1 // SPDX-License-Identifier: GPL-2.0-only 2 /* * This file is part of UBIFS. 3 * 4 * Copyright (C) 2006-2008 Nokia Corporation. 5 * Copyright (C) 2006, 2007 University of Szeged, Hungary 6 * 7 * Authors: Artem Bityutskiy (Битюцкий Артём) 8 * Adrian Hunter 9 * Zoltan Sogor 10 */ 11 12 /* 13 * This file implements directory operations. 14 * 15 * All FS operations in this file allocate budget before writing anything to the 16 * media. If they fail to allocate it, the error is returned. The only 17 * exceptions are 'ubifs_unlink()' and 'ubifs_rmdir()' which keep working even 18 * if they unable to allocate the budget, because deletion %-ENOSPC failure is 19 * not what users are usually ready to get. UBIFS budgeting subsystem has some 20 * space reserved for these purposes. 21 * 22 * All operations in this file write all inodes which they change straight 23 * away, instead of marking them dirty. For example, 'ubifs_link()' changes 24 * @i_size of the parent inode and writes the parent inode together with the 25 * target inode. This was done to simplify file-system recovery which would 26 * otherwise be very difficult to do. The only exception is rename which marks 27 * the re-named inode dirty (because its @i_ctime is updated) but does not 28 * write it, but just marks it as dirty. 29 */ 30 31 #include "ubifs.h" 32 33 /** 34 * inherit_flags - inherit flags of the parent inode. 35 * @dir: parent inode 36 * @mode: new inode mode flags 37 * 38 * This is a helper function for 'ubifs_new_inode()' which inherits flag of the 39 * parent directory inode @dir. UBIFS inodes inherit the following flags: 40 * o %UBIFS_COMPR_FL, which is useful to switch compression on/of on 41 * sub-directory basis; 42 * o %UBIFS_SYNC_FL - useful for the same reasons; 43 * o %UBIFS_DIRSYNC_FL - similar, but relevant only to directories. 44 * 45 * This function returns the inherited flags. 46 */ 47 static int inherit_flags(const struct inode *dir, umode_t mode) 48 { 49 int flags; 50 const struct ubifs_inode *ui = ubifs_inode(dir); 51 52 if (!S_ISDIR(dir->i_mode)) 53 /* 54 * The parent is not a directory, which means that an extended 55 * attribute inode is being created. No flags. 56 */ 57 return 0; 58 59 flags = ui->flags & (UBIFS_COMPR_FL | UBIFS_SYNC_FL | UBIFS_DIRSYNC_FL); 60 if (!S_ISDIR(mode)) 61 /* The "DIRSYNC" flag only applies to directories */ 62 flags &= ~UBIFS_DIRSYNC_FL; 63 return flags; 64 } 65 66 /** 67 * ubifs_new_inode - allocate new UBIFS inode object. 68 * @c: UBIFS file-system description object 69 * @dir: parent directory inode 70 * @mode: inode mode flags 71 * 72 * This function finds an unused inode number, allocates new inode and 73 * initializes it. Returns new inode in case of success and an error code in 74 * case of failure. 75 */ 76 struct inode *ubifs_new_inode(struct ubifs_info *c, struct inode *dir, 77 umode_t mode) 78 { 79 int err; 80 struct inode *inode; 81 struct ubifs_inode *ui; 82 bool encrypted = false; 83 84 if (IS_ENCRYPTED(dir)) { 85 err = fscrypt_get_encryption_info(dir); 86 if (err) { 87 ubifs_err(c, "fscrypt_get_encryption_info failed: %i", err); 88 return ERR_PTR(err); 89 } 90 91 if (!fscrypt_has_encryption_key(dir)) 92 return ERR_PTR(-EPERM); 93 94 encrypted = true; 95 } 96 97 inode = new_inode(c->vfs_sb); 98 ui = ubifs_inode(inode); 99 if (!inode) 100 return ERR_PTR(-ENOMEM); 101 102 /* 103 * Set 'S_NOCMTIME' to prevent VFS form updating [mc]time of inodes and 104 * marking them dirty in file write path (see 'file_update_time()'). 105 * UBIFS has to fully control "clean <-> dirty" transitions of inodes 106 * to make budgeting work. 107 */ 108 inode->i_flags |= S_NOCMTIME; 109 110 inode_init_owner(inode, dir, mode); 111 inode->i_mtime = inode->i_atime = inode->i_ctime = 112 current_time(inode); 113 inode->i_mapping->nrpages = 0; 114 115 switch (mode & S_IFMT) { 116 case S_IFREG: 117 inode->i_mapping->a_ops = &ubifs_file_address_operations; 118 inode->i_op = &ubifs_file_inode_operations; 119 inode->i_fop = &ubifs_file_operations; 120 break; 121 case S_IFDIR: 122 inode->i_op = &ubifs_dir_inode_operations; 123 inode->i_fop = &ubifs_dir_operations; 124 inode->i_size = ui->ui_size = UBIFS_INO_NODE_SZ; 125 break; 126 case S_IFLNK: 127 inode->i_op = &ubifs_symlink_inode_operations; 128 break; 129 case S_IFSOCK: 130 case S_IFIFO: 131 case S_IFBLK: 132 case S_IFCHR: 133 inode->i_op = &ubifs_file_inode_operations; 134 encrypted = false; 135 break; 136 default: 137 BUG(); 138 } 139 140 ui->flags = inherit_flags(dir, mode); 141 ubifs_set_inode_flags(inode); 142 if (S_ISREG(mode)) 143 ui->compr_type = c->default_compr; 144 else 145 ui->compr_type = UBIFS_COMPR_NONE; 146 ui->synced_i_size = 0; 147 148 spin_lock(&c->cnt_lock); 149 /* Inode number overflow is currently not supported */ 150 if (c->highest_inum >= INUM_WARN_WATERMARK) { 151 if (c->highest_inum >= INUM_WATERMARK) { 152 spin_unlock(&c->cnt_lock); 153 ubifs_err(c, "out of inode numbers"); 154 make_bad_inode(inode); 155 iput(inode); 156 return ERR_PTR(-EINVAL); 157 } 158 ubifs_warn(c, "running out of inode numbers (current %lu, max %u)", 159 (unsigned long)c->highest_inum, INUM_WATERMARK); 160 } 161 162 inode->i_ino = ++c->highest_inum; 163 /* 164 * The creation sequence number remains with this inode for its 165 * lifetime. All nodes for this inode have a greater sequence number, 166 * and so it is possible to distinguish obsolete nodes belonging to a 167 * previous incarnation of the same inode number - for example, for the 168 * purpose of rebuilding the index. 