1 /* 2 * Copyright (c) 2000-2005 Silicon Graphics, Inc. 3 * All Rights Reserved. 4 * 5 * This program is free software; you can redistribute it and/or 6 * modify it under the terms of the GNU General Public License as 7 * published by the Free Software Foundation. 8 * 9 * This program is distributed in the hope that it would be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, write the Free Software Foundation, 16 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 17 */ 18 #include "xfs.h" 19 #include "xfs_fs.h" 20 #include "xfs_shared.h" 21 #include "xfs_format.h" 22 #include "xfs_log_format.h" 23 #include "xfs_trans_resv.h" 24 #include "xfs_mount.h" 25 #include "xfs_da_format.h" 26 #include "xfs_inode.h" 27 #include "xfs_bmap.h" 28 #include "xfs_bmap_util.h" 29 #include "xfs_acl.h" 30 #include "xfs_quota.h" 31 #include "xfs_error.h" 32 #include "xfs_attr.h" 33 #include "xfs_trans.h" 34 #include "xfs_trace.h" 35 #include "xfs_icache.h" 36 #include "xfs_symlink.h" 37 #include "xfs_da_btree.h" 38 #include "xfs_dir2.h" 39 #include "xfs_trans_space.h" 40 #include "xfs_pnfs.h" 41 42 #include <linux/capability.h> 43 #include <linux/xattr.h> 44 #include <linux/posix_acl.h> 45 #include <linux/security.h> 46 #include <linux/fiemap.h> 47 #include <linux/slab.h> 48 49 /* 50 * Directories have different lock order w.r.t. mmap_sem compared to regular 51 * files. This is due to readdir potentially triggering page faults on a user 52 * buffer inside filldir(), and this happens with the ilock on the directory 53 * held. For regular files, the lock order is the other way around - the 54 * mmap_sem is taken during the page fault, and then we lock the ilock to do 55 * block mapping. Hence we need a different class for the directory ilock so 56 * that lockdep can tell them apart. 57 */ 58 static struct lock_class_key xfs_nondir_ilock_class; 59 static struct lock_class_key xfs_dir_ilock_class; 60 61 static int 62 xfs_initxattrs( 63 struct inode *inode, 64 const struct xattr *xattr_array, 65 void *fs_info) 66 { 67 const struct xattr *xattr; 68 struct xfs_inode *ip = XFS_I(inode); 69 int error = 0; 70 71 for (xattr = xattr_array; xattr->name != NULL; xattr++) { 72 error = xfs_attr_set(ip, xattr->name, xattr->value, 73 xattr->value_len, ATTR_SECURE); 74 if (error < 0) 75 break; 76 } 77 return error; 78 } 79 80 /* 81 * Hook in SELinux. This is not quite correct yet, what we really need 82 * here (as we do for default ACLs) is a mechanism by which creation of 83 * these attrs can be journalled at inode creation time (along with the 84 * inode, of course, such that log replay can't cause these to be lost). 85 */ 86 87 STATIC int 88 xfs_init_security( 89 struct inode *inode, 90 struct inode *dir, 91 const struct qstr *qstr) 92 { 93 return security_inode_init_security(inode, dir, qstr, 94 &xfs_initxattrs, NULL); 95 } 96 97 static void 98 xfs_dentry_to_name( 99 struct xfs_name *namep, 100 struct dentry *dentry, 101 int mode) 102 { 103 namep->name = dentry->d_name.name; 104 namep->len = dentry->d_name.len; 105 namep->type = xfs_mode_to_ftype[(mode & S_IFMT) >> S_SHIFT]; 106 } 107 108 STATIC void 109 xfs_cleanup_inode( 110 struct inode *dir, 111 struct inode *inode, 112 struct dentry *dentry) 113 { 114 struct xfs_name teardown; 115 116 /* Oh, the horror. 117 * If we can't add the ACL or we fail in 118 * xfs_init_security we must back out. 119 * ENOSPC can hit here, among other things. 120 */ 121 xfs_dentry_to_name(&teardown, dentry, 0); 122 123 xfs_remove(XFS_I(dir), &teardown, XFS_I(inode)); 124 } 125 126 STATIC int 127 xfs_generic_create( 128 struct inode *dir, 129 struct dentry *dentry, 130 umode_t mode, 131 dev_t rdev, 132 bool tmpfile) /* unnamed file */ 133 { 134 struct inode *inode; 135 struct xfs_inode *ip = NULL; 136 struct posix_acl *default_acl, *acl; 137 struct xfs_name name; 138 int error; 139 140 /* 141 * Irix uses Missed'em'V split, but doesn't want to see 142 * the upper 5 bits of (14bit) major. 