1 /* 2 * Copyright (c) 2000-2005 Silicon Graphics, Inc. 3 * All Rights Reserved. 4 * 5 * This program is free software; you can redistribute it and/or 6 * modify it under the terms of the GNU General Public License as 7 * published by the Free Software Foundation. 8 * 9 * This program is distributed in the hope that it would be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, write the Free Software Foundation, 16 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 17 */ 18 #include "xfs.h" 19 #include "xfs_fs.h" 20 #include "xfs_shared.h" 21 #include "xfs_format.h" 22 #include "xfs_log_format.h" 23 #include "xfs_trans_resv.h" 24 #include "xfs_mount.h" 25 #include "xfs_da_format.h" 26 #include "xfs_inode.h" 27 #include "xfs_bmap.h" 28 #include "xfs_bmap_util.h" 29 #include "xfs_acl.h" 30 #include "xfs_quota.h" 31 #include "xfs_error.h" 32 #include "xfs_attr.h" 33 #include "xfs_trans.h" 34 #include "xfs_trace.h" 35 #include "xfs_icache.h" 36 #include "xfs_symlink.h" 37 #include "xfs_da_btree.h" 38 #include "xfs_dir2.h" 39 #include "xfs_trans_space.h" 40 #include "xfs_pnfs.h" 41 42 #include <linux/capability.h> 43 #include <linux/xattr.h> 44 #include <linux/posix_acl.h> 45 #include <linux/security.h> 46 #include <linux/fiemap.h> 47 #include <linux/slab.h> 48 49 /* 50 * Directories have different lock order w.r.t. mmap_sem compared to regular 51 * files. This is due to readdir potentially triggering page faults on a user 52 * buffer inside filldir(), and this happens with the ilock on the directory 53 * held. For regular files, the lock order is the other way around - the 54 * mmap_sem is taken during the page fault, and then we lock the ilock to do 55 * block mapping. Hence we need a different class for the directory ilock so 56 * that lockdep can tell them apart. 57 */ 58 static struct lock_class_key xfs_nondir_ilock_class; 59 static struct lock_class_key xfs_dir_ilock_class; 60 61 static int 62 xfs_initxattrs( 63 struct inode *inode, 64 const struct xattr *xattr_array, 65 void *fs_info) 66 { 67 const struct xattr *xattr; 68 struct xfs_inode *ip = XFS_I(inode); 69 int error = 0; 70 71 for (xattr = xattr_array; xattr->name != NULL; xattr++) { 72 error = xfs_attr_set(ip, xattr->name, xattr->value, 73 xattr->value_len, ATTR_SECURE); 74 if (error < 0) 75 break; 76 } 77 return error; 78 } 79 80 /* 81 * Hook in SELinux. This is not quite correct yet, what we really need 82 * here (as we do for default ACLs) is a mechanism by which creation of 83 * these attrs can be journalled at inode creation time (along with the 84 * inode, of course, such that log replay can't cause these to be lost). 85 */ 86 87 STATIC int 88 xfs_init_security( 89 struct inode *inode, 90 struct inode *dir, 91 const struct qstr *qstr) 92 { 93 return security_inode_init_security(inode, dir, qstr, 94 &xfs_initxattrs, NULL); 95 } 96 97 static void 98 xfs_dentry_to_name( 99 struct xfs_name *namep, 100 struct dentry *dentry, 101 int mode) 102 { 103 namep->name = dentry->d_name.name; 104 namep->len = dentry->d_name.len; 105 namep->type = xfs_mode_to_ftype[(mode & S_IFMT) >> S_SHIFT]; 106 } 107 108 STATIC void 109 xfs_cleanup_inode( 110 struct inode *dir, 111 struct inode *inode, 112 struct dentry *dentry) 113 { 114 struct xfs_name teardown; 115 116 /* Oh, the horror. 117 * If we can't add the ACL or we fail in 118 * xfs_init_security we must back out. 119 * ENOSPC can hit here, among other things. 120 */ 121 xfs_dentry_to_name(&teardown, dentry, 0); 122 123 xfs_remove(XFS_I(dir), &teardown, XFS_I(inode)); 124 } 125 126 STATIC int 127 xfs_generic_create( 128 struct inode *dir, 129 struct dentry *dentry, 130 umode_t mode, 131 dev_t rdev, 132 bool tmpfile) /* unnamed file */ 133 { 134 struct inode *inode; 135 struct xfs_inode *ip = NULL; 136 struct posix_acl *default_acl, *acl; 137 struct xfs_name name; 138 int error; 139 140 /* 141 * Irix uses Missed'em'V split, but doesn't want to see 142 * the upper 5 bits of (14bit) major. 