1 // SPDX-License-Identifier: GPL-2.0-only 2 /* * This file is part of UBIFS. 3 * 4 * Copyright (C) 2006-2008 Nokia Corporation. 5 * Copyright (C) 2006, 2007 University of Szeged, Hungary 6 * 7 * Authors: Artem Bityutskiy (Битюцкий Артём) 8 * Adrian Hunter 9 * Zoltan Sogor 10 */ 11 12 /* 13 * This file implements directory operations. 14 * 15 * All FS operations in this file allocate budget before writing anything to the 16 * media. If they fail to allocate it, the error is returned. The only 17 * exceptions are 'ubifs_unlink()' and 'ubifs_rmdir()' which keep working even 18 * if they unable to allocate the budget, because deletion %-ENOSPC failure is 19 * not what users are usually ready to get. UBIFS budgeting subsystem has some 20 * space reserved for these purposes. 21 * 22 * All operations in this file write all inodes which they change straight 23 * away, instead of marking them dirty. For example, 'ubifs_link()' changes 24 * @i_size of the parent inode and writes the parent inode together with the 25 * target inode. This was done to simplify file-system recovery which would 26 * otherwise be very difficult to do. The only exception is rename which marks 27 * the re-named inode dirty (because its @i_ctime is updated) but does not 28 * write it, but just marks it as dirty. 29 */ 30 31 #include "ubifs.h" 32 33 /** 34 * inherit_flags - inherit flags of the parent inode. 35 * @dir: parent inode 36 * @mode: new inode mode flags 37 * 38 * This is a helper function for 'ubifs_new_inode()' which inherits flag of the 39 * parent directory inode @dir. UBIFS inodes inherit the following flags: 40 * o %UBIFS_COMPR_FL, which is useful to switch compression on/of on 41 * sub-directory basis; 42 * o %UBIFS_SYNC_FL - useful for the same reasons; 43 * o %UBIFS_DIRSYNC_FL - similar, but relevant only to directories. 44 * 45 * This function returns the inherited flags. 46 */ 47 static int inherit_flags(const struct inode *dir, umode_t mode) 48 { 49 int flags; 50 const struct ubifs_inode *ui = ubifs_inode(dir); 51 52 if (!S_ISDIR(dir->i_mode)) 53 /* 54 * The parent is not a directory, which means that an extended 55 * attribute inode is being created. No flags. 56 */ 57 return 0; 58 59 flags = ui->flags & (UBIFS_COMPR_FL | UBIFS_SYNC_FL | UBIFS_DIRSYNC_FL); 60 if (!S_ISDIR(mode)) 61 /* The "DIRSYNC" flag only applies to directories */ 62 flags &= ~UBIFS_DIRSYNC_FL; 63 return flags; 64 } 65 66 /** 67 * ubifs_new_inode - allocate new UBIFS inode object. 68 * @c: UBIFS file-system description object 69 * @dir: parent directory inode 70 * @mode: inode mode flags 71 * 72 * This function finds an unused inode number, allocates new inode and 73 * initializes it. Returns new inode in case of success and an error code in 74 * case of failure. 75 */ 76 struct inode *ubifs_new_inode(struct ubifs_info *c, struct inode *dir, 77 umode_t mode) 78 { 79 int err; 80 struct inode *inode; 81 struct ubifs_inode *ui; 82 bool encrypted = false; 83 84 inode = new_inode(c->vfs_sb); 85 ui = ubifs_inode(inode); 86 if (!inode) 87 return ERR_PTR(-ENOMEM); 88 89 /* 90 * Set 'S_NOCMTIME' to prevent VFS form updating [mc]time of inodes and 91 * marking them dirty in file write path (see 'file_update_time()'). 92 * UBIFS has to fully control "clean <-> dirty" transitions of inodes 93 * to make budgeting work. 94 */ 95 inode->i_flags |= S_NOCMTIME; 96 97 inode_init_owner(inode, dir, mode); 98 inode->i_mtime = inode->i_atime = inode->i_ctime = 99 current_time(inode); 100 inode->i_mapping->nrpages = 0; 101 102 err = fscrypt_prepare_new_inode(dir, inode, &encrypted); 103 if (err) { 104 ubifs_err(c, "fscrypt_prepare_new_inode failed: %i", err); 105 goto out_iput; 106 } 107 108 switch (mode & S_IFMT) { 109 case S_IFREG: 110 inode->i_mapping->a_ops = &ubifs_file_address_operations; 111 inode->i_op = &ubifs_file_inode_operations; 112 inode->i_fop = &ubifs_file_operations; 113 break; 114 case S_IFDIR: 115 inode->i_op = &ubifs_dir_inode_operations; 116 inode->i_fop = &ubifs_dir_operations; 117 inode->i_size = ui->ui_size = UBIFS_INO_NODE_SZ; 118 break; 119 case S_IFLNK: 120 inode->i_op = &ubifs_symlink_inode_operations; 121 break; 122 case S_IFSOCK: 123 case S_IFIFO: 124 case S_IFBLK: 125 case S_IFCHR: 126 inode->i_op = &ubifs_file_inode_operations; 127 break; 128 default: 129 BUG(); 130 } 131 132 ui->flags = inherit_flags(dir, mode); 133 ubifs_set_inode_flags(inode); 134 if (S_ISREG(mode)) 135 ui->compr_type = c->default_compr; 136 else 137 ui->compr_type = UBIFS_COMPR_NONE; 138 ui->synced_i_size = 0; 139 140 spin_lock(&c->cnt_lock); 141 /* Inode number overflow is currently not supported */ 142 if (c->highest_inum >= INUM_WARN_WATERMARK) { 143 if (c->highest_inum >= INUM_WATERMARK) { 144 spin_unlock(&c->cnt_lock); 145 ubifs_err(c, "out of inode numbers"); 146 err = -EINVAL; 147 goto out_iput; 148 } 149 ubifs_warn(c, "running out of inode numbers (current %lu, max %u)", 150 (unsigned long)c->highest_inum, INUM_WATERMARK); 151 } 152 153 inode->i_ino = ++c->highest_inum; 154 /* 155 * The creation sequence number remains with this inode for its 156 * lifetime. All nodes for this inode have a greater sequence number, 157 * and so it is possible to distinguish obsolete nodes belonging to a 158 * previous incarnation of the same inode number - for example, for the 159 * purpose of rebuilding the index. 