11da177e4SLinus Torvalds /* 21da177e4SLinus Torvalds * linux/fs/namei.c 31da177e4SLinus Torvalds * 41da177e4SLinus Torvalds * Copyright (C) 1991, 1992 Linus Torvalds 51da177e4SLinus Torvalds */ 61da177e4SLinus Torvalds 71da177e4SLinus Torvalds /* 81da177e4SLinus Torvalds * Some corrections by tytso. 91da177e4SLinus Torvalds */ 101da177e4SLinus Torvalds 111da177e4SLinus Torvalds /* [Feb 1997 T. Schoebel-Theuer] Complete rewrite of the pathname 121da177e4SLinus Torvalds * lookup logic. 131da177e4SLinus Torvalds */ 141da177e4SLinus Torvalds /* [Feb-Apr 2000, AV] Rewrite to the new namespace architecture. 151da177e4SLinus Torvalds */ 161da177e4SLinus Torvalds 171da177e4SLinus Torvalds #include <linux/init.h> 181da177e4SLinus Torvalds #include <linux/module.h> 191da177e4SLinus Torvalds #include <linux/slab.h> 201da177e4SLinus Torvalds #include <linux/fs.h> 211da177e4SLinus Torvalds #include <linux/namei.h> 221da177e4SLinus Torvalds #include <linux/quotaops.h> 231da177e4SLinus Torvalds #include <linux/pagemap.h> 241da177e4SLinus Torvalds #include <linux/dnotify.h> 251da177e4SLinus Torvalds #include <linux/smp_lock.h> 261da177e4SLinus Torvalds #include <linux/personality.h> 271da177e4SLinus Torvalds #include <linux/security.h> 281da177e4SLinus Torvalds #include <linux/syscalls.h> 291da177e4SLinus Torvalds #include <linux/mount.h> 301da177e4SLinus Torvalds #include <linux/audit.h> 311da177e4SLinus Torvalds #include <asm/namei.h> 321da177e4SLinus Torvalds #include <asm/uaccess.h> 331da177e4SLinus Torvalds 341da177e4SLinus Torvalds #define ACC_MODE(x) ("\000\004\002\006"[(x)&O_ACCMODE]) 351da177e4SLinus Torvalds 361da177e4SLinus Torvalds /* [Feb-1997 T. Schoebel-Theuer] 371da177e4SLinus Torvalds * Fundamental changes in the pathname lookup mechanisms (namei) 381da177e4SLinus Torvalds * were necessary because of omirr. The reason is that omirr needs 391da177e4SLinus Torvalds * to know the _real_ pathname, not the user-supplied one, in case 401da177e4SLinus Torvalds * of symlinks (and also when transname replacements occur). 411da177e4SLinus Torvalds * 421da177e4SLinus Torvalds * The new code replaces the old recursive symlink resolution with 431da177e4SLinus Torvalds * an iterative one (in case of non-nested symlink chains). It does 441da177e4SLinus Torvalds * this with calls to <fs>_follow_link(). 451da177e4SLinus Torvalds * As a side effect, dir_namei(), _namei() and follow_link() are now 461da177e4SLinus Torvalds * replaced with a single function lookup_dentry() that can handle all 471da177e4SLinus Torvalds * the special cases of the former code. 481da177e4SLinus Torvalds * 491da177e4SLinus Torvalds * With the new dcache, the pathname is stored at each inode, at least as 501da177e4SLinus Torvalds * long as the refcount of the inode is positive. As a side effect, the 511da177e4SLinus Torvalds * size of the dcache depends on the inode cache and thus is dynamic. 521da177e4SLinus Torvalds * 531da177e4SLinus Torvalds * [29-Apr-1998 C. Scott Ananian] Updated above description of symlink 541da177e4SLinus Torvalds * resolution to correspond with current state of the code. 551da177e4SLinus Torvalds * 561da177e4SLinus Torvalds * Note that the symlink resolution is not *completely* iterative. 571da177e4SLinus Torvalds * There is still a significant amount of tail- and mid- recursion in 581da177e4SLinus Torvalds * the algorithm. Also, note that <fs>_readlink() is not used in 591da177e4SLinus Torvalds * lookup_dentry(): lookup_dentry() on the result of <fs>_readlink() 601da177e4SLinus Torvalds * may return different results than <fs>_follow_link(). Many virtual 611da177e4SLinus Torvalds * filesystems (including /proc) exhibit this behavior. 621da177e4SLinus Torvalds */ 631da177e4SLinus Torvalds 641da177e4SLinus Torvalds /* [24-Feb-97 T. Schoebel-Theuer] Side effects caused by new implementation: 651da177e4SLinus Torvalds * New symlink semantics: when open() is called with flags O_CREAT | O_EXCL 661da177e4SLinus Torvalds * and the name already exists in form of a symlink, try to create the new 671da177e4SLinus Torvalds * name indicated by the symlink. The old code always complained that the 681da177e4SLinus Torvalds * name already exists, due to not following the symlink even if its target 691da177e4SLinus Torvalds * is nonexistent. The new semantics affects also mknod() and link() when 701da177e4SLinus Torvalds * the name is a symlink pointing to a non-existant name. 711da177e4SLinus Torvalds * 721da177e4SLinus Torvalds * I don't know which semantics is the right one, since I have no access 731da177e4SLinus Torvalds * to standards. But I found by trial that HP-UX 9.0 has the full "new" 741da177e4SLinus Torvalds * semantics implemented, while SunOS 4.1.1 and Solaris (SunOS 5.4) have the 751da177e4SLinus Torvalds * "old" one. Personally, I think the new semantics is much more logical. 761da177e4SLinus Torvalds * Note that "ln old new" where "new" is a symlink pointing to a non-existing 771da177e4SLinus Torvalds * file does succeed in both HP-UX and SunOs, but not in Solaris 781da177e4SLinus Torvalds * and in the old Linux semantics. 791da177e4SLinus Torvalds */ 801da177e4SLinus Torvalds 811da177e4SLinus Torvalds /* [16-Dec-97 Kevin Buhr] For security reasons, we change some symlink 821da177e4SLinus Torvalds * semantics. See the comments in "open_namei" and "do_link" below. 831da177e4SLinus Torvalds * 841da177e4SLinus Torvalds * [10-Sep-98 Alan Modra] Another symlink change. 851da177e4SLinus Torvalds */ 861da177e4SLinus Torvalds 871da177e4SLinus Torvalds /* [Feb-Apr 2000 AV] Complete rewrite. Rules for symlinks: 881da177e4SLinus Torvalds * inside the path - always follow. 891da177e4SLinus Torvalds * in the last component in creation/removal/renaming - never follow. 901da177e4SLinus Torvalds * if LOOKUP_FOLLOW passed - follow. 911da177e4SLinus Torvalds * if the pathname has trailing slashes - follow. 921da177e4SLinus Torvalds * otherwise - don't follow. 931da177e4SLinus Torvalds * (applied in that order). 941da177e4SLinus Torvalds * 951da177e4SLinus Torvalds * [Jun 2000 AV] Inconsistent behaviour of open() in case if flags==O_CREAT 961da177e4SLinus Torvalds * restored for 2.4. This is the last surviving part of old 4.2BSD bug. 971da177e4SLinus Torvalds * During the 2.4 we need to fix the userland stuff depending on it - 981da177e4SLinus Torvalds * hopefully we will be able to get rid of that wart in 2.5. So far only 991da177e4SLinus Torvalds * XEmacs seems to be relying on it... 1001da177e4SLinus Torvalds */ 1011da177e4SLinus Torvalds /* 1021da177e4SLinus Torvalds * [Sep 2001 AV] Single-semaphore locking scheme (kudos to David Holland) 1031da177e4SLinus Torvalds * implemented. Let's see if raised priority of ->s_vfs_rename_sem gives 1041da177e4SLinus Torvalds * any extra contention... 1051da177e4SLinus Torvalds */ 1061da177e4SLinus Torvalds 1071da177e4SLinus Torvalds /* In order to reduce some races, while at the same time doing additional 1081da177e4SLinus Torvalds * checking and hopefully speeding things up, we copy filenames to the 1091da177e4SLinus Torvalds * kernel data space before using them.. 1101da177e4SLinus Torvalds * 1111da177e4SLinus Torvalds * POSIX.1 2.4: an empty pathname is invalid (ENOENT). 1121da177e4SLinus Torvalds * PATH_MAX includes the nul terminator --RR. 1131da177e4SLinus Torvalds */ 1141da177e4SLinus Torvalds static inline int do_getname(const char __user *filename, char *page) 1151da177e4SLinus Torvalds { 1161da177e4SLinus Torvalds int retval; 1171da177e4SLinus Torvalds unsigned long len = PATH_MAX; 1181da177e4SLinus Torvalds 1191da177e4SLinus Torvalds if (!segment_eq(get_fs(), KERNEL_DS)) { 1201da177e4SLinus Torvalds if ((unsigned long) filename >= TASK_SIZE) 1211da177e4SLinus Torvalds return -EFAULT; 1221da177e4SLinus Torvalds if (TASK_SIZE - (unsigned long) filename < PATH_MAX) 1231da177e4SLinus Torvalds len = TASK_SIZE - (unsigned long) filename; 1241da177e4SLinus Torvalds } 1251da177e4SLinus Torvalds 1261da177e4SLinus Torvalds retval = strncpy_from_user(page, filename, len); 1271da177e4SLinus Torvalds if (retval > 0) { 1281da177e4SLinus Torvalds if (retval < len) 1291da177e4SLinus Torvalds return 0; 1301da177e4SLinus Torvalds return -ENAMETOOLONG; 1311da177e4SLinus Torvalds } else if (!retval) 1321da177e4SLinus Torvalds retval = -ENOENT; 1331da177e4SLinus Torvalds return retval; 1341da177e4SLinus Torvalds } 1351da177e4SLinus Torvalds 1361da177e4SLinus Torvalds char * getname(const char __user * filename) 1371da177e4SLinus Torvalds { 1381da177e4SLinus Torvalds char *tmp, *result; 1391da177e4SLinus Torvalds 1401da177e4SLinus Torvalds result = ERR_PTR(-ENOMEM); 1411da177e4SLinus Torvalds tmp = __getname(); 1421da177e4SLinus Torvalds if (tmp) { 1431da177e4SLinus Torvalds int retval = do_getname(filename, tmp); 1441da177e4SLinus Torvalds 1451da177e4SLinus Torvalds result = tmp; 1461da177e4SLinus Torvalds if (retval < 0) { 1471da177e4SLinus Torvalds __putname(tmp); 1481da177e4SLinus Torvalds result = ERR_PTR(retval); 1491da177e4SLinus Torvalds } 1501da177e4SLinus Torvalds } 1511da177e4SLinus Torvalds audit_getname(result); 1521da177e4SLinus Torvalds return result; 1531da177e4SLinus Torvalds } 1541da177e4SLinus Torvalds 1551da177e4SLinus Torvalds #ifdef CONFIG_AUDITSYSCALL 1561da177e4SLinus Torvalds void putname(const char *name) 1571da177e4SLinus Torvalds { 1581da177e4SLinus Torvalds if (unlikely(current->audit_context)) 1591da177e4SLinus Torvalds audit_putname(name); 1601da177e4SLinus Torvalds else 1611da177e4SLinus Torvalds __putname(name); 1621da177e4SLinus Torvalds } 1631da177e4SLinus Torvalds EXPORT_SYMBOL(putname); 1641da177e4SLinus Torvalds #endif 1651da177e4SLinus Torvalds 1661da177e4SLinus Torvalds 1671da177e4SLinus Torvalds /** 1681da177e4SLinus Torvalds * generic_permission - check for access rights on a Posix-like filesystem 1691da177e4SLinus Torvalds * @inode: inode to check access rights for 1701da177e4SLinus Torvalds * @mask: right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC) 1711da177e4SLinus Torvalds * @check_acl: optional callback to check for Posix ACLs 1721da177e4SLinus Torvalds * 1731da177e4SLinus Torvalds * Used to check for read/write/execute permissions on a file. 1741da177e4SLinus Torvalds * We use "fsuid" for this, letting us set arbitrary permissions 1751da177e4SLinus Torvalds * for filesystem access without changing the "normal" uids which 1761da177e4SLinus Torvalds * are used for other things.. 1771da177e4SLinus Torvalds */ 1781da177e4SLinus Torvalds int generic_permission(struct inode *inode, int mask, 1791da177e4SLinus Torvalds int (*check_acl)(struct inode *inode, int mask)) 1801da177e4SLinus Torvalds { 1811da177e4SLinus Torvalds umode_t mode = inode->i_mode; 1821da177e4SLinus Torvalds 1831da177e4SLinus Torvalds if (current->fsuid == inode->i_uid) 1841da177e4SLinus Torvalds mode >>= 6; 1851da177e4SLinus Torvalds else { 1861da177e4SLinus Torvalds if (IS_POSIXACL(inode) && (mode & S_IRWXG) && check_acl) { 1871da177e4SLinus Torvalds int error = check_acl(inode, mask); 1881da177e4SLinus Torvalds if (error == -EACCES) 1891da177e4SLinus Torvalds goto check_capabilities; 1901da177e4SLinus Torvalds else if (error != -EAGAIN) 1911da177e4SLinus Torvalds return error; 1921da177e4SLinus Torvalds } 1931da177e4SLinus Torvalds 1941da177e4SLinus Torvalds if (in_group_p(inode->i_gid)) 1951da177e4SLinus Torvalds mode >>= 3; 1961da177e4SLinus Torvalds } 1971da177e4SLinus Torvalds 1981da177e4SLinus Torvalds /* 1991da177e4SLinus Torvalds * If the DACs are ok we don't need any capability check. 2001da177e4SLinus Torvalds */ 2011da177e4SLinus Torvalds if (((mode & mask & (MAY_READ|MAY_WRITE|MAY_EXEC)) == mask)) 2021da177e4SLinus Torvalds return 0; 2031da177e4SLinus Torvalds 2041da177e4SLinus Torvalds check_capabilities: 2051da177e4SLinus Torvalds /* 2061da177e4SLinus Torvalds * Read/write DACs are always overridable. 2071da177e4SLinus Torvalds * Executable DACs are overridable if at least one exec bit is set. 2081da177e4SLinus Torvalds */ 2091da177e4SLinus Torvalds if (!(mask & MAY_EXEC) || 2101da177e4SLinus Torvalds (inode->i_mode & S_IXUGO) || S_ISDIR(inode->i_mode)) 2111da177e4SLinus Torvalds if (capable(CAP_DAC_OVERRIDE)) 2121da177e4SLinus Torvalds return 0; 2131da177e4SLinus Torvalds 2141da177e4SLinus Torvalds /* 2151da177e4SLinus Torvalds * Searching includes executable on directories, else just read. 2161da177e4SLinus Torvalds */ 2171da177e4SLinus Torvalds if (mask == MAY_READ || (S_ISDIR(inode->i_mode) && !(mask & MAY_WRITE))) 2181da177e4SLinus Torvalds if (capable(CAP_DAC_READ_SEARCH)) 2191da177e4SLinus Torvalds return 0; 2201da177e4SLinus Torvalds 2211da177e4SLinus Torvalds return -EACCES; 2221da177e4SLinus Torvalds } 2231da177e4SLinus Torvalds 2241da177e4SLinus Torvalds int permission(struct inode *inode, int mask, struct nameidata *nd) 2251da177e4SLinus Torvalds { 2261da177e4SLinus Torvalds int retval, submask; 2271da177e4SLinus Torvalds 2281da177e4SLinus Torvalds if (mask & MAY_WRITE) { 2291da177e4SLinus Torvalds umode_t mode = inode->i_mode; 2301da177e4SLinus Torvalds 2311da177e4SLinus Torvalds /* 2321da177e4SLinus Torvalds * Nobody gets write access to a read-only fs. 2331da177e4SLinus Torvalds */ 2341da177e4SLinus Torvalds if (IS_RDONLY(inode) && 2351da177e4SLinus Torvalds (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode))) 2361da177e4SLinus Torvalds return -EROFS; 2371da177e4SLinus Torvalds 2381da177e4SLinus Torvalds /* 2391da177e4SLinus Torvalds * Nobody gets write access to an immutable file. 2401da177e4SLinus Torvalds */ 2411da177e4SLinus Torvalds if (IS_IMMUTABLE(inode)) 2421da177e4SLinus Torvalds return -EACCES; 2431da177e4SLinus Torvalds } 2441da177e4SLinus Torvalds 2451da177e4SLinus Torvalds 2461da177e4SLinus Torvalds /* Ordinary permission routines do not understand MAY_APPEND. */ 2471da177e4SLinus Torvalds submask = mask & ~MAY_APPEND; 2481da177e4SLinus Torvalds if (inode->i_op && inode->i_op->permission) 2491da177e4SLinus Torvalds retval = inode->i_op->permission(inode, submask, nd); 2501da177e4SLinus Torvalds else 2511da177e4SLinus Torvalds retval = generic_permission(inode, submask, NULL); 2521da177e4SLinus Torvalds if (retval) 2531da177e4SLinus Torvalds return retval; 2541da177e4SLinus Torvalds 2551da177e4SLinus Torvalds return security_inode_permission(inode, mask, nd); 2561da177e4SLinus Torvalds } 2571da177e4SLinus Torvalds 2581da177e4SLinus Torvalds /* 2591da177e4SLinus Torvalds * get_write_access() gets write permission for a file. 2601da177e4SLinus Torvalds * put_write_access() releases this write permission. 2611da177e4SLinus Torvalds * This is used for regular files. 2621da177e4SLinus Torvalds * We cannot support write (and maybe mmap read-write shared) accesses and 2631da177e4SLinus Torvalds * MAP_DENYWRITE mmappings simultaneously. The i_writecount field of an inode 2641da177e4SLinus Torvalds * can have the following values: 2651da177e4SLinus Torvalds * 0: no writers, no VM_DENYWRITE mappings 2661da177e4SLinus Torvalds * < 0: (-i_writecount) vm_area_structs with VM_DENYWRITE set exist 2671da177e4SLinus Torvalds * > 0: (i_writecount) users are writing to the file. 2681da177e4SLinus Torvalds * 2691da177e4SLinus Torvalds * Normally we operate on that counter with atomic_{inc,dec} and it's safe 2701da177e4SLinus Torvalds * except for the cases where we don't hold i_writecount yet. Then we need to 2711da177e4SLinus Torvalds * use {get,deny}_write_access() - these functions check the sign and refuse 2721da177e4SLinus Torvalds * to do the change if sign is wrong. Exclusion between them is provided by 2731da177e4SLinus Torvalds * the inode->i_lock spinlock. 