143 */ 144 if (S_ISCHR(mode) || S_ISBLK(mode)) { 145 if (unlikely(!sysv_valid_dev(rdev) || MAJOR(rdev) & ~0x1ff)) 146 return -EINVAL; 147 rdev = sysv_encode_dev(rdev); 148 } else { 149 rdev = 0; 150 } 151 152 error = posix_acl_create(dir, &mode, &default_acl, &acl); 153 if (error) 154 return error; 155 156 if (!tmpfile) { 157 xfs_dentry_to_name(&name, dentry, mode); 158 error = xfs_create(XFS_I(dir), &name, mode, rdev, &ip); 159 } else { 160 error = xfs_create_tmpfile(XFS_I(dir), dentry, mode, &ip); 161 } 162 if (unlikely(error)) 163 goto out_free_acl; 164 165 inode = VFS_I(ip); 166 167 error = xfs_init_security(inode, dir, &dentry->d_name); 168 if (unlikely(error)) 169 goto out_cleanup_inode; 170 171 #ifdef CONFIG_XFS_POSIX_ACL 172 if (default_acl) { 173 error = xfs_set_acl(inode, default_acl, ACL_TYPE_DEFAULT); 174 if (error) 175 goto out_cleanup_inode; 176 } 177 if (acl) { 178 error = xfs_set_acl(inode, acl, ACL_TYPE_ACCESS); 179 if (error) 180 goto out_cleanup_inode; 181 } 182 #endif 183 184 if (tmpfile) 185 d_tmpfile(dentry, inode); 186 else 187 d_instantiate(dentry, inode); 188 189 xfs_finish_inode_setup(ip); 190 191 out_free_acl: 192 if (default_acl) 193 posix_acl_release(default_acl); 194 if (acl) 195 posix_acl_release(acl); 196 return error; 197 198 out_cleanup_inode: 199 xfs_finish_inode_setup(ip); 200 if (!tmpfile) 201 xfs_cleanup_inode(dir, inode, dentry); 202 iput(inode); 203 goto out_free_acl; 204 } 205 206 STATIC int 207 xfs_vn_mknod( 208 struct inode *dir, 209 struct dentry *dentry, 210 umode_t mode, 211 dev_t rdev) 212 { 213 return xfs_generic_create(dir, dentry, mode, rdev, false); 214 } 215 216 STATIC int 217 xfs_vn_create( 218 struct inode *dir, 219 struct dentry *dentry, 220 umode_t mode, 221 bool flags) 222 { 223 return xfs_vn_mknod(dir, dentry, mode, 0); 224 } 225 226 STATIC int 227 xfs_vn_mkdir( 228 struct inode *dir, 229 struct dentry *dentry, 230 umode_t mode) 231 { 232 return xfs_vn_mknod(dir, dentry, mode|S_IFDIR, 0); 233 } 234 235 STATIC struct dentry * 236 xfs_vn_lookup( 237 struct inode *dir, 238 struct dentry *dentry, 239 unsigned int flags) 240 { 241 struct xfs_inode *cip; 242 struct xfs_name name; 243 int error; 244 245 if (dentry->d_name.len >= MAXNAMELEN) 246 return ERR_PTR(-ENAMETOOLONG); 247 248 xfs_dentry_to_name(&name, dentry, 0); 249 error = xfs_lookup(XFS_I(dir), &name, &cip, NULL); 250 if (unlikely(error)) { 251 if (unlikely(error != -ENOENT)) 252 return ERR_PTR(error); 253 d_add(dentry, NULL); 254 return NULL; 255 } 256 257 return d_splice_alias(VFS_I(cip), dentry); 258 } 259 260 STATIC struct dentry * 261 xfs_vn_ci_lookup( 262 struct inode *dir, 263 struct dentry *dentry, 264 unsigned int flags) 265 { 266 struct xfs_inode *ip; 267 struct xfs_name xname; 268 struct xfs_name ci_name; 269 struct qstr dname; 270 int error; 271 272 if (dentry->d_name.len >= MAXNAMELEN) 273 return ERR_PTR(-ENAMETOOLONG); 274 275 xfs_dentry_to_name(&xname, dentry, 0); 276 error = xfs_lookup(XFS_I(dir), &xname, &ip, &ci_name); 277 if (unlikely(error)) { 278 if (unlikely(error != -ENOENT)) 279 return ERR_PTR(error); 280 /* 281 * call d_add(dentry, NULL) here when d_drop_negative_children 282 * is called in xfs_vn_mknod (ie. allow negative dentries 283 * with CI filesystems). 284 */ 285 return NULL; 286 } 287 288 /* if exact match, just splice and exit */ 289 if (!ci_name.name) 290 return d_splice_alias(VFS_I(ip), dentry); 291 292 /* else case-insensitive match... */ 293 dname.name = ci_name.name; 294 dname.len = ci_name.len; 295 dentry = d_add_ci(dentry, VFS_I(ip), &dname); 296 kmem_free(ci_name.name); 297 return dentry; 298 } 299 300 STATIC int 301 xfs_vn_link( 302 struct dentry *old_dentry, 303 struct inode *dir, 304 struct dentry *dentry) 305 { 306 struct inode *inode = d_inode(old_dentry); 307 struct xfs_name name; 308 int error; 309 310 xfs_dentry_to_name(&name, dentry, inode->i_mode); 311 312 error = xfs_link(XFS_I(dir), XFS_I(inode), &name); 313 if (unlikely(error)) 314 return error; 315 316 ihold(inode); 317 d_instantiate(dentry, inode); 318 return 0; 319 } 320 321 STATIC int 322 xfs_vn_unlink( 323 struct inode *dir, 324 struct dentry *dentry) 325 { 326 struct xfs_name name; 327 int error; 328 329 xfs_dentry_to_name(&name, dentry, 0); 330 331 error = xfs_remove(XFS_I(dir), &name, XFS_I(d_inode(dentry))); 332 if (error) 333 return error; 334 335 /* 336 * With unlink, the VFS makes the dentry "negative": no inode, 337 * but still hashed. This is incompatible with case-insensitive 338 * mode, so invalidate (unhash) the dentry in CI-mode. 339 */ 340 if (xfs_sb_version_hasasciici(&XFS_M(dir->i_sb)->m_sb)) 341 d_invalidate(dentry); 342 return 0; 343 } 344 345 STATIC int 346 xfs_vn_symlink( 347 struct inode *dir, 348 struct dentry *dentry, 349 const char *symname) 350 { 351 struct inode *inode; 352 struct xfs_inode *cip = NULL; 353 struct xfs_name name; 354 int error; 355 umode_t mode; 356 357 mode = S_IFLNK | 358 (irix_symlink_mode ? 