1 /* 2 * Copyright (c) 2000-2005 Silicon Graphics, Inc. 3 * All Rights Reserved. 4 * 5 * This program is free software; you can redistribute it and/or 6 * modify it under the terms of the GNU General Public License as 7 * published by the Free Software Foundation. 8 * 9 * This program is distributed in the hope that it would be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, write the Free Software Foundation, 16 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 17 */ 18 #include "xfs.h" 19 #include "xfs_fs.h" 20 #include "xfs_shared.h" 21 #include "xfs_format.h" 22 #include "xfs_log_format.h" 23 #include "xfs_trans_resv.h" 24 #include "xfs_mount.h" 25 #include "xfs_da_format.h" 26 #include "xfs_inode.h" 27 #include "xfs_bmap.h" 28 #include "xfs_bmap_util.h" 29 #include "xfs_acl.h" 30 #include "xfs_quota.h" 31 #include "xfs_error.h" 32 #include "xfs_attr.h" 33 #include "xfs_trans.h" 34 #include "xfs_trace.h" 35 #include "xfs_icache.h" 36 #include "xfs_symlink.h" 37 #include "xfs_da_btree.h" 38 #include "xfs_dir2.h" 39 #include "xfs_trans_space.h" 40 #include "xfs_pnfs.h" 41 #include "xfs_iomap.h" 42 43 #include <linux/capability.h> 44 #include <linux/xattr.h> 45 #include <linux/posix_acl.h> 46 #include <linux/security.h> 47 #include <linux/iomap.h> 48 #include <linux/slab.h> 49 #include <linux/iversion.h> 50 51 /* 52 * Directories have different lock order w.r.t. mmap_sem compared to regular 53 * files. This is due to readdir potentially triggering page faults on a user 54 * buffer inside filldir(), and this happens with the ilock on the directory 55 * held. For regular files, the lock order is the other way around - the 56 * mmap_sem is taken during the page fault, and then we lock the ilock to do 57 * block mapping. Hence we need a different class for the directory ilock so 58 * that lockdep can tell them apart. 59 */ 60 static struct lock_class_key xfs_nondir_ilock_class; 61 static struct lock_class_key xfs_dir_ilock_class; 62 63 static int 64 xfs_initxattrs( 65 struct inode *inode, 66 const struct xattr *xattr_array, 67 void *fs_info) 68 { 69 const struct xattr *xattr; 70 struct xfs_inode *ip = XFS_I(inode); 71 int error = 0; 72 73 for (xattr = xattr_array; xattr->name != NULL; xattr++) { 74 error = xfs_attr_set(ip, xattr->name, xattr->value, 75 xattr->value_len, ATTR_SECURE); 76 if (error < 0) 77 break; 78 } 79 return error; 80 } 81 82 /* 83 * Hook in SELinux. This is not quite correct yet, what we really need 84 * here (as we do for default ACLs) is a mechanism by which creation of 85 * these attrs can be journalled at inode creation time (along with the 86 * inode, of course, such that log replay can't cause these to be lost). 87 */ 88 89 STATIC int 90 xfs_init_security( 91 struct inode *inode, 92 struct inode *dir, 93 const struct qstr *qstr) 94 { 95 return security_inode_init_security(inode, dir, qstr, 96 &xfs_initxattrs, NULL); 97 } 98 99 static void 100 xfs_dentry_to_name( 101 struct xfs_name *namep, 102 struct dentry *dentry) 103 { 104 namep->name = dentry->d_name.name; 105 namep->len = dentry->d_name.len; 106 namep->type = XFS_DIR3_FT_UNKNOWN; 107 } 108 109 static int 110 xfs_dentry_mode_to_name( 111 struct xfs_name *namep, 112 struct dentry *dentry, 113 int mode) 114 { 115 namep->name = dentry->d_name.name; 116 namep->len = dentry->d_name.len; 117 namep->type = xfs_mode_to_ftype(mode); 118 119 if (unlikely(namep->type == XFS_DIR3_FT_UNKNOWN)) 120 return -EFSCORRUPTED; 121 122 return 0; 123 } 124 125 STATIC void 126 xfs_cleanup_inode( 127 struct inode *dir, 128 struct inode *inode, 129 struct dentry *dentry) 130 { 131 struct xfs_name teardown; 132 133 /* Oh, the horror. 134 * If we can't add the ACL or we fail in 135 * xfs_init_security we must back out. 136 * ENOSPC can hit here, among other things. 137 */ 138 xfs_dentry_to_name(&teardown, dentry); 139 140 xfs_remove(XFS_I(dir), &teardown, XFS_I(inode)); 141 } 142 143 STATIC int 144 xfs_generic_create( 145 struct inode *dir, 146 struct dentry *dentry, 147 umode_t mode, 148 dev_t rdev, 149 bool tmpfile) /* unnamed file */ 150 { 151 struct inode *inode; 152 struct xfs_inode *ip = NULL; 153 struct posix_acl *default_acl, *acl; 154 struct xfs_name name; 155 int error; 156 157 /* 158 * Irix uses Missed'em'V split, but doesn't want to see 159 * the upper 5 bits of (14bit) major. 