xref: /openbmc/linux/fs/ubifs/dir.c (revision 4bce6fce)
1 /* * This file is part of UBIFS.
2  *
3  * Copyright (C) 2006-2008 Nokia Corporation.
4  * Copyright (C) 2006, 2007 University of Szeged, Hungary
5  *
6  * This program is free software; you can redistribute it and/or modify it
7  * under the terms of the GNU General Public License version 2 as published by
8  * the Free Software Foundation.
9  *
10  * This program is distributed in the hope that it will be useful, but WITHOUT
11  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
13  * more details.
14  *
15  * You should have received a copy of the GNU General Public License along with
16  * this program; if not, write to the Free Software Foundation, Inc., 51
17  * Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
18  *
19  * Authors: Artem Bityutskiy (Битюцкий Артём)
20  *          Adrian Hunter
21  *          Zoltan Sogor
22  */
23 
24 /*
25  * This file implements directory operations.
26  *
27  * All FS operations in this file allocate budget before writing anything to the
28  * media. If they fail to allocate it, the error is returned. The only
29  * exceptions are 'ubifs_unlink()' and 'ubifs_rmdir()' which keep working even
30  * if they unable to allocate the budget, because deletion %-ENOSPC failure is
31  * not what users are usually ready to get. UBIFS budgeting subsystem has some
32  * space reserved for these purposes.
33  *
34  * All operations in this file write all inodes which they change straight
35  * away, instead of marking them dirty. For example, 'ubifs_link()' changes
36  * @i_size of the parent inode and writes the parent inode together with the
37  * target inode. This was done to simplify file-system recovery which would
38  * otherwise be very difficult to do. The only exception is rename which marks
39  * the re-named inode dirty (because its @i_ctime is updated) but does not
40  * write it, but just marks it as dirty.
41  */
42 
43 #include "ubifs.h"
44 
45 /**
46  * inherit_flags - inherit flags of the parent inode.
47  * @dir: parent inode
48  * @mode: new inode mode flags
49  *
50  * This is a helper function for 'ubifs_new_inode()' which inherits flag of the
51  * parent directory inode @dir. UBIFS inodes inherit the following flags:
52  * o %UBIFS_COMPR_FL, which is useful to switch compression on/of on
53  *   sub-directory basis;
54  * o %UBIFS_SYNC_FL - useful for the same reasons;
55  * o %UBIFS_DIRSYNC_FL - similar, but relevant only to directories.
56  *
57  * This function returns the inherited flags.
58  */
59 static int inherit_flags(const struct inode *dir, umode_t mode)
60 {
61 	int flags;
62 	const struct ubifs_inode *ui = ubifs_inode(dir);
63 
64 	if (!S_ISDIR(dir->i_mode))
65 		/*
66 		 * The parent is not a directory, which means that an extended
67 		 * attribute inode is being created. No flags.
68 		 */
69 		return 0;
70 
71 	flags = ui->flags & (UBIFS_COMPR_FL | UBIFS_SYNC_FL | UBIFS_DIRSYNC_FL);
72 	if (!S_ISDIR(mode))
73 		/* The "DIRSYNC" flag only applies to directories */
74 		flags &= ~UBIFS_DIRSYNC_FL;
75 	return flags;
76 }
77 
78 /**
79  * ubifs_new_inode - allocate new UBIFS inode object.
80  * @c: UBIFS file-system description object
81  * @dir: parent directory inode
82  * @mode: inode mode flags
83  *
84  * This function finds an unused inode number, allocates new inode and
85  * initializes it. Returns new inode in case of success and an error code in
86  * case of failure.
87  */
88 struct inode *ubifs_new_inode(struct ubifs_info *c, const struct inode *dir,
89 			      umode_t mode)
90 {
91 	struct inode *inode;
92 	struct ubifs_inode *ui;
93 
94 	inode = new_inode(c->vfs_sb);
95 	ui = ubifs_inode(inode);
96 	if (!inode)
97 		return ERR_PTR(-ENOMEM);
98 
99 	/*
100 	 * Set 'S_NOCMTIME' to prevent VFS form updating [mc]time of inodes and
101 	 * marking them dirty in file write path (see 'file_update_time()').
102 	 * UBIFS has to fully control "clean <-> dirty" transitions of inodes
103 	 * to make budgeting work.
104 	 */
105 	inode->i_flags |= S_NOCMTIME;
106 
107 	inode_init_owner(inode, dir, mode);
108 	inode->i_mtime = inode->i_atime = inode->i_ctime =
109 			 ubifs_current_time(inode);
110 	inode->i_mapping->nrpages = 0;
111 
112 	switch (mode & S_IFMT) {
113 	case S_IFREG:
114 		inode->i_mapping->a_ops = &ubifs_file_address_operations;
115 		inode->i_op = &ubifs_file_inode_operations;
116 		inode->i_fop = &ubifs_file_operations;
117 		break;
118 	case S_IFDIR:
119 		inode->i_op  = &ubifs_dir_inode_operations;
120 		inode->i_fop = &ubifs_dir_operations;
121 		inode->i_size = ui->ui_size = UBIFS_INO_NODE_SZ;
122 		break;
123 	case S_IFLNK:
124 		inode->i_op = &ubifs_symlink_inode_operations;
125 		break;
126 	case S_IFSOCK:
127 	case S_IFIFO:
128 	case S_IFBLK:
129 	case S_IFCHR:
130 		inode->i_op  = &ubifs_file_inode_operations;
131 		break;
132 	default:
133 		BUG();
134 	}
135 
136 	ui->flags = inherit_flags(dir, mode);
137 	ubifs_set_inode_flags(inode);
138 	if (S_ISREG(mode))
139 		ui->compr_type = c->default_compr;
140 	else
141 		ui->compr_type = UBIFS_COMPR_NONE;
142 	ui->synced_i_size = 0;
143 
144 	spin_lock(&c->cnt_lock);
145 	/* Inode number overflow is currently not supported */
146 	if (c->highest_inum >= INUM_WARN_WATERMARK) {
147 		if (c->highest_inum >= INUM_WATERMARK) {
148 			spin_unlock(&c->cnt_lock);
149 			ubifs_err(c, "out of inode numbers");
150 			make_bad_inode(inode);
151 			iput(inode);
152 			return ERR_PTR(-EINVAL);
153 		}
154 		ubifs_warn(c, "running out of inode numbers (current %lu, max %u)",
155 			   (unsigned long)c->highest_inum, INUM_WATERMARK);
156 	}
157 
158 	inode->i_ino = ++c->highest_inum;
159 	/*
160 	 * The creation sequence number remains with this inode for its
161 	 * lifetime. All nodes for this inode have a greater sequence number,
162 	 * and so it is possible to distinguish obsolete nodes belonging to a
163 	 * previous incarnation of the same inode number - for example, for the
164 	 * purpose of rebuilding the index.