0777 & ~current_umask() : S_IRWXUGO); 359 xfs_dentry_to_name(&name, dentry, mode); 360 361 error = xfs_symlink(XFS_I(dir), &name, symname, mode, &cip); 362 if (unlikely(error)) 363 goto out; 364 365 inode = VFS_I(cip); 366 367 error = xfs_init_security(inode, dir, &dentry->d_name); 368 if (unlikely(error)) 369 goto out_cleanup_inode; 370 371 d_instantiate(dentry, inode); 372 xfs_finish_inode_setup(cip); 373 return 0; 374 375 out_cleanup_inode: 376 xfs_finish_inode_setup(cip); 377 xfs_cleanup_inode(dir, inode, dentry); 378 iput(inode); 379 out: 380 return error; 381 } 382 383 STATIC int 384 xfs_vn_rename( 385 struct inode *odir, 386 struct dentry *odentry, 387 struct inode *ndir, 388 struct dentry *ndentry, 389 unsigned int flags) 390 { 391 struct inode *new_inode = d_inode(ndentry); 392 int omode = 0; 393 struct xfs_name oname; 394 struct xfs_name nname; 395 396 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT)) 397 return -EINVAL; 398 399 /* if we are exchanging files, we need to set i_mode of both files */ 400 if (flags & RENAME_EXCHANGE) 401 omode = d_inode(ndentry)->i_mode; 402 403 xfs_dentry_to_name(&oname, odentry, omode); 404 xfs_dentry_to_name(&nname, ndentry, d_inode(odentry)->i_mode); 405 406 return xfs_rename(XFS_I(odir), &oname, XFS_I(d_inode(odentry)), 407 XFS_I(ndir), &nname, 408 new_inode ? XFS_I(new_inode) : NULL, flags); 409 } 410 411 /* 412 * careful here - this function can get called recursively, so 413 * we need to be very careful about how much stack we use. 414 * uio is kmalloced for this reason... 415 */ 416 STATIC const char * 417 xfs_vn_get_link( 418 struct dentry *dentry, 419 struct inode *inode, 420 struct delayed_call *done) 421 { 422 char *link; 423 int error = -ENOMEM; 424 425 if (!dentry) 426 return ERR_PTR(-ECHILD); 427 428 link = kmalloc(MAXPATHLEN+1, GFP_KERNEL); 429 if (!link) 430 goto out_err; 431 432 error = xfs_readlink(XFS_I(d_inode(dentry)), link); 433 if (unlikely(error)) 434 goto out_kfree; 435 436 set_delayed_call(done, kfree_link, link); 437 return link; 438 439 out_kfree: 440 kfree(link); 441 out_err: 442 return ERR_PTR(error); 443 } 444 445 STATIC int 446 xfs_vn_getattr( 447 struct vfsmount *mnt, 448 struct dentry *dentry, 449 struct kstat *stat) 450 { 451 struct inode *inode = d_inode(dentry); 452 struct xfs_inode *ip = XFS_I(inode); 453 struct xfs_mount *mp = ip->i_mount; 454 455 trace_xfs_getattr(ip); 456 457 if (XFS_FORCED_SHUTDOWN(mp)) 458 return -EIO; 459 460 stat->size = XFS_ISIZE(ip); 461 stat->dev = inode->i_sb->s_dev; 462 stat->mode = ip->i_d.di_mode; 463 stat->nlink = ip->i_d.di_nlink; 464 stat->uid = inode->i_uid; 465 stat->gid = inode->i_gid; 466 stat->ino = ip->i_ino; 467 stat->atime = inode->i_atime; 468 stat->mtime = inode->i_mtime; 469 stat->ctime = inode->i_ctime; 470 stat->blocks = 471 XFS_FSB_TO_BB(mp, ip->i_d.di_nblocks + ip->i_delayed_blks); 472 473 474 switch (inode->i_mode & S_IFMT) { 475 case S_IFBLK: 476 case S_IFCHR: 477 stat->blksize = BLKDEV_IOSIZE; 478 stat->rdev = MKDEV(sysv_major(ip->i_df.if_u2.if_rdev) & 0x1ff, 479 sysv_minor(ip->i_df.if_u2.if_rdev)); 480 break; 481 default: 482 if (XFS_IS_REALTIME_INODE(ip)) { 483 /* 484 * If the file blocks are being allocated from a 485 * realtime volume, then return the inode's realtime 486 * extent size or the realtime volume's extent size. 487 */ 488 stat->blksize = 489 xfs_get_extsz_hint(ip) << mp->m_sb.sb_blocklog; 490 } else 491 stat->blksize = xfs_preferred_iosize(mp); 492 stat->rdev = 0; 493 break; 494 } 495 496 return 0; 497 } 498 499 static void 500 xfs_setattr_mode( 501 struct xfs_inode *ip, 502 struct iattr *iattr) 503 { 504 struct inode *inode = VFS_I(ip); 505 umode_t mode = iattr->ia_mode; 506 507 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL)); 508 509 ip->i_d.di_mode &= S_IFMT; 510 ip->i_d.di_mode |= mode & ~S_IFMT; 511 512 inode->i_mode &= S_IFMT; 513 inode->i_mode |= mode & ~S_IFMT; 514 } 515 516 void 517 xfs_setattr_time( 518 struct xfs_inode *ip, 519 struct iattr *iattr) 520 { 521 struct inode *inode = VFS_I(ip); 522 523 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL)); 524 525 if (iattr->ia_valid & ATTR_ATIME) { 526 inode->i_atime = iattr->ia_atime; 527 ip->i_d.di_atime.t_sec = iattr->ia_atime.tv_sec; 528 ip->i_d.di_atime.t_nsec = iattr->ia_atime.tv_nsec; 529 } 530 if (iattr->ia_valid & ATTR_CTIME) { 531 inode->i_ctime = iattr->ia_ctime; 532 ip->i_d.di_ctime.t_sec = iattr->ia_ctime.tv_sec; 533 ip->i_d.di_ctime.t_nsec = iattr->ia_ctime.tv_nsec; 534 } 535 if (iattr->ia_valid & ATTR_MTIME) { 536 inode->i_mtime = iattr->ia_mtime; 537 ip->i_d.di_mtime.t_sec = iattr->ia_mtime.tv_sec; 538 ip->i_d.di_mtime.t_nsec = iattr->ia_mtime.tv_nsec; 539 } 540 } 541 542 int 543 xfs_setattr_nonsize( 544 struct xfs_inode *ip, 545 struct iattr *iattr, 546 int flags) 547 { 548 xfs_mount_t *mp = ip->i_mount; 549 struct inode *inode = VFS_I(ip); 550 int mask = iattr->ia_valid; 551 xfs_trans_t *tp; 552 int error; 553 kuid_t uid = GLOBAL_ROOT_UID, iuid = GLOBAL_ROOT_UID; 554 kgid_t gid = GLOBAL_ROOT_GID, igid = GLOBAL_ROOT_GID; 555 struct xfs_dquot *udqp = NULL, *gdqp = NULL; 556 struct xfs_dquot *olddquot1 = NULL, *olddquot2 = NULL; 557 558 trace_xfs_setattr(ip); 559 560 /* If acls are being inherited, we already have this checked */ 561 if (!