169 */ 170 ui->creat_sqnum = ++c->max_sqnum; 171 spin_unlock(&c->cnt_lock); 172 173 if (encrypted) { 174 err = fscrypt_inherit_context(dir, inode, &encrypted, true); 175 if (err) { 176 ubifs_err(c, "fscrypt_inherit_context failed: %i", err); 177 make_bad_inode(inode); 178 iput(inode); 179 return ERR_PTR(err); 180 } 181 } 182 183 return inode; 184 } 185 186 static int dbg_check_name(const struct ubifs_info *c, 187 const struct ubifs_dent_node *dent, 188 const struct fscrypt_name *nm) 189 { 190 if (!dbg_is_chk_gen(c)) 191 return 0; 192 if (le16_to_cpu(dent->nlen) != fname_len(nm)) 193 return -EINVAL; 194 if (memcmp(dent->name, fname_name(nm), fname_len(nm))) 195 return -EINVAL; 196 return 0; 197 } 198 199 static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry, 200 unsigned int flags) 201 { 202 int err; 203 union ubifs_key key; 204 struct inode *inode = NULL; 205 struct ubifs_dent_node *dent = NULL; 206 struct ubifs_info *c = dir->i_sb->s_fs_info; 207 struct fscrypt_name nm; 208 209 dbg_gen("'%pd' in dir ino %lu", dentry, dir->i_ino); 210 211 err = fscrypt_prepare_lookup(dir, dentry, &nm); 212 if (err == -ENOENT) 213 return d_splice_alias(NULL, dentry); 214 if (err) 215 return ERR_PTR(err); 216 217 if (fname_len(&nm) > UBIFS_MAX_NLEN) { 218 inode = ERR_PTR(-ENAMETOOLONG); 219 goto done; 220 } 221 222 dent = kmalloc(UBIFS_MAX_DENT_NODE_SZ, GFP_NOFS); 223 if (!dent) { 224 inode = ERR_PTR(-ENOMEM); 225 goto done; 226 } 227 228 if (fname_name(&nm) == NULL) { 229 if (nm.hash & ~UBIFS_S_KEY_HASH_MASK) 230 goto done; /* ENOENT */ 231 dent_key_init_hash(c, &key, dir->i_ino, nm.hash); 232 err = ubifs_tnc_lookup_dh(c, &key, dent, nm.minor_hash); 233 } else { 234 dent_key_init(c, &key, dir->i_ino, &nm); 235 err = ubifs_tnc_lookup_nm(c, &key, dent, &nm); 236 } 237 238 if (err) { 239 if (err == -ENOENT) 240 dbg_gen("not found"); 241 else 242 inode = ERR_PTR(err); 243 goto done; 244 } 245 246 if (dbg_check_name(c, dent, &nm)) { 247 inode = ERR_PTR(-EINVAL); 248 goto done; 249 } 250 251 inode = ubifs_iget(dir->i_sb, le64_to_cpu(dent->inum)); 252 if (IS_ERR(inode)) { 253 /* 254 * This should not happen. Probably the file-system needs 255 * checking. 256 */ 257 err = PTR_ERR(inode); 258 ubifs_err(c, "dead directory entry '%pd', error %d", 259 dentry, err); 260 ubifs_ro_mode(c, err); 261 goto done; 262 } 263 264 if (IS_ENCRYPTED(dir) && 265 (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) && 266 !fscrypt_has_permitted_context(dir, inode)) { 267 ubifs_warn(c, "Inconsistent encryption contexts: %lu/%lu", 268 dir->i_ino, inode->i_ino); 269 iput(inode); 270 inode = ERR_PTR(-EPERM); 271 } 272 273 done: 274 kfree(dent); 275 fscrypt_free_filename(&nm); 276 return d_splice_alias(inode, dentry); 277 } 278 279 static int ubifs_create(struct inode *dir, struct dentry *dentry, umode_t mode, 280 bool excl) 281 { 282 struct inode *inode; 283 struct ubifs_info *c = dir->i_sb->s_fs_info; 284 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 285 .dirtied_ino = 1 }; 286 struct ubifs_inode *dir_ui = ubifs_inode(dir); 287 struct fscrypt_name nm; 288 int err, sz_change; 289 290 /* 291 * Budget request settings: new inode, new direntry, changing the 292 * parent directory inode. 293 */ 294 295 dbg_gen("dent '%pd', mode %#hx in dir ino %lu", 296 dentry, mode, dir->i_ino); 297 298 err = ubifs_budget_space(c, &req); 299 if (err) 300 return err; 301 302 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 303 if (err) 304 goto out_budg; 305 306 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 307 308 inode = ubifs_new_inode(c, dir, mode); 309 if (IS_ERR(inode)) { 310 err = PTR_ERR(inode); 311 goto out_fname; 312 } 313 314 err = ubifs_init_security(dir, inode, &dentry->d_name); 315 if (err) 316 goto out_inode; 317 318 mutex_lock(&dir_ui->ui_mutex); 319 dir->i_size += sz_change; 320 dir_ui->ui_size = dir->i_size; 321 dir->i_mtime = dir->i_ctime = inode->i_ctime; 322 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 323 if (err) 324 goto out_cancel; 325 mutex_unlock(&dir_ui->ui_mutex); 326 327 ubifs_release_budget(c, &req); 328 fscrypt_free_filename(&nm); 329 insert_inode_hash(inode); 330 d_instantiate(dentry, inode); 331 return 0; 332 333 out_cancel: 334 dir->i_size -= sz_change; 335 dir_ui->ui_size = dir->i_size; 336 mutex_unlock(&dir_ui->ui_mutex); 337 out_inode: 338 make_bad_inode(inode); 339 iput(inode); 340 out_fname: 341 fscrypt_free_filename(&nm); 342 out_budg: 343 ubifs_release_budget(c, &req); 344 ubifs_err(c, "cannot create regular file, error %d", err); 345 return err; 346 } 347 348 static int do_tmpfile(struct inode *dir, struct dentry *dentry, 349 umode_t mode, struct inode **whiteout) 350 { 351 struct inode *inode; 352 struct ubifs_info *c = dir->i_sb->s_fs_info; 353 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1}; 354 struct ubifs_budget_req ino_req = { .dirtied_ino = 1 }; 355 struct ubifs_inode *ui, *dir_ui = ubifs_inode(dir); 356 int err, instantiated = 0; 357 struct fscrypt_name nm; 358 359 /* 360 * Budget request settings: new dirty inode, new direntry, 361 * budget for dirtied inode will be released via writeback. 362 */ 363 364 dbg_gen("dent '%pd', mode %#hx in dir ino %lu", 365 dentry, mode, dir->i_ino); 366 367 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 368 if (err) 369 return err; 370 371 err = ubifs_budget_space(c, &req); 372 if (err) { 373 fscrypt_free_filename(&nm); 374 return err; 375 } 376 377 err = ubifs_budget_space(c, &ino_req); 378 if (err) { 379 ubifs_release_budget(c, &req); 380 fscrypt_free_filename(&nm); 381 return err; 382 } 383 384 inode = ubifs_new_inode(c, dir, mode); 385 if (IS_ERR(inode)) { 386 err = PTR_ERR(inode); 387 goto out_budg; 388 } 389 ui = ubifs_inode(inode); 390 391 if (whiteout) { 392 init_special_inode(inode, inode->i_mode, WHITEOUT_DEV); 393 ubifs_assert(c, inode->i_op == &ubifs_file_inode_operations); 394 } 395 396 err = ubifs_init_security(dir, inode, &dentry->d_name); 397 if (err) 398 goto out_inode; 399 400 mutex_lock(&ui->ui_mutex); 401 insert_inode_hash(inode); 402 403 if (whiteout) { 404 mark_inode_dirty(inode); 405 drop_nlink(inode); 406 *whiteout = inode; 407 } else { 408 d_tmpfile(dentry, inode); 409 } 410 ubifs_assert(c, ui->dirty); 411 412 instantiated = 1; 413 mutex_unlock(&ui->ui_mutex); 414 415 mutex_lock(&dir_ui->ui_mutex); 416 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0); 417 if (err) 418 goto out_cancel; 419 