struct inode **inode, bool reverse_transit) 10159875cf80SDavid Howells { 10169875cf80SDavid Howells while (d_mountpoint(path->dentry)) { 10179875cf80SDavid Howells struct vfsmount *mounted; 1018ab90911fSDavid Howells if (unlikely(path->dentry->d_flags & DCACHE_MANAGE_TRANSIT) && 1019ab90911fSDavid Howells !reverse_transit && 1020ab90911fSDavid Howells path->dentry->d_op->d_manage(path->dentry, false, true) < 0) 1021ab90911fSDavid Howells return false; 10229875cf80SDavid Howells mounted = __lookup_mnt(path->mnt, path->dentry, 1); 10239875cf80SDavid Howells if (!mounted) 10249875cf80SDavid Howells break; 10259875cf80SDavid Howells path->mnt = mounted; 10269875cf80SDavid Howells path->dentry = mounted->mnt_root; 10279875cf80SDavid Howells nd->seq = read_seqcount_begin(&path->dentry->d_seq); 10289875cf80SDavid Howells *inode = path->dentry->d_inode; 10299875cf80SDavid Howells } 10309875cf80SDavid Howells 10319875cf80SDavid Howells if (unlikely(path->dentry->d_flags & DCACHE_NEED_AUTOMOUNT)) 10329875cf80SDavid Howells return reverse_transit; 10339875cf80SDavid Howells return true; 10349875cf80SDavid Howells } 10359875cf80SDavid Howells 103631e6b01fSNick Piggin static int follow_dotdot_rcu(struct nameidata *nd) 103731e6b01fSNick Piggin { 103831e6b01fSNick Piggin struct inode *inode = nd->inode; 103931e6b01fSNick Piggin 104031e6b01fSNick Piggin set_root_rcu(nd); 104131e6b01fSNick Piggin 104231e6b01fSNick Piggin while (1) { 104331e6b01fSNick Piggin if (nd->path.dentry == nd->root.dentry && 104431e6b01fSNick Piggin nd->path.mnt == nd->root.mnt) { 104531e6b01fSNick Piggin break; 104631e6b01fSNick Piggin } 104731e6b01fSNick Piggin if (nd->path.dentry != nd->path.mnt->mnt_root) { 104831e6b01fSNick Piggin struct dentry *old = nd->path.dentry; 104931e6b01fSNick Piggin struct dentry *parent = old->d_parent; 105031e6b01fSNick Piggin unsigned seq; 105131e6b01fSNick Piggin 105231e6b01fSNick Piggin seq = read_seqcount_begin(&parent->d_seq); 105331e6b01fSNick Piggin if (read_seqcount_retry(&old->d_seq, nd->seq)) 1054ef7562d5SAl Viro goto failed; 105531e6b01fSNick Piggin inode = parent->d_inode; 105631e6b01fSNick Piggin nd->path.dentry = parent; 105731e6b01fSNick Piggin nd->seq = seq; 105831e6b01fSNick Piggin break; 105931e6b01fSNick Piggin } 106031e6b01fSNick Piggin if (!follow_up_rcu(&nd->path)) 106131e6b01fSNick Piggin break; 106231e6b01fSNick Piggin nd->seq = read_seqcount_begin(&nd->path.dentry->d_seq); 106331e6b01fSNick Piggin inode = nd->path.dentry->d_inode; 106431e6b01fSNick Piggin } 10659875cf80SDavid Howells __follow_mount_rcu(nd, &nd->path, &inode, true); 106631e6b01fSNick Piggin nd->inode = inode; 106731e6b01fSNick Piggin return 0; 1068ef7562d5SAl Viro 1069ef7562d5SAl Viro failed: 1070ef7562d5SAl Viro nd->flags &= ~LOOKUP_RCU; 10715b6ca027SAl Viro if (!(nd->flags & LOOKUP_ROOT)) 1072ef7562d5SAl Viro nd->root.mnt = NULL; 1073ef7562d5SAl Viro rcu_read_unlock(); 1074ef7562d5SAl Viro br_read_unlock(vfsmount_lock); 1075ef7562d5SAl Viro return -ECHILD; 107631e6b01fSNick Piggin } 107731e6b01fSNick Piggin 10789875cf80SDavid Howells /* 1079cc53ce53SDavid Howells * Follow down to the covering mount currently visible to userspace. At each 1080cc53ce53SDavid Howells * point, the filesystem owning that dentry may be queried as to whether the 1081cc53ce53SDavid Howells * caller is permitted to proceed or not. 1082cc53ce53SDavid Howells * 1083cc53ce53SDavid Howells * Care must be taken as namespace_sem may be held (indicated by mounting_here 1084cc53ce53SDavid Howells * being true). 1085cc53ce53SDavid Howells */ 1086cc53ce53SDavid Howells int follow_down(struct path *path, bool mounting_here) 1087cc53ce53SDavid Howells { 1088cc53ce53SDavid Howells unsigned managed; 1089cc53ce53SDavid Howells int ret; 1090cc53ce53SDavid Howells 1091cc53ce53SDavid Howells while (managed = ACCESS_ONCE(path->dentry->d_flags), 1092cc53ce53SDavid Howells unlikely(managed & DCACHE_MANAGED_DENTRY)) { 1093cc53ce53SDavid Howells /* Allow the filesystem to manage the transit without i_mutex 1094cc53ce53SDavid Howells * being held. 1095cc53ce53SDavid Howells * 1096cc53ce53SDavid Howells * We indicate to the filesystem if someone is trying to mount 1097cc53ce53SDavid Howells * something here. This gives autofs the chance to deny anyone 1098cc53ce53SDavid Howells * other than its daemon the right to mount on its 1099cc53ce53SDavid Howells * superstructure. 1100cc53ce53SDavid Howells * 1101cc53ce53SDavid Howells * The filesystem may sleep at this point. 1102cc53ce53SDavid Howells */ 1103cc53ce53SDavid Howells if (managed & DCACHE_MANAGE_TRANSIT) { 1104cc53ce53SDavid Howells BUG_ON(!path->dentry->d_op); 1105cc53ce53SDavid Howells BUG_ON(!path->dentry->d_op->d_manage); 1106ab90911fSDavid Howells ret = path->dentry->d_op->d_manage( 1107ab90911fSDavid Howells path->dentry, mounting_here, false); 1108cc53ce53SDavid Howells if (ret < 0) 1109cc53ce53SDavid Howells return ret == -EISDIR ? 0 : ret; 1110cc53ce53SDavid Howells } 1111cc53ce53SDavid Howells 1112cc53ce53SDavid Howells /* Transit to a mounted filesystem. */ 1113cc53ce53SDavid Howells if (managed & DCACHE_MOUNTED) { 1114cc53ce53SDavid Howells struct vfsmount *mounted = lookup_mnt(path); 1115cc53ce53SDavid Howells if (!mounted) 1116cc53ce53SDavid Howells break; 1117cc53ce53SDavid Howells dput(path->dentry); 1118cc53ce53SDavid Howells mntput(path->mnt); 1119cc53ce53SDavid Howells path->mnt = mounted; 1120cc53ce53SDavid Howells path->dentry = dget(mounted->mnt_root); 1121cc53ce53SDavid Howells continue; 1122cc53ce53SDavid Howells } 1123cc53ce53SDavid Howells 1124cc53ce53SDavid Howells /* Don't handle automount points here */ 1125cc53ce53SDavid Howells break; 1126cc53ce53SDavid Howells } 1127cc53ce53SDavid Howells return 0; 1128cc53ce53SDavid Howells } 1129cc53ce53SDavid Howells 1130cc53ce53SDavid Howells /* 11319875cf80SDavid Howells * Skip to top of mountpoint pile in refwalk mode for follow_dotdot() 11329875cf80SDavid Howells */ 11339875cf80SDavid Howells static void follow_mount(struct path *path) 11349875cf80SDavid Howells { 11359875cf80SDavid Howells while (d_mountpoint(path->dentry)) { 11369875cf80SDavid Howells struct vfsmount *mounted = lookup_mnt(path); 11379875cf80SDavid Howells if (!mounted) 11389875cf80SDavid Howells break; 11399875cf80SDavid Howells dput(path->dentry); 11409875cf80SDavid Howells mntput(path->mnt); 11419875cf80SDavid Howells path->mnt = mounted; 11429875cf80SDavid Howells path->dentry = dget(mounted->mnt_root); 11439875cf80SDavid Howells } 11449875cf80SDavid Howells } 11459875cf80SDavid Howells 114631e6b01fSNick Piggin static void follow_dotdot(struct nameidata *nd) 11471da177e4SLinus Torvalds { 11482a737871SAl Viro set_root(nd); 1149e518ddb7SAndreas Mohr 11501da177e4SLinus Torvalds while(1) { 11514ac91378SJan Blunck struct dentry *old = nd->path.dentry; 11521da177e4SLinus Torvalds 11532a737871SAl Viro if (nd->path.dentry == nd->root.dentry && 11542a737871SAl Viro nd->path.mnt == nd->root.mnt) { 11551da177e4SLinus Torvalds break; 11561da177e4SLinus Torvalds } 11574ac91378SJan Blunck if (nd->path.dentry != nd->path.mnt->mnt_root) { 11583088dd70SAl Viro /* rare case of legitimate dget_parent()... */ 11593088dd70SAl Viro nd->path.dentry = dget_parent(nd->path.dentry); 11601da177e4SLinus Torvalds dput(old); 11611da177e4SLinus Torvalds break; 11621da177e4SLinus Torvalds } 11633088dd70SAl Viro if (!follow_up(&nd->path)) 11641da177e4SLinus Torvalds break; 11651da177e4SLinus Torvalds } 116679ed0226SAl Viro follow_mount(&nd->path); 116731e6b01fSNick Piggin nd->inode = nd->path.dentry->d_inode; 11681da177e4SLinus Torvalds } 11691da177e4SLinus Torvalds 11701da177e4SLinus Torvalds /* 1171baa03890SNick Piggin * Allocate a dentry with name and parent, and perform a parent 1172baa03890SNick Piggin * directory ->lookup on it. Returns the new dentry, or ERR_PTR 1173baa03890SNick Piggin * on error. parent->d_inode->i_mutex must be held. d_lookup must 1174baa03890SNick Piggin * have verified that no child exists while under i_mutex. 1175baa03890SNick Piggin */ 1176baa03890SNick Piggin static struct dentry *d_alloc_and_lookup(struct dentry *parent, 1177baa03890SNick Piggin struct qstr *name, struct nameidata *nd) 1178baa03890SNick Piggin { 1179baa03890SNick Piggin struct inode *inode = parent->d_inode; 1180baa03890SNick Piggin struct dentry *dentry; 1181baa03890SNick Piggin struct dentry *old; 1182baa03890SNick Piggin 1183baa03890SNick Piggin /* Don't create child dentry for a dead directory. */ 1184baa03890SNick Piggin if (unlikely(IS_DEADDIR(inode))) 1185baa03890SNick Piggin return ERR_PTR(-ENOENT); 1186baa03890SNick Piggin 1187baa03890SNick Piggin dentry = d_alloc(parent, name); 1188baa03890SNick Piggin if (unlikely(!dentry)) 1189baa03890SNick Piggin return ERR_PTR(-ENOMEM); 1190baa03890SNick Piggin 1191baa03890SNick Piggin old = inode->i_op->lookup(inode, dentry, nd); 1192baa03890SNick Piggin if (unlikely(old)) { 1193baa03890SNick Piggin dput(dentry); 1194baa03890SNick Piggin dentry = old; 1195baa03890SNick Piggin } 1196baa03890SNick Piggin return dentry; 1197baa03890SNick Piggin } 1198baa03890SNick Piggin 1199baa03890SNick Piggin /* 12001da177e4SLinus Torvalds * It's more convoluted than I'd like it to be, but... it's still fairly 12011da177e4SLinus Torvalds * small and for now I'd prefer to have fast path as straight as possible. 12021da177e4SLinus Torvalds * It _is_ time-critical. 12031da177e4SLinus Torvalds */ 12041da177e4SLinus Torvalds static int do_lookup(struct nameidata *nd, struct qstr *name, 120531e6b01fSNick Piggin struct path *path, struct inode **inode) 12061da177e4SLinus Torvalds { 12074ac91378SJan Blunck struct vfsmount *mnt = nd->path.mnt; 120831e6b01fSNick Piggin struct dentry *dentry, *parent = nd->path.dentry; 12095a18fff2SAl Viro int need_reval = 1; 12105a18fff2SAl Viro int status = 1; 12119875cf80SDavid Howells int err; 12129875cf80SDavid Howells 12133cac260aSAl Viro /* 1214b04f784eSNick Piggin * Rename seqlock is not required here because in the off chance 1215b04f784eSNick Piggin * of a false negative due to a concurrent rename, we're going to 1216b04f784eSNick Piggin * do the non-racy lookup, below. 1217b04f784eSNick Piggin */ 121831e6b01fSNick Piggin if (nd->flags & LOOKUP_RCU) { 121931e6b01fSNick Piggin unsigned seq; 122031e6b01fSNick Piggin *inode = nd->inode; 122131e6b01fSNick Piggin dentry = __d_lookup_rcu(parent, name, &seq, inode); 12225a18fff2SAl Viro if (!dentry) 12235a18fff2SAl Viro goto unlazy; 12245a18fff2SAl Viro 122531e6b01fSNick Piggin /* Memory barrier in read_seqcount_begin of child is enough */ 122631e6b01fSNick Piggin if (__read_seqcount_retry(&parent->d_seq, nd->seq)) 122731e6b01fSNick Piggin return -ECHILD; 122831e6b01fSNick Piggin nd->seq = seq; 12295a18fff2SAl Viro 123024643087SAl Viro if (unlikely(dentry->d_flags & DCACHE_OP_REVALIDATE)) { 12315a18fff2SAl Viro status = d_revalidate(dentry, nd); 12325a18fff2SAl Viro if (unlikely(status <= 0)) { 12335a18fff2SAl Viro if (status != -ECHILD) 12345a18fff2SAl Viro need_reval = 0; 12355a18fff2SAl Viro goto unlazy; 12365a18fff2SAl Viro } 123724643087SAl Viro } 123831e6b01fSNick Piggin path->mnt = mnt; 123931e6b01fSNick Piggin path->dentry = dentry; 12409875cf80SDavid Howells if (likely(__follow_mount_rcu(nd, path, inode, false))) 12419875cf80SDavid Howells return 0; 12425a18fff2SAl Viro unlazy: 12435a18fff2SAl Viro if (dentry) { 12445a18fff2SAl Viro if (nameidata_dentry_drop_rcu(nd, dentry)) 12455a18fff2SAl Viro return -ECHILD; 12465a18fff2SAl Viro } else { 12479875cf80SDavid Howells if (nameidata_drop_rcu(nd)) 12489875cf80SDavid Howells return -ECHILD; 12499875cf80SDavid Howells } 12505a18fff2SAl Viro } else { 125131e6b01fSNick Piggin dentry = __d_lookup(parent, name); 125224643087SAl Viro } 12535a18fff2SAl Viro 12545a18fff2SAl Viro retry: 12555a18fff2SAl Viro if (unlikely(!dentry)) { 12565a18fff2SAl Viro struct inode *dir = parent->d_inode; 12575a18fff2SAl Viro BUG_ON(nd->inode != dir); 12585a18fff2SAl Viro 12595a18fff2SAl Viro mutex_lock(&dir->i_mutex); 12605a18fff2SAl Viro dentry = d_lookup(parent, name); 12615a18fff2SAl Viro if (likely(!dentry)) { 12625a18fff2SAl Viro dentry = d_alloc_and_lookup(parent, name, nd); 12635a18fff2SAl Viro if (IS_ERR(dentry)) { 12645a18fff2SAl Viro mutex_unlock(&dir->i_mutex); 12655a18fff2SAl Viro return PTR_ERR(dentry); 12665a18fff2SAl Viro } 12675a18fff2SAl Viro /* known good */ 12685a18fff2SAl Viro need_reval = 0; 12695a18fff2SAl Viro status = 1; 12705a18fff2SAl Viro } 12715a18fff2SAl Viro mutex_unlock(&dir->i_mutex); 12725a18fff2SAl Viro } 12735a18fff2SAl Viro if (unlikely(dentry->d_flags & DCACHE_OP_REVALIDATE) && need_reval) 12745a18fff2SAl Viro status = d_revalidate(dentry, nd); 12755a18fff2SAl Viro if (unlikely(status <= 0)) { 12765a18fff2SAl Viro if (status < 0) { 12775a18fff2SAl Viro dput(dentry); 12785a18fff2SAl Viro return status; 12795a18fff2SAl Viro } 12805a18fff2SAl Viro if (!d_invalidate(dentry)) { 12815a18fff2SAl Viro dput(dentry); 12825a18fff2SAl Viro dentry = NULL; 12835a18fff2SAl Viro need_reval = 1; 12845a18fff2SAl Viro goto retry; 12855a18fff2SAl Viro } 12865a18fff2SAl Viro } 12875a18fff2SAl Viro 12881da177e4SLinus Torvalds path->mnt = mnt; 12891da177e4SLinus Torvalds path->dentry = dentry; 12909875cf80SDavid Howells err = follow_managed(path, nd->flags); 129189312214SIan Kent if (unlikely(err < 0)) { 129289312214SIan Kent path_put_conditional(path, nd); 12939875cf80SDavid Howells return err; 129489312214SIan Kent } 129531e6b01fSNick Piggin *inode = path->dentry->d_inode; 12961da177e4SLinus Torvalds return 0; 12971da177e4SLinus Torvalds } 12981da177e4SLinus Torvalds 129952094c8aSAl Viro static inline int may_lookup(struct nameidata *nd) 130052094c8aSAl Viro { 130152094c8aSAl Viro if (nd->flags & LOOKUP_RCU) { 130252094c8aSAl Viro int err = exec_permission(nd->inode, IPERM_FLAG_RCU); 130352094c8aSAl Viro if (err != -ECHILD) 130452094c8aSAl Viro return err; 130552094c8aSAl Viro if (nameidata_drop_rcu(nd)) 130652094c8aSAl Viro return -ECHILD; 130752094c8aSAl Viro } 130852094c8aSAl Viro return exec_permission(nd->inode, 0); 130952094c8aSAl Viro } 131052094c8aSAl Viro 13119856fa1bSAl Viro static inline int handle_dots(struct nameidata *nd, int type) 13129856fa1bSAl Viro { 13139856fa1bSAl Viro if (type == LAST_DOTDOT) { 13149856fa1bSAl Viro if (nd->flags & LOOKUP_RCU) { 13159856fa1bSAl Viro if (follow_dotdot_rcu(nd)) 13169856fa1bSAl Viro return -ECHILD; 13179856fa1bSAl Viro } else 13189856fa1bSAl Viro follow_dotdot(nd); 13199856fa1bSAl Viro } 13209856fa1bSAl Viro return 0; 13219856fa1bSAl Viro } 13229856fa1bSAl Viro 1323951361f9SAl Viro static void terminate_walk(struct nameidata *nd) 1324951361f9SAl Viro { 1325951361f9SAl Viro if (!