2741da177e4SLinus Torvalds */ 2751da177e4SLinus Torvalds 2761da177e4SLinus Torvalds int get_write_access(struct inode * inode) 2771da177e4SLinus Torvalds { 2781da177e4SLinus Torvalds spin_lock(&inode->i_lock); 2791da177e4SLinus Torvalds if (atomic_read(&inode->i_writecount) < 0) { 2801da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 2811da177e4SLinus Torvalds return -ETXTBSY; 2821da177e4SLinus Torvalds } 2831da177e4SLinus Torvalds atomic_inc(&inode->i_writecount); 2841da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 2851da177e4SLinus Torvalds 2861da177e4SLinus Torvalds return 0; 2871da177e4SLinus Torvalds } 2881da177e4SLinus Torvalds 2891da177e4SLinus Torvalds int deny_write_access(struct file * file) 2901da177e4SLinus Torvalds { 2911da177e4SLinus Torvalds struct inode *inode = file->f_dentry->d_inode; 2921da177e4SLinus Torvalds 2931da177e4SLinus Torvalds spin_lock(&inode->i_lock); 2941da177e4SLinus Torvalds if (atomic_read(&inode->i_writecount) > 0) { 2951da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 2961da177e4SLinus Torvalds return -ETXTBSY; 2971da177e4SLinus Torvalds } 2981da177e4SLinus Torvalds atomic_dec(&inode->i_writecount); 2991da177e4SLinus Torvalds spin_unlock(&inode->i_lock); 3001da177e4SLinus Torvalds 3011da177e4SLinus Torvalds return 0; 3021da177e4SLinus Torvalds } 3031da177e4SLinus Torvalds 3041da177e4SLinus Torvalds void path_release(struct nameidata *nd) 3051da177e4SLinus Torvalds { 3061da177e4SLinus Torvalds dput(nd->dentry); 3071da177e4SLinus Torvalds mntput(nd->mnt); 3081da177e4SLinus Torvalds } 3091da177e4SLinus Torvalds 3101da177e4SLinus Torvalds /* 3111da177e4SLinus Torvalds * umount() mustn't call path_release()/mntput() as that would clear 3121da177e4SLinus Torvalds * mnt_expiry_mark 3131da177e4SLinus Torvalds */ 3141da177e4SLinus Torvalds void path_release_on_umount(struct nameidata *nd) 3151da177e4SLinus Torvalds { 3161da177e4SLinus Torvalds dput(nd->dentry); 3171da177e4SLinus Torvalds _mntput(nd->mnt); 3181da177e4SLinus Torvalds } 3191da177e4SLinus Torvalds 3201da177e4SLinus Torvalds /* 3211da177e4SLinus Torvalds * Internal lookup() using the new generic dcache. 3221da177e4SLinus Torvalds * SMP-safe 3231da177e4SLinus Torvalds */ 3241da177e4SLinus Torvalds static struct dentry * cached_lookup(struct dentry * parent, struct qstr * name, struct nameidata *nd) 3251da177e4SLinus Torvalds { 3261da177e4SLinus Torvalds struct dentry * dentry = __d_lookup(parent, name); 3271da177e4SLinus Torvalds 3281da177e4SLinus Torvalds /* lockess __d_lookup may fail due to concurrent d_move() 3291da177e4SLinus Torvalds * in some unrelated directory, so try with d_lookup 3301da177e4SLinus Torvalds */ 3311da177e4SLinus Torvalds if (!dentry) 3321da177e4SLinus Torvalds dentry = d_lookup(parent, name); 3331da177e4SLinus Torvalds 3341da177e4SLinus Torvalds if (dentry && dentry->d_op && dentry->d_op->d_revalidate) { 3351da177e4SLinus Torvalds if (!dentry->d_op->d_revalidate(dentry, nd) && !d_invalidate(dentry)) { 3361da177e4SLinus Torvalds dput(dentry); 3371da177e4SLinus Torvalds dentry = NULL; 3381da177e4SLinus Torvalds } 3391da177e4SLinus Torvalds } 3401da177e4SLinus Torvalds return dentry; 3411da177e4SLinus Torvalds } 3421da177e4SLinus Torvalds 3431da177e4SLinus Torvalds /* 3441da177e4SLinus Torvalds * Short-cut version of permission(), for calling by 3451da177e4SLinus Torvalds * path_walk(), when dcache lock is held. Combines parts 3461da177e4SLinus Torvalds * of permission() and generic_permission(), and tests ONLY for 3471da177e4SLinus Torvalds * MAY_EXEC permission. 3481da177e4SLinus Torvalds * 3491da177e4SLinus Torvalds * If appropriate, check DAC only. If not appropriate, or 3501da177e4SLinus Torvalds * short-cut DAC fails, then call permission() to do more 3511da177e4SLinus Torvalds * complete permission check. 3521da177e4SLinus Torvalds */ 3531da177e4SLinus Torvalds static inline int exec_permission_lite(struct inode *inode, 3541da177e4SLinus Torvalds struct nameidata *nd) 3551da177e4SLinus Torvalds { 3561da177e4SLinus Torvalds umode_t mode = inode->i_mode; 3571da177e4SLinus Torvalds 3581da177e4SLinus Torvalds if (inode->i_op && inode->i_op->permission) 3591da177e4SLinus Torvalds return -EAGAIN; 3601da177e4SLinus Torvalds 3611da177e4SLinus Torvalds if (current->fsuid == inode->i_uid) 3621da177e4SLinus Torvalds mode >>= 6; 3631da177e4SLinus Torvalds else if (in_group_p(inode->i_gid)) 3641da177e4SLinus Torvalds mode >>= 3; 3651da177e4SLinus Torvalds 3661da177e4SLinus Torvalds if (mode & MAY_EXEC) 3671da177e4SLinus Torvalds goto ok; 3681da177e4SLinus Torvalds 3691da177e4SLinus Torvalds if ((inode->i_mode & S_IXUGO) && capable(CAP_DAC_OVERRIDE)) 3701da177e4SLinus Torvalds goto ok; 3711da177e4SLinus Torvalds 3721da177e4SLinus Torvalds if (S_ISDIR(inode->i_mode) && capable(CAP_DAC_OVERRIDE)) 3731da177e4SLinus Torvalds goto ok; 3741da177e4SLinus Torvalds 3751da177e4SLinus Torvalds if (S_ISDIR(inode->i_mode) && capable(CAP_DAC_READ_SEARCH)) 3761da177e4SLinus Torvalds goto ok; 3771da177e4SLinus Torvalds 3781da177e4SLinus Torvalds return -EACCES; 3791da177e4SLinus Torvalds ok: 3801da177e4SLinus Torvalds return security_inode_permission(inode, MAY_EXEC, nd); 3811da177e4SLinus Torvalds } 3821da177e4SLinus Torvalds 3831da177e4SLinus Torvalds /* 3841da177e4SLinus Torvalds * This is called when everything else fails, and we actually have 3851da177e4SLinus Torvalds * to go to the low-level filesystem to find out what we should do.. 3861da177e4SLinus Torvalds * 3871da177e4SLinus Torvalds * We get the directory semaphore, and after getting that we also 3881da177e4SLinus Torvalds * make sure that nobody added the entry to the dcache in the meantime.. 3891da177e4SLinus Torvalds * SMP-safe 3901da177e4SLinus Torvalds */ 3911da177e4SLinus Torvalds static struct dentry * real_lookup(struct dentry * parent, struct qstr * name, struct nameidata *nd) 3921da177e4SLinus Torvalds { 3931da177e4SLinus Torvalds struct dentry * result; 3941da177e4SLinus Torvalds struct inode *dir = parent->d_inode; 3951da177e4SLinus Torvalds 3961da177e4SLinus Torvalds down(&dir->i_sem); 3971da177e4SLinus Torvalds /* 3981da177e4SLinus Torvalds * First re-do the cached lookup just in case it was created 3991da177e4SLinus Torvalds * while we waited for the directory semaphore.. 4001da177e4SLinus Torvalds * 4011da177e4SLinus Torvalds * FIXME! This could use version numbering or similar to 4021da177e4SLinus Torvalds * avoid unnecessary cache lookups. 4031da177e4SLinus Torvalds * 4041da177e4SLinus Torvalds * The "dcache_lock" is purely to protect the RCU list walker 4051da177e4SLinus Torvalds * from concurrent renames at this point (we mustn't get false 4061da177e4SLinus Torvalds * negatives from the RCU list walk here, unlike the optimistic 4071da177e4SLinus Torvalds * fast walk). 4081da177e4SLinus Torvalds * 4091da177e4SLinus Torvalds * so doing d_lookup() (with seqlock), instead of lockfree __d_lookup 4101da177e4SLinus Torvalds */ 4111da177e4SLinus Torvalds result = d_lookup(parent, name); 4121da177e4SLinus Torvalds if (!result) { 4131da177e4SLinus Torvalds struct dentry * dentry = d_alloc(parent, name); 4141da177e4SLinus Torvalds result = ERR_PTR(-ENOMEM); 4151da177e4SLinus Torvalds if (dentry) { 4161da177e4SLinus Torvalds result = dir->i_op->lookup(dir, dentry, nd); 4171da177e4SLinus Torvalds if (result) 4181da177e4SLinus Torvalds dput(dentry); 4191da177e4SLinus Torvalds else 4201da177e4SLinus Torvalds result = dentry; 4211da177e4SLinus Torvalds } 4221da177e4SLinus Torvalds up(&dir->i_sem); 4231da177e4SLinus Torvalds return result; 4241da177e4SLinus Torvalds } 4251da177e4SLinus Torvalds 4261da177e4SLinus Torvalds /* 4271da177e4SLinus Torvalds * Uhhuh! Nasty case: the cache was re-populated while 4281da177e4SLinus Torvalds * we waited on the semaphore. Need to revalidate. 4291da177e4SLinus Torvalds */ 4301da177e4SLinus Torvalds up(&dir->i_sem); 4311da177e4SLinus Torvalds if (result->d_op && result->d_op->d_revalidate) { 4321da177e4SLinus Torvalds if (!result->d_op->d_revalidate(result, nd) && !d_invalidate(result)) { 4331da177e4SLinus Torvalds dput(result); 4341da177e4SLinus Torvalds result = ERR_PTR(-ENOENT); 4351da177e4SLinus Torvalds } 4361da177e4SLinus Torvalds } 4371da177e4SLinus Torvalds return result; 4381da177e4SLinus Torvalds } 4391da177e4SLinus Torvalds 4401da177e4SLinus Torvalds static int __emul_lookup_dentry(const char *, struct nameidata *); 4411da177e4SLinus Torvalds 4421da177e4SLinus Torvalds /* SMP-safe */ 4431da177e4SLinus Torvalds static inline int 4441da177e4SLinus Torvalds walk_init_root(const char *name, struct nameidata *nd) 4451da177e4SLinus Torvalds { 4461da177e4SLinus Torvalds read_lock(¤t->fs->lock); 4471da177e4SLinus Torvalds if (current->fs->altroot && !(nd->flags & LOOKUP_NOALT)) { 4481da177e4SLinus Torvalds nd->mnt = mntget(current->fs->altrootmnt); 4491da177e4SLinus Torvalds nd->dentry = dget(current->fs->altroot); 4501da177e4SLinus Torvalds read_unlock(¤t->fs->lock); 4511da177e4SLinus Torvalds if (__emul_lookup_dentry(name,nd)) 4521da177e4SLinus Torvalds return 0; 4531da177e4SLinus Torvalds read_lock(¤t->fs->lock); 4541da177e4SLinus Torvalds } 4551da177e4SLinus Torvalds nd->mnt = mntget(current->fs->rootmnt); 4561da177e4SLinus Torvalds nd->dentry = dget(current->fs->root); 4571da177e4SLinus Torvalds read_unlock(¤t->fs->lock); 4581da177e4SLinus Torvalds return 1; 4591da177e4SLinus Torvalds } 4601da177e4SLinus Torvalds 4611da177e4SLinus Torvalds static inline int __vfs_follow_link(struct nameidata *nd, const char *link) 4621da177e4SLinus Torvalds { 4631da177e4SLinus Torvalds int res = 0; 4641da177e4SLinus Torvalds char *name; 4651da177e4SLinus Torvalds if (IS_ERR(link)) 4661da177e4SLinus Torvalds goto fail; 4671da177e4SLinus Torvalds 4681da177e4SLinus Torvalds if (*link == '/') { 4691da177e4SLinus Torvalds path_release(nd); 4701da177e4SLinus Torvalds if (!walk_init_root(link, nd)) 4711da177e4SLinus Torvalds /* weird __emul_prefix() stuff did it */ 4721da177e4SLinus Torvalds goto out; 4731da177e4SLinus Torvalds } 4741da177e4SLinus Torvalds res = link_path_walk(link, nd); 4751da177e4SLinus Torvalds out: 4761da177e4SLinus Torvalds if (nd->depth || res || nd->last_type!=LAST_NORM) 4771da177e4SLinus Torvalds return res; 4781da177e4SLinus Torvalds /* 4791da177e4SLinus Torvalds * If it is an iterative symlinks resolution in open_namei() we 4801da177e4SLinus Torvalds * have to copy the last component. And all that crap because of 4811da177e4SLinus Torvalds * bloody create() on broken symlinks. Furrfu... 4821da177e4SLinus Torvalds */ 4831da177e4SLinus Torvalds name = __getname(); 4841da177e4SLinus Torvalds if (unlikely(!name)) { 4851da177e4SLinus Torvalds path_release(nd); 4861da177e4SLinus Torvalds return -ENOMEM; 4871da177e4SLinus Torvalds } 4881da177e4SLinus Torvalds strcpy(name, nd->last.name); 4891da177e4SLinus Torvalds nd->last.name = name; 4901da177e4SLinus Torvalds return 0; 4911da177e4SLinus Torvalds fail: 4921da177e4SLinus Torvalds path_release(nd); 4931da177e4SLinus Torvalds return PTR_ERR(link); 4941da177e4SLinus Torvalds } 4951da177e4SLinus Torvalds 4961da177e4SLinus Torvalds static inline int __do_follow_link(struct dentry *dentry, struct nameidata *nd) 4971da177e4SLinus Torvalds { 4981da177e4SLinus Torvalds int error; 4991da177e4SLinus Torvalds 5001da177e4SLinus Torvalds touch_atime(nd->mnt, dentry); 5011da177e4SLinus Torvalds nd_set_link(nd, NULL); 5021da177e4SLinus Torvalds error = dentry->d_inode->i_op->follow_link(dentry, nd); 5031da177e4SLinus Torvalds if (!error) { 5041da177e4SLinus Torvalds char *s = nd_get_link(nd); 5051da177e4SLinus Torvalds if (s) 5061da177e4SLinus Torvalds error = __vfs_follow_link(nd, s); 5071da177e4SLinus Torvalds if (dentry->d_inode->i_op->put_link) 5081da177e4SLinus Torvalds dentry->d_inode->i_op->put_link(dentry, nd); 5091da177e4SLinus Torvalds } 5101da177e4SLinus Torvalds 5111da177e4SLinus Torvalds return error; 5121da177e4SLinus Torvalds } 5131da177e4SLinus Torvalds 5141da177e4SLinus Torvalds /* 5151da177e4SLinus Torvalds * This limits recursive symlink follows to 8, while 5161da177e4SLinus Torvalds * limiting consecutive symlinks to 40. 5171da177e4SLinus Torvalds * 5181da177e4SLinus Torvalds * Without that kind of total limit, nasty chains of consecutive 5191da177e4SLinus Torvalds * symlinks can cause almost arbitrarily long lookups. 5201da177e4SLinus Torvalds */ 5211da177e4SLinus Torvalds static inline int do_follow_link(struct dentry *dentry, struct nameidata *nd) 5221da177e4SLinus Torvalds { 5231da177e4SLinus Torvalds int err = -ELOOP; 5241da177e4SLinus Torvalds if (current->link_count >= MAX_NESTED_LINKS) 5251da177e4SLinus Torvalds goto loop; 5261da177e4SLinus Torvalds if (current->total_link_count >= 40) 5271da177e4SLinus Torvalds goto loop; 5281da177e4SLinus Torvalds BUG_ON(nd->depth >= MAX_NESTED_LINKS); 5291da177e4SLinus Torvalds cond_resched(); 5301da177e4SLinus Torvalds err = security_inode_follow_link(dentry, nd); 5311da177e4SLinus Torvalds if (err) 5321da177e4SLinus Torvalds goto loop; 5331da177e4SLinus Torvalds current->link_count++; 5341da177e4SLinus Torvalds current->total_link_count++; 5351da177e4SLinus Torvalds nd->depth++; 5361da177e4SLinus Torvalds err = __do_follow_link(dentry, nd); 5371da177e4SLinus Torvalds current->link_count--; 5381da177e4SLinus Torvalds nd->depth--; 5391da177e4SLinus Torvalds return err; 5401da177e4SLinus Torvalds loop: 5411da177e4SLinus Torvalds path_release(nd); 5421da177e4SLinus Torvalds return err; 5431da177e4SLinus Torvalds } 5441da177e4SLinus Torvalds 5451da177e4SLinus Torvalds int follow_up(struct vfsmount **mnt, struct dentry **dentry) 5461da177e4SLinus Torvalds { 5471da177e4SLinus Torvalds struct vfsmount *parent; 5481da177e4SLinus Torvalds struct dentry *mountpoint; 5491da177e4SLinus Torvalds spin_lock(&vfsmount_lock); 5501da177e4SLinus Torvalds parent=(*mnt)->mnt_parent; 5511da177e4SLinus Torvalds if (parent == *mnt) { 5521da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 5531da177e4SLinus Torvalds return 0; 5541da177e4SLinus Torvalds } 5551da177e4SLinus Torvalds mntget(parent); 5561da177e4SLinus Torvalds mountpoint=dget((*mnt)->mnt_mountpoint); 5571da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 5581da177e4SLinus Torvalds dput(*dentry); 5591da177e4SLinus Torvalds *dentry = mountpoint; 5601da177e4SLinus Torvalds mntput(*mnt); 5611da177e4SLinus Torvalds *mnt = parent; 5621da177e4SLinus Torvalds return 1; 5631da177e4SLinus Torvalds } 5641da177e4SLinus Torvalds 5651da177e4SLinus Torvalds /* no need for dcache_lock, as serialization is taken care in 5661da177e4SLinus Torvalds * namespace.c 5671da177e4SLinus Torvalds */ 5681da177e4SLinus Torvalds static int follow_mount(struct vfsmount **mnt, struct dentry **dentry) 5691da177e4SLinus Torvalds { 5701da177e4SLinus Torvalds int res = 0; 5711da177e4SLinus Torvalds while (d_mountpoint(*dentry)) { 5721da177e4SLinus Torvalds struct vfsmount *mounted = lookup_mnt(*mnt, *dentry); 5731da177e4SLinus Torvalds if (!mounted) 5741da177e4SLinus Torvalds break; 5751da177e4SLinus Torvalds mntput(*mnt); 5761da177e4SLinus Torvalds *mnt = mounted; 5771da177e4SLinus Torvalds dput(*dentry); 5781da177e4SLinus Torvalds *dentry = dget(mounted->mnt_root); 5791da177e4SLinus Torvalds res = 1; 5801da177e4SLinus Torvalds } 5811da177e4SLinus Torvalds return res; 5821da177e4SLinus Torvalds } 5831da177e4SLinus Torvalds 5841da177e4SLinus Torvalds /* no need for dcache_lock, as serialization is taken care in 5851da177e4SLinus Torvalds * namespace.c 5861da177e4SLinus Torvalds */ 5871da177e4SLinus Torvalds static inline int __follow_down(struct vfsmount **mnt, struct dentry **dentry) 5881da177e4SLinus Torvalds { 5891da177e4SLinus