143 */ 144 if (S_ISCHR(mode) || S_ISBLK(mode)) { 145 if (unlikely(!sysv_valid_dev(rdev) || MAJOR(rdev) & ~0x1ff)) 146 return -EINVAL; 147 rdev = sysv_encode_dev(rdev); 148 } else { 149 rdev = 0; 150 } 151 152 error = posix_acl_create(dir, &mode, &default_acl, &acl); 153 if (error) 154 return error; 155 156 if (!tmpfile) { 157 xfs_dentry_to_name(&name, dentry, mode); 158 error = xfs_create(XFS_I(dir), &name, mode, rdev, &ip); 159 } else { 160 error = xfs_create_tmpfile(XFS_I(dir), dentry, mode, &ip); 161 } 162 if (unlikely(error)) 163 goto out_free_acl; 164 165 inode = VFS_I(ip); 166 167 error = xfs_init_security(inode, dir, &dentry->d_name); 168 if (unlikely(error)) 169 goto out_cleanup_inode; 170 171 #ifdef CONFIG_XFS_POSIX_ACL 172 if (default_acl) { 173 error = xfs_set_acl(inode, default_acl, ACL_TYPE_DEFAULT); 174 if (error) 175 goto out_cleanup_inode; 176 } 177 if (acl) { 178 error = xfs_set_acl(inode, acl, ACL_TYPE_ACCESS); 179 if (error) 180 goto out_cleanup_inode; 181 } 182 #endif 183 184 if (tmpfile) 185 d_tmpfile(dentry, inode); 186 else 187 d_instantiate(dentry, inode); 188 189 xfs_finish_inode_setup(ip); 190 191 out_free_acl: 192 if (default_acl) 193 posix_acl_release(default_acl); 194 if (acl) 195 posix_acl_release(acl); 196 return error; 197 198 out_cleanup_inode: 199 xfs_finish_inode_setup(ip); 200 if (!tmpfile) 201 xfs_cleanup_inode(dir, inode, dentry); 202 iput(inode); 203 goto out_free_acl; 204 } 205 206 STATIC int 207 xfs_vn_mknod( 208 struct inode *dir, 209 struct dentry *dentry, 210 umode_t mode, 211 dev_t rdev) 212 { 213 return xfs_generic_create(dir, dentry, mode, rdev, false); 214 } 215 216 STATIC int 217 xfs_vn_create( 218 struct inode *dir, 219 struct dentry *dentry, 220 umode_t mode, 221 bool flags) 222 { 223 return xfs_vn_mknod(dir, dentry, mode, 0); 224 } 225 226 STATIC int 227 xfs_vn_mkdir( 228 struct inode *dir, 229 struct dentry *dentry, 230 umode_t mode) 231 { 232 return xfs_vn_mknod(dir, dentry, mode|S_IFDIR, 0); 233 } 234 235 STATIC struct dentry * 236 xfs_vn_lookup( 237 struct inode *dir, 238 struct dentry *dentry, 239 unsigned int flags) 240 { 241 struct xfs_inode *cip; 242 struct xfs_name name; 243 int error; 244 245 if (dentry->d_name.len >= MAXNAMELEN) 246 return ERR_PTR(-ENAMETOOLONG); 247 248 xfs_dentry_to_name(&name, dentry, 0); 249 error = xfs_lookup(XFS_I(dir), &name, &cip, NULL); 250 if (unlikely(error)) { 251 if (unlikely(error != -ENOENT)) 252 return ERR_PTR(error); 253 d_add(dentry, NULL); 254 return NULL; 255 } 256 257 return d_splice_alias(VFS_I(cip), dentry); 258 } 259 260 STATIC struct dentry * 261 xfs_vn_ci_lookup( 262 struct inode *dir, 263 struct dentry *dentry, 264 unsigned int flags) 265 { 266 struct xfs_inode *ip; 267 struct xfs_name xname; 268 struct xfs_name ci_name; 269 struct qstr dname; 270 int error; 271 272 if (dentry->d_name.len >= MAXNAMELEN) 273 return ERR_PTR(-ENAMETOOLONG); 274 275 xfs_dentry_to_name(&xname, dentry, 0); 276 error = xfs_lookup(XFS_I(dir), &xname, &ip, &ci_name); 277 if (unlikely(error)) { 278 if (unlikely(error != -ENOENT)) 279 return ERR_PTR(error); 280 /* 281 * call d_add(dentry, NULL) here when d_drop_negative_children 282 * is called in xfs_vn_mknod (ie. allow negative dentries 283 * with CI filesystems). 284 */ 285 return NULL; 286 } 287 288 /* if exact match, just splice and exit */ 289 if (!ci_name.name) 290 return d_splice_alias(VFS_I(ip), dentry); 291 292 /* else case-insensitive match... */ 293 dname.name = ci_name.name; 294 dname.len = ci_name.len; 295 dentry = d_add_ci(dentry, VFS_I(ip), &dname); 296 kmem_free(ci_name.name); 297 return dentry; 298 } 299 300 STATIC int 301 xfs_vn_link( 302 struct dentry *old_dentry, 303 struct inode *dir, 304 struct dentry *dentry) 305 { 306 struct inode *inode = d_inode(old_dentry); 307 struct xfs_name name; 308 int error; 309 310 xfs_dentry_to_name(&name, dentry, inode->i_mode); 311 312 error = xfs_link(XFS_I(dir), XFS_I(inode), &name); 313 if (unlikely(error)) 314 return error; 315 316 ihold(inode); 317 d_instantiate(dentry, inode); 318 return 0; 319 } 320 321 STATIC int 322 xfs_vn_unlink( 323 struct inode *dir, 324 struct dentry *dentry) 325 { 326 struct xfs_name name; 327 int error; 328 329 xfs_dentry_to_name(&name, dentry, 0); 330 331 error = xfs_remove(XFS_I(dir), &name, XFS_I(d_inode(dentry))); 332 if (error) 333 return error; 334 335 /* 336 * With unlink, the VFS makes the dentry "negative": no inode, 337 * but still hashed. This is incompatible with case-insensitive 338 * mode, so invalidate (unhash) the dentry in CI-mode. 339 */ 340 if (xfs_sb_version_hasasciici(&XFS_M(dir->i_sb)->m_sb)) 341 d_invalidate(dentry); 342 return 0; 343 } 344 345 STATIC int 346 xfs_vn_symlink( 347 struct inode *dir, 348 struct dentry *dentry, 349 const char *symname) 350 { 351 struct inode *inode; 352 struct xfs_inode *cip = NULL; 353 struct xfs_name name; 354 int error; 355 umode_t mode; 356 357 mode = S_IFLNK | 358 (irix_symlink_mode ? 