11da177e4SLinus Torvalds /* 21da177e4SLinus Torvalds * linux/fs/namei.c 31da177e4SLinus Torvalds * 41da177e4SLinus Torvalds * Copyright (C) 1991, 1992 Linus Torvalds 51da177e4SLinus Torvalds */ 61da177e4SLinus Torvalds 71da177e4SLinus Torvalds /* 81da177e4SLinus Torvalds * Some corrections by tytso. 91da177e4SLinus Torvalds */ 101da177e4SLinus Torvalds 111da177e4SLinus Torvalds /* [Feb 1997 T. Schoebel-Theuer] Complete rewrite of the pathname 121da177e4SLinus Torvalds * lookup logic. 131da177e4SLinus Torvalds */ 141da177e4SLinus Torvalds /* [Feb-Apr 2000, AV] Rewrite to the new namespace architecture. 151da177e4SLinus Torvalds */ 161da177e4SLinus Torvalds 171da177e4SLinus Torvalds #include <linux/init.h> 181da177e4SLinus Torvalds #include <linux/module.h> 191da177e4SLinus Torvalds #include <linux/slab.h> 201da177e4SLinus Torvalds #include <linux/fs.h> 211da177e4SLinus Torvalds #include <linux/namei.h> 221da177e4SLinus Torvalds #include <linux/quotaops.h> 231da177e4SLinus Torvalds #include <linux/pagemap.h> 241da177e4SLinus Torvalds #include <linux/dnotify.h> 251da177e4SLinus Torvalds #include <linux/smp_lock.h> 261da177e4SLinus Torvalds #include <linux/personality.h> 271da177e4SLinus Torvalds #include <linux/security.h> 281da177e4SLinus Torvalds #include <linux/syscalls.h> 291da177e4SLinus Torvalds #include <linux/mount.h> 301da177e4SLinus Torvalds #include <linux/audit.h> 311da177e4SLinus Torvalds #include <asm/namei.h> 321da177e4SLinus Torvalds #include <asm/uaccess.h> 331da177e4SLinus Torvalds 341da177e4SLinus Torvalds #define ACC_MODE(x) ("\000\004\002\006"[(x)&O_ACCMODE]) 351da177e4SLinus Torvalds 361da177e4SLinus Torvalds /* [Feb-1997 T. Schoebel-Theuer] 371da177e4SLinus Torvalds * Fundamental changes in the pathname lookup mechanisms (namei) 381da177e4SLinus Torvalds * were necessary because of omirr. The reason is that omirr needs 391da177e4SLinus Torvalds * to know the _real_ pathname, not the user-supplied one, in case 401da177e4SLinus Torvalds * of symlinks (and also when transname replacements occur). 411da177e4SLinus Torvalds * 421da177e4SLinus Torvalds * The new code replaces the old recursive symlink resolution with 431da177e4SLinus Torvalds * an iterative one (in case of non-nested symlink chains). It does 441da177e4SLinus Torvalds * this with calls to <fs>_follow_link(). 451da177e4SLinus Torvalds * As a side effect, dir_namei(), _namei() and follow_link() are now 461da177e4SLinus Torvalds * replaced with a single function lookup_dentry() that can handle all 471da177e4SLinus Torvalds * the special cases of the former code. 481da177e4SLinus Torvalds * 491da177e4SLinus Torvalds * With the new dcache, the pathname is stored at each inode, at least as 501da177e4SLinus Torvalds * long as the refcount of the inode is positive. As a side effect, the 511da177e4SLinus Torvalds * size of the dcache depends on the inode cache and thus is dynamic. 521da177e4SLinus Torvalds * 531da177e4SLinus Torvalds * [29-Apr-1998 C. Scott Ananian] Updated above description of symlink 541da177e4SLinus Torvalds * resolution to correspond with current state of the code. 551da177e4SLinus Torvalds * 561da177e4SLinus Torvalds * Note that the symlink resolution is not *completely* iterative. 571da177e4SLinus Torvalds * There is still a significant amount of tail- and mid- recursion in 581da177e4SLinus Torvalds * the algorithm. Also, note that <fs>_readlink() is not used in 591da177e4SLinus Torvalds * lookup_dentry(): lookup_dentry() on the result of <fs>_readlink() 601da177e4SLinus Torvalds * may return different results than <fs>_follow_link(). Many virtual 611da177e4SLinus Torvalds * filesystems (including /proc) exhibit this behavior. 621da177e4SLinus Torvalds */ 631da177e4SLinus Torvalds 641da177e4SLinus Torvalds /* [24-Feb-97 T. Schoebel-Theuer] Side effects caused by new implementation: 651da177e4SLinus Torvalds * New symlink semantics: when open() is called with flags O_CREAT | O_EXCL 661da177e4SLinus Torvalds * and the name already exists in form of a symlink, try to create the new 671da177e4SLinus Torvalds * name indicated by the symlink. The old code always complained that the 681da177e4SLinus Torvalds * name already exists, due to not following the symlink even if its target 691da177e4SLinus Torvalds * is nonexistent. The new semantics affects also mknod() and link() when 701da177e4SLinus Torvalds * the name is a symlink pointing to a non-existant name. 711da177e4SLinus Torvalds * 721da177e4SLinus Torvalds * I don't know which semantics is the right one, since I have no access 731da177e4SLinus Torvalds * to standards. But I found by trial that HP-UX 9.0 has the full "new" 741da177e4SLinus Torvalds * semantics implemented, while SunOS 4.1.1 and Solaris (SunOS 5.4) have the 751da177e4SLinus Torvalds * "old" one. Personally, I think the new semantics is much more logical. 761da177e4SLinus Torvalds * Note that "ln old new" where "new" is a symlink pointing to a non-existing 771da177e4SLinus Torvalds * file does succeed in both HP-UX and SunOs, but not in Solaris 781da177e4SLinus Torvalds * and in the old Linux semantics. 791da177e4SLinus Torvalds */ 801da177e4SLinus Torvalds 811da177e4SLinus Torvalds /* [16-Dec-97 Kevin Buhr] For security reasons, we change some symlink 821da177e4SLinus Torvalds * semantics. See the comments in "open_namei" and "do_link" below. 831da177e4SLinus Torvalds * 841da177e4SLinus Torvalds * [10-Sep-98 Alan Modra] Another symlink change. 851da177e4SLinus Torvalds */ 861da177e4SLinus Torvalds 871da177e4SLinus Torvalds /* [Feb-Apr 2000 AV] Complete rewrite. Rules for symlinks: 881da177e4SLinus Torvalds * inside the path - always follow. 891da177e4SLinus Torvalds * in the last component in creation/removal/renaming - never follow. 901da177e4SLinus Torvalds * if LOOKUP_FOLLOW passed - follow. 911da177e4SLinus Torvalds * if the pathname has trailing slashes - follow. 921da177e4SLinus Torvalds * otherwise - don't follow. 931da177e4SLinus Torvalds * (applied in that order). 941da177e4SLinus Torvalds * 951da177e4SLinus Torvalds * [Jun 2000 AV] Inconsistent behaviour of open() in case if flags==O_CREAT 961da177e4SLinus Torvalds * restored for 2.4. This is the last surviving part of old 4.2BSD bug. 971da177e4SLinus Torvalds * During the 2.4 we need to fix the userland stuff depending on it - 981da177e4SLinus Torvalds * hopefully we will be able to get rid of that wart in 2.5. So far only 991da177e4SLinus Torvalds * XEmacs seems to be relying on it... 1001da177e4SLinus Torvalds */ 1011da177e4SLinus Torvalds /* 1021da177e4SLinus Torvalds * [Sep 2001 AV] Single-semaphore locking scheme (kudos to David Holland) 1031da177e4SLinus Torvalds * implemented. Let's see if raised priority of ->s_vfs_rename_sem gives 1041da177e4SLinus Torvalds * any extra contention... 1051da177e4SLinus Torvalds */ 1061da177e4SLinus Torvalds 1071da177e4SLinus Torvalds /* In order to reduce some races, while at the same time doing additional 1081da177e4SLinus Torvalds * checking and hopefully speeding things up, we copy filenames to the 1091da177e4SLinus Torvalds * kernel data space before using them.. 1101da177e4SLinus Torvalds * 1111da177e4SLinus Torvalds * POSIX.1 2.4: an empty pathname is invalid (ENOENT). 1121da177e4SLinus Torvalds * PATH_MAX includes the nul terminator --RR. 1131da177e4SLinus Torvalds */ 1141da177e4SLinus Torvalds static inline int do_getname(const char __user *filename, char *page) 1151da177e4SLinus Torvalds { 1161da177e4SLinus Torvalds int retval; 1171da177e4SLinus Torvalds unsigned long len = PATH_MAX; 1181da177e4SLinus Torvalds 1191da177e4SLinus Torvalds if (!segment_eq(get_fs(), KERNEL_DS)) { 1201da177e4SLinus Torvalds if ((unsigned long) filename >= TASK_SIZE) 1211da177e4SLinus Torvalds return -EFAULT; 1221da177e4SLinus Torvalds if (TASK_SIZE - (unsigned long) filename < PATH_MAX) 1231da177e4SLinus Torvalds len = TASK_SIZE - (unsigned long) filename; 1241da177e4SLinus Torvalds } 1251da177e4SLinus Torvalds 1261da177e4SLinus Torvalds retval = strncpy_from_user(page, filename, len); 1271da177e4SLinus Torvalds if (retval > 0) { 1281da177e4SLinus Torvalds if (retval < len) 1291da177e4SLinus Torvalds return 0; 1301da177e4SLinus Torvalds return -ENAMETOOLONG; 1311da177e4SLinus Torvalds } else if (!retval) 1321da177e4SLinus Torvalds retval = -ENOENT; 1331da177e4SLinus Torvalds return retval; 1341da177e4SLinus Torvalds } 1351da177e4SLinus Torvalds 1361da177e4SLinus Torvalds char * getname(const char __user * filename) 1371da177e4SLinus Torvalds { 1381da177e4SLinus Torvalds char *tmp, *result; 1391da177e4SLinus Torvalds 1401da177e4SLinus Torvalds result = ERR_PTR(-ENOMEM); 1411da177e4SLinus Torvalds tmp = __getname(); 1421da177e4SLinus Torvalds if (tmp) { 1431da177e4SLinus Torvalds int retval = do_getname(filename, tmp); 1441da177e4SLinus Torvalds 1451da177e4SLinus Torvalds result = tmp; 1461da177e4SLinus Torvalds if (retval < 0) { 1471da177e4SLinus Torvalds __putname(tmp); 1481da177e4SLinus Torvalds result = ERR_PTR(retval); 1491da177e4SLinus Torvalds } 1501da177e4SLinus Torvalds } 1511da177e4SLinus Torvalds audit_getname(result); 1521da177e4SLinus Torvalds return result; 1531da177e4SLinus Torvalds } 1541da177e4SLinus Torvalds 1551da177e4SLinus Torvalds #ifdef CONFIG_AUDITSYSCALL 1561da177e4SLinus Torvalds void putname(const char *name) 1571da177e4SLinus Torvalds { 1581da177e4SLinus Torvalds if (unlikely(current->audit_context)) 1591da177e4SLinus Torvalds audit_putname(name); 1601da177e4SLinus Torvalds else 1611da177e4SLinus Torvalds __putname(name); 1621da177e4SLinus Torvalds } 1631da177e4SLinus Torvalds EXPORT_SYMBOL(putname); 1641da177e4SLinus Torvalds #endif 1651da177e4SLinus Torvalds 1661da177e4SLinus Torvalds 1671da177e4SLinus Torvalds /** 1681da177e4SLinus Torvalds * generic_permission - check for access rights on a Posix-like filesystem 1691da177e4SLinus Torvalds * @inode: inode to check access rights for 1701da177e4SLinus Torvalds * @mask: right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC) 1711da177e4SLinus Torvalds * @check_acl: optional callback to check for Posix ACLs 1721da177e4SLinus Torvalds * 1731da177e4SLinus Torvalds * Used to check for read/write/execute permissions on a file. 1741da177e4SLinus Torvalds * We use "fsuid" for this, letting us set arbitrary permissions 1751da177e4SLinus Torvalds * for filesystem access without changing the "normal" uids which 1761da177e4SLinus Torvalds * are used for other things.. 1771da177e4SLinus Torvalds */ 1781da177e4SLinus Torvalds int generic_permission(struct inode *inode, int mask, 1791da177e4SLinus Torvalds int (*check_acl)(struct inode *inode, int mask)) 1801da177e4SLinus Torvalds { 1811da177e4SLinus Torvalds umode_t mode = inode->i_mode; 1821da177e4SLinus Torvalds 1831da177e4SLinus Torvalds if (current->fsuid == inode->i_uid) 1841da177e4SLinus Torvalds mode >>= 6; 1851da177e4SLinus Torvalds else { 1861da177e4SLinus Torvalds if (IS_POSIXACL(inode) && (mode & S_IRWXG) && check_acl) { 1871da177e4SLinus Torvalds int error = check_acl(inode, mask); 1881da177e4SLinus Torvalds if (error == -EACCES) 1891da177e4SLinus Torvalds goto check_capabilities; 1901da177e4SLinus Torvalds else if (error != -EAGAIN) 1911da177e4SLinus Torvalds return error; 1921da177e4SLinus Torvalds } 1931da177e4SLinus Torvalds 1941da177e4SLinus Torvalds if (in_group_p(inode->i_gid)) 1951da177e4SLinus Torvalds mode >>= 3; 1961da177e4SLinus Torvalds } 1971da177e4SLinus Torvalds 1981da177e4SLinus Torvalds /* 1991da177e4SLinus Torvalds * If the DACs are ok we don't need any capability check. 2001da177e4SLinus Torvalds */ 2011da177e4SLinus Torvalds if (((mode & mask & (MAY_READ|MAY_WRITE|MAY_EXEC)) == mask)) 2021da177e4SLinus Torvalds return 0; 2031da177e4SLinus Torvalds 2041da177e4SLinus Torvalds check_capabilities: 2051da177e4SLinus Torvalds /* 2061da177e4SLinus Torvalds * Read/write DACs are always overridable. 2071da177e4SLinus Torvalds * Executable DACs are overridable if at least one exec bit is set. 2081da177e4SLinus Torvalds */ 2091da177e4SLinus Torvalds if (!(mask & MAY_EXEC) || 2101da177e4SLinus Torvalds (inode->i_mode & S_IXUGO) || S_ISDIR(inode->i_mode)) 2111da177e4SLinus Torvalds if (capable(CAP_DAC_OVERRIDE)) 2121da177e4SLinus Torvalds return 0; 2131da177e4SLinus Torvalds 2141da177e4SLinus Torvalds /* 2151da177e4SLinus Torvalds * Searching includes executable on directories, else just read. 2161da177e4SLinus Torvalds */ 2171da177e4SLinus Torvalds if (mask == MAY_READ || (S_ISDIR(inode->i_mode) && !(mask & MAY_WRITE))) 2181da177e4SLinus Torvalds if (capable(CAP_DAC_READ_SEARCH)) 2191da177e4SLinus Torvalds return 0; 2201da177e4SLinus Torvalds 2211da177e4SLinus Torvalds return -EACCES; 2221da177e4SLinus Torvalds } 2231da177e4SLinus Torvalds 2241da177e4SLinus Torvalds int permission(struct inode *inode, int mask, struct nameidata *nd) 2251da177e4SLinus Torvalds { 2261da177e4SLinus Torvalds int retval, submask; 2271da177e4SLinus Torvalds 2281da177e4SLinus Torvalds if (mask & MAY_WRITE) { 2291da177e4SLinus Torvalds umode_t mode = inode->i_mode; 2301da177e4SLinus Torvalds 2311da177e4SLinus Torvalds /* 2321da177e4SLinus Torvalds * Nobody gets write access to a read-only fs. 2331da177e4SLinus Torvalds */ 2341da177e4SLinus Torvalds if (IS_RDONLY(inode) && 2351da177e4SLinus Torvalds (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode))) 2361da177e4SLinus Torvalds return -EROFS; 2371da177e4SLinus Torvalds 2381da177e4SLinus Torvalds /* 2391da177e4SLinus Torvalds * Nobody gets write access to an immutable file. 2401da177e4SLinus Torvalds */ 2411da177e4SLinus Torvalds if (IS_IMMUTABLE(inode)) 2421da177e4SLinus Torvalds return -EACCES; 2431da177e4SLinus Torvalds } 2441da177e4SLinus Torvalds 2451da177e4SLinus Torvalds 2461da177e4SLinus Torvalds /* Ordinary permission routines do not understand MAY_APPEND. */ 2471da177e4SLinus Torvalds submask = mask & ~MAY_APPEND; 2481da177e4SLinus Torvalds if (inode->i_op && inode->i_op->permission) 2491da177e4SLinus Torvalds retval = inode->i_op->permission(inode, submask, nd); 2501da177e4SLinus Torvalds else 2511da177e4SLinus Torvalds retval = generic_permission(inode, submask, NULL); 2521da177e4SLinus Torvalds if (retval) 2531da177e4SLinus Torvalds return retval; 2541da177e4SLinus Torvalds 2551da177e4SLinus Torvalds return security_inode_permission(inode, mask, nd); 2561da177e4SLinus Torvalds } 2571da177e4SLinus Torvalds 2581da177e4SLinus Torvalds /* 2591da177e4SLinus Torvalds * get_write_access() gets write permission for a file. 2601da177e4SLinus Torvalds * put_write_access() releases this write permission. 2611da177e4SLinus Torvalds * This is used for regular files. 2621da177e4SLinus Torvalds * We cannot support write (and maybe mmap read-write shared) accesses and 2631da177e4SLinus Torvalds * MAP_DENYWRITE mmappings simultaneously. The i_writecount field of an inode 2641da177e4SLinus Torvalds * can have the following values: 2651da177e4SLinus Torvalds * 0: no writers, no VM_DENYWRITE mappings 2661da177e4SLinus Torvalds * < 0: (-i_writecount) vm_area_structs with VM_DENYWRITE set exist 2671da177e4SLinus Torvalds * > 0: (i_writecount) users are writing to the file. 2681da177e4SLinus Torvalds * 2691da177e4SLinus Torvalds * Normally we operate on that counter with atomic_{inc,dec} and it's safe 2701da177e4SLinus Torvalds * except for the cases where we don't hold i_writecount yet. Then we need to 2711da177e4SLinus Torvalds * use {get,deny}_write_access() - these functions check the sign and refuse 2721da177e4SLinus Torvalds * to do the change if sign is wrong. Exclusion between them is provided by 2731da177e4SLinus Torvalds * the inode->i_lock spinlock. 