160 */ 161 ui->creat_sqnum = ++c->max_sqnum; 162 spin_unlock(&c->cnt_lock); 163 164 if (encrypted) { 165 err = fscrypt_set_context(inode, NULL); 166 if (err) { 167 ubifs_err(c, "fscrypt_set_context failed: %i", err); 168 goto out_iput; 169 } 170 } 171 172 return inode; 173 174 out_iput: 175 make_bad_inode(inode); 176 iput(inode); 177 return ERR_PTR(err); 178 } 179 180 static int dbg_check_name(const struct ubifs_info *c, 181 const struct ubifs_dent_node *dent, 182 const struct fscrypt_name *nm) 183 { 184 if (!dbg_is_chk_gen(c)) 185 return 0; 186 if (le16_to_cpu(dent->nlen) != fname_len(nm)) 187 return -EINVAL; 188 if (memcmp(dent->name, fname_name(nm), fname_len(nm))) 189 return -EINVAL; 190 return 0; 191 } 192 193 static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry, 194 unsigned int flags) 195 { 196 int err; 197 union ubifs_key key; 198 struct inode *inode = NULL; 199 struct ubifs_dent_node *dent = NULL; 200 struct ubifs_info *c = dir->i_sb->s_fs_info; 201 struct fscrypt_name nm; 202 203 dbg_gen("'%pd' in dir ino %lu", dentry, dir->i_ino); 204 205 err = fscrypt_prepare_lookup(dir, dentry, &nm); 206 if (err == -ENOENT) 207 return d_splice_alias(NULL, dentry); 208 if (err) 209 return ERR_PTR(err); 210 211 if (fname_len(&nm) > UBIFS_MAX_NLEN) { 212 inode = ERR_PTR(-ENAMETOOLONG); 213 goto done; 214 } 215 216 dent = kmalloc(UBIFS_MAX_DENT_NODE_SZ, GFP_NOFS); 217 if (!dent) { 218 inode = ERR_PTR(-ENOMEM); 219 goto done; 220 } 221 222 if (fname_name(&nm) == NULL) { 223 if (nm.hash & ~UBIFS_S_KEY_HASH_MASK) 224 goto done; /* ENOENT */ 225 dent_key_init_hash(c, &key, dir->i_ino, nm.hash); 226 err = ubifs_tnc_lookup_dh(c, &key, dent, nm.minor_hash); 227 } else { 228 dent_key_init(c, &key, dir->i_ino, &nm); 229 err = ubifs_tnc_lookup_nm(c, &key, dent, &nm); 230 } 231 232 if (err) { 233 if (err == -ENOENT) 234 dbg_gen("not found"); 235 else 236 inode = ERR_PTR(err); 237 goto done; 238 } 239 240 if (dbg_check_name(c, dent, &nm)) { 241 inode = ERR_PTR(-EINVAL); 242 goto done; 243 } 244 245 inode = ubifs_iget(dir->i_sb, le64_to_cpu(dent->inum)); 246 if (IS_ERR(inode)) { 247 /* 248 * This should not happen. Probably the file-system needs 249 * checking. 250 */ 251 err = PTR_ERR(inode); 252 ubifs_err(c, "dead directory entry '%pd', error %d", 253 dentry, err); 254 ubifs_ro_mode(c, err); 255 goto done; 256 } 257 258 if (IS_ENCRYPTED(dir) && 259 (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) && 260 !fscrypt_has_permitted_context(dir, inode)) { 261 ubifs_warn(c, "Inconsistent encryption contexts: %lu/%lu", 262 dir->i_ino, inode->i_ino); 263 iput(inode); 264 inode = ERR_PTR(-EPERM); 265 } 266 267 done: 268 kfree(dent); 269 fscrypt_free_filename(&nm); 270 return d_splice_alias(inode, dentry); 271 } 272 273 static int ubifs_prepare_create(struct inode *dir, struct dentry *dentry, 274 struct fscrypt_name *nm) 275 { 276 if (fscrypt_is_nokey_name(dentry)) 277 return -ENOKEY; 278 279 return fscrypt_setup_filename(dir, &dentry->d_name, 0, nm); 280 } 281 282 static int ubifs_create(struct inode *dir, struct dentry *dentry, umode_t mode, 283 bool excl) 284 { 285 struct inode *inode; 286 struct ubifs_info *c = dir->i_sb->s_fs_info; 287 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 288 .dirtied_ino = 1 }; 289 struct ubifs_inode *dir_ui = ubifs_inode(dir); 290 struct fscrypt_name nm; 291 int err, sz_change; 292 293 /* 294 * Budget request settings: new inode, new direntry, changing the 295 * parent directory inode. 296 */ 297 298 dbg_gen("dent '%pd', mode %#hx in dir ino %lu", 299 dentry, mode, dir->i_ino); 300 301 err = ubifs_budget_space(c, &req); 302 if (err) 303 return err; 304 305 err = ubifs_prepare_create(dir, dentry, &nm); 306 if (err) 307 goto out_budg; 308 309 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 310 311 inode = ubifs_new_inode(c, dir, mode); 312 if (IS_ERR(inode)) { 313 err = PTR_ERR(inode); 314 goto out_fname; 315 } 316 317 err = ubifs_init_security(dir, inode, &dentry->d_name); 318 if (err) 319 goto out_inode; 320 321 mutex_lock(&dir_ui->ui_mutex); 322 dir->i_size += sz_change; 323 dir_ui->ui_size = dir->i_size; 324 dir->i_mtime = dir->i_ctime = inode->i_ctime; 325 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 326 if (err) 327 goto out_cancel; 328 mutex_unlock(&dir_ui->ui_mutex); 329 330 ubifs_release_budget(c, &req); 331 fscrypt_free_filename(&nm); 332 insert_inode_hash(inode); 333 d_instantiate(dentry, inode); 334 return 0; 335 336 out_cancel: 337 dir->i_size -= sz_change; 338 dir_ui->ui_size = dir->i_size; 339 mutex_unlock(&dir_ui->ui_mutex); 340 out_inode: 341 make_bad_inode(inode); 342 iput(inode); 343 out_fname: 344 fscrypt_free_filename(&nm); 345 out_budg: 346 ubifs_release_budget(c, &req); 347 ubifs_err(c, "cannot create regular file, error %d", err); 348 return err; 349 } 350 351 static int do_tmpfile(struct inode *dir, struct dentry *dentry, 352 umode_t mode, struct inode **whiteout) 353 { 354 struct inode *inode; 355 struct ubifs_info *c = dir->i_sb->s_fs_info; 356 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1}; 357 struct ubifs_budget_req ino_req = { .dirtied_ino = 1 }; 358 struct ubifs_inode *ui, *dir_ui = ubifs_inode(dir); 359 int err, instantiated = 0; 360 struct fscrypt_name nm; 361 362 /* 363 * Budget request settings: new dirty inode, new direntry, 364 * budget for dirtied inode will be released via writeback. 365 */ 366 367 dbg_gen("dent '%pd', mode %#hx in dir ino %lu", 368 dentry, mode, dir->i_ino); 369 370 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 371 if (err) 372 return err; 373 374 err = ubifs_budget_space(c, &req); 375 if (err) { 376 fscrypt_free_filename(&nm); 377 return err; 378 } 379 380 err = ubifs_budget_space(c, &ino_req); 381 if (err) { 382 ubifs_release_budget(c, &req); 383 fscrypt_free_filename(&nm); 384 return err; 385 } 386 387 inode = ubifs_new_inode(c, dir, mode); 388 if (IS_ERR(inode)) { 389 err = PTR_ERR(inode); 390 goto out_budg; 391 } 392 ui = ubifs_inode(inode); 393 394 if (whiteout) { 395 init_special_inode(inode, inode->i_mode, WHITEOUT_DEV); 396 ubifs_assert(c, inode->i_op == &ubifs_file_inode_operations); 397 } 398 399 err = ubifs_init_security(dir, inode, &dentry->d_name); 400 if (err) 401 goto out_inode; 402 403 mutex_lock(&ui->ui_mutex); 404 insert_inode_hash(inode); 405 406 if (whiteout) { 407 mark_inode_dirty(inode); 408 drop_nlink(inode); 409 *whiteout = inode; 410 } else { 411 d_tmpfile(dentry, inode); 412 } 413 ubifs_assert(c, ui->dirty); 414 415 instantiated = 1; 416 mutex_unlock(&ui->ui_mutex); 417 418 mutex_lock(&dir_ui->ui_mutex); 