Torvalds struct vfsmount *mounted; 5901da177e4SLinus Torvalds 5911da177e4SLinus Torvalds mounted = lookup_mnt(*mnt, *dentry); 5921da177e4SLinus Torvalds if (mounted) { 5931da177e4SLinus Torvalds mntput(*mnt); 5941da177e4SLinus Torvalds *mnt = mounted; 5951da177e4SLinus Torvalds dput(*dentry); 5961da177e4SLinus Torvalds *dentry = dget(mounted->mnt_root); 5971da177e4SLinus Torvalds return 1; 5981da177e4SLinus Torvalds } 5991da177e4SLinus Torvalds return 0; 6001da177e4SLinus Torvalds } 6011da177e4SLinus Torvalds 6021da177e4SLinus Torvalds int follow_down(struct vfsmount **mnt, struct dentry **dentry) 6031da177e4SLinus Torvalds { 6041da177e4SLinus Torvalds return __follow_down(mnt,dentry); 6051da177e4SLinus Torvalds } 6061da177e4SLinus Torvalds 6071da177e4SLinus Torvalds static inline void follow_dotdot(struct vfsmount **mnt, struct dentry **dentry) 6081da177e4SLinus Torvalds { 6091da177e4SLinus Torvalds while(1) { 6101da177e4SLinus Torvalds struct vfsmount *parent; 6111da177e4SLinus Torvalds struct dentry *old = *dentry; 6121da177e4SLinus Torvalds 6131da177e4SLinus Torvalds read_lock(¤t->fs->lock); 6141da177e4SLinus Torvalds if (*dentry == current->fs->root && 6151da177e4SLinus Torvalds *mnt == current->fs->rootmnt) { 6161da177e4SLinus Torvalds read_unlock(¤t->fs->lock); 6171da177e4SLinus Torvalds break; 6181da177e4SLinus Torvalds } 6191da177e4SLinus Torvalds read_unlock(¤t->fs->lock); 6201da177e4SLinus Torvalds spin_lock(&dcache_lock); 6211da177e4SLinus Torvalds if (*dentry != (*mnt)->mnt_root) { 6221da177e4SLinus Torvalds *dentry = dget((*dentry)->d_parent); 6231da177e4SLinus Torvalds spin_unlock(&dcache_lock); 6241da177e4SLinus Torvalds dput(old); 6251da177e4SLinus Torvalds break; 6261da177e4SLinus Torvalds } 6271da177e4SLinus Torvalds spin_unlock(&dcache_lock); 6281da177e4SLinus Torvalds spin_lock(&vfsmount_lock); 6291da177e4SLinus Torvalds parent = (*mnt)->mnt_parent; 6301da177e4SLinus Torvalds if (parent == *mnt) { 6311da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 6321da177e4SLinus Torvalds break; 6331da177e4SLinus Torvalds } 6341da177e4SLinus Torvalds mntget(parent); 6351da177e4SLinus Torvalds *dentry = dget((*mnt)->mnt_mountpoint); 6361da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 6371da177e4SLinus Torvalds dput(old); 6381da177e4SLinus Torvalds mntput(*mnt); 6391da177e4SLinus Torvalds *mnt = parent; 6401da177e4SLinus Torvalds } 6411da177e4SLinus Torvalds follow_mount(mnt, dentry); 6421da177e4SLinus Torvalds } 6431da177e4SLinus Torvalds 6441da177e4SLinus Torvalds struct path { 6451da177e4SLinus Torvalds struct vfsmount *mnt; 6461da177e4SLinus Torvalds struct dentry *dentry; 6471da177e4SLinus Torvalds }; 6481da177e4SLinus Torvalds 6491da177e4SLinus Torvalds /* 6501da177e4SLinus Torvalds * It's more convoluted than I'd like it to be, but... it's still fairly 6511da177e4SLinus Torvalds * small and for now I'd prefer to have fast path as straight as possible. 6521da177e4SLinus Torvalds * It _is_ time-critical. 6531da177e4SLinus Torvalds */ 6541da177e4SLinus Torvalds static int do_lookup(struct nameidata *nd, struct qstr *name, 6551da177e4SLinus Torvalds struct path *path) 6561da177e4SLinus Torvalds { 6571da177e4SLinus Torvalds struct vfsmount *mnt = nd->mnt; 6581da177e4SLinus Torvalds struct dentry *dentry = __d_lookup(nd->dentry, name); 6591da177e4SLinus Torvalds 6601da177e4SLinus Torvalds if (!dentry) 6611da177e4SLinus Torvalds goto need_lookup; 6621da177e4SLinus Torvalds if (dentry->d_op && dentry->d_op->d_revalidate) 6631da177e4SLinus Torvalds goto need_revalidate; 6641da177e4SLinus Torvalds done: 6651da177e4SLinus Torvalds path->mnt = mnt; 6661da177e4SLinus Torvalds path->dentry = dentry; 6671da177e4SLinus Torvalds return 0; 6681da177e4SLinus Torvalds 6691da177e4SLinus Torvalds need_lookup: 6701da177e4SLinus Torvalds dentry = real_lookup(nd->dentry, name, nd); 6711da177e4SLinus Torvalds if (IS_ERR(dentry)) 6721da177e4SLinus Torvalds goto fail; 6731da177e4SLinus Torvalds goto done; 6741da177e4SLinus Torvalds 6751da177e4SLinus Torvalds need_revalidate: 6761da177e4SLinus Torvalds if (dentry->d_op->d_revalidate(dentry, nd)) 6771da177e4SLinus Torvalds goto done; 6781da177e4SLinus Torvalds if (d_invalidate(dentry)) 6791da177e4SLinus Torvalds goto done; 6801da177e4SLinus Torvalds dput(dentry); 6811da177e4SLinus Torvalds goto need_lookup; 6821da177e4SLinus Torvalds 6831da177e4SLinus Torvalds fail: 6841da177e4SLinus Torvalds return PTR_ERR(dentry); 6851da177e4SLinus Torvalds } 6861da177e4SLinus Torvalds 6871da177e4SLinus Torvalds /* 6881da177e4SLinus Torvalds * Name resolution. 689ea3834d9SPrasanna Meda * This is the basic name resolution function, turning a pathname into 690ea3834d9SPrasanna Meda * the final dentry. We expect 'base' to be positive and a directory. 6911da177e4SLinus Torvalds * 692ea3834d9SPrasanna Meda * Returns 0 and nd will have valid dentry and mnt on success. 693ea3834d9SPrasanna Meda * Returns error and drops reference to input namei data on failure. 6941da177e4SLinus Torvalds */ 6951da177e4SLinus Torvalds static fastcall int __link_path_walk(const char * name, struct nameidata *nd) 6961da177e4SLinus Torvalds { 6971da177e4SLinus Torvalds struct path next; 6981da177e4SLinus Torvalds struct inode *inode; 6991da177e4SLinus Torvalds int err; 7001da177e4SLinus Torvalds unsigned int lookup_flags = nd->flags; 7011da177e4SLinus Torvalds 7021da177e4SLinus Torvalds while (*name=='/') 7031da177e4SLinus Torvalds name++; 7041da177e4SLinus Torvalds if (!*name) 7051da177e4SLinus Torvalds goto return_reval; 7061da177e4SLinus Torvalds 7071da177e4SLinus Torvalds inode = nd->dentry->d_inode; 7081da177e4SLinus Torvalds if (nd->depth) 7091da177e4SLinus Torvalds lookup_flags = LOOKUP_FOLLOW; 7101da177e4SLinus Torvalds 7111da177e4SLinus Torvalds /* At this point we know we have a real path component. */ 7121da177e4SLinus Torvalds for(;;) { 7131da177e4SLinus Torvalds unsigned long hash; 7141da177e4SLinus Torvalds struct qstr this; 7151da177e4SLinus Torvalds unsigned int c; 7161da177e4SLinus Torvalds 7171da177e4SLinus Torvalds err = exec_permission_lite(inode, nd); 7181da177e4SLinus Torvalds if (err == -EAGAIN) { 7191da177e4SLinus Torvalds err = permission(inode, MAY_EXEC, nd); 7201da177e4SLinus Torvalds } 7211da177e4SLinus Torvalds if (err) 7221da177e4SLinus Torvalds break; 7231da177e4SLinus Torvalds 7241da177e4SLinus Torvalds this.name = name; 7251da177e4SLinus Torvalds c = *(const unsigned char *)name; 7261da177e4SLinus Torvalds 7271da177e4SLinus Torvalds hash = init_name_hash(); 7281da177e4SLinus Torvalds do { 7291da177e4SLinus Torvalds name++; 7301da177e4SLinus Torvalds hash = partial_name_hash(c, hash); 7311da177e4SLinus Torvalds c = *(const unsigned char *)name; 7321da177e4SLinus Torvalds } while (c && (c != '/')); 7331da177e4SLinus Torvalds this.len = name - (const char *) this.name; 7341da177e4SLinus Torvalds this.hash = end_name_hash(hash); 7351da177e4SLinus Torvalds 7361da177e4SLinus Torvalds /* remove trailing slashes? */ 7371da177e4SLinus Torvalds if (!c) 7381da177e4SLinus Torvalds goto last_component; 7391da177e4SLinus Torvalds while (*++name == '/'); 7401da177e4SLinus Torvalds if (!*name) 7411da177e4SLinus Torvalds goto last_with_slashes; 7421da177e4SLinus Torvalds 7431da177e4SLinus Torvalds /* 7441da177e4SLinus Torvalds * "." and ".." are special - ".." especially so because it has 7451da177e4SLinus Torvalds * to be able to know about the current root directory and 7461da177e4SLinus Torvalds * parent relationships. 7471da177e4SLinus Torvalds */ 7481da177e4SLinus Torvalds if (this.name[0] == '.') switch (this.len) { 7491da177e4SLinus Torvalds default: 7501da177e4SLinus Torvalds break; 7511da177e4SLinus Torvalds case 2: 7521da177e4SLinus Torvalds if (this.name[1] != '.') 7531da177e4SLinus Torvalds break; 7541da177e4SLinus Torvalds follow_dotdot(&nd->mnt, &nd->dentry); 7551da177e4SLinus Torvalds inode = nd->dentry->d_inode; 7561da177e4SLinus Torvalds /* fallthrough */ 7571da177e4SLinus Torvalds case 1: 7581da177e4SLinus Torvalds continue; 7591da177e4SLinus Torvalds } 7601da177e4SLinus Torvalds /* 7611da177e4SLinus Torvalds * See if the low-level filesystem might want 7621da177e4SLinus Torvalds * to use its own hash.. 7631da177e4SLinus Torvalds */ 7641da177e4SLinus Torvalds if (nd->dentry->d_op && nd->dentry->d_op->d_hash) { 7651da177e4SLinus Torvalds err = nd->dentry->d_op->d_hash(nd->dentry, &this); 7661da177e4SLinus Torvalds if (err < 0) 7671da177e4SLinus Torvalds break; 7681da177e4SLinus Torvalds } 7691da177e4SLinus Torvalds nd->flags |= LOOKUP_CONTINUE; 7701da177e4SLinus Torvalds /* This does the actual lookups.. */ 7711da177e4SLinus Torvalds err = do_lookup(nd, &this, &next); 7721da177e4SLinus Torvalds if (err) 7731da177e4SLinus Torvalds break; 7741da177e4SLinus Torvalds /* Check mountpoints.. */ 7751da177e4SLinus Torvalds follow_mount(&next.mnt, &next.dentry); 7761da177e4SLinus Torvalds 7771da177e4SLinus Torvalds err = -ENOENT; 7781da177e4SLinus Torvalds inode = next.dentry->d_inode; 7791da177e4SLinus Torvalds if (!inode) 7801da177e4SLinus Torvalds goto out_dput; 7811da177e4SLinus Torvalds err = -ENOTDIR; 7821da177e4SLinus Torvalds if (!inode->i_op) 7831da177e4SLinus Torvalds goto out_dput; 7841da177e4SLinus Torvalds 7851da177e4SLinus Torvalds if (inode->i_op->follow_link) { 7861da177e4SLinus Torvalds mntget(next.mnt); 7871da177e4SLinus Torvalds err = do_follow_link(next.dentry, nd); 7881da177e4SLinus Torvalds dput(next.dentry); 7891da177e4SLinus Torvalds mntput(next.mnt); 7901da177e4SLinus Torvalds if (err) 7911da177e4SLinus Torvalds goto return_err; 7921da177e4SLinus Torvalds err = -ENOENT; 7931da177e4SLinus Torvalds inode = nd->dentry->d_inode; 7941da177e4SLinus Torvalds if (!inode) 7951da177e4SLinus Torvalds break; 7961da177e4SLinus Torvalds err = -ENOTDIR; 7971da177e4SLinus Torvalds if (!inode->i_op) 7981da177e4SLinus Torvalds break; 7991da177e4SLinus Torvalds } else { 8001da177e4SLinus Torvalds dput(nd->dentry); 8011da177e4SLinus Torvalds nd->mnt = next.mnt; 8021da177e4SLinus Torvalds nd->dentry = next.dentry; 8031da177e4SLinus Torvalds } 8041da177e4SLinus Torvalds err = -ENOTDIR; 8051da177e4SLinus Torvalds if (!inode->i_op->lookup) 8061da177e4SLinus Torvalds break; 8071da177e4SLinus Torvalds continue; 8081da177e4SLinus Torvalds /* here ends the main loop */ 8091da177e4SLinus Torvalds 8101da177e4SLinus Torvalds last_with_slashes: 8111da177e4SLinus Torvalds lookup_flags |= LOOKUP_FOLLOW | LOOKUP_DIRECTORY; 8121da177e4SLinus Torvalds last_component: 8131da177e4SLinus Torvalds nd->flags &= ~LOOKUP_CONTINUE; 8141da177e4SLinus Torvalds if (lookup_flags & LOOKUP_PARENT) 8151da177e4SLinus Torvalds goto lookup_parent; 8161da177e4SLinus Torvalds if (this.name[0] == '.') switch (this.len) { 8171da177e4SLinus Torvalds default: 8181da177e4SLinus Torvalds break; 8191da177e4SLinus Torvalds case 2: 8201da177e4SLinus Torvalds if (this.name[1] != '.') 8211da177e4SLinus Torvalds break; 8221da177e4SLinus Torvalds follow_dotdot(&nd->mnt, &nd->dentry); 8231da177e4SLinus Torvalds inode = nd->dentry->d_inode; 8241da177e4SLinus Torvalds /* fallthrough */ 8251da177e4SLinus Torvalds case 1: 8261da177e4SLinus Torvalds goto return_reval; 8271da177e4SLinus Torvalds } 8281da177e4SLinus Torvalds if (nd->dentry->d_op && nd->dentry->d_op->d_hash) { 8291da177e4SLinus Torvalds err = nd->dentry->d_op->d_hash(nd->dentry, &this); 8301da177e4SLinus Torvalds if (err < 0) 8311da177e4SLinus Torvalds break; 8321da177e4SLinus Torvalds } 8331da177e4SLinus Torvalds err = do_lookup(nd, &this, &next); 8341da177e4SLinus Torvalds if (err) 8351da177e4SLinus Torvalds break; 8361da177e4SLinus Torvalds follow_mount(&next.mnt, &next.dentry); 8371da177e4SLinus Torvalds inode = next.dentry->d_inode; 8381da177e4SLinus Torvalds if ((lookup_flags & LOOKUP_FOLLOW) 8391da177e4SLinus Torvalds && inode && inode->i_op && inode->i_op->follow_link) { 8401da177e4SLinus Torvalds mntget(next.mnt); 8411da177e4SLinus Torvalds err = do_follow_link(next.dentry, nd); 8421da177e4SLinus Torvalds dput(next.dentry); 8431da177e4SLinus Torvalds mntput(next.mnt); 8441da177e4SLinus Torvalds if (err) 8451da177e4SLinus Torvalds goto return_err; 8461da177e4SLinus Torvalds inode = nd->dentry->d_inode; 8471da177e4SLinus Torvalds } else { 8481da177e4SLinus Torvalds dput(nd->dentry); 8491da177e4SLinus Torvalds nd->mnt = next.mnt; 8501da177e4SLinus Torvalds nd->dentry = next.dentry; 8511da177e4SLinus Torvalds } 8521da177e4SLinus Torvalds err = -ENOENT; 8531da177e4SLinus Torvalds if (!inode) 8541da177e4SLinus Torvalds break; 8551da177e4SLinus Torvalds if (lookup_flags & LOOKUP_DIRECTORY) { 8561da177e4SLinus Torvalds err = -ENOTDIR; 8571da177e4SLinus Torvalds if (!inode->i_op || !inode->i_op->lookup) 8581da177e4SLinus Torvalds break; 8591da177e4SLinus Torvalds } 8601da177e4SLinus Torvalds goto return_base; 8611da177e4SLinus Torvalds lookup_parent: 8621da177e4SLinus Torvalds nd->last = this; 8631da177e4SLinus Torvalds nd->last_type = LAST_NORM; 8641da177e4SLinus Torvalds if (this.name[0] != '.') 8651da177e4SLinus Torvalds goto return_base; 8661da177e4SLinus Torvalds if (this.len == 1) 8671da177e4SLinus Torvalds nd->last_type = LAST_DOT; 8681da177e4SLinus Torvalds else if (this.len == 2 && this.name[1] == '.') 8691da177e4SLinus Torvalds nd->last_type = LAST_DOTDOT; 8701da177e4SLinus Torvalds else 8711da177e4SLinus Torvalds goto return_base; 8721da177e4SLinus Torvalds return_reval: 8731da177e4SLinus Torvalds /* 8741da177e4SLinus Torvalds * We bypassed the ordinary revalidation routines. 8751da177e4SLinus Torvalds * We may need to check the cached dentry for staleness. 8761da177e4SLinus Torvalds */ 8771da177e4SLinus Torvalds if (nd->dentry && nd->dentry->d_sb && 8781da177e4SLinus Torvalds (nd->dentry->d_sb->s_type->fs_flags & FS_REVAL_DOT)) { 8791da177e4SLinus Torvalds err = -ESTALE; 8801da177e4SLinus Torvalds /* Note: we do not d_invalidate() */ 8811da177e4SLinus Torvalds if (!nd->dentry->d_op->d_revalidate(nd->dentry, nd)) 8821da177e4SLinus Torvalds break; 8831da177e4SLinus Torvalds } 8841da177e4SLinus Torvalds return_base: 8851da177e4SLinus Torvalds return 0; 8861da177e4SLinus Torvalds out_dput: 8871da177e4SLinus Torvalds dput(next.dentry); 8881da177e4SLinus Torvalds break; 8891da177e4SLinus Torvalds } 8901da177e4SLinus Torvalds path_release(nd); 8911da177e4SLinus Torvalds return_err: 8921da177e4SLinus Torvalds return err; 8931da177e4SLinus Torvalds } 8941da177e4SLinus Torvalds 8951da177e4SLinus Torvalds /* 8961da177e4SLinus Torvalds * Wrapper to retry pathname resolution whenever the underlying 8971da177e4SLinus Torvalds * file system returns an ESTALE. 8981da177e4SLinus Torvalds * 8991da177e4SLinus Torvalds * Retry the whole path once, forcing real lookup requests 9001da177e4SLinus Torvalds * instead of relying on the dcache. 