(nd->flags & LOOKUP_RCU)) { 1326951361f9SAl Viro path_put(&nd->path); 1327951361f9SAl Viro } else { 1328951361f9SAl Viro nd->flags &= ~LOOKUP_RCU; 13295b6ca027SAl Viro if (!(nd->flags & LOOKUP_ROOT)) 1330951361f9SAl Viro nd->root.mnt = NULL; 1331951361f9SAl Viro rcu_read_unlock(); 1332951361f9SAl Viro br_read_unlock(vfsmount_lock); 1333951361f9SAl Viro } 1334951361f9SAl Viro } 1335951361f9SAl Viro 1336ce57dfc1SAl Viro static inline int walk_component(struct nameidata *nd, struct path *path, 1337ce57dfc1SAl Viro struct qstr *name, int type, int follow) 1338ce57dfc1SAl Viro { 1339ce57dfc1SAl Viro struct inode *inode; 1340ce57dfc1SAl Viro int err; 1341ce57dfc1SAl Viro /* 1342ce57dfc1SAl Viro * "." and ".." are special - ".." especially so because it has 1343ce57dfc1SAl Viro * to be able to know about the current root directory and 1344ce57dfc1SAl Viro * parent relationships. 1345ce57dfc1SAl Viro */ 1346ce57dfc1SAl Viro if (unlikely(type != LAST_NORM)) 1347ce57dfc1SAl Viro return handle_dots(nd, type); 1348ce57dfc1SAl Viro err = do_lookup(nd, name, path, &inode); 1349ce57dfc1SAl Viro if (unlikely(err)) { 1350ce57dfc1SAl Viro terminate_walk(nd); 1351ce57dfc1SAl Viro return err; 1352ce57dfc1SAl Viro } 1353ce57dfc1SAl Viro if (!inode) { 1354ce57dfc1SAl Viro path_to_nameidata(path, nd); 1355ce57dfc1SAl Viro terminate_walk(nd); 1356ce57dfc1SAl Viro return -ENOENT; 1357ce57dfc1SAl Viro } 1358ce57dfc1SAl Viro if (unlikely(inode->i_op->follow_link) && follow) { 1359ce57dfc1SAl Viro if (nameidata_dentry_drop_rcu_maybe(nd, path->dentry)) 1360ce57dfc1SAl Viro return -ECHILD; 1361ce57dfc1SAl Viro BUG_ON(inode != path->dentry->d_inode); 1362ce57dfc1SAl Viro return 1; 1363ce57dfc1SAl Viro } 1364ce57dfc1SAl Viro path_to_nameidata(path, nd); 1365ce57dfc1SAl Viro nd->inode = inode; 1366ce57dfc1SAl Viro return 0; 1367ce57dfc1SAl Viro } 1368ce57dfc1SAl Viro 13691da177e4SLinus Torvalds /* 13701da177e4SLinus Torvalds * Name resolution. 1371ea3834d9SPrasanna Meda * This is the basic name resolution function, turning a pathname into 1372ea3834d9SPrasanna Meda * the final dentry. We expect 'base' to be positive and a directory. 13731da177e4SLinus Torvalds * 1374ea3834d9SPrasanna Meda * Returns 0 and nd will have valid dentry and mnt on success. 1375ea3834d9SPrasanna Meda * Returns error and drops reference to input namei data on failure. 13761da177e4SLinus Torvalds */ 13776de88d72SAl Viro static int link_path_walk(const char *name, struct nameidata *nd) 13781da177e4SLinus Torvalds { 13791da177e4SLinus Torvalds struct path next; 13801da177e4SLinus Torvalds int err; 13811da177e4SLinus Torvalds unsigned int lookup_flags = nd->flags; 13821da177e4SLinus Torvalds 13831da177e4SLinus Torvalds while (*name=='/') 13841da177e4SLinus Torvalds name++; 13851da177e4SLinus Torvalds if (!*name) 1386086e183aSAl Viro return 0; 13871da177e4SLinus Torvalds 13881da177e4SLinus Torvalds if (nd->depth) 1389f55eab82STrond Myklebust lookup_flags = LOOKUP_FOLLOW | (nd->flags & LOOKUP_CONTINUE); 13901da177e4SLinus Torvalds 13911da177e4SLinus Torvalds /* At this point we know we have a real path component. */ 13921da177e4SLinus Torvalds for(;;) { 13931da177e4SLinus Torvalds unsigned long hash; 13941da177e4SLinus Torvalds struct qstr this; 13951da177e4SLinus Torvalds unsigned int c; 1396fe479a58SAl Viro int type; 13971da177e4SLinus Torvalds 1398cdce5d6bSTrond Myklebust nd->flags |= LOOKUP_CONTINUE; 139952094c8aSAl Viro 140052094c8aSAl Viro err = may_lookup(nd); 14011da177e4SLinus Torvalds if (err) 14021da177e4SLinus Torvalds break; 14031da177e4SLinus Torvalds 14041da177e4SLinus Torvalds this.name = name; 14051da177e4SLinus Torvalds c = *(const unsigned char *)name; 14061da177e4SLinus Torvalds 14071da177e4SLinus Torvalds hash = init_name_hash(); 14081da177e4SLinus Torvalds do { 14091da177e4SLinus Torvalds name++; 14101da177e4SLinus Torvalds hash = partial_name_hash(c, hash); 14111da177e4SLinus Torvalds c = *(const unsigned char *)name; 14121da177e4SLinus Torvalds } while (c && (c != '/')); 14131da177e4SLinus Torvalds this.len = name - (const char *) this.name; 14141da177e4SLinus Torvalds this.hash = end_name_hash(hash); 14151da177e4SLinus Torvalds 1416fe479a58SAl Viro type = LAST_NORM; 1417fe479a58SAl Viro if (this.name[0] == '.') switch (this.len) { 1418fe479a58SAl Viro case 2: 141916c2cd71SAl Viro if (this.name[1] == '.') { 1420fe479a58SAl Viro type = LAST_DOTDOT; 142116c2cd71SAl Viro nd->flags |= LOOKUP_JUMPED; 142216c2cd71SAl Viro } 1423fe479a58SAl Viro break; 1424fe479a58SAl Viro case 1: 1425fe479a58SAl Viro type = LAST_DOT; 1426fe479a58SAl Viro } 14275a202bcdSAl Viro if (likely(type == LAST_NORM)) { 14285a202bcdSAl Viro struct dentry *parent = nd->path.dentry; 142916c2cd71SAl Viro nd->flags &= ~LOOKUP_JUMPED; 14305a202bcdSAl Viro if (unlikely(parent->d_flags & DCACHE_OP_HASH)) { 14315a202bcdSAl Viro err = parent->d_op->d_hash(parent, nd->inode, 14325a202bcdSAl Viro &this); 14335a202bcdSAl Viro if (err < 0) 14345a202bcdSAl Viro break; 14355a202bcdSAl Viro } 14365a202bcdSAl Viro } 1437fe479a58SAl Viro 14381da177e4SLinus Torvalds /* remove trailing slashes? */ 14391da177e4SLinus Torvalds if (!c) 14401da177e4SLinus Torvalds goto last_component; 14411da177e4SLinus Torvalds while (*++name == '/'); 14421da177e4SLinus Torvalds if (!*name) 14431da177e4SLinus Torvalds goto last_with_slashes; 14441da177e4SLinus Torvalds 1445ce57dfc1SAl Viro err = walk_component(nd, &next, &this, type, LOOKUP_FOLLOW); 1446ce57dfc1SAl Viro if (err < 0) 1447ce57dfc1SAl Viro return err; 1448fe479a58SAl Viro 1449ce57dfc1SAl Viro if (err) { 1450ce57dfc1SAl Viro err = do_follow_link(&next, nd); 14511da177e4SLinus Torvalds if (err) 1452a7472babSAl Viro return err; 145331e6b01fSNick Piggin } 14541da177e4SLinus Torvalds err = -ENOTDIR; 145531e6b01fSNick Piggin if (!nd->inode->i_op->lookup) 14561da177e4SLinus Torvalds break; 14571da177e4SLinus Torvalds continue; 14581da177e4SLinus Torvalds /* here ends the main loop */ 14591da177e4SLinus Torvalds 14601da177e4SLinus Torvalds last_with_slashes: 14611da177e4SLinus Torvalds lookup_flags |= LOOKUP_FOLLOW | LOOKUP_DIRECTORY; 14621da177e4SLinus Torvalds last_component: 1463f55eab82STrond Myklebust /* Clear LOOKUP_CONTINUE iff it was previously unset */ 1464f55eab82STrond Myklebust nd->flags &= lookup_flags | ~LOOKUP_CONTINUE; 1465ce57dfc1SAl Viro if (lookup_flags & LOOKUP_PARENT) { 1466ce57dfc1SAl Viro nd->last = this; 1467ce57dfc1SAl Viro nd->last_type = type; 1468ce57dfc1SAl Viro return 0; 1469ce57dfc1SAl Viro } 1470ce57dfc1SAl Viro err = walk_component(nd, &next, &this, type, 1471ce57dfc1SAl Viro lookup_flags & LOOKUP_FOLLOW); 1472ce57dfc1SAl Viro if (err < 0) 1473ce57dfc1SAl Viro return err; 1474ce57dfc1SAl Viro if (err) { 1475ce57dfc1SAl Viro err = do_follow_link(&next, nd); 14761da177e4SLinus Torvalds if (err) 1477a7472babSAl Viro return err; 147831e6b01fSNick Piggin } 14791da177e4SLinus Torvalds if (lookup_flags & LOOKUP_DIRECTORY) { 14801da177e4SLinus Torvalds err = -ENOTDIR; 148131e6b01fSNick Piggin if (!nd->inode->i_op->lookup) 14821da177e4SLinus Torvalds break; 14831da177e4SLinus Torvalds } 1484086e183aSAl Viro return 0; 14851da177e4SLinus Torvalds } 1486951361f9SAl Viro terminate_walk(nd); 14871da177e4SLinus Torvalds return err; 14881da177e4SLinus Torvalds } 14891da177e4SLinus Torvalds 149070e9b357SAl Viro static int path_init(int dfd, const char *name, unsigned int flags, 149170e9b357SAl Viro struct nameidata *nd, struct file **fp) 149231e6b01fSNick Piggin { 149331e6b01fSNick Piggin int retval = 0; 149431e6b01fSNick Piggin int fput_needed; 149531e6b01fSNick Piggin struct file *file; 149631e6b01fSNick Piggin 149731e6b01fSNick Piggin nd->last_type = LAST_ROOT; /* if there are only slashes... */ 149816c2cd71SAl Viro nd->flags = flags | LOOKUP_JUMPED; 149931e6b01fSNick Piggin nd->depth = 0; 15005b6ca027SAl Viro if (flags & LOOKUP_ROOT) { 15015b6ca027SAl Viro struct inode *inode = nd->root.dentry->d_inode; 150273d049a4SAl Viro if (*name) { 15035b6ca027SAl Viro if (!inode->i_op->lookup) 15045b6ca027SAl Viro return -ENOTDIR; 15055b6ca027SAl Viro retval = inode_permission(inode, MAY_EXEC); 15065b6ca027SAl Viro if (retval) 15075b6ca027SAl Viro return retval; 150873d049a4SAl Viro } 15095b6ca027SAl Viro nd->path = nd->root; 15105b6ca027SAl Viro nd->inode = inode; 15115b6ca027SAl Viro if (flags & LOOKUP_RCU) { 15125b6ca027SAl Viro br_read_lock(vfsmount_lock); 15135b6ca027SAl Viro rcu_read_lock(); 15145b6ca027SAl Viro nd->seq = __read_seqcount_begin(&nd->path.dentry->d_seq); 15155b6ca027SAl Viro } else { 15165b6ca027SAl Viro path_get(&nd->path); 15175b6ca027SAl Viro } 15185b6ca027SAl Viro return 0; 15195b6ca027SAl Viro } 15205b6ca027SAl Viro 152131e6b01fSNick Piggin nd->root.mnt = NULL; 152231e6b01fSNick Piggin 152331e6b01fSNick Piggin if (*name=='/') { 1524e41f7d4eSAl Viro if (flags & LOOKUP_RCU) { 152531e6b01fSNick Piggin br_read_lock(vfsmount_lock); 152631e6b01fSNick Piggin rcu_read_lock(); 1527e41f7d4eSAl Viro set_root_rcu(nd); 1528e41f7d4eSAl Viro } else { 1529e41f7d4eSAl Viro set_root(nd); 1530e41f7d4eSAl Viro path_get(&nd->root); 1531e41f7d4eSAl Viro } 153231e6b01fSNick Piggin nd->path = nd->root; 153331e6b01fSNick Piggin } else if (dfd == AT_FDCWD) { 1534e41f7d4eSAl Viro if (flags & LOOKUP_RCU) { 153531e6b01fSNick Piggin struct fs_struct *fs = current->fs; 1536c28cc364SNick Piggin unsigned seq; 153731e6b01fSNick Piggin 153831e6b01fSNick Piggin br_read_lock(vfsmount_lock); 153931e6b01fSNick Piggin rcu_read_lock(); 154031e6b01fSNick Piggin 1541c28cc364SNick Piggin do { 1542c28cc364SNick Piggin seq = read_seqcount_begin(&fs->seq); 154331e6b01fSNick Piggin nd->path = fs->pwd; 1544c28cc364SNick Piggin nd->seq = __read_seqcount_begin(&nd->path.dentry->d_seq); 1545c28cc364SNick Piggin } while (read_seqcount_retry(&fs->seq, seq)); 1546e41f7d4eSAl Viro } else { 1547e41f7d4eSAl Viro get_fs_pwd(current->fs, &nd->path); 1548e41f7d4eSAl Viro } 154931e6b01fSNick Piggin } else { 155031e6b01fSNick Piggin struct dentry *dentry; 155131e6b01fSNick Piggin 15521abf0c71SAl Viro file = fget_raw_light(dfd, &fput_needed); 155331e6b01fSNick Piggin retval = -EBADF; 155431e6b01fSNick Piggin if (!file) 155531e6b01fSNick Piggin goto out_fail; 155631e6b01fSNick Piggin 155731e6b01fSNick Piggin dentry = file->f_path.dentry; 155831e6b01fSNick Piggin 1559f52e0c11SAl Viro if (*name) { 156031e6b01fSNick Piggin retval = -ENOTDIR; 156131e6b01fSNick Piggin if (!S_ISDIR(dentry->d_inode->i_mode)) 156231e6b01fSNick Piggin goto fput_fail; 156331e6b01fSNick Piggin 156431e6b01fSNick Piggin retval = file_permission(file, MAY_EXEC); 156531e6b01fSNick Piggin if (retval) 156631e6b01fSNick Piggin goto fput_fail; 1567f52e0c11SAl Viro } 156831e6b01fSNick Piggin 156931e6b01fSNick Piggin nd->path = file->f_path; 1570e41f7d4eSAl Viro if (flags & LOOKUP_RCU) { 157131e6b01fSNick Piggin if (fput_needed) 157270e9b357SAl Viro *fp = file; 1573c28cc364SNick Piggin nd->seq = __read_seqcount_begin(&nd->path.dentry->d_seq); 157431e6b01fSNick Piggin br_read_lock(vfsmount_lock); 157531e6b01fSNick Piggin rcu_read_lock(); 15765590ff0dSUlrich Drepper } else { 15775dd784d0SJan Blunck path_get(&file->f_path); 15785590ff0dSUlrich Drepper fput_light(file, fput_needed); 15791da177e4SLinus Torvalds } 1580e41f7d4eSAl Viro } 1581e41f7d4eSAl Viro 158231e6b01fSNick Piggin nd->inode = nd->path.dentry->d_inode; 15839b4a9b14SAl Viro return 0; 15842dfdd266SJosef 'Jeff' Sipek 15859b4a9b14SAl Viro fput_fail: 15869b4a9b14SAl Viro fput_light(file, fput_needed); 15879b4a9b14SAl Viro out_fail: 15889b4a9b14SAl Viro return retval; 15899b4a9b14SAl Viro } 15909b4a9b14SAl Viro 1591bd92d7feSAl Viro static inline int lookup_last(struct nameidata *nd, struct path *path) 1592bd92d7feSAl Viro { 1593bd92d7feSAl Viro if (nd->last_type == LAST_NORM && nd->last.name[nd->last.len]) 1594bd92d7feSAl Viro nd->flags |= LOOKUP_FOLLOW | LOOKUP_DIRECTORY; 1595bd92d7feSAl Viro 1596bd92d7feSAl Viro nd->flags &= ~LOOKUP_PARENT; 1597bd92d7feSAl Viro return walk_component(nd, path, &nd->last, nd->last_type, 1598bd92d7feSAl Viro nd->flags & LOOKUP_FOLLOW); 1599bd92d7feSAl Viro } 1600bd92d7feSAl Viro 16019b4a9b14SAl Viro /* Returns 0 and nd will be valid on success; Retuns error, otherwise. */ 1602ee0827cdSAl Viro static int path_lookupat(int dfd, const char *name, 16039b4a9b14SAl Viro unsigned int flags, struct nameidata *nd) 16049b4a9b14SAl Viro { 160570e9b357SAl Viro struct file *base = NULL; 1606bd92d7feSAl Viro struct path path; 1607bd92d7feSAl Viro int err; 160831e6b01fSNick Piggin 160931e6b01fSNick Piggin /* 161031e6b01fSNick Piggin * Path walking is largely split up into 2 different synchronisation 161131e6b01fSNick Piggin * schemes, rcu-walk and ref-walk (explained in 161231e6b01fSNick Piggin * Documentation/filesystems/path-lookup.txt). These share much of the 161331e6b01fSNick Piggin * path walk code, but some things particularly setup, cleanup, and 161431e6b01fSNick Piggin * following mounts are sufficiently divergent that functions are 161531e6b01fSNick Piggin * duplicated. Typically there is a function foo(), and its RCU 161631e6b01fSNick Piggin * analogue, foo_rcu(). 161731e6b01fSNick Piggin * 161831e6b01fSNick Piggin * -ECHILD is the error number of choice (just to avoid clashes) that 161931e6b01fSNick Piggin * is returned if some aspect of an rcu-walk fails. Such an error must 162031e6b01fSNick Piggin * be handled by restarting a traditional ref-walk (which will always 162131e6b01fSNick Piggin * be able to complete). 162231e6b01fSNick Piggin */ 1623bd92d7feSAl Viro err = path_init(dfd, name, flags | LOOKUP_PARENT, nd, &base); 1624ee0827cdSAl Viro 1625bd92d7feSAl Viro if (unlikely(err)) 1626bd92d7feSAl Viro return err; 1627ee0827cdSAl Viro 1628ee0827cdSAl Viro current->total_link_count = 0; 1629bd92d7feSAl Viro err = link_path_walk(name, nd); 1630bd92d7feSAl Viro 1631bd92d7feSAl Viro if (!err && !