(flags & XFS_ATTR_NOACL)) { 562 if (mp->m_flags & XFS_MOUNT_RDONLY) 563 return -EROFS; 564 565 if (XFS_FORCED_SHUTDOWN(mp)) 566 return -EIO; 567 568 error = inode_change_ok(inode, iattr); 569 if (error) 570 return error; 571 } 572 573 ASSERT((mask & ATTR_SIZE) == 0); 574 575 /* 576 * If disk quotas is on, we make sure that the dquots do exist on disk, 577 * before we start any other transactions. Trying to do this later 578 * is messy. We don't care to take a readlock to look at the ids 579 * in inode here, because we can't hold it across the trans_reserve. 580 * If the IDs do change before we take the ilock, we're covered 581 * because the i_*dquot fields will get updated anyway. 582 */ 583 if (XFS_IS_QUOTA_ON(mp) && (mask & (ATTR_UID|ATTR_GID))) { 584 uint qflags = 0; 585 586 if ((mask & ATTR_UID) && XFS_IS_UQUOTA_ON(mp)) { 587 uid = iattr->ia_uid; 588 qflags |= XFS_QMOPT_UQUOTA; 589 } else { 590 uid = inode->i_uid; 591 } 592 if ((mask & ATTR_GID) && XFS_IS_GQUOTA_ON(mp)) { 593 gid = iattr->ia_gid; 594 qflags |= XFS_QMOPT_GQUOTA; 595 } else { 596 gid = inode->i_gid; 597 } 598 599 /* 600 * We take a reference when we initialize udqp and gdqp, 601 * so it is important that we never blindly double trip on 602 * the same variable. See xfs_create() for an example. 603 */ 604 ASSERT(udqp == NULL); 605 ASSERT(gdqp == NULL); 606 error = xfs_qm_vop_dqalloc(ip, xfs_kuid_to_uid(uid), 607 xfs_kgid_to_gid(gid), 608 xfs_get_projid(ip), 609 qflags, &udqp, &gdqp, NULL); 610 if (error) 611 return error; 612 } 613 614 tp = xfs_trans_alloc(mp, XFS_TRANS_SETATTR_NOT_SIZE); 615 error = xfs_trans_reserve(tp, &M_RES(mp)->tr_ichange, 0, 0); 616 if (error) 617 goto out_trans_cancel; 618 619 xfs_ilock(ip, XFS_ILOCK_EXCL); 620 621 /* 622 * Change file ownership. Must be the owner or privileged. 623 */ 624 if (mask & (ATTR_UID|ATTR_GID)) { 625 /* 626 * These IDs could have changed since we last looked at them. 627 * But, we're assured that if the ownership did change 628 * while we didn't have the inode locked, inode's dquot(s) 629 * would have changed also. 630 */ 631 iuid = inode->i_uid; 632 igid = inode->i_gid; 633 gid = (mask & ATTR_GID) ? iattr->ia_gid : igid; 634 uid = (mask & ATTR_UID) ? iattr->ia_uid : iuid; 635 636 /* 637 * Do a quota reservation only if uid/gid is actually 638 * going to change. 639 */ 640 if (XFS_IS_QUOTA_RUNNING(mp) && 641 ((XFS_IS_UQUOTA_ON(mp) && !uid_eq(iuid, uid)) || 642 (XFS_IS_GQUOTA_ON(mp) && !gid_eq(igid, gid)))) { 643 ASSERT(tp); 644 error = xfs_qm_vop_chown_reserve(tp, ip, udqp, gdqp, 645 NULL, capable(CAP_FOWNER) ? 646 XFS_QMOPT_FORCE_RES : 0); 647 if (error) /* out of quota */ 648 goto out_unlock; 649 } 650 } 651 652 xfs_trans_ijoin(tp, ip, 0); 653 654 /* 655 * Change file ownership. Must be the owner or privileged. 656 */ 657 if (mask & (ATTR_UID|ATTR_GID)) { 658 /* 659 * CAP_FSETID overrides the following restrictions: 660 * 661 * The set-user-ID and set-group-ID bits of a file will be 662 * cleared upon successful return from chown() 663 */ 664 if ((ip->i_d.di_mode & (S_ISUID|S_ISGID)) && 665 !capable(CAP_FSETID)) 666 ip->i_d.di_mode &= ~(S_ISUID|S_ISGID); 667 668 /* 669 * Change the ownerships and register quota modifications 670 * in the transaction. 671 */ 672 if (!uid_eq(iuid, uid)) { 673 if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_UQUOTA_ON(mp)) { 674 ASSERT(mask & ATTR_UID); 675 ASSERT(udqp); 676 olddquot1 = xfs_qm_vop_chown(tp, ip, 677 &ip->i_udquot, udqp); 678 } 679 ip->i_d.di_uid = xfs_kuid_to_uid(uid); 680 inode->i_uid = uid; 681 } 682 if (!gid_eq(igid, gid)) { 683 if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_GQUOTA_ON(mp)) { 684 ASSERT(xfs_sb_version_has_pquotino(&mp->m_sb) || 685 !XFS_IS_PQUOTA_ON(mp)); 686 ASSERT(mask & ATTR_GID); 687 ASSERT(gdqp); 688 olddquot2 = xfs_qm_vop_chown(tp, ip, 689 &ip->i_gdquot, gdqp); 690 } 691 ip->i_d.di_gid = xfs_kgid_to_gid(gid); 692 inode->i_gid = gid; 693 } 694 } 695 696 if (mask & ATTR_MODE) 697 xfs_setattr_mode(ip, iattr); 698 if (mask & (ATTR_ATIME|ATTR_CTIME|ATTR_MTIME)) 699 xfs_setattr_time(ip, iattr); 700 701 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 702 703 XFS_STATS_INC(mp, xs_ig_attrchg); 704 705 if (mp->m_flags & XFS_MOUNT_WSYNC) 706 xfs_trans_set_sync(tp); 707 error = xfs_trans_commit(tp); 708 709 xfs_iunlock(ip, XFS_ILOCK_EXCL); 710 711 /* 712 * Release any dquot(s) the inode had kept before chown. 