2741da177e4SLinus Torvalds */ 2751da177e4SLinus Torvalds 2761da177e4SLinus Torvalds int get_write_access(struct inode * inode) 2771da177e4SLinus Torvalds { 2781da177e4SLinus Torvalds spin_lock(&inode->i_lock); 2791da177e4SLinus Torvalds if (atomic_read(&inode->i_writecount) < 0) { 2801da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 2811da177e4SLinus Torvalds return -ETXTBSY; 2821da177e4SLinus Torvalds } 2831da177e4SLinus Torvalds atomic_inc(&inode->i_writecount); 2841da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 2851da177e4SLinus Torvalds 2861da177e4SLinus Torvalds return 0; 2871da177e4SLinus Torvalds } 2881da177e4SLinus Torvalds 2891da177e4SLinus Torvalds int deny_write_access(struct file * file) 2901da177e4SLinus Torvalds { 2911da177e4SLinus Torvalds struct inode *inode = file->f_dentry->d_inode; 2921da177e4SLinus Torvalds 2931da177e4SLinus Torvalds spin_lock(&inode->i_lock); 2941da177e4SLinus Torvalds if (atomic_read(&inode->i_writecount) > 0) { 2951da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 2961da177e4SLinus Torvalds return -ETXTBSY; 2971da177e4SLinus Torvalds } 2981da177e4SLinus Torvalds atomic_dec(&inode->i_writecount); 2991da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 3001da177e4SLinus Torvalds 3011da177e4SLinus Torvalds return 0; 3021da177e4SLinus Torvalds } 3031da177e4SLinus Torvalds 3041da177e4SLinus Torvalds void path_release(struct nameidata *nd) 3051da177e4SLinus Torvalds { 3061da177e4SLinus Torvalds dput(nd->dentry); 3071da177e4SLinus Torvalds mntput(nd->mnt); 3081da177e4SLinus Torvalds } 3091da177e4SLinus Torvalds 3101da177e4SLinus Torvalds /* 3111da177e4SLinus Torvalds * umount() mustn't call path_release()/mntput() as that would clear 3121da177e4SLinus Torvalds * mnt_expiry_mark 3131da177e4SLinus Torvalds */ 3141da177e4SLinus Torvalds void path_release_on_umount(struct nameidata *nd) 3151da177e4SLinus Torvalds { 3161da177e4SLinus Torvalds dput(nd->dentry); 3171da177e4SLinus Torvalds _mntput(nd->mnt); 3181da177e4SLinus Torvalds } 3191da177e4SLinus Torvalds 3201da177e4SLinus Torvalds /* 3211da177e4SLinus Torvalds * Internal lookup() using the new generic dcache. 3221da177e4SLinus Torvalds * SMP-safe 3231da177e4SLinus Torvalds */ 3241da177e4SLinus Torvalds static struct dentry * cached_lookup(struct dentry * parent, struct qstr * name, struct nameidata *nd) 3251da177e4SLinus Torvalds { 3261da177e4SLinus Torvalds struct dentry * dentry = __d_lookup(parent, name); 3271da177e4SLinus Torvalds 3281da177e4SLinus Torvalds /* lockess __d_lookup may fail due to concurrent d_move() 3291da177e4SLinus Torvalds * in some unrelated directory, so try with d_lookup 3301da177e4SLinus Torvalds */ 3311da177e4SLinus Torvalds if (!dentry) 3321da177e4SLinus Torvalds dentry = d_lookup(parent, name); 3331da177e4SLinus Torvalds 3341da177e4SLinus Torvalds if (dentry && dentry->d_op && dentry->d_op->d_revalidate) { 3351da177e4SLinus Torvalds if (!dentry->d_op->d_revalidate(dentry, nd) && !d_invalidate(dentry)) { 3361da177e4SLinus Torvalds dput(dentry); 3371da177e4SLinus Torvalds dentry = NULL; 3381da177e4SLinus Torvalds } 3391da177e4SLinus Torvalds } 3401da177e4SLinus Torvalds return dentry; 3411da177e4SLinus Torvalds } 3421da177e4SLinus Torvalds 3431da177e4SLinus Torvalds /* 3441da177e4SLinus Torvalds * Short-cut version of permission(), for calling by 3451da177e4SLinus Torvalds * path_walk(), when dcache lock is held. Combines parts 3461da177e4SLinus Torvalds * of permission() and generic_permission(), and tests ONLY for 3471da177e4SLinus Torvalds * MAY_EXEC permission. 3481da177e4SLinus Torvalds * 3491da177e4SLinus Torvalds * If appropriate, check DAC only. If not appropriate, or 3501da177e4SLinus Torvalds * short-cut DAC fails, then call permission() to do more 3511da177e4SLinus Torvalds * complete permission check. 3521da177e4SLinus Torvalds */ 3531da177e4SLinus Torvalds static inline int exec_permission_lite(struct inode *inode, 3541da177e4SLinus Torvalds struct nameidata *nd) 3551da177e4SLinus Torvalds { 3561da177e4SLinus Torvalds umode_t mode = inode->i_mode; 3571da177e4SLinus Torvalds 3581da177e4SLinus Torvalds if (inode->i_op && inode->i_op->permission) 3591da177e4SLinus Torvalds return -EAGAIN; 3601da177e4SLinus Torvalds 3611da177e4SLinus Torvalds if (current->fsuid == inode->i_uid) 3621da177e4SLinus Torvalds mode >>= 6; 3631da177e4SLinus Torvalds else if (in_group_p(inode->i_gid)) 3641da177e4SLinus Torvalds mode >>= 3; 3651da177e4SLinus Torvalds 3661da177e4SLinus Torvalds if (mode & MAY_EXEC) 3671da177e4SLinus Torvalds goto ok; 3681da177e4SLinus Torvalds 3691da177e4SLinus Torvalds if ((inode->i_mode & S_IXUGO) && capable(CAP_DAC_OVERRIDE)) 3701da177e4SLinus Torvalds goto ok; 3711da177e4SLinus Torvalds 3721da177e4SLinus Torvalds if (S_ISDIR(inode->i_mode) && capable(CAP_DAC_OVERRIDE)) 3731da177e4SLinus Torvalds goto ok; 3741da177e4SLinus Torvalds 3751da177e4SLinus Torvalds if (S_ISDIR(inode->i_mode) && capable(CAP_DAC_READ_SEARCH)) 3761da177e4SLinus Torvalds goto ok; 3771da177e4SLinus Torvalds 3781da177e4SLinus Torvalds return -EACCES; 3791da177e4SLinus Torvalds ok: 3801da177e4SLinus Torvalds return security_inode_permission(inode, MAY_EXEC, nd); 3811da177e4SLinus Torvalds } 3821da177e4SLinus Torvalds 3831da177e4SLinus Torvalds /* 3841da177e4SLinus Torvalds * This is called when everything else fails, and we actually have 3851da177e4SLinus Torvalds * to go to the low-level filesystem to find out what we should do.. 3861da177e4SLinus Torvalds * 3871da177e4SLinus Torvalds * We get the directory semaphore, and after getting that we also 3881da177e4SLinus Torvalds * make sure that nobody added the entry to the dcache in the meantime.. 3891da177e4SLinus Torvalds * SMP-safe 3901da177e4SLinus Torvalds */ 3911da177e4SLinus Torvalds static struct dentry * real_lookup(struct dentry * parent, struct qstr * name, struct nameidata *nd) 3921da177e4SLinus Torvalds { 3931da177e4SLinus Torvalds struct dentry * result; 3941da177e4SLinus Torvalds struct inode *dir = parent->d_inode; 3951da177e4SLinus Torvalds 3961da177e4SLinus Torvalds down(&dir->i_sem); 3971da177e4SLinus Torvalds /* 3981da177e4SLinus Torvalds * First re-do the cached lookup just in case it was created 3991da177e4SLinus Torvalds * while we waited for the directory semaphore.. 4001da177e4SLinus Torvalds * 4011da177e4SLinus Torvalds * FIXME! This could use version numbering or similar to 4021da177e4SLinus Torvalds * avoid unnecessary cache lookups. 4031da177e4SLinus Torvalds * 4041da177e4SLinus Torvalds * The "dcache_lock" is purely to protect the RCU list walker 4051da177e4SLinus Torvalds * from concurrent renames at this point (we mustn't get false 4061da177e4SLinus Torvalds * negatives from the RCU list walk here, unlike the optimistic 4071da177e4SLinus Torvalds * fast walk). 4081da177e4SLinus Torvalds * 4091da177e4SLinus Torvalds * so doing d_lookup() (with seqlock), instead of lockfree __d_lookup 4101da177e4SLinus Torvalds */ 4111da177e4SLinus Torvalds result = d_lookup(parent, name); 4121da177e4SLinus Torvalds if (!result) { 4131da177e4SLinus Torvalds struct dentry * dentry = d_alloc(parent, name); 4141da177e4SLinus Torvalds result = ERR_PTR(-ENOMEM); 4151da177e4SLinus Torvalds if (dentry) { 4161da177e4SLinus Torvalds result = dir->i_op->lookup(dir, dentry, nd); 4171da177e4SLinus Torvalds if (result) 4181da177e4SLinus Torvalds dput(dentry); 4191da177e4SLinus Torvalds else 4201da177e4SLinus Torvalds result = dentry; 4211da177e4SLinus Torvalds } 4221da177e4SLinus Torvalds up(&dir->i_sem); 4231da177e4SLinus Torvalds return result; 4241da177e4SLinus Torvalds } 4251da177e4SLinus Torvalds 4261da177e4SLinus Torvalds /* 4271da177e4SLinus Torvalds * Uhhuh! Nasty case: the cache was re-populated while 4281da177e4SLinus Torvalds * we waited on the semaphore. Need to revalidate. 4291da177e4SLinus Torvalds */ 4301da177e4SLinus Torvalds up(&dir->i_sem); 4311da177e4SLinus Torvalds if (result->d_op && result->d_op->d_revalidate) { 4321da177e4SLinus Torvalds if (!result->d_op->d_revalidate(result, nd) && !d_invalidate(result)) { 4331da177e4SLinus Torvalds dput(result); 4341da177e4SLinus Torvalds result = ERR_PTR(-ENOENT); 4351da177e4SLinus Torvalds } 4361da177e4SLinus Torvalds } 4371da177e4SLinus Torvalds return result; 4381da177e4SLinus Torvalds } 4391da177e4SLinus Torvalds 4401da177e4SLinus Torvalds static int __emul_lookup_dentry(const char *, struct nameidata *); 4411da177e4SLinus Torvalds 4421da177e4SLinus Torvalds /* SMP-safe */ 4431da177e4SLinus Torvalds static inline int 4441da177e4SLinus Torvalds walk_init_root(const char *name, struct nameidata *nd) 4451da177e4SLinus Torvalds { 4461da177e4SLinus Torvalds read_lock(¤t->fs->lock); 4471da177e4SLinus Torvalds if (current->fs->altroot && !(nd->flags & LOOKUP_NOALT)) { 4481da177e4SLinus Torvalds nd->mnt = mntget(current->fs->altrootmnt); 4491da177e4SLinus Torvalds nd->dentry = dget(current->fs->altroot); 4501da177e4SLinus Torvalds read_unlock(¤t->fs->lock); 4511da177e4SLinus Torvalds if (__emul_lookup_dentry(name,nd)) 4521da177e4SLinus Torvalds return 0; 4531da177e4SLinus Torvalds read_lock(¤t->fs->lock); 4541da177e4SLinus Torvalds } 4551da177e4SLinus Torvalds nd->mnt = mntget(current->fs->rootmnt); 4561da177e4SLinus Torvalds nd->dentry = dget(current->fs->root); 4571da177e4SLinus Torvalds read_unlock(¤t->fs->lock); 4581da177e4SLinus Torvalds return 1; 4591da177e4SLinus Torvalds } 4601da177e4SLinus Torvalds 4611da177e4SLinus Torvalds static inline int __vfs_follow_link(struct nameidata *nd, const char *link) 4621da177e4SLinus Torvalds { 4631da177e4SLinus Torvalds int res = 0; 4641da177e4SLinus Torvalds char *name; 4651da177e4SLinus Torvalds if (IS_ERR(link)) 4661da177e4SLinus Torvalds goto fail; 4671da177e4SLinus Torvalds 4681da177e4SLinus Torvalds if (*link == '/') { 4691da177e4SLinus Torvalds path_release(nd); 4701da177e4SLinus Torvalds if (!walk_init_root(link, nd)) 4711da177e4SLinus Torvalds /* weird __emul_prefix() stuff did it */ 4721da177e4SLinus Torvalds goto out; 4731da177e4SLinus Torvalds } 4741da177e4SLinus Torvalds res = link_path_walk(link, nd); 4751da177e4SLinus Torvalds out: 4761da177e4SLinus Torvalds if (nd->depth || res || nd->last_type!=LAST_NORM) 4771da177e4SLinus Torvalds return res; 4781da177e4SLinus Torvalds /* 4791da177e4SLinus Torvalds * If it is an iterative symlinks resolution in open_namei() we 4801da177e4SLinus Torvalds * have to copy the last component. And all that crap because of 4811da177e4SLinus Torvalds * bloody create() on broken symlinks. Furrfu... 4821da177e4SLinus Torvalds */ 4831da177e4SLinus Torvalds name = __getname(); 4841da177e4SLinus Torvalds if (unlikely(!name)) { 4851da177e4SLinus Torvalds path_release(nd); 4861da177e4SLinus Torvalds return -ENOMEM; 4871da177e4SLinus Torvalds } 4881da177e4SLinus Torvalds strcpy(name, nd->last.name); 4891da177e4SLinus Torvalds nd->last.name = name; 4901da177e4SLinus Torvalds return 0; 4911da177e4SLinus Torvalds fail: 4921da177e4SLinus Torvalds path_release(nd); 4931da177e4SLinus Torvalds return PTR_ERR(link); 4941da177e4SLinus Torvalds } 4951da177e4SLinus Torvalds 49690ebe565SAl Viro struct path { 49790ebe565SAl Viro struct vfsmount *mnt; 49890ebe565SAl Viro struct dentry *dentry; 49990ebe565SAl Viro }; 50090ebe565SAl Viro 5011da177e4SLinus Torvalds static inline int __do_follow_link(struct dentry *dentry, struct nameidata *nd) 5021da177e4SLinus Torvalds { 5031da177e4SLinus Torvalds int error; 5041da177e4SLinus Torvalds 5051da177e4SLinus Torvalds touch_atime(nd->mnt, dentry); 5061da177e4SLinus Torvalds nd_set_link(nd, NULL); 5071da177e4SLinus Torvalds error = dentry->d_inode->i_op->follow_link(dentry, nd); 5081da177e4SLinus Torvalds if (!error) { 5091da177e4SLinus Torvalds char *s = nd_get_link(nd); 5101da177e4SLinus Torvalds if (s) 5111da177e4SLinus Torvalds error = __vfs_follow_link(nd, s); 5121da177e4SLinus Torvalds if (dentry->d_inode->i_op->put_link) 5131da177e4SLinus Torvalds dentry->d_inode->i_op->put_link(dentry, nd); 5141da177e4SLinus Torvalds } 5151da177e4SLinus Torvalds 5161da177e4SLinus Torvalds return error; 5171da177e4SLinus Torvalds } 5181da177e4SLinus Torvalds 5191da177e4SLinus Torvalds /* 5201da177e4SLinus Torvalds * This limits recursive symlink follows to 8, while 5211da177e4SLinus Torvalds * limiting consecutive symlinks to 40. 5221da177e4SLinus Torvalds * 5231da177e4SLinus Torvalds * Without that kind of total limit, nasty chains of consecutive 5241da177e4SLinus Torvalds * symlinks can cause almost arbitrarily long lookups. 5251da177e4SLinus Torvalds */ 52690ebe565SAl Viro static inline int do_follow_link(struct path *path, struct nameidata *nd) 5271da177e4SLinus Torvalds { 5281da177e4SLinus Torvalds int err = -ELOOP; 5295f92b3bcSAl Viro mntget(path->mnt); 5301da177e4SLinus Torvalds if (current->link_count >= MAX_NESTED_LINKS) 5311da177e4SLinus Torvalds goto loop; 5321da177e4SLinus Torvalds if (current->total_link_count >= 40) 5331da177e4SLinus Torvalds goto loop; 5341da177e4SLinus Torvalds BUG_ON(nd->depth >= MAX_NESTED_LINKS); 5351da177e4SLinus Torvalds cond_resched(); 53690ebe565SAl Viro err = security_inode_follow_link(path->dentry, nd); 5371da177e4SLinus Torvalds if (err) 5381da177e4SLinus Torvalds goto loop; 5391da177e4SLinus Torvalds current->link_count++; 5401da177e4SLinus Torvalds current->total_link_count++; 5411da177e4SLinus Torvalds nd->depth++; 54290ebe565SAl Viro err = __do_follow_link(path->dentry, nd); 5431da177e4SLinus Torvalds current->link_count--; 5441da177e4SLinus Torvalds nd->depth--; 5455f92b3bcSAl Viro dput(path->dentry); 5465f92b3bcSAl Viro mntput(path->mnt); 5471da177e4SLinus Torvalds return err; 5481da177e4SLinus Torvalds loop: 5491da177e4SLinus Torvalds path_release(nd); 5505f92b3bcSAl Viro dput(path->dentry); 5515f92b3bcSAl Viro mntput(path->mnt); 5521da177e4SLinus Torvalds return err; 5531da177e4SLinus Torvalds } 5541da177e4SLinus Torvalds 5551da177e4SLinus Torvalds int follow_up(struct vfsmount **mnt, struct dentry **dentry) 5561da177e4SLinus Torvalds { 5571da177e4SLinus Torvalds struct vfsmount *parent; 5581da177e4SLinus Torvalds struct dentry *mountpoint; 5591da177e4SLinus Torvalds spin_lock(&vfsmount_lock); 5601da177e4SLinus Torvalds parent=(*mnt)->mnt_parent; 5611da177e4SLinus Torvalds if (parent == *mnt) { 5621da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 5631da177e4SLinus Torvalds return 0; 5641da177e4SLinus Torvalds } 5651da177e4SLinus Torvalds mntget(parent); 5661da177e4SLinus Torvalds mountpoint=dget((*mnt)->mnt_mountpoint); 5671da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 5681da177e4SLinus Torvalds dput(*dentry); 5691da177e4SLinus Torvalds *dentry = mountpoint; 5701da177e4SLinus Torvalds mntput(*mnt); 5711da177e4SLinus Torvalds *mnt = parent; 5721da177e4SLinus Torvalds return 1; 5731da177e4SLinus Torvalds } 5741da177e4SLinus Torvalds 5751da177e4SLinus Torvalds /* no need for dcache_lock, as serialization is taken care in 5761da177e4SLinus Torvalds * namespace.c 5771da177e4SLinus Torvalds */ 5781da177e4SLinus Torvalds static int follow_mount(struct vfsmount **mnt, struct dentry **dentry) 5791da177e4SLinus Torvalds { 5801da177e4SLinus Torvalds int res = 0; 5811da177e4SLinus Torvalds while (d_mountpoint(*dentry)) { 5821da177e4SLinus Torvalds struct vfsmount *mounted = lookup_mnt(*mnt, *dentry); 5831da177e4SLinus Torvalds if (!mounted) 5841da177e4SLinus Torvalds break; 5851da177e4SLinus Torvalds mntput(*mnt); 5861da177e4SLinus Torvalds *mnt = mounted; 5871da177e4SLinus Torvalds dput(*dentry); 5881da177e4SLinus Torvalds *dentry = dget(mounted->mnt_root); 5891da177e4SLinus Torvalds res = 1; 5901da177e4SLinus Torvalds } 5911da177e4SLinus Torvalds return res; 5921da177e4SLinus Torvalds } 5931da177e4SLinus Torvalds 5941da177e4SLinus Torvalds /* no need for dcache_lock, as serialization is taken care in 5951da177e4SLinus Torvalds * namespace.c 5961da177e4SLinus Torvalds */ 5971da177e4SLinus Torvalds static inline int __follow_down(struct vfsmount **mnt, struct dentry **dentry) 5981da177e4SLinus Torvalds { 5991da177e4SLinus Torvalds struct vfsmount *mounted; 6001da177e4SLinus Torvalds 6011da177e4SLinus Torvalds mounted = lookup_mnt(*mnt, *dentry); 6021da177e4SLinus Torvalds if (mounted) { 6031da177e4SLinus Torvalds mntput(*mnt); 6041da177e4SLinus Torvalds *mnt = mounted; 6051da177e4SLinus Torvalds dput(*dentry); 6061da177e4SLinus Torvalds *dentry = dget(mounted->mnt_root); 6071da177e4SLinus Torvalds return 1; 6081da177e4SLinus Torvalds } 6091da177e4SLinus Torvalds return 0; 6101da177e4SLinus Torvalds } 6111da177e4SLinus Torvalds 6121da177e4SLinus Torvalds int follow_down(struct vfsmount **mnt, struct dentry **dentry) 6131da177e4SLinus Torvalds { 6141da177e4SLinus Torvalds return __follow_down(mnt,dentry); 6151da177e4SLinus Torvalds } 6161da177e4SLinus Torvalds 6171da177e4SLinus Torvalds static inline void follow_dotdot(struct vfsmount **mnt, struct dentry **dentry) 6181da177e4SLinus Torvalds { 6191da177e4SLinus Torvalds while(1) { 6201da177e4SLinus Torvalds struct vfsmount *parent; 6211da177e4SLinus Torvalds struct dentry *old = *dentry; 6221da177e4SLinus Torvalds 6231da177e4SLinus Torvalds read_lock(¤t->fs->lock); 6241da177e4SLinus Torvalds if (*dentry == current->fs->root && 6251da177e4SLinus Torvalds *mnt == current->fs->rootmnt) { 6261da177e4SLinus Torvalds read_unlock(¤t->fs->lock); 6271da177e4SLinus Torvalds break; 6281da177e4SLinus Torvalds } 6291da177e4SLinus Torvalds read_unlock(¤t->fs->lock); 6301da177e4SLinus Torvalds spin_lock(&dcache_lock); 6311da177e4SLinus Torvalds if (*dentry != (*mnt)->mnt_root) { 6321da177e4SLinus Torvalds *dentry = dget((*dentry)->d_parent); 6331da177e4SLinus Torvalds spin_unlock(&dcache_lock); 6341da177e4SLinus Torvalds dput(old); 6351da177e4SLinus Torvalds break; 6361da177e4SLinus Torvalds } 6371da177e4SLinus Torvalds spin_unlock(&dcache_lock); 6381da177e4SLinus Torvalds spin_lock(&vfsmount_lock); 6391da177e4SLinus Torvalds parent = (*mnt)->mnt_parent; 6401da177e4SLinus Torvalds if (parent == *mnt) { 6411da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 6421da177e4SLinus Torvalds break; 6431da177e4SLinus Torvalds } 6441da177e4SLinus Torvalds mntget(parent); 6451da177e4SLinus Torvalds *dentry = dget((*mnt)->mnt_mountpoint); 6461da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 6471da177e4SLinus Torvalds dput(old); 6481da177e4SLinus Torvalds mntput(*mnt); 6491da177e4SLinus Torvalds *mnt = parent; 6501da177e4SLinus Torvalds } 6511da177e4SLinus Torvalds follow_mount(mnt, dentry); 6521da177e4SLinus Torvalds } 6531da177e4SLinus Torvalds 6541da177e4SLinus Torvalds /* 6551da177e4SLinus Torvalds * It's more convoluted than I'd like it to be, but... it's still fairly 6561da177e4SLinus Torvalds * small and for now I'd prefer to have fast path as straight as possible. 6571da177e4SLinus Torvalds * It _is_ time-critical. 6581da177e4SLinus Torvalds */ 6591da177e4SLinus Torvalds static int do_lookup(struct nameidata *nd, struct qstr *name, 6601da177e4SLinus Torvalds struct path *path) 6611da177e4SLinus Torvalds { 6621da177e4SLinus Torvalds struct vfsmount *mnt = nd->mnt; 6631da177e4SLinus Torvalds struct dentry *dentry = __d_lookup(nd->dentry, name); 6641da177e4SLinus Torvalds 6651da177e4SLinus Torvalds if (!dentry) 6661da177e4SLinus Torvalds goto need_lookup; 6671da177e4SLinus Torvalds if (dentry->d_op && dentry->d_op->d_revalidate) 6681da177e4SLinus Torvalds goto need_revalidate; 6691da177e4SLinus Torvalds done: 6701da177e4SLinus Torvalds path->mnt = mnt; 6711da177e4SLinus Torvalds path->dentry = dentry; 6721da177e4SLinus Torvalds return 0; 6731da177e4SLinus Torvalds 6741da177e4SLinus Torvalds need_lookup: 6751da177e4SLinus Torvalds dentry = real_lookup(nd->dentry, name, nd); 6761da177e4SLinus Torvalds if (IS_ERR(dentry)) 6771da177e4SLinus Torvalds goto fail; 6781da177e4SLinus Torvalds goto done; 6791da177e4SLinus Torvalds 6801da177e4SLinus Torvalds need_revalidate: 6811da177e4SLinus Torvalds if (dentry->d_op->d_revalidate(dentry, nd)) 6821da177e4SLinus Torvalds goto done; 6831da177e4SLinus Torvalds if (d_invalidate(dentry)) 6841da177e4SLinus Torvalds goto done; 6851da177e4SLinus Torvalds dput(dentry); 6861da177e4SLinus Torvalds goto need_lookup; 6871da177e4SLinus Torvalds 6881da177e4SLinus Torvalds fail: 6891da177e4SLinus Torvalds return PTR_ERR(dentry); 6901da177e4SLinus Torvalds } 6911da177e4SLinus Torvalds 6921da177e4SLinus Torvalds /* 6931da177e4SLinus Torvalds * Name resolution. 694ea3834d9SPrasanna Meda * This is the basic name resolution function, turning a pathname into 695ea3834d9SPrasanna Meda * the final dentry. We expect 'base' to be positive and a directory. 6961da177e4SLinus Torvalds * 697ea3834d9SPrasanna Meda * Returns 0 and nd will have valid dentry and mnt on success. 698ea3834d9SPrasanna Meda * Returns error and drops reference to input namei data on failure. 6991da177e4SLinus Torvalds */ 7001da177e4SLinus Torvalds static fastcall int __link_path_walk(const char * name, struct nameidata *nd) 7011da177e4SLinus Torvalds { 7021da177e4SLinus Torvalds struct path next; 7031da177e4SLinus Torvalds struct inode *inode; 7041da177e4SLinus Torvalds int err; 7051da177e4SLinus Torvalds unsigned int lookup_flags = nd->flags; 7061da177e4SLinus Torvalds 7071da177e4SLinus Torvalds while (*name=='/') 7081da177e4SLinus Torvalds name++; 7091da177e4SLinus Torvalds if (!*name) 7101da177e4SLinus Torvalds goto return_reval; 7111da177e4SLinus Torvalds 7121da177e4SLinus Torvalds inode = nd->dentry->d_inode; 7131da177e4SLinus Torvalds if (nd->depth) 7141da177e4SLinus Torvalds lookup_flags = LOOKUP_FOLLOW; 7151da177e4SLinus Torvalds 7161da177e4SLinus Torvalds /* At this point we know we have a real path component. */ 7171da177e4SLinus Torvalds for(;;) { 7181da177e4SLinus Torvalds unsigned long hash; 7191da177e4SLinus Torvalds struct qstr this; 7201da177e4SLinus Torvalds unsigned int c; 7211da177e4SLinus Torvalds 7221da177e4SLinus Torvalds err = exec_permission_lite(inode, nd); 7231da177e4SLinus Torvalds if (err == -EAGAIN) { 7241da177e4SLinus Torvalds err = permission(inode, MAY_EXEC, nd); 7251da177e4SLinus Torvalds } 7261da177e4SLinus Torvalds if (err) 7271da177e4SLinus Torvalds break; 7281da177e4SLinus Torvalds 7291da177e4SLinus Torvalds this.name = name; 7301da177e4SLinus Torvalds c = *(const unsigned char *)name; 7311da177e4SLinus Torvalds 7321da177e4SLinus Torvalds hash = init_name_hash(); 7331da177e4SLinus Torvalds do { 7341da177e4SLinus Torvalds name++; 7351da177e4SLinus Torvalds hash = partial_name_hash(c, hash); 7361da177e4SLinus Torvalds c = *(const unsigned char *)name; 7371da177e4SLinus Torvalds } while (c && (c != '/')); 7381da177e4SLinus Torvalds this.len = name - (const char *) this.name; 7391da177e4SLinus Torvalds this.hash = end_name_hash(hash); 7401da177e4SLinus Torvalds 7411da177e4SLinus Torvalds /* remove trailing slashes? */ 7421da177e4SLinus Torvalds if (!c) 7431da177e4SLinus Torvalds goto last_component; 7441da177e4SLinus Torvalds while (*++name == '/'); 7451da177e4SLinus Torvalds if (!*name) 7461da177e4SLinus Torvalds goto last_with_slashes; 7471da177e4SLinus Torvalds 7481da177e4SLinus Torvalds /* 7491da177e4SLinus Torvalds * "." and ".." are special - ".." especially so because it has 7501da177e4SLinus Torvalds * to be able to know about the current root directory and 7511da177e4SLinus Torvalds * parent relationships. 7521da177e4SLinus Torvalds */ 7531da177e4SLinus Torvalds if (this.name[0] == '.') switch (this.len) { 7541da177e4SLinus Torvalds default: 7551da177e4SLinus Torvalds break; 7561da177e4SLinus Torvalds case 2: 7571da177e4SLinus Torvalds if (this.name[1] != '.') 7581da177e4SLinus Torvalds break; 7591da177e4SLinus Torvalds follow_dotdot(&nd->mnt, &nd->dentry); 7601da177e4SLinus Torvalds inode = nd->dentry->d_inode; 7611da177e4SLinus Torvalds /* fallthrough */ 7621da177e4SLinus Torvalds case 1: 7631da177e4SLinus Torvalds continue; 7641da177e4SLinus Torvalds } 7651da177e4SLinus Torvalds /* 7661da177e4SLinus Torvalds * See if the low-level filesystem might want 7671da177e4SLinus Torvalds * to use its own hash.. 7681da177e4SLinus Torvalds */ 7691da177e4SLinus Torvalds if (nd->dentry->d_op && nd->dentry->d_op->d_hash) { 7701da177e4SLinus Torvalds err = nd->dentry->d_op->d_hash(nd->dentry, &this); 7711da177e4SLinus Torvalds if (err < 0) 7721da177e4SLinus Torvalds break; 7731da177e4SLinus Torvalds } 7741da177e4SLinus Torvalds nd->flags |= LOOKUP_CONTINUE; 7751da177e4SLinus Torvalds /* This does the actual lookups.. */ 7761da177e4SLinus Torvalds err = do_lookup(nd, &this, &next); 7771da177e4SLinus Torvalds if (err) 7781da177e4SLinus Torvalds break; 7791da177e4SLinus Torvalds /* Check mountpoints.. */ 7801da177e4SLinus Torvalds follow_mount(&next.mnt, &next.dentry); 7811da177e4SLinus Torvalds 7821da177e4SLinus Torvalds err = -ENOENT; 7831da177e4SLinus Torvalds inode = next.dentry->d_inode; 7841da177e4SLinus Torvalds if (!inode) 7851da177e4SLinus Torvalds goto out_dput; 7861da177e4SLinus Torvalds err = -ENOTDIR; 7871da177e4SLinus Torvalds if (!inode->i_op) 7881da177e4SLinus Torvalds goto out_dput; 7891da177e4SLinus Torvalds 7901da177e4SLinus Torvalds if (inode->i_op->follow_link) { 79190ebe565SAl Viro err = do_follow_link(&next, nd); 7921da177e4SLinus Torvalds if (err) 7931da177e4SLinus Torvalds goto return_err; 7941da177e4SLinus Torvalds err = -ENOENT; 7951da177e4SLinus Torvalds inode = nd->dentry->d_inode; 7961da177e4SLinus Torvalds if (!inode) 7971da177e4SLinus Torvalds break; 7981da177e4SLinus Torvalds err = -ENOTDIR; 7991da177e4SLinus Torvalds if (!inode->i_op) 8001da177e4SLinus Torvalds break; 8011da177e4SLinus Torvalds } else { 8021da177e4SLinus Torvalds dput(nd->dentry); 8031da177e4SLinus Torvalds nd->mnt = next.mnt; 8041da177e4SLinus Torvalds nd->dentry = next.dentry; 8051da177e4SLinus Torvalds } 8061da177e4SLinus Torvalds err = -ENOTDIR; 8071da177e4SLinus Torvalds if (!inode->i_op->lookup) 8081da177e4SLinus Torvalds break; 8091da177e4SLinus Torvalds continue; 8101da177e4SLinus Torvalds /* here ends the main loop */ 8111da177e4SLinus Torvalds 8121da177e4SLinus Torvalds last_with_slashes: 8131da177e4SLinus Torvalds lookup_flags |= LOOKUP_FOLLOW | LOOKUP_DIRECTORY; 8141da177e4SLinus Torvalds last_component: 8151da177e4SLinus Torvalds nd->flags &= ~LOOKUP_CONTINUE; 8161da177e4SLinus Torvalds if (lookup_flags & LOOKUP_PARENT) 8171da177e4SLinus Torvalds goto lookup_parent; 8181da177e4SLinus Torvalds if (this.name[0] == '.') switch (this.len) { 8191da177e4SLinus Torvalds default: 8201da177e4SLinus Torvalds break; 8211da177e4SLinus Torvalds case 2: 8221da177e4SLinus Torvalds if (this.name[1] != '.') 8231da177e4SLinus Torvalds break; 8241da177e4SLinus Torvalds follow_dotdot(&nd->mnt, &nd->dentry); 8251da177e4SLinus Torvalds inode = nd->dentry->d_inode; 8261da177e4SLinus Torvalds /* fallthrough */ 8271da177e4SLinus Torvalds case 1: 8281da177e4SLinus Torvalds goto return_reval; 8291da177e4SLinus Torvalds } 8301da177e4SLinus Torvalds if (nd->dentry->d_op && nd->dentry->d_op->d_hash) { 8311da177e4SLinus Torvalds err = nd->dentry->d_op->d_hash(nd->dentry, &this); 8321da177e4SLinus Torvalds if (err < 0) 8331da177e4SLinus Torvalds break; 8341da177e4SLinus Torvalds } 8351da177e4SLinus Torvalds err = do_lookup(nd, &this, &next); 8361da177e4SLinus Torvalds if (err) 8371da177e4SLinus Torvalds break; 8381da177e4SLinus Torvalds follow_mount(&next.mnt, &next.dentry); 8391da177e4SLinus Torvalds inode = next.dentry->d_inode; 8401da177e4SLinus Torvalds if ((lookup_flags & LOOKUP_FOLLOW) 8411da177e4SLinus Torvalds && inode && inode->i_op && inode->i_op->follow_link) { 84290ebe565SAl Viro err = do_follow_link(&next, nd); 8431da177e4SLinus Torvalds if (err) 8441da177e4SLinus Torvalds goto return_err; 8451da177e4SLinus Torvalds inode = nd->dentry->d_inode; 8461da177e4SLinus Torvalds } else { 8471da177e4SLinus Torvalds dput(nd->dentry); 8481da177e4SLinus Torvalds nd->mnt = next.mnt; 8491da177e4SLinus Torvalds nd->dentry = next.dentry; 8501da177e4SLinus Torvalds } 8511da177e4SLinus Torvalds err = -ENOENT; 8521da177e4SLinus Torvalds if (!inode) 8531da177e4SLinus Torvalds break; 8541da177e4SLinus Torvalds if (lookup_flags & LOOKUP_DIRECTORY) { 8551da177e4SLinus Torvalds err = -ENOTDIR; 8561da177e4SLinus Torvalds if (!inode->i_op || !inode->i_op->lookup) 8571da177e4SLinus Torvalds break; 8581da177e4SLinus Torvalds } 8591da177e4SLinus Torvalds goto return_base; 8601da177e4SLinus Torvalds lookup_parent: 8611da177e4SLinus Torvalds nd->last = this; 8621da177e4SLinus Torvalds nd->last_type = LAST_NORM; 8631da177e4SLinus Torvalds if (this.name[0] != '.') 8641da177e4SLinus Torvalds goto return_base; 8651da177e4SLinus Torvalds if (this.len == 1) 8661da177e4SLinus Torvalds nd->last_type = LAST_DOT; 8671da177e4SLinus Torvalds else if (this.len == 2 && this.name[1] == '.') 8681da177e4SLinus Torvalds nd->last_type = LAST_DOTDOT; 8691da177e4SLinus Torvalds else 8701da177e4SLinus Torvalds goto return_base; 8711da177e4SLinus Torvalds return_reval: 8721da177e4SLinus Torvalds /* 8731da177e4SLinus Torvalds * We bypassed the ordinary revalidation routines. 8741da177e4SLinus Torvalds * We may need to check the cached dentry for staleness. 8751da177e4SLinus Torvalds */ 8761da177e4SLinus Torvalds if (nd->dentry && nd->dentry->d_sb && 8771da177e4SLinus Torvalds (nd->dentry->d_sb->s_type->fs_flags & FS_REVAL_DOT)) { 8781da177e4SLinus Torvalds err = -ESTALE; 8791da177e4SLinus Torvalds /* Note: we do not d_invalidate() */ 8801da177e4SLinus Torvalds if (!nd->dentry->d_op->d_revalidate(nd->dentry, nd)) 8811da177e4SLinus Torvalds break; 8821da177e4SLinus Torvalds } 8831da177e4SLinus Torvalds return_base: 8841da177e4SLinus Torvalds return 0; 8851da177e4SLinus Torvalds out_dput: 8861da177e4SLinus Torvalds dput(next.dentry); 8871da177e4SLinus Torvalds break; 8881da177e4SLinus Torvalds } 8891da177e4SLinus Torvalds path_release(nd); 8901da177e4SLinus Torvalds return_err: 8911da177e4SLinus Torvalds return err; 8921da177e4SLinus Torvalds } 8931da177e4SLinus Torvalds 8941da177e4SLinus Torvalds /* 8951da177e4SLinus Torvalds * Wrapper to retry pathname resolution whenever the underlying 8961da177e4SLinus Torvalds * file system returns an ESTALE. 8971da177e4SLinus Torvalds * 8981da177e4SLinus Torvalds * Retry the whole path once, forcing real lookup requests 8991da177e4SLinus Torvalds * instead of relying on the dcache. 