(flags & LOOKUP_PARENT)) { 1632bd92d7feSAl Viro int count = 0; 1633bd92d7feSAl Viro err = lookup_last(nd, &path); 1634bd92d7feSAl Viro while (err > 0) { 1635bd92d7feSAl Viro void *cookie; 1636bd92d7feSAl Viro struct path link = path; 1637bd92d7feSAl Viro struct inode *inode = link.dentry->d_inode; 1638bd92d7feSAl Viro 1639bd92d7feSAl Viro if (count++ > 32) { 1640bd92d7feSAl Viro path_put_conditional(&path, nd); 1641bd92d7feSAl Viro path_put(&nd->path); 1642bd92d7feSAl Viro err = -ELOOP; 1643bd92d7feSAl Viro break; 1644bd92d7feSAl Viro } 1645bd92d7feSAl Viro cond_resched(); 1646bd92d7feSAl Viro nd->flags |= LOOKUP_PARENT; 1647bd92d7feSAl Viro err = __do_follow_link(&link, nd, &cookie); 1648bd92d7feSAl Viro if (!err) 1649bd92d7feSAl Viro err = lookup_last(nd, &path); 1650bd92d7feSAl Viro if (!IS_ERR(cookie) && inode->i_op->put_link) 1651bd92d7feSAl Viro inode->i_op->put_link(link.dentry, nd, cookie); 1652bd92d7feSAl Viro path_put(&link); 1653bd92d7feSAl Viro } 1654bd92d7feSAl Viro } 1655ee0827cdSAl Viro 1656ee0827cdSAl Viro if (nd->flags & LOOKUP_RCU) { 16574455ca62SAl Viro /* went all way through without dropping RCU */ 1658bd92d7feSAl Viro BUG_ON(err); 1659086e183aSAl Viro if (nameidata_drop_rcu_last(nd)) 1660bd92d7feSAl Viro err = -ECHILD; 1661086e183aSAl Viro } 166231e6b01fSNick Piggin 1663bd92d7feSAl Viro if (!err) 1664bd92d7feSAl Viro err = handle_reval_path(nd); 1665bd92d7feSAl Viro 1666bd92d7feSAl Viro if (!err && nd->flags & LOOKUP_DIRECTORY) { 1667bd92d7feSAl Viro if (!nd->inode->i_op->lookup) { 1668bd92d7feSAl Viro path_put(&nd->path); 1669bd92d7feSAl Viro return -ENOTDIR; 1670bd92d7feSAl Viro } 1671bd92d7feSAl Viro } 167216c2cd71SAl Viro 167370e9b357SAl Viro if (base) 167470e9b357SAl Viro fput(base); 1675ee0827cdSAl Viro 16765b6ca027SAl Viro if (nd->root.mnt && !(nd->flags & LOOKUP_ROOT)) { 167731e6b01fSNick Piggin path_put(&nd->root); 167831e6b01fSNick Piggin nd->root.mnt = NULL; 167931e6b01fSNick Piggin } 1680bd92d7feSAl Viro return err; 168131e6b01fSNick Piggin } 168231e6b01fSNick Piggin 1683ee0827cdSAl Viro static int do_path_lookup(int dfd, const char *name, 1684ee0827cdSAl Viro unsigned int flags, struct nameidata *nd) 1685ee0827cdSAl Viro { 1686ee0827cdSAl Viro int retval = path_lookupat(dfd, name, flags | LOOKUP_RCU, nd); 1687ee0827cdSAl Viro if (unlikely(retval == -ECHILD)) 1688ee0827cdSAl Viro retval = path_lookupat(dfd, name, flags, nd); 1689ee0827cdSAl Viro if (unlikely(retval == -ESTALE)) 1690ee0827cdSAl Viro retval = path_lookupat(dfd, name, flags | LOOKUP_REVAL, nd); 1691ee0827cdSAl Viro 169231e6b01fSNick Piggin if (likely(!retval)) { 169331e6b01fSNick Piggin if (unlikely(!audit_dummy_context())) { 169431e6b01fSNick Piggin if (nd->path.dentry && nd->inode) 169531e6b01fSNick Piggin audit_inode(name, nd->path.dentry); 169631e6b01fSNick Piggin } 169731e6b01fSNick Piggin } 1698170aa3d0SUlrich Drepper return retval; 16991da177e4SLinus Torvalds } 17001da177e4SLinus Torvalds 1701c9c6cac0SAl Viro int kern_path_parent(const char *name, struct nameidata *nd) 17025590ff0dSUlrich Drepper { 1703c9c6cac0SAl Viro return do_path_lookup(AT_FDCWD, name, LOOKUP_PARENT, nd); 17045590ff0dSUlrich Drepper } 17055590ff0dSUlrich Drepper 1706d1811465SAl Viro int kern_path(const char *name, unsigned int flags, struct path *path) 1707d1811465SAl Viro { 1708d1811465SAl Viro struct nameidata nd; 1709d1811465SAl Viro int res = do_path_lookup(AT_FDCWD, name, flags, &nd); 1710d1811465SAl Viro if (!res) 1711d1811465SAl Viro *path = nd.path; 1712d1811465SAl Viro return res; 1713d1811465SAl Viro } 1714d1811465SAl Viro 171516f18200SJosef 'Jeff' Sipek /** 171616f18200SJosef 'Jeff' Sipek * vfs_path_lookup - lookup a file path relative to a dentry-vfsmount pair 171716f18200SJosef 'Jeff' Sipek * @dentry: pointer to dentry of the base directory 171816f18200SJosef 'Jeff' Sipek * @mnt: pointer to vfs mount of the base directory 171916f18200SJosef 'Jeff' Sipek * @name: pointer to file name 172016f18200SJosef 'Jeff' Sipek * @flags: lookup flags 172116f18200SJosef 'Jeff' Sipek * @nd: pointer to nameidata 172216f18200SJosef 'Jeff' Sipek */ 172316f18200SJosef 'Jeff' Sipek int vfs_path_lookup(struct dentry *dentry, struct vfsmount *mnt, 172416f18200SJosef 'Jeff' Sipek const char *name, unsigned int flags, 172516f18200SJosef 'Jeff' Sipek struct nameidata *nd) 172616f18200SJosef 'Jeff' Sipek { 17275b6ca027SAl Viro nd->root.dentry = dentry; 17285b6ca027SAl Viro nd->root.mnt = mnt; 17295b6ca027SAl Viro /* the first argument of do_path_lookup() is ignored with LOOKUP_ROOT */ 17305b6ca027SAl Viro return do_path_lookup(AT_FDCWD, name, flags | LOOKUP_ROOT, nd); 173116f18200SJosef 'Jeff' Sipek } 173216f18200SJosef 'Jeff' Sipek 1733eead1911SChristoph Hellwig static struct dentry *__lookup_hash(struct qstr *name, 1734eead1911SChristoph Hellwig struct dentry *base, struct nameidata *nd) 17351da177e4SLinus Torvalds { 173681fca444SChristoph Hellwig struct inode *inode = base->d_inode; 17371da177e4SLinus Torvalds struct dentry *dentry; 17381da177e4SLinus Torvalds int err; 17391da177e4SLinus Torvalds 1740b74c79e9SNick Piggin err = exec_permission(inode, 0); 174181fca444SChristoph Hellwig if (err) 174281fca444SChristoph Hellwig return ERR_PTR(err); 17431da177e4SLinus Torvalds 17441da177e4SLinus Torvalds /* 1745b04f784eSNick Piggin * Don't bother with __d_lookup: callers are for creat as 1746b04f784eSNick Piggin * well as unlink, so a lot of the time it would cost 1747b04f784eSNick Piggin * a double lookup. 17486e6b1bd1SAl Viro */ 17496e6b1bd1SAl Viro dentry = d_lookup(base, name); 17506e6b1bd1SAl Viro 1751fb045adbSNick Piggin if (dentry && (dentry->d_flags & DCACHE_OP_REVALIDATE)) 17526e6b1bd1SAl Viro dentry = do_revalidate(dentry, nd); 17536e6b1bd1SAl Viro 17541da177e4SLinus Torvalds if (!dentry) 1755baa03890SNick Piggin dentry = d_alloc_and_lookup(base, name, nd); 17565a202bcdSAl Viro 17571da177e4SLinus Torvalds return dentry; 17581da177e4SLinus Torvalds } 17591da177e4SLinus Torvalds 1760057f6c01SJames Morris /* 1761057f6c01SJames Morris * Restricted form of lookup. Doesn't follow links, single-component only, 1762057f6c01SJames Morris * needs parent already locked. Doesn't follow mounts. 1763057f6c01SJames Morris * SMP-safe. 1764057f6c01SJames Morris */ 1765a244e169SAdrian Bunk static struct dentry *lookup_hash(struct nameidata *nd) 17661da177e4SLinus Torvalds { 17674ac91378SJan Blunck return __lookup_hash(&nd->last, nd->path.dentry, nd); 17681da177e4SLinus Torvalds } 17691da177e4SLinus Torvalds 1770eead1911SChristoph Hellwig /** 1771a6b91919SRandy Dunlap * lookup_one_len - filesystem helper to lookup single pathname component 1772eead1911SChristoph Hellwig * @name: pathname component to lookup 1773eead1911SChristoph Hellwig * @base: base directory to lookup from 1774eead1911SChristoph Hellwig * @len: maximum length @len should be interpreted to 1775eead1911SChristoph Hellwig * 1776a6b91919SRandy Dunlap * Note that this routine is purely a helper for filesystem usage and should 1777a6b91919SRandy Dunlap * not be called by generic code. Also note that by using this function the 1778eead1911SChristoph Hellwig * nameidata argument is passed to the filesystem methods and a filesystem 1779eead1911SChristoph Hellwig * using this helper needs to be prepared for that. 1780eead1911SChristoph Hellwig */ 1781057f6c01SJames Morris struct dentry *lookup_one_len(const char *name, struct dentry *base, int len) 1782057f6c01SJames Morris { 1783057f6c01SJames Morris struct qstr this; 17846a96ba54SAl Viro unsigned long hash; 17856a96ba54SAl Viro unsigned int c; 1786057f6c01SJames Morris 17872f9092e1SDavid Woodhouse WARN_ON_ONCE(!mutex_is_locked(&base->d_inode->i_mutex)); 17882f9092e1SDavid Woodhouse 17896a96ba54SAl Viro this.name = name; 17906a96ba54SAl Viro this.len = len; 17916a96ba54SAl Viro if (!len) 17926a96ba54SAl Viro return ERR_PTR(-EACCES); 17936a96ba54SAl Viro 17946a96ba54SAl Viro hash = init_name_hash(); 17956a96ba54SAl Viro while (len--) { 17966a96ba54SAl Viro c = *(const unsigned char *)name++; 17976a96ba54SAl Viro if (c == '/' || c == '\0') 17986a96ba54SAl Viro return ERR_PTR(-EACCES); 17996a96ba54SAl Viro hash = partial_name_hash(c, hash); 18006a96ba54SAl Viro } 18016a96ba54SAl Viro this.hash = end_name_hash(hash); 18025a202bcdSAl Viro /* 18035a202bcdSAl Viro * See if the low-level filesystem might want 18045a202bcdSAl Viro * to use its own hash.. 18055a202bcdSAl Viro */ 18065a202bcdSAl Viro if (base->d_flags & DCACHE_OP_HASH) { 18075a202bcdSAl Viro int err = base->d_op->d_hash(base, base->d_inode, &this); 18085a202bcdSAl Viro if (err < 0) 18095a202bcdSAl Viro return ERR_PTR(err); 18105a202bcdSAl Viro } 1811eead1911SChristoph Hellwig 181249705b77SChristoph Hellwig return __lookup_hash(&this, base, NULL); 1813057f6c01SJames Morris } 1814057f6c01SJames Morris 18152d8f3038SAl Viro int user_path_at(int dfd, const char __user *name, unsigned flags, 18162d8f3038SAl Viro struct path *path) 18171da177e4SLinus Torvalds { 18182d8f3038SAl Viro struct nameidata nd; 1819f52e0c11SAl Viro char *tmp = getname_flags(name, flags); 18201da177e4SLinus Torvalds int err = PTR_ERR(tmp); 18211da177e4SLinus Torvalds if (!IS_ERR(tmp)) { 18222d8f3038SAl Viro 18232d8f3038SAl Viro BUG_ON(flags & LOOKUP_PARENT); 18242d8f3038SAl Viro 18252d8f3038SAl Viro err = do_path_lookup(dfd, tmp, flags, &nd); 18261da177e4SLinus Torvalds putname(tmp); 18272d8f3038SAl Viro if (!err) 18282d8f3038SAl Viro *path = nd.path; 18291da177e4SLinus Torvalds } 18301da177e4SLinus Torvalds return err; 18311da177e4SLinus Torvalds } 18321da177e4SLinus Torvalds 18332ad94ae6SAl Viro static int user_path_parent(int dfd, const char __user *path, 18342ad94ae6SAl Viro struct nameidata *nd, char **name) 18352ad94ae6SAl Viro { 18362ad94ae6SAl Viro char *s = getname(path); 18372ad94ae6SAl Viro int error; 18382ad94ae6SAl Viro 18392ad94ae6SAl Viro if (IS_ERR(s)) 18402ad94ae6SAl Viro return PTR_ERR(s); 18412ad94ae6SAl Viro 18422ad94ae6SAl Viro error = do_path_lookup(dfd, s, LOOKUP_PARENT, nd); 18432ad94ae6SAl Viro if (error) 18442ad94ae6SAl Viro putname(s); 18452ad94ae6SAl Viro else 18462ad94ae6SAl Viro *name = s; 18472ad94ae6SAl Viro 18482ad94ae6SAl Viro return error; 18492ad94ae6SAl Viro } 18502ad94ae6SAl Viro 18511da177e4SLinus Torvalds /* 18521da177e4SLinus Torvalds * It's inline, so penalty for filesystems that don't use sticky bit is 18531da177e4SLinus Torvalds * minimal. 18541da177e4SLinus Torvalds */ 18551da177e4SLinus Torvalds static inline int check_sticky(struct inode *dir, struct inode *inode) 18561da177e4SLinus Torvalds { 1857da9592edSDavid Howells uid_t fsuid = current_fsuid(); 1858da9592edSDavid Howells 18591da177e4SLinus Torvalds if (!(dir->i_mode & S_ISVTX)) 18601da177e4SLinus Torvalds return 0; 1861da9592edSDavid Howells if (inode->i_uid == fsuid) 18621da177e4SLinus Torvalds return 0; 1863da9592edSDavid Howells if (dir->i_uid == fsuid) 18641da177e4SLinus Torvalds return 0; 18651da177e4SLinus Torvalds return !capable(CAP_FOWNER); 18661da177e4SLinus Torvalds } 18671da177e4SLinus Torvalds 18681da177e4SLinus Torvalds /* 18691da177e4SLinus Torvalds * Check whether we can remove a link victim from directory dir, check 18701da177e4SLinus Torvalds * whether the type of victim is right. 18711da177e4SLinus Torvalds * 1. We can't do it if dir is read-only (done in permission()) 18721da177e4SLinus Torvalds * 2. We should have write and exec permissions on dir 18731da177e4SLinus Torvalds * 3. We can't remove anything from append-only dir 18741da177e4SLinus Torvalds * 4. We can't do anything with immutable dir (done in permission()) 18751da177e4SLinus Torvalds * 5. If the sticky bit on dir is set we should either 18761da177e4SLinus Torvalds * a. be owner of dir, or 18771da177e4SLinus Torvalds * b. be owner of victim, or 18781da177e4SLinus Torvalds * c. have CAP_FOWNER capability 18791da177e4SLinus Torvalds * 6. If the victim is append-only or immutable we can't do antyhing with 18801da177e4SLinus Torvalds * links pointing to it. 18811da177e4SLinus Torvalds * 7. If we were asked to remove a directory and victim isn't one - ENOTDIR. 18821da177e4SLinus Torvalds * 8. If we were asked to remove a non-directory and victim isn't one - EISDIR. 18831da177e4SLinus Torvalds * 9. We can't remove a root or mountpoint. 18841da177e4SLinus Torvalds * 10. We don't allow removal of NFS sillyrenamed files; it's handled by 18851da177e4SLinus Torvalds * nfs_async_unlink(). 18861da177e4SLinus Torvalds */ 1887858119e1SArjan van de Ven static int may_delete(struct inode *dir,struct dentry *victim,int isdir) 18881da177e4SLinus Torvalds { 18891da177e4SLinus Torvalds int error; 18901da177e4SLinus Torvalds 18911da177e4SLinus Torvalds if (!victim->d_inode) 18921da177e4SLinus Torvalds return -ENOENT; 18931da177e4SLinus Torvalds 18941da177e4SLinus Torvalds BUG_ON(victim->d_parent->d_inode != dir); 1895cccc6bbaSAl Viro audit_inode_child(victim, dir); 18961da177e4SLinus Torvalds 1897f419a2e3SAl Viro error = inode_permission(dir, MAY_WRITE | MAY_EXEC); 18981da177e4SLinus Torvalds if (error) 18991da177e4SLinus Torvalds return error; 19001da177e4SLinus Torvalds if (IS_APPEND(dir)) 19011da177e4SLinus Torvalds return -EPERM; 19021da177e4SLinus Torvalds if (check_sticky(dir, victim->d_inode)||IS_APPEND(victim->d_inode)|| 1903f9454548SHugh Dickins IS_IMMUTABLE(victim->d_inode) || IS_SWAPFILE(victim->d_inode)) 19041da177e4SLinus Torvalds return -EPERM; 19051da177e4SLinus Torvalds if (isdir) { 19061da177e4SLinus Torvalds if (!S_ISDIR(victim->d_inode->i_mode)) 19071da177e4SLinus Torvalds return -ENOTDIR; 19081da177e4SLinus Torvalds if (IS_ROOT(victim)) 19091da177e4SLinus Torvalds return -EBUSY; 19101da177e4SLinus Torvalds } else if (S_ISDIR(victim->d_inode->i_mode)) 19111da177e4SLinus Torvalds return -EISDIR; 19121da177e4SLinus Torvalds if (IS_DEADDIR(dir)) 19131da177e4SLinus Torvalds return -ENOENT; 19141da177e4SLinus Torvalds if (victim->d_flags & DCACHE_NFSFS_RENAMED) 19151da177e4SLinus Torvalds return -EBUSY; 19161da177e4SLinus Torvalds return 0; 19171da177e4SLinus Torvalds } 19181da177e4SLinus Torvalds 19191da177e4SLinus Torvalds /* Check whether we can create an object with dentry child in directory 19201da177e4SLinus Torvalds * dir. 19211da177e4SLinus Torvalds * 1. We can't do it if child already exists (open has special treatment for 19221da177e4SLinus Torvalds * this case, but since we are inlined it's OK) 19231da177e4SLinus Torvalds * 2. We can't do it if dir is read-only (done in permission()) 19241da177e4SLinus Torvalds * 3. We should have write and exec permissions on dir 19251da177e4SLinus Torvalds * 4. We can't do it if dir is immutable (done in permission()) 19261da177e4SLinus Torvalds */ 1927a95164d9SMiklos Szeredi static inline int may_create(struct inode *dir, struct dentry *child) 19281da177e4SLinus Torvalds { 19291da177e4SLinus Torvalds if (child->d_inode) 19301da177e4SLinus Torvalds return -EEXIST; 19311da177e4SLinus Torvalds if (IS_DEADDIR(dir)) 19321da177e4SLinus Torvalds return -ENOENT; 1933f419a2e3SAl Viro return inode_permission(dir, MAY_WRITE | MAY_EXEC); 19341da177e4SLinus Torvalds } 19351da177e4SLinus Torvalds 19361da177e4SLinus Torvalds /* 19371da177e4SLinus Torvalds * p1 and p2 should be directories on the same fs. 19381da177e4SLinus Torvalds */ 19391da177e4SLinus Torvalds struct dentry *lock_rename(struct dentry *p1, struct dentry *p2) 19401da177e4SLinus Torvalds { 19411da177e4SLinus Torvalds struct dentry *p; 19421da177e4SLinus Torvalds 19431da177e4SLinus Torvalds if (p1 == p2) { 1944f2eace23SIngo Molnar