713 */ 714 xfs_qm_dqrele(olddquot1); 715 xfs_qm_dqrele(olddquot2); 716 xfs_qm_dqrele(udqp); 717 xfs_qm_dqrele(gdqp); 718 719 if (error) 720 return error; 721 722 /* 723 * XXX(hch): Updating the ACL entries is not atomic vs the i_mode 724 * update. We could avoid this with linked transactions 725 * and passing down the transaction pointer all the way 726 * to attr_set. No previous user of the generic 727 * Posix ACL code seems to care about this issue either. 728 */ 729 if ((mask & ATTR_MODE) && !(flags & XFS_ATTR_NOACL)) { 730 error = posix_acl_chmod(inode, inode->i_mode); 731 if (error) 732 return error; 733 } 734 735 return 0; 736 737 out_unlock: 738 xfs_iunlock(ip, XFS_ILOCK_EXCL); 739 out_trans_cancel: 740 xfs_trans_cancel(tp); 741 xfs_qm_dqrele(udqp); 742 xfs_qm_dqrele(gdqp); 743 return error; 744 } 745 746 /* 747 * Truncate file. Must have write permission and not be a directory. 748 */ 749 int 750 xfs_setattr_size( 751 struct xfs_inode *ip, 752 struct iattr *iattr) 753 { 754 struct xfs_mount *mp = ip->i_mount; 755 struct inode *inode = VFS_I(ip); 756 xfs_off_t oldsize, newsize; 757 struct xfs_trans *tp; 758 int error; 759 uint lock_flags = 0; 760 bool did_zeroing = false; 761 762 trace_xfs_setattr(ip); 763 764 if (mp->m_flags & XFS_MOUNT_RDONLY) 765 return -EROFS; 766 767 if (XFS_FORCED_SHUTDOWN(mp)) 768 return -EIO; 769 770 error = inode_change_ok(inode, iattr); 771 if (error) 772 return error; 773 774 ASSERT(xfs_isilocked(ip, XFS_IOLOCK_EXCL)); 775 ASSERT(xfs_isilocked(ip, XFS_MMAPLOCK_EXCL)); 776 ASSERT(S_ISREG(ip->i_d.di_mode)); 777 ASSERT((iattr->ia_valid & (ATTR_UID|ATTR_GID|ATTR_ATIME|ATTR_ATIME_SET| 778 ATTR_MTIME_SET|ATTR_KILL_PRIV|ATTR_TIMES_SET)) == 0); 779 780 oldsize = inode->i_size; 781 newsize = iattr->ia_size; 782 783 /* 784 * Short circuit the truncate case for zero length files. 785 */ 786 if (newsize == 0 && oldsize == 0 && ip->i_d.di_nextents == 0) { 787 if (!(iattr->ia_valid & (ATTR_CTIME|ATTR_MTIME))) 788 return 0; 789 790 /* 791 * Use the regular setattr path to update the timestamps. 792 */ 793 iattr->ia_valid &= ~ATTR_SIZE; 794 return xfs_setattr_nonsize(ip, iattr, 0); 795 } 796 797 /* 798 * Make sure that the dquots are attached to the inode. 799 */ 800 error = xfs_qm_dqattach(ip, 0); 801 if (error) 802 return error; 803 804 /* 805 * File data changes must be complete before we start the transaction to 806 * modify the inode. This needs to be done before joining the inode to 807 * the transaction because the inode cannot be unlocked once it is a 808 * part of the transaction. 809 * 810 * Start with zeroing any data block beyond EOF that we may expose on 811 * file extension. 812 */ 813 if (newsize > oldsize) { 814 error = xfs_zero_eof(ip, newsize, oldsize, &did_zeroing); 815 if (error) 816 return error; 817 } 818 819 /* 820 * We are going to log the inode size change in this transaction so 821 * any previous writes that are beyond the on disk EOF and the new 822 * EOF that have not been written out need to be written here. If we 823 * do not write the data out, we expose ourselves to the null files 824 * problem. Note that this includes any block zeroing we did above; 825 * otherwise those blocks may not be zeroed after a crash. 826 */ 827 if (newsize > ip->i_d.di_size && 828 (oldsize != ip->i_d.di_size || did_zeroing)) { 829 error = filemap_write_and_wait_range(VFS_I(ip)->i_mapping, 830 ip->i_d.di_size, newsize); 831 if (error) 832 return error; 833 } 834 835 /* Now wait for all direct I/O to complete. */ 836 inode_dio_wait(inode); 837 838 /* 839 * We've already locked out new page faults, so now we can safely remove 840 * pages from the page cache knowing they won't get refaulted until we 841 * drop the XFS_MMAP_EXCL lock after the extent manipulations are 842 * complete. The truncate_setsize() call also cleans partial EOF page 843 * PTEs on extending truncates and hence ensures sub-page block size 844 * filesystems are correctly handled, too. 845 * 846 * We have to do all the page cache truncate work outside the 847 * transaction context as the "lock" order is page lock->log space 848 * reservation as defined by extent allocation in the writeback path. 849 * Hence a truncate can fail with ENOMEM from xfs_trans_reserve(), but 850 * having already truncated the in-memory version of the file (i.e. made 851 * user visible changes). There's not much we can do about this, except 852 * to hope that the caller sees ENOMEM and retries the truncate 853 * operation. 