9001da177e4SLinus Torvalds */ 9011da177e4SLinus Torvalds int fastcall link_path_walk(const char *name, struct nameidata *nd) 9021da177e4SLinus Torvalds { 9031da177e4SLinus Torvalds struct nameidata save = *nd; 9041da177e4SLinus Torvalds int result; 9051da177e4SLinus Torvalds 9061da177e4SLinus Torvalds /* make sure the stuff we saved doesn't go away */ 9071da177e4SLinus Torvalds dget(save.dentry); 9081da177e4SLinus Torvalds mntget(save.mnt); 9091da177e4SLinus Torvalds 9101da177e4SLinus Torvalds result = __link_path_walk(name, nd); 9111da177e4SLinus Torvalds if (result == -ESTALE) { 9121da177e4SLinus Torvalds *nd = save; 9131da177e4SLinus Torvalds dget(nd->dentry); 9141da177e4SLinus Torvalds mntget(nd->mnt); 9151da177e4SLinus Torvalds nd->flags |= LOOKUP_REVAL; 9161da177e4SLinus Torvalds result = __link_path_walk(name, nd); 9171da177e4SLinus Torvalds } 9181da177e4SLinus Torvalds 9191da177e4SLinus Torvalds dput(save.dentry); 9201da177e4SLinus Torvalds mntput(save.mnt); 9211da177e4SLinus Torvalds 9221da177e4SLinus Torvalds return result; 9231da177e4SLinus Torvalds } 9241da177e4SLinus Torvalds 9251da177e4SLinus Torvalds int fastcall path_walk(const char * name, struct nameidata *nd) 9261da177e4SLinus Torvalds { 9271da177e4SLinus Torvalds current->total_link_count = 0; 9281da177e4SLinus Torvalds return link_path_walk(name, nd); 9291da177e4SLinus Torvalds } 9301da177e4SLinus Torvalds 931ea3834d9SPrasanna Meda /* 932ea3834d9SPrasanna Meda * SMP-safe: Returns 1 and nd will have valid dentry and mnt, if 933ea3834d9SPrasanna Meda * everything is done. Returns 0 and drops input nd, if lookup failed; 934ea3834d9SPrasanna Meda */ 9351da177e4SLinus Torvalds static int __emul_lookup_dentry(const char *name, struct nameidata *nd) 9361da177e4SLinus Torvalds { 9371da177e4SLinus Torvalds if (path_walk(name, nd)) 9381da177e4SLinus Torvalds return 0; /* something went wrong... */ 9391da177e4SLinus Torvalds 9401da177e4SLinus Torvalds if (!nd->dentry->d_inode || S_ISDIR(nd->dentry->d_inode->i_mode)) { 9411da177e4SLinus Torvalds struct dentry *old_dentry = nd->dentry; 9421da177e4SLinus Torvalds struct vfsmount *old_mnt = nd->mnt; 9431da177e4SLinus Torvalds struct qstr last = nd->last; 9441da177e4SLinus Torvalds int last_type = nd->last_type; 9451da177e4SLinus Torvalds /* 9461da177e4SLinus Torvalds * NAME was not found in alternate root or it's a directory. Try to find 9471da177e4SLinus Torvalds * it in the normal root: 9481da177e4SLinus Torvalds */ 9491da177e4SLinus Torvalds nd->last_type = LAST_ROOT; 9501da177e4SLinus Torvalds read_lock(¤t->fs->lock); 9511da177e4SLinus Torvalds nd->mnt = mntget(current->fs->rootmnt); 9521da177e4SLinus Torvalds nd->dentry = dget(current->fs->root); 9531da177e4SLinus Torvalds read_unlock(¤t->fs->lock); 9541da177e4SLinus Torvalds if (path_walk(name, nd) == 0) { 9551da177e4SLinus Torvalds if (nd->dentry->d_inode) { 9561da177e4SLinus Torvalds dput(old_dentry); 9571da177e4SLinus Torvalds mntput(old_mnt); 9581da177e4SLinus Torvalds return 1; 9591da177e4SLinus Torvalds } 9601da177e4SLinus Torvalds path_release(nd); 9611da177e4SLinus Torvalds } 9621da177e4SLinus Torvalds nd->dentry = old_dentry; 9631da177e4SLinus Torvalds nd->mnt = old_mnt; 9641da177e4SLinus Torvalds nd->last = last; 9651da177e4SLinus Torvalds nd->last_type = last_type; 9661da177e4SLinus Torvalds } 9671da177e4SLinus Torvalds return 1; 9681da177e4SLinus Torvalds } 9691da177e4SLinus Torvalds 9701da177e4SLinus Torvalds void set_fs_altroot(void) 9711da177e4SLinus Torvalds { 9721da177e4SLinus Torvalds char *emul = __emul_prefix(); 9731da177e4SLinus Torvalds struct nameidata nd; 9741da177e4SLinus Torvalds struct vfsmount *mnt = NULL, *oldmnt; 9751da177e4SLinus Torvalds struct dentry *dentry = NULL, *olddentry; 9761da177e4SLinus Torvalds int err; 9771da177e4SLinus Torvalds 9781da177e4SLinus Torvalds if (!emul) 9791da177e4SLinus Torvalds goto set_it; 9801da177e4SLinus Torvalds err = path_lookup(emul, LOOKUP_FOLLOW|LOOKUP_DIRECTORY|LOOKUP_NOALT, &nd); 9811da177e4SLinus Torvalds if (!err) { 9821da177e4SLinus Torvalds mnt = nd.mnt; 9831da177e4SLinus Torvalds dentry = nd.dentry; 9841da177e4SLinus Torvalds } 9851da177e4SLinus Torvalds set_it: 9861da177e4SLinus Torvalds write_lock(¤t->fs->lock); 9871da177e4SLinus Torvalds oldmnt = current->fs->altrootmnt; 9881da177e4SLinus Torvalds olddentry = current->fs->altroot; 9891da177e4SLinus Torvalds current->fs->altrootmnt = mnt; 9901da177e4SLinus Torvalds current->fs->altroot = dentry; 9911da177e4SLinus Torvalds write_unlock(¤t->fs->lock); 9921da177e4SLinus Torvalds if (olddentry) { 9931da177e4SLinus Torvalds dput(olddentry); 9941da177e4SLinus Torvalds mntput(oldmnt); 9951da177e4SLinus Torvalds } 9961da177e4SLinus Torvalds } 9971da177e4SLinus Torvalds 998ea3834d9SPrasanna Meda /* Returns 0 and nd will be valid on success; Retuns error, otherwise. */ 9991da177e4SLinus Torvalds int fastcall path_lookup(const char *name, unsigned int flags, struct nameidata *nd) 10001da177e4SLinus Torvalds { 1001ea3834d9SPrasanna Meda int retval = 0; 10021da177e4SLinus Torvalds 10031da177e4SLinus Torvalds nd->last_type = LAST_ROOT; /* if there are only slashes... */ 10041da177e4SLinus Torvalds nd->flags = flags; 10051da177e4SLinus Torvalds nd->depth = 0; 10061da177e4SLinus Torvalds 10071da177e4SLinus Torvalds read_lock(¤t->fs->lock); 10081da177e4SLinus Torvalds if (*name=='/') { 10091da177e4SLinus Torvalds if (current->fs->altroot && !(nd->flags & LOOKUP_NOALT)) { 10101da177e4SLinus Torvalds nd->mnt = mntget(current->fs->altrootmnt); 10111da177e4SLinus Torvalds nd->dentry = dget(current->fs->altroot); 10121da177e4SLinus Torvalds read_unlock(¤t->fs->lock); 10131da177e4SLinus Torvalds if (__emul_lookup_dentry(name,nd)) 1014ea3834d9SPrasanna Meda goto out; /* found in altroot */ 10151da177e4SLinus Torvalds read_lock(¤t->fs->lock); 10161da177e4SLinus Torvalds } 10171da177e4SLinus Torvalds nd->mnt = mntget(current->fs->rootmnt); 10181da177e4SLinus Torvalds nd->dentry = dget(current->fs->root); 10191da177e4SLinus Torvalds } else { 10201da177e4SLinus Torvalds nd->mnt = mntget(current->fs->pwdmnt); 10211da177e4SLinus Torvalds nd->dentry = dget(current->fs->pwd); 10221da177e4SLinus Torvalds } 10231da177e4SLinus Torvalds read_unlock(¤t->fs->lock); 10241da177e4SLinus Torvalds current->total_link_count = 0; 10251da177e4SLinus Torvalds retval = link_path_walk(name, nd); 1026ea3834d9SPrasanna Meda out: 10271da177e4SLinus Torvalds if (unlikely(current->audit_context 10281da177e4SLinus Torvalds && nd && nd->dentry && nd->dentry->d_inode)) 10291da177e4SLinus Torvalds audit_inode(name, nd->dentry->d_inode); 10301da177e4SLinus Torvalds return retval; 10311da177e4SLinus Torvalds } 10321da177e4SLinus Torvalds 10331da177e4SLinus Torvalds /* 10341da177e4SLinus Torvalds * Restricted form of lookup. Doesn't follow links, single-component only, 10351da177e4SLinus Torvalds * needs parent already locked. Doesn't follow mounts. 10361da177e4SLinus Torvalds * SMP-safe. 10371da177e4SLinus Torvalds */ 10381da177e4SLinus Torvalds static struct dentry * __lookup_hash(struct qstr *name, struct dentry * base, struct nameidata *nd) 10391da177e4SLinus Torvalds { 10401da177e4SLinus Torvalds struct dentry * dentry; 10411da177e4SLinus Torvalds struct inode *inode; 10421da177e4SLinus Torvalds int err; 10431da177e4SLinus Torvalds 10441da177e4SLinus Torvalds inode = base->d_inode; 10451da177e4SLinus Torvalds err = permission(inode, MAY_EXEC, nd); 10461da177e4SLinus Torvalds dentry = ERR_PTR(err); 10471da177e4SLinus Torvalds if (err) 10481da177e4SLinus Torvalds goto out; 10491da177e4SLinus Torvalds 10501da177e4SLinus Torvalds /* 10511da177e4SLinus Torvalds * See if the low-level filesystem might want 10521da177e4SLinus Torvalds * to use its own hash.. 10531da177e4SLinus Torvalds */ 10541da177e4SLinus Torvalds if (base->d_op && base->d_op->d_hash) { 10551da177e4SLinus Torvalds err = base->d_op->d_hash(base, name); 10561da177e4SLinus Torvalds dentry = ERR_PTR(err); 10571da177e4SLinus Torvalds if (err < 0) 10581da177e4SLinus Torvalds goto out; 10591da177e4SLinus Torvalds } 10601da177e4SLinus Torvalds 10611da177e4SLinus Torvalds dentry = cached_lookup(base, name, nd); 10621da177e4SLinus Torvalds if (!dentry) { 10631da177e4SLinus Torvalds struct dentry *new = d_alloc(base, name); 10641da177e4SLinus Torvalds dentry = ERR_PTR(-ENOMEM); 10651da177e4SLinus Torvalds if (!new) 10661da177e4SLinus Torvalds goto out; 10671da177e4SLinus Torvalds dentry = inode->i_op->lookup(inode, new, nd); 10681da177e4SLinus Torvalds if (!dentry) 10691da177e4SLinus Torvalds dentry = new; 10701da177e4SLinus Torvalds else 10711da177e4SLinus Torvalds dput(new); 10721da177e4SLinus Torvalds } 10731da177e4SLinus Torvalds out: 10741da177e4SLinus Torvalds return dentry; 10751da177e4SLinus Torvalds } 10761da177e4SLinus Torvalds 10771da177e4SLinus Torvalds struct dentry * lookup_hash(struct qstr *name, struct dentry * base) 10781da177e4SLinus Torvalds { 10791da177e4SLinus Torvalds return __lookup_hash(name, base, NULL); 10801da177e4SLinus Torvalds } 10811da177e4SLinus Torvalds 10821da177e4SLinus Torvalds /* SMP-safe */ 10831da177e4SLinus Torvalds struct dentry * lookup_one_len(const char * name, struct dentry * base, int len) 10841da177e4SLinus Torvalds { 10851da177e4SLinus Torvalds unsigned long hash; 10861da177e4SLinus Torvalds struct qstr this; 10871da177e4SLinus Torvalds unsigned int c; 10881da177e4SLinus Torvalds 10891da177e4SLinus Torvalds this.name = name; 10901da177e4SLinus Torvalds this.len = len; 10911da177e4SLinus Torvalds if (!len) 10921da177e4SLinus Torvalds goto access; 10931da177e4SLinus Torvalds 10941da177e4SLinus Torvalds hash = init_name_hash(); 10951da177e4SLinus Torvalds while (len--) { 10961da177e4SLinus Torvalds c = *(const unsigned char *)name++; 10971da177e4SLinus Torvalds if (c == '/' || c == '\0') 10981da177e4SLinus Torvalds goto access; 10991da177e4SLinus Torvalds hash = partial_name_hash(c, hash); 11001da177e4SLinus Torvalds } 11011da177e4SLinus Torvalds this.hash = end_name_hash(hash); 11021da177e4SLinus Torvalds 11031da177e4SLinus Torvalds return lookup_hash(&this, base); 11041da177e4SLinus Torvalds access: 11051da177e4SLinus Torvalds return ERR_PTR(-EACCES); 11061da177e4SLinus Torvalds } 11071da177e4SLinus Torvalds 11081da177e4SLinus Torvalds /* 11091da177e4SLinus Torvalds * namei() 11101da177e4SLinus Torvalds * 11111da177e4SLinus Torvalds * is used by most simple commands to get the inode of a specified name. 11121da177e4SLinus Torvalds * Open, link etc use their own routines, but this is enough for things 11131da177e4SLinus Torvalds * like 'chmod' etc. 11141da177e4SLinus Torvalds * 11151da177e4SLinus Torvalds * namei exists in two versions: namei/lnamei. The only difference is 11161da177e4SLinus Torvalds * that namei follows links, while lnamei does not. 11171da177e4SLinus Torvalds * SMP-safe 11181da177e4SLinus Torvalds */ 11191da177e4SLinus Torvalds int fastcall __user_walk(const char __user *name, unsigned flags, struct nameidata *nd) 11201da177e4SLinus Torvalds { 11211da177e4SLinus Torvalds char *tmp = getname(name); 11221da177e4SLinus Torvalds int err = PTR_ERR(tmp); 11231da177e4SLinus Torvalds 11241da177e4SLinus Torvalds if (!IS_ERR(tmp)) { 11251da177e4SLinus Torvalds err = path_lookup(tmp, flags, nd); 11261da177e4SLinus Torvalds putname(tmp); 11271da177e4SLinus Torvalds } 11281da177e4SLinus Torvalds return err; 11291da177e4SLinus Torvalds } 11301da177e4SLinus Torvalds 11311da177e4SLinus Torvalds /* 11321da177e4SLinus Torvalds * It's inline, so penalty for filesystems that don't use sticky bit is 11331da177e4SLinus Torvalds * minimal. 11341da177e4SLinus Torvalds */ 11351da177e4SLinus Torvalds static inline int check_sticky(struct inode *dir, struct inode *inode) 11361da177e4SLinus Torvalds { 11371da177e4SLinus Torvalds if (!(dir->i_mode & S_ISVTX)) 11381da177e4SLinus Torvalds return 0; 11391da177e4SLinus Torvalds if (inode->i_uid == current->fsuid) 11401da177e4SLinus Torvalds return 0; 11411da177e4SLinus Torvalds if (dir->i_uid == current->fsuid) 11421da177e4SLinus Torvalds return 0; 11431da177e4SLinus Torvalds return !capable(CAP_FOWNER); 11441da177e4SLinus Torvalds } 11451da177e4SLinus Torvalds 11461da177e4SLinus Torvalds /* 11471da177e4SLinus Torvalds * Check whether we can remove a link victim from directory dir, check 11481da177e4SLinus Torvalds * whether the type of victim is right. 11491da177e4SLinus Torvalds * 1. We can't do it if dir is read-only (done in permission()) 11501da177e4SLinus Torvalds * 2. We should have write and exec permissions on dir 11511da177e4SLinus Torvalds * 3. We can't remove anything from append-only dir 11521da177e4SLinus Torvalds * 4. We can't do anything with immutable dir (done in permission()) 11531da177e4SLinus Torvalds * 5. If the sticky bit on dir is set we should either 11541da177e4SLinus Torvalds * a. be owner of dir, or 11551da177e4SLinus Torvalds * b. be owner of victim, or 11561da177e4SLinus Torvalds * c. have CAP_FOWNER capability 11571da177e4SLinus Torvalds * 6. If the victim is append-only or immutable we can't do antyhing with 11581da177e4SLinus Torvalds * links pointing to it. 11591da177e4SLinus Torvalds * 7. If we were asked to remove a directory and victim isn't one - ENOTDIR. 11601da177e4SLinus Torvalds * 8. If we were asked to remove a non-directory and victim isn't one - EISDIR. 11611da177e4SLinus Torvalds * 9. We can't remove a root or mountpoint. 11621da177e4SLinus Torvalds * 10. We don't allow removal of NFS sillyrenamed files; it's handled by 11631da177e4SLinus Torvalds * nfs_async_unlink(). 11641da177e4SLinus Torvalds */ 11651da177e4SLinus Torvalds static inline int may_delete(struct inode *dir,struct dentry *victim,int isdir) 11661da177e4SLinus Torvalds { 11671da177e4SLinus Torvalds int error; 11681da177e4SLinus Torvalds 11691da177e4SLinus Torvalds if (!victim->d_inode) 11701da177e4SLinus Torvalds return -ENOENT; 11711da177e4SLinus Torvalds 11721da177e4SLinus Torvalds BUG_ON(victim->d_parent->d_inode != dir); 11731da177e4SLinus Torvalds 11741da177e4SLinus Torvalds error = permission(dir,MAY_WRITE | MAY_EXEC, NULL); 11751da177e4SLinus Torvalds if (error) 11761da177e4SLinus Torvalds return error; 11771da177e4SLinus Torvalds if (IS_APPEND(dir)) 11781da177e4SLinus Torvalds return -EPERM; 11791da177e4SLinus Torvalds if (check_sticky(dir, victim->d_inode)||IS_APPEND(victim->d_inode)|| 11801da177e4SLinus Torvalds IS_IMMUTABLE(victim->d_inode)) 11811da177e4SLinus Torvalds return -EPERM; 11821da177e4SLinus Torvalds if (isdir) { 11831da177e4SLinus Torvalds if (!S_ISDIR(victim->d_inode->i_mode)) 11841da177e4SLinus Torvalds return -ENOTDIR; 11851da177e4SLinus Torvalds if (IS_ROOT(victim)) 11861da177e4SLinus Torvalds return -EBUSY; 11871da177e4SLinus Torvalds } else if (S_ISDIR(victim->d_inode->i_mode)) 11881da177e4SLinus Torvalds return -EISDIR; 11891da177e4SLinus Torvalds if (IS_DEADDIR(dir)) 11901da177e4SLinus Torvalds return -ENOENT; 11911da177e4SLinus Torvalds if (victim->d_flags & DCACHE_NFSFS_RENAMED) 11921da177e4SLinus Torvalds return -EBUSY; 11931da177e4SLinus Torvalds return 0; 11941da177e4SLinus Torvalds } 11951da177e4SLinus Torvalds 11961da177e4SLinus Torvalds /* Check whether we can create an object with dentry child in directory 11971da177e4SLinus Torvalds * dir. 11981da177e4SLinus Torvalds * 1. We can't do it if child already exists (open has special treatment for 11991da177e4SLinus Torvalds * this case, but since we are inlined it's OK) 12001da177e4SLinus Torvalds * 2. We can't do it if dir is read-only (done in permission()) 12011da177e4SLinus Torvalds * 3. We should have write and exec permissions on dir 12021da177e4SLinus Torvalds * 4. We can't do it if dir is immutable (done in permission()) 12031da177e4SLinus Torvalds */ 12041da177e4SLinus Torvalds static inline int may_create(struct inode *dir, struct dentry *child, 12051da177e4SLinus Torvalds struct nameidata *nd) 12061da177e4SLinus Torvalds { 12071da177e4SLinus Torvalds if (child->d_inode) 12081da177e4SLinus Torvalds return -EEXIST; 12091da177e4SLinus Torvalds if (IS_DEADDIR(dir)) 12101da177e4SLinus Torvalds return -ENOENT; 12111da177e4SLinus Torvalds return permission(dir,MAY_WRITE | MAY_EXEC, nd); 12121da177e4SLinus Torvalds } 12131da177e4SLinus Torvalds 12141da177e4SLinus Torvalds /* 12151da177e4SLinus Torvalds * Special case: O_CREAT|O_EXCL implies O_NOFOLLOW for security 12161da177e4SLinus Torvalds * reasons. 12171da177e4SLinus Torvalds * 12181da177e4SLinus Torvalds * O_DIRECTORY translates into forcing a directory lookup. 