mutex_lock_nested(&p1->d_inode->i_mutex, I_MUTEX_PARENT); 19451da177e4SLinus Torvalds return NULL; 19461da177e4SLinus Torvalds } 19471da177e4SLinus Torvalds 1948a11f3a05SArjan van de Ven mutex_lock(&p1->d_inode->i_sb->s_vfs_rename_mutex); 19491da177e4SLinus Torvalds 1950e2761a11SOGAWA Hirofumi p = d_ancestor(p2, p1); 1951e2761a11SOGAWA Hirofumi if (p) { 1952f2eace23SIngo Molnar mutex_lock_nested(&p2->d_inode->i_mutex, I_MUTEX_PARENT); 1953f2eace23SIngo Molnar mutex_lock_nested(&p1->d_inode->i_mutex, I_MUTEX_CHILD); 19541da177e4SLinus Torvalds return p; 19551da177e4SLinus Torvalds } 19561da177e4SLinus Torvalds 1957e2761a11SOGAWA Hirofumi p = d_ancestor(p1, p2); 1958e2761a11SOGAWA Hirofumi if (p) { 1959f2eace23SIngo Molnar mutex_lock_nested(&p1->d_inode->i_mutex, I_MUTEX_PARENT); 1960f2eace23SIngo Molnar mutex_lock_nested(&p2->d_inode->i_mutex, I_MUTEX_CHILD); 19611da177e4SLinus Torvalds return p; 19621da177e4SLinus Torvalds } 19631da177e4SLinus Torvalds 1964f2eace23SIngo Molnar mutex_lock_nested(&p1->d_inode->i_mutex, I_MUTEX_PARENT); 1965f2eace23SIngo Molnar mutex_lock_nested(&p2->d_inode->i_mutex, I_MUTEX_CHILD); 19661da177e4SLinus Torvalds return NULL; 19671da177e4SLinus Torvalds } 19681da177e4SLinus Torvalds 19691da177e4SLinus Torvalds void unlock_rename(struct dentry *p1, struct dentry *p2) 19701da177e4SLinus Torvalds { 19711b1dcc1bSJes Sorensen mutex_unlock(&p1->d_inode->i_mutex); 19721da177e4SLinus Torvalds if (p1 != p2) { 19731b1dcc1bSJes Sorensen mutex_unlock(&p2->d_inode->i_mutex); 1974a11f3a05SArjan van de Ven mutex_unlock(&p1->d_inode->i_sb->s_vfs_rename_mutex); 19751da177e4SLinus Torvalds } 19761da177e4SLinus Torvalds } 19771da177e4SLinus Torvalds 19781da177e4SLinus Torvalds int vfs_create(struct inode *dir, struct dentry *dentry, int mode, 19791da177e4SLinus Torvalds struct nameidata *nd) 19801da177e4SLinus Torvalds { 1981a95164d9SMiklos Szeredi int error = may_create(dir, dentry); 19821da177e4SLinus Torvalds 19831da177e4SLinus Torvalds if (error) 19841da177e4SLinus Torvalds return error; 19851da177e4SLinus Torvalds 1986acfa4380SAl Viro if (!dir->i_op->create) 19871da177e4SLinus Torvalds return -EACCES; /* shouldn't it be ENOSYS? */ 19881da177e4SLinus Torvalds mode &= S_IALLUGO; 19891da177e4SLinus Torvalds mode |= S_IFREG; 19901da177e4SLinus Torvalds error = security_inode_create(dir, dentry, mode); 19911da177e4SLinus Torvalds if (error) 19921da177e4SLinus Torvalds return error; 19931da177e4SLinus Torvalds error = dir->i_op->create(dir, dentry, mode, nd); 1994a74574aaSStephen Smalley if (!error) 1995f38aa942SAmy Griffis fsnotify_create(dir, dentry); 19961da177e4SLinus Torvalds return error; 19971da177e4SLinus Torvalds } 19981da177e4SLinus Torvalds 199973d049a4SAl Viro static int may_open(struct path *path, int acc_mode, int flag) 20001da177e4SLinus Torvalds { 20013fb64190SChristoph Hellwig struct dentry *dentry = path->dentry; 20021da177e4SLinus Torvalds struct inode *inode = dentry->d_inode; 20031da177e4SLinus Torvalds int error; 20041da177e4SLinus Torvalds 2005bcda7652SAl Viro /* O_PATH? */ 2006bcda7652SAl Viro if (!acc_mode) 2007bcda7652SAl Viro return 0; 2008bcda7652SAl Viro 20091da177e4SLinus Torvalds if (!inode) 20101da177e4SLinus Torvalds return -ENOENT; 20111da177e4SLinus Torvalds 2012c8fe8f30SChristoph Hellwig switch (inode->i_mode & S_IFMT) { 2013c8fe8f30SChristoph Hellwig case S_IFLNK: 20141da177e4SLinus Torvalds return -ELOOP; 2015c8fe8f30SChristoph Hellwig case S_IFDIR: 2016c8fe8f30SChristoph Hellwig if (acc_mode & MAY_WRITE) 20171da177e4SLinus Torvalds return -EISDIR; 2018c8fe8f30SChristoph Hellwig break; 2019c8fe8f30SChristoph Hellwig case S_IFBLK: 2020c8fe8f30SChristoph Hellwig case S_IFCHR: 20213fb64190SChristoph Hellwig if (path->mnt->mnt_flags & MNT_NODEV) 20221da177e4SLinus Torvalds return -EACCES; 2023c8fe8f30SChristoph Hellwig /*FALLTHRU*/ 2024c8fe8f30SChristoph Hellwig case S_IFIFO: 2025c8fe8f30SChristoph Hellwig case S_IFSOCK: 20261da177e4SLinus Torvalds flag &= ~O_TRUNC; 2027c8fe8f30SChristoph Hellwig break; 20284a3fd211SDave Hansen } 2029b41572e9SDave Hansen 20303fb64190SChristoph Hellwig error = inode_permission(inode, acc_mode); 2031b41572e9SDave Hansen if (error) 2032b41572e9SDave Hansen return error; 20336146f0d5SMimi Zohar 20341da177e4SLinus Torvalds /* 20351da177e4SLinus Torvalds * An append-only file must be opened in append mode for writing. 20361da177e4SLinus Torvalds */ 20371da177e4SLinus Torvalds if (IS_APPEND(inode)) { 20388737c930SAl Viro if ((flag & O_ACCMODE) != O_RDONLY && !(flag & O_APPEND)) 20397715b521SAl Viro return -EPERM; 20401da177e4SLinus Torvalds if (flag & O_TRUNC) 20417715b521SAl Viro return -EPERM; 20421da177e4SLinus Torvalds } 20431da177e4SLinus Torvalds 20441da177e4SLinus Torvalds /* O_NOATIME can only be set by the owner or superuser */ 20457715b521SAl Viro if (flag & O_NOATIME && !is_owner_or_cap(inode)) 20467715b521SAl Viro return -EPERM; 20471da177e4SLinus Torvalds 20481da177e4SLinus Torvalds /* 20491da177e4SLinus Torvalds * Ensure there are no outstanding leases on the file. 20501da177e4SLinus Torvalds */ 2051b65a9cfcSAl Viro return break_lease(inode, flag); 20527715b521SAl Viro } 20537715b521SAl Viro 2054e1181ee6SJeff Layton static int handle_truncate(struct file *filp) 20557715b521SAl Viro { 2056e1181ee6SJeff Layton struct path *path = &filp->f_path; 20577715b521SAl Viro struct inode *inode = path->dentry->d_inode; 20587715b521SAl Viro int error = get_write_access(inode); 20591da177e4SLinus Torvalds if (error) 20607715b521SAl Viro return error; 20611da177e4SLinus Torvalds /* 20621da177e4SLinus Torvalds * Refuse to truncate files with mandatory locks held on them. 20631da177e4SLinus Torvalds */ 20641da177e4SLinus Torvalds error = locks_verify_locked(inode); 2065be6d3e56SKentaro Takeda if (!error) 2066ea0d3ab2STetsuo Handa error = security_path_truncate(path); 20671da177e4SLinus Torvalds if (!error) { 20687715b521SAl Viro error = do_truncate(path->dentry, 0, 2069d139d7ffSMiklos Szeredi ATTR_MTIME|ATTR_CTIME|ATTR_OPEN, 2070e1181ee6SJeff Layton filp); 20711da177e4SLinus Torvalds } 20721da177e4SLinus Torvalds put_write_access(inode); 2073acd0c935SMimi Zohar return error; 20741da177e4SLinus Torvalds } 20751da177e4SLinus Torvalds 2076d57999e1SDave Hansen /* 2077d57999e1SDave Hansen * Note that while the flag value (low two bits) for sys_open means: 2078d57999e1SDave Hansen * 00 - read-only 2079d57999e1SDave Hansen * 01 - write-only 2080d57999e1SDave Hansen * 10 - read-write 2081d57999e1SDave Hansen * 11 - special 2082d57999e1SDave Hansen * it is changed into 2083d57999e1SDave Hansen * 00 - no permissions needed 2084d57999e1SDave Hansen * 01 - read-permission 2085d57999e1SDave Hansen * 10 - write-permission 2086d57999e1SDave Hansen * 11 - read-write 2087d57999e1SDave Hansen * for the internal routines (ie open_namei()/follow_link() etc) 2088d57999e1SDave Hansen * This is more logical, and also allows the 00 "no perm needed" 2089d57999e1SDave Hansen * to be used for symlinks (where the permissions are checked 2090d57999e1SDave Hansen * later). 2091d57999e1SDave Hansen * 2092d57999e1SDave Hansen */ 2093d57999e1SDave Hansen static inline int open_to_namei_flags(int flag) 2094d57999e1SDave Hansen { 2095d57999e1SDave Hansen if ((flag+1) & O_ACCMODE) 2096d57999e1SDave Hansen flag++; 2097d57999e1SDave Hansen return flag; 2098d57999e1SDave Hansen } 2099d57999e1SDave Hansen 210031e6b01fSNick Piggin /* 2101fe2d35ffSAl Viro * Handle the last step of open() 210231e6b01fSNick Piggin */ 2103fb1cc555SAl Viro static struct file *do_last(struct nameidata *nd, struct path *path, 2104c3e380b0SAl Viro const struct open_flags *op, const char *pathname) 2105fb1cc555SAl Viro { 2106a1e28038SAl Viro struct dentry *dir = nd->path.dentry; 21076c0d46c4SAl Viro struct dentry *dentry; 2108ca344a89SAl Viro int open_flag = op->open_flag; 21096c0d46c4SAl Viro int will_truncate = open_flag & O_TRUNC; 2110ca344a89SAl Viro int want_write = 0; 2111bcda7652SAl Viro int acc_mode = op->acc_mode; 2112fb1cc555SAl Viro struct file *filp; 211316c2cd71SAl Viro int error; 2114fb1cc555SAl Viro 2115c3e380b0SAl Viro nd->flags &= ~LOOKUP_PARENT; 2116c3e380b0SAl Viro nd->flags |= op->intent; 2117c3e380b0SAl Viro 21181f36f774SAl Viro switch (nd->last_type) { 21191f36f774SAl Viro case LAST_DOTDOT: 2120176306f5SNeil Brown case LAST_DOT: 2121fe2d35ffSAl Viro error = handle_dots(nd, nd->last_type); 2122fe2d35ffSAl Viro if (error) 2123fe2d35ffSAl Viro return ERR_PTR(error); 21241f36f774SAl Viro /* fallthrough */ 21251f36f774SAl Viro case LAST_ROOT: 2126fe2d35ffSAl Viro if (nd->flags & LOOKUP_RCU) { 2127fe2d35ffSAl Viro if (nameidata_drop_rcu_last(nd)) 2128fe2d35ffSAl Viro return ERR_PTR(-ECHILD); 2129fe2d35ffSAl Viro } 213016c2cd71SAl Viro error = handle_reval_path(nd); 213116c2cd71SAl Viro if (error) 213216c2cd71SAl Viro goto exit; 2133fe2d35ffSAl Viro audit_inode(pathname, nd->path.dentry); 2134ca344a89SAl Viro if (open_flag & O_CREAT) { 213516c2cd71SAl Viro error = -EISDIR; 21361f36f774SAl Viro goto exit; 2137fe2d35ffSAl Viro } 2138fe2d35ffSAl Viro goto ok; 21391f36f774SAl Viro case LAST_BIND: 2140fe2d35ffSAl Viro /* can't be RCU mode here */ 214116c2cd71SAl Viro error = handle_reval_path(nd); 214216c2cd71SAl Viro if (error) 214316c2cd71SAl Viro goto exit; 21441f36f774SAl Viro audit_inode(pathname, dir); 21451f36f774SAl Viro goto ok; 21461f36f774SAl Viro } 2147a2c36b45SAl Viro 2148ca344a89SAl Viro if (!(open_flag & O_CREAT)) { 2149bcda7652SAl Viro int symlink_ok = 0; 2150fe2d35ffSAl Viro if (nd->last.name[nd->last.len]) 2151fe2d35ffSAl Viro nd->flags |= LOOKUP_FOLLOW | LOOKUP_DIRECTORY; 2152bcda7652SAl Viro if (open_flag & O_PATH && !(nd->flags & LOOKUP_FOLLOW)) 2153bcda7652SAl Viro symlink_ok = 1; 2154fe2d35ffSAl Viro /* we _can_ be in RCU mode here */ 2155ce57dfc1SAl Viro error = walk_component(nd, path, &nd->last, LAST_NORM, 2156ce57dfc1SAl Viro !symlink_ok); 2157ce57dfc1SAl Viro if (error < 0) 2158fe2d35ffSAl Viro return ERR_PTR(error); 2159ce57dfc1SAl Viro if (error) /* symlink */ 2160fe2d35ffSAl Viro return NULL; 2161fe2d35ffSAl Viro /* sayonara */ 2162fe2d35ffSAl Viro if (nd->flags & LOOKUP_RCU) { 2163fe2d35ffSAl Viro if (nameidata_drop_rcu_last(nd)) 2164fe2d35ffSAl Viro return ERR_PTR(-ECHILD); 2165fe2d35ffSAl Viro } 2166fe2d35ffSAl Viro 2167fe2d35ffSAl Viro error = -ENOTDIR; 2168fe2d35ffSAl Viro if (nd->flags & LOOKUP_DIRECTORY) { 2169ce57dfc1SAl Viro if (!nd->inode->i_op->lookup) 2170fe2d35ffSAl Viro goto exit; 2171fe2d35ffSAl Viro } 2172fe2d35ffSAl Viro audit_inode(pathname, nd->path.dentry); 2173fe2d35ffSAl Viro goto ok; 2174fe2d35ffSAl Viro } 2175fe2d35ffSAl Viro 2176fe2d35ffSAl Viro /* create side of things */ 2177fe2d35ffSAl Viro 2178fe2d35ffSAl Viro if (nd->flags & LOOKUP_RCU) { 2179fe2d35ffSAl Viro if (nameidata_drop_rcu_last(nd)) 2180fe2d35ffSAl Viro return ERR_PTR(-ECHILD); 2181fe2d35ffSAl Viro } 2182fe2d35ffSAl Viro 2183fe2d35ffSAl Viro audit_inode(pathname, dir); 218416c2cd71SAl Viro error = -EISDIR; 21851f36f774SAl Viro /* trailing slashes? */ 218631e6b01fSNick Piggin if (nd->last.name[nd->last.len]) 21871f36f774SAl Viro goto exit; 21881f36f774SAl Viro 2189a1e28038SAl Viro mutex_lock(&dir->d_inode->i_mutex); 2190a1e28038SAl Viro 21916c0d46c4SAl Viro dentry = lookup_hash(nd); 21926c0d46c4SAl Viro error = PTR_ERR(dentry); 21936c0d46c4SAl Viro if (IS_ERR(dentry)) { 2194fb1cc555SAl Viro mutex_unlock(&dir->d_inode->i_mutex); 2195fb1cc555SAl Viro goto exit; 2196fb1cc555SAl Viro } 2197fb1cc555SAl Viro 21986c0d46c4SAl Viro path->dentry = dentry; 21996c0d46c4SAl Viro path->mnt = nd->path.mnt; 22006c0d46c4SAl Viro 2201fb1cc555SAl Viro /* Negative dentry, just create the file */ 22026c0d46c4SAl Viro if (!dentry->d_inode) { 22036c0d46c4SAl Viro int mode = op->mode; 22046c0d46c4SAl Viro if (!IS_POSIXACL(dir->d_inode)) 22056c0d46c4SAl Viro mode &= ~current_umask(); 2206fb1cc555SAl Viro /* 2207fb1cc555SAl Viro * This write is needed to ensure that a 22086c0d46c4SAl Viro * rw->ro transition does not occur between 2209fb1cc555SAl Viro * the time when the file is created and when 2210fb1cc555SAl Viro * a permanent write count is taken through 2211fb1cc555SAl Viro * the 'struct file' in nameidata_to_filp(). 2212fb1cc555SAl Viro */ 2213fb1cc555SAl Viro error = mnt_want_write(nd->path.mnt); 2214fb1cc555SAl Viro if (error) 2215fb1cc555SAl Viro goto exit_mutex_unlock; 2216ca344a89SAl Viro want_write = 1; 22179b44f1b3SAl Viro /* Don't check for write permission, don't truncate */ 2218ca344a89SAl Viro open_flag &= ~O_TRUNC; 22196c0d46c4SAl Viro will_truncate = 0; 2220bcda7652SAl Viro acc_mode = MAY_OPEN; 22216c0d46c4SAl Viro error = security_path_mknod(&nd->path, dentry, mode, 0); 22226c0d46c4SAl Viro if (error) 22236c0d46c4SAl Viro goto exit_mutex_unlock; 22246c0d46c4SAl Viro error = vfs_create(dir->d_inode, dentry, mode, nd); 22256c0d46c4SAl Viro if (error) 22266c0d46c4SAl Viro goto exit_mutex_unlock; 22276c0d46c4SAl Viro mutex_unlock(&dir->d_inode->i_mutex); 22286c0d46c4SAl Viro dput(nd->path.dentry); 22296c0d46c4SAl Viro nd->path.dentry = dentry; 2230ca344a89SAl Viro goto common; 2231fb1cc555SAl Viro } 2232fb1cc555SAl Viro 2233fb1cc555SAl Viro /* 2234fb1cc555SAl Viro * It already exists. 