9011da177e4SLinus Torvalds */ 9021da177e4SLinus Torvalds int fastcall link_path_walk(const char *name, struct nameidata *nd) 9031da177e4SLinus Torvalds { 9041da177e4SLinus Torvalds struct nameidata save = *nd; 9051da177e4SLinus Torvalds int result; 9061da177e4SLinus Torvalds 9071da177e4SLinus Torvalds /* make sure the stuff we saved doesn't go away */ 9081da177e4SLinus Torvalds dget(save.dentry); 9091da177e4SLinus Torvalds mntget(save.mnt); 9101da177e4SLinus Torvalds 9111da177e4SLinus Torvalds result = __link_path_walk(name, nd); 9121da177e4SLinus Torvalds if (result == -ESTALE) { 9131da177e4SLinus Torvalds *nd = save; 9141da177e4SLinus Torvalds dget(nd->dentry); 9151da177e4SLinus Torvalds mntget(nd->mnt); 9161da177e4SLinus Torvalds nd->flags |= LOOKUP_REVAL; 9171da177e4SLinus Torvalds result = __link_path_walk(name, nd); 9181da177e4SLinus Torvalds } 9191da177e4SLinus Torvalds 9201da177e4SLinus Torvalds dput(save.dentry); 9211da177e4SLinus Torvalds mntput(save.mnt); 9221da177e4SLinus Torvalds 9231da177e4SLinus Torvalds return result; 9241da177e4SLinus Torvalds } 9251da177e4SLinus Torvalds 9261da177e4SLinus Torvalds int fastcall path_walk(const char * name, struct nameidata *nd) 9271da177e4SLinus Torvalds { 9281da177e4SLinus Torvalds current->total_link_count = 0; 9291da177e4SLinus Torvalds return link_path_walk(name, nd); 9301da177e4SLinus Torvalds } 9311da177e4SLinus Torvalds 932ea3834d9SPrasanna Meda /* 933ea3834d9SPrasanna Meda * SMP-safe: Returns 1 and nd will have valid dentry and mnt, if 934ea3834d9SPrasanna Meda * everything is done. Returns 0 and drops input nd, if lookup failed; 935ea3834d9SPrasanna Meda */ 9361da177e4SLinus Torvalds static int __emul_lookup_dentry(const char *name, struct nameidata *nd) 9371da177e4SLinus Torvalds { 9381da177e4SLinus Torvalds if (path_walk(name, nd)) 9391da177e4SLinus Torvalds return 0; /* something went wrong... */ 9401da177e4SLinus Torvalds 9411da177e4SLinus Torvalds if (!nd->dentry->d_inode || S_ISDIR(nd->dentry->d_inode->i_mode)) { 9421da177e4SLinus Torvalds struct dentry *old_dentry = nd->dentry; 9431da177e4SLinus Torvalds struct vfsmount *old_mnt = nd->mnt; 9441da177e4SLinus Torvalds struct qstr last = nd->last; 9451da177e4SLinus Torvalds int last_type = nd->last_type; 9461da177e4SLinus Torvalds /* 9471da177e4SLinus Torvalds * NAME was not found in alternate root or it's a directory. Try to find 9481da177e4SLinus Torvalds * it in the normal root: 9491da177e4SLinus Torvalds */ 9501da177e4SLinus Torvalds nd->last_type = LAST_ROOT; 9511da177e4SLinus Torvalds read_lock(¤t->fs->lock); 9521da177e4SLinus Torvalds nd->mnt = mntget(current->fs->rootmnt); 9531da177e4SLinus Torvalds nd->dentry = dget(current->fs->root); 9541da177e4SLinus Torvalds read_unlock(¤t->fs->lock); 9551da177e4SLinus Torvalds if (path_walk(name, nd) == 0) { 9561da177e4SLinus Torvalds if (nd->dentry->d_inode) { 9571da177e4SLinus Torvalds dput(old_dentry); 9581da177e4SLinus Torvalds mntput(old_mnt); 9591da177e4SLinus Torvalds return 1; 9601da177e4SLinus Torvalds } 9611da177e4SLinus Torvalds path_release(nd); 9621da177e4SLinus Torvalds } 9631da177e4SLinus Torvalds nd->dentry = old_dentry; 9641da177e4SLinus Torvalds nd->mnt = old_mnt; 9651da177e4SLinus Torvalds nd->last = last; 9661da177e4SLinus Torvalds nd->last_type = last_type; 9671da177e4SLinus Torvalds } 9681da177e4SLinus Torvalds return 1; 9691da177e4SLinus Torvalds } 9701da177e4SLinus Torvalds 9711da177e4SLinus Torvalds void set_fs_altroot(void) 9721da177e4SLinus Torvalds { 9731da177e4SLinus Torvalds char *emul = __emul_prefix(); 9741da177e4SLinus Torvalds struct nameidata nd; 9751da177e4SLinus Torvalds struct vfsmount *mnt = NULL, *oldmnt; 9761da177e4SLinus Torvalds struct dentry *dentry = NULL, *olddentry; 9771da177e4SLinus Torvalds int err; 9781da177e4SLinus Torvalds 9791da177e4SLinus Torvalds if (!emul) 9801da177e4SLinus Torvalds goto set_it; 9811da177e4SLinus Torvalds err = path_lookup(emul, LOOKUP_FOLLOW|LOOKUP_DIRECTORY|LOOKUP_NOALT, &nd); 9821da177e4SLinus Torvalds if (!err) { 9831da177e4SLinus Torvalds mnt = nd.mnt; 9841da177e4SLinus Torvalds dentry = nd.dentry; 9851da177e4SLinus Torvalds } 9861da177e4SLinus Torvalds set_it: 9871da177e4SLinus Torvalds write_lock(¤t->fs->lock); 9881da177e4SLinus Torvalds oldmnt = current->fs->altrootmnt; 9891da177e4SLinus Torvalds olddentry = current->fs->altroot; 9901da177e4SLinus Torvalds current->fs->altrootmnt = mnt; 9911da177e4SLinus Torvalds current->fs->altroot = dentry; 9921da177e4SLinus Torvalds write_unlock(¤t->fs->lock); 9931da177e4SLinus Torvalds if (olddentry) { 9941da177e4SLinus Torvalds dput(olddentry); 9951da177e4SLinus Torvalds mntput(oldmnt); 9961da177e4SLinus Torvalds } 9971da177e4SLinus Torvalds } 9981da177e4SLinus Torvalds 999ea3834d9SPrasanna Meda /* Returns 0 and nd will be valid on success; Retuns error, otherwise. */ 10001da177e4SLinus Torvalds int fastcall path_lookup(const char *name, unsigned int flags, struct nameidata *nd) 10011da177e4SLinus Torvalds { 1002ea3834d9SPrasanna Meda int retval = 0; 10031da177e4SLinus Torvalds 10041da177e4SLinus Torvalds nd->last_type = LAST_ROOT; /* if there are only slashes... */ 10051da177e4SLinus Torvalds nd->flags = flags; 10061da177e4SLinus Torvalds nd->depth = 0; 10071da177e4SLinus Torvalds 10081da177e4SLinus Torvalds read_lock(¤t->fs->lock); 10091da177e4SLinus Torvalds if (*name=='/') { 10101da177e4SLinus Torvalds if (current->fs->altroot && !(nd->flags & LOOKUP_NOALT)) { 10111da177e4SLinus Torvalds nd->mnt = mntget(current->fs->altrootmnt); 10121da177e4SLinus Torvalds nd->dentry = dget(current->fs->altroot); 10131da177e4SLinus Torvalds read_unlock(¤t->fs->lock); 10141da177e4SLinus Torvalds if (__emul_lookup_dentry(name,nd)) 1015ea3834d9SPrasanna Meda goto out; /* found in altroot */ 10161da177e4SLinus Torvalds read_lock(¤t->fs->lock); 10171da177e4SLinus Torvalds } 10181da177e4SLinus Torvalds nd->mnt = mntget(current->fs->rootmnt); 10191da177e4SLinus Torvalds nd->dentry = dget(current->fs->root); 10201da177e4SLinus Torvalds } else { 10211da177e4SLinus Torvalds nd->mnt = mntget(current->fs->pwdmnt); 10221da177e4SLinus Torvalds nd->dentry = dget(current->fs->pwd); 10231da177e4SLinus Torvalds } 10241da177e4SLinus Torvalds read_unlock(¤t->fs->lock); 10251da177e4SLinus Torvalds current->total_link_count = 0; 10261da177e4SLinus Torvalds retval = link_path_walk(name, nd); 1027ea3834d9SPrasanna Meda out: 10281da177e4SLinus Torvalds if (unlikely(current->audit_context 10291da177e4SLinus Torvalds && nd && nd->dentry && nd->dentry->d_inode)) 10301da177e4SLinus Torvalds audit_inode(name, nd->dentry->d_inode); 10311da177e4SLinus Torvalds return retval; 10321da177e4SLinus Torvalds } 10331da177e4SLinus Torvalds 10341da177e4SLinus Torvalds /* 10351da177e4SLinus Torvalds * Restricted form of lookup. Doesn't follow links, single-component only, 10361da177e4SLinus Torvalds * needs parent already locked. Doesn't follow mounts. 10371da177e4SLinus Torvalds * SMP-safe. 10381da177e4SLinus Torvalds */ 10391da177e4SLinus Torvalds static struct dentry * __lookup_hash(struct qstr *name, struct dentry * base, struct nameidata *nd) 10401da177e4SLinus Torvalds { 10411da177e4SLinus Torvalds struct dentry * dentry; 10421da177e4SLinus Torvalds struct inode *inode; 10431da177e4SLinus Torvalds int err; 10441da177e4SLinus Torvalds 10451da177e4SLinus Torvalds inode = base->d_inode; 10461da177e4SLinus Torvalds err = permission(inode, MAY_EXEC, nd); 10471da177e4SLinus Torvalds dentry = ERR_PTR(err); 10481da177e4SLinus Torvalds if (err) 10491da177e4SLinus Torvalds goto out; 10501da177e4SLinus Torvalds 10511da177e4SLinus Torvalds /* 10521da177e4SLinus Torvalds * See if the low-level filesystem might want 10531da177e4SLinus Torvalds * to use its own hash.. 10541da177e4SLinus Torvalds */ 10551da177e4SLinus Torvalds if (base->d_op && base->d_op->d_hash) { 10561da177e4SLinus Torvalds err = base->d_op->d_hash(base, name); 10571da177e4SLinus Torvalds dentry = ERR_PTR(err); 10581da177e4SLinus Torvalds if (err < 0) 10591da177e4SLinus Torvalds goto out; 10601da177e4SLinus Torvalds } 10611da177e4SLinus Torvalds 10621da177e4SLinus Torvalds dentry = cached_lookup(base, name, nd); 10631da177e4SLinus Torvalds if (!dentry) { 10641da177e4SLinus Torvalds struct dentry *new = d_alloc(base, name); 10651da177e4SLinus Torvalds dentry = ERR_PTR(-ENOMEM); 10661da177e4SLinus Torvalds if (!new) 10671da177e4SLinus Torvalds goto out; 10681da177e4SLinus Torvalds dentry = inode->i_op->lookup(inode, new, nd); 10691da177e4SLinus Torvalds if (!dentry) 10701da177e4SLinus Torvalds dentry = new; 10711da177e4SLinus Torvalds else 10721da177e4SLinus Torvalds dput(new); 10731da177e4SLinus Torvalds } 10741da177e4SLinus Torvalds out: 10751da177e4SLinus Torvalds return dentry; 10761da177e4SLinus Torvalds } 10771da177e4SLinus Torvalds 10781da177e4SLinus Torvalds struct dentry * lookup_hash(struct qstr *name, struct dentry * base) 10791da177e4SLinus Torvalds { 10801da177e4SLinus Torvalds return __lookup_hash(name, base, NULL); 10811da177e4SLinus Torvalds } 10821da177e4SLinus Torvalds 10831da177e4SLinus Torvalds /* SMP-safe */ 10841da177e4SLinus Torvalds struct dentry * lookup_one_len(const char * name, struct dentry * base, int len) 10851da177e4SLinus Torvalds { 10861da177e4SLinus Torvalds unsigned long hash; 10871da177e4SLinus Torvalds struct qstr this; 10881da177e4SLinus Torvalds unsigned int c; 10891da177e4SLinus Torvalds 10901da177e4SLinus Torvalds this.name = name; 10911da177e4SLinus Torvalds this.len = len; 10921da177e4SLinus Torvalds if (!len) 10931da177e4SLinus Torvalds goto access; 10941da177e4SLinus Torvalds 10951da177e4SLinus Torvalds hash = init_name_hash(); 10961da177e4SLinus Torvalds while (len--) { 10971da177e4SLinus Torvalds c = *(const unsigned char *)name++; 10981da177e4SLinus Torvalds if (c == '/' || c == '\0') 10991da177e4SLinus Torvalds goto access; 11001da177e4SLinus Torvalds hash = partial_name_hash(c, hash); 11011da177e4SLinus Torvalds } 11021da177e4SLinus Torvalds this.hash = end_name_hash(hash); 11031da177e4SLinus Torvalds 11041da177e4SLinus Torvalds return lookup_hash(&this, base); 11051da177e4SLinus Torvalds access: 11061da177e4SLinus Torvalds return ERR_PTR(-EACCES); 11071da177e4SLinus Torvalds } 11081da177e4SLinus Torvalds 11091da177e4SLinus Torvalds /* 11101da177e4SLinus Torvalds * namei() 11111da177e4SLinus Torvalds * 11121da177e4SLinus Torvalds * is used by most simple commands to get the inode of a specified name. 11131da177e4SLinus Torvalds * Open, link etc use their own routines, but this is enough for things 11141da177e4SLinus Torvalds * like 'chmod' etc. 11151da177e4SLinus Torvalds * 11161da177e4SLinus Torvalds * namei exists in two versions: namei/lnamei. The only difference is 11171da177e4SLinus Torvalds * that namei follows links, while lnamei does not. 11181da177e4SLinus Torvalds * SMP-safe 11191da177e4SLinus Torvalds */ 11201da177e4SLinus Torvalds int fastcall __user_walk(const char __user *name, unsigned flags, struct nameidata *nd) 11211da177e4SLinus Torvalds { 11221da177e4SLinus Torvalds char *tmp = getname(name); 11231da177e4SLinus Torvalds int err = PTR_ERR(tmp); 11241da177e4SLinus Torvalds 11251da177e4SLinus Torvalds if (!IS_ERR(tmp)) { 11261da177e4SLinus Torvalds err = path_lookup(tmp, flags, nd); 11271da177e4SLinus Torvalds putname(tmp); 11281da177e4SLinus Torvalds } 11291da177e4SLinus Torvalds return err; 11301da177e4SLinus Torvalds } 11311da177e4SLinus Torvalds 11321da177e4SLinus Torvalds /* 11331da177e4SLinus Torvalds * It's inline, so penalty for filesystems that don't use sticky bit is 11341da177e4SLinus Torvalds * minimal. 11351da177e4SLinus Torvalds */ 11361da177e4SLinus Torvalds static inline int check_sticky(struct inode *dir, struct inode *inode) 11371da177e4SLinus Torvalds { 11381da177e4SLinus Torvalds if (!(dir->i_mode & S_ISVTX)) 11391da177e4SLinus Torvalds return 0; 11401da177e4SLinus Torvalds if (inode->i_uid == current->fsuid) 11411da177e4SLinus Torvalds return 0; 11421da177e4SLinus Torvalds if (dir->i_uid == current->fsuid) 11431da177e4SLinus Torvalds return 0; 11441da177e4SLinus Torvalds return !capable(CAP_FOWNER); 11451da177e4SLinus Torvalds } 11461da177e4SLinus Torvalds 11471da177e4SLinus Torvalds /* 11481da177e4SLinus Torvalds * Check whether we can remove a link victim from directory dir, check 11491da177e4SLinus Torvalds * whether the type of victim is right. 11501da177e4SLinus Torvalds * 1. We can't do it if dir is read-only (done in permission()) 11511da177e4SLinus Torvalds * 2. We should have write and exec permissions on dir 11521da177e4SLinus Torvalds * 3. We can't remove anything from append-only dir 11531da177e4SLinus Torvalds * 4. We can't do anything with immutable dir (done in permission()) 11541da177e4SLinus Torvalds * 5. If the sticky bit on dir is set we should either 11551da177e4SLinus Torvalds * a. be owner of dir, or 11561da177e4SLinus Torvalds * b. be owner of victim, or 11571da177e4SLinus Torvalds * c. have CAP_FOWNER capability 11581da177e4SLinus Torvalds * 6. If the victim is append-only or immutable we can't do antyhing with 11591da177e4SLinus Torvalds * links pointing to it. 11601da177e4SLinus Torvalds * 7. If we were asked to remove a directory and victim isn't one - ENOTDIR. 11611da177e4SLinus Torvalds * 8. If we were asked to remove a non-directory and victim isn't one - EISDIR. 11621da177e4SLinus Torvalds * 9. We can't remove a root or mountpoint. 11631da177e4SLinus Torvalds * 10. We don't allow removal of NFS sillyrenamed files; it's handled by 11641da177e4SLinus Torvalds * nfs_async_unlink(). 11651da177e4SLinus Torvalds */ 11661da177e4SLinus Torvalds static inline int may_delete(struct inode *dir,struct dentry *victim,int isdir) 11671da177e4SLinus Torvalds { 11681da177e4SLinus Torvalds int error; 11691da177e4SLinus Torvalds 11701da177e4SLinus Torvalds if (!victim->d_inode) 11711da177e4SLinus Torvalds return -ENOENT; 11721da177e4SLinus Torvalds 11731da177e4SLinus Torvalds BUG_ON(victim->d_parent->d_inode != dir); 11741da177e4SLinus Torvalds 11751da177e4SLinus Torvalds error = permission(dir,MAY_WRITE | MAY_EXEC, NULL); 11761da177e4SLinus Torvalds if (error) 11771da177e4SLinus Torvalds return error; 11781da177e4SLinus Torvalds if (IS_APPEND(dir)) 11791da177e4SLinus Torvalds return -EPERM; 11801da177e4SLinus Torvalds if (check_sticky(dir, victim->d_inode)||IS_APPEND(victim->d_inode)|| 11811da177e4SLinus Torvalds IS_IMMUTABLE(victim->d_inode)) 11821da177e4SLinus Torvalds return -EPERM; 11831da177e4SLinus Torvalds if (isdir) { 11841da177e4SLinus Torvalds if (!S_ISDIR(victim->d_inode->i_mode)) 11851da177e4SLinus Torvalds return -ENOTDIR; 11861da177e4SLinus Torvalds if (IS_ROOT(victim)) 11871da177e4SLinus Torvalds return -EBUSY; 11881da177e4SLinus Torvalds } else if (S_ISDIR(victim->d_inode->i_mode)) 11891da177e4SLinus Torvalds return -EISDIR; 11901da177e4SLinus Torvalds if (IS_DEADDIR(dir)) 11911da177e4SLinus Torvalds return -ENOENT; 11921da177e4SLinus Torvalds if (victim->d_flags & DCACHE_NFSFS_RENAMED) 11931da177e4SLinus Torvalds return -EBUSY; 11941da177e4SLinus Torvalds return 0; 11951da177e4SLinus Torvalds } 11961da177e4SLinus Torvalds 11971da177e4SLinus Torvalds /* Check whether we can create an object with dentry child in directory 11981da177e4SLinus Torvalds * dir. 11991da177e4SLinus Torvalds * 1. We can't do it if child already exists (open has special treatment for 12001da177e4SLinus Torvalds * this case, but since we are inlined it's OK) 12011da177e4SLinus Torvalds * 2. We can't do it if dir is read-only (done in permission()) 12021da177e4SLinus Torvalds * 3. We should have write and exec permissions on dir 12031da177e4SLinus Torvalds * 4. We can't do it if dir is immutable (done in permission()) 12041da177e4SLinus Torvalds */ 12051da177e4SLinus Torvalds static inline int may_create(struct inode *dir, struct dentry *child, 12061da177e4SLinus Torvalds struct nameidata *nd) 12071da177e4SLinus Torvalds { 12081da177e4SLinus Torvalds if (child->d_inode) 12091da177e4SLinus Torvalds return -EEXIST; 12101da177e4SLinus Torvalds if (IS_DEADDIR(dir)) 12111da177e4SLinus Torvalds return -ENOENT; 12121da177e4SLinus Torvalds return permission(dir,MAY_WRITE | MAY_EXEC, nd); 12131da177e4SLinus Torvalds } 12141da177e4SLinus Torvalds 12151da177e4SLinus Torvalds /* 12161da177e4SLinus Torvalds * Special case: O_CREAT|O_EXCL implies O_NOFOLLOW for security 12171da177e4SLinus Torvalds * reasons. 12181da177e4SLinus Torvalds * 12191da177e4SLinus Torvalds * O_DIRECTORY translates into forcing a directory lookup. 