160 */ 161 if (S_ISCHR(mode) || S_ISBLK(mode)) { 162 if (unlikely(!sysv_valid_dev(rdev) || MAJOR(rdev) & ~0x1ff)) 163 return -EINVAL; 164 } else { 165 rdev = 0; 166 } 167 168 error = posix_acl_create(dir, &mode, &default_acl, &acl); 169 if (error) 170 return error; 171 172 /* Verify mode is valid also for tmpfile case */ 173 error = xfs_dentry_mode_to_name(&name, dentry, mode); 174 if (unlikely(error)) 175 goto out_free_acl; 176 177 if (!tmpfile) { 178 error = xfs_create(XFS_I(dir), &name, mode, rdev, &ip); 179 } else { 180 error = xfs_create_tmpfile(XFS_I(dir), dentry, mode, &ip); 181 } 182 if (unlikely(error)) 183 goto out_free_acl; 184 185 inode = VFS_I(ip); 186 187 error = xfs_init_security(inode, dir, &dentry->d_name); 188 if (unlikely(error)) 189 goto out_cleanup_inode; 190 191 #ifdef CONFIG_XFS_POSIX_ACL 192 if (default_acl) { 193 error = __xfs_set_acl(inode, default_acl, ACL_TYPE_DEFAULT); 194 if (error) 195 goto out_cleanup_inode; 196 } 197 if (acl) { 198 error = __xfs_set_acl(inode, acl, ACL_TYPE_ACCESS); 199 if (error) 200 goto out_cleanup_inode; 201 } 202 #endif 203 204 xfs_setup_iops(ip); 205 206 if (tmpfile) 207 d_tmpfile(dentry, inode); 208 else 209 d_instantiate(dentry, inode); 210 211 xfs_finish_inode_setup(ip); 212 213 out_free_acl: 214 if (default_acl) 215 posix_acl_release(default_acl); 216 if (acl) 217 posix_acl_release(acl); 218 return error; 219 220 out_cleanup_inode: 221 xfs_finish_inode_setup(ip); 222 if (!tmpfile) 223 xfs_cleanup_inode(dir, inode, dentry); 224 iput(inode); 225 goto out_free_acl; 226 } 227 228 STATIC int 229 xfs_vn_mknod( 230 struct inode *dir, 231 struct dentry *dentry, 232 umode_t mode, 233 dev_t rdev) 234 { 235 return xfs_generic_create(dir, dentry, mode, rdev, false); 236 } 237 238 STATIC int 239 xfs_vn_create( 240 struct inode *dir, 241 struct dentry *dentry, 242 umode_t mode, 243 bool flags) 244 { 245 return xfs_vn_mknod(dir, dentry, mode, 0); 246 } 247 248 STATIC int 249 xfs_vn_mkdir( 250 struct inode *dir, 251 struct dentry *dentry, 252 umode_t mode) 253 { 254 return xfs_vn_mknod(dir, dentry, mode|S_IFDIR, 0); 255 } 256 257 STATIC struct dentry * 258 xfs_vn_lookup( 259 struct inode *dir, 260 struct dentry *dentry, 261 unsigned int flags) 262 { 263 struct xfs_inode *cip; 264 struct xfs_name name; 265 int error; 266 267 if (dentry->d_name.len >= MAXNAMELEN) 268 return ERR_PTR(-ENAMETOOLONG); 269 270 xfs_dentry_to_name(&name, dentry); 271 error = xfs_lookup(XFS_I(dir), &name, &cip, NULL); 272 if (unlikely(error)) { 273 if (unlikely(error != -ENOENT)) 274 return ERR_PTR(error); 275 d_add(dentry, NULL); 276 return NULL; 277 } 278 279 return d_splice_alias(VFS_I(cip), dentry); 280 } 281 282 STATIC struct dentry * 283 xfs_vn_ci_lookup( 284 struct inode *dir, 285 struct dentry *dentry, 286 unsigned int flags) 287 { 288 struct xfs_inode *ip; 289 struct xfs_name xname; 290 struct xfs_name ci_name; 291 struct qstr dname; 292 int error; 293 294 if (dentry->d_name.len >= MAXNAMELEN) 295 return ERR_PTR(-ENAMETOOLONG); 296 297 xfs_dentry_to_name(&xname, dentry); 298 error = xfs_lookup(XFS_I(dir), &xname, &ip, &ci_name); 299 if (unlikely(error)) { 300 if (unlikely(error != -ENOENT)) 301 return ERR_PTR(error); 302 /* 303 * call d_add(dentry, NULL) here when d_drop_negative_children 304 * is called in xfs_vn_mknod (ie. allow negative dentries 305 * with CI filesystems). 306 */ 307 return NULL; 308 } 309 310 /* if exact match, just splice and exit */ 311 if (!ci_name.name) 312 return d_splice_alias(VFS_I(ip), dentry); 313 314 /* else case-insensitive match... */ 315 dname.name = ci_name.name; 316 dname.len = ci_name.len; 317 dentry = d_add_ci(dentry, VFS_I(ip), &dname); 318 kmem_free(ci_name.name); 319 return dentry; 320 } 321 322 STATIC int 323 xfs_vn_link( 324 struct dentry *old_dentry, 325 struct inode *dir, 326 struct dentry *dentry) 327 { 328 struct inode *inode = d_inode(old_dentry); 329 struct xfs_name name; 330 int error; 331 332 error = xfs_dentry_mode_to_name(&name, dentry, inode->i_mode); 333 if (unlikely(error)) 334 return error; 335 336 error = xfs_link(XFS_I(dir), XFS_I(inode), &name); 337 if (unlikely(error)) 338 return error; 339 340 ihold(inode); 341 d_instantiate(dentry, inode); 342 return 0; 343 } 344 345 STATIC int 346 xfs_vn_unlink( 347 struct inode *dir, 348 struct dentry *dentry) 349 { 350 struct xfs_name name; 351 int error; 352 353 xfs_dentry_to_name(&name, dentry); 354 355 error = xfs_remove(XFS_I(dir), &name, XFS_I(d_inode(dentry))); 356 if (error) 357 return error; 358 359 /* 360 * With unlink, the VFS makes the dentry "negative": no inode, 361 * but still hashed. This is incompatible with case-insensitive 362 * mode, so invalidate (unhash) the dentry in CI-mode. 363 */ 364 if (xfs_sb_version_hasasciici(&XFS_M(dir->i_sb)->m_sb)) 365 d_invalidate(dentry); 366 return 0; 367 } 368 369 STATIC int 370 xfs_vn_symlink( 371 struct inode *dir, 372 struct dentry *dentry, 373 const char *symname) 374 { 375 struct inode *inode; 376 struct xfs_inode *cip = NULL; 377 struct xfs_name name; 378 int error; 379 umode_t mode; 380 381 mode = S_IFLNK | 382 (irix_symlink_mode ? 