2235fb1cc555SAl Viro */ 2236fb1cc555SAl Viro mutex_unlock(&dir->d_inode->i_mutex); 2237fb1cc555SAl Viro audit_inode(pathname, path->dentry); 2238fb1cc555SAl Viro 2239fb1cc555SAl Viro error = -EEXIST; 2240ca344a89SAl Viro if (open_flag & O_EXCL) 2241fb1cc555SAl Viro goto exit_dput; 2242fb1cc555SAl Viro 22439875cf80SDavid Howells error = follow_managed(path, nd->flags); 22449875cf80SDavid Howells if (error < 0) 2245fb1cc555SAl Viro goto exit_dput; 2246fb1cc555SAl Viro 2247fb1cc555SAl Viro error = -ENOENT; 2248fb1cc555SAl Viro if (!path->dentry->d_inode) 2249fb1cc555SAl Viro goto exit_dput; 22509e67f361SAl Viro 22519e67f361SAl Viro if (path->dentry->d_inode->i_op->follow_link) 2252fb1cc555SAl Viro return NULL; 2253fb1cc555SAl Viro 2254fb1cc555SAl Viro path_to_nameidata(path, nd); 225531e6b01fSNick Piggin nd->inode = path->dentry->d_inode; 2256fb1cc555SAl Viro error = -EISDIR; 225731e6b01fSNick Piggin if (S_ISDIR(nd->inode->i_mode)) 2258fb1cc555SAl Viro goto exit; 225967ee3ad2SAl Viro ok: 22606c0d46c4SAl Viro if (!S_ISREG(nd->inode->i_mode)) 22616c0d46c4SAl Viro will_truncate = 0; 22626c0d46c4SAl Viro 22630f9d1a10SAl Viro if (will_truncate) { 22640f9d1a10SAl Viro error = mnt_want_write(nd->path.mnt); 22650f9d1a10SAl Viro if (error) 22660f9d1a10SAl Viro goto exit; 2267ca344a89SAl Viro want_write = 1; 22680f9d1a10SAl Viro } 2269ca344a89SAl Viro common: 2270bcda7652SAl Viro error = may_open(&nd->path, acc_mode, open_flag); 2271ca344a89SAl Viro if (error) 22720f9d1a10SAl Viro goto exit; 22730f9d1a10SAl Viro filp = nameidata_to_filp(nd); 22740f9d1a10SAl Viro if (!IS_ERR(filp)) { 22750f9d1a10SAl Viro error = ima_file_check(filp, op->acc_mode); 22760f9d1a10SAl Viro if (error) { 22770f9d1a10SAl Viro fput(filp); 22780f9d1a10SAl Viro filp = ERR_PTR(error); 22790f9d1a10SAl Viro } 22800f9d1a10SAl Viro } 22810f9d1a10SAl Viro if (!IS_ERR(filp)) { 22820f9d1a10SAl Viro if (will_truncate) { 22830f9d1a10SAl Viro error = handle_truncate(filp); 22840f9d1a10SAl Viro if (error) { 22850f9d1a10SAl Viro fput(filp); 22860f9d1a10SAl Viro filp = ERR_PTR(error); 22870f9d1a10SAl Viro } 22880f9d1a10SAl Viro } 22890f9d1a10SAl Viro } 2290ca344a89SAl Viro out: 2291ca344a89SAl Viro if (want_write) 22920f9d1a10SAl Viro mnt_drop_write(nd->path.mnt); 22930f9d1a10SAl Viro path_put(&nd->path); 2294fb1cc555SAl Viro return filp; 2295fb1cc555SAl Viro 2296fb1cc555SAl Viro exit_mutex_unlock: 2297fb1cc555SAl Viro mutex_unlock(&dir->d_inode->i_mutex); 2298fb1cc555SAl Viro exit_dput: 2299fb1cc555SAl Viro path_put_conditional(path, nd); 2300fb1cc555SAl Viro exit: 2301ca344a89SAl Viro filp = ERR_PTR(error); 2302ca344a89SAl Viro goto out; 2303fb1cc555SAl Viro } 2304fb1cc555SAl Viro 230513aab428SAl Viro static struct file *path_openat(int dfd, const char *pathname, 230673d049a4SAl Viro struct nameidata *nd, const struct open_flags *op, int flags) 23071da177e4SLinus Torvalds { 2308fe2d35ffSAl Viro struct file *base = NULL; 23094a3fd211SDave Hansen struct file *filp; 23109850c056SAl Viro struct path path; 23111da177e4SLinus Torvalds int count = 0; 231213aab428SAl Viro int error; 231331e6b01fSNick Piggin 231431e6b01fSNick Piggin filp = get_empty_filp(); 231531e6b01fSNick Piggin if (!filp) 231631e6b01fSNick Piggin return ERR_PTR(-ENFILE); 231731e6b01fSNick Piggin 231847c805dcSAl Viro filp->f_flags = op->open_flag; 231973d049a4SAl Viro nd->intent.open.file = filp; 232073d049a4SAl Viro nd->intent.open.flags = open_to_namei_flags(op->open_flag); 232173d049a4SAl Viro nd->intent.open.create_mode = op->mode; 232231e6b01fSNick Piggin 232373d049a4SAl Viro error = path_init(dfd, pathname, flags | LOOKUP_PARENT, nd, &base); 232431e6b01fSNick Piggin if (unlikely(error)) 232513aab428SAl Viro goto out_filp; 232631e6b01fSNick Piggin 2327fe2d35ffSAl Viro current->total_link_count = 0; 232873d049a4SAl Viro error = link_path_walk(pathname, nd); 232931e6b01fSNick Piggin if (unlikely(error)) 233031e6b01fSNick Piggin goto out_filp; 23311da177e4SLinus Torvalds 233273d049a4SAl Viro filp = do_last(nd, &path, op, pathname); 2333806b681cSAl Viro while (unlikely(!filp)) { /* trailing symlink */ 23347b9337aaSNick Piggin struct path link = path; 23357b9337aaSNick Piggin struct inode *linki = link.dentry->d_inode; 2336def4af30SAl Viro void *cookie; 233773d049a4SAl Viro if (!(nd->flags & LOOKUP_FOLLOW) || count++ == 32) { 233873d049a4SAl Viro path_put_conditional(&path, nd); 233973d049a4SAl Viro path_put(&nd->path); 234040b39136SAl Viro filp = ERR_PTR(-ELOOP); 234140b39136SAl Viro break; 234240b39136SAl Viro } 2343806b681cSAl Viro /* 2344806b681cSAl Viro * This is subtle. Instead of calling do_follow_link() we do 2345806b681cSAl Viro * the thing by hands. The reason is that this way we have zero 2346806b681cSAl Viro * link_count and path_walk() (called from ->follow_link) 2347806b681cSAl Viro * honoring LOOKUP_PARENT. After that we have the parent and 2348806b681cSAl Viro * last component, i.e. we are in the same situation as after 2349806b681cSAl Viro * the first path_walk(). Well, almost - if the last component 2350806b681cSAl Viro * is normal we get its copy stored in nd->last.name and we will 2351806b681cSAl Viro * have to putname() it when we are done. Procfs-like symlinks 2352806b681cSAl Viro * just set LAST_BIND. 2353806b681cSAl Viro */ 235473d049a4SAl Viro nd->flags |= LOOKUP_PARENT; 235573d049a4SAl Viro nd->flags &= ~(LOOKUP_OPEN|LOOKUP_CREATE|LOOKUP_EXCL); 235673d049a4SAl Viro error = __do_follow_link(&link, nd, &cookie); 2357c3e380b0SAl Viro if (unlikely(error)) 2358f1afe9efSAl Viro filp = ERR_PTR(error); 2359c3e380b0SAl Viro else 236073d049a4SAl Viro filp = do_last(nd, &path, op, pathname); 2361f1afe9efSAl Viro if (!IS_ERR(cookie) && linki->i_op->put_link) 236273d049a4SAl Viro linki->i_op->put_link(link.dentry, nd, cookie); 23637b9337aaSNick Piggin path_put(&link); 2364806b681cSAl Viro } 236510fa8e62SAl Viro out: 236673d049a4SAl Viro if (nd->root.mnt && !(nd->flags & LOOKUP_ROOT)) 236773d049a4SAl Viro path_put(&nd->root); 2368fe2d35ffSAl Viro if (base) 2369fe2d35ffSAl Viro fput(base); 237073d049a4SAl Viro release_open_intent(nd); 237110fa8e62SAl Viro return filp; 23721da177e4SLinus Torvalds 237331e6b01fSNick Piggin out_filp: 237410fa8e62SAl Viro filp = ERR_PTR(error); 237510fa8e62SAl Viro goto out; 2376de459215SKirill Korotaev } 23771da177e4SLinus Torvalds 237813aab428SAl Viro struct file *do_filp_open(int dfd, const char *pathname, 237913aab428SAl Viro const struct open_flags *op, int flags) 238013aab428SAl Viro { 238173d049a4SAl Viro struct nameidata nd; 238213aab428SAl Viro struct file *filp; 238313aab428SAl Viro 238473d049a4SAl Viro filp = path_openat(dfd, pathname, &nd, op, flags | LOOKUP_RCU); 238513aab428SAl Viro if (unlikely(filp == ERR_PTR(-ECHILD))) 238673d049a4SAl Viro filp = path_openat(dfd, pathname, &nd, op, flags); 238713aab428SAl Viro if (unlikely(filp == ERR_PTR(-ESTALE))) 238873d049a4SAl Viro filp = path_openat(dfd, pathname, &nd, op, flags | LOOKUP_REVAL); 238913aab428SAl Viro return filp; 239013aab428SAl Viro } 239113aab428SAl Viro 239273d049a4SAl Viro struct file *do_file_open_root(struct dentry *dentry, struct vfsmount *mnt, 239373d049a4SAl Viro const char *name, const struct open_flags *op, int flags) 239473d049a4SAl Viro { 239573d049a4SAl Viro struct nameidata nd; 239673d049a4SAl Viro struct file *file; 239773d049a4SAl Viro 239873d049a4SAl Viro nd.root.mnt = mnt; 239973d049a4SAl Viro nd.root.dentry = dentry; 240073d049a4SAl Viro 240173d049a4SAl Viro flags |= LOOKUP_ROOT; 240273d049a4SAl Viro 2403bcda7652SAl Viro if (dentry->d_inode->i_op->follow_link && op->intent & LOOKUP_OPEN) 240473d049a4SAl Viro return ERR_PTR(-ELOOP); 240573d049a4SAl Viro 240673d049a4SAl Viro file = path_openat(-1, name, &nd, op, flags | LOOKUP_RCU); 240773d049a4SAl Viro if (unlikely(file == ERR_PTR(-ECHILD))) 240873d049a4SAl Viro file = path_openat(-1, name, &nd, op, flags); 240973d049a4SAl Viro if (unlikely(file == ERR_PTR(-ESTALE))) 241073d049a4SAl Viro file = path_openat(-1, name, &nd, op, flags | LOOKUP_REVAL); 241173d049a4SAl Viro return file; 241273d049a4SAl Viro } 241373d049a4SAl Viro 24141da177e4SLinus Torvalds /** 24151da177e4SLinus Torvalds * lookup_create - lookup a dentry, creating it if it doesn't exist 24161da177e4SLinus Torvalds * @nd: nameidata info 24171da177e4SLinus Torvalds * @is_dir: directory flag 24181da177e4SLinus Torvalds * 24191da177e4SLinus Torvalds * Simple function to lookup and return a dentry and create it 24201da177e4SLinus Torvalds * if it doesn't exist. Is SMP-safe. 2421c663e5d8SChristoph Hellwig * 24224ac91378SJan Blunck * Returns with nd->path.dentry->d_inode->i_mutex locked. 24231da177e4SLinus Torvalds */ 24241da177e4SLinus Torvalds struct dentry *lookup_create(struct nameidata *nd, int is_dir) 24251da177e4SLinus Torvalds { 2426c663e5d8SChristoph Hellwig struct dentry *dentry = ERR_PTR(-EEXIST); 24271da177e4SLinus Torvalds 24284ac91378SJan Blunck mutex_lock_nested(&nd->path.dentry->d_inode->i_mutex, I_MUTEX_PARENT); 2429c663e5d8SChristoph Hellwig /* 2430c663e5d8SChristoph Hellwig * Yucky last component or no last component at all? 2431c663e5d8SChristoph Hellwig * (foo/., foo/.., /////) 2432c663e5d8SChristoph Hellwig */ 24331da177e4SLinus Torvalds if (nd->last_type != LAST_NORM) 24341da177e4SLinus Torvalds goto fail; 24351da177e4SLinus Torvalds nd->flags &= ~LOOKUP_PARENT; 24363516586aSAl Viro nd->flags |= LOOKUP_CREATE | LOOKUP_EXCL; 2437a634904aSASANO Masahiro nd->intent.open.flags = O_EXCL; 2438c663e5d8SChristoph Hellwig 2439c663e5d8SChristoph Hellwig /* 2440c663e5d8SChristoph Hellwig * Do the final lookup. 2441c663e5d8SChristoph Hellwig */ 244249705b77SChristoph Hellwig dentry = lookup_hash(nd); 24431da177e4SLinus Torvalds if (IS_ERR(dentry)) 24441da177e4SLinus Torvalds goto fail; 2445c663e5d8SChristoph Hellwig 2446e9baf6e5SAl Viro if (dentry->d_inode) 2447e9baf6e5SAl Viro goto eexist; 2448c663e5d8SChristoph Hellwig /* 2449c663e5d8SChristoph Hellwig * Special case - lookup gave negative, but... we had foo/bar/ 2450c663e5d8SChristoph Hellwig * From the vfs_mknod() POV we just have a negative dentry - 2451c663e5d8SChristoph Hellwig * all is fine. Let's be bastards - you had / on the end, you've 2452c663e5d8SChristoph Hellwig * been asking for (non-existent) directory. -ENOENT for you. 2453c663e5d8SChristoph Hellwig */ 2454e9baf6e5SAl Viro if (unlikely(!is_dir && nd->last.name[nd->last.len])) { 24551da177e4SLinus Torvalds dput(dentry); 24561da177e4SLinus Torvalds dentry = ERR_PTR(-ENOENT); 2457e9baf6e5SAl Viro } 2458e9baf6e5SAl Viro return dentry; 2459e9baf6e5SAl Viro eexist: 2460e9baf6e5SAl Viro dput(dentry); 2461e9baf6e5SAl Viro dentry = ERR_PTR(-EEXIST); 24621da177e4SLinus Torvalds fail: 24631da177e4SLinus Torvalds return dentry; 24641da177e4SLinus Torvalds } 2465f81a0bffSChristoph Hellwig EXPORT_SYMBOL_GPL(lookup_create); 24661da177e4SLinus Torvalds 24671da177e4SLinus Torvalds int vfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev) 24681da177e4SLinus Torvalds { 2469a95164d9SMiklos Szeredi int error = may_create(dir, dentry); 24701da177e4SLinus Torvalds 24711da177e4SLinus Torvalds if (error) 24721da177e4SLinus Torvalds return error; 24731da177e4SLinus Torvalds 24741da177e4SLinus Torvalds if ((S_ISCHR(mode) || S_ISBLK(mode)) && !capable(CAP_MKNOD)) 24751da177e4SLinus Torvalds return -EPERM; 24761da177e4SLinus Torvalds 2477acfa4380SAl Viro if (!dir->i_op->mknod) 24781da177e4SLinus Torvalds return -EPERM; 24791da177e4SLinus Torvalds 248008ce5f16SSerge E. Hallyn error = devcgroup_inode_mknod(mode, dev); 248108ce5f16SSerge E. Hallyn if (error) 248208ce5f16SSerge E. Hallyn return error; 248308ce5f16SSerge E. Hallyn 24841da177e4SLinus Torvalds error = security_inode_mknod(dir, dentry, mode, dev); 24851da177e4SLinus Torvalds if (error) 24861da177e4SLinus Torvalds return error; 24871da177e4SLinus Torvalds 24881da177e4SLinus Torvalds error = dir->i_op->mknod(dir, dentry, mode, dev); 2489a74574aaSStephen Smalley if (!error) 2490f38aa942SAmy Griffis fsnotify_create(dir, dentry); 24911da177e4SLinus Torvalds return error; 24921da177e4SLinus Torvalds } 24931da177e4SLinus Torvalds 2494463c3197SDave Hansen static int may_mknod(mode_t mode) 2495463c3197SDave Hansen { 2496463c3197SDave Hansen switch (mode & S_IFMT) { 2497463c3197SDave Hansen case S_IFREG: 2498463c3197SDave Hansen case S_IFCHR: 2499463c3197SDave Hansen case S_IFBLK: 2500463c3197SDave Hansen case S_IFIFO: 2501463c3197SDave Hansen case S_IFSOCK: 2502463c3197SDave Hansen case 0: /* zero mode translates to S_IFREG */ 2503463c3197SDave Hansen return 0; 2504463c3197SDave Hansen case S_IFDIR: 2505463c3197SDave Hansen return -EPERM; 2506463c3197SDave Hansen default: 2507463c3197SDave Hansen return -EINVAL; 2508463c3197SDave Hansen } 2509463c3197SDave Hansen } 2510463c3197SDave Hansen 25112e4d0924SHeiko Carstens SYSCALL_DEFINE4(mknodat, int, dfd, const char __user *, filename, int, mode, 25122e4d0924SHeiko Carstens unsigned, dev) 25131da177e4SLinus Torvalds { 25142ad94ae6SAl Viro int error; 25151da177e4SLinus Torvalds char *tmp; 25161da177e4SLinus Torvalds struct dentry *dentry; 25171da177e4SLinus Torvalds struct nameidata nd; 25181da177e4SLinus Torvalds 25191da177e4SLinus Torvalds if (S_ISDIR(mode)) 25201da177e4SLinus Torvalds return -EPERM; 25211da177e4SLinus Torvalds 25222ad94ae6SAl Viro error = user_path_parent(dfd, filename, &nd, &tmp); 25231da177e4SLinus Torvalds if (error) 25242ad94ae6SAl Viro return error; 25252ad94ae6SAl Viro 25261da177e4SLinus Torvalds dentry = lookup_create(&nd, 0); 2527463c3197SDave Hansen if (IS_ERR(dentry)) { 25281da177e4SLinus Torvalds error = PTR_ERR(dentry); 2529463c3197SDave Hansen goto out_unlock; 2530463c3197SDave Hansen } 25314ac91378SJan Blunck if (!IS_POSIXACL(nd.path.dentry->d_inode)) 2532ce3b0f8dSAl Viro mode &= ~current_umask(); 2533463c3197SDave Hansen error = may_mknod(mode); 2534463c3197SDave Hansen if (error) 2535463c3197SDave Hansen goto out_dput; 2536463c3197SDave Hansen error = mnt_want_write(nd.path.mnt); 2537463c3197SDave Hansen if (error) 2538463c3197SDave Hansen goto out_dput; 2539be6d3e56SKentaro Takeda error = security_path_mknod(&nd.path, dentry, mode, dev); 2540be6d3e56SKentaro Takeda if (error) 2541be6d3e56SKentaro Takeda goto out_drop_write; 25421da177e4SLinus Torvalds switch (mode & S_IFMT) { 25431da177e4SLinus Torvalds case 0: case S_IFREG: 25444ac91378SJan Blunck error = vfs_create(nd.path.dentry->d_inode,dentry,mode,&nd); 25451da177e4SLinus Torvalds break; 25461da177e4SLinus Torvalds case S_IFCHR: case S_IFBLK: 25474ac91378SJan Blunck error = vfs_mknod(nd.path.dentry->d_inode,dentry,mode, 25481da177e4SLinus Torvalds new_decode_dev(dev)); 25491da177e4SLinus Torvalds break; 25501da177e4SLinus Torvalds case S_IFIFO: case S_IFSOCK: 25514ac91378SJan Blunck error = vfs_mknod(nd.path.dentry->d_inode,dentry,mode,0); 25521da177e4SLinus Torvalds break; 25531da177e4SLinus Torvalds } 2554be6d3e56SKentaro Takeda out_drop_write: 2555463c3197SDave Hansen mnt_drop_write(nd.path.mnt); 2556463c3197SDave Hansen out_dput: 25571da177e4SLinus Torvalds dput(dentry); 2558463c3197SDave Hansen out_unlock: 25594ac91378SJan Blunck mutex_unlock(&nd.path.dentry->d_inode->i_mutex); 25601d957f9bSJan Blunck path_put(&nd.path); 25611da177e4SLinus Torvalds putname(tmp); 25621da177e4SLinus Torvalds 25631da177e4SLinus Torvalds return error; 25641da177e4SLinus Torvalds } 25651da177e4SLinus Torvalds 25663480b257SHeiko Carstens SYSCALL_DEFINE3(mknod, const char __user *, filename, int, mode, unsigned, dev) 25675590ff0dSUlrich Drepper { 25685590ff0dSUlrich Drepper return sys_mknodat(AT_FDCWD, filename, mode, dev); 25695590ff0dSUlrich Drepper } 25705590ff0dSUlrich Drepper 25711da177e4SLinus Torvalds int vfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) 25721da177e4SLinus Torvalds { 2573a95164d9SMiklos Szeredi int error = may_create(dir, dentry); 25741da177e4SLinus Torvalds 25751da177e4SLinus Torvalds if (error) 25761da177e4SLinus Torvalds return error; 25771da177e4SLinus Torvalds 2578acfa4380SAl Viro if (!dir->i_op->mkdir) 25791da177e4SLinus Torvalds return -EPERM; 25801da177e4SLinus Torvalds 25811da177e4SLinus Torvalds mode &= (S_IRWXUGO|S_ISVTX); 25821da177e4SLinus Torvalds error = security_inode_mkdir(dir, dentry, mode); 25831da177e4SLinus Torvalds if (error) 25841da177e4SLinus Torvalds return error; 25851da177e4SLinus Torvalds 25861da177e4SLinus Torvalds error = dir->i_op->mkdir(dir, dentry, mode); 2587a74574aaSStephen Smalley if (!error) 2588f38aa942SAmy Griffis fsnotify_mkdir(dir, dentry); 25891da177e4SLinus Torvalds return error; 25901da177e4SLinus Torvalds } 25911da177e4SLinus Torvalds 25922e4d0924SHeiko Carstens SYSCALL_DEFINE3(mkdirat, int, dfd, const char __user *, pathname, int, mode) 25931da177e4SLinus Torvalds { 25941da177e4SLinus Torvalds int error = 0; 25951da177e4SLinus Torvalds char * tmp; 25966902d925SDave Hansen struct dentry *dentry; 25976902d925SDave Hansen struct nameidata nd; 25981da177e4SLinus Torvalds 25992ad94ae6SAl Viro error = user_path_parent(dfd, pathname, &nd, &tmp); 26002ad94ae6SAl Viro if (error) 26016902d925SDave Hansen goto out_err; 26021da177e4SLinus Torvalds 26031da177e4SLinus Torvalds dentry = lookup_create(&nd, 1); 26041da177e4SLinus Torvalds error = PTR_ERR(dentry); 26056902d925SDave Hansen if (IS_ERR(dentry)) 26066902d925SDave Hansen goto out_unlock; 26076902d925SDave Hansen 26084ac91378SJan Blunck if (!IS_POSIXACL(nd.path.dentry->d_inode)) 2609ce3b0f8dSAl Viro mode &= ~current_umask(); 2610463c3197SDave Hansen error = mnt_want_write(nd.path.mnt); 2611463c3197SDave Hansen if (error) 2612463c3197SDave Hansen goto out_dput; 2613be6d3e56SKentaro Takeda error = security_path_mkdir(&nd.path, dentry, mode); 2614be6d3e56SKentaro Takeda if (error) 2615be6d3e56SKentaro Takeda goto out_drop_write; 26164ac91378SJan Blunck error = vfs_mkdir(nd.path.dentry->d_inode, dentry, mode); 2617be6d3e56SKentaro Takeda out_drop_write: 2618463c3197SDave Hansen mnt_drop_write(nd.path.mnt); 2619463c3197SDave Hansen out_dput: 26201da177e4SLinus Torvalds dput(dentry); 26216902d925SDave Hansen out_unlock: 26224ac91378SJan Blunck mutex_unlock(&nd.path.dentry->d_inode->i_mutex); 26231d957f9bSJan Blunck path_put(&nd.path); 26241da177e4SLinus Torvalds putname(tmp); 26256902d925SDave Hansen out_err: 26261da177e4SLinus Torvalds return error; 26271da177e4SLinus Torvalds } 26281da177e4SLinus Torvalds 26293cdad428SHeiko Carstens SYSCALL_DEFINE2(mkdir, const char __user *, pathname, int, mode) 26305590ff0dSUlrich Drepper { 26315590ff0dSUlrich Drepper return sys_mkdirat(AT_FDCWD, pathname, mode); 26325590ff0dSUlrich Drepper } 26335590ff0dSUlrich Drepper 26341da177e4SLinus Torvalds /* 26351da177e4SLinus Torvalds * We try to drop the dentry early: we should have 26361da177e4SLinus Torvalds * a usage count of 2 if we're the only user of this 26371da177e4SLinus Torvalds * dentry, and if that is true (possibly after pruning 26381da177e4SLinus Torvalds * the dcache), then we drop the dentry now. 26391da177e4SLinus Torvalds * 26401da177e4SLinus Torvalds * A low-level filesystem can, if it choses, legally 26411da177e4SLinus Torvalds * do a 26421da177e4SLinus Torvalds * 26431da177e4SLinus Torvalds * if (!d_unhashed(dentry)) 26441da177e4SLinus Torvalds * return -EBUSY; 26451da177e4SLinus Torvalds * 26461da177e4SLinus Torvalds * if it cannot handle the case of removing a directory 26471da177e4SLinus Torvalds * that is still in use by something else.. 26481da177e4SLinus Torvalds */ 26491da177e4SLinus Torvalds void dentry_unhash(struct dentry *dentry) 26501da177e4SLinus Torvalds { 26511da177e4SLinus Torvalds dget(dentry); 26521da177e4SLinus Torvalds shrink_dcache_parent(dentry); 26531da177e4SLinus Torvalds spin_lock(&dentry->d_lock); 2654b7ab39f6SNick Piggin if (dentry->d_count == 2) 26551da177e4SLinus Torvalds __d_drop(dentry); 26561da177e4SLinus Torvalds spin_unlock(&dentry->d_lock); 26571da177e4SLinus Torvalds } 26581da177e4SLinus Torvalds 26591da177e4SLinus Torvalds int vfs_rmdir(struct inode *dir, struct dentry *dentry) 26601da177e4SLinus Torvalds { 26611da177e4SLinus Torvalds int error = may_delete(dir, dentry, 1); 26621da177e4SLinus Torvalds 26631da177e4SLinus Torvalds if (error) 26641da177e4SLinus Torvalds return error; 26651da177e4SLinus Torvalds 2666acfa4380SAl Viro if (!dir->i_op->rmdir) 26671da177e4SLinus Torvalds return -EPERM; 26681da177e4SLinus Torvalds 26691b1dcc1bSJes Sorensen mutex_lock(&dentry->d_inode->i_mutex); 26701da177e4SLinus Torvalds dentry_unhash(dentry); 26711da177e4SLinus Torvalds if (d_mountpoint(dentry)) 26721da177e4SLinus Torvalds error = -EBUSY; 26731da177e4SLinus Torvalds else { 26741da177e4SLinus Torvalds error = security_inode_rmdir(dir, dentry); 26751da177e4SLinus Torvalds if (!error) { 26761da177e4SLinus Torvalds error = dir->i_op->rmdir(dir, dentry); 2677d83c49f3SAl Viro if (!error) { 26781da177e4SLinus Torvalds dentry->d_inode->i_flags |= S_DEAD; 2679d83c49f3SAl Viro dont_mount(dentry); 2680d83c49f3SAl Viro } 26811da177e4SLinus Torvalds } 26821da177e4SLinus Torvalds } 26831b1dcc1bSJes Sorensen mutex_unlock(&dentry->d_inode->i_mutex); 26841da177e4SLinus Torvalds if (!error) { 26851da177e4SLinus Torvalds d_delete(dentry); 26861da177e4SLinus Torvalds } 26871da177e4SLinus Torvalds dput(dentry); 26881da177e4SLinus Torvalds 26891da177e4SLinus Torvalds return error; 26901da177e4SLinus Torvalds } 26911da177e4SLinus Torvalds 26925590ff0dSUlrich Drepper static long do_rmdir(int dfd, const char __user *pathname) 26931da177e4SLinus Torvalds { 26941da177e4SLinus Torvalds int error = 0; 26951da177e4SLinus Torvalds char * name; 26961da177e4SLinus Torvalds struct dentry *dentry; 26971da177e4SLinus Torvalds struct nameidata nd; 26981da177e4SLinus Torvalds 26992ad94ae6SAl Viro error = user_path_parent(dfd, pathname, &nd, &name); 27001da177e4SLinus Torvalds if (error) 27012ad94ae6SAl Viro return error; 27021da177e4SLinus Torvalds 27031da177e4SLinus Torvalds switch(nd.last_type) { 27041da177e4SLinus Torvalds case LAST_DOTDOT: 27051da177e4SLinus Torvalds error = -ENOTEMPTY; 27061da177e4SLinus Torvalds goto exit1; 27071da177e4SLinus Torvalds case LAST_DOT: 27081da177e4SLinus Torvalds error = -EINVAL; 27091da177e4SLinus Torvalds goto exit1; 27101da177e4SLinus Torvalds case LAST_ROOT: 27111da177e4SLinus Torvalds error = -EBUSY; 27121da177e4SLinus Torvalds goto exit1; 27131da177e4SLinus Torvalds } 27140612d9fbSOGAWA Hirofumi 27150612d9fbSOGAWA Hirofumi nd.flags &= ~LOOKUP_PARENT; 27160612d9fbSOGAWA Hirofumi 27174ac91378SJan Blunck mutex_lock_nested(&nd.path.dentry->d_inode->i_mutex, I_MUTEX_PARENT); 271849705b77SChristoph Hellwig dentry = lookup_hash(&nd); 27191da177e4SLinus Torvalds error = PTR_ERR(dentry); 27206902d925SDave Hansen if (IS_ERR(dentry)) 27216902d925SDave Hansen goto exit2; 27220622753bSDave Hansen error = mnt_want_write(nd.path.mnt); 27230622753bSDave Hansen if (error) 27240622753bSDave Hansen goto exit3; 2725be6d3e56SKentaro Takeda error = security_path_rmdir(&nd.path, dentry); 2726be6d3e56SKentaro Takeda if (error) 2727be6d3e56SKentaro Takeda goto exit4; 27284ac91378SJan Blunck error = vfs_rmdir(nd.path.dentry->d_inode, dentry); 2729be6d3e56SKentaro Takeda exit4: 27300622753bSDave Hansen mnt_drop_write(nd.path.mnt); 27310622753bSDave Hansen exit3: 27321da177e4SLinus Torvalds dput(dentry); 27336902d925SDave Hansen exit2: 27344ac91378SJan Blunck mutex_unlock(&nd.path.dentry->d_inode->i_mutex); 27351da177e4SLinus Torvalds exit1: 27361d957f9bSJan Blunck path_put(&nd.path); 27371da177e4SLinus Torvalds putname(name); 27381da177e4SLinus Torvalds return error; 27391da177e4SLinus Torvalds } 27401da177e4SLinus Torvalds 27413cdad428SHeiko Carstens SYSCALL_DEFINE1(rmdir, const char __user *, pathname) 27425590ff0dSUlrich Drepper { 27435590ff0dSUlrich Drepper return do_rmdir(AT_FDCWD, pathname); 27445590ff0dSUlrich Drepper } 27455590ff0dSUlrich Drepper 27461da177e4SLinus Torvalds int vfs_unlink(struct inode *dir, struct dentry *dentry) 27471da177e4SLinus Torvalds { 27481da177e4SLinus Torvalds int error = may_delete(dir, dentry, 0); 27491da177e4SLinus Torvalds 27501da177e4SLinus Torvalds if (error) 27511da177e4SLinus Torvalds return error; 27521da177e4SLinus Torvalds 2753acfa4380SAl Viro if (!dir->i_op->unlink) 27541da177e4SLinus Torvalds return -EPERM; 27551da177e4SLinus Torvalds 27561b1dcc1bSJes Sorensen mutex_lock(&dentry->d_inode->i_mutex); 27571da177e4SLinus Torvalds if (d_mountpoint(dentry)) 27581da177e4SLinus Torvalds error = -EBUSY; 27591da177e4SLinus Torvalds else { 27601da177e4SLinus Torvalds error = security_inode_unlink(dir, dentry); 2761bec1052eSAl Viro if (!error) { 27621da177e4SLinus Torvalds error = dir->i_op->unlink(dir, dentry); 2763bec1052eSAl Viro if (!error) 2764d83c49f3SAl Viro dont_mount(dentry); 2765bec1052eSAl Viro } 27661da177e4SLinus Torvalds } 27671b1dcc1bSJes Sorensen mutex_unlock(&dentry->d_inode->i_mutex); 27681da177e4SLinus Torvalds 27691da177e4SLinus Torvalds /* We don't d_delete() NFS sillyrenamed files--they still exist. */ 27701da177e4SLinus Torvalds if (!error && !(dentry->d_flags & DCACHE_NFSFS_RENAMED)) { 2771ece95912SJan Kara fsnotify_link_count(dentry->d_inode); 27721da177e4SLinus Torvalds d_delete(dentry); 27731da177e4SLinus Torvalds } 27740eeca283SRobert Love 27751da177e4SLinus Torvalds return error; 27761da177e4SLinus Torvalds } 27771da177e4SLinus Torvalds 27781da177e4SLinus Torvalds /* 27791da177e4SLinus Torvalds * Make sure that the actual truncation of the file will occur outside its 27801b1dcc1bSJes Sorensen * directory's i_mutex. Truncate can take a long time if there is a lot of 27811da177e4SLinus Torvalds * writeout happening, and we don't want to prevent access to the directory 27821da177e4SLinus Torvalds * while waiting on the I/O. 27831da177e4SLinus Torvalds */ 27845590ff0dSUlrich Drepper static long do_unlinkat(int dfd, const char __user *pathname) 27851da177e4SLinus Torvalds { 27862ad94ae6SAl Viro int error; 27871da177e4SLinus Torvalds char *name; 27881da177e4SLinus Torvalds struct dentry *dentry; 27891da177e4SLinus Torvalds struct nameidata nd; 27901da177e4SLinus Torvalds struct inode *inode = NULL; 27911da177e4SLinus Torvalds 27922ad94ae6SAl Viro error = user_path_parent(dfd, pathname, &nd, &name); 27931da177e4SLinus Torvalds if (error) 27942ad94ae6SAl Viro return error; 27952ad94ae6SAl Viro 27961da177e4SLinus Torvalds error = -EISDIR; 27971da177e4SLinus Torvalds if (nd.last_type != LAST_NORM) 27981da177e4SLinus Torvalds goto exit1; 27990612d9fbSOGAWA Hirofumi 28000612d9fbSOGAWA Hirofumi nd.flags &= ~LOOKUP_PARENT; 28010612d9fbSOGAWA Hirofumi 28024ac91378SJan Blunck mutex_lock_nested(&nd.path.dentry->d_inode->i_mutex, I_MUTEX_PARENT); 280349705b77SChristoph Hellwig dentry = lookup_hash(&nd); 28041da177e4SLinus Torvalds error = PTR_ERR(dentry); 28051da177e4SLinus Torvalds if (!IS_ERR(dentry)) { 28061da177e4SLinus Torvalds /* Why not before? Because we want correct error value */ 28071da177e4SLinus Torvalds if (nd.last.name[nd.last.len]) 28081da177e4SLinus Torvalds goto slashes; 28091da177e4SLinus Torvalds inode = dentry->d_inode; 28101da177e4SLinus Torvalds if (inode) 28117de9c6eeSAl Viro ihold(inode); 28120622753bSDave Hansen error = mnt_want_write(nd.path.mnt); 28130622753bSDave Hansen if (error) 28140622753bSDave Hansen goto exit2; 2815be6d3e56SKentaro Takeda error = security_path_unlink(&nd.path, dentry); 2816be6d3e56SKentaro Takeda if (error) 2817be6d3e56SKentaro Takeda goto exit3; 28184ac91378SJan Blunck error = vfs_unlink(nd.path.dentry->d_inode, dentry); 2819be6d3e56SKentaro Takeda exit3: 28200622753bSDave Hansen mnt_drop_write(nd.path.mnt); 28211da177e4SLinus Torvalds exit2: 28221da177e4SLinus Torvalds dput(dentry); 28231da177e4SLinus Torvalds } 28244ac91378SJan Blunck mutex_unlock(&nd.path.dentry->d_inode->i_mutex); 28251da177e4SLinus Torvalds if (inode) 28261da177e4SLinus Torvalds iput(inode); /* truncate the inode here */ 28271da177e4SLinus Torvalds exit1: 28281d957f9bSJan Blunck path_put(&nd.path); 28291da177e4SLinus Torvalds putname(name); 28301da177e4SLinus Torvalds return error; 28311da177e4SLinus Torvalds 28321da177e4SLinus Torvalds slashes: 28331da177e4SLinus Torvalds error = !dentry->d_inode ? -ENOENT : 28341da177e4SLinus Torvalds S_ISDIR(dentry->d_inode->i_mode) ? -EISDIR : -ENOTDIR; 28351da177e4SLinus Torvalds goto exit2; 28361da177e4SLinus Torvalds } 28371da177e4SLinus Torvalds 28382e4d0924SHeiko Carstens SYSCALL_DEFINE3(unlinkat, int, dfd, const char __user *, pathname, int, flag) 28395590ff0dSUlrich Drepper { 28405590ff0dSUlrich Drepper if ((flag & ~AT_REMOVEDIR) != 0) 28415590ff0dSUlrich Drepper return -EINVAL; 28425590ff0dSUlrich Drepper 28435590ff0dSUlrich Drepper if (flag & AT_REMOVEDIR) 28445590ff0dSUlrich Drepper return do_rmdir(dfd, pathname); 28455590ff0dSUlrich Drepper 28465590ff0dSUlrich Drepper return do_unlinkat(dfd, pathname); 28475590ff0dSUlrich Drepper } 28485590ff0dSUlrich Drepper 28493480b257SHeiko Carstens SYSCALL_DEFINE1(unlink, const char __user *, pathname) 28505590ff0dSUlrich Drepper { 28515590ff0dSUlrich Drepper return do_unlinkat(AT_FDCWD, pathname); 28525590ff0dSUlrich Drepper } 28535590ff0dSUlrich Drepper 2854db2e747bSMiklos Szeredi int vfs_symlink(struct inode *dir, struct dentry *dentry, const char *oldname) 28551da177e4SLinus Torvalds { 2856a95164d9SMiklos Szeredi int error = may_create(dir, dentry); 28571da177e4SLinus Torvalds 28581da177e4SLinus Torvalds if (error) 28591da177e4SLinus Torvalds return error; 28601da177e4SLinus Torvalds 2861acfa4380SAl Viro if (!dir->i_op->symlink) 28621da177e4SLinus Torvalds return -EPERM; 28631da177e4SLinus Torvalds 28641da177e4SLinus Torvalds error = security_inode_symlink(dir, dentry, oldname); 28651da177e4SLinus Torvalds if (error) 28661da177e4SLinus Torvalds return error; 28671da177e4SLinus Torvalds 28681da177e4SLinus Torvalds error = dir->i_op->symlink(dir, dentry, oldname); 2869a74574aaSStephen Smalley if (!error) 2870f38aa942SAmy Griffis fsnotify_create(dir, dentry); 28711da177e4SLinus Torvalds return error; 28721da177e4SLinus Torvalds } 28731da177e4SLinus Torvalds 28742e4d0924SHeiko Carstens SYSCALL_DEFINE3(symlinkat, const char __user *, oldname, 28752e4d0924SHeiko Carstens int, newdfd, const char __user *, newname) 28761da177e4SLinus Torvalds { 28772ad94ae6SAl Viro int error; 28781da177e4SLinus Torvalds char *from; 28791da177e4SLinus Torvalds char *to; 28806902d925SDave Hansen struct dentry *dentry; 28816902d925SDave Hansen struct nameidata nd; 28821da177e4SLinus Torvalds 28831da177e4SLinus Torvalds from = getname(oldname); 28841da177e4SLinus Torvalds if (IS_ERR(from)) 28851da177e4SLinus Torvalds return PTR_ERR(from); 28862ad94ae6SAl Viro 28872ad94ae6SAl Viro error = user_path_parent(newdfd, newname, &nd, &to); 28882ad94ae6SAl Viro if (error) 28896902d925SDave Hansen goto out_putname; 28901da177e4SLinus Torvalds 28911da177e4SLinus Torvalds dentry = lookup_create(&nd, 0); 28921da177e4SLinus Torvalds error = PTR_ERR(dentry); 28936902d925SDave Hansen if (IS_ERR(dentry)) 28946902d925SDave Hansen goto out_unlock; 28956902d925SDave Hansen 289675c3f29dSDave Hansen error = mnt_want_write(nd.path.mnt); 289775c3f29dSDave Hansen if (error) 289875c3f29dSDave Hansen goto out_dput; 2899be6d3e56SKentaro Takeda error = security_path_symlink(&nd.path, dentry, from); 2900be6d3e56SKentaro Takeda if (error) 2901be6d3e56SKentaro Takeda goto out_drop_write; 2902db2e747bSMiklos Szeredi error = vfs_symlink(nd.path.dentry->d_inode, dentry, from); 2903be6d3e56SKentaro Takeda out_drop_write: 290475c3f29dSDave Hansen mnt_drop_write(nd.path.mnt); 290575c3f29dSDave Hansen out_dput: 29061da177e4SLinus Torvalds dput(dentry); 29076902d925SDave Hansen out_unlock: 29084ac91378SJan Blunck mutex_unlock(&nd.path.dentry->d_inode->i_mutex); 29091d957f9bSJan Blunck path_put(&nd.path); 29101da177e4SLinus Torvalds putname(to); 29116902d925SDave Hansen out_putname: 29121da177e4SLinus Torvalds putname(from); 29131da177e4SLinus Torvalds return error; 29141da177e4SLinus Torvalds } 29151da177e4SLinus Torvalds 29163480b257SHeiko Carstens SYSCALL_DEFINE2(symlink, const char __user *, oldname, const char __user *, newname) 29175590ff0dSUlrich Drepper { 29185590ff0dSUlrich Drepper return sys_symlinkat(oldname, AT_FDCWD, newname); 29195590ff0dSUlrich Drepper } 29205590ff0dSUlrich Drepper 29211da177e4SLinus Torvalds int vfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_dentry) 29221da177e4SLinus Torvalds { 29231da177e4SLinus Torvalds struct inode *inode = old_dentry->d_inode; 29241da177e4SLinus Torvalds int error; 29251da177e4SLinus Torvalds 29261da177e4SLinus Torvalds if (!inode) 29271da177e4SLinus Torvalds return -ENOENT; 29281da177e4SLinus Torvalds 2929a95164d9SMiklos Szeredi error = may_create(dir, new_dentry); 29301da177e4SLinus Torvalds if (error) 29311da177e4SLinus Torvalds return error; 29321da177e4SLinus Torvalds 29331da177e4SLinus Torvalds if (dir->i_sb != inode->i_sb) 29341da177e4SLinus Torvalds return -EXDEV; 29351da177e4SLinus Torvalds 29361da177e4SLinus Torvalds /* 29371da177e4SLinus Torvalds * A link to an append-only or immutable file cannot be created. 