165 	 */
166 	ui->creat_sqnum = ++c->max_sqnum;
167 	spin_unlock(&c->cnt_lock);
168 	return inode;
169 }
170 
171 static int dbg_check_name(const struct ubifs_info *c,
172 			  const struct ubifs_dent_node *dent,
173 			  const struct qstr *nm)
174 {
175 	if (!dbg_is_chk_gen(c))
176 		return 0;
177 	if (le16_to_cpu(dent->nlen) != nm->len)
178 		return -EINVAL;
179 	if (memcmp(dent->name, nm->name, nm->len))
180 		return -EINVAL;
181 	return 0;
182 }
183 
184 static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry,
185 				   unsigned int flags)
186 {
187 	int err;
188 	union ubifs_key key;
189 	struct inode *inode = NULL;
190 	struct ubifs_dent_node *dent;
191 	struct ubifs_info *c = dir->i_sb->s_fs_info;
192 
193 	dbg_gen("'%pd' in dir ino %lu", dentry, dir->i_ino);
194 
195 	if (dentry->d_name.len > UBIFS_MAX_NLEN)
196 		return ERR_PTR(-ENAMETOOLONG);
197 
198 	dent = kmalloc(UBIFS_MAX_DENT_NODE_SZ, GFP_NOFS);
199 	if (!dent)
200 		return ERR_PTR(-ENOMEM);
201 
202 	dent_key_init(c, &key, dir->i_ino, &dentry->d_name);
203 
204 	err = ubifs_tnc_lookup_nm(c, &key, dent, &dentry->d_name);
205 	if (err) {
206 		if (err == -ENOENT) {
207 			dbg_gen("not found");
208 			goto done;
209 		}
210 		goto out;
211 	}
212 
213 	if (dbg_check_name(c, dent, &dentry->d_name)) {
214 		err = -EINVAL;
215 		goto out;
216 	}
217 
218 	inode = ubifs_iget(dir->i_sb, le64_to_cpu(dent->inum));
219 	if (IS_ERR(inode)) {
220 		/*
221 		 * This should not happen. Probably the file-system needs
222 		 * checking.
223 		 */
224 		err = PTR_ERR(inode);
225 		ubifs_err(c, "dead directory entry '%pd', error %d",
226 			  dentry, err);
227 		ubifs_ro_mode(c, err);
228 		goto out;
229 	}
230 
231 done:
232 	kfree(dent);
233 	/*
234 	 * Note, d_splice_alias() would be required instead if we supported
235 	 * NFS.
236 	 */
237 	d_add(dentry, inode);
238 	return NULL;
239 
240 out:
241 	kfree(dent);
242 	return ERR_PTR(err);
243 }
244 
245 static int ubifs_create(struct inode *dir, struct dentry *dentry, umode_t mode,
246 			bool excl)
247 {
248 	struct inode *inode;
249 	struct ubifs_info *c = dir->i_sb->s_fs_info;
250 	int err, sz_change = CALC_DENT_SIZE(dentry->d_name.len);
251 	struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
252 					.dirtied_ino = 1 };
253 	struct ubifs_inode *dir_ui = ubifs_inode(dir);
254 
255 	/*
256 	 * Budget request settings: new inode, new direntry, changing the
257 	 * parent directory inode.
258 	 */
259 
260 	dbg_gen("dent '%pd', mode %#hx in dir ino %lu",
261 		dentry, mode, dir->i_ino);
262 
263 	err = ubifs_budget_space(c, &req);
264 	if (err)
265 		return err;
266 
267 	inode = ubifs_new_inode(c, dir, mode);
268 	if (IS_ERR(inode)) {
269 		err = PTR_ERR(inode);
270 		goto out_budg;
271 	}
272 
273 	err = ubifs_init_security(dir, inode, &dentry->d_name);
274 	if (err)
275 		goto out_inode;
276 
277 	mutex_lock(&dir_ui->ui_mutex);
278 	dir->i_size += sz_change;
279 	dir_ui->ui_size = dir->i_size;
280 	dir->i_mtime = dir->i_ctime = inode->i_ctime;
281 	err = ubifs_jnl_update(c, dir, &dentry->d_name, inode, 0, 0);
282 	if (err)
283 		goto out_cancel;
284 	mutex_unlock(&dir_ui->ui_mutex);
285 
286 	ubifs_release_budget(c, &req);
287 	insert_inode_hash(inode);
288 	d_instantiate(dentry, inode);
289 	return 0;
290 
291 out_cancel:
292 	dir->i_size -= sz_change;
293 	dir_ui->ui_size = dir->i_size;
294 	mutex_unlock(&dir_ui->ui_mutex);
295 out_inode:
296 	make_bad_inode(inode);
297 	iput(inode);
298 out_budg:
299 	ubifs_release_budget(c, &req);
300 	ubifs_err(c, "cannot create regular file, error %d", err);
301 	return err;
302 }
303 
304 /**
305  * vfs_dent_type - get VFS directory entry type.
306  * @type: UBIFS directory entry type
307  *
308  * This function converts UBIFS directory entry type into VFS directory entry
309  * type.