854 */ 855 if (IS_DAX(inode)) 856 error = dax_truncate_page(inode, newsize, xfs_get_blocks_direct); 857 else 858 error = block_truncate_page(inode->i_mapping, newsize, 859 xfs_get_blocks); 860 if (error) 861 return error; 862 truncate_setsize(inode, newsize); 863 864 tp = xfs_trans_alloc(mp, XFS_TRANS_SETATTR_SIZE); 865 error = xfs_trans_reserve(tp, &M_RES(mp)->tr_itruncate, 0, 0); 866 if (error) 867 goto out_trans_cancel; 868 869 lock_flags |= XFS_ILOCK_EXCL; 870 xfs_ilock(ip, XFS_ILOCK_EXCL); 871 xfs_trans_ijoin(tp, ip, 0); 872 873 /* 874 * Only change the c/mtime if we are changing the size or we are 875 * explicitly asked to change it. This handles the semantic difference 876 * between truncate() and ftruncate() as implemented in the VFS. 877 * 878 * The regular truncate() case without ATTR_CTIME and ATTR_MTIME is a 879 * special case where we need to update the times despite not having 880 * these flags set. For all other operations the VFS set these flags 881 * explicitly if it wants a timestamp update. 882 */ 883 if (newsize != oldsize && 884 !(iattr->ia_valid & (ATTR_CTIME | ATTR_MTIME))) { 885 iattr->ia_ctime = iattr->ia_mtime = 886 current_fs_time(inode->i_sb); 887 iattr->ia_valid |= ATTR_CTIME | ATTR_MTIME; 888 } 889 890 /* 891 * The first thing we do is set the size to new_size permanently on 892 * disk. This way we don't have to worry about anyone ever being able 893 * to look at the data being freed even in the face of a crash. 894 * What we're getting around here is the case where we free a block, it 895 * is allocated to another file, it is written to, and then we crash. 896 * If the new data gets written to the file but the log buffers 897 * containing the free and reallocation don't, then we'd end up with 898 * garbage in the blocks being freed. As long as we make the new size 899 * permanent before actually freeing any blocks it doesn't matter if 900 * they get written to. 901 */ 902 ip->i_d.di_size = newsize; 903 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 904 905 if (newsize <= oldsize) { 906 error = xfs_itruncate_extents(&tp, ip, XFS_DATA_FORK, newsize); 907 if (error) 908 goto out_trans_cancel; 909 910 /* 911 * Truncated "down", so we're removing references to old data 912 * here - if we delay flushing for a long time, we expose 913 * ourselves unduly to the notorious NULL files problem. So, 914 * we mark this inode and flush it when the file is closed, 915 * and do not wait the usual (long) time for writeout. 916 */ 917 xfs_iflags_set(ip, XFS_ITRUNCATED); 918 919 /* A truncate down always removes post-EOF blocks. */ 920 xfs_inode_clear_eofblocks_tag(ip); 921 } 922 923 if (iattr->ia_valid & ATTR_MODE) 924 xfs_setattr_mode(ip, iattr); 925 if (iattr->ia_valid & (ATTR_ATIME|ATTR_CTIME|ATTR_MTIME)) 926 xfs_setattr_time(ip, iattr); 927 928 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 929 930 XFS_STATS_INC(mp, xs_ig_attrchg); 931 932 if (mp->m_flags & XFS_MOUNT_WSYNC) 933 xfs_trans_set_sync(tp); 934 935 error = xfs_trans_commit(tp); 936 out_unlock: 937 if (lock_flags) 938 xfs_iunlock(ip, lock_flags); 939 return error; 940 941 out_trans_cancel: 942 xfs_trans_cancel(tp); 943 goto out_unlock; 944 } 945 946 STATIC int 947 xfs_vn_setattr( 948 struct dentry *dentry, 949 struct iattr *iattr) 950 { 951 struct xfs_inode *ip = XFS_I(d_inode(dentry)); 952 int error; 953 954 if (iattr->ia_valid & ATTR_SIZE) { 955 uint iolock = XFS_IOLOCK_EXCL; 956 957 xfs_ilock(ip, iolock); 958 error = xfs_break_layouts(d_inode(dentry), &iolock, true); 959 if (!error) { 960 xfs_ilock(ip, XFS_MMAPLOCK_EXCL); 961 iolock |= XFS_MMAPLOCK_EXCL; 962 963 error = xfs_setattr_size(ip, iattr); 964 } 965 xfs_iunlock(ip, iolock); 966 } else { 967 error = xfs_setattr_nonsize(ip, iattr, 0); 968 } 969 970 return error; 971 } 972 973 STATIC int 974 xfs_vn_update_time( 975 struct inode *inode, 976 struct timespec *now, 977 int flags) 978 { 979 struct xfs_inode *ip = XFS_I(inode); 980 struct xfs_mount *mp = ip->i_mount; 981 struct xfs_trans *tp; 982 int error; 983 984 trace_xfs_update_time(ip); 985 986 tp = xfs_trans_alloc(mp, XFS_TRANS_FSYNC_TS); 987 error = xfs_trans_reserve(tp, &M_RES(mp)->tr_fsyncts, 0, 0); 988 if (error) { 989 xfs_trans_cancel(tp); 990 return error; 991 } 992 993 xfs_ilock(ip, XFS_ILOCK_EXCL); 994 if (flags & S_CTIME) { 995 inode->i_ctime = *now; 996 ip->i_d.di_ctime.t_sec = (__int32_t)now->tv_sec; 997 ip->i_d.di_ctime.t_nsec = (__int32_t)now->tv_nsec; 998 } 999 if (flags & S_MTIME) { 1000 inode->i_mtime = *now; 1001 ip->i_d.di_mtime.t_sec = (__int32_t)now->tv_sec; 1002 ip->i_d.di_mtime.t_nsec = (__int32_t)now->tv_nsec; 1003 } 1004 if (flags & S_ATIME) { 1005 inode->i_atime = *now; 1006 ip->i_d.di_atime.t_sec = (__int32_t)now->tv_sec; 1007 ip->i_d.di_atime.t_nsec = (__int32_t)now->tv_nsec; 1008 } 1009 xfs_trans_ijoin(tp, ip, XFS_ILOCK_EXCL); 1010 xfs_trans_log_inode(tp, ip, XFS_ILOG_TIMESTAMP); 1011 return xfs_trans_commit(tp); 1012 } 1013 1014 #define XFS_FIEMAP_FLAGS (FIEMAP_FLAG_SYNC|FIEMAP_FLAG_XATTR) 1015 1016 /* 1017 * Call fiemap helper to fill in user data. 1018 * Returns positive errors to xfs_getbmap. 