12201da177e4SLinus Torvalds */ 12211da177e4SLinus Torvalds static inline int lookup_flags(unsigned int f) 12221da177e4SLinus Torvalds { 12231da177e4SLinus Torvalds unsigned long retval = LOOKUP_FOLLOW; 12241da177e4SLinus Torvalds 12251da177e4SLinus Torvalds if (f & O_NOFOLLOW) 12261da177e4SLinus Torvalds retval &= ~LOOKUP_FOLLOW; 12271da177e4SLinus Torvalds 12281da177e4SLinus Torvalds if ((f & (O_CREAT|O_EXCL)) == (O_CREAT|O_EXCL)) 12291da177e4SLinus Torvalds retval &= ~LOOKUP_FOLLOW; 12301da177e4SLinus Torvalds 12311da177e4SLinus Torvalds if (f & O_DIRECTORY) 12321da177e4SLinus Torvalds retval |= LOOKUP_DIRECTORY; 12331da177e4SLinus Torvalds 12341da177e4SLinus Torvalds return retval; 12351da177e4SLinus Torvalds } 12361da177e4SLinus Torvalds 12371da177e4SLinus Torvalds /* 12381da177e4SLinus Torvalds * p1 and p2 should be directories on the same fs. 12391da177e4SLinus Torvalds */ 12401da177e4SLinus Torvalds struct dentry *lock_rename(struct dentry *p1, struct dentry *p2) 12411da177e4SLinus Torvalds { 12421da177e4SLinus Torvalds struct dentry *p; 12431da177e4SLinus Torvalds 12441da177e4SLinus Torvalds if (p1 == p2) { 12451da177e4SLinus Torvalds down(&p1->d_inode->i_sem); 12461da177e4SLinus Torvalds return NULL; 12471da177e4SLinus Torvalds } 12481da177e4SLinus Torvalds 12491da177e4SLinus Torvalds down(&p1->d_inode->i_sb->s_vfs_rename_sem); 12501da177e4SLinus Torvalds 12511da177e4SLinus Torvalds for (p = p1; p->d_parent != p; p = p->d_parent) { 12521da177e4SLinus Torvalds if (p->d_parent == p2) { 12531da177e4SLinus Torvalds down(&p2->d_inode->i_sem); 12541da177e4SLinus Torvalds down(&p1->d_inode->i_sem); 12551da177e4SLinus Torvalds return p; 12561da177e4SLinus Torvalds } 12571da177e4SLinus Torvalds } 12581da177e4SLinus Torvalds 12591da177e4SLinus Torvalds for (p = p2; p->d_parent != p; p = p->d_parent) { 12601da177e4SLinus Torvalds if (p->d_parent == p1) { 12611da177e4SLinus Torvalds down(&p1->d_inode->i_sem); 12621da177e4SLinus Torvalds down(&p2->d_inode->i_sem); 12631da177e4SLinus Torvalds return p; 12641da177e4SLinus Torvalds } 12651da177e4SLinus Torvalds } 12661da177e4SLinus Torvalds 12671da177e4SLinus Torvalds down(&p1->d_inode->i_sem); 12681da177e4SLinus Torvalds down(&p2->d_inode->i_sem); 12691da177e4SLinus Torvalds return NULL; 12701da177e4SLinus Torvalds } 12711da177e4SLinus Torvalds 12721da177e4SLinus Torvalds void unlock_rename(struct dentry *p1, struct dentry *p2) 12731da177e4SLinus Torvalds { 12741da177e4SLinus Torvalds up(&p1->d_inode->i_sem); 12751da177e4SLinus Torvalds if (p1 != p2) { 12761da177e4SLinus Torvalds up(&p2->d_inode->i_sem); 12771da177e4SLinus Torvalds up(&p1->d_inode->i_sb->s_vfs_rename_sem); 12781da177e4SLinus Torvalds } 12791da177e4SLinus Torvalds } 12801da177e4SLinus Torvalds 12811da177e4SLinus Torvalds int vfs_create(struct inode *dir, struct dentry *dentry, int mode, 12821da177e4SLinus Torvalds struct nameidata *nd) 12831da177e4SLinus Torvalds { 12841da177e4SLinus Torvalds int error = may_create(dir, dentry, nd); 12851da177e4SLinus Torvalds 12861da177e4SLinus Torvalds if (error) 12871da177e4SLinus Torvalds return error; 12881da177e4SLinus Torvalds 12891da177e4SLinus Torvalds if (!dir->i_op || !dir->i_op->create) 12901da177e4SLinus Torvalds return -EACCES; /* shouldn't it be ENOSYS? */ 12911da177e4SLinus Torvalds mode &= S_IALLUGO; 12921da177e4SLinus Torvalds mode |= S_IFREG; 12931da177e4SLinus Torvalds error = security_inode_create(dir, dentry, mode); 12941da177e4SLinus Torvalds if (error) 12951da177e4SLinus Torvalds return error; 12961da177e4SLinus Torvalds DQUOT_INIT(dir); 12971da177e4SLinus Torvalds error = dir->i_op->create(dir, dentry, mode, nd); 12981da177e4SLinus Torvalds if (!error) { 12991da177e4SLinus Torvalds inode_dir_notify(dir, DN_CREATE); 13001da177e4SLinus Torvalds security_inode_post_create(dir, dentry, mode); 13011da177e4SLinus Torvalds } 13021da177e4SLinus Torvalds return error; 13031da177e4SLinus Torvalds } 13041da177e4SLinus Torvalds 13051da177e4SLinus Torvalds int may_open(struct nameidata *nd, int acc_mode, int flag) 13061da177e4SLinus Torvalds { 13071da177e4SLinus Torvalds struct dentry *dentry = nd->dentry; 13081da177e4SLinus Torvalds struct inode *inode = dentry->d_inode; 13091da177e4SLinus Torvalds int error; 13101da177e4SLinus Torvalds 13111da177e4SLinus Torvalds if (!inode) 13121da177e4SLinus Torvalds return -ENOENT; 13131da177e4SLinus Torvalds 13141da177e4SLinus Torvalds if (S_ISLNK(inode->i_mode)) 13151da177e4SLinus Torvalds return -ELOOP; 13161da177e4SLinus Torvalds 13171da177e4SLinus Torvalds if (S_ISDIR(inode->i_mode) && (flag & FMODE_WRITE)) 13181da177e4SLinus Torvalds return -EISDIR; 13191da177e4SLinus Torvalds 13201da177e4SLinus Torvalds error = permission(inode, acc_mode, nd); 13211da177e4SLinus Torvalds if (error) 13221da177e4SLinus Torvalds return error; 13231da177e4SLinus Torvalds 13241da177e4SLinus Torvalds /* 13251da177e4SLinus Torvalds * FIFO's, sockets and device files are special: they don't 13261da177e4SLinus Torvalds * actually live on the filesystem itself, and as such you 13271da177e4SLinus Torvalds * can write to them even if the filesystem is read-only. 13281da177e4SLinus Torvalds */ 13291da177e4SLinus Torvalds if (S_ISFIFO(inode->i_mode) || S_ISSOCK(inode->i_mode)) { 13301da177e4SLinus Torvalds flag &= ~O_TRUNC; 13311da177e4SLinus Torvalds } else if (S_ISBLK(inode->i_mode) || S_ISCHR(inode->i_mode)) { 13321da177e4SLinus Torvalds if (nd->mnt->mnt_flags & MNT_NODEV) 13331da177e4SLinus Torvalds return -EACCES; 13341da177e4SLinus Torvalds 13351da177e4SLinus Torvalds flag &= ~O_TRUNC; 13361da177e4SLinus Torvalds } else if (IS_RDONLY(inode) && (flag & FMODE_WRITE)) 13371da177e4SLinus Torvalds return -EROFS; 13381da177e4SLinus Torvalds /* 13391da177e4SLinus Torvalds * An append-only file must be opened in append mode for writing. 13401da177e4SLinus Torvalds */ 13411da177e4SLinus Torvalds if (IS_APPEND(inode)) { 13421da177e4SLinus Torvalds if ((flag & FMODE_WRITE) && !(flag & O_APPEND)) 13431da177e4SLinus Torvalds return -EPERM; 13441da177e4SLinus Torvalds if (flag & O_TRUNC) 13451da177e4SLinus Torvalds return -EPERM; 13461da177e4SLinus Torvalds } 13471da177e4SLinus Torvalds 13481da177e4SLinus Torvalds /* O_NOATIME can only be set by the owner or superuser */ 13491da177e4SLinus Torvalds if (flag & O_NOATIME) 13501da177e4SLinus Torvalds if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER)) 13511da177e4SLinus Torvalds return -EPERM; 13521da177e4SLinus Torvalds 13531da177e4SLinus Torvalds /* 13541da177e4SLinus Torvalds * Ensure there are no outstanding leases on the file. 13551da177e4SLinus Torvalds */ 13561da177e4SLinus Torvalds error = break_lease(inode, flag); 13571da177e4SLinus Torvalds if (error) 13581da177e4SLinus Torvalds return error; 13591da177e4SLinus Torvalds 13601da177e4SLinus Torvalds if (flag & O_TRUNC) { 13611da177e4SLinus Torvalds error = get_write_access(inode); 13621da177e4SLinus Torvalds if (error) 13631da177e4SLinus Torvalds return error; 13641da177e4SLinus Torvalds 13651da177e4SLinus Torvalds /* 13661da177e4SLinus Torvalds * Refuse to truncate files with mandatory locks held on them. 13671da177e4SLinus Torvalds */ 13681da177e4SLinus Torvalds error = locks_verify_locked(inode); 13691da177e4SLinus Torvalds if (!error) { 13701da177e4SLinus Torvalds DQUOT_INIT(inode); 13711da177e4SLinus Torvalds 13721da177e4SLinus Torvalds error = do_truncate(dentry, 0); 13731da177e4SLinus Torvalds } 13741da177e4SLinus Torvalds put_write_access(inode); 13751da177e4SLinus Torvalds if (error) 13761da177e4SLinus Torvalds return error; 13771da177e4SLinus Torvalds } else 13781da177e4SLinus Torvalds if (flag & FMODE_WRITE) 13791da177e4SLinus Torvalds DQUOT_INIT(inode); 13801da177e4SLinus Torvalds 13811da177e4SLinus Torvalds return 0; 13821da177e4SLinus Torvalds } 13831da177e4SLinus Torvalds 13841da177e4SLinus Torvalds /* 13851da177e4SLinus Torvalds * open_namei() 13861da177e4SLinus Torvalds * 13871da177e4SLinus Torvalds * namei for open - this is in fact almost the whole open-routine. 13881da177e4SLinus Torvalds * 13891da177e4SLinus Torvalds * Note that the low bits of "flag" aren't the same as in the open 13901da177e4SLinus Torvalds * system call - they are 00 - no permissions needed 13911da177e4SLinus Torvalds * 01 - read permission needed 13921da177e4SLinus Torvalds * 10 - write permission needed 13931da177e4SLinus Torvalds * 11 - read/write permissions needed 13941da177e4SLinus Torvalds * which is a lot more logical, and also allows the "no perm" needed 13951da177e4SLinus Torvalds * for symlinks (where the permissions are checked later). 13961da177e4SLinus Torvalds * SMP-safe 13971da177e4SLinus Torvalds */ 13981da177e4SLinus Torvalds int open_namei(const char * pathname, int flag, int mode, struct nameidata *nd) 13991da177e4SLinus Torvalds { 14001da177e4SLinus Torvalds int acc_mode, error = 0; 14011da177e4SLinus Torvalds struct dentry *dentry; 14021da177e4SLinus Torvalds struct dentry *dir; 14031da177e4SLinus Torvalds int count = 0; 14041da177e4SLinus Torvalds 14051da177e4SLinus Torvalds acc_mode = ACC_MODE(flag); 14061da177e4SLinus Torvalds 14071da177e4SLinus Torvalds /* Allow the LSM permission hook to distinguish append 14081da177e4SLinus Torvalds access from general write access. */ 14091da177e4SLinus Torvalds if (flag & O_APPEND) 14101da177e4SLinus Torvalds acc_mode |= MAY_APPEND; 14111da177e4SLinus Torvalds 14121da177e4SLinus Torvalds /* Fill in the open() intent data */ 14131da177e4SLinus Torvalds nd->intent.open.flags = flag; 14141da177e4SLinus Torvalds nd->intent.open.create_mode = mode; 14151da177e4SLinus Torvalds 14161da177e4SLinus Torvalds /* 14171da177e4SLinus Torvalds * The simplest case - just a plain lookup. 14181da177e4SLinus Torvalds */ 14191da177e4SLinus Torvalds if (!(flag & O_CREAT)) { 14201da177e4SLinus Torvalds error = path_lookup(pathname, lookup_flags(flag)|LOOKUP_OPEN, nd); 14211da177e4SLinus Torvalds if (error) 14221da177e4SLinus Torvalds return error; 14231da177e4SLinus Torvalds goto ok; 14241da177e4SLinus Torvalds } 14251da177e4SLinus Torvalds 14261da177e4SLinus Torvalds /* 14271da177e4SLinus Torvalds * Create - we need to know the parent. 14281da177e4SLinus Torvalds */ 14291da177e4SLinus Torvalds error = path_lookup(pathname, LOOKUP_PARENT|LOOKUP_OPEN|LOOKUP_CREATE, nd); 14301da177e4SLinus Torvalds if (error) 14311da177e4SLinus Torvalds return error; 14321da177e4SLinus Torvalds 14331da177e4SLinus Torvalds /* 14341da177e4SLinus Torvalds * We have the parent and last component. First of all, check 14351da177e4SLinus Torvalds * that we are not asked to creat(2) an obvious directory - that 14361da177e4SLinus Torvalds * will not do. 14371da177e4SLinus Torvalds */ 14381da177e4SLinus Torvalds error = -EISDIR; 14391da177e4SLinus Torvalds if (nd->last_type != LAST_NORM || nd->last.name[nd->last.len]) 14401da177e4SLinus Torvalds goto exit; 14411da177e4SLinus Torvalds 14421da177e4SLinus Torvalds dir = nd->dentry; 14431da177e4SLinus Torvalds nd->flags &= ~LOOKUP_PARENT; 14441da177e4SLinus Torvalds down(&dir->d_inode->i_sem); 14451da177e4SLinus Torvalds dentry = __lookup_hash(&nd->last, nd->dentry, nd); 14461da177e4SLinus Torvalds 14471da177e4SLinus Torvalds do_last: 14481da177e4SLinus Torvalds error = PTR_ERR(dentry); 14491da177e4SLinus Torvalds if (IS_ERR(dentry)) { 14501da177e4SLinus Torvalds up(&dir->d_inode->i_sem); 14511da177e4SLinus Torvalds goto exit; 14521da177e4SLinus Torvalds } 14531da177e4SLinus Torvalds 14541da177e4SLinus Torvalds /* Negative dentry, just create the file */ 14551da177e4SLinus Torvalds if (!dentry->d_inode) { 14561da177e4SLinus Torvalds if (!IS_POSIXACL(dir->d_inode)) 14571da177e4SLinus Torvalds mode &= ~current->fs->umask; 14581da177e4SLinus Torvalds error = vfs_create(dir->d_inode, dentry, mode, nd); 14591da177e4SLinus Torvalds up(&dir->d_inode->i_sem); 14601da177e4SLinus Torvalds dput(nd->dentry); 14611da177e4SLinus Torvalds nd->dentry = dentry; 14621da177e4SLinus Torvalds if (error) 14631da177e4SLinus Torvalds goto exit; 14641da177e4SLinus Torvalds /* Don't check for write permission, don't truncate */ 14651da177e4SLinus Torvalds acc_mode = 0; 14661da177e4SLinus Torvalds flag &= ~O_TRUNC; 14671da177e4SLinus Torvalds goto ok; 14681da177e4SLinus Torvalds } 14691da177e4SLinus Torvalds 14701da177e4SLinus Torvalds /* 14711da177e4SLinus Torvalds * It already exists. 14721da177e4SLinus Torvalds */ 14731da177e4SLinus Torvalds up(&dir->d_inode->i_sem); 14741da177e4SLinus Torvalds 14751da177e4SLinus Torvalds error = -EEXIST; 14761da177e4SLinus Torvalds if (flag & O_EXCL) 14771da177e4SLinus Torvalds goto exit_dput; 14781da177e4SLinus Torvalds 14791da177e4SLinus Torvalds if (d_mountpoint(dentry)) { 14801da177e4SLinus Torvalds error = -ELOOP; 14811da177e4SLinus Torvalds if (flag & O_NOFOLLOW) 14821da177e4SLinus Torvalds goto exit_dput; 14831da177e4SLinus Torvalds while (__follow_down(&nd->mnt,&dentry) && d_mountpoint(dentry)); 14841da177e4SLinus Torvalds } 14851da177e4SLinus Torvalds error = -ENOENT; 14861da177e4SLinus Torvalds if (!dentry->d_inode) 14871da177e4SLinus Torvalds goto exit_dput; 14881da177e4SLinus Torvalds if (dentry->d_inode->i_op && dentry->d_inode->i_op->follow_link) 14891da177e4SLinus Torvalds goto do_link; 14901da177e4SLinus Torvalds 14911da177e4SLinus Torvalds dput(nd->dentry); 14921da177e4SLinus Torvalds nd->dentry = dentry; 14931da177e4SLinus Torvalds error = -EISDIR; 14941da177e4SLinus Torvalds if (dentry->d_inode && S_ISDIR(dentry->d_inode->i_mode)) 14951da177e4SLinus Torvalds goto exit; 14961da177e4SLinus Torvalds ok: 14971da177e4SLinus Torvalds error = may_open(nd, acc_mode, flag); 14981da177e4SLinus Torvalds if (error) 14991da177e4SLinus Torvalds goto exit; 15001da177e4SLinus Torvalds return 0; 15011da177e4SLinus Torvalds 15021da177e4SLinus Torvalds exit_dput: 15031da177e4SLinus Torvalds dput(dentry); 15041da177e4SLinus Torvalds exit: 15051da177e4SLinus Torvalds path_release(nd); 15061da177e4SLinus Torvalds return error; 15071da177e4SLinus Torvalds 15081da177e4SLinus Torvalds do_link: 15091da177e4SLinus Torvalds error = -ELOOP; 15101da177e4SLinus Torvalds if (flag & O_NOFOLLOW) 15111da177e4SLinus Torvalds goto exit_dput; 15121da177e4SLinus Torvalds /* 15131da177e4SLinus Torvalds * This is subtle. Instead of calling do_follow_link() we do the 15141da177e4SLinus Torvalds * thing by hands. The reason is that this way we have zero link_count 15151da177e4SLinus Torvalds * and path_walk() (called from ->follow_link) honoring LOOKUP_PARENT. 15161da177e4SLinus Torvalds * After that we have the parent and last component, i.e. 15171da177e4SLinus Torvalds * we are in the same situation as after the first path_walk(). 