12191da177e4SLinus Torvalds */ 12201da177e4SLinus Torvalds static inline int lookup_flags(unsigned int f) 12211da177e4SLinus Torvalds { 12221da177e4SLinus Torvalds unsigned long retval = LOOKUP_FOLLOW; 12231da177e4SLinus Torvalds 12241da177e4SLinus Torvalds if (f & O_NOFOLLOW) 12251da177e4SLinus Torvalds retval &= ~LOOKUP_FOLLOW; 12261da177e4SLinus Torvalds 12271da177e4SLinus Torvalds if ((f & (O_CREAT|O_EXCL)) == (O_CREAT|O_EXCL)) 12281da177e4SLinus Torvalds retval &= ~LOOKUP_FOLLOW; 12291da177e4SLinus Torvalds 12301da177e4SLinus Torvalds if (f & O_DIRECTORY) 12311da177e4SLinus Torvalds retval |= LOOKUP_DIRECTORY; 12321da177e4SLinus Torvalds 12331da177e4SLinus Torvalds return retval; 12341da177e4SLinus Torvalds } 12351da177e4SLinus Torvalds 12361da177e4SLinus Torvalds /* 12371da177e4SLinus Torvalds * p1 and p2 should be directories on the same fs. 12381da177e4SLinus Torvalds */ 12391da177e4SLinus Torvalds struct dentry *lock_rename(struct dentry *p1, struct dentry *p2) 12401da177e4SLinus Torvalds { 12411da177e4SLinus Torvalds struct dentry *p; 12421da177e4SLinus Torvalds 12431da177e4SLinus Torvalds if (p1 == p2) { 12441da177e4SLinus Torvalds down(&p1->d_inode->i_sem); 12451da177e4SLinus Torvalds return NULL; 12461da177e4SLinus Torvalds } 12471da177e4SLinus Torvalds 12481da177e4SLinus Torvalds down(&p1->d_inode->i_sb->s_vfs_rename_sem); 12491da177e4SLinus Torvalds 12501da177e4SLinus Torvalds for (p = p1; p->d_parent != p; p = p->d_parent) { 12511da177e4SLinus Torvalds if (p->d_parent == p2) { 12521da177e4SLinus Torvalds down(&p2->d_inode->i_sem); 12531da177e4SLinus Torvalds down(&p1->d_inode->i_sem); 12541da177e4SLinus Torvalds return p; 12551da177e4SLinus Torvalds } 12561da177e4SLinus Torvalds } 12571da177e4SLinus Torvalds 12581da177e4SLinus Torvalds for (p = p2; p->d_parent != p; p = p->d_parent) { 12591da177e4SLinus Torvalds if (p->d_parent == p1) { 12601da177e4SLinus Torvalds down(&p1->d_inode->i_sem); 12611da177e4SLinus Torvalds down(&p2->d_inode->i_sem); 12621da177e4SLinus Torvalds return p; 12631da177e4SLinus Torvalds } 12641da177e4SLinus Torvalds } 12651da177e4SLinus Torvalds 12661da177e4SLinus Torvalds down(&p1->d_inode->i_sem); 12671da177e4SLinus Torvalds down(&p2->d_inode->i_sem); 12681da177e4SLinus Torvalds return NULL; 12691da177e4SLinus Torvalds } 12701da177e4SLinus Torvalds 12711da177e4SLinus Torvalds void unlock_rename(struct dentry *p1, struct dentry *p2) 12721da177e4SLinus Torvalds { 12731da177e4SLinus Torvalds up(&p1->d_inode->i_sem); 12741da177e4SLinus Torvalds if (p1 != p2) { 12751da177e4SLinus Torvalds up(&p2->d_inode->i_sem); 12761da177e4SLinus Torvalds up(&p1->d_inode->i_sb->s_vfs_rename_sem); 12771da177e4SLinus Torvalds } 12781da177e4SLinus Torvalds } 12791da177e4SLinus Torvalds 12801da177e4SLinus Torvalds int vfs_create(struct inode *dir, struct dentry *dentry, int mode, 12811da177e4SLinus Torvalds struct nameidata *nd) 12821da177e4SLinus Torvalds { 12831da177e4SLinus Torvalds int error = may_create(dir, dentry, nd); 12841da177e4SLinus Torvalds 12851da177e4SLinus Torvalds if (error) 12861da177e4SLinus Torvalds return error; 12871da177e4SLinus Torvalds 12881da177e4SLinus Torvalds if (!dir->i_op || !dir->i_op->create) 12891da177e4SLinus Torvalds return -EACCES; /* shouldn't it be ENOSYS? */ 12901da177e4SLinus Torvalds mode &= S_IALLUGO; 12911da177e4SLinus Torvalds mode |= S_IFREG; 12921da177e4SLinus Torvalds error = security_inode_create(dir, dentry, mode); 12931da177e4SLinus Torvalds if (error) 12941da177e4SLinus Torvalds return error; 12951da177e4SLinus Torvalds DQUOT_INIT(dir); 12961da177e4SLinus Torvalds error = dir->i_op->create(dir, dentry, mode, nd); 12971da177e4SLinus Torvalds if (!error) { 12981da177e4SLinus Torvalds inode_dir_notify(dir, DN_CREATE); 12991da177e4SLinus Torvalds security_inode_post_create(dir, dentry, mode); 13001da177e4SLinus Torvalds } 13011da177e4SLinus Torvalds return error; 13021da177e4SLinus Torvalds } 13031da177e4SLinus Torvalds 13041da177e4SLinus Torvalds int may_open(struct nameidata *nd, int acc_mode, int flag) 13051da177e4SLinus Torvalds { 13061da177e4SLinus Torvalds struct dentry *dentry = nd->dentry; 13071da177e4SLinus Torvalds struct inode *inode = dentry->d_inode; 13081da177e4SLinus Torvalds int error; 13091da177e4SLinus Torvalds 13101da177e4SLinus Torvalds if (!inode) 13111da177e4SLinus Torvalds return -ENOENT; 13121da177e4SLinus Torvalds 13131da177e4SLinus Torvalds if (S_ISLNK(inode->i_mode)) 13141da177e4SLinus Torvalds return -ELOOP; 13151da177e4SLinus Torvalds 13161da177e4SLinus Torvalds if (S_ISDIR(inode->i_mode) && (flag & FMODE_WRITE)) 13171da177e4SLinus Torvalds return -EISDIR; 13181da177e4SLinus Torvalds 13191da177e4SLinus Torvalds error = permission(inode, acc_mode, nd); 13201da177e4SLinus Torvalds if (error) 13211da177e4SLinus Torvalds return error; 13221da177e4SLinus Torvalds 13231da177e4SLinus Torvalds /* 13241da177e4SLinus Torvalds * FIFO's, sockets and device files are special: they don't 13251da177e4SLinus Torvalds * actually live on the filesystem itself, and as such you 13261da177e4SLinus Torvalds * can write to them even if the filesystem is read-only. 13271da177e4SLinus Torvalds */ 13281da177e4SLinus Torvalds if (S_ISFIFO(inode->i_mode) || S_ISSOCK(inode->i_mode)) { 13291da177e4SLinus Torvalds flag &= ~O_TRUNC; 13301da177e4SLinus Torvalds } else if (S_ISBLK(inode->i_mode) || S_ISCHR(inode->i_mode)) { 13311da177e4SLinus Torvalds if (nd->mnt->mnt_flags & MNT_NODEV) 13321da177e4SLinus Torvalds return -EACCES; 13331da177e4SLinus Torvalds 13341da177e4SLinus Torvalds flag &= ~O_TRUNC; 13351da177e4SLinus Torvalds } else if (IS_RDONLY(inode) && (flag & FMODE_WRITE)) 13361da177e4SLinus Torvalds return -EROFS; 13371da177e4SLinus Torvalds /* 13381da177e4SLinus Torvalds * An append-only file must be opened in append mode for writing. 13391da177e4SLinus Torvalds */ 13401da177e4SLinus Torvalds if (IS_APPEND(inode)) { 13411da177e4SLinus Torvalds if ((flag & FMODE_WRITE) && !(flag & O_APPEND)) 13421da177e4SLinus Torvalds return -EPERM; 13431da177e4SLinus Torvalds if (flag & O_TRUNC) 13441da177e4SLinus Torvalds return -EPERM; 13451da177e4SLinus Torvalds } 13461da177e4SLinus Torvalds 13471da177e4SLinus Torvalds /* O_NOATIME can only be set by the owner or superuser */ 13481da177e4SLinus Torvalds if (flag & O_NOATIME) 13491da177e4SLinus Torvalds if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER)) 13501da177e4SLinus Torvalds return -EPERM; 13511da177e4SLinus Torvalds 13521da177e4SLinus Torvalds /* 13531da177e4SLinus Torvalds * Ensure there are no outstanding leases on the file. 13541da177e4SLinus Torvalds */ 13551da177e4SLinus Torvalds error = break_lease(inode, flag); 13561da177e4SLinus Torvalds if (error) 13571da177e4SLinus Torvalds return error; 13581da177e4SLinus Torvalds 13591da177e4SLinus Torvalds if (flag & O_TRUNC) { 13601da177e4SLinus Torvalds error = get_write_access(inode); 13611da177e4SLinus Torvalds if (error) 13621da177e4SLinus Torvalds return error; 13631da177e4SLinus Torvalds 13641da177e4SLinus Torvalds /* 13651da177e4SLinus Torvalds * Refuse to truncate files with mandatory locks held on them. 13661da177e4SLinus Torvalds */ 13671da177e4SLinus Torvalds error = locks_verify_locked(inode); 13681da177e4SLinus Torvalds if (!error) { 13691da177e4SLinus Torvalds DQUOT_INIT(inode); 13701da177e4SLinus Torvalds 13711da177e4SLinus Torvalds error = do_truncate(dentry, 0); 13721da177e4SLinus Torvalds } 13731da177e4SLinus Torvalds put_write_access(inode); 13741da177e4SLinus Torvalds if (error) 13751da177e4SLinus Torvalds return error; 13761da177e4SLinus Torvalds } else 13771da177e4SLinus Torvalds if (flag & FMODE_WRITE) 13781da177e4SLinus Torvalds DQUOT_INIT(inode); 13791da177e4SLinus Torvalds 13801da177e4SLinus Torvalds return 0; 13811da177e4SLinus Torvalds } 13821da177e4SLinus Torvalds 13831da177e4SLinus Torvalds /* 13841da177e4SLinus Torvalds * open_namei() 13851da177e4SLinus Torvalds * 13861da177e4SLinus Torvalds * namei for open - this is in fact almost the whole open-routine. 13871da177e4SLinus Torvalds * 13881da177e4SLinus Torvalds * Note that the low bits of "flag" aren't the same as in the open 13891da177e4SLinus Torvalds * system call - they are 00 - no permissions needed 13901da177e4SLinus Torvalds * 01 - read permission needed 13911da177e4SLinus Torvalds * 10 - write permission needed 13921da177e4SLinus Torvalds * 11 - read/write permissions needed 13931da177e4SLinus Torvalds * which is a lot more logical, and also allows the "no perm" needed 13941da177e4SLinus Torvalds * for symlinks (where the permissions are checked later). 13951da177e4SLinus Torvalds * SMP-safe 13961da177e4SLinus Torvalds */ 13971da177e4SLinus Torvalds int open_namei(const char * pathname, int flag, int mode, struct nameidata *nd) 13981da177e4SLinus Torvalds { 13991da177e4SLinus Torvalds int acc_mode, error = 0; 14004e7506e4SAl Viro struct path path; 14011da177e4SLinus Torvalds struct dentry *dir; 14021da177e4SLinus Torvalds int count = 0; 14031da177e4SLinus Torvalds 14041da177e4SLinus Torvalds acc_mode = ACC_MODE(flag); 14051da177e4SLinus Torvalds 14061da177e4SLinus Torvalds /* Allow the LSM permission hook to distinguish append 14071da177e4SLinus Torvalds access from general write access. */ 14081da177e4SLinus Torvalds if (flag & O_APPEND) 14091da177e4SLinus Torvalds acc_mode |= MAY_APPEND; 14101da177e4SLinus Torvalds 14111da177e4SLinus Torvalds /* Fill in the open() intent data */ 14121da177e4SLinus Torvalds nd->intent.open.flags = flag; 14131da177e4SLinus Torvalds nd->intent.open.create_mode = mode; 14141da177e4SLinus Torvalds 14151da177e4SLinus Torvalds /* 14161da177e4SLinus Torvalds * The simplest case - just a plain lookup. 14171da177e4SLinus Torvalds */ 14181da177e4SLinus Torvalds if (!(flag & O_CREAT)) { 14191da177e4SLinus Torvalds error = path_lookup(pathname, lookup_flags(flag)|LOOKUP_OPEN, nd); 14201da177e4SLinus Torvalds if (error) 14211da177e4SLinus Torvalds return error; 14221da177e4SLinus Torvalds goto ok; 14231da177e4SLinus Torvalds } 14241da177e4SLinus Torvalds 14251da177e4SLinus Torvalds /* 14261da177e4SLinus Torvalds * Create - we need to know the parent. 14271da177e4SLinus Torvalds */ 14281da177e4SLinus Torvalds error = path_lookup(pathname, LOOKUP_PARENT|LOOKUP_OPEN|LOOKUP_CREATE, nd); 14291da177e4SLinus Torvalds if (error) 14301da177e4SLinus Torvalds return error; 14311da177e4SLinus Torvalds 14321da177e4SLinus Torvalds /* 14331da177e4SLinus Torvalds * We have the parent and last component. First of all, check 14341da177e4SLinus Torvalds * that we are not asked to creat(2) an obvious directory - that 14351da177e4SLinus Torvalds * will not do. 14361da177e4SLinus Torvalds */ 14371da177e4SLinus Torvalds error = -EISDIR; 14381da177e4SLinus Torvalds if (nd->last_type != LAST_NORM || nd->last.name[nd->last.len]) 14391da177e4SLinus Torvalds goto exit; 14401da177e4SLinus Torvalds 14411da177e4SLinus Torvalds dir = nd->dentry; 14421da177e4SLinus Torvalds nd->flags &= ~LOOKUP_PARENT; 14431da177e4SLinus Torvalds down(&dir->d_inode->i_sem); 14444e7506e4SAl Viro path.dentry = __lookup_hash(&nd->last, nd->dentry, nd); 1445d73ffe16SAl Viro path.mnt = nd->mnt; 14461da177e4SLinus Torvalds 14471da177e4SLinus Torvalds do_last: 14484e7506e4SAl Viro error = PTR_ERR(path.dentry); 14494e7506e4SAl Viro if (IS_ERR(path.dentry)) { 14501da177e4SLinus Torvalds up(&dir->d_inode->i_sem); 14511da177e4SLinus Torvalds goto exit; 14521da177e4SLinus Torvalds } 14531da177e4SLinus Torvalds 14541da177e4SLinus Torvalds /* Negative dentry, just create the file */ 14554e7506e4SAl Viro if (!path.dentry->d_inode) { 14561da177e4SLinus Torvalds if (!IS_POSIXACL(dir->d_inode)) 14571da177e4SLinus Torvalds mode &= ~current->fs->umask; 14584e7506e4SAl Viro error = vfs_create(dir->d_inode, path.dentry, mode, nd); 14591da177e4SLinus Torvalds up(&dir->d_inode->i_sem); 14601da177e4SLinus Torvalds dput(nd->dentry); 14614e7506e4SAl Viro nd->dentry = path.dentry; 14621da177e4SLinus Torvalds if (error) 14631da177e4SLinus Torvalds goto exit; 14641da177e4SLinus Torvalds /* Don't check for write permission, don't truncate */ 14651da177e4SLinus Torvalds acc_mode = 0; 14661da177e4SLinus Torvalds flag &= ~O_TRUNC; 14671da177e4SLinus Torvalds goto ok; 14681da177e4SLinus Torvalds } 14691da177e4SLinus Torvalds 14701da177e4SLinus Torvalds /* 14711da177e4SLinus Torvalds * It already exists. 14721da177e4SLinus Torvalds */ 14731da177e4SLinus Torvalds up(&dir->d_inode->i_sem); 14741da177e4SLinus Torvalds 14751da177e4SLinus Torvalds error = -EEXIST; 14761da177e4SLinus Torvalds if (flag & O_EXCL) 14771da177e4SLinus Torvalds goto exit_dput; 14781da177e4SLinus Torvalds 14794e7506e4SAl Viro if (d_mountpoint(path.dentry)) { 14801da177e4SLinus Torvalds error = -ELOOP; 14811da177e4SLinus Torvalds if (flag & O_NOFOLLOW) 14821da177e4SLinus Torvalds goto exit_dput; 1483d73ffe16SAl Viro while (__follow_down(&path.mnt,&path.dentry) && d_mountpoint(path.dentry)); 1484d73ffe16SAl Viro nd->mnt = path.mnt; 14851da177e4SLinus Torvalds } 14861da177e4SLinus Torvalds error = -ENOENT; 14874e7506e4SAl Viro if (!path.dentry->d_inode) 14881da177e4SLinus Torvalds goto exit_dput; 14894e7506e4SAl Viro if (path.dentry->d_inode->i_op && path.dentry->d_inode->i_op->follow_link) 14901da177e4SLinus Torvalds goto do_link; 14911da177e4SLinus Torvalds 14921da177e4SLinus Torvalds dput(nd->dentry); 14934e7506e4SAl Viro nd->dentry = path.dentry; 14941da177e4SLinus Torvalds error = -EISDIR; 14954e7506e4SAl Viro if (path.dentry->d_inode && S_ISDIR(path.dentry->d_inode->i_mode)) 14961da177e4SLinus Torvalds goto exit; 14971da177e4SLinus Torvalds ok: 14981da177e4SLinus Torvalds error = may_open(nd, acc_mode, flag); 14991da177e4SLinus Torvalds if (error) 15001da177e4SLinus Torvalds goto exit; 15011da177e4SLinus Torvalds return 0; 15021da177e4SLinus Torvalds 15031da177e4SLinus Torvalds exit_dput: 15044e7506e4SAl Viro dput(path.dentry); 15051da177e4SLinus Torvalds exit: 15061da177e4SLinus Torvalds path_release(nd); 15071da177e4SLinus Torvalds return error; 15081da177e4SLinus Torvalds 15091da177e4SLinus Torvalds do_link: 15101da177e4SLinus Torvalds error = -ELOOP; 15111da177e4SLinus Torvalds if (flag & O_NOFOLLOW) 15121da177e4SLinus Torvalds goto exit_dput; 15131da177e4SLinus Torvalds /* 15141da177e4SLinus Torvalds * This is subtle. Instead of calling do_follow_link() we do the 15151da177e4SLinus Torvalds * thing by hands. The reason is that this way we have zero link_count 15161da177e4SLinus Torvalds * and path_walk() (called from ->follow_link) honoring LOOKUP_PARENT. 15171da177e4SLinus Torvalds * After that we have the parent and last component, i.e. 15181da177e4SLinus Torvalds * we are in the same situation as after the first path_walk(). 