0777 & ~current_umask() : S_IRWXUGO); 383 error = xfs_dentry_mode_to_name(&name, dentry, mode); 384 if (unlikely(error)) 385 goto out; 386 387 error = xfs_symlink(XFS_I(dir), &name, symname, mode, &cip); 388 if (unlikely(error)) 389 goto out; 390 391 inode = VFS_I(cip); 392 393 error = xfs_init_security(inode, dir, &dentry->d_name); 394 if (unlikely(error)) 395 goto out_cleanup_inode; 396 397 xfs_setup_iops(cip); 398 399 d_instantiate(dentry, inode); 400 xfs_finish_inode_setup(cip); 401 return 0; 402 403 out_cleanup_inode: 404 xfs_finish_inode_setup(cip); 405 xfs_cleanup_inode(dir, inode, dentry); 406 iput(inode); 407 out: 408 return error; 409 } 410 411 STATIC int 412 xfs_vn_rename( 413 struct inode *odir, 414 struct dentry *odentry, 415 struct inode *ndir, 416 struct dentry *ndentry, 417 unsigned int flags) 418 { 419 struct inode *new_inode = d_inode(ndentry); 420 int omode = 0; 421 int error; 422 struct xfs_name oname; 423 struct xfs_name nname; 424 425 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT)) 426 return -EINVAL; 427 428 /* if we are exchanging files, we need to set i_mode of both files */ 429 if (flags & RENAME_EXCHANGE) 430 omode = d_inode(ndentry)->i_mode; 431 432 error = xfs_dentry_mode_to_name(&oname, odentry, omode); 433 if (omode && unlikely(error)) 434 return error; 435 436 error = xfs_dentry_mode_to_name(&nname, ndentry, 437 d_inode(odentry)->i_mode); 438 if (unlikely(error)) 439 return error; 440 441 return xfs_rename(XFS_I(odir), &oname, XFS_I(d_inode(odentry)), 442 XFS_I(ndir), &nname, 443 new_inode ? XFS_I(new_inode) : NULL, flags); 444 } 445 446 /* 447 * careful here - this function can get called recursively, so 448 * we need to be very careful about how much stack we use. 449 * uio is kmalloced for this reason... 450 */ 451 STATIC const char * 452 xfs_vn_get_link( 453 struct dentry *dentry, 454 struct inode *inode, 455 struct delayed_call *done) 456 { 457 char *link; 458 int error = -ENOMEM; 459 460 if (!dentry) 461 return ERR_PTR(-ECHILD); 462 463 link = kmalloc(XFS_SYMLINK_MAXLEN+1, GFP_KERNEL); 464 if (!link) 465 goto out_err; 466 467 error = xfs_readlink(XFS_I(d_inode(dentry)), link); 468 if (unlikely(error)) 469 goto out_kfree; 470 471 set_delayed_call(done, kfree_link, link); 472 return link; 473 474 out_kfree: 475 kfree(link); 476 out_err: 477 return ERR_PTR(error); 478 } 479 480 STATIC const char * 481 xfs_vn_get_link_inline( 482 struct dentry *dentry, 483 struct inode *inode, 484 struct delayed_call *done) 485 { 486 ASSERT(XFS_I(inode)->i_df.if_flags & XFS_IFINLINE); 487 return XFS_I(inode)->i_df.if_u1.if_data; 488 } 489 490 STATIC int 491 xfs_vn_getattr( 492 const struct path *path, 493 struct kstat *stat, 494 u32 request_mask, 495 unsigned int query_flags) 496 { 497 struct inode *inode = d_inode(path->dentry); 498 struct xfs_inode *ip = XFS_I(inode); 499 struct xfs_mount *mp = ip->i_mount; 500 501 trace_xfs_getattr(ip); 502 503 if (XFS_FORCED_SHUTDOWN(mp)) 504 return -EIO; 505 506 stat->size = XFS_ISIZE(ip); 507 stat->dev = inode->i_sb->s_dev; 508 stat->mode = inode->i_mode; 509 stat->nlink = inode->i_nlink; 510 stat->uid = inode->i_uid; 511 stat->gid = inode->i_gid; 512 stat->ino = ip->i_ino; 513 stat->atime = inode->i_atime; 514 stat->mtime = inode->i_mtime; 515 stat->ctime = inode->i_ctime; 516 stat->blocks = 517 XFS_FSB_TO_BB(mp, ip->i_d.di_nblocks + ip->i_delayed_blks); 518 519 if (ip->i_d.di_version == 3) { 520 if (request_mask & STATX_BTIME) { 521 stat->result_mask |= STATX_BTIME; 522 stat->btime.tv_sec = ip->i_d.di_crtime.t_sec; 523 stat->btime.tv_nsec = ip->i_d.di_crtime.t_nsec; 524 } 525 } 526 527 if (ip->i_d.di_flags & XFS_DIFLAG_IMMUTABLE) 528 stat->attributes |= STATX_ATTR_IMMUTABLE; 529 if (ip->i_d.di_flags & XFS_DIFLAG_APPEND) 530 stat->attributes |= STATX_ATTR_APPEND; 531 if (ip->i_d.di_flags & XFS_DIFLAG_NODUMP) 532 stat->attributes |= STATX_ATTR_NODUMP; 533 534 switch (inode->i_mode & S_IFMT) { 535 case S_IFBLK: 536 case S_IFCHR: 537 stat->blksize = BLKDEV_IOSIZE; 538 stat->rdev = inode->i_rdev; 539 break; 540 default: 541 if (XFS_IS_REALTIME_INODE(ip)) { 542 /* 543 * If the file blocks are being allocated from a 544 * realtime volume, then return the inode's realtime 545 * extent size or