310  */
311 static unsigned int vfs_dent_type(uint8_t type)
312 {
313 	switch (type) {
314 	case UBIFS_ITYPE_REG:
315 		return DT_REG;
316 	case UBIFS_ITYPE_DIR:
317 		return DT_DIR;
318 	case UBIFS_ITYPE_LNK:
319 		return DT_LNK;
320 	case UBIFS_ITYPE_BLK:
321 		return DT_BLK;
322 	case UBIFS_ITYPE_CHR:
323 		return DT_CHR;
324 	case UBIFS_ITYPE_FIFO:
325 		return DT_FIFO;
326 	case UBIFS_ITYPE_SOCK:
327 		return DT_SOCK;
328 	default:
329 		BUG();
330 	}
331 	return 0;
332 }
333 
334 /*
335  * The classical Unix view for directory is that it is a linear array of
336  * (name, inode number) entries. Linux/VFS assumes this model as well.
337  * Particularly, 'readdir()' call wants us to return a directory entry offset
338  * which later may be used to continue 'readdir()'ing the directory or to
339  * 'seek()' to that specific direntry. Obviously UBIFS does not really fit this
340  * model because directory entries are identified by keys, which may collide.
341  *
342  * UBIFS uses directory entry hash value for directory offsets, so
343  * 'seekdir()'/'telldir()' may not always work because of possible key
344  * collisions. But UBIFS guarantees that consecutive 'readdir()' calls work
345  * properly by means of saving full directory entry name in the private field
346  * of the file description object.
347  *
348  * This means that UBIFS cannot support NFS which requires full
349  * 'seekdir()'/'telldir()' support.
350  */
351 static int ubifs_readdir(struct file *file, struct dir_context *ctx)
352 {
353 	int err;
354 	struct qstr nm;
355 	union ubifs_key key;
356 	struct ubifs_dent_node *dent;
357 	struct inode *dir = file_inode(file);
358 	struct ubifs_info *c = dir->i_sb->s_fs_info;
359 
360 	dbg_gen("dir ino %lu, f_pos %#llx", dir->i_ino, ctx->pos);
361 
362 	if (ctx->pos > UBIFS_S_KEY_HASH_MASK || ctx->pos == 2)
363 		/*
364 		 * The directory was seek'ed to a senseless position or there
365 		 * are no more entries.
366 		 */
367 		return 0;
368 
369 	if (file->f_version == 0) {
370 		/*
371 		 * The file was seek'ed, which means that @file->private_data
372 		 * is now invalid. This may also be just the first
373 		 * 'ubifs_readdir()' invocation, in which case
374 		 * @file->private_data is NULL, and the below code is
375 		 * basically a no-op.
376 		 */
377 		kfree(file->private_data);
378 		file->private_data = NULL;
379 	}
380 
381 	/*
382 	 * 'generic_file_llseek()' unconditionally sets @file->f_version to
383 	 * zero, and we use this for detecting whether the file was seek'ed.
384 	 */
385 	file->f_version = 1;
386 
387 	/* File positions 0 and 1 correspond to "." and ".." */
388 	if (ctx->pos < 2) {
389 		ubifs_assert(!file->private_data);
390 		if (!dir_emit_dots(file, ctx))
391 			return 0;
392 
393 		/* Find the first entry in TNC and save it */
394 		lowest_dent_key(c, &key, dir->i_ino);
395 		nm.name = NULL;
396 		dent = ubifs_tnc_next_ent(c, &key, &nm);
397 		if (IS_ERR(dent)) {
398 			err = PTR_ERR(dent);
399 			goto out;
400 		}
401 
402 		ctx->pos = key_hash_flash(c, &dent->key);
403 		file->private_data = dent;
404 	}
405 
406 	dent = file->private_data;
407 	if (!dent) {
408 		/*
409 		 * The directory was seek'ed to and is now readdir'ed.
410 		 * Find the entry corresponding to @ctx->pos or the closest one.
411 		 */
412 		dent_key_init_hash(c, &key, dir->i_ino, ctx->pos);
413 		nm.name = NULL;
414 		dent = ubifs_tnc_next_ent(c, &key, &nm);
415 		if (IS_ERR(dent)) {
416 			err = PTR_ERR(dent);
417 			goto out;
418 		}
419 		ctx->pos = key_hash_flash(c, &dent->key);
420 		file->private_data = dent;
421 	}
422 
423 	while (1) {
424 		dbg_gen("feed '%s', ino %llu, new f_pos %#x",
425 			dent->name, (unsigned long long)le64_to_cpu(dent->inum),
426 			key_hash_flash(c, &dent->key));
427 		ubifs_assert(le64_to_cpu(dent->ch.sqnum) >
428 			     ubifs_inode(dir)->creat_sqnum);
429 
430 		nm.len = le16_to_cpu(dent->nlen);
431 		if (!dir_emit(ctx, dent->name, nm.len,
432 			       le64_to_cpu(dent->inum),
433 			       vfs_dent_type(dent->type)))
434 			return 0;
435 
436 		/* Switch to the next entry */
437 		key_read(c, &dent->key, &key);
438 		nm.name = dent->name;
439 		dent = ubifs_tnc_next_ent(c, &key, &nm);
440 		if (IS_ERR(dent)) {
441 			err = PTR_ERR(dent);
442 			goto out;
443 		}
444 
445 		kfree(file->private_data);
446 		ctx->pos = key_hash_flash(c, &dent->key);
447 		file->private_data = dent;
448 		cond_resched();
449 	}
450 
451 out:
452 	if (err != -ENOENT) {
453 		ubifs_err(c, "cannot find next direntry, error %d", err);
454 		return err;
455 	}
456 
457 	kfree(file->private_data);
458 	file->private_data = NULL;
459 	/* 2 is a special value indicating that there are no more direntries */
460 	ctx->pos = 2;
461 	return 0;
462 }
463 
464 /* Free saved readdir() state when the directory is closed */
465 static int ubifs_dir_release(struct inode *dir, struct file *file)
466 {
467 	kfree(file->private_data);
468 	file->private_data = NULL;
469 	return 0;
470 }
471 
472 /**
473  * lock_2_inodes - a wrapper for locking two UBIFS inodes.