15191da177e4SLinus Torvalds * Well, almost - if the last component is normal we get its copy 15201da177e4SLinus Torvalds * stored in nd->last.name and we will have to putname() it when we 15211da177e4SLinus Torvalds * are done. Procfs-like symlinks just set LAST_BIND. 15221da177e4SLinus Torvalds */ 15231da177e4SLinus Torvalds nd->flags |= LOOKUP_PARENT; 15244e7506e4SAl Viro error = security_inode_follow_link(path.dentry, nd); 15251da177e4SLinus Torvalds if (error) 15261da177e4SLinus Torvalds goto exit_dput; 15274e7506e4SAl Viro error = __do_follow_link(path.dentry, nd); 15284e7506e4SAl Viro dput(path.dentry); 1529d73ffe16SAl Viro path.mnt = nd->mnt; 15301da177e4SLinus Torvalds if (error) 15311da177e4SLinus Torvalds return error; 15321da177e4SLinus Torvalds nd->flags &= ~LOOKUP_PARENT; 15331da177e4SLinus Torvalds if (nd->last_type == LAST_BIND) { 15344e7506e4SAl Viro path.dentry = nd->dentry; 15351da177e4SLinus Torvalds goto ok; 15361da177e4SLinus Torvalds } 15371da177e4SLinus Torvalds error = -EISDIR; 15381da177e4SLinus Torvalds if (nd->last_type != LAST_NORM) 15391da177e4SLinus Torvalds goto exit; 15401da177e4SLinus Torvalds if (nd->last.name[nd->last.len]) { 15411da177e4SLinus Torvalds putname(nd->last.name); 15421da177e4SLinus Torvalds goto exit; 15431da177e4SLinus Torvalds } 15441da177e4SLinus Torvalds error = -ELOOP; 15451da177e4SLinus Torvalds if (count++==32) { 15461da177e4SLinus Torvalds putname(nd->last.name); 15471da177e4SLinus Torvalds goto exit; 15481da177e4SLinus Torvalds } 15491da177e4SLinus Torvalds dir = nd->dentry; 15501da177e4SLinus Torvalds down(&dir->d_inode->i_sem); 15514e7506e4SAl Viro path.dentry = __lookup_hash(&nd->last, nd->dentry, nd); 15521da177e4SLinus Torvalds putname(nd->last.name); 15531da177e4SLinus Torvalds goto do_last; 15541da177e4SLinus Torvalds } 15551da177e4SLinus Torvalds 15561da177e4SLinus Torvalds /** 15571da177e4SLinus Torvalds * lookup_create - lookup a dentry, creating it if it doesn't exist 15581da177e4SLinus Torvalds * @nd: nameidata info 15591da177e4SLinus Torvalds * @is_dir: directory flag 15601da177e4SLinus Torvalds * 15611da177e4SLinus Torvalds * Simple function to lookup and return a dentry and create it 15621da177e4SLinus Torvalds * if it doesn't exist. Is SMP-safe. 15631da177e4SLinus Torvalds */ 15641da177e4SLinus Torvalds struct dentry *lookup_create(struct nameidata *nd, int is_dir) 15651da177e4SLinus Torvalds { 15661da177e4SLinus Torvalds struct dentry *dentry; 15671da177e4SLinus Torvalds 15681da177e4SLinus Torvalds down(&nd->dentry->d_inode->i_sem); 15691da177e4SLinus Torvalds dentry = ERR_PTR(-EEXIST); 15701da177e4SLinus Torvalds if (nd->last_type != LAST_NORM) 15711da177e4SLinus Torvalds goto fail; 15721da177e4SLinus Torvalds nd->flags &= ~LOOKUP_PARENT; 15731da177e4SLinus Torvalds dentry = lookup_hash(&nd->last, nd->dentry); 15741da177e4SLinus Torvalds if (IS_ERR(dentry)) 15751da177e4SLinus Torvalds goto fail; 15761da177e4SLinus Torvalds if (!is_dir && nd->last.name[nd->last.len] && !dentry->d_inode) 15771da177e4SLinus Torvalds goto enoent; 15781da177e4SLinus Torvalds return dentry; 15791da177e4SLinus Torvalds enoent: 15801da177e4SLinus Torvalds dput(dentry); 15811da177e4SLinus Torvalds dentry = ERR_PTR(-ENOENT); 15821da177e4SLinus Torvalds fail: 15831da177e4SLinus Torvalds return dentry; 15841da177e4SLinus Torvalds } 1585f81a0bffSChristoph Hellwig EXPORT_SYMBOL_GPL(lookup_create); 15861da177e4SLinus Torvalds 15871da177e4SLinus Torvalds int vfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev) 15881da177e4SLinus Torvalds { 15891da177e4SLinus Torvalds int error = may_create(dir, dentry, NULL); 15901da177e4SLinus Torvalds 15911da177e4SLinus Torvalds if (error) 15921da177e4SLinus Torvalds return error; 15931da177e4SLinus Torvalds 15941da177e4SLinus Torvalds if ((S_ISCHR(mode) || S_ISBLK(mode)) && !capable(CAP_MKNOD)) 15951da177e4SLinus Torvalds return -EPERM; 15961da177e4SLinus Torvalds 15971da177e4SLinus Torvalds if (!dir->i_op || !dir->i_op->mknod) 15981da177e4SLinus Torvalds return -EPERM; 15991da177e4SLinus Torvalds 16001da177e4SLinus Torvalds error = security_inode_mknod(dir, dentry, mode, dev); 16011da177e4SLinus Torvalds if (error) 16021da177e4SLinus Torvalds return error; 16031da177e4SLinus Torvalds 16041da177e4SLinus Torvalds DQUOT_INIT(dir); 16051da177e4SLinus Torvalds error = dir->i_op->mknod(dir, dentry, mode, dev); 16061da177e4SLinus Torvalds if (!error) { 16071da177e4SLinus Torvalds inode_dir_notify(dir, DN_CREATE); 16081da177e4SLinus Torvalds security_inode_post_mknod(dir, dentry, mode, dev); 16091da177e4SLinus Torvalds } 16101da177e4SLinus Torvalds return error; 16111da177e4SLinus Torvalds } 16121da177e4SLinus Torvalds 16131da177e4SLinus Torvalds asmlinkage long sys_mknod(const char __user * filename, int mode, unsigned dev) 16141da177e4SLinus Torvalds { 16151da177e4SLinus Torvalds int error = 0; 16161da177e4SLinus Torvalds char * tmp; 16171da177e4SLinus Torvalds struct dentry * dentry; 16181da177e4SLinus Torvalds struct nameidata nd; 16191da177e4SLinus Torvalds 16201da177e4SLinus Torvalds if (S_ISDIR(mode)) 16211da177e4SLinus Torvalds return -EPERM; 16221da177e4SLinus Torvalds tmp = getname(filename); 16231da177e4SLinus Torvalds if (IS_ERR(tmp)) 16241da177e4SLinus Torvalds return PTR_ERR(tmp); 16251da177e4SLinus Torvalds 16261da177e4SLinus Torvalds error = path_lookup(tmp, LOOKUP_PARENT, &nd); 16271da177e4SLinus Torvalds if (error) 16281da177e4SLinus Torvalds goto out; 16291da177e4SLinus Torvalds dentry = lookup_create(&nd, 0); 16301da177e4SLinus Torvalds error = PTR_ERR(dentry); 16311da177e4SLinus Torvalds 16321da177e4SLinus Torvalds if (!IS_POSIXACL(nd.dentry->d_inode)) 16331da177e4SLinus Torvalds mode &= ~current->fs->umask; 16341da177e4SLinus Torvalds if (!IS_ERR(dentry)) { 16351da177e4SLinus Torvalds switch (mode & S_IFMT) { 16361da177e4SLinus Torvalds case 0: case S_IFREG: 16371da177e4SLinus Torvalds error = vfs_create(nd.dentry->d_inode,dentry,mode,&nd); 16381da177e4SLinus Torvalds break; 16391da177e4SLinus Torvalds case S_IFCHR: case S_IFBLK: 16401da177e4SLinus Torvalds error = vfs_mknod(nd.dentry->d_inode,dentry,mode, 16411da177e4SLinus Torvalds new_decode_dev(dev)); 16421da177e4SLinus Torvalds break; 16431da177e4SLinus Torvalds case S_IFIFO: case S_IFSOCK: 16441da177e4SLinus Torvalds error = vfs_mknod(nd.dentry->d_inode,dentry,mode,0); 16451da177e4SLinus Torvalds break; 16461da177e4SLinus Torvalds case S_IFDIR: 16471da177e4SLinus Torvalds error = -EPERM; 16481da177e4SLinus Torvalds break; 16491da177e4SLinus Torvalds default: 16501da177e4SLinus Torvalds error = -EINVAL; 16511da177e4SLinus Torvalds } 16521da177e4SLinus Torvalds dput(dentry); 16531da177e4SLinus Torvalds } 16541da177e4SLinus Torvalds up(&nd.dentry->d_inode->i_sem); 16551da177e4SLinus Torvalds path_release(&nd); 16561da177e4SLinus Torvalds out: 16571da177e4SLinus Torvalds putname(tmp); 16581da177e4SLinus Torvalds 16591da177e4SLinus Torvalds return error; 16601da177e4SLinus Torvalds } 16611da177e4SLinus Torvalds 16621da177e4SLinus Torvalds int vfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) 16631da177e4SLinus Torvalds { 16641da177e4SLinus Torvalds int error = may_create(dir, dentry, NULL); 16651da177e4SLinus Torvalds 16661da177e4SLinus Torvalds if (error) 16671da177e4SLinus Torvalds return error; 16681da177e4SLinus Torvalds 16691da177e4SLinus Torvalds if (!dir->i_op || !dir->i_op->mkdir) 16701da177e4SLinus Torvalds return -EPERM; 16711da177e4SLinus Torvalds 16721da177e4SLinus Torvalds mode &= (S_IRWXUGO|S_ISVTX); 16731da177e4SLinus Torvalds error = security_inode_mkdir(dir, dentry, mode); 16741da177e4SLinus Torvalds if (error) 16751da177e4SLinus Torvalds return error; 16761da177e4SLinus Torvalds 16771da177e4SLinus Torvalds DQUOT_INIT(dir); 16781da177e4SLinus Torvalds error = dir->i_op->mkdir(dir, dentry, mode); 16791da177e4SLinus Torvalds if (!error) { 16801da177e4SLinus Torvalds inode_dir_notify(dir, DN_CREATE); 16811da177e4SLinus Torvalds security_inode_post_mkdir(dir,dentry, mode); 16821da177e4SLinus Torvalds } 16831da177e4SLinus Torvalds return error; 16841da177e4SLinus Torvalds } 16851da177e4SLinus Torvalds 16861da177e4SLinus Torvalds asmlinkage long sys_mkdir(const char __user * pathname, int mode) 16871da177e4SLinus Torvalds { 16881da177e4SLinus Torvalds int error = 0; 16891da177e4SLinus Torvalds char * tmp; 16901da177e4SLinus Torvalds 16911da177e4SLinus Torvalds tmp = getname(pathname); 16921da177e4SLinus Torvalds error = PTR_ERR(tmp); 16931da177e4SLinus Torvalds if (!IS_ERR(tmp)) { 16941da177e4SLinus Torvalds struct dentry *dentry; 16951da177e4SLinus Torvalds struct nameidata nd; 16961da177e4SLinus Torvalds 16971da177e4SLinus Torvalds error = path_lookup(tmp, LOOKUP_PARENT, &nd); 16981da177e4SLinus Torvalds if (error) 16991da177e4SLinus Torvalds goto out; 17001da177e4SLinus Torvalds dentry = lookup_create(&nd, 1); 17011da177e4SLinus Torvalds error = PTR_ERR(dentry); 17021da177e4SLinus Torvalds if (!IS_ERR(dentry)) { 17031da177e4SLinus Torvalds if (!IS_POSIXACL(nd.dentry->d_inode)) 17041da177e4SLinus Torvalds mode &= ~current->fs->umask; 17051da177e4SLinus Torvalds error = vfs_mkdir(nd.dentry->d_inode, dentry, mode); 17061da177e4SLinus Torvalds dput(dentry); 17071da177e4SLinus Torvalds } 17081da177e4SLinus Torvalds up(&nd.dentry->d_inode->i_sem); 17091da177e4SLinus Torvalds path_release(&nd); 17101da177e4SLinus Torvalds out: 17111da177e4SLinus Torvalds putname(tmp); 17121da177e4SLinus Torvalds } 17131da177e4SLinus Torvalds 17141da177e4SLinus Torvalds return error; 17151da177e4SLinus Torvalds } 17161da177e4SLinus Torvalds 17171da177e4SLinus Torvalds /* 17181da177e4SLinus Torvalds * We try to drop the dentry early: we should have 17191da177e4SLinus Torvalds * a usage count of 2 if we're the only user of this 17201da177e4SLinus Torvalds * dentry, and if that is true (possibly after pruning 17211da177e4SLinus Torvalds * the dcache), then we drop the dentry now. 17221da177e4SLinus Torvalds * 17231da177e4SLinus Torvalds * A low-level filesystem can, if it choses, legally 17241da177e4SLinus Torvalds * do a 17251da177e4SLinus Torvalds * 17261da177e4SLinus Torvalds * if (!d_unhashed(dentry)) 17271da177e4SLinus Torvalds * return -EBUSY; 17281da177e4SLinus Torvalds * 17291da177e4SLinus Torvalds * if it cannot handle the case of removing a directory 17301da177e4SLinus Torvalds * that is still in use by something else.. 17311da177e4SLinus Torvalds */ 17321da177e4SLinus Torvalds void dentry_unhash(struct dentry *dentry) 17331da177e4SLinus Torvalds { 17341da177e4SLinus Torvalds dget(dentry); 17351da177e4SLinus Torvalds if (atomic_read(&dentry->d_count)) 17361da177e4SLinus Torvalds shrink_dcache_parent(dentry); 17371da177e4SLinus Torvalds spin_lock(&dcache_lock); 17381da177e4SLinus Torvalds spin_lock(&dentry->d_lock); 17391da177e4SLinus Torvalds if (atomic_read(&dentry->d_count) == 2) 17401da177e4SLinus Torvalds __d_drop(dentry); 17411da177e4SLinus Torvalds spin_unlock(&dentry->d_lock); 17421da177e4SLinus Torvalds spin_unlock(&dcache_lock); 17431da177e4SLinus Torvalds } 17441da177e4SLinus Torvalds 17451da177e4SLinus Torvalds int vfs_rmdir(struct inode *dir, struct dentry *dentry) 17461da177e4SLinus Torvalds { 17471da177e4SLinus Torvalds int error = may_delete(dir, dentry, 1); 17481da177e4SLinus Torvalds 17491da177e4SLinus Torvalds if (error) 17501da177e4SLinus Torvalds return error; 17511da177e4SLinus Torvalds 17521da177e4SLinus Torvalds if (!dir->i_op || !dir->i_op->rmdir) 17531da177e4SLinus Torvalds return -EPERM; 17541da177e4SLinus Torvalds 17551da177e4SLinus Torvalds DQUOT_INIT(dir); 17561da177e4SLinus Torvalds 17571da177e4SLinus Torvalds down(&dentry->d_inode->i_sem); 17581da177e4SLinus Torvalds dentry_unhash(dentry); 17591da177e4SLinus Torvalds if (d_mountpoint(dentry)) 17601da177e4SLinus Torvalds error = -EBUSY; 17611da177e4SLinus Torvalds else { 17621da177e4SLinus Torvalds error = security_inode_rmdir(dir, dentry); 17631da177e4SLinus Torvalds if (!error) { 17641da177e4SLinus Torvalds error = dir->i_op->rmdir(dir, dentry); 17651da177e4SLinus Torvalds if (!error) 17661da177e4SLinus Torvalds dentry->d_inode->i_flags |= S_DEAD; 17671da177e4SLinus Torvalds } 17681da177e4SLinus Torvalds } 17691da177e4SLinus Torvalds up(&dentry->d_inode->i_sem); 17701da177e4SLinus Torvalds if (!error) { 17711da177e4SLinus Torvalds inode_dir_notify(dir, DN_DELETE); 17721da177e4SLinus Torvalds d_delete(dentry); 17731da177e4SLinus Torvalds } 17741da177e4SLinus Torvalds dput(dentry); 17751da177e4SLinus Torvalds 17761da177e4SLinus Torvalds return error; 17771da177e4SLinus Torvalds } 17781da177e4SLinus Torvalds 17791da177e4SLinus Torvalds asmlinkage long sys_rmdir(const char __user * pathname) 17801da177e4SLinus Torvalds { 17811da177e4SLinus Torvalds int error = 0; 17821da177e4SLinus Torvalds char * name; 17831da177e4SLinus Torvalds struct dentry *dentry; 17841da177e4SLinus Torvalds struct nameidata nd; 17851da177e4SLinus Torvalds 17861da177e4SLinus Torvalds name = getname(pathname); 17871da177e4SLinus Torvalds if(IS_ERR(name)) 17881da177e4SLinus Torvalds return PTR_ERR(name); 17891da177e4SLinus Torvalds 17901da177e4SLinus Torvalds error = path_lookup(name, LOOKUP_PARENT, &nd); 17911da177e4SLinus Torvalds if (error) 17921da177e4SLinus Torvalds goto exit; 17931da177e4SLinus Torvalds 17941da177e4SLinus Torvalds switch(nd.last_type) { 17951da177e4SLinus Torvalds case LAST_DOTDOT: 17961da177e4SLinus Torvalds error = -ENOTEMPTY; 17971da177e4SLinus Torvalds goto exit1; 17981da177e4SLinus Torvalds case LAST_DOT: 17991da177e4SLinus Torvalds error = -EINVAL; 18001da177e4SLinus Torvalds goto exit1; 18011da177e4SLinus Torvalds case LAST_ROOT: 18021da177e4SLinus Torvalds error = -EBUSY; 18031da177e4SLinus Torvalds goto exit1; 18041da177e4SLinus Torvalds } 18051da177e4SLinus Torvalds down(&nd.dentry->d_inode->i_sem); 18061da177e4SLinus Torvalds dentry = lookup_hash(&nd.last, nd.dentry); 18071da177e4SLinus Torvalds error = PTR_ERR(dentry); 18081da177e4SLinus Torvalds if (!IS_ERR(dentry)) { 18091da177e4SLinus Torvalds error = vfs_rmdir(nd.dentry->d_inode, dentry); 18101da177e4SLinus Torvalds dput(dentry); 18111da177e4SLinus Torvalds } 18121da177e4SLinus Torvalds up(&nd.dentry->d_inode->i_sem); 18131da177e4SLinus Torvalds exit1: 18141da177e4SLinus Torvalds path_release(&nd); 18151da177e4SLinus Torvalds exit: 18161da177e4SLinus Torvalds putname(name); 18171da177e4SLinus Torvalds return error; 18181da177e4SLinus Torvalds } 18191da177e4SLinus Torvalds 18201da177e4SLinus Torvalds int vfs_unlink(struct inode *dir, struct dentry *dentry) 18211da177e4SLinus Torvalds { 18221da177e4SLinus Torvalds int error = may_delete(dir, dentry, 0); 18231da177e4SLinus Torvalds 18241da177e4SLinus Torvalds if (error) 18251da177e4SLinus Torvalds return error; 18261da177e4SLinus Torvalds 18271da177e4SLinus Torvalds if (!dir->i_op || !dir->i_op->unlink) 18281da177e4SLinus Torvalds return -EPERM; 18291da177e4SLinus Torvalds 18301da177e4SLinus Torvalds DQUOT_INIT(dir); 18311da177e4SLinus Torvalds 18321da177e4SLinus Torvalds down(&dentry->d_inode->i_sem); 18331da177e4SLinus Torvalds if (d_mountpoint(dentry)) 18341da177e4SLinus Torvalds error = -EBUSY; 18351da177e4SLinus Torvalds else { 18361da177e4SLinus Torvalds error = security_inode_unlink(dir, dentry); 18371da177e4SLinus Torvalds if (!error) 18381da177e4SLinus Torvalds error = dir->i_op->unlink(dir, dentry); 18391da177e4SLinus Torvalds } 18401da177e4SLinus Torvalds up(&dentry->d_inode->i_sem); 18411da177e4SLinus Torvalds 18421da177e4SLinus Torvalds /* We don't d_delete() NFS sillyrenamed files--they still exist. */ 18431da177e4SLinus Torvalds if (!error && !