the realtime volume's extent size. 546 */ 547 stat->blksize = 548 xfs_get_extsz_hint(ip) << mp->m_sb.sb_blocklog; 549 } else 550 stat->blksize = xfs_preferred_iosize(mp); 551 stat->rdev = 0; 552 break; 553 } 554 555 return 0; 556 } 557 558 static void 559 xfs_setattr_mode( 560 struct xfs_inode *ip, 561 struct iattr *iattr) 562 { 563 struct inode *inode = VFS_I(ip); 564 umode_t mode = iattr->ia_mode; 565 566 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL)); 567 568 inode->i_mode &= S_IFMT; 569 inode->i_mode |= mode & ~S_IFMT; 570 } 571 572 void 573 xfs_setattr_time( 574 struct xfs_inode *ip, 575 struct iattr *iattr) 576 { 577 struct inode *inode = VFS_I(ip); 578 579 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL)); 580 581 if (iattr->ia_valid & ATTR_ATIME) 582 inode->i_atime = iattr->ia_atime; 583 if (iattr->ia_valid & ATTR_CTIME) 584 inode->i_ctime = iattr->ia_ctime; 585 if (iattr->ia_valid & ATTR_MTIME) 586 inode->i_mtime = iattr->ia_mtime; 587 } 588 589 static int 590 xfs_vn_change_ok( 591 struct dentry *dentry, 592 struct iattr *iattr) 593 { 594 struct xfs_mount *mp = XFS_I(d_inode(dentry))->i_mount; 595 596 if (mp->m_flags & XFS_MOUNT_RDONLY) 597 return -EROFS; 598 599 if (XFS_FORCED_SHUTDOWN(mp)) 600 return -EIO; 601 602 return setattr_prepare(dentry, iattr); 603 } 604 605 /* 606 * Set non-size attributes of an inode. 607 * 608 * Caution: The caller of this function is responsible for calling 609 * setattr_prepare() or otherwise verifying the change is fine. 610 */ 611 int 612 xfs_setattr_nonsize( 613 struct xfs_inode *ip, 614 struct iattr *iattr, 615 int flags) 616 { 617 xfs_mount_t *mp = ip->i_mount; 618 struct inode *inode = VFS_I(ip); 619 int mask = iattr->ia_valid; 620 xfs_trans_t *tp; 621 int error; 622 kuid_t uid = GLOBAL_ROOT_UID, iuid = GLOBAL_ROOT_UID; 623 kgid_t gid = GLOBAL_ROOT_GID, igid = GLOBAL_ROOT_GID; 624 struct xfs_dquot *udqp = NULL, *gdqp = NULL; 625 struct xfs_dquot *olddquot1 = NULL, *olddquot2 = NULL; 626 627 ASSERT((mask & ATTR_SIZE) == 0); 628 629 /* 630 * If disk quotas is on, we make sure that the dquots do exist on disk, 631 * before we start any other transactions. Trying to do this later 632 * is messy. We don't care to take a readlock to look at the ids 633 * in inode here, because we can't hold it across the trans_reserve. 634 * If the IDs do change before we take the ilock, we're covered 635 * because the i_*dquot fields will get updated anyway. 636 */ 637 if (XFS_IS_QUOTA_ON(mp) && (mask & (ATTR_UID|ATTR_GID))) { 638 uint qflags = 0; 639 640 if ((mask & ATTR_UID) && XFS_IS_UQUOTA_ON(mp)) { 641 uid = iattr->ia_uid; 642 qflags |= XFS_QMOPT_UQUOTA; 643 } else { 644 uid = inode->i_uid; 645 } 646 if ((mask & ATTR_GID) && XFS_IS_GQUOTA_ON(mp)) { 647 gid = iattr->ia_gid; 648 qflags |= XFS_QMOPT_GQUOTA; 649 } else { 650 gid = inode->i_gid; 651 } 652 653 /* 654 * We take a reference when we initialize udqp and gdqp, 655 * so it is important that we never blindly double trip on 656 * the same variable. See xfs_create() for an example. 657 */ 658 ASSERT(udqp == NULL); 659 ASSERT(gdqp == NULL); 660 error = xfs_qm_vop_dqalloc(ip, xfs_kuid_to_uid(uid), 661 xfs_kgid_to_gid(gid), 662 xfs_get_projid(ip), 663 qflags, &udqp, &gdqp, NULL); 664 if (error) 665 return error; 666 } 667 668 error = xfs_trans_alloc(mp, &M_RES(mp)->tr_ichange, 0, 0, 0, &tp); 669 if (error) 670 goto out_dqrele; 671 672 xfs_ilock(ip, XFS_ILOCK_EXCL); 673 xfs_trans_ijoin(tp, ip, 0); 674 675 /* 676 * Change file ownership. Must be the owner or privileged. 677 */ 678 if (mask & (ATTR_UID|ATTR_GID)) { 679 /* 680 * These IDs could have changed since we last looked at them. 681 * But, we're assured that if the ownership did change 682 * while we didn't have the inode locked, inode's dquot(s) 683 * would have changed also. 684 */ 685 iuid = inode->i_uid; 686 igid = inode->i_gid; 687 gid = (mask & ATTR_GID) ? iattr->ia_gid : igid; 688 uid = (mask & ATTR_UID) ? iattr->ia_uid : iuid; 689 690 /* 691 * Do a quota reservation only if uid/gid is actually 692 * going to change. 693 */ 694 if (XFS_IS_QUOTA_RUNNING(mp) && 695 ((XFS_IS_UQUOTA_ON(mp) && !uid_eq(iuid, uid)) || 696 (XFS_IS_GQUOTA_ON(mp) && !gid_eq(igid, gid)))) { 697 ASSERT(tp); 698 error = xfs_qm_vop_chown_reserve(tp, ip, udqp, gdqp, 699 NULL, capable(CAP_FOWNER) ? 700 XFS_QMOPT_FORCE_RES : 0); 701 if (error) /* out of quota */ 702 goto out_cancel; 703 } 704 } 705 706 /* 707 * Change file ownership. Must be the owner or privileged. 