15181da177e4SLinus Torvalds * Well, almost - if the last component is normal we get its copy 15191da177e4SLinus Torvalds * stored in nd->last.name and we will have to putname() it when we 15201da177e4SLinus Torvalds * are done. Procfs-like symlinks just set LAST_BIND. 15211da177e4SLinus Torvalds */ 15221da177e4SLinus Torvalds nd->flags |= LOOKUP_PARENT; 15231da177e4SLinus Torvalds error = security_inode_follow_link(dentry, nd); 15241da177e4SLinus Torvalds if (error) 15251da177e4SLinus Torvalds goto exit_dput; 15261da177e4SLinus Torvalds error = __do_follow_link(dentry, nd); 15271da177e4SLinus Torvalds dput(dentry); 15281da177e4SLinus Torvalds if (error) 15291da177e4SLinus Torvalds return error; 15301da177e4SLinus Torvalds nd->flags &= ~LOOKUP_PARENT; 15311da177e4SLinus Torvalds if (nd->last_type == LAST_BIND) { 15321da177e4SLinus Torvalds dentry = nd->dentry; 15331da177e4SLinus Torvalds goto ok; 15341da177e4SLinus Torvalds } 15351da177e4SLinus Torvalds error = -EISDIR; 15361da177e4SLinus Torvalds if (nd->last_type != LAST_NORM) 15371da177e4SLinus Torvalds goto exit; 15381da177e4SLinus Torvalds if (nd->last.name[nd->last.len]) { 15391da177e4SLinus Torvalds putname(nd->last.name); 15401da177e4SLinus Torvalds goto exit; 15411da177e4SLinus Torvalds } 15421da177e4SLinus Torvalds error = -ELOOP; 15431da177e4SLinus Torvalds if (count++==32) { 15441da177e4SLinus Torvalds putname(nd->last.name); 15451da177e4SLinus Torvalds goto exit; 15461da177e4SLinus Torvalds } 15471da177e4SLinus Torvalds dir = nd->dentry; 15481da177e4SLinus Torvalds down(&dir->d_inode->i_sem); 15491da177e4SLinus Torvalds dentry = __lookup_hash(&nd->last, nd->dentry, nd); 15501da177e4SLinus Torvalds putname(nd->last.name); 15511da177e4SLinus Torvalds goto do_last; 15521da177e4SLinus Torvalds } 15531da177e4SLinus Torvalds 15541da177e4SLinus Torvalds /** 15551da177e4SLinus Torvalds * lookup_create - lookup a dentry, creating it if it doesn't exist 15561da177e4SLinus Torvalds * @nd: nameidata info 15571da177e4SLinus Torvalds * @is_dir: directory flag 15581da177e4SLinus Torvalds * 15591da177e4SLinus Torvalds * Simple function to lookup and return a dentry and create it 15601da177e4SLinus Torvalds * if it doesn't exist. Is SMP-safe. 15611da177e4SLinus Torvalds */ 15621da177e4SLinus Torvalds struct dentry *lookup_create(struct nameidata *nd, int is_dir) 15631da177e4SLinus Torvalds { 15641da177e4SLinus Torvalds struct dentry *dentry; 15651da177e4SLinus Torvalds 15661da177e4SLinus Torvalds down(&nd->dentry->d_inode->i_sem); 15671da177e4SLinus Torvalds dentry = ERR_PTR(-EEXIST); 15681da177e4SLinus Torvalds if (nd->last_type != LAST_NORM) 15691da177e4SLinus Torvalds goto fail; 15701da177e4SLinus Torvalds nd->flags &= ~LOOKUP_PARENT; 15711da177e4SLinus Torvalds dentry = lookup_hash(&nd->last, nd->dentry); 15721da177e4SLinus Torvalds if (IS_ERR(dentry)) 15731da177e4SLinus Torvalds goto fail; 15741da177e4SLinus Torvalds if (!is_dir && nd->last.name[nd->last.len] && !dentry->d_inode) 15751da177e4SLinus Torvalds goto enoent; 15761da177e4SLinus Torvalds return dentry; 15771da177e4SLinus Torvalds enoent: 15781da177e4SLinus Torvalds dput(dentry); 15791da177e4SLinus Torvalds dentry = ERR_PTR(-ENOENT); 15801da177e4SLinus Torvalds fail: 15811da177e4SLinus Torvalds return dentry; 15821da177e4SLinus Torvalds } 15831da177e4SLinus Torvalds 15841da177e4SLinus Torvalds int vfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev) 15851da177e4SLinus Torvalds { 15861da177e4SLinus Torvalds int error = may_create(dir, dentry, NULL); 15871da177e4SLinus Torvalds 15881da177e4SLinus Torvalds if (error) 15891da177e4SLinus Torvalds return error; 15901da177e4SLinus Torvalds 15911da177e4SLinus Torvalds if ((S_ISCHR(mode) || S_ISBLK(mode)) && !capable(CAP_MKNOD)) 15921da177e4SLinus Torvalds return -EPERM; 15931da177e4SLinus Torvalds 15941da177e4SLinus Torvalds if (!dir->i_op || !dir->i_op->mknod) 15951da177e4SLinus Torvalds return -EPERM; 15961da177e4SLinus Torvalds 15971da177e4SLinus Torvalds error = security_inode_mknod(dir, dentry, mode, dev); 15981da177e4SLinus Torvalds if (error) 15991da177e4SLinus Torvalds return error; 16001da177e4SLinus Torvalds 16011da177e4SLinus Torvalds DQUOT_INIT(dir); 16021da177e4SLinus Torvalds error = dir->i_op->mknod(dir, dentry, mode, dev); 16031da177e4SLinus Torvalds if (!error) { 16041da177e4SLinus Torvalds inode_dir_notify(dir, DN_CREATE); 16051da177e4SLinus Torvalds security_inode_post_mknod(dir, dentry, mode, dev); 16061da177e4SLinus Torvalds } 16071da177e4SLinus Torvalds return error; 16081da177e4SLinus Torvalds } 16091da177e4SLinus Torvalds 16101da177e4SLinus Torvalds asmlinkage long sys_mknod(const char __user * filename, int mode, unsigned dev) 16111da177e4SLinus Torvalds { 16121da177e4SLinus Torvalds int error = 0; 16131da177e4SLinus Torvalds char * tmp; 16141da177e4SLinus Torvalds struct dentry * dentry; 16151da177e4SLinus Torvalds struct nameidata nd; 16161da177e4SLinus Torvalds 16171da177e4SLinus Torvalds if (S_ISDIR(mode)) 16181da177e4SLinus Torvalds return -EPERM; 16191da177e4SLinus Torvalds tmp = getname(filename); 16201da177e4SLinus Torvalds if (IS_ERR(tmp)) 16211da177e4SLinus Torvalds return PTR_ERR(tmp); 16221da177e4SLinus Torvalds 16231da177e4SLinus Torvalds error = path_lookup(tmp, LOOKUP_PARENT, &nd); 16241da177e4SLinus Torvalds if (error) 16251da177e4SLinus Torvalds goto out; 16261da177e4SLinus Torvalds dentry = lookup_create(&nd, 0); 16271da177e4SLinus Torvalds error = PTR_ERR(dentry); 16281da177e4SLinus Torvalds 16291da177e4SLinus Torvalds if (!IS_POSIXACL(nd.dentry->d_inode)) 16301da177e4SLinus Torvalds mode &= ~current->fs->umask; 16311da177e4SLinus Torvalds if (!IS_ERR(dentry)) { 16321da177e4SLinus Torvalds switch (mode & S_IFMT) { 16331da177e4SLinus Torvalds case 0: case S_IFREG: 16341da177e4SLinus Torvalds error = vfs_create(nd.dentry->d_inode,dentry,mode,&nd); 16351da177e4SLinus Torvalds break; 16361da177e4SLinus Torvalds case S_IFCHR: case S_IFBLK: 16371da177e4SLinus Torvalds error = vfs_mknod(nd.dentry->d_inode,dentry,mode, 16381da177e4SLinus Torvalds new_decode_dev(dev)); 16391da177e4SLinus Torvalds break; 16401da177e4SLinus Torvalds case S_IFIFO: case S_IFSOCK: 16411da177e4SLinus Torvalds error = vfs_mknod(nd.dentry->d_inode,dentry,mode,0); 16421da177e4SLinus Torvalds break; 16431da177e4SLinus Torvalds case S_IFDIR: 16441da177e4SLinus Torvalds error = -EPERM; 16451da177e4SLinus Torvalds break; 16461da177e4SLinus Torvalds default: 16471da177e4SLinus Torvalds error = -EINVAL; 16481da177e4SLinus Torvalds } 16491da177e4SLinus Torvalds dput(dentry); 16501da177e4SLinus Torvalds } 16511da177e4SLinus Torvalds up(&nd.dentry->d_inode->i_sem); 16521da177e4SLinus Torvalds path_release(&nd); 16531da177e4SLinus Torvalds out: 16541da177e4SLinus Torvalds putname(tmp); 16551da177e4SLinus Torvalds 16561da177e4SLinus Torvalds return error; 16571da177e4SLinus Torvalds } 16581da177e4SLinus Torvalds 16591da177e4SLinus Torvalds int vfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) 16601da177e4SLinus Torvalds { 16611da177e4SLinus Torvalds int error = may_create(dir, dentry, NULL); 16621da177e4SLinus Torvalds 16631da177e4SLinus Torvalds if (error) 16641da177e4SLinus Torvalds return error; 16651da177e4SLinus Torvalds 16661da177e4SLinus Torvalds if (!dir->i_op || !dir->i_op->mkdir) 16671da177e4SLinus Torvalds return -EPERM; 16681da177e4SLinus Torvalds 16691da177e4SLinus Torvalds mode &= (S_IRWXUGO|S_ISVTX); 16701da177e4SLinus Torvalds error = security_inode_mkdir(dir, dentry, mode); 16711da177e4SLinus Torvalds if (error) 16721da177e4SLinus Torvalds return error; 16731da177e4SLinus Torvalds 16741da177e4SLinus Torvalds DQUOT_INIT(dir); 16751da177e4SLinus Torvalds error = dir->i_op->mkdir(dir, dentry, mode); 16761da177e4SLinus Torvalds if (!error) { 16771da177e4SLinus Torvalds inode_dir_notify(dir, DN_CREATE); 16781da177e4SLinus Torvalds security_inode_post_mkdir(dir,dentry, mode); 16791da177e4SLinus Torvalds } 16801da177e4SLinus Torvalds return error; 16811da177e4SLinus Torvalds } 16821da177e4SLinus Torvalds 16831da177e4SLinus Torvalds asmlinkage long sys_mkdir(const char __user * pathname, int mode) 16841da177e4SLinus Torvalds { 16851da177e4SLinus Torvalds int error = 0; 16861da177e4SLinus Torvalds char * tmp; 16871da177e4SLinus Torvalds 16881da177e4SLinus Torvalds tmp = getname(pathname); 16891da177e4SLinus Torvalds error = PTR_ERR(tmp); 16901da177e4SLinus Torvalds if (!IS_ERR(tmp)) { 16911da177e4SLinus Torvalds struct dentry *dentry; 16921da177e4SLinus Torvalds struct nameidata nd; 16931da177e4SLinus Torvalds 16941da177e4SLinus Torvalds error = path_lookup(tmp, LOOKUP_PARENT, &nd); 16951da177e4SLinus Torvalds if (error) 16961da177e4SLinus Torvalds goto out; 16971da177e4SLinus Torvalds dentry = lookup_create(&nd, 1); 16981da177e4SLinus Torvalds error = PTR_ERR(dentry); 16991da177e4SLinus Torvalds if (!IS_ERR(dentry)) { 17001da177e4SLinus Torvalds if (!IS_POSIXACL(nd.dentry->d_inode)) 17011da177e4SLinus Torvalds mode &= ~current->fs->umask; 17021da177e4SLinus Torvalds error = vfs_mkdir(nd.dentry->d_inode, dentry, mode); 17031da177e4SLinus Torvalds dput(dentry); 17041da177e4SLinus Torvalds } 17051da177e4SLinus Torvalds up(&nd.dentry->d_inode->i_sem); 17061da177e4SLinus Torvalds path_release(&nd); 17071da177e4SLinus Torvalds out: 17081da177e4SLinus Torvalds putname(tmp); 17091da177e4SLinus Torvalds } 17101da177e4SLinus Torvalds 17111da177e4SLinus Torvalds return error; 17121da177e4SLinus Torvalds } 17131da177e4SLinus Torvalds 17141da177e4SLinus Torvalds /* 17151da177e4SLinus Torvalds * We try to drop the dentry early: we should have 17161da177e4SLinus Torvalds * a usage count of 2 if we're the only user of this 17171da177e4SLinus Torvalds * dentry, and if that is true (possibly after pruning 17181da177e4SLinus Torvalds * the dcache), then we drop the dentry now. 17191da177e4SLinus Torvalds * 17201da177e4SLinus Torvalds * A low-level filesystem can, if it choses, legally 17211da177e4SLinus Torvalds * do a 17221da177e4SLinus Torvalds * 17231da177e4SLinus Torvalds * if (!d_unhashed(dentry)) 17241da177e4SLinus Torvalds * return -EBUSY; 17251da177e4SLinus Torvalds * 17261da177e4SLinus Torvalds * if it cannot handle the case of removing a directory 17271da177e4SLinus Torvalds * that is still in use by something else.. 17281da177e4SLinus Torvalds */ 17291da177e4SLinus Torvalds void dentry_unhash(struct dentry *dentry) 17301da177e4SLinus Torvalds { 17311da177e4SLinus Torvalds dget(dentry); 17321da177e4SLinus Torvalds if (atomic_read(&dentry->d_count)) 17331da177e4SLinus Torvalds shrink_dcache_parent(dentry); 17341da177e4SLinus Torvalds spin_lock(&dcache_lock); 17351da177e4SLinus Torvalds spin_lock(&dentry->d_lock); 17361da177e4SLinus Torvalds if (atomic_read(&dentry->d_count) == 2) 17371da177e4SLinus Torvalds __d_drop(dentry); 17381da177e4SLinus Torvalds spin_unlock(&dentry->d_lock); 17391da177e4SLinus Torvalds spin_unlock(&dcache_lock); 17401da177e4SLinus Torvalds } 17411da177e4SLinus Torvalds 17421da177e4SLinus Torvalds int vfs_rmdir(struct inode *dir, struct dentry *dentry) 17431da177e4SLinus Torvalds { 17441da177e4SLinus Torvalds int error = may_delete(dir, dentry, 1); 17451da177e4SLinus Torvalds 17461da177e4SLinus Torvalds if (error) 17471da177e4SLinus Torvalds return error; 17481da177e4SLinus Torvalds 17491da177e4SLinus Torvalds if (!dir->i_op || !dir->i_op->rmdir) 17501da177e4SLinus Torvalds return -EPERM; 17511da177e4SLinus Torvalds 17521da177e4SLinus Torvalds DQUOT_INIT(dir); 17531da177e4SLinus Torvalds 17541da177e4SLinus Torvalds down(&dentry->d_inode->i_sem); 17551da177e4SLinus Torvalds dentry_unhash(dentry); 17561da177e4SLinus Torvalds if (d_mountpoint(dentry)) 17571da177e4SLinus Torvalds error = -EBUSY; 17581da177e4SLinus Torvalds else { 17591da177e4SLinus Torvalds error = security_inode_rmdir(dir, dentry); 17601da177e4SLinus Torvalds if (!error) { 17611da177e4SLinus Torvalds error = dir->i_op->rmdir(dir, dentry); 17621da177e4SLinus Torvalds if (!error) 17631da177e4SLinus Torvalds dentry->d_inode->i_flags |= S_DEAD; 17641da177e4SLinus Torvalds } 17651da177e4SLinus Torvalds } 17661da177e4SLinus Torvalds up(&dentry->d_inode->i_sem); 17671da177e4SLinus Torvalds if (!error) { 17681da177e4SLinus Torvalds inode_dir_notify(dir, DN_DELETE); 17691da177e4SLinus Torvalds d_delete(dentry); 17701da177e4SLinus Torvalds } 17711da177e4SLinus Torvalds dput(dentry); 17721da177e4SLinus Torvalds 17731da177e4SLinus Torvalds return error; 17741da177e4SLinus Torvalds } 17751da177e4SLinus Torvalds 17761da177e4SLinus Torvalds asmlinkage long sys_rmdir(const char __user * pathname) 17771da177e4SLinus Torvalds { 17781da177e4SLinus Torvalds int error = 0; 17791da177e4SLinus Torvalds char * name; 17801da177e4SLinus Torvalds struct dentry *dentry; 17811da177e4SLinus Torvalds struct nameidata nd; 17821da177e4SLinus Torvalds 17831da177e4SLinus Torvalds name = getname(pathname); 17841da177e4SLinus Torvalds if(IS_ERR(name)) 17851da177e4SLinus Torvalds return PTR_ERR(name); 17861da177e4SLinus Torvalds 17871da177e4SLinus Torvalds error = path_lookup(name, LOOKUP_PARENT, &nd); 17881da177e4SLinus Torvalds if (error) 17891da177e4SLinus Torvalds goto exit; 17901da177e4SLinus Torvalds 17911da177e4SLinus Torvalds switch(nd.last_type) { 17921da177e4SLinus Torvalds case LAST_DOTDOT: 17931da177e4SLinus Torvalds error = -ENOTEMPTY; 17941da177e4SLinus Torvalds goto exit1; 17951da177e4SLinus Torvalds case LAST_DOT: 17961da177e4SLinus Torvalds error = -EINVAL; 17971da177e4SLinus Torvalds goto exit1; 17981da177e4SLinus Torvalds case LAST_ROOT: 17991da177e4SLinus Torvalds error = -EBUSY; 18001da177e4SLinus Torvalds goto exit1; 18011da177e4SLinus Torvalds } 18021da177e4SLinus Torvalds down(&nd.dentry->d_inode->i_sem); 18031da177e4SLinus Torvalds dentry = lookup_hash(&nd.last, nd.dentry); 18041da177e4SLinus Torvalds error = PTR_ERR(dentry); 18051da177e4SLinus Torvalds if (!IS_ERR(dentry)) { 18061da177e4SLinus Torvalds error = vfs_rmdir(nd.dentry->d_inode, dentry); 18071da177e4SLinus Torvalds dput(dentry); 18081da177e4SLinus Torvalds } 18091da177e4SLinus Torvalds up(&nd.dentry->d_inode->i_sem); 18101da177e4SLinus Torvalds exit1: 18111da177e4SLinus Torvalds path_release(&nd); 18121da177e4SLinus Torvalds exit: 18131da177e4SLinus Torvalds putname(name); 18141da177e4SLinus Torvalds return error; 18151da177e4SLinus Torvalds } 18161da177e4SLinus Torvalds 18171da177e4SLinus Torvalds int vfs_unlink(struct inode *dir, struct dentry *dentry) 18181da177e4SLinus Torvalds { 18191da177e4SLinus Torvalds int error = may_delete(dir, dentry, 0); 18201da177e4SLinus Torvalds 18211da177e4SLinus Torvalds if (error) 18221da177e4SLinus Torvalds return error; 18231da177e4SLinus Torvalds 18241da177e4SLinus Torvalds if (!dir->i_op || !dir->i_op->unlink) 18251da177e4SLinus Torvalds return -EPERM; 18261da177e4SLinus Torvalds 18271da177e4SLinus Torvalds DQUOT_INIT(dir); 18281da177e4SLinus Torvalds 18291da177e4SLinus Torvalds down(&dentry->d_inode->i_sem); 18301da177e4SLinus Torvalds if (d_mountpoint(dentry)) 18311da177e4SLinus Torvalds error = -EBUSY; 18321da177e4SLinus Torvalds else { 18331da177e4SLinus Torvalds error = security_inode_unlink(dir, dentry); 18341da177e4SLinus Torvalds if (!error) 18351da177e4SLinus Torvalds error = dir->i_op->unlink(dir, dentry); 18361da177e4SLinus Torvalds } 18371da177e4SLinus Torvalds up(&dentry->d_inode->i_sem); 18381da177e4SLinus Torvalds 18391da177e4SLinus Torvalds /* We don't d_delete() NFS sillyrenamed files--they still exist. */ 18401da177e4SLinus Torvalds if (!error && !