mutex_unlock(&dir_ui->ui_mutex); 420 421 ubifs_release_budget(c, &req); 422 423 return 0; 424 425 out_cancel: 426 mutex_unlock(&dir_ui->ui_mutex); 427 out_inode: 428 make_bad_inode(inode); 429 if (!instantiated) 430 iput(inode); 431 out_budg: 432 ubifs_release_budget(c, &req); 433 if (!instantiated) 434 ubifs_release_budget(c, &ino_req); 435 fscrypt_free_filename(&nm); 436 ubifs_err(c, "cannot create temporary file, error %d", err); 437 return err; 438 } 439 440 static int ubifs_tmpfile(struct inode *dir, struct dentry *dentry, 441 umode_t mode) 442 { 443 return do_tmpfile(dir, dentry, mode, NULL); 444 } 445 446 /** 447 * vfs_dent_type - get VFS directory entry type. 448 * @type: UBIFS directory entry type 449 * 450 * This function converts UBIFS directory entry type into VFS directory entry 451 * type. 452 */ 453 static unsigned int vfs_dent_type(uint8_t type) 454 { 455 switch (type) { 456 case UBIFS_ITYPE_REG: 457 return DT_REG; 458 case UBIFS_ITYPE_DIR: 459 return DT_DIR; 460 case UBIFS_ITYPE_LNK: 461 return DT_LNK; 462 case UBIFS_ITYPE_BLK: 463 return DT_BLK; 464 case UBIFS_ITYPE_CHR: 465 return DT_CHR; 466 case UBIFS_ITYPE_FIFO: 467 return DT_FIFO; 468 case UBIFS_ITYPE_SOCK: 469 return DT_SOCK; 470 default: 471 BUG(); 472 } 473 return 0; 474 } 475 476 /* 477 * The classical Unix view for directory is that it is a linear array of 478 * (name, inode number) entries. Linux/VFS assumes this model as well. 479 * Particularly, 'readdir()' call wants us to return a directory entry offset 480 * which later may be used to continue 'readdir()'ing the directory or to 481 * 'seek()' to that specific direntry. Obviously UBIFS does not really fit this 482 * model because directory entries are identified by keys, which may collide. 483 * 484 * UBIFS uses directory entry hash value for directory offsets, so 485 * 'seekdir()'/'telldir()' may not always work because of possible key 486 * collisions. But UBIFS guarantees that consecutive 'readdir()' calls work 487 * properly by means of saving full directory entry name in the private field 488 * of the file description object. 489 * 490 * This means that UBIFS cannot support NFS which requires full 491 * 'seekdir()'/'telldir()' support. 492 */ 493 static int ubifs_readdir(struct file *file, struct dir_context *ctx) 494 { 495 int fstr_real_len = 0, err = 0; 496 struct fscrypt_name nm; 497 struct fscrypt_str fstr = {0}; 498 union ubifs_key key; 499 struct ubifs_dent_node *dent; 500 struct inode *dir = file_inode(file); 501 struct ubifs_info *c = dir->i_sb->s_fs_info; 502 bool encrypted = IS_ENCRYPTED(dir); 503 504 dbg_gen("dir ino %lu, f_pos %#llx", dir->i_ino, ctx->pos); 505 506 if (ctx->pos > UBIFS_S_KEY_HASH_MASK || ctx->pos == 2) 507 /* 508 * The directory was seek'ed to a senseless position or there 509 * are no more entries. 510 */ 511 return 0; 512 513 if (encrypted) { 514 err = fscrypt_get_encryption_info(dir); 515 if (err) 516 return err; 517 518 err = fscrypt_fname_alloc_buffer(dir, UBIFS_MAX_NLEN, &fstr); 519 if (err) 520 return err; 521 522 fstr_real_len = fstr.len; 523 } 524 525 if (file->f_version == 0) { 526 /* 527 * The file was seek'ed, which means that @file->private_data 528 * is now invalid. This may also be just the first 529 * 'ubifs_readdir()' invocation, in which case 530 * @file->private_data is NULL, and the below code is 531 * basically a no-op. 532 */ 533 kfree(file->private_data); 534 file->private_data = NULL; 535 } 536 537 /* 538 * 'generic_file_llseek()' unconditionally sets @file->f_version to 539 * zero, and we use this for detecting whether the file was seek'ed. 540 */ 541 file->f_version = 1; 542 543 /* File positions 0 and 1 correspond to "." and ".." */ 544 if (ctx->pos < 2) { 545 ubifs_assert(c, !file->private_data); 546 if (!dir_emit_dots(file, ctx)) { 547 if (encrypted) 548 fscrypt_fname_free_buffer(&fstr); 549 return 0; 550 } 551 552 /* Find the first entry in TNC and save it */ 553 lowest_dent_key(c, &key, dir->i_ino); 554 fname_len(&nm) = 0; 555 dent = ubifs_tnc_next_ent(c, &key, &nm); 556 if (IS_ERR(dent)) { 557 err = PTR_ERR(dent); 558 goto out; 559 } 560 561 ctx->pos = key_hash_flash(c, &dent->key); 562 file->private_data = dent; 563 } 564 565 dent = file->private_data; 566 if (!dent) { 567 /* 568 * The directory was seek'ed to and is now readdir'ed. 569 * Find the entry corresponding to @ctx->pos or the closest one. 570 */ 571 dent_key_init_hash(c, &key, dir->i_ino, ctx->pos); 572 fname_len(&nm) = 0; 573 dent = ubifs_tnc_next_ent(c, &key, &nm); 574 if (IS_ERR(dent)) { 575 err = PTR_ERR(dent); 576 goto out; 577 } 578 ctx->pos = key_hash_flash(c, &dent->key); 579 file->private_data = dent; 580 } 581 582 while (1) { 583 dbg_gen("ino %llu, new f_pos %#x", 584 (unsigned long long)le64_to_cpu(dent->inum), 585 key_hash_flash(c, &dent->key)); 586 ubifs_assert(c, le64_to_cpu(dent->ch.sqnum) > 587 ubifs_inode(dir)->creat_sqnum); 588 589 fname_len(&nm) = le16_to_cpu(dent->nlen); 590 fname_name(&nm) = dent->name; 591 592 if (encrypted) { 593 fstr.len = fstr_real_len; 594 595 err = fscrypt_fname_disk_to_usr(dir, key_hash_flash(c, 596 &dent->key), 597 le32_to_cpu(dent->cookie), 598 &nm.disk_name, &fstr); 599 if (err) 600 goto out; 601 } else { 602 fstr.len = fname_len(&nm); 603 fstr.name = fname_name(&nm); 604 } 605 606 if (!dir_emit(ctx, fstr.name, fstr.len, 607 le64_to_cpu(dent->inum), 608 vfs_dent_type(dent->type))) { 609 if (encrypted) 610 fscrypt_fname_free_buffer(&fstr); 611 return 0; 612 } 613 614 /* Switch to the next entry */ 615 key_read(c, &dent->key, &key); 616 dent = ubifs_tnc_next_ent(c, &key, &nm); 617 if (IS_ERR(dent)) { 618 err = PTR_ERR(dent); 619 goto out; 620 } 621 622 kfree(file->private_data); 623 ctx->pos = key_hash_flash(c, &dent->key); 624 file->private_data = dent; 625 cond_resched(); 626 } 627 628 out: 629 kfree(file->private_data); 630 file->private_data = NULL; 631 632 if (encrypted) 633 fscrypt_fname_free_buffer(&fstr); 634 635 if (err != -ENOENT) 636 ubifs_err(c, "cannot find next direntry, error %d", err); 637 else 638 /* 639 * -ENOENT is a non-fatal error in this context, the TNC uses 640 * it to indicate that the cursor moved past the current directory 641 * and readdir() has to stop. 642 */ 643 err = 0; 644 645 646 /* 2 is a special value indicating that there are no more direntries */ 647 ctx->pos = 2; 648 return err; 649 } 650 651 /* Free saved readdir() state when the directory is closed */ 652 static int ubifs_dir_release(struct inode *dir, struct file *file) 653 { 654 kfree(file->private_data); 655 file->private_data = NULL; 656 return 0; 657 } 658 659 /** 660 * lock_2_inodes - a wrapper for locking two UBIFS inodes. 