1 /* * This file is part of UBIFS. 2 * 3 * Copyright (C) 2006-2008 Nokia Corporation. 4 * Copyright (C) 2006, 2007 University of Szeged, Hungary 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms of the GNU General Public License version 2 as published by 8 * the Free Software Foundation. 9 * 10 * This program is distributed in the hope that it will be useful, but WITHOUT 11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for 13 * more details. 14 * 15 * You should have received a copy of the GNU General Public License along with 16 * this program; if not, write to the Free Software Foundation, Inc., 51 17 * Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 18 * 19 * Authors: Artem Bityutskiy (Битюцкий Артём) 20 * Adrian Hunter 21 * Zoltan Sogor 22 */ 23 24 /* 25 * This file implements directory operations. 26 * 27 * All FS operations in this file allocate budget before writing anything to the 28 * media. If they fail to allocate it, the error is returned. The only 29 * exceptions are 'ubifs_unlink()' and 'ubifs_rmdir()' which keep working even 30 * if they unable to allocate the budget, because deletion %-ENOSPC failure is 31 * not what users are usually ready to get. UBIFS budgeting subsystem has some 32 * space reserved for these purposes. 33 * 34 * All operations in this file write all inodes which they change straight 35 * away, instead of marking them dirty. For example, 'ubifs_link()' changes 36 * @i_size of the parent inode and writes the parent inode together with the 37 * target inode. This was done to simplify file-system recovery which would 38 * otherwise be very difficult to do. The only exception is rename which marks 39 * the re-named inode dirty (because its @i_ctime is updated) but does not 40 * write it, but just marks it as dirty. 41 */ 42 43 #include "ubifs.h" 44 45 /** 46 * inherit_flags - inherit flags of the parent inode. 47 * @dir: parent inode 48 * @mode: new inode mode flags 49 * 50 * This is a helper function for 'ubifs_new_inode()' which inherits flag of the 51 * parent directory inode @dir. UBIFS inodes inherit the following flags: 52 * o %UBIFS_COMPR_FL, which is useful to switch compression on/of on 53 * sub-directory basis; 54 * o %UBIFS_SYNC_FL - useful for the same reasons; 55 * o %UBIFS_DIRSYNC_FL - similar, but relevant only to directories. 56 * 57 * This function returns the inherited flags. 58 */ 59 static int inherit_flags(const struct inode *dir, umode_t mode) 60 { 61 int flags; 62 const struct ubifs_inode *ui = ubifs_inode(dir); 63 64 if (!S_ISDIR(dir->i_mode)) 65 /* 66 * The parent is not a directory, which means that an extended 67 * attribute inode is being created. No flags. 68 */ 69 return 0; 70 71 flags = ui->flags & (UBIFS_COMPR_FL | UBIFS_SYNC_FL | UBIFS_DIRSYNC_FL); 72 if (!S_ISDIR(mode)) 73 /* The "DIRSYNC" flag only applies to directories */ 74 flags &= ~UBIFS_DIRSYNC_FL; 75 return flags; 76 } 77 78 /** 79 * ubifs_new_inode - allocate new UBIFS inode object. 80 * @c: UBIFS file-system description object 81 * @dir: parent directory inode 82 * @mode: inode mode flags 83 * 84 * This function finds an unused inode number, allocates new inode and 85 * initializes it. Returns new inode in case of success and an error code in 86 * case of failure. 87 */ 88 struct inode *ubifs_new_inode(struct ubifs_info *c, struct inode *dir, 89 umode_t mode) 90 { 91 int err; 92 struct inode *inode; 93 struct ubifs_inode *ui; 94 bool encrypted = false; 95 96 if (ubifs_crypt_is_encrypted(dir)) { 97 err = fscrypt_get_encryption_info(dir); 98 if (err) { 99 ubifs_err(c, "fscrypt_get_encryption_info failed: %i", err); 100 return ERR_PTR(err); 101 } 102 103 if (!fscrypt_has_encryption_key(dir)) 104 return ERR_PTR(-EPERM); 105 106 encrypted = true; 107 } 108 109 inode = new_inode(c->vfs_sb); 110 ui = ubifs_inode(inode); 111 if (!inode) 112 return ERR_PTR(-ENOMEM); 113 114 /* 115 * Set 'S_NOCMTIME' to prevent VFS form updating [mc]time of inodes and 116 * marking them dirty in file write path (see 'file_update_time()'). 117 * UBIFS has to fully control "clean <-> dirty" transitions of inodes 118 * to make budgeting work. 119 */ 120 inode->i_flags |= S_NOCMTIME; 121 122 inode_init_owner(inode, dir, mode); 123 inode->i_mtime = inode->i_atime = inode->i_ctime = 124 current_time(inode); 125 inode->i_mapping->nrpages = 0; 126 127 switch (mode & S_IFMT) { 128 case S_IFREG: 129 inode->i_mapping->a_ops = &ubifs_file_address_operations; 130 inode->i_op = &ubifs_file_inode_operations; 131 inode->i_fop = &ubifs_file_operations; 132 break; 133 case S_IFDIR: 134 inode->i_op = &ubifs_dir_inode_operations; 135 inode->i_fop = &ubifs_dir_operations; 136 inode->i_size = ui->ui_size = UBIFS_INO_NODE_SZ; 137 break; 138 case S_IFLNK: 139 inode->i_op = &ubifs_symlink_inode_operations; 140 break; 141 case S_IFSOCK: 142 case S_IFIFO: 143 case S_IFBLK: 144 case S_IFCHR: 145 inode->i_op = &ubifs_file_inode_operations; 146 encrypted = false; 147 break; 148 default: 149 BUG(); 150 } 151 152 ui->flags = inherit_flags(dir, mode); 153 ubifs_set_inode_flags(inode); 154 if (S_ISREG(mode)) 155 ui->compr_type = c->default_compr; 156 else 157 ui->compr_type = UBIFS_COMPR_NONE; 158 ui->synced_i_size = 0; 159 160 spin_lock(&c->cnt_lock); 161 /* Inode number overflow is currently not supported */ 162 if (c->highest_inum >= INUM_WARN_WATERMARK) { 163 if (c->highest_inum >= INUM_WATERMARK) { 164 spin_unlock(&c->cnt_lock); 165 ubifs_err(c, "out of inode numbers"); 166 make_bad_inode(inode); 167 iput(inode); 168 return ERR_PTR(-EINVAL); 169 } 170 ubifs_warn(c, "running out of inode numbers (current %lu, max %u)", 171 (unsigned long)c->highest_inum, INUM_WATERMARK); 172 } 173 174 inode->i_ino = ++c->highest_inum; 175 /* 176 * The creation sequence number remains with this inode for its 177 * lifetime. All nodes for this inode have a greater sequence number, 178 * and so it is possible to distinguish obsolete nodes belonging to a 179 * previous incarnation of the same inode number - for example, for the 180 * purpose of rebuilding the index. 