708 */ 709 if (mask & (ATTR_UID|ATTR_GID)) { 710 /* 711 * CAP_FSETID overrides the following restrictions: 712 * 713 * The set-user-ID and set-group-ID bits of a file will be 714 * cleared upon successful return from chown() 715 */ 716 if ((inode->i_mode & (S_ISUID|S_ISGID)) && 717 !capable(CAP_FSETID)) 718 inode->i_mode &= ~(S_ISUID|S_ISGID); 719 720 /* 721 * Change the ownerships and register quota modifications 722 * in the transaction. 723 */ 724 if (!uid_eq(iuid, uid)) { 725 if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_UQUOTA_ON(mp)) { 726 ASSERT(mask & ATTR_UID); 727 ASSERT(udqp); 728 olddquot1 = xfs_qm_vop_chown(tp, ip, 729 &ip->i_udquot, udqp); 730 } 731 ip->i_d.di_uid = xfs_kuid_to_uid(uid); 732 inode->i_uid = uid; 733 } 734 if (!gid_eq(igid, gid)) { 735 if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_GQUOTA_ON(mp)) { 736 ASSERT(xfs_sb_version_has_pquotino(&mp->m_sb) || 737 !XFS_IS_PQUOTA_ON(mp)); 738 ASSERT(mask & ATTR_GID); 739 ASSERT(gdqp); 740 olddquot2 = xfs_qm_vop_chown(tp, ip, 741 &ip->i_gdquot, gdqp); 742 } 743 ip->i_d.di_gid = xfs_kgid_to_gid(gid); 744 inode->i_gid = gid; 745 } 746 } 747 748 if (mask & ATTR_MODE) 749 xfs_setattr_mode(ip, iattr); 750 if (mask & (ATTR_ATIME|ATTR_CTIME|ATTR_MTIME)) 751 xfs_setattr_time(ip, iattr); 752 753 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 754 755 XFS_STATS_INC(mp, xs_ig_attrchg); 756 757 if (mp->m_flags & XFS_MOUNT_WSYNC) 758 xfs_trans_set_sync(tp); 759 error = xfs_trans_commit(tp); 760 761 xfs_iunlock(ip, XFS_ILOCK_EXCL); 762 763 /* 764 * Release any dquot(s) the inode had kept before chown. 765 */ 766 xfs_qm_dqrele(olddquot1); 767 xfs_qm_dqrele(olddquot2); 768 xfs_qm_dqrele(udqp); 769 xfs_qm_dqrele(gdqp); 770 771 if (error) 772 return error; 773 774 /* 775 * XXX(hch): Updating the ACL entries is not atomic vs the i_mode 776 * update. We could avoid this with linked transactions 777 * and passing down the transaction pointer all the way 778 * to attr_set. No previous user of the generic 779 * Posix ACL code seems to care about this issue either. 780 */ 781 if ((mask & ATTR_MODE) && !(flags & XFS_ATTR_NOACL)) { 782 error = posix_acl_chmod(inode, inode->i_mode); 783 if (error) 784 return error; 785 } 786 787 return 0; 788 789 out_cancel: 790 xfs_trans_cancel(tp); 791 out_dqrele: 792 xfs_qm_dqrele(udqp); 793 xfs_qm_dqrele(gdqp); 794 return error; 795 } 796 797 int 798 xfs_vn_setattr_nonsize( 799 struct dentry *dentry, 800 struct iattr *iattr) 801 { 802 struct xfs_inode *ip = XFS_I(d_inode(dentry)); 803 int error; 804 805 trace_xfs_setattr(ip); 806 807 error = xfs_vn_change_ok(dentry, iattr); 808 if (error) 809 return error; 810 return xfs_setattr_nonsize(ip, iattr, 0); 811 } 812 813 /* 814 * Truncate file. Must have write permission and not be a directory. 815 * 816 * Caution: The caller of this function is responsible for calling 817 * setattr_prepare() or otherwise verifying the change is fine. 818 */ 819 STATIC int 820 xfs_setattr_size( 821 struct xfs_inode *ip, 822 struct iattr *iattr) 823 { 824 struct xfs_mount *mp = ip->i_mount; 825 struct inode *inode = VFS_I(ip); 826 xfs_off_t oldsize, newsize; 827 struct xfs_trans *tp; 828 int error; 829 uint lock_flags = 0; 830 bool did_zeroing = false; 831 832 ASSERT(xfs_isilocked(ip, XFS_IOLOCK_EXCL)); 833 ASSERT(xfs_isilocked(ip, XFS_MMAPLOCK_EXCL)); 834 ASSERT(S_ISREG(inode->i_mode)); 835 ASSERT((iattr->ia_valid & (ATTR_UID|ATTR_GID|ATTR_ATIME|ATTR_ATIME_SET| 836 ATTR_MTIME_SET|ATTR_KILL_PRIV|ATTR_TIMES_SET)) == 0); 837 838 oldsize = inode->i_size; 839 newsize = iattr->ia_size; 840 841 /* 842 * Short circuit the truncate case for zero length files. 843 */ 844 if (newsize == 0 && oldsize == 0 && ip->i_d.di_nextents == 0) { 845 if (!(iattr->ia_valid & (ATTR_CTIME|ATTR_MTIME))) 846 return 0; 847 848 /* 849 * Use the regular setattr path to update the timestamps. 850 */ 851 iattr->ia_valid &= ~ATTR_SIZE; 852 return xfs_setattr_nonsize(ip, iattr, 0); 853 } 854 855 /* 856 * Make sure that the dquots are attached to the inode. 857 */ 858 error = xfs_qm_dqattach(ip, 0); 859 if (error) 860 return error; 861 862 /* 863 * Wait for all direct I/O to complete. 864 */ 865 inode_dio_wait(inode); 866 867 /* 868 * File data changes must be complete before we start the transaction to 869 * modify the inode. This needs to be done before joining the inode to 870 * the transaction because the inode cannot be unlocked once it is a 871 * part of the transaction. 872 * 873 * Start with zeroing any data beyond EOF that we may expose on file 874 * extension, or zeroing out the rest of the block on a downward 875 * truncate. 