0777 & ~current_umask() : S_IRWXUGO); 359 xfs_dentry_to_name(&name, dentry, mode); 360 361 error = xfs_symlink(XFS_I(dir), &name, symname, mode, &cip); 362 if (unlikely(error)) 363 goto out; 364 365 inode = VFS_I(cip); 366 367 error = xfs_init_security(inode, dir, &dentry->d_name); 368 if (unlikely(error)) 369 goto out_cleanup_inode; 370 371 d_instantiate(dentry, inode); 372 xfs_finish_inode_setup(cip); 373 return 0; 374 375 out_cleanup_inode: 376 xfs_finish_inode_setup(cip); 377 xfs_cleanup_inode(dir, inode, dentry); 378 iput(inode); 379 out: 380 return error; 381 } 382 383 STATIC int 384 xfs_vn_rename( 385 struct inode *odir, 386 struct dentry *odentry, 387 struct inode *ndir, 388 struct dentry *ndentry, 389 unsigned int flags) 390 { 391 struct inode *new_inode = d_inode(ndentry); 392 int omode = 0; 393 struct xfs_name oname; 394 struct xfs_name nname; 395 396 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT)) 397 return -EINVAL; 398 399 /* if we are exchanging files, we need to set i_mode of both files */ 400 if (flags & RENAME_EXCHANGE) 401 omode = d_inode(ndentry)->i_mode; 402 403 xfs_dentry_to_name(&oname, odentry, omode); 404 xfs_dentry_to_name(&nname, ndentry, d_inode(odentry)->i_mode); 405 406 return xfs_rename(XFS_I(odir), &oname, XFS_I(d_inode(odentry)), 407 XFS_I(ndir), &nname, 408 new_inode ? XFS_I(new_inode) : NULL, flags); 409 } 410 411 /* 412 * careful here - this function can get called recursively, so 413 * we need to be very careful about how much stack we use. 414 * uio is kmalloced for this reason... 415 */ 416 STATIC const char * 417 xfs_vn_follow_link( 418 struct dentry *dentry, 419 void **cookie) 420 { 421 char *link; 422 int error = -ENOMEM; 423 424 link = kmalloc(MAXPATHLEN+1, GFP_KERNEL); 425 if (!link) 426 goto out_err; 427 428 error = xfs_readlink(XFS_I(d_inode(dentry)), link); 429 if (unlikely(error)) 430 goto out_kfree; 431 432 return *cookie = link; 433 434 out_kfree: 435 kfree(link); 436 out_err: 437 return ERR_PTR(error); 438 } 439 440 STATIC int 441 xfs_vn_getattr( 442 struct vfsmount *mnt, 443 struct dentry *dentry, 444 struct kstat *stat) 445 { 446 struct inode *inode = d_inode(dentry); 447 struct xfs_inode *ip = XFS_I(inode); 448 struct xfs_mount *mp = ip->i_mount; 449 450 trace_xfs_getattr(ip); 451 452 if (XFS_FORCED_SHUTDOWN(mp)) 453 return -EIO; 454 455 stat->size = XFS_ISIZE(ip); 456 stat->dev = inode->i_sb->s_dev; 457 stat->mode = ip->i_d.di_mode; 458 stat->nlink = ip->i_d.di_nlink; 459 stat->uid = inode->i_uid; 460 stat->gid = inode->i_gid; 461 stat->ino = ip->i_ino; 462 stat->atime = inode->i_atime; 463 stat->mtime = inode->i_mtime; 464 stat->ctime = inode->i_ctime; 465 stat->blocks = 466 XFS_FSB_TO_BB(mp, ip->i_d.di_nblocks + ip->i_delayed_blks); 467 468 469 switch (inode->i_mode & S_IFMT) { 470 case S_IFBLK: 471 case S_IFCHR: 472 stat->blksize = BLKDEV_IOSIZE; 473 stat->rdev = MKDEV(sysv_major(ip->i_df.if_u2.if_rdev) & 0x1ff, 474 sysv_minor(ip->i_df.if_u2.if_rdev)); 475 break; 476 default: 477 if (XFS_IS_REALTIME_INODE(ip)) { 478 /* 479 * If the file blocks are being allocated from a 480 * realtime volume, then return the inode's realtime 481 * extent size or the realtime volume's extent size. 482 */ 483 stat->blksize = 484 xfs_get_extsz_hint(ip) << mp->m_sb.sb_blocklog; 485 } else 486 stat->blksize = xfs_preferred_iosize(mp); 487 stat->rdev = 0; 488 break; 489 } 490 491 return 0; 492 } 493 494 static void 495 xfs_setattr_mode( 496 struct xfs_inode *ip, 497 struct iattr *iattr) 498 { 499 struct inode *inode = VFS_I(ip); 500 umode_t mode = iattr->ia_mode; 501 502 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL)); 503 504 ip->i_d.di_mode &= S_IFMT; 505 ip->i_d.di_mode |= mode & ~S_IFMT; 506 507 inode->i_mode &= S_IFMT; 508 inode->i_mode |= mode & ~S_IFMT; 509 } 510 511 void 512 xfs_setattr_time( 513 struct xfs_inode *ip, 514 struct iattr *iattr) 515 { 516 struct inode *inode = VFS_I(ip); 517 518 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL)); 519 520 if (iattr->ia_valid & ATTR_ATIME) { 521 inode->i_atime = iattr->ia_atime; 522 ip->i_d.di_atime.t_sec = iattr->ia_atime.tv_sec; 523 ip->i_d.di_atime.t_nsec = iattr->ia_atime.tv_nsec; 524 } 525 if (iattr->ia_valid & ATTR_CTIME) { 526 inode->i_ctime = iattr->ia_ctime; 527 ip->i_d.di_ctime.t_sec = iattr->ia_ctime.tv_sec; 528 ip->i_d.di_ctime.t_nsec = iattr->ia_ctime.tv_nsec; 529 } 530 if (iattr->ia_valid & ATTR_MTIME) { 531 inode->i_mtime = iattr->ia_mtime; 532 ip->i_d.di_mtime.t_sec = iattr->ia_mtime.tv_sec; 533 ip->i_d.di_mtime.t_nsec = iattr->ia_mtime.tv_nsec; 534 } 535 } 536 537 int 538 xfs_setattr_nonsize( 539 struct xfs_inode *ip, 540 struct iattr *iattr, 541 int flags) 542 { 543 xfs_mount_t *mp = ip->i_mount; 544 struct inode *inode = VFS_I(ip); 545 int mask = iattr->ia_valid; 546 xfs_trans_t *tp; 547 int error; 548 kuid_t uid = GLOBAL_ROOT_UID, iuid = GLOBAL_ROOT_UID; 549 kgid_t gid = GLOBAL_ROOT_GID, igid = GLOBAL_ROOT_GID; 550 struct xfs_dquot *udqp = NULL, *gdqp = NULL; 551 struct xfs_dquot *olddquot1 = NULL, *olddquot2 = NULL; 552 553 trace_xfs_setattr(ip); 554 555 /* If acls are being inherited, we already have this checked */ 556 if (!