419 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0); 420 if (err) 421 goto out_cancel; 422 mutex_unlock(&dir_ui->ui_mutex); 423 424 ubifs_release_budget(c, &req); 425 426 return 0; 427 428 out_cancel: 429 mutex_unlock(&dir_ui->ui_mutex); 430 out_inode: 431 make_bad_inode(inode); 432 if (!instantiated) 433 iput(inode); 434 out_budg: 435 ubifs_release_budget(c, &req); 436 if (!instantiated) 437 ubifs_release_budget(c, &ino_req); 438 fscrypt_free_filename(&nm); 439 ubifs_err(c, "cannot create temporary file, error %d", err); 440 return err; 441 } 442 443 static int ubifs_tmpfile(struct inode *dir, struct dentry *dentry, 444 umode_t mode) 445 { 446 return do_tmpfile(dir, dentry, mode, NULL); 447 } 448 449 /** 450 * vfs_dent_type - get VFS directory entry type. 451 * @type: UBIFS directory entry type 452 * 453 * This function converts UBIFS directory entry type into VFS directory entry 454 * type. 455 */ 456 static unsigned int vfs_dent_type(uint8_t type) 457 { 458 switch (type) { 459 case UBIFS_ITYPE_REG: 460 return DT_REG; 461 case UBIFS_ITYPE_DIR: 462 return DT_DIR; 463 case UBIFS_ITYPE_LNK: 464 return DT_LNK; 465 case UBIFS_ITYPE_BLK: 466 return DT_BLK; 467 case UBIFS_ITYPE_CHR: 468 return DT_CHR; 469 case UBIFS_ITYPE_FIFO: 470 return DT_FIFO; 471 case UBIFS_ITYPE_SOCK: 472 return DT_SOCK; 473 default: 474 BUG(); 475 } 476 return 0; 477 } 478 479 /* 480 * The classical Unix view for directory is that it is a linear array of 481 * (name, inode number) entries. Linux/VFS assumes this model as well. 482 * Particularly, 'readdir()' call wants us to return a directory entry offset 483 * which later may be used to continue 'readdir()'ing the directory or to 484 * 'seek()' to that specific direntry. Obviously UBIFS does not really fit this 485 * model because directory entries are identified by keys, which may collide. 486 * 487 * UBIFS uses directory entry hash value for directory offsets, so 488 * 'seekdir()'/'telldir()' may not always work because of possible key 489 * collisions. But UBIFS guarantees that consecutive 'readdir()' calls work 490 * properly by means of saving full directory entry name in the private field 491 * of the file description object. 492 * 493 * This means that UBIFS cannot support NFS which requires full 494 * 'seekdir()'/'telldir()' support. 495 */ 496 static int ubifs_readdir(struct file *file, struct dir_context *ctx) 497 { 498 int fstr_real_len = 0, err = 0; 499 struct fscrypt_name nm; 500 struct fscrypt_str fstr = {0}; 501 union ubifs_key key; 502 struct ubifs_dent_node *dent; 503 struct inode *dir = file_inode(file); 504 struct ubifs_info *c = dir->i_sb->s_fs_info; 505 bool encrypted = IS_ENCRYPTED(dir); 506 507 dbg_gen("dir ino %lu, f_pos %#llx", dir->i_ino, ctx->pos); 508 509 if (ctx->pos > UBIFS_S_KEY_HASH_MASK || ctx->pos == 2) 510 /* 511 * The directory was seek'ed to a senseless position or there 512 * are no more entries. 513 */ 514 return 0; 515 516 if (encrypted) { 517 err = fscrypt_prepare_readdir(dir); 518 if (err) 519 return err; 520 521 err = fscrypt_fname_alloc_buffer(UBIFS_MAX_NLEN, &fstr); 522 if (err) 523 return err; 524 525 fstr_real_len = fstr.len; 526 } 527 528 if (file->f_version == 0) { 529 /* 530 * The file was seek'ed, which means that @file->private_data 531 * is now invalid. This may also be just the first 532 * 'ubifs_readdir()' invocation, in which case 533 * @file->private_data is NULL, and the below code is 534 * basically a no-op. 535 */ 536 kfree(file->private_data); 537 file->private_data = NULL; 538 } 539 540 /* 541 * 'generic_file_llseek()' unconditionally sets @file->f_version to 542 * zero, and we use this for detecting whether the file was seek'ed. 543 */ 544 file->f_version = 1; 545 546 /* File positions 0 and 1 correspond to "." and ".." */ 547 if (ctx->pos < 2) { 548 ubifs_assert(c, !file->private_data); 549 if (!dir_emit_dots(file, ctx)) { 550 if (encrypted) 551 fscrypt_fname_free_buffer(&fstr); 552 return 0; 553 } 554 555 /* Find the first entry in TNC and save it */ 556 lowest_dent_key(c, &key, dir->i_ino); 557 fname_len(&nm) = 0; 558 dent = ubifs_tnc_next_ent(c, &key, &nm); 559 if (IS_ERR(dent)) { 560 err = PTR_ERR(dent); 561 goto out; 562 } 563 564 ctx->pos = key_hash_flash(c, &dent->key); 565 file->private_data = dent; 566 } 567 568 dent = file->private_data; 569 if (!dent) { 570 /* 571 * The directory was seek'ed to and is now readdir'ed. 572 * Find the entry corresponding to @ctx->pos or the closest one. 573 */ 574 dent_key_init_hash(c, &key, dir->i_ino, ctx->pos); 575 fname_len(&nm) = 0; 576 dent = ubifs_tnc_next_ent(c, &key, &nm); 577 if (IS_ERR(dent)) { 578 err = PTR_ERR(dent); 579 goto out; 580 } 581 ctx->pos = key_hash_flash(c, &dent->key); 582 file->private_data = dent; 583 } 584 585 while (1) { 586 dbg_gen("ino %llu, new f_pos %#x", 587 (unsigned long long)le64_to_cpu(dent->inum), 588 key_hash_flash(c, &dent->key)); 589 ubifs_assert(c, le64_to_cpu(dent->ch.sqnum) > 590 ubifs_inode(dir)->creat_sqnum); 591 592 fname_len(&nm) = le16_to_cpu(dent->nlen); 593 fname_name(&nm) = dent->name; 594 595 if (encrypted) { 596 fstr.len = fstr_real_len; 597 598 err = fscrypt_fname_disk_to_usr(dir, key_hash_flash(c, 599 &dent->key), 600 le32_to_cpu(dent->cookie), 601 &nm.disk_name, &fstr); 602 if (err) 603 goto out; 604 } else { 605 fstr.len = fname_len(&nm); 606 fstr.name = fname_name(&nm); 607 } 608 609 if (!dir_emit(ctx, fstr.name, fstr.len, 610 le64_to_cpu(dent->inum), 611 vfs_dent_type(dent->type))) { 612 if (encrypted) 613 fscrypt_fname_free_buffer(&fstr); 614 return 0; 615 } 616 617 /* Switch to the next entry */ 618 key_read(c, &dent->key, &key); 619 dent = ubifs_tnc_next_ent(c, &key, &nm); 620 if (IS_ERR(dent)) { 621 err = PTR_ERR(dent); 622 goto out; 623 } 624 625 kfree(file->private_data); 626 ctx->pos = key_hash_flash(c, &dent->key); 627 file->private_data = dent; 628 cond_resched(); 629 } 630 631 out: 632 kfree(file->private_data); 633 file->private_data = NULL; 634 635 if (encrypted) 636 fscrypt_fname_free_buffer(&fstr); 637 638 if (err != -ENOENT) 639 ubifs_err(c, "cannot find next direntry, error %d", err); 640 else 641 /* 642 * -ENOENT is a non-fatal error in this context, the TNC uses 643 * it to indicate that the cursor moved past the current directory 644 * and readdir() has to stop. 645 */ 646 err = 0; 647 648 649 /* 2 is a special value indicating that there are no more direntries */ 650 ctx->pos = 2; 651 return err; 652 } 653 654 /* Free saved readdir() state when the directory is closed */ 655 static int ubifs_dir_release(struct inode *dir, struct file *file) 656 { 657 kfree(file->private_data); 658 file->private_data = NULL; 659 return 0; 660 } 661 662 /** 663 * lock_2_inodes - a wrapper for locking two UBIFS inodes. 