876 */ 877 if (newsize > oldsize) { 878 trace_xfs_zero_eof(ip, oldsize, newsize - oldsize); 879 error = iomap_zero_range(inode, oldsize, newsize - oldsize, 880 &did_zeroing, &xfs_iomap_ops); 881 } else { 882 error = iomap_truncate_page(inode, newsize, &did_zeroing, 883 &xfs_iomap_ops); 884 } 885 886 if (error) 887 return error; 888 889 /* 890 * We've already locked out new page faults, so now we can safely remove 891 * pages from the page cache knowing they won't get refaulted until we 892 * drop the XFS_MMAP_EXCL lock after the extent manipulations are 893 * complete. The truncate_setsize() call also cleans partial EOF page 894 * PTEs on extending truncates and hence ensures sub-page block size 895 * filesystems are correctly handled, too. 896 * 897 * We have to do all the page cache truncate work outside the 898 * transaction context as the "lock" order is page lock->log space 899 * reservation as defined by extent allocation in the writeback path. 900 * Hence a truncate can fail with ENOMEM from xfs_trans_alloc(), but 901 * having already truncated the in-memory version of the file (i.e. made 902 * user visible changes). There's not much we can do about this, except 903 * to hope that the caller sees ENOMEM and retries the truncate 904 * operation. 905 * 906 * And we update in-core i_size and truncate page cache beyond newsize 907 * before writeback the [di_size, newsize] range, so we're guaranteed 908 * not to write stale data past the new EOF on truncate down. 909 */ 910 truncate_setsize(inode, newsize); 911 912 /* 913 * We are going to log the inode size change in this transaction so 914 * any previous writes that are beyond the on disk EOF and the new 915 * EOF that have not been written out need to be written here. If we 916 * do not write the data out, we expose ourselves to the null files 917 * problem. Note that this includes any block zeroing we did above; 918 * otherwise those blocks may not be zeroed after a crash. 919 */ 920 if (did_zeroing || 921 (newsize > ip->i_d.di_size && oldsize != ip->i_d.di_size)) { 922 error = filemap_write_and_wait_range(VFS_I(ip)->i_mapping, 923 ip->i_d.di_size, newsize - 1); 924 if (error) 925 return error; 926 } 927 928 error = xfs_trans_alloc(mp, &M_RES(mp)->tr_itruncate, 0, 0, 0, &tp); 929 if (error) 930 return error; 931 932 lock_flags |= XFS_ILOCK_EXCL; 933 xfs_ilock(ip, XFS_ILOCK_EXCL); 934 xfs_trans_ijoin(tp, ip, 0); 935 936 /* 937 * Only change the c/mtime if we are changing the size or we are 938 * explicitly asked to change it. This handles the semantic difference 939 * between truncate() and ftruncate() as implemented in the VFS. 940 * 941 * The regular truncate() case without ATTR_CTIME and ATTR_MTIME is a 942 * special case where we need to update the times despite not having 943 * these flags set. For all other operations the VFS set these flags 944 * explicitly if it wants a timestamp update. 945 */ 946 if (newsize != oldsize && 947 !(iattr->ia_valid & (ATTR_CTIME | ATTR_MTIME))) { 948 iattr->ia_ctime = iattr->ia_mtime = 949 current_time(inode); 950 iattr->ia_valid |= ATTR_CTIME | ATTR_MTIME; 951 } 952 953 /* 954 * The first thing we do is set the size to new_size permanently on 955 * disk. This way we don't have to worry about anyone ever being able 956 * to look at the data being freed even in the face of a crash. 957 * What we're getting around here is the case where we free a block, it 958 * is allocated to another file, it is written to, and then we crash. 959 * If the new data gets written to the file but the log buffers 960 * containing the free and reallocation don't, then we'd end up with 961 * garbage in the blocks being freed. As long as we make the new size 962 * permanent before actually freeing any blocks it doesn't matter if 963 * they get written to. 964 */ 965 ip->i_d.di_size = newsize; 966 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 967 968 if (newsize <= oldsize) { 969 error = xfs_itruncate_extents(&tp, ip, XFS_DATA_FORK, newsize); 970 if (error) 971 goto out_trans_cancel; 972 973 /* 974 * Truncated "down", so we're removing references to old data 975 * here - if we delay flushing for a long time, we expose 976 * ourselves unduly to the notorious NULL files problem. So, 977 * we mark this inode and flush it when the file is closed, 978 * and do not wait the usual (long) time for writeout. 