474  * @inode1: first inode
475  * @inode2: second inode
476  *
477  * We do not implement any tricks to guarantee strict lock ordering, because
478  * VFS has already done it for us on the @i_mutex. So this is just a simple
479  * wrapper function.
480  */
481 static void lock_2_inodes(struct inode *inode1, struct inode *inode2)
482 {
483 	mutex_lock_nested(&ubifs_inode(inode1)->ui_mutex, WB_MUTEX_1);
484 	mutex_lock_nested(&ubifs_inode(inode2)->ui_mutex, WB_MUTEX_2);
485 }
486 
487 /**
488  * unlock_2_inodes - a wrapper for unlocking two UBIFS inodes.
489  * @inode1: first inode
490  * @inode2: second inode
491  */
492 static void unlock_2_inodes(struct inode *inode1, struct inode *inode2)
493 {
494 	mutex_unlock(&ubifs_inode(inode2)->ui_mutex);
495 	mutex_unlock(&ubifs_inode(inode1)->ui_mutex);
496 }
497 
498 static int ubifs_link(struct dentry *old_dentry, struct inode *dir,
499 		      struct dentry *dentry)
500 {
501 	struct ubifs_info *c = dir->i_sb->s_fs_info;
502 	struct inode *inode = d_inode(old_dentry);
503 	struct ubifs_inode *ui = ubifs_inode(inode);
504 	struct ubifs_inode *dir_ui = ubifs_inode(dir);
505 	int err, sz_change = CALC_DENT_SIZE(dentry->d_name.len);
506 	struct ubifs_budget_req req = { .new_dent = 1, .dirtied_ino = 2,
507 				.dirtied_ino_d = ALIGN(ui->data_len, 8) };
508 
509 	/*
510 	 * Budget request settings: new direntry, changing the target inode,
511 	 * changing the parent inode.
512 	 */
513 
514 	dbg_gen("dent '%pd' to ino %lu (nlink %d) in dir ino %lu",
515 		dentry, inode->i_ino,
516 		inode->i_nlink, dir->i_ino);
517 	ubifs_assert(mutex_is_locked(&dir->i_mutex));
518 	ubifs_assert(mutex_is_locked(&inode->i_mutex));
519 
520 	err = dbg_check_synced_i_size(c, inode);
521 	if (err)
522 		return err;
523 
524 	err = ubifs_budget_space(c, &req);
525 	if (err)
526 		return err;
527 
528 	lock_2_inodes(dir, inode);
529 	inc_nlink(inode);
530 	ihold(inode);
531 	inode->i_ctime = ubifs_current_time(inode);
532 	dir->i_size += sz_change;
533 	dir_ui->ui_size = dir->i_size;
534 	dir->i_mtime = dir->i_ctime = inode->i_ctime;
535 	err = ubifs_jnl_update(c, dir, &dentry->d_name, inode, 0, 0);
536 	if (err)
537 		goto out_cancel;
538 	unlock_2_inodes(dir, inode);
539 
540 	ubifs_release_budget(c, &req);
541 	d_instantiate(dentry, inode);
542 	return 0;
543 
544 out_cancel:
545 	dir->i_size -= sz_change;
546 	dir_ui->ui_size = dir->i_size;
547 	drop_nlink(inode);
548 	unlock_2_inodes(dir, inode);
549 	ubifs_release_budget(c, &req);
550 	iput(inode);
551 	return err;
552 }
553 
554 static int ubifs_unlink(struct inode *dir, struct dentry *dentry)
555 {
556 	struct ubifs_info *c = dir->i_sb->s_fs_info;
557 	struct inode *inode = d_inode(dentry);
558 	struct ubifs_inode *dir_ui = ubifs_inode(dir);
559 	int sz_change = CALC_DENT_SIZE(dentry->d_name.len);
560 	int err, budgeted = 1;
561 	struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 };
562 	unsigned int saved_nlink = inode->i_nlink;
563 
564 	/*
565 	 * Budget request settings: deletion direntry, deletion inode (+1 for
566 	 * @dirtied_ino), changing the parent directory inode. If budgeting
567 	 * fails, go ahead anyway because we have extra space reserved for
568 	 * deletions.
569 	 */
570 
571 	dbg_gen("dent '%pd' from ino %lu (nlink %d) in dir ino %lu",
572 		dentry, inode->i_ino,
573 		inode->i_nlink, dir->i_ino);
574 	ubifs_assert(mutex_is_locked(&dir->i_mutex));
575 	ubifs_assert(mutex_is_locked(&inode->i_mutex));
576 	err = dbg_check_synced_i_size(c, inode);
577 	if (err)
578 		return err;
579 
580 	err = ubifs_budget_space(c, &req);
581 	if (err) {
582 		if (err != -ENOSPC)
583 			return err;
584 		budgeted = 0;
585 	}
586 
587 	lock_2_inodes(dir, inode);
588 	inode->i_ctime = ubifs_current_time(dir);
589 	drop_nlink(inode);
590 	dir->i_size -= sz_change;
591 	dir_ui->ui_size = dir->i_size;
592 	dir->i_mtime = dir->i_ctime = inode->i_ctime;
593 	err = ubifs_jnl_update(c, dir, &dentry->d_name, inode, 1, 0);
594 	if (err)
595 		goto out_cancel;
596 	unlock_2_inodes(dir, inode);
597 
598 	if (budgeted)
599 		ubifs_release_budget(c, &req);
600 	else {
601 		/* We've deleted something - clean the "no space" flags */
602 		c->bi.nospace = c->bi.nospace_rp = 0;
603 		smp_wmb();
604 	}
605 	return 0;
606 
607 out_cancel:
608 	dir->i_size += sz_change;
609 	dir_ui->ui_size = dir->i_size;
610 	set_nlink(inode, saved_nlink);
611 	unlock_2_inodes(dir, inode);
612 	if (budgeted)
613 		ubifs_release_budget(c, &req);
614 	return err;
615 }
616 
617 /**
618  * check_dir_empty - check if a directory is empty or not.