664 * @inode1: first inode 665 * @inode2: second inode 666 * 667 * We do not implement any tricks to guarantee strict lock ordering, because 668 * VFS has already done it for us on the @i_mutex. So this is just a simple 669 * wrapper function. 670 */ 671 static void lock_2_inodes(struct inode *inode1, struct inode *inode2) 672 { 673 mutex_lock_nested(&ubifs_inode(inode1)->ui_mutex, WB_MUTEX_1); 674 mutex_lock_nested(&ubifs_inode(inode2)->ui_mutex, WB_MUTEX_2); 675 } 676 677 /** 678 * unlock_2_inodes - a wrapper for unlocking two UBIFS inodes. 679 * @inode1: first inode 680 * @inode2: second inode 681 */ 682 static void unlock_2_inodes(struct inode *inode1, struct inode *inode2) 683 { 684 mutex_unlock(&ubifs_inode(inode2)->ui_mutex); 685 mutex_unlock(&ubifs_inode(inode1)->ui_mutex); 686 } 687 688 static int ubifs_link(struct dentry *old_dentry, struct inode *dir, 689 struct dentry *dentry) 690 { 691 struct ubifs_info *c = dir->i_sb->s_fs_info; 692 struct inode *inode = d_inode(old_dentry); 693 struct ubifs_inode *ui = ubifs_inode(inode); 694 struct ubifs_inode *dir_ui = ubifs_inode(dir); 695 int err, sz_change = CALC_DENT_SIZE(dentry->d_name.len); 696 struct ubifs_budget_req req = { .new_dent = 1, .dirtied_ino = 2, 697 .dirtied_ino_d = ALIGN(ui->data_len, 8) }; 698 struct fscrypt_name nm; 699 700 /* 701 * Budget request settings: new direntry, changing the target inode, 702 * changing the parent inode. 703 */ 704 705 dbg_gen("dent '%pd' to ino %lu (nlink %d) in dir ino %lu", 706 dentry, inode->i_ino, 707 inode->i_nlink, dir->i_ino); 708 ubifs_assert(c, inode_is_locked(dir)); 709 ubifs_assert(c, inode_is_locked(inode)); 710 711 err = fscrypt_prepare_link(old_dentry, dir, dentry); 712 if (err) 713 return err; 714 715 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 716 if (err) 717 return err; 718 719 err = dbg_check_synced_i_size(c, inode); 720 if (err) 721 goto out_fname; 722 723 err = ubifs_budget_space(c, &req); 724 if (err) 725 goto out_fname; 726 727 lock_2_inodes(dir, inode); 728 729 /* Handle O_TMPFILE corner case, it is allowed to link a O_TMPFILE. */ 730 if (inode->i_nlink == 0) 731 ubifs_delete_orphan(c, inode->i_ino); 732 733 inc_nlink(inode); 734 ihold(inode); 735 inode->i_ctime = current_time(inode); 736 dir->i_size += sz_change; 737 dir_ui->ui_size = dir->i_size; 738 dir->i_mtime = dir->i_ctime = inode->i_ctime; 739 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 740 if (err) 741 goto out_cancel; 742 unlock_2_inodes(dir, inode); 743 744 ubifs_release_budget(c, &req); 745 d_instantiate(dentry, inode); 746 fscrypt_free_filename(&nm); 747 return 0; 748 749 out_cancel: 750 dir->i_size -= sz_change; 751 dir_ui->ui_size = dir->i_size; 752 drop_nlink(inode); 753 if (inode->i_nlink == 0) 754 ubifs_add_orphan(c, inode->i_ino); 755 unlock_2_inodes(dir, inode); 756 ubifs_release_budget(c, &req); 757 iput(inode); 758 out_fname: 759 fscrypt_free_filename(&nm); 760 return err; 761 } 762 763 static int ubifs_unlink(struct inode *dir, struct dentry *dentry) 764 { 765 struct ubifs_info *c = dir->i_sb->s_fs_info; 766 struct inode *inode = d_inode(dentry); 767 struct ubifs_inode *dir_ui = ubifs_inode(dir); 768 int err, sz_change, budgeted = 1; 769 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 }; 770 unsigned int saved_nlink = inode->i_nlink; 771 struct fscrypt_name nm; 772 773 /* 774 * Budget request settings: deletion direntry, deletion inode (+1 for 775 * @dirtied_ino), changing the parent directory inode. If budgeting 776 * fails, go ahead anyway because we have extra space reserved for 777 * deletions. 778 */ 779 780 dbg_gen("dent '%pd' from ino %lu (nlink %d) in dir ino %lu", 781 dentry, inode->i_ino, 782 inode->i_nlink, dir->i_ino); 783 784 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm); 785 if (err) 786 return err; 787 788 err = ubifs_purge_xattrs(inode); 789 if (err) 790 return err; 791 792 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 793 794 ubifs_assert(c, inode_is_locked(dir)); 795 ubifs_assert(c, inode_is_locked(inode)); 796 err = dbg_check_synced_i_size(c, inode); 797 if (err) 798 goto out_fname; 799 800 err = ubifs_budget_space(c, &req); 801 if (err) { 802 if (err != -ENOSPC) 803 goto out_fname; 804 budgeted = 0; 805 } 806 807 lock_2_inodes(dir, inode); 808 inode->i_ctime = current_time(dir); 809 drop_nlink(inode); 810 dir->i_size -= sz_change; 811 dir_ui->ui_size = dir->i_size; 812 dir->i_mtime = dir->i_ctime = inode->i_ctime; 813 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0); 814 if (err) 815 goto out_cancel; 816 unlock_2_inodes(dir, inode); 817 818 if (budgeted) 819 ubifs_release_budget(c, &req); 820 else { 821 /* We've deleted something - clean the "no space" flags */ 822 c->bi.nospace = c->bi.nospace_rp = 0; 823 smp_wmb(); 824 } 825 fscrypt_free_filename(&nm); 826 return 0; 827 828 out_cancel: 829 dir->i_size += sz_change; 830 dir_ui->ui_size = dir->i_size; 831 set_nlink(inode, saved_nlink); 832 unlock_2_inodes(dir, inode); 833 if (budgeted) 834 ubifs_release_budget(c, &req); 835 out_fname: 836 fscrypt_free_filename(&nm); 837 return err; 838 } 839 840 /** 841 * check_dir_empty - check if a directory is empty or not. 842 * @dir: VFS inode object of the directory to check 843 * 844 * This function checks if directory @dir is empty. Returns zero if the 845 * directory is empty, %-ENOTEMPTY if it is not, and other negative error codes 846 * in case of of errors. 