979 */ 980 xfs_iflags_set(ip, XFS_ITRUNCATED); 981 982 /* A truncate down always removes post-EOF blocks. */ 983 xfs_inode_clear_eofblocks_tag(ip); 984 } 985 986 if (iattr->ia_valid & ATTR_MODE) 987 xfs_setattr_mode(ip, iattr); 988 if (iattr->ia_valid & (ATTR_ATIME|ATTR_CTIME|ATTR_MTIME)) 989 xfs_setattr_time(ip, iattr); 990 991 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 992 993 XFS_STATS_INC(mp, xs_ig_attrchg); 994 995 if (mp->m_flags & XFS_MOUNT_WSYNC) 996 xfs_trans_set_sync(tp); 997 998 error = xfs_trans_commit(tp); 999 out_unlock: 1000 if (lock_flags) 1001 xfs_iunlock(ip, lock_flags); 1002 return error; 1003 1004 out_trans_cancel: 1005 xfs_trans_cancel(tp); 1006 goto out_unlock; 1007 } 1008 1009 int 1010 xfs_vn_setattr_size( 1011 struct dentry *dentry, 1012 struct iattr *iattr) 1013 { 1014 struct xfs_inode *ip = XFS_I(d_inode(dentry)); 1015 int error; 1016 1017 trace_xfs_setattr(ip); 1018 1019 error = xfs_vn_change_ok(dentry, iattr); 1020 if (error) 1021 return error; 1022 return xfs_setattr_size(ip, iattr); 1023 } 1024 1025 STATIC int 1026 xfs_vn_setattr( 1027 struct dentry *dentry, 1028 struct iattr *iattr) 1029 { 1030 int error; 1031 1032 if (iattr->ia_valid & ATTR_SIZE) { 1033 struct xfs_inode *ip = XFS_I(d_inode(dentry)); 1034 uint iolock = XFS_IOLOCK_EXCL; 1035 1036 error = xfs_break_layouts(d_inode(dentry), &iolock); 1037 if (error) 1038 return error; 1039 1040 xfs_ilock(ip, XFS_MMAPLOCK_EXCL); 1041 error = xfs_vn_setattr_size(dentry, iattr); 1042 xfs_iunlock(ip, XFS_MMAPLOCK_EXCL); 1043 } else { 1044 error = xfs_vn_setattr_nonsize(dentry, iattr); 1045 } 1046 1047 return error; 1048 } 1049 1050 STATIC int 1051 xfs_vn_update_time( 1052 struct inode *inode, 1053 struct timespec *now, 1054 int flags) 1055 { 1056 struct xfs_inode *ip = XFS_I(inode); 1057 struct xfs_mount *mp = ip->i_mount; 1058 int log_flags = XFS_ILOG_TIMESTAMP; 1059 struct xfs_trans *tp; 1060 int error; 1061 1062 trace_xfs_update_time(ip); 1063 1064 if (inode->i_sb->s_flags & SB_LAZYTIME) { 1065 if (!((flags & S_VERSION) && 1066 inode_maybe_inc_iversion(inode, false))) 1067 return generic_update_time(inode, now, flags); 1068 1069 /* Capture the iversion update that just occurred */ 1070 log_flags |= XFS_ILOG_CORE; 1071 } 1072 1073 error = xfs_trans_alloc(mp, &M_RES(mp)->tr_fsyncts, 0, 0, 0, &tp); 1074 if (error) 1075 return error; 1076 1077 xfs_ilock(ip, XFS_ILOCK_EXCL); 1078 if (flags & S_CTIME) 1079 inode->i_ctime = *now; 1080 if (flags & S_MTIME) 1081 inode->i_mtime = *now; 1082 if (flags & S_ATIME) 1083 inode->i_atime = *now; 1084 1085 xfs_trans_ijoin(tp, ip, XFS_ILOCK_EXCL); 1086 xfs_trans_log_inode(tp, ip, log_flags); 1087 return xfs_trans_commit(tp); 1088 } 1089 1090 STATIC int 1091 xfs_vn_fiemap( 1092 struct inode *inode, 1093 struct fiemap_extent_info *fieinfo, 1094 u64 start, 1095 u64 length) 1096 { 1097 int error; 1098 1099 xfs_ilock(XFS_I(inode), XFS_IOLOCK_SHARED); 1100 if (fieinfo->fi_flags & FIEMAP_FLAG_XATTR) { 1101 fieinfo->fi_flags &= ~FIEMAP_FLAG_XATTR; 1102 error = iomap_fiemap(inode, fieinfo, start, length, 1103 &xfs_xattr_iomap_ops); 1104 } else { 1105 error = iomap_fiemap(inode, fieinfo, start, length, 1106 &xfs_iomap_ops); 1107 } 1108 xfs_iunlock(XFS_I(inode), XFS_IOLOCK_SHARED); 1109 1110 return error; 1111 } 1112 1113 STATIC int 1114 xfs_vn_tmpfile( 1115 struct inode *dir, 1116 struct dentry *dentry, 1117 umode_t mode) 1118 { 1119 return xfs_generic_create(dir, dentry, mode, 0, true); 1120 } 1121 1122 static const struct inode_operations xfs_inode_operations = { 1123 .get_acl = xfs_get_acl, 1124 .set_acl = xfs_set_acl, 1125 .getattr = xfs_vn_getattr, 1126 .setattr = xfs_vn_setattr, 1127 .listxattr = xfs_vn_listxattr, 1128 .fiemap = xfs_vn_fiemap, 1129 .update_time = xfs_vn_update_time, 1130 }; 1131 1132 static const struct inode_operations xfs_dir_inode_operations = { 1133 .create = xfs_vn_create, 1134 .lookup = xfs_vn_lookup, 1135 .link = xfs_vn_link, 1136 .unlink = xfs_vn_unlink, 1137 .symlink = xfs_vn_symlink, 1138 .mkdir = xfs_vn_mkdir, 1139 /* 1140 * Yes, XFS uses the same method for rmdir and unlink. 1141 * 1142 * There are some subtile differences deeper in the code, 1143 * but we use S_ISDIR to check for those. 1144 */ 1145 .rmdir = xfs_vn_unlink, 1146 .mknod = xfs_vn_mknod, 1147 .rename = xfs_vn_rename, 1148 .get_acl = xfs_get_acl, 1149 .set_acl = xfs_set_acl, 1150 .getattr = xfs_vn_getattr, 1151 .setattr = xfs_vn_setattr, 1152 .listxattr = xfs_vn_listxattr, 1153 .update_time = xfs_vn_update_time, 1154 .tmpfile = xfs_vn_tmpfile, 1155 }; 1156 1157 static const struct inode_operations xfs_dir_ci_inode_operations = { 1158 .create = xfs_vn_create, 1159 .lookup = xfs_vn_ci_lookup, 1160 .link = xfs_vn_link, 1161 .unlink = xfs_vn_unlink, 1162 .symlink = xfs_vn_symlink, 1163 .mkdir = xfs_vn_mkdir, 1164 /* 1165 * Yes, XFS uses the same method for rmdir and unlink. 