(dentry->d_flags & DCACHE_NFSFS_RENAMED)) { 18441da177e4SLinus Torvalds d_delete(dentry); 18451da177e4SLinus Torvalds inode_dir_notify(dir, DN_DELETE); 18461da177e4SLinus Torvalds } 18471da177e4SLinus Torvalds return error; 18481da177e4SLinus Torvalds } 18491da177e4SLinus Torvalds 18501da177e4SLinus Torvalds /* 18511da177e4SLinus Torvalds * Make sure that the actual truncation of the file will occur outside its 18521da177e4SLinus Torvalds * directory's i_sem. Truncate can take a long time if there is a lot of 18531da177e4SLinus Torvalds * writeout happening, and we don't want to prevent access to the directory 18541da177e4SLinus Torvalds * while waiting on the I/O. 18551da177e4SLinus Torvalds */ 18561da177e4SLinus Torvalds asmlinkage long sys_unlink(const char __user * pathname) 18571da177e4SLinus Torvalds { 18581da177e4SLinus Torvalds int error = 0; 18591da177e4SLinus Torvalds char * name; 18601da177e4SLinus Torvalds struct dentry *dentry; 18611da177e4SLinus Torvalds struct nameidata nd; 18621da177e4SLinus Torvalds struct inode *inode = NULL; 18631da177e4SLinus Torvalds 18641da177e4SLinus Torvalds name = getname(pathname); 18651da177e4SLinus Torvalds if(IS_ERR(name)) 18661da177e4SLinus Torvalds return PTR_ERR(name); 18671da177e4SLinus Torvalds 18681da177e4SLinus Torvalds error = path_lookup(name, LOOKUP_PARENT, &nd); 18691da177e4SLinus Torvalds if (error) 18701da177e4SLinus Torvalds goto exit; 18711da177e4SLinus Torvalds error = -EISDIR; 18721da177e4SLinus Torvalds if (nd.last_type != LAST_NORM) 18731da177e4SLinus Torvalds goto exit1; 18741da177e4SLinus Torvalds down(&nd.dentry->d_inode->i_sem); 18751da177e4SLinus Torvalds dentry = lookup_hash(&nd.last, nd.dentry); 18761da177e4SLinus Torvalds error = PTR_ERR(dentry); 18771da177e4SLinus Torvalds if (!IS_ERR(dentry)) { 18781da177e4SLinus Torvalds /* Why not before? Because we want correct error value */ 18791da177e4SLinus Torvalds if (nd.last.name[nd.last.len]) 18801da177e4SLinus Torvalds goto slashes; 18811da177e4SLinus Torvalds inode = dentry->d_inode; 18821da177e4SLinus Torvalds if (inode) 18831da177e4SLinus Torvalds atomic_inc(&inode->i_count); 18841da177e4SLinus Torvalds error = vfs_unlink(nd.dentry->d_inode, dentry); 18851da177e4SLinus Torvalds exit2: 18861da177e4SLinus Torvalds dput(dentry); 18871da177e4SLinus Torvalds } 18881da177e4SLinus Torvalds up(&nd.dentry->d_inode->i_sem); 18891da177e4SLinus Torvalds if (inode) 18901da177e4SLinus Torvalds iput(inode); /* truncate the inode here */ 18911da177e4SLinus Torvalds exit1: 18921da177e4SLinus Torvalds path_release(&nd); 18931da177e4SLinus Torvalds exit: 18941da177e4SLinus Torvalds putname(name); 18951da177e4SLinus Torvalds return error; 18961da177e4SLinus Torvalds 18971da177e4SLinus Torvalds slashes: 18981da177e4SLinus Torvalds error = !dentry->d_inode ? -ENOENT : 18991da177e4SLinus Torvalds S_ISDIR(dentry->d_inode->i_mode) ? -EISDIR : -ENOTDIR; 19001da177e4SLinus Torvalds goto exit2; 19011da177e4SLinus Torvalds } 19021da177e4SLinus Torvalds 19031da177e4SLinus Torvalds int vfs_symlink(struct inode *dir, struct dentry *dentry, const char *oldname, int mode) 19041da177e4SLinus Torvalds { 19051da177e4SLinus Torvalds int error = may_create(dir, dentry, NULL); 19061da177e4SLinus Torvalds 19071da177e4SLinus Torvalds if (error) 19081da177e4SLinus Torvalds return error; 19091da177e4SLinus Torvalds 19101da177e4SLinus Torvalds if (!dir->i_op || !dir->i_op->symlink) 19111da177e4SLinus Torvalds return -EPERM; 19121da177e4SLinus Torvalds 19131da177e4SLinus Torvalds error = security_inode_symlink(dir, dentry, oldname); 19141da177e4SLinus Torvalds if (error) 19151da177e4SLinus Torvalds return error; 19161da177e4SLinus Torvalds 19171da177e4SLinus Torvalds DQUOT_INIT(dir); 19181da177e4SLinus Torvalds error = dir->i_op->symlink(dir, dentry, oldname); 19191da177e4SLinus Torvalds if (!error) { 19201da177e4SLinus Torvalds inode_dir_notify(dir, DN_CREATE); 19211da177e4SLinus Torvalds security_inode_post_symlink(dir, dentry, oldname); 19221da177e4SLinus Torvalds } 19231da177e4SLinus Torvalds return error; 19241da177e4SLinus Torvalds } 19251da177e4SLinus Torvalds 19261da177e4SLinus Torvalds asmlinkage long sys_symlink(const char __user * oldname, const char __user * newname) 19271da177e4SLinus Torvalds { 19281da177e4SLinus Torvalds int error = 0; 19291da177e4SLinus Torvalds char * from; 19301da177e4SLinus Torvalds char * to; 19311da177e4SLinus Torvalds 19321da177e4SLinus Torvalds from = getname(oldname); 19331da177e4SLinus Torvalds if(IS_ERR(from)) 19341da177e4SLinus Torvalds return PTR_ERR(from); 19351da177e4SLinus Torvalds to = getname(newname); 19361da177e4SLinus Torvalds error = PTR_ERR(to); 19371da177e4SLinus Torvalds if (!IS_ERR(to)) { 19381da177e4SLinus Torvalds struct dentry *dentry; 19391da177e4SLinus Torvalds struct nameidata nd; 19401da177e4SLinus Torvalds 19411da177e4SLinus Torvalds error = path_lookup(to, LOOKUP_PARENT, &nd); 19421da177e4SLinus Torvalds if (error) 19431da177e4SLinus Torvalds goto out; 19441da177e4SLinus Torvalds dentry = lookup_create(&nd, 0); 19451da177e4SLinus Torvalds error = PTR_ERR(dentry); 19461da177e4SLinus Torvalds if (!IS_ERR(dentry)) { 19471da177e4SLinus Torvalds error = vfs_symlink(nd.dentry->d_inode, dentry, from, S_IALLUGO); 19481da177e4SLinus Torvalds dput(dentry); 19491da177e4SLinus Torvalds } 19501da177e4SLinus Torvalds up(&nd.dentry->d_inode->i_sem); 19511da177e4SLinus Torvalds path_release(&nd); 19521da177e4SLinus Torvalds out: 19531da177e4SLinus Torvalds putname(to); 19541da177e4SLinus Torvalds } 19551da177e4SLinus Torvalds putname(from); 19561da177e4SLinus Torvalds return error; 19571da177e4SLinus Torvalds } 19581da177e4SLinus Torvalds 19591da177e4SLinus Torvalds int vfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_dentry) 19601da177e4SLinus Torvalds { 19611da177e4SLinus Torvalds struct inode *inode = old_dentry->d_inode; 19621da177e4SLinus Torvalds int error; 19631da177e4SLinus Torvalds 19641da177e4SLinus Torvalds if (!inode) 19651da177e4SLinus Torvalds return -ENOENT; 19661da177e4SLinus Torvalds 19671da177e4SLinus Torvalds error = may_create(dir, new_dentry, NULL); 19681da177e4SLinus Torvalds if (error) 19691da177e4SLinus Torvalds return error; 19701da177e4SLinus Torvalds 19711da177e4SLinus Torvalds if (dir->i_sb != inode->i_sb) 19721da177e4SLinus Torvalds return -EXDEV; 19731da177e4SLinus Torvalds 19741da177e4SLinus Torvalds /* 19751da177e4SLinus Torvalds * A link to an append-only or immutable file cannot be created. 19761da177e4SLinus Torvalds */ 19771da177e4SLinus Torvalds if (IS_APPEND(inode) || IS_IMMUTABLE(inode)) 19781da177e4SLinus Torvalds return -EPERM; 19791da177e4SLinus Torvalds if (!dir->i_op || !dir->i_op->link) 19801da177e4SLinus Torvalds return -EPERM; 19811da177e4SLinus Torvalds if (S_ISDIR(old_dentry->d_inode->i_mode)) 19821da177e4SLinus Torvalds return -EPERM; 19831da177e4SLinus Torvalds 19841da177e4SLinus Torvalds error = security_inode_link(old_dentry, dir, new_dentry); 19851da177e4SLinus Torvalds if (error) 19861da177e4SLinus Torvalds return error; 19871da177e4SLinus Torvalds 19881da177e4SLinus Torvalds down(&old_dentry->d_inode->i_sem); 19891da177e4SLinus Torvalds DQUOT_INIT(dir); 19901da177e4SLinus Torvalds error = dir->i_op->link(old_dentry, dir, new_dentry); 19911da177e4SLinus Torvalds up(&old_dentry->d_inode->i_sem); 19921da177e4SLinus Torvalds if (!error) { 19931da177e4SLinus Torvalds inode_dir_notify(dir, DN_CREATE); 19941da177e4SLinus Torvalds security_inode_post_link(old_dentry, dir, new_dentry); 19951da177e4SLinus Torvalds } 19961da177e4SLinus Torvalds return error; 19971da177e4SLinus Torvalds } 19981da177e4SLinus Torvalds 19991da177e4SLinus Torvalds /* 20001da177e4SLinus Torvalds * Hardlinks are often used in delicate situations. We avoid 20011da177e4SLinus Torvalds * security-related surprises by not following symlinks on the 20021da177e4SLinus Torvalds * newname. --KAB 20031da177e4SLinus Torvalds * 20041da177e4SLinus Torvalds * We don't follow them on the oldname either to be compatible 20051da177e4SLinus Torvalds * with linux 2.0, and to avoid hard-linking to directories 20061da177e4SLinus Torvalds * and other special files. --ADM 20071da177e4SLinus Torvalds */ 20081da177e4SLinus Torvalds asmlinkage long sys_link(const char __user * oldname, const char __user * newname) 20091da177e4SLinus Torvalds { 20101da177e4SLinus Torvalds struct dentry *new_dentry; 20111da177e4SLinus Torvalds struct nameidata nd, old_nd; 20121da177e4SLinus Torvalds int error; 20131da177e4SLinus Torvalds char * to; 20141da177e4SLinus Torvalds 20151da177e4SLinus Torvalds to = getname(newname); 20161da177e4SLinus Torvalds if (IS_ERR(to)) 20171da177e4SLinus Torvalds return PTR_ERR(to); 20181da177e4SLinus Torvalds 20191da177e4SLinus Torvalds error = __user_walk(oldname, 0, &old_nd); 20201da177e4SLinus Torvalds if (error) 20211da177e4SLinus Torvalds goto exit; 20221da177e4SLinus Torvalds error = path_lookup(to, LOOKUP_PARENT, &nd); 20231da177e4SLinus Torvalds if (error) 20241da177e4SLinus Torvalds goto out; 20251da177e4SLinus Torvalds error = -EXDEV; 20261da177e4SLinus Torvalds if (old_nd.mnt != nd.mnt) 20271da177e4SLinus Torvalds goto out_release; 20281da177e4SLinus Torvalds new_dentry = lookup_create(&nd, 0); 20291da177e4SLinus Torvalds error = PTR_ERR(new_dentry); 20301da177e4SLinus Torvalds if (!IS_ERR(new_dentry)) { 20311da177e4SLinus Torvalds error = vfs_link(old_nd.dentry, nd.dentry->d_inode, new_dentry); 20321da177e4SLinus Torvalds dput(new_dentry); 20331da177e4SLinus Torvalds } 20341da177e4SLinus Torvalds up(&nd.dentry->d_inode->i_sem); 20351da177e4SLinus Torvalds out_release: 20361da177e4SLinus Torvalds path_release(&nd); 20371da177e4SLinus Torvalds out: 20381da177e4SLinus Torvalds path_release(&old_nd); 20391da177e4SLinus Torvalds exit: 20401da177e4SLinus Torvalds putname(to); 20411da177e4SLinus Torvalds 20421da177e4SLinus Torvalds return error; 20431da177e4SLinus Torvalds } 20441da177e4SLinus Torvalds 20451da177e4SLinus Torvalds /* 20461da177e4SLinus Torvalds * The worst of all namespace operations - renaming directory. "Perverted" 20471da177e4SLinus Torvalds * doesn't even start to describe it. Somebody in UCB had a heck of a trip... 20481da177e4SLinus Torvalds * Problems: 20491da177e4SLinus Torvalds * a) we can get into loop creation. Check is done in is_subdir(). 20501da177e4SLinus Torvalds * b) race potential - two innocent renames can create a loop together. 20511da177e4SLinus Torvalds * That's where 4.4 screws up. Current fix: serialization on 20521da177e4SLinus Torvalds * sb->s_vfs_rename_sem. We might be more accurate, but that's another 20531da177e4SLinus Torvalds * story. 20541da177e4SLinus Torvalds * c) we have to lock _three_ objects - parents and victim (if it exists). 20551da177e4SLinus Torvalds * And that - after we got ->i_sem on parents (until then we don't know 20561da177e4SLinus Torvalds * whether the target exists). Solution: try to be smart with locking 20571da177e4SLinus Torvalds * order for inodes. We rely on the fact that tree topology may change 20581da177e4SLinus Torvalds * only under ->s_vfs_rename_sem _and_ that parent of the object we 20591da177e4SLinus Torvalds * move will be locked. Thus we can rank directories by the tree 20601da177e4SLinus Torvalds * (ancestors first) and rank all non-directories after them. 20611da177e4SLinus Torvalds * That works since everybody except rename does "lock parent, lookup, 20621da177e4SLinus Torvalds * lock child" and rename is under ->s_vfs_rename_sem. 20631da177e4SLinus Torvalds * HOWEVER, it relies on the assumption that any object with ->lookup() 20641da177e4SLinus Torvalds * has no more than 1 dentry. If "hybrid" objects will ever appear, 20651da177e4SLinus Torvalds * we'd better make sure that there's no link(2) for them. 20661da177e4SLinus Torvalds * d) some filesystems don't support opened-but-unlinked directories, 20671da177e4SLinus Torvalds * either because of layout or because they are not ready to deal with 20681da177e4SLinus Torvalds * all cases correctly. The latter will be fixed (taking this sort of 20691da177e4SLinus Torvalds * stuff into VFS), but the former is not going away. Solution: the same 20701da177e4SLinus Torvalds * trick as in rmdir(). 20711da177e4SLinus Torvalds * e) conversion from fhandle to dentry may come in the wrong moment - when 20721da177e4SLinus Torvalds * we are removing the target. Solution: we will have to grab ->i_sem 20731da177e4SLinus Torvalds * in the fhandle_to_dentry code. [FIXME - current nfsfh.c relies on 20741da177e4SLinus Torvalds * ->i_sem on parents, which works but leads to some truely excessive 20751da177e4SLinus Torvalds * locking]. 20761da177e4SLinus Torvalds */ 207775c96f85SAdrian Bunk static int vfs_rename_dir(struct inode *old_dir, struct dentry *old_dentry, 20781da177e4SLinus Torvalds struct inode *new_dir, struct dentry *new_dentry) 20791da177e4SLinus Torvalds { 20801da177e4SLinus Torvalds int error = 0; 20811da177e4SLinus Torvalds struct inode *target; 20821da177e4SLinus Torvalds 20831da177e4SLinus Torvalds /* 20841da177e4SLinus Torvalds * If we are going to change the parent - check write permissions, 20851da177e4SLinus Torvalds * we'll need to flip '..'. 20861da177e4SLinus Torvalds */ 20871da177e4SLinus Torvalds if (new_dir != old_dir) { 20881da177e4SLinus Torvalds error = permission(old_dentry->d_inode, MAY_WRITE, NULL); 20891da177e4SLinus Torvalds if (error) 20901da177e4SLinus Torvalds return error; 20911da177e4SLinus Torvalds } 20921da177e4SLinus Torvalds 20931da177e4SLinus Torvalds error = security_inode_rename(old_dir, old_dentry, new_dir, new_dentry); 20941da177e4SLinus Torvalds if (error) 20951da177e4SLinus Torvalds return error; 20961da177e4SLinus Torvalds 20971da177e4SLinus Torvalds target = new_dentry->d_inode; 20981da177e4SLinus Torvalds if (target) { 20991da177e4SLinus Torvalds down(&target->i_sem); 21001da177e4SLinus Torvalds dentry_unhash(new_dentry); 21011da177e4SLinus Torvalds } 21021da177e4SLinus Torvalds if (d_mountpoint(old_dentry)||d_mountpoint(new_dentry)) 21031da177e4SLinus Torvalds error = -EBUSY; 21041da177e4SLinus Torvalds else 21051da177e4SLinus Torvalds error = old_dir->i_op->rename(old_dir, old_dentry, new_dir, new_dentry); 21061da177e4SLinus Torvalds if (target) { 21071da177e4SLinus Torvalds if (!error) 21081da177e4SLinus Torvalds target->i_flags |= S_DEAD; 21091da177e4SLinus Torvalds up(&target->i_sem); 21101da177e4SLinus Torvalds if (d_unhashed(new_dentry)) 21111da177e4SLinus Torvalds d_rehash(new_dentry); 21121da177e4SLinus Torvalds dput(new_dentry); 21131da177e4SLinus Torvalds } 21141da177e4SLinus Torvalds if (!error) { 21151da177e4SLinus Torvalds d_move(old_dentry,new_dentry); 21161da177e4SLinus Torvalds security_inode_post_rename(old_dir, old_dentry, 21171da177e4SLinus Torvalds new_dir, new_dentry); 21181da177e4SLinus Torvalds } 21191da177e4SLinus Torvalds return error; 21201da177e4SLinus Torvalds } 21211da177e4SLinus Torvalds 212275c96f85SAdrian Bunk static int vfs_rename_other(struct inode *old_dir, struct dentry *old_dentry, 21231da177e4SLinus Torvalds struct inode *new_dir, struct dentry *new_dentry) 21241da177e4SLinus Torvalds { 21251da177e4SLinus Torvalds struct inode *target; 21261da177e4SLinus Torvalds int error; 21271da177e4SLinus Torvalds 21281da177e4SLinus Torvalds error = security_inode_rename(old_dir, old_dentry, new_dir, new_dentry); 21291da177e4SLinus Torvalds if (error) 21301da177e4SLinus Torvalds return error; 21311da177e4SLinus Torvalds 21321da177e4SLinus Torvalds dget(new_dentry); 21331da177e4SLinus Torvalds target = new_dentry->d_inode; 21341da177e4SLinus Torvalds if (target) 21351da177e4SLinus Torvalds down(&target->i_sem); 21361da177e4SLinus Torvalds if (d_mountpoint(old_dentry)||d_mountpoint(new_dentry)) 21371da177e4SLinus Torvalds error = -EBUSY; 21381da177e4SLinus Torvalds else 21391da177e4SLinus Torvalds error = old_dir->i_op->rename(old_dir, old_dentry, new_dir, new_dentry); 21401da177e4SLinus Torvalds if (!error) { 21411da177e4SLinus Torvalds /* The following d_move() should become unconditional */ 21421da177e4SLinus Torvalds if (!