(flags & XFS_ATTR_NOACL)) { 557 if (mp->m_flags & XFS_MOUNT_RDONLY) 558 return -EROFS; 559 560 if (XFS_FORCED_SHUTDOWN(mp)) 561 return -EIO; 562 563 error = inode_change_ok(inode, iattr); 564 if (error) 565 return error; 566 } 567 568 ASSERT((mask & ATTR_SIZE) == 0); 569 570 /* 571 * If disk quotas is on, we make sure that the dquots do exist on disk, 572 * before we start any other transactions. Trying to do this later 573 * is messy. We don't care to take a readlock to look at the ids 574 * in inode here, because we can't hold it across the trans_reserve. 575 * If the IDs do change before we take the ilock, we're covered 576 * because the i_*dquot fields will get updated anyway. 577 */ 578 if (XFS_IS_QUOTA_ON(mp) && (mask & (ATTR_UID|ATTR_GID))) { 579 uint qflags = 0; 580 581 if ((mask & ATTR_UID) && XFS_IS_UQUOTA_ON(mp)) { 582 uid = iattr->ia_uid; 583 qflags |= XFS_QMOPT_UQUOTA; 584 } else { 585 uid = inode->i_uid; 586 } 587 if ((mask & ATTR_GID) && XFS_IS_GQUOTA_ON(mp)) { 588 gid = iattr->ia_gid; 589 qflags |= XFS_QMOPT_GQUOTA; 590 } else { 591 gid = inode->i_gid; 592 } 593 594 /* 595 * We take a reference when we initialize udqp and gdqp, 596 * so it is important that we never blindly double trip on 597 * the same variable. See xfs_create() for an example. 598 */ 599 ASSERT(udqp == NULL); 600 ASSERT(gdqp == NULL); 601 error = xfs_qm_vop_dqalloc(ip, xfs_kuid_to_uid(uid), 602 xfs_kgid_to_gid(gid), 603 xfs_get_projid(ip), 604 qflags, &udqp, &gdqp, NULL); 605 if (error) 606 return error; 607 } 608 609 tp = xfs_trans_alloc(mp, XFS_TRANS_SETATTR_NOT_SIZE); 610 error = xfs_trans_reserve(tp, &M_RES(mp)->tr_ichange, 0, 0); 611 if (error) 612 goto out_dqrele; 613 614 xfs_ilock(ip, XFS_ILOCK_EXCL); 615 616 /* 617 * Change file ownership. Must be the owner or privileged. 618 */ 619 if (mask & (ATTR_UID|ATTR_GID)) { 620 /* 621 * These IDs could have changed since we last looked at them. 622 * But, we're assured that if the ownership did change 623 * while we didn't have the inode locked, inode's dquot(s) 624 * would have changed also. 625 */ 626 iuid = inode->i_uid; 627 igid = inode->i_gid; 628 gid = (mask & ATTR_GID) ? iattr->ia_gid : igid; 629 uid = (mask & ATTR_UID) ? iattr->ia_uid : iuid; 630 631 /* 632 * Do a quota reservation only if uid/gid is actually 633 * going to change. 634 */ 635 if (XFS_IS_QUOTA_RUNNING(mp) && 636 ((XFS_IS_UQUOTA_ON(mp) && !uid_eq(iuid, uid)) || 637 (XFS_IS_GQUOTA_ON(mp) && !gid_eq(igid, gid)))) { 638 ASSERT(tp); 639 error = xfs_qm_vop_chown_reserve(tp, ip, udqp, gdqp, 640 NULL, capable(CAP_FOWNER) ? 641 XFS_QMOPT_FORCE_RES : 0); 642 if (error) /* out of quota */ 643 goto out_trans_cancel; 644 } 645 } 646 647 xfs_trans_ijoin(tp, ip, 0); 648 649 /* 650 * Change file ownership. Must be the owner or privileged. 651 */ 652 if (mask & (ATTR_UID|ATTR_GID)) { 653 /* 654 * CAP_FSETID overrides the following restrictions: 655 * 656 * The set-user-ID and set-group-ID bits of a file will be 657 * cleared upon successful return from chown() 658 */ 659 if ((ip->i_d.di_mode & (S_ISUID|S_ISGID)) && 660 !capable(CAP_FSETID)) 661 ip->i_d.di_mode &= ~(S_ISUID|S_ISGID); 662 663 /* 664 * Change the ownerships and register quota modifications 665 * in the transaction. 666 */ 667 if (!uid_eq(iuid, uid)) { 668 if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_UQUOTA_ON(mp)) { 669 ASSERT(mask & ATTR_UID); 670 ASSERT(udqp); 671 olddquot1 = xfs_qm_vop_chown(tp, ip, 672 &ip->i_udquot, udqp); 673 } 674 ip->i_d.di_uid = xfs_kuid_to_uid(uid); 675 inode->i_uid = uid; 676 } 677 if (!gid_eq(igid, gid)) { 678 if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_GQUOTA_ON(mp)) { 679 ASSERT(xfs_sb_version_has_pquotino(&mp->m_sb) || 680 !XFS_IS_PQUOTA_ON(mp)); 681 ASSERT(mask & ATTR_GID); 682 ASSERT(gdqp); 683 olddquot2 = xfs_qm_vop_chown(tp, ip, 684 &ip->i_gdquot, gdqp); 685 } 686 ip->i_d.di_gid = xfs_kgid_to_gid(gid); 687 inode->i_gid = gid; 688 } 689 } 690 691 if (mask & ATTR_MODE) 692 xfs_setattr_mode(ip, iattr); 693 if (mask & (ATTR_ATIME|ATTR_CTIME|ATTR_MTIME)) 694 xfs_setattr_time(ip, iattr); 695 696 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 697 698 XFS_STATS_INC(xs_ig_attrchg); 699 700 if (mp->m_flags & XFS_MOUNT_WSYNC) 701 xfs_trans_set_sync(tp); 702 error = xfs_trans_commit(tp); 703 704 xfs_iunlock(ip, XFS_ILOCK_EXCL); 705 706 /* 707 * Release any dquot(s) the inode had kept before chown. 