181 */ 182 ui->creat_sqnum = ++c->max_sqnum; 183 spin_unlock(&c->cnt_lock); 184 185 if (encrypted) { 186 err = fscrypt_inherit_context(dir, inode, &encrypted, true); 187 if (err) { 188 ubifs_err(c, "fscrypt_inherit_context failed: %i", err); 189 make_bad_inode(inode); 190 iput(inode); 191 return ERR_PTR(err); 192 } 193 } 194 195 return inode; 196 } 197 198 static int dbg_check_name(const struct ubifs_info *c, 199 const struct ubifs_dent_node *dent, 200 const struct fscrypt_name *nm) 201 { 202 if (!dbg_is_chk_gen(c)) 203 return 0; 204 if (le16_to_cpu(dent->nlen) != fname_len(nm)) 205 return -EINVAL; 206 if (memcmp(dent->name, fname_name(nm), fname_len(nm))) 207 return -EINVAL; 208 return 0; 209 } 210 211 static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry, 212 unsigned int flags) 213 { 214 int err; 215 union ubifs_key key; 216 struct inode *inode = NULL; 217 struct ubifs_dent_node *dent; 218 struct ubifs_info *c = dir->i_sb->s_fs_info; 219 struct fscrypt_name nm; 220 221 dbg_gen("'%pd' in dir ino %lu", dentry, dir->i_ino); 222 223 if (ubifs_crypt_is_encrypted(dir)) { 224 err = fscrypt_get_encryption_info(dir); 225 226 /* 227 * DCACHE_ENCRYPTED_WITH_KEY is set if the dentry is 228 * created while the directory was encrypted and we 229 * have access to the key. 230 */ 231 if (fscrypt_has_encryption_key(dir)) 232 fscrypt_set_encrypted_dentry(dentry); 233 fscrypt_set_d_op(dentry); 234 if (err && err != -ENOKEY) 235 return ERR_PTR(err); 236 } 237 238 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm); 239 if (err) 240 return ERR_PTR(err); 241 242 if (fname_len(&nm) > UBIFS_MAX_NLEN) { 243 err = -ENAMETOOLONG; 244 goto out_fname; 245 } 246 247 dent = kmalloc(UBIFS_MAX_DENT_NODE_SZ, GFP_NOFS); 248 if (!dent) { 249 err = -ENOMEM; 250 goto out_fname; 251 } 252 253 if (nm.hash) { 254 ubifs_assert(fname_len(&nm) == 0); 255 ubifs_assert(fname_name(&nm) == NULL); 256 dent_key_init_hash(c, &key, dir->i_ino, nm.hash); 257 err = ubifs_tnc_lookup_dh(c, &key, dent, nm.minor_hash); 258 } else { 259 dent_key_init(c, &key, dir->i_ino, &nm); 260 err = ubifs_tnc_lookup_nm(c, &key, dent, &nm); 261 } 262 263 if (err) { 264 if (err == -ENOENT) { 265 dbg_gen("not found"); 266 goto done; 267 } 268 goto out_dent; 269 } 270 271 if (dbg_check_name(c, dent, &nm)) { 272 err = -EINVAL; 273 goto out_dent; 274 } 275 276 inode = ubifs_iget(dir->i_sb, le64_to_cpu(dent->inum)); 277 if (IS_ERR(inode)) { 278 /* 279 * This should not happen. Probably the file-system needs 280 * checking. 281 */ 282 err = PTR_ERR(inode); 283 ubifs_err(c, "dead directory entry '%pd', error %d", 284 dentry, err); 285 ubifs_ro_mode(c, err); 286 goto out_dent; 287 } 288 289 if (ubifs_crypt_is_encrypted(dir) && 290 (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) && 291 !fscrypt_has_permitted_context(dir, inode)) { 292 ubifs_warn(c, "Inconsistent encryption contexts: %lu/%lu", 293 dir->i_ino, inode->i_ino); 294 err = -EPERM; 295 goto out_inode; 296 } 297 298 done: 299 kfree(dent); 300 fscrypt_free_filename(&nm); 301 /* 302 * Note, d_splice_alias() would be required instead if we supported 303 * NFS. 304 */ 305 d_add(dentry, inode); 306 return NULL; 307 308 out_inode: 309 iput(inode); 310 out_dent: 311 kfree(dent); 312 out_fname: 313 fscrypt_free_filename(&nm); 314 return ERR_PTR(err); 315 } 316 317 static int ubifs_create(struct inode *dir, struct dentry *dentry, umode_t mode, 318 bool excl) 319 { 320 struct inode *inode; 321 struct ubifs_info *c = dir->i_sb->s_fs_info; 322 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 323 .dirtied_ino = 1 }; 324 struct ubifs_inode *dir_ui = ubifs_inode(dir); 325 struct fscrypt_name nm; 326 int err, sz_change; 327 328 /* 329 * Budget request settings: new inode, new direntry, changing the 330 * parent directory inode. 331 */ 332 333 dbg_gen("dent '%pd', mode %#hx in dir ino %lu", 334 dentry, mode, dir->i_ino); 335 336 err = ubifs_budget_space(c, &req); 337 if (err) 338 return err; 339 340 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 341 if (err) 342 goto out_budg; 343 344 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 345 346 inode = ubifs_new_inode(c, dir, mode); 347 if (IS_ERR(inode)) { 348 err = PTR_ERR(inode); 349 goto out_fname; 350 } 351 352 err = ubifs_init_security(dir, inode, &dentry->d_name); 353 if (err) 354 goto out_inode; 355 356 mutex_lock(&dir_ui->ui_mutex); 357 dir->i_size += sz_change; 358 dir_ui->ui_size = dir->i_size; 359 dir->i_mtime = dir->i_ctime = inode->i_ctime; 360 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 361 if (err) 362 goto out_cancel; 363 mutex_unlock(&dir_ui->ui_mutex); 364 365 ubifs_release_budget(c, &req); 366 fscrypt_free_filename(&nm); 367 insert_inode_hash(inode); 368 d_instantiate(dentry, inode); 369 return 0; 370 371 out_cancel: 372 dir->i_size -= sz_change; 373 dir_ui->ui_size = dir->i_size; 374 mutex_unlock(&dir_ui->ui_mutex); 375 out_inode: 376 make_bad_inode(inode); 377 iput(inode); 378 out_fname: 379 fscrypt_free_filename(&nm); 380 out_budg: 381 ubifs_release_budget(c, &req); 382 ubifs_err(c, "cannot create regular file, error %d", err); 383 return err; 384 } 385 386 static int do_tmpfile(struct inode *dir, struct dentry *dentry, 387 umode_t mode, struct inode **whiteout) 388 { 389 struct inode *inode; 390 struct ubifs_info *c = dir->i_sb->s_fs_info; 391 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1}; 392 struct ubifs_budget_req ino_req = { .dirtied_ino = 1 }; 393 struct ubifs_inode *ui, *dir_ui = ubifs_inode(dir); 394 int err, instantiated = 0; 395 struct fscrypt_name nm; 396 397 /* 398 * Budget request settings: new dirty inode, new direntry, 399 * budget for dirtied inode will be released via writeback. 