1019 */ 1020 STATIC int 1021 xfs_fiemap_format( 1022 void **arg, 1023 struct getbmapx *bmv, 1024 int *full) 1025 { 1026 int error; 1027 struct fiemap_extent_info *fieinfo = *arg; 1028 u32 fiemap_flags = 0; 1029 u64 logical, physical, length; 1030 1031 /* Do nothing for a hole */ 1032 if (bmv->bmv_block == -1LL) 1033 return 0; 1034 1035 logical = BBTOB(bmv->bmv_offset); 1036 physical = BBTOB(bmv->bmv_block); 1037 length = BBTOB(bmv->bmv_length); 1038 1039 if (bmv->bmv_oflags & BMV_OF_PREALLOC) 1040 fiemap_flags |= FIEMAP_EXTENT_UNWRITTEN; 1041 else if (bmv->bmv_oflags & BMV_OF_DELALLOC) { 1042 fiemap_flags |= (FIEMAP_EXTENT_DELALLOC | 1043 FIEMAP_EXTENT_UNKNOWN); 1044 physical = 0; /* no block yet */ 1045 } 1046 if (bmv->bmv_oflags & BMV_OF_LAST) 1047 fiemap_flags |= FIEMAP_EXTENT_LAST; 1048 1049 error = fiemap_fill_next_extent(fieinfo, logical, physical, 1050 length, fiemap_flags); 1051 if (error > 0) { 1052 error = 0; 1053 *full = 1; /* user array now full */ 1054 } 1055 1056 return error; 1057 } 1058 1059 STATIC int 1060 xfs_vn_fiemap( 1061 struct inode *inode, 1062 struct fiemap_extent_info *fieinfo, 1063 u64 start, 1064 u64 length) 1065 { 1066 xfs_inode_t *ip = XFS_I(inode); 1067 struct getbmapx bm; 1068 int error; 1069 1070 error = fiemap_check_flags(fieinfo, XFS_FIEMAP_FLAGS); 1071 if (error) 1072 return error; 1073 1074 /* Set up bmap header for xfs internal routine */ 1075 bm.bmv_offset = BTOBBT(start); 1076 /* Special case for whole file */ 1077 if (length == FIEMAP_MAX_OFFSET) 1078 bm.bmv_length = -1LL; 1079 else 1080 bm.bmv_length = BTOBB(start + length) - bm.bmv_offset; 1081 1082 /* We add one because in getbmap world count includes the header */ 1083 bm.bmv_count = !fieinfo->fi_extents_max ? MAXEXTNUM : 1084 fieinfo->fi_extents_max + 1; 1085 bm.bmv_count = min_t(__s32, bm.bmv_count, 1086 (PAGE_SIZE * 16 / sizeof(struct getbmapx))); 1087 bm.bmv_iflags = BMV_IF_PREALLOC | BMV_IF_NO_HOLES; 1088 if (fieinfo->fi_flags & FIEMAP_FLAG_XATTR) 1089 bm.bmv_iflags |= BMV_IF_ATTRFORK; 1090 if (!(fieinfo->fi_flags & FIEMAP_FLAG_SYNC)) 1091 bm.bmv_iflags |= BMV_IF_DELALLOC; 1092 1093 error = xfs_getbmap(ip, &bm, xfs_fiemap_format, fieinfo); 1094 if (error) 1095 return error; 1096 1097 return 0; 1098 } 1099 1100 STATIC int 1101 xfs_vn_tmpfile( 1102 struct inode *dir, 1103 struct dentry *dentry, 1104 umode_t mode) 1105 { 1106 return xfs_generic_create(dir, dentry, mode, 0, true); 1107 } 1108 1109 static const struct inode_operations xfs_inode_operations = { 1110 .get_acl = xfs_get_acl, 1111 .set_acl = xfs_set_acl, 1112 .getattr = xfs_vn_getattr, 1113 .setattr = xfs_vn_setattr, 1114 .setxattr = generic_setxattr, 1115 .getxattr = generic_getxattr, 1116 .removexattr = generic_removexattr, 1117 .listxattr = xfs_vn_listxattr, 1118 .fiemap = xfs_vn_fiemap, 1119 .update_time = xfs_vn_update_time, 1120 }; 1121 1122 static const struct inode_operations xfs_dir_inode_operations = { 1123 .create = xfs_vn_create, 1124 .lookup = xfs_vn_lookup, 1125 .link = xfs_vn_link, 1126 .unlink = xfs_vn_unlink, 1127 .symlink = xfs_vn_symlink, 1128 .mkdir = xfs_vn_mkdir, 1129 /* 1130 * Yes, XFS uses the same method for rmdir and unlink. 1131 * 1132 * There are some subtile differences deeper in the code, 1133 * but we use S_ISDIR to check for those. 1134 */ 1135 .rmdir = xfs_vn_unlink, 1136 .mknod = xfs_vn_mknod, 1137 .rename2 = xfs_vn_rename, 1138 .get_acl = xfs_get_acl, 1139 .set_acl = xfs_set_acl, 1140 .getattr = xfs_vn_getattr, 1141 .setattr = xfs_vn_setattr, 1142 .setxattr = generic_setxattr, 1143 .getxattr = generic_getxattr, 1144 .removexattr = generic_removexattr, 1145 .listxattr = xfs_vn_listxattr, 1146 .update_time = xfs_vn_update_time, 1147 .tmpfile = xfs_vn_tmpfile, 1148 }; 1149 1150 static const struct inode_operations xfs_dir_ci_inode_operations = { 1151 .create = xfs_vn_create, 1152 .lookup = xfs_vn_ci_lookup, 1153 .link = xfs_vn_link, 1154 .unlink = xfs_vn_unlink, 1155 .symlink = xfs_vn_symlink, 1156 .mkdir = xfs_vn_mkdir, 1157 /* 1158 * Yes, XFS uses the same method for rmdir and unlink. 1159 * 1160 * There are some subtile differences deeper in the code, 1161 * but we use S_ISDIR to check for those. 