708 */ 709 xfs_qm_dqrele(olddquot1); 710 xfs_qm_dqrele(olddquot2); 711 xfs_qm_dqrele(udqp); 712 xfs_qm_dqrele(gdqp); 713 714 if (error) 715 return error; 716 717 /* 718 * XXX(hch): Updating the ACL entries is not atomic vs the i_mode 719 * update. We could avoid this with linked transactions 720 * and passing down the transaction pointer all the way 721 * to attr_set. No previous user of the generic 722 * Posix ACL code seems to care about this issue either. 723 */ 724 if ((mask & ATTR_MODE) && !(flags & XFS_ATTR_NOACL)) { 725 error = posix_acl_chmod(inode, inode->i_mode); 726 if (error) 727 return error; 728 } 729 730 return 0; 731 732 out_trans_cancel: 733 xfs_trans_cancel(tp); 734 xfs_iunlock(ip, XFS_ILOCK_EXCL); 735 out_dqrele: 736 xfs_qm_dqrele(udqp); 737 xfs_qm_dqrele(gdqp); 738 return error; 739 } 740 741 /* 742 * Truncate file. Must have write permission and not be a directory. 743 */ 744 int 745 xfs_setattr_size( 746 struct xfs_inode *ip, 747 struct iattr *iattr) 748 { 749 struct xfs_mount *mp = ip->i_mount; 750 struct inode *inode = VFS_I(ip); 751 xfs_off_t oldsize, newsize; 752 struct xfs_trans *tp; 753 int error; 754 uint lock_flags = 0; 755 bool did_zeroing = false; 756 757 trace_xfs_setattr(ip); 758 759 if (mp->m_flags & XFS_MOUNT_RDONLY) 760 return -EROFS; 761 762 if (XFS_FORCED_SHUTDOWN(mp)) 763 return -EIO; 764 765 error = inode_change_ok(inode, iattr); 766 if (error) 767 return error; 768 769 ASSERT(xfs_isilocked(ip, XFS_IOLOCK_EXCL)); 770 ASSERT(xfs_isilocked(ip, XFS_MMAPLOCK_EXCL)); 771 ASSERT(S_ISREG(ip->i_d.di_mode)); 772 ASSERT((iattr->ia_valid & (ATTR_UID|ATTR_GID|ATTR_ATIME|ATTR_ATIME_SET| 773 ATTR_MTIME_SET|ATTR_KILL_PRIV|ATTR_TIMES_SET)) == 0); 774 775 oldsize = inode->i_size; 776 newsize = iattr->ia_size; 777 778 /* 779 * Short circuit the truncate case for zero length files. 780 */ 781 if (newsize == 0 && oldsize == 0 && ip->i_d.di_nextents == 0) { 782 if (!(iattr->ia_valid & (ATTR_CTIME|ATTR_MTIME))) 783 return 0; 784 785 /* 786 * Use the regular setattr path to update the timestamps. 787 */ 788 iattr->ia_valid &= ~ATTR_SIZE; 789 return xfs_setattr_nonsize(ip, iattr, 0); 790 } 791 792 /* 793 * Make sure that the dquots are attached to the inode. 794 */ 795 error = xfs_qm_dqattach(ip, 0); 796 if (error) 797 return error; 798 799 /* 800 * File data changes must be complete before we start the transaction to 801 * modify the inode. This needs to be done before joining the inode to 802 * the transaction because the inode cannot be unlocked once it is a 803 * part of the transaction. 804 * 805 * Start with zeroing any data block beyond EOF that we may expose on 806 * file extension. 807 */ 808 if (newsize > oldsize) { 809 error = xfs_zero_eof(ip, newsize, oldsize, &did_zeroing); 810 if (error) 811 return error; 812 } 813 814 /* 815 * We are going to log the inode size change in this transaction so 816 * any previous writes that are beyond the on disk EOF and the new 817 * EOF that have not been written out need to be written here. If we 818 * do not write the data out, we expose ourselves to the null files 819 * problem. Note that this includes any block zeroing we did above; 820 * otherwise those blocks may not be zeroed after a crash. 821 */ 822 if (newsize > ip->i_d.di_size && 823 (oldsize != ip->i_d.di_size || did_zeroing)) { 824 error = filemap_write_and_wait_range(VFS_I(ip)->i_mapping, 825 ip->i_d.di_size, newsize); 826 if (error) 827 return error; 828 } 829 830 /* Now wait for all direct I/O to complete. */ 831 inode_dio_wait(inode); 832 833 /* 834 * We've already locked out new page faults, so now we can safely remove 835 * pages from the page cache knowing they won't get refaulted until we 836 * drop the XFS_MMAP_EXCL lock after the extent manipulations are 837 * complete. The truncate_setsize() call also cleans partial EOF page 838 * PTEs on extending truncates and hence ensures sub-page block size 839 * filesystems are correctly handled, too. 840 * 841 * We have to do all the page cache truncate work outside the 842 * transaction context as the "lock" order is page lock->log space 843 * reservation as defined by extent allocation in the writeback path. 844 * Hence a truncate can fail with ENOMEM from xfs_trans_reserve(), but 845 * having already truncated the in-memory version of the file (i.e. made 846 * user visible changes). There's not much we can do about this, except 847 * to hope that the caller sees ENOMEM and retries the truncate 848 * operation. 