1166 * 1167 * There are some subtile differences deeper in the code, 1168 * but we use S_ISDIR to check for those. 1169 */ 1170 .rmdir = xfs_vn_unlink, 1171 .mknod = xfs_vn_mknod, 1172 .rename = xfs_vn_rename, 1173 .get_acl = xfs_get_acl, 1174 .set_acl = xfs_set_acl, 1175 .getattr = xfs_vn_getattr, 1176 .setattr = xfs_vn_setattr, 1177 .listxattr = xfs_vn_listxattr, 1178 .update_time = xfs_vn_update_time, 1179 .tmpfile = xfs_vn_tmpfile, 1180 }; 1181 1182 static const struct inode_operations xfs_symlink_inode_operations = { 1183 .get_link = xfs_vn_get_link, 1184 .getattr = xfs_vn_getattr, 1185 .setattr = xfs_vn_setattr, 1186 .listxattr = xfs_vn_listxattr, 1187 .update_time = xfs_vn_update_time, 1188 }; 1189 1190 static const struct inode_operations xfs_inline_symlink_inode_operations = { 1191 .get_link = xfs_vn_get_link_inline, 1192 .getattr = xfs_vn_getattr, 1193 .setattr = xfs_vn_setattr, 1194 .listxattr = xfs_vn_listxattr, 1195 .update_time = xfs_vn_update_time, 1196 }; 1197 1198 STATIC void 1199 xfs_diflags_to_iflags( 1200 struct inode *inode, 1201 struct xfs_inode *ip) 1202 { 1203 uint16_t flags = ip->i_d.di_flags; 1204 1205 inode->i_flags &= ~(S_IMMUTABLE | S_APPEND | S_SYNC | 1206 S_NOATIME | S_DAX); 1207 1208 if (flags & XFS_DIFLAG_IMMUTABLE) 1209 inode->i_flags |= S_IMMUTABLE; 1210 if (flags & XFS_DIFLAG_APPEND) 1211 inode->i_flags |= S_APPEND; 1212 if (flags & XFS_DIFLAG_SYNC) 1213 inode->i_flags |= S_SYNC; 1214 if (flags & XFS_DIFLAG_NOATIME) 1215 inode->i_flags |= S_NOATIME; 1216 if (S_ISREG(inode->i_mode) && 1217 ip->i_mount->m_sb.sb_blocksize == PAGE_SIZE && 1218 !xfs_is_reflink_inode(ip) && 1219 (ip->i_mount->m_flags & XFS_MOUNT_DAX || 1220 ip->i_d.di_flags2 & XFS_DIFLAG2_DAX)) 1221 inode->i_flags |= S_DAX; 1222 } 1223 1224 /* 1225 * Initialize the Linux inode. 1226 * 1227 * When reading existing inodes from disk this is called directly from xfs_iget, 1228 * when creating a new inode it is called from xfs_ialloc after setting up the 1229 * inode. These callers have different criteria for clearing XFS_INEW, so leave 1230 * it up to the caller to deal with unlocking the inode appropriately. 1231 */ 1232 void 1233 xfs_setup_inode( 1234 struct xfs_inode *ip) 1235 { 1236 struct inode *inode = &ip->i_vnode; 1237 gfp_t gfp_mask; 1238 1239 inode->i_ino = ip->i_ino; 1240 inode->i_state = I_NEW; 1241 1242 inode_sb_list_add(inode); 1243 /* make the inode look hashed for the writeback code */ 1244 hlist_add_fake(&inode->i_hash); 1245 1246 inode->i_uid = xfs_uid_to_kuid(ip->i_d.di_uid); 1247 inode->i_gid = xfs_gid_to_kgid(ip->i_d.di_gid); 1248 1249 i_size_write(inode, ip->i_d.di_size); 1250 xfs_diflags_to_iflags(inode, ip); 1251 1252 if (S_ISDIR(inode->i_mode)) { 1253 lockdep_set_class(&ip->i_lock.mr_lock, &xfs_dir_ilock_class); 1254 ip->d_ops = ip->i_mount->m_dir_inode_ops; 1255 } else { 1256 ip->d_ops = ip->i_mount->m_nondir_inode_ops; 1257 lockdep_set_class(&ip->i_lock.mr_lock, &xfs_nondir_ilock_class); 1258 } 1259 1260 /* 1261 * Ensure all page cache allocations are done from GFP_NOFS context to 1262 * prevent direct reclaim recursion back into the filesystem and blowing 1263 * stacks or deadlocking. 1264 */ 1265 gfp_mask = mapping_gfp_mask(inode->i_mapping); 1266 mapping_set_gfp_mask(inode->i_mapping, (gfp_mask & ~(__GFP_FS))); 1267 1268 /* 1269 * If there is no attribute fork no ACL can exist on this inode, 1270 * and it can't have any file capabilities attached to it either. 1271 */ 1272 if (!XFS_IFORK_Q(ip)) { 1273 inode_has_no_xattr(inode); 1274 cache_no_acl(inode); 1275 } 1276 } 1277 1278 void 1279 xfs_setup_iops( 1280 struct xfs_inode *ip) 1281 { 1282 struct inode *inode = &ip->i_vnode; 1283 1284 switch (inode->i_mode & S_IFMT) { 1285 case S_IFREG: 1286 inode->i_op = &xfs_inode_operations; 1287 inode->i_fop = &xfs_file_operations; 1288 inode->i_mapping->a_ops = &xfs_address_space_operations; 1289 break; 1290 case S_IFDIR: 1291 if (xfs_sb_version_hasasciici(&XFS_M(inode->i_sb)->m_sb)) 1292 inode->i_op = &xfs_dir_ci_inode_operations; 1293 else 1294 inode->i_op = &xfs_dir_inode_operations; 1295 inode->i_fop = &xfs_dir_file_operations; 1296 break; 1297 case S_IFLNK: 1298 if (ip->i_df.if_flags & XFS_IFINLINE) 1299 inode->i_op = &xfs_inline_symlink_inode_operations; 1300 else 1301 inode->i_op = &xfs_symlink_inode_operations; 1302 break; 1303 default: 1304 inode->i_op = &xfs_inode_operations; 1305 init_special_inode(inode, inode->i_mode, inode->i_rdev); 1306 break; 1307 } 1308 } 1309