29381da177e4SLinus Torvalds */ 29391da177e4SLinus Torvalds if (IS_APPEND(inode) || IS_IMMUTABLE(inode)) 29401da177e4SLinus Torvalds return -EPERM; 2941acfa4380SAl Viro if (!dir->i_op->link) 29421da177e4SLinus Torvalds return -EPERM; 29437e79eedbSTetsuo Handa if (S_ISDIR(inode->i_mode)) 29441da177e4SLinus Torvalds return -EPERM; 29451da177e4SLinus Torvalds 29461da177e4SLinus Torvalds error = security_inode_link(old_dentry, dir, new_dentry); 29471da177e4SLinus Torvalds if (error) 29481da177e4SLinus Torvalds return error; 29491da177e4SLinus Torvalds 29507e79eedbSTetsuo Handa mutex_lock(&inode->i_mutex); 2951aae8a97dSAneesh Kumar K.V /* Make sure we don't allow creating hardlink to an unlinked file */ 2952aae8a97dSAneesh Kumar K.V if (inode->i_nlink == 0) 2953aae8a97dSAneesh Kumar K.V error = -ENOENT; 2954aae8a97dSAneesh Kumar K.V else 29551da177e4SLinus Torvalds error = dir->i_op->link(old_dentry, dir, new_dentry); 29567e79eedbSTetsuo Handa mutex_unlock(&inode->i_mutex); 2957e31e14ecSStephen Smalley if (!error) 29587e79eedbSTetsuo Handa fsnotify_link(dir, inode, new_dentry); 29591da177e4SLinus Torvalds return error; 29601da177e4SLinus Torvalds } 29611da177e4SLinus Torvalds 29621da177e4SLinus Torvalds /* 29631da177e4SLinus Torvalds * Hardlinks are often used in delicate situations. We avoid 29641da177e4SLinus Torvalds * security-related surprises by not following symlinks on the 29651da177e4SLinus Torvalds * newname. --KAB 29661da177e4SLinus Torvalds * 29671da177e4SLinus Torvalds * We don't follow them on the oldname either to be compatible 29681da177e4SLinus Torvalds * with linux 2.0, and to avoid hard-linking to directories 29691da177e4SLinus Torvalds * and other special files. --ADM 29701da177e4SLinus Torvalds */ 29712e4d0924SHeiko Carstens SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname, 29722e4d0924SHeiko Carstens int, newdfd, const char __user *, newname, int, flags) 29731da177e4SLinus Torvalds { 29741da177e4SLinus Torvalds struct dentry *new_dentry; 29752d8f3038SAl Viro struct nameidata nd; 29762d8f3038SAl Viro struct path old_path; 297711a7b371SAneesh Kumar K.V int how = 0; 29781da177e4SLinus Torvalds int error; 29791da177e4SLinus Torvalds char *to; 29801da177e4SLinus Torvalds 298111a7b371SAneesh Kumar K.V if ((flags & ~(AT_SYMLINK_FOLLOW | AT_EMPTY_PATH)) != 0) 2982c04030e1SUlrich Drepper return -EINVAL; 298311a7b371SAneesh Kumar K.V /* 298411a7b371SAneesh Kumar K.V * To use null names we require CAP_DAC_READ_SEARCH 298511a7b371SAneesh Kumar K.V * This ensures that not everyone will be able to create 298611a7b371SAneesh Kumar K.V * handlink using the passed filedescriptor. 298711a7b371SAneesh Kumar K.V */ 298811a7b371SAneesh Kumar K.V if (flags & AT_EMPTY_PATH) { 298911a7b371SAneesh Kumar K.V if (!capable(CAP_DAC_READ_SEARCH)) 299011a7b371SAneesh Kumar K.V return -ENOENT; 299111a7b371SAneesh Kumar K.V how = LOOKUP_EMPTY; 299211a7b371SAneesh Kumar K.V } 2993c04030e1SUlrich Drepper 299411a7b371SAneesh Kumar K.V if (flags & AT_SYMLINK_FOLLOW) 299511a7b371SAneesh Kumar K.V how |= LOOKUP_FOLLOW; 299611a7b371SAneesh Kumar K.V 299711a7b371SAneesh Kumar K.V error = user_path_at(olddfd, oldname, how, &old_path); 29981da177e4SLinus Torvalds if (error) 29992ad94ae6SAl Viro return error; 30002ad94ae6SAl Viro 30012ad94ae6SAl Viro error = user_path_parent(newdfd, newname, &nd, &to); 30021da177e4SLinus Torvalds if (error) 30031da177e4SLinus Torvalds goto out; 30041da177e4SLinus Torvalds error = -EXDEV; 30052d8f3038SAl Viro if (old_path.mnt != nd.path.mnt) 30061da177e4SLinus Torvalds goto out_release; 30071da177e4SLinus Torvalds new_dentry = lookup_create(&nd, 0); 30081da177e4SLinus Torvalds error = PTR_ERR(new_dentry); 30096902d925SDave Hansen if (IS_ERR(new_dentry)) 30106902d925SDave Hansen goto out_unlock; 301175c3f29dSDave Hansen error = mnt_want_write(nd.path.mnt); 301275c3f29dSDave Hansen if (error) 301375c3f29dSDave Hansen goto out_dput; 3014be6d3e56SKentaro Takeda error = security_path_link(old_path.dentry, &nd.path, new_dentry); 3015be6d3e56SKentaro Takeda if (error) 3016be6d3e56SKentaro Takeda goto out_drop_write; 30172d8f3038SAl Viro error = vfs_link(old_path.dentry, nd.path.dentry->d_inode, new_dentry); 3018be6d3e56SKentaro Takeda out_drop_write: 301975c3f29dSDave Hansen mnt_drop_write(nd.path.mnt); 302075c3f29dSDave Hansen out_dput: 30211da177e4SLinus Torvalds dput(new_dentry); 30226902d925SDave Hansen out_unlock: 30234ac91378SJan Blunck mutex_unlock(&nd.path.dentry->d_inode->i_mutex); 30241da177e4SLinus Torvalds out_release: 30251d957f9bSJan Blunck path_put(&nd.path); 30262ad94ae6SAl Viro putname(to); 30271da177e4SLinus Torvalds out: 30282d8f3038SAl Viro path_put(&old_path); 30291da177e4SLinus Torvalds 30301da177e4SLinus Torvalds return error; 30311da177e4SLinus Torvalds } 30321da177e4SLinus Torvalds 30333480b257SHeiko Carstens SYSCALL_DEFINE2(link, const char __user *, oldname, const char __user *, newname) 30345590ff0dSUlrich Drepper { 3035c04030e1SUlrich Drepper return sys_linkat(AT_FDCWD, oldname, AT_FDCWD, newname, 0); 30365590ff0dSUlrich Drepper } 30375590ff0dSUlrich Drepper 30381da177e4SLinus Torvalds /* 30391da177e4SLinus Torvalds * The worst of all namespace operations - renaming directory. "Perverted" 30401da177e4SLinus Torvalds * doesn't even start to describe it. Somebody in UCB had a heck of a trip... 30411da177e4SLinus Torvalds * Problems: 30421da177e4SLinus Torvalds * a) we can get into loop creation. Check is done in is_subdir(). 30431da177e4SLinus Torvalds * b) race potential - two innocent renames can create a loop together. 30441da177e4SLinus Torvalds * That's where 4.4 screws up. Current fix: serialization on 3045a11f3a05SArjan van de Ven * sb->s_vfs_rename_mutex. We might be more accurate, but that's another 30461da177e4SLinus Torvalds * story. 30471da177e4SLinus Torvalds * c) we have to lock _three_ objects - parents and victim (if it exists). 30481b1dcc1bSJes Sorensen * And that - after we got ->i_mutex on parents (until then we don't know 30491da177e4SLinus Torvalds * whether the target exists). Solution: try to be smart with locking 30501da177e4SLinus Torvalds * order for inodes. We rely on the fact that tree topology may change 3051a11f3a05SArjan van de Ven * only under ->s_vfs_rename_mutex _and_ that parent of the object we 30521da177e4SLinus Torvalds * move will be locked. Thus we can rank directories by the tree 30531da177e4SLinus Torvalds * (ancestors first) and rank all non-directories after them. 30541da177e4SLinus Torvalds * That works since everybody except rename does "lock parent, lookup, 3055a11f3a05SArjan van de Ven * lock child" and rename is under ->s_vfs_rename_mutex. 30561da177e4SLinus Torvalds * HOWEVER, it relies on the assumption that any object with ->lookup() 30571da177e4SLinus Torvalds * has no more than 1 dentry. If "hybrid" objects will ever appear, 30581da177e4SLinus Torvalds * we'd better make sure that there's no link(2) for them. 30591da177e4SLinus Torvalds * d) some filesystems don't support opened-but-unlinked directories, 30601da177e4SLinus Torvalds * either because of layout or because they are not ready to deal with 30611da177e4SLinus Torvalds * all cases correctly. The latter will be fixed (taking this sort of 30621da177e4SLinus Torvalds * stuff into VFS), but the former is not going away. Solution: the same 30631da177e4SLinus Torvalds * trick as in rmdir(). 30641da177e4SLinus Torvalds * e) conversion from fhandle to dentry may come in the wrong moment - when 30651b1dcc1bSJes Sorensen * we are removing the target. Solution: we will have to grab ->i_mutex 30661da177e4SLinus Torvalds * in the fhandle_to_dentry code. [FIXME - current nfsfh.c relies on 3067c41b20e7SAdam Buchbinder * ->i_mutex on parents, which works but leads to some truly excessive 30681da177e4SLinus Torvalds * locking]. 30691da177e4SLinus Torvalds */ 307075c96f85SAdrian Bunk static int vfs_rename_dir(struct inode *old_dir, struct dentry *old_dentry, 30711da177e4SLinus Torvalds struct inode *new_dir, struct dentry *new_dentry) 30721da177e4SLinus Torvalds { 30731da177e4SLinus Torvalds int error = 0; 30741da177e4SLinus Torvalds struct inode *target; 30751da177e4SLinus Torvalds 30761da177e4SLinus Torvalds /* 30771da177e4SLinus Torvalds * If we are going to change the parent - check write permissions, 30781da177e4SLinus Torvalds * we'll need to flip '..'. 30791da177e4SLinus Torvalds */ 30801da177e4SLinus Torvalds if (new_dir != old_dir) { 3081f419a2e3SAl Viro error = inode_permission(old_dentry->d_inode, MAY_WRITE); 30821da177e4SLinus Torvalds if (error) 30831da177e4SLinus Torvalds return error; 30841da177e4SLinus Torvalds } 30851da177e4SLinus Torvalds 30861da177e4SLinus Torvalds error = security_inode_rename(old_dir, old_dentry, new_dir, new_dentry); 30871da177e4SLinus Torvalds if (error) 30881da177e4SLinus Torvalds return error; 30891da177e4SLinus Torvalds 30901da177e4SLinus Torvalds target = new_dentry->d_inode; 3091d83c49f3SAl Viro if (target) 30921b1dcc1bSJes Sorensen mutex_lock(&target->i_mutex); 30931da177e4SLinus Torvalds if (d_mountpoint(old_dentry)||d_mountpoint(new_dentry)) 30941da177e4SLinus Torvalds error = -EBUSY; 3095d83c49f3SAl Viro else { 3096d83c49f3SAl Viro if (target) 3097d83c49f3SAl Viro dentry_unhash(new_dentry); 30981da177e4SLinus Torvalds error = old_dir->i_op->rename(old_dir, old_dentry, new_dir, new_dentry); 3099d83c49f3SAl Viro } 31001da177e4SLinus Torvalds if (target) { 3101d83c49f3SAl Viro if (!error) { 31021da177e4SLinus Torvalds target->i_flags |= S_DEAD; 3103d83c49f3SAl Viro dont_mount(new_dentry); 3104d83c49f3SAl Viro } 31051b1dcc1bSJes Sorensen mutex_unlock(&target->i_mutex); 31061da177e4SLinus Torvalds if (d_unhashed(new_dentry)) 31071da177e4SLinus Torvalds d_rehash(new_dentry); 31081da177e4SLinus Torvalds dput(new_dentry); 31091da177e4SLinus Torvalds } 3110e31e14ecSStephen Smalley if (!error) 3111349457ccSMark Fasheh if (!(old_dir->i_sb->s_type->fs_flags & FS_RENAME_DOES_D_MOVE)) 31121da177e4SLinus Torvalds d_move(old_dentry,new_dentry); 31131da177e4SLinus Torvalds return error; 31141da177e4SLinus Torvalds } 31151da177e4SLinus Torvalds 311675c96f85SAdrian Bunk static int vfs_rename_other(struct inode *old_dir, struct dentry *old_dentry, 31171da177e4SLinus Torvalds struct inode *new_dir, struct dentry *new_dentry) 31181da177e4SLinus Torvalds { 31191da177e4SLinus Torvalds struct inode *target; 31201da177e4SLinus Torvalds int error; 31211da177e4SLinus Torvalds 31221da177e4SLinus Torvalds error = security_inode_rename(old_dir, old_dentry, new_dir, new_dentry); 31231da177e4SLinus Torvalds if (error) 31241da177e4SLinus Torvalds return error; 31251da177e4SLinus Torvalds 31261da177e4SLinus Torvalds dget(new_dentry); 31271da177e4SLinus Torvalds target = new_dentry->d_inode; 31281da177e4SLinus Torvalds if (target) 31291b1dcc1bSJes Sorensen mutex_lock(&target->i_mutex); 31301da177e4SLinus Torvalds if (d_mountpoint(old_dentry)||d_mountpoint(new_dentry)) 31311da177e4SLinus Torvalds error = -EBUSY; 31321da177e4SLinus Torvalds else 31331da177e4SLinus Torvalds error = old_dir->i_op->rename(old_dir, old_dentry, new_dir, new_dentry); 31341da177e4SLinus Torvalds if (!error) { 3135bec1052eSAl Viro if (target) 3136d83c49f3SAl Viro dont_mount(new_dentry); 3137349457ccSMark Fasheh if (!