661 * @inode1: first inode 662 * @inode2: second inode 663 * 664 * We do not implement any tricks to guarantee strict lock ordering, because 665 * VFS has already done it for us on the @i_mutex. So this is just a simple 666 * wrapper function. 667 */ 668 static void lock_2_inodes(struct inode *inode1, struct inode *inode2) 669 { 670 mutex_lock_nested(&ubifs_inode(inode1)->ui_mutex, WB_MUTEX_1); 671 mutex_lock_nested(&ubifs_inode(inode2)->ui_mutex, WB_MUTEX_2); 672 } 673 674 /** 675 * unlock_2_inodes - a wrapper for unlocking two UBIFS inodes. 676 * @inode1: first inode 677 * @inode2: second inode 678 */ 679 static void unlock_2_inodes(struct inode *inode1, struct inode *inode2) 680 { 681 mutex_unlock(&ubifs_inode(inode2)->ui_mutex); 682 mutex_unlock(&ubifs_inode(inode1)->ui_mutex); 683 } 684 685 static int ubifs_link(struct dentry *old_dentry, struct inode *dir, 686 struct dentry *dentry) 687 { 688 struct ubifs_info *c = dir->i_sb->s_fs_info; 689 struct inode *inode = d_inode(old_dentry); 690 struct ubifs_inode *ui = ubifs_inode(inode); 691 struct ubifs_inode *dir_ui = ubifs_inode(dir); 692 int err, sz_change = CALC_DENT_SIZE(dentry->d_name.len); 693 struct ubifs_budget_req req = { .new_dent = 1, .dirtied_ino = 2, 694 .dirtied_ino_d = ALIGN(ui->data_len, 8) }; 695 struct fscrypt_name nm; 696 697 /* 698 * Budget request settings: new direntry, changing the target inode, 699 * changing the parent inode. 700 */ 701 702 dbg_gen("dent '%pd' to ino %lu (nlink %d) in dir ino %lu", 703 dentry, inode->i_ino, 704 inode->i_nlink, dir->i_ino); 705 ubifs_assert(c, inode_is_locked(dir)); 706 ubifs_assert(c, inode_is_locked(inode)); 707 708 err = fscrypt_prepare_link(old_dentry, dir, dentry); 709 if (err) 710 return err; 711 712 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 713 if (err) 714 return err; 715 716 err = dbg_check_synced_i_size(c, inode); 717 if (err) 718 goto out_fname; 719 720 err = ubifs_budget_space(c, &req); 721 if (err) 722 goto out_fname; 723 724 lock_2_inodes(dir, inode); 725 726 /* Handle O_TMPFILE corner case, it is allowed to link a O_TMPFILE. */ 727 if (inode->i_nlink == 0) 728 ubifs_delete_orphan(c, inode->i_ino); 729 730 inc_nlink(inode); 731 ihold(inode); 732 inode->i_ctime = current_time(inode); 733 dir->i_size += sz_change; 734 dir_ui->ui_size = dir->i_size; 735 dir->i_mtime = dir->i_ctime = inode->i_ctime; 736 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 737 if (err) 738 goto out_cancel; 739 unlock_2_inodes(dir, inode); 740 741 ubifs_release_budget(c, &req); 742 d_instantiate(dentry, inode); 743 fscrypt_free_filename(&nm); 744 return 0; 745 746 out_cancel: 747 dir->i_size -= sz_change; 748 dir_ui->ui_size = dir->i_size; 749 drop_nlink(inode); 750 if (inode->i_nlink == 0) 751 ubifs_add_orphan(c, inode->i_ino); 752 unlock_2_inodes(dir, inode); 753 ubifs_release_budget(c, &req); 754 iput(inode); 755 out_fname: 756 fscrypt_free_filename(&nm); 757 return err; 758 } 759 760 static int ubifs_unlink(struct inode *dir, struct dentry *dentry) 761 { 762 struct ubifs_info *c = dir->i_sb->s_fs_info; 763 struct inode *inode = d_inode(dentry); 764 struct ubifs_inode *dir_ui = ubifs_inode(dir); 765 int err, sz_change, budgeted = 1; 766 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 }; 767 unsigned int saved_nlink = inode->i_nlink; 768 struct fscrypt_name nm; 769 770 /* 771 * Budget request settings: deletion direntry, deletion inode (+1 for 772 * @dirtied_ino), changing the parent directory inode. If budgeting 773 * fails, go ahead anyway because we have extra space reserved for 774 * deletions. 775 */ 776 777 dbg_gen("dent '%pd' from ino %lu (nlink %d) in dir ino %lu", 778 dentry, inode->i_ino, 779 inode->i_nlink, dir->i_ino); 780 781 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm); 782 if (err) 783 return err; 784 785 err = ubifs_purge_xattrs(inode); 786 if (err) 787 return err; 788 789 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 790 791 ubifs_assert(c, inode_is_locked(dir)); 792 ubifs_assert(c, inode_is_locked(inode)); 793 err = dbg_check_synced_i_size(c, inode); 794 if (err) 795 goto out_fname; 796 797 err = ubifs_budget_space(c, &req); 798 if (err) { 799 if (err != -ENOSPC) 800 goto out_fname; 801 budgeted = 0; 802 } 803 804 lock_2_inodes(dir, inode); 805 inode->i_ctime = current_time(dir); 806 drop_nlink(inode); 807 dir->i_size -= sz_change; 808 dir_ui->ui_size = dir->i_size; 809 dir->i_mtime = dir->i_ctime = inode->i_ctime; 810 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0); 811 if (err) 812 goto out_cancel; 813 unlock_2_inodes(dir, inode); 814 815 if (budgeted) 816 ubifs_release_budget(c, &req); 817 else { 818 /* We've deleted something - clean the "no space" flags */ 819 c->bi.nospace = c->bi.nospace_rp = 0; 820 smp_wmb(); 821 } 822 fscrypt_free_filename(&nm); 823 return 0; 824 825 out_cancel: 826 dir->i_size += sz_change; 827 dir_ui->ui_size = dir->i_size; 828 set_nlink(inode, saved_nlink); 829 unlock_2_inodes(dir, inode); 830 if (budgeted) 831 ubifs_release_budget(c, &req); 832 out_fname: 833 fscrypt_free_filename(&nm); 834 return err; 835 } 836 837 /** 838 * check_dir_empty - check if a directory is empty or not. 839 * @dir: VFS inode object of the directory to check 840 * 841 * This function checks if directory @dir is empty. Returns zero if the 842 * directory is empty, %-ENOTEMPTY if it is not, and other negative error codes 843 * in case of of errors. 