400 */ 401 402 dbg_gen("dent '%pd', mode %#hx in dir ino %lu", 403 dentry, mode, dir->i_ino); 404 405 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 406 if (err) 407 return err; 408 409 err = ubifs_budget_space(c, &req); 410 if (err) { 411 fscrypt_free_filename(&nm); 412 return err; 413 } 414 415 err = ubifs_budget_space(c, &ino_req); 416 if (err) { 417 ubifs_release_budget(c, &req); 418 fscrypt_free_filename(&nm); 419 return err; 420 } 421 422 inode = ubifs_new_inode(c, dir, mode); 423 if (IS_ERR(inode)) { 424 err = PTR_ERR(inode); 425 goto out_budg; 426 } 427 ui = ubifs_inode(inode); 428 429 if (whiteout) { 430 init_special_inode(inode, inode->i_mode, WHITEOUT_DEV); 431 ubifs_assert(inode->i_op == &ubifs_file_inode_operations); 432 } 433 434 err = ubifs_init_security(dir, inode, &dentry->d_name); 435 if (err) 436 goto out_inode; 437 438 mutex_lock(&ui->ui_mutex); 439 insert_inode_hash(inode); 440 441 if (whiteout) { 442 mark_inode_dirty(inode); 443 drop_nlink(inode); 444 *whiteout = inode; 445 } else { 446 d_tmpfile(dentry, inode); 447 } 448 ubifs_assert(ui->dirty); 449 450 instantiated = 1; 451 mutex_unlock(&ui->ui_mutex); 452 453 mutex_lock(&dir_ui->ui_mutex); 454 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0); 455 if (err) 456 goto out_cancel; 457 mutex_unlock(&dir_ui->ui_mutex); 458 459 ubifs_release_budget(c, &req); 460 461 return 0; 462 463 out_cancel: 464 mutex_unlock(&dir_ui->ui_mutex); 465 out_inode: 466 make_bad_inode(inode); 467 if (!instantiated) 468 iput(inode); 469 out_budg: 470 ubifs_release_budget(c, &req); 471 if (!instantiated) 472 ubifs_release_budget(c, &ino_req); 473 fscrypt_free_filename(&nm); 474 ubifs_err(c, "cannot create temporary file, error %d", err); 475 return err; 476 } 477 478 static int ubifs_tmpfile(struct inode *dir, struct dentry *dentry, 479 umode_t mode) 480 { 481 return do_tmpfile(dir, dentry, mode, NULL); 482 } 483 484 /** 485 * vfs_dent_type - get VFS directory entry type. 486 * @type: UBIFS directory entry type 487 * 488 * This function converts UBIFS directory entry type into VFS directory entry 489 * type. 490 */ 491 static unsigned int vfs_dent_type(uint8_t type) 492 { 493 switch (type) { 494 case UBIFS_ITYPE_REG: 495 return DT_REG; 496 case UBIFS_ITYPE_DIR: 497 return DT_DIR; 498 case UBIFS_ITYPE_LNK: 499 return DT_LNK; 500 case UBIFS_ITYPE_BLK: 501 return DT_BLK; 502 case UBIFS_ITYPE_CHR: 503 return DT_CHR; 504 case UBIFS_ITYPE_FIFO: 505 return DT_FIFO; 506 case UBIFS_ITYPE_SOCK: 507 return DT_SOCK; 508 default: 509 BUG(); 510 } 511 return 0; 512 } 513 514 /* 515 * The classical Unix view for directory is that it is a linear array of 516 * (name, inode number) entries. Linux/VFS assumes this model as well. 517 * Particularly, 'readdir()' call wants us to return a directory entry offset 518 * which later may be used to continue 'readdir()'ing the directory or to 519 * 'seek()' to that specific direntry. Obviously UBIFS does not really fit this 520 * model because directory entries are identified by keys, which may collide. 521 * 522 * UBIFS uses directory entry hash value for directory offsets, so 523 * 'seekdir()'/'telldir()' may not always work because of possible key 524 * collisions. But UBIFS guarantees that consecutive 'readdir()' calls work 525 * properly by means of saving full directory entry name in the private field 526 * of the file description object. 527 * 528 * This means that UBIFS cannot support NFS which requires full 529 * 'seekdir()'/'telldir()' support. 530 */ 531 static int ubifs_readdir(struct file *file, struct dir_context *ctx) 532 { 533 int fstr_real_len = 0, err = 0; 534 struct fscrypt_name nm; 535 struct fscrypt_str fstr = {0}; 536 union ubifs_key key; 537 struct ubifs_dent_node *dent; 538 struct inode *dir = file_inode(file); 539 struct ubifs_info *c = dir->i_sb->s_fs_info; 540 bool encrypted = ubifs_crypt_is_encrypted(dir); 541 542 dbg_gen("dir ino %lu, f_pos %#llx", dir->i_ino, ctx->pos); 543 544 if (ctx->pos > UBIFS_S_KEY_HASH_MASK || ctx->pos == 2) 545 /* 546 * The directory was seek'ed to a senseless position or there 547 * are no more entries. 548 */ 549 return 0; 550 551 if (encrypted) { 552 err = fscrypt_get_encryption_info(dir); 553 if (err && err != -ENOKEY) 554 return err; 555 556 err = fscrypt_fname_alloc_buffer(dir, UBIFS_MAX_NLEN, &fstr); 557 if (err) 558 return err; 559 560 fstr_real_len = fstr.len; 561 } 562 563 if (file->f_version == 0) { 564 /* 565 * The file was seek'ed, which means that @file->private_data 566 * is now invalid. This may also be just the first 567 * 'ubifs_readdir()' invocation, in which case 568 * @file->private_data is NULL, and the below code is 569 * basically a no-op. 570 */ 571 kfree(file->private_data); 572 file->private_data = NULL; 573 } 574 575 /* 576 * 'generic_file_llseek()' unconditionally sets @file->f_version to 577 * zero, and we use this for detecting whether the file was seek'ed. 578 */ 579 file->f_version = 1; 580 581 /* File positions 0 and 1 correspond to "." and ".." */ 582 if (ctx->pos < 2) { 583 ubifs_assert(!file->private_data); 584 if (!dir_emit_dots(file, ctx)) { 585 if (encrypted) 586 fscrypt_fname_free_buffer(&fstr); 587 return 0; 588 } 589 590 /* Find the first entry in TNC and save it */ 591 lowest_dent_key(c, &key, dir->i_ino); 592 fname_len(&nm) = 0; 593 dent = ubifs_tnc_next_ent(c, &key, &nm); 594 if (IS_ERR(dent)) { 595 err = PTR_ERR(dent); 596 goto out; 597 } 598 599 ctx->pos = key_hash_flash(c, &dent->key); 600 file->private_data = dent; 601 } 602 603 dent = file->private_data; 604 if (!dent) { 605 /* 606 * The directory was seek'ed to and is now readdir'ed. 607 * Find the entry corresponding to @ctx->pos or the closest one. 608 */ 609 dent_key_init_hash(c, &key, dir->i_ino, ctx->pos); 610 fname_len(&nm) = 0; 611 dent = ubifs_tnc_next_ent(c, &key, &nm); 612 if (IS_ERR(dent)) { 613 err = PTR_ERR(dent); 614 goto out; 615 } 616 ctx->pos = key_hash_flash(c, &dent->key); 617 file->private_data = dent; 618 } 619 620 while (1) { 621 dbg_gen("ino %llu, new f_pos %#x", 622 (unsigned long long)le64_to_cpu(dent->inum), 623 key_hash_flash(c, &dent->key)); 624 ubifs_assert(le64_to_cpu(dent->ch.sqnum) > 625 ubifs_inode(dir)->creat_sqnum); 626 627 fname_len(&nm) = le16_to_cpu(dent->nlen); 628 fname_name(&nm) = dent->name; 629 630 if (encrypted) { 631 fstr.len = fstr_real_len; 632 633 err = fscrypt_fname_disk_to_usr(dir, key_hash_flash(c, 634 &dent->key), 635 le32_to_cpu(dent->cookie), 636 &nm.disk_name, &fstr); 637 if (err) 638 goto out; 639 } else { 640 fstr.len = fname_len(&nm); 641 fstr.name = fname_name(&nm); 642 } 643 644 if (!dir_emit(ctx, fstr.name, fstr.len, 645 le64_to_cpu(dent->inum), 646 vfs_dent_type(dent->type))) { 647 if (encrypted) 648 fscrypt_fname_free_buffer(&fstr); 649 return 0; 650 } 651 652 /* Switch to the next entry */ 653 key_read(c, &dent->key, &key); 654 dent = ubifs_tnc_next_ent(c, &key, &nm); 655 if (IS_ERR(dent)) { 656 err = PTR_ERR(dent); 657 goto out; 658 } 659 660 kfree(file->private_data); 661 ctx->pos = key_hash_flash(c, &dent->key); 662 file->private_data = dent; 663 cond_resched(); 664 } 665 666 out: 667 kfree(file->private_data); 668 file->private_data = NULL; 669 670 if (encrypted) 671 fscrypt_fname_free_buffer(&fstr); 672 673 if (err != -ENOENT) 674 ubifs_err(c, "cannot find next direntry, error %d", err); 675 else 676 /* 677 * -ENOENT is a non-fatal error in this context, the TNC uses 678 * it to indicate that the cursor moved past the current directory 679 * and readdir() has to stop. 680 */ 681 err = 0; 682 683 684 /* 2 is a special value indicating that there are no more direntries */ 685 ctx->pos = 2; 686 return err; 687 } 688 689 /* Free saved readdir() state when the directory is closed */ 690 static int ubifs_dir_release(struct inode *dir, struct file *file) 691 { 692 kfree(file->private_data); 693 file->private_data = NULL; 694 return 0; 695 } 696 697 /** 698 * lock_2_inodes - a wrapper for locking two UBIFS inodes. 699 * @inode1: first inode 700 * @inode2: second inode 701 * 702 * We do not implement any tricks to guarantee strict lock ordering, because 703 * VFS has already done it for us on the @i_mutex. So this is just a simple 704 * wrapper function. 705 */ 706 static void lock_2_inodes(struct inode *inode1, struct inode *inode2) 707 { 708 mutex_lock_nested(&ubifs_inode(inode1)->ui_mutex, WB_MUTEX_1); 709 mutex_lock_nested(&ubifs_inode(inode2)->ui_mutex, WB_MUTEX_2); 710 } 711 712 /** 713 * unlock_2_inodes - a wrapper for unlocking two UBIFS inodes. 714 * @inode1: first inode 715 * @inode2: second inode 716 */ 717 static void unlock_2_inodes(struct inode *inode1, struct inode *inode2) 718 { 719 mutex_unlock(&ubifs_inode(inode2)->ui_mutex); 720 mutex_unlock(&ubifs_inode(inode1)->ui_mutex); 721 } 722 723 static int ubifs_link(struct dentry *old_dentry, struct inode *dir, 724 struct dentry *dentry) 725 { 726 struct ubifs_info *c = dir->i_sb->s_fs_info; 727 struct inode *inode = d_inode(old_dentry); 728 struct ubifs_inode *ui = ubifs_inode(inode); 729 struct ubifs_inode *dir_ui = ubifs_inode(dir); 730 int err, sz_change = CALC_DENT_SIZE(dentry->d_name.len); 731 struct ubifs_budget_req req = { .new_dent = 1, .dirtied_ino = 2, 732 .dirtied_ino_d = ALIGN(ui->data_len, 8) }; 733 struct fscrypt_name nm; 734 735 /* 736 * Budget request settings: new direntry, changing the target inode, 737 * changing the parent inode. 738 */ 739 740 dbg_gen("dent '%pd' to ino %lu (nlink %d) in dir ino %lu", 741 dentry, inode->i_ino, 742 inode->i_nlink, dir->i_ino); 743 ubifs_assert(inode_is_locked(dir)); 744 ubifs_assert(inode_is_locked(inode)); 745 746 if (ubifs_crypt_is_encrypted(dir) && 747 !fscrypt_has_permitted_context(dir, inode)) 748 return -EPERM; 749 750 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 751 if (err) 752 return err; 753 754 err = dbg_check_synced_i_size(c, inode); 755 if (err) 756 goto out_fname; 757 758 err = ubifs_budget_space(c, &req); 759 if (err) 760 goto out_fname; 761 762 lock_2_inodes(dir, inode); 763 764 /* Handle O_TMPFILE corner case, it is allowed to link a O_TMPFILE. */ 765 if (inode->i_nlink == 0) 766 ubifs_delete_orphan(c, inode->i_ino); 767 768 inc_nlink(inode); 769 ihold(inode); 770 inode->i_ctime = current_time(inode); 771 dir->i_size += sz_change; 772 dir_ui->ui_size = dir->i_size; 773 dir->i_mtime = dir->i_ctime = inode->i_ctime; 774 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 775 if (err) 776 goto out_cancel; 777 unlock_2_inodes(dir, inode); 778 779 ubifs_release_budget(c, &req); 780 d_instantiate(dentry, inode); 781 fscrypt_free_filename(&nm); 782 return 0; 783 784 out_cancel: 785 dir->i_size -= sz_change; 786 dir_ui->ui_size = dir->i_size; 787 drop_nlink(inode); 788 if (inode->i_nlink == 0) 789 ubifs_add_orphan(c, inode->i_ino); 790 unlock_2_inodes(dir, inode); 791 ubifs_release_budget(c, &req); 792 iput(inode); 793 out_fname: 794 fscrypt_free_filename(&nm); 795 return err; 796 } 797 798 static int ubifs_unlink(struct inode *dir, struct dentry *dentry) 799 { 800 struct ubifs_info *c = dir->i_sb->s_fs_info; 801 struct inode *inode = d_inode(dentry); 802 struct ubifs_inode *dir_ui = ubifs_inode(dir); 803 int err, sz_change, budgeted = 1; 804 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 }; 805 unsigned int saved_nlink = inode->i_nlink; 806 struct fscrypt_name nm; 807 808 /* 809 * Budget request settings: deletion direntry, deletion inode (+1 for 810 * @dirtied_ino), changing the parent directory inode. If budgeting 811 * fails, go ahead anyway because we have extra space reserved for 812 * deletions. 813 */ 814 815 dbg_gen("dent '%pd' from ino %lu (nlink %d) in dir ino %lu", 816 dentry, inode->i_ino, 817 inode->i_nlink, dir->i_ino); 818 819 if (ubifs_crypt_is_encrypted(dir)) { 820 err = fscrypt_get_encryption_info(dir); 821 if (err && err != -ENOKEY) 822 return err; 823 } 824 825 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm); 826 if (err) 827 return err; 828 829 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 830 831 ubifs_assert(inode_is_locked(dir)); 832 ubifs_assert(inode_is_locked(inode)); 833 err = dbg_check_synced_i_size(c, inode); 834 if (err) 835 goto out_fname; 836 837 err = ubifs_budget_space(c, &req); 838 if (err) { 839 if (err != -ENOSPC) 840 goto out_fname; 841 budgeted = 0; 842 } 843 844 lock_2_inodes(dir, inode); 845 inode->i_ctime = current_time(dir); 846 drop_nlink(inode); 847 dir->i_size -= sz_change; 848 dir_ui->ui_size = dir->i_size; 849 dir->i_mtime = dir->i_ctime = inode->i_ctime; 850 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0); 851 if (err) 852 goto out_cancel; 853 unlock_2_inodes(dir, inode); 854 855 if (budgeted) 856 ubifs_release_budget(c, &req); 857 else { 858 /* We've deleted something - clean the "no space" flags */ 859 c->bi.nospace = c->bi.nospace_rp = 0; 860 smp_wmb(); 861 } 862 fscrypt_free_filename(&nm); 863 return 0; 864 865 out_cancel: 866 dir->i_size += sz_change; 867 dir_ui->ui_size = dir->i_size; 868 set_nlink(inode, saved_nlink); 869 unlock_2_inodes(dir, inode); 870 if (budgeted) 871 ubifs_release_budget(c, &req); 872 out_fname: 873 fscrypt_free_filename(&nm); 874 return err; 875 } 876 877 /** 878 * check_dir_empty - check if a directory is empty or not. 879 * @dir: VFS inode object of the directory to check 880 * 881 * This function checks if directory @dir is empty. Returns zero if the 882 * directory is empty, %-ENOTEMPTY if it is not, and other negative error codes 883 * in case of of errors. 