849 */ 850 if (IS_DAX(inode)) 851 error = dax_truncate_page(inode, newsize, xfs_get_blocks_direct); 852 else 853 error = block_truncate_page(inode->i_mapping, newsize, 854 xfs_get_blocks); 855 if (error) 856 return error; 857 truncate_setsize(inode, newsize); 858 859 tp = xfs_trans_alloc(mp, XFS_TRANS_SETATTR_SIZE); 860 error = xfs_trans_reserve(tp, &M_RES(mp)->tr_itruncate, 0, 0); 861 if (error) 862 goto out_trans_cancel; 863 864 lock_flags |= XFS_ILOCK_EXCL; 865 xfs_ilock(ip, XFS_ILOCK_EXCL); 866 xfs_trans_ijoin(tp, ip, 0); 867 868 /* 869 * Only change the c/mtime if we are changing the size or we are 870 * explicitly asked to change it. This handles the semantic difference 871 * between truncate() and ftruncate() as implemented in the VFS. 872 * 873 * The regular truncate() case without ATTR_CTIME and ATTR_MTIME is a 874 * special case where we need to update the times despite not having 875 * these flags set. For all other operations the VFS set these flags 876 * explicitly if it wants a timestamp update. 877 */ 878 if (newsize != oldsize && 879 !(iattr->ia_valid & (ATTR_CTIME | ATTR_MTIME))) { 880 iattr->ia_ctime = iattr->ia_mtime = 881 current_fs_time(inode->i_sb); 882 iattr->ia_valid |= ATTR_CTIME | ATTR_MTIME; 883 } 884 885 /* 886 * The first thing we do is set the size to new_size permanently on 887 * disk. This way we don't have to worry about anyone ever being able 888 * to look at the data being freed even in the face of a crash. 889 * What we're getting around here is the case where we free a block, it 890 * is allocated to another file, it is written to, and then we crash. 891 * If the new data gets written to the file but the log buffers 892 * containing the free and reallocation don't, then we'd end up with 893 * garbage in the blocks being freed. As long as we make the new size 894 * permanent before actually freeing any blocks it doesn't matter if 895 * they get written to. 896 */ 897 ip->i_d.di_size = newsize; 898 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 899 900 if (newsize <= oldsize) { 901 error = xfs_itruncate_extents(&tp, ip, XFS_DATA_FORK, newsize); 902 if (error) 903 goto out_trans_cancel; 904 905 /* 906 * Truncated "down", so we're removing references to old data 907 * here - if we delay flushing for a long time, we expose 908 * ourselves unduly to the notorious NULL files problem. So, 909 * we mark this inode and flush it when the file is closed, 910 * and do not wait the usual (long) time for writeout. 911 */ 912 xfs_iflags_set(ip, XFS_ITRUNCATED); 913 914 /* A truncate down always removes post-EOF blocks. */ 915 xfs_inode_clear_eofblocks_tag(ip); 916 } 917 918 if (iattr->ia_valid & ATTR_MODE) 919 xfs_setattr_mode(ip, iattr); 920 if (iattr->ia_valid & (ATTR_ATIME|ATTR_CTIME|ATTR_MTIME)) 921 xfs_setattr_time(ip, iattr); 922 923 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 924 925 XFS_STATS_INC(xs_ig_attrchg); 926 927 if (mp->m_flags & XFS_MOUNT_WSYNC) 928 xfs_trans_set_sync(tp); 929 930 error = xfs_trans_commit(tp); 931 out_unlock: 932 if (lock_flags) 933 xfs_iunlock(ip, lock_flags); 934 return error; 935 936 out_trans_cancel: 937 xfs_trans_cancel(tp); 938 goto out_unlock; 939 } 940 941 STATIC int 942 xfs_vn_setattr( 943 struct dentry *dentry, 944 struct iattr *iattr) 945 { 946 struct xfs_inode *ip = XFS_I(d_inode(dentry)); 947 int error; 948 949 if (iattr->ia_valid & ATTR_SIZE) { 950 uint iolock = XFS_IOLOCK_EXCL; 951 952 xfs_ilock(ip, iolock); 953 error = xfs_break_layouts(d_inode(dentry), &iolock, true); 954 if (!error) { 955 xfs_ilock(ip, XFS_MMAPLOCK_EXCL); 956 iolock |= XFS_MMAPLOCK_EXCL; 957 958 error = xfs_setattr_size(ip, iattr); 959 } 960 xfs_iunlock(ip, iolock); 961 } else { 962 error = xfs_setattr_nonsize(ip, iattr, 0); 963 } 964 965 return error; 966 } 967 968 STATIC int 969 xfs_vn_update_time( 970 struct inode *inode, 971 struct timespec *now, 972 int flags) 973 { 974 struct xfs_inode *ip = XFS_I(inode); 975 struct xfs_mount *mp = ip->i_mount; 976 struct xfs_trans *tp; 977 int error; 978 979 trace_xfs_update_time(ip); 980 981 tp = xfs_trans_alloc(mp, XFS_TRANS_FSYNC_TS); 982 error = xfs_trans_reserve(tp, &M_RES(mp)->tr_fsyncts, 0, 0); 983 if (error) { 984 xfs_trans_cancel(tp); 985 return error; 986 } 987 988 xfs_ilock(ip, XFS_ILOCK_EXCL); 989 if (flags & S_CTIME) { 990 inode->i_ctime = *now; 991 ip->i_d.di_ctime.t_sec = (__int32_t)now->tv_sec; 992 ip->i_d.di_ctime.t_nsec = (__int32_t)now->tv_nsec; 993 } 994 if (flags & S_MTIME) { 995 inode->i_mtime = *now; 996 ip->i_d.di_mtime.t_sec = (__int32_t)now->tv_sec; 997 ip->i_d.di_mtime.t_nsec = (__int32_t)now->tv_nsec; 998 } 999 if (flags & S_ATIME) { 1000 inode->i_atime = *now; 1001 ip->i_d.di_atime.t_sec = (__int32_t)now->tv_sec; 1002 ip->i_d.di_atime.t_nsec = (__int32_t)now->tv_nsec; 1003 } 1004 xfs_trans_ijoin(tp, ip, XFS_ILOCK_EXCL); 1005 xfs_trans_log_inode(tp, ip, XFS_ILOG_TIMESTAMP); 1006 return xfs_trans_commit(tp); 1007 } 1008 1009 #define XFS_FIEMAP_FLAGS (FIEMAP_FLAG_SYNC|FIEMAP_FLAG_XATTR) 1010 1011 /* 1012 * Call fiemap helper to fill in user data. 1013 * Returns positive errors to xfs_getbmap. 