619  * @c: UBIFS file-system description object
620  * @dir: VFS inode object of the directory to check
621  *
622  * This function checks if directory @dir is empty. Returns zero if the
623  * directory is empty, %-ENOTEMPTY if it is not, and other negative error codes
624  * in case of of errors.
625  */
626 static int check_dir_empty(struct ubifs_info *c, struct inode *dir)
627 {
628 	struct qstr nm = { .name = NULL };
629 	struct ubifs_dent_node *dent;
630 	union ubifs_key key;
631 	int err;
632 
633 	lowest_dent_key(c, &key, dir->i_ino);
634 	dent = ubifs_tnc_next_ent(c, &key, &nm);
635 	if (IS_ERR(dent)) {
636 		err = PTR_ERR(dent);
637 		if (err == -ENOENT)
638 			err = 0;
639 	} else {
640 		kfree(dent);
641 		err = -ENOTEMPTY;
642 	}
643 	return err;
644 }
645 
646 static int ubifs_rmdir(struct inode *dir, struct dentry *dentry)
647 {
648 	struct ubifs_info *c = dir->i_sb->s_fs_info;
649 	struct inode *inode = d_inode(dentry);
650 	int sz_change = CALC_DENT_SIZE(dentry->d_name.len);
651 	int err, budgeted = 1;
652 	struct ubifs_inode *dir_ui = ubifs_inode(dir);
653 	struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 };
654 
655 	/*
656 	 * Budget request settings: deletion direntry, deletion inode and
657 	 * changing the parent inode. If budgeting fails, go ahead anyway
658 	 * because we have extra space reserved for deletions.
659 	 */
660 
661 	dbg_gen("directory '%pd', ino %lu in dir ino %lu", dentry,
662 		inode->i_ino, dir->i_ino);
663 	ubifs_assert(mutex_is_locked(&dir->i_mutex));
664 	ubifs_assert(mutex_is_locked(&inode->i_mutex));
665 	err = check_dir_empty(c, d_inode(dentry));
666 	if (err)
667 		return err;
668 
669 	err = ubifs_budget_space(c, &req);
670 	if (err) {
671 		if (err != -ENOSPC)
672 			return err;
673 		budgeted = 0;
674 	}
675 
676 	lock_2_inodes(dir, inode);
677 	inode->i_ctime = ubifs_current_time(dir);
678 	clear_nlink(inode);
679 	drop_nlink(dir);
680 	dir->i_size -= sz_change;
681 	dir_ui->ui_size = dir->i_size;
682 	dir->i_mtime = dir->i_ctime = inode->i_ctime;
683 	err = ubifs_jnl_update(c, dir, &dentry->d_name, inode, 1, 0);
684 	if (err)
685 		goto out_cancel;
686 	unlock_2_inodes(dir, inode);
687 
688 	if (budgeted)
689 		ubifs_release_budget(c, &req);
690 	else {
691 		/* We've deleted something - clean the "no space" flags */
692 		c->bi.nospace = c->bi.nospace_rp = 0;
693 		smp_wmb();
694 	}
695 	return 0;
696 
697 out_cancel:
698 	dir->i_size += sz_change;
699 	dir_ui->ui_size = dir->i_size;
700 	inc_nlink(dir);
701 	set_nlink(inode, 2);
702 	unlock_2_inodes(dir, inode);
703 	if (budgeted)
704 		ubifs_release_budget(c, &req);
705 	return err;
706 }
707 
708 static int ubifs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
709 {
710 	struct inode *inode;
711 	struct ubifs_inode *dir_ui = ubifs_inode(dir);
712 	struct ubifs_info *c = dir->i_sb->s_fs_info;
713 	int err, sz_change = CALC_DENT_SIZE(dentry->d_name.len);
714 	struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1 };
715 
716 	/*
717 	 * Budget request settings: new inode, new direntry and changing parent
718 	 * directory inode.
719 	 */
720 
721 	dbg_gen("dent '%pd', mode %#hx in dir ino %lu",
722 		dentry, mode, dir->i_ino);
723 
724 	err = ubifs_budget_space(c, &req);
725 	if (err)
726 		return err;
727 
728 	inode = ubifs_new_inode(c, dir, S_IFDIR | mode);
729 	if (IS_ERR(inode)) {
730 		err = PTR_ERR(inode);
731 		goto out_budg;
732 	}
733 
734 	err = ubifs_init_security(dir, inode, &dentry->d_name);
735 	if (err)
736 		goto out_inode;
737 
738 	mutex_lock(&dir_ui->ui_mutex);
739 	insert_inode_hash(inode);
740 	inc_nlink(inode);
741 	inc_nlink(dir);
742 	dir->i_size += sz_change;
743 	dir_ui->ui_size = dir->i_size;
744 	dir->i_mtime = dir->i_ctime = inode->i_ctime;
745 	err = ubifs_jnl_update(c, dir, &dentry->d_name, inode, 0, 0);
746 	if (err) {
747 		ubifs_err(c, "cannot create directory, error %d", err);
748 		goto out_cancel;
749 	}
750 	mutex_unlock(&dir_ui->ui_mutex);
751 
752 	ubifs_release_budget(c, &req);
753 	d_instantiate(dentry, inode);
754 	return 0;
755 
756 out_cancel:
757 	dir->i_size -= sz_change;
758 	dir_ui->ui_size = dir->i_size;
759 	drop_nlink(dir);
760 	mutex_unlock(&dir_ui->ui_mutex);
761 out_inode:
762 	make_bad_inode(inode);
763 	iput(inode);
764 out_budg:
765 	ubifs_release_budget(c, &req);
766 	return err;
767 }
768 
769 static int ubifs_mknod(struct inode *dir, struct dentry *dentry,
770 		       umode_t mode, dev_t rdev)
771 {
772 	struct inode *inode;
773 	struct ubifs_inode *ui;
774 	struct ubifs_inode *dir_ui = ubifs_inode(dir);
775 	struct ubifs_info *c = dir->i_sb->s_fs_info;
776 	union ubifs_dev_desc *dev = NULL;
777 	int sz_change = CALC_DENT_SIZE(dentry->d_name.len);
778 	int err, devlen = 0;
779 	struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
780 					.new_ino_d = ALIGN(devlen, 8),
781 					.dirtied_ino = 1 };
782 
783 	/*
784 	 * Budget request settings: new inode, new direntry and changing parent
785 	 * directory inode.