(old_dir->i_sb->s_type->fs_flags & FS_ODD_RENAME)) 21431da177e4SLinus Torvalds d_move(old_dentry, new_dentry); 21441da177e4SLinus Torvalds security_inode_post_rename(old_dir, old_dentry, new_dir, new_dentry); 21451da177e4SLinus Torvalds } 21461da177e4SLinus Torvalds if (target) 21471da177e4SLinus Torvalds up(&target->i_sem); 21481da177e4SLinus Torvalds dput(new_dentry); 21491da177e4SLinus Torvalds return error; 21501da177e4SLinus Torvalds } 21511da177e4SLinus Torvalds 21521da177e4SLinus Torvalds int vfs_rename(struct inode *old_dir, struct dentry *old_dentry, 21531da177e4SLinus Torvalds struct inode *new_dir, struct dentry *new_dentry) 21541da177e4SLinus Torvalds { 21551da177e4SLinus Torvalds int error; 21561da177e4SLinus Torvalds int is_dir = S_ISDIR(old_dentry->d_inode->i_mode); 21571da177e4SLinus Torvalds 21581da177e4SLinus Torvalds if (old_dentry->d_inode == new_dentry->d_inode) 21591da177e4SLinus Torvalds return 0; 21601da177e4SLinus Torvalds 21611da177e4SLinus Torvalds error = may_delete(old_dir, old_dentry, is_dir); 21621da177e4SLinus Torvalds if (error) 21631da177e4SLinus Torvalds return error; 21641da177e4SLinus Torvalds 21651da177e4SLinus Torvalds if (!new_dentry->d_inode) 21661da177e4SLinus Torvalds error = may_create(new_dir, new_dentry, NULL); 21671da177e4SLinus Torvalds else 21681da177e4SLinus Torvalds error = may_delete(new_dir, new_dentry, is_dir); 21691da177e4SLinus Torvalds if (error) 21701da177e4SLinus Torvalds return error; 21711da177e4SLinus Torvalds 21721da177e4SLinus Torvalds if (!old_dir->i_op || !old_dir->i_op->rename) 21731da177e4SLinus Torvalds return -EPERM; 21741da177e4SLinus Torvalds 21751da177e4SLinus Torvalds DQUOT_INIT(old_dir); 21761da177e4SLinus Torvalds DQUOT_INIT(new_dir); 21771da177e4SLinus Torvalds 21781da177e4SLinus Torvalds if (is_dir) 21791da177e4SLinus Torvalds error = vfs_rename_dir(old_dir,old_dentry,new_dir,new_dentry); 21801da177e4SLinus Torvalds else 21811da177e4SLinus Torvalds error = vfs_rename_other(old_dir,old_dentry,new_dir,new_dentry); 21821da177e4SLinus Torvalds if (!error) { 21831da177e4SLinus Torvalds if (old_dir == new_dir) 21841da177e4SLinus Torvalds inode_dir_notify(old_dir, DN_RENAME); 21851da177e4SLinus Torvalds else { 21861da177e4SLinus Torvalds inode_dir_notify(old_dir, DN_DELETE); 21871da177e4SLinus Torvalds inode_dir_notify(new_dir, DN_CREATE); 21881da177e4SLinus Torvalds } 21891da177e4SLinus Torvalds } 21901da177e4SLinus Torvalds return error; 21911da177e4SLinus Torvalds } 21921da177e4SLinus Torvalds 21931da177e4SLinus Torvalds static inline int do_rename(const char * oldname, const char * newname) 21941da177e4SLinus Torvalds { 21951da177e4SLinus Torvalds int error = 0; 21961da177e4SLinus Torvalds struct dentry * old_dir, * new_dir; 21971da177e4SLinus Torvalds struct dentry * old_dentry, *new_dentry; 21981da177e4SLinus Torvalds struct dentry * trap; 21991da177e4SLinus Torvalds struct nameidata oldnd, newnd; 22001da177e4SLinus Torvalds 22011da177e4SLinus Torvalds error = path_lookup(oldname, LOOKUP_PARENT, &oldnd); 22021da177e4SLinus Torvalds if (error) 22031da177e4SLinus Torvalds goto exit; 22041da177e4SLinus Torvalds 22051da177e4SLinus Torvalds error = path_lookup(newname, LOOKUP_PARENT, &newnd); 22061da177e4SLinus Torvalds if (error) 22071da177e4SLinus Torvalds goto exit1; 22081da177e4SLinus Torvalds 22091da177e4SLinus Torvalds error = -EXDEV; 22101da177e4SLinus Torvalds if (oldnd.mnt != newnd.mnt) 22111da177e4SLinus Torvalds goto exit2; 22121da177e4SLinus Torvalds 22131da177e4SLinus Torvalds old_dir = oldnd.dentry; 22141da177e4SLinus Torvalds error = -EBUSY; 22151da177e4SLinus Torvalds if (oldnd.last_type != LAST_NORM) 22161da177e4SLinus Torvalds goto exit2; 22171da177e4SLinus Torvalds 22181da177e4SLinus Torvalds new_dir = newnd.dentry; 22191da177e4SLinus Torvalds if (newnd.last_type != LAST_NORM) 22201da177e4SLinus Torvalds goto exit2; 22211da177e4SLinus Torvalds 22221da177e4SLinus Torvalds trap = lock_rename(new_dir, old_dir); 22231da177e4SLinus Torvalds 22241da177e4SLinus Torvalds old_dentry = lookup_hash(&oldnd.last, old_dir); 22251da177e4SLinus Torvalds error = PTR_ERR(old_dentry); 22261da177e4SLinus Torvalds if (IS_ERR(old_dentry)) 22271da177e4SLinus Torvalds goto exit3; 22281da177e4SLinus Torvalds /* source must exist */ 22291da177e4SLinus Torvalds error = -ENOENT; 22301da177e4SLinus Torvalds if (!old_dentry->d_inode) 22311da177e4SLinus Torvalds goto exit4; 22321da177e4SLinus Torvalds /* unless the source is a directory trailing slashes give -ENOTDIR */ 22331da177e4SLinus Torvalds if (!S_ISDIR(old_dentry->d_inode->i_mode)) { 22341da177e4SLinus Torvalds error = -ENOTDIR; 22351da177e4SLinus Torvalds if (oldnd.last.name[oldnd.last.len]) 22361da177e4SLinus Torvalds goto exit4; 22371da177e4SLinus Torvalds if (newnd.last.name[newnd.last.len]) 22381da177e4SLinus Torvalds goto exit4; 22391da177e4SLinus Torvalds } 22401da177e4SLinus Torvalds /* source should not be ancestor of target */ 22411da177e4SLinus Torvalds error = -EINVAL; 22421da177e4SLinus Torvalds if (old_dentry == trap) 22431da177e4SLinus Torvalds goto exit4; 22441da177e4SLinus Torvalds new_dentry = lookup_hash(&newnd.last, new_dir); 22451da177e4SLinus Torvalds error = PTR_ERR(new_dentry); 22461da177e4SLinus Torvalds if (IS_ERR(new_dentry)) 22471da177e4SLinus Torvalds goto exit4; 22481da177e4SLinus Torvalds /* target should not be an ancestor of source */ 22491da177e4SLinus Torvalds error = -ENOTEMPTY; 22501da177e4SLinus Torvalds if (new_dentry == trap) 22511da177e4SLinus Torvalds goto exit5; 22521da177e4SLinus Torvalds 22531da177e4SLinus Torvalds error = vfs_rename(old_dir->d_inode, old_dentry, 22541da177e4SLinus Torvalds new_dir->d_inode, new_dentry); 22551da177e4SLinus Torvalds exit5: 22561da177e4SLinus Torvalds dput(new_dentry); 22571da177e4SLinus Torvalds exit4: 22581da177e4SLinus Torvalds dput(old_dentry); 22591da177e4SLinus Torvalds exit3: 22601da177e4SLinus Torvalds unlock_rename(new_dir, old_dir); 22611da177e4SLinus Torvalds exit2: 22621da177e4SLinus Torvalds path_release(&newnd); 22631da177e4SLinus Torvalds exit1: 22641da177e4SLinus Torvalds path_release(&oldnd); 22651da177e4SLinus Torvalds exit: 22661da177e4SLinus Torvalds return error; 22671da177e4SLinus Torvalds } 22681da177e4SLinus Torvalds 22691da177e4SLinus Torvalds asmlinkage long sys_rename(const char __user * oldname, const char __user * newname) 22701da177e4SLinus Torvalds { 22711da177e4SLinus Torvalds int error; 22721da177e4SLinus Torvalds char * from; 22731da177e4SLinus Torvalds char * to; 22741da177e4SLinus Torvalds 22751da177e4SLinus Torvalds from = getname(oldname); 22761da177e4SLinus Torvalds if(IS_ERR(from)) 22771da177e4SLinus Torvalds return PTR_ERR(from); 22781da177e4SLinus Torvalds to = getname(newname); 22791da177e4SLinus Torvalds error = PTR_ERR(to); 22801da177e4SLinus Torvalds if (!IS_ERR(to)) { 22811da177e4SLinus Torvalds error = do_rename(from,to); 22821da177e4SLinus Torvalds putname(to); 22831da177e4SLinus Torvalds } 22841da177e4SLinus Torvalds putname(from); 22851da177e4SLinus Torvalds return error; 22861da177e4SLinus Torvalds } 22871da177e4SLinus Torvalds 22881da177e4SLinus Torvalds int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const char *link) 22891da177e4SLinus Torvalds { 22901da177e4SLinus Torvalds int len; 22911da177e4SLinus Torvalds 22921da177e4SLinus Torvalds len = PTR_ERR(link); 22931da177e4SLinus Torvalds if (IS_ERR(link)) 22941da177e4SLinus Torvalds goto out; 22951da177e4SLinus Torvalds 22961da177e4SLinus Torvalds len = strlen(link); 22971da177e4SLinus Torvalds if (len > (unsigned) buflen) 22981da177e4SLinus Torvalds len = buflen; 22991da177e4SLinus Torvalds if (copy_to_user(buffer, link, len)) 23001da177e4SLinus Torvalds len = -EFAULT; 23011da177e4SLinus Torvalds out: 23021da177e4SLinus Torvalds return len; 23031da177e4SLinus Torvalds } 23041da177e4SLinus Torvalds 23051da177e4SLinus Torvalds /* 23061da177e4SLinus Torvalds * A helper for ->readlink(). This should be used *ONLY* for symlinks that 23071da177e4SLinus Torvalds * have ->follow_link() touching nd only in nd_set_link(). Using (or not 23081da177e4SLinus Torvalds * using) it for any given inode is up to filesystem. 23091da177e4SLinus Torvalds */ 23101da177e4SLinus Torvalds int generic_readlink(struct dentry *dentry, char __user *buffer, int buflen) 23111da177e4SLinus Torvalds { 23121da177e4SLinus Torvalds struct nameidata nd; 23131da177e4SLinus Torvalds int res; 23141da177e4SLinus Torvalds nd.depth = 0; 23151da177e4SLinus Torvalds res = dentry->d_inode->i_op->follow_link(dentry, &nd); 23161da177e4SLinus Torvalds if (!res) { 23171da177e4SLinus Torvalds res = vfs_readlink(dentry, buffer, buflen, nd_get_link(&nd)); 23181da177e4SLinus Torvalds if (dentry->d_inode->i_op->put_link) 23191da177e4SLinus Torvalds dentry->d_inode->i_op->put_link(dentry, &nd); 23201da177e4SLinus Torvalds } 23211da177e4SLinus Torvalds return res; 23221da177e4SLinus Torvalds } 23231da177e4SLinus Torvalds 23241da177e4SLinus Torvalds int vfs_follow_link(struct nameidata *nd, const char *link) 23251da177e4SLinus Torvalds { 23261da177e4SLinus Torvalds return __vfs_follow_link(nd, link); 23271da177e4SLinus Torvalds } 23281da177e4SLinus Torvalds 23291da177e4SLinus Torvalds /* get the link contents into pagecache */ 23301da177e4SLinus Torvalds static char *page_getlink(struct dentry * dentry, struct page **ppage) 23311da177e4SLinus Torvalds { 23321da177e4SLinus Torvalds struct page * page; 23331da177e4SLinus Torvalds struct address_space *mapping = dentry->d_inode->i_mapping; 23341da177e4SLinus Torvalds page = read_cache_page(mapping, 0, (filler_t *)mapping->a_ops->readpage, 23351da177e4SLinus Torvalds NULL); 23361da177e4SLinus Torvalds if (IS_ERR(page)) 23371da177e4SLinus Torvalds goto sync_fail; 23381da177e4SLinus Torvalds wait_on_page_locked(page); 23391da177e4SLinus Torvalds if (!PageUptodate(page)) 23401da177e4SLinus Torvalds goto async_fail; 23411da177e4SLinus Torvalds *ppage = page; 23421da177e4SLinus Torvalds return kmap(page); 23431da177e4SLinus Torvalds 23441da177e4SLinus Torvalds async_fail: 23451da177e4SLinus Torvalds page_cache_release(page); 23461da177e4SLinus Torvalds return ERR_PTR(-EIO); 23471da177e4SLinus Torvalds 23481da177e4SLinus Torvalds sync_fail: 23491da177e4SLinus Torvalds return (char*)page; 23501da177e4SLinus Torvalds } 23511da177e4SLinus Torvalds 23521da177e4SLinus Torvalds int page_readlink(struct dentry *dentry, char __user *buffer, int buflen) 23531da177e4SLinus Torvalds { 23541da177e4SLinus Torvalds struct page *page = NULL; 23551da177e4SLinus Torvalds char *s = page_getlink(dentry, &page); 23561da177e4SLinus Torvalds int res = vfs_readlink(dentry,buffer,buflen,s); 23571da177e4SLinus Torvalds if (page) { 23581da177e4SLinus Torvalds kunmap(page); 23591da177e4SLinus Torvalds page_cache_release(page); 23601da177e4SLinus Torvalds } 23611da177e4SLinus Torvalds return res; 23621da177e4SLinus Torvalds } 23631da177e4SLinus Torvalds 23641da177e4SLinus Torvalds int page_follow_link_light(struct dentry *dentry, struct nameidata *nd) 23651da177e4SLinus Torvalds { 23661da177e4SLinus Torvalds struct page *page; 23671da177e4SLinus Torvalds nd_set_link(nd, page_getlink(dentry, &page)); 23681da177e4SLinus Torvalds return 0; 23691da177e4SLinus Torvalds } 23701da177e4SLinus Torvalds 23711da177e4SLinus Torvalds void page_put_link(struct dentry *dentry, struct nameidata *nd) 23721da177e4SLinus Torvalds { 23731da177e4SLinus Torvalds if (!IS_ERR(nd_get_link(nd))) { 23741da177e4SLinus Torvalds struct page *page; 23751da177e4SLinus Torvalds page = find_get_page(dentry->d_inode->i_mapping, 0); 23761da177e4SLinus Torvalds if (!page) 23771da177e4SLinus Torvalds BUG(); 23781da177e4SLinus Torvalds kunmap(page); 23791da177e4SLinus Torvalds page_cache_release(page); 23801da177e4SLinus Torvalds page_cache_release(page); 23811da177e4SLinus Torvalds } 23821da177e4SLinus Torvalds } 23831da177e4SLinus Torvalds 23841da177e4SLinus Torvalds int page_symlink(struct inode *inode, const char *symname, int len) 23851da177e4SLinus Torvalds { 23861da177e4SLinus Torvalds struct address_space *mapping = inode->i_mapping; 23871da177e4SLinus Torvalds struct page *page = grab_cache_page(mapping, 0); 23881da177e4SLinus Torvalds int err = -ENOMEM; 23891da177e4SLinus Torvalds char *kaddr; 23901da177e4SLinus Torvalds 23911da177e4SLinus Torvalds if (!page) 23921da177e4SLinus Torvalds goto fail; 23931da177e4SLinus Torvalds err = mapping->a_ops->prepare_write(NULL, page, 0, len-1); 23941da177e4SLinus Torvalds if (err) 23951da177e4SLinus Torvalds goto fail_map; 23961da177e4SLinus Torvalds kaddr = kmap_atomic(page, KM_USER0); 23971da177e4SLinus Torvalds memcpy(kaddr, symname, len-1); 23981da177e4SLinus Torvalds kunmap_atomic(kaddr, KM_USER0); 23991da177e4SLinus Torvalds mapping->a_ops->commit_write(NULL, page, 0, len-1); 24001da177e4SLinus Torvalds /* 24011da177e4SLinus Torvalds * Notice that we are _not_ going to block here - end of page is 24021da177e4SLinus Torvalds * unmapped, so this will only try to map the rest of page, see 24031da177e4SLinus Torvalds * that it is unmapped (typically even will not look into inode - 24041da177e4SLinus Torvalds * ->i_size will be enough for everything) and zero it out. 24051da177e4SLinus Torvalds * OTOH it's obviously correct and should make the page up-to-date. 24061da177e4SLinus Torvalds */ 24071da177e4SLinus Torvalds if (!PageUptodate(page)) { 24081da177e4SLinus Torvalds err = mapping->a_ops->readpage(NULL, page); 24091da177e4SLinus Torvalds wait_on_page_locked(page); 24101da177e4SLinus Torvalds } else { 24111da177e4SLinus Torvalds unlock_page(page); 24121da177e4SLinus Torvalds } 24131da177e4SLinus Torvalds page_cache_release(page); 24141da177e4SLinus Torvalds if (err < 0) 24151da177e4SLinus Torvalds goto fail; 24161da177e4SLinus Torvalds mark_inode_dirty(inode); 24171da177e4SLinus Torvalds return 0; 24181da177e4SLinus Torvalds fail_map: 24191da177e4SLinus Torvalds unlock_page(page); 24201da177e4SLinus Torvalds page_cache_release(page); 24211da177e4SLinus Torvalds fail: 24221da177e4SLinus Torvalds return err; 24231da177e4SLinus Torvalds } 24241da177e4SLinus Torvalds 24251da177e4SLinus Torvalds struct inode_operations page_symlink_inode_operations = { 24261da177e4SLinus Torvalds .readlink = generic_readlink, 24271da177e4SLinus Torvalds .follow_link = page_follow_link_light, 24281da177e4SLinus Torvalds .put_link = page_put_link, 24291da177e4SLinus Torvalds }; 24301da177e4SLinus Torvalds 24311da177e4SLinus Torvalds EXPORT_SYMBOL(__user_walk); 24321da177e4SLinus Torvalds EXPORT_SYMBOL(follow_down); 24331da177e4SLinus Torvalds EXPORT_SYMBOL(follow_up); 24341da177e4SLinus Torvalds EXPORT_SYMBOL(get_write_access); /* binfmt_aout */ 24351da177e4SLinus Torvalds EXPORT_SYMBOL(getname); 24361da177e4SLinus Torvalds EXPORT_SYMBOL(lock_rename); 24371da177e4SLinus Torvalds EXPORT_SYMBOL(lookup_hash); 24381da177e4SLinus Torvalds EXPORT_SYMBOL(lookup_one_len); 24391da177e4SLinus Torvalds EXPORT_SYMBOL(page_follow_link_light); 24401da177e4SLinus Torvalds EXPORT_SYMBOL(page_put_link); 24411da177e4SLinus Torvalds EXPORT_SYMBOL(page_readlink); 24421da177e4SLinus Torvalds EXPORT_SYMBOL(page_symlink); 24431da177e4SLinus Torvalds EXPORT_SYMBOL(page_symlink_inode_operations); 24441da177e4SLinus Torvalds EXPORT_SYMBOL(path_lookup); 24451da177e4SLinus Torvalds EXPORT_SYMBOL(path_release); 24461da177e4SLinus Torvalds EXPORT_SYMBOL(path_walk); 24471da177e4SLinus Torvalds EXPORT_SYMBOL(permission); 24481da177e4SLinus Torvalds EXPORT_SYMBOL(unlock_rename); 24491da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_create); 24501da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_follow_link); 24511da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_link); 24521da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_mkdir); 24531da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_mknod); 24541da177e4SLinus Torvalds EXPORT_SYMBOL(generic_permission); 24551da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_readlink); 24561da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_rename); 24571da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_rmdir); 24581da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_symlink); 24591da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_unlink); 24601da177e4SLinus Torvalds EXPORT_SYMBOL(dentry_unhash); 24611da177e4SLinus Torvalds EXPORT_SYMBOL(generic_readlink); 2462