1014 */ 1015 STATIC int 1016 xfs_fiemap_format( 1017 void **arg, 1018 struct getbmapx *bmv, 1019 int *full) 1020 { 1021 int error; 1022 struct fiemap_extent_info *fieinfo = *arg; 1023 u32 fiemap_flags = 0; 1024 u64 logical, physical, length; 1025 1026 /* Do nothing for a hole */ 1027 if (bmv->bmv_block == -1LL) 1028 return 0; 1029 1030 logical = BBTOB(bmv->bmv_offset); 1031 physical = BBTOB(bmv->bmv_block); 1032 length = BBTOB(bmv->bmv_length); 1033 1034 if (bmv->bmv_oflags & BMV_OF_PREALLOC) 1035 fiemap_flags |= FIEMAP_EXTENT_UNWRITTEN; 1036 else if (bmv->bmv_oflags & BMV_OF_DELALLOC) { 1037 fiemap_flags |= (FIEMAP_EXTENT_DELALLOC | 1038 FIEMAP_EXTENT_UNKNOWN); 1039 physical = 0; /* no block yet */ 1040 } 1041 if (bmv->bmv_oflags & BMV_OF_LAST) 1042 fiemap_flags |= FIEMAP_EXTENT_LAST; 1043 1044 error = fiemap_fill_next_extent(fieinfo, logical, physical, 1045 length, fiemap_flags); 1046 if (error > 0) { 1047 error = 0; 1048 *full = 1; /* user array now full */ 1049 } 1050 1051 return error; 1052 } 1053 1054 STATIC int 1055 xfs_vn_fiemap( 1056 struct inode *inode, 1057 struct fiemap_extent_info *fieinfo, 1058 u64 start, 1059 u64 length) 1060 { 1061 xfs_inode_t *ip = XFS_I(inode); 1062 struct getbmapx bm; 1063 int error; 1064 1065 error = fiemap_check_flags(fieinfo, XFS_FIEMAP_FLAGS); 1066 if (error) 1067 return error; 1068 1069 /* Set up bmap header for xfs internal routine */ 1070 bm.bmv_offset = BTOBBT(start); 1071 /* Special case for whole file */ 1072 if (length == FIEMAP_MAX_OFFSET) 1073 bm.bmv_length = -1LL; 1074 else 1075 bm.bmv_length = BTOBB(start + length) - bm.bmv_offset; 1076 1077 /* We add one because in getbmap world count includes the header */ 1078 bm.bmv_count = !fieinfo->fi_extents_max ? MAXEXTNUM : 1079 fieinfo->fi_extents_max + 1; 1080 bm.bmv_count = min_t(__s32, bm.bmv_count, 1081 (PAGE_SIZE * 16 / sizeof(struct getbmapx))); 1082 bm.bmv_iflags = BMV_IF_PREALLOC | BMV_IF_NO_HOLES; 1083 if (fieinfo->fi_flags & FIEMAP_FLAG_XATTR) 1084 bm.bmv_iflags |= BMV_IF_ATTRFORK; 1085 if (!(fieinfo->fi_flags & FIEMAP_FLAG_SYNC)) 1086 bm.bmv_iflags |= BMV_IF_DELALLOC; 1087 1088 error = xfs_getbmap(ip, &bm, xfs_fiemap_format, fieinfo); 1089 if (error) 1090 return error; 1091 1092 return 0; 1093 } 1094 1095 STATIC int 1096 xfs_vn_tmpfile( 1097 struct inode *dir, 1098 struct dentry *dentry, 1099 umode_t mode) 1100 { 1101 return xfs_generic_create(dir, dentry, mode, 0, true); 1102 } 1103 1104 static const struct inode_operations xfs_inode_operations = { 1105 .get_acl = xfs_get_acl, 1106 .set_acl = xfs_set_acl, 1107 .getattr = xfs_vn_getattr, 1108 .setattr = xfs_vn_setattr, 1109 .setxattr = generic_setxattr, 1110 .getxattr = generic_getxattr, 1111 .removexattr = generic_removexattr, 1112 .listxattr = xfs_vn_listxattr, 1113 .fiemap = xfs_vn_fiemap, 1114 .update_time = xfs_vn_update_time, 1115 }; 1116 1117 static const struct inode_operations xfs_dir_inode_operations = { 1118 .create = xfs_vn_create, 1119 .lookup = xfs_vn_lookup, 1120 .link = xfs_vn_link, 1121 .unlink = xfs_vn_unlink, 1122 .symlink = xfs_vn_symlink, 1123 .mkdir = xfs_vn_mkdir, 1124 /* 1125 * Yes, XFS uses the same method for rmdir and unlink. 1126 * 1127 * There are some subtile differences deeper in the code, 1128 * but we use S_ISDIR to check for those. 1129 */ 1130 .rmdir = xfs_vn_unlink, 1131 .mknod = xfs_vn_mknod, 1132 .rename2 = xfs_vn_rename, 1133 .get_acl = xfs_get_acl, 1134 .set_acl = xfs_set_acl, 1135 .getattr = xfs_vn_getattr, 1136 .setattr = xfs_vn_setattr, 1137 .setxattr = generic_setxattr, 1138 .getxattr = generic_getxattr, 1139 .removexattr = generic_removexattr, 1140 .listxattr = xfs_vn_listxattr, 1141 .update_time = xfs_vn_update_time, 1142 .tmpfile = xfs_vn_tmpfile, 1143 }; 1144 1145 static const struct inode_operations xfs_dir_ci_inode_operations = { 1146 .create = xfs_vn_create, 1147 .lookup = xfs_vn_ci_lookup, 1148 .link = xfs_vn_link, 1149 .unlink = xfs_vn_unlink, 1150 .symlink = xfs_vn_symlink, 1151 .mkdir = xfs_vn_mkdir, 1152 /* 1153 * Yes, XFS uses the same method for rmdir and unlink. 1154 * 1155 * There are some subtile differences deeper in the code, 1156 * but we use S_ISDIR to check for those. 