884 */ 885 int ubifs_check_dir_empty(struct inode *dir) 886 { 887 struct ubifs_info *c = dir->i_sb->s_fs_info; 888 struct fscrypt_name nm = { 0 }; 889 struct ubifs_dent_node *dent; 890 union ubifs_key key; 891 int err; 892 893 lowest_dent_key(c, &key, dir->i_ino); 894 dent = ubifs_tnc_next_ent(c, &key, &nm); 895 if (IS_ERR(dent)) { 896 err = PTR_ERR(dent); 897 if (err == -ENOENT) 898 err = 0; 899 } else { 900 kfree(dent); 901 err = -ENOTEMPTY; 902 } 903 return err; 904 } 905 906 static int ubifs_rmdir(struct inode *dir, struct dentry *dentry) 907 { 908 struct ubifs_info *c = dir->i_sb->s_fs_info; 909 struct inode *inode = d_inode(dentry); 910 int err, sz_change, budgeted = 1; 911 struct ubifs_inode *dir_ui = ubifs_inode(dir); 912 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 }; 913 struct fscrypt_name nm; 914 915 /* 916 * Budget request settings: deletion direntry, deletion inode and 917 * changing the parent inode. If budgeting fails, go ahead anyway 918 * because we have extra space reserved for deletions. 919 */ 920 921 dbg_gen("directory '%pd', ino %lu in dir ino %lu", dentry, 922 inode->i_ino, dir->i_ino); 923 ubifs_assert(inode_is_locked(dir)); 924 ubifs_assert(inode_is_locked(inode)); 925 err = ubifs_check_dir_empty(d_inode(dentry)); 926 if (err) 927 return err; 928 929 if (ubifs_crypt_is_encrypted(dir)) { 930 err = fscrypt_get_encryption_info(dir); 931 if (err && err != -ENOKEY) 932 return err; 933 } 934 935 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm); 936 if (err) 937 return err; 938 939 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 940 941 err = ubifs_budget_space(c, &req); 942 if (err) { 943 if (err != -ENOSPC) 944 goto out_fname; 945 budgeted = 0; 946 } 947 948 lock_2_inodes(dir, inode); 949 inode->i_ctime = current_time(dir); 950 clear_nlink(inode); 951 drop_nlink(dir); 952 dir->i_size -= sz_change; 953 dir_ui->ui_size = dir->i_size; 954 dir->i_mtime = dir->i_ctime = inode->i_ctime; 955 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0); 956 if (err) 957 goto out_cancel; 958 unlock_2_inodes(dir, inode); 959 960 if (budgeted) 961 ubifs_release_budget(c, &req); 962 else { 963 /* We've deleted something - clean the "no space" flags */ 964 c->bi.nospace = c->bi.nospace_rp = 0; 965 smp_wmb(); 966 } 967 fscrypt_free_filename(&nm); 968 return 0; 969 970 out_cancel: 971 dir->i_size += sz_change; 972 dir_ui->ui_size = dir->i_size; 973 inc_nlink(dir); 974 set_nlink(inode, 2); 975 unlock_2_inodes(dir, inode); 976 if (budgeted) 977 ubifs_release_budget(c, &req); 978 out_fname: 979 fscrypt_free_filename(&nm); 980 return err; 981 } 982 983 static int ubifs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) 984 { 985 struct inode *inode; 986 struct ubifs_inode *dir_ui = ubifs_inode(dir); 987 struct ubifs_info *c = dir->i_sb->s_fs_info; 988 int err, sz_change; 989 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1 }; 990 struct fscrypt_name nm; 991 992 /* 993 * Budget request settings: new inode, new direntry and changing parent 994 * directory inode. 995 */ 996 997 dbg_gen("dent '%pd', mode %#hx in dir ino %lu", 998 dentry, mode, dir->i_ino); 999 1000 err = ubifs_budget_space(c, &req); 1001 if (err) 1002 return err; 1003 1004 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 1005 if (err) 1006 goto out_budg; 1007 1008 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 1009 1010 inode = ubifs_new_inode(c, dir, S_IFDIR | mode); 1011 if (IS_ERR(inode)) { 1012 err = PTR_ERR(inode); 1013 goto out_fname; 1014 } 1015 1016 err = ubifs_init_security(dir, inode, &dentry->d_name); 1017 if (err) 1018 goto out_inode; 1019 1020 mutex_lock(&dir_ui->ui_mutex); 1021 insert_inode_hash(inode); 1022 inc_nlink(inode); 1023 inc_nlink(dir); 1024 dir->i_size += sz_change; 1025 dir_ui->ui_size = dir->i_size; 1026 dir->i_mtime = dir->i_ctime = inode->i_ctime; 1027 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 1028 if (err) { 1029 ubifs_err(c, "cannot create directory, error %d", err); 1030 goto out_cancel; 1031 } 1032 mutex_unlock(&dir_ui->ui_mutex); 1033 1034 ubifs_release_budget(c, &req); 1035 d_instantiate(dentry, inode); 1036 fscrypt_free_filename(&nm); 1037 return 0; 1038 1039 out_cancel: 1040 dir->i_size -= sz_change; 1041 dir_ui->ui_size = dir->i_size; 1042 drop_nlink(dir); 1043 mutex_unlock(&dir_ui->ui_mutex); 1044 out_inode: 1045 make_bad_inode(inode); 1046 iput(inode); 1047 out_fname: 1048 fscrypt_free_filename(&nm); 1049 out_budg: 1050 ubifs_release_budget(c, &req); 1051 return err; 1052 } 1053 1054 static int ubifs_mknod(struct inode *dir, struct dentry *dentry, 1055 umode_t mode, dev_t rdev) 1056 { 1057 struct inode *inode; 1058 struct ubifs_inode *ui; 1059 struct ubifs_inode *dir_ui = ubifs_inode(dir); 1060 struct ubifs_info *c = dir->i_sb->s_fs_info; 1061 union ubifs_dev_desc *dev = NULL; 1062 int sz_change; 1063 int err, devlen = 0; 1064 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 1065 .dirtied_ino = 1 }; 1066 struct fscrypt_name nm; 1067 1068 /* 1069 * Budget request settings: new inode, new direntry and changing parent 1070 * directory inode. 1071 */ 1072 1073 dbg_gen("dent '%pd' in dir ino %lu", dentry, dir->i_ino); 1074 1075 if (S_ISBLK(mode) || S_ISCHR(mode)) { 1076 dev = kmalloc(sizeof(union ubifs_dev_desc), GFP_NOFS); 1077 if (!dev) 1078 return -ENOMEM; 1079 devlen = ubifs_encode_dev(dev, rdev); 1080 } 1081 1082 req.new_ino_d = ALIGN(devlen, 8); 1083 err = ubifs_budget_space(c, &req); 1084 if (err) { 1085 kfree(dev); 1086 return err; 1087 } 1088 1089 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 1090 if (err) { 1091 kfree(dev); 1092 goto out_budg; 1093 } 1094 1095 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 1096 1097 inode = ubifs_new_inode(c, dir, mode); 1098 if (IS_ERR(inode)) { 1099 kfree(dev); 1100 err = PTR_ERR(inode); 1101 goto out_fname; 1102 } 1103 1104 init_special_inode(inode, inode->i_mode, rdev); 1105 inode->i_size = ubifs_inode(inode)->ui_size = devlen; 1106 ui = ubifs_inode(inode); 1107 ui->data = dev; 1108 ui->data_len = devlen; 1109 1110 err = ubifs_init_security(dir, inode, &dentry->d_name); 1111 if (err) 1112 goto out_inode; 1113 1114 mutex_lock(&dir_ui->ui_mutex); 1115 dir->i_size += sz_change; 1116 dir_ui->ui_size = dir->i_size; 1117 dir->i_mtime = dir->i_ctime = inode->i_ctime; 1118 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 1119 if (err) 1120 goto out_cancel; 1121 mutex_unlock(&dir_ui->ui_mutex); 1122 1123 ubifs_release_budget(c, &req); 1124 insert_inode_hash(inode); 1125 d_instantiate(dentry, inode); 1126 fscrypt_free_filename(&nm); 1127 return 0; 1128 1129 out_cancel: 1130 dir->i_size -= sz_change; 1131 dir_ui->ui_size = dir->i_size; 1132 mutex_unlock(&dir_ui->ui_mutex); 1133 out_inode: 1134 make_bad_inode(inode); 1135 iput(inode); 1136 out_fname: 1137 fscrypt_free_filename(&nm); 1138 out_budg: 1139 ubifs_release_budget(c, &req); 1140 return err; 1141 } 1142 1143 static int ubifs_symlink(struct inode *dir, struct dentry *dentry, 1144 const char *symname) 1145 { 1146 struct inode *inode; 1147 struct ubifs_inode *ui; 1148 struct ubifs_inode *dir_ui = ubifs_inode(dir); 1149 struct ubifs_info *c = dir->i_sb->s_fs_info; 1150 int err, len = strlen(symname); 1151 int sz_change = CALC_DENT_SIZE(len); 1152 struct fscrypt_str disk_link = FSTR_INIT((char *)symname, len + 1); 1153 struct fscrypt_symlink_data *sd = NULL; 1154 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 1155 .new_ino_d = ALIGN(len, 8), 1156 .dirtied_ino = 1 }; 1157 struct fscrypt_name nm; 1158 1159 if (ubifs_crypt_is_encrypted(dir)) { 1160 err = fscrypt_get_encryption_info(dir); 1161 if (err) 1162 goto out_budg; 1163 1164 if (!fscrypt_has_encryption_key(dir)) { 1165 err = -EPERM; 1166 goto out_budg; 1167 } 1168 1169 disk_link.len = (fscrypt_fname_encrypted_size(dir, len) + 1170 sizeof(struct fscrypt_symlink_data)); 1171 } 1172 1173 /* 1174 * Budget request settings: new inode, new direntry and changing parent 1175 * directory inode. 1176 */ 1177 1178 dbg_gen("dent '%pd', target '%s' in dir ino %lu", dentry, 1179 symname, dir->i_ino); 1180 1181 if (disk_link.len > UBIFS_MAX_INO_DATA) 1182 return -ENAMETOOLONG; 1183 1184 err = ubifs_budget_space(c, &req); 1185 if (err) 1186 return err; 1187 1188 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 1189 if (err) 1190 goto out_budg; 1191 1192 inode = ubifs_new_inode(c, dir, S_IFLNK | S_IRWXUGO); 1193 if (IS_ERR(inode)) { 1194 err = PTR_ERR(inode); 1195 goto out_fname; 1196 } 1197 1198 ui = ubifs_inode(inode); 1199 ui->data = kmalloc(disk_link.len, GFP_NOFS); 1200 if (!ui->data) { 1201 err = -ENOMEM; 1202 goto out_inode; 1203 } 1204 1205 if (ubifs_crypt_is_encrypted(dir)) { 1206 struct qstr istr = QSTR_INIT(symname, len); 1207 struct fscrypt_str ostr; 1208 1209 sd = kzalloc(disk_link.len, GFP_NOFS); 1210 if (!sd) { 1211 err = -ENOMEM; 1212 goto out_inode; 1213 } 1214 1215 ostr.name = sd->encrypted_path; 1216 ostr.len = disk_link.len; 1217 1218 err = fscrypt_fname_usr_to_disk(inode, &istr, &ostr); 1219 if (err) { 1220 kfree(sd); 1221 goto out_inode; 1222 } 1223 1224 sd->len = cpu_to_le16(ostr.len); 1225 disk_link.name = (char *)sd; 1226 } else { 1227 inode->i_link = ui->data; 1228 } 1229 1230 memcpy(ui->data, disk_link.name, disk_link.len); 1231 ((char *)ui->data)[disk_link.len - 1] = '\0'; 1232 1233 /* 1234 * The terminating zero byte is not written to the flash media and it 1235 * is put just to make later in-memory string processing simpler. Thus, 1236 * data length is @len, not @len + %1. 1237 */ 1238 ui->data_len = disk_link.len - 1; 1239 inode->i_size = ubifs_inode(inode)->ui_size = disk_link.len - 1; 1240 1241 err = ubifs_init_security(dir, inode, &dentry->d_name); 1242 if (err) 1243 goto out_inode; 1244 1245 mutex_lock(&dir_ui->ui_mutex); 1246 dir->i_size += sz_change; 1247 dir_ui->ui_size = dir->i_size; 1248 dir->i_mtime = dir->i_ctime = inode->i_ctime; 1249 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 1250 if (err) 1251 goto out_cancel; 1252 mutex_unlock(&dir_ui->ui_mutex); 1253 1254 ubifs_release_budget(c, &req); 1255 insert_inode_hash(inode); 1256 d_instantiate(dentry, inode); 1257 fscrypt_free_filename(&nm); 1258 return 0; 1259 1260 out_cancel: 1261 dir->i_size -= sz_change; 1262 dir_ui->ui_size = dir->i_size; 1263 mutex_unlock(&dir_ui->ui_mutex); 1264 out_inode: 1265 make_bad_inode(inode); 1266 iput(inode); 1267 out_fname: 1268 fscrypt_free_filename(&nm); 1269 out_budg: 1270 ubifs_release_budget(c, &req); 1271 return err; 1272 } 1273 1274 /** 1275 * lock_4_inodes - a wrapper for locking three UBIFS inodes. 1276 * @inode1: first inode 1277 * @inode2: second inode 1278 * @inode3: third inode 1279 * @inode4: fouth inode 1280 * 1281 * This function is used for 'ubifs_rename()' and @inode1 may be the same as 1282 * @inode2 whereas @inode3 and @inode4 may be %NULL. 1283 * 1284 * We do not implement any tricks to guarantee strict lock ordering, because 1285 * VFS has already done it for us on the @i_mutex. So this is just a simple 1286 * wrapper function. 1287 */ 1288 static void lock_4_inodes(struct inode *inode1, struct inode *inode2, 1289 struct inode *inode3, struct inode *inode4) 1290 { 1291 mutex_lock_nested(&ubifs_inode(inode1)->ui_mutex, WB_MUTEX_1); 1292 if (inode2 != inode1) 1293 mutex_lock_nested(&ubifs_inode(inode2)->ui_mutex, WB_MUTEX_2); 1294 if (inode3) 1295 mutex_lock_nested(&ubifs_inode(inode3)->ui_mutex, WB_MUTEX_3); 1296 if (inode4) 1297 mutex_lock_nested(&ubifs_inode(inode4)->ui_mutex, WB_MUTEX_4); 1298 } 1299 1300 /** 1301 * unlock_4_inodes - a wrapper for unlocking three UBIFS inodes for rename. 