1162 */ 1163 .rmdir = xfs_vn_unlink, 1164 .mknod = xfs_vn_mknod, 1165 .rename2 = xfs_vn_rename, 1166 .get_acl = xfs_get_acl, 1167 .set_acl = xfs_set_acl, 1168 .getattr = xfs_vn_getattr, 1169 .setattr = xfs_vn_setattr, 1170 .setxattr = generic_setxattr, 1171 .getxattr = generic_getxattr, 1172 .removexattr = generic_removexattr, 1173 .listxattr = xfs_vn_listxattr, 1174 .update_time = xfs_vn_update_time, 1175 .tmpfile = xfs_vn_tmpfile, 1176 }; 1177 1178 static const struct inode_operations xfs_symlink_inode_operations = { 1179 .readlink = generic_readlink, 1180 .get_link = xfs_vn_get_link, 1181 .getattr = xfs_vn_getattr, 1182 .setattr = xfs_vn_setattr, 1183 .setxattr = generic_setxattr, 1184 .getxattr = generic_getxattr, 1185 .removexattr = generic_removexattr, 1186 .listxattr = xfs_vn_listxattr, 1187 .update_time = xfs_vn_update_time, 1188 }; 1189 1190 STATIC void 1191 xfs_diflags_to_iflags( 1192 struct inode *inode, 1193 struct xfs_inode *ip) 1194 { 1195 uint16_t flags = ip->i_d.di_flags; 1196 1197 inode->i_flags &= ~(S_IMMUTABLE | S_APPEND | S_SYNC | 1198 S_NOATIME | S_DAX); 1199 1200 if (flags & XFS_DIFLAG_IMMUTABLE) 1201 inode->i_flags |= S_IMMUTABLE; 1202 if (flags & XFS_DIFLAG_APPEND) 1203 inode->i_flags |= S_APPEND; 1204 if (flags & XFS_DIFLAG_SYNC) 1205 inode->i_flags |= S_SYNC; 1206 if (flags & XFS_DIFLAG_NOATIME) 1207 inode->i_flags |= S_NOATIME; 1208 if (ip->i_mount->m_flags & XFS_MOUNT_DAX || 1209 ip->i_d.di_flags2 & XFS_DIFLAG2_DAX) 1210 inode->i_flags |= S_DAX; 1211 } 1212 1213 /* 1214 * Initialize the Linux inode and set up the operation vectors. 1215 * 1216 * When reading existing inodes from disk this is called directly from xfs_iget, 1217 * when creating a new inode it is called from xfs_ialloc after setting up the 1218 * inode. These callers have different criteria for clearing XFS_INEW, so leave 1219 * it up to the caller to deal with unlocking the inode appropriately. 1220 */ 1221 void 1222 xfs_setup_inode( 1223 struct xfs_inode *ip) 1224 { 1225 struct inode *inode = &ip->i_vnode; 1226 gfp_t gfp_mask; 1227 1228 inode->i_ino = ip->i_ino; 1229 inode->i_state = I_NEW; 1230 1231 inode_sb_list_add(inode); 1232 /* make the inode look hashed for the writeback code */ 1233 hlist_add_fake(&inode->i_hash); 1234 1235 inode->i_mode = ip->i_d.di_mode; 1236 set_nlink(inode, ip->i_d.di_nlink); 1237 inode->i_uid = xfs_uid_to_kuid(ip->i_d.di_uid); 1238 inode->i_gid = xfs_gid_to_kgid(ip->i_d.di_gid); 1239 1240 switch (inode->i_mode & S_IFMT) { 1241 case S_IFBLK: 1242 case S_IFCHR: 1243 inode->i_rdev = 1244 MKDEV(sysv_major(ip->i_df.if_u2.if_rdev) & 0x1ff, 1245 sysv_minor(ip->i_df.if_u2.if_rdev)); 1246 break; 1247 default: 1248 inode->i_rdev = 0; 1249 break; 1250 } 1251 1252 inode->i_generation = ip->i_d.di_gen; 1253 i_size_write(inode, ip->i_d.di_size); 1254 inode->i_atime.tv_sec = ip->i_d.di_atime.t_sec; 1255 inode->i_atime.tv_nsec = ip->i_d.di_atime.t_nsec; 1256 inode->i_mtime.tv_sec = ip->i_d.di_mtime.t_sec; 1257 inode->i_mtime.tv_nsec = ip->i_d.di_mtime.t_nsec; 1258 inode->i_ctime.tv_sec = ip->i_d.di_ctime.t_sec; 1259 inode->i_ctime.tv_nsec = ip->i_d.di_ctime.t_nsec; 1260 xfs_diflags_to_iflags(inode, ip); 1261 1262 ip->d_ops = ip->i_mount->m_nondir_inode_ops; 1263 lockdep_set_class(&ip->i_lock.mr_lock, &xfs_nondir_ilock_class); 1264 switch (inode->i_mode & S_IFMT) { 1265 case S_IFREG: 1266 inode->i_op = &xfs_inode_operations; 1267 inode->i_fop = &xfs_file_operations; 1268 inode->i_mapping->a_ops = &xfs_address_space_operations; 1269 break; 1270 case S_IFDIR: 1271 lockdep_set_class(&ip->i_lock.mr_lock, &xfs_dir_ilock_class); 1272 if (xfs_sb_version_hasasciici(&XFS_M(inode->i_sb)->m_sb)) 1273 inode->i_op = &xfs_dir_ci_inode_operations; 1274 else 1275 inode->i_op = &xfs_dir_inode_operations; 1276 inode->i_fop = &xfs_dir_file_operations; 1277 ip->d_ops = ip->i_mount->m_dir_inode_ops; 1278 break; 1279 case S_IFLNK: 1280 inode->i_op = &xfs_symlink_inode_operations; 1281 if (!(ip->i_df.if_flags & XFS_IFINLINE)) 1282 inode->i_mapping->a_ops = &xfs_address_space_operations; 1283 break; 1284 default: 1285 inode->i_op = &xfs_inode_operations; 1286 init_special_inode(inode, inode->i_mode, inode->i_rdev); 1287 break; 1288 } 1289 1290 /* 1291 * Ensure all page cache allocations are done from GFP_NOFS context to 1292 * prevent direct reclaim recursion back into the filesystem and blowing 1293 * stacks or deadlocking. 1294 */ 1295 gfp_mask = mapping_gfp_mask(inode->i_mapping); 1296 mapping_set_gfp_mask(inode->i_mapping, (gfp_mask & ~(__GFP_FS))); 1297 1298 /* 1299 * If there is no attribute fork no ACL can exist on this inode, 1300 * and it can't have any file capabilities attached to it either. 1301 */ 1302 if (!XFS_IFORK_Q(ip)) { 1303 inode_has_no_xattr(inode); 1304 cache_no_acl(inode); 1305 } 1306 } 1307