844 */ 845 int ubifs_check_dir_empty(struct inode *dir) 846 { 847 struct ubifs_info *c = dir->i_sb->s_fs_info; 848 struct fscrypt_name nm = { 0 }; 849 struct ubifs_dent_node *dent; 850 union ubifs_key key; 851 int err; 852 853 lowest_dent_key(c, &key, dir->i_ino); 854 dent = ubifs_tnc_next_ent(c, &key, &nm); 855 if (IS_ERR(dent)) { 856 err = PTR_ERR(dent); 857 if (err == -ENOENT) 858 err = 0; 859 } else { 860 kfree(dent); 861 err = -ENOTEMPTY; 862 } 863 return err; 864 } 865 866 static int ubifs_rmdir(struct inode *dir, struct dentry *dentry) 867 { 868 struct ubifs_info *c = dir->i_sb->s_fs_info; 869 struct inode *inode = d_inode(dentry); 870 int err, sz_change, budgeted = 1; 871 struct ubifs_inode *dir_ui = ubifs_inode(dir); 872 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 }; 873 struct fscrypt_name nm; 874 875 /* 876 * Budget request settings: deletion direntry, deletion inode and 877 * changing the parent inode. If budgeting fails, go ahead anyway 878 * because we have extra space reserved for deletions. 879 */ 880 881 dbg_gen("directory '%pd', ino %lu in dir ino %lu", dentry, 882 inode->i_ino, dir->i_ino); 883 ubifs_assert(c, inode_is_locked(dir)); 884 ubifs_assert(c, inode_is_locked(inode)); 885 err = ubifs_check_dir_empty(d_inode(dentry)); 886 if (err) 887 return err; 888 889 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm); 890 if (err) 891 return err; 892 893 err = ubifs_purge_xattrs(inode); 894 if (err) 895 return err; 896 897 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 898 899 err = ubifs_budget_space(c, &req); 900 if (err) { 901 if (err != -ENOSPC) 902 goto out_fname; 903 budgeted = 0; 904 } 905 906 lock_2_inodes(dir, inode); 907 inode->i_ctime = current_time(dir); 908 clear_nlink(inode); 909 drop_nlink(dir); 910 dir->i_size -= sz_change; 911 dir_ui->ui_size = dir->i_size; 912 dir->i_mtime = dir->i_ctime = inode->i_ctime; 913 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0); 914 if (err) 915 goto out_cancel; 916 unlock_2_inodes(dir, inode); 917 918 if (budgeted) 919 ubifs_release_budget(c, &req); 920 else { 921 /* We've deleted something - clean the "no space" flags */ 922 c->bi.nospace = c->bi.nospace_rp = 0; 923 smp_wmb(); 924 } 925 fscrypt_free_filename(&nm); 926 return 0; 927 928 out_cancel: 929 dir->i_size += sz_change; 930 dir_ui->ui_size = dir->i_size; 931 inc_nlink(dir); 932 set_nlink(inode, 2); 933 unlock_2_inodes(dir, inode); 934 if (budgeted) 935 ubifs_release_budget(c, &req); 936 out_fname: 937 fscrypt_free_filename(&nm); 938 return err; 939 } 940 941 static int ubifs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) 942 { 943 struct inode *inode; 944 struct ubifs_inode *dir_ui = ubifs_inode(dir); 945 struct ubifs_info *c = dir->i_sb->s_fs_info; 946 int err, sz_change; 947 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1 }; 948 struct fscrypt_name nm; 949 950 /* 951 * Budget request settings: new inode, new direntry and changing parent 952 * directory inode. 953 */ 954 955 dbg_gen("dent '%pd', mode %#hx in dir ino %lu", 956 dentry, mode, dir->i_ino); 957 958 err = ubifs_budget_space(c, &req); 959 if (err) 960 return err; 961 962 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 963 if (err) 964 goto out_budg; 965 966 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 967 968 inode = ubifs_new_inode(c, dir, S_IFDIR | mode); 969 if (IS_ERR(inode)) { 970 err = PTR_ERR(inode); 971 goto out_fname; 972 } 973 974 err = ubifs_init_security(dir, inode, &dentry->d_name); 975 if (err) 976 goto out_inode; 977 978 mutex_lock(&dir_ui->ui_mutex); 979 insert_inode_hash(inode); 980 inc_nlink(inode); 981 inc_nlink(dir); 982 dir->i_size += sz_change; 983 dir_ui->ui_size = dir->i_size; 984 dir->i_mtime = dir->i_ctime = inode->i_ctime; 985 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 986 if (err) { 987 ubifs_err(c, "cannot create directory, error %d", err); 988 goto out_cancel; 989 } 990 mutex_unlock(&dir_ui->ui_mutex); 991 992 ubifs_release_budget(c, &req); 993 d_instantiate(dentry, inode); 994 fscrypt_free_filename(&nm); 995 return 0; 996 997 out_cancel: 998 dir->i_size -= sz_change; 999 dir_ui->ui_size = dir->i_size; 1000 drop_nlink(dir); 1001 mutex_unlock(&dir_ui->ui_mutex); 1002 out_inode: 1003 make_bad_inode(inode); 1004 iput(inode); 1005 out_fname: 1006 fscrypt_free_filename(&nm); 1007 out_budg: 1008 ubifs_release_budget(c, &req); 1009 return err; 1010 } 1011 1012 static int ubifs_mknod(struct inode *dir, struct dentry *dentry, 1013 umode_t mode, dev_t rdev) 1014 { 1015 struct inode *inode; 1016 struct ubifs_inode *ui; 1017 struct ubifs_inode *dir_ui = ubifs_inode(dir); 1018 struct ubifs_info *c = dir->i_sb->s_fs_info; 1019 union ubifs_dev_desc *dev = NULL; 1020 int sz_change; 1021 int err, devlen = 0; 1022 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 1023 .dirtied_ino = 1 }; 1024 struct fscrypt_name nm; 1025 1026 /* 1027 * Budget request settings: new inode, new direntry and changing parent 1028 * directory inode. 