847 */ 848 int ubifs_check_dir_empty(struct inode *dir) 849 { 850 struct ubifs_info *c = dir->i_sb->s_fs_info; 851 struct fscrypt_name nm = { 0 }; 852 struct ubifs_dent_node *dent; 853 union ubifs_key key; 854 int err; 855 856 lowest_dent_key(c, &key, dir->i_ino); 857 dent = ubifs_tnc_next_ent(c, &key, &nm); 858 if (IS_ERR(dent)) { 859 err = PTR_ERR(dent); 860 if (err == -ENOENT) 861 err = 0; 862 } else { 863 kfree(dent); 864 err = -ENOTEMPTY; 865 } 866 return err; 867 } 868 869 static int ubifs_rmdir(struct inode *dir, struct dentry *dentry) 870 { 871 struct ubifs_info *c = dir->i_sb->s_fs_info; 872 struct inode *inode = d_inode(dentry); 873 int err, sz_change, budgeted = 1; 874 struct ubifs_inode *dir_ui = ubifs_inode(dir); 875 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 }; 876 struct fscrypt_name nm; 877 878 /* 879 * Budget request settings: deletion direntry, deletion inode and 880 * changing the parent inode. If budgeting fails, go ahead anyway 881 * because we have extra space reserved for deletions. 882 */ 883 884 dbg_gen("directory '%pd', ino %lu in dir ino %lu", dentry, 885 inode->i_ino, dir->i_ino); 886 ubifs_assert(c, inode_is_locked(dir)); 887 ubifs_assert(c, inode_is_locked(inode)); 888 err = ubifs_check_dir_empty(d_inode(dentry)); 889 if (err) 890 return err; 891 892 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm); 893 if (err) 894 return err; 895 896 err = ubifs_purge_xattrs(inode); 897 if (err) 898 return err; 899 900 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 901 902 err = ubifs_budget_space(c, &req); 903 if (err) { 904 if (err != -ENOSPC) 905 goto out_fname; 906 budgeted = 0; 907 } 908 909 lock_2_inodes(dir, inode); 910 inode->i_ctime = current_time(dir); 911 clear_nlink(inode); 912 drop_nlink(dir); 913 dir->i_size -= sz_change; 914 dir_ui->ui_size = dir->i_size; 915 dir->i_mtime = dir->i_ctime = inode->i_ctime; 916 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0); 917 if (err) 918 goto out_cancel; 919 unlock_2_inodes(dir, inode); 920 921 if (budgeted) 922 ubifs_release_budget(c, &req); 923 else { 924 /* We've deleted something - clean the "no space" flags */ 925 c->bi.nospace = c->bi.nospace_rp = 0; 926 smp_wmb(); 927 } 928 fscrypt_free_filename(&nm); 929 return 0; 930 931 out_cancel: 932 dir->i_size += sz_change; 933 dir_ui->ui_size = dir->i_size; 934 inc_nlink(dir); 935 set_nlink(inode, 2); 936 unlock_2_inodes(dir, inode); 937 if (budgeted) 938 ubifs_release_budget(c, &req); 939 out_fname: 940 fscrypt_free_filename(&nm); 941 return err; 942 } 943 944 static int ubifs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) 945 { 946 struct inode *inode; 947 struct ubifs_inode *dir_ui = ubifs_inode(dir); 948 struct ubifs_info *c = dir->i_sb->s_fs_info; 949 int err, sz_change; 950 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1 }; 951 struct fscrypt_name nm; 952 953 /* 954 * Budget request settings: new inode, new direntry and changing parent 955 * directory inode. 956 */ 957 958 dbg_gen("dent '%pd', mode %#hx in dir ino %lu", 959 dentry, mode, dir->i_ino); 960 961 err = ubifs_budget_space(c, &req); 962 if (err) 963 return err; 964 965 err = ubifs_prepare_create(dir, dentry, &nm); 966 if (err) 967 goto out_budg; 968 969 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 970 971 inode = ubifs_new_inode(c, dir, S_IFDIR | mode); 972 if (IS_ERR(inode)) { 973 err = PTR_ERR(inode); 974 goto out_fname; 975 } 976 977 err = ubifs_init_security(dir, inode, &dentry->d_name); 978 if (err) 979 goto out_inode; 980 981 mutex_lock(&dir_ui->ui_mutex); 982 insert_inode_hash(inode); 983 inc_nlink(inode); 984 inc_nlink(dir); 985 dir->i_size += sz_change; 986 dir_ui->ui_size = dir->i_size; 987 dir->i_mtime = dir->i_ctime = inode->i_ctime; 988 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 989 if (err) { 990 ubifs_err(c, "cannot create directory, error %d", err); 991 goto out_cancel; 992 } 993 mutex_unlock(&dir_ui->ui_mutex); 994 995 ubifs_release_budget(c, &req); 996 d_instantiate(dentry, inode); 997 fscrypt_free_filename(&nm); 998 return 0; 999 1000 out_cancel: 1001 dir->i_size -= sz_change; 1002 dir_ui->ui_size = dir->i_size; 1003 drop_nlink(dir); 1004 mutex_unlock(&dir_ui->ui_mutex); 1005 out_inode: 1006 make_bad_inode(inode); 1007 iput(inode); 1008 out_fname: 1009 fscrypt_free_filename(&nm); 1010 out_budg: 1011 ubifs_release_budget(c, &req); 1012 return err; 1013 } 1014 1015 static int ubifs_mknod(struct inode *dir, struct dentry *dentry, 1016 umode_t mode, dev_t rdev) 1017 { 1018 struct inode *inode; 1019 struct ubifs_inode *ui; 1020 struct ubifs_inode *dir_ui = ubifs_inode(dir); 1021 struct ubifs_info *c = dir->i_sb->s_fs_info; 1022 union ubifs_dev_desc *dev = NULL; 1023 int sz_change; 1024 int err, devlen = 0; 1025 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 1026 .dirtied_ino = 1 }; 1027 struct fscrypt_name nm; 1028 1029 /* 1030 * Budget request settings: new inode, new direntry and changing parent 1031 * directory inode. 