786 	 */
787 
788 	dbg_gen("dent '%pd' in dir ino %lu", dentry, dir->i_ino);
789 
790 	if (!new_valid_dev(rdev))
791 		return -EINVAL;
792 
793 	if (S_ISBLK(mode) || S_ISCHR(mode)) {
794 		dev = kmalloc(sizeof(union ubifs_dev_desc), GFP_NOFS);
795 		if (!dev)
796 			return -ENOMEM;
797 		devlen = ubifs_encode_dev(dev, rdev);
798 	}
799 
800 	err = ubifs_budget_space(c, &req);
801 	if (err) {
802 		kfree(dev);
803 		return err;
804 	}
805 
806 	inode = ubifs_new_inode(c, dir, mode);
807 	if (IS_ERR(inode)) {
808 		kfree(dev);
809 		err = PTR_ERR(inode);
810 		goto out_budg;
811 	}
812 
813 	init_special_inode(inode, inode->i_mode, rdev);
814 	inode->i_size = ubifs_inode(inode)->ui_size = devlen;
815 	ui = ubifs_inode(inode);
816 	ui->data = dev;
817 	ui->data_len = devlen;
818 
819 	err = ubifs_init_security(dir, inode, &dentry->d_name);
820 	if (err)
821 		goto out_inode;
822 
823 	mutex_lock(&dir_ui->ui_mutex);
824 	dir->i_size += sz_change;
825 	dir_ui->ui_size = dir->i_size;
826 	dir->i_mtime = dir->i_ctime = inode->i_ctime;
827 	err = ubifs_jnl_update(c, dir, &dentry->d_name, inode, 0, 0);
828 	if (err)
829 		goto out_cancel;
830 	mutex_unlock(&dir_ui->ui_mutex);
831 
832 	ubifs_release_budget(c, &req);
833 	insert_inode_hash(inode);
834 	d_instantiate(dentry, inode);
835 	return 0;
836 
837 out_cancel:
838 	dir->i_size -= sz_change;
839 	dir_ui->ui_size = dir->i_size;
840 	mutex_unlock(&dir_ui->ui_mutex);
841 out_inode:
842 	make_bad_inode(inode);
843 	iput(inode);
844 out_budg:
845 	ubifs_release_budget(c, &req);
846 	return err;
847 }
848 
849 static int ubifs_symlink(struct inode *dir, struct dentry *dentry,
850 			 const char *symname)
851 {
852 	struct inode *inode;
853 	struct ubifs_inode *ui;
854 	struct ubifs_inode *dir_ui = ubifs_inode(dir);
855 	struct ubifs_info *c = dir->i_sb->s_fs_info;
856 	int err, len = strlen(symname);
857 	int sz_change = CALC_DENT_SIZE(dentry->d_name.len);
858 	struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
859 					.new_ino_d = ALIGN(len, 8),
860 					.dirtied_ino = 1 };
861 
862 	/*
863 	 * Budget request settings: new inode, new direntry and changing parent
864 	 * directory inode.
865 	 */
866 
867 	dbg_gen("dent '%pd', target '%s' in dir ino %lu", dentry,
868 		symname, dir->i_ino);
869 
870 	if (len > UBIFS_MAX_INO_DATA)
871 		return -ENAMETOOLONG;
872 
873 	err = ubifs_budget_space(c, &req);
874 	if (err)
875 		return err;
876 
877 	inode = ubifs_new_inode(c, dir, S_IFLNK | S_IRWXUGO);
878 	if (IS_ERR(inode)) {
879 		err = PTR_ERR(inode);
880 		goto out_budg;
881 	}
882 
883 	ui = ubifs_inode(inode);
884 	ui->data = kmalloc(len + 1, GFP_NOFS);
885 	if (!ui->data) {
886 		err = -ENOMEM;
887 		goto out_inode;
888 	}
889 
890 	memcpy(ui->data, symname, len);
891 	((char *)ui->data)[len] = '\0';
892 	/*
893 	 * The terminating zero byte is not written to the flash media and it
894 	 * is put just to make later in-memory string processing simpler. Thus,
895 	 * data length is @len, not @len + %1.
896 	 */
897 	ui->data_len = len;
898 	inode->i_size = ubifs_inode(inode)->ui_size = len;
899 
900 	err = ubifs_init_security(dir, inode, &dentry->d_name);
901 	if (err)
902 		goto out_inode;
903 
904 	mutex_lock(&dir_ui->ui_mutex);
905 	dir->i_size += sz_change;
906 	dir_ui->ui_size = dir->i_size;
907 	dir->i_mtime = dir->i_ctime = inode->i_ctime;
908 	err = ubifs_jnl_update(c, dir, &dentry->d_name, inode, 0, 0);
909 	if (err)
910 		goto out_cancel;
911 	mutex_unlock(&dir_ui->ui_mutex);
912 
913 	ubifs_release_budget(c, &req);
914 	insert_inode_hash(inode);
915 	d_instantiate(dentry, inode);
916 	return 0;
917 
918 out_cancel:
919 	dir->i_size -= sz_change;
920 	dir_ui->ui_size = dir->i_size;
921 	mutex_unlock(&dir_ui->ui_mutex);
922 out_inode:
923 	make_bad_inode(inode);
924 	iput(inode);
925 out_budg:
926 	ubifs_release_budget(c, &req);
927 	return err;
928 }
929 
930 /**
931  * lock_3_inodes - a wrapper for locking three UBIFS inodes.