1029 */ 1030 1031 dbg_gen("dent '%pd' in dir ino %lu", dentry, dir->i_ino); 1032 1033 if (S_ISBLK(mode) || S_ISCHR(mode)) { 1034 dev = kmalloc(sizeof(union ubifs_dev_desc), GFP_NOFS); 1035 if (!dev) 1036 return -ENOMEM; 1037 devlen = ubifs_encode_dev(dev, rdev); 1038 } 1039 1040 req.new_ino_d = ALIGN(devlen, 8); 1041 err = ubifs_budget_space(c, &req); 1042 if (err) { 1043 kfree(dev); 1044 return err; 1045 } 1046 1047 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 1048 if (err) { 1049 kfree(dev); 1050 goto out_budg; 1051 } 1052 1053 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 1054 1055 inode = ubifs_new_inode(c, dir, mode); 1056 if (IS_ERR(inode)) { 1057 kfree(dev); 1058 err = PTR_ERR(inode); 1059 goto out_fname; 1060 } 1061 1062 init_special_inode(inode, inode->i_mode, rdev); 1063 inode->i_size = ubifs_inode(inode)->ui_size = devlen; 1064 ui = ubifs_inode(inode); 1065 ui->data = dev; 1066 ui->data_len = devlen; 1067 1068 err = ubifs_init_security(dir, inode, &dentry->d_name); 1069 if (err) 1070 goto out_inode; 1071 1072 mutex_lock(&dir_ui->ui_mutex); 1073 dir->i_size += sz_change; 1074 dir_ui->ui_size = dir->i_size; 1075 dir->i_mtime = dir->i_ctime = inode->i_ctime; 1076 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 1077 if (err) 1078 goto out_cancel; 1079 mutex_unlock(&dir_ui->ui_mutex); 1080 1081 ubifs_release_budget(c, &req); 1082 insert_inode_hash(inode); 1083 d_instantiate(dentry, inode); 1084 fscrypt_free_filename(&nm); 1085 return 0; 1086 1087 out_cancel: 1088 dir->i_size -= sz_change; 1089 dir_ui->ui_size = dir->i_size; 1090 mutex_unlock(&dir_ui->ui_mutex); 1091 out_inode: 1092 make_bad_inode(inode); 1093 iput(inode); 1094 out_fname: 1095 fscrypt_free_filename(&nm); 1096 out_budg: 1097 ubifs_release_budget(c, &req); 1098 return err; 1099 } 1100 1101 static int ubifs_symlink(struct inode *dir, struct dentry *dentry, 1102 const char *symname) 1103 { 1104 struct inode *inode; 1105 struct ubifs_inode *ui; 1106 struct ubifs_inode *dir_ui = ubifs_inode(dir); 1107 struct ubifs_info *c = dir->i_sb->s_fs_info; 1108 int err, sz_change, len = strlen(symname); 1109 struct fscrypt_str disk_link; 1110 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 1111 .new_ino_d = ALIGN(len, 8), 1112 .dirtied_ino = 1 }; 1113 struct fscrypt_name nm; 1114 1115 dbg_gen("dent '%pd', target '%s' in dir ino %lu", dentry, 1116 symname, dir->i_ino); 1117 1118 err = fscrypt_prepare_symlink(dir, symname, len, UBIFS_MAX_INO_DATA, 1119 &disk_link); 1120 if (err) 1121 return err; 1122 1123 /* 1124 * Budget request settings: new inode, new direntry and changing parent 1125 * directory inode. 1126 */ 1127 err = ubifs_budget_space(c, &req); 1128 if (err) 1129 return err; 1130 1131 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 1132 if (err) 1133 goto out_budg; 1134 1135 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 1136 1137 inode = ubifs_new_inode(c, dir, S_IFLNK | S_IRWXUGO); 1138 if (IS_ERR(inode)) { 1139 err = PTR_ERR(inode); 1140 goto out_fname; 1141 } 1142 1143 ui = ubifs_inode(inode); 1144 ui->data = kmalloc(disk_link.len, GFP_NOFS); 1145 if (!ui->data) { 1146 err = -ENOMEM; 1147 goto out_inode; 1148 } 1149 1150 if (IS_ENCRYPTED(inode)) { 1151 disk_link.name = ui->data; /* encrypt directly into ui->data */ 1152 err = fscrypt_encrypt_symlink(inode, symname, len, &disk_link); 1153 if (err) 1154 goto out_inode; 1155 } else { 1156 memcpy(ui->data, disk_link.name, disk_link.len); 1157 inode->i_link = ui->data; 1158 } 1159 1160 /* 1161 * The terminating zero byte is not written to the flash media and it 1162 * is put just to make later in-memory string processing simpler. Thus, 1163 * data length is @disk_link.len - 1, not @disk_link.len. 1164 */ 1165 ui->data_len = disk_link.len - 1; 1166 inode->i_size = ubifs_inode(inode)->ui_size = disk_link.len - 1; 1167 1168 err = ubifs_init_security(dir, inode, &dentry->d_name); 1169 if (err) 1170 goto out_inode; 1171 1172 mutex_lock(&dir_ui->ui_mutex); 1173 dir->i_size += sz_change; 1174 dir_ui->ui_size = dir->i_size; 1175 dir->i_mtime = dir->i_ctime = inode->i_ctime; 1176 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 1177 if (err) 1178 goto out_cancel; 1179 mutex_unlock(&dir_ui->ui_mutex); 1180 1181 insert_inode_hash(inode); 1182 d_instantiate(dentry, inode); 1183 err = 0; 1184 goto out_fname; 1185 1186 out_cancel: 1187 dir->i_size -= sz_change; 1188 dir_ui->ui_size = dir->i_size; 1189 mutex_unlock(&dir_ui->ui_mutex); 1190 out_inode: 1191 make_bad_inode(inode); 1192 iput(inode); 1193 out_fname: 1194 fscrypt_free_filename(&nm); 1195 out_budg: 1196 ubifs_release_budget(c, &req); 1197 return err; 1198 } 1199 1200 /** 1201 * lock_4_inodes - a wrapper for locking three UBIFS inodes. 1202 * @inode1: first inode 1203 * @inode2: second inode 1204 * @inode3: third inode 1205 * @inode4: fouth inode 1206 * 1207 * This function is used for 'ubifs_rename()' and @inode1 may be the same as 1208 * @inode2 whereas @inode3 and @inode4 may be %NULL. 1209 * 1210 * We do not implement any tricks to guarantee strict lock ordering, because 1211 * VFS has already done it for us on the @i_mutex. So this is just a simple 1212 * wrapper function. 1213 */ 1214 static void lock_4_inodes(struct inode *inode1, struct inode *inode2, 1215 struct inode *inode3, struct inode *inode4) 1216 { 1217 mutex_lock_nested(&ubifs_inode(inode1)->ui_mutex, WB_MUTEX_1); 1218 if (inode2 != inode1) 1219 mutex_lock_nested(&ubifs_inode(inode2)->ui_mutex, WB_MUTEX_2); 1220 if (inode3) 1221 mutex_lock_nested(&ubifs_inode(inode3)->ui_mutex, WB_MUTEX_3); 1222 if (inode4) 1223 mutex_lock_nested(&ubifs_inode(inode4)->ui_mutex, WB_MUTEX_4); 1224 } 1225 1226 /** 1227 * unlock_4_inodes - a wrapper for unlocking three UBIFS inodes for rename. 1228 * @inode1: first inode 1229 * @inode2: second inode 1230 * @inode3: third inode 1231 * @inode4: fouth inode 1232 */ 1233 static void unlock_4_inodes(struct inode *inode1, struct inode *inode2, 1234 struct inode *inode3, struct inode *inode4) 1235 { 1236 if (inode4) 1237 mutex_unlock(&ubifs_inode(inode4)->ui_mutex); 1238 if (inode3) 1239 mutex_unlock(&ubifs_inode(inode3)->ui_mutex); 1240 if (inode1 != inode2) 1241 mutex_unlock(&ubifs_inode(inode2)->ui_mutex); 1242 mutex_unlock(&ubifs_inode(inode1)->ui_mutex); 1243 } 1244 1245 static int do_rename(struct inode *old_dir, struct dentry *old_dentry, 1246 struct inode *new_dir, struct dentry *new_dentry, 1247 unsigned int flags) 1248 { 1249 struct ubifs_info *c = old_dir->i_sb->s_fs_info; 1250 struct inode *old_inode = d_inode(old_dentry); 1251 struct inode *new_inode = d_inode(new_dentry); 1252 struct inode *whiteout = NULL; 1253 struct ubifs_inode *old_inode_ui = ubifs_inode(old_inode); 1254 struct ubifs_inode *whiteout_ui = NULL; 1255 int err, release, sync = 0, move = (new_dir != old_dir); 1256 int is_dir = S_ISDIR(old_inode->i_mode); 1257 int unlink = !!new_inode, new_sz, old_sz; 1258 struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1, 1259 .dirtied_ino = 3 }; 1260 struct ubifs_budget_req ino_req = { .dirtied_ino = 1, 1261 .dirtied_ino_d = ALIGN(old_inode_ui->data_len, 8) }; 1262 struct timespec64 time; 1263 unsigned int saved_nlink; 1264 struct fscrypt_name old_nm, new_nm; 1265 1266 /* 1267 * Budget request settings: deletion direntry, new direntry, removing 1268 * the old inode, and changing old and new parent directory inodes. 