(old_dir->i_sb->s_type->fs_flags & FS_RENAME_DOES_D_MOVE)) 31381da177e4SLinus Torvalds d_move(old_dentry, new_dentry); 31391da177e4SLinus Torvalds } 31401da177e4SLinus Torvalds if (target) 31411b1dcc1bSJes Sorensen mutex_unlock(&target->i_mutex); 31421da177e4SLinus Torvalds dput(new_dentry); 31431da177e4SLinus Torvalds return error; 31441da177e4SLinus Torvalds } 31451da177e4SLinus Torvalds 31461da177e4SLinus Torvalds int vfs_rename(struct inode *old_dir, struct dentry *old_dentry, 31471da177e4SLinus Torvalds struct inode *new_dir, struct dentry *new_dentry) 31481da177e4SLinus Torvalds { 31491da177e4SLinus Torvalds int error; 31501da177e4SLinus Torvalds int is_dir = S_ISDIR(old_dentry->d_inode->i_mode); 315159b0df21SEric Paris const unsigned char *old_name; 31521da177e4SLinus Torvalds 31531da177e4SLinus Torvalds if (old_dentry->d_inode == new_dentry->d_inode) 31541da177e4SLinus Torvalds return 0; 31551da177e4SLinus Torvalds 31561da177e4SLinus Torvalds error = may_delete(old_dir, old_dentry, is_dir); 31571da177e4SLinus Torvalds if (error) 31581da177e4SLinus Torvalds return error; 31591da177e4SLinus Torvalds 31601da177e4SLinus Torvalds if (!new_dentry->d_inode) 3161a95164d9SMiklos Szeredi error = may_create(new_dir, new_dentry); 31621da177e4SLinus Torvalds else 31631da177e4SLinus Torvalds error = may_delete(new_dir, new_dentry, is_dir); 31641da177e4SLinus Torvalds if (error) 31651da177e4SLinus Torvalds return error; 31661da177e4SLinus Torvalds 3167acfa4380SAl Viro if (!old_dir->i_op->rename) 31681da177e4SLinus Torvalds return -EPERM; 31691da177e4SLinus Torvalds 31700eeca283SRobert Love old_name = fsnotify_oldname_init(old_dentry->d_name.name); 31710eeca283SRobert Love 31721da177e4SLinus Torvalds if (is_dir) 31731da177e4SLinus Torvalds error = vfs_rename_dir(old_dir,old_dentry,new_dir,new_dentry); 31741da177e4SLinus Torvalds else 31751da177e4SLinus Torvalds error = vfs_rename_other(old_dir,old_dentry,new_dir,new_dentry); 3176123df294SAl Viro if (!error) 3177123df294SAl Viro fsnotify_move(old_dir, new_dir, old_name, is_dir, 31785a190ae6SAl Viro new_dentry->d_inode, old_dentry); 31790eeca283SRobert Love fsnotify_oldname_free(old_name); 31800eeca283SRobert Love 31811da177e4SLinus Torvalds return error; 31821da177e4SLinus Torvalds } 31831da177e4SLinus Torvalds 31842e4d0924SHeiko Carstens SYSCALL_DEFINE4(renameat, int, olddfd, const char __user *, oldname, 31852e4d0924SHeiko Carstens int, newdfd, const char __user *, newname) 31861da177e4SLinus Torvalds { 31871da177e4SLinus Torvalds struct dentry *old_dir, *new_dir; 31881da177e4SLinus Torvalds struct dentry *old_dentry, *new_dentry; 31891da177e4SLinus Torvalds struct dentry *trap; 31901da177e4SLinus Torvalds struct nameidata oldnd, newnd; 31912ad94ae6SAl Viro char *from; 31922ad94ae6SAl Viro char *to; 31932ad94ae6SAl Viro int error; 31941da177e4SLinus Torvalds 31952ad94ae6SAl Viro error = user_path_parent(olddfd, oldname, &oldnd, &from); 31961da177e4SLinus Torvalds if (error) 31971da177e4SLinus Torvalds goto exit; 31981da177e4SLinus Torvalds 31992ad94ae6SAl Viro error = user_path_parent(newdfd, newname, &newnd, &to); 32001da177e4SLinus Torvalds if (error) 32011da177e4SLinus Torvalds goto exit1; 32021da177e4SLinus Torvalds 32031da177e4SLinus Torvalds error = -EXDEV; 32044ac91378SJan Blunck if (oldnd.path.mnt != newnd.path.mnt) 32051da177e4SLinus Torvalds goto exit2; 32061da177e4SLinus Torvalds 32074ac91378SJan Blunck old_dir = oldnd.path.dentry; 32081da177e4SLinus Torvalds error = -EBUSY; 32091da177e4SLinus Torvalds if (oldnd.last_type != LAST_NORM) 32101da177e4SLinus Torvalds goto exit2; 32111da177e4SLinus Torvalds 32124ac91378SJan Blunck new_dir = newnd.path.dentry; 32131da177e4SLinus Torvalds if (newnd.last_type != LAST_NORM) 32141da177e4SLinus Torvalds goto exit2; 32151da177e4SLinus Torvalds 32160612d9fbSOGAWA Hirofumi oldnd.flags &= ~LOOKUP_PARENT; 32170612d9fbSOGAWA Hirofumi newnd.flags &= ~LOOKUP_PARENT; 32184e9ed2f8SOGAWA Hirofumi newnd.flags |= LOOKUP_RENAME_TARGET; 32190612d9fbSOGAWA Hirofumi 32201da177e4SLinus Torvalds trap = lock_rename(new_dir, old_dir); 32211da177e4SLinus Torvalds 322249705b77SChristoph Hellwig old_dentry = lookup_hash(&oldnd); 32231da177e4SLinus Torvalds error = PTR_ERR(old_dentry); 32241da177e4SLinus Torvalds if (IS_ERR(old_dentry)) 32251da177e4SLinus Torvalds goto exit3; 32261da177e4SLinus Torvalds /* source must exist */ 32271da177e4SLinus Torvalds error = -ENOENT; 32281da177e4SLinus Torvalds if (!old_dentry->d_inode) 32291da177e4SLinus Torvalds goto exit4; 32301da177e4SLinus Torvalds /* unless the source is a directory trailing slashes give -ENOTDIR */ 32311da177e4SLinus Torvalds if (!S_ISDIR(old_dentry->d_inode->i_mode)) { 32321da177e4SLinus Torvalds error = -ENOTDIR; 32331da177e4SLinus Torvalds if (oldnd.last.name[oldnd.last.len]) 32341da177e4SLinus Torvalds goto exit4; 32351da177e4SLinus Torvalds if (newnd.last.name[newnd.last.len]) 32361da177e4SLinus Torvalds goto exit4; 32371da177e4SLinus Torvalds } 32381da177e4SLinus Torvalds /* source should not be ancestor of target */ 32391da177e4SLinus Torvalds error = -EINVAL; 32401da177e4SLinus Torvalds if (old_dentry == trap) 32411da177e4SLinus Torvalds goto exit4; 324249705b77SChristoph Hellwig new_dentry = lookup_hash(&newnd); 32431da177e4SLinus Torvalds error = PTR_ERR(new_dentry); 32441da177e4SLinus Torvalds if (IS_ERR(new_dentry)) 32451da177e4SLinus Torvalds goto exit4; 32461da177e4SLinus Torvalds /* target should not be an ancestor of source */ 32471da177e4SLinus Torvalds error = -ENOTEMPTY; 32481da177e4SLinus Torvalds if (new_dentry == trap) 32491da177e4SLinus Torvalds goto exit5; 32501da177e4SLinus Torvalds 32519079b1ebSDave Hansen error = mnt_want_write(oldnd.path.mnt); 32529079b1ebSDave Hansen if (error) 32539079b1ebSDave Hansen goto exit5; 3254be6d3e56SKentaro Takeda error = security_path_rename(&oldnd.path, old_dentry, 3255be6d3e56SKentaro Takeda &newnd.path, new_dentry); 3256be6d3e56SKentaro Takeda if (error) 3257be6d3e56SKentaro Takeda goto exit6; 32581da177e4SLinus Torvalds error = vfs_rename(old_dir->d_inode, old_dentry, 32591da177e4SLinus Torvalds new_dir->d_inode, new_dentry); 3260be6d3e56SKentaro Takeda exit6: 32619079b1ebSDave Hansen mnt_drop_write(oldnd.path.mnt); 32621da177e4SLinus Torvalds exit5: 32631da177e4SLinus Torvalds dput(new_dentry); 32641da177e4SLinus Torvalds exit4: 32651da177e4SLinus Torvalds dput(old_dentry); 32661da177e4SLinus Torvalds exit3: 32671da177e4SLinus Torvalds unlock_rename(new_dir, old_dir); 32681da177e4SLinus Torvalds exit2: 32691d957f9bSJan Blunck path_put(&newnd.path); 32702ad94ae6SAl Viro putname(to); 32711da177e4SLinus Torvalds exit1: 32721d957f9bSJan Blunck path_put(&oldnd.path); 32731da177e4SLinus Torvalds putname(from); 32742ad94ae6SAl Viro exit: 32751da177e4SLinus Torvalds return error; 32761da177e4SLinus Torvalds } 32771da177e4SLinus Torvalds 3278a26eab24SHeiko Carstens SYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newname) 32795590ff0dSUlrich Drepper { 32805590ff0dSUlrich Drepper return sys_renameat(AT_FDCWD, oldname, AT_FDCWD, newname); 32815590ff0dSUlrich Drepper } 32825590ff0dSUlrich Drepper 32831da177e4SLinus Torvalds int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const char *link) 32841da177e4SLinus Torvalds { 32851da177e4SLinus Torvalds int len; 32861da177e4SLinus Torvalds 32871da177e4SLinus Torvalds len = PTR_ERR(link); 32881da177e4SLinus Torvalds if (IS_ERR(link)) 32891da177e4SLinus Torvalds goto out; 32901da177e4SLinus Torvalds 32911da177e4SLinus Torvalds len = strlen(link); 32921da177e4SLinus Torvalds if (len > (unsigned) buflen) 32931da177e4SLinus Torvalds len = buflen; 32941da177e4SLinus Torvalds if (copy_to_user(buffer, link, len)) 32951da177e4SLinus Torvalds len = -EFAULT; 32961da177e4SLinus Torvalds out: 32971da177e4SLinus Torvalds return len; 32981da177e4SLinus Torvalds } 32991da177e4SLinus Torvalds 33001da177e4SLinus Torvalds /* 33011da177e4SLinus Torvalds * A helper for ->readlink(). This should be used *ONLY* for symlinks that 33021da177e4SLinus Torvalds * have ->follow_link() touching nd only in nd_set_link(). Using (or not 33031da177e4SLinus Torvalds * using) it for any given inode is up to filesystem. 33041da177e4SLinus Torvalds */ 33051da177e4SLinus Torvalds int generic_readlink(struct dentry *dentry, char __user *buffer, int buflen) 33061da177e4SLinus Torvalds { 33071da177e4SLinus Torvalds struct nameidata nd; 3308cc314eefSLinus Torvalds void *cookie; 3309694a1764SMarcin Slusarz int res; 3310cc314eefSLinus Torvalds 33111da177e4SLinus Torvalds nd.depth = 0; 3312cc314eefSLinus Torvalds cookie = dentry->d_inode->i_op->follow_link(dentry, &nd); 3313694a1764SMarcin Slusarz if (IS_ERR(cookie)) 3314694a1764SMarcin Slusarz return PTR_ERR(cookie); 3315694a1764SMarcin Slusarz 3316694a1764SMarcin Slusarz res = vfs_readlink(dentry, buffer, buflen, nd_get_link(&nd)); 33171da177e4SLinus Torvalds if (dentry->d_inode->i_op->put_link) 3318cc314eefSLinus Torvalds dentry->d_inode->i_op->put_link(dentry, &nd, cookie); 3319694a1764SMarcin Slusarz return res; 33201da177e4SLinus Torvalds } 33211da177e4SLinus Torvalds 33221da177e4SLinus Torvalds int vfs_follow_link(struct nameidata *nd, const char *link) 33231da177e4SLinus Torvalds { 33241da177e4SLinus Torvalds return __vfs_follow_link(nd, link); 33251da177e4SLinus Torvalds } 33261da177e4SLinus Torvalds 33271da177e4SLinus Torvalds /* get the link contents into pagecache */ 33281da177e4SLinus Torvalds static char *page_getlink(struct dentry * dentry, struct page **ppage) 33291da177e4SLinus Torvalds { 3330ebd09abbSDuane Griffin char *kaddr; 33311da177e4SLinus Torvalds struct page *page; 33321da177e4SLinus Torvalds struct address_space *mapping = dentry->d_inode->i_mapping; 3333090d2b18SPekka Enberg page = read_mapping_page(mapping, 0, NULL); 33341da177e4SLinus Torvalds if (IS_ERR(page)) 33356fe6900eSNick Piggin return (char*)page; 33361da177e4SLinus Torvalds *ppage = page; 3337ebd09abbSDuane Griffin kaddr = kmap(page); 3338ebd09abbSDuane Griffin nd_terminate_link(kaddr, dentry->d_inode->i_size, PAGE_SIZE - 1); 3339ebd09abbSDuane Griffin return kaddr; 33401da177e4SLinus Torvalds } 33411da177e4SLinus Torvalds 33421da177e4SLinus Torvalds int page_readlink(struct dentry *dentry, char __user *buffer, int buflen) 33431da177e4SLinus Torvalds { 33441da177e4SLinus Torvalds struct page *page = NULL; 33451da177e4SLinus Torvalds char *s = page_getlink(dentry, &page); 33461da177e4SLinus Torvalds int res = vfs_readlink(dentry,buffer,buflen,s); 33471da177e4SLinus Torvalds if (page) { 33481da177e4SLinus Torvalds kunmap(page); 33491da177e4SLinus Torvalds page_cache_release(page); 33501da177e4SLinus Torvalds } 33511da177e4SLinus Torvalds return res; 33521da177e4SLinus Torvalds } 33531da177e4SLinus Torvalds 3354cc314eefSLinus Torvalds void *page_follow_link_light(struct dentry *dentry, struct nameidata *nd) 33551da177e4SLinus Torvalds { 3356cc314eefSLinus Torvalds struct page *page = NULL; 33571da177e4SLinus Torvalds nd_set_link(nd, page_getlink(dentry, &page)); 3358cc314eefSLinus Torvalds return page; 33591da177e4SLinus Torvalds } 33601da177e4SLinus Torvalds 3361cc314eefSLinus Torvalds void page_put_link(struct dentry *dentry, struct nameidata *nd, void *cookie) 33621da177e4SLinus Torvalds { 3363cc314eefSLinus Torvalds struct page *page = cookie; 3364cc314eefSLinus Torvalds 3365cc314eefSLinus Torvalds if (page) { 33661da177e4SLinus Torvalds kunmap(page); 33671da177e4SLinus Torvalds page_cache_release(page); 33681da177e4SLinus Torvalds } 33691da177e4SLinus Torvalds } 33701da177e4SLinus Torvalds 337154566b2cSNick Piggin /* 337254566b2cSNick Piggin * The nofs argument instructs pagecache_write_begin to pass AOP_FLAG_NOFS 337354566b2cSNick Piggin */ 337454566b2cSNick Piggin int __page_symlink(struct inode *inode, const char *symname, int len, int nofs) 33751da177e4SLinus Torvalds { 33761da177e4SLinus Torvalds struct address_space *mapping = inode->i_mapping; 33770adb25d2SKirill Korotaev struct page *page; 3378afddba49SNick Piggin void *fsdata; 3379beb497abSDmitriy Monakhov int err; 33801da177e4SLinus Torvalds char *kaddr; 338154566b2cSNick Piggin unsigned int flags = AOP_FLAG_UNINTERRUPTIBLE; 338254566b2cSNick Piggin if (nofs) 338354566b2cSNick Piggin flags |= AOP_FLAG_NOFS; 33841da177e4SLinus Torvalds 33857e53cac4SNeilBrown retry: 3386afddba49SNick Piggin err = pagecache_write_begin(NULL, mapping, 0, len-1, 338754566b2cSNick Piggin flags, &page, &fsdata); 33881da177e4SLinus Torvalds if (err) 3389afddba49SNick Piggin goto fail; 3390afddba49SNick Piggin 33911da177e4SLinus Torvalds kaddr = kmap_atomic(page, KM_USER0); 33921da177e4SLinus Torvalds memcpy(kaddr, symname, len-1); 33931da177e4SLinus Torvalds kunmap_atomic(kaddr, KM_USER0); 3394afddba49SNick Piggin 3395afddba49SNick Piggin err = pagecache_write_end(NULL, mapping, 0, len-1, len-1, 3396afddba49SNick Piggin page, fsdata); 33971da177e4SLinus Torvalds if (err < 0) 33981da177e4SLinus Torvalds goto fail; 3399afddba49SNick Piggin if (err < len-1) 3400afddba49SNick Piggin goto retry; 3401afddba49SNick Piggin 34021da177e4SLinus Torvalds mark_inode_dirty(inode); 34031da177e4SLinus Torvalds return 0; 34041da177e4SLinus Torvalds fail: 34051da177e4SLinus Torvalds return err; 34061da177e4SLinus Torvalds } 34071da177e4SLinus Torvalds 34080adb25d2SKirill Korotaev int page_symlink(struct inode *inode, const char *symname, int len) 34090adb25d2SKirill Korotaev { 34100adb25d2SKirill Korotaev return __page_symlink(inode, symname, len, 341154566b2cSNick Piggin !(mapping_gfp_mask(inode->i_mapping) & __GFP_FS)); 34120adb25d2SKirill Korotaev } 34130adb25d2SKirill Korotaev 341492e1d5beSArjan van de Ven const struct inode_operations page_symlink_inode_operations = { 34151da177e4SLinus Torvalds .readlink = generic_readlink, 34161da177e4SLinus Torvalds .follow_link = page_follow_link_light, 34171da177e4SLinus Torvalds .put_link = page_put_link, 34181da177e4SLinus Torvalds }; 34191da177e4SLinus Torvalds 34202d8f3038SAl Viro EXPORT_SYMBOL(user_path_at); 3421cc53ce53SDavid Howells EXPORT_SYMBOL(follow_down_one); 34221da177e4SLinus Torvalds EXPORT_SYMBOL(follow_down); 34231da177e4SLinus Torvalds EXPORT_SYMBOL(follow_up); 34241da177e4SLinus Torvalds EXPORT_SYMBOL(get_write_access); /* binfmt_aout */ 34251da177e4SLinus Torvalds EXPORT_SYMBOL(getname); 34261da177e4SLinus Torvalds EXPORT_SYMBOL(lock_rename); 34271da177e4SLinus Torvalds EXPORT_SYMBOL(lookup_one_len); 34281da177e4SLinus Torvalds EXPORT_SYMBOL(page_follow_link_light); 34291da177e4SLinus Torvalds EXPORT_SYMBOL(page_put_link); 34301da177e4SLinus Torvalds EXPORT_SYMBOL(page_readlink); 34310adb25d2SKirill Korotaev EXPORT_SYMBOL(__page_symlink); 34321da177e4SLinus Torvalds EXPORT_SYMBOL(page_symlink); 34331da177e4SLinus Torvalds EXPORT_SYMBOL(page_symlink_inode_operations); 3434c9c6cac0SAl Viro EXPORT_SYMBOL(kern_path_parent); 3435d1811465SAl Viro EXPORT_SYMBOL(kern_path); 343616f18200SJosef 'Jeff' Sipek EXPORT_SYMBOL(vfs_path_lookup); 3437f419a2e3SAl Viro EXPORT_SYMBOL(inode_permission); 34388c744fb8SChristoph Hellwig EXPORT_SYMBOL(file_permission); 34391da177e4SLinus Torvalds EXPORT_SYMBOL(unlock_rename); 34401da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_create); 34411da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_follow_link); 34421da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_link); 34431da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_mkdir); 34441da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_mknod); 34451da177e4SLinus Torvalds EXPORT_SYMBOL(generic_permission); 34461da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_readlink); 34471da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_rename); 34481da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_rmdir); 34491da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_symlink); 34501da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_unlink); 34511da177e4SLinus Torvalds EXPORT_SYMBOL(dentry_unhash); 34521da177e4SLinus Torvalds EXPORT_SYMBOL(generic_readlink); 3453