932  * @inode1: first inode
933  * @inode2: second inode
934  * @inode3: third inode
935  *
936  * This function is used for 'ubifs_rename()' and @inode1 may be the same as
937  * @inode2 whereas @inode3 may be %NULL.
938  *
939  * We do not implement any tricks to guarantee strict lock ordering, because
940  * VFS has already done it for us on the @i_mutex. So this is just a simple
941  * wrapper function.
942  */
943 static void lock_3_inodes(struct inode *inode1, struct inode *inode2,
944 			  struct inode *inode3)
945 {
946 	mutex_lock_nested(&ubifs_inode(inode1)->ui_mutex, WB_MUTEX_1);
947 	if (inode2 != inode1)
948 		mutex_lock_nested(&ubifs_inode(inode2)->ui_mutex, WB_MUTEX_2);
949 	if (inode3)
950 		mutex_lock_nested(&ubifs_inode(inode3)->ui_mutex, WB_MUTEX_3);
951 }
952 
953 /**
954  * unlock_3_inodes - a wrapper for unlocking three UBIFS inodes for rename.
955  * @inode1: first inode
956  * @inode2: second inode
957  * @inode3: third inode
958  */
959 static void unlock_3_inodes(struct inode *inode1, struct inode *inode2,
960 			    struct inode *inode3)
961 {
962 	if (inode3)
963 		mutex_unlock(&ubifs_inode(inode3)->ui_mutex);
964 	if (inode1 != inode2)
965 		mutex_unlock(&ubifs_inode(inode2)->ui_mutex);
966 	mutex_unlock(&ubifs_inode(inode1)->ui_mutex);
967 }
968 
969 static int ubifs_rename(struct inode *old_dir, struct dentry *old_dentry,
970 			struct inode *new_dir, struct dentry *new_dentry)
971 {
972 	struct ubifs_info *c = old_dir->i_sb->s_fs_info;
973 	struct inode *old_inode = d_inode(old_dentry);
974 	struct inode *new_inode = d_inode(new_dentry);
975 	struct ubifs_inode *old_inode_ui = ubifs_inode(old_inode);
976 	int err, release, sync = 0, move = (new_dir != old_dir);
977 	int is_dir = S_ISDIR(old_inode->i_mode);
978 	int unlink = !!new_inode;
979 	int new_sz = CALC_DENT_SIZE(new_dentry->d_name.len);
980 	int old_sz = CALC_DENT_SIZE(old_dentry->d_name.len);
981 	struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1,
982 					.dirtied_ino = 3 };
983 	struct ubifs_budget_req ino_req = { .dirtied_ino = 1,
984 			.dirtied_ino_d = ALIGN(old_inode_ui->data_len, 8) };
985 	struct timespec time;
986 	unsigned int uninitialized_var(saved_nlink);
987 
988 	/*
989 	 * Budget request settings: deletion direntry, new direntry, removing
990 	 * the old inode, and changing old and new parent directory inodes.
991 	 *
992 	 * However, this operation also marks the target inode as dirty and
993 	 * does not write it, so we allocate budget for the target inode
994 	 * separately.
995 	 */
996 
997 	dbg_gen("dent '%pd' ino %lu in dir ino %lu to dent '%pd' in dir ino %lu",
998 		old_dentry, old_inode->i_ino, old_dir->i_ino,
999 		new_dentry, new_dir->i_ino);
1000 	ubifs_assert(mutex_is_locked(&old_dir->i_mutex));
1001 	ubifs_assert(mutex_is_locked(&new_dir->i_mutex));
1002 	if (unlink)
1003 		ubifs_assert(mutex_is_locked(&new_inode->i_mutex));
1004 
1005 
1006 	if (unlink && is_dir) {
1007 		err = check_dir_empty(c, new_inode);
1008 		if (err)
1009 			return err;
1010 	}
1011 
1012 	err = ubifs_budget_space(c, &req);
1013 	if (err)
1014 		return err;
1015 	err = ubifs_budget_space(c, &ino_req);
1016 	if (err) {
1017 		ubifs_release_budget(c, &req);
1018 		return err;
1019 	}
1020 
1021 	lock_3_inodes(old_dir, new_dir, new_inode);
1022 
1023 	/*
1024 	 * Like most other Unix systems, set the @i_ctime for inodes on a
1025 	 * rename.
1026 	 */
1027 	time = ubifs_current_time(old_dir);
1028 	old_inode->i_ctime = time;
1029 
1030 	/* We must adjust parent link count when renaming directories */
1031 	if (is_dir) {
1032 		if (move) {
1033 			/*
1034 			 * @old_dir loses a link because we are moving
1035 			 * @old_inode to a different directory.
1036 			 */
1037 			drop_nlink(old_dir);
1038 			/*
1039 			 * @new_dir only gains a link if we are not also
1040 			 * overwriting an existing directory.
1041 			 */
1042 			if (!unlink)
1043 				inc_nlink(new_dir);
1044 		} else {
1045 			/*
1046 			 * @old_inode is not moving to a different directory,
1047 			 * but @old_dir still loses a link if we are
1048 			 * overwriting an existing directory.
1049 			 */
1050 			if (unlink)
1051 				drop_nlink(old_dir);
1052 		}
1053 	}
1054 
1055 	old_dir->i_size -= old_sz;
1056 	ubifs_inode(old_dir)->ui_size = old_dir->i_size;
1057 	old_dir->i_mtime = old_dir->i_ctime = time;
1058 	new_dir->i_mtime = new_dir->i_ctime = time;
1059 
1060 	/*
1061 	 * And finally, if we unlinked a direntry which happened to have the
1062 	 * same name as the moved direntry, we have to decrement @i_nlink of
1063 	 * the unlinked inode and change its ctime.