1269 * 1270 * However, this operation also marks the target inode as dirty and 1271 * does not write it, so we allocate budget for the target inode 1272 * separately. 1273 */ 1274 1275 dbg_gen("dent '%pd' ino %lu in dir ino %lu to dent '%pd' in dir ino %lu flags 0x%x", 1276 old_dentry, old_inode->i_ino, old_dir->i_ino, 1277 new_dentry, new_dir->i_ino, flags); 1278 1279 if (unlink) { 1280 ubifs_assert(c, inode_is_locked(new_inode)); 1281 1282 err = ubifs_purge_xattrs(new_inode); 1283 if (err) 1284 return err; 1285 } 1286 1287 if (unlink && is_dir) { 1288 err = ubifs_check_dir_empty(new_inode); 1289 if (err) 1290 return err; 1291 } 1292 1293 err = fscrypt_setup_filename(old_dir, &old_dentry->d_name, 0, &old_nm); 1294 if (err) 1295 return err; 1296 1297 err = fscrypt_setup_filename(new_dir, &new_dentry->d_name, 0, &new_nm); 1298 if (err) { 1299 fscrypt_free_filename(&old_nm); 1300 return err; 1301 } 1302 1303 new_sz = CALC_DENT_SIZE(fname_len(&new_nm)); 1304 old_sz = CALC_DENT_SIZE(fname_len(&old_nm)); 1305 1306 err = ubifs_budget_space(c, &req); 1307 if (err) { 1308 fscrypt_free_filename(&old_nm); 1309 fscrypt_free_filename(&new_nm); 1310 return err; 1311 } 1312 err = ubifs_budget_space(c, &ino_req); 1313 if (err) { 1314 fscrypt_free_filename(&old_nm); 1315 fscrypt_free_filename(&new_nm); 1316 ubifs_release_budget(c, &req); 1317 return err; 1318 } 1319 1320 if (flags & RENAME_WHITEOUT) { 1321 union ubifs_dev_desc *dev = NULL; 1322 1323 dev = kmalloc(sizeof(union ubifs_dev_desc), GFP_NOFS); 1324 if (!dev) { 1325 err = -ENOMEM; 1326 goto out_release; 1327 } 1328 1329 err = do_tmpfile(old_dir, old_dentry, S_IFCHR | WHITEOUT_MODE, &whiteout); 1330 if (err) { 1331 kfree(dev); 1332 goto out_release; 1333 } 1334 1335 whiteout->i_state |= I_LINKABLE; 1336 whiteout_ui = ubifs_inode(whiteout); 1337 whiteout_ui->data = dev; 1338 whiteout_ui->data_len = ubifs_encode_dev(dev, MKDEV(0, 0)); 1339 ubifs_assert(c, !whiteout_ui->dirty); 1340 } 1341 1342 lock_4_inodes(old_dir, new_dir, new_inode, whiteout); 1343 1344 /* 1345 * Like most other Unix systems, set the @i_ctime for inodes on a 1346 * rename. 1347 */ 1348 time = current_time(old_dir); 1349 old_inode->i_ctime = time; 1350 1351 /* We must adjust parent link count when renaming directories */ 1352 if (is_dir) { 1353 if (move) { 1354 /* 1355 * @old_dir loses a link because we are moving 1356 * @old_inode to a different directory. 1357 */ 1358 drop_nlink(old_dir); 1359 /* 1360 * @new_dir only gains a link if we are not also 1361 * overwriting an existing directory. 1362 */ 1363 if (!unlink) 1364 inc_nlink(new_dir); 1365 } else { 1366 /* 1367 * @old_inode is not moving to a different directory, 1368 * but @old_dir still loses a link if we are 1369 * overwriting an existing directory. 1370 */ 1371 if (unlink) 1372 drop_nlink(old_dir); 1373 } 1374 } 1375 1376 old_dir->i_size -= old_sz; 1377 ubifs_inode(old_dir)->ui_size = old_dir->i_size; 1378 old_dir->i_mtime = old_dir->i_ctime = time; 1379 new_dir->i_mtime = new_dir->i_ctime = time; 1380 1381 /* 1382 * And finally, if we unlinked a direntry which happened to have the 1383 * same name as the moved direntry, we have to decrement @i_nlink of 1384 * the unlinked inode and change its ctime. 1385 */ 1386 if (unlink) { 1387 /* 1388 * Directories cannot have hard-links, so if this is a 1389 * directory, just clear @i_nlink. 1390 */ 1391 saved_nlink = new_inode->i_nlink; 1392 if (is_dir) 1393 clear_nlink(new_inode); 1394 else 1395 drop_nlink(new_inode); 1396 new_inode->i_ctime = time; 1397 } else { 1398 new_dir->i_size += new_sz; 1399 ubifs_inode(new_dir)->ui_size = new_dir->i_size; 1400 } 1401 1402 /* 1403 * Do not ask 'ubifs_jnl_rename()' to flush write-buffer if @old_inode 1404 * is dirty, because this will be done later on at the end of 1405 * 'ubifs_rename()'. 1406 */ 1407 if (IS_SYNC(old_inode)) { 1408 sync = IS_DIRSYNC(old_dir) || IS_DIRSYNC(new_dir); 1409 if (unlink && IS_SYNC(new_inode)) 1410 sync = 1; 1411 } 1412 1413 if (whiteout) { 1414 struct ubifs_budget_req wht_req = { .dirtied_ino = 1, 1415 .dirtied_ino_d = \ 1416 ALIGN(ubifs_inode(whiteout)->data_len, 8) }; 1417 1418 err = ubifs_budget_space(c, &wht_req); 1419 if (err) { 1420 kfree(whiteout_ui->data); 1421 whiteout_ui->data_len = 0; 1422 iput(whiteout); 1423 goto out_release; 1424 } 1425 1426 inc_nlink(whiteout); 1427 mark_inode_dirty(whiteout); 1428 whiteout->i_state &= ~I_LINKABLE; 1429 iput(whiteout); 1430 } 1431 1432 err = ubifs_jnl_rename(c, old_dir, old_inode, &old_nm, new_dir, 1433 new_inode, &new_nm, whiteout, sync); 1434 if (err) 1435 goto out_cancel; 1436 1437 unlock_4_inodes(old_dir, new_dir, new_inode, whiteout); 1438 ubifs_release_budget(c, &req); 1439 1440 mutex_lock(&old_inode_ui->ui_mutex); 1441 release = old_inode_ui->dirty; 1442 mark_inode_dirty_sync(old_inode); 1443 mutex_unlock(&old_inode_ui->ui_mutex); 1444 1445 if (release) 1446 ubifs_release_budget(c, &ino_req); 1447 if (IS_SYNC(old_inode)) 1448 err = old_inode->i_sb->s_op->write_inode(old_inode, NULL); 1449 1450 fscrypt_free_filename(&old_nm); 1451 fscrypt_free_filename(&new_nm); 1452 return err; 1453 1454 out_cancel: 1455 if (unlink) { 1456 set_nlink(new_inode, saved_nlink); 1457 } else { 1458 new_dir->i_size -= new_sz; 1459 ubifs_inode(new_dir)->ui_size = new_dir->i_size; 1460 } 1461 old_dir->i_size += old_sz; 1462 ubifs_inode(old_dir)->ui_size = old_dir->i_size; 1463 if (is_dir) { 1464 if (move) { 1465 inc_nlink(old_dir); 1466 if (!unlink) 1467 