(dentry->d_flags & DCACHE_NFSFS_RENAMED)) { 18411da177e4SLinus Torvalds d_delete(dentry); 18421da177e4SLinus Torvalds inode_dir_notify(dir, DN_DELETE); 18431da177e4SLinus Torvalds } 18441da177e4SLinus Torvalds return error; 18451da177e4SLinus Torvalds } 18461da177e4SLinus Torvalds 18471da177e4SLinus Torvalds /* 18481da177e4SLinus Torvalds * Make sure that the actual truncation of the file will occur outside its 18491da177e4SLinus Torvalds * directory's i_sem. Truncate can take a long time if there is a lot of 18501da177e4SLinus Torvalds * writeout happening, and we don't want to prevent access to the directory 18511da177e4SLinus Torvalds * while waiting on the I/O. 18521da177e4SLinus Torvalds */ 18531da177e4SLinus Torvalds asmlinkage long sys_unlink(const char __user * pathname) 18541da177e4SLinus Torvalds { 18551da177e4SLinus Torvalds int error = 0; 18561da177e4SLinus Torvalds char * name; 18571da177e4SLinus Torvalds struct dentry *dentry; 18581da177e4SLinus Torvalds struct nameidata nd; 18591da177e4SLinus Torvalds struct inode *inode = NULL; 18601da177e4SLinus Torvalds 18611da177e4SLinus Torvalds name = getname(pathname); 18621da177e4SLinus Torvalds if(IS_ERR(name)) 18631da177e4SLinus Torvalds return PTR_ERR(name); 18641da177e4SLinus Torvalds 18651da177e4SLinus Torvalds error = path_lookup(name, LOOKUP_PARENT, &nd); 18661da177e4SLinus Torvalds if (error) 18671da177e4SLinus Torvalds goto exit; 18681da177e4SLinus Torvalds error = -EISDIR; 18691da177e4SLinus Torvalds if (nd.last_type != LAST_NORM) 18701da177e4SLinus Torvalds goto exit1; 18711da177e4SLinus Torvalds down(&nd.dentry->d_inode->i_sem); 18721da177e4SLinus Torvalds dentry = lookup_hash(&nd.last, nd.dentry); 18731da177e4SLinus Torvalds error = PTR_ERR(dentry); 18741da177e4SLinus Torvalds if (!IS_ERR(dentry)) { 18751da177e4SLinus Torvalds /* Why not before? Because we want correct error value */ 18761da177e4SLinus Torvalds if (nd.last.name[nd.last.len]) 18771da177e4SLinus Torvalds goto slashes; 18781da177e4SLinus Torvalds inode = dentry->d_inode; 18791da177e4SLinus Torvalds if (inode) 18801da177e4SLinus Torvalds atomic_inc(&inode->i_count); 18811da177e4SLinus Torvalds error = vfs_unlink(nd.dentry->d_inode, dentry); 18821da177e4SLinus Torvalds exit2: 18831da177e4SLinus Torvalds dput(dentry); 18841da177e4SLinus Torvalds } 18851da177e4SLinus Torvalds up(&nd.dentry->d_inode->i_sem); 18861da177e4SLinus Torvalds if (inode) 18871da177e4SLinus Torvalds iput(inode); /* truncate the inode here */ 18881da177e4SLinus Torvalds exit1: 18891da177e4SLinus Torvalds path_release(&nd); 18901da177e4SLinus Torvalds exit: 18911da177e4SLinus Torvalds putname(name); 18921da177e4SLinus Torvalds return error; 18931da177e4SLinus Torvalds 18941da177e4SLinus Torvalds slashes: 18951da177e4SLinus Torvalds error = !dentry->d_inode ? -ENOENT : 18961da177e4SLinus Torvalds S_ISDIR(dentry->d_inode->i_mode) ? -EISDIR : -ENOTDIR; 18971da177e4SLinus Torvalds goto exit2; 18981da177e4SLinus Torvalds } 18991da177e4SLinus Torvalds 19001da177e4SLinus Torvalds int vfs_symlink(struct inode *dir, struct dentry *dentry, const char *oldname, int mode) 19011da177e4SLinus Torvalds { 19021da177e4SLinus Torvalds int error = may_create(dir, dentry, NULL); 19031da177e4SLinus Torvalds 19041da177e4SLinus Torvalds if (error) 19051da177e4SLinus Torvalds return error; 19061da177e4SLinus Torvalds 19071da177e4SLinus Torvalds if (!dir->i_op || !dir->i_op->symlink) 19081da177e4SLinus Torvalds return -EPERM; 19091da177e4SLinus Torvalds 19101da177e4SLinus Torvalds error = security_inode_symlink(dir, dentry, oldname); 19111da177e4SLinus Torvalds if (error) 19121da177e4SLinus Torvalds return error; 19131da177e4SLinus Torvalds 19141da177e4SLinus Torvalds DQUOT_INIT(dir); 19151da177e4SLinus Torvalds error = dir->i_op->symlink(dir, dentry, oldname); 19161da177e4SLinus Torvalds if (!error) { 19171da177e4SLinus Torvalds inode_dir_notify(dir, DN_CREATE); 19181da177e4SLinus Torvalds security_inode_post_symlink(dir, dentry, oldname); 19191da177e4SLinus Torvalds } 19201da177e4SLinus Torvalds return error; 19211da177e4SLinus Torvalds } 19221da177e4SLinus Torvalds 19231da177e4SLinus Torvalds asmlinkage long sys_symlink(const char __user * oldname, const char __user * newname) 19241da177e4SLinus Torvalds { 19251da177e4SLinus Torvalds int error = 0; 19261da177e4SLinus Torvalds char * from; 19271da177e4SLinus Torvalds char * to; 19281da177e4SLinus Torvalds 19291da177e4SLinus Torvalds from = getname(oldname); 19301da177e4SLinus Torvalds if(IS_ERR(from)) 19311da177e4SLinus Torvalds return PTR_ERR(from); 19321da177e4SLinus Torvalds to = getname(newname); 19331da177e4SLinus Torvalds error = PTR_ERR(to); 19341da177e4SLinus Torvalds if (!IS_ERR(to)) { 19351da177e4SLinus Torvalds struct dentry *dentry; 19361da177e4SLinus Torvalds struct nameidata nd; 19371da177e4SLinus Torvalds 19381da177e4SLinus Torvalds error = path_lookup(to, LOOKUP_PARENT, &nd); 19391da177e4SLinus Torvalds if (error) 19401da177e4SLinus Torvalds goto out; 19411da177e4SLinus Torvalds dentry = lookup_create(&nd, 0); 19421da177e4SLinus Torvalds error = PTR_ERR(dentry); 19431da177e4SLinus Torvalds if (!IS_ERR(dentry)) { 19441da177e4SLinus Torvalds error = vfs_symlink(nd.dentry->d_inode, dentry, from, S_IALLUGO); 19451da177e4SLinus Torvalds dput(dentry); 19461da177e4SLinus Torvalds } 19471da177e4SLinus Torvalds up(&nd.dentry->d_inode->i_sem); 19481da177e4SLinus Torvalds path_release(&nd); 19491da177e4SLinus Torvalds out: 19501da177e4SLinus Torvalds putname(to); 19511da177e4SLinus Torvalds } 19521da177e4SLinus Torvalds putname(from); 19531da177e4SLinus Torvalds return error; 19541da177e4SLinus Torvalds } 19551da177e4SLinus Torvalds 19561da177e4SLinus Torvalds int vfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_dentry) 19571da177e4SLinus Torvalds { 19581da177e4SLinus Torvalds struct inode *inode = old_dentry->d_inode; 19591da177e4SLinus Torvalds int error; 19601da177e4SLinus Torvalds 19611da177e4SLinus Torvalds if (!inode) 19621da177e4SLinus Torvalds return -ENOENT; 19631da177e4SLinus Torvalds 19641da177e4SLinus Torvalds error = may_create(dir, new_dentry, NULL); 19651da177e4SLinus Torvalds if (error) 19661da177e4SLinus Torvalds return error; 19671da177e4SLinus Torvalds 19681da177e4SLinus Torvalds if (dir->i_sb != inode->i_sb) 19691da177e4SLinus Torvalds return -EXDEV; 19701da177e4SLinus Torvalds 19711da177e4SLinus Torvalds /* 19721da177e4SLinus Torvalds * A link to an append-only or immutable file cannot be created. 19731da177e4SLinus Torvalds */ 19741da177e4SLinus Torvalds if (IS_APPEND(inode) || IS_IMMUTABLE(inode)) 19751da177e4SLinus Torvalds return -EPERM; 19761da177e4SLinus Torvalds if (!dir->i_op || !dir->i_op->link) 19771da177e4SLinus Torvalds return -EPERM; 19781da177e4SLinus Torvalds if (S_ISDIR(old_dentry->d_inode->i_mode)) 19791da177e4SLinus Torvalds return -EPERM; 19801da177e4SLinus Torvalds 19811da177e4SLinus Torvalds error = security_inode_link(old_dentry, dir, new_dentry); 19821da177e4SLinus Torvalds if (error) 19831da177e4SLinus Torvalds return error; 19841da177e4SLinus Torvalds 19851da177e4SLinus Torvalds down(&old_dentry->d_inode->i_sem); 19861da177e4SLinus Torvalds DQUOT_INIT(dir); 19871da177e4SLinus Torvalds error = dir->i_op->link(old_dentry, dir, new_dentry); 19881da177e4SLinus Torvalds up(&old_dentry->d_inode->i_sem); 19891da177e4SLinus Torvalds if (!error) { 19901da177e4SLinus Torvalds inode_dir_notify(dir, DN_CREATE); 19911da177e4SLinus Torvalds security_inode_post_link(old_dentry, dir, new_dentry); 19921da177e4SLinus Torvalds } 19931da177e4SLinus Torvalds return error; 19941da177e4SLinus Torvalds } 19951da177e4SLinus Torvalds 19961da177e4SLinus Torvalds /* 19971da177e4SLinus Torvalds * Hardlinks are often used in delicate situations. We avoid 19981da177e4SLinus Torvalds * security-related surprises by not following symlinks on the 19991da177e4SLinus Torvalds * newname. --KAB 20001da177e4SLinus Torvalds * 20011da177e4SLinus Torvalds * We don't follow them on the oldname either to be compatible 20021da177e4SLinus Torvalds * with linux 2.0, and to avoid hard-linking to directories 20031da177e4SLinus Torvalds * and other special files. --ADM 20041da177e4SLinus Torvalds */ 20051da177e4SLinus Torvalds asmlinkage long sys_link(const char __user * oldname, const char __user * newname) 20061da177e4SLinus Torvalds { 20071da177e4SLinus Torvalds struct dentry *new_dentry; 20081da177e4SLinus Torvalds struct nameidata nd, old_nd; 20091da177e4SLinus Torvalds int error; 20101da177e4SLinus Torvalds char * to; 20111da177e4SLinus Torvalds 20121da177e4SLinus Torvalds to = getname(newname); 20131da177e4SLinus Torvalds if (IS_ERR(to)) 20141da177e4SLinus Torvalds return PTR_ERR(to); 20151da177e4SLinus Torvalds 20161da177e4SLinus Torvalds error = __user_walk(oldname, 0, &old_nd); 20171da177e4SLinus Torvalds if (error) 20181da177e4SLinus Torvalds goto exit; 20191da177e4SLinus Torvalds error = path_lookup(to, LOOKUP_PARENT, &nd); 20201da177e4SLinus Torvalds if (error) 20211da177e4SLinus Torvalds goto out; 20221da177e4SLinus Torvalds error = -EXDEV; 20231da177e4SLinus Torvalds if (old_nd.mnt != nd.mnt) 20241da177e4SLinus Torvalds goto out_release; 20251da177e4SLinus Torvalds new_dentry = lookup_create(&nd, 0); 20261da177e4SLinus Torvalds error = PTR_ERR(new_dentry); 20271da177e4SLinus Torvalds if (!IS_ERR(new_dentry)) { 20281da177e4SLinus Torvalds error = vfs_link(old_nd.dentry, nd.dentry->d_inode, new_dentry); 20291da177e4SLinus Torvalds dput(new_dentry); 20301da177e4SLinus Torvalds } 20311da177e4SLinus Torvalds up(&nd.dentry->d_inode->i_sem); 20321da177e4SLinus Torvalds out_release: 20331da177e4SLinus Torvalds path_release(&nd); 20341da177e4SLinus Torvalds out: 20351da177e4SLinus Torvalds path_release(&old_nd); 20361da177e4SLinus Torvalds exit: 20371da177e4SLinus Torvalds putname(to); 20381da177e4SLinus Torvalds 20391da177e4SLinus Torvalds return error; 20401da177e4SLinus Torvalds } 20411da177e4SLinus Torvalds 20421da177e4SLinus Torvalds /* 20431da177e4SLinus Torvalds * The worst of all namespace operations - renaming directory. "Perverted" 20441da177e4SLinus Torvalds * doesn't even start to describe it. Somebody in UCB had a heck of a trip... 20451da177e4SLinus Torvalds * Problems: 20461da177e4SLinus Torvalds * a) we can get into loop creation. Check is done in is_subdir(). 20471da177e4SLinus Torvalds * b) race potential - two innocent renames can create a loop together. 20481da177e4SLinus Torvalds * That's where 4.4 screws up. Current fix: serialization on 20491da177e4SLinus Torvalds * sb->s_vfs_rename_sem. We might be more accurate, but that's another 20501da177e4SLinus Torvalds * story. 20511da177e4SLinus Torvalds * c) we have to lock _three_ objects - parents and victim (if it exists). 20521da177e4SLinus Torvalds * And that - after we got ->i_sem on parents (until then we don't know 20531da177e4SLinus Torvalds * whether the target exists). Solution: try to be smart with locking 20541da177e4SLinus Torvalds * order for inodes. We rely on the fact that tree topology may change 20551da177e4SLinus Torvalds * only under ->s_vfs_rename_sem _and_ that parent of the object we 20561da177e4SLinus Torvalds * move will be locked. Thus we can rank directories by the tree 20571da177e4SLinus Torvalds * (ancestors first) and rank all non-directories after them. 20581da177e4SLinus Torvalds * That works since everybody except rename does "lock parent, lookup, 20591da177e4SLinus Torvalds * lock child" and rename is under ->s_vfs_rename_sem. 20601da177e4SLinus Torvalds * HOWEVER, it relies on the assumption that any object with ->lookup() 20611da177e4SLinus Torvalds * has no more than 1 dentry. If "hybrid" objects will ever appear, 20621da177e4SLinus Torvalds * we'd better make sure that there's no link(2) for them. 20631da177e4SLinus Torvalds * d) some filesystems don't support opened-but-unlinked directories, 20641da177e4SLinus Torvalds * either because of layout or because they are not ready to deal with 20651da177e4SLinus Torvalds * all cases correctly. The latter will be fixed (taking this sort of 20661da177e4SLinus Torvalds * stuff into VFS), but the former is not going away. Solution: the same 20671da177e4SLinus Torvalds * trick as in rmdir(). 20681da177e4SLinus Torvalds * e) conversion from fhandle to dentry may come in the wrong moment - when 20691da177e4SLinus Torvalds * we are removing the target. Solution: we will have to grab ->i_sem 20701da177e4SLinus Torvalds * in the fhandle_to_dentry code. [FIXME - current nfsfh.c relies on 20711da177e4SLinus Torvalds * ->i_sem on parents, which works but leads to some truely excessive 20721da177e4SLinus Torvalds * locking]. 20731da177e4SLinus Torvalds */ 20741da177e4SLinus Torvalds int vfs_rename_dir(struct inode *old_dir, struct dentry *old_dentry, 20751da177e4SLinus Torvalds struct inode *new_dir, struct dentry *new_dentry) 20761da177e4SLinus Torvalds { 20771da177e4SLinus Torvalds int error = 0; 20781da177e4SLinus Torvalds struct inode *target; 20791da177e4SLinus Torvalds 20801da177e4SLinus Torvalds /* 20811da177e4SLinus Torvalds * If we are going to change the parent - check write permissions, 20821da177e4SLinus Torvalds * we'll need to flip '..'. 20831da177e4SLinus Torvalds */ 20841da177e4SLinus Torvalds if (new_dir != old_dir) { 20851da177e4SLinus Torvalds error = permission(old_dentry->d_inode, MAY_WRITE, NULL); 20861da177e4SLinus Torvalds if (error) 20871da177e4SLinus Torvalds return error; 20881da177e4SLinus Torvalds } 20891da177e4SLinus Torvalds 20901da177e4SLinus Torvalds error = security_inode_rename(old_dir, old_dentry, new_dir, new_dentry); 20911da177e4SLinus Torvalds if (error) 20921da177e4SLinus Torvalds return error; 20931da177e4SLinus Torvalds 20941da177e4SLinus Torvalds target = new_dentry->d_inode; 20951da177e4SLinus Torvalds if (target) { 20961da177e4SLinus Torvalds down(&target->i_sem); 20971da177e4SLinus Torvalds dentry_unhash(new_dentry); 20981da177e4SLinus Torvalds } 20991da177e4SLinus Torvalds if (d_mountpoint(old_dentry)||d_mountpoint(new_dentry)) 21001da177e4SLinus Torvalds error = -EBUSY; 21011da177e4SLinus Torvalds else 21021da177e4SLinus Torvalds error = old_dir->i_op->rename(old_dir, old_dentry, new_dir, new_dentry); 21031da177e4SLinus Torvalds if (target) { 21041da177e4SLinus Torvalds if (!error) 21051da177e4SLinus Torvalds target->i_flags |= S_DEAD; 21061da177e4SLinus Torvalds up(&target->i_sem); 21071da177e4SLinus Torvalds if (d_unhashed(new_dentry)) 21081da177e4SLinus Torvalds d_rehash(new_dentry); 21091da177e4SLinus Torvalds dput(new_dentry); 21101da177e4SLinus Torvalds } 21111da177e4SLinus Torvalds if (!error) { 21121da177e4SLinus Torvalds d_move(old_dentry,new_dentry); 21131da177e4SLinus Torvalds security_inode_post_rename(old_dir, old_dentry, 21141da177e4SLinus Torvalds new_dir, new_dentry); 21151da177e4SLinus Torvalds } 21161da177e4SLinus Torvalds return error; 21171da177e4SLinus Torvalds } 21181da177e4SLinus Torvalds 21191da177e4SLinus Torvalds int vfs_rename_other(struct inode *old_dir, struct dentry *old_dentry, 21201da177e4SLinus Torvalds struct inode *new_dir, struct dentry *new_dentry) 21211da177e4SLinus Torvalds { 21221da177e4SLinus Torvalds struct inode *target; 21231da177e4SLinus Torvalds int error; 21241da177e4SLinus Torvalds 21251da177e4SLinus Torvalds error = security_inode_rename(old_dir, old_dentry, new_dir, new_dentry); 21261da177e4SLinus Torvalds if (error) 21271da177e4SLinus Torvalds return error; 21281da177e4SLinus Torvalds 21291da177e4SLinus Torvalds dget(new_dentry); 21301da177e4SLinus Torvalds target = new_dentry->d_inode; 21311da177e4SLinus Torvalds if (target) 21321da177e4SLinus Torvalds down(&target->i_sem); 21331da177e4SLinus Torvalds if (d_mountpoint(old_dentry)||d_mountpoint(new_dentry)) 21341da177e4SLinus Torvalds error = -EBUSY; 21351da177e4SLinus Torvalds else 21361da177e4SLinus Torvalds error = old_dir->i_op->rename(old_dir, old_dentry, new_dir, new_dentry); 21371da177e4SLinus Torvalds if (!error) { 21381da177e4SLinus Torvalds /* The following d_move() should become unconditional */ 21391da177e4SLinus Torvalds if (!