1064 	 */
1065 	if (unlink) {
1066 		/*
1067 		 * Directories cannot have hard-links, so if this is a
1068 		 * directory, just clear @i_nlink.
1069 		 */
1070 		saved_nlink = new_inode->i_nlink;
1071 		if (is_dir)
1072 			clear_nlink(new_inode);
1073 		else
1074 			drop_nlink(new_inode);
1075 		new_inode->i_ctime = time;
1076 	} else {
1077 		new_dir->i_size += new_sz;
1078 		ubifs_inode(new_dir)->ui_size = new_dir->i_size;
1079 	}
1080 
1081 	/*
1082 	 * Do not ask 'ubifs_jnl_rename()' to flush write-buffer if @old_inode
1083 	 * is dirty, because this will be done later on at the end of
1084 	 * 'ubifs_rename()'.
1085 	 */
1086 	if (IS_SYNC(old_inode)) {
1087 		sync = IS_DIRSYNC(old_dir) || IS_DIRSYNC(new_dir);
1088 		if (unlink && IS_SYNC(new_inode))
1089 			sync = 1;
1090 	}
1091 	err = ubifs_jnl_rename(c, old_dir, old_dentry, new_dir, new_dentry,
1092 			       sync);
1093 	if (err)
1094 		goto out_cancel;
1095 
1096 	unlock_3_inodes(old_dir, new_dir, new_inode);
1097 	ubifs_release_budget(c, &req);
1098 
1099 	mutex_lock(&old_inode_ui->ui_mutex);
1100 	release = old_inode_ui->dirty;
1101 	mark_inode_dirty_sync(old_inode);
1102 	mutex_unlock(&old_inode_ui->ui_mutex);
1103 
1104 	if (release)
1105 		ubifs_release_budget(c, &ino_req);
1106 	if (IS_SYNC(old_inode))
1107 		err = old_inode->i_sb->s_op->write_inode(old_inode, NULL);
1108 	return err;
1109 
1110 out_cancel:
1111 	if (unlink) {
1112 		set_nlink(new_inode, saved_nlink);
1113 	} else {
1114 		new_dir->i_size -= new_sz;
1115 		ubifs_inode(new_dir)->ui_size = new_dir->i_size;
1116 	}
1117 	old_dir->i_size += old_sz;
1118 	ubifs_inode(old_dir)->ui_size = old_dir->i_size;
1119 	if (is_dir) {
1120 		if (move) {
1121 			inc_nlink(old_dir);
1122 			if (!unlink)
1123 				drop_nlink(new_dir);
1124 		} else {
1125 			if (unlink)
1126 				inc_nlink(old_dir);
1127 		}
1128 	}
1129 	unlock_3_inodes(old_dir, new_dir, new_inode);
1130 	ubifs_release_budget(c, &ino_req);
1131 	ubifs_release_budget(c, &req);
1132 	return err;
1133 }
1134 
1135 int ubifs_getattr(struct vfsmount *mnt, struct dentry *dentry,
1136 		  struct kstat *stat)
1137 {
1138 	loff_t size;
1139 	struct inode *inode = d_inode(dentry);
1140 	struct ubifs_inode *ui = ubifs_inode(inode);
1141 
1142 	mutex_lock(&ui->ui_mutex);
1143 	generic_fillattr(inode, stat);
1144 	stat->blksize = UBIFS_BLOCK_SIZE;
1145 	stat->size = ui->ui_size;
1146 
1147 	/*
1148 	 * Unfortunately, the 'stat()' system call was designed for block
1149 	 * device based file systems, and it is not appropriate for UBIFS,
1150 	 * because UBIFS does not have notion of "block". For example, it is
1151 	 * difficult to tell how many block a directory takes - it actually
1152 	 * takes less than 300 bytes, but we have to round it to block size,
1153 	 * which introduces large mistake. This makes utilities like 'du' to
1154 	 * report completely senseless numbers. This is the reason why UBIFS
1155 	 * goes the same way as JFFS2 - it reports zero blocks for everything
1156 	 * but regular files, which makes more sense than reporting completely
1157 	 * wrong sizes.
1158 	 */
1159 	if (S_ISREG(inode->i_mode)) {
1160 		size = ui->xattr_size;
1161 		size += stat->size;
1162 		size = ALIGN(size, UBIFS_BLOCK_SIZE);
1163 		/*
1164 		 * Note, user-space expects 512-byte blocks count irrespectively
1165 		 * of what was reported in @stat->size.
1166 		 */
1167 		stat->blocks = size >> 9;
1168 	} else
1169 		stat->blocks = 0;
1170 	mutex_unlock(&ui->ui_mutex);
1171 	return 0;
1172 }
1173 
1174 const struct inode_operations ubifs_dir_inode_operations = {
1175 	.lookup      = ubifs_lookup,
1176 	.create      = ubifs_create,
1177 	.link        = ubifs_link,
1178 	.symlink     = ubifs_symlink,
1179 	.unlink      = ubifs_unlink,
1180 	.mkdir       = ubifs_mkdir,
1181 	.rmdir       = ubifs_rmdir,
1182 	.mknod       = ubifs_mknod,
1183 	.rename      = ubifs_rename,
1184 	.setattr     = ubifs_setattr,
1185 	.getattr     = ubifs_getattr,
1186 	.setxattr    = ubifs_setxattr,
1187 	.getxattr    = ubifs_getxattr,
1188 	.listxattr   = ubifs_listxattr,
1189 	.removexattr = ubifs_removexattr,
1190 };
1191 
1192 const struct file_operations ubifs_dir_operations = {
1193 	.llseek         = generic_file_llseek,
1194 	.release        = ubifs_dir_release,
1195 	.read           = generic_read_dir,
1196 	.iterate        = ubifs_readdir,
1197 	.fsync          = ubifs_fsync,
1198 	.unlocked_ioctl = ubifs_ioctl,
1199 #ifdef CONFIG_COMPAT
1200 	.compat_ioctl   = ubifs_compat_ioctl,
1201 #endif
1202 };
1203