1302 * @inode1: first inode 1303 * @inode2: second inode 1304 * @inode3: third inode 1305 * @inode4: fouth inode 1306 */ 1307 static void unlock_4_inodes(struct inode *inode1, struct inode *inode2, 1308 struct inode *inode3, struct inode *inode4) 1309 { 1310 if (inode4) 1311 mutex_unlock(&ubifs_inode(inode4)->ui_mutex); 1312 if (inode3) 1313 mutex_unlock(&ubifs_inode(inode3)->ui_mutex); 1314 if (inode1 != inode2) 1315 mutex_unlock(&ubifs_inode(inode2)->ui_mutex); 1316 mutex_unlock(&ubifs_inode(inode1)->ui_mutex); 1317 } 1318 1319 static int do_rename(struct inode *old_dir, struct dentry *old_dentry, 1320 struct inode *new_dir, struct dentry *new_dentry, 1321 unsigned int flags) 1322 { 1323 struct ubifs_info *c = old_dir->i_sb->s_fs_info; 1324 struct inode *old_inode = d_inode(old_dentry); 1325 struct inode *new_inode = d_inode(new_dentry); 1326 struct inode *whiteout = NULL; 1327 struct ubifs_inode *old_inode_ui = ubifs_inode(old_inode); 1328 struct ubifs_inode *whiteout_ui = NULL; 1329 int err, release, sync = 0, move = (new_dir != old_dir); 1330 int is_dir = S_ISDIR(old_inode->i_mode); 1331 int unlink = !!new_inode, new_sz, old_sz; 1332 struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1, 1333 .dirtied_ino = 3 }; 1334 struct ubifs_budget_req ino_req = { .dirtied_ino = 1, 1335 .dirtied_ino_d = ALIGN(old_inode_ui->data_len, 8) }; 1336 struct timespec time; 1337 unsigned int uninitialized_var(saved_nlink); 1338 struct fscrypt_name old_nm, new_nm; 1339 1340 /* 1341 * Budget request settings: deletion direntry, new direntry, removing 1342 * the old inode, and changing old and new parent directory inodes. 1343 * 1344 * However, this operation also marks the target inode as dirty and 1345 * does not write it, so we allocate budget for the target inode 1346 * separately. 1347 */ 1348 1349 dbg_gen("dent '%pd' ino %lu in dir ino %lu to dent '%pd' in dir ino %lu flags 0x%x", 1350 old_dentry, old_inode->i_ino, old_dir->i_ino, 1351 new_dentry, new_dir->i_ino, flags); 1352 1353 if (unlink) 1354 ubifs_assert(inode_is_locked(new_inode)); 1355 1356 if (old_dir != new_dir) { 1357 if (ubifs_crypt_is_encrypted(new_dir) && 1358 !fscrypt_has_permitted_context(new_dir, old_inode)) 1359 return -EPERM; 1360 } 1361 1362 if (unlink && is_dir) { 1363 err = ubifs_check_dir_empty(new_inode); 1364 if (err) 1365 return err; 1366 } 1367 1368 err = fscrypt_setup_filename(old_dir, &old_dentry->d_name, 0, &old_nm); 1369 if (err) 1370 return err; 1371 1372 err = fscrypt_setup_filename(new_dir, &new_dentry->d_name, 0, &new_nm); 1373 if (err) { 1374 fscrypt_free_filename(&old_nm); 1375 return err; 1376 } 1377 1378 new_sz = CALC_DENT_SIZE(fname_len(&new_nm)); 1379 old_sz = CALC_DENT_SIZE(fname_len(&old_nm)); 1380 1381 err = ubifs_budget_space(c, &req); 1382 if (err) { 1383 fscrypt_free_filename(&old_nm); 1384 fscrypt_free_filename(&new_nm); 1385 return err; 1386 } 1387 err = ubifs_budget_space(c, &ino_req); 1388 if (err) { 1389 fscrypt_free_filename(&old_nm); 1390 fscrypt_free_filename(&new_nm); 1391 ubifs_release_budget(c, &req); 1392 return err; 1393 } 1394 1395 if (flags & RENAME_WHITEOUT) { 1396 union ubifs_dev_desc *dev = NULL; 1397 1398 dev = kmalloc(sizeof(union ubifs_dev_desc), GFP_NOFS); 1399 if (!dev) { 1400 err = -ENOMEM; 1401 goto out_release; 1402 } 1403 1404 err = do_tmpfile(old_dir, old_dentry, S_IFCHR | WHITEOUT_MODE, &whiteout); 1405 if (err) { 1406 kfree(dev); 1407 goto out_release; 1408 } 1409 1410 whiteout->i_state |= I_LINKABLE; 1411 whiteout_ui = ubifs_inode(whiteout); 1412 whiteout_ui->data = dev; 1413 whiteout_ui->data_len = ubifs_encode_dev(dev, MKDEV(0, 0)); 1414 ubifs_assert(!whiteout_ui->dirty); 1415 } 1416 1417 lock_4_inodes(old_dir, new_dir, new_inode, whiteout); 1418 1419 /* 1420 * Like most other Unix systems, set the @i_ctime for inodes on a 1421 * rename. 1422 */ 1423 time = current_time(old_dir); 1424 old_inode->i_ctime = time; 1425 1426 /* We must adjust parent link count when renaming directories */ 1427 if (is_dir) { 1428 if (move) { 1429 /* 1430 * @old_dir loses a link because we are moving 1431 * @old_inode to a different directory. 1432 */ 1433 drop_nlink(old_dir); 1434 /* 1435 * @new_dir only gains a link if we are not also 1436 * overwriting an existing directory. 1437 */ 1438 if (!unlink) 1439 inc_nlink(new_dir); 1440 } else { 1441 /* 1442 * @old_inode is not moving to a different directory, 1443 * but @old_dir still loses a link if we are 1444 * overwriting an existing directory. 1445 */ 1446 if (unlink) 1447 drop_nlink(old_dir); 1448 } 1449 } 1450 1451 old_dir->i_size -= old_sz; 1452 ubifs_inode(old_dir)->ui_size = old_dir->i_size; 1453 old_dir->i_mtime = old_dir->i_ctime = time; 1454 new_dir->i_mtime = new_dir->i_ctime = time; 1455 1456 /* 1457 * And finally, if we unlinked a direntry which happened to have the 1458 * same name as the moved direntry, we have to decrement @i_nlink of 1459 * the unlinked inode and change its ctime. 1460 */ 1461 if (unlink) { 1462 /* 1463 * Directories cannot have hard-links, so if this is a 1464 * directory, just clear @i_nlink. 1465 */ 1466 saved_nlink = new_inode->i_nlink; 1467 if (is_dir) 1468 clear_nlink(new_inode); 1469 else 1470 drop_nlink(new_inode); 1471 new_inode->i_ctime = time; 1472 } else { 1473 new_dir->i_size += new_sz; 1474 ubifs_inode(new_dir)->ui_size = new_dir->i_size; 1475 } 1476 1477 /* 1478 * Do not ask 'ubifs_jnl_rename()' to flush write-buffer if @old_inode 1479 * is dirty, because this will be done later on at the end of 1480 * 'ubifs_rename()'. 1481 */ 1482 if (IS_SYNC(old_inode)) { 1483 sync = IS_DIRSYNC(old_dir) || IS_DIRSYNC(new_dir); 1484 if (unlink && IS_SYNC(new_inode)) 1485 sync = 1; 1486 } 1487 1488 if (whiteout) { 1489 struct ubifs_budget_req wht_req = { .dirtied_ino = 1, 1490 .dirtied_ino_d = \ 1491 ALIGN(ubifs_inode(whiteout)->data_len, 8) }; 1492 1493 err = ubifs_budget_space(c, &wht_req); 1494 if (err) { 1495 kfree(whiteout_ui->data); 1496 whiteout_ui->data_len = 0; 1497 iput(whiteout); 1498 goto out_release; 1499 } 1500 1501 inc_nlink(whiteout); 1502 mark_inode_dirty(whiteout); 1503 whiteout->i_state &= ~I_LINKABLE; 1504 iput(whiteout); 1505 } 1506 1507 err = ubifs_jnl_rename(c, old_dir, old_inode, &old_nm, new_dir, 1508 new_inode, &new_nm, whiteout, sync); 1509 if (err) 1510 goto out_cancel; 1511 1512 unlock_4_inodes(old_dir, new_dir, new_inode, whiteout); 1513 ubifs_release_budget(c, &req); 1514 1515 mutex_lock(&old_inode_ui->ui_mutex); 1516 release = old_inode_ui->dirty; 1517 mark_inode_dirty_sync(old_inode); 1518 mutex_unlock(&old_inode_ui->ui_mutex); 1519 1520 if (release) 1521 ubifs_release_budget(c, &ino_req); 1522 if (IS_SYNC(old_inode)) 1523 err = old_inode->i_sb->s_op->write_inode(old_inode, NULL); 1524 1525 fscrypt_free_filename(&old_nm); 1526 fscrypt_free_filename(&new_nm); 1527 return err; 1528 1529 out_cancel: 1530 if (unlink) { 1531 set_nlink(new_inode, saved_nlink); 1532 } else { 1533 new_dir->i_size -= new_sz; 1534 ubifs_inode(new_dir)->ui_size = new_dir->i_size; 1535 } 1536 old_dir->i_size += old_sz; 1537 ubifs_inode(old_dir)->ui_size = old_dir->i_size; 1538 if (is_dir) { 1539 if (move) { 1540 inc_nlink(old_dir); 1541 if (!unlink) 1542 drop_nlink(new_dir); 1543 } else { 1544 if (unlink) 1545 inc_nlink(old_dir); 1546 } 1547 } 1548 if (whiteout) { 1549 drop_nlink(whiteout); 1550 iput(whiteout); 1551 } 1552 unlock_4_inodes(old_dir, new_dir, new_inode, whiteout); 1553 out_release: 1554 ubifs_release_budget(c, &ino_req); 1555 ubifs_release_budget(c, &req); 1556 fscrypt_free_filename(&old_nm); 1557 fscrypt_free_filename(&new_nm); 1558 return err; 1559 } 1560 1561 static int ubifs_xrename(struct inode *old_dir, struct dentry *old_dentry, 1562 struct inode *new_dir, struct dentry *new_dentry) 1563 { 1564 struct ubifs_info *c = old_dir->i_sb->s_fs_info; 1565 struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1, 1566 .dirtied_ino = 2 }; 1567 int sync = IS_DIRSYNC(old_dir) || IS_DIRSYNC(new_dir); 1568 struct inode *fst_inode = d_inode(old_dentry); 1569 struct inode *snd_inode = d_inode(new_dentry); 1570 struct timespec time; 1571 int err; 1572 struct fscrypt_name fst_nm, snd_nm; 1573 1574 ubifs_assert(fst_inode && snd_inode); 1575 1576 if ((ubifs_crypt_is_encrypted(old_dir) || 1577 ubifs_crypt_is_encrypted(new_dir)) && 1578 (old_dir != new_dir) && 1579 (!fscrypt_has_permitted_context(new_dir, fst_inode) || 1580 !fscrypt_has_permitted_context(old_dir, snd_inode))) 1581 return -EPERM; 1582 1583 err = fscrypt_setup_filename(old_dir, &old_dentry->d_name, 0, &fst_nm); 1584 if (err) 1585 return err; 1586 1587 err = fscrypt_setup_filename(new_dir, &new_dentry->d_name, 0, &snd_nm); 1588 if (err) { 1589 fscrypt_free_filename(&fst_nm); 1590 return err; 1591 } 1592 1593 lock_4_inodes(old_dir, new_dir, NULL, NULL); 1594 1595 time = current_time(old_dir); 1596 fst_inode->i_ctime = time; 1597 snd_inode->i_ctime = time; 1598 old_dir->i_mtime = old_dir->i_ctime = time; 1599 new_dir->i_mtime = new_dir->i_ctime = time; 1600 1601 if (old_dir != new_dir) { 1602 if (S_ISDIR(fst_inode->i_mode) && !S_ISDIR(snd_inode->i_mode)) { 1603 inc_nlink(new_dir); 1604 drop_nlink(old_dir); 1605 } 1606 else if (!S_ISDIR(fst_inode->i_mode) && S_ISDIR(snd_inode->i_mode)) { 1607 drop_nlink(new_dir); 1608 inc_nlink(old_dir); 1609 } 1610 } 1611 1612 err = ubifs_jnl_xrename(c, old_dir, fst_inode, &fst_nm, new_dir, 1613 snd_inode, &snd_nm, sync); 1614 1615 unlock_4_inodes(old_dir, new_dir, NULL, NULL); 1616 ubifs_release_budget(c, &req); 1617 1618 fscrypt_free_filename(&fst_nm); 1619 fscrypt_free_filename(&snd_nm); 1620 return err; 1621 } 1622 1623 static int ubifs_rename(struct inode *old_dir, struct dentry *old_dentry, 1624 struct inode *new_dir, struct dentry *new_dentry, 1625 unsigned int flags) 1626 { 1627 if (flags & ~(RENAME_NOREPLACE | RENAME_WHITEOUT | RENAME_EXCHANGE)) 1628 return -EINVAL; 1629 1630 ubifs_assert(inode_is_locked(old_dir)); 1631 ubifs_assert(inode_is_locked(new_dir)); 1632 1633 if (flags & RENAME_EXCHANGE) 1634 return ubifs_xrename(old_dir, old_dentry, new_dir, new_dentry); 1635 1636 return do_rename(old_dir, old_dentry, new_dir, new_dentry, flags); 1637 } 1638 1639 int ubifs_getattr(const struct path *path, struct kstat *stat, 1640 u32 request_mask, unsigned int flags) 1641 { 1642 loff_t size; 1643 struct inode *inode = d_inode(path->dentry); 1644 struct ubifs_inode *ui = ubifs_inode(inode); 1645 1646 mutex_lock(&ui->ui_mutex); 1647 1648 if (ui->flags & UBIFS_APPEND_FL) 1649 stat->attributes |= STATX_ATTR_APPEND; 1650 if (ui->flags & UBIFS_COMPR_FL) 1651 stat->attributes |= STATX_ATTR_COMPRESSED; 1652 if (ui->flags & UBIFS_CRYPT_FL) 1653 stat->attributes |= STATX_ATTR_ENCRYPTED; 1654 if (ui->flags & UBIFS_IMMUTABLE_FL) 1655 stat->attributes |= STATX_ATTR_IMMUTABLE; 1656 1657 stat->attributes_mask |= (STATX_ATTR_APPEND | 1658 STATX_ATTR_COMPRESSED | 1659 STATX_ATTR_ENCRYPTED | 1660 STATX_ATTR_IMMUTABLE); 1661 1662 generic_fillattr(inode, stat); 1663 stat->blksize = UBIFS_BLOCK_SIZE; 1664 stat->size = ui->ui_size; 1665 1666 /* 1667 * Unfortunately, the 'stat()' system call was designed for block 1668 * device based file systems, and it is not appropriate for UBIFS, 1669 * because UBIFS does not have notion of "block". For example, it is 1670 * difficult to tell how many block a directory takes - it actually 1671 * takes less than 300 bytes, but we have to round it to block size, 1672 * which introduces large mistake. This makes utilities like 'du' to 1673 * report completely senseless numbers. This is the reason why UBIFS 1674 * goes the same way as JFFS2 - it reports zero blocks for everything 1675 * but regular files, which makes more sense than reporting completely 1676 * wrong sizes. 1677 */ 1678 if (S_ISREG(inode->i_mode)) { 1679 size = ui->xattr_size; 1680 size += stat->size; 1681 size = ALIGN(size, UBIFS_BLOCK_SIZE); 1682 /* 1683 * Note, user-space expects 512-byte blocks count irrespectively 1684 * of what was reported in @stat->size. 1685 */ 1686 stat->blocks = size >> 9; 1687 } else 1688 stat->blocks = 0; 1689 mutex_unlock(&ui->ui_mutex); 1690 return 0; 1691 } 1692 1693 static int ubifs_dir_open(struct inode *dir, struct file *file) 1694 { 1695 if (ubifs_crypt_is_encrypted(dir)) 1696 return fscrypt_get_encryption_info(dir) ? -EACCES : 0; 1697 1698 return 0; 1699 } 1700 1701 const struct inode_operations ubifs_dir_inode_operations = { 1702 .lookup = ubifs_lookup, 1703 .create = ubifs_create, 1704 .link = ubifs_link, 1705 .symlink = ubifs_symlink, 1706 .unlink = ubifs_unlink, 1707 .mkdir = ubifs_mkdir, 1708 .rmdir = ubifs_rmdir, 1709 .mknod = ubifs_mknod, 1710 .rename = ubifs_rename, 1711 .setattr = ubifs_setattr, 1712 .getattr = ubifs_getattr, 1713 .listxattr = ubifs_listxattr, 1714 #ifdef CONFIG_UBIFS_ATIME_SUPPORT 1715 .update_time = ubifs_update_time, 1716 #endif 1717 .tmpfile = ubifs_tmpfile, 1718 }; 1719 1720 const struct file_operations ubifs_dir_operations = { 1721 .llseek = generic_file_llseek, 1722 .release = ubifs_dir_release, 1723 .read = generic_read_dir, 1724 .iterate_shared = ubifs_readdir, 1725 .fsync = ubifs_fsync, 1726 .unlocked_ioctl = ubifs_ioctl, 1727 .open = ubifs_dir_open, 1728 #ifdef CONFIG_COMPAT 1729 .compat_ioctl = ubifs_compat_ioctl, 1730 #endif 1731 }; 1732