drop_nlink(new_dir); 1468 } else { 1469 if (unlink) 1470 inc_nlink(old_dir); 1471 } 1472 } 1473 if (whiteout) { 1474 drop_nlink(whiteout); 1475 iput(whiteout); 1476 } 1477 unlock_4_inodes(old_dir, new_dir, new_inode, whiteout); 1478 out_release: 1479 ubifs_release_budget(c, &ino_req); 1480 ubifs_release_budget(c, &req); 1481 fscrypt_free_filename(&old_nm); 1482 fscrypt_free_filename(&new_nm); 1483 return err; 1484 } 1485 1486 static int ubifs_xrename(struct inode *old_dir, struct dentry *old_dentry, 1487 struct inode *new_dir, struct dentry *new_dentry) 1488 { 1489 struct ubifs_info *c = old_dir->i_sb->s_fs_info; 1490 struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1, 1491 .dirtied_ino = 2 }; 1492 int sync = IS_DIRSYNC(old_dir) || IS_DIRSYNC(new_dir); 1493 struct inode *fst_inode = d_inode(old_dentry); 1494 struct inode *snd_inode = d_inode(new_dentry); 1495 struct timespec64 time; 1496 int err; 1497 struct fscrypt_name fst_nm, snd_nm; 1498 1499 ubifs_assert(c, fst_inode && snd_inode); 1500 1501 err = fscrypt_setup_filename(old_dir, &old_dentry->d_name, 0, &fst_nm); 1502 if (err) 1503 return err; 1504 1505 err = fscrypt_setup_filename(new_dir, &new_dentry->d_name, 0, &snd_nm); 1506 if (err) { 1507 fscrypt_free_filename(&fst_nm); 1508 return err; 1509 } 1510 1511 lock_4_inodes(old_dir, new_dir, NULL, NULL); 1512 1513 time = current_time(old_dir); 1514 fst_inode->i_ctime = time; 1515 snd_inode->i_ctime = time; 1516 old_dir->i_mtime = old_dir->i_ctime = time; 1517 new_dir->i_mtime = new_dir->i_ctime = time; 1518 1519 if (old_dir != new_dir) { 1520 if (S_ISDIR(fst_inode->i_mode) && !S_ISDIR(snd_inode->i_mode)) { 1521 inc_nlink(new_dir); 1522 drop_nlink(old_dir); 1523 } 1524 else if (!S_ISDIR(fst_inode->i_mode) && S_ISDIR(snd_inode->i_mode)) { 1525 drop_nlink(new_dir); 1526 inc_nlink(old_dir); 1527 } 1528 } 1529 1530 err = ubifs_jnl_xrename(c, old_dir, fst_inode, &fst_nm, new_dir, 1531 snd_inode, &snd_nm, sync); 1532 1533 unlock_4_inodes(old_dir, new_dir, NULL, NULL); 1534 ubifs_release_budget(c, &req); 1535 1536 fscrypt_free_filename(&fst_nm); 1537 fscrypt_free_filename(&snd_nm); 1538 return err; 1539 } 1540 1541 static int ubifs_rename(struct inode *old_dir, struct dentry *old_dentry, 1542 struct inode *new_dir, struct dentry *new_dentry, 1543 unsigned int flags) 1544 { 1545 int err; 1546 struct ubifs_info *c = old_dir->i_sb->s_fs_info; 1547 1548 if (flags & ~(RENAME_NOREPLACE | RENAME_WHITEOUT | RENAME_EXCHANGE)) 1549 return -EINVAL; 1550 1551 ubifs_assert(c, inode_is_locked(old_dir)); 1552 ubifs_assert(c, inode_is_locked(new_dir)); 1553 1554 err = fscrypt_prepare_rename(old_dir, old_dentry, new_dir, new_dentry, 1555 flags); 1556 if (err) 1557 return err; 1558 1559 if (flags & RENAME_EXCHANGE) 1560 return ubifs_xrename(old_dir, old_dentry, new_dir, new_dentry); 1561 1562 return do_rename(old_dir, old_dentry, new_dir, new_dentry, flags); 1563 } 1564 1565 int ubifs_getattr(const struct path *path, struct kstat *stat, 1566 u32 request_mask, unsigned int flags) 1567 { 1568 loff_t size; 1569 struct inode *inode = d_inode(path->dentry); 1570 struct ubifs_inode *ui = ubifs_inode(inode); 1571 1572 mutex_lock(&ui->ui_mutex); 1573 1574 if (ui->flags & UBIFS_APPEND_FL) 1575 stat->attributes |= STATX_ATTR_APPEND; 1576 if (ui->flags & UBIFS_COMPR_FL) 1577 stat->attributes |= STATX_ATTR_COMPRESSED; 1578 if (ui->flags & UBIFS_CRYPT_FL) 1579 stat->attributes |= STATX_ATTR_ENCRYPTED; 1580 if (ui->flags & UBIFS_IMMUTABLE_FL) 1581 stat->attributes |= STATX_ATTR_IMMUTABLE; 1582 1583 stat->attributes_mask |= (STATX_ATTR_APPEND | 1584 STATX_ATTR_COMPRESSED | 1585 STATX_ATTR_ENCRYPTED | 1586 STATX_ATTR_IMMUTABLE); 1587 1588 generic_fillattr(inode, stat); 1589 stat->blksize = UBIFS_BLOCK_SIZE; 1590 stat->size = ui->ui_size; 1591 1592 /* 1593 * Unfortunately, the 'stat()' system call was designed for block 1594 * device based file systems, and it is not appropriate for UBIFS, 1595 * because UBIFS does not have notion of "block". For example, it is 1596 * difficult to tell how many block a directory takes - it actually 1597 * takes less than 300 bytes, but we have to round it to block size, 1598 * which introduces large mistake. This makes utilities like 'du' to 1599 * report completely senseless numbers. This is the reason why UBIFS 1600 * goes the same way as JFFS2 - it reports zero blocks for everything 1601 * but regular files, which makes more sense than reporting completely 1602 * wrong sizes. 1603 */ 1604 if (S_ISREG(inode->i_mode)) { 1605 size = ui->xattr_size; 1606 size += stat->size; 1607 size = ALIGN(size, UBIFS_BLOCK_SIZE); 1608 /* 1609 * Note, user-space expects 512-byte blocks count irrespectively 1610 * of what was reported in @stat->size. 1611 */ 1612 stat->blocks = size >> 9; 1613 } else 1614 stat->blocks = 0; 1615 mutex_unlock(&ui->ui_mutex); 1616 return 0; 1617 } 1618 1619 static int ubifs_dir_open(struct inode *dir, struct file *file) 1620 { 1621 if (IS_ENCRYPTED(dir)) 1622 return fscrypt_get_encryption_info(dir) ? -EACCES : 0; 1623 1624 return 0; 1625 } 1626 1627 const struct inode_operations ubifs_dir_inode_operations = { 1628 .lookup = ubifs_lookup, 1629 .create = ubifs_create, 1630 .link = ubifs_link, 1631 .symlink = ubifs_symlink, 1632 .unlink = ubifs_unlink, 1633 .mkdir = ubifs_mkdir, 1634 .rmdir = ubifs_rmdir, 1635 .mknod = ubifs_mknod, 1636 .rename = ubifs_rename, 1637 .setattr = ubifs_setattr, 1638 .getattr = ubifs_getattr, 1639 #ifdef CONFIG_UBIFS_FS_XATTR 1640 .listxattr = ubifs_listxattr, 1641 #endif 1642 .update_time = ubifs_update_time, 1643 .tmpfile = ubifs_tmpfile, 1644 }; 1645 1646 const struct file_operations ubifs_dir_operations = { 1647 .llseek = generic_file_llseek, 1648 .release = ubifs_dir_release, 1649 .read = generic_read_dir, 1650 .iterate_shared = ubifs_readdir, 1651 .fsync = ubifs_fsync, 1652 .unlocked_ioctl = ubifs_ioctl, 1653 .open = ubifs_dir_open, 1654 #ifdef CONFIG_COMPAT 1655 .compat_ioctl = ubifs_compat_ioctl, 1656 #endif 1657 }; 1658