1157 */ 1158 .rmdir = xfs_vn_unlink, 1159 .mknod = xfs_vn_mknod, 1160 .rename2 = xfs_vn_rename, 1161 .get_acl = xfs_get_acl, 1162 .set_acl = xfs_set_acl, 1163 .getattr = xfs_vn_getattr, 1164 .setattr = xfs_vn_setattr, 1165 .setxattr = generic_setxattr, 1166 .getxattr = generic_getxattr, 1167 .removexattr = generic_removexattr, 1168 .listxattr = xfs_vn_listxattr, 1169 .update_time = xfs_vn_update_time, 1170 .tmpfile = xfs_vn_tmpfile, 1171 }; 1172 1173 static const struct inode_operations xfs_symlink_inode_operations = { 1174 .readlink = generic_readlink, 1175 .follow_link = xfs_vn_follow_link, 1176 .put_link = kfree_put_link, 1177 .getattr = xfs_vn_getattr, 1178 .setattr = xfs_vn_setattr, 1179 .setxattr = generic_setxattr, 1180 .getxattr = generic_getxattr, 1181 .removexattr = generic_removexattr, 1182 .listxattr = xfs_vn_listxattr, 1183 .update_time = xfs_vn_update_time, 1184 }; 1185 1186 STATIC void 1187 xfs_diflags_to_iflags( 1188 struct inode *inode, 1189 struct xfs_inode *ip) 1190 { 1191 uint16_t flags = ip->i_d.di_flags; 1192 1193 inode->i_flags &= ~(S_IMMUTABLE | S_APPEND | S_SYNC | 1194 S_NOATIME | S_DAX); 1195 1196 if (flags & XFS_DIFLAG_IMMUTABLE) 1197 inode->i_flags |= S_IMMUTABLE; 1198 if (flags & XFS_DIFLAG_APPEND) 1199 inode->i_flags |= S_APPEND; 1200 if (flags & XFS_DIFLAG_SYNC) 1201 inode->i_flags |= S_SYNC; 1202 if (flags & XFS_DIFLAG_NOATIME) 1203 inode->i_flags |= S_NOATIME; 1204 /* XXX: Also needs an on-disk per inode flag! */ 1205 if (ip->i_mount->m_flags & XFS_MOUNT_DAX) 1206 inode->i_flags |= S_DAX; 1207 } 1208 1209 /* 1210 * Initialize the Linux inode and set up the operation vectors. 1211 * 1212 * When reading existing inodes from disk this is called directly from xfs_iget, 1213 * when creating a new inode it is called from xfs_ialloc after setting up the 1214 * inode. These callers have different criteria for clearing XFS_INEW, so leave 1215 * it up to the caller to deal with unlocking the inode appropriately. 1216 */ 1217 void 1218 xfs_setup_inode( 1219 struct xfs_inode *ip) 1220 { 1221 struct inode *inode = &ip->i_vnode; 1222 gfp_t gfp_mask; 1223 1224 inode->i_ino = ip->i_ino; 1225 inode->i_state = I_NEW; 1226 1227 inode_sb_list_add(inode); 1228 /* make the inode look hashed for the writeback code */ 1229 hlist_add_fake(&inode->i_hash); 1230 1231 inode->i_mode = ip->i_d.di_mode; 1232 set_nlink(inode, ip->i_d.di_nlink); 1233 inode->i_uid = xfs_uid_to_kuid(ip->i_d.di_uid); 1234 inode->i_gid = xfs_gid_to_kgid(ip->i_d.di_gid); 1235 1236 switch (inode->i_mode & S_IFMT) { 1237 case S_IFBLK: 1238 case S_IFCHR: 1239 inode->i_rdev = 1240 MKDEV(sysv_major(ip->i_df.if_u2.if_rdev) & 0x1ff, 1241 sysv_minor(ip->i_df.if_u2.if_rdev)); 1242 break; 1243 default: 1244 inode->i_rdev = 0; 1245 break; 1246 } 1247 1248 inode->i_generation = ip->i_d.di_gen; 1249 i_size_write(inode, ip->i_d.di_size); 1250 inode->i_atime.tv_sec = ip->i_d.di_atime.t_sec; 1251 inode->i_atime.tv_nsec = ip->i_d.di_atime.t_nsec; 1252 inode->i_mtime.tv_sec = ip->i_d.di_mtime.t_sec; 1253 inode->i_mtime.tv_nsec = ip->i_d.di_mtime.t_nsec; 1254 inode->i_ctime.tv_sec = ip->i_d.di_ctime.t_sec; 1255 inode->i_ctime.tv_nsec = ip->i_d.di_ctime.t_nsec; 1256 xfs_diflags_to_iflags(inode, ip); 1257 1258 ip->d_ops = ip->i_mount->m_nondir_inode_ops; 1259 lockdep_set_class(&ip->i_lock.mr_lock, &xfs_nondir_ilock_class); 1260 switch (inode->i_mode & S_IFMT) { 1261 case S_IFREG: 1262 inode->i_op = &xfs_inode_operations; 1263 inode->i_fop = &xfs_file_operations; 1264 inode->i_mapping->a_ops = &xfs_address_space_operations; 1265 break; 1266 case S_IFDIR: 1267 lockdep_set_class(&ip->i_lock.mr_lock, &xfs_dir_ilock_class); 1268 if (xfs_sb_version_hasasciici(&XFS_M(inode->i_sb)->m_sb)) 1269 inode->i_op = &xfs_dir_ci_inode_operations; 1270 else 1271 inode->i_op = &xfs_dir_inode_operations; 1272 inode->i_fop = &xfs_dir_file_operations; 1273 ip->d_ops = ip->i_mount->m_dir_inode_ops; 1274 break; 1275 case S_IFLNK: 1276 inode->i_op = &xfs_symlink_inode_operations; 1277 if (!(ip->i_df.if_flags & XFS_IFINLINE)) 1278 inode->i_mapping->a_ops = &xfs_address_space_operations; 1279 break; 1280 default: 1281 inode->i_op = &xfs_inode_operations; 1282 init_special_inode(inode, inode->i_mode, inode->i_rdev); 1283 break; 1284 } 1285 1286 /* 1287 * Ensure all page cache allocations are done from GFP_NOFS context to 1288 * prevent direct reclaim recursion back into the filesystem and blowing 1289 * stacks or deadlocking. 1290 */ 1291 gfp_mask = mapping_gfp_mask(inode->i_mapping); 1292 mapping_set_gfp_mask(inode->i_mapping, (gfp_mask & ~(__GFP_FS))); 1293 1294 /* 1295 * If there is no attribute fork no ACL can exist on this inode, 1296 * and it can't have any file capabilities attached to it either. 1297 */ 1298 if (!XFS_IFORK_Q(ip)) { 1299 inode_has_no_xattr(inode); 1300 cache_no_acl(inode); 1301 } 1302 } 1303