(old_dir->i_sb->s_type->fs_flags & FS_ODD_RENAME)) 21401da177e4SLinus Torvalds d_move(old_dentry, new_dentry); 21411da177e4SLinus Torvalds security_inode_post_rename(old_dir, old_dentry, new_dir, new_dentry); 21421da177e4SLinus Torvalds } 21431da177e4SLinus Torvalds if (target) 21441da177e4SLinus Torvalds up(&target->i_sem); 21451da177e4SLinus Torvalds dput(new_dentry); 21461da177e4SLinus Torvalds return error; 21471da177e4SLinus Torvalds } 21481da177e4SLinus Torvalds 21491da177e4SLinus Torvalds int vfs_rename(struct inode *old_dir, struct dentry *old_dentry, 21501da177e4SLinus Torvalds struct inode *new_dir, struct dentry *new_dentry) 21511da177e4SLinus Torvalds { 21521da177e4SLinus Torvalds int error; 21531da177e4SLinus Torvalds int is_dir = S_ISDIR(old_dentry->d_inode->i_mode); 21541da177e4SLinus Torvalds 21551da177e4SLinus Torvalds if (old_dentry->d_inode == new_dentry->d_inode) 21561da177e4SLinus Torvalds return 0; 21571da177e4SLinus Torvalds 21581da177e4SLinus Torvalds error = may_delete(old_dir, old_dentry, is_dir); 21591da177e4SLinus Torvalds if (error) 21601da177e4SLinus Torvalds return error; 21611da177e4SLinus Torvalds 21621da177e4SLinus Torvalds if (!new_dentry->d_inode) 21631da177e4SLinus Torvalds error = may_create(new_dir, new_dentry, NULL); 21641da177e4SLinus Torvalds else 21651da177e4SLinus Torvalds error = may_delete(new_dir, new_dentry, is_dir); 21661da177e4SLinus Torvalds if (error) 21671da177e4SLinus Torvalds return error; 21681da177e4SLinus Torvalds 21691da177e4SLinus Torvalds if (!old_dir->i_op || !old_dir->i_op->rename) 21701da177e4SLinus Torvalds return -EPERM; 21711da177e4SLinus Torvalds 21721da177e4SLinus Torvalds DQUOT_INIT(old_dir); 21731da177e4SLinus Torvalds DQUOT_INIT(new_dir); 21741da177e4SLinus Torvalds 21751da177e4SLinus Torvalds if (is_dir) 21761da177e4SLinus Torvalds error = vfs_rename_dir(old_dir,old_dentry,new_dir,new_dentry); 21771da177e4SLinus Torvalds else 21781da177e4SLinus Torvalds error = vfs_rename_other(old_dir,old_dentry,new_dir,new_dentry); 21791da177e4SLinus Torvalds if (!error) { 21801da177e4SLinus Torvalds if (old_dir == new_dir) 21811da177e4SLinus Torvalds inode_dir_notify(old_dir, DN_RENAME); 21821da177e4SLinus Torvalds else { 21831da177e4SLinus Torvalds inode_dir_notify(old_dir, DN_DELETE); 21841da177e4SLinus Torvalds inode_dir_notify(new_dir, DN_CREATE); 21851da177e4SLinus Torvalds } 21861da177e4SLinus Torvalds } 21871da177e4SLinus Torvalds return error; 21881da177e4SLinus Torvalds } 21891da177e4SLinus Torvalds 21901da177e4SLinus Torvalds static inline int do_rename(const char * oldname, const char * newname) 21911da177e4SLinus Torvalds { 21921da177e4SLinus Torvalds int error = 0; 21931da177e4SLinus Torvalds struct dentry * old_dir, * new_dir; 21941da177e4SLinus Torvalds struct dentry * old_dentry, *new_dentry; 21951da177e4SLinus Torvalds struct dentry * trap; 21961da177e4SLinus Torvalds struct nameidata oldnd, newnd; 21971da177e4SLinus Torvalds 21981da177e4SLinus Torvalds error = path_lookup(oldname, LOOKUP_PARENT, &oldnd); 21991da177e4SLinus Torvalds if (error) 22001da177e4SLinus Torvalds goto exit; 22011da177e4SLinus Torvalds 22021da177e4SLinus Torvalds error = path_lookup(newname, LOOKUP_PARENT, &newnd); 22031da177e4SLinus Torvalds if (error) 22041da177e4SLinus Torvalds goto exit1; 22051da177e4SLinus Torvalds 22061da177e4SLinus Torvalds error = -EXDEV; 22071da177e4SLinus Torvalds if (oldnd.mnt != newnd.mnt) 22081da177e4SLinus Torvalds goto exit2; 22091da177e4SLinus Torvalds 22101da177e4SLinus Torvalds old_dir = oldnd.dentry; 22111da177e4SLinus Torvalds error = -EBUSY; 22121da177e4SLinus Torvalds if (oldnd.last_type != LAST_NORM) 22131da177e4SLinus Torvalds goto exit2; 22141da177e4SLinus Torvalds 22151da177e4SLinus Torvalds new_dir = newnd.dentry; 22161da177e4SLinus Torvalds if (newnd.last_type != LAST_NORM) 22171da177e4SLinus Torvalds goto exit2; 22181da177e4SLinus Torvalds 22191da177e4SLinus Torvalds trap = lock_rename(new_dir, old_dir); 22201da177e4SLinus Torvalds 22211da177e4SLinus Torvalds old_dentry = lookup_hash(&oldnd.last, old_dir); 22221da177e4SLinus Torvalds error = PTR_ERR(old_dentry); 22231da177e4SLinus Torvalds if (IS_ERR(old_dentry)) 22241da177e4SLinus Torvalds goto exit3; 22251da177e4SLinus Torvalds /* source must exist */ 22261da177e4SLinus Torvalds error = -ENOENT; 22271da177e4SLinus Torvalds if (!old_dentry->d_inode) 22281da177e4SLinus Torvalds goto exit4; 22291da177e4SLinus Torvalds /* unless the source is a directory trailing slashes give -ENOTDIR */ 22301da177e4SLinus Torvalds if (!S_ISDIR(old_dentry->d_inode->i_mode)) { 22311da177e4SLinus Torvalds error = -ENOTDIR; 22321da177e4SLinus Torvalds if (oldnd.last.name[oldnd.last.len]) 22331da177e4SLinus Torvalds goto exit4; 22341da177e4SLinus Torvalds if (newnd.last.name[newnd.last.len]) 22351da177e4SLinus Torvalds goto exit4; 22361da177e4SLinus Torvalds } 22371da177e4SLinus Torvalds /* source should not be ancestor of target */ 22381da177e4SLinus Torvalds error = -EINVAL; 22391da177e4SLinus Torvalds if (old_dentry == trap) 22401da177e4SLinus Torvalds goto exit4; 22411da177e4SLinus Torvalds new_dentry = lookup_hash(&newnd.last, new_dir); 22421da177e4SLinus Torvalds error = PTR_ERR(new_dentry); 22431da177e4SLinus Torvalds if (IS_ERR(new_dentry)) 22441da177e4SLinus Torvalds goto exit4; 22451da177e4SLinus Torvalds /* target should not be an ancestor of source */ 22461da177e4SLinus Torvalds error = -ENOTEMPTY; 22471da177e4SLinus Torvalds if (new_dentry == trap) 22481da177e4SLinus Torvalds goto exit5; 22491da177e4SLinus Torvalds 22501da177e4SLinus Torvalds error = vfs_rename(old_dir->d_inode, old_dentry, 22511da177e4SLinus Torvalds new_dir->d_inode, new_dentry); 22521da177e4SLinus Torvalds exit5: 22531da177e4SLinus Torvalds dput(new_dentry); 22541da177e4SLinus Torvalds exit4: 22551da177e4SLinus Torvalds dput(old_dentry); 22561da177e4SLinus Torvalds exit3: 22571da177e4SLinus Torvalds unlock_rename(new_dir, old_dir); 22581da177e4SLinus Torvalds exit2: 22591da177e4SLinus Torvalds path_release(&newnd); 22601da177e4SLinus Torvalds exit1: 22611da177e4SLinus Torvalds path_release(&oldnd); 22621da177e4SLinus Torvalds exit: 22631da177e4SLinus Torvalds return error; 22641da177e4SLinus Torvalds } 22651da177e4SLinus Torvalds 22661da177e4SLinus Torvalds asmlinkage long sys_rename(const char __user * oldname, const char __user * newname) 22671da177e4SLinus Torvalds { 22681da177e4SLinus Torvalds int error; 22691da177e4SLinus Torvalds char * from; 22701da177e4SLinus Torvalds char * to; 22711da177e4SLinus Torvalds 22721da177e4SLinus Torvalds from = getname(oldname); 22731da177e4SLinus Torvalds if(IS_ERR(from)) 22741da177e4SLinus Torvalds return PTR_ERR(from); 22751da177e4SLinus Torvalds to = getname(newname); 22761da177e4SLinus Torvalds error = PTR_ERR(to); 22771da177e4SLinus Torvalds if (!IS_ERR(to)) { 22781da177e4SLinus Torvalds error = do_rename(from,to); 22791da177e4SLinus Torvalds putname(to); 22801da177e4SLinus Torvalds } 22811da177e4SLinus Torvalds putname(from); 22821da177e4SLinus Torvalds return error; 22831da177e4SLinus Torvalds } 22841da177e4SLinus Torvalds 22851da177e4SLinus Torvalds int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const char *link) 22861da177e4SLinus Torvalds { 22871da177e4SLinus Torvalds int len; 22881da177e4SLinus Torvalds 22891da177e4SLinus Torvalds len = PTR_ERR(link); 22901da177e4SLinus Torvalds if (IS_ERR(link)) 22911da177e4SLinus Torvalds goto out; 22921da177e4SLinus Torvalds 22931da177e4SLinus Torvalds len = strlen(link); 22941da177e4SLinus Torvalds if (len > (unsigned) buflen) 22951da177e4SLinus Torvalds len = buflen; 22961da177e4SLinus Torvalds if (copy_to_user(buffer, link, len)) 22971da177e4SLinus Torvalds len = -EFAULT; 22981da177e4SLinus Torvalds out: 22991da177e4SLinus Torvalds return len; 23001da177e4SLinus Torvalds } 23011da177e4SLinus Torvalds 23021da177e4SLinus Torvalds /* 23031da177e4SLinus Torvalds * A helper for ->readlink(). This should be used *ONLY* for symlinks that 23041da177e4SLinus Torvalds * have ->follow_link() touching nd only in nd_set_link(). Using (or not 23051da177e4SLinus Torvalds * using) it for any given inode is up to filesystem. 23061da177e4SLinus Torvalds */ 23071da177e4SLinus Torvalds int generic_readlink(struct dentry *dentry, char __user *buffer, int buflen) 23081da177e4SLinus Torvalds { 23091da177e4SLinus Torvalds struct nameidata nd; 23101da177e4SLinus Torvalds int res; 23111da177e4SLinus Torvalds nd.depth = 0; 23121da177e4SLinus Torvalds res = dentry->d_inode->i_op->follow_link(dentry, &nd); 23131da177e4SLinus Torvalds if (!res) { 23141da177e4SLinus Torvalds res = vfs_readlink(dentry, buffer, buflen, nd_get_link(&nd)); 23151da177e4SLinus Torvalds if (dentry->d_inode->i_op->put_link) 23161da177e4SLinus Torvalds dentry->d_inode->i_op->put_link(dentry, &nd); 23171da177e4SLinus Torvalds } 23181da177e4SLinus Torvalds return res; 23191da177e4SLinus Torvalds } 23201da177e4SLinus Torvalds 23211da177e4SLinus Torvalds int vfs_follow_link(struct nameidata *nd, const char *link) 23221da177e4SLinus Torvalds { 23231da177e4SLinus Torvalds return __vfs_follow_link(nd, link); 23241da177e4SLinus Torvalds } 23251da177e4SLinus Torvalds 23261da177e4SLinus Torvalds /* get the link contents into pagecache */ 23271da177e4SLinus Torvalds static char *page_getlink(struct dentry * dentry, struct page **ppage) 23281da177e4SLinus Torvalds { 23291da177e4SLinus Torvalds struct page * page; 23301da177e4SLinus Torvalds struct address_space *mapping = dentry->d_inode->i_mapping; 23311da177e4SLinus Torvalds page = read_cache_page(mapping, 0, (filler_t *)mapping->a_ops->readpage, 23321da177e4SLinus Torvalds NULL); 23331da177e4SLinus Torvalds if (IS_ERR(page)) 23341da177e4SLinus Torvalds goto sync_fail; 23351da177e4SLinus Torvalds wait_on_page_locked(page); 23361da177e4SLinus Torvalds if (!PageUptodate(page)) 23371da177e4SLinus Torvalds goto async_fail; 23381da177e4SLinus Torvalds *ppage = page; 23391da177e4SLinus Torvalds return kmap(page); 23401da177e4SLinus Torvalds 23411da177e4SLinus Torvalds async_fail: 23421da177e4SLinus Torvalds page_cache_release(page); 23431da177e4SLinus Torvalds return ERR_PTR(-EIO); 23441da177e4SLinus Torvalds 23451da177e4SLinus Torvalds sync_fail: 23461da177e4SLinus Torvalds return (char*)page; 23471da177e4SLinus Torvalds } 23481da177e4SLinus Torvalds 23491da177e4SLinus Torvalds int page_readlink(struct dentry *dentry, char __user *buffer, int buflen) 23501da177e4SLinus Torvalds { 23511da177e4SLinus Torvalds struct page *page = NULL; 23521da177e4SLinus Torvalds char *s = page_getlink(dentry, &page); 23531da177e4SLinus Torvalds int res = vfs_readlink(dentry,buffer,buflen,s); 23541da177e4SLinus Torvalds if (page) { 23551da177e4SLinus Torvalds kunmap(page); 23561da177e4SLinus Torvalds page_cache_release(page); 23571da177e4SLinus Torvalds } 23581da177e4SLinus Torvalds return res; 23591da177e4SLinus Torvalds } 23601da177e4SLinus Torvalds 23611da177e4SLinus Torvalds int page_follow_link_light(struct dentry *dentry, struct nameidata *nd) 23621da177e4SLinus Torvalds { 23631da177e4SLinus Torvalds struct page *page; 23641da177e4SLinus Torvalds nd_set_link(nd, page_getlink(dentry, &page)); 23651da177e4SLinus Torvalds return 0; 23661da177e4SLinus Torvalds } 23671da177e4SLinus Torvalds 23681da177e4SLinus Torvalds void page_put_link(struct dentry *dentry, struct nameidata *nd) 23691da177e4SLinus Torvalds { 23701da177e4SLinus Torvalds if (!IS_ERR(nd_get_link(nd))) { 23711da177e4SLinus Torvalds struct page *page; 23721da177e4SLinus Torvalds page = find_get_page(dentry->d_inode->i_mapping, 0); 23731da177e4SLinus Torvalds if (!page) 23741da177e4SLinus Torvalds BUG(); 23751da177e4SLinus Torvalds kunmap(page); 23761da177e4SLinus Torvalds page_cache_release(page); 23771da177e4SLinus Torvalds page_cache_release(page); 23781da177e4SLinus Torvalds } 23791da177e4SLinus Torvalds } 23801da177e4SLinus Torvalds 23811da177e4SLinus Torvalds int page_symlink(struct inode *inode, const char *symname, int len) 23821da177e4SLinus Torvalds { 23831da177e4SLinus Torvalds struct address_space *mapping = inode->i_mapping; 23841da177e4SLinus Torvalds struct page *page = grab_cache_page(mapping, 0); 23851da177e4SLinus Torvalds int err = -ENOMEM; 23861da177e4SLinus Torvalds char *kaddr; 23871da177e4SLinus Torvalds 23881da177e4SLinus Torvalds if (!page) 23891da177e4SLinus Torvalds goto fail; 23901da177e4SLinus Torvalds err = mapping->a_ops->prepare_write(NULL, page, 0, len-1); 23911da177e4SLinus Torvalds if (err) 23921da177e4SLinus Torvalds goto fail_map; 23931da177e4SLinus Torvalds kaddr = kmap_atomic(page, KM_USER0); 23941da177e4SLinus Torvalds memcpy(kaddr, symname, len-1); 23951da177e4SLinus Torvalds kunmap_atomic(kaddr, KM_USER0); 23961da177e4SLinus Torvalds mapping->a_ops->commit_write(NULL, page, 0, len-1); 23971da177e4SLinus Torvalds /* 23981da177e4SLinus Torvalds * Notice that we are _not_ going to block here - end of page is 23991da177e4SLinus Torvalds * unmapped, so this will only try to map the rest of page, see 24001da177e4SLinus Torvalds * that it is unmapped (typically even will not look into inode - 24011da177e4SLinus Torvalds * ->i_size will be enough for everything) and zero it out. 24021da177e4SLinus Torvalds * OTOH it's obviously correct and should make the page up-to-date. 24031da177e4SLinus Torvalds */ 24041da177e4SLinus Torvalds if (!PageUptodate(page)) { 24051da177e4SLinus Torvalds err = mapping->a_ops->readpage(NULL, page); 24061da177e4SLinus Torvalds wait_on_page_locked(page); 24071da177e4SLinus Torvalds } else { 24081da177e4SLinus Torvalds unlock_page(page); 24091da177e4SLinus Torvalds } 24101da177e4SLinus Torvalds page_cache_release(page); 24111da177e4SLinus Torvalds if (err < 0) 24121da177e4SLinus Torvalds goto fail; 24131da177e4SLinus Torvalds mark_inode_dirty(inode); 24141da177e4SLinus Torvalds return 0; 24151da177e4SLinus Torvalds fail_map: 24161da177e4SLinus Torvalds unlock_page(page); 24171da177e4SLinus Torvalds page_cache_release(page); 24181da177e4SLinus Torvalds fail: 24191da177e4SLinus Torvalds return err; 24201da177e4SLinus Torvalds } 24211da177e4SLinus Torvalds 24221da177e4SLinus Torvalds struct inode_operations page_symlink_inode_operations = { 24231da177e4SLinus Torvalds .readlink = generic_readlink, 24241da177e4SLinus Torvalds .follow_link = page_follow_link_light, 24251da177e4SLinus Torvalds .put_link = page_put_link, 24261da177e4SLinus Torvalds }; 24271da177e4SLinus Torvalds 24281da177e4SLinus Torvalds EXPORT_SYMBOL(__user_walk); 24291da177e4SLinus Torvalds EXPORT_SYMBOL(follow_down); 24301da177e4SLinus Torvalds EXPORT_SYMBOL(follow_up); 24311da177e4SLinus Torvalds EXPORT_SYMBOL(get_write_access); /* binfmt_aout */ 24321da177e4SLinus Torvalds EXPORT_SYMBOL(getname); 24331da177e4SLinus Torvalds EXPORT_SYMBOL(lock_rename); 24341da177e4SLinus Torvalds EXPORT_SYMBOL(lookup_hash); 24351da177e4SLinus Torvalds EXPORT_SYMBOL(lookup_one_len); 24361da177e4SLinus Torvalds EXPORT_SYMBOL(page_follow_link_light); 24371da177e4SLinus Torvalds EXPORT_SYMBOL(page_put_link); 24381da177e4SLinus Torvalds EXPORT_SYMBOL(page_readlink); 24391da177e4SLinus Torvalds EXPORT_SYMBOL(page_symlink); 24401da177e4SLinus Torvalds EXPORT_SYMBOL(page_symlink_inode_operations); 24411da177e4SLinus Torvalds EXPORT_SYMBOL(path_lookup); 24421da177e4SLinus Torvalds EXPORT_SYMBOL(path_release); 24431da177e4SLinus Torvalds EXPORT_SYMBOL(path_walk); 24441da177e4SLinus Torvalds EXPORT_SYMBOL(permission); 24451da177e4SLinus Torvalds EXPORT_SYMBOL(unlock_rename); 24461da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_create); 24471da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_follow_link); 24481da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_link); 24491da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_mkdir); 24501da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_mknod); 24511da177e4SLinus Torvalds EXPORT_SYMBOL(generic_permission); 24521da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_readlink); 24531da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_rename); 24541da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_rmdir); 24551da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_symlink); 24561da177e4SLinus Torvalds EXPORT_SYMBOL(vfs_unlink); 24571da177e4SLinus Torvalds EXPORT_SYMBOL(dentry_unhash); 24581da177e4SLinus Torvalds EXPORT_SYMBOL(generic_readlink); 2459