1032 */ 1033 1034 dbg_gen("dent '%pd' in dir ino %lu", dentry, dir->i_ino); 1035 1036 if (S_ISBLK(mode) || S_ISCHR(mode)) { 1037 dev = kmalloc(sizeof(union ubifs_dev_desc), GFP_NOFS); 1038 if (!dev) 1039 return -ENOMEM; 1040 devlen = ubifs_encode_dev(dev, rdev); 1041 } 1042 1043 req.new_ino_d = ALIGN(devlen, 8); 1044 err = ubifs_budget_space(c, &req); 1045 if (err) { 1046 kfree(dev); 1047 return err; 1048 } 1049 1050 err = ubifs_prepare_create(dir, dentry, &nm); 1051 if (err) { 1052 kfree(dev); 1053 goto out_budg; 1054 } 1055 1056 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 1057 1058 inode = ubifs_new_inode(c, dir, mode); 1059 if (IS_ERR(inode)) { 1060 kfree(dev); 1061 err = PTR_ERR(inode); 1062 goto out_fname; 1063 } 1064 1065 init_special_inode(inode, inode->i_mode, rdev); 1066 inode->i_size = ubifs_inode(inode)->ui_size = devlen; 1067 ui = ubifs_inode(inode); 1068 ui->data = dev; 1069 ui->data_len = devlen; 1070 1071 err = ubifs_init_security(dir, inode, &dentry->d_name); 1072 if (err) 1073 goto out_inode; 1074 1075 mutex_lock(&dir_ui->ui_mutex); 1076 dir->i_size += sz_change; 1077 dir_ui->ui_size = dir->i_size; 1078 dir->i_mtime = dir->i_ctime = inode->i_ctime; 1079 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 1080 if (err) 1081 goto out_cancel; 1082 mutex_unlock(&dir_ui->ui_mutex); 1083 1084 ubifs_release_budget(c, &req); 1085 insert_inode_hash(inode); 1086 d_instantiate(dentry, inode); 1087 fscrypt_free_filename(&nm); 1088 return 0; 1089 1090 out_cancel: 1091 dir->i_size -= sz_change; 1092 dir_ui->ui_size = dir->i_size; 1093 mutex_unlock(&dir_ui->ui_mutex); 1094 out_inode: 1095 make_bad_inode(inode); 1096 iput(inode); 1097 out_fname: 1098 fscrypt_free_filename(&nm); 1099 out_budg: 1100 ubifs_release_budget(c, &req); 1101 return err; 1102 } 1103 1104 static int ubifs_symlink(struct inode *dir, struct dentry *dentry, 1105 const char *symname) 1106 { 1107 struct inode *inode; 1108 struct ubifs_inode *ui; 1109 struct ubifs_inode *dir_ui = ubifs_inode(dir); 1110 struct ubifs_info *c = dir->i_sb->s_fs_info; 1111 int err, sz_change, len = strlen(symname); 1112 struct fscrypt_str disk_link; 1113 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 1114 .new_ino_d = ALIGN(len, 8), 1115 .dirtied_ino = 1 }; 1116 struct fscrypt_name nm; 1117 1118 dbg_gen("dent '%pd', target '%s' in dir ino %lu", dentry, 1119 symname, dir->i_ino); 1120 1121 err = fscrypt_prepare_symlink(dir, symname, len, UBIFS_MAX_INO_DATA, 1122 &disk_link); 1123 if (err) 1124 return err; 1125 1126 /* 1127 * Budget request settings: new inode, new direntry and changing parent 1128 * directory inode. 1129 */ 1130 err = ubifs_budget_space(c, &req); 1131 if (err) 1132 return err; 1133 1134 err = ubifs_prepare_create(dir, dentry, &nm); 1135 if (err) 1136 goto out_budg; 1137 1138 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 1139 1140 inode = ubifs_new_inode(c, dir, S_IFLNK | S_IRWXUGO); 1141 if (IS_ERR(inode)) { 1142 err = PTR_ERR(inode); 1143 goto out_fname; 1144 } 1145 1146 ui = ubifs_inode(inode); 1147 ui->data = kmalloc(disk_link.len, GFP_NOFS); 1148 if (!ui->data) { 1149 err = -ENOMEM; 1150 goto out_inode; 1151 } 1152 1153 if (IS_ENCRYPTED(inode)) { 1154 disk_link.name = ui->data; /* encrypt directly into ui->data */ 1155 err = fscrypt_encrypt_symlink(inode, symname, len, &disk_link); 1156 if (err) 1157 goto out_inode; 1158 } else { 1159 memcpy(ui->data, disk_link.name, disk_link.len); 1160 inode->i_link = ui->data; 1161 } 1162 1163 /* 1164 * The terminating zero byte is not written to the flash media and it 1165 * is put just to make later in-memory string processing simpler. Thus, 1166 * data length is @disk_link.len - 1, not @disk_link.len. 1167 */ 1168 ui->data_len = disk_link.len - 1; 1169 inode->i_size = ubifs_inode(inode)->ui_size = disk_link.len - 1; 1170 1171 err = ubifs_init_security(dir, inode, &dentry->d_name); 1172 if (err) 1173 goto out_inode; 1174 1175 mutex_lock(&dir_ui->ui_mutex); 1176 dir->i_size += sz_change; 1177 dir_ui->ui_size = dir->i_size; 1178 dir->i_mtime = dir->i_ctime = inode->i_ctime; 1179 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 1180 if (err) 1181 goto out_cancel; 1182 mutex_unlock(&dir_ui->ui_mutex); 1183 1184 insert_inode_hash(inode); 1185 d_instantiate(dentry, inode); 1186 err = 0; 1187 goto out_fname; 1188 1189 out_cancel: 1190 dir->i_size -= sz_change; 1191 dir_ui->ui_size = dir->i_size; 1192 mutex_unlock(&dir_ui->ui_mutex); 1193 out_inode: 1194 make_bad_inode(inode); 1195 iput(inode); 1196 out_fname: 1197 fscrypt_free_filename(&nm); 1198 out_budg: 1199 ubifs_release_budget(c, &req); 1200 return err; 1201 } 1202 1203 /** 1204 * lock_4_inodes - a wrapper for locking three UBIFS inodes. 1205 * @inode1: first inode 1206 * @inode2: second inode 1207 * @inode3: third inode 1208 * @inode4: fouth inode 1209 * 1210 * This function is used for 'ubifs_rename()' and @inode1 may be the same as 1211 * @inode2 whereas @inode3 and @inode4 may be %NULL. 1212 * 1213 * We do not implement any tricks to guarantee strict lock ordering, because 1214 * VFS has already done it for us on the @i_mutex. So this is just a simple 1215 * wrapper function. 1216 */ 1217 static void lock_4_inodes(struct inode *inode1, struct inode *inode2, 1218 struct inode *inode3, struct inode *inode4) 1219 { 1220 mutex_lock_nested(&ubifs_inode(inode1)->ui_mutex, WB_MUTEX_1); 1221 if (inode2 != inode1) 1222 mutex_lock_nested(&ubifs_inode(inode2)->ui_mutex, WB_MUTEX_2); 1223 if (inode3) 1224 mutex_lock_nested(&ubifs_inode(inode3)->ui_mutex, WB_MUTEX_3); 1225 if (inode4) 1226 mutex_lock_nested(&ubifs_inode(inode4)->ui_mutex, WB_MUTEX_4); 1227 } 1228 1229 /** 1230 * unlock_4_inodes - a wrapper for unlocking three UBIFS inodes for rename. 1231 * @inode1: first inode 1232 * @inode2: second inode 1233 * @inode3: third inode 1234 * @inode4: fouth inode 1235 */ 1236 static void unlock_4_inodes(struct inode *inode1, struct inode *inode2, 1237 struct inode *inode3, struct inode *inode4) 1238 { 1239 if (inode4) 1240 mutex_unlock(&ubifs_inode(inode4)->ui_mutex); 1241 if (inode3) 1242 mutex_unlock(&ubifs_inode(inode3)->ui_mutex); 1243 if (inode1 != inode2) 1244 mutex_unlock(&ubifs_inode(inode2)->ui_mutex); 1245 mutex_unlock(&ubifs_inode(inode1)->ui_mutex); 1246 } 1247 1248 static int do_rename(struct inode *old_dir, struct dentry *old_dentry, 1249 struct inode *new_dir, struct dentry *new_dentry, 1250 unsigned int flags) 1251 { 1252 struct ubifs_info *c = old_dir->i_sb->s_fs_info; 1253 struct inode *old_inode = d_inode(old_dentry); 1254 struct inode *new_inode = d_inode(new_dentry); 1255 struct inode *whiteout = NULL; 1256 struct ubifs_inode *old_inode_ui = ubifs_inode(old_inode); 1257 struct ubifs_inode *whiteout_ui = NULL; 1258 int err, release, sync = 0, move = (new_dir != old_dir); 1259 int is_dir = S_ISDIR(old_inode->i_mode); 1260 int unlink = !!new_inode, new_sz, old_sz; 1261 struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1, 1262 .dirtied_ino = 3 }; 1263 struct ubifs_budget_req ino_req = { .dirtied_ino = 1, 1264 .dirtied_ino_d = ALIGN(old_inode_ui->data_len, 8) }; 1265 struct timespec64 time; 1266 unsigned int saved_nlink; 1267 struct fscrypt_name old_nm, new_nm; 1268 1269 /* 1270 * Budget request settings: deletion direntry, new direntry, removing 1271 * the old inode, and changing old and new parent directory inodes. 1272 * 1273 * However, this operation also marks the target inode as dirty and 1274 * does not write it, so we allocate budget for the target inode 1275 * separately. 1276 */ 1277 1278 dbg_gen("dent '%pd' ino %lu in dir ino %lu to dent '%pd' in dir ino %lu flags 0x%x", 1279 old_dentry, old_inode->i_ino, old_dir->i_ino, 1280 new_dentry, new_dir->i_ino, flags); 1281 1282 if (unlink) { 1283 ubifs_assert(c, inode_is_locked(new_inode)); 1284 1285 err = ubifs_purge_xattrs(new_inode); 1286 if (err) 1287 return err; 1288 } 1289 1290 if (unlink && is_dir) { 1291 err = ubifs_check_dir_empty(new_inode); 1292 if (err) 1293 return err; 1294 } 1295 1296 err = fscrypt_setup_filename(old_dir, &old_dentry->d_name, 0, &old_nm); 1297 if (err) 1298 return err; 1299 1300 err = fscrypt_setup_filename(new_dir, &new_dentry->d_name, 0, &new_nm); 1301 if (err) { 1302 fscrypt_free_filename(&old_nm); 1303 return err; 1304 } 1305 1306 new_sz = CALC_DENT_SIZE(fname_len(&new_nm)); 1307 old_sz = CALC_DENT_SIZE(fname_len(&old_nm)); 1308 1309 err = ubifs_budget_space(c, &req); 1310 if (err) { 1311 fscrypt_free_filename(&old_nm); 1312 fscrypt_free_filename(&new_nm); 1313 return err; 1314 } 1315 err = ubifs_budget_space(c, &ino_req); 1316 if (err) { 1317 fscrypt_free_filename(&old_nm); 1318 fscrypt_free_filename(&new_nm); 1319 ubifs_release_budget(c, &req); 1320 return err; 1321 } 1322 1323 if (flags & RENAME_WHITEOUT) { 1324 union ubifs_dev_desc *dev = NULL; 1325 1326 dev = kmalloc(sizeof(union ubifs_dev_desc), GFP_NOFS); 1327 if (!dev) { 1328 err = -ENOMEM; 1329 goto out_release; 1330 } 1331 1332 err = do_tmpfile(old_dir, old_dentry, S_IFCHR | WHITEOUT_MODE, &whiteout); 1333 if (err) { 1334 kfree(dev); 1335 goto out_release; 1336 } 1337 1338 whiteout->i_state |= I_LINKABLE; 1339 whiteout_ui = ubifs_inode(whiteout); 1340 whiteout_ui->data = dev; 1341 whiteout_ui->data_len = ubifs_encode_dev(dev, MKDEV(0, 0)); 1342 ubifs_assert(c, !whiteout_ui->dirty); 1343 } 1344 1345 lock_4_inodes(old_dir, new_dir, new_inode, whiteout); 1346 1347 /* 1348 * Like most other Unix systems, set the @i_ctime for inodes on a 1349 * rename. 1350 */ 1351 time = current_time(old_dir); 1352 old_inode->i_ctime = time; 1353 1354 /* We must adjust parent link count when renaming directories */ 1355 if (is_dir) { 1356 if (move) { 1357 /* 1358 * @old_dir loses a link because we are moving 1359 * @old_inode to a different directory. 1360 */ 1361 drop_nlink(old_dir); 1362 /* 1363 * @new_dir only gains a link if we are not also 1364 * overwriting an existing directory. 1365 */ 1366 if (!unlink) 1367 inc_nlink(new_dir); 1368 } else { 1369 /* 1370 * @old_inode is not moving to a different directory, 1371 * but @old_dir still loses a link if we are 1372 * overwriting an existing directory. 1373 */ 1374 if (unlink) 1375 drop_nlink(old_dir); 1376 } 1377 } 1378 1379 old_dir->i_size -= old_sz; 1380 ubifs_inode(old_dir)->ui_size = old_dir->i_size; 1381 old_dir->i_mtime = old_dir->i_ctime = time; 1382 new_dir->i_mtime = new_dir->i_ctime = time; 1383 1384 /* 1385 * And finally, if we unlinked a direntry which happened to have the 1386 * same name as the moved direntry, we have to decrement @i_nlink of 1387 * the unlinked inode and change its ctime. 1388 */ 1389 if (unlink) { 1390 /* 1391 * Directories cannot have hard-links, so if this is a 1392 * directory, just clear @i_nlink. 1393 */ 1394 saved_nlink = new_inode->i_nlink; 1395 if (is_dir) 1396 clear_nlink(new_inode); 1397 else 1398 drop_nlink(new_inode); 1399 new_inode->i_ctime = time; 1400 } else { 1401 new_dir->i_size += new_sz; 1402 ubifs_inode(new_dir)->ui_size = new_dir->i_size; 1403 } 1404 1405 /* 1406 * Do not ask 'ubifs_jnl_rename()' to flush write-buffer if @old_inode 1407 * is dirty, because this will be done later on at the end of 1408 * 'ubifs_rename()'. 1409 */ 1410 if (IS_SYNC(old_inode)) { 1411 sync = IS_DIRSYNC(old_dir) || IS_DIRSYNC(new_dir); 1412 if (unlink && IS_SYNC(new_inode)) 1413 sync = 1; 1414 } 1415 1416 if (whiteout) { 1417 struct ubifs_budget_req wht_req = { .dirtied_ino = 1, 1418 .dirtied_ino_d = \ 1419 ALIGN(ubifs_inode(whiteout)->data_len, 8) }; 1420 1421 err = ubifs_budget_space(c, &wht_req); 1422 if (err) { 1423 kfree(whiteout_ui->data); 1424 whiteout_ui->data_len = 0; 1425 iput(whiteout); 1426 goto out_release; 1427 } 1428 1429 inc_nlink(whiteout); 1430 mark_inode_dirty(whiteout); 1431 whiteout->i_state &= ~I_LINKABLE; 1432 iput(whiteout); 1433 } 1434 1435 err = ubifs_jnl_rename(c, old_dir, old_inode, &old_nm, new_dir, 1436 new_inode, &new_nm, whiteout, sync); 1437 if (err) 1438 goto out_cancel; 1439 1440 unlock_4_inodes(old_dir, new_dir, new_inode, whiteout); 1441 ubifs_release_budget(c, &req); 1442 1443 mutex_lock(&old_inode_ui->ui_mutex); 1444 release = old_inode_ui->dirty; 1445 mark_inode_dirty_sync(old_inode); 1446 mutex_unlock(&old_inode_ui->ui_mutex); 1447 1448 if (release) 1449 ubifs_release_budget(c, &ino_req); 1450 if (IS_SYNC(old_inode)) 1451 err = old_inode->i_sb->s_op->write_inode(old_inode, NULL); 1452 1453 fscrypt_free_filename(&old_nm); 1454 fscrypt_free_filename(&new_nm); 1455 return err; 1456 1457 out_cancel: 1458 if (unlink) { 1459 set_nlink(new_inode, saved_nlink); 1460 } else { 1461 new_dir->i_size -= new_sz; 1462 ubifs_inode(new_dir)->ui_size = new_dir->i_size; 1463 } 1464 old_dir->i_size += old_sz; 1465 ubifs_inode(old_dir)->ui_size = old_dir->i_size; 1466 if (is_dir) { 1467 if (move) { 1468 inc_nlink(old_dir); 1469 if (!unlink) 1470 drop_nlink(new_dir); 1471 } else { 1472 if (unlink) 1473 inc_nlink(old_dir); 1474 } 1475 } 1476 if (whiteout) { 1477 drop_nlink(whiteout); 1478 iput(whiteout); 1479 } 1480 unlock_4_inodes(old_dir, new_dir, new_inode, whiteout); 1481 out_release: 1482 ubifs_release_budget(c, &ino_req); 1483 ubifs_release_budget(c, &req); 1484 fscrypt_free_filename(&old_nm); 1485 fscrypt_free_filename(&new_nm); 1486 return err; 1487 } 1488 1489 static int ubifs_xrename(struct inode *old_dir, struct dentry *old_dentry, 1490 struct inode *new_dir, struct dentry *new_dentry) 1491 { 1492 struct ubifs_info *c = old_dir->i_sb->s_fs_info; 1493 struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1, 1494 .dirtied_ino = 2 }; 1495 int sync = IS_DIRSYNC(old_dir) || IS_DIRSYNC(new_dir); 1496 struct inode *fst_inode = d_inode(old_dentry); 1497 struct inode *snd_inode = d_inode(new_dentry); 1498 struct timespec64 time; 1499 int err; 1500 struct fscrypt_name fst_nm, snd_nm; 1501 1502 ubifs_assert(c, fst_inode && snd_inode); 1503 1504 err = fscrypt_setup_filename(old_dir, &old_dentry->d_name, 0, &fst_nm); 1505 if (err) 1506 return err; 1507 1508 err = fscrypt_setup_filename(new_dir, &new_dentry->d_name, 0, &snd_nm); 1509 if (err) { 1510 fscrypt_free_filename(&fst_nm); 1511 return err; 1512 } 1513 1514 lock_4_inodes(old_dir, new_dir, NULL, NULL); 1515 1516 time = current_time(old_dir); 1517 fst_inode->i_ctime = time; 1518 snd_inode->i_ctime = time; 1519 old_dir->i_mtime = old_dir->i_ctime = time; 1520 new_dir->i_mtime = new_dir->i_ctime = time; 1521 1522 if (old_dir != new_dir) { 1523 if (S_ISDIR(fst_inode->i_mode) && !S_ISDIR(snd_inode->i_mode)) { 1524 inc_nlink(new_dir); 1525 drop_nlink(old_dir); 1526 } 1527 else if (!S_ISDIR(fst_inode->i_mode) && S_ISDIR(snd_inode->i_mode)) { 1528 drop_nlink(new_dir); 1529 inc_nlink(old_dir); 1530 } 1531 } 1532 1533 err = ubifs_jnl_xrename(c, old_dir, fst_inode, &fst_nm, new_dir, 1534 snd_inode, &snd_nm, sync); 1535 1536 unlock_4_inodes(old_dir, new_dir, NULL, NULL); 1537 ubifs_release_budget(c, &req); 1538 1539 fscrypt_free_filename(&fst_nm); 1540 fscrypt_free_filename(&snd_nm); 1541 return err; 1542 } 1543 1544 static int ubifs_rename(struct inode *old_dir, struct dentry *old_dentry, 1545 struct inode *new_dir, struct dentry *new_dentry, 1546 unsigned int flags) 1547 { 1548 int err; 1549 struct ubifs_info *c = old_dir->i_sb->s_fs_info; 1550 1551 if (flags & ~(RENAME_NOREPLACE | RENAME_WHITEOUT | RENAME_EXCHANGE)) 1552 return -EINVAL; 1553 1554 ubifs_assert(c, inode_is_locked(old_dir)); 1555 ubifs_assert(c, inode_is_locked(new_dir)); 1556 1557 err = fscrypt_prepare_rename(old_dir, old_dentry, new_dir, new_dentry, 1558 flags); 1559 if (err) 1560 return err; 1561 1562 if (flags & RENAME_EXCHANGE) 1563 return ubifs_xrename(old_dir, old_dentry, new_dir, new_dentry); 1564 1565 return do_rename(old_dir, old_dentry, new_dir, new_dentry, flags); 1566 } 1567 1568 int ubifs_getattr(const struct path *path, struct kstat *stat, 1569 u32 request_mask, unsigned int flags) 1570 { 1571 loff_t size; 1572 struct inode *inode = d_inode(path->dentry); 1573 struct ubifs_inode *ui = ubifs_inode(inode); 1574 1575 mutex_lock(&ui->ui_mutex); 1576 1577 if (ui->flags & UBIFS_APPEND_FL) 1578 stat->attributes |= STATX_ATTR_APPEND; 1579 if (ui->flags & UBIFS_COMPR_FL) 1580 stat->attributes |= STATX_ATTR_COMPRESSED; 1581 if (ui->flags & UBIFS_CRYPT_FL) 1582 stat->attributes |= STATX_ATTR_ENCRYPTED; 1583 if (ui->flags & UBIFS_IMMUTABLE_FL) 1584 stat->attributes |= STATX_ATTR_IMMUTABLE; 1585 1586 stat->attributes_mask |= (STATX_ATTR_APPEND | 1587 STATX_ATTR_COMPRESSED | 1588 STATX_ATTR_ENCRYPTED | 1589 STATX_ATTR_IMMUTABLE); 1590 1591 generic_fillattr(inode, stat); 1592 stat->blksize = UBIFS_BLOCK_SIZE; 1593 stat->size = ui->ui_size; 1594 1595 /* 1596 * Unfortunately, the 'stat()' system call was designed for block 1597 * device based file systems, and it is not appropriate for UBIFS, 1598 * because UBIFS does not have notion of "block". For example, it is 1599 * difficult to tell how many block a directory takes - it actually 1600 * takes less than 300 bytes, but we have to round it to block size, 1601 * which introduces large mistake. This makes utilities like 'du' to 1602 * report completely senseless numbers. This is the reason why UBIFS 1603 * goes the same way as JFFS2 - it reports zero blocks for everything 1604 * but regular files, which makes more sense than reporting completely 1605 * wrong sizes. 1606 */ 1607 if (S_ISREG(inode->i_mode)) { 1608 size = ui->xattr_size; 1609 size += stat->size; 1610 size = ALIGN(size, UBIFS_BLOCK_SIZE); 1611 /* 1612 * Note, user-space expects 512-byte blocks count irrespectively 1613 * of what was reported in @stat->size. 1614 */ 1615 stat->blocks = size >> 9; 1616 } else 1617 stat->blocks = 0; 1618 mutex_unlock(&ui->ui_mutex); 1619 return 0; 1620 } 1621 1622 const struct inode_operations ubifs_dir_inode_operations = { 1623 .lookup = ubifs_lookup, 1624 .create = ubifs_create, 1625 .link = ubifs_link, 1626 .symlink = ubifs_symlink, 1627 .unlink = ubifs_unlink, 1628 .mkdir = ubifs_mkdir, 1629 .rmdir = ubifs_rmdir, 1630 .mknod = ubifs_mknod, 1631 .rename = ubifs_rename, 1632 .setattr = ubifs_setattr, 1633 .getattr = ubifs_getattr, 1634 #ifdef CONFIG_UBIFS_FS_XATTR 1635 .listxattr = ubifs_listxattr, 1636 #endif 1637 .update_time = ubifs_update_time, 1638 .tmpfile = ubifs_tmpfile, 1639 }; 1640 1641 const struct file_operations ubifs_dir_operations = { 1642 .llseek = generic_file_llseek, 1643 .release = ubifs_dir_release, 1644 .read = generic_read_dir, 1645 .iterate_shared = ubifs_readdir, 1646 .fsync = ubifs_fsync, 1647 .unlocked_ioctl = ubifs_ioctl, 1648 #ifdef CONFIG_COMPAT 1649 .compat_ioctl = ubifs_compat_ioctl, 1650 #endif 1651 }; 1652